diff --git a/AeroWizard/AeroWizard/AeroWizard.csproj b/AeroWizard/AeroWizard/AeroWizard.csproj index 0f6d659..f51e5c4 100644 --- a/AeroWizard/AeroWizard/AeroWizard.csproj +++ b/AeroWizard/AeroWizard/AeroWizard.csproj @@ -92,13 +92,7 @@ Resources\WizardHat.ico - - ..\..\packages\Newtonsoft.Json.12.0.3\lib\net40\Newtonsoft.Json.dll - - - ..\..\packages\Stub.System.Data.SQLite.Core.NetFramework.1.0.113.3\lib\net40\System.Data.SQLite.dll - @@ -192,7 +186,6 @@ - @@ -246,11 +239,4 @@ - - - - Dieses Projekt verweist auf mindestens ein NuGet-Paket, das auf diesem Computer fehlt. Verwenden Sie die Wiederherstellung von NuGet-Paketen, um die fehlenden Dateien herunterzuladen. Weitere Informationen finden Sie unter "http://go.microsoft.com/fwlink/?LinkID=322105". Die fehlende Datei ist "{0}". - - - \ No newline at end of file diff --git a/AeroWizard/AeroWizard/packages.config b/AeroWizard/AeroWizard/packages.config deleted file mode 100644 index 05a4de8..0000000 --- a/AeroWizard/AeroWizard/packages.config +++ /dev/null @@ -1,6 +0,0 @@ - - - - - - \ No newline at end of file diff --git a/AirScout.AircraftPositions/AirScout.AircraftPositions.csproj b/AirScout.AircraftPositions/AirScout.AircraftPositions.csproj index 59486ef..40beb79 100644 --- a/AirScout.AircraftPositions/AirScout.AircraftPositions.csproj +++ b/AirScout.AircraftPositions/AirScout.AircraftPositions.csproj @@ -32,13 +32,13 @@ 4 - - ..\packages\Newtonsoft.Json.12.0.3\lib\net40\Newtonsoft.Json.dll + + ..\packages\Newtonsoft.Json.13.0.1\lib\net40\Newtonsoft.Json.dll - - ..\packages\Stub.System.Data.SQLite.Core.NetFramework.1.0.113.3\lib\net40\System.Data.SQLite.dll + + ..\packages\System.Data.SQLite.Core.1.0.112.0\lib\net40\System.Data.SQLite.dll @@ -93,12 +93,12 @@ - + Dieses Projekt verweist auf mindestens ein NuGet-Paket, das auf diesem Computer fehlt. Verwenden Sie die Wiederherstellung von NuGet-Paketen, um die fehlenden Dateien herunterzuladen. Weitere Informationen finden Sie unter "http://go.microsoft.com/fwlink/?LinkID=322105". Die fehlende Datei ist "{0}". - + update value - o = value; - } - else - { - // item not found --> add new - this.Add(var, value); - } - } - - public object GetValue(string var) - { - // finds a var in dictionary and returns its value - object o; - if (this.TryGetValue(var, out o)) - { - // item found --> return value - return o; - } - // item not found --> return null - return null; - } - - public string ReplaceAllVars(string s) - { - // check for var separotors first - if (s.Contains(VarSeparator)) - { - // OK, string is containing vars --> crack the string first and replace vars - try - { - string[] a = s.Split(VarSeparator); - // as we are always using a pair of separators the length of a[] must be odd - if (a.Length % 2 == 0) - throw new ArgumentException("Number of separators is not an even number."); - // create new string and replace all vars (on odd indices) - s = ""; - for (int i = 0; i < a.Length; i++) - { - if (i % 2 == 0) - { - // cannot be not a var on that position - s = s + a[i]; - } - else - { - // var identifier: upper the string and try to convert - a[i] = a[i].ToUpper(); - object o; - if (this.TryGetValue(a[i], out o)) - { - // convert floating points with invariant culture info - if (o.GetType() == typeof(double)) - s = s + ((double)o).ToString(CultureInfo.InvariantCulture); - else if (o.GetType() == typeof(float)) - s = s + ((float)o).ToString(CultureInfo.InvariantCulture); - else - s = s + o.ToString(); - } - else - { - throw new ArgumentException("Var identifier not found: " + a[i]); - } - } - } - } - catch (Exception ex) - { - // throw an excecption - throw new ArgumentException("Error while parsing string for variables [" + ex.Message + "]: " + s); - } - } - return s; - } - - } - -} diff --git a/AirScout.PlaneFeeds.Plugin.RB24/app.config b/AirScout.PlaneFeeds.Plugin.RB24/app.config deleted file mode 100644 index e221689..0000000 --- a/AirScout.PlaneFeeds.Plugin.RB24/app.config +++ /dev/null @@ -1,105 +0,0 @@ - - - - -
-
- - - - - - Generic template for ceration of new plane feed projects - - - - [WebFeed] Template - - - This plane feed is being fetched from an Internet server via Deep Link -technology (see http://en.wikipedia.org/wiki/Deep_link). - -The use is not intended by the website owners and could be changed in URL and data format frequently and without further notice. -Furthermore, it might cause legal issues in some countries. - -By clicking on "Accept" you understand that you are - - DOING THAT ON YOUR OWN RISK - -The auhor of this software will not be responsible in any case. - - - - - - - - - False - - - - - - True - - - False - - - False - - - - - Web feed from www.planefinder.net -See https://planefinder.net/ - -(c) AirScout (www.airscout.eu) - -This feed does not require a login or API key. - - - - [WebFeed] www.planefinder.net - - - This plane feed is being fetched from an Internet server via Deep Link -technology (see http://en.wikipedia.org/wiki/Deep_link). - -The use is not intended by the website owners and could be changed in URL and data format frequently and without further notice. -Furthermore, it might cause legal issues in some countries. - -By clicking on "Accept" you understand that you are - - DOING THAT ON YOUR OWN RISK - -The auhor of this software will not be responsible in any case. - - - - - - http://droidapp.pinkfroot.com/APPAPIDROID/v7/planeUpdateFAA.php?routetype=IATA&amp;FAA=1&amp;bounds=%MAXLAT%,%MINLAT%,%MINLON%,%MAXLON% - - - False - - - - - - True - - - False - - - False - - - 30 - - - - \ No newline at end of file diff --git a/AirScout.PlaneFeeds.Plugin.RB24/packages.config b/AirScout.PlaneFeeds.Plugin.RB24/packages.config deleted file mode 100644 index caa3fff..0000000 --- a/AirScout.PlaneFeeds.Plugin.RB24/packages.config +++ /dev/null @@ -1,6 +0,0 @@ - - - - - - \ No newline at end of file diff --git a/AirScout.PlaneFeeds.Plugin.RTL1090/AirScout.PlaneFeeds.Plugin.RTL1090.csproj b/AirScout.PlaneFeeds.Plugin.RTL1090/AirScout.PlaneFeeds.Plugin.RTL1090.csproj index 49fa2b8..eea70ed 100644 --- a/AirScout.PlaneFeeds.Plugin.RTL1090/AirScout.PlaneFeeds.Plugin.RTL1090.csproj +++ b/AirScout.PlaneFeeds.Plugin.RTL1090/AirScout.PlaneFeeds.Plugin.RTL1090.csproj @@ -34,8 +34,11 @@ 4 - - ..\packages\Newtonsoft.Json.12.0.3\lib\net40\Newtonsoft.Json.dll + + ..\packages\BouncyCastle.1.8.9\lib\BouncyCastle.Crypto.dll + + + ..\packages\Newtonsoft.Json.13.0.1\lib\net40\Newtonsoft.Json.dll diff --git a/AirScout.PlaneFeeds.Plugin.RTL1090/Properties/AssemblyInfo.cs b/AirScout.PlaneFeeds.Plugin.RTL1090/Properties/AssemblyInfo.cs index 5583e10..caddfb0 100644 --- a/AirScout.PlaneFeeds.Plugin.RTL1090/Properties/AssemblyInfo.cs +++ b/AirScout.PlaneFeeds.Plugin.RTL1090/Properties/AssemblyInfo.cs @@ -32,5 +32,5 @@ using System.Runtime.InteropServices; // Sie können alle Werte angeben oder Standardwerte für die Build- und Revisionsnummern verwenden, // indem Sie "*" wie unten gezeigt eingeben: // [assembly: AssemblyVersion("1.0.*")] -[assembly: AssemblyVersion("1.3.0.2")] -[assembly: AssemblyFileVersion("1.3.0.2")] +[assembly: AssemblyVersion("1.4.1.0")] +[assembly: AssemblyFileVersion("1.4.1.0")] diff --git a/AirScout.PlaneFeeds.Plugin.RTL1090/RTL1090.cs b/AirScout.PlaneFeeds.Plugin.RTL1090/RTL1090.cs index 9225c17..cb8527b 100644 --- a/AirScout.PlaneFeeds.Plugin.RTL1090/RTL1090.cs +++ b/AirScout.PlaneFeeds.Plugin.RTL1090/RTL1090.cs @@ -29,7 +29,7 @@ namespace AirScout.PlaneFeeds.Plugin.RTL1090 public virtual string Server { get; set; } [Browsable(true)] - [DescriptionAttribute("Server port for raw ADS-B data.\nRTLSharp.exe: Port 47806\nRTL1090: Port 31001")] + [DescriptionAttribute("Server port for raw ADS-B data.\nRTL1090: Port 31001, Dump1090: 30005, ADSBSharp: 47806")] [DefaultValue(31001)] public virtual int Port { get; set; } @@ -43,9 +43,9 @@ namespace AirScout.PlaneFeeds.Plugin.RTL1090 [DefaultValue(true)] public virtual bool ReportMessages { get; set; } - [Browsable(true)] + [Browsable(false)] [DescriptionAttribute("Marks locally received aircrafts by adding '@' to the call sign")] - [DefaultValue(true)] + [DefaultValue(false)] public virtual bool MarkLocal { get; set; } [Browsable(false)] @@ -58,6 +58,16 @@ namespace AirScout.PlaneFeeds.Plugin.RTL1090 [DefaultValue(false)] public virtual bool SaveToFile { get; set; } + [Browsable(true)] + [DescriptionAttribute("Log all received messages to file")] + [DefaultValue(false)] + public virtual bool LogMessagesToFile { get; set; } + + [Browsable(false)] + [DefaultValue("RTL1090Messages.log")] + [XmlIgnore] + public string LogFileName { get; set; } + public RTL1090Settings() { Default(); @@ -214,7 +224,11 @@ namespace AirScout.PlaneFeeds.Plugin.RTL1090 return "Raw data feed from simple ADS-B receivers (DVB-T dongles).\n\n" + "(c) AirScout(www.airscout.eu)\n\n" + "Use this feed together with RTL1090.exe or similar software.\n" + - "Feed software must output raw data either binary or ASCII format via TCP."; + "Feed software must output raw data either binary or ASCII format via TCP.\n" + + "Use the follwing settings as default:\n\n" + + "RTL1090: port=31001/binary=true\n" + + "Dump1090: port=30005/binary=true\n" + + "ADSBSharp: port=47806/binary=false" ; } } @@ -305,7 +319,18 @@ namespace AirScout.PlaneFeeds.Plugin.RTL1090 // start receiver thread if (!bw_Receciver.IsBusy) { - bw_Receciver.RunWorkerAsync(); + if (Settings.LogMessagesToFile) + { + try + { + File.WriteAllText(Path.Combine(args.TmpDirectory, Settings.LogFileName), "RTL1090 logging started: " + DateTime.UtcNow.ToString("yyyy-MM-dd HH:mm:ss")); + } + catch (Exception ex) + { + + } + } + bw_Receciver.RunWorkerAsync(args); } } @@ -374,6 +399,8 @@ namespace AirScout.PlaneFeeds.Plugin.RTL1090 private void bw_Receiver_DoWork(object sender, DoWorkEventArgs e) { + PlaneFeedPluginArgs args = (PlaneFeedPluginArgs)e.Argument; + Thread.CurrentThread.Priority = ThreadPriority.Highest; StreamReader sr = null; TcpClient client = null; @@ -385,6 +412,8 @@ namespace AirScout.PlaneFeeds.Plugin.RTL1090 { // setup TCP listener client = new TcpClient(); + // set receive timeout to 1s + client.ReceiveTimeout = 1000; string server = Settings.Server; client.Connect(server, Settings.Port); sr = new StreamReader(client.GetStream()); @@ -401,16 +430,32 @@ namespace AirScout.PlaneFeeds.Plugin.RTL1090 { // try to decode the message string info = ""; + string line = ""; try { - Console.Write("[" + this.GetType().Name + "]: " + msg.RawMessage + "-- > "); + info = "[" + this.GetType().Name + "]: " + msg.RawMessage + "-- > "; + Console.Write(info); + line = info; info = Decoder.DecodeMessage(msg.RawMessage, msg.TimeStamp); + line = line + info + "\n"; } catch (Exception ex) { Console.WriteLine(ex.Message); } Console.WriteLine(info); + + if (Settings.LogMessagesToFile) + { + try + { + File.AppendAllText(Path.Combine(args.TmpDirectory, Settings.LogFileName), line); + } + catch (Exception ex) + { + + } + } } } while ((msg != null) && !bw_Receciver.CancellationPending); diff --git a/AirScout.PlaneFeeds.Plugin.RTL1090/RTL1090.cs.bak b/AirScout.PlaneFeeds.Plugin.RTL1090/RTL1090.cs.bak new file mode 100644 index 0000000..c490948 --- /dev/null +++ b/AirScout.PlaneFeeds.Plugin.RTL1090/RTL1090.cs.bak @@ -0,0 +1,639 @@ +using System; +using System.Collections.Generic; +using System.Linq; +using System.Text; +using System.Reflection; +using System.ComponentModel.Composition; +using System.ComponentModel; +using System.Globalization; +using AirScout.PlaneFeeds.Plugin.MEFContract; +using System.Diagnostics; +using System.Net; +using System.IO; +using System.Threading; +using System.Net.Sockets; +using System.Collections; +using System.Web.Script.Serialization; +using LibADSB; +using System.Xml.Serialization; +using System.Xml.Linq; + +namespace AirScout.PlaneFeeds.Plugin.RTL1090 +{ + + public class RTL1090Settings + { + [Browsable(true)] + [DescriptionAttribute("Server address for raw ADS-B data.\nUse localhost for running on the same machine.")] + [DefaultValue("localhost")] + public virtual string Server { get; set; } + + [Browsable(true)] + [DescriptionAttribute("Server port for raw ADS-B data.\nRTL1090: Port 31001, Dump1090: 30005, ADSBSharp: 47806")] + [DefaultValue(31001)] + public virtual int Port { get; set; } + + [Browsable(true)] + [DescriptionAttribute("Use binary data format for ADS-B data.\nTrue: Use binary format (ADS Beast with MLAT)\nFalse: Use ASCII format (AVR with/without MLAT)")] + [DefaultValue(true)] + public virtual bool Binary { get; set; } + + [Browsable(true)] + [DescriptionAttribute("Report ADS-B messages to console output.")] + [DefaultValue(true)] + public virtual bool ReportMessages { get; set; } + + [Browsable(false)] + [DescriptionAttribute("Marks locally received aircrafts by adding '@' to the call sign")] + [DefaultValue(false)] + public virtual bool MarkLocal { get; set; } + + [Browsable(false)] + [DefaultValue("")] + [XmlIgnore] + public string DisclaimerAccepted { get; set; } + + [Browsable(true)] + [DescriptionAttribute("Save received aircraft positions to file")] + [DefaultValue(false)] + public virtual bool SaveToFile { get; set; } + + public RTL1090Settings() + { + Default(); + Load(true); + } + + /// + /// Sets all properties to their default value according to the [DefaultValue=] attribute + /// + public void Default() + { + // set all properties to their default values according to definition in [DeafultValue=] + foreach (var p in this.GetType().GetProperties()) + { + try + { + // initialize all properties with default value if set + if (Attribute.IsDefined(p, typeof(DefaultValueAttribute))) + { + p.SetValue(this, ((DefaultValueAttribute)Attribute.GetCustomAttribute( + p, typeof(DefaultValueAttribute)))?.Value, null); + } + } + catch (Exception ex) + { + Console.WriteLine("[" + this.GetType().Name + "]: Cannot set default value of: " + p.Name + ", " + ex.Message); + } + } + } + + /// + /// Loads settings from a XML-formatted configuration file into settings. + /// + /// If true, ignore the [XmlIgnore] attribute, e.g. load all settings available in the file.
If false, load only settings without [XmlIgore] attrbute.
+ /// The filename of the settings file. + public void Load(bool loadall, string filename = "") + { + // use standard filename if empty + // be careful because Linux file system is case sensitive + if (String.IsNullOrEmpty(filename)) + filename = new Uri(Assembly.GetExecutingAssembly().GetName().CodeBase.Replace(".dll", ".cfg").Replace(".DLL", ".CFG")).LocalPath; + // do nothing if file not exists + if (!File.Exists(filename)) + return; + try + { + string xml = ""; + using (StreamReader sr = new StreamReader(File.OpenRead(filename))) + { + xml = sr.ReadToEnd(); + } + XDocument xdoc = XDocument.Parse(xml); + PropertyInfo[] properties = this.GetType().GetProperties(); + foreach (PropertyInfo p in properties) + { + if (!loadall) + { + // check on XmlIgnore attribute, skip if set + object[] attr = p.GetCustomAttributes(typeof(XmlIgnoreAttribute), false); + if (attr.Length > 0) + continue; + } + try + { + // get matching element + XElement typenode = xdoc.Element(this.GetType().Name); + if (typenode != null) + { + XElement element = typenode.Element(p.Name); + if (element != null) + p.SetValue(this, Convert.ChangeType(element.Value, p.PropertyType), null); + } + } + catch (Exception ex) + { + Console.WriteLine("[" + this.GetType().Name + "]: Error while loading property[" + p.Name + " from " + filename + ", " + ex.Message); + } + } + + } + catch (Exception ex) + { + Console.WriteLine("[" + this.GetType().Name + "]: Cannot load settings from " + filename + ", " + ex.Message); + } + } + + /// + /// Saves settings from settings into a XML-formatted configuration file + /// + /// If true, ignore the [XmlIgnore] attribute, e.g. save all settings.
If false, save only settings without [XmlIgore] attrbute. + /// The filename of the settings file. + public void Save(bool saveall, string filename = "") + { + // use standard filename if empty + // be careful because Linux file system is case sensitive + if (String.IsNullOrEmpty(filename)) + filename = new Uri(Assembly.GetExecutingAssembly().GetName().CodeBase.Replace(".dll", ".cfg").Replace(".DLL", ".CFG")).LocalPath; + XmlAttributeOverrides overrides = new XmlAttributeOverrides(); + if (saveall) + { + // ovverride the XmlIgnore attributes to get all serialized + PropertyInfo[] properties = this.GetType().GetProperties(); + foreach (PropertyInfo p in properties) + { + XmlAttributes attribs = new XmlAttributes { XmlIgnore = false }; + overrides.Add(this.GetType(), p.Name, attribs); + } + } + try + { + using (StreamWriter sw = new StreamWriter(File.Create(filename))) + { + XmlSerializer s = new XmlSerializer(this.GetType(), overrides); + s.Serialize(sw, this); + } + } + catch (Exception ex) + { + throw new InvalidOperationException("[" + this.GetType().Name + "]: Cannot save settings to " + filename + ", " + ex.Message); + } + } + + } + + public class RTLMessage + { + public string RawMessage = ""; + public DateTime TimeStamp = DateTime.UtcNow; + public int SignalStrength = 0; + } + + [Export(typeof(IPlaneFeedPlugin))] + [ExportMetadata("Name", "PlaneFeedPlugin")] + public class RTL1090Plugin : IPlaneFeedPlugin + { + private RTL1090Settings Settings = new RTL1090Settings(); + + ADSBDecoder Decoder = new ADSBDecoder(); + + private BackgroundWorker bw_Receciver; + + public string Name + { + get + { + return "[RawData] RTL1090 data "; + } + } + + public string Info + { + get + { + return "Raw data feed from simple ADS-B receivers (DVB-T dongles).\n\n" + + "(c) AirScout(www.airscout.eu)\n\n" + + "Use this feed together with RTL1090.exe or similar software.\n" + + "Feed software must output raw data either binary or ASCII format via TCP.\n" + + "Use the follwing settings as default:\n\n" + + "RTL1090: port=31001/binary=true\n" + + "Dump1090: port=30005/binary=true\n" + + "ADSBSharp: port=47806/binary=false" ; + } + } + + public string Version + { + get + { + return Assembly.GetExecutingAssembly().GetName().Version.ToString(); + } + } + + public bool HasSettings + { + get + { + return true; + } + } + + public bool CanImport + { + get + { + return false; + } + } + + public bool CanExport + { + get + { + return false; + } + } + + public string Disclaimer + { + get + { + return ""; + } + } + + public string DisclaimerAccepted + { + get + { + return Settings.DisclaimerAccepted; + } + set + { + Settings.DisclaimerAccepted = value; + } + } + + public void ResetSettings() + { + Settings.Default(); + } + + public void LoadSettings() + { + Settings.Load(true); + } + + public void SaveSettings() + { + Settings.Save(true); + } + + public object GetSettings() + { + return this.Settings; + } + + public void ImportSettings() + { + // nothing to do + } + + public void ExportSettings() + { + // nothing to do + } + + public void Start(PlaneFeedPluginArgs args) + { + // start receiver thread + if (!bw_Receciver.IsBusy) + { + bw_Receciver.RunWorkerAsync(); + } + } + + public PlaneFeedPluginPlaneInfoList GetPlanes(PlaneFeedPluginArgs args) + { + PlaneFeedPluginPlaneInfoList planes = new PlaneFeedPluginPlaneInfoList(); + // time to report planes + ArrayList list = Decoder.GetPlanes(); + if (list.Count > 0) + { + // convert to plane info list + foreach (ADSBInfo info in list) + { + PlaneFeedPluginPlaneInfo plane = new PlaneFeedPluginPlaneInfo(); + plane.Time = info.Timestamp; + plane.Hex = info.ICAO24; + // mark call with "@" if option is enabled + plane.Call = (Settings.MarkLocal) ? "@" + info.Call : info.Call; + plane.Lat = info.Lat; + plane.Lon = info.Lon; + plane.Alt = info.Alt; + plane.Speed = info.Speed; + plane.Track = info.Heading; + plane.Reg = "[unknown]"; + plane.Type = "[unknown]"; + plane.Manufacturer = "[unknown]"; + plane.Model = "[unknown]"; + plane.Category = 0; + planes.Add(plane); + } + // save raw data to file if enabled + if (Settings.SaveToFile) + { + JavaScriptSerializer js = new JavaScriptSerializer(); + string json = js.Serialize(planes); + using (StreamWriter sw = new StreamWriter(args.TmpDirectory + Path.DirectorySeparatorChar + this.GetType().Name + "_" + DateTime.UtcNow.ToString("yyyy-MM-dd HH_mm_ss") + ".json")) + { + sw.WriteLine(json); + } + } + + } + Console.WriteLine("[" + this.GetType().Name + "]: Returning " + planes.Count + " planes"); + return planes; + } + + public void Stop(PlaneFeedPluginArgs args) + { + while (bw_Receciver.IsBusy) + { + bw_Receciver.CancelAsync(); + } + Settings.Save(true); + } + + // end of Interface + + public RTL1090Plugin() + { + bw_Receciver = new BackgroundWorker(); + bw_Receciver.DoWork += new System.ComponentModel.DoWorkEventHandler(this.bw_Receiver_DoWork); + bw_Receciver.ProgressChanged += new System.ComponentModel.ProgressChangedEventHandler(this.bw_Receiver_ProgressChanged); + bw_Receciver.WorkerReportsProgress = true; + bw_Receciver.WorkerSupportsCancellation = true; + } + + private void bw_Receiver_DoWork(object sender, DoWorkEventArgs e) + { + Thread.CurrentThread.Priority = ThreadPriority.Highest; + StreamReader sr = null; + TcpClient client = null; + RTLMessage msg = null; + // outer loop + do + { + try + { + // setup TCP listener + client = new TcpClient(); + // set receive timeout to 1s + client.ReceiveTimeout = 1000; + string server = Settings.Server; + client.Connect(server, Settings.Port); + sr = new StreamReader(client.GetStream()); + // inner loop + // receive messages in a loop + do + { + if (Settings.Binary) + msg = ReceiveBinaryMsg(sr.BaseStream); + else + msg = ReceiveAVRMsg(sr); + // decode the message + if (msg.RawMessage.StartsWith("*") && msg.RawMessage.EndsWith(";")) + { + // try to decode the message + string info = ""; + try + { + Console.Write("[" + this.GetType().Name + "]: " + msg.RawMessage + "-- > "); + info = Decoder.DecodeMessage(msg.RawMessage, msg.TimeStamp); + } + catch (Exception ex) + { + Console.WriteLine(ex.Message); + } + Console.WriteLine(info); + } + } + while ((msg != null) && !bw_Receciver.CancellationPending); + } + catch (Exception ex) + { + // report error + Console.WriteLine("Error reading from TCP connection: " + ex.Message); + // wait 10 sec + int i = 0; + while ((i < 10) && !bw_Receciver.CancellationPending) + { + Thread.Sleep(1000); + i++; + } + } + finally + { + // try to close the stream and TCP client + try + { + if (sr != null) + sr.Close(); + } + catch + { + } + try + { + if (client != null) + client.Close(); + } + catch + { + } + } + } + while (!bw_Receciver.CancellationPending); + } + + private void bw_Receiver_ProgressChanged(object sender, ProgressChangedEventArgs e) + { + } + + private RTLMessage ReceiveBinaryMsg(Stream stream) + { + // read Mode-S beast binary input + string RTL = null; + int signal_strength = 0; + long nanosec = 0; + long daysec = 0; + DateTime timestamp = DateTime.UtcNow; + byte[] buffer = new byte[23]; + // wait for escape character + DateTime start = DateTime.UtcNow; + DateTime stop = DateTime.Now; + do + { + stream.Read(buffer, 0, 1); + // System.Console.WriteLine(BitConverter.ToString(buffer,0,1)); + if (buffer[0] == 0x1A) + { + // read next character + stream.Read(buffer, 1, 1); + switch (buffer[1]) + { + case 0x31: + // do not decode + RTL = null; + break; + case 0x32: + // 7 byte short frame + // read timestamp + stream.Read(buffer, 2, 6); + nanosec = ((buffer[4] & 0x3f) << 24) | + (buffer[5] << 16) | + (buffer[6] << 8) | + (buffer[7]); + daysec = (buffer[2] << 10) | + (buffer[3] << 2) | + (buffer[4] >> 6); + timestamp = DateTime.Today.AddSeconds(daysec); + timestamp = timestamp.AddMilliseconds(nanosec / 1000); + // plausibility check + if (Math.Abs((DateTime.Now - timestamp).Seconds) > 10) + { + // time difference > 10sec --> discard timestamp + timestamp = DateTime.UtcNow; + } + // read signal strength + stream.Read(buffer, 8, 1); + // plausibility check + if (Math.Abs((DateTime.Now - timestamp).Seconds) > 10) + { + // time difference > 10sec --> discard timestamp + timestamp = DateTime.UtcNow; + } + signal_strength = buffer[8]; + // read frame + stream.Read(buffer, 9, 7); + // convert to AVR string + RTL = BitConverter.ToString((byte[])buffer, 9, 7).Replace("-", String.Empty); + RTL = "*" + RTL + ";"; + break; + case 0x33: + // 14 byte long frame + // read timestamp + stream.Read(buffer, 2, 6); + nanosec = ((buffer[4] & 0x3f) << 24) | + (buffer[5] << 16) | + (buffer[6] << 8) | + (buffer[7]); + + daysec = (buffer[2] << 10) | + (buffer[3] << 2) | + (buffer[4] >> 6); + timestamp = DateTime.Today.AddSeconds(daysec); + timestamp = timestamp.AddMilliseconds(nanosec / 1000); + // plausibility check + if (Math.Abs((DateTime.Now - timestamp).Seconds) > 10) + { + // time difference > 10sec --> discard timestamp + timestamp = DateTime.UtcNow; + } + // read signal strength + stream.Read(buffer, 8, 1); + signal_strength = buffer[8]; + // read frame + stream.Read(buffer, 9, 14); + // convert to AVR string + RTL = BitConverter.ToString((byte[])buffer, 9, 14).Replace("-", String.Empty); + RTL = "*" + RTL + ";"; + break; + default: + // false decode + RTL = null; + break; + } + } + // check for timeout 10sec + stop = DateTime.UtcNow; + if (stop - start > new TimeSpan(0, 0, 10)) + throw new TimeoutException(); + } + // while ((RTL == null) && !this.CancellationPending); + while (RTL == null); + if (RTL == null) + return null; + RTLMessage msg = new RTLMessage(); + msg.RawMessage = RTL; + msg.TimeStamp = timestamp; + msg.SignalStrength = signal_strength; + return msg; + } + + private RTLMessage ReceiveAVRMsg(StreamReader sr) + { + RTLMessage msg = new RTLMessage(); + // read AVR format input + msg.RawMessage = sr.ReadLine(); + if (msg.RawMessage.StartsWith("*")) + { + // standard AVR message + // no timestamp in telegram --> set timestamp after reading + msg.TimeStamp = DateTime.UtcNow; + msg.SignalStrength = 0; + } + else if (msg.RawMessage.StartsWith("@")) + { + // extended AVR message wit MLAT + // convert into standard message format + // extract time string + string time = msg.RawMessage.Substring(1, 12); + // TODO: interprete the MLAT timestamp! + msg.TimeStamp = DateTime.UtcNow; + msg.RawMessage = "*" + msg.RawMessage.Remove(0, 13); + } + return msg; + } + } + + + /// + /// //////////////////////////////////////////// Helpers //////////////////////////////////////////// + /// + + public static class UnitConverter + { + public static double ft_m(double feet) + { + return feet / 3.28084; + } + + public static double m_ft(double m) + { + return m * 3.28084; + } + + public static double kts_kmh(double kts) + { + return kts * 1.852; + } + + public static double kmh_kts(double kmh) + { + return kmh / 1.852; + } + + public static double km_mi(double km) + { + return km * 1.609; + } + + public static double mi_km(double mi) + { + return mi / 1.609; + } + } + +} diff --git a/AirScout.PlaneFeeds.Plugin.RTL1090/packages.config b/AirScout.PlaneFeeds.Plugin.RTL1090/packages.config index caa3fff..5b6a88c 100644 --- a/AirScout.PlaneFeeds.Plugin.RTL1090/packages.config +++ b/AirScout.PlaneFeeds.Plugin.RTL1090/packages.config @@ -1,6 +1,7 @@  + - + \ No newline at end of file diff --git a/AirScout.PlaneFeeds.Plugin.Template/AirScout.PlaneFeeds.Plugin.Template.csproj b/AirScout.PlaneFeeds.Plugin.Template/AirScout.PlaneFeeds.Plugin.Template.csproj index d76f7c4..b5e0a23 100644 --- a/AirScout.PlaneFeeds.Plugin.Template/AirScout.PlaneFeeds.Plugin.Template.csproj +++ b/AirScout.PlaneFeeds.Plugin.Template/AirScout.PlaneFeeds.Plugin.Template.csproj @@ -34,8 +34,11 @@ 4 - - ..\packages\Newtonsoft.Json.12.0.3\lib\net40\Newtonsoft.Json.dll + + ..\packages\BouncyCastle.1.8.9\lib\BouncyCastle.Crypto.dll + + + ..\packages\Newtonsoft.Json.13.0.1\lib\net40\Newtonsoft.Json.dll @@ -55,6 +58,7 @@ True Settings.settings + diff --git a/AirScout.PlaneFeeds.Plugin.Template/Properties/AssemblyInfo.cs b/AirScout.PlaneFeeds.Plugin.Template/Properties/AssemblyInfo.cs index 6a4db56..9df65a8 100644 --- a/AirScout.PlaneFeeds.Plugin.Template/Properties/AssemblyInfo.cs +++ b/AirScout.PlaneFeeds.Plugin.Template/Properties/AssemblyInfo.cs @@ -32,5 +32,5 @@ using System.Runtime.InteropServices; // Sie können alle Werte angeben oder Standardwerte für die Build- und Revisionsnummern verwenden, // indem Sie "*" wie unten gezeigt eingeben: // [assembly: AssemblyVersion("1.0.*")] -[assembly: AssemblyVersion("1.3.0.0")] -[assembly: AssemblyFileVersion("1.3.0.0")] +[assembly: AssemblyVersion("1.4.0.0")] +[assembly: AssemblyFileVersion("1.4.0.0")] diff --git a/AirScout.PlaneFeeds.Plugin.Template/TLS.cs b/AirScout.PlaneFeeds.Plugin.Template/TLS.cs new file mode 100644 index 0000000..a8c9069 --- /dev/null +++ b/AirScout.PlaneFeeds.Plugin.Template/TLS.cs @@ -0,0 +1,246 @@ +using Org.BouncyCastle.Crypto.Tls; +using Org.BouncyCastle.Security; +using System.Collections; +using System.Collections.Generic; +using System.Diagnostics; +using System.IO; +using System.Net.Sockets; +using System.Text; +using System.Text.RegularExpressions; + +namespace System.Net +{ + // result of ReadChunkedContent + public enum ReadResult + { + Error = -1, + MoreData = 0, + Finished = 0 + } + + public class TlsClient : DefaultTlsClient + { + string HostName; + + public TlsClient(string hostname) + { + HostName = hostname; + } + + public override TlsAuthentication GetAuthentication() + { + TlsAuthentication auth = new MyTlsAuthentication(); + return auth; + } + + public override void NotifyNewSessionTicket(NewSessionTicket newSessionTicket) + { + base.NotifyNewSessionTicket(newSessionTicket); + } + + public override IDictionary GetClientExtensions() + { + var clientExtensions = base.GetClientExtensions(); + List servers = new List(); + servers.Add(new ServerName(NameType.host_name, HostName)); + TlsExtensionsUtilities.AddServerNameExtension(clientExtensions, new ServerNameList(servers)); + return clientExtensions; + } + + private static ReadResult ReadContent(Stream stream, int contentlength, int timeout, ref string response) + { + // set stop watch as timout + Stopwatch st = new Stopwatch(); + st.Start(); + string resp = ""; + int count = 0; + try + { + // assign buffer + byte[] buff = new byte[1]; + int bytesread = 0; + // read content bytewise + while (bytesread < contentlength) + { + bytesread += stream.Read(buff, 0, buff.Length); + // add it to response + resp += Encoding.ASCII.GetString(buff, 0, buff.Length); + if (st.ElapsedMilliseconds > timeout) + throw new TimeoutException("Connection timed out."); + } + string trailer = ""; + // reassign buffer + buff = new byte[1]; + // read stream bytewise until CRLFCRLF is detected, should be the next two bytes + do + { + count = stream.Read(buff, 0, buff.Length); + trailer += Encoding.ASCII.GetString(buff, 0, buff.Length); + if (st.ElapsedMilliseconds > timeout) + throw new TimeoutException("Connection timed out."); + } + while (!trailer.Contains("\r\n")); + // Console.WriteLine("Reading content [" + contentlength.ToString() + " bytes]: " + resp); + response += resp; + } + catch (Exception ex) + { + Console.WriteLine("Error while reading chunked content: " + ex.Message); + return ReadResult.Error; + + } + return ReadResult.MoreData; + } + + private static ReadResult ReadChunkedContent(Stream stream, int timeout, ref string response) + { + // set stop watch as timout + Stopwatch st = new Stopwatch(); + st.Start(); + string resp = ""; + byte[] buff = new byte[1]; + int count = 0; + string strcontentlength = ""; + int contentlength = 0; + // chunked transfer, first line should contain content length + // read stream bytewise until CRLF is detected + try + { + do + { + count = stream.Read(buff, 0, buff.Length); + strcontentlength += Encoding.ASCII.GetString(buff, 0, buff.Length); + if (st.ElapsedMilliseconds > timeout) + throw new TimeoutException("Connection timed out."); + } + while (!strcontentlength.Contains("\r\n")); + strcontentlength = strcontentlength.Replace("\r\n", ""); + contentlength = int.Parse(strcontentlength, System.Globalization.NumberStyles.HexNumber); + // finished reading all chunks + if (contentlength == 0) + { + Console.WriteLine("Reading chunked content finished"); + return ReadResult.Finished; + } + int bytesread = 0; + // read content bytewise + while (bytesread < contentlength) + { + bytesread += stream.Read(buff, 0, buff.Length); + // add it to response + resp += Encoding.ASCII.GetString(buff, 0, buff.Length); + if (st.ElapsedMilliseconds > timeout) + throw new TimeoutException("Connection timed out."); + } + string trailer = ""; + // reassign buffer + buff = new byte[1]; + // read stream bytewise until CRLFCRLF is detected, should be the next two bytes + do + { + count = stream.Read(buff, 0, buff.Length); + trailer += Encoding.ASCII.GetString(buff, 0, buff.Length); + if (st.ElapsedMilliseconds > timeout) + throw new TimeoutException("Connection timed out."); + } + while (!trailer.Contains("\r\n")); + } + catch (Exception ex) + { + Console.WriteLine("Error while reading chunked content: " + ex.Message); + return ReadResult.Error; + } + // Console.WriteLine("Reading chunked content [" + contentlength.ToString() + " bytes]: " + resp); + response += resp; + return ReadResult.MoreData; + } + + public static string DownloadFile(string url, int timeout, string apikey = "") + { + string response = ""; + Uri uri = null; + // try to pasre url + try + { + uri = new Uri(url); + } + catch (Exception ex) + { + return ex.Message; + } + // create new TCP-Client + using (var client = new TcpClient(uri.Host, uri.Port)) + { + var sr = new SecureRandom(); + var cl = new TlsClient(uri.Host); + var protocol = new TlsClientProtocol(client.GetStream(), sr); + protocol.Connect(cl); + + using (var stream = protocol.Stream) + { + var hdr = new StringBuilder(); + hdr.AppendLine("GET " + uri.PathAndQuery + " HTTP/1.1"); + hdr.AppendLine("Host: " + uri.Host); + hdr.AppendLine("Content-Type: text/json; charset=utf-8"); + if (!String.IsNullOrEmpty(apikey)) + { + hdr.AppendLine("api-auth:" + apikey); + } + hdr.AppendLine("Connection: close"); + hdr.AppendLine(); + + var dataToSend = Encoding.ASCII.GetBytes(hdr.ToString()); + + stream.Write(dataToSend, 0, dataToSend.Length); + + byte[] buff; + // set stop watch as timout + Stopwatch st = new Stopwatch(); + st.Start(); + //read header bytewise + string header = ""; + int totalRead = 0; + buff = new byte[1]; + do + { + totalRead = stream.Read(buff, 0, buff.Length); + header += Encoding.ASCII.GetString(buff); + if (st.ElapsedMilliseconds > timeout) + throw new TimeoutException("Connection to " + url + " timed out."); + } + while (!header.Contains("\r\n\r\n")); + Console.Write(header); + int contentlength = 0; + if (header.Contains("Transfer-Encoding: chunked")) + { + // chunked transfer, read all chunks until complete + while (ReadChunkedContent(stream, timeout, ref response) == ReadResult.MoreData) + { } + } + else + { + // get content length from header + Regex rcontentlength = new Regex("(?<=Content-Length:\\s)\\d+", RegexOptions.IgnoreCase); + contentlength = int.Parse(rcontentlength.Match(header).Value); + ReadContent(stream, contentlength, timeout, ref response); + } + st.Stop(); + } + } + return response; + } + } + + class MyTlsAuthentication : TlsAuthentication + { + public TlsCredentials GetClientCredentials(CertificateRequest certificateRequest) + { + return null; + } + + public void NotifyServerCertificate(Certificate serverCertificate) + { + } + } + +} diff --git a/AirScout.PlaneFeeds.Plugin.Template/packages.config b/AirScout.PlaneFeeds.Plugin.Template/packages.config index caa3fff..5b6a88c 100644 --- a/AirScout.PlaneFeeds.Plugin.Template/packages.config +++ b/AirScout.PlaneFeeds.Plugin.Template/packages.config @@ -1,6 +1,7 @@  + - + \ No newline at end of file diff --git a/AirScout.PlaneFeeds.Plugin.VirtualRadarServer/AirScout.PlaneFeeds.Plugin.VirtualRadarServer.csproj b/AirScout.PlaneFeeds.Plugin.VirtualRadarServer/AirScout.PlaneFeeds.Plugin.VirtualRadarServer.csproj deleted file mode 100644 index 79bb70e..0000000 --- a/AirScout.PlaneFeeds.Plugin.VirtualRadarServer/AirScout.PlaneFeeds.Plugin.VirtualRadarServer.csproj +++ /dev/null @@ -1,91 +0,0 @@ - - - - - - Debug - AnyCPU - {50093159-6446-48CD-B8CD-6FA58EB88CBB} - Library - Properties - AirScout.PlaneFeeds.Plugin.VirtualRadarServer - AirScout.PlaneFeeds.Plugin.VirtualRadarServer - v4.0 - 512 - true - - - - - true - full - false - bin\Debug\ - DEBUG;TRACE - prompt - 4 - - - pdbonly - true - bin\Release\ - TRACE - prompt - 4 - - - - ..\packages\BouncyCastle.1.8.5\lib\BouncyCastle.Crypto.dll - - - ..\packages\Newtonsoft.Json.12.0.3\lib\net40\Newtonsoft.Json.dll - - - - - - - - - - - - - - True - True - Settings.settings - - - - - - - - {36945dbd-96c8-41e7-9168-f83c42e67af3} - AirScout.PlaneFeeds.Plugin - False - - - - - - - SettingsSingleFileGenerator - Settings.Designer.cs - - - - - - Dieses Projekt verweist auf mindestens ein NuGet-Paket, das auf diesem Computer fehlt. Verwenden Sie die Wiederherstellung von NuGet-Paketen, um die fehlenden Dateien herunterzuladen. Weitere Informationen finden Sie unter "http://go.microsoft.com/fwlink/?LinkID=322105". Die fehlende Datei ist "{0}". - - - - - - mkdir $(SolutionDir)\Airscout\$(OutDir)\Plugin\ -copy $(ProjectDir)\$(OutDir)\ILMerge\*$(TargetExt) $(SolutionDir)\Airscout\$(OutDir)\Plugin\ /y - - - \ No newline at end of file diff --git a/AirScout.PlaneFeeds.Plugin.VirtualRadarServer/Properties/Settings.Designer.cs b/AirScout.PlaneFeeds.Plugin.VirtualRadarServer/Properties/Settings.Designer.cs deleted file mode 100644 index ddfb208..0000000 --- a/AirScout.PlaneFeeds.Plugin.VirtualRadarServer/Properties/Settings.Designer.cs +++ /dev/null @@ -1,26 +0,0 @@ -//------------------------------------------------------------------------------ -// -// Dieser Code wurde von einem Tool generiert. -// Laufzeitversion:4.0.30319.42000 -// -// Änderungen an dieser Datei können falsches Verhalten verursachen und gehen verloren, wenn -// der Code erneut generiert wird. -// -//------------------------------------------------------------------------------ - -namespace AirScout.PlaneFeeds.Plugin.VirtualRadarServer.Properties { - - - [global::System.Runtime.CompilerServices.CompilerGeneratedAttribute()] - [global::System.CodeDom.Compiler.GeneratedCodeAttribute("Microsoft.VisualStudio.Editors.SettingsDesigner.SettingsSingleFileGenerator", "16.4.0.0")] - internal sealed partial class Settings : global::System.Configuration.ApplicationSettingsBase { - - private static Settings defaultInstance = ((Settings)(global::System.Configuration.ApplicationSettingsBase.Synchronized(new Settings()))); - - public static Settings Default { - get { - return defaultInstance; - } - } - } -} diff --git a/AirScout.PlaneFeeds.Plugin.VirtualRadarServer/Properties/Settings.settings b/AirScout.PlaneFeeds.Plugin.VirtualRadarServer/Properties/Settings.settings deleted file mode 100644 index 8e615f2..0000000 --- a/AirScout.PlaneFeeds.Plugin.VirtualRadarServer/Properties/Settings.settings +++ /dev/null @@ -1,5 +0,0 @@ - - - - - \ No newline at end of file diff --git a/AirScout.PlaneFeeds.Plugin.VirtualRadarServer/VirtualRadarServer.cs b/AirScout.PlaneFeeds.Plugin.VirtualRadarServer/VirtualRadarServer.cs deleted file mode 100644 index 79d64c4..0000000 --- a/AirScout.PlaneFeeds.Plugin.VirtualRadarServer/VirtualRadarServer.cs +++ /dev/null @@ -1,750 +0,0 @@ -using System; -using System.Collections.Generic; -using System.Linq; -using System.Text; -using System.Reflection; -using System.ComponentModel.Composition; -using System.ComponentModel; -using System.Globalization; -using AirScout.PlaneFeeds.Plugin.MEFContract; -using System.Diagnostics; -using System.Net; -using System.IO; -using System.Web.Script.Serialization; -using System.Security.Cryptography; -using System.Xml.Serialization; -using System.Xml.Linq; -using Newtonsoft.Json; - -namespace AirScout.PlaneFeeds.Plugin.VirtualRadarServer -{ - - public class VirtualRadarServerSettings - { - - [Browsable(false)] - [DefaultValue("")] - [XmlIgnore] - public string DisclaimerAccepted { get; set; } - - [Browsable(true)] - [CategoryAttribute("Web Feed")] - [DescriptionAttribute("Save downloaded JSON to file")] - [DefaultValue(false)] - [XmlIgnore] - public bool SaveToFile { get; set; } - - [Browsable(true)] - [CategoryAttribute("Web Feed")] - [DescriptionAttribute("Base URL for website.")] - [DefaultValue("https://public-api.adsbexchange.com/VirtualRadar/AircraftList.json?fNBnd=%MAXLAT%&fSBnd=%MINLAT%&fWBnd=%MINLON%&fEBnd=%MAXLON%&fAltL=%MINALTFT%&fAltU=%MAXALTFT%")] - public string URL { get; set; } - - [Browsable(true)] - [CategoryAttribute("Web Feed")] - [DescriptionAttribute("Timeout for loading the site.")] - [DefaultValue(30)] - [XmlIgnore] - public int Timeout { get; set; } - - [Browsable(true)] - [CategoryAttribute("Web Feed")] - [DescriptionAttribute("Personal API key for this feed. Leave it empty to use AirScout internal.")] - [DefaultValue("")] - [XmlIgnore] - public string APIKey { get; set; } - - public VirtualRadarServerSettings() - { - Default(); - Load(true); - } - - /// - /// Sets all properties to their default value according to the [DefaultValue=] attribute - /// - public void Default() - { - // set all properties to their default values according to definition in [DeafultValue=] - foreach (var p in this.GetType().GetProperties()) - { - try - { - // initialize all properties with default value if set - if (Attribute.IsDefined(p, typeof(DefaultValueAttribute))) - { - p.SetValue(this, ((DefaultValueAttribute)Attribute.GetCustomAttribute( - p, typeof(DefaultValueAttribute)))?.Value, null); - } - } - catch (Exception ex) - { - Console.WriteLine("[" + this.GetType().Name + "]: Cannot set default value of: " + p.Name + ", " + ex.Message); - } - } - } - - /// - /// Loads settings from a XML-formatted configuration file into settings. - /// - /// If true, ignore the [XmlIgnore] attribute, e.g. load all settings available in the file.
If false, load only settings without [XmlIgore] attrbute.
- /// The filename of the settings file. - public void Load(bool loadall, string filename = "") - { - // use standard filename if empty - // be careful because Linux file system is case sensitive - if (String.IsNullOrEmpty(filename)) - filename = new Uri(Assembly.GetExecutingAssembly().GetName().CodeBase.Replace(".dll", ".cfg").Replace(".DLL", ".CFG")).LocalPath; - // do nothing if file not exists - if (!File.Exists(filename)) - return; - try - { - string xml = ""; - using (StreamReader sr = new StreamReader(File.OpenRead(filename))) - { - xml = sr.ReadToEnd(); - } - XDocument xdoc = XDocument.Parse(xml); - PropertyInfo[] properties = this.GetType().GetProperties(); - foreach (PropertyInfo p in properties) - { - if (!loadall) - { - // check on XmlIgnore attribute, skip if set - object[] attr = p.GetCustomAttributes(typeof(XmlIgnoreAttribute), false); - if (attr.Length > 0) - continue; - } - try - { - // get matching element - XElement typenode = xdoc.Element(this.GetType().Name); - if (typenode != null) - { - XElement element = typenode.Element(p.Name); - if (element != null) - p.SetValue(this, Convert.ChangeType(element.Value, p.PropertyType), null); - } - } - catch (Exception ex) - { - Console.WriteLine("[" + this.GetType().Name + "]: Error while loading property[" + p.Name + " from " + filename + ", " + ex.Message); - } - } - - } - catch (Exception ex) - { - Console.WriteLine("[" + this.GetType().Name + "]: Cannot load settings from " + filename + ", " + ex.Message); - } - } - - /// - /// Saves settings from settings into a XML-formatted configuration file - /// - /// If true, ignore the [XmlIgnore] attribute, e.g. save all settings.
If false, save only settings without [XmlIgore] attrbute. - /// The filename of the settings file. - public void Save(bool saveall, string filename = "") - { - // use standard filename if empty - // be careful because Linux file system is case sensitive - if (String.IsNullOrEmpty(filename)) - filename = new Uri(Assembly.GetExecutingAssembly().GetName().CodeBase.Replace(".dll", ".cfg").Replace(".DLL", ".CFG")).LocalPath; - XmlAttributeOverrides overrides = new XmlAttributeOverrides(); - if (saveall) - { - // ovverride the XmlIgnore attributes to get all serialized - PropertyInfo[] properties = this.GetType().GetProperties(); - foreach (PropertyInfo p in properties) - { - XmlAttributes attribs = new XmlAttributes { XmlIgnore = false }; - overrides.Add(this.GetType(), p.Name, attribs); - } - } - try - { - using (StreamWriter sw = new StreamWriter(File.Create(filename))) - { - XmlSerializer s = new XmlSerializer(this.GetType(), overrides); - s.Serialize(sw, this); - } - } - catch (Exception ex) - { - throw new InvalidOperationException("[" + this.GetType().Name + "]: Cannot save settings to " + filename + ", " + ex.Message); - } - } - } - - - [Export(typeof(IPlaneFeedPlugin))] - [ExportMetadata("Name", "PlaneFeedPlugin")] - public class VirtualRadarServerPlugin : IPlaneFeedPlugin - { - private VirtualRadarServerSettings Settings = new VirtualRadarServerSettings(); - - private string APIKey = ""; - - public string Name - { - get - { - return "[WebFeed] Virtual Radar Server"; - } - } - - public string Info - { - get - { - return "Web feed from Virtual Radar Server\n\n" + - "(c) AirScout(www.airscout.eu)\n\n" + - "This feed requires an API-key, either personal or AirScout internal.\n" + - "See https://www.adsbexchange.com/ for details.\n\n" + - "This webfeed forces TLS1.2 transport layer security. Though this plugin is compiled for .NET4.0 it needs .NET4.5 or higher installed on this machine to work.\n\n" + - "This webfeed will probably not work on Windows XP and Linux/Mono systems"; - } - } - - public string Version - { - get - { - return Assembly.GetExecutingAssembly().GetName().Version.ToString(); - } - } - - public bool HasSettings - { - get - { - return true; - } - } - - public bool CanImport - { - get - { - return false; - } - } - - public bool CanExport - { - get - { - return false; - } - } - - public string Disclaimer - { - get - { - return ""; - } - } - - public string DisclaimerAccepted - { - get - { - return Settings.DisclaimerAccepted; - } - set - { - Settings.DisclaimerAccepted = value; - } - } - - public void ResetSettings() - { - Settings.Default(); - } - - public void LoadSettings() - { - Settings.Load(true); - } - - public void SaveSettings() - { - Settings.Save(true); - } - - public object GetSettings() - { - return this.Settings; - } - - public void ImportSettings() - { - // nothing to do - } - - public void ExportSettings() - { - // nothing to do - } - - public void Start(PlaneFeedPluginArgs args) - { - // check for personal API-key - if (!String.IsNullOrEmpty(Settings.APIKey)) - { - APIKey = Settings.APIKey; - return; - } - - // get AirScout internal key - try - { - WebClient client = new WebClient(); - string result = client.DownloadString(args.GetKeyURL + - "?id=" + args.InstanceID + - "&key=vrs"); - if (!result.StartsWith("Error:")) - { - result = result.Trim('\"'); - APIKey = OpenSSLDecrypt(result, args.SessionKey); - } - - } - catch (Exception ex) - { - } - } - - public PlaneFeedPluginPlaneInfoList GetPlanes(PlaneFeedPluginArgs args) - { - // intialize variables - VarConverter VC = new VarConverter(); - VC.AddVar("APPDIR", args.AppDirectory); - VC.AddVar("DATADIR", args.AppDataDirectory); - VC.AddVar("LOGDIR", args.LogDirectory); - VC.AddVar("DATABASEDIR", args.DatabaseDirectory); - VC.AddVar("MINLAT", args.MinLat); - VC.AddVar("MAXLAT", args.MaxLat); - VC.AddVar("MINLON", args.MinLon); - VC.AddVar("MAXLON", args.MaxLon); - VC.AddVar("MINALTM", args.MinAlt); - VC.AddVar("MAXALTM", args.MaxAlt); - VC.AddVar("MINALTFT", (int)UnitConverter.m_ft((double)args.MinAlt)); - VC.AddVar("MAXALTFT", (int)UnitConverter.m_ft((double)args.MaxAlt)); - - // initialize plane info list - PlaneFeedPluginPlaneInfoList planes = new PlaneFeedPluginPlaneInfoList(); - string json = ""; - // calculate url and get json - String url = VC.ReplaceAllVars(Settings.URL); - Console.WriteLine("[" + this.GetType().Name + "]: Creating web request: " + url); - // HttpWebRequest webrequest = (HttpWebRequest)HttpWebRequest.Create(url); - // webrequest.Referer = "http://www.vrs-world.com/"; - // webrequest.Timeout = Settings.Timeout * 1000; - // webrequest.UserAgent = "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:37.0) Gecko/20100101 Firefox/37.0"; - // webrequest.Accept = "application/json, text/javascript, */*;q=0.01"; - // webrequest.AutomaticDecompression = System.Net.DecompressionMethods.Deflate | System.Net.DecompressionMethods.GZip; - // webrequest.Headers.Add("api-auth:" + APIKey); - // Console.WriteLine("[" + this.GetType().Name + "]: Getting web response"); - // HttpWebResponse webresponse = (HttpWebResponse)webrequest.GetResponse(); - // Console.WriteLine("[" + this.GetType().Name + "]: Reading stream"); - // - // using (StreamReader sr = new StreamReader(webresponse.GetResponseStream())) - // { - // json = sr.ReadToEnd(); - // } - // */ - json = VRSTlsClient.DownloadFile(url, Settings.Timeout * 1000, APIKey); - // save raw data to file if enabled - if (Settings.SaveToFile) - { - using (StreamWriter sw = new StreamWriter(args.TmpDirectory + Path.DirectorySeparatorChar + this.GetType().Name + "_" + DateTime.UtcNow.ToString("yyyy-MM-dd HH_mm_ss") + ".json")) - { - sw.WriteLine(json); - } - } - Console.WriteLine("[" + this.GetType().Name + "]: Analyzing data"); - // JavaScriptSerializer js = new JavaScriptSerializer(); - // dynamic root = js.Deserialize(json); - // 2017-07-23: workaround for "jumping planes" due to incorrect time stamps - // try to get the server time to adjust the time stamps in plane positions - // --> compare server time with local time and calculate offset - // default offset is 0 - long toffset = 0; - try - { - // deserialize JSON - dynamic root = JsonConvert.DeserializeObject(json); - // get local time of request in milliseconds - DateTime lt = DateTime.UtcNow; - long ltime = (long)(lt - new DateTime(1970, 1, 1)).TotalMilliseconds; - // get server time in milliseconds - long stime = ReadPropertyLong(root, "stm"); - DateTime sti = new System.DateTime(1970, 1, 1, 0, 0, 0, 0).AddMilliseconds(stime); - // calculate offset in milliseconds - toffset = ltime - stime; - // check value - string message = "Server timestamp difference (server <> local): " + sti.ToString("yyyy-MM-dd HH:mm:ss,fffZ") + " <> " + lt.ToString("yyyy-MM-dd HH:mm:ss,fffZ"); - // server time is more than 10.000 ms in the future --> keep offset for correction and log an error message - // else --> set offset to 0 to work with real timestamps of entries without correction - if (toffset <= -10000) - { - message += " --> timestamp correction applied!"; - // Log.WriteMessage(message); - - } - else - { - // clear offset - toffset = 0; - } - // analyze json string for planes data - // get the planes position list - var aclist = root["acList"]; - foreach (var ac in aclist) - { - try - { - PlaneFeedPluginPlaneInfo plane = new PlaneFeedPluginPlaneInfo(); - // get hex first - plane.Hex = ReadPropertyString(ac, "Icao").Trim().Replace("\"", ""); - // get position - plane.Lat = ReadPropertyDouble(ac, "Lat"); - plane.Lon = ReadPropertyDouble(ac, "Long"); - // get altitude - // 2017-07-23: take "GAlt" (corrected altitude by air pressure) rather than "Alt" - plane.Alt = ReadPropertyInt(ac, "GAlt"); - // get callsign - plane.Call = ReadPropertyString(ac, "Call"); - // get registration - plane.Reg = ReadPropertyString(ac, "Reg"); - // get track - plane.Track = ReadPropertyInt(ac, "Trak"); - // get speed - plane.Speed = ReadPropertyInt(ac, "Spd"); - // get position timestamp - // CAUTION!! time is UNIX time in milliseconds - long l = ReadPropertyLong(ac, "PosTime"); - if (l != long.MinValue) - { - // 2017-07-23: correct timestamp with offset - l = l + toffset; - DateTime timestamp = new System.DateTime(1970, 1, 1, 0, 0, 0, 0); - timestamp = timestamp.AddMilliseconds(l); - plane.Time = timestamp; - } - else - { - // skip plane if no valid timestamp found - continue; - } - // get type info - plane.Type = ReadPropertyString(ac, "Type"); - // get extended plane type info - plane.Manufacturer = ReadPropertyString(ac, "Man"); - plane.Model = ReadPropertyString(ac, "Mdl"); - long cat = ReadPropertyLong(ac, "WTC"); - switch (cat) - { - case 1: plane.Category = 1; break; - case 2: plane.Category = 2; break; - case 3: plane.Category = 3; break; - case 4: plane.Category = 4; break; - default: plane.Category = 0; break; - } - // do correction of A380 as "SuperHeavy" is not supported - if (plane.Type == "A388") - plane.Category = 4; - // get country - plane.Country = ReadPropertyString(ac, "Cou"); - // get departure airport - plane.From = ReadPropertyString(ac, "From"); - // get destination airport - plane.To = ReadPropertyString(ac, "To"); - // get vertical speed - plane.VSpeed = ReadPropertyInt(ac, "Vsi"); - // add plane to list - planes.Add(plane); - } - catch (Exception ex) - { - Console.WriteLine("[" + System.Reflection.MethodBase.GetCurrentMethod().Name + "]" + ex.Message); - } - } - } - catch (Exception ex) - { - // do nothing if property is not found - } - Console.WriteLine("[" + this.GetType().Name + "]: Returning " + planes.Count + " planes"); - return planes; - } - - public void Stop(PlaneFeedPluginArgs args) - { - Settings.Save(true); - } - - - // end of Interface - - - /// - /// Decodes an OpenSSL-encrypted (AES256-CBC) string



- /// The equivalent encoding in PHP is like:



- /// $encrypt_method = "AES-256-CBC";

- /// $secret_key = hash('md5',$key);

- /// $encoded = openssl_encrypt($data, $encrypt_method, $secret_key); - /// - /// The encrypted string (Base64 encoded). - /// The password as a string. - /// - public static string OpenSSLDecrypt(string encrypteddata, string pwd) - { - // create a 32bit MD5 hash of the password - var hash = MD5.Create().ComputeHash(Encoding.UTF8.GetBytes(pwd)); - StringBuilder sb = new StringBuilder(); - // Loop through each byte of the hashed data - // and format each one as a hexadecimal string. - for (int i = 0; i < hash.Length; i++) - { - sb.Append(hash[i].ToString("x2")); - } - // use the MD5 hash as the key - byte[] key = Encoding.UTF8.GetBytes(sb.ToString()); - //get the encrypted data as byte[] - byte[] encrypted = Convert.FromBase64String(encrypteddata); - //setup an empty iv - var iv = new byte[16]; - // Declare the RijndaelManaged object used to decrypt the data. - RijndaelManaged aesAlg = null; - - // Declare the string used to hold the decrypted text. - string decrypted; - - // Create a RijndaelManaged object - // with the specified key and IV. - aesAlg = new RijndaelManaged { Mode = CipherMode.CBC, Padding = PaddingMode.PKCS7, KeySize = 256, BlockSize = 128, Key = key, IV = iv }; - - // Create a decrytor to perform the stream transform. - ICryptoTransform decryptor = aesAlg.CreateDecryptor(aesAlg.Key, aesAlg.IV); - // Create the streams used for decryption. - using (MemoryStream ms = new MemoryStream(encrypted)) - { - using (CryptoStream cs = new CryptoStream(ms, decryptor, CryptoStreamMode.Read)) - { - using (StreamReader sr = new StreamReader(cs)) - { - // Read the decrypted bytes from the decrypting stream - // and place them in a string. - decrypted = sr.ReadToEnd(); - sr.Close(); - } - } - } - // return decrypted string - return decrypted; - } - - [System.Diagnostics.DebuggerNonUserCode] - private string ReadPropertyString(dynamic o, string propertyname) - { - string s = null; - try - { - s = o[propertyname]; - } - catch - { - - } - return s; - } - - [System.Diagnostics.DebuggerNonUserCode] - private int ReadPropertyInt(dynamic o, string propertyname) - { - int i = int.MinValue; - double d = ReadPropertyDouble(o, propertyname); - if ((d != double.MinValue) && (d >= int.MinValue) && (d <= int.MaxValue)) - i = (int)d; - return i; - } - - [System.Diagnostics.DebuggerNonUserCode] - private double ReadPropertyDouble(dynamic o, string propertyname) - { - double d = double.MinValue; - try - { - string s = o[propertyname].ToString(CultureInfo.InvariantCulture); - d = double.Parse(s, CultureInfo.InvariantCulture); - } - catch - { - // do nothing if something went wrong - } - return d; - } - - [System.Diagnostics.DebuggerNonUserCode] - private long ReadPropertyLong(dynamic o, string propertyname) - { - long l = long.MinValue; - try - { - l = o[propertyname]; - } - catch - { - // do nothing if something went wrong - } - return l; - } - - [System.Diagnostics.DebuggerNonUserCode] - private bool ReadPropertyBool(dynamic o, string propertyname) - { - bool b = false; - try - { - string s = o[propertyname].ToString(); - b = s.ToLower() == "true"; - } - catch - { - // do nothing if something went wrong - } - return b; - } - - } - - - /// - /// //////////////////////////////////////////// Helpers //////////////////////////////////////////// - /// - - public static class UnitConverter - { - public static double ft_m(double feet) - { - return feet / 3.28084; - } - - public static double m_ft(double m) - { - return m * 3.28084; - } - - public static double kts_kmh(double kts) - { - return kts * 1.852; - } - - public static double kmh_kts(double kmh) - { - return kmh / 1.852; - } - - public static double km_mi(double km) - { - return km * 1.609; - } - - public static double mi_km(double mi) - { - return mi / 1.609; - } - } - - public class VarConverter : Dictionary - { - public readonly char VarSeparator = '%'; - - public void AddVar(string var, object value) - { - // adds a new var<>value pair to dictionary - object o; - if (this.TryGetValue(var, out o)) - { - // item found --> update value - o = value; - } - else - { - // item not found --> add new - this.Add(var, value); - } - } - - public object GetValue(string var) - { - // finds a var in dictionary and returns its value - object o; - if (this.TryGetValue(var, out o)) - { - // item found --> return value - return o; - } - // item not found --> return null - return null; - } - - public string ReplaceAllVars(string s) - { - // check for var separotors first - if (s.Contains(VarSeparator)) - { - // OK, string is containing vars --> crack the string first and replace vars - try - { - string[] a = s.Split(VarSeparator); - // as we are always using a pair of separators the length of a[] must be odd - if (a.Length % 2 == 0) - throw new ArgumentException("Number of separators is not an even number."); - // create new string and replace all vars (on odd indices) - s = ""; - for (int i = 0; i < a.Length; i++) - { - if (i % 2 == 0) - { - // cannot be not a var on that position - s = s + a[i]; - } - else - { - // var identifier: upper the string and try to convert - a[i] = a[i].ToUpper(); - object o; - if (this.TryGetValue(a[i], out o)) - { - // convert floating points with invariant culture info - if (o.GetType() == typeof(double)) - s = s + ((double)o).ToString(CultureInfo.InvariantCulture); - else if (o.GetType() == typeof(float)) - s = s + ((float)o).ToString(CultureInfo.InvariantCulture); - else - s = s + o.ToString(); - } - else - { - throw new ArgumentException("Var identifier not found: " + a[i]); - } - } - } - } - catch (Exception ex) - { - // throw an excecption - throw new ArgumentException("Error while parsing string for variables [" + ex.Message + "]: " + s); - } - } - return s; - } - - } - -} diff --git a/AirScout.PlaneFeeds.Plugin.VirtualRadarServer/app.config b/AirScout.PlaneFeeds.Plugin.VirtualRadarServer/app.config deleted file mode 100644 index 3af56fe..0000000 --- a/AirScout.PlaneFeeds.Plugin.VirtualRadarServer/app.config +++ /dev/null @@ -1,66 +0,0 @@ - - - - -
- - - - - - Web feed from Virtual Radar Server - - - [WebFeed] Virtual Radar Server - - - - - - - - - http://www.airscout.eu/downloads/AircraftList.php?fNBnd=%MAXLAT%&fSBnd=%MINLAT%&fWBnd=%MINLON%&fEBnd=%MAXLON%&fAltL=%MINALTFT%&fAltU=%MAXALTFT% - - - False - - - True - - - 10 - - - False - - - True - - - - - - http://www.airscout.eu/downloads/AircraftList.php?fNBnd=%MAXLAT%&fSBnd=%MINLAT%&fWBnd=%MINLON%&fEBnd=%MAXLON%&fAltL=%MINALTFT%&fAltU=%MAXALTFT% - - - http://public-api.adsbexchange.com/VirtualRadar/AircraftList.json?fNBnd=%MAXLAT%&fSBnd=%MINLAT%&fWBnd=%MINLON%&fEBnd=%MAXLON%&fAltL=%MINALTFT%&fAltU=%MAXALTFT% - - - - - - True - - - False - - - False - - - 30 - - - - \ No newline at end of file diff --git a/AirScout.PlaneFeeds.Plugin.VirtualRadarServer/packages.config b/AirScout.PlaneFeeds.Plugin.VirtualRadarServer/packages.config deleted file mode 100644 index 03bdb1c..0000000 --- a/AirScout.PlaneFeeds.Plugin.VirtualRadarServer/packages.config +++ /dev/null @@ -1,7 +0,0 @@ - - - - - - - \ No newline at end of file diff --git a/AirScout.PlaneFeeds.Plugin/AirScout.PlaneFeeds.Plugin.csproj b/AirScout.PlaneFeeds.Plugin/AirScout.PlaneFeeds.Plugin.csproj index dc0acbd..8515486 100644 --- a/AirScout.PlaneFeeds.Plugin/AirScout.PlaneFeeds.Plugin.csproj +++ b/AirScout.PlaneFeeds.Plugin/AirScout.PlaneFeeds.Plugin.csproj @@ -12,6 +12,8 @@ v4.0 512 true + + true @@ -31,8 +33,8 @@ 4 - - ..\packages\Newtonsoft.Json.12.0.3\lib\net40\Newtonsoft.Json.dll + + ..\packages\BouncyCastle.1.8.9\lib\BouncyCastle.Crypto.dll diff --git a/AirScout.PlaneFeeds.Plugin/Properties/AssemblyInfo.cs b/AirScout.PlaneFeeds.Plugin/Properties/AssemblyInfo.cs index da5e488..04ca2fe 100644 --- a/AirScout.PlaneFeeds.Plugin/Properties/AssemblyInfo.cs +++ b/AirScout.PlaneFeeds.Plugin/Properties/AssemblyInfo.cs @@ -32,5 +32,5 @@ using System.Runtime.InteropServices; // Sie können alle Werte angeben oder Standardwerte für die Build- und Revisionsnummern verwenden, // indem Sie "*" wie unten gezeigt eingeben: // [assembly: AssemblyVersion("1.0.*")] -[assembly: AssemblyVersion("1.3.0.0")] -[assembly: AssemblyFileVersion("1.3.0.0")] +[assembly: AssemblyVersion("1.4.0.0")] +[assembly: AssemblyFileVersion("1.4.0.0")] diff --git a/AirScout.PlaneFeeds.Plugin/packages.config b/AirScout.PlaneFeeds.Plugin/packages.config index 0fa4e01..a4b9563 100644 --- a/AirScout.PlaneFeeds.Plugin/packages.config +++ b/AirScout.PlaneFeeds.Plugin/packages.config @@ -1,4 +1,4 @@  - + \ No newline at end of file diff --git a/AirScout.PlaneFeeds/AirScout.PlaneFeeds.csproj b/AirScout.PlaneFeeds/AirScout.PlaneFeeds.csproj index 3f5037a..a7746a0 100644 --- a/AirScout.PlaneFeeds/AirScout.PlaneFeeds.csproj +++ b/AirScout.PlaneFeeds/AirScout.PlaneFeeds.csproj @@ -53,15 +53,12 @@ false - - ..\packages\Newtonsoft.Json.12.0.3\lib\net40\Newtonsoft.Json.dll + + ..\packages\Newtonsoft.Json.13.0.1\lib\net40\Newtonsoft.Json.dll - - ..\packages\Stub.System.Data.SQLite.Core.NetFramework.1.0.113.3\lib\net40\System.Data.SQLite.dll - @@ -123,13 +120,6 @@ - - - - Dieses Projekt verweist auf mindestens ein NuGet-Paket, das auf diesem Computer fehlt. Verwenden Sie die Wiederherstellung von NuGet-Paketen, um die fehlenden Dateien herunterzuladen. Weitere Informationen finden Sie unter "http://go.microsoft.com/fwlink/?LinkID=322105". Die fehlende Datei ist "{0}". - - - update lat/lon + if (MaidenheadLocator.Check(tb_Locator.Text) && tb_Locator.Text.Length >= 6) + { + MaidenheadLocator.LatLonFromLoc(tb_Locator.Text, PositionInRectangle.MiddleMiddle, out mlat, out mlon); + tb_Latitude.SilentValue = mlat; + tb_Longitude.SilentValue = mlon; + } + else + { + tb_Latitude.SilentValue = double.NaN; + tb_Longitude.SilentValue = double.NaN; + } + } + ValidateMyDetails(); + } + + private void gm_Callsign_MouseDown(object sender, MouseEventArgs e) + { + if (e.Button == MouseButtons.Left && (UserPos != null && UserPos.IsMouseOver)) + { + // dummy set user position to set mouse position exact to marker's location + UserPos.Position = UserPos.Position; + gm_Callsign.CanDragMap = false; + IsDraggingMarker = true; + } + } + + private void gm_Callsign_MouseMove(object sender, MouseEventArgs e) + { + if ((UserPos != null) && IsDraggingMarker) + { + if (Callsign.Check(tb_Callsign.Text)) + { + // get geographic coordinates of mouse pointer + PointLatLng p = gm_Callsign.FromLocalToLatLng(e.X, e.Y); + tb_Latitude.SilentValue = p.Lat; + tb_Longitude.SilentValue = p.Lng; + UserPos.ToolTipMode = MarkerTooltipMode.OnMouseOver; + UserPos.ToolTipText = tb_Callsign.Text; + Properties.Settings.Default.MyLat = p.Lat; + Properties.Settings.Default.MyLon = p.Lng; + ValidateMyDetails(); + } + else + { + UserPos.ToolTipMode = MarkerTooltipMode.OnMouseOver; + UserPos.ToolTipText = "Please enter a valid callsign first."; + } + } + } + + private void gm_Callsign_MouseUp(object sender, MouseEventArgs e) + { + if (IsDraggingMarker) + { + gm_Callsign.CanDragMap = true; + IsDraggingMarker = false; + } + } + + private void gm_Callsign_OnMarkerEnter(GMapMarker item) + { + } + + private void btn_QRZ_Click(object sender, EventArgs e) + { + // get an EN format provider + NumberFormatInfo provider = new NumberFormatInfo(); + provider.NumberDecimalSeparator = "."; + provider.NumberGroupSeparator = ","; + try + { + WebRequest myWebRequest = WebRequest.Create(Properties.Settings.Default.QRZ_URL_Database + Properties.Settings.Default.MyCall); + myWebRequest.Timeout = 10000; + WebResponse myWebResponse = myWebRequest.GetResponse(); + Stream ReceiveStream = myWebResponse.GetResponseStream(); + Encoding encode = System.Text.Encoding.GetEncoding("utf-8"); + StreamReader readStream = new StreamReader(ReceiveStream, encode); + string s = readStream.ReadToEnd(); + if (s.IndexOf("cs_lat") >= 0) + { + string loc; + double lat = 0; + double lon = 0; + try + { + s = s.Remove(0, s.IndexOf("cs_lat = \"") + 10); + lat = System.Convert.ToDouble(s.Substring(0, s.IndexOf("\n") - 2), provider); + s = s.Remove(0, s.IndexOf("cs_lon = \"") + 10); + lon = System.Convert.ToDouble(s.Substring(0, s.IndexOf("\n") - 2), provider); + } + catch + { + } + loc = MaidenheadLocator.LocFromLatLon(lat, lon, false, 3); + // check if loc is matching --> refine lat/lon + if ((tb_Locator.Text.Length >= 6) && (loc == MaidenheadLocator.Convert(tb_Locator.Text, false).Substring(0, 6))) + { + Properties.Settings.Default["MyLat"] = lat; + Properties.Settings.Default.MyLon = lon; + tb_Latitude.Value = lat; + tb_Longitude.Value = lon; + MessageBox.Show("Position update from QRZ.com was performed succesfully.", "QRZ.com"); + return; + } + } + } + catch + { + } + MessageBox.Show("Position query at QRZ.com failed or does not match with current locator. \nNo update was performed.", "QRZ.com"); + + } + + private void btn_Zoom_In_Click(object sender, EventArgs e) + { + if (gm_Callsign.Zoom < 20) + gm_Callsign.Zoom++; + } + + private void btn_Zoom_Out_Click(object sender, EventArgs e) + { + if (gm_Callsign.Zoom > 0) + gm_Callsign.Zoom--; + } + + private void gm_Callsign_OnMapZoomChanged() + { + // maintain zoom level + tb_Zoom.Text = gm_Callsign.Zoom.ToString(); + } + + #endregion + + #region wp_PlaneFeeds + private void ValidatePlaneFeeds() + { + if ((cb_PlaneFeed1.SelectedItem != null) && (cb_PlaneFeed2.SelectedItem != null) && (cb_PlaneFeed3.SelectedItem != null) && (cb_PlaneFeed1.SelectedItem.ToString() == "[none]") && (cb_PlaneFeed2.SelectedItem.ToString() == "[none]") && (cb_PlaneFeed3.SelectedItem.ToString() == "[none]")) + wp_PlaneFeeds.AllowNext = false; + else + wp_PlaneFeeds.AllowNext = true; + } + + private void wp_PlaneFeeds_Enter(object sender, EventArgs e) + { + // set initial settings for planes tab + cb_PlaneFeed1.DisplayMember = "Name"; + cb_PlaneFeed2.DisplayMember = "Name"; + cb_PlaneFeed3.DisplayMember = "Name"; + cb_PlaneFeed1.Items.Clear(); + cb_PlaneFeed2.Items.Clear(); + cb_PlaneFeed3.Items.Clear(); + cb_PlaneFeed1.Items.Add("[none]"); + cb_PlaneFeed2.Items.Add("[none]"); + cb_PlaneFeed3.Items.Add("[none]"); + if (ParentDlg.PlaneFeedPlugins != null) + { + foreach (var plugin in ParentDlg.PlaneFeedPlugins) + { + cb_PlaneFeed1.Items.Add(plugin); + cb_PlaneFeed2.Items.Add(plugin); + cb_PlaneFeed3.Items.Add(plugin); + } + } + cb_PlaneFeed1.SelectedIndex = cb_PlaneFeed1.FindStringExact(Properties.Settings.Default.Planes_PlaneFeed1); + cb_PlaneFeed2.SelectedIndex = cb_PlaneFeed1.FindStringExact(Properties.Settings.Default.Planes_PlaneFeed2); + cb_PlaneFeed3.SelectedIndex = cb_PlaneFeed1.FindStringExact(Properties.Settings.Default.Planes_PlaneFeed3); + ValidatePlaneFeeds(); + } + + private void cb_PlaneFeed1_SelectedIndexChanged(object sender, EventArgs e) + { + if ((cb_PlaneFeed1.SelectedItem == null) || (cb_PlaneFeed1.GetItemText(cb_PlaneFeed1.SelectedItem) == "[none]")) + { + Properties.Settings.Default.Planes_PlaneFeed1 = "[none]"; + ValidatePlaneFeeds(); + return; + } + /* + PlaneFeed feed = (PlaneFeed)cb_PlaneFeed1.SelectedItem; + // show disclaimer if necessary + if (!String.IsNullOrEmpty(feed.Disclaimer) && (String.IsNullOrEmpty(feed.DisclaimerAccepted))) + { + PlaneFeedDisclaimerDlg Dlg = new PlaneFeedDisclaimerDlg(); + Dlg.tb_DisclaimerText.Text = feed.Disclaimer; + if (Dlg.ShowDialog() == System.Windows.Forms.DialogResult.OK) + { + // making a unique ID for confirmation + string ID = ""; + try + { + ID = (string)Registry.GetValue("HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows NT\\CurrentVersion", "ProductId", ""); + } + catch + { + ID = "Key not found!"; + } + ID = ID + "," + DateTime.UtcNow.ToString("u"); + ID = ID + "," + System.Security.Principal.WindowsIdentity.GetCurrent().Name; + feed.DisclaimerAccepted = ID; + } + else + { + cb_PlaneFeed1.SelectedItem = "[none]"; + } + } + */ + IPlaneFeedPlugin feed = (IPlaneFeedPlugin)cb_PlaneFeed1.SelectedItem; + // show disclaimer if necessary + if (!String.IsNullOrEmpty(feed.Disclaimer) && (String.IsNullOrEmpty(feed.DisclaimerAccepted))) + { + PlaneFeedDisclaimerDlg Dlg = new PlaneFeedDisclaimerDlg(); + Dlg.tb_DisclaimerText.Text = feed.Disclaimer; + if (Dlg.ShowDialog() == System.Windows.Forms.DialogResult.OK) + { + // making a unique ID for confirmation + string ID = ""; + try + { + ID = (string)Registry.GetValue("HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows NT\\CurrentVersion", "ProductId", ""); + } + catch + { + ID = "Key not found!"; + } + ID = ID + "," + DateTime.UtcNow.ToString("u"); + ID = ID + "," + System.Security.Principal.WindowsIdentity.GetCurrent().Name; + feed.DisclaimerAccepted = ID; + } + else + { + cb_PlaneFeed1.SelectedItem = "[none]"; + } + } + Properties.Settings.Default.Planes_PlaneFeed1 = feed.Name; + ValidatePlaneFeeds(); + } + + private void cb_PlaneFeed2_SelectedIndexChanged(object sender, EventArgs e) + { + if ((cb_PlaneFeed2.SelectedItem == null) || (cb_PlaneFeed2.GetItemText(cb_PlaneFeed2.SelectedItem) == "[none]")) + { + Properties.Settings.Default.Planes_PlaneFeed2 = "[none]"; + ValidatePlaneFeeds(); + return; + } + /* + PlaneFeed feed = (PlaneFeed)cb_PlaneFeed2.SelectedItem; + // show disclaimer if necessary + if (!String.IsNullOrEmpty(feed.Disclaimer) && (String.IsNullOrEmpty(feed.DisclaimerAccepted))) + { + PlaneFeedDisclaimerDlg Dlg = new PlaneFeedDisclaimerDlg(); + Dlg.tb_DisclaimerText.Text = feed.Disclaimer; + if (Dlg.ShowDialog() == System.Windows.Forms.DialogResult.OK) + { + // making a unique ID for confirmation + string ID = ""; + try + { + ID = (string)Registry.GetValue("HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows NT\\CurrentVersion", "ProductId", ""); + } + catch + { + ID = "Key not found!"; + } + ID = ID + "," + DateTime.UtcNow.ToString("u"); + ID = ID + "," + System.Security.Principal.WindowsIdentity.GetCurrent().Name; + feed.DisclaimerAccepted = ID; + } + } + Properties.Settings.Default.Planes_PlaneFeed2 = feed.Name; + */ + IPlaneFeedPlugin feed = (IPlaneFeedPlugin)cb_PlaneFeed2.SelectedItem; + // show disclaimer if necessary + if (!String.IsNullOrEmpty(feed.Disclaimer) && (String.IsNullOrEmpty(feed.DisclaimerAccepted))) + { + PlaneFeedDisclaimerDlg Dlg = new PlaneFeedDisclaimerDlg(); + Dlg.tb_DisclaimerText.Text = feed.Disclaimer; + if (Dlg.ShowDialog() == System.Windows.Forms.DialogResult.OK) + { + // making a unique ID for confirmation + string ID = ""; + try + { + ID = (string)Registry.GetValue("HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows NT\\CurrentVersion", "ProductId", ""); + } + catch + { + ID = "Key not found!"; + } + ID = ID + "," + DateTime.UtcNow.ToString("u"); + ID = ID + "," + System.Security.Principal.WindowsIdentity.GetCurrent().Name; + feed.DisclaimerAccepted = ID; + } + else + { + cb_PlaneFeed2.SelectedItem = "[none]"; + } + } + Properties.Settings.Default.Planes_PlaneFeed2 = feed.Name; + ValidatePlaneFeeds(); + } + + private void cb_PlaneFeed3_SelectedIndexChanged(object sender, EventArgs e) + { + if ((cb_PlaneFeed3.SelectedItem == null) || (cb_PlaneFeed3.GetItemText(cb_PlaneFeed3.SelectedItem) == "[none]")) + { + Properties.Settings.Default.Planes_PlaneFeed3 = "[none]"; + ValidatePlaneFeeds(); + return; + } + /* + PlaneFeed feed = (PlaneFeed)cb_PlaneFeed3.SelectedItem; + // show disclaimer if necessary + if (!String.IsNullOrEmpty(feed.Disclaimer) && (String.IsNullOrEmpty(feed.DisclaimerAccepted))) + { + PlaneFeedDisclaimerDlg Dlg = new PlaneFeedDisclaimerDlg(); + Dlg.tb_DisclaimerText.Text = feed.Disclaimer; + if (Dlg.ShowDialog() == System.Windows.Forms.DialogResult.OK) + { + // making a unique ID for confirmation + string ID = ""; + try + { + ID = (string)Registry.GetValue("HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows NT\\CurrentVersion", "ProductId", ""); + } + catch + { + ID = "Key not found!"; + } + ID = ID + "," + DateTime.UtcNow.ToString("u"); + ID = ID + "," + System.Security.Principal.WindowsIdentity.GetCurrent().Name; + feed.DisclaimerAccepted = ID; + } + } + Properties.Settings.Default.Planes_PlaneFeed3 = feed.Name; + */ + IPlaneFeedPlugin feed = (IPlaneFeedPlugin)cb_PlaneFeed3.SelectedItem; + // show disclaimer if necessary + if (!String.IsNullOrEmpty(feed.Disclaimer) && (String.IsNullOrEmpty(feed.DisclaimerAccepted))) + { + PlaneFeedDisclaimerDlg Dlg = new PlaneFeedDisclaimerDlg(); + Dlg.tb_DisclaimerText.Text = feed.Disclaimer; + if (Dlg.ShowDialog() == System.Windows.Forms.DialogResult.OK) + { + // making a unique ID for confirmation + string ID = ""; + try + { + ID = (string)Registry.GetValue("HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows NT\\CurrentVersion", "ProductId", ""); + } + catch + { + ID = "Key not found!"; + } + ID = ID + "," + DateTime.UtcNow.ToString("u"); + ID = ID + "," + System.Security.Principal.WindowsIdentity.GetCurrent().Name; + feed.DisclaimerAccepted = ID; + } + else + { + cb_PlaneFeed3.SelectedItem = "[none]"; + } + } + Properties.Settings.Default.Planes_PlaneFeed3 = feed.Name; + ValidatePlaneFeeds(); + } + #endregion + + + private void FirstRunWizard_FormClosing(object sender, FormClosingEventArgs e) + { + lbl_Finish.Text = "Please wait for download of last tile is finished..."; + bw_GLOBE_MapUpdater.CancelAsync(); + bw_SRTM3_MapUpdater.CancelAsync(); + bw_SRTM1_MapUpdater.CancelAsync(); + while (bw_GLOBE_MapUpdater.IsBusy) + Application.DoEvents(); + while (bw_SRTM3_MapUpdater.IsBusy) + Application.DoEvents(); + while (bw_SRTM1_MapUpdater.IsBusy) + Application.DoEvents(); + } + + } + + + + public enum TILEDOWNLOADSTATUS + { + ERROR = -1, + INIT = 0, + DOWNLOADING = 2, + DOWNLOADED = 3, + UPTODATE = 4 + } +} diff --git a/AirScout/GMapLocatorPolygon.cs b/AirScout/GMapLocatorPolygon.cs index 7657e6f..1d16b70 100644 --- a/AirScout/GMapLocatorPolygon.cs +++ b/AirScout/GMapLocatorPolygon.cs @@ -104,7 +104,7 @@ namespace AirScout g.SmoothingMode = SmoothingMode.AntiAlias; g.TextRenderingHint = TextRenderingHint.SingleBitPerPixelGridFit; - Font font = new Font("Arial", polyrect.Height / 10); + Font font = new Font("Arial", polyrect.Width / 10); StringFormat format = new StringFormat(); format.LineAlignment = StringAlignment.Center; format.Alignment = StringAlignment.Center; diff --git a/AirScout/MapDlg.Designer.cs b/AirScout/MapDlg.Designer.cs index 71e104c..a556535 100644 --- a/AirScout/MapDlg.Designer.cs +++ b/AirScout/MapDlg.Designer.cs @@ -30,8 +30,8 @@ { this.components = new System.ComponentModel.Container(); System.ComponentModel.ComponentResourceManager resources = new System.ComponentModel.ComponentResourceManager(typeof(MapDlg)); - ScoutBase.Core.LatLon.GPoint gPoint1 = new ScoutBase.Core.LatLon.GPoint(); - ScoutBase.Core.LatLon.GPoint gPoint2 = new ScoutBase.Core.LatLon.GPoint(); + ScoutBase.Core.LatLon.GPoint gPoint7 = new ScoutBase.Core.LatLon.GPoint(); + ScoutBase.Core.LatLon.GPoint gPoint8 = new ScoutBase.Core.LatLon.GPoint(); this.il_Main = new System.Windows.Forms.ImageList(this.components); this.ti_Progress = new System.Windows.Forms.Timer(this.components); this.sc_Map = new System.Windows.Forms.SplitContainer(); @@ -181,6 +181,7 @@ this.bw_Analysis_FileSaver = new System.ComponentModel.BackgroundWorker(); this.bw_Analysis_FileLoader = new System.ComponentModel.BackgroundWorker(); this.bw_AirportMapper = new System.ComponentModel.BackgroundWorker(); + this.bw_LocatorGridUpdater = new System.ComponentModel.BackgroundWorker(); ((System.ComponentModel.ISupportInitialize)(this.sc_Map)).BeginInit(); this.sc_Map.Panel1.SuspendLayout(); this.sc_Map.Panel2.SuspendLayout(); @@ -306,6 +307,7 @@ this.ag_Azimuth.MinValue = 0F; this.ag_Azimuth.Name = "ag_Azimuth"; this.ag_Azimuth.NoOfDivisions = 12; + this.ag_Azimuth.NoOfSubDivisions = 5; this.ag_Azimuth.RecommendedValue = 0F; this.ag_Azimuth.Size = new System.Drawing.Size(175, 175); this.ag_Azimuth.TabIndex = 27; @@ -325,7 +327,8 @@ this.ag_Elevation.MaxValue = 90F; this.ag_Elevation.MinValue = 0F; this.ag_Elevation.Name = "ag_Elevation"; - this.ag_Elevation.NoOfDivisions = 4; + this.ag_Elevation.NoOfDivisions = 6; + this.ag_Elevation.NoOfSubDivisions = 2; this.ag_Elevation.RecommendedValue = 0F; this.ag_Elevation.Size = new System.Drawing.Size(175, 175); this.ag_Elevation.TabIndex = 28; @@ -1698,7 +1701,7 @@ this.cb_DXLoc.Font = new System.Drawing.Font("Courier New", 9.75F, System.Drawing.FontStyle.Regular, System.Drawing.GraphicsUnit.Point, ((byte)(0))); this.cb_DXLoc.ForeColor = System.Drawing.SystemColors.WindowText; this.cb_DXLoc.FormattingEnabled = true; - this.cb_DXLoc.GeoLocation = gPoint1; + this.cb_DXLoc.GeoLocation = gPoint7; this.cb_DXLoc.Location = new System.Drawing.Point(3, 154); this.cb_DXLoc.Name = "cb_DXLoc"; this.cb_DXLoc.Precision = 3; @@ -1722,7 +1725,7 @@ this.cb_MyLoc.Font = new System.Drawing.Font("Courier New", 9.75F, System.Drawing.FontStyle.Regular, System.Drawing.GraphicsUnit.Point, ((byte)(0))); this.cb_MyLoc.ForeColor = System.Drawing.SystemColors.WindowText; this.cb_MyLoc.FormattingEnabled = true; - this.cb_MyLoc.GeoLocation = gPoint2; + this.cb_MyLoc.GeoLocation = gPoint8; this.cb_MyLoc.Location = new System.Drawing.Point(3, 71); this.cb_MyLoc.Name = "cb_MyLoc"; this.cb_MyLoc.Precision = 3; @@ -2051,6 +2054,14 @@ this.bw_AirportMapper.ProgressChanged += new System.ComponentModel.ProgressChangedEventHandler(this.bw_AirportMapper_ProgressChanged); this.bw_AirportMapper.RunWorkerCompleted += new System.ComponentModel.RunWorkerCompletedEventHandler(this.bw_AirportMapper_RunWorkerCompleted); // + // bw_LocatorGridUpdater + // + this.bw_LocatorGridUpdater.WorkerReportsProgress = true; + this.bw_LocatorGridUpdater.WorkerSupportsCancellation = true; + this.bw_LocatorGridUpdater.DoWork += new System.ComponentModel.DoWorkEventHandler(this.bw_LocatorGridUpdater_DoWork); + this.bw_LocatorGridUpdater.ProgressChanged += new System.ComponentModel.ProgressChangedEventHandler(this.bw_LocatorGridUpdater_ProgressChanged); + this.bw_LocatorGridUpdater.RunWorkerCompleted += new System.ComponentModel.RunWorkerCompletedEventHandler(this.bw_LocatorGridUpdater_RunWorkerCompleted); + // // MapDlg // this.AcceptButton = this.btn_Map_PlayPause; @@ -2270,6 +2281,7 @@ private System.Windows.Forms.ToolStripStatusLabel tsl_CAT; private System.Windows.Forms.ToolStripStatusLabel tsl_Rot; private System.Windows.Forms.ToolStripStatusLabel tsl_Track; + private System.ComponentModel.BackgroundWorker bw_LocatorGridUpdater; } } diff --git a/AirScout/MapDlg.cs b/AirScout/MapDlg.cs index 5551a34..589122b 100644 --- a/AirScout/MapDlg.cs +++ b/AirScout/MapDlg.cs @@ -370,6 +370,7 @@ namespace AirScout GMapOverlay gmo_NearestPlanes = new GMapOverlay("Planes"); GMapOverlay gmo_Locators = new GMapOverlay("Locators"); GMapOverlay gmo_Distances = new GMapOverlay("Distances"); + GMapOverlay gmo_CallsignDetails = new GMapOverlay("CallsignDetails"); // Routes GMapRoute gmr_FullPath; @@ -522,11 +523,12 @@ namespace AirScout ROTSTATUS RotStatus = ROTSTATUS.NONE; TrackValues TrackValues = null; - // Track display - public Font TrackDisplayFont; - public Brush TrackDisplayBrush; - public Pen TrackDisplayPen; + // Gauges display + public Color GaugesColor = Color.Black; + public Font TrackDisplayFont = new Font("Courier New", 16, FontStyle.Bold); + // Location grid updating + public bool UpdateLocationGrid = false; #region Startup & Initialization @@ -544,6 +546,15 @@ namespace AirScout InitializeComponent(); + // Running on Windows or Linux/Mono? + if (SupportFunctions.IsMono) + { + Console.WriteLine("Checking system: Running on Linux/Mono."); + } + else + { + Console.WriteLine("Checking system: Running on Windows."); + } // do basic initialization this.Text = "AirScout - Aircraft Scatter Prediction V" + Application.ProductVersion + " (c) 2013-2020 DL2ALF"; @@ -552,8 +563,10 @@ namespace AirScout // initialize settings InitializeSettings(); + // initialize charting InitializeCharts(); + // Initilialize Webbrowser InitializeWebbrowser(); @@ -920,9 +933,15 @@ namespace AirScout try { // try to call plaugin constructor and add the value to Planefeeds list + // 2022_04_24 check plugin version against program version: do not load older plugins var plugin = lazyplugin.Value; if (plugin != null) - PlaneFeedPlugins.Add(plugin); + { + if (plugin.Version.StartsWith(mainversion)) + { + PlaneFeedPlugins.Add(plugin); + } + } } catch (Exception ex) { @@ -944,9 +963,37 @@ namespace AirScout /// The property value. public static dynamic GetPropertyDefaultValue(string propertyname) { - string p = (string)Properties.Settings.Default.Properties[propertyname].DefaultValue; + SettingsProperty prop = Properties.Settings.Default.Properties[propertyname]; + if (prop == null) + return null; + + object def = prop.DefaultValue; + if (def == null) + return null; + + Type t = Properties.Settings.Default.Properties[propertyname].PropertyType; + if (t == null) + return null; + + try + { + TypeConverter tc = TypeDescriptor.GetConverter(t); + object value = tc.ConvertFromString(null, CultureInfo.InvariantCulture, (string)def); + + return value; + } + catch (Exception ex) + { + + } + + return null; + /* + string p = prop.DefaultValue.ToString(); Type t = Properties.Settings.Default.Properties[propertyname].PropertyType; return Convert.ChangeType(p, t); + */ + } private string QualifyDatabaseDirectory(string databasedir) @@ -967,6 +1014,10 @@ namespace AirScout private void InitializeSettings() { + + // Load user settings + LoadUserSettings(); + // check for invalid settings // check if band is BNONE --> set to 1.2G if (Properties.Settings.Default.Band == BAND.BNONE) @@ -1009,6 +1060,27 @@ namespace AirScout Properties.Settings.Default.PropagationDatabase_Directory = QualifyDatabaseDirectory(Properties.Settings.Default.PropagationDatabase_Directory); } + private void DumpSettingsToLog(string name, SettingsPropertyValueCollection settings) + { + foreach (SettingsPropertyValue p in settings) + { + try + { + if ((p != null) && (p.Name != null)) + { + string value = p.PropertyValue != null ? p.PropertyValue.ToString() : "[null]"; + string default_value = GetPropertyDefaultValue(p.Name) != null ? "[Default = " + GetPropertyDefaultValue(p.Name) + "]" : "[Default = null]"; + Log.WriteMessage(name + "." + p.Name + " = " + value + default_value); + } + } + catch (Exception ex) + { + Console.WriteLine("Error while checking property + " + p.Name + ": " + ex.ToString()); + } + } + + } + private void CheckSettings() { Log.WriteMessage("Checking properties..."); @@ -1163,6 +1235,7 @@ namespace AirScout private void CreateDistances() { + gmo_Distances.Clear(); for (int dist = 100; dist <= 1000; dist += 100) { GMapRoute circle = new GMapRoute("Distance: " + dist.ToString()); @@ -1171,9 +1244,9 @@ namespace AirScout { LatLon.GPoint p = LatLon.DestinationPoint(Properties.Settings.Default.MyLat, Properties.Settings.Default.MyLon, i, dist); circle.Points.Add(new PointLatLng(p.Lat, p.Lon)); - gmo_Distances.Routes.Add(circle); } + gmo_Distances.Routes.Add(circle); } } @@ -1212,10 +1285,11 @@ namespace AirScout gm_Main.Overlays.Add(gmo_Distances); gm_Main.Overlays.Add(gmo_Airports); gm_Main.Overlays.Add(gmo_PropagationPaths); - gm_Main.Overlays.Add(gmo_Routes); gm_Main.Overlays.Add(gmo_Objects); + gm_Main.Overlays.Add(gmo_Routes); gm_Main.Overlays.Add(gmo_Planes); gm_Main.Overlays.Add(gmo_Callsigns); + gm_Main.Overlays.Add(gmo_CallsignDetails); gm_Main.Opacity = (double)Properties.Settings.Default.Map_Opacity; @@ -1313,8 +1387,17 @@ namespace AirScout } private void InitializeLocators() { - // clear locator overlay anyway - gmo_Locators.Clear(); + // NASTY!! still throws execption sometimes + // when restoring cursor + try + { + // clear locator overlay anyway + gmo_Locators.Clear(); + } + catch (Exception ex) + { + // do all most nothing + } // return if not activated if (!Properties.Settings.Default.Map_ShowLocators) @@ -1479,12 +1562,6 @@ namespace AirScout ag_Elevation.fromAngle = 180; ag_Elevation.toAngle = 270; - // set up track display - Color trackcolor = Color.FromArgb(128, 0, 0, 0); - TrackDisplayBrush = new SolidBrush(trackcolor); - TrackDisplayPen = new Pen(TrackDisplayBrush, 3); - TrackDisplayFont = new Font("Courier New", 16, FontStyle.Bold); - // install additional mouse events gb_Map_Info.MouseClick += new MouseEventHandler(this.gb_Map_Info_MouseClick); gb_Map_Zoom.MouseClick += new MouseEventHandler(this.gb_Map_Zoom_MouseClick); @@ -1525,16 +1602,13 @@ namespace AirScout if (FirstRun) { Log.WriteMessage("Preparing for first run."); + + // Reload settings + LoadUserSettings(); + // try to ugrade settings when not started with /CLEAN option if (!CleanRun) { - // Mono hack to assure that default values were initilaized - if (SupportFunctions.IsMono) - { - Properties.Settings.Default.Reset(); - SaveUserSettings(); - Properties.Settings.Default.Reload(); - } Log.WriteMessage("Upgrading settings."); Properties.Settings.Default.Upgrade(); // handle skip to version 1.3.3.1 @@ -1562,6 +1636,7 @@ namespace AirScout } AirScout.PlaneFeeds.Properties.Settings.Default.Upgrade(); } + CheckDirectories(); CheckSettings(); // reset topmost state @@ -1594,6 +1669,7 @@ namespace AirScout // reset FirstRun property Properties.Settings.Default.FirstRun = false; Properties.Settings.Default.FirstRun = Properties.Settings.Default.FirstRun; + // set privacy statements (for legacy) Properties.Settings.Default.First_Agree = true; Properties.Settings.Default.First_Disagree = false; @@ -1710,10 +1786,19 @@ namespace AirScout cb_DXLoc.AutoLength = Properties.Settings.Default.Locator_AutoLength; // populate watchlist RefreshWatchlistView(); - // Linux/Mon Hack: cycle control tab view to ensure that all elements are drawn - tc_Control.SelectedTab = tp_Control_Options; - tc_Control.SelectedTab = tp_Control_Multi; - tc_Control.SelectedTab = tp_Control_Single; + // Linux/Mon Hacks for layout + if (SupportFunctions.IsMono) + { + // cycle control tab view to ensure that all elements are drawn + tc_Control.SelectedTab = tp_Control_Options; + tc_Control.SelectedTab = tp_Control_Multi; + tc_Control.SelectedTab = tp_Control_Single; + + btn_Map_PlayPause.Image = null; + btn_Map_PlayPause.Text = "Play"; + btn_Map_PlayPause.TextAlign = System.Drawing.ContentAlignment.MiddleCenter; + btn_Map_PlayPause.Font = new Font(btn_Map_PlayPause.Font, FontStyle.Bold); + } // set players bounds sb_Analysis_Play.Minimum = 0; sb_Analysis_Play.Maximum = int.MaxValue; @@ -1768,6 +1853,22 @@ namespace AirScout Properties.Settings.Default.MainSplitter_Distance = -1; Properties.Settings.Default.MapSplitter_Distance = -1; } + + // dump all properties to log + Log.WriteMessage("============================= Application Settings =================================="); + DumpSettingsToLog("Properties.Settings.Default", Properties.Settings.Default.PropertyValues); + DumpSettingsToLog("AirScout.PlaneFeeds.Properties.Settings.Default", AirScout.PlaneFeeds.Properties.Settings.Default.PropertyValues); + DumpSettingsToLog("ScoutBase.Elevation.Properties.Settings.Default", ScoutBase.Elevation.Properties.Settings.Default.PropertyValues); + DumpSettingsToLog("ScoutBase.Stations.Properties.Settings.Default", ScoutBase.Stations.Properties.Settings.Default.PropertyValues); + DumpSettingsToLog("ScoutBase.Propagation.Properties.Settings.Default", ScoutBase.Propagation.Properties.Settings.Default.PropertyValues); + DumpSettingsToLog("ScoutBase.CAT.Properties.Settings.Default", ScoutBase.CAT.Properties.Settings.Default.PropertyValues); + DumpSettingsToLog("AirScout.Aircrafts.Properties.Settings.Default", AirScout.Aircrafts.Properties.Settings.Default.PropertyValues); + DumpSettingsToLog("AirScout.CAT.Properties.Settings.Default", AirScout.CAT.Properties.Settings.Default.PropertyValues); + Log.WriteMessage("====================================================================================="); + + // set Pause Mode + // Pause(); + } private void FinishStartup() @@ -1848,6 +1949,8 @@ namespace AirScout // start all background workers // check if the thread is not NULL and not activated Say("Starting background threads..."); + if ((bw_LocatorGridUpdater != null) && !bw_LocatorGridUpdater.IsBusy) + bw_LocatorGridUpdater.RunWorkerAsync(); if ((bw_AirportMapper != null) && !bw_AirportMapper.IsBusy) bw_AirportMapper.RunWorkerAsync(); if ((bw_JSONWriter != null) && !bw_JSONWriter.IsBusy) @@ -2084,7 +2187,7 @@ namespace AirScout if ((bw_WinTestReceive != null) && (!bw_WinTestReceive.IsBusy)) bw_WinTestReceive.RunWorkerAsync(); if ((bw_Webserver != null) && (!bw_Webserver.IsBusy)) - bw_Webserver.RunWorkerAsync(); + bw_Webserver.RunWorkerAsync(TmpDirectory); } if (Properties.Settings.Default.SpecLab_Enabled) { @@ -2133,11 +2236,14 @@ namespace AirScout return; worker.CancelAsync(); // waiting for background threads to finish + int timeout = 10000; // timeout in ms Stopwatch st = new Stopwatch(); st.Start(); Say("Stopping background thread " + count.ToString() + " of " + total.ToString() + " [" + name + "]..."); while ((worker != null) && worker.IsBusy) + { Application.DoEvents(); + } st.Stop(); Log.WriteMessage("Stopping " + name + ", " + st.ElapsedMilliseconds.ToString() + " ms."); } @@ -2173,6 +2279,8 @@ namespace AirScout private void CancelAllBackgroundWorkers() { // cancel all background workers, don't wait for finish + if (bw_LocatorGridUpdater != null) + bw_LocatorGridUpdater.CancelAsync(); if (bw_AirportMapper != null) bw_AirportMapper.CancelAsync(); if (bw_PlaneFeed1 != null) @@ -2522,6 +2630,7 @@ namespace AirScout this.wb_News.Name = "wb_News"; this.wb_News.Size = new System.Drawing.Size(844, 197); this.wb_News.TabIndex = 0; + this.wb_News.ScriptErrorsSuppressed = true; this.wb_News.Url = global::AirScout.Properties.Settings.Default.News_URL; this.tp_News.Controls.Add(this.wb_News); } @@ -2568,6 +2677,7 @@ namespace AirScout { if (!SupportFunctions.IsMono) return ConfigurationManager.OpenExeConfiguration(ConfigurationUserLevel.PerUserRoamingAndLocal).FilePath; + // try to build a path to user specific settings under Linux/Mono string usersettingspath = Environment.GetFolderPath(Environment.SpecialFolder.LocalApplicationData); usersettingspath = Path.Combine(usersettingspath, Application.CompanyName, AppDomain.CurrentDomain.FriendlyName); @@ -2595,133 +2705,108 @@ namespace AirScout return usersettingspath; } - private XmlElement CreateUserSection(XmlDocument doc, SettingsBase settings) + private void LoadSettingsFromJSON(ApplicationSettingsBase settings) { - XmlElement usersection = doc.CreateElement(string.Empty, "section", string.Empty); - XmlAttribute sectionname = doc.CreateAttribute(string.Empty, "name", string.Empty); - sectionname.Value = settings.GetType().FullName; - usersection.Attributes.Append(sectionname); - XmlAttribute sectiontype = doc.CreateAttribute(string.Empty, "type", string.Empty); - Assembly assembly = Assembly.GetAssembly(typeof(System.Configuration.ClientSettingsSection)); - // sectiontype.Value = "System.Configuration.ClientSettingsSection, System, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089"; - sectiontype.Value = typeof(System.Configuration.ClientSettingsSection).FullName + ", " + assembly.FullName; - usersection.Attributes.Append(sectiontype); - XmlAttribute sectionallowexedefinition = doc.CreateAttribute(string.Empty, "allowExeDefinition", string.Empty); - sectionallowexedefinition.Value = "MachineToLocalUser"; - usersection.Attributes.Append(sectionallowexedefinition); - XmlAttribute sectionrequirepermission = doc.CreateAttribute(string.Empty, "requirePermission", string.Empty); - sectionrequirepermission.Value = "false"; - usersection.Attributes.Append(sectionrequirepermission); - return usersection; - } + string filename = GetUserSettingsPath().Replace("user.config", settings.GetType().FullName + ".json"); - private XmlElement SerializeSettings(XmlDocument doc, SettingsBase settings) - { - XmlElement properties = doc.CreateElement(string.Empty, settings.ToString(), string.Empty); - foreach (SettingsPropertyValue p in settings.PropertyValues) + if (!File.Exists(filename)) + return; + JsonSerializerSettings serializersettings = new JsonSerializerSettings(); + Dictionary props = + JsonConvert.DeserializeObject>(File.ReadAllText(filename)); + foreach (string key in props.Keys) { - if ((p != null) && (p.Name != null) && (p.PropertyValue != null) && !p.UsingDefaultValue) + try { - // Console.WriteLine("Appending " + p.Name + " = " + p.PropertyValue.ToString()); - XmlElement setting = doc.CreateElement(string.Empty, "setting", string.Empty); - XmlAttribute name = doc.CreateAttribute(string.Empty, "name", string.Empty); - name.Value = p.Name.ToString(); - setting.Attributes.Append(name); - XmlAttribute serializeas = doc.CreateAttribute(string.Empty, "serializeAs", string.Empty); - serializeas.Value = p.Property.SerializeAs.ToString(); - setting.Attributes.Append(serializeas); - XmlElement value = doc.CreateElement(string.Empty, "value", string.Empty); - if (p.PropertyValue != null && p.Property.SerializeAs == SettingsSerializeAs.String) - { - XmlText text = doc.CreateTextNode(p.SerializedValue.ToString()); - value.AppendChild(text); - } - else - { - if (p.PropertyValue != null && p.Property.SerializeAs == SettingsSerializeAs.Xml) - { - MemoryStream ms = new MemoryStream(); - XmlWriter writer = XmlWriter.Create(ms, new XmlWriterSettings - { - NewLineOnAttributes = true, - OmitXmlDeclaration = true - }); - XmlSerializer serializer = new XmlSerializer(p.PropertyValue.GetType()); - serializer.Serialize(writer, p.PropertyValue); - byte[] text2 = new byte[ms.ToArray().Length - 3]; - Array.Copy(ms.ToArray(), 3, text2, 0, text2.Length); - XmlText xml = doc.CreateTextNode(Encoding.UTF8.GetString(text2.ToArray())); - value.AppendChild(xml); - value.InnerXml = WebUtility.HtmlDecode(value.InnerXml); - } - } - setting.AppendChild(value); - properties.AppendChild(setting); + settings[key] = JsonConvert.DeserializeObject(props[key], settings.Properties[key].PropertyType); + } + catch (Exception ex) + { + Console.WriteLine("Error while loading user setting: " + ex.ToString()); } } - return properties; + } + + private void LoadUserSettings() + { + try + { + Console.WriteLine("Loading user settings..."); + + if (!SupportFunctions.IsMono) + { + // use Windows standard Properties.Settings.Default behavoir + AirScout.PlaneFeeds.Properties.Settings.Default.Reload(); + ScoutBase.Elevation.Properties.Settings.Default.Reload(); + ScoutBase.Stations.Properties.Settings.Default.Reload(); + ScoutBase.Propagation.Properties.Settings.Default.Reload(); + AirScout.Aircrafts.Properties.Settings.Default.Reload(); + Properties.Settings.Default.Reload(); + + return; + } + + // Mono hack to assure that default values were initilaized + AirScout.PlaneFeeds.Properties.Settings.Default.Reset(); + ScoutBase.Elevation.Properties.Settings.Default.Reset(); + ScoutBase.Stations.Properties.Settings.Default.Reset(); + ScoutBase.Propagation.Properties.Settings.Default.Reset(); + AirScout.Aircrafts.Properties.Settings.Default.Reset(); + Properties.Settings.Default.Reset(); + + // Rather load settings as JSON + LoadSettingsFromJSON(ScoutBase.Elevation.Properties.Settings.Default); + LoadSettingsFromJSON(ScoutBase.Stations.Properties.Settings.Default); + LoadSettingsFromJSON(ScoutBase.Propagation.Properties.Settings.Default); + LoadSettingsFromJSON(AirScout.Aircrafts.Properties.Settings.Default); + LoadSettingsFromJSON(Properties.Settings.Default); + + Console.WriteLine("Loading user settings finished successfully."); + } + catch (Exception ex) + { + Console.WriteLine("Error while loading user settings: " + ex.ToString(), LogLevel.Error); + } + } + + private void SaveSettingsToJSON(ApplicationSettingsBase settings) + { + string filename = GetUserSettingsPath().Replace("user.config", settings.GetType().FullName + ".json"); + + Dictionary props = new Dictionary(); + foreach (SettingsProperty prop in settings.Properties) + { + props.Add(prop.Name, JsonConvert.SerializeObject(settings[prop.Name])); + } + File.WriteAllText(filename, JsonConvert.SerializeObject(props, Newtonsoft.Json.Formatting.Indented)); } private void SaveUserSettings() { try { + Console.WriteLine("Saving configuration, FirstRun = " + Properties.Settings.Default.FirstRun); Log.WriteMessage("Saving configuration..."); - // save all settings - ScoutBase.Elevation.Properties.Settings.Default.Save(); - ScoutBase.Stations.Properties.Settings.Default.Save(); - ScoutBase.Propagation.Properties.Settings.Default.Save(); - AirScout.Aircrafts.Properties.Settings.Default.Save(); - AirScout.CAT.Properties.Settings.Default.Save(); - Properties.Settings.Default.Save(); + if (!SupportFunctions.IsMono) + { + // save all settings + ScoutBase.Elevation.Properties.Settings.Default.Save(); + ScoutBase.Stations.Properties.Settings.Default.Save(); + ScoutBase.Propagation.Properties.Settings.Default.Save(); + AirScout.Aircrafts.Properties.Settings.Default.Save(); + Properties.Settings.Default.Save(); + return; - // Linux/Mono hack to save all properties in a correct manner - Console.WriteLine("Creating XML document..."); - XmlDocument doc = new XmlDocument(); - XmlDeclaration xmlDeclaration = doc.CreateXmlDeclaration("1.0", "UTF-8", null); - XmlElement root = doc.DocumentElement; - doc.InsertBefore(xmlDeclaration, root); - XmlElement configuration = doc.CreateElement(string.Empty, "configuration", string.Empty); - doc.AppendChild(configuration); - XmlElement configsections = doc.CreateElement(string.Empty, "configSections", string.Empty); - configuration.AppendChild(configsections); - XmlElement usersettingsgroup = doc.CreateElement(string.Empty, "sectionGroup", string.Empty); - XmlAttribute usersettingsname = doc.CreateAttribute(string.Empty, "name", string.Empty); - usersettingsname.Value = "userSettings"; - usersettingsgroup.Attributes.Append(usersettingsname); - usersettingsgroup.AppendChild(CreateUserSection(doc, AirScout.PlaneFeeds.Properties.Settings.Default)); - usersettingsgroup.AppendChild(CreateUserSection(doc, ScoutBase.Elevation.Properties.Settings.Default)); - usersettingsgroup.AppendChild(CreateUserSection(doc, ScoutBase.Stations.Properties.Settings.Default)); - usersettingsgroup.AppendChild(CreateUserSection(doc, ScoutBase.Propagation.Properties.Settings.Default)); - usersettingsgroup.AppendChild(CreateUserSection(doc, ScoutBase.CAT.Properties.Settings.Default)); - usersettingsgroup.AppendChild(CreateUserSection(doc, AirScout.Aircrafts.Properties.Settings.Default)); - usersettingsgroup.AppendChild(CreateUserSection(doc, AirScout.CAT.Properties.Settings.Default)); - configsections.AppendChild(usersettingsgroup); - XmlElement usersettings = doc.CreateElement(string.Empty, "userSettings", string.Empty); - configuration.AppendChild(usersettings); - Console.WriteLine("Writing user settings..."); - // append AirScout.PlaneFeeds properties - Console.WriteLine("Appending AirScout.PlaneFeeds.Properties.Settings.Default node..."); - usersettings.AppendChild(SerializeSettings(doc, AirScout.PlaneFeeds.Properties.Settings.Default)); - // append ScoutBase properties - Console.WriteLine("Appending ScoutBase.Elevation.Properties.Settings.Default node..."); - usersettings.AppendChild(SerializeSettings(doc, ScoutBase.Elevation.Properties.Settings.Default)); - Console.WriteLine("Appending ScoutBase.Stations.Properties.Settings.Default node..."); - usersettings.AppendChild(SerializeSettings(doc, ScoutBase.Stations.Properties.Settings.Default)); - Console.WriteLine("Appending ScoutBase.Propagation.Properties.Settings.Default node..."); - usersettings.AppendChild(SerializeSettings(doc, ScoutBase.Propagation.Properties.Settings.Default)); - Console.WriteLine("Appending ScoutBase.CAT.Properties.Settings.Default node..."); - usersettings.AppendChild(SerializeSettings(doc, ScoutBase.CAT.Properties.Settings.Default)); - // append AirScout.Aircrafts properties - Console.WriteLine("Appending AirScout.Aircrafts.Settings.Default node..."); - // append AirScout.CAT properties - Console.WriteLine("Appending AirScout.CAT.Settings.Default node..."); - usersettings.AppendChild(SerializeSettings(doc, AirScout.CAT.Properties.Settings.Default)); - // append AirScout properties - Console.WriteLine("Appending AirScout.Properties.Settings.Default node..."); - usersettings.AppendChild(SerializeSettings(doc, Properties.Settings.Default)); - doc.Save(GetUserSettingsPath()); + } + + // Rather save settings as JSON + SaveSettingsToJSON(Properties.Settings.Default); + SaveSettingsToJSON(AirScout.Aircrafts.Properties.Settings.Default); + SaveSettingsToJSON(ScoutBase.Propagation.Properties.Settings.Default); + SaveSettingsToJSON(ScoutBase.Stations.Properties.Settings.Default); + SaveSettingsToJSON(ScoutBase.Elevation.Properties.Settings.Default); + } catch (Exception ex) { @@ -2771,12 +2856,24 @@ namespace AirScout Properties.Settings.Default.General_WindowLocation = this.RestoreBounds.Location; } Properties.Settings.Default.General_WindowState = this.WindowState; + + // save properties to file + SaveUserSettings(); + Say("Waiting for background threads to close..."); // close background threads, save database and settings try { // cancel background workers - CancelAllBackgroundWorkers(); + // causes ThreadAbortExceptions on Linux ?!? + try + { + CancelAllBackgroundWorkers(); + } + catch (Exception ex) + { + + } // save splitter positions Properties.Settings.Default.MainSplitter_Distance = MainSplitterDistance; Properties.Settings.Default.MapSplitter_Distance = MapSplitterDistance; @@ -2853,8 +2950,7 @@ namespace AirScout st.Stop(); Log.WriteMessage("Aircraft database saved, " + st.ElapsedMilliseconds.ToString() + " ms."); } - // save properties to file - SaveUserSettings(); + // flush the Log again in case of any exception to save all messages Log.FlushLog(); } @@ -3514,6 +3610,8 @@ namespace AirScout Properties.Settings.Default.DXLon, MaidenheadLocator.IsPrecise(Properties.Settings.Default.DXLat, Properties.Settings.Default.DXLon, 3) ? GEOSOURCE.FROMUSER : GEOSOURCE.FROMLOC); } + // update map provider + gm_Main.MapProvider = GMapProviders.Find(Properties.Settings.Default.Map_Provider); // update ToolTipFont ToolTipFont = CreateFontFromString(Properties.Settings.Default.Map_ToolTipFont); @@ -3552,11 +3650,14 @@ namespace AirScout AirScout.Aircrafts.Properties.Settings.Default.Database_BackgroundUpdate_Period = (int)Properties.Settings.Default.Background_Update_Period; // update database path path and elevation model InitializeDatabase(); + + // resize map window + gm_Main_SizeChanged(this, null); } else { - // nothing was changed - Properties.Settings.Default.Reload(); + // nothing was changed --> reload settings + LoadUserSettings(); } // (re)initialize maps @@ -3583,7 +3684,7 @@ namespace AirScout #region Play & Pause private void Play() - { + { PlayMode = AIRSCOUTPLAYMODE.FORWARD; // switch tab control according to path mode if (PathMode == AIRSCOUTPATHMODE.SINGLE) @@ -3613,8 +3714,22 @@ namespace AirScout { Log.WriteMessage(ex.ToString(), LogLevel.Error); } - // change button image - btn_Map_PlayPause.Image = il_Main.Images[0]; + + // Linux/Mono hack to display text in button instead of symbols + if (SupportFunctions.IsMono) + { + btn_Map_PlayPause.Image = null; + btn_Map_PlayPause.Text = "Pause"; + btn_Map_PlayPause.TextAlign = System.Drawing.ContentAlignment.MiddleCenter; + btn_Map_PlayPause.Font = new Font(btn_Map_PlayPause.Font, FontStyle.Bold); + } + else + { + // change button image + btn_Map_PlayPause.Text = ""; + btn_Map_PlayPause.Image = il_Main.Images[0]; + } + // disable controls cb_Band.Enabled = false; btn_Options.Enabled = false; @@ -3634,8 +3749,21 @@ namespace AirScout private void Pause() { PlayMode = AIRSCOUTPLAYMODE.PAUSE; - // change button image - btn_Map_PlayPause.Image = il_Main.Images[1]; + + // Linux/Mono hack to display text in button instead of symbols + if (SupportFunctions.IsMono) + { + btn_Map_PlayPause.Image = null; + btn_Map_PlayPause.Text = "Play"; + btn_Map_PlayPause.TextAlign = System.Drawing.ContentAlignment.MiddleCenter; + btn_Map_PlayPause.Font = new Font(btn_Map_PlayPause.Font, FontStyle.Bold); + } + else + { + // change button image + btn_Map_PlayPause.Text = ""; + btn_Map_PlayPause.Image = il_Main.Images[1]; + } // update tab control tc_Control.Refresh(); // enable controls @@ -3688,19 +3816,21 @@ namespace AirScout GMapMarker gmmid = new GMarkerGoogle(new PointLatLng(midpoint.Lat, midpoint.Lon), ToolTipFont, ((PathMode == AIRSCOUTPATHMODE.MULTI) && Properties.Settings.Default.Map_SmallMarkers) ? GMarkerGoogleType.blue_small : GMarkerGoogleType.blue_dot); gmmid.ToolTipText = ppath.Location1.Call + " <> " + ppath.Location2.Call; gmmid.ToolTipMode = MarkerTooltipMode.OnMouseOver; - gmo_Objects.Markers.Add(gmmid); + gmo_CallsignDetails.Markers.Add(gmmid); // calculate dx end gmm_DXLoc = new GMarkerGoogle(new PointLatLng(ppath.Lat2, ppath.Lon2), ToolTipFont, ((PathMode == AIRSCOUTPATHMODE.MULTI) && Properties.Settings.Default.Map_SmallMarkers) ? GMarkerGoogleType.yellow_small : GMarkerGoogleType.yellow_dot); gmm_DXLoc.ToolTipText = ppath.Location2.Call + "\n" + ppath.Location2.Lat.ToString("F8", CultureInfo.InvariantCulture) + "\n" + ppath.Location2.Lon.ToString("F8", CultureInfo.InvariantCulture) + "\n" + ppath.Location2.Loc + "\n" + - GetElevation(ppath.Location2.Lat, ppath.Location2.Lon).ToString("F0") + "m"; + GetElevation(ppath.Location2.Lat, ppath.Location2.Lon).ToString("F0") + "m\n" + + LatLon.Bearing(ppath.Location1.Lat, ppath.Location1.Lon, ppath.Location2.Lat, ppath.Location2.Lon).ToString("F0") + "°\n" + + LatLon.Distance(ppath.Location1.Lat, ppath.Location1.Lon, ppath.Location2.Lat, ppath.Location2.Lon).ToString("F0") + "km"; if (Properties.Settings.Default.Track_Activate) gmm_DXLoc.ToolTipText += "\nRight+Click to Turn Antenna"; gmm_DXLoc.ToolTipMode = MarkerTooltipMode.OnMouseOver; gmm_DXLoc.Tag = ppath.Location2.Call; - gmo_Objects.Markers.Add(gmm_DXLoc); + gmo_CallsignDetails.Markers.Add(gmm_DXLoc); // set three small points for hot path, if one if (!Properties.Settings.Default.Map_SmallMarkers) { @@ -4336,21 +4466,56 @@ namespace AirScout } if (Properties.Settings.Default.InfoWin_Type) m.ToolTipText += "\nType: " + info.Manufacturer + " " + info.Model + " [" + PlaneCategories.GetShortStringValue(info.Category) + "]"; - if (Properties.Settings.Default.InfoWin_Dist) + + if (info.Potential > 0) { - if (Properties.Settings.Default.InfoWin_Metric) - m.ToolTipText += "\nDist: " + info.IntQRB.ToString("F0") + "km"; - else - m.ToolTipText += "\nDist: " + UnitConverter.km_mi(info.IntQRB).ToString("F0") + "mi"; + if (Properties.Settings.Default.InfoWin_Dist) + { + if (Properties.Settings.Default.InfoWin_Metric) + m.ToolTipText += "\nDist: " + info.IntQRB.ToString("F0") + "km"; + else + m.ToolTipText += "\nDist: " + UnitConverter.km_mi(info.IntQRB).ToString("F0") + "mi"; + } + if (Properties.Settings.Default.InfoWin_Time) + m.ToolTipText += "\nTime: " + (CurrentTime + new TimeSpan(0, mins, 0)).ToString("HH:mm") + " [ " + mins.ToString("") + "min]"; + if (Properties.Settings.Default.InfoWin_Angle) + m.ToolTipText += "\nAngle: " + (info.Angle / Math.PI * 180.0).ToString("F0") + "°"; + if (Properties.Settings.Default.InfoWin_Epsilon) + m.ToolTipText += "\nEps: " + (info.Eps1 / Math.PI * 180.0).ToString("00.00") + "° <> " + (info.Eps2 / Math.PI * 180.0).ToString("00.00") + "°"; + if (Properties.Settings.Default.InfoWin_Squint) + m.ToolTipText += "\nSquint: " + (info.Squint / Math.PI * 180).ToString("00.00") + "°"; } - if (Properties.Settings.Default.InfoWin_Time) - m.ToolTipText += "\nTime: " + (CurrentTime + new TimeSpan(0, mins, 0)).ToString("HH:mm") + " [ " + mins.ToString("") + "min]"; - if (Properties.Settings.Default.InfoWin_Angle) - m.ToolTipText += "\nAngle: " + (info.Angle / Math.PI * 180.0).ToString("F0") + "°"; - if (Properties.Settings.Default.InfoWin_Epsilon) - m.ToolTipText += "\nEps: " + (info.Eps1 / Math.PI * 180.0).ToString("00.00") + "° <> " + (info.Eps2 / Math.PI * 180.0).ToString("00.00") + "°"; - if (Properties.Settings.Default.InfoWin_Squint) - m.ToolTipText += "\nSquint: " + (info.Squint / Math.PI * 180).ToString("00.00") + "°"; + + if ((TrackMode == AIRSCOUTTRACKMODE.TRACK) && (TrackValues != null) && ( + (Properties.Settings.Default.InfoWin_MyAzimuth) || + (Properties.Settings.Default.InfoWin_MyElevation) || + (Properties.Settings.Default.InfoWin_MyDoppler) + )) + { + m.ToolTipText += "\n--------------------"; + if (Properties.Settings.Default.InfoWin_MyAzimuth) + m.ToolTipText += "\nMyAzimuth: " + TrackValues.MyAzimuth.ToString("00.00") + "°"; + if (Properties.Settings.Default.InfoWin_MyElevation) + m.ToolTipText += "\nMyElevation: " + TrackValues.MyElevation.ToString("00.00") + "°"; + if (Properties.Settings.Default.InfoWin_MyDoppler) + m.ToolTipText += "\nMyDoppler: " + TrackValues.MyDoppler.ToString("F0") + "Hz"; + } + if ((TrackMode == AIRSCOUTTRACKMODE.TRACK) && (TrackValues != null) && ( + (Properties.Settings.Default.InfoWin_DXAzimuth) || + (Properties.Settings.Default.InfoWin_DXElevation) || + (Properties.Settings.Default.InfoWin_DXDoppler) + )) + { + m.ToolTipText += "\n--------------------"; + if (Properties.Settings.Default.InfoWin_DXAzimuth) + m.ToolTipText += "\nDXAzimuth: " + TrackValues.DXAzimuth.ToString("00.00") + "°"; + if (Properties.Settings.Default.InfoWin_DXElevation) + m.ToolTipText += "\nDXElevation: " + TrackValues.DXElevation.ToString("00.00") + "°"; + if (Properties.Settings.Default.InfoWin_DXDoppler) + m.ToolTipText += "\nDXDoppler: " + TrackValues.DXDoppler.ToString("F0") + "Hz"; + } + + if (selected) { m.ToolTipMode = MarkerTooltipMode.Always; @@ -4413,7 +4578,14 @@ namespace AirScout gmo_Planes.Markers.Add(CreatePlaneDetailed(plane, isselected)); break; default: - gmo_Planes.Markers.Add(CreatePlaneSimple(plane, isselected)); + if (Properties.Settings.Default.InfoWin_AlwaysDetailed) + { + gmo_Planes.Markers.Add(CreatePlaneDetailed(plane, isselected)); + } + else + { + gmo_Planes.Markers.Add(CreatePlaneSimple(plane, isselected)); + } break; } @@ -4990,13 +5162,30 @@ namespace AirScout private void gm_Main_Paint(object sender, PaintEventArgs e) { - if ((TrackMode == AIRSCOUTTRACKMODE.TRACK) && (TrackValues != null)) + if (Properties.Settings.Default.Map_TrackingGaugesShow && (TrackMode == AIRSCOUTTRACKMODE.TRACK) && (TrackValues != null)) { // paint gauges on top of the map if enabled ag_Azimuth.Value = (float)TrackValues.MyAzimuth; ag_Elevation.Value = (float)TrackValues.MyElevation; - e.Graphics.DrawRectangle(TrackDisplayPen, new Rectangle(ag_Azimuth.Left, ag_Azimuth.Top, ag_Azimuth.Width + ag_Elevation.Width + 20, ag_Elevation.Height)); + // get gauges forecolor from properties + Color gaugescolor = Color.FromName(Properties.Settings.Default.Map_TrackingGaugeColor); + if (gaugescolor == null) + { + // set to black if fails + gaugescolor = Color.Black; + } + + // get brushes, pens and fonts + Brush gaugesbrush = new SolidBrush(gaugescolor); + Pen gaugespen = new Pen(gaugesbrush, 3); + Font trackfont = new Font("Courier New", (int)((double)pa_Rig.Height / 7.0), FontStyle.Bold); + + // set colors, brushes and pens + ag_Azimuth.ForeColor = gaugescolor; + ag_Elevation.ForeColor = gaugescolor; + + e.Graphics.DrawRectangle(gaugespen, new Rectangle(ag_Azimuth.Left, ag_Azimuth.Top, ag_Azimuth.Width + ag_Elevation.Width + 20, ag_Elevation.Height)); // draw elements int ofsX = ag_Azimuth.Left; @@ -5021,32 +5210,51 @@ namespace AirScout NumberFormatInfo info = new NumberFormatInfo(); info.NumberDecimalSeparator = ","; info.NumberGroupSeparator = "."; - int top = 10; + int top = 0; int left = 10; - e.Graphics.DrawRectangle(TrackDisplayPen, new Rectangle(pa_Rig.Left, pa_Rig.Top, pa_Rig.Width, pa_Rig.Height)); - e.Graphics.DrawString("MyDop: " + TrackValues.MyDoppler.ToString("F0"), TrackDisplayFont, TrackDisplayBrush, new PointF(pa_Rig.Left + left, pa_Rig.Top + top)); - e.Graphics.DrawString("DXDop: " + TrackValues.DXDoppler.ToString("F0"), TrackDisplayFont, TrackDisplayBrush, new PointF(pa_Rig.Left + left + 180, pa_Rig.Top + top)); - e.Graphics.DrawString("Dial : " + Properties.Settings.Default.Doppler_DialFreq.ToString(info), TrackDisplayFont, TrackDisplayBrush, new PointF(pa_Rig.Left + left, pa_Rig.Top + top + 30)); - e.Graphics.DrawString("RX : " + TrackValues.RXFrequency.ToString(info), TrackDisplayFont, TrackDisplayBrush, new PointF(pa_Rig.Left + left, pa_Rig.Top + top + 50)); - e.Graphics.DrawString("TX : " + TrackValues.TXFrequency.ToString(info), TrackDisplayFont, TrackDisplayBrush, new PointF(pa_Rig.Left + left, pa_Rig.Top + top + 70)); + e.Graphics.DrawRectangle(gaugespen, new Rectangle(pa_Rig.Left, pa_Rig.Top, pa_Rig.Width, pa_Rig.Height)); + e.Graphics.DrawString("MyDop: " + TrackValues.MyDoppler.ToString("F0"), trackfont, gaugesbrush, new PointF(pa_Rig.Left + left, pa_Rig.Top + top)); + e.Graphics.DrawString("DXDop: " + TrackValues.DXDoppler.ToString("F0"), trackfont, gaugesbrush, new PointF(pa_Rig.Left + left + pa_Rig.Width / 2, pa_Rig.Top + top)); + e.Graphics.DrawString("Dial : " + Properties.Settings.Default.Doppler_DialFreq.ToString(info), trackfont, gaugesbrush, new PointF(pa_Rig.Left + left, pa_Rig.Top + top + pa_Rig.Height / 4 * 1)); + e.Graphics.DrawString("RX : " + TrackValues.RXFrequency.ToString(info), trackfont, gaugesbrush, new PointF(pa_Rig.Left + left, pa_Rig.Top + top + pa_Rig.Height / 4 * 2)); + e.Graphics.DrawString("TX : " + TrackValues.TXFrequency.ToString(info), trackfont, gaugesbrush, new PointF(pa_Rig.Left + left, pa_Rig.Top + top + pa_Rig.Height / 4 * 3)); } } } private void gm_Main_SizeChanged(object sender, EventArgs e) { - // adjust position of gauges - ag_Azimuth.Left = gm_Main.Right - ag_Azimuth.Width - ag_Elevation.Width - 40; - ag_Azimuth.Top = gm_Main.Bottom - ag_Azimuth.Height - 20; + try + { + // get width from properties + int width = (int)Properties.Settings.Default.Map_TrackingGaugeWidth; - ag_Elevation.Left = gm_Main.Right - ag_Elevation.Width - 20; - ag_Elevation.Top = gm_Main.Bottom - ag_Elevation.Height - 20; - // adjust position of rig panel - pa_Rig.Width = ag_Elevation.Right - ag_Azimuth.Left; - pa_Rig.Height = 120; - pa_Rig.Left = ag_Azimuth.Left; - pa_Rig.Top = gm_Main.Bottom - ag_Azimuth.Height - pa_Rig.Height - 30; + // check bounds + if (width < 175) + width = 175; + if (width > this.Width / 2) + width = this.Width / 2; + + // adjust position and size of gauges + ag_Azimuth.Width = width; + ag_Elevation.Width = width; + ag_Azimuth.Left = gm_Main.Right - ag_Azimuth.Width - ag_Elevation.Width - 40; + ag_Azimuth.Top = gm_Main.Bottom - ag_Azimuth.Height - 20; + + ag_Elevation.Left = gm_Main.Right - ag_Elevation.Width - 20; + ag_Elevation.Top = gm_Main.Bottom - ag_Elevation.Height - 20; + + // adjust position and size of rig panel + pa_Rig.Width = ag_Elevation.Right - ag_Azimuth.Left; + pa_Rig.Height = ag_Azimuth.Height / 2; + pa_Rig.Left = ag_Azimuth.Left; + pa_Rig.Top = gm_Main.Bottom - ag_Azimuth.Height - pa_Rig.Height - 30; + } + catch (Exception ex) + { + + } } private void gm_Main_OnPositionChanged(PointLatLng point) @@ -5055,8 +5263,18 @@ namespace AirScout private void gm_Main_OnTileLoadComplete(long ElapsedMilliseconds) { - // (re)initialize locator overlay - InitializeLocators(); + // use thread safe call here! + /* + // use a backgroundworker to pump a message into the main window's message loop + while (bw_LocatorGridUpdater.IsBusy) + { + // wait until last run is finished + Application.DoEvents(); + } + bw_LocatorGridUpdater.RunWorkerAsync(); + */ + + UpdateLocationGrid = true; } #endregion @@ -5068,8 +5286,10 @@ namespace AirScout if (cb_Band.SelectedItem != null) Properties.Settings.Default.Band = Bands.ParseStringValue((string)cb_Band.SelectedItem); else Properties.Settings.Default.Band = BAND.BNONE; - SaveUserSettings(); - Properties.Settings.Default.Reload(); + +// SaveUserSettings(); +// Properties.Settings.Default.Reload(); + } #region Tab Control Control Panel @@ -7784,65 +8004,68 @@ namespace AirScout { // get planes each minute List list = Planes.GetAll(DateTime.UtcNow, Properties.Settings.Default.Planes_Position_TTL); - // write json file - try + if (list.Count > 0) { - using (StreamWriter sw = new StreamWriter(TmpDirectory + Path.DirectorySeparatorChar + "planes.json")) + // write json file + try { - int major = Assembly.GetExecutingAssembly().GetName().Version.Major; - sw.Write("{\"full_count\":" + list.Count().ToString() + ",\"version\":" + major.ToString()); - int i = 0; - foreach (PlaneInfo info in list) + using (StreamWriter sw = new StreamWriter(TmpDirectory + Path.DirectorySeparatorChar + "planes.json")) { - string index = "\"" + i.ToString("x8") + "\""; - string hex = "\"" + info.Hex + "\""; - string lat = info.Lat.ToString("F4", CultureInfo.InvariantCulture); - string lon = info.Lon.ToString("F4", CultureInfo.InvariantCulture); - string track = info.Track.ToString(); - string alt = info.Alt.ToString(); - string speed = info.Speed.ToString(); - string squawk = "\"" + "" + "\""; - string radar = "\"" + "" + "\""; - string type = "\"" + info.Type + "\""; - string reg = "\"" + info.Reg + "\""; - DateTime sTime = new DateTime(1970, 1, 1, 0, 0, 0, DateTimeKind.Utc); - string time = ((long)(info.Time - sTime).TotalSeconds).ToString(); - string dep = "\"\""; - string dest = "\"\""; - string flight = "\"\""; - string dummy1 = "0"; - string dummy2 = "0"; - string call = "\"" + info.Call + "\""; - string dummy3 = "0"; - sw.WriteLine("," + index + ":[" + - hex + "," + - lat + "," + - lon + "," + - track + "," + - alt + "," + - speed + "," + - squawk + "," + - radar + "," + - type + "," + - reg + "," + - time + "," + - dep + "," + - dest + "," + - flight + "," + - dummy1 + "," + - dummy2 + "," + - call + "," + - dummy3 + - "]"); + int major = Assembly.GetExecutingAssembly().GetName().Version.Major; + sw.Write("{\"full_count\":" + list.Count().ToString() + ",\"version\":" + major.ToString()); + int i = 0; + foreach (PlaneInfo info in list) + { + string index = "\"" + i.ToString("x8") + "\""; + string hex = "\"" + info.Hex + "\""; + string lat = info.Lat.ToString("F4", CultureInfo.InvariantCulture); + string lon = info.Lon.ToString("F4", CultureInfo.InvariantCulture); + string track = info.Track.ToString("F0", CultureInfo.InvariantCulture); + string alt = info.Alt.ToString("F0", CultureInfo.InvariantCulture); + string speed = info.Speed.ToString("F0", CultureInfo.InvariantCulture); + string squawk = "\"" + "" + "\""; + string radar = "\"" + "" + "\""; + string type = "\"" + info.Type + "\""; + string reg = "\"" + info.Reg + "\""; + DateTime sTime = new DateTime(1970, 1, 1, 0, 0, 0, DateTimeKind.Utc); + string time = ((long)(info.Time - sTime).TotalSeconds).ToString(); + string dep = "\"\""; + string dest = "\"\""; + string flight = "\"\""; + string dummy1 = "0"; + string dummy2 = "0"; + string call = "\"" + info.Call + "\""; + string dummy3 = "0"; + sw.WriteLine("," + index + ":[" + + hex + "," + + lat + "," + + lon + "," + + track + "," + + alt + "," + + speed + "," + + squawk + "," + + radar + "," + + type + "," + + reg + "," + + time + "," + + dep + "," + + dest + "," + + flight + "," + + dummy1 + "," + + dummy2 + "," + + call + "," + + dummy3 + + "]"); + i++; + } + sw.WriteLine("}"); } - sw.WriteLine("}"); - i++; } - } - catch (Exception ex) - { - Log.WriteMessage(ex.ToString(), LogLevel.Error); - // do nothing + catch (Exception ex) + { + Log.WriteMessage(ex.ToString(), LogLevel.Error); + // do nothing + } } int ii = 0; while (!bw_JSONWriter.CancellationPending && (ii < interval)) @@ -9028,6 +9251,21 @@ namespace AirScout e.Cancel = true; } + private void bw_LocatorGridUpdater_DoWork(object sender, DoWorkEventArgs e) + { + // do almost nothing + } + + private void bw_LocatorGridUpdater_ProgressChanged(object sender, ProgressChangedEventArgs e) + { + // do almost nothing + + } + + private void bw_LocatorGridUpdater_RunWorkerCompleted(object sender, RunWorkerCompletedEventArgs e) + { + InitializeLocators(); + } } diff --git a/AirScout/MapDlg.cs.bak b/AirScout/MapDlg.cs.bak new file mode 100644 index 0000000..da6ef7c --- /dev/null +++ b/AirScout/MapDlg.cs.bak @@ -0,0 +1,9280 @@ + +// AirScout Aircraft Scatter Prediction +// Copyright (C) DL2ALF +// +// This program is free software: you can redistribute it and/or modify +// it under the terms of the GNU General Public License as published by +// the Free Software Foundation, either version 3 of the License, or +// (at your option) any later version. +// +// This program is distributed in the hope that it will be useful, +// but WITHOUT ANY WARRANTY; without even the implied warranty of +// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +// GNU General Public License for more details. +// +// You should have received a copy of the GNU General Public License +// along with this program. If not, see . + +using System; +using System.Collections; +using System.Collections.Generic; +using System.ComponentModel; +using System.Data; +using System.Drawing; +using System.Drawing.Drawing2D; +using System.Drawing.Imaging; +using System.Linq; +using System.Text; +using System.Windows; +using System.Windows.Forms; +using System.Windows.Forms.VisualStyles; +using GMap.NET; +using GMap.NET.MapProviders; +using GMap.NET.WindowsForms; +using GMap.NET.WindowsForms.Markers; +using GMap.NET.WindowsForms.ToolTips; +using System.IO; +using System.IO.Ports; +using System.Net; +using System.Net.Sockets; +using System.Threading; +using Zeptomoby.OrbitTools; +using System.Globalization; +using System.Runtime.InteropServices; +using System.Reflection; +using System.Configuration; +using WinTest; +using System.Diagnostics; +using AquaControls; +using NDde; +using NDde.Server; +using NDde.Client; +using ScoutBase; +using ScoutBase.Core; +using ScoutBase.Database; +using ScoutBase.Elevation; +using ScoutBase.Stations; +using ScoutBase.Propagation; +using ScoutBase.Maps; +using ScoutBase.CAT; +using SerializableGenerics; +using Ionic.Zip; +using Newtonsoft.Json; +using Newtonsoft.Json.Linq; +using SQLiteDatabase; +using System.Xml; +using System.Xml.Serialization; +using System.Security.Cryptography; +using System.ComponentModel.Composition; +using System.ComponentModel.Composition.Hosting; +using OxyPlot; +using OxyPlot.WindowsForms; +using OxyPlot.Series; +using OxyPlot.Axes; +using System.Data.SQLite; +using DeviceId; +using AirScout.Properties; +using AirScout.Core; +using AirScout.Aircrafts; +using AirScout.PlaneFeeds; +using AirScout.AircraftPositions; +using AirScout.Signals; +using AirScout.PlaneFeeds.Plugin.MEFContract; +using AirScout.CAT; +using System.Security.RightsManagement; + +namespace AirScout +{ + + + public partial class MapDlg : Form + { + + [CategoryAttribute("Directories")] + [DescriptionAttribute("Application Directory")] + public string AppDirectory + { + get + { + return Application.StartupPath.TrimEnd(Path.DirectorySeparatorChar).Replace('\\', Path.DirectorySeparatorChar); + } + } + + [CategoryAttribute("Directories")] + [DescriptionAttribute("Local Application Data Directory")] + public string AppDataDirectory + { + get + { + return Path.Combine(Environment.GetFolderPath(Environment.SpecialFolder.LocalApplicationData), Application.CompanyName, Application.ProductName).TrimEnd(Path.DirectorySeparatorChar); + } + } + + [CategoryAttribute("Directories")] + [DescriptionAttribute("Logfile Directory")] + public string LogDirectory + { + get + { + // get Property + string logdir = Properties.Settings.Default.Log_Directory; + // replace Windows/Linux directory spearator chars + logdir = logdir.Replace('\\', Path.DirectorySeparatorChar); + logdir = logdir.Replace('/', Path.DirectorySeparatorChar); + // set to default value if empty + if (String.IsNullOrEmpty(logdir)) + logdir = "Log"; + // replace variables, if any + logdir = VC.ReplaceAllVars(logdir); + // remove directory separator chars at begin and end + logdir = logdir.TrimStart(Path.DirectorySeparatorChar); + logdir = logdir.TrimEnd(Path.DirectorySeparatorChar); + // fully qualify path + if (!logdir.Contains(Path.VolumeSeparatorChar)) + logdir = Path.Combine(AppDataDirectory, logdir); + return logdir; + } + } + + [CategoryAttribute("Directories")] + [DescriptionAttribute("Tempfile Directory")] + public string TmpDirectory + { + get + { + // get Property + string tmpdir = Properties.Settings.Default.Tmp_Directory; + // replace Windows/Linux directory spearator chars + tmpdir = tmpdir.Replace('\\', Path.DirectorySeparatorChar); + tmpdir = tmpdir.Replace('/', Path.DirectorySeparatorChar); + // set to default value if empty + if (String.IsNullOrEmpty(tmpdir)) + tmpdir = "Tmp"; + // replace variables, if any + tmpdir = VC.ReplaceAllVars(tmpdir); + // remove directory separator chars at begin and end + tmpdir = tmpdir.TrimStart(Path.DirectorySeparatorChar); + tmpdir = tmpdir.TrimEnd(Path.DirectorySeparatorChar); + // fully qualify path + if (!tmpdir.Contains(Path.VolumeSeparatorChar)) + tmpdir = Path.Combine(AppDataDirectory, tmpdir); + return tmpdir; + } + } + + [CategoryAttribute("Directories")] + [DescriptionAttribute("Database Directory")] + public string DatabaseDirectory + { + get + { + // get Property + string databasedir = Properties.Settings.Default.Database_Directory; + // replace Windows/Linux directory spearator chars + databasedir = databasedir.Replace('\\', Path.DirectorySeparatorChar); + databasedir = databasedir.Replace('/', Path.DirectorySeparatorChar); + // set to default value if empty + if (String.IsNullOrEmpty(databasedir)) + databasedir = "Database"; + // replace variables, if any + databasedir = VC.ReplaceAllVars(databasedir); + // remove directory separator chars at begin and end + databasedir = databasedir.TrimStart(Path.DirectorySeparatorChar); + databasedir = databasedir.TrimEnd(Path.DirectorySeparatorChar); + // fully qualify path + if (!databasedir.Contains(Path.VolumeSeparatorChar)) + databasedir = Path.Combine(AppDataDirectory, databasedir); + return databasedir; + } + } + + [CategoryAttribute("Directories")] + [DescriptionAttribute("Icon Directory")] + public string IconDirectory + { + get + { + // get Property + string icondir = Properties.Settings.Default.Icon_Directory; + // replace Windows/Linux directory spearator chars + icondir = icondir.Replace('\\', Path.DirectorySeparatorChar); + icondir = icondir.Replace('/', Path.DirectorySeparatorChar); + // set to default value if empty + if (String.IsNullOrEmpty(icondir)) + icondir = "Icon"; + // replace variables, if any + icondir = VC.ReplaceAllVars(icondir); + // remove directory separator chars at begin and end + icondir = icondir.TrimStart(Path.DirectorySeparatorChar); + icondir = icondir.TrimEnd(Path.DirectorySeparatorChar); + // fully qualify path + if (!icondir.Contains(Path.VolumeSeparatorChar)) + icondir = Path.Combine(AppDataDirectory, icondir); + return icondir; + } + } + + [CategoryAttribute("Directories")] + [DescriptionAttribute("Elevation Directory")] + public string ElevationDirectory + { + get + { + // get Property + string elevationdir = Properties.Settings.Default.Elevation_Directory; + // replace Windows/Linux directory spearator chars + elevationdir = elevationdir.Replace('\\', Path.DirectorySeparatorChar); + elevationdir = elevationdir.Replace('/', Path.DirectorySeparatorChar); + // set to default value if empty + if (String.IsNullOrEmpty(elevationdir)) + elevationdir = "elevation"; + // replace variables, if any + elevationdir = VC.ReplaceAllVars(elevationdir); + // remove directory separator chars at begin and end + elevationdir = elevationdir.TrimStart(Path.DirectorySeparatorChar); + elevationdir = elevationdir.TrimEnd(Path.DirectorySeparatorChar); + // fully qualify path + if (!elevationdir.Contains(Path.VolumeSeparatorChar)) + elevationdir = Path.Combine(AppDataDirectory, elevationdir); + return elevationdir; + } + } + + [CategoryAttribute("Directories")] + [DescriptionAttribute("Plugin Directory")] + public string PluginDirectory + { + get + { + // get Property + string plugindir = Properties.Settings.Default.Plugin_Directory; + // replace Windows/Linux directory spearator chars + plugindir = plugindir.Replace('\\', Path.DirectorySeparatorChar); + plugindir = plugindir.Replace('/', Path.DirectorySeparatorChar); + // set to default value if empty + if (String.IsNullOrEmpty(plugindir)) + plugindir = "plugin"; + // replace variables, if any + plugindir = VC.ReplaceAllVars(plugindir); + // remove directory separator chars at begin and end + plugindir = plugindir.TrimStart(Path.DirectorySeparatorChar); + plugindir = plugindir.TrimEnd(Path.DirectorySeparatorChar); + // fully qualify path + if (!plugindir.Contains(Path.VolumeSeparatorChar)) + plugindir = Path.Combine(AppDataDirectory, plugindir); + return plugindir; + } + } + + [CategoryAttribute("Directories")] + [DescriptionAttribute("Rig Directory")] + public string RigDirectory + { + get + { + // get Property + string rigdir = Properties.Settings.Default.Rig_Directory; + // replace Windows/Linux directory spearator chars + rigdir = rigdir.Replace('\\', Path.DirectorySeparatorChar); + rigdir = rigdir.Replace('/', Path.DirectorySeparatorChar); + // set to default value if empty + if (String.IsNullOrEmpty(rigdir)) + rigdir = "rig"; + // replace variables, if any + rigdir = VC.ReplaceAllVars(rigdir); + // remove directory separator chars at begin and end + rigdir = rigdir.TrimStart(Path.DirectorySeparatorChar); + rigdir = rigdir.TrimEnd(Path.DirectorySeparatorChar); + // fully qualify path + if (!rigdir.Contains(Path.VolumeSeparatorChar)) + rigdir = Path.Combine(AppDataDirectory, rigdir); + return rigdir; + } + } + + [CategoryAttribute("General")] + [DescriptionAttribute("Main Splitter Distance")] + private int MainSplitterDistance + { + get + { + return sc_Main.SplitterDistance; + } + set + { + // check bounds + if ((value > 0) && (value < this.Width)) + sc_Main.SplitterDistance = value; + else + sc_Main.SplitterDistance = this.Width - gb_Map_Info_DefaultWidth; + Console.WriteLine("Setting MainSplitterDistance: " + this.Width + "--->" + sc_Main.SplitterDistance); + } + } + + [CategoryAttribute("General")] + [DescriptionAttribute("Map Splitter Distance")] + private int MapSplitterDistance + { + get + { + return sc_Map.SplitterDistance; + } + set + { + // check bounds + if ((value > 0) && (value < this.Height)) + sc_Map.SplitterDistance = value; + else + sc_Map.SplitterDistance = this.Height - tc_Main_DefaultHeight; + Console.WriteLine("Setting MapSplitterDistance: " + this.Height + "--->" + sc_Map.SplitterDistance); + } + } + + [ImportMany(AllowRecomposition = true)] // This is a signal to the MEF framework to load all matching exported assemblies. + public List> LazyPlaneFeedPlugins = new List>(); + public List PlaneFeedPlugins = new List(); + + // Default colors + private readonly new Color DefaultBackColor = SystemColors.Control; + private readonly new Color DefaultForeColor = Color.Black; + + // Log + public static LogWriter Log; + + public VarConverter VC = new VarConverter(); + + private int cntdn = 0; + + DateTime CurrentTime = DateTime.UtcNow; + + // FlightRadar + PlaneInfoCache Planes = new PlaneInfoCache(); + SortedList ActivePlanes = new SortedList(); + private DateTime History_OldestEntry = DateTime.MinValue; + private DateTime History_YoungestEntry = DateTime.MinValue; + private List SelectedPlanes = new List(); + + // Path + public List ElevationPaths = new List(); + public List PropagationPaths = new List(); + + // Map + // Overlays + GMapOverlay gmo_Routes = new GMapOverlay("Routes"); + GMapOverlay gmo_PropagationPaths = new GMapOverlay("PropagationPaths"); + GMapOverlay gmo_Objects = new GMapOverlay("Objects"); + GMapOverlay gmo_Planes = new GMapOverlay("Planes"); + GMapOverlay gmo_Airports = new GMapOverlay("Airports"); + GMapOverlay gmo_Callsigns = new GMapOverlay("Callsigns"); + GMapOverlay gmo_NearestPaths = new GMapOverlay("PropagationPaths"); + GMapOverlay gmo_NearestPlanes = new GMapOverlay("Planes"); + GMapOverlay gmo_Locators = new GMapOverlay("Locators"); + GMapOverlay gmo_Distances = new GMapOverlay("Distances"); + GMapOverlay gmo_CallsignDetails = new GMapOverlay("CallsignDetails"); + + // Routes + GMapRoute gmr_FullPath; + GMapRoute gmr_VisiblePpath; + GMapRoute gmr_NearestFull; + GMapRoute gmr_NearestVisible; + + // Markers + GMapMarker gmm_MyLoc; + GMapMarker gmm_DXLoc; + GMapMarker gmm_CurrentMarker; + + // Bitmap indices + private int bmindex_darkorange; + private int bmindex_lightgreen; + private int bmindex_red; + private int bmindex_gray; + private int bmindex_magenta; + + // Tooltip font + public Font ToolTipFont; + + // dragging + bool isDraggingMarker = false; + bool isDraggingMap = false; + + // Default width of right info box (get on startup as set in Designer) + int gb_Map_Info_DefaultWidth = 0; + + // Default height of bottom tab control (get on startup as set in Designer) + int tc_Main_DefaultHeight = 0; + + int gb_Map_Info_MaximizedHeight = 0; + int gb_Map_Zoom_MaximizedHeight = 0; + int gb_Map_Filter_MaximizedHeigth = 0; + int gb_Map_Alarms_MaximizedHeight = 0; + int gb_Map_Info_MinimizedHeight = 0; + int gb_Map_Zoom_MinimizedHeight = 0; + int gb_Map_Filter_MinimizedHeigth = 0; + int gb_Map_Alarms_MinimizedHeight = 0; + + // Plane feeds + public PlaneFeed bw_PlaneFeed1; + public PlaneFeed bw_PlaneFeed2; + public PlaneFeed bw_PlaneFeed3; + + // Startup + private bool FirstRun = true; + private bool CleanRun = false; + + private Splash SplashDlg; + + // Background workers + public ElevationDatabaseUpdater bw_GLOBEUpdater = new ElevationDatabaseUpdater(); + public ElevationDatabaseUpdater bw_SRTM3Updater = new ElevationDatabaseUpdater(); + public ElevationDatabaseUpdater bw_SRTM1Updater = new ElevationDatabaseUpdater(); + public ElevationDatabaseUpdater bw_ASTER3Updater = new ElevationDatabaseUpdater(); + public ElevationDatabaseUpdater bw_ASTER1Updater = new ElevationDatabaseUpdater(); + + public StationDatabaseUpdater bw_StationDatabaseUpdater = new StationDatabaseUpdater(); + public AircraftDatabaseUpdater bw_AircraftDatabaseUpdater = new AircraftDatabaseUpdater(); + + public AircraftPositionDatabaseMaintainer bw_AircraftDatabaseMaintainer = new AircraftPositionDatabaseMaintainer(); + + public PathCalculator bw_GLOBEPathCalculator = new PathCalculator(ELEVATIONMODEL.GLOBE); + public PathCalculator bw_SRTM3PathCalculator = new PathCalculator(ELEVATIONMODEL.SRTM3); + public PathCalculator bw_SRTM1PathCalculator = new PathCalculator(ELEVATIONMODEL.SRTM1); + public PathCalculator bw_ASTER3PathCalculator = new PathCalculator(ELEVATIONMODEL.ASTER3); + public PathCalculator bw_ASTER1PathCalculator = new PathCalculator(ELEVATIONMODEL.ASTER1); + + public CATUpdater bw_CATUpdater = new CATUpdater(); + public CATWorker bw_CAT = new CATWorker(); + + public MapPreloader bw_MapPreloader = new MapPreloader(); + + // Operating modes + AIRSCOUTPATHMODE PathMode = AIRSCOUTPATHMODE.NONE; + AIRSCOUTLIFEMODE LifeMode = AIRSCOUTLIFEMODE.NONE; + AIRSCOUTPLAYMODE PlayMode = AIRSCOUTPLAYMODE.NONE; + + private int Time_Offline_Interval = 0; + + // Charting + + // path chart + PlotModel pm_Path = new PlotModel(); + PlotView pv_Path = new PlotView(); + LinearAxis Path_X = new LinearAxis(); + LinearAxis Path_Y = new LinearAxis(); + AreaSeries Path_Elevation = new AreaSeries(); + LineSeries Min_H1 = new LineSeries(); + LineSeries Min_H2 = new LineSeries(); + LineSeries Max_H = new LineSeries(); + AreaSeries Min_H = new AreaSeries(); + LineSeries Planes_Hi = new LineSeries(); + LineSeries Planes_Lo = new LineSeries(); + + // elevation chart + PlotModel pm_Elevation = new PlotModel(); + PlotView pv_Elevation = new PlotView(); + LinearAxis Elevation_X = new LinearAxis(); + LinearAxis Elevation_Y = new LinearAxis(); + AreaSeries Elevation = new AreaSeries(); + LineSeries LOS = new LineSeries(); + + // spectrum chart + PlotModel pm_Spectrum = new PlotModel(); + PlotView pv_Spectrum = new PlotView(); + LinearAxis Spectrum_X = new LinearAxis(); + LinearAxis Spectrum_Y = new LinearAxis(); + LineSeries Spectrum = new LineSeries(); + AreaSeries SpectrumRecord = new AreaSeries(); + int SpectrumPointsCount = 0; + int SpectrumMaxPoints = 600; + + // Webbrowser + private System.Windows.Forms.WebBrowser wb_News = null; + + CultureInfo LocalCulture; + + // Watchlist control + private bool WatchlistUpdating = false; + private bool WatchlistAllCheckedChanging = false; + bool WatchlistAllChecked = false; + CheckBoxState WatchlistAllCheckedState = CheckBoxState.UncheckedNormal; + System.Drawing.Point WatchlistOldMousePos = new System.Drawing.Point(0, 0); + + // Analysis + private List AllLastUpdated = new List(); + private List AllPositions = new List(); + private long AircraftPositionsCount = 0; + + // Nearest plane + private PlaneInfo NearestPlane = null; + + // Airports + private List Airports = new List(); + + // Session key + public string SessionKey = ""; + + // CAT + public IRig ConnectedRig = null; + public RIGSTATUS RigStatus = RIGSTATUS.NONE; + + + // Tracking & rotator control + AIRSCOUTTRACKMODE TrackMode = AIRSCOUTTRACKMODE.NONE; + TRACKSTATUS TrackStatus = TRACKSTATUS.NONE; + ROTSTATUS RotStatus = ROTSTATUS.NONE; + TrackValues TrackValues = null; + + // Gauges display + public Color GaugesColor = Color.Black; + public Font TrackDisplayFont = new Font("Courier New", 16, FontStyle.Bold); + + // Location grid updating + public bool UpdateLocationGrid = false; + + #region Startup & Initialization + + public MapDlg() + { + // save current local LocalCulture + LocalCulture = Application.CurrentCulture; + + // force culture invariant language for GUI + Application.CurrentCulture = CultureInfo.InvariantCulture; + + // set security protocol to TLS1.2 globally + // this will work even on .NET 4.0 for most operating systems > Windows XP + ServicePointManager.SecurityProtocol = (SecurityProtocolType)3072; //TLS 1.2 + + InitializeComponent(); + + // Running on Windows or Linux/Mono? + if (SupportFunctions.IsMono) + { + Console.WriteLine("Checking system: Running on Linux/Mono."); + } + else + { + Console.WriteLine("Checking system: Running on Windows."); + } + // do basic initialization + this.Text = "AirScout - Aircraft Scatter Prediction V" + Application.ProductVersion + " (c) 2013-2020 DL2ALF"; + + // create a new renderer wich is clipping the status text on overflow + ss_Main.Renderer = new ClippingToolStripRenderer(); + + // initialize settings + InitializeSettings(); + + // initialize charting + InitializeCharts(); + + // Initilialize Webbrowser + InitializeWebbrowser(); + + // check for command line args + string[] args = Environment.GetCommandLineArgs(); + if ((args != null) && (args.Count() > 1)) + { + // try to clean installation & database + if ((args[1].ToUpper() == "/CLEAN") || + (args[1].ToUpper() == "-CLEAN")) + { + CleanupDlg Dlg = new CleanupDlg(this); + DialogResult result = Dlg.ShowDialog(); + // exit immediately if user closes the form without pressing a button + if (result == DialogResult.Abort) + System.Environment.Exit(-1); + if (result == DialogResult.OK) + { + // re-initialize settings as they can be lost during clean-up + InitializeSettings(); + // set a clean run flag + CleanRun = true; + } + } + } + // set elevation database update event handler + bw_GLOBEUpdater.ProgressChanged += new ProgressChangedEventHandler(bw_ElevationDatabaseUpdater_ProgressChanged); + bw_SRTM3Updater.ProgressChanged += new ProgressChangedEventHandler(bw_ElevationDatabaseUpdater_ProgressChanged); + bw_SRTM1Updater.ProgressChanged += new ProgressChangedEventHandler(bw_ElevationDatabaseUpdater_ProgressChanged); + bw_ASTER3Updater.ProgressChanged += new ProgressChangedEventHandler(bw_ElevationDatabaseUpdater_ProgressChanged); + bw_ASTER1Updater.ProgressChanged += new ProgressChangedEventHandler(bw_ElevationDatabaseUpdater_ProgressChanged); + + // set station database updater event handler + bw_StationDatabaseUpdater.ProgressChanged += new ProgressChangedEventHandler(bw_StationDatabaseUpdater_ProgressChanged); + bw_StationDatabaseUpdater.RunWorkerCompleted += new RunWorkerCompletedEventHandler(bw_StationDatabaseUpdater_RunWorkerCompleted); + + // set aircraft database updater event handler + bw_AircraftDatabaseUpdater.ProgressChanged += new ProgressChangedEventHandler(bw_AircraftDatabaseUpdater_ProgressChanged); + bw_AircraftDatabaseUpdater.RunWorkerCompleted += new RunWorkerCompletedEventHandler(bw_AircraftDatabaseUpdater_RunWorkerCompleted); + + // set aircraft database maintainer event handler + bw_AircraftDatabaseMaintainer.ProgressChanged += new ProgressChangedEventHandler(bw_AircraftDatabaseMaintainer_ProgressChanged); + bw_AircraftDatabaseMaintainer.RunWorkerCompleted += new RunWorkerCompletedEventHandler(bw_AircraftDatabaseMaintainer_RunWorkerCompleted); + + // set elevation path calculator event handler + bw_GLOBEPathCalculator.ProgressChanged += new ProgressChangedEventHandler(bw_ElevationPathCalculator_ProgressChanged); + bw_SRTM3PathCalculator.ProgressChanged += new ProgressChangedEventHandler(bw_ElevationPathCalculator_ProgressChanged); + bw_SRTM1PathCalculator.ProgressChanged += new ProgressChangedEventHandler(bw_ElevationPathCalculator_ProgressChanged); + bw_ASTER3PathCalculator.ProgressChanged += new ProgressChangedEventHandler(bw_ElevationPathCalculator_ProgressChanged); + bw_ASTER1PathCalculator.ProgressChanged += new ProgressChangedEventHandler(bw_ElevationPathCalculator_ProgressChanged); + + // set map preloader event handler + bw_MapPreloader.ProgressChanged += new ProgressChangedEventHandler(bw_MapPreloader_ProgressChanged); + + // CAT updater event handler + bw_CATUpdater.ProgressChanged += bw_CATUpdater_ProgressChanged; + + // CAT interface event handler + bw_CAT.ProgressChanged += new ProgressChangedEventHandler(bw_CAT_ProgressChanged); + + // save FirstRun property before trying to upgrade user settings + FirstRun = Properties.Settings.Default.FirstRun; + } + + string DecryptStringFromBytesAes(byte[] cipherText, byte[] key, byte[] iv) + { + // Check arguments. + if (cipherText == null || cipherText.Length <= 0) + throw new ArgumentNullException("cipherText"); + if (key == null || key.Length <= 0) + throw new ArgumentNullException("key"); + if (iv == null || iv.Length <= 0) + throw new ArgumentNullException("iv"); + + // Declare the RijndaelManaged object + // used to decrypt the data. + RijndaelManaged aesAlg = null; + + // Declare the string used to hold + // the decrypted text. + string plaintext; + + // Create a RijndaelManaged object + // with the specified key and IV. + aesAlg = new RijndaelManaged { Mode = CipherMode.CBC, Padding = PaddingMode.None, KeySize = 256, BlockSize = 128, Key = key, IV = iv }; + + // Create a decrytor to perform the stream transform. + ICryptoTransform decryptor = aesAlg.CreateDecryptor(aesAlg.Key, aesAlg.IV); + // Create the streams used for decryption. + using (MemoryStream msDecrypt = new MemoryStream(cipherText)) + { + using (CryptoStream csDecrypt = new CryptoStream(msDecrypt, decryptor, CryptoStreamMode.Read)) + { + using (StreamReader srDecrypt = new StreamReader(csDecrypt)) + { + // Read the decrypted bytes from the decrypting stream + // and place them in a string. + plaintext = srDecrypt.ReadToEnd(); + srDecrypt.Close(); + } + } + } + + return plaintext; + } + + private string OpenSSLDecrypt(string encrypted, string passphrase) + { + //get the key bytes (not sure if UTF8 or ASCII should be used here doesn't matter if no extended chars in passphrase) + var key = Encoding.UTF8.GetBytes(passphrase); + + //pad key out to 32 bytes (256bits) if its too short + if (key.Length < 32) + { + var paddedkey = new byte[32]; + Buffer.BlockCopy(key, 0, paddedkey, 0, key.Length); + key = paddedkey; + } + + //setup an empty iv + var iv = new byte[16]; + + //get the encrypted data and decrypt + byte[] encryptedBytes = Convert.FromBase64String(encrypted); + return DecryptStringFromBytesAes(encryptedBytes, key, iv); + } + + public void InitializeSession() + { + // register this AirScout instance + try + { + WebClient client; + string result; + Log.WriteMessage("Registering AirScout: Creating Instance ID"); + // check AirScout instance id and generate new if not set + if (String.IsNullOrEmpty(Properties.Settings.Default.AirScout_Instance_ID)) + { + Properties.Settings.Default.AirScout_Instance_ID = Guid.NewGuid().ToString(); + } + Log.WriteMessage("Registering AirScout: Creating Device ID"); + // create an unique device id + DeviceIdBuilder devid = new DeviceIdBuilder(); + Log.WriteMessage("Registering AirScout: Creating Device ID [MachineName]:" + devid.AddMachineName().ToString()); + // not supported on Mono + if (!SupportFunctions.IsMono) + { + Log.WriteMessage("Registering AirScout: Creating Device ID [MACAddress]:" + devid.AddMacAddress().ToString()); + Log.WriteMessage("Registering AirScout: Creating Device ID [Processor]:" + devid.AddProcessorId().ToString()); + Log.WriteMessage("Registering AirScout: Creating Device ID [Motherboard]:" + devid.AddMotherboardSerialNumber().ToString()); + } + // store in settings if not set so far + if (String.IsNullOrEmpty(Properties.Settings.Default.AirScout_Device_ID) || (devid.ToString() != Properties.Settings.Default.AirScout_Device_ID)) + { + // not set or not the same, assuming AirScout is running on a new machine --> create a new instance id + Properties.Settings.Default.AirScout_Instance_ID = Guid.NewGuid().ToString(); + } + // store device id in settings + Properties.Settings.Default.AirScout_Device_ID = devid.ToString(); + Log.WriteMessage("Registering AirScout: Getting Session Key"); + // get new session key + client = new WebClient(); + string id = Properties.Settings.Default.AirScout_Instance_ID; + result = client.DownloadString(Properties.Settings.Default.AirScout_Register_URL + + "?id=" + Properties.Settings.Default.AirScout_Instance_ID + + "&mycall=" + Properties.Settings.Default.MyCall + + "&mylat=" + Properties.Settings.Default.MyLat.ToString() + + "&mylon=" + Properties.Settings.Default.MyLon.ToString() + + "&myversion=" + Application.ProductVersion); + if (!result.ToLower().Contains("error")) + { + SessionKey = Encryption.OpenSSLDecrypt(result, Properties.Settings.Default.AirScout_Instance_ID); + } + else + { + Log.WriteMessage("Error while registering AirScout: " + result); + MessageBox.Show(result + "\n\nSome functionality might be limited.", "Error while registering AirScout"); + } + } + catch (Exception ex) + { + Log.WriteMessage("Error while registering AirScout: " + ex.ToString()); + MessageBox.Show(ex.Message + "\n\nSome functionality might be limited.", "Error while registering AirScout"); + } + Log.WriteMessage("Registering AirScout successful."); + } + + public void CheckDirectories() + { + // check if directories exist + if (!Directory.Exists(TmpDirectory)) + Directory.CreateDirectory(TmpDirectory); + if (!Directory.Exists(LogDirectory)) + Directory.CreateDirectory(LogDirectory); + if (!Directory.Exists(IconDirectory)) + Directory.CreateDirectory(IconDirectory); + if (!Directory.Exists(DatabaseDirectory)) + Directory.CreateDirectory(DatabaseDirectory); + if (!Directory.Exists(ElevationDirectory)) + Directory.CreateDirectory(ElevationDirectory); + if (!Directory.Exists(PluginDirectory)) + Directory.CreateDirectory(PluginDirectory); + if (!Directory.Exists(RigDirectory)) + Directory.CreateDirectory(RigDirectory); + } + + private void CopyPluginWithPDB(string src, string dst) + { + try + { + // copy plugin itself + if (File.Exists(src)) + File.Copy(src, dst, true); + // copy symbol file for debug, if any + src = src.Replace(".dll", ".pdb"); + dst = dst.Replace(".dll", ".pdb"); + if (File.Exists(src)) + File.Copy(src, dst, true); + } + catch (Exception ex) + { + Log.WriteMessage(ex.ToString(), LogLevel.Error); + } + } + + public void CopyPlugins(string srcdir, string dstdir, string filespec) + { + // move the planefeed plugins from program directory to the plugins directory but only if they not exist + // otherwise do version check + string[] srcplugins = Directory.GetFiles(srcdir, filespec); + foreach (string srcplugin in srcplugins) + { + try + { + string filename = Path.GetFileName(srcplugin); + string srcversion = FileVersionInfo.GetVersionInfo(srcplugin).FileVersion; + DateTime srctime = File.GetLastWriteTimeUtc(srcplugin); + // calculate destination file name + string dstplugin = dstdir + Path.DirectorySeparatorChar + filename; + if (!File.Exists(dstplugin)) + { + // copy file if not exists + CopyPluginWithPDB(srcplugin, dstplugin); + Log.WriteMessage("Plugin Manager: Copied plugin " + filename + "[" + srcversion + "]."); + } + else + { + // do version check + string dstversion = FileVersionInfo.GetVersionInfo(dstplugin).FileVersion; + DateTime dsttime = File.GetLastWriteTimeUtc(dstplugin); + if (srcversion.CompareTo(dstversion) > 0) + { + // overwrite dstfile if newer version + CopyPluginWithPDB(srcplugin, dstplugin); + Log.WriteMessage("Plugin Manager: Replaced plugin " + filename + "[" + dstversion + "] with newer version [" + srcversion + "]."); + } + else if (srcversion.CompareTo(dstversion) == 0) + { + if (srctime > dsttime) + { + // overwrite dstfile if same version but newer + CopyPluginWithPDB(srcplugin, dstplugin); + Log.WriteMessage("Plugin Manager: Replaced plugin " + filename + "[" + dsttime.ToString("yyyy-MM-dd HH:mm:ss") + "] with newer file [" + srctime.ToString("yyyy-MM-dd HH:mm:ss") + "]."); + } + } + + } + } + catch (Exception ex) + { + Log.WriteMessage(ex.ToString(), LogLevel.Error); + } + } + } + + private void LoadPlugins() + { + // chek for planefeed plugins + Log.WriteMessage("Loading plugins..."); + // get major&minor version + string mainversion = Assembly.GetExecutingAssembly().GetName().Version.ToString().Split('.')[0] + "." + Assembly.GetExecutingAssembly().GetName().Version.ToString().Split('.')[1]; + string filespec = "AirScout.PlaneFeeds.Plugin.*.dll"; + + // first copy plugins from application directory to plugin directory if they not exist or newer + CopyPlugins(Path.Combine(AppDirectory,"Plugin"), PluginDirectory, filespec); + + // check for new plugins on the web resource + try + { + // clear temporary files + try + { + SupportFunctions.DeleteFilesFromDirectory(TmpDirectory, new string[] { "*.tmp", "*.PendingOverwrite" }); + SupportFunctions.DeleteFilesFromDirectory(TmpDirectory, filespec); + } + catch (Exception ex) + { + Log.WriteMessage(ex.ToString(), LogLevel.Error); + } + // calculate url + string url = Properties.Settings.Default.Plugins_Update_URL + "/" + mainversion + "/" + "planefeeds.zip"; + string filename = Path.Combine(TmpDirectory, "planefeeds.zip"); + // get zip file + AutoDecompressionWebClient cl = new AutoDecompressionWebClient(); + DOWNLOADFILESTATUS status = cl.DownloadFileIfNewer(url, filename, true, true); + if (((status & DOWNLOADFILESTATUS.ERROR) > 0) && ((status & DOWNLOADFILESTATUS.NOTFOUND) > 0)) + { + Log.WriteMessage("PluginManager: checking plugins --> nothing found on web or error while downloading."); + } + else if (((status & DOWNLOADFILESTATUS.NEWER) > 0) || ((status & DOWNLOADFILESTATUS.NOTNEWER) > 0)) + { + // update files with web resource if newer + // copy plugins from application directory to plugin directory + CopyPlugins(TmpDirectory, PluginDirectory, filespec); + } + } + catch (Exception ex) + { + Log.WriteMessage(ex.ToString(), LogLevel.Error); + } + + // load available plugins, we need a robust algorithm here! + // error while composing a single plugin or error during call to plugin constructor must not affect loading of other plugins! + // furthermore: DirectoryCatalog does not work on Linux when plugins are placed in other directory than program's main directory + // solution --> + // try to compose each single plugin first and collect "clean" plugins in a container for error-free composing with Lazy + // after that, try to call each plugin's constructor and collect "clean" plugins in a separate list for further use + try + { + List catalog = new List(); + CompositionContainer tmpcontainer = null; + foreach (string plfile in Directory.GetFiles(PluginDirectory, filespec, SearchOption.AllDirectories)) + { + try + { + // try to import a single plugin + var tmpcatalog = new AssemblyCatalog(System.Reflection.Assembly.UnsafeLoadFrom(plfile)); + tmpcontainer = new CompositionContainer(tmpcatalog); + tmpcontainer.ComposeParts(this); + // add to main catalog only when composition was OK + tmpcontainer.Dispose(); + catalog.Add(tmpcatalog); + } + catch (Exception ex) + { + if (ex.GetType() == typeof(ReflectionTypeLoadException)) + { + foreach (Exception le in ((ReflectionTypeLoadException)ex).LoaderExceptions) + { + Log.WriteMessage("Error while loading plugin[" + plfile + "]: " + le.ToString(), LogLevel.Error); + } + } + else + { + Log.WriteMessage("Error while loading plugin[" + plfile + "]: " + ex.ToString(), LogLevel.Error); + } + } + } + // catalog should cointain only "clean" plugins so composing all parts should be possible without errors + var container = new CompositionContainer(new AggregateCatalog(catalog)); + container.ComposeParts(this); + foreach (Lazy lazyplugin in LazyPlaneFeedPlugins) + { + try + { + // try to call plaugin constructor and add the value to Planefeeds list + // 2022_04_24 check plugin version against program version: do not load older plugins + var plugin = lazyplugin.Value; + if (plugin != null) + { + if (plugin.Version.StartsWith(mainversion)) + { + PlaneFeedPlugins.Add(plugin); + } + } + } + catch (Exception ex) + { + Log.WriteMessage("Error while loading plugin: " + ex.ToString(), LogLevel.Error); + } + } + } + catch (Exception ex) + { + Log.WriteMessage(ex.ToString(), LogLevel.Error); + } + Log.WriteMessage("Loading plugins successful."); + } + + /// + /// Returns the default value of a property + /// + /// The property name. + /// The property value. + public static dynamic GetPropertyDefaultValue(string propertyname) + { + SettingsProperty prop = Properties.Settings.Default.Properties[propertyname]; + if (prop == null) + return null; + + object def = prop.DefaultValue; + if (def == null) + return null; + + Type t = Properties.Settings.Default.Properties[propertyname].PropertyType; + if (t == null) + return null; + + try + { + TypeConverter tc = TypeDescriptor.GetConverter(t); + object value = tc.ConvertFromString(null, CultureInfo.InvariantCulture, (string)def); + + return value; + } + catch (Exception ex) + { + + } + + return null; + /* + string p = prop.DefaultValue.ToString(); + Type t = Properties.Settings.Default.Properties[propertyname].PropertyType; + return Convert.ChangeType(p, t); + */ + + } + + private string QualifyDatabaseDirectory(string databasedir) + { + // replace Windows/Linux directory spearator chars + databasedir = databasedir.Replace('\\', Path.DirectorySeparatorChar); + databasedir = databasedir.Replace('/', Path.DirectorySeparatorChar); + // replace variables, if any + databasedir = VC.ReplaceAllVars(databasedir); + // remove directory separator chars at begin and end + databasedir = databasedir.TrimStart(Path.DirectorySeparatorChar); + databasedir = databasedir.TrimEnd(Path.DirectorySeparatorChar); + // fully qualify path + if (!databasedir.Contains(Path.VolumeSeparatorChar)) + databasedir = Path.Combine(Environment.GetFolderPath(Environment.SpecialFolder.LocalApplicationData), databasedir); + return databasedir; + } + + private void InitializeSettings() + { + + // Load user settings + LoadUserSettings(); + + // check for invalid settings + // check if band is BNONE --> set to 1.2G + if (Properties.Settings.Default.Band == BAND.BNONE) + Properties.Settings.Default.Band = BAND.B1_2G; + // chekc if band settings are NULL --> set to default + if (Properties.Settings.Default.Path_Band_Settings == null) + Properties.Settings.Default.Path_Band_Settings = new BandSettings(true); + // check if watchlist in null --> create new + if (Properties.Settings.Default.Watchlist == null) + Properties.Settings.Default.Watchlist = new Watchlist(); + string location = StationData.Database.GetDBLocation(); + // check calls + if (String.IsNullOrEmpty(Properties.Settings.Default.MyCall)) + Properties.Settings.Default.MyCall = GetPropertyDefaultValue(nameof(Properties.Settings.Default.MyCall)); + if (String.IsNullOrEmpty(Properties.Settings.Default.DXCall)) + Properties.Settings.Default.DXCall = GetPropertyDefaultValue(nameof(Properties.Settings.Default.DXCall)); + // check lat/lon + if (!GeographicalPoint.Check(Properties.Settings.Default.MyLat, Properties.Settings.Default.MyLon)) + { + Properties.Settings.Default.MyLat = GetPropertyDefaultValue(nameof(Properties.Settings.Default.MyLat)); + Properties.Settings.Default.MyLon = GetPropertyDefaultValue(nameof(Properties.Settings.Default.MyLon)); + UpdateLocation(Properties.Settings.Default.MyCall, Properties.Settings.Default.MyLat, Properties.Settings.Default.MyLon, GEOSOURCE.FROMUSER); + } + if (!GeographicalPoint.Check(Properties.Settings.Default.DXLat, Properties.Settings.Default.DXLon)) + { + Properties.Settings.Default.DXLat = GetPropertyDefaultValue(nameof(Properties.Settings.Default.DXLat)); + Properties.Settings.Default.DXLon = GetPropertyDefaultValue(nameof(Properties.Settings.Default.DXLon)); + UpdateLocation(Properties.Settings.Default.DXCall, Properties.Settings.Default.DXLat, Properties.Settings.Default.DXLon, GEOSOURCE.FROMUSER); + } + // set current elevation model + SetElevationModel(); + // set antenna height to 10m be default + Properties.Settings.Default.MyHeight = 10; + Properties.Settings.Default.DXHeight = 10; + + // check database directory settings + Properties.Settings.Default.AircraftDatabase_Directory = QualifyDatabaseDirectory(Properties.Settings.Default.AircraftDatabase_Directory); + Properties.Settings.Default.StationsDatabase_Directory = QualifyDatabaseDirectory(Properties.Settings.Default.StationsDatabase_Directory); + Properties.Settings.Default.ElevationDatabase_Directory = QualifyDatabaseDirectory(Properties.Settings.Default.StationsDatabase_Directory); + Properties.Settings.Default.PropagationDatabase_Directory = QualifyDatabaseDirectory(Properties.Settings.Default.PropagationDatabase_Directory); + } + + private void DumpSettingsToLog(string name, SettingsPropertyValueCollection settings) + { + Log.WriteMessage("Checking properties..."); + // check for empty MyCalls list + if (Properties.Settings.Default.MyCalls == null) + { + Properties.Settings.Default.MyCalls = new List(); + Properties.Settings.Default.MyCalls.Add("DL2ALF"); + } + if (Properties.Settings.Default.MyCalls.Count == 0) + Properties.Settings.Default.MyCalls.Add("DL2ALF"); + // checking window size & location + Rectangle bounds = Screen.FromControl(this).Bounds; + if ((Properties.Settings.Default.General_WindowLocation.X < bounds.Left) || + (Properties.Settings.Default.General_WindowLocation.Y < bounds.Top) || + (Properties.Settings.Default.General_WindowLocation.X > bounds.Right) || + (Properties.Settings.Default.General_WindowLocation.Y > bounds.Bottom)) + { + Properties.Settings.Default.General_WindowLocation = new System.Drawing.Point(bounds.Left, bounds.Top); + } + if ((Properties.Settings.Default.General_WindowSize.Width > bounds.Width) || + (Properties.Settings.Default.General_WindowSize.Height > bounds.Height)) + { + Properties.Settings.Default.General_WindowSize = new System.Drawing.Size(bounds.Width, bounds.Height); + } + // list all properties in log + foreach (SettingsPropertyValue p in Properties.Settings.Default.PropertyValues) + { + if ((p != null) && (p.Name != null)) + { + string value = p.PropertyValue != null ? p.PropertyValue.ToString() : "[null]"; + Log.WriteMessage("Checking property " + p.Name + " = " + value); + } + } + /* + // check URLs for trailing separator + if (!Properties.Settings.Default.Elevation_GLOBE_URL.EndsWith("/")) + Properties.Settings.Default.Elevation_GLOBE_URL = Properties.Settings.Default.Elevation_GLOBE_URL + "/"; + if (!Properties.Settings.Default.Elevation_SRTM3_URL.EndsWith("/")) + Properties.Settings.Default.Elevation_SRTM3_URL = Properties.Settings.Default.Elevation_SRTM3_URL + "/"; + if (!Properties.Settings.Default.Elevation_SRTM1_URL.EndsWith("/")) + Properties.Settings.Default.Elevation_SRTM1_URL = Properties.Settings.Default.Elevation_SRTM1_URL + "/"; + if (!Properties.Settings.Default.StationDatabase_Update_URL.EndsWith("/")) + Properties.Settings.Default.StationDatabase_Update_URL = Properties.Settings.Default.StationDatabase_Update_URL + "/"; + */ + // check for last saved stations not in database and revert to at least DL2ALF and GB3MHZ if necessary + // first check for saved stations + string mycall = Properties.Settings.Default.MyCall; + double mylat = Properties.Settings.Default.MyLat; + double mylon = Properties.Settings.Default.MyLon; + string myloc = MaidenheadLocator.LocFromLatLon(mylat, mylon, Properties.Settings.Default.Locator_SmallLettersForSubsquares, 3); + LocationDesignator ld = StationData.Database.LocationFind(mycall, myloc); + if (ld == null) + { + mycall = GetPropertyDefaultValue(nameof(Properties.Settings.Default.MyCall)); + mylat = GetPropertyDefaultValue(nameof(Properties.Settings.Default.MyLat)); + mylon = GetPropertyDefaultValue(nameof(Properties.Settings.Default.MyLon)); + myloc = MaidenheadLocator.LocFromLatLon(mylat, mylon, Properties.Settings.Default.Locator_SmallLettersForSubsquares, 3); + UpdateLocation(mycall, mylat, mylon, GEOSOURCE.FROMUSER); + Properties.Settings.Default.MyCall = mycall; + Properties.Settings.Default.MyLat = mylat; + Properties.Settings.Default.MyLon = mylon; + } + string dxcall = Properties.Settings.Default.DXCall; + double dxlat = Properties.Settings.Default.DXLat; + double dxlon = Properties.Settings.Default.DXLon; + string dxloc = MaidenheadLocator.LocFromLatLon(dxlat, dxlon, Properties.Settings.Default.Locator_SmallLettersForSubsquares, 3); + ld = StationData.Database.LocationFind(dxcall, dxloc); + if (ld == null) + { + dxcall = GetPropertyDefaultValue(nameof(Properties.Settings.Default.DXCall)); + dxlat = GetPropertyDefaultValue(nameof(Properties.Settings.Default.DXLat)); + dxlon = GetPropertyDefaultValue(nameof(Properties.Settings.Default.DXLon)); + dxloc = MaidenheadLocator.LocFromLatLon(dxlat, dxlon, Properties.Settings.Default.Locator_SmallLettersForSubsquares, 3); + UpdateLocation(dxcall, dxlat, dxlon, GEOSOURCE.FROMUSER); + Properties.Settings.Default.DXCall = dxcall; + Properties.Settings.Default.DXLat = dxlat; + Properties.Settings.Default.DXLon = dxlon; + } + Log.WriteMessage("Checking properties finished..."); + } + + private void CheckInternet() + { + // check internet connectivity + try + { + using (var client = new WebClient()) + { + string url = Properties.Settings.Default.Connectivity_URL; + using (var stream = client.OpenRead(url)) + { + } + } + } + catch + { + MessageBox.Show("Could not find an internet connection.\nThis is required on first run.\nAirScout will close.", "Internet connectivity"); + this.Close(); + } + } + + private void InitializeLogfile() + { + // set directories and formats for logfile + ScoutBase.Core.Properties.Settings.Default.LogWriter_Directory = LogDirectory; + ScoutBase.Core.Properties.Settings.Default.LogWriter_FileFormat = "AirScout_{0:yyyy_MM_dd}.log"; + ScoutBase.Core.Properties.Settings.Default.LogWriter_MessageFormat = "{0:u} {1}"; + // gets an instance of a LogWriter + Log = LogWriter.Instance; + Log.WriteMessage("-------------------------------------------------------------------------------------"); + Log.WriteMessage(Application.ProductName + " is starting up.", 0, false); + Log.WriteMessage("-------------------------------------------------------------------------------------"); + Log.WriteMessage("Operating system : " + Environment.OSVersion.Platform); + Log.WriteMessage("OS Major version : " + Environment.OSVersion.Version.Major); + Log.WriteMessage("OS Minor version : " + Environment.OSVersion.Version.Minor); + Log.WriteMessage("Application directory : " + AppDirectory); + Log.WriteMessage("Application data directory: " + AppDataDirectory); + Log.WriteMessage("Log directory : " + LogDirectory); + Log.WriteMessage("Temp directory : " + TmpDirectory); + Log.WriteMessage("Database directory : " + DatabaseDirectory); + Log.WriteMessage("Elevation directory : " + ElevationDirectory); + Log.WriteMessage("Plugin directory : " + PluginDirectory); + Log.WriteMessage("Rig directory : " + RigDirectory); + Log.WriteMessage("Application settings file : " + AppDomain.CurrentDomain.SetupInformation.ConfigurationFile); + Log.WriteMessage("User settings file : " + GetUserSettingsPath()); + Log.WriteMessage("Disk space available : " + SupportFunctions.GetDriveAvailableFreeSpace(Path.GetPathRoot(AppDataDirectory)) / 1024 / 1024 + " MB"); + Log.WriteMessage("-------------------------------------------------------------------------------------"); + } + + private void InitializeDatabase() + { + Log.WriteMessage("Started."); + SetElevationModel(); + // reset database status + Properties.Settings.Default.Elevation_GLOBE_DatabaseStatus = DATABASESTATUS.UNDEFINED; + Properties.Settings.Default.Elevation_SRTM3_DatabaseStatus = DATABASESTATUS.UNDEFINED; + Properties.Settings.Default.Elevation_SRTM1_DatabaseStatus = DATABASESTATUS.UNDEFINED; + Properties.Settings.Default.Elevation_ASTER3_DatabaseStatus = DATABASESTATUS.UNDEFINED; + Properties.Settings.Default.Elevation_ASTER1_DatabaseStatus = DATABASESTATUS.UNDEFINED; + // set nearfield suppression + PropagationData.Database.NearFieldSuppression = Properties.Settings.Default.Path_NearFieldSuppression; + // get all database directories and store it in settings + Properties.Settings.Default.AircraftDatabase_Directory = AircraftData.Database.DefaultDatabaseDirectory(); + Properties.Settings.Default.StationsDatabase_Directory = StationData.Database.DefaultDatabaseDirectory(); + Properties.Settings.Default.ElevationDatabase_Directory = ElevationData.Database.DefaultDatabaseDirectory(); + Properties.Settings.Default.PropagationDatabase_Directory = PropagationData.Database.DefaultDatabaseDirectory(); + Properties.Settings.Default.Rig_Directory = RigData.Database.DefaultDatabaseDirectory(); + MapData.Database.DefaultDatabaseDirectory(); + Log.WriteMessage("Finished."); + } + + private void CreateDistances() + { + gmo_Distances.Clear(); + for (int dist = 100; dist <= 1000; dist += 100) + { + GMapRoute circle = new GMapRoute("Distance: " + dist.ToString()); + circle.Stroke = new Pen(Color.DarkGray, 1); + for (int i = 0; i <= 360; i++) + { + LatLon.GPoint p = LatLon.DestinationPoint(Properties.Settings.Default.MyLat, Properties.Settings.Default.MyLon, i, dist); + circle.Points.Add(new PointLatLng(p.Lat, p.Lon)); + + } + gmo_Distances.Routes.Add(circle); + } + + } + + private void InitializeMaps() + { + // setting User Agent to fix Open Street Map issue 2016-09-20 + GMap.NET.MapProviders.GMapProvider.UserAgent = "AirScout"; + // clearing referrer URL issue 2019-12-14 + gm_Main.MapProvider.RefererUrl = ""; + // set initial settings for main map + gm_Main.MapProvider = GMapProviders.Find(Properties.Settings.Default.Map_Provider); + gm_Main.IgnoreMarkerOnMouseWheel = true; + gm_Main.MinZoom = 0; + gm_Main.MaxZoom = 20; + gm_Main.Zoom = 6; + gm_Main.DragButton = System.Windows.Forms.MouseButtons.Left; + gm_Main.CanDragMap = true; + gm_Main.ScalePen = new Pen(Color.Black, 3); + gm_Main.MapScaleInfoEnabled = true; + + // clear all overlays + gm_Main.Overlays.Clear(); + gmo_Airports.Clear(); + gmo_Callsigns.Clear(); + gmo_Locators.Clear(); + gmo_Objects.Clear(); + gmo_Planes.Clear(); + gmo_PropagationPaths.Clear(); + gmo_Routes.Clear(); + gmo_Locators.Clear(); + gmo_Distances.Clear(); + + // add all overlays + gm_Main.Overlays.Add(gmo_Locators); + gm_Main.Overlays.Add(gmo_Distances); + gm_Main.Overlays.Add(gmo_Airports); + gm_Main.Overlays.Add(gmo_PropagationPaths); + gm_Main.Overlays.Add(gmo_Objects); + gm_Main.Overlays.Add(gmo_Routes); + gm_Main.Overlays.Add(gmo_Planes); + gm_Main.Overlays.Add(gmo_Callsigns); + gm_Main.Overlays.Add(gmo_CallsignDetails); + + gm_Main.Opacity = (double)Properties.Settings.Default.Map_Opacity; + + // create locators, if enabled + if (Properties.Settings.Default.Map_ShowLocators) + InitializeLocators(); + + // setting User Agent to fix Open Street Map issue 2016-09-20 + GMap.NET.MapProviders.GMapProvider.UserAgent = "AirScout"; + // clearing referrer URL issue 2019-12-14 + gm_Nearest.MapProvider.RefererUrl = ""; + // set initial settings for main map + gm_Nearest.MapProvider = GMapProviders.Find(Properties.Settings.Default.Map_Provider); + gm_Main.MapProvider.RefererUrl = ""; + gm_Nearest.IgnoreMarkerOnMouseWheel = true; + gm_Nearest.MinZoom = 0; + gm_Nearest.MaxZoom = 20; + gm_Nearest.Zoom = 6; + gm_Nearest.DragButton = System.Windows.Forms.MouseButtons.Left; + gm_Nearest.CanDragMap = true; + gm_Nearest.ScalePen = new Pen(Color.Black, 3); + gm_Nearest.MapScaleInfoEnabled = true; + + // clear all overlays + gm_Nearest.Overlays.Clear(); + gmo_NearestPaths.Clear(); + gmo_NearestPlanes.Clear(); + + // add all overlays + gm_Nearest.Overlays.Add(gmo_NearestPaths); + gm_Nearest.Overlays.Add(gmo_NearestPlanes); + gm_Nearest.Position = new PointLatLng(Properties.Settings.Default.MyLat, Properties.Settings.Default.MyLon); + gm_Nearest.ShowCenter = false; + + // setting User Agent to fix Open Street Map issue 2016-09-20 + GMap.NET.MapProviders.GMapProvider.UserAgent = "AirScout"; + // clearing referrer URL issue 2019-12-14 + gm_Cache.MapProvider.RefererUrl = ""; + // set initial settings for main map + gm_Cache.MapProvider = GMapProviders.Find(Properties.Settings.Default.Map_Provider); + + } + + private void CreateLocators(double steplat, double steplon, Pen pen) + { + // get visible map bounds first + double minlat = (int)(gm_Main.ViewArea.Bottom / steplat) * steplat - steplat; + double maxlat = gm_Main.ViewArea.Top; + double minlon = (int)(gm_Main.ViewArea.Left / steplon) * steplon - steplon; + double maxlon = gm_Main.ViewArea.Right; + + Console.WriteLine("ViewArea = " + minlat.ToString("F2") + "," + minlon.ToString("F2") + " <> " + maxlat.ToString("F2") + "," + maxlon.ToString("F2")); + + for (double lon = minlon; lon < maxlon; lon += steplon) + { + for (double lat = minlat; lat < maxlat; lat += steplat) + { + // create name + string loc = ""; + if (steplat >= 10.0) + { + loc = MaidenheadLocator.LocFromLatLon(lat + steplat / 2, lon + steplon / 2, false, 1); + } + else if (steplat >= 1.0) + { + loc = MaidenheadLocator.LocFromLatLon(lat + steplat / 2, lon + steplon / 2, false, 2); + } + else if (steplat >= 1.0 / 24.0) + { + loc = MaidenheadLocator.LocFromLatLon(lat + steplat / 2, lon + steplon / 2, false, 3); + } + else if (steplat >= 1.0 / 24.0 / 10.0) + { + loc = MaidenheadLocator.LocFromLatLon(lat + steplat / 2, lon + steplon / 2, false, 4); + } + else if (steplat >= 1.0 / 24.0 / 10.0 / 24.0) + { + loc = MaidenheadLocator.LocFromLatLon(lat + steplat / 2, lon + steplon / 2, false, 5); + } + + // create polygon + List l = new List(); + l.Add(new PointLatLng(lat, lon)); + l.Add(new PointLatLng(lat, lon + steplon)); + l.Add(new PointLatLng(lat + steplat, lon + steplon)); + l.Add(new PointLatLng(lat + steplat, lon)); + GMapLocatorPolygon p = new GMapLocatorPolygon(l, loc); + p.Stroke = pen; + p.Fill = Brushes.Transparent; + p.Tag = loc; + gmo_Locators.Polygons.Add(p); + } + } + + } + private void InitializeLocators() + { + // NASTY!! still throws execption sometimes + // when restoring cursor + try + { + // clear locator overlay anyway + gmo_Locators.Clear(); + } + catch (Exception ex) + { + // do all most nothing + } + + // return if not activated + if (!Properties.Settings.Default.Map_ShowLocators) + return; + + // create great circles, if enabled + if (Properties.Settings.Default.Map_ShowLocators) + { + try + { + gmo_Locators.IsVisibile = true; + // declutter: calculate an approbiate stepwidth according to the zoom level + double bigsteplat = 0; + double bigsteplon = 0; + double smallsteplat = 0; + double smallsteplon = 0; + Pen bigpen = new Pen(Brushes.Transparent); + Pen smallpen = new Pen(Brushes.Transparent); + switch (gm_Main.Zoom) + { + case 1: + case 2: + case 3: + case 4: + case 5: + bigsteplat = 10.0; + bigsteplon = 20.0; + bigpen = new Pen(Color.DarkGray, 1); + smallsteplat = 0; + smallsteplon = 0; + smallpen = new Pen(Brushes.Transparent); + break; + case 6: + case 7: + case 8: + case 9: + bigsteplat = 1.0; + bigsteplon = 2.0; + bigpen = new Pen(Color.DarkGray, 1); + smallsteplat = 0; + smallsteplon = 0; + smallpen = new Pen(Brushes.Transparent); + break; + case 10: + case 11: + case 12: + case 13: + bigsteplat = 1.0; + bigsteplon = 2.0; + bigpen = new Pen(Color.DarkGray, 2); + smallsteplat = 1.0 / 24.0; + smallsteplon = 2.0 / 24.0; + smallpen = new Pen(Color.DarkGray, 1); + break; + case 14: + case 15: + case 16: + case 17: + bigsteplat = 1.0 / 24.0; + bigsteplon = 2.0 / 24.0; + bigpen = new Pen(Color.DarkGray, 2); + smallsteplat = 1.0 / 24.0 / 10.0; + smallsteplon = 2.0 / 24.0 / 10.0; + smallpen = new Pen(Color.DarkGray, 1); + break; + case 18: + case 19: + case 20: + bigsteplat = 1.0 / 24.0 / 10.0; + bigsteplon = 2.0 / 24.0 / 10.0; + bigpen = new Pen(Color.DarkGray, 2); + smallsteplat = 1.0 / 24.0 / 10.0 / 24.0; + smallsteplon = 2.0 / 24.0 / 10.0 / 24.0; + smallpen = new Pen(Color.DarkGray, 1); + break; + } + + if ((bigsteplon > 0) && (bigsteplat > 0)) + { + CreateLocators(bigsteplat, bigsteplon, bigpen); + } + if ((smallsteplon > 0) && (smallsteplat > 0)) + { + CreateLocators(smallsteplat, smallsteplon, smallpen); + } + } + catch (Exception ex) + { + Log.WriteMessage(ex.ToString(), LogLevel.Error); + } + } + + } + + private void Splash(string text) + { + Splash(text, Color.White); + } + + private void Splash(string text, Color color) + { + // show message in splash window + if (SplashDlg != null) + { + SplashDlg.Status(text, color); + } + } + + private void MapDlg_Load(object sender, EventArgs e) + { + try + { + // Show splash screen + SplashDlg = new Splash(); + SplashDlg.Show(); + // bring window to front + SplashDlg.BringToFront(); + // wait for splash window is fully visible + while (SplashDlg.Opacity < 1) + { + Application.DoEvents(); + } + // show AirScout main window + this.BringToFront(); + // Check directories, complete it and create, if not exist + Splash("Checking directories..."); + CheckDirectories(); + // start a log, specify format of logfile and entries + Splash("Initializing logfile..."); + InitializeLogfile(); + // Check properties + Splash("Checking settings..."); + CheckSettings(); + // check, copy and load plugins + Splash("Loading plugins..."); + LoadPlugins(); + // Initialize database + Splash("Initializing database..."); + InitializeDatabase(); + // initialize icons + Splash("Creating icons..."); + InitializeIcons(); + ToolTipFont = CreateFontFromString(Properties.Settings.Default.Map_ToolTipFont); + Splash("Loading Map..."); + + cntdn = Properties.Settings.Default.Planes_Update; + btn_Map_PlayPause.Select(); + + // intially fill dialog box elements and set band + string[] bands = Bands.GetStringValuesExceptNoneAndAll(); + foreach (string b in bands) + cb_Band.Items.Add(b); + BAND band = Properties.Settings.Default.Band; + cb_Band.SelectedItem = Bands.GetStringValue(band); + string[] cats = PlaneCategories.GetStringValues(); + foreach (string cat in cats) + cb_Planes_Filter_Min_Cat.Items.Add(cat); + // initialize gauge controls + ag_Azimuth.fromAngle = -90; + ag_Azimuth.toAngle = 270; + + ag_Elevation.fromAngle = 180; + ag_Elevation.toAngle = 270; + + // install additional mouse events + gb_Map_Info.MouseClick += new MouseEventHandler(this.gb_Map_Info_MouseClick); + gb_Map_Zoom.MouseClick += new MouseEventHandler(this.gb_Map_Zoom_MouseClick); + gb_Map_Filter.MouseClick += new MouseEventHandler(this.gb_Map_Filter_MouseClick); + gb_Map_Alarms.MouseClick += new MouseEventHandler(this.gb_Map_Alarms_MouseClick); + + if (PlaneFeedPlugins != null) + { + foreach (IPlaneFeedPlugin plugin in PlaneFeedPlugins) + { + if (Properties.Settings.Default.Planes_PlaneFeed1 == plugin.Name) + { + bw_PlaneFeed1 = new PlaneFeed(); + bw_PlaneFeed1.ProgressChanged += new ProgressChangedEventHandler(bw_PlaneFeed_ProgressChanged); + } + if (Properties.Settings.Default.Planes_PlaneFeed2 == plugin.Name) + { + bw_PlaneFeed2 = new PlaneFeed(); + bw_PlaneFeed2.ProgressChanged += new ProgressChangedEventHandler(bw_PlaneFeed_ProgressChanged); + } + if (Properties.Settings.Default.Planes_PlaneFeed3 == plugin.Name) + { + bw_PlaneFeed3 = new PlaneFeed(); + bw_PlaneFeed3.ProgressChanged += new ProgressChangedEventHandler(bw_PlaneFeed_ProgressChanged); + } + } + } + + // update image list sizes + il_Planes_L.ImageSize = new System.Drawing.Size(Properties.Settings.Default.Planes_IconSize_L, Properties.Settings.Default.Planes_IconSize_L); + il_Planes_M.ImageSize = new System.Drawing.Size(Properties.Settings.Default.Planes_IconSize_M, Properties.Settings.Default.Planes_IconSize_M); + il_Planes_H.ImageSize = new System.Drawing.Size(Properties.Settings.Default.Planes_IconSize_H, Properties.Settings.Default.Planes_IconSize_H); + il_Planes_S.ImageSize = new System.Drawing.Size(Properties.Settings.Default.Planes_IconSize_S, Properties.Settings.Default.Planes_IconSize_S); + + // try to upgrade user settings from prevoius version on first run + try + { + if (FirstRun) + { + Log.WriteMessage("Preparing for first run."); + + // Reload settings + LoadUserSettings(); + + // try to ugrade settings when not started with /CLEAN option + if (!CleanRun) + { + Log.WriteMessage("Upgrading settings."); + Properties.Settings.Default.Upgrade(); + // handle skip to version 1.3.3.1 + if (String.IsNullOrEmpty(Properties.Settings.Default.Version) || (String.Compare(Properties.Settings.Default.Version, "1.3.3.0") < 0)) + { + /* + // reset elevation data url to new default values + Properties.Settings.Default.Elevation_GLOBE_URL = GetPropertyDefaultValue(nameof(Properties.Settings.Default.Elevation_GLOBE_URL)); + Properties.Settings.Default.Elevation_SRTM3_URL = GetPropertyDefaultValue(nameof(Properties.Settings.Default.Elevation_SRTM3_URL)); + Properties.Settings.Default.Elevation_SRTM1_URL = GetPropertyDefaultValue(nameof(Properties.Settings.Default.Elevation_SRTM1_URL)); + // reset elevation data path to default values + Properties.Settings.Default.Elevation_GLOBE_DataPath = GetPropertyDefaultValue(nameof(Properties.Settings.Default.Elevation_GLOBE_DataPath)); + Properties.Settings.Default.Elevation_SRTM3_DataPath = GetPropertyDefaultValue(nameof(Properties.Settings.Default.Elevation_SRTM3_DataPath)); + Properties.Settings.Default.Elevation_SRTM1_DataPath = GetPropertyDefaultValue(nameof(Properties.Settings.Default.Elevation_SRTM1_DataPath)); + // reset stations data url to its default value + Properties.Settings.Default.StationDatabase_Update_URL = GetPropertyDefaultValue(nameof(Properties.Settings.Default.StationDatabase_Update_URL)); + */ + + // reset Sync with KST option + Properties.Settings.Default.Watchlist_SyncWithKST = GetPropertyDefaultValue(nameof(Properties.Settings.Default.Watchlist_SyncWithKST)); + + Properties.Settings.Default.Version = Application.ProductVersion; + + SaveUserSettings(); + } + AirScout.PlaneFeeds.Properties.Settings.Default.Upgrade(); + } + + CheckDirectories(); + CheckSettings(); + // reset topmost state + if (SplashDlg != null) + SplashDlg.TopMost = false; + /* + // run database updater once for basic information + bw_DatabaseUpdater.RunWorkerAsync(UPDATERSTARTOPTIONS.FIRSTRUN); + // wait till finished + while (bw_DatabaseUpdater.IsBusy) + Application.DoEvents(); + */ + if (SplashDlg != null) + SplashDlg.Close(); + // must have internet connection on FirstRun + CheckInternet(); + // show FirstRunWizard + try + { + FirstRunWizard Dlg = new FirstRunWizard(this); + if (Dlg.ShowDialog() != System.Windows.Forms.DialogResult.OK) + { + Log.WriteMessage("Aborting FirstRunWizard."); + // flush the log and exit immediately + Log.FlushLog(); + System.Environment.Exit(-1); + } + else + { + // reset FirstRun property + Properties.Settings.Default.FirstRun = false; + Properties.Settings.Default.FirstRun = Properties.Settings.Default.FirstRun; + + // set privacy statements (for legacy) + Properties.Settings.Default.First_Agree = true; + Properties.Settings.Default.First_Disagree = false; + Properties.Settings.Default.First_Privacy = false; + + // save settings + SaveUserSettings(); + } + } + catch (Exception ex) + { + Log.WriteMessage(ex.ToString(), LogLevel.Error); + // flush the log and exit immediately + Log.FlushLog(); + System.Environment.Exit(-1); + } + } + } + catch (Exception ex) + { + Log.WriteMessage(ex.ToString(), LogLevel.Error); + } + // get initial widths and heigths + gb_Map_Info_DefaultWidth = gb_Map_Info.Width; + tc_Main_DefaultHeight = tc_Main.Height; + + // refresh the Layout + OnSizeChanged(null); + + // get initial height of boxes + gb_Map_Info_MinimizedHeight = gb_Map_Info.Height - gb_Map_Info.DisplayRectangle.Height; + gb_Map_Zoom_MinimizedHeight = gb_Map_Zoom.Height - gb_Map_Zoom.DisplayRectangle.Height; + gb_Map_Filter_MinimizedHeigth = gb_Map_Filter.Height - gb_Map_Filter.DisplayRectangle.Height; + gb_Map_Alarms_MinimizedHeight = gb_Map_Alarms.Height - gb_Map_Alarms.DisplayRectangle.Height; + gb_Map_Info_MaximizedHeight = gb_Map_Info.Height; + gb_Map_Zoom_MaximizedHeight = gb_Map_Zoom.Height; + gb_Map_Filter_MaximizedHeigth = gb_Map_Filter.Height; + gb_Map_Alarms_MaximizedHeight = gb_Map_Alarms.Height; + + // check directories and settings for missing values + CheckDirectories(); + CheckSettings(); + + if (PlaneFeedPlugins != null) + { + foreach (IPlaneFeedPlugin plugin in PlaneFeedPlugins) + { + if (Properties.Settings.Default.Planes_PlaneFeed1 == plugin.Name) + { + bw_PlaneFeed1 = new PlaneFeed(); + bw_PlaneFeed1.ProgressChanged += new ProgressChangedEventHandler(bw_PlaneFeed_ProgressChanged); + } + if (Properties.Settings.Default.Planes_PlaneFeed2 == plugin.Name) + { + bw_PlaneFeed2 = new PlaneFeed(); + bw_PlaneFeed2.ProgressChanged += new ProgressChangedEventHandler(bw_PlaneFeed_ProgressChanged); + } + if (Properties.Settings.Default.Planes_PlaneFeed3 == plugin.Name) + { + bw_PlaneFeed3 = new PlaneFeed(); + bw_PlaneFeed3.ProgressChanged += new ProgressChangedEventHandler(bw_PlaneFeed_ProgressChanged); + } + } + } + + // register this instance of AirScout and get a session key + InitializeSession(); + + // start permanent background workers + StartAllBackgroundWorkers(); + + // start main timer + ti_Progress.Start(); + + FirstRun = false; + + // check if a vaild feed is on + if ((bw_PlaneFeed1 == null) && (bw_PlaneFeed2 == null) && (bw_PlaneFeed3 == null)) + MessageBox.Show("Plane Feeds are disabled. \n\nYou can use the software anyway, but you will never see a plane on the map. \nIn order to get valid plane positions do the following:\n\n1. Go to the \"Options/Plane\" tab and activate at least one plane feed\n2. Go to the \"Options/General\" tab and adjust \"Planes Positions Range\" to a suitable area around your location", "Plane Feeds Disabled"); + + // invalidate tracking values + TrackMode = AIRSCOUTTRACKMODE.NONE; + + // set online mode by default + Properties.Settings.Default.Time_Mode_Online = true; + + // install OnIdle event handler + // must be here at first! + Application.Idle += new EventHandler(OnIdle); + // move map to MyLoc + if (!double.IsNaN(Properties.Settings.Default.MyLat) && !double.IsNaN(Properties.Settings.Default.MyLon)) + gm_Main.Position = new PointLatLng(Properties.Settings.Default.MyLat, Properties.Settings.Default.MyLon); + // update status + UpdateStatus(); + //initialize maps + InitializeMaps(); + // show airports on map + UpdateAirports(); + // show watchlist on map + UpdateWatchlistInMap(); + // set special event handlers on locator combo boxes + // set callsign history and locs + cb_MyCall_TextChanged(this, null); + // set MyLoc and DXLoc combobox properties + cb_MyLoc.DisplayMember = nameof(LocatorDropDownItem.Locator); + cb_MyLoc.ValueMember = nameof(LocatorDropDownItem.GeoLocation); + cb_MyLoc.Precision = (int)Properties.Settings.Default.Locator_MaxLength / 2; + cb_MyLoc.SmallLettersForSubsquares = Properties.Settings.Default.Locator_SmallLettersForSubsquares; + cb_MyLoc.AutoLength = Properties.Settings.Default.Locator_AutoLength; + cb_DXLoc.DisplayMember = nameof(LocatorDropDownItem.Locator); + cb_DXLoc.ValueMember = nameof(LocatorDropDownItem.GeoLocation); + cb_DXLoc.Precision = (int)Properties.Settings.Default.Locator_MaxLength / 2; + cb_DXLoc.SmallLettersForSubsquares = Properties.Settings.Default.Locator_SmallLettersForSubsquares; + cb_DXLoc.AutoLength = Properties.Settings.Default.Locator_AutoLength; + // populate watchlist + RefreshWatchlistView(); + // Linux/Mon Hacks for layout + if (SupportFunctions.IsMono) + { + // cycle control tab view to ensure that all elements are drawn + tc_Control.SelectedTab = tp_Control_Options; + tc_Control.SelectedTab = tp_Control_Multi; + tc_Control.SelectedTab = tp_Control_Single; + + // show text on Play button istead of symbol + btn_Map_PlayPause.Text = "Play"; + } + + // set players bounds + sb_Analysis_Play.Minimum = 0; + sb_Analysis_Play.Maximum = int.MaxValue; + // set path mode to single + PathMode = AIRSCOUTPATHMODE.SINGLE; + // set life mode to life + LifeMode = AIRSCOUTLIFEMODE.LIFE; + // set play mode to pause + PlayMode = AIRSCOUTPLAYMODE.PAUSE; + + // maintain background calculations thread wait + Properties.Settings.Default.Background_Calculations_ThreadWait = 0; + Log.WriteMessage("Finished."); + // start timer to finish startup + ti_Startup.Start(); + } + catch (Exception ex) + { + // close the application in case of any exception + if (Log != null) + Log.WriteMessage(ex.ToString(), LogLevel.Error); + else + Console.WriteLine("Fatal Error: " + ex.ToString()); + // close the splash window + if (SplashDlg != null) + SplashDlg.Close(); + MessageBox.Show("An error occured during startup: " + ex.ToString() + "\n\nPress >OK< to close the application.", "AirScout", MessageBoxButtons.OK); + this.Close(); + } + // restore window size, state and location + try + { + if (!SupportFunctions.IsMono) + { + this.Size = Properties.Settings.Default.General_WindowSize; + this.Location = Properties.Settings.Default.General_WindowLocation; + this.WindowState = Properties.Settings.Default.General_WindowState; + } + else + { + // ignore window settings under Linux/Mono + // start always maximized + this.WindowState = FormWindowState.Maximized; + + } + } + catch (Exception ex) + { + // do nothing if failed + Log.WriteMessage(ex.ToString(), LogLevel.Error); + // reset splitter positions to its default value in settings + Properties.Settings.Default.MainSplitter_Distance = -1; + Properties.Settings.Default.MapSplitter_Distance = -1; + } + + // dump all properties to log + Log.WriteMessage("============================= Application Settings =================================="); + DumpSettingsToLog("Properties.Settings.Default", Properties.Settings.Default.PropertyValues); + DumpSettingsToLog("AirScout.PlaneFeeds.Properties.Settings.Default", AirScout.PlaneFeeds.Properties.Settings.Default.PropertyValues); + DumpSettingsToLog("ScoutBase.Elevation.Properties.Settings.Default", ScoutBase.Elevation.Properties.Settings.Default.PropertyValues); + DumpSettingsToLog("ScoutBase.Stations.Properties.Settings.Default", ScoutBase.Stations.Properties.Settings.Default.PropertyValues); + DumpSettingsToLog("ScoutBase.Propagation.Properties.Settings.Default", ScoutBase.Propagation.Properties.Settings.Default.PropertyValues); + DumpSettingsToLog("ScoutBase.CAT.Properties.Settings.Default", ScoutBase.CAT.Properties.Settings.Default.PropertyValues); + DumpSettingsToLog("AirScout.Aircrafts.Properties.Settings.Default", AirScout.Aircrafts.Properties.Settings.Default.PropertyValues); + DumpSettingsToLog("AirScout.CAT.Properties.Settings.Default", AirScout.CAT.Properties.Settings.Default.PropertyValues); + Log.WriteMessage("====================================================================================="); + + // set Pause Mode + // Pause(); + + } + + private void FinishStartup() + { + // finish startup + // close splash window + // set window layout + if (SplashDlg != null) + SplashDlg.Close(); + // restore splitter positions + try + { + if (!SupportFunctions.IsMono) + { + MapSplitterDistance = Properties.Settings.Default.MapSplitter_Distance; + MainSplitterDistance = Properties.Settings.Default.MainSplitter_Distance; + } + else + { + // ignore window settings under Linux/Mono and always use default values + MapSplitterDistance = -1; + MainSplitterDistance = -1; + } + } + catch (Exception ex) + { + // do nothing if failed + Log.WriteMessage(ex.ToString(), LogLevel.Error); + } + // make main window visible + this.Visible = true; + // set focus to map + this.btn_Map_Save.Focus(); + // Linux/Mono compatibility + // simulate splitter click + this.sc_Map_SplitterMoved(this, null); + this.sc_Main_SplitterMoved(this, null); + } + + // creates plane feed work event arguments from settings + private PlaneFeedWorkEventArgs CreatePlaneFeedWorkEventArgs(string feedname) + { + PlaneFeedWorkEventArgs feedargs = new PlaneFeedWorkEventArgs(); + feedargs.Feed = null; + foreach (IPlaneFeedPlugin plugin in PlaneFeedPlugins) + { + if (plugin.Name == feedname) + feedargs.Feed = plugin; + } + feedargs.AppDirectory = AppDirectory; + feedargs.AppDataDirectory = AppDataDirectory; + feedargs.LogDirectory = LogDirectory; + feedargs.TmpDirectory = TmpDirectory; + feedargs.DatabaseDirectory = DatabaseDirectory; + feedargs.MaxLat = Properties.Settings.Default.MaxLat; + feedargs.MinLon = Properties.Settings.Default.MinLon; + feedargs.MinLat = Properties.Settings.Default.MinLat; + feedargs.MaxLon = Properties.Settings.Default.MaxLon; + feedargs.MinAlt = Properties.Settings.Default.Planes_MinAlt; + feedargs.MaxAlt = Properties.Settings.Default.Planes_MaxAlt; + feedargs.MyLat = Properties.Settings.Default.MyLat; + feedargs.MyLon = Properties.Settings.Default.MyLon; + feedargs.DXLat = Properties.Settings.Default.DXLat; + feedargs.DXLon = Properties.Settings.Default.DXLon; + feedargs.KeepHistory = Properties.Settings.Default.Planes_KeepHistory; + feedargs.Interval = Properties.Settings.Default.Planes_Interval; + feedargs.ExtendedPlausibilityCheck_Enable = Properties.Settings.Default.Planes_ExtendedPlausibilityCheck_Enabled; + feedargs.ExtendedPlausiblityCheck_MaxErrorDist = Properties.Settings.Default.Planes_ExtendedPlausibilityCheck_MaxErrorDist; + feedargs.LogErrors = Properties.Settings.Default.Planes_LogErrors; + feedargs.InstanceID = Properties.Settings.Default.AirScout_Instance_ID; + feedargs.SessionKey = SessionKey; + feedargs.GetKeyURL = Properties.Settings.Default.AirScout_GetKey_URL; + return feedargs; + } + + private void StartAllBackgroundWorkers() + { + // start all background workers + // check if the thread is not NULL and not activated + Say("Starting background threads..."); + if ((bw_LocatorGridUpdater != null) && !bw_LocatorGridUpdater.IsBusy) + bw_LocatorGridUpdater.RunWorkerAsync(); + if ((bw_AirportMapper != null) && !bw_AirportMapper.IsBusy) + bw_AirportMapper.RunWorkerAsync(); + if ((bw_JSONWriter != null) && !bw_JSONWriter.IsBusy) + bw_JSONWriter.RunWorkerAsync(); + if ((bw_NewsFeed != null) && !bw_NewsFeed.IsBusy) + bw_NewsFeed.RunWorkerAsync(); + if ((bw_AircraftDatabaseMaintainer != null) && (!bw_AircraftDatabaseMaintainer.IsBusy)) + { + AircraftPositionDatabaseMaintainerStartOptions startoptions = new AircraftPositionDatabaseMaintainerStartOptions(); + startoptions.Name = "Aircrafts"; + startoptions.Database_MaxCount = (long)Properties.Settings.Default.AircraftDatabase_MaxCount; + startoptions.Database_MaxSize = (double)Properties.Settings.Default.AircraftDatabase_MaxSize; + startoptions.Database_MaxDaysLifetime = (int)Properties.Settings.Default.AircraftDatabase_MaxDaysLifetime; + bw_AircraftDatabaseMaintainer.RunWorkerAsync(startoptions); + } + if (Properties.Settings.Default.Background_Update_OnStartup) + { + if ((bw_StationDatabaseUpdater != null) && !bw_StationDatabaseUpdater.IsBusy) + { + StationDatabaseUpdaterStartOptions startoptions = new StationDatabaseUpdaterStartOptions(); + startoptions.Name = "Stations"; + startoptions.RestrictToAreaOfInterest = Properties.Settings.Default.Location_RestrictToAreaOfInterest; + startoptions.MinLat = Properties.Settings.Default.MinLat; + startoptions.MinLon = Properties.Settings.Default.MinLon; + startoptions.MaxLat = Properties.Settings.Default.MaxLat; + startoptions.MaxLon = Properties.Settings.Default.MaxLon; + startoptions.InstanceID = Properties.Settings.Default.AirScout_Instance_ID; + startoptions.SessionKey = SessionKey; + startoptions.GetKeyURL = Properties.Settings.Default.AirScout_GetKey_URL; + startoptions.Options = BACKGROUNDUPDATERSTARTOPTIONS.RUNONCE; + bw_StationDatabaseUpdater.RunWorkerAsync(startoptions); + } + if ((bw_AircraftDatabaseUpdater != null) && !bw_AircraftDatabaseUpdater.IsBusy) + { + AircraftDatabaseUpdaterStartOptions startoptions = new AircraftDatabaseUpdaterStartOptions(); + startoptions.Name = "Aircrafts"; + startoptions.InstanceID = Properties.Settings.Default.AirScout_Instance_ID; + startoptions.SessionKey = SessionKey; + startoptions.GetKeyURL = Properties.Settings.Default.AirScout_GetKey_URL; + startoptions.Options = BACKGROUNDUPDATERSTARTOPTIONS.RUNONCE; + bw_AircraftDatabaseUpdater.RunWorkerAsync(startoptions); + } + if (Properties.Settings.Default.Elevation_GLOBE_Enabled && (bw_GLOBEUpdater != null) && !bw_GLOBEUpdater.IsBusy) + { + ElevationDatabaseUpdaterStartOptions startoptions = new ElevationDatabaseUpdaterStartOptions(); + startoptions.Name = "GLOBE"; + startoptions.Options = BACKGROUNDUPDATERSTARTOPTIONS.RUNONCE; + startoptions.Model = ELEVATIONMODEL.GLOBE; + startoptions.MinLat = Properties.Settings.Default.MinLat; + startoptions.MinLon = Properties.Settings.Default.MinLon; + startoptions.MaxLat = Properties.Settings.Default.MaxLat; + startoptions.MaxLon = Properties.Settings.Default.MaxLon; + startoptions.FileCacheEnabled = Properties.Settings.Default.Elevation_GLOBE_EnableCache; + bw_GLOBEUpdater.RunWorkerAsync(startoptions); + } + if (Properties.Settings.Default.Elevation_SRTM3_Enabled && (bw_SRTM3Updater != null) && !bw_SRTM3Updater.IsBusy) + { + ElevationDatabaseUpdaterStartOptions startoptions = new ElevationDatabaseUpdaterStartOptions(); + startoptions.Name = "SRTM3"; + startoptions.Options = BACKGROUNDUPDATERSTARTOPTIONS.RUNONCE; + startoptions.Model = ELEVATIONMODEL.SRTM3; + startoptions.MinLat = Properties.Settings.Default.MinLat; + startoptions.MinLon = Properties.Settings.Default.MinLon; + startoptions.MaxLat = Properties.Settings.Default.MaxLat; + startoptions.MaxLon = Properties.Settings.Default.MaxLon; + startoptions.FileCacheEnabled = Properties.Settings.Default.Elevation_SRTM3_EnableCache; + bw_SRTM3Updater.RunWorkerAsync(startoptions); + } + if (Properties.Settings.Default.Elevation_SRTM1_Enabled && (bw_SRTM1Updater != null) && !bw_SRTM1Updater.IsBusy) + { + ElevationDatabaseUpdaterStartOptions startoptions = new ElevationDatabaseUpdaterStartOptions(); + startoptions.Name = "SRTM1"; + startoptions.Options = BACKGROUNDUPDATERSTARTOPTIONS.RUNONCE; + startoptions.Model = ELEVATIONMODEL.SRTM1; + startoptions.MinLat = Properties.Settings.Default.MinLat; + startoptions.MinLon = Properties.Settings.Default.MinLon; + startoptions.MaxLat = Properties.Settings.Default.MaxLat; + startoptions.MaxLon = Properties.Settings.Default.MaxLon; + startoptions.FileCacheEnabled = Properties.Settings.Default.Elevation_SRTM1_EnableCache; + bw_SRTM1Updater.RunWorkerAsync(startoptions); + } + if (Properties.Settings.Default.Elevation_ASTER3_Enabled && (bw_ASTER3Updater != null) && !bw_ASTER3Updater.IsBusy) + { + ElevationDatabaseUpdaterStartOptions startoptions = new ElevationDatabaseUpdaterStartOptions(); + startoptions.Name = "ASTER3"; + startoptions.Options = BACKGROUNDUPDATERSTARTOPTIONS.RUNONCE; + startoptions.Model = ELEVATIONMODEL.ASTER3; + startoptions.MinLat = Properties.Settings.Default.MinLat; + startoptions.MinLon = Properties.Settings.Default.MinLon; + startoptions.MaxLat = Properties.Settings.Default.MaxLat; + startoptions.MaxLon = Properties.Settings.Default.MaxLon; + startoptions.FileCacheEnabled = Properties.Settings.Default.Elevation_ASTER3_EnableCache; + bw_ASTER3Updater.RunWorkerAsync(startoptions); + } + if (Properties.Settings.Default.Elevation_ASTER1_Enabled && (bw_ASTER1Updater != null) && !bw_ASTER1Updater.IsBusy) + { + ElevationDatabaseUpdaterStartOptions startoptions = new ElevationDatabaseUpdaterStartOptions(); + startoptions.Name = "ASTER1"; + startoptions.Options = BACKGROUNDUPDATERSTARTOPTIONS.RUNONCE; + startoptions.Model = ELEVATIONMODEL.ASTER1; + startoptions.MinLat = Properties.Settings.Default.MinLat; + startoptions.MinLon = Properties.Settings.Default.MinLon; + startoptions.MaxLat = Properties.Settings.Default.MaxLat; + startoptions.MaxLon = Properties.Settings.Default.MaxLon; + startoptions.FileCacheEnabled = Properties.Settings.Default.Elevation_ASTER1_EnableCache; + bw_ASTER1Updater.RunWorkerAsync(startoptions); + } + if (Properties.Settings.Default.Elevation_GLOBE_Enabled && (bw_GLOBEPathCalculator != null) && !bw_GLOBEPathCalculator.IsBusy) + bw_GLOBEPathCalculator.RunWorkerAsync(BACKGROUNDUPDATERSTARTOPTIONS.RUNONCE); + if (Properties.Settings.Default.Elevation_SRTM3_Enabled && (bw_SRTM3PathCalculator != null) && !bw_SRTM3PathCalculator.IsBusy) + bw_SRTM3PathCalculator.RunWorkerAsync(BACKGROUNDUPDATERSTARTOPTIONS.RUNONCE); + if (Properties.Settings.Default.Elevation_SRTM1_Enabled && (bw_SRTM1PathCalculator != null) && !bw_SRTM1PathCalculator.IsBusy) + bw_SRTM1PathCalculator.RunWorkerAsync(BACKGROUNDUPDATERSTARTOPTIONS.RUNONCE); + if (Properties.Settings.Default.Elevation_ASTER3_Enabled && (bw_ASTER3PathCalculator != null) && !bw_ASTER3PathCalculator.IsBusy) + bw_ASTER3PathCalculator.RunWorkerAsync(BACKGROUNDUPDATERSTARTOPTIONS.RUNONCE); + if (Properties.Settings.Default.Elevation_ASTER1_Enabled && (bw_ASTER1PathCalculator != null) && !bw_ASTER1PathCalculator.IsBusy) + bw_ASTER1PathCalculator.RunWorkerAsync(BACKGROUNDUPDATERSTARTOPTIONS.RUNONCE); + if (Properties.Settings.Default.Map_Preloader_Enabled && (bw_MapPreloader != null) && !bw_MapPreloader.IsBusy) + bw_MapPreloader.RunWorkerAsync(BACKGROUNDUPDATERSTARTOPTIONS.RUNONCE); + } + else if (Properties.Settings.Default.Background_Update_Periodically) + { + if ((bw_StationDatabaseUpdater != null) && !bw_StationDatabaseUpdater.IsBusy) + { + StationDatabaseUpdaterStartOptions startoptions = new StationDatabaseUpdaterStartOptions(); + startoptions.Name = "Stations"; + startoptions.MinLat = Properties.Settings.Default.MinLat; + startoptions.MinLon = Properties.Settings.Default.MinLon; + startoptions.MaxLat = Properties.Settings.Default.MaxLat; + startoptions.MaxLon = Properties.Settings.Default.MaxLon; + startoptions.RestrictToAreaOfInterest = Properties.Settings.Default.Location_RestrictToAreaOfInterest; + startoptions.InstanceID = Properties.Settings.Default.AirScout_Instance_ID; + startoptions.SessionKey = SessionKey; + startoptions.GetKeyURL = Properties.Settings.Default.AirScout_GetKey_URL; + startoptions.Options = BACKGROUNDUPDATERSTARTOPTIONS.RUNPERIODICALLY; + bw_StationDatabaseUpdater.RunWorkerAsync(startoptions); + } + if ((bw_AircraftDatabaseUpdater != null) && !bw_AircraftDatabaseUpdater.IsBusy) + { + AircraftDatabaseUpdaterStartOptions startoptions = new AircraftDatabaseUpdaterStartOptions(); + startoptions.Name = "Aircrafts"; + startoptions.InstanceID = Properties.Settings.Default.AirScout_Instance_ID; + startoptions.SessionKey = SessionKey; + startoptions.GetKeyURL = Properties.Settings.Default.AirScout_GetKey_URL; + startoptions.Options = BACKGROUNDUPDATERSTARTOPTIONS.RUNPERIODICALLY; + bw_AircraftDatabaseUpdater.RunWorkerAsync(startoptions); + } + if (Properties.Settings.Default.Elevation_GLOBE_Enabled && (bw_GLOBEUpdater != null) && !bw_GLOBEUpdater.IsBusy) + { + ElevationDatabaseUpdaterStartOptions startoptions = new ElevationDatabaseUpdaterStartOptions(); + startoptions.Name = "GLOBE"; + startoptions.Options = BACKGROUNDUPDATERSTARTOPTIONS.RUNPERIODICALLY; + startoptions.Model = ELEVATIONMODEL.GLOBE; + startoptions.MinLat = Properties.Settings.Default.MinLat; + startoptions.MinLon = Properties.Settings.Default.MinLon; + startoptions.MaxLat = Properties.Settings.Default.MaxLat; + startoptions.MaxLon = Properties.Settings.Default.MaxLon; + startoptions.FileCacheEnabled = Properties.Settings.Default.Elevation_GLOBE_EnableCache; + bw_GLOBEUpdater.RunWorkerAsync(startoptions); + } + if (Properties.Settings.Default.Elevation_SRTM3_Enabled && (bw_SRTM3Updater != null) && !bw_SRTM3Updater.IsBusy) + { + ElevationDatabaseUpdaterStartOptions startoptions = new ElevationDatabaseUpdaterStartOptions(); + startoptions.Name = "SRTM3"; + startoptions.Options = BACKGROUNDUPDATERSTARTOPTIONS.RUNPERIODICALLY; + startoptions.Model = ELEVATIONMODEL.SRTM3; + startoptions.MinLat = Properties.Settings.Default.MinLat; + startoptions.MinLon = Properties.Settings.Default.MinLon; + startoptions.MaxLat = Properties.Settings.Default.MaxLat; + startoptions.MaxLon = Properties.Settings.Default.MaxLon; + startoptions.FileCacheEnabled = Properties.Settings.Default.Elevation_SRTM3_EnableCache; + bw_SRTM3Updater.RunWorkerAsync(startoptions); + } + if (Properties.Settings.Default.Elevation_SRTM1_Enabled && (bw_SRTM1Updater != null) && !bw_SRTM1Updater.IsBusy) + { + ElevationDatabaseUpdaterStartOptions startoptions = new ElevationDatabaseUpdaterStartOptions(); + startoptions.Name = "SRTM1"; + startoptions.Options = BACKGROUNDUPDATERSTARTOPTIONS.RUNPERIODICALLY; + startoptions.Model = ELEVATIONMODEL.SRTM1; + startoptions.MinLat = Properties.Settings.Default.MinLat; + startoptions.MinLon = Properties.Settings.Default.MinLon; + startoptions.MaxLat = Properties.Settings.Default.MaxLat; + startoptions.MaxLon = Properties.Settings.Default.MaxLon; + startoptions.FileCacheEnabled = Properties.Settings.Default.Elevation_SRTM1_EnableCache; + bw_SRTM1Updater.RunWorkerAsync(startoptions); + } + if (Properties.Settings.Default.Elevation_ASTER3_Enabled && (bw_ASTER3Updater != null) && !bw_ASTER3Updater.IsBusy) + { + ElevationDatabaseUpdaterStartOptions startoptions = new ElevationDatabaseUpdaterStartOptions(); + startoptions.Name = "ASTER3"; + startoptions.Options = BACKGROUNDUPDATERSTARTOPTIONS.RUNPERIODICALLY; + startoptions.Model = ELEVATIONMODEL.ASTER3; + startoptions.MinLat = Properties.Settings.Default.MinLat; + startoptions.MinLon = Properties.Settings.Default.MinLon; + startoptions.MaxLat = Properties.Settings.Default.MaxLat; + startoptions.MaxLon = Properties.Settings.Default.MaxLon; + startoptions.FileCacheEnabled = Properties.Settings.Default.Elevation_ASTER3_EnableCache; + bw_ASTER3Updater.RunWorkerAsync(startoptions); + } + if (Properties.Settings.Default.Elevation_ASTER1_Enabled && (bw_ASTER1Updater != null) && !bw_ASTER1Updater.IsBusy) + { + ElevationDatabaseUpdaterStartOptions startoptions = new ElevationDatabaseUpdaterStartOptions(); + startoptions.Name = "ASTER1"; + startoptions.Options = BACKGROUNDUPDATERSTARTOPTIONS.RUNPERIODICALLY; + startoptions.Model = ELEVATIONMODEL.ASTER1; + startoptions.MinLat = Properties.Settings.Default.MinLat; + startoptions.MinLon = Properties.Settings.Default.MinLon; + startoptions.MaxLat = Properties.Settings.Default.MaxLat; + startoptions.MaxLon = Properties.Settings.Default.MaxLon; + startoptions.FileCacheEnabled = Properties.Settings.Default.Elevation_ASTER1_EnableCache; + bw_ASTER1Updater.RunWorkerAsync(startoptions); + } + if (Properties.Settings.Default.Elevation_GLOBE_Enabled && (bw_GLOBEPathCalculator != null) && !bw_GLOBEPathCalculator.IsBusy) + bw_GLOBEPathCalculator.RunWorkerAsync(BACKGROUNDUPDATERSTARTOPTIONS.RUNPERIODICALLY); + if (Properties.Settings.Default.Elevation_SRTM3_Enabled && (bw_SRTM3PathCalculator != null) && !bw_SRTM3PathCalculator.IsBusy) + bw_SRTM3PathCalculator.RunWorkerAsync(BACKGROUNDUPDATERSTARTOPTIONS.RUNPERIODICALLY); + if (Properties.Settings.Default.Elevation_SRTM1_Enabled && (bw_SRTM1PathCalculator != null) && !bw_SRTM1PathCalculator.IsBusy) + bw_SRTM1PathCalculator.RunWorkerAsync(BACKGROUNDUPDATERSTARTOPTIONS.RUNPERIODICALLY); + if (Properties.Settings.Default.Elevation_ASTER3_Enabled && (bw_ASTER3PathCalculator != null) && !bw_ASTER3PathCalculator.IsBusy) + bw_ASTER3PathCalculator.RunWorkerAsync(BACKGROUNDUPDATERSTARTOPTIONS.RUNPERIODICALLY); + if (Properties.Settings.Default.Elevation_ASTER1_Enabled && (bw_ASTER1PathCalculator != null) && !bw_ASTER1PathCalculator.IsBusy) + bw_ASTER1PathCalculator.RunWorkerAsync(BACKGROUNDUPDATERSTARTOPTIONS.RUNPERIODICALLY); + if (Properties.Settings.Default.Map_Preloader_Enabled && (bw_MapPreloader != null) && !bw_MapPreloader.IsBusy) + bw_MapPreloader.RunWorkerAsync(BACKGROUNDUPDATERSTARTOPTIONS.RUNPERIODICALLY); + } + if ((bw_PlaneFeed1 != null) && (!bw_PlaneFeed1.IsBusy)) + bw_PlaneFeed1.RunWorkerAsync(CreatePlaneFeedWorkEventArgs(Properties.Settings.Default.Planes_PlaneFeed1)); + if ((bw_PlaneFeed2 != null) && (!bw_PlaneFeed2.IsBusy)) + bw_PlaneFeed2.RunWorkerAsync(CreatePlaneFeedWorkEventArgs(Properties.Settings.Default.Planes_PlaneFeed2)); + if ((bw_PlaneFeed3 != null) && (!bw_PlaneFeed3.IsBusy)) + bw_PlaneFeed3.RunWorkerAsync(CreatePlaneFeedWorkEventArgs(Properties.Settings.Default.Planes_PlaneFeed3)); + if (Properties.Settings.Default.Server_Activate) + { + if ((bw_WinTestReceive != null) && (!bw_WinTestReceive.IsBusy)) + bw_WinTestReceive.RunWorkerAsync(); + if ((bw_Webserver != null) && (!bw_Webserver.IsBusy)) + bw_Webserver.RunWorkerAsync(TmpDirectory); + } + if (Properties.Settings.Default.SpecLab_Enabled) + { + if ((bw_SpecLab_Receive != null) && (!bw_SpecLab_Receive.IsBusy)) + bw_SpecLab_Receive.RunWorkerAsync(); + } + if (Properties.Settings.Default.Track_Activate) + { + if ((bw_Track != null) && (!bw_Track.IsBusy)) + bw_Track.RunWorkerAsync(); + } + if (AirScout.CAT.Properties.Settings.Default.CAT_Activate) + { + CATUpdaterStartOptions startoptions = new CATUpdaterStartOptions(); + startoptions.Name = "CAT Updater"; + startoptions.Options = BACKGROUNDUPDATERSTARTOPTIONS.RUNPERIODICALLY; + if ((bw_CATUpdater != null) && (!bw_CATUpdater.IsBusy)) + bw_CATUpdater.RunWorkerAsync(startoptions); + } + + if (AirScout.CAT.Properties.Settings.Default.CAT_Activate) + { + CATWorkerStartOptions startoptions = new CATWorkerStartOptions(); + startoptions.Name = "CAT Interface"; + startoptions.RigType = AirScout.CAT.Properties.Settings.Default.CAT_RigType; + startoptions.PortName = AirScout.CAT.Properties.Settings.Default.CAT_PortName; + startoptions.Baudrate = AirScout.CAT.Properties.Settings.Default.CAT_Baudrate; + startoptions.DataBits = AirScout.CAT.Properties.Settings.Default.CAT_DataBits; + startoptions.Parity = AirScout.CAT.Properties.Settings.Default.CAT_Parity; + startoptions.StopBits = AirScout.CAT.Properties.Settings.Default.CAT_StopBits; + startoptions.RTS = AirScout.CAT.Properties.Settings.Default.CAT_RTS; + startoptions.DTR = AirScout.CAT.Properties.Settings.Default.CAT_DTR; + startoptions.Poll = AirScout.CAT.Properties.Settings.Default.CAT_Poll; + startoptions.Timeout = AirScout.CAT.Properties.Settings.Default.CAT_Timeout; + if ((bw_CAT != null) && (!bw_CAT.IsBusy)) + bw_CAT.RunWorkerAsync(startoptions); + } + Say("Background threads started."); + } + + private void StopBackgroundworker(BackgroundWorker worker, string name, int count, int total) + { + if (worker == null) + return; + if (!worker.IsBusy) + return; + worker.CancelAsync(); + // waiting for background threads to finish + int timeout = 10000; // timeout in ms + Stopwatch st = new Stopwatch(); + st.Start(); + Say("Stopping background thread " + count.ToString() + " of " + total.ToString() + " [" + name + "]..."); + while ((worker != null) && worker.IsBusy) + { + Application.DoEvents(); + } + st.Stop(); + Log.WriteMessage("Stopping " + name + ", " + st.ElapsedMilliseconds.ToString() + " ms."); + } + + private void StopAllBackgroundWorkers() + { + Say("Stopping background threads..."); + // cancel permanent background workers, wait for finish + int bcount = 18; + int i = 1; + // cancel all threads + StopBackgroundworker(bw_WinTestReceive, nameof(bw_WinTestReceive), i, bcount); i++; + StopBackgroundworker(bw_SpecLab_Receive, nameof(bw_SpecLab_Receive), i, bcount); i++; + StopBackgroundworker(bw_Track, nameof(bw_Track), i, bcount); i++; + StopBackgroundworker(bw_JSONWriter, nameof(bw_JSONWriter), i, bcount); i++; + StopBackgroundworker(bw_NewsFeed, nameof(bw_NewsFeed), i, bcount); i++; + StopBackgroundworker(bw_PlaneFeed1, nameof(bw_PlaneFeed1), i, bcount); i++; + StopBackgroundworker(bw_PlaneFeed2, nameof(bw_PlaneFeed2), i, bcount); i++; + StopBackgroundworker(bw_PlaneFeed3, nameof(bw_PlaneFeed3), i, bcount); i++; + StopBackgroundworker(bw_GLOBEPathCalculator, nameof(bw_GLOBEPathCalculator), i, bcount); i++; + StopBackgroundworker(bw_SRTM3PathCalculator, nameof(bw_SRTM3PathCalculator), i, bcount); i++; + StopBackgroundworker(bw_SRTM1PathCalculator, nameof(bw_SRTM1PathCalculator), i, bcount); i++; + StopBackgroundworker(bw_ASTER3PathCalculator, nameof(bw_ASTER3PathCalculator), i, bcount); i++; + StopBackgroundworker(bw_ASTER1PathCalculator, nameof(bw_ASTER1PathCalculator), i, bcount); i++; + StopBackgroundworker(bw_AircraftDatabaseUpdater, nameof(bw_AircraftDatabaseUpdater), i, bcount); i++; + StopBackgroundworker(bw_StationDatabaseUpdater, nameof(bw_StationDatabaseUpdater), i, bcount); i++; + StopBackgroundworker(bw_MapPreloader, nameof(bw_MapPreloader), i, bcount); i++; + StopBackgroundworker(bw_CATUpdater, nameof(bw_CATUpdater), i, bcount); i++; + StopBackgroundworker(bw_CAT, nameof(bw_CAT), i, bcount); i++; + Say("Background threads stopped."); + } + + private void CancelAllBackgroundWorkers() + { + // cancel all background workers, don't wait for finish + if (bw_LocatorGridUpdater != null) + bw_LocatorGridUpdater.CancelAsync(); + if (bw_AirportMapper != null) + bw_AirportMapper.CancelAsync(); + if (bw_PlaneFeed1 != null) + bw_PlaneFeed1.CancelAsync(); + if (bw_PlaneFeed2 != null) + bw_PlaneFeed2.CancelAsync(); + if (bw_PlaneFeed3 != null) + bw_PlaneFeed3.CancelAsync(); + if (bw_WinTestReceive != null) + bw_WinTestReceive.CancelAsync(); + if (bw_SpecLab_Receive != null) + bw_SpecLab_Receive.CancelAsync(); + if (bw_Track != null) + bw_Track.CancelAsync(); + if (bw_JSONWriter != null) + bw_JSONWriter.CancelAsync(); + if (bw_Webserver != null) + bw_Webserver.CancelAsync(); + if (bw_NewsFeed != null) + bw_NewsFeed.CancelAsync(); + if (bw_HistoryDownloader != null) + bw_HistoryDownloader.CancelAsync(); + if (bw_StationDatabaseUpdater != null) + bw_StationDatabaseUpdater.CancelAsync(); + if (bw_AircraftDatabaseMaintainer != null) + bw_AircraftDatabaseMaintainer.CancelAsync(); + if (bw_AircraftDatabaseUpdater != null) + bw_AircraftDatabaseUpdater.CancelAsync(); + if (bw_GLOBEPathCalculator != null) + bw_GLOBEUpdater.CancelAsync(); + if (bw_SRTM3Updater != null) + bw_SRTM3Updater.CancelAsync(); + if (bw_SRTM1Updater != null) + bw_SRTM1Updater.CancelAsync(); + if (bw_ASTER3Updater != null) + bw_ASTER3Updater.CancelAsync(); + if (bw_ASTER1Updater != null) + bw_ASTER1Updater.CancelAsync(); + if (bw_GLOBEPathCalculator != null) + bw_GLOBEPathCalculator.CancelAsync(); + if (bw_SRTM3PathCalculator != null) + bw_SRTM3PathCalculator.CancelAsync(); + if (bw_SRTM1PathCalculator != null) + bw_SRTM1PathCalculator.CancelAsync(); + if (bw_ASTER3PathCalculator != null) + bw_ASTER3PathCalculator.CancelAsync(); + if (bw_ASTER1PathCalculator != null) + bw_ASTER1PathCalculator.CancelAsync(); + if (bw_CATUpdater != null) + bw_CATUpdater.CancelAsync(); + if (bw_CAT != null) + bw_CAT.CancelAsync(); + } + + private Bitmap CreatePlaneIcon(Color color) + { + // get the basic icon + Bitmap bm = new Bitmap(AppDirectory + Path.DirectorySeparatorChar + Properties.Settings.Default.Planes_IconFileName); + // read the content and change color of each pixel + for (int j = 0; j < bm.Width; j++) + { + for (int k = 0; k < bm.Height; k++) + { + // get the color of each pixel + Color c = bm.GetPixel(j, k); + // check if not transparent + if (c.A > 0) + { + // change color + bm.SetPixel(j, k, Color.FromArgb(c.A, color.R, color.G, color.B)); + } + } + } + return bm; + } + + public static Color ColorFromHSV(double hue, double saturation, double value) + { + int hi = Convert.ToInt32(Math.Floor(hue / 60)) % 6; + double f = hue / 60 - Math.Floor(hue / 60); + + value = value * 255; + int v = Convert.ToInt32(value); + int p = Convert.ToInt32(value * (1 - saturation)); + int q = Convert.ToInt32(value * (1 - f * saturation)); + int t = Convert.ToInt32(value * (1 - (1 - f) * saturation)); + + if (hi == 0) + return Color.FromArgb(255, v, t, p); + else if (hi == 1) + return Color.FromArgb(255, q, v, p); + else if (hi == 2) + return Color.FromArgb(255, p, v, t); + else if (hi == 3) + return Color.FromArgb(255, p, q, v); + else if (hi == 4) + return Color.FromArgb(255, t, p, v); + else + return Color.FromArgb(255, v, p, q); + } + + public Color GetColor(double power) + { + double H = power * 0.3; // Hue (note 0.4 = Green, see huge chart below) + double S = 0.95; // Saturation + double B = 0.95; // Brightness + + return ColorFromHSV((float)H * 360, (float)S, (float)B); + } + + private Bitmap CreateAirportIcon(int alpha) + { + // get the basic icon + Bitmap bm = new Bitmap(AppDirectory + Path.DirectorySeparatorChar + Properties.Settings.Default.Airports_IconFileName); + // read the content and change opacity of each pixel + for (int j = 0; j < bm.Width; j++) + { + for (int k = 0; k < bm.Height; k++) + { + // get the color of each pixel + Color c = bm.GetPixel(j, k); + // check if not transparent + if (c.A > 0) + { + // change color + bm.SetPixel(j, k, Color.FromArgb(alpha, c.R, c.G, c.B)); + } + } + } + return bm; + } + + private void InitializeIcons() + { + // create extra icons regular size + Log.WriteMessage("Started."); + try + { + // now generate 0% - 100% colored planes + for (int i = 0; i <= 100; i++) + { + Bitmap bm = CreatePlaneIcon(GetColor(1.0f - (float)i / 100.0f)); + il_Planes_L.Images.Add(bm); + il_Planes_M.Images.Add(bm); + il_Planes_H.Images.Add(bm); + il_Planes_S.Images.Add(bm); + } + il_Planes_L.Images.Add(CreatePlaneIcon(Color.Gray)); + il_Planes_M.Images.Add(CreatePlaneIcon(Color.Gray)); + il_Planes_H.Images.Add(CreatePlaneIcon(Color.Gray)); + il_Planes_S.Images.Add(CreatePlaneIcon(Color.Gray)); + bmindex_gray = il_Planes_M.Images.Count - 1; + il_Planes_L.Images.Add(CreatePlaneIcon(Color.LightGreen)); + il_Planes_M.Images.Add(CreatePlaneIcon(Color.LightGreen)); + il_Planes_H.Images.Add(CreatePlaneIcon(Color.LightGreen)); + il_Planes_S.Images.Add(CreatePlaneIcon(Color.LightGreen)); + bmindex_lightgreen = il_Planes_M.Images.Count - 1; + il_Planes_L.Images.Add(CreatePlaneIcon(Color.DarkOrange)); + il_Planes_M.Images.Add(CreatePlaneIcon(Color.DarkOrange)); + il_Planes_H.Images.Add(CreatePlaneIcon(Color.DarkOrange)); + il_Planes_S.Images.Add(CreatePlaneIcon(Color.DarkOrange)); + bmindex_darkorange = il_Planes_M.Images.Count - 1; + il_Planes_L.Images.Add(CreatePlaneIcon(Color.Red)); + il_Planes_M.Images.Add(CreatePlaneIcon(Color.Red)); + il_Planes_H.Images.Add(CreatePlaneIcon(Color.Red)); + il_Planes_S.Images.Add(CreatePlaneIcon(Color.Red)); + bmindex_red = il_Planes_M.Images.Count - 1; + il_Planes_L.Images.Add(CreatePlaneIcon(Color.Magenta)); + il_Planes_M.Images.Add(CreatePlaneIcon(Color.Magenta)); + il_Planes_H.Images.Add(CreatePlaneIcon(Color.Magenta)); + il_Planes_S.Images.Add(CreatePlaneIcon(Color.Magenta)); + bmindex_magenta = il_Planes_M.Images.Count - 1; + il_Airports.Images.Add(CreateAirportIcon(255)); + } + catch (Exception ex) + { + Log.WriteMessage(ex.ToString(), LogLevel.Error); + } + Log.WriteMessage("Finished."); + } + + private void InitializeCharts() + { + // propagation path chart + pm_Path.Title = String.Empty; + pm_Path.DefaultFontSize = (double)Properties.Settings.Default.Charts_FontSize; + pm_Path.IsLegendVisible = false; + pv_Path.BackColor = Color.White; + pv_Path.Model = pm_Path; + // add axes + pm_Path.Axes.Clear(); + // add X-axis + Path_X.IsZoomEnabled = false; + Path_X.Maximum = 1000; + Path_X.Minimum = 0; + Path_X.MajorGridlineStyle = LineStyle.Solid; + Path_X.MinorGridlineStyle = LineStyle.Dot; + Path_X.Position = AxisPosition.Bottom; + this.pm_Path.Axes.Add(Path_X); + // add Y-axis + Path_Y.IsZoomEnabled = false; + Path_Y.Maximum = 20000; + Path_Y.Minimum = 0; + Path_Y.MajorGridlineStyle = LineStyle.Solid; + Path_Y.MinorGridlineStyle = LineStyle.Dot; + Path_Y.Position = AxisPosition.Left; + this.pm_Path.Axes.Add(Path_Y); + // add series + pm_Path.Series.Clear(); + Path_Elevation.Title = "Elevation"; + Min_H1.Title = "Min_H1"; + Min_H1.StrokeThickness = 2; + Min_H1.LineStyle = LineStyle.Solid; + Min_H1.Color = OxyColors.Red; + Min_H2.Title = "Min_H2"; + Min_H2.StrokeThickness = 2; + Min_H2.LineStyle = LineStyle.Solid; + Min_H2.Color = OxyColors.Gold; + Max_H.Title = "Max_H"; + Max_H.StrokeThickness = 2; + Max_H.LineStyle = LineStyle.Dot; + Max_H.Color = OxyColors.DarkBlue; + Min_H.Title = "Min_H"; + Min_H.StrokeThickness = 0; + Min_H.LineStyle = LineStyle.Solid; + Min_H.Color = OxyColors.Magenta.ChangeSaturation(0.4); + Planes_Hi.Title = "Planes_Hi"; + Planes_Hi.Color = OxyColors.Transparent; + Planes_Hi.MarkerType = MarkerType.Square; + Planes_Hi.MarkerFill = OxyColors.Magenta; + Planes_Lo.Title = "Planes_Lo"; + Planes_Lo.Color = OxyColors.Transparent; + Planes_Lo.MarkerType = MarkerType.Square; + Planes_Lo.MarkerFill = OxyColors.Gray; + pm_Path.Series.Add(Path_Elevation); + pm_Path.Series.Add(Min_H1); + pm_Path.Series.Add(Min_H2); + pm_Path.Series.Add(Max_H); + pm_Path.Series.Add(Min_H); + pm_Path.Series.Add(Planes_Hi); + pm_Path.Series.Add(Planes_Lo); + // add legend + pm_Path.LegendTitle = ""; + pm_Path.LegendPosition = LegendPosition.TopRight; + pm_Path.LegendBackground = OxyColors.White; + pm_Path.LegendBorder = OxyColors.Black; + pm_Path.LegendBorderThickness = 1; + // add control + this.tp_Elevation.Controls.Add(pv_Path); + pv_Path.Paint += new PaintEventHandler(pv_Path_Paint); + + // zoomed elevation chart + pm_Elevation.Title = String.Empty; + pm_Elevation.DefaultFontSize = (double)Properties.Settings.Default.Charts_FontSize; + pm_Elevation.IsLegendVisible = false; + pv_Elevation.BackColor = Color.White; + pv_Elevation.Model = pm_Elevation; + // add series + pm_Elevation.Series.Clear(); + Elevation.Title = "Elevation"; + LOS.Title = "LOS"; + LOS.StrokeThickness = 2; + LOS.Color = OxyColors.Black; + pm_Elevation.Series.Add(Elevation); + pm_Elevation.Series.Add(LOS); + // create axes + pm_Elevation.Axes.Clear(); + // add X-axis + Elevation_X.IsZoomEnabled = false; + Elevation_X.Maximum = 1000; + Elevation_X.Minimum = 0; + Elevation_X.MajorGridlineStyle = LineStyle.Solid; + Elevation_X.MinorGridlineStyle = LineStyle.Dot; + Elevation_X.Position = AxisPosition.Bottom; + this.pm_Elevation.Axes.Add(Elevation_X); + // add Y-axis + Elevation_Y.IsZoomEnabled = false; + // auto size maximum + // Elevation_Y.Maximum = maxelv, + Elevation_Y.Minimum = 0; + Elevation_Y.MajorGridlineStyle = LineStyle.Solid; + Elevation_Y.MinorGridlineStyle = LineStyle.Dot; + Elevation_Y.Position = AxisPosition.Left; + this.pm_Elevation.Axes.Add(Elevation_Y); + // add legend + pm_Elevation.LegendTitle = ""; + pm_Elevation.LegendPosition = LegendPosition.TopRight; + pm_Elevation.LegendBackground = OxyColors.White; + pm_Elevation.LegendBorder = OxyColors.Black; + pm_Elevation.LegendBorderThickness = 1; + // add control + this.tp_Elevation.Controls.Add(pv_Elevation); + + // spectrum chart + pm_Spectrum.Title = String.Empty; + pm_Spectrum.DefaultFontSize = (double)Properties.Settings.Default.Charts_FontSize; + pv_Spectrum.BackColor = Color.White; + pv_Spectrum.Model = pm_Spectrum; + // add Spectrum series + pm_Spectrum.Series.Clear(); + // create axes + pm_Spectrum.Axes.Clear(); + // add X-axis + Spectrum_X.IsZoomEnabled = false; + Spectrum_X.Maximum = SpectrumMaxPoints; + Spectrum_X.Minimum = 0; + Spectrum_X.MajorGridlineStyle = LineStyle.Solid; + Spectrum_X.MinorGridlineStyle = LineStyle.Dot; + Spectrum_X.Position = AxisPosition.Bottom; + this.pm_Spectrum.Axes.Add(Spectrum_X); + // add Y-axis + Spectrum_Y.IsZoomEnabled = false; + Spectrum_Y.Maximum = 0; + Spectrum_Y.Minimum = -120; + Spectrum_Y.MajorGridlineStyle = LineStyle.Solid; + Spectrum_Y.MinorGridlineStyle = LineStyle.Dot; + Spectrum_Y.Position = AxisPosition.Left; + this.pm_Spectrum.Axes.Add(Spectrum_Y); + // add series + SpectrumRecord.Color = OxyColors.Magenta; + pm_Spectrum.Series.Add(SpectrumRecord); + Spectrum.InterpolationAlgorithm = OxyPlot.InterpolationAlgorithms.CanonicalSpline; + Spectrum.StrokeThickness = 3; + Spectrum.Color = OxyColors.Goldenrod; + pm_Spectrum.Series.Add(Spectrum); + // add control + this.pv_Spectrum.Dock = DockStyle.Fill; + this.gb_Spectrum.Controls.Add(pv_Spectrum); + return; + + } + + private void InitializeWebbrowser() + { + // do not initialize webbrowser --> not working on all Linux systems + if (SupportFunctions.IsMono) + return; + // iniitialize webbrowser on Windows + this.wb_News = new System.Windows.Forms.WebBrowser(); + // + // wb_News + // + this.wb_News.DataBindings.Add(new System.Windows.Forms.Binding("Url", global::AirScout.Properties.Settings.Default, "News_URL", true, System.Windows.Forms.DataSourceUpdateMode.OnPropertyChanged)); + this.wb_News.Dock = System.Windows.Forms.DockStyle.Fill; + this.wb_News.Location = new System.Drawing.Point(0, 0); + this.wb_News.MinimumSize = new System.Drawing.Size(20, 20); + this.wb_News.Name = "wb_News"; + this.wb_News.Size = new System.Drawing.Size(844, 197); + this.wb_News.TabIndex = 0; + this.wb_News.ScriptErrorsSuppressed = true; + this.wb_News.Url = global::AirScout.Properties.Settings.Default.News_URL; + this.tp_News.Controls.Add(this.wb_News); + } + + private void UpdateAirports() + { + // clear airports first + gmo_Airports.Clear(); + if (!Properties.Settings.Default.Airports_Activate) + return; + if ((Airports == null) || (Airports.Count == 0)) + return; + foreach (AirportDesignator airport in Airports) + { + try + { + GMarkerGoogle gm = new GMarkerGoogle(new PointLatLng(airport.Lat, airport.Lon), ToolTipFont, RotateImageByAngle(il_Airports.Images[0], 0)); + gm.ToolTipText = airport.Airport + "\n" + + airport.IATA + "/" + airport.ICAO; + gm.ToolTipMode = MarkerTooltipMode.OnMouseOver; + gm.Tag = airport.IATA + "," + airport.ICAO; + gmo_Airports.Markers.Add(gm); + } + catch (Exception ex) + { + Log.WriteMessage(ex.ToString(), LogLevel.Error); + } + } + gm_Main.Refresh(); + } + + private void ti_Startup_Tick(object sender, EventArgs e) + { + FinishStartup(); + ti_Startup.Stop(); + } + + + #endregion + + #region User Settings + + private string GetUserSettingsPath() + { + if (!SupportFunctions.IsMono) + return ConfigurationManager.OpenExeConfiguration(ConfigurationUserLevel.PerUserRoamingAndLocal).FilePath; + + // try to build a path to user specific settings under Linux/Mono + string usersettingspath = Environment.GetFolderPath(Environment.SpecialFolder.LocalApplicationData); + usersettingspath = Path.Combine(usersettingspath, Application.CompanyName, AppDomain.CurrentDomain.FriendlyName); + usersettingspath += "_Url_"; + Assembly assembly = Assembly.GetEntryAssembly(); + if (assembly == null) + { + assembly = Assembly.GetCallingAssembly(); + } + byte[] pkt = assembly.GetName().GetPublicKeyToken(); + byte[] hash = SHA1.Create().ComputeHash((pkt != null && pkt.Length > 0) ? pkt : Encoding.UTF8.GetBytes(assembly.EscapedCodeBase)); + StringBuilder evidence_string = new StringBuilder(); + byte[] array = hash; + for (int i = 0; i < array.Length; i++) + { + byte b = array[i]; + evidence_string.AppendFormat("{0:x2}", b); + } + usersettingspath += evidence_string.ToString(); + if (!Directory.Exists(usersettingspath)) + { + Directory.CreateDirectory(usersettingspath); + } + usersettingspath = Path.Combine(usersettingspath, "user.config"); + return usersettingspath; + } + + private void LoadSettingsFromJSON(ApplicationSettingsBase settings) + { + string filename = GetUserSettingsPath().Replace("user.config", settings.GetType().FullName + ".json"); + + if (!File.Exists(filename)) + return; + JsonSerializerSettings serializersettings = new JsonSerializerSettings(); + Dictionary props = + JsonConvert.DeserializeObject>(File.ReadAllText(filename)); + foreach (string key in props.Keys) + { + try + { + settings[key] = JsonConvert.DeserializeObject(props[key], settings.Properties[key].PropertyType); + } + catch (Exception ex) + { + Console.WriteLine("Error while loading user setting: " + ex.ToString()); + } + } + } + + private void LoadUserSettings() + { + try + { + Console.WriteLine("Loading user settings..."); + + if (!SupportFunctions.IsMono) + { + // use Windows standard Properties.Settings.Default behavoir + AirScout.PlaneFeeds.Properties.Settings.Default.Reload(); + ScoutBase.Elevation.Properties.Settings.Default.Reload(); + ScoutBase.Stations.Properties.Settings.Default.Reload(); + ScoutBase.Propagation.Properties.Settings.Default.Reload(); + AirScout.Aircrafts.Properties.Settings.Default.Reload(); + Properties.Settings.Default.Reload(); + + return; + } + + // Mono hack to assure that default values were initilaized + AirScout.PlaneFeeds.Properties.Settings.Default.Reset(); + ScoutBase.Elevation.Properties.Settings.Default.Reset(); + ScoutBase.Stations.Properties.Settings.Default.Reset(); + ScoutBase.Propagation.Properties.Settings.Default.Reset(); + AirScout.Aircrafts.Properties.Settings.Default.Reset(); + Properties.Settings.Default.Reset(); + + // Rather load settings as JSON + LoadSettingsFromJSON(ScoutBase.Elevation.Properties.Settings.Default); + LoadSettingsFromJSON(ScoutBase.Stations.Properties.Settings.Default); + LoadSettingsFromJSON(ScoutBase.Propagation.Properties.Settings.Default); + LoadSettingsFromJSON(AirScout.Aircrafts.Properties.Settings.Default); + LoadSettingsFromJSON(Properties.Settings.Default); + + Console.WriteLine("Loading user settings finished successfully."); + } + catch (Exception ex) + { + Console.WriteLine("Error while loading user settings: " + ex.ToString(), LogLevel.Error); + } + } + + private void SaveSettingsToJSON(ApplicationSettingsBase settings) + { + string filename = GetUserSettingsPath().Replace("user.config", settings.GetType().FullName + ".json"); + + Dictionary props = new Dictionary(); + foreach (SettingsProperty prop in settings.Properties) + { + props.Add(prop.Name, JsonConvert.SerializeObject(settings[prop.Name])); + } + File.WriteAllText(filename, JsonConvert.SerializeObject(props, Newtonsoft.Json.Formatting.Indented)); + } + + private void SaveUserSettings() + { + try + { + Console.WriteLine("Saving configuration, FirstRun = " + Properties.Settings.Default.FirstRun); + Log.WriteMessage("Saving configuration..."); + + if (!SupportFunctions.IsMono) + { + // save all settings + ScoutBase.Elevation.Properties.Settings.Default.Save(); + ScoutBase.Stations.Properties.Settings.Default.Save(); + ScoutBase.Propagation.Properties.Settings.Default.Save(); + AirScout.Aircrafts.Properties.Settings.Default.Save(); + Properties.Settings.Default.Save(); + + return; + } + + // Rather save settings as JSON + SaveSettingsToJSON(Properties.Settings.Default); + SaveSettingsToJSON(AirScout.Aircrafts.Properties.Settings.Default); + SaveSettingsToJSON(ScoutBase.Propagation.Properties.Settings.Default); + SaveSettingsToJSON(ScoutBase.Stations.Properties.Settings.Default); + SaveSettingsToJSON(ScoutBase.Elevation.Properties.Settings.Default); + + } + catch (Exception ex) + { + Console.WriteLine("Unable to save settings: " + ex.ToString()); + } + } + + #endregion + + #region Idle + + private void OnIdle(object sender, EventArgs args) + { + } + + #endregion + + #region Closing Down + + private void MapDlg_FormClosing(object sender, FormClosingEventArgs e) + { + if (Log != null) + { + Log.WriteMessage(Application.ProductName + " is closing."); + // flush the Log for the first time to save all messages + Log.FlushLog(); + } + + // stop tracking when in TRACK mode + if (TrackMode == AIRSCOUTTRACKMODE.TRACK) + { + TrackMode = AIRSCOUTTRACKMODE.NONE; + } + // stop playing when in PLAY mode + if (PlayMode != AIRSCOUTPLAYMODE.PAUSE) + Pause(); + + //save window size, state and location + if (this.WindowState == FormWindowState.Normal) + { + Properties.Settings.Default.General_WindowSize = this.Size; + Properties.Settings.Default.General_WindowLocation = this.Location; + } + else + { + Properties.Settings.Default.General_WindowSize = this.RestoreBounds.Size; + Properties.Settings.Default.General_WindowLocation = this.RestoreBounds.Location; + } + Properties.Settings.Default.General_WindowState = this.WindowState; + + // save properties to file + SaveUserSettings(); + + Say("Waiting for background threads to close..."); + // close background threads, save database and settings + try + { + // cancel background workers + // causes ThreadAbortExceptions on Linux ?!? + try + { + CancelAllBackgroundWorkers(); + } + catch (Exception ex) + { + + } + // save splitter positions + Properties.Settings.Default.MainSplitter_Distance = MainSplitterDistance; + Properties.Settings.Default.MapSplitter_Distance = MapSplitterDistance; + // stop tracking + TrackMode = AIRSCOUTTRACKMODE.NONE; + } + catch (Exception ex) + { + Log.WriteMessage(ex.ToString(), LogLevel.Error); + } + finally + { + // save InMemory databases if any + if (StationData.Database.IsInMemory()) + { + Stopwatch st = new Stopwatch(); + st.Start(); + SayDatabase("Saving station database..."); + StationData.Database.BackupDatabase(); + st.Stop(); + Log.WriteMessage("Station database saved, " + st.ElapsedMilliseconds.ToString() + " ms."); + } + if (PropagationData.Database.IsInMemory(ELEVATIONMODEL.GLOBE)) + { + Stopwatch st = new Stopwatch(); + st.Start(); + SayDatabase("Saving GLOBE database..."); + PropagationData.Database.BackupDatabase(ELEVATIONMODEL.GLOBE); + st.Stop(); + Log.WriteMessage("Propagation database GLOBE saved, " + st.ElapsedMilliseconds.ToString() + " ms."); + } + if (PropagationData.Database.IsInMemory(ELEVATIONMODEL.SRTM3)) + { + Stopwatch st = new Stopwatch(); + st.Start(); + SayDatabase("Saving SRTM3 database..."); + PropagationData.Database.BackupDatabase(ELEVATIONMODEL.SRTM3); + st.Stop(); + Log.WriteMessage("Propagation database SRTM3 saved, " + st.ElapsedMilliseconds.ToString() + " ms."); + } + if (PropagationData.Database.IsInMemory(ELEVATIONMODEL.SRTM1)) + { + Stopwatch st = new Stopwatch(); + st.Start(); + SayDatabase("Saving SRTM1 database..."); + PropagationData.Database.BackupDatabase(ELEVATIONMODEL.SRTM1); + st.Stop(); + Log.WriteMessage("Propagation database SRTM1 saved, " + st.ElapsedMilliseconds.ToString() + " ms."); + } + if (PropagationData.Database.IsInMemory(ELEVATIONMODEL.ASTER3)) + { + Stopwatch st = new Stopwatch(); + st.Start(); + SayDatabase("Saving ASTER3 database..."); + PropagationData.Database.BackupDatabase(ELEVATIONMODEL.ASTER3); + st.Stop(); + Log.WriteMessage("Propagation database ASTER3 saved, " + st.ElapsedMilliseconds.ToString() + " ms."); + } + if (PropagationData.Database.IsInMemory(ELEVATIONMODEL.ASTER1)) + { + Stopwatch st = new Stopwatch(); + st.Start(); + SayDatabase("Saving ASTER1 database..."); + PropagationData.Database.BackupDatabase(ELEVATIONMODEL.ASTER1); + st.Stop(); + Log.WriteMessage("Propagation database ASTER1 saved, " + st.ElapsedMilliseconds.ToString() + " ms."); + } + if (AircraftData.Database.IsInMemory()) + { + Stopwatch st = new Stopwatch(); + st.Start(); + SayDatabase("Saving aircraft database..."); + AircraftData.Database.BackupDatabase(); + st.Stop(); + Log.WriteMessage("Aircraft database saved, " + st.ElapsedMilliseconds.ToString() + " ms."); + } + + // flush the Log again in case of any exception to save all messages + Log.FlushLog(); + } + } + + private void MapDlg_FormClosed(object sender, FormClosedEventArgs e) + { + Log.WriteMessage(Application.ProductName + " is closed."); + // flush the Log for the first time to save all messages + Log.FlushLog(); + } + + #endregion + + + #region Service Functions + + private void Say(string text) + { + try + { + if (String.Compare(tsl_Status.Text, text) == 0) + return; + tsl_Status.Text = text; + } + catch (Exception ex) + { + + } + } + + private void SayDatabase(string text) + { + try + { + if (String.Compare(tsl_Database.Text, text) == 0) + return; + tsl_Database.Text = text; + } + catch (Exception ex) + { + + } + } + + private void SayCalculations(string text) + { + try + { + if (String.Compare(tsl_Calculations.Text, text) == 0) + return; + tsl_Calculations.Text = text; + } + catch (Exception ex) + { + + } + } + + private void SayAnalysis(string text) + { + try + { + if (String.Compare(tb_Analysis_Status.Text, text) == 0) + return; + tb_Analysis_Status.Text = text; + tb_Analysis_Status.Refresh(); + } + catch (Exception ex) + { + + } + } + + private void SayTrack(string text, Color forecolor, Color backcolor) + { + try + { + if (tsl_Track.Text != text) + { + tsl_Track.Text = text; + } + if (tsl_Track.ForeColor != forecolor) + { + tsl_Track.ForeColor = forecolor; + } + if (tsl_Track.BackColor != backcolor) + { + tsl_Track.BackColor = backcolor; + } + } + catch (Exception ex) + { + // do nothing + } + } + + private void SayRot(string text, Color forecolor, Color backcolor) + { + try + { + if (tsl_Rot.Text != text) + { + tsl_Rot.Text = text; + } + if (tsl_Rot.ForeColor != forecolor) + { + tsl_Rot.ForeColor = forecolor; + } + if (tsl_Rot.BackColor != backcolor) + { + tsl_Rot.BackColor = backcolor; + } + } + catch (Exception ex) + { + // do nothing + } + } + + private void SayCAT(string text, Color forecolor, Color backcolor) + { + try + { + if (tsl_CAT.Text != text) + { + tsl_CAT.Text = text; + } + if (tsl_CAT.ForeColor != forecolor) + { + tsl_CAT.ForeColor = forecolor; + } + if (tsl_CAT.BackColor != backcolor) + { + tsl_CAT.BackColor = backcolor; + } + } + catch (Exception ex) + { + // do nothing + } + } + + private void UpdateStatus() + { + // upddate TextBoxes + tb_UTC.Text = CurrentTime.ToString("yyyy-MM-dd HH:mm:ss"); + if (Properties.Settings.Default.Time_Mode_Online) + tb_UTC.BackColor = Color.LightSalmon; + else + tb_UTC.BackColor = Color.Plum; + string call = Properties.Settings.Default.MyCall; + cb_MyCall.SilentText = Properties.Settings.Default.MyCall; + cb_MyLoc.SilentText = MaidenheadLocator.LocFromLatLon(Properties.Settings.Default.MyLat, Properties.Settings.Default.MyLon, + Properties.Settings.Default.Locator_SmallLettersForSubsquares, + (int)Properties.Settings.Default.Locator_MaxLength / 2, + Properties.Settings.Default.Locator_AutoLength); + cb_DXCall.Text = Properties.Settings.Default.DXCall; + cb_DXLoc.SilentText = MaidenheadLocator.LocFromLatLon(Properties.Settings.Default.DXLat, + Properties.Settings.Default.DXLon, + Properties.Settings.Default.Locator_SmallLettersForSubsquares, + (int)Properties.Settings.Default.Locator_MaxLength / 2, + Properties.Settings.Default.Locator_AutoLength); + if (MaidenheadLocator.Check(cb_MyLoc.Text) && MaidenheadLocator.Check(cb_DXLoc.Text)) + { + tb_QTF.Text = Math.Round(LatLon.Bearing(Properties.Settings.Default.MyLat, + Properties.Settings.Default.MyLon, + Properties.Settings.Default.DXLat, + Properties.Settings.Default.DXLon)).ToString("F0"); + tb_QRB.Text = Math.Round(LatLon.Distance(Properties.Settings.Default.MyLat, + Properties.Settings.Default.MyLon, + Properties.Settings.Default.DXLat, + Properties.Settings.Default.DXLon)).ToString("F0"); + } + else + { + tb_QRB.Text = "0"; + tb_QTF.Text = "0"; + } + // colour Textbox if more precise lat/lon information is available + if (MaidenheadLocator.IsPrecise(Properties.Settings.Default.MyLat, Properties.Settings.Default.MyLon, 3)) + { + cb_MyLoc.BackColor = Color.PaleGreen; + } + else + { + cb_MyLoc.BackColor = Color.FloralWhite; + } + // colour Textbox if more precise lat/lon information is available + if (MaidenheadLocator.IsPrecise(Properties.Settings.Default.DXLat, Properties.Settings.Default.DXLon, 3)) + { + cb_DXLoc.BackColor = Color.PaleGreen; + } + else + { + cb_DXLoc.BackColor = Color.FloralWhite; + } + cb_Band.SelectedItem = Bands.GetStringValue(Properties.Settings.Default.Band); + } + + private void Alarm(string msg) + { + if (Properties.Settings.Default.Alarm_Activate) + { + gb_Map_Alarms.BackColor = Color.Plum; + if (Properties.Settings.Default.Alarm_BringWindowToFront) + { + // try different methods to bring the window to front under WinXP and Win7 + this.TopMost = true; + SetForegroundWindow(this.Handle); + // restore window size, state and location + try + { + this.WindowState = Properties.Settings.Default.General_WindowState; + this.Size = Properties.Settings.Default.General_WindowSize; + this.Location = Properties.Settings.Default.General_WindowLocation; + } + catch (Exception ex) + { + // do nothing if failed + Log.WriteMessage(ex.ToString(), LogLevel.Error); + } + this.BringToFront(); + this.Activate(); + this.TopMost = false; + } + if (Properties.Settings.Default.Alarm_PlaySound) + System.Media.SystemSounds.Beep.Play(); + } + } + + private void MapSave() + { + Log.WriteMessage("Started."); + try + { + Bitmap bmp = new Bitmap(this.Width, this.Height); + this.DrawToBitmap(bmp, new System.Drawing.Rectangle(new System.Drawing.Point(0, 0), this.Size)); + EncoderParameters encoderParameters = new EncoderParameters(1); + encoderParameters.Param[0] = new EncoderParameter(System.Drawing.Imaging.Encoder.Quality, 100L); + ImageCodecInfo[] codecs = ImageCodecInfo.GetImageDecoders(); + foreach (ImageCodecInfo codec in codecs) + { + if (codec.FormatID == System.Drawing.Imaging.ImageFormat.Jpeg.Guid) + { + bmp.Save(TmpDirectory + Path.DirectorySeparatorChar + Properties.Settings.Default.Band + "_" + Properties.Settings.Default.MyCall.Replace("/", "_") + "_" + Properties.Settings.Default.DXCall.Replace("/", "_") + "_" + CurrentTime.ToString("yyyyMMdd") + "_" + CurrentTime.ToString("HHmmss") + ".jpg", codec, encoderParameters); + } + } + } + catch (Exception ex) + { + Log.WriteMessage(ex.ToString(), LogLevel.Error); + } + Log.WriteMessage("Finished."); + } + + + private void cb_Alarms_Activate_CheckedChanged(object sender, EventArgs e) + { + if (!cb_Alarms_Activate.Checked) + gb_Map_Alarms.BackColor = SystemColors.Control; + } + + private void tb_UTC_MouseDoubleClick(object sender, MouseEventArgs e) + { + if (PlayMode != AIRSCOUTPLAYMODE.PAUSE) + return; + SetTimeDlg Dlg = new SetTimeDlg(); + Dlg.cb_Time_Online.Checked = Properties.Settings.Default.Time_Mode_Online; + Dlg.dtp_SetTimeDlg_Start.Value = Properties.Settings.Default.Time_Offline; + if (Dlg.ShowDialog() == System.Windows.Forms.DialogResult.OK) + { + Properties.Settings.Default.Time_Offline = Dlg.dtp_SetTimeDlg_Start.Value; + Properties.Settings.Default.Time_Mode_Online = Dlg.cb_Time_Online.Checked; + UpdateStatus(); + } + } + + private void UpdateLocation(string call, double lat, double lon, GEOSOURCE source) + { + // update callsign database with new lat/lon info + if (Callsign.Check(call)) + StationData.Database.LocationInsertOrUpdateIfNewer(new LocationDesignator(call, lat, lon, source)); + } + + public LocationDesignator LocationFindOrCreate(string call, string loc) + { + // check all parameters + if (!Callsign.Check(call)) + return null; + if (!MaidenheadLocator.Check(loc)) + return null; + // get location info + LocationDesignator ld = StationData.Database.LocationFindOrCreate(call, loc); + // get elevation + ld.Elevation = GetElevation(ld.Lat, ld.Lon); + ld.BestCaseElevation = false; + // modify location in case of best case elevation is selected --> but do not store in database or settings! + if (Properties.Settings.Default.Path_BestCaseElevation) + { + if (!MaidenheadLocator.IsPrecise(ld.Lat, ld.Lon, 3)) + { + ElvMinMaxInfo maxinfo = GetMinMaxElevationLoc(ld.Loc); + if (maxinfo.MaxElv != ElevationData.Database.ElvMissingFlag) + { + ld.Lat = maxinfo.MaxLat; + ld.Lon = maxinfo.MaxLon; + ld.Elevation = maxinfo.MaxElv; + ld.BestCaseElevation = true; + } + } + } + return ld; + } + + public LocationDesignator LocationFindOrUpdateOrCreate(string call, double lat, double lon) + { + // check all parameters + if (!Callsign.Check(call)) + return null; + if (!GeographicalPoint.Check(lat, lon)) + return null; + // get location info + LocationDesignator ld = StationData.Database.LocationFindOrUpdateOrCreate(call, lat, lon); + // get elevation + ld.Elevation = GetElevation(ld.Lat, ld.Lon); + ld.BestCaseElevation = false; + // modify location in case of best case elevation is selected --> but do not store in database or settings! + if (Properties.Settings.Default.Path_BestCaseElevation) + { + if (!MaidenheadLocator.IsPrecise(ld.Lat, ld.Lon, 3)) + { + ElvMinMaxInfo maxinfo = GetMinMaxElevationLoc(ld.Loc); + if (maxinfo.MaxElv != ElevationData.Database.ElvMissingFlag) + { + ld.Lat = maxinfo.MaxLat; + ld.Lon = maxinfo.MaxLon; + ld.Elevation = maxinfo.MaxElv; + ld.BestCaseElevation = true; + } + } + } + return ld; + } + + public LocationDesignator LocationFind(string call, string loc = "") + { + // check all parameters + if (!Callsign.Check(call)) + return null; + if (!String.IsNullOrEmpty(loc) && !MaidenheadLocator.Check(loc)) + return null; + // get location info + LocationDesignator ld = (String.IsNullOrEmpty(loc)) ? StationData.Database.LocationFind(call) : StationData.Database.LocationFind(call, loc); + // return null if not found + if (ld == null) + return null; + // get elevation + ld.Elevation = GetElevation(ld.Lat, ld.Lon); + ld.BestCaseElevation = false; + // modify location in case of best case elevation is selected --> but do not store in database or settings! + if (Properties.Settings.Default.Path_BestCaseElevation) + { + if (!MaidenheadLocator.IsPrecise(ld.Lat, ld.Lon, 3)) + { + ElvMinMaxInfo maxinfo = GetMinMaxElevationLoc(ld.Loc); + if (maxinfo.MaxElv != ElevationData.Database.ElvMissingFlag) + { + ld.Lat = maxinfo.MaxLat; + ld.Lon = maxinfo.MaxLon; + ld.Elevation = maxinfo.MaxElv; + ld.BestCaseElevation = true; + } + } + } + return ld; + } + + public short GetElevation(string loc) + { + return GetElevation(MaidenheadLocator.LatFromLoc(loc), MaidenheadLocator.LonFromLoc(loc)); + } + + public short GetElevation(double lat, double lon) + { + if (!GeographicalPoint.Check(lat, lon)) + return 0; + short elv = ElevationData.Database.ElvMissingFlag; + // try to get elevation data from distinct elevation model + // start with detailed one + if (Properties.Settings.Default.Elevation_ASTER1_Enabled && (elv == ElevationData.Database.ElvMissingFlag)) + elv = ElevationData.Database[lat, lon, ELEVATIONMODEL.ASTER1, false]; + if (Properties.Settings.Default.Elevation_ASTER3_Enabled && (elv == ElevationData.Database.ElvMissingFlag)) + elv = ElevationData.Database[lat, lon, ELEVATIONMODEL.ASTER3, false]; + if (Properties.Settings.Default.Elevation_SRTM1_Enabled && (elv == ElevationData.Database.ElvMissingFlag)) + elv = ElevationData.Database[lat, lon, ELEVATIONMODEL.SRTM1, false]; + if (Properties.Settings.Default.Elevation_SRTM3_Enabled && (elv == ElevationData.Database.ElvMissingFlag)) + elv = ElevationData.Database[lat, lon, ELEVATIONMODEL.SRTM3, false]; + if (Properties.Settings.Default.Elevation_GLOBE_Enabled && (elv == ElevationData.Database.ElvMissingFlag)) + elv = ElevationData.Database[lat, lon, ELEVATIONMODEL.GLOBE, false]; + // set it to zero if still invalid + if (elv <= ElevationData.Database.TileMissingFlag) + elv = 0; + return elv; + } + + public ElvMinMaxInfo GetMinMaxElevationLoc(string loc) + { + ElvMinMaxInfo elv = new ElvMinMaxInfo(); + // try to get elevation data from distinct elevation model + // start with detailed one + if (Properties.Settings.Default.Elevation_ASTER1_Enabled && (elv.MaxElv == ElevationData.Database.ElvMissingFlag)) + { + ElvMinMaxInfo info = ElevationData.Database.GetMaxElvLoc(loc, ELEVATIONMODEL.ASTER1, false); + if (info != null) + { + elv.MaxLat = info.MaxLat; + elv.MaxLon = info.MaxLon; + elv.MaxElv = info.MaxElv; + elv.MinLat = info.MinLat; + elv.MinLon = info.MinLon; + elv.MinElv = info.MinElv; + } + } + if (Properties.Settings.Default.Elevation_ASTER3_Enabled && (elv.MaxElv == ElevationData.Database.ElvMissingFlag)) + { + ElvMinMaxInfo info = ElevationData.Database.GetMaxElvLoc(loc, ELEVATIONMODEL.ASTER3, false); + if (info != null) + { + elv.MaxLat = info.MaxLat; + elv.MaxLon = info.MaxLon; + elv.MaxElv = info.MaxElv; + elv.MinLat = info.MinLat; + elv.MinLon = info.MinLon; + elv.MinElv = info.MinElv; + } + } + if (Properties.Settings.Default.Elevation_SRTM1_Enabled && (elv.MaxElv == ElevationData.Database.ElvMissingFlag)) + { + ElvMinMaxInfo info = ElevationData.Database.GetMaxElvLoc(loc, ELEVATIONMODEL.SRTM1, false); + if (info != null) + { + elv.MaxLat = info.MaxLat; + elv.MaxLon = info.MaxLon; + elv.MaxElv = info.MaxElv; + elv.MinLat = info.MinLat; + elv.MinLon = info.MinLon; + elv.MinElv = info.MinElv; + } + } + if (Properties.Settings.Default.Elevation_SRTM3_Enabled && (elv.MaxElv == ElevationData.Database.ElvMissingFlag)) + { + ElvMinMaxInfo info = ElevationData.Database.GetMaxElvLoc(loc, ELEVATIONMODEL.SRTM3, false); + if (info != null) + { + elv.MaxLat = info.MaxLat; + elv.MaxLon = info.MaxLon; + elv.MaxElv = info.MaxElv; + elv.MinLat = info.MinLat; + elv.MinLon = info.MinLon; + elv.MinElv = info.MinElv; + } + } + if (Properties.Settings.Default.Elevation_GLOBE_Enabled && (elv.MaxElv == ElevationData.Database.ElvMissingFlag)) + { + ElvMinMaxInfo info = ElevationData.Database.GetMaxElvLoc(loc, ELEVATIONMODEL.GLOBE, false); + if (info != null) + { + elv.MaxLat = info.MaxLat; + elv.MaxLon = info.MaxLon; + elv.MaxElv = info.MaxElv; + elv.MinLat = info.MinLat; + elv.MinLon = info.MinLon; + elv.MinElv = info.MinElv; + } + } + /* + // set it to zero if still invalid + if (elv.MaxElv == ElevationData.Database.ElvMissingFlag) + elv.MaxElv = 0; + if (elv.MinElv == ElevationData.Database.ElvMissingFlag) + elv.MinElv = 0; + */ + return elv; + } + + public void SetElevationModel() + { + if (Properties.Settings.Default.Elevation_ASTER1_Enabled) + Properties.Settings.Default.ElevationModel = ELEVATIONMODEL.ASTER1; + else if (Properties.Settings.Default.Elevation_ASTER3_Enabled) + Properties.Settings.Default.ElevationModel = ELEVATIONMODEL.ASTER3; + else if (Properties.Settings.Default.Elevation_SRTM1_Enabled) + Properties.Settings.Default.ElevationModel = ELEVATIONMODEL.SRTM1; + else if (Properties.Settings.Default.Elevation_SRTM3_Enabled) + Properties.Settings.Default.ElevationModel = ELEVATIONMODEL.SRTM3; + else if (Properties.Settings.Default.Elevation_GLOBE_Enabled) + Properties.Settings.Default.ElevationModel = ELEVATIONMODEL.GLOBE; + else + Properties.Settings.Default.ElevationModel = ELEVATIONMODEL.NONE; + } + + public static Font CreateFontFromString(string font) + { + try + { + string[] a = Properties.Settings.Default.Map_ToolTipFont.Split(';'); + string fontfamily = a[0].Trim(); + float emsize = 0; + float.TryParse(a[1].Trim(), NumberStyles.Float, CultureInfo.InvariantCulture, out emsize); + FontStyle fontstyle = 0; + // check if any additional font style is given + if (a.Length > 2) + { + if (a[2].ToUpper().IndexOf("BOLD") >= 0) + fontstyle = fontstyle | FontStyle.Bold; + if (a[2].ToUpper().IndexOf("ITALIC") >= 0) + fontstyle = fontstyle | FontStyle.Italic; + if (a[2].ToUpper().IndexOf("UNDERLINE") >= 0) + fontstyle = fontstyle | FontStyle.Underline; + if (a[2].ToUpper().IndexOf("STRIKEOUT") >= 0) + fontstyle = fontstyle | FontStyle.Strikeout; + } + else + { + fontstyle = FontStyle.Regular; + } + return new Font(fontfamily, emsize, fontstyle, GraphicsUnit.Point); + } + catch + { + + } + return null; + } + + [DllImport("user32.dll")] + [return: MarshalAs(UnmanagedType.Bool)] + static extern bool ShowWindow(IntPtr hWnd, ShowWindowCommands nCmdShow); + + [DllImport("user32.dll")] + [return: MarshalAs(UnmanagedType.Bool)] + static extern bool SetForegroundWindow(IntPtr hWnd); + + enum ShowWindowCommands : int + { + /// + /// Hides the window and activates another window. + /// + Hide = 0, + /// + /// Activates and displays a window. If the window is minimized or + /// maximized, the system restores it to its original size and position. + /// An application should specify this flag when displaying the window + /// for the first time. + /// + Normal = 1, + /// + /// Activates the window and displays it as a minimized window. + /// + ShowMinimized = 2, + /// + /// Maximizes the specified window. + /// + Maximize = 3, // is this the right value? + /// + /// Activates the window and displays it as a maximized window. + /// + ShowMaximized = 3, + /// + /// Displays a window in its most recent size and position. This value + /// is similar to , except + /// the window is not activated. + /// + ShowNoActivate = 4, + /// + /// Activates the window and displays it in its current size and position. + /// + Show = 5, + /// + /// Minimizes the specified window and activates the next top-level + /// window in the Z order. + /// + Minimize = 6, + /// + /// Displays the window as a minimized window. This value is similar to + /// , except the + /// window is not activated. + /// + ShowMinNoActive = 7, + /// + /// Displays the window in its current size and position. This value is + /// similar to , except the + /// window is not activated. + /// + ShowNA = 8, + /// + /// Activates and displays the window. If the window is minimized or + /// maximized, the system restores it to its original size and position. + /// An application should specify this flag when restoring a minimized window. + /// + Restore = 9, + /// + /// Sets the show state based on the SW_* value specified in the + /// STARTUPINFO structure passed to the CreateProcess function by the + /// program that started the application. + /// + ShowDefault = 10, + /// + /// Windows 2000/XP: Minimizes a window, even if the thread + /// that owns the window is not responding. This flag should only be + /// used when minimizing windows from a different thread. + /// + ForceMinimize = 11 + } + + private void ShowOptionsDlg() + { + // disable buttons + btn_Map_PlayPause.Enabled = false; + btn_Map_Save.Enabled = false; + btn_Options.Enabled = false; + + // stop background threads + Say("Waiting for background threads to close...."); + StopAllBackgroundWorkers(); + // save current settings + SaveUserSettings(); + // show options dialog + OptionsDlg Dlg = new OptionsDlg(this); + Say("Options"); + if (Dlg.ShowDialog() == System.Windows.Forms.DialogResult.OK) + { + // save current settings + SaveUserSettings(); + // enbale/disable manage watchlist button + btn_Control_Manage_Watchlist.Enabled = !Properties.Settings.Default.Watchlist_SyncWithKST || !Properties.Settings.Default.Server_Activate; + // Re-initialze charts + InitializeCharts(); + // clear paths cache assuming that new options were set + ElevationPaths.Clear(); + PropagationPaths.Clear(); + // check and update station infos + LocationDesignator ld = StationData.Database.LocationFind(Properties.Settings.Default.MyCall, MaidenheadLocator.LocFromLatLon(Properties.Settings.Default.MyLat, Properties.Settings.Default.MyLon, false,3)); + if ((ld == null) || (ld.Lat != Properties.Settings.Default.MyLat) || (ld.Lon != Properties.Settings.Default.MyLon)) + { + UpdateLocation(Properties.Settings.Default.MyCall, + Properties.Settings.Default.MyLat, + Properties.Settings.Default.MyLon, + MaidenheadLocator.IsPrecise(Properties.Settings.Default.MyLat, Properties.Settings.Default.MyLon, 3) ? GEOSOURCE.FROMUSER : GEOSOURCE.FROMLOC); + } + ld = StationData.Database.LocationFind(Properties.Settings.Default.DXCall, MaidenheadLocator.LocFromLatLon(Properties.Settings.Default.DXLat, Properties.Settings.Default.DXLon, false, 3)); + if ((ld == null) || (ld.Lat != Properties.Settings.Default.DXLat) || (ld.Lon != Properties.Settings.Default.DXLon)) + { + UpdateLocation(Properties.Settings.Default.DXCall, + Properties.Settings.Default.DXLat, + Properties.Settings.Default.DXLon, + MaidenheadLocator.IsPrecise(Properties.Settings.Default.DXLat, Properties.Settings.Default.DXLon, 3) ? GEOSOURCE.FROMUSER : GEOSOURCE.FROMLOC); + } + + // update ToolTipFont + ToolTipFont = CreateFontFromString(Properties.Settings.Default.Map_ToolTipFont); + + // update planefeeds + bw_PlaneFeed1 = null; + bw_PlaneFeed2 = null; + bw_PlaneFeed3 = null; + + if (PlaneFeedPlugins != null) + { + foreach (IPlaneFeedPlugin plugin in PlaneFeedPlugins) + { + if (Properties.Settings.Default.Planes_PlaneFeed1 == plugin.Name) + { + bw_PlaneFeed1 = new PlaneFeed(); + bw_PlaneFeed1.ProgressChanged += new ProgressChangedEventHandler(bw_PlaneFeed_ProgressChanged); + } + if (Properties.Settings.Default.Planes_PlaneFeed2 == plugin.Name) + { + bw_PlaneFeed2 = new PlaneFeed(); + bw_PlaneFeed2.ProgressChanged += new ProgressChangedEventHandler(bw_PlaneFeed_ProgressChanged); + } + if (Properties.Settings.Default.Planes_PlaneFeed3 == plugin.Name) + { + bw_PlaneFeed3 = new PlaneFeed(); + bw_PlaneFeed3.ProgressChanged += new ProgressChangedEventHandler(bw_PlaneFeed_ProgressChanged); + } + } + } + // update timer interval + ti_Progress.Interval = Properties.Settings.Default.Map_Update * 1000; + // update background update intervals + ScoutBase.Elevation.Properties.Settings.Default.Datatbase_BackgroundUpdate_Period = (int)Properties.Settings.Default.Background_Update_Period; + ScoutBase.Stations.Properties.Settings.Default.Database_BackgroundUpdate_Period = (int)Properties.Settings.Default.Background_Update_Period; + AirScout.Aircrafts.Properties.Settings.Default.Database_BackgroundUpdate_Period = (int)Properties.Settings.Default.Background_Update_Period; + // update database path path and elevation model + InitializeDatabase(); + + // resize map window + gm_Main_SizeChanged(this, null); + } + else + { + // nothing was changed --> reload settings + LoadUserSettings(); + } + + // (re)initialize maps + InitializeMaps(); + + // start permanent background workers + StartAllBackgroundWorkers(); + + // enable buttons + btn_Map_PlayPause.Enabled = true; + btn_Map_Save.Enabled = true; + btn_Options.Enabled = true; + + // update status window + UpdateStatus(); + UpdateAirports(); + UpdateWatchlistInMap(); + RefreshWatchlistView(); + + } + + #endregion + + #region Play & Pause + + private void Play() + { + PlayMode = AIRSCOUTPLAYMODE.FORWARD; + // switch tab control according to path mode + if (PathMode == AIRSCOUTPATHMODE.SINGLE) + tc_Control.SelectedTab = tp_Control_Single; + else if (PathMode == AIRSCOUTPATHMODE.MULTI) + tc_Control.SelectedTab = tp_Control_Multi; + + // create distances, if enabled + if (Properties.Settings.Default.Map_ShowDistances) + CreateDistances(); + + // update tab control + tc_Control.Refresh(); + // refresh watch list + RefreshWatchlistView(); + // update all current paths + UpdatePaths(); + // clear spectrum + try + { + Spectrum.Points.Clear(); + SpectrumPointsCount = 0; + Spectrum_X.Reset(); + SpectrumRecord.Points.Clear(); + } + catch (Exception ex) + { + Log.WriteMessage(ex.ToString(), LogLevel.Error); + } + + // Linux/Mono hack to display text in button instead of symbols + if (SupportFunctions.IsMono) + { + btn_Map_PlayPause.Image = null; + btn_Map_PlayPause.Text = "Pause"; + btn_Map_PlayPause.TextAlign = System.Drawing.ContentAlignment.MiddleCenter; + btn_Map_PlayPause.Font = new Font(btn_Map_PlayPause.Font, FontStyle.Bold); + } + else + { + // change button image + btn_Map_PlayPause.Text = ""; + btn_Map_PlayPause.Image = il_Main.Images[0]; + } + + // disable controls + cb_Band.Enabled = false; + btn_Options.Enabled = false; + cb_MyCall.Enabled = false; + cb_MyLoc.Enabled = false; + cb_DXCall.Enabled = false; + cb_DXLoc.Enabled = false; +// tc_Control.Enabled = false; + pa_Planes_Filter.Enabled = false; + gb_Analysis_Controls.Enabled = false; + gb_Analysis_Database.Enabled = false; + gb_Analysis_Player.Enabled = false; + //referesh main window + this.Refresh(); + } + + private void Pause() + { + PlayMode = AIRSCOUTPLAYMODE.PAUSE; + + // Linux/Mono hack to display text in button instead of symbols + if (SupportFunctions.IsMono) + { + btn_Map_PlayPause.Image = null; + btn_Map_PlayPause.Text = "Play"; + btn_Map_PlayPause.TextAlign = System.Drawing.ContentAlignment.MiddleCenter; + btn_Map_PlayPause.Font = new Font(btn_Map_PlayPause.Font, FontStyle.Bold); + } + else + { + // change button image + btn_Map_PlayPause.Text = ""; + btn_Map_PlayPause.Image = il_Main.Images[1]; + } + // update tab control + tc_Control.Refresh(); + // enable controls + cb_Band.Enabled = true; + btn_Options.Enabled = true; + cb_MyCall.Enabled = true; + cb_MyLoc.Enabled = true; + cb_DXCall.Enabled = true; + cb_DXLoc.Enabled = true; + tc_Control.Enabled = true; + pa_Planes_Filter.Enabled = true; + gb_Analysis_Controls.Enabled = true; + gb_Analysis_Database.Enabled = true; + gb_Analysis_Player.Enabled = true; + tc_Main.Enabled = true; + tc_Map.Enabled = true; + // stop tracking + TrackMode = AIRSCOUTTRACKMODE.NONE; + //referesh main window + this.Refresh(); + } + + #endregion + + #region Paths + + private double GetMinH(double max_alt, double H1, double H2) + { + double max = Math.Max(H1, H2); + if (max <= max_alt) + return max; + return max_alt; + } + + private void ClearAllPathsInMap() + { + gmo_PropagationPaths.Clear(); + } + + private void DrawPath(PropagationPathDesignator ppath) + { + // draws a propagation path to map + PropagationPoint[] ppoints = new PropagationPoint[0]; + try + { + // get infopoints for map + ppoints = ppath.GetInfoPoints(); + // calculate midpoint + ScoutBase.Core.LatLon.GPoint midpoint = LatLon.MidPoint(ppath.Lat1, ppath.Lon1, ppath.Lat2, ppath.Lon2); + GMapMarker gmmid = new GMarkerGoogle(new PointLatLng(midpoint.Lat, midpoint.Lon), ToolTipFont, ((PathMode == AIRSCOUTPATHMODE.MULTI) && Properties.Settings.Default.Map_SmallMarkers) ? GMarkerGoogleType.blue_small : GMarkerGoogleType.blue_dot); + gmmid.ToolTipText = ppath.Location1.Call + " <> " + ppath.Location2.Call; + gmmid.ToolTipMode = MarkerTooltipMode.OnMouseOver; + gmo_CallsignDetails.Markers.Add(gmmid); + // calculate dx end + gmm_DXLoc = new GMarkerGoogle(new PointLatLng(ppath.Lat2, ppath.Lon2), ToolTipFont, ((PathMode == AIRSCOUTPATHMODE.MULTI) && Properties.Settings.Default.Map_SmallMarkers) ? GMarkerGoogleType.yellow_small : GMarkerGoogleType.yellow_dot); + gmm_DXLoc.ToolTipText = ppath.Location2.Call + "\n" + + ppath.Location2.Lat.ToString("F8", CultureInfo.InvariantCulture) + "\n" + + ppath.Location2.Lon.ToString("F8", CultureInfo.InvariantCulture) + "\n" + + ppath.Location2.Loc + "\n" + + GetElevation(ppath.Location2.Lat, ppath.Location2.Lon).ToString("F0") + "m\n" + + LatLon.Bearing(ppath.Location1.Lat, ppath.Location1.Lon, ppath.Location2.Lat, ppath.Location2.Lon).ToString("F0") + "°\n" + + LatLon.Distance(ppath.Location1.Lat, ppath.Location1.Lon, ppath.Location2.Lat, ppath.Location2.Lon).ToString("F0") + "km"; + if (Properties.Settings.Default.Track_Activate) + gmm_DXLoc.ToolTipText += "\nRight+Click to Turn Antenna"; + gmm_DXLoc.ToolTipMode = MarkerTooltipMode.OnMouseOver; + gmm_DXLoc.Tag = ppath.Location2.Call; + gmo_CallsignDetails.Markers.Add(gmm_DXLoc); + // set three small points for hot path, if one + if (!Properties.Settings.Default.Map_SmallMarkers) + { + int i1 = -1; + int i3 = -1; + for (int i = 0; i < ppoints.Length; i++) + { + if (Math.Max(ppoints[i].H1, ppoints[i].H2) < Properties.Settings.Default.Planes_MaxAlt) + { + if (i1 == -1) + i1 = i; + else i3 = i; + + } + } + if ((i1 >= 0) && (i3 >= 0)) + { + GMapMarker gmi1 = new GMarkerGoogle(new PointLatLng(ppoints[i1].Lat, ppoints[i1].Lon), GMarkerGoogleType.red_small); + gmo_Objects.Markers.Add(gmi1); + LatLon.GPoint gp = LatLon.MidPoint(ppoints[i1].Lat, ppoints[i1].Lon, ppoints[i3].Lat, ppoints[i3].Lon); + GMapMarker gmi2 = new GMarkerGoogle(new PointLatLng(gp.Lat, gp.Lon), GMarkerGoogleType.blue_small); + gmo_Objects.Markers.Add(gmi2); + GMapMarker gmi3 = new GMarkerGoogle(new PointLatLng(ppoints[i3].Lat, ppoints[i3].Lon), GMarkerGoogleType.yellow_small); + gmo_Objects.Markers.Add(gmi3); + } + } + // draw propagation path according to path status + // valid: black + // invalid: red + gmr_FullPath = new GMapRoute("fullpath"); + gmr_FullPath.Stroke = (ppath.Valid) ? new Pen(Color.Black, 3) : new Pen(Color.Red, 3); + gmo_PropagationPaths.Routes.Add(gmr_FullPath); + gmr_NearestFull = new GMapRoute("fullpath"); + gmr_NearestFull.Stroke = (ppath.Valid) ? new Pen(Color.Black, 3) : new Pen(Color.Red, 3); + gmo_NearestPaths.Routes.Add(gmr_NearestFull); + foreach (PropagationPoint ppoint in ppoints) + { + gmr_FullPath.Points.Add(new PointLatLng(ppoint.Lat, ppoint.Lon)); + gmr_NearestFull.Points.Add(new PointLatLng(ppoint.Lat, ppoint.Lon)); + } + // draw mutual visible path + gmr_VisiblePpath = new GMapRoute("visiblepath"); + gmr_VisiblePpath.Stroke = new Pen(Color.Magenta, 3); + gmr_NearestVisible = new GMapRoute("visiblepath"); + gmr_NearestVisible.Stroke = new Pen(Color.Magenta, 3); + for (int i = 0; i < ppoints.Length; i++) + { + if ((Math.Max(ppoints[i].H1, ppoints[i].H2) > 0) && (Math.Max(ppoints[i].H1, ppoints[i].H2) < Properties.Settings.Default.Planes_MaxAlt)) + { + PointLatLng p = new PointLatLng(ppoints[i].Lat, ppoints[i].Lon); + gmr_VisiblePpath.Points.Add(p); + gmr_NearestVisible.Points.Add(p); + } + } + gmo_PropagationPaths.Routes.Add(gmr_VisiblePpath); + gmo_NearestPaths.Routes.Add(gmr_NearestVisible); + } + catch (Exception ex) + { + Log.WriteMessage(ex.ToString(), LogLevel.Error); + } + } + + private void UpdatePaths() + { + // updates all current path to calculate + + Log.WriteMessage("UpdatePath started."); + Stopwatch st = new Stopwatch(); + st.Start(); + + // check if there are a valid home settings + if (!Callsign.Check(Properties.Settings.Default.MyCall) || + !GeographicalPoint.Check(Properties.Settings.Default.MyLat, Properties.Settings.Default.MyLon)) + return; + + // OK valid, lets continue + + // slow down background calculations + Properties.Settings.Default.Background_Calculations_ThreadWait = 1000; + + //clear map overlays + gmo_PropagationPaths.Clear(); + gmo_NearestPaths.Clear(); + gmo_Objects.Clear(); + + // clear all planes and tooltips + gmo_Planes.Clear(); + + // clear paths + ElevationPaths.Clear(); + PropagationPaths.Clear(); + + // clear charts + ClearCharts(); + + // put call on MyCalls last recent collection if not already in + if (Properties.Settings.Default.MyCalls.IndexOf(Properties.Settings.Default.MyCall) < 0) + { + Properties.Settings.Default.MyCalls.Insert(0, Properties.Settings.Default.MyCall); + } + + // keep the MyCalls list small + while (Properties.Settings.Default.MyCalls.Count > 10) + { + Properties.Settings.Default.MyCalls.RemoveAt(Properties.Settings.Default.MyCalls.Count - 1); + } + + + // check and update station database + LocationDesignator myloc = LocationFindOrUpdateOrCreate(Properties.Settings.Default.MyCall, Properties.Settings.Default.MyLat, Properties.Settings.Default.MyLon); + Properties.Settings.Default.MyElevation = myloc.Elevation; + + // get qrv info or create default + QRVDesignator myqrv = StationData.Database.QRVFindOrCreateDefault(myloc.Call, myloc.Loc, Properties.Settings.Default.Band); + // set qrv defaults if zero + if (myqrv.AntennaHeight == 0) + myqrv.AntennaHeight = StationData.Database.QRVGetDefaultAntennaHeight(Properties.Settings.Default.Band); + if (myqrv.AntennaGain == 0) + myqrv.AntennaGain = StationData.Database.QRVGetDefaultAntennaGain(Properties.Settings.Default.Band); + if (myqrv.Power == 0) + myqrv.Power = StationData.Database.QRVGetDefaultPower(Properties.Settings.Default.Band); + // draw my end on the map + gmm_MyLoc = new GMarkerGoogle(new PointLatLng(myloc.Lat, myloc.Lon), ToolTipFont, ((PathMode == AIRSCOUTPATHMODE.MULTI) && Properties.Settings.Default.Map_SmallMarkers) ? GMarkerGoogleType.red_small : GMarkerGoogleType.red_dot); + gmm_MyLoc.ToolTipText = myloc.Call + "\n" + + myloc.Lat.ToString("F8", CultureInfo.InvariantCulture) + "\n" + + myloc.Lon.ToString("F8", CultureInfo.InvariantCulture) + "\n" + + myloc.Loc + "\n" + + GetElevation(myloc.Lat, myloc.Lon).ToString("F0") + "m"; + gmm_MyLoc.ToolTipMode = MarkerTooltipMode.OnMouseOver; + gmm_MyLoc.Tag = myloc.Call; + gmo_Objects.Markers.Add(gmm_MyLoc); + + // do single path mode + if (PathMode == AIRSCOUTPATHMODE.SINGLE) + { + // check if there are a valid DX settings + if (!Callsign.Check(Properties.Settings.Default.DXCall) || + !GeographicalPoint.Check(Properties.Settings.Default.DXLat, Properties.Settings.Default.DXLon)) + return; + + // OK valid, lets continue + // check and update station database + LocationDesignator dxloc = LocationFindOrUpdateOrCreate(Properties.Settings.Default.DXCall, Properties.Settings.Default.DXLat, Properties.Settings.Default.DXLon); + Properties.Settings.Default.DXElevation = dxloc.Elevation; + + // get qrv info or create default + QRVDesignator dxqrv = StationData.Database.QRVFindOrCreateDefault(dxloc.Call, dxloc.Loc, Properties.Settings.Default.Band); + // set qrv defaults if zero + if (dxqrv.AntennaHeight == 0) + dxqrv.AntennaHeight = StationData.Database.QRVGetDefaultAntennaHeight(Properties.Settings.Default.Band); + if (dxqrv.AntennaGain == 0) + dxqrv.AntennaGain = StationData.Database.QRVGetDefaultAntennaGain(Properties.Settings.Default.Band); + if (dxqrv.Power == 0) + dxqrv.Power = StationData.Database.QRVGetDefaultPower(Properties.Settings.Default.Band); + + // find local obstruction, if any + LocalObstructionDesignator o = ElevationData.Database.LocalObstructionFind(myloc.Lat, myloc.Lon, Properties.Settings.Default.ElevationModel); + double mybearing = LatLon.Bearing(myloc.Lat, myloc.Lon, dxloc.Lat, dxloc.Lon); + double myobstr = (o != null) ? o.GetObstruction(myqrv.AntennaHeight, mybearing) : double.MinValue; + + // try to find elevation path in database or create new one and store + ElevationPathDesignator epath = ElevationData.Database.ElevationPathFindOrCreateFromLatLon( + null, + myloc.Lat, + myloc.Lon, + dxloc.Lat, + dxloc.Lon, + ElevationData.Database.GetDefaultStepWidth(Properties.Settings.Default.ElevationModel), + Properties.Settings.Default.ElevationModel); + // add additional info to ppath + epath.Location1 = myloc; + epath.Location2 = dxloc; + epath.QRV1 = myqrv; + epath.QRV2 = dxqrv; + + // try to find propagation path in database or create new one and store + PropagationPathDesignator ppath = PropagationData.Database.PropagationPathFindOrCreateFromLatLon( + null, + myloc.Lat, + myloc.Lon, + GetElevation(myloc.Lat, myloc.Lon) + myqrv.AntennaHeight, + dxloc.Lat, + dxloc.Lon, + GetElevation(dxloc.Lat, dxloc.Lon) + dxqrv.AntennaHeight, + Bands.ToGHz(Properties.Settings.Default.Band), + LatLon.Earth.Radius * Properties.Settings.Default.Path_Band_Settings[Properties.Settings.Default.Band].K_Factor, + Properties.Settings.Default.Path_Band_Settings[Properties.Settings.Default.Band].F1_Clearance, + ElevationData.Database.GetDefaultStepWidth(Properties.Settings.Default.ElevationModel), + Properties.Settings.Default.ElevationModel, + myobstr); + + // add additional info to ppath + ppath.Location1 = myloc; + ppath.Location2 = dxloc; + ppath.QRV1 = myqrv; + ppath.QRV2 = dxqrv; + + // add single path to paths list + ElevationPaths.Add(epath); + PropagationPaths.Add(ppath); + // put DXCall on the watchlist if not already in + if (Properties.Settings.Default.Watchlist.IndexOf(Properties.Settings.Default.DXCall, MaidenheadLocator.LocFromLatLon(Properties.Settings.Default.DXLat, Properties.Settings.Default.DXLon, false, 3)) < 0) + { + Properties.Settings.Default.Watchlist.Insert(0, new WatchlistItem(Properties.Settings.Default.DXCall, MaidenheadLocator.LocFromLatLon(Properties.Settings.Default.DXLat, Properties.Settings.Default.DXLon, false, 3), ppath.Distance > Properties.Settings.Default.Path_MaxLength)); + } + // keep the watchlist small + while (Properties.Settings.Default.Watchlist.Count() > Properties.Settings.Default.Watchlist_MaxCount) + { + Properties.Settings.Default.Watchlist.RemoveAt(Properties.Settings.Default.Watchlist.Count() - 1); + } + + } + else if (PathMode == AIRSCOUTPATHMODE.MULTI) + { + // iterate through watchlist and add selected + foreach (ListViewItem item in lv_Control_Watchlist.Items) + { + // use only selected items + if (!item.Checked) + continue; + string call = item.Text; + string loc = item.SubItems[1].Text; + + // check if call & loc are valid + if (!Callsign.Check(call) || !MaidenheadLocator.Check(loc)) + continue; + + // check and update station database + LocationDesignator dxloc = LocationFindOrCreate(call, loc); + + // get qrv info or create default + QRVDesignator dxqrv = StationData.Database.QRVFindOrCreateDefault(dxloc.Call, dxloc.Loc, Properties.Settings.Default.Band); + // set qrv defaults if zero + if (dxqrv.AntennaHeight == 0) + dxqrv.AntennaHeight = StationData.Database.QRVGetDefaultAntennaHeight(Properties.Settings.Default.Band); + if (dxqrv.AntennaGain == 0) + dxqrv.AntennaGain = StationData.Database.QRVGetDefaultAntennaGain(Properties.Settings.Default.Band); + if (dxqrv.Power == 0) + dxqrv.Power = StationData.Database.QRVGetDefaultPower(Properties.Settings.Default.Band); + + // find local obstruction, if any + LocalObstructionDesignator o = ElevationData.Database.LocalObstructionFind(myloc.Lat, myloc.Lon, Properties.Settings.Default.ElevationModel); + double mybearing = LatLon.Bearing(myloc.Lat, myloc.Lon, dxloc.Lat, dxloc.Lon); + double myobstr = (o != null) ? o.GetObstruction(myqrv.AntennaHeight, mybearing) : double.MinValue; + + // try to find elevation path in database or create new one and store + ElevationPathDesignator epath = ElevationData.Database.ElevationPathFindOrCreateFromLatLon( + null, + myloc.Lat, + myloc.Lon, + dxloc.Lat, + dxloc.Lon, + ElevationData.Database.GetDefaultStepWidth(Properties.Settings.Default.ElevationModel), + Properties.Settings.Default.ElevationModel); + // try to find propagation path in database or create new one and store + PropagationPathDesignator ppath = PropagationData.Database.PropagationPathFindOrCreateFromLatLon( + null, + myloc.Lat, + myloc.Lon, + GetElevation(myloc.Lat, myloc.Lon) + myqrv.AntennaHeight, + dxloc.Lat, + dxloc.Lon, + GetElevation(dxloc.Lat, dxloc.Lon) + dxqrv.AntennaHeight, + Bands.ToGHz(Properties.Settings.Default.Band), + LatLon.Earth.Radius * Properties.Settings.Default.Path_Band_Settings[Properties.Settings.Default.Band].K_Factor, + Properties.Settings.Default.Path_Band_Settings[Properties.Settings.Default.Band].F1_Clearance, + ElevationData.Database.GetDefaultStepWidth(Properties.Settings.Default.ElevationModel), + Properties.Settings.Default.ElevationModel, + myobstr); + // add additional info to ppath + ppath.Location1 = myloc; + ppath.Location2 = dxloc; + ppath.QRV1 = myqrv; + ppath.QRV2 = dxqrv; + // add path to paths list + + ElevationPaths.Add(epath); + PropagationPaths.Add(ppath); + } + } + + // calculate the area to show in map + // initially set to my location + double minlat = myloc.Lat; + double minlon = myloc.Lon; + double maxlat = myloc.Lat; + double maxlon = myloc.Lon; + + double centerlat = myloc.Lat; + double centerlon = myloc.Lon; + + // now do the drawing + foreach (PropagationPathDesignator ppath in PropagationPaths) + { + DrawPath(ppath); + + // maintain Min/Max values + minlat = Math.Min(minlat, ppath.Lat2); + minlon = Math.Min(minlon, ppath.Lon2); + maxlat = Math.Max(maxlat, ppath.Lat2); + maxlon = Math.Max(maxlon, ppath.Lon2); + } + + // show diagram when in SINGLE mode + if (PathMode == AIRSCOUTPATHMODE.SINGLE) + { + // both Elevationpaths & PropagationPaths should contain only one entry + if ((ElevationPaths.Count > 0) && (PropagationPaths.Count > 0)) + UpdateCharts(ElevationPaths[ElevationPaths.Count - 1], PropagationPaths[PropagationPaths.Count - 1]); + } + + // calculate center + centerlat = LatLon.MidPoint(minlat, minlon, maxlat, maxlon).Lat; + centerlon = LatLon.MidPoint(minlat, minlon, maxlat, maxlon).Lon; + + // ensure that whole path is visible and optionally centered + gm_Main.SetZoomToFitRect(RectLatLng.FromLTRB(minlon, maxlat, maxlon, minlat)); + if (Properties.Settings.Default.Map_AutoCenter) + gm_Main.Position = new PointLatLng(centerlat, centerlon); + + // clear all selections + SelectedPlanes.Clear(); + + // update watchlist locations in map + UpdateWatchlistInMap(); + + // update status window + UpdateStatus(); + + // stop tracking + //TrackMode = AIRSCOUTTRACKMODE.NONE; + + // speed up background calculations + Properties.Settings.Default.Background_Calculations_ThreadWait = 0; + + st.Stop(); + Log.WriteMessage("UpdatePath finished, " + st.ElapsedMilliseconds.ToString() + "ms."); + } + + #endregion + + #region Charts + + private void UpdateCharts(ElevationPathDesignator epath, PropagationPathDesignator ppath) + { + // updates the diagram area + short[] epoints = new short[0]; + PropagationPoint[] ppoints = new PropagationPoint[0]; + try + { + ClearCharts(); + // adjust diagram axes + Path_X.Maximum = ppath.Distance; + Elevation_X.Maximum = epath.Distance; + // get infopoints for charting + epoints = epath.GetInfoPoints(); + ppoints = ppath.GetInfoPoints(); + // calculate epsilon for LOS + double eps_los = Propagation.EpsilonFromHeights(GetElevation(ppath.Lat1, ppath.Lon1) + ppath.QRV1.AntennaHeight, ppath.Distance, GetElevation(ppath.Lat2, ppath.Lon2) + ppath.QRV2.AntennaHeight, LatLon.Earth.Radius); + // fill chart + short maxelv = short.MinValue; + double myelev = GetElevation(ppath.Lat1, ppath.Lon1); + for (int i = 0; i < epoints.Length; i++) + { + Path_Elevation.Points.Add(new OxyPlot.DataPoint(i, epoints[i])); + Min_H1.Points.Add(new OxyPlot.DataPoint(i, ppoints[i].H1)); + Min_H2.Points.Add(new OxyPlot.DataPoint(i, ppoints[i].H2)); + Max_H.Points.Add(new OxyPlot.DataPoint(i, Properties.Settings.Default.Planes_MaxAlt)); + Min_H.Points.Add(new OxyPlot.DataPoint(i, Properties.Settings.Default.Planes_MaxAlt)); + Min_H.Points2.Add(new OxyPlot.DataPoint(i, GetMinH(Properties.Settings.Default.Planes_MaxAlt, Min_H1.Points[i].Y, Min_H2.Points[i].Y))); + LOS.Points.Add(new OxyPlot.DataPoint(i, Propagation.HeightFromEpsilon(myelev + ppath.QRV1.AntennaHeight, i, eps_los, LatLon.Earth.Radius))); + Elevation.Points.Add(new OxyPlot.DataPoint(i, epoints[i])); + if (maxelv < epoints[i]) + maxelv = epoints[i]; + } + // adjust Y-axis --> max elv + 10% + Elevation_Y.Maximum = maxelv + maxelv * 0.1; + // invalidate plots + pm_Path.InvalidatePlot(true); + pm_Elevation.InvalidatePlot(true); + // show path legends + Charts_ShowLegends(5000); + // refresh path info + tp_Elevation.Text = "Pathinfo "; + if (Properties.Settings.Default.ElevationModel == ELEVATIONMODEL.ASTER1) + tp_Elevation.Text = tp_Elevation.Text + "[ASTER1]"; + else if (Properties.Settings.Default.ElevationModel == ELEVATIONMODEL.ASTER3) + tp_Elevation.Text = tp_Elevation.Text + "[ASTER3]"; + else if (Properties.Settings.Default.ElevationModel == ELEVATIONMODEL.SRTM1) + tp_Elevation.Text = tp_Elevation.Text + "[SRTM1]"; + else if (Properties.Settings.Default.ElevationModel == ELEVATIONMODEL.SRTM3) + tp_Elevation.Text = tp_Elevation.Text + "[SRTM3]"; + else if (Properties.Settings.Default.ElevationModel == ELEVATIONMODEL.GLOBE) + tp_Elevation.Text = tp_Elevation.Text + "[GLOBE]"; + } + catch (Exception ex) + { + Log.WriteMessage(ex.ToString(), LogLevel.Error); + } + } + + private void ClearCharts() + { + try + { + // clear all points + Path_Elevation.Points.Clear(); + Min_H1.Points.Clear(); + Min_H2.Points.Clear(); + Max_H.Points.Clear(); + Min_H.Points.Clear(); + Min_H.Points2.Clear(); + Planes_Hi.Points.Clear(); + Planes_Lo.Points.Clear(); + Elevation.Points.Clear(); + LOS.Points.Clear(); + // update view + pm_Path.InvalidatePlot(true); + pm_Elevation.InvalidatePlot(true); + } + catch (Exception ex) + { + Log.WriteMessage(ex.ToString(), LogLevel.Error); + } + } + + private void Charts_ShowLegends(int ms) + { + // enable path legends for some seconds + pm_Path.IsLegendVisible = true; + pm_Path.InvalidatePlot(true); + pm_Elevation.IsLegendVisible = true; + pm_Elevation.InvalidatePlot(true); + ti_ShowLegends.Interval = ms; + ti_ShowLegends.Start(); + } + + private void ti_ShowLegends_Tick(object sender, EventArgs e) + { + pm_Path.IsLegendVisible = false; + pm_Path.InvalidatePlot(true); + pm_Elevation.IsLegendVisible = false; + pm_Elevation.InvalidatePlot(true); + ti_ShowLegends.Enabled = false; + } + + private void pv_Path_Paint(object sender, PaintEventArgs e) + { + // draw calsign s on chart + string mycall = Properties.Settings.Default.MyCall; + string dxcall = Properties.Settings.Default.DXCall; + int top = pv_Path.Bottom - pv_Path.Height / 2; + int left = pv_Path.Left + 50; + int right = pv_Path.Width - 38; + Font font = new Font(FontFamily.GenericSansSerif, 8, FontStyle.Bold); + Graphics g = e.Graphics; + using (StringFormat format = new StringFormat(StringFormatFlags.DirectionVertical)) + { + // measure text to emulate TextAlign.Middle + int mywidth = (int)g.MeasureString(mycall, font).Width; + int dxwidth = (int)g.MeasureString(dxcall, font).Width; + using (SolidBrush brush = new SolidBrush(Color.Black)) + { + if (pv_Path.Height - 50 > mywidth) + g.DrawString(mycall, font, brush, left, top - mywidth / 2, format); + if (pv_Path.Height - 50 > dxwidth) + g.DrawString(dxcall, font, brush, right, top - dxwidth / 2, format); + /* + if (pv_Path.Height > 2 * mywidth + 50) + g.DrawString(mycall, font, brush, left, top, format); + if (pv_Path.Height > 2 * dxwdith + 50) + g.DrawString(dxcall, font, brush, right, top, format); + */ + } + } + } + + #endregion + + #region Planes + + private static Bitmap RotateImageByAngle(System.Drawing.Image oldBitmap, float angle) + { + var newBitmap = new Bitmap(oldBitmap.Width, oldBitmap.Height); + var graphics = Graphics.FromImage(newBitmap); + graphics.TranslateTransform((float)oldBitmap.Width / 2, (float)oldBitmap.Height / 2); + graphics.RotateTransform(angle); + graphics.TranslateTransform(-(float)oldBitmap.Width / 2, -(float)oldBitmap.Height / 2); + graphics.DrawImage(oldBitmap, new System.Drawing.Point(0, 0)); + return newBitmap; + } + + private GMarkerGoogle CreatePlaneSimple(PlaneInfo info, bool selected) + { + // return on empty info + if (info == null) + return null; + // show flight info only + // get bitmap according to category + Bitmap bm; + int bmindex = bmindex_gray; + Brush brush = new SolidBrush(Color.FromArgb(180, Color.White)); + if (info.Potential == 100) + { + bmindex = bmindex_magenta; + brush = new SolidBrush(Color.FromArgb(150, Color.Plum)); + } + else if (info.Potential == 75) + { + bmindex = bmindex_red; + brush = new SolidBrush(Color.FromArgb(150, Color.Red)); + } + else if (info.Potential == 50) + { + bmindex = bmindex_darkorange; + brush = new SolidBrush(Color.FromArgb(150, Color.DarkOrange)); + } + if (info.Category == PLANECATEGORY.SUPERHEAVY) + bm = new Bitmap(il_Planes_S.Images[bmindex]); + else if (info.Category == PLANECATEGORY.HEAVY) + bm = new Bitmap(il_Planes_H.Images[bmindex]); + else if (info.Category == PLANECATEGORY.MEDIUM) + bm = new Bitmap(il_Planes_M.Images[bmindex]); + else if (info.Category == PLANECATEGORY.LIGHT) + bm = new Bitmap(il_Planes_L.Images[bmindex]); + else + bm = new Bitmap(il_Planes_M.Images[bmindex]); + GMarkerGoogle m = new GMarkerGoogle(new PointLatLng(info.Lat, info.Lon), ToolTipFont, RotateImageByAngle(bm, (float)info.Track)); + m.Tag = info.Hex; + string lat = ""; + if (info.Lat >= 0) + lat = Math.Abs(info.Lat).ToString("00.00") + "°N"; + else + lat = Math.Abs(info.Lat).ToString("00.00") + "°S"; + string lon = ""; + if (info.Lon >= 0) + lon = Math.Abs(info.Lon).ToString("000.00") + "°E"; + else + lon = Math.Abs(info.Lon).ToString("000.00") + "°W"; + m.ToolTipText = info.Call + "\n--------------------"; + if (Properties.Settings.Default.InfoWin_Position) + m.ToolTipText += "\nPos: " + lat + " , " + lon; + if (Properties.Settings.Default.InfoWin_Alt) + { + if (Properties.Settings.Default.InfoWin_Metric) + m.ToolTipText += "\nAlt: " + (int)info.Alt_m + "m"; + else + m.ToolTipText += "\nAlt: " + (int)info.Alt + "ft"; + } + if (Properties.Settings.Default.InfoWin_Track) + m.ToolTipText += "\nTrack: " + (int)info.Track + "°"; + if (Properties.Settings.Default.InfoWin_Type) + m.ToolTipText += "\nType: " + info.Manufacturer + " " + info.Model + " [" + PlaneCategories.GetShortStringValue(info.Category) + "]"; + // set tooltip on if hot + if (selected) + m.ToolTipMode = MarkerTooltipMode.Always; + else + m.ToolTipMode = MarkerTooltipMode.OnMouseOver; + if (m.ToolTip != null) + m.ToolTip.Fill = brush; + return m; + } + + private GMarkerGoogle CreatePlaneDetailed(PlaneInfo info, bool selected) + { + // return on empty info + if (info == null) + return null; + // get bitmap according to category + Bitmap bm; + int bmindex = bmindex_gray; + Brush brush = new SolidBrush(Color.FromArgb(180, Color.White)); + if (info.Potential == 100) + { + bmindex = bmindex_magenta; + brush = new SolidBrush(Color.FromArgb(150, Color.Plum)); + } + else if (info.Potential == 75) + { + bmindex = bmindex_red; + brush = new SolidBrush(Color.FromArgb(150, Color.Red)); + } + else if (info.Potential == 50) + { + bmindex = bmindex_darkorange; + brush = new SolidBrush(Color.FromArgb(150, Color.DarkOrange)); + } + if (info.Category == PLANECATEGORY.SUPERHEAVY) + bm = new Bitmap(il_Planes_S.Images[bmindex]); + else if (info.Category == PLANECATEGORY.HEAVY) + bm = new Bitmap(il_Planes_H.Images[bmindex]); + else if (info.Category == PLANECATEGORY.MEDIUM) + bm = new Bitmap(il_Planes_M.Images[bmindex]); + else if (info.Category == PLANECATEGORY.LIGHT) + bm = new Bitmap(il_Planes_L.Images[bmindex]); + else + bm = new Bitmap(il_Planes_M.Images[bmindex]); + GMarkerGoogle m = new GMarkerGoogle(new PointLatLng(info.Lat, info.Lon), ToolTipFont, RotateImageByAngle(bm, (float)info.Track)); + m.Tag = info.Hex; + string lat = ""; + if (info.Lat >= 0) + lat = Math.Abs(info.Lat).ToString("00.00") + "°N"; + else + lat = Math.Abs(info.Lat).ToString("00.00") + "°S"; + string lon = ""; + if (info.Lon >= 0) + lon = Math.Abs(info.Lon).ToString("000.00") + "°E"; + else + lon = Math.Abs(info.Lon).ToString("000.00") + "°W"; + int mins = 0; + if (info.Speed > 0) + mins = (int)(info.IntQRB / UnitConverter.kts_kmh(info.Speed) * 60.0); + // fill tooltip texts + m.ToolTipText = info.Call + "\n--------------------"; + if (Properties.Settings.Default.InfoWin_Position) + m.ToolTipText += "\nPos: " + lat + " , " + lon; + if (Properties.Settings.Default.InfoWin_Alt) + { + if (Properties.Settings.Default.InfoWin_Metric) + m.ToolTipText += "\nAlt: " + (int)info.Alt_m + "m [" + info.AltDiff.ToString("+#;-#;0") + "m]"; + else + m.ToolTipText += "\nAlt: " + (int)info.Alt + "ft [" + UnitConverter.m_ft(info.AltDiff).ToString("+#;-#;0") + "ft]"; + } + if (Properties.Settings.Default.InfoWin_Track) + m.ToolTipText += "\nTrack: " + (int)info.Track + "°"; + if (Properties.Settings.Default.InfoWin_Speed) + { + if (Properties.Settings.Default.InfoWin_Metric) + m.ToolTipText += "\nSpeed: " + info.Speed_kmh.ToString("F0") + "km/h"; + else + m.ToolTipText += "\nSpeed: " + info.Speed.ToString("F0") + "kts"; + } + if (Properties.Settings.Default.InfoWin_Type) + m.ToolTipText += "\nType: " + info.Manufacturer + " " + info.Model + " [" + PlaneCategories.GetShortStringValue(info.Category) + "]"; + + if (info.Potential > 0) + { + if (Properties.Settings.Default.InfoWin_Dist) + { + if (Properties.Settings.Default.InfoWin_Metric) + m.ToolTipText += "\nDist: " + info.IntQRB.ToString("F0") + "km"; + else + m.ToolTipText += "\nDist: " + UnitConverter.km_mi(info.IntQRB).ToString("F0") + "mi"; + } + if (Properties.Settings.Default.InfoWin_Time) + m.ToolTipText += "\nTime: " + (CurrentTime + new TimeSpan(0, mins, 0)).ToString("HH:mm") + " [ " + mins.ToString("") + "min]"; + if (Properties.Settings.Default.InfoWin_Angle) + m.ToolTipText += "\nAngle: " + (info.Angle / Math.PI * 180.0).ToString("F0") + "°"; + if (Properties.Settings.Default.InfoWin_Epsilon) + m.ToolTipText += "\nEps: " + (info.Eps1 / Math.PI * 180.0).ToString("00.00") + "° <> " + (info.Eps2 / Math.PI * 180.0).ToString("00.00") + "°"; + if (Properties.Settings.Default.InfoWin_Squint) + m.ToolTipText += "\nSquint: " + (info.Squint / Math.PI * 180).ToString("00.00") + "°"; + } + + if ((TrackMode == AIRSCOUTTRACKMODE.TRACK) && (TrackValues != null) && ( + (Properties.Settings.Default.InfoWin_MyAzimuth) || + (Properties.Settings.Default.InfoWin_MyElevation) || + (Properties.Settings.Default.InfoWin_MyDoppler) + )) + { + m.ToolTipText += "\n--------------------"; + if (Properties.Settings.Default.InfoWin_MyAzimuth) + m.ToolTipText += "\nMyAzimuth: " + TrackValues.MyAzimuth.ToString("00.00") + "°"; + if (Properties.Settings.Default.InfoWin_MyElevation) + m.ToolTipText += "\nMyElevation: " + TrackValues.MyElevation.ToString("00.00") + "°"; + if (Properties.Settings.Default.InfoWin_MyDoppler) + m.ToolTipText += "\nMyDoppler: " + TrackValues.MyDoppler.ToString("F0") + "Hz"; + } + if ((TrackMode == AIRSCOUTTRACKMODE.TRACK) && (TrackValues != null) && ( + (Properties.Settings.Default.InfoWin_DXAzimuth) || + (Properties.Settings.Default.InfoWin_DXElevation) || + (Properties.Settings.Default.InfoWin_DXDoppler) + )) + { + m.ToolTipText += "\n--------------------"; + if (Properties.Settings.Default.InfoWin_DXAzimuth) + m.ToolTipText += "\nDXAzimuth: " + TrackValues.DXAzimuth.ToString("00.00") + "°"; + if (Properties.Settings.Default.InfoWin_DXElevation) + m.ToolTipText += "\nDXElevation: " + TrackValues.DXElevation.ToString("00.00") + "°"; + if (Properties.Settings.Default.InfoWin_DXDoppler) + m.ToolTipText += "\nDXDoppler: " + TrackValues.DXDoppler.ToString("F0") + "Hz"; + } + + + if (selected) + { + m.ToolTipMode = MarkerTooltipMode.Always; + } + else + { + m.ToolTipMode = MarkerTooltipMode.OnMouseOver; + } + if (m.ToolTip != null) + m.ToolTip.Fill = brush; + return m; + } + + private void DrawPlanes() + { + bool alarm = false; + bool isselected = false; + string alarm_msg = ""; + + List pathplanes = new List(); + + // check if any plane is on list --> return empty list + if ((ActivePlanes == null) || (ActivePlanes.Count == 0)) + return; + bool anyselected = false; + List planes_hi = new List(); + List planes_lo = new List(); + // draw all planes + foreach (PlaneInfo plane in ActivePlanes.Values) + { + try + { + // show planes if it meets filter criteria + if ((plane.Alt_m >= Properties.Settings.Default.Planes_MinAlt) && (plane.Category >= Properties.Settings.Default.Planes_Filter_Min_Category)) + { + // check selected state + isselected = SelectedPlanes.IndexOf(plane.Hex) >= 0; + // now, show plane according to potential + switch (plane.Potential) + { + case 100: + gmo_Planes.Markers.Add(CreatePlaneDetailed(plane, isselected)); + // set alarm + if (plane.IntQRB < Properties.Settings.Default.Alarm_Distance) + { + alarm = true; + alarm_msg = plane.Call; + } + break; + case 75: + gmo_Planes.Markers.Add(CreatePlaneDetailed(plane, isselected)); + // set alarm + if (plane.IntQRB < Properties.Settings.Default.Alarm_Distance) + { + alarm = true; + alarm_msg = plane.Call; + } + break; + case 50: + gmo_Planes.Markers.Add(CreatePlaneDetailed(plane, isselected)); + break; + default: + if (Properties.Settings.Default.InfoWin_AlwaysDetailed) + { + gmo_Planes.Markers.Add(CreatePlaneDetailed(plane, isselected)); + } + else + { + gmo_Planes.Markers.Add(CreatePlaneSimple(plane, isselected)); + } + break; + } + + // count the planes drawed and update caption, if not under Linux + // Linux/Mono is drawing the whole control again --> performance issue! + if (!SupportFunctions.IsMono) + tp_Map.Text = "Map [" + gmo_Planes.Markers.Count.ToString() + " plane(s)]"; + // if selected: draw the thin path to crossing point if one + if (isselected) + { + anyselected = true; + if (plane.IntPoint != null) + { + GMapRoute intpath = new GMapRoute(plane.Call); + intpath.Stroke = new Pen(Color.Black, 1); + intpath.Points.Add(new PointLatLng(plane.Lat, plane.Lon)); + intpath.Points.Add(new PointLatLng(plane.IntPoint.Lat, plane.IntPoint.Lon)); + gmo_Routes.Routes.Add(intpath); + // Console.WriteLine(DateTime.UtcNow.ToString("yyyy-MM-dd HH:mm:ss") + ";" + info.IntQRB.ToString("F3")); + } + // track plane, if enabled + if (Properties.Settings.Default.Track_Activate) + { + Properties.Settings.Default.Track_CurrentPlane = plane.Hex; + } + } + + // show planes on chart if in sigle path mode + if (PathMode == AIRSCOUTPATHMODE.SINGLE) + { + if ((plane.IntPoint != null) && (plane.IntQRB <= Properties.Settings.Default.Path_Band_Settings[Properties.Settings.Default.Band].MaxDistance)) + { + // calculate distance from mylat/mylon + double dist = LatLon.Distance(Properties.Settings.Default.MyLat, Properties.Settings.Default.MyLon, plane.IntPoint.Lat, plane.IntPoint.Lon); + // add new data points + /* + if (plane.AltDiff > 0) + { + Planes_Hi.Points.Add(new DataPoint(dist, plane.Alt_m)); + } + else + { + Planes_Lo.Points.Add(new DataPoint(dist, plane.Alt_m)); + } + */ + + TooltipDataPoint p = new TooltipDataPoint(dist, plane.Alt_m,plane.Call); + if (plane.AltDiff > 0) + { + planes_hi.Add(p); + } + else + { + planes_lo.Add(p); + } + } + } + } + + // add planes to chart + Planes_Hi.ItemsSource = planes_hi; + Planes_Lo.ItemsSource = planes_lo; + + // change tracker display + Planes_Hi.TrackerFormatString = "{Tooltip}"; + Planes_Lo.TrackerFormatString = "{Tooltip}"; + + // invalidate chart + pm_Path.InvalidatePlot(true); + + // set alarm if one + if (alarm) + Alarm(alarm_msg); + } + catch (Exception ex) + { + Log.WriteMessage(ex.ToString(), LogLevel.Error); + } + } + // stop tracking if selected object is lost for any reason + if (!anyselected) + { + TrackMode = AIRSCOUTTRACKMODE.NONE; + } + + } + + private void UpdatePlanes() + { + + // get current time + + // update status + UpdateStatus(); + + // check for filter settings + // and color filter box + int planes_filter_minalt = 0; + planes_filter_minalt = Properties.Settings.Default.Planes_Filter_Min_Alt; + if (planes_filter_minalt < 0) + planes_filter_minalt = 0; + if ((planes_filter_minalt != 0) || (Properties.Settings.Default.Planes_Filter_Min_Category > PLANECATEGORY.LIGHT)) + { + pa_Planes_Filter.BackColor = Color.Plum; + } + else + { + pa_Planes_Filter.BackColor = SystemColors.Control; + } + + Stopwatch st = new Stopwatch(); + st.Start(); + List allplanes = Planes.GetAll(CurrentTime, Properties.Settings.Default.Planes_Position_TTL); + // TODO: maintain selected status + st.Stop(); + // Log.WriteMessage("Getting plane positions from database: " + allplanes.Count().ToString() + " plane(s), " + st.ElapsedMilliseconds.ToString() + " ms."); + // clear active planes + ActivePlanes.Clear(); + + foreach (PropagationPathDesignator ppath in PropagationPaths) + { + st.Reset(); + st.Start(); + NearestPlane = null; + double highestpotential = 0; + // get nearest planes per path + List nearestplanes = AircraftData.Database.GetNearestPlanes(DateTime.UtcNow, ppath, allplanes, Properties.Settings.Default.Planes_Filter_Max_Circumcircle, Properties.Settings.Default.Path_Band_Settings[Properties.Settings.Default.Band].MaxDistance, Properties.Settings.Default.Planes_MaxAlt); + + foreach (PlaneInfo plane in nearestplanes) + { + // maintain highest potential + if ((plane.Alt_m >= Properties.Settings.Default.Planes_Filter_Min_Alt) && (plane.Category >= Properties.Settings.Default.Planes_Filter_Min_Category) && (plane.Potential > highestpotential)) + highestpotential = plane.Potential; + // add or update plane in active planes list + PlaneInfo activeplane; + if (ActivePlanes.TryGetValue(plane.Hex, out activeplane)) + { + // plane found --> update if necessary + bool update = false; + // plane has higher potential + if ((plane.IntPoint != null) && (plane.Potential > activeplane.Potential)) + update = true; + // plane has same potetial but is nearer to path + else if ((plane.Potential == activeplane.Potential) && (plane.IntQRB < activeplane.IntQRB)) + update = true; + // update if necessary + if (update) + { + ActivePlanes.Remove(activeplane.Hex); + ActivePlanes.Add(plane.Hex, plane); + } + } + else + { + // add plane to list if not foound + ActivePlanes.Add(plane.Hex, plane); + } + // maintain nearest plane info + // check if plane is within MaxDistance + if (plane.IntQRB < Properties.Settings.Default.Path_Band_Settings[Properties.Settings.Default.Band].MaxDistance) + { + if (NearestPlane == null) + { + // set first nearest plane info anyway + NearestPlane = plane; + } + // use higher potential anyway + if (plane.Potential > NearestPlane.Potential) + { + NearestPlane = plane; + } + else if (plane.Potential == NearestPlane.Potential) + { + // use nearer plane if same potential + if (plane.IntQRB < NearestPlane.IntQRB) + NearestPlane = plane; + } + } + } + // colour callsign in watchlist if in MULTIPATH mode + if (PathMode == AIRSCOUTPATHMODE.MULTI) + { + string dxcall = ppath.Location2.Call; + ListViewItem item = lv_Control_Watchlist.FindItemWithText(dxcall); + if (item != null) + { + // store potential in watchlist item and refresh if necessaray + if (item.ToolTipText != highestpotential.ToString()) + { + item.ToolTipText = highestpotential.ToString(); + lv_Control_Watchlist.Refresh(); + } + } + } + st.Stop(); + // Log.WriteMessage("Get nearest planes: " + ActivePlanes.Count.ToString() + " plane(s), " + st.ElapsedMilliseconds.ToString() + " ms."); + } + st.Start(); + // clear planes overlay in map + gmo_Planes.Clear(); + // clear all routes except paths + gmo_Routes.Clear(); + + // clear data points in chart + Planes_Hi.Points.Clear(); + Planes_Lo.Points.Clear(); + pm_Path.Annotations.Clear(); + + // draw planes + DrawPlanes(); + st.Stop(); + Console.WriteLine("Drawing planes: " + ActivePlanes.Count.ToString() + " plane(s), " + st.ElapsedMilliseconds.ToString() + " ms."); + + // set focus on the map object + this.ActiveControl = gm_Main; + } + + #endregion + + #region Watchlist + + private void UpdateWatchlistInMap() + { + // show callsigns from watchlist + gmo_Callsigns.Clear(); + if (!Properties.Settings.Default.Watchlist_Activated) + return; + // create new watchlist if null + if (Properties.Settings.Default.Watchlist == null) + Properties.Settings.Default.Watchlist = new Watchlist(); + foreach (WatchlistItem item in Properties.Settings.Default.Watchlist) + { + // nasty!! Should never be null! + if (item == null) + continue; + LocationDesignator dxloc = LocationFindOrCreate(item.Call, item.Loc); + GMarkerGoogle gm = new GMarkerGoogle(new PointLatLng(dxloc.Lat, dxloc.Lon), ToolTipFont, (dxloc.Source == GEOSOURCE.FROMUSER) ? GMarkerGoogleType.green_small : GMarkerGoogleType.white_small); + gm.ToolTipText = dxloc.Call; + if ((PathMode == AIRSCOUTPATHMODE.MULTI) && Properties.Settings.Default.Map_LabelCalls && item.Checked) + gm.ToolTipMode = MarkerTooltipMode.Always; + else + gm.ToolTipMode = MarkerTooltipMode.OnMouseOver; + gm.Tag = dxloc.Call; + gmo_Callsigns.Markers.Add(gm); + } + } + + private void AddListViewItem (WatchlistItem item) + { + LocationDesignator dxcall = StationData.Database.LocationFindOrCreate(item.Call, item.Loc); + ListViewItem lvi = new ListViewItem(item.Call); + lvi.Name = "Call"; + ListViewItem.ListViewSubItem lsi = new ListViewItem.ListViewSubItem(lvi, item.Loc); + lsi.Name = "Loc"; + lvi.SubItems.Add(lsi); + lv_Control_Watchlist.Items.Add(lvi); + if (item.Checked) + lvi.Checked = true; + if (item.Selected) + lvi.Selected = true; + // tag item as "Out of Range" + if (item.OutOfRange) + { + lvi.Tag = "OOR"; + lvi.ForeColor = Color.LightGray; + } + else + { + lvi.BackColor = (dxcall.Source == GEOSOURCE.FROMUSER) ? Color.PaleGreen : Color.White; + } + + } + + private void RefreshWatchlistView() + { + + // set watchlistupdating flag + WatchlistUpdating = true; + // keep scroll position + int topItemIndex = 0; + try + { + if ((PlayMode != AIRSCOUTPLAYMODE.FORWARD) && (lv_Control_Watchlist.TopItem != null)) + { + topItemIndex = lv_Control_Watchlist.TopItem.Index; + } + } + catch (Exception ex) + { + // do nothing + } + // update listview + lv_Control_Watchlist.BeginUpdate(); + lv_Control_Watchlist.Items.Clear(); + Properties.Settings.Default.Watchlist.Sort(); + // run twice, add checked items first, then all others + foreach (WatchlistItem item in Properties.Settings.Default.Watchlist) + { + // nasty!! Should never be null! + if (item == null) + continue; + if (item.Checked) + AddListViewItem(item); + } + foreach (WatchlistItem item in Properties.Settings.Default.Watchlist) + { + // nasty!! Should never be null! + if (item == null) + continue; + if (!item.Checked) + AddListViewItem(item); + } + // lv_Control_Watchlist.Sort(); + lv_Control_Watchlist.EndUpdate(); + // restore scroll position + try + { + lv_Control_Watchlist.TopItem = lv_Control_Watchlist.Items[topItemIndex]; + } + catch (Exception ex) + { + // do nothing + } + // reset watchlistupdating flag + WatchlistUpdating = false; + } + + #endregion + + #region User Interface + + private void MapDlg_SizeChanged(object sender, EventArgs e) + { + } + + private void MapDlg_Resize(object sender, EventArgs e) + { + } + + private void ti_Progress_Tick(object sender, EventArgs e) + { + // prevent timer tick from overflow when heavy loaded + // stop timer --> do update procedure --> start timer again + ti_Progress.Stop(); + if (LifeMode == AIRSCOUTLIFEMODE.LIFE) + { + if (PlayMode == AIRSCOUTPLAYMODE.FORWARD) + { + // update current time + if (Properties.Settings.Default.Time_Mode_Online) + { + CurrentTime = DateTime.UtcNow; + UpdatePlanes(); + } + } + } + else if (LifeMode == AIRSCOUTLIFEMODE.HISTORY) + { + if (PlayMode != AIRSCOUTPLAYMODE.PAUSE) + { + Properties.Settings.Default.Time_Offline = Properties.Settings.Default.Time_Offline.AddSeconds(Time_Offline_Interval); + if (Properties.Settings.Default.Time_Offline < dtp_Analysis_MinValue.Value) + Properties.Settings.Default.Time_Offline = dtp_Analysis_MinValue.Value; + if (Properties.Settings.Default.Time_Offline > dtp_Analysis_MaxValue.Value) + Properties.Settings.Default.Time_Offline = dtp_Analysis_MaxValue.Value; + CurrentTime = Properties.Settings.Default.Time_Offline; + tb_Analysis_Time.Text = CurrentTime.ToString("yyyy-MM-hh HH:mm:ss"); + double span = (CurrentTime - dtp_Analysis_MinValue.Value).TotalSeconds; + if ((span > sb_Analysis_Play.Minimum) && (span < sb_Analysis_Play.Maximum)) + sb_Analysis_Play.Value = (int)span; + UpdatePlanes(); + } + } + // restart timer + ti_Progress.Start(); + } + + private void sc_Main_SplitterMoved(object sender, SplitterEventArgs e) + { + } + + private void sc_Map_SplitterMoved(object sender, SplitterEventArgs e) + { + } + + + + #region Map + + private void gm_Main_OnMapZoomChanged() + { + double midlat = LatLon.MidPoint(Properties.Settings.Default.MyLat, Properties.Settings.Default.MyLon, Properties.Settings.Default.DXLat, Properties.Settings.Default.DXLon).Lat; + double midlon = LatLon.MidPoint(Properties.Settings.Default.MyLat, Properties.Settings.Default.MyLon, Properties.Settings.Default.DXLat, Properties.Settings.Default.DXLon).Lon; + if ((PlayMode == AIRSCOUTPLAYMODE.FORWARD) && Properties.Settings.Default.Map_AutoCenter) + gm_Main.Position = new PointLatLng(midlat, midlon); + tb_Zoom.Text = gm_Main.Zoom.ToString(); + + // (re)initialize locator overlay + InitializeLocators(); + } + + private void gm_Main_OnMarkerClick(GMapMarker item, MouseEventArgs e) + { + try + { + if (e.Button == System.Windows.Forms.MouseButtons.Left) + { + // check if callsign clicked + if (item.Overlay == gmo_Callsigns) + { + string call = (string)item.Tag; + // check if callsign clicked and not own callsign + if (Callsign.Check(call) && (call != Properties.Settings.Default.MyCall)) + { + if (PathMode == AIRSCOUTPATHMODE.MULTI) + { + // search call on watchlist + int index = Properties.Settings.Default.Watchlist.IndexOf(call); + if (index >= 0) + { + // toggle checked state + Properties.Settings.Default.Watchlist.ElementAt(index).Checked = !Properties.Settings.Default.Watchlist.ElementAt(index).Checked; + // refresh watchlist view + RefreshWatchlistView(); + // update paths if running + if (PlayMode == AIRSCOUTPLAYMODE.FORWARD) + UpdatePaths(); + } + } + else if (PathMode == AIRSCOUTPATHMODE.SINGLE) + { + // search call on watchlist + int index = Properties.Settings.Default.Watchlist.IndexOf(call); + if (index >= 0) + { + string loc = Properties.Settings.Default.Watchlist.ElementAt(index).Loc; + // get location info from database + LocationDesignator ld = LocationFindOrCreate(call, loc); + Properties.Settings.Default.DXCall = ld.Call; + Properties.Settings.Default.DXLat = ld.Lat; + Properties.Settings.Default.DXLon = ld.Lon; + UpdateStatus(); + // update paths if running + if (PlayMode == AIRSCOUTPLAYMODE.FORWARD) + UpdatePaths(); + } + } + } + } + // check if plane clicked + else if (item.Overlay == gmo_Planes) + { + // keep the selected state + int selectedindex = SelectedPlanes.IndexOf((string)item.Tag); + // clear all other selections if tracking is enabled + if (Properties.Settings.Default.Track_Activate) + { + SelectedPlanes.Clear(); + if (selectedindex < 0) + { + SelectedPlanes.Add((string)item.Tag); + } + } + else + { + // toogle selection of the selected plane + if (selectedindex >= 0) + { + // remove item from selected planes list + SelectedPlanes.RemoveAt(selectedindex); + // invalidate tracking + TrackMode = AIRSCOUTTRACKMODE.NONE; + } + else + { + SelectedPlanes.Add((string)item.Tag); + } + } + // set track mode + if (Properties.Settings.Default.Track_Activate) + { + TrackMode = AIRSCOUTTRACKMODE.TRACK; + } + } + // check if call clicked + else if (item.Overlay == gmo_Callsigns) + { + LocationDesignator ld = StationData.Database.LocationFind(item.Tag.ToString()); + if (ld != null) + { + if (PlayMode != AIRSCOUTPLAYMODE.PAUSE) + this.Pause(); + Properties.Settings.Default.DXCall = item.Tag.ToString(); + Properties.Settings.Default.DXLat = ld.Lat; + Properties.Settings.Default.DXLon = ld.Lon; + UpdateStatus(); + this.Play(); + } + } + } + if (e.Button == System.Windows.Forms.MouseButtons.Right) + { + // new for tracking antenna + if ((string)item.Tag == Properties.Settings.Default.DXCall) + { + // Right click on DXCall needle --> set antenna position + // get antenna direction + double qtf = LatLon.Bearing(Properties.Settings.Default.MyLat, + Properties.Settings.Default.MyLon, + Properties.Settings.Default.DXLat, + Properties.Settings.Default.DXLon); + // store new QTF in properties + lock (Properties.Settings.Default) + { + TrackMode = AIRSCOUTTRACKMODE.SINGLE; + Properties.Settings.Default.Track_SetAz = qtf; + Properties.Settings.Default.Track_SetEl = 0; + } + } + } + } + catch (Exception ex) + { + // do nothing if item not found in planes list + Log.WriteMessage(ex.ToString(), LogLevel.Error); + } + } + + private void gm_Main_OnMarkerEnter(GMapMarker item) + { + if (((item == gmm_MyLoc) || (item == gmm_DXLoc)) && !isDraggingMarker) + gmm_CurrentMarker = item; + } + + private void gm_Main_OnMarkerLeave(GMapMarker item) + { + + } + + private void gm_Main_MouseDown(object sender, MouseEventArgs e) + { + if (e.Button == MouseButtons.Left && gmm_CurrentMarker != null && gmm_CurrentMarker.IsMouseOver) + isDraggingMarker = true; + } + + private void gm_Main_MouseMove(object sender, MouseEventArgs e) + { + } + + private void gm_Main_MouseUp(object sender, MouseEventArgs e) + { + if (isDraggingMarker) + { + isDraggingMarker = false; + } + + if (isDraggingMap) + { + // (re)initialize locator overlay + InitializeLocators(); + isDraggingMap = false; + } + } + + private void gm_Main_OnMapDrag() + { + // set dragging mode + isDraggingMap = true; + + // switch off locator overlay + gmo_Locators.IsVisibile = false; + } + + + private void gm_Main_Paint(object sender, PaintEventArgs e) + { + if (Properties.Settings.Default.Map_TrackingGaugesShow && (TrackMode == AIRSCOUTTRACKMODE.TRACK) && (TrackValues != null)) + { + // paint gauges on top of the map if enabled + ag_Azimuth.Value = (float)TrackValues.MyAzimuth; + ag_Elevation.Value = (float)TrackValues.MyElevation; + + // get gauges forecolor from properties + Color gaugescolor = Color.FromName(Properties.Settings.Default.Map_TrackingGaugeColor); + if (gaugescolor == null) + { + // set to black if fails + gaugescolor = Color.Black; + } + + // get brushes, pens and fonts + Brush gaugesbrush = new SolidBrush(gaugescolor); + Pen gaugespen = new Pen(gaugesbrush, 3); + Font trackfont = new Font("Courier New", (int)((double)pa_Rig.Height / 7.0), FontStyle.Bold); + + // set colors, brushes and pens + ag_Azimuth.ForeColor = gaugescolor; + ag_Elevation.ForeColor = gaugescolor; + + e.Graphics.DrawRectangle(gaugespen, new Rectangle(ag_Azimuth.Left, ag_Azimuth.Top, ag_Azimuth.Width + ag_Elevation.Width + 20, ag_Elevation.Height)); + + // draw elements + int ofsX = ag_Azimuth.Left; + int ofsY = ag_Azimuth.Top; + ag_Azimuth.DrawDialText(e.Graphics, ofsX, ofsY); + ag_Azimuth.DisplayNumber(e.Graphics, ofsX, ofsY); + ag_Azimuth.DrawCalibration(e.Graphics, ofsX, ofsY); + ag_Azimuth.DrawCenterPoint(e.Graphics, ofsX, ofsY); + ag_Azimuth.DrawPointer(e.Graphics, ofsX, ofsY); + + ofsX = ag_Elevation.Left; + ofsY = ag_Elevation.Top; + ag_Elevation.DrawDialText(e.Graphics, ofsX, ofsY); + ag_Elevation.DisplayNumber(e.Graphics, ofsX, ofsY); + ag_Elevation.DrawCalibration(e.Graphics, ofsX, ofsY); + ag_Elevation.DrawCenterPoint(e.Graphics, ofsX, ofsY); + ag_Elevation.DrawPointer(e.Graphics, ofsX, ofsY); + + if (!Properties.Settings.Default.Doppler_Strategy_None) + { + // paint rig frequencies on top of the map if doppler compensation enabled + NumberFormatInfo info = new NumberFormatInfo(); + info.NumberDecimalSeparator = ","; + info.NumberGroupSeparator = "."; + int top = 0; + int left = 10; + e.Graphics.DrawRectangle(gaugespen, new Rectangle(pa_Rig.Left, pa_Rig.Top, pa_Rig.Width, pa_Rig.Height)); + e.Graphics.DrawString("MyDop: " + TrackValues.MyDoppler.ToString("F0"), trackfont, gaugesbrush, new PointF(pa_Rig.Left + left, pa_Rig.Top + top)); + e.Graphics.DrawString("DXDop: " + TrackValues.DXDoppler.ToString("F0"), trackfont, gaugesbrush, new PointF(pa_Rig.Left + left + pa_Rig.Width / 2, pa_Rig.Top + top)); + e.Graphics.DrawString("Dial : " + Properties.Settings.Default.Doppler_DialFreq.ToString(info), trackfont, gaugesbrush, new PointF(pa_Rig.Left + left, pa_Rig.Top + top + pa_Rig.Height / 4 * 1)); + e.Graphics.DrawString("RX : " + TrackValues.RXFrequency.ToString(info), trackfont, gaugesbrush, new PointF(pa_Rig.Left + left, pa_Rig.Top + top + pa_Rig.Height / 4 * 2)); + e.Graphics.DrawString("TX : " + TrackValues.TXFrequency.ToString(info), trackfont, gaugesbrush, new PointF(pa_Rig.Left + left, pa_Rig.Top + top + pa_Rig.Height / 4 * 3)); + } + } + } + + private void gm_Main_SizeChanged(object sender, EventArgs e) + { + try + { + // get width from properties + int width = (int)Properties.Settings.Default.Map_TrackingGaugeWidth; + + + // check bounds + if (width < 175) + width = 175; + if (width > this.Width / 2) + width = this.Width / 2; + + // adjust position and size of gauges + ag_Azimuth.Width = width; + ag_Elevation.Width = width; + ag_Azimuth.Left = gm_Main.Right - ag_Azimuth.Width - ag_Elevation.Width - 40; + ag_Azimuth.Top = gm_Main.Bottom - ag_Azimuth.Height - 20; + + ag_Elevation.Left = gm_Main.Right - ag_Elevation.Width - 20; + ag_Elevation.Top = gm_Main.Bottom - ag_Elevation.Height - 20; + + // adjust position and size of rig panel + pa_Rig.Width = ag_Elevation.Right - ag_Azimuth.Left; + pa_Rig.Height = ag_Azimuth.Height / 2; + pa_Rig.Left = ag_Azimuth.Left; + pa_Rig.Top = gm_Main.Bottom - ag_Azimuth.Height - pa_Rig.Height - 30; + } + catch (Exception ex) + { + + } + } + + private void gm_Main_OnPositionChanged(PointLatLng point) + { + } + + private void gm_Main_OnTileLoadComplete(long ElapsedMilliseconds) + { + // use thread safe call here! + /* + // use a backgroundworker to pump a message into the main window's message loop + while (bw_LocatorGridUpdater.IsBusy) + { + // wait until last run is finished + Application.DoEvents(); + } + bw_LocatorGridUpdater.RunWorkerAsync(); + */ + + UpdateLocationGrid = true; + } + + #endregion + + #region Right Controls + + private void cb_Band_SelectedIndexChanged(object sender, EventArgs e) + { + if (cb_Band.SelectedItem != null) + Properties.Settings.Default.Band = Bands.ParseStringValue((string)cb_Band.SelectedItem); + else Properties.Settings.Default.Band = BAND.BNONE; + +// SaveUserSettings(); +// Properties.Settings.Default.Reload(); + + } + + #region Tab Control Control Panel + + private void tc_Control_DrawItem(object sender, DrawItemEventArgs e) + { + // This event is called once for each tab button in your tab control + // First paint the background with a color based on the current tab + // e.Index is the index of the tab in the TabPages collection. + switch (e.Index) + { + case 0: + e.Graphics.FillRectangle(new SolidBrush(SystemColors.Control), e.Bounds); + break; + case 1: + e.Graphics.FillRectangle(new SolidBrush(SystemColors.Control), e.Bounds); + break; + case 2: + e.Graphics.FillRectangle(new SolidBrush((Properties.Settings.Default.Planes_Filter_Min_Category > PLANECATEGORY.LIGHT) ? Color.Plum : SystemColors.Control), e.Bounds); + break; + default: + break; + } + + // Then draw the current tab button text + Rectangle paddedBounds = e.Bounds; + paddedBounds.Inflate(-2, -2); + e.Graphics.DrawString(tc_Control.TabPages[e.Index].Text, tc_Control.Font, (tc_Control.Enabled) ? SystemBrushes.ControlText : SystemBrushes.GrayText, paddedBounds); + } + + + #region Single Tab + + private void tp_Control_Single_Enter(object sender, EventArgs e) + { + if (PathMode != AIRSCOUTPATHMODE.SINGLE) + { + PathMode = AIRSCOUTPATHMODE.SINGLE; + tc_Map.SelectedTab = tp_Map; + } + // update all info + UpdateStatus(); + } + + private void gb_Map_Info_MouseClick(object sender, MouseEventArgs e) + { + // get font size in pixels + double pixels; + using (Graphics g = this.CreateGraphics()) + { + pixels = gb_Map_Info.Font.SizeInPoints * g.DpiX / 72; + } + if ((e.Y <= pixels) && (e.Button == MouseButtons.Left)) + { + Properties.Settings.Default.Map_ShowInfoBox = !Properties.Settings.Default.Map_ShowInfoBox; + } + } + + + private void cb_MyCall_TextChanged(object sender, EventArgs e) + { + int i = cb_MyCall.SelectionStart; + Properties.Settings.Default.MyCall = cb_MyCall.Text; + // clear locator entries + cb_MyLoc.Text = ""; + cb_MyLoc.Items.Clear(); + Properties.Settings.Default.MyLat = double.NaN; + Properties.Settings.Default.MyLon = double.NaN; + Properties.Settings.Default.MyElevation = 0; + if (Callsign.Check(cb_MyCall.Text)) + { + // select last recent loc + LocationDesignator ld = StationData.Database.LocationFind(cb_MyCall.Text); + if (ld != null) + { + Properties.Settings.Default.MyLat = ld.Lat; + Properties.Settings.Default.MyLon = ld.Lon; + Properties.Settings.Default.MyElevation = GetElevation(ld.Lat, ld.Lon); + } + } + UpdateStatus(); + cb_MyCall.Select(i, 0); + } + + private void cb_MyCall_SelectedIndexChanged(object sender, EventArgs e) + { + if (cb_MyCall.SelectedItem != null) + { + cb_MyCall.Text = cb_MyCall.SelectedItem.ToString(); + LocationDesignator ld = StationData.Database.LocationFind(cb_MyCall.Text); + if (Callsign.Check(cb_MyCall.Text) && (ld != null)) + { + // update Settings + cb_MyLoc.Text = MaidenheadLocator.LocFromLatLon(ld.Lat, ld.Lon, Properties.Settings.Default.Locator_SmallLettersForSubsquares, (int)Properties.Settings.Default.Locator_MaxLength / 2, Properties.Settings.Default.Locator_AutoLength); + Properties.Settings.Default.MyCall = cb_MyCall.Text; + Properties.Settings.Default.MyLat = ld.Lat; + Properties.Settings.Default.MyLon = ld.Lon; + Properties.Settings.Default.MyElevation = GetElevation(ld.Lat, ld.Lon); + Properties.Settings.Default.MyHeight = 10; + } + else + { + Properties.Settings.Default.MyLat = double.NaN; + Properties.Settings.Default.MyLon = double.NaN; + Properties.Settings.Default.MyElevation = 0; + Properties.Settings.Default.MyHeight = 0; + } + UpdateStatus(); + } + } + + private void cb_MyCall_DropDown(object sender, EventArgs e) + { + // poulate from MyCalls last recent collection + // populate drop down list + cb_MyCall.Items.Clear(); + foreach (string call in Properties.Settings.Default.MyCalls) + { + cb_MyCall.Items.Add(call); + } + } + + private void cb_MyLoc_TextChanged(object sender, EventArgs e) + { + if (cb_MyLoc.Focused) + { + if (MaidenheadLocator.Check(cb_MyLoc.Text) && (cb_MyLoc.Text.Length >= 6)) + { + Properties.Settings.Default.MyLat = cb_MyLoc.GeoLocation.Lat; + Properties.Settings.Default.MyLon = cb_MyLoc.GeoLocation.Lon; + Properties.Settings.Default.MyElevation = GetElevation(Properties.Settings.Default.MyLat, Properties.Settings.Default.MyLon); + Properties.Settings.Default.MyHeight = 10; + // colour Textbox if more precise lat/lon information is available + if (MaidenheadLocator.IsPrecise(Properties.Settings.Default.MyLat, Properties.Settings.Default.MyLon, 3)) + { + cb_MyLoc.BackColor = Color.PaleGreen; + } + UpdateStatus(); + } + else + { + cb_MyLoc.BackColor = Color.FloralWhite; + } + } + } + + private void cb_MyLoc_DropDown(object sender, EventArgs e) + { + // fill MyLoc combo box with all known locators + cb_MyLoc.BackColor = Color.FloralWhite; + cb_MyLoc.SilentText = ""; + cb_MyLoc.Items.Clear(); + List lds = StationData.Database.LocationFindAll(cb_MyCall.Text); + if (lds != null) + { + // fill item list of locator box + foreach (LocationDesignator ld in lds) + { + LocatorDropDownItem ldd = new LocatorDropDownItem(MaidenheadLocator.LocFromLatLon(ld.Lat, ld.Lon, Properties.Settings.Default.Locator_SmallLettersForSubsquares, (int)Properties.Settings.Default.Locator_MaxLength / 2, Properties.Settings.Default.Locator_AutoLength), new LatLon.GPoint(ld.Lat, ld.Lon)); + cb_MyLoc.Items.Add(ldd); + } + } + } + + private void cb_MyLoc_SelectedIndexChanged(object sender, EventArgs e) + { + LocatorDropDownItem ldd = (LocatorDropDownItem)cb_MyLoc.SelectedItem; + if (ldd != null) + { + // update properties + cb_MyLoc.Precision = (int)Properties.Settings.Default.Locator_MaxLength / 2; + cb_MyLoc.SmallLettersForSubsquares = Properties.Settings.Default.Locator_SmallLettersForSubsquares; + cb_MyLoc.AutoLength = Properties.Settings.Default.Locator_AutoLength; + // set geolocation instead of text + cb_MyLoc.GeoLocation = ldd.GeoLocation; + } + } + + private void cb_MyLoc_SelectionChangeCommittedWithNoUpdate(object sender, EventArgs e) + { + + } + + private void cb_DXCall_TextChanged(object sender, EventArgs e) + { + int i = cb_DXCall.SelectionStart; + Properties.Settings.Default.DXCall = cb_DXCall.Text; + // clear locator entries + cb_DXLoc.Text = ""; + cb_DXLoc.Items.Clear(); + Properties.Settings.Default.DXLat = double.NaN; + Properties.Settings.Default.DXLon = double.NaN; + Properties.Settings.Default.DXElevation = 0; + if (Callsign.Check(cb_DXCall.Text)) + { + // select last recent loc + LocationDesignator ld = StationData.Database.LocationFind(cb_DXCall.Text); + if (ld != null) + { + Properties.Settings.Default.DXLat = ld.Lat; + Properties.Settings.Default.DXLon = ld.Lon; + Properties.Settings.Default.DXElevation = GetElevation(ld.Lat, ld.Lon); + } + } + UpdateStatus(); + cb_DXCall.Select(i, 0); + } + + private void cb_DXCall_SelectedIndexChanged(object sender, EventArgs e) + { + if (cb_DXCall.SelectedItem != null) + { + cb_DXCall.Text = cb_DXCall.SelectedItem.ToString(); + LocationDesignator ld = StationData.Database.LocationFind(cb_DXCall.Text); + if (Callsign.Check(cb_DXCall.Text) && (ld != null)) + { + // update Settings + cb_DXLoc.Text = MaidenheadLocator.LocFromLatLon(ld.Lat, ld.Lon, Properties.Settings.Default.Locator_SmallLettersForSubsquares, (int)Properties.Settings.Default.Locator_MaxLength / 2, Properties.Settings.Default.Locator_AutoLength); + Properties.Settings.Default.DXCall = cb_DXCall.Text; + Properties.Settings.Default.DXLat = ld.Lat; + Properties.Settings.Default.DXLon = ld.Lon; + Properties.Settings.Default.DXElevation = GetElevation(ld.Lat, ld.Lon); + Properties.Settings.Default.DXHeight = 10; + } + else + { + Properties.Settings.Default.DXLat = double.NaN; + Properties.Settings.Default.DXLon = double.NaN; + Properties.Settings.Default.DXElevation = 0; + Properties.Settings.Default.DXHeight = 0; + } + UpdateStatus(); + } + } + + private void cb_DXCall_DropDown(object sender, EventArgs e) + { + // populate from watchlist + // return on empty watchlist + if (Properties.Settings.Default.Watchlist == null) + return; + // populate drop down list + List dxcalls = new List(); + foreach (WatchlistItem item in Properties.Settings.Default.Watchlist) + { + // nasty!! Should never be null! + if (item == null) + continue; + dxcalls.Add(item.Call); + } + dxcalls.Sort(); + cb_DXCall.Items.Clear(); + cb_DXCall.Items.AddRange(dxcalls.ToArray()); + } + + + private void cb_DXLoc_TextChanged(object sender, EventArgs e) + { + if (cb_DXLoc.Focused) + { + if (MaidenheadLocator.Check(cb_DXLoc.Text) && (cb_DXLoc.Text.Length >= 6)) + { + Properties.Settings.Default.DXLat = cb_DXLoc.GeoLocation.Lat; + Properties.Settings.Default.DXLon = cb_DXLoc.GeoLocation.Lon; + Properties.Settings.Default.DXElevation = GetElevation(Properties.Settings.Default.DXLat, Properties.Settings.Default.DXLon); + Properties.Settings.Default.DXHeight = 10; + // colour Textbox if more precise lat/lon information is available + if (MaidenheadLocator.IsPrecise(Properties.Settings.Default.DXLat, Properties.Settings.Default.DXLon, 3)) + { + cb_DXLoc.BackColor = Color.PaleGreen; + } + UpdateStatus(); + } + else + { + cb_DXLoc.BackColor = Color.FloralWhite; + } + } + } + + private void cb_DXLoc_DropDown(object sender, EventArgs e) + { + // fill DXLoc combo box with all known locators + cb_DXLoc.BackColor = Color.FloralWhite; + cb_DXLoc.SilentText = ""; + cb_DXLoc.Items.Clear(); + List lds = StationData.Database.LocationFindAll(cb_DXCall.Text); + if (lds != null) + { + // fill item list of locator box + foreach (LocationDesignator ld in lds) + { + LocatorDropDownItem ldd = new LocatorDropDownItem(MaidenheadLocator.LocFromLatLon(ld.Lat, ld.Lon, Properties.Settings.Default.Locator_SmallLettersForSubsquares, (int)Properties.Settings.Default.Locator_MaxLength / 2, Properties.Settings.Default.Locator_AutoLength), new LatLon.GPoint(ld.Lat, ld.Lon)); + cb_DXLoc.Items.Add(ldd); + } + } + } + + private void cb_DXLoc_SelectedIndexChanged(object sender, EventArgs e) + { + LocatorDropDownItem ldd = (LocatorDropDownItem)cb_DXLoc.SelectedItem; + if (ldd != null) + { + // update properties + cb_DXLoc.Precision = (int)Properties.Settings.Default.Locator_MaxLength / 2; + cb_DXLoc.SmallLettersForSubsquares = Properties.Settings.Default.Locator_SmallLettersForSubsquares; + cb_DXLoc.AutoLength = Properties.Settings.Default.Locator_AutoLength; + // set geolocation instead of text + cb_DXLoc.GeoLocation = ldd.GeoLocation; + } + } + + private void cb_DXLoc_SelectionChangeCommittedWithNoUpdate(object sender, EventArgs e) + { + } + + #endregion + + #region Tab Multi + + private void tp_Control_Multi_Enter(object sender, EventArgs e) + { + // enbale/disable manage watchlist button + btn_Control_Manage_Watchlist.Enabled = !Properties.Settings.Default.Watchlist_SyncWithKST || !Properties.Settings.Default.Server_Activate; + + if (PathMode != AIRSCOUTPATHMODE.MULTI) + { + PathMode = AIRSCOUTPATHMODE.MULTI; + tc_Map.SelectedTab = tp_Map; + } + tp_Control_Multi.Refresh(); + } + + private void lv_Control_Watchlist_Resize(object sender, EventArgs e) + { + // list view resized + // resize locator column to fit the client size + try + { + lv_Control_Watchlist.Columns[1].Width = lv_Control_Watchlist.ClientSize.Width - lv_Control_Watchlist.Columns[0].Width; + } + catch + { + // do nothing, if resize fails + } + } + + private void lv_Control_Watchlist_ColumnWidthChanged(object sender, ColumnWidthChangedEventArgs e) + { + // adjust width of Locator column to list view width + if (e.ColumnIndex == 0) + { + // call sign column changed + // resize locator column to fit the client size + try + { + lv_Control_Watchlist.Columns[1].Width = lv_Control_Watchlist.ClientSize.Width - lv_Control_Watchlist.Columns[0].Width; + } + catch + { + // do nothing, if resize fails + } + } + } + + private void lv_Control_Watchlist_ItemCheck(object sender, ItemCheckEventArgs e) + { + // ignore when in PLAY mode + if (!WatchlistUpdating && (PlayMode == AIRSCOUTPLAYMODE.FORWARD)) + e.NewValue = e.CurrentValue; + } + + private void lv_Control_Watchlist_ItemChecked(object sender, ItemCheckedEventArgs e) + { + // ignore event while populating list view + if (WatchlistUpdating) + return; + // sync watchlist with list view + ListViewItem lvi = e.Item; + if (lvi == null) + return; + // search item in watchlist + int index = Properties.Settings.Default.Watchlist.IndexOf(lvi.Text, lvi.SubItems[1].Text); + if (index >= 0) + Properties.Settings.Default.Watchlist[index].Checked = lvi.Checked; + if (WatchlistAllCheckedChanging) + return; + // maintain AllChecked checkbox + foreach (ListViewItem item in lv_Control_Watchlist.Items) + { + // stop on first different checked state + if ((item != null) && (item.Checked != lvi.Checked)) + { + WatchlistAllCheckedState = CheckBoxState.MixedNormal; + lv_Control_Watchlist.AutoResizeColumn(0, ColumnHeaderAutoResizeStyle.HeaderSize); + return; + } + } + // all items in the same state + WatchlistAllCheckedState = (lvi.Checked) ? CheckBoxState.CheckedNormal : CheckBoxState.UncheckedNormal; + lv_Control_Watchlist.AutoResizeColumn(0, ColumnHeaderAutoResizeStyle.HeaderSize); + } + + private void lv_Control_Watchlist_ColumnClick(object sender, ColumnClickEventArgs e) + { + // ignore when in PLAY mode + if (PlayMode == AIRSCOUTPLAYMODE.FORWARD) + return; + WatchlistAllCheckedChanging = true; + if (!WatchlistAllChecked) + { + WatchlistAllChecked = true; + WatchlistAllCheckedState = CheckBoxState.CheckedPressed; + foreach (ListViewItem item in lv_Control_Watchlist.Items) + { + // check all items within range + if ((item.Tag == null) || (item.Tag.ToString() != "OOR")) + item.Checked = true; + } + + Invalidate(); + } + else + { + WatchlistAllChecked = false; + WatchlistAllCheckedState = CheckBoxState.UncheckedNormal; + Invalidate(); + + foreach (ListViewItem item in lv_Control_Watchlist.Items) + { + item.Checked = false; + } + } + WatchlistAllCheckedChanging = false; + } + + private void lv_Control_Watchlist_DrawColumnHeader(object sender, DrawListViewColumnHeaderEventArgs e) + { + TextFormatFlags flags = TextFormatFlags.LeftAndRightPadding; + e.DrawBackground(); + CheckBoxRenderer.DrawCheckBox(e.Graphics, new System.Drawing.Point(ClientRectangle.Location.X + 4, ClientRectangle.Location.Y + 1), WatchlistAllCheckedState); + e.DrawText(flags); + } + + private void lv_Control_Watchlist_DrawItem(object sender, DrawListViewItemEventArgs e) + { + if (e.Item != null) + { + if ((PlayMode == AIRSCOUTPLAYMODE.FORWARD) && !String.IsNullOrEmpty(e.Item.ToolTipText)) + { + Color bkcolor = e.Item.BackColor; + try + { + double potential = double.Parse(e.Item.ToolTipText); + // set default color + bkcolor = Color.White; + if (potential > 0) + bkcolor = Color.Orange; + if (potential > 50) + bkcolor = Color.Red; + if (potential > 75) + bkcolor = Color.Magenta; + } + catch (Exception ex) + { + // do nothing + } + if (bkcolor != e.Item.BackColor) + { + e.Item.BackColor = bkcolor; + } + } + else + { + e.Item.BackColor = Color.White; + } + } + e.DrawDefault = true; + } + + + private void lv_Control_Watchlist_DrawSubItem(object sender, DrawListViewSubItemEventArgs e) + { + e.DrawDefault = true; + } + + private void lv_Control_Watchlist_SelectedIndexChanged(object sender, EventArgs e) + { + // synchronize station in SINGLE mode when selection changed in MULTI mode + try + { + if ((lv_Control_Watchlist.SelectedItems != null) && (lv_Control_Watchlist.SelectedItems.Count == 1)) + { + string call = lv_Control_Watchlist.SelectedItems[0].Text; + string loc = lv_Control_Watchlist.SelectedItems[0].SubItems[1].Text; + double lat = MaidenheadLocator.LatFromLoc(loc); + double lon = MaidenheadLocator.LonFromLoc(loc); + LocationDesignator ld = StationData.Database.LocationFind(call, loc); + if (ld != null) + { + // update lat/lon from database if found + lat = ld.Lat; + lon = ld.Lon; + } + Properties.Settings.Default.DXCall = call; + Properties.Settings.Default.DXLat = lat; + Properties.Settings.Default.DXLon = lon; + } + } + catch (Exception ex) + { + Log.WriteMessage(ex.ToString()); + } + } + + private void btn_Control_Manage_Watchlist_Click(object sender, EventArgs e) + { + // sync watchlist, try to keep previously checked calls + // you can have a call only once in the watch list + List checkedcalls = new List(); + foreach (WatchlistItem item in Properties.Settings.Default.Watchlist) + { + if (item.Checked) + checkedcalls.Add(item.Call); + } + WatchlistDlg Dlg = new WatchlistDlg(); + if (Dlg.ShowDialog() == DialogResult.OK) + { + // clear watch list + Properties.Settings.Default.Watchlist.Clear(); + foreach (DataGridViewRow row in Dlg.dgv_Watchlist_Selected.Rows) + { + string call = row.Cells[0].Value.ToString(); + string loc = row.Cells[1].Value.ToString(); + bool oor = true; + // try to get the location from database + LocationDesignator dxloc = StationData.Database.LocationFind(call, loc); + if (dxloc != null) + { + oor = LatLon.Distance(Properties.Settings.Default.MyLat, Properties.Settings.Default.MyLon, dxloc.Lat, dxloc.Lon) > Properties.Settings.Default.Path_MaxLength; + } + // add call to watch list + WatchlistItem item = new WatchlistItem(call, loc, oor); + Properties.Settings.Default.Watchlist.Add(item); + } + // reselect previously selected + foreach (string checkedcall in checkedcalls) + { + int index = Properties.Settings.Default.Watchlist.IndexOf(checkedcall); + if (index >= 0) + Properties.Settings.Default.Watchlist[index].Checked = true; + } + // refresh watchlist view + RefreshWatchlistView(); + } + } + + private void ShowToolTip(ToolTip tt, string text, Control control, System.Drawing.Point p, int ms = 5000) + { + if (String.IsNullOrEmpty(text)) + return; + // int BorderWidth = this.Width – this.ClientSize.Width)/2; + // int TitlebarHeight = this.Height – this.ClientSize.Height – 2 * BorderWidth; + int BorderWith = (this.Width - this.ClientSize.Width) / 2; + int TitleBarHeight = this.Height - this.ClientSize.Height - 2 * BorderWith; + p = control.PointToScreen(p); + p = this.PointToClient(p); + p.X = p.X + BorderWith; + p.Y = p.Y + TitleBarHeight + Cursor.Size.Height; + tt.Show(text, this, p, ms); + } + + private void lv_Control_Watchlist_ItemMouseHover(object sender, ListViewItemMouseHoverEventArgs e) + { + } + + private void lv_Control_Watchlist_MouseMove(object sender, MouseEventArgs e) + { + try + { + System.Drawing.Point p = new System.Drawing.Point(e.X, e.Y); + ListViewHitTestInfo info = lv_Control_Watchlist.HitTest(p); + if ((WatchlistOldMousePos != p) && (info != null) && (info.SubItem != null)) + { + WatchlistOldMousePos = p; + // check whether the column name is one of the following + if (info.SubItem.Name == "Call") + { + string dxcall = info.Item.SubItems[0].Text; + string dxloc = info.Item.SubItems[1].Text; + LocationDesignator ld = StationData.Database.LocationFind(dxcall, dxloc); + // location found --> show Tooltip with details + if (ld != null) + { + string qrb = LatLon.Distance(Properties.Settings.Default.MyLat, Properties.Settings.Default.MyLon, ld.Lat, ld.Lon).ToString("F0", CultureInfo.InvariantCulture); + string qtf = LatLon.Bearing(Properties.Settings.Default.MyLat, Properties.Settings.Default.MyLon, ld.Lat, ld.Lon).ToString("F0", CultureInfo.InvariantCulture); + ShowToolTip(tt_Control_Watchlist, dxcall + "\n" + dxloc + "\n" + qrb + " km\n" + qtf + "°", lv_Control_Watchlist, p); + } + } + } + } + catch (Exception ex) + { + Log.WriteMessage(ex.ToString(), LogLevel.Error); + } + } + + #endregion + + #region Tab Options + + private void tp_Control_Options_Enter(object sender, EventArgs e) + { + // set plane filter + try + { + cb_Planes_Filter_Min_Cat.SelectedItem = PlaneCategories.GetStringValue(Properties.Settings.Default.Planes_Filter_Min_Category); + } + catch (Exception ex) + { + Log.WriteMessage(ex.ToString(), LogLevel.Error); + } + } + + private void gb_Map_Zoom_MouseClick(object sender, MouseEventArgs e) + { + // get font size in pixels + double pixels; + using (Graphics g = this.CreateGraphics()) + { + pixels = gb_Map_Zoom.Font.SizeInPoints * g.DpiX / 72; + } + if ((e.Y <= pixels) && (e.Button == MouseButtons.Left)) + { + Properties.Settings.Default.Map_ShowZoomBox = !Properties.Settings.Default.Map_ShowZoomBox; + } + } + + private void gb_Map_Filter_MouseClick(object sender, MouseEventArgs e) + { + // get font size in pixels + double pixels; + using (Graphics g = this.CreateGraphics()) + { + pixels = gb_Map_Filter.Font.SizeInPoints * g.DpiX / 72; + } + if ((e.Y <= pixels) && (e.Button == MouseButtons.Left)) + { + Properties.Settings.Default.Map_ShowFilterBox = !Properties.Settings.Default.Map_ShowFilterBox; + } + } + + private void gb_Map_Alarms_MouseClick(object sender, MouseEventArgs e) + { + // get font size in pixels + double pixels; + using (Graphics g = this.CreateGraphics()) + { + pixels = gb_Map_Alarms.Font.SizeInPoints * g.DpiX / 72; + } + if ((e.Y <= pixels) && (e.Button == MouseButtons.Left)) + { + Properties.Settings.Default.Map_ShowAlarmBox = !Properties.Settings.Default.Map_ShowAlarmBox; + } + } + + private void btn_Zoom_In_Click(object sender, EventArgs e) + { + if (gm_Main.Zoom < 20) + gm_Main.Zoom++; + } + + private void btn_Zoom_Out_Click(object sender, EventArgs e) + { + if (gm_Main.Zoom > 0) + gm_Main.Zoom--; + } + + private void cb_Planes_Filter_Min_Category_SelectedIndexChanged(object sender, EventArgs e) + { + try + { + Properties.Settings.Default.Planes_Filter_Min_Category = PlaneCategories.ParseStringValue((string)cb_Planes_Filter_Min_Cat.SelectedItem); + } + catch (Exception ex) + { + Log.WriteMessage(ex.ToString(), LogLevel.Error); + } + } + + + #endregion + + #endregion + + #region Buttons + + private void btn_Options_Click(object sender, EventArgs e) + { + ShowOptionsDlg(); + } + + private void btn_Map_Save_Click(object sender, EventArgs e) + { + MapSave(); + } + + private void btn_Map_PlayPause_Click(object sender, EventArgs e) + { + if (PlayMode != AIRSCOUTPLAYMODE.FORWARD) + { + Play(); + } + else + { + Pause(); + } + } + + + #endregion + + #endregion + + #region Main Tab Control + + private void tc_Main_SelectedIndexChanged(object sender, EventArgs e) + { + } + + private void tc_Main_DrawItem(object sender, DrawItemEventArgs e) + { + // This event is called once for each tab button in your tab control + // First paint the background with a color based on the current tab + // e.Index is the index of the tab in the TabPages collection. + // fill background + e.Graphics.FillRectangle(new SolidBrush(SystemColors.Control), e.Bounds); + // Then draw the current tab button text + Rectangle paddedBounds = e.Bounds; + paddedBounds.Inflate(-2, -2); + e.Graphics.DrawString(tc_Main.TabPages[e.Index].Text, tc_Main.Font, (tc_Main.Enabled) ? SystemBrushes.ControlText : SystemBrushes.GrayText, paddedBounds); + + } + + #region Tab Page Spectrum + + private void tp_Spectrum_Enter(object sender, EventArgs e) + { + } + + private void tp_Spectrum_Resize(object sender, EventArgs e) + { + // adjust group boxes + // get quadratical nearest plane box + gb_NearestPlaneMap.Width = gb_NearestPlaneMap.Height; + gb_NearestPlaneMap.Left = tp_Spectrum.Width - gb_NearestPlaneMap.Width - 5; + // adjust plane info box + gb_Spectrum_NearestInfo.Left = tp_Spectrum.Width - gb_NearestPlaneMap.Width - gb_Spectrum_NearestInfo.Width - 10; + // adjust spectrum box + gb_Spectrum.Width = tp_Spectrum.Width - gb_NearestPlaneMap.Width - gb_Spectrum_NearestInfo.Width - 30; + tb_Spectrum_Status.Left = 5; + tb_Spectrum_Status.Width = pv_Spectrum.Width - 10; + } + + #endregion + + #region Tab Page Elevation + + private void tp_Elevation_Enter(object sender, EventArgs e) + { + } + + private void tp_Elevation_Resize(object sender, EventArgs e) + { + // adjust charts + pv_Path.Location = new System.Drawing.Point(0, 0); + pv_Path.Width = tp_Elevation.Width; + pv_Path.Height = tp_Elevation.Height / 2; + pv_Elevation.Location = new System.Drawing.Point(0, tp_Elevation.Height / 2); + pv_Elevation.Width = tp_Elevation.Width; + pv_Elevation.Height = tp_Elevation.Height / 2; + } + + + #endregion + + #region Tab Page Analysis + + private void UpdatePlayer() + { + // set players bounds + sb_Analysis_Play.Minimum = 0; + sb_Analysis_Play.Maximum = (int)(dtp_Analysis_MaxValue.Value - dtp_Analysis_MinValue.Value).TotalSeconds; + sb_Analysis_Play.Value = 0; + } + + private void tp_Analysis_Enter(object sender, EventArgs e) + { + if (LifeMode == AIRSCOUTLIFEMODE.LIFE) + { + btn_Analysis_ON.Enabled = true; + btn_Analysis_ON.BackColor = Color.YellowGreen; + btn_Analysis_OFF.Enabled = false; + btn_Analysis_OFF.BackColor = Color.Gray; + } + else + { + btn_Analysis_ON.Enabled = false; + btn_Analysis_ON.BackColor = Color.Gray; + btn_Analysis_OFF.Enabled = true; + btn_Analysis_OFF.BackColor = Color.LightCoral; + } + SayAnalysis("Press to start analysis."); + } + + private void tp_Analysis_Leave(object sender, EventArgs e) + { + } + + private void btn_Analysis_ON_Click(object sender, EventArgs e) + { + SayAnalysis("Getting database properties, please wait..."); + // go into offline mode + btn_Analysis_ON.Enabled = false; + btn_Analysis_ON.BackColor = Color.Gray; + btn_Analysis_OFF.Enabled = true; + btn_Analysis_OFF.BackColor = Color.LightCoral; + btn_Map_PlayPause.Enabled = false; + LifeMode = AIRSCOUTLIFEMODE.HISTORY; + PlayMode = AIRSCOUTPLAYMODE.PAUSE; + if (!bw_Analysis_DataGetter.IsBusy) + bw_Analysis_DataGetter.RunWorkerAsync(); + } + + private void btn_Analysis_OFF_Click(object sender, EventArgs e) + { + if (bw_Analysis_FileSaver.IsBusy) + bw_Analysis_FileSaver.CancelAsync(); + if (bw_Analysis_FileLoader.IsBusy) + bw_Analysis_FileLoader.CancelAsync(); + if (bw_Analysis_DataGetter.IsBusy) + { + SayAnalysis("Cancelling background thread, please wait..."); + bw_Analysis_DataGetter.CancelAsync(); + } + else + { + btn_Analysis_ON.Enabled = true; + btn_Analysis_ON.BackColor = Color.YellowGreen; + } + lock (AllPositions) + { + AllPositions.Clear(); + } + GC.Collect(); + // go into online mode + btn_Analysis_OFF.Enabled = false; + btn_Analysis_OFF.BackColor = Color.Gray; + btn_Analysis_Planes_Load.Enabled = false; + btn_Analysis_Planes_Save.Enabled = false; + btn_Analysis_Planes_Clear.Enabled = false; + btn_Analysis_Planes_History.Enabled = false; + btn_Analysis_Planes_ShowTraffic.Enabled = false; + btn_Analysis_Path_SaveToFile.Enabled = false; + btn_Analysis_CrossingHistory.Enabled = false; + btn_Analysis_Plane_History.Enabled = false; + btn_Analysis_Rewind.Enabled = false; + btn_Analysis_Back.Enabled = false; + btn_Analysis_Pause.Enabled = false; + btn_Analysis_Forward.Enabled = false; + btn_Analysis_FastForward.Enabled = false; + sb_Analysis_Play.Enabled = false; + dtp_Analysis_MinValue.Enabled = false; + dtp_Analysis_MaxValue.Enabled = false; + btn_Map_PlayPause.Enabled = true; + LifeMode = AIRSCOUTLIFEMODE.LIFE; + PlayMode = AIRSCOUTPLAYMODE.PAUSE; + UpdateStatus(); + btn_Map_PlayPause.Focus(); + } + + private void btn_Analysis_Planes_Save_Click(object sender, EventArgs e) + { + try + { + SaveFileDialog Dlg = new SaveFileDialog(); + Dlg.AddExtension = true; + Dlg.Filter = "Java Script Object Notation File|*.json|Comma Separated Values|*.csv"; + Dlg.DefaultExt = "json"; + Dlg.FileName = "Plane Positions " + dtp_Analysis_MinValue.Value.ToString("yyyy_MM_dd_HH_mm_ss") + " to " + dtp_Analysis_MaxValue.Value.ToString("yyyy_MM_dd_HH_mm_ss"); + Dlg.InitialDirectory = TmpDirectory; + Dlg.OverwritePrompt = true; + if (Dlg.ShowDialog() == System.Windows.Forms.DialogResult.OK) + { + if (!bw_Analysis_FileSaver.IsBusy) + { + btn_Analysis_Planes_Save.Enabled = false; + bw_Analysis_FileSaver.RunWorkerAsync(Dlg.FileName); + } + } + } + catch (Exception ex) + { + Say(ex.Message); + Log.WriteMessage(ex.ToString(), LogLevel.Error); + } + } + + private void btn_Analysis_Planes_Load_Click(object sender, EventArgs e) + { + try + { + OpenFileDialog Dlg = new OpenFileDialog(); + Dlg.Filter = "Java Script Object Notation File|*.json|Comma Separated Values|*.csv"; + Dlg.DefaultExt = "json"; + Dlg.CheckFileExists = true; + Dlg.CheckPathExists = true; + Dlg.Multiselect = false; + Dlg.InitialDirectory = TmpDirectory; + if (Dlg.ShowDialog() == System.Windows.Forms.DialogResult.OK) + { + if (!bw_Analysis_FileLoader.IsBusy) + { + btn_Analysis_Planes_Load.Enabled = false; + bw_Analysis_FileLoader.RunWorkerAsync(Dlg.FileName); + } + } + } + catch (Exception ex) + { + Say(ex.Message); + Log.WriteMessage(ex.ToString(), LogLevel.Error); + } + } + + private void btn_Analysis_Planes_Clear_Click(object sender, EventArgs e) + { + AircraftPositionData.Database.AircraftPositionDeleteAll(); + } + + private void btn_Analysis_Planes_History_Click(object sender, EventArgs e) + { + HistoryFromURLDlg Dlg = new HistoryFromURLDlg(); + if (Dlg.ShowDialog() == DialogResult.OK) + { + btn_Analysis_Planes_History.Enabled = false; + bw_HistoryDownloader.RunWorkerAsync(Properties.Settings.Default.Analysis_History_Date); + } + } + + private void btn_Analysis_Planes_ShowTraffic_Click(object sender, EventArgs e) + { + TrafficDlg Dlg = new TrafficDlg(); + Dlg.ShowDialog(); + } + + private void btn_Analysis_Path_SaveToFile_Click(object sender, EventArgs e) + { + SaveFileDialog Dlg = new SaveFileDialog(); + Dlg.CheckPathExists = true; + Dlg.AddExtension = true; + Dlg.DefaultExt = "csv"; + Dlg.Filter = "Comma Separated Values *.csv |csv"; + Dlg.FileName = "Path Information " + Properties.Settings.Default.MyCall.Replace("/", "_") + " to " + Properties.Settings.Default.DXCall.Replace("/", "_"); + Dlg.InitialDirectory = TmpDirectory; + Dlg.OverwritePrompt = true; + if (Dlg.ShowDialog() == DialogResult.OK) + { + try + { + // calculate propagation path + + // check and update station database + LocationDesignator myloc = LocationFindOrUpdateOrCreate(Properties.Settings.Default.MyCall, Properties.Settings.Default.MyLat, Properties.Settings.Default.MyLon); + Properties.Settings.Default.MyElevation = myloc.Elevation; + + // get qrv info or create default + QRVDesignator myqrv = StationData.Database.QRVFindOrCreateDefault(myloc.Call, myloc.Loc, Properties.Settings.Default.Band); + // set qrv defaults if zero + if (myqrv.AntennaHeight == 0) + myqrv.AntennaHeight = StationData.Database.QRVGetDefaultAntennaHeight(Properties.Settings.Default.Band); + if (myqrv.AntennaGain == 0) + myqrv.AntennaGain = StationData.Database.QRVGetDefaultAntennaGain(Properties.Settings.Default.Band); + if (myqrv.Power == 0) + myqrv.Power = StationData.Database.QRVGetDefaultPower(Properties.Settings.Default.Band); + // check if there are a valid DX settings + if (!Callsign.Check(Properties.Settings.Default.DXCall) || + !GeographicalPoint.Check(Properties.Settings.Default.DXLat, Properties.Settings.Default.DXLon)) + return; + + // OK valid, lets continue + // check and update station database + LocationDesignator dxloc = LocationFindOrUpdateOrCreate(Properties.Settings.Default.DXCall, Properties.Settings.Default.DXLat, Properties.Settings.Default.DXLon); + Properties.Settings.Default.DXElevation = dxloc.Elevation; + // get qrv info or create default + QRVDesignator dxqrv = StationData.Database.QRVFindOrCreateDefault(dxloc.Call, dxloc.Loc, Properties.Settings.Default.Band); + // set qrv defaults if zero + if (dxqrv.AntennaHeight == 0) + dxqrv.AntennaHeight = StationData.Database.QRVGetDefaultAntennaHeight(Properties.Settings.Default.Band); + if (dxqrv.AntennaGain == 0) + dxqrv.AntennaGain = StationData.Database.QRVGetDefaultAntennaGain(Properties.Settings.Default.Band); + if (dxqrv.Power == 0) + dxqrv.Power = StationData.Database.QRVGetDefaultPower(Properties.Settings.Default.Band); + + // find local obstruction, if any + LocalObstructionDesignator o = ElevationData.Database.LocalObstructionFind(myloc.Lat, myloc.Lon, Properties.Settings.Default.ElevationModel); + double mybearing = LatLon.Bearing(myloc.Lat, myloc.Lon, dxloc.Lat, dxloc.Lon); + double myobstr = (o != null) ? o.GetObstruction(myqrv.AntennaHeight, mybearing) : double.MinValue; + + // try to find elevation path in database or create new one and store + ElevationPathDesignator epath = ElevationData.Database.ElevationPathFindOrCreateFromLatLon( + null, + myloc.Lat, + myloc.Lon, + dxloc.Lat, + dxloc.Lon, + ElevationData.Database.GetDefaultStepWidth(Properties.Settings.Default.ElevationModel), + Properties.Settings.Default.ElevationModel); + // add additional info to ppath + epath.Location1 = myloc; + epath.Location2 = dxloc; + epath.QRV1 = myqrv; + epath.QRV2 = dxqrv; + + // try to find propagation path in database or create new one and store + PropagationPathDesignator ppath = PropagationData.Database.PropagationPathFindOrCreateFromLatLon( + null, + myloc.Lat, + myloc.Lon, + GetElevation(myloc.Lat, myloc.Lon) + myqrv.AntennaHeight, + dxloc.Lat, + dxloc.Lon, + GetElevation(dxloc.Lat, dxloc.Lon) + dxqrv.AntennaHeight, + Bands.ToGHz(Properties.Settings.Default.Band), + LatLon.Earth.Radius * Properties.Settings.Default.Path_Band_Settings[Properties.Settings.Default.Band].K_Factor, + Properties.Settings.Default.Path_Band_Settings[Properties.Settings.Default.Band].F1_Clearance, + ElevationData.Database.GetDefaultStepWidth(Properties.Settings.Default.ElevationModel), + Properties.Settings.Default.ElevationModel, + myobstr); + + // add additional info to ppath + ppath.Location1 = myloc; + ppath.Location2 = dxloc; + ppath.QRV1 = myqrv; + ppath.QRV2 = dxqrv; + using (StreamWriter sw = new StreamWriter(Dlg.FileName)) + { + sw.WriteLine("Distance[km];Lat[deg];Lon[deg];Elevation[m]; Min_h1[m]; Min_h2[m]; Min_h[m]; Max_h[m]; F1[m];eps1[deg];eps2[deg];eps1_min[deg];eps2_min[deg];ElevationModel"); + for (int i = 0; i < epath.Count; i++) + { + double dist = (double)i * epath.StepWidth / 1000.0; + PropagationPoint p = ppath.GetInfoPoint(dist); + sw.WriteLine(dist.ToString() + ";" + + p.Lat.ToString() + ";" + + p.Lon.ToString() + ";" + + epath.Path[i].ToString() + ";" + + p.H1.ToString() + ";" + + p.H2.ToString() + ";" + + Math.Max(p.H1, p.H2).ToString() + ";" + + Properties.Settings.Default.Planes_MaxAlt.ToString() + ";" + + p.F1.ToString() + ";" + + (Propagation.EpsilonFromHeights(ppath.h1, dist, epath.Path[i],ppath.Radius) / Math.PI * 180.0).ToString() + ";" + + (Propagation.EpsilonFromHeights(ppath.h2, ppath.Distance-dist, epath.Path[i], ppath.Radius) / Math.PI * 180.0).ToString() + ";" + + (ppath.Eps1_Min / Math.PI * 180.0).ToString() + ";" + + (ppath.Eps2_Min / Math.PI * 180.0).ToString()); + } + } + } + catch (Exception ex) + { + Log.WriteMessage("Error while saving path to file [" + Dlg.FileName + "]:" + ex.ToString(), LogLevel.Error); + } + } + } + + private void btn_Analysis_CrossingHistory_Click(object sender, EventArgs e) + { + if (dtp_Analysis_MaxValue.Value <= dtp_Analysis_MinValue.Value) + return; + if (Time_Offline_Interval <= 0) + Time_Offline_Interval = 1; + if ((AllPositions == null) || (AllPositions.Count == 0)) + return; + CrossingHistoryDlg Dlg = new CrossingHistoryDlg(dtp_Analysis_MinValue.Value, dtp_Analysis_MaxValue.Value, Time_Offline_Interval, ref AllPositions); + Dlg.ShowDialog(); + } + + private void sb_Analysis_Play_SizeChanged(object sender, EventArgs e) + { + // handle change of scrollbar + // set scrollbar markers + // reduce them to one marker per pixel + // get initial scrollbar width and build array + int[] sb = new int[sb_Analysis_Play.Width]; + double stepwidth = (double)sb.Length / (sb_Analysis_Play.Maximum - sb_Analysis_Play.Minimum); + foreach (DateTime dt in AllLastUpdated) + { + int index = (int)((dt - dtp_Analysis_MinValue.Value).TotalSeconds * stepwidth); + int i = (int)(dt - dtp_Analysis_MinValue.Value).TotalSeconds; + if ((i > sb_Analysis_Play.Minimum) && (i < sb_Analysis_Play.Maximum)) + sb[index] = i; + } + sb_Analysis_Play.BackgroundMarkers = sb.ToList(); + } + + private void gb_Analysis_Player_SizeChanged(object sender, EventArgs e) + { + // handle change of size --> arrange elements + sb_Analysis_Play.Left = dtp_Analysis_MinValue.Right + 10; + sb_Analysis_Play.Width = dtp_Analysis_MaxValue.Left - dtp_Analysis_MinValue.Width - 20; + sb_Analysis_Play.Height = dtp_Analysis_MinValue.Height; + } + + private void btn_Analysis_Rewind_Click(object sender, EventArgs e) + { + PlayMode = AIRSCOUTPLAYMODE.FASTBACK; + Time_Offline_Interval -= 10; + if (Time_Offline_Interval < 1) + Time_Offline_Interval = 1; + tb_Analysis_Stepwidth.Text = Time_Offline_Interval.ToString(); + } + + private void btn_Analysis_Back_Click(object sender, EventArgs e) + { + PlayMode = AIRSCOUTPLAYMODE.BACK; + Time_Offline_Interval -= 1; + if (Time_Offline_Interval < 1) + Time_Offline_Interval = 1; + tb_Analysis_Stepwidth.Text = Time_Offline_Interval.ToString(); + } + + private void btn_Analysis_Pause_Click(object sender, EventArgs e) + { + PlayMode = AIRSCOUTPLAYMODE.PAUSE; + Time_Offline_Interval = 0; + tb_Analysis_Stepwidth.Text = Time_Offline_Interval.ToString(); + } + + private void btn_Analysis_Forward_Click(object sender, EventArgs e) + { + PlayMode = AIRSCOUTPLAYMODE.FORWARD; + Time_Offline_Interval += 1; + if (Time_Offline_Interval > 3600) + Time_Offline_Interval = 3600; + tb_Analysis_Stepwidth.Text = Time_Offline_Interval.ToString(); + } + + private void btn_Analysis_FastForward_Click(object sender, EventArgs e) + { + PlayMode = AIRSCOUTPLAYMODE.FASTFORWARD; + Time_Offline_Interval += 10; + if (Time_Offline_Interval > 3600) + Time_Offline_Interval = 3600; + tb_Analysis_Stepwidth.Text = Time_Offline_Interval.ToString(); + } + + private void sb_Analysis_Play_Scroll(object sender, ScrollEventArgs e) + { +// PlayMode = AIRSCOUTPLAYMODE.PAUSE; +// Time_Offline_Interval = 0; + tb_Analysis_Stepwidth.Text = Time_Offline_Interval.ToString(); + Properties.Settings.Default.Time_Offline = dtp_Analysis_MinValue.Value.AddSeconds(sb_Analysis_Play.Value); + if (Properties.Settings.Default.Time_Offline < dtp_Analysis_MinValue.Value) + Properties.Settings.Default.Time_Offline = dtp_Analysis_MinValue.Value; + if (Properties.Settings.Default.Time_Offline > dtp_Analysis_MaxValue.Value) + Properties.Settings.Default.Time_Offline = dtp_Analysis_MaxValue.Value; + CurrentTime = Properties.Settings.Default.Time_Offline; + tb_Analysis_Time.Text = CurrentTime.ToString("yyyy-MM-hh HH:mm:ss"); + UpdatePlanes(); + + } + + private void dtp_Analysis_MinValue_ValueChanged(object sender, EventArgs e) + { + // check bounds + if (dtp_Analysis_MinValue.Value < History_OldestEntry) + dtp_Analysis_MinValue.Value = History_OldestEntry; + if (dtp_Analysis_MinValue.Value > History_YoungestEntry) + dtp_Analysis_MinValue.Value = History_YoungestEntry; + UpdatePlayer(); + } + + private void dtp_Analysis_MaxValue_ValueChanged(object sender, EventArgs e) + { + // check bounds + if (dtp_Analysis_MinValue.Value < History_OldestEntry) + dtp_Analysis_MinValue.Value = History_OldestEntry; + if (dtp_Analysis_MinValue.Value > History_YoungestEntry) + dtp_Analysis_MinValue.Value = History_YoungestEntry; + UpdatePlayer(); + } + + private void btn_Analysis_Plane_History_Click(object sender, EventArgs e) + { + PlaneHistoryDlg Dlg = new PlaneHistoryDlg(dtp_Analysis_MinValue.Value, dtp_Analysis_MaxValue.Value, TmpDirectory); + Dlg.ShowDialog(); + } + + #endregion + + #endregion + + #region Map Tab Control + + private void tp_Map_Enter(object sender, EventArgs e) + { + if (PathMode == AIRSCOUTPATHMODE.SINGLE) + sc_Map.Panel2Collapsed = false; + else if (PathMode == AIRSCOUTPATHMODE.MULTI) + sc_Map.Panel2Collapsed = true; + } + + private void tp_News_Enter(object sender, EventArgs e) + { + sc_Map.Panel2Collapsed = true; + } + + #endregion + + #endregion + + #region Background Workers + + #region PlaneFeed + + private void bw_PlaneFeed_ProgressChanged(object sender, ProgressChangedEventArgs e) + { + if (e.ProgressPercentage == (int)PROGRESS.ERROR) + { + if (e.UserState == null) + return; + Say((string)e.UserState); + } + else if (e.ProgressPercentage == (int)PROGRESS.STATUS) + { + if (e.UserState == null) + return; + Say((string)e.UserState); + } + else if (e.ProgressPercentage == (int)PROGRESS.PLANES) + { + List planes = (List)e.UserState; + Planes.BulkInsertOrUpdateIfNewer(planes); + } + } + + #endregion + + #region WinTestReceive + + // suppress console output when in debug mode, needs "Just my code" set in Tools\Options\Debugging + [System.Diagnostics.DebuggerNonUserCode] + private void bw_WinTestReceive_DoWork(object sender, DoWorkEventArgs e) + { + // Background thread for receiving Win-Test messages + // listens to the UDP broadcasts + // use the ReportProgress method to + // return status code and received message + // status values are: <0 = error orrcured (not supported yet) + // 0 = function calls OK, but no bytes received + // >0 = function calls OK, number of bytes received + Log.WriteMessage("Started."); + if (Thread.CurrentThread.Name == null) + Thread.CurrentThread.Name = "bw_WinTestReceive"; + // Get own IP addresses + string hostname; + IPAddress[] hostaddresses = new IPAddress[256]; + try + { + hostname = Dns.GetHostName(); + hostaddresses = Dns.GetHostAddresses(hostname); + } + catch (Exception ex) + { + Log.WriteMessage(ex.ToString(), LogLevel.Error); + } + // initialize UDP socket + IPEndPoint ep = new IPEndPoint(IPAddress.Any, Properties.Settings.Default.Server_Port); + UdpClient u = new UdpClient(); + u.Client.SetSocketOption(SocketOptionLevel.Socket, SocketOptionName.ReuseAddress, 1); + u.Client.ReceiveTimeout = 1000; + try + { + u.Client.Bind(ep); + } + catch (Exception ex) + { + Log.WriteMessage(ex.ToString(), LogLevel.Error); + } + + // receive Win-Test messages in a loop + while (!bw_WinTestReceive.CancellationPending) + { + try + { + // receive bytes in blocking mode + // handle the receive timeout and cancellation + try + { + byte[] data = u.Receive(ref ep); + wtMessage Msg = new wtMessage(data); + // check if message is directed to server + if (Msg.Dst == Properties.Settings.Default.Server_Name) + DispatchWinTestMsg(Msg); + } + catch (SocketException ex) + { + // do nothing + } + } + catch (Exception ex) + { + Log.WriteMessage(ex.ToString(), LogLevel.Error); + } + } + Log.WriteMessage("Finished."); + } + + private void ASShowPath(wtMessage msg) + { + // a show path message received + try + { + Stopwatch st = new Stopwatch(); + st.Start(); + if (PlayMode != AIRSCOUTPLAYMODE.PAUSE) + Pause(); + // set single mode + tc_Control.SelectedTab = tp_Control_Single; + PathMode = AIRSCOUTPATHMODE.SINGLE; + string[] a = msg.Data.Split(','); + string qrgstr = a[0].Replace("\"", ""); + string mycallstr = a[1].Replace("\"", ""); + string myloc = a[2].Replace("\"", "").Substring(0, 6); + double mylat = MaidenheadLocator.LatFromLoc(myloc); + double mylon = MaidenheadLocator.LonFromLoc(myloc); + string dxcallstr = a[3].Replace("\"", ""); + string dxloc = a[4].Replace("\"", "").Substring(0, 6); + double dxlat = MaidenheadLocator.LatFromLoc(dxloc); + double dxlon = MaidenheadLocator.LonFromLoc(dxloc); + if (Callsign.Check(mycallstr) && + Callsign.Check(dxcallstr) && + MaidenheadLocator.Check(myloc) && + MaidenheadLocator.Check(dxloc)) + { + Properties.Settings.Default.MyCall = mycallstr; + Properties.Settings.Default.MyLat = mylat; + Properties.Settings.Default.MyLon = mylon; + Properties.Settings.Default.MyHeight = 10; + Properties.Settings.Default.DXCall = dxcallstr; + Properties.Settings.Default.DXLat = dxlat; + Properties.Settings.Default.DXLon = dxlon; + Properties.Settings.Default.DXHeight = 10; + Properties.Settings.Default.MyElevation = GetElevation(Properties.Settings.Default.MyLat, Properties.Settings.Default.MyLon); + LocationDesignator info = StationData.Database.LocationFind(mycallstr); + if ((info != null) && (MaidenheadLocator.LocFromLatLon(info.Lat, info.Lon, false, 3) == myloc)) + { + // loc is matching with database --> use detailed info then + Properties.Settings.Default.MyLat = info.Lat; + Properties.Settings.Default.MyLon = info.Lon; + Properties.Settings.Default.MyElevation = GetElevation(Properties.Settings.Default.MyLat, Properties.Settings.Default.MyLon); + } + else + { + // update database if not found or locator does not match + UpdateLocation(mycallstr, mylat, mylon, GEOSOURCE.FROMLOC); + } + info = StationData.Database.LocationFind(dxcallstr); + if ((info != null) && (MaidenheadLocator.LocFromLatLon(info.Lat, info.Lon, false, 3) == dxloc)) + { + // loc is matching with database --> use detailed info then + Properties.Settings.Default.DXLat = info.Lat; + Properties.Settings.Default.DXLon = info.Lon; + Properties.Settings.Default.DXElevation = GetElevation(Properties.Settings.Default.DXLat, Properties.Settings.Default.DXLon); + } + else + { + // update database if not found or locator does not match + UpdateLocation(dxcallstr, dxlat, dxlon, GEOSOURCE.FROMLOC); + } + if (qrgstr == "500000") + Properties.Settings.Default.Band = BAND.B50M; + if (qrgstr == "700000") + Properties.Settings.Default.Band = BAND.B70M; + if (qrgstr == "1440000") + Properties.Settings.Default.Band = BAND.B144M; + if (qrgstr == "4320000") + Properties.Settings.Default.Band = BAND.B432M; + if (qrgstr == "12960000") + Properties.Settings.Default.Band = BAND.B1_2G; + if (qrgstr == "23200000") + Properties.Settings.Default.Band = BAND.B2_3G; + if (qrgstr == "34000000") + Properties.Settings.Default.Band = BAND.B3_4G; + if (qrgstr == "57600000") + Properties.Settings.Default.Band = BAND.B5_7G; + if (qrgstr == "103680000") + Properties.Settings.Default.Band = BAND.B10G; + if (qrgstr == "240480000") + Properties.Settings.Default.Band = BAND.B24G; + if (qrgstr == "470880000") + Properties.Settings.Default.Band = BAND.B47G; + if (qrgstr == "760320000") + Properties.Settings.Default.Band = BAND.B76G; + UpdateStatus(); + Play(); + // try different methods to bring the window to front under WinXP and Win7 + bool max = this.WindowState == FormWindowState.Maximized; + // try to restore window from minimized and normal state --> normal state + this.TopMost = true; + SetForegroundWindow(this.Handle); + ShowWindow(this.Handle, ShowWindowCommands.ShowNoActivate); + this.BringToFront(); + this.TopMost = false; + // maximize it if it was maximized before + if (max) + this.WindowState = FormWindowState.Maximized; + // set antenna direction + double az = LatLon.Bearing(Properties.Settings.Default.MyLat, + Properties.Settings.Default.MyLon, + Properties.Settings.Default.DXLat, + Properties.Settings.Default.DXLon); + // set tracking values + Properties.Settings.Default.Track_SetAz = az; + Properties.Settings.Default.Track_SetEl = 0; + } + st.Stop(); + Log.WriteMessage("Processing ASSHOWPATH[" + mycallstr + "," + dxcallstr + "]: " + st.ElapsedMilliseconds.ToString() + " ms."); + } + catch (Exception ex) + { + Log.WriteMessage(ex.ToString(), LogLevel.Error); + } + + } + + private void ASSetPath(wtMessage msg) + { + try + { + Stopwatch st = new Stopwatch(); + st.Start(); + string[] a = msg.Data.Split(','); + int qrg = 1296; + int.TryParse(a[0].Replace("\"", ""), out qrg); + qrg = qrg / 10000; + BAND band = BAND.BNONE; + try + { + band = (BAND)qrg; + } + catch + { + // do nothing + } + string mycallstr = a[1].Replace("\"", ""); + string mylocstr = a[2].Replace("\"", "").Substring(0, 6); + string dxcallstr = a[3].Replace("\"", ""); + string dxlocstr = a[4].Replace("\"", "").Substring(0, 6); + int count = 0; + // return on failure + if (!Callsign.Check(mycallstr)) + return; + if (!Callsign.Check(dxcallstr)) + return; + if (!MaidenheadLocator.Check(mylocstr)) + return; + if (!MaidenheadLocator.Check(dxlocstr)) + return; + // get my location info --> if loc is matching, use precise information automatically + LocationDesignator myloc = StationData.Database.LocationFindOrCreate(mycallstr, mylocstr); + // get my QRV info + QRVDesignator myqrv = StationData.Database.QRVFindOrCreateDefault(mycallstr, mylocstr, band); + // set qrv defaults if zero + if (myqrv.AntennaHeight == 0) + myqrv.AntennaHeight = StationData.Database.QRVGetDefaultAntennaHeight(Properties.Settings.Default.Band); + if (myqrv.AntennaGain == 0) + myqrv.AntennaGain = StationData.Database.QRVGetDefaultAntennaGain(Properties.Settings.Default.Band); + if (myqrv.Power == 0) + myqrv.Power = StationData.Database.QRVGetDefaultPower(Properties.Settings.Default.Band); + // get dx location info --> if loc is matching, use precise information automatically + LocationDesignator dxloc = LocationFindOrCreate(dxcallstr, dxlocstr); + // get dx QRV info + QRVDesignator dxqrv = StationData.Database.QRVFindOrCreateDefault(dxcallstr, dxlocstr, band); + // set qrv defaults if zero + if (dxqrv.AntennaHeight == 0) + dxqrv.AntennaHeight = StationData.Database.QRVGetDefaultAntennaHeight(Properties.Settings.Default.Band); + if (dxqrv.AntennaGain == 0) + dxqrv.AntennaGain = StationData.Database.QRVGetDefaultAntennaGain(Properties.Settings.Default.Band); + if (dxqrv.Power == 0) + dxqrv.Power = StationData.Database.QRVGetDefaultPower(Properties.Settings.Default.Band); + // find local obstruction, if any + LocalObstructionDesignator o = ElevationData.Database.LocalObstructionFind(myloc.Lat, myloc.Lon, Properties.Settings.Default.ElevationModel); + double mybearing = LatLon.Bearing(myloc.Lat, myloc.Lon, dxloc.Lat, dxloc.Lon); + double myobstr = (o != null) ? o.GetObstruction(myqrv.AntennaHeight, mybearing) : double.MinValue; + + // try to find propagation path in database or create new one and store + PropagationPathDesignator ppath = PropagationData.Database.PropagationPathFindOrCreateFromLatLon( + null, + myloc.Lat, + myloc.Lon, + GetElevation(myloc.Lat, myloc.Lon) + myqrv.AntennaHeight, + dxloc.Lat, + dxloc.Lon, + GetElevation(dxloc.Lat, dxloc.Lon) + dxqrv.AntennaHeight, + Bands.ToGHz(Properties.Settings.Default.Band), + LatLon.Earth.Radius * Properties.Settings.Default.Path_Band_Settings[Properties.Settings.Default.Band].K_Factor, + Properties.Settings.Default.Path_Band_Settings[Properties.Settings.Default.Band].F1_Clearance, + ElevationData.Database.GetDefaultStepWidth(Properties.Settings.Default.ElevationModel), + Properties.Settings.Default.ElevationModel, + myobstr); + List allplanes = Planes.GetAll(DateTime.UtcNow, Properties.Settings.Default.Planes_Position_TTL); + List nearestplanes = AircraftData.Database.GetNearestPlanes(DateTime.UtcNow, ppath, allplanes, Properties.Settings.Default.Planes_Filter_Max_Circumcircle, Properties.Settings.Default.Path_Band_Settings[band].MaxDistance, Properties.Settings.Default.Planes_MaxAlt); + count = 0; + string planes = ""; + wtMessage SendMsg = new wtMessage(WTMESSAGES.ASNEAREST, + Properties.Settings.Default.Server_Name, + msg.Src, + DateTime.UtcNow.ToString("u") + "," + + mycallstr + "," + + mylocstr + "," + + dxcallstr + "," + + dxlocstr + ","); + if ((nearestplanes != null) && (nearestplanes.Count() > 0)) + { + foreach (PlaneInfo planeinfo in nearestplanes) + { + if ((planeinfo.IntPoint != null) && (planeinfo.Potential > 0)) + { + int mins = 0; + if (planeinfo.Speed > 0) + mins = (int)(planeinfo.IntQRB / (double)planeinfo.Speed / 1.852 * 60.0); + planes = planes + planeinfo.Call + "," + PlaneCategories.GetShortStringValue(planeinfo.Category) + "," + ((int)planeinfo.IntQRB).ToString() + "," + planeinfo.Potential.ToString() + "," + mins.ToString() + ","; + count++; + } + } + } + planes = planes.TrimEnd(','); + SendMsg.Data = SendMsg.Data + count.ToString() + "," + planes; + SendMsg.Data = SendMsg.Data.TrimEnd(','); + SendMsg.HasChecksum = true; + // send message + UdpClient client = new UdpClient(); + client.Client.SetSocketOption(SocketOptionLevel.Socket, SocketOptionName.ReuseAddress, 1); + client.Client.ReceiveTimeout = 10000; // 10s Receive timeout + IPEndPoint groupEp = new IPEndPoint(IPAddress.Broadcast, Properties.Settings.Default.Server_Port); + client.Connect(groupEp); + byte[] b = SendMsg.ToBytes(); + client.Send(b, b.Length); + client.Close(); + st.Stop(); + Log.WriteMessage("Processing ASSETPATH[" + mycallstr + "," + dxcallstr + "]: " + count.ToString() + " Plane(s), " + st.ElapsedMilliseconds.ToString() + " ms."); + } + catch (Exception ex) + { + Log.WriteMessage(ex.ToString(), LogLevel.Error); + } + } + + private void ASWatchlist(wtMessage msg) + { + if (!Properties.Settings.Default.Watchlist_SyncWithKST) + return; + // maintain watchlist + try + { + Stopwatch st = new Stopwatch(); + st.Start(); + // mark all watchlist items to remove wich are not currently tracked + foreach (WatchlistItem item in Properties.Settings.Default.Watchlist) + { + // nasty!! Should never be null! + if (item == null) + continue; + if (!item.Checked) + item.Remove = true; + } + // split message + string[] a = msg.Data.Split(','); + // ignore band string so far + string qrgstr = a[0]; + // iterate through calls + for (int i = 1; i < a.Length - 1; i += 2) + { + // get call + string dxcallstr = a[i].Trim().ToUpper(); + // get loc + string dxlocstr = a[i + 1].Trim().ToUpper(); + // skip when invalid + if (!Callsign.Check(dxcallstr)) + continue; + if (!MaidenheadLocator.Check(dxlocstr)) + continue; + // skip own callsign + if (dxcallstr == Callsign.Cut(Properties.Settings.Default.MyCall)) + continue; + // find or create call & loc combination in station database + LocationDesignator dxcall = StationData.Database.LocationFindOrCreate(dxcallstr, dxlocstr); + double qrb = LatLon.Distance(Properties.Settings.Default.MyLat, Properties.Settings.Default.MyLon, dxcall.Lat, dxcall.Lon); + // add to watchlist + int index = Properties.Settings.Default.Watchlist.IndexOf(dxcallstr, dxlocstr); + // reset remove flag if item found, add to watchlist if not + if (index >= 0) + { + Properties.Settings.Default.Watchlist[index].Remove = false; + Properties.Settings.Default.Watchlist[index].OutOfRange = qrb > Properties.Settings.Default.Path_MaxLength; + } + else + { + Properties.Settings.Default.Watchlist.Add(new WatchlistItem(dxcallstr, dxlocstr, qrb > Properties.Settings.Default.Path_MaxLength)); + } + } + + // remove all items from watchlist which are not logged in anymore + Properties.Settings.Default.Watchlist.RemoveAll(item => item.Remove); + + // update watchlist in map + UpdateWatchlistInMap(); + + // update ListView control + RefreshWatchlistView(); + st.Stop(); + Log.WriteMessage("Processing ASWATCHLIST: " + Properties.Settings.Default.Watchlist.Count.ToString() + " call(s), " + st.ElapsedMilliseconds.ToString() + " ms."); + } + catch (Exception ex) + { + Log.WriteMessage(ex.ToString(), LogLevel.Error); + } + } + + private void ASAddWatch(wtMessage msg) + { + // abort if in wtKST sync mode + if (Properties.Settings.Default.Watchlist_SyncWithKST) + return; + + // maintain watchlist + try + { + Stopwatch st = new Stopwatch(); + st.Start(); + + // check for malformatted message + if (!msg.Data.Contains(",")) + return; + + // split message + string[] a = msg.Data.Split(','); + + // check for malformatted message + if ((a.Length - 1) % 3 != 0) + return; + + // ignore band string so far + string qrgstr = a[0]; + // iterate through calls + for (int i = 1; i < a.Length - 2; i += 3) + { + // get call + string dxcallstr = a[i].Trim().ToUpper(); + // get loc + string dxlocstr = a[i + 1].Trim().ToUpper(); + // get checked + string checkstr = a[i + 2].Trim().ToUpper(); + + // skip when invalid + if (!Callsign.Check(dxcallstr)) + continue; + + // empty loc --> try to find one in the database + if (String.IsNullOrEmpty(dxlocstr)) + { + LocationDesignator ld = StationData.Database.LocationFindLastRecent(dxcallstr); + if (ld != null) + dxlocstr = ld.Loc; + } + // skip when loc is still invalid + if (!MaidenheadLocator.Check(dxlocstr)) + continue; + + // skip own callsign + if (dxcallstr == Callsign.Cut(Properties.Settings.Default.MyCall)) + continue; + + // find or create call & loc combination in station database + LocationDesignator dxcall = StationData.Database.LocationFindOrCreate(dxcallstr, dxlocstr); + double qrb = LatLon.Distance(Properties.Settings.Default.MyLat, Properties.Settings.Default.MyLon, dxcall.Lat, dxcall.Lon); + + // add to watchlist + int index = Properties.Settings.Default.Watchlist.IndexOf(dxcallstr, dxlocstr); + // reset remove flag if item found, add to watchlist if not + if (index >= 0) + { + Properties.Settings.Default.Watchlist[index].Remove = false; + Properties.Settings.Default.Watchlist[index].OutOfRange = qrb > Properties.Settings.Default.Path_MaxLength; + if (!Properties.Settings.Default.Watchlist[index].OutOfRange) + { + Properties.Settings.Default.Watchlist[index].Checked = checkstr == "1"; + } + } + else + { + if (qrb > Properties.Settings.Default.Path_MaxLength) + { + Properties.Settings.Default.Watchlist.Add(new WatchlistItem(dxcallstr, dxlocstr, true)); + } + else + { + Properties.Settings.Default.Watchlist.Add(new WatchlistItem(dxcallstr, dxlocstr, false, checkstr == "1")); + } + } + } + + // update watchlist in map + UpdateWatchlistInMap(); + + // update ListView control + RefreshWatchlistView(); + + // refresh paths + UpdatePaths(); + + // start playing if at least one active watch + if (Properties.Settings.Default.Watchlist.Find(item => item.Checked) != null) + { + if (PlayMode == AIRSCOUTPLAYMODE.PAUSE) + Play(); + } + + st.Stop(); + Log.WriteMessage("Processing ASADDWATCH: " + st.ElapsedMilliseconds.ToString() + " ms."); + } + catch (Exception ex) + { + Log.WriteMessage(ex.ToString(), LogLevel.Error); + } + } + + private void ASRemoveWatch(wtMessage msg) + { + // abort if in wtKST sync mode + if (Properties.Settings.Default.Watchlist_SyncWithKST) + return; + + // maintain watchlist + try + { + Stopwatch st = new Stopwatch(); + st.Start(); + + // check for empty call sign list --> remove all + if (!msg.Data.Contains(",")) + { + // mark all watchlist items to remove wich are not currently tracked + foreach (WatchlistItem item in Properties.Settings.Default.Watchlist) + { + // nasty!! Should never be null! + if (item == null) + continue; + item.Remove = true; + } + } + else + { + // split message + string[] a = msg.Data.Split(','); + // ignore band string so far + string qrgstr = a[0]; + for (int i = 1; i < a.Length; i++) + { + // get call + string dxcallstr = a[i].Trim().ToUpper(); + + // mark all watchlist items to remove wich are not currently tracked + foreach (WatchlistItem item in Properties.Settings.Default.Watchlist) + { + // nasty!! Should never be null! + if (item == null) + continue; + if (item.Call == dxcallstr) + item.Remove = true; + } + } + } + + // remove all items from watchlist which marked as remove + Properties.Settings.Default.Watchlist.RemoveAll(item => item.Remove); + + // update watchlist in map + UpdateWatchlistInMap(); + + // update ListView control + RefreshWatchlistView(); + + // refresh paths + UpdatePaths(); + + // stop playing if no more active watches + if (Properties.Settings.Default.Watchlist.Find(item => item.Checked) == null) + { + if (PlayMode == AIRSCOUTPLAYMODE.FORWARD) + Pause(); + } + + st.Stop(); + Log.WriteMessage("Processing ASREMOVEWATCH: " + st.ElapsedMilliseconds.ToString() + " ms."); + } + catch (Exception ex) + { + Log.WriteMessage(ex.ToString(), LogLevel.Error); + } + } + + private void DispatchWinTestMsg(wtMessage msg) + { + // a Win-Test message was received by the background thread + if (msg.Msg == WTMESSAGES.ASSHOWPATH) + { + // a show path message received + // dispatch it to main thread + bw_WinTestReceive.ReportProgress(1, msg); + } + else if (msg.Msg == WTMESSAGES.ASSETPATH) + { + // a path calculation message received + // keep it in the background thread and calculate + ASSetPath(msg); + } + else if (msg.Msg == WTMESSAGES.ASWATCHLIST) + { + // set users list on watchlist + // dispatch it to main thread + bw_WinTestReceive.ReportProgress(1, msg); + } + else if (msg.Msg == WTMESSAGES.ASADDWATCH) + { + // add call to watchlist + // dispatch it to main thread + bw_WinTestReceive.ReportProgress(1, msg); + } + else if (msg.Msg == WTMESSAGES.ASREMOVEWATCH) + { + // add call to watchlist + // dispatch it to main thread + bw_WinTestReceive.ReportProgress(1, msg); + } + } + + private void bw_WinTestReceive_ProgressChanged(object sender, ProgressChangedEventArgs e) + { + // a Win-Test message was received by the background thread + NumberFormatInfo provider = new NumberFormatInfo(); + provider.NumberDecimalSeparator = "."; + provider.NumberGroupSeparator = ","; + provider.NumberGroupSizes = new int[] { 3 }; + + wtMessage msg = (wtMessage)e.UserState; + if (msg.Msg == WTMESSAGES.ASSHOWPATH) + ASShowPath(msg); + else if (msg.Msg == WTMESSAGES.ASWATCHLIST) + ASWatchlist(msg); + else if (msg.Msg == WTMESSAGES.ASADDWATCH) + ASAddWatch(msg); + else if (msg.Msg == WTMESSAGES.ASREMOVEWATCH) + ASRemoveWatch(msg); + } + + private void bw_WinTestReceive_RunWorkerCompleted(object sender, RunWorkerCompletedEventArgs e) + { + } + + #endregion + + # region SpecLabReceive + + // suppress console output when in debug mode, needs "Just my code" set in Tools\Options\Debugging + // [System.Diagnostics.DebuggerNonUserCode] + private void bw_SpecLab_Receive_DoWork(object sender, DoWorkEventArgs e) + { + // name the thread for debugging + if (String.IsNullOrEmpty(Thread.CurrentThread.Name)) + Thread.CurrentThread.Name = "bw_SpecLabReceive"; + Log.WriteMessage("Started."); + // get the update interval + int interval = System.Convert.ToInt32(Properties.Settings.Default.SpecLab_Update) * 1000; + // check for minimum + if (interval < 1000) + interval = 1000; + bw_SpecLab_Receive.ReportProgress(0); + int maxcount = 60; + List ads = new List(); + while (!bw_SpecLab_Receive.CancellationPending) + { + Thread.Sleep(interval); + // do nothing when not in play mode + if ((LifeMode != AIRSCOUTLIFEMODE.LIFE) || (PlayMode != AIRSCOUTPLAYMODE.FORWARD)) + continue; + try + { + // get boundary frequencies + int f1 = Properties.Settings.Default.SpecLab_F1; + if (f1 < 0) + f1 = 0; + if (f1 > 3000) + f1 = 3000; + int f2 = Properties.Settings.Default.SpecLab_F2; + if (f2 < 1) + f2 = 1; + if (f2 > 3000) + f2 = 3000; + if (f1 >= f2) + f1 = f2 - 1; + // get the url + string url = Properties.Settings.Default.SpecLab_URL; + // get the filename + string filename = Properties.Settings.Default.SpecLab_FileName; + if (!url.EndsWith("/")) + url = url + "/"; + url = url + filename + "?f1=" + f1.ToString() + "?f2=" + f2.ToString(); + string msg = ""; + bw_SpecLab_Receive.ReportProgress(1, "Trying to connect to Spectrum Lab..."); + WebRequest myWebRequest = WebRequest.Create(url); + WebResponse myWebResponse = myWebRequest.GetResponse(); + Stream ReceiveStream = myWebResponse.GetResponseStream(); + Encoding encode = System.Text.Encoding.GetEncoding("utf-8"); + StreamReader readStream = new StreamReader(ReceiveStream, encode); + string json = readStream.ReadToEnd(); + if (!json.StartsWith("[")) + throw (new FormatException("Format Exception: Not a JSON file.")); + // split the JSON string + // a[1] contains the header + // h contains alle header items + // d contains all data items + string[] a = json.Split('['); + a[1] = a[1].Replace(":", ","); + string[] h = a[1].Split(','); + a[2] = a[2].Replace("\r\n", ""); + a[2] = a[2].Remove(a[2].IndexOf("]") - 1); + a[2] = a[2].Replace(",", ";"); + a[2] = a[2].Replace(".", ","); + double[] d = System.Array.ConvertAll(a[2].Split(';'), new Converter(Double.Parse)); + // get the time stamp + long l = (long)System.Convert.ToDouble(h[1], CultureInfo.InvariantCulture); + DateTime utc = new System.DateTime(1970, 1, 1, 0, 0, 0, 0, DateTimeKind.Utc); + utc = utc.AddSeconds(l); + // get number of bins + int count = System.Convert.ToInt32(h[13]); + msg = "FFT-Data received: " + count.ToString() + "bins. F1=" + f1.ToString() + "Hz, F2=" + f2.ToString() + "Hz"; + bw_SpecLab_Receive.ReportProgress(1, msg); + double max = d.Max(); + // collect and save maximum if in play mode and NearestPlane != null + if ((PlayMode == AIRSCOUTPLAYMODE.FORWARD) && (NearestPlane != null)) + ads.Add(new SignalLevelDesignator(max, utc)); + // bulk save maximum to database if maxcount is reached + if (ads.Count > maxcount) + { + SignalData.Database.SignalLevelBulkInsertOrUpdateIfNewer(ads); + ads.Clear(); + } + // report maximum + bw_SpecLab_Receive.ReportProgress(100, max); + } + catch (WebException ex) + { + // do nothing + } + catch (SocketException ex) + { + // do nothing + } + catch (Exception ex) + { + Log.WriteMessage(ex.ToString(), LogLevel.Error); + bw_SpecLab_Receive.ReportProgress(-1, ex.Message); + } + } + Log.WriteMessage("Finished."); + } + + private void bw_SpecLab_Receive_ProgressChanged(object sender, ProgressChangedEventArgs e) + { + try + { + if (e.ProgressPercentage < 0) + { + // an error occured + tb_Spectrum_Status.ForeColor = Color.White; + tb_Spectrum_Status.BackColor = Color.Red; + tb_Spectrum_Status.Text = (string)e.UserState; + } + if (e.ProgressPercentage == 0) + { + // a init message occured + Spectrum.Points.Clear(); + SpectrumPointsCount = 0; + Spectrum_X.Reset(); + SpectrumRecord.Points.Clear(); + } + if (e.ProgressPercentage == 1) + { + // a status message occured + tb_Spectrum_Status.ForeColor = Color.Black; + tb_Spectrum_Status.BackColor = SystemColors.Control; + tb_Spectrum_Status.Text = (string)e.UserState; + } + if (e.ProgressPercentage == 100) + { + // FFT - data received + if ((LifeMode == AIRSCOUTLIFEMODE.LIFE) && (PlayMode == AIRSCOUTPLAYMODE.FORWARD)) + { + // draw data + double max = (double)e.UserState; + if (Spectrum.Points.Count >= SpectrumMaxPoints) + { + double pan = -(Spectrum_X.ScreenMax.X - Spectrum_X.ScreenMin.X) / (double)SpectrumMaxPoints; + Spectrum_X.Pan(pan); + Spectrum.Points.RemoveAt(0); + SpectrumRecord.Points.RemoveAt(0); + } + // add background area + SpectrumRecord.Fill = OxyColor.FromArgb(20, 255, 0, 255); + double on, off; + if (Spectrum_Y.Minimum < 0) + { + on = -1000; + off = 1000; + } + else + { + on = 1000; + off = -1000; + } + if (NearestPlane == null) + SpectrumRecord.Points.Add(new DataPoint(SpectrumPointsCount, off)); + else + SpectrumRecord.Points.Add(new DataPoint(SpectrumPointsCount, on)); + // add signal level point + Spectrum.Points.Add(new DataPoint(SpectrumPointsCount, max)); + SpectrumPointsCount++; + // autoscale Y axis + double y_min = double.MaxValue; + double y_max = double.MinValue; + foreach (DataPoint p in Spectrum.Points) + { + if (p.Y > y_max) + y_max = p.Y; + if (p.Y < y_min) + y_min = p.Y; + } + // enlarge scaling Y-axis by 10% in both directions + double y_diff = (y_max - y_min) * 0.1; + Spectrum_Y.Minimum = y_min - y_diff; + Spectrum_Y.Maximum = y_max + y_diff; + pm_Spectrum.InvalidatePlot(true); + } + } + // maintain nearest plane map + if (NearestPlane != null) + { + lbl_Nearest_Call.Text = NearestPlane.Call; + lbl_Nearest_Type.Text = NearestPlane.Type; + lbl_Nearest_Cat.Text = PlaneCategories.GetStringValue(NearestPlane.Category); + lbl_Nearest_Alt.Text = NearestPlane.Alt_m.ToString("F0") + "m"; + lbl_Nearest_Angle.Text = (NearestPlane.Angle / Math.PI * 180.0).ToString("F0") + "°"; + lbl_Nearest_Dist.Text = NearestPlane.IntQRB.ToString("F0") + "km"; + gmo_NearestPlanes.Clear(); + gmo_NearestPlanes.Markers.Add(CreatePlaneDetailed(NearestPlane, false)); + gm_Nearest.Position = new PointLatLng(NearestPlane.IntPoint.Lat, NearestPlane.IntPoint.Lon); + gm_Nearest.Zoom = 10; + } + } + catch (Exception ex) + { + Log.WriteMessage(ex.ToString(), LogLevel.Error); + } + } + + private void bw_SpecLab_Receive_RunWorkerCompleted(object sender, RunWorkerCompletedEventArgs e) + { + + } + + # endregion + + #region Track + + private bool Track_DDE_HRD(DdeClient client, double az, double el) + { + // send Az/EL vie DDE to Ham Radio Deluxe Rotor Control (HRDRotator.exe) + // no position feedback expected + if (client == null) + throw new NullReferenceException("[DDE]: Client not initialized."); + if (!client.IsConnected) + throw new InvalidOperationException("[DDE]: Client not connected."); + + byte[] data; + if ((az >= 0) && (az <= 360)) + { + // send azimuth data + data = Encoding.ASCII.GetBytes("SET-AZ:" + az.ToString("F1")); + client.TryPoke("PositionData", data, 1, 10000); + } + if ((el >= 0) && (el <= 90)) + { + // send elevation data + data = Encoding.ASCII.GetBytes("SET-EL:" + el.ToString("F1")); + client.TryPoke("PositionData", data, 1, 10000); + } + return true; + } + + private bool Track_UDP_WinTest(UdpClient client, IPEndPoint ip, double az, double el) + { + // send UDP broadcast like Win-Test + // no position feedback expected + if ((client == null) || (ip == null)) + if (client == null) + throw new NullReferenceException("[UDP]: Client and/or IP endpoint not initialized."); + wtMessage msg = new wtMessage(WTMESSAGES.SETAZIMUTH, Properties.Settings.Default.Server_Name, "", "AUTO", " 00 " + az.ToString("000")); + byte[] bytes = msg.ToBytes(); + client.Send(bytes, bytes.Length, ip); + return true; + } + + private bool Track_UDP_AirScout(UdpClient client, IPEndPoint ip, double az, double el) + { + // send UDP broadcast like Win-Test + // no position feedback expected + if ((client == null) || (ip == null)) + throw new NullReferenceException("[UDP]: Client and/or IP endpoint not initialized."); + wtMessage msg; + msg = new wtMessage(WTMESSAGES.SETAZIMUTH, Properties.Settings.Default.Server_Name, "", "AUTO", " 00 " + az.ToString("000")); + byte[] bytes = msg.ToBytes(); + client.Send(bytes, bytes.Length, ip); + msg = new wtMessage(WTMESSAGES.SETELEVATION, Properties.Settings.Default.Server_Name, "", "AUTO", " 00 " + el.ToString("000")); + bytes = msg.ToBytes(); + client.Send(bytes, bytes.Length, ip); + return true; + } + + private string Serial_SendCommand(SerialPort sp, string command, bool waitanswer) + { + // sends a command via serial port (and optional wait fo answer) + if ((sp == null) || (!sp.IsOpen)) + return ""; + string s = ""; + { + sp.WriteLine(command); + if (waitanswer) + { + s = sp.ReadLine(); + s = s.Replace("\n", ""); + } + } + return s; + } + + + private bool Track_SER__GS_232A_AZ(SerialPort sp, double az) + { + // send Az value via serial port (GS-232A protocol) + // communictaion test --> get azimuth value + if (sp == null) + throw new NullReferenceException("[Serial]: Port not initialized."); + if (!sp.IsOpen) + throw new InvalidOperationException("[Serial]: Port not open."); + // communictaion test --> get azimuth value + string s = Serial_SendCommand(sp, "C", true); + if (!s.StartsWith("+0")) + throw new FormatException("[Serial]: Wrong serial data format."); + try + { + double result = System.Convert.ToDouble(s.Substring(2, 3), CultureInfo.InvariantCulture); + } + catch + { + throw new FormatException("[Serial]: Wrong serial data format."); + } + // set azimuth value --> no feedback + Serial_SendCommand(sp, "M" + az.ToString("000"), false); + return true; + } + + private bool Track_SER__GS_232A_AZEL(SerialPort sp, double az, double el) + { + // send Az/El value via serial port (GS-232A protocol) + if (sp == null) + throw new NullReferenceException("[Serial]: Port not initialized."); + if (!sp.IsOpen) + throw new InvalidOperationException("[Serial]: Port not open."); + // communictaion test --> get azimuth and elevation value + string s = Serial_SendCommand(sp, "C2", true); + if (!s.StartsWith("+0")) + throw new FormatException("[Serial]: Wrong serial data format."); + try + { + double result = System.Convert.ToDouble(s.Substring(2, 3), CultureInfo.InvariantCulture); + } + catch + { + throw new FormatException("[Serial]: Wrong serial data format."); + } + // set azimuth value --> no feedback + Serial_SendCommand(sp, "W" + az.ToString("000") + " " + el.ToString("000"), false); + return true; + } + + private void Track_File_Native(double az, double el) + { + // writes a file with Az/El values in a file (native) + // Syntax: , + using (StreamWriter sw = new StreamWriter(TmpDirectory + Path.DirectorySeparatorChar + "azel.dat")) + { + sw.WriteLine(az.ToString("F1", CultureInfo.InvariantCulture) + "," + el.ToString("F1", CultureInfo.InvariantCulture)); + } + } + + private void Track_File_WSJT(double az, double el) + { + // writes a file with Az/El values in a file (WSJT) + // the info is filled in the "Source" line (originally intended to follow a radio source + using (StreamWriter sw = new StreamWriter(TmpDirectory + Path.DirectorySeparatorChar + "azel.dat")) + { + string utc = DateTime.UtcNow.ToString("HH:mm:ss"); + sw.WriteLine(utc + ",0,0,Moon"); + sw.WriteLine(utc + ",0,0,Sun"); + sw.WriteLine(utc + "," + az.ToString("F1", CultureInfo.InvariantCulture) + "," + el.ToString("F1", CultureInfo.InvariantCulture) + ",Source"); + sw.WriteLine("0, 0, 0, 0, 0,Doppler, R"); + } + } + + private void bw_Track_DoWork(object sender, DoWorkEventArgs e) + { + Log.WriteMessage("Started."); + + // name the thread for debugging + if (String.IsNullOrEmpty(Thread.CurrentThread.Name)) + Thread.CurrentThread.Name = "bw_Track"; + + // last recent calculated values + TrackValues oldvalues = null; + TRACKSTATUS oldstatus = TRACKSTATUS.NONE; + + // clients and ports + DdeClient ddeclient = null; + UdpClient udpclient = null; + IPEndPoint udpip = null; + SerialPort serialport = null; + + // error counters + int ddeerr = 0; + int udperr = 0; + int serialerr = 0; + int maxerr = 10; + + // outer loop + do + { + try + { + // intializations + if (Properties.Settings.Default.Track_DDE_HRD) + { + ddeclient = new DdeClient("HRDRotator", "Position"); + int result = ddeclient.TryConnect(); + + } + if (Properties.Settings.Default.Track_UDP_WinTest) + { + udpclient = new UdpClient(); + udpip = new IPEndPoint(IPAddress.Broadcast, Properties.Settings.Default.Track_UDP_WinTest_Port); + } + else if (Properties.Settings.Default.Track_UDP_AirScout) + { + udpclient = new UdpClient(); + udpip = new IPEndPoint(IPAddress.Broadcast, Properties.Settings.Default.Track_UDP_AirScout_Port); + } + if ((Properties.Settings.Default.Track_Serial_GS232_AZ) || (Properties.Settings.Default.Track_Serial_GS232_AZEL)) + { + serialport = new SerialPort(Properties.Settings.Default.Track_Serial_Port, + Properties.Settings.Default.Track_Serial_Baudrate, + System.IO.Ports.Parity.None, + 8, + System.IO.Ports.StopBits.One); + serialport.Handshake = System.IO.Ports.Handshake.None; + serialport.NewLine = "\r"; + serialport.Encoding = Encoding.ASCII; + serialport.ReadTimeout = 1000; + serialport.WriteTimeout = 1000; + serialport.Open(); + } + + // init OK --> ready for tracking + bw_Track.ReportProgress(1, TRACKSTATUS.STOPPED); + bw_Track.ReportProgress(2, ROTSTATUS.STOPPED); + + // inner loop + while (Properties.Settings.Default.Track_Activate && !bw_Track.CancellationPending) + { + try + { + // get current plane position and calculate set of tracking values + DateTime time = DateTime.UtcNow.AddSeconds(Properties.Settings.Default.Track_Offset); + TrackValues trackvalues = new TrackValues(); + trackvalues.Timestamp = time; + if (TrackMode == AIRSCOUTTRACKMODE.TRACK) + { + // invalidate oldvalues on plane change + if ((oldvalues != null) && (Properties.Settings.Default.Track_CurrentPlane != null) && (oldvalues.Hex != Properties.Settings.Default.Track_CurrentPlane)) + { + oldvalues = null; + } + // track plane --> get plane position and calculate values + PlaneInfo plane = Planes.Get(Properties.Settings.Default.Track_CurrentPlane, time, Properties.Settings.Default.Planes_Position_TTL); + if (plane != null) + { + trackvalues.Hex = Properties.Settings.Default.Track_CurrentPlane; + trackvalues.MyAzimuth = LatLon.Bearing(Properties.Settings.Default.MyLat, + Properties.Settings.Default.MyLon, + plane.Lat, + plane.Lon); + trackvalues.DXAzimuth = LatLon.Bearing(Properties.Settings.Default.DXLat, + Properties.Settings.Default.DXLon, + plane.Lat, + plane.Lon); + double myh = (GetElevation(Properties.Settings.Default.MyLat, Properties.Settings.Default.MyLon) + Properties.Settings.Default.MyHeight); + double dxh = (GetElevation(Properties.Settings.Default.DXLat, Properties.Settings.Default.DXLon) + Properties.Settings.Default.DXHeight); + double H = plane.Alt_m; + trackvalues.MyDistance = LatLon.Distance(Properties.Settings.Default.MyLat, Properties.Settings.Default.MyLon, plane.Lat, plane.Lon); + trackvalues.MySlantRange = Propagation.SlantRangeFromHeights( + myh, + Properties.Settings.Default.MyLat, + Properties.Settings.Default.MyLon, + plane.Lat, + plane.Lon, + H, + LatLon.Earth.Radius * Properties.Settings.Default.Path_Band_Settings[Properties.Settings.Default.Band].K_Factor); + trackvalues.MyElevation = Propagation.EpsilonFromHeights(myh, + trackvalues.MyDistance, + H, + LatLon.Earth.Radius * Properties.Settings.Default.Path_Band_Settings[Properties.Settings.Default.Band].K_Factor) + / Math.PI * 180; + trackvalues.DXDistance = LatLon.Distance(Properties.Settings.Default.DXLat, Properties.Settings.Default.DXLon, plane.Lat, plane.Lon); + trackvalues.DXSlantRange = Propagation.SlantRangeFromHeights( + dxh, + Properties.Settings.Default.DXLat, + Properties.Settings.Default.DXLon, + plane.Lat, + plane.Lon, + H, + LatLon.Earth.Radius * Properties.Settings.Default.Path_Band_Settings[Properties.Settings.Default.Band].K_Factor); + trackvalues.DXElevation = Propagation.EpsilonFromHeights(dxh, + trackvalues.MyDistance, + H, + LatLon.Earth.Radius * Properties.Settings.Default.Path_Band_Settings[Properties.Settings.Default.Band].K_Factor) + / Math.PI * 180; + + // calculate doppler, we need a last recent calculated values to calculate relative speed + if (oldvalues != null) + { + // get both resulting speeds in m/s + double timediff = (trackvalues.Timestamp - oldvalues.Timestamp).TotalSeconds; + double myspeed = 0; + double dxspeed = 0; + + if (timediff > 0) + { + myspeed = (oldvalues.MySlantRange - trackvalues.MySlantRange) * 1000.0 / timediff; + dxspeed = (oldvalues.DXSlantRange - trackvalues.DXSlantRange) * 1000.0 / timediff; + } + + // calculate both doppler shifts + trackvalues.MyDoppler = Propagation.DopplerShift(Bands.ToHz(Properties.Settings.Default.Band), myspeed); + trackvalues.DXDoppler = Propagation.DopplerShift(Bands.ToHz(Properties.Settings.Default.Band), dxspeed); + } + } + } + else if (TrackMode == AIRSCOUTTRACKMODE.SINGLE) + { + // single shot --> get values from settings and track only once + trackvalues.MyAzimuth = Properties.Settings.Default.Track_SetAz; + trackvalues.MyElevation = Properties.Settings.Default.Track_SetEl; + } + + // valid values --> start tracking + if (!double.IsNaN(trackvalues.MyAzimuth) && + !double.IsNaN(trackvalues.MyElevation) && + (trackvalues.MyAzimuth >= 0) && + (trackvalues.MyAzimuth < 360)) + { + // report track start + if (TrackMode == AIRSCOUTTRACKMODE.SINGLE) + { + bw_Track.ReportProgress(1, TRACKSTATUS.SINGLE); + } + else if (TrackMode == AIRSCOUTTRACKMODE.TRACK) + { + bw_Track.ReportProgress(1, TRACKSTATUS.TRACKING); + } + + // rotator control + try + { + // log tracking to console + Console.WriteLine("Tracking[" + DateTime.UtcNow.ToString("yyyy-MM-dd HH:mm:ss,fff") + "]: Az=" + trackvalues.MyAzimuth + ", El=" + trackvalues.MyElevation); + if (Properties.Settings.Default.Track_DDE_HRD) + { + bw_Track.ReportProgress(2, ROTSTATUS.TRACKING); + Track_DDE_HRD(ddeclient, trackvalues.MyAzimuth, trackvalues.MyElevation); + } + if (Properties.Settings.Default.Track_UDP_WinTest) + { + bw_Track.ReportProgress(2, ROTSTATUS.TRACKING); + Track_UDP_WinTest(udpclient, udpip, trackvalues.MyAzimuth, trackvalues.MyElevation); + } + if (Properties.Settings.Default.Track_UDP_AirScout) + { + bw_Track.ReportProgress(2, ROTSTATUS.TRACKING); + Track_UDP_AirScout(udpclient, udpip, trackvalues.MyAzimuth, trackvalues.MyElevation); + } + if (Properties.Settings.Default.Track_Serial_GS232_AZ) + { + bw_Track.ReportProgress(2, ROTSTATUS.TRACKING); + Track_SER__GS_232A_AZ(serialport, trackvalues.MyAzimuth); + } + if (Properties.Settings.Default.Track_Serial_GS232_AZEL) + { + bw_Track.ReportProgress(2, ROTSTATUS.TRACKING); + Track_SER__GS_232A_AZEL(serialport, trackvalues.MyAzimuth, trackvalues.MyElevation); + } + if (Properties.Settings.Default.Track_File_Native) + { + bw_Track.ReportProgress(2, ROTSTATUS.TRACKING); + Track_File_Native(trackvalues.MyAzimuth, trackvalues.MyElevation); + } + if (Properties.Settings.Default.Track_File_WSJT) + { + bw_Track.ReportProgress(2, ROTSTATUS.TRACKING); + Track_File_WSJT(trackvalues.MyAzimuth, trackvalues.MyElevation); + } + } + catch (Exception ex) + { + Log.WriteMessage(ex.ToString(), LogLevel.Error); + //report error + bw_Track.ReportProgress(-1, ex.Message); + // increment error counters and switch off in case of subsequent errors + if (ex.Message.StartsWith("[DDE]:")) + { + ddeerr++; + if (ddeerr > maxerr) + { + // switch off DDE + Properties.Settings.Default.Track_DDE_None = true; + Properties.Settings.Default.Track_DDE_HRD = false; + bw_Track.ReportProgress(-1, "Tracking via DDE disabled."); + bw_Track.ReportProgress(2, ROTSTATUS.ERROR); + bw_Track.ReportProgress(1, TRACKSTATUS.ERROR); + + } + } + if (ex.Message.StartsWith("[UDP]:")) + { + udperr++; + if (udperr > maxerr) + { + // switch off UDP + Properties.Settings.Default.Track_UDP_None = true; + Properties.Settings.Default.Track_UDP_WinTest = false; + Properties.Settings.Default.Track_UDP_AirScout = false; + bw_Track.ReportProgress(-1, "Tracking via UDP disabled."); + bw_Track.ReportProgress(2, ROTSTATUS.ERROR); + bw_Track.ReportProgress(1, TRACKSTATUS.ERROR); + } + } + if (ex.Message.StartsWith("[Serial]:")) + { + serialerr++; + if (serialerr > maxerr) + { + // switch off Serial + Properties.Settings.Default.Track_Serial_None = true; + Properties.Settings.Default.Track_Serial_GS232_AZ = false; + Properties.Settings.Default.Track_Serial_GS232_AZEL = false; + bw_Track.ReportProgress(-1, "Tracking via Serial disabled."); + bw_Track.ReportProgress(2, ROTSTATUS.ERROR); + bw_Track.ReportProgress(1, TRACKSTATUS.ERROR); + } + if (ex.Message.StartsWith("[Serial]:")) + serialerr++; + } + + } + + // doppler shift compensation if activated + if (Properties.Settings.Default.Doppler_Strategy_A) + { + trackvalues.RXFrequency = Properties.Settings.Default.Doppler_DialFreq + + (long)trackvalues.MyDoppler + + (long)trackvalues.DXDoppler; + trackvalues.TXFrequency = Properties.Settings.Default.Doppler_DialFreq; + } + else if (Properties.Settings.Default.Doppler_Strategy_B) + { + trackvalues.RXFrequency = Properties.Settings.Default.Doppler_DialFreq; + trackvalues.TXFrequency = Properties.Settings.Default.Doppler_DialFreq - + (long)trackvalues.MyDoppler - + (long)trackvalues.DXDoppler; + } + else if (Properties.Settings.Default.Doppler_Strategy_C) + { + trackvalues.RXFrequency = Properties.Settings.Default.Doppler_DialFreq + + (long)trackvalues.MyDoppler + + (long)trackvalues.DXDoppler; + trackvalues.TXFrequency = Properties.Settings.Default.Doppler_DialFreq - + (long)trackvalues.MyDoppler - + (long)trackvalues.DXDoppler; + } + else if (Properties.Settings.Default.Doppler_Strategy_D) + { + trackvalues.RXFrequency = Properties.Settings.Default.Doppler_DialFreq + + (long)trackvalues.MyDoppler; + trackvalues.TXFrequency = Properties.Settings.Default.Doppler_DialFreq - + (long)trackvalues.MyDoppler; + } + + // report values + bw_Track.ReportProgress(3, trackvalues); + + // store last values + oldvalues = trackvalues; + + // stop tracking when single shot + if (TrackMode == AIRSCOUTTRACKMODE.SINGLE) + { + bw_Track.ReportProgress(1, TRACKSTATUS.STOPPED); + bw_Track.ReportProgress(2, ROTSTATUS.STOPPED); + } + + } + else + { + // no tracking! + bw_Track.ReportProgress(1, TRACKSTATUS.STOPPED); + bw_Track.ReportProgress(2, ROTSTATUS.STOPPED); + } + } + catch (Exception ex) + { + // leave inner loop + bw_Track.ReportProgress(1, TRACKSTATUS.ERROR); + break; + } + Thread.Sleep(1000); + } + Thread.Sleep(Properties.Settings.Default.Track_Update); + + } + catch (Exception ex) + { + bw_Track.ReportProgress(-1, "Track error: " + ex.Message); + bw_Track.ReportProgress(1, TRACKSTATUS.ERROR); + } + + } + while (!bw_Track.CancellationPending); + + // try to close all connections + try + { + if ((ddeclient != null) && (ddeclient.IsConnected)) + ddeclient.Disconnect(); + if (udpclient != null) + udpclient.Close(); + if ((serialport != null) && (serialport.IsOpen)) + serialport.Close(); + } + catch (Exception ex) + { + Log.WriteMessage(ex.ToString(), LogLevel.Error); + } + + bw_Track.ReportProgress(1, TRACKSTATUS.NONE); + bw_Track.ReportProgress(2, ROTSTATUS.NONE); + + Log.WriteMessage("Finished."); + } + + private void bw_Track_ProgressChanged(object sender, ProgressChangedEventArgs e) + { + if (e.ProgressPercentage <= 0) + { + // report Error + tsl_Status.Text = (string)e.UserState; + } + else if (e.ProgressPercentage == 1) + { + // report tracking status + TRACKSTATUS trackstatus = (TRACKSTATUS)e.UserState; + switch (trackstatus) + { + case TRACKSTATUS.NONE: + SayTrack("TRK", Color.DarkGray, SystemColors.Control); + break; + case TRACKSTATUS.STOPPED: +// TrackMode = AIRSCOUTTRACKMODE.NONE; + SayTrack("TRK", SystemColors.Control, Color.DarkGray); + break; + case TRACKSTATUS.SINGLE: + case TRACKSTATUS.TRACKING: + SayTrack("TRK", Color.White, Color.DarkGreen); + break; + case TRACKSTATUS.ERROR: + SayTrack("TRK", Color.Yellow, Color.Red); + break; + default: + SayTrack("TRK", Color.DarkGray, SystemColors.Control); + break; + } + + // restore settings when returning from tracking + if ((trackstatus == TRACKSTATUS.TRACKING) || (trackstatus == TRACKSTATUS.SINGLE)) + { + if (bw_CAT != null) + { + if (Properties.Settings.Default.Doppler_Strategy_A) + bw_CAT.DopplerStrategy = DOPPLERSTRATEGY.DOPPLER_A; + else if (Properties.Settings.Default.Doppler_Strategy_B) + bw_CAT.DopplerStrategy = DOPPLERSTRATEGY.DOPPLER_B; + else if (Properties.Settings.Default.Doppler_Strategy_C) + bw_CAT.DopplerStrategy = DOPPLERSTRATEGY.DOPPLER_C; + else if (Properties.Settings.Default.Doppler_Strategy_D) + bw_CAT.DopplerStrategy = DOPPLERSTRATEGY.DOPPLER_D; + + } + } + else + { + if (bw_CAT != null) + { + bw_CAT.DopplerStrategy = DOPPLERSTRATEGY.DOPPLER_NONE; + } + } + + // save TrackStatus + TrackStatus = trackstatus; + } + else if (e.ProgressPercentage == 2) + { + // report Status + RotStatus = (ROTSTATUS)e.UserState; + switch (RotStatus) + { + case ROTSTATUS.STOPPED: + SayRot("ROT", SystemColors.Control, Color.DarkGray); + break; + case ROTSTATUS.TRACKING: + SayRot("ROT", Color.White, Color.DarkGreen); + break; + case ROTSTATUS.ERROR: + SayRot("ROT", Color.Yellow, Color.Red); + break; + default: + SayRot("ROT", Color.DarkGray, SystemColors.Control); + break; + } + } + else if (e.ProgressPercentage == 3) + { + // report track values + TrackValues = (TrackValues)e.UserState; + if (Properties.Settings.Default.Doppler_Strategy_A || + Properties.Settings.Default.Doppler_Strategy_B || + Properties.Settings.Default.Doppler_Strategy_C || + Properties.Settings.Default.Doppler_Strategy_D) + { + // adjust rig if frequencies are valid + if ((bw_CAT != null) && (TrackValues.RXFrequency != 0) && (TrackValues.TXFrequency != 0)) + { + if (Properties.Settings.Default.Doppler_Strategy_A) + bw_CAT.DopplerStrategy = DOPPLERSTRATEGY.DOPPLER_A; + if (Properties.Settings.Default.Doppler_Strategy_B) + bw_CAT.DopplerStrategy = DOPPLERSTRATEGY.DOPPLER_B; + if (Properties.Settings.Default.Doppler_Strategy_C) + bw_CAT.DopplerStrategy = DOPPLERSTRATEGY.DOPPLER_C; + if (Properties.Settings.Default.Doppler_Strategy_D) + bw_CAT.DopplerStrategy = DOPPLERSTRATEGY.DOPPLER_D; + bw_CAT.RxFrequency = TrackValues.RXFrequency; + bw_CAT.TxFrequency = TrackValues.TXFrequency; + } + } + } + } + + private void bw_Track_RunWorkerCompleted(object sender, RunWorkerCompletedEventArgs e) + { + + } + + #endregion + + #region JSONWriter + + private void bw_JSONWriter_DoWork(object sender, DoWorkEventArgs e) + { + Log.WriteMessage("Started."); + int interval = 60; + // name the thread for debugging + if (String.IsNullOrEmpty(Thread.CurrentThread.Name)) + Thread.CurrentThread.Name = "bw_JSONWriter"; + while (!bw_JSONWriter.CancellationPending) + { + // get planes each minute + List list = Planes.GetAll(DateTime.UtcNow, Properties.Settings.Default.Planes_Position_TTL); + if (list.Count > 0) + { + // write json file + try + { + using (StreamWriter sw = new StreamWriter(TmpDirectory + Path.DirectorySeparatorChar + "planes.json")) + { + int major = Assembly.GetExecutingAssembly().GetName().Version.Major; + sw.Write("{\"full_count\":" + list.Count().ToString() + ",\"version\":" + major.ToString()); + int i = 0; + foreach (PlaneInfo info in list) + { + string index = "\"" + i.ToString("x8") + "\""; + string hex = "\"" + info.Hex + "\""; + string lat = info.Lat.ToString("F4", CultureInfo.InvariantCulture); + string lon = info.Lon.ToString("F4", CultureInfo.InvariantCulture); + string track = info.Track.ToString("F0", CultureInfo.InvariantCulture); + string alt = info.Alt.ToString("F0", CultureInfo.InvariantCulture); + string speed = info.Speed.ToString("F0", CultureInfo.InvariantCulture); + string squawk = "\"" + "" + "\""; + string radar = "\"" + "" + "\""; + string type = "\"" + info.Type + "\""; + string reg = "\"" + info.Reg + "\""; + DateTime sTime = new DateTime(1970, 1, 1, 0, 0, 0, DateTimeKind.Utc); + string time = ((long)(info.Time - sTime).TotalSeconds).ToString(); + string dep = "\"\""; + string dest = "\"\""; + string flight = "\"\""; + string dummy1 = "0"; + string dummy2 = "0"; + string call = "\"" + info.Call + "\""; + string dummy3 = "0"; + sw.WriteLine("," + index + ":[" + + hex + "," + + lat + "," + + lon + "," + + track + "," + + alt + "," + + speed + "," + + squawk + "," + + radar + "," + + type + "," + + reg + "," + + time + "," + + dep + "," + + dest + "," + + flight + "," + + dummy1 + "," + + dummy2 + "," + + call + "," + + dummy3 + + "]"); + i++; + } + sw.WriteLine("}"); + } + } + catch (Exception ex) + { + Log.WriteMessage(ex.ToString(), LogLevel.Error); + // do nothing + } + } + int ii = 0; + while (!bw_JSONWriter.CancellationPending && (ii < interval)) + { + Thread.Sleep(1000); + ii++; + } + } + Log.WriteMessage("Finished."); + } + + + #endregion + + #region NewsFeed + + private void bw_NewsFeed_DoWork(object sender, DoWorkEventArgs e) + { + Log.WriteMessage("Started."); + // name the thread for debugging + if (String.IsNullOrEmpty(Thread.CurrentThread.Name)) + Thread.CurrentThread.Name = "bw_NewsFeed"; + Uri uri = Properties.Settings.Default.News_URL; + int interval = Properties.Settings.Default.News_Interval; + while (!bw_NewsFeed.CancellationPending) + { + try + { + // get the last modified time of the website + AutoDecompressionWebClient cl = new AutoDecompressionWebClient(); + DateTime dt = cl.GetWebCreationTimeUtc(Properties.Settings.Default.News_URL); + Log.WriteMessage("Checking news page: " + dt.ToString("yyyy-MM-dd HH:mm:ss") + "<> " + Properties.Settings.Default.News_LastUpdate.ToString("yyyy-MM-dd HH:mm:ss")); + Console.WriteLine("Checking news page: " + dt.ToString("yyyy-MM-dd HH:mm:ss") + "<> " + Properties.Settings.Default.News_LastUpdate.ToString("yyyy-MM-dd HH:mm:ss")); + // report latest news if updated + if (dt > Properties.Settings.Default.News_LastUpdate) + { + // report news to main window + bw_NewsFeed.ReportProgress(1, dt); + } + } + catch (Exception ex) + { + // report error + Log.WriteMessage(ex.ToString(), LogLevel.Error); + bw_NewsFeed.ReportProgress(-1, DateTime.UtcNow.ToString("[" + "HH:mm:ss") + "] Error while reading the website " + uri.ToString() + ": " + ex.Message); + } + int i = 0; + while (!bw_NewsFeed.CancellationPending && (i < interval)) + { + Thread.Sleep(1000); + i++; + } + } + Log.WriteMessage("Finished."); + } + + private void bw_NewsFeed_ProgressChanged(object sender, ProgressChangedEventArgs e) + { + if (e.ProgressPercentage < 0) + { + // report error + Say((string)e.UserState); + } + else + { + // stop background thread + bw_NewsFeed.CancelAsync(); + // report website changes + DateTime dt = (DateTime)e.UserState; + if (!SupportFunctions.IsMono) + { + if (MessageBox.Show("There are news on the website. Latest update: " + dt.ToString() + "\n Do you want to read it now?", "Website News", MessageBoxButtons.YesNo) == System.Windows.Forms.DialogResult.Yes) + { + try + { + if (wb_News != null) + wb_News.Refresh(); + tc_Map.SelectedTab = tp_News; + } + catch (Exception ex) + { + // do nothing if wb_News fails to refresh + } + } + // save time to settings + Properties.Settings.Default.News_LastUpdate = dt; + } + else + { + MessageBox.Show("There are news on the website. Latest update: " + dt.ToString() + "\n Do you want to read it now?\n\n Under Linux/Mono open web browser of your choice and goto: \n" + Properties.Settings.Default.News_URL + "\n\n", "Website News", MessageBoxButtons.YesNo); + // save time to settings + Properties.Settings.Default.News_LastUpdate = dt; + + } + // restart background thread + bw_NewsFeed.RunWorkerAsync(); + } + } + + private void bw_NewsFeed_RunWorkerCompleted(object sender, RunWorkerCompletedEventArgs e) + { + + } + + #endregion + + #region HistoryDownloader + + private void HistoryDownloader_DownloadProgressChanged(object sender, DownloadProgressChangedEventArgs e) + { + // get byte in GB + double bytesin = double.Parse(e.BytesReceived.ToString()) / 1024.0 / 1024.0 / 1024.0; + double totalbytes = double.Parse(e.TotalBytesToReceive.ToString()) / 1024.0 / 1024.0 / 1024.0; + double percentage = bytesin / totalbytes * 100; + try + { + if (bw_HistoryDownloader.IsBusy) + bw_HistoryDownloader.ReportProgress(1, "Downloaded " + bytesin.ToString("F2") + " GB of " + totalbytes.ToString("F2") + " GB (" + percentage.ToString("F2") + "%)."); + } + catch + { + + } + } + + private string ReadPropertyString(JObject o, string propertyname) + { + if (o.Property(propertyname) == null) + return null; + return o.Property(propertyname).Value.Value(); + } + + private int ReadPropertyDoubleToInt(JObject o, string propertyname) + { + if (o.Property(propertyname) == null) + return int.MinValue; + double d = ReadPropertyDouble(o, propertyname); + if ((d != double.MinValue) && (d >= int.MinValue) && (d <= int.MaxValue)) + return (int)d; + return int.MinValue; + } + + private double ReadPropertyDouble(JObject o, string propertyname) + { + if (o.Property(propertyname) == null) + return double.MinValue; + return o.Property(propertyname).Value.Value(); + } + + private long ReadPropertyLong(JObject o, string propertyname) + { + if (o.Property(propertyname) == null) + return long.MinValue; + return o.Property(propertyname).Value.Value(); + } + + private void HistoryDownloader_DownloadFileCompleted(object sender, AsyncCompletedEventArgs e) + { + try + { + if (bw_HistoryDownloader.IsBusy) + bw_HistoryDownloader.ReportProgress(1, "Reading " + Properties.Settings.Default.Analysis_History_ZIPFileName); + // unzip the file + if (File.Exists(Properties.Settings.Default.Analysis_History_ZIPFileName)) + { + string filename = Properties.Settings.Default.Analysis_History_ZIPFileName; + // unzips a zip file content to the same directory + string downloaddir = Path.GetDirectoryName(Properties.Settings.Default.Analysis_History_ZIPFileName); + // set path to calling assembly's path if not otherwise specified + if (String.IsNullOrEmpty(downloaddir)) + downloaddir = Assembly.GetCallingAssembly().Location; + // open the zip file + using (ZipFile zip = new ZipFile(filename)) + { + zip.ZipErrorAction = ZipErrorAction.Skip; + // here, we extract every entry, but we could extract conditionally + // based on entry name, size, date, checkbox status, etc. + foreach (ZipEntry ze in zip) + { + if (bw_HistoryDownloader.IsBusy) + bw_HistoryDownloader.ReportProgress(1, "Extracting " + ze.FileName); + try + { + /* + ze.Extract(downloaddir, ExtractExistingFileAction.OverwriteSilently); + string fname = Path.Combine(downloaddir, ze.FileName); + File.SetLastWriteTime(fname, ze.LastModified); + */ + } + catch (Exception ex) + { + if (bw_HistoryDownloader.IsBusy) + bw_HistoryDownloader.ReportProgress(-1, ex.Message); + } + } + } + // create csv to load into database + using (StreamWriter sw = new StreamWriter(Properties.Settings.Default.Analysis_History_ZIPFileName.ToLower().Replace(".zip", ".csv"))) + { + sw.WriteLine("time;call;reg;hex;lat;lon;track;alt;speed;squawk;radar;type"); + // read all files + for (int i = 0; i < 1440; i += (int)Properties.Settings.Default.Analysis_History_Stepwidth) + { + // calculate filename + int hours = i / 60; + int minutes = i % 60; + string fname = Path.Combine(Properties.Settings.Default.Analysis_History_Directory, Properties.Settings.Default.Analysis_History_Date.ToString("yyyy-MM-dd") + "-" + hours.ToString("00") + minutes.ToString("00") + "Z.json"); + if (bw_HistoryDownloader.IsBusy) + bw_HistoryDownloader.ReportProgress(1, "Processing " + fname); + if (File.Exists(fname)) + { + string json = ""; + using (StreamReader sr = new StreamReader(fname)) + json = sr.ReadToEnd(); + // analyze json string for planes data + JObject root = (JObject)JsonConvert.DeserializeObject(json); + foreach (JProperty proot in root.Children()) + { + // get the planes position list + if (proot.Name == "acList") + { + foreach (JArray a in proot.Children()) + { + foreach (JObject o in a.Values()) + { + PlaneInfo info = new PlaneInfo(); + try + { + info.Call = ReadPropertyString(o, "Call"); + info.Lat = ReadPropertyDouble(o, "Lat"); + info.Lon = ReadPropertyDouble(o, "Long"); + info.Track = ReadPropertyDoubleToInt(o, "Trak"); + // 2017-07-23: take "GAlt" (corrected altitude by air pressure) rather than "Alt" + info.Alt = ReadPropertyDoubleToInt(o, "GAlt"); + // info.Alt = ReadPropertyDoubleToInt(o, "Alt"); + info.Speed = ReadPropertyDoubleToInt(o, "Spd"); + info.Reg = ReadPropertyString(o, "Reg"); + try + { + string squawk = ReadPropertyString(o, "Sqk"); + } + catch + { + } + info.Hex = ReadPropertyString(o, "Icao"); + info.Type = ReadPropertyString(o, "Type"); + // complete type info + AircraftTypeDesignator td = AircraftData.Database.AircraftTypeFindByICAO(info.Type); + if (td != null) + { + info.Manufacturer = td.Manufacturer; + info.Model = td.Model; + info.Category = td.Category; + } + else + { + info.Manufacturer = "[unknown]"; + info.Model = "[unknown]"; + info.Category = PLANECATEGORY.NONE; + } + // CAUTION!! time is UNIX time in milliseconds + long l = ReadPropertyLong(o, "PosTime"); + if (l != long.MinValue) + { + DateTime timestamp = new System.DateTime(1970, 1, 1, 0, 0, 0, 0); + timestamp = timestamp.AddMilliseconds(l); + info.Time = timestamp; + } + else + { + info.Time = DateTime.MinValue; + } + if (PlaneInfoChecker.Check(info) && + (info.Alt_m >= Properties.Settings.Default.Planes_MinAlt) && + (info.Alt_m <= Properties.Settings.Default.Planes_MaxAlt) && + (info.Lat >= Properties.Settings.Default.MinLat) && + (info.Lat <= Properties.Settings.Default.MaxLat) && + (info.Lon >= Properties.Settings.Default.MinLon) && + (info.Lon <= Properties.Settings.Default.MaxLon)) + { + sw.WriteLine(info.Time.ToString("u") + ";" + + info.Call + ";" + + info.Reg + ";" + + info.Hex + ";" + + info.Lat.ToString("F8", CultureInfo.InvariantCulture) + ";" + + info.Lon.ToString("F8", CultureInfo.InvariantCulture) + ";" + + info.Track.ToString() + ";" + + info.Alt.ToString() + ";" + + info.Speed.ToString() + ";" + + "" + ";" + + "" + ";" + + info.Type); + } + } + catch (Exception ex) + { + Log.WriteMessage(ex.ToString(), LogLevel.Error); + } + } + } + } + } + } + } + } + } + } + catch (Exception ex) + { + if (bw_HistoryDownloader.IsBusy) + bw_HistoryDownloader.ReportProgress(-1, ex.Message); + } + // job is done + // cancel backgroundworker + bw_HistoryDownloader.CancelAsync(); + } + + private void bw_HistoryDownloader_DoWork(object sender, DoWorkEventArgs e) + { + // name the thread for debugging + if (String.IsNullOrEmpty(Thread.CurrentThread.Name)) + Thread.CurrentThread.Name = "bw_HistoryDownloader"; + try + { + DateTime date = (DateTime)e.Argument; + // check history directory first + if (!Directory.Exists(Properties.Settings.Default.Analysis_History_Directory)) + Properties.Settings.Default.Analysis_History_Directory = TmpDirectory; + // check free disk space + System.IO.DriveInfo drive = new System.IO.DriveInfo(Properties.Settings.Default.Analysis_History_Directory); + System.IO.DriveInfo a = new System.IO.DriveInfo(drive.Name); + if (a.AvailableFreeSpace < 50.0 * 1024.0 * 1024.0 * 1024.0) + throw new ArgumentException("Not enough disk space to run this operation."); + string url = Properties.Settings.Default.Analysis_History_URL; + Properties.Settings.Default.Analysis_History_ZIPFileName = Path.Combine(Properties.Settings.Default.Analysis_History_Directory, date.ToString("yyyy-MM-dd") + ".zip"); + if (!File.Exists(Properties.Settings.Default.Analysis_History_ZIPFileName)) + { + // file not found --> donwload it from url + // complete url with "/" and date + if (!url.EndsWith("/")) + url = url + "/"; + url = url + date.ToString("yyyy-MM-dd") + ".zip"; + // create web client for download + WebClient client = new WebClient(); + // register asynchronous file download event handler + client.DownloadProgressChanged += new DownloadProgressChangedEventHandler(HistoryDownloader_DownloadProgressChanged); + client.DownloadFileCompleted += new AsyncCompletedEventHandler(HistoryDownloader_DownloadFileCompleted); + client.DownloadFileAsync(new Uri(url), Properties.Settings.Default.Analysis_History_ZIPFileName); + // remain here in a loop until job is finished + // cancellation will be initiated after download and unzip is complet + } + else + { // call download completed handler directly + HistoryDownloader_DownloadFileCompleted(this, null); + } + } + catch (Exception ex) + { + bw_HistoryDownloader.ReportProgress(-1, ex.Message); + } + } + + private void bw_HistoryDownloader_ProgressChanged(object sender, ProgressChangedEventArgs e) + { + string s = (string)e.UserState; + if (String.IsNullOrEmpty(s)) + return; + tb_Analysis_Status.Text = s; + } + + private void bw_HistoryDownloader_RunWorkerCompleted(object sender, RunWorkerCompletedEventArgs e) + { + btn_Analysis_Planes_History.Enabled = true; + } + + #endregion + + + #region ElevationDatabaseUpdater + + private void bw_ElevationDatabaseUpdater_ProgressChanged(object sender, ProgressChangedEventArgs e) + { + try + { + if (e.ProgressPercentage < 0) + { + // error message received + string msg = (string)e.UserState; + Log.WriteMessage(msg, LogLevel.Error); + } + else if (e.ProgressPercentage == 0) + { + // status message received + string msg = (string)e.UserState; + // redirect output to splash screen on first run + if (FirstRun && SplashDlg != null) + Splash("Preparing database for first run: " + msg + " (please wait)", Color.Yellow); + else + { + SayDatabase(msg); + Log.WriteMessage(msg); + } + } + else if (e.ProgressPercentage == 1) + { + // database status update message received + if (sender == this.bw_GLOBEUpdater) + { + Properties.Settings.Default.Elevation_GLOBE_DatabaseStatus = (DATABASESTATUS)e.UserState; + Color color = DatabaseStatus.GetDatabaseStatusColor(Properties.Settings.Default.Elevation_GLOBE_DatabaseStatus); + if (tsl_Database_LED_GLOBE.BackColor != color) + tsl_Database_LED_GLOBE.BackColor = color; + string text = "GLOBE Database Status\n\n" + DatabaseStatus.GetDatabaseStatusText(Properties.Settings.Default.Elevation_GLOBE_DatabaseStatus); + if (tsl_Database_LED_GLOBE.ToolTipText != text) + tsl_Database_LED_GLOBE.ToolTipText = text; + } + else if (sender == this.bw_SRTM3Updater) + { + Properties.Settings.Default.Elevation_SRTM3_DatabaseStatus = (DATABASESTATUS)e.UserState; + Color color = DatabaseStatus.GetDatabaseStatusColor(Properties.Settings.Default.Elevation_SRTM3_DatabaseStatus); + if (tsl_Database_LED_SRTM3.BackColor != color) + tsl_Database_LED_SRTM3.BackColor = color; + string text = "SRTM3 Database Status\n\n" + DatabaseStatus.GetDatabaseStatusText(Properties.Settings.Default.Elevation_SRTM3_DatabaseStatus); + if (tsl_Database_LED_SRTM3.ToolTipText != text) + tsl_Database_LED_SRTM3.ToolTipText = text; + } + else if (sender == this.bw_SRTM1Updater) + { + Properties.Settings.Default.Elevation_SRTM1_DatabaseStatus = (DATABASESTATUS)e.UserState; + Color color = DatabaseStatus.GetDatabaseStatusColor(Properties.Settings.Default.Elevation_SRTM1_DatabaseStatus); + if (tsl_Database_LED_SRTM1.BackColor != color) + tsl_Database_LED_SRTM1.BackColor = color; + string text = "SRTM1 Database Status\n\n" + DatabaseStatus.GetDatabaseStatusText(Properties.Settings.Default.Elevation_SRTM1_DatabaseStatus); + if (tsl_Database_LED_SRTM1.ToolTipText != text) + tsl_Database_LED_SRTM1.ToolTipText = text; + } + else if (sender == this.bw_ASTER3Updater) + { + Properties.Settings.Default.Elevation_ASTER3_DatabaseStatus = (DATABASESTATUS)e.UserState; + Color color = DatabaseStatus.GetDatabaseStatusColor(Properties.Settings.Default.Elevation_ASTER3_DatabaseStatus); + if (tsl_Database_LED_ASTER3.BackColor != color) + tsl_Database_LED_ASTER3.BackColor = color; + string text = "ASTER3 Database Status\n\n" + DatabaseStatus.GetDatabaseStatusText(Properties.Settings.Default.Elevation_ASTER3_DatabaseStatus); + if (tsl_Database_LED_ASTER3.ToolTipText != text) + tsl_Database_LED_ASTER3.ToolTipText = text; + } + else if (sender == this.bw_ASTER1Updater) + { + Properties.Settings.Default.Elevation_ASTER1_DatabaseStatus = (DATABASESTATUS)e.UserState; + Color color = DatabaseStatus.GetDatabaseStatusColor(Properties.Settings.Default.Elevation_ASTER1_DatabaseStatus); + if (tsl_Database_LED_ASTER1.BackColor != color) + tsl_Database_LED_ASTER1.BackColor = color; + string text = "ASTER1 Database Status\n\n" + DatabaseStatus.GetDatabaseStatusText(Properties.Settings.Default.Elevation_ASTER1_DatabaseStatus); + if (tsl_Database_LED_ASTER1.ToolTipText != text) + tsl_Database_LED_ASTER1.ToolTipText = text; + } + } + if (!this.Disposing && (ss_Main != null)) + ss_Main.Update(); + } + catch (Exception ex) + { + Log.WriteMessage(ex.ToString(), LogLevel.Error); + } + } + + + #endregion + + #region ElevationPathCalculator + + private void bw_ElevationPathCalculator_ProgressChanged(object sender, ProgressChangedEventArgs e) + { + if (e.ProgressPercentage == 0) + SayCalculations((string)e.UserState); + } + + + #endregion + + #region StationDatabaseUpdater + + private void bw_StationDatabaseUpdater_ProgressChanged(object sender, ProgressChangedEventArgs e) + { + try + { + if (e.ProgressPercentage < 0) + { + // error message received + string msg = (string)e.UserState; + Log.WriteMessage(msg, LogLevel.Error); + } + else if (e.ProgressPercentage == 0) + { + // status message received + string msg = (string)e.UserState; + Log.WriteMessage(msg); + // redirect output to splash screen on first run + if (FirstRun && SplashDlg != null) + Splash("Preparing database for first run: " + msg + " (please wait)", Color.Yellow); + else + { + SayDatabase(msg); + } + } + else if (e.ProgressPercentage == 1) + { + Properties.Settings.Default.StationsDatabase_Status = (DATABASESTATUS)e.UserState; + Color color = DatabaseStatus.GetDatabaseStatusColor(Properties.Settings.Default.StationsDatabase_Status); + if (tsl_Database_LED_Stations.BackColor != color) + tsl_Database_LED_Stations.BackColor = color; + string text = "Stations Database Status\n\n" + DatabaseStatus.GetDatabaseStatusText(Properties.Settings.Default.StationsDatabase_Status); + if (tsl_Database_LED_Stations.ToolTipText != text) + tsl_Database_LED_Stations.ToolTipText = text; + } + if (!this.Disposing && (ss_Main != null)) + ss_Main.Update(); + } + catch (Exception ex) + { + Log.WriteMessage(ex.ToString(), LogLevel.Error); + } + } + + private void bw_StationDatabaseUpdater_RunWorkerCompleted(object sender, RunWorkerCompletedEventArgs e) + { + // refresh display + if (!this.IsDisposed) + { + UpdateAirports(); + } + } + + #endregion + + #region AircraftDatabaseUpdater + + private void bw_AircraftDatabaseUpdater_ProgressChanged(object sender, ProgressChangedEventArgs e) + { + try + { + if (e.ProgressPercentage < 0) + { + // error message received + string msg = (string)e.UserState; + Log.WriteMessage(msg, LogLevel.Error); + } + else if (e.ProgressPercentage == 0) + { + // status message received + string msg = (string)e.UserState; + Log.WriteMessage(msg); + // redirect output to splash screen on first run + if (FirstRun && SplashDlg != null) + Splash("Preparing database for first run: " + msg + " (please wait)", Color.Yellow); + else + { + SayDatabase(msg); + } + } + else if (e.ProgressPercentage == 1) + { + Properties.Settings.Default.AircraftDatabase_Status = (DATABASESTATUS)e.UserState; + Color color = DatabaseStatus.GetDatabaseStatusColor(Properties.Settings.Default.AircraftDatabase_Status); + if (tsl_Database_LED_Aircraft.BackColor != color) + { + tsl_Database_LED_Aircraft.BackColor = color; + } + string text = "Aircraft Database Status\n\n" + DatabaseStatus.GetDatabaseStatusText(Properties.Settings.Default.AircraftDatabase_Status); + if (tsl_Database_LED_Aircraft.ToolTipText != text) + tsl_Database_LED_Aircraft.ToolTipText = text; + } + if (!this.Disposing && (ss_Main != null)) + ss_Main.Update(); + } + catch (Exception ex) + { + Log.WriteMessage(ex.ToString(), LogLevel.Error); + } + } + + private void bw_AircraftDatabaseUpdater_RunWorkerCompleted(object sender, RunWorkerCompletedEventArgs e) + { + // refresh data tables and display + if (!this.IsDisposed) + { + // refresh all dictionnariees + // ScoutData.Database.UpdateFromDataTables(false); + // refresh airports and map +// UpdateAirports(); + } + } + + #endregion + + #region AircraftDatabaseMaintainer + + private void bw_AircraftDatabaseMaintainer_ProgressChanged(object sender, ProgressChangedEventArgs e) + { + try + { + if (e.ProgressPercentage < 0) + { + // error message received + string msg = (string)e.UserState; + Log.WriteMessage(msg, LogLevel.Error); + } + else if (e.ProgressPercentage == 0) + { + // status message received + string msg = (string)e.UserState; + Log.WriteMessage(msg); + // redirect output to splash screen on first run + if (FirstRun && SplashDlg != null) + Splash("Preparing database for first run: " + msg + " (please wait)", Color.Yellow); + else + { + SayDatabase(msg); + } + } + if (!this.Disposing && (ss_Main != null)) + ss_Main.Update(); + } + catch (Exception ex) + { + Log.WriteMessage(ex.ToString(), LogLevel.Error); + } + } + + private void bw_AircraftDatabaseMaintainer_RunWorkerCompleted(object sender, RunWorkerCompletedEventArgs e) + { + } + + #endregion + + #region MapPreloader + + private void bw_MapPreloader_ProgressChanged(object sender, ProgressChangedEventArgs e) + { + if (e.ProgressPercentage == 0) + SayCalculations((string)e.UserState); + else + { + PointLatLng p = (PointLatLng)e.UserState; + SayCalculations("Preloading map tile: " + MaidenheadLocator.LocFromLatLon(p.Lat, p.Lng, false, 2) + ", level " + e.ProgressPercentage); + gm_Cache.Zoom = e.ProgressPercentage; + gm_Cache.Position = p; + gm_Cache.ReloadMap(); + } + } + + + #endregion + + #region CATUpdater + + private void bw_CATUpdater_ProgressChanged(object sender, ProgressChangedEventArgs e) + { + if (e.ProgressPercentage <= 0) + { + Say((string)e.UserState); + } + } + + + #endregion + + #region CAT + + private void bw_CAT_ProgressChanged(object sender, ProgressChangedEventArgs e) + { + if (e.ProgressPercentage <= 0) + { + Say((string)e.UserState); + } + else if (e.ProgressPercentage == 1) + { + // new rig status received + RIGSTATUS status = (RIGSTATUS)e.UserState; + switch (status) + { + case RIGSTATUS.ONLINE: + SayCAT("CAT", Color.White, Color.DarkGreen); + break; + case RIGSTATUS.ERROR: + case RIGSTATUS.NOCAT: + case RIGSTATUS.NOPORT: + case RIGSTATUS.NORIG: + case RIGSTATUS.NOTSUITABLE: + SayCAT("CAT", Color.Yellow, Color.Red); + break; + case RIGSTATUS.OFFLINE: + SayCAT("CAT", Color.White, Color.DarkOrange); + break; + default: + SayCAT("CAT", Color.DarkGray, SystemColors.Control); + break; + } + + RigStatus = status; + } + else if (e.ProgressPercentage == 2) + { + // new rig info received + IRig rig = (IRig)e.UserState; + + // save info if a valid tracking is not going on + if (TrackStatus != TRACKSTATUS.TRACKING) + { + if (rig != null) + { + ConnectedRig = rig; + // save latest rig settings to switch back after tracking + Properties.Settings.Default.Doppler_DialFreq = rig.GetRxFrequency(); + Properties.Settings.Default.Doppler_DialMode = rig.GetMode(); + Properties.Settings.Default.Doppler_DialSplit = rig.GetSplit(); + Properties.Settings.Default.Doppler_DialRit = rig.GetRit(); + } + } + + // report to status bar + NumberFormatInfo info = new NumberFormatInfo(); + info.NumberDecimalSeparator = ";"; + info.NumberGroupSeparator = "."; + Say("Rig reports RX: " + rig.GetRxFrequency().ToString(info) + ", TX: " + rig.GetTxFrequency().ToString(info) + "Hz, Mode: " + rig.GetMode().ToString() + ", RIT: " + ((rig.GetRit() == RIGRIT.RITON) ? "ON" : "OFF") +", Split: " + ((rig.GetSplit() == RIGSPLIT.SPLITON)? "ON" : "OFF")); + } + + // set Tooltip + if (ConnectedRig != null) + { + tsl_CAT.ToolTipText = ConnectedRig.CatVersion + "\n" + ConnectedRig.Settings.Type + "\n\n"; + } + else + { + tsl_CAT.ToolTipText = "CAT error!" + "\n\n"; + } + tsl_CAT.ToolTipText = tsl_CAT.ToolTipText + RigStatus.ToString(); + + } + + + #endregion + + #endregion + + + #region Analysis_DataGetter + + private void bw_Analysis_DataGetter_DoWork(object sender, DoWorkEventArgs e) + { + // name the thread for debugging + if (String.IsNullOrEmpty(Thread.CurrentThread.Name)) + Thread.CurrentThread.Name = "bw_Analysis_DataGetter"; + Stopwatch st = new Stopwatch(); + st.Start(); + bw_Analysis_DataGetter.ReportProgress(0, "Getting timespan of all positions in database..."); + // calculate min/max values for timespan + History_OldestEntry = AircraftPositionData.Database.AircraftPositionOldestEntry(); + if (bw_Analysis_DataGetter.CancellationPending) + { + e.Cancel = true; + return; + } + History_YoungestEntry = AircraftPositionData.Database.AircraftPositionYoungestEntry(); + if (bw_Analysis_DataGetter.CancellationPending) + { + e.Cancel = true; + return; + } + bw_Analysis_DataGetter.ReportProgress(0, "Getting positions..."); + AircraftPositionsCount = AircraftPositionData.Database.AircraftPositionCount(); + // get all aircraft positions into cache + lock (AllPositions) + { + AllPositions.Clear(); + } + lock (AllPositions) + { + // get all positions from database, can be interrupted + AllPositions = AircraftPositionData.Database.AircraftPositionGetAll(this.bw_Analysis_DataGetter); + if (bw_Analysis_DataGetter.CancellationPending) + { + e.Cancel = true; + return; + } + } + st.Stop(); + bw_Analysis_DataGetter.ReportProgress(0, "Getting positions finished, " + AllPositions.Count.ToString() + " positions, " + st.ElapsedMilliseconds.ToString() + " ms."); + } + + private void bw_Analysis_DataGetter_ProgressChanged(object sender, ProgressChangedEventArgs e) + { + if (e.ProgressPercentage == 0) + { + string msg = (string)e.UserState; + // NASTY!! Add the total count of positions after the "of" in the message + // total count is calculated once in DoWork + if (msg.EndsWith("of)")) + msg = msg + " " + AircraftPositionsCount.ToString(); + SayAnalysis(msg); + } + } + + private void bw_Analysis_DataGetter_RunWorkerCompleted(object sender, RunWorkerCompletedEventArgs e) + { + // check if cancelled + // return to default state + if (e.Cancelled) + { + SayAnalysis("Cancelled."); + btn_Analysis_ON.Enabled = true; + btn_Analysis_ON.BackColor = Color.YellowGreen; + return; + } + else + SayAnalysis("Ready."); + // nothing found in database --> show message box and do not enter analysis mode + if ((History_YoungestEntry == DateTime.MinValue) || (History_OldestEntry == DateTime.MinValue)) + { + MessageBox.Show("Nothing found for analysis. Please let AirScout run in PLAY mode for a while to collect some data.", "AirScout Analysis", MessageBoxButtons.OK); + return; + } + // set scroll bar bounds + dtp_Analysis_MinValue.Value = History_OldestEntry; + dtp_Analysis_MaxValue.Value = History_YoungestEntry; + // enable buttons + btn_Analysis_Planes_Load.Enabled = true; + btn_Analysis_Planes_Save.Enabled = true; + btn_Analysis_Planes_Clear.Enabled = true; + btn_Analysis_Planes_History.Enabled = true; + btn_Analysis_Planes_ShowTraffic.Enabled = true; + btn_Analysis_Path_SaveToFile.Enabled = true; + btn_Analysis_CrossingHistory.Enabled = true; + btn_Analysis_Plane_History.Enabled = true; + btn_Analysis_Rewind.Enabled = true; + btn_Analysis_Back.Enabled = true; + btn_Analysis_Pause.Enabled = true; + btn_Analysis_Forward.Enabled = true; + btn_Analysis_FastForward.Enabled = true; + sb_Analysis_Play.Enabled = true; + dtp_Analysis_MinValue.Enabled = true; + dtp_Analysis_MaxValue.Enabled = true; + UpdatePlayer(); + // set time to oldest entry + Properties.Settings.Default.Time_Offline = History_OldestEntry; + gb_Analysis_Player_SizeChanged(this, null); + UpdatePaths(); + UpdateStatus(); + btn_Analysis_Planes_Load.Focus(); + } + + #endregion + + #region Analysis_FileSaver + + + private void Analysis_Planes_Save_JSON(string filename) + { + int saved = 0; + using (StreamWriter sw = new StreamWriter(filename)) + { + sw.WriteLine("["); + for (int i = 0; i < AllPositions.Count; i++) + { + if (AllPositions[i].LastUpdated < dtp_Analysis_MinValue.Value) + continue; + if (AllPositions[i].LastUpdated > dtp_Analysis_MaxValue.Value) + continue; + string json = AllPositions[i].ToJSON(); + sw.Write(json); + if (i < AllPositions.Count - 1) + { + sw.WriteLine(","); + } + else + sw.WriteLine(); + saved++; + if (saved % 1000 == 0) + bw_Analysis_FileSaver.ReportProgress(0, "Saving position " + saved.ToString() + "..."); + if (bw_Analysis_FileSaver.CancellationPending) + return; + } + sw.WriteLine("]"); + } + } + + private void Analysis_Planes_Save_CSV(string filename) + { + int saved = 0; + using (StreamWriter sw = new StreamWriter(filename)) + { + sw.WriteLine("time[utc];hex;call;lat[deg];lon[deg];alt[ft];track[deg];speed[kts]"); + foreach (AircraftPositionDesignator ap in AllPositions) + { + if (ap.LastUpdated < dtp_Analysis_MinValue.Value) + continue; + if (ap.LastUpdated > dtp_Analysis_MaxValue.Value) + continue; + sw.WriteLine(ap.LastUpdated.ToString("yyyy-MM-dd HH:mm:ssZ") + ";" + + ap.Hex + ";" + + ap.Call + ";" + + ap.Lat.ToString("F8", CultureInfo.InvariantCulture) + ";" + + ap.Lon.ToString("F8", CultureInfo.InvariantCulture) + ";" + + ap.Alt.ToString("F8", CultureInfo.InvariantCulture) + ";" + + ap.Track.ToString("F8", CultureInfo.InvariantCulture) + ";" + + ap.Speed.ToString("F8", CultureInfo.InvariantCulture) + ); + saved++; + if (saved % 1000 == 0) + bw_Analysis_FileSaver.ReportProgress(0, "Saving position " + saved.ToString() + "..."); + if (bw_Analysis_FileSaver.CancellationPending) + return; + } + } + } + + private void bw_Analysis_FileSaver_DoWork(object sender, DoWorkEventArgs e) + { + string filename = (string)e.Argument; + // name the thread for debugging + if (String.IsNullOrEmpty(Thread.CurrentThread.Name)) + Thread.CurrentThread.Name = "bw_Analysis_FileSaver"; + try + { + if (filename.ToLower().EndsWith(".json")) + Analysis_Planes_Save_JSON(filename); + else if (filename.ToLower().EndsWith(".csv")) + Analysis_Planes_Save_CSV(filename); + } + catch (Exception ex) + { + Log.WriteMessage(ex.ToString(), LogLevel.Error); + bw_Analysis_FileSaver.ReportProgress(-1, ex.Message); + } + if (bw_Analysis_FileSaver.CancellationPending) + e.Cancel = true; + } + + private void bw_Analysis_FileSaver_ProgressChanged(object sender, ProgressChangedEventArgs e) + { + if (e.ProgressPercentage <= 0) + SayAnalysis((string)e.UserState); + } + + private void bw_Analysis_FileSaver_RunWorkerCompleted(object sender, RunWorkerCompletedEventArgs e) + { + if (e.Cancelled) + SayAnalysis("Cancelled."); + else + { + btn_Analysis_Planes_Save.Enabled = true; + SayAnalysis("Ready."); + } + } + + #endregion + + #region Analysis_FileLoader + + private void Analysis_Planes_Load_JSON(string filename) + { + JsonSerializerSettings settings = new JsonSerializerSettings(); + settings.DateTimeZoneHandling = DateTimeZoneHandling.Utc; + settings.FloatFormatHandling = FloatFormatHandling.String; + settings.Formatting = Newtonsoft.Json.Formatting.Indented; + settings.Culture = CultureInfo.InvariantCulture; + List aps = new List(); + bw_Analysis_FileLoader.ReportProgress(0, "Opening file..."); + using (StreamReader sr = new StreamReader(File.Open(filename, FileMode.Open))) + { + // check for starting bracket of array + char c = (char)sr.Read(); + if (c != '[') + return; + // read 1000 positions and update database + int count = 0; + int updated = 0; + while (!sr.EndOfStream) + { + aps.Clear(); + int j = 0; + while ((j < 1000) && !sr.EndOfStream) + { + char nextChar; + StringBuilder line = new StringBuilder(); + while ((j < 1000) && sr.Peek() > 0) + { + nextChar = (char)sr.Read(); + line.Append(nextChar); + if (line[0] != '{') + line.Clear(); + if (nextChar == '}') + { + AircraftPositionDesignator ap = JsonConvert.DeserializeObject(line.ToString(), settings); + line.Clear(); + aps.Add(ap); + j++; + } + } + if (bw_Analysis_FileLoader.CancellationPending) + return; + } + count = count + j; + updated = updated + AircraftPositionData.Database.AircraftPositionBulkInsertOrUpdateIfNewer(aps); + bw_Analysis_FileLoader.ReportProgress(0, "Updating position " + count.ToString() + ", " + updated.ToString() + " updated so far..."); + } + + } + } + + private void Analysis_Planes_Load_CSV(string filename) + { + List aps = new List(); + bw_Analysis_FileLoader.ReportProgress(0, "Opening file..."); + using (StreamReader sr = new StreamReader(File.Open(filename, FileMode.Open))) + { + // read header + string header = sr.ReadLine(); + // split header + string[] a = header.Split(';'); + // remove unit brackets and lower all + for (int i = 0; i < a.Length; i++) + { + a[i] = a[i].ToLower(); + if (a[i].IndexOf('[') >= 0) + a[i] = a[i].Substring(0, a[i].IndexOf('[')); + } + int lastupdated_index = Array.IndexOf(a, "time"); + int hex_index = Array.IndexOf(a, "hex"); + int call_index = Array.IndexOf(a, "call"); + int lat_index = Array.IndexOf(a, "lat"); + int lon_index = Array.IndexOf(a, "lon"); + int alt_index = Array.IndexOf(a, "alt"); + int track_index = Array.IndexOf(a, "track"); + int speed_index = Array.IndexOf(a, "speed"); + bw_Analysis_FileLoader.ReportProgress(0, "Creating position list..."); + // read 1000 positions and update database + int count = 0; + int updated = 0; + while (!sr.EndOfStream) + { + aps.Clear(); + int j = 0; + while ((j < 1000) && !sr.EndOfStream) + { + string s = sr.ReadLine(); + if (!s.Contains(";")) + continue; + a = s.Split(';'); + DateTime lastupdated = System.Convert.ToDateTime(a[lastupdated_index]).ToUniversalTime(); + string hex = a[hex_index].ToUpper(); + string call = a[call_index].ToUpper(); + double lat = System.Convert.ToDouble(a[lat_index], CultureInfo.InvariantCulture); + double lon = System.Convert.ToDouble(a[lon_index], CultureInfo.InvariantCulture); + double alt = System.Convert.ToDouble(a[alt_index], CultureInfo.InvariantCulture); + double track = System.Convert.ToDouble(a[track_index], CultureInfo.InvariantCulture); + double speed = System.Convert.ToDouble(a[speed_index], CultureInfo.InvariantCulture); + AircraftPositionDesignator ap = new AircraftPositionDesignator(hex, call, lat, lon, alt, track, speed, lastupdated); + aps.Add(ap); + j++; + if (bw_Analysis_FileLoader.CancellationPending) + return; + } + count = count + j; + updated = updated + AircraftPositionData.Database.AircraftPositionBulkInsertOrUpdateIfNewer(aps); + bw_Analysis_FileLoader.ReportProgress(0, "Updating position " + count.ToString() + ", " + updated.ToString() + " updated so far..."); + } + + } + } + + private void bw_Analysis_FileLoader_DoWork(object sender, DoWorkEventArgs e) + { + string filename = (string)e.Argument; + // name the thread for debugging + if (String.IsNullOrEmpty(Thread.CurrentThread.Name)) + Thread.CurrentThread.Name = "bw_Analysis_FileLoader"; + try + { + if (filename.ToLower().EndsWith(".json")) + Analysis_Planes_Load_JSON(filename); + else if (filename.ToLower().EndsWith(".csv")) + Analysis_Planes_Load_CSV(filename); + } + catch (Exception ex) + { + Log.WriteMessage(ex.ToString(), LogLevel.Error); + bw_Analysis_FileLoader.ReportProgress(-1, ex.Message); + } + if (bw_Analysis_FileLoader.CancellationPending) + e.Cancel = true; + } + + private void bw_Analysis_FileLoader_ProgressChanged(object sender, ProgressChangedEventArgs e) + { + if (e.ProgressPercentage <= 0) + SayAnalysis((string)e.UserState); + } + + private void bw_Analysis_FileLoader_RunWorkerCompleted(object sender, RunWorkerCompletedEventArgs e) + { + if (e.Cancelled) + SayAnalysis("Cancelled."); + else + { + btn_Analysis_Planes_Load.Enabled = true; + SayAnalysis("Ready."); + } + } + + #endregion + + + #region AirportMapper + + private void bw_AirportMapper_DoWork(object sender, DoWorkEventArgs e) + { + bw_AirportMapper.ReportProgress(0, "Getting airports from database..."); + Stopwatch st = new Stopwatch(); + st.Start(); + // fill the airports layer of maps + // return if switched off + if (!Properties.Settings.Default.Airports_Activate) + return; + List airports = new List(); + airports = AircraftData.Database.AirportGetAll(bw_AirportMapper); + if (airports != null) + bw_AirportMapper.ReportProgress(100, airports); + st.Stop(); + bw_AirportMapper.ReportProgress(0, airports.Count.ToString() + " airports updated, " + st.ElapsedMilliseconds.ToString() + " ms."); + } + + private void bw_AirportMapper_ProgressChanged(object sender, ProgressChangedEventArgs e) + { + if (e.ProgressPercentage == 0) + { + // log error message + string msg = (string)e.UserState; + Say(msg); + Log.WriteMessage(msg, LogLevel.Error); + } + else if (e.ProgressPercentage == 100) + { + // add aiports to overlay + lock (Airports) + { + Airports = (List)e.UserState; + } + UpdateAirports(); + } + } + + private void bw_AirportMapper_RunWorkerCompleted(object sender, RunWorkerCompletedEventArgs e) + { + + } + + #endregion + + private void gm_Main_Load(object sender, EventArgs e) + { + + } + + private void tc_Main_Selecting(object sender, TabControlCancelEventArgs e) + { + // cancel tab change when in PLAY mode + if (PlayMode == AIRSCOUTPLAYMODE.FORWARD) + e.Cancel = true; + } + + private void tc_Map_Selecting(object sender, TabControlCancelEventArgs e) + { + // cancel tab change when in PLAY mode + if (PlayMode == AIRSCOUTPLAYMODE.FORWARD) + e.Cancel = true; + } + + private void tc_Control_Selecting(object sender, TabControlCancelEventArgs e) + { + // cancel tab change when in PLAY mode + if (PlayMode == AIRSCOUTPLAYMODE.FORWARD) + e.Cancel = true; + } + + private void bw_LocatorGridUpdater_DoWork(object sender, DoWorkEventArgs e) + { + // do almost nothing + } + + private void bw_LocatorGridUpdater_ProgressChanged(object sender, ProgressChangedEventArgs e) + { + // do almost nothing + + } + + private void bw_LocatorGridUpdater_RunWorkerCompleted(object sender, RunWorkerCompletedEventArgs e) + { + InitializeLocators(); + } + } + + + public class ClippingToolStripRenderer : ToolStripSystemRenderer + { + protected override void OnRenderItemText(ToolStripItemTextRenderEventArgs e) + { + ToolStripStatusLabel label = e.Item as ToolStripStatusLabel; + + if (label != null) + { + TextRenderer.DrawText(e.Graphics, label.Text, + label.Font, e.TextRectangle, + label.ForeColor, + TextFormatFlags.EndEllipsis); + } + else + { + base.OnRenderItemText(e); + } + } + } + + public class LocatorDropDownItem + { + public string Locator { get; set; } + public LatLon.GPoint GeoLocation { get; set; } + + public LocatorDropDownItem(string locator, LatLon.GPoint geolocation) + { + Locator = locator; + GeoLocation = geolocation; + } + } + +} diff --git a/AirScout/MapDlg.resx b/AirScout/MapDlg.resx index 3417064..df2a9e1 100644 --- a/AirScout/MapDlg.resx +++ b/AirScout/MapDlg.resx @@ -125,7 +125,7 @@ AAEAAAD/////AQAAAAAAAAAMAgAAAFdTeXN0ZW0uV2luZG93cy5Gb3JtcywgVmVyc2lvbj00LjAuMC4w LCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODkFAQAAACZTeXN0 ZW0uV2luZG93cy5Gb3Jtcy5JbWFnZUxpc3RTdHJlYW1lcgEAAAAERGF0YQcCAgAAAAkDAAAADwMAAACc - DQAAAk1TRnQBSQFMAgEBAwEAARABDAEQAQwBIAEAASABAAT/AQkBAAj/AUIBTQE2AQQGAAE2AQQCAAEo + DQAAAk1TRnQBSQFMAgEBAwEAATABDAEwAQwBIAEAASABAAT/AQkBAAj/AUIBTQE2AQQGAAE2AQQCAAEo AwABgAMAASADAAEBAQABCAYAARAYAAGAAgABgAMAAoABAAGAAwABgAEAAYABAAKAAgADwAEAAcAB3AHA AQAB8AHKAaYBAAEzBQABMwEAATMBAAEzAQACMwIAAxYBAAMcAQADIgEAAykBAANVAQADTQEAA0IBAAM5 AQABgAF8Af8BAAJQAf8BAAGTAQAB1gEAAf8B7AHMAQABxgHWAe8BAAHWAucBAAGQAakBrQIAAf8BMwMA @@ -189,6 +189,9 @@ 131, 17 + + 651, 17 + @@ -205,9 +208,6 @@ TkSuQmCC - - 651, 17 - iVBORw0KGgoAAAANSUhEUgAAADIAAAAyCAYAAAAeP4ixAAAABGdBTUEAALGPC/xhBQAAAAlwSFlzAAAO @@ -305,45 +305,48 @@ iVBORw0KGgoAAAANSUhEUgAAAAgAAAAICAIAAABLbSncAAAABGdBTUEAALGPC/xhBQAAAAlwSFlzAAAO - wAAADsABataJCQAAABBJREFUGFdjqMcBhpREfT0AN/NfQdTsp04AAAAASUVORK5CYII= + vAAADrwBlbxySQAAABBJREFUGFdjqMcBhpREfT0AN/NfQdTsp04AAAAASUVORK5CYII= iVBORw0KGgoAAAANSUhEUgAAAAgAAAAICAIAAABLbSncAAAABGdBTUEAALGPC/xhBQAAAAlwSFlzAAAO - wAAADsABataJCQAAABBJREFUGFdjqMcBhpREfT0AN/NfQdTsp04AAAAASUVORK5CYII= + vAAADrwBlbxySQAAABBJREFUGFdjqMcBhpREfT0AN/NfQdTsp04AAAAASUVORK5CYII= iVBORw0KGgoAAAANSUhEUgAAAAgAAAAICAIAAABLbSncAAAABGdBTUEAALGPC/xhBQAAAAlwSFlzAAAO - wAAADsABataJCQAAABBJREFUGFdjqMcBhpREfT0AN/NfQdTsp04AAAAASUVORK5CYII= + vAAADrwBlbxySQAAABBJREFUGFdjqMcBhpREfT0AN/NfQdTsp04AAAAASUVORK5CYII= iVBORw0KGgoAAAANSUhEUgAAAAgAAAAICAIAAABLbSncAAAABGdBTUEAALGPC/xhBQAAAAlwSFlzAAAO - wAAADsABataJCQAAABBJREFUGFdjqMcBhpREfT0AN/NfQdTsp04AAAAASUVORK5CYII= + vAAADrwBlbxySQAAABBJREFUGFdjqMcBhpREfT0AN/NfQdTsp04AAAAASUVORK5CYII= iVBORw0KGgoAAAANSUhEUgAAAAgAAAAICAIAAABLbSncAAAABGdBTUEAALGPC/xhBQAAAAlwSFlzAAAO - wAAADsABataJCQAAABBJREFUGFdjqMcBhpREfT0AN/NfQdTsp04AAAAASUVORK5CYII= + vAAADrwBlbxySQAAABBJREFUGFdjqMcBhpREfT0AN/NfQdTsp04AAAAASUVORK5CYII= iVBORw0KGgoAAAANSUhEUgAAAAgAAAAICAIAAABLbSncAAAABGdBTUEAALGPC/xhBQAAAAlwSFlzAAAO - wAAADsABataJCQAAABBJREFUGFdjqMcBhpREfT0AN/NfQdTsp04AAAAASUVORK5CYII= + vAAADrwBlbxySQAAABBJREFUGFdjqMcBhpREfT0AN/NfQdTsp04AAAAASUVORK5CYII= iVBORw0KGgoAAAANSUhEUgAAAAgAAAAICAIAAABLbSncAAAABGdBTUEAALGPC/xhBQAAAAlwSFlzAAAO - wAAADsABataJCQAAABBJREFUGFdjqMcBhpREfT0AN/NfQdTsp04AAAAASUVORK5CYII= + vAAADrwBlbxySQAAABBJREFUGFdjqMcBhpREfT0AN/NfQdTsp04AAAAASUVORK5CYII= + + 651, 17 + 743, 17 @@ -352,7 +355,7 @@ AAEAAAD/////AQAAAAAAAAAMAgAAAFdTeXN0ZW0uV2luZG93cy5Gb3JtcywgVmVyc2lvbj00LjAuMC4w LCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODkFAQAAACZTeXN0 ZW0uV2luZG93cy5Gb3Jtcy5JbWFnZUxpc3RTdHJlYW1lcgEAAAAERGF0YQcCAgAAAAkDAAAADwMAAACM - DAAAAk1TRnQBSQFMAwEBAAF4AQoBeAEKASABAAEgAQAE/wEJAQAI/wFCAU0BNgEEBgABNgEEAgABKAMA + DAAAAk1TRnQBSQFMAwEBAAGYAQoBmAEKASABAAEgAQAE/wEJAQAI/wFCAU0BNgEEBgABNgEEAgABKAMA AYADAAEgAwABAQEAAQgGAAEQGAABgAIAAYADAAKAAQABgAMAAYABAAGAAQACgAIAA8ABAAHAAdwBwAEA AfABygGmAQABMwUAATMBAAEzAQABMwEAAjMCAAMWAQADHAEAAyIBAAMpAQADVQEAA00BAANCAQADOQEA AYABfAH/AQACUAH/AQABkwEAAdYBAAH/AewBzAEAAcYB1gHvAQAB1gLnAQABkAGpAa0CAAH/ATMDAAFm @@ -453,6 +456,9 @@ 405, 95 + + 546, 56 + 195, 56 @@ -465,6 +471,9 @@ 1347, 17 + + 544, 95 + 137 diff --git a/AirScout/OptionsDlg.Designer.cs b/AirScout/OptionsDlg.Designer.cs index d05988a..5a8a31e 100644 --- a/AirScout/OptionsDlg.Designer.cs +++ b/AirScout/OptionsDlg.Designer.cs @@ -46,7 +46,9 @@ this.pb_Donate = new System.Windows.Forms.PictureBox(); this.rb_Options_Track_UDP_AirScout = new System.Windows.Forms.RadioButton(); this.tb_Options_Track_DialFreq = new ScoutBase.Core.LongTextBox(); + this.btn_DeleteSingleStation = new System.Windows.Forms.Button(); this.cb_Options_Locations_RestrictToAreaOfInterest = new System.Windows.Forms.CheckBox(); + this.cb_Options_InfoWin_AlwaysDetailed = new System.Windows.Forms.CheckBox(); this.cb_Options_Path_BestCaseElevation = new System.Windows.Forms.CheckBox(); this.cb_Options_Planes_KeepHistory = new System.Windows.Forms.CheckBox(); this.tb_Options_Track_Serial_Baudrate = new ScoutBase.Core.Int32TextBox(); @@ -148,24 +150,27 @@ this.cb_Options_Elevation_GLOBE_EnableCache = new System.Windows.Forms.CheckBox(); this.cb_Options_Elevation_GLOBE = new System.Windows.Forms.CheckBox(); this.tab_Options_Map = new System.Windows.Forms.TabPage(); + this.groupBox22 = new System.Windows.Forms.GroupBox(); + this.cb_Options_Gauges_Show = new System.Windows.Forms.CheckBox(); + this.cb_Options_Gauges_ForeColor = new System.Windows.Forms.ComboBox(); + this.label198 = new System.Windows.Forms.Label(); + this.label188 = new System.Windows.Forms.Label(); + this.ud_Options_Gauges_Width = new System.Windows.Forms.NumericUpDown(); this.groupBox49 = new System.Windows.Forms.GroupBox(); this.cb_Options_Map_SmallMarkers = new System.Windows.Forms.CheckBox(); this.cb_Options_Map_LabelCalls = new System.Windows.Forms.CheckBox(); this.groupBox37 = new System.Windows.Forms.GroupBox(); this.label34 = new System.Windows.Forms.Label(); this.ud_Options_Charts_FontSize = new System.Windows.Forms.NumericUpDown(); + this.groupBox23 = new System.Windows.Forms.GroupBox(); + this.cb_Options_Distances_Activated = new System.Windows.Forms.CheckBox(); + this.cb_Options_Locators_Activate = new System.Windows.Forms.CheckBox(); + this.cb_Options_Watchlist_Activate = new System.Windows.Forms.CheckBox(); + this.cb_Options_Airports_Activate = new System.Windows.Forms.CheckBox(); this.groupBox39 = new System.Windows.Forms.GroupBox(); this.tb_Options_Map_Update_Interval = new ScoutBase.Core.Int32TextBox(); this.label97 = new System.Windows.Forms.Label(); this.label29 = new System.Windows.Forms.Label(); - this.groupBox23 = new System.Windows.Forms.GroupBox(); - this.ud_Options_Map_Opacity = new AirScout.PercentageControl(); - this.label148 = new System.Windows.Forms.Label(); - this.ud_Options_Map_Preloader_MaxZoom = new System.Windows.Forms.NumericUpDown(); - this.label144 = new System.Windows.Forms.Label(); - this.cb_Options_Map_Preloader_Enabled = new System.Windows.Forms.CheckBox(); - this.cb_Options_Watchlist_Activate = new System.Windows.Forms.CheckBox(); - this.cb_Options_Airports_Activate = new System.Windows.Forms.CheckBox(); this.groupBox30 = new System.Windows.Forms.GroupBox(); this.tb_Options_Planes_IconSize_S = new ScoutBase.Core.Int32TextBox(); this.tb_Options_Planes_IconSize_H = new ScoutBase.Core.Int32TextBox(); @@ -177,30 +182,42 @@ this.label81 = new System.Windows.Forms.Label(); this.label80 = new System.Windows.Forms.Label(); this.groupBox7 = new System.Windows.Forms.GroupBox(); - this.groupBox29 = new System.Windows.Forms.GroupBox(); + this.groupBox34 = new System.Windows.Forms.GroupBox(); this.label76 = new System.Windows.Forms.Label(); - this.label74 = new System.Windows.Forms.Label(); + this.cb_Options_InfoWin_MyElevation = new System.Windows.Forms.CheckBox(); + this.cb_Options_InfoWin_MyAzimuth = new System.Windows.Forms.CheckBox(); + this.cb_Options_InfoWin_MyDoppler = new System.Windows.Forms.CheckBox(); + this.cb_Options_InfoWin_DXDoppler = new System.Windows.Forms.CheckBox(); + this.cb_Options_InfoWin_DXAzimuth = new System.Windows.Forms.CheckBox(); + this.cb_Options_InfoWin_DXElevation = new System.Windows.Forms.CheckBox(); + this.groupBox33 = new System.Windows.Forms.GroupBox(); this.label75 = new System.Windows.Forms.Label(); - this.cb_Options_InfoWin_Angle = new System.Windows.Forms.CheckBox(); - this.cb_Options_InfoWin_Speed = new System.Windows.Forms.CheckBox(); - this.cb_Options_InfoWin_Squint = new System.Windows.Forms.CheckBox(); - this.cb_Options_InfoWin_Epsilon = new System.Windows.Forms.CheckBox(); this.cb_Options_InfoWin_Dist = new System.Windows.Forms.CheckBox(); this.cb_Options_InfoWin_Time = new System.Windows.Forms.CheckBox(); - this.cb_Options_InfoWin_Type = new System.Windows.Forms.CheckBox(); - this.cb_Options_InfoWin_Track = new System.Windows.Forms.CheckBox(); - this.cb_Options_InfoWin_Alt = new System.Windows.Forms.CheckBox(); - this.cb_Options_InfoWin_Position = new System.Windows.Forms.CheckBox(); - this.groupBox22 = new System.Windows.Forms.GroupBox(); + this.cb_Options_InfoWin_Epsilon = new System.Windows.Forms.CheckBox(); + this.cb_Options_InfoWin_Squint = new System.Windows.Forms.CheckBox(); + this.cb_Options_InfoWin_Angle = new System.Windows.Forms.CheckBox(); this.rb_Options_InfoWin_Imperial = new System.Windows.Forms.RadioButton(); this.rb_Options_InfoWin_Metric = new System.Windows.Forms.RadioButton(); this.label72 = new System.Windows.Forms.Label(); this.btn_Options_SelectFont = new System.Windows.Forms.Button(); this.label62 = new System.Windows.Forms.Label(); this.tb_Options_Map_ToolTipFont = new System.Windows.Forms.TextBox(); + this.groupBox29 = new System.Windows.Forms.GroupBox(); + this.label74 = new System.Windows.Forms.Label(); + this.cb_Options_InfoWin_Position = new System.Windows.Forms.CheckBox(); + this.cb_Options_InfoWin_Alt = new System.Windows.Forms.CheckBox(); + this.cb_Options_InfoWin_Track = new System.Windows.Forms.CheckBox(); + this.cb_Options_InfoWin_Type = new System.Windows.Forms.CheckBox(); + this.cb_Options_InfoWin_Speed = new System.Windows.Forms.CheckBox(); this.groupBox2 = new System.Windows.Forms.GroupBox(); this.label61 = new System.Windows.Forms.Label(); this.cb_Options_Map_Provider = new System.Windows.Forms.ComboBox(); + this.cb_Options_Map_Preloader_Enabled = new System.Windows.Forms.CheckBox(); + this.ud_Options_Map_Opacity = new AirScout.PercentageControl(); + this.label148 = new System.Windows.Forms.Label(); + this.ud_Options_Map_Preloader_MaxZoom = new System.Windows.Forms.NumericUpDown(); + this.label144 = new System.Windows.Forms.Label(); this.tab_Options_Stations = new System.Windows.Forms.TabPage(); this.groupBox18 = new System.Windows.Forms.GroupBox(); this.lbl_Options_LocalObstructions = new System.Windows.Forms.Label(); @@ -551,11 +568,8 @@ this.bw_SRTM1_MapUpdater = new System.ComponentModel.BackgroundWorker(); this.bw_GLOBE_MapUpdater = new System.ComponentModel.BackgroundWorker(); this.bw_StationDataUpdater = new System.ComponentModel.BackgroundWorker(); - this.btn_DeleteSingleStation = new System.Windows.Forms.Button(); this.bw_ASTER3_MapUpdater = new System.ComponentModel.BackgroundWorker(); this.bw_ASTER1_MapUpdater = new System.ComponentModel.BackgroundWorker(); - this.cb_Options_Locators_Activate = new System.Windows.Forms.CheckBox(); - this.cb_Options_Distances_Activated = new System.Windows.Forms.CheckBox(); ((System.ComponentModel.ISupportInitialize)(this.pb_Donate)).BeginInit(); this.tab_Options_Planes.SuspendLayout(); this.groupBox48.SuspendLayout(); @@ -580,18 +594,21 @@ this.groupBox11.SuspendLayout(); this.groupBox10.SuspendLayout(); this.tab_Options_Map.SuspendLayout(); + this.groupBox22.SuspendLayout(); + ((System.ComponentModel.ISupportInitialize)(this.ud_Options_Gauges_Width)).BeginInit(); this.groupBox49.SuspendLayout(); this.groupBox37.SuspendLayout(); ((System.ComponentModel.ISupportInitialize)(this.ud_Options_Charts_FontSize)).BeginInit(); - this.groupBox39.SuspendLayout(); this.groupBox23.SuspendLayout(); - ((System.ComponentModel.ISupportInitialize)(this.ud_Options_Map_Opacity)).BeginInit(); - ((System.ComponentModel.ISupportInitialize)(this.ud_Options_Map_Preloader_MaxZoom)).BeginInit(); + this.groupBox39.SuspendLayout(); this.groupBox30.SuspendLayout(); this.groupBox7.SuspendLayout(); + this.groupBox34.SuspendLayout(); + this.groupBox33.SuspendLayout(); this.groupBox29.SuspendLayout(); - this.groupBox22.SuspendLayout(); this.groupBox2.SuspendLayout(); + ((System.ComponentModel.ISupportInitialize)(this.ud_Options_Map_Opacity)).BeginInit(); + ((System.ComponentModel.ISupportInitialize)(this.ud_Options_Map_Preloader_MaxZoom)).BeginInit(); this.tab_Options_Stations.SuspendLayout(); this.groupBox18.SuspendLayout(); this.groupBox46.SuspendLayout(); @@ -845,6 +862,18 @@ this.tb_Options_Track_DialFreq.Value = ((long)(0)); this.tb_Options_Track_DialFreq.TextChanged += new System.EventHandler(this.tb_Options_CAT_DialFreq_TextChanged); // + // btn_DeleteSingleStation + // + this.btn_DeleteSingleStation.Font = new System.Drawing.Font("Microsoft Sans Serif", 8.25F, System.Drawing.FontStyle.Regular, System.Drawing.GraphicsUnit.Point, ((byte)(0))); + this.btn_DeleteSingleStation.Location = new System.Drawing.Point(165, 48); + this.btn_DeleteSingleStation.Name = "btn_DeleteSingleStation"; + this.btn_DeleteSingleStation.Size = new System.Drawing.Size(122, 23); + this.btn_DeleteSingleStation.TabIndex = 3; + this.btn_DeleteSingleStation.Text = "Delete Single Station"; + this.tt_Options.SetToolTip(this.btn_DeleteSingleStation, "Deletes all cached map tiles from database"); + this.btn_DeleteSingleStation.UseVisualStyleBackColor = true; + this.btn_DeleteSingleStation.Click += new System.EventHandler(this.btn_DeleteSingleStation_Click); + // // cb_Options_Locations_RestrictToAreaOfInterest // this.cb_Options_Locations_RestrictToAreaOfInterest.AutoSize = true; @@ -861,6 +890,22 @@ " will be removed during the update process)"); this.cb_Options_Locations_RestrictToAreaOfInterest.UseVisualStyleBackColor = true; // + // cb_Options_InfoWin_AlwaysDetailed + // + this.cb_Options_InfoWin_AlwaysDetailed.AutoSize = true; + this.cb_Options_InfoWin_AlwaysDetailed.Checked = global::AirScout.Properties.Settings.Default.InfoWin_AlwaysDetailed; + this.cb_Options_InfoWin_AlwaysDetailed.DataBindings.Add(new System.Windows.Forms.Binding("Checked", global::AirScout.Properties.Settings.Default, "InfoWin_AlwaysDetailed", true, System.Windows.Forms.DataSourceUpdateMode.OnPropertyChanged)); + this.cb_Options_InfoWin_AlwaysDetailed.Font = new System.Drawing.Font("Microsoft Sans Serif", 8.25F, System.Drawing.FontStyle.Bold, System.Drawing.GraphicsUnit.Point, ((byte)(0))); + this.cb_Options_InfoWin_AlwaysDetailed.Location = new System.Drawing.Point(7, 92); + this.cb_Options_InfoWin_AlwaysDetailed.Name = "cb_Options_InfoWin_AlwaysDetailed"; + this.cb_Options_InfoWin_AlwaysDetailed.Size = new System.Drawing.Size(117, 43); + this.cb_Options_InfoWin_AlwaysDetailed.TabIndex = 35; + this.cb_Options_InfoWin_AlwaysDetailed.Tag = ""; + this.cb_Options_InfoWin_AlwaysDetailed.Text = "Always show \r\ndetailed window\r\nwhen selected"; + this.tt_Options.SetToolTip(this.cb_Options_InfoWin_AlwaysDetailed, "Always show detailed window when selected even when the aircraft is not heading t" + + "owards path."); + this.cb_Options_InfoWin_AlwaysDetailed.UseVisualStyleBackColor = true; + // // cb_Options_Path_BestCaseElevation // this.cb_Options_Path_BestCaseElevation.AutoSize = true; @@ -2152,13 +2197,13 @@ // tab_Options_Map // this.tab_Options_Map.BackColor = System.Drawing.SystemColors.Control; + this.tab_Options_Map.Controls.Add(this.groupBox22); this.tab_Options_Map.Controls.Add(this.groupBox49); this.tab_Options_Map.Controls.Add(this.groupBox37); - this.tab_Options_Map.Controls.Add(this.groupBox39); this.tab_Options_Map.Controls.Add(this.groupBox23); + this.tab_Options_Map.Controls.Add(this.groupBox39); this.tab_Options_Map.Controls.Add(this.groupBox30); this.tab_Options_Map.Controls.Add(this.groupBox7); - this.tab_Options_Map.Controls.Add(this.groupBox22); this.tab_Options_Map.Controls.Add(this.groupBox2); this.tab_Options_Map.Location = new System.Drawing.Point(4, 40); this.tab_Options_Map.Name = "tab_Options_Map"; @@ -2168,14 +2213,93 @@ this.tab_Options_Map.Enter += new System.EventHandler(this.tab_Options_Map_Enter); this.tab_Options_Map.Validating += new System.ComponentModel.CancelEventHandler(this.tab_Options_Map_Validating); // + // groupBox22 + // + this.groupBox22.Controls.Add(this.cb_Options_Gauges_Show); + this.groupBox22.Controls.Add(this.cb_Options_Gauges_ForeColor); + this.groupBox22.Controls.Add(this.label198); + this.groupBox22.Controls.Add(this.label188); + this.groupBox22.Controls.Add(this.ud_Options_Gauges_Width); + this.groupBox22.Font = new System.Drawing.Font("Microsoft Sans Serif", 8.25F, ((System.Drawing.FontStyle)((System.Drawing.FontStyle.Bold | System.Drawing.FontStyle.Italic))), System.Drawing.GraphicsUnit.Point, ((byte)(0))); + this.groupBox22.Location = new System.Drawing.Point(415, 162); + this.groupBox22.Name = "groupBox22"; + this.groupBox22.Size = new System.Drawing.Size(242, 96); + this.groupBox22.TabIndex = 11; + this.groupBox22.TabStop = false; + this.groupBox22.Text = "Tracking Gauges"; + // + // cb_Options_Gauges_Show + // + this.cb_Options_Gauges_Show.AutoSize = true; + this.cb_Options_Gauges_Show.Checked = global::AirScout.Properties.Settings.Default.Map_TrackingGaugesShow; + this.cb_Options_Gauges_Show.CheckState = System.Windows.Forms.CheckState.Checked; + this.cb_Options_Gauges_Show.DataBindings.Add(new System.Windows.Forms.Binding("Checked", global::AirScout.Properties.Settings.Default, "Map_TrackingGaugesShow", true, System.Windows.Forms.DataSourceUpdateMode.OnPropertyChanged)); + this.cb_Options_Gauges_Show.Font = new System.Drawing.Font("Microsoft Sans Serif", 8.25F, System.Drawing.FontStyle.Regular, System.Drawing.GraphicsUnit.Point, ((byte)(0))); + this.cb_Options_Gauges_Show.Location = new System.Drawing.Point(16, 19); + this.cb_Options_Gauges_Show.Name = "cb_Options_Gauges_Show"; + this.cb_Options_Gauges_Show.Size = new System.Drawing.Size(199, 17); + this.cb_Options_Gauges_Show.TabIndex = 7; + this.cb_Options_Gauges_Show.Text = "Show large Tracking Display on map"; + this.cb_Options_Gauges_Show.UseVisualStyleBackColor = true; + // + // cb_Options_Gauges_ForeColor + // + this.cb_Options_Gauges_ForeColor.Font = new System.Drawing.Font("Microsoft Sans Serif", 8.25F, System.Drawing.FontStyle.Regular, System.Drawing.GraphicsUnit.Point, ((byte)(0))); + this.cb_Options_Gauges_ForeColor.FormattingEnabled = true; + this.cb_Options_Gauges_ForeColor.Location = new System.Drawing.Point(106, 69); + this.cb_Options_Gauges_ForeColor.Name = "cb_Options_Gauges_ForeColor"; + this.cb_Options_Gauges_ForeColor.Size = new System.Drawing.Size(130, 21); + this.cb_Options_Gauges_ForeColor.TabIndex = 6; + this.cb_Options_Gauges_ForeColor.SelectedIndexChanged += new System.EventHandler(this.cb_Options_Gauges_ForeColor_SelectedIndexChanged); + // + // label198 + // + this.label198.AutoSize = true; + this.label198.Font = new System.Drawing.Font("Microsoft Sans Serif", 8.25F, System.Drawing.FontStyle.Regular, System.Drawing.GraphicsUnit.Point, ((byte)(0))); + this.label198.Location = new System.Drawing.Point(10, 72); + this.label198.Name = "label198"; + this.label198.Size = new System.Drawing.Size(90, 13); + this.label198.TabIndex = 5; + this.label198.Text = "Gauge ForeColor:"; + // + // label188 + // + this.label188.AutoSize = true; + this.label188.Font = new System.Drawing.Font("Microsoft Sans Serif", 8.25F, System.Drawing.FontStyle.Regular, System.Drawing.GraphicsUnit.Point, ((byte)(0))); + this.label188.Location = new System.Drawing.Point(7, 44); + this.label188.Name = "label188"; + this.label188.Size = new System.Drawing.Size(162, 13); + this.label188.TabIndex = 4; + this.label188.Text = "Azimuth/Elevation Gauge Width:"; + // + // ud_Options_Gauges_Width + // + this.ud_Options_Gauges_Width.DataBindings.Add(new System.Windows.Forms.Binding("Value", global::AirScout.Properties.Settings.Default, "Map_TrackingGaugeWidth", true, System.Windows.Forms.DataSourceUpdateMode.OnPropertyChanged)); + this.ud_Options_Gauges_Width.Font = new System.Drawing.Font("Courier New", 9.75F, System.Drawing.FontStyle.Regular, System.Drawing.GraphicsUnit.Point, ((byte)(0))); + this.ud_Options_Gauges_Width.Location = new System.Drawing.Point(174, 41); + this.ud_Options_Gauges_Width.Maximum = new decimal(new int[] { + 1000, + 0, + 0, + 0}); + this.ud_Options_Gauges_Width.Minimum = new decimal(new int[] { + 175, + 0, + 0, + 0}); + this.ud_Options_Gauges_Width.Name = "ud_Options_Gauges_Width"; + this.ud_Options_Gauges_Width.Size = new System.Drawing.Size(63, 22); + this.ud_Options_Gauges_Width.TabIndex = 3; + this.ud_Options_Gauges_Width.Value = global::AirScout.Properties.Settings.Default.Map_TrackingGaugeWidth; + // // groupBox49 // this.groupBox49.Controls.Add(this.cb_Options_Map_SmallMarkers); this.groupBox49.Controls.Add(this.cb_Options_Map_LabelCalls); this.groupBox49.Font = new System.Drawing.Font("Microsoft Sans Serif", 8.25F, ((System.Drawing.FontStyle)((System.Drawing.FontStyle.Bold | System.Drawing.FontStyle.Italic))), System.Drawing.GraphicsUnit.Point, ((byte)(0))); - this.groupBox49.Location = new System.Drawing.Point(415, 140); + this.groupBox49.Location = new System.Drawing.Point(415, 264); this.groupBox49.Name = "groupBox49"; - this.groupBox49.Size = new System.Drawing.Size(242, 99); + this.groupBox49.Size = new System.Drawing.Size(242, 62); this.groupBox49.TabIndex = 10; this.groupBox49.TabStop = false; this.groupBox49.Text = "Multi-Path"; @@ -2187,7 +2311,7 @@ this.cb_Options_Map_SmallMarkers.CheckState = System.Windows.Forms.CheckState.Checked; this.cb_Options_Map_SmallMarkers.DataBindings.Add(new System.Windows.Forms.Binding("Checked", global::AirScout.Properties.Settings.Default, "Map_SmallMarkers", true, System.Windows.Forms.DataSourceUpdateMode.OnPropertyChanged)); this.cb_Options_Map_SmallMarkers.Font = new System.Drawing.Font("Microsoft Sans Serif", 8.25F, System.Drawing.FontStyle.Regular, System.Drawing.GraphicsUnit.Point, ((byte)(0))); - this.cb_Options_Map_SmallMarkers.Location = new System.Drawing.Point(18, 22); + this.cb_Options_Map_SmallMarkers.Location = new System.Drawing.Point(18, 16); this.cb_Options_Map_SmallMarkers.Name = "cb_Options_Map_SmallMarkers"; this.cb_Options_Map_SmallMarkers.Size = new System.Drawing.Size(199, 17); this.cb_Options_Map_SmallMarkers.TabIndex = 2; @@ -2201,7 +2325,7 @@ this.cb_Options_Map_LabelCalls.CheckState = System.Windows.Forms.CheckState.Checked; this.cb_Options_Map_LabelCalls.DataBindings.Add(new System.Windows.Forms.Binding("Checked", global::AirScout.Properties.Settings.Default, "Map_LabelCalls", true, System.Windows.Forms.DataSourceUpdateMode.OnPropertyChanged)); this.cb_Options_Map_LabelCalls.Font = new System.Drawing.Font("Microsoft Sans Serif", 8.25F, System.Drawing.FontStyle.Regular, System.Drawing.GraphicsUnit.Point, ((byte)(0))); - this.cb_Options_Map_LabelCalls.Location = new System.Drawing.Point(18, 45); + this.cb_Options_Map_LabelCalls.Location = new System.Drawing.Point(18, 35); this.cb_Options_Map_LabelCalls.Name = "cb_Options_Map_LabelCalls"; this.cb_Options_Map_LabelCalls.Size = new System.Drawing.Size(209, 17); this.cb_Options_Map_LabelCalls.TabIndex = 3; @@ -2213,7 +2337,7 @@ this.groupBox37.Controls.Add(this.label34); this.groupBox37.Controls.Add(this.ud_Options_Charts_FontSize); this.groupBox37.Font = new System.Drawing.Font("Microsoft Sans Serif", 8.25F, ((System.Drawing.FontStyle)((System.Drawing.FontStyle.Bold | System.Drawing.FontStyle.Italic))), System.Drawing.GraphicsUnit.Point, ((byte)(0))); - this.groupBox37.Location = new System.Drawing.Point(415, 320); + this.groupBox37.Location = new System.Drawing.Point(415, 332); this.groupBox37.Name = "groupBox37"; this.groupBox37.Size = new System.Drawing.Size(242, 51); this.groupBox37.TabIndex = 9; @@ -2224,7 +2348,7 @@ // this.label34.AutoSize = true; this.label34.Font = new System.Drawing.Font("Microsoft Sans Serif", 8.25F, System.Drawing.FontStyle.Regular, System.Drawing.GraphicsUnit.Point, ((byte)(0))); - this.label34.Location = new System.Drawing.Point(15, 17); + this.label34.Location = new System.Drawing.Point(4, 22); this.label34.Name = "label34"; this.label34.Size = new System.Drawing.Size(174, 13); this.label34.TabIndex = 2; @@ -2234,7 +2358,7 @@ // this.ud_Options_Charts_FontSize.DataBindings.Add(new System.Windows.Forms.Binding("Value", global::AirScout.Properties.Settings.Default, "Charts_FontSize", true, System.Windows.Forms.DataSourceUpdateMode.OnPropertyChanged)); this.ud_Options_Charts_FontSize.Font = new System.Drawing.Font("Courier New", 9.75F, System.Drawing.FontStyle.Regular, System.Drawing.GraphicsUnit.Point, ((byte)(0))); - this.ud_Options_Charts_FontSize.Location = new System.Drawing.Point(192, 15); + this.ud_Options_Charts_FontSize.Location = new System.Drawing.Point(192, 19); this.ud_Options_Charts_FontSize.Maximum = new decimal(new int[] { 16, 0, @@ -2250,140 +2374,46 @@ this.ud_Options_Charts_FontSize.TabIndex = 0; this.ud_Options_Charts_FontSize.Value = global::AirScout.Properties.Settings.Default.Charts_FontSize; // - // groupBox39 - // - this.groupBox39.Controls.Add(this.tb_Options_Map_Update_Interval); - this.groupBox39.Controls.Add(this.label97); - this.groupBox39.Controls.Add(this.label29); - this.groupBox39.Font = new System.Drawing.Font("Microsoft Sans Serif", 8.25F, ((System.Drawing.FontStyle)((System.Drawing.FontStyle.Bold | System.Drawing.FontStyle.Italic))), System.Drawing.GraphicsUnit.Point, ((byte)(0))); - this.groupBox39.Location = new System.Drawing.Point(415, 245); - this.groupBox39.Name = "groupBox39"; - this.groupBox39.Size = new System.Drawing.Size(242, 69); - this.groupBox39.TabIndex = 8; - this.groupBox39.TabStop = false; - this.groupBox39.Text = "Screen Updates"; - // - // tb_Options_Map_Update_Interval - // - this.tb_Options_Map_Update_Interval.DataBindings.Add(new System.Windows.Forms.Binding("Value", global::AirScout.Properties.Settings.Default, "Map_Update", true, System.Windows.Forms.DataSourceUpdateMode.OnPropertyChanged)); - this.tb_Options_Map_Update_Interval.Font = new System.Drawing.Font("Courier New", 9.75F, System.Drawing.FontStyle.Regular, System.Drawing.GraphicsUnit.Point, ((byte)(0))); - this.tb_Options_Map_Update_Interval.FormatSpecifier = "F0"; - this.tb_Options_Map_Update_Interval.Location = new System.Drawing.Point(119, 33); - this.tb_Options_Map_Update_Interval.MaxValue = 3600; - this.tb_Options_Map_Update_Interval.MinValue = 0; - this.tb_Options_Map_Update_Interval.Name = "tb_Options_Map_Update_Interval"; - this.tb_Options_Map_Update_Interval.Size = new System.Drawing.Size(37, 22); - this.tb_Options_Map_Update_Interval.TabIndex = 23; - this.tb_Options_Map_Update_Interval.Text = "1"; - this.tb_Options_Map_Update_Interval.Value = global::AirScout.Properties.Settings.Default.Map_Update; - // - // label97 - // - this.label97.AutoSize = true; - this.label97.Font = new System.Drawing.Font("Microsoft Sans Serif", 8.25F, System.Drawing.FontStyle.Regular, System.Drawing.GraphicsUnit.Point, ((byte)(0))); - this.label97.Location = new System.Drawing.Point(171, 36); - this.label97.Name = "label97"; - this.label97.Size = new System.Drawing.Size(56, 13); - this.label97.TabIndex = 22; - this.label97.Text = "second(s)."; - // - // label29 - // - this.label29.AutoSize = true; - this.label29.Font = new System.Drawing.Font("Microsoft Sans Serif", 8.25F, System.Drawing.FontStyle.Regular, System.Drawing.GraphicsUnit.Point, ((byte)(0))); - this.label29.Location = new System.Drawing.Point(4, 36); - this.label29.Name = "label29"; - this.label29.Size = new System.Drawing.Size(109, 13); - this.label29.TabIndex = 20; - this.label29.Text = "Update screen every "; - // // groupBox23 // this.groupBox23.Controls.Add(this.cb_Options_Distances_Activated); this.groupBox23.Controls.Add(this.cb_Options_Locators_Activate); - this.groupBox23.Controls.Add(this.ud_Options_Map_Opacity); - this.groupBox23.Controls.Add(this.label148); - this.groupBox23.Controls.Add(this.ud_Options_Map_Preloader_MaxZoom); - this.groupBox23.Controls.Add(this.label144); - this.groupBox23.Controls.Add(this.cb_Options_Map_Preloader_Enabled); this.groupBox23.Controls.Add(this.cb_Options_Watchlist_Activate); this.groupBox23.Controls.Add(this.cb_Options_Airports_Activate); this.groupBox23.Font = new System.Drawing.Font("Microsoft Sans Serif", 8.25F, ((System.Drawing.FontStyle)((System.Drawing.FontStyle.Bold | System.Drawing.FontStyle.Italic))), System.Drawing.GraphicsUnit.Point, ((byte)(0))); - this.groupBox23.Location = new System.Drawing.Point(14, 139); + this.groupBox23.Location = new System.Drawing.Point(415, 10); this.groupBox23.Name = "groupBox23"; - this.groupBox23.Size = new System.Drawing.Size(394, 100); + this.groupBox23.Size = new System.Drawing.Size(241, 94); this.groupBox23.TabIndex = 7; this.groupBox23.TabStop = false; this.groupBox23.Text = "General "; // - // ud_Options_Map_Opacity + // cb_Options_Distances_Activated // - this.ud_Options_Map_Opacity.DataBindings.Add(new System.Windows.Forms.Binding("Value", global::AirScout.Properties.Settings.Default, "Map_Opacity", true, System.Windows.Forms.DataSourceUpdateMode.OnPropertyChanged)); - this.ud_Options_Map_Opacity.Font = new System.Drawing.Font("Microsoft Sans Serif", 8.25F, System.Drawing.FontStyle.Regular, System.Drawing.GraphicsUnit.Point, ((byte)(0))); - this.ud_Options_Map_Opacity.Increment = new decimal(new int[] { - 1, - 0, - 0, - 65536}); - this.ud_Options_Map_Opacity.Location = new System.Drawing.Point(320, 18); - this.ud_Options_Map_Opacity.Maximum = new decimal(new int[] { - 1, - 0, - 0, - 0}); - this.ud_Options_Map_Opacity.Name = "ud_Options_Map_Opacity"; - this.ud_Options_Map_Opacity.Size = new System.Drawing.Size(54, 20); - this.ud_Options_Map_Opacity.TabIndex = 10; - this.ud_Options_Map_Opacity.Value = global::AirScout.Properties.Settings.Default.Map_Opacity; + this.cb_Options_Distances_Activated.AutoSize = true; + this.cb_Options_Distances_Activated.Checked = global::AirScout.Properties.Settings.Default.Map_ShowDistances; + this.cb_Options_Distances_Activated.DataBindings.Add(new System.Windows.Forms.Binding("Checked", global::AirScout.Properties.Settings.Default, "Map_ShowDistances", true, System.Windows.Forms.DataSourceUpdateMode.OnPropertyChanged)); + this.cb_Options_Distances_Activated.Font = new System.Drawing.Font("Microsoft Sans Serif", 8.25F, System.Drawing.FontStyle.Regular, System.Drawing.GraphicsUnit.Point, ((byte)(0))); + this.cb_Options_Distances_Activated.Location = new System.Drawing.Point(16, 54); + this.cb_Options_Distances_Activated.Name = "cb_Options_Distances_Activated"; + this.cb_Options_Distances_Activated.Size = new System.Drawing.Size(132, 17); + this.cb_Options_Distances_Activated.TabIndex = 12; + this.cb_Options_Distances_Activated.Text = "Show Distance Circles"; + this.cb_Options_Distances_Activated.UseVisualStyleBackColor = true; // - // label148 + // cb_Options_Locators_Activate // - this.label148.AutoSize = true; - this.label148.Font = new System.Drawing.Font("Microsoft Sans Serif", 8.25F, System.Drawing.FontStyle.Regular, System.Drawing.GraphicsUnit.Point, ((byte)(0))); - this.label148.Location = new System.Drawing.Point(234, 20); - this.label148.Name = "label148"; - this.label148.Size = new System.Drawing.Size(70, 13); - this.label148.TabIndex = 7; - this.label148.Text = "Map Opacity:"; - // - // ud_Options_Map_Preloader_MaxZoom - // - this.ud_Options_Map_Preloader_MaxZoom.DataBindings.Add(new System.Windows.Forms.Binding("Value", global::AirScout.Properties.Settings.Default, "Map_Preloader_MaxZoom", true, System.Windows.Forms.DataSourceUpdateMode.OnPropertyChanged)); - this.ud_Options_Map_Preloader_MaxZoom.Font = new System.Drawing.Font("Courier New", 9.75F, System.Drawing.FontStyle.Regular, System.Drawing.GraphicsUnit.Point, ((byte)(0))); - this.ud_Options_Map_Preloader_MaxZoom.Location = new System.Drawing.Point(319, 66); - this.ud_Options_Map_Preloader_MaxZoom.Maximum = new decimal(new int[] { - 11, - 0, - 0, - 0}); - this.ud_Options_Map_Preloader_MaxZoom.Name = "ud_Options_Map_Preloader_MaxZoom"; - this.ud_Options_Map_Preloader_MaxZoom.Size = new System.Drawing.Size(54, 22); - this.ud_Options_Map_Preloader_MaxZoom.TabIndex = 6; - this.ud_Options_Map_Preloader_MaxZoom.Value = global::AirScout.Properties.Settings.Default.Map_Preloader_MaxZoom; - // - // label144 - // - this.label144.AutoSize = true; - this.label144.Font = new System.Drawing.Font("Microsoft Sans Serif", 8.25F, System.Drawing.FontStyle.Regular, System.Drawing.GraphicsUnit.Point, ((byte)(0))); - this.label144.Location = new System.Drawing.Point(234, 64); - this.label144.Name = "label144"; - this.label144.Size = new System.Drawing.Size(78, 26); - this.label144.TabIndex = 5; - this.label144.Text = "Preload down \r\nto Zoom Level:"; - // - // cb_Options_Map_Preloader_Enabled - // - this.cb_Options_Map_Preloader_Enabled.AutoSize = true; - this.cb_Options_Map_Preloader_Enabled.Checked = global::AirScout.Properties.Settings.Default.Map_Preloader_Enabled; - this.cb_Options_Map_Preloader_Enabled.CheckState = System.Windows.Forms.CheckState.Checked; - this.cb_Options_Map_Preloader_Enabled.DataBindings.Add(new System.Windows.Forms.Binding("Checked", global::AirScout.Properties.Settings.Default, "Map_Preloader_Enabled", true, System.Windows.Forms.DataSourceUpdateMode.OnPropertyChanged)); - this.cb_Options_Map_Preloader_Enabled.Font = new System.Drawing.Font("Microsoft Sans Serif", 8.25F, System.Drawing.FontStyle.Regular, System.Drawing.GraphicsUnit.Point, ((byte)(0))); - this.cb_Options_Map_Preloader_Enabled.Location = new System.Drawing.Point(237, 44); - this.cb_Options_Map_Preloader_Enabled.Name = "cb_Options_Map_Preloader_Enabled"; - this.cb_Options_Map_Preloader_Enabled.Size = new System.Drawing.Size(136, 17); - this.cb_Options_Map_Preloader_Enabled.TabIndex = 4; - this.cb_Options_Map_Preloader_Enabled.Text = "Enable Map Preloading"; - this.cb_Options_Map_Preloader_Enabled.UseVisualStyleBackColor = true; + this.cb_Options_Locators_Activate.AutoSize = true; + this.cb_Options_Locators_Activate.Checked = global::AirScout.Properties.Settings.Default.Map_ShowLocators; + this.cb_Options_Locators_Activate.CheckState = System.Windows.Forms.CheckState.Checked; + this.cb_Options_Locators_Activate.DataBindings.Add(new System.Windows.Forms.Binding("Checked", global::AirScout.Properties.Settings.Default, "Map_ShowLocators", true, System.Windows.Forms.DataSourceUpdateMode.OnPropertyChanged)); + this.cb_Options_Locators_Activate.Font = new System.Drawing.Font("Microsoft Sans Serif", 8.25F, System.Drawing.FontStyle.Regular, System.Drawing.GraphicsUnit.Point, ((byte)(0))); + this.cb_Options_Locators_Activate.Location = new System.Drawing.Point(16, 37); + this.cb_Options_Locators_Activate.Name = "cb_Options_Locators_Activate"; + this.cb_Options_Locators_Activate.Size = new System.Drawing.Size(114, 17); + this.cb_Options_Locators_Activate.TabIndex = 11; + this.cb_Options_Locators_Activate.Text = "Show Locator Grid"; + this.cb_Options_Locators_Activate.UseVisualStyleBackColor = true; // // cb_Options_Watchlist_Activate // @@ -2413,6 +2443,53 @@ this.cb_Options_Airports_Activate.Text = "Show Airports"; this.cb_Options_Airports_Activate.UseVisualStyleBackColor = true; // + // groupBox39 + // + this.groupBox39.Controls.Add(this.tb_Options_Map_Update_Interval); + this.groupBox39.Controls.Add(this.label97); + this.groupBox39.Controls.Add(this.label29); + this.groupBox39.Font = new System.Drawing.Font("Microsoft Sans Serif", 8.25F, ((System.Drawing.FontStyle)((System.Drawing.FontStyle.Bold | System.Drawing.FontStyle.Italic))), System.Drawing.GraphicsUnit.Point, ((byte)(0))); + this.groupBox39.Location = new System.Drawing.Point(415, 110); + this.groupBox39.Name = "groupBox39"; + this.groupBox39.Size = new System.Drawing.Size(242, 46); + this.groupBox39.TabIndex = 8; + this.groupBox39.TabStop = false; + this.groupBox39.Text = "Screen Updates"; + // + // tb_Options_Map_Update_Interval + // + this.tb_Options_Map_Update_Interval.DataBindings.Add(new System.Windows.Forms.Binding("Value", global::AirScout.Properties.Settings.Default, "Map_Update", true, System.Windows.Forms.DataSourceUpdateMode.OnPropertyChanged)); + this.tb_Options_Map_Update_Interval.Font = new System.Drawing.Font("Courier New", 9.75F, System.Drawing.FontStyle.Regular, System.Drawing.GraphicsUnit.Point, ((byte)(0))); + this.tb_Options_Map_Update_Interval.FormatSpecifier = "F0"; + this.tb_Options_Map_Update_Interval.Location = new System.Drawing.Point(119, 17); + this.tb_Options_Map_Update_Interval.MaxValue = 3600; + this.tb_Options_Map_Update_Interval.MinValue = 0; + this.tb_Options_Map_Update_Interval.Name = "tb_Options_Map_Update_Interval"; + this.tb_Options_Map_Update_Interval.Size = new System.Drawing.Size(37, 22); + this.tb_Options_Map_Update_Interval.TabIndex = 23; + this.tb_Options_Map_Update_Interval.Text = "1"; + this.tb_Options_Map_Update_Interval.Value = global::AirScout.Properties.Settings.Default.Map_Update; + // + // label97 + // + this.label97.AutoSize = true; + this.label97.Font = new System.Drawing.Font("Microsoft Sans Serif", 8.25F, System.Drawing.FontStyle.Regular, System.Drawing.GraphicsUnit.Point, ((byte)(0))); + this.label97.Location = new System.Drawing.Point(171, 20); + this.label97.Name = "label97"; + this.label97.Size = new System.Drawing.Size(56, 13); + this.label97.TabIndex = 22; + this.label97.Text = "second(s)."; + // + // label29 + // + this.label29.AutoSize = true; + this.label29.Font = new System.Drawing.Font("Microsoft Sans Serif", 8.25F, System.Drawing.FontStyle.Regular, System.Drawing.GraphicsUnit.Point, ((byte)(0))); + this.label29.Location = new System.Drawing.Point(4, 20); + this.label29.Name = "label29"; + this.label29.Size = new System.Drawing.Size(109, 13); + this.label29.TabIndex = 20; + this.label29.Text = "Update screen every "; + // // groupBox30 // this.groupBox30.Controls.Add(this.tb_Options_Planes_IconSize_S); @@ -2425,9 +2502,9 @@ this.groupBox30.Controls.Add(this.label81); this.groupBox30.Controls.Add(this.label80); this.groupBox30.Font = new System.Drawing.Font("Microsoft Sans Serif", 8.25F, ((System.Drawing.FontStyle)((System.Drawing.FontStyle.Bold | System.Drawing.FontStyle.Italic))), System.Drawing.GraphicsUnit.Point, ((byte)(0))); - this.groupBox30.Location = new System.Drawing.Point(415, 377); + this.groupBox30.Location = new System.Drawing.Point(415, 387); this.groupBox30.Name = "groupBox30"; - this.groupBox30.Size = new System.Drawing.Size(242, 97); + this.groupBox30.Size = new System.Drawing.Size(242, 87); this.groupBox30.TabIndex = 6; this.groupBox30.TabStop = false; this.groupBox30.Text = "Plane Icon Sizes per Category"; @@ -2437,7 +2514,7 @@ this.tb_Options_Planes_IconSize_S.DataBindings.Add(new System.Windows.Forms.Binding("Value", global::AirScout.Properties.Settings.Default, "Planes_IconSize_S", true, System.Windows.Forms.DataSourceUpdateMode.OnPropertyChanged)); this.tb_Options_Planes_IconSize_S.Font = new System.Drawing.Font("Courier New", 9.75F, System.Drawing.FontStyle.Regular, System.Drawing.GraphicsUnit.Point, ((byte)(0))); this.tb_Options_Planes_IconSize_S.FormatSpecifier = "F0"; - this.tb_Options_Planes_IconSize_S.Location = new System.Drawing.Point(183, 47); + this.tb_Options_Planes_IconSize_S.Location = new System.Drawing.Point(183, 43); this.tb_Options_Planes_IconSize_S.MaxValue = 128; this.tb_Options_Planes_IconSize_S.MinValue = 0; this.tb_Options_Planes_IconSize_S.Name = "tb_Options_Planes_IconSize_S"; @@ -2451,7 +2528,7 @@ this.tb_Options_Planes_IconSize_H.DataBindings.Add(new System.Windows.Forms.Binding("Value", global::AirScout.Properties.Settings.Default, "Planes_IconSize_H", true, System.Windows.Forms.DataSourceUpdateMode.OnPropertyChanged)); this.tb_Options_Planes_IconSize_H.Font = new System.Drawing.Font("Courier New", 9.75F, System.Drawing.FontStyle.Regular, System.Drawing.GraphicsUnit.Point, ((byte)(0))); this.tb_Options_Planes_IconSize_H.FormatSpecifier = "F0"; - this.tb_Options_Planes_IconSize_H.Location = new System.Drawing.Point(183, 19); + this.tb_Options_Planes_IconSize_H.Location = new System.Drawing.Point(183, 15); this.tb_Options_Planes_IconSize_H.MaxValue = 128; this.tb_Options_Planes_IconSize_H.MinValue = 0; this.tb_Options_Planes_IconSize_H.Name = "tb_Options_Planes_IconSize_H"; @@ -2465,7 +2542,7 @@ this.tb_Options_Planes_IconSize_M.DataBindings.Add(new System.Windows.Forms.Binding("Value", global::AirScout.Properties.Settings.Default, "Planes_IconSize_M", true, System.Windows.Forms.DataSourceUpdateMode.OnPropertyChanged)); this.tb_Options_Planes_IconSize_M.Font = new System.Drawing.Font("Courier New", 9.75F, System.Drawing.FontStyle.Regular, System.Drawing.GraphicsUnit.Point, ((byte)(0))); this.tb_Options_Planes_IconSize_M.FormatSpecifier = "F0"; - this.tb_Options_Planes_IconSize_M.Location = new System.Drawing.Point(63, 47); + this.tb_Options_Planes_IconSize_M.Location = new System.Drawing.Point(63, 43); this.tb_Options_Planes_IconSize_M.MaxValue = 128; this.tb_Options_Planes_IconSize_M.MinValue = 0; this.tb_Options_Planes_IconSize_M.Name = "tb_Options_Planes_IconSize_M"; @@ -2479,7 +2556,7 @@ this.tb_Options_Planes_IconSize_L.DataBindings.Add(new System.Windows.Forms.Binding("Value", global::AirScout.Properties.Settings.Default, "Planes_IconSize_L", true, System.Windows.Forms.DataSourceUpdateMode.OnPropertyChanged)); this.tb_Options_Planes_IconSize_L.Font = new System.Drawing.Font("Courier New", 9.75F, System.Drawing.FontStyle.Regular, System.Drawing.GraphicsUnit.Point, ((byte)(0))); this.tb_Options_Planes_IconSize_L.FormatSpecifier = "F0"; - this.tb_Options_Planes_IconSize_L.Location = new System.Drawing.Point(63, 21); + this.tb_Options_Planes_IconSize_L.Location = new System.Drawing.Point(63, 17); this.tb_Options_Planes_IconSize_L.MaxValue = 128; this.tb_Options_Planes_IconSize_L.MinValue = 0; this.tb_Options_Planes_IconSize_L.Name = "tb_Options_Planes_IconSize_L"; @@ -2491,18 +2568,18 @@ // label84 // this.label84.AutoSize = true; - this.label84.Font = new System.Drawing.Font("Microsoft Sans Serif", 8.25F, System.Drawing.FontStyle.Italic, System.Drawing.GraphicsUnit.Point, ((byte)(0))); - this.label84.Location = new System.Drawing.Point(44, 77); + this.label84.Font = new System.Drawing.Font("Microsoft Sans Serif", 9F, System.Drawing.FontStyle.Italic, System.Drawing.GraphicsUnit.Point, ((byte)(0))); + this.label84.Location = new System.Drawing.Point(41, 66); this.label84.Name = "label84"; - this.label84.Size = new System.Drawing.Size(137, 13); + this.label84.Size = new System.Drawing.Size(159, 15); this.label84.TabIndex = 12; - this.label84.Text = "Restart of AirScout required"; + this.label84.Text = "Restart of AirScout required!"; // // label83 // this.label83.AutoSize = true; this.label83.Font = new System.Drawing.Font("Microsoft Sans Serif", 8.25F, System.Drawing.FontStyle.Regular, System.Drawing.GraphicsUnit.Point, ((byte)(0))); - this.label83.Location = new System.Drawing.Point(15, 51); + this.label83.Location = new System.Drawing.Point(15, 47); this.label83.Name = "label83"; this.label83.Size = new System.Drawing.Size(47, 13); this.label83.TabIndex = 7; @@ -2512,7 +2589,7 @@ // this.label82.AutoSize = true; this.label82.Font = new System.Drawing.Font("Microsoft Sans Serif", 8.25F, System.Drawing.FontStyle.Regular, System.Drawing.GraphicsUnit.Point, ((byte)(0))); - this.label82.Location = new System.Drawing.Point(131, 25); + this.label82.Location = new System.Drawing.Point(131, 21); this.label82.Name = "label82"; this.label82.Size = new System.Drawing.Size(41, 13); this.label82.TabIndex = 6; @@ -2522,7 +2599,7 @@ // this.label81.AutoSize = true; this.label81.Font = new System.Drawing.Font("Microsoft Sans Serif", 8.25F, System.Drawing.FontStyle.Regular, System.Drawing.GraphicsUnit.Point, ((byte)(0))); - this.label81.Location = new System.Drawing.Point(131, 51); + this.label81.Location = new System.Drawing.Point(131, 47); this.label81.Name = "label81"; this.label81.Size = new System.Drawing.Size(38, 13); this.label81.TabIndex = 5; @@ -2532,7 +2609,7 @@ // this.label80.AutoSize = true; this.label80.Font = new System.Drawing.Font("Microsoft Sans Serif", 8.25F, System.Drawing.FontStyle.Regular, System.Drawing.GraphicsUnit.Point, ((byte)(0))); - this.label80.Location = new System.Drawing.Point(15, 25); + this.label80.Location = new System.Drawing.Point(15, 21); this.label80.Name = "label80"; this.label80.Size = new System.Drawing.Size(33, 13); this.label80.TabIndex = 4; @@ -2540,121 +2617,164 @@ // // groupBox7 // + this.groupBox7.Controls.Add(this.groupBox34); + this.groupBox7.Controls.Add(this.groupBox33); + this.groupBox7.Controls.Add(this.rb_Options_InfoWin_Imperial); + this.groupBox7.Controls.Add(this.rb_Options_InfoWin_Metric); + this.groupBox7.Controls.Add(this.label72); + this.groupBox7.Controls.Add(this.btn_Options_SelectFont); + this.groupBox7.Controls.Add(this.label62); + this.groupBox7.Controls.Add(this.tb_Options_Map_ToolTipFont); this.groupBox7.Controls.Add(this.groupBox29); - this.groupBox7.Controls.Add(this.cb_Options_InfoWin_Angle); this.groupBox7.Controls.Add(this.cb_Options_InfoWin_Speed); - this.groupBox7.Controls.Add(this.cb_Options_InfoWin_Squint); - this.groupBox7.Controls.Add(this.cb_Options_InfoWin_Epsilon); - this.groupBox7.Controls.Add(this.cb_Options_InfoWin_Dist); - this.groupBox7.Controls.Add(this.cb_Options_InfoWin_Time); - this.groupBox7.Controls.Add(this.cb_Options_InfoWin_Type); - this.groupBox7.Controls.Add(this.cb_Options_InfoWin_Track); - this.groupBox7.Controls.Add(this.cb_Options_InfoWin_Alt); - this.groupBox7.Controls.Add(this.cb_Options_InfoWin_Position); this.groupBox7.Font = new System.Drawing.Font("Microsoft Sans Serif", 8.25F, ((System.Drawing.FontStyle)((System.Drawing.FontStyle.Bold | System.Drawing.FontStyle.Italic))), System.Drawing.GraphicsUnit.Point, ((byte)(0))); - this.groupBox7.Location = new System.Drawing.Point(14, 320); + this.groupBox7.Location = new System.Drawing.Point(14, 183); this.groupBox7.Name = "groupBox7"; - this.groupBox7.Size = new System.Drawing.Size(394, 154); + this.groupBox7.Size = new System.Drawing.Size(394, 291); this.groupBox7.TabIndex = 5; this.groupBox7.TabStop = false; this.groupBox7.Text = "Info Window Elements"; // - // groupBox29 + // groupBox34 // - this.groupBox29.Controls.Add(this.label76); - this.groupBox29.Controls.Add(this.label74); - this.groupBox29.Controls.Add(this.label75); - this.groupBox29.Location = new System.Drawing.Point(256, 19); - this.groupBox29.Name = "groupBox29"; - this.groupBox29.Size = new System.Drawing.Size(129, 123); - this.groupBox29.TabIndex = 19; - this.groupBox29.TabStop = false; + this.groupBox34.Controls.Add(this.label76); + this.groupBox34.Controls.Add(this.cb_Options_InfoWin_MyElevation); + this.groupBox34.Controls.Add(this.cb_Options_InfoWin_MyAzimuth); + this.groupBox34.Controls.Add(this.cb_Options_InfoWin_MyDoppler); + this.groupBox34.Controls.Add(this.cb_Options_InfoWin_DXDoppler); + this.groupBox34.Controls.Add(this.cb_Options_InfoWin_DXAzimuth); + this.groupBox34.Controls.Add(this.cb_Options_InfoWin_DXElevation); + this.groupBox34.Font = new System.Drawing.Font("Microsoft Sans Serif", 8.25F, System.Drawing.FontStyle.Regular, System.Drawing.GraphicsUnit.Point, ((byte)(0))); + this.groupBox34.Location = new System.Drawing.Point(275, 68); + this.groupBox34.Name = "groupBox34"; + this.groupBox34.Size = new System.Drawing.Size(113, 209); + this.groupBox34.TabIndex = 33; + this.groupBox34.TabStop = false; // // label76 // - this.label76.AutoSize = true; - this.label76.Font = new System.Drawing.Font("Microsoft Sans Serif", 9.75F, System.Drawing.FontStyle.Bold, System.Drawing.GraphicsUnit.Point, ((byte)(0))); - this.label76.Location = new System.Drawing.Point(10, 41); + this.label76.BackColor = System.Drawing.Color.WhiteSmoke; + this.label76.BorderStyle = System.Windows.Forms.BorderStyle.Fixed3D; + this.label76.FlatStyle = System.Windows.Forms.FlatStyle.Flat; + this.label76.Font = new System.Drawing.Font("Microsoft Sans Serif", 9F, System.Drawing.FontStyle.Italic, System.Drawing.GraphicsUnit.Point, ((byte)(0))); + this.label76.Location = new System.Drawing.Point(6, 136); this.label76.Name = "label76"; - this.label76.Size = new System.Drawing.Size(115, 16); - this.label76.TabIndex = 18; - this.label76.Text = "bold characters"; + this.label76.Size = new System.Drawing.Size(100, 64); + this.label76.TabIndex = 33; + this.label76.Text = "Visible only in detailed window and when tracking"; + this.label76.TextAlign = System.Drawing.ContentAlignment.MiddleCenter; // - // label74 + // cb_Options_InfoWin_MyElevation // - this.label74.AutoSize = true; - this.label74.Font = new System.Drawing.Font("Microsoft Sans Serif", 8.25F, System.Drawing.FontStyle.Regular, System.Drawing.GraphicsUnit.Point, ((byte)(0))); - this.label74.Location = new System.Drawing.Point(10, 19); - this.label74.Name = "label74"; - this.label74.Size = new System.Drawing.Size(88, 13); - this.label74.TabIndex = 16; - this.label74.Text = "Checkboxes with"; + this.cb_Options_InfoWin_MyElevation.AutoSize = true; + this.cb_Options_InfoWin_MyElevation.Checked = global::AirScout.Properties.Settings.Default.InfoWin_MyElevation; + this.cb_Options_InfoWin_MyElevation.DataBindings.Add(new System.Windows.Forms.Binding("Checked", global::AirScout.Properties.Settings.Default, "InfoWin_MyElevation", true, System.Windows.Forms.DataSourceUpdateMode.OnPropertyChanged)); + this.cb_Options_InfoWin_MyElevation.Font = new System.Drawing.Font("Microsoft Sans Serif", 8.25F, System.Drawing.FontStyle.Regular, System.Drawing.GraphicsUnit.Point, ((byte)(0))); + this.cb_Options_InfoWin_MyElevation.Location = new System.Drawing.Point(18, 38); + this.cb_Options_InfoWin_MyElevation.Name = "cb_Options_InfoWin_MyElevation"; + this.cb_Options_InfoWin_MyElevation.Size = new System.Drawing.Size(87, 17); + this.cb_Options_InfoWin_MyElevation.TabIndex = 27; + this.cb_Options_InfoWin_MyElevation.Tag = ""; + this.cb_Options_InfoWin_MyElevation.Text = "My Elevation"; + this.cb_Options_InfoWin_MyElevation.UseVisualStyleBackColor = true; + // + // cb_Options_InfoWin_MyAzimuth + // + this.cb_Options_InfoWin_MyAzimuth.AutoSize = true; + this.cb_Options_InfoWin_MyAzimuth.Checked = global::AirScout.Properties.Settings.Default.InfoWin_MyAzimuth; + this.cb_Options_InfoWin_MyAzimuth.DataBindings.Add(new System.Windows.Forms.Binding("Checked", global::AirScout.Properties.Settings.Default, "InfoWin_MyAzimuth", true, System.Windows.Forms.DataSourceUpdateMode.OnPropertyChanged)); + this.cb_Options_InfoWin_MyAzimuth.Font = new System.Drawing.Font("Microsoft Sans Serif", 8.25F, System.Drawing.FontStyle.Regular, System.Drawing.GraphicsUnit.Point, ((byte)(0))); + this.cb_Options_InfoWin_MyAzimuth.Location = new System.Drawing.Point(18, 18); + this.cb_Options_InfoWin_MyAzimuth.Name = "cb_Options_InfoWin_MyAzimuth"; + this.cb_Options_InfoWin_MyAzimuth.Size = new System.Drawing.Size(80, 17); + this.cb_Options_InfoWin_MyAzimuth.TabIndex = 26; + this.cb_Options_InfoWin_MyAzimuth.Tag = ""; + this.cb_Options_InfoWin_MyAzimuth.Text = "My Azimuth"; + this.cb_Options_InfoWin_MyAzimuth.UseVisualStyleBackColor = true; + // + // cb_Options_InfoWin_MyDoppler + // + this.cb_Options_InfoWin_MyDoppler.AutoSize = true; + this.cb_Options_InfoWin_MyDoppler.Checked = global::AirScout.Properties.Settings.Default.InfoWin_MyDoppler; + this.cb_Options_InfoWin_MyDoppler.DataBindings.Add(new System.Windows.Forms.Binding("Checked", global::AirScout.Properties.Settings.Default, "InfoWin_MyDoppler", true, System.Windows.Forms.DataSourceUpdateMode.OnPropertyChanged)); + this.cb_Options_InfoWin_MyDoppler.Font = new System.Drawing.Font("Microsoft Sans Serif", 8.25F, System.Drawing.FontStyle.Regular, System.Drawing.GraphicsUnit.Point, ((byte)(0))); + this.cb_Options_InfoWin_MyDoppler.Location = new System.Drawing.Point(18, 57); + this.cb_Options_InfoWin_MyDoppler.Name = "cb_Options_InfoWin_MyDoppler"; + this.cb_Options_InfoWin_MyDoppler.Size = new System.Drawing.Size(80, 17); + this.cb_Options_InfoWin_MyDoppler.TabIndex = 28; + this.cb_Options_InfoWin_MyDoppler.Tag = ""; + this.cb_Options_InfoWin_MyDoppler.Text = "My Doppler"; + this.cb_Options_InfoWin_MyDoppler.UseVisualStyleBackColor = true; + // + // cb_Options_InfoWin_DXDoppler + // + this.cb_Options_InfoWin_DXDoppler.AutoSize = true; + this.cb_Options_InfoWin_DXDoppler.Checked = global::AirScout.Properties.Settings.Default.InfoWin_DXDoppler; + this.cb_Options_InfoWin_DXDoppler.DataBindings.Add(new System.Windows.Forms.Binding("Checked", global::AirScout.Properties.Settings.Default, "InfoWin_DXDoppler", true, System.Windows.Forms.DataSourceUpdateMode.OnPropertyChanged)); + this.cb_Options_InfoWin_DXDoppler.Font = new System.Drawing.Font("Microsoft Sans Serif", 8.25F, System.Drawing.FontStyle.Regular, System.Drawing.GraphicsUnit.Point, ((byte)(0))); + this.cb_Options_InfoWin_DXDoppler.Location = new System.Drawing.Point(18, 115); + this.cb_Options_InfoWin_DXDoppler.Name = "cb_Options_InfoWin_DXDoppler"; + this.cb_Options_InfoWin_DXDoppler.Size = new System.Drawing.Size(81, 17); + this.cb_Options_InfoWin_DXDoppler.TabIndex = 31; + this.cb_Options_InfoWin_DXDoppler.Tag = ""; + this.cb_Options_InfoWin_DXDoppler.Text = "DX Doppler"; + this.cb_Options_InfoWin_DXDoppler.UseVisualStyleBackColor = true; + // + // cb_Options_InfoWin_DXAzimuth + // + this.cb_Options_InfoWin_DXAzimuth.AutoSize = true; + this.cb_Options_InfoWin_DXAzimuth.Checked = global::AirScout.Properties.Settings.Default.InfoWin_DXAzimuth; + this.cb_Options_InfoWin_DXAzimuth.DataBindings.Add(new System.Windows.Forms.Binding("Checked", global::AirScout.Properties.Settings.Default, "InfoWin_DXAzimuth", true, System.Windows.Forms.DataSourceUpdateMode.OnPropertyChanged)); + this.cb_Options_InfoWin_DXAzimuth.Font = new System.Drawing.Font("Microsoft Sans Serif", 8.25F, System.Drawing.FontStyle.Regular, System.Drawing.GraphicsUnit.Point, ((byte)(0))); + this.cb_Options_InfoWin_DXAzimuth.Location = new System.Drawing.Point(18, 77); + this.cb_Options_InfoWin_DXAzimuth.Name = "cb_Options_InfoWin_DXAzimuth"; + this.cb_Options_InfoWin_DXAzimuth.Size = new System.Drawing.Size(81, 17); + this.cb_Options_InfoWin_DXAzimuth.TabIndex = 29; + this.cb_Options_InfoWin_DXAzimuth.Tag = ""; + this.cb_Options_InfoWin_DXAzimuth.Text = "DX Azimuth"; + this.cb_Options_InfoWin_DXAzimuth.UseVisualStyleBackColor = true; + // + // cb_Options_InfoWin_DXElevation + // + this.cb_Options_InfoWin_DXElevation.AutoSize = true; + this.cb_Options_InfoWin_DXElevation.Checked = global::AirScout.Properties.Settings.Default.InfoWin_DXElevation; + this.cb_Options_InfoWin_DXElevation.DataBindings.Add(new System.Windows.Forms.Binding("Checked", global::AirScout.Properties.Settings.Default, "InfoWin_DXElevation", true, System.Windows.Forms.DataSourceUpdateMode.OnPropertyChanged)); + this.cb_Options_InfoWin_DXElevation.Font = new System.Drawing.Font("Microsoft Sans Serif", 8.25F, System.Drawing.FontStyle.Regular, System.Drawing.GraphicsUnit.Point, ((byte)(0))); + this.cb_Options_InfoWin_DXElevation.Location = new System.Drawing.Point(18, 96); + this.cb_Options_InfoWin_DXElevation.Name = "cb_Options_InfoWin_DXElevation"; + this.cb_Options_InfoWin_DXElevation.Size = new System.Drawing.Size(88, 17); + this.cb_Options_InfoWin_DXElevation.TabIndex = 30; + this.cb_Options_InfoWin_DXElevation.Tag = ""; + this.cb_Options_InfoWin_DXElevation.Text = "DX Elevation"; + this.cb_Options_InfoWin_DXElevation.UseVisualStyleBackColor = true; + // + // groupBox33 + // + this.groupBox33.Controls.Add(this.label75); + this.groupBox33.Controls.Add(this.cb_Options_InfoWin_Dist); + this.groupBox33.Controls.Add(this.cb_Options_InfoWin_Time); + this.groupBox33.Controls.Add(this.cb_Options_InfoWin_Epsilon); + this.groupBox33.Controls.Add(this.cb_Options_InfoWin_Squint); + this.groupBox33.Controls.Add(this.cb_Options_InfoWin_Angle); + this.groupBox33.Font = new System.Drawing.Font("Microsoft Sans Serif", 8.25F, System.Drawing.FontStyle.Regular, System.Drawing.GraphicsUnit.Point, ((byte)(0))); + this.groupBox33.Location = new System.Drawing.Point(147, 68); + this.groupBox33.Name = "groupBox33"; + this.groupBox33.Size = new System.Drawing.Size(122, 209); + this.groupBox33.TabIndex = 32; + this.groupBox33.TabStop = false; // // label75 // - this.label75.Font = new System.Drawing.Font("Microsoft Sans Serif", 8.25F, System.Drawing.FontStyle.Regular, System.Drawing.GraphicsUnit.Point, ((byte)(0))); - this.label75.Location = new System.Drawing.Point(10, 65); + this.label75.BackColor = System.Drawing.Color.WhiteSmoke; + this.label75.BorderStyle = System.Windows.Forms.BorderStyle.Fixed3D; + this.label75.FlatStyle = System.Windows.Forms.FlatStyle.Flat; + this.label75.Font = new System.Drawing.Font("Microsoft Sans Serif", 9F, System.Drawing.FontStyle.Italic, System.Drawing.GraphicsUnit.Point, ((byte)(0))); + this.label75.Location = new System.Drawing.Point(11, 136); this.label75.Name = "label75"; - this.label75.Size = new System.Drawing.Size(116, 41); - this.label75.TabIndex = 17; - this.label75.Text = "are affecting both Simple and Detailed Info Window."; - // - // cb_Options_InfoWin_Angle - // - this.cb_Options_InfoWin_Angle.AutoSize = true; - this.cb_Options_InfoWin_Angle.Checked = global::AirScout.Properties.Settings.Default.InfoWin_Angle; - this.cb_Options_InfoWin_Angle.DataBindings.Add(new System.Windows.Forms.Binding("Checked", global::AirScout.Properties.Settings.Default, "InfoWin_Angle", true, System.Windows.Forms.DataSourceUpdateMode.OnPropertyChanged)); - this.cb_Options_InfoWin_Angle.Font = new System.Drawing.Font("Microsoft Sans Serif", 8.25F, System.Drawing.FontStyle.Regular, System.Drawing.GraphicsUnit.Point, ((byte)(0))); - this.cb_Options_InfoWin_Angle.Location = new System.Drawing.Point(139, 75); - this.cb_Options_InfoWin_Angle.Name = "cb_Options_InfoWin_Angle"; - this.cb_Options_InfoWin_Angle.Size = new System.Drawing.Size(96, 17); - this.cb_Options_InfoWin_Angle.TabIndex = 15; - this.cb_Options_InfoWin_Angle.Tag = ""; - this.cb_Options_InfoWin_Angle.Text = "Crossing Angle"; - this.cb_Options_InfoWin_Angle.UseVisualStyleBackColor = true; - // - // cb_Options_InfoWin_Speed - // - this.cb_Options_InfoWin_Speed.AutoSize = true; - this.cb_Options_InfoWin_Speed.Checked = global::AirScout.Properties.Settings.Default.InfoWin_Speed; - this.cb_Options_InfoWin_Speed.DataBindings.Add(new System.Windows.Forms.Binding("Checked", global::AirScout.Properties.Settings.Default, "InfoWin_Speed", true, System.Windows.Forms.DataSourceUpdateMode.OnPropertyChanged)); - this.cb_Options_InfoWin_Speed.Font = new System.Drawing.Font("Microsoft Sans Serif", 8.25F, System.Drawing.FontStyle.Regular, System.Drawing.GraphicsUnit.Point, ((byte)(0))); - this.cb_Options_InfoWin_Speed.Location = new System.Drawing.Point(26, 100); - this.cb_Options_InfoWin_Speed.Name = "cb_Options_InfoWin_Speed"; - this.cb_Options_InfoWin_Speed.Size = new System.Drawing.Size(87, 17); - this.cb_Options_InfoWin_Speed.TabIndex = 14; - this.cb_Options_InfoWin_Speed.Tag = ""; - this.cb_Options_InfoWin_Speed.Text = "Plane Speed"; - this.cb_Options_InfoWin_Speed.UseVisualStyleBackColor = true; - // - // cb_Options_InfoWin_Squint - // - this.cb_Options_InfoWin_Squint.AutoSize = true; - this.cb_Options_InfoWin_Squint.Checked = global::AirScout.Properties.Settings.Default.InfoWin_Squint; - this.cb_Options_InfoWin_Squint.CheckState = System.Windows.Forms.CheckState.Checked; - this.cb_Options_InfoWin_Squint.DataBindings.Add(new System.Windows.Forms.Binding("Checked", global::AirScout.Properties.Settings.Default, "InfoWin_Squint", true, System.Windows.Forms.DataSourceUpdateMode.OnPropertyChanged)); - this.cb_Options_InfoWin_Squint.Font = new System.Drawing.Font("Microsoft Sans Serif", 8.25F, System.Drawing.FontStyle.Regular, System.Drawing.GraphicsUnit.Point, ((byte)(0))); - this.cb_Options_InfoWin_Squint.Location = new System.Drawing.Point(139, 121); - this.cb_Options_InfoWin_Squint.Name = "cb_Options_InfoWin_Squint"; - this.cb_Options_InfoWin_Squint.Size = new System.Drawing.Size(86, 17); - this.cb_Options_InfoWin_Squint.TabIndex = 13; - this.cb_Options_InfoWin_Squint.Tag = ""; - this.cb_Options_InfoWin_Squint.Text = "Squint Angle"; - this.cb_Options_InfoWin_Squint.UseVisualStyleBackColor = true; - // - // cb_Options_InfoWin_Epsilon - // - this.cb_Options_InfoWin_Epsilon.AutoSize = true; - this.cb_Options_InfoWin_Epsilon.Checked = global::AirScout.Properties.Settings.Default.InfoWin_Epsilon; - this.cb_Options_InfoWin_Epsilon.DataBindings.Add(new System.Windows.Forms.Binding("Checked", global::AirScout.Properties.Settings.Default, "InfoWin_Epsilon", true, System.Windows.Forms.DataSourceUpdateMode.OnPropertyChanged)); - this.cb_Options_InfoWin_Epsilon.Font = new System.Drawing.Font("Microsoft Sans Serif", 8.25F, System.Drawing.FontStyle.Regular, System.Drawing.GraphicsUnit.Point, ((byte)(0))); - this.cb_Options_InfoWin_Epsilon.Location = new System.Drawing.Point(139, 98); - this.cb_Options_InfoWin_Epsilon.Name = "cb_Options_InfoWin_Epsilon"; - this.cb_Options_InfoWin_Epsilon.Size = new System.Drawing.Size(105, 17); - this.cb_Options_InfoWin_Epsilon.TabIndex = 12; - this.cb_Options_InfoWin_Epsilon.Tag = ""; - this.cb_Options_InfoWin_Epsilon.Text = "Elevation Angles"; - this.cb_Options_InfoWin_Epsilon.UseVisualStyleBackColor = true; + this.label75.Size = new System.Drawing.Size(100, 64); + this.label75.TabIndex = 34; + this.label75.Text = "Visible only in detailed window when crossing"; + this.label75.TextAlign = System.Drawing.ContentAlignment.MiddleCenter; // // cb_Options_InfoWin_Dist // @@ -2663,7 +2783,7 @@ this.cb_Options_InfoWin_Dist.CheckState = System.Windows.Forms.CheckState.Checked; this.cb_Options_InfoWin_Dist.DataBindings.Add(new System.Windows.Forms.Binding("Checked", global::AirScout.Properties.Settings.Default, "InfoWin_Dist", true, System.Windows.Forms.DataSourceUpdateMode.OnPropertyChanged)); this.cb_Options_InfoWin_Dist.Font = new System.Drawing.Font("Microsoft Sans Serif", 8.25F, System.Drawing.FontStyle.Regular, System.Drawing.GraphicsUnit.Point, ((byte)(0))); - this.cb_Options_InfoWin_Dist.Location = new System.Drawing.Point(139, 29); + this.cb_Options_InfoWin_Dist.Location = new System.Drawing.Point(11, 18); this.cb_Options_InfoWin_Dist.Name = "cb_Options_InfoWin_Dist"; this.cb_Options_InfoWin_Dist.Size = new System.Drawing.Size(111, 17); this.cb_Options_InfoWin_Dist.TabIndex = 11; @@ -2678,7 +2798,7 @@ this.cb_Options_InfoWin_Time.CheckState = System.Windows.Forms.CheckState.Checked; this.cb_Options_InfoWin_Time.DataBindings.Add(new System.Windows.Forms.Binding("Checked", global::AirScout.Properties.Settings.Default, "InfoWin_Time", true, System.Windows.Forms.DataSourceUpdateMode.OnPropertyChanged)); this.cb_Options_InfoWin_Time.Font = new System.Drawing.Font("Microsoft Sans Serif", 8.25F, System.Drawing.FontStyle.Regular, System.Drawing.GraphicsUnit.Point, ((byte)(0))); - this.cb_Options_InfoWin_Time.Location = new System.Drawing.Point(139, 52); + this.cb_Options_InfoWin_Time.Location = new System.Drawing.Point(11, 38); this.cb_Options_InfoWin_Time.Name = "cb_Options_InfoWin_Time"; this.cb_Options_InfoWin_Time.Size = new System.Drawing.Size(92, 17); this.cb_Options_InfoWin_Time.TabIndex = 10; @@ -2686,81 +2806,48 @@ this.cb_Options_InfoWin_Time.Text = "Crossing Time"; this.cb_Options_InfoWin_Time.UseVisualStyleBackColor = true; // - // cb_Options_InfoWin_Type + // cb_Options_InfoWin_Epsilon // - this.cb_Options_InfoWin_Type.AutoSize = true; - this.cb_Options_InfoWin_Type.Checked = global::AirScout.Properties.Settings.Default.InfoWin_Type; - this.cb_Options_InfoWin_Type.CheckState = System.Windows.Forms.CheckState.Checked; - this.cb_Options_InfoWin_Type.DataBindings.Add(new System.Windows.Forms.Binding("Checked", global::AirScout.Properties.Settings.Default, "InfoWin_Type", true, System.Windows.Forms.DataSourceUpdateMode.OnPropertyChanged)); - this.cb_Options_InfoWin_Type.Font = new System.Drawing.Font("Microsoft Sans Serif", 8.25F, System.Drawing.FontStyle.Bold, System.Drawing.GraphicsUnit.Point, ((byte)(0))); - this.cb_Options_InfoWin_Type.Location = new System.Drawing.Point(26, 123); - this.cb_Options_InfoWin_Type.Name = "cb_Options_InfoWin_Type"; - this.cb_Options_InfoWin_Type.Size = new System.Drawing.Size(90, 17); - this.cb_Options_InfoWin_Type.TabIndex = 9; - this.cb_Options_InfoWin_Type.Tag = ""; - this.cb_Options_InfoWin_Type.Text = "Plane Type"; - this.cb_Options_InfoWin_Type.UseVisualStyleBackColor = true; + this.cb_Options_InfoWin_Epsilon.AutoSize = true; + this.cb_Options_InfoWin_Epsilon.Checked = global::AirScout.Properties.Settings.Default.InfoWin_Epsilon; + this.cb_Options_InfoWin_Epsilon.DataBindings.Add(new System.Windows.Forms.Binding("Checked", global::AirScout.Properties.Settings.Default, "InfoWin_Epsilon", true, System.Windows.Forms.DataSourceUpdateMode.OnPropertyChanged)); + this.cb_Options_InfoWin_Epsilon.Font = new System.Drawing.Font("Microsoft Sans Serif", 8.25F, System.Drawing.FontStyle.Regular, System.Drawing.GraphicsUnit.Point, ((byte)(0))); + this.cb_Options_InfoWin_Epsilon.Location = new System.Drawing.Point(11, 76); + this.cb_Options_InfoWin_Epsilon.Name = "cb_Options_InfoWin_Epsilon"; + this.cb_Options_InfoWin_Epsilon.Size = new System.Drawing.Size(105, 17); + this.cb_Options_InfoWin_Epsilon.TabIndex = 12; + this.cb_Options_InfoWin_Epsilon.Tag = ""; + this.cb_Options_InfoWin_Epsilon.Text = "Elevation Angles"; + this.cb_Options_InfoWin_Epsilon.UseVisualStyleBackColor = true; // - // cb_Options_InfoWin_Track + // cb_Options_InfoWin_Squint // - this.cb_Options_InfoWin_Track.AutoSize = true; - this.cb_Options_InfoWin_Track.Checked = global::AirScout.Properties.Settings.Default.InfoWin_Track; - this.cb_Options_InfoWin_Track.CheckState = System.Windows.Forms.CheckState.Checked; - this.cb_Options_InfoWin_Track.DataBindings.Add(new System.Windows.Forms.Binding("Checked", global::AirScout.Properties.Settings.Default, "InfoWin_Track", true, System.Windows.Forms.DataSourceUpdateMode.OnPropertyChanged)); - this.cb_Options_InfoWin_Track.Font = new System.Drawing.Font("Microsoft Sans Serif", 8.25F, System.Drawing.FontStyle.Bold, System.Drawing.GraphicsUnit.Point, ((byte)(0))); - this.cb_Options_InfoWin_Track.Location = new System.Drawing.Point(26, 77); - this.cb_Options_InfoWin_Track.Name = "cb_Options_InfoWin_Track"; - this.cb_Options_InfoWin_Track.Size = new System.Drawing.Size(95, 17); - this.cb_Options_InfoWin_Track.TabIndex = 8; - this.cb_Options_InfoWin_Track.Tag = ""; - this.cb_Options_InfoWin_Track.Text = "Plane Track"; - this.cb_Options_InfoWin_Track.UseVisualStyleBackColor = true; + this.cb_Options_InfoWin_Squint.AutoSize = true; + this.cb_Options_InfoWin_Squint.Checked = global::AirScout.Properties.Settings.Default.InfoWin_Squint; + this.cb_Options_InfoWin_Squint.CheckState = System.Windows.Forms.CheckState.Checked; + this.cb_Options_InfoWin_Squint.DataBindings.Add(new System.Windows.Forms.Binding("Checked", global::AirScout.Properties.Settings.Default, "InfoWin_Squint", true, System.Windows.Forms.DataSourceUpdateMode.OnPropertyChanged)); + this.cb_Options_InfoWin_Squint.Font = new System.Drawing.Font("Microsoft Sans Serif", 8.25F, System.Drawing.FontStyle.Regular, System.Drawing.GraphicsUnit.Point, ((byte)(0))); + this.cb_Options_InfoWin_Squint.Location = new System.Drawing.Point(11, 96); + this.cb_Options_InfoWin_Squint.Name = "cb_Options_InfoWin_Squint"; + this.cb_Options_InfoWin_Squint.Size = new System.Drawing.Size(86, 17); + this.cb_Options_InfoWin_Squint.TabIndex = 13; + this.cb_Options_InfoWin_Squint.Tag = ""; + this.cb_Options_InfoWin_Squint.Text = "Squint Angle"; + this.cb_Options_InfoWin_Squint.UseVisualStyleBackColor = true; // - // cb_Options_InfoWin_Alt + // cb_Options_InfoWin_Angle // - this.cb_Options_InfoWin_Alt.AutoSize = true; - this.cb_Options_InfoWin_Alt.Checked = global::AirScout.Properties.Settings.Default.InfoWin_Alt; - this.cb_Options_InfoWin_Alt.CheckState = System.Windows.Forms.CheckState.Checked; - this.cb_Options_InfoWin_Alt.DataBindings.Add(new System.Windows.Forms.Binding("Checked", global::AirScout.Properties.Settings.Default, "InfoWin_Alt", true, System.Windows.Forms.DataSourceUpdateMode.OnPropertyChanged)); - this.cb_Options_InfoWin_Alt.Font = new System.Drawing.Font("Microsoft Sans Serif", 8.25F, System.Drawing.FontStyle.Bold, System.Drawing.GraphicsUnit.Point, ((byte)(0))); - this.cb_Options_InfoWin_Alt.Location = new System.Drawing.Point(26, 54); - this.cb_Options_InfoWin_Alt.Name = "cb_Options_InfoWin_Alt"; - this.cb_Options_InfoWin_Alt.Size = new System.Drawing.Size(105, 17); - this.cb_Options_InfoWin_Alt.TabIndex = 7; - this.cb_Options_InfoWin_Alt.Tag = ""; - this.cb_Options_InfoWin_Alt.Text = "Plane Altitude"; - this.cb_Options_InfoWin_Alt.UseVisualStyleBackColor = true; - // - // cb_Options_InfoWin_Position - // - this.cb_Options_InfoWin_Position.AutoSize = true; - this.cb_Options_InfoWin_Position.Checked = global::AirScout.Properties.Settings.Default.InfoWin_Position; - this.cb_Options_InfoWin_Position.CheckState = System.Windows.Forms.CheckState.Checked; - this.cb_Options_InfoWin_Position.DataBindings.Add(new System.Windows.Forms.Binding("Checked", global::AirScout.Properties.Settings.Default, "InfoWin_Position", true, System.Windows.Forms.DataSourceUpdateMode.OnPropertyChanged)); - this.cb_Options_InfoWin_Position.Font = new System.Drawing.Font("Microsoft Sans Serif", 8.25F, System.Drawing.FontStyle.Bold, System.Drawing.GraphicsUnit.Point, ((byte)(0))); - this.cb_Options_InfoWin_Position.Location = new System.Drawing.Point(26, 31); - this.cb_Options_InfoWin_Position.Name = "cb_Options_InfoWin_Position"; - this.cb_Options_InfoWin_Position.Size = new System.Drawing.Size(107, 17); - this.cb_Options_InfoWin_Position.TabIndex = 6; - this.cb_Options_InfoWin_Position.Tag = ""; - this.cb_Options_InfoWin_Position.Text = "Plane Position"; - this.cb_Options_InfoWin_Position.UseVisualStyleBackColor = true; - // - // groupBox22 - // - this.groupBox22.Controls.Add(this.rb_Options_InfoWin_Imperial); - this.groupBox22.Controls.Add(this.rb_Options_InfoWin_Metric); - this.groupBox22.Controls.Add(this.label72); - this.groupBox22.Controls.Add(this.btn_Options_SelectFont); - this.groupBox22.Controls.Add(this.label62); - this.groupBox22.Controls.Add(this.tb_Options_Map_ToolTipFont); - this.groupBox22.Font = new System.Drawing.Font("Microsoft Sans Serif", 8.25F, ((System.Drawing.FontStyle)((System.Drawing.FontStyle.Bold | System.Drawing.FontStyle.Italic))), System.Drawing.GraphicsUnit.Point, ((byte)(0))); - this.groupBox22.Location = new System.Drawing.Point(13, 245); - this.groupBox22.Name = "groupBox22"; - this.groupBox22.Size = new System.Drawing.Size(395, 69); - this.groupBox22.TabIndex = 4; - this.groupBox22.TabStop = false; - this.groupBox22.Text = "Info Window Options"; + this.cb_Options_InfoWin_Angle.AutoSize = true; + this.cb_Options_InfoWin_Angle.Checked = global::AirScout.Properties.Settings.Default.InfoWin_Angle; + this.cb_Options_InfoWin_Angle.DataBindings.Add(new System.Windows.Forms.Binding("Checked", global::AirScout.Properties.Settings.Default, "InfoWin_Angle", true, System.Windows.Forms.DataSourceUpdateMode.OnPropertyChanged)); + this.cb_Options_InfoWin_Angle.Font = new System.Drawing.Font("Microsoft Sans Serif", 8.25F, System.Drawing.FontStyle.Regular, System.Drawing.GraphicsUnit.Point, ((byte)(0))); + this.cb_Options_InfoWin_Angle.Location = new System.Drawing.Point(11, 57); + this.cb_Options_InfoWin_Angle.Name = "cb_Options_InfoWin_Angle"; + this.cb_Options_InfoWin_Angle.Size = new System.Drawing.Size(96, 17); + this.cb_Options_InfoWin_Angle.TabIndex = 15; + this.cb_Options_InfoWin_Angle.Tag = ""; + this.cb_Options_InfoWin_Angle.Text = "Crossing Angle"; + this.cb_Options_InfoWin_Angle.UseVisualStyleBackColor = true; // // rb_Options_InfoWin_Imperial // @@ -2768,10 +2855,10 @@ this.rb_Options_InfoWin_Imperial.Checked = global::AirScout.Properties.Settings.Default.InfoWin_Imperial; this.rb_Options_InfoWin_Imperial.DataBindings.Add(new System.Windows.Forms.Binding("Checked", global::AirScout.Properties.Settings.Default, "InfoWin_Imperial", true, System.Windows.Forms.DataSourceUpdateMode.OnPropertyChanged)); this.rb_Options_InfoWin_Imperial.Font = new System.Drawing.Font("Microsoft Sans Serif", 8.25F, System.Drawing.FontStyle.Regular, System.Drawing.GraphicsUnit.Point, ((byte)(0))); - this.rb_Options_InfoWin_Imperial.Location = new System.Drawing.Point(156, 18); + this.rb_Options_InfoWin_Imperial.Location = new System.Drawing.Point(139, 19); this.rb_Options_InfoWin_Imperial.Name = "rb_Options_InfoWin_Imperial"; this.rb_Options_InfoWin_Imperial.Size = new System.Drawing.Size(61, 17); - this.rb_Options_InfoWin_Imperial.TabIndex = 5; + this.rb_Options_InfoWin_Imperial.TabIndex = 25; this.rb_Options_InfoWin_Imperial.Tag = ""; this.rb_Options_InfoWin_Imperial.Text = "Imperial"; this.rb_Options_InfoWin_Imperial.UseVisualStyleBackColor = true; @@ -2782,10 +2869,10 @@ this.rb_Options_InfoWin_Metric.Checked = global::AirScout.Properties.Settings.Default.InfoWin_Metric; this.rb_Options_InfoWin_Metric.DataBindings.Add(new System.Windows.Forms.Binding("Checked", global::AirScout.Properties.Settings.Default, "InfoWin_Metric", true, System.Windows.Forms.DataSourceUpdateMode.OnPropertyChanged)); this.rb_Options_InfoWin_Metric.Font = new System.Drawing.Font("Microsoft Sans Serif", 8.25F, System.Drawing.FontStyle.Regular, System.Drawing.GraphicsUnit.Point, ((byte)(0))); - this.rb_Options_InfoWin_Metric.Location = new System.Drawing.Point(83, 18); + this.rb_Options_InfoWin_Metric.Location = new System.Drawing.Point(66, 19); this.rb_Options_InfoWin_Metric.Name = "rb_Options_InfoWin_Metric"; this.rb_Options_InfoWin_Metric.Size = new System.Drawing.Size(54, 17); - this.rb_Options_InfoWin_Metric.TabIndex = 4; + this.rb_Options_InfoWin_Metric.TabIndex = 24; this.rb_Options_InfoWin_Metric.TabStop = true; this.rb_Options_InfoWin_Metric.Tag = ""; this.rb_Options_InfoWin_Metric.Text = "Metric"; @@ -2795,62 +2882,168 @@ // this.label72.AutoSize = true; this.label72.Font = new System.Drawing.Font("Microsoft Sans Serif", 8.25F, System.Drawing.FontStyle.Regular, System.Drawing.GraphicsUnit.Point, ((byte)(0))); - this.label72.Location = new System.Drawing.Point(25, 22); + this.label72.Location = new System.Drawing.Point(8, 23); this.label72.Name = "label72"; this.label72.Size = new System.Drawing.Size(34, 13); - this.label72.TabIndex = 3; + this.label72.TabIndex = 23; this.label72.Text = "Units:"; // // btn_Options_SelectFont // this.btn_Options_SelectFont.Font = new System.Drawing.Font("Microsoft Sans Serif", 8.25F, System.Drawing.FontStyle.Regular, System.Drawing.GraphicsUnit.Point, ((byte)(0))); - this.btn_Options_SelectFont.Location = new System.Drawing.Point(280, 37); + this.btn_Options_SelectFont.Location = new System.Drawing.Point(250, 38); this.btn_Options_SelectFont.Name = "btn_Options_SelectFont"; - this.btn_Options_SelectFont.Size = new System.Drawing.Size(106, 23); - this.btn_Options_SelectFont.TabIndex = 2; + this.btn_Options_SelectFont.Size = new System.Drawing.Size(112, 23); + this.btn_Options_SelectFont.TabIndex = 22; this.btn_Options_SelectFont.Text = "Select Font"; this.btn_Options_SelectFont.UseVisualStyleBackColor = true; - this.btn_Options_SelectFont.Click += new System.EventHandler(this.btn_Options_SelectFont_Click); // // label62 // this.label62.AutoSize = true; this.label62.Font = new System.Drawing.Font("Microsoft Sans Serif", 8.25F, System.Drawing.FontStyle.Regular, System.Drawing.GraphicsUnit.Point, ((byte)(0))); - this.label62.Location = new System.Drawing.Point(25, 42); + this.label62.Location = new System.Drawing.Point(8, 43); this.label62.Name = "label62"; this.label62.Size = new System.Drawing.Size(31, 13); - this.label62.TabIndex = 1; + this.label62.TabIndex = 21; this.label62.Text = "Font:"; // // tb_Options_Map_ToolTipFont // this.tb_Options_Map_ToolTipFont.DataBindings.Add(new System.Windows.Forms.Binding("Text", global::AirScout.Properties.Settings.Default, "Map_ToolTipFont", true, System.Windows.Forms.DataSourceUpdateMode.OnPropertyChanged)); this.tb_Options_Map_ToolTipFont.Font = new System.Drawing.Font("Microsoft Sans Serif", 8.25F, System.Drawing.FontStyle.Regular, System.Drawing.GraphicsUnit.Point, ((byte)(0))); - this.tb_Options_Map_ToolTipFont.Location = new System.Drawing.Point(72, 39); + this.tb_Options_Map_ToolTipFont.Location = new System.Drawing.Point(55, 40); this.tb_Options_Map_ToolTipFont.Name = "tb_Options_Map_ToolTipFont"; this.tb_Options_Map_ToolTipFont.ReadOnly = true; this.tb_Options_Map_ToolTipFont.Size = new System.Drawing.Size(179, 20); - this.tb_Options_Map_ToolTipFont.TabIndex = 0; + this.tb_Options_Map_ToolTipFont.TabIndex = 20; this.tb_Options_Map_ToolTipFont.Text = global::AirScout.Properties.Settings.Default.Map_ToolTipFont; // + // groupBox29 + // + this.groupBox29.Controls.Add(this.cb_Options_InfoWin_AlwaysDetailed); + this.groupBox29.Controls.Add(this.label74); + this.groupBox29.Controls.Add(this.cb_Options_InfoWin_Position); + this.groupBox29.Controls.Add(this.cb_Options_InfoWin_Alt); + this.groupBox29.Controls.Add(this.cb_Options_InfoWin_Track); + this.groupBox29.Controls.Add(this.cb_Options_InfoWin_Type); + this.groupBox29.Font = new System.Drawing.Font("Microsoft Sans Serif", 8.25F, System.Drawing.FontStyle.Bold, System.Drawing.GraphicsUnit.Point, ((byte)(0))); + this.groupBox29.Location = new System.Drawing.Point(14, 68); + this.groupBox29.Name = "groupBox29"; + this.groupBox29.Size = new System.Drawing.Size(127, 209); + this.groupBox29.TabIndex = 19; + this.groupBox29.TabStop = false; + // + // label74 + // + this.label74.BackColor = System.Drawing.Color.WhiteSmoke; + this.label74.BorderStyle = System.Windows.Forms.BorderStyle.Fixed3D; + this.label74.FlatStyle = System.Windows.Forms.FlatStyle.Flat; + this.label74.Font = new System.Drawing.Font("Microsoft Sans Serif", 9F, ((System.Drawing.FontStyle)((System.Drawing.FontStyle.Bold | System.Drawing.FontStyle.Italic))), System.Drawing.GraphicsUnit.Point, ((byte)(0))); + this.label74.Location = new System.Drawing.Point(7, 136); + this.label74.Name = "label74"; + this.label74.Size = new System.Drawing.Size(114, 64); + this.label74.TabIndex = 34; + this.label74.Text = "Always visible"; + this.label74.TextAlign = System.Drawing.ContentAlignment.MiddleCenter; + // + // cb_Options_InfoWin_Position + // + this.cb_Options_InfoWin_Position.AutoSize = true; + this.cb_Options_InfoWin_Position.Checked = global::AirScout.Properties.Settings.Default.InfoWin_Position; + this.cb_Options_InfoWin_Position.CheckState = System.Windows.Forms.CheckState.Checked; + this.cb_Options_InfoWin_Position.DataBindings.Add(new System.Windows.Forms.Binding("Checked", global::AirScout.Properties.Settings.Default, "InfoWin_Position", true, System.Windows.Forms.DataSourceUpdateMode.OnPropertyChanged)); + this.cb_Options_InfoWin_Position.Font = new System.Drawing.Font("Microsoft Sans Serif", 8.25F, System.Drawing.FontStyle.Bold, System.Drawing.GraphicsUnit.Point, ((byte)(0))); + this.cb_Options_InfoWin_Position.Location = new System.Drawing.Point(6, 18); + this.cb_Options_InfoWin_Position.Name = "cb_Options_InfoWin_Position"; + this.cb_Options_InfoWin_Position.Size = new System.Drawing.Size(107, 17); + this.cb_Options_InfoWin_Position.TabIndex = 6; + this.cb_Options_InfoWin_Position.Tag = ""; + this.cb_Options_InfoWin_Position.Text = "Plane Position"; + this.cb_Options_InfoWin_Position.UseVisualStyleBackColor = true; + // + // cb_Options_InfoWin_Alt + // + this.cb_Options_InfoWin_Alt.AutoSize = true; + this.cb_Options_InfoWin_Alt.Checked = global::AirScout.Properties.Settings.Default.InfoWin_Alt; + this.cb_Options_InfoWin_Alt.CheckState = System.Windows.Forms.CheckState.Checked; + this.cb_Options_InfoWin_Alt.DataBindings.Add(new System.Windows.Forms.Binding("Checked", global::AirScout.Properties.Settings.Default, "InfoWin_Alt", true, System.Windows.Forms.DataSourceUpdateMode.OnPropertyChanged)); + this.cb_Options_InfoWin_Alt.Font = new System.Drawing.Font("Microsoft Sans Serif", 8.25F, System.Drawing.FontStyle.Bold, System.Drawing.GraphicsUnit.Point, ((byte)(0))); + this.cb_Options_InfoWin_Alt.Location = new System.Drawing.Point(6, 37); + this.cb_Options_InfoWin_Alt.Name = "cb_Options_InfoWin_Alt"; + this.cb_Options_InfoWin_Alt.Size = new System.Drawing.Size(105, 17); + this.cb_Options_InfoWin_Alt.TabIndex = 7; + this.cb_Options_InfoWin_Alt.Tag = ""; + this.cb_Options_InfoWin_Alt.Text = "Plane Altitude"; + this.cb_Options_InfoWin_Alt.UseVisualStyleBackColor = true; + // + // cb_Options_InfoWin_Track + // + this.cb_Options_InfoWin_Track.AutoSize = true; + this.cb_Options_InfoWin_Track.Checked = global::AirScout.Properties.Settings.Default.InfoWin_Track; + this.cb_Options_InfoWin_Track.CheckState = System.Windows.Forms.CheckState.Checked; + this.cb_Options_InfoWin_Track.DataBindings.Add(new System.Windows.Forms.Binding("Checked", global::AirScout.Properties.Settings.Default, "InfoWin_Track", true, System.Windows.Forms.DataSourceUpdateMode.OnPropertyChanged)); + this.cb_Options_InfoWin_Track.Font = new System.Drawing.Font("Microsoft Sans Serif", 8.25F, System.Drawing.FontStyle.Bold, System.Drawing.GraphicsUnit.Point, ((byte)(0))); + this.cb_Options_InfoWin_Track.Location = new System.Drawing.Point(6, 56); + this.cb_Options_InfoWin_Track.Name = "cb_Options_InfoWin_Track"; + this.cb_Options_InfoWin_Track.Size = new System.Drawing.Size(95, 17); + this.cb_Options_InfoWin_Track.TabIndex = 8; + this.cb_Options_InfoWin_Track.Tag = ""; + this.cb_Options_InfoWin_Track.Text = "Plane Track"; + this.cb_Options_InfoWin_Track.UseVisualStyleBackColor = true; + // + // cb_Options_InfoWin_Type + // + this.cb_Options_InfoWin_Type.AutoSize = true; + this.cb_Options_InfoWin_Type.Checked = global::AirScout.Properties.Settings.Default.InfoWin_Type; + this.cb_Options_InfoWin_Type.CheckState = System.Windows.Forms.CheckState.Checked; + this.cb_Options_InfoWin_Type.DataBindings.Add(new System.Windows.Forms.Binding("Checked", global::AirScout.Properties.Settings.Default, "InfoWin_Type", true, System.Windows.Forms.DataSourceUpdateMode.OnPropertyChanged)); + this.cb_Options_InfoWin_Type.Font = new System.Drawing.Font("Microsoft Sans Serif", 8.25F, System.Drawing.FontStyle.Bold, System.Drawing.GraphicsUnit.Point, ((byte)(0))); + this.cb_Options_InfoWin_Type.Location = new System.Drawing.Point(6, 75); + this.cb_Options_InfoWin_Type.Name = "cb_Options_InfoWin_Type"; + this.cb_Options_InfoWin_Type.Size = new System.Drawing.Size(90, 17); + this.cb_Options_InfoWin_Type.TabIndex = 9; + this.cb_Options_InfoWin_Type.Tag = ""; + this.cb_Options_InfoWin_Type.Text = "Plane Type"; + this.cb_Options_InfoWin_Type.UseVisualStyleBackColor = true; + // + // cb_Options_InfoWin_Speed + // + this.cb_Options_InfoWin_Speed.AutoSize = true; + this.cb_Options_InfoWin_Speed.Checked = global::AirScout.Properties.Settings.Default.InfoWin_Speed; + this.cb_Options_InfoWin_Speed.DataBindings.Add(new System.Windows.Forms.Binding("Checked", global::AirScout.Properties.Settings.Default, "InfoWin_Speed", true, System.Windows.Forms.DataSourceUpdateMode.OnPropertyChanged)); + this.cb_Options_InfoWin_Speed.Font = new System.Drawing.Font("Microsoft Sans Serif", 8.25F, System.Drawing.FontStyle.Regular, System.Drawing.GraphicsUnit.Point, ((byte)(0))); + this.cb_Options_InfoWin_Speed.Location = new System.Drawing.Point(275, 310); + this.cb_Options_InfoWin_Speed.Name = "cb_Options_InfoWin_Speed"; + this.cb_Options_InfoWin_Speed.Size = new System.Drawing.Size(87, 17); + this.cb_Options_InfoWin_Speed.TabIndex = 14; + this.cb_Options_InfoWin_Speed.Tag = ""; + this.cb_Options_InfoWin_Speed.Text = "Plane Speed"; + this.cb_Options_InfoWin_Speed.UseVisualStyleBackColor = true; + // // groupBox2 // this.groupBox2.Controls.Add(this.label61); this.groupBox2.Controls.Add(this.cb_Options_Map_Provider); + this.groupBox2.Controls.Add(this.cb_Options_Map_Preloader_Enabled); + this.groupBox2.Controls.Add(this.ud_Options_Map_Opacity); + this.groupBox2.Controls.Add(this.label148); + this.groupBox2.Controls.Add(this.ud_Options_Map_Preloader_MaxZoom); + this.groupBox2.Controls.Add(this.label144); this.groupBox2.Font = new System.Drawing.Font("Microsoft Sans Serif", 8.25F, ((System.Drawing.FontStyle)((System.Drawing.FontStyle.Bold | System.Drawing.FontStyle.Italic))), System.Drawing.GraphicsUnit.Point, ((byte)(0))); this.groupBox2.Location = new System.Drawing.Point(13, 10); this.groupBox2.Name = "groupBox2"; - this.groupBox2.Size = new System.Drawing.Size(644, 123); + this.groupBox2.Size = new System.Drawing.Size(395, 167); this.groupBox2.TabIndex = 3; this.groupBox2.TabStop = false; - this.groupBox2.Text = "Map Source"; + this.groupBox2.Text = "Map"; // // label61 // - this.label61.Font = new System.Drawing.Font("Microsoft Sans Serif", 9.75F, System.Drawing.FontStyle.Italic, System.Drawing.GraphicsUnit.Point, ((byte)(0))); - this.label61.Location = new System.Drawing.Point(6, 17); + this.label61.Font = new System.Drawing.Font("Microsoft Sans Serif", 9F, System.Drawing.FontStyle.Italic, System.Drawing.GraphicsUnit.Point, ((byte)(0))); + this.label61.Location = new System.Drawing.Point(32, 14); this.label61.Name = "label61"; - this.label61.Size = new System.Drawing.Size(632, 69); + this.label61.Size = new System.Drawing.Size(342, 64); this.label61.TabIndex = 1; this.label61.Text = resources.GetString("label61.Text"); this.label61.TextAlign = System.Drawing.ContentAlignment.MiddleCenter; @@ -2860,12 +3053,82 @@ this.cb_Options_Map_Provider.DropDownStyle = System.Windows.Forms.ComboBoxStyle.DropDownList; this.cb_Options_Map_Provider.Font = new System.Drawing.Font("Microsoft Sans Serif", 8.25F, System.Drawing.FontStyle.Regular, System.Drawing.GraphicsUnit.Point, ((byte)(0))); this.cb_Options_Map_Provider.FormattingEnabled = true; - this.cb_Options_Map_Provider.Location = new System.Drawing.Point(215, 89); + this.cb_Options_Map_Provider.Location = new System.Drawing.Point(11, 81); this.cb_Options_Map_Provider.Name = "cb_Options_Map_Provider"; - this.cb_Options_Map_Provider.Size = new System.Drawing.Size(210, 21); + this.cb_Options_Map_Provider.Size = new System.Drawing.Size(363, 21); this.cb_Options_Map_Provider.TabIndex = 0; this.cb_Options_Map_Provider.DropDown += new System.EventHandler(this.cb_Options_Map_Provider_DropDown); // + // cb_Options_Map_Preloader_Enabled + // + this.cb_Options_Map_Preloader_Enabled.AutoSize = true; + this.cb_Options_Map_Preloader_Enabled.CheckAlign = System.Drawing.ContentAlignment.MiddleRight; + this.cb_Options_Map_Preloader_Enabled.Checked = global::AirScout.Properties.Settings.Default.Map_Preloader_Enabled; + this.cb_Options_Map_Preloader_Enabled.CheckState = System.Windows.Forms.CheckState.Checked; + this.cb_Options_Map_Preloader_Enabled.DataBindings.Add(new System.Windows.Forms.Binding("Checked", global::AirScout.Properties.Settings.Default, "Map_Preloader_Enabled", true, System.Windows.Forms.DataSourceUpdateMode.OnPropertyChanged)); + this.cb_Options_Map_Preloader_Enabled.Font = new System.Drawing.Font("Microsoft Sans Serif", 8.25F, System.Drawing.FontStyle.Regular, System.Drawing.GraphicsUnit.Point, ((byte)(0))); + this.cb_Options_Map_Preloader_Enabled.Location = new System.Drawing.Point(230, 111); + this.cb_Options_Map_Preloader_Enabled.Name = "cb_Options_Map_Preloader_Enabled"; + this.cb_Options_Map_Preloader_Enabled.Size = new System.Drawing.Size(136, 17); + this.cb_Options_Map_Preloader_Enabled.TabIndex = 4; + this.cb_Options_Map_Preloader_Enabled.Text = "Enable Map Preloading"; + this.cb_Options_Map_Preloader_Enabled.UseVisualStyleBackColor = true; + // + // ud_Options_Map_Opacity + // + this.ud_Options_Map_Opacity.DataBindings.Add(new System.Windows.Forms.Binding("Value", global::AirScout.Properties.Settings.Default, "Map_Opacity", true, System.Windows.Forms.DataSourceUpdateMode.OnPropertyChanged)); + this.ud_Options_Map_Opacity.Font = new System.Drawing.Font("Microsoft Sans Serif", 8.25F, System.Drawing.FontStyle.Regular, System.Drawing.GraphicsUnit.Point, ((byte)(0))); + this.ud_Options_Map_Opacity.Increment = new decimal(new int[] { + 1, + 0, + 0, + 65536}); + this.ud_Options_Map_Opacity.Location = new System.Drawing.Point(88, 109); + this.ud_Options_Map_Opacity.Maximum = new decimal(new int[] { + 1, + 0, + 0, + 0}); + this.ud_Options_Map_Opacity.Name = "ud_Options_Map_Opacity"; + this.ud_Options_Map_Opacity.Size = new System.Drawing.Size(54, 20); + this.ud_Options_Map_Opacity.TabIndex = 10; + this.ud_Options_Map_Opacity.Value = global::AirScout.Properties.Settings.Default.Map_Opacity; + // + // label148 + // + this.label148.AutoSize = true; + this.label148.Font = new System.Drawing.Font("Microsoft Sans Serif", 8.25F, System.Drawing.FontStyle.Regular, System.Drawing.GraphicsUnit.Point, ((byte)(0))); + this.label148.Location = new System.Drawing.Point(12, 112); + this.label148.Name = "label148"; + this.label148.Size = new System.Drawing.Size(70, 13); + this.label148.TabIndex = 7; + this.label148.Text = "Map Opacity:"; + // + // ud_Options_Map_Preloader_MaxZoom + // + this.ud_Options_Map_Preloader_MaxZoom.DataBindings.Add(new System.Windows.Forms.Binding("Value", global::AirScout.Properties.Settings.Default, "Map_Preloader_MaxZoom", true, System.Windows.Forms.DataSourceUpdateMode.OnPropertyChanged)); + this.ud_Options_Map_Preloader_MaxZoom.Font = new System.Drawing.Font("Courier New", 9.75F, System.Drawing.FontStyle.Regular, System.Drawing.GraphicsUnit.Point, ((byte)(0))); + this.ud_Options_Map_Preloader_MaxZoom.Location = new System.Drawing.Point(315, 134); + this.ud_Options_Map_Preloader_MaxZoom.Maximum = new decimal(new int[] { + 11, + 0, + 0, + 0}); + this.ud_Options_Map_Preloader_MaxZoom.Name = "ud_Options_Map_Preloader_MaxZoom"; + this.ud_Options_Map_Preloader_MaxZoom.Size = new System.Drawing.Size(54, 22); + this.ud_Options_Map_Preloader_MaxZoom.TabIndex = 6; + this.ud_Options_Map_Preloader_MaxZoom.Value = global::AirScout.Properties.Settings.Default.Map_Preloader_MaxZoom; + // + // label144 + // + this.label144.AutoSize = true; + this.label144.Font = new System.Drawing.Font("Microsoft Sans Serif", 8.25F, System.Drawing.FontStyle.Regular, System.Drawing.GraphicsUnit.Point, ((byte)(0))); + this.label144.Location = new System.Drawing.Point(233, 131); + this.label144.Name = "label144"; + this.label144.Size = new System.Drawing.Size(66, 26); + this.label144.TabIndex = 5; + this.label144.Text = "down to \r\nZoom Level:"; + // // tab_Options_Stations // this.tab_Options_Stations.BackColor = System.Drawing.SystemColors.Control; @@ -2917,6 +3180,7 @@ this.btn_Options_LocalObstructions.Size = new System.Drawing.Size(220, 23); this.btn_Options_LocalObstructions.TabIndex = 28; this.btn_Options_LocalObstructions.Text = "Manage"; + this.tt_Options.SetToolTip(this.btn_Options_LocalObstructions, resources.GetString("btn_Options_LocalObstructions.ToolTip")); this.btn_Options_LocalObstructions.UseVisualStyleBackColor = true; this.btn_Options_LocalObstructions.Click += new System.EventHandler(this.btn_Options_LocalObstructions_Click); // @@ -3450,6 +3714,7 @@ this.btn_Options_DXHorizon.Size = new System.Drawing.Size(100, 20); this.btn_Options_DXHorizon.TabIndex = 24; this.btn_Options_DXHorizon.Text = "Radio Horizon"; + this.tt_Options.SetToolTip(this.btn_Options_DXHorizon, "Calculates a radio horizon around the station\'s location"); this.btn_Options_DXHorizon.UseVisualStyleBackColor = true; this.btn_Options_DXHorizon.Click += new System.EventHandler(this.btn_Options_DXHorizon_Click); // @@ -3461,6 +3726,8 @@ this.btn_DXCall_QRZ.Size = new System.Drawing.Size(100, 20); this.btn_DXCall_QRZ.TabIndex = 23; this.btn_DXCall_QRZ.Text = "QRZ lookup"; + this.tt_Options.SetToolTip(this.btn_DXCall_QRZ, "Tries to get an exact location from www.qrz.com. The information will only be use" + + "d if the 6digit Maidenhead locator matches with the value in the Loc input box."); this.btn_DXCall_QRZ.UseVisualStyleBackColor = true; this.btn_DXCall_QRZ.Click += new System.EventHandler(this.btn_DXCall_QRZ_Click); // @@ -3569,6 +3836,7 @@ this.btn_Options_MyHorizon.Size = new System.Drawing.Size(100, 20); this.btn_Options_MyHorizon.TabIndex = 17; this.btn_Options_MyHorizon.Text = "Radio Horizon"; + this.tt_Options.SetToolTip(this.btn_Options_MyHorizon, "Calculates a radio horizon around the station\'s location"); this.btn_Options_MyHorizon.UseVisualStyleBackColor = true; this.btn_Options_MyHorizon.Click += new System.EventHandler(this.btn_Options_MyHorizon_Click); // @@ -3647,6 +3915,8 @@ this.btn_MyCall_QRZ.Size = new System.Drawing.Size(100, 20); this.btn_MyCall_QRZ.TabIndex = 16; this.btn_MyCall_QRZ.Text = "QRZ lookup"; + this.tt_Options.SetToolTip(this.btn_MyCall_QRZ, "Tries to get an exact location from www.qrz.com. The information will only be use" + + "d if the 6digit Maidenhead locator matches with the value in the Loc input box."); this.btn_MyCall_QRZ.UseVisualStyleBackColor = true; this.btn_MyCall_QRZ.Click += new System.EventHandler(this.btn_MyCall_QRZ_Click); // @@ -7164,18 +7434,6 @@ this.bw_StationDataUpdater.ProgressChanged += new System.ComponentModel.ProgressChangedEventHandler(this.bw_StationDataUpdater_ProgressChanged); this.bw_StationDataUpdater.RunWorkerCompleted += new System.ComponentModel.RunWorkerCompletedEventHandler(this.bw_StationDataUpdater_RunWorkerCompleted); // - // btn_DeleteSingleStation - // - this.btn_DeleteSingleStation.Font = new System.Drawing.Font("Microsoft Sans Serif", 8.25F, System.Drawing.FontStyle.Regular, System.Drawing.GraphicsUnit.Point, ((byte)(0))); - this.btn_DeleteSingleStation.Location = new System.Drawing.Point(165, 48); - this.btn_DeleteSingleStation.Name = "btn_DeleteSingleStation"; - this.btn_DeleteSingleStation.Size = new System.Drawing.Size(122, 23); - this.btn_DeleteSingleStation.TabIndex = 3; - this.btn_DeleteSingleStation.Text = "Delete Single Station"; - this.tt_Options.SetToolTip(this.btn_DeleteSingleStation, "Deletes all cached map tiles from database"); - this.btn_DeleteSingleStation.UseVisualStyleBackColor = true; - this.btn_DeleteSingleStation.Click += new System.EventHandler(this.btn_DeleteSingleStation_Click); - // // bw_ASTER3_MapUpdater // this.bw_ASTER3_MapUpdater.WorkerReportsProgress = true; @@ -7192,33 +7450,6 @@ this.bw_ASTER1_MapUpdater.ProgressChanged += new System.ComponentModel.ProgressChangedEventHandler(this.bw_ASTER1_MapUpdater_ProgressChanged); this.bw_ASTER1_MapUpdater.RunWorkerCompleted += new System.ComponentModel.RunWorkerCompletedEventHandler(this.bw_ASTER1_MapUpdater_RunWorkerCompleted); // - // cb_Options_Locators_Activate - // - this.cb_Options_Locators_Activate.AutoSize = true; - this.cb_Options_Locators_Activate.Checked = global::AirScout.Properties.Settings.Default.Map_ShowLocators; - this.cb_Options_Locators_Activate.CheckState = System.Windows.Forms.CheckState.Checked; - this.cb_Options_Locators_Activate.DataBindings.Add(new System.Windows.Forms.Binding("Checked", global::AirScout.Properties.Settings.Default, "Map_ShowLocators", true, System.Windows.Forms.DataSourceUpdateMode.OnPropertyChanged)); - this.cb_Options_Locators_Activate.Font = new System.Drawing.Font("Microsoft Sans Serif", 8.25F, System.Drawing.FontStyle.Regular, System.Drawing.GraphicsUnit.Point, ((byte)(0))); - this.cb_Options_Locators_Activate.Location = new System.Drawing.Point(16, 37); - this.cb_Options_Locators_Activate.Name = "cb_Options_Locators_Activate"; - this.cb_Options_Locators_Activate.Size = new System.Drawing.Size(114, 17); - this.cb_Options_Locators_Activate.TabIndex = 11; - this.cb_Options_Locators_Activate.Text = "Show Locator Grid"; - this.cb_Options_Locators_Activate.UseVisualStyleBackColor = true; - // - // cb_Options_Distances_Activated - // - this.cb_Options_Distances_Activated.AutoSize = true; - this.cb_Options_Distances_Activated.Checked = global::AirScout.Properties.Settings.Default.Map_ShowDistances; - this.cb_Options_Distances_Activated.DataBindings.Add(new System.Windows.Forms.Binding("Checked", global::AirScout.Properties.Settings.Default, "Map_ShowDistances", true, System.Windows.Forms.DataSourceUpdateMode.OnPropertyChanged)); - this.cb_Options_Distances_Activated.Font = new System.Drawing.Font("Microsoft Sans Serif", 8.25F, System.Drawing.FontStyle.Regular, System.Drawing.GraphicsUnit.Point, ((byte)(0))); - this.cb_Options_Distances_Activated.Location = new System.Drawing.Point(16, 54); - this.cb_Options_Distances_Activated.Name = "cb_Options_Distances_Activated"; - this.cb_Options_Distances_Activated.Size = new System.Drawing.Size(132, 17); - this.cb_Options_Distances_Activated.TabIndex = 12; - this.cb_Options_Distances_Activated.Text = "Show Distance Circles"; - this.cb_Options_Distances_Activated.UseVisualStyleBackColor = true; - // // OptionsDlg // this.AcceptButton = this.btn_Options_OK; @@ -7272,26 +7503,32 @@ this.groupBox10.ResumeLayout(false); this.groupBox10.PerformLayout(); this.tab_Options_Map.ResumeLayout(false); + this.groupBox22.ResumeLayout(false); + this.groupBox22.PerformLayout(); + ((System.ComponentModel.ISupportInitialize)(this.ud_Options_Gauges_Width)).EndInit(); this.groupBox49.ResumeLayout(false); this.groupBox49.PerformLayout(); this.groupBox37.ResumeLayout(false); this.groupBox37.PerformLayout(); ((System.ComponentModel.ISupportInitialize)(this.ud_Options_Charts_FontSize)).EndInit(); - this.groupBox39.ResumeLayout(false); - this.groupBox39.PerformLayout(); this.groupBox23.ResumeLayout(false); this.groupBox23.PerformLayout(); - ((System.ComponentModel.ISupportInitialize)(this.ud_Options_Map_Opacity)).EndInit(); - ((System.ComponentModel.ISupportInitialize)(this.ud_Options_Map_Preloader_MaxZoom)).EndInit(); + this.groupBox39.ResumeLayout(false); + this.groupBox39.PerformLayout(); this.groupBox30.ResumeLayout(false); this.groupBox30.PerformLayout(); this.groupBox7.ResumeLayout(false); this.groupBox7.PerformLayout(); + this.groupBox34.ResumeLayout(false); + this.groupBox34.PerformLayout(); + this.groupBox33.ResumeLayout(false); + this.groupBox33.PerformLayout(); this.groupBox29.ResumeLayout(false); this.groupBox29.PerformLayout(); - this.groupBox22.ResumeLayout(false); - this.groupBox22.PerformLayout(); this.groupBox2.ResumeLayout(false); + this.groupBox2.PerformLayout(); + ((System.ComponentModel.ISupportInitialize)(this.ud_Options_Map_Opacity)).EndInit(); + ((System.ComponentModel.ISupportInitialize)(this.ud_Options_Map_Preloader_MaxZoom)).EndInit(); this.tab_Options_Stations.ResumeLayout(false); this.groupBox18.ResumeLayout(false); this.groupBox18.PerformLayout(); @@ -7450,7 +7687,6 @@ private System.Windows.Forms.GroupBox groupBox21; private System.Windows.Forms.CheckBox cb_Options_Alarm_Activate; private System.Windows.Forms.Label label57; - private System.Windows.Forms.GroupBox groupBox22; private System.Windows.Forms.CheckBox cb_Options_Path_BestCaseElevation; private System.Windows.Forms.Label label21; private System.Windows.Forms.Label label28; @@ -7469,9 +7705,6 @@ private GMap.NET.WindowsForms.GMapControl gm_Options_SRTM1; private System.Windows.Forms.ComboBox cb_Options_Map_Provider; private System.Windows.Forms.Label label61; - private System.Windows.Forms.Button btn_Options_SelectFont; - private System.Windows.Forms.Label label62; - private System.Windows.Forms.TextBox tb_Options_Map_ToolTipFont; private System.Windows.Forms.GroupBox groupBox26; private System.Windows.Forms.TabPage tab_Options_SpecLab; private System.Windows.Forms.GroupBox groupBox3; @@ -7487,9 +7720,6 @@ private System.Windows.Forms.Label label66; private System.Windows.Forms.Label label70; private System.Windows.Forms.Label label71; - private System.Windows.Forms.RadioButton rb_Options_InfoWin_Imperial; - private System.Windows.Forms.RadioButton rb_Options_InfoWin_Metric; - private System.Windows.Forms.Label label72; private System.Windows.Forms.GroupBox groupBox7; private System.Windows.Forms.CheckBox cb_Options_InfoWin_Type; private System.Windows.Forms.CheckBox cb_Options_InfoWin_Track; @@ -7501,9 +7731,6 @@ private System.Windows.Forms.CheckBox cb_Options_InfoWin_Squint; private System.Windows.Forms.CheckBox cb_Options_InfoWin_Angle; private System.Windows.Forms.CheckBox cb_Options_InfoWin_Speed; - private System.Windows.Forms.Label label76; - private System.Windows.Forms.Label label75; - private System.Windows.Forms.Label label74; private System.Windows.Forms.GroupBox groupBox29; private System.Windows.Forms.TabPage tab_Options_Track; private System.Windows.Forms.GroupBox groupBox28; @@ -7922,5 +8149,29 @@ private System.Windows.Forms.RichTextBox richTextBox4; private System.Windows.Forms.CheckBox cb_Options_Locators_Activate; private System.Windows.Forms.CheckBox cb_Options_Distances_Activated; + private System.Windows.Forms.RadioButton rb_Options_InfoWin_Imperial; + private System.Windows.Forms.RadioButton rb_Options_InfoWin_Metric; + private System.Windows.Forms.Label label72; + private System.Windows.Forms.Button btn_Options_SelectFont; + private System.Windows.Forms.Label label62; + private System.Windows.Forms.TextBox tb_Options_Map_ToolTipFont; + private System.Windows.Forms.GroupBox groupBox22; + private System.Windows.Forms.Label label188; + private System.Windows.Forms.NumericUpDown ud_Options_Gauges_Width; + private System.Windows.Forms.ComboBox cb_Options_Gauges_ForeColor; + private System.Windows.Forms.Label label198; + private System.Windows.Forms.CheckBox cb_Options_InfoWin_DXDoppler; + private System.Windows.Forms.CheckBox cb_Options_InfoWin_DXElevation; + private System.Windows.Forms.CheckBox cb_Options_InfoWin_DXAzimuth; + private System.Windows.Forms.CheckBox cb_Options_InfoWin_MyDoppler; + private System.Windows.Forms.CheckBox cb_Options_InfoWin_MyElevation; + private System.Windows.Forms.CheckBox cb_Options_InfoWin_MyAzimuth; + private System.Windows.Forms.GroupBox groupBox34; + private System.Windows.Forms.Label label76; + private System.Windows.Forms.GroupBox groupBox33; + private System.Windows.Forms.Label label75; + private System.Windows.Forms.Label label74; + private System.Windows.Forms.CheckBox cb_Options_InfoWin_AlwaysDetailed; + private System.Windows.Forms.CheckBox cb_Options_Gauges_Show; } } \ No newline at end of file diff --git a/AirScout/OptionsDlg.cs b/AirScout/OptionsDlg.cs index dce604f..379e892 100644 --- a/AirScout/OptionsDlg.cs +++ b/AirScout/OptionsDlg.cs @@ -32,6 +32,7 @@ using Newtonsoft.Json; using static ScoutBase.Core.ZIP; using AirScout.PlaneFeeds.Plugin.MEFContract; using AirScout.CAT; +using System.Reflection; namespace AirScout { @@ -1186,6 +1187,28 @@ namespace AirScout cb_Options_Map_Provider.Items.Add(GMapProviders.Find("OpenStreetMap")); } cb_Options_Map_Provider.SelectedItem = GMapProviders.Find(Properties.Settings.Default.Map_Provider); + + // populate color picker dropdwon + foreach(var colorValue in Enum.GetValues(typeof(KnownColor))) + { + cb_Options_Gauges_ForeColor.Items.Add(Color.FromKnownColor((KnownColor)colorValue)); + } + + // select Color from Properties + try + { + cb_Options_Gauges_ForeColor.SelectedItem = Color.FromName(Properties.Settings.Default.Map_TrackingGaugeColor); + } + catch (Exception ex) + { + + } + + cb_Options_Gauges_ForeColor.MaxDropDownItems = 10; + cb_Options_Gauges_ForeColor.IntegralHeight = false; + cb_Options_Gauges_ForeColor.DrawMode = DrawMode.OwnerDrawFixed; + cb_Options_Gauges_ForeColor.DropDownStyle = ComboBoxStyle.DropDownList; + cb_Options_Gauges_ForeColor.DrawItem += cb_Options_Gauges_ForeColor_DrawItem; } private void tab_Options_Map_Validating(object sender, CancelEventArgs e) @@ -1276,6 +1299,34 @@ namespace AirScout } } + private void cb_Options_Gauges_ForeColor_DrawItem(object sender, DrawItemEventArgs e) + { + e.DrawBackground(); + if (e.Index >= 0) + { + var txt = cb_Options_Gauges_ForeColor.GetItemText(cb_Options_Gauges_ForeColor.Items[e.Index]); + var color = (Color)cb_Options_Gauges_ForeColor.Items[e.Index]; + var r1 = new Rectangle(e.Bounds.Left + 1, e.Bounds.Top + 1, + 2 * (e.Bounds.Height - 2), e.Bounds.Height - 2); + var r2 = Rectangle.FromLTRB(r1.Right + 2, e.Bounds.Top, + e.Bounds.Right, e.Bounds.Bottom); + using (var b = new SolidBrush(color)) + e.Graphics.FillRectangle(b, r1); + e.Graphics.DrawRectangle(Pens.Black, r1); + TextRenderer.DrawText(e.Graphics, txt, cb_Options_Gauges_ForeColor.Font, r2, + cb_Options_Gauges_ForeColor.ForeColor, TextFormatFlags.Left | TextFormatFlags.VerticalCenter); + } + } + + private void cb_Options_Gauges_ForeColor_SelectedIndexChanged(object sender, EventArgs e) + { + Color c = (Color)cb_Options_Gauges_ForeColor.SelectedItem; + + if (c == null) + return; + + Properties.Settings.Default.Map_TrackingGaugeColor = c.ToKnownColor().ToString(); + } #endregion @@ -2595,7 +2646,7 @@ namespace AirScout MessageBox.Show("Win-Test port and AirScout port must have different values.", "Parameter Error"); e.Cancel = true; } - List baudrates = new List(new int[] { 50, 100, 110, 150, 300, 1200, 2400, 4800, 9600, 19200, 38400, 57600, 115200 }); + List baudrates = new List(new int[] { 50, 100, 110, 150, 300, 600, 1200, 2400, 4800, 9600, 19200, 38400, 57600, 115200 }); if (!baudrates.Contains(tb_Options_Track_Serial_Baudrate.Value)) { string s = ""; @@ -2796,8 +2847,11 @@ namespace AirScout try { SupportedRig rig = (SupportedRig)cb_Options_CAT_Rig.SelectedItem; - if (rig.CATEngine == CATENGINE.OMNIRIGX) - portenabled = false; + if (rig != null) + { + if (rig.CATEngine == CATENGINE.OMNIRIGX) + portenabled = false; + } } catch { diff --git a/AirScout/OptionsDlg.resx b/AirScout/OptionsDlg.resx index dd52d3d..5e4ddfa 100644 --- a/AirScout/OptionsDlg.resx +++ b/AirScout/OptionsDlg.resx @@ -240,9 +240,13 @@ - You can select different map provider from the list below. Depending on your selection some maps may not be available for your choosen area. Please note that the selection of maps is taken from Great Maps regardless of their legal status. Some of them might be copyrighted or otherwise restricted in use. + You can select different map provider from the list below. Please note that the selection of maps is taken from Great Maps regardless of their legal status. Some of them might be copyrighted or otherwise restricted in use. You were asked to agree with the terms of use first. Open Street Map is recommended as a default. + + + Manages local obstructions near own location which are not covered by the choosen Digital Elevation Model, e.g. higher buildings or hill sites. +You can set a minimal possibile elevation for each single direction manually here. Information from callsign database and other sources are used to prefill fields. You can overwrite and complete entries here. Your local database is updated. If you want to share the information with the AirScout community please use the "Send Update!" buttons. diff --git a/AirScout/Properties/AssemblyInfo.cs b/AirScout/Properties/AssemblyInfo.cs index 1df1696..66cf7c2 100644 --- a/AirScout/Properties/AssemblyInfo.cs +++ b/AirScout/Properties/AssemblyInfo.cs @@ -32,5 +32,5 @@ using System.Runtime.InteropServices; // Sie können alle Werte angeben oder die standardmäßigen Build- und Revisionsnummern // übernehmen, indem Sie "*" eingeben: // [assembly: AssemblyVersion("1.0.*")] -[assembly: AssemblyVersion("1.3.3.7")] -[assembly: AssemblyFileVersion("1.3.3.7")] +[assembly: AssemblyVersion("1.4.1.0")] +[assembly: AssemblyFileVersion("1.4.1.0")] diff --git a/AirScout/Properties/Resources.Designer.cs b/AirScout/Properties/Resources.Designer.cs index 97fffc0..3e262a6 100644 --- a/AirScout/Properties/Resources.Designer.cs +++ b/AirScout/Properties/Resources.Designer.cs @@ -19,7 +19,7 @@ namespace AirScout.Properties { // -Klasse über ein Tool wie ResGen oder Visual Studio automatisch generiert. // Um einen Member hinzuzufügen oder zu entfernen, bearbeiten Sie die .ResX-Datei und führen dann ResGen // mit der /str-Option erneut aus, oder Sie erstellen Ihr VS-Projekt neu. - [global::System.CodeDom.Compiler.GeneratedCodeAttribute("System.Resources.Tools.StronglyTypedResourceBuilder", "16.0.0.0")] + [global::System.CodeDom.Compiler.GeneratedCodeAttribute("System.Resources.Tools.StronglyTypedResourceBuilder", "17.0.0.0")] [global::System.Diagnostics.DebuggerNonUserCodeAttribute()] [global::System.Runtime.CompilerServices.CompilerGeneratedAttribute()] internal class Resources { diff --git a/AirScout/Properties/Settings.Designer.cs b/AirScout/Properties/Settings.Designer.cs index 6f26b64..c97af9b 100644 --- a/AirScout/Properties/Settings.Designer.cs +++ b/AirScout/Properties/Settings.Designer.cs @@ -541,7 +541,7 @@ namespace AirScout.Properties { [global::System.Configuration.UserScopedSettingAttribute()] [global::System.Diagnostics.DebuggerNonUserCodeAttribute()] - [global::System.Configuration.DefaultSettingValueAttribute("[WebFeed] Virtual Radar Server")] + [global::System.Configuration.DefaultSettingValueAttribute("[WebFeed] OpenSky")] public string Planes_PlaneFeed1 { get { return ((string)(this["Planes_PlaneFeed1"])); @@ -2308,7 +2308,6 @@ Digital data base on the World Wide Web (URL: http://www.ngdc.noaa.gov/mgg/topo/ [global::System.Configuration.UserScopedSettingAttribute()] [global::System.Diagnostics.DebuggerNonUserCodeAttribute()] [global::System.Configuration.DefaultSettingValueAttribute("False")] - public bool StationsMap_OverlayElevation { get { return ((bool)(this["StationsMap_OverlayElevation"])); @@ -2696,5 +2695,125 @@ Digital data base on the World Wide Web (URL: http://www.ngdc.noaa.gov/mgg/topo/ this["Map_ShowDistances"] = value; } } + + [global::System.Configuration.UserScopedSettingAttribute()] + [global::System.Diagnostics.DebuggerNonUserCodeAttribute()] + [global::System.Configuration.DefaultSettingValueAttribute("175")] + public decimal Map_TrackingGaugeWidth { + get { + return ((decimal)(this["Map_TrackingGaugeWidth"])); + } + set { + this["Map_TrackingGaugeWidth"] = value; + } + } + + [global::System.Configuration.UserScopedSettingAttribute()] + [global::System.Diagnostics.DebuggerNonUserCodeAttribute()] + [global::System.Configuration.DefaultSettingValueAttribute("Black")] + public string Map_TrackingGaugeColor { + get { + return ((string)(this["Map_TrackingGaugeColor"])); + } + set { + this["Map_TrackingGaugeColor"] = value; + } + } + + [global::System.Configuration.UserScopedSettingAttribute()] + [global::System.Diagnostics.DebuggerNonUserCodeAttribute()] + [global::System.Configuration.DefaultSettingValueAttribute("False")] + public bool InfoWin_MyAzimuth { + get { + return ((bool)(this["InfoWin_MyAzimuth"])); + } + set { + this["InfoWin_MyAzimuth"] = value; + } + } + + [global::System.Configuration.UserScopedSettingAttribute()] + [global::System.Diagnostics.DebuggerNonUserCodeAttribute()] + [global::System.Configuration.DefaultSettingValueAttribute("False")] + public bool InfoWin_MyElevation { + get { + return ((bool)(this["InfoWin_MyElevation"])); + } + set { + this["InfoWin_MyElevation"] = value; + } + } + + [global::System.Configuration.UserScopedSettingAttribute()] + [global::System.Diagnostics.DebuggerNonUserCodeAttribute()] + [global::System.Configuration.DefaultSettingValueAttribute("False")] + public bool InfoWin_MyDoppler { + get { + return ((bool)(this["InfoWin_MyDoppler"])); + } + set { + this["InfoWin_MyDoppler"] = value; + } + } + + [global::System.Configuration.UserScopedSettingAttribute()] + [global::System.Diagnostics.DebuggerNonUserCodeAttribute()] + [global::System.Configuration.DefaultSettingValueAttribute("False")] + public bool InfoWin_DXAzimuth { + get { + return ((bool)(this["InfoWin_DXAzimuth"])); + } + set { + this["InfoWin_DXAzimuth"] = value; + } + } + + [global::System.Configuration.UserScopedSettingAttribute()] + [global::System.Diagnostics.DebuggerNonUserCodeAttribute()] + [global::System.Configuration.DefaultSettingValueAttribute("False")] + public bool InfoWin_DXElevation { + get { + return ((bool)(this["InfoWin_DXElevation"])); + } + set { + this["InfoWin_DXElevation"] = value; + } + } + + [global::System.Configuration.UserScopedSettingAttribute()] + [global::System.Diagnostics.DebuggerNonUserCodeAttribute()] + [global::System.Configuration.DefaultSettingValueAttribute("False")] + public bool InfoWin_DXDoppler { + get { + return ((bool)(this["InfoWin_DXDoppler"])); + } + set { + this["InfoWin_DXDoppler"] = value; + } + } + + [global::System.Configuration.UserScopedSettingAttribute()] + [global::System.Diagnostics.DebuggerNonUserCodeAttribute()] + [global::System.Configuration.DefaultSettingValueAttribute("False")] + public bool InfoWin_AlwaysDetailed { + get { + return ((bool)(this["InfoWin_AlwaysDetailed"])); + } + set { + this["InfoWin_AlwaysDetailed"] = value; + } + } + + [global::System.Configuration.UserScopedSettingAttribute()] + [global::System.Diagnostics.DebuggerNonUserCodeAttribute()] + [global::System.Configuration.DefaultSettingValueAttribute("True")] + public bool Map_TrackingGaugesShow { + get { + return ((bool)(this["Map_TrackingGaugesShow"])); + } + set { + this["Map_TrackingGaugesShow"] = value; + } + } } } diff --git a/AirScout/Properties/Settings.settings b/AirScout/Properties/Settings.settings index f63dd79..121ddfb 100644 --- a/AirScout/Properties/Settings.settings +++ b/AirScout/Properties/Settings.settings @@ -132,7 +132,7 @@ [none] - [WebFeed] Virtual Radar Server + [WebFeed] OpenSky 5 @@ -605,8 +605,8 @@ MEaSUREs data and products are available at no charge from the LP DAAC.See https 11 - False - + False + Maidenhead locator system elvation tiles calculated by DL2ALF based on elevation data of the ASTER project: @@ -724,5 +724,35 @@ NASA/METI/AIST/Japan Spacesystems, and U.S./Japan ASTER Science Team (2019). AST False + + 175 + + + Black + + + False + + + False + + + False + + + False + + + False + + + False + + + False + + + True + \ No newline at end of file diff --git a/AirScout/Readme_Linux.txt b/AirScout/Readme_Linux.txt index 32ec3ba..5b5a051 100644 --- a/AirScout/Readme_Linux.txt +++ b/AirScout/Readme_Linux.txt @@ -10,12 +10,17 @@ There is no special installation package or archive to download. Nevertheless some precautions are necessary depending on the your Linux system. Linux support remains experimental, I simply cannot verify all existing configurations. -AirScout was tested with a 64bit SUSE Linux (Leap 42.3) with KDE-Desktop and Mono 4.6.1 in a VMWare virtual machine. +Latest tests with AirScout were made on a 64bit Ubuntu Linux (21.10) with KDE-Desktop and Mono 6.8.0.105 in a VMWare virtual machine. To get ist running on your system, please follow the steps below 1. Check if your version of Linux is up to date -2. Install the full Mono package by running: +2. Get the latest Mono version information and install the full Mono package by running (see https://www.mono-project.com/): + + sudo apt install gnupg ca-certificates + sudo apt-key adv --keyserver hkp://keyserver.ubuntu.com:80 --recv-keys 3FA7E0328081BFF6A14DA29AA6A19B38D3D831EF + echo "deb https://download.mono-project.com/repo/ubuntu stable-focal main" | sudo tee /etc/apt/sources.list.d/mono-official-stable.list + sudo apt update sudo apt-get install mono-complete (on most systems) @@ -25,7 +30,7 @@ To get ist running on your system, please follow the steps below 3. Unzip archive or simple copy all unpacked files in a directory of your choice, e.g. /home/[Linux Username]/AirScout 4. Open a terminal window there -5. Run AirScout by typing "mono AirScout.exe" +5. Run AirScout by typing "mono AirScout.exe", if you have problems with language settings "LANG=en-EN mono AirScout.exe" 6. Have fun with AirScout running on Linux with 99% functionality @@ -50,10 +55,11 @@ VERY IMPORTANT!!! ON SOME OLDER/SMALLER SYSTEMS THE SSL ENCRYPTED CONNECTIONS (" IN THIS CASE YOU HAVE TO IMPORT SSL CERTIFICATES TO THE MONO CERTIFICATE STORE MANUALLY!!! Mono is using its own certificate store different from system or Mozilla's web browser. -The synchronisation should be done automatically but I found it not working sometimes after downloading the Mono package. +The synchronisation should be done automatically but I found it not working sometimes after downloading the Mono package. +In this case you will see a lot of Error messages in the Terminal window like "Error while reading chunked content: Cannot read application data on failed TLS connection" -1. Install the "ca-certificates-mozilla" package to get SSL certificates -2. Import the certificates into the Mono certificate store by typing "sudo cert-sync /etc/ssl/ca-bundle.pem" (can be a different location on other versions!) +1. Install the "ca-certificates-mono" package to get SSL certificates +2. Import the certificates into the Mono certificate store by typing "cert-sync /etc/ssl/certs/ca-certificates.crt" (can be a different location on other versions!) diff --git a/AirScout/Splash.Designer.cs b/AirScout/Splash.Designer.cs index 6f2b18e..df992de 100644 --- a/AirScout/Splash.Designer.cs +++ b/AirScout/Splash.Designer.cs @@ -46,6 +46,7 @@ this.pb_Main.SizeMode = System.Windows.Forms.PictureBoxSizeMode.StretchImage; this.pb_Main.TabIndex = 0; this.pb_Main.TabStop = false; + this.pb_Main.Click += new System.EventHandler(this.pb_Main_Click); this.pb_Main.Paint += new System.Windows.Forms.PaintEventHandler(this.pb_Main_Paint); // // ti_Close diff --git a/AirScout/Splash.cs b/AirScout/Splash.cs index 923c264..4a0aa0e 100644 --- a/AirScout/Splash.cs +++ b/AirScout/Splash.cs @@ -116,5 +116,11 @@ namespace AirScout e.Graphics.DrawString(text, myFont, Brushes.White, new Point(140-2, 10-2)); } } + + private void pb_Main_Click(object sender, EventArgs e) + { + // hide the splash window when clicking on it + this.Visible = false; + } } } diff --git a/AirScout/VersionHistory.txt b/AirScout/VersionHistory.txt index de2b5a3..25aed4c 100644 --- a/AirScout/VersionHistory.txt +++ b/AirScout/VersionHistory.txt @@ -1,4 +1,61 @@ -2021-12-23: V1.3.3.6 +2022-01-03: V1.4.1.0 +==================== + +- Bugfix: RIT on rig is reset when tracking started --> fixed +- Bugfix: Exceptions while accessing elevation database from background processes and more than one elevation model was ticked --> database status shows "Error" --> fixed +- Bugfix: Exceptions while accessing elevation database and local obstructions have NULL values --> fixed +- Bugfix: Database update was not started when last status was "Error" and no other changes occured +- Bugfix: Exceptions were thrown sometimes on concurrent database access from different threads, missing database locks --> fixed +- Bugfix: Planefeeeds with TLS (https://...) were hanging sometimes in an inifinite loop --> fixed +- Bugfix: AirScout does not deliver planes on web request +- Remove: Planefinder feed removed due to copyright issues (by request of the website owner) +- Feature: configurable update rate for tracking +- Feature: configurable time offset for tracking +- Feature: optional show a locator grid on map +- Feature: optional show distance circles around own location +- Feature: new UDP commands "ASADDWATCH qrg, call, [loc], checked (0/1), ... " and "ASREMOVEWATCH qrg, call, ..." for easier watchlist control +- Feature: common and reworked TLS client for all feeds +- Feature: hide the splash window on startup when clicking on it +- Feature: enhanced tracking gauges and rig display, you can set size and color now in Options/Settings/Map for better visibility (tnx W8BYA) +- Feature: enhanced info window with optional tracking & Doppler information for both stations (when tracking) (tnx KV4PC) +- Feature: always show a detailed info window regardless if the plane is heading towards path (for sidescatter and other purpose) (tnx KV4PC) + +2021-04-13: V1.4.0.2 +==================== + +- Feature: complete rework of tracking module with Status visualization +- Feature: CAT now handles OmniRi V1.19 or V2.x dynamically +- Feature: refined extrapolation of plane positions +- Bugfix: Planes were shown as hot when crossing path "behind" the DX station --> fixed + +2021-04-5: V1.4.0.1 +==================== + +- Feature: introducing CAT Interface with OmniRig V2.1 +- Feature: introducing Doppler shift compensation with CAT + +2021-xx-xx: V1.4.0.0 (not published) +==================== + +- Feature: introducing ASTER Digital Elevation Model covering earth surface almost complete, but data are very raw and have to filtered, only useful when coverage > 60° needed +- Feature: new OpenTopoMap provider, not really suitable for supervising aircraft travel but has very nice contour levels (based on SRTM) +- Feature: adjust main map opacity via "Options/Map" which is helpful in case map colors are very prominent + +2022-08-27: V1.3.3.7 +==================== + +- Bugfix: Removal of all non working plane feeds +- Bugfix: RTL1090 plane feed remains in deadlock if no TCP server was found --> fixed +- Bugfix: OpenSky plane feed remains in deadlock if any error during reading occurs --> fixed +- Bugfix: Browser window does not suppress JavaScript errors (if lots) making AirScout nearly unusable --> fixed (tnx OK1VUM) +- Bugfix: planes.json was not properly created and therefore not properly delivered by webserver --> fixed +- Bugfix: does not run on recent Linux distributions (like Ubuntu 22.x, 64bit) anymore --> fixed +- Bugfix: Export of horizon data was malformatted --> fixed +- Bugfix: Program settings were not handled properly on Linux --> fixed by reading and writing as JSON on Linux +- Feature: OpenSky plane feed now allows the input of username/password for registered users (extendig the limit of daily requests) +- Feature: new AirScout Server plane feed gets planes from another AirScout instance (>= V1.3.3.7) or (maybe) AirScout web service in future + +2021-12-23: V1.3.3.6 ==================== - Feature: Elevation grid overlay on "Optionms/Stations/Map" to better understand elevation resolution issues and local situation (for zoom levels >= 17) diff --git a/AirScout/Webserver.cs b/AirScout/Webserver.cs index d8d8cfb..b808955 100644 --- a/AirScout/Webserver.cs +++ b/AirScout/Webserver.cs @@ -80,6 +80,14 @@ namespace AirScout // name the thread for debugging if (String.IsNullOrEmpty(Thread.CurrentThread.Name)) Thread.CurrentThread.Name = this.GetType().Name; + + string tmpdir = Application.StartupPath; + // get temp directory from arguments + if (e != null) + { + tmpdir = (string)e.Argument; + } + Log.WriteMessage("started."); // run simple web server string hosturl = "http://+:" + Properties.Settings.Default.Webserver_Port.ToString() + "/"; @@ -119,6 +127,7 @@ namespace AirScout // send response from a background thread WebServerDelivererArgs args = new WebServerDelivererArgs(); args.ID = id; + args.TmpDirectory = tmpdir; args.Context = context; args.AllPlanes = allplanes; WebserverDeliver bw = new WebserverDeliver(); @@ -141,6 +150,9 @@ namespace AirScout Process.Start(psi).WaitForExit(); } + // do almost nothing + // wait 10 seconds and restart the listener + Thread.Sleep(10000); } catch (Exception ex) { @@ -173,6 +185,7 @@ namespace AirScout public class WebserverDeliver : BackgroundWorker { + string TmpDirectory = Application.StartupPath; public short GetElevation(double lat, double lon) { @@ -314,10 +327,10 @@ namespace AirScout } - private string DeliverPlanes() + private string DeliverPlanes(string tmpdir) { string json = ""; - var fs = File.OpenRead(Application.StartupPath + Path.DirectorySeparatorChar + "planes.json"); + var fs = File.OpenRead(tmpdir + Path.DirectorySeparatorChar + "planes.json"); using (StreamReader sr = new StreamReader(fs)) { json = sr.ReadToEnd(); @@ -801,7 +814,7 @@ namespace AirScout // check for content delivery request if (request.RawUrl.ToLower() == "/planes.json") { - responsestring = DeliverPlanes(); + responsestring = DeliverPlanes(args.TmpDirectory); } else if (request.RawUrl.ToLower().StartsWith("/version.json")) { @@ -846,6 +859,7 @@ namespace AirScout public class WebServerDelivererArgs { public int ID; + public string TmpDirectory = ""; public HttpListenerContext Context; public List AllPlanes; } diff --git a/AirScout/app.config b/AirScout/app.config index aa205b1..2a79765 100644 --- a/AirScout/app.config +++ b/AirScout/app.config @@ -1,11 +1,11 @@ - + -
+
-
+
@@ -139,7 +139,7 @@ [none] - [WebFeed] Virtual Radar Server + [WebFeed] OpenSky 5 @@ -723,20 +723,50 @@ NASA/METI/AIST/Japan Spacesystems, and U.S./Japan ASTER Science Team (2019). AST False + + 175 + + + Black + + + False + + + False + + + False + + + False + + + False + + + False + + + False + + + True + - + - + - - + + @@ -745,13 +775,13 @@ NASA/METI/AIST/Japan Spacesystems, and U.S./Japan ASTER Science Team (2019). AST - + - + - \ No newline at end of file + diff --git a/AirScout/packages.config b/AirScout/packages.config index 00bb9da..e506f74 100644 --- a/AirScout/packages.config +++ b/AirScout/packages.config @@ -1,7 +1,6 @@  - - - + + \ No newline at end of file diff --git a/AirScoutPlaneServer/AirScoutPlaneServer.csproj b/AirScoutPlaneServer/AirScoutPlaneServer.csproj index 733ec7b..5c1ebdc 100644 --- a/AirScoutPlaneServer/AirScoutPlaneServer.csproj +++ b/AirScoutPlaneServer/AirScoutPlaneServer.csproj @@ -62,16 +62,10 @@ false - - ..\packages\Newtonsoft.Json.12.0.3\lib\net40\Newtonsoft.Json.dll - - - ..\packages\Stub.System.Data.SQLite.Core.NetFramework.1.0.113.3\lib\net40\System.Data.SQLite.dll - @@ -116,7 +110,6 @@ Always - SettingsSingleFileGenerator Settings.Designer.cs @@ -158,13 +151,6 @@ - - - - Dieses Projekt verweist auf mindestens ein NuGet-Paket, das auf diesem Computer fehlt. Verwenden Sie die Wiederherstellung von NuGet-Paketen, um die fehlenden Dateien herunterzuladen. Weitere Informationen finden Sie unter "http://go.microsoft.com/fwlink/?LinkID=322105". Die fehlende Datei ist "{0}". - - - + \ No newline at end of file diff --git a/BouncyCastle/crypto.tests.Net45/packages.config b/BouncyCastle/crypto.tests.Net45/packages.config new file mode 100644 index 0000000..1f8800b --- /dev/null +++ b/BouncyCastle/crypto.tests.Net45/packages.config @@ -0,0 +1,5 @@ + + + + + \ No newline at end of file diff --git a/BouncyCastle/crypto/BouncyCastle.Android.csproj b/BouncyCastle/crypto/BouncyCastle.Android.csproj new file mode 100644 index 0000000..3d84af3 --- /dev/null +++ b/BouncyCastle/crypto/BouncyCastle.Android.csproj @@ -0,0 +1,1987 @@ + + + + Debug + AnyCPU + AnyCPU + 8.0.30703 + 2.0 + {A0D302CB-8866-4AB1-98B9-F0772EABF5DF} + {EFBA0AD7-5A72-4C68-AF49-83D382785DCF};{FAE04EC0-301F-11D3-BF4B-00C04F79EFBC} + Library + Org.BouncyCastle + Resources + Assets + False + BouncyCastle + v4.4 + + + true + full + false + bin\Debug\lib\MonoAndroid + obj\Debug\lib\MonoAndroid + DEBUG;TRACE;INCLUDE_IDEA;__MOBILE__;__ANDROID__; + prompt + 4 + None + false + + + full + true + bin\Release\lib\MonoAndroid + obj\Release\lib\MonoAndroid + TRACE;INCLUDE_IDEA;__MOBILE__;__ANDROID__; + prompt + 4 + false + false + + + true + + + ..\BouncyCastle.snk + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + \ No newline at end of file diff --git a/BouncyCastle/crypto/BouncyCastle.csproj b/BouncyCastle/crypto/BouncyCastle.csproj new file mode 100644 index 0000000..84d7bf6 --- /dev/null +++ b/BouncyCastle/crypto/BouncyCastle.csproj @@ -0,0 +1,1981 @@ + + + + Debug + AnyCPU + AnyCPU + 8.0.30703 + 2.0 + {4C235092-820C-4DEB-9074-D356FB797D8B} + Library + Org.BouncyCastle + BouncyCastle + v2.0 + + + true + full + false + bin\Debug\lib\net20\ + obj\Debug\lib\net20\ + DEBUG;TRACE;INCLUDE_IDEA; + prompt + 4 + false + + + true + bin\Release\lib\net20\ + obj\Release\lib\net20\ + TRACE;INCLUDE_IDEA; + doc\BouncyCastle.xml + prompt + 4 + false + 1591 + + + true + + + ..\BouncyCastle.snk + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + \ No newline at end of file diff --git a/BouncyCastle/crypto/BouncyCastle.iOS.csproj b/BouncyCastle/crypto/BouncyCastle.iOS.csproj new file mode 100644 index 0000000..d76444e --- /dev/null +++ b/BouncyCastle/crypto/BouncyCastle.iOS.csproj @@ -0,0 +1,1982 @@ + + + + Debug + AnyCPU + AnyCPU + 8.0.30703 + 2.0 + {0249241C-205E-4AC0-828B-90F822359B9E} + {FEACFBD2-3405-455C-9665-78FE426C6842};{FAE04EC0-301F-11D3-BF4B-00C04F79EFBC} + Library + Org.BouncyCastle + Resources + BouncyCastle + Xamarin.iOS + + + true + full + false + bin\Debug\lib\Xamarin.iOS + obj\Debug\lib\Xamarin.iOS + DEBUG;TRACE;INCLUDE_IDEA;__MOBILE__;__IOS__; + prompt + 4 + false + + + true + bin\Release\lib\Xamarin.iOS + obj\Release\lib\Xamarin.iOS + TRACE;INCLUDE_IDEA;__MOBILE__;__IOS__; + prompt + 4 + false + + + true + + + ..\BouncyCastle.snk + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + diff --git a/BouncyCastle/crypto/Contributors.html b/BouncyCastle/crypto/Contributors.html new file mode 100644 index 0000000..08830b5 --- /dev/null +++ b/BouncyCastle/crypto/Contributors.html @@ -0,0 +1,176 @@ + + + + + Contributors + + +

The Bouncy Castle Cryptographic C#® API

+

+

Donors

+

+ The following people and organisations donated financially to help with the release of 1.8.9: +
 
+ loligans and Encryptomatic LLC +

+

+ The following people and organisations donated financially to help with the release of 1.8.8: +
 
+ jey4554, Manual Corona, and Encryptomatic LLC +

+

+ The following people and organisations donated financially to help with the release of 1.8.5: +
 
+ Pharylon +

+

+ The following people and organisations donated financially to help with the release of 1.8: +
 
+ Andrew Grosser, Antonio Royo, dmitry.ribakov@gmail.com, PhreePhly, and encryptomatic.com. +

+ +

Code Contributors:

+

The following people have contributed to the C# Bouncy Castle Cryptography + Package.

+

Thanks, may your castles never deflate!

+
    +
  • +

    Kaiser Yang <kaiseryang@yahoo.com> - initial port of the lightweight + API and ASN.1 library. Finding BigInteger loop problem.

    +
    • +
  • +

    Asier Murciego <a.murciego@captiva-sys.es> - Further patching to + BigInteger library.

    +
    • +
  • +

    Megan Woods <megan.woods@widestreet.com.au> - X509 certificate + generation, RSA/DSA digest signature classes.

    +
    • +
  • +

    David Del Vecchio <ddelvecc@virginia.edu> - patches to RSA Pkcs1 + Signature generation OID issues, help with clarifications on DateTime and + certificates.

    +
    • +
  • +

    Nelson Fernandez <nelson-bc@kpanic.com.ar> - patches to allow + compilation under mono.

    +
    • +
  • +

    Paulo Soares <psoares@consiste.pt> - patches to X509CertificateParser, + C# port of JZlib plus inflater/deflater streams, C# port of Apache BZip2 + classes.

    +
    • +
  • +

    Pawel Niewiadomski <11110000b@gmail.com> - patches for X509 and CMS, + unit test for time classes.

    +
    • +
  • +

    Jesper Johansen <jesper@hc.jay.net> - bug fix for DerT61String + encodings.

    +
    • +
  • +

    Adam Sternberg <agsternberg@gmail.com> - identified problem with + generation of PGP public keyrings.

    +
    • +
  • +

    Kirill Zhuklinets <zhuklinets_k@gaz-is.ru> - initial submission of + bulk of Asn1.Esf classes (RFC 3126).

    +
    • +
  • +

    Dr Andrew Gray <andrew.gray@rcrt.co.uk> - identified problem with + BigInteger.ModPow for negative exponents.

    +
    • +
  • +

    Mauricio Ulate <mulate@gmail.com> - identified problem with non-ASCII + pass phrases in PGP.

    +
    • +
  • +

    John Allberg <John.Allberg@teliasonera.com> - initial implementation + of CryptoApiRandomGenerator.

    +
    • +
  • +

    Mattias Öhrn <mattias.ohrn@gmail.com> - identified problem with + Pkcs12Store.Save and provided fix.

    +
    • +
  • +

    Jen Andre <jandre@gmail.com> - initial implementation of + case-insensitive searches for PGP keyrings.

    +
    • +
  • +

    #Cyrille37# <cyrille37@gmail.com> - identified problem with + BigInteger.ModInverse for negative values.

    +
    • +
  • +

    David Reis Jr <davidreis@yahoo.com> - bug fix for X509CrlStoreSelector + handling of NextUpdate, fix handling of null parameters for DSA in key + factories, initial port of Pkix namespace and supporting tests. +

    +
    • +
  • +

    Ivan Peev <ivan.peev@cozyroc.com> - bug fix for version string + displayed in PGP armored output.

    +
    • +
  • +

    Hector Ornelas Aciga <hector.ornelas@sat.gob.mx> - patch to add support for PKCS#5 Scheme 2 keys.

    +
    • +
  • +

    Tom Van Holle <tvh@dsoft.be> - patch to add new class: Pkcs10CertificationRequestDelaySigned.

    +
    • +
  • +

    Kalev Lember <kalev@smartlink.ee> - patch to fix compilation problem under Mono 2.8+.

    +
    • +
  • +

    Kyle Hamilton <kyanha.bouncycastle@kyanha.net> - identified problem with BigInteger.Multiply, patch for MiscPemGenerator infinite recursion, + proposed improvements in use of random numbers.

    +
    • +
  • +

    Atanas Krachev <akrachev@gmail.com> - added support for revocation signatures in OpenPGP.

    +
    • +
  • +

    Torsten Moschny <t.moschny@web.de> - identified problem where PrivateKeyFactory/PublicKeyFactory failed to preserve publicKeyParamSet for EC keys.

    +
    • +
  • +

    Thomas Heggelund <the@dips.no> - identified problem with RSAParameters fields requiring zero-byte padding to satisfy .NET.

    +
    • +
  • +

    Laszlo Magyar <lmagyar1973@gmail.com> - patch to fix problem with SubjectDirectoryAttributes constructor.

    +
    • +
  • +

    Tim Whittington (https://github.com/timw) - ports of ChaCha, GMAC, Memoable, Poly1305, Skein, SM3, Threefish, XSalsa20. Registerised Salsa20 core.

    +
    • +
  • +

    Oscar Jacobsson (https://github.com/OscarAyoy) - patch to fix DerEnumerated constructor (including test coverage).

    +
    • +
  • +

    Michael Krueger <michael.krueger@secardeo.com> - patch to fix Asn1.Cmp.RevDetails constructor.

    +
    • +
  • +

    Daniel Nauck <daniel.nauck@gmail.com> - patch for Portable Class Library support.

    +
    • +
  • +

    John Allberg <john@ayoy.se> - improvements to Portable Class Library patch.

    +
    • +
  • +

    Oren Novotny (https://github.com/onovotny) - developed and maintained a fork supporting Portable Class Library, worked closely with us to integrate the changes back into the main project.

    +
    • +
  • +

    Nicolas Dorier (https://github.com/NicolasDorier) - patch to fix culture-dependent lookups in MacUtilities.

    +
    • +
  • +

    Artem Storozhuk <storojs72@gmail.com> - initial implementation of DSTU7564 (digest) and DSTU7624 (cipher) and their associated modes.

    +
    • +
  • +

    bkalakrishnan (https://github.com/bkalakrishnan) - reported issue with SecureRandom.NextDouble and advised how to fix.

    +
    • +
  • +

    BlackthornYugen (https://github.com/BlackthornYugen) - contributed unit tests for NIST ECC..

    +
    • +
  • +

    Nathan Douthit (https://github.com/ndouthit) - Null policy fix for TimeStampTokenGenerator

    +
    • +
  • +

    fabiogermann (https://github.com/fabiogermann) - Mixed definiton support for OAEPwithSHA256andMGF1withSHA1.

    +

    • +
+ + diff --git a/BouncyCastle/crypto/License.html b/BouncyCastle/crypto/License.html new file mode 100644 index 0000000..b062fe0 --- /dev/null +++ b/BouncyCastle/crypto/License.html @@ -0,0 +1,39 @@ + + + + + License + + +

The Bouncy Castle Cryptographic C#® API

+

License:

+The Bouncy Castle License
+Copyright (c) 2000-2021 The Legion of the Bouncy Castle Inc. +(https://www.bouncycastle.org)
+Permission is hereby granted, free of charge, to any person obtaining a +copy of this software and associated documentation files (the "Software"), to deal in the +Software without restriction, including without limitation the rights to use, copy, modify, merge, +publish, distribute, sub license, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions:
+The above copyright notice and this permission notice shall be included +in all copies or substantial portions of the Software.
+THE SOFTWARE IS PROVIDED "AS IS", +WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED,
+INCLUDING BUT NOT LIMITED TO THE +WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR
+PURPOSE AND NONINFRINGEMENT. IN NO +EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
+LIABLE FOR ANY CLAIM, DAMAGES OR OTHER +LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR
+OTHERWISE, ARISING FROM, OUT OF OR IN +CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER
+DEALINGS IN THE SOFTWARE.
+
+ + + diff --git a/BouncyCastle/crypto/MockPskTls13Client.cs b/BouncyCastle/crypto/MockPskTls13Client.cs new file mode 100644 index 0000000..d8be1fd --- /dev/null +++ b/BouncyCastle/crypto/MockPskTls13Client.cs @@ -0,0 +1,110 @@ +using System; +using System.Collections; +using System.IO; + +using Org.BouncyCastle.Tls.Crypto; +using Org.BouncyCastle.Tls.Crypto.Impl.BC; +using Org.BouncyCastle.Security; +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Tls.Tests +{ + internal class MockPskTls13Client + : AbstractTlsClient + { + internal MockPskTls13Client() + : base(new BcTlsCrypto(new SecureRandom())) + { + } + + //public override IList GetEarlyKeyShareGroups() + //{ + // return TlsUtilities.VectorOfOne(NamedGroup.secp256r1); + // //return null; + //} + + //public override short[] GetPskKeyExchangeModes() + //{ + // return new short[] { PskKeyExchangeMode.psk_dhe_ke, PskKeyExchangeMode.psk_ke }; + //} + + protected override IList GetProtocolNames() + { + IList protocolNames = new ArrayList(); + protocolNames.Add(ProtocolName.Http_1_1); + protocolNames.Add(ProtocolName.Http_2_Tls); + return protocolNames; + } + + protected override int[] GetSupportedCipherSuites() + { + return TlsUtilities.GetSupportedCipherSuites(Crypto, new int[] { CipherSuite.TLS_AES_128_GCM_SHA256 }); + } + + protected override ProtocolVersion[] GetSupportedVersions() + { + return ProtocolVersion.TLSv13.Only(); + } + + public override IList GetExternalPsks() + { + byte[] identity = Strings.ToUtf8ByteArray("client"); + TlsSecret key = Crypto.CreateSecret(Strings.ToUtf8ByteArray("TLS_TEST_PSK")); + int prfAlgorithm = PrfAlgorithm.tls13_hkdf_sha256; + + return TlsUtilities.VectorOfOne(new BasicTlsPskExternal(identity, key, prfAlgorithm)); + } + + public override void NotifyAlertRaised(short alertLevel, short alertDescription, string message, + Exception cause) + { + TextWriter output = (alertLevel == AlertLevel.fatal) ? Console.Error : Console.Out; + output.WriteLine("TLS 1.3 PSK client raised alert: " + AlertLevel.GetText(alertLevel) + + ", " + AlertDescription.GetText(alertDescription)); + if (message != null) + { + output.WriteLine("> " + message); + } + if (cause != null) + { + output.WriteLine(cause); + } + } + + public override void NotifyAlertReceived(short alertLevel, short alertDescription) + { + TextWriter output = (alertLevel == AlertLevel.fatal) ? Console.Error : Console.Out; + output.WriteLine("TLS 1.3 PSK client received alert: " + AlertLevel.GetText(alertLevel) + + ", " + AlertDescription.GetText(alertDescription)); + } + + public override void NotifySelectedPsk(TlsPsk selectedPsk) + { + if (null == selectedPsk) + throw new TlsFatalAlert(AlertDescription.handshake_failure); + } + + public override void NotifyServerVersion(ProtocolVersion serverVersion) + { + base.NotifyServerVersion(serverVersion); + + Console.WriteLine("TLS 1.3 PSK client negotiated " + serverVersion); + } + + public override TlsAuthentication GetAuthentication() + { + throw new TlsFatalAlert(AlertDescription.internal_error); + } + + public override void NotifyHandshakeComplete() + { + base.NotifyHandshakeComplete(); + + ProtocolName protocolName = m_context.SecurityParameters.ApplicationProtocol; + if (protocolName != null) + { + Console.WriteLine("Client ALPN: " + protocolName.GetUtf8Decoding()); + } + } + } +} diff --git a/BouncyCastle/crypto/NBuild.build b/BouncyCastle/crypto/NBuild.build new file mode 100644 index 0000000..557ad36 --- /dev/null +++ b/BouncyCastle/crypto/NBuild.build @@ -0,0 +1,247 @@ + + + + + + + + + + + + + + + + + + + + + + + + Compile targets will be signed using keyfile ../BouncyCastle.snk + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + diff --git a/BouncyCastle/crypto/PskTls13ClientTest.cs b/BouncyCastle/crypto/PskTls13ClientTest.cs new file mode 100644 index 0000000..6f67b05 --- /dev/null +++ b/BouncyCastle/crypto/PskTls13ClientTest.cs @@ -0,0 +1,85 @@ +using System; +using System.IO; +using System.Net.Sockets; +using System.Text; + +using NUnit.Framework; + +using Org.BouncyCastle.Utilities.Date; + +namespace Org.BouncyCastle.Tls.Tests +{ + [TestFixture] + public class PskTls13ClientTest + { + [Test, Ignore] + public void TestConnection() + { + string host = "localhost"; + int port = 5556; + + long time0 = DateTimeUtilities.CurrentUnixMs(); + + MockPskTls13Client client = new MockPskTls13Client(); + TlsClientProtocol protocol = OpenTlsClientConnection(host, port, client); + + long time1 = DateTimeUtilities.CurrentUnixMs(); + Console.WriteLine("Elapsed: " + (time1 - time0) + "ms"); + + Http11Get(host, port, protocol.Stream); + + protocol.Close(); + } + + private static void Http11Get(string host, int port, Stream s) + { + WriteUtf8Line(s, "GET / HTTP/1.1"); + //WriteUtf8Line(s, "Host: " + host + ":" + port); + WriteUtf8Line(s, ""); + s.Flush(); + + Console.WriteLine("---"); + + string[] ends = new string[] { "", "HTTP/1.1 3", "HTTP/1.1 4" }; + + StreamReader reader = new StreamReader(s); + + bool finished = false; + string line; + while (!finished && (line = reader.ReadLine()) != null) + { + Console.WriteLine("<<< " + line); + + string upperLine = TlsTestUtilities.ToUpperInvariant(line); + + // TEST CODE ONLY. This is not a robust way of parsing the result! + foreach (string end in ends) + { + if (upperLine.IndexOf(end) >= 0) + { + finished = true; + break; + } + } + } + + Console.Out.Flush(); + } + + private static TlsClientProtocol OpenTlsClientConnection(string hostname, int port, TlsClient client) + { + TcpClient tcp = new TcpClient(hostname, port); + + TlsClientProtocol protocol = new TlsClientProtocol(tcp.GetStream()); + protocol.Connect(client); + return protocol; + } + + private static void WriteUtf8Line(Stream output, string line) + { + byte[] buf = Encoding.UTF8.GetBytes(line + "\r\n"); + output.Write(buf, 0, buf.Length); + Console.WriteLine(">>> " + line); + } + } +} diff --git a/BouncyCastle/crypto/Readme.html b/BouncyCastle/crypto/Readme.html new file mode 100644 index 0000000..ac9efdb --- /dev/null +++ b/BouncyCastle/crypto/Readme.html @@ -0,0 +1,874 @@ + + + + Notes + + + +

The Bouncy Castle C# Cryptographic API

+

Contents:

+
    + +
  1. The Bouncy Castle Cryptographic C# API +
      +
    1. +
        +
      1. + Contents: +
      2. + License & Contributors: +
      3. + Features: +
      4. + How To Build. +
      5. + The Source: +
      6. + Documentation: +
      7. + For first time users. +
      8. + Notes: +
          +
        1. + Release 1.9.0 +
        2. + Release 1.8.10 +
        3. + Release 1.8.9 +
        4. + Release 1.8.8 +
        5. + Release 1.8.7 +
        6. + Release 1.8.6 +
        7. + Release 1.8.5 +
        8. + Release 1.8.4 +
        9. + Release 1.8.3 +
        10. + Release 1.8.2 +
        11. + Release 1.8.1 +
        12. + Release 1.8.0 +
        13. + Release 1.7 +
        14. + Release 1.6.1 +
        15. + Release 1.6 +
        16. + Release 1.5 +
        17. + Release 1.4 +
        18. + Release 1.3 +
        19. + Release 1.2 +
        20. + Release 1.1 +
        21. + Release 1.0 +
        22. + Tuesday Febuary 1, 2005 +
        23. + Sunday December 12, 2004
          24. +
        +
      9. + Trademarks. +
        10. +
+
+
+

License & Contributors:

+ See License & Contributors + files.
+  
+
+

Patents:

+

+ Some of the algorithms in the Bouncy Castle APIs are patented in some places. It is up to the user of the library to be aware + of their own legal situation, however we have been asked to specifically mention the patents below, in the following terms, + at the request of the patent holder. +

+

+The BC distribution contains implementations of EC MQV as described in RFC 5753, "Use of ECC Algorithms in CMS". In line with the conditions in: +

+http://www.ietf.org/ietf-ftp/IPR/certicom-ipr-rfc-5753.pdf +

+We state, where EC MQV has not otherwise been disabled or removed: +"The use of this product or service is subject to the reasonable, non-discriminatory terms in the Intellectual Property Rights (IPR) Disclosures of Certicom Corp. at the IETF for Use of Elliptic Curve Cryptography (ECC) Algorithms in Cryptographic Message Syntax (CMS) implemented in the product or service." +

+  
+
+
+

Features:

+
    +
  • + Generation and parsing of PKCS-12 files. +
    • +
  • + X.509: Generators and parsers for V1 and V3 certificates, V2 CRLs and attribute + certificates. +
    • +
  • + PBE algorithms supported by PbeUtilities: PBEwithMD2andDES-CBC, + PBEwithMD2andRC2-CBC, PBEwithMD5andDES-CBC, PBEwithMD5andRC2-CBC, + PBEwithSHA1andDES-CBC, PBEwithSHA1andRC2-CBC, PBEwithSHA-1and128bitRC4, + PBEwithSHA-1and40bitRC4, PBEwithSHA-1and3-keyDESEDE-CBC, + PBEwithSHA-1and2-keyDESEDE-CBC, PBEwithSHA-1and128bitRC2-CBC, + PBEwithSHA-1and40bitRC2-CBC, PBEwithHmacSHA-1, PBEwithHmacSHA-224, + PBEwithHmacSHA-256, PBEwithHmacRIPEMD128, PBEwithHmacRIPEMD160, and + PBEwithHmacRIPEMD256. +
    • +
  • + Signature algorithms supported by SignerUtilities: MD2withRSA, MD4withRSA, + MD5withRSA, RIPEMD128withRSA, RIPEMD160withECDSA, RIPEMD160withRSA, + RIPEMD256withRSA, SHA-1withRSA, SHA-224withRSA, SHA-256withRSAandMGF1, + SHA-384withRSAandMGF1, SHA-512withRSAandMGF1, SHA-1withDSA, and SHA-1withECDSA. +
    • +
  • + Symmetric key algorithms: AES, Blowfish, Camellia, CAST5, CAST6, ChaCha, DES, DESede, + GOST28147, HC-128, HC-256, IDEA, ISAAC, Noekeon, RC2, RC4, RC5-32, RC5-64, RC6, Rijndael, + Salsa20, SEED, Serpent, Skipjack, SM4, TEA/XTEA, Threefish, Tnepres, Twofish, VMPC and XSalsa20. +
    • +
  • + Symmetric key modes: CBC, CFB, CTS, GOFB, OFB, OpenPGPCFB, and SIC (or CTR). +
    • +
  • + Symmetric key paddings: ISO10126d2, ISO7816d4, PKCS-5/7, TBC, X.923, and Zero + Byte. +
    • +
  • + Asymmetric key algorithms: ElGamal, DSA, ECDSA, NaccacheStern and RSA (with blinding). +
    • +
  • + Asymmetric key paddings/encodings: ISO9796d1, OAEP, and PKCS-1. +
    • +
  • + AEAD block cipher modes: CCM, EAX, GCM and OCB. +
    • +
  • + Digests: GOST3411, Keccak, MD2, MD4, MD5, RIPEMD128, RIPEMD160, RIPEMD256, RIPEMD320, + SHA-1, SHA-224, SHA-256, SHA-384, SHA-512, SHA3, SM3, Tiger, and Whirlpool. +
    • +
  • + XOFs: SHAKE. +
    • +
  • + Signer mechanisms: DSA, ECDSA, ECGOST3410, ECNR, Ed25519, Ed448, GOST3410, ISO9796d2, PSS, RSA, X9.31-1998. +
    • +
  • + Key Agreement: Diffie-Hellman, EC-DH, EC-MQV, J-PAKE, SRP-6a, X25519, X448. +
    • +
  • + Macs: CBCBlockCipher, CFBBlockCipher, CMAC, GMAC, GOST28147, HMac, ISO9797 Alg. 3, Poly1305, SipHash, SkeinMac, VMPCMAC. +
    • +
  • + PBE generators: PKCS-12, and PKCS-5 - schemes 1 and 2. +
    • +
  • + OpenPGP (RFC 4880) +
    • +
  • + Cryptographic Message Syntax (CMS, RFC 3852), including streaming API. +
    • +
  • + Online Certificate Status Protocol (OCSP, RFC 2560). +
    • +
  • + Time Stamp Protocol (TSP, RFC 3161). +
    • +
  • + TLS/DTLS client/server up to version 1.2, with support for the most common ciphersuites and extensions, + and many less common ones. Non-blocking API available. +
    • +
  • + Elliptic Curve Cryptography: support for generic F2m and Fp curves, high-performance custom implementations + for many standardized curves. +
    • +
  • + Reading/writing of PEM files, including RSA and DSA keys, with a variety of + encryptions. +
    • +
  • PKIX certificate path validation
    • +
+
+

Porting notes from the old ASN.1 library For the most part code using the + old subset of ASN.1 classes should be easy to transfer, providing the following + changes are made: +

+
    +
  • + DERObject becomes Asn1Object +
    • +
  • + DEREncodable becomes Asn1Encodable +
    • +
  • + GetDERObject() becomes ToAsn1Object() +
    • +
  • + BERConstructedOctetString becomes BerOctetString +
    • +
  • + If you were using the older mutable DERConstructedSequence/Set and + BERConstructedSequence, use an Asn1EncodableVector in conjunction with + DerSequence/Set and BerSequence +
    • +
  • + BERInputStream and DERInputStream are replaced with Asn1InputStream +
    • +
  • + AsymmetricKeyParameter is now in the Org.Bouncycastle.Crypto namespace +
    • +
+
+
+

How To Build.

+

+ (NOTE: This build system is essentially obsolete and will be withdrawn after the 1.8 series. We have + introduced MSBuild project files which will probably be a preferred option if you want to build yourself.) +

+

+ The BC C# API uses NAnt (http://nant.sourceforge.net) + to provide a platform independent build environment (suggested version NAnt 0.90). + There is also a solution file for Visual Studio, and for MonoDevelop. The API works + with .NET Framework 1.1 and above. It has been successfully built and tested with Mono + versions from 1.1.13 onwards. The source code can be built for .NET Compact Framework 1.0 + by setting the compilation flag NETCF_1_0, or .NET Compact Framework 2.0 by setting NETCF_2_0, + or Silverlight 2 by setting SILVERLIGHT. +

+ Using a command prompt (DOS window), cd into the 'crypto' folder of this + distribution.
+
+ Use,
+
    +
  • + 'nant' without arguments to compile + debug code, the tests and run the tests. +
    • +
  • + 'nant compile-release' to compile + release code. +
    • +
  • + 'nant compile-debug' to compile + debug code. +
    • +
  • + 'nant test' to run the included unit + tests (using NUnit; you may need to edit the build file to set the location + where NUnit is installed). +
    • +
+

+ Output:
+
+     The compiled API can be found in the 'api/bin/release' & + 'api/bin/debug' directories.
+     The compiled tests can be found in the 'test/bin' directory + (by default a debug build is used for testing).
+

+

+

+

The Source:

+ The main source code can be found in the 'src' directory. There is additional source code in 'bzip2/src'.
+
+
+

Documentation:

+

+ There is limited documentation available at the moment. Some of the source contains XML comments, + but this is a work in progress. We welcome contributions of documentation, which often requires only + formatting changes from the corresponding javadoc in the Java API. +

+

+

+

+

For first time users.

+  Java heritage,
+
+ The Bouncy Castle C# API is a port of the Bouncy Castle Java APIs. + Approximately %80 of the functionality in the Java build has now been ported. + For the most part, the naming conventions of the .NET platform have been + adopted. The C# API is constantly kept uptodate with bug fixes and new test + cases from the Java build (and vice versa sometimes), thus benefitting from the + large user base and real-world use the Java version has seen.
+
+ Please consider.
+
+ The Bouncy Castle C# API is a library of transformations that when combined properly will enable + developers to create standard conforming cryptographic systems. In order to use this API you must have + some knowledge of how to build cryptographic systems, namely what transformations to use and the when, + where and why of their use. Developing good cryptographic systems takes practice and understanding.
+
+ There are many resources available online and in book shops; please use those to your advantage.
+
+
+

Notes:

+ +

Release 1.9.0, Sunday October 17, 2021

+ +
Defects Fixed
+
    +
  • Key sizes are now checked strictly in TwofishEngine.
    • +
  • Fixed bzip2 compression of empty contents.
    • +
  • Handle CRL with no NextUpdate properly during CertPath validation.
    • +
  • Skip marker packets when reading various PGP data.
    • +
  • Ignore PGP signatures with invalid version.
    • +
+
Additional Features and Functionality
+
    +
  • A new TLS API (Org.BouncyCastle.Tls) now replaces the old one (Org.BouncyCastle.Crypto.Tls), which + should be considered obsolete. The new API includes support for TLS 1.3.
    • +
  • Added support for Format Preserving Encryption.
    • +
  • Added support for ParallelHash and TupleHash.
    • +
  • Added support for the ARIA cipher.
    • +
+
Additional Notes
+
    +
  • + See the (cumulative) list of GitHub pull requests that we have accepted at + bcgit/bc-csharp. +
    • +
+ +

Release 1.8.10, Tuesday February 16, 2021

+ +
Defects Fixed
+
    +
  • Fixed CMS signature verification for RSASSA-PSS when signed attributes are not present.
    • +
  • The output size for SHAKE128 (SHAKE256) when used as a fixed-length digest is now 256 (512) bits (also applies to cSHAKE).
    • +
+
Additional Notes
+
    +
  • + See the (cumulative) list of GitHub pull requests that we have accepted at + bcgit/bc-csharp. +
    • +
+ +

Release 1.8.9, Tuesday December 8, 2020

+ +
Defects Fixed
+
    +
  • The TimeStampToken generator is now using PkcsObjectIdentifiers.IdAASigningCertificateV2 for the generating SigningCertificateV2.
    • +
+
Additional Features and Functionality
+
    +
  • Added cSHAKE digest and KMAC.
    • +
  • Added support for PKCS#5 Scheme 2 to Pkcs12Store.
    • +
  • Improved performance for GCM.
    • +
+
Additional Notes
+
    +
  • + See the (cumulative) list of GitHub pull requests that we have accepted at + bcgit/bc-csharp. +
    • +
+ +

Release 1.8.8, Monday September 21, 2020

+ +
Additional Features and Functionality
+
    +
  • Updated TimeStampTokenGenerator from bc-java.
    • +
  • Improved performance for constant-time modular inversion ("safegcd").
    • +
  • Improved performance for binary EC fields.
    • +
+
Additional Notes
+
    +
  • + See the (cumulative) list of GitHub pull requests that we have accepted at + bcgit/bc-csharp. +
    • +
+ +

Release 1.8.7, Thursday July 30, 2020

+ +
Defects Fixed
+
    +
  • ChaCha20Poly1305 could fail for large (>~2GB) files. This has been fixed.
    • +
  • EdDSA verifiers now reset correctly after rejecting overly long signatures.
    • +
  • DTLS: Fixed infinite loop on IO exceptions.
    • +
+
Additional Features and Functionality
+
    +
  • DTLS: Retransmission timers now properly apply to flights monolithically.
    • +
  • DTLS: Added support for an overall handshake timeout.
    • +
+
Additional Notes
+
    +
  • + See the (cumulative) list of GitHub pull requests that we have accepted at + bcgit/bc-csharp. +
    • +
+ +

Release 1.8.6, Friday February 21, 2020

+ +
Defects Fixed
+
    +
  • EdDSA verifiers now reject overly long signatures.
    • +
  • Fixed field reduction for custom secp128r1 curve.
    • +
  • ASN.1: Enforce no leading zeroes in OID branches (longer than 1 character).
    • +
+
Additional Features and Functionality
+
    +
  • TLS: BasicTlsPskIdentity now reusable (returns cloned array from GetPsk).
    • +
  • Improved performance for multiple ECDSA verifications using same public key.
    • +
  • Support has been added for ChaCha20-Poly1305 AEAD mode from RFC 7539.
    • +
  • PKCS12: Improved support for certificate-only key stores without password.
    • +
+
Additional Notes
+
    +
  • + See the (cumulative) list of GitHub pull requests that we have accepted at + bcgit/bc-csharp. +
    • +
+ +

Release 1.8.5, Thursday January 31, 2019

+ +
Additional Features and Functionality
+
    +
  • Support added for encoding and decoding of GOST3410-2012 keys
    • +
  • Basic support added for CMP (RFC 4210) and CRMF (RFC 4211), including the PKI archive control.
    • +
+
Additional Notes
+
    +
  • + See the (cumulative) list of GitHub pull requests that we have accepted at + bcgit/bc-csharp. +
    • +
+ +

Release 1.8.4, Saturday October 27, 2018

+ +
IMPORTANT
+
    +
  • + This is the final feature release with support for legacy .NET platforms. From 1.9.0 we will be targeting more + modern .NET frameworks (see https://github.com/bcgit/bc-csharp/pull/68) and updating our build and packaging systems. + The 1.8.x series will continue to receive bug fixes, but limited new functionality. +
    • +
+
Defects Fixed
+
    +
  • Rfc3211WrapEngine would not properly handle messages longer than 127 bytes. This has been fixed.
    • +
+
Additional Features and Functionality
+
    +
  • Restrictions on the output sizes of the Blake2b/s digests have been removed.
    • +
  • RFC 7748: Higher-level support for X25519 and X448 has been added.
    • +
  • RFC 8032: Higher-level support for Ed25519 and Ed448 has been added.
    • +
  • Implementation of the SM4 block cipher has been added.
    • +
  • Added support for Plain ECDSA (a.k.a CVC-ECDSA).
    • +
+
Additional Notes
+
    +
  • + See the (cumulative) list of GitHub pull requests that we have accepted at + bcgit/bc-csharp. +
    • +
+ +

Release 1.8.3, Saturday August 11, 2018

+ +
IMPORTANT
+
    +
  • + In this release, the TLS library has moved to a whitelisting approach for client-side validation of server-presented + Diffie-Hellman (DH) parameters. In the default configuration, if a ciphersuite using ephemeral DH is selected by the + server, the client will abort the handshake if the proposed DH group is not one of those specified in RFC 3526 or RFC 7919, + or if the DH prime is < 2048 bits. The client therefore no longer offers DH ciphersuites by default. See also the paper + "Prime and Prejudice: Primality Testing Under Adversarial Conditions". +
    • +
+ +
Additional Features and Functionality
+
    +
  • Further work has been done on improving SHA-3 performance.
    • +
  • EC key generation and signing now use cache-timing resistant table lookups.
    • +
  • RFC 7748: Added low-level implementations of X25519 and X448.
    • +
  • RFC 8032: Added low-level implementations of Ed25519 and Ed448.
    • +
+
Additional Notes
+
    +
  • + See the (cumulative) list of GitHub pull requests that we have accepted at + bcgit/bc-csharp. +
    • +
+ +

Release 1.8.2, Monday April 9, 2018

+ +
Security Advisory
+
    +
  • + Carry propagation bugs in the implementation of squaring for several raw math classes have been fixed (Org.BouncyCastle.Math.Raw.Nat???). + These classes are used by our custom elliptic curve implementations (Org.BouncyCastle.Math.Ec.Custom.**), so there was the possibility + of rare (in general usage) spurious calculations for elliptic curve scalar multiplications. Such errors would have been detected with + high probability by the output validation for our scalar multipliers. We consider these bugs to be exploitable for static ECDH with + long-term keys, per "Practical realisation and elimination of an ECC-related software bug attack", + Brumley et.al. +
    • +
+ +
IMPORTANT
+
    +
  • + This release brings our Poly1305 implementation into line wih RFC 7539, which breaks backward compatibility. The essential + difference from 1.8.1 is that the two halves of the 32-byte Poly1305 key have swapped places. If you have persisted Poly1305 + keys, or are interoperating with other Poly1305 implementations, you may need to account for this change when migrating to 1.8.2. +
    • +
+ +
Defects Fixed
+
    +
  • DTLS now supports records containing multiple handshake messages.
    • +
+
Additional Features and Functionality
+
    +
  • TLS: support for ClientHello Padding Extension (RFC 7685).
    • +
  • TLS: support for ECDH_anon key exchange.
    • +
  • BCrypt implementation added.
    • +
  • BLAKE2b and BLAKE2s implementations added.
    • +
  • GOST R 34.11-2012 implementation added.
    • +
  • DSTU-7564 message digest implementation added.
    • +
  • SM2 signatures, key exchange, and public key encryption implementations added.
    • +
+
Additional Notes
+
    +
  • + See the (cumulative) list of GitHub pull requests that we have accepted at + bcgit/bc-csharp. +
    • +
+ +

Release 1.8.1, Monday December 28, 2015

+ +
Security Advisory
+
    +
  • + (D)TLS 1.2: Motivated by CVE-2015-7575, we have added validation that + the signature algorithm received in DigitallySigned structures is actually one of those offered (in signature_algorithms extension + or CertificateRequest). With our default TLS configuration, we do not believe there is an exploitable vulnerability in any earlier + releases. Users that are customizing the signature_algorithms extension, or running a server supporting client authentication, are + advised to double-check that they are not offering any signature algorithms involving MD5. +
    • +
+
Additional Features and Functionality
+
    +
  • Added support for ASN.1 GraphicString and VideotexString types.
    • +
  • + Problems with DTLS record-layer version handling were resolved via BJA-584, + making version negotiation work properly. +
    • +
+
Additional Notes
+ + +

Release 1.8.0, Sunday November 22, 2015

+ +
IMPORTANT
+
    +
  • The Serpent cipher as of 1.8.0 is incompatible with the behaviour of Serpent in earlier releases; it has been + modified to conform to the standard byte-order interpretation for blocks (and keys). The previous behaviour is + available from 1.8.0 as the "Tnepres" cipher. See BMA-52 + for more information if this may affect you.
    • +
+ +
Additional Features and Functionality
+
    +
  • IV only re-initialisation is supported by using null as the key parameter when creating a ParametersWithIV object.
    • +
  • CMS Enveloped and AuthenticatedData now support OriginatorInfo.
    • +
  • Support for ECDSA_fixed_ECDH authentication has been added to the TLS client.
    • +
  • Support for the Features signature sub-packet has been added to the PGP API.
    • +
  • Classes involved in CRL manipulation have been rewritten to reduce memory requirements for handling and parsing extremely large CRLs.
    • +
  • An implementation of Password Authenticated Key Exchange by Juggling (J-PAKE) has been added.
    • +
  • Support has been added for SHA-512/224, SHA-512/256, as well as a general SHA-512/t in the lightweight API.
    • +
  • The TSP API now supports generation of certIDs based on digests other than SHA-1.
    • +
  • OCSP responses can now be included in CMS SignedData objects.
    • +
  • The SipHash MAC algorithm has been added.
    • +
  • DRBGs from NIST SP 800-90A (DualEC excluded) have been added to the Crypto.Prng namespace together with SecureRandom builders.
    • +
  • Support has been added for OCB mode.
    • +
  • DSA version 2 parameter and key generation is now supported.
    • +
  • A new interface IMemoable has been added for objects that can copy in and out their state. The digest classes now support this. + A special class NonMemoableDigest has been added which hides the IMemoable interface where it should not be available.
    • +
  • TDEA is now recognised as an alias for DESede.
    • +
  • Support has been added for NIST SP 800-38D - GMAC to AES and other 128 bit block size algorithms.
    • +
  • The TLS API now supports TLS/DTLS 1.2 for both client and server
    • +
  • Full support is now provided for client-side auth in the D/TLS server code.
    • +
  • TLS: server-side support for DHE key exchange.
    • +
  • TLS: server-side support for PSK and SRP ciphersuites.
    • +
  • TLS: (EC)DSA now supports signatures with non-SHA1 digests.
    • +
  • TLS: support for ECDHE_ECDSA/AES/CCM ciphersuites from RFC 7251.
    • +
  • The TLS/DTLS code now includes a non-blocking API.
    • +
  • RFC 6637 ECDSA and ECDH support has been added to the OpenPGP API.
    • +
  • Implementations of Threefish and Skein have been added.
    • +
  • Implementation of the SM3 digest has been added.
    • +
  • Implementations of XSalsa20 and ChaCha have been added. Support for reduced round Salsa20 has been added.
    • +
  • Support has been added for RFC 6979 Deterministic DSA/ECDSA.
    • +
  • Support for the Poly1305 MAC has been added.
    • +
  • GCM and GMAC now support tag lengths down to 32 bits.
    • +
  • Custom implementations for many of the NIST and SEC elliptic curves have been added, resulting in drastically improved performance. They + can be accessed via the Crypto.EC.CustomNamedCurves class and are generally selected by other internal APIs in place of the generic implementations.
    • +
  • Automatic EC point validation added, both for decoded inputs and multiplier outputs.
    • +
  • Support has been added for X9.31-1998 DRBG.
    • +
  • Support has been added for the SHA3 family of digests, including SHAKE128 and SHAKE256. + An implementation of the draft standard has been added as 'Keccak'.
    • +
  • The ASN.1 parser for ECGOST private keys will now parse keys encoded with a private value represented as an ASN.1 INTEGER.
    • +
  • SubjectPublicKeyInfoFactory now supports DSA parameters.
    • +
  • Improved performance of BigInteger.ModPow and random prime generation.
    • +
  • SecureRandom instances now seeded by RNGCryptoServiceProvider (where available).
    • +
  • An initial port of the Java "operators" mechanism has been introduced to support overriding of cryptographic primitives + in high-level APIs e.g. for signing using an external provider.
    • +
+
Additional Notes
+ + +

Release 1.7, Thursday April 7, 2011

+
Additional Features and Functionality
+
    +
  • TLS now supports client authentication.
    • +
  • TLS now supports compression.
    • +
  • TLS now supports ECC cipher suites (RFC 4492).
    • +
  • Library can now be built for Silverlight (2.0 and above).
    • +
  • ASN.1 classes for CRMF (RFC 4211) and CMP (RFC 4210) have been added.
    • +
  • Further performance improvements to GCM mode.
    • +
  • BufferedBlockCipher will now always reset after a DoFinal().
    • +
  • An IV can now be passed to an Iso9797Alg3Mac
    • +
+
Additional Notes
+ +

Release 1.6.1, Monday February 8, 2010

+
    +
  • A point release to rectify some problems with the released assembly of 1.6 version.
    • +
+

Release 1.6, Thursday February 4, 2010

+
Defects Fixed
+
    +
  • X509DefaultEntryConverter was not recognising telephone number as a PrintableString field. This has been fixed.
    • +
  • OpenPGP now supports UTF-8 in file names for literal data.
    • +
+
Security Advisory
+
    +
  • This version has been specifically reviewed to eliminate possible timing attacks on algorithms such as GCM and CCM mode.
    • +
+
Additional Features and Functionality
+
    +
  • Support for PSS signatures has been added to CMS.
    • +
  • SubjectKeyIdentifier now supports both methods specified in RFC 3280, section 4.2.1.2 for generating the identifier.
    • +
  • Performance of GCM mode has been greatly improved (on average 10x).
    • +
  • Support for mac lengths of 96, 104, 112, and 120 bits has been added to existing support for 128 bits in GCMBlockCipher.
    • +
  • Support for raw signatures has been extended to RSA, RSA-PSS and ECDSA. RSA support can be used in CmsSignedDataStreamGenerator to support signatures without signed attributes.
    • +
  • Support for EC MQV has been added to the light weight API and the CMS library.
    • +
+
Additional Notes
+ +

Release 1.5, Tuesday August 18, 2009

+
Defects Fixed
+
    +
  • Correct the ASN.1 class for AuthorityInformationAccess.
    • +
  • In the Bcpg libs, armored output now inserts the correct version string.
    • +
  • EssCertIDv2 encoding now complies with RFC 5035.
    • +
  • ECDSA now computes correct signatures for oversized hashes when the order of the base point is not a multiple of 8 in compliance with X9.62-2005.
    • +
  • Standard name "DiffieHellman" is now supported in factory classes.
    • +
  • Better support for equality tests for '#' encoded entries has been added to X509Name.
    • +
  • '=' inside a X509Name was not being properly escaped. This has been fixed.
    • +
  • ApplicationSpecific ASN.1 tags are now recognised in BER data. The GetObject() method now handles processing of arbitrary tags.
    • +
  • Multiplication by negative powers of two is fixed in BigInteger.
    • +
  • Multiple countersignature attributes are now correctly collected.
    • +
  • Two bugs in HC-128 and HC-256 related to sign extension and byte swapping have been fixed. The implementations now pass the latest ecrypt vector tests.
    • +
+
Security Advisory
+
    +
  • The effect of the sign extension bug was to decrease the key space the HC-128 and HC-256 ciphers were operating in and the byte swapping inverted every 32 bits of the generated stream. If you are using either HC-128 or HC-256 you must upgrade to this release.
    • +
+
Additional Features and Functionality
+
    +
  • PKIX certificate path validation
    • +
  • Accept duplicate PKCS#9 FriendlyName attributes in PKCS#12 keystore.
    • +
  • Add support for PKCS#5 Scheme 2 keys.
    • +
  • Camellia performance improved.
    • +
  • A smaller version of Camellia, CamelliaLightEngine has also been added.
    • +
  • CmsSignedData generation now supports SubjectKeyIdentifier as well as use of issuer/serial.
    • +
  • A CMS PBE key holder for UTF8 keys has been added to the CMS API.
    • +
  • Salt and iteration count can now be recovered from PasswordRecipientInformation.
    • +
  • Support for reading and extracting personalised certificates in PGP Secret Key rings has been added.
    • +
  • Support for EAC algorithms has been added to CMS.
    • +
  • Asn1Dump now supports a verbose mode for displaying the contents of octet and bit strings.
    • +
  • Support for the SRP-6a protocol has been added.
    • +
+
Additional Notes
+ +

Release 1.4, Thursday August 8, 2008

+
Defects Fixed
+
    +
  • The GeneralName string constructor now supports IPv4 and IPv6 address parsing.
    • +
  • EAX mode was not handling non-zero offsetted data correctly and failing. This has been fixed.
    • +
  • EAX mode ciphers were not resetting correctly after a DoFinal/Reset. This has been fixed.
    • +
  • Some boolean parameters to IssuingDistributionPoint were being reversed. This has been fixed.
  • A zero length RDN would cause an exception in an X509Name. This has been fixed.
    • +
  • Specifying a greater than 32bit length for a stream and relying on the default BcpgOutputStream resulted in corrupted data. This has been fixed.
    • +
  • Pkcs7Padding validation would not fail if pad length was 0. This has been fixed.
    • +
  • Signature creation time was not being properly initialised in new V4 PGP signature objects although the encoding was correct. This has been fixed.
    • +
  • The '+' character can now be escaped or quoted in the constructor for X509Name.
    • +
  • IV handling in CMS for SEED and Camellia was incorrect. This has been fixed.
    • +
  • ASN.1 stream parser now throws exceptions for unterminated sequences.
    • +
  • X509CertificateParser/X509CrlParser now handle multiple certificates/CRLs in streams that don't support seeking.
    • +
  • The CertID class used by the TSP library was incomplete. This has been fixed
    • +
  • \# is now properly recognised in the X509Name class.
    • +
  • BigInteger.ModInverse was failing for negative values. This has been fixed.
    • +
  • CMS API now supports RSASSA-PSS signatures with explicit salt length.
    • +
+
Additional Features and Functionality
+
    +
  • ASN.1 libs now support high tag numbers.
    • +
  • Galois/Counter Mode (GCM) has been added.
    • +
  • The TSP API now supports parsing and validation of responses with V2 signing certificate entries.
    • +
  • Unnecessary local ID attributes on certificates in PKCS12 files are now automatically removed.
    • +
  • New Pkcs12StoreBuilder class supports generation of PKCS12 files with both certificates and keys protected by 3DES.
    • +
  • Certifications associated with user attributes can now be created, verified and removed in OpenPGP.
    • +
  • API support now exists for CMS countersignature reading and production.
    • +
  • A new class LazyAsn1InputStream supports lazy evaluation of DER sequences and sets, considerably reducing memory requirements in some scenarios.
    • +
  • KeyPurposeId class has been updated for RFC 4945.
    • +
  • Initial support has been added for HP_CERTIFICATE_REQUEST in the TLS API.
    • +
  • PGP example programs now handle blank names in literal data objects.
    • +
  • The ProofOfPossession class now better supports the underlying ASN.1 structure.
    • +
+
Additional Notes
+
    +
  • Due to problems for some users caused by the presence of the IDEA algorithm, an implementation is no +longer included in the default assembly. Only the assembly named BouncyCastle.CryptoExt now includes IDEA.
    • +
  • See also the list of resolved issues at + +Bouncy Castle JIRA C# 1.4
    • +
+

Release 1.3, Saturday December 8, 2007

+

+ ASN.1 stream parsing now handles definite length encodings efficiently.
+ Buffering in the streaming CMS has been reworked. Throughput is now usually higher and the behaviour is more predictable.
+ BcpgInputStream now handles data blocks in the 2**31->2**32-1 range.
+ Some confusion over the parameters J and L in connection with Diffie-Hellman has been resolved.
+ Added CryptoApiRandomGenerator, a wrapper for RNGCryptoServiceProvider.
+ Added VMPC stream cipher, VMPCMAC and a VMPC-based implementation of IRandomGenerator.
+ Added support in OpenPGP for fetching keyrings by case-insensitive user ID [#BMA-8].
+ Fixed a vulnerability of CMS signatures that do not use signed attributes (Bleichenbacher RSA forgery).
+ Fixed a bug causing second and later encrypted objects to be ignored in KeyBasedFileProcessor example.
+ Fixed case-sensitivity issue with deletion from a PKCS#12 file.
+ Fixed problem overwriting entities in a PKCS#12 file.
+ Fixed PgpUtilities.MakeKeyFromPassPhrase for 8-bit characters [#BMA-13].
+ Fixed duplicate certificate problem in Pkcs12Store.Save [#BMA-12].
+ Fixed NAnt build under Mono [#BMA-10].
+ Fixed BigInteger.ModPow for negative exponents [#BMA-7].
+

+

Release 1.2, Thursday July 5, 2007

+

+ Source now builds on .NET Compact Framework 1.0 (compilation flag NETCF_1_0).
+ Release assembly now signed with a strong name.
+ Added CCM and EAX block cipher modes.
+ Added Noekeon block cipher.
+ Added HC-128, HC-256, and ISAAC stream ciphers.
+ Added RIPEMD160withECDSA signature algorithm.
+ Added support for notation data signature subpackets to OpenPGP.
+ Added support for parsing of experimental signatures to OpenPGP.
+ Added the complete set of SEC-2 EC curves.
+ Added support for implicit tagging to DerApplicationSpecific.
+ Added remaining ASN.1 structures from RFC 3126 to Asn1.Esf namespace.
+ Performance of ECDSA improved.
+ Performance of ASN.1 stream parsing improved.
+ Fixed default private key length for Diffie-Hellman parameters.
+ Fixed DerT61String to correctly support 8-bit characters.
+ Fixed duplicate attribute problem in Pkcs12Store.Save.
+ Fixed a problem writing public keys in OpenPGP [#BMA-5].
+

+

Release 1.1, Friday May 4, 2007

+

+ Added support for writing DSA private keys, and more encodings, in OpenSsl + (PemReader/PemWriter).
+ Removed SharpZipLib dependency.
+ Added RSA blinded signature classes.
+ Added Asn1.IsisMtt namespace (ISIS-MTT ASN.1 classes).
+ Added SEED block cipher engine.
+ Added Salsa20 stream cipher engine.
+ Performance optimisations for F2m elliptic curves.
+ Fixed OpenPGP bug decrypting files with multiple types of encryption on the + session key.
+

+

Release 1.0, Thursday January 18, + 2007

+

+ Implementations of CMS, OCSP, OpenPGP, and TSP.
+ Elliptic Curves (F2m and Fp).
+ A basic TLS client.
+ PEM file reading and writing.
+ Symmetric key algorithms: Camellia, GOST28147, NaccacheStern, and TEA/XTEA.
+ Symmetric key modes: GOFB and OpenPGPCFB.
+ Symmetric key paddings: ISO7816d4.
+ Asymmetric key algorithms: RSA blinding.
+ Digests: GOST3411 and Whirlpool.
+ Macs: GOST28147 and ISO9797 Alg 3.
+ Signer mechanisms: ECDSA, ECGOST3410, and GOST3410.
+ ...and many more features, bug fixes, and performance improvements.
+

+

Tuesday Febuary 1, 2005

+

This is the second beta release of the Bouncy Castle API C# implementation.
+ Reliability improvement to ASN1InputStream.
+ The OID entries in SignerUtilities for RSA signature algorithms for SHA-256,
+ SHA-384, and SHA-512 were pointing creating the wrong signature objects.

+

Sunday December 12, 2004

+ This is the first beta release of the Bouncy Castle Cryptographic API C# + implementation.
+ The Legion of the Bouncy Castle would like to extend their thanks to all those + who contributed to this API during the alpha stages of its development.
+ Keep up the good work folks.
+ Please send any questions or bug reports to + dev-crypto-csharp@bouncycastle.org
+
+
+

Trademarks.
+

+ C#, .NET, and MSDN are Registered Trademarks of Microsoft. + Microsoft.com
+ Java is a Registered Trademark of Sun Microsystems. Sun + Microsystems
+
+
+
2007 Legion of the Bouncy Castle
+
+ + diff --git a/BouncyCastle/crypto/bzip2/src/BZip2Constants.cs b/BouncyCastle/crypto/bzip2/src/BZip2Constants.cs new file mode 100644 index 0000000..4a5442d --- /dev/null +++ b/BouncyCastle/crypto/bzip2/src/BZip2Constants.cs @@ -0,0 +1,103 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one or more + * contributor license agreements. See the NOTICE file distributed with + * this work for additional information regarding copyright ownership. + * The ASF licenses this file to You under the Apache License, Version 2.0 + * (the "License"); you may not use this file except in compliance with + * the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + */ + +/* + * This package is based on the work done by Keiron Liddle, Aftex Software + * to whom the Ant project is very grateful for his + * great code. + */ + +using System; + +namespace Org.BouncyCastle.Apache.Bzip2 +{ + /** + * Base class for both the compress and decompress classes. + * Holds common arrays, and static data. + * + * @author Keiron Liddle + */ + public class BZip2Constants { + + public const int baseBlockSize = 100000; + public const int MAX_ALPHA_SIZE = 258; + public const int MAX_CODE_LEN = 23; + public const int RUNA = 0; + public const int RUNB = 1; + public const int N_GROUPS = 6; + public const int G_SIZE = 50; + public const int N_ITERS = 4; + public const int MAX_SELECTORS = (2 + (900000 / G_SIZE)); + public const int NUM_OVERSHOOT_BYTES = 20; + + public static readonly int[] rNums = { + 619, 720, 127, 481, 931, 816, 813, 233, 566, 247, + 985, 724, 205, 454, 863, 491, 741, 242, 949, 214, + 733, 859, 335, 708, 621, 574, 73, 654, 730, 472, + 419, 436, 278, 496, 867, 210, 399, 680, 480, 51, + 878, 465, 811, 169, 869, 675, 611, 697, 867, 561, + 862, 687, 507, 283, 482, 129, 807, 591, 733, 623, + 150, 238, 59, 379, 684, 877, 625, 169, 643, 105, + 170, 607, 520, 932, 727, 476, 693, 425, 174, 647, + 73, 122, 335, 530, 442, 853, 695, 249, 445, 515, + 909, 545, 703, 919, 874, 474, 882, 500, 594, 612, + 641, 801, 220, 162, 819, 984, 589, 513, 495, 799, + 161, 604, 958, 533, 221, 400, 386, 867, 600, 782, + 382, 596, 414, 171, 516, 375, 682, 485, 911, 276, + 98, 553, 163, 354, 666, 933, 424, 341, 533, 870, + 227, 730, 475, 186, 263, 647, 537, 686, 600, 224, + 469, 68, 770, 919, 190, 373, 294, 822, 808, 206, + 184, 943, 795, 384, 383, 461, 404, 758, 839, 887, + 715, 67, 618, 276, 204, 918, 873, 777, 604, 560, + 951, 160, 578, 722, 79, 804, 96, 409, 713, 940, + 652, 934, 970, 447, 318, 353, 859, 672, 112, 785, + 645, 863, 803, 350, 139, 93, 354, 99, 820, 908, + 609, 772, 154, 274, 580, 184, 79, 626, 630, 742, + 653, 282, 762, 623, 680, 81, 927, 626, 789, 125, + 411, 521, 938, 300, 821, 78, 343, 175, 128, 250, + 170, 774, 972, 275, 999, 639, 495, 78, 352, 126, + 857, 956, 358, 619, 580, 124, 737, 594, 701, 612, + 669, 112, 134, 694, 363, 992, 809, 743, 168, 974, + 944, 375, 748, 52, 600, 747, 642, 182, 862, 81, + 344, 805, 988, 739, 511, 655, 814, 334, 249, 515, + 897, 955, 664, 981, 649, 113, 974, 459, 893, 228, + 433, 837, 553, 268, 926, 240, 102, 654, 459, 51, + 686, 754, 806, 760, 493, 403, 415, 394, 687, 700, + 946, 670, 656, 610, 738, 392, 760, 799, 887, 653, + 978, 321, 576, 617, 626, 502, 894, 679, 243, 440, + 680, 879, 194, 572, 640, 724, 926, 56, 204, 700, + 707, 151, 457, 449, 797, 195, 791, 558, 945, 679, + 297, 59, 87, 824, 713, 663, 412, 693, 342, 606, + 134, 108, 571, 364, 631, 212, 174, 643, 304, 329, + 343, 97, 430, 751, 497, 314, 983, 374, 822, 928, + 140, 206, 73, 263, 980, 736, 876, 478, 430, 305, + 170, 514, 364, 692, 829, 82, 855, 953, 676, 246, + 369, 970, 294, 750, 807, 827, 150, 790, 288, 923, + 804, 378, 215, 828, 592, 281, 565, 555, 710, 82, + 896, 831, 547, 261, 524, 462, 293, 465, 502, 56, + 661, 821, 976, 991, 658, 869, 905, 758, 745, 193, + 768, 550, 608, 933, 378, 286, 215, 979, 792, 961, + 61, 688, 793, 644, 986, 403, 106, 366, 905, 644, + 372, 567, 466, 434, 645, 210, 389, 550, 919, 135, + 780, 773, 635, 389, 707, 100, 626, 958, 165, 504, + 920, 176, 193, 713, 857, 265, 203, 50, 668, 108, + 645, 990, 626, 197, 510, 357, 358, 850, 858, 364, + 936, 638 + }; + } +} \ No newline at end of file diff --git a/BouncyCastle/crypto/bzip2/src/CBZip2InputStream.cs b/BouncyCastle/crypto/bzip2/src/CBZip2InputStream.cs new file mode 100644 index 0000000..82f397d --- /dev/null +++ b/BouncyCastle/crypto/bzip2/src/CBZip2InputStream.cs @@ -0,0 +1,972 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one or more + * contributor license agreements. See the NOTICE file distributed with + * this work for additional information regarding copyright ownership. + * The ASF licenses this file to You under the Apache License, Version 2.0 + * (the "License"); you may not use this file except in compliance with + * the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + */ + +/* + * This package is based on the work done by Keiron Liddle, Aftex Software + * to whom the Ant project is very grateful for his + * great code. + */ + +using System; +using System.IO; + +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Apache.Bzip2 +{ + /** + * An input stream that decompresses from the BZip2 format (with the file + * header chars) to be read as any other stream. + * + * @author Keiron Liddle + * + * NB: note this class has been modified to read the leading BZ from the + * start of the BZIP2 stream to make it compatible with other PGP programs. + */ + public class CBZip2InputStream : Stream + { + private static void Cadvise() { + //System.out.Println("CRC Error"); + //throw new CCoruptionError(); + } + +// private static void BadBGLengths() { +// Cadvise(); +// } +// +// private static void BitStreamEOF() { +// Cadvise(); +// } + + private static void CompressedStreamEOF() { + Cadvise(); + } + + private void MakeMaps() + { + nInUse = 0; + for (int i = 0; i < 256; i++) + { + if (inUse[i]) + { + seqToUnseq[nInUse] = (char)i; + unseqToSeq[i] = (char)nInUse; + nInUse++; + } + } + } + + /* + index of the last char in the block, so + the block size == last + 1. + */ + private int last; + + /* + index in zptr[] of original string after sorting. + */ + private int origPtr; + + /* + always: in the range 0 .. 9. + The current block size is 100000 * this number. + */ + private int blockSize100k; + + private bool blockRandomised; + + private int bsBuff; + private int bsLive; + private CRC mCrc = new CRC(); + + private bool[] inUse = new bool[256]; + private int nInUse; + + private char[] seqToUnseq = new char[256]; + private char[] unseqToSeq = new char[256]; + + private char[] selector = new char[BZip2Constants.MAX_SELECTORS]; + private char[] selectorMtf = new char[BZip2Constants.MAX_SELECTORS]; + + private int[] tt; + private char[] ll8; + + /* + freq table collected to save a pass over the data + during decompression. + */ + private int[] unzftab = new int[256]; + + private int[][] limit = InitIntArray(BZip2Constants.N_GROUPS, BZip2Constants.MAX_ALPHA_SIZE); + private int[][] basev = InitIntArray(BZip2Constants.N_GROUPS, BZip2Constants.MAX_ALPHA_SIZE); + private int[][] perm = InitIntArray(BZip2Constants.N_GROUPS, BZip2Constants.MAX_ALPHA_SIZE); + private int[] minLens = new int[BZip2Constants.N_GROUPS]; + + private Stream bsStream; + + private bool streamEnd = false; + + private int currentChar = -1; + + private const int START_BLOCK_STATE = 1; + private const int RAND_PART_A_STATE = 2; + private const int RAND_PART_B_STATE = 3; + private const int RAND_PART_C_STATE = 4; + private const int NO_RAND_PART_A_STATE = 5; + private const int NO_RAND_PART_B_STATE = 6; + private const int NO_RAND_PART_C_STATE = 7; + + private int currentState = START_BLOCK_STATE; + + private int storedBlockCRC, storedCombinedCRC; + private int computedBlockCRC, computedCombinedCRC; + + int i2, count, chPrev, ch2; + int i, tPos; + int rNToGo = 0; + int rTPos = 0; + int j2; + char z; + + public CBZip2InputStream(Stream zStream) { + ll8 = null; + tt = null; + BsSetStream(zStream); + Initialize(); + InitBlock(); + SetupBlock(); + } + + internal static int[][] InitIntArray(int n1, int n2) + { + int[][] a = new int[n1][]; + for (int k = 0; k < n1; ++k) + { + a[k] = new int[n2]; + } + return a; + } + + internal static byte[][] InitByteArray(int n1, int n2) + { + byte[][] a = new byte[n1][]; + for (int k = 0; k < n1; ++k) + { + a[k] = new byte[n2]; + } + return a; + } + + public override int ReadByte() + { + if (streamEnd) + return -1; + + int retChar = currentChar; + switch (currentState) + { + case START_BLOCK_STATE: + break; + case RAND_PART_A_STATE: + break; + case RAND_PART_B_STATE: + SetupRandPartB(); + break; + case RAND_PART_C_STATE: + SetupRandPartC(); + break; + case NO_RAND_PART_A_STATE: + break; + case NO_RAND_PART_B_STATE: + SetupNoRandPartB(); + break; + case NO_RAND_PART_C_STATE: + SetupNoRandPartC(); + break; + default: + break; + } + return retChar; + } + + private void Initialize() { + char magic3, magic4; + magic3 = BsGetUChar(); + magic4 = BsGetUChar(); + if (magic3 != 'B' && magic4 != 'Z') + { + throw new IOException("Not a BZIP2 marked stream"); + } + magic3 = BsGetUChar(); + magic4 = BsGetUChar(); + if (magic3 != 'h' || magic4 < '1' || magic4 > '9') { + BsFinishedWithStream(); + streamEnd = true; + return; + } + + SetDecompressStructureSizes(magic4 - '0'); + computedCombinedCRC = 0; + } + + private void InitBlock() { + char magic1, magic2, magic3, magic4; + char magic5, magic6; + magic1 = BsGetUChar(); + magic2 = BsGetUChar(); + magic3 = BsGetUChar(); + magic4 = BsGetUChar(); + magic5 = BsGetUChar(); + magic6 = BsGetUChar(); + if (magic1 == 0x17 && magic2 == 0x72 && magic3 == 0x45 + && magic4 == 0x38 && magic5 == 0x50 && magic6 == 0x90) { + Complete(); + return; + } + + if (magic1 != 0x31 || magic2 != 0x41 || magic3 != 0x59 + || magic4 != 0x26 || magic5 != 0x53 || magic6 != 0x59) { + BadBlockHeader(); + streamEnd = true; + return; + } + + storedBlockCRC = BsGetInt32(); + + blockRandomised = BsR(1) == 1; + + GetAndMoveToFrontDecode(); + + mCrc.InitialiseCRC(); + currentState = START_BLOCK_STATE; + } + + private void EndBlock() + { + computedBlockCRC = mCrc.GetFinalCRC(); + /* A bad CRC is considered a fatal error. */ + if (storedBlockCRC != computedBlockCRC) + { + CrcError(); + } + + computedCombinedCRC = Integers.RotateLeft(computedCombinedCRC, 1) ^ computedBlockCRC; + } + + private void Complete() { + storedCombinedCRC = BsGetInt32(); + if (storedCombinedCRC != computedCombinedCRC) { + CrcError(); + } + + BsFinishedWithStream(); + streamEnd = true; + } + + private static void BlockOverrun() { + Cadvise(); + } + + private static void BadBlockHeader() { + Cadvise(); + } + + private static void CrcError() { + Cadvise(); + } + + private void BsFinishedWithStream() { + try { + if (this.bsStream != null) { + Platform.Dispose(this.bsStream); + this.bsStream = null; + } + } catch { + //ignore + } + } + + private void BsSetStream(Stream f) { + bsStream = f; + bsLive = 0; + bsBuff = 0; + } + + private int BsR(int n) { + int v; + while (bsLive < n) { + int zzi; + char thech = '\0'; + try { + thech = (char)bsStream.ReadByte(); + } catch (IOException) { + CompressedStreamEOF(); + } + if (thech == '\uffff') { + CompressedStreamEOF(); + } + zzi = thech; + bsBuff = (bsBuff << 8) | (zzi & 0xff); + bsLive += 8; + } + + v = (bsBuff >> (bsLive - n)) & ((1 << n) - 1); + bsLive -= n; + return v; + } + + private char BsGetUChar() + { + return (char)BsR(8); + } + + private int BsGetint() + { + //int u = 0; + //u = (u << 8) | BsR(8); + //u = (u << 8) | BsR(8); + //u = (u << 8) | BsR(8); + //u = (u << 8) | BsR(8); + //return u; + int u = BsR(16) << 16; + return u | BsR(16); + } + + private int BsGetIntVS(int numBits) + { + return BsR(numBits); + } + + private int BsGetInt32() + { + return BsGetint(); + } + + private void HbCreateDecodeTables(int[] limit, int[] basev, int[] perm, byte[] length, int minLen, int maxLen, + int alphaSize) + { + int i, j, vec; + + int pp = 0; + for (i = minLen; i <= maxLen; i++) { + for (j = 0; j < alphaSize; j++) { + if (length[j] == i) { + perm[pp] = j; + pp++; + } + } + } + + for (i = 0; i < BZip2Constants.MAX_CODE_LEN; i++) { + basev[i] = 0; + } + for (i = 0; i < alphaSize; i++) { + basev[length[i] + 1]++; + } + + for (i = 1; i < BZip2Constants.MAX_CODE_LEN; i++) { + basev[i] += basev[i - 1]; + } + + for (i = 0; i < BZip2Constants.MAX_CODE_LEN; i++) { + limit[i] = 0; + } + vec = 0; + + for (i = minLen; i <= maxLen; i++) { + vec += (basev[i + 1] - basev[i]); + limit[i] = vec - 1; + vec <<= 1; + } + for (i = minLen + 1; i <= maxLen; i++) { + basev[i] = ((limit[i - 1] + 1) << 1) - basev[i]; + } + } + + private void RecvDecodingTables() + { + byte[][] len = InitByteArray(BZip2Constants.N_GROUPS, BZip2Constants.MAX_ALPHA_SIZE); + int i, j, t, nGroups, nSelectors, alphaSize; + int minLen, maxLen; + bool[] inUse16 = new bool[16]; + + /* Receive the mapping table */ + for (i = 0; i < 16; i++) + { + inUse16[i] = BsR(1) == 1; + } + + for (i = 0; i < 16; i++) + { + int i16 = i * 16; + if (inUse16[i]) + { + for (j = 0; j < 16; j++) + { + inUse[i16 + j] = BsR(1) == 1; + } + } + else + { + for (j = 0; j < 16; j++) + { + inUse[i16 + j] = false; + } + } + } + + MakeMaps(); + alphaSize = nInUse + 2; + + /* Now the selectors */ + nGroups = BsR(3); + nSelectors = BsR(15); + for (i = 0; i < nSelectors; i++) { + j = 0; + while (BsR(1) == 1) { + j++; + } + selectorMtf[i] = (char)j; + } + + /* Undo the MTF values for the selectors. */ + { + char[] pos = new char[BZip2Constants.N_GROUPS]; + char tmp, v; + for (v = '\0'; v < nGroups; v++) { + pos[v] = v; + } + + for (i = 0; i < nSelectors; i++) { + v = selectorMtf[i]; + tmp = pos[v]; + while (v > 0) { + pos[v] = pos[v - 1]; + v--; + } + pos[0] = tmp; + selector[i] = tmp; + } + } + + /* Now the coding tables */ + for (t = 0; t < nGroups; t++) + { + byte[] len_t = len[t]; + int curr = BsR(5); + for (i = 0; i < alphaSize; i++) + { + while (BsR(1) == 1) + { + if (BsR(1) == 0) + { + curr++; + } + else + { + curr--; + } + } + len_t[i] = (byte)curr; + } + } + + /* Create the Huffman decoding tables */ + for (t = 0; t < nGroups; t++) + { + minLen = 32; + maxLen = 0; + byte[] len_t = len[t]; + for (i = 0; i < alphaSize; i++) + { + int lti = len_t[i]; + if (lti > maxLen) + { + maxLen = lti; + } + if (lti < minLen) + { + minLen = lti; + } + } + HbCreateDecodeTables(limit[t], basev[t], perm[t], len_t, minLen, maxLen, alphaSize); + minLens[t] = minLen; + } + } + + private void GetAndMoveToFrontDecode() + { + char[] yy = new char[256]; + int i, j, nextSym, limitLast; + int EOB, groupNo, groupPos; + + limitLast = BZip2Constants.baseBlockSize * blockSize100k; + origPtr = BsGetIntVS(24); + + RecvDecodingTables(); + EOB = nInUse + 1; + groupNo = -1; + groupPos = 0; + + /* + Setting up the unzftab entries here is not strictly + necessary, but it does save having to do it later + in a separate pass, and so saves a block's worth of + cache misses. + */ + for (i = 0; i <= 255; i++) + { + unzftab[i] = 0; + } + + for (i = 0; i <= 255; i++) + { + yy[i] = (char)i; + } + + last = -1; + + { + int zt, zn, zvec, zj; + if (groupPos == 0) + { + groupNo++; + groupPos = BZip2Constants.G_SIZE; + } + groupPos--; + zt = selector[groupNo]; + zn = minLens[zt]; + zvec = BsR(zn); + while (zvec > limit[zt][zn]) + { + zn++; + { + { + while (bsLive < 1) + { + int zzi; + char thech = '\0'; + try + { + thech = (char)bsStream.ReadByte(); + } + catch (IOException) + { + CompressedStreamEOF(); + } + if (thech == '\uffff') + { + CompressedStreamEOF(); + } + zzi = thech; + bsBuff = (bsBuff << 8) | (zzi & 0xff); + bsLive += 8; + } + } + zj = (bsBuff >> (bsLive - 1)) & 1; + bsLive--; + } + zvec = (zvec << 1) | zj; + } + nextSym = perm[zt][zvec - basev[zt][zn]]; + } + + while (nextSym != EOB) + { + if (nextSym == BZip2Constants.RUNA || nextSym == BZip2Constants.RUNB) + { + char ch; + int s = -1; + int N = 1; + do + { + if (nextSym == BZip2Constants.RUNA) + { + s += (0 + 1) * N; + } + else if (nextSym == BZip2Constants.RUNB) + { + s += (1 + 1) * N; + } + N = N * 2; + { + int zt, zn, zvec, zj; + if (groupPos == 0) + { + groupNo++; + groupPos = BZip2Constants.G_SIZE; + } + groupPos--; + zt = selector[groupNo]; + zn = minLens[zt]; + zvec = BsR(zn); + while (zvec > limit[zt][zn]) + { + zn++; + { + { + while (bsLive < 1) + { + int zzi; + char thech = '\0'; + try + { + thech = (char)bsStream.ReadByte(); + } + catch (IOException) + { + CompressedStreamEOF(); + } + if (thech == '\uffff') + { + CompressedStreamEOF(); + } + zzi = thech; + bsBuff = (bsBuff << 8) | (zzi & 0xff); + bsLive += 8; + } + } + zj = (bsBuff >> (bsLive - 1)) & 1; + bsLive--; + } + zvec = (zvec << 1) | zj; + } + nextSym = perm[zt][zvec - basev[zt][zn]]; + } + } + while (nextSym == BZip2Constants.RUNA || nextSym == BZip2Constants.RUNB); + + s++; + ch = seqToUnseq[yy[0]]; + unzftab[ch] += s; + + while (s > 0) + { + last++; + ll8[last] = ch; + s--; + } + + if (last >= limitLast) + { + BlockOverrun(); + } + continue; + } + else + { + if (++last >= limitLast) + { + BlockOverrun(); + } + + char tmp = yy[nextSym - 1]; + unzftab[seqToUnseq[tmp]]++; + ll8[last] = seqToUnseq[tmp]; + + /* + * This loop is hammered during decompression, hence avoid + * native method call overhead of Array.Copy for very + * small ranges to copy. + */ + if (nextSym <= 16) + { + for (j = nextSym - 1; j > 0; --j) + { + yy[j] = yy[j - 1]; + } + } + else + { + Array.Copy(yy, 0, yy, 1, nextSym - 1); + } + + yy[0] = tmp; + + { + int zt, zn, zvec, zj; + if (groupPos == 0) + { + groupNo++; + groupPos = BZip2Constants.G_SIZE; + } + groupPos--; + zt = selector[groupNo]; + zn = minLens[zt]; + zvec = BsR(zn); + while (zvec > limit[zt][zn]) + { + zn++; + { + { + while (bsLive < 1) + { + int zzi; + char thech = '\0'; + try + { + thech = (char)bsStream.ReadByte(); + } + catch (IOException) + { + CompressedStreamEOF(); + } + zzi = thech; + bsBuff = (bsBuff << 8) | (zzi & 0xff); + bsLive += 8; + } + } + zj = (bsBuff >> (bsLive - 1)) & 1; + bsLive--; + } + zvec = (zvec << 1) | zj; + } + nextSym = perm[zt][zvec - basev[zt][zn]]; + } + continue; + } + } + } + + private void SetupBlock() { + int[] cftab = new int[257]; + char ch; + + cftab[0] = 0; + for (i = 1; i <= 256; i++) { + cftab[i] = unzftab[i - 1]; + } + for (i = 1; i <= 256; i++) { + cftab[i] += cftab[i - 1]; + } + + for (i = 0; i <= last; i++) { + ch = ll8[i]; + tt[cftab[ch]] = i; + cftab[ch]++; + } + cftab = null; + + tPos = tt[origPtr]; + + count = 0; + i2 = 0; + ch2 = 256; /* not a char and not EOF */ + + if (blockRandomised) { + rNToGo = 0; + rTPos = 0; + SetupRandPartA(); + } else { + SetupNoRandPartA(); + } + } + + private void SetupRandPartA() { + if (i2 <= last) { + chPrev = ch2; + ch2 = ll8[tPos]; + tPos = tt[tPos]; + if (rNToGo == 0) { + rNToGo = BZip2Constants.rNums[rTPos]; + rTPos++; + if (rTPos == 512) { + rTPos = 0; + } + } + rNToGo--; + ch2 ^= (int) ((rNToGo == 1) ? 1 : 0); + i2++; + + currentChar = ch2; + currentState = RAND_PART_B_STATE; + mCrc.UpdateCRC(ch2); + } else { + EndBlock(); + InitBlock(); + SetupBlock(); + } + } + + private void SetupNoRandPartA() { + if (i2 <= last) { + chPrev = ch2; + ch2 = ll8[tPos]; + tPos = tt[tPos]; + i2++; + + currentChar = ch2; + currentState = NO_RAND_PART_B_STATE; + mCrc.UpdateCRC(ch2); + } else { + EndBlock(); + InitBlock(); + SetupBlock(); + } + } + + private void SetupRandPartB() { + if (ch2 != chPrev) { + currentState = RAND_PART_A_STATE; + count = 1; + SetupRandPartA(); + } else { + count++; + if (count >= 4) { + z = ll8[tPos]; + tPos = tt[tPos]; + if (rNToGo == 0) { + rNToGo = BZip2Constants.rNums[rTPos]; + rTPos++; + if (rTPos == 512) { + rTPos = 0; + } + } + rNToGo--; + z ^= (char)((rNToGo == 1) ? 1 : 0); + j2 = 0; + currentState = RAND_PART_C_STATE; + SetupRandPartC(); + } else { + currentState = RAND_PART_A_STATE; + SetupRandPartA(); + } + } + } + + private void SetupRandPartC() { + if (j2 < (int) z) { + currentChar = ch2; + mCrc.UpdateCRC(ch2); + j2++; + } else { + currentState = RAND_PART_A_STATE; + i2++; + count = 0; + SetupRandPartA(); + } + } + + private void SetupNoRandPartB() { + if (ch2 != chPrev) { + currentState = NO_RAND_PART_A_STATE; + count = 1; + SetupNoRandPartA(); + } else { + count++; + if (count >= 4) { + z = ll8[tPos]; + tPos = tt[tPos]; + currentState = NO_RAND_PART_C_STATE; + j2 = 0; + SetupNoRandPartC(); + } else { + currentState = NO_RAND_PART_A_STATE; + SetupNoRandPartA(); + } + } + } + + private void SetupNoRandPartC() { + if (j2 < (int) z) { + currentChar = ch2; + mCrc.UpdateCRC(ch2); + j2++; + } else { + currentState = NO_RAND_PART_A_STATE; + i2++; + count = 0; + SetupNoRandPartA(); + } + } + + private void SetDecompressStructureSizes(int newSize100k) { + if (!(0 <= newSize100k && newSize100k <= 9 && 0 <= blockSize100k + && blockSize100k <= 9)) { + // throw new IOException("Invalid block size"); + } + + blockSize100k = newSize100k; + + if (newSize100k == 0) { + return; + } + + int n = BZip2Constants.baseBlockSize * newSize100k; + ll8 = new char[n]; + tt = new int[n]; + } + + public override void Flush() { + } + + public override int Read(byte[] buffer, int offset, int count) { + int c = -1; + int k; + for (k = 0; k < count; ++k) { + c = ReadByte(); + if (c == -1) + break; + buffer[k + offset] = (byte)c; + } + return k; + } + + public override long Seek(long offset, SeekOrigin origin) { + return 0; + } + + public override void SetLength(long value) { + } + + public override void Write(byte[] buffer, int offset, int count) { + } + + public override bool CanRead { + get { + return true; + } + } + + public override bool CanSeek { + get { + return false; + } + } + + public override bool CanWrite { + get { + return false; + } + } + + public override long Length { + get { + return 0; + } + } + + public override long Position { + get { + return 0; + } + set { + } + } + } +} \ No newline at end of file diff --git a/BouncyCastle/crypto/bzip2/src/CBZip2OutputStream.cs b/BouncyCastle/crypto/bzip2/src/CBZip2OutputStream.cs new file mode 100644 index 0000000..e81f6ff --- /dev/null +++ b/BouncyCastle/crypto/bzip2/src/CBZip2OutputStream.cs @@ -0,0 +1,1746 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one or more + * contributor license agreements. See the NOTICE file distributed with + * this work for additional information regarding copyright ownership. + * The ASF licenses this file to You under the Apache License, Version 2.0 + * (the "License"); you may not use this file except in compliance with + * the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + */ + +/* + * This package is based on the work done by Keiron Liddle, Aftex Software + * to whom the Ant project is very grateful for his + * great code. + */ + +using System; +using System.Collections; +using System.IO; + +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Apache.Bzip2 +{ + /** + * An output stream that compresses into the BZip2 format (with the file + * header chars) into another stream. + * + * @author Keiron Liddle + * + * TODO: Update to BZip2 1.0.1 + * NB: note this class has been modified to add a leading BZ to the + * start of the BZIP2 stream to make it compatible with other PGP programs. + */ + public class CBZip2OutputStream : Stream + { + protected const int SETMASK = 1 << 21; + protected const int CLEARMASK = ~SETMASK; + protected const int GREATER_ICOST = 15; + protected const int LESSER_ICOST = 0; + protected const int SMALL_THRESH = 20; + protected const int DEPTH_THRESH = 10; + + private bool finished; + + private static void Panic() + { + throw new InvalidOperationException(); + } + + private void MakeMaps() + { + int i; + nInUse = 0; + for (i = 0; i < 256; i++) + { + if (inUse[i]) + { + seqToUnseq[nInUse] = (char) i; + unseqToSeq[i] = (char) nInUse; + nInUse++; + } + } + } + + protected static void HbMakeCodeLengths(byte[] len, int[] freq, int alphaSize, int maxLen) + { + /* + Nodes and heap entries run from 1. Entry 0 + for both the heap and nodes is a sentinel. + */ + int[] heap = new int[BZip2Constants.MAX_ALPHA_SIZE + 2]; + int[] weight = new int[BZip2Constants.MAX_ALPHA_SIZE * 2]; + int[] parent = new int[BZip2Constants.MAX_ALPHA_SIZE * 2]; + + for (int i = 0; i < alphaSize; i++) + { + weight[i + 1] = (freq[i] == 0 ? 1 : freq[i]) << 8; + } + + while (true) + { + int nNodes = alphaSize; + int nHeap = 0; + + heap[0] = 0; + weight[0] = 0; + parent[0] = -2; + + for (int i = 1; i <= alphaSize; i++) + { + parent[i] = -1; + heap[++nHeap] = i; + { + int zz = nHeap; + int tmp = heap[zz]; + while (weight[tmp] < weight[heap[zz >> 1]]) + { + heap[zz] = heap[zz >> 1]; + zz >>= 1; + } + heap[zz] = tmp; + } + } + if (!(nHeap < (BZip2Constants.MAX_ALPHA_SIZE + 2))) + { + Panic(); + } + + while (nHeap > 1) + { + int n1 = heap[1]; + heap[1] = heap[nHeap--]; + { + int zz = 1; + int tmp = heap[zz]; + while (true) { + int yy = zz << 1; + if (yy > nHeap) + break; + + if (yy < nHeap + && weight[heap[yy + 1]] < weight[heap[yy]]) + { + yy++; + } + + if (weight[tmp] < weight[heap[yy]]) + break; + + heap[zz] = heap[yy]; + zz = yy; + } + heap[zz] = tmp; + } + int n2 = heap[1]; + heap[1] = heap[nHeap--]; + { + int zz = 1; + int tmp = heap[zz]; + while (true) + { + int yy = zz << 1; + if (yy > nHeap) + break; + + if (yy < nHeap + && weight[heap[yy + 1]] < weight[heap[yy]]) + { + yy++; + } + + if (weight[tmp] < weight[heap[yy]]) + break; + + heap[zz] = heap[yy]; + zz = yy; + } + heap[zz] = tmp; + } + nNodes++; + parent[n1] = parent[n2] = nNodes; + + weight[nNodes] = (int)((uint)((weight[n1] & 0xffffff00) + + (weight[n2] & 0xffffff00)) + | (uint)(1 + (((weight[n1] & 0x000000ff) > + (weight[n2] & 0x000000ff)) ? + (weight[n1] & 0x000000ff) : + (weight[n2] & 0x000000ff)))); + + parent[nNodes] = -1; + heap[++nHeap] = nNodes; + { + int zz = nHeap; + int tmp = heap[zz]; + while (weight[tmp] < weight[heap[zz >> 1]]) + { + heap[zz] = heap[zz >> 1]; + zz >>= 1; + } + heap[zz] = tmp; + } + } + if (!(nNodes < (BZip2Constants.MAX_ALPHA_SIZE * 2))) + { + Panic(); + } + + bool tooLong = false; + for (int i = 1; i <= alphaSize; i++) + { + int j = 0; + int k = i; + while (parent[k] >= 0) + { + k = parent[k]; + j++; + } + len[i - 1] = (byte)j; + if (j > maxLen) + { + tooLong = true; + } + } + + if (!tooLong) + break; + + for (int i = 1; i < alphaSize; i++) + { + int j = weight[i] >> 8; + j = 1 + (j / 2); + weight[i] = j << 8; + } + } + } + + /* + * number of characters in the block + */ + int count; + + /* + index in zptr[] of original string after sorting. + */ + int origPtr; + + /* + always: in the range 0 .. 9. + The current block size is 100000 * this number. + */ + readonly int blockSize100k; + + private int allowableBlockSize; + + bool blockRandomised; + + int bsBuff; + int bsLive; + readonly CRC mCrc = new CRC(); + + private bool[] inUse = new bool[256]; + private int nInUse; + + private char[] seqToUnseq = new char[256]; + private char[] unseqToSeq = new char[256]; + + private char[] selector = new char[BZip2Constants.MAX_SELECTORS]; + private char[] selectorMtf = new char[BZip2Constants.MAX_SELECTORS]; + + private byte[] blockBytes; + private ushort[] quadrantShorts; + private int[] zptr; + private int[] szptr; + private int[] ftab; + + private int nMTF; + + private int[] mtfFreq = new int[BZip2Constants.MAX_ALPHA_SIZE]; + + /* + * Used when sorting. If too many long comparisons + * happen, we stop sorting, randomise the block + * slightly, and try again. + */ + private int workFactor; + private int workDone; + private int workLimit; + private bool firstAttempt; + + private int currentByte = -1; + private int runLength = 0; + + public CBZip2OutputStream(Stream outStream) + : this(outStream, 9) + { + } + + public CBZip2OutputStream(Stream outStream, int blockSize) + { + blockBytes = null; + quadrantShorts = null; + zptr = null; + ftab = null; + + outStream.WriteByte((byte)'B'); + outStream.WriteByte((byte)'Z'); + + BsSetStream(outStream); + + workFactor = 50; + if (blockSize > 9) { + blockSize = 9; + } + if (blockSize < 1) { + blockSize = 1; + } + blockSize100k = blockSize; + AllocateCompressStructures(); + Initialize(); + InitBlock(); + } + + /** + * + * modified by Oliver Merkel, 010128 + * + */ + public override void WriteByte(byte b) + { + if (currentByte == b) + { + runLength++; + if (runLength > 254) + { + WriteRun(); + currentByte = -1; + runLength = 0; + } + } + else if (currentByte == -1) + { + currentByte = b; + runLength++; + } + else + { + WriteRun(); + runLength = 1; + currentByte = b; + } + } + + private void WriteRun() + { + if (count > allowableBlockSize) + { + EndBlock(); + InitBlock(); + } + + inUse[currentByte] = true; + + for (int i = 0; i < runLength; i++) + { + mCrc.UpdateCRC(currentByte); + } + + switch (runLength) + { + case 1: + blockBytes[++count] = (byte)currentByte; + break; + case 2: + blockBytes[++count] = (byte)currentByte; + blockBytes[++count] = (byte)currentByte; + break; + case 3: + blockBytes[++count] = (byte)currentByte; + blockBytes[++count] = (byte)currentByte; + blockBytes[++count] = (byte)currentByte; + break; + default: + inUse[runLength - 4] = true; + blockBytes[++count] = (byte)currentByte; + blockBytes[++count] = (byte)currentByte; + blockBytes[++count] = (byte)currentByte; + blockBytes[++count] = (byte)currentByte; + blockBytes[++count] = (byte)(runLength - 4); + break; + } + } + + bool closed = false; + +// protected void Finalize() { +// Close(); +// } + +#if PORTABLE + protected override void Dispose(bool disposing) + { + if (disposing) + { + if (closed) + return; + + Finish(); + closed = true; + Platform.Dispose(this.bsStream); + } + base.Dispose(disposing); + } +#else + public override void Close() + { + if (closed) + return; + + Finish(); + + closed = true; + Platform.Dispose(this.bsStream); + + base.Close(); + } +#endif + + public void Finish() + { + if (finished) + return; + + if (runLength > 0) + { + WriteRun(); + } + currentByte = -1; + if (count > 0) + { + EndBlock(); + } + EndCompression(); + finished = true; + Flush(); + } + + public override void Flush() + { + bsStream.Flush(); + } + + private int blockCRC, combinedCRC; + + private void Initialize() + { + /* Write `magic' bytes h indicating file-format == huffmanised, + followed by a digit indicating blockSize100k. + */ + BsPutUChar('h'); + BsPutUChar('0' + blockSize100k); + + combinedCRC = 0; + } + + private void InitBlock() + { + mCrc.InitialiseCRC(); + count = 0; + + for (int i = 0; i < 256; i++) + { + inUse[i] = false; + } + + /* 20 is just a paranoia constant */ + allowableBlockSize = BZip2Constants.baseBlockSize * blockSize100k - 20; + } + + private void EndBlock() + { + blockCRC = mCrc.GetFinalCRC(); + combinedCRC = Integers.RotateLeft(combinedCRC, 1) ^ blockCRC; + + /* sort the block and establish posn of original string */ + DoReversibleTransformation(); + + /* + A 6-byte block header, the value chosen arbitrarily + as 0x314159265359 :-). A 32 bit value does not really + give a strong enough guarantee that the value will not + appear by chance in the compressed datastream. Worst-case + probability of this event, for a 900k block, is about + 2.0e-3 for 32 bits, 1.0e-5 for 40 bits and 4.0e-8 for 48 bits. + For a compressed file of size 100Gb -- about 100000 blocks -- + only a 48-bit marker will do. NB: normal compression/ + decompression do *not* rely on these statistical properties. + They are only important when trying to recover blocks from + damaged files. + */ + BsPutUChar(0x31); + BsPutUChar(0x41); + BsPutUChar(0x59); + BsPutUChar(0x26); + BsPutUChar(0x53); + BsPutUChar(0x59); + + /* Now the block's CRC, so it is in a known place. */ + BsPutint(blockCRC); + + /* Now a single bit indicating randomisation. */ + BsW(1, blockRandomised ? 1 : 0); + + /* Finally, block's contents proper. */ + MoveToFrontCodeAndSend(); + } + + private void EndCompression() { + /* + Now another magic 48-bit number, 0x177245385090, to + indicate the end of the last block. (Sqrt(pi), if + you want to know. I did want to use e, but it contains + too much repetition -- 27 18 28 18 28 46 -- for me + to feel statistically comfortable. Call me paranoid.) + */ + BsPutUChar(0x17); + BsPutUChar(0x72); + BsPutUChar(0x45); + BsPutUChar(0x38); + BsPutUChar(0x50); + BsPutUChar(0x90); + + BsPutint(combinedCRC); + + BsFinishedWithStream(); + } + + private void HbAssignCodes(int[] code, byte[] length, int minLen, int maxLen, int alphaSize) + { + int vec = 0; + for (int n = minLen; n <= maxLen; n++) + { + for (int i = 0; i < alphaSize; i++) + { + if (length[i] == n) + { + code[i] = vec; + vec++; + } + } + vec <<= 1; + } + } + + private void BsSetStream(Stream f) + { + bsStream = f; + bsLive = 0; + bsBuff = 0; + } + + private void BsFinishedWithStream() + { + while (bsLive > 0) + { + bsStream.WriteByte((byte)(bsBuff >> 24)); // write 8-bit + bsBuff <<= 8; + bsLive -= 8; + } + } + + private void BsW(int n, int v) + { + while (bsLive >= 8) + { + bsStream.WriteByte((byte)(bsBuff >> 24)); // write 8-bit + bsBuff <<= 8; + bsLive -= 8; + } + bsBuff |= v << (32 - bsLive - n); + bsLive += n; + } + + private void BsPutUChar(int c) + { + BsW(8, c); + } + + private void BsPutint(int u) + { + //BsW(8, (u >> 24) & 0xff); + //BsW(8, (u >> 16) & 0xff); + //BsW(8, (u >> 8) & 0xff); + //BsW(8, u & 0xff); + BsW(16, (u >> 16) & 0xFFFF); + BsW(16, u & 0xFFFF); + } + + private void BsPutIntVS(int numBits, int c) + { + BsW(numBits, c); + } + + private void SendMTFValues() + { + byte[][] len = CBZip2InputStream.InitByteArray(BZip2Constants.N_GROUPS, BZip2Constants.MAX_ALPHA_SIZE); + + int v, t, i, j, gs, ge, bt, bc, iter; + int nSelectors = 0, alphaSize, minLen, maxLen, selCtr; + int nGroups; + + alphaSize = nInUse + 2; + for (t = 0; t < BZip2Constants.N_GROUPS; t++) + { + byte[] len_t = len[t]; + for (v = 0; v < alphaSize; v++) + { + len_t[v] = GREATER_ICOST; + } + } + + /* Decide how many coding tables to use */ + if (nMTF <= 0) + { + Panic(); + } + + if (nMTF < 200) + { + nGroups = 2; + } + else if (nMTF < 600) + { + nGroups = 3; + } + else if (nMTF < 1200) + { + nGroups = 4; + } + else if (nMTF < 2400) + { + nGroups = 5; + } + else + { + nGroups = 6; + } + + /* Generate an initial set of coding tables */ + { + int tFreq, aFreq; + + int nPart = nGroups; + int remF = nMTF; + gs = 0; + while (nPart > 0) + { + tFreq = remF / nPart; + ge = gs - 1; + aFreq = 0; + while (aFreq < tFreq && ge < alphaSize - 1) + { + aFreq += mtfFreq[++ge]; + } + + if (ge > gs && nPart != nGroups && nPart != 1 + && ((nGroups - nPart) % 2 == 1)) + { + aFreq -= mtfFreq[ge--]; + } + + byte[] len_np = len[nPart - 1]; + for (v = 0; v < alphaSize; v++) + { + if (v >= gs && v <= ge) + { + len_np[v] = LESSER_ICOST; + } + else + { + len_np[v] = GREATER_ICOST; + } + } + + nPart--; + gs = ge + 1; + remF -= aFreq; + } + } + + int[][] rfreq = CBZip2InputStream.InitIntArray(BZip2Constants.N_GROUPS, BZip2Constants.MAX_ALPHA_SIZE); + int[] fave = new int[BZip2Constants.N_GROUPS]; + short[] cost = new short[BZip2Constants.N_GROUPS]; + byte[] len_0 = len[0]; + byte[] len_1 = len[1]; + byte[] len_2 = len[2]; + byte[] len_3 = len[3]; + byte[] len_4 = len[4]; + byte[] len_5 = len[5]; + + /* + Iterate up to N_ITERS times to improve the tables. + */ + for (iter = 0; iter < BZip2Constants.N_ITERS; iter++) + { + for (t = 0; t < nGroups; t++) + { + fave[t] = 0; + + int[] rfreq_t = rfreq[t]; + for (v = 0; v < alphaSize; v++) + { + rfreq_t[v] = 0; + } + } + + nSelectors = 0; + gs = 0; + while (gs < nMTF) + { + /* Set group start & end marks. */ + + /* + * Calculate the cost of this group as coded by each of the coding tables. + */ + + ge = System.Math.Min(gs + BZip2Constants.G_SIZE - 1, nMTF - 1); + + if (nGroups == 6) + { + short cost0 = 0, cost1 = 0, cost2 = 0, cost3 = 0, cost4 = 0, cost5 = 0; + + for (i = gs; i <= ge; i++) + { + int icv = szptr[i]; + cost0 += len_0[icv]; + cost1 += len_1[icv]; + cost2 += len_2[icv]; + cost3 += len_3[icv]; + cost4 += len_4[icv]; + cost5 += len_5[icv]; + } + + cost[0] = cost0; + cost[1] = cost1; + cost[2] = cost2; + cost[3] = cost3; + cost[4] = cost4; + cost[5] = cost5; + } + else + { + for (t = 0; t < nGroups; t++) + { + cost[t] = 0; + } + + for (i = gs; i <= ge; i++) + { + int icv = szptr[i]; + for (t = 0; t < nGroups; t++) + { + cost[t] += len[t][icv]; + } + } + } + + /* + Find the coding table which is best for this group, + and record its identity in the selector table. + */ + bc = 999999999; + bt = -1; + for (t = 0; t < nGroups; t++) + { + if (cost[t] < bc) + { + bc = cost[t]; + bt = t; + } + } + fave[bt]++; + selector[nSelectors] = (char) bt; + nSelectors++; + + /* + Increment the symbol frequencies for the selected table. + */ + int[] rfreq_bt = rfreq[bt]; + for (i = gs; i <= ge; i++) + { + rfreq_bt[szptr[i]]++; + } + + gs = ge + 1; + } + + /* + Recompute the tables based on the accumulated frequencies. + */ + for (t = 0; t < nGroups; t++) + { + HbMakeCodeLengths(len[t], rfreq[t], alphaSize, 20); + } + } + + rfreq = null; + fave = null; + cost = null; + + if (!(nGroups < 8)) + { + Panic(); + } + if (!(nSelectors < 32768 && nSelectors <= (2 + (900000 / BZip2Constants.G_SIZE)))) + { + Panic(); + } + + /* Compute MTF values for the selectors. */ + { + char[] pos = new char[BZip2Constants.N_GROUPS]; + char ll_i, tmp2, tmp; + for (i = 0; i < nGroups; i++) + { + pos[i] = (char)i; + } + for (i = 0; i < nSelectors; i++) + { + ll_i = selector[i]; + j = 0; + tmp = pos[j]; + while (ll_i != tmp) + { + j++; + tmp2 = tmp; + tmp = pos[j]; + pos[j] = tmp2; + } + pos[0] = tmp; + selectorMtf[i] = (char)j; + } + } + + int[][] code = CBZip2InputStream.InitIntArray(BZip2Constants.N_GROUPS, BZip2Constants.MAX_ALPHA_SIZE); + + /* Assign actual codes for the tables. */ + for (t = 0; t < nGroups; t++) + { + minLen = 32; + maxLen = 0; + byte[] len_t = len[t]; + for (i = 0; i < alphaSize; i++) + { + int lti = len_t[i]; + if (lti > maxLen) + { + maxLen = lti; + } + if (lti < minLen) + { + minLen = lti; + } + } + if (maxLen > 20) + { + Panic(); + } + if (minLen < 1) + { + Panic(); + } + HbAssignCodes(code[t], len[t], minLen, maxLen, alphaSize); + } + + /* Transmit the mapping table. */ + { + bool[] inUse16 = new bool[16]; + for (i = 0; i < 16; i++) + { + inUse16[i] = false; + int i16 = i * 16; + for (j = 0; j < 16; j++) + { + if (inUse[i16 + j]) + { + inUse16[i] = true; + break; + } + } + } + + for (i = 0; i < 16; i++) + { + BsW(1, inUse16[i] ? 1 : 0); + } + + for (i = 0; i < 16; i++) + { + if (inUse16[i]) + { + int i16 = i * 16; + for (j = 0; j < 16; j++) + { + BsW(1, inUse[i16 + j] ? 1 : 0); + } + } + } + } + + /* Now the selectors. */ + BsW(3, nGroups); + BsW(15, nSelectors); + for (i = 0; i < nSelectors; i++) + { + int count = selectorMtf[i]; + //for (j = 0; j < count; j++) + //{ + // BsW(1, 1); + //} + //BsW(1, 0); + while (count >= 24) + { + BsW(24, 0xFFFFFF); + count -= 24; + } + BsW(count + 1, (1 << (count + 1)) - 2); + } + + /* Now the coding tables. */ + for (t = 0; t < nGroups; t++) + { + byte[] len_t = len[t]; + int curr = len_t[0]; + BsW(5, curr); + for (i = 0; i < alphaSize; i++) + { + int lti = len_t[i]; + while (curr < lti) + { + BsW(2, 2); + curr++; /* 10 */ + } + while (curr > lti) + { + BsW(2, 3); + curr--; /* 11 */ + } + BsW(1, 0); + } + } + + /* And finally, the block data proper */ + selCtr = 0; + gs = 0; + while (gs < nMTF) + { + ge = System.Math.Min(gs + BZip2Constants.G_SIZE - 1, nMTF - 1); + + int selector_selCtr = selector[selCtr]; + byte[] len_selCtr = len[selector_selCtr]; + int[] code_selCtr = code[selector_selCtr]; + + for (i = gs; i <= ge; i++) + { + int sfmap_i = szptr[i]; + BsW(len_selCtr[sfmap_i], code_selCtr[sfmap_i]); + } + + gs = ge + 1; + selCtr++; + } + if (!(selCtr == nSelectors)) + { + Panic(); + } + } + + private void MoveToFrontCodeAndSend() + { + BsPutIntVS(24, origPtr); + GenerateMTFValues(); + SendMTFValues(); + } + + private Stream bsStream; + + private void SimpleSort(int lo, int hi, int d) + { + int i, j, h, v; + + int bigN = hi - lo + 1; + if (bigN < 2) + return; + + int hp = 0; + while (incs[hp] < bigN) + { + hp++; + } + hp--; + + for (; hp >= 0; hp--) + { + h = incs[hp]; + + i = lo + h; + while (i <= hi) + { + /* copy 1 */ + v = zptr[i]; + j = i; + while (FullGtU(zptr[j - h] + d, v + d)) + { + zptr[j] = zptr[j - h]; + j = j - h; + if (j <= (lo + h - 1)) + break; + } + zptr[j] = v; + + /* copy 2 */ + if (++i > hi) + break; + + v = zptr[i]; + j = i; + while (FullGtU(zptr[j - h] + d, v + d)) + { + zptr[j] = zptr[j - h]; + j = j - h; + if (j <= (lo + h - 1)) + break; + } + zptr[j] = v; + + /* copy 3 */ + if (++i > hi) + break; + + v = zptr[i]; + j = i; + while (FullGtU(zptr[j - h] + d, v + d)) + { + zptr[j] = zptr[j - h]; + j = j - h; + if (j <= (lo + h - 1)) + break; + } + zptr[j] = v; + i++; + + if (workDone > workLimit && firstAttempt) + return; + } + } + } + + private void Vswap(int p1, int p2, int n) + { + while (--n >= 0) + { + int t1 = zptr[p1], t2 = zptr[p2]; + zptr[p1++] = t2; + zptr[p2++] = t1; + } + } + + private int Med3(int a, int b, int c) + { + return a > b + ? (c < b ? b : c > a ? a : c) + : (c < a ? a : c > b ? b : c); + } + + internal class StackElem + { + internal int ll; + internal int hh; + internal int dd; + } + + private static void PushStackElem(IList stack, int stackCount, int ll, int hh, int dd) + { + StackElem stackElem; + if (stackCount < stack.Count) + { + stackElem = (StackElem)stack[stackCount]; + } + else + { + stackElem = new StackElem(); + stack.Add(stackElem); + } + + stackElem.ll = ll; + stackElem.hh = hh; + stackElem.dd = dd; + } + + private void QSort3(int loSt, int hiSt, int dSt) + { + int unLo, unHi, ltLo, gtHi, n, m; + + IList stack = Platform.CreateArrayList(); + int stackCount = 0; + StackElem stackElem; + + int lo = loSt; + int hi = hiSt; + int d = dSt; + + for (;;) + { + if (hi - lo < SMALL_THRESH || d > DEPTH_THRESH) + { + SimpleSort(lo, hi, d); + if (stackCount < 1 || (workDone > workLimit && firstAttempt)) + return; + + stackElem = (StackElem)stack[--stackCount]; + lo = stackElem.ll; + hi = stackElem.hh; + d = stackElem.dd; + continue; + } + + int d1 = d + 1; + int med = Med3( + blockBytes[zptr[lo] + d1], + blockBytes[zptr[hi] + d1], + blockBytes[zptr[(lo + hi) >> 1] + d1]); + + unLo = ltLo = lo; + unHi = gtHi = hi; + + while (true) + { + while (unLo <= unHi) + { + int zUnLo = zptr[unLo]; + n = blockBytes[zUnLo + d1] - med; + if (n > 0) + break; + + if (n == 0) + { + zptr[unLo] = zptr[ltLo]; + zptr[ltLo++] = zUnLo; + } + unLo++; + } + while (unLo <= unHi) + { + int zUnHi = zptr[unHi]; + n = blockBytes[zUnHi + d1] - med; + if (n < 0) + break; + + if (n == 0) + { + zptr[unHi] = zptr[gtHi]; + zptr[gtHi--] = zUnHi; + } + unHi--; + } + if (unLo > unHi) + break; + + int temp = zptr[unLo]; + zptr[unLo++] = zptr[unHi]; + zptr[unHi--] = temp; + } + + if (gtHi < ltLo) + { + d = d1; + continue; + } + + n = System.Math.Min(ltLo - lo, unLo - ltLo); + Vswap(lo, unLo - n, n); + + m = System.Math.Min(hi - gtHi, gtHi - unHi); + Vswap(unLo, hi - m + 1, m); + + n = lo + (unLo - ltLo); + m = hi - (gtHi - unHi); + + PushStackElem(stack, stackCount++, lo, n - 1, d); + PushStackElem(stack, stackCount++, n, m, d1); + + lo = m + 1; + } + } + + private void MainSort() + { + int i, j, ss, sb; + int[] runningOrder = new int[256]; + int[] copy = new int[256]; + bool[] bigDone = new bool[256]; + int c1, c2; + + /* + In the various block-sized structures, live data runs + from 0 to last+NUM_OVERSHOOT_BYTES inclusive. First, + set up the overshoot area for block. + */ + for (i = 0; i < BZip2Constants.NUM_OVERSHOOT_BYTES; i++) + { + blockBytes[count + i + 1] = blockBytes[(i % count) + 1]; + } + for (i = 0; i <= count + BZip2Constants.NUM_OVERSHOOT_BYTES; i++) + { + quadrantShorts[i] = 0; + } + + blockBytes[0] = blockBytes[count]; + + if (count <= 4000) + { + /* + Use SimpleSort(), since the full sorting mechanism + has quite a large constant overhead. + */ + for (i = 0; i < count; i++) + { + zptr[i] = i; + } + firstAttempt = false; + workDone = workLimit = 0; + SimpleSort(0, count - 1, 0); + } + else + { + for (i = 0; i <= 255; i++) + { + bigDone[i] = false; + } + + for (i = 0; i <= 65536; i++) + { + ftab[i] = 0; + } + + c1 = blockBytes[0]; + for (i = 1; i <= count; i++) + { + c2 = blockBytes[i]; + ftab[(c1 << 8) + c2]++; + c1 = c2; + } + + for (i = 0; i < 65536; i++) + { + ftab[i + 1] += ftab[i]; + } + + c1 = blockBytes[1]; + for (i = 0; i < (count - 1); i++) + { + c2 = blockBytes[i + 2]; + j = (c1 << 8) + c2; + c1 = c2; + ftab[j]--; + zptr[ftab[j]] = i; + } + + j = ((int)blockBytes[count] << 8) + blockBytes[1]; + ftab[j]--; + zptr[ftab[j]] = count - 1; + + /* + Now ftab contains the first loc of every small bucket. + Calculate the running order, from smallest to largest + big bucket. + */ + + for (i = 0; i <= 255; i++) + { + runningOrder[i] = i; + } + + { + int h = 1; + do + { + h = 3 * h + 1; + } + while (h <= 256); + do + { + h = h / 3; + for (i = h; i <= 255; i++) + { + int vv = runningOrder[i]; + j = i; + while ((ftab[(runningOrder[j - h] + 1) << 8] - ftab[runningOrder[j - h] << 8]) + > (ftab[(vv + 1) << 8] - ftab[vv << 8])) + { + runningOrder[j] = runningOrder[j - h]; + j = j - h; + if (j < h) + break; + } + runningOrder[j] = vv; + } + } + while (h != 1); + } + + /* + The main sorting loop. + */ + for (i = 0; i <= 255; i++) + { + /* + Process big buckets, starting with the least full. + */ + ss = runningOrder[i]; + + /* + Complete the big bucket [ss] by quicksorting + any unsorted small buckets [ss, j]. Hopefully + previous pointer-scanning phases have already + completed many of the small buckets [ss, j], so + we don't have to sort them at all. + */ + for (j = 0; j <= 255; j++) + { + sb = (ss << 8) + j; + if ((ftab[sb] & SETMASK) != SETMASK) + { + int lo = ftab[sb] & CLEARMASK; + int hi = (ftab[sb + 1] & CLEARMASK) - 1; + if (hi > lo) + { + QSort3(lo, hi, 2); + if (workDone > workLimit && firstAttempt) + return; + } + ftab[sb] |= SETMASK; + } + } + + /* + The ss big bucket is now done. Record this fact, + and update the quadrant descriptors. Remember to + update quadrants in the overshoot area too, if + necessary. The "if (i < 255)" test merely skips + this updating for the last bucket processed, since + updating for the last bucket is pointless. + */ + bigDone[ss] = true; + + if (i < 255) + { + int bbStart = ftab[ss << 8] & CLEARMASK; + int bbSize = (ftab[(ss + 1) << 8] & CLEARMASK) - bbStart; + + int shifts = 0; + while ((bbSize >> shifts) > 65534) + { + shifts++; + } + + for (j = 0; j < bbSize; j++) + { + int a2update = zptr[bbStart + j] + 1; + ushort qVal = (ushort)(j >> shifts); + quadrantShorts[a2update] = qVal; + if (a2update <= BZip2Constants.NUM_OVERSHOOT_BYTES) + { + quadrantShorts[a2update + count] = qVal; + } + } + + if (!(((bbSize - 1) >> shifts) <= 65535)) + { + Panic(); + } + } + + /* + Now scan this big bucket so as to synthesise the + sorted order for small buckets [t, ss] for all t != ss. + */ + for (j = 0; j <= 255; j++) + { + copy[j] = ftab[(j << 8) + ss] & CLEARMASK; + } + + for (j = ftab[ss << 8] & CLEARMASK; + j < (ftab[(ss + 1) << 8] & CLEARMASK); j++) + { + int zptr_j = zptr[j]; + c1 = blockBytes[zptr_j]; + if (!bigDone[c1]) + { + zptr[copy[c1]] = (zptr_j == 0 ? count : zptr_j) - 1; + copy[c1]++; + } + } + + for (j = 0; j <= 255; j++) + { + ftab[(j << 8) + ss] |= SETMASK; + } + } + } + } + + private void RandomiseBlock() + { + for (int i = 0; i < 256; i++) + { + inUse[i] = false; + } + + int rNToGo = 0; + int rTPos = 0; + + for (int i = 0; i < count; i++) + { + if (rNToGo == 0) + { + rNToGo = BZip2Constants.rNums[rTPos]; + + if (++rTPos == 512) + { + rTPos = 0; + } + } + rNToGo--; + blockBytes[i + 1] ^= (byte)((rNToGo == 1) ? 1 : 0); + + inUse[blockBytes[i + 1]] = true; + } + } + + private void DoReversibleTransformation() + { + workLimit = workFactor * (count - 1); + workDone = 0; + blockRandomised = false; + firstAttempt = true; + + MainSort(); + + if (workDone > workLimit && firstAttempt) + { + RandomiseBlock(); + workLimit = workDone = 0; + blockRandomised = true; + firstAttempt = false; + MainSort(); + } + + origPtr = -1; + for (int i = 0; i < count; i++) + { + if (zptr[i] == 0) + { + origPtr = i; + break; + } + } + + if (origPtr == -1) + { + Panic(); + } + } + + private bool FullGtU(int i1, int i2) + { + int c1, c2; + + c1 = blockBytes[++i1]; + c2 = blockBytes[++i2]; + if (c1 != c2) + return c1 > c2; + + c1 = blockBytes[++i1]; + c2 = blockBytes[++i2]; + if (c1 != c2) + return c1 > c2; + + c1 = blockBytes[++i1]; + c2 = blockBytes[++i2]; + if (c1 != c2) + return c1 > c2; + + c1 = blockBytes[++i1]; + c2 = blockBytes[++i2]; + if (c1 != c2) + return c1 > c2; + + c1 = blockBytes[++i1]; + c2 = blockBytes[++i2]; + if (c1 != c2) + return c1 > c2; + + c1 = blockBytes[++i1]; + c2 = blockBytes[++i2]; + if (c1 != c2) + return c1 > c2; + + int k = count; + int s1, s2; + + do + { + c1 = blockBytes[++i1]; + c2 = blockBytes[++i2]; + if (c1 != c2) + return c1 > c2; + + s1 = quadrantShorts[i1]; + s2 = quadrantShorts[i2]; + if (s1 != s2) + return s1 > s2; + + c1 = blockBytes[++i1]; + c2 = blockBytes[++i2]; + if (c1 != c2) + return c1 > c2; + + s1 = quadrantShorts[i1]; + s2 = quadrantShorts[i2]; + if (s1 != s2) + return s1 > s2; + + c1 = blockBytes[++i1]; + c2 = blockBytes[++i2]; + if (c1 != c2) + return c1 > c2; + + s1 = quadrantShorts[i1]; + s2 = quadrantShorts[i2]; + if (s1 != s2) + return s1 > s2; + + c1 = blockBytes[++i1]; + c2 = blockBytes[++i2]; + if (c1 != c2) + return c1 > c2; + + s1 = quadrantShorts[i1]; + s2 = quadrantShorts[i2]; + if (s1 != s2) + return s1 > s2; + + if (i1 >= count) + { + i1 -= count; + } + if (i2 >= count) + { + i2 -= count; + } + + k -= 4; + workDone++; + } + while (k >= 0); + + return false; + } + + /* + Knuth's increments seem to work better + than Incerpi-Sedgewick here. Possibly + because the number of elems to sort is + usually small, typically <= 20. + */ + private static readonly int[] incs = { 1, 4, 13, 40, 121, 364, 1093, 3280, 9841, 29524, 88573, 265720, 797161, + 2391484 }; + + private void AllocateCompressStructures() + { + int n = BZip2Constants.baseBlockSize * blockSize100k; + blockBytes = new byte[(n + 1 + BZip2Constants.NUM_OVERSHOOT_BYTES)]; + quadrantShorts = new ushort[(n + 1 + BZip2Constants.NUM_OVERSHOOT_BYTES)]; + zptr = new int[n]; + ftab = new int[65537]; + + /* + The back end needs a place to store the MTF values + whilst it calculates the coding tables. We could + put them in the zptr array. However, these values + will fit in a short, so we overlay szptr at the + start of zptr, in the hope of reducing the number + of cache misses induced by the multiple traversals + of the MTF values when calculating coding tables. + Seems to improve compression speed by about 1%. + */ + // NOTE: We can't "overlay" in C#, so we just share zptr + szptr = zptr; + } + + private void GenerateMTFValues() + { + char[] yy = new char[256]; + int i, j; + char tmp; + char tmp2; + int zPend; + int wr; + int EOB; + + MakeMaps(); + EOB = nInUse + 1; + + for (i = 0; i <= EOB; i++) + { + mtfFreq[i] = 0; + } + + wr = 0; + zPend = 0; + for (i = 0; i < nInUse; i++) + { + yy[i] = (char) i; + } + + for (i = 0; i < count; i++) + { + char ll_i; + + ll_i = unseqToSeq[blockBytes[zptr[i]]]; + + j = 0; + tmp = yy[j]; + while (ll_i != tmp) + { + j++; + tmp2 = tmp; + tmp = yy[j]; + yy[j] = tmp2; + } + yy[0] = tmp; + + if (j == 0) + { + zPend++; + } + else + { + if (zPend > 0) + { + zPend--; + while (true) + { + switch (zPend % 2) + { + case 0: + szptr[wr++] = BZip2Constants.RUNA; + mtfFreq[BZip2Constants.RUNA]++; + break; + case 1: + szptr[wr++] = BZip2Constants.RUNB; + mtfFreq[BZip2Constants.RUNB]++; + break; + } + + if (zPend < 2) + break; + + zPend = (zPend - 2) / 2; + } + zPend = 0; + } + szptr[wr++] = j + 1; + mtfFreq[j + 1]++; + } + } + + if (zPend > 0) + { + zPend--; + while (true) + { + switch (zPend % 2) + { + case 0: + szptr[wr++] = BZip2Constants.RUNA; + mtfFreq[BZip2Constants.RUNA]++; + break; + case 1: + szptr[wr++] = BZip2Constants.RUNB; + mtfFreq[BZip2Constants.RUNB]++; + break; + } + + if (zPend < 2) + break; + + zPend = (zPend - 2) / 2; + } + } + + szptr[wr++] = EOB; + mtfFreq[EOB]++; + + nMTF = wr; + } + + public override int Read(byte[] buffer, int offset, int count) + { + return 0; + } + + public override long Seek(long offset, SeekOrigin origin) + { + return 0; + } + + public override void SetLength(long value) + { + } + + public override void Write(byte[] buffer, int offset, int count) + { + for (int k = 0; k < count; ++k) + { + WriteByte(buffer[k + offset]); + } + } + + public override bool CanRead + { + get { return false; } + } + + public override bool CanSeek + { + get { return false; } + } + + public override bool CanWrite + { + get { return true; } + } + + public override long Length + { + get { return 0; } + } + + public override long Position + { + get { return 0; } + set {} + } + } +} diff --git a/BouncyCastle/crypto/bzip2/src/CRC.cs b/BouncyCastle/crypto/bzip2/src/CRC.cs new file mode 100644 index 0000000..278a9f3 --- /dev/null +++ b/BouncyCastle/crypto/bzip2/src/CRC.cs @@ -0,0 +1,134 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one or more + * contributor license agreements. See the NOTICE file distributed with + * this work for additional information regarding copyright ownership. + * The ASF licenses this file to You under the Apache License, Version 2.0 + * (the "License"); you may not use this file except in compliance with + * the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + */ + +/* + * This package is based on the work done by Keiron Liddle), Aftex Software + * to whom the Ant project is very grateful for his + * great code. + */ + +using System; + +namespace Org.BouncyCastle.Apache.Bzip2 +{ + /** + * A simple class the hold and calculate the CRC for sanity checking + * of the data. + * + * @author Keiron Liddle + */ + internal class CRC + { + public static readonly int[] crc32Table = { + unchecked((int)0x00000000), unchecked((int)0x04c11db7), unchecked((int)0x09823b6e), unchecked((int)0x0d4326d9), + unchecked((int)0x130476dc), unchecked((int)0x17c56b6b), unchecked((int)0x1a864db2), unchecked((int)0x1e475005), + unchecked((int)0x2608edb8), unchecked((int)0x22c9f00f), unchecked((int)0x2f8ad6d6), unchecked((int)0x2b4bcb61), + unchecked((int)0x350c9b64), unchecked((int)0x31cd86d3), unchecked((int)0x3c8ea00a), unchecked((int)0x384fbdbd), + unchecked((int)0x4c11db70), unchecked((int)0x48d0c6c7), unchecked((int)0x4593e01e), unchecked((int)0x4152fda9), + unchecked((int)0x5f15adac), unchecked((int)0x5bd4b01b), unchecked((int)0x569796c2), unchecked((int)0x52568b75), + unchecked((int)0x6a1936c8), unchecked((int)0x6ed82b7f), unchecked((int)0x639b0da6), unchecked((int)0x675a1011), + unchecked((int)0x791d4014), unchecked((int)0x7ddc5da3), unchecked((int)0x709f7b7a), unchecked((int)0x745e66cd), + unchecked((int)0x9823b6e0), unchecked((int)0x9ce2ab57), unchecked((int)0x91a18d8e), unchecked((int)0x95609039), + unchecked((int)0x8b27c03c), unchecked((int)0x8fe6dd8b), unchecked((int)0x82a5fb52), unchecked((int)0x8664e6e5), + unchecked((int)0xbe2b5b58), unchecked((int)0xbaea46ef), unchecked((int)0xb7a96036), unchecked((int)0xb3687d81), + unchecked((int)0xad2f2d84), unchecked((int)0xa9ee3033), unchecked((int)0xa4ad16ea), unchecked((int)0xa06c0b5d), + unchecked((int)0xd4326d90), unchecked((int)0xd0f37027), unchecked((int)0xddb056fe), unchecked((int)0xd9714b49), + unchecked((int)0xc7361b4c), unchecked((int)0xc3f706fb), unchecked((int)0xceb42022), unchecked((int)0xca753d95), + unchecked((int)0xf23a8028), unchecked((int)0xf6fb9d9f), unchecked((int)0xfbb8bb46), unchecked((int)0xff79a6f1), + unchecked((int)0xe13ef6f4), unchecked((int)0xe5ffeb43), unchecked((int)0xe8bccd9a), unchecked((int)0xec7dd02d), + unchecked((int)0x34867077), unchecked((int)0x30476dc0), unchecked((int)0x3d044b19), unchecked((int)0x39c556ae), + unchecked((int)0x278206ab), unchecked((int)0x23431b1c), unchecked((int)0x2e003dc5), unchecked((int)0x2ac12072), + unchecked((int)0x128e9dcf), unchecked((int)0x164f8078), unchecked((int)0x1b0ca6a1), unchecked((int)0x1fcdbb16), + unchecked((int)0x018aeb13), unchecked((int)0x054bf6a4), unchecked((int)0x0808d07d), unchecked((int)0x0cc9cdca), + unchecked((int)0x7897ab07), unchecked((int)0x7c56b6b0), unchecked((int)0x71159069), unchecked((int)0x75d48dde), + unchecked((int)0x6b93dddb), unchecked((int)0x6f52c06c), unchecked((int)0x6211e6b5), unchecked((int)0x66d0fb02), + unchecked((int)0x5e9f46bf), unchecked((int)0x5a5e5b08), unchecked((int)0x571d7dd1), unchecked((int)0x53dc6066), + unchecked((int)0x4d9b3063), unchecked((int)0x495a2dd4), unchecked((int)0x44190b0d), unchecked((int)0x40d816ba), + unchecked((int)0xaca5c697), unchecked((int)0xa864db20), unchecked((int)0xa527fdf9), unchecked((int)0xa1e6e04e), + unchecked((int)0xbfa1b04b), unchecked((int)0xbb60adfc), unchecked((int)0xb6238b25), unchecked((int)0xb2e29692), + unchecked((int)0x8aad2b2f), unchecked((int)0x8e6c3698), unchecked((int)0x832f1041), unchecked((int)0x87ee0df6), + unchecked((int)0x99a95df3), unchecked((int)0x9d684044), unchecked((int)0x902b669d), unchecked((int)0x94ea7b2a), + unchecked((int)0xe0b41de7), unchecked((int)0xe4750050), unchecked((int)0xe9362689), unchecked((int)0xedf73b3e), + unchecked((int)0xf3b06b3b), unchecked((int)0xf771768c), unchecked((int)0xfa325055), unchecked((int)0xfef34de2), + unchecked((int)0xc6bcf05f), unchecked((int)0xc27dede8), unchecked((int)0xcf3ecb31), unchecked((int)0xcbffd686), + unchecked((int)0xd5b88683), unchecked((int)0xd1799b34), unchecked((int)0xdc3abded), unchecked((int)0xd8fba05a), + unchecked((int)0x690ce0ee), unchecked((int)0x6dcdfd59), unchecked((int)0x608edb80), unchecked((int)0x644fc637), + unchecked((int)0x7a089632), unchecked((int)0x7ec98b85), unchecked((int)0x738aad5c), unchecked((int)0x774bb0eb), + unchecked((int)0x4f040d56), unchecked((int)0x4bc510e1), unchecked((int)0x46863638), unchecked((int)0x42472b8f), + unchecked((int)0x5c007b8a), unchecked((int)0x58c1663d), unchecked((int)0x558240e4), unchecked((int)0x51435d53), + unchecked((int)0x251d3b9e), unchecked((int)0x21dc2629), unchecked((int)0x2c9f00f0), unchecked((int)0x285e1d47), + unchecked((int)0x36194d42), unchecked((int)0x32d850f5), unchecked((int)0x3f9b762c), unchecked((int)0x3b5a6b9b), + unchecked((int)0x0315d626), unchecked((int)0x07d4cb91), unchecked((int)0x0a97ed48), unchecked((int)0x0e56f0ff), + unchecked((int)0x1011a0fa), unchecked((int)0x14d0bd4d), unchecked((int)0x19939b94), unchecked((int)0x1d528623), + unchecked((int)0xf12f560e), unchecked((int)0xf5ee4bb9), unchecked((int)0xf8ad6d60), unchecked((int)0xfc6c70d7), + unchecked((int)0xe22b20d2), unchecked((int)0xe6ea3d65), unchecked((int)0xeba91bbc), unchecked((int)0xef68060b), + unchecked((int)0xd727bbb6), unchecked((int)0xd3e6a601), unchecked((int)0xdea580d8), unchecked((int)0xda649d6f), + unchecked((int)0xc423cd6a), unchecked((int)0xc0e2d0dd), unchecked((int)0xcda1f604), unchecked((int)0xc960ebb3), + unchecked((int)0xbd3e8d7e), unchecked((int)0xb9ff90c9), unchecked((int)0xb4bcb610), unchecked((int)0xb07daba7), + unchecked((int)0xae3afba2), unchecked((int)0xaafbe615), unchecked((int)0xa7b8c0cc), unchecked((int)0xa379dd7b), + unchecked((int)0x9b3660c6), unchecked((int)0x9ff77d71), unchecked((int)0x92b45ba8), unchecked((int)0x9675461f), + unchecked((int)0x8832161a), unchecked((int)0x8cf30bad), unchecked((int)0x81b02d74), unchecked((int)0x857130c3), + unchecked((int)0x5d8a9099), unchecked((int)0x594b8d2e), unchecked((int)0x5408abf7), unchecked((int)0x50c9b640), + unchecked((int)0x4e8ee645), unchecked((int)0x4a4ffbf2), unchecked((int)0x470cdd2b), unchecked((int)0x43cdc09c), + unchecked((int)0x7b827d21), unchecked((int)0x7f436096), unchecked((int)0x7200464f), unchecked((int)0x76c15bf8), + unchecked((int)0x68860bfd), unchecked((int)0x6c47164a), unchecked((int)0x61043093), unchecked((int)0x65c52d24), + unchecked((int)0x119b4be9), unchecked((int)0x155a565e), unchecked((int)0x18197087), unchecked((int)0x1cd86d30), + unchecked((int)0x029f3d35), unchecked((int)0x065e2082), unchecked((int)0x0b1d065b), unchecked((int)0x0fdc1bec), + unchecked((int)0x3793a651), unchecked((int)0x3352bbe6), unchecked((int)0x3e119d3f), unchecked((int)0x3ad08088), + unchecked((int)0x2497d08d), unchecked((int)0x2056cd3a), unchecked((int)0x2d15ebe3), unchecked((int)0x29d4f654), + unchecked((int)0xc5a92679), unchecked((int)0xc1683bce), unchecked((int)0xcc2b1d17), unchecked((int)0xc8ea00a0), + unchecked((int)0xd6ad50a5), unchecked((int)0xd26c4d12), unchecked((int)0xdf2f6bcb), unchecked((int)0xdbee767c), + unchecked((int)0xe3a1cbc1), unchecked((int)0xe760d676), unchecked((int)0xea23f0af), unchecked((int)0xeee2ed18), + unchecked((int)0xf0a5bd1d), unchecked((int)0xf464a0aa), unchecked((int)0xf9278673), unchecked((int)0xfde69bc4), + unchecked((int)0x89b8fd09), unchecked((int)0x8d79e0be), unchecked((int)0x803ac667), unchecked((int)0x84fbdbd0), + unchecked((int)0x9abc8bd5), unchecked((int)0x9e7d9662), unchecked((int)0x933eb0bb), unchecked((int)0x97ffad0c), + unchecked((int)0xafb010b1), unchecked((int)0xab710d06), unchecked((int)0xa6322bdf), unchecked((int)0xa2f33668), + unchecked((int)0xbcb4666d), unchecked((int)0xb8757bda), unchecked((int)0xb5365d03), unchecked((int)0xb1f740b4) + }; + + public CRC() { + InitialiseCRC(); + } + + internal void InitialiseCRC() { + globalCrc = unchecked((int)0xffffffff); + } + + internal int GetFinalCRC() { + return ~globalCrc; + } + + internal int GetGlobalCRC() { + return globalCrc; + } + + internal void SetGlobalCRC(int newCrc) { + globalCrc = newCrc; + } + + internal void UpdateCRC(int inCh) { + int temp = (globalCrc >> 24) ^ inCh; + if (temp < 0) { + temp = 256 + temp; + } + globalCrc = (globalCrc << 8) ^ CRC.crc32Table[temp]; + } + + internal int globalCrc; + } +} \ No newline at end of file diff --git a/BouncyCastle/crypto/checklist.txt b/BouncyCastle/crypto/checklist.txt new file mode 100644 index 0000000..d81cf5f --- /dev/null +++ b/BouncyCastle/crypto/checklist.txt @@ -0,0 +1,14 @@ +----------------- +Release Checklist +----------------- + +- Update to latest from git +- Run 'nant -t:net-1.1 clean test' +- Edit AssemblyInfo.cs: Change version and check copyright +- Edit NBuild.build: Change version +- Edit License.html: Check copyright +- Edit Readme.html: Add release notes +- Commit changes to git +- Tag git repository with "release-${version}" +- Push changes/tag to git +- Run 'nant -t:net-1.1 clean dist' diff --git a/BouncyCastle/crypto/crypto.Net45.csproj b/BouncyCastle/crypto/crypto.Net45.csproj new file mode 100644 index 0000000..14b3581 --- /dev/null +++ b/BouncyCastle/crypto/crypto.Net45.csproj @@ -0,0 +1,54 @@ + + + + + Debug + AnyCPU + {45473847-8AF8-4BAF-B768-442C6875B8CF} + Library + Properties + crypto + crypto + v2.0 + 512 + + + + true + full + false + bin\Debug\ + TRACE;DEBUG;LIB;PCL;SILVERLIGHT + prompt + 4 + + + pdbonly + true + bin\Release\ + TRACE;LIB;PCL;SILVERLIGHT + prompt + 4 + + + + + + + + + + + + + + + + + \ No newline at end of file diff --git a/BouncyCastle/crypto/crypto.csproj b/BouncyCastle/crypto/crypto.csproj new file mode 100644 index 0000000..0923310 --- /dev/null +++ b/BouncyCastle/crypto/crypto.csproj @@ -0,0 +1,15834 @@ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + diff --git a/BouncyCastle/crypto/crypto.dotnet.csproj b/BouncyCastle/crypto/crypto.dotnet.csproj new file mode 100644 index 0000000..d9ae0db --- /dev/null +++ b/BouncyCastle/crypto/crypto.dotnet.csproj @@ -0,0 +1,98 @@ + + + + Local + 7.10.3077 + 2.0 + {38872A5F-E87E-4FAD-B109-8EB7B2E6A4A2} + Debug + AnyCPU + + + crypto + ..\BouncyCastle.snk + JScript + Grid + IE50 + false + Library + crypto + OnBuildSuccess + + v5.0 + {786C830F-07A1-408B-BD7F-6EE04809D6DB};{FAE04EC0-301F-11D3-BF4B-00C04F79EFBC} + + + 14.0 + + + + + bin\dotnet\Debug\ + obj\dotnet\Debug\ + false + 285212672 + false + + TRACE;DEBUG;PORTABLE;NO_THREADS;NEW_REFLECTION;SYS_RUNTIME;DOTNET + doc\dotnet\crypto.xml + true + 4096 + false + 1591 + false + false + false + false + 4 + full + prompt + + + bin\dotnet\Release\ + obj\dotnet\Release\ + false + 285212672 + false + + TRACE;PORTABLE;NO_THREADS;NEW_REFLECTION;SYS_RUNTIME;DOTNET + doc\dotnet\crypto.xml + true + 4096 + false + 1591 + true + false + false + false + 4 + pdbonly + prompt + + + true + + + + + + + + dotnet;uap10.0;net46 + + + + BouncyCastle.snk + + + + + + + + + + + + + \ No newline at end of file diff --git a/BouncyCastle/crypto/crypto.dotnet.project.json b/BouncyCastle/crypto/crypto.dotnet.project.json new file mode 100644 index 0000000..e800026 --- /dev/null +++ b/BouncyCastle/crypto/crypto.dotnet.project.json @@ -0,0 +1,17 @@ +{ + "supports": { + "net46.app": {}, + "uwp.10.0.app": {}, + "dnxcore50.app": {} + }, + "dependencies": { + "Microsoft.NETCore": "5.0.0", + "Microsoft.NETCore.Portable.Compatibility": "1.0.0", + "NuSpec.ReferenceGenerator": "1.3.4" + }, + "frameworks": { + "dotnet": { + "imports": "portable-net452+win81" + } + } +} \ No newline at end of file diff --git a/BouncyCastle/crypto/crypto.pcl.csproj b/BouncyCastle/crypto/crypto.pcl.csproj new file mode 100644 index 0000000..1c37351 --- /dev/null +++ b/BouncyCastle/crypto/crypto.pcl.csproj @@ -0,0 +1,106 @@ + + + + Local + 7.10.3077 + 2.0 + {38872A5F-E87E-4FAD-B109-8EB7B2E6A4A0} + Debug + AnyCPU + + + crypto + ..\BouncyCastle.snk + JScript + Grid + IE50 + false + Library + crypto + OnBuildSuccess + + + + v4.0 + + + 12.0 + {786C830F-07A1-408B-BD7F-6EE04809D6DB};{FAE04EC0-301F-11D3-BF4B-00C04F79EFBC} + Profile328 + false + 10.0 + publish\ + true + Disk + false + Foreground + 7 + Days + false + false + true + 0 + 1.0.0.%2a + false + true + + + bin\pcl\Debug\ + obj\pcl\Debug\ + false + 285212672 + false + + TRACE;DEBUG;PORTABLE;NO_THREADS + doc\pcl\crypto.xml + true + 4096 + false + 1591 + false + false + false + false + 4 + full + prompt + + + bin\pcl\Release\ + obj\pcl\Release\ + false + 285212672 + false + + TRACE;PORTABLE;NO_THREADS + doc\pcl\crypto.xml + true + 4096 + false + 1591 + true + false + false + false + 4 + pdbonly + prompt + + + true + + + + + + + + BouncyCastle.snk + + + + + + + + \ No newline at end of file diff --git a/BouncyCastle/crypto/crypto.pcl2.csproj b/BouncyCastle/crypto/crypto.pcl2.csproj new file mode 100644 index 0000000..4edf113 --- /dev/null +++ b/BouncyCastle/crypto/crypto.pcl2.csproj @@ -0,0 +1,92 @@ + + + + Local + 7.10.3077 + 2.0 + {38872A5F-E87E-4FAD-B109-8EB7B2E6A4A1} + Debug + AnyCPU + + + crypto + ..\BouncyCastle.snk + JScript + Grid + IE50 + false + Library + crypto + OnBuildSuccess + + v4.5 + {786C830F-07A1-408B-BD7F-6EE04809D6DB};{FAE04EC0-301F-11D3-BF4B-00C04F79EFBC} + Profile259 + 10.0 + + + + + bin\pcl2\Debug\ + obj\pcl2\Debug\ + false + 285212672 + false + + TRACE;DEBUG;PORTABLE;NO_THREADS;NEW_REFLECTION;SYS_RUNTIME + doc\pcl2\crypto.xml + true + 4096 + false + 1591 + false + false + false + false + 4 + full + prompt + + + bin\pcl2\Release\ + obj\pcl2\Release\ + false + 285212672 + false + + TRACE;PORTABLE;NO_THREADS;NEW_REFLECTION;SYS_RUNTIME + doc\pcl2\crypto.xml + true + 4096 + false + 1591 + true + false + false + false + 4 + pdbonly + prompt + + + true + + + + + + + + + + + + BouncyCastle.snk + + + + + + + + \ No newline at end of file diff --git a/BouncyCastle/crypto/src/AssemblyInfo.cs b/BouncyCastle/crypto/src/AssemblyInfo.cs new file mode 100644 index 0000000..ec06092 --- /dev/null +++ b/BouncyCastle/crypto/src/AssemblyInfo.cs @@ -0,0 +1,119 @@ +using System; +using System.Reflection; +//using System.Security.Permissions; + +#if PORTABLE +using System.Linq; +#else +using System.Runtime.InteropServices; +#endif + +// +// General Information about an assembly is controlled through the following +// set of attributes. Change these attribute values to modify the information +// associated with an assembly. +// +[assembly: AssemblyTitle("BouncyCastle.Crypto")] +[assembly: AssemblyDescription("Bouncy Castle Cryptography API")] +[assembly: AssemblyConfiguration("")] +[assembly: AssemblyCompany("The Legion of the Bouncy Castle Inc.")] +[assembly: AssemblyProduct("Bouncy Castle for .NET")] +[assembly: AssemblyCopyright("Copyright (C) 2000-2021")] +[assembly: AssemblyTrademark("")] +[assembly: AssemblyCulture("")] + +// +// Version information for an assembly consists of the following four values: +// +// Major Version +// Minor Version +// Build Number +// Revision +// +// You can specify all the values or you can default the Revision and Build Numbers +// by using the '*' as shown below: + +[assembly: AssemblyVersion("1.9.0.0")] +[assembly: AssemblyFileVersion("1.9.21290.1")] +[assembly: AssemblyInformationalVersion("1.9.0")] + +// +// In order to sign your assembly you must specify a key to use. Refer to the +// Microsoft .NET Framework documentation for more information on assembly signing. +// +// Use the attributes below to control which key is used for signing. +// +// Notes: +// (*) If no key is specified, the assembly is not signed. +// (*) KeyName refers to a key that has been installed in the Crypto Service +// Provider (CSP) on your machine. KeyFile refers to a file which contains +// a key. +// (*) If the KeyFile and the KeyName values are both specified, the +// following processing occurs: +// (1) If the KeyName can be found in the CSP, that key is used. +// (2) If the KeyName does not exist and the KeyFile does exist, the key +// in the KeyFile is installed into the CSP and used. +// (*) In order to create a KeyFile, you can use the sn.exe (Strong Name) utility. +// When specifying the KeyFile, the location of the KeyFile should be +// relative to the project output directory which is +// %Project Directory%\obj\. For example, if your KeyFile is +// located in the project directory, you would specify the AssemblyKeyFile +// attribute as [assembly: AssemblyKeyFile("..\\..\\mykey.snk")] +// (*) Delay Signing is an advanced option - see the Microsoft .NET Framework +// documentation for more information on this. +// +[assembly: AssemblyDelaySign(false)] +#if STRONG_NAME +[assembly: AssemblyKeyFile(@"../BouncyCastle.snk")] +#endif + +[assembly: CLSCompliant(true)] +#if !PORTABLE +[assembly: ComVisible(false)] +#endif + +// Start with no permissions +//[assembly: PermissionSet(SecurityAction.RequestOptional, Unrestricted=false)] +//...and explicitly add those we need + +// see Org.BouncyCastle.Crypto.Encodings.Pkcs1Encoding.StrictLengthEnabledProperty +//[assembly: EnvironmentPermission(SecurityAction.RequestOptional, Read="Org.BouncyCastle.Pkcs1.Strict")] + +internal class AssemblyInfo +{ + private static string version = null; + + public static string Version + { + get + { + if (version == null) + { +#if PORTABLE +#if NEW_REFLECTION + var a = typeof(AssemblyInfo).GetTypeInfo().Assembly; + var c = a.GetCustomAttributes(typeof(AssemblyVersionAttribute)); +#else + var a = typeof(AssemblyInfo).Assembly; + var c = a.GetCustomAttributes(typeof(AssemblyVersionAttribute), false); +#endif + var v = (AssemblyVersionAttribute)c.FirstOrDefault(); + if (v != null) + { + version = v.Version; + } +#else + version = Assembly.GetExecutingAssembly().GetName().Version.ToString(); +#endif + + // if we're still here, then don't try again + if (version == null) + { + version = string.Empty; + } + } + + return version; + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/ASN1Generator.cs b/BouncyCastle/crypto/src/asn1/ASN1Generator.cs new file mode 100644 index 0000000..d064b80 --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/ASN1Generator.cs @@ -0,0 +1,29 @@ +using System.Collections; +using System.IO; + +namespace Org.BouncyCastle.Asn1 +{ + public abstract class Asn1Generator + { + private Stream _out; + + protected Asn1Generator( + Stream outStream) + { + _out = outStream; + } + + protected Stream Out + { + get { return _out; } + } + + public abstract void AddObject(Asn1Encodable obj); + + public abstract void AddObject(Asn1Object obj); + + public abstract Stream GetRawOutputStream(); + + public abstract void Close(); + } +} diff --git a/BouncyCastle/crypto/src/asn1/ASN1OctetStringParser.cs b/BouncyCastle/crypto/src/asn1/ASN1OctetStringParser.cs new file mode 100644 index 0000000..07a3ac9 --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/ASN1OctetStringParser.cs @@ -0,0 +1,13 @@ +using System; +using System.IO; + +namespace Org.BouncyCastle.Asn1 +{ + public interface Asn1OctetStringParser + : IAsn1Convertible + { + /// Return the content of the OCTET STRING as a . + /// A represnting the OCTET STRING's content. + Stream GetOctetStream(); + } +} diff --git a/BouncyCastle/crypto/src/asn1/ASN1SequenceParser.cs b/BouncyCastle/crypto/src/asn1/ASN1SequenceParser.cs new file mode 100644 index 0000000..9e88ac7 --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/ASN1SequenceParser.cs @@ -0,0 +1,8 @@ +namespace Org.BouncyCastle.Asn1 +{ + public interface Asn1SequenceParser + : IAsn1Convertible + { + IAsn1Convertible ReadObject(); + } +} diff --git a/BouncyCastle/crypto/src/asn1/ASN1SetParser.cs b/BouncyCastle/crypto/src/asn1/ASN1SetParser.cs new file mode 100644 index 0000000..d1b9c64 --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/ASN1SetParser.cs @@ -0,0 +1,8 @@ +namespace Org.BouncyCastle.Asn1 +{ + public interface Asn1SetParser + : IAsn1Convertible + { + IAsn1Convertible ReadObject(); + } +} diff --git a/BouncyCastle/crypto/src/asn1/ASN1StreamParser.cs b/BouncyCastle/crypto/src/asn1/ASN1StreamParser.cs new file mode 100644 index 0000000..3281310 --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/ASN1StreamParser.cs @@ -0,0 +1,256 @@ +using System; +using System.IO; + +namespace Org.BouncyCastle.Asn1 +{ + public class Asn1StreamParser + { + private readonly Stream _in; + private readonly int _limit; + + private readonly byte[][] tmpBuffers; + + public Asn1StreamParser(Stream input) + : this(input, Asn1InputStream.FindLimit(input)) + { + } + + public Asn1StreamParser(byte[] encoding) + : this(new MemoryStream(encoding, false), encoding.Length) + { + } + + public Asn1StreamParser(Stream input, int limit) + : this(input, limit, new byte[16][]) + { + } + + internal Asn1StreamParser(Stream input, int limit, byte[][] tmpBuffers) + { + if (!input.CanRead) + throw new ArgumentException("Expected stream to be readable", "input"); + + this._in = input; + this._limit = limit; + this.tmpBuffers = tmpBuffers; + } + + public virtual IAsn1Convertible ReadObject() + { + int tagHdr = _in.ReadByte(); + if (tagHdr < 0) + return null; + + return ImplParseObject(tagHdr); + } + + internal IAsn1Convertible ImplParseObject(int tagHdr) + { + // turn off looking for "00" while we resolve the tag + Set00Check(false); + + // + // calculate tag number + // + int tagNo = Asn1InputStream.ReadTagNumber(_in, tagHdr); + + // + // calculate length + // + int length = Asn1InputStream.ReadLength(_in, _limit, + tagNo == Asn1Tags.BitString || tagNo == Asn1Tags.OctetString || tagNo == Asn1Tags.Sequence || + tagNo == Asn1Tags.Set || tagNo == Asn1Tags.External); + + if (length < 0) // indefinite-length method + { + if (0 == (tagHdr & Asn1Tags.Constructed)) + throw new IOException("indefinite-length primitive encoding encountered"); + + IndefiniteLengthInputStream indIn = new IndefiniteLengthInputStream(_in, _limit); + Asn1StreamParser sp = new Asn1StreamParser(indIn, _limit, tmpBuffers); + + int tagClass = tagHdr & Asn1Tags.Private; + if (0 != tagClass) + { + if (Asn1Tags.Application == tagClass) + return new BerApplicationSpecificParser(tagNo, sp); + + return new BerTaggedObjectParser(tagClass, tagNo, sp); + } + + return sp.ParseImplicitConstructedIL(tagNo); + } + else + { + DefiniteLengthInputStream defIn = new DefiniteLengthInputStream(_in, length, _limit); + + if (0 == (tagHdr & Asn1Tags.Flags)) + return ParseImplicitPrimitive(tagNo, defIn); + + Asn1StreamParser sp = new Asn1StreamParser(defIn, defIn.Remaining, tmpBuffers); + + int tagClass = tagHdr & Asn1Tags.Private; + if (0 != tagClass) + { + bool isConstructed = (tagHdr & Asn1Tags.Constructed) != 0; + + // TODO[asn1] Special handling can be removed once ASN1ApplicationSpecific types removed. + if (Asn1Tags.Application == tagClass) + { + // This cast is ensuring the current user-expected return type. + return (DLApplicationSpecific)sp.LoadTaggedDL(tagClass, tagNo, isConstructed); + } + + return new DLTaggedObjectParser(tagClass, tagNo, isConstructed, sp); + } + + return sp.ParseImplicitConstructedDL(tagNo); + } + } + + internal Asn1Object LoadTaggedDL(int tagClass, int tagNo, bool constructed) + { + if (!constructed) + { + byte[] contentsOctets = ((DefiniteLengthInputStream)_in).ToArray(); + return Asn1TaggedObject.CreatePrimitive(tagClass, tagNo, contentsOctets); + } + + Asn1EncodableVector contentsElements = ReadVector(); + return Asn1TaggedObject.CreateConstructedDL(tagClass, tagNo, contentsElements); + } + + internal Asn1Object LoadTaggedIL(int tagClass, int tagNo) + { + Asn1EncodableVector contentsElements = ReadVector(); + return Asn1TaggedObject.CreateConstructedIL(tagClass, tagNo, contentsElements); + } + + internal IAsn1Convertible ParseImplicitConstructedDL(int univTagNo) + { + switch (univTagNo) + { + case Asn1Tags.BitString: + // TODO[asn1] DLConstructedBitStringParser + return new BerBitStringParser(this); + case Asn1Tags.External: + return new DerExternalParser(this); + case Asn1Tags.OctetString: + // TODO[asn1] DLConstructedOctetStringParser + return new BerOctetStringParser(this); + case Asn1Tags.Set: + return new DerSetParser(this); + case Asn1Tags.Sequence: + return new DerSequenceParser(this); + default: + throw new Asn1Exception("unknown DL object encountered: 0x" + univTagNo.ToString("X")); + } + } + + internal IAsn1Convertible ParseImplicitConstructedIL(int univTagNo) + { + switch (univTagNo) + { + case Asn1Tags.BitString: + return new BerBitStringParser(this); + case Asn1Tags.External: + // TODO[asn1] BERExternalParser + return new DerExternalParser(this); + case Asn1Tags.OctetString: + return new BerOctetStringParser(this); + case Asn1Tags.Sequence: + return new BerSequenceParser(this); + case Asn1Tags.Set: + return new BerSetParser(this); + default: + throw new Asn1Exception("unknown BER object encountered: 0x" + univTagNo.ToString("X")); + } + } + + internal IAsn1Convertible ParseImplicitPrimitive(int univTagNo) + { + return ParseImplicitPrimitive(univTagNo, (DefiniteLengthInputStream)_in); + } + + internal IAsn1Convertible ParseImplicitPrimitive(int univTagNo, DefiniteLengthInputStream defIn) + { + // Some primitive encodings can be handled by parsers too... + switch (univTagNo) + { + case Asn1Tags.BitString: + return new DLBitStringParser(defIn); + case Asn1Tags.External: + throw new Asn1Exception("externals must use constructed encoding (see X.690 8.18)"); + case Asn1Tags.OctetString: + return new DerOctetStringParser(defIn); + case Asn1Tags.Set: + throw new Asn1Exception("sequences must use constructed encoding (see X.690 8.9.1/8.10.1)"); + case Asn1Tags.Sequence: + throw new Asn1Exception("sets must use constructed encoding (see X.690 8.11.1/8.12.1)"); + } + + try + { + return Asn1InputStream.CreatePrimitiveDerObject(univTagNo, defIn, tmpBuffers); + } + catch (ArgumentException e) + { + throw new Asn1Exception("corrupted stream detected", e); + } + } + + internal IAsn1Convertible ParseObject(int univTagNo) + { + if (univTagNo < 0 || univTagNo > 30) + throw new ArgumentException("invalid universal tag number: " + univTagNo, "univTagNo"); + + int tagHdr = _in.ReadByte(); + if (tagHdr < 0) + return null; + + if ((tagHdr & ~Asn1Tags.Constructed) != univTagNo) + throw new IOException("unexpected identifier encountered: " + tagHdr); + + return ImplParseObject(tagHdr); + } + + internal Asn1TaggedObjectParser ParseTaggedObject() + { + int tagHdr = _in.ReadByte(); + if (tagHdr< 0) + return null; + + int tagClass = tagHdr & Asn1Tags.Private; + if (0 == tagClass) + throw new Asn1Exception("no tagged object found"); + + return (Asn1TaggedObjectParser)ImplParseObject(tagHdr); + } + + // TODO[asn1] Prefer 'LoadVector' + internal Asn1EncodableVector ReadVector() + { + int tagHdr = _in.ReadByte(); + if (tagHdr < 0) + return new Asn1EncodableVector(0); + + Asn1EncodableVector v = new Asn1EncodableVector(); + do + { + IAsn1Convertible obj = ImplParseObject(tagHdr); + + v.Add(obj.ToAsn1Object()); + } + while ((tagHdr = _in.ReadByte()) >= 0); + return v; + } + + private void Set00Check(bool enabled) + { + if (_in is IndefiniteLengthInputStream) + { + ((IndefiniteLengthInputStream)_in).SetEofOn00(enabled); + } + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/ASN1TaggedObjectParser.cs b/BouncyCastle/crypto/src/asn1/ASN1TaggedObjectParser.cs new file mode 100644 index 0000000..68b83f2 --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/ASN1TaggedObjectParser.cs @@ -0,0 +1,39 @@ +using System; +using System.IO; + +namespace Org.BouncyCastle.Asn1 +{ + public interface Asn1TaggedObjectParser + : IAsn1Convertible + { + int TagClass { get; } + + int TagNo { get; } + + bool HasContextTag(int tagNo); + + bool HasTag(int tagClass, int tagNo); + + /// + [Obsolete("Use 'Parse...' methods instead, after checking this parser's TagClass and TagNo")] + IAsn1Convertible GetObjectParser(int tag, bool isExplicit); + + /// + IAsn1Convertible ParseBaseUniversal(bool declaredExplicit, int baseTagNo); + + /// Needed for open types, until we have better type-guided parsing support. + /// + /// Use sparingly for other purposes, and prefer or + /// where possible. Before using, check for matching tag + /// class and number. + /// + /// + IAsn1Convertible ParseExplicitBaseObject(); + + /// + Asn1TaggedObjectParser ParseExplicitBaseTagged(); + + /// + Asn1TaggedObjectParser ParseImplicitBaseTagged(int baseTagClass, int baseTagNo); + } +} diff --git a/BouncyCastle/crypto/src/asn1/Asn1BitStringParser.cs b/BouncyCastle/crypto/src/asn1/Asn1BitStringParser.cs new file mode 100644 index 0000000..76af06d --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/Asn1BitStringParser.cs @@ -0,0 +1,32 @@ +using System; +using System.IO; + +namespace Org.BouncyCastle.Asn1 +{ + public interface Asn1BitStringParser + : IAsn1Convertible + { + /// Return a representing the contents of the BIT STRING. The final byte, if any, + /// may include pad bits. See . + /// A with its source as the BIT STRING content. + /// + Stream GetBitStream(); + + /// Return a representing the contents of the BIT STRING, where the content is + /// expected to be octet-aligned (this will be automatically checked during parsing). + /// A with its source as the BIT STRING content. + /// + Stream GetOctetStream(); + + /// Return the number of pad bits, if any, in the final byte, if any, read from + /// . + /// + /// This number is in the range zero to seven. That number of the least significant bits of the final byte, if + /// any, are not part of the contents and should be ignored. NOTE: Must be called AFTER the stream has been + /// fully processed. (Does not need to be called if was used instead of + /// . + /// + /// The number of pad bits. In the range zero to seven. + int PadBits { get; } + } +} diff --git a/BouncyCastle/crypto/src/asn1/Asn1Encodable.cs b/BouncyCastle/crypto/src/asn1/Asn1Encodable.cs new file mode 100644 index 0000000..15918af --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/Asn1Encodable.cs @@ -0,0 +1,76 @@ +using System.IO; + +namespace Org.BouncyCastle.Asn1 +{ + public abstract class Asn1Encodable + : IAsn1Convertible + { + public const string Der = "DER"; + public const string Ber = "BER"; + + public virtual void EncodeTo(Stream output) + { + ToAsn1Object().EncodeTo(output); + } + + public virtual void EncodeTo(Stream output, string encoding) + { + ToAsn1Object().EncodeTo(output, encoding); + } + + public byte[] GetEncoded() + { + MemoryStream bOut = new MemoryStream(); + ToAsn1Object().EncodeTo(bOut); + return bOut.ToArray(); + } + + public byte[] GetEncoded(string encoding) + { + MemoryStream bOut = new MemoryStream(); + ToAsn1Object().EncodeTo(bOut, encoding); + return bOut.ToArray(); + } + + /** + * Return the DER encoding of the object, null if the DER encoding can not be made. + * + * @return a DER byte array, null otherwise. + */ + public byte[] GetDerEncoded() + { + try + { + return GetEncoded(Der); + } + catch (IOException) + { + return null; + } + } + + public sealed override int GetHashCode() + { + return ToAsn1Object().CallAsn1GetHashCode(); + } + + public sealed override bool Equals( + object obj) + { + if (obj == this) + return true; + + IAsn1Convertible other = obj as IAsn1Convertible; + + if (other == null) + return false; + + Asn1Object o1 = ToAsn1Object(); + Asn1Object o2 = other.ToAsn1Object(); + + return o1 == o2 || (null != o2 && o1.CallAsn1Equals(o2)); + } + + public abstract Asn1Object ToAsn1Object(); + } +} diff --git a/BouncyCastle/crypto/src/asn1/Asn1EncodableVector.cs b/BouncyCastle/crypto/src/asn1/Asn1EncodableVector.cs new file mode 100644 index 0000000..987aa52 --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/Asn1EncodableVector.cs @@ -0,0 +1,191 @@ +using System; +using System.Collections; + +namespace Org.BouncyCastle.Asn1 +{ + /** + * Mutable class for building ASN.1 constructed objects such as SETs or SEQUENCEs. + */ + public class Asn1EncodableVector + : IEnumerable + { + internal static readonly Asn1Encodable[] EmptyElements = new Asn1Encodable[0]; + + private const int DefaultCapacity = 10; + + private Asn1Encodable[] elements; + private int elementCount; + private bool copyOnWrite; + + public static Asn1EncodableVector FromEnumerable(IEnumerable e) + { + Asn1EncodableVector v = new Asn1EncodableVector(); + foreach (Asn1Encodable obj in e) + { + v.Add(obj); + } + return v; + } + + public Asn1EncodableVector() + : this(DefaultCapacity) + { + } + + public Asn1EncodableVector(int initialCapacity) + { + if (initialCapacity < 0) + throw new ArgumentException("must not be negative", "initialCapacity"); + + this.elements = (initialCapacity == 0) ? EmptyElements : new Asn1Encodable[initialCapacity]; + this.elementCount = 0; + this.copyOnWrite = false; + } + + public Asn1EncodableVector(params Asn1Encodable[] v) + : this() + { + Add(v); + } + + public void Add(Asn1Encodable element) + { + if (null == element) + throw new ArgumentNullException("element"); + + int capacity = elements.Length; + int minCapacity = elementCount + 1; + if ((minCapacity > capacity) | copyOnWrite) + { + Reallocate(minCapacity); + } + + this.elements[elementCount] = element; + this.elementCount = minCapacity; + } + + public void Add(params Asn1Encodable[] objs) + { + foreach (Asn1Encodable obj in objs) + { + Add(obj); + } + } + + public void AddOptional(params Asn1Encodable[] objs) + { + if (objs != null) + { + foreach (Asn1Encodable obj in objs) + { + if (obj != null) + { + Add(obj); + } + } + } + } + + public void AddOptionalTagged(bool isExplicit, int tagNo, Asn1Encodable obj) + { + if (null != obj) + { + Add(new DerTaggedObject(isExplicit, tagNo, obj)); + } + } + + public void AddAll(Asn1EncodableVector other) + { + if (null == other) + throw new ArgumentNullException("other"); + + int otherElementCount = other.Count; + if (otherElementCount < 1) + return; + + int capacity = elements.Length; + int minCapacity = elementCount + otherElementCount; + if ((minCapacity > capacity) | copyOnWrite) + { + Reallocate(minCapacity); + } + + int i = 0; + do + { + Asn1Encodable otherElement = other[i]; + if (null == otherElement) + throw new NullReferenceException("'other' elements cannot be null"); + + this.elements[elementCount + i] = otherElement; + } + while (++i < otherElementCount); + + this.elementCount = minCapacity; + } + + public Asn1Encodable this[int index] + { + get + { + if (index >= elementCount) + throw new IndexOutOfRangeException(index + " >= " + elementCount); + + return elements[index]; + } + } + + public int Count + { + get { return elementCount; } + } + + public IEnumerator GetEnumerator() + { + return CopyElements().GetEnumerator(); + } + + internal Asn1Encodable[] CopyElements() + { + if (0 == elementCount) + return EmptyElements; + + Asn1Encodable[] copy = new Asn1Encodable[elementCount]; + Array.Copy(elements, 0, copy, 0, elementCount); + return copy; + } + + internal Asn1Encodable[] TakeElements() + { + if (0 == elementCount) + return EmptyElements; + + if (elements.Length == elementCount) + { + this.copyOnWrite = true; + return elements; + } + + Asn1Encodable[] copy = new Asn1Encodable[elementCount]; + Array.Copy(elements, 0, copy, 0, elementCount); + return copy; + } + + private void Reallocate(int minCapacity) + { + int oldCapacity = elements.Length; + int newCapacity = System.Math.Max(oldCapacity, minCapacity + (minCapacity >> 1)); + + Asn1Encodable[] copy = new Asn1Encodable[newCapacity]; + Array.Copy(elements, 0, copy, 0, elementCount); + + this.elements = copy; + this.copyOnWrite = false; + } + + internal static Asn1Encodable[] CloneElements(Asn1Encodable[] elements) + { + return elements.Length < 1 ? EmptyElements : (Asn1Encodable[])elements.Clone(); + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/Asn1Exception.cs b/BouncyCastle/crypto/src/asn1/Asn1Exception.cs new file mode 100644 index 0000000..1dfe173 --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/Asn1Exception.cs @@ -0,0 +1,30 @@ +using System; +using System.IO; + +namespace Org.BouncyCastle.Asn1 +{ +#if !(NETCF_1_0 || NETCF_2_0 || SILVERLIGHT || PORTABLE) + [Serializable] +#endif + public class Asn1Exception + : IOException + { + public Asn1Exception() + : base() + { + } + + public Asn1Exception( + string message) + : base(message) + { + } + + public Asn1Exception( + string message, + Exception exception) + : base(message, exception) + { + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/Asn1InputStream.cs b/BouncyCastle/crypto/src/asn1/Asn1InputStream.cs new file mode 100644 index 0000000..33e7b0e --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/Asn1InputStream.cs @@ -0,0 +1,463 @@ +using System; +using System.IO; + +using Org.BouncyCastle.Utilities; +using Org.BouncyCastle.Utilities.IO; + +namespace Org.BouncyCastle.Asn1 +{ + /** + * a general purpose ASN.1 decoder - note: this class differs from the + * others in that it returns null after it has read the last object in + * the stream. If an ASN.1 Null is encountered a Der/BER Null object is + * returned. + */ + public class Asn1InputStream + : FilterStream + { + private readonly int limit; + + internal readonly byte[][] tmpBuffers; + + internal static int FindLimit(Stream input) + { + if (input is LimitedInputStream) + return ((LimitedInputStream)input).Limit; + + if (input is Asn1InputStream) + return ((Asn1InputStream)input).Limit; + + if (input is MemoryStream) + { + MemoryStream mem = (MemoryStream)input; + return (int)(mem.Length - mem.Position); + } + + return int.MaxValue; + } + + public Asn1InputStream(Stream input) + : this(input, FindLimit(input)) + { + } + + /** + * Create an ASN1InputStream based on the input byte array. The length of DER objects in + * the stream is automatically limited to the length of the input array. + * + * @param input array containing ASN.1 encoded data. + */ + public Asn1InputStream(byte[] input) + : this(new MemoryStream(input, false), input.Length) + { + } + + /** + * Create an ASN1InputStream where no DER object will be longer than limit. + * + * @param input stream containing ASN.1 encoded data. + * @param limit maximum size of a DER encoded object. + */ + public Asn1InputStream(Stream input, int limit) + : this(input, limit, new byte[16][]) + { + } + + internal Asn1InputStream(Stream input, int limit, byte[][] tmpBuffers) + : base(input) + { + this.limit = limit; + this.tmpBuffers = tmpBuffers; + } + + /** + * build an object given its tag and the number of bytes to construct it from. + */ + private Asn1Object BuildObject(int tagHdr, int tagNo, int length) + { + // TODO[asn1] Special-case zero length first? + + DefiniteLengthInputStream defIn = new DefiniteLengthInputStream(s, length, limit); + + if (0 == (tagHdr & Asn1Tags.Flags)) + return CreatePrimitiveDerObject(tagNo, defIn, tmpBuffers); + + int tagClass = tagHdr & Asn1Tags.Private; + if (0 != tagClass) + { + bool isConstructed = (tagHdr & Asn1Tags.Constructed) != 0; + return ReadTaggedObjectDL(tagClass, tagNo, isConstructed, defIn); + } + + switch (tagNo) + { + case Asn1Tags.BitString: + return BuildConstructedBitString(ReadVector(defIn)); + case Asn1Tags.OctetString: + return BuildConstructedOctetString(ReadVector(defIn)); + case Asn1Tags.Sequence: + return CreateDLSequence(defIn); + case Asn1Tags.Set: + return CreateDLSet(defIn); + case Asn1Tags.External: + return DLSequence.FromVector(ReadVector(defIn)).ToAsn1External(); + default: + throw new IOException("unknown tag " + tagNo + " encountered"); + } + } + + internal Asn1Object ReadTaggedObjectDL(int tagClass, int tagNo, bool constructed, DefiniteLengthInputStream defIn) + { + if (!constructed) + { + byte[] contentsOctets = defIn.ToArray(); + return Asn1TaggedObject.CreatePrimitive(tagClass, tagNo, contentsOctets); + } + + Asn1EncodableVector contentsElements = ReadVector(defIn); + return Asn1TaggedObject.CreateConstructedDL(tagClass, tagNo, contentsElements); + } + + internal virtual Asn1EncodableVector ReadVector() + { + Asn1Object o = ReadObject(); + if (null == o) + return new Asn1EncodableVector(0); + + Asn1EncodableVector v = new Asn1EncodableVector(); + do + { + v.Add(o); + } + while ((o = ReadObject()) != null); + return v; + } + + internal virtual Asn1EncodableVector ReadVector(DefiniteLengthInputStream defIn) + { + int remaining = defIn.Remaining; + if (remaining < 1) + return new Asn1EncodableVector(0); + + return new Asn1InputStream(defIn, remaining, tmpBuffers).ReadVector(); + } + + internal virtual Asn1Sequence CreateDLSequence(DefiniteLengthInputStream defIn) + { + return DLSequence.FromVector(ReadVector(defIn)); + } + + internal virtual Asn1Set CreateDLSet(DefiniteLengthInputStream defIn) + { + return DLSet.FromVector(ReadVector(defIn)); + } + + public Asn1Object ReadObject() + { + int tagHdr = s.ReadByte(); + if (tagHdr <= 0) + { + if (tagHdr == 0) + throw new IOException("unexpected end-of-contents marker"); + + return null; + } + + int tagNo = ReadTagNumber(s, tagHdr); + int length = ReadLength(s, limit, false); + + if (length >= 0) + { + // definite-length + try + { + return BuildObject(tagHdr, tagNo, length); + } + catch (ArgumentException e) + { + throw new Asn1Exception("corrupted stream detected", e); + } + } + + // indefinite-length + + if (0 == (tagHdr & Asn1Tags.Constructed)) + throw new IOException("indefinite-length primitive encoding encountered"); + + IndefiniteLengthInputStream indIn = new IndefiniteLengthInputStream(s, limit); + Asn1StreamParser sp = new Asn1StreamParser(indIn, limit, tmpBuffers); + + int tagClass = tagHdr & Asn1Tags.Private; + if (0 != tagClass) + return sp.LoadTaggedIL(tagClass, tagNo); + + switch (tagNo) + { + case Asn1Tags.BitString: + return BerBitStringParser.Parse(sp); + case Asn1Tags.OctetString: + return BerOctetStringParser.Parse(sp); + case Asn1Tags.Sequence: + return BerSequenceParser.Parse(sp); + case Asn1Tags.Set: + return BerSetParser.Parse(sp); + case Asn1Tags.External: + // TODO[asn1] BerExternalParser + return DerExternalParser.Parse(sp); + default: + throw new IOException("unknown BER object encountered"); + } + } + + internal virtual DerBitString BuildConstructedBitString(Asn1EncodableVector contentsElements) + { + DerBitString[] bitStrings = new DerBitString[contentsElements.Count]; + + for (int i = 0; i != bitStrings.Length; i++) + { + DerBitString bitString = contentsElements[i] as DerBitString; + if (null == bitString) + throw new Asn1Exception("unknown object encountered in constructed BIT STRING: " + + Platform.GetTypeName(contentsElements[i])); + + bitStrings[i] = bitString; + } + + return new DLBitString(BerBitString.FlattenBitStrings(bitStrings), false); + } + + internal virtual Asn1OctetString BuildConstructedOctetString(Asn1EncodableVector contentsElements) + { + Asn1OctetString[] octetStrings = new Asn1OctetString[contentsElements.Count]; + + for (int i = 0; i != octetStrings.Length; i++) + { + Asn1OctetString octetString = contentsElements[i] as Asn1OctetString; + if (null == octetString) + throw new Asn1Exception("unknown object encountered in constructed OCTET STRING: " + + Platform.GetTypeName(contentsElements[i])); + + octetStrings[i] = octetString; + } + + // Note: No DLOctetString available + return new DerOctetString(BerOctetString.FlattenOctetStrings(octetStrings)); + } + + internal virtual int Limit + { + get { return limit; } + } + + internal static int ReadTagNumber(Stream s, int tagHdr) + { + int tagNo = tagHdr & 0x1f; + + // + // with tagged object tag number is bottom 5 bits, or stored at the start of the content + // + if (tagNo == 0x1f) + { + int b = s.ReadByte(); + if (b < 31) + { + if (b < 0) + throw new EndOfStreamException("EOF found inside tag value."); + + throw new IOException("corrupted stream - high tag number < 31 found"); + } + + tagNo = b & 0x7f; + + // X.690-0207 8.1.2.4.2 + // "c) bits 7 to 1 of the first subsequent octet shall not all be zero." + if (0 == tagNo) + throw new IOException("corrupted stream - invalid high tag number found"); + + while ((b & 0x80) != 0) + { + if (((uint)tagNo >> 24) != 0U) + throw new IOException("Tag number more than 31 bits"); + + tagNo <<= 7; + + b = s.ReadByte(); + if (b < 0) + throw new EndOfStreamException("EOF found inside tag value."); + + tagNo |= b & 0x7f; + } + } + + return tagNo; + } + + internal static int ReadLength(Stream s, int limit, bool isParsing) + { + int length = s.ReadByte(); + if (0U == ((uint)length >> 7)) + { + // definite-length short form + return length; + } + if (0x80 == length) + { + // indefinite-length + return -1; + } + if (length < 0) + { + throw new EndOfStreamException("EOF found when length expected"); + } + if (0xFF == length) + { + throw new IOException("invalid long form definite-length 0xFF"); + } + + int octetsCount = length & 0x7F, octetsPos = 0; + + length = 0; + do + { + int octet = s.ReadByte(); + if (octet < 0) + throw new EndOfStreamException("EOF found reading length"); + + if (((uint)length >> 23) != 0U) + throw new IOException("long form definite-length more than 31 bits"); + + length = (length << 8) + octet; + } + while (++octetsPos < octetsCount); + + if (length >= limit && !isParsing) // after all we must have read at least 1 byte + throw new IOException("corrupted stream - out of bounds length found: " + length + " >= " + limit); + + return length; + } + + private static byte[] GetBuffer(DefiniteLengthInputStream defIn, byte[][] tmpBuffers) + { + int len = defIn.Remaining; + if (len >= tmpBuffers.Length) + { + return defIn.ToArray(); + } + + byte[] buf = tmpBuffers[len]; + if (buf == null) + { + buf = tmpBuffers[len] = new byte[len]; + } + + defIn.ReadAllIntoByteArray(buf); + + return buf; + } + + private static char[] GetBmpCharBuffer(DefiniteLengthInputStream defIn) + { + int remainingBytes = defIn.Remaining; + if (0 != (remainingBytes & 1)) + throw new IOException("malformed BMPString encoding encountered"); + + char[] str = new char[remainingBytes / 2]; + int stringPos = 0; + + byte[] buf = new byte[8]; + while (remainingBytes >= 8) + { + if (Streams.ReadFully(defIn, buf, 0, 8) != 8) + throw new EndOfStreamException("EOF encountered in middle of BMPString"); + + str[stringPos ] = (char)((buf[0] << 8) | (buf[1] & 0xFF)); + str[stringPos + 1] = (char)((buf[2] << 8) | (buf[3] & 0xFF)); + str[stringPos + 2] = (char)((buf[4] << 8) | (buf[5] & 0xFF)); + str[stringPos + 3] = (char)((buf[6] << 8) | (buf[7] & 0xFF)); + stringPos += 4; + remainingBytes -= 8; + } + if (remainingBytes > 0) + { + if (Streams.ReadFully(defIn, buf, 0, remainingBytes) != remainingBytes) + throw new EndOfStreamException("EOF encountered in middle of BMPString"); + + int bufPos = 0; + do + { + int b1 = buf[bufPos++] << 8; + int b2 = buf[bufPos++] & 0xFF; + str[stringPos++] = (char)(b1 | b2); + } + while (bufPos < remainingBytes); + } + + if (0 != defIn.Remaining || str.Length != stringPos) + throw new InvalidOperationException(); + + return str; + } + + internal static Asn1Object CreatePrimitiveDerObject(int tagNo, DefiniteLengthInputStream defIn, + byte[][] tmpBuffers) + { + switch (tagNo) + { + case Asn1Tags.BmpString: + return DerBmpString.CreatePrimitive(GetBmpCharBuffer(defIn)); + case Asn1Tags.Boolean: + return DerBoolean.CreatePrimitive(GetBuffer(defIn, tmpBuffers)); + case Asn1Tags.Enumerated: + // TODO Ideally only clone if we used a buffer + return DerEnumerated.CreatePrimitive(GetBuffer(defIn, tmpBuffers), true); + case Asn1Tags.ObjectIdentifier: + // TODO Ideally only clone if we used a buffer + return DerObjectIdentifier.CreatePrimitive(GetBuffer(defIn, tmpBuffers), true); + } + + byte[] bytes = defIn.ToArray(); + + switch (tagNo) + { + case Asn1Tags.BitString: + return DerBitString.CreatePrimitive(bytes); + case Asn1Tags.GeneralizedTime: + return DerGeneralizedTime.CreatePrimitive(bytes); + case Asn1Tags.GeneralString: + return DerGeneralString.CreatePrimitive(bytes); + case Asn1Tags.GraphicString: + return DerGraphicString.CreatePrimitive(bytes); + case Asn1Tags.IA5String: + return DerIA5String.CreatePrimitive(bytes); + case Asn1Tags.Integer: + return DerInteger.CreatePrimitive(bytes); + case Asn1Tags.Null: + return Asn1Null.CreatePrimitive(bytes); + case Asn1Tags.NumericString: + return DerNumericString.CreatePrimitive(bytes); + case Asn1Tags.ObjectDescriptor: + return Asn1ObjectDescriptor.CreatePrimitive(bytes); + case Asn1Tags.OctetString: + return Asn1OctetString.CreatePrimitive(bytes); + case Asn1Tags.PrintableString: + return DerPrintableString.CreatePrimitive(bytes); + case Asn1Tags.RelativeOid: + return Asn1RelativeOid.CreatePrimitive(bytes, false); + case Asn1Tags.T61String: + return DerT61String.CreatePrimitive(bytes); + case Asn1Tags.UniversalString: + return DerUniversalString.CreatePrimitive(bytes); + case Asn1Tags.UtcTime: + return DerUtcTime.CreatePrimitive(bytes); + case Asn1Tags.Utf8String: + return DerUtf8String.CreatePrimitive(bytes); + case Asn1Tags.VideotexString: + return DerVideotexString.CreatePrimitive(bytes); + case Asn1Tags.VisibleString: + return DerVisibleString.CreatePrimitive(bytes); + default: + throw new IOException("unknown tag " + tagNo + " encountered"); + } + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/Asn1Null.cs b/BouncyCastle/crypto/src/asn1/Asn1Null.cs new file mode 100644 index 0000000..9ea9b43 --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/Asn1Null.cs @@ -0,0 +1,75 @@ +using System; +using System.IO; + +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Asn1 +{ + /** + * A Null object. + */ + public abstract class Asn1Null + : Asn1Object + { + internal class Meta : Asn1UniversalType + { + internal static readonly Asn1UniversalType Instance = new Meta(); + + private Meta() : base(typeof(Asn1Null), Asn1Tags.Null) {} + + internal override Asn1Object FromImplicitPrimitive(DerOctetString octetString) + { + return CreatePrimitive(octetString.GetOctets()); + } + } + + public static Asn1Null GetInstance(object obj) + { + if (obj == null || obj is Asn1Null) + { + return (Asn1Null)obj; + } + else if (obj is IAsn1Convertible) + { + Asn1Object asn1Object = ((IAsn1Convertible)obj).ToAsn1Object(); + if (asn1Object is Asn1Null) + return (Asn1Null)asn1Object; + } + else if (obj is byte[]) + { + try + { + return (Asn1Null)Meta.Instance.FromByteArray((byte[])obj); + } + catch (IOException e) + { + throw new ArgumentException("failed to construct NULL from byte[]: " + e.Message); + } + } + + throw new ArgumentException("illegal object in GetInstance: " + Platform.GetTypeName(obj)); + } + + public static Asn1Null GetInstance(Asn1TaggedObject taggedObject, bool declaredExplicit) + { + return (Asn1Null)Meta.Instance.GetContextInstance(taggedObject, declaredExplicit); + } + + internal Asn1Null() + { + } + + public override string ToString() + { + return "NULL"; + } + + internal static Asn1Null CreatePrimitive(byte[] contents) + { + if (0 != contents.Length) + throw new InvalidOperationException("malformed NULL encoding encountered"); + + return DerNull.Instance; + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/Asn1Object.cs b/BouncyCastle/crypto/src/asn1/Asn1Object.cs new file mode 100644 index 0000000..0cf8905 --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/Asn1Object.cs @@ -0,0 +1,91 @@ +using System; +using System.IO; + +namespace Org.BouncyCastle.Asn1 +{ + public abstract class Asn1Object + : Asn1Encodable + { + public override void EncodeTo(Stream output) + { + Asn1OutputStream asn1Out = Asn1OutputStream.Create(output); + GetEncoding(asn1Out.Encoding).Encode(asn1Out); + asn1Out.FlushInternal(); + } + + public override void EncodeTo(Stream output, string encoding) + { + Asn1OutputStream asn1Out = Asn1OutputStream.Create(output, encoding); + GetEncoding(asn1Out.Encoding).Encode(asn1Out); + asn1Out.FlushInternal(); + } + + public bool Equals(Asn1Object other) + { + return this == other || Asn1Equals(other); + } + + /// Create a base ASN.1 object from a byte array. + /// The byte array to parse. + /// The base ASN.1 object represented by the byte array. + /// + /// If there is a problem parsing the data, or parsing an object did not exhaust the available data. + /// + public static Asn1Object FromByteArray( + byte[] data) + { + try + { + MemoryStream input = new MemoryStream(data, false); + Asn1InputStream asn1 = new Asn1InputStream(input, data.Length); + Asn1Object result = asn1.ReadObject(); + if (input.Position != input.Length) + throw new IOException("extra data found after object"); + return result; + } + catch (InvalidCastException) + { + throw new IOException("cannot recognise object in byte array"); + } + } + + /// Read a base ASN.1 object from a stream. + /// The stream to parse. + /// The base ASN.1 object represented by the byte array. + /// If there is a problem parsing the data. + public static Asn1Object FromStream( + Stream inStr) + { + try + { + return new Asn1InputStream(inStr).ReadObject(); + } + catch (InvalidCastException) + { + throw new IOException("cannot recognise object in stream"); + } + } + + public sealed override Asn1Object ToAsn1Object() + { + return this; + } + + internal abstract IAsn1Encoding GetEncoding(int encoding); + + internal abstract IAsn1Encoding GetEncodingImplicit(int encoding, int tagClass, int tagNo); + + protected abstract bool Asn1Equals(Asn1Object asn1Object); + protected abstract int Asn1GetHashCode(); + + internal bool CallAsn1Equals(Asn1Object obj) + { + return Asn1Equals(obj); + } + + internal int CallAsn1GetHashCode() + { + return Asn1GetHashCode(); + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/Asn1ObjectDescriptor.cs b/BouncyCastle/crypto/src/asn1/Asn1ObjectDescriptor.cs new file mode 100644 index 0000000..9c99f44 --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/Asn1ObjectDescriptor.cs @@ -0,0 +1,119 @@ +using System; +using System.IO; + +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Asn1 +{ + public sealed class Asn1ObjectDescriptor + : Asn1Object + { + internal class Meta : Asn1UniversalType + { + internal static readonly Asn1UniversalType Instance = new Meta(); + + private Meta() : base(typeof(Asn1ObjectDescriptor), Asn1Tags.ObjectDescriptor) {} + + internal override Asn1Object FromImplicitPrimitive(DerOctetString octetString) + { + return new Asn1ObjectDescriptor( + (DerGraphicString)DerGraphicString.Meta.Instance.FromImplicitPrimitive(octetString)); + } + + internal override Asn1Object FromImplicitConstructed(Asn1Sequence sequence) + { + return new Asn1ObjectDescriptor( + (DerGraphicString)DerGraphicString.Meta.Instance.FromImplicitConstructed(sequence)); + } + } + + /** + * Return an ObjectDescriptor from the passed in object. + * + * @param obj an ASN1ObjectDescriptor or an object that can be converted into one. + * @exception IllegalArgumentException if the object cannot be converted. + * @return an ASN1ObjectDescriptor instance, or null. + */ + public static Asn1ObjectDescriptor GetInstance(object obj) + { + if (obj == null || obj is Asn1ObjectDescriptor) + { + return (Asn1ObjectDescriptor)obj; + } + else if (obj is IAsn1Convertible) + { + Asn1Object asn1Object = ((IAsn1Convertible)obj).ToAsn1Object(); + if (asn1Object is Asn1ObjectDescriptor) + return (Asn1ObjectDescriptor)asn1Object; + } + else if (obj is byte[]) + { + try + { + return (Asn1ObjectDescriptor)Meta.Instance.FromByteArray((byte[])obj); + } + catch (IOException e) + { + throw new ArgumentException("failed to construct object descriptor from byte[]: " + e.Message); + } + } + + throw new ArgumentException("illegal object in GetInstance: " + Platform.GetTypeName(obj), "obj"); + } + + /** + * Return an ObjectDescriptor from a tagged object. + * + * @param taggedObject the tagged object holding the object we want. + * @param declaredExplicit true if the object is meant to be explicitly tagged, false otherwise. + * @exception IllegalArgumentException if the tagged object cannot be converted. + * @return an ASN1ObjectDescriptor instance, or null. + */ + public static Asn1ObjectDescriptor GetInstance(Asn1TaggedObject taggedObject, bool declaredExplicit) + { + return (Asn1ObjectDescriptor)Meta.Instance.GetContextInstance(taggedObject, declaredExplicit); + } + + private readonly DerGraphicString m_baseGraphicString; + + public Asn1ObjectDescriptor(DerGraphicString baseGraphicString) + { + if (null == baseGraphicString) + throw new ArgumentNullException("baseGraphicString"); + + this.m_baseGraphicString = baseGraphicString; + } + + public DerGraphicString BaseGraphicString + { + get { return m_baseGraphicString; } + } + + internal override IAsn1Encoding GetEncoding(int encoding) + { + return m_baseGraphicString.GetEncodingImplicit(encoding, Asn1Tags.Universal, Asn1Tags.ObjectDescriptor); + } + + internal override IAsn1Encoding GetEncodingImplicit(int encoding, int tagClass, int tagNo) + { + return m_baseGraphicString.GetEncodingImplicit(encoding, tagClass, tagNo); + } + + protected override int Asn1GetHashCode() + { + return ~m_baseGraphicString.CallAsn1GetHashCode(); + } + + protected override bool Asn1Equals(Asn1Object asn1Object) + { + Asn1ObjectDescriptor that = asn1Object as Asn1ObjectDescriptor; + return null != that + && this.m_baseGraphicString.Equals(that.m_baseGraphicString); + } + + internal static Asn1ObjectDescriptor CreatePrimitive(byte[] contents) + { + return new Asn1ObjectDescriptor(DerGraphicString.CreatePrimitive(contents)); + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/Asn1OctetString.cs b/BouncyCastle/crypto/src/asn1/Asn1OctetString.cs new file mode 100644 index 0000000..d346861 --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/Asn1OctetString.cs @@ -0,0 +1,131 @@ +using System; +using System.IO; + +using Org.BouncyCastle.Utilities; +using Org.BouncyCastle.Utilities.Encoders; + +namespace Org.BouncyCastle.Asn1 +{ + public abstract class Asn1OctetString + : Asn1Object, Asn1OctetStringParser + { + internal class Meta : Asn1UniversalType + { + internal static readonly Asn1UniversalType Instance = new Meta(); + + private Meta() : base(typeof(Asn1OctetString), Asn1Tags.OctetString) {} + + internal override Asn1Object FromImplicitPrimitive(DerOctetString octetString) + { + return octetString; + } + + internal override Asn1Object FromImplicitConstructed(Asn1Sequence sequence) + { + return sequence.ToAsn1OctetString(); + } + } + + internal static readonly byte[] EmptyOctets = new byte[0]; + + /** + * return an Octet string from the given object. + * + * @param obj the object we want converted. + * @exception ArgumentException if the object cannot be converted. + */ + public static Asn1OctetString GetInstance(object obj) + { + if (obj == null || obj is Asn1OctetString) + { + return (Asn1OctetString)obj; + } + //else if (obj is Asn1OctetStringParser) + else if (obj is IAsn1Convertible) + { + Asn1Object asn1Object = ((IAsn1Convertible)obj).ToAsn1Object(); + if (asn1Object is Asn1OctetString) + return (Asn1OctetString)asn1Object; + } + else if (obj is byte[]) + { + try + { + return (Asn1OctetString)Meta.Instance.FromByteArray((byte[])obj); + } + catch (IOException e) + { + throw new ArgumentException("failed to construct OCTET STRING from byte[]: " + e.Message); + } + } + + throw new ArgumentException("illegal object in GetInstance: " + Platform.GetTypeName(obj), "obj"); + } + + /** + * return an octet string from a tagged object. + * + * @param taggedObject the tagged object holding the object we want. + * @param declaredExplicit true if the object is meant to be explicitly tagged false otherwise. + * @exception ArgumentException if the tagged object cannot be converted. + */ + public static Asn1OctetString GetInstance(Asn1TaggedObject taggedObject, bool declaredExplicit) + { + return (Asn1OctetString)Meta.Instance.GetContextInstance(taggedObject, declaredExplicit); + } + + internal readonly byte[] contents; + + /** + * @param string the octets making up the octet string. + */ + internal Asn1OctetString(byte[] contents) + { + if (null == contents) + throw new ArgumentNullException("contents"); + + this.contents = contents; + } + + public Stream GetOctetStream() + { + return new MemoryStream(contents, false); + } + + public Asn1OctetStringParser Parser + { + get { return this; } + } + + public virtual byte[] GetOctets() + { + return contents; + } + + protected override int Asn1GetHashCode() + { + return Arrays.GetHashCode(GetOctets()); + } + + protected override bool Asn1Equals( + Asn1Object asn1Object) + { + DerOctetString other = asn1Object as DerOctetString; + + if (other == null) + return false; + + return Arrays.AreEqual(GetOctets(), other.GetOctets()); + } + + public override string ToString() + { + return "#" + Hex.ToHexString(contents); + } + + internal static Asn1OctetString CreatePrimitive(byte[] contents) + { + return new DerOctetString(contents); + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/Asn1OutputStream.cs b/BouncyCastle/crypto/src/asn1/Asn1OutputStream.cs new file mode 100644 index 0000000..096b569 --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/Asn1OutputStream.cs @@ -0,0 +1,165 @@ +using System; +using System.IO; + +namespace Org.BouncyCastle.Asn1 +{ + public class Asn1OutputStream + : DerOutputStream + { + internal const int EncodingBer = 1; + internal const int EncodingDer = 2; + + public static Asn1OutputStream Create(Stream output) + { + return new Asn1OutputStream(output); + } + + public static Asn1OutputStream Create(Stream output, string encoding) + { + if (Asn1Encodable.Der.Equals(encoding)) + { + return new DerOutputStreamNew(output); + } + else + { + return new Asn1OutputStream(output); + } + } + + [Obsolete("Use static Create method(s)")] + public Asn1OutputStream(Stream os) + : base(os) + { + } + + public override void WriteObject(Asn1Encodable asn1Encodable) + { + if (null == asn1Encodable) + throw new ArgumentNullException("asn1Encodable"); + + asn1Encodable.ToAsn1Object().GetEncoding(this.Encoding).Encode(this); + FlushInternal(); + } + + public override void WriteObject(Asn1Object asn1Object) + { + if (null == asn1Object) + throw new ArgumentNullException("asn1Object"); + + asn1Object.GetEncoding(this.Encoding).Encode(this); + FlushInternal(); + } + + internal void EncodeContents(IAsn1Encoding[] contentsEncodings) + { + for (int i = 0, count = contentsEncodings.Length; i < count; ++i) + { + contentsEncodings[i].Encode(this); + } + } + + internal virtual int Encoding + { + get { return EncodingBer; } + } + + internal void FlushInternal() + { + // Placeholder to support future internal buffering + } + + internal void WriteDL(int dl) + { + if (dl < 128) + { + WriteByte((byte)dl); + return; + } + + byte[] stack = new byte[5]; + int pos = stack.Length; + + do + { + stack[--pos] = (byte)dl; + dl >>= 8; + } + while (dl > 0); + + int count = stack.Length - pos; + stack[--pos] = (byte)(0x80 | count); + + Write(stack, pos, count + 1); + } + + internal void WriteIdentifier(int tagClass, int tagNo) + { + if (tagNo < 31) + { + WriteByte((byte)(tagClass | tagNo)); + return; + } + + byte[] stack = new byte[6]; + int pos = stack.Length; + + stack[--pos] = (byte)(tagNo & 0x7F); + while (tagNo > 127) + { + tagNo >>= 7; + stack[--pos] = (byte)(tagNo & 0x7F | 0x80); + } + + stack[--pos] = (byte)(tagClass | 0x1F); + + Write(stack, pos, stack.Length - pos); + } + + internal static IAsn1Encoding[] GetContentsEncodings(int encoding, Asn1Encodable[] elements) + { + int count = elements.Length; + IAsn1Encoding[] contentsEncodings = new IAsn1Encoding[count]; + for (int i = 0; i < count; ++i) + { + contentsEncodings[i] = elements[i].ToAsn1Object().GetEncoding(encoding); + } + return contentsEncodings; + } + + internal static int GetLengthOfContents(IAsn1Encoding[] contentsEncodings) + { + int contentsLength = 0; + for (int i = 0, count = contentsEncodings.Length; i < count; ++i) + { + contentsLength += contentsEncodings[i].GetLength(); + } + return contentsLength; + } + + internal static int GetLengthOfDL(int dl) + { + if (dl < 128) + return 1; + + int length = 2; + while ((dl >>= 8) > 0) + { + ++length; + } + return length; + } + + internal static int GetLengthOfIdentifier(int tagNo) + { + if (tagNo < 31) + return 1; + + int length = 2; + while ((tagNo >>= 7) > 0) + { + ++length; + } + return length; + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/Asn1ParsingException.cs b/BouncyCastle/crypto/src/asn1/Asn1ParsingException.cs new file mode 100644 index 0000000..84cdb78 --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/Asn1ParsingException.cs @@ -0,0 +1,29 @@ +using System; + +namespace Org.BouncyCastle.Asn1 +{ +#if !(NETCF_1_0 || NETCF_2_0 || SILVERLIGHT || PORTABLE) + [Serializable] +#endif + public class Asn1ParsingException + : InvalidOperationException + { + public Asn1ParsingException() + : base() + { + } + + public Asn1ParsingException( + string message) + : base(message) + { + } + + public Asn1ParsingException( + string message, + Exception exception) + : base(message, exception) + { + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/Asn1RelativeOid.cs b/BouncyCastle/crypto/src/asn1/Asn1RelativeOid.cs new file mode 100644 index 0000000..9c4f917 --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/Asn1RelativeOid.cs @@ -0,0 +1,296 @@ +using System; +using System.IO; +using System.Text; + +using Org.BouncyCastle.Math; +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Asn1 +{ + public class Asn1RelativeOid + : Asn1Object + { + internal class Meta : Asn1UniversalType + { + internal static readonly Asn1UniversalType Instance = new Meta(); + + private Meta() : base(typeof(Asn1RelativeOid), Asn1Tags.RelativeOid) {} + + internal override Asn1Object FromImplicitPrimitive(DerOctetString octetString) + { + return CreatePrimitive(octetString.GetOctets(), false); + } + } + + public static Asn1RelativeOid FromContents(byte[] contents) + { + return CreatePrimitive(contents, true); + } + + public static Asn1RelativeOid GetInstance(object obj) + { + if (obj == null || obj is Asn1RelativeOid) + { + return (Asn1RelativeOid)obj; + } + else if (obj is IAsn1Convertible) + { + Asn1Object asn1Object = ((IAsn1Convertible)obj).ToAsn1Object(); + if (asn1Object is Asn1RelativeOid) + return (Asn1RelativeOid)asn1Object; + } + else if (obj is byte[]) + { + try + { + return (Asn1RelativeOid)FromByteArray((byte[])obj); + } + catch (IOException e) + { + throw new ArgumentException("failed to construct relative OID from byte[]: " + e.Message); + } + } + + throw new ArgumentException("illegal object in GetInstance: " + Platform.GetTypeName(obj), "obj"); + } + + public static Asn1RelativeOid GetInstance(Asn1TaggedObject taggedObject, bool declaredExplicit) + { + return (Asn1RelativeOid)Meta.Instance.GetContextInstance(taggedObject, declaredExplicit); + } + + private const long LongLimit = (Int64.MaxValue >> 7) - 0x7F; + + private readonly string identifier; + private byte[] contents; + + public Asn1RelativeOid(string identifier) + { + if (identifier == null) + throw new ArgumentNullException("identifier"); + if (!IsValidIdentifier(identifier, 0)) + throw new FormatException("string " + identifier + " not a relative OID"); + + this.identifier = identifier; + } + + private Asn1RelativeOid(Asn1RelativeOid oid, string branchID) + { + if (!IsValidIdentifier(branchID, 0)) + throw new FormatException("string " + branchID + " not a valid relative OID branch"); + + this.identifier = oid.Id + "." + branchID; + } + + private Asn1RelativeOid(byte[] contents, bool clone) + { + this.identifier = ParseContents(contents); + this.contents = clone ? Arrays.Clone(contents) : contents; + } + + public virtual Asn1RelativeOid Branch(string branchID) + { + return new Asn1RelativeOid(this, branchID); + } + + public string Id + { + get { return identifier; } + } + + public override string ToString() + { + return identifier; + } + + protected override bool Asn1Equals(Asn1Object asn1Object) + { + Asn1RelativeOid that = asn1Object as Asn1RelativeOid; + return null != that + && this.identifier == that.identifier; + } + + protected override int Asn1GetHashCode() + { + return identifier.GetHashCode(); + } + + internal override IAsn1Encoding GetEncoding(int encoding) + { + return new PrimitiveEncoding(Asn1Tags.Universal, Asn1Tags.RelativeOid, GetContents()); + } + + internal override IAsn1Encoding GetEncodingImplicit(int encoding, int tagClass, int tagNo) + { + return new PrimitiveEncoding(tagClass, tagNo, GetContents()); + } + + private void DoOutput(MemoryStream bOut) + { + OidTokenizer tok = new OidTokenizer(identifier); + while (tok.HasMoreTokens) + { + string token = tok.NextToken(); + if (token.Length <= 18) + { + WriteField(bOut, Int64.Parse(token)); + } + else + { + WriteField(bOut, new BigInteger(token)); + } + } + } + + private byte[] GetContents() + { + lock (this) + { + if (contents == null) + { + MemoryStream bOut = new MemoryStream(); + DoOutput(bOut); + contents = bOut.ToArray(); + } + + return contents; + } + } + + internal static Asn1RelativeOid CreatePrimitive(byte[] contents, bool clone) + { + return new Asn1RelativeOid(contents, clone); + } + + internal static bool IsValidIdentifier(string identifier, int from) + { + int digitCount = 0; + + int pos = identifier.Length; + while (--pos >= from) + { + char ch = identifier[pos]; + + if (ch == '.') + { + if (0 == digitCount || (digitCount > 1 && identifier[pos + 1] == '0')) + return false; + + digitCount = 0; + } + else if ('0' <= ch && ch <= '9') + { + ++digitCount; + } + else + { + return false; + } + } + + if (0 == digitCount || (digitCount > 1 && identifier[pos + 1] == '0')) + return false; + + return true; + } + + internal static void WriteField(Stream outputStream, long fieldValue) + { + byte[] result = new byte[9]; + int pos = 8; + result[pos] = (byte)((int)fieldValue & 0x7F); + while (fieldValue >= (1L << 7)) + { + fieldValue >>= 7; + result[--pos] = (byte)((int)fieldValue | 0x80); + } + outputStream.Write(result, pos, 9 - pos); + } + + internal static void WriteField(Stream outputStream, BigInteger fieldValue) + { + int byteCount = (fieldValue.BitLength + 6) / 7; + if (byteCount == 0) + { + outputStream.WriteByte(0); + } + else + { + BigInteger tmpValue = fieldValue; + byte[] tmp = new byte[byteCount]; + for (int i = byteCount - 1; i >= 0; i--) + { + tmp[i] = (byte)(tmpValue.IntValue | 0x80); + tmpValue = tmpValue.ShiftRight(7); + } + tmp[byteCount - 1] &= 0x7F; + outputStream.Write(tmp, 0, tmp.Length); + } + } + + private static string ParseContents(byte[] contents) + { + StringBuilder objId = new StringBuilder(); + long value = 0; + BigInteger bigValue = null; + bool first = true; + + for (int i = 0; i != contents.Length; i++) + { + int b = contents[i]; + + if (value <= LongLimit) + { + value += b & 0x7F; + if ((b & 0x80) == 0) + { + if (first) + { + first = false; + } + else + { + objId.Append('.'); + } + + objId.Append(value); + value = 0; + } + else + { + value <<= 7; + } + } + else + { + if (bigValue == null) + { + bigValue = BigInteger.ValueOf(value); + } + bigValue = bigValue.Or(BigInteger.ValueOf(b & 0x7F)); + if ((b & 0x80) == 0) + { + if (first) + { + first = false; + } + else + { + objId.Append('.'); + } + + objId.Append(bigValue); + bigValue = null; + value = 0; + } + else + { + bigValue = bigValue.ShiftLeft(7); + } + } + } + + return objId.ToString(); + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/Asn1Sequence.cs b/BouncyCastle/crypto/src/asn1/Asn1Sequence.cs new file mode 100644 index 0000000..d7f84d3 --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/Asn1Sequence.cs @@ -0,0 +1,265 @@ +using System; +using System.Collections; +using System.IO; + +using Org.BouncyCastle.Utilities; +using Org.BouncyCastle.Utilities.Collections; + +namespace Org.BouncyCastle.Asn1 +{ + public abstract class Asn1Sequence + : Asn1Object, IEnumerable + { + internal class Meta : Asn1UniversalType + { + internal static readonly Asn1UniversalType Instance = new Meta(); + + private Meta() : base(typeof(Asn1Sequence), Asn1Tags.Sequence) {} + + internal override Asn1Object FromImplicitConstructed(Asn1Sequence sequence) + { + return sequence; + } + } + + /** + * return an Asn1Sequence from the given object. + * + * @param obj the object we want converted. + * @exception ArgumentException if the object cannot be converted. + */ + public static Asn1Sequence GetInstance(object obj) + { + if (obj == null || obj is Asn1Sequence) + { + return (Asn1Sequence)obj; + } + //else if (obj is Asn1SequenceParser) + else if (obj is IAsn1Convertible) + { + Asn1Object asn1Object = ((IAsn1Convertible)obj).ToAsn1Object(); + if (asn1Object is Asn1Sequence) + return (Asn1Sequence)asn1Object; + } + else if (obj is byte[]) + { + try + { + return (Asn1Sequence)Meta.Instance.FromByteArray((byte[])obj); + } + catch (IOException e) + { + throw new ArgumentException("failed to construct sequence from byte[]: " + e.Message); + } + } + + throw new ArgumentException("illegal object in GetInstance: " + Platform.GetTypeName(obj), "obj"); + } + + /** + * Return an ASN1 sequence from a tagged object. There is a special + * case here, if an object appears to have been explicitly tagged on + * reading but we were expecting it to be implicitly tagged in the + * normal course of events it indicates that we lost the surrounding + * sequence - so we need to add it back (this will happen if the tagged + * object is a sequence that contains other sequences). If you are + * dealing with implicitly tagged sequences you really should + * be using this method. + * + * @param taggedObject the tagged object. + * @param declaredExplicit true if the object is meant to be explicitly tagged, false otherwise. + * @exception ArgumentException if the tagged object cannot be converted. + */ + public static Asn1Sequence GetInstance(Asn1TaggedObject taggedObject, bool declaredExplicit) + { + return (Asn1Sequence)Meta.Instance.GetContextInstance(taggedObject, declaredExplicit); + } + + // NOTE: Only non-readonly to support LazyDLSequence + internal Asn1Encodable[] elements; + + protected internal Asn1Sequence() + { + this.elements = Asn1EncodableVector.EmptyElements; + } + + protected internal Asn1Sequence(Asn1Encodable element) + { + if (null == element) + throw new ArgumentNullException("element"); + + this.elements = new Asn1Encodable[]{ element }; + } + + protected internal Asn1Sequence(params Asn1Encodable[] elements) + { + if (Arrays.IsNullOrContainsNull(elements)) + throw new NullReferenceException("'elements' cannot be null, or contain null"); + + this.elements = Asn1EncodableVector.CloneElements(elements); + } + + internal Asn1Sequence(Asn1Encodable[] elements, bool clone) + { + this.elements = clone ? Asn1EncodableVector.CloneElements(elements) : elements; + } + + protected internal Asn1Sequence(Asn1EncodableVector elementVector) + { + if (null == elementVector) + throw new ArgumentNullException("elementVector"); + + this.elements = elementVector.TakeElements(); + } + + public virtual IEnumerator GetEnumerator() + { + return elements.GetEnumerator(); + } + + private class Asn1SequenceParserImpl + : Asn1SequenceParser + { + private readonly Asn1Sequence outer; + private readonly int max; + private int index; + + public Asn1SequenceParserImpl( + Asn1Sequence outer) + { + this.outer = outer; + // NOTE: Call Count here to 'force' a LazyDerSequence + this.max = outer.Count; + } + + public IAsn1Convertible ReadObject() + { + if (index == max) + return null; + + Asn1Encodable obj = outer[index++]; + + if (obj is Asn1Sequence) + return ((Asn1Sequence)obj).Parser; + + if (obj is Asn1Set) + return ((Asn1Set)obj).Parser; + + // NB: Asn1OctetString implements Asn1OctetStringParser directly +// if (obj is Asn1OctetString) +// return ((Asn1OctetString)obj).Parser; + + return obj; + } + + public Asn1Object ToAsn1Object() + { + return outer; + } + } + + public virtual Asn1SequenceParser Parser + { + get { return new Asn1SequenceParserImpl(this); } + } + + /** + * return the object at the sequence position indicated by index. + * + * @param index the sequence number (starting at zero) of the object + * @return the object at the sequence position indicated by index. + */ + public virtual Asn1Encodable this[int index] + { + get { return elements[index]; } + } + + public virtual int Count + { + get { return elements.Length; } + } + + public virtual Asn1Encodable[] ToArray() + { + return Asn1EncodableVector.CloneElements(elements); + } + + protected override int Asn1GetHashCode() + { + // NOTE: Call Count here to 'force' a LazyDerSequence + int i = Count; + int hc = i + 1; + + while (--i >= 0) + { + hc *= 257; + hc ^= elements[i].ToAsn1Object().CallAsn1GetHashCode(); + } + + return hc; + } + + protected override bool Asn1Equals(Asn1Object asn1Object) + { + Asn1Sequence that = asn1Object as Asn1Sequence; + if (null == that) + return false; + + // NOTE: Call Count here (on both) to 'force' a LazyDerSequence + int count = this.Count; + if (that.Count != count) + return false; + + for (int i = 0; i < count; ++i) + { + Asn1Object o1 = this.elements[i].ToAsn1Object(); + Asn1Object o2 = that.elements[i].ToAsn1Object(); + + if (!o1.Equals(o2)) + return false; + } + + return true; + } + + public override string ToString() + { + return CollectionUtilities.ToString(elements); + } + + // TODO[asn1] Preferably return an Asn1BitString[] (doesn't exist yet) + internal DerBitString[] GetConstructedBitStrings() + { + // NOTE: Call Count here to 'force' a LazyDerSequence + int count = Count; + DerBitString[] bitStrings = new DerBitString[count]; + for (int i = 0; i < count; ++i) + { + bitStrings[i] = DerBitString.GetInstance(elements[i]); + } + return bitStrings; + } + + internal Asn1OctetString[] GetConstructedOctetStrings() + { + // NOTE: Call Count here to 'force' a LazyDerSequence + int count = Count; + Asn1OctetString[] octetStrings = new Asn1OctetString[count]; + for (int i = 0; i < count; ++i) + { + octetStrings[i] = Asn1OctetString.GetInstance(elements[i]); + } + return octetStrings; + } + + // TODO[asn1] Preferably return an Asn1BitString (doesn't exist yet) + internal abstract DerBitString ToAsn1BitString(); + + // TODO[asn1] Preferably return an Asn1External (doesn't exist yet) + internal abstract DerExternal ToAsn1External(); + + internal abstract Asn1OctetString ToAsn1OctetString(); + + internal abstract Asn1Set ToAsn1Set(); + } +} diff --git a/BouncyCastle/crypto/src/asn1/Asn1Set.cs b/BouncyCastle/crypto/src/asn1/Asn1Set.cs new file mode 100644 index 0000000..f3b9412 --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/Asn1Set.cs @@ -0,0 +1,327 @@ +using System; +using System.Collections; +using System.Diagnostics; +using System.IO; + +#if PORTABLE +using System.Collections.Generic; +using System.Linq; +#endif + +using Org.BouncyCastle.Utilities; +using Org.BouncyCastle.Utilities.Collections; + +namespace Org.BouncyCastle.Asn1 +{ + public abstract class Asn1Set + : Asn1Object, IEnumerable + { + internal class Meta : Asn1UniversalType + { + internal static readonly Asn1UniversalType Instance = new Meta(); + + private Meta() : base(typeof(Asn1Set), Asn1Tags.Set) {} + + internal override Asn1Object FromImplicitConstructed(Asn1Sequence sequence) + { + return sequence.ToAsn1Set(); + } + } + + /** + * return an ASN1Set from the given object. + * + * @param obj the object we want converted. + * @exception ArgumentException if the object cannot be converted. + */ + public static Asn1Set GetInstance(object obj) + { + if (obj == null || obj is Asn1Set) + { + return (Asn1Set)obj; + } + //else if (obj is Asn1SetParser) + else if (obj is IAsn1Convertible) + { + Asn1Object asn1Object = ((IAsn1Convertible)obj).ToAsn1Object(); + if (asn1Object is Asn1Set) + return (Asn1Set)asn1Object; + } + else if (obj is byte[]) + { + try + { + return (Asn1Set)Meta.Instance.FromByteArray((byte[])obj); + } + catch (IOException e) + { + throw new ArgumentException("failed to construct set from byte[]: " + e.Message); + } + } + + throw new ArgumentException("illegal object in GetInstance: " + Platform.GetTypeName(obj), "obj"); + } + + /** + * Return an ASN1 set from a tagged object. There is a special + * case here, if an object appears to have been explicitly tagged on + * reading but we were expecting it to be implicitly tagged in the + * normal course of events it indicates that we lost the surrounding + * set - so we need to add it back (this will happen if the tagged + * object is a sequence that contains other sequences). If you are + * dealing with implicitly tagged sets you really should + * be using this method. + * + * @param taggedObject the tagged object. + * @param declaredExplicit true if the object is meant to be explicitly tagged false otherwise. + * @exception ArgumentException if the tagged object cannot be converted. + */ + public static Asn1Set GetInstance(Asn1TaggedObject taggedObject, bool declaredExplicit) + { + return (Asn1Set)Meta.Instance.GetContextInstance(taggedObject, declaredExplicit); + } + + // NOTE: Only non-readonly to support LazyDLSet + internal Asn1Encodable[] elements; + internal bool isSorted; + + protected internal Asn1Set() + { + this.elements = Asn1EncodableVector.EmptyElements; + this.isSorted = true; + } + + protected internal Asn1Set(Asn1Encodable element) + { + if (null == element) + throw new ArgumentNullException("element"); + + this.elements = new Asn1Encodable[]{ element }; + this.isSorted = true; + } + + protected internal Asn1Set(Asn1Encodable[] elements, bool doSort) + { + if (Arrays.IsNullOrContainsNull(elements)) + throw new NullReferenceException("'elements' cannot be null, or contain null"); + + Asn1Encodable[] tmp = Asn1EncodableVector.CloneElements(elements); + if (doSort && tmp.Length >= 2) + { + tmp = Sort(tmp); + } + + this.elements = tmp; + this.isSorted = doSort || tmp.Length < 2; + } + + protected internal Asn1Set(Asn1EncodableVector elementVector, bool doSort) + { + if (null == elementVector) + throw new ArgumentNullException("elementVector"); + + Asn1Encodable[] tmp; + if (doSort && elementVector.Count >= 2) + { + tmp = Sort(elementVector.CopyElements()); + } + else + { + tmp = elementVector.TakeElements(); + } + + this.elements = tmp; + this.isSorted = doSort || tmp.Length < 2; + } + + protected internal Asn1Set(bool isSorted, Asn1Encodable[] elements) + { + this.elements = elements; + this.isSorted = isSorted || elements.Length < 2; + } + + public virtual IEnumerator GetEnumerator() + { + return elements.GetEnumerator(); + } + + /** + * return the object at the set position indicated by index. + * + * @param index the set number (starting at zero) of the object + * @return the object at the set position indicated by index. + */ + public virtual Asn1Encodable this[int index] + { + get { return elements[index]; } + } + + public virtual int Count + { + get { return elements.Length; } + } + + public virtual Asn1Encodable[] ToArray() + { + return Asn1EncodableVector.CloneElements(elements); + } + + private class Asn1SetParserImpl + : Asn1SetParser + { + private readonly Asn1Set outer; + private readonly int max; + private int index; + + public Asn1SetParserImpl( + Asn1Set outer) + { + this.outer = outer; + // NOTE: Call Count here to 'force' a LazyDerSet + this.max = outer.Count; + } + + public IAsn1Convertible ReadObject() + { + if (index == max) + return null; + + Asn1Encodable obj = outer[index++]; + if (obj is Asn1Sequence) + return ((Asn1Sequence)obj).Parser; + + if (obj is Asn1Set) + return ((Asn1Set)obj).Parser; + + // NB: Asn1OctetString implements Asn1OctetStringParser directly +// if (obj is Asn1OctetString) +// return ((Asn1OctetString)obj).Parser; + + return obj; + } + + public virtual Asn1Object ToAsn1Object() + { + return outer; + } + } + + public Asn1SetParser Parser + { + get { return new Asn1SetParserImpl(this); } + } + + protected override int Asn1GetHashCode() + { + // NOTE: Call Count here to 'force' a LazyDerSet + int i = Count; + int hc = i + 1; + + while (--i >= 0) + { + hc *= 257; + hc ^= elements[i].ToAsn1Object().CallAsn1GetHashCode(); + } + + return hc; + } + + protected override bool Asn1Equals(Asn1Object asn1Object) + { + Asn1Set that = asn1Object as Asn1Set; + if (null == that) + return false; + + // NOTE: Call Count here (on both) to 'force' a LazyDerSet + int count = this.Count; + if (that.Count != count) + return false; + + for (int i = 0; i < count; ++i) + { + Asn1Object o1 = this.elements[i].ToAsn1Object(); + Asn1Object o2 = that.elements[i].ToAsn1Object(); + + if (!o1.Equals(o2)) + return false; + } + + return true; + } + + public override string ToString() + { + return CollectionUtilities.ToString(elements); + } + + internal static Asn1Encodable[] Sort(Asn1Encodable[] elements) + { + int count = elements.Length; + if (count < 2) + return elements; + +#if PORTABLE + return elements + .Cast() + .Select(a => new { Item = a, Key = a.GetEncoded(Asn1Encodable.Der) }) + .OrderBy(t => t.Key, new DerComparer()) + .Select(t => t.Item) + .ToArray(); +#else + byte[][] keys = new byte[count][]; + for (int i = 0; i < count; ++i) + { + keys[i] = elements[i].GetEncoded(Der); + } + Array.Sort(keys, elements, new DerComparer()); + return elements; +#endif + } + +#if PORTABLE + private class DerComparer + : IComparer + { + public int Compare(byte[] x, byte[] y) + { + byte[] a = x, b = y; +#else + private class DerComparer + : IComparer + { + public int Compare(object x, object y) + { + byte[] a = (byte[])x, b = (byte[])y; +#endif + Debug.Assert(a.Length >= 2 && b.Length >= 2); + + /* + * NOTE: Set elements in DER encodings are ordered first according to their tags (class and + * number); the CONSTRUCTED bit is not part of the tag. + * + * For SET-OF, this is unimportant. All elements have the same tag and DER requires them to + * either all be in constructed form or all in primitive form, according to that tag. The + * elements are effectively ordered according to their content octets. + * + * For SET, the elements will have distinct tags, and each will be in constructed or + * primitive form accordingly. Failing to ignore the CONSTRUCTED bit could therefore lead to + * ordering inversions. + */ + int a0 = a[0] & ~Asn1Tags.Constructed; + int b0 = b[0] & ~Asn1Tags.Constructed; + if (a0 != b0) + return a0 < b0 ? -1 : 1; + + int len = System.Math.Min(a.Length, b.Length); + for (int i = 1; i < len; ++i) + { + byte ai = a[i], bi = b[i]; + if (ai != bi) + return ai < bi ? -1 : 1; + } + Debug.Assert(a.Length == b.Length); + return 0; + } + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/Asn1Tag.cs b/BouncyCastle/crypto/src/asn1/Asn1Tag.cs new file mode 100644 index 0000000..b57174b --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/Asn1Tag.cs @@ -0,0 +1,31 @@ +using System; + +namespace Org.BouncyCastle.Asn1 +{ + internal sealed class Asn1Tag + { + internal static Asn1Tag Create(int tagClass, int tagNo) + { + return new Asn1Tag(tagClass, tagNo); + } + + private readonly int m_tagClass; + private readonly int m_tagNo; + + private Asn1Tag(int tagClass, int tagNo) + { + m_tagClass = tagClass; + m_tagNo = tagNo; + } + + internal int TagClass + { + get { return m_tagClass; } + } + + internal int TagNo + { + get { return m_tagNo; } + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/Asn1TaggedObject.cs b/BouncyCastle/crypto/src/asn1/Asn1TaggedObject.cs new file mode 100644 index 0000000..ce5e9e3 --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/Asn1TaggedObject.cs @@ -0,0 +1,483 @@ +using System; +using System.IO; + +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Asn1 +{ + /** + * ASN.1 TaggedObject - in ASN.1 notation this is any object preceded by + * a [n] where n is some number - these are assumed to follow the construction + * rules (as with sequences). + */ + public abstract class Asn1TaggedObject + : Asn1Object, Asn1TaggedObjectParser + { + private const int DeclaredExplicit = 1; + private const int DeclaredImplicit = 2; + // TODO It will probably be better to track parsing constructed vs primitive instead + private const int ParsedExplicit = 3; + private const int ParsedImplicit = 4; + + public static Asn1TaggedObject GetInstance(object obj) + { + if (obj == null || obj is Asn1TaggedObject) + { + return (Asn1TaggedObject)obj; + } + //else if (obj is Asn1TaggedObjectParser) + else if (obj is IAsn1Convertible) + { + Asn1Object asn1Object = ((IAsn1Convertible)obj).ToAsn1Object(); + if (asn1Object is Asn1TaggedObject) + return (Asn1TaggedObject)asn1Object; + } + else if (obj is byte[]) + { + try + { + return CheckedCast(FromByteArray((byte[])obj)); + } + catch (IOException e) + { + throw new ArgumentException("failed to construct tagged object from byte[]: " + e.Message); + } + } + + throw new ArgumentException("illegal object in GetInstance: " + Platform.GetTypeName(obj), "obj"); + } + + public static Asn1TaggedObject GetInstance(Asn1TaggedObject taggedObject, bool declaredExplicit) + { + if (Asn1Tags.ContextSpecific != taggedObject.TagClass) + throw new InvalidOperationException("this method only valid for CONTEXT_SPECIFIC tags"); + + if (declaredExplicit) + return taggedObject.GetExplicitBaseTagged(); + + throw new ArgumentException("this method not valid for implicitly tagged tagged objects"); + } + + internal readonly int explicitness; + internal readonly int tagClass; + internal readonly int tagNo; + internal readonly Asn1Encodable obj; + + /** + * @param explicitly true if the object is explicitly tagged. + * @param tagNo the tag number for this object. + * @param obj the tagged object. + */ + protected Asn1TaggedObject(bool isExplicit, int tagNo, Asn1Encodable obj) + : this(isExplicit, Asn1Tags.ContextSpecific, tagNo, obj) + { + } + + protected Asn1TaggedObject(bool isExplicit, int tagClass, int tagNo, Asn1Encodable obj) + : this(isExplicit ? DeclaredExplicit : DeclaredImplicit, tagClass, tagNo, obj) + { + } + + internal Asn1TaggedObject(int explicitness, int tagClass, int tagNo, Asn1Encodable obj) + { + if (null == obj) + throw new ArgumentNullException("obj"); + if (Asn1Tags.Universal == tagClass || (tagClass & Asn1Tags.Private) != tagClass) + throw new ArgumentException("invalid tag class: " + tagClass, "tagClass"); + + this.explicitness = (obj is IAsn1Choice) ? DeclaredExplicit : explicitness; + this.tagClass = tagClass; + this.tagNo = tagNo; + this.obj = obj; + } + + protected override bool Asn1Equals(Asn1Object asn1Object) + { + if (asn1Object is DerApplicationSpecific) + return asn1Object.CallAsn1Equals(this); + + Asn1TaggedObject that = asn1Object as Asn1TaggedObject; + if (null == that || this.tagNo != that.tagNo || this.tagClass != that.tagClass) + return false; + + if (this.explicitness != that.explicitness) + { + /* + * TODO This seems incorrect for some cases of implicit tags e.g. if one is a + * declared-implicit SET and the other a parsed object. + */ + if (this.IsExplicit() != that.IsExplicit()) + return false; + } + + Asn1Object p1 = this.obj.ToAsn1Object(); + Asn1Object p2 = that.obj.ToAsn1Object(); + + if (p1 == p2) + return true; + + if (!this.IsExplicit()) + { + try + { + byte[] d1 = this.GetEncoded(); + byte[] d2 = that.GetEncoded(); + + return Arrays.AreEqual(d1, d2); + } + catch (IOException) + { + return false; + } + } + + return p1.CallAsn1Equals(p2); + } + + protected override int Asn1GetHashCode() + { + return (tagClass * 7919) ^ tagNo ^ (IsExplicit() ? 0x0F : 0xF0) ^ obj.ToAsn1Object().CallAsn1GetHashCode(); + } + + public int TagClass + { + get { return tagClass; } + } + + public int TagNo + { + get { return tagNo; } + } + + public bool HasContextTag(int tagNo) + { + return this.tagClass == Asn1Tags.ContextSpecific && this.tagNo == tagNo; + } + + public bool HasTag(int tagClass, int tagNo) + { + return this.tagClass == tagClass && this.tagNo == tagNo; + } + + [Obsolete("Will be removed. Replace with constant return value of 'false'")] + public bool IsEmpty() + { + return false; + } + + /** + * return whether or not the object may be explicitly tagged. + *

+ * Note: if the object has been read from an input stream, the only + * time you can be sure if isExplicit is returning the true state of + * affairs is if it returns false. An implicitly tagged object may appear + * to be explicitly tagged, so you need to understand the context under + * which the reading was done as well, see GetObject below.

+ */ + public bool IsExplicit() + { + // TODO New methods like 'IsKnownExplicit' etc. to distinguish uncertain cases? + switch (explicitness) + { + case DeclaredExplicit: + case ParsedExplicit: + return true; + default: + return false; + } + } + + internal bool IsParsed() + { + switch (explicitness) + { + case ParsedExplicit: + case ParsedImplicit: + return true; + default: + return false; + } + } + + /** + * Return the contents of this object as a byte[] + * + * @return the encoded contents of the object. + */ + // TODO Need this public if/when DerApplicationSpecific extends Asn1TaggedObject + internal byte[] GetContents() + { + try + { + byte[] baseEncoding = obj.GetEncoded(Asn1Encoding); + if (IsExplicit()) + return baseEncoding; + + MemoryStream input = new MemoryStream(baseEncoding, false); + int tag = input.ReadByte(); + Asn1InputStream.ReadTagNumber(input, tag); + int length = Asn1InputStream.ReadLength(input, (int)(input.Length - input.Position), false); + int remaining = (int)(input.Length - input.Position); + + // For indefinite form, account for end-of-contents octets + int contentsLength = length < 0 ? remaining - 2 : remaining; + if (contentsLength < 0) + throw new InvalidOperationException("failed to get contents"); + + byte[] contents = new byte[contentsLength]; + Array.Copy(baseEncoding, baseEncoding.Length - remaining, contents, 0, contentsLength); + return contents; + } + catch (IOException e) + { + throw new InvalidOperationException("failed to get contents", e); + } + } + + internal bool IsConstructed() + { + switch (explicitness) + { + case DeclaredImplicit: + { + Asn1Object baseObject = obj.ToAsn1Object(); + if (baseObject is Asn1Sequence || baseObject is Asn1Set) + return true; + + Asn1TaggedObject baseTagged = baseObject as Asn1TaggedObject; + return null != baseTagged && baseTagged.IsConstructed(); + } + case ParsedImplicit: + return obj is Asn1Sequence; + default: + return true; + } + } + + /** + * return whatever was following the tag. + *

+ * Note: tagged objects are generally context dependent if you're + * trying to extract a tagged object you should be going via the + * appropriate GetInstance method.

+ */ + public Asn1Object GetObject() + { + if (Asn1Tags.ContextSpecific != TagClass) + throw new InvalidOperationException("this method only valid for CONTEXT_SPECIFIC tags"); + + return obj.ToAsn1Object(); + } + + /** + * Needed for open types, until we have better type-guided parsing support. Use sparingly for other + * purposes, and prefer {@link #getExplicitBaseTagged()}, {@link #getImplicitBaseTagged(int, int)} or + * {@link #getBaseUniversal(boolean, int)} where possible. Before using, check for matching tag + * {@link #getTagClass() class} and {@link #getTagNo() number}. + */ + public Asn1Encodable GetBaseObject() + { + return obj; + } + + /** + * Needed for open types, until we have better type-guided parsing support. Use + * sparingly for other purposes, and prefer {@link #getExplicitBaseTagged()} or + * {@link #getBaseUniversal(boolean, int)} where possible. Before using, check + * for matching tag {@link #getTagClass() class} and {@link #getTagNo() number}. + */ + public Asn1Encodable GetExplicitBaseObject() + { + if (!IsExplicit()) + throw new InvalidOperationException("object implicit - explicit expected."); + + return obj; + } + + public Asn1TaggedObject GetExplicitBaseTagged() + { + if (!IsExplicit()) + throw new InvalidOperationException("object implicit - explicit expected."); + + return CheckedCast(obj.ToAsn1Object()); + } + + public Asn1TaggedObject GetImplicitBaseTagged(int baseTagClass, int baseTagNo) + { + if (Asn1Tags.Universal == baseTagClass || (baseTagClass & Asn1Tags.Private) != baseTagClass) + throw new ArgumentException("invalid base tag class: " + baseTagClass, "baseTagClass"); + + switch (explicitness) + { + case DeclaredExplicit: + throw new InvalidOperationException("object explicit - implicit expected."); + + case DeclaredImplicit: + { + Asn1TaggedObject declared = CheckedCast(obj.ToAsn1Object()); + return Asn1Utilities.CheckTag(declared, baseTagClass, baseTagNo); + } + + // Parsed; return a virtual tag (i.e. that couldn't have been present in the encoding) + default: + return ReplaceTag(baseTagClass, baseTagNo); + } + } + + public Asn1Object GetBaseUniversal(bool declaredExplicit, int tagNo) + { + Asn1UniversalType universalType = Asn1UniversalTypes.Get(tagNo); + if (null == universalType) + throw new ArgumentException("unsupported UNIVERSAL tag number: " + tagNo, "tagNo"); + + return GetBaseUniversal(declaredExplicit, universalType); + } + + internal Asn1Object GetBaseUniversal(bool declaredExplicit, Asn1UniversalType universalType) + { + if (declaredExplicit) + { + if (!IsExplicit()) + throw new InvalidOperationException("object explicit - implicit expected."); + + return universalType.CheckedCast(obj.ToAsn1Object()); + } + + if (DeclaredExplicit == explicitness) + throw new InvalidOperationException("object explicit - implicit expected."); + + Asn1Object baseObject = obj.ToAsn1Object(); + switch (explicitness) + { + case ParsedExplicit: + return universalType.FromImplicitConstructed(RebuildConstructed(baseObject)); + case ParsedImplicit: + { + if (baseObject is Asn1Sequence) + return universalType.FromImplicitConstructed((Asn1Sequence)baseObject); + + return universalType.FromImplicitPrimitive((DerOctetString)baseObject); + } + default: + return universalType.CheckedCast(baseObject); + } + } + + /** + * Return the object held in this tagged object as a parser assuming it has + * the type of the passed in tag. If the object doesn't have a parser + * associated with it, the base object is returned. + */ + [Obsolete("Use 'Parse...' methods instead, after checking this parser's TagClass and TagNo")] + public IAsn1Convertible GetObjectParser(int tag, bool isExplicit) + { + if (Asn1Tags.ContextSpecific != TagClass) + throw new InvalidOperationException("this method only valid for CONTEXT_SPECIFIC tags"); + + return ParseBaseUniversal(isExplicit, tag); + } + + public IAsn1Convertible ParseBaseUniversal(bool declaredExplicit, int baseTagNo) + { + Asn1Object asn1Object = GetBaseUniversal(declaredExplicit, baseTagNo); + + switch (baseTagNo) + { + case Asn1Tags.BitString: + return ((DerBitString)asn1Object).Parser; + case Asn1Tags.OctetString: + return ((Asn1OctetString)asn1Object).Parser; + case Asn1Tags.Sequence: + return ((Asn1Sequence)asn1Object).Parser; + case Asn1Tags.Set: + return ((Asn1Set)asn1Object).Parser; + } + + return asn1Object; + } + + public IAsn1Convertible ParseExplicitBaseObject() + { + return GetExplicitBaseObject(); + } + + public Asn1TaggedObjectParser ParseExplicitBaseTagged() + { + return GetExplicitBaseTagged(); + } + + public Asn1TaggedObjectParser ParseImplicitBaseTagged(int baseTagClass, int baseTagNo) + { + return GetImplicitBaseTagged(baseTagClass, baseTagNo); + } + + public override string ToString() + { + return Asn1Utilities.GetTagText(tagClass, tagNo) + obj; + } + + internal abstract string Asn1Encoding { get; } + + internal abstract Asn1Sequence RebuildConstructed(Asn1Object asn1Object); + + internal abstract Asn1TaggedObject ReplaceTag(int tagClass, int tagNo); + + internal static Asn1Object CreateConstructedDL(int tagClass, int tagNo, Asn1EncodableVector contentsElements) + { + bool maybeExplicit = (contentsElements.Count == 1); + + Asn1TaggedObject taggedObject = maybeExplicit + ? new DLTaggedObject(ParsedExplicit, tagClass, tagNo, contentsElements[0]) + : new DLTaggedObject(ParsedImplicit, tagClass, tagNo, DLSequence.FromVector(contentsElements)); + + switch (tagClass) + { + case Asn1Tags.Application: + return new DLApplicationSpecific(taggedObject); + default: + return taggedObject; + } + } + + internal static Asn1Object CreateConstructedIL(int tagClass, int tagNo, Asn1EncodableVector contentsElements) + { + bool maybeExplicit = (contentsElements.Count == 1); + + Asn1TaggedObject taggedObject = maybeExplicit + ? new BerTaggedObject(ParsedExplicit, tagClass, tagNo, contentsElements[0]) + : new BerTaggedObject(ParsedImplicit, tagClass, tagNo, BerSequence.FromVector(contentsElements)); + + switch (tagClass) + { + case Asn1Tags.Application: + return new BerApplicationSpecific(taggedObject); + default: + return taggedObject; + } + } + + internal static Asn1Object CreatePrimitive(int tagClass, int tagNo, byte[] contentsOctets) + { + // Note: !CONSTRUCTED => IMPLICIT + Asn1TaggedObject taggedObject = new DLTaggedObject(ParsedImplicit, tagClass, tagNo, + new DerOctetString(contentsOctets)); + + switch (tagClass) + { + case Asn1Tags.Application: + return new DLApplicationSpecific(taggedObject); + default: + return taggedObject; + } + } + + private static Asn1TaggedObject CheckedCast(Asn1Object asn1Object) + { + Asn1TaggedObject taggedObject = asn1Object as Asn1TaggedObject; + if (null != taggedObject) + return taggedObject; + + throw new InvalidOperationException("unexpected object: " + Platform.GetTypeName(asn1Object)); + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/Asn1Tags.cs b/BouncyCastle/crypto/src/asn1/Asn1Tags.cs new file mode 100644 index 0000000..670fb7d --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/Asn1Tags.cs @@ -0,0 +1,51 @@ +using System; + +namespace Org.BouncyCastle.Asn1 +{ + public class Asn1Tags + { + public const int Boolean = 0x01; + public const int Integer = 0x02; + public const int BitString = 0x03; + public const int OctetString = 0x04; + public const int Null = 0x05; + public const int ObjectIdentifier = 0x06; + public const int ObjectDescriptor = 0x07; + public const int External = 0x08; + public const int Real = 0x09; + public const int Enumerated = 0x0a; + public const int EmbeddedPdv = 0x0b; + public const int Utf8String = 0x0c; + public const int RelativeOid = 0x0d; + // NOTE: 14-15 are reserved. + public const int Sequence = 0x10; + public const int SequenceOf = 0x10; // for completeness + public const int Set = 0x11; + public const int SetOf = 0x11; // for completeness + + public const int NumericString = 0x12; + public const int PrintableString = 0x13; + public const int T61String = 0x14; + public const int VideotexString = 0x15; + public const int IA5String = 0x16; + public const int UtcTime = 0x17; + public const int GeneralizedTime = 0x18; + public const int GraphicString = 0x19; + public const int VisibleString = 0x1a; + public const int GeneralString = 0x1b; + public const int UniversalString = 0x1c; + public const int UnrestrictedString = 0x1d; + public const int BmpString = 0x1e; + + public const int Constructed = 0x20; + + public const int Universal = 0x00; + public const int Application = 0x40; + [Obsolete("Use 'ContextSpecific' instead")] + public const int Tagged = 0x80; + public const int ContextSpecific = 0x80; + public const int Private = 0xC0; + + public const int Flags = 0xE0; + } +} diff --git a/BouncyCastle/crypto/src/asn1/Asn1Type.cs b/BouncyCastle/crypto/src/asn1/Asn1Type.cs new file mode 100644 index 0000000..f44b74e --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/Asn1Type.cs @@ -0,0 +1,29 @@ +using System; + +namespace Org.BouncyCastle.Asn1 +{ + internal abstract class Asn1Type + { + internal readonly Type m_platformType; + + internal Asn1Type(Type platformType) + { + m_platformType = platformType; + } + + internal Type PlatformType + { + get { return m_platformType; } + } + + public sealed override bool Equals(object that) + { + return this == that; + } + + public sealed override int GetHashCode() + { + return base.GetHashCode(); + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/Asn1UniversalType.cs b/BouncyCastle/crypto/src/asn1/Asn1UniversalType.cs new file mode 100644 index 0000000..46cacb4 --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/Asn1UniversalType.cs @@ -0,0 +1,56 @@ +using System; +using System.IO; + +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Asn1 +{ + internal abstract class Asn1UniversalType + : Asn1Type + { + internal readonly Asn1Tag m_tag; + + internal Asn1UniversalType(Type platformType, int tagNo) + : base(platformType) + { + m_tag = Asn1Tag.Create(Asn1Tags.Universal, tagNo); + } + + internal Asn1Object CheckedCast(Asn1Object asn1Object) + { + if (PlatformType.IsInstanceOfType(asn1Object)) + return asn1Object; + + throw new InvalidOperationException("unexpected object: " + Platform.GetTypeName(asn1Object)); + } + + internal virtual Asn1Object FromImplicitPrimitive(DerOctetString octetString) + { + throw new InvalidOperationException("unexpected implicit primitive encoding"); + } + + internal virtual Asn1Object FromImplicitConstructed(Asn1Sequence sequence) + { + throw new InvalidOperationException("unexpected implicit constructed encoding"); + } + + /// + internal Asn1Object FromByteArray(byte[] bytes) + { + return CheckedCast(Asn1Object.FromByteArray(bytes)); + } + + internal Asn1Object GetContextInstance(Asn1TaggedObject taggedObject, bool declaredExplicit) + { + if (Asn1Tags.ContextSpecific != taggedObject.TagClass) + throw new InvalidOperationException("this method only valid for CONTEXT_SPECIFIC tags"); + + return CheckedCast(taggedObject.GetBaseUniversal(declaredExplicit, this)); + } + + internal Asn1Tag Tag + { + get { return m_tag; } + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/Asn1UniversalTypes.cs b/BouncyCastle/crypto/src/asn1/Asn1UniversalTypes.cs new file mode 100644 index 0000000..214918b --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/Asn1UniversalTypes.cs @@ -0,0 +1,74 @@ +using System; + +namespace Org.BouncyCastle.Asn1 +{ + internal sealed class Asn1UniversalTypes + { + private Asn1UniversalTypes() + { + } + + internal static Asn1UniversalType Get(int tagNo) + { + switch (tagNo) + { + case Asn1Tags.Boolean: + return DerBoolean.Meta.Instance; + case Asn1Tags.Integer: + return DerInteger.Meta.Instance; + case Asn1Tags.BitString: + return DerBitString.Meta.Instance; + case Asn1Tags.OctetString: + return Asn1OctetString.Meta.Instance; + case Asn1Tags.Null: + return Asn1Null.Meta.Instance; + case Asn1Tags.ObjectIdentifier: + return DerObjectIdentifier.Meta.Instance; + case Asn1Tags.ObjectDescriptor: // [UNIVERSAL 7] IMPLICIT GraphicString + return Asn1ObjectDescriptor.Meta.Instance; + case Asn1Tags.External: + return DerExternal.Meta.Instance; + case Asn1Tags.Enumerated: + return DerEnumerated.Meta.Instance; + case Asn1Tags.Utf8String: // [UNIVERSAL 12] IMPLICIT OCTET STRING (encode as if) + return DerUtf8String.Meta.Instance; + case Asn1Tags.RelativeOid: + return Asn1RelativeOid.Meta.Instance; + case Asn1Tags.Sequence: + return Asn1Sequence.Meta.Instance; + case Asn1Tags.Set: + return Asn1Set.Meta.Instance; + case Asn1Tags.NumericString: // [UNIVERSAL 18] IMPLICIT OCTET STRING (encode as if) + return DerNumericString.Meta.Instance; + case Asn1Tags.PrintableString: // [UNIVERSAL 19] IMPLICIT OCTET STRING (encode as if) + return DerPrintableString.Meta.Instance; + case Asn1Tags.T61String: // [UNIVERSAL 20] IMPLICIT OCTET STRING (encode as if) + return DerT61String.Meta.Instance; + case Asn1Tags.VideotexString: // [UNIVERSAL 21] IMPLICIT OCTET STRING (encode as if) + return DerVideotexString.Meta.Instance; + case Asn1Tags.IA5String: // [UNIVERSAL 22] IMPLICIT OCTET STRING (encode as if) + return DerIA5String.Meta.Instance; + case Asn1Tags.UtcTime: // [UNIVERSAL 23] IMPLICIT VisibleString (restricted values) + return DerUtcTime.Meta.Instance; + case Asn1Tags.GeneralizedTime: // [UNIVERSAL 24] IMPLICIT VisibleString (restricted values) + return DerGeneralizedTime.Meta.Instance; + case Asn1Tags.GraphicString: // [UNIVERSAL 25] IMPLICIT OCTET STRING (encode as if) + return DerGraphicString.Meta.Instance; + case Asn1Tags.VisibleString: // [UNIVERSAL 26] IMPLICIT OCTET STRING (encode as if) + return DerVisibleString.Meta.Instance; + case Asn1Tags.GeneralString: // [UNIVERSAL 27] IMPLICIT OCTET STRING (encode as if) + return DerGeneralString.Meta.Instance; + case Asn1Tags.UniversalString: // [UNIVERSAL 28] IMPLICIT OCTET STRING (encode as if) + return DerUniversalString.Meta.Instance; + case Asn1Tags.BmpString: // [UNIVERSAL 30] IMPLICIT OCTET STRING (encode as if) + return DerBmpString.Meta.Instance; + + case Asn1Tags.Real: + case Asn1Tags.EmbeddedPdv: + case Asn1Tags.UnrestrictedString: + default: + return null; + } + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/Asn1Utilities.cs b/BouncyCastle/crypto/src/asn1/Asn1Utilities.cs new file mode 100644 index 0000000..5605d4c --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/Asn1Utilities.cs @@ -0,0 +1,329 @@ +using System; +using System.IO; + +namespace Org.BouncyCastle.Asn1 +{ + public abstract class Asn1Utilities + { + internal static Asn1TaggedObject CheckTag(Asn1TaggedObject taggedObject, int tagClass, int tagNo) + { + if (!taggedObject.HasTag(tagClass, tagNo)) + { + string expected = GetTagText(tagClass, tagNo); + string found = GetTagText(taggedObject); + throw new InvalidOperationException("Expected " + expected + " tag but found " + found); + } + return taggedObject; + } + + internal static Asn1TaggedObjectParser CheckTag(Asn1TaggedObjectParser taggedObjectParser, int tagClass, + int tagNo) + { + if (!taggedObjectParser.HasTag(tagClass, tagNo)) + { + string expected = GetTagText(tagClass, tagNo); + string found = GetTagText(taggedObjectParser); + throw new InvalidOperationException("Expected " + expected + " tag but found " + found); + } + return taggedObjectParser; + } + + + internal static string GetTagText(Asn1Tag tag) + { + return GetTagText(tag.TagClass, tag.TagNo); + } + + public static string GetTagText(Asn1TaggedObject taggedObject) + { + return GetTagText(taggedObject.TagClass, taggedObject.TagNo); + } + + public static string GetTagText(Asn1TaggedObjectParser taggedObjectParser) + { + return GetTagText(taggedObjectParser.TagClass, taggedObjectParser.TagNo); + } + + public static string GetTagText(int tagClass, int tagNo) + { + switch (tagClass) + { + case Asn1Tags.Application: + return "[APPLICATION " + tagNo + "]"; + case Asn1Tags.ContextSpecific: + return "[CONTEXT " + tagNo + "]"; + case Asn1Tags.Private: + return "[PRIVATE " + tagNo + "]"; + default: + return "[UNIVERSAL " + tagNo + "]"; + } + } + + + /* + * Wrappers for Asn1TaggedObject.GetExplicitBaseObject + */ + + public static Asn1Encodable GetExplicitBaseObject(Asn1TaggedObject taggedObject, int tagClass, int tagNo) + { + return CheckTag(taggedObject, tagClass, tagNo).GetExplicitBaseObject(); + } + + public static Asn1Encodable GetExplicitContextBaseObject(Asn1TaggedObject taggedObject, int tagNo) + { + return GetExplicitBaseObject(taggedObject, Asn1Tags.ContextSpecific, tagNo); + } + + public static Asn1Encodable TryGetExplicitBaseObject(Asn1TaggedObject taggedObject, int tagClass, int tagNo) + { + if (!taggedObject.HasTag(tagClass, tagNo)) + return null; + + return taggedObject.GetExplicitBaseObject(); + } + + public static Asn1Encodable TryGetExplicitContextBaseObject(Asn1TaggedObject taggedObject, int tagNo) + { + return TryGetExplicitBaseObject(taggedObject, Asn1Tags.ContextSpecific, tagNo); + } + + + /* + * Wrappers for Asn1TaggedObject.GetExplicitBaseTagged + */ + + public static Asn1TaggedObject GetExplicitBaseTagged(Asn1TaggedObject taggedObject, int tagClass, int tagNo) + { + return CheckTag(taggedObject, tagClass, tagNo).GetExplicitBaseTagged(); + } + + public static Asn1TaggedObject GetExplicitContextBaseTagged(Asn1TaggedObject taggedObject, int tagNo) + { + return GetExplicitBaseTagged(taggedObject, Asn1Tags.ContextSpecific, tagNo); + } + + public static Asn1TaggedObject TryGetExplicitBaseTagged(Asn1TaggedObject taggedObject, int tagClass, int tagNo) + { + if (!taggedObject.HasTag(tagClass, tagNo)) + return null; + + return taggedObject.GetExplicitBaseTagged(); + } + + public static Asn1TaggedObject TryGetExplicitContextBaseTagged(Asn1TaggedObject taggedObject, int tagNo) + { + return TryGetExplicitBaseTagged(taggedObject, Asn1Tags.ContextSpecific, tagNo); + } + + + /* + * Wrappers for Asn1TaggedObject.GetImplicitBaseTagged + */ + + public static Asn1TaggedObject GetImplicitBaseTagged(Asn1TaggedObject taggedObject, int tagClass, int tagNo, + int baseTagClass, int baseTagNo) + { + return CheckTag(taggedObject, tagClass, tagNo).GetImplicitBaseTagged(baseTagClass, baseTagNo); + } + + public static Asn1TaggedObject GetImplicitContextBaseTagged(Asn1TaggedObject taggedObject, int tagNo, + int baseTagClass, int baseTagNo) + { + return GetImplicitBaseTagged(taggedObject, Asn1Tags.ContextSpecific, tagNo, baseTagClass, baseTagNo); + } + + public static Asn1TaggedObject TryGetImplicitBaseTagged(Asn1TaggedObject taggedObject, int tagClass, int tagNo, + int baseTagClass, int baseTagNo) + { + if (!taggedObject.HasTag(tagClass, tagNo)) + return null; + + return taggedObject.GetImplicitBaseTagged(baseTagClass, baseTagNo); + } + + public static Asn1TaggedObject TryGetImplicitContextBaseTagged(Asn1TaggedObject taggedObject, int tagNo, + int baseTagClass, int baseTagNo) + { + return TryGetImplicitBaseTagged(taggedObject, Asn1Tags.ContextSpecific, tagNo, baseTagClass, baseTagNo); + } + + + /* + * Wrappers for Asn1TaggedObject.GetBaseUniversal + */ + + public static Asn1Object GetBaseUniversal(Asn1TaggedObject taggedObject, int tagClass, int tagNo, + bool declaredExplicit, int baseTagNo) + { + return CheckTag(taggedObject, tagClass, tagNo).GetBaseUniversal(declaredExplicit, baseTagNo); + } + + public static Asn1Object GetContextBaseUniversal(Asn1TaggedObject taggedObject, int tagNo, + bool declaredExplicit, int baseTagNo) + { + return GetBaseUniversal(taggedObject, Asn1Tags.ContextSpecific, tagNo, declaredExplicit, baseTagNo); + } + + public static Asn1Object TryGetBaseUniversal(Asn1TaggedObject taggedObject, int tagClass, int tagNo, + bool declaredExplicit, int baseTagNo) + { + if (!taggedObject.HasTag(tagClass, tagNo)) + return null; + + return taggedObject.GetBaseUniversal(declaredExplicit, baseTagNo); + } + + public static Asn1Object TryGetContextBaseUniversal(Asn1TaggedObject taggedObject, int tagNo, + bool declaredExplicit, int baseTagNo) + { + return TryGetBaseUniversal(taggedObject, Asn1Tags.ContextSpecific, tagNo, declaredExplicit, baseTagNo); + } + + + /* + * Wrappers for Asn1TaggedObjectParser.ParseExplicitBaseTagged + */ + + /// + public static Asn1TaggedObjectParser ParseExplicitBaseTagged(Asn1TaggedObjectParser taggedObjectParser, + int tagClass, int tagNo) + { + return CheckTag(taggedObjectParser, tagClass, tagNo).ParseExplicitBaseTagged(); + } + + /// + public static Asn1TaggedObjectParser ParseExplicitContextBaseTagged(Asn1TaggedObjectParser taggedObjectParser, + int tagNo) + { + return ParseExplicitBaseTagged(taggedObjectParser, Asn1Tags.ContextSpecific, tagNo); + } + + /// + public static Asn1TaggedObjectParser TryParseExplicitBaseTagged(Asn1TaggedObjectParser taggedObjectParser, + int tagClass, int tagNo) + { + if (!taggedObjectParser.HasTag(tagClass, tagNo)) + return null; + + return taggedObjectParser.ParseExplicitBaseTagged(); + } + + /// + public static Asn1TaggedObjectParser TryParseExplicitContextBaseTagged( + Asn1TaggedObjectParser taggedObjectParser, int tagNo) + { + return TryParseExplicitBaseTagged(taggedObjectParser, Asn1Tags.ContextSpecific, tagNo); + } + + + /* + * Wrappers for Asn1TaggedObjectParser.ParseImplicitBaseTagged + */ + + /// + public static Asn1TaggedObjectParser ParseImplicitBaseTagged(Asn1TaggedObjectParser taggedObjectParser, + int tagClass, int tagNo, int baseTagClass, int baseTagNo) + { + return CheckTag(taggedObjectParser, tagClass, tagNo).ParseImplicitBaseTagged(baseTagClass, baseTagNo); + } + + /// + public static Asn1TaggedObjectParser ParseImplicitContextBaseTagged(Asn1TaggedObjectParser taggedObjectParser, + int tagNo, int baseTagClass, int baseTagNo) + { + return ParseImplicitBaseTagged(taggedObjectParser, Asn1Tags.ContextSpecific, tagNo, baseTagClass, + baseTagNo); + } + + /// + public static Asn1TaggedObjectParser TryParseImplicitBaseTagged(Asn1TaggedObjectParser taggedObjectParser, + int tagClass, int tagNo, int baseTagClass, int baseTagNo) + { + if (!taggedObjectParser.HasTag(tagClass, tagNo)) + return null; + + return taggedObjectParser.ParseImplicitBaseTagged(baseTagClass, baseTagNo); + } + + /// + public static Asn1TaggedObjectParser TryParseImplicitContextBaseTagged( + Asn1TaggedObjectParser taggedObjectParser, int tagNo, int baseTagClass, int baseTagNo) + { + return TryParseImplicitBaseTagged(taggedObjectParser, Asn1Tags.ContextSpecific, tagNo, baseTagClass, + baseTagNo); + } + + + /* + * Wrappers for Asn1TaggedObjectParser.ParseBaseUniversal + */ + + /// + public static IAsn1Convertible ParseBaseUniversal(Asn1TaggedObjectParser taggedObjectParser, int tagClass, + int tagNo, bool declaredExplicit, int baseTagNo) + { + return CheckTag(taggedObjectParser, tagClass, tagNo).ParseBaseUniversal(declaredExplicit, baseTagNo); + } + + /// + public static IAsn1Convertible ParseContextBaseUniversal(Asn1TaggedObjectParser taggedObjectParser, int tagNo, + bool declaredExplicit, int baseTagNo) + { + return ParseBaseUniversal(taggedObjectParser, Asn1Tags.ContextSpecific, tagNo, declaredExplicit, baseTagNo); + } + + /// + public static IAsn1Convertible TryParseBaseUniversal(Asn1TaggedObjectParser taggedObjectParser, int tagClass, + int tagNo, bool declaredExplicit, int baseTagNo) + { + if (!taggedObjectParser.HasTag(tagClass, tagNo)) + return null; + + return taggedObjectParser.ParseBaseUniversal(declaredExplicit, baseTagNo); + } + + /// + public static IAsn1Convertible TryParseContextBaseUniversal(Asn1TaggedObjectParser taggedObjectParser, + int tagNo, bool declaredExplicit, int baseTagNo) + { + return TryParseBaseUniversal(taggedObjectParser, Asn1Tags.ContextSpecific, tagNo, declaredExplicit, + baseTagNo); + } + + + /* + * Wrappers for Asn1TaggedObjectParser.ParseExplicitBaseObject + */ + + /// + public static IAsn1Convertible ParseExplicitBaseObject(Asn1TaggedObjectParser taggedObjectParser, int tagClass, + int tagNo) + { + return CheckTag(taggedObjectParser, tagClass, tagNo).ParseExplicitBaseObject(); + } + + /// + public static IAsn1Convertible ParseExplicitContextBaseObject(Asn1TaggedObjectParser taggedObjectParser, + int tagNo) + { + return ParseExplicitBaseObject(taggedObjectParser, Asn1Tags.ContextSpecific, tagNo); + } + + /// + public static IAsn1Convertible TryParseExplicitBaseObject(Asn1TaggedObjectParser taggedObjectParser, + int tagClass, int tagNo) + { + if (!taggedObjectParser.HasTag(tagClass, tagNo)) + return null; + + return taggedObjectParser.ParseExplicitBaseObject(); + } + + /// + public static IAsn1Convertible TryParseExplicitContextBaseObject(Asn1TaggedObjectParser taggedObjectParser, + int tagNo) + { + return TryParseExplicitBaseObject(taggedObjectParser, Asn1Tags.ContextSpecific, tagNo); + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/BERBitString.cs b/BouncyCastle/crypto/src/asn1/BERBitString.cs new file mode 100644 index 0000000..2f5bd9c --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/BERBitString.cs @@ -0,0 +1,138 @@ +using System; +using System.Diagnostics; + +namespace Org.BouncyCastle.Asn1 +{ + public class BerBitString + : DerBitString + { + private const int DefaultSegmentLimit = 1000; + + internal static byte[] FlattenBitStrings(DerBitString[] bitStrings) + { + int count = bitStrings.Length; + switch (count) + { + case 0: + // No bits + return new byte[]{ 0 }; + case 1: + return bitStrings[0].contents; + default: + { + int last = count - 1, totalLength = 0; + for (int i = 0; i < last; ++i) + { + byte[] elementContents = bitStrings[i].contents; + if (elementContents[0] != 0) + throw new ArgumentException("only the last nested bitstring can have padding", "bitStrings"); + + totalLength += elementContents.Length - 1; + } + + // Last one can have padding + byte[] lastElementContents = bitStrings[last].contents; + byte padBits = lastElementContents[0]; + totalLength += lastElementContents.Length; + + byte[] contents = new byte[totalLength]; + contents[0] = padBits; + + int pos = 1; + for (int i = 0; i < count; ++i) + { + byte[] elementContents = bitStrings[i].contents; + int length = elementContents.Length - 1; + Array.Copy(elementContents, 1, contents, pos, length); + pos += length; + } + + Debug.Assert(pos == totalLength); + return contents; + } + } + } + + private readonly int segmentLimit; + private readonly DerBitString[] elements; + + public BerBitString(byte data, int padBits) + : base(data, padBits) + { + this.elements = null; + this.segmentLimit = DefaultSegmentLimit; + } + + public BerBitString(byte[] data) + : this(data, 0) + { + } + + public BerBitString(byte[] data, int padBits) + : this(data, padBits, DefaultSegmentLimit) + { + } + + public BerBitString(byte[] data, int padBits, int segmentLimit) + : base(data, padBits) + { + this.elements = null; + this.segmentLimit = segmentLimit; + } + + public BerBitString(int namedBits) + : base(namedBits) + { + this.elements = null; + this.segmentLimit = DefaultSegmentLimit; + } + + public BerBitString(Asn1Encodable obj) + : this(obj.GetDerEncoded(), 0) + { + } + + public BerBitString(DerBitString[] elements) + : this(elements, DefaultSegmentLimit) + { + } + + public BerBitString(DerBitString[] elements, int segmentLimit) + : base(FlattenBitStrings(elements), false) + { + this.elements = elements; + this.segmentLimit = segmentLimit; + } + + internal BerBitString(byte[] contents, bool check) + : base(contents, check) + { + this.elements = null; + this.segmentLimit = DefaultSegmentLimit; + } + + internal override IAsn1Encoding GetEncoding(int encoding) + { + if (Asn1OutputStream.EncodingBer != encoding) + return base.GetEncoding(encoding); + + if (null == elements) + return new PrimitiveEncoding(Asn1Tags.Universal, Asn1Tags.BitString, contents); + + return new ConstructedILEncoding(Asn1Tags.Universal, Asn1Tags.BitString, + Asn1OutputStream.GetContentsEncodings(encoding, elements)); + } + + internal override IAsn1Encoding GetEncodingImplicit(int encoding, int tagClass, int tagNo) + { + if (Asn1OutputStream.EncodingBer != encoding) + return base.GetEncodingImplicit(encoding, tagClass, tagNo); + + if (null == elements) + return new PrimitiveEncoding(tagClass, tagNo, contents); + + return new ConstructedILEncoding(tagClass, tagNo, + Asn1OutputStream.GetContentsEncodings(encoding, elements)); + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/BERGenerator.cs b/BouncyCastle/crypto/src/asn1/BERGenerator.cs new file mode 100644 index 0000000..e43d9f8 --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/BERGenerator.cs @@ -0,0 +1,106 @@ +using System.IO; + +using Org.BouncyCastle.Utilities.IO; + +namespace Org.BouncyCastle.Asn1 +{ + public abstract class BerGenerator + : Asn1Generator + { + private bool _tagged = false; + private bool _isExplicit; + private int _tagNo; + + protected BerGenerator( + Stream outStream) + : base(outStream) + { + } + + protected BerGenerator( + Stream outStream, + int tagNo, + bool isExplicit) + : base(outStream) + { + _tagged = true; + _isExplicit = isExplicit; + _tagNo = tagNo; + } + + public override void AddObject(Asn1Encodable obj) + { + obj.EncodeTo(Out); + } + + public override void AddObject(Asn1Object obj) + { + obj.EncodeTo(Out); + } + + public override Stream GetRawOutputStream() + { + return Out; + } + + public override void Close() + { + WriteBerEnd(); + } + + private void WriteHdr( + int tag) + { + Out.WriteByte((byte) tag); + Out.WriteByte(0x80); + } + + protected void WriteBerHeader( + int tag) + { + if (_tagged) + { + int tagNum = _tagNo | Asn1Tags.ContextSpecific; + + if (_isExplicit) + { + WriteHdr(tagNum | Asn1Tags.Constructed); + WriteHdr(tag); + } + else + { + if ((tag & Asn1Tags.Constructed) != 0) + { + WriteHdr(tagNum | Asn1Tags.Constructed); + } + else + { + WriteHdr(tagNum); + } + } + } + else + { + WriteHdr(tag); + } + } + + protected void WriteBerBody( + Stream contentStream) + { + Streams.PipeAll(contentStream, Out); + } + + protected void WriteBerEnd() + { + Out.WriteByte(0x00); + Out.WriteByte(0x00); + + if (_tagged && _isExplicit) // write extra end for tag header + { + Out.WriteByte(0x00); + Out.WriteByte(0x00); + } + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/BEROctetStringGenerator.cs b/BouncyCastle/crypto/src/asn1/BEROctetStringGenerator.cs new file mode 100644 index 0000000..de0a6c0 --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/BEROctetStringGenerator.cs @@ -0,0 +1,137 @@ +using System; +using System.IO; + +using Org.BouncyCastle.Utilities.IO; + +namespace Org.BouncyCastle.Asn1 +{ + public class BerOctetStringGenerator + : BerGenerator + { + public BerOctetStringGenerator(Stream outStream) + : base(outStream) + { + WriteBerHeader(Asn1Tags.Constructed | Asn1Tags.OctetString); + } + + public BerOctetStringGenerator( + Stream outStream, + int tagNo, + bool isExplicit) + : base(outStream, tagNo, isExplicit) + { + WriteBerHeader(Asn1Tags.Constructed | Asn1Tags.OctetString); + } + + public Stream GetOctetOutputStream() + { + return GetOctetOutputStream(new byte[1000]); // limit for CER encoding. + } + + public Stream GetOctetOutputStream( + int bufSize) + { + return bufSize < 1 + ? GetOctetOutputStream() + : GetOctetOutputStream(new byte[bufSize]); + } + + public Stream GetOctetOutputStream( + byte[] buf) + { + return new BufferedBerOctetStream(this, buf); + } + + private class BufferedBerOctetStream + : BaseOutputStream + { + private byte[] _buf; + private int _off; + private readonly BerOctetStringGenerator _gen; + private readonly Asn1OutputStream _derOut; + + internal BufferedBerOctetStream( + BerOctetStringGenerator gen, + byte[] buf) + { + _gen = gen; + _buf = buf; + _off = 0; + _derOut = Asn1OutputStream.Create(_gen.Out, Asn1Encodable.Der); + } + + public override void WriteByte( + byte b) + { + _buf[_off++] = b; + + if (_off == _buf.Length) + { + DerOctetString.Encode(_derOut, _buf, 0, _off); + _off = 0; + } + } + + public override void Write(byte[] b, int off, int len) + { + int bufLen = _buf.Length; + int available = bufLen - _off; + if (len < available) + { + Array.Copy(b, off, _buf, _off, len); + _off += len; + return; + } + + int count = 0; + if (_off > 0) + { + Array.Copy(b, off, _buf, _off, available); + count += available; + DerOctetString.Encode(_derOut, _buf, 0, bufLen); + } + + int remaining; + while ((remaining = len - count) >= bufLen) + { + DerOctetString.Encode(_derOut, b, off + count, bufLen); + count += bufLen; + } + + Array.Copy(b, off + count, _buf, 0, remaining); + this._off = remaining; + } + +#if PORTABLE + protected override void Dispose(bool disposing) + { + if (disposing) + { + if (_off != 0) + { + DerOctetString.Encode(_derOut, true, _buf, 0, _off); + } + + _derOut.FlushInternal(); + + _gen.WriteBerEnd(); + } + base.Dispose(disposing); + } +#else + public override void Close() + { + if (_off != 0) + { + DerOctetString.Encode(_derOut, _buf, 0, _off); + } + + _derOut.FlushInternal(); + + _gen.WriteBerEnd(); + base.Close(); + } +#endif + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/BEROctetStringParser.cs b/BouncyCastle/crypto/src/asn1/BEROctetStringParser.cs new file mode 100644 index 0000000..c8c344e --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/BEROctetStringParser.cs @@ -0,0 +1,40 @@ +using System; +using System.IO; + +using Org.BouncyCastle.Utilities.IO; + +namespace Org.BouncyCastle.Asn1 +{ + public class BerOctetStringParser + : Asn1OctetStringParser + { + private readonly Asn1StreamParser _parser; + + internal BerOctetStringParser(Asn1StreamParser parser) + { + _parser = parser; + } + + public Stream GetOctetStream() + { + return new ConstructedOctetStream(_parser); + } + + public Asn1Object ToAsn1Object() + { + try + { + return Parse(_parser); + } + catch (IOException e) + { + throw new Asn1ParsingException("IOException converting stream to byte array: " + e.Message, e); + } + } + + internal static BerOctetString Parse(Asn1StreamParser sp) + { + return new BerOctetString(Streams.ReadAll(new ConstructedOctetStream(sp))); + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/BERSequenceGenerator.cs b/BouncyCastle/crypto/src/asn1/BERSequenceGenerator.cs new file mode 100644 index 0000000..5ea2c9b --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/BERSequenceGenerator.cs @@ -0,0 +1,24 @@ +using System.IO; + +namespace Org.BouncyCastle.Asn1 +{ + public class BerSequenceGenerator + : BerGenerator + { + public BerSequenceGenerator( + Stream outStream) + : base(outStream) + { + WriteBerHeader(Asn1Tags.Constructed | Asn1Tags.Sequence); + } + + public BerSequenceGenerator( + Stream outStream, + int tagNo, + bool isExplicit) + : base(outStream, tagNo, isExplicit) + { + WriteBerHeader(Asn1Tags.Constructed | Asn1Tags.Sequence); + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/BERSequenceParser.cs b/BouncyCastle/crypto/src/asn1/BERSequenceParser.cs new file mode 100644 index 0000000..5fa1de8 --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/BERSequenceParser.cs @@ -0,0 +1,30 @@ +using System; + +namespace Org.BouncyCastle.Asn1 +{ + public class BerSequenceParser + : Asn1SequenceParser + { + private readonly Asn1StreamParser _parser; + + internal BerSequenceParser(Asn1StreamParser parser) + { + this._parser = parser; + } + + public IAsn1Convertible ReadObject() + { + return _parser.ReadObject(); + } + + public Asn1Object ToAsn1Object() + { + return Parse(_parser); + } + + internal static BerSequence Parse(Asn1StreamParser sp) + { + return new BerSequence(sp.ReadVector()); + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/BERSetGenerator.cs b/BouncyCastle/crypto/src/asn1/BERSetGenerator.cs new file mode 100644 index 0000000..72b1f90 --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/BERSetGenerator.cs @@ -0,0 +1,24 @@ +using System.IO; + +namespace Org.BouncyCastle.Asn1 +{ + public class BerSetGenerator + : BerGenerator + { + public BerSetGenerator( + Stream outStream) + : base(outStream) + { + WriteBerHeader(Asn1Tags.Constructed | Asn1Tags.Set); + } + + public BerSetGenerator( + Stream outStream, + int tagNo, + bool isExplicit) + : base(outStream, tagNo, isExplicit) + { + WriteBerHeader(Asn1Tags.Constructed | Asn1Tags.Set); + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/BERSetParser.cs b/BouncyCastle/crypto/src/asn1/BERSetParser.cs new file mode 100644 index 0000000..9da964c --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/BERSetParser.cs @@ -0,0 +1,30 @@ +using System; + +namespace Org.BouncyCastle.Asn1 +{ + public class BerSetParser + : Asn1SetParser + { + private readonly Asn1StreamParser _parser; + + internal BerSetParser(Asn1StreamParser parser) + { + this._parser = parser; + } + + public IAsn1Convertible ReadObject() + { + return _parser.ReadObject(); + } + + public Asn1Object ToAsn1Object() + { + return Parse(_parser); + } + + internal static BerSet Parse(Asn1StreamParser sp) + { + return new BerSet(sp.ReadVector()); + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/BERTaggedObjectParser.cs b/BouncyCastle/crypto/src/asn1/BERTaggedObjectParser.cs new file mode 100644 index 0000000..c87f6cf --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/BERTaggedObjectParser.cs @@ -0,0 +1,94 @@ +using System; +using System.IO; + +namespace Org.BouncyCastle.Asn1 +{ + [Obsolete("Will be made non-public. Test for and use only Asn1TaggedObjectParser.")] + public class BerTaggedObjectParser + : Asn1TaggedObjectParser + { + internal readonly int m_tagClass; + internal readonly int m_tagNo; + internal readonly Asn1StreamParser m_parser; + + internal BerTaggedObjectParser(int tagClass, int tagNo, Asn1StreamParser parser) + { + m_tagClass = tagClass; + m_tagNo = tagNo; + m_parser = parser; + } + + public virtual bool IsConstructed + { + get { return true; } + } + + public int TagClass + { + get { return m_tagClass; } + } + + public int TagNo + { + get { return m_tagNo; } + } + + public bool HasContextTag(int tagNo) + { + return m_tagClass == Asn1Tags.ContextSpecific && m_tagNo == tagNo; + } + + public bool HasTag(int tagClass, int tagNo) + { + return m_tagClass == tagClass && m_tagNo == tagNo; + } + + [Obsolete("Use 'Parse...' methods instead, after checking this parser's TagClass and TagNo")] + public IAsn1Convertible GetObjectParser(int baseTagNo, bool declaredExplicit) + { + if (Asn1Tags.ContextSpecific != TagClass) + throw new Asn1Exception("this method only valid for CONTEXT_SPECIFIC tags"); + + return ParseBaseUniversal(declaredExplicit, baseTagNo); + } + + public virtual IAsn1Convertible ParseBaseUniversal(bool declaredExplicit, int baseTagNo) + { + if (declaredExplicit) + return m_parser.ParseObject(baseTagNo); + + return m_parser.ParseImplicitConstructedIL(baseTagNo); + } + + public virtual IAsn1Convertible ParseExplicitBaseObject() + { + return m_parser.ReadObject(); + } + + public virtual Asn1TaggedObjectParser ParseExplicitBaseTagged() + { + return m_parser.ParseTaggedObject(); + } + + public virtual Asn1TaggedObjectParser ParseImplicitBaseTagged(int baseTagClass, int baseTagNo) + { + // TODO[asn1] Special handling can be removed once ASN1ApplicationSpecificParser types removed. + if (Asn1Tags.Application == baseTagClass) + return new BerApplicationSpecificParser(baseTagNo, m_parser); + + return new BerTaggedObjectParser(baseTagClass, baseTagNo, m_parser); + } + + public virtual Asn1Object ToAsn1Object() + { + try + { + return m_parser.LoadTaggedIL(TagClass, TagNo); + } + catch (IOException e) + { + throw new Asn1ParsingException(e.Message); + } + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/BerApplicationSpecific.cs b/BouncyCastle/crypto/src/asn1/BerApplicationSpecific.cs new file mode 100644 index 0000000..2a87498 --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/BerApplicationSpecific.cs @@ -0,0 +1,47 @@ +using System; + +namespace Org.BouncyCastle.Asn1 +{ + public class BerApplicationSpecific + : DerApplicationSpecific + { + /** + * Create an application specific object with an explicit tag + * + * @param tagNo the tag number for this object. + * @param baseEncodable the object to be contained. + */ + public BerApplicationSpecific(int tagNo, Asn1Encodable baseEncodable) + : this(true, tagNo, baseEncodable) + { + } + + /** + * Create an application specific object with the tagging style given by the value of explicit. + * + * @param explicit true if the object is explicitly tagged. + * @param tagNo the tag number for this object. + * @param baseEncodable the object to be contained. + */ + public BerApplicationSpecific(bool isExplicit, int tagNo, Asn1Encodable baseEncodable) + : base(new BerTaggedObject(isExplicit, Asn1Tags.Application, tagNo, baseEncodable)) + { + } + + /** + * Create an application specific object which is marked as constructed + * + * @param tagNo the tag number for this object. + * @param contentsElements the objects making up the application specific object. + */ + public BerApplicationSpecific(int tagNo, Asn1EncodableVector contentsElements) + : base(new BerTaggedObject(false, Asn1Tags.Application, tagNo, BerSequence.FromVector(contentsElements))) + { + } + + internal BerApplicationSpecific(Asn1TaggedObject taggedObject) + : base(taggedObject) + { + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/BerApplicationSpecificParser.cs b/BouncyCastle/crypto/src/asn1/BerApplicationSpecificParser.cs new file mode 100644 index 0000000..75b7e76 --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/BerApplicationSpecificParser.cs @@ -0,0 +1,19 @@ +using System; + +namespace Org.BouncyCastle.Asn1 +{ + public class BerApplicationSpecificParser + : BerTaggedObjectParser, IAsn1ApplicationSpecificParser + { + internal BerApplicationSpecificParser(int tagNo, Asn1StreamParser parser) + : base(Asn1Tags.Application, tagNo, parser) + { + } + + public IAsn1Convertible ReadObject() + { + // NOTE: No way to say you're looking for an implicitly-tagged object via IAsn1ApplicationSpecificParser + return ParseExplicitBaseObject(); + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/BerBitStringParser.cs b/BouncyCastle/crypto/src/asn1/BerBitStringParser.cs new file mode 100644 index 0000000..656538b --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/BerBitStringParser.cs @@ -0,0 +1,56 @@ +using System; +using System.IO; + +using Org.BouncyCastle.Utilities.IO; + +namespace Org.BouncyCastle.Asn1 +{ + /// A parser for indefinite-length BIT STRINGs. + internal class BerBitStringParser + : Asn1BitStringParser + { + private readonly Asn1StreamParser m_parser; + + private ConstructedBitStream m_bitStream; + + internal BerBitStringParser(Asn1StreamParser parser) + { + m_parser = parser; + } + + public Stream GetOctetStream() + { + return m_bitStream = new ConstructedBitStream(m_parser, true); + } + + public Stream GetBitStream() + { + return m_bitStream = new ConstructedBitStream(m_parser, false); + } + + public int PadBits + { + get { return m_bitStream.PadBits; } + } + + public Asn1Object ToAsn1Object() + { + try + { + return Parse(m_parser); + } + catch (IOException e) + { + throw new Asn1ParsingException("IOException converting stream to byte array: " + e.Message, e); + } + } + + internal static BerBitString Parse(Asn1StreamParser sp) + { + ConstructedBitStream bitStream = new ConstructedBitStream(sp, false); + byte[] data = Streams.ReadAll(bitStream); + int padBits = bitStream.PadBits; + return new BerBitString(data, padBits); + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/BerNull.cs b/BouncyCastle/crypto/src/asn1/BerNull.cs new file mode 100644 index 0000000..90067d4 --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/BerNull.cs @@ -0,0 +1,20 @@ +using System; + +namespace Org.BouncyCastle.Asn1 +{ + /** + * A BER Null object. + */ + [Obsolete("Use 'DerNull' instead")] + public class BerNull + : DerNull + { + [Obsolete("Use 'DerNull.Instance' instead")] + public static new readonly BerNull Instance = new BerNull(); + + private BerNull() + : base() + { + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/BerOctetString.cs b/BouncyCastle/crypto/src/asn1/BerOctetString.cs new file mode 100644 index 0000000..8e51f8b --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/BerOctetString.cs @@ -0,0 +1,196 @@ +using System; +using System.Collections; +using System.Diagnostics; + +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Asn1 +{ + public class BerOctetString + : DerOctetString, IEnumerable + { + private const int DefaultSegmentLimit = 1000; + + public static BerOctetString FromSequence(Asn1Sequence seq) + { + int count = seq.Count; + Asn1OctetString[] v = new Asn1OctetString[count]; + for (int i = 0; i < count; ++i) + { + v[i] = GetInstance(seq[i]); + } + return new BerOctetString(v); + } + + internal static byte[] FlattenOctetStrings(Asn1OctetString[] octetStrings) + { + int count = octetStrings.Length; + switch (count) + { + case 0: + return EmptyOctets; + case 1: + return octetStrings[0].contents; + default: + { + int totalOctets = 0; + for (int i = 0; i < count; ++i) + { + totalOctets += octetStrings[i].contents.Length; + } + + byte[] str = new byte[totalOctets]; + int pos = 0; + for (int i = 0; i < count; ++i) + { + byte[] octets = octetStrings[i].contents; + Array.Copy(octets, 0, str, pos, octets.Length); + pos += octets.Length; + } + + Debug.Assert(pos == totalOctets); + return str; + } + } + } + + private static Asn1OctetString[] ToOctetStringArray(IEnumerable e) + { + IList list = Platform.CreateArrayList(e); + + int count = list.Count; + Asn1OctetString[] v = new Asn1OctetString[count]; + for (int i = 0; i < count; ++i) + { + v[i] = GetInstance(list[i]); + } + return v; + } + + private readonly int segmentLimit; + private readonly Asn1OctetString[] elements; + + [Obsolete("Will be removed")] + public BerOctetString(IEnumerable e) + : this(ToOctetStringArray(e)) + { + } + + public BerOctetString(byte[] contents) + : this(contents, DefaultSegmentLimit) + { + } + + public BerOctetString(Asn1OctetString[] elements) + : this(elements, DefaultSegmentLimit) + { + } + + public BerOctetString(byte[] contents, int segmentLimit) + : this(contents, null, segmentLimit) + { + } + + public BerOctetString(Asn1OctetString[] elements, int segmentLimit) + : this(FlattenOctetStrings(elements), elements, segmentLimit) + { + } + + private BerOctetString(byte[] contents, Asn1OctetString[] elements, int segmentLimit) + : base(contents) + { + this.elements = elements; + this.segmentLimit = segmentLimit; + } + + /** + * return the DER octets that make up this string. + */ + public IEnumerator GetEnumerator() + { + if (elements == null) + return new ChunkEnumerator(contents, segmentLimit); + + return elements.GetEnumerator(); + } + + [Obsolete("Use GetEnumerator() instead")] + public IEnumerator GetObjects() + { + return GetEnumerator(); + } + + internal override IAsn1Encoding GetEncoding(int encoding) + { + if (Asn1OutputStream.EncodingBer != encoding) + return base.GetEncoding(encoding); + + if (null == elements) + return new PrimitiveEncoding(Asn1Tags.Universal, Asn1Tags.OctetString, contents); + + return new ConstructedILEncoding(Asn1Tags.Universal, Asn1Tags.OctetString, + Asn1OutputStream.GetContentsEncodings(encoding, elements)); + } + + internal override IAsn1Encoding GetEncodingImplicit(int encoding, int tagClass, int tagNo) + { + if (Asn1OutputStream.EncodingBer != encoding) + return base.GetEncodingImplicit(encoding, tagClass, tagNo); + + if (null == elements) + return new PrimitiveEncoding(tagClass, tagNo, contents); + + return new ConstructedILEncoding(tagClass, tagNo, + Asn1OutputStream.GetContentsEncodings(encoding, elements)); + } + + private class ChunkEnumerator + : IEnumerator + { + private readonly byte[] octets; + private readonly int segmentLimit; + + private DerOctetString currentSegment = null; + private int nextSegmentPos = 0; + + internal ChunkEnumerator(byte[] octets, int segmentLimit) + { + this.octets = octets; + this.segmentLimit = segmentLimit; + } + + public object Current + { + get + { + if (null == currentSegment) + throw new InvalidOperationException(); + + return currentSegment; + } + } + + public bool MoveNext() + { + if (nextSegmentPos >= octets.Length) + { + this.currentSegment = null; + return false; + } + + int length = System.Math.Min(octets.Length - nextSegmentPos, segmentLimit); + byte[] segment = new byte[length]; + Array.Copy(octets, nextSegmentPos, segment, 0, length); + this.currentSegment = new DerOctetString(segment); + this.nextSegmentPos += length; + return true; + } + + public void Reset() + { + this.currentSegment = null; + this.nextSegmentPos = 0; + } + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/BerOutputStream.cs b/BouncyCastle/crypto/src/asn1/BerOutputStream.cs new file mode 100644 index 0000000..1486368 --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/BerOutputStream.cs @@ -0,0 +1,26 @@ +using System; +using System.IO; + +namespace Org.BouncyCastle.Asn1 +{ + [Obsolete("Use 'Asn1OutputStream' instead")] + public class BerOutputStream + : DerOutputStream + { + [Obsolete("Use 'Asn1OutputStream.Create' instead")] + public BerOutputStream(Stream os) + : base(os) + { + } + + public override void WriteObject(Asn1Encodable encodable) + { + Asn1OutputStream.Create(s).WriteObject(encodable); + } + + public override void WriteObject(Asn1Object primitive) + { + Asn1OutputStream.Create(s).WriteObject(primitive); + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/BerSequence.cs b/BouncyCastle/crypto/src/asn1/BerSequence.cs new file mode 100644 index 0000000..deed8fb --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/BerSequence.cs @@ -0,0 +1,89 @@ +using System; + +namespace Org.BouncyCastle.Asn1 +{ + public class BerSequence + : DerSequence + { + public static new readonly BerSequence Empty = new BerSequence(); + + public static new BerSequence FromVector(Asn1EncodableVector elementVector) + { + return elementVector.Count < 1 ? Empty : new BerSequence(elementVector); + } + + /** + * create an empty sequence + */ + public BerSequence() + : base() + { + } + + /** + * create a sequence containing one object + */ + public BerSequence(Asn1Encodable element) + : base(element) + { + } + + public BerSequence(params Asn1Encodable[] elements) + : base(elements) + { + } + + /** + * create a sequence containing a vector of objects. + */ + public BerSequence(Asn1EncodableVector elementVector) + : base(elementVector) + { + } + + internal BerSequence(Asn1Encodable[] elements, bool clone) + : base(elements, clone) + { + } + + internal override IAsn1Encoding GetEncoding(int encoding) + { + if (Asn1OutputStream.EncodingBer != encoding) + return base.GetEncoding(encoding); + + return new ConstructedILEncoding(Asn1Tags.Universal, Asn1Tags.Sequence, + Asn1OutputStream.GetContentsEncodings(encoding, elements)); + } + + internal override IAsn1Encoding GetEncodingImplicit(int encoding, int tagClass, int tagNo) + { + if (Asn1OutputStream.EncodingBer != encoding) + return base.GetEncodingImplicit(encoding, tagClass, tagNo); + + return new ConstructedILEncoding(tagClass, tagNo, + Asn1OutputStream.GetContentsEncodings(encoding, elements)); + } + + internal override DerBitString ToAsn1BitString() + { + return new BerBitString(GetConstructedBitStrings()); + } + + internal override DerExternal ToAsn1External() + { + // TODO There is currently no BerExternal class (or ToDLObject/ToDerObject) + //return ((Asn1Sequence)ToDLObject()).ToAsn1External(); + return new DLSequence(elements).ToAsn1External(); + } + + internal override Asn1OctetString ToAsn1OctetString() + { + return new BerOctetString(GetConstructedOctetStrings()); + } + + internal override Asn1Set ToAsn1Set() + { + return new BerSet(false, elements); + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/BerSet.cs b/BouncyCastle/crypto/src/asn1/BerSet.cs new file mode 100644 index 0000000..0a273b3 --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/BerSet.cs @@ -0,0 +1,69 @@ +using System; + +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Asn1 +{ + public class BerSet + : DerSet + { + public static new readonly BerSet Empty = new BerSet(); + + public static new BerSet FromVector(Asn1EncodableVector elementVector) + { + return elementVector.Count < 1 ? Empty : new BerSet(elementVector); + } + + /** + * create an empty set + */ + public BerSet() + : base() + { + } + + /** + * create a set containing one object + */ + public BerSet(Asn1Encodable element) + : base(element) + { + } + + public BerSet(params Asn1Encodable[] elements) + : base(elements, false) + { + } + + /** + * create a set containing a vector of objects. + */ + public BerSet(Asn1EncodableVector elementVector) + : base(elementVector, false) + { + } + + internal BerSet(bool isSorted, Asn1Encodable[] elements) + : base(isSorted, elements) + { + } + + internal override IAsn1Encoding GetEncoding(int encoding) + { + if (Asn1OutputStream.EncodingBer != encoding) + return base.GetEncoding(encoding); + + return new ConstructedILEncoding(Asn1Tags.Universal, Asn1Tags.Set, + Asn1OutputStream.GetContentsEncodings(encoding, elements)); + } + + internal override IAsn1Encoding GetEncodingImplicit(int encoding, int tagClass, int tagNo) + { + if (Asn1OutputStream.EncodingBer != encoding) + return base.GetEncodingImplicit(encoding, tagClass, tagNo); + + return new ConstructedILEncoding(tagClass, tagNo, + Asn1OutputStream.GetContentsEncodings(encoding, elements)); + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/BerTaggedObject.cs b/BouncyCastle/crypto/src/asn1/BerTaggedObject.cs new file mode 100644 index 0000000..e613d98 --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/BerTaggedObject.cs @@ -0,0 +1,98 @@ +using System; + +namespace Org.BouncyCastle.Asn1 +{ + /** + * BER TaggedObject - in ASN.1 notation this is any object preceded by + * a [n] where n is some number - these are assumed to follow the construction + * rules (as with sequences). + */ + public class BerTaggedObject + : DerTaggedObject + { + /** + * create an implicitly tagged object that contains a zero + * length sequence. + */ + [Obsolete("Will be removed")] + public BerTaggedObject(int tagNo) + : base(false, tagNo, BerSequence.Empty) + { + } + + /** + * @param tagNo the tag number for this object. + * @param obj the tagged object. + */ + public BerTaggedObject(int tagNo, Asn1Encodable obj) + : base(true, tagNo, obj) + { + } + + public BerTaggedObject(int tagClass, int tagNo, Asn1Encodable obj) + : base(true, tagClass, tagNo, obj) + { + } + + /** + * @param isExplicit true if an explicitly tagged object. + * @param tagNo the tag number for this object. + * @param obj the tagged object. + */ + public BerTaggedObject(bool isExplicit, int tagNo, Asn1Encodable obj) + : base(isExplicit, tagNo, obj) + { + } + + public BerTaggedObject(bool isExplicit, int tagClass, int tagNo, Asn1Encodable obj) + : base(isExplicit, tagClass, tagNo, obj) + { + } + + internal BerTaggedObject(int explicitness, int tagClass, int tagNo, Asn1Encodable obj) + : base(explicitness, tagClass, tagNo, obj) + { + } + + internal override string Asn1Encoding + { + get { return Ber; } + } + + internal override IAsn1Encoding GetEncoding(int encoding) + { + if (Asn1OutputStream.EncodingBer != encoding) + return base.GetEncoding(encoding); + + Asn1Object baseObject = GetBaseObject().ToAsn1Object(); + + if (!IsExplicit()) + return baseObject.GetEncodingImplicit(encoding, TagClass, TagNo); + + return new ConstructedILEncoding(TagClass, TagNo, new IAsn1Encoding[]{ baseObject.GetEncoding(encoding) }); + } + + internal override IAsn1Encoding GetEncodingImplicit(int encoding, int tagClass, int tagNo) + { + if (Asn1OutputStream.EncodingBer != encoding) + return base.GetEncodingImplicit(encoding, tagClass, tagNo); + + Asn1Object baseObject = GetBaseObject().ToAsn1Object(); + + if (!IsExplicit()) + return baseObject.GetEncodingImplicit(encoding, tagClass, tagNo); + + return new ConstructedILEncoding(tagClass, tagNo, new IAsn1Encoding[]{ baseObject.GetEncoding(encoding) }); + } + + internal override Asn1Sequence RebuildConstructed(Asn1Object asn1Object) + { + return new BerSequence(asn1Object); + } + + internal override Asn1TaggedObject ReplaceTag(int tagClass, int tagNo) + { + return new BerTaggedObject(explicitness, tagClass, tagNo, obj); + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/ConstructedBitStream.cs b/BouncyCastle/crypto/src/asn1/ConstructedBitStream.cs new file mode 100644 index 0000000..7c9e7c9 --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/ConstructedBitStream.cs @@ -0,0 +1,134 @@ +using System; +using System.IO; + +using Org.BouncyCastle.Utilities; +using Org.BouncyCastle.Utilities.IO; + +namespace Org.BouncyCastle.Asn1 +{ + internal class ConstructedBitStream + : BaseInputStream + { + private readonly Asn1StreamParser m_parser; + private readonly bool m_octetAligned; + + private bool m_first = true; + private int m_padBits = 0; + + private Asn1BitStringParser m_currentParser; + private Stream m_currentStream; + + internal ConstructedBitStream(Asn1StreamParser parser, bool octetAligned) + { + m_parser = parser; + m_octetAligned = octetAligned; + } + + internal int PadBits + { + get { return m_padBits; } + } + + public override int Read(byte[] buf, int off, int len) + { + if (len < 1) + return 0; + + if (m_currentStream == null) + { + if (!m_first) + return 0; + + m_currentParser = GetNextParser(); + if (m_currentParser == null) + return 0; + + m_first = false; + m_currentStream = m_currentParser.GetBitStream(); + } + + int totalRead = 0; + + for (;;) + { + int numRead = m_currentStream.Read(buf, off + totalRead, len - totalRead); + + if (numRead > 0) + { + totalRead += numRead; + + if (totalRead == len) + return totalRead; + } + else + { + m_padBits = m_currentParser.PadBits; + m_currentParser = GetNextParser(); + if (m_currentParser == null) + { + m_currentStream = null; + return totalRead; + } + + m_currentStream = m_currentParser.GetBitStream(); + } + } + } + + public override int ReadByte() + { + if (m_currentStream == null) + { + if (!m_first) + return -1; + + m_currentParser = GetNextParser(); + if (m_currentParser == null) + return -1; + + m_first = false; + m_currentStream = m_currentParser.GetBitStream(); + } + + for (;;) + { + int b = m_currentStream.ReadByte(); + + if (b >= 0) + return b; + + m_padBits = m_currentParser.PadBits; + m_currentParser = GetNextParser(); + if (m_currentParser == null) + { + m_currentStream = null; + return -1; + } + + m_currentStream = m_currentParser.GetBitStream(); + } + } + + private Asn1BitStringParser GetNextParser() + { + IAsn1Convertible asn1Obj = m_parser.ReadObject(); + if (asn1Obj == null) + { + if (m_octetAligned && m_padBits != 0) + throw new IOException("expected octet-aligned bitstring, but found padBits: " + m_padBits); + + return null; + } + + if (asn1Obj is Asn1BitStringParser) + { + if (m_padBits != 0) + throw new IOException("only the last nested bitstring can have padding"); + + return (Asn1BitStringParser)asn1Obj; + } + + throw new IOException("unknown object encountered: " + Platform.GetTypeName(asn1Obj)); + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/ConstructedDLEncoding.cs b/BouncyCastle/crypto/src/asn1/ConstructedDLEncoding.cs new file mode 100644 index 0000000..f7d8bec --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/ConstructedDLEncoding.cs @@ -0,0 +1,35 @@ +using System; + +namespace Org.BouncyCastle.Asn1 +{ + internal class ConstructedDLEncoding + : IAsn1Encoding + { + private readonly int m_tagClass; + private readonly int m_tagNo; + private readonly IAsn1Encoding[] m_contentsElements; + private readonly int m_contentsLength; + + internal ConstructedDLEncoding(int tagClass, int tagNo, IAsn1Encoding[] contentsElements) + { + m_tagClass = tagClass; + m_tagNo = tagNo; + m_contentsElements = contentsElements; + m_contentsLength = Asn1OutputStream.GetLengthOfContents(contentsElements); + } + + void IAsn1Encoding.Encode(Asn1OutputStream asn1Out) + { + asn1Out.WriteIdentifier(Asn1Tags.Constructed | m_tagClass, m_tagNo); + asn1Out.WriteDL(m_contentsLength); + asn1Out.EncodeContents(m_contentsElements); + } + + int IAsn1Encoding.GetLength() + { + return Asn1OutputStream.GetLengthOfIdentifier(m_tagNo) + + Asn1OutputStream.GetLengthOfDL(m_contentsLength) + + m_contentsLength; + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/ConstructedILEncoding.cs b/BouncyCastle/crypto/src/asn1/ConstructedILEncoding.cs new file mode 100644 index 0000000..1934c6f --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/ConstructedILEncoding.cs @@ -0,0 +1,35 @@ +using System; + +namespace Org.BouncyCastle.Asn1 +{ + internal class ConstructedILEncoding + : IAsn1Encoding + { + private readonly int m_tagClass; + private readonly int m_tagNo; + private readonly IAsn1Encoding[] m_contentsElements; + + internal ConstructedILEncoding(int tagClass, int tagNo, IAsn1Encoding[] contentsElements) + { + m_tagClass = tagClass; + m_tagNo = tagNo; + m_contentsElements = contentsElements; + } + + void IAsn1Encoding.Encode(Asn1OutputStream asn1Out) + { + asn1Out.WriteIdentifier(Asn1Tags.Constructed | m_tagClass, m_tagNo); + asn1Out.WriteByte(0x80); + asn1Out.EncodeContents(m_contentsElements); + asn1Out.WriteByte(0x00); + asn1Out.WriteByte(0x00); + } + + int IAsn1Encoding.GetLength() + { + return Asn1OutputStream.GetLengthOfIdentifier(m_tagNo) + + 3 + + Asn1OutputStream.GetLengthOfContents(m_contentsElements); + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/ConstructedLazyDLEncoding.cs b/BouncyCastle/crypto/src/asn1/ConstructedLazyDLEncoding.cs new file mode 100644 index 0000000..3847b46 --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/ConstructedLazyDLEncoding.cs @@ -0,0 +1,33 @@ +using System; + +namespace Org.BouncyCastle.Asn1 +{ + internal class ConstructedLazyDLEncoding + : IAsn1Encoding + { + private readonly int m_tagClass; + private readonly int m_tagNo; + private readonly byte[] m_contentsOctets; + + internal ConstructedLazyDLEncoding(int tagClass, int tagNo, byte[] contentsOctets) + { + m_tagClass = tagClass; + m_tagNo = tagNo; + m_contentsOctets = contentsOctets; + } + + void IAsn1Encoding.Encode(Asn1OutputStream asn1Out) + { + asn1Out.WriteIdentifier(Asn1Tags.Constructed | m_tagClass, m_tagNo); + asn1Out.WriteDL(m_contentsOctets.Length); + asn1Out.Write(m_contentsOctets, 0, m_contentsOctets.Length); + } + + int IAsn1Encoding.GetLength() + { + return Asn1OutputStream.GetLengthOfIdentifier(m_tagNo) + + Asn1OutputStream.GetLengthOfDL(m_contentsOctets.Length) + + m_contentsOctets.Length; + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/ConstructedOctetStream.cs b/BouncyCastle/crypto/src/asn1/ConstructedOctetStream.cs new file mode 100644 index 0000000..5541939 --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/ConstructedOctetStream.cs @@ -0,0 +1,111 @@ +using System.IO; + +using Org.BouncyCastle.Utilities; +using Org.BouncyCastle.Utilities.IO; + +namespace Org.BouncyCastle.Asn1 +{ + internal class ConstructedOctetStream + : BaseInputStream + { + private readonly Asn1StreamParser m_parser; + + private bool m_first = true; + private Stream m_currentStream; + + internal ConstructedOctetStream(Asn1StreamParser parser) + { + m_parser = parser; + } + + public override int Read(byte[] buf, int off, int len) + { + if (len < 1) + return 0; + + if (m_currentStream == null) + { + if (!m_first) + return 0; + + Asn1OctetStringParser next = GetNextParser(); + if (next == null) + return 0; + + m_first = false; + m_currentStream = next.GetOctetStream(); + } + + int totalRead = 0; + + for (;;) + { + int numRead = m_currentStream.Read(buf, off + totalRead, len - totalRead); + + if (numRead > 0) + { + totalRead += numRead; + + if (totalRead == len) + return totalRead; + } + else + { + Asn1OctetStringParser next = GetNextParser(); + if (next == null) + { + m_currentStream = null; + return totalRead; + } + + m_currentStream = next.GetOctetStream(); + } + } + } + + public override int ReadByte() + { + if (m_currentStream == null) + { + if (!m_first) + return -1; + + Asn1OctetStringParser next = GetNextParser(); + if (next == null) + return -1; + + m_first = false; + m_currentStream = next.GetOctetStream(); + } + + for (;;) + { + int b = m_currentStream.ReadByte(); + + if (b >= 0) + return b; + + Asn1OctetStringParser next = GetNextParser(); + if (next == null) + { + m_currentStream = null; + return -1; + } + + m_currentStream = next.GetOctetStream(); + } + } + + private Asn1OctetStringParser GetNextParser() + { + IAsn1Convertible asn1Obj = m_parser.ReadObject(); + if (asn1Obj == null) + return null; + + if (asn1Obj is Asn1OctetStringParser) + return (Asn1OctetStringParser)asn1Obj; + + throw new IOException("unknown object encountered: " + Platform.GetTypeName(asn1Obj)); + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/DERExternal.cs b/BouncyCastle/crypto/src/asn1/DERExternal.cs new file mode 100644 index 0000000..b8987d5 --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/DERExternal.cs @@ -0,0 +1,284 @@ +using System; +using System.IO; + +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Asn1 +{ + /** + * Class representing the DER-type External + */ + public class DerExternal + : Asn1Object + { + internal class Meta : Asn1UniversalType + { + internal static readonly Asn1UniversalType Instance = new Meta(); + + private Meta() : base(typeof(DerExternal), Asn1Tags.External) {} + + internal override Asn1Object FromImplicitConstructed(Asn1Sequence sequence) + { + return sequence.ToAsn1External(); + } + } + + public static DerExternal GetInstance(object obj) + { + if (obj == null || obj is DerExternal) + { + return (DerExternal)obj; + } + else if (obj is IAsn1Convertible) + { + Asn1Object asn1Object = ((IAsn1Convertible)obj).ToAsn1Object(); + if (asn1Object is DerExternal) + return (DerExternal)asn1Object; + } + else if (obj is byte[]) + { + try + { + return (DerExternal)Meta.Instance.FromByteArray((byte[])obj); + } + catch (IOException e) + { + throw new ArgumentException("failed to construct external from byte[]: " + e.Message); + } + } + + throw new ArgumentException("illegal object in GetInstance: " + Platform.GetTypeName(obj), "obj"); + } + + public static DerExternal GetInstance(Asn1TaggedObject taggedObject, bool declaredExplicit) + { + return (DerExternal)Meta.Instance.GetContextInstance(taggedObject, declaredExplicit); + } + + private readonly DerObjectIdentifier directReference; + private readonly DerInteger indirectReference; + private readonly Asn1ObjectDescriptor dataValueDescriptor; + private readonly int encoding; + private readonly Asn1Object externalContent; + + [Obsolete("Use constructor taking an Asn1Sequence instead.")] + public DerExternal(Asn1EncodableVector vector) + : this(new DerSequence(vector)) + { + } + + public DerExternal(DerSequence sequence) + { + int offset = 0; + + Asn1Object asn1 = GetObjFromSequence(sequence, offset); + if (asn1 is DerObjectIdentifier) + { + directReference = (DerObjectIdentifier)asn1; + asn1 = GetObjFromSequence(sequence, ++offset); + } + if (asn1 is DerInteger) + { + indirectReference = (DerInteger)asn1; + asn1 = GetObjFromSequence(sequence, ++offset); + } + if (!(asn1 is Asn1TaggedObject)) + { + dataValueDescriptor = (Asn1ObjectDescriptor)asn1; + asn1 = GetObjFromSequence(sequence, ++offset); + } + + if (sequence.Count != offset + 1) + throw new ArgumentException("input sequence too large", "sequence"); + + if (!(asn1 is Asn1TaggedObject)) + throw new ArgumentException( + "No tagged object found in sequence. Structure doesn't seem to be of type External", "sequence"); + + Asn1TaggedObject obj = (Asn1TaggedObject)asn1; + this.encoding = CheckEncoding(obj.TagNo); + this.externalContent = GetExternalContent(obj); + } + + [Obsolete("Use constructor with dataValueDescriptor of type Asn1ObjectDescriptor")] + public DerExternal(DerObjectIdentifier directReference, DerInteger indirectReference, + Asn1Object dataValueDescriptor, DerTaggedObject externalData) + : this(directReference, indirectReference, CheckDataValueDescriptor(dataValueDescriptor), externalData) + { + } + + /** + * Creates a new instance of DerExternal + * See X.690 for more informations about the meaning of these parameters + * @param directReference The direct reference or null if not set. + * @param indirectReference The indirect reference or null if not set. + * @param dataValueDescriptor The data value descriptor or null if not set. + * @param externalData The external data in its encoded form. + */ + public DerExternal(DerObjectIdentifier directReference, DerInteger indirectReference, + Asn1ObjectDescriptor dataValueDescriptor, DerTaggedObject externalData) + { + this.directReference = directReference; + this.indirectReference = indirectReference; + this.dataValueDescriptor = dataValueDescriptor; + this.encoding = CheckEncoding(externalData.TagNo); + this.externalContent = GetExternalContent(externalData); + } + + [Obsolete("Use constructor with dataValueDescriptor of type Asn1ObjectDescriptor")] + public DerExternal(DerObjectIdentifier directReference, DerInteger indirectReference, + Asn1Object dataValueDescriptor, int encoding, Asn1Object externalData) + : this(directReference, indirectReference, CheckDataValueDescriptor(dataValueDescriptor), encoding, + externalData) + { + } + + /** + * Creates a new instance of DerExternal. + * See X.690 for more informations about the meaning of these parameters + * @param directReference The direct reference or null if not set. + * @param indirectReference The indirect reference or null if not set. + * @param dataValueDescriptor The data value descriptor or null if not set. + * @param encoding The encoding to be used for the external data + * @param externalData The external data + */ + public DerExternal(DerObjectIdentifier directReference, DerInteger indirectReference, + Asn1ObjectDescriptor dataValueDescriptor, int encoding, Asn1Object externalData) + { + this.directReference = directReference; + this.indirectReference = indirectReference; + this.dataValueDescriptor = dataValueDescriptor; + this.encoding = CheckEncoding(encoding); + this.externalContent = CheckExternalContent(encoding, externalData); + } + + internal Asn1Sequence BuildSequence() + { + Asn1EncodableVector v = new Asn1EncodableVector(4); + v.AddOptional(directReference, indirectReference, dataValueDescriptor); + v.Add(new DerTaggedObject(0 == encoding, encoding, externalContent)); + return new DerSequence(v); + } + + internal override IAsn1Encoding GetEncoding(int encoding) + { + return BuildSequence().GetEncodingImplicit(encoding, Asn1Tags.Universal, Asn1Tags.External); + } + + internal override IAsn1Encoding GetEncodingImplicit(int encoding, int tagClass, int tagNo) + { + return BuildSequence().GetEncodingImplicit(encoding, tagClass, tagNo); + } + + protected override int Asn1GetHashCode() + { + return Platform.GetHashCode(this.directReference) + ^ Platform.GetHashCode(this.indirectReference) + ^ Platform.GetHashCode(this.dataValueDescriptor) + ^ this.encoding + ^ this.externalContent.GetHashCode(); + } + + protected override bool Asn1Equals(Asn1Object asn1Object) + { + DerExternal that = asn1Object as DerExternal; + return null != that + && Platform.Equals(this.directReference, that.directReference) + && Platform.Equals(this.indirectReference, that.indirectReference) + && Platform.Equals(this.dataValueDescriptor, that.dataValueDescriptor) + && this.encoding == that.encoding + && this.externalContent.Equals(that.externalContent); + } + + public Asn1ObjectDescriptor DataValueDescriptor + { + get { return dataValueDescriptor; } + } + + public DerObjectIdentifier DirectReference + { + get { return directReference; } + } + + /** + * The encoding of the content. Valid values are + *
    + *
  • 0 single-ASN1-type
    • + *
  • 1 OCTET STRING
    • + *
  • 2 BIT STRING
    • + *
+ */ + public int Encoding + { + get { return encoding; } + } + + public Asn1Object ExternalContent + { + get { return externalContent; } + } + + public DerInteger IndirectReference + { + get { return indirectReference; } + } + + private static Asn1ObjectDescriptor CheckDataValueDescriptor(Asn1Object dataValueDescriptor) + { + if (dataValueDescriptor is Asn1ObjectDescriptor) + return (Asn1ObjectDescriptor)dataValueDescriptor; + if (dataValueDescriptor is DerGraphicString) + return new Asn1ObjectDescriptor((DerGraphicString)dataValueDescriptor); + + throw new ArgumentException("incompatible type for data-value-descriptor", "dataValueDescriptor"); + } + + private static int CheckEncoding(int encoding) + { + if (encoding < 0 || encoding > 2) + throw new InvalidOperationException("invalid encoding value: " + encoding); + + return encoding; + } + + private static Asn1Object CheckExternalContent(int tagNo, Asn1Object externalContent) + { + switch (tagNo) + { + case 1: + return Asn1OctetString.Meta.Instance.CheckedCast(externalContent); + case 2: + return DerBitString.Meta.Instance.CheckedCast(externalContent); + default: + return externalContent; + } + } + + private static Asn1Object GetExternalContent(Asn1TaggedObject encoding) + { + int tagClass = encoding.TagClass, tagNo = encoding.TagNo; + if (Asn1Tags.ContextSpecific != tagClass) + throw new ArgumentException("invalid tag: " + Asn1Utilities.GetTagText(tagClass, tagNo), "encoding"); + + switch (tagNo) + { + case 0: + return encoding.GetExplicitBaseObject().ToAsn1Object(); + case 1: + return Asn1OctetString.GetInstance(encoding, false); + case 2: + return DerBitString.GetInstance(encoding, false); + default: + throw new ArgumentException("invalid tag: " + Asn1Utilities.GetTagText(tagClass, tagNo), "encoding"); + } + } + + private static Asn1Object GetObjFromSequence(Asn1Sequence sequence, int index) + { + if (sequence.Count <= index) + throw new ArgumentException("too few objects in input sequence", "sequence"); + + return sequence[index].ToAsn1Object(); + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/DERExternalParser.cs b/BouncyCastle/crypto/src/asn1/DERExternalParser.cs new file mode 100644 index 0000000..5e52e63 --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/DERExternalParser.cs @@ -0,0 +1,31 @@ +using System; + +namespace Org.BouncyCastle.Asn1 +{ + public class DerExternalParser + : Asn1Encodable + { + private readonly Asn1StreamParser _parser; + + [Obsolete("Will be removed")] + public DerExternalParser(Asn1StreamParser parser) + { + this._parser = parser; + } + + public IAsn1Convertible ReadObject() + { + return _parser.ReadObject(); + } + + public override Asn1Object ToAsn1Object() + { + return Parse(_parser); + } + + internal static DerExternal Parse(Asn1StreamParser sp) + { + return new DerExternal(sp.ReadVector()); + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/DERGenerator.cs b/BouncyCastle/crypto/src/asn1/DERGenerator.cs new file mode 100644 index 0000000..387a2c5 --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/DERGenerator.cs @@ -0,0 +1,107 @@ +using System.IO; + +using Org.BouncyCastle.Utilities.IO; + +namespace Org.BouncyCastle.Asn1 +{ + public abstract class DerGenerator + : Asn1Generator + { + private bool _tagged = false; + private bool _isExplicit; + private int _tagNo; + + protected DerGenerator( + Stream outStream) + : base(outStream) + { + } + + protected DerGenerator( + Stream outStream, + int tagNo, + bool isExplicit) + : base(outStream) + { + _tagged = true; + _isExplicit = isExplicit; + _tagNo = tagNo; + } + + private static void WriteLength( + Stream outStr, + int length) + { + if (length > 127) + { + int size = 1; + int val = length; + + while ((val >>= 8) != 0) + { + size++; + } + + outStr.WriteByte((byte)(size | 0x80)); + + for (int i = (size - 1) * 8; i >= 0; i -= 8) + { + outStr.WriteByte((byte)(length >> i)); + } + } + else + { + outStr.WriteByte((byte)length); + } + } + + internal static void WriteDerEncoded( + Stream outStream, + int tag, + byte[] bytes) + { + outStream.WriteByte((byte) tag); + WriteLength(outStream, bytes.Length); + outStream.Write(bytes, 0, bytes.Length); + } + + internal void WriteDerEncoded( + int tag, + byte[] bytes) + { + if (_tagged) + { + int tagNum = _tagNo | Asn1Tags.ContextSpecific; + + if (_isExplicit) + { + int newTag = _tagNo | Asn1Tags.Constructed | Asn1Tags.ContextSpecific; + MemoryStream bOut = new MemoryStream(); + WriteDerEncoded(bOut, tag, bytes); + WriteDerEncoded(Out, newTag, bOut.ToArray()); + } + else + { + if ((tag & Asn1Tags.Constructed) != 0) + { + tagNum |= Asn1Tags.Constructed; + } + + WriteDerEncoded(Out, tagNum, bytes); + } + } + else + { + WriteDerEncoded(Out, tag, bytes); + } + } + + internal static void WriteDerEncoded( + Stream outStr, + int tag, + Stream inStr) + { + WriteDerEncoded(outStr, tag, Streams.ReadAll(inStr)); + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/DEROctetStringParser.cs b/BouncyCastle/crypto/src/asn1/DEROctetStringParser.cs new file mode 100644 index 0000000..b0d3ad8 --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/DEROctetStringParser.cs @@ -0,0 +1,36 @@ +using System; +using System.IO; + +using Org.BouncyCastle.Utilities.IO; + +namespace Org.BouncyCastle.Asn1 +{ + public class DerOctetStringParser + : Asn1OctetStringParser + { + private readonly DefiniteLengthInputStream stream; + + internal DerOctetStringParser( + DefiniteLengthInputStream stream) + { + this.stream = stream; + } + + public Stream GetOctetStream() + { + return stream; + } + + public Asn1Object ToAsn1Object() + { + try + { + return new DerOctetString(stream.ToArray()); + } + catch (IOException e) + { + throw new InvalidOperationException("IOException converting stream to byte array: " + e.Message, e); + } + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/DERSequenceGenerator.cs b/BouncyCastle/crypto/src/asn1/DERSequenceGenerator.cs new file mode 100644 index 0000000..12c9785 --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/DERSequenceGenerator.cs @@ -0,0 +1,44 @@ +using System.IO; + +namespace Org.BouncyCastle.Asn1 +{ + public class DerSequenceGenerator + : DerGenerator + { + private readonly MemoryStream _bOut = new MemoryStream(); + + public DerSequenceGenerator( + Stream outStream) + : base(outStream) + { + } + + public DerSequenceGenerator( + Stream outStream, + int tagNo, + bool isExplicit) + : base(outStream, tagNo, isExplicit) + { + } + + public override void AddObject(Asn1Encodable obj) + { + obj.EncodeTo(_bOut, Asn1Encodable.Der); + } + + public override void AddObject(Asn1Object obj) + { + obj.EncodeTo(_bOut, Asn1Encodable.Der); + } + + public override Stream GetRawOutputStream() + { + return _bOut; + } + + public override void Close() + { + WriteDerEncoded(Asn1Tags.Constructed | Asn1Tags.Sequence, _bOut.ToArray()); + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/DERSequenceParser.cs b/BouncyCastle/crypto/src/asn1/DERSequenceParser.cs new file mode 100644 index 0000000..a373fcf --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/DERSequenceParser.cs @@ -0,0 +1,26 @@ +using System; + +namespace Org.BouncyCastle.Asn1 +{ + // TODO[asn1] Should be renamed/replaced with DLSequenceParser + public class DerSequenceParser + : Asn1SequenceParser + { + private readonly Asn1StreamParser m_parser; + + internal DerSequenceParser(Asn1StreamParser parser) + { + this.m_parser = parser; + } + + public IAsn1Convertible ReadObject() + { + return m_parser.ReadObject(); + } + + public Asn1Object ToAsn1Object() + { + return DLSequence.FromVector(m_parser.ReadVector()); + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/DERSetGenerator.cs b/BouncyCastle/crypto/src/asn1/DERSetGenerator.cs new file mode 100644 index 0000000..6772417 --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/DERSetGenerator.cs @@ -0,0 +1,44 @@ +using System.IO; + +namespace Org.BouncyCastle.Asn1 +{ + public class DerSetGenerator + : DerGenerator + { + private readonly MemoryStream _bOut = new MemoryStream(); + + public DerSetGenerator( + Stream outStream) + : base(outStream) + { + } + + public DerSetGenerator( + Stream outStream, + int tagNo, + bool isExplicit) + : base(outStream, tagNo, isExplicit) + { + } + + public override void AddObject(Asn1Encodable obj) + { + obj.EncodeTo(_bOut, Asn1Encodable.Der); + } + + public override void AddObject(Asn1Object obj) + { + obj.EncodeTo(_bOut, Asn1Encodable.Der); + } + + public override Stream GetRawOutputStream() + { + return _bOut; + } + + public override void Close() + { + WriteDerEncoded(Asn1Tags.Constructed | Asn1Tags.Set, _bOut.ToArray()); + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/DERSetParser.cs b/BouncyCastle/crypto/src/asn1/DERSetParser.cs new file mode 100644 index 0000000..344de3b --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/DERSetParser.cs @@ -0,0 +1,26 @@ +using System; + +namespace Org.BouncyCastle.Asn1 +{ + // TODO[asn1] Should be renamed/replaced with DLSetParser + public class DerSetParser + : Asn1SetParser + { + private readonly Asn1StreamParser m_parser; + + internal DerSetParser(Asn1StreamParser parser) + { + this.m_parser = parser; + } + + public IAsn1Convertible ReadObject() + { + return m_parser.ReadObject(); + } + + public Asn1Object ToAsn1Object() + { + return DLSet.FromVector(m_parser.ReadVector()); + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/DLApplicationSpecific.cs b/BouncyCastle/crypto/src/asn1/DLApplicationSpecific.cs new file mode 100644 index 0000000..8fffcf6 --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/DLApplicationSpecific.cs @@ -0,0 +1,28 @@ +using System; + +namespace Org.BouncyCastle.Asn1 +{ + internal class DLApplicationSpecific + : DerApplicationSpecific + { + internal DLApplicationSpecific(int tagNo, Asn1Encodable baseEncodable) + : this(true, tagNo, baseEncodable) + { + } + + internal DLApplicationSpecific(bool isExplicit, int tagNo, Asn1Encodable baseEncodable) + : base(new DLTaggedObject(isExplicit, Asn1Tags.Application, tagNo, baseEncodable)) + { + } + + internal DLApplicationSpecific(int tagNo, Asn1EncodableVector contentsElements) + : base(new DLTaggedObject(false, Asn1Tags.Application, tagNo, DLSequence.FromVector(contentsElements))) + { + } + + internal DLApplicationSpecific(Asn1TaggedObject taggedObject) + : base(taggedObject) + { + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/DLBitString.cs b/BouncyCastle/crypto/src/asn1/DLBitString.cs new file mode 100644 index 0000000..5d8f3ac --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/DLBitString.cs @@ -0,0 +1,55 @@ +using System; + +namespace Org.BouncyCastle.Asn1 +{ + /// A Definite length BIT STRING + public class DLBitString + : DerBitString + { + public DLBitString(byte data, int padBits) + : base(data, padBits) + { + } + + public DLBitString(byte[] data) + : this(data, 0) + { + } + + public DLBitString(byte[] data, int padBits) + : base(data, padBits) + { + } + + public DLBitString(int namedBits) + : base(namedBits) + { + } + + public DLBitString(Asn1Encodable obj) + : this(obj.GetDerEncoded(), 0) + { + } + + internal DLBitString(byte[] contents, bool check) + : base(contents, check) + { + } + + internal override IAsn1Encoding GetEncoding(int encoding) + { + if (Asn1OutputStream.EncodingDer == encoding) + return base.GetEncoding(encoding); + + return new PrimitiveEncoding(Asn1Tags.Universal, Asn1Tags.BitString, contents); + } + + internal override IAsn1Encoding GetEncodingImplicit(int encoding, int tagClass, int tagNo) + { + if (Asn1OutputStream.EncodingDer == encoding) + return base.GetEncodingImplicit(encoding, tagClass, tagNo); + + return new PrimitiveEncoding(tagClass, tagNo, contents); + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/DLBitStringParser.cs b/BouncyCastle/crypto/src/asn1/DLBitStringParser.cs new file mode 100644 index 0000000..643361e --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/DLBitStringParser.cs @@ -0,0 +1,65 @@ +using System; +using System.IO; + +namespace Org.BouncyCastle.Asn1 +{ + /// Parser for a DL encoded BIT STRING. + internal class DLBitStringParser + : Asn1BitStringParser + { + private readonly DefiniteLengthInputStream m_stream; + private int m_padBits = 0; + + internal DLBitStringParser(DefiniteLengthInputStream stream) + { + m_stream = stream; + } + + public Stream GetBitStream() + { + return GetBitStream(false); + } + + public Stream GetOctetStream() + { + return GetBitStream(true); + } + + public int PadBits + { + get { return m_padBits; } + } + + public Asn1Object ToAsn1Object() + { + try + { + return DerBitString.CreatePrimitive(m_stream.ToArray()); + } + catch (IOException e) + { + throw new Asn1ParsingException("IOException converting stream to byte array: " + e.Message, e); + } + } + + private Stream GetBitStream(bool octetAligned) + { + int length = m_stream.Remaining; + if (length < 1) + throw new InvalidOperationException("content octets cannot be empty"); + + m_padBits = m_stream.ReadByte(); + if (m_padBits > 0) + { + if (length < 2) + throw new InvalidOperationException("zero length data with non-zero pad bits"); + if (m_padBits > 7) + throw new InvalidOperationException("pad bits cannot be greater than 7 or less than 0"); + if (octetAligned) + throw new IOException("expected octet-aligned bitstring, but found padBits: " + m_padBits); + } + + return m_stream; + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/DLSequence.cs b/BouncyCastle/crypto/src/asn1/DLSequence.cs new file mode 100644 index 0000000..b3c21ec --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/DLSequence.cs @@ -0,0 +1,83 @@ +using System; + +namespace Org.BouncyCastle.Asn1 +{ + internal class DLSequence + : DerSequence + { + internal static new readonly DLSequence Empty = new DLSequence(); + + internal static new DLSequence FromVector(Asn1EncodableVector elementVector) + { + return elementVector.Count < 1 ? Empty : new DLSequence(elementVector); + } + + /** + * create an empty sequence + */ + internal DLSequence() + : base() + { + } + + /** + * create a sequence containing one object + */ + internal DLSequence(Asn1Encodable element) + : base(element) + { + } + + internal DLSequence(params Asn1Encodable[] elements) + : base(elements) + { + } + + /** + * create a sequence containing a vector of objects. + */ + internal DLSequence(Asn1EncodableVector elementVector) + : base(elementVector) + { + } + + internal DLSequence(Asn1Encodable[] elements, bool clone) + : base(elements, clone) + { + } + + internal override IAsn1Encoding GetEncoding(int encoding) + { + if (Asn1OutputStream.EncodingDer == encoding) + return base.GetEncoding(encoding); + + return new ConstructedDLEncoding(Asn1Tags.Universal, Asn1Tags.Sequence, + Asn1OutputStream.GetContentsEncodings(encoding, elements)); + } + + internal override IAsn1Encoding GetEncodingImplicit(int encoding, int tagClass, int tagNo) + { + if (Asn1OutputStream.EncodingDer == encoding) + return base.GetEncodingImplicit(encoding, tagClass, tagNo); + + return new ConstructedDLEncoding(tagClass, tagNo, + Asn1OutputStream.GetContentsEncodings(encoding, elements)); + } + + internal override DerBitString ToAsn1BitString() + { + return new DLBitString(BerBitString.FlattenBitStrings(GetConstructedBitStrings()), false); + } + + // TODO[asn1] DLExternal + //internal override DerExternal ToAsn1External() + //{ + // return new DLExternal(this); + //} + + internal override Asn1Set ToAsn1Set() + { + return new DLSet(false, elements); + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/DLSet.cs b/BouncyCastle/crypto/src/asn1/DLSet.cs new file mode 100644 index 0000000..ba55be8 --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/DLSet.cs @@ -0,0 +1,67 @@ +using System; + +namespace Org.BouncyCastle.Asn1 +{ + internal class DLSet + : DerSet + { + internal static new readonly DLSet Empty = new DLSet(); + + internal static new DLSet FromVector(Asn1EncodableVector elementVector) + { + return elementVector.Count < 1 ? Empty : new DLSet(elementVector); + } + + /** + * create an empty set + */ + internal DLSet() + : base() + { + } + + /** + * create a set containing one object + */ + internal DLSet(Asn1Encodable element) + : base(element) + { + } + + internal DLSet(params Asn1Encodable[] elements) + : base(elements, false) + { + } + + /** + * create a set containing a vector of objects. + */ + internal DLSet(Asn1EncodableVector elementVector) + : base(elementVector, false) + { + } + + internal DLSet(bool isSorted, Asn1Encodable[] elements) + : base(isSorted, elements) + { + } + + internal override IAsn1Encoding GetEncoding(int encoding) + { + if (Asn1OutputStream.EncodingDer == encoding) + return base.GetEncoding(encoding); + + return new ConstructedDLEncoding(Asn1Tags.Universal, Asn1Tags.Set, + Asn1OutputStream.GetContentsEncodings(encoding, elements)); + } + + internal override IAsn1Encoding GetEncodingImplicit(int encoding, int tagClass, int tagNo) + { + if (Asn1OutputStream.EncodingDer == encoding) + return base.GetEncodingImplicit(encoding, tagClass, tagNo); + + return new ConstructedDLEncoding(tagClass, tagNo, + Asn1OutputStream.GetContentsEncodings(encoding, elements)); + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/DLTaggedObject.cs b/BouncyCastle/crypto/src/asn1/DLTaggedObject.cs new file mode 100644 index 0000000..c06dd8e --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/DLTaggedObject.cs @@ -0,0 +1,75 @@ +using System; + +namespace Org.BouncyCastle.Asn1 +{ + internal class DLTaggedObject + : DerTaggedObject + { + internal DLTaggedObject(int tagNo, Asn1Encodable obj) + : base(tagNo, obj) + { + } + + internal DLTaggedObject(int tagClass, int tagNo, Asn1Encodable obj) + : base(tagClass, tagNo, obj) + { + } + + internal DLTaggedObject(bool isExplicit, int tagNo, Asn1Encodable obj) + : base(isExplicit, tagNo, obj) + { + } + + internal DLTaggedObject(bool isExplicit, int tagClass, int tagNo, Asn1Encodable obj) + : base(isExplicit, tagClass, tagNo, obj) + { + } + + internal DLTaggedObject(int explicitness, int tagClass, int tagNo, Asn1Encodable obj) + : base(explicitness, tagClass, tagNo, obj) + { + } + + internal override string Asn1Encoding + { + // TODO[asn1] Use DL encoding when supported + get { return Ber; } + } + + internal override IAsn1Encoding GetEncoding(int encoding) + { + if (Asn1OutputStream.EncodingDer == encoding) + return base.GetEncoding(encoding); + + Asn1Object baseObject = GetBaseObject().ToAsn1Object(); + + if (!IsExplicit()) + return baseObject.GetEncodingImplicit(encoding, TagClass, TagNo); + + return new ConstructedDLEncoding(TagClass, TagNo, new IAsn1Encoding[]{ baseObject.GetEncoding(encoding) }); + } + + internal override IAsn1Encoding GetEncodingImplicit(int encoding, int tagClass, int tagNo) + { + if (Asn1OutputStream.EncodingDer == encoding) + return base.GetEncodingImplicit(encoding, tagClass, tagNo); + + Asn1Object baseObject = GetBaseObject().ToAsn1Object(); + + if (!IsExplicit()) + return baseObject.GetEncodingImplicit(encoding, tagClass, tagNo); + + return new ConstructedDLEncoding(tagClass, tagNo, new IAsn1Encoding[]{ baseObject.GetEncoding(encoding) }); + } + + internal override Asn1Sequence RebuildConstructed(Asn1Object asn1Object) + { + return new DLSequence(asn1Object); + } + + internal override Asn1TaggedObject ReplaceTag(int tagClass, int tagNo) + { + return new DLTaggedObject(explicitness, tagClass, tagNo, obj); + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/DLTaggedObjectParser.cs b/BouncyCastle/crypto/src/asn1/DLTaggedObjectParser.cs new file mode 100644 index 0000000..307a634 --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/DLTaggedObjectParser.cs @@ -0,0 +1,81 @@ +using System; +using System.IO; + +namespace Org.BouncyCastle.Asn1 +{ + /** + * Parser for definite-length tagged objects. + */ + internal class DLTaggedObjectParser + : BerTaggedObjectParser + { + private readonly bool m_constructed; + + internal DLTaggedObjectParser(int tagClass, int tagNo, bool constructed, Asn1StreamParser parser) + : base(tagClass, tagNo, parser) + { + m_constructed = constructed; + } + + public override bool IsConstructed + { + get { return m_constructed; } + } + + public override IAsn1Convertible ParseBaseUniversal(bool declaredExplicit, int baseTagNo) + { + if (declaredExplicit) + { + if (!m_constructed) + throw new IOException("Explicit tags must be constructed (see X.690 8.14.2)"); + + return m_parser.ParseObject(baseTagNo); + } + + return m_constructed + ? m_parser.ParseImplicitConstructedDL(baseTagNo) + : m_parser.ParseImplicitPrimitive(baseTagNo); + } + + public override IAsn1Convertible ParseExplicitBaseObject() + { + if (!m_constructed) + throw new IOException("Explicit tags must be constructed (see X.690 8.14.2)"); + + return m_parser.ReadObject(); + } + + public override Asn1TaggedObjectParser ParseExplicitBaseTagged() + { + if (!m_constructed) + throw new IOException("Explicit tags must be constructed (see X.690 8.14.2)"); + + return m_parser.ParseTaggedObject(); + } + + public override Asn1TaggedObjectParser ParseImplicitBaseTagged(int baseTagClass, int baseTagNo) + { + // TODO[asn1] Special handling can be removed once ASN1ApplicationSpecificParser types removed. + if (Asn1Tags.Application == baseTagClass) + { + // This cast is ensuring the current user-expected return type. + return (DLApplicationSpecific)m_parser.LoadTaggedDL(baseTagClass, baseTagNo, m_constructed); + } + + return new DLTaggedObjectParser(baseTagClass, baseTagNo, m_constructed, m_parser); + } + + public override Asn1Object ToAsn1Object() + { + try + { + return m_parser.LoadTaggedDL(TagClass, TagNo, m_constructed); + } + catch (IOException e) + { + throw new Asn1ParsingException(e.Message); + } + } + } +} + diff --git a/BouncyCastle/crypto/src/asn1/DefiniteLengthInputStream.cs b/BouncyCastle/crypto/src/asn1/DefiniteLengthInputStream.cs new file mode 100644 index 0000000..ed5bd24 --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/DefiniteLengthInputStream.cs @@ -0,0 +1,117 @@ +using System; +using System.IO; + +using Org.BouncyCastle.Utilities.IO; + +namespace Org.BouncyCastle.Asn1 +{ + class DefiniteLengthInputStream + : LimitedInputStream + { + private static readonly byte[] EmptyBytes = new byte[0]; + + private readonly int _originalLength; + private int _remaining; + + internal DefiniteLengthInputStream(Stream inStream, int length, int limit) + : base(inStream, limit) + { + if (length <= 0) + { + if (length < 0) + throw new ArgumentException("negative lengths not allowed", "length"); + + SetParentEofDetect(); + } + + this._originalLength = length; + this._remaining = length; + } + + internal int Remaining + { + get { return _remaining; } + } + + public override int ReadByte() + { + if (_remaining < 2) + { + if (_remaining == 0) + return -1; + + int b = _in.ReadByte(); + if (b < 0) + throw new EndOfStreamException("DEF length " + _originalLength + " object truncated by " + _remaining); + + _remaining = 0; + SetParentEofDetect(); + + return b; + } + else + { + int b = _in.ReadByte(); + if (b < 0) + throw new EndOfStreamException("DEF length " + _originalLength + " object truncated by " + _remaining); + + --_remaining; + return b; + } + } + + public override int Read(byte[] buf, int off, int len) + { + if (_remaining == 0) + return 0; + + int toRead = System.Math.Min(len, _remaining); + int numRead = _in.Read(buf, off, toRead); + + if (numRead < 1) + throw new EndOfStreamException("DEF length " + _originalLength + " object truncated by " + _remaining); + + if ((_remaining -= numRead) == 0) + { + SetParentEofDetect(); + } + + return numRead; + } + + internal void ReadAllIntoByteArray(byte[] buf) + { + if (_remaining != buf.Length) + throw new ArgumentException("buffer length not right for data"); + + if (_remaining == 0) + return; + + // make sure it's safe to do this! + int limit = Limit; + if (_remaining >= limit) + throw new IOException("corrupted stream - out of bounds length found: " + _remaining + " >= " + limit); + + if ((_remaining -= Streams.ReadFully(_in, buf, 0, buf.Length)) != 0) + throw new EndOfStreamException("DEF length " + _originalLength + " object truncated by " + _remaining); + SetParentEofDetect(); + } + + internal byte[] ToArray() + { + if (_remaining == 0) + return EmptyBytes; + + // make sure it's safe to do this! + int limit = Limit; + if (_remaining >= limit) + throw new IOException("corrupted stream - out of bounds length found: " + _remaining + " >= " + limit); + + byte[] bytes = new byte[_remaining]; + if ((_remaining -= Streams.ReadFully(_in, bytes, 0, bytes.Length)) != 0) + throw new EndOfStreamException("DEF length " + _originalLength + " object truncated by " + _remaining); + SetParentEofDetect(); + return bytes; + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/DerApplicationSpecific.cs b/BouncyCastle/crypto/src/asn1/DerApplicationSpecific.cs new file mode 100644 index 0000000..d474034 --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/DerApplicationSpecific.cs @@ -0,0 +1,235 @@ +using System; +using System.IO; + +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Asn1 +{ + /** + * Base class for an application specific object + */ + public class DerApplicationSpecific + : Asn1Object, IAsn1ApplicationSpecificParser + { + public static DerApplicationSpecific GetInstance(object obj) + { + if (obj == null || obj is DerApplicationSpecific) + { + return (DerApplicationSpecific)obj; + } + else if (obj is byte[]) + { + try + { + return GetInstance(FromByteArray((byte[])obj)); + } + catch (IOException e) + { + throw new ArgumentException("failed to construct application-specific from byte[]: " + e.Message); + } + } + + throw new ArgumentException("illegal object in GetInstance: " + Platform.GetTypeName(obj), "obj"); + } + + internal readonly Asn1TaggedObject m_taggedObject; + + /** + * Create an application specific object from the passed in data. This will assume + * the data does not represent a constructed object. + * + * @param tagNo the tag number for this object. + * @param contentsOctets the encoding of the object's body. + */ + public DerApplicationSpecific(int tagNo, byte[] contentsOctets) + : this(new DerTaggedObject(false, Asn1Tags.Application, tagNo, new DerOctetString(contentsOctets))) + { + } + + /** + * Create an application specific object with a tagging of explicit/constructed. + * + * @param tag the tag number for this object. + * @param object the object to be contained. + */ + public DerApplicationSpecific(int tag, Asn1Encodable baseEncodable) + : this(true, tag, baseEncodable) + { + } + + /** + * Create an application specific object with the tagging style given by the value of explicit. + * + * @param explicit true if the object is explicitly tagged. + * @param tagNo the tag number for this object. + * @param baseEncodable the object to be contained. + */ + public DerApplicationSpecific(bool isExplicit, int tagNo, Asn1Encodable baseEncodable) + : this(new DerTaggedObject(isExplicit, Asn1Tags.Application, tagNo, baseEncodable)) + { + } + + /** + * Create an application specific object which is marked as constructed + * + * @param tagNo the tag number for this object. + * @param contentsElements the objects making up the application specific object. + */ + public DerApplicationSpecific(int tagNo, Asn1EncodableVector contentsElements) + : this(new DerTaggedObject(false, Asn1Tags.Application, tagNo, DerSequence.FromVector(contentsElements))) + { + } + + internal DerApplicationSpecific(Asn1TaggedObject taggedObject) + //: base(taggedObject.explicitness, CheckTagClass(taggedObject.tagClass), taggedObject.tagNo, + // taggedObject.obj) + { + CheckTagClass(taggedObject.TagClass); + + this.m_taggedObject = taggedObject; + } + + public int ApplicationTag + { + get { return m_taggedObject.TagNo; } + } + + [Obsolete("Will be removed")] + public byte[] GetContents() + { + return m_taggedObject.GetContents(); + } + + public Asn1Object GetEnclosedObject() + { + return m_taggedObject.GetBaseObject().ToAsn1Object(); + } + + [Obsolete("Use GetEnclosedObject instead")] + public Asn1Object GetObject() + { + return GetEnclosedObject(); + } + + public Asn1Object GetObject(int tagNo) + { + return m_taggedObject.GetBaseUniversal(false, tagNo); + } + + public IAsn1Convertible GetObjectParser(int tag, bool isExplicit) + { + throw new Asn1Exception("this method only valid for CONTEXT_SPECIFIC tags"); + } + + public IAsn1Convertible ParseBaseUniversal(bool declaredExplicit, int baseTagNo) + { + return m_taggedObject.ParseBaseUniversal(declaredExplicit, baseTagNo); + } + + public IAsn1Convertible ParseExplicitBaseObject() + { + return TaggedObject.ParseExplicitBaseObject(); + } + + public Asn1TaggedObjectParser ParseExplicitBaseTagged() + { + return m_taggedObject.ParseExplicitBaseTagged(); + } + + public Asn1TaggedObjectParser ParseImplicitBaseTagged(int baseTagClass, int baseTagNo) + { + return m_taggedObject.ParseImplicitBaseTagged(baseTagClass, baseTagNo); + } + + public bool HasApplicationTag(int tagNo) + { + return m_taggedObject.HasTag(Asn1Tags.Application, tagNo); + } + + public bool HasContextTag(int tagNo) + { + return false; + } + + public bool HasTag(int tagClass, int tagNo) + { + return m_taggedObject.HasTag(tagClass, tagNo); + } + + [Obsolete("Will be removed")] + public bool IsConstructed() + { + return m_taggedObject.IsConstructed(); + } + + public IAsn1Convertible ReadObject() + { + // NOTE: No way to say you're looking for an implicitly-tagged object via IAsn1ApplicationSpecificParser + return ParseExplicitBaseObject(); + } + + public int TagClass + { + get { return m_taggedObject.TagClass; } + } + + public int TagNo + { + get { return m_taggedObject.TagNo; } + } + + /** + * DerApplicationSpecific uses an internal Asn1TaggedObject for the + * implementation, and will soon be deprecated in favour of using + * Asn1TaggedObject with a tag class of {@link Asn1Tags#Application}. This method + * lets you get the internal Asn1TaggedObject so that client code can begin the + * migration. + */ + public Asn1TaggedObject TaggedObject + { + get { return m_taggedObject; } + } + + protected override bool Asn1Equals(Asn1Object asn1Object) + { + Asn1TaggedObject that; + if (asn1Object is DerApplicationSpecific) + { + that = ((DerApplicationSpecific)asn1Object).m_taggedObject; + } + else if (asn1Object is Asn1TaggedObject) + { + that = (Asn1TaggedObject)asn1Object; + } + else + { + return false; + } + + return m_taggedObject.Equals(that); + } + + protected override int Asn1GetHashCode() + { + return m_taggedObject.CallAsn1GetHashCode(); + } + + internal override IAsn1Encoding GetEncoding(int encoding) + { + return m_taggedObject.GetEncoding(encoding); + } + + internal override IAsn1Encoding GetEncodingImplicit(int encoding, int tagClass, int tagNo) + { + return m_taggedObject.GetEncodingImplicit(encoding, tagClass, tagNo); + } + + private static int CheckTagClass(int tagClass) + { + if (Asn1Tags.Application != tagClass) + throw new ArgumentException(); + + return tagClass; + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/DerBMPString.cs b/BouncyCastle/crypto/src/asn1/DerBMPString.cs new file mode 100644 index 0000000..a289eed --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/DerBMPString.cs @@ -0,0 +1,164 @@ +using System; +using System.IO; + +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Asn1 +{ + /** + * Der BMPString object. + */ + public class DerBmpString + : DerStringBase + { + internal class Meta : Asn1UniversalType + { + internal static readonly Asn1UniversalType Instance = new Meta(); + + private Meta() : base(typeof(DerBmpString), Asn1Tags.BmpString) {} + + internal override Asn1Object FromImplicitPrimitive(DerOctetString octetString) + { + return CreatePrimitive(octetString.GetOctets()); + } + } + + /** + * return a BMP string from the given object. + * + * @param obj the object we want converted. + * @exception ArgumentException if the object cannot be converted. + */ + public static DerBmpString GetInstance(object obj) + { + if (obj == null || obj is DerBmpString) + { + return (DerBmpString)obj; + } + else if (obj is IAsn1Convertible) + { + Asn1Object asn1Object = ((IAsn1Convertible)obj).ToAsn1Object(); + if (asn1Object is DerBmpString) + return (DerBmpString)asn1Object; + } + else if (obj is byte[]) + { + try + { + return (DerBmpString)Meta.Instance.FromByteArray((byte[])obj); + } + catch (IOException e) + { + throw new ArgumentException("failed to construct BMP string from byte[]: " + e.Message); + } + } + + throw new ArgumentException("illegal object in GetInstance: " + Platform.GetTypeName(obj)); + } + + /** + * return a BMP string from a tagged object. + * + * @param taggedObject the tagged object holding the object we want + * @param declaredExplicit true if the object is meant to be explicitly tagged false otherwise. + * @exception ArgumentException if the tagged object cannot be converted. + */ + public static DerBmpString GetInstance(Asn1TaggedObject taggedObject, bool declaredExplicit) + { + return (DerBmpString)Meta.Instance.GetContextInstance(taggedObject, declaredExplicit); + } + + private readonly string m_str; + + internal DerBmpString(byte[] contents) + { + if (null == contents) + throw new ArgumentNullException("contents"); + + int byteLen = contents.Length; + if (0 != (byteLen & 1)) + throw new ArgumentException("malformed BMPString encoding encountered", "contents"); + + int charLen = byteLen / 2; + char[] cs = new char[charLen]; + + for (int i = 0; i != charLen; i++) + { + cs[i] = (char)((contents[2 * i] << 8) | (contents[2 * i + 1] & 0xff)); + } + + m_str = new string(cs); + } + + internal DerBmpString(char[] str) + { + if (str == null) + throw new ArgumentNullException("str"); + + m_str = new string(str); + } + + /** + * basic constructor + */ + public DerBmpString(string str) + { + if (str == null) + throw new ArgumentNullException("str"); + + m_str = str; + } + + public override string GetString() + { + return m_str; + } + + protected override bool Asn1Equals(Asn1Object asn1Object) + { + DerBmpString that = asn1Object as DerBmpString; + return null != that + && this.m_str.Equals(that.m_str); + } + + protected override int Asn1GetHashCode() + { + return m_str.GetHashCode(); + } + + internal override IAsn1Encoding GetEncoding(int encoding) + { + return new PrimitiveEncoding(Asn1Tags.Universal, Asn1Tags.BmpString, GetContents()); + } + + internal override IAsn1Encoding GetEncodingImplicit(int encoding, int tagClass, int tagNo) + { + return new PrimitiveEncoding(tagClass, tagNo, GetContents()); + } + + private byte[] GetContents() + { + char[] c = m_str.ToCharArray(); + byte[] b = new byte[c.Length * 2]; + + for (int i = 0; i != c.Length; i++) + { + b[2 * i] = (byte)(c[i] >> 8); + b[2 * i + 1] = (byte)c[i]; + } + + return b; + } + + internal static DerBmpString CreatePrimitive(byte[] contents) + { + return new DerBmpString(contents); + } + + internal static DerBmpString CreatePrimitive(char[] str) + { + // TODO[asn1] Asn1InputStream has a validator/converter that should be unified in this class somehow + return new DerBmpString(str); + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/DerBitString.cs b/BouncyCastle/crypto/src/asn1/DerBitString.cs new file mode 100644 index 0000000..2b1ff33 --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/DerBitString.cs @@ -0,0 +1,368 @@ +using System; +using System.Diagnostics; +using System.IO; +using System.Text; + +using Org.BouncyCastle.Math; +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Asn1 +{ + public class DerBitString + : DerStringBase, Asn1BitStringParser + { + internal class Meta : Asn1UniversalType + { + internal static readonly Asn1UniversalType Instance = new Meta(); + + private Meta() : base(typeof(DerBitString), Asn1Tags.BitString) { } + + internal override Asn1Object FromImplicitPrimitive(DerOctetString octetString) + { + return CreatePrimitive(octetString.GetOctets()); + } + + internal override Asn1Object FromImplicitConstructed(Asn1Sequence sequence) + { + return sequence.ToAsn1BitString(); + } + } + + private static readonly char[] table + = { '0', '1', '2', '3', '4', '5', '6', '7', '8', '9', 'A', 'B', 'C', 'D', 'E', 'F' }; + + /** + * return a Bit string from the passed in object + * + * @exception ArgumentException if the object cannot be converted. + */ + public static DerBitString GetInstance(object obj) + { + if (obj == null || obj is DerBitString) + { + return (DerBitString)obj; + } + //else if (obj is Asn1BitStringParser) + else if (obj is IAsn1Convertible) + { + Asn1Object asn1Object = ((IAsn1Convertible)obj).ToAsn1Object(); + if (asn1Object is DerBitString) + return (DerBitString)asn1Object; + } + else if (obj is byte[]) + { + try + { + return GetInstance(FromByteArray((byte[])obj)); + } + catch (IOException e) + { + throw new ArgumentException("failed to construct BIT STRING from byte[]: " + e.Message); + } + } + + throw new ArgumentException("illegal object in GetInstance: " + Platform.GetTypeName(obj)); + } + + /** + * return a Bit string from a tagged object. + * + * @param obj the tagged object holding the object we want + * @param explicitly true if the object is meant to be explicitly + * tagged false otherwise. + * @exception ArgumentException if the tagged object cannot + * be converted. + */ + public static DerBitString GetInstance(Asn1TaggedObject obj, bool isExplicit) + { + Asn1Object o = obj.GetObject(); + + if (isExplicit || o is DerBitString) + { + return GetInstance(o); + } + + // Not copied because assumed to be a tagged implicit primitive from the parser + return CreatePrimitive(((Asn1OctetString)o).GetOctets()); + } + + internal readonly byte[] contents; + + public DerBitString(byte data, int padBits) + { + if (padBits > 7 || padBits < 0) + throw new ArgumentException("pad bits cannot be greater than 7 or less than 0", "padBits"); + + this.contents = new byte[] { (byte)padBits, data }; + } + + public DerBitString(byte[] data) + : this(data, 0) + { + } + + /** + * @param data the octets making up the bit string. + * @param padBits the number of extra bits at the end of the string. + */ + public DerBitString(byte[] data, int padBits) + { + if (data == null) + throw new ArgumentNullException("data"); + if (padBits < 0 || padBits > 7) + throw new ArgumentException("must be in the range 0 to 7", "padBits"); + if (data.Length == 0 && padBits != 0) + throw new ArgumentException("if 'data' is empty, 'padBits' must be 0"); + + this.contents = Arrays.Prepend(data, (byte)padBits); + } + + public DerBitString(int namedBits) + { + if (namedBits == 0) + { + this.contents = new byte[]{ 0 }; + return; + } + + int bits = BigInteger.BitLen(namedBits); + int bytes = (bits + 7) / 8; + Debug.Assert(0 < bytes && bytes <= 4); + + byte[] data = new byte[1 + bytes]; + + for (int i = 1; i < bytes; i++) + { + data[i] = (byte)namedBits; + namedBits >>= 8; + } + + Debug.Assert((namedBits & 0xFF) != 0); + data[bytes] = (byte)namedBits; + + int padBits = 0; + while ((namedBits & (1 << padBits)) == 0) + { + ++padBits; + } + + Debug.Assert(padBits < 8); + data[0] = (byte)padBits; + + this.contents = data; + } + + public DerBitString(Asn1Encodable obj) + : this(obj.GetDerEncoded()) + { + } + + internal DerBitString(byte[] contents, bool check) + { + if (check) + { + if (null == contents) + throw new ArgumentNullException("contents"); + if (contents.Length < 1) + throw new ArgumentException("cannot be empty", "contents"); + + int padBits = contents[0]; + if (padBits > 0) + { + if (contents.Length < 2) + throw new ArgumentException("zero length data with non-zero pad bits", "contents"); + if (padBits > 7) + throw new ArgumentException("pad bits cannot be greater than 7 or less than 0", "contents"); + } + } + + this.contents = contents; + } + + /** + * Return the octets contained in this BIT STRING, checking that this BIT STRING really + * does represent an octet aligned string. Only use this method when the standard you are + * following dictates that the BIT STRING will be octet aligned. + * + * @return a copy of the octet aligned data. + */ + public virtual byte[] GetOctets() + { + if (contents[0] != 0) + throw new InvalidOperationException("attempt to get non-octet aligned data from BIT STRING"); + + return Arrays.CopyOfRange(contents, 1, contents.Length); + } + + public virtual byte[] GetBytes() + { + if (contents.Length == 1) + return Asn1OctetString.EmptyOctets; + + int padBits = contents[0]; + byte[] rv = Arrays.CopyOfRange(contents, 1, contents.Length); + // DER requires pad bits be zero + rv[rv.Length - 1] &= (byte)(0xFF << padBits); + return rv; + } + + public virtual int PadBits + { + get { return contents[0]; } + } + + /** + * @return the value of the bit string as an int (truncating if necessary) + */ + public virtual int IntValue + { + get + { + int value = 0, end = System.Math.Min(5, contents.Length - 1); + for (int i = 1; i < end; ++i) + { + value |= (int)contents[i] << (8 * (i - 1)); + } + if (1 <= end && end < 5) + { + int padBits = contents[0]; + byte der = (byte)(contents[end] & (0xFF << padBits)); + value |= (int)der << (8 * (end - 1)); + } + return value; + } + } + + internal override IAsn1Encoding GetEncoding(int encoding) + { + int padBits = contents[0]; + if (padBits != 0) + { + int last = contents.Length - 1; + byte lastBer = contents[last]; + byte lastDer = (byte)(lastBer & (0xFF << padBits)); + + if (lastBer != lastDer) + return new PrimitiveEncodingSuffixed(Asn1Tags.Universal, Asn1Tags.BitString, contents, lastDer); + } + + return new PrimitiveEncoding(Asn1Tags.Universal, Asn1Tags.BitString, contents); + } + + internal override IAsn1Encoding GetEncodingImplicit(int encoding, int tagClass, int tagNo) + { + int padBits = contents[0]; + if (padBits != 0) + { + int last = contents.Length - 1; + byte lastBer = contents[last]; + byte lastDer = (byte)(lastBer & (0xFF << padBits)); + + if (lastBer != lastDer) + return new PrimitiveEncodingSuffixed(tagClass, tagNo, contents, lastDer); + } + + return new PrimitiveEncoding(tagClass, tagNo, contents); + } + + protected override int Asn1GetHashCode() + { + if (contents.Length < 2) + return 1; + + int padBits = contents[0]; + int last = contents.Length - 1; + + byte lastDer = (byte)(contents[last] & (0xFF << padBits)); + + int hc = Arrays.GetHashCode(contents, 0, last); + hc *= 257; + hc ^= lastDer; + return hc; + } + + protected override bool Asn1Equals(Asn1Object asn1Object) + { + DerBitString that = asn1Object as DerBitString; + if (null == that) + return false; + + byte[] thisContents = this.contents, thatContents = that.contents; + + int length = thisContents.Length; + if (thatContents.Length != length) + return false; + if (length == 1) + return true; + + int last = length - 1; + for (int i = 0; i < last; ++i) + { + if (thisContents[i] != thatContents[i]) + return false; + } + + int padBits = thisContents[0]; + byte thisLastDer = (byte)(thisContents[last] & (0xFF << padBits)); + byte thatLastDer = (byte)(thatContents[last] & (0xFF << padBits)); + + return thisLastDer == thatLastDer; + } + + public Stream GetBitStream() + { + return new MemoryStream(contents, 1, contents.Length - 1, false); + } + + public Stream GetOctetStream() + { + int padBits = contents[0] & 0xFF; + if (0 != padBits) + throw new IOException("expected octet-aligned bitstring, but found padBits: " + padBits); + + return GetBitStream(); + } + + public Asn1BitStringParser Parser + { + get { return this; } + } + + public override string GetString() + { + byte[] str = GetDerEncoded(); + + StringBuilder buffer = new StringBuilder(1 + str.Length * 2); + buffer.Append('#'); + + for (int i = 0; i != str.Length; i++) + { + uint u8 = str[i]; + buffer.Append(table[u8 >> 4]); + buffer.Append(table[u8 & 0xF]); + } + + return buffer.ToString(); + } + + internal static DerBitString CreatePrimitive(byte[] contents) + { + int length = contents.Length; + if (length < 1) + throw new ArgumentException("truncated BIT STRING detected", "contents"); + + int padBits = contents[0]; + if (padBits > 0) + { + if (padBits > 7 || length < 2) + throw new ArgumentException("invalid pad bits detected", "contents"); + + byte finalOctet = contents[length - 1]; + if (finalOctet != (byte)(finalOctet & (0xFF << padBits))) + return new DLBitString(contents, false); + } + + return new DerBitString(contents, false); + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/DerBoolean.cs b/BouncyCastle/crypto/src/asn1/DerBoolean.cs new file mode 100644 index 0000000..ad578ae --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/DerBoolean.cs @@ -0,0 +1,155 @@ +using System; +using System.IO; + +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Asn1 +{ + public class DerBoolean + : Asn1Object + { + internal class Meta : Asn1UniversalType + { + internal static readonly Asn1UniversalType Instance = new Meta(); + + private Meta() : base(typeof(DerBoolean), Asn1Tags.Boolean) {} + + internal override Asn1Object FromImplicitPrimitive(DerOctetString octetString) + { + return CreatePrimitive(octetString.GetOctets()); + } + } + + public static readonly DerBoolean False = new DerBoolean(false); + public static readonly DerBoolean True = new DerBoolean(true); + + /** + * return a bool from the passed in object. + * + * @exception ArgumentException if the object cannot be converted. + */ + public static DerBoolean GetInstance(object obj) + { + if (obj == null || obj is DerBoolean) + { + return (DerBoolean)obj; + } + else if (obj is IAsn1Convertible) + { + Asn1Object asn1Object = ((IAsn1Convertible)obj).ToAsn1Object(); + if (asn1Object is DerBoolean) + return (DerBoolean)asn1Object; + } + else if (obj is byte[]) + { + try + { + return (DerBoolean)Meta.Instance.FromByteArray((byte[])obj); + } + catch (IOException e) + { + throw new ArgumentException("failed to construct boolean from byte[]: " + e.Message); + } + } + + throw new ArgumentException("illegal object in GetInstance: " + Platform.GetTypeName(obj)); + } + + public static DerBoolean GetInstance(bool value) + { + return value ? True : False; + } + + public static DerBoolean GetInstance(int value) + { + return value != 0 ? True : False; + } + + /** + * return a Boolean from a tagged object. + * + * @param taggedObject the tagged object holding the object we want + * @param declaredExplicit true if the object is meant to be explicitly tagged false otherwise. + * @exception ArgumentException if the tagged object cannot be converted. + */ + public static DerBoolean GetInstance(Asn1TaggedObject taggedObject, bool declaredExplicit) + { + return (DerBoolean)Meta.Instance.GetContextInstance(taggedObject, declaredExplicit); + } + + private readonly byte value; + + public DerBoolean( + byte[] val) + { + if (val.Length != 1) + throw new ArgumentException("byte value should have 1 byte in it", "val"); + + // TODO Are there any constraints on the possible byte values? + this.value = val[0]; + } + + private DerBoolean( + bool value) + { + this.value = value ? (byte)0xff : (byte)0; + } + + public bool IsTrue + { + get { return value != 0; } + } + + internal override IAsn1Encoding GetEncoding(int encoding) + { + return new PrimitiveEncoding(Asn1Tags.Universal, Asn1Tags.Boolean, GetContents(encoding)); + } + + internal override IAsn1Encoding GetEncodingImplicit(int encoding, int tagClass, int tagNo) + { + return new PrimitiveEncoding(tagClass, tagNo, GetContents(encoding)); + } + + protected override bool Asn1Equals( + Asn1Object asn1Object) + { + DerBoolean other = asn1Object as DerBoolean; + + if (other == null) + return false; + + return IsTrue == other.IsTrue; + } + + protected override int Asn1GetHashCode() + { + return IsTrue.GetHashCode(); + } + + public override string ToString() + { + return IsTrue ? "TRUE" : "FALSE"; + } + + internal static DerBoolean CreatePrimitive(byte[] contents) + { + if (contents.Length != 1) + throw new ArgumentException("BOOLEAN value should have 1 byte in it", "contents"); + + byte b = contents[0]; + + return b == 0 ? False : b == 0xFF ? True : new DerBoolean(contents); + } + + private byte[] GetContents(int encoding) + { + byte contents = value; + if (Asn1OutputStream.EncodingDer == encoding && IsTrue) + { + contents = 0xFF; + } + + return new byte[]{ contents }; + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/DerEnumerated.cs b/BouncyCastle/crypto/src/asn1/DerEnumerated.cs new file mode 100644 index 0000000..920b3dc --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/DerEnumerated.cs @@ -0,0 +1,190 @@ +using System; +using System.IO; + +using Org.BouncyCastle.Math; +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Asn1 +{ + public class DerEnumerated + : Asn1Object + { + internal class Meta : Asn1UniversalType + { + internal static readonly Asn1UniversalType Instance = new Meta(); + + private Meta() : base(typeof(DerEnumerated), Asn1Tags.Enumerated) {} + + internal override Asn1Object FromImplicitPrimitive(DerOctetString octetString) + { + return CreatePrimitive(octetString.GetOctets(), false); + } + } + + /** + * return an integer from the passed in object + * + * @exception ArgumentException if the object cannot be converted. + */ + public static DerEnumerated GetInstance(object obj) + { + if (obj == null || obj is DerEnumerated) + { + return (DerEnumerated)obj; + } + else if (obj is IAsn1Convertible) + { + Asn1Object asn1Object = ((IAsn1Convertible)obj).ToAsn1Object(); + if (asn1Object is DerEnumerated) + return (DerEnumerated)asn1Object; + } + else if (obj is byte[]) + { + try + { + return (DerEnumerated)Meta.Instance.FromByteArray((byte[])obj); + } + catch (IOException e) + { + throw new ArgumentException("failed to construct enumerated from byte[]: " + e.Message); + } + } + + throw new ArgumentException("illegal object in GetInstance: " + Platform.GetTypeName(obj)); + } + + /** + * return an Enumerated from a tagged object. + * + * @param taggedObject the tagged object holding the object we want + * @param declaredExplicit true if the object is meant to be explicitly tagged false otherwise. + * @exception ArgumentException if the tagged object cannot be converted. + */ + public static DerEnumerated GetInstance(Asn1TaggedObject taggedObject, bool declaredExplicit) + { + return (DerEnumerated)Meta.Instance.GetContextInstance(taggedObject, declaredExplicit); + } + + private readonly byte[] contents; + private readonly int start; + + public DerEnumerated(int val) + { + if (val < 0) + throw new ArgumentException("enumerated must be non-negative", "val"); + + this.contents = BigInteger.ValueOf(val).ToByteArray(); + this.start = 0; + } + + public DerEnumerated(long val) + { + if (val < 0L) + throw new ArgumentException("enumerated must be non-negative", "val"); + + this.contents = BigInteger.ValueOf(val).ToByteArray(); + this.start = 0; + } + + public DerEnumerated(BigInteger val) + { + if (val.SignValue < 0) + throw new ArgumentException("enumerated must be non-negative", "val"); + + this.contents = val.ToByteArray(); + this.start = 0; + } + + public DerEnumerated(byte[] contents) + : this(contents, true) + { + } + + internal DerEnumerated(byte[] contents, bool clone) + { + if (DerInteger.IsMalformed(contents)) + throw new ArgumentException("malformed enumerated", "contents"); + if (0 != (contents[0] & 0x80)) + throw new ArgumentException("enumerated must be non-negative", "contents"); + + this.contents = clone ? Arrays.Clone(contents) : contents; + this.start = DerInteger.SignBytesToSkip(this.contents); + } + + public BigInteger Value + { + get { return new BigInteger(contents); } + } + + public bool HasValue(int x) + { + return (contents.Length - start) <= 4 + && DerInteger.IntValue(contents, start, DerInteger.SignExtSigned) == x; + } + + public bool HasValue(BigInteger x) + { + return null != x + // Fast check to avoid allocation + && DerInteger.IntValue(contents, start, DerInteger.SignExtSigned) == x.IntValue + && Value.Equals(x); + } + + public int IntValueExact + { + get + { + int count = contents.Length - start; + if (count > 4) + throw new ArithmeticException("ASN.1 Enumerated out of int range"); + + return DerInteger.IntValue(contents, start, DerInteger.SignExtSigned); + } + } + + internal override IAsn1Encoding GetEncoding(int encoding) + { + return new PrimitiveEncoding(Asn1Tags.Universal, Asn1Tags.Enumerated, contents); + } + + internal override IAsn1Encoding GetEncodingImplicit(int encoding, int tagClass, int tagNo) + { + return new PrimitiveEncoding(tagClass, tagNo, contents); + } + + protected override bool Asn1Equals(Asn1Object asn1Object) + { + DerEnumerated other = asn1Object as DerEnumerated; + if (other == null) + return false; + + return Arrays.AreEqual(this.contents, other.contents); + } + + protected override int Asn1GetHashCode() + { + return Arrays.GetHashCode(contents); + } + + private static readonly DerEnumerated[] cache = new DerEnumerated[12]; + + internal static DerEnumerated CreatePrimitive(byte[] contents, bool clone) + { + if (contents.Length > 1) + return new DerEnumerated(contents, clone); + if (contents.Length == 0) + throw new ArgumentException("ENUMERATED has zero length", "contents"); + + int value = contents[0]; + if (value >= cache.Length) + return new DerEnumerated(contents, clone); + + DerEnumerated possibleMatch = cache[value]; + if (possibleMatch == null) + { + cache[value] = possibleMatch = new DerEnumerated(contents, clone); + } + return possibleMatch; + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/DerGeneralString.cs b/BouncyCastle/crypto/src/asn1/DerGeneralString.cs new file mode 100644 index 0000000..e663773 --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/DerGeneralString.cs @@ -0,0 +1,115 @@ +using System; +using System.IO; + +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Asn1 +{ + public class DerGeneralString + : DerStringBase + { + internal class Meta : Asn1UniversalType + { + internal static readonly Asn1UniversalType Instance = new Meta(); + + private Meta() : base(typeof(DerGeneralString), Asn1Tags.GeneralString) {} + + internal override Asn1Object FromImplicitPrimitive(DerOctetString octetString) + { + return CreatePrimitive(octetString.GetOctets()); + } + } + + public static DerGeneralString GetInstance(object obj) + { + if (obj == null || obj is DerGeneralString) + { + return (DerGeneralString) obj; + } + else if (obj is IAsn1Convertible) + { + Asn1Object asn1Object = ((IAsn1Convertible)obj).ToAsn1Object(); + if (asn1Object is DerGeneralString) + return (DerGeneralString)asn1Object; + } + else if (obj is byte[]) + { + try + { + return (DerGeneralString)Meta.Instance.FromByteArray((byte[])obj); + } + catch (IOException e) + { + throw new ArgumentException("failed to construct general string from byte[]: " + e.Message); + } + } + + throw new ArgumentException("illegal object in GetInstance: " + Platform.GetTypeName(obj)); + } + + public static DerGeneralString GetInstance(Asn1TaggedObject taggedObject, bool declaredExplicit) + { + return (DerGeneralString)Meta.Instance.GetContextInstance(taggedObject, declaredExplicit); + } + + private readonly byte[] m_contents; + + public DerGeneralString(string str) + { + if (str == null) + throw new ArgumentNullException("str"); + + m_contents = Strings.ToAsciiByteArray(str); + } + + public DerGeneralString(byte[] contents) + : this(contents, true) + { + } + + internal DerGeneralString(byte[] contents, bool clone) + { + if (null == contents) + throw new ArgumentNullException("contents"); + + m_contents = clone ? Arrays.Clone(contents) : contents; + } + + public override string GetString() + { + return Strings.FromAsciiByteArray(m_contents); + } + + public byte[] GetOctets() + { + return Arrays.Clone(m_contents); + } + + internal override IAsn1Encoding GetEncoding(int encoding) + { + return new PrimitiveEncoding(Asn1Tags.Universal, Asn1Tags.GeneralString, m_contents); + } + + internal override IAsn1Encoding GetEncodingImplicit(int encoding, int tagClass, int tagNo) + { + return new PrimitiveEncoding(tagClass, tagNo, m_contents); + } + + protected override bool Asn1Equals(Asn1Object asn1Object) + { + DerGeneralString that = asn1Object as DerGeneralString; + return null != that + && Arrays.AreEqual(this.m_contents, that.m_contents); + } + + protected override int Asn1GetHashCode() + { + return Arrays.GetHashCode(m_contents); + } + + internal static DerGeneralString CreatePrimitive(byte[] contents) + { + return new DerGeneralString(contents, false); + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/DerGeneralizedTime.cs b/BouncyCastle/crypto/src/asn1/DerGeneralizedTime.cs new file mode 100644 index 0000000..ed2cb5e --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/DerGeneralizedTime.cs @@ -0,0 +1,343 @@ +using System; +using System.Globalization; +using System.IO; +using System.Text; + +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Asn1 +{ + /** + * Generalized time object. + */ + public class DerGeneralizedTime + : Asn1Object + { + internal class Meta : Asn1UniversalType + { + internal static readonly Asn1UniversalType Instance = new Meta(); + + private Meta() : base(typeof(DerGeneralizedTime), Asn1Tags.GeneralizedTime) {} + + internal override Asn1Object FromImplicitPrimitive(DerOctetString octetString) + { + return CreatePrimitive(octetString.GetOctets()); + } + } + + /** + * return a generalized time from the passed in object + * + * @exception ArgumentException if the object cannot be converted. + */ + public static DerGeneralizedTime GetInstance(object obj) + { + if (obj == null || obj is DerGeneralizedTime) + { + return (DerGeneralizedTime)obj; + } + else if (obj is IAsn1Convertible) + { + Asn1Object asn1Object = ((IAsn1Convertible)obj).ToAsn1Object(); + if (asn1Object is DerGeneralizedTime) + return (DerGeneralizedTime)asn1Object; + } + else if (obj is byte[]) + { + try + { + return (DerGeneralizedTime)Meta.Instance.FromByteArray((byte[])obj); + } + catch (IOException e) + { + throw new ArgumentException("failed to construct generalized time from byte[]: " + e.Message); + } + } + + throw new ArgumentException("illegal object in GetInstance: " + Platform.GetTypeName(obj), "obj"); + } + + /** + * return a generalized Time object from a tagged object. + * + * @param taggedObject the tagged object holding the object we want + * @param declaredExplicit true if the object is meant to be explicitly tagged false otherwise. + * @exception ArgumentException if the tagged object cannot be converted. + */ + public static DerGeneralizedTime GetInstance(Asn1TaggedObject taggedObject, bool declaredExplicit) + { + return (DerGeneralizedTime)Meta.Instance.GetContextInstance(taggedObject, declaredExplicit); + } + + private readonly string time; + + /** + * The correct format for this is YYYYMMDDHHMMSS[.f]Z, or without the Z + * for local time, or Z+-HHMM on the end, for difference between local + * time and UTC time. The fractional second amount f must consist of at + * least one number with trailing zeroes removed. + * + * @param time the time string. + * @exception ArgumentException if string is an illegal format. + */ + public DerGeneralizedTime( + string time) + { + this.time = time; + + try + { + ToDateTime(); + } + catch (FormatException e) + { + throw new ArgumentException("invalid date string: " + e.Message); + } + } + + /** + * base constructor from a local time object + */ + public DerGeneralizedTime( + DateTime time) + { +#if PORTABLE + this.time = time.ToUniversalTime().ToString(@"yyyyMMddHHmmss\Z"); +#else + this.time = time.ToString(@"yyyyMMddHHmmss\Z"); +#endif + } + + internal DerGeneralizedTime( + byte[] bytes) + { + // + // explicitly convert to characters + // + this.time = Strings.FromAsciiByteArray(bytes); + } + + /** + * Return the time. + * @return The time string as it appeared in the encoded object. + */ + public string TimeString + { + get { return time; } + } + + /** + * return the time - always in the form of + * YYYYMMDDhhmmssGMT(+hh:mm|-hh:mm). + *

+ * Normally in a certificate we would expect "Z" rather than "GMT", + * however adding the "GMT" means we can just use: + * 

+         *     dateF = new SimpleDateFormat("yyyyMMddHHmmssz");
+         *
+ * To read in the time and Get a date which is compatible with our local + * time zone.

+ */ + public string GetTime() + { + // + // standardise the format. + // + if (time[time.Length - 1] == 'Z') + { + return time.Substring(0, time.Length - 1) + "GMT+00:00"; + } + else + { + int signPos = time.Length - 5; + char sign = time[signPos]; + if (sign == '-' || sign == '+') + { + return time.Substring(0, signPos) + + "GMT" + + time.Substring(signPos, 3) + + ":" + + time.Substring(signPos + 3); + } + else + { + signPos = time.Length - 3; + sign = time[signPos]; + if (sign == '-' || sign == '+') + { + return time.Substring(0, signPos) + + "GMT" + + time.Substring(signPos) + + ":00"; + } + } + } + + return time + CalculateGmtOffset(); + } + + private string CalculateGmtOffset() + { + char sign = '+'; + DateTime time = ToDateTime(); + +#if SILVERLIGHT || PORTABLE + long offset = time.Ticks - time.ToUniversalTime().Ticks; + if (offset < 0) + { + sign = '-'; + offset = -offset; + } + int hours = (int)(offset / TimeSpan.TicksPerHour); + int minutes = (int)(offset / TimeSpan.TicksPerMinute) % 60; +#else + // Note: GetUtcOffset incorporates Daylight Savings offset + TimeSpan offset = TimeZone.CurrentTimeZone.GetUtcOffset(time); + if (offset.CompareTo(TimeSpan.Zero) < 0) + { + sign = '-'; + offset = offset.Duration(); + } + int hours = offset.Hours; + int minutes = offset.Minutes; +#endif + + return "GMT" + sign + Convert(hours) + ":" + Convert(minutes); + } + + private static string Convert( + int time) + { + if (time < 10) + { + return "0" + time; + } + + return time.ToString(); + } + + public DateTime ToDateTime() + { + string formatStr; + string d = time; + bool makeUniversal = false; + + if (Platform.EndsWith(d, "Z")) + { + if (HasFractionalSeconds) + { + int fCount = d.Length - d.IndexOf('.') - 2; + formatStr = @"yyyyMMddHHmmss." + FString(fCount) + @"\Z"; + } + else + { + formatStr = @"yyyyMMddHHmmss\Z"; + } + } + else if (time.IndexOf('-') > 0 || time.IndexOf('+') > 0) + { + d = GetTime(); + makeUniversal = true; + + if (HasFractionalSeconds) + { + int fCount = Platform.IndexOf(d, "GMT") - 1 - d.IndexOf('.'); + formatStr = @"yyyyMMddHHmmss." + FString(fCount) + @"'GMT'zzz"; + } + else + { + formatStr = @"yyyyMMddHHmmss'GMT'zzz"; + } + } + else + { + if (HasFractionalSeconds) + { + int fCount = d.Length - 1 - d.IndexOf('.'); + formatStr = @"yyyyMMddHHmmss." + FString(fCount); + } + else + { + formatStr = @"yyyyMMddHHmmss"; + } + + // TODO? +// dateF.setTimeZone(new SimpleTimeZone(0, TimeZone.getDefault().getID())); + } + + return ParseDateString(d, formatStr, makeUniversal); + } + + private string FString( + int count) + { + StringBuilder sb = new StringBuilder(); + for (int i = 0; i < count; ++i) + { + sb.Append('f'); + } + return sb.ToString(); + } + + private DateTime ParseDateString(string s, string format, bool makeUniversal) + { + /* + * NOTE: DateTime.Kind and DateTimeStyles.AssumeUniversal not available in .NET 1.1 + */ + DateTimeStyles style = DateTimeStyles.None; + if (Platform.EndsWith(format, "Z")) + { + try + { + style = (DateTimeStyles)Enums.GetEnumValue(typeof(DateTimeStyles), "AssumeUniversal"); + } + catch (Exception) + { + } + + style |= DateTimeStyles.AdjustToUniversal; + } + + DateTime dt = DateTime.ParseExact(s, format, DateTimeFormatInfo.InvariantInfo, style); + + return makeUniversal ? dt.ToUniversalTime() : dt; + } + + private bool HasFractionalSeconds + { + get { return time.IndexOf('.') == 14; } + } + + private byte[] GetOctets() + { + return Strings.ToAsciiByteArray(time); + } + + internal override IAsn1Encoding GetEncoding(int encoding) + { + return new PrimitiveEncoding(Asn1Tags.Universal, Asn1Tags.GeneralizedTime, GetOctets()); + } + + internal override IAsn1Encoding GetEncodingImplicit(int encoding, int tagClass, int tagNo) + { + return new PrimitiveEncoding(tagClass, tagNo, GetOctets()); + } + + protected override bool Asn1Equals(Asn1Object asn1Object) + { + DerGeneralizedTime that = asn1Object as DerGeneralizedTime; + return null != that + && this.time.Equals(that.time); + } + + protected override int Asn1GetHashCode() + { + return time.GetHashCode(); + } + + internal static DerGeneralizedTime CreatePrimitive(byte[] contents) + { + return new DerGeneralizedTime(contents); + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/DerGraphicString.cs b/BouncyCastle/crypto/src/asn1/DerGraphicString.cs new file mode 100644 index 0000000..cb32d14 --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/DerGraphicString.cs @@ -0,0 +1,122 @@ +using System; +using System.IO; + +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Asn1 +{ + public class DerGraphicString + : DerStringBase + { + internal class Meta : Asn1UniversalType + { + internal static readonly Asn1UniversalType Instance = new Meta(); + + private Meta() : base(typeof(DerGraphicString), Asn1Tags.GraphicString) {} + + internal override Asn1Object FromImplicitPrimitive(DerOctetString octetString) + { + return CreatePrimitive(octetString.GetOctets()); + } + } + + /** + * return a Graphic String from the passed in object + * + * @param obj a DerGraphicString or an object that can be converted into one. + * @exception IllegalArgumentException if the object cannot be converted. + * @return a DerGraphicString instance, or null. + */ + public static DerGraphicString GetInstance(object obj) + { + if (obj == null || obj is DerGraphicString) + { + return (DerGraphicString)obj; + } + else if (obj is IAsn1Convertible) + { + Asn1Object asn1Object = ((IAsn1Convertible)obj).ToAsn1Object(); + if (asn1Object is DerGraphicString) + return (DerGraphicString)asn1Object; + } + else if (obj is byte[]) + { + try + { + return (DerGraphicString)Meta.Instance.FromByteArray((byte[])obj); + } + catch (IOException e) + { + throw new ArgumentException("failed to construct graphic string from byte[]: " + e.Message); + } + } + + throw new ArgumentException("illegal object in GetInstance: " + Platform.GetTypeName(obj), "obj"); + } + + /** + * return a Graphic String from a tagged object. + * + * @param taggedObject the tagged object holding the object we want + * @param declaredExplicit true if the object is meant to be explicitly tagged false otherwise. + * @exception IllegalArgumentException if the tagged object cannot be converted. + * @return a DerGraphicString instance, or null. + */ + public static DerGraphicString GetInstance(Asn1TaggedObject taggedObject, bool declaredExplicit) + { + return (DerGraphicString)Meta.Instance.GetContextInstance(taggedObject, declaredExplicit); + } + + private readonly byte[] m_contents; + + public DerGraphicString(byte[] contents) + : this(contents, true) + { + } + + internal DerGraphicString(byte[] contents, bool clone) + { + if (null == contents) + throw new ArgumentNullException("contents"); + + this.m_contents = clone ? Arrays.Clone(contents) : contents; + } + + public override string GetString() + { + return Strings.FromByteArray(m_contents); + } + + public byte[] GetOctets() + { + return Arrays.Clone(m_contents); + } + + internal override IAsn1Encoding GetEncoding(int encoding) + { + return new PrimitiveEncoding(Asn1Tags.Universal, Asn1Tags.GraphicString, m_contents); + } + + internal override IAsn1Encoding GetEncodingImplicit(int encoding, int tagClass, int tagNo) + { + return new PrimitiveEncoding(tagClass, tagNo, m_contents); + } + + protected override int Asn1GetHashCode() + { + return Arrays.GetHashCode(m_contents); + } + + protected override bool Asn1Equals(Asn1Object asn1Object) + { + DerGraphicString that = asn1Object as DerGraphicString; + return null != that + && Arrays.AreEqual(this.m_contents, that.m_contents); + } + + internal static DerGraphicString CreatePrimitive(byte[] contents) + { + return new DerGraphicString(contents, false); + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/DerIA5String.cs b/BouncyCastle/crypto/src/asn1/DerIA5String.cs new file mode 100644 index 0000000..a568798 --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/DerIA5String.cs @@ -0,0 +1,162 @@ +using System; +using System.IO; + +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Asn1 +{ + /** + * IA5String object - this is an Ascii string. + */ + public class DerIA5String + : DerStringBase + { + internal class Meta : Asn1UniversalType + { + internal static readonly Asn1UniversalType Instance = new Meta(); + + private Meta() : base(typeof(DerIA5String), Asn1Tags.IA5String) {} + + internal override Asn1Object FromImplicitPrimitive(DerOctetString octetString) + { + return CreatePrimitive(octetString.GetOctets()); + } + } + + /** + * return an IA5 string from the passed in object + * + * @exception ArgumentException if the object cannot be converted. + */ + public static DerIA5String GetInstance(object obj) + { + if (obj == null || obj is DerIA5String) + { + return (DerIA5String)obj; + } + else if (obj is IAsn1Convertible) + { + Asn1Object asn1Object = ((IAsn1Convertible)obj).ToAsn1Object(); + if (asn1Object is DerIA5String) + return (DerIA5String)asn1Object; + } + else if (obj is byte[]) + { + try + { + return (DerIA5String)Meta.Instance.FromByteArray((byte[])obj); + } + catch (IOException e) + { + throw new ArgumentException("failed to construct IA5 string from byte[]: " + e.Message); + } + } + + throw new ArgumentException("illegal object in GetInstance: " + Platform.GetTypeName(obj)); + } + + /** + * return an IA5 string from a tagged object. + * + * @param taggedObject the tagged object holding the object we want + * @param declaredExplicit true if the object is meant to be explicitly tagged false otherwise. + * @exception ArgumentException if the tagged object cannot be converted. + */ + public static DerIA5String GetInstance(Asn1TaggedObject taggedObject, bool declaredExplicit) + { + return (DerIA5String)Meta.Instance.GetContextInstance(taggedObject, declaredExplicit); + } + + private readonly byte[] m_contents; + + public DerIA5String(string str) + : this(str, false) + { + } + + /** + * Constructor with optional validation. + * + * @param string the base string to wrap. + * @param validate whether or not to check the string. + * @throws ArgumentException if validate is true and the string + * contains characters that should not be in an IA5String. + */ + public DerIA5String(string str, bool validate) + { + if (str == null) + throw new ArgumentNullException("str"); + if (validate && !IsIA5String(str)) + throw new ArgumentException("string contains illegal characters", "str"); + + m_contents = Strings.ToAsciiByteArray(str); + } + + public DerIA5String(byte[] contents) + : this(contents, true) + { + } + + internal DerIA5String(byte[] contents, bool clone) + { + if (null == contents) + throw new ArgumentNullException("contents"); + + m_contents = clone ? Arrays.Clone(contents) : contents; + } + + public override string GetString() + { + return Strings.FromAsciiByteArray(m_contents); + } + + public byte[] GetOctets() + { + return Arrays.Clone(m_contents); + } + + internal override IAsn1Encoding GetEncoding(int encoding) + { + return new PrimitiveEncoding(Asn1Tags.Universal, Asn1Tags.IA5String, m_contents); + } + + internal override IAsn1Encoding GetEncodingImplicit(int encoding, int tagClass, int tagNo) + { + return new PrimitiveEncoding(tagClass, tagNo, m_contents); + } + + protected override bool Asn1Equals(Asn1Object asn1Object) + { + DerIA5String that = asn1Object as DerIA5String; + return null != that + && Arrays.AreEqual(this.m_contents, that.m_contents); + } + + protected override int Asn1GetHashCode() + { + return Arrays.GetHashCode(m_contents); + } + + /** + * return true if the passed in String can be represented without + * loss as an IA5String, false otherwise. + * + * @return true if in printable set, false otherwise. + */ + public static bool IsIA5String(string str) + { + foreach (char ch in str) + { + if (ch > 0x007f) + return false; + } + + return true; + } + + internal static DerIA5String CreatePrimitive(byte[] contents) + { + return new DerIA5String(contents, false); + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/DerInteger.cs b/BouncyCastle/crypto/src/asn1/DerInteger.cs new file mode 100644 index 0000000..c8d4e47 --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/DerInteger.cs @@ -0,0 +1,277 @@ +using System; +using System.IO; + +using Org.BouncyCastle.Math; +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Asn1 +{ + public class DerInteger + : Asn1Object + { + internal class Meta : Asn1UniversalType + { + internal static readonly Asn1UniversalType Instance = new Meta(); + + private Meta() : base(typeof(DerInteger), Asn1Tags.Integer) {} + + internal override Asn1Object FromImplicitPrimitive(DerOctetString octetString) + { + return CreatePrimitive(octetString.GetOctets()); + } + } + + public const string AllowUnsafeProperty = "Org.BouncyCastle.Asn1.AllowUnsafeInteger"; + + internal static bool AllowUnsafe() + { + string allowUnsafeValue = Platform.GetEnvironmentVariable(AllowUnsafeProperty); + return allowUnsafeValue != null && Platform.EqualsIgnoreCase("true", allowUnsafeValue); + } + + internal const int SignExtSigned = -1; + internal const int SignExtUnsigned = 0xFF; + + private readonly byte[] bytes; + private readonly int start; + + /** + * return an integer from the passed in object + * + * @exception ArgumentException if the object cannot be converted. + */ + public static DerInteger GetInstance(object obj) + { + if (obj == null || obj is DerInteger) + { + return (DerInteger)obj; + } + else if (obj is IAsn1Convertible) + { + Asn1Object asn1Object = ((IAsn1Convertible)obj).ToAsn1Object(); + if (asn1Object is DerInteger) + return (DerInteger)asn1Object; + } + else if (obj is byte[]) + { + try + { + return (DerInteger)Meta.Instance.FromByteArray((byte[])obj); + } + catch (IOException e) + { + throw new ArgumentException("failed to construct integer from byte[]: " + e.Message); + } + } + + throw new ArgumentException("illegal object in GetInstance: " + Platform.GetTypeName(obj)); + } + + /** + * return an Integer from a tagged object. + * + * @param taggedObject the tagged object holding the object we want + * @param declaredExplicit true if the object is meant to be explicitly tagged false otherwise. + * @exception ArgumentException if the tagged object cannot be converted. + */ + public static DerInteger GetInstance(Asn1TaggedObject taggedObject, bool declaredExplicit) + { + return (DerInteger)Meta.Instance.GetContextInstance(taggedObject, declaredExplicit); + } + + public DerInteger(int value) + { + this.bytes = BigInteger.ValueOf(value).ToByteArray(); + this.start = 0; + } + + public DerInteger(long value) + { + this.bytes = BigInteger.ValueOf(value).ToByteArray(); + this.start = 0; + } + + public DerInteger(BigInteger value) + { + if (value == null) + throw new ArgumentNullException("value"); + + this.bytes = value.ToByteArray(); + this.start = 0; + } + + public DerInteger(byte[] bytes) + : this(bytes, true) + { + } + + internal DerInteger(byte[] bytes, bool clone) + { + if (IsMalformed(bytes)) + throw new ArgumentException("malformed integer", "bytes"); + + this.bytes = clone ? Arrays.Clone(bytes) : bytes; + this.start = SignBytesToSkip(bytes); + } + + /** + * in some cases positive values Get crammed into a space, + * that's not quite big enough... + */ + public BigInteger PositiveValue + { + get { return new BigInteger(1, bytes); } + } + + public BigInteger Value + { + get { return new BigInteger(bytes); } + } + + public bool HasValue(int x) + { + return (bytes.Length - start) <= 4 + && IntValue(bytes, start, SignExtSigned) == x; + } + + public bool HasValue(long x) + { + return (bytes.Length - start) <= 8 + && LongValue(bytes, start, SignExtSigned) == x; + } + + public bool HasValue(BigInteger x) + { + return null != x + // Fast check to avoid allocation + && IntValue(bytes, start, SignExtSigned) == x.IntValue + && Value.Equals(x); + } + + public int IntPositiveValueExact + { + get + { + int count = bytes.Length - start; + if (count > 4 || (count == 4 && 0 != (bytes[start] & 0x80))) + throw new ArithmeticException("ASN.1 Integer out of positive int range"); + + return IntValue(bytes, start, SignExtUnsigned); + } + } + + public int IntValueExact + { + get + { + int count = bytes.Length - start; + if (count > 4) + throw new ArithmeticException("ASN.1 Integer out of int range"); + + return IntValue(bytes, start, SignExtSigned); + } + } + + public long LongValueExact + { + get + { + int count = bytes.Length - start; + if (count > 8) + throw new ArithmeticException("ASN.1 Integer out of long range"); + + return LongValue(bytes, start, SignExtSigned); + } + } + + internal override IAsn1Encoding GetEncoding(int encoding) + { + return new PrimitiveEncoding(Asn1Tags.Universal, Asn1Tags.Integer, bytes); + } + + internal override IAsn1Encoding GetEncodingImplicit(int encoding, int tagClass, int tagNo) + { + return new PrimitiveEncoding(tagClass, tagNo, bytes); + } + + protected override int Asn1GetHashCode() + { + return Arrays.GetHashCode(bytes); + } + + protected override bool Asn1Equals(Asn1Object asn1Object) + { + DerInteger other = asn1Object as DerInteger; + if (other == null) + return false; + + return Arrays.AreEqual(this.bytes, other.bytes); + } + + public override string ToString() + { + return Value.ToString(); + } + + internal static DerInteger CreatePrimitive(byte[] contents) + { + return new DerInteger(contents, false); + } + + internal static int IntValue(byte[] bytes, int start, int signExt) + { + int length = bytes.Length; + int pos = System.Math.Max(start, length - 4); + + int val = (sbyte)bytes[pos] & signExt; + while (++pos < length) + { + val = (val << 8) | bytes[pos]; + } + return val; + } + + internal static long LongValue(byte[] bytes, int start, int signExt) + { + int length = bytes.Length; + int pos = System.Math.Max(start, length - 8); + + long val = (sbyte)bytes[pos] & signExt; + while (++pos < length) + { + val = (val << 8) | bytes[pos]; + } + return val; + } + + /** + * Apply the correct validation for an INTEGER primitive following the BER rules. + * + * @param bytes The raw encoding of the integer. + * @return true if the (in)put fails this validation. + */ + internal static bool IsMalformed(byte[] bytes) + { + switch (bytes.Length) + { + case 0: + return true; + case 1: + return false; + default: + return (sbyte)bytes[0] == ((sbyte)bytes[1] >> 7) && !AllowUnsafe(); + } + } + + internal static int SignBytesToSkip(byte[] bytes) + { + int pos = 0, last = bytes.Length - 1; + while (pos < last + && (sbyte)bytes[pos] == ((sbyte)bytes[pos + 1] >> 7)) + { + ++pos; + } + return pos; + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/DerNull.cs b/BouncyCastle/crypto/src/asn1/DerNull.cs new file mode 100644 index 0000000..ddf6139 --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/DerNull.cs @@ -0,0 +1,39 @@ +using System; + +namespace Org.BouncyCastle.Asn1 +{ + /** + * A Null object. + */ + public class DerNull + : Asn1Null + { + public static readonly DerNull Instance = new DerNull(); + + private static readonly byte[] ZeroBytes = new byte[0]; + + protected internal DerNull() + { + } + + internal override IAsn1Encoding GetEncoding(int encoding) + { + return new PrimitiveEncoding(Asn1Tags.Universal, Asn1Tags.Null, ZeroBytes); + } + + internal override IAsn1Encoding GetEncodingImplicit(int encoding, int tagClass, int tagNo) + { + return new PrimitiveEncoding(tagClass, tagNo, ZeroBytes); + } + + protected override bool Asn1Equals(Asn1Object asn1Object) + { + return asn1Object is DerNull; + } + + protected override int Asn1GetHashCode() + { + return -1; + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/DerNumericString.cs b/BouncyCastle/crypto/src/asn1/DerNumericString.cs new file mode 100644 index 0000000..693ff7d --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/DerNumericString.cs @@ -0,0 +1,191 @@ +using System; +using System.IO; + +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Asn1 +{ + /** + * Der NumericString object - this is an ascii string of characters {0,1,2,3,4,5,6,7,8,9, }. + */ + public class DerNumericString + : DerStringBase + { + internal class Meta : Asn1UniversalType + { + internal static readonly Asn1UniversalType Instance = new Meta(); + + private Meta() : base(typeof(DerNumericString), Asn1Tags.NumericString) {} + + internal override Asn1Object FromImplicitPrimitive(DerOctetString octetString) + { + return CreatePrimitive(octetString.GetOctets()); + } + } + + /** + * return a numeric string from the passed in object + * + * @exception ArgumentException if the object cannot be converted. + */ + public static DerNumericString GetInstance(object obj) + { + if (obj == null || obj is DerNumericString) + { + return (DerNumericString)obj; + } + else if (obj is IAsn1Convertible) + { + Asn1Object asn1Object = ((IAsn1Convertible)obj).ToAsn1Object(); + if (asn1Object is DerNumericString) + return (DerNumericString)asn1Object; + } + else if (obj is byte[]) + { + try + { + return (DerNumericString)Meta.Instance.FromByteArray((byte[])obj); + } + catch (IOException e) + { + throw new ArgumentException("failed to construct numeric string from byte[]: " + e.Message); + } + } + + throw new ArgumentException("illegal object in GetInstance: " + Platform.GetTypeName(obj)); + } + + /** + * return a numeric string from a tagged object. + * + * @param taggedObject the tagged object holding the object we want + * @param declaredExplicit true if the object is meant to be explicitly tagged false otherwise. + * @exception ArgumentException if the tagged object cannot be converted. + */ + public static DerNumericString GetInstance(Asn1TaggedObject taggedObject, bool declaredExplicit) + { + return (DerNumericString)Meta.Instance.GetContextInstance(taggedObject, declaredExplicit); + } + + private readonly byte[] m_contents; + + public DerNumericString(string str) + : this(str, false) + { + } + + /** + * Constructor with optional validation. + * + * @param string the base string to wrap. + * @param validate whether or not to check the string. + * @throws ArgumentException if validate is true and the string + * contains characters that should not be in a NumericString. + */ + public DerNumericString(string str, bool validate) + { + if (str == null) + throw new ArgumentNullException("str"); + if (validate && !IsNumericString(str)) + throw new ArgumentException("string contains illegal characters", "str"); + + m_contents = Strings.ToAsciiByteArray(str); + } + + public DerNumericString(byte[] contents) + : this(contents, true) + { + } + + internal DerNumericString(byte[] contents, bool clone) + { + if (null == contents) + throw new ArgumentNullException("contents"); + + m_contents = clone ? Arrays.Clone(contents) : contents; + } + + public override string GetString() + { + return Strings.FromAsciiByteArray(m_contents); + } + + public byte[] GetOctets() + { + return Arrays.Clone(m_contents); + } + + internal override IAsn1Encoding GetEncoding(int encoding) + { + return new PrimitiveEncoding(Asn1Tags.Universal, Asn1Tags.NumericString, m_contents); + } + + internal override IAsn1Encoding GetEncodingImplicit(int encoding, int tagClass, int tagNo) + { + return new PrimitiveEncoding(tagClass, tagNo, m_contents); + } + + protected override bool Asn1Equals(Asn1Object asn1Object) + { + DerNumericString that = asn1Object as DerNumericString; + return null != that + && Arrays.AreEqual(this.m_contents, that.m_contents); + } + + protected override int Asn1GetHashCode() + { + return Arrays.GetHashCode(m_contents); + } + + /** + * Return true if the string can be represented as a NumericString ('0'..'9', ' ') + * + * @param str string to validate. + * @return true if numeric, fale otherwise. + */ + public static bool IsNumericString(string str) + { + foreach (char ch in str) + { + if (ch > 0x007f || (ch != ' ' && !char.IsDigit(ch))) + return false; + } + + return true; + } + + internal static bool IsNumericString(byte[] contents) + { + for (int i = 0; i < contents.Length; ++i) + { + switch (contents[i]) + { + case 0x20: + case 0x30: + case 0x31: + case 0x32: + case 0x33: + case 0x34: + case 0x35: + case 0x36: + case 0x37: + case 0x38: + case 0x39: + break; + default: + return false; + } + } + + return true; + } + + internal static DerNumericString CreatePrimitive(byte[] contents) + { + // TODO Validation - sort out exception types + //if (!IsNumericString(contents)) + + return new DerNumericString(contents, false); + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/DerObjectIdentifier.cs b/BouncyCastle/crypto/src/asn1/DerObjectIdentifier.cs new file mode 100644 index 0000000..8b77f96 --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/DerObjectIdentifier.cs @@ -0,0 +1,308 @@ +using System; +using System.IO; +using System.Text; + +using Org.BouncyCastle.Math; +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Asn1 +{ + public class DerObjectIdentifier + : Asn1Object + { + internal class Meta : Asn1UniversalType + { + internal static readonly Asn1UniversalType Instance = new Meta(); + + private Meta() : base(typeof(DerObjectIdentifier), Asn1Tags.ObjectIdentifier) {} + + internal override Asn1Object FromImplicitPrimitive(DerOctetString octetString) + { + return CreatePrimitive(octetString.GetOctets(), false); + } + } + + public static DerObjectIdentifier FromContents(byte[] contents) + { + return CreatePrimitive(contents, true); + } + + /** + * return an OID from the passed in object + * + * @exception ArgumentException if the object cannot be converted. + */ + public static DerObjectIdentifier GetInstance(object obj) + { + if (obj == null || obj is DerObjectIdentifier) + { + return (DerObjectIdentifier)obj; + } + else if (obj is IAsn1Convertible) + { + Asn1Object asn1Object = ((IAsn1Convertible)obj).ToAsn1Object(); + if (asn1Object is DerObjectIdentifier) + return (DerObjectIdentifier)asn1Object; + } + else if (obj is byte[]) + { + try + { + return (DerObjectIdentifier)Meta.Instance.FromByteArray((byte[])obj); + } + catch (IOException e) + { + throw new ArgumentException("failed to construct object identifier from byte[]: " + e.Message); + } + } + + throw new ArgumentException("illegal object in GetInstance: " + Platform.GetTypeName(obj), "obj"); + } + + public static DerObjectIdentifier GetInstance(Asn1TaggedObject taggedObject, bool declaredExplicit) + { + /* + * TODO[asn1] This block here is for backward compatibility, but should eventually be removed. + * + * - see https://github.com/bcgit/bc-java/issues/1015 + */ + if (!declaredExplicit && !taggedObject.IsParsed()) + { + Asn1Object baseObject = taggedObject.GetObject(); + if (!(baseObject is DerObjectIdentifier)) + return FromContents(Asn1OctetString.GetInstance(baseObject).GetOctets()); + } + + return (DerObjectIdentifier)Meta.Instance.GetContextInstance(taggedObject, declaredExplicit); + } + + private const long LongLimit = (Int64.MaxValue >> 7) - 0x7F; + + private static readonly DerObjectIdentifier[] cache = new DerObjectIdentifier[1024]; + + private readonly string identifier; + private byte[] contents; + + public DerObjectIdentifier(string identifier) + { + if (identifier == null) + throw new ArgumentNullException("identifier"); + if (!IsValidIdentifier(identifier)) + throw new FormatException("string " + identifier + " not an OID"); + + this.identifier = identifier; + } + + private DerObjectIdentifier(DerObjectIdentifier oid, string branchID) + { + if (!Asn1RelativeOid.IsValidIdentifier(branchID, 0)) + throw new ArgumentException("string " + branchID + " not a valid OID branch", "branchID"); + + this.identifier = oid.Id + "." + branchID; + } + + private DerObjectIdentifier(byte[] contents, bool clone) + { + this.identifier = ParseContents(contents); + this.contents = clone ? Arrays.Clone(contents) : contents; + } + + public virtual DerObjectIdentifier Branch(string branchID) + { + return new DerObjectIdentifier(this, branchID); + } + + public string Id + { + get { return identifier; } + } + + /** + * Return true if this oid is an extension of the passed in branch, stem. + * @param stem the arc or branch that is a possible parent. + * @return true if the branch is on the passed in stem, false otherwise. + */ + public virtual bool On(DerObjectIdentifier stem) + { + string id = Id, stemId = stem.Id; + return id.Length > stemId.Length && id[stemId.Length] == '.' && Platform.StartsWith(id, stemId); + } + + public override string ToString() + { + return identifier; + } + + protected override bool Asn1Equals(Asn1Object asn1Object) + { + DerObjectIdentifier that = asn1Object as DerObjectIdentifier; + return null != that + && this.identifier == that.identifier; + } + + protected override int Asn1GetHashCode() + { + return identifier.GetHashCode(); + } + + internal override IAsn1Encoding GetEncoding(int encoding) + { + return new PrimitiveEncoding(Asn1Tags.Universal, Asn1Tags.ObjectIdentifier, GetContents()); + } + + internal override IAsn1Encoding GetEncodingImplicit(int encoding, int tagClass, int tagNo) + { + return new PrimitiveEncoding(tagClass, tagNo, GetContents()); + } + + private void DoOutput(MemoryStream bOut) + { + OidTokenizer tok = new OidTokenizer(identifier); + + string token = tok.NextToken(); + int first = int.Parse(token) * 40; + + token = tok.NextToken(); + if (token.Length <= 18) + { + Asn1RelativeOid.WriteField(bOut, first + Int64.Parse(token)); + } + else + { + Asn1RelativeOid.WriteField(bOut, new BigInteger(token).Add(BigInteger.ValueOf(first))); + } + + while (tok.HasMoreTokens) + { + token = tok.NextToken(); + if (token.Length <= 18) + { + Asn1RelativeOid.WriteField(bOut, Int64.Parse(token)); + } + else + { + Asn1RelativeOid.WriteField(bOut, new BigInteger(token)); + } + } + } + + private byte[] GetContents() + { + lock (this) + { + if (contents == null) + { + MemoryStream bOut = new MemoryStream(); + DoOutput(bOut); + contents = bOut.ToArray(); + } + + return contents; + } + } + + internal static DerObjectIdentifier CreatePrimitive(byte[] contents, bool clone) + { + int hashCode = Arrays.GetHashCode(contents); + int first = hashCode & 1023; + + lock (cache) + { + DerObjectIdentifier entry = cache[first]; + if (entry != null && Arrays.AreEqual(contents, entry.GetContents())) + { + return entry; + } + + return cache[first] = new DerObjectIdentifier(contents, clone); + } + } + + private static bool IsValidIdentifier(string identifier) + { + if (identifier.Length < 3 || identifier[1] != '.') + return false; + + char first = identifier[0]; + if (first < '0' || first > '2') + return false; + + return Asn1RelativeOid.IsValidIdentifier(identifier, 2); + } + + private static string ParseContents(byte[] contents) + { + StringBuilder objId = new StringBuilder(); + long value = 0; + BigInteger bigValue = null; + bool first = true; + + for (int i = 0; i != contents.Length; i++) + { + int b = contents[i]; + + if (value <= LongLimit) + { + value += b & 0x7F; + if ((b & 0x80) == 0) + { + if (first) + { + if (value < 40) + { + objId.Append('0'); + } + else if (value < 80) + { + objId.Append('1'); + value -= 40; + } + else + { + objId.Append('2'); + value -= 80; + } + first = false; + } + + objId.Append('.'); + objId.Append(value); + value = 0; + } + else + { + value <<= 7; + } + } + else + { + if (bigValue == null) + { + bigValue = BigInteger.ValueOf(value); + } + bigValue = bigValue.Or(BigInteger.ValueOf(b & 0x7F)); + if ((b & 0x80) == 0) + { + if (first) + { + objId.Append('2'); + bigValue = bigValue.Subtract(BigInteger.ValueOf(80)); + first = false; + } + + objId.Append('.'); + objId.Append(bigValue); + bigValue = null; + value = 0; + } + else + { + bigValue = bigValue.ShiftLeft(7); + } + } + } + + return objId.ToString(); + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/DerOctetString.cs b/BouncyCastle/crypto/src/asn1/DerOctetString.cs new file mode 100644 index 0000000..d9913f0 --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/DerOctetString.cs @@ -0,0 +1,41 @@ +using System; + +namespace Org.BouncyCastle.Asn1 +{ + public class DerOctetString + : Asn1OctetString + { + /// The octets making up the octet string. + public DerOctetString(byte[] contents) + : base(contents) + { + } + + public DerOctetString(IAsn1Convertible obj) + : this(obj.ToAsn1Object()) + { + } + + public DerOctetString(Asn1Encodable obj) + : base(obj.GetEncoded(Der)) + { + } + + internal override IAsn1Encoding GetEncoding(int encoding) + { + return new PrimitiveEncoding(Asn1Tags.Universal, Asn1Tags.OctetString, contents); + } + + internal override IAsn1Encoding GetEncodingImplicit(int encoding, int tagClass, int tagNo) + { + return new PrimitiveEncoding(tagClass, tagNo, contents); + } + + internal static void Encode(Asn1OutputStream asn1Out, byte[] buf, int off, int len) + { + asn1Out.WriteIdentifier(Asn1Tags.Universal, Asn1Tags.OctetString); + asn1Out.WriteDL(len); + asn1Out.Write(buf, off, len); + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/DerOutputStream.cs b/BouncyCastle/crypto/src/asn1/DerOutputStream.cs new file mode 100644 index 0000000..4c7dd1f --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/DerOutputStream.cs @@ -0,0 +1,42 @@ +using System; +using System.IO; + +using Org.BouncyCastle.Utilities.IO; + +namespace Org.BouncyCastle.Asn1 +{ + [Obsolete("Use 'Asn1OutputStream' instead")] + public class DerOutputStream + : FilterStream + { + [Obsolete("Use 'Asn1OutputStream.Create' instead")] + public DerOutputStream(Stream os) + : base(os) + { + } + + public virtual void WriteObject(Asn1Encodable encodable) + { + Asn1OutputStream.Create(s, Asn1Encodable.Der).WriteObject(encodable); + } + + public virtual void WriteObject(Asn1Object primitive) + { + Asn1OutputStream.Create(s, Asn1Encodable.Der).WriteObject(primitive); + } + } + + internal class DerOutputStreamNew + : Asn1OutputStream + { + internal DerOutputStreamNew(Stream os) + : base(os) + { + } + + internal override int Encoding + { + get { return EncodingDer; } + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/DerPrintableString.cs b/BouncyCastle/crypto/src/asn1/DerPrintableString.cs new file mode 100644 index 0000000..3c44a2d --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/DerPrintableString.cs @@ -0,0 +1,188 @@ +using System; +using System.IO; + +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Asn1 +{ + /** + * Der PrintableString object. + */ + public class DerPrintableString + : DerStringBase + { + internal class Meta : Asn1UniversalType + { + internal static readonly Asn1UniversalType Instance = new Meta(); + + private Meta() : base(typeof(DerPrintableString), Asn1Tags.PrintableString) {} + + internal override Asn1Object FromImplicitPrimitive(DerOctetString octetString) + { + return CreatePrimitive(octetString.GetOctets()); + } + } + + /** + * return a printable string from the passed in object. + * + * @exception ArgumentException if the object cannot be converted. + */ + public static DerPrintableString GetInstance(object obj) + { + if (obj == null || obj is DerPrintableString) + { + return (DerPrintableString)obj; + } + else if (obj is IAsn1Convertible) + { + Asn1Object asn1Object = ((IAsn1Convertible)obj).ToAsn1Object(); + if (asn1Object is DerPrintableString) + return (DerPrintableString)asn1Object; + } + else if (obj is byte[]) + { + try + { + return (DerPrintableString)Meta.Instance.FromByteArray((byte[])obj); + } + catch (IOException e) + { + throw new ArgumentException("failed to construct printable string from byte[]: " + e.Message); + } + } + + throw new ArgumentException("illegal object in GetInstance: " + Platform.GetTypeName(obj)); + } + + /** + * return a printable string from a tagged object. + * + * @param taggedObject the tagged object holding the object we want + * @param declaredExplicit true if the object is meant to be explicitly tagged false otherwise. + * @exception ArgumentException if the tagged object cannot be converted. + */ + public static DerPrintableString GetInstance(Asn1TaggedObject taggedObject, bool declaredExplicit) + { + return (DerPrintableString)Meta.Instance.GetContextInstance(taggedObject, declaredExplicit); + } + + private readonly byte[] m_contents; + + public DerPrintableString(string str) + : this(str, false) + { + } + + /** + * Constructor with optional validation. + * + * @param string the base string to wrap. + * @param validate whether or not to check the string. + * @throws ArgumentException if validate is true and the string + * contains characters that should not be in a PrintableString. + */ + public DerPrintableString(string str, bool validate) + { + if (str == null) + throw new ArgumentNullException("str"); + if (validate && !IsPrintableString(str)) + throw new ArgumentException("string contains illegal characters", "str"); + + m_contents = Strings.ToAsciiByteArray(str); + } + + public DerPrintableString(byte[] contents) + : this(contents, true) + { + } + + internal DerPrintableString(byte[] contents, bool clone) + { + if (null == contents) + throw new ArgumentNullException("contents"); + + m_contents = clone ? Arrays.Clone(contents) : contents; + } + + public override string GetString() + { + return Strings.FromAsciiByteArray(m_contents); + } + + public byte[] GetOctets() + { + return Arrays.Clone(m_contents); + } + + internal override IAsn1Encoding GetEncoding(int encoding) + { + return new PrimitiveEncoding(Asn1Tags.Universal, Asn1Tags.PrintableString, m_contents); + } + + internal override IAsn1Encoding GetEncodingImplicit(int encoding, int tagClass, int tagNo) + { + return new PrimitiveEncoding(tagClass, tagNo, m_contents); + } + + protected override bool Asn1Equals( + Asn1Object asn1Object) + { + DerPrintableString that = asn1Object as DerPrintableString; + return null != that + && Arrays.AreEqual(this.m_contents, that.m_contents); + } + + protected override int Asn1GetHashCode() + { + return Arrays.GetHashCode(m_contents); + } + + /** + * return true if the passed in String can be represented without + * loss as a PrintableString, false otherwise. + * + * @return true if in printable set, false otherwise. + */ + public static bool IsPrintableString(string str) + { + foreach (char ch in str) + { + if (ch > 0x007f) + return false; + + if (char.IsLetterOrDigit(ch)) + continue; + +// if (char.IsPunctuation(ch)) +// continue; + + switch (ch) + { + case ' ': + case '\'': + case '(': + case ')': + case '+': + case '-': + case '.': + case ':': + case '=': + case '?': + case '/': + case ',': + continue; + } + + return false; + } + + return true; + } + + internal static DerPrintableString CreatePrimitive(byte[] contents) + { + return new DerPrintableString(contents, false); + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/DerSequence.cs b/BouncyCastle/crypto/src/asn1/DerSequence.cs new file mode 100644 index 0000000..2ac977f --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/DerSequence.cs @@ -0,0 +1,82 @@ +using System; + +namespace Org.BouncyCastle.Asn1 +{ + public class DerSequence + : Asn1Sequence + { + public static readonly DerSequence Empty = new DerSequence(); + + public static DerSequence FromVector(Asn1EncodableVector elementVector) + { + return elementVector.Count < 1 ? Empty : new DerSequence(elementVector); + } + + /** + * create an empty sequence + */ + public DerSequence() + : base() + { + } + + /** + * create a sequence containing one object + */ + public DerSequence(Asn1Encodable element) + : base(element) + { + } + + public DerSequence(params Asn1Encodable[] elements) + : base(elements) + { + } + + /** + * create a sequence containing a vector of objects. + */ + public DerSequence(Asn1EncodableVector elementVector) + : base(elementVector) + { + } + + internal DerSequence(Asn1Encodable[] elements, bool clone) + : base(elements, clone) + { + } + + internal override IAsn1Encoding GetEncoding(int encoding) + { + return new ConstructedDLEncoding(Asn1Tags.Universal, Asn1Tags.Sequence, + Asn1OutputStream.GetContentsEncodings(Asn1OutputStream.EncodingDer, elements)); + } + + internal override IAsn1Encoding GetEncodingImplicit(int encoding, int tagClass, int tagNo) + { + return new ConstructedDLEncoding(tagClass, tagNo, + Asn1OutputStream.GetContentsEncodings(Asn1OutputStream.EncodingDer, elements)); + } + + internal override DerBitString ToAsn1BitString() + { + return new DerBitString(BerBitString.FlattenBitStrings(GetConstructedBitStrings()), false); + } + + internal override DerExternal ToAsn1External() + { + return new DerExternal(this); + } + + internal override Asn1OctetString ToAsn1OctetString() + { + return new DerOctetString(BerOctetString.FlattenOctetStrings(GetConstructedOctetStrings())); + } + + internal override Asn1Set ToAsn1Set() + { + // NOTE: DLSet is intentional, we don't want sorting + return new DLSet(false, elements); + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/DerSet.cs b/BouncyCastle/crypto/src/asn1/DerSet.cs new file mode 100644 index 0000000..3e52094 --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/DerSet.cs @@ -0,0 +1,89 @@ +using System; + +namespace Org.BouncyCastle.Asn1 +{ + /** + * A Der encoded set object + */ + public class DerSet + : Asn1Set + { + public static readonly DerSet Empty = new DerSet(); + + public static DerSet FromVector(Asn1EncodableVector elementVector) + { + return elementVector.Count < 1 ? Empty : new DerSet(elementVector); + } + + /** + * create an empty set + */ + public DerSet() + : base() + { + } + + /** + * @param obj - a single object that makes up the set. + */ + public DerSet(Asn1Encodable element) + : base(element) + { + } + + public DerSet(params Asn1Encodable[] elements) + : base(elements, true) + { + } + + internal DerSet(Asn1Encodable[] elements, bool doSort) + : base(elements, doSort) + { + } + + /** + * @param v - a vector of objects making up the set. + */ + public DerSet(Asn1EncodableVector elementVector) + : base(elementVector, true) + { + } + + internal DerSet(Asn1EncodableVector elementVector, bool doSort) + : base(elementVector, doSort) + { + } + + internal DerSet(bool isSorted, Asn1Encodable[] elements) + : base(isSorted, elements) + { + } + + internal override IAsn1Encoding GetEncoding(int encoding) + { + return new ConstructedDLEncoding(Asn1Tags.Universal, Asn1Tags.Set, + Asn1OutputStream.GetContentsEncodings(Asn1OutputStream.EncodingDer, GetSortedElements())); + } + + internal override IAsn1Encoding GetEncodingImplicit(int encoding, int tagClass, int tagNo) + { + return new ConstructedDLEncoding(tagClass, tagNo, + Asn1OutputStream.GetContentsEncodings(Asn1OutputStream.EncodingDer, GetSortedElements())); + } + + private Asn1Encodable[] GetSortedElements() + { + if (isSorted) + return elements; + + int count = elements.Length; + Asn1Object[] asn1Objects = new Asn1Object[count]; + for (int i = 0; i < count; ++i) + { + asn1Objects[i] = elements[i].ToAsn1Object(); + } + + return Sort(asn1Objects); + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/DerStringBase.cs b/BouncyCastle/crypto/src/asn1/DerStringBase.cs new file mode 100644 index 0000000..2a5fb04 --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/DerStringBase.cs @@ -0,0 +1,22 @@ +namespace Org.BouncyCastle.Asn1 +{ + public abstract class DerStringBase + : Asn1Object, IAsn1String + { + protected DerStringBase() + { + } + + public abstract string GetString(); + + public override string ToString() + { + return GetString(); + } + + protected override int Asn1GetHashCode() + { + return GetString().GetHashCode(); + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/DerT61String.cs b/BouncyCastle/crypto/src/asn1/DerT61String.cs new file mode 100644 index 0000000..a0e4f1d --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/DerT61String.cs @@ -0,0 +1,130 @@ +using System; +using System.IO; + +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Asn1 +{ + /** + * Der T61String (also the teletex string) - 8-bit characters + */ + public class DerT61String + : DerStringBase + { + internal class Meta : Asn1UniversalType + { + internal static readonly Asn1UniversalType Instance = new Meta(); + + private Meta() : base(typeof(DerT61String), Asn1Tags.T61String) {} + + internal override Asn1Object FromImplicitPrimitive(DerOctetString octetString) + { + return CreatePrimitive(octetString.GetOctets()); + } + } + + /** + * return a T61 string from the passed in object. + * + * @exception ArgumentException if the object cannot be converted. + */ + public static DerT61String GetInstance(object obj) + { + if (obj == null || obj is DerT61String) + { + return (DerT61String)obj; + } + else if (obj is IAsn1Convertible) + { + Asn1Object asn1Object = ((IAsn1Convertible)obj).ToAsn1Object(); + if (asn1Object is DerT61String) + return (DerT61String)asn1Object; + } + else if (obj is byte[]) + { + try + { + return (DerT61String)Meta.Instance.FromByteArray((byte[])obj); + } + catch (IOException e) + { + throw new ArgumentException("failed to construct T61 string from byte[]: " + e.Message); + } + } + + throw new ArgumentException("illegal object in GetInstance: " + Platform.GetTypeName(obj)); + } + + /** + * return a T61 string from a tagged object. + * + * @param taggedObject the tagged object holding the object we want + * @param declaredExplicit true if the object is meant to be explicitly tagged false otherwise. + * @exception ArgumentException if the tagged object cannot be converted. + */ + public static DerT61String GetInstance(Asn1TaggedObject taggedObject, bool declaredExplicit) + { + return (DerT61String)Meta.Instance.GetContextInstance(taggedObject, declaredExplicit); + } + + private readonly byte[] m_contents; + + public DerT61String(string str) + { + if (str == null) + throw new ArgumentNullException("str"); + + m_contents = Strings.ToByteArray(str); + } + + public DerT61String(byte[] contents) + : this(contents, true) + { + } + + internal DerT61String(byte[] contents, bool clone) + { + if (null == contents) + throw new ArgumentNullException("contents"); + + m_contents = clone ? Arrays.Clone(contents) : contents; + } + + public override string GetString() + { + return Strings.FromByteArray(m_contents); + } + + internal override IAsn1Encoding GetEncoding(int encoding) + { + return new PrimitiveEncoding(Asn1Tags.Universal, Asn1Tags.T61String, m_contents); + } + + internal override IAsn1Encoding GetEncodingImplicit(int encoding, int tagClass, int tagNo) + { + return new PrimitiveEncoding(tagClass, tagNo, m_contents); + } + + public byte[] GetOctets() + { + return Arrays.Clone(m_contents); + } + + protected override bool Asn1Equals(Asn1Object asn1Object) + { + DerT61String that = asn1Object as DerT61String; + return null != that + && Arrays.AreEqual(this.m_contents, that.m_contents); + } + + protected override int Asn1GetHashCode() + { + return Arrays.GetHashCode(m_contents); + } + + internal static DerT61String CreatePrimitive(byte[] contents) + { + return new DerT61String(contents, false); + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/DerTaggedObject.cs b/BouncyCastle/crypto/src/asn1/DerTaggedObject.cs new file mode 100644 index 0000000..68a32e4 --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/DerTaggedObject.cs @@ -0,0 +1,92 @@ +using System; + +namespace Org.BouncyCastle.Asn1 +{ + /** + * DER TaggedObject - in ASN.1 notation this is any object preceded by + * a [n] where n is some number - these are assumed to follow the construction + * rules (as with sequences). + */ + public class DerTaggedObject + : Asn1TaggedObject + { + /** + * create an implicitly tagged object that contains a zero + * length sequence. + */ + [Obsolete("Will be removed")] + public DerTaggedObject(int tagNo) + : base(false, tagNo, DerSequence.Empty) + { + } + + public DerTaggedObject(int tagNo, Asn1Encodable obj) + : base(true, tagNo, obj) + { + } + + public DerTaggedObject(int tagClass, int tagNo, Asn1Encodable obj) + : base(true, tagClass, tagNo, obj) + { + } + + /** + * @param isExplicit true if an explicitly tagged object. + * @param tagNo the tag number for this object. + * @param obj the tagged object. + */ + public DerTaggedObject(bool isExplicit, int tagNo, Asn1Encodable obj) + : base(isExplicit, tagNo, obj) + { + } + + public DerTaggedObject(bool isExplicit, int tagClass, int tagNo, Asn1Encodable obj) + : base(isExplicit, tagClass, tagNo, obj) + { + } + + internal DerTaggedObject(int explicitness, int tagClass, int tagNo, Asn1Encodable obj) + : base(explicitness, tagClass, tagNo, obj) + { + } + + internal override string Asn1Encoding + { + get { return Der; } + } + + internal override IAsn1Encoding GetEncoding(int encoding) + { + encoding = Asn1OutputStream.EncodingDer; + + Asn1Object baseObject = GetBaseObject().ToAsn1Object(); + + if (!IsExplicit()) + return baseObject.GetEncodingImplicit(encoding, TagClass, TagNo); + + return new ConstructedDLEncoding(TagClass, TagNo, new IAsn1Encoding[]{ baseObject.GetEncoding(encoding) }); + } + + internal override IAsn1Encoding GetEncodingImplicit(int encoding, int tagClass, int tagNo) + { + encoding = Asn1OutputStream.EncodingDer; + + Asn1Object baseObject = GetBaseObject().ToAsn1Object(); + + if (!IsExplicit()) + return baseObject.GetEncodingImplicit(encoding, tagClass, tagNo); + + return new ConstructedDLEncoding(tagClass, tagNo, new IAsn1Encoding[]{ baseObject.GetEncoding(encoding) }); + } + + internal override Asn1Sequence RebuildConstructed(Asn1Object asn1Object) + { + return new DerSequence(asn1Object); + } + + internal override Asn1TaggedObject ReplaceTag(int tagClass, int tagNo) + { + return new DerTaggedObject(explicitness, tagClass, tagNo, obj); + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/DerUTCTime.cs b/BouncyCastle/crypto/src/asn1/DerUTCTime.cs new file mode 100644 index 0000000..cb3f133 --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/DerUTCTime.cs @@ -0,0 +1,284 @@ +using System; +using System.Globalization; +using System.IO; + +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Asn1 +{ + /** + * UTC time object. + */ + public class DerUtcTime + : Asn1Object + { + internal class Meta : Asn1UniversalType + { + internal static readonly Asn1UniversalType Instance = new Meta(); + + private Meta() : base(typeof(DerUtcTime), Asn1Tags.UtcTime) {} + + internal override Asn1Object FromImplicitPrimitive(DerOctetString octetString) + { + return CreatePrimitive(octetString.GetOctets()); + } + } + + /** + * return a UTC Time from the passed in object. + * + * @exception ArgumentException if the object cannot be converted. + */ + public static DerUtcTime GetInstance(object obj) + { + if (obj == null || obj is DerUtcTime) + { + return (DerUtcTime)obj; + } + else if (obj is IAsn1Convertible) + { + Asn1Object asn1Object = ((IAsn1Convertible)obj).ToAsn1Object(); + if (asn1Object is DerUtcTime) + return (DerUtcTime)asn1Object; + } + else if (obj is byte[]) + { + try + { + return (DerUtcTime)Meta.Instance.FromByteArray((byte[])obj); + } + catch (IOException e) + { + throw new ArgumentException("failed to construct UTC time from byte[]: " + e.Message); + } + } + + throw new ArgumentException("illegal object in GetInstance: " + Platform.GetTypeName(obj)); + } + + /** + * return a UTC Time from a tagged object. + * + * @param taggedObject the tagged object holding the object we want + * @param declaredExplicit true if the object is meant to be explicitly tagged false otherwise. + * @exception ArgumentException if the tagged object cannot be converted. + */ + public static DerUtcTime GetInstance(Asn1TaggedObject taggedObject, bool declaredExplicit) + { + return (DerUtcTime)Meta.Instance.GetContextInstance(taggedObject, declaredExplicit); + } + + private readonly string time; + + /** + * The correct format for this is YYMMDDHHMMSSZ (it used to be that seconds were + * never encoded. When you're creating one of these objects from scratch, that's + * what you want to use, otherwise we'll try to deal with whatever Gets read from + * the input stream... (this is why the input format is different from the GetTime() + * method output). + *

+ * @param time the time string.

+ */ + public DerUtcTime(string time) + { + if (time == null) + throw new ArgumentNullException("time"); + + this.time = time; + + try + { + ToDateTime(); + } + catch (FormatException e) + { + throw new ArgumentException("invalid date string: " + e.Message); + } + } + + /** + * base constructor from a DateTime object + */ + public DerUtcTime(DateTime time) + { +#if PORTABLE + this.time = time.ToUniversalTime().ToString("yyMMddHHmmss", CultureInfo.InvariantCulture) + "Z"; +#else + this.time = time.ToString("yyMMddHHmmss", CultureInfo.InvariantCulture) + "Z"; +#endif + } + + internal DerUtcTime(byte[] contents) + { + // + // explicitly convert to characters + // + this.time = Strings.FromAsciiByteArray(contents); + } + +// public DateTime ToDateTime() +// { +// string tm = this.AdjustedTimeString; +// +// return new DateTime( +// Int16.Parse(tm.Substring(0, 4)), +// Int16.Parse(tm.Substring(4, 2)), +// Int16.Parse(tm.Substring(6, 2)), +// Int16.Parse(tm.Substring(8, 2)), +// Int16.Parse(tm.Substring(10, 2)), +// Int16.Parse(tm.Substring(12, 2))); +// } + + /** + * return the time as a date based on whatever a 2 digit year will return. For + * standardised processing use ToAdjustedDateTime(). + * + * @return the resulting date + * @exception ParseException if the date string cannot be parsed. + */ + public DateTime ToDateTime() + { + return ParseDateString(TimeString, @"yyMMddHHmmss'GMT'zzz"); + } + + /** + * return the time as an adjusted date + * in the range of 1950 - 2049. + * + * @return a date in the range of 1950 to 2049. + * @exception ParseException if the date string cannot be parsed. + */ + public DateTime ToAdjustedDateTime() + { + return ParseDateString(AdjustedTimeString, @"yyyyMMddHHmmss'GMT'zzz"); + } + + private DateTime ParseDateString(string dateStr, string formatStr) + { + DateTime dt = DateTime.ParseExact( + dateStr, + formatStr, + DateTimeFormatInfo.InvariantInfo); + + return dt.ToUniversalTime(); + } + + /** + * return the time - always in the form of + * YYMMDDhhmmssGMT(+hh:mm|-hh:mm). + *

+ * Normally in a certificate we would expect "Z" rather than "GMT", + * however adding the "GMT" means we can just use: + * 

+         *     dateF = new SimpleDateFormat("yyMMddHHmmssz");
+         *
+ * To read in the time and Get a date which is compatible with our local + * time zone.

+ *

+ * Note: In some cases, due to the local date processing, this + * may lead to unexpected results. If you want to stick the normal + * convention of 1950 to 2049 use the GetAdjustedTime() method.

+ */ + public string TimeString + { + get + { + // + // standardise the format. + // + if (time.IndexOf('-') < 0 && time.IndexOf('+') < 0) + { + if (time.Length == 11) + { + return time.Substring(0, 10) + "00GMT+00:00"; + } + else + { + return time.Substring(0, 12) + "GMT+00:00"; + } + } + else + { + int index = time.IndexOf('-'); + if (index < 0) + { + index = time.IndexOf('+'); + } + string d = time; + + if (index == time.Length - 3) + { + d += "00"; + } + + if (index == 10) + { + return d.Substring(0, 10) + "00GMT" + d.Substring(10, 3) + ":" + d.Substring(13, 2); + } + else + { + return d.Substring(0, 12) + "GMT" + d.Substring(12, 3) + ":" + d.Substring(15, 2); + } + } + } + } + + [Obsolete("Use 'AdjustedTimeString' property instead")] + public string AdjustedTime + { + get { return AdjustedTimeString; } + } + + /// + /// Return a time string as an adjusted date with a 4 digit year. + /// This goes in the range of 1950 - 2049. + /// + public string AdjustedTimeString + { + get + { + string d = TimeString; + string c = d[0] < '5' ? "20" : "19"; + + return c + d; + } + } + + private byte[] GetOctets() + { + return Strings.ToAsciiByteArray(time); + } + + internal override IAsn1Encoding GetEncoding(int encoding) + { + return new PrimitiveEncoding(Asn1Tags.Universal, Asn1Tags.UtcTime, GetOctets()); + } + + internal override IAsn1Encoding GetEncodingImplicit(int encoding, int tagClass, int tagNo) + { + return new PrimitiveEncoding(tagClass, tagNo, GetOctets()); + } + + protected override bool Asn1Equals(Asn1Object asn1Object) + { + DerUtcTime that = asn1Object as DerUtcTime; + return null != that + && this.time.Equals(that.time); + } + + protected override int Asn1GetHashCode() + { + return time.GetHashCode(); + } + + public override string ToString() + { + return time; + } + + internal static DerUtcTime CreatePrimitive(byte[] contents) + { + return new DerUtcTime(contents); + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/DerUTF8String.cs b/BouncyCastle/crypto/src/asn1/DerUTF8String.cs new file mode 100644 index 0000000..d15a19d --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/DerUTF8String.cs @@ -0,0 +1,122 @@ +using System; +using System.IO; + +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Asn1 +{ + /** + * Der UTF8String object. + */ + public class DerUtf8String + : DerStringBase + { + internal class Meta : Asn1UniversalType + { + internal static readonly Asn1UniversalType Instance = new Meta(); + + private Meta() : base(typeof(DerUtf8String), Asn1Tags.Utf8String) {} + + internal override Asn1Object FromImplicitPrimitive(DerOctetString octetString) + { + return CreatePrimitive(octetString.GetOctets()); + } + } + + /** + * return an UTF8 string from the passed in object. + * + * @exception ArgumentException if the object cannot be converted. + */ + public static DerUtf8String GetInstance(object obj) + { + if (obj == null || obj is DerUtf8String) + { + return (DerUtf8String)obj; + } + else if (obj is IAsn1Convertible) + { + Asn1Object asn1Object = ((IAsn1Convertible)obj).ToAsn1Object(); + if (asn1Object is DerUtf8String) + return (DerUtf8String)asn1Object; + } + else if (obj is byte[]) + { + try + { + return (DerUtf8String)Meta.Instance.FromByteArray((byte[])obj); + } + catch (IOException e) + { + throw new ArgumentException("failed to construct UTF8 string from byte[]: " + e.Message); + } + } + + throw new ArgumentException("illegal object in GetInstance: " + Platform.GetTypeName(obj)); + } + + /** + * return a UTF8 string from a tagged object. + * + * @param taggedObject the tagged object holding the object we want + * @param declaredExplicit true if the object is meant to be explicitly tagged false otherwise. + * @exception ArgumentException if the tagged object cannot be converted. + */ + public static DerUtf8String GetInstance(Asn1TaggedObject taggedObject, bool declaredExplicit) + { + return (DerUtf8String)Meta.Instance.GetContextInstance(taggedObject, declaredExplicit); + } + + private readonly byte[] m_contents; + + public DerUtf8String(string str) + : this(Strings.ToUtf8ByteArray(str), false) + { + } + + public DerUtf8String(byte[] contents) + : this(contents, true) + { + } + + internal DerUtf8String(byte[] contents, bool clone) + { + if (null == contents) + throw new ArgumentNullException("contents"); + + m_contents = clone ? Arrays.Clone(contents) : contents; + } + + public override string GetString() + { + return Strings.FromUtf8ByteArray(m_contents); + } + + protected override bool Asn1Equals(Asn1Object asn1Object) + { + DerUtf8String that = asn1Object as DerUtf8String; + return null != that + && Arrays.AreEqual(this.m_contents, that.m_contents); + } + + protected override int Asn1GetHashCode() + { + return Arrays.GetHashCode(m_contents); + } + + internal override IAsn1Encoding GetEncoding(int encoding) + { + return new PrimitiveEncoding(Asn1Tags.Universal, Asn1Tags.Utf8String, m_contents); + } + + internal override IAsn1Encoding GetEncodingImplicit(int encoding, int tagClass, int tagNo) + { + return new PrimitiveEncoding(tagClass, tagNo, m_contents); + } + + internal static DerUtf8String CreatePrimitive(byte[] contents) + { + return new DerUtf8String(contents, false); + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/DerUniversalString.cs b/BouncyCastle/crypto/src/asn1/DerUniversalString.cs new file mode 100644 index 0000000..e4e93bd --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/DerUniversalString.cs @@ -0,0 +1,172 @@ +using System; +using System.Diagnostics; +using System.IO; +using System.Text; + +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Asn1 +{ + /** + * UniversalString object. + */ + public class DerUniversalString + : DerStringBase + { + internal class Meta : Asn1UniversalType + { + internal static readonly Asn1UniversalType Instance = new Meta(); + + private Meta() : base(typeof(DerUniversalString), Asn1Tags.UniversalString) {} + + internal override Asn1Object FromImplicitPrimitive(DerOctetString octetString) + { + return CreatePrimitive(octetString.GetOctets()); + } + } + + private static readonly char[] table = { '0', '1', '2', '3', '4', '5', '6', '7', '8', '9', 'A', 'B', 'C', 'D', 'E', 'F' }; + + /** + * return a universal string from the passed in object. + * + * @exception ArgumentException if the object cannot be converted. + */ + public static DerUniversalString GetInstance( + object obj) + { + if (obj == null || obj is DerUniversalString) + { + return (DerUniversalString)obj; + } + else if (obj is IAsn1Convertible) + { + Asn1Object asn1Object = ((IAsn1Convertible)obj).ToAsn1Object(); + if (asn1Object is DerUniversalString) + return (DerUniversalString)asn1Object; + } + else if (obj is byte[]) + { + try + { + return (DerUniversalString)Meta.Instance.FromByteArray((byte[])obj); + } + catch (IOException e) + { + throw new ArgumentException("failed to construct universal string from byte[]: " + e.Message); + } + } + + throw new ArgumentException("illegal object in GetInstance: " + Platform.GetTypeName(obj)); + } + + /** + * return a universal string from a tagged object. + * + * @param taggedObject the tagged object holding the object we want + * @param declaredExplicit true if the object is meant to be explicitly tagged false otherwise. + * @exception ArgumentException if the tagged object cannot be converted. + */ + public static DerUniversalString GetInstance(Asn1TaggedObject taggedObject, bool declaredExplicit) + { + return (DerUniversalString)Meta.Instance.GetContextInstance(taggedObject, declaredExplicit); + } + + private readonly byte[] m_contents; + + public DerUniversalString(byte[] contents) + : this(contents, true) + { + } + + internal DerUniversalString(byte[] contents, bool clone) + { + if (null == contents) + throw new ArgumentNullException("contents"); + + m_contents = clone ? Arrays.Clone(contents) : contents; + } + + public override string GetString() + { + int dl = m_contents.Length; + int capacity = 3 + 2 * (Asn1OutputStream.GetLengthOfDL(dl) + dl); + StringBuilder buf = new StringBuilder("#1C", capacity); + EncodeHexDL(buf, dl); + + for (int i = 0; i < dl; ++i) + { + EncodeHexByte(buf, m_contents[i]); + } + + Debug.Assert(buf.Length == capacity); + return buf.ToString(); + } + + public byte[] GetOctets() + { + return Arrays.Clone(m_contents); + } + + internal override IAsn1Encoding GetEncoding(int encoding) + { + return new PrimitiveEncoding(Asn1Tags.Universal, Asn1Tags.UniversalString, m_contents); + } + + internal override IAsn1Encoding GetEncodingImplicit(int encoding, int tagClass, int tagNo) + { + return new PrimitiveEncoding(tagClass, tagNo, m_contents); + } + + protected override bool Asn1Equals(Asn1Object asn1Object) + { + DerUniversalString that = asn1Object as DerUniversalString; + return null != that + && Arrays.AreEqual(this.m_contents, that.m_contents); + } + + protected override int Asn1GetHashCode() + { + return Arrays.GetHashCode(m_contents); + } + + internal static DerUniversalString CreatePrimitive(byte[] contents) + { + return new DerUniversalString(contents, false); + } + + private static void EncodeHexByte(StringBuilder buf, int i) + { + buf.Append(table[(i >> 4) & 0xF]); + buf.Append(table[i & 0xF]); + } + + private static void EncodeHexDL(StringBuilder buf, int dl) + { + if (dl < 128) + { + EncodeHexByte(buf, dl); + return; + } + + byte[] stack = new byte[5]; + int pos = 5; + + do + { + stack[--pos] = (byte)dl; + dl >>= 8; + } + while (dl != 0); + + int count = stack.Length - pos; + stack[--pos] = (byte)(0x80 | count); + + do + { + EncodeHexByte(buf, stack[pos++]); + } + while (pos < stack.Length); + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/DerVideotexString.cs b/BouncyCastle/crypto/src/asn1/DerVideotexString.cs new file mode 100644 index 0000000..a5fbe06 --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/DerVideotexString.cs @@ -0,0 +1,122 @@ +using System; +using System.IO; + +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Asn1 +{ + public class DerVideotexString + : DerStringBase + { + internal class Meta : Asn1UniversalType + { + internal static readonly Asn1UniversalType Instance = new Meta(); + + private Meta() : base(typeof(DerVideotexString), Asn1Tags.VideotexString) {} + + internal override Asn1Object FromImplicitPrimitive(DerOctetString octetString) + { + return CreatePrimitive(octetString.GetOctets()); + } + } + + /** + * return a videotex string from the passed in object + * + * @param obj a DERVideotexString or an object that can be converted into one. + * @exception IllegalArgumentException if the object cannot be converted. + * @return a DERVideotexString instance, or null. + */ + public static DerVideotexString GetInstance(object obj) + { + if (obj == null || obj is DerVideotexString) + { + return (DerVideotexString)obj; + } + else if (obj is IAsn1Convertible) + { + Asn1Object asn1Object = ((IAsn1Convertible)obj).ToAsn1Object(); + if (asn1Object is DerVideotexString) + return (DerVideotexString)asn1Object; + } + else if (obj is byte[]) + { + try + { + return (DerVideotexString)Meta.Instance.FromByteArray((byte[])obj); + } + catch (IOException e) + { + throw new ArgumentException("failed to construct videotex string from byte[]: " + e.Message); + } + } + + throw new ArgumentException("illegal object in GetInstance: " + Platform.GetTypeName(obj), "obj"); + } + + /** + * return a videotex string from a tagged object. + * + * @param taggedObject the tagged object holding the object we want + * @param declaredExplicit true if the object is meant to be explicitly tagged false otherwise. + * @exception IllegalArgumentException if the tagged object cannot be converted. + * @return a DERVideotexString instance, or null. + */ + public static DerVideotexString GetInstance(Asn1TaggedObject taggedObject, bool declaredExplicit) + { + return (DerVideotexString)Meta.Instance.GetContextInstance(taggedObject, declaredExplicit); + } + + private readonly byte[] m_contents; + + public DerVideotexString(byte[] contents) + : this(contents, true) + { + } + + internal DerVideotexString(byte[] contents, bool clone) + { + if (null == contents) + throw new ArgumentNullException("contents"); + + m_contents = clone ? Arrays.Clone(contents) : contents; + } + + public override string GetString() + { + return Strings.FromByteArray(m_contents); + } + + public byte[] GetOctets() + { + return Arrays.Clone(m_contents); + } + + internal override IAsn1Encoding GetEncoding(int encoding) + { + return new PrimitiveEncoding(Asn1Tags.Universal, Asn1Tags.VideotexString, m_contents); + } + + internal override IAsn1Encoding GetEncodingImplicit(int encoding, int tagClass, int tagNo) + { + return new PrimitiveEncoding(tagClass, tagNo, m_contents); + } + + protected override bool Asn1Equals(Asn1Object asn1Object) + { + DerVideotexString that = asn1Object as DerVideotexString; + return null != that + && Arrays.AreEqual(this.m_contents, that.m_contents); + } + + protected override int Asn1GetHashCode() + { + return Arrays.GetHashCode(m_contents); + } + + internal static DerVideotexString CreatePrimitive(byte[] contents) + { + return new DerVideotexString(contents, false); + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/DerVisibleString.cs b/BouncyCastle/crypto/src/asn1/DerVisibleString.cs new file mode 100644 index 0000000..3593700 --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/DerVisibleString.cs @@ -0,0 +1,131 @@ +using System; +using System.IO; + +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Asn1 +{ + /** + * VisibleString object. + */ + public class DerVisibleString + : DerStringBase + { + internal class Meta : Asn1UniversalType + { + internal static readonly Asn1UniversalType Instance = new Meta(); + + private Meta() : base(typeof(DerVisibleString), Asn1Tags.VisibleString) {} + + internal override Asn1Object FromImplicitPrimitive(DerOctetString octetString) + { + return CreatePrimitive(octetString.GetOctets()); + } + } + + /** + * return a visible string from the passed in object. + * + * @exception ArgumentException if the object cannot be converted. + */ + public static DerVisibleString GetInstance( + object obj) + { + if (obj == null || obj is DerVisibleString) + { + return (DerVisibleString)obj; + } + else if (obj is IAsn1Convertible) + { + Asn1Object asn1Object = ((IAsn1Convertible)obj).ToAsn1Object(); + if (asn1Object is DerVisibleString) + return (DerVisibleString)asn1Object; + } + else if (obj is byte[]) + { + try + { + return (DerVisibleString)Meta.Instance.FromByteArray((byte[])obj); + } + catch (IOException e) + { + throw new ArgumentException("failed to construct visible string from byte[]: " + e.Message); + } + } + + throw new ArgumentException("illegal object in GetInstance: " + Platform.GetTypeName(obj)); + } + + /** + * return a visible string from a tagged object. + * + * @param taggedObject the tagged object holding the object we want + * @param declaredExplicit true if the object is meant to be explicitly tagged false otherwise. + * @exception ArgumentException if the tagged object cannot be converted. + */ + public static DerVisibleString GetInstance(Asn1TaggedObject taggedObject, bool declaredExplicit) + { + return (DerVisibleString)Meta.Instance.GetContextInstance(taggedObject, declaredExplicit); + } + + private readonly byte[] m_contents; + + public DerVisibleString(string str) + { + if (str == null) + throw new ArgumentNullException("str"); + + m_contents = Strings.ToAsciiByteArray(str); + } + + public DerVisibleString(byte[] contents) + : this(contents, true) + { + } + + internal DerVisibleString(byte[] contents, bool clone) + { + if (null == contents) + throw new ArgumentNullException("contents"); + + m_contents = clone ? Arrays.Clone(contents) : contents; + } + + public override string GetString() + { + return Strings.FromAsciiByteArray(m_contents); + } + + public byte[] GetOctets() + { + return Arrays.Clone(m_contents); + } + + internal override IAsn1Encoding GetEncoding(int encoding) + { + return new PrimitiveEncoding(Asn1Tags.Universal, Asn1Tags.VisibleString, m_contents); + } + + internal override IAsn1Encoding GetEncodingImplicit(int encoding, int tagClass, int tagNo) + { + return new PrimitiveEncoding(tagClass, tagNo, m_contents); + } + + protected override bool Asn1Equals(Asn1Object asn1Object) + { + DerVisibleString that = asn1Object as DerVisibleString; + return null != that + && Arrays.AreEqual(this.m_contents, that.m_contents); + } + + protected override int Asn1GetHashCode() + { + return Arrays.GetHashCode(m_contents); + } + + internal static DerVisibleString CreatePrimitive(byte[] contents) + { + return new DerVisibleString(contents, false); + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/IAsn1ApplicationSpecificParser.cs b/BouncyCastle/crypto/src/asn1/IAsn1ApplicationSpecificParser.cs new file mode 100644 index 0000000..f8dec27 --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/IAsn1ApplicationSpecificParser.cs @@ -0,0 +1,11 @@ +using System; + +namespace Org.BouncyCastle.Asn1 +{ + [Obsolete("Test for Asn1TaggedObjectParser with TagClass of Asn1Tags.Application instead")] + public interface IAsn1ApplicationSpecificParser + : Asn1TaggedObjectParser + { + IAsn1Convertible ReadObject(); + } +} diff --git a/BouncyCastle/crypto/src/asn1/IAsn1Choice.cs b/BouncyCastle/crypto/src/asn1/IAsn1Choice.cs new file mode 100644 index 0000000..ecd76e4 --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/IAsn1Choice.cs @@ -0,0 +1,17 @@ + +namespace Org.BouncyCastle.Asn1 +{ + /** + * Marker interface for CHOICE objects - if you implement this in a roll-your-own + * object, any attempt to tag the object implicitly will convert the tag to an + * explicit one as the encoding rules require. + *

+ * If you use this interface your class should also implement the getInstance + * pattern which takes a tag object and the tagging mode used. + *

+ */ + public interface IAsn1Choice + { + // marker interface + } +} diff --git a/BouncyCastle/crypto/src/asn1/IAsn1Convertible.cs b/BouncyCastle/crypto/src/asn1/IAsn1Convertible.cs new file mode 100644 index 0000000..d3f83af --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/IAsn1Convertible.cs @@ -0,0 +1,7 @@ +namespace Org.BouncyCastle.Asn1 +{ + public interface IAsn1Convertible + { + Asn1Object ToAsn1Object(); + } +} diff --git a/BouncyCastle/crypto/src/asn1/IAsn1Encoding.cs b/BouncyCastle/crypto/src/asn1/IAsn1Encoding.cs new file mode 100644 index 0000000..557064a --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/IAsn1Encoding.cs @@ -0,0 +1,11 @@ +using System; + +namespace Org.BouncyCastle.Asn1 +{ + internal interface IAsn1Encoding + { + void Encode(Asn1OutputStream asn1Out); + + int GetLength(); + } +} diff --git a/BouncyCastle/crypto/src/asn1/IAsn1String.cs b/BouncyCastle/crypto/src/asn1/IAsn1String.cs new file mode 100644 index 0000000..cbc2635 --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/IAsn1String.cs @@ -0,0 +1,10 @@ +namespace Org.BouncyCastle.Asn1 +{ + /** + * basic interface for Der string objects. + */ + public interface IAsn1String + { + string GetString(); + } +} diff --git a/BouncyCastle/crypto/src/asn1/IndefiniteLengthInputStream.cs b/BouncyCastle/crypto/src/asn1/IndefiniteLengthInputStream.cs new file mode 100644 index 0000000..1c8bd9a --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/IndefiniteLengthInputStream.cs @@ -0,0 +1,85 @@ +using System; +using System.IO; + +namespace Org.BouncyCastle.Asn1 +{ + class IndefiniteLengthInputStream + : LimitedInputStream + { + private int _lookAhead; + private bool _eofOn00 = true; + + internal IndefiniteLengthInputStream(Stream inStream, int limit) + : base(inStream, limit) + { + _lookAhead = RequireByte(); + + if (0 == _lookAhead) + { + CheckEndOfContents(); + } + } + + internal void SetEofOn00(bool eofOn00) + { + _eofOn00 = eofOn00; + if (_eofOn00 && 0 == _lookAhead) + { + CheckEndOfContents(); + } + } + + private void CheckEndOfContents() + { + if (0 != RequireByte()) + throw new IOException("malformed end-of-contents marker"); + + _lookAhead = -1; + SetParentEofDetect(); + } + + public override int Read(byte[] buffer, int offset, int count) + { + // Only use this optimisation if we aren't checking for 00 + if (_eofOn00 || count <= 1) + return base.Read(buffer, offset, count); + + if (_lookAhead < 0) + return 0; + + int numRead = _in.Read(buffer, offset + 1, count - 1); + if (numRead <= 0) + throw new EndOfStreamException(); + + buffer[offset] = (byte)_lookAhead; + _lookAhead = RequireByte(); + + return numRead + 1; + } + + public override int ReadByte() + { + if (_eofOn00 && _lookAhead <= 0) + { + if (0 == _lookAhead) + { + CheckEndOfContents(); + } + return -1; + } + + int result = _lookAhead; + _lookAhead = RequireByte(); + return result; + } + + private int RequireByte() + { + int b = _in.ReadByte(); + if (b < 0) + throw new EndOfStreamException(); + + return b; + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/LazyASN1InputStream.cs b/BouncyCastle/crypto/src/asn1/LazyASN1InputStream.cs new file mode 100644 index 0000000..8dfbba1 --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/LazyASN1InputStream.cs @@ -0,0 +1,43 @@ +using System; +using System.IO; + +namespace Org.BouncyCastle.Asn1 +{ + public class LazyAsn1InputStream + : Asn1InputStream + { + public LazyAsn1InputStream(byte[] input) + : base(input) + { + } + + public LazyAsn1InputStream(Stream inputStream) + : base(inputStream) + { + } + + internal LazyAsn1InputStream(Stream input, int limit, byte[][] tmpBuffers) + : base(input, limit, tmpBuffers) + { + } + + internal override Asn1Sequence CreateDLSequence(DefiniteLengthInputStream defIn) + { + return new LazyDLSequence(defIn.ToArray()); + } + + internal override Asn1Set CreateDLSet(DefiniteLengthInputStream defIn) + { + return new LazyDLSet(defIn.ToArray()); + } + + internal override Asn1EncodableVector ReadVector(DefiniteLengthInputStream defIn) + { + int remaining = defIn.Remaining; + if (remaining < 1) + return new Asn1EncodableVector(0); + + return new LazyAsn1InputStream(defIn, remaining, tmpBuffers).ReadVector(); + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/LazyDLEnumerator.cs b/BouncyCastle/crypto/src/asn1/LazyDLEnumerator.cs new file mode 100644 index 0000000..efe383e --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/LazyDLEnumerator.cs @@ -0,0 +1,56 @@ +using System; +using System.Collections; +using System.IO; + +namespace Org.BouncyCastle.Asn1 +{ + internal class LazyDLEnumerator + : IEnumerator + { + private readonly byte[] m_contents; + + private Asn1InputStream m_input; + private Asn1Object m_current; + + internal LazyDLEnumerator(byte[] contents) + { + this.m_contents = contents; + + Reset(); + } + + public object Current + { + get + { + if (null == m_current) + throw new InvalidOperationException(); + + return m_current; + } + } + + public bool MoveNext() + { + return null != (this.m_current = ReadObject()); + } + + public void Reset() + { + this.m_input = new LazyAsn1InputStream(m_contents); + this.m_current = null; + } + + private Asn1Object ReadObject() + { + try + { + return m_input.ReadObject(); + } + catch (IOException e) + { + throw new Asn1ParsingException("malformed ASN.1: " + e.Message, e); + } + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/LazyDLSequence.cs b/BouncyCastle/crypto/src/asn1/LazyDLSequence.cs new file mode 100644 index 0000000..96b9bbc --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/LazyDLSequence.cs @@ -0,0 +1,125 @@ +using System; +using System.Collections; +using System.IO; + +namespace Org.BouncyCastle.Asn1 +{ + internal class LazyDLSequence + : DLSequence + { + private byte[] encoded; + + internal LazyDLSequence(byte[] encoded) + : base() + { + if (null == encoded) + throw new ArgumentNullException("encoded"); + + this.encoded = encoded; + } + + public override Asn1Encodable this[int index] + { + get + { + Force(); + + return base[index]; + } + } + + public override IEnumerator GetEnumerator() + { + byte[] encoded = GetContents(); + if (null != encoded) + { + return new LazyDLEnumerator(encoded); + } + + return base.GetEnumerator(); + } + + public override int Count + { + get + { + Force(); + + return base.Count; + } + } + + public override Asn1Encodable[] ToArray() + { + Force(); + + return base.ToArray(); + } + + public override string ToString() + { + Force(); + + return base.ToString(); + } + + internal override IAsn1Encoding GetEncoding(int encoding) + { + if (Asn1OutputStream.EncodingBer == encoding) + { + byte[] encoded = GetContents(); + if (encoded != null) + return new ConstructedLazyDLEncoding(Asn1Tags.Universal, Asn1Tags.Sequence, encoded); + } + else + { + Force(); + } + + return base.GetEncoding(encoding); + } + + internal override IAsn1Encoding GetEncodingImplicit(int encoding, int tagClass, int tagNo) + { + if (Asn1OutputStream.EncodingBer == encoding) + { + byte[] encoded = GetContents(); + if (encoded != null) + return new ConstructedLazyDLEncoding(tagClass, tagNo, encoded); + } + else + { + Force(); + } + + return base.GetEncodingImplicit(encoding, tagClass, tagNo); + } + + private void Force() + { + lock (this) + { + if (null != encoded) + { + Asn1InputStream input = new LazyAsn1InputStream(encoded); + try + { + Asn1EncodableVector v = input.ReadVector(); + + this.elements = v.TakeElements(); + this.encoded = null; + } + catch (IOException e) + { + throw new Asn1ParsingException("malformed ASN.1: " + e.Message, e); + } + } + } + } + + private byte[] GetContents() + { + lock (this) return encoded; + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/LazyDLSet.cs b/BouncyCastle/crypto/src/asn1/LazyDLSet.cs new file mode 100644 index 0000000..5512005 --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/LazyDLSet.cs @@ -0,0 +1,124 @@ +using System; +using System.Collections; +using System.IO; + +namespace Org.BouncyCastle.Asn1 +{ + internal class LazyDLSet + : DLSet + { + private byte[] encoded; + + internal LazyDLSet(byte[] encoded) + : base() + { + if (null == encoded) + throw new ArgumentNullException("encoded"); + + this.encoded = encoded; + } + + public override Asn1Encodable this[int index] + { + get + { + Force(); + + return base[index]; + } + } + + public override IEnumerator GetEnumerator() + { + byte[] encoded = GetContents(); + if (null != encoded) + return new LazyDLEnumerator(encoded); + + return base.GetEnumerator(); + } + + public override int Count + { + get + { + Force(); + + return base.Count; + } + } + + public override Asn1Encodable[] ToArray() + { + Force(); + + return base.ToArray(); + } + + public override string ToString() + { + Force(); + + return base.ToString(); + } + + internal override IAsn1Encoding GetEncoding(int encoding) + { + if (Asn1OutputStream.EncodingBer == encoding) + { + byte[] encoded = GetContents(); + if (null != encoded) + return new ConstructedLazyDLEncoding(Asn1Tags.Universal, Asn1Tags.Set, encoded); + } + else + { + Force(); + } + + return base.GetEncoding(encoding); + } + + internal override IAsn1Encoding GetEncodingImplicit(int encoding, int tagClass, int tagNo) + { + if (Asn1OutputStream.EncodingBer == encoding) + { + byte[] encoded = GetContents(); + if (null != encoded) + return new ConstructedLazyDLEncoding(tagClass, tagNo, encoded); + } + else + { + Force(); + } + + return base.GetEncodingImplicit(encoding, tagClass, tagNo); + } + + private void Force() + { + lock (this) + { + if (null != encoded) + { + Asn1InputStream input = new LazyAsn1InputStream(encoded); + try + { + Asn1EncodableVector v = input.ReadVector(); + + this.elements = v.TakeElements(); + this.isSorted = elements.Length < 2; + this.encoded = null; + } + catch (IOException e) + { + throw new Asn1ParsingException("malformed ASN.1: " + e.Message, e); + } + } + } + } + + private byte[] GetContents() + { + lock (this) return encoded; + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/LimitedInputStream.cs b/BouncyCastle/crypto/src/asn1/LimitedInputStream.cs new file mode 100644 index 0000000..95bf0b6 --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/LimitedInputStream.cs @@ -0,0 +1,32 @@ +using System.IO; + +using Org.BouncyCastle.Utilities.IO; + +namespace Org.BouncyCastle.Asn1 +{ + internal abstract class LimitedInputStream + : BaseInputStream + { + protected readonly Stream _in; + private int _limit; + + internal LimitedInputStream(Stream inStream, int limit) + { + this._in = inStream; + this._limit = limit; + } + + internal virtual int Limit + { + get { return _limit; } + } + + protected void SetParentEofDetect() + { + if (_in is IndefiniteLengthInputStream) + { + ((IndefiniteLengthInputStream)_in).SetEofOn00(true); + } + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/OidTokenizer.cs b/BouncyCastle/crypto/src/asn1/OidTokenizer.cs new file mode 100644 index 0000000..6e76e8c --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/OidTokenizer.cs @@ -0,0 +1,45 @@ +namespace Org.BouncyCastle.Asn1 +{ + /** + * class for breaking up an Oid into it's component tokens, ala + * java.util.StringTokenizer. We need this class as some of the + * lightweight Java environment don't support classes like + * StringTokenizer. + */ + public class OidTokenizer + { + private string oid; + private int index; + + public OidTokenizer( + string oid) + { + this.oid = oid; + } + + public bool HasMoreTokens + { + get { return index != -1; } + } + + public string NextToken() + { + if (index == -1) + { + return null; + } + + int end = oid.IndexOf('.', index); + if (end == -1) + { + string lastToken = oid.Substring(index); + index = -1; + return lastToken; + } + + string nextToken = oid.Substring(index, end - index); + index = end + 1; + return nextToken; + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/PrimitiveEncoding.cs b/BouncyCastle/crypto/src/asn1/PrimitiveEncoding.cs new file mode 100644 index 0000000..72c3219 --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/PrimitiveEncoding.cs @@ -0,0 +1,33 @@ +using System; + +namespace Org.BouncyCastle.Asn1 +{ + internal class PrimitiveEncoding + : IAsn1Encoding + { + private readonly int m_tagClass; + private readonly int m_tagNo; + private readonly byte[] m_contentsOctets; + + internal PrimitiveEncoding(int tagClass, int tagNo, byte[] contentsOctets) + { + m_tagClass = tagClass; + m_tagNo = tagNo; + m_contentsOctets = contentsOctets; + } + + void IAsn1Encoding.Encode(Asn1OutputStream asn1Out) + { + asn1Out.WriteIdentifier(m_tagClass, m_tagNo); + asn1Out.WriteDL(m_contentsOctets.Length); + asn1Out.Write(m_contentsOctets, 0, m_contentsOctets.Length); + } + + int IAsn1Encoding.GetLength() + { + return Asn1OutputStream.GetLengthOfIdentifier(m_tagNo) + + Asn1OutputStream.GetLengthOfDL(m_contentsOctets.Length) + + m_contentsOctets.Length; + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/PrimitiveEncodingSuffixed.cs b/BouncyCastle/crypto/src/asn1/PrimitiveEncodingSuffixed.cs new file mode 100644 index 0000000..ef0ef49 --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/PrimitiveEncodingSuffixed.cs @@ -0,0 +1,36 @@ +using System; + +namespace Org.BouncyCastle.Asn1 +{ + internal class PrimitiveEncodingSuffixed + : IAsn1Encoding + { + private readonly int m_tagClass; + private readonly int m_tagNo; + private readonly byte[] m_contentsOctets; + private readonly byte m_contentsSuffix; + + internal PrimitiveEncodingSuffixed(int tagClass, int tagNo, byte[] contentsOctets, byte contentsSuffix) + { + m_tagClass = tagClass; + m_tagNo = tagNo; + m_contentsOctets = contentsOctets; + m_contentsSuffix = contentsSuffix; + } + + void IAsn1Encoding.Encode(Asn1OutputStream asn1Out) + { + asn1Out.WriteIdentifier(m_tagClass, m_tagNo); + asn1Out.WriteDL(m_contentsOctets.Length); + asn1Out.Write(m_contentsOctets, 0, m_contentsOctets.Length - 1); + asn1Out.WriteByte(m_contentsSuffix); + } + + int IAsn1Encoding.GetLength() + { + return Asn1OutputStream.GetLengthOfIdentifier(m_tagNo) + + Asn1OutputStream.GetLengthOfDL(m_contentsOctets.Length) + + m_contentsOctets.Length; + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/anssi/ANSSINamedCurves.cs b/BouncyCastle/crypto/src/asn1/anssi/ANSSINamedCurves.cs new file mode 100644 index 0000000..3a9e4dd --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/anssi/ANSSINamedCurves.cs @@ -0,0 +1,144 @@ +using System; +using System.Collections; + +using Org.BouncyCastle.Asn1.X9; +using Org.BouncyCastle.Math; +using Org.BouncyCastle.Math.EC; +using Org.BouncyCastle.Math.EC.Multiplier; +using Org.BouncyCastle.Utilities; +using Org.BouncyCastle.Utilities.Collections; +using Org.BouncyCastle.Utilities.Encoders; + +namespace Org.BouncyCastle.Asn1.Anssi +{ + public class AnssiNamedCurves + { + private static X9ECPoint ConfigureBasepoint(ECCurve curve, string encoding) + { + X9ECPoint G = new X9ECPoint(curve, Hex.DecodeStrict(encoding)); + WNafUtilities.ConfigureBasepoint(G.Point); + return G; + } + + private static ECCurve ConfigureCurve(ECCurve curve) + { + return curve; + } + + private static BigInteger FromHex(string hex) + { + return new BigInteger(1, Hex.DecodeStrict(hex)); + } + + /* + * FRP256v1 + */ + internal class Frp256v1Holder + : X9ECParametersHolder + { + private Frp256v1Holder() {} + + internal static readonly X9ECParametersHolder Instance = new Frp256v1Holder(); + + protected override ECCurve CreateCurve() + { + BigInteger p = FromHex("F1FD178C0B3AD58F10126DE8CE42435B3961ADBCABC8CA6DE8FCF353D86E9C03"); + BigInteger a = FromHex("F1FD178C0B3AD58F10126DE8CE42435B3961ADBCABC8CA6DE8FCF353D86E9C00"); + BigInteger b = FromHex("EE353FCA5428A9300D4ABA754A44C00FDFEC0C9AE4B1A1803075ED967B7BB73F"); + BigInteger n = FromHex("F1FD178C0B3AD58F10126DE8CE42435B53DC67E140D2BF941FFDD459C6D655E1"); + BigInteger h = BigInteger.One; + + return ConfigureCurve(new FpCurve(p, a, b, n, h, true)); + } + + protected override X9ECParameters CreateParameters() + { + byte[] S = null; + ECCurve curve = Curve; + + X9ECPoint G = ConfigureBasepoint(curve, + "04B6B3D4C356C139EB31183D4749D423958C27D2DCAF98B70164C97A2DD98F5CFF6142E0F7C8B204911F9271F0F3ECEF8C2701C307E8E4C9E183115A1554062CFB"); + + return new X9ECParameters(curve, G, curve.Order, curve.Cofactor, S); + } + } + + private static readonly IDictionary objIds = Platform.CreateHashtable(); + private static readonly IDictionary curves = Platform.CreateHashtable(); + private static readonly IDictionary names = Platform.CreateHashtable(); + + private static void DefineCurve( + string name, + DerObjectIdentifier oid, + X9ECParametersHolder holder) + { + objIds.Add(Platform.ToUpperInvariant(name), oid); + names.Add(oid, name); + curves.Add(oid, holder); + } + + static AnssiNamedCurves() + { + DefineCurve("FRP256v1", AnssiObjectIdentifiers.FRP256v1, Frp256v1Holder.Instance); + } + + public static X9ECParameters GetByName(string name) + { + DerObjectIdentifier oid = GetOid(name); + return oid == null ? null : GetByOid(oid); + } + + public static X9ECParametersHolder GetByNameLazy(string name) + { + DerObjectIdentifier oid = GetOid(name); + return oid == null ? null : GetByOidLazy(oid); + } + + /** + * return the X9ECParameters object for the named curve represented by + * the passed in object identifier. Null if the curve isn't present. + * + * @param oid an object identifier representing a named curve, if present. + */ + public static X9ECParameters GetByOid(DerObjectIdentifier oid) + { + X9ECParametersHolder holder = GetByOidLazy(oid); + return holder == null ? null : holder.Parameters; + } + + public static X9ECParametersHolder GetByOidLazy(DerObjectIdentifier oid) + { + return (X9ECParametersHolder)curves[oid]; + } + + /** + * return the object identifier signified by the passed in name. Null + * if there is no object identifier associated with name. + * + * @return the object identifier associated with name, if present. + */ + public static DerObjectIdentifier GetOid( + string name) + { + return (DerObjectIdentifier)objIds[Platform.ToUpperInvariant(name)]; + } + + /** + * return the named curve name represented by the given object identifier. + */ + public static string GetName( + DerObjectIdentifier oid) + { + return (string)names[oid]; + } + + /** + * returns an enumeration containing the name strings for curves + * contained in this structure. + */ + public static IEnumerable Names + { + get { return new EnumerableProxy(names.Values); } + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/anssi/ANSSIObjectIdentifiers.cs b/BouncyCastle/crypto/src/asn1/anssi/ANSSIObjectIdentifiers.cs new file mode 100644 index 0000000..d230832 --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/anssi/ANSSIObjectIdentifiers.cs @@ -0,0 +1,13 @@ +using System; + +namespace Org.BouncyCastle.Asn1.Anssi +{ + public sealed class AnssiObjectIdentifiers + { + private AnssiObjectIdentifiers() + { + } + + public static readonly DerObjectIdentifier FRP256v1 = new DerObjectIdentifier("1.2.250.1.223.101.256.1"); + } +} diff --git a/BouncyCastle/crypto/src/asn1/bc/BCObjectIdentifiers.cs b/BouncyCastle/crypto/src/asn1/bc/BCObjectIdentifiers.cs new file mode 100644 index 0000000..7266e4b --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/bc/BCObjectIdentifiers.cs @@ -0,0 +1,135 @@ +using System; + +namespace Org.BouncyCastle.Asn1.BC +{ + public abstract class BCObjectIdentifiers + { + /** + * iso.org.dod.internet.private.enterprise.legion-of-the-bouncy-castle + *

1.3.6.1.4.1.22554

+ */ + public static readonly DerObjectIdentifier bc = new DerObjectIdentifier("1.3.6.1.4.1.22554"); + + /** + * pbe(1) algorithms + *

1.3.6.1.4.1.22554.1

+ */ + public static readonly DerObjectIdentifier bc_pbe = bc.Branch("1"); + + /** + * SHA-1(1) + *

1.3.6.1.4.1.22554.1.1

+ */ + public static readonly DerObjectIdentifier bc_pbe_sha1 = bc_pbe.Branch("1"); + + /** SHA-2.SHA-256; 1.3.6.1.4.1.22554.1.2.1 */ + public static readonly DerObjectIdentifier bc_pbe_sha256 = bc_pbe.Branch("2.1"); + /** SHA-2.SHA-384; 1.3.6.1.4.1.22554.1.2.2 */ + public static readonly DerObjectIdentifier bc_pbe_sha384 = bc_pbe.Branch("2.2"); + /** SHA-2.SHA-512; 1.3.6.1.4.1.22554.1.2.3 */ + public static readonly DerObjectIdentifier bc_pbe_sha512 = bc_pbe.Branch("2.3"); + /** SHA-2.SHA-224; 1.3.6.1.4.1.22554.1.2.4 */ + public static readonly DerObjectIdentifier bc_pbe_sha224 = bc_pbe.Branch("2.4"); + + /** + * PKCS-5(1)|PKCS-12(2) + */ + /** SHA-1.PKCS5; 1.3.6.1.4.1.22554.1.1.1 */ + public static readonly DerObjectIdentifier bc_pbe_sha1_pkcs5 = bc_pbe_sha1.Branch("1"); + /** SHA-1.PKCS12; 1.3.6.1.4.1.22554.1.1.2 */ + public static readonly DerObjectIdentifier bc_pbe_sha1_pkcs12 = bc_pbe_sha1.Branch("2"); + + /** SHA-256.PKCS12; 1.3.6.1.4.1.22554.1.2.1.1 */ + public static readonly DerObjectIdentifier bc_pbe_sha256_pkcs5 = bc_pbe_sha256.Branch("1"); + /** SHA-256.PKCS12; 1.3.6.1.4.1.22554.1.2.1.2 */ + public static readonly DerObjectIdentifier bc_pbe_sha256_pkcs12 = bc_pbe_sha256.Branch("2"); + + /** + * AES(1) . (CBC-128(2)|CBC-192(22)|CBC-256(42)) + */ + /** 1.3.6.1.4.1.22554.1.1.2.1.2 */ + public static readonly DerObjectIdentifier bc_pbe_sha1_pkcs12_aes128_cbc = bc_pbe_sha1_pkcs12.Branch("1.2"); + /** 1.3.6.1.4.1.22554.1.1.2.1.22 */ + public static readonly DerObjectIdentifier bc_pbe_sha1_pkcs12_aes192_cbc = bc_pbe_sha1_pkcs12.Branch("1.22"); + /** 1.3.6.1.4.1.22554.1.1.2.1.42 */ + public static readonly DerObjectIdentifier bc_pbe_sha1_pkcs12_aes256_cbc = bc_pbe_sha1_pkcs12.Branch("1.42"); + + /** 1.3.6.1.4.1.22554.1.1.2.2.2 */ + public static readonly DerObjectIdentifier bc_pbe_sha256_pkcs12_aes128_cbc = bc_pbe_sha256_pkcs12.Branch("1.2"); + /** 1.3.6.1.4.1.22554.1.1.2.2.22 */ + public static readonly DerObjectIdentifier bc_pbe_sha256_pkcs12_aes192_cbc = bc_pbe_sha256_pkcs12.Branch("1.22"); + /** 1.3.6.1.4.1.22554.1.1.2.2.42 */ + public static readonly DerObjectIdentifier bc_pbe_sha256_pkcs12_aes256_cbc = bc_pbe_sha256_pkcs12.Branch("1.42"); + + /** + * signature(2) algorithms + */ + public static readonly DerObjectIdentifier bc_sig = bc.Branch("2"); + + /** + * Sphincs-256 + */ + public static readonly DerObjectIdentifier sphincs256 = bc_sig.Branch("1"); + public static readonly DerObjectIdentifier sphincs256_with_BLAKE512 = sphincs256.Branch("1"); + public static readonly DerObjectIdentifier sphincs256_with_SHA512 = sphincs256.Branch("2"); + public static readonly DerObjectIdentifier sphincs256_with_SHA3_512 = sphincs256.Branch("3"); + + /** + * XMSS + */ + public static readonly DerObjectIdentifier xmss = bc_sig.Branch("2"); + public static readonly DerObjectIdentifier xmss_with_SHA256 = xmss.Branch("1"); + public static readonly DerObjectIdentifier xmss_with_SHA512 = xmss.Branch("2"); + public static readonly DerObjectIdentifier xmss_with_SHAKE128 = xmss.Branch("3"); + public static readonly DerObjectIdentifier xmss_with_SHAKE256 = xmss.Branch("4"); + + /** + * XMSS^MT + */ + public static readonly DerObjectIdentifier xmss_mt = bc_sig.Branch("3"); + public static readonly DerObjectIdentifier xmss_mt_with_SHA256 = xmss_mt.Branch("1"); + public static readonly DerObjectIdentifier xmss_mt_with_SHA512 = xmss_mt.Branch("2"); + public static readonly DerObjectIdentifier xmss_mt_with_SHAKE128 = xmss_mt.Branch("3"); + public static readonly DerObjectIdentifier xmss_mt_with_SHAKE256 = xmss_mt.Branch("4"); + + /** + * key_exchange(3) algorithms + */ + public static readonly DerObjectIdentifier bc_exch = bc.Branch("3"); + + /** + * NewHope + */ + public static readonly DerObjectIdentifier newHope = bc_exch.Branch("1"); + + /** + * X.509 extension(4) values + *

+ * 1.3.6.1.4.1.22554.4 + */ + public static readonly DerObjectIdentifier bc_ext = bc.Branch("4"); + + public static readonly DerObjectIdentifier linkedCertificate = bc_ext.Branch("1"); + + /** + * KEM(4) algorithms + */ + public static readonly DerObjectIdentifier bc_kem = bc.Branch("5"); + + /** + * Classic McEliece + */ + public static readonly DerObjectIdentifier pqc_kem_mceliece = bc_kem.Branch("1"); + + public static readonly DerObjectIdentifier mceliece348864_r3 = pqc_kem_mceliece.Branch("1"); + public static readonly DerObjectIdentifier mceliece348864f_r3 = pqc_kem_mceliece.Branch("2"); + public static readonly DerObjectIdentifier mceliece460896_r3 = pqc_kem_mceliece.Branch("3"); + public static readonly DerObjectIdentifier mceliece460896f_r3 = pqc_kem_mceliece.Branch("4"); + public static readonly DerObjectIdentifier mceliece6688128_r3 = pqc_kem_mceliece.Branch("5"); + public static readonly DerObjectIdentifier mceliece6688128f_r3 = pqc_kem_mceliece.Branch("6"); + public static readonly DerObjectIdentifier mceliece6960119_r3 = pqc_kem_mceliece.Branch("7"); + public static readonly DerObjectIdentifier mceliece6960119f_r3 = pqc_kem_mceliece.Branch("8"); + public static readonly DerObjectIdentifier mceliece8192128_r3 = pqc_kem_mceliece.Branch("9"); + public static readonly DerObjectIdentifier mceliece8192128f_r3 = pqc_kem_mceliece.Branch("10"); + } +} diff --git a/BouncyCastle/crypto/src/asn1/bc/LinkedCertificate.cs b/BouncyCastle/crypto/src/asn1/bc/LinkedCertificate.cs new file mode 100644 index 0000000..c8d05d8 --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/bc/LinkedCertificate.cs @@ -0,0 +1,100 @@ +using System; + +using Org.BouncyCastle.Asn1.X509; + +namespace Org.BouncyCastle.Asn1.BC +{ + /** + * Extension to tie an alternate certificate to the containing certificate. + * 

+     *     LinkedCertificate := SEQUENCE {
+     *         digest        DigestInfo,                   -- digest of PQC certificate
+     *         certLocation  GeneralName,                  -- location of PQC certificate
+     *         certIssuer    [0] Name OPTIONAL,            -- issuer of PQC cert (if different from current certificate)
+     *         cACerts       [1] GeneralNames OPTIONAL,    -- CA certificates for PQC cert (one of more locations)
+     * }
+     *
+ */ + public class LinkedCertificate + : Asn1Encodable + { + private readonly DigestInfo mDigest; + private readonly GeneralName mCertLocation; + + private X509Name mCertIssuer; + private GeneralNames mCACerts; + + public LinkedCertificate(DigestInfo digest, GeneralName certLocation) + : this(digest, certLocation, null, null) + { + } + + public LinkedCertificate(DigestInfo digest, GeneralName certLocation, X509Name certIssuer, GeneralNames caCerts) + { + this.mDigest = digest; + this.mCertLocation = certLocation; + this.mCertIssuer = certIssuer; + this.mCACerts = caCerts; + } + + private LinkedCertificate(Asn1Sequence seq) + { + this.mDigest = DigestInfo.GetInstance(seq[0]); + this.mCertLocation = GeneralName.GetInstance(seq[1]); + + for (int i = 2; i < seq.Count; ++i) + { + Asn1TaggedObject tagged = Asn1TaggedObject.GetInstance(seq[i]); + + switch (tagged.TagNo) + { + case 0: + this.mCertIssuer = X509Name.GetInstance(tagged, false); + break; + case 1: + this.mCACerts = GeneralNames.GetInstance(tagged, false); + break; + default: + throw new ArgumentException("unknown tag in tagged field"); + } + } + } + + public static LinkedCertificate GetInstance(object obj) + { + if (obj is LinkedCertificate) + return (LinkedCertificate)obj; + if (obj != null) + return new LinkedCertificate(Asn1Sequence.GetInstance(obj)); + return null; + } + + public virtual DigestInfo Digest + { + get { return mDigest; } + } + + public virtual GeneralName CertLocation + { + get { return mCertLocation; } + } + + public virtual X509Name CertIssuer + { + get { return mCertIssuer; } + } + + public virtual GeneralNames CACerts + { + get { return mCACerts; } + } + + public override Asn1Object ToAsn1Object() + { + Asn1EncodableVector v = new Asn1EncodableVector(mDigest, mCertLocation); + v.AddOptionalTagged(false, 0, mCertIssuer); + v.AddOptionalTagged(false, 1, mCACerts); + return new DerSequence(v); + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/bsi/BsiObjectIdentifiers.cs b/BouncyCastle/crypto/src/asn1/bsi/BsiObjectIdentifiers.cs new file mode 100644 index 0000000..50ada2e --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/bsi/BsiObjectIdentifiers.cs @@ -0,0 +1,102 @@ +using System; + +namespace Org.BouncyCastle.Asn1.Bsi +{ + /// See https://www.bsi.bund.de/cae/servlet/contentblob/471398/publicationFile/30615/BSI-TR-03111_pdf.pdf + public abstract class BsiObjectIdentifiers + { + public static readonly DerObjectIdentifier bsi_de = new DerObjectIdentifier("0.4.0.127.0.7"); + + /* 0.4.0.127.0.7.1.1 */ + public static readonly DerObjectIdentifier id_ecc = bsi_de.Branch("1.1"); + + /* 0.4.0.127.0.7.1.1.4.1 */ + public static readonly DerObjectIdentifier ecdsa_plain_signatures = id_ecc.Branch("4.1"); + + /* 0.4.0.127.0.7.1.1.4.1.1 */ + public static readonly DerObjectIdentifier ecdsa_plain_SHA1 = ecdsa_plain_signatures.Branch("1"); + + /* 0.4.0.127.0.7.1.1.4.1.2 */ + public static readonly DerObjectIdentifier ecdsa_plain_SHA224 = ecdsa_plain_signatures.Branch("2"); + + /* 0.4.0.127.0.7.1.1.4.1.3 */ + public static readonly DerObjectIdentifier ecdsa_plain_SHA256 = ecdsa_plain_signatures.Branch("3"); + + /* 0.4.0.127.0.7.1.1.4.1.4 */ + public static readonly DerObjectIdentifier ecdsa_plain_SHA384 = ecdsa_plain_signatures.Branch("4"); + + /* 0.4.0.127.0.7.1.1.4.1.5 */ + public static readonly DerObjectIdentifier ecdsa_plain_SHA512 = ecdsa_plain_signatures.Branch("5"); + + /* 0.4.0.127.0.7.1.1.4.1.6 */ + public static readonly DerObjectIdentifier ecdsa_plain_RIPEMD160 = ecdsa_plain_signatures.Branch("6"); + + /** 0.4.0.127.0.7.1 */ + public static readonly DerObjectIdentifier algorithm = bsi_de.Branch("1"); + + public static readonly DerObjectIdentifier ecka_eg = id_ecc.Branch("5.1"); + + /** ElGamal Elliptic Curve Key Agreement and Key Derivation according to X963 OID: 0.4.0.127.0.7.1.1.5.1.1 */ + public static readonly DerObjectIdentifier ecka_eg_X963kdf = ecka_eg.Branch("1"); + + /** ElGamal Elliptic Curve Key Agreement and Key Derivation according to X963 + * with hash function SHA-1 + * OID: 0.4.0.127.0.7.1.1.5.1.1.1 */ + public static readonly DerObjectIdentifier ecka_eg_X963kdf_SHA1 = ecka_eg_X963kdf.Branch("1"); + + /** ElGamal Elliptic Curve Key Agreement and Key Derivation according to X963 + * with hash function SHA224 + * OID: 0.4.0.127.0.7.1.1.5.1.1.2 */ + public static readonly DerObjectIdentifier ecka_eg_X963kdf_SHA224 = ecka_eg_X963kdf.Branch("2"); + + /** ElGamal Elliptic Curve Key Agreement and Key Derivation according to X963 + * with hash function SHA256 + * OID: 0.4.0.127.0.7.1.1.5.1.1.3 */ + public static readonly DerObjectIdentifier ecka_eg_X963kdf_SHA256 = ecka_eg_X963kdf.Branch("3"); + + /** ElGamal Elliptic Curve Key Agreement and Key Derivation according to X963 + * with hash function SHA384 + * OID: 0.4.0.127.0.7.1.1.5.1.1.4 */ + public static readonly DerObjectIdentifier ecka_eg_X963kdf_SHA384 = ecka_eg_X963kdf.Branch("4"); + + /** ElGamal Elliptic Curve Key Agreement and Key Derivation according to X963 + * with hash function SHA512 + * OID: 0.4.0.127.0.7.1.1.5.1.1.5 */ + public static readonly DerObjectIdentifier ecka_eg_X963kdf_SHA512 = ecka_eg_X963kdf.Branch("5"); + + /** ElGamal Elliptic Curve Key Agreement and Key Derivation according to X963 + * with hash function RIPEMD160 + * OID: 0.4.0.127.0.7.1.1.5.1.1.6 */ + public static readonly DerObjectIdentifier ecka_eg_X963kdf_RIPEMD160 = ecka_eg_X963kdf.Branch("6"); + + /** + * Key Derivation Function for Session Keys + */ + public static readonly DerObjectIdentifier ecka_eg_SessionKDF = ecka_eg.Branch("2"); + + public static readonly DerObjectIdentifier ecka_eg_SessionKDF_3DES = ecka_eg_SessionKDF.Branch("1"); + public static readonly DerObjectIdentifier ecka_eg_SessionKDF_AES128 = ecka_eg_SessionKDF.Branch("2"); + public static readonly DerObjectIdentifier ecka_eg_SessionKDF_AES192 = ecka_eg_SessionKDF.Branch("3"); + public static readonly DerObjectIdentifier ecka_eg_SessionKDF_AES256 = ecka_eg_SessionKDF.Branch("4"); + + /* AES encryption (CBC) and authentication (CMAC) + * OID: 0.4.0.127.0.7.1.x */ + //TODO: replace "1" with correct OID + //public static readonly DerObjectIdentifier aes_cbc_cmac = algorithm.Branch("1"); + + /* AES encryption (CBC) and authentication (CMAC) with 128 bit + * OID: 0.4.0.127.0.7.1.x.y1 */ + //TODO: replace "1" with correct OID + //public static readonly DerObjectIdentifier id_aes128_CBC_CMAC = aes_cbc_cmac.Branch("1"); + + /* AES encryption (CBC) and authentication (CMAC) with 192 bit + * OID: 0.4.0.127.0.7.1.x.y2 */ + //TODO: replace "1" with correct OID + //public static readonly DerObjectIdentifier id_aes192_CBC_CMAC = aes_cbc_cmac.Branch("1"); + + /* AES encryption (CBC) and authentication (CMAC) with 256 bit + * OID: 0.4.0.127.0.7.1.x.y3 */ + //TODO: replace "1" with correct OID + //public static readonly DerObjectIdentifier id_aes256_CBC_CMAC = aes_cbc_cmac.Branch("1"); + } +} diff --git a/BouncyCastle/crypto/src/asn1/cmp/CAKeyUpdAnnContent.cs b/BouncyCastle/crypto/src/asn1/cmp/CAKeyUpdAnnContent.cs new file mode 100644 index 0000000..b74bac8 --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/cmp/CAKeyUpdAnnContent.cs @@ -0,0 +1,62 @@ +using System; + +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Asn1.Cmp +{ + public class CAKeyUpdAnnContent + : Asn1Encodable + { + private readonly CmpCertificate oldWithNew; + private readonly CmpCertificate newWithOld; + private readonly CmpCertificate newWithNew; + + private CAKeyUpdAnnContent(Asn1Sequence seq) + { + oldWithNew = CmpCertificate.GetInstance(seq[0]); + newWithOld = CmpCertificate.GetInstance(seq[1]); + newWithNew = CmpCertificate.GetInstance(seq[2]); + } + + public static CAKeyUpdAnnContent GetInstance(object obj) + { + if (obj is CAKeyUpdAnnContent) + return (CAKeyUpdAnnContent)obj; + + if (obj is Asn1Sequence) + return new CAKeyUpdAnnContent((Asn1Sequence)obj); + + throw new ArgumentException("Invalid object: " + Platform.GetTypeName(obj), "obj"); + } + + public virtual CmpCertificate OldWithNew + { + get { return oldWithNew; } + } + + public virtual CmpCertificate NewWithOld + { + get { return newWithOld; } + } + + public virtual CmpCertificate NewWithNew + { + get { return newWithNew; } + } + + /** + * 
+		 * CAKeyUpdAnnContent ::= SEQUENCE {
+		 *                             oldWithNew   CmpCertificate, -- old pub signed with new priv
+		 *                             newWithOld   CmpCertificate, -- new pub signed with old priv
+		 *                             newWithNew   CmpCertificate  -- new pub signed with new priv
+		 *  }
+		 *
+ * @return a basic ASN.1 object representation. + */ + public override Asn1Object ToAsn1Object() + { + return new DerSequence(oldWithNew, newWithOld, newWithNew); + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/cmp/CertConfirmContent.cs b/BouncyCastle/crypto/src/asn1/cmp/CertConfirmContent.cs new file mode 100644 index 0000000..370a9e7 --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/cmp/CertConfirmContent.cs @@ -0,0 +1,49 @@ +using System; + +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Asn1.Cmp +{ + public class CertConfirmContent + : Asn1Encodable + { + private readonly Asn1Sequence content; + + private CertConfirmContent(Asn1Sequence seq) + { + content = seq; + } + + public static CertConfirmContent GetInstance(object obj) + { + if (obj is CertConfirmContent) + return (CertConfirmContent)obj; + + if (obj is Asn1Sequence) + return new CertConfirmContent((Asn1Sequence)obj); + + throw new ArgumentException("Invalid object: " + Platform.GetTypeName(obj), "obj"); + } + + public virtual CertStatus[] ToCertStatusArray() + { + CertStatus[] result = new CertStatus[content.Count]; + for (int i = 0; i != result.Length; i++) + { + result[i] = CertStatus.GetInstance(content[i]); + } + return result; + } + + /** + * 
+		 * CertConfirmContent ::= SEQUENCE OF CertStatus
+		 *
+ * @return a basic ASN.1 object representation. + */ + public override Asn1Object ToAsn1Object() + { + return content; + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/cmp/CertOrEncCert.cs b/BouncyCastle/crypto/src/asn1/cmp/CertOrEncCert.cs new file mode 100644 index 0000000..eb200e1 --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/cmp/CertOrEncCert.cs @@ -0,0 +1,86 @@ +using System; + +using Org.BouncyCastle.Asn1.Crmf; +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Asn1.Cmp +{ + public class CertOrEncCert + : Asn1Encodable, IAsn1Choice + { + private readonly CmpCertificate certificate; + private readonly EncryptedValue encryptedCert; + + private CertOrEncCert(Asn1TaggedObject tagged) + { + if (tagged.TagNo == 0) + { + certificate = CmpCertificate.GetInstance(tagged.GetObject()); + } + else if (tagged.TagNo == 1) + { + encryptedCert = EncryptedValue.GetInstance(tagged.GetObject()); + } + else + { + throw new ArgumentException("unknown tag: " + tagged.TagNo, "tagged"); + } + } + + public static CertOrEncCert GetInstance(object obj) + { + if (obj is CertOrEncCert) + return (CertOrEncCert)obj; + + if (obj is Asn1TaggedObject) + return new CertOrEncCert((Asn1TaggedObject)obj); + + throw new ArgumentException("Invalid object: " + Platform.GetTypeName(obj), "obj"); + } + + public CertOrEncCert(CmpCertificate certificate) + { + if (certificate == null) + throw new ArgumentNullException("certificate"); + + this.certificate = certificate; + } + + public CertOrEncCert(EncryptedValue encryptedCert) + { + if (encryptedCert == null) + throw new ArgumentNullException("encryptedCert"); + + this.encryptedCert = encryptedCert; + } + + public virtual CmpCertificate Certificate + { + get { return certificate; } + } + + public virtual EncryptedValue EncryptedCert + { + get { return encryptedCert; } + } + + /** + * 
+		 * CertOrEncCert ::= CHOICE {
+		 *                      certificate     [0] CMPCertificate,
+		 *                      encryptedCert   [1] EncryptedValue
+		 *           }
+		 *
+ * @return a basic ASN.1 object representation. + */ + public override Asn1Object ToAsn1Object() + { + if (certificate != null) + { + return new DerTaggedObject(true, 0, certificate); + } + + return new DerTaggedObject(true, 1, encryptedCert); + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/cmp/CertRepMessage.cs b/BouncyCastle/crypto/src/asn1/cmp/CertRepMessage.cs new file mode 100644 index 0000000..d24dd96 --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/cmp/CertRepMessage.cs @@ -0,0 +1,90 @@ +using System; + +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Asn1.Cmp +{ + public class CertRepMessage + : Asn1Encodable + { + private readonly Asn1Sequence caPubs; + private readonly Asn1Sequence response; + + private CertRepMessage(Asn1Sequence seq) + { + int index = 0; + + if (seq.Count > 1) + { + caPubs = Asn1Sequence.GetInstance((Asn1TaggedObject)seq[index++], true); + } + + response = Asn1Sequence.GetInstance(seq[index]); + } + + public static CertRepMessage GetInstance(object obj) + { + if (obj is CertRepMessage) + return (CertRepMessage)obj; + + if (obj is Asn1Sequence) + return new CertRepMessage((Asn1Sequence)obj); + + throw new ArgumentException("Invalid object: " + Platform.GetTypeName(obj), "obj"); + } + + public CertRepMessage(CmpCertificate[] caPubs, CertResponse[] response) + { + if (response == null) + throw new ArgumentNullException("response"); + + if (caPubs != null) + { + this.caPubs = new DerSequence(caPubs); + } + + this.response = new DerSequence(response); + } + + public virtual CmpCertificate[] GetCAPubs() + { + if (caPubs == null) + return null; + + CmpCertificate[] results = new CmpCertificate[caPubs.Count]; + for (int i = 0; i != results.Length; ++i) + { + results[i] = CmpCertificate.GetInstance(caPubs[i]); + } + return results; + } + + public virtual CertResponse[] GetResponse() + { + CertResponse[] results = new CertResponse[response.Count]; + for (int i = 0; i != results.Length; ++i) + { + results[i] = CertResponse.GetInstance(response[i]); + } + return results; + } + + /** + * 
+		 * CertRepMessage ::= SEQUENCE {
+		 *                          caPubs       [1] SEQUENCE SIZE (1..MAX) OF CMPCertificate
+		 *                                                                             OPTIONAL,
+		 *                          response         SEQUENCE OF CertResponse
+		 * }
+		 *
+ * @return a basic ASN.1 object representation. + */ + public override Asn1Object ToAsn1Object() + { + Asn1EncodableVector v = new Asn1EncodableVector(); + v.AddOptionalTagged(true, 1, caPubs); + v.Add(response); + return new DerSequence(v); + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/cmp/CertResponse.cs b/BouncyCastle/crypto/src/asn1/cmp/CertResponse.cs new file mode 100644 index 0000000..843fd92 --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/cmp/CertResponse.cs @@ -0,0 +1,116 @@ +using System; + +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Asn1.Cmp +{ + public class CertResponse + : Asn1Encodable + { + private readonly DerInteger certReqId; + private readonly PkiStatusInfo status; + private readonly CertifiedKeyPair certifiedKeyPair; + private readonly Asn1OctetString rspInfo; + + private CertResponse(Asn1Sequence seq) + { + certReqId = DerInteger.GetInstance(seq[0]); + status = PkiStatusInfo.GetInstance(seq[1]); + + if (seq.Count >= 3) + { + if (seq.Count == 3) + { + Asn1Encodable o = seq[2]; + if (o is Asn1OctetString) + { + rspInfo = Asn1OctetString.GetInstance(o); + } + else + { + certifiedKeyPair = CertifiedKeyPair.GetInstance(o); + } + } + else + { + certifiedKeyPair = CertifiedKeyPair.GetInstance(seq[2]); + rspInfo = Asn1OctetString.GetInstance(seq[3]); + } + } + } + + public static CertResponse GetInstance(object obj) + { + if (obj is CertResponse) + return (CertResponse)obj; + + if (obj is Asn1Sequence) + return new CertResponse((Asn1Sequence)obj); + + throw new ArgumentException("Invalid object: " + Platform.GetTypeName(obj), "obj"); + } + + public CertResponse( + DerInteger certReqId, + PkiStatusInfo status) + : this(certReqId, status, null, null) + { + } + + public CertResponse( + DerInteger certReqId, + PkiStatusInfo status, + CertifiedKeyPair certifiedKeyPair, + Asn1OctetString rspInfo) + { + if (certReqId == null) + throw new ArgumentNullException("certReqId"); + + if (status == null) + throw new ArgumentNullException("status"); + + this.certReqId = certReqId; + this.status = status; + this.certifiedKeyPair = certifiedKeyPair; + this.rspInfo = rspInfo; + } + + public virtual DerInteger CertReqID + { + get { return certReqId; } + } + + public virtual PkiStatusInfo Status + { + get { return status; } + } + + public virtual CertifiedKeyPair CertifiedKeyPair + { + get { return certifiedKeyPair; } + } + + /** + * 
+		 * CertResponse ::= SEQUENCE {
+		 *                            certReqId           INTEGER,
+		 *                            -- to match this response with corresponding request (a value
+		 *                            -- of -1 is to be used if certReqId is not specified in the
+		 *                            -- corresponding request)
+		 *                            status              PKIStatusInfo,
+		 *                            certifiedKeyPair    CertifiedKeyPair    OPTIONAL,
+		 *                            rspInfo             OCTET STRING        OPTIONAL
+		 *                            -- analogous to the id-regInfo-utf8Pairs string defined
+		 *                            -- for regInfo in CertReqMsg [CRMF]
+		 *             }
+		 *
+ * @return a basic ASN.1 object representation. + */ + public override Asn1Object ToAsn1Object() + { + Asn1EncodableVector v = new Asn1EncodableVector(certReqId, status); + v.AddOptional(certifiedKeyPair, rspInfo); + return new DerSequence(v); + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/cmp/CertStatus.cs b/BouncyCastle/crypto/src/asn1/cmp/CertStatus.cs new file mode 100644 index 0000000..d437b57 --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/cmp/CertStatus.cs @@ -0,0 +1,85 @@ +using System; + +using Org.BouncyCastle.Math; +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Asn1.Cmp +{ + public class CertStatus + : Asn1Encodable + { + private readonly Asn1OctetString certHash; + private readonly DerInteger certReqId; + private readonly PkiStatusInfo statusInfo; + + private CertStatus(Asn1Sequence seq) + { + certHash = Asn1OctetString.GetInstance(seq[0]); + certReqId = DerInteger.GetInstance(seq[1]); + + if (seq.Count > 2) + { + statusInfo = PkiStatusInfo.GetInstance(seq[2]); + } + } + + public CertStatus(byte[] certHash, BigInteger certReqId) + { + this.certHash = new DerOctetString(certHash); + this.certReqId = new DerInteger(certReqId); + } + + public CertStatus(byte[] certHash, BigInteger certReqId, PkiStatusInfo statusInfo) + { + this.certHash = new DerOctetString(certHash); + this.certReqId = new DerInteger(certReqId); + this.statusInfo = statusInfo; + } + + public static CertStatus GetInstance(object obj) + { + if (obj is CertStatus) + return (CertStatus)obj; + + if (obj is Asn1Sequence) + return new CertStatus((Asn1Sequence)obj); + + throw new ArgumentException("Invalid object: " + Platform.GetTypeName(obj), "obj"); + } + + public virtual Asn1OctetString CertHash + { + get { return certHash; } + } + + public virtual DerInteger CertReqID + { + get { return certReqId; } + } + + public virtual PkiStatusInfo StatusInfo + { + get { return statusInfo; } + } + + /** + * 
+		 * CertStatus ::= SEQUENCE {
+		 *                   certHash    OCTET STRING,
+		 *                   -- the hash of the certificate, using the same hash algorithm
+		 *                   -- as is used to create and verify the certificate signature
+		 *                   certReqId   INTEGER,
+		 *                   -- to match this confirmation with the corresponding req/rep
+		 *                   statusInfo  PKIStatusInfo OPTIONAL
+		 * }
+		 *
+ * @return a basic ASN.1 object representation. + */ + public override Asn1Object ToAsn1Object() + { + Asn1EncodableVector v = new Asn1EncodableVector(certHash, certReqId); + v.AddOptional(statusInfo); + return new DerSequence(v); + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/cmp/CertifiedKeyPair.cs b/BouncyCastle/crypto/src/asn1/cmp/CertifiedKeyPair.cs new file mode 100644 index 0000000..0b1c5d4 --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/cmp/CertifiedKeyPair.cs @@ -0,0 +1,106 @@ +using System; + +using Org.BouncyCastle.Asn1.Crmf; +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Asn1.Cmp +{ + public class CertifiedKeyPair + : Asn1Encodable + { + private readonly CertOrEncCert certOrEncCert; + private readonly EncryptedValue privateKey; + private readonly PkiPublicationInfo publicationInfo; + + private CertifiedKeyPair(Asn1Sequence seq) + { + certOrEncCert = CertOrEncCert.GetInstance(seq[0]); + + if (seq.Count >= 2) + { + if (seq.Count == 2) + { + Asn1TaggedObject tagged = Asn1TaggedObject.GetInstance(seq[1]); + if (tagged.TagNo == 0) + { + privateKey = EncryptedValue.GetInstance(tagged.GetObject()); + } + else + { + publicationInfo = PkiPublicationInfo.GetInstance(tagged.GetObject()); + } + } + else + { + privateKey = EncryptedValue.GetInstance(Asn1TaggedObject.GetInstance(seq[1])); + publicationInfo = PkiPublicationInfo.GetInstance(Asn1TaggedObject.GetInstance(seq[2])); + } + } + } + + public static CertifiedKeyPair GetInstance(object obj) + { + if (obj is CertifiedKeyPair) + return (CertifiedKeyPair)obj; + + if (obj is Asn1Sequence) + return new CertifiedKeyPair((Asn1Sequence)obj); + + throw new ArgumentException("Invalid object: " + Platform.GetTypeName(obj), "obj"); + } + + public CertifiedKeyPair( + CertOrEncCert certOrEncCert) + : this(certOrEncCert, null, null) + { + } + + public CertifiedKeyPair( + CertOrEncCert certOrEncCert, + EncryptedValue privateKey, + PkiPublicationInfo publicationInfo + ) + { + if (certOrEncCert == null) + throw new ArgumentNullException("certOrEncCert"); + + this.certOrEncCert = certOrEncCert; + this.privateKey = privateKey; + this.publicationInfo = publicationInfo; + } + + public virtual CertOrEncCert CertOrEncCert + { + get { return certOrEncCert; } + } + + public virtual EncryptedValue PrivateKey + { + get { return privateKey; } + } + + public virtual PkiPublicationInfo PublicationInfo + { + get { return publicationInfo; } + } + + /** + * 
+		 * CertifiedKeyPair ::= SEQUENCE {
+		 *                                  certOrEncCert       CertOrEncCert,
+		 *                                  privateKey      [0] EncryptedValue      OPTIONAL,
+		 *                                  -- see [CRMF] for comment on encoding
+		 *                                  publicationInfo [1] PKIPublicationInfo  OPTIONAL
+		 *       }
+		 *
+ * @return a basic ASN.1 object representation. + */ + public override Asn1Object ToAsn1Object() + { + Asn1EncodableVector v = new Asn1EncodableVector(certOrEncCert); + v.AddOptionalTagged(true, 0, privateKey); + v.AddOptionalTagged(true, 1, publicationInfo); + return new DerSequence(v); + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/cmp/Challenge.cs b/BouncyCastle/crypto/src/asn1/cmp/Challenge.cs new file mode 100644 index 0000000..016c082 --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/cmp/Challenge.cs @@ -0,0 +1,79 @@ +using System; + +using Org.BouncyCastle.Asn1.X509; +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Asn1.Cmp +{ + public class Challenge + : Asn1Encodable + { + private readonly AlgorithmIdentifier owf; + private readonly Asn1OctetString witness; + private readonly Asn1OctetString challenge; + + private Challenge(Asn1Sequence seq) + { + int index = 0; + + if (seq.Count == 3) + { + owf = AlgorithmIdentifier.GetInstance(seq[index++]); + } + + witness = Asn1OctetString.GetInstance(seq[index++]); + challenge = Asn1OctetString.GetInstance(seq[index]); + } + + public static Challenge GetInstance(object obj) + { + if (obj is Challenge) + return (Challenge)obj; + + if (obj is Asn1Sequence) + return new Challenge((Asn1Sequence)obj); + + throw new ArgumentException("Invalid object: " + Platform.GetTypeName(obj), "obj"); + } + + public virtual AlgorithmIdentifier Owf + { + get { return owf; } + } + + /** + * 
+		 * Challenge ::= SEQUENCE {
+		 *                 owf                 AlgorithmIdentifier  OPTIONAL,
+		 *
+		 *                 -- MUST be present in the first Challenge; MAY be omitted in
+		 *                 -- any subsequent Challenge in POPODecKeyChallContent (if
+		 *                 -- omitted, then the owf used in the immediately preceding
+		 *                 -- Challenge is to be used).
+		 *
+		 *                 witness             OCTET STRING,
+		 *                 -- the result of applying the one-way function (owf) to a
+		 *                 -- randomly-generated INTEGER, A.  [Note that a different
+		 *                 -- INTEGER MUST be used for each Challenge.]
+		 *                 challenge           OCTET STRING
+		 *                 -- the encryption (under the public key for which the cert.
+		 *                 -- request is being made) of Rand, where Rand is specified as
+		 *                 --   Rand ::= SEQUENCE {
+		 *                 --      int      INTEGER,
+		 *                 --       - the randomly-generated INTEGER A (above)
+		 *                 --      sender   GeneralName
+		 *                 --       - the sender's name (as included in PKIHeader)
+		 *                 --   }
+		 *      }
+		 *
+ * @return a basic ASN.1 object representation. + */ + public override Asn1Object ToAsn1Object() + { + Asn1EncodableVector v = new Asn1EncodableVector(); + v.AddOptional(owf); + v.Add(witness, challenge); + return new DerSequence(v); + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/cmp/CmpCertificate.cs b/BouncyCastle/crypto/src/asn1/cmp/CmpCertificate.cs new file mode 100644 index 0000000..33356b4 --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/cmp/CmpCertificate.cs @@ -0,0 +1,81 @@ +using System; + +using Org.BouncyCastle.Asn1.X509; +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Asn1.Cmp +{ + public class CmpCertificate + : Asn1Encodable, IAsn1Choice + { + private readonly X509CertificateStructure x509v3PKCert; + private readonly AttributeCertificate x509v2AttrCert; + + /** + * Note: the addition of attribute certificates is a BC extension. + */ + public CmpCertificate(AttributeCertificate x509v2AttrCert) + { + this.x509v2AttrCert = x509v2AttrCert; + } + + public CmpCertificate(X509CertificateStructure x509v3PKCert) + { + if (x509v3PKCert.Version != 3) + throw new ArgumentException("only version 3 certificates allowed", "x509v3PKCert"); + + this.x509v3PKCert = x509v3PKCert; + } + + public static CmpCertificate GetInstance(object obj) + { + if (obj is CmpCertificate) + return (CmpCertificate)obj; + + if (obj is Asn1Sequence) + return new CmpCertificate(X509CertificateStructure.GetInstance(obj)); + + if (obj is Asn1TaggedObject) + return new CmpCertificate(AttributeCertificate.GetInstance(((Asn1TaggedObject)obj).GetObject())); + + throw new ArgumentException("Invalid object: " + Platform.GetTypeName(obj), "obj"); + } + + public virtual bool IsX509v3PKCert + { + get { return x509v3PKCert != null; } + } + + public virtual X509CertificateStructure X509v3PKCert + { + get { return x509v3PKCert; } + } + + public virtual AttributeCertificate X509v2AttrCert + { + get { return x509v2AttrCert; } + } + + /** + * 
+         * CMPCertificate ::= CHOICE {
+         *            x509v3PKCert        Certificate
+         *            x509v2AttrCert      [1] AttributeCertificate
+         *  }
+         *
+ * Note: the addition of attribute certificates is a BC extension. + * + * @return a basic ASN.1 object representation. + */ + public override Asn1Object ToAsn1Object() + { + if (x509v2AttrCert != null) + { + // explicit following CMP conventions + return new DerTaggedObject(true, 1, x509v2AttrCert); + } + + return x509v3PKCert.ToAsn1Object(); + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/cmp/CmpObjectIdentifiers.cs b/BouncyCastle/crypto/src/asn1/cmp/CmpObjectIdentifiers.cs new file mode 100644 index 0000000..7e82741 --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/cmp/CmpObjectIdentifiers.cs @@ -0,0 +1,106 @@ +using System; + +namespace Org.BouncyCastle.Asn1.Cmp +{ + public abstract class CmpObjectIdentifiers + { + // RFC 4210 + + // id-PasswordBasedMac OBJECT IDENTIFIER ::= {1 2 840 113533 7 66 13} + public static readonly DerObjectIdentifier passwordBasedMac = new DerObjectIdentifier("1.2.840.113533.7.66.13"); + + // id-DHBasedMac OBJECT IDENTIFIER ::= {1 2 840 113533 7 66 30} + public static readonly DerObjectIdentifier dhBasedMac = new DerObjectIdentifier("1.2.840.113533.7.66.30"); + + // Example InfoTypeAndValue contents include, but are not limited + // to, the following (un-comment in this ASN.1 module and use as + // appropriate for a given environment): + // + // id-it-caProtEncCert OBJECT IDENTIFIER ::= {id-it 1} + // CAProtEncCertValue ::= CMPCertificate + // id-it-signKeyPairTypes OBJECT IDENTIFIER ::= {id-it 2} + // SignKeyPairTypesValue ::= SEQUENCE OF AlgorithmIdentifier + // id-it-encKeyPairTypes OBJECT IDENTIFIER ::= {id-it 3} + // EncKeyPairTypesValue ::= SEQUENCE OF AlgorithmIdentifier + // id-it-preferredSymmAlg OBJECT IDENTIFIER ::= {id-it 4} + // PreferredSymmAlgValue ::= AlgorithmIdentifier + // id-it-caKeyUpdateInfo OBJECT IDENTIFIER ::= {id-it 5} + // CAKeyUpdateInfoValue ::= CAKeyUpdAnnContent + // id-it-currentCRL OBJECT IDENTIFIER ::= {id-it 6} + // CurrentCRLValue ::= CertificateList + // id-it-unsupportedOIDs OBJECT IDENTIFIER ::= {id-it 7} + // UnsupportedOIDsValue ::= SEQUENCE OF OBJECT IDENTIFIER + // id-it-keyPairParamReq OBJECT IDENTIFIER ::= {id-it 10} + // KeyPairParamReqValue ::= OBJECT IDENTIFIER + // id-it-keyPairParamRep OBJECT IDENTIFIER ::= {id-it 11} + // KeyPairParamRepValue ::= AlgorithmIdentifer + // id-it-revPassphrase OBJECT IDENTIFIER ::= {id-it 12} + // RevPassphraseValue ::= EncryptedValue + // id-it-implicitConfirm OBJECT IDENTIFIER ::= {id-it 13} + // ImplicitConfirmValue ::= NULL + // id-it-confirmWaitTime OBJECT IDENTIFIER ::= {id-it 14} + // ConfirmWaitTimeValue ::= GeneralizedTime + // id-it-origPKIMessage OBJECT IDENTIFIER ::= {id-it 15} + // OrigPKIMessageValue ::= PKIMessages + // id-it-suppLangTags OBJECT IDENTIFIER ::= {id-it 16} + // SuppLangTagsValue ::= SEQUENCE OF UTF8String + // + // where + // + // id-pkix OBJECT IDENTIFIER ::= { + // iso(1) identified-organization(3) + // dod(6) internet(1) security(5) mechanisms(5) pkix(7)} + // and + // id-it OBJECT IDENTIFIER ::= {id-pkix 4} + public static readonly DerObjectIdentifier it_caProtEncCert = new DerObjectIdentifier("1.3.6.1.5.5.7.4.1"); + public static readonly DerObjectIdentifier it_signKeyPairTypes = new DerObjectIdentifier("1.3.6.1.5.5.7.4.2"); + public static readonly DerObjectIdentifier it_encKeyPairTypes = new DerObjectIdentifier("1.3.6.1.5.5.7.4.3"); + public static readonly DerObjectIdentifier it_preferredSymAlg = new DerObjectIdentifier("1.3.6.1.5.5.7.4.4"); + public static readonly DerObjectIdentifier it_caKeyUpdateInfo = new DerObjectIdentifier("1.3.6.1.5.5.7.4.5"); + public static readonly DerObjectIdentifier it_currentCRL = new DerObjectIdentifier("1.3.6.1.5.5.7.4.6"); + public static readonly DerObjectIdentifier it_unsupportedOIDs = new DerObjectIdentifier("1.3.6.1.5.5.7.4.7"); + public static readonly DerObjectIdentifier it_keyPairParamReq = new DerObjectIdentifier("1.3.6.1.5.5.7.4.10"); + public static readonly DerObjectIdentifier it_keyPairParamRep = new DerObjectIdentifier("1.3.6.1.5.5.7.4.11"); + public static readonly DerObjectIdentifier it_revPassphrase = new DerObjectIdentifier("1.3.6.1.5.5.7.4.12"); + public static readonly DerObjectIdentifier it_implicitConfirm = new DerObjectIdentifier("1.3.6.1.5.5.7.4.13"); + public static readonly DerObjectIdentifier it_confirmWaitTime = new DerObjectIdentifier("1.3.6.1.5.5.7.4.14"); + public static readonly DerObjectIdentifier it_origPKIMessage = new DerObjectIdentifier("1.3.6.1.5.5.7.4.15"); + public static readonly DerObjectIdentifier it_suppLangTags = new DerObjectIdentifier("1.3.6.1.5.5.7.4.16"); + + // RFC 4211 + + // id-pkix OBJECT IDENTIFIER ::= { iso(1) identified-organization(3) + // dod(6) internet(1) security(5) mechanisms(5) pkix(7) } + // + // arc for Internet X.509 PKI protocols and their components + // id-pkip OBJECT IDENTIFIER :: { id-pkix pkip(5) } + // + // arc for Registration Controls in CRMF + // id-regCtrl OBJECT IDENTIFIER ::= { id-pkip regCtrl(1) } + // + // arc for Registration Info in CRMF + // id-regInfo OBJECT IDENTIFIER ::= { id-pkip id-regInfo(2) } + + public static readonly DerObjectIdentifier regCtrl_regToken = new DerObjectIdentifier("1.3.6.1.5.5.7.5.1.1"); + public static readonly DerObjectIdentifier regCtrl_authenticator = new DerObjectIdentifier("1.3.6.1.5.5.7.5.1.2"); + public static readonly DerObjectIdentifier regCtrl_pkiPublicationInfo = new DerObjectIdentifier("1.3.6.1.5.5.7.5.1.3"); + public static readonly DerObjectIdentifier regCtrl_pkiArchiveOptions = new DerObjectIdentifier("1.3.6.1.5.5.7.5.1.4"); + public static readonly DerObjectIdentifier regCtrl_oldCertID = new DerObjectIdentifier("1.3.6.1.5.5.7.5.1.5"); + public static readonly DerObjectIdentifier regCtrl_protocolEncrKey = new DerObjectIdentifier("1.3.6.1.5.5.7.5.1.6"); + + // From RFC4210: + // id-regCtrl-altCertTemplate OBJECT IDENTIFIER ::= {id-regCtrl 7} + public static readonly DerObjectIdentifier regCtrl_altCertTemplate = new DerObjectIdentifier("1.3.6.1.5.5.7.5.1.7"); + + public static readonly DerObjectIdentifier regInfo_utf8Pairs = new DerObjectIdentifier("1.3.6.1.5.5.7.5.2.1"); + public static readonly DerObjectIdentifier regInfo_certReq = new DerObjectIdentifier("1.3.6.1.5.5.7.5.2.2"); + + // id-smime OBJECT IDENTIFIER ::= { iso(1) member-body(2) + // us(840) rsadsi(113549) pkcs(1) pkcs9(9) 16 } + // + // id-ct OBJECT IDENTIFIER ::= { id-smime 1 } -- content types + // + // id-ct-encKeyWithID OBJECT IDENTIFIER ::= {id-ct 21} + public static readonly DerObjectIdentifier ct_encKeyWithID = new DerObjectIdentifier("1.2.840.113549.1.9.16.1.21"); + } +} diff --git a/BouncyCastle/crypto/src/asn1/cmp/CrlAnnContent.cs b/BouncyCastle/crypto/src/asn1/cmp/CrlAnnContent.cs new file mode 100644 index 0000000..db8ecfa --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/cmp/CrlAnnContent.cs @@ -0,0 +1,50 @@ +using System; + +using Org.BouncyCastle.Asn1.X509; +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Asn1.Cmp +{ + public class CrlAnnContent + : Asn1Encodable + { + private readonly Asn1Sequence content; + + private CrlAnnContent(Asn1Sequence seq) + { + content = seq; + } + + public static CrlAnnContent GetInstance(object obj) + { + if (obj is CrlAnnContent) + return (CrlAnnContent)obj; + + if (obj is Asn1Sequence) + return new CrlAnnContent((Asn1Sequence)obj); + + throw new ArgumentException("Invalid object: " + Platform.GetTypeName(obj), "obj"); + } + + public virtual CertificateList[] ToCertificateListArray() + { + CertificateList[] result = new CertificateList[content.Count]; + for (int i = 0; i != result.Length; ++ i) + { + result[i] = CertificateList.GetInstance(content[i]); + } + return result; + } + + /** + * 
+		 * CrlAnnContent ::= SEQUENCE OF CertificateList
+		 *
+ * @return a basic ASN.1 object representation. + */ + public override Asn1Object ToAsn1Object() + { + return content; + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/cmp/ErrorMsgContent.cs b/BouncyCastle/crypto/src/asn1/cmp/ErrorMsgContent.cs new file mode 100644 index 0000000..5d2132b --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/cmp/ErrorMsgContent.cs @@ -0,0 +1,95 @@ +using System; + +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Asn1.Cmp +{ + public class ErrorMsgContent + : Asn1Encodable + { + private readonly PkiStatusInfo pkiStatusInfo; + private readonly DerInteger errorCode; + private readonly PkiFreeText errorDetails; + + private ErrorMsgContent(Asn1Sequence seq) + { + pkiStatusInfo = PkiStatusInfo.GetInstance(seq[0]); + + for (int pos = 1; pos < seq.Count; ++pos) + { + Asn1Encodable ae = seq[pos]; + if (ae is DerInteger) + { + errorCode = DerInteger.GetInstance(ae); + } + else + { + errorDetails = PkiFreeText.GetInstance(ae); + } + } + } + + public static ErrorMsgContent GetInstance(object obj) + { + if (obj is ErrorMsgContent) + return (ErrorMsgContent)obj; + + if (obj is Asn1Sequence) + return new ErrorMsgContent((Asn1Sequence)obj); + + throw new ArgumentException("Invalid object: " + Platform.GetTypeName(obj), "obj"); + } + + public ErrorMsgContent(PkiStatusInfo pkiStatusInfo) + : this(pkiStatusInfo, null, null) + { + } + + public ErrorMsgContent( + PkiStatusInfo pkiStatusInfo, + DerInteger errorCode, + PkiFreeText errorDetails) + { + if (pkiStatusInfo == null) + throw new ArgumentNullException("pkiStatusInfo"); + + this.pkiStatusInfo = pkiStatusInfo; + this.errorCode = errorCode; + this.errorDetails = errorDetails; + } + + public virtual PkiStatusInfo PkiStatusInfo + { + get { return pkiStatusInfo; } + } + + public virtual DerInteger ErrorCode + { + get { return errorCode; } + } + + public virtual PkiFreeText ErrorDetails + { + get { return errorDetails; } + } + + /** + * 
+		 * ErrorMsgContent ::= SEQUENCE {
+		 *                        pKIStatusInfo          PKIStatusInfo,
+		 *                        errorCode              INTEGER           OPTIONAL,
+		 *                        -- implementation-specific error codes
+		 *                        errorDetails           PKIFreeText       OPTIONAL
+		 *                        -- implementation-specific error details
+		 * }
+		 *
+ * @return a basic ASN.1 object representation. + */ + public override Asn1Object ToAsn1Object() + { + Asn1EncodableVector v = new Asn1EncodableVector(pkiStatusInfo); + v.AddOptional(errorCode, errorDetails); + return new DerSequence(v); + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/cmp/GenMsgContent.cs b/BouncyCastle/crypto/src/asn1/cmp/GenMsgContent.cs new file mode 100644 index 0000000..f3142b5 --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/cmp/GenMsgContent.cs @@ -0,0 +1,54 @@ +using System; + +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Asn1.Cmp +{ + public class GenMsgContent + : Asn1Encodable + { + private readonly Asn1Sequence content; + + private GenMsgContent(Asn1Sequence seq) + { + content = seq; + } + + public static GenMsgContent GetInstance(object obj) + { + if (obj is GenMsgContent) + return (GenMsgContent)obj; + + if (obj is Asn1Sequence) + return new GenMsgContent((Asn1Sequence)obj); + + throw new ArgumentException("Invalid object: " + Platform.GetTypeName(obj), "obj"); + } + + public GenMsgContent(params InfoTypeAndValue[] itv) + { + content = new DerSequence(itv); + } + + public virtual InfoTypeAndValue[] ToInfoTypeAndValueArray() + { + InfoTypeAndValue[] result = new InfoTypeAndValue[content.Count]; + for (int i = 0; i != result.Length; ++i) + { + result[i] = InfoTypeAndValue.GetInstance(content[i]); + } + return result; + } + + /** + * 
+		 * GenMsgContent ::= SEQUENCE OF InfoTypeAndValue
+		 *
+ * @return a basic ASN.1 object representation. + */ + public override Asn1Object ToAsn1Object() + { + return content; + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/cmp/GenRepContent.cs b/BouncyCastle/crypto/src/asn1/cmp/GenRepContent.cs new file mode 100644 index 0000000..3c3573e --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/cmp/GenRepContent.cs @@ -0,0 +1,54 @@ +using System; + +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Asn1.Cmp +{ + public class GenRepContent + : Asn1Encodable + { + private readonly Asn1Sequence content; + + private GenRepContent(Asn1Sequence seq) + { + content = seq; + } + + public static GenRepContent GetInstance(object obj) + { + if (obj is GenRepContent) + return (GenRepContent)obj; + + if (obj is Asn1Sequence) + return new GenRepContent((Asn1Sequence)obj); + + throw new ArgumentException("Invalid object: " + Platform.GetTypeName(obj), "obj"); + } + + public GenRepContent(params InfoTypeAndValue[] itv) + { + content = new DerSequence(itv); + } + + public virtual InfoTypeAndValue[] ToInfoTypeAndValueArray() + { + InfoTypeAndValue[] result = new InfoTypeAndValue[content.Count]; + for (int i = 0; i != result.Length; ++i) + { + result[i] = InfoTypeAndValue.GetInstance(content[i]); + } + return result; + } + + /** + * 
+		 * GenRepContent ::= SEQUENCE OF InfoTypeAndValue
+		 *
+ * @return a basic ASN.1 object representation. + */ + public override Asn1Object ToAsn1Object() + { + return content; + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/cmp/InfoTypeAndValue.cs b/BouncyCastle/crypto/src/asn1/cmp/InfoTypeAndValue.cs new file mode 100644 index 0000000..305d6e5 --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/cmp/InfoTypeAndValue.cs @@ -0,0 +1,118 @@ +using System; + +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Asn1.Cmp +{ + /** + * Example InfoTypeAndValue contents include, but are not limited + * to, the following (un-comment in this ASN.1 module and use as + * appropriate for a given environment): + * 
+     *   id-it-caProtEncCert    OBJECT IDENTIFIER ::= {id-it 1}
+     *      CAProtEncCertValue      ::= CMPCertificate
+     *   id-it-signKeyPairTypes OBJECT IDENTIFIER ::= {id-it 2}
+     *     SignKeyPairTypesValue   ::= SEQUENCE OF AlgorithmIdentifier
+     *   id-it-encKeyPairTypes  OBJECT IDENTIFIER ::= {id-it 3}
+     *     EncKeyPairTypesValue    ::= SEQUENCE OF AlgorithmIdentifier
+     *   id-it-preferredSymmAlg OBJECT IDENTIFIER ::= {id-it 4}
+     *      PreferredSymmAlgValue   ::= AlgorithmIdentifier
+     *   id-it-caKeyUpdateInfo  OBJECT IDENTIFIER ::= {id-it 5}
+     *      CAKeyUpdateInfoValue    ::= CAKeyUpdAnnContent
+     *   id-it-currentCRL       OBJECT IDENTIFIER ::= {id-it 6}
+     *      CurrentCRLValue         ::= CertificateList
+     *   id-it-unsupportedOIDs  OBJECT IDENTIFIER ::= {id-it 7}
+     *      UnsupportedOIDsValue    ::= SEQUENCE OF OBJECT IDENTIFIER
+     *   id-it-keyPairParamReq  OBJECT IDENTIFIER ::= {id-it 10}
+     *      KeyPairParamReqValue    ::= OBJECT IDENTIFIER
+     *   id-it-keyPairParamRep  OBJECT IDENTIFIER ::= {id-it 11}
+     *      KeyPairParamRepValue    ::= AlgorithmIdentifer
+     *   id-it-revPassphrase    OBJECT IDENTIFIER ::= {id-it 12}
+     *      RevPassphraseValue      ::= EncryptedValue
+     *   id-it-implicitConfirm  OBJECT IDENTIFIER ::= {id-it 13}
+     *      ImplicitConfirmValue    ::= NULL
+     *   id-it-confirmWaitTime  OBJECT IDENTIFIER ::= {id-it 14}
+     *      ConfirmWaitTimeValue    ::= GeneralizedTime
+     *   id-it-origPKIMessage   OBJECT IDENTIFIER ::= {id-it 15}
+     *      OrigPKIMessageValue     ::= PKIMessages
+     *   id-it-suppLangTags     OBJECT IDENTIFIER ::= {id-it 16}
+     *      SuppLangTagsValue       ::= SEQUENCE OF UTF8String
+     *
+     * where
+     *
+     *   id-pkix OBJECT IDENTIFIER ::= {
+     *      iso(1) identified-organization(3)
+     *      dod(6) internet(1) security(5) mechanisms(5) pkix(7)}
+     * and
+     *      id-it   OBJECT IDENTIFIER ::= {id-pkix 4}
+     *
+ */ + public class InfoTypeAndValue + : Asn1Encodable + { + private readonly DerObjectIdentifier infoType; + private readonly Asn1Encodable infoValue; + + private InfoTypeAndValue(Asn1Sequence seq) + { + infoType = DerObjectIdentifier.GetInstance(seq[0]); + + if (seq.Count > 1) + { + infoValue = (Asn1Encodable)seq[1]; + } + } + + public static InfoTypeAndValue GetInstance(object obj) + { + if (obj is InfoTypeAndValue) + return (InfoTypeAndValue)obj; + + if (obj is Asn1Sequence) + return new InfoTypeAndValue((Asn1Sequence)obj); + + throw new ArgumentException("Invalid object: " + Platform.GetTypeName(obj), "obj"); + } + + public InfoTypeAndValue( + DerObjectIdentifier infoType) + { + this.infoType = infoType; + this.infoValue = null; + } + + public InfoTypeAndValue( + DerObjectIdentifier infoType, + Asn1Encodable optionalValue) + { + this.infoType = infoType; + this.infoValue = optionalValue; + } + + public virtual DerObjectIdentifier InfoType + { + get { return infoType; } + } + + public virtual Asn1Encodable InfoValue + { + get { return infoValue; } + } + + /** + * 
+         * InfoTypeAndValue ::= SEQUENCE {
+         *                         infoType               OBJECT IDENTIFIER,
+         *                         infoValue              ANY DEFINED BY infoType  OPTIONAL
+         * }
+         *
+ * @return a basic ASN.1 object representation. + */ + public override Asn1Object ToAsn1Object() + { + Asn1EncodableVector v = new Asn1EncodableVector(infoType); + v.AddOptional(infoValue); + return new DerSequence(v); + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/cmp/KeyRecRepContent.cs b/BouncyCastle/crypto/src/asn1/cmp/KeyRecRepContent.cs new file mode 100644 index 0000000..e35c0e3 --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/cmp/KeyRecRepContent.cs @@ -0,0 +1,109 @@ +using System; + +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Asn1.Cmp +{ + public class KeyRecRepContent + : Asn1Encodable + { + private readonly PkiStatusInfo status; + private readonly CmpCertificate newSigCert; + private readonly Asn1Sequence caCerts; + private readonly Asn1Sequence keyPairHist; + + private KeyRecRepContent(Asn1Sequence seq) + { + status = PkiStatusInfo.GetInstance(seq[0]); + + for (int pos = 1; pos < seq.Count; ++pos) + { + Asn1TaggedObject tObj = Asn1TaggedObject.GetInstance(seq[pos]); + + switch (tObj.TagNo) + { + case 0: + newSigCert = CmpCertificate.GetInstance(tObj.GetObject()); + break; + case 1: + caCerts = Asn1Sequence.GetInstance(tObj.GetObject()); + break; + case 2: + keyPairHist = Asn1Sequence.GetInstance(tObj.GetObject()); + break; + default: + throw new ArgumentException("unknown tag number: " + tObj.TagNo, "seq"); + } + } + } + + public static KeyRecRepContent GetInstance(object obj) + { + if (obj is KeyRecRepContent) + return (KeyRecRepContent)obj; + + if (obj is Asn1Sequence) + return new KeyRecRepContent((Asn1Sequence)obj); + + throw new ArgumentException("Invalid object: " + Platform.GetTypeName(obj), "obj"); + } + + public virtual PkiStatusInfo Status + { + get { return status; } + } + + public virtual CmpCertificate NewSigCert + { + get { return newSigCert; } + } + + public virtual CmpCertificate[] GetCACerts() + { + if (caCerts == null) + return null; + + CmpCertificate[] results = new CmpCertificate[caCerts.Count]; + for (int i = 0; i != results.Length; ++i) + { + results[i] = CmpCertificate.GetInstance(caCerts[i]); + } + return results; + } + + public virtual CertifiedKeyPair[] GetKeyPairHist() + { + if (keyPairHist == null) + return null; + + CertifiedKeyPair[] results = new CertifiedKeyPair[keyPairHist.Count]; + for (int i = 0; i != results.Length; ++i) + { + results[i] = CertifiedKeyPair.GetInstance(keyPairHist[i]); + } + return results; + } + + /** + * 
+		 * KeyRecRepContent ::= SEQUENCE {
+		 *                         status                  PKIStatusInfo,
+		 *                         newSigCert          [0] CMPCertificate OPTIONAL,
+		 *                         caCerts             [1] SEQUENCE SIZE (1..MAX) OF
+		 *                                                           CMPCertificate OPTIONAL,
+		 *                         keyPairHist         [2] SEQUENCE SIZE (1..MAX) OF
+		 *                                                           CertifiedKeyPair OPTIONAL
+		 *              }
+		 *
+ * @return a basic ASN.1 object representation. + */ + public override Asn1Object ToAsn1Object() + { + Asn1EncodableVector v = new Asn1EncodableVector(status); + v.AddOptionalTagged(true, 0, newSigCert); + v.AddOptionalTagged(true, 1, caCerts); + v.AddOptionalTagged(true, 2, keyPairHist); + return new DerSequence(v); + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/cmp/OobCertHash.cs b/BouncyCastle/crypto/src/asn1/cmp/OobCertHash.cs new file mode 100644 index 0000000..434939c --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/cmp/OobCertHash.cs @@ -0,0 +1,79 @@ +using System; + +using Org.BouncyCastle.Asn1.Crmf; +using Org.BouncyCastle.Asn1.X509; +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Asn1.Cmp +{ + public class OobCertHash + : Asn1Encodable + { + private readonly AlgorithmIdentifier hashAlg; + private readonly CertId certId; + private readonly DerBitString hashVal; + + private OobCertHash(Asn1Sequence seq) + { + int index = seq.Count - 1; + + hashVal = DerBitString.GetInstance(seq[index--]); + + for (int i = index; i >= 0; i--) + { + Asn1TaggedObject tObj = (Asn1TaggedObject)seq[i]; + + if (tObj.TagNo == 0) + { + hashAlg = AlgorithmIdentifier.GetInstance(tObj, true); + } + else + { + certId = CertId.GetInstance(tObj, true); + } + } + } + + public static OobCertHash GetInstance(object obj) + { + if (obj is OobCertHash) + return (OobCertHash)obj; + + if (obj is Asn1Sequence) + return new OobCertHash((Asn1Sequence)obj); + + throw new ArgumentException("Invalid object: " + Platform.GetTypeName(obj), "obj"); + } + + public virtual AlgorithmIdentifier HashAlg + { + get { return hashAlg; } + } + + public virtual CertId CertID + { + get { return certId; } + } + + /** + * 
+		 * OobCertHash ::= SEQUENCE {
+		 *                      hashAlg     [0] AlgorithmIdentifier     OPTIONAL,
+		 *                      certId      [1] CertId                  OPTIONAL,
+		 *                      hashVal         BIT STRING
+		 *                      -- hashVal is calculated over the Der encoding of the
+		 *                      -- self-signed certificate with the identifier certID.
+		 *       }
+		 *
+ * @return a basic ASN.1 object representation. + */ + public override Asn1Object ToAsn1Object() + { + Asn1EncodableVector v = new Asn1EncodableVector(); + v.AddOptionalTagged(true, 0, hashAlg); + v.AddOptionalTagged(true, 1, certId); + v.Add(hashVal); + return new DerSequence(v); + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/cmp/PKIBody.cs b/BouncyCastle/crypto/src/asn1/cmp/PKIBody.cs new file mode 100644 index 0000000..f17eed6 --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/cmp/PKIBody.cs @@ -0,0 +1,187 @@ +using System; + +using Org.BouncyCastle.Asn1.Crmf; +using Org.BouncyCastle.Asn1.Pkcs; +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Asn1.Cmp +{ + public class PkiBody + : Asn1Encodable, IAsn1Choice + { + public const int TYPE_INIT_REQ = 0; + public const int TYPE_INIT_REP = 1; + public const int TYPE_CERT_REQ = 2; + public const int TYPE_CERT_REP = 3; + public const int TYPE_P10_CERT_REQ = 4; + public const int TYPE_POPO_CHALL = 5; + public const int TYPE_POPO_REP = 6; + public const int TYPE_KEY_UPDATE_REQ = 7; + public const int TYPE_KEY_UPDATE_REP = 8; + public const int TYPE_KEY_RECOVERY_REQ = 9; + public const int TYPE_KEY_RECOVERY_REP = 10; + public const int TYPE_REVOCATION_REQ = 11; + public const int TYPE_REVOCATION_REP = 12; + public const int TYPE_CROSS_CERT_REQ = 13; + public const int TYPE_CROSS_CERT_REP = 14; + public const int TYPE_CA_KEY_UPDATE_ANN = 15; + public const int TYPE_CERT_ANN = 16; + public const int TYPE_REVOCATION_ANN = 17; + public const int TYPE_CRL_ANN = 18; + public const int TYPE_CONFIRM = 19; + public const int TYPE_NESTED = 20; + public const int TYPE_GEN_MSG = 21; + public const int TYPE_GEN_REP = 22; + public const int TYPE_ERROR = 23; + public const int TYPE_CERT_CONFIRM = 24; + public const int TYPE_POLL_REQ = 25; + public const int TYPE_POLL_REP = 26; + + private int tagNo; + private Asn1Encodable body; + + public static PkiBody GetInstance(object obj) + { + if (obj is PkiBody) + return (PkiBody)obj; + + if (obj is Asn1TaggedObject) + return new PkiBody((Asn1TaggedObject)obj); + + throw new ArgumentException("Invalid object: " + Platform.GetTypeName(obj), "obj"); + } + + private PkiBody(Asn1TaggedObject tagged) + { + tagNo = tagged.TagNo; + body = GetBodyForType(tagNo, tagged.GetObject()); + } + + /** + * Creates a new PkiBody. + * @param type one of the TYPE_* constants + * @param content message content + */ + public PkiBody( + int type, + Asn1Encodable content) + { + tagNo = type; + body = GetBodyForType(type, content); + } + + private static Asn1Encodable GetBodyForType( + int type, + Asn1Encodable o) + { + switch (type) + { + case TYPE_INIT_REQ: + return CertReqMessages.GetInstance(o); + case TYPE_INIT_REP: + return CertRepMessage.GetInstance(o); + case TYPE_CERT_REQ: + return CertReqMessages.GetInstance(o); + case TYPE_CERT_REP: + return CertRepMessage.GetInstance(o); + case TYPE_P10_CERT_REQ: + return CertificationRequest.GetInstance(o); + case TYPE_POPO_CHALL: + return PopoDecKeyChallContent.GetInstance(o); + case TYPE_POPO_REP: + return PopoDecKeyRespContent.GetInstance(o); + case TYPE_KEY_UPDATE_REQ: + return CertReqMessages.GetInstance(o); + case TYPE_KEY_UPDATE_REP: + return CertRepMessage.GetInstance(o); + case TYPE_KEY_RECOVERY_REQ: + return CertReqMessages.GetInstance(o); + case TYPE_KEY_RECOVERY_REP: + return KeyRecRepContent.GetInstance(o); + case TYPE_REVOCATION_REQ: + return RevReqContent.GetInstance(o); + case TYPE_REVOCATION_REP: + return RevRepContent.GetInstance(o); + case TYPE_CROSS_CERT_REQ: + return CertReqMessages.GetInstance(o); + case TYPE_CROSS_CERT_REP: + return CertRepMessage.GetInstance(o); + case TYPE_CA_KEY_UPDATE_ANN: + return CAKeyUpdAnnContent.GetInstance(o); + case TYPE_CERT_ANN: + return CmpCertificate.GetInstance(o); + case TYPE_REVOCATION_ANN: + return RevAnnContent.GetInstance(o); + case TYPE_CRL_ANN: + return CrlAnnContent.GetInstance(o); + case TYPE_CONFIRM: + return PkiConfirmContent.GetInstance(o); + case TYPE_NESTED: + return PkiMessages.GetInstance(o); + case TYPE_GEN_MSG: + return GenMsgContent.GetInstance(o); + case TYPE_GEN_REP: + return GenRepContent.GetInstance(o); + case TYPE_ERROR: + return ErrorMsgContent.GetInstance(o); + case TYPE_CERT_CONFIRM: + return CertConfirmContent.GetInstance(o); + case TYPE_POLL_REQ: + return PollReqContent.GetInstance(o); + case TYPE_POLL_REP: + return PollRepContent.GetInstance(o); + default: + throw new ArgumentException("unknown tag number: " + type, "type"); + } + } + + public virtual int Type + { + get { return tagNo; } + } + + public virtual Asn1Encodable Content + { + get { return body; } + } + + /** + * 
+         * PkiBody ::= CHOICE {       -- message-specific body elements
+         *        ir       [0]  CertReqMessages,        --Initialization Request
+         *        ip       [1]  CertRepMessage,         --Initialization Response
+         *        cr       [2]  CertReqMessages,        --Certification Request
+         *        cp       [3]  CertRepMessage,         --Certification Response
+         *        p10cr    [4]  CertificationRequest,   --imported from [PKCS10]
+         *        popdecc  [5]  POPODecKeyChallContent, --pop Challenge
+         *        popdecr  [6]  POPODecKeyRespContent,  --pop Response
+         *        kur      [7]  CertReqMessages,        --Key Update Request
+         *        kup      [8]  CertRepMessage,         --Key Update Response
+         *        krr      [9]  CertReqMessages,        --Key Recovery Request
+         *        krp      [10] KeyRecRepContent,       --Key Recovery Response
+         *        rr       [11] RevReqContent,          --Revocation Request
+         *        rp       [12] RevRepContent,          --Revocation Response
+         *        ccr      [13] CertReqMessages,        --Cross-Cert. Request
+         *        ccp      [14] CertRepMessage,         --Cross-Cert. Response
+         *        ckuann   [15] CAKeyUpdAnnContent,     --CA Key Update Ann.
+         *        cann     [16] CertAnnContent,         --Certificate Ann.
+         *        rann     [17] RevAnnContent,          --Revocation Ann.
+         *        crlann   [18] CRLAnnContent,          --CRL Announcement
+         *        pkiconf  [19] PKIConfirmContent,      --Confirmation
+         *        nested   [20] NestedMessageContent,   --Nested Message
+         *        genm     [21] GenMsgContent,          --General Message
+         *        genp     [22] GenRepContent,          --General Response
+         *        error    [23] ErrorMsgContent,        --Error Message
+         *        certConf [24] CertConfirmContent,     --Certificate confirm
+         *        pollReq  [25] PollReqContent,         --Polling request
+         *        pollRep  [26] PollRepContent          --Polling response
+         * }
+         *
+ * @return a basic ASN.1 object representation. + */ + public override Asn1Object ToAsn1Object() + { + return new DerTaggedObject(true, tagNo, body); + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/cmp/PKIConfirmContent.cs b/BouncyCastle/crypto/src/asn1/cmp/PKIConfirmContent.cs new file mode 100644 index 0000000..d154427 --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/cmp/PKIConfirmContent.cs @@ -0,0 +1,36 @@ +using System; + +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Asn1.Cmp +{ + public class PkiConfirmContent + : Asn1Encodable + { + public static PkiConfirmContent GetInstance(object obj) + { + if (obj is PkiConfirmContent) + return (PkiConfirmContent)obj; + + if (obj is Asn1Null) + return new PkiConfirmContent(); + + throw new ArgumentException("Invalid object: " + Platform.GetTypeName(obj), "obj"); + } + + public PkiConfirmContent() + { + } + + /** + * 
+		 * PkiConfirmContent ::= NULL
+		 *
+ * @return a basic ASN.1 object representation. + */ + public override Asn1Object ToAsn1Object() + { + return DerNull.Instance; + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/cmp/PKIFailureInfo.cs b/BouncyCastle/crypto/src/asn1/cmp/PKIFailureInfo.cs new file mode 100644 index 0000000..75a3ff0 --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/cmp/PKIFailureInfo.cs @@ -0,0 +1,96 @@ +using System; + +namespace Org.BouncyCastle.Asn1.Cmp +{ + /** + * 
+     * PKIFailureInfo ::= BIT STRING {
+     * badAlg               (0),
+     *   -- unrecognized or unsupported Algorithm Identifier
+     * badMessageCheck      (1), -- integrity check failed (e.g., signature did not verify)
+     * badRequest           (2),
+     *   -- transaction not permitted or supported
+     * badTime              (3), -- messageTime was not sufficiently close to the system time, as defined by local policy
+     * badCertId            (4), -- no certificate could be found matching the provided criteria
+     * badDataFormat        (5),
+     *   -- the data submitted has the wrong format
+     * wrongAuthority       (6), -- the authority indicated in the request is different from the one creating the response token
+     * incorrectData        (7), -- the requester's data is incorrect (for notary services)
+     * missingTimeStamp     (8), -- when the timestamp is missing but should be there (by policy)
+     * badPOP               (9)  -- the proof-of-possession failed
+     * certRevoked         (10),
+     * certConfirmed       (11),
+     * wrongIntegrity      (12),
+     * badRecipientNonce   (13), 
+     * timeNotAvailable    (14),
+     *   -- the TSA's time source is not available
+     * unacceptedPolicy    (15),
+     *   -- the requested TSA policy is not supported by the TSA
+     * unacceptedExtension (16),
+     *   -- the requested extension is not supported by the TSA
+     * addInfoNotAvailable (17)
+     *   -- the additional information requested could not be understood
+     *   -- or is not available
+     * badSenderNonce      (18),
+     * badCertTemplate     (19),
+     * signerNotTrusted    (20),
+     * transactionIdInUse  (21),
+     * unsupportedVersion  (22),
+     * notAuthorized       (23),
+     * systemUnavail       (24),    
+     * systemFailure       (25),
+     *   -- the request cannot be handled due to system failure
+     * duplicateCertReq    (26) 
+     *
+ */ + public class PkiFailureInfo + : DerBitString + { + public const int BadAlg = (1 << 7); // unrecognized or unsupported Algorithm Identifier + public const int BadMessageCheck = (1 << 6); // integrity check failed (e.g., signature did not verify) + public const int BadRequest = (1 << 5); + public const int BadTime = (1 << 4); // -- messageTime was not sufficiently close to the system time, as defined by local policy + public const int BadCertId = (1 << 3); // no certificate could be found matching the provided criteria + public const int BadDataFormat = (1 << 2); + public const int WrongAuthority = (1 << 1); // the authority indicated in the request is different from the one creating the response token + public const int IncorrectData = 1; // the requester's data is incorrect (for notary services) + public const int MissingTimeStamp = (1 << 15); // when the timestamp is missing but should be there (by policy) + public const int BadPop = (1 << 14); // the proof-of-possession failed + public const int CertRevoked = (1 << 13); + public const int CertConfirmed = (1 << 12); + public const int WrongIntegrity = (1 << 11); + public const int BadRecipientNonce = (1 << 10); + public const int TimeNotAvailable = (1 << 9); // the TSA's time source is not available + public const int UnacceptedPolicy = (1 << 8); // the requested TSA policy is not supported by the TSA + public const int UnacceptedExtension = (1 << 23); //the requested extension is not supported by the TSA + public const int AddInfoNotAvailable = (1 << 22); //the additional information requested could not be understood or is not available + public const int BadSenderNonce = (1 << 21); + public const int BadCertTemplate = (1 << 20); + public const int SignerNotTrusted = (1 << 19); + public const int TransactionIdInUse = (1 << 18); + public const int UnsupportedVersion = (1 << 17); + public const int NotAuthorized = (1 << 16); + public const int SystemUnavail = (1 << 31); + public const int SystemFailure = (1 << 30); //the request cannot be handled due to system failure + public const int DuplicateCertReq = (1 << 29); + + /** + * Basic constructor. + */ + public PkiFailureInfo(int info) + : base(info) + { + } + + public PkiFailureInfo( + DerBitString info) + : base(info.GetBytes(), info.PadBits) + { + } + + public override string ToString() + { + return "PkiFailureInfo: 0x" + this.IntValue.ToString("X"); + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/cmp/PKIFreeText.cs b/BouncyCastle/crypto/src/asn1/cmp/PKIFreeText.cs new file mode 100644 index 0000000..fef5254 --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/cmp/PKIFreeText.cs @@ -0,0 +1,99 @@ +using System; +using System.Collections; + +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Asn1.Cmp +{ + public class PkiFreeText + : Asn1Encodable + { + internal Asn1Sequence strings; + + public static PkiFreeText GetInstance( + Asn1TaggedObject obj, + bool isExplicit) + { + return GetInstance(Asn1Sequence.GetInstance(obj, isExplicit)); + } + + public static PkiFreeText GetInstance( + object obj) + { + if (obj is PkiFreeText) + { + return (PkiFreeText)obj; + } + else if (obj is Asn1Sequence) + { + return new PkiFreeText((Asn1Sequence)obj); + } + + throw new ArgumentException("Unknown object in factory: " + Platform.GetTypeName(obj), "obj"); + } + + public PkiFreeText( + Asn1Sequence seq) + { + foreach (object o in seq) + { + if (!(o is DerUtf8String)) + { + throw new ArgumentException("attempt to insert non UTF8 STRING into PkiFreeText"); + } + } + + this.strings = seq; + } + + public PkiFreeText( + DerUtf8String p) + { + strings = new DerSequence(p); + } + + /** + * Return the number of string elements present. + * + * @return number of elements present. + */ + [Obsolete("Use 'Count' property instead")] + public int Size + { + get { return strings.Count; } + } + + public int Count + { + get { return strings.Count; } + } + + /** + * Return the UTF8STRING at index. + * + * @param index index of the string of interest + * @return the string at index. + */ + public DerUtf8String this[int index] + { + get { return (DerUtf8String) strings[index]; } + } + + [Obsolete("Use 'object[index]' syntax instead")] + public DerUtf8String GetStringAt( + int index) + { + return this[index]; + } + + /** + * 
+		 * PkiFreeText ::= SEQUENCE SIZE (1..MAX) OF UTF8String
+		 *
+ */ + public override Asn1Object ToAsn1Object() + { + return strings; + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/cmp/PKIHeader.cs b/BouncyCastle/crypto/src/asn1/cmp/PKIHeader.cs new file mode 100644 index 0000000..7b62962 --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/cmp/PKIHeader.cs @@ -0,0 +1,228 @@ +using System; + +using Org.BouncyCastle.Asn1.X509; +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Asn1.Cmp +{ + public class PkiHeader + : Asn1Encodable + { + /** + * Value for a "null" recipient or sender. + */ + public static readonly GeneralName NULL_NAME = new GeneralName(X509Name.GetInstance(new DerSequence())); + + public static readonly int CMP_1999 = 1; + public static readonly int CMP_2000 = 2; + + private readonly DerInteger pvno; + private readonly GeneralName sender; + private readonly GeneralName recipient; + private readonly DerGeneralizedTime messageTime; + private readonly AlgorithmIdentifier protectionAlg; + private readonly Asn1OctetString senderKID; // KeyIdentifier + private readonly Asn1OctetString recipKID; // KeyIdentifier + private readonly Asn1OctetString transactionID; + private readonly Asn1OctetString senderNonce; + private readonly Asn1OctetString recipNonce; + private readonly PkiFreeText freeText; + private readonly Asn1Sequence generalInfo; + + private PkiHeader(Asn1Sequence seq) + { + pvno = DerInteger.GetInstance(seq[0]); + sender = GeneralName.GetInstance(seq[1]); + recipient = GeneralName.GetInstance(seq[2]); + + for (int pos = 3; pos < seq.Count; ++pos) + { + Asn1TaggedObject tObj = (Asn1TaggedObject)seq[pos]; + + switch (tObj.TagNo) + { + case 0: + messageTime = DerGeneralizedTime.GetInstance(tObj, true); + break; + case 1: + protectionAlg = AlgorithmIdentifier.GetInstance(tObj, true); + break; + case 2: + senderKID = Asn1OctetString.GetInstance(tObj, true); + break; + case 3: + recipKID = Asn1OctetString.GetInstance(tObj, true); + break; + case 4: + transactionID = Asn1OctetString.GetInstance(tObj, true); + break; + case 5: + senderNonce = Asn1OctetString.GetInstance(tObj, true); + break; + case 6: + recipNonce = Asn1OctetString.GetInstance(tObj, true); + break; + case 7: + freeText = PkiFreeText.GetInstance(tObj, true); + break; + case 8: + generalInfo = Asn1Sequence.GetInstance(tObj, true); + break; + default: + throw new ArgumentException("unknown tag number: " + tObj.TagNo, "seq"); + } + } + } + + public static PkiHeader GetInstance(object obj) + { + if (obj is PkiHeader) + return (PkiHeader)obj; + + if (obj is Asn1Sequence) + return new PkiHeader((Asn1Sequence)obj); + + throw new ArgumentException("Invalid object: " + Platform.GetTypeName(obj), "obj"); + } + + public PkiHeader( + int pvno, + GeneralName sender, + GeneralName recipient) + : this(new DerInteger(pvno), sender, recipient) + { + } + + private PkiHeader( + DerInteger pvno, + GeneralName sender, + GeneralName recipient) + { + this.pvno = pvno; + this.sender = sender; + this.recipient = recipient; + } + + public virtual DerInteger Pvno + { + get { return pvno; } + } + + public virtual GeneralName Sender + { + get { return sender; } + } + + public virtual GeneralName Recipient + { + get { return recipient; } + } + + public virtual DerGeneralizedTime MessageTime + { + get { return messageTime; } + } + + public virtual AlgorithmIdentifier ProtectionAlg + { + get { return protectionAlg; } + } + + public virtual Asn1OctetString SenderKID + { + get { return senderKID; } + } + + public virtual Asn1OctetString RecipKID + { + get { return recipKID; } + } + + public virtual Asn1OctetString TransactionID + { + get { return transactionID; } + } + + public virtual Asn1OctetString SenderNonce + { + get { return senderNonce; } + } + + public virtual Asn1OctetString RecipNonce + { + get { return recipNonce; } + } + + public virtual PkiFreeText FreeText + { + get { return freeText; } + } + + public virtual InfoTypeAndValue[] GetGeneralInfo() + { + if (generalInfo == null) + { + return null; + } + InfoTypeAndValue[] results = new InfoTypeAndValue[generalInfo.Count]; + for (int i = 0; i < results.Length; i++) + { + results[i] = InfoTypeAndValue.GetInstance(generalInfo[i]); + } + return results; + } + + /** + * 
+         *  PkiHeader ::= SEQUENCE {
+         *            pvno                INTEGER     { cmp1999(1), cmp2000(2) },
+         *            sender              GeneralName,
+         *            -- identifies the sender
+         *            recipient           GeneralName,
+         *            -- identifies the intended recipient
+         *            messageTime     [0] GeneralizedTime         OPTIONAL,
+         *            -- time of production of this message (used when sender
+         *            -- believes that the transport will be "suitable"; i.e.,
+         *            -- that the time will still be meaningful upon receipt)
+         *            protectionAlg   [1] AlgorithmIdentifier     OPTIONAL,
+         *            -- algorithm used for calculation of protection bits
+         *            senderKID       [2] KeyIdentifier           OPTIONAL,
+         *            recipKID        [3] KeyIdentifier           OPTIONAL,
+         *            -- to identify specific keys used for protection
+         *            transactionID   [4] OCTET STRING            OPTIONAL,
+         *            -- identifies the transaction; i.e., this will be the same in
+         *            -- corresponding request, response, certConf, and PKIConf
+         *            -- messages
+         *            senderNonce     [5] OCTET STRING            OPTIONAL,
+         *            recipNonce      [6] OCTET STRING            OPTIONAL,
+         *            -- nonces used to provide replay protection, senderNonce
+         *            -- is inserted by the creator of this message; recipNonce
+         *            -- is a nonce previously inserted in a related message by
+         *            -- the intended recipient of this message
+         *            freeText        [7] PKIFreeText             OPTIONAL,
+         *            -- this may be used to indicate context-specific instructions
+         *            -- (this field is intended for human consumption)
+         *            generalInfo     [8] SEQUENCE SIZE (1..MAX) OF
+         *                                 InfoTypeAndValue     OPTIONAL
+         *            -- this may be used to convey context-specific information
+         *            -- (this field not primarily intended for human consumption)
+         * }
+         *
+ * @return a basic ASN.1 object representation. + */ + public override Asn1Object ToAsn1Object() + { + Asn1EncodableVector v = new Asn1EncodableVector(pvno, sender, recipient); + v.AddOptionalTagged(true, 0, messageTime); + v.AddOptionalTagged(true, 1, protectionAlg); + v.AddOptionalTagged(true, 2, senderKID); + v.AddOptionalTagged(true, 3, recipKID); + v.AddOptionalTagged(true, 4, transactionID); + v.AddOptionalTagged(true, 5, senderNonce); + v.AddOptionalTagged(true, 6, recipNonce); + v.AddOptionalTagged(true, 7, freeText); + v.AddOptionalTagged(true, 8, generalInfo); + return new DerSequence(v); + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/cmp/PKIHeaderBuilder.cs b/BouncyCastle/crypto/src/asn1/cmp/PKIHeaderBuilder.cs new file mode 100644 index 0000000..d771dda --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/cmp/PKIHeaderBuilder.cs @@ -0,0 +1,223 @@ +using System; + +using Org.BouncyCastle.Asn1.X509; + +namespace Org.BouncyCastle.Asn1.Cmp +{ + public class PkiHeaderBuilder + { + private DerInteger pvno; + private GeneralName sender; + private GeneralName recipient; + private DerGeneralizedTime messageTime; + private AlgorithmIdentifier protectionAlg; + private Asn1OctetString senderKID; // KeyIdentifier + private Asn1OctetString recipKID; // KeyIdentifier + private Asn1OctetString transactionID; + private Asn1OctetString senderNonce; + private Asn1OctetString recipNonce; + private PkiFreeText freeText; + private Asn1Sequence generalInfo; + + public PkiHeaderBuilder( + int pvno, + GeneralName sender, + GeneralName recipient) + : this(new DerInteger(pvno), sender, recipient) + { + } + + private PkiHeaderBuilder( + DerInteger pvno, + GeneralName sender, + GeneralName recipient) + { + this.pvno = pvno; + this.sender = sender; + this.recipient = recipient; + } + + public virtual PkiHeaderBuilder SetMessageTime(DerGeneralizedTime time) + { + messageTime = time; + return this; + } + + public virtual PkiHeaderBuilder SetProtectionAlg(AlgorithmIdentifier aid) + { + protectionAlg = aid; + return this; + } + + public virtual PkiHeaderBuilder SetSenderKID(byte[] kid) + { + return SetSenderKID(kid == null ? null : new DerOctetString(kid)); + } + + public virtual PkiHeaderBuilder SetSenderKID(Asn1OctetString kid) + { + senderKID = kid; + return this; + } + + public virtual PkiHeaderBuilder SetRecipKID(byte[] kid) + { + return SetRecipKID(kid == null ? null : new DerOctetString(kid)); + } + + public virtual PkiHeaderBuilder SetRecipKID(Asn1OctetString kid) + { + recipKID = kid; + return this; + } + + public virtual PkiHeaderBuilder SetTransactionID(byte[] tid) + { + return SetTransactionID(tid == null ? null : new DerOctetString(tid)); + } + + public virtual PkiHeaderBuilder SetTransactionID(Asn1OctetString tid) + { + transactionID = tid; + return this; + } + + public virtual PkiHeaderBuilder SetSenderNonce(byte[] nonce) + { + return SetSenderNonce(nonce == null ? null : new DerOctetString(nonce)); + } + + public virtual PkiHeaderBuilder SetSenderNonce(Asn1OctetString nonce) + { + senderNonce = nonce; + return this; + } + + public virtual PkiHeaderBuilder SetRecipNonce(byte[] nonce) + { + return SetRecipNonce(nonce == null ? null : new DerOctetString(nonce)); + } + + public virtual PkiHeaderBuilder SetRecipNonce(Asn1OctetString nonce) + { + recipNonce = nonce; + return this; + } + + public virtual PkiHeaderBuilder SetFreeText(PkiFreeText text) + { + freeText = text; + return this; + } + + public virtual PkiHeaderBuilder SetGeneralInfo(InfoTypeAndValue genInfo) + { + return SetGeneralInfo(MakeGeneralInfoSeq(genInfo)); + } + + public virtual PkiHeaderBuilder SetGeneralInfo(InfoTypeAndValue[] genInfos) + { + return SetGeneralInfo(MakeGeneralInfoSeq(genInfos)); + } + + public virtual PkiHeaderBuilder SetGeneralInfo(Asn1Sequence seqOfInfoTypeAndValue) + { + generalInfo = seqOfInfoTypeAndValue; + return this; + } + + private static Asn1Sequence MakeGeneralInfoSeq( + InfoTypeAndValue generalInfo) + { + return new DerSequence(generalInfo); + } + + private static Asn1Sequence MakeGeneralInfoSeq( + InfoTypeAndValue[] generalInfos) + { + Asn1Sequence genInfoSeq = null; + if (generalInfos != null) + { + Asn1EncodableVector v = new Asn1EncodableVector(); + for (int i = 0; i < generalInfos.Length; ++i) + { + v.Add(generalInfos[i]); + } + genInfoSeq = new DerSequence(v); + } + return genInfoSeq; + } + + /** + * 
+		 *  PKIHeader ::= SEQUENCE {
+		 *            pvno                INTEGER     { cmp1999(1), cmp2000(2) },
+		 *            sender              GeneralName,
+		 *            -- identifies the sender
+		 *            recipient           GeneralName,
+		 *            -- identifies the intended recipient
+		 *            messageTime     [0] GeneralizedTime         OPTIONAL,
+		 *            -- time of production of this message (used when sender
+		 *            -- believes that the transport will be "suitable"; i.e.,
+		 *            -- that the time will still be meaningful upon receipt)
+		 *            protectionAlg   [1] AlgorithmIdentifier     OPTIONAL,
+		 *            -- algorithm used for calculation of protection bits
+		 *            senderKID       [2] KeyIdentifier           OPTIONAL,
+		 *            recipKID        [3] KeyIdentifier           OPTIONAL,
+		 *            -- to identify specific keys used for protection
+		 *            transactionID   [4] OCTET STRING            OPTIONAL,
+		 *            -- identifies the transaction; i.e., this will be the same in
+		 *            -- corresponding request, response, certConf, and PKIConf
+		 *            -- messages
+		 *            senderNonce     [5] OCTET STRING            OPTIONAL,
+		 *            recipNonce      [6] OCTET STRING            OPTIONAL,
+		 *            -- nonces used to provide replay protection, senderNonce
+		 *            -- is inserted by the creator of this message; recipNonce
+		 *            -- is a nonce previously inserted in a related message by
+		 *            -- the intended recipient of this message
+		 *            freeText        [7] PKIFreeText             OPTIONAL,
+		 *            -- this may be used to indicate context-specific instructions
+		 *            -- (this field is intended for human consumption)
+		 *            generalInfo     [8] SEQUENCE SIZE (1..MAX) OF
+		 *                                 InfoTypeAndValue     OPTIONAL
+		 *            -- this may be used to convey context-specific information
+		 *            -- (this field not primarily intended for human consumption)
+		 * }
+		 *
+ * @return a basic ASN.1 object representation. + */ + public virtual PkiHeader Build() + { + Asn1EncodableVector v = new Asn1EncodableVector(pvno, sender, recipient); + AddOptional(v, 0, messageTime); + AddOptional(v, 1, protectionAlg); + AddOptional(v, 2, senderKID); + AddOptional(v, 3, recipKID); + AddOptional(v, 4, transactionID); + AddOptional(v, 5, senderNonce); + AddOptional(v, 6, recipNonce); + AddOptional(v, 7, freeText); + AddOptional(v, 8, generalInfo); + + messageTime = null; + protectionAlg = null; + senderKID = null; + recipKID = null; + transactionID = null; + senderNonce = null; + recipNonce = null; + freeText = null; + generalInfo = null; + + return PkiHeader.GetInstance(new DerSequence(v)); + } + + private void AddOptional(Asn1EncodableVector v, int tagNo, Asn1Encodable obj) + { + if (obj != null) + { + v.Add(new DerTaggedObject(true, tagNo, obj)); + } + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/cmp/PKIMessage.cs b/BouncyCastle/crypto/src/asn1/cmp/PKIMessage.cs new file mode 100644 index 0000000..c87bf21 --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/cmp/PKIMessage.cs @@ -0,0 +1,130 @@ +using System; + +namespace Org.BouncyCastle.Asn1.Cmp +{ + public class PkiMessage + : Asn1Encodable + { + private readonly PkiHeader header; + private readonly PkiBody body; + private readonly DerBitString protection; + private readonly Asn1Sequence extraCerts; + + private PkiMessage(Asn1Sequence seq) + { + header = PkiHeader.GetInstance(seq[0]); + body = PkiBody.GetInstance(seq[1]); + + for (int pos = 2; pos < seq.Count; ++pos) + { + Asn1TaggedObject tObj = (Asn1TaggedObject)seq[pos].ToAsn1Object(); + + if (tObj.TagNo == 0) + { + protection = DerBitString.GetInstance(tObj, true); + } + else + { + extraCerts = Asn1Sequence.GetInstance(tObj, true); + } + } + } + + public static PkiMessage GetInstance(object obj) + { + if (obj is PkiMessage) + return (PkiMessage)obj; + + if (obj != null) + return new PkiMessage(Asn1Sequence.GetInstance(obj)); + + return null; + } + + /** + * Creates a new PkiMessage. + * + * @param header message header + * @param body message body + * @param protection message protection (may be null) + * @param extraCerts extra certificates (may be null) + */ + public PkiMessage( + PkiHeader header, + PkiBody body, + DerBitString protection, + CmpCertificate[] extraCerts) + { + this.header = header; + this.body = body; + this.protection = protection; + if (extraCerts != null) + { + this.extraCerts = new DerSequence(extraCerts); + } + } + + public PkiMessage( + PkiHeader header, + PkiBody body, + DerBitString protection) + : this(header, body, protection, null) + { + } + + public PkiMessage( + PkiHeader header, + PkiBody body) + : this(header, body, null, null) + { + } + + public virtual PkiHeader Header + { + get { return header; } + } + + public virtual PkiBody Body + { + get { return body; } + } + + public virtual DerBitString Protection + { + get { return protection; } + } + + public virtual CmpCertificate[] GetExtraCerts() + { + if (extraCerts == null) + return null; + + CmpCertificate[] results = new CmpCertificate[extraCerts.Count]; + for (int i = 0; i < results.Length; ++i) + { + results[i] = CmpCertificate.GetInstance(extraCerts[i]); + } + return results; + } + + /** + * 
+         * PkiMessage ::= SEQUENCE {
+         *                  header           PKIHeader,
+         *                  body             PKIBody,
+         *                  protection   [0] PKIProtection OPTIONAL,
+         *                  extraCerts   [1] SEQUENCE SIZE (1..MAX) OF CMPCertificate
+         *                                                                     OPTIONAL
+         * }
+         *
+ * @return a basic ASN.1 object representation. + */ + public override Asn1Object ToAsn1Object() + { + Asn1EncodableVector v = new Asn1EncodableVector(header, body); + v.AddOptionalTagged(true, 0, protection); + v.AddOptionalTagged(true, 1, extraCerts); + return new DerSequence(v); + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/cmp/PKIMessages.cs b/BouncyCastle/crypto/src/asn1/cmp/PKIMessages.cs new file mode 100644 index 0000000..eb01e54 --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/cmp/PKIMessages.cs @@ -0,0 +1,54 @@ +using System; + +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Asn1.Cmp +{ + public class PkiMessages + : Asn1Encodable + { + private Asn1Sequence content; + + private PkiMessages(Asn1Sequence seq) + { + content = seq; + } + + public static PkiMessages GetInstance(object obj) + { + if (obj is PkiMessages) + return (PkiMessages)obj; + + if (obj is Asn1Sequence) + return new PkiMessages((Asn1Sequence)obj); + + throw new ArgumentException("Invalid object: " + Platform.GetTypeName(obj), "obj"); + } + + public PkiMessages(params PkiMessage[] msgs) + { + content = new DerSequence(msgs); + } + + public virtual PkiMessage[] ToPkiMessageArray() + { + PkiMessage[] result = new PkiMessage[content.Count]; + for (int i = 0; i != result.Length; ++i) + { + result[i] = PkiMessage.GetInstance(content[i]); + } + return result; + } + + /** + * 
+         * PkiMessages ::= SEQUENCE SIZE (1..MAX) OF PkiMessage
+         *
+ * @return a basic ASN.1 object representation. + */ + public override Asn1Object ToAsn1Object() + { + return content; + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/cmp/PKIStatus.cs b/BouncyCastle/crypto/src/asn1/cmp/PKIStatus.cs new file mode 100644 index 0000000..ba757df --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/cmp/PKIStatus.cs @@ -0,0 +1,63 @@ +using System; + +using Org.BouncyCastle.Math; +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Asn1.Cmp +{ + public enum PkiStatus + { + Granted = 0, + GrantedWithMods = 1, + Rejection = 2, + Waiting = 3, + RevocationWarning = 4, + RevocationNotification = 5, + KeyUpdateWarning = 6, + } + + public class PkiStatusEncodable + : Asn1Encodable + { + public static readonly PkiStatusEncodable granted = new PkiStatusEncodable(PkiStatus.Granted); + public static readonly PkiStatusEncodable grantedWithMods = new PkiStatusEncodable(PkiStatus.GrantedWithMods); + public static readonly PkiStatusEncodable rejection = new PkiStatusEncodable(PkiStatus.Rejection); + public static readonly PkiStatusEncodable waiting = new PkiStatusEncodable(PkiStatus.Waiting); + public static readonly PkiStatusEncodable revocationWarning = new PkiStatusEncodable(PkiStatus.RevocationWarning); + public static readonly PkiStatusEncodable revocationNotification = new PkiStatusEncodable(PkiStatus.RevocationNotification); + public static readonly PkiStatusEncodable keyUpdateWaiting = new PkiStatusEncodable(PkiStatus.KeyUpdateWarning); + + private readonly DerInteger status; + + private PkiStatusEncodable(PkiStatus status) + : this(new DerInteger((int)status)) + { + } + + private PkiStatusEncodable(DerInteger status) + { + this.status = status; + } + + public static PkiStatusEncodable GetInstance(object obj) + { + if (obj is PkiStatusEncodable) + return (PkiStatusEncodable)obj; + + if (obj is DerInteger) + return new PkiStatusEncodable((DerInteger)obj); + + throw new ArgumentException("Invalid object: " + Platform.GetTypeName(obj), "obj"); + } + + public virtual BigInteger Value + { + get { return status.Value; } + } + + public override Asn1Object ToAsn1Object() + { + return status; + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/cmp/PKIStatusInfo.cs b/BouncyCastle/crypto/src/asn1/cmp/PKIStatusInfo.cs new file mode 100644 index 0000000..c9f64bf --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/cmp/PKIStatusInfo.cs @@ -0,0 +1,156 @@ +using System; + +using Org.BouncyCastle.Math; +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Asn1.Cmp +{ + public class PkiStatusInfo + : Asn1Encodable + { + DerInteger status; + PkiFreeText statusString; + DerBitString failInfo; + + public static PkiStatusInfo GetInstance( + Asn1TaggedObject obj, + bool isExplicit) + { + return GetInstance(Asn1Sequence.GetInstance(obj, isExplicit)); + } + + public static PkiStatusInfo GetInstance( + object obj) + { + if (obj is PkiStatusInfo) + { + return (PkiStatusInfo)obj; + } + else if (obj is Asn1Sequence) + { + return new PkiStatusInfo((Asn1Sequence)obj); + } + + throw new ArgumentException("Unknown object in factory: " + Platform.GetTypeName(obj), "obj"); + } + + public PkiStatusInfo( + Asn1Sequence seq) + { + this.status = DerInteger.GetInstance(seq[0]); + + this.statusString = null; + this.failInfo = null; + + if (seq.Count > 2) + { + this.statusString = PkiFreeText.GetInstance(seq[1]); + this.failInfo = DerBitString.GetInstance(seq[2]); + } + else if (seq.Count > 1) + { + object obj = seq[1]; + if (obj is DerBitString) + { + this.failInfo = DerBitString.GetInstance(obj); + } + else + { + this.statusString = PkiFreeText.GetInstance(obj); + } + } + } + + /** + * @param status + */ + public PkiStatusInfo(int status) + { + this.status = new DerInteger(status); + } + + /** + * @param status + * @param statusString + */ + public PkiStatusInfo( + int status, + PkiFreeText statusString) + { + this.status = new DerInteger(status); + this.statusString = statusString; + } + + public PkiStatusInfo( + int status, + PkiFreeText statusString, + PkiFailureInfo failInfo) + { + this.status = new DerInteger(status); + this.statusString = statusString; + this.failInfo = failInfo; + } + + public BigInteger Status + { + get + { + return status.Value; + } + } + + public PkiFreeText StatusString + { + get + { + return statusString; + } + } + + public DerBitString FailInfo + { + get + { + return failInfo; + } + } + + /** + * 
+		 * PkiStatusInfo ::= SEQUENCE {
+		 *     status        PKIStatus,                (INTEGER)
+		 *     statusString  PkiFreeText     OPTIONAL,
+		 *     failInfo      PkiFailureInfo  OPTIONAL  (BIT STRING)
+		 * }
+		 *
+		 * PKIStatus:
+		 *   granted                (0), -- you got exactly what you asked for
+		 *   grantedWithMods        (1), -- you got something like what you asked for
+		 *   rejection              (2), -- you don't get it, more information elsewhere in the message
+		 *   waiting                (3), -- the request body part has not yet been processed, expect to hear more later
+		 *   revocationWarning      (4), -- this message contains a warning that a revocation is imminent
+		 *   revocationNotification (5), -- notification that a revocation has occurred
+		 *   keyUpdateWarning       (6)  -- update already done for the oldCertId specified in CertReqMsg
+		 *
+		 * PkiFailureInfo:
+		 *   badAlg           (0), -- unrecognized or unsupported Algorithm Identifier
+		 *   badMessageCheck  (1), -- integrity check failed (e.g., signature did not verify)
+		 *   badRequest       (2), -- transaction not permitted or supported
+		 *   badTime          (3), -- messageTime was not sufficiently close to the system time, as defined by local policy
+		 *   badCertId        (4), -- no certificate could be found matching the provided criteria
+		 *   badDataFormat    (5), -- the data submitted has the wrong format
+		 *   wrongAuthority   (6), -- the authority indicated in the request is different from the one creating the response token
+		 *   incorrectData    (7), -- the requester's data is incorrect (for notary services)
+		 *   missingTimeStamp (8), -- when the timestamp is missing but should be there (by policy)
+		 *   badPOP           (9)  -- the proof-of-possession failed
+		 *
+		 *
+ */ + public override Asn1Object ToAsn1Object() + { + Asn1EncodableVector v = new Asn1EncodableVector(status); + v.AddOptional(statusString, failInfo); + return new DerSequence(v); + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/cmp/PbmParameter.cs b/BouncyCastle/crypto/src/asn1/cmp/PbmParameter.cs new file mode 100644 index 0000000..206b89b --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/cmp/PbmParameter.cs @@ -0,0 +1,101 @@ +using System; + +using Org.BouncyCastle.Asn1.X509; +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Asn1.Cmp +{ + public class PbmParameter + : Asn1Encodable + { + private Asn1OctetString salt; + private AlgorithmIdentifier owf; + private DerInteger iterationCount; + private AlgorithmIdentifier mac; + + private PbmParameter(Asn1Sequence seq) + { + salt = Asn1OctetString.GetInstance(seq[0]); + owf = AlgorithmIdentifier.GetInstance(seq[1]); + iterationCount = DerInteger.GetInstance(seq[2]); + mac = AlgorithmIdentifier.GetInstance(seq[3]); + } + + public static PbmParameter GetInstance(object obj) + { + if (obj is PbmParameter) + return (PbmParameter)obj; + + if (obj is Asn1Sequence) + return new PbmParameter((Asn1Sequence)obj); + + throw new ArgumentException("Invalid object: " + Platform.GetTypeName(obj), "obj"); + } + + public PbmParameter( + byte[] salt, + AlgorithmIdentifier owf, + int iterationCount, + AlgorithmIdentifier mac) + : this(new DerOctetString(salt), owf, new DerInteger(iterationCount), mac) + { + } + + public PbmParameter( + Asn1OctetString salt, + AlgorithmIdentifier owf, + DerInteger iterationCount, + AlgorithmIdentifier mac) + { + this.salt = salt; + this.owf = owf; + this.iterationCount = iterationCount; + this.mac = mac; + } + + public virtual Asn1OctetString Salt + { + get { return salt; } + } + + public virtual AlgorithmIdentifier Owf + { + get { return owf; } + } + + public virtual DerInteger IterationCount + { + get { return iterationCount; } + } + + public virtual AlgorithmIdentifier Mac + { + get { return mac; } + } + + /** + * 
+         *  PbmParameter ::= SEQUENCE {
+         *                        salt                OCTET STRING,
+         *                        -- note:  implementations MAY wish to limit acceptable sizes
+         *                        -- of this string to values appropriate for their environment
+         *                        -- in order to reduce the risk of denial-of-service attacks
+         *                        owf                 AlgorithmIdentifier,
+         *                        -- AlgId for a One-Way Function (SHA-1 recommended)
+         *                        iterationCount      INTEGER,
+         *                        -- number of times the OWF is applied
+         *                        -- note:  implementations MAY wish to limit acceptable sizes
+         *                        -- of this integer to values appropriate for their environment
+         *                        -- in order to reduce the risk of denial-of-service attacks
+         *                        mac                 AlgorithmIdentifier
+         *                        -- the MAC AlgId (e.g., DES-MAC, Triple-DES-MAC [PKCS11],
+         *    }   -- or HMAC [RFC2104, RFC2202])
+         *
+ * @return a basic ASN.1 object representation. + */ + public override Asn1Object ToAsn1Object() + { + return new DerSequence(salt, owf, iterationCount, mac); + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/cmp/PollRepContent.cs b/BouncyCastle/crypto/src/asn1/cmp/PollRepContent.cs new file mode 100644 index 0000000..ff75d7d --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/cmp/PollRepContent.cs @@ -0,0 +1,87 @@ +using System; + +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Asn1.Cmp +{ + public class PollRepContent + : Asn1Encodable + { + private readonly DerInteger certReqId; + private readonly DerInteger checkAfter; + private readonly PkiFreeText reason; + + private PollRepContent(Asn1Sequence seq) + { + certReqId = DerInteger.GetInstance(seq[0]); + checkAfter = DerInteger.GetInstance(seq[1]); + + if (seq.Count > 2) + { + reason = PkiFreeText.GetInstance(seq[2]); + } + } + + public static PollRepContent GetInstance(object obj) + { + if (obj is PollRepContent) + return (PollRepContent)obj; + + if (obj is Asn1Sequence) + return new PollRepContent((Asn1Sequence)obj); + + throw new ArgumentException("Invalid object: " + Platform.GetTypeName(obj), "obj"); + } + + public PollRepContent( + DerInteger certReqId, + DerInteger checkAfter) + { + this.certReqId = certReqId; + this.checkAfter = checkAfter; + this.reason = null; + } + + public PollRepContent( + DerInteger certReqId, + DerInteger checkAfter, + PkiFreeText reason) + { + this.certReqId = certReqId; + this.checkAfter = checkAfter; + this.reason = reason; + } + + public virtual DerInteger CertReqID + { + get { return certReqId; } + } + + public virtual DerInteger CheckAfter + { + get { return checkAfter; } + } + + public virtual PkiFreeText Reason + { + get { return reason; } + } + + /** + * 
+		 * PollRepContent ::= SEQUENCE OF SEQUENCE {
+		 *         certReqId              INTEGER,
+		 *         checkAfter             INTEGER,  -- time in seconds
+		 *         reason                 PKIFreeText OPTIONAL
+		 *     }
+		 *
+ * @return a basic ASN.1 object representation. + */ + public override Asn1Object ToAsn1Object() + { + Asn1EncodableVector v = new Asn1EncodableVector(certReqId, checkAfter); + v.AddOptional(reason); + return new DerSequence(v); + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/cmp/PollReqContent.cs b/BouncyCastle/crypto/src/asn1/cmp/PollReqContent.cs new file mode 100644 index 0000000..dd9b0c3 --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/cmp/PollReqContent.cs @@ -0,0 +1,61 @@ +using System; + +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Asn1.Cmp +{ + public class PollReqContent + : Asn1Encodable + { + private readonly Asn1Sequence content; + + private PollReqContent(Asn1Sequence seq) + { + content = seq; + } + + public static PollReqContent GetInstance(object obj) + { + if (obj is PollReqContent) + return (PollReqContent)obj; + + if (obj is Asn1Sequence) + return new PollReqContent((Asn1Sequence)obj); + + throw new ArgumentException("Invalid object: " + Platform.GetTypeName(obj), "obj"); + } + + public virtual DerInteger[][] GetCertReqIDs() + { + DerInteger[][] result = new DerInteger[content.Count][]; + for (int i = 0; i != result.Length; ++i) + { + result[i] = SequenceToDerIntegerArray((Asn1Sequence)content[i]); + } + return result; + } + + private static DerInteger[] SequenceToDerIntegerArray(Asn1Sequence seq) + { + DerInteger[] result = new DerInteger[seq.Count]; + for (int i = 0; i != result.Length; ++i) + { + result[i] = DerInteger.GetInstance(seq[i]); + } + return result; + } + + /** + * 
+		 * PollReqContent ::= SEQUENCE OF SEQUENCE {
+		 *                        certReqId              INTEGER
+		 * }
+		 *
+ * @return a basic ASN.1 object representation. + */ + public override Asn1Object ToAsn1Object() + { + return content; + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/cmp/PopoDecKeyChallContent.cs b/BouncyCastle/crypto/src/asn1/cmp/PopoDecKeyChallContent.cs new file mode 100644 index 0000000..03a13a5 --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/cmp/PopoDecKeyChallContent.cs @@ -0,0 +1,49 @@ +using System; + +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Asn1.Cmp +{ + public class PopoDecKeyChallContent + : Asn1Encodable + { + private readonly Asn1Sequence content; + + private PopoDecKeyChallContent(Asn1Sequence seq) + { + content = seq; + } + + public static PopoDecKeyChallContent GetInstance(object obj) + { + if (obj is PopoDecKeyChallContent) + return (PopoDecKeyChallContent)obj; + + if (obj is Asn1Sequence) + return new PopoDecKeyChallContent((Asn1Sequence)obj); + + throw new ArgumentException("Invalid object: " + Platform.GetTypeName(obj), "obj"); + } + + public virtual Challenge[] ToChallengeArray() + { + Challenge[] result = new Challenge[content.Count]; + for (int i = 0; i != result.Length; ++i) + { + result[i] = Challenge.GetInstance(content[i]); + } + return result; + } + + /** + * 
+	     * PopoDecKeyChallContent ::= SEQUENCE OF Challenge
+	     *
+ * @return a basic ASN.1 object representation. + */ + public override Asn1Object ToAsn1Object() + { + return content; + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/cmp/PopoDecKeyRespContent.cs b/BouncyCastle/crypto/src/asn1/cmp/PopoDecKeyRespContent.cs new file mode 100644 index 0000000..73f59b7 --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/cmp/PopoDecKeyRespContent.cs @@ -0,0 +1,49 @@ +using System; + +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Asn1.Cmp +{ + public class PopoDecKeyRespContent + : Asn1Encodable + { + private readonly Asn1Sequence content; + + private PopoDecKeyRespContent(Asn1Sequence seq) + { + content = seq; + } + + public static PopoDecKeyRespContent GetInstance(object obj) + { + if (obj is PopoDecKeyRespContent) + return (PopoDecKeyRespContent)obj; + + if (obj is Asn1Sequence) + return new PopoDecKeyRespContent((Asn1Sequence)obj); + + throw new ArgumentException("Invalid object: " + Platform.GetTypeName(obj), "obj"); + } + + public virtual DerInteger[] ToDerIntegerArray() + { + DerInteger[] result = new DerInteger[content.Count]; + for (int i = 0; i != result.Length; ++i) + { + result[i] = DerInteger.GetInstance(content[i]); + } + return result; + } + + /** + * 
+		 * PopoDecKeyRespContent ::= SEQUENCE OF INTEGER
+		 *
+ * @return a basic ASN.1 object representation. + */ + public override Asn1Object ToAsn1Object() + { + return content; + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/cmp/ProtectedPart.cs b/BouncyCastle/crypto/src/asn1/cmp/ProtectedPart.cs new file mode 100644 index 0000000..ed90708 --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/cmp/ProtectedPart.cs @@ -0,0 +1,60 @@ +using System; + +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Asn1.Cmp +{ + public class ProtectedPart + : Asn1Encodable + { + private readonly PkiHeader header; + private readonly PkiBody body; + + private ProtectedPart(Asn1Sequence seq) + { + header = PkiHeader.GetInstance(seq[0]); + body = PkiBody.GetInstance(seq[1]); + } + + public static ProtectedPart GetInstance(object obj) + { + if (obj is ProtectedPart) + return (ProtectedPart)obj; + + if (obj is Asn1Sequence) + return new ProtectedPart((Asn1Sequence)obj); + + throw new ArgumentException("Invalid object: " + Platform.GetTypeName(obj), "obj"); + } + + public ProtectedPart(PkiHeader header, PkiBody body) + { + this.header = header; + this.body = body; + } + + public virtual PkiHeader Header + { + get { return header; } + } + + public virtual PkiBody Body + { + get { return body; } + } + + /** + * 
+		 * ProtectedPart ::= SEQUENCE {
+		 *                    header    PKIHeader,
+		 *                    body      PKIBody
+		 * }
+		 *
+ * @return a basic ASN.1 object representation. + */ + public override Asn1Object ToAsn1Object() + { + return new DerSequence(header, body); + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/cmp/RevAnnContent.cs b/BouncyCastle/crypto/src/asn1/cmp/RevAnnContent.cs new file mode 100644 index 0000000..d5d4262 --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/cmp/RevAnnContent.cs @@ -0,0 +1,87 @@ +using System; + +using Org.BouncyCastle.Asn1.Crmf; +using Org.BouncyCastle.Asn1.X509; +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Asn1.Cmp +{ + public class RevAnnContent + : Asn1Encodable + { + private readonly PkiStatusEncodable status; + private readonly CertId certId; + private readonly DerGeneralizedTime willBeRevokedAt; + private readonly DerGeneralizedTime badSinceDate; + private readonly X509Extensions crlDetails; + + private RevAnnContent(Asn1Sequence seq) + { + status = PkiStatusEncodable.GetInstance(seq[0]); + certId = CertId.GetInstance(seq[1]); + willBeRevokedAt = DerGeneralizedTime.GetInstance(seq[2]); + badSinceDate = DerGeneralizedTime.GetInstance(seq[3]); + + if (seq.Count > 4) + { + crlDetails = X509Extensions.GetInstance(seq[4]); + } + } + + public static RevAnnContent GetInstance(object obj) + { + if (obj is RevAnnContent) + return (RevAnnContent)obj; + + if (obj is Asn1Sequence) + return new RevAnnContent((Asn1Sequence)obj); + + throw new ArgumentException("Invalid object: " + Platform.GetTypeName(obj), "obj"); + } + + public virtual PkiStatusEncodable Status + { + get { return status; } + } + + public virtual CertId CertID + { + get { return certId; } + } + + public virtual DerGeneralizedTime WillBeRevokedAt + { + get { return willBeRevokedAt; } + } + + public virtual DerGeneralizedTime BadSinceDate + { + get { return badSinceDate; } + } + + public virtual X509Extensions CrlDetails + { + get { return crlDetails; } + } + + /** + * 
+		 * RevAnnContent ::= SEQUENCE {
+		 *       status              PKIStatus,
+		 *       certId              CertId,
+		 *       willBeRevokedAt     GeneralizedTime,
+		 *       badSinceDate        GeneralizedTime,
+		 *       crlDetails          Extensions  OPTIONAL
+		 *        -- extra CRL details (e.g., crl number, reason, location, etc.)
+		 * }
+		 *
+ * @return a basic ASN.1 object representation. + */ + public override Asn1Object ToAsn1Object() + { + Asn1EncodableVector v = new Asn1EncodableVector(status, certId, willBeRevokedAt, badSinceDate); + v.AddOptional(crlDetails); + return new DerSequence(v); + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/cmp/RevDetails.cs b/BouncyCastle/crypto/src/asn1/cmp/RevDetails.cs new file mode 100644 index 0000000..7d2a65a --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/cmp/RevDetails.cs @@ -0,0 +1,75 @@ +using System; + +using Org.BouncyCastle.Asn1.Crmf; +using Org.BouncyCastle.Asn1.X509; +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Asn1.Cmp +{ + public class RevDetails + : Asn1Encodable + { + private readonly CertTemplate certDetails; + private readonly X509Extensions crlEntryDetails; + + private RevDetails(Asn1Sequence seq) + { + certDetails = CertTemplate.GetInstance(seq[0]); + crlEntryDetails = seq.Count <= 1 + ? null + : X509Extensions.GetInstance(seq[1]); + } + + public static RevDetails GetInstance(object obj) + { + if (obj is RevDetails) + return (RevDetails)obj; + + if (obj is Asn1Sequence) + return new RevDetails((Asn1Sequence)obj); + + throw new ArgumentException("Invalid object: " + Platform.GetTypeName(obj), "obj"); + } + + public RevDetails(CertTemplate certDetails) + : this(certDetails, null) + { + } + + public RevDetails(CertTemplate certDetails, X509Extensions crlEntryDetails) + { + this.certDetails = certDetails; + this.crlEntryDetails = crlEntryDetails; + } + + public virtual CertTemplate CertDetails + { + get { return certDetails; } + } + + public virtual X509Extensions CrlEntryDetails + { + get { return crlEntryDetails; } + } + + /** + * 
+		* RevDetails ::= SEQUENCE {
+		*                  certDetails         CertTemplate,
+		*                   -- allows requester to specify as much as they can about
+		*                   -- the cert. for which revocation is requested
+		*                   -- (e.g., for cases in which serialNumber is not available)
+		*                   crlEntryDetails     Extensions       OPTIONAL
+		*                   -- requested crlEntryExtensions
+		*             }
+		*
+ * @return a basic ASN.1 object representation. + */ + public override Asn1Object ToAsn1Object() + { + Asn1EncodableVector v = new Asn1EncodableVector(certDetails); + v.AddOptional(crlEntryDetails); + return new DerSequence(v); + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/cmp/RevRepContent.cs b/BouncyCastle/crypto/src/asn1/cmp/RevRepContent.cs new file mode 100644 index 0000000..4b3f82b --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/cmp/RevRepContent.cs @@ -0,0 +1,104 @@ +using System; + +using Org.BouncyCastle.Asn1.Crmf; +using Org.BouncyCastle.Asn1.X509; +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Asn1.Cmp +{ + public class RevRepContent + : Asn1Encodable + { + private readonly Asn1Sequence status; + private readonly Asn1Sequence revCerts; + private readonly Asn1Sequence crls; + + private RevRepContent(Asn1Sequence seq) + { + status = Asn1Sequence.GetInstance(seq[0]); + + for (int pos = 1; pos < seq.Count; ++pos) + { + Asn1TaggedObject tObj = Asn1TaggedObject.GetInstance(seq[pos]); + + if (tObj.TagNo == 0) + { + revCerts = Asn1Sequence.GetInstance(tObj, true); + } + else + { + crls = Asn1Sequence.GetInstance(tObj, true); + } + } + } + + public static RevRepContent GetInstance(object obj) + { + if (obj is RevRepContent) + return (RevRepContent)obj; + + if (obj is Asn1Sequence) + return new RevRepContent((Asn1Sequence)obj); + + throw new ArgumentException("Invalid object: " + Platform.GetTypeName(obj), "obj"); + } + + public virtual PkiStatusInfo[] GetStatus() + { + PkiStatusInfo[] results = new PkiStatusInfo[status.Count]; + for (int i = 0; i != results.Length; ++i) + { + results[i] = PkiStatusInfo.GetInstance(status[i]); + } + return results; + } + + public virtual CertId[] GetRevCerts() + { + if (revCerts == null) + return null; + + CertId[] results = new CertId[revCerts.Count]; + for (int i = 0; i != results.Length; ++i) + { + results[i] = CertId.GetInstance(revCerts[i]); + } + return results; + } + + public virtual CertificateList[] GetCrls() + { + if (crls == null) + return null; + + CertificateList[] results = new CertificateList[crls.Count]; + for (int i = 0; i != results.Length; ++i) + { + results[i] = CertificateList.GetInstance(crls[i]); + } + return results; + } + + /** + * 
+		 * RevRepContent ::= SEQUENCE {
+		 *        status       SEQUENCE SIZE (1..MAX) OF PKIStatusInfo,
+		 *        -- in same order as was sent in RevReqContent
+		 *        revCerts [0] SEQUENCE SIZE (1..MAX) OF CertId OPTIONAL,
+		 *        -- IDs for which revocation was requested
+		 *        -- (same order as status)
+		 *        crls     [1] SEQUENCE SIZE (1..MAX) OF CertificateList OPTIONAL
+		 *        -- the resulting CRLs (there may be more than one)
+		 *   }
+		 *
+ * @return a basic ASN.1 object representation. + */ + public override Asn1Object ToAsn1Object() + { + Asn1EncodableVector v = new Asn1EncodableVector(status); + v.AddOptionalTagged(true, 0, revCerts); + v.AddOptionalTagged(true, 1, crls); + return new DerSequence(v); + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/cmp/RevRepContentBuilder.cs b/BouncyCastle/crypto/src/asn1/cmp/RevRepContentBuilder.cs new file mode 100644 index 0000000..cc17d1d --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/cmp/RevRepContentBuilder.cs @@ -0,0 +1,55 @@ +using System; + +using Org.BouncyCastle.Asn1.Crmf; +using Org.BouncyCastle.Asn1.X509; + +namespace Org.BouncyCastle.Asn1.Cmp +{ + public class RevRepContentBuilder + { + private readonly Asn1EncodableVector status = new Asn1EncodableVector(); + private readonly Asn1EncodableVector revCerts = new Asn1EncodableVector(); + private readonly Asn1EncodableVector crls = new Asn1EncodableVector(); + + public virtual RevRepContentBuilder Add(PkiStatusInfo status) + { + this.status.Add(status); + return this; + } + + public virtual RevRepContentBuilder Add(PkiStatusInfo status, CertId certId) + { + if (this.status.Count != this.revCerts.Count) + throw new InvalidOperationException("status and revCerts sequence must be in common order"); + + this.status.Add(status); + this.revCerts.Add(certId); + return this; + } + + public virtual RevRepContentBuilder AddCrl(CertificateList crl) + { + this.crls.Add(crl); + return this; + } + + public virtual RevRepContent Build() + { + Asn1EncodableVector v = new Asn1EncodableVector(); + + v.Add(new DerSequence(status)); + + if (revCerts.Count != 0) + { + v.Add(new DerTaggedObject(true, 0, new DerSequence(revCerts))); + } + + if (crls.Count != 0) + { + v.Add(new DerTaggedObject(true, 1, new DerSequence(crls))); + } + + return RevRepContent.GetInstance(new DerSequence(v)); + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/cmp/RevReqContent.cs b/BouncyCastle/crypto/src/asn1/cmp/RevReqContent.cs new file mode 100644 index 0000000..1522d37 --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/cmp/RevReqContent.cs @@ -0,0 +1,54 @@ +using System; + +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Asn1.Cmp +{ + public class RevReqContent + : Asn1Encodable + { + private readonly Asn1Sequence content; + + private RevReqContent(Asn1Sequence seq) + { + content = seq; + } + + public static RevReqContent GetInstance(object obj) + { + if (obj is RevReqContent) + return (RevReqContent)obj; + + if (obj is Asn1Sequence) + return new RevReqContent((Asn1Sequence)obj); + + throw new ArgumentException("Invalid object: " + Platform.GetTypeName(obj), "obj"); + } + + public RevReqContent(params RevDetails[] revDetails) + { + this.content = new DerSequence(revDetails); + } + + public virtual RevDetails[] ToRevDetailsArray() + { + RevDetails[] result = new RevDetails[content.Count]; + for (int i = 0; i != result.Length; ++i) + { + result[i] = RevDetails.GetInstance(content[i]); + } + return result; + } + + /** + * 
+		 * RevReqContent ::= SEQUENCE OF RevDetails
+		 *
+ * @return a basic ASN.1 object representation. + */ + public override Asn1Object ToAsn1Object() + { + return content; + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/cms/Attribute.cs b/BouncyCastle/crypto/src/asn1/cms/Attribute.cs new file mode 100644 index 0000000..69ac441 --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/cms/Attribute.cs @@ -0,0 +1,70 @@ +using System; + +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Asn1.Cms +{ + public class Attribute + : Asn1Encodable + { + private DerObjectIdentifier attrType; + private Asn1Set attrValues; + + /** + * return an Attribute object from the given object. + * + * @param o the object we want converted. + * @exception ArgumentException if the object cannot be converted. + */ + public static Attribute GetInstance( + object obj) + { + if (obj == null || obj is Attribute) + return (Attribute) obj; + + if (obj is Asn1Sequence) + return new Attribute((Asn1Sequence) obj); + + throw new ArgumentException("unknown object in factory: " + Platform.GetTypeName(obj), "obj"); + } + + public Attribute( + Asn1Sequence seq) + { + attrType = (DerObjectIdentifier)seq[0]; + attrValues = (Asn1Set)seq[1]; + } + + public Attribute( + DerObjectIdentifier attrType, + Asn1Set attrValues) + { + this.attrType = attrType; + this.attrValues = attrValues; + } + + public DerObjectIdentifier AttrType + { + get { return attrType; } + } + + public Asn1Set AttrValues + { + get { return attrValues; } + } + + /** + * Produce an object suitable for an Asn1OutputStream. + * 
+        * Attribute ::= SEQUENCE {
+        *     attrType OBJECT IDENTIFIER,
+        *     attrValues SET OF AttributeValue
+        * }
+        *
+ */ + public override Asn1Object ToAsn1Object() + { + return new DerSequence(attrType, attrValues); + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/cms/AttributeTable.cs b/BouncyCastle/crypto/src/asn1/cms/AttributeTable.cs new file mode 100644 index 0000000..8d357f1 --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/cms/AttributeTable.cs @@ -0,0 +1,231 @@ +using System; +using System.Collections; + +using Org.BouncyCastle.Asn1; +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Asn1.Cms +{ + public class AttributeTable + { + private readonly IDictionary attributes; + +#if !(SILVERLIGHT || PORTABLE) + [Obsolete] + public AttributeTable( + Hashtable attrs) + { + this.attributes = Platform.CreateHashtable(attrs); + } +#endif + + public AttributeTable( + IDictionary attrs) + { + this.attributes = Platform.CreateHashtable(attrs); + } + + public AttributeTable( + Asn1EncodableVector v) + { + this.attributes = Platform.CreateHashtable(v.Count); + + foreach (Asn1Encodable o in v) + { + Attribute a = Attribute.GetInstance(o); + + AddAttribute(a); + } + } + + public AttributeTable( + Asn1Set s) + { + this.attributes = Platform.CreateHashtable(s.Count); + + for (int i = 0; i != s.Count; i++) + { + Attribute a = Attribute.GetInstance(s[i]); + + AddAttribute(a); + } + } + + public AttributeTable( + Attributes attrs) + : this(Asn1Set.GetInstance(attrs.ToAsn1Object())) + { + } + + private void AddAttribute( + Attribute a) + { + DerObjectIdentifier oid = a.AttrType; + object obj = attributes[oid]; + + if (obj == null) + { + attributes[oid] = a; + } + else + { + IList v; + + if (obj is Attribute) + { + v = Platform.CreateArrayList(); + + v.Add(obj); + v.Add(a); + } + else + { + v = (IList) obj; + + v.Add(a); + } + + attributes[oid] = v; + } + } + + /// Return the first attribute matching the given OBJECT IDENTIFIER + public Attribute this[DerObjectIdentifier oid] + { + get + { + object obj = attributes[oid]; + + if (obj is IList) + { + return (Attribute)((IList)obj)[0]; + } + + return (Attribute) obj; + } + } + + [Obsolete("Use 'object[oid]' syntax instead")] + public Attribute Get( + DerObjectIdentifier oid) + { + return this[oid]; + } + + /** + * Return all the attributes matching the OBJECT IDENTIFIER oid. The vector will be + * empty if there are no attributes of the required type present. + * + * @param oid type of attribute required. + * @return a vector of all the attributes found of type oid. + */ + public Asn1EncodableVector GetAll( + DerObjectIdentifier oid) + { + Asn1EncodableVector v = new Asn1EncodableVector(); + + object obj = attributes[oid]; + + if (obj is IList) + { + foreach (Attribute a in (IList)obj) + { + v.Add(a); + } + } + else if (obj != null) + { + v.Add((Attribute) obj); + } + + return v; + } + + public int Count + { + get + { + int total = 0; + + foreach (object o in attributes.Values) + { + if (o is IList) + { + total += ((IList)o).Count; + } + else + { + ++total; + } + } + + return total; + } + } + + public IDictionary ToDictionary() + { + return Platform.CreateHashtable(attributes); + } + +#if !(SILVERLIGHT || PORTABLE) + [Obsolete("Use 'ToDictionary' instead")] + public Hashtable ToHashtable() + { + return new Hashtable(attributes); + } +#endif + + public Asn1EncodableVector ToAsn1EncodableVector() + { + Asn1EncodableVector v = new Asn1EncodableVector(); + + foreach (object obj in attributes.Values) + { + if (obj is IList) + { + foreach (object el in (IList)obj) + { + v.Add(Attribute.GetInstance(el)); + } + } + else + { + v.Add(Attribute.GetInstance(obj)); + } + } + + return v; + } + + public Attributes ToAttributes() + { + return new Attributes(this.ToAsn1EncodableVector()); + } + + /** + * Return a new table with the passed in attribute added. + * + * @param attrType + * @param attrValue + * @return + */ + public AttributeTable Add(DerObjectIdentifier attrType, Asn1Encodable attrValue) + { + AttributeTable newTable = new AttributeTable(attributes); + + newTable.AddAttribute(new Attribute(attrType, new DerSet(attrValue))); + + return newTable; + } + + public AttributeTable Remove(DerObjectIdentifier attrType) + { + AttributeTable newTable = new AttributeTable(attributes); + + newTable.attributes.Remove(attrType); + + return newTable; + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/cms/Attributes.cs b/BouncyCastle/crypto/src/asn1/cms/Attributes.cs new file mode 100644 index 0000000..5b6b130 --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/cms/Attributes.cs @@ -0,0 +1,55 @@ +using System; + +namespace Org.BouncyCastle.Asn1.Cms +{ + public class Attributes + : Asn1Encodable + { + private readonly Asn1Set attributes; + + private Attributes(Asn1Set attributes) + { + this.attributes = attributes; + } + + public Attributes(Asn1EncodableVector v) + { + attributes = new BerSet(v); + } + + public static Attributes GetInstance(object obj) + { + if (obj is Attributes) + return (Attributes)obj; + + if (obj != null) + return new Attributes(Asn1Set.GetInstance(obj)); + + return null; + } + + public virtual Attribute[] GetAttributes() + { + Attribute[] rv = new Attribute[attributes.Count]; + + for (int i = 0; i != rv.Length; i++) + { + rv[i] = Attribute.GetInstance(attributes[i]); + } + + return rv; + } + + /** + * 
+         * Attributes ::=
+         *   SET SIZE(1..MAX) OF Attribute -- according to RFC 5652
+         *
+ * @return + */ + public override Asn1Object ToAsn1Object() + { + return attributes; + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/cms/AuthEnvelopedData.cs b/BouncyCastle/crypto/src/asn1/cms/AuthEnvelopedData.cs new file mode 100644 index 0000000..4ca86e9 --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/cms/AuthEnvelopedData.cs @@ -0,0 +1,205 @@ +using System; + +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Asn1.Cms +{ + public class AuthEnvelopedData + : Asn1Encodable + { + private DerInteger version; + private OriginatorInfo originatorInfo; + private Asn1Set recipientInfos; + private EncryptedContentInfo authEncryptedContentInfo; + private Asn1Set authAttrs; + private Asn1OctetString mac; + private Asn1Set unauthAttrs; + + public AuthEnvelopedData( + OriginatorInfo originatorInfo, + Asn1Set recipientInfos, + EncryptedContentInfo authEncryptedContentInfo, + Asn1Set authAttrs, + Asn1OctetString mac, + Asn1Set unauthAttrs) + { + // "It MUST be set to 0." + this.version = new DerInteger(0); + + this.originatorInfo = originatorInfo; + + // "There MUST be at least one element in the collection." + this.recipientInfos = recipientInfos; + if (this.recipientInfos.Count < 1) + throw new ArgumentException("AuthEnvelopedData requires at least 1 RecipientInfo"); + + this.authEncryptedContentInfo = authEncryptedContentInfo; + + // "The authAttrs MUST be present if the content type carried in + // EncryptedContentInfo is not id-data." + this.authAttrs = authAttrs; + if (!authEncryptedContentInfo.ContentType.Equals(CmsObjectIdentifiers.Data)) + { + if (authAttrs == null || authAttrs.Count < 1) + throw new ArgumentException("authAttrs must be present with non-data content"); + } + + this.mac = mac; + + this.unauthAttrs = unauthAttrs; + } + + private AuthEnvelopedData( + Asn1Sequence seq) + { + int index = 0; + + // "It MUST be set to 0." + Asn1Object tmp = seq[index++].ToAsn1Object(); + version = DerInteger.GetInstance(tmp); + if (!version.HasValue(0)) + throw new ArgumentException("AuthEnvelopedData version number must be 0"); + + tmp = seq[index++].ToAsn1Object(); + if (tmp is Asn1TaggedObject) + { + originatorInfo = OriginatorInfo.GetInstance((Asn1TaggedObject)tmp, false); + tmp = seq[index++].ToAsn1Object(); + } + + // "There MUST be at least one element in the collection." + recipientInfos = Asn1Set.GetInstance(tmp); + if (recipientInfos.Count < 1) + throw new ArgumentException("AuthEnvelopedData requires at least 1 RecipientInfo"); + + tmp = seq[index++].ToAsn1Object(); + authEncryptedContentInfo = EncryptedContentInfo.GetInstance(tmp); + + tmp = seq[index++].ToAsn1Object(); + if (tmp is Asn1TaggedObject) + { + authAttrs = Asn1Set.GetInstance((Asn1TaggedObject)tmp, false); + tmp = seq[index++].ToAsn1Object(); + } + else + { + // "The authAttrs MUST be present if the content type carried in + // EncryptedContentInfo is not id-data." + if (!authEncryptedContentInfo.ContentType.Equals(CmsObjectIdentifiers.Data)) + { + if (authAttrs == null || authAttrs.Count < 1) + throw new ArgumentException("authAttrs must be present with non-data content"); + } + } + + mac = Asn1OctetString.GetInstance(tmp); + + if (seq.Count > index) + { + tmp = seq[index++].ToAsn1Object(); + unauthAttrs = Asn1Set.GetInstance((Asn1TaggedObject)tmp, false); + } + } + + /** + * return an AuthEnvelopedData object from a tagged object. + * + * @param obj the tagged object holding the object we want. + * @param isExplicit true if the object is meant to be explicitly + * tagged false otherwise. + * @throws ArgumentException if the object held by the + * tagged object cannot be converted. + */ + public static AuthEnvelopedData GetInstance( + Asn1TaggedObject obj, + bool isExplicit) + { + return GetInstance(Asn1Sequence.GetInstance(obj, isExplicit)); + } + + /** + * return an AuthEnvelopedData object from the given object. + * + * @param obj the object we want converted. + * @throws ArgumentException if the object cannot be converted. + */ + public static AuthEnvelopedData GetInstance( + object obj) + { + if (obj == null || obj is AuthEnvelopedData) + return (AuthEnvelopedData)obj; + + if (obj is Asn1Sequence) + return new AuthEnvelopedData((Asn1Sequence)obj); + + throw new ArgumentException("Invalid AuthEnvelopedData: " + Platform.GetTypeName(obj)); + } + + public DerInteger Version + { + get { return version; } + } + + public OriginatorInfo OriginatorInfo + { + get { return originatorInfo; } + } + + public Asn1Set RecipientInfos + { + get { return recipientInfos; } + } + + public EncryptedContentInfo AuthEncryptedContentInfo + { + get { return authEncryptedContentInfo; } + } + + public Asn1Set AuthAttrs + { + get { return authAttrs; } + } + + public Asn1OctetString Mac + { + get { return mac; } + } + + public Asn1Set UnauthAttrs + { + get { return unauthAttrs; } + } + + /** + * Produce an object suitable for an Asn1OutputStream. + * 
+		 * AuthEnvelopedData ::= SEQUENCE {
+		 *   version CMSVersion,
+		 *   originatorInfo [0] IMPLICIT OriginatorInfo OPTIONAL,
+		 *   recipientInfos RecipientInfos,
+		 *   authEncryptedContentInfo EncryptedContentInfo,
+		 *   authAttrs [1] IMPLICIT AuthAttributes OPTIONAL,
+		 *   mac MessageAuthenticationCode,
+		 *   unauthAttrs [2] IMPLICIT UnauthAttributes OPTIONAL }
+		 *
+ */ + public override Asn1Object ToAsn1Object() + { + Asn1EncodableVector v = new Asn1EncodableVector(version); + v.AddOptionalTagged(false, 0, originatorInfo); + v.Add(recipientInfos, authEncryptedContentInfo); + + // "authAttrs optionally contains the authenticated attributes." + // "AuthAttributes MUST be DER encoded, even if the rest of the + // AuthEnvelopedData structure is BER encoded." + v.AddOptionalTagged(false, 1, authAttrs); + + v.Add(mac); + + // "unauthAttrs optionally contains the unauthenticated attributes." + v.AddOptionalTagged(false, 2, unauthAttrs); + + return new BerSequence(v); + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/cms/AuthEnvelopedDataParser.cs b/BouncyCastle/crypto/src/asn1/cms/AuthEnvelopedDataParser.cs new file mode 100644 index 0000000..1e1e72c --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/cms/AuthEnvelopedDataParser.cs @@ -0,0 +1,150 @@ +using System; + +namespace Org.BouncyCastle.Asn1.Cms +{ + /** + * Produce an object suitable for an Asn1OutputStream. + * + * 
+	 * AuthEnvelopedData ::= SEQUENCE {
+	 *   version CMSVersion,
+	 *   originatorInfo [0] IMPLICIT OriginatorInfo OPTIONAL,
+	 *   recipientInfos RecipientInfos,
+	 *   authEncryptedContentInfo EncryptedContentInfo,
+	 *   authAttrs [1] IMPLICIT AuthAttributes OPTIONAL,
+	 *   mac MessageAuthenticationCode,
+	 *   unauthAttrs [2] IMPLICIT UnauthAttributes OPTIONAL }
+	 *
+ */ + public class AuthEnvelopedDataParser + { + private Asn1SequenceParser seq; + private DerInteger version; + private IAsn1Convertible nextObject; + private bool originatorInfoCalled; + private bool isData; + + public AuthEnvelopedDataParser( + Asn1SequenceParser seq) + { + this.seq = seq; + + // "It MUST be set to 0." + this.version = (DerInteger)seq.ReadObject(); + if (!version.HasValue(0)) + throw new Asn1ParsingException("AuthEnvelopedData version number must be 0"); + } + + public DerInteger Version + { + get { return version; } + } + + public OriginatorInfo GetOriginatorInfo() + { + originatorInfoCalled = true; + + if (nextObject == null) + { + nextObject = seq.ReadObject(); + } + + if (nextObject is Asn1TaggedObjectParser && ((Asn1TaggedObjectParser)nextObject).TagNo == 0) + { + Asn1SequenceParser originatorInfo = (Asn1SequenceParser) ((Asn1TaggedObjectParser)nextObject).GetObjectParser(Asn1Tags.Sequence, false); + nextObject = null; + return OriginatorInfo.GetInstance(originatorInfo.ToAsn1Object()); + } + + return null; + } + + public Asn1SetParser GetRecipientInfos() + { + if (!originatorInfoCalled) + { + GetOriginatorInfo(); + } + + if (nextObject == null) + { + nextObject = seq.ReadObject(); + } + + Asn1SetParser recipientInfos = (Asn1SetParser)nextObject; + nextObject = null; + return recipientInfos; + } + + public EncryptedContentInfoParser GetAuthEncryptedContentInfo() + { + if (nextObject == null) + { + nextObject = seq.ReadObject(); + } + + if (nextObject != null) + { + Asn1SequenceParser o = (Asn1SequenceParser) nextObject; + nextObject = null; + EncryptedContentInfoParser encryptedContentInfoParser = new EncryptedContentInfoParser(o); + isData = CmsObjectIdentifiers.Data.Equals(encryptedContentInfoParser.ContentType); + return encryptedContentInfoParser; + } + + return null; + } + + public Asn1SetParser GetAuthAttrs() + { + if (nextObject == null) + { + nextObject = seq.ReadObject(); + } + + if (nextObject is Asn1TaggedObjectParser) + { + IAsn1Convertible o = nextObject; + nextObject = null; + return (Asn1SetParser)((Asn1TaggedObjectParser)o).GetObjectParser(Asn1Tags.Set, false); + } + + // "The authAttrs MUST be present if the content type carried in + // EncryptedContentInfo is not id-data." + if (!isData) + throw new Asn1ParsingException("authAttrs must be present with non-data content"); + + return null; + } + + public Asn1OctetString GetMac() + { + if (nextObject == null) + { + nextObject = seq.ReadObject(); + } + + IAsn1Convertible o = nextObject; + nextObject = null; + + return Asn1OctetString.GetInstance(o.ToAsn1Object()); + } + + public Asn1SetParser GetUnauthAttrs() + { + if (nextObject == null) + { + nextObject = seq.ReadObject(); + } + + if (nextObject != null) + { + IAsn1Convertible o = nextObject; + nextObject = null; + return (Asn1SetParser)((Asn1TaggedObjectParser)o).GetObjectParser(Asn1Tags.Set, false); + } + + return null; + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/cms/AuthenticatedData.cs b/BouncyCastle/crypto/src/asn1/cms/AuthenticatedData.cs new file mode 100644 index 0000000..eb9f820 --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/cms/AuthenticatedData.cs @@ -0,0 +1,251 @@ +using System; + +using Org.BouncyCastle.Asn1.X509; +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Asn1.Cms +{ + public class AuthenticatedData + : Asn1Encodable + { + private DerInteger version; + private OriginatorInfo originatorInfo; + private Asn1Set recipientInfos; + private AlgorithmIdentifier macAlgorithm; + private AlgorithmIdentifier digestAlgorithm; + private ContentInfo encapsulatedContentInfo; + private Asn1Set authAttrs; + private Asn1OctetString mac; + private Asn1Set unauthAttrs; + + public AuthenticatedData( + OriginatorInfo originatorInfo, + Asn1Set recipientInfos, + AlgorithmIdentifier macAlgorithm, + AlgorithmIdentifier digestAlgorithm, + ContentInfo encapsulatedContent, + Asn1Set authAttrs, + Asn1OctetString mac, + Asn1Set unauthAttrs) + { + if (digestAlgorithm != null || authAttrs != null) + { + if (digestAlgorithm == null || authAttrs == null) + { + throw new ArgumentException("digestAlgorithm and authAttrs must be set together"); + } + } + + version = new DerInteger(CalculateVersion(originatorInfo)); + + this.originatorInfo = originatorInfo; + this.macAlgorithm = macAlgorithm; + this.digestAlgorithm = digestAlgorithm; + this.recipientInfos = recipientInfos; + this.encapsulatedContentInfo = encapsulatedContent; + this.authAttrs = authAttrs; + this.mac = mac; + this.unauthAttrs = unauthAttrs; + } + + private AuthenticatedData( + Asn1Sequence seq) + { + int index = 0; + + version = (DerInteger)seq[index++]; + + Asn1Encodable tmp = seq[index++]; + if (tmp is Asn1TaggedObject) + { + originatorInfo = OriginatorInfo.GetInstance((Asn1TaggedObject)tmp, false); + tmp = seq[index++]; + } + + recipientInfos = Asn1Set.GetInstance(tmp); + macAlgorithm = AlgorithmIdentifier.GetInstance(seq[index++]); + + tmp = seq[index++]; + if (tmp is Asn1TaggedObject) + { + digestAlgorithm = AlgorithmIdentifier.GetInstance((Asn1TaggedObject)tmp, false); + tmp = seq[index++]; + } + + encapsulatedContentInfo = ContentInfo.GetInstance(tmp); + + tmp = seq[index++]; + if (tmp is Asn1TaggedObject) + { + authAttrs = Asn1Set.GetInstance((Asn1TaggedObject)tmp, false); + tmp = seq[index++]; + } + + mac = Asn1OctetString.GetInstance(tmp); + + if (seq.Count > index) + { + unauthAttrs = Asn1Set.GetInstance((Asn1TaggedObject)seq[index], false); + } + } + + /** + * return an AuthenticatedData object from a tagged object. + * + * @param obj the tagged object holding the object we want. + * @param isExplicit true if the object is meant to be explicitly + * tagged false otherwise. + * @throws ArgumentException if the object held by the + * tagged object cannot be converted. + */ + public static AuthenticatedData GetInstance( + Asn1TaggedObject obj, + bool isExplicit) + { + return GetInstance(Asn1Sequence.GetInstance(obj, isExplicit)); + } + + /** + * return an AuthenticatedData object from the given object. + * + * @param obj the object we want converted. + * @throws ArgumentException if the object cannot be converted. + */ + public static AuthenticatedData GetInstance( + object obj) + { + if (obj == null || obj is AuthenticatedData) + { + return (AuthenticatedData)obj; + } + + if (obj is Asn1Sequence) + { + return new AuthenticatedData((Asn1Sequence)obj); + } + + throw new ArgumentException("Invalid AuthenticatedData: " + Platform.GetTypeName(obj)); + } + + public DerInteger Version + { + get { return version; } + } + + public OriginatorInfo OriginatorInfo + { + get { return originatorInfo; } + } + + public Asn1Set RecipientInfos + { + get { return recipientInfos; } + } + + public AlgorithmIdentifier MacAlgorithm + { + get { return macAlgorithm; } + } + + public AlgorithmIdentifier DigestAlgorithm + { + get { return digestAlgorithm; } + } + + public ContentInfo EncapsulatedContentInfo + { + get { return encapsulatedContentInfo; } + } + + public Asn1Set AuthAttrs + { + get { return authAttrs; } + } + + public Asn1OctetString Mac + { + get { return mac; } + } + + public Asn1Set UnauthAttrs + { + get { return unauthAttrs; } + } + + /** + * Produce an object suitable for an Asn1OutputStream. + * 
+		 * AuthenticatedData ::= SEQUENCE {
+		 *       version CMSVersion,
+		 *       originatorInfo [0] IMPLICIT OriginatorInfo OPTIONAL,
+		 *       recipientInfos RecipientInfos,
+		 *       macAlgorithm MessageAuthenticationCodeAlgorithm,
+		 *       digestAlgorithm [1] DigestAlgorithmIdentifier OPTIONAL,
+		 *       encapContentInfo EncapsulatedContentInfo,
+		 *       authAttrs [2] IMPLICIT AuthAttributes OPTIONAL,
+		 *       mac MessageAuthenticationCode,
+		 *       unauthAttrs [3] IMPLICIT UnauthAttributes OPTIONAL }
+		 *
+		 * AuthAttributes ::= SET SIZE (1..MAX) OF Attribute
+		 *
+		 * UnauthAttributes ::= SET SIZE (1..MAX) OF Attribute
+		 *
+		 * MessageAuthenticationCode ::= OCTET STRING
+		 *
+ */ + public override Asn1Object ToAsn1Object() + { + Asn1EncodableVector v = new Asn1EncodableVector(version); + v.AddOptionalTagged(false, 0, originatorInfo); + v.Add(recipientInfos, macAlgorithm); + v.AddOptionalTagged(false, 1, digestAlgorithm); + v.Add(encapsulatedContentInfo); + v.AddOptionalTagged(false, 2, authAttrs); + v.Add(mac); + v.AddOptionalTagged(false, 3, unauthAttrs); + return new BerSequence(v); + } + + public static int CalculateVersion(OriginatorInfo origInfo) + { + if (origInfo == null) + return 0; + + int ver = 0; + + foreach (object obj in origInfo.Certificates) + { + if (obj is Asn1TaggedObject) + { + Asn1TaggedObject tag = (Asn1TaggedObject)obj; + + if (tag.TagNo == 2) + { + ver = 1; + } + else if (tag.TagNo == 3) + { + ver = 3; + break; + } + } + } + + foreach (object obj in origInfo.Crls) + { + if (obj is Asn1TaggedObject) + { + Asn1TaggedObject tag = (Asn1TaggedObject)obj; + + if (tag.TagNo == 1) + { + ver = 3; + break; + } + } + } + + return ver; + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/cms/AuthenticatedDataParser.cs b/BouncyCastle/crypto/src/asn1/cms/AuthenticatedDataParser.cs new file mode 100644 index 0000000..4b80d1b --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/cms/AuthenticatedDataParser.cs @@ -0,0 +1,182 @@ +using System; + +using Org.BouncyCastle.Asn1.X509; + +namespace Org.BouncyCastle.Asn1.Cms +{ + /** + * Produce an object suitable for an Asn1OutputStream. + * 
+	 * AuthenticatedData ::= SEQUENCE {
+	 *       version CMSVersion,
+	 *       originatorInfo [0] IMPLICIT OriginatorInfo OPTIONAL,
+	 *       recipientInfos RecipientInfos,
+	 *       macAlgorithm MessageAuthenticationCodeAlgorithm,
+	 *       digestAlgorithm [1] DigestAlgorithmIdentifier OPTIONAL,
+	 *       encapContentInfo EncapsulatedContentInfo,
+	 *       authAttrs [2] IMPLICIT AuthAttributes OPTIONAL,
+	 *       mac MessageAuthenticationCode,
+	 *       unauthAttrs [3] IMPLICIT UnauthAttributes OPTIONAL }
+	 *
+	 * AuthAttributes ::= SET SIZE (1..MAX) OF Attribute
+	 *
+	 * UnauthAttributes ::= SET SIZE (1..MAX) OF Attribute
+	 *
+	 * MessageAuthenticationCode ::= OCTET STRING
+	 *
+ */ + public class AuthenticatedDataParser + { + private Asn1SequenceParser seq; + private DerInteger version; + private IAsn1Convertible nextObject; + private bool originatorInfoCalled; + + public AuthenticatedDataParser( + Asn1SequenceParser seq) + { + this.seq = seq; + this.version = (DerInteger)seq.ReadObject(); + } + + public DerInteger Version + { + get { return version; } + } + + public OriginatorInfo GetOriginatorInfo() + { + originatorInfoCalled = true; + + if (nextObject == null) + { + nextObject = seq.ReadObject(); + } + + if (nextObject is Asn1TaggedObjectParser && ((Asn1TaggedObjectParser)nextObject).TagNo == 0) + { + Asn1SequenceParser originatorInfo = (Asn1SequenceParser) ((Asn1TaggedObjectParser)nextObject).GetObjectParser(Asn1Tags.Sequence, false); + nextObject = null; + return OriginatorInfo.GetInstance(originatorInfo.ToAsn1Object()); + } + + return null; + } + + public Asn1SetParser GetRecipientInfos() + { + if (!originatorInfoCalled) + { + GetOriginatorInfo(); + } + + if (nextObject == null) + { + nextObject = seq.ReadObject(); + } + + Asn1SetParser recipientInfos = (Asn1SetParser)nextObject; + nextObject = null; + return recipientInfos; + } + + public AlgorithmIdentifier GetMacAlgorithm() + { + if (nextObject == null) + { + nextObject = seq.ReadObject(); + } + + if (nextObject != null) + { + Asn1SequenceParser o = (Asn1SequenceParser)nextObject; + nextObject = null; + return AlgorithmIdentifier.GetInstance(o.ToAsn1Object()); + } + + return null; + } + + public AlgorithmIdentifier GetDigestAlgorithm() + { + if (nextObject == null) + { + nextObject = seq.ReadObject(); + } + + if (nextObject is Asn1TaggedObjectParser) + { + AlgorithmIdentifier obj = AlgorithmIdentifier.GetInstance( + (Asn1TaggedObject)nextObject.ToAsn1Object(), false); + nextObject = null; + return obj; + } + + return null; + } + + public ContentInfoParser GetEnapsulatedContentInfo() + { + if (nextObject == null) + { + nextObject = seq.ReadObject(); + } + + if (nextObject != null) + { + Asn1SequenceParser o = (Asn1SequenceParser)nextObject; + nextObject = null; + return new ContentInfoParser(o); + } + + return null; + } + + public Asn1SetParser GetAuthAttrs() + { + if (nextObject == null) + { + nextObject = seq.ReadObject(); + } + + if (nextObject is Asn1TaggedObjectParser) + { + IAsn1Convertible o = nextObject; + nextObject = null; + return (Asn1SetParser)((Asn1TaggedObjectParser)o).GetObjectParser(Asn1Tags.Set, false); + } + + return null; + } + + public Asn1OctetString GetMac() + { + if (nextObject == null) + { + nextObject = seq.ReadObject(); + } + + IAsn1Convertible o = nextObject; + nextObject = null; + + return Asn1OctetString.GetInstance(o.ToAsn1Object()); + } + + public Asn1SetParser GetUnauthAttrs() + { + if (nextObject == null) + { + nextObject = seq.ReadObject(); + } + + if (nextObject != null) + { + IAsn1Convertible o = nextObject; + nextObject = null; + return (Asn1SetParser)((Asn1TaggedObjectParser)o).GetObjectParser(Asn1Tags.Set, false); + } + + return null; + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/cms/CMSAttributes.cs b/BouncyCastle/crypto/src/asn1/cms/CMSAttributes.cs new file mode 100644 index 0000000..fca2b67 --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/cms/CMSAttributes.cs @@ -0,0 +1,14 @@ +using Org.BouncyCastle.Asn1; +using Org.BouncyCastle.Asn1.Pkcs; + +namespace Org.BouncyCastle.Asn1.Cms +{ + public abstract class CmsAttributes + { + public static readonly DerObjectIdentifier ContentType = PkcsObjectIdentifiers.Pkcs9AtContentType; + public static readonly DerObjectIdentifier MessageDigest = PkcsObjectIdentifiers.Pkcs9AtMessageDigest; + public static readonly DerObjectIdentifier SigningTime = PkcsObjectIdentifiers.Pkcs9AtSigningTime; + public static readonly DerObjectIdentifier CounterSignature = PkcsObjectIdentifiers.Pkcs9AtCounterSignature; + public static readonly DerObjectIdentifier ContentHint = PkcsObjectIdentifiers.IdAAContentHint; + } +} diff --git a/BouncyCastle/crypto/src/asn1/cms/CMSObjectIdentifiers.cs b/BouncyCastle/crypto/src/asn1/cms/CMSObjectIdentifiers.cs new file mode 100644 index 0000000..2ad0a3c --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/cms/CMSObjectIdentifiers.cs @@ -0,0 +1,28 @@ +using Org.BouncyCastle.Asn1.Pkcs; + +namespace Org.BouncyCastle.Asn1.Cms +{ + public abstract class CmsObjectIdentifiers + { + public static readonly DerObjectIdentifier Data = PkcsObjectIdentifiers.Data; + public static readonly DerObjectIdentifier SignedData = PkcsObjectIdentifiers.SignedData; + public static readonly DerObjectIdentifier EnvelopedData = PkcsObjectIdentifiers.EnvelopedData; + public static readonly DerObjectIdentifier SignedAndEnvelopedData = PkcsObjectIdentifiers.SignedAndEnvelopedData; + public static readonly DerObjectIdentifier DigestedData = PkcsObjectIdentifiers.DigestedData; + public static readonly DerObjectIdentifier EncryptedData = PkcsObjectIdentifiers.EncryptedData; + public static readonly DerObjectIdentifier AuthenticatedData = PkcsObjectIdentifiers.IdCTAuthData; + public static readonly DerObjectIdentifier CompressedData = PkcsObjectIdentifiers.IdCTCompressedData; + public static readonly DerObjectIdentifier AuthEnvelopedData = PkcsObjectIdentifiers.IdCTAuthEnvelopedData; + public static readonly DerObjectIdentifier timestampedData = PkcsObjectIdentifiers.IdCTTimestampedData; + + /** + * The other Revocation Info arc + * id-ri OBJECT IDENTIFIER ::= { iso(1) identified-organization(3) + * dod(6) internet(1) security(5) mechanisms(5) pkix(7) ri(16) } + */ + public static readonly DerObjectIdentifier id_ri = new DerObjectIdentifier("1.3.6.1.5.5.7.16"); + + public static readonly DerObjectIdentifier id_ri_ocsp_response = id_ri.Branch("2"); + public static readonly DerObjectIdentifier id_ri_scvp = id_ri.Branch("4"); + } +} diff --git a/BouncyCastle/crypto/src/asn1/cms/CompressedData.cs b/BouncyCastle/crypto/src/asn1/cms/CompressedData.cs new file mode 100644 index 0000000..154ed35 --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/cms/CompressedData.cs @@ -0,0 +1,96 @@ +using System; + +using Org.BouncyCastle.Asn1.X509; +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Asn1.Cms +{ + /** + * RFC 3274 - CMS Compressed Data. + * 
+     * CompressedData ::= Sequence {
+     *  version CMSVersion,
+     *  compressionAlgorithm CompressionAlgorithmIdentifier,
+     *  encapContentInfo EncapsulatedContentInfo
+     * }
+     *
+ */ + public class CompressedData + : Asn1Encodable + { + private DerInteger version; + private AlgorithmIdentifier compressionAlgorithm; + private ContentInfo encapContentInfo; + + public CompressedData( + AlgorithmIdentifier compressionAlgorithm, + ContentInfo encapContentInfo) + { + this.version = new DerInteger(0); + this.compressionAlgorithm = compressionAlgorithm; + this.encapContentInfo = encapContentInfo; + } + + public CompressedData( + Asn1Sequence seq) + { + this.version = (DerInteger) seq[0]; + this.compressionAlgorithm = AlgorithmIdentifier.GetInstance(seq[1]); + this.encapContentInfo = ContentInfo.GetInstance(seq[2]); + } + + /** + * return a CompressedData object from a tagged object. + * + * @param ato the tagged object holding the object we want. + * @param explicitly true if the object is meant to be explicitly + * tagged false otherwise. + * @exception ArgumentException if the object held by the + * tagged object cannot be converted. + */ + public static CompressedData GetInstance( + Asn1TaggedObject ato, + bool explicitly) + { + return GetInstance(Asn1Sequence.GetInstance(ato, explicitly)); + } + + /** + * return a CompressedData object from the given object. + * + * @param _obj the object we want converted. + * @exception ArgumentException if the object cannot be converted. + */ + public static CompressedData GetInstance( + object obj) + { + if (obj == null || obj is CompressedData) + return (CompressedData)obj; + + if (obj is Asn1Sequence) + return new CompressedData((Asn1Sequence) obj); + + throw new ArgumentException("Invalid CompressedData: " + Platform.GetTypeName(obj)); + } + + public DerInteger Version + { + get { return version; } + } + + public AlgorithmIdentifier CompressionAlgorithmIdentifier + { + get { return compressionAlgorithm; } + } + + public ContentInfo EncapContentInfo + { + get { return encapContentInfo; } + } + + public override Asn1Object ToAsn1Object() + { + return new BerSequence(version, compressionAlgorithm, encapContentInfo); + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/cms/CompressedDataParser.cs b/BouncyCastle/crypto/src/asn1/cms/CompressedDataParser.cs new file mode 100644 index 0000000..7c53453 --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/cms/CompressedDataParser.cs @@ -0,0 +1,47 @@ +using System; + +using Org.BouncyCastle.Asn1; +using Org.BouncyCastle.Asn1.X509; + +namespace Org.BouncyCastle.Asn1.Cms +{ + /** + * RFC 3274 - CMS Compressed Data. + * 
+	* CompressedData ::= SEQUENCE {
+	*  version CMSVersion,
+	*  compressionAlgorithm CompressionAlgorithmIdentifier,
+	*  encapContentInfo EncapsulatedContentInfo
+	* }
+	*
+ */ + public class CompressedDataParser + { + private DerInteger _version; + private AlgorithmIdentifier _compressionAlgorithm; + private ContentInfoParser _encapContentInfo; + + public CompressedDataParser( + Asn1SequenceParser seq) + { + this._version = (DerInteger)seq.ReadObject(); + this._compressionAlgorithm = AlgorithmIdentifier.GetInstance(seq.ReadObject().ToAsn1Object()); + this._encapContentInfo = new ContentInfoParser((Asn1SequenceParser)seq.ReadObject()); + } + + public DerInteger Version + { + get { return _version; } + } + + public AlgorithmIdentifier CompressionAlgorithmIdentifier + { + get { return _compressionAlgorithm; } + } + + public ContentInfoParser GetEncapContentInfo() + { + return _encapContentInfo; + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/cms/ContentInfo.cs b/BouncyCastle/crypto/src/asn1/cms/ContentInfo.cs new file mode 100644 index 0000000..f130a4b --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/cms/ContentInfo.cs @@ -0,0 +1,88 @@ +using System; +using System.Collections; + +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Asn1.Cms +{ + public class ContentInfo + : Asn1Encodable + { + private readonly DerObjectIdentifier contentType; + private readonly Asn1Encodable content; + + public static ContentInfo GetInstance( + object obj) + { + if (obj == null || obj is ContentInfo) + return (ContentInfo) obj; + + if (obj is Asn1Sequence) + return new ContentInfo((Asn1Sequence) obj); + + throw new ArgumentException("unknown object in factory: " + Platform.GetTypeName(obj)); + } + + public static ContentInfo GetInstance(Asn1TaggedObject obj, bool isExplicit) + { + return GetInstance(Asn1Sequence.GetInstance(obj, isExplicit)); + } + + private ContentInfo( + Asn1Sequence seq) + { + if (seq.Count < 1 || seq.Count > 2) + throw new ArgumentException("Bad sequence size: " + seq.Count, "seq"); + + contentType = (DerObjectIdentifier) seq[0]; + + if (seq.Count > 1) + { + Asn1TaggedObject tagged = (Asn1TaggedObject) seq[1]; + if (!tagged.IsExplicit() || tagged.TagNo != 0) + throw new ArgumentException("Bad tag for 'content'", "seq"); + + content = tagged.GetObject(); + } + } + + public ContentInfo( + DerObjectIdentifier contentType, + Asn1Encodable content) + { + this.contentType = contentType; + this.content = content; + } + + public DerObjectIdentifier ContentType + { + get { return contentType; } + } + + public Asn1Encodable Content + { + get { return content; } + } + + /** + * Produce an object suitable for an Asn1OutputStream. + * 
+         * ContentInfo ::= Sequence {
+         *          contentType ContentType,
+         *          content
+         *          [0] EXPLICIT ANY DEFINED BY contentType OPTIONAL }
+         *
+ */ + public override Asn1Object ToAsn1Object() + { + Asn1EncodableVector v = new Asn1EncodableVector(contentType); + + if (content != null) + { + v.Add(new BerTaggedObject(0, content)); + } + + return new BerSequence(v); + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/cms/ContentInfoParser.cs b/BouncyCastle/crypto/src/asn1/cms/ContentInfoParser.cs new file mode 100644 index 0000000..750d8ba --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/cms/ContentInfoParser.cs @@ -0,0 +1,40 @@ +using System; + +namespace Org.BouncyCastle.Asn1.Cms +{ + /** + * Produce an object suitable for an Asn1OutputStream. + * 
+	* ContentInfo ::= SEQUENCE {
+	*          contentType ContentType,
+	*          content
+	*          [0] EXPLICIT ANY DEFINED BY contentType OPTIONAL }
+	*
+ */ + public class ContentInfoParser + { + private readonly DerObjectIdentifier m_contentType; + private readonly Asn1TaggedObjectParser m_content; + + public ContentInfoParser(Asn1SequenceParser seq) + { + m_contentType = (DerObjectIdentifier)seq.ReadObject(); + m_content = (Asn1TaggedObjectParser)seq.ReadObject(); + } + + public DerObjectIdentifier ContentType + { + get { return m_contentType; } + } + + public IAsn1Convertible GetContent(int tag) + { + if (null == m_content) + return null; + + // TODO[cms] Ideally we could enforce the claimed tag + //return Asn1Utilities.ParseContextBaseUniversal(content, 0, true, tag); + return Asn1Utilities.ParseExplicitContextBaseObject(m_content, 0); + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/cms/EncryptedContentInfo.cs b/BouncyCastle/crypto/src/asn1/cms/EncryptedContentInfo.cs new file mode 100644 index 0000000..999f2a0 --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/cms/EncryptedContentInfo.cs @@ -0,0 +1,94 @@ +using System; + +using Org.BouncyCastle.Asn1.X509; +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Asn1.Cms +{ + public class EncryptedContentInfo + : Asn1Encodable + { + private DerObjectIdentifier contentType; + private AlgorithmIdentifier contentEncryptionAlgorithm; + private Asn1OctetString encryptedContent; + + public EncryptedContentInfo( + DerObjectIdentifier contentType, + AlgorithmIdentifier contentEncryptionAlgorithm, + Asn1OctetString encryptedContent) + { + this.contentType = contentType; + this.contentEncryptionAlgorithm = contentEncryptionAlgorithm; + this.encryptedContent = encryptedContent; + } + + public EncryptedContentInfo( + Asn1Sequence seq) + { + contentType = (DerObjectIdentifier) seq[0]; + contentEncryptionAlgorithm = AlgorithmIdentifier.GetInstance(seq[1]); + + if (seq.Count > 2) + { + encryptedContent = Asn1OctetString.GetInstance( + (Asn1TaggedObject) seq[2], false); + } + } + + /** + * return an EncryptedContentInfo object from the given object. + * + * @param obj the object we want converted. + * @exception ArgumentException if the object cannot be converted. + */ + public static EncryptedContentInfo GetInstance( + object obj) + { + if (obj == null || obj is EncryptedContentInfo) + return (EncryptedContentInfo)obj; + + if (obj is Asn1Sequence) + return new EncryptedContentInfo((Asn1Sequence)obj); + + throw new ArgumentException("Invalid EncryptedContentInfo: " + Platform.GetTypeName(obj)); + } + + public DerObjectIdentifier ContentType + { + get { return contentType; } + } + + public AlgorithmIdentifier ContentEncryptionAlgorithm + { + get { return contentEncryptionAlgorithm; } + } + + public Asn1OctetString EncryptedContent + { + get { return encryptedContent; } + } + + /** + * Produce an object suitable for an Asn1OutputStream. + * 
+         * EncryptedContentInfo ::= Sequence {
+         *     contentType ContentType,
+         *     contentEncryptionAlgorithm ContentEncryptionAlgorithmIdentifier,
+         *     encryptedContent [0] IMPLICIT EncryptedContent OPTIONAL
+         * }
+         *
+ */ + public override Asn1Object ToAsn1Object() + { + Asn1EncodableVector v = new Asn1EncodableVector( + contentType, contentEncryptionAlgorithm); + + if (encryptedContent != null) + { + v.Add(new BerTaggedObject(false, 0, encryptedContent)); + } + + return new BerSequence(v); + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/cms/EncryptedContentInfoParser.cs b/BouncyCastle/crypto/src/asn1/cms/EncryptedContentInfoParser.cs new file mode 100644 index 0000000..af748b1 --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/cms/EncryptedContentInfoParser.cs @@ -0,0 +1,46 @@ +using System; + +using Org.BouncyCastle.Asn1.X509; + +namespace Org.BouncyCastle.Asn1.Cms +{ + /** + * 
+	* EncryptedContentInfo ::= SEQUENCE {
+	*     contentType ContentType,
+	*     contentEncryptionAlgorithm ContentEncryptionAlgorithmIdentifier,
+	*     encryptedContent [0] IMPLICIT EncryptedContent OPTIONAL
+	* }
+	*
+ */ + public class EncryptedContentInfoParser + { + private DerObjectIdentifier _contentType; + private AlgorithmIdentifier _contentEncryptionAlgorithm; + private Asn1TaggedObjectParser _encryptedContent; + + public EncryptedContentInfoParser( + Asn1SequenceParser seq) + { + _contentType = (DerObjectIdentifier)seq.ReadObject(); + _contentEncryptionAlgorithm = AlgorithmIdentifier.GetInstance(seq.ReadObject().ToAsn1Object()); + _encryptedContent = (Asn1TaggedObjectParser)seq.ReadObject(); + } + + public DerObjectIdentifier ContentType + { + get { return _contentType; } + } + + public AlgorithmIdentifier ContentEncryptionAlgorithm + { + get { return _contentEncryptionAlgorithm; } + } + + public IAsn1Convertible GetEncryptedContent( + int tag) + { + return _encryptedContent.GetObjectParser(tag, false); + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/cms/EncryptedData.cs b/BouncyCastle/crypto/src/asn1/cms/EncryptedData.cs new file mode 100644 index 0000000..b8492d1 --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/cms/EncryptedData.cs @@ -0,0 +1,97 @@ +using System; + +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Asn1.Cms +{ + public class EncryptedData + : Asn1Encodable + { + private readonly DerInteger version; + private readonly EncryptedContentInfo encryptedContentInfo; + private readonly Asn1Set unprotectedAttrs; + + public static EncryptedData GetInstance( + object obj) + { + if (obj is EncryptedData) + return (EncryptedData) obj; + + if (obj is Asn1Sequence) + return new EncryptedData((Asn1Sequence) obj); + + throw new ArgumentException("Invalid EncryptedData: " + Platform.GetTypeName(obj)); + } + + public EncryptedData( + EncryptedContentInfo encInfo) + : this(encInfo, null) + { + } + + public EncryptedData( + EncryptedContentInfo encInfo, + Asn1Set unprotectedAttrs) + { + if (encInfo == null) + throw new ArgumentNullException("encInfo"); + + this.version = new DerInteger((unprotectedAttrs == null) ? 0 : 2); + this.encryptedContentInfo = encInfo; + this.unprotectedAttrs = unprotectedAttrs; + } + + private EncryptedData( + Asn1Sequence seq) + { + if (seq == null) + throw new ArgumentNullException("seq"); + if (seq.Count < 2 || seq.Count > 3) + throw new ArgumentException("Bad sequence size: " + seq.Count, "seq"); + + this.version = DerInteger.GetInstance(seq[0]); + this.encryptedContentInfo = EncryptedContentInfo.GetInstance(seq[1]); + + if (seq.Count > 2) + { + this.unprotectedAttrs = Asn1Set.GetInstance((Asn1TaggedObject)seq[2], false); + } + } + + public virtual DerInteger Version + { + get { return version; } + } + + public virtual EncryptedContentInfo EncryptedContentInfo + { + get { return encryptedContentInfo; } + } + + public virtual Asn1Set UnprotectedAttrs + { + get { return unprotectedAttrs; } + } + + /** + * 
+		*       EncryptedData ::= SEQUENCE {
+		*                     version CMSVersion,
+		*                     encryptedContentInfo EncryptedContentInfo,
+		*                     unprotectedAttrs [1] IMPLICIT UnprotectedAttributes OPTIONAL }
+		*
+ * @return a basic ASN.1 object representation. + */ + public override Asn1Object ToAsn1Object() + { + Asn1EncodableVector v = new Asn1EncodableVector(version, encryptedContentInfo); + + if (unprotectedAttrs != null) + { + v.Add(new BerTaggedObject(false, 1, unprotectedAttrs)); + } + + return new BerSequence(v); + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/cms/EnvelopedData.cs b/BouncyCastle/crypto/src/asn1/cms/EnvelopedData.cs new file mode 100644 index 0000000..8897fe3 --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/cms/EnvelopedData.cs @@ -0,0 +1,166 @@ +using System; +using System.Collections; + +using Org.BouncyCastle.Asn1; + +namespace Org.BouncyCastle.Asn1.Cms +{ + public class EnvelopedData + : Asn1Encodable + { + private DerInteger version; + private OriginatorInfo originatorInfo; + private Asn1Set recipientInfos; + private EncryptedContentInfo encryptedContentInfo; + private Asn1Set unprotectedAttrs; + + public EnvelopedData( + OriginatorInfo originatorInfo, + Asn1Set recipientInfos, + EncryptedContentInfo encryptedContentInfo, + Asn1Set unprotectedAttrs) + { + this.version = new DerInteger(CalculateVersion(originatorInfo, recipientInfos, unprotectedAttrs)); + this.originatorInfo = originatorInfo; + this.recipientInfos = recipientInfos; + this.encryptedContentInfo = encryptedContentInfo; + this.unprotectedAttrs = unprotectedAttrs; + } + + public EnvelopedData( + OriginatorInfo originatorInfo, + Asn1Set recipientInfos, + EncryptedContentInfo encryptedContentInfo, + Attributes unprotectedAttrs) + { + this.version = new DerInteger(CalculateVersion(originatorInfo, recipientInfos, Asn1Set.GetInstance(unprotectedAttrs))); + this.originatorInfo = originatorInfo; + this.recipientInfos = recipientInfos; + this.encryptedContentInfo = encryptedContentInfo; + this.unprotectedAttrs = Asn1Set.GetInstance(unprotectedAttrs); + } + + [Obsolete("Use 'GetInstance' instead")] + public EnvelopedData( + Asn1Sequence seq) + { + int index = 0; + + version = (DerInteger) seq[index++]; + + object tmp = seq[index++]; + + if (tmp is Asn1TaggedObject) + { + originatorInfo = OriginatorInfo.GetInstance((Asn1TaggedObject) tmp, false); + tmp = seq[index++]; + } + + recipientInfos = Asn1Set.GetInstance(tmp); + encryptedContentInfo = EncryptedContentInfo.GetInstance(seq[index++]); + + if (seq.Count > index) + { + unprotectedAttrs = Asn1Set.GetInstance((Asn1TaggedObject) seq[index], false); + } + } + + /** + * return an EnvelopedData object from a tagged object. + * + * @param obj the tagged object holding the object we want. + * @param explicitly true if the object is meant to be explicitly + * tagged false otherwise. + * @exception ArgumentException if the object held by the + * tagged object cannot be converted. + */ + public static EnvelopedData GetInstance( + Asn1TaggedObject obj, + bool explicitly) + { + return GetInstance(Asn1Sequence.GetInstance(obj, explicitly)); + } + + /** + * return an EnvelopedData object from the given object. + * + * @param obj the object we want converted. + * @exception ArgumentException if the object cannot be converted. + */ + public static EnvelopedData GetInstance( + object obj) + { + if (obj is EnvelopedData) + return (EnvelopedData)obj; + if (obj == null) + return null; + return new EnvelopedData(Asn1Sequence.GetInstance(obj)); + } + + public DerInteger Version + { + get { return version; } + } + + public OriginatorInfo OriginatorInfo + { + get { return originatorInfo; } + } + + public Asn1Set RecipientInfos + { + get { return recipientInfos; } + } + + public EncryptedContentInfo EncryptedContentInfo + { + get { return encryptedContentInfo; } + } + + public Asn1Set UnprotectedAttrs + { + get { return unprotectedAttrs; } + } + + /** + * Produce an object suitable for an Asn1OutputStream. + * 
+         * EnvelopedData ::= Sequence {
+         *     version CMSVersion,
+         *     originatorInfo [0] IMPLICIT OriginatorInfo OPTIONAL,
+         *     recipientInfos RecipientInfos,
+         *     encryptedContentInfo EncryptedContentInfo,
+         *     unprotectedAttrs [1] IMPLICIT UnprotectedAttributes OPTIONAL
+         * }
+         *
+ */ + public override Asn1Object ToAsn1Object() + { + Asn1EncodableVector v = new Asn1EncodableVector(version); + v.AddOptionalTagged(false, 0, originatorInfo); + v.Add(recipientInfos, encryptedContentInfo); + v.AddOptionalTagged(false, 1, unprotectedAttrs); + return new BerSequence(v); + } + + public static int CalculateVersion(OriginatorInfo originatorInfo, Asn1Set recipientInfos, Asn1Set unprotectedAttrs) + { + if (originatorInfo != null || unprotectedAttrs != null) + { + return 2; + } + + foreach (object o in recipientInfos) + { + RecipientInfo ri = RecipientInfo.GetInstance(o); + + if (!ri.Version.HasValue(0)) + { + return 2; + } + } + + return 0; + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/cms/EnvelopedDataParser.cs b/BouncyCastle/crypto/src/asn1/cms/EnvelopedDataParser.cs new file mode 100644 index 0000000..5993537 --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/cms/EnvelopedDataParser.cs @@ -0,0 +1,107 @@ +using System; + +namespace Org.BouncyCastle.Asn1.Cms +{ + /** + * Produce an object suitable for an Asn1OutputStream. + * 
+	* EnvelopedData ::= SEQUENCE {
+	*     version CMSVersion,
+	*     originatorInfo [0] IMPLICIT OriginatorInfo OPTIONAL,
+	*     recipientInfos RecipientInfos,
+	*     encryptedContentInfo EncryptedContentInfo,
+	*     unprotectedAttrs [1] IMPLICIT UnprotectedAttributes OPTIONAL
+	* }
+	*
+ */ + public class EnvelopedDataParser + { + private Asn1SequenceParser _seq; + private DerInteger _version; + private IAsn1Convertible _nextObject; + private bool _originatorInfoCalled; + + public EnvelopedDataParser( + Asn1SequenceParser seq) + { + this._seq = seq; + this._version = (DerInteger)seq.ReadObject(); + } + + public DerInteger Version + { + get { return _version; } + } + + public OriginatorInfo GetOriginatorInfo() + { + _originatorInfoCalled = true; + + if (_nextObject == null) + { + _nextObject = _seq.ReadObject(); + } + + if (_nextObject is Asn1TaggedObjectParser && ((Asn1TaggedObjectParser)_nextObject).TagNo == 0) + { + Asn1SequenceParser originatorInfo = (Asn1SequenceParser) + ((Asn1TaggedObjectParser)_nextObject).GetObjectParser(Asn1Tags.Sequence, false); + _nextObject = null; + return OriginatorInfo.GetInstance(originatorInfo.ToAsn1Object()); + } + + return null; + } + + public Asn1SetParser GetRecipientInfos() + { + if (!_originatorInfoCalled) + { + GetOriginatorInfo(); + } + + if (_nextObject == null) + { + _nextObject = _seq.ReadObject(); + } + + Asn1SetParser recipientInfos = (Asn1SetParser)_nextObject; + _nextObject = null; + return recipientInfos; + } + + public EncryptedContentInfoParser GetEncryptedContentInfo() + { + if (_nextObject == null) + { + _nextObject = _seq.ReadObject(); + } + + if (_nextObject != null) + { + Asn1SequenceParser o = (Asn1SequenceParser) _nextObject; + _nextObject = null; + return new EncryptedContentInfoParser(o); + } + + return null; + } + + public Asn1SetParser GetUnprotectedAttrs() + { + if (_nextObject == null) + { + _nextObject = _seq.ReadObject(); + } + + if (_nextObject != null) + { + IAsn1Convertible o = _nextObject; + _nextObject = null; + return (Asn1SetParser)((Asn1TaggedObjectParser)o).GetObjectParser(Asn1Tags.Set, false); + } + + return null; + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/cms/Evidence.cs b/BouncyCastle/crypto/src/asn1/cms/Evidence.cs new file mode 100644 index 0000000..b12f090 --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/cms/Evidence.cs @@ -0,0 +1,73 @@ +using System; + +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Asn1.Cms +{ + public class Evidence + : Asn1Encodable, IAsn1Choice + { + private TimeStampTokenEvidence tstEvidence; + private Asn1Sequence otherEvidence; + + public Evidence(TimeStampTokenEvidence tstEvidence) + { + this.tstEvidence = tstEvidence; + } + + private Evidence(Asn1TaggedObject tagged) + { + if (tagged.TagNo == 0) + { + this.tstEvidence = TimeStampTokenEvidence.GetInstance(tagged, false); + } + //else if (tagged.TagNo == 1) + //{ + // this.ersEvidence = EvidenceRecord.GetInstance(tagged, false); + //} + else if (tagged.TagNo == 2) + { + this.otherEvidence = Asn1Sequence.GetInstance(tagged, false); + } + else + { + throw new ArgumentException("unknown tag in Evidence", "tagged"); + } + } + + public static Evidence GetInstance(object obj) + { + if (obj is Evidence) + return (Evidence)obj; + + if (obj is Asn1TaggedObject) + return new Evidence(Asn1TaggedObject.GetInstance(obj)); + + throw new ArgumentException("Unknown object in GetInstance: " + Platform.GetTypeName(obj), "obj"); + } + + public static Evidence GetInstance(Asn1TaggedObject obj, bool isExplicit) + { + return GetInstance(obj.GetObject()); // must be explicitly tagged + } + + public virtual TimeStampTokenEvidence TstEvidence + { + get { return tstEvidence; } + } + + //public EvidenceRecord ErsEvidence + //{ + // get { return ersEvidence; } + //} + + public override Asn1Object ToAsn1Object() + { + if (tstEvidence != null) + return new DerTaggedObject(false, 0, tstEvidence); + //if (ersEvidence != null) + // return new DerTaggedObject(false, 1, ersEvidence); + return new DerTaggedObject(false, 2, otherEvidence); + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/cms/IssuerAndSerialNumber.cs b/BouncyCastle/crypto/src/asn1/cms/IssuerAndSerialNumber.cs new file mode 100644 index 0000000..b509e7e --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/cms/IssuerAndSerialNumber.cs @@ -0,0 +1,64 @@ +using System; + +using Org.BouncyCastle.Asn1; +using Org.BouncyCastle.Asn1.X509; +using Org.BouncyCastle.Math; + +namespace Org.BouncyCastle.Asn1.Cms +{ + public class IssuerAndSerialNumber + : Asn1Encodable + { + private X509Name name; + private DerInteger serialNumber; + + public static IssuerAndSerialNumber GetInstance(object obj) + { + if (obj == null) + return null; + IssuerAndSerialNumber existing = obj as IssuerAndSerialNumber; + if (existing != null) + return existing; + return new IssuerAndSerialNumber(Asn1Sequence.GetInstance(obj)); + } + + [Obsolete("Use GetInstance() instead")] + public IssuerAndSerialNumber( + Asn1Sequence seq) + { + this.name = X509Name.GetInstance(seq[0]); + this.serialNumber = (DerInteger) seq[1]; + } + + public IssuerAndSerialNumber( + X509Name name, + BigInteger serialNumber) + { + this.name = name; + this.serialNumber = new DerInteger(serialNumber); + } + + public IssuerAndSerialNumber( + X509Name name, + DerInteger serialNumber) + { + this.name = name; + this.serialNumber = serialNumber; + } + + public X509Name Name + { + get { return name; } + } + + public DerInteger SerialNumber + { + get { return serialNumber; } + } + + public override Asn1Object ToAsn1Object() + { + return new DerSequence(name, serialNumber); + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/cms/KEKIdentifier.cs b/BouncyCastle/crypto/src/asn1/cms/KEKIdentifier.cs new file mode 100644 index 0000000..a422174 --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/cms/KEKIdentifier.cs @@ -0,0 +1,119 @@ +using System; + +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Asn1.Cms +{ + public class KekIdentifier + : Asn1Encodable + { + private Asn1OctetString keyIdentifier; + private DerGeneralizedTime date; + private OtherKeyAttribute other; + + public KekIdentifier( + byte[] keyIdentifier, + DerGeneralizedTime date, + OtherKeyAttribute other) + { + this.keyIdentifier = new DerOctetString(keyIdentifier); + this.date = date; + this.other = other; + } + + public KekIdentifier( + Asn1Sequence seq) + { + keyIdentifier = (Asn1OctetString) seq[0]; + + switch (seq.Count) + { + case 1: + break; + case 2: + if (seq[1] is DerGeneralizedTime) + { + date = (DerGeneralizedTime) seq[1]; + } + else + { + other = OtherKeyAttribute.GetInstance(seq[2]); + } + break; + case 3: + date = (DerGeneralizedTime) seq[1]; + other = OtherKeyAttribute.GetInstance(seq[2]); + break; + default: + throw new ArgumentException("Invalid KekIdentifier"); + } + } + + /** + * return a KekIdentifier object from a tagged object. + * + * @param obj the tagged object holding the object we want. + * @param explicitly true if the object is meant to be explicitly + * tagged false otherwise. + * @exception ArgumentException if the object held by the + * tagged object cannot be converted. + */ + public static KekIdentifier GetInstance( + Asn1TaggedObject obj, + bool explicitly) + { + return GetInstance(Asn1Sequence.GetInstance(obj, explicitly)); + } + + /** + * return a KekIdentifier object from the given object. + * + * @param obj the object we want converted. + * @exception ArgumentException if the object cannot be converted. + */ + public static KekIdentifier GetInstance( + object obj) + { + if (obj == null || obj is KekIdentifier) + return (KekIdentifier)obj; + + if (obj is Asn1Sequence) + return new KekIdentifier((Asn1Sequence)obj); + + throw new ArgumentException("Invalid KekIdentifier: " + Platform.GetTypeName(obj)); + } + + public Asn1OctetString KeyIdentifier + { + get { return keyIdentifier; } + } + + public DerGeneralizedTime Date + { + get { return date; } + } + + public OtherKeyAttribute Other + { + get { return other; } + } + + /** + * Produce an object suitable for an Asn1OutputStream. + * 
+         * KekIdentifier ::= Sequence {
+         *     keyIdentifier OCTET STRING,
+         *     date GeneralizedTime OPTIONAL,
+         *     other OtherKeyAttribute OPTIONAL
+         * }
+         *
+ */ + public override Asn1Object ToAsn1Object() + { + Asn1EncodableVector v = new Asn1EncodableVector(keyIdentifier); + v.AddOptional(date, other); + return new DerSequence(v); + } + } +} + diff --git a/BouncyCastle/crypto/src/asn1/cms/KEKRecipientInfo.cs b/BouncyCastle/crypto/src/asn1/cms/KEKRecipientInfo.cs new file mode 100644 index 0000000..810e7fc --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/cms/KEKRecipientInfo.cs @@ -0,0 +1,106 @@ +using System; + +using Org.BouncyCastle.Asn1.X509; +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Asn1.Cms +{ + public class KekRecipientInfo + : Asn1Encodable + { + private DerInteger version; + private KekIdentifier kekID; + private AlgorithmIdentifier keyEncryptionAlgorithm; + private Asn1OctetString encryptedKey; + + public KekRecipientInfo( + KekIdentifier kekID, + AlgorithmIdentifier keyEncryptionAlgorithm, + Asn1OctetString encryptedKey) + { + this.version = new DerInteger(4); + this.kekID = kekID; + this.keyEncryptionAlgorithm = keyEncryptionAlgorithm; + this.encryptedKey = encryptedKey; + } + + public KekRecipientInfo( + Asn1Sequence seq) + { + version = (DerInteger) seq[0]; + kekID = KekIdentifier.GetInstance(seq[1]); + keyEncryptionAlgorithm = AlgorithmIdentifier.GetInstance(seq[2]); + encryptedKey = (Asn1OctetString) seq[3]; + } + + /** + * return a KekRecipientInfo object from a tagged object. + * + * @param obj the tagged object holding the object we want. + * @param explicitly true if the object is meant to be explicitly + * tagged false otherwise. + * @exception ArgumentException if the object held by the + * tagged object cannot be converted. + */ + public static KekRecipientInfo GetInstance( + Asn1TaggedObject obj, + bool explicitly) + { + return GetInstance(Asn1Sequence.GetInstance(obj, explicitly)); + } + + /** + * return a KekRecipientInfo object from the given object. + * + * @param obj the object we want converted. + * @exception ArgumentException if the object cannot be converted. + */ + public static KekRecipientInfo GetInstance( + object obj) + { + if (obj == null || obj is KekRecipientInfo) + return (KekRecipientInfo)obj; + + if(obj is Asn1Sequence) + return new KekRecipientInfo((Asn1Sequence)obj); + + throw new ArgumentException("Invalid KekRecipientInfo: " + Platform.GetTypeName(obj)); + } + + public DerInteger Version + { + get { return version; } + } + + public KekIdentifier KekID + { + get { return kekID; } + } + + public AlgorithmIdentifier KeyEncryptionAlgorithm + { + get { return keyEncryptionAlgorithm; } + } + + public Asn1OctetString EncryptedKey + { + get { return encryptedKey; } + } + + /** + * Produce an object suitable for an Asn1OutputStream. + * 
+         * KekRecipientInfo ::= Sequence {
+         *     version CMSVersion,  -- always set to 4
+         *     kekID KekIdentifier,
+         *     keyEncryptionAlgorithm KeyEncryptionAlgorithmIdentifier,
+         *     encryptedKey EncryptedKey
+         * }
+         *
+ */ + public override Asn1Object ToAsn1Object() + { + return new DerSequence(version, kekID, keyEncryptionAlgorithm, encryptedKey); + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/cms/KeyAgreeRecipientIdentifier.cs b/BouncyCastle/crypto/src/asn1/cms/KeyAgreeRecipientIdentifier.cs new file mode 100644 index 0000000..0256c2d --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/cms/KeyAgreeRecipientIdentifier.cs @@ -0,0 +1,94 @@ +using System; + +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Asn1.Cms +{ + public class KeyAgreeRecipientIdentifier + : Asn1Encodable, IAsn1Choice + { + /** + * return an KeyAgreeRecipientIdentifier object from a tagged object. + * + * @param obj the tagged object holding the object we want. + * @param isExplicit true if the object is meant to be explicitly + * tagged false otherwise. + * @exception ArgumentException if the object held by the + * tagged object cannot be converted. + */ + public static KeyAgreeRecipientIdentifier GetInstance( + Asn1TaggedObject obj, + bool isExplicit) + { + return GetInstance(Asn1Sequence.GetInstance(obj, isExplicit)); + } + + /** + * return an KeyAgreeRecipientIdentifier object from the given object. + * + * @param obj the object we want converted. + * @exception ArgumentException if the object cannot be converted. + */ + public static KeyAgreeRecipientIdentifier GetInstance( + object obj) + { + if (obj == null || obj is KeyAgreeRecipientIdentifier) + return (KeyAgreeRecipientIdentifier)obj; + + if (obj is Asn1Sequence) + return new KeyAgreeRecipientIdentifier(IssuerAndSerialNumber.GetInstance(obj)); + + if (obj is Asn1TaggedObject && ((Asn1TaggedObject)obj).TagNo == 0) + { + return new KeyAgreeRecipientIdentifier(RecipientKeyIdentifier.GetInstance( + (Asn1TaggedObject)obj, false)); + } + + throw new ArgumentException("Invalid KeyAgreeRecipientIdentifier: " + Platform.GetTypeName(obj), "obj"); + } + + private readonly IssuerAndSerialNumber issuerSerial; + private readonly RecipientKeyIdentifier rKeyID; + + public KeyAgreeRecipientIdentifier( + IssuerAndSerialNumber issuerSerial) + { + this.issuerSerial = issuerSerial; + } + + public KeyAgreeRecipientIdentifier( + RecipientKeyIdentifier rKeyID) + { + this.rKeyID = rKeyID; + } + + public IssuerAndSerialNumber IssuerAndSerialNumber + { + get { return issuerSerial; } + } + + public RecipientKeyIdentifier RKeyID + { + get { return rKeyID; } + } + + /** + * Produce an object suitable for an Asn1OutputStream. + * 
+		 * KeyAgreeRecipientIdentifier ::= CHOICE {
+		 *     issuerAndSerialNumber IssuerAndSerialNumber,
+		 *     rKeyId [0] IMPLICIT RecipientKeyIdentifier
+		 * }
+		 *
+ */ + public override Asn1Object ToAsn1Object() + { + if (issuerSerial != null) + { + return issuerSerial.ToAsn1Object(); + } + + return new DerTaggedObject(false, 0, rKeyID); + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/cms/KeyAgreeRecipientInfo.cs b/BouncyCastle/crypto/src/asn1/cms/KeyAgreeRecipientInfo.cs new file mode 100644 index 0000000..52eb7d4 --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/cms/KeyAgreeRecipientInfo.cs @@ -0,0 +1,134 @@ +using System; + +using Org.BouncyCastle.Asn1.X509; +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Asn1.Cms +{ + public class KeyAgreeRecipientInfo + : Asn1Encodable + { + private DerInteger version; + private OriginatorIdentifierOrKey originator; + private Asn1OctetString ukm; + private AlgorithmIdentifier keyEncryptionAlgorithm; + private Asn1Sequence recipientEncryptedKeys; + + public KeyAgreeRecipientInfo( + OriginatorIdentifierOrKey originator, + Asn1OctetString ukm, + AlgorithmIdentifier keyEncryptionAlgorithm, + Asn1Sequence recipientEncryptedKeys) + { + this.version = new DerInteger(3); + this.originator = originator; + this.ukm = ukm; + this.keyEncryptionAlgorithm = keyEncryptionAlgorithm; + this.recipientEncryptedKeys = recipientEncryptedKeys; + } + + public KeyAgreeRecipientInfo( + Asn1Sequence seq) + { + int index = 0; + + version = (DerInteger) seq[index++]; + originator = OriginatorIdentifierOrKey.GetInstance( + (Asn1TaggedObject) seq[index++], true); + + if (seq[index] is Asn1TaggedObject) + { + ukm = Asn1OctetString.GetInstance( + (Asn1TaggedObject) seq[index++], true); + } + + keyEncryptionAlgorithm = AlgorithmIdentifier.GetInstance( + seq[index++]); + + recipientEncryptedKeys = (Asn1Sequence) seq[index++]; + } + + /** + * return a KeyAgreeRecipientInfo object from a tagged object. + * + * @param obj the tagged object holding the object we want. + * @param explicitly true if the object is meant to be explicitly + * tagged false otherwise. + * @exception ArgumentException if the object held by the + * tagged object cannot be converted. + */ + public static KeyAgreeRecipientInfo GetInstance( + Asn1TaggedObject obj, + bool explicitly) + { + return GetInstance(Asn1Sequence.GetInstance(obj, explicitly)); + } + + /** + * return a KeyAgreeRecipientInfo object from the given object. + * + * @param obj the object we want converted. + * @exception ArgumentException if the object cannot be converted. + */ + public static KeyAgreeRecipientInfo GetInstance( + object obj) + { + if (obj == null || obj is KeyAgreeRecipientInfo) + return (KeyAgreeRecipientInfo)obj; + + if (obj is Asn1Sequence) + return new KeyAgreeRecipientInfo((Asn1Sequence)obj); + + throw new ArgumentException( + "Illegal object in KeyAgreeRecipientInfo: " + Platform.GetTypeName(obj)); + + } + + public DerInteger Version + { + get { return version; } + } + + public OriginatorIdentifierOrKey Originator + { + get { return originator; } + } + + public Asn1OctetString UserKeyingMaterial + { + get { return ukm; } + } + + public AlgorithmIdentifier KeyEncryptionAlgorithm + { + get { return keyEncryptionAlgorithm; } + } + + public Asn1Sequence RecipientEncryptedKeys + { + get { return recipientEncryptedKeys; } + } + + /** + * Produce an object suitable for an Asn1OutputStream. + * 
+         * KeyAgreeRecipientInfo ::= Sequence {
+         *     version CMSVersion,  -- always set to 3
+         *     originator [0] EXPLICIT OriginatorIdentifierOrKey,
+         *     ukm [1] EXPLICIT UserKeyingMaterial OPTIONAL,
+         *     keyEncryptionAlgorithm KeyEncryptionAlgorithmIdentifier,
+         *     recipientEncryptedKeys RecipientEncryptedKeys
+         * }
+		 *
+		 * UserKeyingMaterial ::= OCTET STRING
+         *
+ */ + public override Asn1Object ToAsn1Object() + { + Asn1EncodableVector v = new Asn1EncodableVector(version, new DerTaggedObject(true, 0, originator)); + v.AddOptionalTagged(true, 1, ukm); + v.Add(keyEncryptionAlgorithm, recipientEncryptedKeys); + return new DerSequence(v); + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/cms/KeyTransRecipientInfo.cs b/BouncyCastle/crypto/src/asn1/cms/KeyTransRecipientInfo.cs new file mode 100644 index 0000000..5e4fd22 --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/cms/KeyTransRecipientInfo.cs @@ -0,0 +1,99 @@ +using System; + +using Org.BouncyCastle.Asn1.X509; +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Asn1.Cms +{ + public class KeyTransRecipientInfo + : Asn1Encodable + { + private DerInteger version; + private RecipientIdentifier rid; + private AlgorithmIdentifier keyEncryptionAlgorithm; + private Asn1OctetString encryptedKey; + + public KeyTransRecipientInfo( + RecipientIdentifier rid, + AlgorithmIdentifier keyEncryptionAlgorithm, + Asn1OctetString encryptedKey) + { + if (rid.ToAsn1Object() is Asn1TaggedObject) + { + this.version = new DerInteger(2); + } + else + { + this.version = new DerInteger(0); + } + + this.rid = rid; + this.keyEncryptionAlgorithm = keyEncryptionAlgorithm; + this.encryptedKey = encryptedKey; + } + + public KeyTransRecipientInfo( + Asn1Sequence seq) + { + this.version = (DerInteger) seq[0]; + this.rid = RecipientIdentifier.GetInstance(seq[1]); + this.keyEncryptionAlgorithm = AlgorithmIdentifier.GetInstance(seq[2]); + this.encryptedKey = (Asn1OctetString) seq[3]; + } + + /** + * return a KeyTransRecipientInfo object from the given object. + * + * @param obj the object we want converted. + * @exception ArgumentException if the object cannot be converted. + */ + public static KeyTransRecipientInfo GetInstance( + object obj) + { + if (obj == null || obj is KeyTransRecipientInfo) + return (KeyTransRecipientInfo) obj; + + if(obj is Asn1Sequence) + return new KeyTransRecipientInfo((Asn1Sequence) obj); + + throw new ArgumentException( + "Illegal object in KeyTransRecipientInfo: " + Platform.GetTypeName(obj)); + } + + public DerInteger Version + { + get { return version; } + } + + public RecipientIdentifier RecipientIdentifier + { + get { return rid; } + } + + public AlgorithmIdentifier KeyEncryptionAlgorithm + { + get { return keyEncryptionAlgorithm; } + } + + public Asn1OctetString EncryptedKey + { + get { return encryptedKey; } + } + + /** + * Produce an object suitable for an Asn1OutputStream. + * 
+         * KeyTransRecipientInfo ::= Sequence {
+         *     version CMSVersion,  -- always set to 0 or 2
+         *     rid RecipientIdentifier,
+         *     keyEncryptionAlgorithm KeyEncryptionAlgorithmIdentifier,
+         *     encryptedKey EncryptedKey
+         * }
+         *
+ */ + public override Asn1Object ToAsn1Object() + { + return new DerSequence(version, rid, keyEncryptionAlgorithm, encryptedKey); + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/cms/MetaData.cs b/BouncyCastle/crypto/src/asn1/cms/MetaData.cs new file mode 100644 index 0000000..ad2b5c4 --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/cms/MetaData.cs @@ -0,0 +1,94 @@ +using System; + +namespace Org.BouncyCastle.Asn1.Cms +{ + public class MetaData + : Asn1Encodable + { + private DerBoolean hashProtected; + private DerUtf8String fileName; + private DerIA5String mediaType; + private Attributes otherMetaData; + + public MetaData( + DerBoolean hashProtected, + DerUtf8String fileName, + DerIA5String mediaType, + Attributes otherMetaData) + { + this.hashProtected = hashProtected; + this.fileName = fileName; + this.mediaType = mediaType; + this.otherMetaData = otherMetaData; + } + + private MetaData(Asn1Sequence seq) + { + this.hashProtected = DerBoolean.GetInstance(seq[0]); + + int index = 1; + + if (index < seq.Count && seq[index] is DerUtf8String) + { + this.fileName = DerUtf8String.GetInstance(seq[index++]); + } + if (index < seq.Count && seq[index] is DerIA5String) + { + this.mediaType = DerIA5String.GetInstance(seq[index++]); + } + if (index < seq.Count) + { + this.otherMetaData = Attributes.GetInstance(seq[index++]); + } + } + + public static MetaData GetInstance(object obj) + { + if (obj is MetaData) + return (MetaData)obj; + + if (obj != null) + return new MetaData(Asn1Sequence.GetInstance(obj)); + + return null; + } + + /** + * 
+		 * MetaData ::= SEQUENCE {
+		 *   hashProtected        BOOLEAN,
+		 *   fileName             UTF8String OPTIONAL,
+		 *   mediaType            IA5String OPTIONAL,
+		 *   otherMetaData        Attributes OPTIONAL
+		 * }
+		 *
+ * @return + */ + public override Asn1Object ToAsn1Object() + { + Asn1EncodableVector v = new Asn1EncodableVector(hashProtected); + v.AddOptional(fileName, mediaType, otherMetaData); + return new DerSequence(v); + } + + public virtual bool IsHashProtected + { + get { return hashProtected.IsTrue; } + } + + public virtual DerUtf8String FileName + { + get { return fileName; } + } + + public virtual DerIA5String MediaType + { + get { return mediaType; } + } + + public virtual Attributes OtherMetaData + { + get { return otherMetaData; } + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/cms/OriginatorIdentifierOrKey.cs b/BouncyCastle/crypto/src/asn1/cms/OriginatorIdentifierOrKey.cs new file mode 100644 index 0000000..f197fe9 --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/cms/OriginatorIdentifierOrKey.cs @@ -0,0 +1,168 @@ +using System; + +using Org.BouncyCastle.Asn1.X509; +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Asn1.Cms +{ + public class OriginatorIdentifierOrKey + : Asn1Encodable, IAsn1Choice + { + private Asn1Encodable id; + + public OriginatorIdentifierOrKey( + IssuerAndSerialNumber id) + { + this.id = id; + } + + [Obsolete("Use version taking a 'SubjectKeyIdentifier'")] + public OriginatorIdentifierOrKey( + Asn1OctetString id) + : this(new SubjectKeyIdentifier(id)) + { + } + + public OriginatorIdentifierOrKey( + SubjectKeyIdentifier id) + { + this.id = new DerTaggedObject(false, 0, id); + } + + public OriginatorIdentifierOrKey( + OriginatorPublicKey id) + { + this.id = new DerTaggedObject(false, 1, id); + } + + [Obsolete("Use more specific version")] + public OriginatorIdentifierOrKey( + Asn1Object id) + { + this.id = id; + } + + private OriginatorIdentifierOrKey( + Asn1TaggedObject id) + { + // TODO Add validation + this.id = id; + } + + /** + * return an OriginatorIdentifierOrKey object from a tagged object. + * + * @param o the tagged object holding the object we want. + * @param explicitly true if the object is meant to be explicitly + * tagged false otherwise. + * @exception ArgumentException if the object held by the + * tagged object cannot be converted. + */ + public static OriginatorIdentifierOrKey GetInstance( + Asn1TaggedObject o, + bool explicitly) + { + if (!explicitly) + { + throw new ArgumentException( + "Can't implicitly tag OriginatorIdentifierOrKey"); + } + + return GetInstance(o.GetObject()); + } + + /** + * return an OriginatorIdentifierOrKey object from the given object. + * + * @param o the object we want converted. + * @exception ArgumentException if the object cannot be converted. + */ + public static OriginatorIdentifierOrKey GetInstance( + object o) + { + if (o == null || o is OriginatorIdentifierOrKey) + return (OriginatorIdentifierOrKey)o; + + if (o is IssuerAndSerialNumber) + return new OriginatorIdentifierOrKey((IssuerAndSerialNumber)o); + + if (o is SubjectKeyIdentifier) + return new OriginatorIdentifierOrKey((SubjectKeyIdentifier)o); + + if (o is OriginatorPublicKey) + return new OriginatorIdentifierOrKey((OriginatorPublicKey)o); + + if (o is Asn1TaggedObject) + return new OriginatorIdentifierOrKey((Asn1TaggedObject)o); + + throw new ArgumentException("Invalid OriginatorIdentifierOrKey: " + Platform.GetTypeName(o)); + } + + public Asn1Encodable ID + { + get { return id; } + } + + public IssuerAndSerialNumber IssuerAndSerialNumber + { + get + { + if (id is IssuerAndSerialNumber) + { + return (IssuerAndSerialNumber)id; + } + + return null; + } + } + + public SubjectKeyIdentifier SubjectKeyIdentifier + { + get + { + if (id is Asn1TaggedObject && ((Asn1TaggedObject)id).TagNo == 0) + { + return SubjectKeyIdentifier.GetInstance((Asn1TaggedObject)id, false); + } + + return null; + } + } + + [Obsolete("Use 'OriginatorPublicKey' property")] + public OriginatorPublicKey OriginatorKey + { + get { return OriginatorPublicKey; } + } + + public OriginatorPublicKey OriginatorPublicKey + { + get + { + if (id is Asn1TaggedObject && ((Asn1TaggedObject)id).TagNo == 1) + { + return OriginatorPublicKey.GetInstance((Asn1TaggedObject)id, false); + } + + return null; + } + } + + /** + * Produce an object suitable for an Asn1OutputStream. + * 
+         * OriginatorIdentifierOrKey ::= CHOICE {
+         *     issuerAndSerialNumber IssuerAndSerialNumber,
+         *     subjectKeyIdentifier [0] SubjectKeyIdentifier,
+         *     originatorKey [1] OriginatorPublicKey
+         * }
+         *
+         * SubjectKeyIdentifier ::= OCTET STRING
+         *
+ */ + public override Asn1Object ToAsn1Object() + { + return id.ToAsn1Object(); + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/cms/OriginatorInfo.cs b/BouncyCastle/crypto/src/asn1/cms/OriginatorInfo.cs new file mode 100644 index 0000000..23acc2d --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/cms/OriginatorInfo.cs @@ -0,0 +1,112 @@ +using System; + +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Asn1.Cms +{ + public class OriginatorInfo + : Asn1Encodable + { + private Asn1Set certs; + private Asn1Set crls; + + public OriginatorInfo( + Asn1Set certs, + Asn1Set crls) + { + this.certs = certs; + this.crls = crls; + } + + public OriginatorInfo( + Asn1Sequence seq) + { + switch (seq.Count) + { + case 0: // empty + break; + case 1: + Asn1TaggedObject o = (Asn1TaggedObject) seq[0]; + switch (o.TagNo) + { + case 0 : + certs = Asn1Set.GetInstance(o, false); + break; + case 1 : + crls = Asn1Set.GetInstance(o, false); + break; + default: + throw new ArgumentException("Bad tag in OriginatorInfo: " + o.TagNo); + } + break; + case 2: + certs = Asn1Set.GetInstance((Asn1TaggedObject) seq[0], false); + crls = Asn1Set.GetInstance((Asn1TaggedObject) seq[1], false); + break; + default: + throw new ArgumentException("OriginatorInfo too big"); + } + } + + /** + * return an OriginatorInfo object from a tagged object. + * + * @param obj the tagged object holding the object we want. + * @param explicitly true if the object is meant to be explicitly + * tagged false otherwise. + * @exception ArgumentException if the object held by the + * tagged object cannot be converted. + */ + public static OriginatorInfo GetInstance( + Asn1TaggedObject obj, + bool explicitly) + { + return GetInstance(Asn1Sequence.GetInstance(obj, explicitly)); + } + + /** + * return an OriginatorInfo object from the given object. + * + * @param obj the object we want converted. + * @exception ArgumentException if the object cannot be converted. + */ + public static OriginatorInfo GetInstance( + object obj) + { + if (obj == null || obj is OriginatorInfo) + return (OriginatorInfo)obj; + + if (obj is Asn1Sequence) + return new OriginatorInfo((Asn1Sequence)obj); + + throw new ArgumentException("Invalid OriginatorInfo: " + Platform.GetTypeName(obj)); + } + + public Asn1Set Certificates + { + get { return certs; } + } + + public Asn1Set Crls + { + get { return crls; } + } + + /** + * Produce an object suitable for an Asn1OutputStream. + * 
+         * OriginatorInfo ::= Sequence {
+         *     certs [0] IMPLICIT CertificateSet OPTIONAL,
+         *     crls [1] IMPLICIT CertificateRevocationLists OPTIONAL
+         * }
+         *
+ */ + public override Asn1Object ToAsn1Object() + { + Asn1EncodableVector v = new Asn1EncodableVector(); + v.AddOptionalTagged(false, 0, certs); + v.AddOptionalTagged(false, 1, crls); + return new DerSequence(v); + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/cms/OriginatorPublicKey.cs b/BouncyCastle/crypto/src/asn1/cms/OriginatorPublicKey.cs new file mode 100644 index 0000000..9f29c62 --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/cms/OriginatorPublicKey.cs @@ -0,0 +1,88 @@ +using System; + +using Org.BouncyCastle.Asn1.X509; +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Asn1.Cms +{ + public class OriginatorPublicKey + : Asn1Encodable + { + private readonly AlgorithmIdentifier mAlgorithm; + private readonly DerBitString mPublicKey; + + public OriginatorPublicKey( + AlgorithmIdentifier algorithm, + byte[] publicKey) + { + this.mAlgorithm = algorithm; + this.mPublicKey = new DerBitString(publicKey); + } + + [Obsolete("Use 'GetInstance' instead")] + public OriginatorPublicKey( + Asn1Sequence seq) + { + this.mAlgorithm = AlgorithmIdentifier.GetInstance(seq[0]); + this.mPublicKey = DerBitString.GetInstance(seq[1]); + } + + /** + * return an OriginatorPublicKey object from a tagged object. + * + * @param obj the tagged object holding the object we want. + * @param explicitly true if the object is meant to be explicitly + * tagged false otherwise. + * @exception ArgumentException if the object held by the + * tagged object cannot be converted. + */ + public static OriginatorPublicKey GetInstance( + Asn1TaggedObject obj, + bool explicitly) + { + return GetInstance(Asn1Sequence.GetInstance(obj, explicitly)); + } + + /** + * return an OriginatorPublicKey object from the given object. + * + * @param obj the object we want converted. + * @exception ArgumentException if the object cannot be converted. + */ + public static OriginatorPublicKey GetInstance( + object obj) + { + if (obj == null || obj is OriginatorPublicKey) + return (OriginatorPublicKey)obj; + + if (obj is Asn1Sequence) + return new OriginatorPublicKey(Asn1Sequence.GetInstance(obj)); + + throw new ArgumentException("Invalid OriginatorPublicKey: " + Platform.GetTypeName(obj)); + } + + public AlgorithmIdentifier Algorithm + { + get { return mAlgorithm; } + } + + public DerBitString PublicKey + { + get { return mPublicKey; } + } + + /** + * Produce an object suitable for an Asn1OutputStream. + * 
+         * OriginatorPublicKey ::= Sequence {
+         *     algorithm AlgorithmIdentifier,
+         *     publicKey BIT STRING
+         * }
+         *
+ */ + public override Asn1Object ToAsn1Object() + { + return new DerSequence(mAlgorithm, mPublicKey); + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/cms/OtherKeyAttribute.cs b/BouncyCastle/crypto/src/asn1/cms/OtherKeyAttribute.cs new file mode 100644 index 0000000..285c881 --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/cms/OtherKeyAttribute.cs @@ -0,0 +1,70 @@ +using System; + +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Asn1.Cms +{ + public class OtherKeyAttribute + : Asn1Encodable + { + private DerObjectIdentifier keyAttrId; + private Asn1Encodable keyAttr; + + /** + * return an OtherKeyAttribute object from the given object. + * + * @param o the object we want converted. + * @exception ArgumentException if the object cannot be converted. + */ + public static OtherKeyAttribute GetInstance( + object obj) + { + if (obj == null || obj is OtherKeyAttribute) + return (OtherKeyAttribute) obj; + + if (obj is Asn1Sequence) + return new OtherKeyAttribute((Asn1Sequence) obj); + + throw new ArgumentException("unknown object in factory: " + Platform.GetTypeName(obj), "obj"); + } + + public OtherKeyAttribute( + Asn1Sequence seq) + { + keyAttrId = (DerObjectIdentifier) seq[0]; + keyAttr = seq[1]; + } + + public OtherKeyAttribute( + DerObjectIdentifier keyAttrId, + Asn1Encodable keyAttr) + { + this.keyAttrId = keyAttrId; + this.keyAttr = keyAttr; + } + + public DerObjectIdentifier KeyAttrId + { + get { return keyAttrId; } + } + + public Asn1Encodable KeyAttr + { + get { return keyAttr; } + } + + /** + * Produce an object suitable for an Asn1OutputStream. + * 
+         * OtherKeyAttribute ::= Sequence {
+         *     keyAttrId OBJECT IDENTIFIER,
+         *     keyAttr ANY DEFINED BY keyAttrId OPTIONAL
+         * }
+         *
+ */ + public override Asn1Object ToAsn1Object() + { + return new DerSequence(keyAttrId, keyAttr); + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/cms/OtherRecipientInfo.cs b/BouncyCastle/crypto/src/asn1/cms/OtherRecipientInfo.cs new file mode 100644 index 0000000..80dd68e --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/cms/OtherRecipientInfo.cs @@ -0,0 +1,83 @@ +using System; + +namespace Org.BouncyCastle.Asn1.Cms +{ + public class OtherRecipientInfo + : Asn1Encodable + { + private readonly DerObjectIdentifier oriType; + private readonly Asn1Encodable oriValue; + + public OtherRecipientInfo( + DerObjectIdentifier oriType, + Asn1Encodable oriValue) + { + this.oriType = oriType; + this.oriValue = oriValue; + } + + [Obsolete("Use GetInstance() instead")] + public OtherRecipientInfo( + Asn1Sequence seq) + { + oriType = DerObjectIdentifier.GetInstance(seq[0]); + oriValue = seq[1]; + } + + /** + * return a OtherRecipientInfo object from a tagged object. + * + * @param obj the tagged object holding the object we want. + * @param explicitly true if the object is meant to be explicitly + * tagged false otherwise. + * @exception ArgumentException if the object held by the + * tagged object cannot be converted. + */ + public static OtherRecipientInfo GetInstance( + Asn1TaggedObject obj, + bool explicitly) + { + return GetInstance(Asn1Sequence.GetInstance(obj, explicitly)); + } + + /** + * return a OtherRecipientInfo object from the given object. + * + * @param obj the object we want converted. + * @exception ArgumentException if the object cannot be converted. + */ + public static OtherRecipientInfo GetInstance( + object obj) + { + if (obj == null) + return null; + OtherRecipientInfo existing = obj as OtherRecipientInfo; + if (existing != null) + return existing; + return new OtherRecipientInfo(Asn1Sequence.GetInstance(obj)); + } + + public virtual DerObjectIdentifier OriType + { + get { return oriType; } + } + + public virtual Asn1Encodable OriValue + { + get { return oriValue; } + } + + /** + * Produce an object suitable for an Asn1OutputStream. + * 
+         * OtherRecipientInfo ::= Sequence {
+         *    oriType OBJECT IDENTIFIER,
+         *    oriValue ANY DEFINED BY oriType }
+         *
+ */ + public override Asn1Object ToAsn1Object() + { + return new DerSequence(oriType, oriValue); + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/cms/OtherRevocationInfoFormat.cs b/BouncyCastle/crypto/src/asn1/cms/OtherRevocationInfoFormat.cs new file mode 100644 index 0000000..7835489 --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/cms/OtherRevocationInfoFormat.cs @@ -0,0 +1,77 @@ +using System; + +namespace Org.BouncyCastle.Asn1.Cms +{ + public class OtherRevocationInfoFormat + : Asn1Encodable + { + private readonly DerObjectIdentifier otherRevInfoFormat; + private readonly Asn1Encodable otherRevInfo; + + public OtherRevocationInfoFormat( + DerObjectIdentifier otherRevInfoFormat, + Asn1Encodable otherRevInfo) + { + this.otherRevInfoFormat = otherRevInfoFormat; + this.otherRevInfo = otherRevInfo; + } + + private OtherRevocationInfoFormat(Asn1Sequence seq) + { + otherRevInfoFormat = DerObjectIdentifier.GetInstance(seq[0]); + otherRevInfo = seq[1]; + } + + /** + * return a OtherRevocationInfoFormat object from a tagged object. + * + * @param obj the tagged object holding the object we want. + * @param explicit true if the object is meant to be explicitly + * tagged false otherwise. + * @exception IllegalArgumentException if the object held by the + * tagged object cannot be converted. + */ + public static OtherRevocationInfoFormat GetInstance(Asn1TaggedObject obj, bool isExplicit) + { + return GetInstance(Asn1Sequence.GetInstance(obj, isExplicit)); + } + + /** + * return a OtherRevocationInfoFormat object from the given object. + * + * @param obj the object we want converted. + * @exception IllegalArgumentException if the object cannot be converted. + */ + public static OtherRevocationInfoFormat GetInstance(object obj) + { + if (obj is OtherRevocationInfoFormat) + return (OtherRevocationInfoFormat)obj; + if (obj != null) + return new OtherRevocationInfoFormat(Asn1Sequence.GetInstance(obj)); + return null; + } + + public virtual DerObjectIdentifier InfoFormat + { + get { return otherRevInfoFormat; } + } + + public virtual Asn1Encodable Info + { + get { return otherRevInfo; } + } + + /** + * Produce an object suitable for an ASN1OutputStream. + * 
+         * OtherRevocationInfoFormat ::= SEQUENCE {
+         *      otherRevInfoFormat OBJECT IDENTIFIER,
+         *      otherRevInfo ANY DEFINED BY otherRevInfoFormat }
+         *
+ */ + public override Asn1Object ToAsn1Object() + { + return new DerSequence(otherRevInfoFormat, otherRevInfo); + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/cms/PasswordRecipientInfo.cs b/BouncyCastle/crypto/src/asn1/cms/PasswordRecipientInfo.cs new file mode 100644 index 0000000..596dd95 --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/cms/PasswordRecipientInfo.cs @@ -0,0 +1,127 @@ +using System; + +using Org.BouncyCastle.Asn1.X509; +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Asn1.Cms +{ + public class PasswordRecipientInfo + : Asn1Encodable + { + private readonly DerInteger version; + private readonly AlgorithmIdentifier keyDerivationAlgorithm; + private readonly AlgorithmIdentifier keyEncryptionAlgorithm; + private readonly Asn1OctetString encryptedKey; + + public PasswordRecipientInfo( + AlgorithmIdentifier keyEncryptionAlgorithm, + Asn1OctetString encryptedKey) + { + this.version = new DerInteger(0); + this.keyEncryptionAlgorithm = keyEncryptionAlgorithm; + this.encryptedKey = encryptedKey; + } + + public PasswordRecipientInfo( + AlgorithmIdentifier keyDerivationAlgorithm, + AlgorithmIdentifier keyEncryptionAlgorithm, + Asn1OctetString encryptedKey) + { + this.version = new DerInteger(0); + this.keyDerivationAlgorithm = keyDerivationAlgorithm; + this.keyEncryptionAlgorithm = keyEncryptionAlgorithm; + this.encryptedKey = encryptedKey; + } + + public PasswordRecipientInfo( + Asn1Sequence seq) + { + version = (DerInteger) seq[0]; + + if (seq[1] is Asn1TaggedObject) + { + keyDerivationAlgorithm = AlgorithmIdentifier.GetInstance((Asn1TaggedObject) seq[1], false); + keyEncryptionAlgorithm = AlgorithmIdentifier.GetInstance(seq[2]); + encryptedKey = (Asn1OctetString) seq[3]; + } + else + { + keyEncryptionAlgorithm = AlgorithmIdentifier.GetInstance(seq[1]); + encryptedKey = (Asn1OctetString) seq[2]; + } + } + + /** + * return a PasswordRecipientInfo object from a tagged object. + * + * @param obj the tagged object holding the object we want. + * @param explicitly true if the object is meant to be explicitly + * tagged false otherwise. + * @exception ArgumentException if the object held by the + * tagged object cannot be converted. + */ + public static PasswordRecipientInfo GetInstance( + Asn1TaggedObject obj, + bool explicitly) + { + return GetInstance(Asn1Sequence.GetInstance(obj, explicitly)); + } + + /** + * return a PasswordRecipientInfo object from the given object. + * + * @param obj the object we want converted. + * @exception ArgumentException if the object cannot be converted. + */ + public static PasswordRecipientInfo GetInstance( + object obj) + { + if (obj == null || obj is PasswordRecipientInfo) + return (PasswordRecipientInfo) obj; + + if (obj is Asn1Sequence) + return new PasswordRecipientInfo((Asn1Sequence) obj); + + throw new ArgumentException("Invalid PasswordRecipientInfo: " + Platform.GetTypeName(obj)); + } + + public DerInteger Version + { + get { return version; } + } + + public AlgorithmIdentifier KeyDerivationAlgorithm + { + get { return keyDerivationAlgorithm; } + } + + public AlgorithmIdentifier KeyEncryptionAlgorithm + { + get { return keyEncryptionAlgorithm; } + } + + public Asn1OctetString EncryptedKey + { + get { return encryptedKey; } + } + + /** + * Produce an object suitable for an Asn1OutputStream. + * 
+         * PasswordRecipientInfo ::= Sequence {
+         *   version CMSVersion,   -- Always set to 0
+         *   keyDerivationAlgorithm [0] KeyDerivationAlgorithmIdentifier
+         *                             OPTIONAL,
+         *  keyEncryptionAlgorithm KeyEncryptionAlgorithmIdentifier,
+         *  encryptedKey EncryptedKey }
+         *
+ */ + public override Asn1Object ToAsn1Object() + { + Asn1EncodableVector v = new Asn1EncodableVector(version); + v.AddOptionalTagged(false, 0, keyDerivationAlgorithm); + v.Add(keyEncryptionAlgorithm, encryptedKey); + return new DerSequence(v); + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/cms/RecipientEncryptedKey.cs b/BouncyCastle/crypto/src/asn1/cms/RecipientEncryptedKey.cs new file mode 100644 index 0000000..1afba4a --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/cms/RecipientEncryptedKey.cs @@ -0,0 +1,90 @@ +using System; + +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Asn1.Cms +{ + public class RecipientEncryptedKey + : Asn1Encodable + { + private readonly KeyAgreeRecipientIdentifier identifier; + private readonly Asn1OctetString encryptedKey; + + private RecipientEncryptedKey( + Asn1Sequence seq) + { + identifier = KeyAgreeRecipientIdentifier.GetInstance(seq[0]); + encryptedKey = (Asn1OctetString) seq[1]; + } + + /** + * return an RecipientEncryptedKey object from a tagged object. + * + * @param obj the tagged object holding the object we want. + * @param isExplicit true if the object is meant to be explicitly + * tagged false otherwise. + * @exception ArgumentException if the object held by the + * tagged object cannot be converted. + */ + public static RecipientEncryptedKey GetInstance( + Asn1TaggedObject obj, + bool isExplicit) + { + return GetInstance(Asn1Sequence.GetInstance(obj, isExplicit)); + } + + /** + * return a RecipientEncryptedKey object from the given object. + * + * @param obj the object we want converted. + * @exception ArgumentException if the object cannot be converted. + */ + public static RecipientEncryptedKey GetInstance( + object obj) + { + if (obj == null || obj is RecipientEncryptedKey) + { + return (RecipientEncryptedKey) obj; + } + + if (obj is Asn1Sequence) + { + return new RecipientEncryptedKey((Asn1Sequence) obj); + } + + throw new ArgumentException("Invalid RecipientEncryptedKey: " + Platform.GetTypeName(obj), "obj"); + } + + public RecipientEncryptedKey( + KeyAgreeRecipientIdentifier id, + Asn1OctetString encryptedKey) + { + this.identifier = id; + this.encryptedKey = encryptedKey; + } + + public KeyAgreeRecipientIdentifier Identifier + { + get { return identifier; } + } + + public Asn1OctetString EncryptedKey + { + get { return encryptedKey; } + } + + /** + * Produce an object suitable for an Asn1OutputStream. + * 
+		 * RecipientEncryptedKey ::= SEQUENCE {
+		 *     rid KeyAgreeRecipientIdentifier,
+		 *     encryptedKey EncryptedKey
+		 * }
+		 *
+ */ + public override Asn1Object ToAsn1Object() + { + return new DerSequence(identifier, encryptedKey); + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/cms/RecipientIdentifier.cs b/BouncyCastle/crypto/src/asn1/cms/RecipientIdentifier.cs new file mode 100644 index 0000000..f29fa8d --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/cms/RecipientIdentifier.cs @@ -0,0 +1,89 @@ +using System; + +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Asn1.Cms +{ + public class RecipientIdentifier + : Asn1Encodable, IAsn1Choice + { + private Asn1Encodable id; + + public RecipientIdentifier( + IssuerAndSerialNumber id) + { + this.id = id; + } + + public RecipientIdentifier( + Asn1OctetString id) + { + this.id = new DerTaggedObject(false, 0, id); + } + + public RecipientIdentifier( + Asn1Object id) + { + this.id = id; + } + + /** + * return a RecipientIdentifier object from the given object. + * + * @param o the object we want converted. + * @exception ArgumentException if the object cannot be converted. + */ + public static RecipientIdentifier GetInstance( + object o) + { + if (o == null || o is RecipientIdentifier) + return (RecipientIdentifier)o; + + if (o is IssuerAndSerialNumber) + return new RecipientIdentifier((IssuerAndSerialNumber) o); + + if (o is Asn1OctetString) + return new RecipientIdentifier((Asn1OctetString) o); + + if (o is Asn1Object) + return new RecipientIdentifier((Asn1Object) o); + + throw new ArgumentException( + "Illegal object in RecipientIdentifier: " + Platform.GetTypeName(o)); + } + + public bool IsTagged + { + get { return (id is Asn1TaggedObject); } + } + + public Asn1Encodable ID + { + get + { + if (id is Asn1TaggedObject) + { + return Asn1OctetString.GetInstance((Asn1TaggedObject) id, false); + } + + return IssuerAndSerialNumber.GetInstance(id); + } + } + + /** + * Produce an object suitable for an Asn1OutputStream. + * 
+         * RecipientIdentifier ::= CHOICE {
+         *     issuerAndSerialNumber IssuerAndSerialNumber,
+         *     subjectKeyIdentifier [0] SubjectKeyIdentifier
+         * }
+         *
+         * SubjectKeyIdentifier ::= OCTET STRING
+         *
+ */ + public override Asn1Object ToAsn1Object() + { + return id.ToAsn1Object(); + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/cms/RecipientInfo.cs b/BouncyCastle/crypto/src/asn1/cms/RecipientInfo.cs new file mode 100644 index 0000000..c03ad90 --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/cms/RecipientInfo.cs @@ -0,0 +1,145 @@ +using System; + +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Asn1.Cms +{ + public class RecipientInfo + : Asn1Encodable, IAsn1Choice + { + internal Asn1Encodable info; + + public RecipientInfo( + KeyTransRecipientInfo info) + { + this.info = info; + } + + public RecipientInfo( + KeyAgreeRecipientInfo info) + { + this.info = new DerTaggedObject(false, 1, info); + } + + public RecipientInfo( + KekRecipientInfo info) + { + this.info = new DerTaggedObject(false, 2, info); + } + + public RecipientInfo( + PasswordRecipientInfo info) + { + this.info = new DerTaggedObject(false, 3, info); + } + + public RecipientInfo( + OtherRecipientInfo info) + { + this.info = new DerTaggedObject(false, 4, info); + } + + public RecipientInfo( + Asn1Object info) + { + this.info = info; + } + + public static RecipientInfo GetInstance( + object o) + { + if (o == null || o is RecipientInfo) + return (RecipientInfo) o; + + if (o is Asn1Sequence) + return new RecipientInfo((Asn1Sequence) o); + + if (o is Asn1TaggedObject) + return new RecipientInfo((Asn1TaggedObject) o); + + throw new ArgumentException("unknown object in factory: " + Platform.GetTypeName(o)); + } + + public DerInteger Version + { + get + { + if (info is Asn1TaggedObject) + { + Asn1TaggedObject o = (Asn1TaggedObject) info; + + switch (o.TagNo) + { + case 1: + return KeyAgreeRecipientInfo.GetInstance(o, false).Version; + case 2: + return GetKekInfo(o).Version; + case 3: + return PasswordRecipientInfo.GetInstance(o, false).Version; + case 4: + return new DerInteger(0); // no syntax version for OtherRecipientInfo + default: + throw new InvalidOperationException("unknown tag"); + } + } + + return KeyTransRecipientInfo.GetInstance(info).Version; + } + } + + public bool IsTagged + { + get { return info is Asn1TaggedObject; } + } + + public Asn1Encodable Info + { + get + { + if (info is Asn1TaggedObject) + { + Asn1TaggedObject o = (Asn1TaggedObject) info; + + switch (o.TagNo) + { + case 1: + return KeyAgreeRecipientInfo.GetInstance(o, false); + case 2: + return GetKekInfo(o); + case 3: + return PasswordRecipientInfo.GetInstance(o, false); + case 4: + return OtherRecipientInfo.GetInstance(o, false); + default: + throw new InvalidOperationException("unknown tag"); + } + } + + return KeyTransRecipientInfo.GetInstance(info); + } + } + + private KekRecipientInfo GetKekInfo( + Asn1TaggedObject o) + { + // For compatibility with erroneous version, we don't always pass 'false' here + return KekRecipientInfo.GetInstance(o, o.IsExplicit()); + } + + /** + * Produce an object suitable for an Asn1OutputStream. + * 
+         * RecipientInfo ::= CHOICE {
+         *     ktri KeyTransRecipientInfo,
+         *     kari [1] KeyAgreeRecipientInfo,
+         *     kekri [2] KekRecipientInfo,
+         *     pwri [3] PasswordRecipientInfo,
+         *     ori [4] OtherRecipientInfo }
+         *
+ */ + public override Asn1Object ToAsn1Object() + { + return info.ToAsn1Object(); + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/cms/RecipientKeyIdentifier.cs b/BouncyCastle/crypto/src/asn1/cms/RecipientKeyIdentifier.cs new file mode 100644 index 0000000..995ddab --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/cms/RecipientKeyIdentifier.cs @@ -0,0 +1,137 @@ +using System; + +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Asn1.Cms +{ + public class RecipientKeyIdentifier + : Asn1Encodable + { + private Asn1OctetString subjectKeyIdentifier; + private DerGeneralizedTime date; + private OtherKeyAttribute other; + + public RecipientKeyIdentifier( + Asn1OctetString subjectKeyIdentifier, + DerGeneralizedTime date, + OtherKeyAttribute other) + { + this.subjectKeyIdentifier = subjectKeyIdentifier; + this.date = date; + this.other = other; + } + + public RecipientKeyIdentifier( + byte[] subjectKeyIdentifier) + : this(subjectKeyIdentifier, null, null) + { + } + + public RecipientKeyIdentifier( + byte[] subjectKeyIdentifier, + DerGeneralizedTime date, + OtherKeyAttribute other) + { + this.subjectKeyIdentifier = new DerOctetString(subjectKeyIdentifier); + this.date = date; + this.other = other; + } + + public RecipientKeyIdentifier( + Asn1Sequence seq) + { + subjectKeyIdentifier = Asn1OctetString.GetInstance( + seq[0]); + + switch(seq.Count) + { + case 1: + break; + case 2: + if (seq[1] is DerGeneralizedTime) + { + date = (DerGeneralizedTime) seq[1]; + } + else + { + other = OtherKeyAttribute.GetInstance(seq[2]); + } + break; + case 3: + date = (DerGeneralizedTime) seq[1]; + other = OtherKeyAttribute.GetInstance(seq[2]); + break; + default: + throw new ArgumentException("Invalid RecipientKeyIdentifier"); + } + } + + /** + * return a RecipientKeyIdentifier object from a tagged object. + * + * @param _ato the tagged object holding the object we want. + * @param _explicit true if the object is meant to be explicitly + * tagged false otherwise. + * @exception ArgumentException if the object held by the + * tagged object cannot be converted. + */ + public static RecipientKeyIdentifier GetInstance( + Asn1TaggedObject ato, + bool explicitly) + { + return GetInstance(Asn1Sequence.GetInstance(ato, explicitly)); + } + + /** + * return a RecipientKeyIdentifier object from the given object. + * + * @param _obj the object we want converted. + * @exception ArgumentException if the object cannot be converted. + */ + public static RecipientKeyIdentifier GetInstance( + object obj) + { + if (obj == null || obj is RecipientKeyIdentifier) + return (RecipientKeyIdentifier) obj; + + if (obj is Asn1Sequence) + return new RecipientKeyIdentifier((Asn1Sequence) obj); + + throw new ArgumentException("Invalid RecipientKeyIdentifier: " + Platform.GetTypeName(obj)); + } + + public Asn1OctetString SubjectKeyIdentifier + { + get { return subjectKeyIdentifier; } + } + + public DerGeneralizedTime Date + { + get { return date; } + } + + public OtherKeyAttribute OtherKeyAttribute + { + get { return other; } + } + + /** + * Produce an object suitable for an Asn1OutputStream. + * 
+         * RecipientKeyIdentifier ::= Sequence {
+         *     subjectKeyIdentifier SubjectKeyIdentifier,
+         *     date GeneralizedTime OPTIONAL,
+         *     other OtherKeyAttribute OPTIONAL
+         * }
+         *
+         * SubjectKeyIdentifier ::= OCTET STRING
+         *
+ */ + public override Asn1Object ToAsn1Object() + { + Asn1EncodableVector v = new Asn1EncodableVector(subjectKeyIdentifier); + v.AddOptional(date, other); + return new DerSequence(v); + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/cms/SCVPReqRes.cs b/BouncyCastle/crypto/src/asn1/cms/SCVPReqRes.cs new file mode 100644 index 0000000..a6ebf73 --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/cms/SCVPReqRes.cs @@ -0,0 +1,71 @@ +using System; + +namespace Org.BouncyCastle.Asn1.Cms +{ + public class ScvpReqRes + : Asn1Encodable + { + private readonly ContentInfo request; + private readonly ContentInfo response; + + public static ScvpReqRes GetInstance(object obj) + { + if (obj is ScvpReqRes) + return (ScvpReqRes)obj; + if (obj != null) + return new ScvpReqRes(Asn1Sequence.GetInstance(obj)); + return null; + } + + private ScvpReqRes(Asn1Sequence seq) + { + if (seq[0] is Asn1TaggedObject) + { + this.request = ContentInfo.GetInstance(Asn1TaggedObject.GetInstance(seq[0]), true); + this.response = ContentInfo.GetInstance(seq[1]); + } + else + { + this.request = null; + this.response = ContentInfo.GetInstance(seq[0]); + } + } + + public ScvpReqRes(ContentInfo response) + : this(null, response) + { + } + + public ScvpReqRes(ContentInfo request, ContentInfo response) + { + this.request = request; + this.response = response; + } + + public virtual ContentInfo Request + { + get { return request; } + } + + public virtual ContentInfo Response + { + get { return response; } + } + + /** + * 
+         *    ScvpReqRes ::= SEQUENCE {
+         *    request  [0] EXPLICIT ContentInfo OPTIONAL,
+         *    response     ContentInfo }
+         *
+ * @return the ASN.1 primitive representation. + */ + public override Asn1Object ToAsn1Object() + { + Asn1EncodableVector v = new Asn1EncodableVector(); + v.AddOptionalTagged(true, 0, request); + v.Add(response); + return new DerSequence(v); + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/cms/SignedData.cs b/BouncyCastle/crypto/src/asn1/cms/SignedData.cs new file mode 100644 index 0000000..1e97346 --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/cms/SignedData.cs @@ -0,0 +1,284 @@ +using System; +using System.Collections; + +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Asn1.Cms +{ + /** + * a signed data object. + */ + public class SignedData + : Asn1Encodable + { + private static readonly DerInteger Version1 = new DerInteger(1); + private static readonly DerInteger Version3 = new DerInteger(3); + private static readonly DerInteger Version4 = new DerInteger(4); + private static readonly DerInteger Version5 = new DerInteger(5); + + private readonly DerInteger version; + private readonly Asn1Set digestAlgorithms; + private readonly ContentInfo contentInfo; + private readonly Asn1Set certificates; + private readonly Asn1Set crls; + private readonly Asn1Set signerInfos; + private readonly bool certsBer; + private readonly bool crlsBer; + + public static SignedData GetInstance(object obj) + { + if (obj is SignedData) + return (SignedData)obj; + if (obj == null) + return null; + return new SignedData(Asn1Sequence.GetInstance(obj)); + } + + public SignedData( + Asn1Set digestAlgorithms, + ContentInfo contentInfo, + Asn1Set certificates, + Asn1Set crls, + Asn1Set signerInfos) + { + this.version = CalculateVersion(contentInfo.ContentType, certificates, crls, signerInfos); + this.digestAlgorithms = digestAlgorithms; + this.contentInfo = contentInfo; + this.certificates = certificates; + this.crls = crls; + this.signerInfos = signerInfos; + this.crlsBer = crls is BerSet; + this.certsBer = certificates is BerSet; + } + + // RFC3852, section 5.1: + // IF ((certificates is present) AND + // (any certificates with a type of other are present)) OR + // ((crls is present) AND + // (any crls with a type of other are present)) + // THEN version MUST be 5 + // ELSE + // IF (certificates is present) AND + // (any version 2 attribute certificates are present) + // THEN version MUST be 4 + // ELSE + // IF ((certificates is present) AND + // (any version 1 attribute certificates are present)) OR + // (any SignerInfo structures are version 3) OR + // (encapContentInfo eContentType is other than id-data) + // THEN version MUST be 3 + // ELSE version MUST be 1 + // + private DerInteger CalculateVersion( + DerObjectIdentifier contentOid, + Asn1Set certs, + Asn1Set crls, + Asn1Set signerInfs) + { + bool otherCert = false; + bool otherCrl = false; + bool attrCertV1Found = false; + bool attrCertV2Found = false; + + if (certs != null) + { + foreach (object obj in certs) + { + if (obj is Asn1TaggedObject) + { + Asn1TaggedObject tagged = (Asn1TaggedObject)obj; + + if (tagged.TagNo == 1) + { + attrCertV1Found = true; + } + else if (tagged.TagNo == 2) + { + attrCertV2Found = true; + } + else if (tagged.TagNo == 3) + { + otherCert = true; + break; + } + } + } + } + + if (otherCert) + { + return Version5; + } + + if (crls != null) + { + foreach (object obj in crls) + { + if (obj is Asn1TaggedObject) + { + otherCrl = true; + break; + } + } + } + + if (otherCrl) + { + return Version5; + } + + if (attrCertV2Found) + { + return Version4; + } + + if (attrCertV1Found || !CmsObjectIdentifiers.Data.Equals(contentOid) || CheckForVersion3(signerInfs)) + { + return Version3; + } + + return Version1; + } + + private bool CheckForVersion3( + Asn1Set signerInfs) + { + foreach (object obj in signerInfs) + { + SignerInfo s = SignerInfo.GetInstance(obj); + + if (s.Version.HasValue(3)) + { + return true; + } + } + + return false; + } + + private SignedData( + Asn1Sequence seq) + { + IEnumerator e = seq.GetEnumerator(); + + e.MoveNext(); + version = (DerInteger)e.Current; + + e.MoveNext(); + digestAlgorithms = ((Asn1Set)e.Current); + + e.MoveNext(); + contentInfo = ContentInfo.GetInstance(e.Current); + + while (e.MoveNext()) + { + Asn1Object o = (Asn1Object)e.Current; + + // + // an interesting feature of SignedData is that there appear + // to be varying implementations... + // for the moment we ignore anything which doesn't fit. + // + if (o is Asn1TaggedObject) + { + Asn1TaggedObject tagged = (Asn1TaggedObject)o; + + switch (tagged.TagNo) + { + case 0: + certsBer = tagged is BerTaggedObject; + certificates = Asn1Set.GetInstance(tagged, false); + break; + case 1: + crlsBer = tagged is BerTaggedObject; + crls = Asn1Set.GetInstance(tagged, false); + break; + default: + throw new ArgumentException("unknown tag value " + tagged.TagNo); + } + } + else + { + signerInfos = (Asn1Set) o; + } + } + } + + public DerInteger Version + { + get { return version; } + } + + public Asn1Set DigestAlgorithms + { + get { return digestAlgorithms; } + } + + public ContentInfo EncapContentInfo + { + get { return contentInfo; } + } + + public Asn1Set Certificates + { + get { return certificates; } + } + + public Asn1Set CRLs + { + get { return crls; } + } + + public Asn1Set SignerInfos + { + get { return signerInfos; } + } + + /** + * Produce an object suitable for an Asn1OutputStream. + * 
+         * SignedData ::= Sequence {
+         *     version CMSVersion,
+         *     digestAlgorithms DigestAlgorithmIdentifiers,
+         *     encapContentInfo EncapsulatedContentInfo,
+         *     certificates [0] IMPLICIT CertificateSet OPTIONAL,
+         *     crls [1] IMPLICIT CertificateRevocationLists OPTIONAL,
+         *     signerInfos SignerInfos
+         *   }
+         *
+ */ + public override Asn1Object ToAsn1Object() + { + Asn1EncodableVector v = new Asn1EncodableVector( + version, digestAlgorithms, contentInfo); + + if (certificates != null) + { + if (certsBer) + { + v.Add(new BerTaggedObject(false, 0, certificates)); + } + else + { + v.Add(new DerTaggedObject(false, 0, certificates)); + } + } + + if (crls != null) + { + if (crlsBer) + { + v.Add(new BerTaggedObject(false, 1, crls)); + } + else + { + v.Add(new DerTaggedObject(false, 1, crls)); + } + } + + v.Add(signerInfos); + + return new BerSequence(v); + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/cms/SignedDataParser.cs b/BouncyCastle/crypto/src/asn1/cms/SignedDataParser.cs new file mode 100644 index 0000000..cd07f40 --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/cms/SignedDataParser.cs @@ -0,0 +1,114 @@ +using System; +using System.IO; + +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Asn1.Cms +{ + /** + * 
+	* SignedData ::= SEQUENCE {
+	*     version CMSVersion,
+	*     digestAlgorithms DigestAlgorithmIdentifiers,
+	*     encapContentInfo EncapsulatedContentInfo,
+	*     certificates [0] IMPLICIT CertificateSet OPTIONAL,
+	*     crls [1] IMPLICIT CertificateRevocationLists OPTIONAL,
+	*     signerInfos SignerInfos
+	*   }
+	*
+ */ + public class SignedDataParser + { + private Asn1SequenceParser _seq; + private DerInteger _version; + private object _nextObject; + private bool _certsCalled; + private bool _crlsCalled; + + public static SignedDataParser GetInstance( + object o) + { + if (o is Asn1Sequence) + return new SignedDataParser(((Asn1Sequence)o).Parser); + + if (o is Asn1SequenceParser) + return new SignedDataParser((Asn1SequenceParser)o); + + throw new IOException("unknown object encountered: " + Platform.GetTypeName(o)); + } + + public SignedDataParser( + Asn1SequenceParser seq) + { + this._seq = seq; + this._version = (DerInteger)seq.ReadObject(); + } + + public DerInteger Version + { + get { return _version; } + } + + public Asn1SetParser GetDigestAlgorithms() + { + return (Asn1SetParser)_seq.ReadObject(); + } + + public ContentInfoParser GetEncapContentInfo() + { + return new ContentInfoParser((Asn1SequenceParser)_seq.ReadObject()); + } + + public Asn1SetParser GetCertificates() + { + _certsCalled = true; + _nextObject = _seq.ReadObject(); + + if (_nextObject is Asn1TaggedObjectParser && ((Asn1TaggedObjectParser)_nextObject).TagNo == 0) + { + Asn1SetParser certs = (Asn1SetParser)((Asn1TaggedObjectParser)_nextObject).GetObjectParser(Asn1Tags.Set, false); + _nextObject = null; + + return certs; + } + + return null; + } + + public Asn1SetParser GetCrls() + { + if (!_certsCalled) + throw new IOException("GetCerts() has not been called."); + + _crlsCalled = true; + + if (_nextObject == null) + { + _nextObject = _seq.ReadObject(); + } + + if (_nextObject is Asn1TaggedObjectParser && ((Asn1TaggedObjectParser)_nextObject).TagNo == 1) + { + Asn1SetParser crls = (Asn1SetParser)((Asn1TaggedObjectParser)_nextObject).GetObjectParser(Asn1Tags.Set, false); + _nextObject = null; + + return crls; + } + + return null; + } + + public Asn1SetParser GetSignerInfos() + { + if (!_certsCalled || !_crlsCalled) + throw new IOException("GetCerts() and/or GetCrls() has not been called."); + + if (_nextObject == null) + { + _nextObject = _seq.ReadObject(); + } + + return (Asn1SetParser)_nextObject; + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/cms/SignerIdentifier.cs b/BouncyCastle/crypto/src/asn1/cms/SignerIdentifier.cs new file mode 100644 index 0000000..195ab74 --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/cms/SignerIdentifier.cs @@ -0,0 +1,89 @@ +using System; + +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Asn1.Cms +{ + public class SignerIdentifier + : Asn1Encodable, IAsn1Choice + { + private Asn1Encodable id; + + public SignerIdentifier( + IssuerAndSerialNumber id) + { + this.id = id; + } + + public SignerIdentifier( + Asn1OctetString id) + { + this.id = new DerTaggedObject(false, 0, id); + } + + public SignerIdentifier( + Asn1Object id) + { + this.id = id; + } + + /** + * return a SignerIdentifier object from the given object. + * + * @param o the object we want converted. + * @exception ArgumentException if the object cannot be converted. + */ + public static SignerIdentifier GetInstance( + object o) + { + if (o == null || o is SignerIdentifier) + return (SignerIdentifier) o; + + if (o is IssuerAndSerialNumber) + return new SignerIdentifier((IssuerAndSerialNumber) o); + + if (o is Asn1OctetString) + return new SignerIdentifier((Asn1OctetString) o); + + if (o is Asn1Object) + return new SignerIdentifier((Asn1Object) o); + + throw new ArgumentException( + "Illegal object in SignerIdentifier: " + Platform.GetTypeName(o)); + } + + public bool IsTagged + { + get { return (id is Asn1TaggedObject); } + } + + public Asn1Encodable ID + { + get + { + if (id is Asn1TaggedObject) + { + return Asn1OctetString.GetInstance((Asn1TaggedObject)id, false); + } + + return id; + } + } + + /** + * Produce an object suitable for an Asn1OutputStream. + * 
+         * SignerIdentifier ::= CHOICE {
+         *     issuerAndSerialNumber IssuerAndSerialNumber,
+         *     subjectKeyIdentifier [0] SubjectKeyIdentifier
+         * }
+         *
+         * SubjectKeyIdentifier ::= OCTET STRING
+         *
+ */ + public override Asn1Object ToAsn1Object() + { + return id.ToAsn1Object(); + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/cms/SignerInfo.cs b/BouncyCastle/crypto/src/asn1/cms/SignerInfo.cs new file mode 100644 index 0000000..44d4dcf --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/cms/SignerInfo.cs @@ -0,0 +1,174 @@ +using System; +using System.Collections; + +using Org.BouncyCastle.Asn1.X509; +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Asn1.Cms +{ + public class SignerInfo + : Asn1Encodable + { + private DerInteger version; + private SignerIdentifier sid; + private AlgorithmIdentifier digAlgorithm; + private Asn1Set authenticatedAttributes; + private AlgorithmIdentifier digEncryptionAlgorithm; + private Asn1OctetString encryptedDigest; + private Asn1Set unauthenticatedAttributes; + + public static SignerInfo GetInstance( + object obj) + { + if (obj == null || obj is SignerInfo) + return (SignerInfo) obj; + + if (obj is Asn1Sequence) + return new SignerInfo((Asn1Sequence) obj); + + throw new ArgumentException("Unknown object in factory: " + Platform.GetTypeName(obj), "obj"); + } + + public SignerInfo( + SignerIdentifier sid, + AlgorithmIdentifier digAlgorithm, + Asn1Set authenticatedAttributes, + AlgorithmIdentifier digEncryptionAlgorithm, + Asn1OctetString encryptedDigest, + Asn1Set unauthenticatedAttributes) + { + this.version = new DerInteger(sid.IsTagged ? 3 : 1); + this.sid = sid; + this.digAlgorithm = digAlgorithm; + this.authenticatedAttributes = authenticatedAttributes; + this.digEncryptionAlgorithm = digEncryptionAlgorithm; + this.encryptedDigest = encryptedDigest; + this.unauthenticatedAttributes = unauthenticatedAttributes; + } + + public SignerInfo( + SignerIdentifier sid, + AlgorithmIdentifier digAlgorithm, + Attributes authenticatedAttributes, + AlgorithmIdentifier digEncryptionAlgorithm, + Asn1OctetString encryptedDigest, + Attributes unauthenticatedAttributes) + { + this.version = new DerInteger(sid.IsTagged ? 3 : 1); + this.sid = sid; + this.digAlgorithm = digAlgorithm; + this.authenticatedAttributes = Asn1Set.GetInstance(authenticatedAttributes); + this.digEncryptionAlgorithm = digEncryptionAlgorithm; + this.encryptedDigest = encryptedDigest; + this.unauthenticatedAttributes = Asn1Set.GetInstance(unauthenticatedAttributes); + } + + [Obsolete("Use 'GetInstance' instead")] + public SignerInfo( + Asn1Sequence seq) + { + IEnumerator e = seq.GetEnumerator(); + + e.MoveNext(); + version = (DerInteger) e.Current; + + e.MoveNext(); + sid = SignerIdentifier.GetInstance(e.Current); + + e.MoveNext(); + digAlgorithm = AlgorithmIdentifier.GetInstance(e.Current); + + e.MoveNext(); + object obj = e.Current; + + if (obj is Asn1TaggedObject) + { + authenticatedAttributes = Asn1Set.GetInstance((Asn1TaggedObject) obj, false); + + e.MoveNext(); + digEncryptionAlgorithm = AlgorithmIdentifier.GetInstance(e.Current); + } + else + { + authenticatedAttributes = null; + digEncryptionAlgorithm = AlgorithmIdentifier.GetInstance(obj); + } + + e.MoveNext(); + encryptedDigest = DerOctetString.GetInstance(e.Current); + + if (e.MoveNext()) + { + unauthenticatedAttributes = Asn1Set.GetInstance((Asn1TaggedObject) e.Current, false); + } + else + { + unauthenticatedAttributes = null; + } + } + + public DerInteger Version + { + get { return version; } + } + + public SignerIdentifier SignerID + { + get { return sid; } + } + + public Asn1Set AuthenticatedAttributes + { + get { return authenticatedAttributes; } + } + + public AlgorithmIdentifier DigestAlgorithm + { + get { return digAlgorithm; } + } + + public Asn1OctetString EncryptedDigest + { + get { return encryptedDigest; } + } + + public AlgorithmIdentifier DigestEncryptionAlgorithm + { + get { return digEncryptionAlgorithm; } + } + + public Asn1Set UnauthenticatedAttributes + { + get { return unauthenticatedAttributes; } + } + + /** + * Produce an object suitable for an Asn1OutputStream. + * 
+         *  SignerInfo ::= Sequence {
+         *      version Version,
+         *      SignerIdentifier sid,
+         *      digestAlgorithm DigestAlgorithmIdentifier,
+         *      authenticatedAttributes [0] IMPLICIT Attributes OPTIONAL,
+         *      digestEncryptionAlgorithm DigestEncryptionAlgorithmIdentifier,
+         *      encryptedDigest EncryptedDigest,
+         *      unauthenticatedAttributes [1] IMPLICIT Attributes OPTIONAL
+         *  }
+         *
+         *  EncryptedDigest ::= OCTET STRING
+         *
+         *  DigestAlgorithmIdentifier ::= AlgorithmIdentifier
+         *
+         *  DigestEncryptionAlgorithmIdentifier ::= AlgorithmIdentifier
+         *
+ */ + public override Asn1Object ToAsn1Object() + { + Asn1EncodableVector v = new Asn1EncodableVector(version, sid, digAlgorithm); + v.AddOptionalTagged(false, 0, authenticatedAttributes); + v.Add(digEncryptionAlgorithm, encryptedDigest); + v.AddOptionalTagged(false, 1, unauthenticatedAttributes); + return new DerSequence(v); + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/cms/Time.cs b/BouncyCastle/crypto/src/asn1/cms/Time.cs new file mode 100644 index 0000000..52fb4f9 --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/cms/Time.cs @@ -0,0 +1,115 @@ +using System; +using System.Globalization; + +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Asn1.Cms +{ + public class Time + : Asn1Encodable, IAsn1Choice + { + private readonly Asn1Object time; + + public static Time GetInstance( + Asn1TaggedObject obj, + bool explicitly) + { + return GetInstance(obj.GetObject()); + } + + public Time( + Asn1Object time) + { + if (time == null) + throw new ArgumentNullException("time"); + if (!(time is DerUtcTime) && !(time is DerGeneralizedTime)) + throw new ArgumentException("unknown object passed to Time"); + + this.time = time; + } + + /** + * creates a time object from a given date - if the date is between 1950 + * and 2049 a UTCTime object is Generated, otherwise a GeneralizedTime + * is used. + */ + public Time( + DateTime date) + { + string d = date.ToString("yyyyMMddHHmmss", CultureInfo.InvariantCulture) + "Z"; + + int year = int.Parse(d.Substring(0, 4)); + + if (year < 1950 || year > 2049) + { + time = new DerGeneralizedTime(d); + } + else + { + time = new DerUtcTime(d.Substring(2)); + } + } + + public static Time GetInstance( + object obj) + { + if (obj == null || obj is Time) + return (Time)obj; + if (obj is DerUtcTime) + return new Time((DerUtcTime)obj); + if (obj is DerGeneralizedTime) + return new Time((DerGeneralizedTime)obj); + + throw new ArgumentException("unknown object in factory: " + Platform.GetTypeName(obj), "obj"); + } + + public string TimeString + { + get + { + if (time is DerUtcTime) + { + return ((DerUtcTime)time).AdjustedTimeString; + } + else + { + return ((DerGeneralizedTime)time).GetTime(); + } + } + } + + public DateTime Date + { + get + { + try + { + if (time is DerUtcTime) + { + return ((DerUtcTime)time).ToAdjustedDateTime(); + } + + return ((DerGeneralizedTime)time).ToDateTime(); + } + catch (FormatException e) + { + // this should never happen + throw new InvalidOperationException("invalid date string: " + e.Message); + } + } + } + + /** + * Produce an object suitable for an Asn1OutputStream. + * 
+         * Time ::= CHOICE {
+         *             utcTime        UTCTime,
+         *             generalTime    GeneralizedTime }
+         *
+ */ + public override Asn1Object ToAsn1Object() + { + return time; + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/cms/TimeStampAndCRL.cs b/BouncyCastle/crypto/src/asn1/cms/TimeStampAndCRL.cs new file mode 100644 index 0000000..4cb5f2a --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/cms/TimeStampAndCRL.cs @@ -0,0 +1,62 @@ +using System; + +namespace Org.BouncyCastle.Asn1.Cms +{ + public class TimeStampAndCrl + : Asn1Encodable + { + private ContentInfo timeStamp; + private X509.CertificateList crl; + + public TimeStampAndCrl(ContentInfo timeStamp) + { + this.timeStamp = timeStamp; + } + + private TimeStampAndCrl(Asn1Sequence seq) + { + this.timeStamp = ContentInfo.GetInstance(seq[0]); + if (seq.Count == 2) + { + this.crl = X509.CertificateList.GetInstance(seq[1]); + } + } + + public static TimeStampAndCrl GetInstance(object obj) + { + if (obj is TimeStampAndCrl) + return (TimeStampAndCrl)obj; + + if (obj != null) + return new TimeStampAndCrl(Asn1Sequence.GetInstance(obj)); + + return null; + } + + public virtual ContentInfo TimeStampToken + { + get { return this.timeStamp; } + } + + public virtual X509.CertificateList Crl + { + get { return this.crl; } + } + + /** + * 
+		 * TimeStampAndCRL ::= SEQUENCE {
+		 *     timeStamp   TimeStampToken,          -- according to RFC 3161
+		 *     crl         CertificateList OPTIONAL -- according to RFC 5280
+		 *  }
+		 *
+ * @return + */ + public override Asn1Object ToAsn1Object() + { + Asn1EncodableVector v = new Asn1EncodableVector(timeStamp); + v.AddOptional(crl); + return new DerSequence(v); + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/cms/TimeStampTokenEvidence.cs b/BouncyCastle/crypto/src/asn1/cms/TimeStampTokenEvidence.cs new file mode 100644 index 0000000..8625d05 --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/cms/TimeStampTokenEvidence.cs @@ -0,0 +1,65 @@ +using System; + +namespace Org.BouncyCastle.Asn1.Cms +{ + public class TimeStampTokenEvidence + : Asn1Encodable + { + private TimeStampAndCrl[] timeStampAndCrls; + + public TimeStampTokenEvidence(TimeStampAndCrl[] timeStampAndCrls) + { + this.timeStampAndCrls = timeStampAndCrls; + } + + public TimeStampTokenEvidence(TimeStampAndCrl timeStampAndCrl) + { + this.timeStampAndCrls = new TimeStampAndCrl[]{ timeStampAndCrl }; + } + + private TimeStampTokenEvidence(Asn1Sequence seq) + { + this.timeStampAndCrls = new TimeStampAndCrl[seq.Count]; + + int count = 0; + + foreach (Asn1Encodable ae in seq) + { + this.timeStampAndCrls[count++] = TimeStampAndCrl.GetInstance(ae.ToAsn1Object()); + } + } + + public static TimeStampTokenEvidence GetInstance(Asn1TaggedObject tagged, bool isExplicit) + { + return GetInstance(Asn1Sequence.GetInstance(tagged, isExplicit)); + } + + public static TimeStampTokenEvidence GetInstance(object obj) + { + if (obj is TimeStampTokenEvidence) + return (TimeStampTokenEvidence)obj; + + if (obj != null) + return new TimeStampTokenEvidence(Asn1Sequence.GetInstance(obj)); + + return null; + } + + public virtual TimeStampAndCrl[] ToTimeStampAndCrlArray() + { + return (TimeStampAndCrl[])timeStampAndCrls.Clone(); + } + + /** + * 
+		 * TimeStampTokenEvidence ::=
+		 *    SEQUENCE SIZE(1..MAX) OF TimeStampAndCrl
+		 *
+ * @return + */ + public override Asn1Object ToAsn1Object() + { + return new DerSequence(timeStampAndCrls); + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/cms/TimeStampedData.cs b/BouncyCastle/crypto/src/asn1/cms/TimeStampedData.cs new file mode 100644 index 0000000..15448a9 --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/cms/TimeStampedData.cs @@ -0,0 +1,95 @@ +using System; + +namespace Org.BouncyCastle.Asn1.Cms +{ + public class TimeStampedData + : Asn1Encodable + { + private DerInteger version; + private DerIA5String dataUri; + private MetaData metaData; + private Asn1OctetString content; + private Evidence temporalEvidence; + + public TimeStampedData(DerIA5String dataUri, MetaData metaData, Asn1OctetString content, + Evidence temporalEvidence) + { + this.version = new DerInteger(1); + this.dataUri = dataUri; + this.metaData = metaData; + this.content = content; + this.temporalEvidence = temporalEvidence; + } + + private TimeStampedData(Asn1Sequence seq) + { + this.version = DerInteger.GetInstance(seq[0]); + + int index = 1; + if (seq[index] is DerIA5String) + { + this.dataUri = DerIA5String.GetInstance(seq[index++]); + } + if (seq[index] is MetaData || seq[index] is Asn1Sequence) + { + this.metaData = MetaData.GetInstance(seq[index++]); + } + if (seq[index] is Asn1OctetString) + { + this.content = Asn1OctetString.GetInstance(seq[index++]); + } + this.temporalEvidence = Evidence.GetInstance(seq[index]); + } + + public static TimeStampedData GetInstance(object obj) + { + if (obj is TimeStampedData) + return (TimeStampedData)obj; + + if (obj != null) + return new TimeStampedData(Asn1Sequence.GetInstance(obj)); + + return null; + } + + public virtual DerIA5String DataUri + { + get { return dataUri; } + } + + public MetaData MetaData + { + get { return metaData; } + } + + public Asn1OctetString Content + { + get { return content; } + } + + public Evidence TemporalEvidence + { + get { return temporalEvidence; } + } + + /** + * 
+		 * TimeStampedData ::= SEQUENCE {
+		 *   version              INTEGER { v1(1) },
+		 *   dataUri              IA5String OPTIONAL,
+		 *   metaData             MetaData OPTIONAL,
+		 *   content              OCTET STRING OPTIONAL,
+		 *   temporalEvidence     Evidence
+		 * }
+		 *
+ * @return + */ + public override Asn1Object ToAsn1Object() + { + Asn1EncodableVector v = new Asn1EncodableVector(version); + v.AddOptional(dataUri, metaData, content); + v.Add(temporalEvidence); + return new BerSequence(v); + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/cms/TimeStampedDataParser.cs b/BouncyCastle/crypto/src/asn1/cms/TimeStampedDataParser.cs new file mode 100644 index 0000000..90307bf --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/cms/TimeStampedDataParser.cs @@ -0,0 +1,76 @@ +using System; + +namespace Org.BouncyCastle.Asn1.Cms +{ + public class TimeStampedDataParser + { + private DerInteger version; + private DerIA5String dataUri; + private MetaData metaData; + private Asn1OctetStringParser content; + private Evidence temporalEvidence; + private Asn1SequenceParser parser; + + private TimeStampedDataParser(Asn1SequenceParser parser) + { + this.parser = parser; + this.version = DerInteger.GetInstance(parser.ReadObject()); + + Asn1Object obj = parser.ReadObject().ToAsn1Object(); + + if (obj is DerIA5String) + { + this.dataUri = DerIA5String.GetInstance(obj); + obj = parser.ReadObject().ToAsn1Object(); + } + + if (//obj is MetaData || + obj is Asn1SequenceParser) + { + this.metaData = MetaData.GetInstance(obj.ToAsn1Object()); + obj = parser.ReadObject().ToAsn1Object(); + } + + if (obj is Asn1OctetStringParser) + { + this.content = (Asn1OctetStringParser)obj; + } + } + + public static TimeStampedDataParser GetInstance(object obj) + { + if (obj is Asn1Sequence) + return new TimeStampedDataParser(((Asn1Sequence)obj).Parser); + + if (obj is Asn1SequenceParser) + return new TimeStampedDataParser((Asn1SequenceParser)obj); + + return null; + } + + public virtual DerIA5String DataUri + { + get { return dataUri; } + } + + public virtual MetaData MetaData + { + get { return metaData; } + } + + public virtual Asn1OctetStringParser Content + { + get { return content; } + } + + public virtual Evidence GetTemporalEvidence() + { + if (temporalEvidence == null) + { + temporalEvidence = Evidence.GetInstance(parser.ReadObject().ToAsn1Object()); + } + + return temporalEvidence; + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/cms/ecc/MQVuserKeyingMaterial.cs b/BouncyCastle/crypto/src/asn1/cms/ecc/MQVuserKeyingMaterial.cs new file mode 100644 index 0000000..3a4761e --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/cms/ecc/MQVuserKeyingMaterial.cs @@ -0,0 +1,100 @@ +using System; + +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Asn1.Cms.Ecc +{ + public class MQVuserKeyingMaterial + : Asn1Encodable + { + private OriginatorPublicKey ephemeralPublicKey; + private Asn1OctetString addedukm; + + public MQVuserKeyingMaterial( + OriginatorPublicKey ephemeralPublicKey, + Asn1OctetString addedukm) + { + // TODO Check ephemeralPublicKey not null + + this.ephemeralPublicKey = ephemeralPublicKey; + this.addedukm = addedukm; + } + + private MQVuserKeyingMaterial( + Asn1Sequence seq) + { + // TODO Check seq has either 1 or 2 elements + + this.ephemeralPublicKey = OriginatorPublicKey.GetInstance(seq[0]); + + if (seq.Count > 1) + { + this.addedukm = Asn1OctetString.GetInstance( + (Asn1TaggedObject)seq[1], true); + } + } + + /** + * return an AuthEnvelopedData object from a tagged object. + * + * @param obj the tagged object holding the object we want. + * @param isExplicit true if the object is meant to be explicitly + * tagged false otherwise. + * @throws ArgumentException if the object held by the + * tagged object cannot be converted. + */ + public static MQVuserKeyingMaterial GetInstance( + Asn1TaggedObject obj, + bool isExplicit) + { + return GetInstance(Asn1Sequence.GetInstance(obj, isExplicit)); + } + + /** + * return an AuthEnvelopedData object from the given object. + * + * @param obj the object we want converted. + * @throws ArgumentException if the object cannot be converted. + */ + public static MQVuserKeyingMaterial GetInstance( + object obj) + { + if (obj == null || obj is MQVuserKeyingMaterial) + { + return (MQVuserKeyingMaterial)obj; + } + + if (obj is Asn1Sequence) + { + return new MQVuserKeyingMaterial((Asn1Sequence)obj); + } + + throw new ArgumentException("Invalid MQVuserKeyingMaterial: " + Platform.GetTypeName(obj)); + } + + public OriginatorPublicKey EphemeralPublicKey + { + get { return ephemeralPublicKey; } + } + + public Asn1OctetString AddedUkm + { + get { return addedukm; } + } + + /** + * Produce an object suitable for an Asn1OutputStream. + * 
+		* MQVuserKeyingMaterial ::= SEQUENCE {
+		*   ephemeralPublicKey OriginatorPublicKey,
+		*   addedukm [0] EXPLICIT UserKeyingMaterial OPTIONAL  }
+		*
+ */ + public override Asn1Object ToAsn1Object() + { + Asn1EncodableVector v = new Asn1EncodableVector(ephemeralPublicKey); + v.AddOptionalTagged(true, 0, addedukm); + return new DerSequence(v); + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/crmf/AttributeTypeAndValue.cs b/BouncyCastle/crypto/src/asn1/crmf/AttributeTypeAndValue.cs new file mode 100644 index 0000000..e758789 --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/crmf/AttributeTypeAndValue.cs @@ -0,0 +1,68 @@ +using System; + +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Asn1.Crmf +{ + public class AttributeTypeAndValue + : Asn1Encodable + { + private readonly DerObjectIdentifier type; + private readonly Asn1Encodable value; + + private AttributeTypeAndValue(Asn1Sequence seq) + { + type = (DerObjectIdentifier)seq[0]; + value = (Asn1Encodable)seq[1]; + } + + public static AttributeTypeAndValue GetInstance(object obj) + { + if (obj is AttributeTypeAndValue) + return (AttributeTypeAndValue)obj; + + if (obj is Asn1Sequence) + return new AttributeTypeAndValue((Asn1Sequence)obj); + + throw new ArgumentException("Invalid object: " + Platform.GetTypeName(obj), "obj"); + } + + public AttributeTypeAndValue( + string oid, + Asn1Encodable value) + : this(new DerObjectIdentifier(oid), value) + { + } + + public AttributeTypeAndValue( + DerObjectIdentifier type, + Asn1Encodable value) + { + this.type = type; + this.value = value; + } + + public virtual DerObjectIdentifier Type + { + get { return type; } + } + + public virtual Asn1Encodable Value + { + get { return value; } + } + + /** + * 
+         * AttributeTypeAndValue ::= SEQUENCE {
+         *           type         OBJECT IDENTIFIER,
+         *           value        ANY DEFINED BY type }
+         *
+ * @return a basic ASN.1 object representation. + */ + public override Asn1Object ToAsn1Object() + { + return new DerSequence(type, value); + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/crmf/CertId.cs b/BouncyCastle/crypto/src/asn1/crmf/CertId.cs new file mode 100644 index 0000000..f0cc946 --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/crmf/CertId.cs @@ -0,0 +1,59 @@ +using System; + +using Org.BouncyCastle.Asn1.X509; +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Asn1.Crmf +{ + public class CertId + : Asn1Encodable + { + private readonly GeneralName issuer; + private readonly DerInteger serialNumber; + + private CertId(Asn1Sequence seq) + { + issuer = GeneralName.GetInstance(seq[0]); + serialNumber = DerInteger.GetInstance(seq[1]); + } + + public static CertId GetInstance(object obj) + { + if (obj is CertId) + return (CertId)obj; + + if (obj is Asn1Sequence) + return new CertId((Asn1Sequence)obj); + + throw new ArgumentException("Invalid object: " + Platform.GetTypeName(obj), "obj"); + } + + public static CertId GetInstance(Asn1TaggedObject obj, bool isExplicit) + { + return GetInstance(Asn1Sequence.GetInstance(obj, isExplicit)); + } + + public virtual GeneralName Issuer + { + get { return issuer; } + } + + public virtual DerInteger SerialNumber + { + get { return serialNumber; } + } + + /** + * 
+         * CertId ::= SEQUENCE {
+         *                 issuer           GeneralName,
+         *                 serialNumber     INTEGER }
+         *
+ * @return a basic ASN.1 object representation. + */ + public override Asn1Object ToAsn1Object() + { + return new DerSequence(issuer, serialNumber); + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/crmf/CertReqMessages.cs b/BouncyCastle/crypto/src/asn1/crmf/CertReqMessages.cs new file mode 100644 index 0000000..422950b --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/crmf/CertReqMessages.cs @@ -0,0 +1,54 @@ +using System; + +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Asn1.Crmf +{ + public class CertReqMessages + : Asn1Encodable + { + private readonly Asn1Sequence content; + + private CertReqMessages(Asn1Sequence seq) + { + content = seq; + } + + public static CertReqMessages GetInstance(object obj) + { + if (obj is CertReqMessages) + return (CertReqMessages)obj; + + if (obj is Asn1Sequence) + return new CertReqMessages((Asn1Sequence)obj); + + throw new ArgumentException("Invalid object: " + Platform.GetTypeName(obj), "obj"); + } + + public CertReqMessages(params CertReqMsg[] msgs) + { + content = new DerSequence(msgs); + } + + public virtual CertReqMsg[] ToCertReqMsgArray() + { + CertReqMsg[] result = new CertReqMsg[content.Count]; + for (int i = 0; i != result.Length; ++i) + { + result[i] = CertReqMsg.GetInstance(content[i]); + } + return result; + } + + /** + * 
+         * CertReqMessages ::= SEQUENCE SIZE (1..MAX) OF CertReqMsg
+         *
+ * @return a basic ASN.1 object representation. + */ + public override Asn1Object ToAsn1Object() + { + return content; + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/crmf/CertReqMsg.cs b/BouncyCastle/crypto/src/asn1/crmf/CertReqMsg.cs new file mode 100644 index 0000000..03ce32d --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/crmf/CertReqMsg.cs @@ -0,0 +1,112 @@ +using System; + +namespace Org.BouncyCastle.Asn1.Crmf +{ + public class CertReqMsg + : Asn1Encodable + { + private readonly CertRequest certReq; + private readonly ProofOfPossession popo; + private readonly Asn1Sequence regInfo; + + private CertReqMsg(Asn1Sequence seq) + { + certReq = CertRequest.GetInstance(seq[0]); + + for (int pos = 1; pos < seq.Count; ++pos) + { + object o = seq[pos]; + + if (o is Asn1TaggedObject || o is ProofOfPossession) + { + popo = ProofOfPossession.GetInstance(o); + } + else + { + regInfo = Asn1Sequence.GetInstance(o); + } + } + } + + public static CertReqMsg GetInstance(object obj) + { + if (obj is CertReqMsg) + return (CertReqMsg)obj; + + if (obj != null) + return new CertReqMsg(Asn1Sequence.GetInstance(obj)); + + return null; + } + + public static CertReqMsg GetInstance( + Asn1TaggedObject obj, + bool isExplicit) + { + return GetInstance(Asn1Sequence.GetInstance(obj, isExplicit)); + } + + /** + * Creates a new CertReqMsg. + * @param certReq CertRequest + * @param popo may be null + * @param regInfo may be null + */ + public CertReqMsg( + CertRequest certReq, + ProofOfPossession popo, + AttributeTypeAndValue[] regInfo) + { + if (certReq == null) + throw new ArgumentNullException("certReq"); + + this.certReq = certReq; + this.popo = popo; + + if (regInfo != null) + { + this.regInfo = new DerSequence(regInfo); + } + } + + public virtual CertRequest CertReq + { + get { return certReq; } + } + + public virtual ProofOfPossession Popo + { + get { return popo; } + } + + public virtual AttributeTypeAndValue[] GetRegInfo() + { + if (regInfo == null) + return null; + + AttributeTypeAndValue[] results = new AttributeTypeAndValue[regInfo.Count]; + for (int i = 0; i != results.Length; ++i) + { + results[i] = AttributeTypeAndValue.GetInstance(regInfo[i]); + } + return results; + } + + /** + * 
+         * CertReqMsg ::= SEQUENCE {
+         *                    certReq   CertRequest,
+         *                    pop       ProofOfPossession  OPTIONAL,
+         *                    -- content depends upon key type
+         *                    regInfo   SEQUENCE SIZE(1..MAX) OF AttributeTypeAndValue OPTIONAL }
+         *
+ * @return a basic ASN.1 object representation. + */ + public override Asn1Object ToAsn1Object() + { + Asn1EncodableVector v = new Asn1EncodableVector(certReq); + v.AddOptional(popo, regInfo); + return new DerSequence(v); + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/crmf/CertRequest.cs b/BouncyCastle/crypto/src/asn1/crmf/CertRequest.cs new file mode 100644 index 0000000..bf6182f --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/crmf/CertRequest.cs @@ -0,0 +1,83 @@ +using System; +using Org.BouncyCastle.Crmf; + +namespace Org.BouncyCastle.Asn1.Crmf +{ + public class CertRequest + : Asn1Encodable + { + private readonly DerInteger certReqId; + private readonly CertTemplate certTemplate; + private readonly Controls controls; + + private CertRequest(Asn1Sequence seq) + { + certReqId = DerInteger.GetInstance(seq[0]); + certTemplate = CertTemplate.GetInstance(seq[1]); + if (seq.Count > 2) + { + controls = Controls.GetInstance(seq[2]); + } + } + + public static CertRequest GetInstance(object obj) + { + if (obj is CertRequest) + return (CertRequest)obj; + + if (obj != null) + return new CertRequest(Asn1Sequence.GetInstance(obj)); + + return null; + } + + public CertRequest( + int certReqId, + CertTemplate certTemplate, + Controls controls) + : this(new DerInteger(certReqId), certTemplate, controls) + { + } + + public CertRequest( + DerInteger certReqId, + CertTemplate certTemplate, + Controls controls) + { + this.certReqId = certReqId; + this.certTemplate = certTemplate; + this.controls = controls; + } + + public virtual DerInteger CertReqID + { + get { return certReqId; } + } + + public virtual CertTemplate CertTemplate + { + get { return certTemplate; } + } + + public virtual Controls Controls + { + get { return controls; } + } + + /** + * 
+         * CertRequest ::= SEQUENCE {
+         *                      certReqId     INTEGER,          -- ID for matching request and reply
+         *                      certTemplate  CertTemplate,  -- Selected fields of cert to be issued
+         *                      controls      Controls OPTIONAL }   -- Attributes affecting issuance
+         *
+ * @return a basic ASN.1 object representation. + */ + public override Asn1Object ToAsn1Object() + { + Asn1EncodableVector v = new Asn1EncodableVector(certReqId, certTemplate); + v.AddOptional(controls); + return new DerSequence(v); + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/crmf/CertTemplate.cs b/BouncyCastle/crypto/src/asn1/crmf/CertTemplate.cs new file mode 100644 index 0000000..f731ac1 --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/crmf/CertTemplate.cs @@ -0,0 +1,149 @@ +using System; + +using Org.BouncyCastle.Asn1.X509; + +namespace Org.BouncyCastle.Asn1.Crmf +{ + public class CertTemplate + : Asn1Encodable + { + private readonly Asn1Sequence seq; + + private readonly DerInteger version; + private readonly DerInteger serialNumber; + private readonly AlgorithmIdentifier signingAlg; + private readonly X509Name issuer; + private readonly OptionalValidity validity; + private readonly X509Name subject; + private readonly SubjectPublicKeyInfo publicKey; + private readonly DerBitString issuerUID; + private readonly DerBitString subjectUID; + private readonly X509Extensions extensions; + + private CertTemplate(Asn1Sequence seq) + { + this.seq = seq; + + foreach (Asn1TaggedObject tObj in seq) + { + switch (tObj.TagNo) + { + case 0: + version = DerInteger.GetInstance(tObj, false); + break; + case 1: + serialNumber = DerInteger.GetInstance(tObj, false); + break; + case 2: + signingAlg = AlgorithmIdentifier.GetInstance(tObj, false); + break; + case 3: + issuer = X509Name.GetInstance(tObj, true); // CHOICE + break; + case 4: + validity = OptionalValidity.GetInstance(Asn1Sequence.GetInstance(tObj, false)); + break; + case 5: + subject = X509Name.GetInstance(tObj, true); // CHOICE + break; + case 6: + publicKey = SubjectPublicKeyInfo.GetInstance(tObj, false); + break; + case 7: + issuerUID = DerBitString.GetInstance(tObj, false); + break; + case 8: + subjectUID = DerBitString.GetInstance(tObj, false); + break; + case 9: + extensions = X509Extensions.GetInstance(tObj, false); + break; + default: + throw new ArgumentException("unknown tag: " + tObj.TagNo, "seq"); + } + } + } + + public static CertTemplate GetInstance(object obj) + { + if (obj is CertTemplate) + return (CertTemplate)obj; + + if (obj != null) + return new CertTemplate(Asn1Sequence.GetInstance(obj)); + + return null; + } + + public virtual int Version + { + get { return version.IntValueExact; } + } + + public virtual DerInteger SerialNumber + { + get { return serialNumber; } + } + + public virtual AlgorithmIdentifier SigningAlg + { + get { return signingAlg; } + } + + public virtual X509Name Issuer + { + get { return issuer; } + } + + public virtual OptionalValidity Validity + { + get { return validity; } + } + + public virtual X509Name Subject + { + get { return subject; } + } + + public virtual SubjectPublicKeyInfo PublicKey + { + get { return publicKey; } + } + + public virtual DerBitString IssuerUID + { + get { return issuerUID; } + } + + public virtual DerBitString SubjectUID + { + get { return subjectUID; } + } + + public virtual X509Extensions Extensions + { + get { return extensions; } + } + + /** + * 
+         *  CertTemplate ::= SEQUENCE {
+         *      version      [0] Version               OPTIONAL,
+         *      serialNumber [1] INTEGER               OPTIONAL,
+         *      signingAlg   [2] AlgorithmIdentifier   OPTIONAL,
+         *      issuer       [3] Name                  OPTIONAL,
+         *      validity     [4] OptionalValidity      OPTIONAL,
+         *      subject      [5] Name                  OPTIONAL,
+         *      publicKey    [6] SubjectPublicKeyInfo  OPTIONAL,
+         *      issuerUID    [7] UniqueIdentifier      OPTIONAL,
+         *      subjectUID   [8] UniqueIdentifier      OPTIONAL,
+         *      extensions   [9] Extensions            OPTIONAL }
+         *
+ * @return a basic ASN.1 object representation. + */ + public override Asn1Object ToAsn1Object() + { + return seq; + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/crmf/CertTemplateBuilder.cs b/BouncyCastle/crypto/src/asn1/crmf/CertTemplateBuilder.cs new file mode 100644 index 0000000..51c73c4 --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/crmf/CertTemplateBuilder.cs @@ -0,0 +1,125 @@ +using System; + +using Org.BouncyCastle.Asn1.X509; + +namespace Org.BouncyCastle.Asn1.Crmf +{ + public class CertTemplateBuilder + { + private DerInteger version; + private DerInteger serialNumber; + private AlgorithmIdentifier signingAlg; + private X509Name issuer; + private OptionalValidity validity; + private X509Name subject; + private SubjectPublicKeyInfo publicKey; + private DerBitString issuerUID; + private DerBitString subjectUID; + private X509Extensions extensions; + + /** Sets the X.509 version. Note: for X509v3, use 2 here. */ + public virtual CertTemplateBuilder SetVersion(int ver) + { + version = new DerInteger(ver); + return this; + } + + public virtual CertTemplateBuilder SetSerialNumber(DerInteger ser) + { + serialNumber = ser; + return this; + } + + public virtual CertTemplateBuilder SetSigningAlg(AlgorithmIdentifier aid) + { + signingAlg = aid; + return this; + } + + public virtual CertTemplateBuilder SetIssuer(X509Name name) + { + issuer = name; + return this; + } + + public virtual CertTemplateBuilder SetValidity(OptionalValidity v) + { + validity = v; + return this; + } + + public virtual CertTemplateBuilder SetSubject(X509Name name) + { + subject = name; + return this; + } + + public virtual CertTemplateBuilder SetPublicKey(SubjectPublicKeyInfo spki) + { + publicKey = spki; + return this; + } + + /** Sets the issuer unique ID (deprecated in X.509v3) */ + public virtual CertTemplateBuilder SetIssuerUID(DerBitString uid) + { + issuerUID = uid; + return this; + } + + /** Sets the subject unique ID (deprecated in X.509v3) */ + public virtual CertTemplateBuilder SetSubjectUID(DerBitString uid) + { + subjectUID = uid; + return this; + } + + public virtual CertTemplateBuilder SetExtensions(X509Extensions extens) + { + extensions = extens; + return this; + } + + /** + * 
+         *  CertTemplate ::= SEQUENCE {
+         *      version      [0] Version               OPTIONAL,
+         *      serialNumber [1] INTEGER               OPTIONAL,
+         *      signingAlg   [2] AlgorithmIdentifier   OPTIONAL,
+         *      issuer       [3] Name                  OPTIONAL,
+         *      validity     [4] OptionalValidity      OPTIONAL,
+         *      subject      [5] Name                  OPTIONAL,
+         *      publicKey    [6] SubjectPublicKeyInfo  OPTIONAL,
+         *      issuerUID    [7] UniqueIdentifier      OPTIONAL,
+         *      subjectUID   [8] UniqueIdentifier      OPTIONAL,
+         *      extensions   [9] Extensions            OPTIONAL }
+         *
+ * @return a basic ASN.1 object representation. + */ + public virtual CertTemplate Build() + { + Asn1EncodableVector v = new Asn1EncodableVector(); + + AddOptional(v, 0, false, version); + AddOptional(v, 1, false, serialNumber); + AddOptional(v, 2, false, signingAlg); + AddOptional(v, 3, true, issuer); // CHOICE + AddOptional(v, 4, false, validity); + AddOptional(v, 5, true, subject); // CHOICE + AddOptional(v, 6, false, publicKey); + AddOptional(v, 7, false, issuerUID); + AddOptional(v, 8, false, subjectUID); + AddOptional(v, 9, false, extensions); + + return CertTemplate.GetInstance(new DerSequence(v)); + } + + private void AddOptional(Asn1EncodableVector v, int tagNo, bool isExplicit, Asn1Encodable obj) + { + if (obj != null) + { + v.Add(new DerTaggedObject(isExplicit, tagNo, obj)); + } + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/crmf/Controls.cs b/BouncyCastle/crypto/src/asn1/crmf/Controls.cs new file mode 100644 index 0000000..70b48a9 --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/crmf/Controls.cs @@ -0,0 +1,55 @@ +using System; +using System.Text; + +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Asn1.Crmf +{ + public class Controls + : Asn1Encodable + { + private readonly Asn1Sequence content; + + private Controls(Asn1Sequence seq) + { + content = seq; + } + + public static Controls GetInstance(object obj) + { + if (obj is Controls) + return (Controls)obj; + + if (obj is Asn1Sequence) + return new Controls((Asn1Sequence)obj); + + throw new ArgumentException("Invalid object: " + Platform.GetTypeName(obj), "obj"); + } + + public Controls(params AttributeTypeAndValue[] atvs) + { + content = new DerSequence(atvs); + } + + public virtual AttributeTypeAndValue[] ToAttributeTypeAndValueArray() + { + AttributeTypeAndValue[] result = new AttributeTypeAndValue[content.Count]; + for (int i = 0; i != result.Length; ++i) + { + result[i] = AttributeTypeAndValue.GetInstance(content[i]); + } + return result; + } + + /** + * 
+         * Controls  ::= SEQUENCE SIZE(1..MAX) OF AttributeTypeAndValue
+         *
+ * @return a basic ASN.1 object representation. + */ + public override Asn1Object ToAsn1Object() + { + return content; + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/crmf/CrmfObjectIdentifiers.cs b/BouncyCastle/crypto/src/asn1/crmf/CrmfObjectIdentifiers.cs new file mode 100644 index 0000000..eaa1f7b --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/crmf/CrmfObjectIdentifiers.cs @@ -0,0 +1,23 @@ +using System; + +using Org.BouncyCastle.Asn1.Pkcs; + +namespace Org.BouncyCastle.Asn1.Crmf +{ + public abstract class CrmfObjectIdentifiers + { + public static readonly DerObjectIdentifier id_pkix = new DerObjectIdentifier("1.3.6.1.5.5.7"); + + // arc for Internet X.509 PKI protocols and their components + + public static readonly DerObjectIdentifier id_pkip = id_pkix.Branch("5"); + + public static readonly DerObjectIdentifier id_regCtrl = id_pkip.Branch("1"); + public static readonly DerObjectIdentifier id_regCtrl_regToken = id_regCtrl.Branch("1"); + public static readonly DerObjectIdentifier id_regCtrl_authenticator = id_regCtrl.Branch("2"); + public static readonly DerObjectIdentifier id_regCtrl_pkiPublicationInfo = id_regCtrl.Branch("3"); + public static readonly DerObjectIdentifier id_regCtrl_pkiArchiveOptions = id_regCtrl.Branch("4"); + + public static readonly DerObjectIdentifier id_ct_encKeyWithID = new DerObjectIdentifier(PkcsObjectIdentifiers.IdCT + ".21"); + } +} diff --git a/BouncyCastle/crypto/src/asn1/crmf/EncKeyWithID.cs b/BouncyCastle/crypto/src/asn1/crmf/EncKeyWithID.cs new file mode 100644 index 0000000..6de56fa --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/crmf/EncKeyWithID.cs @@ -0,0 +1,103 @@ +using System; + +using Org.BouncyCastle.Asn1.Pkcs; +using Org.BouncyCastle.Asn1.X509; + +namespace Org.BouncyCastle.Asn1.Crmf +{ + public class EncKeyWithID + : Asn1Encodable + { + private readonly PrivateKeyInfo privKeyInfo; + private readonly Asn1Encodable identifier; + + public static EncKeyWithID GetInstance(object obj) + { + if (obj is EncKeyWithID) + return (EncKeyWithID)obj; + + if (obj != null) + return new EncKeyWithID(Asn1Sequence.GetInstance(obj)); + + return null; + } + + private EncKeyWithID(Asn1Sequence seq) + { + this.privKeyInfo = PrivateKeyInfo.GetInstance(seq[0]); + + if (seq.Count > 1) + { + if (!(seq[1] is DerUtf8String)) + { + this.identifier = GeneralName.GetInstance(seq[1]); + } + else + { + this.identifier = (Asn1Encodable)seq[1]; + } + } + else + { + this.identifier = null; + } + } + + public EncKeyWithID(PrivateKeyInfo privKeyInfo) + { + this.privKeyInfo = privKeyInfo; + this.identifier = null; + } + + public EncKeyWithID(PrivateKeyInfo privKeyInfo, DerUtf8String str) + { + this.privKeyInfo = privKeyInfo; + this.identifier = str; + } + + public EncKeyWithID(PrivateKeyInfo privKeyInfo, GeneralName generalName) + { + this.privKeyInfo = privKeyInfo; + this.identifier = generalName; + } + + public virtual PrivateKeyInfo PrivateKey + { + get { return privKeyInfo; } + } + + public virtual bool HasIdentifier + { + get { return identifier != null; } + } + + public virtual bool IsIdentifierUtf8String + { + get { return identifier is DerUtf8String; } + } + + public virtual Asn1Encodable Identifier + { + get { return identifier; } + } + + /** + * 
+         * EncKeyWithID ::= SEQUENCE {
+         *      privateKey           PrivateKeyInfo,
+         *      identifier CHOICE {
+         *         string               UTF8String,
+         *         generalName          GeneralName
+         *     } OPTIONAL
+         * }
+         *
+ * @return + */ + public override Asn1Object ToAsn1Object() + { + Asn1EncodableVector v = new Asn1EncodableVector(privKeyInfo); + v.AddOptional(identifier); + return new DerSequence(v); + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/crmf/EncryptedKey.cs b/BouncyCastle/crypto/src/asn1/crmf/EncryptedKey.cs new file mode 100644 index 0000000..850fbd2 --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/crmf/EncryptedKey.cs @@ -0,0 +1,78 @@ +using System; + +using Org.BouncyCastle.Asn1.Cms; + +namespace Org.BouncyCastle.Asn1.Crmf +{ + public class EncryptedKey + : Asn1Encodable, IAsn1Choice + { + private readonly EnvelopedData envelopedData; + private readonly EncryptedValue encryptedValue; + + public static EncryptedKey GetInstance(object o) + { + if (o is EncryptedKey) + { + return (EncryptedKey)o; + } + else if (o is Asn1TaggedObject) + { + return new EncryptedKey(EnvelopedData.GetInstance((Asn1TaggedObject)o, false)); + } + else if (o is EncryptedValue) + { + return new EncryptedKey((EncryptedValue)o); + } + else + { + return new EncryptedKey(EncryptedValue.GetInstance(o)); + } + } + + public EncryptedKey(EnvelopedData envelopedData) + { + this.envelopedData = envelopedData; + } + + public EncryptedKey(EncryptedValue encryptedValue) + { + this.encryptedValue = encryptedValue; + } + + public virtual bool IsEncryptedValue + { + get { return encryptedValue != null; } + } + + public virtual Asn1Encodable Value + { + get + { + if (encryptedValue != null) + return encryptedValue; + + return envelopedData; + } + } + + /** + * 
+         *    EncryptedKey ::= CHOICE {
+         *        encryptedValue        EncryptedValue, -- deprecated
+         *        envelopedData     [0] EnvelopedData }
+         *        -- The encrypted private key MUST be placed in the envelopedData
+         *        -- encryptedContentInfo encryptedContent OCTET STRING.
+         *
+ */ + public override Asn1Object ToAsn1Object() + { + if (encryptedValue != null) + { + return encryptedValue.ToAsn1Object(); + } + + return new DerTaggedObject(false, 0, envelopedData); + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/crmf/EncryptedValue.cs b/BouncyCastle/crypto/src/asn1/crmf/EncryptedValue.cs new file mode 100644 index 0000000..7c5cf18 --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/crmf/EncryptedValue.cs @@ -0,0 +1,143 @@ +using System; + +using Org.BouncyCastle.Asn1.X509; + +namespace Org.BouncyCastle.Asn1.Crmf +{ + public class EncryptedValue + : Asn1Encodable + { + private readonly AlgorithmIdentifier intendedAlg; + private readonly AlgorithmIdentifier symmAlg; + private readonly DerBitString encSymmKey; + private readonly AlgorithmIdentifier keyAlg; + private readonly Asn1OctetString valueHint; + private readonly DerBitString encValue; + + private EncryptedValue(Asn1Sequence seq) + { + int index = 0; + while (seq[index] is Asn1TaggedObject) + { + Asn1TaggedObject tObj = (Asn1TaggedObject)seq[index]; + + switch (tObj.TagNo) + { + case 0: + intendedAlg = AlgorithmIdentifier.GetInstance(tObj, false); + break; + case 1: + symmAlg = AlgorithmIdentifier.GetInstance(tObj, false); + break; + case 2: + encSymmKey = DerBitString.GetInstance(tObj, false); + break; + case 3: + keyAlg = AlgorithmIdentifier.GetInstance(tObj, false); + break; + case 4: + valueHint = Asn1OctetString.GetInstance(tObj, false); + break; + } + ++index; + } + + encValue = DerBitString.GetInstance(seq[index]); + } + + public static EncryptedValue GetInstance(object obj) + { + if (obj is EncryptedValue) + return (EncryptedValue)obj; + + if (obj != null) + return new EncryptedValue(Asn1Sequence.GetInstance(obj)); + + return null; + } + + public EncryptedValue( + AlgorithmIdentifier intendedAlg, + AlgorithmIdentifier symmAlg, + DerBitString encSymmKey, + AlgorithmIdentifier keyAlg, + Asn1OctetString valueHint, + DerBitString encValue) + { + if (encValue == null) + { + throw new ArgumentNullException("encValue"); + } + + this.intendedAlg = intendedAlg; + this.symmAlg = symmAlg; + this.encSymmKey = encSymmKey; + this.keyAlg = keyAlg; + this.valueHint = valueHint; + this.encValue = encValue; + } + + public virtual AlgorithmIdentifier IntendedAlg + { + get { return intendedAlg; } + } + + public virtual AlgorithmIdentifier SymmAlg + { + get { return symmAlg; } + } + + public virtual DerBitString EncSymmKey + { + get { return encSymmKey; } + } + + public virtual AlgorithmIdentifier KeyAlg + { + get { return keyAlg; } + } + + public virtual Asn1OctetString ValueHint + { + get { return valueHint; } + } + + public virtual DerBitString EncValue + { + get { return encValue; } + } + + /** + * 
+         * EncryptedValue ::= SEQUENCE {
+         *                     intendedAlg   [0] AlgorithmIdentifier  OPTIONAL,
+         *                     -- the intended algorithm for which the value will be used
+         *                     symmAlg       [1] AlgorithmIdentifier  OPTIONAL,
+         *                     -- the symmetric algorithm used to encrypt the value
+         *                     encSymmKey    [2] BIT STRING           OPTIONAL,
+         *                     -- the (encrypted) symmetric key used to encrypt the value
+         *                     keyAlg        [3] AlgorithmIdentifier  OPTIONAL,
+         *                     -- algorithm used to encrypt the symmetric key
+         *                     valueHint     [4] OCTET STRING         OPTIONAL,
+         *                     -- a brief description or identifier of the encValue content
+         *                     -- (may be meaningful only to the sending entity, and used only
+         *                     -- if EncryptedValue might be re-examined by the sending entity
+         *                     -- in the future)
+         *                     encValue       BIT STRING }
+         *                     -- the encrypted value itself
+         *
+ * @return a basic ASN.1 object representation. + */ + public override Asn1Object ToAsn1Object() + { + Asn1EncodableVector v = new Asn1EncodableVector(); + v.AddOptionalTagged(false, 0, intendedAlg); + v.AddOptionalTagged(false, 1, symmAlg); + v.AddOptionalTagged(false, 2, encSymmKey); + v.AddOptionalTagged(false, 3, keyAlg); + v.AddOptionalTagged(false, 4, valueHint); + v.Add(encValue); + return new DerSequence(v); + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/crmf/OptionalValidity.cs b/BouncyCastle/crypto/src/asn1/crmf/OptionalValidity.cs new file mode 100644 index 0000000..d608ea5 --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/crmf/OptionalValidity.cs @@ -0,0 +1,68 @@ +using System; + +using Org.BouncyCastle.Asn1.X509; + +namespace Org.BouncyCastle.Asn1.Crmf +{ + public class OptionalValidity + : Asn1Encodable + { + private readonly Time notBefore; + private readonly Time notAfter; + + private OptionalValidity(Asn1Sequence seq) + { + foreach (Asn1TaggedObject tObj in seq) + { + if (tObj.TagNo == 0) + { + notBefore = Time.GetInstance(tObj, true); + } + else + { + notAfter = Time.GetInstance(tObj, true); + } + } + } + + public static OptionalValidity GetInstance(object obj) + { + if (obj == null || obj is OptionalValidity) + return (OptionalValidity)obj; + + return new OptionalValidity(Asn1Sequence.GetInstance(obj)); + } + + public OptionalValidity(Time notBefore, Time notAfter) + { + this.notBefore = notBefore; + this.notAfter = notAfter; + } + + public virtual Time NotBefore + { + get { return notBefore; } + } + + public virtual Time NotAfter + { + get { return notAfter; } + } + + /** + * 
+         * OptionalValidity ::= SEQUENCE {
+         *                        notBefore  [0] Time OPTIONAL,
+         *                        notAfter   [1] Time OPTIONAL } --at least one MUST be present
+         *
+ * @return a basic ASN.1 object representation. + */ + public override Asn1Object ToAsn1Object() + { + Asn1EncodableVector v = new Asn1EncodableVector(); + v.AddOptionalTagged(true, 0, notBefore); + v.AddOptionalTagged(true, 1, notAfter); + return new DerSequence(v); + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/crmf/PKIArchiveOptions.cs b/BouncyCastle/crypto/src/asn1/crmf/PKIArchiveOptions.cs new file mode 100644 index 0000000..1813d87 --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/crmf/PKIArchiveOptions.cs @@ -0,0 +1,107 @@ +using System; + +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Asn1.Crmf +{ + public class PkiArchiveOptions + : Asn1Encodable, IAsn1Choice + { + public const int encryptedPrivKey = 0; + public const int keyGenParameters = 1; + public const int archiveRemGenPrivKey = 2; + + private readonly Asn1Encodable value; + + public static PkiArchiveOptions GetInstance(object obj) + { + if (obj is PkiArchiveOptions) + return (PkiArchiveOptions)obj; + + if (obj is Asn1TaggedObject) + return new PkiArchiveOptions((Asn1TaggedObject)obj); + + throw new ArgumentException("Invalid object: " + Platform.GetTypeName(obj), "obj"); + } + + private PkiArchiveOptions(Asn1TaggedObject tagged) + { + switch (tagged.TagNo) + { + case encryptedPrivKey: + value = EncryptedKey.GetInstance(tagged.GetObject()); + break; + case keyGenParameters: + value = Asn1OctetString.GetInstance(tagged, false); + break; + case archiveRemGenPrivKey: + value = DerBoolean.GetInstance(tagged, false); + break; + default: + throw new ArgumentException("unknown tag number: " + tagged.TagNo, "tagged"); + } + } + + public PkiArchiveOptions(EncryptedKey encKey) + { + this.value = encKey; + } + + public PkiArchiveOptions(Asn1OctetString keyGenParameters) + { + this.value = keyGenParameters; + } + + public PkiArchiveOptions(bool archiveRemGenPrivKey) + { + this.value = DerBoolean.GetInstance(archiveRemGenPrivKey); + } + + public virtual int Type + { + get + { + if (value is EncryptedKey) + return encryptedPrivKey; + + if (value is Asn1OctetString) + return keyGenParameters; + + return archiveRemGenPrivKey; + } + } + + public virtual Asn1Encodable Value + { + get { return value; } + } + + /** + * 
+         *  PkiArchiveOptions ::= CHOICE {
+         *      encryptedPrivKey     [0] EncryptedKey,
+         *      -- the actual value of the private key
+         *      keyGenParameters     [1] KeyGenParameters,
+         *      -- parameters which allow the private key to be re-generated
+         *      archiveRemGenPrivKey [2] BOOLEAN }
+         *      -- set to TRUE if sender wishes receiver to archive the private
+         *      -- key of a key pair that the receiver generates in response to
+         *      -- this request; set to FALSE if no archival is desired.
+         *
+ */ + public override Asn1Object ToAsn1Object() + { + if (value is EncryptedKey) + { + return new DerTaggedObject(true, encryptedPrivKey, value); // choice + } + + if (value is Asn1OctetString) + { + return new DerTaggedObject(false, keyGenParameters, value); + } + + return new DerTaggedObject(false, archiveRemGenPrivKey, value); + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/crmf/PKIPublicationInfo.cs b/BouncyCastle/crypto/src/asn1/crmf/PKIPublicationInfo.cs new file mode 100644 index 0000000..a7d2bc6 --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/crmf/PKIPublicationInfo.cs @@ -0,0 +1,66 @@ +using System; + +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Asn1.Crmf +{ + public class PkiPublicationInfo + : Asn1Encodable + { + private readonly DerInteger action; + private readonly Asn1Sequence pubInfos; + + private PkiPublicationInfo(Asn1Sequence seq) + { + action = DerInteger.GetInstance(seq[0]); + pubInfos = Asn1Sequence.GetInstance(seq[1]); + } + + public static PkiPublicationInfo GetInstance(object obj) + { + if (obj is PkiPublicationInfo) + return (PkiPublicationInfo)obj; + + if (obj is Asn1Sequence) + return new PkiPublicationInfo((Asn1Sequence)obj); + + throw new ArgumentException("Invalid object: " + Platform.GetTypeName(obj), "obj"); + } + + public virtual DerInteger Action + { + get { return action; } + } + + public virtual SinglePubInfo[] GetPubInfos() + { + if (pubInfos == null) + return null; + + SinglePubInfo[] results = new SinglePubInfo[pubInfos.Count]; + for (int i = 0; i != results.Length; ++i) + { + results[i] = SinglePubInfo.GetInstance(pubInfos[i]); + } + return results; + } + + /** + * 
+         * PkiPublicationInfo ::= SEQUENCE {
+         *                  action     INTEGER {
+         *                                 dontPublish (0),
+         *                                 pleasePublish (1) },
+         *                  pubInfos  SEQUENCE SIZE (1..MAX) OF SinglePubInfo OPTIONAL }
+         * -- pubInfos MUST NOT be present if action is "dontPublish"
+         * -- (if action is "pleasePublish" and pubInfos is omitted,
+         * -- "dontCare" is assumed)
+         *
+ * @return a basic ASN.1 object representation. + */ + public override Asn1Object ToAsn1Object() + { + return new DerSequence(action, pubInfos); + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/crmf/PKMacValue.cs b/BouncyCastle/crypto/src/asn1/crmf/PKMacValue.cs new file mode 100644 index 0000000..e104c08 --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/crmf/PKMacValue.cs @@ -0,0 +1,90 @@ +using System; + +using Org.BouncyCastle.Asn1.Cmp; +using Org.BouncyCastle.Asn1.X509; +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Asn1.Crmf +{ + /** + * Password-based MAC value for use with POPOSigningKeyInput. + */ + public class PKMacValue + : Asn1Encodable + { + private readonly AlgorithmIdentifier algID; + private readonly DerBitString macValue; + + private PKMacValue(Asn1Sequence seq) + { + this.algID = AlgorithmIdentifier.GetInstance(seq[0]); + this.macValue = DerBitString.GetInstance(seq[1]); + } + + public static PKMacValue GetInstance(object obj) + { + if (obj is PKMacValue) + return (PKMacValue)obj; + + if (obj is Asn1Sequence) + return new PKMacValue((Asn1Sequence)obj); + + throw new ArgumentException("Invalid object: " + Platform.GetTypeName(obj), "obj"); + } + + public static PKMacValue GetInstance(Asn1TaggedObject obj, bool isExplicit) + { + return GetInstance(Asn1Sequence.GetInstance(obj, isExplicit)); + } + + /** + * Creates a new PKMACValue. + * @param params parameters for password-based MAC + * @param value MAC of the DER-encoded SubjectPublicKeyInfo + */ + public PKMacValue( + PbmParameter pbmParams, + DerBitString macValue) + : this(new AlgorithmIdentifier(CmpObjectIdentifiers.passwordBasedMac, pbmParams), macValue) + { + } + + /** + * Creates a new PKMACValue. + * @param aid CMPObjectIdentifiers.passwordBasedMAC, with PBMParameter + * @param value MAC of the DER-encoded SubjectPublicKeyInfo + */ + public PKMacValue( + AlgorithmIdentifier algID, + DerBitString macValue) + { + this.algID = algID; + this.macValue = macValue; + } + + public virtual AlgorithmIdentifier AlgID + { + get { return algID; } + } + + public virtual DerBitString MacValue + { + get { return macValue; } + } + + /** + * 
+         * PKMACValue ::= SEQUENCE {
+         *      algId  AlgorithmIdentifier,
+         *      -- algorithm value shall be PasswordBasedMac 1.2.840.113533.7.66.13
+         *      -- parameter value is PBMParameter
+         *      value  BIT STRING }
+         *
+ * @return a basic ASN.1 object representation. + */ + public override Asn1Object ToAsn1Object() + { + return new DerSequence(algID, macValue); + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/crmf/PopoPrivKey.cs b/BouncyCastle/crypto/src/asn1/crmf/PopoPrivKey.cs new file mode 100644 index 0000000..95a4484 --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/crmf/PopoPrivKey.cs @@ -0,0 +1,84 @@ +using System; + +using Org.BouncyCastle.Asn1.Cms; + +namespace Org.BouncyCastle.Asn1.Crmf +{ + public class PopoPrivKey + : Asn1Encodable, IAsn1Choice + { + public const int thisMessage = 0; + public const int subsequentMessage = 1; + public const int dhMAC = 2; + public const int agreeMAC = 3; + public const int encryptedKey = 4; + + private readonly int tagNo; + private readonly Asn1Encodable obj; + + private PopoPrivKey(Asn1TaggedObject obj) + { + this.tagNo = obj.TagNo; + + switch (tagNo) + { + case thisMessage: + this.obj = DerBitString.GetInstance(obj, false); + break; + case subsequentMessage: + this.obj = SubsequentMessage.ValueOf(DerInteger.GetInstance(obj, false).IntValueExact); + break; + case dhMAC: + this.obj = DerBitString.GetInstance(obj, false); + break; + case agreeMAC: + this.obj = PKMacValue.GetInstance(obj, false); + break; + case encryptedKey: + this.obj = EnvelopedData.GetInstance(obj, false); + break; + default: + throw new ArgumentException("unknown tag in PopoPrivKey", "obj"); + } + } + + public static PopoPrivKey GetInstance(Asn1TaggedObject tagged, bool isExplicit) + { + return new PopoPrivKey(Asn1TaggedObject.GetInstance(tagged, true)); + } + + public PopoPrivKey(SubsequentMessage msg) + { + this.tagNo = subsequentMessage; + this.obj = msg; + } + + public virtual int Type + { + get { return tagNo; } + } + + public virtual Asn1Encodable Value + { + get { return obj; } + } + + /** + * 
+         * PopoPrivKey ::= CHOICE {
+         *        thisMessage       [0] BIT STRING,         -- Deprecated
+         *         -- possession is proven in this message (which contains the private
+         *         -- key itself (encrypted for the CA))
+         *        subsequentMessage [1] SubsequentMessage,
+         *         -- possession will be proven in a subsequent message
+         *        dhMAC             [2] BIT STRING,         -- Deprecated
+         *        agreeMAC          [3] PKMACValue,
+         *        encryptedKey      [4] EnvelopedData }
+         *
+ */ + public override Asn1Object ToAsn1Object() + { + return new DerTaggedObject(false, tagNo, obj); + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/crmf/PopoSigningKey.cs b/BouncyCastle/crypto/src/asn1/crmf/PopoSigningKey.cs new file mode 100644 index 0000000..11e7354 --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/crmf/PopoSigningKey.cs @@ -0,0 +1,110 @@ +using System; + +using Org.BouncyCastle.Asn1.X509; +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Asn1.Crmf +{ + public class PopoSigningKey + : Asn1Encodable + { + private readonly PopoSigningKeyInput poposkInput; + private readonly AlgorithmIdentifier algorithmIdentifier; + private readonly DerBitString signature; + + private PopoSigningKey(Asn1Sequence seq) + { + int index = 0; + + if (seq[index] is Asn1TaggedObject) + { + Asn1TaggedObject tagObj + = (Asn1TaggedObject) seq[index++]; + if (tagObj.TagNo != 0) + { + throw new ArgumentException( "Unknown PopoSigningKeyInput tag: " + tagObj.TagNo, "seq"); + } + poposkInput = PopoSigningKeyInput.GetInstance(tagObj.GetObject()); + } + algorithmIdentifier = AlgorithmIdentifier.GetInstance(seq[index++]); + signature = DerBitString.GetInstance(seq[index]); + } + + public static PopoSigningKey GetInstance(object obj) + { + if (obj is PopoSigningKey) + return (PopoSigningKey)obj; + + if (obj is Asn1Sequence) + return new PopoSigningKey((Asn1Sequence)obj); + + throw new ArgumentException("Invalid object: " + Platform.GetTypeName(obj), "obj"); + } + + public static PopoSigningKey GetInstance(Asn1TaggedObject obj, bool isExplicit) + { + return GetInstance(Asn1Sequence.GetInstance(obj, isExplicit)); + } + + /** + * Creates a new Proof of Possession object for a signing key. + * @param poposkIn the PopoSigningKeyInput structure, or null if the + * CertTemplate includes both subject and publicKey values. + * @param aid the AlgorithmIdentifier used to sign the proof of possession. + * @param signature a signature over the DER-encoded value of poposkIn, + * or the DER-encoded value of certReq if poposkIn is null. + */ + public PopoSigningKey( + PopoSigningKeyInput poposkIn, + AlgorithmIdentifier aid, + DerBitString signature) + { + this.poposkInput = poposkIn; + this.algorithmIdentifier = aid; + this.signature = signature; + } + + public virtual PopoSigningKeyInput PoposkInput + { + get { return poposkInput; } + } + + public virtual AlgorithmIdentifier AlgorithmIdentifier + { + get { return algorithmIdentifier; } + } + + public virtual DerBitString Signature + { + get { return signature; } + } + + /** + * 
+         * PopoSigningKey ::= SEQUENCE {
+         *                      poposkInput           [0] PopoSigningKeyInput OPTIONAL,
+         *                      algorithmIdentifier   AlgorithmIdentifier,
+         *                      signature             BIT STRING }
+         *  -- The signature (using "algorithmIdentifier") is on the
+         *  -- DER-encoded value of poposkInput.  NOTE: If the CertReqMsg
+         *  -- certReq CertTemplate contains the subject and publicKey values,
+         *  -- then poposkInput MUST be omitted and the signature MUST be
+         *  -- computed on the DER-encoded value of CertReqMsg certReq.  If
+         *  -- the CertReqMsg certReq CertTemplate does not contain the public
+         *  -- key and subject values, then poposkInput MUST be present and
+         *  -- MUST be signed.  This strategy ensures that the public key is
+         *  -- not present in both the poposkInput and CertReqMsg certReq
+         *  -- CertTemplate fields.
+         *
+ * @return a basic ASN.1 object representation. + */ + public override Asn1Object ToAsn1Object() + { + Asn1EncodableVector v = new Asn1EncodableVector(); + v.AddOptionalTagged(false, 0, poposkInput); + v.Add(algorithmIdentifier); + v.Add(signature); + return new DerSequence(v); + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/crmf/PopoSigningKeyInput.cs b/BouncyCastle/crypto/src/asn1/crmf/PopoSigningKeyInput.cs new file mode 100644 index 0000000..e43fa13 --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/crmf/PopoSigningKeyInput.cs @@ -0,0 +1,116 @@ +using System; + +using Org.BouncyCastle.Asn1.X509; +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Asn1.Crmf +{ + public class PopoSigningKeyInput + : Asn1Encodable + { + private readonly GeneralName sender; + private readonly PKMacValue publicKeyMac; + private readonly SubjectPublicKeyInfo publicKey; + + private PopoSigningKeyInput(Asn1Sequence seq) + { + Asn1Encodable authInfo = (Asn1Encodable)seq[0]; + + if (authInfo is Asn1TaggedObject) + { + Asn1TaggedObject tagObj = (Asn1TaggedObject)authInfo; + if (tagObj.TagNo != 0) + { + throw new ArgumentException("Unknown authInfo tag: " + tagObj.TagNo, "seq"); + } + sender = GeneralName.GetInstance(tagObj.GetObject()); + } + else + { + publicKeyMac = PKMacValue.GetInstance(authInfo); + } + + publicKey = SubjectPublicKeyInfo.GetInstance(seq[1]); + } + + public static PopoSigningKeyInput GetInstance(object obj) + { + if (obj is PopoSigningKeyInput) + return (PopoSigningKeyInput)obj; + + if (obj is Asn1Sequence) + return new PopoSigningKeyInput((Asn1Sequence)obj); + + throw new ArgumentException("Invalid object: " + Platform.GetTypeName(obj), "obj"); + } + + /** Creates a new PopoSigningKeyInput with sender name as authInfo. */ + public PopoSigningKeyInput( + GeneralName sender, + SubjectPublicKeyInfo spki) + { + this.sender = sender; + this.publicKey = spki; + } + + /** Creates a new PopoSigningKeyInput using password-based MAC. */ + public PopoSigningKeyInput( + PKMacValue pkmac, + SubjectPublicKeyInfo spki) + { + this.publicKeyMac = pkmac; + this.publicKey = spki; + } + + /** Returns the sender field, or null if authInfo is publicKeyMac */ + public virtual GeneralName Sender + { + get { return sender; } + } + + /** Returns the publicKeyMac field, or null if authInfo is sender */ + public virtual PKMacValue PublicKeyMac + { + get { return publicKeyMac; } + } + + public virtual SubjectPublicKeyInfo PublicKey + { + get { return publicKey; } + } + + /** + * 
+         * PopoSigningKeyInput ::= SEQUENCE {
+         *        authInfo             CHOICE {
+         *                                 sender              [0] GeneralName,
+         *                                 -- used only if an authenticated identity has been
+         *                                 -- established for the sender (e.g., a DN from a
+         *                                 -- previously-issued and currently-valid certificate
+         *                                 publicKeyMac        PKMacValue },
+         *                                 -- used if no authenticated GeneralName currently exists for
+         *                                 -- the sender; publicKeyMac contains a password-based MAC
+         *                                 -- on the DER-encoded value of publicKey
+         *        publicKey           SubjectPublicKeyInfo }  -- from CertTemplate
+         *
+ * @return a basic ASN.1 object representation. + */ + public override Asn1Object ToAsn1Object() + { + Asn1EncodableVector v = new Asn1EncodableVector(); + + if (sender != null) + { + v.Add(new DerTaggedObject(false, 0, sender)); + } + else + { + v.Add(publicKeyMac); + } + + v.Add(publicKey); + + return new DerSequence(v); + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/crmf/ProofOfPossession.cs b/BouncyCastle/crypto/src/asn1/crmf/ProofOfPossession.cs new file mode 100644 index 0000000..8957169 --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/crmf/ProofOfPossession.cs @@ -0,0 +1,100 @@ +using System; + +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Asn1.Crmf +{ + public class ProofOfPossession + : Asn1Encodable, IAsn1Choice + { + public const int TYPE_RA_VERIFIED = 0; + public const int TYPE_SIGNING_KEY = 1; + public const int TYPE_KEY_ENCIPHERMENT = 2; + public const int TYPE_KEY_AGREEMENT = 3; + + private readonly int tagNo; + private readonly Asn1Encodable obj; + + private ProofOfPossession(Asn1TaggedObject tagged) + { + tagNo = tagged.TagNo; + switch (tagNo) + { + case 0: + obj = DerNull.Instance; + break; + case 1: + obj = PopoSigningKey.GetInstance(tagged, false); + break; + case 2: + case 3: + obj = PopoPrivKey.GetInstance(tagged, false); + break; + default: + throw new ArgumentException("unknown tag: " + tagNo, "tagged"); + } + } + + public static ProofOfPossession GetInstance(object obj) + { + if (obj is ProofOfPossession) + return (ProofOfPossession)obj; + + if (obj is Asn1TaggedObject) + return new ProofOfPossession((Asn1TaggedObject)obj); + + throw new ArgumentException("Invalid object: " + Platform.GetTypeName(obj), "obj"); + } + + /** Creates a ProofOfPossession with type raVerified. */ + public ProofOfPossession() + { + tagNo = TYPE_RA_VERIFIED; + obj = DerNull.Instance; + } + + /** Creates a ProofOfPossession for a signing key. */ + public ProofOfPossession(PopoSigningKey Poposk) + { + tagNo = TYPE_SIGNING_KEY; + obj = Poposk; + } + + /** + * Creates a ProofOfPossession for key encipherment or agreement. + * @param type one of TYPE_KEY_ENCIPHERMENT or TYPE_KEY_AGREEMENT + */ + public ProofOfPossession(int type, PopoPrivKey privkey) + { + tagNo = type; + obj = privkey; + } + + public virtual int Type + { + get { return tagNo; } + } + + public virtual Asn1Encodable Object + { + get { return obj; } + } + + /** + * 
+         * ProofOfPossession ::= CHOICE {
+         *                           raVerified        [0] NULL,
+         *                           -- used if the RA has already verified that the requester is in
+         *                           -- possession of the private key
+         *                           signature         [1] PopoSigningKey,
+         *                           keyEncipherment   [2] PopoPrivKey,
+         *                           keyAgreement      [3] PopoPrivKey }
+         *
+ * @return a basic ASN.1 object representation. + */ + public override Asn1Object ToAsn1Object() + { + return new DerTaggedObject(false, tagNo, obj); + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/crmf/SinglePubInfo.cs b/BouncyCastle/crypto/src/asn1/crmf/SinglePubInfo.cs new file mode 100644 index 0000000..5205ce3 --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/crmf/SinglePubInfo.cs @@ -0,0 +1,59 @@ +using System; + +using Org.BouncyCastle.Asn1.X509; +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Asn1.Crmf +{ + public class SinglePubInfo + : Asn1Encodable + { + private readonly DerInteger pubMethod; + private readonly GeneralName pubLocation; + + private SinglePubInfo(Asn1Sequence seq) + { + pubMethod = DerInteger.GetInstance(seq[0]); + + if (seq.Count == 2) + { + pubLocation = GeneralName.GetInstance(seq[1]); + } + } + + public static SinglePubInfo GetInstance(object obj) + { + if (obj is SinglePubInfo) + return (SinglePubInfo)obj; + + if (obj is Asn1Sequence) + return new SinglePubInfo((Asn1Sequence)obj); + + throw new ArgumentException("Invalid object: " + Platform.GetTypeName(obj), "obj"); + } + + public virtual GeneralName PubLocation + { + get { return pubLocation; } + } + + /** + * 
+         * SinglePubInfo ::= SEQUENCE {
+         *        pubMethod    INTEGER {
+         *           dontCare    (0),
+         *           x500        (1),
+         *           web         (2),
+         *           ldap        (3) },
+         *       pubLocation  GeneralName OPTIONAL }
+         *
+ * @return a basic ASN.1 object representation. + */ + public override Asn1Object ToAsn1Object() + { + Asn1EncodableVector v = new Asn1EncodableVector(pubMethod); + v.AddOptional(pubLocation); + return new DerSequence(v); + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/crmf/SubsequentMessage.cs b/BouncyCastle/crypto/src/asn1/crmf/SubsequentMessage.cs new file mode 100644 index 0000000..cc1c164 --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/crmf/SubsequentMessage.cs @@ -0,0 +1,27 @@ +using System; + +namespace Org.BouncyCastle.Asn1.Crmf +{ + public class SubsequentMessage + : DerInteger + { + public static readonly SubsequentMessage encrCert = new SubsequentMessage(0); + public static readonly SubsequentMessage challengeResp = new SubsequentMessage(1); + + private SubsequentMessage(int value) + : base(value) + { + } + + public static SubsequentMessage ValueOf(int value) + { + if (value == 0) + return encrCert; + + if (value == 1) + return challengeResp; + + throw new ArgumentException("unknown value: " + value, "value"); + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/cryptopro/CryptoProObjectIdentifiers.cs b/BouncyCastle/crypto/src/asn1/cryptopro/CryptoProObjectIdentifiers.cs new file mode 100644 index 0000000..e2f2c18 --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/cryptopro/CryptoProObjectIdentifiers.cs @@ -0,0 +1,51 @@ +using System; + +using Org.BouncyCastle.Asn1; + +namespace Org.BouncyCastle.Asn1.CryptoPro +{ + public abstract class CryptoProObjectIdentifiers + { + // GOST Algorithms OBJECT IDENTIFIERS : + // { iso(1) member-body(2) ru(643) rans(2) cryptopro(2)} + public const string GostID = "1.2.643.2.2"; + + public static readonly DerObjectIdentifier GostR3411 = new DerObjectIdentifier(GostID + ".9"); + public static readonly DerObjectIdentifier GostR3411Hmac = new DerObjectIdentifier(GostID + ".10"); + + public static readonly DerObjectIdentifier GostR28147Cbc = new DerObjectIdentifier(GostID + ".21"); + + public static readonly DerObjectIdentifier ID_Gost28147_89_CryptoPro_A_ParamSet = new DerObjectIdentifier(GostID + ".31.1"); + + public static readonly DerObjectIdentifier GostR3410x94 = new DerObjectIdentifier(GostID + ".20"); + public static readonly DerObjectIdentifier GostR3410x2001 = new DerObjectIdentifier(GostID + ".19"); + public static readonly DerObjectIdentifier GostR3411x94WithGostR3410x94 = new DerObjectIdentifier(GostID + ".4"); + public static readonly DerObjectIdentifier GostR3411x94WithGostR3410x2001 = new DerObjectIdentifier(GostID + ".3"); + + // { iso(1) member-body(2) ru(643) rans(2) cryptopro(2) hashes(30) } + public static readonly DerObjectIdentifier GostR3411x94CryptoProParamSet = new DerObjectIdentifier(GostID + ".30.1"); + + // { iso(1) member-body(2) ru(643) rans(2) cryptopro(2) signs(32) } + public static readonly DerObjectIdentifier GostR3410x94CryptoProA = new DerObjectIdentifier(GostID + ".32.2"); + public static readonly DerObjectIdentifier GostR3410x94CryptoProB = new DerObjectIdentifier(GostID + ".32.3"); + public static readonly DerObjectIdentifier GostR3410x94CryptoProC = new DerObjectIdentifier(GostID + ".32.4"); + public static readonly DerObjectIdentifier GostR3410x94CryptoProD = new DerObjectIdentifier(GostID + ".32.5"); + + // { iso(1) member-body(2) ru(643) rans(2) cryptopro(2) exchanges(33) } + public static readonly DerObjectIdentifier GostR3410x94CryptoProXchA = new DerObjectIdentifier(GostID + ".33.1"); + public static readonly DerObjectIdentifier GostR3410x94CryptoProXchB = new DerObjectIdentifier(GostID + ".33.2"); + public static readonly DerObjectIdentifier GostR3410x94CryptoProXchC = new DerObjectIdentifier(GostID + ".33.3"); + + //{ iso(1) member-body(2)ru(643) rans(2) cryptopro(2) ecc-signs(35) } + public static readonly DerObjectIdentifier GostR3410x2001CryptoProA = new DerObjectIdentifier(GostID + ".35.1"); + public static readonly DerObjectIdentifier GostR3410x2001CryptoProB = new DerObjectIdentifier(GostID + ".35.2"); + public static readonly DerObjectIdentifier GostR3410x2001CryptoProC = new DerObjectIdentifier(GostID + ".35.3"); + + // { iso(1) member-body(2) ru(643) rans(2) cryptopro(2) ecc-exchanges(36) } + public static readonly DerObjectIdentifier GostR3410x2001CryptoProXchA = new DerObjectIdentifier(GostID + ".36.0"); + public static readonly DerObjectIdentifier GostR3410x2001CryptoProXchB = new DerObjectIdentifier(GostID + ".36.1"); + + public static readonly DerObjectIdentifier GostElSgDH3410Default = new DerObjectIdentifier(GostID + ".36.0"); + public static readonly DerObjectIdentifier GostElSgDH3410x1 = new DerObjectIdentifier(GostID + ".36.1"); + } +} diff --git a/BouncyCastle/crypto/src/asn1/cryptopro/ECGOST3410NamedCurves.cs b/BouncyCastle/crypto/src/asn1/cryptopro/ECGOST3410NamedCurves.cs new file mode 100644 index 0000000..5ac8cad --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/cryptopro/ECGOST3410NamedCurves.cs @@ -0,0 +1,403 @@ +using System; +using System.Collections; + +using Org.BouncyCastle.Asn1.Rosstandart; +using Org.BouncyCastle.Asn1.X9; +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Math; +using Org.BouncyCastle.Math.EC; +using Org.BouncyCastle.Math.EC.Multiplier; +using Org.BouncyCastle.Utilities; +using Org.BouncyCastle.Utilities.Collections; +using Org.BouncyCastle.Utilities.Encoders; + +namespace Org.BouncyCastle.Asn1.CryptoPro +{ + /// + /// Table of the available named parameters for GOST 3410-2001 / 2012. + /// + public sealed class ECGost3410NamedCurves + { + private ECGost3410NamedCurves() + { + } + + private static X9ECPoint ConfigureBasepoint(ECCurve curve, BigInteger x, BigInteger y) + { + ECPoint G = curve.CreatePoint(x, y); + WNafUtilities.ConfigureBasepoint(G); + return new X9ECPoint(G, false); + } + + private static ECCurve ConfigureCurve(ECCurve curve) + { + return curve; + } + + private static BigInteger FromHex(string hex) + { + return new BigInteger(1, Hex.DecodeStrict(hex)); + } + + /* + * GostR3410-2001-CryptoPro-A (and GostR3410-2001-CryptoPro-XchA) + */ + internal class Holder_gostR3410_2001_CryptoPro_A + : X9ECParametersHolder + { + private Holder_gostR3410_2001_CryptoPro_A() {} + + internal static readonly X9ECParametersHolder Instance = new Holder_gostR3410_2001_CryptoPro_A(); + + protected override ECCurve CreateCurve() + { + BigInteger mod_p = FromHex("FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFD97"); + BigInteger mod_q = FromHex("FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF6C611070995AD10045841B09B761B893"); + + return ConfigureCurve(new FpCurve( + mod_p, + FromHex("FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFD94"), + FromHex("A6"), + mod_q, BigInteger.One, true)); + } + + protected override X9ECParameters CreateParameters() + { + byte[] S = null; + ECCurve curve = Curve; + + X9ECPoint G = ConfigureBasepoint(curve, + BigInteger.One, + FromHex("8D91E471E0989CDA27DF505A453F2B7635294F2DDF23E3B122ACC99C9E9F1E14")); + + return new X9ECParameters(curve, G, curve.Order, curve.Cofactor, S); + } + }; + + /* + * GostR3410-2001-CryptoPro-B + */ + internal class Holder_gostR3410_2001_CryptoPro_B + : X9ECParametersHolder + { + private Holder_gostR3410_2001_CryptoPro_B() {} + + internal static readonly X9ECParametersHolder Instance = new Holder_gostR3410_2001_CryptoPro_B(); + + protected override ECCurve CreateCurve() + { + BigInteger mod_p = FromHex("8000000000000000000000000000000000000000000000000000000000000C99"); + BigInteger mod_q = FromHex("800000000000000000000000000000015F700CFFF1A624E5E497161BCC8A198F"); + + return ConfigureCurve(new FpCurve( + mod_p, + FromHex("8000000000000000000000000000000000000000000000000000000000000C96"), + FromHex("3E1AF419A269A5F866A7D3C25C3DF80AE979259373FF2B182F49D4CE7E1BBC8B"), + mod_q, BigInteger.One, true)); + } + + protected override X9ECParameters CreateParameters() + { + byte[] S = null; + ECCurve curve = Curve; + + X9ECPoint G = ConfigureBasepoint(curve, + BigInteger.One, + FromHex("3FA8124359F96680B83D1C3EB2C070E5C545C9858D03ECFB744BF8D717717EFC")); + + return new X9ECParameters(curve, G, curve.Order, curve.Cofactor, S); + } + }; + + /* + * GostR3410-2001-CryptoPro-C + */ + internal class Holder_gostR3410_2001_CryptoPro_C + : X9ECParametersHolder + { + private Holder_gostR3410_2001_CryptoPro_C() {} + + internal static readonly X9ECParametersHolder Instance = new Holder_gostR3410_2001_CryptoPro_C(); + + protected override ECCurve CreateCurve() + { + BigInteger mod_p = FromHex("9B9F605F5A858107AB1EC85E6B41C8AACF846E86789051D37998F7B9022D759B"); + BigInteger mod_q = FromHex("9B9F605F5A858107AB1EC85E6B41C8AA582CA3511EDDFB74F02F3A6598980BB9"); + + return ConfigureCurve(new FpCurve( + mod_p, + FromHex("9B9F605F5A858107AB1EC85E6B41C8AACF846E86789051D37998F7B9022D7598"), + FromHex("805A"), + mod_q, BigInteger.One, true)); + } + + protected override X9ECParameters CreateParameters() + { + byte[] S = null; + ECCurve curve = Curve; + + X9ECPoint G = ConfigureBasepoint(curve, + BigInteger.Zero, + FromHex("41ECE55743711A8C3CBF3783CD08C0EE4D4DC440D4641A8F366E550DFDB3BB67")); + + return new X9ECParameters(curve, G, curve.Order, curve.Cofactor, S); + } + }; + + /* + * GostR3410-2001-CryptoPro-XchB + */ + internal class Holder_gostR3410_2001_CryptoPro_XchB + : X9ECParametersHolder + { + private Holder_gostR3410_2001_CryptoPro_XchB() {} + + internal static readonly X9ECParametersHolder Instance = new Holder_gostR3410_2001_CryptoPro_XchB(); + + protected override ECCurve CreateCurve() + { + BigInteger mod_p = FromHex("9B9F605F5A858107AB1EC85E6B41C8AACF846E86789051D37998F7B9022D759B"); + BigInteger mod_q = FromHex("9B9F605F5A858107AB1EC85E6B41C8AA582CA3511EDDFB74F02F3A6598980BB9"); + + return ConfigureCurve(new FpCurve( + mod_p, + FromHex("9B9F605F5A858107AB1EC85E6B41C8AACF846E86789051D37998F7B9022D7598"), + FromHex("805A"), + mod_q, BigInteger.One, true)); + } + + protected override X9ECParameters CreateParameters() + { + byte[] S = null; + ECCurve curve = Curve; + + X9ECPoint G = ConfigureBasepoint(curve, + BigInteger.Zero, + FromHex("41ECE55743711A8C3CBF3783CD08C0EE4D4DC440D4641A8F366E550DFDB3BB67")); + + return new X9ECParameters(curve, G, curve.Order, curve.Cofactor, S); + } + }; + + /* + * Tc26-Gost-3410-12-256-paramSetA + */ + internal class Holder_id_tc26_gost_3410_12_256_paramSetA + : X9ECParametersHolder + { + private Holder_id_tc26_gost_3410_12_256_paramSetA() {} + + internal static readonly X9ECParametersHolder Instance = new Holder_id_tc26_gost_3410_12_256_paramSetA(); + + protected override ECCurve CreateCurve() + { + BigInteger mod_p = FromHex("FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFD97"); + BigInteger mod_q = FromHex("400000000000000000000000000000000FD8CDDFC87B6635C115AF556C360C67"); + + return ConfigureCurve(new FpCurve( + mod_p, + FromHex("C2173F1513981673AF4892C23035A27CE25E2013BF95AA33B22C656F277E7335"), + FromHex("295F9BAE7428ED9CCC20E7C359A9D41A22FCCD9108E17BF7BA9337A6F8AE9513"), + mod_q, BigInteger.Four, true)); + } + + protected override X9ECParameters CreateParameters() + { + byte[] S = null; + ECCurve curve = Curve; + + X9ECPoint G = ConfigureBasepoint(curve, + FromHex("91E38443A5E82C0D880923425712B2BB658B9196932E02C78B2582FE742DAA28"), + FromHex("32879423AB1A0375895786C4BB46E9565FDE0B5344766740AF268ADB32322E5C")); + + return new X9ECParameters(curve, G, curve.Order, curve.Cofactor, S); + } + }; + + /* + * Tc26-Gost-3410-12-512-paramSetA + */ + internal class Holder_id_tc26_gost_3410_12_512_paramSetA + : X9ECParametersHolder + { + private Holder_id_tc26_gost_3410_12_512_paramSetA() {} + + internal static readonly X9ECParametersHolder Instance = new Holder_id_tc26_gost_3410_12_512_paramSetA(); + + protected override ECCurve CreateCurve() + { + BigInteger mod_p = FromHex("FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFDC7"); + BigInteger mod_q = FromHex("FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF27E69532F48D89116FF22B8D4E0560609B4B38ABFAD2B85DCACDB1411F10B275"); + + return ConfigureCurve(new FpCurve( + mod_p, + FromHex("FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFDC4"), + FromHex("E8C2505DEDFC86DDC1BD0B2B6667F1DA34B82574761CB0E879BD081CFD0B6265EE3CB090F30D27614CB4574010DA90DD862EF9D4EBEE4761503190785A71C760"), + mod_q, BigInteger.One, true)); + } + + protected override X9ECParameters CreateParameters() + { + byte[] S = null; + ECCurve curve = Curve; + + X9ECPoint G = ConfigureBasepoint(curve, + BigInteger.Three, + FromHex("7503CFE87A836AE3A61B8816E25450E6CE5E1C93ACF1ABC1778064FDCBEFA921DF1626BE4FD036E93D75E6A50E3A41E98028FE5FC235F5B889A589CB5215F2A4")); + + return new X9ECParameters(curve, G, curve.Order, curve.Cofactor, S); + } + }; + + /* + * Tc26-Gost-3410-12-512-paramSetB + */ + internal class Holder_id_tc26_gost_3410_12_512_paramSetB + : X9ECParametersHolder + { + private Holder_id_tc26_gost_3410_12_512_paramSetB() {} + + internal static readonly X9ECParametersHolder Instance = new Holder_id_tc26_gost_3410_12_512_paramSetB(); + + protected override ECCurve CreateCurve() + { + BigInteger mod_p = FromHex("8000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000006F"); + BigInteger mod_q = FromHex("800000000000000000000000000000000000000000000000000000000000000149A1EC142565A545ACFDB77BD9D40CFA8B996712101BEA0EC6346C54374F25BD"); + + return ConfigureCurve(new FpCurve( + mod_p, + FromHex("8000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000006C"), + FromHex("687D1B459DC841457E3E06CF6F5E2517B97C7D614AF138BCBF85DC806C4B289F3E965D2DB1416D217F8B276FAD1AB69C50F78BEE1FA3106EFB8CCBC7C5140116"), + mod_q, BigInteger.One, true)); + } + + protected override X9ECParameters CreateParameters() + { + byte[] S = null; + ECCurve curve = Curve; + + X9ECPoint G = ConfigureBasepoint(curve, + BigInteger.Two, + FromHex("1A8F7EDA389B094C2C071E3647A8940F3C123B697578C213BE6DD9E6C8EC7335DCB228FD1EDF4A39152CBCAAF8C0398828041055F94CEEEC7E21340780FE41BD")); + + return new X9ECParameters(curve, G, curve.Order, curve.Cofactor, S); + } + }; + + /* + * Tc26-Gost-3410-12-512-paramSetC + */ + internal class Holder_id_tc26_gost_3410_12_512_paramSetC + : X9ECParametersHolder + { + private Holder_id_tc26_gost_3410_12_512_paramSetC() {} + + internal static readonly X9ECParametersHolder Instance = new Holder_id_tc26_gost_3410_12_512_paramSetC(); + + protected override ECCurve CreateCurve() + { + BigInteger mod_p = FromHex("FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFDC7"); + BigInteger mod_q = FromHex("3FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFC98CDBA46506AB004C33A9FF5147502CC8EDA9E7A769A12694623CEF47F023ED"); + + return ConfigureCurve(new FpCurve( + mod_p, + FromHex("DC9203E514A721875485A529D2C722FB187BC8980EB866644DE41C68E143064546E861C0E2C9EDD92ADE71F46FCF50FF2AD97F951FDA9F2A2EB6546F39689BD3"), + FromHex("B4C4EE28CEBC6C2C8AC12952CF37F16AC7EFB6A9F69F4B57FFDA2E4F0DE5ADE038CBC2FFF719D2C18DE0284B8BFEF3B52B8CC7A5F5BF0A3C8D2319A5312557E1"), + mod_q, BigInteger.Four, true)); + } + + protected override X9ECParameters CreateParameters() + { + byte[] S = null; + ECCurve curve = Curve; + + X9ECPoint G = ConfigureBasepoint(curve, + FromHex("E2E31EDFC23DE7BDEBE241CE593EF5DE2295B7A9CBAEF021D385F7074CEA043AA27272A7AE602BF2A7B9033DB9ED3610C6FB85487EAE97AAC5BC7928C1950148"), + FromHex("F5CE40D95B5EB899ABBCCFF5911CB8577939804D6527378B8C108C3D2090FF9BE18E2D33E3021ED2EF32D85822423B6304F726AA854BAE07D0396E9A9ADDC40F")); + + return new X9ECParameters(curve, G, curve.Order, curve.Cofactor, S); + } + }; + + + private static readonly IDictionary objIds = Platform.CreateHashtable(); + private static readonly IDictionary curves = Platform.CreateHashtable(); + private static readonly IDictionary names = Platform.CreateHashtable(); + + private static void DefineCurve(string name, DerObjectIdentifier oid, X9ECParametersHolder holder) + { + objIds.Add(name, oid); + names.Add(oid, name); + curves.Add(oid, holder); + } + + static ECGost3410NamedCurves() + { + DefineCurve("GostR3410-2001-CryptoPro-A", CryptoProObjectIdentifiers.GostR3410x2001CryptoProA, + Holder_gostR3410_2001_CryptoPro_A.Instance); + DefineCurve("GostR3410-2001-CryptoPro-B", CryptoProObjectIdentifiers.GostR3410x2001CryptoProB, + Holder_gostR3410_2001_CryptoPro_B.Instance); + DefineCurve("GostR3410-2001-CryptoPro-C", CryptoProObjectIdentifiers.GostR3410x2001CryptoProC, + Holder_gostR3410_2001_CryptoPro_C.Instance); + DefineCurve("GostR3410-2001-CryptoPro-XchA", CryptoProObjectIdentifiers.GostR3410x2001CryptoProXchA, + Holder_gostR3410_2001_CryptoPro_A.Instance); + DefineCurve("GostR3410-2001-CryptoPro-XchB", CryptoProObjectIdentifiers.GostR3410x2001CryptoProXchB, + Holder_gostR3410_2001_CryptoPro_XchB.Instance); + DefineCurve("Tc26-Gost-3410-12-256-paramSetA", RosstandartObjectIdentifiers.id_tc26_gost_3410_12_256_paramSetA, + Holder_id_tc26_gost_3410_12_256_paramSetA.Instance); + DefineCurve("Tc26-Gost-3410-12-512-paramSetA", RosstandartObjectIdentifiers.id_tc26_gost_3410_12_512_paramSetA, + Holder_id_tc26_gost_3410_12_512_paramSetA.Instance); + DefineCurve("Tc26-Gost-3410-12-512-paramSetB", RosstandartObjectIdentifiers.id_tc26_gost_3410_12_512_paramSetB, + Holder_id_tc26_gost_3410_12_512_paramSetB.Instance); + DefineCurve("Tc26-Gost-3410-12-512-paramSetC", RosstandartObjectIdentifiers.id_tc26_gost_3410_12_512_paramSetC, + Holder_id_tc26_gost_3410_12_512_paramSetC.Instance); + } + + public static X9ECParameters GetByNameX9(string name) + { + DerObjectIdentifier oid = GetOid(name); + return oid == null ? null : GetByOidX9(oid); + } + + public static X9ECParametersHolder GetByNameLazy(string name) + { + DerObjectIdentifier oid = GetOid(name); + return oid == null ? null : GetByOidLazy(oid); + } + + public static X9ECParameters GetByOidX9(DerObjectIdentifier oid) + { + X9ECParametersHolder holder = GetByOidLazy(oid); + return holder == null ? null : holder.Parameters; + } + + public static X9ECParametersHolder GetByOidLazy(DerObjectIdentifier oid) + { + return (X9ECParametersHolder)curves[oid]; + } + + public static DerObjectIdentifier GetOid( + string name) + { + return (DerObjectIdentifier)objIds[name]; + } + + /** + * return the named curve name represented by the given object identifier. + */ + public static string GetName( + DerObjectIdentifier oid) + { + return (string)names[oid]; + } + + /** + * returns an enumeration containing the name strings for curves + * contained in this structure. + */ + public static IEnumerable Names + { + get { return new EnumerableProxy(names.Values); } + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/cryptopro/ECGOST3410ParamSetParameters.cs b/BouncyCastle/crypto/src/asn1/cryptopro/ECGOST3410ParamSetParameters.cs new file mode 100644 index 0000000..8e568a2 --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/cryptopro/ECGOST3410ParamSetParameters.cs @@ -0,0 +1,87 @@ +using System; +using System.Collections; + +using Org.BouncyCastle.Math; +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Asn1.CryptoPro +{ + public class ECGost3410ParamSetParameters + : Asn1Encodable + { + internal readonly DerInteger p, q, a, b, x, y; + + public static ECGost3410ParamSetParameters GetInstance( + Asn1TaggedObject obj, + bool explicitly) + { + return GetInstance(Asn1Sequence.GetInstance(obj, explicitly)); + } + + public static ECGost3410ParamSetParameters GetInstance( + object obj) + { + if (obj == null || obj is ECGost3410ParamSetParameters) + { + return (ECGost3410ParamSetParameters) obj; + } + + if (obj is Asn1Sequence) + { + return new ECGost3410ParamSetParameters((Asn1Sequence) obj); + } + + throw new ArgumentException("Invalid GOST3410Parameter: " + Platform.GetTypeName(obj)); + } + + public ECGost3410ParamSetParameters( + BigInteger a, + BigInteger b, + BigInteger p, + BigInteger q, + int x, + BigInteger y) + { + this.a = new DerInteger(a); + this.b = new DerInteger(b); + this.p = new DerInteger(p); + this.q = new DerInteger(q); + this.x = new DerInteger(x); + this.y = new DerInteger(y); + } + + public ECGost3410ParamSetParameters( + Asn1Sequence seq) + { + if (seq.Count != 6) + throw new ArgumentException("Wrong number of elements in sequence", "seq"); + + this.a = DerInteger.GetInstance(seq[0]); + this.b = DerInteger.GetInstance(seq[1]); + this.p = DerInteger.GetInstance(seq[2]); + this.q = DerInteger.GetInstance(seq[3]); + this.x = DerInteger.GetInstance(seq[4]); + this.y = DerInteger.GetInstance(seq[5]); + } + + public BigInteger P + { + get { return p.PositiveValue; } + } + + public BigInteger Q + { + get { return q.PositiveValue; } + } + + public BigInteger A + { + get { return a.PositiveValue; } + } + + public override Asn1Object ToAsn1Object() + { + return new DerSequence(a, b, p, q, x, y); + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/cryptopro/GOST28147Parameters.cs b/BouncyCastle/crypto/src/asn1/cryptopro/GOST28147Parameters.cs new file mode 100644 index 0000000..fc0d792 --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/cryptopro/GOST28147Parameters.cs @@ -0,0 +1,63 @@ +using System; +using System.Collections; + +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Asn1.CryptoPro +{ + public class Gost28147Parameters + : Asn1Encodable + { + private readonly Asn1OctetString iv; + private readonly DerObjectIdentifier paramSet; + + public static Gost28147Parameters GetInstance( + Asn1TaggedObject obj, + bool explicitly) + { + return GetInstance(Asn1Sequence.GetInstance(obj, explicitly)); + } + + public static Gost28147Parameters GetInstance( + object obj) + { + if (obj == null || obj is Gost28147Parameters) + { + return (Gost28147Parameters) obj; + } + + if (obj is Asn1Sequence) + { + return new Gost28147Parameters((Asn1Sequence) obj); + } + + throw new ArgumentException("Invalid GOST3410Parameter: " + Platform.GetTypeName(obj)); + } + + private Gost28147Parameters( + Asn1Sequence seq) + { + if (seq.Count != 2) + throw new ArgumentException("Wrong number of elements in sequence", "seq"); + + this.iv = Asn1OctetString.GetInstance(seq[0]); + this.paramSet = DerObjectIdentifier.GetInstance(seq[1]); + } + + /** + * 
+         * Gost28147-89-Parameters ::=
+         *               SEQUENCE {
+         *                       iv                   Gost28147-89-IV,
+         *                       encryptionParamSet   OBJECT IDENTIFIER
+         *                }
+         *
+         *   Gost28147-89-IV ::= OCTET STRING (SIZE (8))
+         *
+ */ + public override Asn1Object ToAsn1Object() + { + return new DerSequence(iv, paramSet); + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/cryptopro/GOST3410NamedParameters.cs b/BouncyCastle/crypto/src/asn1/cryptopro/GOST3410NamedParameters.cs new file mode 100644 index 0000000..66dba51 --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/cryptopro/GOST3410NamedParameters.cs @@ -0,0 +1,123 @@ +using System; +using System.Collections; + +using Org.BouncyCastle.Asn1; +using Org.BouncyCastle.Math; +using Org.BouncyCastle.Utilities; +using Org.BouncyCastle.Utilities.Collections; + +namespace Org.BouncyCastle.Asn1.CryptoPro +{ + /** + * table of the available named parameters for GOST 3410-94. + */ + public sealed class Gost3410NamedParameters + { + private Gost3410NamedParameters() + { + } + + private static readonly IDictionary objIds = Platform.CreateHashtable(); + private static readonly IDictionary parameters = Platform.CreateHashtable(); + + private static readonly Gost3410ParamSetParameters cryptoProA = new Gost3410ParamSetParameters( + 1024, + new BigInteger("127021248288932417465907042777176443525787653508916535812817507265705031260985098497423188333483401180925999995120988934130659205614996724254121049274349357074920312769561451689224110579311248812610229678534638401693520013288995000362260684222750813532307004517341633685004541062586971416883686778842537820383"), + new BigInteger("68363196144955700784444165611827252895102170888761442055095051287550314083023"), + new BigInteger("100997906755055304772081815535925224869841082572053457874823515875577147990529272777244152852699298796483356699682842027972896052747173175480590485607134746852141928680912561502802222185647539190902656116367847270145019066794290930185446216399730872221732889830323194097355403213400972588322876850946740663962") + // validationAlgorithm { + // algorithm + // id-GostR3410-94-bBis, + // parameters + // GostR3410-94-ValidationBisParameters: { + // x0 1376285941, + // c 3996757427 + // } + // } + + ); + + private static readonly Gost3410ParamSetParameters cryptoProB = new Gost3410ParamSetParameters( + 1024, + new BigInteger("139454871199115825601409655107690713107041707059928031797758001454375765357722984094124368522288239833039114681648076688236921220737322672160740747771700911134550432053804647694904686120113087816240740184800477047157336662926249423571248823968542221753660143391485680840520336859458494803187341288580489525163"), + new BigInteger("79885141663410976897627118935756323747307951916507639758300472692338873533959"), + new BigInteger("42941826148615804143873447737955502392672345968607143066798112994089471231420027060385216699563848719957657284814898909770759462613437669456364882730370838934791080835932647976778601915343474400961034231316672578686920482194932878633360203384797092684342247621055760235016132614780652761028509445403338652341") + // validationAlgorithm { + // algorithm + // id-GostR3410-94-bBis, + // parameters + // GostR3410-94-ValidationBisParameters: { + // x0 1536654555, + // c 1855361757, + // d 14408629386140014567655 + //4902939282056547857802241461782996702017713059974755104394739915140 + //6115284791024439062735788342744854120601660303926203867703556828005 + //8957203818114895398976594425537561271800850306 + // } + // } + //} + ); + + private static readonly Gost3410ParamSetParameters cryptoProXchA = new Gost3410ParamSetParameters( + 1024, + new BigInteger("142011741597563481196368286022318089743276138395243738762872573441927459393512718973631166078467600360848946623567625795282774719212241929071046134208380636394084512691828894000571524625445295769349356752728956831541775441763139384457191755096847107846595662547942312293338483924514339614727760681880609734239"), + new BigInteger("91771529896554605945588149018382750217296858393520724172743325725474374979801"), + new BigInteger("133531813272720673433859519948319001217942375967847486899482359599369642528734712461590403327731821410328012529253871914788598993103310567744136196364803064721377826656898686468463277710150809401182608770201615324990468332931294920912776241137878030224355746606283971659376426832674269780880061631528163475887") + ); + + static Gost3410NamedParameters() + { + parameters[CryptoProObjectIdentifiers.GostR3410x94CryptoProA] = cryptoProA; + parameters[CryptoProObjectIdentifiers.GostR3410x94CryptoProB] = cryptoProB; + //parameters[CryptoProObjectIdentifiers.GostR3410x94CryptoProC] = cryptoProC; + //parameters[CryptoProObjectIdentifiers.GostR3410x94CryptoProD] = cryptoProD; + parameters[CryptoProObjectIdentifiers.GostR3410x94CryptoProXchA] = cryptoProXchA; + //parameters[CryptoProObjectIdentifiers.GostR3410x94CryptoProXchB] = cryptoProXchA; + //parameters[CryptoProObjectIdentifiers.GostR3410x94CryptoProXchC] = cryptoProXchA; + + objIds["GostR3410-94-CryptoPro-A"] = CryptoProObjectIdentifiers.GostR3410x94CryptoProA; + objIds["GostR3410-94-CryptoPro-B"] = CryptoProObjectIdentifiers.GostR3410x94CryptoProB; + objIds["GostR3410-94-CryptoPro-XchA"] = CryptoProObjectIdentifiers.GostR3410x94CryptoProXchA; + } + + /** + * return the GOST3410ParamSetParameters object for the given OID, null if it + * isn't present. + * + * @param oid an object identifier representing a named parameters, if present. + */ + public static Gost3410ParamSetParameters GetByOid( + DerObjectIdentifier oid) + { + return (Gost3410ParamSetParameters) parameters[oid]; + } + + /** + * returns an enumeration containing the name strings for parameters + * contained in this structure. + */ + public static IEnumerable Names + { + get { return new EnumerableProxy(objIds.Keys); } + } + + public static Gost3410ParamSetParameters GetByName( + string name) + { + DerObjectIdentifier oid = (DerObjectIdentifier) objIds[name]; + + if (oid != null) + { + return (Gost3410ParamSetParameters) parameters[oid]; + } + + return null; + } + + public static DerObjectIdentifier GetOid( + string name) + { + return (DerObjectIdentifier) objIds[name]; + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/cryptopro/GOST3410ParamSetParameters.cs b/BouncyCastle/crypto/src/asn1/cryptopro/GOST3410ParamSetParameters.cs new file mode 100644 index 0000000..ee6ed8c --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/cryptopro/GOST3410ParamSetParameters.cs @@ -0,0 +1,87 @@ +using System; +using System.Collections; + +using Org.BouncyCastle.Math; +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Asn1.CryptoPro +{ + public class Gost3410ParamSetParameters + : Asn1Encodable + { + private readonly int keySize; + private readonly DerInteger p, q, a; + + public static Gost3410ParamSetParameters GetInstance( + Asn1TaggedObject obj, + bool explicitly) + { + return GetInstance(Asn1Sequence.GetInstance(obj, explicitly)); + } + + public static Gost3410ParamSetParameters GetInstance( + object obj) + { + if (obj == null || obj is Gost3410ParamSetParameters) + { + return (Gost3410ParamSetParameters) obj; + } + + if (obj is Asn1Sequence) + { + return new Gost3410ParamSetParameters((Asn1Sequence) obj); + } + + throw new ArgumentException("Invalid GOST3410Parameter: " + Platform.GetTypeName(obj)); + } + + public Gost3410ParamSetParameters( + int keySize, + BigInteger p, + BigInteger q, + BigInteger a) + { + this.keySize = keySize; + this.p = new DerInteger(p); + this.q = new DerInteger(q); + this.a = new DerInteger(a); + } + + private Gost3410ParamSetParameters( + Asn1Sequence seq) + { + if (seq.Count != 4) + throw new ArgumentException("Wrong number of elements in sequence", "seq"); + + this.keySize = DerInteger.GetInstance(seq[0]).IntValueExact; + this.p = DerInteger.GetInstance(seq[1]); + this.q = DerInteger.GetInstance(seq[2]); + this.a = DerInteger.GetInstance(seq[3]); + } + + public int KeySize + { + get { return keySize; } + } + + public BigInteger P + { + get { return p.PositiveValue; } + } + + public BigInteger Q + { + get { return q.PositiveValue; } + } + + public BigInteger A + { + get { return a.PositiveValue; } + } + + public override Asn1Object ToAsn1Object() + { + return new DerSequence(new DerInteger(keySize), p, q, a); + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/cryptopro/GOST3410PublicKeyAlgParameters.cs b/BouncyCastle/crypto/src/asn1/cryptopro/GOST3410PublicKeyAlgParameters.cs new file mode 100644 index 0000000..c32025e --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/cryptopro/GOST3410PublicKeyAlgParameters.cs @@ -0,0 +1,87 @@ +using System; + +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Asn1.CryptoPro +{ + public class Gost3410PublicKeyAlgParameters + : Asn1Encodable + { + private DerObjectIdentifier publicKeyParamSet; + private DerObjectIdentifier digestParamSet; + private DerObjectIdentifier encryptionParamSet; + + public static Gost3410PublicKeyAlgParameters GetInstance( + Asn1TaggedObject obj, + bool explicitly) + { + return GetInstance(Asn1Sequence.GetInstance(obj, explicitly)); + } + + public static Gost3410PublicKeyAlgParameters GetInstance( + object obj) + { + if (obj == null || obj is Gost3410PublicKeyAlgParameters) + return (Gost3410PublicKeyAlgParameters)obj; + + return new Gost3410PublicKeyAlgParameters(Asn1Sequence.GetInstance((obj))); + } + + public Gost3410PublicKeyAlgParameters( + DerObjectIdentifier publicKeyParamSet, + DerObjectIdentifier digestParamSet) + : this (publicKeyParamSet, digestParamSet, null) + { + } + + public Gost3410PublicKeyAlgParameters( + DerObjectIdentifier publicKeyParamSet, + DerObjectIdentifier digestParamSet, + DerObjectIdentifier encryptionParamSet) + { + if (publicKeyParamSet == null) + throw new ArgumentNullException("publicKeyParamSet"); + if (digestParamSet == null) + throw new ArgumentNullException("digestParamSet"); + + this.publicKeyParamSet = publicKeyParamSet; + this.digestParamSet = digestParamSet; + this.encryptionParamSet = encryptionParamSet; + } + + [Obsolete("Use 'GetInstance' instead")] + public Gost3410PublicKeyAlgParameters( + Asn1Sequence seq) + { + this.publicKeyParamSet = (DerObjectIdentifier) seq[0]; + this.digestParamSet = (DerObjectIdentifier) seq[1]; + + if (seq.Count > 2) + { + this.encryptionParamSet = (DerObjectIdentifier) seq[2]; + } + } + + public DerObjectIdentifier PublicKeyParamSet + { + get { return publicKeyParamSet; } + } + + public DerObjectIdentifier DigestParamSet + { + get { return digestParamSet; } + } + + public DerObjectIdentifier EncryptionParamSet + { + get { return encryptionParamSet; } + } + + public override Asn1Object ToAsn1Object() + { + Asn1EncodableVector v = new Asn1EncodableVector(publicKeyParamSet, digestParamSet); + v.AddOptional(encryptionParamSet); + return new DerSequence(v); + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/eac/EACObjectIdentifiers.cs b/BouncyCastle/crypto/src/asn1/eac/EACObjectIdentifiers.cs new file mode 100644 index 0000000..d54ef0e --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/eac/EACObjectIdentifiers.cs @@ -0,0 +1,50 @@ +using System; + +using Org.BouncyCastle.Asn1; + +namespace Org.BouncyCastle.Asn1.Eac +{ + public abstract class EacObjectIdentifiers + { + // bsi-de OBJECT IDENTIFIER ::= { + // itu-t(0) identified-organization(4) etsi(0) + // reserved(127) etsi-identified-organization(0) 7 + // } + public static readonly DerObjectIdentifier bsi_de = new DerObjectIdentifier("0.4.0.127.0.7"); + + // id-PK OBJECT IDENTIFIER ::= { + // bsi-de protocols(2) smartcard(2) 1 + // } + public static readonly DerObjectIdentifier id_PK = new DerObjectIdentifier(bsi_de + ".2.2.1"); + + public static readonly DerObjectIdentifier id_PK_DH = new DerObjectIdentifier(id_PK + ".1"); + public static readonly DerObjectIdentifier id_PK_ECDH = new DerObjectIdentifier(id_PK + ".2"); + + // id-CA OBJECT IDENTIFIER ::= { + // bsi-de protocols(2) smartcard(2) 3 + // } + public static readonly DerObjectIdentifier id_CA = new DerObjectIdentifier(bsi_de + ".2.2.3"); + public static readonly DerObjectIdentifier id_CA_DH = new DerObjectIdentifier(id_CA + ".1"); + public static readonly DerObjectIdentifier id_CA_DH_3DES_CBC_CBC = new DerObjectIdentifier(id_CA_DH + ".1"); + public static readonly DerObjectIdentifier id_CA_ECDH = new DerObjectIdentifier(id_CA + ".2"); + public static readonly DerObjectIdentifier id_CA_ECDH_3DES_CBC_CBC = new DerObjectIdentifier(id_CA_ECDH + ".1"); + + // + // id-TA OBJECT IDENTIFIER ::= { + // bsi-de protocols(2) smartcard(2) 2 + // } + public static readonly DerObjectIdentifier id_TA = new DerObjectIdentifier(bsi_de + ".2.2.2"); + + public static readonly DerObjectIdentifier id_TA_RSA = new DerObjectIdentifier(id_TA + ".1"); + public static readonly DerObjectIdentifier id_TA_RSA_v1_5_SHA_1 = new DerObjectIdentifier(id_TA_RSA + ".1"); + public static readonly DerObjectIdentifier id_TA_RSA_v1_5_SHA_256 = new DerObjectIdentifier(id_TA_RSA + ".2"); + public static readonly DerObjectIdentifier id_TA_RSA_PSS_SHA_1 = new DerObjectIdentifier(id_TA_RSA + ".3"); + public static readonly DerObjectIdentifier id_TA_RSA_PSS_SHA_256 = new DerObjectIdentifier(id_TA_RSA + ".4"); + public static readonly DerObjectIdentifier id_TA_ECDSA = new DerObjectIdentifier(id_TA + ".2"); + public static readonly DerObjectIdentifier id_TA_ECDSA_SHA_1 = new DerObjectIdentifier(id_TA_ECDSA + ".1"); + public static readonly DerObjectIdentifier id_TA_ECDSA_SHA_224 = new DerObjectIdentifier(id_TA_ECDSA + ".2"); + public static readonly DerObjectIdentifier id_TA_ECDSA_SHA_256 = new DerObjectIdentifier(id_TA_ECDSA + ".3"); + public static readonly DerObjectIdentifier id_TA_ECDSA_SHA_384 = new DerObjectIdentifier(id_TA_ECDSA + ".4"); + public static readonly DerObjectIdentifier id_TA_ECDSA_SHA_512 = new DerObjectIdentifier(id_TA_ECDSA + ".5"); + } +} diff --git a/BouncyCastle/crypto/src/asn1/edec/EdECObjectIdentifiers.cs b/BouncyCastle/crypto/src/asn1/edec/EdECObjectIdentifiers.cs new file mode 100644 index 0000000..f8c5713 --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/edec/EdECObjectIdentifiers.cs @@ -0,0 +1,17 @@ +using System; + +namespace Org.BouncyCastle.Asn1.EdEC +{ + /** + * Edwards Elliptic Curve Object Identifiers (RFC 8410) + */ + public abstract class EdECObjectIdentifiers + { + public static readonly DerObjectIdentifier id_edwards_curve_algs = new DerObjectIdentifier("1.3.101"); + + public static readonly DerObjectIdentifier id_X25519 = id_edwards_curve_algs.Branch("110"); + public static readonly DerObjectIdentifier id_X448 = id_edwards_curve_algs.Branch("111"); + public static readonly DerObjectIdentifier id_Ed25519 = id_edwards_curve_algs.Branch("112"); + public static readonly DerObjectIdentifier id_Ed448 = id_edwards_curve_algs.Branch("113"); + } +} diff --git a/BouncyCastle/crypto/src/asn1/esf/CertificateValues.cs b/BouncyCastle/crypto/src/asn1/esf/CertificateValues.cs new file mode 100644 index 0000000..30a7191 --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/esf/CertificateValues.cs @@ -0,0 +1,86 @@ +using System; +using System.Collections; + +using Org.BouncyCastle.Asn1.X509; +using Org.BouncyCastle.Utilities; +using Org.BouncyCastle.Utilities.Collections; + +namespace Org.BouncyCastle.Asn1.Esf +{ + /// + /// RFC 3126: 4.3.1 Certificate Values Attribute Definition + /// + /// CertificateValues ::= SEQUENCE OF Certificate + /// + /// + public class CertificateValues + : Asn1Encodable + { + private readonly Asn1Sequence certificates; + + public static CertificateValues GetInstance( + object obj) + { + if (obj == null || obj is CertificateValues) + return (CertificateValues) obj; + + if (obj is Asn1Sequence) + return new CertificateValues((Asn1Sequence) obj); + + throw new ArgumentException( + "Unknown object in 'CertificateValues' factory: " + + Platform.GetTypeName(obj), + "obj"); + } + + private CertificateValues( + Asn1Sequence seq) + { + if (seq == null) + throw new ArgumentNullException("seq"); + + foreach (Asn1Encodable ae in seq) + { + X509CertificateStructure.GetInstance(ae.ToAsn1Object()); + } + + this.certificates = seq; + } + + public CertificateValues( + params X509CertificateStructure[] certificates) + { + if (certificates == null) + throw new ArgumentNullException("certificates"); + + this.certificates = new DerSequence(certificates); + } + + public CertificateValues( + IEnumerable certificates) + { + if (certificates == null) + throw new ArgumentNullException("certificates"); + if (!CollectionUtilities.CheckElementsAreOfType(certificates, typeof(X509CertificateStructure))) + throw new ArgumentException("Must contain only 'X509CertificateStructure' objects", "certificates"); + + this.certificates = new DerSequence( + Asn1EncodableVector.FromEnumerable(certificates)); + } + + public X509CertificateStructure[] GetCertificates() + { + X509CertificateStructure[] result = new X509CertificateStructure[certificates.Count]; + for (int i = 0; i < certificates.Count; ++i) + { + result[i] = X509CertificateStructure.GetInstance(certificates[i]); + } + return result; + } + + public override Asn1Object ToAsn1Object() + { + return certificates; + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/esf/CommitmentTypeIdentifier.cs b/BouncyCastle/crypto/src/asn1/esf/CommitmentTypeIdentifier.cs new file mode 100644 index 0000000..65cd45b --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/esf/CommitmentTypeIdentifier.cs @@ -0,0 +1,17 @@ +using System; + +using Org.BouncyCastle.Asn1; +using Org.BouncyCastle.Asn1.Pkcs; + +namespace Org.BouncyCastle.Asn1.Esf +{ + public abstract class CommitmentTypeIdentifier + { + public static readonly DerObjectIdentifier ProofOfOrigin = PkcsObjectIdentifiers.IdCtiEtsProofOfOrigin; + public static readonly DerObjectIdentifier ProofOfReceipt = PkcsObjectIdentifiers.IdCtiEtsProofOfReceipt; + public static readonly DerObjectIdentifier ProofOfDelivery = PkcsObjectIdentifiers.IdCtiEtsProofOfDelivery; + public static readonly DerObjectIdentifier ProofOfSender = PkcsObjectIdentifiers.IdCtiEtsProofOfSender; + public static readonly DerObjectIdentifier ProofOfApproval = PkcsObjectIdentifiers.IdCtiEtsProofOfApproval; + public static readonly DerObjectIdentifier ProofOfCreation = PkcsObjectIdentifiers.IdCtiEtsProofOfCreation; + } +} diff --git a/BouncyCastle/crypto/src/asn1/esf/CommitmentTypeIndication.cs b/BouncyCastle/crypto/src/asn1/esf/CommitmentTypeIndication.cs new file mode 100644 index 0000000..ecdb100 --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/esf/CommitmentTypeIndication.cs @@ -0,0 +1,90 @@ +using System; + +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Asn1.Esf +{ + public class CommitmentTypeIndication + : Asn1Encodable + { + private readonly DerObjectIdentifier commitmentTypeId; + private readonly Asn1Sequence commitmentTypeQualifier; + + public static CommitmentTypeIndication GetInstance( + object obj) + { + if (obj == null || obj is CommitmentTypeIndication) + return (CommitmentTypeIndication) obj; + + if (obj is Asn1Sequence) + return new CommitmentTypeIndication((Asn1Sequence) obj); + + throw new ArgumentException( + "Unknown object in 'CommitmentTypeIndication' factory: " + + Platform.GetTypeName(obj), + "obj"); + } + + public CommitmentTypeIndication( + Asn1Sequence seq) + { + if (seq == null) + throw new ArgumentNullException("seq"); + if (seq.Count < 1 || seq.Count > 2) + throw new ArgumentException("Bad sequence size: " + seq.Count, "seq"); + + this.commitmentTypeId = (DerObjectIdentifier) seq[0].ToAsn1Object(); + + if (seq.Count > 1) + { + this.commitmentTypeQualifier = (Asn1Sequence) seq[1].ToAsn1Object(); + } + } + + public CommitmentTypeIndication( + DerObjectIdentifier commitmentTypeId) + : this(commitmentTypeId, null) + { + } + + public CommitmentTypeIndication( + DerObjectIdentifier commitmentTypeId, + Asn1Sequence commitmentTypeQualifier) + { + if (commitmentTypeId == null) + throw new ArgumentNullException("commitmentTypeId"); + + this.commitmentTypeId = commitmentTypeId; + + if (commitmentTypeQualifier != null) + { + this.commitmentTypeQualifier = commitmentTypeQualifier; + } + } + + public DerObjectIdentifier CommitmentTypeID + { + get { return commitmentTypeId; } + } + + public Asn1Sequence CommitmentTypeQualifier + { + get { return commitmentTypeQualifier; } + } + + /** + * 
+        * CommitmentTypeIndication ::= SEQUENCE {
+        *      commitmentTypeId   CommitmentTypeIdentifier,
+        *      commitmentTypeQualifier   SEQUENCE SIZE (1..MAX) OF
+        *              CommitmentTypeQualifier OPTIONAL }
+        *
+ */ + public override Asn1Object ToAsn1Object() + { + Asn1EncodableVector v = new Asn1EncodableVector(commitmentTypeId); + v.AddOptional(commitmentTypeQualifier); + return new DerSequence(v); + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/esf/CommitmentTypeQualifier.cs b/BouncyCastle/crypto/src/asn1/esf/CommitmentTypeQualifier.cs new file mode 100644 index 0000000..acf19f9 --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/esf/CommitmentTypeQualifier.cs @@ -0,0 +1,113 @@ +using System; + +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Asn1.Esf +{ + /** + * Commitment type qualifiers, used in the Commitment-Type-Indication attribute (RFC3126). + * + * 
+    *   CommitmentTypeQualifier ::= SEQUENCE {
+    *       commitmentTypeIdentifier  CommitmentTypeIdentifier,
+    *       qualifier          ANY DEFINED BY commitmentTypeIdentifier OPTIONAL }
+    *
+ */ + public class CommitmentTypeQualifier + : Asn1Encodable + { + private readonly DerObjectIdentifier commitmentTypeIdentifier; + private readonly Asn1Object qualifier; + + /** + * Creates a new CommitmentTypeQualifier instance. + * + * @param commitmentTypeIdentifier a CommitmentTypeIdentifier value + */ + public CommitmentTypeQualifier( + DerObjectIdentifier commitmentTypeIdentifier) + : this(commitmentTypeIdentifier, null) + { + } + + /** + * Creates a new CommitmentTypeQualifier instance. + * + * @param commitmentTypeIdentifier a CommitmentTypeIdentifier value + * @param qualifier the qualifier, defined by the above field. + */ + public CommitmentTypeQualifier( + DerObjectIdentifier commitmentTypeIdentifier, + Asn1Encodable qualifier) + { + if (commitmentTypeIdentifier == null) + throw new ArgumentNullException("commitmentTypeIdentifier"); + + this.commitmentTypeIdentifier = commitmentTypeIdentifier; + + if (qualifier != null) + { + this.qualifier = qualifier.ToAsn1Object(); + } + } + + /** + * Creates a new CommitmentTypeQualifier instance. + * + * @param as CommitmentTypeQualifier structure + * encoded as an Asn1Sequence. + */ + public CommitmentTypeQualifier( + Asn1Sequence seq) + { + if (seq == null) + throw new ArgumentNullException("seq"); + if (seq.Count < 1 || seq.Count > 2) + throw new ArgumentException("Bad sequence size: " + seq.Count, "seq"); + + commitmentTypeIdentifier = (DerObjectIdentifier) seq[0].ToAsn1Object(); + + if (seq.Count > 1) + { + qualifier = seq[1].ToAsn1Object(); + } + } + + public static CommitmentTypeQualifier GetInstance( + object obj) + { + if (obj == null || obj is CommitmentTypeQualifier) + return (CommitmentTypeQualifier) obj; + + if (obj is Asn1Sequence) + return new CommitmentTypeQualifier((Asn1Sequence) obj); + + throw new ArgumentException( + "Unknown object in 'CommitmentTypeQualifier' factory: " + + Platform.GetTypeName(obj), + "obj"); + } + + public DerObjectIdentifier CommitmentTypeIdentifier + { + get { return commitmentTypeIdentifier; } + } + + public Asn1Object Qualifier + { + get { return qualifier; } + } + + /** + * Returns a DER-encodable representation of this instance. + * + * @return a Asn1Object value + */ + public override Asn1Object ToAsn1Object() + { + Asn1EncodableVector v = new Asn1EncodableVector(commitmentTypeIdentifier); + v.AddOptional(qualifier); + return new DerSequence(v); + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/esf/CompleteCertificateRefs.cs b/BouncyCastle/crypto/src/asn1/esf/CompleteCertificateRefs.cs new file mode 100644 index 0000000..af93700 --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/esf/CompleteCertificateRefs.cs @@ -0,0 +1,85 @@ +using System; +using System.Collections; + +using Org.BouncyCastle.Utilities; +using Org.BouncyCastle.Utilities.Collections; + +namespace Org.BouncyCastle.Asn1.Esf +{ + /// + /// RFC 3126: 4.2.1 Complete Certificate Refs Attribute Definition + /// + /// CompleteCertificateRefs ::= SEQUENCE OF OtherCertID + /// + /// + public class CompleteCertificateRefs + : Asn1Encodable + { + private readonly Asn1Sequence otherCertIDs; + + public static CompleteCertificateRefs GetInstance( + object obj) + { + if (obj == null || obj is CompleteCertificateRefs) + return (CompleteCertificateRefs) obj; + + if (obj is Asn1Sequence) + return new CompleteCertificateRefs((Asn1Sequence) obj); + + throw new ArgumentException( + "Unknown object in 'CompleteCertificateRefs' factory: " + + Platform.GetTypeName(obj), + "obj"); + } + + private CompleteCertificateRefs( + Asn1Sequence seq) + { + if (seq == null) + throw new ArgumentNullException("seq"); + + foreach (Asn1Encodable ae in seq) + { + OtherCertID.GetInstance(ae.ToAsn1Object()); + } + + this.otherCertIDs = seq; + } + + public CompleteCertificateRefs( + params OtherCertID[] otherCertIDs) + { + if (otherCertIDs == null) + throw new ArgumentNullException("otherCertIDs"); + + this.otherCertIDs = new DerSequence(otherCertIDs); + } + + public CompleteCertificateRefs( + IEnumerable otherCertIDs) + { + if (otherCertIDs == null) + throw new ArgumentNullException("otherCertIDs"); + if (!CollectionUtilities.CheckElementsAreOfType(otherCertIDs, typeof(OtherCertID))) + throw new ArgumentException("Must contain only 'OtherCertID' objects", "otherCertIDs"); + + this.otherCertIDs = new DerSequence( + Asn1EncodableVector.FromEnumerable(otherCertIDs)); + } + + public OtherCertID[] GetOtherCertIDs() + { + OtherCertID[] result = new OtherCertID[otherCertIDs.Count]; + for (int i = 0; i < otherCertIDs.Count; ++i) + { + result[i] = OtherCertID.GetInstance(otherCertIDs[i].ToAsn1Object()); + } + return result; + } + + public override Asn1Object ToAsn1Object() + { + return otherCertIDs; + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/esf/CompleteRevocationRefs.cs b/BouncyCastle/crypto/src/asn1/esf/CompleteRevocationRefs.cs new file mode 100644 index 0000000..348e63f --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/esf/CompleteRevocationRefs.cs @@ -0,0 +1,85 @@ +using System; +using System.Collections; + +using Org.BouncyCastle.Utilities; +using Org.BouncyCastle.Utilities.Collections; + +namespace Org.BouncyCastle.Asn1.Esf +{ + /// + /// RFC 3126: 4.2.2 Complete Revocation Refs Attribute Definition + /// + /// CompleteRevocationRefs ::= SEQUENCE OF CrlOcspRef + /// + /// + public class CompleteRevocationRefs + : Asn1Encodable + { + private readonly Asn1Sequence crlOcspRefs; + + public static CompleteRevocationRefs GetInstance( + object obj) + { + if (obj == null || obj is CompleteRevocationRefs) + return (CompleteRevocationRefs) obj; + + if (obj is Asn1Sequence) + return new CompleteRevocationRefs((Asn1Sequence) obj); + + throw new ArgumentException( + "Unknown object in 'CompleteRevocationRefs' factory: " + + Platform.GetTypeName(obj), + "obj"); + } + + private CompleteRevocationRefs( + Asn1Sequence seq) + { + if (seq == null) + throw new ArgumentNullException("seq"); + + foreach (Asn1Encodable ae in seq) + { + CrlOcspRef.GetInstance(ae.ToAsn1Object()); + } + + this.crlOcspRefs = seq; + } + + public CompleteRevocationRefs( + params CrlOcspRef[] crlOcspRefs) + { + if (crlOcspRefs == null) + throw new ArgumentNullException("crlOcspRefs"); + + this.crlOcspRefs = new DerSequence(crlOcspRefs); + } + + public CompleteRevocationRefs( + IEnumerable crlOcspRefs) + { + if (crlOcspRefs == null) + throw new ArgumentNullException("crlOcspRefs"); + if (!CollectionUtilities.CheckElementsAreOfType(crlOcspRefs, typeof(CrlOcspRef))) + throw new ArgumentException("Must contain only 'CrlOcspRef' objects", "crlOcspRefs"); + + this.crlOcspRefs = new DerSequence( + Asn1EncodableVector.FromEnumerable(crlOcspRefs)); + } + + public CrlOcspRef[] GetCrlOcspRefs() + { + CrlOcspRef[] result = new CrlOcspRef[crlOcspRefs.Count]; + for (int i = 0; i < crlOcspRefs.Count; ++i) + { + result[i] = CrlOcspRef.GetInstance(crlOcspRefs[i].ToAsn1Object()); + } + return result; + } + + public override Asn1Object ToAsn1Object() + { + return crlOcspRefs; + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/esf/CrlIdentifier.cs b/BouncyCastle/crypto/src/asn1/esf/CrlIdentifier.cs new file mode 100644 index 0000000..a8e40c8 --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/esf/CrlIdentifier.cs @@ -0,0 +1,105 @@ +using System; + +using Org.BouncyCastle.Asn1.X509; +using Org.BouncyCastle.Math; +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Asn1.Esf +{ + /// + /// RFC 3126: 4.2.2 Complete Revocation Refs Attribute Definition + /// + /// CrlIdentifier ::= SEQUENCE + /// { + /// crlissuer Name, + /// crlIssuedTime UTCTime, + /// crlNumber INTEGER OPTIONAL + /// } + /// + /// + public class CrlIdentifier + : Asn1Encodable + { + private readonly X509Name crlIssuer; + private readonly DerUtcTime crlIssuedTime; + private readonly DerInteger crlNumber; + + public static CrlIdentifier GetInstance( + object obj) + { + if (obj == null || obj is CrlIdentifier) + return (CrlIdentifier) obj; + + if (obj is Asn1Sequence) + return new CrlIdentifier((Asn1Sequence) obj); + + throw new ArgumentException( + "Unknown object in 'CrlIdentifier' factory: " + + Platform.GetTypeName(obj), + "obj"); + } + + private CrlIdentifier( + Asn1Sequence seq) + { + if (seq == null) + throw new ArgumentNullException("seq"); + if (seq.Count < 2 || seq.Count > 3) + throw new ArgumentException("Bad sequence size: " + seq.Count, "seq"); + + this.crlIssuer = X509Name.GetInstance(seq[0]); + this.crlIssuedTime = DerUtcTime.GetInstance(seq[1]); + + if (seq.Count > 2) + { + this.crlNumber = DerInteger.GetInstance(seq[2]); + } + } + + public CrlIdentifier( + X509Name crlIssuer, + DateTime crlIssuedTime) + : this(crlIssuer, crlIssuedTime, null) + { + } + + public CrlIdentifier( + X509Name crlIssuer, + DateTime crlIssuedTime, + BigInteger crlNumber) + { + if (crlIssuer == null) + throw new ArgumentNullException("crlIssuer"); + + this.crlIssuer = crlIssuer; + this.crlIssuedTime = new DerUtcTime(crlIssuedTime); + + if (crlNumber != null) + { + this.crlNumber = new DerInteger(crlNumber); + } + } + + public X509Name CrlIssuer + { + get { return crlIssuer; } + } + + public DateTime CrlIssuedTime + { + get { return crlIssuedTime.ToAdjustedDateTime(); } + } + + public BigInteger CrlNumber + { + get { return crlNumber == null ? null : crlNumber.Value; } + } + + public override Asn1Object ToAsn1Object() + { + Asn1EncodableVector v = new Asn1EncodableVector(crlIssuer.ToAsn1Object(), crlIssuedTime); + v.AddOptional(crlNumber); + return new DerSequence(v); + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/esf/CrlListID.cs b/BouncyCastle/crypto/src/asn1/esf/CrlListID.cs new file mode 100644 index 0000000..fbd4fb2 --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/esf/CrlListID.cs @@ -0,0 +1,90 @@ +using System; +using System.Collections; + +using Org.BouncyCastle.Utilities; +using Org.BouncyCastle.Utilities.Collections; + +namespace Org.BouncyCastle.Asn1.Esf +{ + /// + /// RFC 3126: 4.2.2 Complete Revocation Refs Attribute Definition + /// + /// CRLListID ::= SEQUENCE + /// { + /// crls SEQUENCE OF CrlValidatedID + /// } + /// + /// + public class CrlListID + : Asn1Encodable + { + private readonly Asn1Sequence crls; + + public static CrlListID GetInstance( + object obj) + { + if (obj == null || obj is CrlListID) + return (CrlListID) obj; + + if (obj is Asn1Sequence) + return new CrlListID((Asn1Sequence) obj); + + throw new ArgumentException( + "Unknown object in 'CrlListID' factory: " + + Platform.GetTypeName(obj), + "obj"); + } + + private CrlListID( + Asn1Sequence seq) + { + if (seq == null) + throw new ArgumentNullException("seq"); + if (seq.Count != 1) + throw new ArgumentException("Bad sequence size: " + seq.Count, "seq"); + + this.crls = (Asn1Sequence) seq[0].ToAsn1Object(); + + foreach (Asn1Encodable ae in this.crls) + { + CrlValidatedID.GetInstance(ae.ToAsn1Object()); + } + } + + public CrlListID( + params CrlValidatedID[] crls) + { + if (crls == null) + throw new ArgumentNullException("crls"); + + this.crls = new DerSequence(crls); + } + + public CrlListID( + IEnumerable crls) + { + if (crls == null) + throw new ArgumentNullException("crls"); + if (!CollectionUtilities.CheckElementsAreOfType(crls, typeof(CrlValidatedID))) + throw new ArgumentException("Must contain only 'CrlValidatedID' objects", "crls"); + + this.crls = new DerSequence( + Asn1EncodableVector.FromEnumerable(crls)); + } + + public CrlValidatedID[] GetCrls() + { + CrlValidatedID[] result = new CrlValidatedID[crls.Count]; + for (int i = 0; i < crls.Count; ++i) + { + result[i] = CrlValidatedID.GetInstance(crls[i].ToAsn1Object()); + } + return result; + } + + public override Asn1Object ToAsn1Object() + { + return new DerSequence(crls); + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/esf/CrlOcspRef.cs b/BouncyCastle/crypto/src/asn1/esf/CrlOcspRef.cs new file mode 100644 index 0000000..6153e0c --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/esf/CrlOcspRef.cs @@ -0,0 +1,113 @@ +using System; + +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Asn1.Esf +{ + /// + /// RFC 3126: 4.2.2 Complete Revocation Refs Attribute Definition + /// + /// CrlOcspRef ::= SEQUENCE { + /// crlids [0] CRLListID OPTIONAL, + /// ocspids [1] OcspListID OPTIONAL, + /// otherRev [2] OtherRevRefs OPTIONAL + /// } + /// + /// + public class CrlOcspRef + : Asn1Encodable + { + private readonly CrlListID crlids; + private readonly OcspListID ocspids; + private readonly OtherRevRefs otherRev; + + public static CrlOcspRef GetInstance( + object obj) + { + if (obj == null || obj is CrlOcspRef) + return (CrlOcspRef) obj; + + if (obj is Asn1Sequence) + return new CrlOcspRef((Asn1Sequence) obj); + + throw new ArgumentException( + "Unknown object in 'CrlOcspRef' factory: " + + Platform.GetTypeName(obj), + "obj"); + } + + private CrlOcspRef( + Asn1Sequence seq) + { + if (seq == null) + throw new ArgumentNullException("seq"); + + foreach (Asn1TaggedObject taggedObj in seq) + { + Asn1Object asn1Obj = taggedObj.GetObject(); + + switch (taggedObj.TagNo) + { + case 0: + this.crlids = CrlListID.GetInstance(asn1Obj); + break; + case 1: + this.ocspids = OcspListID.GetInstance(asn1Obj); + break; + case 2: + this.otherRev = OtherRevRefs.GetInstance(asn1Obj); + break; + default: + throw new ArgumentException("Illegal tag in CrlOcspRef", "seq"); + } + } + } + + public CrlOcspRef( + CrlListID crlids, + OcspListID ocspids, + OtherRevRefs otherRev) + { + this.crlids = crlids; + this.ocspids = ocspids; + this.otherRev = otherRev; + } + + public CrlListID CrlIDs + { + get { return crlids; } + } + + public OcspListID OcspIDs + { + get { return ocspids; } + } + + public OtherRevRefs OtherRev + { + get { return otherRev; } + } + + public override Asn1Object ToAsn1Object() + { + Asn1EncodableVector v = new Asn1EncodableVector(); + + if (crlids != null) + { + v.Add(new DerTaggedObject(true, 0, crlids.ToAsn1Object())); + } + + if (ocspids != null) + { + v.Add(new DerTaggedObject(true, 1, ocspids.ToAsn1Object())); + } + + if (otherRev != null) + { + v.Add(new DerTaggedObject(true, 2, otherRev.ToAsn1Object())); + } + + return new DerSequence(v); + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/esf/CrlValidatedID.cs b/BouncyCastle/crypto/src/asn1/esf/CrlValidatedID.cs new file mode 100644 index 0000000..e8cd17a --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/esf/CrlValidatedID.cs @@ -0,0 +1,91 @@ +using System; + +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Asn1.Esf +{ + /// + /// RFC 3126: 4.2.2 Complete Revocation Refs Attribute Definition + /// + /// CrlValidatedID ::= SEQUENCE { + /// crlHash OtherHash, + /// crlIdentifier CrlIdentifier OPTIONAL} + /// + /// + public class CrlValidatedID + : Asn1Encodable + { + private readonly OtherHash crlHash; + private readonly CrlIdentifier crlIdentifier; + + public static CrlValidatedID GetInstance( + object obj) + { + if (obj == null || obj is CrlValidatedID) + return (CrlValidatedID) obj; + + if (obj is Asn1Sequence) + return new CrlValidatedID((Asn1Sequence) obj); + + throw new ArgumentException( + "Unknown object in 'CrlValidatedID' factory: " + + Platform.GetTypeName(obj), + "obj"); + } + + private CrlValidatedID( + Asn1Sequence seq) + { + if (seq == null) + throw new ArgumentNullException("seq"); + if (seq.Count < 1 || seq.Count > 2) + throw new ArgumentException("Bad sequence size: " + seq.Count, "seq"); + + this.crlHash = OtherHash.GetInstance(seq[0].ToAsn1Object()); + + if (seq.Count > 1) + { + this.crlIdentifier = CrlIdentifier.GetInstance(seq[1].ToAsn1Object()); + } + } + + public CrlValidatedID( + OtherHash crlHash) + : this(crlHash, null) + { + } + + public CrlValidatedID( + OtherHash crlHash, + CrlIdentifier crlIdentifier) + { + if (crlHash == null) + throw new ArgumentNullException("crlHash"); + + this.crlHash = crlHash; + this.crlIdentifier = crlIdentifier; + } + + public OtherHash CrlHash + { + get { return crlHash; } + } + + public CrlIdentifier CrlIdentifier + { + get { return crlIdentifier; } + } + + public override Asn1Object ToAsn1Object() + { + Asn1EncodableVector v = new Asn1EncodableVector(crlHash.ToAsn1Object()); + + if (crlIdentifier != null) + { + v.Add(crlIdentifier.ToAsn1Object()); + } + + return new DerSequence(v); + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/esf/ESFAttributes.cs b/BouncyCastle/crypto/src/asn1/esf/ESFAttributes.cs new file mode 100644 index 0000000..9401ffb --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/esf/ESFAttributes.cs @@ -0,0 +1,25 @@ +using System; + +using Org.BouncyCastle.Asn1; +using Org.BouncyCastle.Asn1.Pkcs; + +namespace Org.BouncyCastle.Asn1.Esf +{ + public abstract class EsfAttributes + { + public static readonly DerObjectIdentifier SigPolicyId = PkcsObjectIdentifiers.IdAAEtsSigPolicyID; + public static readonly DerObjectIdentifier CommitmentType = PkcsObjectIdentifiers.IdAAEtsCommitmentType; + public static readonly DerObjectIdentifier SignerLocation = PkcsObjectIdentifiers.IdAAEtsSignerLocation; + public static readonly DerObjectIdentifier SignerAttr = PkcsObjectIdentifiers.IdAAEtsSignerAttr; + public static readonly DerObjectIdentifier OtherSigCert = PkcsObjectIdentifiers.IdAAEtsOtherSigCert; + public static readonly DerObjectIdentifier ContentTimestamp = PkcsObjectIdentifiers.IdAAEtsContentTimestamp; + public static readonly DerObjectIdentifier CertificateRefs = PkcsObjectIdentifiers.IdAAEtsCertificateRefs; + public static readonly DerObjectIdentifier RevocationRefs = PkcsObjectIdentifiers.IdAAEtsRevocationRefs; + public static readonly DerObjectIdentifier CertValues = PkcsObjectIdentifiers.IdAAEtsCertValues; + public static readonly DerObjectIdentifier RevocationValues = PkcsObjectIdentifiers.IdAAEtsRevocationValues; + public static readonly DerObjectIdentifier EscTimeStamp = PkcsObjectIdentifiers.IdAAEtsEscTimeStamp; + public static readonly DerObjectIdentifier CertCrlTimestamp = PkcsObjectIdentifiers.IdAAEtsCertCrlTimestamp; + public static readonly DerObjectIdentifier ArchiveTimestamp = PkcsObjectIdentifiers.IdAAEtsArchiveTimestamp; + public static readonly DerObjectIdentifier ArchiveTimestampV2 = new DerObjectIdentifier(PkcsObjectIdentifiers.IdAA + ".48"); + } +} diff --git a/BouncyCastle/crypto/src/asn1/esf/OcspIdentifier.cs b/BouncyCastle/crypto/src/asn1/esf/OcspIdentifier.cs new file mode 100644 index 0000000..e65f1cf --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/esf/OcspIdentifier.cs @@ -0,0 +1,78 @@ +using System; + +using Org.BouncyCastle.Asn1.Ocsp; +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Asn1.Esf +{ + /// + /// RFC 3126: 4.2.2 Complete Revocation Refs Attribute Definition + /// + /// OcspIdentifier ::= SEQUENCE { + /// ocspResponderID ResponderID, + /// -- As in OCSP response data + /// producedAt GeneralizedTime + /// -- As in OCSP response data + /// } + /// + /// + public class OcspIdentifier + : Asn1Encodable + { + private readonly ResponderID ocspResponderID; + private readonly DerGeneralizedTime producedAt; + + public static OcspIdentifier GetInstance( + object obj) + { + if (obj == null || obj is OcspIdentifier) + return (OcspIdentifier) obj; + + if (obj is Asn1Sequence) + return new OcspIdentifier((Asn1Sequence) obj); + + throw new ArgumentException( + "Unknown object in 'OcspIdentifier' factory: " + + Platform.GetTypeName(obj), + "obj"); + } + + private OcspIdentifier( + Asn1Sequence seq) + { + if (seq == null) + throw new ArgumentNullException("seq"); + if (seq.Count != 2) + throw new ArgumentException("Bad sequence size: " + seq.Count, "seq"); + + this.ocspResponderID = ResponderID.GetInstance(seq[0].ToAsn1Object()); + this.producedAt = (DerGeneralizedTime) seq[1].ToAsn1Object(); + } + + public OcspIdentifier( + ResponderID ocspResponderID, + DateTime producedAt) + { + if (ocspResponderID == null) + throw new ArgumentNullException(); + + this.ocspResponderID = ocspResponderID; + this.producedAt = new DerGeneralizedTime(producedAt); + } + + public ResponderID OcspResponderID + { + get { return ocspResponderID; } + } + + public DateTime ProducedAt + { + get { return producedAt.ToDateTime(); } + } + + public override Asn1Object ToAsn1Object() + { + return new DerSequence(ocspResponderID, producedAt); + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/esf/OcspListID.cs b/BouncyCastle/crypto/src/asn1/esf/OcspListID.cs new file mode 100644 index 0000000..1c8edb1 --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/esf/OcspListID.cs @@ -0,0 +1,89 @@ +using System; +using System.Collections; + +using Org.BouncyCastle.Utilities; +using Org.BouncyCastle.Utilities.Collections; + +namespace Org.BouncyCastle.Asn1.Esf +{ + /// + /// RFC 3126: 4.2.2 Complete Revocation Refs Attribute Definition + /// + /// OcspListID ::= SEQUENCE { + /// ocspResponses SEQUENCE OF OcspResponsesID + /// } + /// + /// + public class OcspListID + : Asn1Encodable + { + private readonly Asn1Sequence ocspResponses; + + public static OcspListID GetInstance( + object obj) + { + if (obj == null || obj is OcspListID) + return (OcspListID) obj; + + if (obj is Asn1Sequence) + return new OcspListID((Asn1Sequence) obj); + + throw new ArgumentException( + "Unknown object in 'OcspListID' factory: " + + Platform.GetTypeName(obj), + "obj"); + } + + private OcspListID( + Asn1Sequence seq) + { + if (seq == null) + throw new ArgumentNullException("seq"); + if (seq.Count != 1) + throw new ArgumentException("Bad sequence size: " + seq.Count, "seq"); + + this.ocspResponses = (Asn1Sequence) seq[0].ToAsn1Object(); + + foreach (Asn1Encodable ae in this.ocspResponses) + { + OcspResponsesID.GetInstance(ae.ToAsn1Object()); + } + } + + public OcspListID( + params OcspResponsesID[] ocspResponses) + { + if (ocspResponses == null) + throw new ArgumentNullException("ocspResponses"); + + this.ocspResponses = new DerSequence(ocspResponses); + } + + public OcspListID( + IEnumerable ocspResponses) + { + if (ocspResponses == null) + throw new ArgumentNullException("ocspResponses"); + if (!CollectionUtilities.CheckElementsAreOfType(ocspResponses, typeof(OcspResponsesID))) + throw new ArgumentException("Must contain only 'OcspResponsesID' objects", "ocspResponses"); + + this.ocspResponses = new DerSequence( + Asn1EncodableVector.FromEnumerable(ocspResponses)); + } + + public OcspResponsesID[] GetOcspResponses() + { + OcspResponsesID[] result = new OcspResponsesID[ocspResponses.Count]; + for (int i = 0; i < ocspResponses.Count; ++i) + { + result[i] = OcspResponsesID.GetInstance(ocspResponses[i].ToAsn1Object()); + } + return result; + } + + public override Asn1Object ToAsn1Object() + { + return new DerSequence(ocspResponses); + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/esf/OcspResponsesID.cs b/BouncyCastle/crypto/src/asn1/esf/OcspResponsesID.cs new file mode 100644 index 0000000..8718188 --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/esf/OcspResponsesID.cs @@ -0,0 +1,94 @@ +using System; + +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Asn1.Esf +{ + /// + /// RFC 3126: 4.2.2 Complete Revocation Refs Attribute Definition + /// + /// OcspResponsesID ::= SEQUENCE { + /// ocspIdentifier OcspIdentifier, + /// ocspRepHash OtherHash OPTIONAL + /// } + /// + /// + public class OcspResponsesID + : Asn1Encodable + { + private readonly OcspIdentifier ocspIdentifier; + private readonly OtherHash ocspRepHash; + + public static OcspResponsesID GetInstance( + object obj) + { + if (obj == null || obj is OcspResponsesID) + return (OcspResponsesID) obj; + + if (obj is Asn1Sequence) + return new OcspResponsesID((Asn1Sequence) obj); + + throw new ArgumentException( + "Unknown object in 'OcspResponsesID' factory: " + + Platform.GetTypeName(obj), + "obj"); + } + + private OcspResponsesID( + Asn1Sequence seq) + { + if (seq == null) + throw new ArgumentNullException("seq"); + if (seq.Count < 1 || seq.Count > 2) + throw new ArgumentException("Bad sequence size: " + seq.Count, "seq"); + + this.ocspIdentifier = OcspIdentifier.GetInstance(seq[0].ToAsn1Object()); + + if (seq.Count > 1) + { + this.ocspRepHash = OtherHash.GetInstance(seq[1].ToAsn1Object()); + } + } + + public OcspResponsesID( + OcspIdentifier ocspIdentifier) + : this(ocspIdentifier, null) + { + } + + public OcspResponsesID( + OcspIdentifier ocspIdentifier, + OtherHash ocspRepHash) + { + if (ocspIdentifier == null) + throw new ArgumentNullException("ocspIdentifier"); + + this.ocspIdentifier = ocspIdentifier; + this.ocspRepHash = ocspRepHash; + } + + public OcspIdentifier OcspIdentifier + { + get { return ocspIdentifier; } + } + + public OtherHash OcspRepHash + { + get { return ocspRepHash; } + } + + public override Asn1Object ToAsn1Object() + { + Asn1EncodableVector v = new Asn1EncodableVector( + ocspIdentifier.ToAsn1Object()); + + if (ocspRepHash != null) + { + v.Add(ocspRepHash.ToAsn1Object()); + } + + return new DerSequence(v); + } + + } +} diff --git a/BouncyCastle/crypto/src/asn1/esf/OtherCertID.cs b/BouncyCastle/crypto/src/asn1/esf/OtherCertID.cs new file mode 100644 index 0000000..19d173a --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/esf/OtherCertID.cs @@ -0,0 +1,94 @@ +using System; + +using Org.BouncyCastle.Asn1.X509; +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Asn1.Esf +{ + /// + /// + /// OtherCertID ::= SEQUENCE { + /// otherCertHash OtherHash, + /// issuerSerial IssuerSerial OPTIONAL + /// } + /// + /// + public class OtherCertID + : Asn1Encodable + { + private readonly OtherHash otherCertHash; + private readonly IssuerSerial issuerSerial; + + public static OtherCertID GetInstance( + object obj) + { + if (obj == null || obj is OtherCertID) + return (OtherCertID) obj; + + if (obj is Asn1Sequence) + return new OtherCertID((Asn1Sequence) obj); + + throw new ArgumentException( + "Unknown object in 'OtherCertID' factory: " + + Platform.GetTypeName(obj), + "obj"); + } + + private OtherCertID( + Asn1Sequence seq) + { + if (seq == null) + throw new ArgumentNullException("seq"); + if (seq.Count < 1 || seq.Count > 2) + throw new ArgumentException("Bad sequence size: " + seq.Count, "seq"); + + this.otherCertHash = OtherHash.GetInstance(seq[0].ToAsn1Object()); + + if (seq.Count > 1) + { + this.issuerSerial = IssuerSerial.GetInstance(seq[1].ToAsn1Object()); + } + } + + public OtherCertID( + OtherHash otherCertHash) + : this(otherCertHash, null) + { + } + + public OtherCertID( + OtherHash otherCertHash, + IssuerSerial issuerSerial) + { + if (otherCertHash == null) + throw new ArgumentNullException("otherCertHash"); + + this.otherCertHash = otherCertHash; + this.issuerSerial = issuerSerial; + } + + public OtherHash OtherCertHash + { + get { return otherCertHash; } + } + + public IssuerSerial IssuerSerial + { + get { return issuerSerial; } + } + + public override Asn1Object ToAsn1Object() + { + Asn1EncodableVector v = new Asn1EncodableVector( + otherCertHash.ToAsn1Object()); + + if (issuerSerial != null) + { + v.Add(issuerSerial.ToAsn1Object()); + } + + return new DerSequence(v); + } + + } +} diff --git a/BouncyCastle/crypto/src/asn1/esf/OtherHash.cs b/BouncyCastle/crypto/src/asn1/esf/OtherHash.cs new file mode 100644 index 0000000..2ee1624 --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/esf/OtherHash.cs @@ -0,0 +1,88 @@ +using System; + +using Org.BouncyCastle.Asn1.Oiw; +using Org.BouncyCastle.Asn1.X509; + +namespace Org.BouncyCastle.Asn1.Esf +{ + /// + /// + /// OtherHash ::= CHOICE { + /// sha1Hash OtherHashValue, -- This contains a SHA-1 hash + /// otherHash OtherHashAlgAndValue + /// } + /// + /// OtherHashValue ::= OCTET STRING + /// + /// + public class OtherHash + : Asn1Encodable, IAsn1Choice + { + private readonly Asn1OctetString sha1Hash; + private readonly OtherHashAlgAndValue otherHash; + + public static OtherHash GetInstance( + object obj) + { + if (obj == null || obj is OtherHash) + return (OtherHash) obj; + + if (obj is Asn1OctetString) + return new OtherHash((Asn1OctetString) obj); + + return new OtherHash( + OtherHashAlgAndValue.GetInstance(obj)); + } + + public OtherHash( + byte[] sha1Hash) + { + if (sha1Hash == null) + throw new ArgumentNullException("sha1Hash"); + + this.sha1Hash = new DerOctetString(sha1Hash); + } + + public OtherHash( + Asn1OctetString sha1Hash) + { + if (sha1Hash == null) + throw new ArgumentNullException("sha1Hash"); + + this.sha1Hash = sha1Hash; + } + + public OtherHash( + OtherHashAlgAndValue otherHash) + { + if (otherHash == null) + throw new ArgumentNullException("otherHash"); + + this.otherHash = otherHash; + } + + public AlgorithmIdentifier HashAlgorithm + { + get + { + return otherHash == null + ? new AlgorithmIdentifier(OiwObjectIdentifiers.IdSha1) + : otherHash.HashAlgorithm; + } + } + + public byte[] GetHashValue() + { + return otherHash == null + ? sha1Hash.GetOctets() + : otherHash.GetHashValue(); + } + + public override Asn1Object ToAsn1Object() + { + return otherHash == null + ? sha1Hash + : otherHash.ToAsn1Object(); + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/esf/OtherHashAlgAndValue.cs b/BouncyCastle/crypto/src/asn1/esf/OtherHashAlgAndValue.cs new file mode 100644 index 0000000..00eb24c --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/esf/OtherHashAlgAndValue.cs @@ -0,0 +1,95 @@ +using System; + +using Org.BouncyCastle.Asn1.X509; +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Asn1.Esf +{ + /// + /// Summary description for OtherHashAlgAndValue. + /// + /// + /// + /// OtherHashAlgAndValue ::= SEQUENCE { + /// hashAlgorithm AlgorithmIdentifier, + /// hashValue OtherHashValue + /// } + /// + /// OtherHashValue ::= OCTET STRING + /// + /// + public class OtherHashAlgAndValue + : Asn1Encodable + { + private readonly AlgorithmIdentifier hashAlgorithm; + private readonly Asn1OctetString hashValue; + + public static OtherHashAlgAndValue GetInstance( + object obj) + { + if (obj == null || obj is OtherHashAlgAndValue) + return (OtherHashAlgAndValue) obj; + + if (obj is Asn1Sequence) + return new OtherHashAlgAndValue((Asn1Sequence) obj); + + throw new ArgumentException( + "Unknown object in 'OtherHashAlgAndValue' factory: " + + Platform.GetTypeName(obj), + "obj"); + } + + private OtherHashAlgAndValue( + Asn1Sequence seq) + { + if (seq == null) + throw new ArgumentNullException("seq"); + if (seq.Count != 2) + throw new ArgumentException("Bad sequence size: " + seq.Count, "seq"); + + this.hashAlgorithm = AlgorithmIdentifier.GetInstance(seq[0].ToAsn1Object()); + this.hashValue = (Asn1OctetString) seq[1].ToAsn1Object(); + } + + public OtherHashAlgAndValue( + AlgorithmIdentifier hashAlgorithm, + byte[] hashValue) + { + if (hashAlgorithm == null) + throw new ArgumentNullException("hashAlgorithm"); + if (hashValue == null) + throw new ArgumentNullException("hashValue"); + + this.hashAlgorithm = hashAlgorithm; + this.hashValue = new DerOctetString(hashValue); + } + + public OtherHashAlgAndValue( + AlgorithmIdentifier hashAlgorithm, + Asn1OctetString hashValue) + { + if (hashAlgorithm == null) + throw new ArgumentNullException("hashAlgorithm"); + if (hashValue == null) + throw new ArgumentNullException("hashValue"); + + this.hashAlgorithm = hashAlgorithm; + this.hashValue = hashValue; + } + + public AlgorithmIdentifier HashAlgorithm + { + get { return hashAlgorithm; } + } + + public byte[] GetHashValue() + { + return hashValue.GetOctets(); + } + + public override Asn1Object ToAsn1Object() + { + return new DerSequence(hashAlgorithm, hashValue); + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/esf/OtherRevRefs.cs b/BouncyCastle/crypto/src/asn1/esf/OtherRevRefs.cs new file mode 100644 index 0000000..446031e --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/esf/OtherRevRefs.cs @@ -0,0 +1,80 @@ +using System; + +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Asn1.Esf +{ + /// + /// RFC 3126: 4.2.2 Complete Revocation Refs Attribute Definition + /// + /// OtherRevRefs ::= SEQUENCE + /// { + /// otherRevRefType OtherRevRefType, + /// otherRevRefs ANY DEFINED BY otherRevRefType + /// } + /// + /// OtherRevRefType ::= OBJECT IDENTIFIER + /// + /// + public class OtherRevRefs + : Asn1Encodable + { + private readonly DerObjectIdentifier otherRevRefType; + private readonly Asn1Object otherRevRefs; + + public static OtherRevRefs GetInstance( + object obj) + { + if (obj == null || obj is OtherRevRefs) + return (OtherRevRefs) obj; + + if (obj is Asn1Sequence) + return new OtherRevRefs((Asn1Sequence) obj); + + throw new ArgumentException( + "Unknown object in 'OtherRevRefs' factory: " + + Platform.GetTypeName(obj), + "obj"); + } + + private OtherRevRefs( + Asn1Sequence seq) + { + if (seq == null) + throw new ArgumentNullException("seq"); + if (seq.Count != 2) + throw new ArgumentException("Bad sequence size: " + seq.Count, "seq"); + + this.otherRevRefType = (DerObjectIdentifier) seq[0].ToAsn1Object(); + this.otherRevRefs = seq[1].ToAsn1Object(); + } + + public OtherRevRefs( + DerObjectIdentifier otherRevRefType, + Asn1Encodable otherRevRefs) + { + if (otherRevRefType == null) + throw new ArgumentNullException("otherRevRefType"); + if (otherRevRefs == null) + throw new ArgumentNullException("otherRevRefs"); + + this.otherRevRefType = otherRevRefType; + this.otherRevRefs = otherRevRefs.ToAsn1Object(); + } + + public DerObjectIdentifier OtherRevRefType + { + get { return otherRevRefType; } + } + + public Asn1Object OtherRevRefsObject + { + get { return otherRevRefs; } + } + + public override Asn1Object ToAsn1Object() + { + return new DerSequence(otherRevRefType, otherRevRefs); + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/esf/OtherRevVals.cs b/BouncyCastle/crypto/src/asn1/esf/OtherRevVals.cs new file mode 100644 index 0000000..7b90456 --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/esf/OtherRevVals.cs @@ -0,0 +1,80 @@ +using System; + +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Asn1.Esf +{ + /// + /// RFC 3126: 4.3.2 Revocation Values Attribute Definition + /// + /// OtherRevVals ::= SEQUENCE + /// { + /// otherRevValType OtherRevValType, + /// otherRevVals ANY DEFINED BY otherRevValType + /// } + /// + /// OtherRevValType ::= OBJECT IDENTIFIER + /// + /// + public class OtherRevVals + : Asn1Encodable + { + private readonly DerObjectIdentifier otherRevValType; + private readonly Asn1Object otherRevVals; + + public static OtherRevVals GetInstance( + object obj) + { + if (obj == null || obj is OtherRevVals) + return (OtherRevVals) obj; + + if (obj is Asn1Sequence) + return new OtherRevVals((Asn1Sequence) obj); + + throw new ArgumentException( + "Unknown object in 'OtherRevVals' factory: " + + Platform.GetTypeName(obj), + "obj"); + } + + private OtherRevVals( + Asn1Sequence seq) + { + if (seq == null) + throw new ArgumentNullException("seq"); + if (seq.Count != 2) + throw new ArgumentException("Bad sequence size: " + seq.Count, "seq"); + + this.otherRevValType = (DerObjectIdentifier) seq[0].ToAsn1Object(); + this.otherRevVals = seq[1].ToAsn1Object(); + } + + public OtherRevVals( + DerObjectIdentifier otherRevValType, + Asn1Encodable otherRevVals) + { + if (otherRevValType == null) + throw new ArgumentNullException("otherRevValType"); + if (otherRevVals == null) + throw new ArgumentNullException("otherRevVals"); + + this.otherRevValType = otherRevValType; + this.otherRevVals = otherRevVals.ToAsn1Object(); + } + + public DerObjectIdentifier OtherRevValType + { + get { return otherRevValType; } + } + + public Asn1Object OtherRevValsObject + { + get { return otherRevVals; } + } + + public override Asn1Object ToAsn1Object() + { + return new DerSequence(otherRevValType, otherRevVals); + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/esf/OtherSigningCertificate.cs b/BouncyCastle/crypto/src/asn1/esf/OtherSigningCertificate.cs new file mode 100644 index 0000000..2b6d646 --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/esf/OtherSigningCertificate.cs @@ -0,0 +1,134 @@ +using System; +using System.Collections; + +using Org.BouncyCastle.Asn1.X509; +using Org.BouncyCastle.Utilities; +using Org.BouncyCastle.Utilities.Collections; + +namespace Org.BouncyCastle.Asn1.Esf +{ + /// + /// + /// OtherSigningCertificate ::= SEQUENCE { + /// certs SEQUENCE OF OtherCertID, + /// policies SEQUENCE OF PolicyInformation OPTIONAL + /// } + /// + /// + public class OtherSigningCertificate + : Asn1Encodable + { + private readonly Asn1Sequence certs; + private readonly Asn1Sequence policies; + + public static OtherSigningCertificate GetInstance( + object obj) + { + if (obj == null || obj is OtherSigningCertificate) + return (OtherSigningCertificate) obj; + + if (obj is Asn1Sequence) + return new OtherSigningCertificate((Asn1Sequence) obj); + + throw new ArgumentException( + "Unknown object in 'OtherSigningCertificate' factory: " + + Platform.GetTypeName(obj), + "obj"); + } + + private OtherSigningCertificate( + Asn1Sequence seq) + { + if (seq == null) + throw new ArgumentNullException("seq"); + if (seq.Count < 1 || seq.Count > 2) + throw new ArgumentException("Bad sequence size: " + seq.Count, "seq"); + + this.certs = Asn1Sequence.GetInstance(seq[0].ToAsn1Object()); + + if (seq.Count > 1) + { + this.policies = Asn1Sequence.GetInstance(seq[1].ToAsn1Object()); + } + } + + public OtherSigningCertificate( + params OtherCertID[] certs) + : this(certs, null) + { + } + + public OtherSigningCertificate( + OtherCertID[] certs, + params PolicyInformation[] policies) + { + if (certs == null) + throw new ArgumentNullException("certs"); + + this.certs = new DerSequence(certs); + + if (policies != null) + { + this.policies = new DerSequence(policies); + } + } + + public OtherSigningCertificate( + IEnumerable certs) + : this(certs, null) + { + } + + public OtherSigningCertificate( + IEnumerable certs, + IEnumerable policies) + { + if (certs == null) + throw new ArgumentNullException("certs"); + if (!CollectionUtilities.CheckElementsAreOfType(certs, typeof(OtherCertID))) + throw new ArgumentException("Must contain only 'OtherCertID' objects", "certs"); + + this.certs = new DerSequence( + Asn1EncodableVector.FromEnumerable(certs)); + + if (policies != null) + { + if (!CollectionUtilities.CheckElementsAreOfType(policies, typeof(PolicyInformation))) + throw new ArgumentException("Must contain only 'PolicyInformation' objects", "policies"); + + this.policies = new DerSequence( + Asn1EncodableVector.FromEnumerable(policies)); + } + } + + public OtherCertID[] GetCerts() + { + OtherCertID[] cs = new OtherCertID[certs.Count]; + for (int i = 0; i < certs.Count; ++i) + { + cs[i] = OtherCertID.GetInstance(certs[i].ToAsn1Object()); + } + return cs; + } + + public PolicyInformation[] GetPolicies() + { + if (policies == null) + return null; + + PolicyInformation[] ps = new PolicyInformation[policies.Count]; + for (int i = 0; i < policies.Count; ++i) + { + ps[i] = PolicyInformation.GetInstance(policies[i].ToAsn1Object()); + } + return ps; + } + + public override Asn1Object ToAsn1Object() + { + Asn1EncodableVector v = new Asn1EncodableVector(certs); + v.AddOptional(policies); + return new DerSequence(v); + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/esf/RevocationValues.cs b/BouncyCastle/crypto/src/asn1/esf/RevocationValues.cs new file mode 100644 index 0000000..5be080f --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/esf/RevocationValues.cs @@ -0,0 +1,157 @@ +using System; +using System.Collections; + +using Org.BouncyCastle.Asn1.Ocsp; +using Org.BouncyCastle.Asn1.X509; +using Org.BouncyCastle.Utilities.Collections; + +namespace Org.BouncyCastle.Asn1.Esf +{ + /// + /// RFC 5126: 6.3.4. revocation-values Attribute Definition + /// + /// RevocationValues ::= SEQUENCE { + /// crlVals [0] SEQUENCE OF CertificateList OPTIONAL, + /// ocspVals [1] SEQUENCE OF BasicOCSPResponse OPTIONAL, + /// otherRevVals [2] OtherRevVals OPTIONAL + /// } + /// + /// + public class RevocationValues + : Asn1Encodable + { + private readonly Asn1Sequence crlVals; + private readonly Asn1Sequence ocspVals; + private readonly OtherRevVals otherRevVals; + + public static RevocationValues GetInstance( + object obj) + { + if (obj == null || obj is RevocationValues) + return (RevocationValues) obj; + + return new RevocationValues(Asn1Sequence.GetInstance(obj)); + } + + private RevocationValues( + Asn1Sequence seq) + { + if (seq == null) + throw new ArgumentNullException("seq"); + if (seq.Count > 3) + throw new ArgumentException("Bad sequence size: " + seq.Count, "seq"); + + foreach (Asn1TaggedObject taggedObj in seq) + { + Asn1Object asn1Obj = taggedObj.GetObject(); + switch (taggedObj.TagNo) + { + case 0: + Asn1Sequence crlValsSeq = (Asn1Sequence) asn1Obj; + foreach (Asn1Encodable ae in crlValsSeq) + { + CertificateList.GetInstance(ae.ToAsn1Object()); + } + this.crlVals = crlValsSeq; + break; + case 1: + Asn1Sequence ocspValsSeq = (Asn1Sequence) asn1Obj; + foreach (Asn1Encodable ae in ocspValsSeq) + { + BasicOcspResponse.GetInstance(ae.ToAsn1Object()); + } + this.ocspVals = ocspValsSeq; + break; + case 2: + this.otherRevVals = OtherRevVals.GetInstance(asn1Obj); + break; + default: + throw new ArgumentException("Illegal tag in RevocationValues", "seq"); + } + } + } + + public RevocationValues( + CertificateList[] crlVals, + BasicOcspResponse[] ocspVals, + OtherRevVals otherRevVals) + { + if (crlVals != null) + { + this.crlVals = new DerSequence(crlVals); + } + + if (ocspVals != null) + { + this.ocspVals = new DerSequence(ocspVals); + } + + this.otherRevVals = otherRevVals; + } + + public RevocationValues( + IEnumerable crlVals, + IEnumerable ocspVals, + OtherRevVals otherRevVals) + { + if (crlVals != null) + { + if (!CollectionUtilities.CheckElementsAreOfType(crlVals, typeof(CertificateList))) + throw new ArgumentException("Must contain only 'CertificateList' objects", "crlVals"); + + this.crlVals = new DerSequence( + Asn1EncodableVector.FromEnumerable(crlVals)); + } + + if (ocspVals != null) + { + if (!CollectionUtilities.CheckElementsAreOfType(ocspVals, typeof(BasicOcspResponse))) + throw new ArgumentException("Must contain only 'BasicOcspResponse' objects", "ocspVals"); + + this.ocspVals = new DerSequence( + Asn1EncodableVector.FromEnumerable(ocspVals)); + } + + this.otherRevVals = otherRevVals; + } + + public CertificateList[] GetCrlVals() + { + CertificateList[] result = new CertificateList[crlVals.Count]; + for (int i = 0; i < crlVals.Count; ++i) + { + result[i] = CertificateList.GetInstance(crlVals[i].ToAsn1Object()); + } + return result; + } + + public BasicOcspResponse[] GetOcspVals() + { + BasicOcspResponse[] result = new BasicOcspResponse[ocspVals.Count]; + for (int i = 0; i < ocspVals.Count; ++i) + { + result[i] = BasicOcspResponse.GetInstance(ocspVals[i].ToAsn1Object()); + } + return result; + } + + public OtherRevVals OtherRevVals + { + get { return otherRevVals; } + } + + public override Asn1Object ToAsn1Object() + { + Asn1EncodableVector v = new Asn1EncodableVector(); + v.AddOptionalTagged(true, 0, crlVals); + v.AddOptionalTagged(true, 1, ocspVals); + + if (otherRevVals != null) + { + v.Add(new DerTaggedObject(true, 2, otherRevVals.ToAsn1Object())); + } + + return new DerSequence(v); + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/esf/SigPolicyQualifierInfo.cs b/BouncyCastle/crypto/src/asn1/esf/SigPolicyQualifierInfo.cs new file mode 100644 index 0000000..470c5c8 --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/esf/SigPolicyQualifierInfo.cs @@ -0,0 +1,73 @@ +using System; + +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Asn1.Esf +{ + /// + /// + /// SigPolicyQualifierInfo ::= SEQUENCE { + /// sigPolicyQualifierId SigPolicyQualifierId, + /// sigQualifier ANY DEFINED BY sigPolicyQualifierId + /// } + /// + /// SigPolicyQualifierId ::= OBJECT IDENTIFIER + /// + /// + public class SigPolicyQualifierInfo + : Asn1Encodable + { + private readonly DerObjectIdentifier sigPolicyQualifierId; + private readonly Asn1Object sigQualifier; + + public static SigPolicyQualifierInfo GetInstance( + object obj) + { + if (obj == null || obj is SigPolicyQualifierInfo) + return (SigPolicyQualifierInfo) obj; + + if (obj is Asn1Sequence) + return new SigPolicyQualifierInfo((Asn1Sequence) obj); + + throw new ArgumentException( + "Unknown object in 'SigPolicyQualifierInfo' factory: " + + Platform.GetTypeName(obj), + "obj"); + } + + private SigPolicyQualifierInfo( + Asn1Sequence seq) + { + if (seq == null) + throw new ArgumentNullException("seq"); + if (seq.Count != 2) + throw new ArgumentException("Bad sequence size: " + seq.Count, "seq"); + + this.sigPolicyQualifierId = (DerObjectIdentifier) seq[0].ToAsn1Object(); + this.sigQualifier = seq[1].ToAsn1Object(); + } + + public SigPolicyQualifierInfo( + DerObjectIdentifier sigPolicyQualifierId, + Asn1Encodable sigQualifier) + { + this.sigPolicyQualifierId = sigPolicyQualifierId; + this.sigQualifier = sigQualifier.ToAsn1Object(); + } + + public DerObjectIdentifier SigPolicyQualifierId + { + get { return sigPolicyQualifierId; } + } + + public Asn1Object SigQualifier + { + get { return sigQualifier; } + } + + public override Asn1Object ToAsn1Object() + { + return new DerSequence(sigPolicyQualifierId, sigQualifier); + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/esf/SignaturePolicyId.cs b/BouncyCastle/crypto/src/asn1/esf/SignaturePolicyId.cs new file mode 100644 index 0000000..7146bb4 --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/esf/SignaturePolicyId.cs @@ -0,0 +1,146 @@ +using System; +using System.Collections; + +using Org.BouncyCastle.Utilities; +using Org.BouncyCastle.Utilities.Collections; + +namespace Org.BouncyCastle.Asn1.Esf +{ + /// + /// + /// SignaturePolicyId ::= SEQUENCE { + /// sigPolicyIdentifier SigPolicyId, + /// sigPolicyHash SigPolicyHash, + /// sigPolicyQualifiers SEQUENCE SIZE (1..MAX) OF SigPolicyQualifierInfo OPTIONAL + /// } + /// + /// SigPolicyId ::= OBJECT IDENTIFIER + /// + /// SigPolicyHash ::= OtherHashAlgAndValue + /// + /// + public class SignaturePolicyId + : Asn1Encodable + { + private readonly DerObjectIdentifier sigPolicyIdentifier; + private readonly OtherHashAlgAndValue sigPolicyHash; + private readonly Asn1Sequence sigPolicyQualifiers; + + public static SignaturePolicyId GetInstance( + object obj) + { + if (obj == null || obj is SignaturePolicyId) + return (SignaturePolicyId) obj; + + if (obj is Asn1Sequence) + return new SignaturePolicyId((Asn1Sequence) obj); + + throw new ArgumentException( + "Unknown object in 'SignaturePolicyId' factory: " + + Platform.GetTypeName(obj), + "obj"); + } + + private SignaturePolicyId( + Asn1Sequence seq) + { + if (seq == null) + throw new ArgumentNullException("seq"); + if (seq.Count < 2 || seq.Count > 3) + throw new ArgumentException("Bad sequence size: " + seq.Count, "seq"); + + this.sigPolicyIdentifier = (DerObjectIdentifier) seq[0].ToAsn1Object(); + this.sigPolicyHash = OtherHashAlgAndValue.GetInstance(seq[1].ToAsn1Object()); + + if (seq.Count > 2) + { + this.sigPolicyQualifiers = (Asn1Sequence) seq[2].ToAsn1Object(); + } + } + + public SignaturePolicyId( + DerObjectIdentifier sigPolicyIdentifier, + OtherHashAlgAndValue sigPolicyHash) + : this(sigPolicyIdentifier, sigPolicyHash, null) + { + } + + public SignaturePolicyId( + DerObjectIdentifier sigPolicyIdentifier, + OtherHashAlgAndValue sigPolicyHash, + params SigPolicyQualifierInfo[] sigPolicyQualifiers) + { + if (sigPolicyIdentifier == null) + throw new ArgumentNullException("sigPolicyIdentifier"); + if (sigPolicyHash == null) + throw new ArgumentNullException("sigPolicyHash"); + + this.sigPolicyIdentifier = sigPolicyIdentifier; + this.sigPolicyHash = sigPolicyHash; + + if (sigPolicyQualifiers != null) + { + this.sigPolicyQualifiers = new DerSequence(sigPolicyQualifiers); + } + } + + public SignaturePolicyId( + DerObjectIdentifier sigPolicyIdentifier, + OtherHashAlgAndValue sigPolicyHash, + IEnumerable sigPolicyQualifiers) + { + if (sigPolicyIdentifier == null) + throw new ArgumentNullException("sigPolicyIdentifier"); + if (sigPolicyHash == null) + throw new ArgumentNullException("sigPolicyHash"); + + this.sigPolicyIdentifier = sigPolicyIdentifier; + this.sigPolicyHash = sigPolicyHash; + + if (sigPolicyQualifiers != null) + { + if (!CollectionUtilities.CheckElementsAreOfType(sigPolicyQualifiers, typeof(SigPolicyQualifierInfo))) + throw new ArgumentException("Must contain only 'SigPolicyQualifierInfo' objects", "sigPolicyQualifiers"); + + this.sigPolicyQualifiers = new DerSequence( + Asn1EncodableVector.FromEnumerable(sigPolicyQualifiers)); + } + } + + public DerObjectIdentifier SigPolicyIdentifier + { + get { return sigPolicyIdentifier; } + } + + public OtherHashAlgAndValue SigPolicyHash + { + get { return sigPolicyHash; } + } + + public SigPolicyQualifierInfo[] GetSigPolicyQualifiers() + { + if (sigPolicyQualifiers == null) + return null; + + SigPolicyQualifierInfo[] infos = new SigPolicyQualifierInfo[sigPolicyQualifiers.Count]; + for (int i = 0; i < sigPolicyQualifiers.Count; ++i) + { + infos[i] = SigPolicyQualifierInfo.GetInstance(sigPolicyQualifiers[i]); + } + return infos; + } + + public override Asn1Object ToAsn1Object() + { + Asn1EncodableVector v = new Asn1EncodableVector( + sigPolicyIdentifier, sigPolicyHash.ToAsn1Object()); + + if (sigPolicyQualifiers != null) + { + v.Add(sigPolicyQualifiers.ToAsn1Object()); + } + + return new DerSequence(v); + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/esf/SignaturePolicyIdentifier.cs b/BouncyCastle/crypto/src/asn1/esf/SignaturePolicyIdentifier.cs new file mode 100644 index 0000000..12257f2 --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/esf/SignaturePolicyIdentifier.cs @@ -0,0 +1,66 @@ +using System; + +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Asn1.Esf +{ + /// + /// + /// SignaturePolicyIdentifier ::= CHOICE { + /// SignaturePolicyId SignaturePolicyId, + /// SignaturePolicyImplied SignaturePolicyImplied + /// } + /// + /// SignaturePolicyImplied ::= NULL + /// + /// + public class SignaturePolicyIdentifier + : Asn1Encodable, IAsn1Choice + { + private readonly SignaturePolicyId sigPolicy; + + public static SignaturePolicyIdentifier GetInstance( + object obj) + { + if (obj == null || obj is SignaturePolicyIdentifier) + return (SignaturePolicyIdentifier) obj; + + if (obj is SignaturePolicyId) + return new SignaturePolicyIdentifier((SignaturePolicyId) obj); + + if (obj is Asn1Null) + return new SignaturePolicyIdentifier(); + + throw new ArgumentException( + "Unknown object in 'SignaturePolicyIdentifier' factory: " + + Platform.GetTypeName(obj), + "obj"); + } + + public SignaturePolicyIdentifier() + { + this.sigPolicy = null; + } + + public SignaturePolicyIdentifier( + SignaturePolicyId signaturePolicyId) + { + if (signaturePolicyId == null) + throw new ArgumentNullException("signaturePolicyId"); + + this.sigPolicy = signaturePolicyId; + } + + public SignaturePolicyId SignaturePolicyId + { + get { return sigPolicy; } + } + + public override Asn1Object ToAsn1Object() + { + return sigPolicy == null + ? DerNull.Instance + : sigPolicy.ToAsn1Object(); + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/esf/SignerAttribute.cs b/BouncyCastle/crypto/src/asn1/esf/SignerAttribute.cs new file mode 100644 index 0000000..39bd910 --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/esf/SignerAttribute.cs @@ -0,0 +1,97 @@ +using System; + +using Org.BouncyCastle.Asn1.X509; +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Asn1.Esf +{ + public class SignerAttribute + : Asn1Encodable + { + private Asn1Sequence claimedAttributes; + private AttributeCertificate certifiedAttributes; + + public static SignerAttribute GetInstance( + object obj) + { + if (obj == null || obj is SignerAttribute) + return (SignerAttribute) obj; + + if (obj is Asn1Sequence) + return new SignerAttribute(obj); + + throw new ArgumentException( + "Unknown object in 'SignerAttribute' factory: " + + Platform.GetTypeName(obj), + "obj"); + } + + private SignerAttribute( + object obj) + { + Asn1Sequence seq = (Asn1Sequence) obj; + DerTaggedObject taggedObject = (DerTaggedObject) seq[0]; + if (taggedObject.TagNo == 0) + { + claimedAttributes = Asn1Sequence.GetInstance(taggedObject, true); + } + else if (taggedObject.TagNo == 1) + { + certifiedAttributes = AttributeCertificate.GetInstance(taggedObject); + } + else + { + throw new ArgumentException("illegal tag.", "obj"); + } + } + + public SignerAttribute( + Asn1Sequence claimedAttributes) + { + this.claimedAttributes = claimedAttributes; + } + + public SignerAttribute( + AttributeCertificate certifiedAttributes) + { + this.certifiedAttributes = certifiedAttributes; + } + + public virtual Asn1Sequence ClaimedAttributes + { + get { return claimedAttributes; } + } + + public virtual AttributeCertificate CertifiedAttributes + { + get { return certifiedAttributes; } + } + + /** + * + * 
+		*  SignerAttribute ::= SEQUENCE OF CHOICE {
+		*      claimedAttributes   [0] ClaimedAttributes,
+		*      certifiedAttributes [1] CertifiedAttributes }
+		*
+		*  ClaimedAttributes ::= SEQUENCE OF Attribute
+		*  CertifiedAttributes ::= AttributeCertificate -- as defined in RFC 3281: see clause 4.1.
+		*
+ */ + public override Asn1Object ToAsn1Object() + { + Asn1EncodableVector v = new Asn1EncodableVector(); + + if (claimedAttributes != null) + { + v.Add(new DerTaggedObject(0, claimedAttributes)); + } + else + { + v.Add(new DerTaggedObject(1, certifiedAttributes)); + } + + return new DerSequence(v); + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/esf/SignerLocation.cs b/BouncyCastle/crypto/src/asn1/esf/SignerLocation.cs new file mode 100644 index 0000000..0095c0e --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/esf/SignerLocation.cs @@ -0,0 +1,159 @@ +using System; +using System.Collections; + +using Org.BouncyCastle.Asn1.X500; + +namespace Org.BouncyCastle.Asn1.Esf +{ + /** + * Signer-Location attribute (RFC3126). + * + * 
+	*   SignerLocation ::= SEQUENCE {
+	*       countryName        [0] DirectoryString OPTIONAL,
+	*       localityName       [1] DirectoryString OPTIONAL,
+	*       postalAddress      [2] PostalAddress OPTIONAL }
+	*
+	*   PostalAddress ::= SEQUENCE SIZE(1..6) OF DirectoryString
+	*
+ */ + public class SignerLocation + : Asn1Encodable + { + private DirectoryString countryName; + private DirectoryString localityName; + private Asn1Sequence postalAddress; + + public SignerLocation( + Asn1Sequence seq) + { + foreach (Asn1TaggedObject obj in seq) + { + switch (obj.TagNo) + { + case 0: + this.countryName = DirectoryString.GetInstance(obj, true); + break; + case 1: + this.localityName = DirectoryString.GetInstance(obj, true); + break; + case 2: + bool isExplicit = obj.IsExplicit(); // handle erroneous implicitly tagged sequences + this.postalAddress = Asn1Sequence.GetInstance(obj, isExplicit); + if (postalAddress != null && postalAddress.Count > 6) + throw new ArgumentException("postal address must contain less than 6 strings"); + break; + default: + throw new ArgumentException("illegal tag"); + } + } + } + + private SignerLocation( + DirectoryString countryName, + DirectoryString localityName, + Asn1Sequence postalAddress) + { + if (postalAddress != null && postalAddress.Count > 6) + throw new ArgumentException("postal address must contain less than 6 strings"); + + this.countryName = countryName; + this.localityName = localityName; + this.postalAddress = postalAddress; + } + + public SignerLocation( + DirectoryString countryName, + DirectoryString localityName, + DirectoryString[] postalAddress) + : this(countryName, localityName, new DerSequence(postalAddress)) + { + } + + public SignerLocation( + DerUtf8String countryName, + DerUtf8String localityName, + Asn1Sequence postalAddress) + : this(DirectoryString.GetInstance(countryName), DirectoryString.GetInstance(localityName), postalAddress) + { + } + + public static SignerLocation GetInstance( + object obj) + { + if (obj == null || obj is SignerLocation) + { + return (SignerLocation) obj; + } + + return new SignerLocation(Asn1Sequence.GetInstance(obj)); + } + + public DirectoryString Country + { + get { return countryName; } + } + + public DirectoryString Locality + { + get { return localityName; } + } + + public DirectoryString[] GetPostal() + { + if (postalAddress == null) + return null; + + DirectoryString[] dirStrings = new DirectoryString[postalAddress.Count]; + for (int i = 0; i != dirStrings.Length; i++) + { + dirStrings[i] = DirectoryString.GetInstance(postalAddress[i]); + } + + return dirStrings; + } + + [Obsolete("Use 'Country' property instead")] + public DerUtf8String CountryName + { + get { return countryName == null ? null : new DerUtf8String(countryName.GetString()); } + } + + [Obsolete("Use 'Locality' property instead")] + public DerUtf8String LocalityName + { + get { return localityName == null ? null : new DerUtf8String(localityName.GetString()); } + } + + public Asn1Sequence PostalAddress + { + get { return postalAddress; } + } + + /** + * 
+		*   SignerLocation ::= SEQUENCE {
+		*       countryName        [0] DirectoryString OPTIONAL,
+		*       localityName       [1] DirectoryString OPTIONAL,
+		*       postalAddress      [2] PostalAddress OPTIONAL }
+		*
+		*   PostalAddress ::= SEQUENCE SIZE(1..6) OF DirectoryString
+		*
+		*   DirectoryString ::= CHOICE {
+		*         teletexString           TeletexString (SIZE (1..MAX)),
+		*         printableString         PrintableString (SIZE (1..MAX)),
+		*         universalString         UniversalString (SIZE (1..MAX)),
+		*         utf8String              UTF8String (SIZE (1.. MAX)),
+		*         bmpString               BMPString (SIZE (1..MAX)) }
+		*
+ */ + public override Asn1Object ToAsn1Object() + { + Asn1EncodableVector v = new Asn1EncodableVector(); + v.AddOptionalTagged(true, 0, countryName); + v.AddOptionalTagged(true, 1, localityName); + v.AddOptionalTagged(true, 2, postalAddress); + return new DerSequence(v); + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/ess/ContentHints.cs b/BouncyCastle/crypto/src/asn1/ess/ContentHints.cs new file mode 100644 index 0000000..81ba0a1 --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/ess/ContentHints.cs @@ -0,0 +1,88 @@ +using System; + +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Asn1.Ess +{ + public class ContentHints + : Asn1Encodable + { + private readonly DerUtf8String contentDescription; + private readonly DerObjectIdentifier contentType; + + public static ContentHints GetInstance( + object o) + { + if (o == null || o is ContentHints) + { + return (ContentHints)o; + } + + if (o is Asn1Sequence) + { + return new ContentHints((Asn1Sequence)o); + } + + throw new ArgumentException("unknown object in 'ContentHints' factory : " + + Platform.GetTypeName(o) + "."); + } + + /** + * constructor + */ + private ContentHints( + Asn1Sequence seq) + { + IAsn1Convertible field = seq[0]; + if (field.ToAsn1Object() is DerUtf8String) + { + contentDescription = DerUtf8String.GetInstance(field); + contentType = DerObjectIdentifier.GetInstance(seq[1]); + } + else + { + contentType = DerObjectIdentifier.GetInstance(seq[0]); + } + } + + public ContentHints( + DerObjectIdentifier contentType) + { + this.contentType = contentType; + this.contentDescription = null; + } + + public ContentHints( + DerObjectIdentifier contentType, + DerUtf8String contentDescription) + { + this.contentType = contentType; + this.contentDescription = contentDescription; + } + + public DerObjectIdentifier ContentType + { + get { return contentType; } + } + + public DerUtf8String ContentDescription + { + get { return contentDescription; } + } + + /** + * 
+		 * ContentHints ::= SEQUENCE {
+		 *   contentDescription UTF8String (SIZE (1..MAX)) OPTIONAL,
+		 *   contentType ContentType }
+		 *
+ */ + public override Asn1Object ToAsn1Object() + { + Asn1EncodableVector v = new Asn1EncodableVector(); + v.AddOptional(contentDescription); + v.Add(contentType); + return new DerSequence(v); + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/ess/ContentIdentifier.cs b/BouncyCastle/crypto/src/asn1/ess/ContentIdentifier.cs new file mode 100644 index 0000000..430185e --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/ess/ContentIdentifier.cs @@ -0,0 +1,67 @@ +using System; + +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Asn1.Ess +{ + public class ContentIdentifier + : Asn1Encodable + { + private Asn1OctetString value; + + public static ContentIdentifier GetInstance( + object o) + { + if (o == null || o is ContentIdentifier) + { + return (ContentIdentifier) o; + } + + if (o is Asn1OctetString) + { + return new ContentIdentifier((Asn1OctetString) o); + } + + throw new ArgumentException( + "unknown object in 'ContentIdentifier' factory : " + + Platform.GetTypeName(o) + "."); + } + + /** + * Create from OCTET STRING whose octets represent the identifier. + */ + public ContentIdentifier( + Asn1OctetString value) + { + this.value = value; + } + + /** + * Create from byte array representing the identifier. + */ + public ContentIdentifier( + byte[] value) + : this(new DerOctetString(value)) + { + } + + public Asn1OctetString Value + { + get { return value; } + } + + /** + * The definition of ContentIdentifier is + * 
+		 * ContentIdentifier ::=  OCTET STRING
+		 *
+ * id-aa-contentIdentifier OBJECT IDENTIFIER ::= { iso(1) + * member-body(2) us(840) rsadsi(113549) pkcs(1) pkcs9(9) + * smime(16) id-aa(2) 7 } + */ + public override Asn1Object ToAsn1Object() + { + return value; + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/ess/ESSCertID.cs b/BouncyCastle/crypto/src/asn1/ess/ESSCertID.cs new file mode 100644 index 0000000..7e5fe4c --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/ess/ESSCertID.cs @@ -0,0 +1,89 @@ +using System; + +using Org.BouncyCastle.Asn1.X509; +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Asn1.Ess +{ + public class EssCertID + : Asn1Encodable + { + private Asn1OctetString certHash; + private IssuerSerial issuerSerial; + + public static EssCertID GetInstance( + object o) + { + if (o == null || o is EssCertID) + { + return (EssCertID) o; + } + + if (o is Asn1Sequence) + { + return new EssCertID((Asn1Sequence) o); + } + + throw new ArgumentException( + "unknown object in 'EssCertID' factory : " + + Platform.GetTypeName(o) + "."); + } + + /** + * constructor + */ + public EssCertID( + Asn1Sequence seq) + { + if (seq.Count < 1 || seq.Count > 2) + { + throw new ArgumentException("Bad sequence size: " + seq.Count); + } + + this.certHash = Asn1OctetString.GetInstance(seq[0]); + + if (seq.Count > 1) + { + issuerSerial = IssuerSerial.GetInstance(seq[1]); + } + } + + public EssCertID( + byte[] hash) + { + certHash = new DerOctetString(hash); + } + + public EssCertID( + byte[] hash, + IssuerSerial issuerSerial) + { + this.certHash = new DerOctetString(hash); + this.issuerSerial = issuerSerial; + } + + public byte[] GetCertHash() + { + return certHash.GetOctets(); + } + + public IssuerSerial IssuerSerial + { + get { return issuerSerial; } + } + + /** + * 
+		 * EssCertID ::= SEQUENCE {
+		 *     certHash Hash,
+		 *     issuerSerial IssuerSerial OPTIONAL }
+		 *
+ */ + public override Asn1Object ToAsn1Object() + { + Asn1EncodableVector v = new Asn1EncodableVector(certHash); + v.AddOptional(issuerSerial); + return new DerSequence(v); + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/ess/ESSCertIDv2.cs b/BouncyCastle/crypto/src/asn1/ess/ESSCertIDv2.cs new file mode 100644 index 0000000..1711a76 --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/ess/ESSCertIDv2.cs @@ -0,0 +1,141 @@ +using System; + +using Org.BouncyCastle.Asn1.Nist; +using Org.BouncyCastle.Asn1.X509; +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Asn1.Ess +{ + public class EssCertIDv2 + : Asn1Encodable + { + private readonly AlgorithmIdentifier hashAlgorithm; + private readonly byte[] certHash; + private readonly IssuerSerial issuerSerial; + + private static readonly AlgorithmIdentifier DefaultAlgID = new AlgorithmIdentifier( + NistObjectIdentifiers.IdSha256); + + public static EssCertIDv2 GetInstance(object obj) + { + if (obj == null) + return null; + EssCertIDv2 existing = obj as EssCertIDv2; + if (existing != null) + return existing; + return new EssCertIDv2(Asn1Sequence.GetInstance(obj)); + } + + private EssCertIDv2( + Asn1Sequence seq) + { + if (seq.Count > 3) + throw new ArgumentException("Bad sequence size: " + seq.Count, "seq"); + + int count = 0; + + if (seq[0] is Asn1OctetString) + { + // Default value + this.hashAlgorithm = DefaultAlgID; + } + else + { + this.hashAlgorithm = AlgorithmIdentifier.GetInstance(seq[count++].ToAsn1Object()); + } + + this.certHash = Asn1OctetString.GetInstance(seq[count++].ToAsn1Object()).GetOctets(); + + if (seq.Count > count) + { + this.issuerSerial = IssuerSerial.GetInstance( + Asn1Sequence.GetInstance(seq[count].ToAsn1Object())); + } + } + + public EssCertIDv2(byte[] certHash) + : this(null, certHash, null) + { + } + + public EssCertIDv2( + AlgorithmIdentifier algId, + byte[] certHash) + : this(algId, certHash, null) + { + } + + public EssCertIDv2( + byte[] certHash, + IssuerSerial issuerSerial) + : this(null, certHash, issuerSerial) + { + } + + public EssCertIDv2( + AlgorithmIdentifier algId, + byte[] certHash, + IssuerSerial issuerSerial) + { + if (algId == null) + { + // Default value + this.hashAlgorithm = DefaultAlgID; + } + else + { + this.hashAlgorithm = algId; + } + + this.certHash = certHash; + this.issuerSerial = issuerSerial; + } + + public AlgorithmIdentifier HashAlgorithm + { + get { return this.hashAlgorithm; } + } + + public byte[] GetCertHash() + { + return Arrays.Clone(certHash); + } + + public IssuerSerial IssuerSerial + { + get { return issuerSerial; } + } + + /** + * 
+         * EssCertIDv2 ::=  SEQUENCE {
+         *     hashAlgorithm     AlgorithmIdentifier
+         *              DEFAULT {algorithm id-sha256},
+         *     certHash          Hash,
+         *     issuerSerial      IssuerSerial OPTIONAL
+         * }
+         *
+         * Hash ::= OCTET STRING
+         *
+         * IssuerSerial ::= SEQUENCE {
+         *     issuer         GeneralNames,
+         *     serialNumber   CertificateSerialNumber
+         * }
+         *
+ */ + public override Asn1Object ToAsn1Object() + { + Asn1EncodableVector v = new Asn1EncodableVector(); + + if (!hashAlgorithm.Equals(DefaultAlgID)) + { + v.Add(hashAlgorithm); + } + + v.Add(new DerOctetString(certHash).ToAsn1Object()); + v.AddOptional(issuerSerial); + return new DerSequence(v); + } + + } +} diff --git a/BouncyCastle/crypto/src/asn1/ess/OtherCertID.cs b/BouncyCastle/crypto/src/asn1/ess/OtherCertID.cs new file mode 100644 index 0000000..183055e --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/ess/OtherCertID.cs @@ -0,0 +1,129 @@ +using System; + +using Org.BouncyCastle.Asn1.Oiw; +using Org.BouncyCastle.Asn1.X509; +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Asn1.Ess +{ + [Obsolete("Use version in Asn1.Esf instead")] + public class OtherCertID + : Asn1Encodable + { + private Asn1Encodable otherCertHash; + private IssuerSerial issuerSerial; + + public static OtherCertID GetInstance( + object o) + { + if (o == null || o is OtherCertID) + { + return (OtherCertID) o; + } + + if (o is Asn1Sequence) + { + return new OtherCertID((Asn1Sequence) o); + } + + throw new ArgumentException( + "unknown object in 'OtherCertID' factory : " + + Platform.GetTypeName(o) + "."); + } + + /** + * constructor + */ + public OtherCertID( + Asn1Sequence seq) + { + if (seq.Count < 1 || seq.Count > 2) + { + throw new ArgumentException("Bad sequence size: " + seq.Count); + } + + if (seq[0].ToAsn1Object() is Asn1OctetString) + { + otherCertHash = Asn1OctetString.GetInstance(seq[0]); + } + else + { + otherCertHash = DigestInfo.GetInstance(seq[0]); + } + + if (seq.Count > 1) + { + issuerSerial = IssuerSerial.GetInstance(Asn1Sequence.GetInstance(seq[1])); + } + } + + public OtherCertID( + AlgorithmIdentifier algId, + byte[] digest) + { + this.otherCertHash = new DigestInfo(algId, digest); + } + + public OtherCertID( + AlgorithmIdentifier algId, + byte[] digest, + IssuerSerial issuerSerial) + { + this.otherCertHash = new DigestInfo(algId, digest); + this.issuerSerial = issuerSerial; + } + + public AlgorithmIdentifier AlgorithmHash + { + get + { + if (otherCertHash.ToAsn1Object() is Asn1OctetString) + { + // SHA-1 + return new AlgorithmIdentifier(OiwObjectIdentifiers.IdSha1); + } + + return DigestInfo.GetInstance(otherCertHash).AlgorithmID; + } + } + + public byte[] GetCertHash() + { + if (otherCertHash.ToAsn1Object() is Asn1OctetString) + { + // SHA-1 + return ((Asn1OctetString) otherCertHash.ToAsn1Object()).GetOctets(); + } + + return DigestInfo.GetInstance(otherCertHash).GetDigest(); + } + + public IssuerSerial IssuerSerial + { + get { return issuerSerial; } + } + + /** + * 
+		 * OtherCertID ::= SEQUENCE {
+		 *     otherCertHash    OtherHash,
+		 *     issuerSerial     IssuerSerial OPTIONAL }
+		 *
+		 * OtherHash ::= CHOICE {
+		 *     sha1Hash     OCTET STRING,
+		 *     otherHash    OtherHashAlgAndValue }
+		 *
+		 * OtherHashAlgAndValue ::= SEQUENCE {
+		 *     hashAlgorithm    AlgorithmIdentifier,
+		 *     hashValue        OCTET STRING }
+		 *
+		 *
+ */ + public override Asn1Object ToAsn1Object() + { + Asn1EncodableVector v = new Asn1EncodableVector(otherCertHash); + v.AddOptional(issuerSerial); + return new DerSequence(v); + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/ess/OtherSigningCertificate.cs b/BouncyCastle/crypto/src/asn1/ess/OtherSigningCertificate.cs new file mode 100644 index 0000000..65152b6 --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/ess/OtherSigningCertificate.cs @@ -0,0 +1,105 @@ +using System; + +using Org.BouncyCastle.Asn1.X509; +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Asn1.Ess +{ + [Obsolete("Use version in Asn1.Esf instead")] + public class OtherSigningCertificate + : Asn1Encodable + { + private Asn1Sequence certs, policies; + + public static OtherSigningCertificate GetInstance( + object o) + { + if (o == null || o is OtherSigningCertificate) + { + return (OtherSigningCertificate) o; + } + + if (o is Asn1Sequence) + { + return new OtherSigningCertificate((Asn1Sequence) o); + } + + throw new ArgumentException( + "unknown object in 'OtherSigningCertificate' factory : " + + Platform.GetTypeName(o) + "."); + } + + /** + * constructors + */ + public OtherSigningCertificate( + Asn1Sequence seq) + { + if (seq.Count < 1 || seq.Count > 2) + { + throw new ArgumentException("Bad sequence size: " + seq.Count); + } + + this.certs = Asn1Sequence.GetInstance(seq[0]); + + if (seq.Count > 1) + { + this.policies = Asn1Sequence.GetInstance(seq[1]); + } + } + + public OtherSigningCertificate( + OtherCertID otherCertID) + { + certs = new DerSequence(otherCertID); + } + + public OtherCertID[] GetCerts() + { + OtherCertID[] cs = new OtherCertID[certs.Count]; + + for (int i = 0; i != certs.Count; ++i) + { + cs[i] = OtherCertID.GetInstance(certs[i]); + } + + return cs; + } + + public PolicyInformation[] GetPolicies() + { + if (policies == null) + { + return null; + } + + PolicyInformation[] ps = new PolicyInformation[policies.Count]; + + for (int i = 0; i != policies.Count; i++) + { + ps[i] = PolicyInformation.GetInstance(policies[i]); + } + + return ps; + } + + /** + * The definition of OtherSigningCertificate is + * 
+		 * OtherSigningCertificate ::=  SEQUENCE {
+		 *      certs        SEQUENCE OF OtherCertID,
+		 *      policies     SEQUENCE OF PolicyInformation OPTIONAL
+		 * }
+		 *
+ * id-aa-ets-otherSigCert OBJECT IDENTIFIER ::= { iso(1) + * member-body(2) us(840) rsadsi(113549) pkcs(1) pkcs9(9) + * smime(16) id-aa(2) 19 } + */ + public override Asn1Object ToAsn1Object() + { + Asn1EncodableVector v = new Asn1EncodableVector(certs); + v.AddOptional(policies); + return new DerSequence(v); + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/ess/SigningCertificate.cs b/BouncyCastle/crypto/src/asn1/ess/SigningCertificate.cs new file mode 100644 index 0000000..6b8deee --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/ess/SigningCertificate.cs @@ -0,0 +1,104 @@ +using System; + +using Org.BouncyCastle.Asn1.X509; +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Asn1.Ess +{ + public class SigningCertificate + : Asn1Encodable + { + private Asn1Sequence certs, policies; + + public static SigningCertificate GetInstance( + object o) + { + if (o == null || o is SigningCertificate) + { + return (SigningCertificate) o; + } + + if (o is Asn1Sequence) + { + return new SigningCertificate((Asn1Sequence) o); + } + + throw new ArgumentException( + "unknown object in 'SigningCertificate' factory : " + + Platform.GetTypeName(o) + "."); + } + + /** + * constructors + */ + public SigningCertificate( + Asn1Sequence seq) + { + if (seq.Count < 1 || seq.Count > 2) + { + throw new ArgumentException("Bad sequence size: " + seq.Count); + } + + this.certs = Asn1Sequence.GetInstance(seq[0]); + + if (seq.Count > 1) + { + this.policies = Asn1Sequence.GetInstance(seq[1]); + } + } + + public SigningCertificate( + EssCertID essCertID) + { + certs = new DerSequence(essCertID); + } + + public EssCertID[] GetCerts() + { + EssCertID[] cs = new EssCertID[certs.Count]; + + for (int i = 0; i != certs.Count; i++) + { + cs[i] = EssCertID.GetInstance(certs[i]); + } + + return cs; + } + + public PolicyInformation[] GetPolicies() + { + if (policies == null) + { + return null; + } + + PolicyInformation[] ps = new PolicyInformation[policies.Count]; + + for (int i = 0; i != policies.Count; i++) + { + ps[i] = PolicyInformation.GetInstance(policies[i]); + } + + return ps; + } + + /** + * The definition of SigningCertificate is + * 
+		 * SigningCertificate ::=  SEQUENCE {
+		 *      certs        SEQUENCE OF EssCertID,
+		 *      policies     SEQUENCE OF PolicyInformation OPTIONAL
+		 * }
+		 *
+ * id-aa-signingCertificate OBJECT IDENTIFIER ::= { iso(1) + * member-body(2) us(840) rsadsi(113549) pkcs(1) pkcs9(9) + * smime(16) id-aa(2) 12 } + */ + public override Asn1Object ToAsn1Object() + { + Asn1EncodableVector v = new Asn1EncodableVector(certs); + v.AddOptional(policies); + return new DerSequence(v); + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/ess/SigningCertificateV2.cs b/BouncyCastle/crypto/src/asn1/ess/SigningCertificateV2.cs new file mode 100644 index 0000000..4694098 --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/ess/SigningCertificateV2.cs @@ -0,0 +1,108 @@ +using System; + +using Org.BouncyCastle.Asn1.X509; +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Asn1.Ess +{ + public class SigningCertificateV2 + : Asn1Encodable + { + private readonly Asn1Sequence certs; + private readonly Asn1Sequence policies; + + public static SigningCertificateV2 GetInstance( + object o) + { + if (o == null || o is SigningCertificateV2) + return (SigningCertificateV2) o; + + if (o is Asn1Sequence) + return new SigningCertificateV2((Asn1Sequence) o); + + throw new ArgumentException( + "unknown object in 'SigningCertificateV2' factory : " + + Platform.GetTypeName(o) + "."); + } + + private SigningCertificateV2( + Asn1Sequence seq) + { + if (seq.Count < 1 || seq.Count > 2) + throw new ArgumentException("Bad sequence size: " + seq.Count, "seq"); + + this.certs = Asn1Sequence.GetInstance(seq[0].ToAsn1Object()); + + if (seq.Count > 1) + { + this.policies = Asn1Sequence.GetInstance(seq[1].ToAsn1Object()); + } + } + + public SigningCertificateV2( + EssCertIDv2 cert) + { + this.certs = new DerSequence(cert); + } + + public SigningCertificateV2( + EssCertIDv2[] certs) + { + this.certs = new DerSequence(certs); + } + + public SigningCertificateV2( + EssCertIDv2[] certs, + PolicyInformation[] policies) + { + this.certs = new DerSequence(certs); + + if (policies != null) + { + this.policies = new DerSequence(policies); + } + } + + public EssCertIDv2[] GetCerts() + { + EssCertIDv2[] certIds = new EssCertIDv2[certs.Count]; + for (int i = 0; i != certs.Count; i++) + { + certIds[i] = EssCertIDv2.GetInstance(certs[i]); + } + return certIds; + } + + public PolicyInformation[] GetPolicies() + { + if (policies == null) + return null; + + PolicyInformation[] policyInformations = new PolicyInformation[policies.Count]; + for (int i = 0; i != policies.Count; i++) + { + policyInformations[i] = PolicyInformation.GetInstance(policies[i]); + } + return policyInformations; + } + + /** + * The definition of SigningCertificateV2 is + * 
+         * SigningCertificateV2 ::=  SEQUENCE {
+         *      certs        SEQUENCE OF EssCertIDv2,
+         *      policies     SEQUENCE OF PolicyInformation OPTIONAL
+         * }
+         *
+ * id-aa-signingCertificateV2 OBJECT IDENTIFIER ::= { iso(1) + * member-body(2) us(840) rsadsi(113549) pkcs(1) pkcs9(9) + * smime(16) id-aa(2) 47 } + */ + public override Asn1Object ToAsn1Object() + { + Asn1EncodableVector v = new Asn1EncodableVector(certs); + v.AddOptional(policies); + return new DerSequence(v); + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/gm/GMNamedCurves.cs b/BouncyCastle/crypto/src/asn1/gm/GMNamedCurves.cs new file mode 100644 index 0000000..f906a2b --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/gm/GMNamedCurves.cs @@ -0,0 +1,183 @@ +using System; +using System.Collections; + +using Org.BouncyCastle.Asn1.X9; +using Org.BouncyCastle.Math; +using Org.BouncyCastle.Math.EC; +using Org.BouncyCastle.Math.EC.Multiplier; +using Org.BouncyCastle.Utilities; +using Org.BouncyCastle.Utilities.Collections; +using Org.BouncyCastle.Utilities.Encoders; + +namespace Org.BouncyCastle.Asn1.GM +{ + public sealed class GMNamedCurves + { + private GMNamedCurves() + { + } + + private static X9ECPoint ConfigureBasepoint(ECCurve curve, string encoding) + { + X9ECPoint G = new X9ECPoint(curve, Hex.DecodeStrict(encoding)); + WNafUtilities.ConfigureBasepoint(G.Point); + return G; + } + + private static ECCurve ConfigureCurve(ECCurve curve) + { + return curve; + } + + private static BigInteger FromHex(string hex) + { + return new BigInteger(1, Hex.DecodeStrict(hex)); + } + + /* + * sm2p256v1 + */ + internal class SM2P256V1Holder + : X9ECParametersHolder + { + private SM2P256V1Holder() {} + + internal static readonly X9ECParametersHolder Instance = new SM2P256V1Holder(); + + protected override ECCurve CreateCurve() + { + BigInteger p = FromHex("FFFFFFFEFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF00000000FFFFFFFFFFFFFFFF"); + BigInteger a = FromHex("FFFFFFFEFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF00000000FFFFFFFFFFFFFFFC"); + BigInteger b = FromHex("28E9FA9E9D9F5E344D5A9E4BCF6509A7F39789F515AB8F92DDBCBD414D940E93"); + BigInteger n = FromHex("FFFFFFFEFFFFFFFFFFFFFFFFFFFFFFFF7203DF6B21C6052B53BBF40939D54123"); + BigInteger h = BigInteger.One; + + return ConfigureCurve(new FpCurve(p, a, b, n, h, true)); + } + + protected override X9ECParameters CreateParameters() + { + byte[] S = null; + ECCurve curve = Curve; + + X9ECPoint G = ConfigureBasepoint(curve, + "0432C4AE2C1F1981195F9904466A39C9948FE30BBFF2660BE1715A4589334C74C7BC3736A2F4F6779C59BDCEE36B692153D0A9877CC62A474002DF32E52139F0A0"); + + return new X9ECParameters(curve, G, curve.Order, curve.Cofactor, S); + } + } + + /* + * wapip192v1 + */ + internal class WapiP192V1Holder + : X9ECParametersHolder + { + private WapiP192V1Holder() { } + + internal static readonly X9ECParametersHolder Instance = new WapiP192V1Holder(); + + protected override ECCurve CreateCurve() + { + BigInteger p = FromHex("BDB6F4FE3E8B1D9E0DA8C0D46F4C318CEFE4AFE3B6B8551F"); + BigInteger a = FromHex("BB8E5E8FBC115E139FE6A814FE48AAA6F0ADA1AA5DF91985"); + BigInteger b = FromHex("1854BEBDC31B21B7AEFC80AB0ECD10D5B1B3308E6DBF11C1"); + BigInteger n = FromHex("BDB6F4FE3E8B1D9E0DA8C0D40FC962195DFAE76F56564677"); + BigInteger h = BigInteger.One; + + return ConfigureCurve(new FpCurve(p, a, b, n, h, true)); + } + + protected override X9ECParameters CreateParameters() + { + byte[] S = null; + ECCurve curve = Curve; + + X9ECPoint G = ConfigureBasepoint(curve, + "044AD5F7048DE709AD51236DE65E4D4B482C836DC6E410664002BB3A02D4AAADACAE24817A4CA3A1B014B5270432DB27D2"); + + return new X9ECParameters(curve, G, curve.Order, curve.Cofactor, S); + } + } + + + private static readonly IDictionary objIds = Platform.CreateHashtable(); + private static readonly IDictionary curves = Platform.CreateHashtable(); + private static readonly IDictionary names = Platform.CreateHashtable(); + + private static void DefineCurve( + string name, + DerObjectIdentifier oid, + X9ECParametersHolder holder) + { + objIds.Add(Platform.ToUpperInvariant(name), oid); + names.Add(oid, name); + curves.Add(oid, holder); + } + + static GMNamedCurves() + { + DefineCurve("wapip192v1", GMObjectIdentifiers.wapip192v1, WapiP192V1Holder.Instance); + DefineCurve("sm2p256v1", GMObjectIdentifiers.sm2p256v1, SM2P256V1Holder.Instance); + } + + public static X9ECParameters GetByName(string name) + { + DerObjectIdentifier oid = GetOid(name); + return oid == null ? null : GetByOid(oid); + } + + public static X9ECParametersHolder GetByNameLazy(string name) + { + DerObjectIdentifier oid = GetOid(name); + return oid == null ? null : GetByOidLazy(oid); + } + + /** + * return the X9ECParameters object for the named curve represented by + * the passed in object identifier. Null if the curve isn't present. + * + * @param oid an object identifier representing a named curve, if present. + */ + public static X9ECParameters GetByOid(DerObjectIdentifier oid) + { + X9ECParametersHolder holder = GetByOidLazy(oid); + return holder == null ? null : holder.Parameters; + } + + public static X9ECParametersHolder GetByOidLazy(DerObjectIdentifier oid) + { + return (X9ECParametersHolder)curves[oid]; + } + + /** + * return the object identifier signified by the passed in name. Null + * if there is no object identifier associated with name. + * + * @return the object identifier associated with name, if present. + */ + public static DerObjectIdentifier GetOid( + string name) + { + return (DerObjectIdentifier)objIds[Platform.ToUpperInvariant(name)]; + } + + /** + * return the named curve name represented by the given object identifier. + */ + public static string GetName( + DerObjectIdentifier oid) + { + return (string)names[oid]; + } + + /** + * returns an enumeration containing the name strings for curves + * contained in this structure. + */ + public static IEnumerable Names + { + get { return new EnumerableProxy(names.Values); } + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/gm/GMObjectIdentifiers.cs b/BouncyCastle/crypto/src/asn1/gm/GMObjectIdentifiers.cs new file mode 100644 index 0000000..edb3a41 --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/gm/GMObjectIdentifiers.cs @@ -0,0 +1,85 @@ +using System; + +namespace Org.BouncyCastle.Asn1.GM +{ + public abstract class GMObjectIdentifiers + { + public static readonly DerObjectIdentifier sm_scheme = new DerObjectIdentifier("1.2.156.10197.1"); + + public static readonly DerObjectIdentifier sm6_ecb = sm_scheme.Branch("101.1"); + public static readonly DerObjectIdentifier sm6_cbc = sm_scheme.Branch("101.2"); + public static readonly DerObjectIdentifier sm6_ofb128 = sm_scheme.Branch("101.3"); + public static readonly DerObjectIdentifier sm6_cfb128 = sm_scheme.Branch("101.4"); + + public static readonly DerObjectIdentifier sm1_ecb = sm_scheme.Branch("102.1"); + public static readonly DerObjectIdentifier sm1_cbc = sm_scheme.Branch("102.2"); + public static readonly DerObjectIdentifier sm1_ofb128 = sm_scheme.Branch("102.3"); + public static readonly DerObjectIdentifier sm1_cfb128 = sm_scheme.Branch("102.4"); + public static readonly DerObjectIdentifier sm1_cfb1 = sm_scheme.Branch("102.5"); + public static readonly DerObjectIdentifier sm1_cfb8 = sm_scheme.Branch("102.6"); + + public static readonly DerObjectIdentifier ssf33_ecb = sm_scheme.Branch("103.1"); + public static readonly DerObjectIdentifier ssf33_cbc = sm_scheme.Branch("103.2"); + public static readonly DerObjectIdentifier ssf33_ofb128 = sm_scheme.Branch("103.3"); + public static readonly DerObjectIdentifier ssf33_cfb128 = sm_scheme.Branch("103.4"); + public static readonly DerObjectIdentifier ssf33_cfb1 = sm_scheme.Branch("103.5"); + public static readonly DerObjectIdentifier ssf33_cfb8 = sm_scheme.Branch("103.6"); + + public static readonly DerObjectIdentifier sms4_ecb = sm_scheme.Branch("104.1"); + public static readonly DerObjectIdentifier sms4_cbc = sm_scheme.Branch("104.2"); + public static readonly DerObjectIdentifier sms4_ofb128 = sm_scheme.Branch("104.3"); + public static readonly DerObjectIdentifier sms4_cfb128 = sm_scheme.Branch("104.4"); + public static readonly DerObjectIdentifier sms4_cfb1 = sm_scheme.Branch("104.5"); + public static readonly DerObjectIdentifier sms4_cfb8 = sm_scheme.Branch("104.6"); + public static readonly DerObjectIdentifier sms4_ctr = sm_scheme.Branch("104.7"); + public static readonly DerObjectIdentifier sms4_gcm = sm_scheme.Branch("104.8"); + public static readonly DerObjectIdentifier sms4_ccm = sm_scheme.Branch("104.9"); + public static readonly DerObjectIdentifier sms4_xts = sm_scheme.Branch("104.10"); + public static readonly DerObjectIdentifier sms4_wrap = sm_scheme.Branch("104.11"); + public static readonly DerObjectIdentifier sms4_wrap_pad = sm_scheme.Branch("104.12"); + public static readonly DerObjectIdentifier sms4_ocb = sm_scheme.Branch("104.100"); + + public static readonly DerObjectIdentifier sm5 = sm_scheme.Branch("201"); + + public static readonly DerObjectIdentifier sm2p256v1 = sm_scheme.Branch("301"); + public static readonly DerObjectIdentifier sm2sign = sm_scheme.Branch("301.1"); + public static readonly DerObjectIdentifier sm2exchange = sm_scheme.Branch("301.2"); + public static readonly DerObjectIdentifier sm2encrypt = sm_scheme.Branch("301.3"); + + public static readonly DerObjectIdentifier wapip192v1 = sm_scheme.Branch("301.101"); + + public static readonly DerObjectIdentifier sm2encrypt_recommendedParameters = sm2encrypt.Branch("1"); + public static readonly DerObjectIdentifier sm2encrypt_specifiedParameters = sm2encrypt.Branch("2"); + public static readonly DerObjectIdentifier sm2encrypt_with_sm3 = sm2encrypt.Branch("2.1"); + public static readonly DerObjectIdentifier sm2encrypt_with_sha1 = sm2encrypt.Branch("2.2"); + public static readonly DerObjectIdentifier sm2encrypt_with_sha224 = sm2encrypt.Branch("2.3"); + public static readonly DerObjectIdentifier sm2encrypt_with_sha256 = sm2encrypt.Branch("2.4"); + public static readonly DerObjectIdentifier sm2encrypt_with_sha384 = sm2encrypt.Branch("2.5"); + public static readonly DerObjectIdentifier sm2encrypt_with_sha512 = sm2encrypt.Branch("2.6"); + public static readonly DerObjectIdentifier sm2encrypt_with_rmd160 = sm2encrypt.Branch("2.7"); + public static readonly DerObjectIdentifier sm2encrypt_with_whirlpool = sm2encrypt.Branch("2.8"); + public static readonly DerObjectIdentifier sm2encrypt_with_blake2b512 = sm2encrypt.Branch("2.9"); + public static readonly DerObjectIdentifier sm2encrypt_with_blake2s256 = sm2encrypt.Branch("2.10"); + public static readonly DerObjectIdentifier sm2encrypt_with_md5 = sm2encrypt.Branch("2.11"); + + public static readonly DerObjectIdentifier id_sm9PublicKey = sm_scheme.Branch("302"); + public static readonly DerObjectIdentifier sm9sign = sm_scheme.Branch("302.1"); + public static readonly DerObjectIdentifier sm9keyagreement = sm_scheme.Branch("302.2"); + public static readonly DerObjectIdentifier sm9encrypt = sm_scheme.Branch("302.3"); + + public static readonly DerObjectIdentifier sm3 = sm_scheme.Branch("401"); + + public static readonly DerObjectIdentifier hmac_sm3 = sm3.Branch("2"); + + public static readonly DerObjectIdentifier sm2sign_with_sm3 = sm_scheme.Branch("501"); + public static readonly DerObjectIdentifier sm2sign_with_sha1 = sm_scheme.Branch("502"); + public static readonly DerObjectIdentifier sm2sign_with_sha256 = sm_scheme.Branch("503"); + public static readonly DerObjectIdentifier sm2sign_with_sha512 = sm_scheme.Branch("504"); + public static readonly DerObjectIdentifier sm2sign_with_sha224 = sm_scheme.Branch("505"); + public static readonly DerObjectIdentifier sm2sign_with_sha384 = sm_scheme.Branch("506"); + public static readonly DerObjectIdentifier sm2sign_with_rmd160 = sm_scheme.Branch("507"); + public static readonly DerObjectIdentifier sm2sign_with_whirlpool = sm_scheme.Branch("520"); + public static readonly DerObjectIdentifier sm2sign_with_blake2b512 = sm_scheme.Branch("521"); + public static readonly DerObjectIdentifier sm2sign_with_blake2s256 = sm_scheme.Branch("522"); + } +} \ No newline at end of file diff --git a/BouncyCastle/crypto/src/asn1/gnu/GNUObjectIdentifiers.cs b/BouncyCastle/crypto/src/asn1/gnu/GNUObjectIdentifiers.cs new file mode 100644 index 0000000..b322ef2 --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/gnu/GNUObjectIdentifiers.cs @@ -0,0 +1,36 @@ +using System; + +namespace Org.BouncyCastle.Asn1.Gnu +{ + public abstract class GnuObjectIdentifiers + { + public static readonly DerObjectIdentifier Gnu = new DerObjectIdentifier("1.3.6.1.4.1.11591.1"); // GNU Radius + public static readonly DerObjectIdentifier GnuPG = new DerObjectIdentifier("1.3.6.1.4.1.11591.2"); // GnuPG (Ägypten) + public static readonly DerObjectIdentifier Notation = new DerObjectIdentifier("1.3.6.1.4.1.11591.2.1"); // notation + public static readonly DerObjectIdentifier PkaAddress = new DerObjectIdentifier("1.3.6.1.4.1.11591.2.1.1"); // pkaAddress + public static readonly DerObjectIdentifier GnuRadar = new DerObjectIdentifier("1.3.6.1.4.1.11591.3"); // GNU Radar + public static readonly DerObjectIdentifier DigestAlgorithm = new DerObjectIdentifier("1.3.6.1.4.1.11591.12"); // digestAlgorithm + public static readonly DerObjectIdentifier Tiger192 = new DerObjectIdentifier("1.3.6.1.4.1.11591.12.2"); // TIGER/192 + public static readonly DerObjectIdentifier EncryptionAlgorithm = new DerObjectIdentifier("1.3.6.1.4.1.11591.13"); // encryptionAlgorithm + public static readonly DerObjectIdentifier Serpent = new DerObjectIdentifier("1.3.6.1.4.1.11591.13.2"); // Serpent + public static readonly DerObjectIdentifier Serpent128Ecb = new DerObjectIdentifier("1.3.6.1.4.1.11591.13.2.1"); // Serpent-128-ECB + public static readonly DerObjectIdentifier Serpent128Cbc = new DerObjectIdentifier("1.3.6.1.4.1.11591.13.2.2"); // Serpent-128-CBC + public static readonly DerObjectIdentifier Serpent128Ofb = new DerObjectIdentifier("1.3.6.1.4.1.11591.13.2.3"); // Serpent-128-OFB + public static readonly DerObjectIdentifier Serpent128Cfb = new DerObjectIdentifier("1.3.6.1.4.1.11591.13.2.4"); // Serpent-128-CFB + public static readonly DerObjectIdentifier Serpent192Ecb = new DerObjectIdentifier("1.3.6.1.4.1.11591.13.2.21"); // Serpent-192-ECB + public static readonly DerObjectIdentifier Serpent192Cbc = new DerObjectIdentifier("1.3.6.1.4.1.11591.13.2.22"); // Serpent-192-CBC + public static readonly DerObjectIdentifier Serpent192Ofb = new DerObjectIdentifier("1.3.6.1.4.1.11591.13.2.23"); // Serpent-192-OFB + public static readonly DerObjectIdentifier Serpent192Cfb = new DerObjectIdentifier("1.3.6.1.4.1.11591.13.2.24"); // Serpent-192-CFB + public static readonly DerObjectIdentifier Serpent256Ecb = new DerObjectIdentifier("1.3.6.1.4.1.11591.13.2.41"); // Serpent-256-ECB + public static readonly DerObjectIdentifier Serpent256Cbc = new DerObjectIdentifier("1.3.6.1.4.1.11591.13.2.42"); // Serpent-256-CBC + public static readonly DerObjectIdentifier Serpent256Ofb = new DerObjectIdentifier("1.3.6.1.4.1.11591.13.2.43"); // Serpent-256-OFB + public static readonly DerObjectIdentifier Serpent256Cfb = new DerObjectIdentifier("1.3.6.1.4.1.11591.13.2.44"); // Serpent-256-CFB + public static readonly DerObjectIdentifier Crc = new DerObjectIdentifier("1.3.6.1.4.1.11591.14"); // CRC algorithms + public static readonly DerObjectIdentifier Crc32 = new DerObjectIdentifier("1.3.6.1.4.1.11591.14.1"); // CRC 32 + + /** 1.3.6.1.4.1.11591.15 - ellipticCurve */ + public static readonly DerObjectIdentifier EllipticCurve = new DerObjectIdentifier("1.3.6.1.4.1.11591.15"); + + public static readonly DerObjectIdentifier Ed25519 = EllipticCurve.Branch("1"); + } +} diff --git a/BouncyCastle/crypto/src/asn1/iana/IANAObjectIdentifiers.cs b/BouncyCastle/crypto/src/asn1/iana/IANAObjectIdentifiers.cs new file mode 100644 index 0000000..63343f5 --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/iana/IANAObjectIdentifiers.cs @@ -0,0 +1,18 @@ +namespace Org.BouncyCastle.Asn1.Iana +{ + public abstract class IanaObjectIdentifiers + { + // id-SHA1 OBJECT IDENTIFIER ::= + // {iso(1) identified-organization(3) dod(6) internet(1) security(5) mechanisms(5) ipsec(8) isakmpOakley(1)} + // + + public static readonly DerObjectIdentifier IsakmpOakley = new DerObjectIdentifier("1.3.6.1.5.5.8.1"); + + public static readonly DerObjectIdentifier HmacMD5 = new DerObjectIdentifier(IsakmpOakley + ".1"); + public static readonly DerObjectIdentifier HmacSha1 = new DerObjectIdentifier(IsakmpOakley + ".2"); + + public static readonly DerObjectIdentifier HmacTiger = new DerObjectIdentifier(IsakmpOakley + ".3"); + + public static readonly DerObjectIdentifier HmacRipeMD160 = new DerObjectIdentifier(IsakmpOakley + ".4"); + } +} diff --git a/BouncyCastle/crypto/src/asn1/icao/CscaMasterList.cs b/BouncyCastle/crypto/src/asn1/icao/CscaMasterList.cs new file mode 100644 index 0000000..d03b3ad --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/icao/CscaMasterList.cs @@ -0,0 +1,83 @@ +using System; + +using Org.BouncyCastle.Asn1.X509; + +namespace Org.BouncyCastle.Asn1.Icao +{ + /** + * The CscaMasterList object. This object can be wrapped in a + * CMSSignedData to be published in LDAP. + * + * 
+	 * CscaMasterList ::= SEQUENCE {
+	 *   version                CscaMasterListVersion,
+	 *   certList               SET OF Certificate }
+	 *   
+	 * CscaMasterListVersion :: INTEGER {v0(0)}
+	 *
+ */ + public class CscaMasterList + : Asn1Encodable + { + private DerInteger version = new DerInteger(0); + private X509CertificateStructure[] certList; + + public static CscaMasterList GetInstance( + object obj) + { + if (obj is CscaMasterList) + return (CscaMasterList)obj; + + if (obj != null) + return new CscaMasterList(Asn1Sequence.GetInstance(obj)); + + return null; + } + + private CscaMasterList( + Asn1Sequence seq) + { + if (seq == null || seq.Count == 0) + throw new ArgumentException("null or empty sequence passed."); + + if (seq.Count != 2) + throw new ArgumentException("Incorrect sequence size: " + seq.Count); + + this.version = DerInteger.GetInstance(seq[0]); + + Asn1Set certSet = Asn1Set.GetInstance(seq[1]); + + this.certList = new X509CertificateStructure[certSet.Count]; + for (int i = 0; i < certList.Length; i++) + { + certList[i] = X509CertificateStructure.GetInstance(certSet[i]); + } + } + + public CscaMasterList( + X509CertificateStructure[] certStructs) + { + certList = CopyCertList(certStructs); + } + + public virtual int Version + { + get { return version.IntValueExact; } + } + + public X509CertificateStructure[] GetCertStructs() + { + return CopyCertList(certList); + } + + private static X509CertificateStructure[] CopyCertList(X509CertificateStructure[] orig) + { + return (X509CertificateStructure[])orig.Clone(); + } + + public override Asn1Object ToAsn1Object() + { + return new DerSequence(version, new DerSet(certList)); + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/icao/DataGroupHash.cs b/BouncyCastle/crypto/src/asn1/icao/DataGroupHash.cs new file mode 100644 index 0000000..bf83718 --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/icao/DataGroupHash.cs @@ -0,0 +1,86 @@ +using System; +using System.Collections; + +using Org.BouncyCastle.Asn1; + +namespace Org.BouncyCastle.Asn1.Icao +{ + /** + * The DataGroupHash object. + * 
+    * DataGroupHash  ::=  SEQUENCE {
+    *      dataGroupNumber         DataGroupNumber,
+    *      dataGroupHashValue     OCTET STRING }
+    *
+    * DataGroupNumber ::= INTEGER {
+    *         dataGroup1    (1),
+    *         dataGroup1    (2),
+    *         dataGroup1    (3),
+    *         dataGroup1    (4),
+    *         dataGroup1    (5),
+    *         dataGroup1    (6),
+    *         dataGroup1    (7),
+    *         dataGroup1    (8),
+    *         dataGroup1    (9),
+    *         dataGroup1    (10),
+    *         dataGroup1    (11),
+    *         dataGroup1    (12),
+    *         dataGroup1    (13),
+    *         dataGroup1    (14),
+    *         dataGroup1    (15),
+    *         dataGroup1    (16) }
+    *
+    *
+ */ + public class DataGroupHash + : Asn1Encodable + { + private readonly DerInteger dataGroupNumber; + private readonly Asn1OctetString dataGroupHashValue; + + public static DataGroupHash GetInstance( + object obj) + { + if (obj is DataGroupHash) + return (DataGroupHash)obj; + + if (obj != null) + return new DataGroupHash(Asn1Sequence.GetInstance(obj)); + + return null; + } + + private DataGroupHash( + Asn1Sequence seq) + { + if (seq.Count != 2) + throw new ArgumentException("Wrong number of elements in sequence", "seq"); + + this.dataGroupNumber = DerInteger.GetInstance(seq[0]); + this.dataGroupHashValue = Asn1OctetString.GetInstance(seq[1]); + } + + public DataGroupHash( + int dataGroupNumber, + Asn1OctetString dataGroupHashValue) + { + this.dataGroupNumber = new DerInteger(dataGroupNumber); + this.dataGroupHashValue = dataGroupHashValue; + } + + public int DataGroupNumber + { + get { return dataGroupNumber.IntValueExact; } + } + + public Asn1OctetString DataGroupHashValue + { + get { return dataGroupHashValue; } + } + + public override Asn1Object ToAsn1Object() + { + return new DerSequence(dataGroupNumber, dataGroupHashValue); + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/icao/ICAOObjectIdentifiers.cs b/BouncyCastle/crypto/src/asn1/icao/ICAOObjectIdentifiers.cs new file mode 100644 index 0000000..389d4da --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/icao/ICAOObjectIdentifiers.cs @@ -0,0 +1,34 @@ +using System; + +namespace Org.BouncyCastle.Asn1.Icao +{ + public abstract class IcaoObjectIdentifiers + { + // + // base id + // + public static readonly DerObjectIdentifier IdIcao = new DerObjectIdentifier("2.23.136"); + + public static readonly DerObjectIdentifier IdIcaoMrtd = IdIcao.Branch("1"); + public static readonly DerObjectIdentifier IdIcaoMrtdSecurity = IdIcaoMrtd.Branch("1"); + + // LDS security object, see ICAO Doc 9303-Volume 2-Section IV-A3.2 + public static readonly DerObjectIdentifier IdIcaoLdsSecurityObject = IdIcaoMrtdSecurity.Branch("1"); + + // CSCA master list, see TR CSCA Countersigning and Master List issuance + public static readonly DerObjectIdentifier IdIcaoCscaMasterList = IdIcaoMrtdSecurity.Branch("2"); + public static readonly DerObjectIdentifier IdIcaoCscaMasterListSigningKey = IdIcaoMrtdSecurity.Branch("3"); + + // document type list, see draft TR LDS and PKI Maintenance, par. 3.2.1 + public static readonly DerObjectIdentifier IdIcaoDocumentTypeList = IdIcaoMrtdSecurity.Branch("4"); + + // Active Authentication protocol, see draft TR LDS and PKI Maintenance, + // par. 5.2.2 + public static readonly DerObjectIdentifier IdIcaoAAProtocolObject = IdIcaoMrtdSecurity.Branch("5"); + + // CSCA name change and key reoll-over, see draft TR LDS and PKI + // Maintenance, par. 3.2.1 + public static readonly DerObjectIdentifier IdIcaoExtensions = IdIcaoMrtdSecurity.Branch("6"); + public static readonly DerObjectIdentifier IdIcaoExtensionsNamechangekeyrollover = IdIcaoExtensions.Branch("1"); + } +} diff --git a/BouncyCastle/crypto/src/asn1/icao/LDSSecurityObject.cs b/BouncyCastle/crypto/src/asn1/icao/LDSSecurityObject.cs new file mode 100644 index 0000000..5d7331a --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/icao/LDSSecurityObject.cs @@ -0,0 +1,139 @@ +using System; +using System.Collections; + +using Org.BouncyCastle.Asn1.X509; +using Org.BouncyCastle.Math; + +namespace Org.BouncyCastle.Asn1.Icao +{ + /** + * The LDSSecurityObject object (V1.8). + * 
+	 * LDSSecurityObject ::= SEQUENCE {
+	 *   version                LDSSecurityObjectVersion,
+	 *   hashAlgorithm          DigestAlgorithmIdentifier,
+	 *   dataGroupHashValues    SEQUENCE SIZE (2..ub-DataGroups) OF DataHashGroup,
+	 *   ldsVersionInfo         LDSVersionInfo OPTIONAL
+	 *     -- if present, version MUST be v1 }
+	 *
+	 * DigestAlgorithmIdentifier ::= AlgorithmIdentifier,
+	 *
+	 * LDSSecurityObjectVersion :: INTEGER {V0(0)}
+	 *
+ */ + public class LdsSecurityObject + : Asn1Encodable + { + public const int UBDataGroups = 16; + + private DerInteger version = new DerInteger(0); + private AlgorithmIdentifier digestAlgorithmIdentifier; + private DataGroupHash[] datagroupHash; + private LdsVersionInfo versionInfo; + + public static LdsSecurityObject GetInstance( + object obj) + { + if (obj is LdsSecurityObject) + return (LdsSecurityObject)obj; + + if (obj != null) + return new LdsSecurityObject(Asn1Sequence.GetInstance(obj)); + + return null; + } + + private LdsSecurityObject( + Asn1Sequence seq) + { + if (seq == null || seq.Count == 0) + throw new ArgumentException("null or empty sequence passed."); + + IEnumerator e = seq.GetEnumerator(); + + // version + e.MoveNext(); + version = DerInteger.GetInstance(e.Current); + // digestAlgorithmIdentifier + e.MoveNext(); + digestAlgorithmIdentifier = AlgorithmIdentifier.GetInstance(e.Current); + + e.MoveNext(); + Asn1Sequence datagroupHashSeq = Asn1Sequence.GetInstance(e.Current); + + if (version.HasValue(1)) + { + e.MoveNext(); + versionInfo = LdsVersionInfo.GetInstance(e.Current); + } + + CheckDatagroupHashSeqSize(datagroupHashSeq.Count); + + datagroupHash = new DataGroupHash[datagroupHashSeq.Count]; + for (int i= 0; i< datagroupHashSeq.Count; i++) + { + datagroupHash[i] = DataGroupHash.GetInstance(datagroupHashSeq[i]); + } + } + + public LdsSecurityObject( + AlgorithmIdentifier digestAlgorithmIdentifier, + DataGroupHash[] datagroupHash) + { + this.version = new DerInteger(0); + this.digestAlgorithmIdentifier = digestAlgorithmIdentifier; + this.datagroupHash = datagroupHash; + + CheckDatagroupHashSeqSize(datagroupHash.Length); + } + + + public LdsSecurityObject( + AlgorithmIdentifier digestAlgorithmIdentifier, + DataGroupHash[] datagroupHash, + LdsVersionInfo versionInfo) + { + this.version = new DerInteger(1); + this.digestAlgorithmIdentifier = digestAlgorithmIdentifier; + this.datagroupHash = datagroupHash; + this.versionInfo = versionInfo; + + CheckDatagroupHashSeqSize(datagroupHash.Length); + } + + private void CheckDatagroupHashSeqSize(int size) + { + if (size < 2 || size > UBDataGroups) + throw new ArgumentException("wrong size in DataGroupHashValues : not in (2.."+ UBDataGroups +")"); + } + + public BigInteger Version + { + get { return version.Value; } + } + + public AlgorithmIdentifier DigestAlgorithmIdentifier + { + get { return digestAlgorithmIdentifier; } + } + + public DataGroupHash[] GetDatagroupHash() + { + return datagroupHash; + } + + public LdsVersionInfo VersionInfo + { + get { return versionInfo; } + } + + public override Asn1Object ToAsn1Object() + { + DerSequence hashSeq = new DerSequence(datagroupHash); + + Asn1EncodableVector v = new Asn1EncodableVector(version, digestAlgorithmIdentifier, hashSeq); + v.AddOptional(versionInfo); + return new DerSequence(v); + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/icao/LDSVersionInfo.cs b/BouncyCastle/crypto/src/asn1/icao/LDSVersionInfo.cs new file mode 100644 index 0000000..2cdcad2 --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/icao/LDSVersionInfo.cs @@ -0,0 +1,61 @@ +using System; + +namespace Org.BouncyCastle.Asn1.Icao +{ + public class LdsVersionInfo + : Asn1Encodable + { + private DerPrintableString ldsVersion; + private DerPrintableString unicodeVersion; + + public LdsVersionInfo(string ldsVersion, string unicodeVersion) + { + this.ldsVersion = new DerPrintableString(ldsVersion); + this.unicodeVersion = new DerPrintableString(unicodeVersion); + } + + private LdsVersionInfo(Asn1Sequence seq) + { + if (seq.Count != 2) + throw new ArgumentException("sequence wrong size for LDSVersionInfo", "seq"); + + this.ldsVersion = DerPrintableString.GetInstance(seq[0]); + this.unicodeVersion = DerPrintableString.GetInstance(seq[1]); + } + + public static LdsVersionInfo GetInstance(object obj) + { + if (obj is LdsVersionInfo) + return (LdsVersionInfo)obj; + + if (obj != null) + return new LdsVersionInfo(Asn1Sequence.GetInstance(obj)); + + return null; + } + + public virtual string GetLdsVersion() + { + return ldsVersion.GetString(); + } + + public virtual string GetUnicodeVersion() + { + return unicodeVersion.GetString(); + } + + /** + * 
+		 * LDSVersionInfo ::= SEQUENCE {
+		 *    ldsVersion PRINTABLE STRING
+		 *    unicodeVersion PRINTABLE STRING
+		 *  }
+		 *
+ * @return + */ + public override Asn1Object ToAsn1Object() + { + return new DerSequence(ldsVersion, unicodeVersion); + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/isismtt/ISISMTTObjectIdentifiers.cs b/BouncyCastle/crypto/src/asn1/isismtt/ISISMTTObjectIdentifiers.cs new file mode 100644 index 0000000..af60b03 --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/isismtt/ISISMTTObjectIdentifiers.cs @@ -0,0 +1,177 @@ +namespace Org.BouncyCastle.Asn1.IsisMtt +{ + public abstract class IsisMttObjectIdentifiers + { + public static readonly DerObjectIdentifier IdIsisMtt = new DerObjectIdentifier("1.3.36.8"); + + public static readonly DerObjectIdentifier IdIsisMttCP = new DerObjectIdentifier(IdIsisMtt + ".1"); + + /** + * The id-isismtt-cp-accredited OID indicates that the certificate is a + * qualified certificate according to Directive 1999/93/EC of the European + * Parliament and of the Council of 13 December 1999 on a Community + * Framework for Electronic Signatures, which additionally conforms the + * special requirements of the SigG and has been issued by an accredited CA. + */ + public static readonly DerObjectIdentifier IdIsisMttCPAccredited = new DerObjectIdentifier(IdIsisMttCP + ".1"); + + public static readonly DerObjectIdentifier IdIsisMttAT = new DerObjectIdentifier(IdIsisMtt + ".3"); + + /** + * Certificate extensionDate of certificate generation + * + * 
+		 *		DateOfCertGenSyntax ::= GeneralizedTime
+		 *
+ */ + public static readonly DerObjectIdentifier IdIsisMttATDateOfCertGen = new DerObjectIdentifier(IdIsisMttAT + ".1"); + + /** + * Attribute to indicate that the certificate holder may sign in the name of + * a third person. May also be used as extension in a certificate. + */ + public static readonly DerObjectIdentifier IdIsisMttATProcuration = new DerObjectIdentifier(IdIsisMttAT + ".2"); + + /** + * Attribute to indicate admissions to certain professions. May be used as + * attribute in attribute certificate or as extension in a certificate + */ + public static readonly DerObjectIdentifier IdIsisMttATAdmission = new DerObjectIdentifier(IdIsisMttAT + ".3"); + + /** + * Monetary limit for transactions. The QcEuMonetaryLimit QC statement MUST + * be used in new certificates in place of the extension/attribute + * MonetaryLimit since January 1, 2004. For the sake of backward + * compatibility with certificates already in use, SigG conforming + * components MUST support MonetaryLimit (as well as QcEuLimitValue). + */ + public static readonly DerObjectIdentifier IdIsisMttATMonetaryLimit = new DerObjectIdentifier(IdIsisMttAT + ".4"); + + /** + * A declaration of majority. May be used as attribute in attribute + * certificate or as extension in a certificate + */ + public static readonly DerObjectIdentifier IdIsisMttATDeclarationOfMajority = new DerObjectIdentifier(IdIsisMttAT + ".5"); + + /** + * + * Serial number of the smart card containing the corresponding private key + * + * 
+		 *		ICCSNSyntax ::= OCTET STRING (SIZE(8..20))
+		 *
+ */ + public static readonly DerObjectIdentifier IdIsisMttATIccsn = new DerObjectIdentifier(IdIsisMttAT + ".6"); + + /** + * + * Reference for a file of a smartcard that stores the public key of this + * certificate and that is used as �security anchor�. + * + * 
+		 *		PKReferenceSyntax ::= OCTET STRING (SIZE(20))
+		 *
+ */ + public static readonly DerObjectIdentifier IdIsisMttATPKReference = new DerObjectIdentifier(IdIsisMttAT + ".7"); + + /** + * Some other restriction regarding the usage of this certificate. May be + * used as attribute in attribute certificate or as extension in a + * certificate. + * + * 
+		 *		RestrictionSyntax ::= DirectoryString (SIZE(1..1024))
+		 *
+ * + * @see Org.BouncyCastle.Asn1.IsisMtt.X509.Restriction + */ + public static readonly DerObjectIdentifier IdIsisMttATRestriction = new DerObjectIdentifier(IdIsisMttAT + ".8"); + + /** + * + * (Single)Request extension: Clients may include this extension in a + * (single) Request to request the responder to send the certificate in the + * response message along with the status information. Besides the LDAP + * service, this extension provides another mechanism for the distribution + * of certificates, which MAY optionally be provided by certificate + * repositories. + * + * 
+		 *		RetrieveIfAllowed ::= BOOLEAN
+		 *
+ */ + public static readonly DerObjectIdentifier IdIsisMttATRetrieveIfAllowed = new DerObjectIdentifier(IdIsisMttAT + ".9"); + + /** + * SingleOCSPResponse extension: The certificate requested by the client by + * inserting the RetrieveIfAllowed extension in the request, will be + * returned in this extension. + * + * @see Org.BouncyCastle.Asn1.IsisMtt.Ocsp.RequestedCertificate + */ + public static readonly DerObjectIdentifier IdIsisMttATRequestedCertificate = new DerObjectIdentifier(IdIsisMttAT + ".10"); + + /** + * Base ObjectIdentifier for naming authorities + */ + public static readonly DerObjectIdentifier IdIsisMttATNamingAuthorities = new DerObjectIdentifier(IdIsisMttAT + ".11"); + + /** + * SingleOCSPResponse extension: Date, when certificate has been published + * in the directory and status information has become available. Currently, + * accrediting authorities enforce that SigG-conforming OCSP servers include + * this extension in the responses. + * + * 
+		 *		CertInDirSince ::= GeneralizedTime
+		 *
+ */ + public static readonly DerObjectIdentifier IdIsisMttATCertInDirSince = new DerObjectIdentifier(IdIsisMttAT + ".12"); + + /** + * Hash of a certificate in OCSP. + * + * @see Org.BouncyCastle.Asn1.IsisMtt.Ocsp.CertHash + */ + public static readonly DerObjectIdentifier IdIsisMttATCertHash = new DerObjectIdentifier(IdIsisMttAT + ".13"); + + /** + * 
+		 *		NameAtBirth ::= DirectoryString(SIZE(1..64)
+		 *
+ * + * Used in + * {@link Org.BouncyCastle.Asn1.X509.SubjectDirectoryAttributes SubjectDirectoryAttributes} + */ + public static readonly DerObjectIdentifier IdIsisMttATNameAtBirth = new DerObjectIdentifier(IdIsisMttAT + ".14"); + + /** + * Some other information of non-restrictive nature regarding the usage of + * this certificate. May be used as attribute in atribute certificate or as + * extension in a certificate. + * + * 
+		 *               AdditionalInformationSyntax ::= DirectoryString (SIZE(1..2048))
+		 *
+ * + * @see Org.BouncyCastle.Asn1.IsisMtt.X509.AdditionalInformationSyntax + */ + public static readonly DerObjectIdentifier IdIsisMttATAdditionalInformation = new DerObjectIdentifier(IdIsisMttAT + ".15"); + + /** + * Indicates that an attribute certificate exists, which limits the + * usability of this public key certificate. Whenever verifying a signature + * with the help of this certificate, the content of the corresponding + * attribute certificate should be concerned. This extension MUST be + * included in a PKC, if a corresponding attribute certificate (having the + * PKC as base certificate) contains some attribute that restricts the + * usability of the PKC too. Attribute certificates with restricting content + * MUST always be included in the signed document. + * + * 
+		 *		LiabilityLimitationFlagSyntax ::= BOOLEAN
+		 *
+ */ + public static readonly DerObjectIdentifier IdIsisMttATLiabilityLimitationFlag = new DerObjectIdentifier("0.2.262.1.10.12.0"); + } +} diff --git a/BouncyCastle/crypto/src/asn1/isismtt/ocsp/CertHash.cs b/BouncyCastle/crypto/src/asn1/isismtt/ocsp/CertHash.cs new file mode 100644 index 0000000..5773e1c --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/isismtt/ocsp/CertHash.cs @@ -0,0 +1,122 @@ +using System; + +using Org.BouncyCastle.Asn1.X509; +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Asn1.IsisMtt.Ocsp +{ + /** + * ISIS-MTT PROFILE: The responder may include this extension in a response to + * send the hash of the requested certificate to the responder. This hash is + * cryptographically bound to the certificate and serves as evidence that the + * certificate is known to the responder (i.e. it has been issued and is present + * in the directory). Hence, this extension is a means to provide a positive + * statement of availability as described in T8.[8]. As explained in T13.[1], + * clients may rely on this information to be able to validate signatures after + * the expiry of the corresponding certificate. Hence, clients MUST support this + * extension. If a positive statement of availability is to be delivered, this + * extension syntax and OID MUST be used. + *

+ *

+ * 

+	*     CertHash ::= SEQUENCE {
+	*       hashAlgorithm AlgorithmIdentifier,
+	*       certificateHash OCTET STRING
+	*     }
+	*
+ */ + public class CertHash + : Asn1Encodable + { + private readonly AlgorithmIdentifier hashAlgorithm; + private readonly byte[] certificateHash; + + public static CertHash GetInstance( + object obj) + { + if (obj == null || obj is CertHash) + { + return (CertHash) obj; + } + + if (obj is Asn1Sequence) + { + return new CertHash((Asn1Sequence) obj); + } + + throw new ArgumentException("unknown object in factory: " + Platform.GetTypeName(obj), "obj"); + } + + /** + * Constructor from Asn1Sequence. + *

+ * The sequence is of type CertHash: + *

+ * 

+		*     CertHash ::= SEQUENCE {
+		*       hashAlgorithm AlgorithmIdentifier,
+		*       certificateHash OCTET STRING
+		*     }
+		*
+ * + * @param seq The ASN.1 sequence. + */ + private CertHash( + Asn1Sequence seq) + { + if (seq.Count != 2) + throw new ArgumentException("Bad sequence size: " + seq.Count); + + this.hashAlgorithm = AlgorithmIdentifier.GetInstance(seq[0]); + this.certificateHash = DerOctetString.GetInstance(seq[1]).GetOctets(); + } + + /** + * Constructor from a given details. + * + * @param hashAlgorithm The hash algorithm identifier. + * @param certificateHash The hash of the whole DER encoding of the certificate. + */ + public CertHash( + AlgorithmIdentifier hashAlgorithm, + byte[] certificateHash) + { + if (hashAlgorithm == null) + throw new ArgumentNullException("hashAlgorithm"); + if (certificateHash == null) + throw new ArgumentNullException("certificateHash"); + + this.hashAlgorithm = hashAlgorithm; + this.certificateHash = (byte[]) certificateHash.Clone(); + } + + public AlgorithmIdentifier HashAlgorithm + { + get { return hashAlgorithm; } + } + + public byte[] CertificateHash + { + get { return (byte[]) certificateHash.Clone(); } + } + + /** + * Produce an object suitable for an Asn1OutputStream. + *

+ * Returns: + *

+ * 

+		*     CertHash ::= SEQUENCE {
+		*       hashAlgorithm AlgorithmIdentifier,
+		*       certificateHash OCTET STRING
+		*     }
+		*
+ * + * @return an Asn1Object + */ + public override Asn1Object ToAsn1Object() + { + return new DerSequence(hashAlgorithm, new DerOctetString(certificateHash)); + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/isismtt/ocsp/RequestedCertificate.cs b/BouncyCastle/crypto/src/asn1/isismtt/ocsp/RequestedCertificate.cs new file mode 100644 index 0000000..413b3bd --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/isismtt/ocsp/RequestedCertificate.cs @@ -0,0 +1,188 @@ +using System; +using System.IO; + +using Org.BouncyCastle.Asn1.X509; +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Asn1.IsisMtt.Ocsp +{ + /** + * ISIS-MTT-Optional: The certificate requested by the client by inserting the + * RetrieveIfAllowed extension in the request, will be returned in this + * extension. + *

+ * ISIS-MTT-SigG: The signature act allows publishing certificates only then, + * when the certificate owner gives his isExplicit permission. Accordingly, there + * may be �nondownloadable� certificates, about which the responder must provide + * status information, but MUST NOT include them in the response. Clients may + * get therefore the following three kind of answers on a single request + * including the RetrieveIfAllowed extension: + *

    + *
  • a) the responder supports the extension and is allowed to publish the + * certificate: RequestedCertificate returned including the requested + * certificate
    • + *
  • b) the responder supports the extension but is NOT allowed to publish + * the certificate: RequestedCertificate returned including an empty OCTET + * STRING
    • + *
  • c) the responder does not support the extension: RequestedCertificate is + * not included in the response
    • + *
+ * Clients requesting RetrieveIfAllowed MUST be able to handle these cases. If + * any of the OCTET STRING options is used, it MUST contain the DER encoding of + * the requested certificate. + *

+ * 

+	*            RequestedCertificate ::= CHOICE {
+	*              Certificate Certificate,
+	*              publicKeyCertificate [0] EXPLICIT OCTET STRING,
+	*              attributeCertificate [1] EXPLICIT OCTET STRING
+	*            }
+	*
+ */ + public class RequestedCertificate + : Asn1Encodable, IAsn1Choice + { + public enum Choice + { + Certificate = -1, + PublicKeyCertificate = 0, + AttributeCertificate = 1 + } + + private readonly X509CertificateStructure cert; + private readonly byte[] publicKeyCert; + private readonly byte[] attributeCert; + + public static RequestedCertificate GetInstance( + object obj) + { + if (obj == null || obj is RequestedCertificate) + { + return (RequestedCertificate) obj; + } + + if (obj is Asn1Sequence) + { + return new RequestedCertificate(X509CertificateStructure.GetInstance(obj)); + } + + if (obj is Asn1TaggedObject) + { + return new RequestedCertificate((Asn1TaggedObject) obj); + } + + throw new ArgumentException("unknown object in factory: " + Platform.GetTypeName(obj), "obj"); + } + + public static RequestedCertificate GetInstance( + Asn1TaggedObject obj, + bool isExplicit) + { + if (!isExplicit) + throw new ArgumentException("choice item must be explicitly tagged"); + + return GetInstance(obj.GetObject()); + } + + private RequestedCertificate( + Asn1TaggedObject tagged) + { + switch ((Choice) tagged.TagNo) + { + case Choice.AttributeCertificate: + this.attributeCert = Asn1OctetString.GetInstance(tagged, true).GetOctets(); + break; + case Choice.PublicKeyCertificate: + this.publicKeyCert = Asn1OctetString.GetInstance(tagged, true).GetOctets(); + break; + default: + throw new ArgumentException("unknown tag number: " + tagged.TagNo); + } + } + + /** + * Constructor from a given details. + *

+ * Only one parameter can be given. All other must be null. + * + * @param certificate Given as Certificate + */ + public RequestedCertificate( + X509CertificateStructure certificate) + { + this.cert = certificate; + } + + public RequestedCertificate( + Choice type, + byte[] certificateOctets) + : this(new DerTaggedObject((int) type, new DerOctetString(certificateOctets))) + { + } + + public Choice Type + { + get + { + if (cert != null) + return Choice.Certificate; + + if (publicKeyCert != null) + return Choice.PublicKeyCertificate; + + return Choice.AttributeCertificate; + } + } + + public byte[] GetCertificateBytes() + { + if (cert != null) + { + try + { + return cert.GetEncoded(); + } + catch (IOException e) + { + throw new InvalidOperationException("can't decode certificate: " + e); + } + } + + if (publicKeyCert != null) + return publicKeyCert; + + return attributeCert; + } + + + /** + * Produce an object suitable for an Asn1OutputStream. + *

+ * Returns: + *

+ * 

+		*            RequestedCertificate ::= CHOICE {
+		*              Certificate Certificate,
+		*              publicKeyCertificate [0] EXPLICIT OCTET STRING,
+		*              attributeCertificate [1] EXPLICIT OCTET STRING
+		*            }
+		*
+ * + * @return an Asn1Object + */ + public override Asn1Object ToAsn1Object() + { + if (publicKeyCert != null) + { + return new DerTaggedObject(0, new DerOctetString(publicKeyCert)); + } + + if (attributeCert != null) + { + return new DerTaggedObject(1, new DerOctetString(attributeCert)); + } + + return cert.ToAsn1Object(); + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/isismtt/x509/AdditionalInformationSyntax.cs b/BouncyCastle/crypto/src/asn1/isismtt/x509/AdditionalInformationSyntax.cs new file mode 100644 index 0000000..53a8e98 --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/isismtt/x509/AdditionalInformationSyntax.cs @@ -0,0 +1,71 @@ +using System; + +using Org.BouncyCastle.Asn1.X500; +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Asn1.IsisMtt.X509 +{ + /** + * Some other information of non-restrictive nature regarding the usage of this + * certificate. + * + * 
+	*    AdditionalInformationSyntax ::= DirectoryString (SIZE(1..2048))
+	*
+ */ + public class AdditionalInformationSyntax + : Asn1Encodable + { + private readonly DirectoryString information; + + public static AdditionalInformationSyntax GetInstance( + object obj) + { + if (obj is AdditionalInformationSyntax) + return (AdditionalInformationSyntax) obj; + + if (obj is IAsn1String) + return new AdditionalInformationSyntax(DirectoryString.GetInstance(obj)); + + throw new ArgumentException("Unknown object in GetInstance: " + Platform.GetTypeName(obj), "obj"); + } + + private AdditionalInformationSyntax( + DirectoryString information) + { + this.information = information; + } + + /** + * Constructor from a given details. + * + * @param information The describtion of the information. + */ + public AdditionalInformationSyntax( + string information) + { + this.information = new DirectoryString(information); + } + + public virtual DirectoryString Information + { + get { return information; } + } + + /** + * Produce an object suitable for an Asn1OutputStream. + *

+ * Returns: + *

+ * 

+		*   AdditionalInformationSyntax ::= DirectoryString (SIZE(1..2048))
+		*
+ * + * @return an Asn1Object + */ + public override Asn1Object ToAsn1Object() + { + return information.ToAsn1Object(); + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/isismtt/x509/AdmissionSyntax.cs b/BouncyCastle/crypto/src/asn1/isismtt/x509/AdmissionSyntax.cs new file mode 100644 index 0000000..a45075e --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/isismtt/x509/AdmissionSyntax.cs @@ -0,0 +1,275 @@ +using System; + +using Org.BouncyCastle.Asn1.X509; +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Asn1.IsisMtt.X509 +{ + /** + * Attribute to indicate admissions to certain professions. + *

+ * 

+    *     AdmissionSyntax ::= SEQUENCE
+    *     {
+    *       admissionAuthority GeneralName OPTIONAL,
+    *       contentsOfAdmissions SEQUENCE OF Admissions
+    *     }
+    * 

+    *     Admissions ::= SEQUENCE
+    *     {
+    *       admissionAuthority [0] EXPLICIT GeneralName OPTIONAL
+    *       namingAuthority [1] EXPLICIT NamingAuthority OPTIONAL
+    *       professionInfos SEQUENCE OF ProfessionInfo
+    *     }
+    * 

+    *     NamingAuthority ::= SEQUENCE
+    *     {
+    *       namingAuthorityId OBJECT IDENTIFIER OPTIONAL,
+    *       namingAuthorityUrl IA5String OPTIONAL,
+    *       namingAuthorityText DirectoryString(SIZE(1..128)) OPTIONAL
+    *     }
+    * 

+    *     ProfessionInfo ::= SEQUENCE
+    *     {
+    *       namingAuthority [0] EXPLICIT NamingAuthority OPTIONAL,
+    *       professionItems SEQUENCE OF DirectoryString (SIZE(1..128)),
+    *       professionOIDs SEQUENCE OF OBJECT IDENTIFIER OPTIONAL,
+    *       registrationNumber PrintableString(SIZE(1..128)) OPTIONAL,
+    *       addProfessionInfo OCTET STRING OPTIONAL
+    *     }
+    *
+ *

+ *

+ * ISIS-MTT PROFILE: The relatively complex structure of AdmissionSyntax + * supports the following concepts and requirements: + *

    + *
  • External institutions (e.g. professional associations, chambers, unions, + * administrative bodies, companies, etc.), which are responsible for granting + * and verifying professional admissions, are indicated by means of the data + * field admissionAuthority. An admission authority is indicated by a + * GeneralName object. Here an X.501 directory name (distinguished name) can be + * indicated in the field directoryName, a URL address can be indicated in the + * field uniformResourceIdentifier, and an object identifier can be indicated in + * the field registeredId.
    • + *
  • The names of authorities which are responsible for the administration of + * title registers are indicated in the data field namingAuthority. The name of + * the authority can be identified by an object identifier in the field + * namingAuthorityId, by means of a text string in the field + * namingAuthorityText, by means of a URL address in the field + * namingAuthorityUrl, or by a combination of them. For example, the text string + * can contain the name of the authority, the country and the name of the title + * register. The URL-option refers to a web page which contains lists with + * officially registered professions (text and possibly OID) as well as + * further information on these professions. Object identifiers for the + * component namingAuthorityId are grouped under the OID-branch + * id-isis-at-namingAuthorities and must be applied for.
    • + *
  • See http://www.teletrust.de/anwend.asp?Id=30200&Sprache=E_&HomePG=0 + * for an application form and http://www.teletrust.de/links.asp?id=30220,11 + * for an overview of registered naming authorities.
    • + *
  • By means of the data type ProfessionInfo certain professions, + * specializations, disciplines, fields of activity, etc. are identified. A + * profession is represented by one or more text strings, resp. profession OIDs + * in the fields professionItems and professionOIDs and by a registration number + * in the field registrationNumber. An indication in text form must always be + * present, whereas the other indications are optional. The component + * addProfessionInfo may contain additional applicationspecific information in + * DER-encoded form.
    • + *
+ *

+ * By means of different namingAuthority-OIDs or profession OIDs hierarchies of + * professions, specializations, disciplines, fields of activity, etc. can be + * expressed. The issuing admission authority should always be indicated (field + * admissionAuthority), whenever a registration number is presented. Still, + * information on admissions can be given without indicating an admission or a + * naming authority by the exclusive use of the component professionItems. In + * this case the certification authority is responsible for the verification of + * the admission information. + *

+ *

+ *

+ * This attribute is single-valued. Still, several admissions can be captured in + * the sequence structure of the component contentsOfAdmissions of + * AdmissionSyntax or in the component professionInfos of Admissions. The + * component admissionAuthority of AdmissionSyntax serves as default value for + * the component admissionAuthority of Admissions. Within the latter component + * the default value can be overwritten, in case that another authority is + * responsible. The component namingAuthority of Admissions serves as a default + * value for the component namingAuthority of ProfessionInfo. Within the latter + * component the default value can be overwritten, in case that another naming + * authority needs to be recorded. + *

+ * The length of the string objects is limited to 128 characters. It is + * recommended to indicate a namingAuthorityURL in all issued attribute + * certificates. If a namingAuthorityURL is indicated, the field professionItems + * of ProfessionInfo should contain only registered titles. If the field + * professionOIDs exists, it has to contain the OIDs of the professions listed + * in professionItems in the same order. In general, the field professionInfos + * should contain only one entry, unless the admissions that are to be listed + * are logically connected (e.g. they have been issued under the same admission + * number). + * + * @see Org.BouncyCastle.Asn1.IsisMtt.X509.Admissions + * @see Org.BouncyCastle.Asn1.IsisMtt.X509.ProfessionInfo + * @see Org.BouncyCastle.Asn1.IsisMtt.X509.NamingAuthority + */ + public class AdmissionSyntax + : Asn1Encodable + { + private readonly GeneralName admissionAuthority; + private readonly Asn1Sequence contentsOfAdmissions; + + public static AdmissionSyntax GetInstance( + object obj) + { + if (obj == null || obj is AdmissionSyntax) + { + return (AdmissionSyntax)obj; + } + + if (obj is Asn1Sequence) + { + return new AdmissionSyntax((Asn1Sequence)obj); + } + + throw new ArgumentException("unknown object in factory: " + Platform.GetTypeName(obj), "obj"); + } + + /** + * Constructor from Asn1Sequence. + *

+ * The sequence is of type ProcurationSyntax: + *

+ * 

+        *     AdmissionSyntax ::= SEQUENCE
+        *     {
+        *       admissionAuthority GeneralName OPTIONAL,
+        *       contentsOfAdmissions SEQUENCE OF Admissions
+        *     }
+        * 

+        *     Admissions ::= SEQUENCE
+        *     {
+        *       admissionAuthority [0] EXPLICIT GeneralName OPTIONAL
+        *       namingAuthority [1] EXPLICIT NamingAuthority OPTIONAL
+        *       professionInfos SEQUENCE OF ProfessionInfo
+        *     }
+        * 

+        *     NamingAuthority ::= SEQUENCE
+        *     {
+        *       namingAuthorityId OBJECT IDENTIFIER OPTIONAL,
+        *       namingAuthorityUrl IA5String OPTIONAL,
+        *       namingAuthorityText DirectoryString(SIZE(1..128)) OPTIONAL
+        *     }
+        * 

+        *     ProfessionInfo ::= SEQUENCE
+        *     {
+        *       namingAuthority [0] EXPLICIT NamingAuthority OPTIONAL,
+        *       professionItems SEQUENCE OF DirectoryString (SIZE(1..128)),
+        *       professionOIDs SEQUENCE OF OBJECT IDENTIFIER OPTIONAL,
+        *       registrationNumber PrintableString(SIZE(1..128)) OPTIONAL,
+        *       addProfessionInfo OCTET STRING OPTIONAL
+        *     }
+        *
+ * + * @param seq The ASN.1 sequence. + */ + private AdmissionSyntax( + Asn1Sequence seq) + { + switch (seq.Count) + { + case 1: + this.contentsOfAdmissions = DerSequence.GetInstance(seq[0]); + break; + case 2: + admissionAuthority = GeneralName.GetInstance(seq[0]); + contentsOfAdmissions = DerSequence.GetInstance(seq[1]); + break; + default: + throw new ArgumentException("Bad sequence size: " + seq.Count); + } + } + + /** + * Constructor from given details. + * + * @param admissionAuthority The admission authority. + * @param contentsOfAdmissions The admissions. + */ + public AdmissionSyntax( + GeneralName admissionAuthority, + Asn1Sequence contentsOfAdmissions) + { + this.admissionAuthority = admissionAuthority; + this.contentsOfAdmissions = contentsOfAdmissions; + } + + /** + * Produce an object suitable for an Asn1OutputStream. + *

+ * Returns: + *

+ * 

+        *     AdmissionSyntax ::= SEQUENCE
+        *     {
+        *       admissionAuthority GeneralName OPTIONAL,
+        *       contentsOfAdmissions SEQUENCE OF Admissions
+        *     }
+        * 

+        *     Admissions ::= SEQUENCE
+        *     {
+        *       admissionAuthority [0] EXPLICIT GeneralName OPTIONAL
+        *       namingAuthority [1] EXPLICIT NamingAuthority OPTIONAL
+        *       professionInfos SEQUENCE OF ProfessionInfo
+        *     }
+        * 

+        *     NamingAuthority ::= SEQUENCE
+        *     {
+        *       namingAuthorityId OBJECT IDENTIFIER OPTIONAL,
+        *       namingAuthorityUrl IA5String OPTIONAL,
+        *       namingAuthorityText DirectoryString(SIZE(1..128)) OPTIONAL
+        *     }
+        * 

+        *     ProfessionInfo ::= SEQUENCE
+        *     {
+        *       namingAuthority [0] EXPLICIT NamingAuthority OPTIONAL,
+        *       professionItems SEQUENCE OF DirectoryString (SIZE(1..128)),
+        *       professionOIDs SEQUENCE OF OBJECT IDENTIFIER OPTIONAL,
+        *       registrationNumber PrintableString(SIZE(1..128)) OPTIONAL,
+        *       addProfessionInfo OCTET STRING OPTIONAL
+        *     }
+        *
+ * + * @return an Asn1Object + */ + public override Asn1Object ToAsn1Object() + { + Asn1EncodableVector v = new Asn1EncodableVector(); + v.AddOptional(admissionAuthority); + v.Add(contentsOfAdmissions); + return new DerSequence(v); + } + + /** + * @return Returns the admissionAuthority if present, null otherwise. + */ + public virtual GeneralName AdmissionAuthority + { + get { return admissionAuthority; } + } + + /** + * @return Returns the contentsOfAdmissions. + */ + public virtual Admissions[] GetContentsOfAdmissions() + { + Admissions[] result = new Admissions[contentsOfAdmissions.Count]; + + for (int i = 0; i < contentsOfAdmissions.Count; ++i) + { + result[i] = Admissions.GetInstance(contentsOfAdmissions[i]); + } + + return result; + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/isismtt/x509/Admissions.cs b/BouncyCastle/crypto/src/asn1/isismtt/x509/Admissions.cs new file mode 100644 index 0000000..2aa6764 --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/isismtt/x509/Admissions.cs @@ -0,0 +1,177 @@ +using System; +using System.Collections; + +using Org.BouncyCastle.Asn1.X509; +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Asn1.IsisMtt.X509 +{ + /** + * An Admissions structure. + *

+ * 

+	*            Admissions ::= SEQUENCE
+	*            {
+	*              admissionAuthority [0] EXPLICIT GeneralName OPTIONAL
+	*              namingAuthority [1] EXPLICIT NamingAuthority OPTIONAL
+	*              professionInfos SEQUENCE OF ProfessionInfo
+	*            }
+	* 

+	*
+ * + * @see Org.BouncyCastle.Asn1.IsisMtt.X509.AdmissionSyntax + * @see Org.BouncyCastle.Asn1.IsisMtt.X509.ProfessionInfo + * @see Org.BouncyCastle.Asn1.IsisMtt.X509.NamingAuthority + */ + public class Admissions + : Asn1Encodable + { + private readonly GeneralName admissionAuthority; + private readonly NamingAuthority namingAuthority; + private readonly Asn1Sequence professionInfos; + + public static Admissions GetInstance( + object obj) + { + if (obj == null || obj is Admissions) + { + return (Admissions) obj; + } + + if (obj is Asn1Sequence) + { + return new Admissions((Asn1Sequence) obj); + } + + throw new ArgumentException("unknown object in factory: " + Platform.GetTypeName(obj), "obj"); + } + + /** + * Constructor from Asn1Sequence. + *

+ * The sequence is of type ProcurationSyntax: + *

+ * 

+		*            Admissions ::= SEQUENCE
+		*            {
+		*              admissionAuthority [0] EXPLICIT GeneralName OPTIONAL
+		*              namingAuthority [1] EXPLICIT NamingAuthority OPTIONAL
+		*              professionInfos SEQUENCE OF ProfessionInfo
+		*            }
+		*
+ * + * @param seq The ASN.1 sequence. + */ + private Admissions( + Asn1Sequence seq) + { + if (seq.Count > 3) + throw new ArgumentException("Bad sequence size: " + seq.Count); + + IEnumerator e = seq.GetEnumerator(); + + e.MoveNext(); + Asn1Encodable o = (Asn1Encodable) e.Current; + if (o is Asn1TaggedObject) + { + switch (((Asn1TaggedObject)o).TagNo) + { + case 0: + admissionAuthority = GeneralName.GetInstance((Asn1TaggedObject)o, true); + break; + case 1: + namingAuthority = NamingAuthority.GetInstance((Asn1TaggedObject)o, true); + break; + default: + throw new ArgumentException("Bad tag number: " + ((Asn1TaggedObject)o).TagNo); + } + e.MoveNext(); + o = (Asn1Encodable) e.Current; + } + if (o is Asn1TaggedObject) + { + switch (((Asn1TaggedObject)o).TagNo) + { + case 1: + namingAuthority = NamingAuthority.GetInstance((Asn1TaggedObject)o, true); + break; + default: + throw new ArgumentException("Bad tag number: " + ((Asn1TaggedObject)o).TagNo); + } + e.MoveNext(); + o = (Asn1Encodable) e.Current; + } + professionInfos = Asn1Sequence.GetInstance(o); + if (e.MoveNext()) + { + throw new ArgumentException("Bad object encountered: " + Platform.GetTypeName(e.Current)); + } + } + + /** + * Constructor from a given details. + *

+ * Parameter professionInfos is mandatory. + * + * @param admissionAuthority The admission authority. + * @param namingAuthority The naming authority. + * @param professionInfos The profession infos. + */ + public Admissions( + GeneralName admissionAuthority, + NamingAuthority namingAuthority, + ProfessionInfo[] professionInfos) + { + this.admissionAuthority = admissionAuthority; + this.namingAuthority = namingAuthority; + this.professionInfos = new DerSequence(professionInfos); + } + + public virtual GeneralName AdmissionAuthority + { + get { return admissionAuthority; } + } + + public virtual NamingAuthority NamingAuthority + { + get { return namingAuthority; } + } + + public ProfessionInfo[] GetProfessionInfos() + { + ProfessionInfo[] infos = new ProfessionInfo[professionInfos.Count]; + int count = 0; + foreach (Asn1Encodable ae in professionInfos) + { + infos[count++] = ProfessionInfo.GetInstance(ae); + } + return infos; + } + + /** + * Produce an object suitable for an Asn1OutputStream. + *

+ * Returns: + *

+ * 

+		*       Admissions ::= SEQUENCE
+		*       {
+		*         admissionAuthority [0] EXPLICIT GeneralName OPTIONAL
+		*         namingAuthority [1] EXPLICIT NamingAuthority OPTIONAL
+		*         professionInfos SEQUENCE OF ProfessionInfo
+		*       }
+		* 

+		*
+ * + * @return an Asn1Object + */ + public override Asn1Object ToAsn1Object() + { + Asn1EncodableVector v = new Asn1EncodableVector(); + v.AddOptionalTagged(true, 0, admissionAuthority); + v.AddOptionalTagged(true, 1, namingAuthority); + v.Add(professionInfos); + return new DerSequence(v); + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/isismtt/x509/DeclarationOfMajority.cs b/BouncyCastle/crypto/src/asn1/isismtt/x509/DeclarationOfMajority.cs new file mode 100644 index 0000000..b82c937 --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/isismtt/x509/DeclarationOfMajority.cs @@ -0,0 +1,172 @@ +using System; + +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Asn1.IsisMtt.X509 +{ + /** + * A declaration of majority. + *

+ * 

+	*           DeclarationOfMajoritySyntax ::= CHOICE
+	*           {
+	*             notYoungerThan [0] IMPLICIT INTEGER,
+	*             fullAgeAtCountry [1] IMPLICIT SEQUENCE
+	*             {
+	*               fullAge BOOLEAN DEFAULT TRUE,
+	*               country PrintableString (SIZE(2))
+	*             }
+	*             dateOfBirth [2] IMPLICIT GeneralizedTime
+	*           }
+	*
+ *

+ * fullAgeAtCountry indicates the majority of the owner with respect to the laws + * of a specific country. + */ + public class DeclarationOfMajority + : Asn1Encodable, IAsn1Choice + { + public enum Choice + { + NotYoungerThan = 0, + FullAgeAtCountry = 1, + DateOfBirth = 2 + }; + + private readonly Asn1TaggedObject declaration; + + public DeclarationOfMajority( + int notYoungerThan) + { + declaration = new DerTaggedObject(false, 0, new DerInteger(notYoungerThan)); + } + + public DeclarationOfMajority( + bool fullAge, + string country) + { + if (country.Length > 2) + throw new ArgumentException("country can only be 2 characters"); + + DerPrintableString countryString = new DerPrintableString(country, true); + + DerSequence seq; + if (fullAge) + { + seq = new DerSequence(countryString); + } + else + { + seq = new DerSequence(DerBoolean.False, countryString); + } + + this.declaration = new DerTaggedObject(false, 1, seq); + } + + public DeclarationOfMajority( + DerGeneralizedTime dateOfBirth) + { + this.declaration = new DerTaggedObject(false, 2, dateOfBirth); + } + + public static DeclarationOfMajority GetInstance( + object obj) + { + if (obj == null || obj is DeclarationOfMajority) + { + return (DeclarationOfMajority) obj; + } + + if (obj is Asn1TaggedObject) + { + return new DeclarationOfMajority((Asn1TaggedObject) obj); + } + + throw new ArgumentException("unknown object in factory: " + Platform.GetTypeName(obj), "obj"); + } + + private DeclarationOfMajority( + Asn1TaggedObject o) + { + if (o.TagNo > 2) + throw new ArgumentException("Bad tag number: " + o.TagNo); + + this.declaration = o; + } + + /** + * Produce an object suitable for an Asn1OutputStream. + *

+ * Returns: + *

+ * 

+		*           DeclarationOfMajoritySyntax ::= CHOICE
+		*           {
+		*             notYoungerThan [0] IMPLICIT INTEGER,
+		*             fullAgeAtCountry [1] IMPLICIT SEQUENCE
+		*             {
+		*               fullAge BOOLEAN DEFAULT TRUE,
+		*               country PrintableString (SIZE(2))
+		*             }
+		*             dateOfBirth [2] IMPLICIT GeneralizedTime
+		*           }
+		*
+ * + * @return an Asn1Object + */ + public override Asn1Object ToAsn1Object() + { + return declaration; + } + + public Choice Type + { + get { return (Choice) declaration.TagNo; } + } + + /** + * @return notYoungerThan if that's what we are, -1 otherwise + */ + public virtual int NotYoungerThan + { + get + { + switch ((Choice) declaration.TagNo) + { + case Choice.NotYoungerThan: + return DerInteger.GetInstance(declaration, false).IntValueExact; + default: + return -1; + } + } + } + + public virtual Asn1Sequence FullAgeAtCountry + { + get + { + switch ((Choice) declaration.TagNo) + { + case Choice.FullAgeAtCountry: + return Asn1Sequence.GetInstance(declaration, false); + default: + return null; + } + } + } + + public virtual DerGeneralizedTime DateOfBirth + { + get + { + switch ((Choice) declaration.TagNo) + { + case Choice.DateOfBirth: + return DerGeneralizedTime.GetInstance(declaration, false); + default: + return null; + } + } + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/isismtt/x509/MonetaryLimit.cs b/BouncyCastle/crypto/src/asn1/isismtt/x509/MonetaryLimit.cs new file mode 100644 index 0000000..b792fff --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/isismtt/x509/MonetaryLimit.cs @@ -0,0 +1,122 @@ +using System; + +using Org.BouncyCastle.Math; +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Asn1.IsisMtt.X509 +{ + /** + * Monetary limit for transactions. The QcEuMonetaryLimit QC statement MUST be + * used in new certificates in place of the extension/attribute MonetaryLimit + * since January 1, 2004. For the sake of backward compatibility with + * certificates already in use, components SHOULD support MonetaryLimit (as well + * as QcEuLimitValue). + *

+ * Indicates a monetary limit within which the certificate holder is authorized + * to act. (This value DOES NOT express a limit on the liability of the + * certification authority). + *

+ * 

+	*    MonetaryLimitSyntax ::= SEQUENCE
+	*    {
+	*      currency PrintableString (SIZE(3)),
+	*      amount INTEGER,
+	*      exponent INTEGER
+	*    }
+	*
+ *

+ * currency must be the ISO code. + *

+ * value = amount�10*exponent + */ + public class MonetaryLimit + : Asn1Encodable + { + private readonly DerPrintableString currency; + private readonly DerInteger amount; + private readonly DerInteger exponent; + + public static MonetaryLimit GetInstance( + object obj) + { + if (obj == null || obj is MonetaryLimit) + { + return (MonetaryLimit) obj; + } + + if (obj is Asn1Sequence) + { + return new MonetaryLimit(Asn1Sequence.GetInstance(obj)); + } + + throw new ArgumentException("unknown object in factory: " + Platform.GetTypeName(obj), "obj"); + } + + private MonetaryLimit( + Asn1Sequence seq) + { + if (seq.Count != 3) + throw new ArgumentException("Bad sequence size: " + seq.Count); + + currency = DerPrintableString.GetInstance(seq[0]); + amount = DerInteger.GetInstance(seq[1]); + exponent = DerInteger.GetInstance(seq[2]); + } + + /** + * Constructor from a given details. + *

+ *

+ * value = amount�10^exponent + * + * @param currency The currency. Must be the ISO code. + * @param amount The amount + * @param exponent The exponent + */ + public MonetaryLimit( + string currency, + int amount, + int exponent) + { + this.currency = new DerPrintableString(currency, true); + this.amount = new DerInteger(amount); + this.exponent = new DerInteger(exponent); + } + + public virtual string Currency + { + get { return currency.GetString(); } + } + + public virtual BigInteger Amount + { + get { return amount.Value; } + } + + public virtual BigInteger Exponent + { + get { return exponent.Value; } + } + + /** + * Produce an object suitable for an Asn1OutputStream. + *

+ * Returns: + *

+ * 

+		*    MonetaryLimitSyntax ::= SEQUENCE
+		*    {
+		*      currency PrintableString (SIZE(3)),
+		*      amount INTEGER,
+		*      exponent INTEGER
+		*    }
+		*
+ * + * @return an Asn1Object + */ + public override Asn1Object ToAsn1Object() + { + return new DerSequence(currency, amount, exponent); + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/isismtt/x509/NamingAuthority.cs b/BouncyCastle/crypto/src/asn1/isismtt/x509/NamingAuthority.cs new file mode 100644 index 0000000..543dcec --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/isismtt/x509/NamingAuthority.cs @@ -0,0 +1,211 @@ +using System; +using System.Collections; + +using Org.BouncyCastle.Asn1.X500; +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Asn1.IsisMtt.X509 +{ + /** + * Names of authorities which are responsible for the administration of title + * registers. + * + * 
+	*             NamingAuthority ::= SEQUENCE 
+	*             {
+	*               namingAuthorityID OBJECT IDENTIFIER OPTIONAL,
+	*               namingAuthorityUrl IA5String OPTIONAL,
+	*               namingAuthorityText DirectoryString(SIZE(1..128)) OPTIONAL
+	*             }
+	*
+ * @see Org.BouncyCastle.Asn1.IsisMtt.X509.AdmissionSyntax + * + */ + public class NamingAuthority + : Asn1Encodable + { + /** + * Profession OIDs should always be defined under the OID branch of the + * responsible naming authority. At the time of this writing, the work group + * �Recht, Wirtschaft, Steuern� (�Law, Economy, Taxes�) is registered as the + * first naming authority under the OID id-isismtt-at-namingAuthorities. + */ + public static readonly DerObjectIdentifier IdIsisMttATNamingAuthoritiesRechtWirtschaftSteuern + = new DerObjectIdentifier(IsisMttObjectIdentifiers.IdIsisMttATNamingAuthorities + ".1"); + + private readonly DerObjectIdentifier namingAuthorityID; + private readonly string namingAuthorityUrl; + private readonly DirectoryString namingAuthorityText; + + public static NamingAuthority GetInstance( + object obj) + { + if (obj == null || obj is NamingAuthority) + { + return (NamingAuthority) obj; + } + + if (obj is Asn1Sequence) + { + return new NamingAuthority((Asn1Sequence) obj); + } + + throw new ArgumentException("unknown object in factory: " + Platform.GetTypeName(obj), "obj"); + } + + public static NamingAuthority GetInstance( + Asn1TaggedObject obj, + bool isExplicit) + { + return GetInstance(Asn1Sequence.GetInstance(obj, isExplicit)); + } + + /** + * Constructor from Asn1Sequence. + *

+ *

+ * 

+		*             NamingAuthority ::= SEQUENCE
+		*             {
+		*               namingAuthorityID OBJECT IDENTIFIER OPTIONAL,
+		*               namingAuthorityUrl IA5String OPTIONAL,
+		*               namingAuthorityText DirectoryString(SIZE(1..128)) OPTIONAL
+		*             }
+		*
+ * + * @param seq The ASN.1 sequence. + */ + private NamingAuthority( + Asn1Sequence seq) + { + if (seq.Count > 3) + throw new ArgumentException("Bad sequence size: " + seq.Count); + + IEnumerator e = seq.GetEnumerator(); + + if (e.MoveNext()) + { + Asn1Encodable o = (Asn1Encodable) e.Current; + if (o is DerObjectIdentifier) + { + namingAuthorityID = (DerObjectIdentifier) o; + } + else if (o is DerIA5String) + { + namingAuthorityUrl = DerIA5String.GetInstance(o).GetString(); + } + else if (o is IAsn1String) + { + namingAuthorityText = DirectoryString.GetInstance(o); + } + else + { + throw new ArgumentException("Bad object encountered: " + Platform.GetTypeName(o)); + } + } + + if (e.MoveNext()) + { + Asn1Encodable o = (Asn1Encodable) e.Current; + if (o is DerIA5String) + { + namingAuthorityUrl = DerIA5String.GetInstance(o).GetString(); + } + else if (o is IAsn1String) + { + namingAuthorityText = DirectoryString.GetInstance(o); + } + else + { + throw new ArgumentException("Bad object encountered: " + Platform.GetTypeName(o)); + } + } + + if (e.MoveNext()) + { + Asn1Encodable o = (Asn1Encodable) e.Current; + if (o is IAsn1String) + { + namingAuthorityText = DirectoryString.GetInstance(o); + } + else + { + throw new ArgumentException("Bad object encountered: " + Platform.GetTypeName(o)); + } + } + } + + /** + * @return Returns the namingAuthorityID. + */ + public virtual DerObjectIdentifier NamingAuthorityID + { + get { return namingAuthorityID; } + } + + /** + * @return Returns the namingAuthorityText. + */ + public virtual DirectoryString NamingAuthorityText + { + get { return namingAuthorityText; } + } + + /** + * @return Returns the namingAuthorityUrl. + */ + public virtual string NamingAuthorityUrl + { + get { return namingAuthorityUrl; } + } + + /** + * Constructor from given details. + *

+ * All parameters can be combined. + * + * @param namingAuthorityID ObjectIdentifier for naming authority. + * @param namingAuthorityUrl URL for naming authority. + * @param namingAuthorityText Textual representation of naming authority. + */ + public NamingAuthority( + DerObjectIdentifier namingAuthorityID, + string namingAuthorityUrl, + DirectoryString namingAuthorityText) + { + this.namingAuthorityID = namingAuthorityID; + this.namingAuthorityUrl = namingAuthorityUrl; + this.namingAuthorityText = namingAuthorityText; + } + + /** + * Produce an object suitable for an Asn1OutputStream. + *

+ * Returns: + *

+ * 

+		*             NamingAuthority ::= SEQUENCE
+		*             {
+		*               namingAuthorityID OBJECT IDENTIFIER OPTIONAL,
+		*               namingAuthorityUrl IA5String OPTIONAL,
+		*               namingAuthorityText DirectoryString(SIZE(1..128)) OPTIONAL
+		*             }
+		*
+ * + * @return an Asn1Object + */ + public override Asn1Object ToAsn1Object() + { + Asn1EncodableVector v = new Asn1EncodableVector(); + v.AddOptional(namingAuthorityID); + + if (namingAuthorityUrl != null) + { + v.Add(new DerIA5String(namingAuthorityUrl, true)); + } + + v.AddOptional(namingAuthorityText); + return new DerSequence(v); + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/isismtt/x509/ProcurationSyntax.cs b/BouncyCastle/crypto/src/asn1/isismtt/x509/ProcurationSyntax.cs new file mode 100644 index 0000000..60d3a88 --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/isismtt/x509/ProcurationSyntax.cs @@ -0,0 +1,233 @@ +using System; +using System.Collections; + +using Org.BouncyCastle.Asn1.X500; +using Org.BouncyCastle.Asn1.X509; +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Asn1.IsisMtt.X509 +{ + /** + * Attribute to indicate that the certificate holder may sign in the name of a + * third person. + *

+ * ISIS-MTT PROFILE: The corresponding ProcurationSyntax contains either the + * name of the person who is represented (subcomponent thirdPerson) or a + * reference to his/her base certificate (in the component signingFor, + * subcomponent certRef), furthermore the optional components country and + * typeSubstitution to indicate the country whose laws apply, and respectively + * the type of procuration (e.g. manager, procuration, custody). + *

+ *

+ * ISIS-MTT PROFILE: The GeneralName MUST be of type directoryName and MAY only + * contain: - RFC3039 attributes, except pseudonym (countryName, commonName, + * surname, givenName, serialNumber, organizationName, organizationalUnitName, + * stateOrProvincename, localityName, postalAddress) and - SubjectDirectoryName + * attributes (title, dateOfBirth, placeOfBirth, gender, countryOfCitizenship, + * countryOfResidence and NameAtBirth). + *

+ * 
+	*               ProcurationSyntax ::= SEQUENCE {
+	*                 country [1] EXPLICIT PrintableString(SIZE(2)) OPTIONAL,
+	*                 typeOfSubstitution [2] EXPLICIT DirectoryString (SIZE(1..128)) OPTIONAL,
+	*                 signingFor [3] EXPLICIT SigningFor 
+	*               }
+	*               
+	*               SigningFor ::= CHOICE 
+	*               { 
+	*                 thirdPerson GeneralName,
+	*                 certRef IssuerSerial 
+	*               }
+	*
+ * + */ + public class ProcurationSyntax + : Asn1Encodable + { + private readonly string country; + private readonly DirectoryString typeOfSubstitution; + private readonly GeneralName thirdPerson; + private readonly IssuerSerial certRef; + + public static ProcurationSyntax GetInstance( + object obj) + { + if (obj == null || obj is ProcurationSyntax) + { + return (ProcurationSyntax) obj; + } + + if (obj is Asn1Sequence) + { + return new ProcurationSyntax((Asn1Sequence) obj); + } + + throw new ArgumentException("unknown object in factory: " + Platform.GetTypeName(obj), "obj"); + } + + /** + * Constructor from Asn1Sequence. + *

+ * The sequence is of type ProcurationSyntax: + *

+ * 

+		*               ProcurationSyntax ::= SEQUENCE {
+		*                 country [1] EXPLICIT PrintableString(SIZE(2)) OPTIONAL,
+		*                 typeOfSubstitution [2] EXPLICIT DirectoryString (SIZE(1..128)) OPTIONAL,
+		*                 signingFor [3] EXPLICIT SigningFor
+		*               }
+		* 

+		*               SigningFor ::= CHOICE
+		*               {
+		*                 thirdPerson GeneralName,
+		*                 certRef IssuerSerial
+		*               }
+		*
+ * + * @param seq The ASN.1 sequence. + */ + private ProcurationSyntax( + Asn1Sequence seq) + { + if (seq.Count < 1 || seq.Count > 3) + throw new ArgumentException("Bad sequence size: " + seq.Count); + + IEnumerator e = seq.GetEnumerator(); + + while (e.MoveNext()) + { + Asn1TaggedObject o = Asn1TaggedObject.GetInstance(e.Current); + switch (o.TagNo) + { + case 1: + country = DerPrintableString.GetInstance(o, true).GetString(); + break; + case 2: + typeOfSubstitution = DirectoryString.GetInstance(o, true); + break; + case 3: + Asn1Object signingFor = o.GetObject(); + if (signingFor is Asn1TaggedObject) + { + thirdPerson = GeneralName.GetInstance(signingFor); + } + else + { + certRef = IssuerSerial.GetInstance(signingFor); + } + break; + default: + throw new ArgumentException("Bad tag number: " + o.TagNo); + } + } + } + + /** + * Constructor from a given details. + *

+ *

+ * Either generalName or certRef MUST be + * null. + * + * @param country The country code whose laws apply. + * @param typeOfSubstitution The type of procuration. + * @param certRef Reference to certificate of the person who is represented. + */ + public ProcurationSyntax( + string country, + DirectoryString typeOfSubstitution, + IssuerSerial certRef) + { + this.country = country; + this.typeOfSubstitution = typeOfSubstitution; + this.thirdPerson = null; + this.certRef = certRef; + } + + /** + * Constructor from a given details. + *

+ *

+ * Either generalName or certRef MUST be + * null. + * + * @param country The country code whose laws apply. + * @param typeOfSubstitution The type of procuration. + * @param thirdPerson The GeneralName of the person who is represented. + */ + public ProcurationSyntax( + string country, + DirectoryString typeOfSubstitution, + GeneralName thirdPerson) + { + this.country = country; + this.typeOfSubstitution = typeOfSubstitution; + this.thirdPerson = thirdPerson; + this.certRef = null; + } + + public virtual string Country + { + get { return country; } + } + + public virtual DirectoryString TypeOfSubstitution + { + get { return typeOfSubstitution; } + } + + public virtual GeneralName ThirdPerson + { + get { return thirdPerson; } + } + + public virtual IssuerSerial CertRef + { + get { return certRef; } + } + + /** + * Produce an object suitable for an Asn1OutputStream. + *

+ * Returns: + *

+ * 

+		*               ProcurationSyntax ::= SEQUENCE {
+		*                 country [1] EXPLICIT PrintableString(SIZE(2)) OPTIONAL,
+		*                 typeOfSubstitution [2] EXPLICIT DirectoryString (SIZE(1..128)) OPTIONAL,
+		*                 signingFor [3] EXPLICIT SigningFor
+		*               }
+		* 

+		*               SigningFor ::= CHOICE
+		*               {
+		*                 thirdPerson GeneralName,
+		*                 certRef IssuerSerial
+		*               }
+		*
+ * + * @return an Asn1Object + */ + public override Asn1Object ToAsn1Object() + { + Asn1EncodableVector v = new Asn1EncodableVector(); + + if (country != null) + { + v.Add(new DerTaggedObject(true, 1, new DerPrintableString(country, true))); + } + + v.AddOptionalTagged(true, 2, typeOfSubstitution); + + if (thirdPerson != null) + { + v.Add(new DerTaggedObject(true, 3, thirdPerson)); + } + else + { + v.Add(new DerTaggedObject(true, 3, certRef)); + } + + return new DerSequence(v); + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/isismtt/x509/ProfessionInfo.cs b/BouncyCastle/crypto/src/asn1/isismtt/x509/ProfessionInfo.cs new file mode 100644 index 0000000..b65757c --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/isismtt/x509/ProfessionInfo.cs @@ -0,0 +1,380 @@ +using System; +using System.Collections; + +using Org.BouncyCastle.Asn1.X500; +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Asn1.IsisMtt.X509 +{ + /** + * Professions, specializations, disciplines, fields of activity, etc. + * + * 
+	*               ProfessionInfo ::= SEQUENCE 
+	*               {
+	*                 namingAuthority [0] EXPLICIT NamingAuthority OPTIONAL,
+	*                 professionItems SEQUENCE OF DirectoryString (SIZE(1..128)),
+	*                 professionOids SEQUENCE OF OBJECT IDENTIFIER OPTIONAL,
+	*                 registrationNumber PrintableString(SIZE(1..128)) OPTIONAL,
+	*                 addProfessionInfo OCTET STRING OPTIONAL 
+	*               }
+	*
+ * + * @see Org.BouncyCastle.Asn1.IsisMtt.X509.AdmissionSyntax + */ + public class ProfessionInfo + : Asn1Encodable + { + /** + * Rechtsanw�ltin + */ + public static readonly DerObjectIdentifier Rechtsanwltin = new DerObjectIdentifier( + NamingAuthority.IdIsisMttATNamingAuthoritiesRechtWirtschaftSteuern + ".1"); + + /** + * Rechtsanwalt + */ + public static readonly DerObjectIdentifier Rechtsanwalt = new DerObjectIdentifier( + NamingAuthority.IdIsisMttATNamingAuthoritiesRechtWirtschaftSteuern + ".2"); + + /** + * Rechtsbeistand + */ + public static readonly DerObjectIdentifier Rechtsbeistand = new DerObjectIdentifier( + NamingAuthority.IdIsisMttATNamingAuthoritiesRechtWirtschaftSteuern + ".3"); + + /** + * Steuerberaterin + */ + public static readonly DerObjectIdentifier Steuerberaterin = new DerObjectIdentifier( + NamingAuthority.IdIsisMttATNamingAuthoritiesRechtWirtschaftSteuern + ".4"); + + /** + * Steuerberater + */ + public static readonly DerObjectIdentifier Steuerberater = new DerObjectIdentifier( + NamingAuthority.IdIsisMttATNamingAuthoritiesRechtWirtschaftSteuern + ".5"); + + /** + * Steuerbevollm�chtigte + */ + public static readonly DerObjectIdentifier Steuerbevollmchtigte = new DerObjectIdentifier( + NamingAuthority.IdIsisMttATNamingAuthoritiesRechtWirtschaftSteuern + ".6"); + + /** + * Steuerbevollm�chtigter + */ + public static readonly DerObjectIdentifier Steuerbevollmchtigter = new DerObjectIdentifier( + NamingAuthority.IdIsisMttATNamingAuthoritiesRechtWirtschaftSteuern + ".7"); + + /** + * Notarin + */ + public static readonly DerObjectIdentifier Notarin = new DerObjectIdentifier( + NamingAuthority.IdIsisMttATNamingAuthoritiesRechtWirtschaftSteuern + ".8"); + + /** + * Notar + */ + public static readonly DerObjectIdentifier Notar = new DerObjectIdentifier( + NamingAuthority.IdIsisMttATNamingAuthoritiesRechtWirtschaftSteuern + ".9"); + + /** + * Notarvertreterin + */ + public static readonly DerObjectIdentifier Notarvertreterin = new DerObjectIdentifier( + NamingAuthority.IdIsisMttATNamingAuthoritiesRechtWirtschaftSteuern + ".10"); + + /** + * Notarvertreter + */ + public static readonly DerObjectIdentifier Notarvertreter = new DerObjectIdentifier( + NamingAuthority.IdIsisMttATNamingAuthoritiesRechtWirtschaftSteuern + ".11"); + + /** + * Notariatsverwalterin + */ + public static readonly DerObjectIdentifier Notariatsverwalterin = new DerObjectIdentifier( + NamingAuthority.IdIsisMttATNamingAuthoritiesRechtWirtschaftSteuern + ".12"); + + /** + * Notariatsverwalter + */ + public static readonly DerObjectIdentifier Notariatsverwalter = new DerObjectIdentifier( + NamingAuthority.IdIsisMttATNamingAuthoritiesRechtWirtschaftSteuern + ".13"); + + /** + * Wirtschaftspr�ferin + */ + public static readonly DerObjectIdentifier Wirtschaftsprferin = new DerObjectIdentifier( + NamingAuthority.IdIsisMttATNamingAuthoritiesRechtWirtschaftSteuern + ".14"); + + /** + * Wirtschaftspr�fer + */ + public static readonly DerObjectIdentifier Wirtschaftsprfer = new DerObjectIdentifier( + NamingAuthority.IdIsisMttATNamingAuthoritiesRechtWirtschaftSteuern + ".15"); + + /** + * Vereidigte Buchpr�ferin + */ + public static readonly DerObjectIdentifier VereidigteBuchprferin = new DerObjectIdentifier( + NamingAuthority.IdIsisMttATNamingAuthoritiesRechtWirtschaftSteuern + ".16"); + + /** + * Vereidigter Buchpr�fer + */ + public static readonly DerObjectIdentifier VereidigterBuchprfer = new DerObjectIdentifier( + NamingAuthority.IdIsisMttATNamingAuthoritiesRechtWirtschaftSteuern + ".17"); + + /** + * Patentanw�ltin + */ + public static readonly DerObjectIdentifier Patentanwltin = new DerObjectIdentifier( + NamingAuthority.IdIsisMttATNamingAuthoritiesRechtWirtschaftSteuern + ".18"); + + /** + * Patentanwalt + */ + public static readonly DerObjectIdentifier Patentanwalt = new DerObjectIdentifier( + NamingAuthority.IdIsisMttATNamingAuthoritiesRechtWirtschaftSteuern + ".19"); + + private readonly NamingAuthority namingAuthority; + private readonly Asn1Sequence professionItems; + private readonly Asn1Sequence professionOids; + private readonly string registrationNumber; + private readonly Asn1OctetString addProfessionInfo; + + public static ProfessionInfo GetInstance( + object obj) + { + if (obj == null || obj is ProfessionInfo) + { + return (ProfessionInfo) obj; + } + + if (obj is Asn1Sequence) + { + return new ProfessionInfo((Asn1Sequence) obj); + } + + throw new ArgumentException("unknown object in factory: " + Platform.GetTypeName(obj), "obj"); + } + + /** + * Constructor from Asn1Sequence. + *

+ *

+ * 

+		*               ProfessionInfo ::= SEQUENCE
+		*               {
+		*                 namingAuthority [0] EXPLICIT NamingAuthority OPTIONAL,
+		*                 professionItems SEQUENCE OF DirectoryString (SIZE(1..128)),
+		*                 professionOids SEQUENCE OF OBJECT IDENTIFIER OPTIONAL,
+		*                 registrationNumber PrintableString(SIZE(1..128)) OPTIONAL,
+		*                 addProfessionInfo OCTET STRING OPTIONAL
+		*               }
+		*
+ * + * @param seq The ASN.1 sequence. + */ + private ProfessionInfo( + Asn1Sequence seq) + { + if (seq.Count > 5) + throw new ArgumentException("Bad sequence size: " + seq.Count); + + IEnumerator e = seq.GetEnumerator(); + + e.MoveNext(); + Asn1Encodable o = (Asn1Encodable) e.Current; + + if (o is Asn1TaggedObject) + { + Asn1TaggedObject ato = (Asn1TaggedObject) o; + if (ato.TagNo != 0) + throw new ArgumentException("Bad tag number: " + ato.TagNo); + + namingAuthority = NamingAuthority.GetInstance(ato, true); + e.MoveNext(); + o = (Asn1Encodable) e.Current; + } + + professionItems = Asn1Sequence.GetInstance(o); + + if (e.MoveNext()) + { + o = (Asn1Encodable) e.Current; + if (o is Asn1Sequence) + { + professionOids = Asn1Sequence.GetInstance(o); + } + else if (o is DerPrintableString) + { + registrationNumber = DerPrintableString.GetInstance(o).GetString(); + } + else if (o is Asn1OctetString) + { + addProfessionInfo = Asn1OctetString.GetInstance(o); + } + else + { + throw new ArgumentException("Bad object encountered: " + Platform.GetTypeName(o)); + } + } + + if (e.MoveNext()) + { + o = (Asn1Encodable) e.Current; + if (o is DerPrintableString) + { + registrationNumber = DerPrintableString.GetInstance(o).GetString(); + } + else if (o is DerOctetString) + { + addProfessionInfo = (DerOctetString) o; + } + else + { + throw new ArgumentException("Bad object encountered: " + Platform.GetTypeName(o)); + } + } + + if (e.MoveNext()) + { + o = (Asn1Encodable) e.Current; + if (o is DerOctetString) + { + addProfessionInfo = (DerOctetString) o; + } + else + { + throw new ArgumentException("Bad object encountered: " + Platform.GetTypeName(o)); + } + } + } + + /** + * Constructor from given details. + *

+ * professionItems is mandatory, all other parameters are + * optional. + * + * @param namingAuthority The naming authority. + * @param professionItems Directory strings of the profession. + * @param professionOids DERObjectIdentfier objects for the + * profession. + * @param registrationNumber Registration number. + * @param addProfessionInfo Additional infos in encoded form. + */ + public ProfessionInfo( + NamingAuthority namingAuthority, + DirectoryString[] professionItems, + DerObjectIdentifier[] professionOids, + string registrationNumber, + Asn1OctetString addProfessionInfo) + { + this.namingAuthority = namingAuthority; + this.professionItems = new DerSequence(professionItems); + if (professionOids != null) + { + this.professionOids = new DerSequence(professionOids); + } + this.registrationNumber = registrationNumber; + this.addProfessionInfo = addProfessionInfo; + } + + /** + * Produce an object suitable for an Asn1OutputStream. + *

+ * Returns: + *

+ * 

+		*               ProfessionInfo ::= SEQUENCE
+		*               {
+		*                 namingAuthority [0] EXPLICIT NamingAuthority OPTIONAL,
+		*                 professionItems SEQUENCE OF DirectoryString (SIZE(1..128)),
+		*                 professionOids SEQUENCE OF OBJECT IDENTIFIER OPTIONAL,
+		*                 registrationNumber PrintableString(SIZE(1..128)) OPTIONAL,
+		*                 addProfessionInfo OCTET STRING OPTIONAL
+		*               }
+		*
+ * + * @return an Asn1Object + */ + public override Asn1Object ToAsn1Object() + { + Asn1EncodableVector v = new Asn1EncodableVector(); + v.AddOptionalTagged(true, 0, namingAuthority); + v.Add(professionItems); + v.AddOptional(professionOids); + + if (registrationNumber != null) + { + v.Add(new DerPrintableString(registrationNumber, true)); + } + + v.AddOptional(addProfessionInfo); + return new DerSequence(v); + } + + /** + * @return Returns the addProfessionInfo. + */ + public virtual Asn1OctetString AddProfessionInfo + { + get { return addProfessionInfo; } + } + + /** + * @return Returns the namingAuthority. + */ + public virtual NamingAuthority NamingAuthority + { + get { return namingAuthority; } + } + + /** + * @return Returns the professionItems. + */ + public virtual DirectoryString[] GetProfessionItems() + { + DirectoryString[] result = new DirectoryString[professionItems.Count]; + + for (int i = 0; i < professionItems.Count; ++i) + { + result[i] = DirectoryString.GetInstance(professionItems[i]); + } + + return result; + } + + /** + * @return Returns the professionOids. + */ + public virtual DerObjectIdentifier[] GetProfessionOids() + { + if (professionOids == null) + { + return new DerObjectIdentifier[0]; + } + + DerObjectIdentifier[] result = new DerObjectIdentifier[professionOids.Count]; + + for (int i = 0; i < professionOids.Count; ++i) + { + result[i] = DerObjectIdentifier.GetInstance(professionOids[i]); + } + + return result; + } + + /** + * @return Returns the registrationNumber. + */ + public virtual string RegistrationNumber + { + get { return registrationNumber; } + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/isismtt/x509/Restriction.cs b/BouncyCastle/crypto/src/asn1/isismtt/x509/Restriction.cs new file mode 100644 index 0000000..75df252 --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/isismtt/x509/Restriction.cs @@ -0,0 +1,82 @@ +using System; + +using Org.BouncyCastle.Asn1.X500; +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Asn1.IsisMtt.X509 +{ + /** + * Some other restriction regarding the usage of this certificate. + *

+ * 

+	*  RestrictionSyntax ::= DirectoryString (SIZE(1..1024))
+	*
+ */ + public class Restriction + : Asn1Encodable + { + private readonly DirectoryString restriction; + + public static Restriction GetInstance( + object obj) + { + if (obj is Restriction) + return (Restriction) obj; + + if (obj is IAsn1String) + return new Restriction(DirectoryString.GetInstance(obj)); + + throw new ArgumentException("Unknown object in GetInstance: " + Platform.GetTypeName(obj), "obj"); + } + + /** + * Constructor from DirectoryString. + *

+ * The DirectoryString is of type RestrictionSyntax: + *

+ * 

+		*      RestrictionSyntax ::= DirectoryString (SIZE(1..1024))
+		*
+ * + * @param restriction A IAsn1String. + */ + private Restriction( + DirectoryString restriction) + { + this.restriction = restriction; + } + + /** + * Constructor from a given details. + * + * @param restriction The description of the restriction. + */ + public Restriction( + string restriction) + { + this.restriction = new DirectoryString(restriction); + } + + public virtual DirectoryString RestrictionString + { + get { return restriction; } + } + + /** + * Produce an object suitable for an Asn1OutputStream. + *

+ * Returns: + *

+ * 

+		*      RestrictionSyntax ::= DirectoryString (SIZE(1..1024))
+		* 

+		*
+ * + * @return an Asn1Object + */ + public override Asn1Object ToAsn1Object() + { + return restriction.ToAsn1Object(); + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/kisa/KISAObjectIdentifiers.cs b/BouncyCastle/crypto/src/asn1/kisa/KISAObjectIdentifiers.cs new file mode 100644 index 0000000..05351ec --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/kisa/KISAObjectIdentifiers.cs @@ -0,0 +1,8 @@ +namespace Org.BouncyCastle.Asn1.Kisa +{ + public abstract class KisaObjectIdentifiers + { + public static readonly DerObjectIdentifier IdSeedCbc = new DerObjectIdentifier("1.2.410.200004.1.4"); + public static readonly DerObjectIdentifier IdNpkiAppCmsSeedWrap = new DerObjectIdentifier("1.2.410.200004.7.1.1.1"); + } +} diff --git a/BouncyCastle/crypto/src/asn1/microsoft/MicrosoftObjectIdentifiers.cs b/BouncyCastle/crypto/src/asn1/microsoft/MicrosoftObjectIdentifiers.cs new file mode 100644 index 0000000..bc48c3f --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/microsoft/MicrosoftObjectIdentifiers.cs @@ -0,0 +1,19 @@ +using System; + +namespace Org.BouncyCastle.Asn1.Microsoft +{ + public abstract class MicrosoftObjectIdentifiers + { + // + // Microsoft + // iso(1) identified-organization(3) dod(6) internet(1) private(4) enterprise(1) Microsoft(311) + // + public static readonly DerObjectIdentifier Microsoft = new DerObjectIdentifier("1.3.6.1.4.1.311"); + public static readonly DerObjectIdentifier MicrosoftCertTemplateV1 = Microsoft.Branch("20.2"); + public static readonly DerObjectIdentifier MicrosoftCAVersion = Microsoft.Branch("21.1"); + public static readonly DerObjectIdentifier MicrosoftPrevCACertHash = Microsoft.Branch("21.2"); + public static readonly DerObjectIdentifier MicrosoftCrlNextPublish = Microsoft.Branch("21.4"); + public static readonly DerObjectIdentifier MicrosoftCertTemplateV2 = Microsoft.Branch("21.7"); + public static readonly DerObjectIdentifier MicrosoftAppPolicies = Microsoft.Branch("21.10"); + } +} diff --git a/BouncyCastle/crypto/src/asn1/misc/CAST5CBCParameters.cs b/BouncyCastle/crypto/src/asn1/misc/CAST5CBCParameters.cs new file mode 100644 index 0000000..7bd9f1e --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/misc/CAST5CBCParameters.cs @@ -0,0 +1,74 @@ +using System; + +using Org.BouncyCastle.Asn1; +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Asn1.Misc +{ + public class Cast5CbcParameters + : Asn1Encodable + { + private readonly DerInteger keyLength; + private readonly Asn1OctetString iv; + + public static Cast5CbcParameters GetInstance( + object o) + { + if (o is Cast5CbcParameters) + { + return (Cast5CbcParameters) o; + } + + if (o is Asn1Sequence) + { + return new Cast5CbcParameters((Asn1Sequence) o); + } + + throw new ArgumentException("unknown object in Cast5CbcParameters factory"); + } + + public Cast5CbcParameters( + byte[] iv, + int keyLength) + { + this.iv = new DerOctetString(iv); + this.keyLength = new DerInteger(keyLength); + } + + private Cast5CbcParameters( + Asn1Sequence seq) + { + if (seq.Count != 2) + throw new ArgumentException("Wrong number of elements in sequence", "seq"); + + iv = (Asn1OctetString) seq[0]; + keyLength = (DerInteger) seq[1]; + } + + public byte[] GetIV() + { + return Arrays.Clone(iv.GetOctets()); + } + + public int KeyLength + { + get { return keyLength.IntValueExact; } + } + + /** + * Produce an object suitable for an Asn1OutputStream. + * 
+         * cast5CBCParameters ::= Sequence {
+         *                           iv         OCTET STRING DEFAULT 0,
+         *                                  -- Initialization vector
+         *                           keyLength  Integer
+         *                                  -- Key length, in bits
+         *                      }
+         *
+ */ + public override Asn1Object ToAsn1Object() + { + return new DerSequence(iv, keyLength); + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/misc/IDEACBCPar.cs b/BouncyCastle/crypto/src/asn1/misc/IDEACBCPar.cs new file mode 100644 index 0000000..9ae9f6f --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/misc/IDEACBCPar.cs @@ -0,0 +1,63 @@ +using System; + +using Org.BouncyCastle.Asn1; + +namespace Org.BouncyCastle.Asn1.Misc +{ + public class IdeaCbcPar + : Asn1Encodable + { + internal Asn1OctetString iv; + + public static IdeaCbcPar GetInstance( + object o) + { + if (o is IdeaCbcPar) + { + return (IdeaCbcPar) o; + } + + if (o is Asn1Sequence) + { + return new IdeaCbcPar((Asn1Sequence) o); + } + + throw new ArgumentException("unknown object in IDEACBCPar factory"); + } + + public IdeaCbcPar( + byte[] iv) + { + this.iv = new DerOctetString(iv); + } + + private IdeaCbcPar( + Asn1Sequence seq) + { + if (seq.Count == 1) + { + iv = (Asn1OctetString) seq[0]; + } + } + + public byte[] GetIV() + { + return iv == null ? null : iv.GetOctets(); + } + + /** + * Produce an object suitable for an Asn1OutputStream. + * 
+         * IDEA-CBCPar ::= Sequence {
+         *                      iv    OCTET STRING OPTIONAL -- exactly 8 octets
+         *                  }
+         *
+ */ + public override Asn1Object ToAsn1Object() + { + Asn1EncodableVector v = new Asn1EncodableVector(); + v.AddOptional(iv); + return new DerSequence(v); + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/misc/MiscObjectIdentifiers.cs b/BouncyCastle/crypto/src/asn1/misc/MiscObjectIdentifiers.cs new file mode 100644 index 0000000..1f10188 --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/misc/MiscObjectIdentifiers.cs @@ -0,0 +1,96 @@ +namespace Org.BouncyCastle.Asn1.Misc +{ + public abstract class MiscObjectIdentifiers + { + // + // Netscape + // iso/itu(2) joint-assign(16) us(840) uscompany(1) Netscape(113730) cert-extensions(1) } + // + public static readonly DerObjectIdentifier Netscape = new DerObjectIdentifier("2.16.840.1.113730.1"); + public static readonly DerObjectIdentifier NetscapeCertType = Netscape.Branch("1"); + public static readonly DerObjectIdentifier NetscapeBaseUrl = Netscape.Branch("2"); + public static readonly DerObjectIdentifier NetscapeRevocationUrl = Netscape.Branch("3"); + public static readonly DerObjectIdentifier NetscapeCARevocationUrl = Netscape.Branch("4"); + public static readonly DerObjectIdentifier NetscapeRenewalUrl = Netscape.Branch("7"); + public static readonly DerObjectIdentifier NetscapeCAPolicyUrl = Netscape.Branch("8"); + public static readonly DerObjectIdentifier NetscapeSslServerName = Netscape.Branch("12"); + public static readonly DerObjectIdentifier NetscapeCertComment = Netscape.Branch("13"); + + // + // Verisign + // iso/itu(2) joint-assign(16) us(840) uscompany(1) verisign(113733) cert-extensions(1) } + // + public static readonly DerObjectIdentifier Verisign = new DerObjectIdentifier("2.16.840.1.113733.1"); + + // + // CZAG - country, zip, age, and gender + // + public static readonly DerObjectIdentifier VerisignCzagExtension = Verisign.Branch("6.3"); + + public static readonly DerObjectIdentifier VerisignPrivate_6_9 = Verisign.Branch("6.9"); + public static readonly DerObjectIdentifier VerisignOnSiteJurisdictionHash = Verisign.Branch("6.11"); + public static readonly DerObjectIdentifier VerisignBitString_6_13 = Verisign.Branch("6.13"); + + // D&B D-U-N-S number + public static readonly DerObjectIdentifier VerisignDnbDunsNumber = Verisign.Branch("6.15"); + + public static readonly DerObjectIdentifier VerisignIssStrongCrypto = Verisign.Branch("8.1"); + + // + // Novell + // iso/itu(2) country(16) us(840) organization(1) novell(113719) + // + public static readonly string Novell = "2.16.840.1.113719"; + public static readonly DerObjectIdentifier NovellSecurityAttribs = new DerObjectIdentifier(Novell + ".1.9.4.1"); + + // + // Entrust + // iso(1) member-body(16) us(840) nortelnetworks(113533) entrust(7) + // + public static readonly string Entrust = "1.2.840.113533.7"; + public static readonly DerObjectIdentifier EntrustVersionExtension = new DerObjectIdentifier(Entrust + ".65.0"); + + public static readonly DerObjectIdentifier cast5CBC = new DerObjectIdentifier(Entrust+ ".66.10"); + + // + // HMAC-SHA1 hMAC-SHA1 OBJECT IDENTIFIER ::= { iso(1) identified-organization(3) + // dod(6) internet(1) security(5) mechanisms(5) 8 1 2 } + // + public static readonly DerObjectIdentifier HMAC_SHA1 = new DerObjectIdentifier("1.3.6.1.5.5.8.1.2"); + + // + // Ascom + // + public static readonly DerObjectIdentifier as_sys_sec_alg_ideaCBC = new DerObjectIdentifier("1.3.6.1.4.1.188.7.1.1.2"); + + // + // Peter Gutmann's Cryptlib + // + public static readonly DerObjectIdentifier cryptlib = new DerObjectIdentifier("1.3.6.1.4.1.3029"); + + public static readonly DerObjectIdentifier cryptlib_algorithm = cryptlib.Branch("1"); + public static readonly DerObjectIdentifier cryptlib_algorithm_blowfish_ECB = cryptlib_algorithm.Branch("1.1"); + public static readonly DerObjectIdentifier cryptlib_algorithm_blowfish_CBC = cryptlib_algorithm.Branch("1.2"); + public static readonly DerObjectIdentifier cryptlib_algorithm_blowfish_CFB = cryptlib_algorithm.Branch("1.3"); + public static readonly DerObjectIdentifier cryptlib_algorithm_blowfish_OFB = cryptlib_algorithm.Branch("1.4"); + + // + // Blake2b + // + public static readonly DerObjectIdentifier blake2 = new DerObjectIdentifier("1.3.6.1.4.1.1722.12.2"); + + public static readonly DerObjectIdentifier id_blake2b160 = blake2.Branch("1.5"); + public static readonly DerObjectIdentifier id_blake2b256 = blake2.Branch("1.8"); + public static readonly DerObjectIdentifier id_blake2b384 = blake2.Branch("1.12"); + public static readonly DerObjectIdentifier id_blake2b512 = blake2.Branch("1.16"); + + public static readonly DerObjectIdentifier id_blake2s128 = blake2.Branch("2.4"); + public static readonly DerObjectIdentifier id_blake2s160 = blake2.Branch("2.5"); + public static readonly DerObjectIdentifier id_blake2s224 = blake2.Branch("2.7"); + public static readonly DerObjectIdentifier id_blake2s256 = blake2.Branch("2.8"); + + // + // Scrypt + public static readonly DerObjectIdentifier id_scrypt = new DerObjectIdentifier("1.3.6.1.4.1.11591.4.11"); + } +} diff --git a/BouncyCastle/crypto/src/asn1/misc/NetscapeCertType.cs b/BouncyCastle/crypto/src/asn1/misc/NetscapeCertType.cs new file mode 100644 index 0000000..d809eae --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/misc/NetscapeCertType.cs @@ -0,0 +1,54 @@ +using Org.BouncyCastle.Asn1; + +namespace Org.BouncyCastle.Asn1.Misc +{ + /** + * The NetscapeCertType object. + * 
+     *    NetscapeCertType ::= BIT STRING {
+     *         SSLClient               (0),
+     *         SSLServer               (1),
+     *         S/MIME                  (2),
+     *         Object Signing          (3),
+     *         Reserved                (4),
+     *         SSL CA                  (5),
+     *         S/MIME CA               (6),
+     *         Object Signing CA       (7) }
+     *
+ */ + public class NetscapeCertType + : DerBitString + { + public const int SslClient = (1 << 7); + public const int SslServer = (1 << 6); + public const int Smime = (1 << 5); + public const int ObjectSigning = (1 << 4); + public const int Reserved = (1 << 3); + public const int SslCA = (1 << 2); + public const int SmimeCA = (1 << 1); + public const int ObjectSigningCA = (1 << 0); + + /** + * Basic constructor. + * + * @param usage - the bitwise OR of the Key Usage flags giving the + * allowed uses for the key. + * e.g. (X509NetscapeCertType.sslCA | X509NetscapeCertType.smimeCA) + */ + public NetscapeCertType(int usage) + : base(usage) + { + } + + public NetscapeCertType(DerBitString usage) + : base(usage.GetBytes(), usage.PadBits) + { + } + + public override string ToString() + { + byte[] data = GetBytes(); + return "NetscapeCertType: 0x" + (data[0] & 0xff).ToString("X"); + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/misc/NetscapeRevocationURL.cs b/BouncyCastle/crypto/src/asn1/misc/NetscapeRevocationURL.cs new file mode 100644 index 0000000..6cac031 --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/misc/NetscapeRevocationURL.cs @@ -0,0 +1,18 @@ +using Org.BouncyCastle.Asn1; + +namespace Org.BouncyCastle.Asn1.Misc +{ + public class NetscapeRevocationUrl + : DerIA5String + { + public NetscapeRevocationUrl(DerIA5String str) + : base(str.GetString()) + { + } + + public override string ToString() + { + return "NetscapeRevocationUrl: " + this.GetString(); + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/misc/VerisignCzagExtension.cs b/BouncyCastle/crypto/src/asn1/misc/VerisignCzagExtension.cs new file mode 100644 index 0000000..1c3054b --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/misc/VerisignCzagExtension.cs @@ -0,0 +1,18 @@ +using Org.BouncyCastle.Asn1; + +namespace Org.BouncyCastle.Asn1.Misc +{ + public class VerisignCzagExtension + : DerIA5String + { + public VerisignCzagExtension(DerIA5String str) + : base(str.GetString()) + { + } + + public override string ToString() + { + return "VerisignCzagExtension: " + this.GetString(); + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/mozilla/PublicKeyAndChallenge.cs b/BouncyCastle/crypto/src/asn1/mozilla/PublicKeyAndChallenge.cs new file mode 100644 index 0000000..ff2a119 --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/mozilla/PublicKeyAndChallenge.cs @@ -0,0 +1,68 @@ +using System; + +using Org.BouncyCastle.Asn1.X509; +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Asn1.Mozilla +{ + /** + * This is designed to parse + * the PublicKeyAndChallenge created by the KEYGEN tag included by + * Mozilla based browsers. + * 
+	 *  PublicKeyAndChallenge ::= SEQUENCE {
+	 *    spki SubjectPublicKeyInfo,
+	 *    challenge IA5STRING
+	 *  }
+	 *
+	 *
+ */ + public class PublicKeyAndChallenge + : Asn1Encodable + { + private Asn1Sequence pkacSeq; + private SubjectPublicKeyInfo spki; + private DerIA5String challenge; + + public static PublicKeyAndChallenge GetInstance( + object obj) + { + if (obj is PublicKeyAndChallenge) + { + return (PublicKeyAndChallenge) obj; + } + + if (obj is Asn1Sequence) + { + return new PublicKeyAndChallenge((Asn1Sequence) obj); + } + + throw new ArgumentException( + "unknown object in 'PublicKeyAndChallenge' factory : " + + Platform.GetTypeName(obj) + "."); + } + + public PublicKeyAndChallenge( + Asn1Sequence seq) + { + pkacSeq = seq; + spki = SubjectPublicKeyInfo.GetInstance(seq[0]); + challenge = DerIA5String.GetInstance(seq[1]); + } + + public override Asn1Object ToAsn1Object() + { + return pkacSeq; + } + + public SubjectPublicKeyInfo SubjectPublicKeyInfo + { + get { return spki; } + } + + public DerIA5String Challenge + { + get { return challenge; } + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/nist/KMACwithSHAKE128_params.cs b/BouncyCastle/crypto/src/asn1/nist/KMACwithSHAKE128_params.cs new file mode 100644 index 0000000..a1fd8f4 --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/nist/KMACwithSHAKE128_params.cs @@ -0,0 +1,103 @@ +using Org.BouncyCastle.Utilities; +using System; + + +namespace Org.BouncyCastle.Asn1.Nist +{ + /// + /// KMACwithSHAKE128-params ::= SEQUENCE { + /// kMACOutputLength INTEGER DEFAULT 256, -- Output length in bits + /// customizationString OCTET STRING DEFAULT ''H + /// } + /// +public class KMacWithShake128Params : Asn1Encodable +{ + private static readonly byte[] EMPTY_STRING = new byte[0]; + private static readonly int DEF_LENGTH = 256; + + private readonly int outputLength; + private readonly byte[] customizationString; + + public KMacWithShake128Params(int outputLength) + { + this.outputLength = outputLength; + this.customizationString = EMPTY_STRING; + } + + public KMacWithShake128Params(int outputLength, byte[] customizationString) + { + this.outputLength = outputLength; + this.customizationString = Arrays.Clone(customizationString); + } + + public static KMacWithShake128Params GetInstance(object o) + { + if (o is KMacWithShake128Params) + { + return (KMacWithShake128Params)o; + } + else if (o != null) + { + return new KMacWithShake128Params(Asn1Sequence.GetInstance(o)); + } + + return null; + } + + private KMacWithShake128Params(Asn1Sequence seq) + { + if (seq.Count > 2) + throw new InvalidOperationException("sequence size greater than 2"); + + if (seq.Count == 2) + { + this.outputLength = DerInteger.GetInstance(seq[0]).IntValueExact; + this.customizationString = Arrays.Clone(Asn1OctetString.GetInstance(seq[1]).GetOctets()); + } + else if (seq.Count == 1) + { + if (seq[0] is DerInteger) + { + this.outputLength = DerInteger.GetInstance(seq[0]).IntValueExact; + this.customizationString = EMPTY_STRING; + } + else + { + this.outputLength = DEF_LENGTH; + this.customizationString = Arrays.Clone(Asn1OctetString.GetInstance(seq[0]).GetOctets()); + } + } + else + { + this.outputLength = DEF_LENGTH; + this.customizationString = EMPTY_STRING; + } + } + + public int OutputLength + { + get { return outputLength; } + } + + public byte[] CustomizationString + { + get { return Arrays.Clone(customizationString); } + } + + public override Asn1Object ToAsn1Object() + { + Asn1EncodableVector v = new Asn1EncodableVector(); + if (outputLength != DEF_LENGTH) + { + v.Add(new DerInteger(outputLength)); + } + + if (customizationString.Length != 0) + { + v.Add(new DerOctetString(CustomizationString)); + } + + return new DerSequence(v); + } +} +} diff --git a/BouncyCastle/crypto/src/asn1/nist/KMACwithSHAKE256_params.cs b/BouncyCastle/crypto/src/asn1/nist/KMACwithSHAKE256_params.cs new file mode 100644 index 0000000..fa74719 --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/nist/KMACwithSHAKE256_params.cs @@ -0,0 +1,102 @@ +using Org.BouncyCastle.Utilities; +using System; + +namespace Org.BouncyCastle.Asn1.Nist +{ + /// + /// KMACwithSHAKE256-params ::= SEQUENCE { + /// kMACOutputLength INTEGER DEFAULT 512, -- Output length in bits + /// customizationString OCTET STRING DEFAULT ''H + /// } + /// +public class KMacWithShake256Params : Asn1Encodable +{ + private static readonly byte[] EMPTY_STRING = new byte[0]; + private static readonly int DEF_LENGTH = 512; + + private readonly int outputLength; + private readonly byte[] customizationString; + + public KMacWithShake256Params(int outputLength) + { + this.outputLength = outputLength; + this.customizationString = EMPTY_STRING; + } + + public KMacWithShake256Params(int outputLength, byte[] customizationString) + { + this.outputLength = outputLength; + this.customizationString = Arrays.Clone(customizationString); + } + + public static KMacWithShake256Params GetInstance(Object o) + { + if (o is KMacWithShake256Params) + { + return (KMacWithShake256Params)o; + } + else if (o != null) + { + return new KMacWithShake256Params(Asn1Sequence.GetInstance(o)); + } + + return null; + } + + private KMacWithShake256Params(Asn1Sequence seq) + { + if (seq.Count > 2) + throw new InvalidOperationException("sequence size greater than 2"); + + if (seq.Count == 2) + { + this.outputLength = DerInteger.GetInstance(seq[0]).IntValueExact; + this.customizationString = Arrays.Clone(Asn1OctetString.GetInstance(seq[1]).GetOctets()); + } + else if (seq.Count == 1) + { + if (seq[0] is DerInteger) + { + this.outputLength = DerInteger.GetInstance(seq[0]).IntValueExact; + this.customizationString = EMPTY_STRING; + } + else + { + this.outputLength = DEF_LENGTH; + this.customizationString = Arrays.Clone(Asn1OctetString.GetInstance(seq[0]).GetOctets()); + } + } + else + { + this.outputLength = DEF_LENGTH; + this.customizationString = EMPTY_STRING; + } + } + + public int OutputLength + { + get { return outputLength; } + } + + public byte[] CustomizationString + { + get { return Arrays.Clone(customizationString); } + } + + public override Asn1Object ToAsn1Object() + { + Asn1EncodableVector v = new Asn1EncodableVector(); + if (outputLength != DEF_LENGTH) + { + v.Add(new DerInteger(outputLength)); + } + + if (customizationString.Length != 0) + { + v.Add(new DerOctetString(CustomizationString)); + } + + return new DerSequence(v); + } +} +} diff --git a/BouncyCastle/crypto/src/asn1/nist/NISTNamedCurves.cs b/BouncyCastle/crypto/src/asn1/nist/NISTNamedCurves.cs new file mode 100644 index 0000000..ee256cc --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/nist/NISTNamedCurves.cs @@ -0,0 +1,111 @@ +using System; +using System.Collections; + +using Org.BouncyCastle.Asn1; +using Org.BouncyCastle.Asn1.Sec; +using Org.BouncyCastle.Asn1.X9; +using Org.BouncyCastle.Utilities; +using Org.BouncyCastle.Utilities.Collections; + +namespace Org.BouncyCastle.Asn1.Nist +{ + /** + * Utility class for fetching curves using their NIST names as published in FIPS-PUB 186-3 + */ + public sealed class NistNamedCurves + { + private NistNamedCurves() + { + } + + private static readonly IDictionary objIds = Platform.CreateHashtable(); + private static readonly IDictionary names = Platform.CreateHashtable(); + + private static void DefineCurveAlias( + string name, + DerObjectIdentifier oid) + { + objIds.Add(Platform.ToUpperInvariant(name), oid); + names.Add(oid, name); + } + + static NistNamedCurves() + { + DefineCurveAlias("B-163", SecObjectIdentifiers.SecT163r2); + DefineCurveAlias("B-233", SecObjectIdentifiers.SecT233r1); + DefineCurveAlias("B-283", SecObjectIdentifiers.SecT283r1); + DefineCurveAlias("B-409", SecObjectIdentifiers.SecT409r1); + DefineCurveAlias("B-571", SecObjectIdentifiers.SecT571r1); + + DefineCurveAlias("K-163", SecObjectIdentifiers.SecT163k1); + DefineCurveAlias("K-233", SecObjectIdentifiers.SecT233k1); + DefineCurveAlias("K-283", SecObjectIdentifiers.SecT283k1); + DefineCurveAlias("K-409", SecObjectIdentifiers.SecT409k1); + DefineCurveAlias("K-571", SecObjectIdentifiers.SecT571k1); + + DefineCurveAlias("P-192", SecObjectIdentifiers.SecP192r1); + DefineCurveAlias("P-224", SecObjectIdentifiers.SecP224r1); + DefineCurveAlias("P-256", SecObjectIdentifiers.SecP256r1); + DefineCurveAlias("P-384", SecObjectIdentifiers.SecP384r1); + DefineCurveAlias("P-521", SecObjectIdentifiers.SecP521r1); + } + + public static X9ECParameters GetByName(string name) + { + DerObjectIdentifier oid = GetOid(name); + return oid == null ? null : SecNamedCurves.GetByOid(oid); + } + + public static X9ECParametersHolder GetByNameLazy(string name) + { + DerObjectIdentifier oid = GetOid(name); + return oid == null ? null : SecNamedCurves.GetByOidLazy(oid); + } + + /** + * return the X9ECParameters object for the named curve represented by + * the passed in object identifier. Null if the curve isn't present. + * + * @param oid an object identifier representing a named curve, if present. + */ + public static X9ECParameters GetByOid(DerObjectIdentifier oid) + { + return names.Contains(oid) ? SecNamedCurves.GetByOid(oid) : null; + } + + public static X9ECParametersHolder GetByOidLazy(DerObjectIdentifier oid) + { + return names.Contains(oid) ? SecNamedCurves.GetByOidLazy(oid) : null; + } + + /** + * return the object identifier signified by the passed in name. Null + * if there is no object identifier associated with name. + * + * @return the object identifier associated with name, if present. + */ + public static DerObjectIdentifier GetOid( + string name) + { + return (DerObjectIdentifier) objIds[Platform.ToUpperInvariant(name)]; + } + + /** + * return the named curve name represented by the given object identifier. + */ + public static string GetName( + DerObjectIdentifier oid) + { + return (string) names[oid]; + } + + /** + * returns an enumeration containing the name strings for curves + * contained in this structure. + */ + public static IEnumerable Names + { + get { return new EnumerableProxy(names.Values); } + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/nist/NISTObjectIdentifiers.cs b/BouncyCastle/crypto/src/asn1/nist/NISTObjectIdentifiers.cs new file mode 100644 index 0000000..417fa8d --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/nist/NISTObjectIdentifiers.cs @@ -0,0 +1,108 @@ +using Org.BouncyCastle.Asn1; + +namespace Org.BouncyCastle.Asn1.Nist +{ + public sealed class NistObjectIdentifiers + { + private NistObjectIdentifiers() + { + } + + // + // NIST + // iso/itu(2) joint-assign(16) us(840) organization(1) gov(101) csor(3) + + // + // nistalgorithms(4) + // + public static readonly DerObjectIdentifier NistAlgorithm = new DerObjectIdentifier("2.16.840.1.101.3.4"); + + public static readonly DerObjectIdentifier HashAlgs = NistAlgorithm.Branch("2"); + + public static readonly DerObjectIdentifier IdSha256 = HashAlgs.Branch("1"); + public static readonly DerObjectIdentifier IdSha384 = HashAlgs.Branch("2"); + public static readonly DerObjectIdentifier IdSha512 = HashAlgs.Branch("3"); + public static readonly DerObjectIdentifier IdSha224 = HashAlgs.Branch("4"); + public static readonly DerObjectIdentifier IdSha512_224 = HashAlgs.Branch("5"); + public static readonly DerObjectIdentifier IdSha512_256 = HashAlgs.Branch("6"); + public static readonly DerObjectIdentifier IdSha3_224 = HashAlgs.Branch("7"); + public static readonly DerObjectIdentifier IdSha3_256 = HashAlgs.Branch("8"); + public static readonly DerObjectIdentifier IdSha3_384 = HashAlgs.Branch("9"); + public static readonly DerObjectIdentifier IdSha3_512 = HashAlgs.Branch("10"); + public static readonly DerObjectIdentifier IdShake128 = HashAlgs.Branch("11"); + public static readonly DerObjectIdentifier IdShake256 = HashAlgs.Branch("12"); + public static readonly DerObjectIdentifier IdHMacWithSha3_224 = HashAlgs.Branch("13"); + public static readonly DerObjectIdentifier IdHMacWithSha3_256 = HashAlgs.Branch("14"); + public static readonly DerObjectIdentifier IdHMacWithSha3_384 = HashAlgs.Branch("15"); + public static readonly DerObjectIdentifier IdHMacWithSha3_512 = HashAlgs.Branch("16"); + public static readonly DerObjectIdentifier IdShake128Len = HashAlgs.Branch("17"); + public static readonly DerObjectIdentifier IdShake256Len = HashAlgs.Branch("18"); + public static readonly DerObjectIdentifier IdKmacWithShake128 = HashAlgs.Branch("19"); + public static readonly DerObjectIdentifier IdKmacWithShake256 = HashAlgs.Branch("20"); + + public static readonly DerObjectIdentifier Aes = new DerObjectIdentifier(NistAlgorithm + ".1"); + + public static readonly DerObjectIdentifier IdAes128Ecb = new DerObjectIdentifier(Aes + ".1"); + public static readonly DerObjectIdentifier IdAes128Cbc = new DerObjectIdentifier(Aes + ".2"); + public static readonly DerObjectIdentifier IdAes128Ofb = new DerObjectIdentifier(Aes + ".3"); + public static readonly DerObjectIdentifier IdAes128Cfb = new DerObjectIdentifier(Aes + ".4"); + public static readonly DerObjectIdentifier IdAes128Wrap = new DerObjectIdentifier(Aes + ".5"); + public static readonly DerObjectIdentifier IdAes128Gcm = new DerObjectIdentifier(Aes + ".6"); + public static readonly DerObjectIdentifier IdAes128Ccm = new DerObjectIdentifier(Aes + ".7"); + + public static readonly DerObjectIdentifier IdAes192Ecb = new DerObjectIdentifier(Aes + ".21"); + public static readonly DerObjectIdentifier IdAes192Cbc = new DerObjectIdentifier(Aes + ".22"); + public static readonly DerObjectIdentifier IdAes192Ofb = new DerObjectIdentifier(Aes + ".23"); + public static readonly DerObjectIdentifier IdAes192Cfb = new DerObjectIdentifier(Aes + ".24"); + public static readonly DerObjectIdentifier IdAes192Wrap = new DerObjectIdentifier(Aes + ".25"); + public static readonly DerObjectIdentifier IdAes192Gcm = new DerObjectIdentifier(Aes + ".26"); + public static readonly DerObjectIdentifier IdAes192Ccm = new DerObjectIdentifier(Aes + ".27"); + + public static readonly DerObjectIdentifier IdAes256Ecb = new DerObjectIdentifier(Aes + ".41"); + public static readonly DerObjectIdentifier IdAes256Cbc = new DerObjectIdentifier(Aes + ".42"); + public static readonly DerObjectIdentifier IdAes256Ofb = new DerObjectIdentifier(Aes + ".43"); + public static readonly DerObjectIdentifier IdAes256Cfb = new DerObjectIdentifier(Aes + ".44"); + public static readonly DerObjectIdentifier IdAes256Wrap = new DerObjectIdentifier(Aes + ".45"); + public static readonly DerObjectIdentifier IdAes256Gcm = new DerObjectIdentifier(Aes + ".46"); + public static readonly DerObjectIdentifier IdAes256Ccm = new DerObjectIdentifier(Aes + ".47"); + + // + // signatures + // + public static readonly DerObjectIdentifier IdDsaWithSha2 = new DerObjectIdentifier(NistAlgorithm + ".3"); + + public static readonly DerObjectIdentifier DsaWithSha224 = new DerObjectIdentifier(IdDsaWithSha2 + ".1"); + public static readonly DerObjectIdentifier DsaWithSha256 = new DerObjectIdentifier(IdDsaWithSha2 + ".2"); + public static readonly DerObjectIdentifier DsaWithSha384 = new DerObjectIdentifier(IdDsaWithSha2 + ".3"); + public static readonly DerObjectIdentifier DsaWithSha512 = new DerObjectIdentifier(IdDsaWithSha2 + ".4"); + + /** 2.16.840.1.101.3.4.3.5 */ + public static readonly DerObjectIdentifier IdDsaWithSha3_224 = new DerObjectIdentifier(IdDsaWithSha2 + ".5"); + /** 2.16.840.1.101.3.4.3.6 */ + public static readonly DerObjectIdentifier IdDsaWithSha3_256 = new DerObjectIdentifier(IdDsaWithSha2 + ".6"); + /** 2.16.840.1.101.3.4.3.7 */ + public static readonly DerObjectIdentifier IdDsaWithSha3_384 = new DerObjectIdentifier(IdDsaWithSha2 + ".7"); + /** 2.16.840.1.101.3.4.3.8 */ + public static readonly DerObjectIdentifier IdDsaWithSha3_512 = new DerObjectIdentifier(IdDsaWithSha2 + ".8"); + + // ECDSA with SHA-3 + /** 2.16.840.1.101.3.4.3.9 */ + public static readonly DerObjectIdentifier IdEcdsaWithSha3_224 = new DerObjectIdentifier(IdDsaWithSha2 + ".9"); + /** 2.16.840.1.101.3.4.3.10 */ + public static readonly DerObjectIdentifier IdEcdsaWithSha3_256 = new DerObjectIdentifier(IdDsaWithSha2 + ".10"); + /** 2.16.840.1.101.3.4.3.11 */ + public static readonly DerObjectIdentifier IdEcdsaWithSha3_384 = new DerObjectIdentifier(IdDsaWithSha2 + ".11"); + /** 2.16.840.1.101.3.4.3.12 */ + public static readonly DerObjectIdentifier IdEcdsaWithSha3_512 = new DerObjectIdentifier(IdDsaWithSha2 + ".12"); + + // RSA PKCS #1 v1.5 Signature with SHA-3 family. + /** 2.16.840.1.101.3.4.3.9 */ + public static readonly DerObjectIdentifier IdRsassaPkcs1V15WithSha3_224 = new DerObjectIdentifier(IdDsaWithSha2 + ".13"); + /** 2.16.840.1.101.3.4.3.10 */ + public static readonly DerObjectIdentifier IdRsassaPkcs1V15WithSha3_256 = new DerObjectIdentifier(IdDsaWithSha2 + ".14"); + /** 2.16.840.1.101.3.4.3.11 */ + public static readonly DerObjectIdentifier IdRsassaPkcs1V15WithSha3_384 = new DerObjectIdentifier(IdDsaWithSha2 + ".15"); + /** 2.16.840.1.101.3.4.3.12 */ + public static readonly DerObjectIdentifier IdRsassaPkcs1V15WithSha3_512 = new DerObjectIdentifier(IdDsaWithSha2 + ".16"); + } +} diff --git a/BouncyCastle/crypto/src/asn1/nsri/NsriObjectIdentifiers.cs b/BouncyCastle/crypto/src/asn1/nsri/NsriObjectIdentifiers.cs new file mode 100644 index 0000000..69d393f --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/nsri/NsriObjectIdentifiers.cs @@ -0,0 +1,59 @@ +using System; + +namespace Org.BouncyCastle.Asn1.Nsri +{ + public sealed class NsriObjectIdentifiers + { + public static readonly DerObjectIdentifier nsri = new DerObjectIdentifier("1.2.410.200046"); + + public static readonly DerObjectIdentifier id_algorithm = nsri.Branch("1"); + + public static readonly DerObjectIdentifier id_sea = id_algorithm.Branch("1"); + public static readonly DerObjectIdentifier id_pad = id_algorithm.Branch("2"); + + public static readonly DerObjectIdentifier id_pad_null = id_algorithm.Branch("0"); + public static readonly DerObjectIdentifier id_pad_1 = id_algorithm.Branch("1"); + + public static readonly DerObjectIdentifier id_aria128_ecb = id_sea.Branch("1"); + public static readonly DerObjectIdentifier id_aria128_cbc = id_sea.Branch("2"); + public static readonly DerObjectIdentifier id_aria128_cfb = id_sea.Branch("3"); + public static readonly DerObjectIdentifier id_aria128_ofb = id_sea.Branch("4"); + public static readonly DerObjectIdentifier id_aria128_ctr = id_sea.Branch("5"); + + public static readonly DerObjectIdentifier id_aria192_ecb = id_sea.Branch("6"); + public static readonly DerObjectIdentifier id_aria192_cbc = id_sea.Branch("7"); + public static readonly DerObjectIdentifier id_aria192_cfb = id_sea.Branch("8"); + public static readonly DerObjectIdentifier id_aria192_ofb = id_sea.Branch("9"); + public static readonly DerObjectIdentifier id_aria192_ctr = id_sea.Branch("10"); + + public static readonly DerObjectIdentifier id_aria256_ecb = id_sea.Branch("11"); + public static readonly DerObjectIdentifier id_aria256_cbc = id_sea.Branch("12"); + public static readonly DerObjectIdentifier id_aria256_cfb = id_sea.Branch("13"); + public static readonly DerObjectIdentifier id_aria256_ofb = id_sea.Branch("14"); + public static readonly DerObjectIdentifier id_aria256_ctr = id_sea.Branch("15"); + + public static readonly DerObjectIdentifier id_aria128_cmac = id_sea.Branch("21"); + public static readonly DerObjectIdentifier id_aria192_cmac = id_sea.Branch("22"); + public static readonly DerObjectIdentifier id_aria256_cmac = id_sea.Branch("23"); + + public static readonly DerObjectIdentifier id_aria128_ocb2 = id_sea.Branch("31"); + public static readonly DerObjectIdentifier id_aria192_ocb2 = id_sea.Branch("32"); + public static readonly DerObjectIdentifier id_aria256_ocb2 = id_sea.Branch("33"); + + public static readonly DerObjectIdentifier id_aria128_gcm = id_sea.Branch("34"); + public static readonly DerObjectIdentifier id_aria192_gcm = id_sea.Branch("35"); + public static readonly DerObjectIdentifier id_aria256_gcm = id_sea.Branch("36"); + + public static readonly DerObjectIdentifier id_aria128_ccm = id_sea.Branch("37"); + public static readonly DerObjectIdentifier id_aria192_ccm = id_sea.Branch("38"); + public static readonly DerObjectIdentifier id_aria256_ccm = id_sea.Branch("39"); + + public static readonly DerObjectIdentifier id_aria128_kw = id_sea.Branch("40"); + public static readonly DerObjectIdentifier id_aria192_kw = id_sea.Branch("41"); + public static readonly DerObjectIdentifier id_aria256_kw = id_sea.Branch("42"); + + public static readonly DerObjectIdentifier id_aria128_kwp = id_sea.Branch("43"); + public static readonly DerObjectIdentifier id_aria192_kwp = id_sea.Branch("44"); + public static readonly DerObjectIdentifier id_aria256_kwp = id_sea.Branch("45"); + } +} diff --git a/BouncyCastle/crypto/src/asn1/ntt/NTTObjectIdentifiers.cs b/BouncyCastle/crypto/src/asn1/ntt/NTTObjectIdentifiers.cs new file mode 100644 index 0000000..cd25956 --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/ntt/NTTObjectIdentifiers.cs @@ -0,0 +1,14 @@ +namespace Org.BouncyCastle.Asn1.Ntt +{ + /// From RFC 3657 + public abstract class NttObjectIdentifiers + { + public static readonly DerObjectIdentifier IdCamellia128Cbc = new DerObjectIdentifier("1.2.392.200011.61.1.1.1.2"); + public static readonly DerObjectIdentifier IdCamellia192Cbc = new DerObjectIdentifier("1.2.392.200011.61.1.1.1.3"); + public static readonly DerObjectIdentifier IdCamellia256Cbc = new DerObjectIdentifier("1.2.392.200011.61.1.1.1.4"); + + public static readonly DerObjectIdentifier IdCamellia128Wrap = new DerObjectIdentifier("1.2.392.200011.61.1.1.3.2"); + public static readonly DerObjectIdentifier IdCamellia192Wrap = new DerObjectIdentifier("1.2.392.200011.61.1.1.3.3"); + public static readonly DerObjectIdentifier IdCamellia256Wrap = new DerObjectIdentifier("1.2.392.200011.61.1.1.3.4"); + } +} diff --git a/BouncyCastle/crypto/src/asn1/ocsp/BasicOCSPResponse.cs b/BouncyCastle/crypto/src/asn1/ocsp/BasicOCSPResponse.cs new file mode 100644 index 0000000..45dadba --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/ocsp/BasicOCSPResponse.cs @@ -0,0 +1,131 @@ +using System; + +using Org.BouncyCastle.Asn1; +using Org.BouncyCastle.Asn1.X509; +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Asn1.Ocsp +{ + public class BasicOcspResponse + : Asn1Encodable + { + private readonly ResponseData tbsResponseData; + private readonly AlgorithmIdentifier signatureAlgorithm; + private readonly DerBitString signature; + private readonly Asn1Sequence certs; + + public static BasicOcspResponse GetInstance( + Asn1TaggedObject obj, + bool explicitly) + { + return GetInstance(Asn1Sequence.GetInstance(obj, explicitly)); + } + + public static BasicOcspResponse GetInstance( + object obj) + { + if (obj == null || obj is BasicOcspResponse) + { + return (BasicOcspResponse)obj; + } + + if (obj is Asn1Sequence) + { + return new BasicOcspResponse((Asn1Sequence)obj); + } + + throw new ArgumentException("unknown object in factory: " + Platform.GetTypeName(obj), "obj"); + } + + public BasicOcspResponse( + ResponseData tbsResponseData, + AlgorithmIdentifier signatureAlgorithm, + DerBitString signature, + Asn1Sequence certs) + { + this.tbsResponseData = tbsResponseData; + this.signatureAlgorithm = signatureAlgorithm; + this.signature = signature; + this.certs = certs; + } + + private BasicOcspResponse( + Asn1Sequence seq) + { + this.tbsResponseData = ResponseData.GetInstance(seq[0]); + this.signatureAlgorithm = AlgorithmIdentifier.GetInstance(seq[1]); + this.signature = (DerBitString)seq[2]; + + if (seq.Count > 3) + { + this.certs = Asn1Sequence.GetInstance((Asn1TaggedObject)seq[3], true); + } + } + + [Obsolete("Use TbsResponseData property instead")] + public ResponseData GetTbsResponseData() + { + return tbsResponseData; + } + + public ResponseData TbsResponseData + { + get { return tbsResponseData; } + } + + [Obsolete("Use SignatureAlgorithm property instead")] + public AlgorithmIdentifier GetSignatureAlgorithm() + { + return signatureAlgorithm; + } + + public AlgorithmIdentifier SignatureAlgorithm + { + get { return signatureAlgorithm; } + } + + [Obsolete("Use Signature property instead")] + public DerBitString GetSignature() + { + return signature; + } + + public DerBitString Signature + { + get { return signature; } + } + + public byte[] GetSignatureOctets() + { + return signature.GetOctets(); + } + + [Obsolete("Use Certs property instead")] + public Asn1Sequence GetCerts() + { + return certs; + } + + public Asn1Sequence Certs + { + get { return certs; } + } + + /** + * Produce an object suitable for an Asn1OutputStream. + * 
+         * BasicOcspResponse       ::= Sequence {
+         *      tbsResponseData      ResponseData,
+         *      signatureAlgorithm   AlgorithmIdentifier,
+         *      signature            BIT STRING,
+         *      certs                [0] EXPLICIT Sequence OF Certificate OPTIONAL }
+         *
+ */ + public override Asn1Object ToAsn1Object() + { + Asn1EncodableVector v = new Asn1EncodableVector(tbsResponseData, signatureAlgorithm, signature); + v.AddOptionalTagged(true, 0, certs); + return new DerSequence(v); + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/ocsp/CertID.cs b/BouncyCastle/crypto/src/asn1/ocsp/CertID.cs new file mode 100644 index 0000000..523f6b8 --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/ocsp/CertID.cs @@ -0,0 +1,99 @@ +using System; + +using Org.BouncyCastle.Asn1; +using Org.BouncyCastle.Asn1.X509; +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Asn1.Ocsp +{ + public class CertID + : Asn1Encodable + { + private readonly AlgorithmIdentifier hashAlgorithm; + private readonly Asn1OctetString issuerNameHash; + private readonly Asn1OctetString issuerKeyHash; + private readonly DerInteger serialNumber; + + public static CertID GetInstance( + Asn1TaggedObject obj, + bool explicitly) + { + return GetInstance(Asn1Sequence.GetInstance(obj, explicitly)); + } + + public static CertID GetInstance( + object obj) + { + if (obj == null || obj is CertID) + { + return (CertID)obj; + } + + if (obj is Asn1Sequence) + { + return new CertID((Asn1Sequence)obj); + } + + throw new ArgumentException("unknown object in factory: " + Platform.GetTypeName(obj), "obj"); + } + + public CertID( + AlgorithmIdentifier hashAlgorithm, + Asn1OctetString issuerNameHash, + Asn1OctetString issuerKeyHash, + DerInteger serialNumber) + { + this.hashAlgorithm = hashAlgorithm; + this.issuerNameHash = issuerNameHash; + this.issuerKeyHash = issuerKeyHash; + this.serialNumber = serialNumber; + } + + private CertID( + Asn1Sequence seq) + { + if (seq.Count != 4) + throw new ArgumentException("Wrong number of elements in sequence", "seq"); + + this.hashAlgorithm = AlgorithmIdentifier.GetInstance(seq[0]); + this.issuerNameHash = Asn1OctetString.GetInstance(seq[1]); + this.issuerKeyHash = Asn1OctetString.GetInstance(seq[2]); + this.serialNumber = DerInteger.GetInstance(seq[3]); + } + + public AlgorithmIdentifier HashAlgorithm + { + get { return hashAlgorithm; } + } + + public Asn1OctetString IssuerNameHash + { + get { return issuerNameHash; } + } + + public Asn1OctetString IssuerKeyHash + { + get { return issuerKeyHash; } + } + + public DerInteger SerialNumber + { + get { return serialNumber; } + } + + /** + * Produce an object suitable for an Asn1OutputStream. + * 
+         * CertID          ::=     Sequence {
+         *     hashAlgorithm       AlgorithmIdentifier,
+         *     issuerNameHash      OCTET STRING, -- Hash of Issuer's DN
+         *     issuerKeyHash       OCTET STRING, -- Hash of Issuers public key
+         *     serialNumber        CertificateSerialNumber }
+         *
+ */ + public override Asn1Object ToAsn1Object() + { + return new DerSequence(hashAlgorithm, issuerNameHash, issuerKeyHash, serialNumber); + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/ocsp/CertStatus.cs b/BouncyCastle/crypto/src/asn1/ocsp/CertStatus.cs new file mode 100644 index 0000000..8a4d224 --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/ocsp/CertStatus.cs @@ -0,0 +1,97 @@ +using System; + +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Asn1.Ocsp +{ + public class CertStatus + : Asn1Encodable, IAsn1Choice + { + private readonly int tagNo; + private readonly Asn1Encodable value; + + /** + * create a CertStatus object with a tag of zero. + */ + public CertStatus() + { + tagNo = 0; + value = DerNull.Instance; + } + + public CertStatus( + RevokedInfo info) + { + tagNo = 1; + value = info; + } + + public CertStatus( + int tagNo, + Asn1Encodable value) + { + this.tagNo = tagNo; + this.value = value; + } + + public CertStatus(Asn1TaggedObject choice) + { + this.tagNo = choice.TagNo; + + switch (choice.TagNo) + { + case 0: + value = Asn1Null.GetInstance(choice, false); + break; + case 1: + value = RevokedInfo.GetInstance(choice, false); + break; + case 2: + value = Asn1Null.GetInstance(choice, false); + break; + default: + throw new ArgumentException("Unknown tag encountered: " + Asn1Utilities.GetTagText(choice)); + } + } + + public static CertStatus GetInstance( + object obj) + { + if (obj == null || obj is CertStatus) + { + return (CertStatus)obj; + } + + if (obj is Asn1TaggedObject) + { + return new CertStatus((Asn1TaggedObject)obj); + } + + throw new ArgumentException("unknown object in factory: " + Platform.GetTypeName(obj), "obj"); + } + + public int TagNo + { + get { return tagNo; } + } + + public Asn1Encodable Status + { + get { return value; } + } + + /** + * Produce an object suitable for an Asn1OutputStream. + * 
+         *  CertStatus ::= CHOICE {
+         *                  good        [0]     IMPLICIT Null,
+         *                  revoked     [1]     IMPLICIT RevokedInfo,
+         *                  unknown     [2]     IMPLICIT UnknownInfo }
+         *
+ */ + public override Asn1Object ToAsn1Object() + { + return new DerTaggedObject(false, tagNo, value); + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/ocsp/CrlID.cs b/BouncyCastle/crypto/src/asn1/ocsp/CrlID.cs new file mode 100644 index 0000000..3b3869a --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/ocsp/CrlID.cs @@ -0,0 +1,69 @@ +using System; +using System.Collections; + +namespace Org.BouncyCastle.Asn1.Ocsp +{ + public class CrlID + : Asn1Encodable + { + private readonly DerIA5String crlUrl; + private readonly DerInteger crlNum; + private readonly DerGeneralizedTime crlTime; + + // TODO Add GetInstance method(s) and amke this private? + public CrlID( + Asn1Sequence seq) + { + foreach (Asn1TaggedObject o in seq) + { + switch (o.TagNo) + { + case 0: + crlUrl = DerIA5String.GetInstance(o, true); + break; + case 1: + crlNum = DerInteger.GetInstance(o, true); + break; + case 2: + crlTime = DerGeneralizedTime.GetInstance(o, true); + break; + default: + throw new ArgumentException("unknown tag number: " + o.TagNo); + } + } + } + + public DerIA5String CrlUrl + { + get { return crlUrl; } + } + + public DerInteger CrlNum + { + get { return crlNum; } + } + + public DerGeneralizedTime CrlTime + { + get { return crlTime; } + } + + /** + * Produce an object suitable for an Asn1OutputStream. + * 
+         * CrlID ::= Sequence {
+         *     crlUrl               [0]     EXPLICIT IA5String OPTIONAL,
+         *     crlNum               [1]     EXPLICIT Integer OPTIONAL,
+         *     crlTime              [2]     EXPLICIT GeneralizedTime OPTIONAL }
+         *
+ */ + public override Asn1Object ToAsn1Object() + { + Asn1EncodableVector v = new Asn1EncodableVector(); + v.AddOptionalTagged(true, 0, crlUrl); + v.AddOptionalTagged(true, 1, crlNum); + v.AddOptionalTagged(true, 2, crlTime); + return new DerSequence(v); + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/ocsp/OCSPObjectIdentifiers.cs b/BouncyCastle/crypto/src/asn1/ocsp/OCSPObjectIdentifiers.cs new file mode 100644 index 0000000..a37c855 --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/ocsp/OCSPObjectIdentifiers.cs @@ -0,0 +1,23 @@ +using Org.BouncyCastle.Asn1; + +namespace Org.BouncyCastle.Asn1.Ocsp +{ + public abstract class OcspObjectIdentifiers + { + internal const string PkixOcspId = "1.3.6.1.5.5.7.48.1"; + + public static readonly DerObjectIdentifier PkixOcsp = new DerObjectIdentifier(PkixOcspId); + public static readonly DerObjectIdentifier PkixOcspBasic = new DerObjectIdentifier(PkixOcspId + ".1"); + + // + // extensions + // + public static readonly DerObjectIdentifier PkixOcspNonce = new DerObjectIdentifier(PkixOcsp + ".2"); + public static readonly DerObjectIdentifier PkixOcspCrl = new DerObjectIdentifier(PkixOcsp + ".3"); + + public static readonly DerObjectIdentifier PkixOcspResponse = new DerObjectIdentifier(PkixOcsp + ".4"); + public static readonly DerObjectIdentifier PkixOcspNocheck = new DerObjectIdentifier(PkixOcsp + ".5"); + public static readonly DerObjectIdentifier PkixOcspArchiveCutoff = new DerObjectIdentifier(PkixOcsp + ".6"); + public static readonly DerObjectIdentifier PkixOcspServiceLocator = new DerObjectIdentifier(PkixOcsp + ".7"); + } +} diff --git a/BouncyCastle/crypto/src/asn1/ocsp/OCSPRequest.cs b/BouncyCastle/crypto/src/asn1/ocsp/OCSPRequest.cs new file mode 100644 index 0000000..6ecd29c --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/ocsp/OCSPRequest.cs @@ -0,0 +1,84 @@ +using System; + +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Asn1.Ocsp +{ + public class OcspRequest + : Asn1Encodable + { + private readonly TbsRequest tbsRequest; + private readonly Signature optionalSignature; + + public static OcspRequest GetInstance( + Asn1TaggedObject obj, + bool explicitly) + { + return GetInstance(Asn1Sequence.GetInstance(obj, explicitly)); + } + + public static OcspRequest GetInstance( + object obj) + { + if (obj == null || obj is OcspRequest) + { + return (OcspRequest)obj; + } + + if (obj is Asn1Sequence) + { + return new OcspRequest((Asn1Sequence)obj); + } + + throw new ArgumentException("unknown object in factory: " + Platform.GetTypeName(obj), "obj"); + } + + public OcspRequest( + TbsRequest tbsRequest, + Signature optionalSignature) + { + if (tbsRequest == null) + throw new ArgumentNullException("tbsRequest"); + + this.tbsRequest = tbsRequest; + this.optionalSignature = optionalSignature; + } + + private OcspRequest( + Asn1Sequence seq) + { + tbsRequest = TbsRequest.GetInstance(seq[0]); + + if (seq.Count == 2) + { + optionalSignature = Signature.GetInstance( + (Asn1TaggedObject)seq[1], true); + } + } + + public TbsRequest TbsRequest + { + get { return tbsRequest; } + } + + public Signature OptionalSignature + { + get { return optionalSignature; } + } + + /** + * Produce an object suitable for an Asn1OutputStream. + * 
+         * OcspRequest     ::=     Sequence {
+         *     tbsRequest                  TBSRequest,
+         *     optionalSignature   [0]     EXPLICIT Signature OPTIONAL }
+         *
+ */ + public override Asn1Object ToAsn1Object() + { + Asn1EncodableVector v = new Asn1EncodableVector(tbsRequest); + v.AddOptionalTagged(true, 0, optionalSignature); + return new DerSequence(v); + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/ocsp/OCSPResponse.cs b/BouncyCastle/crypto/src/asn1/ocsp/OCSPResponse.cs new file mode 100644 index 0000000..6491729 --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/ocsp/OCSPResponse.cs @@ -0,0 +1,85 @@ +using System; + +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Asn1.Ocsp +{ + public class OcspResponse + : Asn1Encodable + { + private readonly OcspResponseStatus responseStatus; + private readonly ResponseBytes responseBytes; + + public static OcspResponse GetInstance( + Asn1TaggedObject obj, + bool explicitly) + { + return GetInstance(Asn1Sequence.GetInstance(obj, explicitly)); + } + + public static OcspResponse GetInstance( + object obj) + { + if (obj == null || obj is OcspResponse) + { + return (OcspResponse)obj; + } + + if (obj is Asn1Sequence) + { + return new OcspResponse((Asn1Sequence)obj); + } + + throw new ArgumentException("unknown object in factory: " + Platform.GetTypeName(obj), "obj"); + } + + public OcspResponse( + OcspResponseStatus responseStatus, + ResponseBytes responseBytes) + { + if (responseStatus == null) + throw new ArgumentNullException("responseStatus"); + + this.responseStatus = responseStatus; + this.responseBytes = responseBytes; + } + + private OcspResponse( + Asn1Sequence seq) + { + responseStatus = new OcspResponseStatus( + DerEnumerated.GetInstance(seq[0])); + + if (seq.Count == 2) + { + responseBytes = ResponseBytes.GetInstance( + (Asn1TaggedObject)seq[1], true); + } + } + + public OcspResponseStatus ResponseStatus + { + get { return responseStatus; } + } + + public ResponseBytes ResponseBytes + { + get { return responseBytes; } + } + + /** + * Produce an object suitable for an Asn1OutputStream. + * 
+         * OcspResponse ::= Sequence {
+         *     responseStatus         OcspResponseStatus,
+         *     responseBytes          [0] EXPLICIT ResponseBytes OPTIONAL }
+         *
+ */ + public override Asn1Object ToAsn1Object() + { + Asn1EncodableVector v = new Asn1EncodableVector(responseStatus); + v.AddOptionalTagged(true, 0, responseBytes); + return new DerSequence(v); + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/ocsp/OCSPResponseStatus.cs b/BouncyCastle/crypto/src/asn1/ocsp/OCSPResponseStatus.cs new file mode 100644 index 0000000..cf52c73 --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/ocsp/OCSPResponseStatus.cs @@ -0,0 +1,41 @@ +using System; + +using Org.BouncyCastle.Asn1; + +namespace Org.BouncyCastle.Asn1.Ocsp +{ + public class OcspResponseStatus + : DerEnumerated + { + public const int Successful = 0; + public const int MalformedRequest = 1; + public const int InternalError = 2; + public const int TryLater = 3; + public const int SignatureRequired = 5; + public const int Unauthorized = 6; + + /** + * The OcspResponseStatus enumeration. + * 
+         * OcspResponseStatus ::= Enumerated {
+         *     successful            (0),  --Response has valid confirmations
+         *     malformedRequest      (1),  --Illegal confirmation request
+         *     internalError         (2),  --Internal error in issuer
+         *     tryLater              (3),  --Try again later
+         *                                 --(4) is not used
+         *     sigRequired           (5),  --Must sign the request
+         *     unauthorized          (6)   --Request unauthorized
+         * }
+         *
+ */ + public OcspResponseStatus(int value) + : base(value) + { + } + + public OcspResponseStatus(DerEnumerated value) + : base(value.IntValueExact) + { + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/ocsp/Request.cs b/BouncyCastle/crypto/src/asn1/ocsp/Request.cs new file mode 100644 index 0000000..21121cb --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/ocsp/Request.cs @@ -0,0 +1,86 @@ +using System; + +using Org.BouncyCastle.Asn1; +using Org.BouncyCastle.Asn1.X509; +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Asn1.Ocsp +{ + public class Request + : Asn1Encodable + { + private readonly CertID reqCert; + private readonly X509Extensions singleRequestExtensions; + + public static Request GetInstance( + Asn1TaggedObject obj, + bool explicitly) + { + return GetInstance(Asn1Sequence.GetInstance(obj, explicitly)); + } + + public static Request GetInstance( + object obj) + { + if (obj == null || obj is Request) + { + return (Request)obj; + } + + if (obj is Asn1Sequence) + { + return new Request((Asn1Sequence)obj); + } + + throw new ArgumentException("unknown object in factory: " + Platform.GetTypeName(obj), "obj"); + } + + public Request( + CertID reqCert, + X509Extensions singleRequestExtensions) + { + if (reqCert == null) + throw new ArgumentNullException("reqCert"); + + this.reqCert = reqCert; + this.singleRequestExtensions = singleRequestExtensions; + } + + private Request( + Asn1Sequence seq) + { + reqCert = CertID.GetInstance(seq[0]); + + if (seq.Count == 2) + { + singleRequestExtensions = X509Extensions.GetInstance( + (Asn1TaggedObject)seq[1], true); + } + } + + public CertID ReqCert + { + get { return reqCert; } + } + + public X509Extensions SingleRequestExtensions + { + get { return singleRequestExtensions; } + } + + /** + * Produce an object suitable for an Asn1OutputStream. + * 
+         * Request         ::=     Sequence {
+         *     reqCert                     CertID,
+         *     singleRequestExtensions     [0] EXPLICIT Extensions OPTIONAL }
+         *
+ */ + public override Asn1Object ToAsn1Object() + { + Asn1EncodableVector v = new Asn1EncodableVector(reqCert); + v.AddOptionalTagged(true, 0, singleRequestExtensions); + return new DerSequence(v); + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/ocsp/ResponderID.cs b/BouncyCastle/crypto/src/asn1/ocsp/ResponderID.cs new file mode 100644 index 0000000..143b173 --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/ocsp/ResponderID.cs @@ -0,0 +1,107 @@ +using System; + +using Org.BouncyCastle.Asn1; +using Org.BouncyCastle.Asn1.X509; + +namespace Org.BouncyCastle.Asn1.Ocsp +{ + public class ResponderID + : Asn1Encodable, IAsn1Choice + { + private readonly Asn1Encodable id; + + public static ResponderID GetInstance( + object obj) + { + if (obj == null || obj is ResponderID) + { + return (ResponderID)obj; + } + + if (obj is DerOctetString) + { + return new ResponderID((DerOctetString)obj); + } + + if (obj is Asn1TaggedObject) + { + Asn1TaggedObject o = (Asn1TaggedObject)obj; + + if (o.TagNo == 1) + { + return new ResponderID(X509Name.GetInstance(o, true)); + } + + return new ResponderID(Asn1OctetString.GetInstance(o, true)); + } + + return new ResponderID(X509Name.GetInstance(obj)); + } + + public ResponderID( + Asn1OctetString id) + { + if (id == null) + throw new ArgumentNullException("id"); + + this.id = id; + } + + public ResponderID( + X509Name id) + { + if (id == null) + throw new ArgumentNullException("id"); + + this.id = id; + } + + public static ResponderID GetInstance( + Asn1TaggedObject obj, + bool isExplicit) + { + return GetInstance(obj.GetObject()); // must be explicitly tagged + } + + public virtual byte[] GetKeyHash() + { + if (id is Asn1OctetString) + { + return ((Asn1OctetString)id).GetOctets(); + } + + return null; + } + + public virtual X509Name Name + { + get + { + if (id is Asn1OctetString) + { + return null; + } + + return X509Name.GetInstance(id); + } + } + + /** + * Produce an object suitable for an Asn1OutputStream. + * 
+         * ResponderID ::= CHOICE {
+         *      byName          [1] Name,
+         *      byKey           [2] KeyHash }
+         *
+ */ + public override Asn1Object ToAsn1Object() + { + if (id is Asn1OctetString) + { + return new DerTaggedObject(true, 2, id); + } + + return new DerTaggedObject(true, 1, id); + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/ocsp/ResponseBytes.cs b/BouncyCastle/crypto/src/asn1/ocsp/ResponseBytes.cs new file mode 100644 index 0000000..d3ea044 --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/ocsp/ResponseBytes.cs @@ -0,0 +1,82 @@ +using System; + +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Asn1.Ocsp +{ + public class ResponseBytes + : Asn1Encodable + { + private readonly DerObjectIdentifier responseType; + private readonly Asn1OctetString response; + + public static ResponseBytes GetInstance( + Asn1TaggedObject obj, + bool explicitly) + { + return GetInstance(Asn1Sequence.GetInstance(obj, explicitly)); + } + + public static ResponseBytes GetInstance( + object obj) + { + if (obj == null || obj is ResponseBytes) + { + return (ResponseBytes)obj; + } + + if (obj is Asn1Sequence) + { + return new ResponseBytes((Asn1Sequence)obj); + } + + throw new ArgumentException("unknown object in factory: " + Platform.GetTypeName(obj), "obj"); + } + + public ResponseBytes( + DerObjectIdentifier responseType, + Asn1OctetString response) + { + if (responseType == null) + throw new ArgumentNullException("responseType"); + if (response == null) + throw new ArgumentNullException("response"); + + this.responseType = responseType; + this.response = response; + } + + private ResponseBytes( + Asn1Sequence seq) + { + if (seq.Count != 2) + throw new ArgumentException("Wrong number of elements in sequence", "seq"); + + this.responseType = DerObjectIdentifier.GetInstance(seq[0]); + this.response = Asn1OctetString.GetInstance(seq[1]); + } + + public DerObjectIdentifier ResponseType + { + get { return responseType; } + } + + public Asn1OctetString Response + { + get { return response; } + } + + /** + * Produce an object suitable for an Asn1OutputStream. + * 
+         * ResponseBytes ::=       Sequence {
+         *     responseType   OBJECT IDENTIFIER,
+         *     response       OCTET STRING }
+         *
+ */ + public override Asn1Object ToAsn1Object() + { + return new DerSequence(responseType, response); + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/ocsp/ResponseData.cs b/BouncyCastle/crypto/src/asn1/ocsp/ResponseData.cs new file mode 100644 index 0000000..a5769c0 --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/ocsp/ResponseData.cs @@ -0,0 +1,153 @@ +using System; + +using Org.BouncyCastle.Asn1.X509; +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Asn1.Ocsp +{ + public class ResponseData + : Asn1Encodable + { + private static readonly DerInteger V1 = new DerInteger(0); + + private readonly bool versionPresent; + private readonly DerInteger version; + private readonly ResponderID responderID; + private readonly DerGeneralizedTime producedAt; + private readonly Asn1Sequence responses; + private readonly X509Extensions responseExtensions; + + public static ResponseData GetInstance( + Asn1TaggedObject obj, + bool explicitly) + { + return GetInstance(Asn1Sequence.GetInstance(obj, explicitly)); + } + + public static ResponseData GetInstance( + object obj) + { + if (obj == null || obj is ResponseData) + { + return (ResponseData)obj; + } + + if (obj is Asn1Sequence) + { + return new ResponseData((Asn1Sequence)obj); + } + + throw new ArgumentException("unknown object in factory: " + Platform.GetTypeName(obj), "obj"); + } + + public ResponseData( + DerInteger version, + ResponderID responderID, + DerGeneralizedTime producedAt, + Asn1Sequence responses, + X509Extensions responseExtensions) + { + this.version = version; + this.responderID = responderID; + this.producedAt = producedAt; + this.responses = responses; + this.responseExtensions = responseExtensions; + } + + public ResponseData( + ResponderID responderID, + DerGeneralizedTime producedAt, + Asn1Sequence responses, + X509Extensions responseExtensions) + : this(V1, responderID, producedAt, responses, responseExtensions) + { + } + + private ResponseData( + Asn1Sequence seq) + { + int index = 0; + + Asn1Encodable enc = seq[0]; + if (enc is Asn1TaggedObject) + { + Asn1TaggedObject o = (Asn1TaggedObject)enc; + + if (o.TagNo == 0) + { + this.versionPresent = true; + this.version = DerInteger.GetInstance(o, true); + index++; + } + else + { + this.version = V1; + } + } + else + { + this.version = V1; + } + + this.responderID = ResponderID.GetInstance(seq[index++]); + this.producedAt = (DerGeneralizedTime)seq[index++]; + this.responses = (Asn1Sequence)seq[index++]; + + if (seq.Count > index) + { + this.responseExtensions = X509Extensions.GetInstance( + (Asn1TaggedObject)seq[index], true); + } + } + + public DerInteger Version + { + get { return version; } + } + + public ResponderID ResponderID + { + get { return responderID; } + } + + public DerGeneralizedTime ProducedAt + { + get { return producedAt; } + } + + public Asn1Sequence Responses + { + get { return responses; } + } + + public X509Extensions ResponseExtensions + { + get { return responseExtensions; } + } + + /** + * Produce an object suitable for an Asn1OutputStream. + * 
+         * ResponseData ::= Sequence {
+         *     version              [0] EXPLICIT Version DEFAULT v1,
+         *     responderID              ResponderID,
+         *     producedAt               GeneralizedTime,
+         *     responses                Sequence OF SingleResponse,
+         *     responseExtensions   [1] EXPLICIT Extensions OPTIONAL }
+         *
+ */ + public override Asn1Object ToAsn1Object() + { + Asn1EncodableVector v = new Asn1EncodableVector(); + + if (versionPresent || !version.Equals(V1)) + { + v.Add(new DerTaggedObject(true, 0, version)); + } + + v.Add(responderID, producedAt, responses); + v.AddOptionalTagged(true, 1, responseExtensions); + return new DerSequence(v); + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/ocsp/RevokedInfo.cs b/BouncyCastle/crypto/src/asn1/ocsp/RevokedInfo.cs new file mode 100644 index 0000000..c67be06 --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/ocsp/RevokedInfo.cs @@ -0,0 +1,91 @@ +using System; + +using Org.BouncyCastle.Asn1.X509; +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Asn1.Ocsp +{ + public class RevokedInfo + : Asn1Encodable + { + private readonly DerGeneralizedTime revocationTime; + private readonly CrlReason revocationReason; + + public static RevokedInfo GetInstance( + Asn1TaggedObject obj, + bool explicitly) + { + return GetInstance(Asn1Sequence.GetInstance(obj, explicitly)); + } + + public static RevokedInfo GetInstance( + object obj) + { + if (obj == null || obj is RevokedInfo) + { + return (RevokedInfo) obj; + } + + if (obj is Asn1Sequence) + { + return new RevokedInfo((Asn1Sequence) obj); + } + + throw new ArgumentException("unknown object in factory: " + Platform.GetTypeName(obj), "obj"); + } + + public RevokedInfo( + DerGeneralizedTime revocationTime) + : this(revocationTime, null) + { + } + + public RevokedInfo( + DerGeneralizedTime revocationTime, + CrlReason revocationReason) + { + if (revocationTime == null) + throw new ArgumentNullException("revocationTime"); + + this.revocationTime = revocationTime; + this.revocationReason = revocationReason; + } + + private RevokedInfo( + Asn1Sequence seq) + { + this.revocationTime = (DerGeneralizedTime) seq[0]; + + if (seq.Count > 1) + { + this.revocationReason = new CrlReason( + DerEnumerated.GetInstance((Asn1TaggedObject) seq[1], true)); + } + } + + public DerGeneralizedTime RevocationTime + { + get { return revocationTime; } + } + + public CrlReason RevocationReason + { + get { return revocationReason; } + } + + /** + * Produce an object suitable for an Asn1OutputStream. + * 
+         * RevokedInfo ::= Sequence {
+         *      revocationTime              GeneralizedTime,
+         *      revocationReason    [0]     EXPLICIT CRLReason OPTIONAL }
+         *
+ */ + public override Asn1Object ToAsn1Object() + { + Asn1EncodableVector v = new Asn1EncodableVector(revocationTime); + v.AddOptionalTagged(true, 0, revocationReason); + return new DerSequence(v); + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/ocsp/ServiceLocator.cs b/BouncyCastle/crypto/src/asn1/ocsp/ServiceLocator.cs new file mode 100644 index 0000000..c6a9514 --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/ocsp/ServiceLocator.cs @@ -0,0 +1,90 @@ +using System; + +using Org.BouncyCastle.Asn1.X509; +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Asn1.Ocsp +{ + public class ServiceLocator + : Asn1Encodable + { + private readonly X509Name issuer; + private readonly Asn1Object locator; + + public static ServiceLocator GetInstance( + Asn1TaggedObject obj, + bool explicitly) + { + return GetInstance(Asn1Sequence.GetInstance(obj, explicitly)); + } + + public static ServiceLocator GetInstance( + object obj) + { + if (obj == null || obj is ServiceLocator) + { + return (ServiceLocator) obj; + } + + if (obj is Asn1Sequence) + { + return new ServiceLocator((Asn1Sequence) obj); + } + + throw new ArgumentException("unknown object in factory: " + Platform.GetTypeName(obj), "obj"); + } + + public ServiceLocator( + X509Name issuer) + : this(issuer, null) + { + } + + public ServiceLocator( + X509Name issuer, + Asn1Object locator) + { + if (issuer == null) + throw new ArgumentNullException("issuer"); + + this.issuer = issuer; + this.locator = locator; + } + + private ServiceLocator( + Asn1Sequence seq) + { + this.issuer = X509Name.GetInstance(seq[0]); + + if (seq.Count > 1) + { + this.locator = seq[1].ToAsn1Object(); + } + } + + public X509Name Issuer + { + get { return issuer; } + } + + public Asn1Object Locator + { + get { return locator; } + } + + /** + * Produce an object suitable for an Asn1OutputStream. + * 
+         * ServiceLocator ::= Sequence {
+         *     issuer    Name,
+         *     locator   AuthorityInfoAccessSyntax OPTIONAL }
+         *
+ */ + public override Asn1Object ToAsn1Object() + { + Asn1EncodableVector v = new Asn1EncodableVector(issuer); + v.AddOptional(locator); + return new DerSequence(v); + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/ocsp/Signature.cs b/BouncyCastle/crypto/src/asn1/ocsp/Signature.cs new file mode 100644 index 0000000..c6f149d --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/ocsp/Signature.cs @@ -0,0 +1,109 @@ +using System; + +using Org.BouncyCastle.Asn1.X509; +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Asn1.Ocsp +{ + public class Signature + : Asn1Encodable + { + internal AlgorithmIdentifier signatureAlgorithm; + internal DerBitString signatureValue; + internal Asn1Sequence certs; + + public static Signature GetInstance( + Asn1TaggedObject obj, + bool explicitly) + { + return GetInstance(Asn1Sequence.GetInstance(obj, explicitly)); + } + + public static Signature GetInstance( + object obj) + { + if (obj == null || obj is Signature) + { + return (Signature)obj; + } + + if (obj is Asn1Sequence) + { + return new Signature((Asn1Sequence)obj); + } + + throw new ArgumentException("unknown object in factory: " + Platform.GetTypeName(obj), "obj"); + } + + public Signature( + AlgorithmIdentifier signatureAlgorithm, + DerBitString signatureValue) + : this(signatureAlgorithm, signatureValue, null) + { + } + + public Signature( + AlgorithmIdentifier signatureAlgorithm, + DerBitString signatureValue, + Asn1Sequence certs) + { + if (signatureAlgorithm == null) + throw new ArgumentException("signatureAlgorithm"); + if (signatureValue == null) + throw new ArgumentException("signatureValue"); + + this.signatureAlgorithm = signatureAlgorithm; + this.signatureValue = signatureValue; + this.certs = certs; + } + + private Signature( + Asn1Sequence seq) + { + signatureAlgorithm = AlgorithmIdentifier.GetInstance(seq[0]); + signatureValue = (DerBitString)seq[1]; + + if (seq.Count == 3) + { + certs = Asn1Sequence.GetInstance( + (Asn1TaggedObject)seq[2], true); + } + } + + public AlgorithmIdentifier SignatureAlgorithm + { + get { return signatureAlgorithm; } + } + + public DerBitString SignatureValue + { + get { return signatureValue; } + } + + public byte[] GetSignatureOctets() + { + return signatureValue.GetOctets(); + } + + public Asn1Sequence Certs + { + get { return certs; } + } + + /** + * Produce an object suitable for an Asn1OutputStream. + * 
+         * Signature       ::=     Sequence {
+         *     signatureAlgorithm      AlgorithmIdentifier,
+         *     signature               BIT STRING,
+         *     certs               [0] EXPLICIT Sequence OF Certificate OPTIONAL}
+         *
+ */ + public override Asn1Object ToAsn1Object() + { + Asn1EncodableVector v = new Asn1EncodableVector(signatureAlgorithm, signatureValue); + v.AddOptionalTagged(true, 0, certs); + return new DerSequence(v); + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/ocsp/SingleResponse.cs b/BouncyCastle/crypto/src/asn1/ocsp/SingleResponse.cs new file mode 100644 index 0000000..ecdf3da --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/ocsp/SingleResponse.cs @@ -0,0 +1,127 @@ +using System; + +using Org.BouncyCastle.Asn1.X509; +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Asn1.Ocsp +{ + public class SingleResponse + : Asn1Encodable + { + private readonly CertID certID; + private readonly CertStatus certStatus; + private readonly DerGeneralizedTime thisUpdate; + private readonly DerGeneralizedTime nextUpdate; + private readonly X509Extensions singleExtensions; + + public SingleResponse( + CertID certID, + CertStatus certStatus, + DerGeneralizedTime thisUpdate, + DerGeneralizedTime nextUpdate, + X509Extensions singleExtensions) + { + this.certID = certID; + this.certStatus = certStatus; + this.thisUpdate = thisUpdate; + this.nextUpdate = nextUpdate; + this.singleExtensions = singleExtensions; + } + + public SingleResponse( + Asn1Sequence seq) + { + this.certID = CertID.GetInstance(seq[0]); + this.certStatus = CertStatus.GetInstance(seq[1]); + this.thisUpdate = (DerGeneralizedTime)seq[2]; + + if (seq.Count > 4) + { + this.nextUpdate = DerGeneralizedTime.GetInstance( + (Asn1TaggedObject) seq[3], true); + this.singleExtensions = X509Extensions.GetInstance( + (Asn1TaggedObject) seq[4], true); + } + else if (seq.Count > 3) + { + Asn1TaggedObject o = (Asn1TaggedObject) seq[3]; + + if (o.TagNo == 0) + { + this.nextUpdate = DerGeneralizedTime.GetInstance(o, true); + } + else + { + this.singleExtensions = X509Extensions.GetInstance(o, true); + } + } + } + + public static SingleResponse GetInstance( + Asn1TaggedObject obj, + bool explicitly) + { + return GetInstance(Asn1Sequence.GetInstance(obj, explicitly)); + } + + public static SingleResponse GetInstance( + object obj) + { + if (obj == null || obj is SingleResponse) + { + return (SingleResponse)obj; + } + + if (obj is Asn1Sequence) + { + return new SingleResponse((Asn1Sequence)obj); + } + + throw new ArgumentException("unknown object in factory: " + Platform.GetTypeName(obj), "obj"); + } + + public CertID CertId + { + get { return certID; } + } + + public CertStatus CertStatus + { + get { return certStatus; } + } + + public DerGeneralizedTime ThisUpdate + { + get { return thisUpdate; } + } + + public DerGeneralizedTime NextUpdate + { + get { return nextUpdate; } + } + + public X509Extensions SingleExtensions + { + get { return singleExtensions; } + } + + /** + * Produce an object suitable for an Asn1OutputStream. + * 
+         *  SingleResponse ::= Sequence {
+         *          certID                       CertID,
+         *          certStatus                   CertStatus,
+         *          thisUpdate                   GeneralizedTime,
+         *          nextUpdate         [0]       EXPLICIT GeneralizedTime OPTIONAL,
+         *          singleExtensions   [1]       EXPLICIT Extensions OPTIONAL }
+         *
+ */ + public override Asn1Object ToAsn1Object() + { + Asn1EncodableVector v = new Asn1EncodableVector(certID, certStatus, thisUpdate); + v.AddOptionalTagged(true, 0, nextUpdate); + v.AddOptionalTagged(true, 1, singleExtensions); + return new DerSequence(v); + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/ocsp/TBSRequest.cs b/BouncyCastle/crypto/src/asn1/ocsp/TBSRequest.cs new file mode 100644 index 0000000..0166c53 --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/ocsp/TBSRequest.cs @@ -0,0 +1,142 @@ +using System; + +using Org.BouncyCastle.Asn1.X509; +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Asn1.Ocsp +{ + public class TbsRequest + : Asn1Encodable + { + private static readonly DerInteger V1 = new DerInteger(0); + + private readonly DerInteger version; + private readonly GeneralName requestorName; + private readonly Asn1Sequence requestList; + private readonly X509Extensions requestExtensions; + + private bool versionSet; + + public static TbsRequest GetInstance( + Asn1TaggedObject obj, + bool explicitly) + { + return GetInstance(Asn1Sequence.GetInstance(obj, explicitly)); + } + + public static TbsRequest GetInstance( + object obj) + { + if (obj == null || obj is TbsRequest) + { + return (TbsRequest)obj; + } + + if (obj is Asn1Sequence) + { + return new TbsRequest((Asn1Sequence)obj); + } + + throw new ArgumentException("unknown object in factory: " + Platform.GetTypeName(obj), "obj"); + } + + public TbsRequest( + GeneralName requestorName, + Asn1Sequence requestList, + X509Extensions requestExtensions) + { + this.version = V1; + this.requestorName = requestorName; + this.requestList = requestList; + this.requestExtensions = requestExtensions; + } + + private TbsRequest( + Asn1Sequence seq) + { + int index = 0; + + Asn1Encodable enc = seq[0]; + if (enc is Asn1TaggedObject) + { + Asn1TaggedObject o = (Asn1TaggedObject) enc; + + if (o.TagNo == 0) + { + versionSet = true; + version = DerInteger.GetInstance(o, true); + index++; + } + else + { + version = V1; + } + } + else + { + version = V1; + } + + if (seq[index] is Asn1TaggedObject) + { + requestorName = GeneralName.GetInstance((Asn1TaggedObject) seq[index++], true); + } + + requestList = (Asn1Sequence) seq[index++]; + + if (seq.Count == (index + 1)) + { + requestExtensions = X509Extensions.GetInstance((Asn1TaggedObject) seq[index], true); + } + } + + public DerInteger Version + { + get { return version; } + } + + public GeneralName RequestorName + { + get { return requestorName; } + } + + public Asn1Sequence RequestList + { + get { return requestList; } + } + + public X509Extensions RequestExtensions + { + get { return requestExtensions; } + } + + /** + * Produce an object suitable for an Asn1OutputStream. + * 
+         * TBSRequest      ::=     Sequence {
+         *     version             [0]     EXPLICIT Version DEFAULT v1,
+         *     requestorName       [1]     EXPLICIT GeneralName OPTIONAL,
+         *     requestList                 Sequence OF Request,
+         *     requestExtensions   [2]     EXPLICIT Extensions OPTIONAL }
+         *
+ */ + public override Asn1Object ToAsn1Object() + { + Asn1EncodableVector v = new Asn1EncodableVector(); + + // + // if default don't include - unless explicitly provided. Not strictly correct + // but required for some requests + // + if (!version.Equals(V1) || versionSet) + { + v.Add(new DerTaggedObject(true, 0, version)); + } + + v.AddOptionalTagged(true, 1, requestorName); + v.Add(requestList); + v.AddOptionalTagged(true, 2, requestExtensions); + return new DerSequence(v); + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/oiw/ElGamalParameter.cs b/BouncyCastle/crypto/src/asn1/oiw/ElGamalParameter.cs new file mode 100644 index 0000000..3e020f0 --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/oiw/ElGamalParameter.cs @@ -0,0 +1,47 @@ +using System; +using System.Collections; + +using Org.BouncyCastle.Asn1; +using Org.BouncyCastle.Math; + +namespace Org.BouncyCastle.Asn1.Oiw +{ + public class ElGamalParameter + : Asn1Encodable + { + internal DerInteger p, g; + + public ElGamalParameter( + BigInteger p, + BigInteger g) + { + this.p = new DerInteger(p); + this.g = new DerInteger(g); + } + + public ElGamalParameter( + Asn1Sequence seq) + { + if (seq.Count != 2) + throw new ArgumentException("Wrong number of elements in sequence", "seq"); + + p = DerInteger.GetInstance(seq[0]); + g = DerInteger.GetInstance(seq[1]); + } + + public BigInteger P + { + get { return p.PositiveValue; } + } + + public BigInteger G + { + get { return g.PositiveValue; } + } + + public override Asn1Object ToAsn1Object() + { + return new DerSequence(p, g); + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/oiw/OIWObjectIdentifiers.cs b/BouncyCastle/crypto/src/asn1/oiw/OIWObjectIdentifiers.cs new file mode 100644 index 0000000..3da2263 --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/oiw/OIWObjectIdentifiers.cs @@ -0,0 +1,29 @@ +namespace Org.BouncyCastle.Asn1.Oiw +{ + public abstract class OiwObjectIdentifiers + { + public static readonly DerObjectIdentifier MD4WithRsa = new DerObjectIdentifier("1.3.14.3.2.2"); + public static readonly DerObjectIdentifier MD5WithRsa = new DerObjectIdentifier("1.3.14.3.2.3"); + public static readonly DerObjectIdentifier MD4WithRsaEncryption = new DerObjectIdentifier("1.3.14.3.2.4"); + + public static readonly DerObjectIdentifier DesEcb = new DerObjectIdentifier("1.3.14.3.2.6"); + public static readonly DerObjectIdentifier DesCbc = new DerObjectIdentifier("1.3.14.3.2.7"); + public static readonly DerObjectIdentifier DesOfb = new DerObjectIdentifier("1.3.14.3.2.8"); + public static readonly DerObjectIdentifier DesCfb = new DerObjectIdentifier("1.3.14.3.2.9"); + + public static readonly DerObjectIdentifier DesEde = new DerObjectIdentifier("1.3.14.3.2.17"); + + // id-SHA1 OBJECT IDENTIFIER ::= + // {iso(1) identified-organization(3) oiw(14) secsig(3) algorithms(2) 26 } // + public static readonly DerObjectIdentifier IdSha1 = new DerObjectIdentifier("1.3.14.3.2.26"); + + public static readonly DerObjectIdentifier DsaWithSha1 = new DerObjectIdentifier("1.3.14.3.2.27"); + + public static readonly DerObjectIdentifier Sha1WithRsa = new DerObjectIdentifier("1.3.14.3.2.29"); + + // ElGamal Algorithm OBJECT IDENTIFIER ::= + // {iso(1) identified-organization(3) oiw(14) dirservsig(7) algorithm(2) encryption(1) 1 } + // + public static readonly DerObjectIdentifier ElGamalAlgorithm = new DerObjectIdentifier("1.3.14.7.2.1.1"); + } +} diff --git a/BouncyCastle/crypto/src/asn1/pkcs/Attribute.cs b/BouncyCastle/crypto/src/asn1/pkcs/Attribute.cs new file mode 100644 index 0000000..1858285 --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/pkcs/Attribute.cs @@ -0,0 +1,79 @@ +using System; + +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Asn1.Pkcs +{ + public class AttributePkcs + : Asn1Encodable + { + private readonly DerObjectIdentifier attrType; + private readonly Asn1Set attrValues; + + /** + * return an Attribute object from the given object. + * + * @param o the object we want converted. + * @exception ArgumentException if the object cannot be converted. + */ + public static AttributePkcs GetInstance( + object obj) + { + AttributePkcs attr = obj as AttributePkcs; + if (obj == null || attr != null) + { + return attr; + } + + Asn1Sequence seq = obj as Asn1Sequence; + if (seq != null) + { + return new AttributePkcs(seq); + } + + throw new ArgumentException("Unknown object in factory: " + Platform.GetTypeName(obj), "obj"); + } + + private AttributePkcs( + Asn1Sequence seq) + { + if (seq.Count != 2) + throw new ArgumentException("Wrong number of elements in sequence", "seq"); + + attrType = DerObjectIdentifier.GetInstance(seq[0]); + attrValues = Asn1Set.GetInstance(seq[1]); + } + + public AttributePkcs( + DerObjectIdentifier attrType, + Asn1Set attrValues) + { + this.attrType = attrType; + this.attrValues = attrValues; + } + + public DerObjectIdentifier AttrType + { + get { return attrType; } + } + + public Asn1Set AttrValues + { + get { return attrValues; } + } + + /** + * Produce an object suitable for an Asn1OutputStream. + * 
+         * Attr ::= Sequence {
+         *     attrType OBJECT IDENTIFIER,
+         *     attrValues Set OF AttributeValue
+         * }
+         *
+ */ + public override Asn1Object ToAsn1Object() + { + return new DerSequence(attrType, attrValues); + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/pkcs/AuthenticatedSafe.cs b/BouncyCastle/crypto/src/asn1/pkcs/AuthenticatedSafe.cs new file mode 100644 index 0000000..6f3b4c8 --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/pkcs/AuthenticatedSafe.cs @@ -0,0 +1,63 @@ +using System; + +using Org.BouncyCastle.Asn1; + +namespace Org.BouncyCastle.Asn1.Pkcs +{ + public class AuthenticatedSafe + : Asn1Encodable + { + private static ContentInfo[] Copy(ContentInfo[] info) + { + return (ContentInfo[])info.Clone(); + } + + public static AuthenticatedSafe GetInstance(object obj) + { + if (obj is AuthenticatedSafe) + return (AuthenticatedSafe)obj; + if (obj == null) + return null; + return new AuthenticatedSafe(Asn1Sequence.GetInstance(obj)); + } + + private readonly ContentInfo[] info; + private readonly bool isBer; + + private AuthenticatedSafe(Asn1Sequence seq) + { + info = new ContentInfo[seq.Count]; + + for (int i = 0; i != info.Length; i++) + { + info[i] = ContentInfo.GetInstance(seq[i]); + } + + isBer = seq is BerSequence; + } + + public AuthenticatedSafe( + ContentInfo[] info) + { + this.info = Copy(info); + this.isBer = true; + } + + public ContentInfo[] GetContentInfo() + { + return Copy(info); + } + + public override Asn1Object ToAsn1Object() + { + if (isBer) + { + return new BerSequence(info); + } + + // TODO bc-java uses DL sequence + //return new DLSequence(info); + return new DerSequence(info); + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/pkcs/CertBag.cs b/BouncyCastle/crypto/src/asn1/pkcs/CertBag.cs new file mode 100644 index 0000000..ddaa353 --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/pkcs/CertBag.cs @@ -0,0 +1,52 @@ +using System; + +namespace Org.BouncyCastle.Asn1.Pkcs +{ + public class CertBag + : Asn1Encodable + { + public static CertBag GetInstance(object obj) + { + if (obj is CertBag) + return (CertBag)obj; + if (obj == null) + return null; + return new CertBag(Asn1Sequence.GetInstance(obj)); + } + + private readonly DerObjectIdentifier certID; + private readonly Asn1Object certValue; + + private CertBag(Asn1Sequence seq) + { + if (seq.Count != 2) + throw new ArgumentException("Wrong number of elements in sequence", "seq"); + + this.certID = DerObjectIdentifier.GetInstance(seq[0]); + this.certValue = Asn1TaggedObject.GetInstance(seq[1]).GetObject(); + } + + public CertBag( + DerObjectIdentifier certID, + Asn1Object certValue) + { + this.certID = certID; + this.certValue = certValue; + } + + public virtual DerObjectIdentifier CertID + { + get { return certID; } + } + + public virtual Asn1Object CertValue + { + get { return certValue; } + } + + public override Asn1Object ToAsn1Object() + { + return new DerSequence(certID, new DerTaggedObject(0, certValue)); + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/pkcs/CertificationRequest.cs b/BouncyCastle/crypto/src/asn1/pkcs/CertificationRequest.cs new file mode 100644 index 0000000..98caa22 --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/pkcs/CertificationRequest.cs @@ -0,0 +1,87 @@ +using System; + +using Org.BouncyCastle.Asn1.X509; + +namespace Org.BouncyCastle.Asn1.Pkcs +{ + /** + * Pkcs10 Certfication request object. + * 
+     * CertificationRequest ::= Sequence {
+     *   certificationRequestInfo  CertificationRequestInfo,
+     *   signatureAlgorithm        AlgorithmIdentifier{{ SignatureAlgorithms }},
+     *   signature                 BIT STRING
+     * }
+     *
+ */ + public class CertificationRequest + : Asn1Encodable + { + protected CertificationRequestInfo reqInfo; + protected AlgorithmIdentifier sigAlgId; + protected DerBitString sigBits; + + public static CertificationRequest GetInstance( + object obj) + { + if (obj is CertificationRequest) + return (CertificationRequest)obj; + + if (obj != null) + return new CertificationRequest((Asn1Sequence)obj); + + return null; + } + + protected CertificationRequest() + { + } + + public CertificationRequest( + CertificationRequestInfo requestInfo, + AlgorithmIdentifier algorithm, + DerBitString signature) + { + this.reqInfo = requestInfo; + this.sigAlgId = algorithm; + this.sigBits = signature; + } + + [Obsolete("Use 'GetInstance' instead")] + public CertificationRequest( + Asn1Sequence seq) + { + if (seq.Count != 3) + throw new ArgumentException("Wrong number of elements in sequence", "seq"); + + reqInfo = CertificationRequestInfo.GetInstance(seq[0]); + sigAlgId = AlgorithmIdentifier.GetInstance(seq[1]); + sigBits = DerBitString.GetInstance(seq[2]); + } + + public CertificationRequestInfo GetCertificationRequestInfo() + { + return reqInfo; + } + + public AlgorithmIdentifier SignatureAlgorithm + { + get { return sigAlgId; } + } + + public DerBitString Signature + { + get { return sigBits; } + } + + public byte[] GetSignatureOctets() + { + return sigBits.GetOctets(); + } + + public override Asn1Object ToAsn1Object() + { + return new DerSequence(reqInfo, sigAlgId, sigBits); + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/pkcs/CertificationRequestInfo.cs b/BouncyCastle/crypto/src/asn1/pkcs/CertificationRequestInfo.cs new file mode 100644 index 0000000..b775014 --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/pkcs/CertificationRequestInfo.cs @@ -0,0 +1,131 @@ +using System; + +using Org.BouncyCastle.Asn1.X509; + +namespace Org.BouncyCastle.Asn1.Pkcs +{ + /** + * Pkcs10 CertificationRequestInfo object. + * 
+     *  CertificationRequestInfo ::= Sequence {
+     *   version             Integer { v1(0) } (v1,...),
+     *   subject             Name,
+     *   subjectPKInfo   SubjectPublicKeyInfo{{ PKInfoAlgorithms }},
+     *   attributes          [0] Attributes{{ CRIAttributes }}
+     *  }
+     *
+     *  Attributes { ATTRIBUTE:IOSet } ::= Set OF Attr{{ IOSet }}
+     *
+     *  Attr { ATTRIBUTE:IOSet } ::= Sequence {
+     *    type    ATTRIBUTE.&id({IOSet}),
+     *    values  Set SIZE(1..MAX) OF ATTRIBUTE.&Type({IOSet}{\@type})
+     *  }
+     *
+ */ + public class CertificationRequestInfo + : Asn1Encodable + { + internal DerInteger version = new DerInteger(0); + internal X509Name subject; + internal SubjectPublicKeyInfo subjectPKInfo; + internal Asn1Set attributes; + + public static CertificationRequestInfo GetInstance(object obj) + { + if (obj is CertificationRequestInfo) + return (CertificationRequestInfo)obj; + if (obj != null) + return new CertificationRequestInfo(Asn1Sequence.GetInstance(obj)); + return null; + } + + public CertificationRequestInfo( + X509Name subject, + SubjectPublicKeyInfo pkInfo, + Asn1Set attributes) + { + this.subject = subject; + this.subjectPKInfo = pkInfo; + this.attributes = attributes; + + ValidateAttributes(attributes); + + if (subject == null || version == null || subjectPKInfo == null) + { + throw new ArgumentException( + "Not all mandatory fields set in CertificationRequestInfo generator."); + } + } + + private CertificationRequestInfo( + Asn1Sequence seq) + { + version = (DerInteger) seq[0]; + + subject = X509Name.GetInstance(seq[1]); + subjectPKInfo = SubjectPublicKeyInfo.GetInstance(seq[2]); + + // + // some CertificationRequestInfo objects seem to treat this field + // as optional. + // + if (seq.Count > 3) + { + DerTaggedObject tagobj = (DerTaggedObject) seq[3]; + attributes = Asn1Set.GetInstance(tagobj, false); + } + + ValidateAttributes(attributes); + + if (subject == null || version == null || subjectPKInfo == null) + { + throw new ArgumentException( + "Not all mandatory fields set in CertificationRequestInfo generator."); + } + } + + public DerInteger Version + { + get { return version; } + } + + public X509Name Subject + { + get { return subject; } + } + + public SubjectPublicKeyInfo SubjectPublicKeyInfo + { + get { return subjectPKInfo; } + } + + public Asn1Set Attributes + { + get { return attributes; } + } + + public override Asn1Object ToAsn1Object() + { + Asn1EncodableVector v = new Asn1EncodableVector(version, subject, subjectPKInfo); + v.AddOptionalTagged(false, 0, attributes); + return new DerSequence(v); + } + + private static void ValidateAttributes(Asn1Set attributes) + { + if (attributes == null) + return; + + foreach (Asn1Encodable ae in attributes) + { + Asn1Object obj = ae.ToAsn1Object(); + AttributePkcs attr = AttributePkcs.GetInstance(obj); + if (attr.AttrType.Equals(PkcsObjectIdentifiers.Pkcs9AtChallengePassword)) + { + if (attr.AttrValues.Count != 1) + throw new ArgumentException("challengePassword attribute must have one value"); + } + } + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/pkcs/ContentInfo.cs b/BouncyCastle/crypto/src/asn1/pkcs/ContentInfo.cs new file mode 100644 index 0000000..526a3c4 --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/pkcs/ContentInfo.cs @@ -0,0 +1,74 @@ +using System; +using System.Collections; + +using Org.BouncyCastle.Asn1; + +namespace Org.BouncyCastle.Asn1.Pkcs +{ + public class ContentInfo + : Asn1Encodable + { + private readonly DerObjectIdentifier contentType; + private readonly Asn1Encodable content; + + public static ContentInfo GetInstance(object obj) + { + if (obj == null) + return null; + ContentInfo existing = obj as ContentInfo; + if (existing != null) + return existing; + return new ContentInfo(Asn1Sequence.GetInstance(obj)); + } + + private ContentInfo( + Asn1Sequence seq) + { + contentType = (DerObjectIdentifier) seq[0]; + + if (seq.Count > 1) + { + content = ((Asn1TaggedObject) seq[1]).GetObject(); + } + } + + public ContentInfo( + DerObjectIdentifier contentType, + Asn1Encodable content) + { + this.contentType = contentType; + this.content = content; + } + + public DerObjectIdentifier ContentType + { + get { return contentType; } + } + + public Asn1Encodable Content + { + get { return content; } + } + + /** + * Produce an object suitable for an Asn1OutputStream. + * 
+         * ContentInfo ::= Sequence {
+         *          contentType ContentType,
+         *          content
+         *          [0] EXPLICIT ANY DEFINED BY contentType OPTIONAL }
+         *
+ */ + public override Asn1Object ToAsn1Object() + { + Asn1EncodableVector v = new Asn1EncodableVector(contentType); + + if (content != null) + { + v.Add(new BerTaggedObject(0, content)); + } + + return new BerSequence(v); + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/pkcs/DHParameter.cs b/BouncyCastle/crypto/src/asn1/pkcs/DHParameter.cs new file mode 100644 index 0000000..23be5d2 --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/pkcs/DHParameter.cs @@ -0,0 +1,67 @@ +using Org.BouncyCastle.Asn1; +using System; +using System.Collections; + +using Org.BouncyCastle.Math; + +namespace Org.BouncyCastle.Asn1.Pkcs +{ + public class DHParameter + : Asn1Encodable + { + internal DerInteger p, g, l; + + public DHParameter( + BigInteger p, + BigInteger g, + int l) + { + this.p = new DerInteger(p); + this.g = new DerInteger(g); + + if (l != 0) + { + this.l = new DerInteger(l); + } + } + + public DHParameter( + Asn1Sequence seq) + { + IEnumerator e = seq.GetEnumerator(); + + e.MoveNext(); + p = (DerInteger)e.Current; + + e.MoveNext(); + g = (DerInteger)e.Current; + + if (e.MoveNext()) + { + l = (DerInteger) e.Current; + } + } + + public BigInteger P + { + get { return p.PositiveValue; } + } + + public BigInteger G + { + get { return g.PositiveValue; } + } + + public BigInteger L + { + get { return l == null ? null : l.PositiveValue; } + } + + public override Asn1Object ToAsn1Object() + { + Asn1EncodableVector v = new Asn1EncodableVector(p, g); + v.AddOptional(l); + return new DerSequence(v); + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/pkcs/EncryptedData.cs b/BouncyCastle/crypto/src/asn1/pkcs/EncryptedData.cs new file mode 100644 index 0000000..cb04f34 --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/pkcs/EncryptedData.cs @@ -0,0 +1,103 @@ +using System; + +using Org.BouncyCastle.Asn1.X509; +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Asn1.Pkcs +{ + /** + * The EncryptedData object. + * 
+     *      EncryptedData ::= Sequence {
+     *           version Version,
+     *           encryptedContentInfo EncryptedContentInfo
+     *      }
+     *
+     *
+     *      EncryptedContentInfo ::= Sequence {
+     *          contentType ContentType,
+     *          contentEncryptionAlgorithm  ContentEncryptionAlgorithmIdentifier,
+     *          encryptedContent [0] IMPLICIT EncryptedContent OPTIONAL
+     *    }
+     *
+     *    EncryptedContent ::= OCTET STRING
+     *
+ */ + public class EncryptedData + : Asn1Encodable + { + private readonly Asn1Sequence data; +// private readonly DerObjectIdentifier bagId; +// private readonly Asn1Object bagValue; + + public static EncryptedData GetInstance( + object obj) + { + if (obj is EncryptedData) + { + return (EncryptedData) obj; + } + + if (obj is Asn1Sequence) + { + return new EncryptedData((Asn1Sequence) obj); + } + + throw new ArgumentException("Unknown object in factory: " + Platform.GetTypeName(obj), "obj"); + } + + private EncryptedData( + Asn1Sequence seq) + { + if (seq.Count != 2) + throw new ArgumentException("Wrong number of elements in sequence", "seq"); + + DerInteger version = (DerInteger)seq[0]; + if (!version.HasValue(0)) + throw new ArgumentException("sequence not version 0"); + + this.data = (Asn1Sequence) seq[1]; + } + + public EncryptedData( + DerObjectIdentifier contentType, + AlgorithmIdentifier encryptionAlgorithm, + Asn1Encodable content) + { + data = new BerSequence( + contentType, + encryptionAlgorithm.ToAsn1Object(), + new BerTaggedObject(false, 0, content)); + } + + public DerObjectIdentifier ContentType + { + get { return (DerObjectIdentifier) data[0]; } + } + + public AlgorithmIdentifier EncryptionAlgorithm + { + get { return AlgorithmIdentifier.GetInstance(data[1]); } + } + + public Asn1OctetString Content + { + get + { + if (data.Count == 3) + { + DerTaggedObject o = (DerTaggedObject) data[2]; + + return Asn1OctetString.GetInstance(o, false); + } + + return null; + } + } + + public override Asn1Object ToAsn1Object() + { + return new BerSequence(new DerInteger(0), data); + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/pkcs/EncryptedPrivateKeyInfo.cs b/BouncyCastle/crypto/src/asn1/pkcs/EncryptedPrivateKeyInfo.cs new file mode 100644 index 0000000..9870270 --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/pkcs/EncryptedPrivateKeyInfo.cs @@ -0,0 +1,79 @@ +using System; +using System.Collections; + +using Org.BouncyCastle.Asn1.X509; +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Asn1.Pkcs +{ + public class EncryptedPrivateKeyInfo + : Asn1Encodable + { + private readonly AlgorithmIdentifier algId; + private readonly Asn1OctetString data; + + private EncryptedPrivateKeyInfo( + Asn1Sequence seq) + { + if (seq.Count != 2) + throw new ArgumentException("Wrong number of elements in sequence", "seq"); + + algId = AlgorithmIdentifier.GetInstance(seq[0]); + data = Asn1OctetString.GetInstance(seq[1]); + } + + public EncryptedPrivateKeyInfo( + AlgorithmIdentifier algId, + byte[] encoding) + { + this.algId = algId; + this.data = new DerOctetString(encoding); + } + + public static EncryptedPrivateKeyInfo GetInstance( + object obj) + { + if (obj is EncryptedPrivateKeyInfo) + { + return (EncryptedPrivateKeyInfo) obj; + } + + if (obj is Asn1Sequence) + { + return new EncryptedPrivateKeyInfo((Asn1Sequence) obj); + } + + throw new ArgumentException("Unknown object in factory: " + Platform.GetTypeName(obj), "obj"); + } + + public AlgorithmIdentifier EncryptionAlgorithm + { + get { return algId; } + } + + public byte[] GetEncryptedData() + { + return data.GetOctets(); + } + + /** + * Produce an object suitable for an Asn1OutputStream. + * 
+         * EncryptedPrivateKeyInfo ::= Sequence {
+         *      encryptionAlgorithm AlgorithmIdentifier {{KeyEncryptionAlgorithms}},
+         *      encryptedData EncryptedData
+         * }
+         *
+         * EncryptedData ::= OCTET STRING
+         *
+         * KeyEncryptionAlgorithms ALGORITHM-IDENTIFIER ::= {
+         *          ... -- For local profiles
+         * }
+         *
+ */ + public override Asn1Object ToAsn1Object() + { + return new DerSequence(algId, data); + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/pkcs/EncryptionScheme.cs b/BouncyCastle/crypto/src/asn1/pkcs/EncryptionScheme.cs new file mode 100644 index 0000000..34d26e1 --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/pkcs/EncryptionScheme.cs @@ -0,0 +1,55 @@ +using System; + +using Org.BouncyCastle.Asn1.X509; +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Asn1.Pkcs +{ + public class EncryptionScheme + : AlgorithmIdentifier + { + public EncryptionScheme( + DerObjectIdentifier objectID) + : base(objectID) + { + } + + public EncryptionScheme( + DerObjectIdentifier objectID, + Asn1Encodable parameters) + : base(objectID, parameters) + { + } + + internal EncryptionScheme( + Asn1Sequence seq) + : this((DerObjectIdentifier)seq[0], seq[1]) + { + } + + public new static EncryptionScheme GetInstance(object obj) + { + if (obj is EncryptionScheme) + { + return (EncryptionScheme)obj; + } + + if (obj is Asn1Sequence) + { + return new EncryptionScheme((Asn1Sequence)obj); + } + + throw new ArgumentException("Unknown object in factory: " + Platform.GetTypeName(obj), "obj"); + } + + public Asn1Object Asn1Object + { + get { return Parameters.ToAsn1Object(); } + } + + public override Asn1Object ToAsn1Object() + { + return new DerSequence(Algorithm, Parameters); + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/pkcs/IssuerAndSerialNumber.cs b/BouncyCastle/crypto/src/asn1/pkcs/IssuerAndSerialNumber.cs new file mode 100644 index 0000000..da863cb --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/pkcs/IssuerAndSerialNumber.cs @@ -0,0 +1,72 @@ +using System; + +using Org.BouncyCastle.Asn1.X509; +using Org.BouncyCastle.Math; +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Asn1.Pkcs +{ + public class IssuerAndSerialNumber + : Asn1Encodable + { + private readonly X509Name name; + private readonly DerInteger certSerialNumber; + + public static IssuerAndSerialNumber GetInstance( + object obj) + { + if (obj is IssuerAndSerialNumber) + { + return (IssuerAndSerialNumber) obj; + } + + if (obj is Asn1Sequence) + { + return new IssuerAndSerialNumber((Asn1Sequence) obj); + } + + throw new ArgumentException("Unknown object in factory: " + Platform.GetTypeName(obj), "obj"); + } + + private IssuerAndSerialNumber( + Asn1Sequence seq) + { + if (seq.Count != 2) + throw new ArgumentException("Wrong number of elements in sequence", "seq"); + + this.name = X509Name.GetInstance(seq[0]); + this.certSerialNumber = DerInteger.GetInstance(seq[1]); + } + + public IssuerAndSerialNumber( + X509Name name, + BigInteger certSerialNumber) + { + this.name = name; + this.certSerialNumber = new DerInteger(certSerialNumber); + } + + public IssuerAndSerialNumber( + X509Name name, + DerInteger certSerialNumber) + { + this.name = name; + this.certSerialNumber = certSerialNumber; + } + + public X509Name Name + { + get { return name; } + } + + public DerInteger CertificateSerialNumber + { + get { return certSerialNumber; } + } + + public override Asn1Object ToAsn1Object() + { + return new DerSequence(name, certSerialNumber); + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/pkcs/KeyDerivationFunc.cs b/BouncyCastle/crypto/src/asn1/pkcs/KeyDerivationFunc.cs new file mode 100644 index 0000000..9fc8985 --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/pkcs/KeyDerivationFunc.cs @@ -0,0 +1,21 @@ +using Org.BouncyCastle.Asn1; +using Org.BouncyCastle.Asn1.X509; + +namespace Org.BouncyCastle.Asn1.Pkcs +{ + public class KeyDerivationFunc + : AlgorithmIdentifier + { + internal KeyDerivationFunc(Asn1Sequence seq) + : base(seq) + { + } + + public KeyDerivationFunc( + DerObjectIdentifier id, + Asn1Encodable parameters) + : base(id, parameters) + { + } + } +} \ No newline at end of file diff --git a/BouncyCastle/crypto/src/asn1/pkcs/MacData.cs b/BouncyCastle/crypto/src/asn1/pkcs/MacData.cs new file mode 100644 index 0000000..c4b7df1 --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/pkcs/MacData.cs @@ -0,0 +1,96 @@ +using System; + +using Org.BouncyCastle.Asn1.X509; +using Org.BouncyCastle.Math; +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Asn1.Pkcs +{ + public class MacData + : Asn1Encodable + { + internal DigestInfo digInfo; + internal byte[] salt; + internal BigInteger iterationCount; + + public static MacData GetInstance( + object obj) + { + if (obj is MacData) + { + return (MacData) obj; + } + + if (obj is Asn1Sequence) + { + return new MacData((Asn1Sequence) obj); + } + + throw new ArgumentException("Unknown object in factory: " + Platform.GetTypeName(obj), "obj"); + } + + private MacData( + Asn1Sequence seq) + { + this.digInfo = DigestInfo.GetInstance(seq[0]); + this.salt = ((Asn1OctetString) seq[1]).GetOctets(); + + if (seq.Count == 3) + { + this.iterationCount = ((DerInteger) seq[2]).Value; + } + else + { + this.iterationCount = BigInteger.One; + } + } + + public MacData( + DigestInfo digInfo, + byte[] salt, + int iterationCount) + { + this.digInfo = digInfo; + this.salt = (byte[]) salt.Clone(); + this.iterationCount = BigInteger.ValueOf(iterationCount); + } + + public DigestInfo Mac + { + get { return digInfo; } + } + + public byte[] GetSalt() + { + return (byte[]) salt.Clone(); + } + + public BigInteger IterationCount + { + get { return iterationCount; } + } + + /** + * 
+		 * MacData ::= SEQUENCE {
+		 *     mac      DigestInfo,
+		 *     macSalt  OCTET STRING,
+		 *     iterations INTEGER DEFAULT 1
+		 *     -- Note: The default is for historic reasons and its use is deprecated. A
+		 *     -- higher value, like 1024 is recommended.
+		 *
+ * @return the basic DERObject construction. + */ + public override Asn1Object ToAsn1Object() + { + Asn1EncodableVector v = new Asn1EncodableVector(digInfo, new DerOctetString(salt)); + + if (!iterationCount.Equals(BigInteger.One)) + { + v.Add(new DerInteger(iterationCount)); + } + + return new DerSequence(v); + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/pkcs/PBEParameter.cs b/BouncyCastle/crypto/src/asn1/pkcs/PBEParameter.cs new file mode 100644 index 0000000..56cea5f --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/pkcs/PBEParameter.cs @@ -0,0 +1,60 @@ +using System; +using System.Collections; + +using Org.BouncyCastle.Math; +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Asn1.Pkcs +{ + public class PbeParameter + : Asn1Encodable + { + private readonly Asn1OctetString salt; + private readonly DerInteger iterationCount; + + public static PbeParameter GetInstance(object obj) + { + if (obj is PbeParameter || obj == null) + { + return (PbeParameter) obj; + } + + if (obj is Asn1Sequence) + { + return new PbeParameter((Asn1Sequence) obj); + } + + throw new ArgumentException("Unknown object in factory: " + Platform.GetTypeName(obj), "obj"); + } + + private PbeParameter(Asn1Sequence seq) + { + if (seq.Count != 2) + throw new ArgumentException("Wrong number of elements in sequence", "seq"); + + salt = Asn1OctetString.GetInstance(seq[0]); + iterationCount = DerInteger.GetInstance(seq[1]); + } + + public PbeParameter(byte[] salt, int iterationCount) + { + this.salt = new DerOctetString(salt); + this.iterationCount = new DerInteger(iterationCount); + } + + public byte[] GetSalt() + { + return salt.GetOctets(); + } + + public BigInteger IterationCount + { + get { return iterationCount.Value; } + } + + public override Asn1Object ToAsn1Object() + { + return new DerSequence(salt, iterationCount); + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/pkcs/PBES2Parameters.cs b/BouncyCastle/crypto/src/asn1/pkcs/PBES2Parameters.cs new file mode 100644 index 0000000..fc6904e --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/pkcs/PBES2Parameters.cs @@ -0,0 +1,65 @@ +using System; + +namespace Org.BouncyCastle.Asn1.Pkcs +{ + public class PbeS2Parameters + : Asn1Encodable + { + private readonly KeyDerivationFunc func; + private readonly EncryptionScheme scheme; + + public static PbeS2Parameters GetInstance(object obj) + { + if (obj == null) + return null; + PbeS2Parameters existing = obj as PbeS2Parameters; + if (existing != null) + return existing; + return new PbeS2Parameters(Asn1Sequence.GetInstance(obj)); + } + + public PbeS2Parameters(KeyDerivationFunc keyDevFunc, EncryptionScheme encScheme) + { + this.func = keyDevFunc; + this.scheme = encScheme; + } + + [Obsolete("Use GetInstance() instead")] + public PbeS2Parameters( + Asn1Sequence seq) + { + if (seq.Count != 2) + throw new ArgumentException("Wrong number of elements in sequence", "seq"); + + Asn1Sequence funcSeq = (Asn1Sequence)seq[0].ToAsn1Object(); + + // TODO Not sure if this special case is really necessary/appropriate + if (funcSeq[0].Equals(PkcsObjectIdentifiers.IdPbkdf2)) + { + func = new KeyDerivationFunc(PkcsObjectIdentifiers.IdPbkdf2, + Pbkdf2Params.GetInstance(funcSeq[1])); + } + else + { + func = new KeyDerivationFunc(funcSeq); + } + + scheme = EncryptionScheme.GetInstance(seq[1].ToAsn1Object()); + } + + public KeyDerivationFunc KeyDerivationFunc + { + get { return func; } + } + + public EncryptionScheme EncryptionScheme + { + get { return scheme; } + } + + public override Asn1Object ToAsn1Object() + { + return new DerSequence(func, scheme); + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/pkcs/PBKDF2Params.cs b/BouncyCastle/crypto/src/asn1/pkcs/PBKDF2Params.cs new file mode 100644 index 0000000..13f469c --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/pkcs/PBKDF2Params.cs @@ -0,0 +1,140 @@ +using System; + +using Org.BouncyCastle.Asn1.X509; +using Org.BouncyCastle.Math; +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Asn1.Pkcs +{ + public class Pbkdf2Params + : Asn1Encodable + { + private static AlgorithmIdentifier algid_hmacWithSHA1 = new AlgorithmIdentifier(PkcsObjectIdentifiers.IdHmacWithSha1, DerNull.Instance); + + private readonly Asn1OctetString octStr; + private readonly DerInteger iterationCount, keyLength; + private readonly AlgorithmIdentifier prf; + + public static Pbkdf2Params GetInstance( + object obj) + { + if (obj == null || obj is Pbkdf2Params) + return (Pbkdf2Params)obj; + + if (obj is Asn1Sequence) + return new Pbkdf2Params((Asn1Sequence)obj); + + throw new ArgumentException("Unknown object in factory: " + Platform.GetTypeName(obj), "obj"); + } + + public Pbkdf2Params( + Asn1Sequence seq) + { + if (seq.Count < 2 || seq.Count > 4) + throw new ArgumentException("Wrong number of elements in sequence", "seq"); + + this.octStr = (Asn1OctetString)seq[0]; + this.iterationCount = (DerInteger)seq[1]; + + Asn1Encodable kl = null, d = null; + if (seq.Count > 3) + { + kl = seq[2]; + d = seq[3]; + } + else if (seq.Count > 2) + { + if (seq[2] is DerInteger) + { + kl = seq[2]; + } + else + { + d = seq[2]; + } + } + if (kl != null) + { + keyLength = (DerInteger)kl; + } + if (d != null) + { + prf = AlgorithmIdentifier.GetInstance(d); + } + } + + public Pbkdf2Params( + byte[] salt, + int iterationCount) + { + this.octStr = new DerOctetString(salt); + this.iterationCount = new DerInteger(iterationCount); + } + + public Pbkdf2Params( + byte[] salt, + int iterationCount, + int keyLength) + : this(salt, iterationCount) + { + this.keyLength = new DerInteger(keyLength); + } + + public Pbkdf2Params( + byte[] salt, + int iterationCount, + int keyLength, + AlgorithmIdentifier prf) + : this(salt, iterationCount, keyLength) + { + this.prf = prf; + } + + public Pbkdf2Params( + byte[] salt, + int iterationCount, + AlgorithmIdentifier prf) + : this(salt, iterationCount) + { + this.prf = prf; + } + + public byte[] GetSalt() + { + return octStr.GetOctets(); + } + + public BigInteger IterationCount + { + get { return iterationCount.Value; } + } + + public BigInteger KeyLength + { + get { return keyLength == null ? null : keyLength.Value; } + } + + public bool IsDefaultPrf + { + get { return prf == null || prf.Equals(algid_hmacWithSHA1); } + } + + public AlgorithmIdentifier Prf + { + get { return prf != null ? prf : algid_hmacWithSHA1; } + } + + public override Asn1Object ToAsn1Object() + { + Asn1EncodableVector v = new Asn1EncodableVector(octStr, iterationCount); + v.AddOptional(keyLength); + + if (!IsDefaultPrf) + { + v.Add(prf); + } + + return new DerSequence(v); + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/pkcs/PKCS12PBEParams.cs b/BouncyCastle/crypto/src/asn1/pkcs/PKCS12PBEParams.cs new file mode 100644 index 0000000..b41c289 --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/pkcs/PKCS12PBEParams.cs @@ -0,0 +1,63 @@ +using System; + +using Org.BouncyCastle.Math; +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Asn1.Pkcs +{ + public class Pkcs12PbeParams + : Asn1Encodable + { + private readonly DerInteger iterations; + private readonly Asn1OctetString iv; + + public Pkcs12PbeParams( + byte[] salt, + int iterations) + { + this.iv = new DerOctetString(salt); + this.iterations = new DerInteger(iterations); + } + + private Pkcs12PbeParams( + Asn1Sequence seq) + { + if (seq.Count != 2) + throw new ArgumentException("Wrong number of elements in sequence", "seq"); + + iv = Asn1OctetString.GetInstance(seq[0]); + iterations = DerInteger.GetInstance(seq[1]); + } + + public static Pkcs12PbeParams GetInstance( + object obj) + { + if (obj is Pkcs12PbeParams) + { + return (Pkcs12PbeParams) obj; + } + + if (obj is Asn1Sequence) + { + return new Pkcs12PbeParams((Asn1Sequence) obj); + } + + throw new ArgumentException("Unknown object in factory: " + Platform.GetTypeName(obj), "obj"); + } + + public BigInteger Iterations + { + get { return iterations.Value; } + } + + public byte[] GetIV() + { + return iv.GetOctets(); + } + + public override Asn1Object ToAsn1Object() + { + return new DerSequence(iv, iterations); + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/pkcs/PKCSObjectIdentifiers.cs b/BouncyCastle/crypto/src/asn1/pkcs/PKCSObjectIdentifiers.cs new file mode 100644 index 0000000..6c7fed4 --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/pkcs/PKCSObjectIdentifiers.cs @@ -0,0 +1,305 @@ +using System; + +namespace Org.BouncyCastle.Asn1.Pkcs +{ + public abstract class PkcsObjectIdentifiers + { + // + // pkcs-1 OBJECT IDENTIFIER ::= { + // iso(1) member-body(2) us(840) rsadsi(113549) pkcs(1) 1 } + // + public const string Pkcs1 = "1.2.840.113549.1.1"; + internal static readonly DerObjectIdentifier Pkcs1Oid = new DerObjectIdentifier(Pkcs1); + + public static readonly DerObjectIdentifier RsaEncryption = Pkcs1Oid.Branch("1"); + public static readonly DerObjectIdentifier MD2WithRsaEncryption = Pkcs1Oid.Branch("2"); + public static readonly DerObjectIdentifier MD4WithRsaEncryption = Pkcs1Oid.Branch("3"); + public static readonly DerObjectIdentifier MD5WithRsaEncryption = Pkcs1Oid.Branch("4"); + public static readonly DerObjectIdentifier Sha1WithRsaEncryption = Pkcs1Oid.Branch("5"); + public static readonly DerObjectIdentifier SrsaOaepEncryptionSet = Pkcs1Oid.Branch("6"); + public static readonly DerObjectIdentifier IdRsaesOaep = Pkcs1Oid.Branch("7"); + public static readonly DerObjectIdentifier IdMgf1 = Pkcs1Oid.Branch("8"); + public static readonly DerObjectIdentifier IdPSpecified = Pkcs1Oid.Branch("9"); + public static readonly DerObjectIdentifier IdRsassaPss = Pkcs1Oid.Branch("10"); + public static readonly DerObjectIdentifier Sha256WithRsaEncryption = Pkcs1Oid.Branch("11"); + public static readonly DerObjectIdentifier Sha384WithRsaEncryption = Pkcs1Oid.Branch("12"); + public static readonly DerObjectIdentifier Sha512WithRsaEncryption = Pkcs1Oid.Branch("13"); + public static readonly DerObjectIdentifier Sha224WithRsaEncryption = Pkcs1Oid.Branch("14"); + /** PKCS#1: 1.2.840.113549.1.1.15 */ + public static readonly DerObjectIdentifier Sha512_224WithRSAEncryption = Pkcs1Oid.Branch("15"); + /** PKCS#1: 1.2.840.113549.1.1.16 */ + public static readonly DerObjectIdentifier Sha512_256WithRSAEncryption = Pkcs1Oid.Branch("16"); + + // + // pkcs-3 OBJECT IDENTIFIER ::= { + // iso(1) member-body(2) us(840) rsadsi(113549) pkcs(1) 3 } + // + public const string Pkcs3 = "1.2.840.113549.1.3"; + + public static readonly DerObjectIdentifier DhKeyAgreement = new DerObjectIdentifier(Pkcs3 + ".1"); + + // + // pkcs-5 OBJECT IDENTIFIER ::= { + // iso(1) member-body(2) us(840) rsadsi(113549) pkcs(1) 5 } + // + public const string Pkcs5 = "1.2.840.113549.1.5"; + + public static readonly DerObjectIdentifier PbeWithMD2AndDesCbc = new DerObjectIdentifier(Pkcs5 + ".1"); + public static readonly DerObjectIdentifier PbeWithMD2AndRC2Cbc = new DerObjectIdentifier(Pkcs5 + ".4"); + public static readonly DerObjectIdentifier PbeWithMD5AndDesCbc = new DerObjectIdentifier(Pkcs5 + ".3"); + public static readonly DerObjectIdentifier PbeWithMD5AndRC2Cbc = new DerObjectIdentifier(Pkcs5 + ".6"); + public static readonly DerObjectIdentifier PbeWithSha1AndDesCbc = new DerObjectIdentifier(Pkcs5 + ".10"); + public static readonly DerObjectIdentifier PbeWithSha1AndRC2Cbc = new DerObjectIdentifier(Pkcs5 + ".11"); + + public static readonly DerObjectIdentifier IdPbeS2 = new DerObjectIdentifier(Pkcs5 + ".13"); + public static readonly DerObjectIdentifier IdPbkdf2 = new DerObjectIdentifier(Pkcs5 + ".12"); + + // + // encryptionAlgorithm OBJECT IDENTIFIER ::= { + // iso(1) member-body(2) us(840) rsadsi(113549) 3 } + // + public const string EncryptionAlgorithm = "1.2.840.113549.3"; + + public static readonly DerObjectIdentifier DesEde3Cbc = new DerObjectIdentifier(EncryptionAlgorithm + ".7"); + public static readonly DerObjectIdentifier RC2Cbc = new DerObjectIdentifier(EncryptionAlgorithm + ".2"); + public static readonly DerObjectIdentifier rc4 = new DerObjectIdentifier(EncryptionAlgorithm + ".4"); + + // + // object identifiers for digests + // + public const string DigestAlgorithm = "1.2.840.113549.2"; + + // + // md2 OBJECT IDENTIFIER ::= + // {iso(1) member-body(2) US(840) rsadsi(113549) DigestAlgorithm(2) 2} + // + public static readonly DerObjectIdentifier MD2 = new DerObjectIdentifier(DigestAlgorithm + ".2"); + + // + // md4 OBJECT IDENTIFIER ::= + // {iso(1) member-body(2) US(840) rsadsi(113549) DigestAlgorithm(2) 4} + // + public static readonly DerObjectIdentifier MD4 = new DerObjectIdentifier(DigestAlgorithm + ".4"); + + // + // md5 OBJECT IDENTIFIER ::= + // {iso(1) member-body(2) US(840) rsadsi(113549) DigestAlgorithm(2) 5} + // + public static readonly DerObjectIdentifier MD5 = new DerObjectIdentifier(DigestAlgorithm + ".5"); + + public static readonly DerObjectIdentifier IdHmacWithSha1 = new DerObjectIdentifier(DigestAlgorithm + ".7"); + public static readonly DerObjectIdentifier IdHmacWithSha224 = new DerObjectIdentifier(DigestAlgorithm + ".8"); + public static readonly DerObjectIdentifier IdHmacWithSha256 = new DerObjectIdentifier(DigestAlgorithm + ".9"); + public static readonly DerObjectIdentifier IdHmacWithSha384 = new DerObjectIdentifier(DigestAlgorithm + ".10"); + public static readonly DerObjectIdentifier IdHmacWithSha512 = new DerObjectIdentifier(DigestAlgorithm + ".11"); + + // + // pkcs-7 OBJECT IDENTIFIER ::= { + // iso(1) member-body(2) us(840) rsadsi(113549) pkcs(1) 7 } + // + public const string Pkcs7 = "1.2.840.113549.1.7"; + + public static readonly DerObjectIdentifier Data = new DerObjectIdentifier(Pkcs7 + ".1"); + public static readonly DerObjectIdentifier SignedData = new DerObjectIdentifier(Pkcs7 + ".2"); + public static readonly DerObjectIdentifier EnvelopedData = new DerObjectIdentifier(Pkcs7 + ".3"); + public static readonly DerObjectIdentifier SignedAndEnvelopedData = new DerObjectIdentifier(Pkcs7 + ".4"); + public static readonly DerObjectIdentifier DigestedData = new DerObjectIdentifier(Pkcs7 + ".5"); + public static readonly DerObjectIdentifier EncryptedData = new DerObjectIdentifier(Pkcs7 + ".6"); + + // + // pkcs-9 OBJECT IDENTIFIER ::= { + // iso(1) member-body(2) us(840) rsadsi(113549) pkcs(1) 9 } + // + public const string Pkcs9 = "1.2.840.113549.1.9"; + + public static readonly DerObjectIdentifier Pkcs9AtEmailAddress = new DerObjectIdentifier(Pkcs9 + ".1"); + public static readonly DerObjectIdentifier Pkcs9AtUnstructuredName = new DerObjectIdentifier(Pkcs9 + ".2"); + public static readonly DerObjectIdentifier Pkcs9AtContentType = new DerObjectIdentifier(Pkcs9 + ".3"); + public static readonly DerObjectIdentifier Pkcs9AtMessageDigest = new DerObjectIdentifier(Pkcs9 + ".4"); + public static readonly DerObjectIdentifier Pkcs9AtSigningTime = new DerObjectIdentifier(Pkcs9 + ".5"); + public static readonly DerObjectIdentifier Pkcs9AtCounterSignature = new DerObjectIdentifier(Pkcs9 + ".6"); + public static readonly DerObjectIdentifier Pkcs9AtChallengePassword = new DerObjectIdentifier(Pkcs9 + ".7"); + public static readonly DerObjectIdentifier Pkcs9AtUnstructuredAddress = new DerObjectIdentifier(Pkcs9 + ".8"); + public static readonly DerObjectIdentifier Pkcs9AtExtendedCertificateAttributes = new DerObjectIdentifier(Pkcs9 + ".9"); + public static readonly DerObjectIdentifier Pkcs9AtSigningDescription = new DerObjectIdentifier(Pkcs9 + ".13"); + public static readonly DerObjectIdentifier Pkcs9AtExtensionRequest = new DerObjectIdentifier(Pkcs9 + ".14"); + public static readonly DerObjectIdentifier Pkcs9AtSmimeCapabilities = new DerObjectIdentifier(Pkcs9 + ".15"); + public static readonly DerObjectIdentifier IdSmime = new DerObjectIdentifier(Pkcs9 + ".16"); + + public static readonly DerObjectIdentifier Pkcs9AtFriendlyName = new DerObjectIdentifier(Pkcs9 + ".20"); + public static readonly DerObjectIdentifier Pkcs9AtLocalKeyID = new DerObjectIdentifier(Pkcs9 + ".21"); + + [Obsolete("Use X509Certificate instead")] + public static readonly DerObjectIdentifier X509CertType = new DerObjectIdentifier(Pkcs9 + ".22.1"); + + public const string CertTypes = Pkcs9 + ".22"; + public static readonly DerObjectIdentifier X509Certificate = new DerObjectIdentifier(CertTypes + ".1"); + public static readonly DerObjectIdentifier SdsiCertificate = new DerObjectIdentifier(CertTypes + ".2"); + + public const string CrlTypes = Pkcs9 + ".23"; + public static readonly DerObjectIdentifier X509Crl = new DerObjectIdentifier(CrlTypes + ".1"); + + public static readonly DerObjectIdentifier IdAlg = IdSmime.Branch("3"); + + public static readonly DerObjectIdentifier IdAlgEsdh = IdAlg.Branch("5"); + public static readonly DerObjectIdentifier IdAlgCms3DesWrap = IdAlg.Branch("6"); + public static readonly DerObjectIdentifier IdAlgCmsRC2Wrap = IdAlg.Branch("7"); + public static readonly DerObjectIdentifier IdAlgPwriKek = IdAlg.Branch("9"); + public static readonly DerObjectIdentifier IdAlgSsdh = IdAlg.Branch("10"); + + /* + * 
+         * -- RSA-KEM Key Transport Algorithm
+         *
+         * id-rsa-kem OID ::= {
+         *      iso(1) member-body(2) us(840) rsadsi(113549) pkcs(1)
+         *      pkcs-9(9) smime(16) alg(3) 14
+         *   }
+         *
+ */ + public static readonly DerObjectIdentifier IdRsaKem = IdAlg.Branch("14"); + + /** + * 
+         * id-alg-AEADChaCha20Poly1305 OBJECT IDENTIFIER ::=
+         * { iso(1) member-body(2) us(840) rsadsi(113549) pkcs(1)
+         *    pkcs9(9) smime(16) alg(3) 18 }
+         *
+         * AEADChaCha20Poly1305Nonce ::= OCTET STRING (SIZE(12))
+         *
+ */ + public static readonly DerObjectIdentifier IdAlgAeadChaCha20Poly1305 = IdAlg.Branch("18"); + + // + // SMIME capability sub oids. + // + public static readonly DerObjectIdentifier PreferSignedData = Pkcs9AtSmimeCapabilities.Branch("1"); + public static readonly DerObjectIdentifier CannotDecryptAny = Pkcs9AtSmimeCapabilities.Branch("2"); + public static readonly DerObjectIdentifier SmimeCapabilitiesVersions = Pkcs9AtSmimeCapabilities.Branch("3"); + + // + // other SMIME attributes + // + public static readonly DerObjectIdentifier IdAAReceiptRequest = IdSmime.Branch("2.1"); + + // + // id-ct OBJECT IDENTIFIER ::= {iso(1) member-body(2) usa(840) + // rsadsi(113549) pkcs(1) pkcs-9(9) smime(16) ct(1)} + // + public const string IdCT = "1.2.840.113549.1.9.16.1"; + + public static readonly DerObjectIdentifier IdCTAuthData = new DerObjectIdentifier(IdCT + ".2"); + public static readonly DerObjectIdentifier IdCTTstInfo = new DerObjectIdentifier(IdCT + ".4"); + public static readonly DerObjectIdentifier IdCTCompressedData = new DerObjectIdentifier(IdCT + ".9"); + public static readonly DerObjectIdentifier IdCTAuthEnvelopedData = new DerObjectIdentifier(IdCT + ".23"); + public static readonly DerObjectIdentifier IdCTTimestampedData = new DerObjectIdentifier(IdCT + ".31"); + + // + // id-cti OBJECT IDENTIFIER ::= {iso(1) member-body(2) usa(840) + // rsadsi(113549) pkcs(1) pkcs-9(9) smime(16) cti(6)} + // + public const string IdCti = "1.2.840.113549.1.9.16.6"; + + public static readonly DerObjectIdentifier IdCtiEtsProofOfOrigin = new DerObjectIdentifier(IdCti + ".1"); + public static readonly DerObjectIdentifier IdCtiEtsProofOfReceipt = new DerObjectIdentifier(IdCti + ".2"); + public static readonly DerObjectIdentifier IdCtiEtsProofOfDelivery = new DerObjectIdentifier(IdCti + ".3"); + public static readonly DerObjectIdentifier IdCtiEtsProofOfSender = new DerObjectIdentifier(IdCti + ".4"); + public static readonly DerObjectIdentifier IdCtiEtsProofOfApproval = new DerObjectIdentifier(IdCti + ".5"); + public static readonly DerObjectIdentifier IdCtiEtsProofOfCreation = new DerObjectIdentifier(IdCti + ".6"); + + // + // id-aa OBJECT IDENTIFIER ::= {iso(1) member-body(2) usa(840) + // rsadsi(113549) pkcs(1) pkcs-9(9) smime(16) attributes(2)} + // + public const string IdAA = "1.2.840.113549.1.9.16.2"; + public static readonly DerObjectIdentifier IdAAOid = new DerObjectIdentifier(IdAA); + + public static readonly DerObjectIdentifier IdAAContentHint = new DerObjectIdentifier(IdAA + ".4"); // See RFC 2634 + public static readonly DerObjectIdentifier IdAAMsgSigDigest = new DerObjectIdentifier(IdAA + ".5"); + public static readonly DerObjectIdentifier IdAAContentReference = new DerObjectIdentifier(IdAA + ".10"); + + /* + * id-aa-encrypKeyPref OBJECT IDENTIFIER ::= {id-aa 11} + * + */ + public static readonly DerObjectIdentifier IdAAEncrypKeyPref = new DerObjectIdentifier(IdAA + ".11"); + public static readonly DerObjectIdentifier IdAASigningCertificate = new DerObjectIdentifier(IdAA + ".12"); + public static readonly DerObjectIdentifier IdAASigningCertificateV2 = new DerObjectIdentifier(IdAA + ".47"); + + public static readonly DerObjectIdentifier IdAAContentIdentifier = new DerObjectIdentifier(IdAA + ".7"); // See RFC 2634 + + /* + * RFC 3126 + */ + public static readonly DerObjectIdentifier IdAASignatureTimeStampToken = new DerObjectIdentifier(IdAA + ".14"); + + public static readonly DerObjectIdentifier IdAAEtsSigPolicyID = new DerObjectIdentifier(IdAA + ".15"); + public static readonly DerObjectIdentifier IdAAEtsCommitmentType = new DerObjectIdentifier(IdAA + ".16"); + public static readonly DerObjectIdentifier IdAAEtsSignerLocation = new DerObjectIdentifier(IdAA + ".17"); + public static readonly DerObjectIdentifier IdAAEtsSignerAttr = new DerObjectIdentifier(IdAA + ".18"); + public static readonly DerObjectIdentifier IdAAEtsOtherSigCert = new DerObjectIdentifier(IdAA + ".19"); + public static readonly DerObjectIdentifier IdAAEtsContentTimestamp = new DerObjectIdentifier(IdAA + ".20"); + public static readonly DerObjectIdentifier IdAAEtsCertificateRefs = new DerObjectIdentifier(IdAA + ".21"); + public static readonly DerObjectIdentifier IdAAEtsRevocationRefs = new DerObjectIdentifier(IdAA + ".22"); + public static readonly DerObjectIdentifier IdAAEtsCertValues = new DerObjectIdentifier(IdAA + ".23"); + public static readonly DerObjectIdentifier IdAAEtsRevocationValues = new DerObjectIdentifier(IdAA + ".24"); + public static readonly DerObjectIdentifier IdAAEtsEscTimeStamp = new DerObjectIdentifier(IdAA + ".25"); + public static readonly DerObjectIdentifier IdAAEtsCertCrlTimestamp = new DerObjectIdentifier(IdAA + ".26"); + public static readonly DerObjectIdentifier IdAAEtsArchiveTimestamp = new DerObjectIdentifier(IdAA + ".27"); + + /** PKCS#9: 1.2.840.113549.1.9.16.2.37 - RFC 4108 */ + public static readonly DerObjectIdentifier IdAADecryptKeyID = IdAAOid.Branch("37"); + + /** PKCS#9: 1.2.840.113549.1.9.16.2.38 - RFC 4108 */ + public static readonly DerObjectIdentifier IdAAImplCryptoAlgs = IdAAOid.Branch("38"); + + /** PKCS#9: 1.2.840.113549.1.9.16.2.54 RFC7030*/ + public static readonly DerObjectIdentifier IdAAAsymmDecryptKeyID = IdAAOid.Branch("54"); + + /** PKCS#9: 1.2.840.113549.1.9.16.2.43 RFC7030*/ + public static readonly DerObjectIdentifier IdAAImplCompressAlgs = IdAAOid.Branch("43"); + /** PKCS#9: 1.2.840.113549.1.9.16.2.40 RFC7030*/ + public static readonly DerObjectIdentifier IdAACommunityIdentifiers = IdAAOid.Branch("40"); + + [Obsolete("Use 'IdAAEtsSigPolicyID' instead")] + public static readonly DerObjectIdentifier IdAASigPolicyID = IdAAEtsSigPolicyID; + [Obsolete("Use 'IdAAEtsCommitmentType' instead")] + public static readonly DerObjectIdentifier IdAACommitmentType = IdAAEtsCommitmentType; + [Obsolete("Use 'IdAAEtsSignerLocation' instead")] + public static readonly DerObjectIdentifier IdAASignerLocation = IdAAEtsSignerLocation; + [Obsolete("Use 'IdAAEtsOtherSigCert' instead")] + public static readonly DerObjectIdentifier IdAAOtherSigCert = IdAAEtsOtherSigCert; + + // + // id-spq OBJECT IDENTIFIER ::= {iso(1) member-body(2) usa(840) + // rsadsi(113549) pkcs(1) pkcs-9(9) smime(16) id-spq(5)} + // + public const string IdSpq = "1.2.840.113549.1.9.16.5"; + + public static readonly DerObjectIdentifier IdSpqEtsUri = new DerObjectIdentifier(IdSpq + ".1"); + public static readonly DerObjectIdentifier IdSpqEtsUNotice = new DerObjectIdentifier(IdSpq + ".2"); + + // + // pkcs-12 OBJECT IDENTIFIER ::= { + // iso(1) member-body(2) us(840) rsadsi(113549) pkcs(1) 12 } + // + public const string Pkcs12 = "1.2.840.113549.1.12"; + public const string BagTypes = Pkcs12 + ".10.1"; + + public static readonly DerObjectIdentifier KeyBag = new DerObjectIdentifier(BagTypes + ".1"); + public static readonly DerObjectIdentifier Pkcs8ShroudedKeyBag = new DerObjectIdentifier(BagTypes + ".2"); + public static readonly DerObjectIdentifier CertBag = new DerObjectIdentifier(BagTypes + ".3"); + public static readonly DerObjectIdentifier CrlBag = new DerObjectIdentifier(BagTypes + ".4"); + public static readonly DerObjectIdentifier SecretBag = new DerObjectIdentifier(BagTypes + ".5"); + public static readonly DerObjectIdentifier SafeContentsBag = new DerObjectIdentifier(BagTypes + ".6"); + + public const string Pkcs12PbeIds = Pkcs12 + ".1"; + + public static readonly DerObjectIdentifier PbeWithShaAnd128BitRC4 = new DerObjectIdentifier(Pkcs12PbeIds + ".1"); + public static readonly DerObjectIdentifier PbeWithShaAnd40BitRC4 = new DerObjectIdentifier(Pkcs12PbeIds + ".2"); + public static readonly DerObjectIdentifier PbeWithShaAnd3KeyTripleDesCbc = new DerObjectIdentifier(Pkcs12PbeIds + ".3"); + public static readonly DerObjectIdentifier PbeWithShaAnd2KeyTripleDesCbc = new DerObjectIdentifier(Pkcs12PbeIds + ".4"); + public static readonly DerObjectIdentifier PbeWithShaAnd128BitRC2Cbc = new DerObjectIdentifier(Pkcs12PbeIds + ".5"); + public static readonly DerObjectIdentifier PbewithShaAnd40BitRC2Cbc = new DerObjectIdentifier(Pkcs12PbeIds + ".6"); + } +} diff --git a/BouncyCastle/crypto/src/asn1/pkcs/Pfx.cs b/BouncyCastle/crypto/src/asn1/pkcs/Pfx.cs new file mode 100644 index 0000000..c1399e5 --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/pkcs/Pfx.cs @@ -0,0 +1,63 @@ +using System; + +using Org.BouncyCastle.Asn1; +using Org.BouncyCastle.Math; + +namespace Org.BouncyCastle.Asn1.Pkcs +{ + /** + * the infamous Pfx from Pkcs12 + */ + public class Pfx + : Asn1Encodable + { + public static Pfx GetInstance(object obj) + { + if (obj is Pfx) + return (Pfx)obj; + if (obj == null) + return null; + return new Pfx(Asn1Sequence.GetInstance(obj)); + } + + private readonly ContentInfo contentInfo; + private readonly MacData macData; + + private Pfx(Asn1Sequence seq) + { + DerInteger version = DerInteger.GetInstance(seq[0]); + if (!version.HasValue(3)) + throw new ArgumentException("wrong version for PFX PDU"); + + this.contentInfo = ContentInfo.GetInstance(seq[1]); + + if (seq.Count == 3) + { + this.macData = MacData.GetInstance(seq[2]); + } + } + + public Pfx(ContentInfo contentInfo, MacData macData) + { + this.contentInfo = contentInfo; + this.macData = macData; + } + + public ContentInfo AuthSafe + { + get { return contentInfo; } + } + + public MacData MacData + { + get { return macData; } + } + + public override Asn1Object ToAsn1Object() + { + Asn1EncodableVector v = new Asn1EncodableVector(new DerInteger(3), contentInfo); + v.AddOptional(macData); + return new BerSequence(v); + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/pkcs/PrivateKeyInfo.cs b/BouncyCastle/crypto/src/asn1/pkcs/PrivateKeyInfo.cs new file mode 100644 index 0000000..d52a31f --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/pkcs/PrivateKeyInfo.cs @@ -0,0 +1,205 @@ +using System; +using System.Collections; +using System.IO; + +using Org.BouncyCastle.Asn1.X509; +using Org.BouncyCastle.Math; +using Org.BouncyCastle.Utilities.Collections; + +namespace Org.BouncyCastle.Asn1.Pkcs +{ + /** + * RFC 5958 + * + * 
+     *  [IMPLICIT TAGS]
+     *
+     *  OneAsymmetricKey ::= SEQUENCE {
+     *      version                   Version,
+     *      privateKeyAlgorithm       PrivateKeyAlgorithmIdentifier,
+     *      privateKey                PrivateKey,
+     *      attributes            [0] Attributes OPTIONAL,
+     *      ...,
+     *      [[2: publicKey        [1] PublicKey OPTIONAL ]],
+     *      ...
+     *  }
+     *
+     *  PrivateKeyInfo ::= OneAsymmetricKey
+     *
+     *  Version ::= INTEGER { v1(0), v2(1) } (v1, ..., v2)
+     *
+     *  PrivateKeyAlgorithmIdentifier ::= AlgorithmIdentifier
+     *                                     { PUBLIC-KEY,
+     *                                       { PrivateKeyAlgorithms } }
+     *
+     *  PrivateKey ::= OCTET STRING
+     *                     -- Content varies based on type of key.  The
+     *                     -- algorithm identifier dictates the format of
+     *                     -- the key.
+     *
+     *  PublicKey ::= BIT STRING
+     *                     -- Content varies based on type of key.  The
+     *                     -- algorithm identifier dictates the format of
+     *                     -- the key.
+     *
+     *  Attributes ::= SET OF Attribute { { OneAsymmetricKeyAttributes } }
+     *
+ */ + public class PrivateKeyInfo + : Asn1Encodable + { + private readonly DerInteger version; + private readonly AlgorithmIdentifier privateKeyAlgorithm; + private readonly Asn1OctetString privateKey; + private readonly Asn1Set attributes; + private readonly DerBitString publicKey; + + public static PrivateKeyInfo GetInstance(Asn1TaggedObject obj, bool explicitly) + { + return GetInstance(Asn1Sequence.GetInstance(obj, explicitly)); + } + + public static PrivateKeyInfo GetInstance( + object obj) + { + if (obj == null) + return null; + if (obj is PrivateKeyInfo) + return (PrivateKeyInfo)obj; + return new PrivateKeyInfo(Asn1Sequence.GetInstance(obj)); + } + + private static int GetVersionValue(DerInteger version) + { + BigInteger bigValue = version.Value; + if (bigValue.CompareTo(BigInteger.Zero) < 0 || bigValue.CompareTo(BigInteger.One) > 0) + throw new ArgumentException("invalid version for private key info", "version"); + + return bigValue.IntValue; + } + + public PrivateKeyInfo( + AlgorithmIdentifier privateKeyAlgorithm, + Asn1Encodable privateKey) + : this(privateKeyAlgorithm, privateKey, null, null) + { + } + + public PrivateKeyInfo( + AlgorithmIdentifier privateKeyAlgorithm, + Asn1Encodable privateKey, + Asn1Set attributes) + : this(privateKeyAlgorithm, privateKey, attributes, null) + { + } + + public PrivateKeyInfo( + AlgorithmIdentifier privateKeyAlgorithm, + Asn1Encodable privateKey, + Asn1Set attributes, + byte[] publicKey) + { + this.version = new DerInteger(publicKey != null ? BigInteger.One : BigInteger.Zero); + this.privateKeyAlgorithm = privateKeyAlgorithm; + this.privateKey = new DerOctetString(privateKey); + this.attributes = attributes; + this.publicKey = publicKey == null ? null : new DerBitString(publicKey); + } + + private PrivateKeyInfo(Asn1Sequence seq) + { + IEnumerator e = seq.GetEnumerator(); + + this.version = DerInteger.GetInstance(CollectionUtilities.RequireNext(e)); + + int versionValue = GetVersionValue(version); + + this.privateKeyAlgorithm = AlgorithmIdentifier.GetInstance(CollectionUtilities.RequireNext(e)); + this.privateKey = Asn1OctetString.GetInstance(CollectionUtilities.RequireNext(e)); + + int lastTag = -1; + while (e.MoveNext()) + { + Asn1TaggedObject tagged = (Asn1TaggedObject)e.Current; + + int tag = tagged.TagNo; + if (tag <= lastTag) + throw new ArgumentException("invalid optional field in private key info", "seq"); + + lastTag = tag; + + switch (tag) + { + case 0: + { + this.attributes = Asn1Set.GetInstance(tagged, false); + break; + } + case 1: + { + if (versionValue < 1) + throw new ArgumentException("'publicKey' requires version v2(1) or later", "seq"); + + this.publicKey = DerBitString.GetInstance(tagged, false); + break; + } + default: + { + throw new ArgumentException("unknown optional field in private key info", "seq"); + } + } + } + } + + public virtual DerInteger Version + { + get { return version; } + } + + public virtual Asn1Set Attributes + { + get { return attributes; } + } + + /// Return true if a public key is present, false otherwise. + public virtual bool HasPublicKey + { + get { return publicKey != null; } + } + + public virtual AlgorithmIdentifier PrivateKeyAlgorithm + { + get { return privateKeyAlgorithm; } + } + + public virtual Asn1OctetString PrivateKeyData + { + get { return privateKey; } + } + + public virtual Asn1Object ParsePrivateKey() + { + return Asn1Object.FromByteArray(privateKey.GetOctets()); + } + + /// For when the public key is an ASN.1 encoding. + public virtual Asn1Object ParsePublicKey() + { + return publicKey == null ? null : Asn1Object.FromByteArray(publicKey.GetOctets()); + } + + /// Return the public key as a raw bit string. + public virtual DerBitString PublicKeyData + { + get { return publicKey; } + } + + public override Asn1Object ToAsn1Object() + { + Asn1EncodableVector v = new Asn1EncodableVector(version, privateKeyAlgorithm, privateKey); + v.AddOptionalTagged(false, 0, attributes); + v.AddOptionalTagged(false, 1, publicKey); + return new DerSequence(v); + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/pkcs/RC2CBCParameter.cs b/BouncyCastle/crypto/src/asn1/pkcs/RC2CBCParameter.cs new file mode 100644 index 0000000..48591f2 --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/pkcs/RC2CBCParameter.cs @@ -0,0 +1,74 @@ +using System; + +using Org.BouncyCastle.Math; +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Asn1.Pkcs +{ + public class RC2CbcParameter + : Asn1Encodable + { + internal DerInteger version; + internal Asn1OctetString iv; + + public static RC2CbcParameter GetInstance( + object obj) + { + if (obj is Asn1Sequence) + { + return new RC2CbcParameter((Asn1Sequence) obj); + } + + throw new ArgumentException("Unknown object in factory: " + Platform.GetTypeName(obj), "obj"); + } + + public RC2CbcParameter( + byte[] iv) + { + this.iv = new DerOctetString(iv); + } + + public RC2CbcParameter( + int parameterVersion, + byte[] iv) + { + this.version = new DerInteger(parameterVersion); + this.iv = new DerOctetString(iv); + } + + private RC2CbcParameter( + Asn1Sequence seq) + { + if (seq.Count == 1) + { + iv = (Asn1OctetString)seq[0]; + } + else + { + version = (DerInteger)seq[0]; + iv = (Asn1OctetString)seq[1]; + } + } + + public BigInteger RC2ParameterVersion + { + get + { + return version == null ? null : version.Value; + } + } + + public byte[] GetIV() + { + return Arrays.Clone(iv.GetOctets()); + } + + public override Asn1Object ToAsn1Object() + { + Asn1EncodableVector v = new Asn1EncodableVector(); + v.AddOptional(version); + v.Add(iv); + return new DerSequence(v); + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/pkcs/RSAESOAEPparams.cs b/BouncyCastle/crypto/src/asn1/pkcs/RSAESOAEPparams.cs new file mode 100644 index 0000000..2419e33 --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/pkcs/RSAESOAEPparams.cs @@ -0,0 +1,151 @@ +using System; + +using Org.BouncyCastle.Asn1.Oiw; +using Org.BouncyCastle.Asn1.X509; +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Asn1.Pkcs +{ + public class RsaesOaepParameters + : Asn1Encodable + { + private AlgorithmIdentifier hashAlgorithm; + private AlgorithmIdentifier maskGenAlgorithm; + private AlgorithmIdentifier pSourceAlgorithm; + + public readonly static AlgorithmIdentifier DefaultHashAlgorithm = new AlgorithmIdentifier(OiwObjectIdentifiers.IdSha1, DerNull.Instance); + public readonly static AlgorithmIdentifier DefaultMaskGenFunction = new AlgorithmIdentifier(PkcsObjectIdentifiers.IdMgf1, DefaultHashAlgorithm); + public readonly static AlgorithmIdentifier DefaultPSourceAlgorithm = new AlgorithmIdentifier(PkcsObjectIdentifiers.IdPSpecified, new DerOctetString(new byte[0])); + + public static RsaesOaepParameters GetInstance( + object obj) + { + if (obj is RsaesOaepParameters) + { + return (RsaesOaepParameters)obj; + } + else if (obj is Asn1Sequence) + { + return new RsaesOaepParameters((Asn1Sequence)obj); + } + + throw new ArgumentException("Unknown object in factory: " + Platform.GetTypeName(obj), "obj"); + } + + /** + * The default version + */ + public RsaesOaepParameters() + : this(DefaultHashAlgorithm, DefaultMaskGenFunction, DefaultPSourceAlgorithm) + { + } + + public RsaesOaepParameters( + AlgorithmIdentifier hashAlgorithm, + AlgorithmIdentifier maskGenAlgorithm) + : this(hashAlgorithm, maskGenAlgorithm, DefaultPSourceAlgorithm) + { + } + + public RsaesOaepParameters( + AlgorithmIdentifier hashAlgorithm, + AlgorithmIdentifier maskGenAlgorithm, + AlgorithmIdentifier pSourceAlgorithm) + { + this.hashAlgorithm = hashAlgorithm; + this.maskGenAlgorithm = maskGenAlgorithm; + this.pSourceAlgorithm = pSourceAlgorithm; + } + + public RsaesOaepParameters( + Asn1Sequence seq) + { + hashAlgorithm = DefaultHashAlgorithm; + maskGenAlgorithm = DefaultMaskGenFunction; + pSourceAlgorithm = DefaultPSourceAlgorithm; + + for (int i = 0; i != seq.Count; i++) + { + Asn1TaggedObject o = (Asn1TaggedObject)seq[i]; + + switch (o.TagNo) + { + case 0: + hashAlgorithm = AlgorithmIdentifier.GetInstance(o, true); + break; + case 1: + maskGenAlgorithm = AlgorithmIdentifier.GetInstance(o, true); + break; + case 2: + pSourceAlgorithm = AlgorithmIdentifier.GetInstance(o, true); + break; + default: + throw new ArgumentException("unknown tag"); + } + } + } + + public AlgorithmIdentifier HashAlgorithm + { + get { return hashAlgorithm; } + } + + public AlgorithmIdentifier MaskGenAlgorithm + { + get { return maskGenAlgorithm; } + } + + public AlgorithmIdentifier PSourceAlgorithm + { + get { return pSourceAlgorithm; } + } + + /** + * 
+		 *  RSAES-OAEP-params ::= SEQUENCE {
+		 *     hashAlgorithm      [0] OAEP-PSSDigestAlgorithms     DEFAULT sha1,
+		 *     maskGenAlgorithm   [1] PKCS1MGFAlgorithms  DEFAULT mgf1SHA1,
+		 *     pSourceAlgorithm   [2] PKCS1PSourceAlgorithms  DEFAULT pSpecifiedEmpty
+		 *   }
+		 *
+		 *   OAEP-PSSDigestAlgorithms    ALGORITHM-IDENTIFIER ::= {
+		 *     { OID id-sha1 PARAMETERS NULL   }|
+		 *     { OID id-sha256 PARAMETERS NULL }|
+		 *     { OID id-sha384 PARAMETERS NULL }|
+		 *     { OID id-sha512 PARAMETERS NULL },
+		 *     ...  -- Allows for future expansion --
+		 *   }
+		 *   PKCS1MGFAlgorithms    ALGORITHM-IDENTIFIER ::= {
+		 *     { OID id-mgf1 PARAMETERS OAEP-PSSDigestAlgorithms },
+		 *    ...  -- Allows for future expansion --
+		 *   }
+		 *   PKCS1PSourceAlgorithms    ALGORITHM-IDENTIFIER ::= {
+		 *     { OID id-pSpecified PARAMETERS OCTET STRING },
+		 *     ...  -- Allows for future expansion --
+		 *  }
+		 *
+ * @return the asn1 primitive representing the parameters. + */ + public override Asn1Object ToAsn1Object() + { + Asn1EncodableVector v = new Asn1EncodableVector(); + + if (!hashAlgorithm.Equals(DefaultHashAlgorithm)) + { + v.Add(new DerTaggedObject(true, 0, hashAlgorithm)); + } + + if (!maskGenAlgorithm.Equals(DefaultMaskGenFunction)) + { + v.Add(new DerTaggedObject(true, 1, maskGenAlgorithm)); + } + + if (!pSourceAlgorithm.Equals(DefaultPSourceAlgorithm)) + { + v.Add(new DerTaggedObject(true, 2, pSourceAlgorithm)); + } + + return new DerSequence(v); + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/pkcs/RSAPrivateKeyStructure.cs b/BouncyCastle/crypto/src/asn1/pkcs/RSAPrivateKeyStructure.cs new file mode 100644 index 0000000..738a97e --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/pkcs/RSAPrivateKeyStructure.cs @@ -0,0 +1,146 @@ +using System; +using System.Collections; + +using Org.BouncyCastle.Asn1; +using Org.BouncyCastle.Math; + +namespace Org.BouncyCastle.Asn1.Pkcs +{ + public class RsaPrivateKeyStructure + : Asn1Encodable + { + private readonly BigInteger modulus; + private readonly BigInteger publicExponent; + private readonly BigInteger privateExponent; + private readonly BigInteger prime1; + private readonly BigInteger prime2; + private readonly BigInteger exponent1; + private readonly BigInteger exponent2; + private readonly BigInteger coefficient; + + public static RsaPrivateKeyStructure GetInstance(Asn1TaggedObject obj, bool isExplicit) + { + return GetInstance(Asn1Sequence.GetInstance(obj, isExplicit)); + } + + public static RsaPrivateKeyStructure GetInstance(object obj) + { + if (obj == null) + return null; + if (obj is RsaPrivateKeyStructure) + return (RsaPrivateKeyStructure)obj; + return new RsaPrivateKeyStructure(Asn1Sequence.GetInstance(obj)); + } + + public RsaPrivateKeyStructure( + BigInteger modulus, + BigInteger publicExponent, + BigInteger privateExponent, + BigInteger prime1, + BigInteger prime2, + BigInteger exponent1, + BigInteger exponent2, + BigInteger coefficient) + { + this.modulus = modulus; + this.publicExponent = publicExponent; + this.privateExponent = privateExponent; + this.prime1 = prime1; + this.prime2 = prime2; + this.exponent1 = exponent1; + this.exponent2 = exponent2; + this.coefficient = coefficient; + } + + [Obsolete("Use 'GetInstance' method(s) instead")] + public RsaPrivateKeyStructure( + Asn1Sequence seq) + { + BigInteger version = ((DerInteger)seq[0]).Value; + if (version.IntValue != 0) + throw new ArgumentException("wrong version for RSA private key"); + + modulus = ((DerInteger)seq[1]).Value; + publicExponent = ((DerInteger)seq[2]).Value; + privateExponent = ((DerInteger)seq[3]).Value; + prime1 = ((DerInteger)seq[4]).Value; + prime2 = ((DerInteger)seq[5]).Value; + exponent1 = ((DerInteger)seq[6]).Value; + exponent2 = ((DerInteger)seq[7]).Value; + coefficient = ((DerInteger)seq[8]).Value; + } + + public BigInteger Modulus + { + get { return modulus; } + } + + public BigInteger PublicExponent + { + get { return publicExponent; } + } + + public BigInteger PrivateExponent + { + get { return privateExponent; } + } + + public BigInteger Prime1 + { + get { return prime1; } + } + + public BigInteger Prime2 + { + get { return prime2; } + } + + public BigInteger Exponent1 + { + get { return exponent1; } + } + + public BigInteger Exponent2 + { + get { return exponent2; } + } + + public BigInteger Coefficient + { + get { return coefficient; } + } + + /** + * This outputs the key in Pkcs1v2 format. + * 
+         *      RsaPrivateKey ::= Sequence {
+         *                          version Version,
+         *                          modulus Integer, -- n
+         *                          publicExponent Integer, -- e
+         *                          privateExponent Integer, -- d
+         *                          prime1 Integer, -- p
+         *                          prime2 Integer, -- q
+         *                          exponent1 Integer, -- d mod (p-1)
+         *                          exponent2 Integer, -- d mod (q-1)
+         *                          coefficient Integer -- (inverse of q) mod p
+         *                      }
+         *
+         *      Version ::= Integer
+         *
+ *

This routine is written to output Pkcs1 version 0, private keys.

+ */ + public override Asn1Object ToAsn1Object() + { + return new DerSequence( + new DerInteger(0), // version + new DerInteger(Modulus), + new DerInteger(PublicExponent), + new DerInteger(PrivateExponent), + new DerInteger(Prime1), + new DerInteger(Prime2), + new DerInteger(Exponent1), + new DerInteger(Exponent2), + new DerInteger(Coefficient)); + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/pkcs/RSASSAPSSparams.cs b/BouncyCastle/crypto/src/asn1/pkcs/RSASSAPSSparams.cs new file mode 100644 index 0000000..85849c3 --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/pkcs/RSASSAPSSparams.cs @@ -0,0 +1,166 @@ +using System; + +using Org.BouncyCastle.Asn1.Oiw; +using Org.BouncyCastle.Asn1.X509; +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Asn1.Pkcs +{ + public class RsassaPssParameters + : Asn1Encodable + { + private AlgorithmIdentifier hashAlgorithm; + private AlgorithmIdentifier maskGenAlgorithm; + private DerInteger saltLength; + private DerInteger trailerField; + + public readonly static AlgorithmIdentifier DefaultHashAlgorithm = new AlgorithmIdentifier(OiwObjectIdentifiers.IdSha1, DerNull.Instance); + public readonly static AlgorithmIdentifier DefaultMaskGenFunction = new AlgorithmIdentifier(PkcsObjectIdentifiers.IdMgf1, DefaultHashAlgorithm); + public readonly static DerInteger DefaultSaltLength = new DerInteger(20); + public readonly static DerInteger DefaultTrailerField = new DerInteger(1); + + public static RsassaPssParameters GetInstance( + object obj) + { + if (obj == null || obj is RsassaPssParameters) + { + return (RsassaPssParameters)obj; + } + + if (obj is Asn1Sequence) + { + return new RsassaPssParameters((Asn1Sequence)obj); + } + + throw new ArgumentException("Unknown object in factory: " + Platform.GetTypeName(obj), "obj"); + } + + /** + * The default version + */ + public RsassaPssParameters() + { + hashAlgorithm = DefaultHashAlgorithm; + maskGenAlgorithm = DefaultMaskGenFunction; + saltLength = DefaultSaltLength; + trailerField = DefaultTrailerField; + } + + public RsassaPssParameters( + AlgorithmIdentifier hashAlgorithm, + AlgorithmIdentifier maskGenAlgorithm, + DerInteger saltLength, + DerInteger trailerField) + { + this.hashAlgorithm = hashAlgorithm; + this.maskGenAlgorithm = maskGenAlgorithm; + this.saltLength = saltLength; + this.trailerField = trailerField; + } + + public RsassaPssParameters( + Asn1Sequence seq) + { + hashAlgorithm = DefaultHashAlgorithm; + maskGenAlgorithm = DefaultMaskGenFunction; + saltLength = DefaultSaltLength; + trailerField = DefaultTrailerField; + + for (int i = 0; i != seq.Count; i++) + { + Asn1TaggedObject o = (Asn1TaggedObject)seq[i]; + + switch (o.TagNo) + { + case 0: + hashAlgorithm = AlgorithmIdentifier.GetInstance(o, true); + break; + case 1: + maskGenAlgorithm = AlgorithmIdentifier.GetInstance(o, true); + break; + case 2: + saltLength = DerInteger.GetInstance(o, true); + break; + case 3: + trailerField = DerInteger.GetInstance(o, true); + break; + default: + throw new ArgumentException("unknown tag"); + } + } + } + + public AlgorithmIdentifier HashAlgorithm + { + get { return hashAlgorithm; } + } + + public AlgorithmIdentifier MaskGenAlgorithm + { + get { return maskGenAlgorithm; } + } + + public DerInteger SaltLength + { + get { return saltLength; } + } + + public DerInteger TrailerField + { + get { return trailerField; } + } + + /** + * 
+		 * RSASSA-PSS-params ::= SEQUENCE {
+		 *   hashAlgorithm      [0] OAEP-PSSDigestAlgorithms  DEFAULT sha1,
+		 *    maskGenAlgorithm   [1] PKCS1MGFAlgorithms  DEFAULT mgf1SHA1,
+		 *    saltLength         [2] INTEGER  DEFAULT 20,
+		 *    trailerField       [3] TrailerField  DEFAULT trailerFieldBC
+		 *  }
+		 *
+		 * OAEP-PSSDigestAlgorithms    ALGORITHM-IDENTIFIER ::= {
+		 *    { OID id-sha1 PARAMETERS NULL   }|
+		 *    { OID id-sha256 PARAMETERS NULL }|
+		 *    { OID id-sha384 PARAMETERS NULL }|
+		 *    { OID id-sha512 PARAMETERS NULL },
+		 *    ...  -- Allows for future expansion --
+		 * }
+		 *
+		 * PKCS1MGFAlgorithms    ALGORITHM-IDENTIFIER ::= {
+		 *   { OID id-mgf1 PARAMETERS OAEP-PSSDigestAlgorithms },
+		 *    ...  -- Allows for future expansion --
+		 * }
+		 *
+		 * TrailerField ::= INTEGER { trailerFieldBC(1) }
+		 *
+ * @return the asn1 primitive representing the parameters. + */ + public override Asn1Object ToAsn1Object() + { + Asn1EncodableVector v = new Asn1EncodableVector(); + + if (!hashAlgorithm.Equals(DefaultHashAlgorithm)) + { + v.Add(new DerTaggedObject(true, 0, hashAlgorithm)); + } + + if (!maskGenAlgorithm.Equals(DefaultMaskGenFunction)) + { + v.Add(new DerTaggedObject(true, 1, maskGenAlgorithm)); + } + + if (!saltLength.Equals(DefaultSaltLength)) + { + v.Add(new DerTaggedObject(true, 2, saltLength)); + } + + if (!trailerField.Equals(DefaultTrailerField)) + { + v.Add(new DerTaggedObject(true, 3, trailerField)); + } + + return new DerSequence(v); + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/pkcs/SafeBag.cs b/BouncyCastle/crypto/src/asn1/pkcs/SafeBag.cs new file mode 100644 index 0000000..0ec9fa4 --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/pkcs/SafeBag.cs @@ -0,0 +1,74 @@ +using System; + +using Org.BouncyCastle.Asn1; + +namespace Org.BouncyCastle.Asn1.Pkcs +{ + public class SafeBag + : Asn1Encodable + { + public static SafeBag GetInstance(object obj) + { + if (obj is SafeBag) + return (SafeBag)obj; + if (obj == null) + return null; + return new SafeBag(Asn1Sequence.GetInstance(obj)); + } + + private readonly DerObjectIdentifier bagID; + private readonly Asn1Object bagValue; + private readonly Asn1Set bagAttributes; + + public SafeBag( + DerObjectIdentifier oid, + Asn1Object obj) + { + this.bagID = oid; + this.bagValue = obj; + this.bagAttributes = null; + } + + public SafeBag( + DerObjectIdentifier oid, + Asn1Object obj, + Asn1Set bagAttributes) + { + this.bagID = oid; + this.bagValue = obj; + this.bagAttributes = bagAttributes; + } + + private SafeBag(Asn1Sequence seq) + { + this.bagID = (DerObjectIdentifier)seq[0]; + this.bagValue = ((DerTaggedObject)seq[1]).GetObject(); + if (seq.Count == 3) + { + this.bagAttributes = (Asn1Set)seq[2]; + } + } + + public DerObjectIdentifier BagID + { + get { return bagID; } + } + + public Asn1Object BagValue + { + get { return bagValue; } + } + + public Asn1Set BagAttributes + { + get { return bagAttributes; } + } + + public override Asn1Object ToAsn1Object() + { + Asn1EncodableVector v = new Asn1EncodableVector(bagID, new DerTaggedObject(0, bagValue)); + v.AddOptional(bagAttributes); + return new DerSequence(v); + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/pkcs/SignedData.cs b/BouncyCastle/crypto/src/asn1/pkcs/SignedData.cs new file mode 100644 index 0000000..ae33510 --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/pkcs/SignedData.cs @@ -0,0 +1,146 @@ +using System; +using System.Collections; + +using Org.BouncyCastle.Asn1; + +namespace Org.BouncyCastle.Asn1.Pkcs +{ + /** + * a Pkcs#7 signed data object. + */ + public class SignedData + : Asn1Encodable + { + private readonly DerInteger version; + private readonly Asn1Set digestAlgorithms; + private readonly ContentInfo contentInfo; + private readonly Asn1Set certificates; + private readonly Asn1Set crls; + private readonly Asn1Set signerInfos; + + public static SignedData GetInstance(object obj) + { + if (obj == null) + return null; + SignedData existing = obj as SignedData; + if (existing != null) + return existing; + return new SignedData(Asn1Sequence.GetInstance(obj)); + } + + public SignedData( + DerInteger _version, + Asn1Set _digestAlgorithms, + ContentInfo _contentInfo, + Asn1Set _certificates, + Asn1Set _crls, + Asn1Set _signerInfos) + { + version = _version; + digestAlgorithms = _digestAlgorithms; + contentInfo = _contentInfo; + certificates = _certificates; + crls = _crls; + signerInfos = _signerInfos; + } + + private SignedData( + Asn1Sequence seq) + { + IEnumerator e = seq.GetEnumerator(); + + e.MoveNext(); + version = (DerInteger) e.Current; + + e.MoveNext(); + digestAlgorithms = (Asn1Set) e.Current; + + e.MoveNext(); + contentInfo = ContentInfo.GetInstance(e.Current); + + while (e.MoveNext()) + { + Asn1Object o = (Asn1Object) e.Current; + + // + // an interesting feature of SignedData is that there appear to be varying implementations... + // for the moment we ignore anything which doesn't fit. + // + if (o is Asn1TaggedObject) + { + Asn1TaggedObject tagged = (Asn1TaggedObject)o; + + switch (tagged.TagNo) + { + case 0: + certificates = Asn1Set.GetInstance(tagged, false); + break; + case 1: + crls = Asn1Set.GetInstance(tagged, false); + break; + default: + throw new ArgumentException("unknown tag value " + tagged.TagNo); + } + } + else + { + signerInfos = (Asn1Set) o; + } + } + } + + public DerInteger Version + { + get { return version; } + } + + public Asn1Set DigestAlgorithms + { + get { return digestAlgorithms; } + } + + public ContentInfo ContentInfo + { + get { return contentInfo; } + } + + public Asn1Set Certificates + { + get { return certificates; } + } + + public Asn1Set Crls + { + get { return crls; } + } + + public Asn1Set SignerInfos + { + get { return signerInfos; } + } + + /** + * Produce an object suitable for an Asn1OutputStream. + * 
+         *  SignedData ::= Sequence {
+         *      version Version,
+         *      digestAlgorithms DigestAlgorithmIdentifiers,
+         *      contentInfo ContentInfo,
+         *      certificates
+         *          [0] IMPLICIT ExtendedCertificatesAndCertificates
+         *                   OPTIONAL,
+         *      crls
+         *          [1] IMPLICIT CertificateRevocationLists OPTIONAL,
+         *      signerInfos SignerInfos }
+         *
+ */ + public override Asn1Object ToAsn1Object() + { + Asn1EncodableVector v = new Asn1EncodableVector(version, digestAlgorithms, contentInfo); + v.AddOptionalTagged(false, 0, certificates); + v.AddOptionalTagged(false, 1, crls); + v.Add(signerInfos); + return new BerSequence(v); + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/pkcs/SignerInfo.cs b/BouncyCastle/crypto/src/asn1/pkcs/SignerInfo.cs new file mode 100644 index 0000000..c594b45 --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/pkcs/SignerInfo.cs @@ -0,0 +1,143 @@ +using System; +using System.Collections; + +using Org.BouncyCastle.Asn1.X509; +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Asn1.Pkcs +{ + /** + * a Pkcs#7 signer info object. + */ + public class SignerInfo + : Asn1Encodable + { + private DerInteger version; + private IssuerAndSerialNumber issuerAndSerialNumber; + private AlgorithmIdentifier digAlgorithm; + private Asn1Set authenticatedAttributes; + private AlgorithmIdentifier digEncryptionAlgorithm; + private Asn1OctetString encryptedDigest; + private Asn1Set unauthenticatedAttributes; + + public static SignerInfo GetInstance( + object obj) + { + if (obj is SignerInfo) + { + return (SignerInfo) obj; + } + + if (obj is Asn1Sequence) + { + return new SignerInfo((Asn1Sequence) obj); + } + + throw new ArgumentException("Unknown object in factory: " + Platform.GetTypeName(obj), "obj"); + } + + public SignerInfo( + DerInteger version, + IssuerAndSerialNumber issuerAndSerialNumber, + AlgorithmIdentifier digAlgorithm, + Asn1Set authenticatedAttributes, + AlgorithmIdentifier digEncryptionAlgorithm, + Asn1OctetString encryptedDigest, + Asn1Set unauthenticatedAttributes) + { + this.version = version; + this.issuerAndSerialNumber = issuerAndSerialNumber; + this.digAlgorithm = digAlgorithm; + this.authenticatedAttributes = authenticatedAttributes; + this.digEncryptionAlgorithm = digEncryptionAlgorithm; + this.encryptedDigest = encryptedDigest; + this.unauthenticatedAttributes = unauthenticatedAttributes; + } + + public SignerInfo( + Asn1Sequence seq) + { + IEnumerator e = seq.GetEnumerator(); + + e.MoveNext(); + version = (DerInteger) e.Current; + + e.MoveNext(); + issuerAndSerialNumber = IssuerAndSerialNumber.GetInstance(e.Current); + + e.MoveNext(); + digAlgorithm = AlgorithmIdentifier.GetInstance(e.Current); + + e.MoveNext(); + object obj = e.Current; + + if (obj is Asn1TaggedObject) + { + authenticatedAttributes = Asn1Set.GetInstance((Asn1TaggedObject) obj, false); + + e.MoveNext(); + digEncryptionAlgorithm = AlgorithmIdentifier.GetInstance(e.Current); + } + else + { + authenticatedAttributes = null; + digEncryptionAlgorithm = AlgorithmIdentifier.GetInstance(obj); + } + + e.MoveNext(); + encryptedDigest = DerOctetString.GetInstance(e.Current); + + if (e.MoveNext()) + { + unauthenticatedAttributes = Asn1Set.GetInstance((Asn1TaggedObject)e.Current, false); + } + else + { + unauthenticatedAttributes = null; + } + } + + public DerInteger Version { get { return version; } } + + public IssuerAndSerialNumber IssuerAndSerialNumber { get { return issuerAndSerialNumber; } } + + public Asn1Set AuthenticatedAttributes { get { return authenticatedAttributes; } } + + public AlgorithmIdentifier DigestAlgorithm { get { return digAlgorithm; } } + + public Asn1OctetString EncryptedDigest { get { return encryptedDigest; } } + + public AlgorithmIdentifier DigestEncryptionAlgorithm { get { return digEncryptionAlgorithm; } } + + public Asn1Set UnauthenticatedAttributes { get { return unauthenticatedAttributes; } } + + /** + * Produce an object suitable for an Asn1OutputStream. + * 
+         *  SignerInfo ::= Sequence {
+         *      version Version,
+         *      issuerAndSerialNumber IssuerAndSerialNumber,
+         *      digestAlgorithm DigestAlgorithmIdentifier,
+         *      authenticatedAttributes [0] IMPLICIT Attributes OPTIONAL,
+         *      digestEncryptionAlgorithm DigestEncryptionAlgorithmIdentifier,
+         *      encryptedDigest EncryptedDigest,
+         *      unauthenticatedAttributes [1] IMPLICIT Attributes OPTIONAL
+         *  }
+         *
+         *  EncryptedDigest ::= OCTET STRING
+         *
+         *  DigestAlgorithmIdentifier ::= AlgorithmIdentifier
+         *
+         *  DigestEncryptionAlgorithmIdentifier ::= AlgorithmIdentifier
+         *
+ */ + public override Asn1Object ToAsn1Object() + { + Asn1EncodableVector v = new Asn1EncodableVector(version, issuerAndSerialNumber, digAlgorithm); + v.AddOptionalTagged(false, 0, authenticatedAttributes); + v.Add(digEncryptionAlgorithm, encryptedDigest); + v.AddOptionalTagged(false, 1, unauthenticatedAttributes); + return new DerSequence(v); + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/rosstandart/RosstandartObjectIdentifiers.cs b/BouncyCastle/crypto/src/asn1/rosstandart/RosstandartObjectIdentifiers.cs new file mode 100644 index 0000000..86fedb7 --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/rosstandart/RosstandartObjectIdentifiers.cs @@ -0,0 +1,47 @@ +using System; + +namespace Org.BouncyCastle.Asn1.Rosstandart +{ + public abstract class RosstandartObjectIdentifiers + { + public static readonly DerObjectIdentifier rosstandart = new DerObjectIdentifier("1.2.643.7"); + + public static readonly DerObjectIdentifier id_tc26 = rosstandart.Branch("1"); + + public static readonly DerObjectIdentifier id_tc26_gost_3411_12_256 = id_tc26.Branch("1.2.2"); + + public static readonly DerObjectIdentifier id_tc26_gost_3411_12_512 = id_tc26.Branch("1.2.3"); + + public static readonly DerObjectIdentifier id_tc26_hmac_gost_3411_12_256 = id_tc26.Branch("1.4.1"); + + public static readonly DerObjectIdentifier id_tc26_hmac_gost_3411_12_512 = id_tc26.Branch("1.4.2"); + + public static readonly DerObjectIdentifier id_tc26_gost_3410_12_256 = id_tc26.Branch("1.1.1"); + + public static readonly DerObjectIdentifier id_tc26_gost_3410_12_512 = id_tc26.Branch("1.1.2"); + + public static readonly DerObjectIdentifier id_tc26_signwithdigest_gost_3410_12_256 = id_tc26.Branch("1.3.2"); + + public static readonly DerObjectIdentifier id_tc26_signwithdigest_gost_3410_12_512 = id_tc26.Branch("1.3.3"); + + public static readonly DerObjectIdentifier id_tc26_agreement = id_tc26.Branch("1.6"); + + public static readonly DerObjectIdentifier id_tc26_agreement_gost_3410_12_256 = id_tc26_agreement.Branch("1"); + + public static readonly DerObjectIdentifier id_tc26_agreement_gost_3410_12_512 = id_tc26_agreement.Branch("2"); + + public static readonly DerObjectIdentifier id_tc26_gost_3410_12_256_paramSet = id_tc26.Branch("2.1.1"); + + public static readonly DerObjectIdentifier id_tc26_gost_3410_12_256_paramSetA = id_tc26_gost_3410_12_256_paramSet.Branch("1"); + + public static readonly DerObjectIdentifier id_tc26_gost_3410_12_512_paramSet = id_tc26.Branch("2.1.2"); + + public static readonly DerObjectIdentifier id_tc26_gost_3410_12_512_paramSetA = id_tc26_gost_3410_12_512_paramSet.Branch("1"); + + public static readonly DerObjectIdentifier id_tc26_gost_3410_12_512_paramSetB = id_tc26_gost_3410_12_512_paramSet.Branch("2"); + + public static readonly DerObjectIdentifier id_tc26_gost_3410_12_512_paramSetC = id_tc26_gost_3410_12_512_paramSet.Branch("3"); + + public static readonly DerObjectIdentifier id_tc26_gost_28147_param_Z = id_tc26.Branch("2.5.1.1"); + } +} diff --git a/BouncyCastle/crypto/src/asn1/sec/ECPrivateKeyStructure.cs b/BouncyCastle/crypto/src/asn1/sec/ECPrivateKeyStructure.cs new file mode 100644 index 0000000..aec8e0a --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/sec/ECPrivateKeyStructure.cs @@ -0,0 +1,175 @@ +using System; + +using Org.BouncyCastle.Asn1; +using Org.BouncyCastle.Math; +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Asn1.Sec +{ + /** + * the elliptic curve private key object from SEC 1 + */ + public class ECPrivateKeyStructure + : Asn1Encodable + { + private readonly Asn1Sequence seq; + + public static ECPrivateKeyStructure GetInstance(object obj) + { + if (obj == null) + return null; + if (obj is ECPrivateKeyStructure) + return (ECPrivateKeyStructure)obj; + return new ECPrivateKeyStructure(Asn1Sequence.GetInstance(obj)); + } + + [Obsolete("Use 'GetInstance' instead")] + public ECPrivateKeyStructure( + Asn1Sequence seq) + { + if (seq == null) + throw new ArgumentNullException("seq"); + + this.seq = seq; + } + + [Obsolete("Use constructor which takes 'orderBitLength' instead, to guarantee correct encoding")] + public ECPrivateKeyStructure( + BigInteger key) + { + if (key == null) + throw new ArgumentNullException("key"); + + this.seq = new DerSequence( + new DerInteger(1), + new DerOctetString(key.ToByteArrayUnsigned())); + } + + public ECPrivateKeyStructure( + int orderBitLength, + BigInteger key) + : this(orderBitLength, key, null) + { + } + + [Obsolete("Use constructor which takes 'orderBitLength' instead, to guarantee correct encoding")] + public ECPrivateKeyStructure( + BigInteger key, + Asn1Encodable parameters) + : this(key, null, parameters) + { + } + + [Obsolete("Use constructor which takes 'orderBitLength' instead, to guarantee correct encoding")] + public ECPrivateKeyStructure( + BigInteger key, + DerBitString publicKey, + Asn1Encodable parameters) + { + if (key == null) + throw new ArgumentNullException("key"); + + Asn1EncodableVector v = new Asn1EncodableVector( + new DerInteger(1), + new DerOctetString(key.ToByteArrayUnsigned())); + + if (parameters != null) + { + v.Add(new DerTaggedObject(true, 0, parameters)); + } + + if (publicKey != null) + { + v.Add(new DerTaggedObject(true, 1, publicKey)); + } + + this.seq = new DerSequence(v); + } + + public ECPrivateKeyStructure( + int orderBitLength, + BigInteger key, + Asn1Encodable parameters) + : this(orderBitLength, key, null, parameters) + { + } + + public ECPrivateKeyStructure( + int orderBitLength, + BigInteger key, + DerBitString publicKey, + Asn1Encodable parameters) + { + if (key == null) + throw new ArgumentNullException("key"); + if (orderBitLength < key.BitLength) + throw new ArgumentException("must be >= key bitlength", "orderBitLength"); + + byte[] bytes = BigIntegers.AsUnsignedByteArray((orderBitLength + 7) / 8, key); + + Asn1EncodableVector v = new Asn1EncodableVector( + new DerInteger(1), + new DerOctetString(bytes)); + + if (parameters != null) + { + v.Add(new DerTaggedObject(true, 0, parameters)); + } + + if (publicKey != null) + { + v.Add(new DerTaggedObject(true, 1, publicKey)); + } + + this.seq = new DerSequence(v); + } + + public virtual BigInteger GetKey() + { + Asn1OctetString octs = (Asn1OctetString) seq[1]; + + return new BigInteger(1, octs.GetOctets()); + } + + public virtual DerBitString GetPublicKey() + { + return (DerBitString) GetObjectInTag(1); + } + + public virtual Asn1Object GetParameters() + { + return GetObjectInTag(0); + } + + private Asn1Object GetObjectInTag(int tagNo) + { + foreach (Asn1Encodable ae in seq) + { + Asn1Object obj = ae.ToAsn1Object(); + + if (obj is Asn1TaggedObject) + { + Asn1TaggedObject tag = (Asn1TaggedObject) obj; + if (tag.TagNo == tagNo) + { + return tag.GetObject(); + } + } + } + + return null; + } + + /** + * ECPrivateKey ::= SEQUENCE { + * version INTEGER { ecPrivkeyVer1(1) } (ecPrivkeyVer1), + * privateKey OCTET STRING, + * parameters [0] Parameters OPTIONAL, + * publicKey [1] BIT STRING OPTIONAL } + */ + public override Asn1Object ToAsn1Object() + { + return seq; + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/sec/SECNamedCurves.cs b/BouncyCastle/crypto/src/asn1/sec/SECNamedCurves.cs new file mode 100644 index 0000000..ad2f3e3 --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/sec/SECNamedCurves.cs @@ -0,0 +1,1378 @@ +using System; +using System.Collections; + +using Org.BouncyCastle.Asn1; +using Org.BouncyCastle.Asn1.X9; +using Org.BouncyCastle.Math; +using Org.BouncyCastle.Math.EC; +using Org.BouncyCastle.Math.EC.Endo; +using Org.BouncyCastle.Math.EC.Multiplier; +using Org.BouncyCastle.Utilities; +using Org.BouncyCastle.Utilities.Collections; +using Org.BouncyCastle.Utilities.Encoders; + +namespace Org.BouncyCastle.Asn1.Sec +{ + public sealed class SecNamedCurves + { + private SecNamedCurves() + { + } + + private static X9ECPoint ConfigureBasepoint(ECCurve curve, string encoding) + { + X9ECPoint G = new X9ECPoint(curve, Hex.DecodeStrict(encoding)); + WNafUtilities.ConfigureBasepoint(G.Point); + return G; + } + + private static ECCurve ConfigureCurve(ECCurve curve) + { + return curve; + } + + private static ECCurve ConfigureCurveGlv(ECCurve c, GlvTypeBParameters p) + { + return c.Configure().SetEndomorphism(new GlvTypeBEndomorphism(c, p)).Create(); + } + + private static BigInteger FromHex(string hex) + { + return new BigInteger(1, Hex.DecodeStrict(hex)); + } + + /* + * secp112r1 + */ + internal class Secp112r1Holder + : X9ECParametersHolder + { + private Secp112r1Holder() {} + + internal static readonly X9ECParametersHolder Instance = new Secp112r1Holder(); + + protected override ECCurve CreateCurve() + { + // p = (2^128 - 3) / 76439 + BigInteger p = FromHex("DB7C2ABF62E35E668076BEAD208B"); + BigInteger a = FromHex("DB7C2ABF62E35E668076BEAD2088"); + BigInteger b = FromHex("659EF8BA043916EEDE8911702B22"); + BigInteger n = FromHex("DB7C2ABF62E35E7628DFAC6561C5"); + BigInteger h = BigInteger.One; + + return ConfigureCurve(new FpCurve(p, a, b, n, h, true)); + } + + protected override X9ECParameters CreateParameters() + { + byte[] S = Hex.DecodeStrict("00F50B028E4D696E676875615175290472783FB1"); + ECCurve curve = Curve; + + X9ECPoint G = ConfigureBasepoint(curve, + "0409487239995A5EE76B55F9C2F098A89CE5AF8724C0A23E0E0FF77500"); + + return new X9ECParameters(curve, G, curve.Order, curve.Cofactor, S); + } + } + + /* + * secp112r2 + */ + internal class Secp112r2Holder + : X9ECParametersHolder + { + private Secp112r2Holder() {} + + internal static readonly X9ECParametersHolder Instance = new Secp112r2Holder(); + + protected override ECCurve CreateCurve() + { + // p = (2^128 - 3) / 76439 + BigInteger p = FromHex("DB7C2ABF62E35E668076BEAD208B"); + BigInteger a = FromHex("6127C24C05F38A0AAAF65C0EF02C"); + BigInteger b = FromHex("51DEF1815DB5ED74FCC34C85D709"); + BigInteger n = FromHex("36DF0AAFD8B8D7597CA10520D04B"); + BigInteger h = BigInteger.ValueOf(4); + + return ConfigureCurve(new FpCurve(p, a, b, n, h, true)); + } + + protected override X9ECParameters CreateParameters() + { + byte[] S = Hex.DecodeStrict("002757A1114D696E6768756151755316C05E0BD4"); + ECCurve curve = Curve; + + X9ECPoint G = ConfigureBasepoint(curve, + "044BA30AB5E892B4E1649DD0928643ADCD46F5882E3747DEF36E956E97"); + + return new X9ECParameters(curve, G, curve.Order, curve.Cofactor, S); + } + } + + /* + * secp128r1 + */ + internal class Secp128r1Holder + : X9ECParametersHolder + { + private Secp128r1Holder() {} + + internal static readonly X9ECParametersHolder Instance = new Secp128r1Holder(); + + protected override ECCurve CreateCurve() + { + // p = 2^128 - 2^97 - 1 + BigInteger p = FromHex("FFFFFFFDFFFFFFFFFFFFFFFFFFFFFFFF"); + BigInteger a = FromHex("FFFFFFFDFFFFFFFFFFFFFFFFFFFFFFFC"); + BigInteger b = FromHex("E87579C11079F43DD824993C2CEE5ED3"); + BigInteger n = FromHex("FFFFFFFE0000000075A30D1B9038A115"); + BigInteger h = BigInteger.One; + + return ConfigureCurve(new FpCurve(p, a, b, n, h, true)); + } + + protected override X9ECParameters CreateParameters() + { + byte[] S = Hex.DecodeStrict("000E0D4D696E6768756151750CC03A4473D03679"); + ECCurve curve = Curve; + + X9ECPoint G = ConfigureBasepoint(curve, + "04161FF7528B899B2D0C28607CA52C5B86CF5AC8395BAFEB13C02DA292DDED7A83"); + + return new X9ECParameters(curve, G, curve.Order, curve.Cofactor, S); + } + } + + /* + * secp128r2 + */ + internal class Secp128r2Holder + : X9ECParametersHolder + { + private Secp128r2Holder() {} + + internal static readonly X9ECParametersHolder Instance = new Secp128r2Holder(); + + protected override ECCurve CreateCurve() + { + // p = 2^128 - 2^97 - 1 + BigInteger p = FromHex("FFFFFFFDFFFFFFFFFFFFFFFFFFFFFFFF"); + BigInteger a = FromHex("D6031998D1B3BBFEBF59CC9BBFF9AEE1"); + BigInteger b = FromHex("5EEEFCA380D02919DC2C6558BB6D8A5D"); + BigInteger n = FromHex("3FFFFFFF7FFFFFFFBE0024720613B5A3"); + BigInteger h = BigInteger.ValueOf(4); + + return ConfigureCurve(new FpCurve(p, a, b, n, h, true)); + } + + protected override X9ECParameters CreateParameters() + { + byte[] S = Hex.DecodeStrict("004D696E67687561517512D8F03431FCE63B88F4"); + ECCurve curve = Curve; + + X9ECPoint G = ConfigureBasepoint(curve, + "047B6AA5D85E572983E6FB32A7CDEBC14027B6916A894D3AEE7106FE805FC34B44"); + + return new X9ECParameters(curve, G, curve.Order, curve.Cofactor, S); + } + } + + /* + * secp160k1 + */ + internal class Secp160k1Holder + : X9ECParametersHolder + { + private Secp160k1Holder() {} + + internal static readonly X9ECParametersHolder Instance = new Secp160k1Holder(); + + protected override ECCurve CreateCurve() + { + // p = 2^160 - 2^32 - 2^14 - 2^12 - 2^9 - 2^8 - 2^7 - 2^3 - 2^2 - 1 + BigInteger p = FromHex("FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFAC73"); + BigInteger a = BigInteger.Zero; + BigInteger b = BigInteger.ValueOf(7); + BigInteger n = FromHex("0100000000000000000001B8FA16DFAB9ACA16B6B3"); + BigInteger h = BigInteger.One; + + GlvTypeBParameters glv = new GlvTypeBParameters( + new BigInteger("9ba48cba5ebcb9b6bd33b92830b2a2e0e192f10a", 16), + new BigInteger("c39c6c3b3a36d7701b9c71a1f5804ae5d0003f4", 16), + new ScalarSplitParameters( + new BigInteger[]{ + new BigInteger("9162fbe73984472a0a9e", 16), + new BigInteger("-96341f1138933bc2f505", 16) }, + new BigInteger[]{ + new BigInteger("127971af8721782ecffa3", 16), + new BigInteger("9162fbe73984472a0a9e", 16) }, + new BigInteger("9162fbe73984472a0a9d0590", 16), + new BigInteger("96341f1138933bc2f503fd44", 16), + 176)); + + return ConfigureCurveGlv(new FpCurve(p, a, b, n, h, true), glv); + } + + protected override X9ECParameters CreateParameters() + { + byte[] S = null; + ECCurve curve = Curve; + + X9ECPoint G = ConfigureBasepoint(curve, + "043B4C382CE37AA192A4019E763036F4F5DD4D7EBB938CF935318FDCED6BC28286531733C3F03C4FEE"); + + return new X9ECParameters(curve, G, curve.Order, curve.Cofactor, S); + } + } + + /* + * secp160r1 + */ + internal class Secp160r1Holder + : X9ECParametersHolder + { + private Secp160r1Holder() {} + + internal static readonly X9ECParametersHolder Instance = new Secp160r1Holder(); + + protected override ECCurve CreateCurve() + { + // p = 2^160 - 2^31 - 1 + BigInteger p = FromHex("FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF7FFFFFFF"); + BigInteger a = FromHex("FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF7FFFFFFC"); + BigInteger b = FromHex("1C97BEFC54BD7A8B65ACF89F81D4D4ADC565FA45"); + BigInteger n = FromHex("0100000000000000000001F4C8F927AED3CA752257"); + BigInteger h = BigInteger.One; + + return ConfigureCurve(new FpCurve(p, a, b, n, h, true)); + } + + protected override X9ECParameters CreateParameters() + { + byte[] S = Hex.DecodeStrict("1053CDE42C14D696E67687561517533BF3F83345"); + ECCurve curve = Curve; + + X9ECPoint G = ConfigureBasepoint(curve, + "044A96B5688EF573284664698968C38BB913CBFC8223A628553168947D59DCC912042351377AC5FB32"); + + return new X9ECParameters(curve, G, curve.Order, curve.Cofactor, S); + } + } + + /* + * secp160r2 + */ + internal class Secp160r2Holder + : X9ECParametersHolder + { + private Secp160r2Holder() {} + + internal static readonly X9ECParametersHolder Instance = new Secp160r2Holder(); + + protected override ECCurve CreateCurve() + { + // p = 2^160 - 2^32 - 2^14 - 2^12 - 2^9 - 2^8 - 2^7 - 2^3 - 2^2 - 1 + BigInteger p = FromHex("FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFAC73"); + BigInteger a = FromHex("FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFAC70"); + BigInteger b = FromHex("B4E134D3FB59EB8BAB57274904664D5AF50388BA"); + BigInteger n = FromHex("0100000000000000000000351EE786A818F3A1A16B"); + BigInteger h = BigInteger.One; + + return ConfigureCurve(new FpCurve(p, a, b, n, h, true)); + } + + protected override X9ECParameters CreateParameters() + { + byte[] S = Hex.DecodeStrict("B99B99B099B323E02709A4D696E6768756151751"); + ECCurve curve = Curve; + + X9ECPoint G = ConfigureBasepoint(curve, + "0452DCB034293A117E1F4FF11B30F7199D3144CE6DFEAFFEF2E331F296E071FA0DF9982CFEA7D43F2E"); + + return new X9ECParameters(curve, G, curve.Order, curve.Cofactor, S); + } + } + + /* + * secp192k1 + */ + internal class Secp192k1Holder + : X9ECParametersHolder + { + private Secp192k1Holder() {} + + internal static readonly X9ECParametersHolder Instance = new Secp192k1Holder(); + + protected override ECCurve CreateCurve() + { + // p = 2^192 - 2^32 - 2^12 - 2^8 - 2^7 - 2^6 - 2^3 - 1 + BigInteger p = FromHex("FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFEE37"); + BigInteger a = BigInteger.Zero; + BigInteger b = BigInteger.ValueOf(3); + BigInteger n = FromHex("FFFFFFFFFFFFFFFFFFFFFFFE26F2FC170F69466A74DEFD8D"); + BigInteger h = BigInteger.One; + + GlvTypeBParameters glv = new GlvTypeBParameters( + new BigInteger("bb85691939b869c1d087f601554b96b80cb4f55b35f433c2", 16), + new BigInteger("3d84f26c12238d7b4f3d516613c1759033b1a5800175d0b1", 16), + new ScalarSplitParameters( + new BigInteger[]{ + new BigInteger("71169be7330b3038edb025f1", 16), + new BigInteger("-b3fb3400dec5c4adceb8655c", 16) }, + new BigInteger[]{ + new BigInteger("12511cfe811d0f4e6bc688b4d", 16), + new BigInteger("71169be7330b3038edb025f1", 16) }, + new BigInteger("71169be7330b3038edb025f1d0f9", 16), + new BigInteger("b3fb3400dec5c4adceb8655d4c94", 16), + 208)); + + return ConfigureCurveGlv(new FpCurve(p, a, b, n, h, true), glv); + } + + protected override X9ECParameters CreateParameters() + { + byte[] S = null; + ECCurve curve = Curve; + + X9ECPoint G = ConfigureBasepoint(curve, + "04DB4FF10EC057E9AE26B07D0280B7F4341DA5D1B1EAE06C7D9B2F2F6D9C5628A7844163D015BE86344082AA88D95E2F9D"); + + return new X9ECParameters(curve, G, curve.Order, curve.Cofactor, S); + } + } + + /* + * secp192r1 + */ + internal class Secp192r1Holder + : X9ECParametersHolder + { + private Secp192r1Holder() {} + + internal static readonly X9ECParametersHolder Instance = new Secp192r1Holder(); + + protected override ECCurve CreateCurve() + { + // p = 2^192 - 2^64 - 1 + BigInteger p = FromHex("FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFFFFFFFFFFFF"); + BigInteger a = FromHex("FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFFFFFFFFFFFC"); + BigInteger b = FromHex("64210519E59C80E70FA7E9AB72243049FEB8DEECC146B9B1"); + BigInteger n = FromHex("FFFFFFFFFFFFFFFFFFFFFFFF99DEF836146BC9B1B4D22831"); + BigInteger h = BigInteger.One; + + return ConfigureCurve(new FpCurve(p, a, b, n, h, true)); + } + + protected override X9ECParameters CreateParameters() + { + byte[] S = Hex.DecodeStrict("3045AE6FC8422F64ED579528D38120EAE12196D5"); + ECCurve curve = Curve; + + X9ECPoint G = ConfigureBasepoint(curve, + "04188DA80EB03090F67CBF20EB43A18800F4FF0AFD82FF101207192B95FFC8DA78631011ED6B24CDD573F977A11E794811"); + + return new X9ECParameters(curve, G, curve.Order, curve.Cofactor, S); + } + } + + /* + * secp224k1 + */ + internal class Secp224k1Holder + : X9ECParametersHolder + { + private Secp224k1Holder() {} + + internal static readonly X9ECParametersHolder Instance = new Secp224k1Holder(); + + protected override ECCurve CreateCurve() + { + // p = 2^224 - 2^32 - 2^12 - 2^11 - 2^9 - 2^7 - 2^4 - 2 - 1 + BigInteger p = FromHex("FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFE56D"); + BigInteger a = BigInteger.Zero; + BigInteger b = BigInteger.ValueOf(5); + BigInteger n = FromHex("010000000000000000000000000001DCE8D2EC6184CAF0A971769FB1F7"); + BigInteger h = BigInteger.One; + + GlvTypeBParameters glv = new GlvTypeBParameters( + new BigInteger("fe0e87005b4e83761908c5131d552a850b3f58b749c37cf5b84d6768", 16), + new BigInteger("60dcd2104c4cbc0be6eeefc2bdd610739ec34e317f9b33046c9e4788", 16), + new ScalarSplitParameters( + new BigInteger[]{ + new BigInteger("6b8cf07d4ca75c88957d9d670591", 16), + new BigInteger("-b8adf1378a6eb73409fa6c9c637d", 16) }, + new BigInteger[]{ + new BigInteger("1243ae1b4d71613bc9f780a03690e", 16), + new BigInteger("6b8cf07d4ca75c88957d9d670591", 16) }, + new BigInteger("6b8cf07d4ca75c88957d9d67059037a4", 16), + new BigInteger("b8adf1378a6eb73409fa6c9c637ba7f5", 16), + 240)); + + return ConfigureCurveGlv(new FpCurve(p, a, b, n, h, true), glv); + } + + protected override X9ECParameters CreateParameters() + { + byte[] S = null; + ECCurve curve = Curve; + + X9ECPoint G = ConfigureBasepoint(curve, + "04A1455B334DF099DF30FC28A169A467E9E47075A90F7E650EB6B7A45C7E089FED7FBA344282CAFBD6F7E319F7C0B0BD59E2CA4BDB556D61A5"); + + return new X9ECParameters(curve, G, curve.Order, curve.Cofactor, S); + } + } + + /* + * secp224r1 + */ + internal class Secp224r1Holder + : X9ECParametersHolder + { + private Secp224r1Holder() {} + + internal static readonly X9ECParametersHolder Instance = new Secp224r1Holder(); + + protected override ECCurve CreateCurve() + { + // p = 2^224 - 2^96 + 1 + BigInteger p = FromHex("FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF000000000000000000000001"); + BigInteger a = FromHex("FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFFFFFFFFFFFFFFFFFFFE"); + BigInteger b = FromHex("B4050A850C04B3ABF54132565044B0B7D7BFD8BA270B39432355FFB4"); + BigInteger n = FromHex("FFFFFFFFFFFFFFFFFFFFFFFFFFFF16A2E0B8F03E13DD29455C5C2A3D"); + BigInteger h = BigInteger.One; + + return ConfigureCurve(new FpCurve(p, a, b, n, h, true)); + } + + protected override X9ECParameters CreateParameters() + { + byte[] S = Hex.DecodeStrict("BD71344799D5C7FCDC45B59FA3B9AB8F6A948BC5"); + ECCurve curve = Curve; + + X9ECPoint G = ConfigureBasepoint(curve, + "04B70E0CBD6BB4BF7F321390B94A03C1D356C21122343280D6115C1D21BD376388B5F723FB4C22DFE6CD4375A05A07476444D5819985007E34"); + + return new X9ECParameters(curve, G, curve.Order, curve.Cofactor, S); + } + } + + /* + * secp256k1 + */ + internal class Secp256k1Holder + : X9ECParametersHolder + { + private Secp256k1Holder() {} + + internal static readonly X9ECParametersHolder Instance = new Secp256k1Holder(); + + protected override ECCurve CreateCurve() + { + // p = 2^256 - 2^32 - 2^9 - 2^8 - 2^7 - 2^6 - 2^4 - 1 + BigInteger p = FromHex("FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFC2F"); + BigInteger a = BigInteger.Zero; + BigInteger b = BigInteger.ValueOf(7); + BigInteger n = FromHex("FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEBAAEDCE6AF48A03BBFD25E8CD0364141"); + BigInteger h = BigInteger.One; + + GlvTypeBParameters glv = new GlvTypeBParameters( + new BigInteger("7ae96a2b657c07106e64479eac3434e99cf0497512f58995c1396c28719501ee", 16), + new BigInteger("5363ad4cc05c30e0a5261c028812645a122e22ea20816678df02967c1b23bd72", 16), + new ScalarSplitParameters( + new BigInteger[]{ + new BigInteger("3086d221a7d46bcde86c90e49284eb15", 16), + new BigInteger("-e4437ed6010e88286f547fa90abfe4c3", 16) }, + new BigInteger[]{ + new BigInteger("114ca50f7a8e2f3f657c1108d9d44cfd8", 16), + new BigInteger("3086d221a7d46bcde86c90e49284eb15", 16) }, + new BigInteger("3086d221a7d46bcde86c90e49284eb153dab", 16), + new BigInteger("e4437ed6010e88286f547fa90abfe4c42212", 16), + 272)); + + return ConfigureCurveGlv(new FpCurve(p, a, b, n, h, true), glv); + } + + protected override X9ECParameters CreateParameters() + { + byte[] S = null; + ECCurve curve = Curve; + + X9ECPoint G = ConfigureBasepoint(curve, + "0479BE667EF9DCBBAC55A06295CE870B07029BFCDB2DCE28D959F2815B16F81798483ADA7726A3C4655DA4FBFC0E1108A8FD17B448A68554199C47D08FFB10D4B8"); + + return new X9ECParameters(curve, G, curve.Order, curve.Cofactor, S); + } + } + + /* + * secp256r1 + */ + internal class Secp256r1Holder + : X9ECParametersHolder + { + private Secp256r1Holder() {} + + internal static readonly X9ECParametersHolder Instance = new Secp256r1Holder(); + + protected override ECCurve CreateCurve() + { + // p = 2^224 (2^32 - 1) + 2^192 + 2^96 - 1 + BigInteger p = FromHex("FFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF"); + BigInteger a = FromHex("FFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFC"); + BigInteger b = FromHex("5AC635D8AA3A93E7B3EBBD55769886BC651D06B0CC53B0F63BCE3C3E27D2604B"); + BigInteger n = FromHex("FFFFFFFF00000000FFFFFFFFFFFFFFFFBCE6FAADA7179E84F3B9CAC2FC632551"); + BigInteger h = BigInteger.One; + + return ConfigureCurve(new FpCurve(p, a, b, n, h, true)); + } + + protected override X9ECParameters CreateParameters() + { + byte[] S = Hex.DecodeStrict("C49D360886E704936A6678E1139D26B7819F7E90"); + ECCurve curve = Curve; + + X9ECPoint G = ConfigureBasepoint(curve, + "046B17D1F2E12C4247F8BCE6E563A440F277037D812DEB33A0F4A13945D898C2964FE342E2FE1A7F9B8EE7EB4A7C0F9E162BCE33576B315ECECBB6406837BF51F5"); + + return new X9ECParameters(curve, G, curve.Order, curve.Cofactor, S); + } + } + + /* + * secp384r1 + */ + internal class Secp384r1Holder + : X9ECParametersHolder + { + private Secp384r1Holder() {} + + internal static readonly X9ECParametersHolder Instance = new Secp384r1Holder(); + + protected override ECCurve CreateCurve() + { + // p = 2^384 - 2^128 - 2^96 + 2^32 - 1 + BigInteger p = FromHex("FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFFFF0000000000000000FFFFFFFF"); + BigInteger a = FromHex("FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFFFF0000000000000000FFFFFFFC"); + BigInteger b = FromHex("B3312FA7E23EE7E4988E056BE3F82D19181D9C6EFE8141120314088F5013875AC656398D8A2ED19D2A85C8EDD3EC2AEF"); + BigInteger n = FromHex("FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFC7634D81F4372DDF581A0DB248B0A77AECEC196ACCC52973"); + BigInteger h = BigInteger.One; + + return ConfigureCurve(new FpCurve(p, a, b, n, h, true)); + } + + protected override X9ECParameters CreateParameters() + { + byte[] S = Hex.DecodeStrict("A335926AA319A27A1D00896A6773A4827ACDAC73"); + ECCurve curve = Curve; + + X9ECPoint G = ConfigureBasepoint(curve, "04" + + "AA87CA22BE8B05378EB1C71EF320AD746E1D3B628BA79B9859F741E082542A385502F25DBF55296C3A545E3872760AB7" + + "3617DE4A96262C6F5D9E98BF9292DC29F8F41DBD289A147CE9DA3113B5F0B8C00A60B1CE1D7E819D7A431D7C90EA0E5F"); + + return new X9ECParameters(curve, G, curve.Order, curve.Cofactor, S); + } + } + + /* + * secp521r1 + */ + internal class Secp521r1Holder + : X9ECParametersHolder + { + private Secp521r1Holder() {} + + internal static readonly X9ECParametersHolder Instance = new Secp521r1Holder(); + + protected override ECCurve CreateCurve() + { + // p = 2^521 - 1 + BigInteger p = FromHex("01FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF"); + BigInteger a = FromHex("01FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFC"); + BigInteger b = FromHex("0051953EB9618E1C9A1F929A21A0B68540EEA2DA725B99B315F3B8B489918EF109E156193951EC7E937B1652C0BD3BB1BF073573DF883D2C34F1EF451FD46B503F00"); + BigInteger n = FromHex("01FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFA51868783BF2F966B7FCC0148F709A5D03BB5C9B8899C47AEBB6FB71E91386409"); + BigInteger h = BigInteger.One; + + return ConfigureCurve(new FpCurve(p, a, b, n, h, true)); + } + + protected override X9ECParameters CreateParameters() + { + byte[] S = Hex.DecodeStrict("D09E8800291CB85396CC6717393284AAA0DA64BA"); + ECCurve curve = Curve; + + X9ECPoint G = ConfigureBasepoint(curve, "04" + + "00C6858E06B70404E9CD9E3ECB662395B4429C648139053FB521F828AF606B4D3DBAA14B5E77EFE75928FE1DC127A2FFA8DE3348B3C1856A429BF97E7E31C2E5BD66" + + "011839296A789A3BC0045C8A5FB42C7D1BD998F54449579B446817AFBD17273E662C97EE72995EF42640C550B9013FAD0761353C7086A272C24088BE94769FD16650"); + + return new X9ECParameters(curve, G, curve.Order, curve.Cofactor, S); + } + } + + /* + * sect113r1 + */ + internal class Sect113r1Holder + : X9ECParametersHolder + { + private Sect113r1Holder() {} + + internal static readonly X9ECParametersHolder Instance = new Sect113r1Holder(); + + private const int m = 113; + private const int k = 9; + + protected override ECCurve CreateCurve() + { + BigInteger a = FromHex("003088250CA6E7C7FE649CE85820F7"); + BigInteger b = FromHex("00E8BEE4D3E2260744188BE0E9C723"); + BigInteger n = FromHex("0100000000000000D9CCEC8A39E56F"); + BigInteger h = BigInteger.ValueOf(2); + + return ConfigureCurve(new F2mCurve(m, k, a, b, n, h)); + } + + protected override X9ECParameters CreateParameters() + { + byte[] S = Hex.DecodeStrict("10E723AB14D696E6768756151756FEBF8FCB49A9"); + ECCurve curve = Curve; + + X9ECPoint G = ConfigureBasepoint(curve, + "04009D73616F35F4AB1407D73562C10F00A52830277958EE84D1315ED31886"); + + return new X9ECParameters(curve, G, curve.Order, curve.Cofactor, S); + } + } + + /* + * sect113r2 + */ + internal class Sect113r2Holder + : X9ECParametersHolder + { + private Sect113r2Holder() {} + + internal static readonly X9ECParametersHolder Instance = new Sect113r2Holder(); + + private const int m = 113; + private const int k = 9; + + protected override ECCurve CreateCurve() + { + BigInteger a = FromHex("00689918DBEC7E5A0DD6DFC0AA55C7"); + BigInteger b = FromHex("0095E9A9EC9B297BD4BF36E059184F"); + BigInteger n = FromHex("010000000000000108789B2496AF93"); + BigInteger h = BigInteger.ValueOf(2); + + return ConfigureCurve(new F2mCurve(m, k, a, b, n, h)); + } + + protected override X9ECParameters CreateParameters() + { + byte[] S = Hex.DecodeStrict("10C0FB15760860DEF1EEF4D696E676875615175D"); + ECCurve curve = Curve; + + X9ECPoint G = ConfigureBasepoint(curve, + "0401A57A6A7B26CA5EF52FCDB816479700B3ADC94ED1FE674C06E695BABA1D"); + + return new X9ECParameters(curve, G, curve.Order, curve.Cofactor, S); + } + } + + /* + * sect131r1 + */ + internal class Sect131r1Holder + : X9ECParametersHolder + { + private Sect131r1Holder() {} + + internal static readonly X9ECParametersHolder Instance = new Sect131r1Holder(); + + private const int m = 131; + private const int k1 = 2; + private const int k2 = 3; + private const int k3 = 8; + + protected override ECCurve CreateCurve() + { + BigInteger a = FromHex("07A11B09A76B562144418FF3FF8C2570B8"); + BigInteger b = FromHex("0217C05610884B63B9C6C7291678F9D341"); + BigInteger n = FromHex("0400000000000000023123953A9464B54D"); + BigInteger h = BigInteger.ValueOf(2); + + return ConfigureCurve(new F2mCurve(m, k1, k2, k3, a, b, n, h)); + } + + protected override X9ECParameters CreateParameters() + { + byte[] S = Hex.DecodeStrict("4D696E676875615175985BD3ADBADA21B43A97E2"); + ECCurve curve = Curve; + + X9ECPoint G = ConfigureBasepoint(curve, + "040081BAF91FDF9833C40F9C181343638399078C6E7EA38C001F73C8134B1B4EF9E150"); + + return new X9ECParameters(curve, G, curve.Order, curve.Cofactor, S); + } + } + + /* + * sect131r2 + */ + internal class Sect131r2Holder + : X9ECParametersHolder + { + private Sect131r2Holder() {} + + internal static readonly X9ECParametersHolder Instance = new Sect131r2Holder(); + + private const int m = 131; + private const int k1 = 2; + private const int k2 = 3; + private const int k3 = 8; + + protected override ECCurve CreateCurve() + { + BigInteger a = FromHex("03E5A88919D7CAFCBF415F07C2176573B2"); + BigInteger b = FromHex("04B8266A46C55657AC734CE38F018F2192"); + BigInteger n = FromHex("0400000000000000016954A233049BA98F"); + BigInteger h = BigInteger.ValueOf(2); + + return ConfigureCurve(new F2mCurve(m, k1, k2, k3, a, b, n, h)); + } + + protected override X9ECParameters CreateParameters() + { + byte[] S = Hex.DecodeStrict("985BD3ADBAD4D696E676875615175A21B43A97E3"); + ECCurve curve = Curve; + + X9ECPoint G = ConfigureBasepoint(curve, + "040356DCD8F2F95031AD652D23951BB366A80648F06D867940A5366D9E265DE9EB240F"); + + return new X9ECParameters(curve, G, curve.Order, curve.Cofactor, S); + } + } + + /* + * sect163k1 + */ + internal class Sect163k1Holder + : X9ECParametersHolder + { + private Sect163k1Holder() {} + + internal static readonly X9ECParametersHolder Instance = new Sect163k1Holder(); + + private const int m = 163; + private const int k1 = 3; + private const int k2 = 6; + private const int k3 = 7; + + protected override ECCurve CreateCurve() + { + BigInteger a = BigInteger.One; + BigInteger b = BigInteger.One; + BigInteger n = FromHex("04000000000000000000020108A2E0CC0D99F8A5EF"); + BigInteger h = BigInteger.ValueOf(2); + + return ConfigureCurve(new F2mCurve(m, k1, k2, k3, a, b, n, h)); + } + + protected override X9ECParameters CreateParameters() + { + byte[] S = null; + ECCurve curve = Curve; + + X9ECPoint G = ConfigureBasepoint(curve, + "0402FE13C0537BBC11ACAA07D793DE4E6D5E5C94EEE80289070FB05D38FF58321F2E800536D538CCDAA3D9"); + + return new X9ECParameters(curve, G, curve.Order, curve.Cofactor, S); + } + } + + /* + * sect163r1 + */ + internal class Sect163r1Holder + : X9ECParametersHolder + { + private Sect163r1Holder() {} + + internal static readonly X9ECParametersHolder Instance = new Sect163r1Holder(); + + private const int m = 163; + private const int k1 = 3; + private const int k2 = 6; + private const int k3 = 7; + + protected override ECCurve CreateCurve() + { + BigInteger a = FromHex("07B6882CAAEFA84F9554FF8428BD88E246D2782AE2"); + BigInteger b = FromHex("0713612DCDDCB40AAB946BDA29CA91F73AF958AFD9"); + BigInteger n = FromHex("03FFFFFFFFFFFFFFFFFFFF48AAB689C29CA710279B"); + BigInteger h = BigInteger.ValueOf(2); + + return ConfigureCurve(new F2mCurve(m, k1, k2, k3, a, b, n, h)); + } + + protected override X9ECParameters CreateParameters() + { + byte[] S = Hex.DecodeStrict("24B7B137C8A14D696E6768756151756FD0DA2E5C"); + ECCurve curve = Curve; + + X9ECPoint G = ConfigureBasepoint(curve, + "040369979697AB43897789566789567F787A7876A65400435EDB42EFAFB2989D51FEFCE3C80988F41FF883"); + + return new X9ECParameters(curve, G, curve.Order, curve.Cofactor, S); + } + } + + /* + * sect163r2 + */ + internal class Sect163r2Holder + : X9ECParametersHolder + { + private Sect163r2Holder() {} + + internal static readonly X9ECParametersHolder Instance = new Sect163r2Holder(); + + private const int m = 163; + private const int k1 = 3; + private const int k2 = 6; + private const int k3 = 7; + + protected override ECCurve CreateCurve() + { + BigInteger a = BigInteger.One; + BigInteger b = FromHex("020A601907B8C953CA1481EB10512F78744A3205FD"); + BigInteger n = FromHex("040000000000000000000292FE77E70C12A4234C33"); + BigInteger h = BigInteger.ValueOf(2); + + return ConfigureCurve(new F2mCurve(m, k1, k2, k3, a, b, n, h)); + } + + protected override X9ECParameters CreateParameters() + { + byte[] S = Hex.DecodeStrict("85E25BFE5C86226CDB12016F7553F9D0E693A268"); + ECCurve curve = Curve; + + X9ECPoint G = ConfigureBasepoint(curve, + "0403F0EBA16286A2D57EA0991168D4994637E8343E3600D51FBC6C71A0094FA2CDD545B11C5C0C797324F1"); + + return new X9ECParameters(curve, G, curve.Order, curve.Cofactor, S); + } + } + + /* + * sect193r1 + */ + internal class Sect193r1Holder + : X9ECParametersHolder + { + private Sect193r1Holder() {} + + internal static readonly X9ECParametersHolder Instance = new Sect193r1Holder(); + + private const int m = 193; + private const int k = 15; + + protected override ECCurve CreateCurve() + { + BigInteger a = FromHex("0017858FEB7A98975169E171F77B4087DE098AC8A911DF7B01"); + BigInteger b = FromHex("00FDFB49BFE6C3A89FACADAA7A1E5BBC7CC1C2E5D831478814"); + BigInteger n = FromHex("01000000000000000000000000C7F34A778F443ACC920EBA49"); + BigInteger h = BigInteger.ValueOf(2); + + return ConfigureCurve(new F2mCurve(m, k, a, b, n, h)); + } + + protected override X9ECParameters CreateParameters() + { + byte[] S = Hex.DecodeStrict("103FAEC74D696E676875615175777FC5B191EF30"); + ECCurve curve = Curve; + + X9ECPoint G = ConfigureBasepoint(curve, + "0401F481BC5F0FF84A74AD6CDF6FDEF4BF6179625372D8C0C5E10025E399F2903712CCF3EA9E3A1AD17FB0B3201B6AF7CE1B05"); + + return new X9ECParameters(curve, G, curve.Order, curve.Cofactor, S); + } + } + + /* + * sect193r2 + */ + internal class Sect193r2Holder + : X9ECParametersHolder + { + private Sect193r2Holder() {} + + internal static readonly X9ECParametersHolder Instance = new Sect193r2Holder(); + + private const int m = 193; + private const int k = 15; + + protected override ECCurve CreateCurve() + { + BigInteger a = FromHex("0163F35A5137C2CE3EA6ED8667190B0BC43ECD69977702709B"); + BigInteger b = FromHex("00C9BB9E8927D4D64C377E2AB2856A5B16E3EFB7F61D4316AE"); + BigInteger n = FromHex("010000000000000000000000015AAB561B005413CCD4EE99D5"); + BigInteger h = BigInteger.ValueOf(2); + + return ConfigureCurve(new F2mCurve(m, k, a, b, n, h)); + } + + protected override X9ECParameters CreateParameters() + { + byte[] S = Hex.DecodeStrict("10B7B4D696E676875615175137C8A16FD0DA2211"); + ECCurve curve = Curve; + + X9ECPoint G = ConfigureBasepoint(curve, + "0400D9B67D192E0367C803F39E1A7E82CA14A651350AAE617E8F01CE94335607C304AC29E7DEFBD9CA01F596F927224CDECF6C"); + + return new X9ECParameters(curve, G, curve.Order, curve.Cofactor, S); + } + } + + /* + * sect233k1 + */ + internal class Sect233k1Holder + : X9ECParametersHolder + { + private Sect233k1Holder() {} + + internal static readonly X9ECParametersHolder Instance = new Sect233k1Holder(); + + private const int m = 233; + private const int k = 74; + + protected override ECCurve CreateCurve() + { + BigInteger a = BigInteger.Zero; + BigInteger b = BigInteger.One; + BigInteger n = FromHex("8000000000000000000000000000069D5BB915BCD46EFB1AD5F173ABDF"); + BigInteger h = BigInteger.ValueOf(4); + + return ConfigureCurve(new F2mCurve(m, k, a, b, n, h)); + } + + protected override X9ECParameters CreateParameters() + { + byte[] S = null; + ECCurve curve = Curve; + + X9ECPoint G = ConfigureBasepoint(curve, + "04017232BA853A7E731AF129F22FF4149563A419C26BF50A4C9D6EEFAD612601DB537DECE819B7F70F555A67C427A8CD9BF18AEB9B56E0C11056FAE6A3"); + + return new X9ECParameters(curve, G, curve.Order, curve.Cofactor, S); + } + } + + /* + * sect233r1 + */ + internal class Sect233r1Holder + : X9ECParametersHolder + { + private Sect233r1Holder() {} + + internal static readonly X9ECParametersHolder Instance = new Sect233r1Holder(); + + private const int m = 233; + private const int k = 74; + + protected override ECCurve CreateCurve() + { + BigInteger a = BigInteger.One; + BigInteger b = FromHex("0066647EDE6C332C7F8C0923BB58213B333B20E9CE4281FE115F7D8F90AD"); + BigInteger n = FromHex("01000000000000000000000000000013E974E72F8A6922031D2603CFE0D7"); + BigInteger h = BigInteger.ValueOf(2); + + return ConfigureCurve(new F2mCurve(m, k, a, b, n, h)); + } + + protected override X9ECParameters CreateParameters() + { + byte[] S = Hex.DecodeStrict("74D59FF07F6B413D0EA14B344B20A2DB049B50C3"); + ECCurve curve = Curve; + + X9ECPoint G = ConfigureBasepoint(curve, + "0400FAC9DFCBAC8313BB2139F1BB755FEF65BC391F8B36F8F8EB7371FD558B01006A08A41903350678E58528BEBF8A0BEFF867A7CA36716F7E01F81052"); + + return new X9ECParameters(curve, G, curve.Order, curve.Cofactor, S); + } + } + + /* + * sect239k1 + */ + internal class Sect239k1Holder + : X9ECParametersHolder + { + private Sect239k1Holder() {} + + internal static readonly X9ECParametersHolder Instance = new Sect239k1Holder(); + + private const int m = 239; + private const int k = 158; + + protected override ECCurve CreateCurve() + { + BigInteger a = BigInteger.Zero; + BigInteger b = BigInteger.One; + BigInteger n = FromHex("2000000000000000000000000000005A79FEC67CB6E91F1C1DA800E478A5"); + BigInteger h = BigInteger.ValueOf(4); + + return ConfigureCurve(new F2mCurve(m, k, a, b, n, h)); + } + + protected override X9ECParameters CreateParameters() + { + byte[] S = null; + ECCurve curve = Curve; + + X9ECPoint G = ConfigureBasepoint(curve, + "0429A0B6A887A983E9730988A68727A8B2D126C44CC2CC7B2A6555193035DC76310804F12E549BDB011C103089E73510ACB275FC312A5DC6B76553F0CA"); + + return new X9ECParameters(curve, G, curve.Order, curve.Cofactor, S); + } + } + + /* + * sect283k1 + */ + internal class Sect283k1Holder + : X9ECParametersHolder + { + private Sect283k1Holder() {} + + internal static readonly X9ECParametersHolder Instance = new Sect283k1Holder(); + + private const int m = 283; + private const int k1 = 5; + private const int k2 = 7; + private const int k3 = 12; + + protected override ECCurve CreateCurve() + { + BigInteger a = BigInteger.Zero; + BigInteger b = BigInteger.One; + BigInteger n = FromHex("01FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFE9AE2ED07577265DFF7F94451E061E163C61"); + BigInteger h = BigInteger.ValueOf(4); + + return ConfigureCurve(new F2mCurve(m, k1, k2, k3, a, b, n, h)); + } + + protected override X9ECParameters CreateParameters() + { + byte[] S = null; + ECCurve curve = Curve; + + X9ECPoint G = ConfigureBasepoint(curve, "04" + + "0503213F78CA44883F1A3B8162F188E553CD265F23C1567A16876913B0C2AC2458492836" + + "01CCDA380F1C9E318D90F95D07E5426FE87E45C0E8184698E45962364E34116177DD2259"); + + return new X9ECParameters(curve, G, curve.Order, curve.Cofactor, S); + } + } + + /* + * sect283r1 + */ + internal class Sect283r1Holder + : X9ECParametersHolder + { + private Sect283r1Holder() {} + + internal static readonly X9ECParametersHolder Instance = new Sect283r1Holder(); + + private const int m = 283; + private const int k1 = 5; + private const int k2 = 7; + private const int k3 = 12; + + protected override ECCurve CreateCurve() + { + BigInteger a = BigInteger.One; + BigInteger b = FromHex("027B680AC8B8596DA5A4AF8A19A0303FCA97FD7645309FA2A581485AF6263E313B79A2F5"); + BigInteger n = FromHex("03FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEF90399660FC938A90165B042A7CEFADB307"); + BigInteger h = BigInteger.ValueOf(2); + + return ConfigureCurve(new F2mCurve(m, k1, k2, k3, a, b, n, h)); + } + + protected override X9ECParameters CreateParameters() + { + byte[] S = Hex.DecodeStrict("77E2B07370EB0F832A6DD5B62DFC88CD06BB84BE"); + ECCurve curve = Curve; + + X9ECPoint G = ConfigureBasepoint(curve, "04" + + "05F939258DB7DD90E1934F8C70B0DFEC2EED25B8557EAC9C80E2E198F8CDBECD86B12053" + + "03676854FE24141CB98FE6D4B20D02B4516FF702350EDDB0826779C813F0DF45BE8112F4"); + + return new X9ECParameters(curve, G, curve.Order, curve.Cofactor, S); + } + } + + /* + * sect409k1 + */ + internal class Sect409k1Holder + : X9ECParametersHolder + { + private Sect409k1Holder() {} + + internal static readonly X9ECParametersHolder Instance = new Sect409k1Holder(); + + private const int m = 409; + private const int k = 87; + + protected override ECCurve CreateCurve() + { + BigInteger a = BigInteger.Zero; + BigInteger b = BigInteger.One; + BigInteger n = FromHex("7FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFE5F83B2D4EA20400EC4557D5ED3E3E7CA5B4B5C83B8E01E5FCF"); + BigInteger h = BigInteger.ValueOf(4); + + return ConfigureCurve(new F2mCurve(m, k, a, b, n, h)); + } + + protected override X9ECParameters CreateParameters() + { + byte[] S = null; + ECCurve curve = Curve; + + X9ECPoint G = ConfigureBasepoint(curve, "04" + + "0060F05F658F49C1AD3AB1890F7184210EFD0987E307C84C27ACCFB8F9F67CC2C460189EB5AAAA62EE222EB1B35540CFE9023746" + + "01E369050B7C4E42ACBA1DACBF04299C3460782F918EA427E6325165E9EA10E3DA5F6C42E9C55215AA9CA27A5863EC48D8E0286B"); + + return new X9ECParameters(curve, G, curve.Order, curve.Cofactor, S); + } + } + + /* + * sect409r1 + */ + internal class Sect409r1Holder + : X9ECParametersHolder + { + private Sect409r1Holder() {} + + internal static readonly X9ECParametersHolder Instance = new Sect409r1Holder(); + + private const int m = 409; + private const int k = 87; + + protected override ECCurve CreateCurve() + { + BigInteger a = BigInteger.One; + BigInteger b = FromHex("0021A5C2C8EE9FEB5C4B9A753B7B476B7FD6422EF1F3DD674761FA99D6AC27C8A9A197B272822F6CD57A55AA4F50AE317B13545F"); + BigInteger n = FromHex("010000000000000000000000000000000000000000000000000001E2AAD6A612F33307BE5FA47C3C9E052F838164CD37D9A21173"); + BigInteger h = BigInteger.ValueOf(2); + + return ConfigureCurve(new F2mCurve(m, k, a, b, n, h)); + } + + protected override X9ECParameters CreateParameters() + { + byte[] S = Hex.DecodeStrict("4099B5A457F9D69F79213D094C4BCD4D4262210B"); + ECCurve curve = Curve; + + X9ECPoint G = ConfigureBasepoint(curve, "04" + + "015D4860D088DDB3496B0C6064756260441CDE4AF1771D4DB01FFE5B34E59703DC255A868A1180515603AEAB60794E54BB7996A7" + + "0061B1CFAB6BE5F32BBFA78324ED106A7636B9C5A7BD198D0158AA4F5488D08F38514F1FDF4B4F40D2181B3681C364BA0273C706"); + + return new X9ECParameters(curve, G, curve.Order, curve.Cofactor, S); + } + } + + /* + * sect571k1 + */ + internal class Sect571k1Holder + : X9ECParametersHolder + { + private Sect571k1Holder() {} + + internal static readonly X9ECParametersHolder Instance = new Sect571k1Holder(); + + private const int m = 571; + private const int k1 = 2; + private const int k2 = 5; + private const int k3 = 10; + + protected override ECCurve CreateCurve() + { + BigInteger a = BigInteger.Zero; + BigInteger b = BigInteger.One; + BigInteger n = FromHex("020000000000000000000000000000000000000000000000000000000000000000000000131850E1F19A63E4B391A8DB917F4138B630D84BE5D639381E91DEB45CFE778F637C1001"); + BigInteger h = BigInteger.ValueOf(4); + + return ConfigureCurve(new F2mCurve(m, k1, k2, k3, a, b, n, h)); + } + + protected override X9ECParameters CreateParameters() + { + byte[] S = null; + ECCurve curve = Curve; + + X9ECPoint G = ConfigureBasepoint(curve, "04" + + "026EB7A859923FBC82189631F8103FE4AC9CA2970012D5D46024804801841CA44370958493B205E647DA304DB4CEB08CBBD1BA39494776FB988B47174DCA88C7E2945283A01C8972" + + "0349DC807F4FBF374F4AEADE3BCA95314DD58CEC9F307A54FFC61EFC006D8A2C9D4979C0AC44AEA74FBEBBB9F772AEDCB620B01A7BA7AF1B320430C8591984F601CD4C143EF1C7A3"); + + return new X9ECParameters(curve, G, curve.Order, curve.Cofactor, S); + } + } + + /* + * sect571r1 + */ + internal class Sect571r1Holder + : X9ECParametersHolder + { + private Sect571r1Holder() {} + + internal static readonly X9ECParametersHolder Instance = new Sect571r1Holder(); + + private const int m = 571; + private const int k1 = 2; + private const int k2 = 5; + private const int k3 = 10; + + protected override ECCurve CreateCurve() + { + BigInteger a = BigInteger.One; + BigInteger b = FromHex("02F40E7E2221F295DE297117B7F3D62F5C6A97FFCB8CEFF1CD6BA8CE4A9A18AD84FFABBD8EFA59332BE7AD6756A66E294AFD185A78FF12AA520E4DE739BACA0C7FFEFF7F2955727A"); + BigInteger n = FromHex("03FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFE661CE18FF55987308059B186823851EC7DD9CA1161DE93D5174D66E8382E9BB2FE84E47"); + BigInteger h = BigInteger.ValueOf(2); + + return ConfigureCurve(new F2mCurve(m, k1, k2, k3, a, b, n, h)); + } + + protected override X9ECParameters CreateParameters() + { + byte[] S = Hex.DecodeStrict("2AA058F73A0E33AB486B0F610410C53A7F132310"); + ECCurve curve = Curve; + + X9ECPoint G = ConfigureBasepoint(curve, "04" + + "0303001D34B856296C16C0D40D3CD7750A93D1D2955FA80AA5F40FC8DB7B2ABDBDE53950F4C0D293CDD711A35B67FB1499AE60038614F1394ABFA3B4C850D927E1E7769C8EEC2D19" + + "037BF27342DA639B6DCCFFFEB73D69D78C6C27A6009CBBCA1980F8533921E8A684423E43BAB08A576291AF8F461BB2A8B3531D2F0485C19B16E2F1516E23DD3C1A4827AF1B8AC15B"); + + return new X9ECParameters(curve, G, curve.Order, curve.Cofactor, S); + } + } + + + private static readonly IDictionary objIds = Platform.CreateHashtable(); + private static readonly IDictionary curves = Platform.CreateHashtable(); + private static readonly IDictionary names = Platform.CreateHashtable(); + + private static void DefineCurve( + string name, + DerObjectIdentifier oid, + X9ECParametersHolder holder) + { + objIds.Add(Platform.ToUpperInvariant(name), oid); + names.Add(oid, name); + curves.Add(oid, holder); + } + + static SecNamedCurves() + { + DefineCurve("secp112r1", SecObjectIdentifiers.SecP112r1, Secp112r1Holder.Instance); + DefineCurve("secp112r2", SecObjectIdentifiers.SecP112r2, Secp112r2Holder.Instance); + DefineCurve("secp128r1", SecObjectIdentifiers.SecP128r1, Secp128r1Holder.Instance); + DefineCurve("secp128r2", SecObjectIdentifiers.SecP128r2, Secp128r2Holder.Instance); + DefineCurve("secp160k1", SecObjectIdentifiers.SecP160k1, Secp160k1Holder.Instance); + DefineCurve("secp160r1", SecObjectIdentifiers.SecP160r1, Secp160r1Holder.Instance); + DefineCurve("secp160r2", SecObjectIdentifiers.SecP160r2, Secp160r2Holder.Instance); + DefineCurve("secp192k1", SecObjectIdentifiers.SecP192k1, Secp192k1Holder.Instance); + DefineCurve("secp192r1", SecObjectIdentifiers.SecP192r1, Secp192r1Holder.Instance); + DefineCurve("secp224k1", SecObjectIdentifiers.SecP224k1, Secp224k1Holder.Instance); + DefineCurve("secp224r1", SecObjectIdentifiers.SecP224r1, Secp224r1Holder.Instance); + DefineCurve("secp256k1", SecObjectIdentifiers.SecP256k1, Secp256k1Holder.Instance); + DefineCurve("secp256r1", SecObjectIdentifiers.SecP256r1, Secp256r1Holder.Instance); + DefineCurve("secp384r1", SecObjectIdentifiers.SecP384r1, Secp384r1Holder.Instance); + DefineCurve("secp521r1", SecObjectIdentifiers.SecP521r1, Secp521r1Holder.Instance); + + DefineCurve("sect113r1", SecObjectIdentifiers.SecT113r1, Sect113r1Holder.Instance); + DefineCurve("sect113r2", SecObjectIdentifiers.SecT113r2, Sect113r2Holder.Instance); + DefineCurve("sect131r1", SecObjectIdentifiers.SecT131r1, Sect131r1Holder.Instance); + DefineCurve("sect131r2", SecObjectIdentifiers.SecT131r2, Sect131r2Holder.Instance); + DefineCurve("sect163k1", SecObjectIdentifiers.SecT163k1, Sect163k1Holder.Instance); + DefineCurve("sect163r1", SecObjectIdentifiers.SecT163r1, Sect163r1Holder.Instance); + DefineCurve("sect163r2", SecObjectIdentifiers.SecT163r2, Sect163r2Holder.Instance); + DefineCurve("sect193r1", SecObjectIdentifiers.SecT193r1, Sect193r1Holder.Instance); + DefineCurve("sect193r2", SecObjectIdentifiers.SecT193r2, Sect193r2Holder.Instance); + DefineCurve("sect233k1", SecObjectIdentifiers.SecT233k1, Sect233k1Holder.Instance); + DefineCurve("sect233r1", SecObjectIdentifiers.SecT233r1, Sect233r1Holder.Instance); + DefineCurve("sect239k1", SecObjectIdentifiers.SecT239k1, Sect239k1Holder.Instance); + DefineCurve("sect283k1", SecObjectIdentifiers.SecT283k1, Sect283k1Holder.Instance); + DefineCurve("sect283r1", SecObjectIdentifiers.SecT283r1, Sect283r1Holder.Instance); + DefineCurve("sect409k1", SecObjectIdentifiers.SecT409k1, Sect409k1Holder.Instance); + DefineCurve("sect409r1", SecObjectIdentifiers.SecT409r1, Sect409r1Holder.Instance); + DefineCurve("sect571k1", SecObjectIdentifiers.SecT571k1, Sect571k1Holder.Instance); + DefineCurve("sect571r1", SecObjectIdentifiers.SecT571r1, Sect571r1Holder.Instance); + } + + public static X9ECParameters GetByName(string name) + { + DerObjectIdentifier oid = GetOid(name); + return oid == null ? null : GetByOid(oid); + } + + public static X9ECParametersHolder GetByNameLazy(string name) + { + DerObjectIdentifier oid = GetOid(name); + return oid == null ? null : GetByOidLazy(oid); + } + + /** + * return the X9ECParameters object for the named curve represented by + * the passed in object identifier. Null if the curve isn't present. + * + * @param oid an object identifier representing a named curve, if present. + */ + public static X9ECParameters GetByOid(DerObjectIdentifier oid) + { + X9ECParametersHolder holder = GetByOidLazy(oid); + return holder == null ? null : holder.Parameters; + } + + public static X9ECParametersHolder GetByOidLazy(DerObjectIdentifier oid) + { + return (X9ECParametersHolder)curves[oid]; + } + + /** + * return the object identifier signified by the passed in name. Null + * if there is no object identifier associated with name. + * + * @return the object identifier associated with name, if present. + */ + public static DerObjectIdentifier GetOid( + string name) + { + return (DerObjectIdentifier)objIds[Platform.ToUpperInvariant(name)]; + } + + /** + * return the named curve name represented by the given object identifier. + */ + public static string GetName( + DerObjectIdentifier oid) + { + return (string)names[oid]; + } + + /** + * returns an enumeration containing the name strings for curves + * contained in this structure. + */ + public static IEnumerable Names + { + get { return new EnumerableProxy(names.Values); } + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/sec/SECObjectIdentifiers.cs b/BouncyCastle/crypto/src/asn1/sec/SECObjectIdentifiers.cs new file mode 100644 index 0000000..afc10e1 --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/sec/SECObjectIdentifiers.cs @@ -0,0 +1,52 @@ +using System; + +using Org.BouncyCastle.Asn1; +using Org.BouncyCastle.Asn1.X9; + +namespace Org.BouncyCastle.Asn1.Sec +{ + public abstract class SecObjectIdentifiers + { + /** + * EllipticCurve OBJECT IDENTIFIER ::= { + * iso(1) identified-organization(3) certicom(132) curve(0) + * } + */ + public static readonly DerObjectIdentifier EllipticCurve = new DerObjectIdentifier("1.3.132.0"); + + public static readonly DerObjectIdentifier SecT163k1 = new DerObjectIdentifier(EllipticCurve + ".1"); + public static readonly DerObjectIdentifier SecT163r1 = new DerObjectIdentifier(EllipticCurve + ".2"); + public static readonly DerObjectIdentifier SecT239k1 = new DerObjectIdentifier(EllipticCurve + ".3"); + public static readonly DerObjectIdentifier SecT113r1 = new DerObjectIdentifier(EllipticCurve + ".4"); + public static readonly DerObjectIdentifier SecT113r2 = new DerObjectIdentifier(EllipticCurve + ".5"); + public static readonly DerObjectIdentifier SecP112r1 = new DerObjectIdentifier(EllipticCurve + ".6"); + public static readonly DerObjectIdentifier SecP112r2 = new DerObjectIdentifier(EllipticCurve + ".7"); + public static readonly DerObjectIdentifier SecP160r1 = new DerObjectIdentifier(EllipticCurve + ".8"); + public static readonly DerObjectIdentifier SecP160k1 = new DerObjectIdentifier(EllipticCurve + ".9"); + public static readonly DerObjectIdentifier SecP256k1 = new DerObjectIdentifier(EllipticCurve + ".10"); + public static readonly DerObjectIdentifier SecT163r2 = new DerObjectIdentifier(EllipticCurve + ".15"); + public static readonly DerObjectIdentifier SecT283k1 = new DerObjectIdentifier(EllipticCurve + ".16"); + public static readonly DerObjectIdentifier SecT283r1 = new DerObjectIdentifier(EllipticCurve + ".17"); + public static readonly DerObjectIdentifier SecT131r1 = new DerObjectIdentifier(EllipticCurve + ".22"); + public static readonly DerObjectIdentifier SecT131r2 = new DerObjectIdentifier(EllipticCurve + ".23"); + public static readonly DerObjectIdentifier SecT193r1 = new DerObjectIdentifier(EllipticCurve + ".24"); + public static readonly DerObjectIdentifier SecT193r2 = new DerObjectIdentifier(EllipticCurve + ".25"); + public static readonly DerObjectIdentifier SecT233k1 = new DerObjectIdentifier(EllipticCurve + ".26"); + public static readonly DerObjectIdentifier SecT233r1 = new DerObjectIdentifier(EllipticCurve + ".27"); + public static readonly DerObjectIdentifier SecP128r1 = new DerObjectIdentifier(EllipticCurve + ".28"); + public static readonly DerObjectIdentifier SecP128r2 = new DerObjectIdentifier(EllipticCurve + ".29"); + public static readonly DerObjectIdentifier SecP160r2 = new DerObjectIdentifier(EllipticCurve + ".30"); + public static readonly DerObjectIdentifier SecP192k1 = new DerObjectIdentifier(EllipticCurve + ".31"); + public static readonly DerObjectIdentifier SecP224k1 = new DerObjectIdentifier(EllipticCurve + ".32"); + public static readonly DerObjectIdentifier SecP224r1 = new DerObjectIdentifier(EllipticCurve + ".33"); + public static readonly DerObjectIdentifier SecP384r1 = new DerObjectIdentifier(EllipticCurve + ".34"); + public static readonly DerObjectIdentifier SecP521r1 = new DerObjectIdentifier(EllipticCurve + ".35"); + public static readonly DerObjectIdentifier SecT409k1 = new DerObjectIdentifier(EllipticCurve + ".36"); + public static readonly DerObjectIdentifier SecT409r1 = new DerObjectIdentifier(EllipticCurve + ".37"); + public static readonly DerObjectIdentifier SecT571k1 = new DerObjectIdentifier(EllipticCurve + ".38"); + public static readonly DerObjectIdentifier SecT571r1 = new DerObjectIdentifier(EllipticCurve + ".39"); + + public static readonly DerObjectIdentifier SecP192r1 = X9ObjectIdentifiers.Prime192v1; + public static readonly DerObjectIdentifier SecP256r1 = X9ObjectIdentifiers.Prime256v1; + } +} \ No newline at end of file diff --git a/BouncyCastle/crypto/src/asn1/smime/SMIMEAttributes.cs b/BouncyCastle/crypto/src/asn1/smime/SMIMEAttributes.cs new file mode 100644 index 0000000..e154e5e --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/smime/SMIMEAttributes.cs @@ -0,0 +1,11 @@ +using Org.BouncyCastle.Asn1; +using Org.BouncyCastle.Asn1.Pkcs; + +namespace Org.BouncyCastle.Asn1.Smime +{ + public abstract class SmimeAttributes + { + public static readonly DerObjectIdentifier SmimeCapabilities = PkcsObjectIdentifiers.Pkcs9AtSmimeCapabilities; + public static readonly DerObjectIdentifier EncrypKeyPref = PkcsObjectIdentifiers.IdAAEncrypKeyPref; + } +} diff --git a/BouncyCastle/crypto/src/asn1/smime/SMIMECapabilities.cs b/BouncyCastle/crypto/src/asn1/smime/SMIMECapabilities.cs new file mode 100644 index 0000000..5bf48f3 --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/smime/SMIMECapabilities.cs @@ -0,0 +1,134 @@ +using System; +using System.Collections; + +using Org.BouncyCastle.Asn1; +using Org.BouncyCastle.Asn1.Nist; +using Org.BouncyCastle.Asn1.Pkcs; +using Org.BouncyCastle.Asn1.X509; + +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Asn1.Smime +{ + /** + * Handler class for dealing with S/MIME Capabilities + */ + public class SmimeCapabilities + : Asn1Encodable + { + /** + * general preferences + */ + public static readonly DerObjectIdentifier PreferSignedData = PkcsObjectIdentifiers.PreferSignedData; + public static readonly DerObjectIdentifier CannotDecryptAny = PkcsObjectIdentifiers.CannotDecryptAny; + public static readonly DerObjectIdentifier SmimeCapabilitesVersions = PkcsObjectIdentifiers.SmimeCapabilitiesVersions; + + /** + * encryption algorithms preferences + */ + public static readonly DerObjectIdentifier Aes256Cbc = NistObjectIdentifiers.IdAes256Cbc; + public static readonly DerObjectIdentifier Aes192Cbc = NistObjectIdentifiers.IdAes192Cbc; + public static readonly DerObjectIdentifier Aes128Cbc = NistObjectIdentifiers.IdAes128Cbc; + public static readonly DerObjectIdentifier IdeaCbc = new DerObjectIdentifier("1.3.6.1.4.1.188.7.1.1.2"); + public static readonly DerObjectIdentifier Cast5Cbc = new DerObjectIdentifier("1.2.840.113533.7.66.10"); + public static readonly DerObjectIdentifier DesCbc = new DerObjectIdentifier("1.3.14.3.2.7"); + public static readonly DerObjectIdentifier DesEde3Cbc = PkcsObjectIdentifiers.DesEde3Cbc; + public static readonly DerObjectIdentifier RC2Cbc = PkcsObjectIdentifiers.RC2Cbc; + + private Asn1Sequence capabilities; + + /** + * return an Attr object from the given object. + * + * @param o the object we want converted. + * @exception ArgumentException if the object cannot be converted. + */ + public static SmimeCapabilities GetInstance( + object obj) + { + if (obj == null || obj is SmimeCapabilities) + { + return (SmimeCapabilities) obj; + } + + if (obj is Asn1Sequence) + { + return new SmimeCapabilities((Asn1Sequence) obj); + } + + if (obj is AttributeX509) + { + return new SmimeCapabilities( + (Asn1Sequence)(((AttributeX509) obj).AttrValues[0])); + } + + throw new ArgumentException("unknown object in factory: " + Platform.GetTypeName(obj), "obj"); + } + + public SmimeCapabilities( + Asn1Sequence seq) + { + capabilities = seq; + } + +#if !(SILVERLIGHT || PORTABLE) + [Obsolete("Use 'GetCapabilitiesForOid' instead")] + public ArrayList GetCapabilities( + DerObjectIdentifier capability) + { + ArrayList list = new ArrayList(); + DoGetCapabilitiesForOid(capability, list); + return list; + } +#endif + + /** + * returns an ArrayList with 0 or more objects of all the capabilities + * matching the passed in capability Oid. If the Oid passed is null the + * entire set is returned. + */ + public IList GetCapabilitiesForOid( + DerObjectIdentifier capability) + { + IList list = Platform.CreateArrayList(); + DoGetCapabilitiesForOid(capability, list); + return list; + } + + private void DoGetCapabilitiesForOid(DerObjectIdentifier capability, IList list) + { + if (capability == null) + { + foreach (object o in capabilities) + { + SmimeCapability cap = SmimeCapability.GetInstance(o); + + list.Add(cap); + } + } + else + { + foreach (object o in capabilities) + { + SmimeCapability cap = SmimeCapability.GetInstance(o); + + if (capability.Equals(cap.CapabilityID)) + { + list.Add(cap); + } + } + } + } + + /** + * Produce an object suitable for an Asn1OutputStream. + * 
+         * SMIMECapabilities ::= Sequence OF SMIMECapability
+         *
+ */ + public override Asn1Object ToAsn1Object() + { + return capabilities; + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/smime/SMIMECapabilitiesAttribute.cs b/BouncyCastle/crypto/src/asn1/smime/SMIMECapabilitiesAttribute.cs new file mode 100644 index 0000000..310c478 --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/smime/SMIMECapabilitiesAttribute.cs @@ -0,0 +1,16 @@ +using Org.BouncyCastle.Asn1; +using Org.BouncyCastle.Asn1.X509; + +namespace Org.BouncyCastle.Asn1.Smime +{ + public class SmimeCapabilitiesAttribute + : AttributeX509 + { + public SmimeCapabilitiesAttribute( + SmimeCapabilityVector capabilities) + : base(SmimeAttributes.SmimeCapabilities, + new DerSet(new DerSequence(capabilities.ToAsn1EncodableVector()))) + { + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/smime/SMIMECapability.cs b/BouncyCastle/crypto/src/asn1/smime/SMIMECapability.cs new file mode 100644 index 0000000..9b30c6d --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/smime/SMIMECapability.cs @@ -0,0 +1,96 @@ +using System; + +using Org.BouncyCastle.Asn1; +using Org.BouncyCastle.Asn1.Pkcs; + +namespace Org.BouncyCastle.Asn1.Smime +{ + public class SmimeCapability + : Asn1Encodable + { + /** + * general preferences + */ + public static readonly DerObjectIdentifier PreferSignedData = PkcsObjectIdentifiers.PreferSignedData; + public static readonly DerObjectIdentifier CannotDecryptAny = PkcsObjectIdentifiers.CannotDecryptAny; + public static readonly DerObjectIdentifier SmimeCapabilitiesVersions = PkcsObjectIdentifiers.SmimeCapabilitiesVersions; + + /** + * encryption algorithms preferences + */ + public static readonly DerObjectIdentifier DesCbc = new DerObjectIdentifier("1.3.14.3.2.7"); + public static readonly DerObjectIdentifier DesEde3Cbc = PkcsObjectIdentifiers.DesEde3Cbc; + public static readonly DerObjectIdentifier RC2Cbc = PkcsObjectIdentifiers.RC2Cbc; + + private DerObjectIdentifier capabilityID; + private Asn1Object parameters; + + public SmimeCapability( + Asn1Sequence seq) + { + capabilityID = (DerObjectIdentifier) seq[0].ToAsn1Object(); + + if (seq.Count > 1) + { + parameters = seq[1].ToAsn1Object(); + } + } + + public SmimeCapability( + DerObjectIdentifier capabilityID, + Asn1Encodable parameters) + { + if (capabilityID == null) + throw new ArgumentNullException("capabilityID"); + + this.capabilityID = capabilityID; + + if (parameters != null) + { + this.parameters = parameters.ToAsn1Object(); + } + } + + public static SmimeCapability GetInstance( + object obj) + { + if (obj == null || obj is SmimeCapability) + { + return (SmimeCapability) obj; + } + + if (obj is Asn1Sequence) + { + return new SmimeCapability((Asn1Sequence) obj); + } + + throw new ArgumentException("Invalid SmimeCapability"); + } + + public DerObjectIdentifier CapabilityID + { + get { return capabilityID; } + } + + public Asn1Object Parameters + { + get { return parameters; } + } + + /** + * Produce an object suitable for an Asn1OutputStream. + * 
+         * SMIMECapability ::= Sequence {
+         *     capabilityID OBJECT IDENTIFIER,
+         *     parameters ANY DEFINED BY capabilityID OPTIONAL
+         * }
+         *
+ */ + public override Asn1Object ToAsn1Object() + { + Asn1EncodableVector v = new Asn1EncodableVector(capabilityID); + v.AddOptional(parameters); + return new DerSequence(v); + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/smime/SMIMECapabilityVector.cs b/BouncyCastle/crypto/src/asn1/smime/SMIMECapabilityVector.cs new file mode 100644 index 0000000..842825b --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/smime/SMIMECapabilityVector.cs @@ -0,0 +1,37 @@ +using Org.BouncyCastle.Asn1; + +namespace Org.BouncyCastle.Asn1.Smime +{ + /** + * Handler for creating a vector S/MIME Capabilities + */ + public class SmimeCapabilityVector + { + private readonly Asn1EncodableVector capabilities = new Asn1EncodableVector(); + + public void AddCapability( + DerObjectIdentifier capability) + { + capabilities.Add(new DerSequence(capability)); + } + + public void AddCapability( + DerObjectIdentifier capability, + int value) + { + capabilities.Add(new DerSequence(capability, new DerInteger(value))); + } + + public void AddCapability( + DerObjectIdentifier capability, + Asn1Encodable parameters) + { + capabilities.Add(new DerSequence(capability, parameters)); + } + + public Asn1EncodableVector ToAsn1EncodableVector() + { + return capabilities; + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/smime/SMIMEEncryptionKeyPreferenceAttribute.cs b/BouncyCastle/crypto/src/asn1/smime/SMIMEEncryptionKeyPreferenceAttribute.cs new file mode 100644 index 0000000..19c5fd7 --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/smime/SMIMEEncryptionKeyPreferenceAttribute.cs @@ -0,0 +1,44 @@ +using Org.BouncyCastle.Asn1; +using Org.BouncyCastle.Asn1.Cms; +using Org.BouncyCastle.Asn1.X509; + +namespace Org.BouncyCastle.Asn1.Smime +{ + /** + * The SmimeEncryptionKeyPreference object. + * 
+     * SmimeEncryptionKeyPreference ::= CHOICE {
+     *     issuerAndSerialNumber   [0] IssuerAndSerialNumber,
+     *     receipentKeyId          [1] RecipientKeyIdentifier,
+     *     subjectAltKeyIdentifier [2] SubjectKeyIdentifier
+     * }
+     *
+ */ + public class SmimeEncryptionKeyPreferenceAttribute + : AttributeX509 + { + public SmimeEncryptionKeyPreferenceAttribute( + IssuerAndSerialNumber issAndSer) + : base(SmimeAttributes.EncrypKeyPref, + new DerSet(new DerTaggedObject(false, 0, issAndSer))) + { + } + + public SmimeEncryptionKeyPreferenceAttribute( + RecipientKeyIdentifier rKeyID) + : base(SmimeAttributes.EncrypKeyPref, + new DerSet(new DerTaggedObject(false, 1, rKeyID))) + { + } + + /** + * @param sKeyId the subjectKeyIdentifier value (normally the X.509 one) + */ + public SmimeEncryptionKeyPreferenceAttribute( + Asn1OctetString sKeyID) + : base(SmimeAttributes.EncrypKeyPref, + new DerSet(new DerTaggedObject(false, 2, sKeyID))) + { + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/teletrust/TeleTrusTNamedCurves.cs b/BouncyCastle/crypto/src/asn1/teletrust/TeleTrusTNamedCurves.cs new file mode 100644 index 0000000..dcc1600 --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/teletrust/TeleTrusTNamedCurves.cs @@ -0,0 +1,562 @@ +using System.Collections; + +using Org.BouncyCastle.Asn1.X9; +using Org.BouncyCastle.Math; +using Org.BouncyCastle.Math.EC; +using Org.BouncyCastle.Math.EC.Multiplier; +using Org.BouncyCastle.Utilities; +using Org.BouncyCastle.Utilities.Collections; +using Org.BouncyCastle.Utilities.Encoders; + +namespace Org.BouncyCastle.Asn1.TeleTrust +{ + /** + * elliptic curves defined in "ECC Brainpool Standard Curves and Curve Generation" + * http://www.ecc-brainpool.org/download/draft_pkix_additional_ecc_dp.txt + */ + public class TeleTrusTNamedCurves + { + private static X9ECPoint ConfigureBasepoint(ECCurve curve, string encoding) + { + X9ECPoint G = new X9ECPoint(curve, Hex.DecodeStrict(encoding)); + WNafUtilities.ConfigureBasepoint(G.Point); + return G; + } + + private static ECCurve ConfigureCurve(ECCurve curve) + { + return curve; + } + + private static BigInteger FromHex(string hex) + { + return new BigInteger(1, Hex.DecodeStrict(hex)); + } + + internal class BrainpoolP160r1Holder + : X9ECParametersHolder + { + private BrainpoolP160r1Holder() {} + + internal static readonly X9ECParametersHolder Instance = new BrainpoolP160r1Holder(); + + protected override ECCurve CreateCurve() + { + BigInteger n = FromHex("E95E4A5F737059DC60DF5991D45029409E60FC09"); + BigInteger h = BigInteger.One; + + return ConfigureCurve(new FpCurve( + FromHex("E95E4A5F737059DC60DFC7AD95B3D8139515620F"), // q + FromHex("340E7BE2A280EB74E2BE61BADA745D97E8F7C300"), // a + FromHex("1E589A8595423412134FAA2DBDEC95C8D8675E58"), // b + n, h)); + } + + protected override X9ECParameters CreateParameters() + { + ECCurve curve = Curve; + + X9ECPoint G = ConfigureBasepoint(curve, + "04BED5AF16EA3F6A4F62938C4631EB5AF7BDBCDBC31667CB477A1A8EC338F94741669C976316DA6321"); + + return new X9ECParameters(curve, G, curve.Order, curve.Cofactor); + } + } + + internal class BrainpoolP160t1Holder + : X9ECParametersHolder + { + private BrainpoolP160t1Holder() {} + + internal static readonly X9ECParametersHolder Instance = new BrainpoolP160t1Holder(); + + protected override ECCurve CreateCurve() + { + BigInteger n = FromHex("E95E4A5F737059DC60DF5991D45029409E60FC09"); + BigInteger h = BigInteger.One; + + return ConfigureCurve(new FpCurve( + //FromHex("24DBFF5DEC9B986BBFE5295A29BFBAE45E0F5D0B"), // Z + FromHex("E95E4A5F737059DC60DFC7AD95B3D8139515620F"), // q + FromHex("E95E4A5F737059DC60DFC7AD95B3D8139515620C"), // a + FromHex("7A556B6DAE535B7B51ED2C4D7DAA7A0B5C55F380"), // b + n, h)); + } + + protected override X9ECParameters CreateParameters() + { + ECCurve curve = Curve; + + X9ECPoint G = ConfigureBasepoint(curve, + "04B199B13B9B34EFC1397E64BAEB05ACC265FF2378ADD6718B7C7C1961F0991B842443772152C9E0AD"); + + return new X9ECParameters(curve, G, curve.Order, curve.Cofactor); + } + } + + internal class BrainpoolP192r1Holder + : X9ECParametersHolder + { + private BrainpoolP192r1Holder() {} + + internal static readonly X9ECParametersHolder Instance = new BrainpoolP192r1Holder(); + + protected override ECCurve CreateCurve() + { + BigInteger n = FromHex("C302F41D932A36CDA7A3462F9E9E916B5BE8F1029AC4ACC1"); + BigInteger h = BigInteger.One; + + return ConfigureCurve(new FpCurve( + FromHex("C302F41D932A36CDA7A3463093D18DB78FCE476DE1A86297"), // q + FromHex("6A91174076B1E0E19C39C031FE8685C1CAE040E5C69A28EF"), // a + FromHex("469A28EF7C28CCA3DC721D044F4496BCCA7EF4146FBF25C9"), // b + n, h)); + } + + protected override X9ECParameters CreateParameters() + { + ECCurve curve = Curve; + + X9ECPoint G = ConfigureBasepoint(curve, + "04C0A0647EAAB6A48753B033C56CB0F0900A2F5C4853375FD614B690866ABD5BB88B5F4828C1490002E6773FA2FA299B8F"); + + return new X9ECParameters(curve, G, curve.Order, curve.Cofactor); + } + } + + internal class BrainpoolP192t1Holder + : X9ECParametersHolder + { + private BrainpoolP192t1Holder() {} + + internal static readonly X9ECParametersHolder Instance = new BrainpoolP192t1Holder(); + + protected override ECCurve CreateCurve() + { + BigInteger n = FromHex("C302F41D932A36CDA7A3462F9E9E916B5BE8F1029AC4ACC1"); + BigInteger h = BigInteger.One; + + return ConfigureCurve(new FpCurve( + //FromHex("1B6F5CC8DB4DC7AF19458A9CB80DC2295E5EB9C3732104CB") // Z + FromHex("C302F41D932A36CDA7A3463093D18DB78FCE476DE1A86297"), // q + FromHex("C302F41D932A36CDA7A3463093D18DB78FCE476DE1A86294"), // a + FromHex("13D56FFAEC78681E68F9DEB43B35BEC2FB68542E27897B79"), // b + n, h)); + } + + protected override X9ECParameters CreateParameters() + { + ECCurve curve = Curve; + + X9ECPoint G = ConfigureBasepoint(curve, + "043AE9E58C82F63C30282E1FE7BBF43FA72C446AF6F4618129097E2C5667C2223A902AB5CA449D0084B7E5B3DE7CCC01C9"); + + return new X9ECParameters(curve, G, curve.Order, curve.Cofactor); + } + } + + internal class BrainpoolP224r1Holder + : X9ECParametersHolder + { + private BrainpoolP224r1Holder() {} + + internal static readonly X9ECParametersHolder Instance = new BrainpoolP224r1Holder(); + + protected override ECCurve CreateCurve() + { + BigInteger n = FromHex("D7C134AA264366862A18302575D0FB98D116BC4B6DDEBCA3A5A7939F"); + BigInteger h = BigInteger.One; + + return ConfigureCurve(new FpCurve( + FromHex("D7C134AA264366862A18302575D1D787B09F075797DA89F57EC8C0FF"), // q + FromHex("68A5E62CA9CE6C1C299803A6C1530B514E182AD8B0042A59CAD29F43"), // a + FromHex("2580F63CCFE44138870713B1A92369E33E2135D266DBB372386C400B"), // b + n, h)); + } + + protected override X9ECParameters CreateParameters() + { + ECCurve curve = Curve; + + X9ECPoint G = ConfigureBasepoint(curve, + "040D9029AD2C7E5CF4340823B2A87DC68C9E4CE3174C1E6EFDEE12C07D58AA56F772C0726F24C6B89E4ECDAC24354B9E99CAA3F6D3761402CD"); + + return new X9ECParameters(curve, G, curve.Order, curve.Cofactor); + } + } + + internal class BrainpoolP224t1Holder + : X9ECParametersHolder + { + private BrainpoolP224t1Holder() {} + + internal static readonly X9ECParametersHolder Instance = new BrainpoolP224t1Holder(); + + protected override ECCurve CreateCurve() + { + BigInteger n = FromHex("D7C134AA264366862A18302575D0FB98D116BC4B6DDEBCA3A5A7939F"); + BigInteger h = BigInteger.One; + + return ConfigureCurve(new FpCurve( + //FromHex("2DF271E14427A346910CF7A2E6CFA7B3F484E5C2CCE1C8B730E28B3F") // Z + FromHex("D7C134AA264366862A18302575D1D787B09F075797DA89F57EC8C0FF"), // q + FromHex("D7C134AA264366862A18302575D1D787B09F075797DA89F57EC8C0FC"), // a + FromHex("4B337D934104CD7BEF271BF60CED1ED20DA14C08B3BB64F18A60888D"), // b + n, h)); + } + + protected override X9ECParameters CreateParameters() + { + ECCurve curve = Curve; + + X9ECPoint G = ConfigureBasepoint(curve, + "046AB1E344CE25FF3896424E7FFE14762ECB49F8928AC0C76029B4D5800374E9F5143E568CD23F3F4D7C0D4B1E41C8CC0D1C6ABD5F1A46DB4C"); + + return new X9ECParameters(curve, G, curve.Order, curve.Cofactor); + } + } + + internal class BrainpoolP256r1Holder + : X9ECParametersHolder + { + private BrainpoolP256r1Holder() {} + + internal static readonly X9ECParametersHolder Instance = new BrainpoolP256r1Holder(); + + protected override ECCurve CreateCurve() + { + BigInteger n = FromHex("A9FB57DBA1EEA9BC3E660A909D838D718C397AA3B561A6F7901E0E82974856A7"); + BigInteger h = BigInteger.One; + + return ConfigureCurve(new FpCurve( + FromHex("A9FB57DBA1EEA9BC3E660A909D838D726E3BF623D52620282013481D1F6E5377"), // q + FromHex("7D5A0975FC2C3057EEF67530417AFFE7FB8055C126DC5C6CE94A4B44F330B5D9"), // a + FromHex("26DC5C6CE94A4B44F330B5D9BBD77CBF958416295CF7E1CE6BCCDC18FF8C07B6"), // b + n, h)); + } + + protected override X9ECParameters CreateParameters() + { + ECCurve curve = Curve; + + X9ECPoint G = ConfigureBasepoint(curve, + "048BD2AEB9CB7E57CB2C4B482FFC81B7AFB9DE27E1E3BD23C23A4453BD9ACE3262547EF835C3DAC4FD97F8461A14611DC9C27745132DED8E545C1D54C72F046997"); + + return new X9ECParameters(curve, G, curve.Order, curve.Cofactor); + } + } + + internal class BrainpoolP256t1Holder + : X9ECParametersHolder + { + private BrainpoolP256t1Holder() {} + + internal static readonly X9ECParametersHolder Instance = new BrainpoolP256t1Holder(); + + protected override ECCurve CreateCurve() + { + BigInteger n = FromHex("A9FB57DBA1EEA9BC3E660A909D838D718C397AA3B561A6F7901E0E82974856A7"); + BigInteger h = BigInteger.One; + + return ConfigureCurve(new FpCurve( + //FromHex("3E2D4BD9597B58639AE7AA669CAB9837CF5CF20A2C852D10F655668DFC150EF0") // Z + FromHex("A9FB57DBA1EEA9BC3E660A909D838D726E3BF623D52620282013481D1F6E5377"), // q + FromHex("A9FB57DBA1EEA9BC3E660A909D838D726E3BF623D52620282013481D1F6E5374"), // a + FromHex("662C61C430D84EA4FE66A7733D0B76B7BF93EBC4AF2F49256AE58101FEE92B04"), // b + n, h)); + } + + protected override X9ECParameters CreateParameters() + { + ECCurve curve = Curve; + + X9ECPoint G = ConfigureBasepoint(curve, + "04A3E8EB3CC1CFE7B7732213B23A656149AFA142C47AAFBC2B79A191562E1305F42D996C823439C56D7F7B22E14644417E69BCB6DE39D027001DABE8F35B25C9BE"); + + return new X9ECParameters(curve, G, curve.Order, curve.Cofactor); + } + } + + internal class BrainpoolP320r1Holder + : X9ECParametersHolder + { + private BrainpoolP320r1Holder() {} + + internal static readonly X9ECParametersHolder Instance = new BrainpoolP320r1Holder(); + + protected override ECCurve CreateCurve() + { + BigInteger n = FromHex("D35E472036BC4FB7E13C785ED201E065F98FCFA5B68F12A32D482EC7EE8658E98691555B44C59311"); + BigInteger h = BigInteger.One; + + return ConfigureCurve(new FpCurve( + FromHex("D35E472036BC4FB7E13C785ED201E065F98FCFA6F6F40DEF4F92B9EC7893EC28FCD412B1F1B32E27"), // q + FromHex("3EE30B568FBAB0F883CCEBD46D3F3BB8A2A73513F5EB79DA66190EB085FFA9F492F375A97D860EB4"), // a + FromHex("520883949DFDBC42D3AD198640688A6FE13F41349554B49ACC31DCCD884539816F5EB4AC8FB1F1A6"), // b + n, h)); + } + + protected override X9ECParameters CreateParameters() + { + ECCurve curve = Curve; + + X9ECPoint G = ConfigureBasepoint(curve, + "0443BD7E9AFB53D8B85289BCC48EE5BFE6F20137D10A087EB6E7871E2A10A599C710AF8D0D39E2061114FDD05545EC1CC8AB4093247F77275E0743FFED117182EAA9C77877AAAC6AC7D35245D1692E8EE1"); + + return new X9ECParameters(curve, G, curve.Order, curve.Cofactor); + } + } + + internal class BrainpoolP320t1Holder + : X9ECParametersHolder + { + private BrainpoolP320t1Holder() {} + + internal static readonly X9ECParametersHolder Instance = new BrainpoolP320t1Holder(); + + protected override ECCurve CreateCurve() + { + BigInteger n = FromHex("D35E472036BC4FB7E13C785ED201E065F98FCFA5B68F12A32D482EC7EE8658E98691555B44C59311"); + BigInteger h = BigInteger.One; + + return ConfigureCurve(new FpCurve( + //FromHex("15F75CAF668077F7E85B42EB01F0A81FF56ECD6191D55CB82B7D861458A18FEFC3E5AB7496F3C7B1") // Z + FromHex("D35E472036BC4FB7E13C785ED201E065F98FCFA6F6F40DEF4F92B9EC7893EC28FCD412B1F1B32E27"), // q + FromHex("D35E472036BC4FB7E13C785ED201E065F98FCFA6F6F40DEF4F92B9EC7893EC28FCD412B1F1B32E24"), // a + FromHex("A7F561E038EB1ED560B3D147DB782013064C19F27ED27C6780AAF77FB8A547CEB5B4FEF422340353"), // b + n, h)); + } + + protected override X9ECParameters CreateParameters() + { + ECCurve curve = Curve; + + X9ECPoint G = ConfigureBasepoint(curve, + "04925BE9FB01AFC6FB4D3E7D4990010F813408AB106C4F09CB7EE07868CC136FFF3357F624A21BED5263BA3A7A27483EBF6671DBEF7ABB30EBEE084E58A0B077AD42A5A0989D1EE71B1B9BC0455FB0D2C3"); + + return new X9ECParameters(curve, G, curve.Order, curve.Cofactor); + } + } + + internal class BrainpoolP384r1Holder + : X9ECParametersHolder + { + private BrainpoolP384r1Holder() {} + + internal static readonly X9ECParametersHolder Instance = new BrainpoolP384r1Holder(); + + protected override ECCurve CreateCurve() + { + BigInteger n = FromHex("8CB91E82A3386D280F5D6F7E50E641DF152F7109ED5456B31F166E6CAC0425A7CF3AB6AF6B7FC3103B883202E9046565"); + BigInteger h = BigInteger.One; + + return ConfigureCurve(new FpCurve( + FromHex("8CB91E82A3386D280F5D6F7E50E641DF152F7109ED5456B412B1DA197FB71123ACD3A729901D1A71874700133107EC53"), // q + FromHex("7BC382C63D8C150C3C72080ACE05AFA0C2BEA28E4FB22787139165EFBA91F90F8AA5814A503AD4EB04A8C7DD22CE2826"), // a + FromHex("04A8C7DD22CE28268B39B55416F0447C2FB77DE107DCD2A62E880EA53EEB62D57CB4390295DBC9943AB78696FA504C11"), // b + n, h)); + } + + protected override X9ECParameters CreateParameters() + { + ECCurve curve = Curve; + + X9ECPoint G = ConfigureBasepoint(curve, + "041D1C64F068CF45FFA2A63A81B7C13F6B8847A3E77EF14FE3DB7FCAFE0CBD10E8E826E03436D646AAEF87B2E247D4AF1E8ABE1D7520F9C2A45CB1EB8E95CFD55262B70B29FEEC5864E19C054FF99129280E4646217791811142820341263C5315"); + + return new X9ECParameters(curve, G, curve.Order, curve.Cofactor); + } + } + + internal class BrainpoolP384t1Holder + : X9ECParametersHolder + { + private BrainpoolP384t1Holder() {} + + internal static readonly X9ECParametersHolder Instance = new BrainpoolP384t1Holder(); + + protected override ECCurve CreateCurve() + { + BigInteger n = FromHex("8CB91E82A3386D280F5D6F7E50E641DF152F7109ED5456B31F166E6CAC0425A7CF3AB6AF6B7FC3103B883202E9046565"); + BigInteger h = BigInteger.One; + + return ConfigureCurve(new FpCurve( + //FromHex("41DFE8DD399331F7166A66076734A89CD0D2BCDB7D068E44E1F378F41ECBAE97D2D63DBC87BCCDDCCC5DA39E8589291C") // Z + FromHex("8CB91E82A3386D280F5D6F7E50E641DF152F7109ED5456B412B1DA197FB71123ACD3A729901D1A71874700133107EC53"), // q + FromHex("8CB91E82A3386D280F5D6F7E50E641DF152F7109ED5456B412B1DA197FB71123ACD3A729901D1A71874700133107EC50"), // a + FromHex("7F519EADA7BDA81BD826DBA647910F8C4B9346ED8CCDC64E4B1ABD11756DCE1D2074AA263B88805CED70355A33B471EE"), // b + n, h)); + } + + protected override X9ECParameters CreateParameters() + { + ECCurve curve = Curve; + + X9ECPoint G = ConfigureBasepoint(curve, + "0418DE98B02DB9A306F2AFCD7235F72A819B80AB12EBD653172476FECD462AABFFC4FF191B946A5F54D8D0AA2F418808CC25AB056962D30651A114AFD2755AD336747F93475B7A1FCA3B88F2B6A208CCFE469408584DC2B2912675BF5B9E582928"); + + return new X9ECParameters(curve, G, curve.Order, curve.Cofactor); + } + } + + internal class BrainpoolP512r1Holder + : X9ECParametersHolder + { + private BrainpoolP512r1Holder() {} + + internal static readonly X9ECParametersHolder Instance = new BrainpoolP512r1Holder(); + + protected override ECCurve CreateCurve() + { + BigInteger n = FromHex("AADD9DB8DBE9C48B3FD4E6AE33C9FC07CB308DB3B3C9D20ED6639CCA70330870553E5C414CA92619418661197FAC10471DB1D381085DDADDB58796829CA90069"); + BigInteger h = BigInteger.One; + + return ConfigureCurve(new FpCurve( + FromHex("AADD9DB8DBE9C48B3FD4E6AE33C9FC07CB308DB3B3C9D20ED6639CCA703308717D4D9B009BC66842AECDA12AE6A380E62881FF2F2D82C68528AA6056583A48F3"), // q + FromHex("7830A3318B603B89E2327145AC234CC594CBDD8D3DF91610A83441CAEA9863BC2DED5D5AA8253AA10A2EF1C98B9AC8B57F1117A72BF2C7B9E7C1AC4D77FC94CA"), // a + FromHex("3DF91610A83441CAEA9863BC2DED5D5AA8253AA10A2EF1C98B9AC8B57F1117A72BF2C7B9E7C1AC4D77FC94CADC083E67984050B75EBAE5DD2809BD638016F723"), // b + n, h)); + } + + protected override X9ECParameters CreateParameters() + { + ECCurve curve = Curve; + + X9ECPoint G = ConfigureBasepoint(curve, + "0481AEE4BDD82ED9645A21322E9C4C6A9385ED9F70B5D916C1B43B62EEF4D0098EFF3B1F78E2D0D48D50D1687B93B97D5F7C6D5047406A5E688B352209BCB9F8227DDE385D566332ECC0EABFA9CF7822FDF209F70024A57B1AA000C55B881F8111B2DCDE494A5F485E5BCA4BD88A2763AED1CA2B2FA8F0540678CD1E0F3AD80892"); + + return new X9ECParameters(curve, G, curve.Order, curve.Cofactor); + } + } + + internal class BrainpoolP512t1Holder + : X9ECParametersHolder + { + private BrainpoolP512t1Holder() {} + + internal static readonly X9ECParametersHolder Instance = new BrainpoolP512t1Holder(); + + protected override ECCurve CreateCurve() + { + BigInteger n = FromHex("AADD9DB8DBE9C48B3FD4E6AE33C9FC07CB308DB3B3C9D20ED6639CCA70330870553E5C414CA92619418661197FAC10471DB1D381085DDADDB58796829CA90069"); + BigInteger h = BigInteger.One; + + return ConfigureCurve(new FpCurve( + //FromHex("12EE58E6764838B69782136F0F2D3BA06E27695716054092E60A80BEDB212B64E585D90BCE13761F85C3F1D2A64E3BE8FEA2220F01EBA5EEB0F35DBD29D922AB") // Z + FromHex("AADD9DB8DBE9C48B3FD4E6AE33C9FC07CB308DB3B3C9D20ED6639CCA703308717D4D9B009BC66842AECDA12AE6A380E62881FF2F2D82C68528AA6056583A48F3"), // q + FromHex("AADD9DB8DBE9C48B3FD4E6AE33C9FC07CB308DB3B3C9D20ED6639CCA703308717D4D9B009BC66842AECDA12AE6A380E62881FF2F2D82C68528AA6056583A48F0"), // a + FromHex("7CBBBCF9441CFAB76E1890E46884EAE321F70C0BCB4981527897504BEC3E36A62BCDFA2304976540F6450085F2DAE145C22553B465763689180EA2571867423E"), // b + n, h)); + } + + protected override X9ECParameters CreateParameters() + { + ECCurve curve = Curve; + + X9ECPoint G = ConfigureBasepoint(curve, + "04640ECE5C12788717B9C1BA06CBC2A6FEBA85842458C56DDE9DB1758D39C0313D82BA51735CDB3EA499AA77A7D6943A64F7A3F25FE26F06B51BAA2696FA9035DA5B534BD595F5AF0FA2C892376C84ACE1BB4E3019B71634C01131159CAE03CEE9D9932184BEEF216BD71DF2DADF86A627306ECFF96DBB8BACE198B61E00F8B332"); + + return new X9ECParameters(curve, G, curve.Order, curve.Cofactor); + } + } + + + private static readonly IDictionary objIds = Platform.CreateHashtable(); + private static readonly IDictionary curves = Platform.CreateHashtable(); + private static readonly IDictionary names = Platform.CreateHashtable(); + + private static void DefineCurve( + string name, + DerObjectIdentifier oid, + X9ECParametersHolder holder) + { + objIds.Add(Platform.ToUpperInvariant(name), oid); + names.Add(oid, name); + curves.Add(oid, holder); + } + + static TeleTrusTNamedCurves() + { + DefineCurve("brainpoolP160r1", TeleTrusTObjectIdentifiers.BrainpoolP160R1, BrainpoolP160r1Holder.Instance); + DefineCurve("brainpoolP160t1", TeleTrusTObjectIdentifiers.BrainpoolP160T1, BrainpoolP160t1Holder.Instance); + DefineCurve("brainpoolP192r1", TeleTrusTObjectIdentifiers.BrainpoolP192R1, BrainpoolP192r1Holder.Instance); + DefineCurve("brainpoolP192t1", TeleTrusTObjectIdentifiers.BrainpoolP192T1, BrainpoolP192t1Holder.Instance); + DefineCurve("brainpoolP224r1", TeleTrusTObjectIdentifiers.BrainpoolP224R1, BrainpoolP224r1Holder.Instance); + DefineCurve("brainpoolP224t1", TeleTrusTObjectIdentifiers.BrainpoolP224T1, BrainpoolP224t1Holder.Instance); + DefineCurve("brainpoolP256r1", TeleTrusTObjectIdentifiers.BrainpoolP256R1, BrainpoolP256r1Holder.Instance); + DefineCurve("brainpoolP256t1", TeleTrusTObjectIdentifiers.BrainpoolP256T1, BrainpoolP256t1Holder.Instance); + DefineCurve("brainpoolP320r1", TeleTrusTObjectIdentifiers.BrainpoolP320R1, BrainpoolP320r1Holder.Instance); + DefineCurve("brainpoolP320t1", TeleTrusTObjectIdentifiers.BrainpoolP320T1, BrainpoolP320t1Holder.Instance); + DefineCurve("brainpoolP384r1", TeleTrusTObjectIdentifiers.BrainpoolP384R1, BrainpoolP384r1Holder.Instance); + DefineCurve("brainpoolP384t1", TeleTrusTObjectIdentifiers.BrainpoolP384T1, BrainpoolP384t1Holder.Instance); + DefineCurve("brainpoolP512r1", TeleTrusTObjectIdentifiers.BrainpoolP512R1, BrainpoolP512r1Holder.Instance); + DefineCurve("brainpoolP512t1", TeleTrusTObjectIdentifiers.BrainpoolP512T1, BrainpoolP512t1Holder.Instance); + } + + public static X9ECParameters GetByName(string name) + { + DerObjectIdentifier oid = GetOid(name); + return oid == null ? null : GetByOid(oid); + } + + public static X9ECParametersHolder GetByNameLazy(string name) + { + DerObjectIdentifier oid = GetOid(name); + return oid == null ? null : GetByOidLazy(oid); + } + + /** + * return the X9ECParameters object for the named curve represented by + * the passed in object identifier. Null if the curve isn't present. + * + * @param oid an object identifier representing a named curve, if present. + */ + public static X9ECParameters GetByOid(DerObjectIdentifier oid) + { + X9ECParametersHolder holder = GetByOidLazy(oid); + return holder == null ? null : holder.Parameters; + } + + public static X9ECParametersHolder GetByOidLazy(DerObjectIdentifier oid) + { + return (X9ECParametersHolder)curves[oid]; + } + + /** + * return the object identifier signified by the passed in name. Null + * if there is no object identifier associated with name. + * + * @return the object identifier associated with name, if present. + */ + public static DerObjectIdentifier GetOid( + string name) + { + return (DerObjectIdentifier)objIds[Platform.ToUpperInvariant(name)]; + } + + /** + * return the named curve name represented by the given object identifier. + */ + public static string GetName( + DerObjectIdentifier oid) + { + return (string)names[oid]; + } + + /** + * returns an enumeration containing the name strings for curves + * contained in this structure. + */ + public static IEnumerable Names + { + get { return new EnumerableProxy(names.Values); } + } + + public static DerObjectIdentifier GetOid( + short curvesize, + bool twisted) + { + return GetOid("brainpoolP" + curvesize + (twisted ? "t" : "r") + "1"); + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/teletrust/TeleTrusTObjectIdentifiers.cs b/BouncyCastle/crypto/src/asn1/teletrust/TeleTrusTObjectIdentifiers.cs new file mode 100644 index 0000000..56e7084 --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/teletrust/TeleTrusTObjectIdentifiers.cs @@ -0,0 +1,45 @@ +namespace Org.BouncyCastle.Asn1.TeleTrust +{ + public sealed class TeleTrusTObjectIdentifiers + { + private TeleTrusTObjectIdentifiers() + { + } + + public static readonly DerObjectIdentifier TeleTrusTAlgorithm = new DerObjectIdentifier("1.3.36.3"); + + public static readonly DerObjectIdentifier RipeMD160 = new DerObjectIdentifier(TeleTrusTAlgorithm + ".2.1"); + public static readonly DerObjectIdentifier RipeMD128 = new DerObjectIdentifier(TeleTrusTAlgorithm + ".2.2"); + public static readonly DerObjectIdentifier RipeMD256 = new DerObjectIdentifier(TeleTrusTAlgorithm + ".2.3"); + + public static readonly DerObjectIdentifier TeleTrusTRsaSignatureAlgorithm = new DerObjectIdentifier(TeleTrusTAlgorithm + ".3.1"); + + public static readonly DerObjectIdentifier RsaSignatureWithRipeMD160 = new DerObjectIdentifier(TeleTrusTRsaSignatureAlgorithm + ".2"); + public static readonly DerObjectIdentifier RsaSignatureWithRipeMD128 = new DerObjectIdentifier(TeleTrusTRsaSignatureAlgorithm + ".3"); + public static readonly DerObjectIdentifier RsaSignatureWithRipeMD256 = new DerObjectIdentifier(TeleTrusTRsaSignatureAlgorithm + ".4"); + + public static readonly DerObjectIdentifier ECSign = new DerObjectIdentifier(TeleTrusTAlgorithm + ".3.2"); + + public static readonly DerObjectIdentifier ECSignWithSha1 = new DerObjectIdentifier(ECSign + ".1"); + public static readonly DerObjectIdentifier ECSignWithRipeMD160 = new DerObjectIdentifier(ECSign + ".2"); + + public static readonly DerObjectIdentifier EccBrainpool = new DerObjectIdentifier(TeleTrusTAlgorithm + ".3.2.8"); + public static readonly DerObjectIdentifier EllipticCurve = new DerObjectIdentifier(EccBrainpool + ".1"); + public static readonly DerObjectIdentifier VersionOne = new DerObjectIdentifier(EllipticCurve + ".1"); + + public static readonly DerObjectIdentifier BrainpoolP160R1 = new DerObjectIdentifier(VersionOne + ".1"); + public static readonly DerObjectIdentifier BrainpoolP160T1 = new DerObjectIdentifier(VersionOne + ".2"); + public static readonly DerObjectIdentifier BrainpoolP192R1 = new DerObjectIdentifier(VersionOne + ".3"); + public static readonly DerObjectIdentifier BrainpoolP192T1 = new DerObjectIdentifier(VersionOne + ".4"); + public static readonly DerObjectIdentifier BrainpoolP224R1 = new DerObjectIdentifier(VersionOne + ".5"); + public static readonly DerObjectIdentifier BrainpoolP224T1 = new DerObjectIdentifier(VersionOne + ".6"); + public static readonly DerObjectIdentifier BrainpoolP256R1 = new DerObjectIdentifier(VersionOne + ".7"); + public static readonly DerObjectIdentifier BrainpoolP256T1 = new DerObjectIdentifier(VersionOne + ".8"); + public static readonly DerObjectIdentifier BrainpoolP320R1 = new DerObjectIdentifier(VersionOne + ".9"); + public static readonly DerObjectIdentifier BrainpoolP320T1 = new DerObjectIdentifier(VersionOne + ".10"); + public static readonly DerObjectIdentifier BrainpoolP384R1 = new DerObjectIdentifier(VersionOne + ".11"); + public static readonly DerObjectIdentifier BrainpoolP384T1 = new DerObjectIdentifier(VersionOne + ".12"); + public static readonly DerObjectIdentifier BrainpoolP512R1 = new DerObjectIdentifier(VersionOne + ".13"); + public static readonly DerObjectIdentifier BrainpoolP512T1 = new DerObjectIdentifier(VersionOne + ".14"); + } +} diff --git a/BouncyCastle/crypto/src/asn1/tsp/Accuracy.cs b/BouncyCastle/crypto/src/asn1/tsp/Accuracy.cs new file mode 100644 index 0000000..0cbc731 --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/tsp/Accuracy.cs @@ -0,0 +1,120 @@ +using System; + +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Asn1.Tsp +{ + public class Accuracy + : Asn1Encodable + { + private readonly DerInteger seconds; + private readonly DerInteger millis; + private readonly DerInteger micros; + + // constants + protected const int MinMillis = 1; + protected const int MaxMillis = 999; + protected const int MinMicros = 1; + protected const int MaxMicros = 999; + + public Accuracy( + DerInteger seconds, + DerInteger millis, + DerInteger micros) + { + if (null != millis) + { + int millisValue = millis.IntValueExact; + if (millisValue < MinMillis || millisValue > MaxMillis) + throw new ArgumentException("Invalid millis field : not in (1..999)"); + } + if (null != micros) + { + int microsValue = micros.IntValueExact; + if (microsValue < MinMicros || microsValue > MaxMicros) + throw new ArgumentException("Invalid micros field : not in (1..999)"); + } + + this.seconds = seconds; + this.millis = millis; + this.micros = micros; + } + + private Accuracy( + Asn1Sequence seq) + { + for (int i = 0; i < seq.Count; ++i) + { + // seconds + if (seq[i] is DerInteger) + { + seconds = (DerInteger) seq[i]; + } + else if (seq[i] is Asn1TaggedObject) + { + Asn1TaggedObject extra = (Asn1TaggedObject)seq[i]; + + switch (extra.TagNo) + { + case 0: + millis = DerInteger.GetInstance(extra, false); + int millisValue = millis.IntValueExact; + if (millisValue < MinMillis || millisValue > MaxMillis) + throw new ArgumentException("Invalid millis field : not in (1..999)"); + break; + case 1: + micros = DerInteger.GetInstance(extra, false); + int microsValue = micros.IntValueExact; + if (microsValue < MinMicros || microsValue > MaxMicros) + throw new ArgumentException("Invalid micros field : not in (1..999)"); + break; + default: + throw new ArgumentException("Invalid tag number"); + } + } + } + } + + public static Accuracy GetInstance(object obj) + { + if (obj is Accuracy) + return (Accuracy)obj; + if (obj == null) + return null; + return new Accuracy(Asn1Sequence.GetInstance(obj)); + } + + public DerInteger Seconds + { + get { return seconds; } + } + + public DerInteger Millis + { + get { return millis; } + } + + public DerInteger Micros + { + get { return micros; } + } + + /** + * 
+		 * Accuracy ::= SEQUENCE {
+		 *             seconds        INTEGER              OPTIONAL,
+		 *             millis     [0] INTEGER  (1..999)    OPTIONAL,
+		 *             micros     [1] INTEGER  (1..999)    OPTIONAL
+		 *             }
+		 *
+ */ + public override Asn1Object ToAsn1Object() + { + Asn1EncodableVector v = new Asn1EncodableVector(); + v.AddOptional(seconds); + v.AddOptionalTagged(false, 0, millis); + v.AddOptionalTagged(false, 1, micros); + return new DerSequence(v); + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/tsp/MessageImprint.cs b/BouncyCastle/crypto/src/asn1/tsp/MessageImprint.cs new file mode 100644 index 0000000..cb72862 --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/tsp/MessageImprint.cs @@ -0,0 +1,63 @@ +using System; + +using Org.BouncyCastle.Asn1.X509; +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Asn1.Tsp +{ + public class MessageImprint + : Asn1Encodable + { + private readonly AlgorithmIdentifier hashAlgorithm; + private readonly byte[] hashedMessage; + + public static MessageImprint GetInstance(object obj) + { + if (obj is MessageImprint) + return (MessageImprint)obj; + if (obj == null) + return null; + return new MessageImprint(Asn1Sequence.GetInstance(obj)); + } + + private MessageImprint( + Asn1Sequence seq) + { + if (seq.Count != 2) + throw new ArgumentException("Wrong number of elements in sequence", "seq"); + + this.hashAlgorithm = AlgorithmIdentifier.GetInstance(seq[0]); + this.hashedMessage = Asn1OctetString.GetInstance(seq[1]).GetOctets(); + } + + public MessageImprint( + AlgorithmIdentifier hashAlgorithm, + byte[] hashedMessage) + { + this.hashAlgorithm = hashAlgorithm; + this.hashedMessage = hashedMessage; + } + + public AlgorithmIdentifier HashAlgorithm + { + get { return hashAlgorithm; } + } + + public byte[] GetHashedMessage() + { + return hashedMessage; + } + + /** + * 
+		 *    MessageImprint ::= SEQUENCE  {
+		 *       hashAlgorithm                AlgorithmIdentifier,
+		 *       hashedMessage                OCTET STRING  }
+		 *
+ */ + public override Asn1Object ToAsn1Object() + { + return new DerSequence(hashAlgorithm, new DerOctetString(hashedMessage)); + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/tsp/TSTInfo.cs b/BouncyCastle/crypto/src/asn1/tsp/TSTInfo.cs new file mode 100644 index 0000000..3f5ab28 --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/tsp/TSTInfo.cs @@ -0,0 +1,211 @@ +using System; +using System.Collections; +using System.IO; + +using Org.BouncyCastle.Asn1.X509; +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Asn1.Tsp +{ + public class TstInfo + : Asn1Encodable + { + private readonly DerInteger version; + private readonly DerObjectIdentifier tsaPolicyId; + private readonly MessageImprint messageImprint; + private readonly DerInteger serialNumber; + private readonly DerGeneralizedTime genTime; + private readonly Accuracy accuracy; + private readonly DerBoolean ordering; + private readonly DerInteger nonce; + private readonly GeneralName tsa; + private readonly X509Extensions extensions; + + public static TstInfo GetInstance(object obj) + { + if (obj is TstInfo) + return (TstInfo)obj; + if (obj == null) + return null; + return new TstInfo(Asn1Sequence.GetInstance(obj)); + } + + private TstInfo( + Asn1Sequence seq) + { + IEnumerator e = seq.GetEnumerator(); + + // version + e.MoveNext(); + version = DerInteger.GetInstance(e.Current); + + // tsaPolicy + e.MoveNext(); + tsaPolicyId = DerObjectIdentifier.GetInstance(e.Current); + + // messageImprint + e.MoveNext(); + messageImprint = MessageImprint.GetInstance(e.Current); + + // serialNumber + e.MoveNext(); + serialNumber = DerInteger.GetInstance(e.Current); + + // genTime + e.MoveNext(); + genTime = DerGeneralizedTime.GetInstance(e.Current); + + // default for ordering + ordering = DerBoolean.False; + + while (e.MoveNext()) + { + Asn1Object o = (Asn1Object) e.Current; + + if (o is Asn1TaggedObject) + { + DerTaggedObject tagged = (DerTaggedObject) o; + + switch (tagged.TagNo) + { + case 0: + tsa = GeneralName.GetInstance(tagged, true); + break; + case 1: + extensions = X509Extensions.GetInstance(tagged, false); + break; + default: + throw new ArgumentException("Unknown tag value " + tagged.TagNo); + } + } + + if (o is DerSequence) + { + accuracy = Accuracy.GetInstance(o); + } + + if (o is DerBoolean) + { + ordering = DerBoolean.GetInstance(o); + } + + if (o is DerInteger) + { + nonce = DerInteger.GetInstance(o); + } + } + } + + public TstInfo( + DerObjectIdentifier tsaPolicyId, + MessageImprint messageImprint, + DerInteger serialNumber, + DerGeneralizedTime genTime, + Accuracy accuracy, + DerBoolean ordering, + DerInteger nonce, + GeneralName tsa, + X509Extensions extensions) + { + this.version = new DerInteger(1); + this.tsaPolicyId = tsaPolicyId; + this.messageImprint = messageImprint; + this.serialNumber = serialNumber; + this.genTime = genTime; + this.accuracy = accuracy; + this.ordering = ordering; + this.nonce = nonce; + this.tsa = tsa; + this.extensions = extensions; + } + + public DerInteger Version + { + get { return version; } + } + + public MessageImprint MessageImprint + { + get { return messageImprint; } + } + + public DerObjectIdentifier Policy + { + get { return tsaPolicyId; } + } + + public DerInteger SerialNumber + { + get { return serialNumber; } + } + + public Accuracy Accuracy + { + get { return accuracy; } + } + + public DerGeneralizedTime GenTime + { + get { return genTime; } + } + + public DerBoolean Ordering + { + get { return ordering; } + } + + public DerInteger Nonce + { + get { return nonce; } + } + + public GeneralName Tsa + { + get { return tsa; } + } + + public X509Extensions Extensions + { + get { return extensions; } + } + + /** + * 
+		 *
+		 *     TstInfo ::= SEQUENCE  {
+		 *        version                      INTEGER  { v1(1) },
+		 *        policy                       TSAPolicyId,
+		 *        messageImprint               MessageImprint,
+		 *          -- MUST have the same value as the similar field in
+		 *          -- TimeStampReq
+		 *        serialNumber                 INTEGER,
+		 *         -- Time-Stamping users MUST be ready to accommodate integers
+		 *         -- up to 160 bits.
+		 *        genTime                      GeneralizedTime,
+		 *        accuracy                     Accuracy                 OPTIONAL,
+		 *        ordering                     BOOLEAN             DEFAULT FALSE,
+		 *        nonce                        INTEGER                  OPTIONAL,
+		 *          -- MUST be present if the similar field was present
+		 *          -- in TimeStampReq.  In that case it MUST have the same value.
+		 *        tsa                          [0] GeneralName          OPTIONAL,
+		 *        extensions                   [1] IMPLICIT Extensions   OPTIONAL  }
+		 *
+		 *
+ */ + public override Asn1Object ToAsn1Object() + { + Asn1EncodableVector v = new Asn1EncodableVector(version, tsaPolicyId, messageImprint, serialNumber, genTime); + v.AddOptional(accuracy); + + if (ordering != null && ordering.IsTrue) + { + v.Add(ordering); + } + + v.AddOptional(nonce); + v.AddOptionalTagged(true, 0, tsa); + v.AddOptionalTagged(false, 1, extensions); + return new DerSequence(v); + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/tsp/TimeStampReq.cs b/BouncyCastle/crypto/src/asn1/tsp/TimeStampReq.cs new file mode 100644 index 0000000..7173172 --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/tsp/TimeStampReq.cs @@ -0,0 +1,143 @@ +using System; + +using Org.BouncyCastle.Asn1.X509; +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Asn1.Tsp +{ + public class TimeStampReq + : Asn1Encodable + { + private readonly DerInteger version; + private readonly MessageImprint messageImprint; + private readonly DerObjectIdentifier tsaPolicy; + private readonly DerInteger nonce; + private readonly DerBoolean certReq; + private readonly X509Extensions extensions; + + public static TimeStampReq GetInstance(object obj) + { + if (obj is TimeStampReq) + return (TimeStampReq)obj; + if (obj == null) + return null; + return new TimeStampReq(Asn1Sequence.GetInstance(obj)); + } + + private TimeStampReq( + Asn1Sequence seq) + { + int nbObjects = seq.Count; + int seqStart = 0; + + // version + version = DerInteger.GetInstance(seq[seqStart++]); + + // messageImprint + messageImprint = MessageImprint.GetInstance(seq[seqStart++]); + + for (int opt = seqStart; opt < nbObjects; opt++) + { + // tsaPolicy + if (seq[opt] is DerObjectIdentifier) + { + tsaPolicy = DerObjectIdentifier.GetInstance(seq[opt]); + } + // nonce + else if (seq[opt] is DerInteger) + { + nonce = DerInteger.GetInstance(seq[opt]); + } + // certReq + else if (seq[opt] is DerBoolean) + { + certReq = DerBoolean.GetInstance(seq[opt]); + } + // extensions + else if (seq[opt] is Asn1TaggedObject) + { + Asn1TaggedObject tagged = (Asn1TaggedObject) seq[opt]; + if (tagged.TagNo == 0) + { + extensions = X509Extensions.GetInstance(tagged, false); + } + } + } + } + + public TimeStampReq( + MessageImprint messageImprint, + DerObjectIdentifier tsaPolicy, + DerInteger nonce, + DerBoolean certReq, + X509Extensions extensions) + { + // default + this.version = new DerInteger(1); + + this.messageImprint = messageImprint; + this.tsaPolicy = tsaPolicy; + this.nonce = nonce; + this.certReq = certReq; + this.extensions = extensions; + } + + public DerInteger Version + { + get { return version; } + } + + public MessageImprint MessageImprint + { + get { return messageImprint; } + } + + public DerObjectIdentifier ReqPolicy + { + get { return tsaPolicy; } + } + + public DerInteger Nonce + { + get { return nonce; } + } + + public DerBoolean CertReq + { + get { return certReq; } + } + + public X509Extensions Extensions + { + get { return extensions; } + } + + /** + * 
+		 * TimeStampReq ::= SEQUENCE  {
+		 *  version                      INTEGER  { v1(1) },
+		 *  messageImprint               MessageImprint,
+		 *    --a hash algorithm OID and the hash value of the data to be
+		 *    --time-stamped
+		 *  reqPolicy             TSAPolicyId              OPTIONAL,
+		 *  nonce                 INTEGER                  OPTIONAL,
+		 *  certReq               BOOLEAN                  DEFAULT FALSE,
+		 *  extensions            [0] IMPLICIT Extensions  OPTIONAL
+		 * }
+		 *
+ */ + public override Asn1Object ToAsn1Object() + { + Asn1EncodableVector v = new Asn1EncodableVector(version, messageImprint); + v.AddOptional(tsaPolicy, nonce); + + if (certReq != null && certReq.IsTrue) + { + v.Add(certReq); + } + + v.AddOptionalTagged(false, 0, extensions); + return new DerSequence(v); + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/tsp/TimeStampResp.cs b/BouncyCastle/crypto/src/asn1/tsp/TimeStampResp.cs new file mode 100644 index 0000000..3dde0df --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/tsp/TimeStampResp.cs @@ -0,0 +1,67 @@ +using System; + +using Org.BouncyCastle.Asn1.Cmp; +using Org.BouncyCastle.Asn1.Cms; +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Asn1.Tsp +{ + public class TimeStampResp + : Asn1Encodable + { + private readonly PkiStatusInfo pkiStatusInfo; + private readonly ContentInfo timeStampToken; + + public static TimeStampResp GetInstance(object obj) + { + if (obj is TimeStampResp) + return (TimeStampResp)obj; + if (obj == null) + return null; + return new TimeStampResp(Asn1Sequence.GetInstance(obj)); + } + + private TimeStampResp( + Asn1Sequence seq) + { + this.pkiStatusInfo = PkiStatusInfo.GetInstance(seq[0]); + + if (seq.Count > 1) + { + this.timeStampToken = ContentInfo.GetInstance(seq[1]); + } + } + + public TimeStampResp( + PkiStatusInfo pkiStatusInfo, + ContentInfo timeStampToken) + { + this.pkiStatusInfo = pkiStatusInfo; + this.timeStampToken = timeStampToken; + } + + public PkiStatusInfo Status + { + get { return pkiStatusInfo; } + } + + public ContentInfo TimeStampToken + { + get { return timeStampToken; } + } + + /** + * 
+		 * TimeStampResp ::= SEQUENCE  {
+		 *   status                  PkiStatusInfo,
+		 *   timeStampToken          TimeStampToken     OPTIONAL  }
+		 *
+ */ + public override Asn1Object ToAsn1Object() + { + Asn1EncodableVector v = new Asn1EncodableVector(pkiStatusInfo); + v.AddOptional(timeStampToken); + return new DerSequence(v); + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/ua/UAObjectIdentifiers.cs b/BouncyCastle/crypto/src/asn1/ua/UAObjectIdentifiers.cs new file mode 100644 index 0000000..9beca3a --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/ua/UAObjectIdentifiers.cs @@ -0,0 +1,107 @@ +namespace Org.BouncyCastle.Asn1.UA +{ + /** + * Ukrainian object identifiers + *

+ * {iso(1) member-body(2) Ukraine(804) root(2) security(1) cryptography(1) pki(1)} + *

+ * { ... pki-alg(1) pki-alg-sym(3) Dstu4145WithGost34311(1) PB(1)} + *

+ * DSTU4145 in polynomial basis has 2 oids, one for little-endian representation and one for big-endian + */ + public abstract class UAObjectIdentifiers + { + /** Base OID: 1.2.804.2.1.1.1 */ + public static readonly DerObjectIdentifier UaOid = new DerObjectIdentifier("1.2.804.2.1.1.1"); + + /** DSTU4145 Little Endian presentation. OID: 1.2.804.2.1.1.1.1.3.1.1 */ + public static readonly DerObjectIdentifier dstu4145le = UaOid.Branch("1.3.1.1"); + /** DSTU4145 Big Endian presentation. OID: 1.2.804.2.1.1.1.1.3.1.1.1 */ + public static readonly DerObjectIdentifier dstu4145be = UaOid.Branch("1.3.1.1.1.1"); + + /** DSTU7564 256-bit digest presentation. */ + public static readonly DerObjectIdentifier dstu7564digest_256 = UaOid.Branch("1.2.2.1"); + /** DSTU7564 384-bit digest presentation. */ + public static readonly DerObjectIdentifier dstu7564digest_384 = UaOid.Branch("1.2.2.2"); + /** DSTU7564 512-bit digest presentation. */ + public static readonly DerObjectIdentifier dstu7564digest_512 = UaOid.Branch("1.2.2.3"); + + /** DSTU7564 256-bit mac presentation. */ + public static readonly DerObjectIdentifier dstu7564mac_256 = UaOid.Branch("1.2.2.4"); + /** DSTU7564 384-bit mac presentation. */ + public static readonly DerObjectIdentifier dstu7564mac_384 = UaOid.Branch("1.2.2.5"); + /** DSTU7564 512-bit mac presentation. */ + public static readonly DerObjectIdentifier dstu7564mac_512 = UaOid.Branch("1.2.2.6"); + + + /** DSTU7624 in ECB mode with 128 bit block/key presentation */ + public static readonly DerObjectIdentifier dstu7624ecb_128 = UaOid.Branch("1.1.3.1.1"); + /** DSTU7624 in ECB mode with 256 bit block/key presentation */ + public static readonly DerObjectIdentifier dstu7624ecb_256 = UaOid.Branch("1.1.3.1.2"); + /** DSTU7624 in ECB mode with 512 bit block/key presentation */ + public static readonly DerObjectIdentifier dstu7624ecb_512 = UaOid.Branch("1.1.3.1.3"); + + /** DSTU7624 in CTR mode with 128 bit block/key presentation */ + public static readonly DerObjectIdentifier dstu7624ctr_128 = UaOid.Branch("1.1.3.2.1"); + /** DSTU7624 in CTR mode with 256 bit block/key presentation */ + public static readonly DerObjectIdentifier dstu7624ctr_256 = UaOid.Branch("1.1.3.2.2"); + /** DSTU7624 in CTR mode with 512 bit block/key presentation */ + public static readonly DerObjectIdentifier dstu7624ctr_512 = UaOid.Branch("1.1.3.2.3"); + + /** DSTU7624 in CFB mode with 128 bit block/key presentation */ + public static readonly DerObjectIdentifier dstu7624cfb_128 = UaOid.Branch("1.1.3.3.1"); + /** DSTU7624 in CFB mode with 256 bit block/key presentation */ + public static readonly DerObjectIdentifier dstu7624cfb_256 = UaOid.Branch("1.1.3.3.2"); + /** DSTU7624 in CFB mode with 512 bit block/key presentation */ + public static readonly DerObjectIdentifier dstu7624cfb_512 = UaOid.Branch("1.1.3.3.3"); + + /** DSTU7624 in MAC mode with 128 bit block/key presentation */ + public static readonly DerObjectIdentifier dstu7624cmac_128 = UaOid.Branch("1.1.3.4.1"); + /** DSTU7624 in MAC mode with 256 bit block/key presentation */ + public static readonly DerObjectIdentifier dstu7624cmac_256 = UaOid.Branch("1.1.3.4.2"); + /** DSTU7624 in MAC mode with 512 bit block/key presentation */ + public static readonly DerObjectIdentifier dstu7624cmac_512 = UaOid.Branch("1.1.3.4.3"); + + /** DSTU7624 in CBC mode with 128 bit block/key presentation */ + public static readonly DerObjectIdentifier dstu7624cbc_128 = UaOid.Branch("1.1.3.5.1"); + /** DSTU7624 in CBC mode with 256 bit block/key presentation */ + public static readonly DerObjectIdentifier dstu7624cbc_256 = UaOid.Branch("1.1.3.5.2"); + /** DSTU7624 in CBC mode with 512 bit block/key presentation */ + public static readonly DerObjectIdentifier dstu7624cbc_512 = UaOid.Branch("1.1.3.5.3"); + + /** DSTU7624 in OFB mode with 128 bit block/key presentation */ + public static readonly DerObjectIdentifier dstu7624ofb_128 = UaOid.Branch("1.1.3.6.1"); + /** DSTU7624 in OFB mode with 256 bit block/key presentation */ + public static readonly DerObjectIdentifier dstu7624ofb_256 = UaOid.Branch("1.1.3.6.2"); + /** DSTU7624 in OFB mode with 512 bit block/key presentation */ + public static readonly DerObjectIdentifier dstu7624ofb_512 = UaOid.Branch("1.1.3.6.3"); + + /** DSTU7624 in GMAC (GCM witout encryption) mode with 128 bit block/key presentation */ + public static readonly DerObjectIdentifier dstu7624gmac_128 = UaOid.Branch("1.1.3.7.1"); + /** DSTU7624 in GMAC (GCM witout encryption) mode with 256 bit block/key presentation */ + public static readonly DerObjectIdentifier dstu7624gmac_256 = UaOid.Branch("1.1.3.7.2"); + /** DSTU7624 in GMAC (GCM witout encryption) mode with 512 bit block/key presentation */ + public static readonly DerObjectIdentifier dstu7624gmac_512 = UaOid.Branch("1.1.3.7.3"); + + /** DSTU7624 in CCM mode with 128 bit block/key presentation */ + public static readonly DerObjectIdentifier dstu7624ccm_128 = UaOid.Branch("1.1.3.8.1"); + /** DSTU7624 in CCM mode with 256 bit block/key presentation */ + public static readonly DerObjectIdentifier dstu7624ccm_256 = UaOid.Branch("1.1.3.8.2"); + /** DSTU7624 in CCM mode with 512 bit block/key presentation */ + public static readonly DerObjectIdentifier dstu7624ccm_512 = UaOid.Branch("1.1.3.8.3"); + + /** DSTU7624 in XTS mode with 128 bit block/key presentation */ + public static readonly DerObjectIdentifier dstu7624xts_128 = UaOid.Branch("1.1.3.9.1"); + /** DSTU7624 in XTS mode with 256 bit block/key presentation */ + public static readonly DerObjectIdentifier dstu7624xts_256 = UaOid.Branch("1.1.3.9.2"); + /** DSTU7624 in XTS mode with 512 bit block/key presentation */ + public static readonly DerObjectIdentifier dstu7624xts_512 = UaOid.Branch("1.1.3.9.3"); + + /** DSTU7624 in key wrap (KW) mode with 128 bit block/key presentation */ + public static readonly DerObjectIdentifier dstu7624kw_128 = UaOid.Branch("1.1.3.10.1"); + /** DSTU7624 in key wrap (KW) mode with 256 bit block/key presentation */ + public static readonly DerObjectIdentifier dstu7624kw_256 = UaOid.Branch("1.1.3.10.2"); + /** DSTU7624 in key wrap (KW) mode with 512 bit block/key presentation */ + public static readonly DerObjectIdentifier dstu7624kw_512 = UaOid.Branch("1.1.3.10.3"); + } +} diff --git a/BouncyCastle/crypto/src/asn1/util/Asn1Dump.cs b/BouncyCastle/crypto/src/asn1/util/Asn1Dump.cs new file mode 100644 index 0000000..0ba5c39 --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/util/Asn1Dump.cs @@ -0,0 +1,319 @@ +using System; +using System.IO; +using System.Text; + +using Org.BouncyCastle.Utilities; +using Org.BouncyCastle.Utilities.Encoders; + +namespace Org.BouncyCastle.Asn1.Utilities +{ + public sealed class Asn1Dump + { + private static readonly string NewLine = Platform.NewLine; + + private Asn1Dump() + { + } + + private const string Tab = " "; + private const int SampleSize = 32; + + /** + * dump a Der object as a formatted string with indentation + * + * @param obj the Asn1Object to be dumped out. + */ + private static void AsString(string indent, bool verbose, Asn1Object obj, StringBuilder buf) + { + if (obj is Asn1Null) + { + buf.Append(indent); + buf.Append("NULL"); + buf.Append(NewLine); + } + else if (obj is Asn1Sequence) + { + buf.Append(indent); + if (obj is BerSequence) + { + buf.Append("BER Sequence"); + } + else if (!(obj is DLSequence)) + { + buf.Append("DER Sequence"); + } + else + { + buf.Append("Sequence"); + } + buf.Append(NewLine); + + Asn1Sequence sequence = (Asn1Sequence)obj; + string elementsIndent = indent + Tab; + + for (int i = 0, count = sequence.Count; i < count; ++i) + { + AsString(elementsIndent, verbose, sequence[i].ToAsn1Object(), buf); + } + } + else if (obj is Asn1Set) + { + buf.Append(indent); + if (obj is BerSet) + { + buf.Append("BER Set"); + } + else if (!(obj is DLSet)) + { + buf.Append("DER Set"); + } + else + { + buf.Append("Set"); + } + buf.Append(NewLine); + + Asn1Set set = (Asn1Set)obj; + string elementsIndent = indent + Tab; + + for (int i = 0, count = set.Count; i < count; ++i) + { + AsString(elementsIndent, verbose, set[i].ToAsn1Object(), buf); + } + } + else if (obj is DerApplicationSpecific) + { + AsString(indent, verbose, ((DerApplicationSpecific)obj).TaggedObject, buf); + } + else if (obj is Asn1TaggedObject) + { + buf.Append(indent); + if (obj is BerTaggedObject) + { + buf.Append("BER Tagged "); + } + else if (!(obj is DLTaggedObject)) + { + buf.Append("DER Tagged "); + } + else + { + buf.Append("Tagged "); + } + + Asn1TaggedObject o = (Asn1TaggedObject)obj; + + buf.Append(Asn1Utilities.GetTagText(o)); + + if (!o.IsExplicit()) + { + buf.Append(" IMPLICIT "); + } + + buf.Append(NewLine); + + string baseIndent = indent + Tab; + + AsString(baseIndent, verbose, o.GetBaseObject().ToAsn1Object(), buf); + } + else if (obj is DerObjectIdentifier) + { + buf.Append(indent + "ObjectIdentifier(" + ((DerObjectIdentifier)obj).Id + ")" + NewLine); + } + else if (obj is Asn1RelativeOid) + { + buf.Append(indent + "RelativeOID(" + ((Asn1RelativeOid)obj).Id + ")" + NewLine); + } + else if (obj is DerBoolean) + { + buf.Append(indent + "Boolean(" + ((DerBoolean)obj).IsTrue + ")" + NewLine); + } + else if (obj is DerInteger) + { + buf.Append(indent + "Integer(" + ((DerInteger)obj).Value + ")" + NewLine); + } + else if (obj is Asn1OctetString) + { + Asn1OctetString oct = (Asn1OctetString)obj; + byte[] octets = oct.GetOctets(); + + if (obj is BerOctetString) + { + buf.Append(indent + "BER Octet String[" + octets.Length + "]" + NewLine); + } + else + { + buf.Append(indent + "DER Octet String[" + octets.Length + "]" + NewLine); + } + + if (verbose) + { + buf.Append(DumpBinaryDataAsString(indent, octets)); + } + } + else if (obj is DerBitString) + { + DerBitString bitString = (DerBitString)obj; + byte[] bytes = bitString.GetBytes(); + int padBits = bitString.PadBits; + + if (bitString is BerBitString) + { + buf.Append(indent + "BER Bit String[" + bytes.Length + ", " + padBits + "]" + NewLine); + } + else if (bitString is DLBitString) + { + buf.Append(indent + "DL Bit String[" + bytes.Length + ", " + padBits + "]" + NewLine); + } + else + { + buf.Append(indent + "DER Bit String[" + bytes.Length + ", " + padBits + "]" + NewLine); + } + + if (verbose) + { + buf.Append(DumpBinaryDataAsString(indent, bytes)); + } + } + else if (obj is DerIA5String) + { + buf.Append(indent + "IA5String(" + ((DerIA5String)obj).GetString() + ")" + NewLine); + } + else if (obj is DerUtf8String) + { + buf.Append(indent + "UTF8String(" + ((DerUtf8String)obj).GetString() + ")" + NewLine); + } + else if (obj is DerPrintableString) + { + buf.Append(indent + "PrintableString(" + ((DerPrintableString)obj).GetString() + ")" + NewLine); + } + else if (obj is DerVisibleString) + { + buf.Append(indent + "VisibleString(" + ((DerVisibleString)obj).GetString() + ")" + NewLine); + } + else if (obj is DerBmpString) + { + buf.Append(indent + "BMPString(" + ((DerBmpString)obj).GetString() + ")" + NewLine); + } + else if (obj is DerT61String) + { + buf.Append(indent + "T61String(" + ((DerT61String)obj).GetString() + ")" + NewLine); + } + else if (obj is DerGraphicString) + { + buf.Append(indent + "GraphicString(" + ((DerGraphicString)obj).GetString() + ")" + NewLine); + } + else if (obj is DerVideotexString) + { + buf.Append(indent + "VideotexString(" + ((DerVideotexString)obj).GetString() + ")" + NewLine); + } + else if (obj is DerUtcTime) + { + buf.Append(indent + "UTCTime(" + ((DerUtcTime)obj).TimeString + ")" + NewLine); + } + else if (obj is DerGeneralizedTime) + { + buf.Append(indent + "GeneralizedTime(" + ((DerGeneralizedTime)obj).GetTime() + ")" + NewLine); + } + else if (obj is DerEnumerated) + { + DerEnumerated en = (DerEnumerated)obj; + buf.Append(indent + "DER Enumerated(" + en.Value + ")" + NewLine); + } + else if (obj is DerExternal) + { + DerExternal ext = (DerExternal)obj; + buf.Append(indent + "External " + NewLine); + string tab = indent + Tab; + + if (ext.DirectReference != null) + { + buf.Append(tab + "Direct Reference: " + ext.DirectReference.Id + NewLine); + } + if (ext.IndirectReference != null) + { + buf.Append(tab + "Indirect Reference: " + ext.IndirectReference.ToString() + NewLine); + } + if (ext.DataValueDescriptor != null) + { + AsString(tab, verbose, ext.DataValueDescriptor, buf); + } + buf.Append(tab + "Encoding: " + ext.Encoding + NewLine); + AsString(tab, verbose, ext.ExternalContent, buf); + } + else + { + buf.Append(indent + obj.ToString() + NewLine); + } + } + + /** + * dump out a DER object as a formatted string, in non-verbose mode + * + * @param obj the Asn1Encodable to be dumped out. + * @return the resulting string. + */ + public static string DumpAsString(Asn1Encodable obj) + { + return DumpAsString(obj, false); + } + + /** + * Dump out the object as a string + * + * @param obj the Asn1Encodable to be dumped out. + * @param verbose if true, dump out the contents of octet and bit strings. + * @return the resulting string. + */ + public static string DumpAsString(Asn1Encodable obj, bool verbose) + { + StringBuilder buf = new StringBuilder(); + AsString("", verbose, obj.ToAsn1Object(), buf); + return buf.ToString(); + } + + private static string DumpBinaryDataAsString(string indent, byte[] bytes) + { + if (bytes.Length < 1) + return ""; + + indent += Tab; + + StringBuilder buf = new StringBuilder(); + + for (int i = 0; i < bytes.Length; i += SampleSize) + { + int remaining = bytes.Length - i; + int chunk = System.Math.Min(remaining, SampleSize); + + buf.Append(indent); + buf.Append(Hex.ToHexString(bytes, i, chunk)); + for (int j = chunk; j < SampleSize; ++j) + { + buf.Append(" "); + } + buf.Append(Tab); + buf.Append(CalculateAscString(bytes, i, chunk)); + buf.Append(NewLine); + } + + return buf.ToString(); + } + + private static string CalculateAscString(byte[] bytes, int off, int len) + { + StringBuilder buf = new StringBuilder(); + + for (int i = off; i != off + len; i++) + { + char c = (char)bytes[i]; + if (c >= ' ' && c <= '~') + { + buf.Append(c); + } + } + + return buf.ToString(); + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/util/Dump.cs b/BouncyCastle/crypto/src/asn1/util/Dump.cs new file mode 100644 index 0000000..e313fe8 --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/util/Dump.cs @@ -0,0 +1,30 @@ +#if !PORTABLE +using System; +using System.IO; + +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Asn1.Utilities +{ + public sealed class Dump + { + private Dump() + { + } + + public static void Main(string[] args) + { + FileStream fIn = File.OpenRead(args[0]); + Asn1InputStream bIn = new Asn1InputStream(fIn); + + Asn1Object obj; + while ((obj = bIn.ReadObject()) != null) + { + Console.WriteLine(Asn1Dump.DumpAsString(obj)); + } + + Platform.Dispose(bIn); + } + } +} +#endif diff --git a/BouncyCastle/crypto/src/asn1/util/FilterStream.cs b/BouncyCastle/crypto/src/asn1/util/FilterStream.cs new file mode 100644 index 0000000..0c38c5b --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/util/FilterStream.cs @@ -0,0 +1,83 @@ +using System; +using System.IO; + +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Asn1.Utilities +{ + [Obsolete("Use Org.BouncyCastle.Utilities.IO.FilterStream")] + public class FilterStream : Stream + { + [Obsolete("Use Org.BouncyCastle.Utilities.IO.FilterStream")] + public FilterStream(Stream s) + { + this.s = s; + } + public override bool CanRead + { + get { return s.CanRead; } + } + public override bool CanSeek + { + get { return s.CanSeek; } + } + public override bool CanWrite + { + get { return s.CanWrite; } + } + public override long Length + { + get { return s.Length; } + } + public override long Position + { + get { return s.Position; } + set { s.Position = value; } + } +#if PORTABLE + protected override void Dispose(bool disposing) + { + if (disposing) + { + Platform.Dispose(s); + } + base.Dispose(disposing); + } +#else + public override void Close() + { + Platform.Dispose(s); + base.Close(); + } +#endif + public override void Flush() + { + s.Flush(); + } + public override long Seek(long offset, SeekOrigin origin) + { + return s.Seek(offset, origin); + } + public override void SetLength(long value) + { + s.SetLength(value); + } + public override int Read(byte[] buffer, int offset, int count) + { + return s.Read(buffer, offset, count); + } + public override int ReadByte() + { + return s.ReadByte(); + } + public override void Write(byte[] buffer, int offset, int count) + { + s.Write(buffer, offset, count); + } + public override void WriteByte(byte value) + { + s.WriteByte(value); + } + protected readonly Stream s; + } +} diff --git a/BouncyCastle/crypto/src/asn1/x500/AttributeTypeAndValue.cs b/BouncyCastle/crypto/src/asn1/x500/AttributeTypeAndValue.cs new file mode 100644 index 0000000..eb6b3ca --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/x500/AttributeTypeAndValue.cs @@ -0,0 +1,60 @@ +using System; + +namespace Org.BouncyCastle.Asn1.X500 +{ + /** + * Holding class for the AttributeTypeAndValue structures that make up an RDN. + */ + public class AttributeTypeAndValue + : Asn1Encodable + { + private readonly DerObjectIdentifier type; + private readonly Asn1Encodable value; + + private AttributeTypeAndValue(Asn1Sequence seq) + { + type = (DerObjectIdentifier)seq[0]; + value = seq[1]; + } + + public static AttributeTypeAndValue GetInstance(object obj) + { + if (obj is AttributeTypeAndValue) + return (AttributeTypeAndValue)obj; + if (null != obj) + return new AttributeTypeAndValue(Asn1Sequence.GetInstance(obj)); + throw new ArgumentNullException("obj"); + } + + public AttributeTypeAndValue( + DerObjectIdentifier type, + Asn1Encodable value) + { + this.type = type; + this.value = value; + } + + public virtual DerObjectIdentifier Type + { + get { return type; } + } + + public virtual Asn1Encodable Value + { + get { return value; } + } + + /** + * 

+         * AttributeTypeAndValue ::= SEQUENCE {
+         *           type         OBJECT IDENTIFIER,
+         *           value        ANY DEFINED BY type }
+         *
+ * @return a basic ASN.1 object representation. + */ + public override Asn1Object ToAsn1Object() + { + return new DerSequence(type, value); + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/x500/DirectoryString.cs b/BouncyCastle/crypto/src/asn1/x500/DirectoryString.cs new file mode 100644 index 0000000..6585fcd --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/x500/DirectoryString.cs @@ -0,0 +1,74 @@ +using System; + +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Asn1.X500 +{ + public class DirectoryString + : Asn1Encodable, IAsn1Choice, IAsn1String + { + private readonly DerStringBase str; + + public static DirectoryString GetInstance(object obj) + { + if (obj == null || obj is DirectoryString) + return (DirectoryString) obj; + + if (obj is DerStringBase) + { + if (obj is DerT61String + || obj is DerPrintableString + || obj is DerUniversalString + || obj is DerUtf8String + || obj is DerBmpString) + { + return new DirectoryString((DerStringBase) obj); + } + } + + throw new ArgumentException("unknown object in factory: " + Platform.GetTypeName(obj), "obj"); + } + + public static DirectoryString GetInstance( + Asn1TaggedObject obj, + bool isExplicit) + { + if (!isExplicit) + throw new ArgumentException("choice item must be explicitly tagged"); + + return GetInstance(obj.GetObject()); + } + + private DirectoryString( + DerStringBase str) + { + this.str = str; + } + + public DirectoryString( + string str) + { + this.str = new DerUtf8String(str); + } + + public string GetString() + { + return str.GetString(); + } + + /** + * 
+		 *  DirectoryString ::= CHOICE {
+		 *    teletexString               TeletexString (SIZE (1..MAX)),
+		 *    printableString             PrintableString (SIZE (1..MAX)),
+		 *    universalString             UniversalString (SIZE (1..MAX)),
+		 *    utf8String                  UTF8String (SIZE (1..MAX)),
+		 *    bmpString                   BMPString (SIZE (1..MAX))  }
+		 *
+ */ + public override Asn1Object ToAsn1Object() + { + return str.ToAsn1Object(); + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/x500/Rdn.cs b/BouncyCastle/crypto/src/asn1/x500/Rdn.cs new file mode 100644 index 0000000..4881d08 --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/x500/Rdn.cs @@ -0,0 +1,104 @@ +using System; + +namespace Org.BouncyCastle.Asn1.X500 +{ + /** + * Holding class for a single Relative Distinguished Name (RDN). + */ + public class Rdn + : Asn1Encodable + { + private readonly Asn1Set values; + + private Rdn(Asn1Set values) + { + this.values = values; + } + + public static Rdn GetInstance(object obj) + { + if (obj is Rdn) + return (Rdn)obj; + if (null != obj) + return new Rdn(Asn1Set.GetInstance(obj)); + return null; + } + + /** + * Create a single valued RDN. + * + * @param oid RDN type. + * @param value RDN value. + */ + public Rdn(DerObjectIdentifier oid, Asn1Encodable value) + { + this.values = new DerSet(new DerSequence(oid, value)); + } + + public Rdn(AttributeTypeAndValue attrTAndV) + { + this.values = new DerSet(attrTAndV); + } + + /** + * Create a multi-valued RDN. + * + * @param aAndVs attribute type/value pairs making up the RDN + */ + public Rdn(AttributeTypeAndValue[] aAndVs) + { + this.values = new DerSet(aAndVs); + } + + public virtual bool IsMultiValued + { + get { return this.values.Count > 1; } + } + + /** + * Return the number of AttributeTypeAndValue objects in this RDN, + * + * @return size of RDN, greater than 1 if multi-valued. + */ + public virtual int Count + { + get { return this.values.Count; } + } + + public virtual AttributeTypeAndValue GetFirst() + { + if (this.values.Count == 0) + return null; + + return AttributeTypeAndValue.GetInstance(this.values[0]); + } + + public virtual AttributeTypeAndValue[] GetTypesAndValues() + { + AttributeTypeAndValue[] tmp = new AttributeTypeAndValue[values.Count]; + + for (int i = 0; i < tmp.Length; ++i) + { + tmp[i] = AttributeTypeAndValue.GetInstance(values[i]); + } + + return tmp; + } + + /** + * 
+         * RelativeDistinguishedName ::=
+         *                     SET OF AttributeTypeAndValue
+
+         * AttributeTypeAndValue ::= SEQUENCE {
+         *        type     AttributeType,
+         *        value    AttributeValue }
+         *
+ * @return this object as its ASN1Primitive type + */ + public override Asn1Object ToAsn1Object() + { + return values; + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/x500/style/IetfUtilities.cs b/BouncyCastle/crypto/src/asn1/x500/style/IetfUtilities.cs new file mode 100644 index 0000000..53e5fcc --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/x500/style/IetfUtilities.cs @@ -0,0 +1,214 @@ +using System; +using System.Collections; +using System.IO; +using System.Text; + +using Org.BouncyCastle.Utilities; +using Org.BouncyCastle.Utilities.Encoders; + +namespace Org.BouncyCastle.Asn1.X500.Style +{ + public abstract class IetfUtilities + { + public static string ValueToString(Asn1Encodable value) + { + StringBuilder vBuf = new StringBuilder(); + + if (value is IAsn1String && !(value is DerUniversalString)) + { + string v = ((IAsn1String)value).GetString(); + if (v.Length > 0 && v[0] == '#') + { + vBuf.Append('\\'); + } + + vBuf.Append(v); + } + else + { + try + { + vBuf.Append('#'); + vBuf.Append(Hex.ToHexString(value.ToAsn1Object().GetEncoded(Asn1Encodable.Der))); + } + catch (IOException e) + { + throw new ArgumentException("Other value has no encoded form", e); + } + } + + int end = vBuf.Length; + int index = 0; + + if (vBuf.Length >= 2 && vBuf[0] == '\\' && vBuf[1] == '#') + { + index += 2; + } + + while (index != end) + { + switch (vBuf[index]) + { + case ',': + case '"': + case '\\': + case '+': + case '=': + case '<': + case '>': + case ';': + { + vBuf.Insert(index, "\\"); + index += 2; + ++end; + break; + } + default: + { + ++index; + break; + } + } + } + + int start = 0; + if (vBuf.Length > 0) + { + while (vBuf.Length > start && vBuf[start] == ' ') + { + vBuf.Insert(start, "\\"); + start += 2; + } + } + + int endBuf = vBuf.Length - 1; + + while (endBuf >= 0 && vBuf[endBuf] == ' ') + { + vBuf.Insert(endBuf, "\\"); + endBuf--; + } + + return vBuf.ToString(); + } + + public static string Canonicalize(string s) + { + string value = Platform.ToLowerInvariant(s); + + if (value.Length > 0 && value[0] == '#') + { + Asn1Object obj = DecodeObject(value); + + if (obj is IAsn1String) + { + value = Platform.ToLowerInvariant(((IAsn1String)obj).GetString()); + } + } + + if (value.Length > 1) + { + int start = 0; + while (start + 1 < value.Length && value[start] == '\\' && value[start + 1] == ' ') + { + start += 2; + } + + int end = value.Length - 1; + while (end - 1 > 0 && value[end - 1] == '\\' && value[end] == ' ') + { + end -= 2; + } + + if (start > 0 || end < value.Length - 1) + { + value = value.Substring(start, end + 1 - start); + } + } + + return StripInternalSpaces(value); + } + + public static string CanonicalString(Asn1Encodable value) + { + return Canonicalize(ValueToString(value)); + } + + private static Asn1Object DecodeObject(string oValue) + { + try + { + return Asn1Object.FromByteArray(Hex.DecodeStrict(oValue, 1, oValue.Length - 1)); + } + catch (IOException e) + { + throw new InvalidOperationException("unknown encoding in name: " + e); + } + } + + public static string StripInternalSpaces(string str) + { + if (str.IndexOf(" ") < 0) + return str; + + StringBuilder res = new StringBuilder(); + + char c1 = str[0]; + res.Append(c1); + + for (int k = 1; k < str.Length; k++) + { + char c2 = str[k]; + if (!(' ' == c1 && ' ' == c2)) + { + res.Append(c2); + c1 = c2; + } + } + + return res.ToString(); + } + + public static bool RdnAreEqual(Rdn rdn1, Rdn rdn2) + { + if (rdn1.Count != rdn2.Count) + return false; + + AttributeTypeAndValue[] atvs1 = rdn1.GetTypesAndValues(); + AttributeTypeAndValue[] atvs2 = rdn2.GetTypesAndValues(); + + if (atvs1.Length != atvs2.Length) + return false; + + for (int i = 0; i != atvs1.Length; i++) + { + if (!AtvAreEqual(atvs1[i], atvs2[i])) + return false; + } + + return true; + } + + private static bool AtvAreEqual(AttributeTypeAndValue atv1, AttributeTypeAndValue atv2) + { + if (atv1 == atv2) + return true; + if (null == atv1 || null == atv2) + return false; + + DerObjectIdentifier o1 = atv1.Type; + DerObjectIdentifier o2 = atv2.Type; + + if (!o1.Equals(o2)) + return false; + + string v1 = CanonicalString(atv1.Value); + string v2 = CanonicalString(atv2.Value); + + if (!v1.Equals(v2)) + return false; + + return true; + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/x509/AccessDescription.cs b/BouncyCastle/crypto/src/asn1/x509/AccessDescription.cs new file mode 100644 index 0000000..47374be --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/x509/AccessDescription.cs @@ -0,0 +1,85 @@ +using System; + +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Asn1.X509 +{ + /** + * The AccessDescription object. + * 
+	 * AccessDescription  ::=  SEQUENCE {
+	 *       accessMethod          OBJECT IDENTIFIER,
+	 *       accessLocation        GeneralName  }
+	 *
+ */ + public class AccessDescription + : Asn1Encodable + { + public readonly static DerObjectIdentifier IdADCAIssuers = new DerObjectIdentifier("1.3.6.1.5.5.7.48.2"); + public readonly static DerObjectIdentifier IdADOcsp = new DerObjectIdentifier("1.3.6.1.5.5.7.48.1"); + + private readonly DerObjectIdentifier accessMethod; + private readonly GeneralName accessLocation; + + public static AccessDescription GetInstance( + object obj) + { + if (obj is AccessDescription) + return (AccessDescription) obj; + + if (obj is Asn1Sequence) + return new AccessDescription((Asn1Sequence) obj); + + throw new ArgumentException("unknown object in factory: " + Platform.GetTypeName(obj), "obj"); + } + + private AccessDescription( + Asn1Sequence seq) + { + if (seq.Count != 2) + throw new ArgumentException("wrong number of elements in sequence"); + + accessMethod = DerObjectIdentifier.GetInstance(seq[0]); + accessLocation = GeneralName.GetInstance(seq[1]); + } + + /** + * create an AccessDescription with the oid and location provided. + */ + public AccessDescription( + DerObjectIdentifier oid, + GeneralName location) + { + accessMethod = oid; + accessLocation = location; + } + + /** + * + * @return the access method. + */ + public DerObjectIdentifier AccessMethod + { + get { return accessMethod; } + } + + /** + * + * @return the access location + */ + public GeneralName AccessLocation + { + get { return accessLocation; } + } + + public override Asn1Object ToAsn1Object() + { + return new DerSequence(accessMethod, accessLocation); + } + + public override string ToString() + { + return "AccessDescription: Oid(" + this.accessMethod.Id + ")"; + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/x509/AlgorithmIdentifier.cs b/BouncyCastle/crypto/src/asn1/x509/AlgorithmIdentifier.cs new file mode 100644 index 0000000..00e7ad8 --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/x509/AlgorithmIdentifier.cs @@ -0,0 +1,96 @@ +using System; + +namespace Org.BouncyCastle.Asn1.X509 +{ + public class AlgorithmIdentifier + : Asn1Encodable + { + private readonly DerObjectIdentifier algorithm; + private readonly Asn1Encodable parameters; + + public static AlgorithmIdentifier GetInstance( + Asn1TaggedObject obj, + bool explicitly) + { + return GetInstance(Asn1Sequence.GetInstance(obj, explicitly)); + } + + public static AlgorithmIdentifier GetInstance( + object obj) + { + if (obj == null) + return null; + if (obj is AlgorithmIdentifier) + return (AlgorithmIdentifier)obj; + return new AlgorithmIdentifier(Asn1Sequence.GetInstance(obj)); + } + + public AlgorithmIdentifier( + DerObjectIdentifier algorithm) + { + this.algorithm = algorithm; + } + + [Obsolete("Use version taking a DerObjectIdentifier")] + public AlgorithmIdentifier( + string algorithm) + { + this.algorithm = new DerObjectIdentifier(algorithm); + } + + public AlgorithmIdentifier( + DerObjectIdentifier algorithm, + Asn1Encodable parameters) + { + this.algorithm = algorithm; + this.parameters = parameters; + } + + internal AlgorithmIdentifier( + Asn1Sequence seq) + { + if (seq.Count < 1 || seq.Count > 2) + throw new ArgumentException("Bad sequence size: " + seq.Count); + + this.algorithm = DerObjectIdentifier.GetInstance(seq[0]); + this.parameters = seq.Count < 2 ? null : seq[1]; + } + + /// + /// Return the OID in the Algorithm entry of this identifier. + /// + public virtual DerObjectIdentifier Algorithm + { + get { return algorithm; } + } + + [Obsolete("Use 'Algorithm' property instead")] + public virtual DerObjectIdentifier ObjectID + { + get { return algorithm; } + } + + /// + /// Return the parameters structure in the Parameters entry of this identifier. + /// + public virtual Asn1Encodable Parameters + { + get { return parameters; } + } + + /** + * Produce an object suitable for an Asn1OutputStream. + * 
+         *      AlgorithmIdentifier ::= Sequence {
+         *                            algorithm OBJECT IDENTIFIER,
+         *                            parameters ANY DEFINED BY algorithm OPTIONAL }
+         *
+ */ + public override Asn1Object ToAsn1Object() + { + Asn1EncodableVector v = new Asn1EncodableVector(algorithm); + v.AddOptional(parameters); + return new DerSequence(v); + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/x509/AttCertIssuer.cs b/BouncyCastle/crypto/src/asn1/x509/AttCertIssuer.cs new file mode 100644 index 0000000..407c4ae --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/x509/AttCertIssuer.cs @@ -0,0 +1,86 @@ +using System; + +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Asn1.X509 +{ + public class AttCertIssuer + : Asn1Encodable, IAsn1Choice + { + internal readonly Asn1Encodable obj; + internal readonly Asn1Object choiceObj; + + public static AttCertIssuer GetInstance( + object obj) + { + if (obj is AttCertIssuer) + { + return (AttCertIssuer)obj; + } + else if (obj is V2Form) + { + return new AttCertIssuer(V2Form.GetInstance(obj)); + } + else if (obj is GeneralNames) + { + return new AttCertIssuer((GeneralNames)obj); + } + else if (obj is Asn1TaggedObject) + { + return new AttCertIssuer(V2Form.GetInstance((Asn1TaggedObject)obj, false)); + } + else if (obj is Asn1Sequence) + { + return new AttCertIssuer(GeneralNames.GetInstance(obj)); + } + + throw new ArgumentException("unknown object in factory: " + Platform.GetTypeName(obj), "obj"); + } + + public static AttCertIssuer GetInstance( + Asn1TaggedObject obj, + bool isExplicit) + { + return GetInstance(obj.GetObject()); // must be explictly tagged + } + + /// + /// Don't use this one if you are trying to be RFC 3281 compliant. + /// Use it for v1 attribute certificates only. + /// + /// Our GeneralNames structure + public AttCertIssuer( + GeneralNames names) + { + obj = names; + choiceObj = obj.ToAsn1Object(); + } + + public AttCertIssuer( + V2Form v2Form) + { + obj = v2Form; + choiceObj = new DerTaggedObject(false, 0, obj); + } + + public Asn1Encodable Issuer + { + get { return obj; } + } + + /** + * Produce an object suitable for an Asn1OutputStream. + * 
+         *  AttCertIssuer ::= CHOICE {
+         *       v1Form   GeneralNames,  -- MUST NOT be used in this
+         *                               -- profile
+         *       v2Form   [0] V2Form     -- v2 only
+         *  }
+         *
+ */ + public override Asn1Object ToAsn1Object() + { + return choiceObj; + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/x509/AttCertValidityPeriod.cs b/BouncyCastle/crypto/src/asn1/x509/AttCertValidityPeriod.cs new file mode 100644 index 0000000..d31e074 --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/x509/AttCertValidityPeriod.cs @@ -0,0 +1,78 @@ +using System; + +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Asn1.X509 +{ + public class AttCertValidityPeriod + : Asn1Encodable + { + private readonly DerGeneralizedTime notBeforeTime; + private readonly DerGeneralizedTime notAfterTime; + + public static AttCertValidityPeriod GetInstance( + object obj) + { + if (obj is AttCertValidityPeriod || obj == null) + { + return (AttCertValidityPeriod) obj; + } + + if (obj is Asn1Sequence) + { + return new AttCertValidityPeriod((Asn1Sequence) obj); + } + + throw new ArgumentException("unknown object in factory: " + Platform.GetTypeName(obj), "obj"); + } + + public static AttCertValidityPeriod GetInstance( + Asn1TaggedObject obj, + bool explicitly) + { + return GetInstance(Asn1Sequence.GetInstance(obj, explicitly)); + } + + private AttCertValidityPeriod( + Asn1Sequence seq) + { + if (seq.Count != 2) + throw new ArgumentException("Bad sequence size: " + seq.Count); + + notBeforeTime = DerGeneralizedTime.GetInstance(seq[0]); + notAfterTime = DerGeneralizedTime.GetInstance(seq[1]); + } + + public AttCertValidityPeriod( + DerGeneralizedTime notBeforeTime, + DerGeneralizedTime notAfterTime) + { + this.notBeforeTime = notBeforeTime; + this.notAfterTime = notAfterTime; + } + + public DerGeneralizedTime NotBeforeTime + { + get { return notBeforeTime; } + } + + public DerGeneralizedTime NotAfterTime + { + get { return notAfterTime; } + } + + /** + * Produce an object suitable for an Asn1OutputStream. + * 
+         *  AttCertValidityPeriod  ::= Sequence {
+         *       notBeforeTime  GeneralizedTime,
+         *       notAfterTime   GeneralizedTime
+         *  }
+         *
+ */ + public override Asn1Object ToAsn1Object() + { + return new DerSequence(notBeforeTime, notAfterTime); + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/x509/Attribute.cs b/BouncyCastle/crypto/src/asn1/x509/Attribute.cs new file mode 100644 index 0000000..da59b42 --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/x509/Attribute.cs @@ -0,0 +1,82 @@ +using System; + +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Asn1.X509 +{ + public class AttributeX509 + : Asn1Encodable + { + private readonly DerObjectIdentifier attrType; + private readonly Asn1Set attrValues; + + /** + * return an Attr object from the given object. + * + * @param o the object we want converted. + * @exception ArgumentException if the object cannot be converted. + */ + public static AttributeX509 GetInstance( + object obj) + { + if (obj == null || obj is AttributeX509) + { + return (AttributeX509) obj; + } + + if (obj is Asn1Sequence) + { + return new AttributeX509((Asn1Sequence) obj); + } + + throw new ArgumentException("unknown object in factory: " + Platform.GetTypeName(obj), "obj"); + } + + private AttributeX509( + Asn1Sequence seq) + { + if (seq.Count != 2) + throw new ArgumentException("Bad sequence size: " + seq.Count); + + attrType = DerObjectIdentifier.GetInstance(seq[0]); + attrValues = Asn1Set.GetInstance(seq[1]); + } + + public AttributeX509( + DerObjectIdentifier attrType, + Asn1Set attrValues) + { + this.attrType = attrType; + this.attrValues = attrValues; + } + + public DerObjectIdentifier AttrType + { + get { return attrType; } + } + + public Asn1Encodable[] GetAttributeValues() + { + return attrValues.ToArray(); + } + + public Asn1Set AttrValues + { + get { return attrValues; } + } + + /** + * Produce an object suitable for an Asn1OutputStream. + * 
+         * Attr ::= Sequence {
+         *     attrType OBJECT IDENTIFIER,
+         *     attrValues Set OF AttributeValue
+         * }
+         *
+ */ + public override Asn1Object ToAsn1Object() + { + return new DerSequence(attrType, attrValues); + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/x509/AttributeCertificate.cs b/BouncyCastle/crypto/src/asn1/x509/AttributeCertificate.cs new file mode 100644 index 0000000..41893b6 --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/x509/AttributeCertificate.cs @@ -0,0 +1,86 @@ +using System; + +using Org.BouncyCastle.Asn1; + +namespace Org.BouncyCastle.Asn1.X509 +{ + public class AttributeCertificate + : Asn1Encodable + { + private readonly AttributeCertificateInfo acinfo; + private readonly AlgorithmIdentifier signatureAlgorithm; + private readonly DerBitString signatureValue; + + /** + * @param obj + * @return + */ + public static AttributeCertificate GetInstance( + object obj) + { + if (obj is AttributeCertificate) + return (AttributeCertificate) obj; + + if (obj != null) + return new AttributeCertificate(Asn1Sequence.GetInstance(obj)); + + return null; + } + + public AttributeCertificate( + AttributeCertificateInfo acinfo, + AlgorithmIdentifier signatureAlgorithm, + DerBitString signatureValue) + { + this.acinfo = acinfo; + this.signatureAlgorithm = signatureAlgorithm; + this.signatureValue = signatureValue; + } + + private AttributeCertificate( + Asn1Sequence seq) + { + if (seq.Count != 3) + throw new ArgumentException("Bad sequence size: " + seq.Count); + + this.acinfo = AttributeCertificateInfo.GetInstance(seq[0]); + this.signatureAlgorithm = AlgorithmIdentifier.GetInstance(seq[1]); + this.signatureValue = DerBitString.GetInstance(seq[2]); + } + + public AttributeCertificateInfo ACInfo + { + get { return acinfo; } + } + + public AlgorithmIdentifier SignatureAlgorithm + { + get { return signatureAlgorithm; } + } + + public DerBitString SignatureValue + { + get { return signatureValue; } + } + + public byte[] GetSignatureOctets() + { + return signatureValue.GetOctets(); + } + + /** + * Produce an object suitable for an Asn1OutputStream. + * 
+         *  AttributeCertificate ::= Sequence {
+         *       acinfo               AttributeCertificateInfo,
+         *       signatureAlgorithm   AlgorithmIdentifier,
+         *       signatureValue       BIT STRING
+         *  }
+         *
+ */ + public override Asn1Object ToAsn1Object() + { + return new DerSequence(acinfo, signatureAlgorithm, signatureValue); + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/x509/AttributeCertificateInfo.cs b/BouncyCastle/crypto/src/asn1/x509/AttributeCertificateInfo.cs new file mode 100644 index 0000000..d466bbd --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/x509/AttributeCertificateInfo.cs @@ -0,0 +1,163 @@ +using System; + +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Asn1.X509 +{ + public class AttributeCertificateInfo + : Asn1Encodable + { + internal readonly DerInteger version; + internal readonly Holder holder; + internal readonly AttCertIssuer issuer; + internal readonly AlgorithmIdentifier signature; + internal readonly DerInteger serialNumber; + internal readonly AttCertValidityPeriod attrCertValidityPeriod; + internal readonly Asn1Sequence attributes; + internal readonly DerBitString issuerUniqueID; + internal readonly X509Extensions extensions; + + public static AttributeCertificateInfo GetInstance( + Asn1TaggedObject obj, + bool isExplicit) + { + return GetInstance(Asn1Sequence.GetInstance(obj, isExplicit)); + } + + public static AttributeCertificateInfo GetInstance( + object obj) + { + if (obj is AttributeCertificateInfo) + { + return (AttributeCertificateInfo) obj; + } + + if (obj is Asn1Sequence) + { + return new AttributeCertificateInfo((Asn1Sequence) obj); + } + + throw new ArgumentException("unknown object in factory: " + Platform.GetTypeName(obj), "obj"); + } + + private AttributeCertificateInfo( + Asn1Sequence seq) + { + if (seq.Count < 6 || seq.Count > 9) + { + throw new ArgumentException("Bad sequence size: " + seq.Count); + } + + int start; + if (seq[0] is DerInteger) // in version 1 certs version is DEFAULT v1(0) + { + this.version = DerInteger.GetInstance(seq[0]); + start = 1; + } + else + { + this.version = new DerInteger(0); + start = 0; + } + + this.holder = Holder.GetInstance(seq[start]); + this.issuer = AttCertIssuer.GetInstance(seq[start + 1]); + this.signature = AlgorithmIdentifier.GetInstance(seq[start + 2]); + this.serialNumber = DerInteger.GetInstance(seq[start + 3]); + this.attrCertValidityPeriod = AttCertValidityPeriod.GetInstance(seq[start + 4]); + this.attributes = Asn1Sequence.GetInstance(seq[start + 5]); + + for (int i = start + 6; i < seq.Count; i++) + { + Asn1Encodable obj = (Asn1Encodable) seq[i]; + + if (obj is DerBitString) + { + this.issuerUniqueID = DerBitString.GetInstance(seq[i]); + } + else if (obj is Asn1Sequence || obj is X509Extensions) + { + this.extensions = X509Extensions.GetInstance(seq[i]); + } + } + } + + public DerInteger Version + { + get { return version; } + } + + public Holder Holder + { + get { return holder; } + } + + public AttCertIssuer Issuer + { + get { return issuer; } + } + + public AlgorithmIdentifier Signature + { + get { return signature; } + } + + public DerInteger SerialNumber + { + get { return serialNumber; } + } + + public AttCertValidityPeriod AttrCertValidityPeriod + { + get { return attrCertValidityPeriod; } + } + + public Asn1Sequence Attributes + { + get { return attributes; } + } + + public DerBitString IssuerUniqueID + { + get { return issuerUniqueID; } + } + + public X509Extensions Extensions + { + get { return extensions; } + } + + /** + * Produce an object suitable for an Asn1OutputStream. + * 
+         *  AttributeCertificateInfo ::= Sequence {
+         *       version              AttCertVersion -- version is v2,
+         *       holder               Holder,
+         *       issuer               AttCertIssuer,
+         *       signature            AlgorithmIdentifier,
+         *       serialNumber         CertificateSerialNumber,
+         *       attrCertValidityPeriod   AttCertValidityPeriod,
+         *       attributes           Sequence OF Attr,
+         *       issuerUniqueID       UniqueIdentifier OPTIONAL,
+         *       extensions           Extensions OPTIONAL
+         *  }
+         *
+         *  AttCertVersion ::= Integer { v2(1) }
+         *
+ */ + public override Asn1Object ToAsn1Object() + { + Asn1EncodableVector v = new Asn1EncodableVector(9); + + if (!version.HasValue(0)) + { + v.Add(version); + } + + v.Add(holder, issuer, signature, serialNumber, attrCertValidityPeriod, attributes); + v.AddOptional(issuerUniqueID, extensions); + + return new DerSequence(v); + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/x509/AttributeTable.cs b/BouncyCastle/crypto/src/asn1/x509/AttributeTable.cs new file mode 100644 index 0000000..33faad6 --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/x509/AttributeTable.cs @@ -0,0 +1,73 @@ +using System; +using System.Collections; + +using Org.BouncyCastle.Asn1; +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Asn1.X509 +{ + public class AttributeTable + { + private readonly IDictionary attributes; + + public AttributeTable( + IDictionary attrs) + { + this.attributes = Platform.CreateHashtable(attrs); + } + +#if !(SILVERLIGHT || PORTABLE) + [Obsolete] + public AttributeTable( + Hashtable attrs) + { + this.attributes = Platform.CreateHashtable(attrs); + } +#endif + + public AttributeTable( + Asn1EncodableVector v) + { + this.attributes = Platform.CreateHashtable(v.Count); + + for (int i = 0; i != v.Count; i++) + { + AttributeX509 a = AttributeX509.GetInstance(v[i]); + + attributes.Add(a.AttrType, a); + } + } + + public AttributeTable( + Asn1Set s) + { + this.attributes = Platform.CreateHashtable(s.Count); + + for (int i = 0; i != s.Count; i++) + { + AttributeX509 a = AttributeX509.GetInstance(s[i]); + + attributes.Add(a.AttrType, a); + } + } + + public AttributeX509 Get( + DerObjectIdentifier oid) + { + return (AttributeX509) attributes[oid]; + } + +#if !(SILVERLIGHT || PORTABLE) + [Obsolete("Use 'ToDictionary' instead")] + public Hashtable ToHashtable() + { + return new Hashtable(attributes); + } +#endif + + public IDictionary ToDictionary() + { + return Platform.CreateHashtable(attributes); + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/x509/AuthorityInformationAccess.cs b/BouncyCastle/crypto/src/asn1/x509/AuthorityInformationAccess.cs new file mode 100644 index 0000000..f4b694c --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/x509/AuthorityInformationAccess.cs @@ -0,0 +1,114 @@ +using System; +using System.Collections; +using System.Text; + +using Org.BouncyCastle.Asn1; +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Asn1.X509 +{ + /** + * The AuthorityInformationAccess object. + * 
+     * id-pe-authorityInfoAccess OBJECT IDENTIFIER ::= { id-pe 1 }
+     *
+     * AuthorityInfoAccessSyntax  ::=
+     *      Sequence SIZE (1..MAX) OF AccessDescription
+     * AccessDescription  ::=  Sequence {
+     *       accessMethod          OBJECT IDENTIFIER,
+     *       accessLocation        GeneralName  }
+     *
+     * id-ad OBJECT IDENTIFIER ::= { id-pkix 48 }
+     * id-ad-caIssuers OBJECT IDENTIFIER ::= { id-ad 2 }
+     * id-ad-ocsp OBJECT IDENTIFIER ::= { id-ad 1 }
+     *
+ */ + public class AuthorityInformationAccess + : Asn1Encodable + { + private static AccessDescription[] Copy(AccessDescription[] descriptions) + { + return (AccessDescription[])descriptions.Clone(); + } + + public static AuthorityInformationAccess GetInstance(object obj) + { + if (obj is AuthorityInformationAccess) + return (AuthorityInformationAccess)obj; + if (obj == null) + return null; + return new AuthorityInformationAccess(Asn1Sequence.GetInstance(obj)); + } + + public static AuthorityInformationAccess FromExtensions(X509Extensions extensions) + { + return GetInstance(X509Extensions.GetExtensionParsedValue(extensions, X509Extensions.AuthorityInfoAccess)); + } + + private readonly AccessDescription[] descriptions; + + private AuthorityInformationAccess( + Asn1Sequence seq) + { + if (seq.Count < 1) + throw new ArgumentException("sequence may not be empty"); + + this.descriptions = new AccessDescription[seq.Count]; + + for (int i = 0; i < seq.Count; ++i) + { + descriptions[i] = AccessDescription.GetInstance(seq[i]); + } + } + + public AuthorityInformationAccess( + AccessDescription description) + { + this.descriptions = new AccessDescription[]{ description }; + } + + public AuthorityInformationAccess( + AccessDescription[] descriptions) + { + this.descriptions = Copy(descriptions); + } + + /** + * create an AuthorityInformationAccess with the oid and location provided. + */ + public AuthorityInformationAccess(DerObjectIdentifier oid, GeneralName location) + : this(new AccessDescription(oid, location)) + { + } + + public AccessDescription[] GetAccessDescriptions() + { + return Copy(descriptions); + } + + public override Asn1Object ToAsn1Object() + { + return new DerSequence(descriptions); + } + + public override string ToString() + { + //return "AuthorityInformationAccess: Oid(" + this.descriptions[0].AccessMethod.Id + ")"; + + StringBuilder buf = new StringBuilder(); + string sep = Platform.NewLine; + + buf.Append("AuthorityInformationAccess:"); + buf.Append(sep); + + foreach (AccessDescription description in descriptions) + { + buf.Append(" "); + buf.Append(description); + buf.Append(sep); + } + + return buf.ToString(); + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/x509/AuthorityKeyIdentifier.cs b/BouncyCastle/crypto/src/asn1/x509/AuthorityKeyIdentifier.cs new file mode 100644 index 0000000..e7f1201 --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/x509/AuthorityKeyIdentifier.cs @@ -0,0 +1,185 @@ +using System; +using System.Collections; + +using Org.BouncyCastle.Crypto; +using Org.BouncyCastle.Crypto.Digests; +using Org.BouncyCastle.Math; +using Org.BouncyCastle.Utilities; +using Org.BouncyCastle.Utilities.Encoders; + +namespace Org.BouncyCastle.Asn1.X509 +{ + /** + * The AuthorityKeyIdentifier object. + * 
+     * id-ce-authorityKeyIdentifier OBJECT IDENTIFIER ::=  { id-ce 35 }
+     *
+     *   AuthorityKeyIdentifier ::= Sequence {
+     *      keyIdentifier             [0] IMPLICIT KeyIdentifier           OPTIONAL,
+     *      authorityCertIssuer       [1] IMPLICIT GeneralNames            OPTIONAL,
+     *      authorityCertSerialNumber [2] IMPLICIT CertificateSerialNumber OPTIONAL  }
+     *
+     *   KeyIdentifier ::= OCTET STRING
+     *
+ * + */ + public class AuthorityKeyIdentifier + : Asn1Encodable + { + public static AuthorityKeyIdentifier GetInstance(Asn1TaggedObject obj, bool explicitly) + { + return GetInstance(Asn1Sequence.GetInstance(obj, explicitly)); + } + + public static AuthorityKeyIdentifier GetInstance(object obj) + { + if (obj is AuthorityKeyIdentifier) + return (AuthorityKeyIdentifier)obj; + if (obj is X509Extension) + return GetInstance(X509Extension.ConvertValueToObject((X509Extension)obj)); + if (obj == null) + return null; + return new AuthorityKeyIdentifier(Asn1Sequence.GetInstance(obj)); + } + + public static AuthorityKeyIdentifier FromExtensions(X509Extensions extensions) + { + return GetInstance(X509Extensions.GetExtensionParsedValue(extensions, X509Extensions.AuthorityKeyIdentifier)); + } + + private readonly Asn1OctetString keyidentifier; + private readonly GeneralNames certissuer; + private readonly DerInteger certserno; + + protected internal AuthorityKeyIdentifier( + Asn1Sequence seq) + { + foreach (Asn1Encodable element in seq) + { + Asn1TaggedObject obj = Asn1TaggedObject.GetInstance(element); + + switch (obj.TagNo) + { + case 0: + this.keyidentifier = Asn1OctetString.GetInstance(obj, false); + break; + case 1: + this.certissuer = GeneralNames.GetInstance(obj, false); + break; + case 2: + this.certserno = DerInteger.GetInstance(obj, false); + break; + default: + throw new ArgumentException("illegal tag"); + } + } + } + + /** + * + * Calulates the keyidentifier using a SHA1 hash over the BIT STRING + * from SubjectPublicKeyInfo as defined in RFC2459. + * + * Example of making a AuthorityKeyIdentifier: + * 
+	     *   SubjectPublicKeyInfo apki = new SubjectPublicKeyInfo((ASN1Sequence)new ASN1InputStream(
+		 *       publicKey.getEncoded()).readObject());
+         *   AuthorityKeyIdentifier aki = new AuthorityKeyIdentifier(apki);
+         *
+ * + **/ + public AuthorityKeyIdentifier( + SubjectPublicKeyInfo spki) + : this(spki, null, null) + { + } + + /** + * create an AuthorityKeyIdentifier with the GeneralNames tag and + * the serial number provided as well. + */ + public AuthorityKeyIdentifier( + SubjectPublicKeyInfo spki, + GeneralNames name, + BigInteger serialNumber) + { + IDigest digest = new Sha1Digest(); + byte[] resBuf = new byte[digest.GetDigestSize()]; + byte[] bytes = spki.PublicKeyData.GetBytes(); + digest.BlockUpdate(bytes, 0, bytes.Length); + digest.DoFinal(resBuf, 0); + + this.keyidentifier = new DerOctetString(resBuf); + this.certissuer = name; + this.certserno = serialNumber == null ? null : new DerInteger(serialNumber); + } + + /** + * create an AuthorityKeyIdentifier with the GeneralNames tag and + * the serial number provided. + */ + public AuthorityKeyIdentifier( + GeneralNames name, + BigInteger serialNumber) + : this((byte[])null, name, serialNumber) + { + } + + /** + * create an AuthorityKeyIdentifier with a precomputed key identifier + */ + public AuthorityKeyIdentifier( + byte[] keyIdentifier) + : this(keyIdentifier, null, null) + { + } + + /** + * create an AuthorityKeyIdentifier with a precomupted key identifier + * and the GeneralNames tag and the serial number provided as well. + */ + public AuthorityKeyIdentifier( + byte[] keyIdentifier, + GeneralNames name, + BigInteger serialNumber) + { + this.keyidentifier = keyIdentifier == null ? null : new DerOctetString(keyIdentifier); + this.certissuer = name; + this.certserno = serialNumber == null ? null : new DerInteger(serialNumber); + } + + public byte[] GetKeyIdentifier() + { + return keyidentifier == null ? null : keyidentifier.GetOctets(); + } + + public GeneralNames AuthorityCertIssuer + { + get { return certissuer; } + } + + public BigInteger AuthorityCertSerialNumber + { + get { return certserno == null ? null : certserno.Value; } + } + + /** + * Produce an object suitable for an Asn1OutputStream. + */ + public override Asn1Object ToAsn1Object() + { + Asn1EncodableVector v = new Asn1EncodableVector(); + v.AddOptionalTagged(false, 0, keyidentifier); + v.AddOptionalTagged(false, 1, certissuer); + v.AddOptionalTagged(false, 2, certserno); + return new DerSequence(v); + } + + public override string ToString() + { + string keyID = (keyidentifier != null) ? Hex.ToHexString(keyidentifier.GetOctets()) : "null"; + + return "AuthorityKeyIdentifier: KeyID(" + keyID + ")"; + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/x509/BasicConstraints.cs b/BouncyCastle/crypto/src/asn1/x509/BasicConstraints.cs new file mode 100644 index 0000000..deecae2 --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/x509/BasicConstraints.cs @@ -0,0 +1,117 @@ +using System; + +using Org.BouncyCastle.Math; +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Asn1.X509 +{ + public class BasicConstraints + : Asn1Encodable + { + public static BasicConstraints GetInstance(Asn1TaggedObject obj, bool explicitly) + { + return GetInstance(Asn1Sequence.GetInstance(obj, explicitly)); + } + + public static BasicConstraints GetInstance(object obj) + { + if (obj is BasicConstraints) + return (BasicConstraints)obj; + if (obj is X509Extension) + return GetInstance(X509Extension.ConvertValueToObject((X509Extension)obj)); + if (obj == null) + return null; + return new BasicConstraints(Asn1Sequence.GetInstance(obj)); + } + + public static BasicConstraints FromExtensions(X509Extensions extensions) + { + return GetInstance(X509Extensions.GetExtensionParsedValue(extensions, X509Extensions.BasicConstraints)); + } + + private readonly DerBoolean cA; + private readonly DerInteger pathLenConstraint; + + private BasicConstraints( + Asn1Sequence seq) + { + if (seq.Count > 0) + { + if (seq[0] is DerBoolean) + { + this.cA = DerBoolean.GetInstance(seq[0]); + } + else + { + this.pathLenConstraint = DerInteger.GetInstance(seq[0]); + } + + if (seq.Count > 1) + { + if (this.cA == null) + throw new ArgumentException("wrong sequence in constructor", "seq"); + + this.pathLenConstraint = DerInteger.GetInstance(seq[1]); + } + } + } + + public BasicConstraints( + bool cA) + { + if (cA) + { + this.cA = DerBoolean.True; + } + } + + /** + * create a cA=true object for the given path length constraint. + * + * @param pathLenConstraint + */ + public BasicConstraints( + int pathLenConstraint) + { + this.cA = DerBoolean.True; + this.pathLenConstraint = new DerInteger(pathLenConstraint); + } + + public bool IsCA() + { + return cA != null && cA.IsTrue; + } + + public BigInteger PathLenConstraint + { + get { return pathLenConstraint == null ? null : pathLenConstraint.Value; } + } + + /** + * Produce an object suitable for an Asn1OutputStream. + * 
+         * BasicConstraints := Sequence {
+         *    cA                  Boolean DEFAULT FALSE,
+         *    pathLenConstraint   Integer (0..MAX) OPTIONAL
+         * }
+         *
+ */ + public override Asn1Object ToAsn1Object() + { + Asn1EncodableVector v = new Asn1EncodableVector(2); + v.AddOptional(cA, + pathLenConstraint); // yes some people actually do this when cA is false... + return new DerSequence(v); + } + + public override string ToString() + { + if (pathLenConstraint == null) + { + return "BasicConstraints: isCa(" + this.IsCA() + ")"; + } + + return "BasicConstraints: isCa(" + this.IsCA() + "), pathLenConstraint = " + pathLenConstraint.Value; + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/x509/CRLDistPoint.cs b/BouncyCastle/crypto/src/asn1/x509/CRLDistPoint.cs new file mode 100644 index 0000000..446bb19 --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/x509/CRLDistPoint.cs @@ -0,0 +1,89 @@ +using System; +using System.Text; + +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Asn1.X509 +{ + public class CrlDistPoint + : Asn1Encodable + { + public static CrlDistPoint GetInstance(Asn1TaggedObject obj, bool explicitly) + { + return GetInstance(Asn1Sequence.GetInstance(obj, explicitly)); + } + + public static CrlDistPoint GetInstance(object obj) + { + if (obj is CrlDistPoint) + return (CrlDistPoint)obj; + if (obj == null) + return null; + return new CrlDistPoint(Asn1Sequence.GetInstance(obj)); + } + + public static CrlDistPoint FromExtensions(X509Extensions extensions) + { + return GetInstance(X509Extensions.GetExtensionParsedValue(extensions, X509Extensions.CrlDistributionPoints)); + } + + internal readonly Asn1Sequence seq; + + private CrlDistPoint( + Asn1Sequence seq) + { + this.seq = seq; + } + + public CrlDistPoint( + DistributionPoint[] points) + { + seq = new DerSequence(points); + } + + /** + * Return the distribution points making up the sequence. + * + * @return DistributionPoint[] + */ + public DistributionPoint[] GetDistributionPoints() + { + DistributionPoint[] dp = new DistributionPoint[seq.Count]; + + for (int i = 0; i != seq.Count; ++i) + { + dp[i] = DistributionPoint.GetInstance(seq[i]); + } + + return dp; + } + + /** + * Produce an object suitable for an Asn1OutputStream. + * 
+         * CrlDistPoint ::= Sequence SIZE {1..MAX} OF DistributionPoint
+         *
+ */ + public override Asn1Object ToAsn1Object() + { + return seq; + } + + public override string ToString() + { + StringBuilder buf = new StringBuilder(); + string sep = Platform.NewLine; + + buf.Append("CRLDistPoint:"); + buf.Append(sep); + DistributionPoint[] dp = GetDistributionPoints(); + for (int i = 0; i != dp.Length; i++) + { + buf.Append(" "); + buf.Append(dp[i]); + buf.Append(sep); + } + return buf.ToString(); + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/x509/CRLNumber.cs b/BouncyCastle/crypto/src/asn1/x509/CRLNumber.cs new file mode 100644 index 0000000..d744416 --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/x509/CRLNumber.cs @@ -0,0 +1,30 @@ +using Org.BouncyCastle.Math; + +namespace Org.BouncyCastle.Asn1.X509 +{ + /** + * The CRLNumber object. + * 
+     * CRLNumber::= Integer(0..MAX)
+     *
+ */ + public class CrlNumber + : DerInteger + { + public CrlNumber( + BigInteger number) + : base(number) + { + } + + public BigInteger Number + { + get { return PositiveValue; } + } + + public override string ToString() + { + return "CRLNumber: " + Number; + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/x509/CRLReason.cs b/BouncyCastle/crypto/src/asn1/x509/CRLReason.cs new file mode 100644 index 0000000..050ceb3 --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/x509/CRLReason.cs @@ -0,0 +1,60 @@ +namespace Org.BouncyCastle.Asn1.X509 +{ + /** + * The CRLReason enumeration. + * 
+     * CRLReason ::= Enumerated {
+     *  unspecified             (0),
+     *  keyCompromise           (1),
+     *  cACompromise            (2),
+     *  affiliationChanged      (3),
+     *  superseded              (4),
+     *  cessationOfOperation    (5),
+     *  certificateHold         (6),
+     *  removeFromCRL           (8),
+     *  privilegeWithdrawn      (9),
+     *  aACompromise           (10)
+     * }
+     *
+ */ + public class CrlReason + : DerEnumerated + { + public const int Unspecified = 0; + public const int KeyCompromise = 1; + public const int CACompromise = 2; + public const int AffiliationChanged = 3; + public const int Superseded = 4; + public const int CessationOfOperation = 5; + public const int CertificateHold = 6; + // 7 -> Unknown + public const int RemoveFromCrl = 8; + public const int PrivilegeWithdrawn = 9; + public const int AACompromise = 10; + + private static readonly string[] ReasonString = new string[] + { + "Unspecified", "KeyCompromise", "CACompromise", "AffiliationChanged", + "Superseded", "CessationOfOperation", "CertificateHold", "Unknown", + "RemoveFromCrl", "PrivilegeWithdrawn", "AACompromise" + }; + + public CrlReason( + int reason) + : base(reason) + { + } + + public CrlReason(DerEnumerated reason) + : base(reason.IntValueExact) + { + } + + public override string ToString() + { + int reason = IntValueExact; + string str = (reason < 0 || reason > 10) ? "Invalid" : ReasonString[reason]; + return "CrlReason: " + str; + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/x509/CertPolicyId.cs b/BouncyCastle/crypto/src/asn1/x509/CertPolicyId.cs new file mode 100644 index 0000000..11cebcd --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/x509/CertPolicyId.cs @@ -0,0 +1,20 @@ +namespace Org.BouncyCastle.Asn1.X509 +{ + /** + * CertPolicyId, used in the CertificatePolicies and PolicyMappings + * X509V3 Extensions. + * + * 
+     *     CertPolicyId ::= OBJECT IDENTIFIER
+     *
+ */ + public class CertPolicyID + : DerObjectIdentifier + { + public CertPolicyID( + string id) + : base(id) + { + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/x509/CertificateList.cs b/BouncyCastle/crypto/src/asn1/x509/CertificateList.cs new file mode 100644 index 0000000..567cf13 --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/x509/CertificateList.cs @@ -0,0 +1,113 @@ +using System; +using System.Collections; + +using Org.BouncyCastle.Asn1; + +namespace Org.BouncyCastle.Asn1.X509 +{ + /** + * PKIX RFC-2459 + * + * The X.509 v2 CRL syntax is as follows. For signature calculation, + * the data that is to be signed is ASN.1 Der encoded. + * + * 
+     * CertificateList  ::=  Sequence  {
+     *      tbsCertList          TbsCertList,
+     *      signatureAlgorithm   AlgorithmIdentifier,
+     *      signatureValue       BIT STRING  }
+     *
+ */ + public class CertificateList + : Asn1Encodable + { + private readonly TbsCertificateList tbsCertList; + private readonly AlgorithmIdentifier sigAlgID; + private readonly DerBitString sig; + + public static CertificateList GetInstance( + Asn1TaggedObject obj, + bool explicitly) + { + return GetInstance(Asn1Sequence.GetInstance(obj, explicitly)); + } + + public static CertificateList GetInstance( + object obj) + { + if (obj is CertificateList) + return (CertificateList) obj; + + if (obj != null) + return new CertificateList(Asn1Sequence.GetInstance(obj)); + + return null; + } + + private CertificateList( + Asn1Sequence seq) + { + if (seq.Count != 3) + throw new ArgumentException("sequence wrong size for CertificateList", "seq"); + + tbsCertList = TbsCertificateList.GetInstance(seq[0]); + sigAlgID = AlgorithmIdentifier.GetInstance(seq[1]); + sig = DerBitString.GetInstance(seq[2]); + } + + public TbsCertificateList TbsCertList + { + get { return tbsCertList; } + } + + public CrlEntry[] GetRevokedCertificates() + { + return tbsCertList.GetRevokedCertificates(); + } + + public IEnumerable GetRevokedCertificateEnumeration() + { + return tbsCertList.GetRevokedCertificateEnumeration(); + } + + public AlgorithmIdentifier SignatureAlgorithm + { + get { return sigAlgID; } + } + + public DerBitString Signature + { + get { return sig; } + } + + public byte[] GetSignatureOctets() + { + return sig.GetOctets(); + } + + public int Version + { + get { return tbsCertList.Version; } + } + + public X509Name Issuer + { + get { return tbsCertList.Issuer; } + } + + public Time ThisUpdate + { + get { return tbsCertList.ThisUpdate; } + } + + public Time NextUpdate + { + get { return tbsCertList.NextUpdate; } + } + + public override Asn1Object ToAsn1Object() + { + return new DerSequence(tbsCertList, sigAlgID, sig); + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/x509/CertificatePair.cs b/BouncyCastle/crypto/src/asn1/x509/CertificatePair.cs new file mode 100644 index 0000000..69861e1 --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/x509/CertificatePair.cs @@ -0,0 +1,153 @@ +using System; + +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Asn1.X509 +{ + /** + * This class helps to support crossCerfificatePairs in a LDAP directory + * according RFC 2587 + * + * 
+	*     crossCertificatePairATTRIBUTE::={
+	*       WITH SYNTAX   CertificatePair
+	*       EQUALITY MATCHING RULE certificatePairExactMatch
+	*       ID joint-iso-ccitt(2) ds(5) attributeType(4) crossCertificatePair(40)}
+	*
+ * + *
The forward elements of the crossCertificatePair attribute of a + * CA's directory entry shall be used to store all, except self-issued + * certificates issued to this CA. Optionally, the reverse elements of the + * crossCertificatePair attribute, of a CA's directory entry may contain a + * subset of certificates issued by this CA to other CAs. When both the forward + * and the reverse elements are present in a single attribute value, issuer name + * in one certificate shall match the subject name in the other and vice versa, + * and the subject public key in one certificate shall be capable of verifying + * the digital signature on the other certificate and vice versa. + * + * When a reverse element is present, the forward element value and the reverse + * element value need not be stored in the same attribute value; in other words, + * they can be stored in either a single attribute value or two attribute + * values.
+ * + * 
+	*       CertificatePair ::= SEQUENCE {
+	*         forward		[0]	Certificate OPTIONAL,
+	*         reverse		[1]	Certificate OPTIONAL,
+	*         -- at least one of the pair shall be present -- }
+	*
+ */ + public class CertificatePair + : Asn1Encodable + { + private X509CertificateStructure forward, reverse; + + public static CertificatePair GetInstance( + object obj) + { + if (obj == null || obj is CertificatePair) + { + return (CertificatePair) obj; + } + + if (obj is Asn1Sequence) + { + return new CertificatePair((Asn1Sequence) obj); + } + + throw new ArgumentException("unknown object in factory: " + Platform.GetTypeName(obj), "obj"); + } + + /** + * Constructor from Asn1Sequence. + *

+ * The sequence is of type CertificatePair: + *

+ * 

+		*       CertificatePair ::= SEQUENCE {
+		*         forward		[0]	Certificate OPTIONAL,
+		*         reverse		[1]	Certificate OPTIONAL,
+		*         -- at least one of the pair shall be present -- }
+		*
+ * + * @param seq The ASN.1 sequence. + */ + private CertificatePair( + Asn1Sequence seq) + { + if (seq.Count != 1 && seq.Count != 2) + { + throw new ArgumentException("Bad sequence size: " + seq.Count, "seq"); + } + + foreach (object obj in seq) + { + Asn1TaggedObject o = Asn1TaggedObject.GetInstance(obj); + if (o.TagNo == 0) + { + forward = X509CertificateStructure.GetInstance(o, true); + } + else if (o.TagNo == 1) + { + reverse = X509CertificateStructure.GetInstance(o, true); + } + else + { + throw new ArgumentException("Bad tag number: " + o.TagNo); + } + } + } + + /** + * Constructor from a given details. + * + * @param forward Certificates issued to this CA. + * @param reverse Certificates issued by this CA to other CAs. + */ + public CertificatePair( + X509CertificateStructure forward, + X509CertificateStructure reverse) + { + this.forward = forward; + this.reverse = reverse; + } + + /** + * Produce an object suitable for an Asn1OutputStream. + *

+ * Returns: + *

+ * 

+		*       CertificatePair ::= SEQUENCE {
+		*         forward		[0]	Certificate OPTIONAL,
+		*         reverse		[1]	Certificate OPTIONAL,
+		*         -- at least one of the pair shall be present -- }
+		*
+ * + * @return a DERObject + */ + public override Asn1Object ToAsn1Object() + { + Asn1EncodableVector v = new Asn1EncodableVector(); + v.AddOptionalTagged(true, 0, forward); + v.AddOptionalTagged(true, 1, reverse); + return new DerSequence(v); + } + + /** + * @return Returns the forward. + */ + public X509CertificateStructure Forward + { + get { return forward; } + } + + /** + * @return Returns the reverse. + */ + public X509CertificateStructure Reverse + { + get { return reverse; } + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/x509/CertificatePolicies.cs b/BouncyCastle/crypto/src/asn1/x509/CertificatePolicies.cs new file mode 100644 index 0000000..97214bd --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/x509/CertificatePolicies.cs @@ -0,0 +1,105 @@ +using System; +using System.Text; + +namespace Org.BouncyCastle.Asn1.X509 +{ + public class CertificatePolicies + : Asn1Encodable + { + private static PolicyInformation[] Copy(PolicyInformation[] policyInfo) + { + return (PolicyInformation[])policyInfo.Clone(); + } + + public static CertificatePolicies GetInstance(object obj) + { + if (obj is CertificatePolicies) + return (CertificatePolicies)obj; + if (obj == null) + return null; + return new CertificatePolicies(Asn1Sequence.GetInstance(obj)); + } + + public static CertificatePolicies GetInstance(Asn1TaggedObject obj, bool isExplicit) + { + return GetInstance(Asn1Sequence.GetInstance(obj, isExplicit)); + } + + public static CertificatePolicies FromExtensions(X509Extensions extensions) + { + return GetInstance(X509Extensions.GetExtensionParsedValue(extensions, X509Extensions.CertificatePolicies)); + } + + private readonly PolicyInformation[] policyInformation; + + /** + * Construct a CertificatePolicies object containing one PolicyInformation. + * + * @param name the name to be contained. + */ + public CertificatePolicies(PolicyInformation name) + { + this.policyInformation = new PolicyInformation[] { name }; + } + + public CertificatePolicies(PolicyInformation[] policyInformation) + { + this.policyInformation = Copy(policyInformation); + } + + private CertificatePolicies(Asn1Sequence seq) + { + this.policyInformation = new PolicyInformation[seq.Count]; + + for (int i = 0; i < seq.Count; ++i) + { + policyInformation[i] = PolicyInformation.GetInstance(seq[i]); + } + } + + public virtual PolicyInformation[] GetPolicyInformation() + { + return Copy(policyInformation); + } + + public virtual PolicyInformation GetPolicyInformation(DerObjectIdentifier policyIdentifier) + { + for (int i = 0; i != policyInformation.Length; i++) + { + if (policyIdentifier.Equals(policyInformation[i].PolicyIdentifier)) + { + return policyInformation[i]; + } + } + + return null; + } + + /** + * Produce an object suitable for an ASN1OutputStream. + * 
+         * CertificatePolicies ::= SEQUENCE SIZE {1..MAX} OF PolicyInformation
+         *
+ */ + public override Asn1Object ToAsn1Object() + { + return new DerSequence(policyInformation); + } + + public override string ToString() + { + StringBuilder sb = new StringBuilder("CertificatePolicies:"); + if (policyInformation != null && policyInformation.Length > 0) + { + sb.Append(' '); + sb.Append(policyInformation[0]); + for (int i = 1; i < policyInformation.Length; ++i) + { + sb.Append(", "); + sb.Append(policyInformation[i]); + } + } + return sb.ToString(); + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/x509/DSAParameter.cs b/BouncyCastle/crypto/src/asn1/x509/DSAParameter.cs new file mode 100644 index 0000000..2eb6502 --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/x509/DSAParameter.cs @@ -0,0 +1,78 @@ +using System; +using System.Collections; + +using Org.BouncyCastle.Math; +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Asn1.X509 +{ + public class DsaParameter + : Asn1Encodable + { + internal readonly DerInteger p, q, g; + + public static DsaParameter GetInstance( + Asn1TaggedObject obj, + bool explicitly) + { + return GetInstance(Asn1Sequence.GetInstance(obj, explicitly)); + } + + public static DsaParameter GetInstance( + object obj) + { + if(obj == null || obj is DsaParameter) + { + return (DsaParameter) obj; + } + + if(obj is Asn1Sequence) + { + return new DsaParameter((Asn1Sequence) obj); + } + + throw new ArgumentException("Invalid DsaParameter: " + Platform.GetTypeName(obj)); + } + + public DsaParameter( + BigInteger p, + BigInteger q, + BigInteger g) + { + this.p = new DerInteger(p); + this.q = new DerInteger(q); + this.g = new DerInteger(g); + } + + private DsaParameter( + Asn1Sequence seq) + { + if (seq.Count != 3) + throw new ArgumentException("Bad sequence size: " + seq.Count, "seq"); + + this.p = DerInteger.GetInstance(seq[0]); + this.q = DerInteger.GetInstance(seq[1]); + this.g = DerInteger.GetInstance(seq[2]); + } + + public BigInteger P + { + get { return p.PositiveValue; } + } + + public BigInteger Q + { + get { return q.PositiveValue; } + } + + public BigInteger G + { + get { return g.PositiveValue; } + } + + public override Asn1Object ToAsn1Object() + { + return new DerSequence(p, q, g); + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/x509/DigestInfo.cs b/BouncyCastle/crypto/src/asn1/x509/DigestInfo.cs new file mode 100644 index 0000000..3ac535e --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/x509/DigestInfo.cs @@ -0,0 +1,78 @@ +using System; +using System.Collections; + +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Asn1.X509 +{ + /** + * The DigestInfo object. + * 
+     * DigestInfo::=Sequence{
+     *          digestAlgorithm  AlgorithmIdentifier,
+     *          digest OCTET STRING }
+     *
+ */ + public class DigestInfo + : Asn1Encodable + { + private readonly byte[] digest; + private readonly AlgorithmIdentifier algID; + + public static DigestInfo GetInstance( + Asn1TaggedObject obj, + bool explicitly) + { + return GetInstance(Asn1Sequence.GetInstance(obj, explicitly)); + } + + public static DigestInfo GetInstance( + object obj) + { + if (obj is DigestInfo) + { + return (DigestInfo) obj; + } + + if (obj is Asn1Sequence) + { + return new DigestInfo((Asn1Sequence) obj); + } + + throw new ArgumentException("unknown object in factory: " + Platform.GetTypeName(obj), "obj"); + } + + public DigestInfo( + AlgorithmIdentifier algID, + byte[] digest) + { + this.digest = digest; + this.algID = algID; + } + + private DigestInfo( + Asn1Sequence seq) + { + if (seq.Count != 2) + throw new ArgumentException("Wrong number of elements in sequence", "seq"); + + algID = AlgorithmIdentifier.GetInstance(seq[0]); + digest = Asn1OctetString.GetInstance(seq[1]).GetOctets(); + } + + public AlgorithmIdentifier AlgorithmID + { + get { return algID; } + } + + public byte[] GetDigest() + { + return digest; + } + + public override Asn1Object ToAsn1Object() + { + return new DerSequence(algID, new DerOctetString(digest)); + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/x509/DisplayText.cs b/BouncyCastle/crypto/src/asn1/x509/DisplayText.cs new file mode 100644 index 0000000..39b3c98 --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/x509/DisplayText.cs @@ -0,0 +1,174 @@ +using System; + +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Asn1.X509 +{ + /** + * DisplayText class, used in + * CertificatePolicies X509 V3 extensions (in policy qualifiers). + * + *

It stores a string in a chosen encoding. + * 

+	 * DisplayText ::= CHOICE {
+	 *      ia5String        IA5String      (SIZE (1..200)),
+	 *      visibleString    VisibleString  (SIZE (1..200)),
+	 *      bmpString        BMPString      (SIZE (1..200)),
+	 *      utf8String       UTF8String     (SIZE (1..200)) }
+	 *

+ * @see PolicyQualifierInfo + * @see PolicyInformation + */ + public class DisplayText + : Asn1Encodable, IAsn1Choice + { + /** + * Constant corresponding to ia5String encoding. + * + */ + public const int ContentTypeIA5String = 0; + /** + * Constant corresponding to bmpString encoding. + * + */ + public const int ContentTypeBmpString = 1; + /** + * Constant corresponding to utf8String encoding. + * + */ + public const int ContentTypeUtf8String = 2; + /** + * Constant corresponding to visibleString encoding. + * + */ + public const int ContentTypeVisibleString = 3; + /** + * Describe constant DisplayTextMaximumSize here. + * + */ + public const int DisplayTextMaximumSize = 200; + + internal readonly int contentType; + internal readonly IAsn1String contents; + + /** + * Creates a new DisplayText instance. + * + * @param type the desired encoding type for the text. + * @param text the text to store. Strings longer than 200 + * characters are truncated. + */ + public DisplayText( + int type, + string text) + { + if (text.Length > DisplayTextMaximumSize) + { + // RFC3280 limits these strings to 200 chars + // truncate the string + text = text.Substring(0, DisplayTextMaximumSize); + } + + contentType = type; + switch (type) + { + case ContentTypeIA5String: + contents = (IAsn1String)new DerIA5String (text); + break; + case ContentTypeUtf8String: + contents = (IAsn1String)new DerUtf8String(text); + break; + case ContentTypeVisibleString: + contents = (IAsn1String)new DerVisibleString(text); + break; + case ContentTypeBmpString: + contents = (IAsn1String)new DerBmpString(text); + break; + default: + contents = (IAsn1String)new DerUtf8String(text); + break; + } + } + +// /** +// * return true if the passed in string can be represented without +// * loss as a PrintableString, false otherwise. +// */ +// private bool CanBePrintable( +// string str) +// { +// for (int i = str.Length - 1; i >= 0; i--) +// { +// if (str[i] > 0x007f) +// { +// return false; +// } +// } +// +// return true; +// } + + /** + * Creates a new DisplayText instance. + * + * @param text the text to encapsulate. Strings longer than 200 + * characters are truncated. + */ + public DisplayText( + string text) + { + // by default use UTF8String + if (text.Length > DisplayTextMaximumSize) + { + text = text.Substring(0, DisplayTextMaximumSize); + } + + contentType = ContentTypeUtf8String; + contents = new DerUtf8String(text); + } + + /** + * Creates a new DisplayText instance. + *

Useful when reading back a DisplayText class + * from it's Asn1Encodable form.

+ * + * @param contents an Asn1Encodable instance. + */ + public DisplayText( + IAsn1String contents) + { + this.contents = contents; + } + + public static DisplayText GetInstance( + object obj) + { + if (obj is IAsn1String) + { + return new DisplayText((IAsn1String) obj); + } + + if (obj is DisplayText) + { + return (DisplayText) obj; + } + + throw new ArgumentException("unknown object in factory: " + Platform.GetTypeName(obj), "obj"); + } + + public override Asn1Object ToAsn1Object() + { + return (Asn1Object) contents; + } + + /** + * Returns the stored string object. + * + * @return the stored text as a string. + */ + public string GetString() + { + return contents.GetString(); + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/x509/DistributionPoint.cs b/BouncyCastle/crypto/src/asn1/x509/DistributionPoint.cs new file mode 100644 index 0000000..54ab930 --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/x509/DistributionPoint.cs @@ -0,0 +1,148 @@ +using System; +using System.Text; + +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Asn1.X509 +{ + /** + * The DistributionPoint object. + * 
+     * DistributionPoint ::= Sequence {
+     *      distributionPoint [0] DistributionPointName OPTIONAL,
+     *      reasons           [1] ReasonFlags OPTIONAL,
+     *      cRLIssuer         [2] GeneralNames OPTIONAL
+     * }
+     *
+ */ + public class DistributionPoint + : Asn1Encodable + { + internal readonly DistributionPointName distributionPoint; + internal readonly ReasonFlags reasons; + internal readonly GeneralNames cRLIssuer; + + public static DistributionPoint GetInstance( + Asn1TaggedObject obj, + bool explicitly) + { + return GetInstance(Asn1Sequence.GetInstance(obj, explicitly)); + } + + public static DistributionPoint GetInstance( + object obj) + { + if(obj == null || obj is DistributionPoint) + { + return (DistributionPoint) obj; + } + + if(obj is Asn1Sequence) + { + return new DistributionPoint((Asn1Sequence) obj); + } + + throw new ArgumentException("Invalid DistributionPoint: " + Platform.GetTypeName(obj)); + } + + private DistributionPoint( + Asn1Sequence seq) + { + for (int i = 0; i != seq.Count; i++) + { + Asn1TaggedObject t = Asn1TaggedObject.GetInstance(seq[i]); + + switch (t.TagNo) + { + case 0: + distributionPoint = DistributionPointName.GetInstance(t, true); + break; + case 1: + reasons = new ReasonFlags(DerBitString.GetInstance(t, false)); + break; + case 2: + cRLIssuer = GeneralNames.GetInstance(t, false); + break; + } + } + } + + public DistributionPoint( + DistributionPointName distributionPointName, + ReasonFlags reasons, + GeneralNames crlIssuer) + { + this.distributionPoint = distributionPointName; + this.reasons = reasons; + this.cRLIssuer = crlIssuer; + } + + public DistributionPointName DistributionPointName + { + get { return distributionPoint; } + } + + public ReasonFlags Reasons + { + get { return reasons; } + } + + public GeneralNames CrlIssuer + { + get { return cRLIssuer; } + } + + public override Asn1Object ToAsn1Object() + { + Asn1EncodableVector v = new Asn1EncodableVector(); + + // As this is a CHOICE it must be explicitly tagged + v.AddOptionalTagged(true, 0, distributionPoint); + + v.AddOptionalTagged(false, 1, reasons); + v.AddOptionalTagged(false, 2, cRLIssuer); + return new DerSequence(v); + } + + public override string ToString() + { + string sep = Platform.NewLine; + StringBuilder buf = new StringBuilder(); + buf.Append("DistributionPoint: ["); + buf.Append(sep); + if (distributionPoint != null) + { + appendObject(buf, sep, "distributionPoint", distributionPoint.ToString()); + } + if (reasons != null) + { + appendObject(buf, sep, "reasons", reasons.ToString()); + } + if (cRLIssuer != null) + { + appendObject(buf, sep, "cRLIssuer", cRLIssuer.ToString()); + } + buf.Append("]"); + buf.Append(sep); + return buf.ToString(); + } + + private void appendObject( + StringBuilder buf, + string sep, + string name, + string val) + { + string indent = " "; + + buf.Append(indent); + buf.Append(name); + buf.Append(":"); + buf.Append(sep); + buf.Append(indent); + buf.Append(indent); + buf.Append(val); + buf.Append(sep); + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/x509/DistributionPointName.cs b/BouncyCastle/crypto/src/asn1/x509/DistributionPointName.cs new file mode 100644 index 0000000..43fdaf5 --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/x509/DistributionPointName.cs @@ -0,0 +1,130 @@ +using System; +using System.Text; + +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Asn1.X509 +{ + /** + * The DistributionPointName object. + * 
+     * DistributionPointName ::= CHOICE {
+     *     fullName                 [0] GeneralNames,
+     *     nameRelativeToCRLIssuer  [1] RDN
+     * }
+     *
+ */ + public class DistributionPointName + : Asn1Encodable, IAsn1Choice + { + internal readonly Asn1Encodable name; + internal readonly int type; + + public const int FullName = 0; + public const int NameRelativeToCrlIssuer = 1; + + public static DistributionPointName GetInstance( + Asn1TaggedObject obj, + bool explicitly) + { + return GetInstance(Asn1TaggedObject.GetInstance(obj, true)); + } + + public static DistributionPointName GetInstance( + object obj) + { + if (obj == null || obj is DistributionPointName) + { + return (DistributionPointName) obj; + } + + if (obj is Asn1TaggedObject) + { + return new DistributionPointName((Asn1TaggedObject) obj); + } + + throw new ArgumentException("unknown object in factory: " + Platform.GetTypeName(obj), "obj"); + } + + public DistributionPointName( + int type, + Asn1Encodable name) + { + this.type = type; + this.name = name; + } + + public DistributionPointName( + GeneralNames name) + : this(FullName, name) + { + } + + public int PointType + { + get { return type; } + } + + public Asn1Encodable Name + { + get { return name; } + } + + public DistributionPointName( + Asn1TaggedObject obj) + { + this.type = obj.TagNo; + + if (type == FullName) + { + this.name = GeneralNames.GetInstance(obj, false); + } + else + { + this.name = Asn1Set.GetInstance(obj, false); + } + } + + public override Asn1Object ToAsn1Object() + { + return new DerTaggedObject(false, type, name); + } + + public override string ToString() + { + string sep = Platform.NewLine; + StringBuilder buf = new StringBuilder(); + buf.Append("DistributionPointName: ["); + buf.Append(sep); + if (type == FullName) + { + appendObject(buf, sep, "fullName", name.ToString()); + } + else + { + appendObject(buf, sep, "nameRelativeToCRLIssuer", name.ToString()); + } + buf.Append("]"); + buf.Append(sep); + return buf.ToString(); + } + + private void appendObject( + StringBuilder buf, + string sep, + string name, + string val) + { + string indent = " "; + + buf.Append(indent); + buf.Append(name); + buf.Append(":"); + buf.Append(sep); + buf.Append(indent); + buf.Append(indent); + buf.Append(val); + buf.Append(sep); + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/x509/ExtendedKeyUsage.cs b/BouncyCastle/crypto/src/asn1/x509/ExtendedKeyUsage.cs new file mode 100644 index 0000000..7e8c7a3 --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/x509/ExtendedKeyUsage.cs @@ -0,0 +1,127 @@ +using System; +using System.Collections; + +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Asn1.X509 +{ + /** + * The extendedKeyUsage object. + * 
+     *      extendedKeyUsage ::= Sequence SIZE (1..MAX) OF KeyPurposeId
+     *
+ */ + public class ExtendedKeyUsage + : Asn1Encodable + { + public static ExtendedKeyUsage GetInstance( + Asn1TaggedObject obj, + bool explicitly) + { + return GetInstance(Asn1Sequence.GetInstance(obj, explicitly)); + } + + public static ExtendedKeyUsage GetInstance( + object obj) + { + if (obj is ExtendedKeyUsage) + return (ExtendedKeyUsage)obj; + if (obj is X509Extension) + return GetInstance(X509Extension.ConvertValueToObject((X509Extension)obj)); + if (obj == null) + return null; + return new ExtendedKeyUsage(Asn1Sequence.GetInstance(obj)); + } + + public static ExtendedKeyUsage FromExtensions(X509Extensions extensions) + { + return GetInstance(X509Extensions.GetExtensionParsedValue(extensions, X509Extensions.ExtendedKeyUsage)); + } + + internal readonly IDictionary usageTable = Platform.CreateHashtable(); + internal readonly Asn1Sequence seq; + + private ExtendedKeyUsage( + Asn1Sequence seq) + { + this.seq = seq; + + foreach (Asn1Encodable element in seq) + { + DerObjectIdentifier oid = DerObjectIdentifier.GetInstance(element); + + this.usageTable[oid] = oid; + } + } + + public ExtendedKeyUsage( + params KeyPurposeID[] usages) + { + this.seq = new DerSequence(usages); + + foreach (KeyPurposeID usage in usages) + { + this.usageTable[usage] = usage; + } + } + +#if !(SILVERLIGHT || PORTABLE) + [Obsolete] + public ExtendedKeyUsage( + ArrayList usages) + : this((IEnumerable)usages) + { + } +#endif + + public ExtendedKeyUsage( + IEnumerable usages) + { + Asn1EncodableVector v = new Asn1EncodableVector(); + + foreach (object usage in usages) + { + DerObjectIdentifier oid = DerObjectIdentifier.GetInstance(usage); + + v.Add(oid); + this.usageTable[oid] = oid; + } + + this.seq = new DerSequence(v); + } + + public bool HasKeyPurposeId( + KeyPurposeID keyPurposeId) + { + return usageTable.Contains(keyPurposeId); + } + +#if !(SILVERLIGHT || PORTABLE) + [Obsolete("Use 'GetAllUsages'")] + public ArrayList GetUsages() + { + return new ArrayList(usageTable.Values); + } +#endif + + /** + * Returns all extended key usages. + * The returned ArrayList contains DerObjectIdentifier instances. + * @return An ArrayList with all key purposes. + */ + public IList GetAllUsages() + { + return Platform.CreateArrayList(usageTable.Values); + } + + public int Count + { + get { return usageTable.Count; } + } + + public override Asn1Object ToAsn1Object() + { + return seq; + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/x509/GeneralName.cs b/BouncyCastle/crypto/src/asn1/x509/GeneralName.cs new file mode 100644 index 0000000..fe00323 --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/x509/GeneralName.cs @@ -0,0 +1,422 @@ +using System; +using System.Collections; +using System.Globalization; +using System.IO; +using System.Text; + +using Org.BouncyCastle.Utilities; +using NetUtils = Org.BouncyCastle.Utilities.Net; + +namespace Org.BouncyCastle.Asn1.X509 +{ + /** + * The GeneralName object. + * 
+     * GeneralName ::= CHOICE {
+     *      otherName                       [0]     OtherName,
+     *      rfc822Name                      [1]     IA5String,
+     *      dNSName                         [2]     IA5String,
+     *      x400Address                     [3]     ORAddress,
+     *      directoryName                   [4]     Name,
+     *      ediPartyName                    [5]     EDIPartyName,
+     *      uniformResourceIdentifier       [6]     IA5String,
+     *      iPAddress                       [7]     OCTET STRING,
+     *      registeredID                    [8]     OBJECT IDENTIFIER}
+     *
+     * OtherName ::= Sequence {
+     *      type-id    OBJECT IDENTIFIER,
+     *      value      [0] EXPLICIT ANY DEFINED BY type-id }
+     *
+     * EDIPartyName ::= Sequence {
+     *      nameAssigner            [0]     DirectoryString OPTIONAL,
+     *      partyName               [1]     DirectoryString }
+     *
+ */ + public class GeneralName + : Asn1Encodable, IAsn1Choice + { + public const int OtherName = 0; + public const int Rfc822Name = 1; + public const int DnsName = 2; + public const int X400Address = 3; + public const int DirectoryName = 4; + public const int EdiPartyName = 5; + public const int UniformResourceIdentifier = 6; + public const int IPAddress = 7; + public const int RegisteredID = 8; + + internal readonly Asn1Encodable obj; + internal readonly int tag; + + public GeneralName( + X509Name directoryName) + { + this.obj = directoryName; + this.tag = 4; + } + + /** + * When the subjectAltName extension contains an Internet mail address, + * the address MUST be included as an rfc822Name. The format of an + * rfc822Name is an "addr-spec" as defined in RFC 822 [RFC 822]. + * + * When the subjectAltName extension contains a domain name service + * label, the domain name MUST be stored in the dNSName (an IA5String). + * The name MUST be in the "preferred name syntax," as specified by RFC + * 1034 [RFC 1034]. + * + * When the subjectAltName extension contains a URI, the name MUST be + * stored in the uniformResourceIdentifier (an IA5String). The name MUST + * be a non-relative URL, and MUST follow the URL syntax and encoding + * rules specified in [RFC 1738]. The name must include both a scheme + * (e.g., "http" or "ftp") and a scheme-specific-part. The scheme- + * specific-part must include a fully qualified domain name or IP + * address as the host. + * + * When the subjectAltName extension contains a iPAddress, the address + * MUST be stored in the octet string in "network byte order," as + * specified in RFC 791 [RFC 791]. The least significant bit (LSB) of + * each octet is the LSB of the corresponding byte in the network + * address. For IP Version 4, as specified in RFC 791, the octet string + * MUST contain exactly four octets. For IP Version 6, as specified in + * RFC 1883, the octet string MUST contain exactly sixteen octets [RFC + * 1883]. + */ + public GeneralName( + Asn1Object name, + int tag) + { + this.obj = name; + this.tag = tag; + } + + public GeneralName( + int tag, + Asn1Encodable name) + { + this.obj = name; + this.tag = tag; + } + + /** + * Create a GeneralName for the given tag from the passed in string. + *

+ * This constructor can handle: + *

    + *
  • rfc822Name
    • + *
  • iPAddress
    • + *
  • directoryName
    • + *
  • dNSName
    • + *
  • uniformResourceIdentifier
    • + *
  • registeredID
    • + *
+ * For x400Address, otherName and ediPartyName there is no common string + * format defined. + *

+ * Note: A directory name can be encoded in different ways into a byte + * representation. Be aware of this if the byte representation is used for + * comparing results. + *

+ * + * @param tag tag number + * @param name string representation of name + * @throws ArgumentException if the string encoding is not correct or + * not supported. + */ + public GeneralName( + int tag, + string name) + { + this.tag = tag; + + if (tag == Rfc822Name || tag == DnsName || tag == UniformResourceIdentifier) + { + this.obj = new DerIA5String(name); + } + else if (tag == RegisteredID) + { + this.obj = new DerObjectIdentifier(name); + } + else if (tag == DirectoryName) + { + this.obj = new X509Name(name); + } + else if (tag == IPAddress) + { + byte[] enc = toGeneralNameEncoding(name); + if (enc == null) + throw new ArgumentException("IP Address is invalid", "name"); + + this.obj = new DerOctetString(enc); + } + else + { + throw new ArgumentException("can't process string for tag: " + tag, "tag"); + } + } + + public static GeneralName GetInstance( + object obj) + { + if (obj == null || obj is GeneralName) + { + return (GeneralName) obj; + } + + if (obj is Asn1TaggedObject) + { + Asn1TaggedObject tagObj = (Asn1TaggedObject) obj; + int tag = tagObj.TagNo; + + switch (tag) + { + case EdiPartyName: + case OtherName: + case X400Address: + return new GeneralName(tag, Asn1Sequence.GetInstance(tagObj, false)); + + case DnsName: + case Rfc822Name: + case UniformResourceIdentifier: + return new GeneralName(tag, DerIA5String.GetInstance(tagObj, false)); + + case DirectoryName: + return new GeneralName(tag, X509Name.GetInstance(tagObj, true)); + case IPAddress: + return new GeneralName(tag, Asn1OctetString.GetInstance(tagObj, false)); + case RegisteredID: + return new GeneralName(tag, DerObjectIdentifier.GetInstance(tagObj, false)); + + default: + throw new ArgumentException("unknown tag: " + tag); + } + } + + if (obj is byte[]) + { + try + { + return GetInstance(Asn1Object.FromByteArray((byte[])obj)); + } + catch (IOException) + { + throw new ArgumentException("unable to parse encoded general name"); + } + } + + throw new ArgumentException("unknown object in GetInstance: " + Platform.GetTypeName(obj), "obj"); + } + + public static GeneralName GetInstance( + Asn1TaggedObject tagObj, + bool explicitly) + { + return GetInstance(Asn1TaggedObject.GetInstance(tagObj, true)); + } + + public int TagNo + { + get { return tag; } + } + + public Asn1Encodable Name + { + get { return obj; } + } + + public override string ToString() + { + StringBuilder buf = new StringBuilder(); + buf.Append(tag); + buf.Append(": "); + + switch (tag) + { + case Rfc822Name: + case DnsName: + case UniformResourceIdentifier: + buf.Append(DerIA5String.GetInstance(obj).GetString()); + break; + case DirectoryName: + buf.Append(X509Name.GetInstance(obj).ToString()); + break; + default: + buf.Append(obj.ToString()); + break; + } + + return buf.ToString(); + } + + private byte[] toGeneralNameEncoding( + string ip) + { + if (NetUtils.IPAddress.IsValidIPv6WithNetmask(ip) || NetUtils.IPAddress.IsValidIPv6(ip)) + { + int slashIndex = ip.IndexOf('/'); + + if (slashIndex < 0) + { + byte[] addr = new byte[16]; + int[] parsedIp = parseIPv6(ip); + copyInts(parsedIp, addr, 0); + + return addr; + } + else + { + byte[] addr = new byte[32]; + int[] parsedIp = parseIPv6(ip.Substring(0, slashIndex)); + copyInts(parsedIp, addr, 0); + string mask = ip.Substring(slashIndex + 1); + if (mask.IndexOf(':') > 0) + { + parsedIp = parseIPv6(mask); + } + else + { + parsedIp = parseMask(mask); + } + copyInts(parsedIp, addr, 16); + + return addr; + } + } + else if (NetUtils.IPAddress.IsValidIPv4WithNetmask(ip) || NetUtils.IPAddress.IsValidIPv4(ip)) + { + int slashIndex = ip.IndexOf('/'); + + if (slashIndex < 0) + { + byte[] addr = new byte[4]; + + parseIPv4(ip, addr, 0); + + return addr; + } + else + { + byte[] addr = new byte[8]; + + parseIPv4(ip.Substring(0, slashIndex), addr, 0); + + string mask = ip.Substring(slashIndex + 1); + if (mask.IndexOf('.') > 0) + { + parseIPv4(mask, addr, 4); + } + else + { + parseIPv4Mask(mask, addr, 4); + } + + return addr; + } + } + + return null; + } + + private void parseIPv4Mask(string mask, byte[] addr, int offset) + { + int maskVal = Int32.Parse(mask); + + for (int i = 0; i != maskVal; i++) + { + addr[(i / 8) + offset] |= (byte)(1 << (i % 8)); + } + } + + private void parseIPv4(string ip, byte[] addr, int offset) + { + foreach (string token in ip.Split('.', '/')) + { + addr[offset++] = (byte)Int32.Parse(token); + } + } + + private int[] parseMask(string mask) + { + int[] res = new int[8]; + int maskVal = Int32.Parse(mask); + + for (int i = 0; i != maskVal; i++) + { + res[i / 16] |= 1 << (i % 16); + } + return res; + } + + private void copyInts(int[] parsedIp, byte[] addr, int offSet) + { + for (int i = 0; i != parsedIp.Length; i++) + { + addr[(i * 2) + offSet] = (byte)(parsedIp[i] >> 8); + addr[(i * 2 + 1) + offSet] = (byte)parsedIp[i]; + } + } + + private int[] parseIPv6(string ip) + { + if (Platform.StartsWith(ip, "::")) + { + ip = ip.Substring(1); + } + else if (Platform.EndsWith(ip, "::")) + { + ip = ip.Substring(0, ip.Length - 1); + } + + IEnumerator sEnum = ip.Split(':').GetEnumerator(); + + int index = 0; + int[] val = new int[8]; + + int doubleColon = -1; + + while (sEnum.MoveNext()) + { + string e = (string) sEnum.Current; + + if (e.Length == 0) + { + doubleColon = index; + val[index++] = 0; + } + else + { + if (e.IndexOf('.') < 0) + { + val[index++] = Int32.Parse(e, NumberStyles.AllowHexSpecifier); + } + else + { + string[] tokens = e.Split('.'); + + val[index++] = (Int32.Parse(tokens[0]) << 8) | Int32.Parse(tokens[1]); + val[index++] = (Int32.Parse(tokens[2]) << 8) | Int32.Parse(tokens[3]); + } + } + } + + if (index != val.Length) + { + Array.Copy(val, doubleColon, val, val.Length - (index - doubleColon), index - doubleColon); + for (int i = doubleColon; i != val.Length - (index - doubleColon); i++) + { + val[i] = 0; + } + } + + return val; + } + + public override Asn1Object ToAsn1Object() + { + // directoryName is explicitly tagged as it is a CHOICE + bool isExplicit = (tag == DirectoryName); + + return new DerTaggedObject(isExplicit, tag, obj); + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/x509/GeneralNames.cs b/BouncyCastle/crypto/src/asn1/x509/GeneralNames.cs new file mode 100644 index 0000000..c105f3b --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/x509/GeneralNames.cs @@ -0,0 +1,96 @@ +using System; +using System.Text; + +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Asn1.X509 +{ + public class GeneralNames + : Asn1Encodable + { + private static GeneralName[] Copy(GeneralName[] names) + { + return (GeneralName[])names.Clone(); + } + + public static GeneralNames GetInstance(object obj) + { + if (obj is GeneralNames) + return (GeneralNames)obj; + if (obj == null) + return null; + return new GeneralNames(Asn1Sequence.GetInstance(obj)); + } + + public static GeneralNames GetInstance(Asn1TaggedObject obj, bool explicitly) + { + return GetInstance(Asn1Sequence.GetInstance(obj, explicitly)); + } + + public static GeneralNames FromExtensions(X509Extensions extensions, DerObjectIdentifier extOid) + { + return GetInstance(X509Extensions.GetExtensionParsedValue(extensions, extOid)); + } + + private readonly GeneralName[] names; + + /// Construct a GeneralNames object containing one GeneralName. + /// The name to be contained. + public GeneralNames( + GeneralName name) + { + names = new GeneralName[]{ name }; + } + + public GeneralNames( + GeneralName[] names) + { + this.names = Copy(names); + } + + private GeneralNames( + Asn1Sequence seq) + { + this.names = new GeneralName[seq.Count]; + + for (int i = 0; i != seq.Count; i++) + { + names[i] = GeneralName.GetInstance(seq[i]); + } + } + + public GeneralName[] GetNames() + { + return Copy(names); + } + + /** + * Produce an object suitable for an Asn1OutputStream. + * 
+		 * GeneralNames ::= Sequence SIZE {1..MAX} OF GeneralName
+		 *
+ */ + public override Asn1Object ToAsn1Object() + { + return new DerSequence(names); + } + + public override string ToString() + { + StringBuilder buf = new StringBuilder(); + string sep = Platform.NewLine; + + buf.Append("GeneralNames:"); + buf.Append(sep); + + foreach (GeneralName name in names) + { + buf.Append(" "); + buf.Append(name); + buf.Append(sep); + } + + return buf.ToString(); + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/x509/GeneralSubtree.cs b/BouncyCastle/crypto/src/asn1/x509/GeneralSubtree.cs new file mode 100644 index 0000000..7dbacd2 --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/x509/GeneralSubtree.cs @@ -0,0 +1,185 @@ +using System; + +using Org.BouncyCastle.Math; + +namespace Org.BouncyCastle.Asn1.X509 +{ + /** + * Class for containing a restriction object subtrees in NameConstraints. See + * RFC 3280. + * + * 
+	 *
+	 *       GeneralSubtree ::= SEQUENCE
+	 *       {
+	 *         baseName                    GeneralName,
+	 *         minimum         [0]     BaseDistance DEFAULT 0,
+	 *         maximum         [1]     BaseDistance OPTIONAL
+	 *       }
+	 *
+ * + * @see org.bouncycastle.asn1.x509.NameConstraints + * + */ + public class GeneralSubtree + : Asn1Encodable + { + private readonly GeneralName baseName; + private readonly DerInteger minimum; + private readonly DerInteger maximum; + + private GeneralSubtree( + Asn1Sequence seq) + { + baseName = GeneralName.GetInstance(seq[0]); + + switch (seq.Count) + { + case 1: + break; + case 2: + { + Asn1TaggedObject o = Asn1TaggedObject.GetInstance(seq[1]); + switch (o.TagNo) + { + case 0: + minimum = DerInteger.GetInstance(o, false); + break; + case 1: + maximum = DerInteger.GetInstance(o, false); + break; + default: + throw new ArgumentException("Bad tag number: " + o.TagNo); + } + break; + } + case 3: + { + { + Asn1TaggedObject oMin = Asn1TaggedObject.GetInstance(seq[1]); + if (oMin.TagNo != 0) + throw new ArgumentException("Bad tag number for 'minimum': " + oMin.TagNo); + minimum = DerInteger.GetInstance(oMin, false); + } + + { + Asn1TaggedObject oMax = Asn1TaggedObject.GetInstance(seq[2]); + if (oMax.TagNo != 1) + throw new ArgumentException("Bad tag number for 'maximum': " + oMax.TagNo); + maximum = DerInteger.GetInstance(oMax, false); + } + + break; + } + default: + throw new ArgumentException("Bad sequence size: " + seq.Count); + } + } + + /** + * Constructor from a given details. + * + * According RFC 3280, the minimum and maximum fields are not used with any + * name forms, thus minimum MUST be zero, and maximum MUST be absent. + *

+ * If minimum is null, zero is assumed, if + * maximum is null, maximum is absent.

+ * + * @param baseName + * A restriction. + * @param minimum + * Minimum + * + * @param maximum + * Maximum + */ + public GeneralSubtree( + GeneralName baseName, + BigInteger minimum, + BigInteger maximum) + { + this.baseName = baseName; + if (minimum != null) + { + this.minimum = new DerInteger(minimum); + } + if (maximum != null) + { + this.maximum = new DerInteger(maximum); + } + } + + public GeneralSubtree( + GeneralName baseName) + : this(baseName, null, null) + { + } + + public static GeneralSubtree GetInstance( + Asn1TaggedObject o, + bool isExplicit) + { + return new GeneralSubtree(Asn1Sequence.GetInstance(o, isExplicit)); + } + + public static GeneralSubtree GetInstance( + object obj) + { + if (obj == null) + { + return null; + } + + if (obj is GeneralSubtree) + { + return (GeneralSubtree) obj; + } + + return new GeneralSubtree(Asn1Sequence.GetInstance(obj)); + } + + public GeneralName Base + { + get { return baseName; } + } + + public BigInteger Minimum + { + get { return minimum == null ? BigInteger.Zero : minimum.Value; } + } + + public BigInteger Maximum + { + get { return maximum == null ? null : maximum.Value; } + } + + /** + * Produce an object suitable for an Asn1OutputStream. + * + * Returns: + * + * 
+		 *       GeneralSubtree ::= SEQUENCE
+		 *       {
+		 *         baseName                    GeneralName,
+		 *         minimum         [0]     BaseDistance DEFAULT 0,
+		 *         maximum         [1]     BaseDistance OPTIONAL
+		 *       }
+		 *
+ * + * @return a DERObject + */ + public override Asn1Object ToAsn1Object() + { + Asn1EncodableVector v = new Asn1EncodableVector(baseName); + + if (minimum != null && !minimum.HasValue(0)) + { + v.Add(new DerTaggedObject(false, 0, minimum)); + } + + v.AddOptionalTagged(false, 1, maximum); + return new DerSequence(v); + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/x509/Holder.cs b/BouncyCastle/crypto/src/asn1/x509/Holder.cs new file mode 100644 index 0000000..90df75a --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/x509/Holder.cs @@ -0,0 +1,246 @@ +using System; + +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Asn1.X509 +{ + /** + * The Holder object. + *

+ * For an v2 attribute certificate this is: + * + * 

+	 *            Holder ::= SEQUENCE {
+	 *                  baseCertificateID   [0] IssuerSerial OPTIONAL,
+	 *                           -- the issuer and serial number of
+	 *                           -- the holder's Public Key Certificate
+	 *                  entityName          [1] GeneralNames OPTIONAL,
+	 *                           -- the name of the claimant or role
+	 *                  objectDigestInfo    [2] ObjectDigestInfo OPTIONAL
+	 *                           -- used to directly authenticate the holder,
+	 *                           -- for example, an executable
+	 *            }
+	 *
+ *

+ *

+ * For an v1 attribute certificate this is: + * + * 

+	 *         subject CHOICE {
+	 *          baseCertificateID [0] EXPLICIT IssuerSerial,
+	 *          -- associated with a Public Key Certificate
+	 *          subjectName [1] EXPLICIT GeneralNames },
+	 *          -- associated with a name
+	 *
+ *

+ */ + public class Holder + : Asn1Encodable + { + internal readonly IssuerSerial baseCertificateID; + internal readonly GeneralNames entityName; + internal readonly ObjectDigestInfo objectDigestInfo; + private readonly int version; + + public static Holder GetInstance( + object obj) + { + if (obj is Holder) + { + return (Holder) obj; + } + + if (obj is Asn1Sequence) + { + return new Holder((Asn1Sequence) obj); + } + + if (obj is Asn1TaggedObject) + { + return new Holder((Asn1TaggedObject) obj); + } + + throw new ArgumentException("unknown object in factory: " + Platform.GetTypeName(obj), "obj"); + } + + /** + * Constructor for a holder for an v1 attribute certificate. + * + * @param tagObj The ASN.1 tagged holder object. + */ + public Holder( + Asn1TaggedObject tagObj) + { + switch (tagObj.TagNo) + { + case 0: + baseCertificateID = IssuerSerial.GetInstance(tagObj, true); + break; + case 1: + entityName = GeneralNames.GetInstance(tagObj, true); + break; + default: + throw new ArgumentException("unknown tag in Holder"); + } + + this.version = 0; + } + + /** + * Constructor for a holder for an v2 attribute certificate. * + * + * @param seq The ASN.1 sequence. + */ + private Holder( + Asn1Sequence seq) + { + if (seq.Count > 3) + throw new ArgumentException("Bad sequence size: " + seq.Count); + + for (int i = 0; i != seq.Count; i++) + { + Asn1TaggedObject tObj = Asn1TaggedObject.GetInstance(seq[i]); + + switch (tObj.TagNo) + { + case 0: + baseCertificateID = IssuerSerial.GetInstance(tObj, false); + break; + case 1: + entityName = GeneralNames.GetInstance(tObj, false); + break; + case 2: + objectDigestInfo = ObjectDigestInfo.GetInstance(tObj, false); + break; + default: + throw new ArgumentException("unknown tag in Holder"); + } + } + + this.version = 1; + } + + public Holder( + IssuerSerial baseCertificateID) + : this(baseCertificateID, 1) + { + } + + /** + * Constructs a holder from a IssuerSerial. + * @param baseCertificateID The IssuerSerial. + * @param version The version of the attribute certificate. + */ + public Holder( + IssuerSerial baseCertificateID, + int version) + { + this.baseCertificateID = baseCertificateID; + this.version = version; + } + + /** + * Returns 1 for v2 attribute certificates or 0 for v1 attribute + * certificates. + * @return The version of the attribute certificate. + */ + public int Version + { + get { return version; } + } + + /** + * Constructs a holder with an entityName for v2 attribute certificates or + * with a subjectName for v1 attribute certificates. + * + * @param entityName The entity or subject name. + */ + public Holder( + GeneralNames entityName) + : this(entityName, 1) + { + } + + /** + * Constructs a holder with an entityName for v2 attribute certificates or + * with a subjectName for v1 attribute certificates. + * + * @param entityName The entity or subject name. + * @param version The version of the attribute certificate. + */ + public Holder( + GeneralNames entityName, + int version) + { + this.entityName = entityName; + this.version = version; + } + + /** + * Constructs a holder from an object digest info. + * + * @param objectDigestInfo The object digest info object. + */ + public Holder( + ObjectDigestInfo objectDigestInfo) + { + this.objectDigestInfo = objectDigestInfo; + this.version = 1; + } + + public IssuerSerial BaseCertificateID + { + get { return baseCertificateID; } + } + + /** + * Returns the entityName for an v2 attribute certificate or the subjectName + * for an v1 attribute certificate. + * + * @return The entityname or subjectname. + */ + public GeneralNames EntityName + { + get { return entityName; } + } + + public ObjectDigestInfo ObjectDigestInfo + { + get { return objectDigestInfo; } + } + + /** + * The Holder object. + * 
+         *  Holder ::= Sequence {
+         *        baseCertificateID   [0] IssuerSerial OPTIONAL,
+         *                 -- the issuer and serial number of
+         *                 -- the holder's Public Key Certificate
+         *        entityName          [1] GeneralNames OPTIONAL,
+         *                 -- the name of the claimant or role
+         *        objectDigestInfo    [2] ObjectDigestInfo OPTIONAL
+         *                 -- used to directly authenticate the holder,
+         *                 -- for example, an executable
+         *  }
+         *
+ */ + public override Asn1Object ToAsn1Object() + { + if (version == 1) + { + Asn1EncodableVector v = new Asn1EncodableVector(3); + v.AddOptionalTagged(false, 0, baseCertificateID); + v.AddOptionalTagged(false, 1, entityName); + v.AddOptionalTagged(false, 2, objectDigestInfo); + return new DerSequence(v); + } + + if (entityName != null) + { + return new DerTaggedObject(true, 1, entityName); + } + + return new DerTaggedObject(true, 0, baseCertificateID); + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/x509/IetfAttrSyntax.cs b/BouncyCastle/crypto/src/asn1/x509/IetfAttrSyntax.cs new file mode 100644 index 0000000..05313b1 --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/x509/IetfAttrSyntax.cs @@ -0,0 +1,155 @@ +using System; +using System.Collections; + +using Org.BouncyCastle.Asn1; + +namespace Org.BouncyCastle.Asn1.X509 +{ + /** + * Implementation of IetfAttrSyntax as specified by RFC3281. + */ + public class IetfAttrSyntax + : Asn1Encodable + { + public const int ValueOctets = 1; + public const int ValueOid = 2; + public const int ValueUtf8 = 3; + + internal readonly GeneralNames policyAuthority; + internal readonly Asn1EncodableVector values = new Asn1EncodableVector(); + + internal int valueChoice = -1; + + /** + * + */ + public IetfAttrSyntax( + Asn1Sequence seq) + { + int i = 0; + + if (seq[0] is Asn1TaggedObject) + { + policyAuthority = GeneralNames.GetInstance(((Asn1TaggedObject)seq[0]), false); + i++; + } + else if (seq.Count == 2) + { // VOMS fix + policyAuthority = GeneralNames.GetInstance(seq[0]); + i++; + } + + if (!(seq[i] is Asn1Sequence)) + { + throw new ArgumentException("Non-IetfAttrSyntax encoding"); + } + + seq = (Asn1Sequence) seq[i]; + + foreach (Asn1Object obj in seq) + { + int type; + + if (obj is DerObjectIdentifier) + { + type = ValueOid; + } + else if (obj is DerUtf8String) + { + type = ValueUtf8; + } + else if (obj is DerOctetString) + { + type = ValueOctets; + } + else + { + throw new ArgumentException("Bad value type encoding IetfAttrSyntax"); + } + + if (valueChoice < 0) + { + valueChoice = type; + } + + if (type != valueChoice) + { + throw new ArgumentException("Mix of value types in IetfAttrSyntax"); + } + + values.Add(obj); + } + } + + public GeneralNames PolicyAuthority + { + get { return policyAuthority; } + } + + public int ValueType + { + get { return valueChoice; } + } + + public object[] GetValues() + { + if (this.ValueType == ValueOctets) + { + Asn1OctetString[] tmp = new Asn1OctetString[values.Count]; + + for (int i = 0; i != tmp.Length; i++) + { + tmp[i] = (Asn1OctetString) values[i]; + } + + return tmp; + } + + if (this.ValueType == ValueOid) + { + DerObjectIdentifier[] tmp = new DerObjectIdentifier[values.Count]; + + for (int i = 0; i != tmp.Length; i++) + { + tmp[i] = (DerObjectIdentifier) values[i]; + } + + return tmp; + } + + { + DerUtf8String[] tmp = new DerUtf8String[values.Count]; + + for (int i = 0; i != tmp.Length; i++) + { + tmp[i] = (DerUtf8String) values[i]; + } + + return tmp; + } + } + + /** + * + * 
+         *
+         *  IetfAttrSyntax ::= Sequence {
+         *    policyAuthority [0] GeneralNames OPTIONAL,
+         *    values Sequence OF CHOICE {
+         *      octets OCTET STRING,
+         *      oid OBJECT IDENTIFIER,
+         *      string UTF8String
+         *    }
+         *  }
+         *
+         *
+ */ + public override Asn1Object ToAsn1Object() + { + Asn1EncodableVector v = new Asn1EncodableVector(); + v.AddOptionalTagged(true, 0, policyAuthority); + v.Add(new DerSequence(values)); + return new DerSequence(v); + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/x509/IssuerSerial.cs b/BouncyCastle/crypto/src/asn1/x509/IssuerSerial.cs new file mode 100644 index 0000000..2c26339 --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/x509/IssuerSerial.cs @@ -0,0 +1,94 @@ +using System; + +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Asn1.X509 +{ + public class IssuerSerial + : Asn1Encodable + { + internal readonly GeneralNames issuer; + internal readonly DerInteger serial; + internal readonly DerBitString issuerUid; + + public static IssuerSerial GetInstance( + object obj) + { + if (obj == null || obj is IssuerSerial) + { + return (IssuerSerial) obj; + } + + if (obj is Asn1Sequence) + { + return new IssuerSerial((Asn1Sequence) obj); + } + + throw new ArgumentException("unknown object in factory: " + Platform.GetTypeName(obj), "obj"); + } + + public static IssuerSerial GetInstance( + Asn1TaggedObject obj, + bool explicitly) + { + return GetInstance(Asn1Sequence.GetInstance(obj, explicitly)); + } + + private IssuerSerial( + Asn1Sequence seq) + { + if (seq.Count != 2 && seq.Count != 3) + { + throw new ArgumentException("Bad sequence size: " + seq.Count); + } + + issuer = GeneralNames.GetInstance(seq[0]); + serial = DerInteger.GetInstance(seq[1]); + + if (seq.Count == 3) + { + issuerUid = DerBitString.GetInstance(seq[2]); + } + } + + public IssuerSerial( + GeneralNames issuer, + DerInteger serial) + { + this.issuer = issuer; + this.serial = serial; + } + + public GeneralNames Issuer + { + get { return issuer; } + } + + public DerInteger Serial + { + get { return serial; } + } + + public DerBitString IssuerUid + { + get { return issuerUid; } + } + + /** + * Produce an object suitable for an Asn1OutputStream. + * 
+         *  IssuerSerial  ::=  Sequence {
+         *       issuer         GeneralNames,
+         *       serial         CertificateSerialNumber,
+         *       issuerUid      UniqueIdentifier OPTIONAL
+         *  }
+         *
+ */ + public override Asn1Object ToAsn1Object() + { + Asn1EncodableVector v = new Asn1EncodableVector(issuer, serial); + v.AddOptional(issuerUid); + return new DerSequence(v); + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/x509/IssuingDistributionPoint.cs b/BouncyCastle/crypto/src/asn1/x509/IssuingDistributionPoint.cs new file mode 100644 index 0000000..8e9362b --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/x509/IssuingDistributionPoint.cs @@ -0,0 +1,247 @@ +using System; +using System.Text; + +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Asn1.X509 +{ + /** + * 
+	 * IssuingDistributionPoint ::= SEQUENCE { 
+	 *   distributionPoint          [0] DistributionPointName OPTIONAL, 
+	 *   onlyContainsUserCerts      [1] BOOLEAN DEFAULT FALSE, 
+	 *   onlyContainsCACerts        [2] BOOLEAN DEFAULT FALSE, 
+	 *   onlySomeReasons            [3] ReasonFlags OPTIONAL, 
+	 *   indirectCRL                [4] BOOLEAN DEFAULT FALSE,
+	 *   onlyContainsAttributeCerts [5] BOOLEAN DEFAULT FALSE }
+	 *
+ */ + public class IssuingDistributionPoint + : Asn1Encodable + { + private readonly DistributionPointName _distributionPoint; + private readonly bool _onlyContainsUserCerts; + private readonly bool _onlyContainsCACerts; + private readonly ReasonFlags _onlySomeReasons; + private readonly bool _indirectCRL; + private readonly bool _onlyContainsAttributeCerts; + + private readonly Asn1Sequence seq; + + public static IssuingDistributionPoint GetInstance( + Asn1TaggedObject obj, + bool explicitly) + { + return GetInstance(Asn1Sequence.GetInstance(obj, explicitly)); + } + + public static IssuingDistributionPoint GetInstance( + object obj) + { + if (obj == null || obj is IssuingDistributionPoint) + { + return (IssuingDistributionPoint) obj; + } + + if (obj is Asn1Sequence) + { + return new IssuingDistributionPoint((Asn1Sequence) obj); + } + + throw new ArgumentException("unknown object in factory: " + Platform.GetTypeName(obj), "obj"); + } + + /** + * Constructor from given details. + * + * @param distributionPoint + * May contain an URI as pointer to most current CRL. + * @param onlyContainsUserCerts Covers revocation information for end certificates. + * @param onlyContainsCACerts Covers revocation information for CA certificates. + * + * @param onlySomeReasons + * Which revocation reasons does this point cover. + * @param indirectCRL + * If true then the CRL contains revocation + * information about certificates ssued by other CAs. + * @param onlyContainsAttributeCerts Covers revocation information for attribute certificates. + */ + public IssuingDistributionPoint( + DistributionPointName distributionPoint, + bool onlyContainsUserCerts, + bool onlyContainsCACerts, + ReasonFlags onlySomeReasons, + bool indirectCRL, + bool onlyContainsAttributeCerts) + { + this._distributionPoint = distributionPoint; + this._indirectCRL = indirectCRL; + this._onlyContainsAttributeCerts = onlyContainsAttributeCerts; + this._onlyContainsCACerts = onlyContainsCACerts; + this._onlyContainsUserCerts = onlyContainsUserCerts; + this._onlySomeReasons = onlySomeReasons; + + Asn1EncodableVector vec = new Asn1EncodableVector(); + if (distributionPoint != null) + { // CHOICE item so explicitly tagged + vec.Add(new DerTaggedObject(true, 0, distributionPoint)); + } + if (onlyContainsUserCerts) + { + vec.Add(new DerTaggedObject(false, 1, DerBoolean.True)); + } + if (onlyContainsCACerts) + { + vec.Add(new DerTaggedObject(false, 2, DerBoolean.True)); + } + if (onlySomeReasons != null) + { + vec.Add(new DerTaggedObject(false, 3, onlySomeReasons)); + } + if (indirectCRL) + { + vec.Add(new DerTaggedObject(false, 4, DerBoolean.True)); + } + if (onlyContainsAttributeCerts) + { + vec.Add(new DerTaggedObject(false, 5, DerBoolean.True)); + } + + seq = new DerSequence(vec); + } + + /** + * Constructor from Asn1Sequence + */ + private IssuingDistributionPoint( + Asn1Sequence seq) + { + this.seq = seq; + + for (int i = 0; i != seq.Count; i++) + { + Asn1TaggedObject o = Asn1TaggedObject.GetInstance(seq[i]); + + switch (o.TagNo) + { + case 0: + // CHOICE so explicit + _distributionPoint = DistributionPointName.GetInstance(o, true); + break; + case 1: + _onlyContainsUserCerts = DerBoolean.GetInstance(o, false).IsTrue; + break; + case 2: + _onlyContainsCACerts = DerBoolean.GetInstance(o, false).IsTrue; + break; + case 3: + _onlySomeReasons = new ReasonFlags(ReasonFlags.GetInstance(o, false)); + break; + case 4: + _indirectCRL = DerBoolean.GetInstance(o, false).IsTrue; + break; + case 5: + _onlyContainsAttributeCerts = DerBoolean.GetInstance(o, false).IsTrue; + break; + default: + throw new ArgumentException("unknown tag in IssuingDistributionPoint"); + } + } + } + + public bool OnlyContainsUserCerts + { + get { return _onlyContainsUserCerts; } + } + + public bool OnlyContainsCACerts + { + get { return _onlyContainsCACerts; } + } + + public bool IsIndirectCrl + { + get { return _indirectCRL; } + } + + public bool OnlyContainsAttributeCerts + { + get { return _onlyContainsAttributeCerts; } + } + + /** + * @return Returns the distributionPoint. + */ + public DistributionPointName DistributionPoint + { + get { return _distributionPoint; } + } + + /** + * @return Returns the onlySomeReasons. + */ + public ReasonFlags OnlySomeReasons + { + get { return _onlySomeReasons; } + } + + public override Asn1Object ToAsn1Object() + { + return seq; + } + + public override string ToString() + { + string sep = Platform.NewLine; + StringBuilder buf = new StringBuilder(); + + buf.Append("IssuingDistributionPoint: ["); + buf.Append(sep); + if (_distributionPoint != null) + { + appendObject(buf, sep, "distributionPoint", _distributionPoint.ToString()); + } + if (_onlyContainsUserCerts) + { + appendObject(buf, sep, "onlyContainsUserCerts", _onlyContainsUserCerts.ToString()); + } + if (_onlyContainsCACerts) + { + appendObject(buf, sep, "onlyContainsCACerts", _onlyContainsCACerts.ToString()); + } + if (_onlySomeReasons != null) + { + appendObject(buf, sep, "onlySomeReasons", _onlySomeReasons.ToString()); + } + if (_onlyContainsAttributeCerts) + { + appendObject(buf, sep, "onlyContainsAttributeCerts", _onlyContainsAttributeCerts.ToString()); + } + if (_indirectCRL) + { + appendObject(buf, sep, "indirectCRL", _indirectCRL.ToString()); + } + buf.Append("]"); + buf.Append(sep); + return buf.ToString(); + } + + private void appendObject( + StringBuilder buf, + string sep, + string name, + string val) + { + string indent = " "; + + buf.Append(indent); + buf.Append(name); + buf.Append(":"); + buf.Append(sep); + buf.Append(indent); + buf.Append(indent); + buf.Append(val); + buf.Append(sep); + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/x509/KeyPurposeId.cs b/BouncyCastle/crypto/src/asn1/x509/KeyPurposeId.cs new file mode 100644 index 0000000..1a564b9 --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/x509/KeyPurposeId.cs @@ -0,0 +1,38 @@ +namespace Org.BouncyCastle.Asn1.X509 +{ + /** + * The KeyPurposeID object. + * 
+     *     KeyPurposeID ::= OBJECT IDENTIFIER
+     *
+ */ + public sealed class KeyPurposeID + : DerObjectIdentifier + { + private const string IdKP = "1.3.6.1.5.5.7.3"; + + private KeyPurposeID( + string id) + : base(id) + { + } + + public static readonly KeyPurposeID AnyExtendedKeyUsage = new KeyPurposeID(X509Extensions.ExtendedKeyUsage.Id + ".0"); + public static readonly KeyPurposeID IdKPServerAuth = new KeyPurposeID(IdKP + ".1"); + public static readonly KeyPurposeID IdKPClientAuth = new KeyPurposeID(IdKP + ".2"); + public static readonly KeyPurposeID IdKPCodeSigning = new KeyPurposeID(IdKP + ".3"); + public static readonly KeyPurposeID IdKPEmailProtection = new KeyPurposeID(IdKP + ".4"); + public static readonly KeyPurposeID IdKPIpsecEndSystem = new KeyPurposeID(IdKP + ".5"); + public static readonly KeyPurposeID IdKPIpsecTunnel = new KeyPurposeID(IdKP + ".6"); + public static readonly KeyPurposeID IdKPIpsecUser = new KeyPurposeID(IdKP + ".7"); + public static readonly KeyPurposeID IdKPTimeStamping = new KeyPurposeID(IdKP + ".8"); + public static readonly KeyPurposeID IdKPOcspSigning = new KeyPurposeID(IdKP + ".9"); + + // + // microsoft key purpose ids + // + public static readonly KeyPurposeID IdKPSmartCardLogon = new KeyPurposeID("1.3.6.1.4.1.311.20.2.2"); + + public static readonly KeyPurposeID IdKPMacAddress = new KeyPurposeID("1.3.6.1.1.1.1.22"); + } +} diff --git a/BouncyCastle/crypto/src/asn1/x509/KeyUsage.cs b/BouncyCastle/crypto/src/asn1/x509/KeyUsage.cs new file mode 100644 index 0000000..b31b543 --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/x509/KeyUsage.cs @@ -0,0 +1,78 @@ +namespace Org.BouncyCastle.Asn1.X509 +{ + /** + * The KeyUsage object. + * 
+     *    id-ce-keyUsage OBJECT IDENTIFIER ::=  { id-ce 15 }
+     *
+     *    KeyUsage ::= BIT STRING {
+     *         digitalSignature        (0),
+     *         nonRepudiation          (1),
+     *         keyEncipherment         (2),
+     *         dataEncipherment        (3),
+     *         keyAgreement            (4),
+     *         keyCertSign             (5),
+     *         cRLSign                 (6),
+     *         encipherOnly            (7),
+     *         decipherOnly            (8) }
+     *
+ */ + public class KeyUsage + : DerBitString + { + public const int DigitalSignature = (1 << 7); + public const int NonRepudiation = (1 << 6); + public const int KeyEncipherment = (1 << 5); + public const int DataEncipherment = (1 << 4); + public const int KeyAgreement = (1 << 3); + public const int KeyCertSign = (1 << 2); + public const int CrlSign = (1 << 1); + public const int EncipherOnly = (1 << 0); + public const int DecipherOnly = (1 << 15); + + public static new KeyUsage GetInstance(object obj) + { + if (obj is KeyUsage) + return (KeyUsage)obj; + if (obj is X509Extension) + return GetInstance(X509Extension.ConvertValueToObject((X509Extension)obj)); + if (obj == null) + return null; + return new KeyUsage(DerBitString.GetInstance(obj)); + } + + public static KeyUsage FromExtensions(X509Extensions extensions) + { + return GetInstance(X509Extensions.GetExtensionParsedValue(extensions, X509Extensions.KeyUsage)); + } + + /** + * Basic constructor. + * + * @param usage - the bitwise OR of the Key Usage flags giving the + * allowed uses for the key. + * e.g. (KeyUsage.keyEncipherment | KeyUsage.dataEncipherment) + */ + public KeyUsage(int usage) + : base(usage) + { + } + + private KeyUsage( + DerBitString usage) + : base(usage.GetBytes(), usage.PadBits) + { + } + + public override string ToString() + { + byte[] data = GetBytes(); + if (data.Length == 1) + { + return "KeyUsage: 0x" + (data[0] & 0xff).ToString("X"); + } + + return "KeyUsage: 0x" + ((data[1] & 0xff) << 8 | (data[0] & 0xff)).ToString("X"); + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/x509/NameConstraints.cs b/BouncyCastle/crypto/src/asn1/x509/NameConstraints.cs new file mode 100644 index 0000000..b8cc7c0 --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/x509/NameConstraints.cs @@ -0,0 +1,111 @@ +using System; +using System.Collections; + +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Asn1.X509 +{ + public class NameConstraints + : Asn1Encodable + { + private Asn1Sequence permitted, excluded; + + public static NameConstraints GetInstance( + object obj) + { + if (obj == null || obj is NameConstraints) + { + return (NameConstraints) obj; + } + + if (obj is Asn1Sequence) + { + return new NameConstraints((Asn1Sequence) obj); + } + + throw new ArgumentException("unknown object in factory: " + Platform.GetTypeName(obj), "obj"); + } + + public NameConstraints( + Asn1Sequence seq) + { + foreach (Asn1TaggedObject o in seq) + { + switch (o.TagNo) + { + case 0: + permitted = Asn1Sequence.GetInstance(o, false); + break; + case 1: + excluded = Asn1Sequence.GetInstance(o, false); + break; + } + } + } + +#if !(SILVERLIGHT || PORTABLE) + public NameConstraints( + ArrayList permitted, + ArrayList excluded) + : this((IList)permitted, (IList)excluded) + { + } +#endif + + /** + * Constructor from a given details. + * + *

permitted and excluded are Vectors of GeneralSubtree objects.

+ * + * @param permitted Permitted subtrees + * @param excluded Excluded subtrees + */ + public NameConstraints( + IList permitted, + IList excluded) + { + if (permitted != null) + { + this.permitted = CreateSequence(permitted); + } + + if (excluded != null) + { + this.excluded = CreateSequence(excluded); + } + } + + private DerSequence CreateSequence( + IList subtrees) + { + GeneralSubtree[] gsts = new GeneralSubtree[subtrees.Count]; + for (int i = 0; i < subtrees.Count; ++i) + { + gsts[i] = (GeneralSubtree)subtrees[i]; + } + return new DerSequence(gsts); + } + + public Asn1Sequence PermittedSubtrees + { + get { return permitted; } + } + + public Asn1Sequence ExcludedSubtrees + { + get { return excluded; } + } + + /* + * NameConstraints ::= SEQUENCE { permittedSubtrees [0] GeneralSubtrees + * OPTIONAL, excludedSubtrees [1] GeneralSubtrees OPTIONAL } + */ + public override Asn1Object ToAsn1Object() + { + Asn1EncodableVector v = new Asn1EncodableVector(); + v.AddOptionalTagged(false, 0, permitted); + v.AddOptionalTagged(false, 1, excluded); + return new DerSequence(v); + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/x509/NoticeReference.cs b/BouncyCastle/crypto/src/asn1/x509/NoticeReference.cs new file mode 100644 index 0000000..f0d3a7b --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/x509/NoticeReference.cs @@ -0,0 +1,143 @@ +using System; +using System.Collections; + +using Org.BouncyCastle.Math; + +namespace Org.BouncyCastle.Asn1.X509 +{ + /** + * NoticeReference class, used in + * CertificatePolicies X509 V3 extensions + * (in policy qualifiers). + * + * 
+     *  NoticeReference ::= Sequence {
+     *      organization     DisplayText,
+     *      noticeNumbers    Sequence OF Integer }
+     *
+     *
+ * + * @see PolicyQualifierInfo + * @see PolicyInformation + */ + public class NoticeReference + : Asn1Encodable + { + private readonly DisplayText organization; + private readonly Asn1Sequence noticeNumbers; + + private static Asn1EncodableVector ConvertVector(IList numbers) + { + Asn1EncodableVector av = new Asn1EncodableVector(); + + foreach (object o in numbers) + { + DerInteger di; + + if (o is BigInteger) + { + di = new DerInteger((BigInteger)o); + } + else if (o is int) + { + di = new DerInteger((int)o); + } + else + { + throw new ArgumentException(); + } + + av.Add(di); + } + return av; + } + + /** + * Creates a new NoticeReference instance. + * + * @param organization a String value + * @param numbers a Vector value + */ + public NoticeReference(string organization, IList numbers) + : this(organization, ConvertVector(numbers)) + { + } + + /** + * Creates a new NoticeReference instance. + * + * @param organization a String value + * @param noticeNumbers an ASN1EncodableVector value + */ + public NoticeReference(string organization, Asn1EncodableVector noticeNumbers) + : this(new DisplayText(organization), noticeNumbers) + { + } + + /** + * Creates a new NoticeReference instance. + * + * @param organization displayText + * @param noticeNumbers an ASN1EncodableVector value + */ + public NoticeReference(DisplayText organization, Asn1EncodableVector noticeNumbers) + { + this.organization = organization; + this.noticeNumbers = new DerSequence(noticeNumbers); + } + + /** + * Creates a new NoticeReference instance. + *

Useful for reconstructing a NoticeReference + * instance from its encodable/encoded form.

+ * + * @param as an Asn1Sequence value obtained from either + * calling @{link ToAsn1Object()} for a NoticeReference + * instance or from parsing it from a Der-encoded stream. + */ + private NoticeReference(Asn1Sequence seq) + { + if (seq.Count != 2) + throw new ArgumentException("Bad sequence size: " + seq.Count, "seq"); + + organization = DisplayText.GetInstance(seq[0]); + noticeNumbers = Asn1Sequence.GetInstance(seq[1]); + } + + public static NoticeReference GetInstance(object obj) + { + if (obj is NoticeReference) + return (NoticeReference)obj; + if (obj == null) + return null; + return new NoticeReference(Asn1Sequence.GetInstance(obj)); + } + + public virtual DisplayText Organization + { + get { return organization; } + } + + public virtual DerInteger[] GetNoticeNumbers() + { + DerInteger[] tmp = new DerInteger[noticeNumbers.Count]; + + for (int i = 0; i != noticeNumbers.Count; ++i) + { + tmp[i] = DerInteger.GetInstance(noticeNumbers[i]); + } + + return tmp; + } + + /** + * Describe ToAsn1Object method here. + * + * @return a Asn1Object value + */ + public override Asn1Object ToAsn1Object() + { + return new DerSequence(organization, noticeNumbers); + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/x509/ObjectDigestInfo.cs b/BouncyCastle/crypto/src/asn1/x509/ObjectDigestInfo.cs new file mode 100644 index 0000000..190243c --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/x509/ObjectDigestInfo.cs @@ -0,0 +1,173 @@ +using System; + +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Asn1.X509 +{ + /** + * ObjectDigestInfo ASN.1 structure used in v2 attribute certificates. + * + * 
+	 *  
+	 *    ObjectDigestInfo ::= SEQUENCE {
+	 *         digestedObjectType  ENUMERATED {
+	 *                 publicKey            (0),
+	 *                 publicKeyCert        (1),
+	 *                 otherObjectTypes     (2) },
+	 *                         -- otherObjectTypes MUST NOT
+	 *                         -- be used in this profile
+	 *         otherObjectTypeID   OBJECT IDENTIFIER OPTIONAL,
+	 *         digestAlgorithm     AlgorithmIdentifier,
+	 *         objectDigest        BIT STRING
+	 *    }
+	 *   
+	 *
+ * + */ + public class ObjectDigestInfo + : Asn1Encodable + { + /** + * The public key is hashed. + */ + public const int PublicKey = 0; + + /** + * The public key certificate is hashed. + */ + public const int PublicKeyCert = 1; + + /** + * An other object is hashed. + */ + public const int OtherObjectDigest = 2; + + internal readonly DerEnumerated digestedObjectType; + internal readonly DerObjectIdentifier otherObjectTypeID; + internal readonly AlgorithmIdentifier digestAlgorithm; + internal readonly DerBitString objectDigest; + + public static ObjectDigestInfo GetInstance( + object obj) + { + if (obj == null || obj is ObjectDigestInfo) + { + return (ObjectDigestInfo) obj; + } + + if (obj is Asn1Sequence) + { + return new ObjectDigestInfo((Asn1Sequence) obj); + } + + throw new ArgumentException("unknown object in factory: " + Platform.GetTypeName(obj), "obj"); + } + + public static ObjectDigestInfo GetInstance( + Asn1TaggedObject obj, + bool isExplicit) + { + return GetInstance(Asn1Sequence.GetInstance(obj, isExplicit)); + } + + /** + * Constructor from given details. + *

+ * If digestedObjectType is not {@link #publicKeyCert} or + * {@link #publicKey} otherObjectTypeID must be given, + * otherwise it is ignored.

+ * + * @param digestedObjectType The digest object type. + * @param otherObjectTypeID The object type ID for + * otherObjectDigest. + * @param digestAlgorithm The algorithm identifier for the hash. + * @param objectDigest The hash value. + */ + public ObjectDigestInfo( + int digestedObjectType, + string otherObjectTypeID, + AlgorithmIdentifier digestAlgorithm, + byte[] objectDigest) + { + this.digestedObjectType = new DerEnumerated(digestedObjectType); + + if (digestedObjectType == OtherObjectDigest) + { + this.otherObjectTypeID = new DerObjectIdentifier(otherObjectTypeID); + } + + this.digestAlgorithm = digestAlgorithm; + + this.objectDigest = new DerBitString(objectDigest); + } + + private ObjectDigestInfo( + Asn1Sequence seq) + { + if (seq.Count > 4 || seq.Count < 3) + { + throw new ArgumentException("Bad sequence size: " + seq.Count); + } + + digestedObjectType = DerEnumerated.GetInstance(seq[0]); + + int offset = 0; + + if (seq.Count == 4) + { + otherObjectTypeID = DerObjectIdentifier.GetInstance(seq[1]); + offset++; + } + + digestAlgorithm = AlgorithmIdentifier.GetInstance(seq[1 + offset]); + objectDigest = DerBitString.GetInstance(seq[2 + offset]); + } + + public DerEnumerated DigestedObjectType + { + get { return digestedObjectType; } + } + + public DerObjectIdentifier OtherObjectTypeID + { + get { return otherObjectTypeID; } + } + + public AlgorithmIdentifier DigestAlgorithm + { + get { return digestAlgorithm; } + } + + public DerBitString ObjectDigest + { + get { return objectDigest; } + } + + /** + * Produce an object suitable for an Asn1OutputStream. + * + * 
+		 *  
+		 *    ObjectDigestInfo ::= SEQUENCE {
+		 *         digestedObjectType  ENUMERATED {
+		 *                 publicKey            (0),
+		 *                 publicKeyCert        (1),
+		 *                 otherObjectTypes     (2) },
+		 *                         -- otherObjectTypes MUST NOT
+		 *                         -- be used in this profile
+		 *         otherObjectTypeID   OBJECT IDENTIFIER OPTIONAL,
+		 *         digestAlgorithm     AlgorithmIdentifier,
+		 *         objectDigest        BIT STRING
+		 *    }
+		 *   
+		 *
+ */ + public override Asn1Object ToAsn1Object() + { + Asn1EncodableVector v = new Asn1EncodableVector(digestedObjectType); + v.AddOptional(otherObjectTypeID); + v.Add(digestAlgorithm, objectDigest); + return new DerSequence(v); + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/x509/OtherName.cs b/BouncyCastle/crypto/src/asn1/x509/OtherName.cs new file mode 100644 index 0000000..3e6a614 --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/x509/OtherName.cs @@ -0,0 +1,71 @@ +using System; + +namespace Org.BouncyCastle.Asn1.X509 +{ + /** + * The OtherName object. + * 
+     * OtherName ::= SEQUENCE {
+     *      type-id    OBJECT IDENTIFIER,
+     *      value      [0] EXPLICIT ANY DEFINED BY type-id }
+     *
+ */ + public class OtherName + : Asn1Encodable + { + private readonly DerObjectIdentifier typeID; + private readonly Asn1Encodable value; + + /** + * OtherName factory method. + * @param obj the object used to construct an instance of + * OtherName. It must be an instance of OtherName + * or ASN1Sequence. + * @return the instance of OtherName built from the + * supplied object. + * @throws java.lang.IllegalArgumentException if the object passed + * to the factory is not an instance of OtherName or something that + * can be converted into an appropriate ASN1Sequence. + */ + public static OtherName GetInstance(object obj) + { + if (obj is OtherName) + return (OtherName)obj; + if (obj == null) + return null; + return new OtherName(Asn1Sequence.GetInstance(obj)); + } + + /** + * Base constructor. + * @param typeID the type of the other name. + * @param value the ANY object that represents the value. + */ + public OtherName(DerObjectIdentifier typeID, Asn1Encodable value) + { + this.typeID = typeID; + this.value = value; + } + + private OtherName(Asn1Sequence seq) + { + this.typeID = DerObjectIdentifier.GetInstance(seq[0]); + this.value = DerTaggedObject.GetInstance(seq[1]).GetObject(); // explicitly tagged + } + + public virtual DerObjectIdentifier TypeID + { + get { return typeID; } + } + + public Asn1Encodable Value + { + get { return value; } + } + + public override Asn1Object ToAsn1Object() + { + return new DerSequence(typeID, new DerTaggedObject(true, 0, value)); + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/x509/PolicyInformation.cs b/BouncyCastle/crypto/src/asn1/x509/PolicyInformation.cs new file mode 100644 index 0000000..90db29a --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/x509/PolicyInformation.cs @@ -0,0 +1,75 @@ +using System; + +namespace Org.BouncyCastle.Asn1.X509 +{ + public class PolicyInformation + : Asn1Encodable + { + private readonly DerObjectIdentifier policyIdentifier; + private readonly Asn1Sequence policyQualifiers; + + private PolicyInformation( + Asn1Sequence seq) + { + if (seq.Count < 1 || seq.Count > 2) + { + throw new ArgumentException("Bad sequence size: " + seq.Count); + } + + policyIdentifier = DerObjectIdentifier.GetInstance(seq[0]); + + if (seq.Count > 1) + { + policyQualifiers = Asn1Sequence.GetInstance(seq[1]); + } + } + + public PolicyInformation( + DerObjectIdentifier policyIdentifier) + { + this.policyIdentifier = policyIdentifier; + } + + public PolicyInformation( + DerObjectIdentifier policyIdentifier, + Asn1Sequence policyQualifiers) + { + this.policyIdentifier = policyIdentifier; + this.policyQualifiers = policyQualifiers; + } + + public static PolicyInformation GetInstance( + object obj) + { + if (obj == null || obj is PolicyInformation) + { + return (PolicyInformation) obj; + } + + return new PolicyInformation(Asn1Sequence.GetInstance(obj)); + } + + public DerObjectIdentifier PolicyIdentifier + { + get { return policyIdentifier; } + } + + public Asn1Sequence PolicyQualifiers + { + get { return policyQualifiers; } + } + + /* + * PolicyInformation ::= Sequence { + * policyIdentifier CertPolicyId, + * policyQualifiers Sequence SIZE (1..MAX) OF + * PolicyQualifierInfo OPTIONAL } + */ + public override Asn1Object ToAsn1Object() + { + Asn1EncodableVector v = new Asn1EncodableVector(policyIdentifier); + v.AddOptional(policyQualifiers); + return new DerSequence(v); + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/x509/PolicyMappings.cs b/BouncyCastle/crypto/src/asn1/x509/PolicyMappings.cs new file mode 100644 index 0000000..928ad13 --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/x509/PolicyMappings.cs @@ -0,0 +1,70 @@ +using System.Collections; + +namespace Org.BouncyCastle.Asn1.X509 +{ + /** + * PolicyMappings V3 extension, described in RFC3280. + * 
+	 *    PolicyMappings ::= Sequence SIZE (1..MAX) OF Sequence {
+	 *      issuerDomainPolicy      CertPolicyId,
+	 *      subjectDomainPolicy     CertPolicyId }
+	 *
+ * + * @see RFC 3280, section 4.2.1.6 + */ + public class PolicyMappings + : Asn1Encodable + { + private readonly Asn1Sequence seq; + + /** + * Creates a new PolicyMappings instance. + * + * @param seq an Asn1Sequence constructed as specified + * in RFC 3280 + */ + public PolicyMappings( + Asn1Sequence seq) + { + this.seq = seq; + } + +#if !(SILVERLIGHT || PORTABLE) + public PolicyMappings( + Hashtable mappings) + : this((IDictionary)mappings) + { + } +#endif + + /** + * Creates a new PolicyMappings instance. + * + * @param mappings a HashMap value that maps + * string oids + * to other string oids. + */ + public PolicyMappings( + IDictionary mappings) + { + Asn1EncodableVector v = new Asn1EncodableVector(); + + foreach (string idp in mappings.Keys) + { + string sdp = (string) mappings[idp]; + + v.Add( + new DerSequence( + new DerObjectIdentifier(idp), + new DerObjectIdentifier(sdp))); + } + + seq = new DerSequence(v); + } + + public override Asn1Object ToAsn1Object() + { + return seq; + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/x509/PolicyQualifierId.cs b/BouncyCastle/crypto/src/asn1/x509/PolicyQualifierId.cs new file mode 100644 index 0000000..c858f08 --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/x509/PolicyQualifierId.cs @@ -0,0 +1,28 @@ +namespace Org.BouncyCastle.Asn1.X509 +{ + /** + * PolicyQualifierId, used in the CertificatePolicies + * X509V3 extension. + * + * 
+	 *    id-qt          OBJECT IDENTIFIER ::=  { id-pkix 2 }
+	 *    id-qt-cps      OBJECT IDENTIFIER ::=  { id-qt 1 }
+	 *    id-qt-unotice  OBJECT IDENTIFIER ::=  { id-qt 2 }
+	 *  PolicyQualifierId ::=
+	 *       OBJECT IDENTIFIER ( id-qt-cps | id-qt-unotice )
+	 *
+ */ + public sealed class PolicyQualifierID : DerObjectIdentifier + { + private const string IdQt = "1.3.6.1.5.5.7.2"; + + private PolicyQualifierID( + string id) + : base(id) + { + } + + public static readonly PolicyQualifierID IdQtCps = new PolicyQualifierID(IdQt + ".1"); + public static readonly PolicyQualifierID IdQtUnotice = new PolicyQualifierID(IdQt + ".2"); + } +} diff --git a/BouncyCastle/crypto/src/asn1/x509/PolicyQualifierInfo.cs b/BouncyCastle/crypto/src/asn1/x509/PolicyQualifierInfo.cs new file mode 100644 index 0000000..3cf6d7e --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/x509/PolicyQualifierInfo.cs @@ -0,0 +1,95 @@ +using System; + +namespace Org.BouncyCastle.Asn1.X509 +{ + /** + * Policy qualifiers, used in the X509V3 CertificatePolicies + * extension. + * + * 
+     *   PolicyQualifierInfo ::= Sequence {
+     *       policyQualifierId  PolicyQualifierId,
+     *       qualifier          ANY DEFINED BY policyQualifierId }
+     *
+ */ + public class PolicyQualifierInfo + : Asn1Encodable + { + private readonly DerObjectIdentifier policyQualifierId; + private readonly Asn1Encodable qualifier; + + /** + * Creates a new PolicyQualifierInfo instance. + * + * @param policyQualifierId a PolicyQualifierId value + * @param qualifier the qualifier, defined by the above field. + */ + public PolicyQualifierInfo( + DerObjectIdentifier policyQualifierId, + Asn1Encodable qualifier) + { + this.policyQualifierId = policyQualifierId; + this.qualifier = qualifier; + } + + /** + * Creates a new PolicyQualifierInfo containing a + * cPSuri qualifier. + * + * @param cps the CPS (certification practice statement) uri as a + * string. + */ + public PolicyQualifierInfo( + string cps) + { + policyQualifierId = PolicyQualifierID.IdQtCps; + qualifier = new DerIA5String(cps); + } + + /** + * Creates a new PolicyQualifierInfo instance. + * + * @param as PolicyQualifierInfo X509 structure + * encoded as an Asn1Sequence. + */ + private PolicyQualifierInfo( + Asn1Sequence seq) + { + if (seq.Count != 2) + throw new ArgumentException("Bad sequence size: " + seq.Count, "seq"); + + policyQualifierId = DerObjectIdentifier.GetInstance(seq[0]); + qualifier = seq[1]; + } + + public static PolicyQualifierInfo GetInstance( + object obj) + { + if (obj is PolicyQualifierInfo) + return (PolicyQualifierInfo)obj; + if (obj == null) + return null; + return new PolicyQualifierInfo(Asn1Sequence.GetInstance(obj)); + } + + public virtual DerObjectIdentifier PolicyQualifierId + { + get { return policyQualifierId; } + } + + public virtual Asn1Encodable Qualifier + { + get { return qualifier; } + } + + /** + * Returns a Der-encodable representation of this instance. + * + * @return a Asn1Object value + */ + public override Asn1Object ToAsn1Object() + { + return new DerSequence(policyQualifierId, qualifier); + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/x509/PrivateKeyUsagePeriod.cs b/BouncyCastle/crypto/src/asn1/x509/PrivateKeyUsagePeriod.cs new file mode 100644 index 0000000..89e8de6 --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/x509/PrivateKeyUsagePeriod.cs @@ -0,0 +1,75 @@ +using System; + +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Asn1.X509 +{ + /// + /// 
+	/// PrivateKeyUsagePeriod ::= SEQUENCE
+	/// {
+	/// notBefore       [0]     GeneralizedTime OPTIONAL,
+	/// notAfter        [1]     GeneralizedTime OPTIONAL }
+	///
+ /// + public class PrivateKeyUsagePeriod + : Asn1Encodable + { + public static PrivateKeyUsagePeriod GetInstance( + object obj) + { + if (obj is PrivateKeyUsagePeriod) + { + return (PrivateKeyUsagePeriod) obj; + } + + if (obj is Asn1Sequence) + { + return new PrivateKeyUsagePeriod((Asn1Sequence) obj); + } + + if (obj is X509Extension) + { + return GetInstance(X509Extension.ConvertValueToObject((X509Extension) obj)); + } + + throw new ArgumentException("unknown object in GetInstance: " + Platform.GetTypeName(obj), "obj"); + } + + private DerGeneralizedTime _notBefore, _notAfter; + + private PrivateKeyUsagePeriod( + Asn1Sequence seq) + { + foreach (Asn1TaggedObject tObj in seq) + { + if (tObj.TagNo == 0) + { + _notBefore = DerGeneralizedTime.GetInstance(tObj, false); + } + else if (tObj.TagNo == 1) + { + _notAfter = DerGeneralizedTime.GetInstance(tObj, false); + } + } + } + + public DerGeneralizedTime NotBefore + { + get { return _notBefore; } + } + + public DerGeneralizedTime NotAfter + { + get { return _notAfter; } + } + + public override Asn1Object ToAsn1Object() + { + Asn1EncodableVector v = new Asn1EncodableVector(); + v.AddOptionalTagged(false, 0, _notBefore); + v.AddOptionalTagged(false, 1, _notAfter); + return new DerSequence(v); + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/x509/RSAPublicKeyStructure.cs b/BouncyCastle/crypto/src/asn1/x509/RSAPublicKeyStructure.cs new file mode 100644 index 0000000..20fdd96 --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/x509/RSAPublicKeyStructure.cs @@ -0,0 +1,93 @@ +using System; +using System.Collections; + +using Org.BouncyCastle.Asn1; +using Org.BouncyCastle.Math; +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Asn1.X509 +{ + public class RsaPublicKeyStructure + : Asn1Encodable + { + private BigInteger modulus; + private BigInteger publicExponent; + + public static RsaPublicKeyStructure GetInstance( + Asn1TaggedObject obj, + bool explicitly) + { + return GetInstance(Asn1Sequence.GetInstance(obj, explicitly)); + } + + public static RsaPublicKeyStructure GetInstance( + object obj) + { + if (obj == null || obj is RsaPublicKeyStructure) + { + return (RsaPublicKeyStructure) obj; + } + + if (obj is Asn1Sequence) + { + return new RsaPublicKeyStructure((Asn1Sequence) obj); + } + + throw new ArgumentException("Invalid RsaPublicKeyStructure: " + Platform.GetTypeName(obj)); + } + + public RsaPublicKeyStructure( + BigInteger modulus, + BigInteger publicExponent) + { + if (modulus == null) + throw new ArgumentNullException("modulus"); + if (publicExponent == null) + throw new ArgumentNullException("publicExponent"); + if (modulus.SignValue <= 0) + throw new ArgumentException("Not a valid RSA modulus", "modulus"); + if (publicExponent.SignValue <= 0) + throw new ArgumentException("Not a valid RSA public exponent", "publicExponent"); + + this.modulus = modulus; + this.publicExponent = publicExponent; + } + + private RsaPublicKeyStructure( + Asn1Sequence seq) + { + if (seq.Count != 2) + throw new ArgumentException("Bad sequence size: " + seq.Count); + + // Note: we are accepting technically incorrect (i.e. negative) values here + modulus = DerInteger.GetInstance(seq[0]).PositiveValue; + publicExponent = DerInteger.GetInstance(seq[1]).PositiveValue; + } + + public BigInteger Modulus + { + get { return modulus; } + } + + public BigInteger PublicExponent + { + get { return publicExponent; } + } + + /** + * This outputs the key in Pkcs1v2 format. + * 
+         *      RSAPublicKey ::= Sequence {
+         *                          modulus Integer, -- n
+         *                          publicExponent Integer, -- e
+         *                      }
+         *
+ */ + public override Asn1Object ToAsn1Object() + { + return new DerSequence( + new DerInteger(Modulus), + new DerInteger(PublicExponent)); + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/x509/ReasonFlags.cs b/BouncyCastle/crypto/src/asn1/x509/ReasonFlags.cs new file mode 100644 index 0000000..ad45e84 --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/x509/ReasonFlags.cs @@ -0,0 +1,45 @@ +namespace Org.BouncyCastle.Asn1.X509 +{ + /** + * The ReasonFlags object. + * 
+     * ReasonFlags ::= BIT STRING {
+     *    unused(0),
+     *    keyCompromise(1),
+     *    cACompromise(2),
+     *    affiliationChanged(3),
+     *    superseded(4),
+     *    cessationOfOperation(5),
+     *    certficateHold(6)
+     * }
+     *
+ */ + public class ReasonFlags + : DerBitString + { + public const int Unused = (1 << 7); + public const int KeyCompromise = (1 << 6); + public const int CACompromise = (1 << 5); + public const int AffiliationChanged = (1 << 4); + public const int Superseded = (1 << 3); + public const int CessationOfOperation = (1 << 2); + public const int CertificateHold = (1 << 1); + public const int PrivilegeWithdrawn = (1 << 0); + public const int AACompromise = (1 << 15); + + /** + * @param reasons - the bitwise OR of the Key Reason flags giving the + * allowed uses for the key. + */ + public ReasonFlags(int reasons) + : base(reasons) + { + } + + public ReasonFlags( + DerBitString reasons) + : base(reasons.GetBytes(), reasons.PadBits) + { + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/x509/RoleSyntax.cs b/BouncyCastle/crypto/src/asn1/x509/RoleSyntax.cs new file mode 100644 index 0000000..b5b217b --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/x509/RoleSyntax.cs @@ -0,0 +1,224 @@ +using System; +using System.Text; + +namespace Org.BouncyCastle.Asn1.X509 +{ + /** + * Implementation of the RoleSyntax object as specified by the RFC3281. + * + * 
+	* RoleSyntax ::= SEQUENCE {
+	*                 roleAuthority  [0] GeneralNames OPTIONAL,
+	*                 roleName       [1] GeneralName
+	*           }
+	*
+ */ + public class RoleSyntax + : Asn1Encodable + { + private readonly GeneralNames roleAuthority; + private readonly GeneralName roleName; + + /** + * RoleSyntax factory method. + * @param obj the object used to construct an instance of + * RoleSyntax. It must be an instance of RoleSyntax + * or Asn1Sequence. + * @return the instance of RoleSyntax built from the + * supplied object. + * @throws java.lang.ArgumentException if the object passed + * to the factory is not an instance of RoleSyntax or + * Asn1Sequence. + */ + public static RoleSyntax GetInstance( + object obj) + { + if (obj is RoleSyntax) + return (RoleSyntax)obj; + + if (obj != null) + return new RoleSyntax(Asn1Sequence.GetInstance(obj)); + + return null; + } + + /** + * Constructor. + * @param roleAuthority the role authority of this RoleSyntax. + * @param roleName the role name of this RoleSyntax. + */ + public RoleSyntax( + GeneralNames roleAuthority, + GeneralName roleName) + { + if (roleName == null + || roleName.TagNo != GeneralName.UniformResourceIdentifier + || ((IAsn1String) roleName.Name).GetString().Equals("")) + { + throw new ArgumentException("the role name MUST be non empty and MUST " + + "use the URI option of GeneralName"); + } + + this.roleAuthority = roleAuthority; + this.roleName = roleName; + } + + /** + * Constructor. Invoking this constructor is the same as invoking + * new RoleSyntax(null, roleName). + * @param roleName the role name of this RoleSyntax. + */ + public RoleSyntax( + GeneralName roleName) + : this(null, roleName) + { + } + + /** + * Utility constructor. Takes a string argument representing + * the role name, builds a GeneralName to hold the role name + * and calls the constructor that takes a GeneralName. + * @param roleName + */ + public RoleSyntax( + string roleName) + : this(new GeneralName(GeneralName.UniformResourceIdentifier, + (roleName == null)? "": roleName)) + { + } + + /** + * Constructor that builds an instance of RoleSyntax by + * extracting the encoded elements from the Asn1Sequence + * object supplied. + * @param seq an instance of Asn1Sequence that holds + * the encoded elements used to build this RoleSyntax. + */ + private RoleSyntax( + Asn1Sequence seq) + { + if (seq.Count < 1 || seq.Count > 2) + { + throw new ArgumentException("Bad sequence size: " + seq.Count); + } + + for (int i = 0; i != seq.Count; i++) + { + Asn1TaggedObject taggedObject = Asn1TaggedObject.GetInstance(seq[i]); + switch (taggedObject.TagNo) + { + case 0: + roleAuthority = GeneralNames.GetInstance(taggedObject, false); + break; + case 1: + roleName = GeneralName.GetInstance(taggedObject, true); + break; + default: + throw new ArgumentException("Unknown tag in RoleSyntax"); + } + } + } + + /** + * Gets the role authority of this RoleSyntax. + * @return an instance of GeneralNames holding the + * role authority of this RoleSyntax. + */ + public GeneralNames RoleAuthority + { + get { return this.roleAuthority; } + } + + /** + * Gets the role name of this RoleSyntax. + * @return an instance of GeneralName holding the + * role name of this RoleSyntax. + */ + public GeneralName RoleName + { + get { return this.roleName; } + } + + /** + * Gets the role name as a java.lang.string object. + * @return the role name of this RoleSyntax represented as a + * string object. + */ + public string GetRoleNameAsString() + { + return ((IAsn1String) this.roleName.Name).GetString(); + } + + /** + * Gets the role authority as a string[] object. + * @return the role authority of this RoleSyntax represented as a + * string[] array. + */ + public string[] GetRoleAuthorityAsString() + { + if (roleAuthority == null) + { + return new string[0]; + } + + GeneralName[] names = roleAuthority.GetNames(); + string[] namesString = new string[names.Length]; + for(int i = 0; i < names.Length; i++) + { + Asn1Encodable asn1Value = names[i].Name; + if (asn1Value is IAsn1String) + { + namesString[i] = ((IAsn1String) asn1Value).GetString(); + } + else + { + namesString[i] = asn1Value.ToString(); + } + } + + return namesString; + } + + /** + * Implementation of the method ToAsn1Object as + * required by the superclass ASN1Encodable. + * + * 
+		* RoleSyntax ::= SEQUENCE {
+		*                 roleAuthority  [0] GeneralNames OPTIONAL,
+		*                 roleName       [1] GeneralName
+		*           }
+		*
+ */ + public override Asn1Object ToAsn1Object() + { + Asn1EncodableVector v = new Asn1EncodableVector(); + v.AddOptionalTagged(false, 0, roleAuthority); + v.Add(new DerTaggedObject(true, 1, roleName)); + return new DerSequence(v); + } + + public override string ToString() + { + StringBuilder buff = new StringBuilder("Name: " + this.GetRoleNameAsString() + + " - Auth: "); + + if (this.roleAuthority == null || roleAuthority.GetNames().Length == 0) + { + buff.Append("N/A"); + } + else + { + string[] names = this.GetRoleAuthorityAsString(); + buff.Append('[').Append(names[0]); + for(int i = 1; i < names.Length; i++) + { + buff.Append(", ").Append(names[i]); + } + buff.Append(']'); + } + + return buff.ToString(); + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/x509/SubjectDirectoryAttributes.cs b/BouncyCastle/crypto/src/asn1/x509/SubjectDirectoryAttributes.cs new file mode 100644 index 0000000..77923e0 --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/x509/SubjectDirectoryAttributes.cs @@ -0,0 +1,142 @@ +using System; +using System.Collections; + +using Org.BouncyCastle.Utilities; +using Org.BouncyCastle.Utilities.Collections; + +namespace Org.BouncyCastle.Asn1.X509 +{ + /** + * This extension may contain further X.500 attributes of the subject. See also + * RFC 3039. + * + * 
+	 *     SubjectDirectoryAttributes ::= Attributes
+	 *     Attributes ::= SEQUENCE SIZE (1..MAX) OF Attribute
+	 *     Attribute ::= SEQUENCE
+	 *     {
+	 *       type AttributeType
+	 *       values SET OF AttributeValue
+	 *     }
+	 *
+	 *     AttributeType ::= OBJECT IDENTIFIER
+	 *     AttributeValue ::= ANY DEFINED BY AttributeType
+	 *
+ * + * @see org.bouncycastle.asn1.x509.X509Name for AttributeType ObjectIdentifiers. + */ + public class SubjectDirectoryAttributes + : Asn1Encodable + { + private readonly IList attributes; + + public static SubjectDirectoryAttributes GetInstance( + object obj) + { + if (obj == null || obj is SubjectDirectoryAttributes) + { + return (SubjectDirectoryAttributes) obj; + } + + if (obj is Asn1Sequence) + { + return new SubjectDirectoryAttributes((Asn1Sequence) obj); + } + + throw new ArgumentException("unknown object in factory: " + Platform.GetTypeName(obj), "obj"); + } + + /** + * Constructor from Asn1Sequence. + * + * The sequence is of type SubjectDirectoryAttributes: + * + * 
+		 *      SubjectDirectoryAttributes ::= Attributes
+		 *      Attributes ::= SEQUENCE SIZE (1..MAX) OF Attribute
+		 *      Attribute ::= SEQUENCE
+		 *      {
+		 *        type AttributeType
+		 *        values SET OF AttributeValue
+		 *      }
+		 *
+		 *      AttributeType ::= OBJECT IDENTIFIER
+		 *      AttributeValue ::= ANY DEFINED BY AttributeType
+		 *
+ * + * @param seq + * The ASN.1 sequence. + */ + private SubjectDirectoryAttributes( + Asn1Sequence seq) + { + this.attributes = Platform.CreateArrayList(); + foreach (object o in seq) + { + Asn1Sequence s = Asn1Sequence.GetInstance(o); + attributes.Add(AttributeX509.GetInstance(s)); + } + } + +#if !(SILVERLIGHT || PORTABLE) + [Obsolete] + public SubjectDirectoryAttributes( + ArrayList attributes) + : this((IList)attributes) + { + } +#endif + + /** + * Constructor from an ArrayList of attributes. + * + * The ArrayList consists of attributes of type {@link Attribute Attribute} + * + * @param attributes The attributes. + * + */ + public SubjectDirectoryAttributes( + IList attributes) + { + this.attributes = Platform.CreateArrayList(attributes); + } + + /** + * Produce an object suitable for an Asn1OutputStream. + * + * Returns: + * + * 
+		 *      SubjectDirectoryAttributes ::= Attributes
+		 *      Attributes ::= SEQUENCE SIZE (1..MAX) OF Attribute
+		 *      Attribute ::= SEQUENCE
+		 *      {
+		 *        type AttributeType
+		 *        values SET OF AttributeValue
+		 *      }
+		 *
+		 *      AttributeType ::= OBJECT IDENTIFIER
+		 *      AttributeValue ::= ANY DEFINED BY AttributeType
+		 *
+ * + * @return a DERObject + */ + public override Asn1Object ToAsn1Object() + { + AttributeX509[] v = new AttributeX509[attributes.Count]; + for (int i = 0; i < attributes.Count; ++i) + { + v[i] = (AttributeX509)attributes[i]; + } + return new DerSequence(v); + } + + /** + * @return Returns the attributes. + */ + public IEnumerable Attributes + { + get { return new EnumerableProxy(attributes); } + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/x509/SubjectKeyIdentifier.cs b/BouncyCastle/crypto/src/asn1/x509/SubjectKeyIdentifier.cs new file mode 100644 index 0000000..bb69468 --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/x509/SubjectKeyIdentifier.cs @@ -0,0 +1,132 @@ +using System; + +using Org.BouncyCastle.Crypto; +using Org.BouncyCastle.Crypto.Digests; +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Asn1.X509 +{ + /** + * The SubjectKeyIdentifier object. + * 
+     * SubjectKeyIdentifier::= OCTET STRING
+     *
+ */ + public class SubjectKeyIdentifier + : Asn1Encodable + { + public static SubjectKeyIdentifier GetInstance(Asn1TaggedObject obj, bool explicitly) + { + return GetInstance(Asn1OctetString.GetInstance(obj, explicitly)); + } + + public static SubjectKeyIdentifier GetInstance(object obj) + { + if (obj is SubjectKeyIdentifier) + return (SubjectKeyIdentifier)obj; + if (obj is SubjectPublicKeyInfo) + return new SubjectKeyIdentifier((SubjectPublicKeyInfo)obj); + if (obj is X509Extension) + return GetInstance(X509Extension.ConvertValueToObject((X509Extension)obj)); + if (obj == null) + return null; + return new SubjectKeyIdentifier(Asn1OctetString.GetInstance(obj)); + } + + public static SubjectKeyIdentifier FromExtensions(X509Extensions extensions) + { + return GetInstance(X509Extensions.GetExtensionParsedValue(extensions, X509Extensions.SubjectKeyIdentifier)); + } + + private readonly byte[] keyIdentifier; + + public SubjectKeyIdentifier( + byte[] keyID) + { + if (keyID == null) + throw new ArgumentNullException("keyID"); + + this.keyIdentifier = Arrays.Clone(keyID); + } + + public SubjectKeyIdentifier( + Asn1OctetString keyID) + : this(keyID.GetOctets()) + { + } + + /** + * Calculates the keyIdentifier using a SHA1 hash over the BIT STRING + * from SubjectPublicKeyInfo as defined in RFC3280. + * + * @param spki the subject public key info. + */ + public SubjectKeyIdentifier( + SubjectPublicKeyInfo spki) + { + this.keyIdentifier = GetDigest(spki); + } + + public byte[] GetKeyIdentifier() + { + return Arrays.Clone(keyIdentifier); + } + + public override Asn1Object ToAsn1Object() + { + return new DerOctetString(GetKeyIdentifier()); + } + + /** + * Return a RFC 3280 type 1 key identifier. As in: + * 
+		 * (1) The keyIdentifier is composed of the 160-bit SHA-1 hash of the
+		 * value of the BIT STRING subjectPublicKey (excluding the tag,
+		 * length, and number of unused bits).
+		 *
+ * @param keyInfo the key info object containing the subjectPublicKey field. + * @return the key identifier. + */ + public static SubjectKeyIdentifier CreateSha1KeyIdentifier( + SubjectPublicKeyInfo keyInfo) + { + return new SubjectKeyIdentifier(keyInfo); + } + + /** + * Return a RFC 3280 type 2 key identifier. As in: + * 
+		 * (2) The keyIdentifier is composed of a four bit type field with
+		 * the value 0100 followed by the least significant 60 bits of the
+		 * SHA-1 hash of the value of the BIT STRING subjectPublicKey.
+		 *
+ * @param keyInfo the key info object containing the subjectPublicKey field. + * @return the key identifier. + */ + public static SubjectKeyIdentifier CreateTruncatedSha1KeyIdentifier( + SubjectPublicKeyInfo keyInfo) + { + byte[] dig = GetDigest(keyInfo); + byte[] id = new byte[8]; + + Array.Copy(dig, dig.Length - 8, id, 0, id.Length); + + id[0] &= 0x0f; + id[0] |= 0x40; + + return new SubjectKeyIdentifier(id); + } + + private static byte[] GetDigest( + SubjectPublicKeyInfo spki) + { + IDigest digest = new Sha1Digest(); + byte[] resBuf = new byte[digest.GetDigestSize()]; + + byte[] bytes = spki.PublicKeyData.GetBytes(); + digest.BlockUpdate(bytes, 0, bytes.Length); + digest.DoFinal(resBuf, 0); + return resBuf; + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/x509/SubjectPublicKeyInfo.cs b/BouncyCastle/crypto/src/asn1/x509/SubjectPublicKeyInfo.cs new file mode 100644 index 0000000..ae44a45 --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/x509/SubjectPublicKeyInfo.cs @@ -0,0 +1,115 @@ +using System; +using System.Collections; +using System.IO; + +namespace Org.BouncyCastle.Asn1.X509 +{ + /** + * The object that contains the public key stored in a certficate. + *

+ * The GetEncoded() method in the public keys in the JCE produces a DER + * encoded one of these.

+ */ + public class SubjectPublicKeyInfo + : Asn1Encodable + { + private readonly AlgorithmIdentifier algID; + private readonly DerBitString keyData; + + public static SubjectPublicKeyInfo GetInstance( + Asn1TaggedObject obj, + bool explicitly) + { + return GetInstance(Asn1Sequence.GetInstance(obj, explicitly)); + } + + public static SubjectPublicKeyInfo GetInstance( + object obj) + { + if (obj is SubjectPublicKeyInfo) + return (SubjectPublicKeyInfo) obj; + + if (obj != null) + return new SubjectPublicKeyInfo(Asn1Sequence.GetInstance(obj)); + + return null; + } + + public SubjectPublicKeyInfo( + AlgorithmIdentifier algID, + Asn1Encodable publicKey) + { + this.keyData = new DerBitString(publicKey); + this.algID = algID; + } + + public SubjectPublicKeyInfo( + AlgorithmIdentifier algID, + byte[] publicKey) + { + this.keyData = new DerBitString(publicKey); + this.algID = algID; + } + + private SubjectPublicKeyInfo( + Asn1Sequence seq) + { + if (seq.Count != 2) + throw new ArgumentException("Bad sequence size: " + seq.Count, "seq"); + + this.algID = AlgorithmIdentifier.GetInstance(seq[0]); + this.keyData = DerBitString.GetInstance(seq[1]); + } + + public AlgorithmIdentifier AlgorithmID + { + get { return algID; } + } + + /** + * for when the public key is an encoded object - if the bitstring + * can't be decoded this routine raises an IOException. + * + * @exception IOException - if the bit string doesn't represent a Der + * encoded object. + */ + public Asn1Object ParsePublicKey() + { + return Asn1Object.FromByteArray(keyData.GetOctets()); + } + + /** + * for when the public key is an encoded object - if the bitstring + * can't be decoded this routine raises an IOException. + * + * @exception IOException - if the bit string doesn't represent a Der + * encoded object. + */ + [Obsolete("Use 'ParsePublicKey' instead")] + public Asn1Object GetPublicKey() + { + return Asn1Object.FromByteArray(keyData.GetOctets()); + } + + /** + * for when the public key is raw bits... + */ + public DerBitString PublicKeyData + { + get { return keyData; } + } + + /** + * Produce an object suitable for an Asn1OutputStream. + * 
+         * SubjectPublicKeyInfo ::= Sequence {
+         *                          algorithm AlgorithmIdentifier,
+         *                          publicKey BIT STRING }
+         *
+ */ + public override Asn1Object ToAsn1Object() + { + return new DerSequence(algID, keyData); + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/x509/TBSCertList.cs b/BouncyCastle/crypto/src/asn1/x509/TBSCertList.cs new file mode 100644 index 0000000..a427ba2 --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/x509/TBSCertList.cs @@ -0,0 +1,275 @@ +using System; +using System.Collections; + +using Org.BouncyCastle.Utilities; +using Org.BouncyCastle.Utilities.Collections; + +namespace Org.BouncyCastle.Asn1.X509 +{ + public class CrlEntry + : Asn1Encodable + { + internal Asn1Sequence seq; + internal DerInteger userCertificate; + internal Time revocationDate; + internal X509Extensions crlEntryExtensions; + + public CrlEntry( + Asn1Sequence seq) + { + if (seq.Count < 2 || seq.Count > 3) + { + throw new ArgumentException("Bad sequence size: " + seq.Count); + } + + this.seq = seq; + + userCertificate = DerInteger.GetInstance(seq[0]); + revocationDate = Time.GetInstance(seq[1]); + } + + public DerInteger UserCertificate + { + get { return userCertificate; } + } + + public Time RevocationDate + { + get { return revocationDate; } + } + + public X509Extensions Extensions + { + get + { + if (crlEntryExtensions == null && seq.Count == 3) + { + crlEntryExtensions = X509Extensions.GetInstance(seq[2]); + } + + return crlEntryExtensions; + } + } + + public override Asn1Object ToAsn1Object() + { + return seq; + } + } + + /** + * PKIX RFC-2459 - TbsCertList object. + * 
+     * TbsCertList  ::=  Sequence  {
+     *      version                 Version OPTIONAL,
+     *                                   -- if present, shall be v2
+     *      signature               AlgorithmIdentifier,
+     *      issuer                  Name,
+     *      thisUpdate              Time,
+     *      nextUpdate              Time OPTIONAL,
+     *      revokedCertificates     Sequence OF Sequence  {
+     *           userCertificate         CertificateSerialNumber,
+     *           revocationDate          Time,
+     *           crlEntryExtensions      Extensions OPTIONAL
+     *                                         -- if present, shall be v2
+     *                                }  OPTIONAL,
+     *      crlExtensions           [0]  EXPLICIT Extensions OPTIONAL
+     *                                         -- if present, shall be v2
+     *                                }
+     *
+ */ + public class TbsCertificateList + : Asn1Encodable + { + private class RevokedCertificatesEnumeration + : IEnumerable + { + private readonly IEnumerable en; + + internal RevokedCertificatesEnumeration( + IEnumerable en) + { + this.en = en; + } + + public IEnumerator GetEnumerator() + { + return new RevokedCertificatesEnumerator(en.GetEnumerator()); + } + + private class RevokedCertificatesEnumerator + : IEnumerator + { + private readonly IEnumerator e; + + internal RevokedCertificatesEnumerator( + IEnumerator e) + { + this.e = e; + } + + public bool MoveNext() + { + return e.MoveNext(); + } + + public void Reset() + { + e.Reset(); + } + + public object Current + { + get { return new CrlEntry(Asn1Sequence.GetInstance(e.Current)); } + } + } + } + + internal Asn1Sequence seq; + internal DerInteger version; + internal AlgorithmIdentifier signature; + internal X509Name issuer; + internal Time thisUpdate; + internal Time nextUpdate; + internal Asn1Sequence revokedCertificates; + internal X509Extensions crlExtensions; + + public static TbsCertificateList GetInstance( + Asn1TaggedObject obj, + bool explicitly) + { + return GetInstance(Asn1Sequence.GetInstance(obj, explicitly)); + } + + public static TbsCertificateList GetInstance( + object obj) + { + TbsCertificateList list = obj as TbsCertificateList; + + if (obj == null || list != null) + { + return list; + } + + if (obj is Asn1Sequence) + { + return new TbsCertificateList((Asn1Sequence) obj); + } + + throw new ArgumentException("unknown object in factory: " + Platform.GetTypeName(obj), "obj"); + } + + internal TbsCertificateList( + Asn1Sequence seq) + { + if (seq.Count < 3 || seq.Count > 7) + { + throw new ArgumentException("Bad sequence size: " + seq.Count); + } + + int seqPos = 0; + + this.seq = seq; + + if (seq[seqPos] is DerInteger) + { + version = DerInteger.GetInstance(seq[seqPos++]); + } + else + { + version = new DerInteger(0); + } + + signature = AlgorithmIdentifier.GetInstance(seq[seqPos++]); + issuer = X509Name.GetInstance(seq[seqPos++]); + thisUpdate = Time.GetInstance(seq[seqPos++]); + + if (seqPos < seq.Count + && (seq[seqPos] is DerUtcTime + || seq[seqPos] is DerGeneralizedTime + || seq[seqPos] is Time)) + { + nextUpdate = Time.GetInstance(seq[seqPos++]); + } + + if (seqPos < seq.Count + && !(seq[seqPos] is Asn1TaggedObject)) + { + revokedCertificates = Asn1Sequence.GetInstance(seq[seqPos++]); + } + + if (seqPos < seq.Count + && seq[seqPos] is Asn1TaggedObject) + { + crlExtensions = X509Extensions.GetInstance(seq[seqPos]); + } + } + + public int Version + { + get { return version.IntValueExact + 1; } + } + + public DerInteger VersionNumber + { + get { return version; } + } + + public AlgorithmIdentifier Signature + { + get { return signature; } + } + + public X509Name Issuer + { + get { return issuer; } + } + + public Time ThisUpdate + { + get { return thisUpdate; } + } + + public Time NextUpdate + { + get { return nextUpdate; } + } + + public CrlEntry[] GetRevokedCertificates() + { + if (revokedCertificates == null) + { + return new CrlEntry[0]; + } + + CrlEntry[] entries = new CrlEntry[revokedCertificates.Count]; + + for (int i = 0; i < entries.Length; i++) + { + entries[i] = new CrlEntry(Asn1Sequence.GetInstance(revokedCertificates[i])); + } + + return entries; + } + + public IEnumerable GetRevokedCertificateEnumeration() + { + if (revokedCertificates == null) + { + return EmptyEnumerable.Instance; + } + + return new RevokedCertificatesEnumeration(revokedCertificates); + } + + public X509Extensions Extensions + { + get { return crlExtensions; } + } + + public override Asn1Object ToAsn1Object() + { + return seq; + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/x509/TBSCertificateStructure.cs b/BouncyCastle/crypto/src/asn1/x509/TBSCertificateStructure.cs new file mode 100644 index 0000000..bd08d8b --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/x509/TBSCertificateStructure.cs @@ -0,0 +1,256 @@ +using System; + +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Asn1.X509 +{ + /** + * The TbsCertificate object. + * 
+     * TbsCertificate ::= Sequence {
+     *      version          [ 0 ]  Version DEFAULT v1(0),
+     *      serialNumber            CertificateSerialNumber,
+     *      signature               AlgorithmIdentifier,
+     *      issuer                  Name,
+     *      validity                Validity,
+     *      subject                 Name,
+     *      subjectPublicKeyInfo    SubjectPublicKeyInfo,
+     *      issuerUniqueID    [ 1 ] IMPLICIT UniqueIdentifier OPTIONAL,
+     *      subjectUniqueID   [ 2 ] IMPLICIT UniqueIdentifier OPTIONAL,
+     *      extensions        [ 3 ] Extensions OPTIONAL
+     *      }
+     *
+ *

+ * Note: issuerUniqueID and subjectUniqueID are both deprecated by the IETF. This class + * will parse them, but you really shouldn't be creating new ones.

+ */ + public class TbsCertificateStructure + : Asn1Encodable + { + internal Asn1Sequence seq; + internal DerInteger version; + internal DerInteger serialNumber; + internal AlgorithmIdentifier signature; + internal X509Name issuer; + internal Time startDate, endDate; + internal X509Name subject; + internal SubjectPublicKeyInfo subjectPublicKeyInfo; + internal DerBitString issuerUniqueID; + internal DerBitString subjectUniqueID; + internal X509Extensions extensions; + + public static TbsCertificateStructure GetInstance( + Asn1TaggedObject obj, + bool explicitly) + { + return GetInstance(Asn1Sequence.GetInstance(obj, explicitly)); + } + + public static TbsCertificateStructure GetInstance( + object obj) + { + if (obj is TbsCertificateStructure) + return (TbsCertificateStructure) obj; + + if (obj != null) + return new TbsCertificateStructure(Asn1Sequence.GetInstance(obj)); + + return null; + } + + internal TbsCertificateStructure( + Asn1Sequence seq) + { + int seqStart = 0; + + this.seq = seq; + + // + // some certficates don't include a version number - we assume v1 + // + if (seq[0] is Asn1TaggedObject) + { + version = DerInteger.GetInstance((Asn1TaggedObject)seq[0], true); + } + else + { + seqStart = -1; // field 0 is missing! + version = new DerInteger(0); + } + + bool isV1 = false; + bool isV2 = false; + + if (version.HasValue(0)) + { + isV1 = true; + } + else if (version.HasValue(1)) + { + isV2 = true; + } + else if (!version.HasValue(2)) + { + throw new ArgumentException("version number not recognised"); + } + + serialNumber = DerInteger.GetInstance(seq[seqStart + 1]); + + signature = AlgorithmIdentifier.GetInstance(seq[seqStart + 2]); + issuer = X509Name.GetInstance(seq[seqStart + 3]); + + // + // before and after dates + // + Asn1Sequence dates = (Asn1Sequence)seq[seqStart + 4]; + + startDate = Time.GetInstance(dates[0]); + endDate = Time.GetInstance(dates[1]); + + subject = X509Name.GetInstance(seq[seqStart + 5]); + + // + // public key info. + // + subjectPublicKeyInfo = SubjectPublicKeyInfo.GetInstance(seq[seqStart + 6]); + + int extras = seq.Count - (seqStart + 6) - 1; + if (extras != 0 && isV1) + throw new ArgumentException("version 1 certificate contains extra data"); + + while (extras > 0) + { + Asn1TaggedObject extra = Asn1TaggedObject.GetInstance(seq[seqStart + 6 + extras]); + switch (extra.TagNo) + { + case 1: + { + issuerUniqueID = DerBitString.GetInstance(extra, false); + break; + } + case 2: + { + subjectUniqueID = DerBitString.GetInstance(extra, false); + break; + } + case 3: + { + if (isV2) + throw new ArgumentException("version 2 certificate cannot contain extensions"); + + extensions = X509Extensions.GetInstance(Asn1Sequence.GetInstance(extra, true)); + break; + } + default: + { + throw new ArgumentException("Unknown tag encountered in structure: " + extra.TagNo); + } + } + extras--; + } + } + + public int Version + { + get { return version.IntValueExact + 1; } + } + + public DerInteger VersionNumber + { + get { return version; } + } + + public DerInteger SerialNumber + { + get { return serialNumber; } + } + + public AlgorithmIdentifier Signature + { + get { return signature; } + } + + public X509Name Issuer + { + get { return issuer; } + } + + public Time StartDate + { + get { return startDate; } + } + + public Time EndDate + { + get { return endDate; } + } + + public X509Name Subject + { + get { return subject; } + } + + public SubjectPublicKeyInfo SubjectPublicKeyInfo + { + get { return subjectPublicKeyInfo; } + } + + public DerBitString IssuerUniqueID + { + get { return issuerUniqueID; } + } + + public DerBitString SubjectUniqueID + { + get { return subjectUniqueID; } + } + + public X509Extensions Extensions + { + get { return extensions; } + } + + public override Asn1Object ToAsn1Object() + { + string property = Platform.GetEnvironmentVariable("Org.BouncyCastle.X509.Allow_Non-DER_TBSCert"); + if (null == property || Platform.EqualsIgnoreCase("true", property)) + return seq; + + Asn1EncodableVector v = new Asn1EncodableVector(); + + // DEFAULT Zero + if (!version.HasValue(0)) + { + v.Add(new DerTaggedObject(true, 0, version)); + } + + v.Add(serialNumber, signature, issuer); + + // + // before and after dates + // + v.Add(new DerSequence(startDate, endDate)); + + if (subject != null) + { + v.Add(subject); + } + else + { + v.Add(DerSequence.Empty); + } + + v.Add(subjectPublicKeyInfo); + + // Note: implicit tag + v.AddOptionalTagged(false, 1, issuerUniqueID); + + // Note: implicit tag + v.AddOptionalTagged(false, 2, subjectUniqueID); + + v.AddOptionalTagged(true, 3, extensions); + + return new DerSequence(v); + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/x509/Target.cs b/BouncyCastle/crypto/src/asn1/x509/Target.cs new file mode 100644 index 0000000..7c4f9db --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/x509/Target.cs @@ -0,0 +1,141 @@ +using System; + +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Asn1.X509 +{ + /** + * Target structure used in target information extension for attribute + * certificates from RFC 3281. + * + * 
+	 *     Target  ::= CHOICE {
+	 *       targetName          [0] GeneralName,
+	 *       targetGroup         [1] GeneralName,
+	 *       targetCert          [2] TargetCert
+	 *     }
+	 *
+ * + *

+ * The targetCert field is currently not supported and must not be used + * according to RFC 3281.

+ */ + public class Target + : Asn1Encodable, IAsn1Choice + { + public enum Choice + { + Name = 0, + Group = 1 + }; + + private readonly GeneralName targetName; + private readonly GeneralName targetGroup; + + /** + * Creates an instance of a Target from the given object. + *

+ * obj can be a Target or a {@link Asn1TaggedObject}

+ * + * @param obj The object. + * @return A Target instance. + * @throws ArgumentException if the given object cannot be + * interpreted as Target. + */ + public static Target GetInstance( + object obj) + { + if (obj is Target) + { + return (Target) obj; + } + + if (obj is Asn1TaggedObject) + { + return new Target((Asn1TaggedObject) obj); + } + + throw new ArgumentException("unknown object in factory: " + Platform.GetTypeName(obj), "obj"); + } + + /** + * Constructor from Asn1TaggedObject. + * + * @param tagObj The tagged object. + * @throws ArgumentException if the encoding is wrong. + */ + private Target( + Asn1TaggedObject tagObj) + { + switch ((Choice) tagObj.TagNo) + { + case Choice.Name: // GeneralName is already a choice so explicit + targetName = GeneralName.GetInstance(tagObj, true); + break; + case Choice.Group: + targetGroup = GeneralName.GetInstance(tagObj, true); + break; + default: + throw new ArgumentException("unknown tag: " + tagObj.TagNo); + } + } + + /** + * Constructor from given details. + *

+ * Exactly one of the parameters must be not null.

+ * + * @param type the choice type to apply to the name. + * @param name the general name. + * @throws ArgumentException if type is invalid. + */ + public Target( + Choice type, + GeneralName name) + : this(new DerTaggedObject((int) type, name)) + { + } + + /** + * @return Returns the targetGroup. + */ + public virtual GeneralName TargetGroup + { + get { return targetGroup; } + } + + /** + * @return Returns the targetName. + */ + public virtual GeneralName TargetName + { + get { return targetName; } + } + + /** + * Produce an object suitable for an Asn1OutputStream. + * + * Returns: + * + * 
+		 *     Target  ::= CHOICE {
+		 *       targetName          [0] GeneralName,
+		 *       targetGroup         [1] GeneralName,
+		 *       targetCert          [2] TargetCert
+		 *     }
+		 *
+ * + * @return an Asn1Object + */ + public override Asn1Object ToAsn1Object() + { + // GeneralName is a choice already so most be explicitly tagged + if (targetName != null) + { + return new DerTaggedObject(true, 0, targetName); + } + + return new DerTaggedObject(true, 1, targetGroup); + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/x509/TargetInformation.cs b/BouncyCastle/crypto/src/asn1/x509/TargetInformation.cs new file mode 100644 index 0000000..2bf2189 --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/x509/TargetInformation.cs @@ -0,0 +1,125 @@ +using System; + +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Asn1.X509 +{ + /** + * Target information extension for attributes certificates according to RFC + * 3281. + * + * 
+	 *           SEQUENCE OF Targets
+	 *
+ * + */ + public class TargetInformation + : Asn1Encodable + { + private readonly Asn1Sequence targets; + + /** + * Creates an instance of a TargetInformation from the given object. + *

+ * obj can be a TargetInformation or a {@link Asn1Sequence}

+ * + * @param obj The object. + * @return A TargetInformation instance. + * @throws ArgumentException if the given object cannot be interpreted as TargetInformation. + */ + public static TargetInformation GetInstance( + object obj) + { + if (obj is TargetInformation) + { + return (TargetInformation) obj; + } + + if (obj is Asn1Sequence) + { + return new TargetInformation((Asn1Sequence) obj); + } + + throw new ArgumentException("unknown object in factory: " + Platform.GetTypeName(obj), "obj"); + } + + /** + * Constructor from a Asn1Sequence. + * + * @param seq The Asn1Sequence. + * @throws ArgumentException if the sequence does not contain + * correctly encoded Targets elements. + */ + private TargetInformation( + Asn1Sequence targets) + { + this.targets = targets; + } + + /** + * Returns the targets in this target information extension. + *

+ * The ArrayList is cloned before it is returned.

+ * + * @return Returns the targets. + */ + public virtual Targets[] GetTargetsObjects() + { + Targets[] result = new Targets[targets.Count]; + + for (int i = 0; i < targets.Count; ++i) + { + result[i] = Targets.GetInstance(targets[i]); + } + + return result; + } + + /** + * Constructs a target information from a single targets element. + * According to RFC 3281 only one targets element must be produced. + * + * @param targets A Targets instance. + */ + public TargetInformation( + Targets targets) + { + this.targets = new DerSequence(targets); + } + + /** + * According to RFC 3281 only one targets element must be produced. If + * multiple targets are given they must be merged in + * into one targets element. + * + * @param targets An array with {@link Targets}. + */ + public TargetInformation( + Target[] targets) + : this(new Targets(targets)) + { + } + + /** + * Produce an object suitable for an Asn1OutputStream. + * + * Returns: + * + * 
+		 *          SEQUENCE OF Targets
+		 *
+ * + *

+ * According to RFC 3281 only one targets element must be produced. If + * multiple targets are given in the constructor they are merged into one + * targets element. If this was produced from a + * {@link Org.BouncyCastle.Asn1.Asn1Sequence} the encoding is kept.

+ * + * @return an Asn1Object + */ + public override Asn1Object ToAsn1Object() + { + return targets; + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/x509/Targets.cs b/BouncyCastle/crypto/src/asn1/x509/Targets.cs new file mode 100644 index 0000000..0387e1f --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/x509/Targets.cs @@ -0,0 +1,123 @@ +using System; + +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Asn1.X509 +{ + /** + * Targets structure used in target information extension for attribute + * certificates from RFC 3281. + * + * 
+	 *            Targets ::= SEQUENCE OF Target
+	 *           
+	 *            Target  ::= CHOICE {
+	 *              targetName          [0] GeneralName,
+	 *              targetGroup         [1] GeneralName,
+	 *              targetCert          [2] TargetCert
+	 *            }
+	 *           
+	 *            TargetCert  ::= SEQUENCE {
+	 *              targetCertificate    IssuerSerial,
+	 *              targetName           GeneralName OPTIONAL,
+	 *              certDigestInfo       ObjectDigestInfo OPTIONAL
+	 *            }
+	 *
+ * + * @see org.bouncycastle.asn1.x509.Target + * @see org.bouncycastle.asn1.x509.TargetInformation + */ + public class Targets + : Asn1Encodable + { + private readonly Asn1Sequence targets; + + /** + * Creates an instance of a Targets from the given object. + *

+ * obj can be a Targets or a {@link Asn1Sequence}

+ * + * @param obj The object. + * @return A Targets instance. + * @throws ArgumentException if the given object cannot be interpreted as Target. + */ + public static Targets GetInstance( + object obj) + { + if (obj is Targets) + { + return (Targets) obj; + } + + if (obj is Asn1Sequence) + { + return new Targets((Asn1Sequence) obj); + } + + throw new ArgumentException("unknown object in factory: " + Platform.GetTypeName(obj), "obj"); + } + + /** + * Constructor from Asn1Sequence. + * + * @param targets The ASN.1 SEQUENCE. + * @throws ArgumentException if the contents of the sequence are + * invalid. + */ + private Targets( + Asn1Sequence targets) + { + this.targets = targets; + } + + /** + * Constructor from given targets. + *

+ * The ArrayList is copied.

+ * + * @param targets An ArrayList of {@link Target}s. + * @see Target + * @throws ArgumentException if the ArrayList contains not only Targets. + */ + public Targets( + Target[] targets) + { + this.targets = new DerSequence(targets); + } + + /** + * Returns the targets in an ArrayList. + *

+ * The ArrayList is cloned before it is returned.

+ * + * @return Returns the targets. + */ + public virtual Target[] GetTargets() + { + Target[] result = new Target[targets.Count]; + + for (int i = 0; i < targets.Count; ++i) + { + result[i] = Target.GetInstance(targets[i]); + } + + return result; + } + + /** + * Produce an object suitable for an Asn1OutputStream. + * + * Returns: + * + * 
+		 *            Targets ::= SEQUENCE OF Target
+		 *
+ * + * @return an Asn1Object + */ + public override Asn1Object ToAsn1Object() + { + return targets; + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/x509/Time.cs b/BouncyCastle/crypto/src/asn1/x509/Time.cs new file mode 100644 index 0000000..fa3936d --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/x509/Time.cs @@ -0,0 +1,122 @@ +using System; +using System.Globalization; + +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Asn1.X509 +{ + public class Time + : Asn1Encodable, IAsn1Choice + { + private readonly Asn1Object time; + + public static Time GetInstance( + Asn1TaggedObject obj, + bool explicitly) + { + return GetInstance(obj.GetObject()); + } + + public Time( + Asn1Object time) + { + if (time == null) + throw new ArgumentNullException("time"); + if (!(time is DerUtcTime) && !(time is DerGeneralizedTime)) + throw new ArgumentException("unknown object passed to Time"); + + this.time = time; + } + + /** + * creates a time object from a given date - if the date is between 1950 + * and 2049 a UTCTime object is Generated, otherwise a GeneralizedTime + * is used. + */ + public Time( + DateTime date) + { +#if PORTABLE + string d = date.ToUniversalTime().ToString("yyyyMMddHHmmss", CultureInfo.InvariantCulture) + "Z"; +#else + string d = date.ToString("yyyyMMddHHmmss", CultureInfo.InvariantCulture) + "Z"; +#endif + + int year = int.Parse(d.Substring(0, 4)); + + if (year < 1950 || year > 2049) + { + time = new DerGeneralizedTime(d); + } + else + { + time = new DerUtcTime(d.Substring(2)); + } + } + + public static Time GetInstance( + object obj) + { + if (obj == null || obj is Time) + return (Time)obj; + if (obj is DerUtcTime) + return new Time((DerUtcTime)obj); + if (obj is DerGeneralizedTime) + return new Time((DerGeneralizedTime)obj); + + throw new ArgumentException("unknown object in factory: " + Platform.GetTypeName(obj), "obj"); + } + + public string GetTime() + { + if (time is DerUtcTime) + { + return ((DerUtcTime) time).AdjustedTimeString; + } + + return ((DerGeneralizedTime) time).GetTime(); + } + + /// + /// Return our time as DateTime. + /// + /// A date time. + public DateTime ToDateTime() + { + try + { + if (time is DerUtcTime) + { + return ((DerUtcTime)time).ToAdjustedDateTime(); + } + else + { + return ((DerGeneralizedTime)time).ToDateTime(); + } + } + catch (FormatException e) + { + // this should never happen + throw new InvalidOperationException("invalid date string: " + e.Message); + } + } + + /** + * Produce an object suitable for an Asn1OutputStream. + * 
+         * Time ::= CHOICE {
+         *             utcTime        UTCTime,
+         *             generalTime    GeneralizedTime }
+         *
+ */ + public override Asn1Object ToAsn1Object() + { + return time; + } + + public override string ToString() + { + return GetTime(); + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/x509/UserNotice.cs b/BouncyCastle/crypto/src/asn1/x509/UserNotice.cs new file mode 100644 index 0000000..6311c76 --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/x509/UserNotice.cs @@ -0,0 +1,120 @@ +using System; + +namespace Org.BouncyCastle.Asn1.X509 +{ + /** + * UserNotice class, used in + * CertificatePolicies X509 extensions (in policy + * qualifiers). + * 
+     * UserNotice ::= Sequence {
+     *      noticeRef        NoticeReference OPTIONAL,
+     *      explicitText     DisplayText OPTIONAL}
+     *
+     *
+ * + * @see PolicyQualifierId + * @see PolicyInformation + */ + public class UserNotice + : Asn1Encodable + { + private readonly NoticeReference noticeRef; + private readonly DisplayText explicitText; + + /** + * Creates a new UserNotice instance. + * + * @param noticeRef a NoticeReference value + * @param explicitText a DisplayText value + */ + public UserNotice( + NoticeReference noticeRef, + DisplayText explicitText) + { + this.noticeRef = noticeRef; + this.explicitText = explicitText; + } + + /** + * Creates a new UserNotice instance. + * + * @param noticeRef a NoticeReference value + * @param str the explicitText field as a string. + */ + public UserNotice( + NoticeReference noticeRef, + string str) + : this(noticeRef, new DisplayText(str)) + { + } + + /** + * Creates a new UserNotice instance. + *

Useful from reconstructing a UserNotice instance + * from its encodable/encoded form. + * + * @param as an ASN1Sequence value obtained from either + * calling @{link toASN1Object()} for a UserNotice + * instance or from parsing it from a DER-encoded stream.

+ */ + [Obsolete("Use GetInstance() instead")] + public UserNotice( + Asn1Sequence seq) + { + if (seq.Count == 2) + { + noticeRef = NoticeReference.GetInstance(seq[0]); + explicitText = DisplayText.GetInstance(seq[1]); + } + else if (seq.Count == 1) + { + if (seq[0].ToAsn1Object() is Asn1Sequence) + { + noticeRef = NoticeReference.GetInstance(seq[0]); + explicitText = null; + } + else + { + noticeRef = null; + explicitText = DisplayText.GetInstance(seq[0]); + } + } + else if (seq.Count == 0) + { + noticeRef = null; // neither field set! + explicitText = null; + } + else + { + throw new ArgumentException("Bad sequence size: " + seq.Count); + } + } + + public static UserNotice GetInstance(object obj) + { + if (obj is UserNotice) + return (UserNotice)obj; + if (obj == null) + return null; + return new UserNotice(Asn1Sequence.GetInstance(obj)); + } + + public virtual NoticeReference NoticeRef + { + get { return noticeRef; } + } + + public virtual DisplayText ExplicitText + { + get { return explicitText; } + } + + public override Asn1Object ToAsn1Object() + { + Asn1EncodableVector v = new Asn1EncodableVector(); + v.AddOptional(noticeRef, explicitText); + return new DerSequence(v); + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/x509/V1TBSCertificateGenerator.cs b/BouncyCastle/crypto/src/asn1/x509/V1TBSCertificateGenerator.cs new file mode 100644 index 0000000..20b525a --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/x509/V1TBSCertificateGenerator.cs @@ -0,0 +1,108 @@ +using System; + +namespace Org.BouncyCastle.Asn1.X509 +{ + /** + * Generator for Version 1 TbsCertificateStructures. + * 
+     * TbsCertificate ::= Sequence {
+     *      version          [ 0 ]  Version DEFAULT v1(0),
+     *      serialNumber            CertificateSerialNumber,
+     *      signature               AlgorithmIdentifier,
+     *      issuer                  Name,
+     *      validity                Validity,
+     *      subject                 Name,
+     *      subjectPublicKeyInfo    SubjectPublicKeyInfo,
+     *      }
+     *
+ * + */ + public class V1TbsCertificateGenerator + { + internal DerTaggedObject version = new DerTaggedObject(0, new DerInteger(0)); + internal DerInteger serialNumber; + internal AlgorithmIdentifier signature; + internal X509Name issuer; + internal Time startDate, endDate; + internal X509Name subject; + internal SubjectPublicKeyInfo subjectPublicKeyInfo; + + public V1TbsCertificateGenerator() + { + } + + public void SetSerialNumber( + DerInteger serialNumber) + { + this.serialNumber = serialNumber; + } + + public void SetSignature( + AlgorithmIdentifier signature) + { + this.signature = signature; + } + + public void SetIssuer( + X509Name issuer) + { + this.issuer = issuer; + } + + public void SetStartDate( + Time startDate) + { + this.startDate = startDate; + } + + public void SetStartDate( + DerUtcTime startDate) + { + this.startDate = new Time(startDate); + } + + public void SetEndDate( + Time endDate) + { + this.endDate = endDate; + } + + public void SetEndDate( + DerUtcTime endDate) + { + this.endDate = new Time(endDate); + } + + public void SetSubject( + X509Name subject) + { + this.subject = subject; + } + + public void SetSubjectPublicKeyInfo( + SubjectPublicKeyInfo pubKeyInfo) + { + this.subjectPublicKeyInfo = pubKeyInfo; + } + + public TbsCertificateStructure GenerateTbsCertificate() + { + if ((serialNumber == null) || (signature == null) + || (issuer == null) || (startDate == null) || (endDate == null) + || (subject == null) || (subjectPublicKeyInfo == null)) + { + throw new InvalidOperationException("not all mandatory fields set in V1 TBScertificate generator"); + } + + return new TbsCertificateStructure( + new DerSequence( + //version, - not required as default value + serialNumber, + signature, + issuer, + new DerSequence(startDate, endDate), // before and after dates + subject, + subjectPublicKeyInfo)); + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/x509/V2AttributeCertificateInfoGenerator.cs b/BouncyCastle/crypto/src/asn1/x509/V2AttributeCertificateInfoGenerator.cs new file mode 100644 index 0000000..02580b5 --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/x509/V2AttributeCertificateInfoGenerator.cs @@ -0,0 +1,137 @@ +using System; + +namespace Org.BouncyCastle.Asn1.X509 +{ + /** + * Generator for Version 2 AttributeCertificateInfo + * 
+     * AttributeCertificateInfo ::= Sequence {
+     *       version              AttCertVersion -- version is v2,
+     *       holder               Holder,
+     *       issuer               AttCertIssuer,
+     *       signature            AlgorithmIdentifier,
+     *       serialNumber         CertificateSerialNumber,
+     *       attrCertValidityPeriod   AttCertValidityPeriod,
+     *       attributes           Sequence OF Attr,
+     *       issuerUniqueID       UniqueIdentifier OPTIONAL,
+     *       extensions           Extensions OPTIONAL
+     * }
+     *
+ * + */ + public class V2AttributeCertificateInfoGenerator + { + internal DerInteger version; + internal Holder holder; + internal AttCertIssuer issuer; + internal AlgorithmIdentifier signature; + internal DerInteger serialNumber; +// internal AttCertValidityPeriod attrCertValidityPeriod; + internal Asn1EncodableVector attributes; + internal DerBitString issuerUniqueID; + internal X509Extensions extensions; + internal DerGeneralizedTime startDate, endDate; + + public V2AttributeCertificateInfoGenerator() + { + this.version = new DerInteger(1); + attributes = new Asn1EncodableVector(); + } + + public void SetHolder( + Holder holder) + { + this.holder = holder; + } + + public void AddAttribute( + string oid, + Asn1Encodable value) + { + attributes.Add(new AttributeX509(new DerObjectIdentifier(oid), new DerSet(value))); + } + + /** + * @param attribute + */ + public void AddAttribute(AttributeX509 attribute) + { + attributes.Add(attribute); + } + + public void SetSerialNumber( + DerInteger serialNumber) + { + this.serialNumber = serialNumber; + } + + public void SetSignature( + AlgorithmIdentifier signature) + { + this.signature = signature; + } + + public void SetIssuer( + AttCertIssuer issuer) + { + this.issuer = issuer; + } + + public void SetStartDate( + DerGeneralizedTime startDate) + { + this.startDate = startDate; + } + + public void SetEndDate( + DerGeneralizedTime endDate) + { + this.endDate = endDate; + } + + public void SetIssuerUniqueID( + DerBitString issuerUniqueID) + { + this.issuerUniqueID = issuerUniqueID; + } + + public void SetExtensions( + X509Extensions extensions) + { + this.extensions = extensions; + } + + public AttributeCertificateInfo GenerateAttributeCertificateInfo() + { + if ((serialNumber == null) || (signature == null) + || (issuer == null) || (startDate == null) || (endDate == null) + || (holder == null) || (attributes == null)) + { + throw new InvalidOperationException("not all mandatory fields set in V2 AttributeCertificateInfo generator"); + } + + Asn1EncodableVector v = new Asn1EncodableVector( + version, holder, issuer, signature, serialNumber); + + // + // before and after dates => AttCertValidityPeriod + // + v.Add(new AttCertValidityPeriod(startDate, endDate)); + + // Attributes + v.Add(new DerSequence(attributes)); + + if (issuerUniqueID != null) + { + v.Add(issuerUniqueID); + } + + if (extensions != null) + { + v.Add(extensions); + } + + return AttributeCertificateInfo.GetInstance(new DerSequence(v)); + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/x509/V2Form.cs b/BouncyCastle/crypto/src/asn1/x509/V2Form.cs new file mode 100644 index 0000000..53475ff --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/x509/V2Form.cs @@ -0,0 +1,124 @@ +using System; + +namespace Org.BouncyCastle.Asn1.X509 +{ + public class V2Form + : Asn1Encodable + { + internal GeneralNames issuerName; + internal IssuerSerial baseCertificateID; + internal ObjectDigestInfo objectDigestInfo; + + public static V2Form GetInstance( + Asn1TaggedObject obj, + bool explicitly) + { + return GetInstance(Asn1Sequence.GetInstance(obj, explicitly)); + } + + public static V2Form GetInstance(object obj) + { + if (obj is V2Form) + return (V2Form)obj; + if (obj != null) + return new V2Form(Asn1Sequence.GetInstance(obj)); + return null; + } + + public V2Form(GeneralNames issuerName) + : this(issuerName, null, null) + { + } + + public V2Form(GeneralNames issuerName, IssuerSerial baseCertificateID) + : this(issuerName, baseCertificateID, null) + { + } + + public V2Form(GeneralNames issuerName, ObjectDigestInfo objectDigestInfo) + : this(issuerName, null, objectDigestInfo) + { + } + + public V2Form( + GeneralNames issuerName, + IssuerSerial baseCertificateID, + ObjectDigestInfo objectDigestInfo) + { + this.issuerName = issuerName; + this.baseCertificateID = baseCertificateID; + this.objectDigestInfo = objectDigestInfo; + } + + private V2Form( + Asn1Sequence seq) + { + if (seq.Count > 3) + { + throw new ArgumentException("Bad sequence size: " + seq.Count); + } + + int index = 0; + + if (!(seq[0] is Asn1TaggedObject)) + { + index++; + this.issuerName = GeneralNames.GetInstance(seq[0]); + } + + for (int i = index; i != seq.Count; i++) + { + Asn1TaggedObject o = Asn1TaggedObject.GetInstance(seq[i]); + if (o.TagNo == 0) + { + baseCertificateID = IssuerSerial.GetInstance(o, false); + } + else if (o.TagNo == 1) + { + objectDigestInfo = ObjectDigestInfo.GetInstance(o, false); + } + else + { + throw new ArgumentException("Bad tag number: " + o.TagNo); + } + } + } + + public GeneralNames IssuerName + { + get { return issuerName; } + } + + public IssuerSerial BaseCertificateID + { + get { return baseCertificateID; } + } + + public ObjectDigestInfo ObjectDigestInfo + { + get { return objectDigestInfo; } + } + + /** + * Produce an object suitable for an Asn1OutputStream. + * 
+         *  V2Form ::= Sequence {
+         *       issuerName            GeneralNames  OPTIONAL,
+         *       baseCertificateID     [0] IssuerSerial  OPTIONAL,
+         *       objectDigestInfo      [1] ObjectDigestInfo  OPTIONAL
+         *         -- issuerName MUST be present in this profile
+         *         -- baseCertificateID and objectDigestInfo MUST NOT
+         *         -- be present in this profile
+         *  }
+         *
+ */ + public override Asn1Object ToAsn1Object() + { + Asn1EncodableVector v = new Asn1EncodableVector(); + v.AddOptional(issuerName); + v.AddOptionalTagged(false, 0, baseCertificateID); + v.AddOptionalTagged(false, 1, objectDigestInfo); + return new DerSequence(v); + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/x509/V2TBSCertListGenerator.cs b/BouncyCastle/crypto/src/asn1/x509/V2TBSCertListGenerator.cs new file mode 100644 index 0000000..2c92918 --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/x509/V2TBSCertListGenerator.cs @@ -0,0 +1,201 @@ +using System; +using System.Collections; +using System.IO; + +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Asn1.X509 +{ + /** + * Generator for Version 2 TbsCertList structures. + * 
+     *  TbsCertList  ::=  Sequence  {
+     *       version                 Version OPTIONAL,
+     *                                    -- if present, shall be v2
+     *       signature               AlgorithmIdentifier,
+     *       issuer                  Name,
+     *       thisUpdate              Time,
+     *       nextUpdate              Time OPTIONAL,
+     *       revokedCertificates     Sequence OF Sequence  {
+     *            userCertificate         CertificateSerialNumber,
+     *            revocationDate          Time,
+     *            crlEntryExtensions      Extensions OPTIONAL
+     *                                          -- if present, shall be v2
+     *                                 }  OPTIONAL,
+     *       crlExtensions           [0]  EXPLICIT Extensions OPTIONAL
+     *                                          -- if present, shall be v2
+     *                                 }
+     *
+ * + * Note: This class may be subject to change + */ + public class V2TbsCertListGenerator + { + private DerInteger version = new DerInteger(1); + private AlgorithmIdentifier signature; + private X509Name issuer; + private Time thisUpdate, nextUpdate; + private X509Extensions extensions; + private IList crlEntries; + + public V2TbsCertListGenerator() + { + } + + public void SetSignature( + AlgorithmIdentifier signature) + { + this.signature = signature; + } + + public void SetIssuer( + X509Name issuer) + { + this.issuer = issuer; + } + + public void SetThisUpdate( + DerUtcTime thisUpdate) + { + this.thisUpdate = new Time(thisUpdate); + } + + public void SetNextUpdate( + DerUtcTime nextUpdate) + { + this.nextUpdate = (nextUpdate != null) + ? new Time(nextUpdate) + : null; + } + + public void SetThisUpdate( + Time thisUpdate) + { + this.thisUpdate = thisUpdate; + } + + public void SetNextUpdate( + Time nextUpdate) + { + this.nextUpdate = nextUpdate; + } + + public void AddCrlEntry( + Asn1Sequence crlEntry) + { + if (crlEntries == null) + { + crlEntries = Platform.CreateArrayList(); + } + + crlEntries.Add(crlEntry); + } + + public void AddCrlEntry(DerInteger userCertificate, DerUtcTime revocationDate, int reason) + { + AddCrlEntry(userCertificate, new Time(revocationDate), reason); + } + + public void AddCrlEntry(DerInteger userCertificate, Time revocationDate, int reason) + { + AddCrlEntry(userCertificate, revocationDate, reason, null); + } + + public void AddCrlEntry(DerInteger userCertificate, Time revocationDate, int reason, + DerGeneralizedTime invalidityDate) + { + IList extOids = Platform.CreateArrayList(); + IList extValues = Platform.CreateArrayList(); + + if (reason != 0) + { + CrlReason crlReason = new CrlReason(reason); + + try + { + extOids.Add(X509Extensions.ReasonCode); + extValues.Add(new X509Extension(false, new DerOctetString(crlReason.GetEncoded()))); + } + catch (IOException e) + { + throw new ArgumentException("error encoding reason: " + e); + } + } + + if (invalidityDate != null) + { + try + { + extOids.Add(X509Extensions.InvalidityDate); + extValues.Add(new X509Extension(false, new DerOctetString(invalidityDate.GetEncoded()))); + } + catch (IOException e) + { + throw new ArgumentException("error encoding invalidityDate: " + e); + } + } + + if (extOids.Count != 0) + { + AddCrlEntry(userCertificate, revocationDate, new X509Extensions(extOids, extValues)); + } + else + { + AddCrlEntry(userCertificate, revocationDate, null); + } + } + + public void AddCrlEntry(DerInteger userCertificate, Time revocationDate, X509Extensions extensions) + { + Asn1EncodableVector v = new Asn1EncodableVector( + userCertificate, revocationDate); + + if (extensions != null) + { + v.Add(extensions); + } + + AddCrlEntry(new DerSequence(v)); + } + + public void SetExtensions( + X509Extensions extensions) + { + this.extensions = extensions; + } + + public TbsCertificateList GenerateTbsCertList() + { + if ((signature == null) || (issuer == null) || (thisUpdate == null)) + { + throw new InvalidOperationException("Not all mandatory fields set in V2 TbsCertList generator."); + } + + Asn1EncodableVector v = new Asn1EncodableVector( + version, signature, issuer, thisUpdate); + + if (nextUpdate != null) + { + v.Add(nextUpdate); + } + + // Add CRLEntries if they exist + if (crlEntries != null) + { + Asn1Sequence[] certs = new Asn1Sequence[crlEntries.Count]; + for (int i = 0; i < crlEntries.Count; ++i) + { + certs[i] = (Asn1Sequence)crlEntries[i]; + } + v.Add(new DerSequence(certs)); + } + + if (extensions != null) + { + v.Add(new DerTaggedObject(0, extensions)); + } + + return new TbsCertificateList(new DerSequence(v)); + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/x509/V3TBSCertificateGenerator.cs b/BouncyCastle/crypto/src/asn1/x509/V3TBSCertificateGenerator.cs new file mode 100644 index 0000000..beb469a --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/x509/V3TBSCertificateGenerator.cs @@ -0,0 +1,168 @@ +using System; + +namespace Org.BouncyCastle.Asn1.X509 +{ + /** + * Generator for Version 3 TbsCertificateStructures. + * 
+     * TbsCertificate ::= Sequence {
+     *      version          [ 0 ]  Version DEFAULT v1(0),
+     *      serialNumber            CertificateSerialNumber,
+     *      signature               AlgorithmIdentifier,
+     *      issuer                  Name,
+     *      validity                Validity,
+     *      subject                 Name,
+     *      subjectPublicKeyInfo    SubjectPublicKeyInfo,
+     *      issuerUniqueID    [ 1 ] IMPLICIT UniqueIdentifier OPTIONAL,
+     *      subjectUniqueID   [ 2 ] IMPLICIT UniqueIdentifier OPTIONAL,
+     *      extensions        [ 3 ] Extensions OPTIONAL
+     *      }
+     *
+ * + */ + public class V3TbsCertificateGenerator + { + internal DerTaggedObject version = new DerTaggedObject(0, new DerInteger(2)); + internal DerInteger serialNumber; + internal AlgorithmIdentifier signature; + internal X509Name issuer; + internal Time startDate, endDate; + internal X509Name subject; + internal SubjectPublicKeyInfo subjectPublicKeyInfo; + internal X509Extensions extensions; + + private bool altNamePresentAndCritical; + private DerBitString issuerUniqueID; + private DerBitString subjectUniqueID; + + public V3TbsCertificateGenerator() + { + } + + public void SetSerialNumber( + DerInteger serialNumber) + { + this.serialNumber = serialNumber; + } + + public void SetSignature( + AlgorithmIdentifier signature) + { + this.signature = signature; + } + + public void SetIssuer( + X509Name issuer) + { + this.issuer = issuer; + } + + public void SetStartDate( + DerUtcTime startDate) + { + this.startDate = new Time(startDate); + } + + public void SetStartDate( + Time startDate) + { + this.startDate = startDate; + } + + public void SetEndDate( + DerUtcTime endDate) + { + this.endDate = new Time(endDate); + } + + public void SetEndDate( + Time endDate) + { + this.endDate = endDate; + } + + public void SetSubject( + X509Name subject) + { + this.subject = subject; + } + + public void SetIssuerUniqueID( + DerBitString uniqueID) + { + this.issuerUniqueID = uniqueID; + } + + public void SetSubjectUniqueID( + DerBitString uniqueID) + { + this.subjectUniqueID = uniqueID; + } + + public void SetSubjectPublicKeyInfo( + SubjectPublicKeyInfo pubKeyInfo) + { + this.subjectPublicKeyInfo = pubKeyInfo; + } + + public void SetExtensions( + X509Extensions extensions) + { + this.extensions = extensions; + + if (extensions != null) + { + X509Extension altName = extensions.GetExtension(X509Extensions.SubjectAlternativeName); + + if (altName != null && altName.IsCritical) + { + altNamePresentAndCritical = true; + } + } + } + + public TbsCertificateStructure GenerateTbsCertificate() + { + if ((serialNumber == null) || (signature == null) + || (issuer == null) || (startDate == null) || (endDate == null) + || (subject == null && !altNamePresentAndCritical) + || (subjectPublicKeyInfo == null)) + { + throw new InvalidOperationException("not all mandatory fields set in V3 TBScertificate generator"); + } + + DerSequence validity = new DerSequence(startDate, endDate); // before and after dates + + Asn1EncodableVector v = new Asn1EncodableVector( + version, serialNumber, signature, issuer, validity); + + if (subject != null) + { + v.Add(subject); + } + else + { + v.Add(DerSequence.Empty); + } + + v.Add(subjectPublicKeyInfo); + + if (issuerUniqueID != null) + { + v.Add(new DerTaggedObject(false, 1, issuerUniqueID)); + } + + if (subjectUniqueID != null) + { + v.Add(new DerTaggedObject(false, 2, subjectUniqueID)); + } + + if (extensions != null) + { + v.Add(new DerTaggedObject(3, extensions)); + } + + return new TbsCertificateStructure(new DerSequence(v)); + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/x509/X509Attributes.cs b/BouncyCastle/crypto/src/asn1/x509/X509Attributes.cs new file mode 100644 index 0000000..291329a --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/x509/X509Attributes.cs @@ -0,0 +1,9 @@ +using System; + +namespace Org.BouncyCastle.Asn1.X509 +{ + public class X509Attributes + { + public static readonly DerObjectIdentifier RoleSyntax = new DerObjectIdentifier("2.5.4.72"); + } +} diff --git a/BouncyCastle/crypto/src/asn1/x509/X509CertificateStructure.cs b/BouncyCastle/crypto/src/asn1/x509/X509CertificateStructure.cs new file mode 100644 index 0000000..6e7c85d --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/x509/X509CertificateStructure.cs @@ -0,0 +1,132 @@ +using System; + +using Org.BouncyCastle.Asn1.Pkcs; + +namespace Org.BouncyCastle.Asn1.X509 +{ + /** + * an X509Certificate structure. + * 
+     *  Certificate ::= Sequence {
+     *      tbsCertificate          TbsCertificate,
+     *      signatureAlgorithm      AlgorithmIdentifier,
+     *      signature               BIT STRING
+     *  }
+     *
+ */ + public class X509CertificateStructure + : Asn1Encodable + { + private readonly TbsCertificateStructure tbsCert; + private readonly AlgorithmIdentifier sigAlgID; + private readonly DerBitString sig; + + public static X509CertificateStructure GetInstance( + Asn1TaggedObject obj, + bool explicitly) + { + return GetInstance(Asn1Sequence.GetInstance(obj, explicitly)); + } + + public static X509CertificateStructure GetInstance( + object obj) + { + if (obj is X509CertificateStructure) + return (X509CertificateStructure)obj; + if (obj == null) + return null; + return new X509CertificateStructure(Asn1Sequence.GetInstance(obj)); + } + + public X509CertificateStructure( + TbsCertificateStructure tbsCert, + AlgorithmIdentifier sigAlgID, + DerBitString sig) + { + if (tbsCert == null) + throw new ArgumentNullException("tbsCert"); + if (sigAlgID == null) + throw new ArgumentNullException("sigAlgID"); + if (sig == null) + throw new ArgumentNullException("sig"); + + this.tbsCert = tbsCert; + this.sigAlgID = sigAlgID; + this.sig = sig; + } + + private X509CertificateStructure( + Asn1Sequence seq) + { + if (seq.Count != 3) + throw new ArgumentException("sequence wrong size for a certificate", "seq"); + + // + // correct x509 certficate + // + tbsCert = TbsCertificateStructure.GetInstance(seq[0]); + sigAlgID = AlgorithmIdentifier.GetInstance(seq[1]); + sig = DerBitString.GetInstance(seq[2]); + } + + public TbsCertificateStructure TbsCertificate + { + get { return tbsCert; } + } + + public int Version + { + get { return tbsCert.Version; } + } + + public DerInteger SerialNumber + { + get { return tbsCert.SerialNumber; } + } + + public X509Name Issuer + { + get { return tbsCert.Issuer; } + } + + public Time StartDate + { + get { return tbsCert.StartDate; } + } + + public Time EndDate + { + get { return tbsCert.EndDate; } + } + + public X509Name Subject + { + get { return tbsCert.Subject; } + } + + public SubjectPublicKeyInfo SubjectPublicKeyInfo + { + get { return tbsCert.SubjectPublicKeyInfo; } + } + + public AlgorithmIdentifier SignatureAlgorithm + { + get { return sigAlgID; } + } + + public DerBitString Signature + { + get { return sig; } + } + + public byte[] GetSignatureOctets() + { + return sig.GetOctets(); + } + + public override Asn1Object ToAsn1Object() + { + return new DerSequence(tbsCert, sigAlgID, sig); + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/x509/X509DefaultEntryConverter.cs b/BouncyCastle/crypto/src/asn1/x509/X509DefaultEntryConverter.cs new file mode 100644 index 0000000..7282ead --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/x509/X509DefaultEntryConverter.cs @@ -0,0 +1,63 @@ +using System; +using System.IO; + +namespace Org.BouncyCastle.Asn1.X509 +{ + /** + * The default converter for X509 DN entries when going from their + * string value to ASN.1 strings. + */ + public class X509DefaultEntryConverter + : X509NameEntryConverter + { + /** + * Apply default conversion for the given value depending on the oid + * and the character range of the value. + * + * @param oid the object identifier for the DN entry + * @param value the value associated with it + * @return the ASN.1 equivalent for the string value. + */ + public override Asn1Object GetConvertedValue( + DerObjectIdentifier oid, + string value) + { + if (value.Length != 0 && value[0] == '#') + { + try + { + return ConvertHexEncoded(value, 1); + } + catch (IOException) + { + throw new Exception("can't recode value for oid " + oid.Id); + } + } + + if (value.Length != 0 && value[0] == '\\') + { + value = value.Substring(1); + } + + if (oid.Equals(X509Name.EmailAddress) || oid.Equals(X509Name.DC)) + { + return new DerIA5String(value); + } + + if (oid.Equals(X509Name.DateOfBirth)) // accept time string as well as # (for compatibility) + { + return new DerGeneralizedTime(value); + } + + if (oid.Equals(X509Name.C) + || oid.Equals(X509Name.SerialNumber) + || oid.Equals(X509Name.DnQualifier) + || oid.Equals(X509Name.TelephoneNumber)) + { + return new DerPrintableString(value); + } + + return new DerUtf8String(value); + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/x509/X509Extension.cs b/BouncyCastle/crypto/src/asn1/x509/X509Extension.cs new file mode 100644 index 0000000..430ce44 --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/x509/X509Extension.cs @@ -0,0 +1,79 @@ +using System; + +namespace Org.BouncyCastle.Asn1.X509 +{ + /** + * an object for the elements in the X.509 V3 extension block. + */ + public class X509Extension + { + internal bool critical; + internal Asn1OctetString value; + + public X509Extension( + DerBoolean critical, + Asn1OctetString value) + { + if (critical == null) + { + throw new ArgumentNullException("critical"); + } + + this.critical = critical.IsTrue; + this.value = value; + } + + public X509Extension( + bool critical, + Asn1OctetString value) + { + this.critical = critical; + this.value = value; + } + + public bool IsCritical { get { return critical; } } + + public Asn1OctetString Value { get { return value; } } + + public Asn1Encodable GetParsedValue() + { + return ConvertValueToObject(this); + } + + public override int GetHashCode() + { + int vh = this.Value.GetHashCode(); + + return IsCritical ? vh : ~vh; + } + + public override bool Equals( + object obj) + { + X509Extension other = obj as X509Extension; + if (other == null) + { + return false; + } + + return Value.Equals(other.Value) && IsCritical == other.IsCritical; + } + + /// Convert the value of the passed in extension to an object. + /// The extension to parse. + /// The object the value string contains. + /// If conversion is not possible. + public static Asn1Object ConvertValueToObject( + X509Extension ext) + { + try + { + return Asn1Object.FromByteArray(ext.Value.GetOctets()); + } + catch (Exception e) + { + throw new ArgumentException("can't convert extension", e); + } + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/x509/X509Extensions.cs b/BouncyCastle/crypto/src/asn1/x509/X509Extensions.cs new file mode 100644 index 0000000..42121fa --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/x509/X509Extensions.cs @@ -0,0 +1,482 @@ +using System; +using System.Collections; + +using Org.BouncyCastle.Utilities; +using Org.BouncyCastle.Utilities.Collections; + +namespace Org.BouncyCastle.Asn1.X509 +{ + public class X509Extensions + : Asn1Encodable + { + /** + * Subject Directory Attributes + */ + public static readonly DerObjectIdentifier SubjectDirectoryAttributes = new DerObjectIdentifier("2.5.29.9"); + + /** + * Subject Key Identifier + */ + public static readonly DerObjectIdentifier SubjectKeyIdentifier = new DerObjectIdentifier("2.5.29.14"); + + /** + * Key Usage + */ + public static readonly DerObjectIdentifier KeyUsage = new DerObjectIdentifier("2.5.29.15"); + + /** + * Private Key Usage Period + */ + public static readonly DerObjectIdentifier PrivateKeyUsagePeriod = new DerObjectIdentifier("2.5.29.16"); + + /** + * Subject Alternative Name + */ + public static readonly DerObjectIdentifier SubjectAlternativeName = new DerObjectIdentifier("2.5.29.17"); + + /** + * Issuer Alternative Name + */ + public static readonly DerObjectIdentifier IssuerAlternativeName = new DerObjectIdentifier("2.5.29.18"); + + /** + * Basic Constraints + */ + public static readonly DerObjectIdentifier BasicConstraints = new DerObjectIdentifier("2.5.29.19"); + + /** + * CRL Number + */ + public static readonly DerObjectIdentifier CrlNumber = new DerObjectIdentifier("2.5.29.20"); + + /** + * Reason code + */ + public static readonly DerObjectIdentifier ReasonCode = new DerObjectIdentifier("2.5.29.21"); + + /** + * Hold Instruction Code + */ + public static readonly DerObjectIdentifier InstructionCode = new DerObjectIdentifier("2.5.29.23"); + + /** + * Invalidity Date + */ + public static readonly DerObjectIdentifier InvalidityDate = new DerObjectIdentifier("2.5.29.24"); + + /** + * Delta CRL indicator + */ + public static readonly DerObjectIdentifier DeltaCrlIndicator = new DerObjectIdentifier("2.5.29.27"); + + /** + * Issuing Distribution Point + */ + public static readonly DerObjectIdentifier IssuingDistributionPoint = new DerObjectIdentifier("2.5.29.28"); + + /** + * Certificate Issuer + */ + public static readonly DerObjectIdentifier CertificateIssuer = new DerObjectIdentifier("2.5.29.29"); + + /** + * Name Constraints + */ + public static readonly DerObjectIdentifier NameConstraints = new DerObjectIdentifier("2.5.29.30"); + + /** + * CRL Distribution Points + */ + public static readonly DerObjectIdentifier CrlDistributionPoints = new DerObjectIdentifier("2.5.29.31"); + + /** + * Certificate Policies + */ + public static readonly DerObjectIdentifier CertificatePolicies = new DerObjectIdentifier("2.5.29.32"); + + /** + * Policy Mappings + */ + public static readonly DerObjectIdentifier PolicyMappings = new DerObjectIdentifier("2.5.29.33"); + + /** + * Authority Key Identifier + */ + public static readonly DerObjectIdentifier AuthorityKeyIdentifier = new DerObjectIdentifier("2.5.29.35"); + + /** + * Policy Constraints + */ + public static readonly DerObjectIdentifier PolicyConstraints = new DerObjectIdentifier("2.5.29.36"); + + /** + * Extended Key Usage + */ + public static readonly DerObjectIdentifier ExtendedKeyUsage = new DerObjectIdentifier("2.5.29.37"); + + /** + * Freshest CRL + */ + public static readonly DerObjectIdentifier FreshestCrl = new DerObjectIdentifier("2.5.29.46"); + + /** + * Inhibit Any Policy + */ + public static readonly DerObjectIdentifier InhibitAnyPolicy = new DerObjectIdentifier("2.5.29.54"); + + /** + * Authority Info Access + */ + public static readonly DerObjectIdentifier AuthorityInfoAccess = new DerObjectIdentifier("1.3.6.1.5.5.7.1.1"); + + /** + * Subject Info Access + */ + public static readonly DerObjectIdentifier SubjectInfoAccess = new DerObjectIdentifier("1.3.6.1.5.5.7.1.11"); + + /** + * Logo Type + */ + public static readonly DerObjectIdentifier LogoType = new DerObjectIdentifier("1.3.6.1.5.5.7.1.12"); + + /** + * BiometricInfo + */ + public static readonly DerObjectIdentifier BiometricInfo = new DerObjectIdentifier("1.3.6.1.5.5.7.1.2"); + + /** + * QCStatements + */ + public static readonly DerObjectIdentifier QCStatements = new DerObjectIdentifier("1.3.6.1.5.5.7.1.3"); + + /** + * Audit identity extension in attribute certificates. + */ + public static readonly DerObjectIdentifier AuditIdentity = new DerObjectIdentifier("1.3.6.1.5.5.7.1.4"); + + /** + * NoRevAvail extension in attribute certificates. + */ + public static readonly DerObjectIdentifier NoRevAvail = new DerObjectIdentifier("2.5.29.56"); + + /** + * TargetInformation extension in attribute certificates. + */ + public static readonly DerObjectIdentifier TargetInformation = new DerObjectIdentifier("2.5.29.55"); + + /** + * Expired Certificates on CRL extension + */ + public static readonly DerObjectIdentifier ExpiredCertsOnCrl = new DerObjectIdentifier("2.5.29.60"); + + private readonly IDictionary extensions = Platform.CreateHashtable(); + private readonly IList ordering; + + public static X509Extension GetExtension(X509Extensions extensions, DerObjectIdentifier oid) + { + return null == extensions ? null : extensions.GetExtension(oid); + } + + public static Asn1Encodable GetExtensionParsedValue(X509Extensions extensions, DerObjectIdentifier oid) + { + return null == extensions ? null : extensions.GetExtensionParsedValue(oid); + } + + public static X509Extensions GetInstance( + Asn1TaggedObject obj, + bool explicitly) + { + return GetInstance(Asn1Sequence.GetInstance(obj, explicitly)); + } + + public static X509Extensions GetInstance( + object obj) + { + if (obj == null || obj is X509Extensions) + { + return (X509Extensions) obj; + } + + if (obj is Asn1Sequence) + { + return new X509Extensions((Asn1Sequence) obj); + } + + if (obj is Asn1TaggedObject) + { + return GetInstance(((Asn1TaggedObject) obj).GetObject()); + } + + throw new ArgumentException("unknown object in factory: " + Platform.GetTypeName(obj), "obj"); + } + + /** + * Constructor from Asn1Sequence. + * + * the extensions are a list of constructed sequences, either with (Oid, OctetString) or (Oid, Boolean, OctetString) + */ + private X509Extensions( + Asn1Sequence seq) + { + this.ordering = Platform.CreateArrayList(); + + foreach (Asn1Encodable ae in seq) + { + Asn1Sequence s = Asn1Sequence.GetInstance(ae.ToAsn1Object()); + + if (s.Count < 2 || s.Count > 3) + throw new ArgumentException("Bad sequence size: " + s.Count); + + DerObjectIdentifier oid = DerObjectIdentifier.GetInstance(s[0].ToAsn1Object()); + + bool isCritical = s.Count == 3 + && DerBoolean.GetInstance(s[1].ToAsn1Object()).IsTrue; + + Asn1OctetString octets = Asn1OctetString.GetInstance(s[s.Count - 1].ToAsn1Object()); + + if (extensions.Contains(oid)) + throw new ArgumentException("repeated extension found: " + oid); + + extensions.Add(oid, new X509Extension(isCritical, octets)); + ordering.Add(oid); + } + } + + /** + * constructor from a table of extensions. + *

+ * it's is assumed the table contains Oid/string pairs.

+ */ + public X509Extensions( + IDictionary extensions) + : this(null, extensions) + { + } + + /** + * Constructor from a table of extensions with ordering. + *

+ * It's is assumed the table contains Oid/string pairs.

+ */ + public X509Extensions( + IList ordering, + IDictionary extensions) + { + if (ordering == null) + { + this.ordering = Platform.CreateArrayList(extensions.Keys); + } + else + { + this.ordering = Platform.CreateArrayList(ordering); + } + + foreach (DerObjectIdentifier oid in this.ordering) + { + this.extensions.Add(oid, (X509Extension)extensions[oid]); + } + } + + /** + * Constructor from two vectors + * + * @param objectIDs an ArrayList of the object identifiers. + * @param values an ArrayList of the extension values. + */ + public X509Extensions( + IList oids, + IList values) + { + this.ordering = Platform.CreateArrayList(oids); + + int count = 0; + foreach (DerObjectIdentifier oid in this.ordering) + { + this.extensions.Add(oid, (X509Extension)values[count++]); + } + } + +#if !(SILVERLIGHT || PORTABLE) + /** + * constructor from a table of extensions. + *

+ * it's is assumed the table contains Oid/string pairs.

+ */ + [Obsolete] + public X509Extensions( + Hashtable extensions) + : this(null, extensions) + { + } + + /** + * Constructor from a table of extensions with ordering. + *

+ * It's is assumed the table contains Oid/string pairs.

+ */ + [Obsolete] + public X509Extensions( + ArrayList ordering, + Hashtable extensions) + { + if (ordering == null) + { + this.ordering = Platform.CreateArrayList(extensions.Keys); + } + else + { + this.ordering = Platform.CreateArrayList(ordering); + } + + foreach (DerObjectIdentifier oid in this.ordering) + { + this.extensions.Add(oid, (X509Extension) extensions[oid]); + } + } + + /** + * Constructor from two vectors + * + * @param objectIDs an ArrayList of the object identifiers. + * @param values an ArrayList of the extension values. + */ + [Obsolete] + public X509Extensions( + ArrayList oids, + ArrayList values) + { + this.ordering = Platform.CreateArrayList(oids); + + int count = 0; + foreach (DerObjectIdentifier oid in this.ordering) + { + this.extensions.Add(oid, (X509Extension) values[count++]); + } + } +#endif + + [Obsolete("Use ExtensionOids IEnumerable property")] + public IEnumerator Oids() + { + return ExtensionOids.GetEnumerator(); + } + + /** + * return an Enumeration of the extension field's object ids. + */ + public IEnumerable ExtensionOids + { + get { return new EnumerableProxy(ordering); } + } + + /** + * return the extension represented by the object identifier + * passed in. + * + * @return the extension if it's present, null otherwise. + */ + public X509Extension GetExtension( + DerObjectIdentifier oid) + { + return (X509Extension)extensions[oid]; + } + + /** + * return the parsed value of the extension represented by the object identifier + * passed in. + * + * @return the parsed value of the extension if it's present, null otherwise. + */ + public Asn1Encodable GetExtensionParsedValue(DerObjectIdentifier oid) + { + X509Extension ext = GetExtension(oid); + + return ext == null ? null : ext.GetParsedValue(); + } + + /** + * 
+		 *     Extensions        ::=   SEQUENCE SIZE (1..MAX) OF Extension
+		 *
+		 *     Extension         ::=   SEQUENCE {
+		 *        extnId            EXTENSION.&id ({ExtensionSet}),
+		 *        critical          BOOLEAN DEFAULT FALSE,
+		 *        extnValue         OCTET STRING }
+		 *
+ */ + public override Asn1Object ToAsn1Object() + { + Asn1EncodableVector vec = new Asn1EncodableVector(); + + foreach (DerObjectIdentifier oid in ordering) + { + X509Extension ext = (X509Extension) extensions[oid]; + Asn1EncodableVector v = new Asn1EncodableVector(oid); + + if (ext.IsCritical) + { + v.Add(DerBoolean.True); + } + + v.Add(ext.Value); + + vec.Add(new DerSequence(v)); + } + + return new DerSequence(vec); + } + + public bool Equivalent( + X509Extensions other) + { + if (extensions.Count != other.extensions.Count) + return false; + + foreach (DerObjectIdentifier oid in extensions.Keys) + { + if (!extensions[oid].Equals(other.extensions[oid])) + return false; + } + + return true; + } + + public DerObjectIdentifier[] GetExtensionOids() + { + return ToOidArray(ordering); + } + + public DerObjectIdentifier[] GetNonCriticalExtensionOids() + { + return GetExtensionOids(false); + } + + public DerObjectIdentifier[] GetCriticalExtensionOids() + { + return GetExtensionOids(true); + } + + private DerObjectIdentifier[] GetExtensionOids(bool isCritical) + { + IList oids = Platform.CreateArrayList(); + + foreach (DerObjectIdentifier oid in this.ordering) + { + X509Extension ext = (X509Extension)extensions[oid]; + if (ext.IsCritical == isCritical) + { + oids.Add(oid); + } + } + + return ToOidArray(oids); + } + + private static DerObjectIdentifier[] ToOidArray(IList oids) + { + DerObjectIdentifier[] oidArray = new DerObjectIdentifier[oids.Count]; + oids.CopyTo(oidArray, 0); + return oidArray; + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/x509/X509ExtensionsGenerator.cs b/BouncyCastle/crypto/src/asn1/x509/X509ExtensionsGenerator.cs new file mode 100644 index 0000000..3b952ff --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/x509/X509ExtensionsGenerator.cs @@ -0,0 +1,137 @@ +using System; +using System.Collections; + +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Asn1.X509 +{ + /// Generator for X.509 extensions + public class X509ExtensionsGenerator + { + private IDictionary extensions = Platform.CreateHashtable(); + private IList extOrdering = Platform.CreateArrayList(); + + private static readonly IDictionary dupsAllowed = Platform.CreateHashtable(); + + static X509ExtensionsGenerator() + { + dupsAllowed.Add(X509Extensions.SubjectAlternativeName, true); + dupsAllowed.Add(X509Extensions.IssuerAlternativeName, true); + dupsAllowed.Add(X509Extensions.SubjectDirectoryAttributes, true); + dupsAllowed.Add(X509Extensions.CertificateIssuer, true); + + } + + + + /// Reset the generator + public void Reset() + { + extensions = Platform.CreateHashtable(); + extOrdering = Platform.CreateArrayList(); + } + + /// + /// Add an extension with the given oid and the passed in value to be included + /// in the OCTET STRING associated with the extension. + /// + /// OID for the extension. + /// True if critical, false otherwise. + /// The ASN.1 object to be included in the extension. + public void AddExtension( + DerObjectIdentifier oid, + bool critical, + Asn1Encodable extValue) + { + byte[] encoded; + try + { + encoded = extValue.GetDerEncoded(); + } + catch (Exception e) + { + throw new ArgumentException("error encoding value: " + e); + } + + this.AddExtension(oid, critical, encoded); + } + + /// + /// Add an extension with the given oid and the passed in byte array to be wrapped + /// in the OCTET STRING associated with the extension. + /// + /// OID for the extension. + /// True if critical, false otherwise. + /// The byte array to be wrapped. + public void AddExtension( + DerObjectIdentifier oid, + bool critical, + byte[] extValue) + { + if (extensions.Contains(oid)) + { + if (dupsAllowed.Contains(oid)) + { + X509Extension existingExtension = (X509Extension)extensions[oid]; + + Asn1Sequence seq1 = Asn1Sequence.GetInstance(DerOctetString.GetInstance(existingExtension.Value).GetOctets()); + Asn1EncodableVector items = Asn1EncodableVector.FromEnumerable(seq1); + Asn1Sequence seq2 = Asn1Sequence.GetInstance(extValue); + + foreach (Asn1Encodable enc in seq2) + { + items.Add(enc); + } + + extensions[oid] = new X509Extension(existingExtension.IsCritical, new DerOctetString(new DerSequence(items).GetEncoded())); + + } + else + { + throw new ArgumentException("extension " + oid + " already added"); + } + } + else + { + extOrdering.Add(oid); + extensions.Add(oid, new X509Extension(critical, new DerOctetString(extValue))); + } + } + + public void AddExtensions(X509Extensions extensions) + { + foreach (DerObjectIdentifier ident in extensions.ExtensionOids) + { + X509Extension ext = extensions.GetExtension(ident); + AddExtension(ident, ext.critical, ext.Value.GetOctets()); + } + } + + + + /// Return true if there are no extension present in this generator. + /// True if empty, false otherwise + public bool IsEmpty + { + get { return extOrdering.Count < 1; } + } + + /// Generate an X509Extensions object based on the current state of the generator. + /// An X509Extensions object + public X509Extensions Generate() + { + return new X509Extensions(extOrdering, extensions); + } + + internal void AddExtension(DerObjectIdentifier oid, X509Extension x509Extension) + { + if (extensions.Contains(oid)) + { + throw new ArgumentException("extension " + oid + " already added"); + } + + extOrdering.Add(oid); + extensions.Add(oid, x509Extension); + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/x509/X509Name.cs b/BouncyCastle/crypto/src/asn1/x509/X509Name.cs new file mode 100644 index 0000000..bd8f9fb --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/x509/X509Name.cs @@ -0,0 +1,1080 @@ +using System; +using System.Collections; +using System.IO; +using System.Text; + +#if SILVERLIGHT || PORTABLE +using System.Collections.Generic; +#endif + +using Org.BouncyCastle.Asn1.Pkcs; +using Org.BouncyCastle.Utilities; +using Org.BouncyCastle.Utilities.Encoders; + +namespace Org.BouncyCastle.Asn1.X509 +{ + /** + * 
+    *     RDNSequence ::= SEQUENCE OF RelativeDistinguishedName
+    *
+    *     RelativeDistinguishedName ::= SET SIZE (1..MAX) OF AttributeTypeAndValue
+    *
+    *     AttributeTypeAndValue ::= SEQUENCE {
+    *                                   type  OBJECT IDENTIFIER,
+    *                                   value ANY }
+    *
+ */ + public class X509Name + : Asn1Encodable + { + /** + * country code - StringType(SIZE(2)) + */ + public static readonly DerObjectIdentifier C = new DerObjectIdentifier("2.5.4.6"); + + /** + * organization - StringType(SIZE(1..64)) + */ + public static readonly DerObjectIdentifier O = new DerObjectIdentifier("2.5.4.10"); + + /** + * organizational unit name - StringType(SIZE(1..64)) + */ + public static readonly DerObjectIdentifier OU = new DerObjectIdentifier("2.5.4.11"); + + /** + * Title + */ + public static readonly DerObjectIdentifier T = new DerObjectIdentifier("2.5.4.12"); + + /** + * common name - StringType(SIZE(1..64)) + */ + public static readonly DerObjectIdentifier CN = new DerObjectIdentifier("2.5.4.3"); + + /** + * street - StringType(SIZE(1..64)) + */ + public static readonly DerObjectIdentifier Street = new DerObjectIdentifier("2.5.4.9"); + + /** + * device serial number name - StringType(SIZE(1..64)) + */ + public static readonly DerObjectIdentifier SerialNumber = new DerObjectIdentifier("2.5.4.5"); + + /** + * locality name - StringType(SIZE(1..64)) + */ + public static readonly DerObjectIdentifier L = new DerObjectIdentifier("2.5.4.7"); + + /** + * state, or province name - StringType(SIZE(1..64)) + */ + public static readonly DerObjectIdentifier ST = new DerObjectIdentifier("2.5.4.8"); + + /** + * Naming attributes of type X520name + */ + public static readonly DerObjectIdentifier Surname = new DerObjectIdentifier("2.5.4.4"); + public static readonly DerObjectIdentifier GivenName = new DerObjectIdentifier("2.5.4.42"); + public static readonly DerObjectIdentifier Initials = new DerObjectIdentifier("2.5.4.43"); + public static readonly DerObjectIdentifier Generation = new DerObjectIdentifier("2.5.4.44"); + public static readonly DerObjectIdentifier UniqueIdentifier = new DerObjectIdentifier("2.5.4.45"); + + /** + * businessCategory - DirectoryString(SIZE(1..128) + */ + public static readonly DerObjectIdentifier BusinessCategory = new DerObjectIdentifier( + "2.5.4.15"); + + /** + * postalCode - DirectoryString(SIZE(1..40) + */ + public static readonly DerObjectIdentifier PostalCode = new DerObjectIdentifier( + "2.5.4.17"); + + /** + * dnQualifier - DirectoryString(SIZE(1..64) + */ + public static readonly DerObjectIdentifier DnQualifier = new DerObjectIdentifier( + "2.5.4.46"); + + /** + * RFC 3039 Pseudonym - DirectoryString(SIZE(1..64) + */ + public static readonly DerObjectIdentifier Pseudonym = new DerObjectIdentifier( + "2.5.4.65"); + + /** + * RFC 3039 DateOfBirth - GeneralizedTime - YYYYMMDD000000Z + */ + public static readonly DerObjectIdentifier DateOfBirth = new DerObjectIdentifier( + "1.3.6.1.5.5.7.9.1"); + + /** + * RFC 3039 PlaceOfBirth - DirectoryString(SIZE(1..128) + */ + public static readonly DerObjectIdentifier PlaceOfBirth = new DerObjectIdentifier( + "1.3.6.1.5.5.7.9.2"); + + /** + * RFC 3039 DateOfBirth - PrintableString (SIZE(1)) -- "M", "F", "m" or "f" + */ + public static readonly DerObjectIdentifier Gender = new DerObjectIdentifier( + "1.3.6.1.5.5.7.9.3"); + + /** + * RFC 3039 CountryOfCitizenship - PrintableString (SIZE (2)) -- ISO 3166 + * codes only + */ + public static readonly DerObjectIdentifier CountryOfCitizenship = new DerObjectIdentifier( + "1.3.6.1.5.5.7.9.4"); + + /** + * RFC 3039 CountryOfCitizenship - PrintableString (SIZE (2)) -- ISO 3166 + * codes only + */ + public static readonly DerObjectIdentifier CountryOfResidence = new DerObjectIdentifier( + "1.3.6.1.5.5.7.9.5"); + + /** + * ISIS-MTT NameAtBirth - DirectoryString(SIZE(1..64) + */ + public static readonly DerObjectIdentifier NameAtBirth = new DerObjectIdentifier("1.3.36.8.3.14"); + + /** + * RFC 3039 PostalAddress - SEQUENCE SIZE (1..6) OF + * DirectoryString(SIZE(1..30)) + */ + public static readonly DerObjectIdentifier PostalAddress = new DerObjectIdentifier("2.5.4.16"); + + /** + * RFC 2256 dmdName + */ + public static readonly DerObjectIdentifier DmdName = new DerObjectIdentifier("2.5.4.54"); + + /** + * id-at-telephoneNumber + */ + public static readonly DerObjectIdentifier TelephoneNumber = X509ObjectIdentifiers.id_at_telephoneNumber; + + /** + * id-at-organizationIdentifier + */ + public static readonly DerObjectIdentifier OrganizationIdentifier = X509ObjectIdentifiers.id_at_organizationIdentifier; + + /** + * id-at-name + */ + public static readonly DerObjectIdentifier Name = X509ObjectIdentifiers.id_at_name; + + /** + * Email address (RSA PKCS#9 extension) - IA5String. + *

Note: if you're trying to be ultra orthodox, don't use this! It shouldn't be in here.

+ */ + public static readonly DerObjectIdentifier EmailAddress = PkcsObjectIdentifiers.Pkcs9AtEmailAddress; + + /** + * more from PKCS#9 + */ + public static readonly DerObjectIdentifier UnstructuredName = PkcsObjectIdentifiers.Pkcs9AtUnstructuredName; + public static readonly DerObjectIdentifier UnstructuredAddress = PkcsObjectIdentifiers.Pkcs9AtUnstructuredAddress; + + /** + * email address in Verisign certificates + */ + public static readonly DerObjectIdentifier E = EmailAddress; + + /* + * others... + */ + public static readonly DerObjectIdentifier DC = new DerObjectIdentifier("0.9.2342.19200300.100.1.25"); + + /** + * LDAP User id. + */ + public static readonly DerObjectIdentifier UID = new DerObjectIdentifier("0.9.2342.19200300.100.1.1"); + + /** + * determines whether or not strings should be processed and printed + * from back to front. + */ +// public static bool DefaultReverse = false; + public static bool DefaultReverse + { + get { return defaultReverse[0]; } + set { defaultReverse[0] = value; } + } + + private static readonly bool[] defaultReverse = { false }; + +#if SILVERLIGHT || PORTABLE + /** + * default look up table translating OID values into their common symbols following + * the convention in RFC 2253 with a few extras + */ + public static readonly IDictionary DefaultSymbols = Platform.CreateHashtable(); + + /** + * look up table translating OID values into their common symbols following the convention in RFC 2253 + */ + public static readonly IDictionary RFC2253Symbols = Platform.CreateHashtable(); + + /** + * look up table translating OID values into their common symbols following the convention in RFC 1779 + * + */ + public static readonly IDictionary RFC1779Symbols = Platform.CreateHashtable(); + + /** + * look up table translating common symbols into their OIDS. + */ + public static readonly IDictionary DefaultLookup = Platform.CreateHashtable(); +#else + /** + * default look up table translating OID values into their common symbols following + * the convention in RFC 2253 with a few extras + */ + public static readonly Hashtable DefaultSymbols = new Hashtable(); + + /** + * look up table translating OID values into their common symbols following the convention in RFC 2253 + */ + public static readonly Hashtable RFC2253Symbols = new Hashtable(); + + /** + * look up table translating OID values into their common symbols following the convention in RFC 1779 + * + */ + public static readonly Hashtable RFC1779Symbols = new Hashtable(); + + /** + * look up table translating common symbols into their OIDS. + */ + public static readonly Hashtable DefaultLookup = new Hashtable(); +#endif + + static X509Name() + { + DefaultSymbols.Add(C, "C"); + DefaultSymbols.Add(O, "O"); + DefaultSymbols.Add(T, "T"); + DefaultSymbols.Add(OU, "OU"); + DefaultSymbols.Add(CN, "CN"); + DefaultSymbols.Add(L, "L"); + DefaultSymbols.Add(ST, "ST"); + DefaultSymbols.Add(SerialNumber, "SERIALNUMBER"); + DefaultSymbols.Add(EmailAddress, "E"); + DefaultSymbols.Add(DC, "DC"); + DefaultSymbols.Add(UID, "UID"); + DefaultSymbols.Add(Street, "STREET"); + DefaultSymbols.Add(Surname, "SURNAME"); + DefaultSymbols.Add(GivenName, "GIVENNAME"); + DefaultSymbols.Add(Initials, "INITIALS"); + DefaultSymbols.Add(Generation, "GENERATION"); + DefaultSymbols.Add(UnstructuredAddress, "unstructuredAddress"); + DefaultSymbols.Add(UnstructuredName, "unstructuredName"); + DefaultSymbols.Add(UniqueIdentifier, "UniqueIdentifier"); + DefaultSymbols.Add(DnQualifier, "DN"); + DefaultSymbols.Add(Pseudonym, "Pseudonym"); + DefaultSymbols.Add(PostalAddress, "PostalAddress"); + DefaultSymbols.Add(NameAtBirth, "NameAtBirth"); + DefaultSymbols.Add(CountryOfCitizenship, "CountryOfCitizenship"); + DefaultSymbols.Add(CountryOfResidence, "CountryOfResidence"); + DefaultSymbols.Add(Gender, "Gender"); + DefaultSymbols.Add(PlaceOfBirth, "PlaceOfBirth"); + DefaultSymbols.Add(DateOfBirth, "DateOfBirth"); + DefaultSymbols.Add(PostalCode, "PostalCode"); + DefaultSymbols.Add(BusinessCategory, "BusinessCategory"); + DefaultSymbols.Add(TelephoneNumber, "TelephoneNumber"); + + RFC2253Symbols.Add(C, "C"); + RFC2253Symbols.Add(O, "O"); + RFC2253Symbols.Add(OU, "OU"); + RFC2253Symbols.Add(CN, "CN"); + RFC2253Symbols.Add(L, "L"); + RFC2253Symbols.Add(ST, "ST"); + RFC2253Symbols.Add(Street, "STREET"); + RFC2253Symbols.Add(DC, "DC"); + RFC2253Symbols.Add(UID, "UID"); + + RFC1779Symbols.Add(C, "C"); + RFC1779Symbols.Add(O, "O"); + RFC1779Symbols.Add(OU, "OU"); + RFC1779Symbols.Add(CN, "CN"); + RFC1779Symbols.Add(L, "L"); + RFC1779Symbols.Add(ST, "ST"); + RFC1779Symbols.Add(Street, "STREET"); + + DefaultLookup.Add("c", C); + DefaultLookup.Add("o", O); + DefaultLookup.Add("t", T); + DefaultLookup.Add("ou", OU); + DefaultLookup.Add("cn", CN); + DefaultLookup.Add("l", L); + DefaultLookup.Add("st", ST); + DefaultLookup.Add("serialnumber", SerialNumber); + DefaultLookup.Add("street", Street); + DefaultLookup.Add("emailaddress", E); + DefaultLookup.Add("dc", DC); + DefaultLookup.Add("e", E); + DefaultLookup.Add("uid", UID); + DefaultLookup.Add("surname", Surname); + DefaultLookup.Add("givenname", GivenName); + DefaultLookup.Add("initials", Initials); + DefaultLookup.Add("generation", Generation); + DefaultLookup.Add("unstructuredaddress", UnstructuredAddress); + DefaultLookup.Add("unstructuredname", UnstructuredName); + DefaultLookup.Add("uniqueidentifier", UniqueIdentifier); + DefaultLookup.Add("dn", DnQualifier); + DefaultLookup.Add("pseudonym", Pseudonym); + DefaultLookup.Add("postaladdress", PostalAddress); + DefaultLookup.Add("nameofbirth", NameAtBirth); + DefaultLookup.Add("countryofcitizenship", CountryOfCitizenship); + DefaultLookup.Add("countryofresidence", CountryOfResidence); + DefaultLookup.Add("gender", Gender); + DefaultLookup.Add("placeofbirth", PlaceOfBirth); + DefaultLookup.Add("dateofbirth", DateOfBirth); + DefaultLookup.Add("postalcode", PostalCode); + DefaultLookup.Add("businesscategory", BusinessCategory); + DefaultLookup.Add("telephonenumber", TelephoneNumber); + } + + private readonly IList ordering = Platform.CreateArrayList(); + private readonly X509NameEntryConverter converter; + + private IList values = Platform.CreateArrayList(); + private IList added = Platform.CreateArrayList(); + private Asn1Sequence seq; + + /** + * Return a X509Name based on the passed in tagged object. + * + * @param obj tag object holding name. + * @param explicitly true if explicitly tagged false otherwise. + * @return the X509Name + */ + public static X509Name GetInstance( + Asn1TaggedObject obj, + bool explicitly) + { + return GetInstance(Asn1Sequence.GetInstance(obj, explicitly)); + } + + public static X509Name GetInstance( + object obj) + { + if (obj is X509Name) + return (X509Name)obj; + if (obj == null) + return null; + return new X509Name(Asn1Sequence.GetInstance(obj)); + } + + protected X509Name() + { + } + + /** + * Constructor from Asn1Sequence + * + * the principal will be a list of constructed sets, each containing an (OID, string) pair. + */ + protected X509Name( + Asn1Sequence seq) + { + this.seq = seq; + + foreach (Asn1Encodable asn1Obj in seq) + { + Asn1Set asn1Set = Asn1Set.GetInstance(asn1Obj.ToAsn1Object()); + + for (int i = 0; i < asn1Set.Count; i++) + { + Asn1Sequence s = Asn1Sequence.GetInstance(asn1Set[i].ToAsn1Object()); + + if (s.Count != 2) + throw new ArgumentException("badly sized pair"); + + ordering.Add(DerObjectIdentifier.GetInstance(s[0].ToAsn1Object())); + + Asn1Object derValue = s[1].ToAsn1Object(); + if (derValue is IAsn1String && !(derValue is DerUniversalString)) + { + string v = ((IAsn1String)derValue).GetString(); + if (Platform.StartsWith(v, "#")) + { + v = "\\" + v; + } + + values.Add(v); + } + else + { + values.Add("#" + Hex.ToHexString(derValue.GetEncoded())); + } + + added.Add(i != 0); + } + } + } + + /** + * Constructor from a table of attributes with ordering. + *

+ * it's is assumed the table contains OID/string pairs, and the contents + * of the table are copied into an internal table as part of the + * construction process. The ordering ArrayList should contain the OIDs + * in the order they are meant to be encoded or printed in ToString.

+ */ + public X509Name( + IList ordering, + IDictionary attributes) + : this(ordering, attributes, new X509DefaultEntryConverter()) + { + } + + /** + * Constructor from a table of attributes with ordering. + *

+ * it's is assumed the table contains OID/string pairs, and the contents + * of the table are copied into an internal table as part of the + * construction process. The ordering ArrayList should contain the OIDs + * in the order they are meant to be encoded or printed in ToString.

+ *

+ * The passed in converter will be used to convert the strings into their + * ASN.1 counterparts.

+ */ + public X509Name( + IList ordering, + IDictionary attributes, + X509NameEntryConverter converter) + { + this.converter = converter; + + foreach (DerObjectIdentifier oid in ordering) + { + object attribute = attributes[oid]; + if (attribute == null) + { + throw new ArgumentException("No attribute for object id - " + oid + " - passed to distinguished name"); + } + + this.ordering.Add(oid); + this.added.Add(false); + this.values.Add(attribute); // copy the hash table + } + } + + /** + * Takes two vectors one of the oids and the other of the values. + */ + public X509Name( + IList oids, + IList values) + : this(oids, values, new X509DefaultEntryConverter()) + { + } + + /** + * Takes two vectors one of the oids and the other of the values. + *

+ * The passed in converter will be used to convert the strings into their + * ASN.1 counterparts.

+ */ + public X509Name( + IList oids, + IList values, + X509NameEntryConverter converter) + { + this.converter = converter; + + if (oids.Count != values.Count) + { + throw new ArgumentException("'oids' must be same length as 'values'."); + } + + for (int i = 0; i < oids.Count; i++) + { + this.ordering.Add(oids[i]); + this.values.Add(values[i]); + this.added.Add(false); + } + } + + /** + * Takes an X509 dir name as a string of the format "C=AU, ST=Victoria", or + * some such, converting it into an ordered set of name attributes. + */ + public X509Name( + string dirName) + : this(DefaultReverse, (IDictionary)DefaultLookup, dirName) + { + } + + /** + * Takes an X509 dir name as a string of the format "C=AU, ST=Victoria", or + * some such, converting it into an ordered set of name attributes with each + * string value being converted to its associated ASN.1 type using the passed + * in converter. + */ + public X509Name( + string dirName, + X509NameEntryConverter converter) + : this(DefaultReverse, DefaultLookup, dirName, converter) + { + } + + /** + * Takes an X509 dir name as a string of the format "C=AU, ST=Victoria", or + * some such, converting it into an ordered set of name attributes. If reverse + * is true, create the encoded version of the sequence starting from the + * last element in the string. + */ + public X509Name( + bool reverse, + string dirName) + : this(reverse, (IDictionary)DefaultLookup, dirName) + { + } + + /** + * Takes an X509 dir name as a string of the format "C=AU, ST=Victoria", or + * some such, converting it into an ordered set of name attributes with each + * string value being converted to its associated ASN.1 type using the passed + * in converter. If reverse is true the ASN.1 sequence representing the DN will + * be built by starting at the end of the string, rather than the start. + */ + public X509Name( + bool reverse, + string dirName, + X509NameEntryConverter converter) + : this(reverse, DefaultLookup, dirName, converter) + { + } + + /** + * Takes an X509 dir name as a string of the format "C=AU, ST=Victoria", or + * some such, converting it into an ordered set of name attributes. lookUp + * should provide a table of lookups, indexed by lowercase only strings and + * yielding a DerObjectIdentifier, other than that OID. and numeric oids + * will be processed automatically. + *
+ * If reverse is true, create the encoded version of the sequence + * starting from the last element in the string. + * @param reverse true if we should start scanning from the end (RFC 2553). + * @param lookUp table of names and their oids. + * @param dirName the X.500 string to be parsed. + */ + public X509Name( + bool reverse, + IDictionary lookUp, + string dirName) + : this(reverse, lookUp, dirName, new X509DefaultEntryConverter()) + { + } + + private DerObjectIdentifier DecodeOid( + string name, + IDictionary lookUp) + { + if (Platform.StartsWith(Platform.ToUpperInvariant(name), "OID.")) + { + return new DerObjectIdentifier(name.Substring(4)); + } + else if (name[0] >= '0' && name[0] <= '9') + { + return new DerObjectIdentifier(name); + } + + DerObjectIdentifier oid = (DerObjectIdentifier)lookUp[Platform.ToLowerInvariant(name)]; + if (oid == null) + { + throw new ArgumentException("Unknown object id - " + name + " - passed to distinguished name"); + } + + return oid; + } + + /** + * Takes an X509 dir name as a string of the format "C=AU, ST=Victoria", or + * some such, converting it into an ordered set of name attributes. lookUp + * should provide a table of lookups, indexed by lowercase only strings and + * yielding a DerObjectIdentifier, other than that OID. and numeric oids + * will be processed automatically. The passed in converter is used to convert the + * string values to the right of each equals sign to their ASN.1 counterparts. + *
+ * @param reverse true if we should start scanning from the end, false otherwise. + * @param lookUp table of names and oids. + * @param dirName the string dirName + * @param converter the converter to convert string values into their ASN.1 equivalents + */ + public X509Name( + bool reverse, + IDictionary lookUp, + string dirName, + X509NameEntryConverter converter) + { + this.converter = converter; + X509NameTokenizer nTok = new X509NameTokenizer(dirName); + + while (nTok.HasMoreTokens()) + { + string token = nTok.NextToken(); + int index = token.IndexOf('='); + + if (index == -1) + { + throw new ArgumentException("badly formated directory string"); + } + + string name = token.Substring(0, index); + string value = token.Substring(index + 1); + DerObjectIdentifier oid = DecodeOid(name, lookUp); + + if (value.IndexOf('+') > 0) + { + X509NameTokenizer vTok = new X509NameTokenizer(value, '+'); + string v = vTok.NextToken(); + + this.ordering.Add(oid); + this.values.Add(v); + this.added.Add(false); + + while (vTok.HasMoreTokens()) + { + string sv = vTok.NextToken(); + int ndx = sv.IndexOf('='); + + string nm = sv.Substring(0, ndx); + string vl = sv.Substring(ndx + 1); + this.ordering.Add(DecodeOid(nm, lookUp)); + this.values.Add(vl); + this.added.Add(true); + } + } + else + { + this.ordering.Add(oid); + this.values.Add(value); + this.added.Add(false); + } + } + + if (reverse) + { +// this.ordering.Reverse(); +// this.values.Reverse(); +// this.added.Reverse(); + IList o = Platform.CreateArrayList(); + IList v = Platform.CreateArrayList(); + IList a = Platform.CreateArrayList(); + int count = 1; + + for (int i = 0; i < this.ordering.Count; i++) + { + if (!((bool) this.added[i])) + { + count = 0; + } + + int index = count++; + + o.Insert(index, this.ordering[i]); + v.Insert(index, this.values[i]); + a.Insert(index, this.added[i]); + } + + this.ordering = o; + this.values = v; + this.added = a; + } + } + + /** + * return an IList of the oids in the name, in the order they were found. + */ + public IList GetOidList() + { + return Platform.CreateArrayList(ordering); + } + + /** + * return an IList of the values found in the name, in the order they + * were found. + */ + public IList GetValueList() + { + return GetValueList(null); + } + + /** + * return an IList of the values found in the name, in the order they + * were found, with the DN label corresponding to passed in oid. + */ + public IList GetValueList(DerObjectIdentifier oid) + { + IList v = Platform.CreateArrayList(); + for (int i = 0; i != values.Count; i++) + { + if (null == oid || oid.Equals(ordering[i])) + { + string val = (string)values[i]; + + if (Platform.StartsWith(val, "\\#")) + { + val = val.Substring(1); + } + + v.Add(val); + } + } + return v; + } + + public override Asn1Object ToAsn1Object() + { + if (seq == null) + { + Asn1EncodableVector vec = new Asn1EncodableVector(); + Asn1EncodableVector sVec = new Asn1EncodableVector(); + DerObjectIdentifier lstOid = null; + + for (int i = 0; i != ordering.Count; i++) + { + DerObjectIdentifier oid = (DerObjectIdentifier)ordering[i]; + string str = (string)values[i]; + + if (lstOid == null + || ((bool)this.added[i])) + { + } + else + { + vec.Add(new DerSet(sVec)); + sVec = new Asn1EncodableVector(); + } + + sVec.Add( + new DerSequence( + oid, + converter.GetConvertedValue(oid, str))); + + lstOid = oid; + } + + vec.Add(new DerSet(sVec)); + + seq = new DerSequence(vec); + } + + return seq; + } + + /// The X509Name object to test equivalency against. + /// If true, the order of elements must be the same, + /// as well as the values associated with each element. + public bool Equivalent( + X509Name other, + bool inOrder) + { + if (!inOrder) + return this.Equivalent(other); + + if (other == null) + return false; + + if (other == this) + return true; + + int orderingSize = ordering.Count; + + if (orderingSize != other.ordering.Count) + return false; + + for (int i = 0; i < orderingSize; i++) + { + DerObjectIdentifier oid = (DerObjectIdentifier) ordering[i]; + DerObjectIdentifier oOid = (DerObjectIdentifier) other.ordering[i]; + + if (!oid.Equals(oOid)) + return false; + + string val = (string) values[i]; + string oVal = (string) other.values[i]; + + if (!equivalentStrings(val, oVal)) + return false; + } + + return true; + } + + /** + * test for equivalence - note: case is ignored. + */ + public bool Equivalent( + X509Name other) + { + if (other == null) + return false; + + if (other == this) + return true; + + int orderingSize = ordering.Count; + + if (orderingSize != other.ordering.Count) + { + return false; + } + + bool[] indexes = new bool[orderingSize]; + int start, end, delta; + + if (ordering[0].Equals(other.ordering[0])) // guess forward + { + start = 0; + end = orderingSize; + delta = 1; + } + else // guess reversed - most common problem + { + start = orderingSize - 1; + end = -1; + delta = -1; + } + + for (int i = start; i != end; i += delta) + { + bool found = false; + DerObjectIdentifier oid = (DerObjectIdentifier)ordering[i]; + string value = (string)values[i]; + + for (int j = 0; j < orderingSize; j++) + { + if (indexes[j]) + { + continue; + } + + DerObjectIdentifier oOid = (DerObjectIdentifier)other.ordering[j]; + + if (oid.Equals(oOid)) + { + string oValue = (string)other.values[j]; + + if (equivalentStrings(value, oValue)) + { + indexes[j] = true; + found = true; + break; + } + } + } + + if (!found) + { + return false; + } + } + + return true; + } + + private static bool equivalentStrings( + string s1, + string s2) + { + string v1 = canonicalize(s1); + string v2 = canonicalize(s2); + + if (!v1.Equals(v2)) + { + v1 = stripInternalSpaces(v1); + v2 = stripInternalSpaces(v2); + + if (!v1.Equals(v2)) + { + return false; + } + } + + return true; + } + + private static string canonicalize( + string s) + { + string v = Platform.ToLowerInvariant(s).Trim(); + + if (Platform.StartsWith(v, "#")) + { + Asn1Object obj = decodeObject(v); + + if (obj is IAsn1String) + { + v = Platform.ToLowerInvariant(((IAsn1String)obj).GetString()).Trim(); + } + } + + return v; + } + + private static Asn1Object decodeObject( + string v) + { + try + { + return Asn1Object.FromByteArray(Hex.DecodeStrict(v, 1, v.Length - 1)); + } + catch (IOException e) + { + throw new InvalidOperationException("unknown encoding in name: " + e.Message, e); + } + } + + private static string stripInternalSpaces( + string str) + { + StringBuilder res = new StringBuilder(); + + if (str.Length != 0) + { + char c1 = str[0]; + + res.Append(c1); + + for (int k = 1; k < str.Length; k++) + { + char c2 = str[k]; + if (!(c1 == ' ' && c2 == ' ')) + { + res.Append(c2); + } + c1 = c2; + } + } + + return res.ToString(); + } + + private void AppendValue( + StringBuilder buf, + IDictionary oidSymbols, + DerObjectIdentifier oid, + string val) + { + string sym = (string)oidSymbols[oid]; + + if (sym != null) + { + buf.Append(sym); + } + else + { + buf.Append(oid.Id); + } + + buf.Append('='); + + int index = buf.Length; + + buf.Append(val); + + int end = buf.Length; + + if (Platform.StartsWith(val, "\\#")) + { + index += 2; + } + + while (index != end) + { + if ((buf[index] == ',') + || (buf[index] == '"') + || (buf[index] == '\\') + || (buf[index] == '+') + || (buf[index] == '=') + || (buf[index] == '<') + || (buf[index] == '>') + || (buf[index] == ';')) + { + buf.Insert(index++, "\\"); + end++; + } + + index++; + } + } + + /** + * convert the structure to a string - if reverse is true the + * oids and values are listed out starting with the last element + * in the sequence (ala RFC 2253), otherwise the string will begin + * with the first element of the structure. If no string definition + * for the oid is found in oidSymbols the string value of the oid is + * added. Two standard symbol tables are provided DefaultSymbols, and + * RFC2253Symbols as part of this class. + * + * @param reverse if true start at the end of the sequence and work back. + * @param oidSymbols look up table strings for oids. + */ + public string ToString( + bool reverse, + IDictionary oidSymbols) + { +#if SILVERLIGHT || PORTABLE + List components = new List(); +#else + ArrayList components = new ArrayList(); +#endif + + StringBuilder ava = null; + + for (int i = 0; i < ordering.Count; i++) + { + if ((bool) added[i]) + { + ava.Append('+'); + AppendValue(ava, oidSymbols, + (DerObjectIdentifier)ordering[i], + (string)values[i]); + } + else + { + ava = new StringBuilder(); + AppendValue(ava, oidSymbols, + (DerObjectIdentifier)ordering[i], + (string)values[i]); + components.Add(ava); + } + } + + if (reverse) + { + components.Reverse(); + } + + StringBuilder buf = new StringBuilder(); + + if (components.Count > 0) + { + buf.Append(components[0].ToString()); + + for (int i = 1; i < components.Count; ++i) + { + buf.Append(','); + buf.Append(components[i].ToString()); + } + } + + return buf.ToString(); + } + + public override string ToString() + { + return ToString(DefaultReverse, (IDictionary)DefaultSymbols); + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/x509/X509NameEntryConverter.cs b/BouncyCastle/crypto/src/asn1/x509/X509NameEntryConverter.cs new file mode 100644 index 0000000..a5a00cc --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/x509/X509NameEntryConverter.cs @@ -0,0 +1,87 @@ +using System; +using System.Globalization; +using System.IO; +using System.Text; + +using Org.BouncyCastle.Utilities.Encoders; + +namespace Org.BouncyCastle.Asn1.X509 +{ + /** + * It turns out that the number of standard ways the fields in a DN should be + * encoded into their ASN.1 counterparts is rapidly approaching the + * number of machines on the internet. By default the X509Name class + * will produce UTF8Strings in line with the current recommendations (RFC 3280). + *

+ * An example of an encoder look like below: + * 

+     * public class X509DirEntryConverter
+     *     : X509NameEntryConverter
+     * {
+     *     public Asn1Object GetConvertedValue(
+     *         DerObjectIdentifier  oid,
+     *         string               value)
+     *     {
+     *         if (str.Length() != 0 && str.charAt(0) == '#')
+     *         {
+     *             return ConvertHexEncoded(str, 1);
+     *         }
+     *         if (oid.Equals(EmailAddress))
+     *         {
+     *             return new DerIA5String(str);
+     *         }
+     *         else if (CanBePrintable(str))
+     *         {
+     *             return new DerPrintableString(str);
+     *         }
+     *         else if (CanBeUTF8(str))
+     *         {
+     *             return new DerUtf8String(str);
+     *         }
+     *         else
+     *         {
+     *             return new DerBmpString(str);
+     *         }
+     *     }
+     * }
+	 *
+ *

+ */ + public abstract class X509NameEntryConverter + { + /** + * Convert an inline encoded hex string rendition of an ASN.1 + * object back into its corresponding ASN.1 object. + * + * @param str the hex encoded object + * @param off the index at which the encoding starts + * @return the decoded object + */ + protected Asn1Object ConvertHexEncoded( + string hexString, + int offset) + { + return Asn1Object.FromByteArray(Hex.DecodeStrict(hexString, offset, hexString.Length - offset)); + } + + /** + * return true if the passed in string can be represented without + * loss as a PrintableString, false otherwise. + */ + protected bool CanBePrintable( + string str) + { + return DerPrintableString.IsPrintableString(str); + } + + /** + * Convert the passed in string value into the appropriate ASN.1 + * encoded object. + * + * @param oid the oid associated with the value in the DN. + * @param value the value of the particular DN component. + * @return the ASN.1 equivalent for the value. + */ + public abstract Asn1Object GetConvertedValue(DerObjectIdentifier oid, string value); + } +} diff --git a/BouncyCastle/crypto/src/asn1/x509/X509NameTokenizer.cs b/BouncyCastle/crypto/src/asn1/x509/X509NameTokenizer.cs new file mode 100644 index 0000000..ab55295 --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/x509/X509NameTokenizer.cs @@ -0,0 +1,104 @@ +using System.Text; + +namespace Org.BouncyCastle.Asn1.X509 +{ + /** + * class for breaking up an X500 Name into it's component tokens, ala + * java.util.StringTokenizer. We need this class as some of the + * lightweight Java environment don't support classes like + * StringTokenizer. + */ + public class X509NameTokenizer + { + private string value; + private int index; + private char separator; + private StringBuilder buffer = new StringBuilder(); + + public X509NameTokenizer( + string oid) + : this(oid, ',') + { + } + + public X509NameTokenizer( + string oid, + char separator) + { + this.value = oid; + this.index = -1; + this.separator = separator; + } + + public bool HasMoreTokens() + { + return index != value.Length; + } + + public string NextToken() + { + if (index == value.Length) + { + return null; + } + + int end = index + 1; + bool quoted = false; + bool escaped = false; + + buffer.Remove(0, buffer.Length); + + while (end != value.Length) + { + char c = value[end]; + + if (c == '"') + { + if (!escaped) + { + quoted = !quoted; + } + else + { + buffer.Append(c); + escaped = false; + } + } + else + { + if (escaped || quoted) + { + if (c == '#' && buffer[buffer.Length - 1] == '=') + { + buffer.Append('\\'); + } + else if (c == '+' && separator != '+') + { + buffer.Append('\\'); + } + buffer.Append(c); + escaped = false; + } + else if (c == '\\') + { + escaped = true; + } + else if (c == separator) + { + break; + } + else + { + buffer.Append(c); + } + } + + end++; + } + + index = end; + + return buffer.ToString().Trim(); + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/x509/X509ObjectIdentifiers.cs b/BouncyCastle/crypto/src/asn1/x509/X509ObjectIdentifiers.cs new file mode 100644 index 0000000..4df5bba --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/x509/X509ObjectIdentifiers.cs @@ -0,0 +1,61 @@ +namespace Org.BouncyCastle.Asn1.X509 +{ + public abstract class X509ObjectIdentifiers + { + // + // base id + // + internal const string ID = "2.5.4"; + + public static readonly DerObjectIdentifier CommonName = new DerObjectIdentifier(ID + ".3"); + public static readonly DerObjectIdentifier CountryName = new DerObjectIdentifier(ID + ".6"); + public static readonly DerObjectIdentifier LocalityName = new DerObjectIdentifier(ID + ".7"); + public static readonly DerObjectIdentifier StateOrProvinceName = new DerObjectIdentifier(ID + ".8"); + public static readonly DerObjectIdentifier Organization = new DerObjectIdentifier(ID + ".10"); + public static readonly DerObjectIdentifier OrganizationalUnitName = new DerObjectIdentifier(ID + ".11"); + + public static readonly DerObjectIdentifier id_at_telephoneNumber = new DerObjectIdentifier(ID + ".20"); + public static readonly DerObjectIdentifier id_at_name = new DerObjectIdentifier(ID + ".41"); + + public static readonly DerObjectIdentifier id_at_organizationIdentifier = new DerObjectIdentifier("2.5.4.97"); + + // id-SHA1 OBJECT IDENTIFIER ::= + // {iso(1) identified-organization(3) oiw(14) secsig(3) algorithms(2) 26 } // + public static readonly DerObjectIdentifier IdSha1 = new DerObjectIdentifier("1.3.14.3.2.26"); + + // + // ripemd160 OBJECT IDENTIFIER ::= + // {iso(1) identified-organization(3) TeleTrust(36) algorithm(3) hashAlgorithm(2) RipeMD-160(1)} + // + public static readonly DerObjectIdentifier RipeMD160 = new DerObjectIdentifier("1.3.36.3.2.1"); + + // + // ripemd160WithRSAEncryption OBJECT IDENTIFIER ::= + // {iso(1) identified-organization(3) TeleTrust(36) algorithm(3) signatureAlgorithm(3) rsaSignature(1) rsaSignatureWithripemd160(2) } + // + public static readonly DerObjectIdentifier RipeMD160WithRsaEncryption = new DerObjectIdentifier("1.3.36.3.3.1.2"); + + public static readonly DerObjectIdentifier IdEARsa = new DerObjectIdentifier("2.5.8.1.1"); + + // id-pkix + public static readonly DerObjectIdentifier IdPkix = new DerObjectIdentifier("1.3.6.1.5.5.7"); + + // + // private internet extensions + // + public static readonly DerObjectIdentifier IdPE = new DerObjectIdentifier(IdPkix + ".1"); + + // + // authority information access + // + public static readonly DerObjectIdentifier IdAD = new DerObjectIdentifier(IdPkix + ".48"); + public static readonly DerObjectIdentifier IdADCAIssuers = new DerObjectIdentifier(IdAD + ".2"); + public static readonly DerObjectIdentifier IdADOcsp = new DerObjectIdentifier(IdAD + ".1"); + + // + // OID for ocsp and crl uri in AuthorityInformationAccess extension + // + public static readonly DerObjectIdentifier OcspAccessMethod = IdADOcsp; + public static readonly DerObjectIdentifier CrlAccessMethod = IdADCAIssuers; + } +} diff --git a/BouncyCastle/crypto/src/asn1/x509/qualified/BiometricData.cs b/BouncyCastle/crypto/src/asn1/x509/qualified/BiometricData.cs new file mode 100644 index 0000000..816ffd2 --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/x509/qualified/BiometricData.cs @@ -0,0 +1,104 @@ +using System; + +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Asn1.X509.Qualified +{ + /** + * The BiometricData object. + * 
+    * BiometricData  ::=  SEQUENCE {
+    *       typeOfBiometricData  TypeOfBiometricData,
+    *       hashAlgorithm        AlgorithmIdentifier,
+    *       biometricDataHash    OCTET STRING,
+    *       sourceDataUri        IA5String OPTIONAL  }
+    *
+ */ + public class BiometricData + : Asn1Encodable + { + private readonly TypeOfBiometricData typeOfBiometricData; + private readonly AlgorithmIdentifier hashAlgorithm; + private readonly Asn1OctetString biometricDataHash; + private readonly DerIA5String sourceDataUri; + + public static BiometricData GetInstance( + object obj) + { + if (obj == null || obj is BiometricData) + { + return (BiometricData)obj; + } + + if (obj is Asn1Sequence) + { + return new BiometricData(Asn1Sequence.GetInstance(obj)); + } + + throw new ArgumentException("unknown object in GetInstance: " + Platform.GetTypeName(obj), "obj"); + } + + private BiometricData( + Asn1Sequence seq) + { + typeOfBiometricData = TypeOfBiometricData.GetInstance(seq[0]); + hashAlgorithm = AlgorithmIdentifier.GetInstance(seq[1]); + biometricDataHash = Asn1OctetString.GetInstance(seq[2]); + + if (seq.Count > 3) + { + sourceDataUri = DerIA5String.GetInstance(seq[3]); + } + } + + public BiometricData( + TypeOfBiometricData typeOfBiometricData, + AlgorithmIdentifier hashAlgorithm, + Asn1OctetString biometricDataHash, + DerIA5String sourceDataUri) + { + this.typeOfBiometricData = typeOfBiometricData; + this.hashAlgorithm = hashAlgorithm; + this.biometricDataHash = biometricDataHash; + this.sourceDataUri = sourceDataUri; + } + + public BiometricData( + TypeOfBiometricData typeOfBiometricData, + AlgorithmIdentifier hashAlgorithm, + Asn1OctetString biometricDataHash) + { + this.typeOfBiometricData = typeOfBiometricData; + this.hashAlgorithm = hashAlgorithm; + this.biometricDataHash = biometricDataHash; + this.sourceDataUri = null; + } + + public TypeOfBiometricData TypeOfBiometricData + { + get { return typeOfBiometricData; } + } + + public AlgorithmIdentifier HashAlgorithm + { + get { return hashAlgorithm; } + } + + public Asn1OctetString BiometricDataHash + { + get { return biometricDataHash; } + } + + public DerIA5String SourceDataUri + { + get { return sourceDataUri; } + } + + public override Asn1Object ToAsn1Object() + { + Asn1EncodableVector v = new Asn1EncodableVector(typeOfBiometricData, hashAlgorithm, biometricDataHash); + v.AddOptional(sourceDataUri); + return new DerSequence(v); + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/x509/qualified/ETSIQCObjectIdentifiers.cs b/BouncyCastle/crypto/src/asn1/x509/qualified/ETSIQCObjectIdentifiers.cs new file mode 100644 index 0000000..86a4eee --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/x509/qualified/ETSIQCObjectIdentifiers.cs @@ -0,0 +1,19 @@ +using System; + +using Org.BouncyCastle.Asn1; + +namespace Org.BouncyCastle.Asn1.X509.Qualified +{ + public abstract class EtsiQCObjectIdentifiers + { + // + // base id + // + public static readonly DerObjectIdentifier IdEtsiQcs = new DerObjectIdentifier("0.4.0.1862.1"); + + public static readonly DerObjectIdentifier IdEtsiQcsQcCompliance = new DerObjectIdentifier(IdEtsiQcs+".1"); + public static readonly DerObjectIdentifier IdEtsiQcsLimitValue = new DerObjectIdentifier(IdEtsiQcs+".2"); + public static readonly DerObjectIdentifier IdEtsiQcsRetentionPeriod = new DerObjectIdentifier(IdEtsiQcs+".3"); + public static readonly DerObjectIdentifier IdEtsiQcsQcSscd = new DerObjectIdentifier(IdEtsiQcs+".4"); + } +} diff --git a/BouncyCastle/crypto/src/asn1/x509/qualified/Iso4217CurrencyCode.cs b/BouncyCastle/crypto/src/asn1/x509/qualified/Iso4217CurrencyCode.cs new file mode 100644 index 0000000..a90a33a --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/x509/qualified/Iso4217CurrencyCode.cs @@ -0,0 +1,84 @@ +using System; + +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Asn1.X509.Qualified +{ + /** + * The Iso4217CurrencyCode object. + * 
+    * Iso4217CurrencyCode  ::=  CHOICE {
+    *       alphabetic              PrintableString (SIZE 3), --Recommended
+    *       numeric              INTEGER (1..999) }
+    * -- Alphabetic or numeric currency code as defined in ISO 4217
+    * -- It is recommended that the Alphabetic form is used
+    *
+ */ + public class Iso4217CurrencyCode + : Asn1Encodable, IAsn1Choice + { + internal const int AlphabeticMaxSize = 3; + internal const int NumericMinSize = 1; + internal const int NumericMaxSize = 999; + + internal Asn1Encodable obj; +// internal int numeric; + + public static Iso4217CurrencyCode GetInstance( + object obj) + { + if (obj == null || obj is Iso4217CurrencyCode) + { + return (Iso4217CurrencyCode) obj; + } + + if (obj is DerInteger) + { + DerInteger numericobj = DerInteger.GetInstance(obj); + int numeric = numericobj.IntValueExact; + return new Iso4217CurrencyCode(numeric); + } + + if (obj is DerPrintableString) + { + DerPrintableString alphabetic = DerPrintableString.GetInstance(obj); + return new Iso4217CurrencyCode(alphabetic.GetString()); + } + + throw new ArgumentException("unknown object in GetInstance: " + Platform.GetTypeName(obj), "obj"); + } + + public Iso4217CurrencyCode( + int numeric) + { + if (numeric > NumericMaxSize || numeric < NumericMinSize) + { + throw new ArgumentException("wrong size in numeric code : not in (" + NumericMinSize + ".." + NumericMaxSize + ")"); + } + + obj = new DerInteger(numeric); + } + + public Iso4217CurrencyCode( + string alphabetic) + { + if (alphabetic.Length > AlphabeticMaxSize) + { + throw new ArgumentException("wrong size in alphabetic code : max size is " + AlphabeticMaxSize); + } + + obj = new DerPrintableString(alphabetic); + } + + public bool IsAlphabetic { get { return obj is DerPrintableString; } } + + public string Alphabetic { get { return ((DerPrintableString) obj).GetString(); } } + + public int Numeric { get { return ((DerInteger)obj).IntValueExact; } } + + public override Asn1Object ToAsn1Object() + { + return obj.ToAsn1Object(); + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/x509/qualified/MonetaryValue.cs b/BouncyCastle/crypto/src/asn1/x509/qualified/MonetaryValue.cs new file mode 100644 index 0000000..d703de9 --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/x509/qualified/MonetaryValue.cs @@ -0,0 +1,83 @@ +using System; +using System.Collections; + +using Org.BouncyCastle.Math; +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Asn1.X509.Qualified +{ + /** + * The MonetaryValue object. + * 
+    * MonetaryValue  ::=  SEQUENCE {
+    *       currency              Iso4217CurrencyCode,
+    *       amount               INTEGER,
+    *       exponent             INTEGER }
+    * -- value = amount * 10^exponent
+    *
+ */ + public class MonetaryValue + : Asn1Encodable + { + internal Iso4217CurrencyCode currency; + internal DerInteger amount; + internal DerInteger exponent; + + public static MonetaryValue GetInstance( + object obj) + { + if (obj == null || obj is MonetaryValue) + { + return (MonetaryValue) obj; + } + + if (obj is Asn1Sequence) + { + return new MonetaryValue(Asn1Sequence.GetInstance(obj)); + } + + throw new ArgumentException("unknown object in GetInstance: " + Platform.GetTypeName(obj), "obj"); + } + + private MonetaryValue( + Asn1Sequence seq) + { + if (seq.Count != 3) + throw new ArgumentException("Bad sequence size: " + seq.Count, "seq"); + + currency = Iso4217CurrencyCode.GetInstance(seq[0]); + amount = DerInteger.GetInstance(seq[1]); + exponent = DerInteger.GetInstance(seq[2]); + } + + public MonetaryValue( + Iso4217CurrencyCode currency, + int amount, + int exponent) + { + this.currency = currency; + this.amount = new DerInteger(amount); + this.exponent = new DerInteger(exponent); + } + + public Iso4217CurrencyCode Currency + { + get { return currency; } + } + + public BigInteger Amount + { + get { return amount.Value; } + } + + public BigInteger Exponent + { + get { return exponent.Value; } + } + + public override Asn1Object ToAsn1Object() + { + return new DerSequence(currency, amount, exponent); + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/x509/qualified/QCStatement.cs b/BouncyCastle/crypto/src/asn1/x509/qualified/QCStatement.cs new file mode 100644 index 0000000..bfa5153 --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/x509/qualified/QCStatement.cs @@ -0,0 +1,79 @@ +using System; + +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Asn1.X509.Qualified +{ + /** + * The QCStatement object. + * 
+    * QCStatement ::= SEQUENCE {
+    *   statementId        OBJECT IDENTIFIER,
+    *   statementInfo      ANY DEFINED BY statementId OPTIONAL}
+    *
+ */ + public class QCStatement + : Asn1Encodable + { + private readonly DerObjectIdentifier qcStatementId; + private readonly Asn1Encodable qcStatementInfo; + + public static QCStatement GetInstance( + object obj) + { + if (obj == null || obj is QCStatement) + { + return (QCStatement) obj; + } + + if (obj is Asn1Sequence) + { + return new QCStatement(Asn1Sequence.GetInstance(obj)); + } + + throw new ArgumentException("unknown object in GetInstance: " + Platform.GetTypeName(obj), "obj"); + } + + private QCStatement( + Asn1Sequence seq) + { + qcStatementId = DerObjectIdentifier.GetInstance(seq[0]); + + if (seq.Count > 1) + { + qcStatementInfo = seq[1]; + } + } + + public QCStatement( + DerObjectIdentifier qcStatementId) + { + this.qcStatementId = qcStatementId; + } + + public QCStatement( + DerObjectIdentifier qcStatementId, + Asn1Encodable qcStatementInfo) + { + this.qcStatementId = qcStatementId; + this.qcStatementInfo = qcStatementInfo; + } + + public DerObjectIdentifier StatementId + { + get { return qcStatementId; } + } + + public Asn1Encodable StatementInfo + { + get { return qcStatementInfo; } + } + + public override Asn1Object ToAsn1Object() + { + Asn1EncodableVector v = new Asn1EncodableVector(qcStatementId); + v.AddOptional(qcStatementInfo); + return new DerSequence(v); + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/x509/qualified/RFC3739QCObjectIdentifiers.cs b/BouncyCastle/crypto/src/asn1/x509/qualified/RFC3739QCObjectIdentifiers.cs new file mode 100644 index 0000000..8ebd69e --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/x509/qualified/RFC3739QCObjectIdentifiers.cs @@ -0,0 +1,21 @@ +using System; + +using Org.BouncyCastle.Asn1; + +namespace Org.BouncyCastle.Asn1.X509.Qualified +{ + public sealed class Rfc3739QCObjectIdentifiers + { + private Rfc3739QCObjectIdentifiers() + { + } + + // + // base id + // + public static readonly DerObjectIdentifier IdQcs = new DerObjectIdentifier("1.3.6.1.5.5.7.11"); + + public static readonly DerObjectIdentifier IdQcsPkixQCSyntaxV1 = new DerObjectIdentifier(IdQcs+".1"); + public static readonly DerObjectIdentifier IdQcsPkixQCSyntaxV2 = new DerObjectIdentifier(IdQcs+".2"); + } +} diff --git a/BouncyCastle/crypto/src/asn1/x509/qualified/SemanticsInformation.cs b/BouncyCastle/crypto/src/asn1/x509/qualified/SemanticsInformation.cs new file mode 100644 index 0000000..379e6d1 --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/x509/qualified/SemanticsInformation.cs @@ -0,0 +1,120 @@ +using System; +using System.Collections; + +using Org.BouncyCastle.Asn1.X509; +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Asn1.X509.Qualified +{ + /** + * The SemanticsInformation object. + * 
+    *       SemanticsInformation ::= SEQUENCE {
+    *         semanticsIdentifier        OBJECT IDENTIFIER   OPTIONAL,
+    *         nameRegistrationAuthorities NameRegistrationAuthorities
+    *                                                         OPTIONAL }
+    *         (WITH COMPONENTS {..., semanticsIdentifier PRESENT}|
+    *          WITH COMPONENTS {..., nameRegistrationAuthorities PRESENT})
+    *
+    *     NameRegistrationAuthorities ::=  SEQUENCE SIZE (1..MAX) OF
+    *         GeneralName
+    *
+ */ + public class SemanticsInformation + : Asn1Encodable + { + private readonly DerObjectIdentifier semanticsIdentifier; + private readonly GeneralName[] nameRegistrationAuthorities; + + public static SemanticsInformation GetInstance( + object obj) + { + if (obj == null || obj is SemanticsInformation) + { + return (SemanticsInformation) obj; + } + + if (obj is Asn1Sequence) + { + return new SemanticsInformation(Asn1Sequence.GetInstance(obj)); + } + + throw new ArgumentException("unknown object in GetInstance: " + Platform.GetTypeName(obj), "obj"); + } + + public SemanticsInformation( + Asn1Sequence seq) + { + if (seq.Count < 1) + { + throw new ArgumentException("no objects in SemanticsInformation"); + } + + IEnumerator e = seq.GetEnumerator(); + e.MoveNext(); + object obj = e.Current; + if (obj is DerObjectIdentifier) + { + semanticsIdentifier = DerObjectIdentifier.GetInstance(obj); + if (e.MoveNext()) + { + obj = e.Current; + } + else + { + obj = null; + } + } + + if (obj != null) + { + Asn1Sequence generalNameSeq = Asn1Sequence.GetInstance(obj ); + nameRegistrationAuthorities = new GeneralName[generalNameSeq.Count]; + for (int i= 0; i < generalNameSeq.Count; i++) + { + nameRegistrationAuthorities[i] = GeneralName.GetInstance(generalNameSeq[i]); + } + } + } + + public SemanticsInformation( + DerObjectIdentifier semanticsIdentifier, + GeneralName[] generalNames) + { + this.semanticsIdentifier = semanticsIdentifier; + this.nameRegistrationAuthorities = generalNames; + } + + public SemanticsInformation( + DerObjectIdentifier semanticsIdentifier) + { + this.semanticsIdentifier = semanticsIdentifier; + } + + public SemanticsInformation( + GeneralName[] generalNames) + { + this.nameRegistrationAuthorities = generalNames; + } + + public DerObjectIdentifier SemanticsIdentifier { get { return semanticsIdentifier; } } + + public GeneralName[] GetNameRegistrationAuthorities() + { + return nameRegistrationAuthorities; + } + + public override Asn1Object ToAsn1Object() + { + Asn1EncodableVector v = new Asn1EncodableVector(); + v.AddOptional(semanticsIdentifier); + + if (null != nameRegistrationAuthorities) + { + v.Add(new DerSequence(nameRegistrationAuthorities)); + } + + return new DerSequence(v); + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/x509/qualified/TypeOfBiometricData.cs b/BouncyCastle/crypto/src/asn1/x509/qualified/TypeOfBiometricData.cs new file mode 100644 index 0000000..a4e2e45 --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/x509/qualified/TypeOfBiometricData.cs @@ -0,0 +1,91 @@ +using System; + +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Asn1.X509.Qualified +{ + /** + * The TypeOfBiometricData object. + * 
+    * TypeOfBiometricData ::= CHOICE {
+    *   predefinedBiometricType   PredefinedBiometricType,
+    *   biometricDataOid          OBJECT IDENTIFIER }
+    *
+    * PredefinedBiometricType ::= INTEGER {
+    *   picture(0),handwritten-signature(1)}
+    *   (picture|handwritten-signature)
+    *
+ */ + public class TypeOfBiometricData + : Asn1Encodable, IAsn1Choice + { + public const int Picture = 0; + public const int HandwrittenSignature = 1; + + internal Asn1Encodable obj; + + public static TypeOfBiometricData GetInstance( + object obj) + { + if (obj == null || obj is TypeOfBiometricData) + { + return (TypeOfBiometricData) obj; + } + + if (obj is DerInteger) + { + DerInteger predefinedBiometricTypeObj = DerInteger.GetInstance(obj); + int predefinedBiometricType = predefinedBiometricTypeObj.IntValueExact; + + return new TypeOfBiometricData(predefinedBiometricType); + } + + if (obj is DerObjectIdentifier) + { + DerObjectIdentifier BiometricDataOid = DerObjectIdentifier.GetInstance(obj); + return new TypeOfBiometricData(BiometricDataOid); + } + + throw new ArgumentException("unknown object in GetInstance: " + Platform.GetTypeName(obj), "obj"); + } + + public TypeOfBiometricData( + int predefinedBiometricType) + { + if (predefinedBiometricType == Picture || predefinedBiometricType == HandwrittenSignature) + { + obj = new DerInteger(predefinedBiometricType); + } + else + { + throw new ArgumentException("unknow PredefinedBiometricType : " + predefinedBiometricType); + } + } + + public TypeOfBiometricData( + DerObjectIdentifier biometricDataOid) + { + obj = biometricDataOid; + } + + public bool IsPredefined + { + get { return obj is DerInteger; } + } + + public int PredefinedBiometricType + { + get { return ((DerInteger)obj).IntValueExact; } + } + + public DerObjectIdentifier BiometricDataOid + { + get { return (DerObjectIdentifier) obj; } + } + + public override Asn1Object ToAsn1Object() + { + return obj.ToAsn1Object(); + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/x509/sigi/NameOrPseudonym.cs b/BouncyCastle/crypto/src/asn1/x509/sigi/NameOrPseudonym.cs new file mode 100644 index 0000000..2402e38 --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/x509/sigi/NameOrPseudonym.cs @@ -0,0 +1,178 @@ +using System; +using System.Collections; + +using Org.BouncyCastle.Asn1.X500; +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Asn1.X509.SigI +{ + /** + * Structure for a name or pseudonym. + * + * 
+	*       NameOrPseudonym ::= CHOICE {
+	*     	   surAndGivenName SEQUENCE {
+	*     	     surName DirectoryString,
+	*     	     givenName SEQUENCE OF DirectoryString 
+	*         },
+	*     	   pseudonym DirectoryString 
+	*       }
+	*
+ * + * @see org.bouncycastle.asn1.x509.sigi.PersonalData + * + */ + public class NameOrPseudonym + : Asn1Encodable, IAsn1Choice + { + private readonly DirectoryString pseudonym; + private readonly DirectoryString surname; + private readonly Asn1Sequence givenName; + + public static NameOrPseudonym GetInstance( + object obj) + { + if (obj == null || obj is NameOrPseudonym) + { + return (NameOrPseudonym)obj; + } + + if (obj is IAsn1String) + { + return new NameOrPseudonym(DirectoryString.GetInstance(obj)); + } + + if (obj is Asn1Sequence) + { + return new NameOrPseudonym((Asn1Sequence) obj); + } + + throw new ArgumentException("unknown object in factory: " + Platform.GetTypeName(obj), "obj"); + } + + /** + * Constructor from DERString. + *

+ * The sequence is of type NameOrPseudonym: + *

+ * 

+		*       NameOrPseudonym ::= CHOICE {
+		*     	   surAndGivenName SEQUENCE {
+		*     	     surName DirectoryString,
+		*     	     givenName SEQUENCE OF DirectoryString
+		*         },
+		*     	   pseudonym DirectoryString
+		*       }
+		*
+ * @param pseudonym pseudonym value to use. + */ + public NameOrPseudonym( + DirectoryString pseudonym) + { + this.pseudonym = pseudonym; + } + + /** + * Constructor from Asn1Sequence. + *

+ * The sequence is of type NameOrPseudonym: + *

+ * 

+		*       NameOrPseudonym ::= CHOICE {
+		*     	   surAndGivenName SEQUENCE {
+		*     	     surName DirectoryString,
+		*     	     givenName SEQUENCE OF DirectoryString
+		*         },
+		*     	   pseudonym DirectoryString
+		*       }
+		*
+ * + * @param seq The ASN.1 sequence. + */ + private NameOrPseudonym( + Asn1Sequence seq) + { + if (seq.Count != 2) + throw new ArgumentException("Bad sequence size: " + seq.Count); + + if (!(seq[0] is IAsn1String)) + throw new ArgumentException("Bad object encountered: " + Platform.GetTypeName(seq[0])); + + surname = DirectoryString.GetInstance(seq[0]); + givenName = Asn1Sequence.GetInstance(seq[1]); + } + + /** + * Constructor from a given details. + * + * @param pseudonym The pseudonym. + */ + public NameOrPseudonym( + string pseudonym) + : this(new DirectoryString(pseudonym)) + { + } + + /** + * Constructor from a given details. + * + * @param surname The surname. + * @param givenName A sequence of directory strings making up the givenName + */ + public NameOrPseudonym( + DirectoryString surname, + Asn1Sequence givenName) + { + this.surname = surname; + this.givenName = givenName; + } + + public DirectoryString Pseudonym + { + get { return pseudonym; } + } + + public DirectoryString Surname + { + get { return surname; } + } + + public DirectoryString[] GetGivenName() + { + DirectoryString[] items = new DirectoryString[givenName.Count]; + int count = 0; + foreach (object o in givenName) + { + items[count++] = DirectoryString.GetInstance(o); + } + return items; + } + + /** + * Produce an object suitable for an Asn1OutputStream. + *

+ * Returns: + *

+ * 

+		*       NameOrPseudonym ::= CHOICE {
+		*     	   surAndGivenName SEQUENCE {
+		*     	     surName DirectoryString,
+		*     	     givenName SEQUENCE OF DirectoryString
+		*         },
+		*     	   pseudonym DirectoryString
+		*       }
+		*
+ * + * @return an Asn1Object + */ + public override Asn1Object ToAsn1Object() + { + if (pseudonym != null) + { + return pseudonym.ToAsn1Object(); + } + + return new DerSequence(surname, givenName); + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/x509/sigi/PersonalData.cs b/BouncyCastle/crypto/src/asn1/x509/sigi/PersonalData.cs new file mode 100644 index 0000000..0e0bb53 --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/x509/sigi/PersonalData.cs @@ -0,0 +1,205 @@ +using System; +using System.Collections; + +using Org.BouncyCastle.Asn1.X500; +using Org.BouncyCastle.Math; +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Asn1.X509.SigI +{ + /** + * Contains personal data for the otherName field in the subjectAltNames + * extension. + *

+ * 

+	*     PersonalData ::= SEQUENCE {
+	*       nameOrPseudonym NameOrPseudonym,
+	*       nameDistinguisher [0] INTEGER OPTIONAL,
+	*       dateOfBirth [1] GeneralizedTime OPTIONAL,
+	*       placeOfBirth [2] DirectoryString OPTIONAL,
+	*       gender [3] PrintableString OPTIONAL,
+	*       postalAddress [4] DirectoryString OPTIONAL
+	*       }
+	*
+ * + * @see org.bouncycastle.asn1.x509.sigi.NameOrPseudonym + * @see org.bouncycastle.asn1.x509.sigi.SigIObjectIdentifiers + */ + public class PersonalData + : Asn1Encodable + { + private readonly NameOrPseudonym nameOrPseudonym; + private readonly BigInteger nameDistinguisher; + private readonly DerGeneralizedTime dateOfBirth; + private readonly DirectoryString placeOfBirth; + private readonly string gender; + private readonly DirectoryString postalAddress; + + public static PersonalData GetInstance( + object obj) + { + if (obj == null || obj is PersonalData) + { + return (PersonalData) obj; + } + + if (obj is Asn1Sequence) + { + return new PersonalData((Asn1Sequence) obj); + } + + throw new ArgumentException("unknown object in factory: " + Platform.GetTypeName(obj), "obj"); + } + + /** + * Constructor from Asn1Sequence. + *

+ * The sequence is of type NameOrPseudonym: + *

+ * 

+		*     PersonalData ::= SEQUENCE {
+		*       nameOrPseudonym NameOrPseudonym,
+		*       nameDistinguisher [0] INTEGER OPTIONAL,
+		*       dateOfBirth [1] GeneralizedTime OPTIONAL,
+		*       placeOfBirth [2] DirectoryString OPTIONAL,
+		*       gender [3] PrintableString OPTIONAL,
+		*       postalAddress [4] DirectoryString OPTIONAL
+		*       }
+		*
+ * + * @param seq The ASN.1 sequence. + */ + private PersonalData( + Asn1Sequence seq) + { + if (seq.Count < 1) + throw new ArgumentException("Bad sequence size: " + seq.Count); + + IEnumerator e = seq.GetEnumerator(); + e.MoveNext(); + + nameOrPseudonym = NameOrPseudonym.GetInstance(e.Current); + + while (e.MoveNext()) + { + Asn1TaggedObject o = Asn1TaggedObject.GetInstance(e.Current); + int tag = o.TagNo; + switch (tag) + { + case 0: + nameDistinguisher = DerInteger.GetInstance(o, false).Value; + break; + case 1: + dateOfBirth = DerGeneralizedTime.GetInstance(o, false); + break; + case 2: + placeOfBirth = DirectoryString.GetInstance(o, true); + break; + case 3: + gender = DerPrintableString.GetInstance(o, false).GetString(); + break; + case 4: + postalAddress = DirectoryString.GetInstance(o, true); + break; + default: + throw new ArgumentException("Bad tag number: " + o.TagNo); + } + } + } + + /** + * Constructor from a given details. + * + * @param nameOrPseudonym Name or pseudonym. + * @param nameDistinguisher Name distinguisher. + * @param dateOfBirth Date of birth. + * @param placeOfBirth Place of birth. + * @param gender Gender. + * @param postalAddress Postal Address. + */ + public PersonalData( + NameOrPseudonym nameOrPseudonym, + BigInteger nameDistinguisher, + DerGeneralizedTime dateOfBirth, + DirectoryString placeOfBirth, + string gender, + DirectoryString postalAddress) + { + this.nameOrPseudonym = nameOrPseudonym; + this.dateOfBirth = dateOfBirth; + this.gender = gender; + this.nameDistinguisher = nameDistinguisher; + this.postalAddress = postalAddress; + this.placeOfBirth = placeOfBirth; + } + + public NameOrPseudonym NameOrPseudonym + { + get { return nameOrPseudonym; } + } + + public BigInteger NameDistinguisher + { + get { return nameDistinguisher; } + } + + public DerGeneralizedTime DateOfBirth + { + get { return dateOfBirth; } + } + + public DirectoryString PlaceOfBirth + { + get { return placeOfBirth; } + } + + public string Gender + { + get { return gender; } + } + + public DirectoryString PostalAddress + { + get { return postalAddress; } + } + + /** + * Produce an object suitable for an Asn1OutputStream. + *

+ * Returns: + *

+ * 

+		*     PersonalData ::= SEQUENCE {
+		*       nameOrPseudonym NameOrPseudonym,
+		*       nameDistinguisher [0] INTEGER OPTIONAL,
+		*       dateOfBirth [1] GeneralizedTime OPTIONAL,
+		*       placeOfBirth [2] DirectoryString OPTIONAL,
+		*       gender [3] PrintableString OPTIONAL,
+		*       postalAddress [4] DirectoryString OPTIONAL
+		*       }
+		*
+ * + * @return an Asn1Object + */ + public override Asn1Object ToAsn1Object() + { + Asn1EncodableVector v = new Asn1EncodableVector(nameOrPseudonym); + + if (null != nameDistinguisher) + { + v.Add(new DerTaggedObject(false, 0, new DerInteger(nameDistinguisher))); + } + + v.AddOptionalTagged(false, 1, dateOfBirth); + v.AddOptionalTagged(true, 2, placeOfBirth); + + if (null != gender) + { + v.Add(new DerTaggedObject(false, 3, new DerPrintableString(gender, true))); + } + + v.AddOptionalTagged(true, 4, postalAddress); + return new DerSequence(v); + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/x509/sigi/SigIObjectIdentifiers.cs b/BouncyCastle/crypto/src/asn1/x509/sigi/SigIObjectIdentifiers.cs new file mode 100644 index 0000000..682311a --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/x509/sigi/SigIObjectIdentifiers.cs @@ -0,0 +1,49 @@ +using System; + +namespace Org.BouncyCastle.Asn1.X509.SigI +{ + /** + * Object Identifiers of SigI specifciation (German Signature Law + * Interoperability specification). + */ + public sealed class SigIObjectIdentifiers + { + private SigIObjectIdentifiers() + { + } + + public readonly static DerObjectIdentifier IdSigI = new DerObjectIdentifier("1.3.36.8"); + + /** + * Key purpose IDs for German SigI (Signature Interoperability + * Specification) + */ + public readonly static DerObjectIdentifier IdSigIKP = new DerObjectIdentifier(IdSigI + ".2"); + + /** + * Certificate policy IDs for German SigI (Signature Interoperability + * Specification) + */ + public readonly static DerObjectIdentifier IdSigICP = new DerObjectIdentifier(IdSigI + ".1"); + + /** + * Other Name IDs for German SigI (Signature Interoperability Specification) + */ + public readonly static DerObjectIdentifier IdSigION = new DerObjectIdentifier(IdSigI + ".4"); + + /** + * To be used for for the generation of directory service certificates. + */ + public static readonly DerObjectIdentifier IdSigIKPDirectoryService = new DerObjectIdentifier(IdSigIKP + ".1"); + + /** + * ID for PersonalData + */ + public static readonly DerObjectIdentifier IdSigIONPersonalData = new DerObjectIdentifier(IdSigION + ".1"); + + /** + * Certificate is conform to german signature law. + */ + public static readonly DerObjectIdentifier IdSigICPSigConform = new DerObjectIdentifier(IdSigICP + ".1"); + } +} diff --git a/BouncyCastle/crypto/src/asn1/x9/DHDomainParameters.cs b/BouncyCastle/crypto/src/asn1/x9/DHDomainParameters.cs new file mode 100644 index 0000000..a923227 --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/x9/DHDomainParameters.cs @@ -0,0 +1,108 @@ +using System; +using System.Collections; + +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Asn1.X9 +{ + public class DHDomainParameters + : Asn1Encodable + { + private readonly DerInteger p, g, q, j; + private readonly DHValidationParms validationParms; + + public static DHDomainParameters GetInstance(Asn1TaggedObject obj, bool isExplicit) + { + return GetInstance(Asn1Sequence.GetInstance(obj, isExplicit)); + } + + public static DHDomainParameters GetInstance(object obj) + { + if (obj == null || obj is DHDomainParameters) + return (DHDomainParameters)obj; + + if (obj is Asn1Sequence) + return new DHDomainParameters((Asn1Sequence)obj); + + throw new ArgumentException("Invalid DHDomainParameters: " + Platform.GetTypeName(obj), "obj"); + } + + public DHDomainParameters(DerInteger p, DerInteger g, DerInteger q, DerInteger j, + DHValidationParms validationParms) + { + if (p == null) + throw new ArgumentNullException("p"); + if (g == null) + throw new ArgumentNullException("g"); + if (q == null) + throw new ArgumentNullException("q"); + + this.p = p; + this.g = g; + this.q = q; + this.j = j; + this.validationParms = validationParms; + } + + private DHDomainParameters(Asn1Sequence seq) + { + if (seq.Count < 3 || seq.Count > 5) + throw new ArgumentException("Bad sequence size: " + seq.Count, "seq"); + + IEnumerator e = seq.GetEnumerator(); + this.p = DerInteger.GetInstance(GetNext(e)); + this.g = DerInteger.GetInstance(GetNext(e)); + this.q = DerInteger.GetInstance(GetNext(e)); + + Asn1Encodable next = GetNext(e); + + if (next != null && next is DerInteger) + { + this.j = DerInteger.GetInstance(next); + next = GetNext(e); + } + + if (next != null) + { + this.validationParms = DHValidationParms.GetInstance(next.ToAsn1Object()); + } + } + + private static Asn1Encodable GetNext(IEnumerator e) + { + return e.MoveNext() ? (Asn1Encodable)e.Current : null; + } + + public DerInteger P + { + get { return this.p; } + } + + public DerInteger G + { + get { return this.g; } + } + + public DerInteger Q + { + get { return this.q; } + } + + public DerInteger J + { + get { return this.j; } + } + + public DHValidationParms ValidationParms + { + get { return this.validationParms; } + } + + public override Asn1Object ToAsn1Object() + { + Asn1EncodableVector v = new Asn1EncodableVector(p, g, q); + v.AddOptional(j, validationParms); + return new DerSequence(v); + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/x9/DHPublicKey.cs b/BouncyCastle/crypto/src/asn1/x9/DHPublicKey.cs new file mode 100644 index 0000000..74a14a2 --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/x9/DHPublicKey.cs @@ -0,0 +1,46 @@ +using System; + +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Asn1.X9 +{ + public class DHPublicKey + : Asn1Encodable + { + private readonly DerInteger y; + + public static DHPublicKey GetInstance(Asn1TaggedObject obj, bool isExplicit) + { + return GetInstance(DerInteger.GetInstance(obj, isExplicit)); + } + + public static DHPublicKey GetInstance(object obj) + { + if (obj == null || obj is DHPublicKey) + return (DHPublicKey)obj; + + if (obj is DerInteger) + return new DHPublicKey((DerInteger)obj); + + throw new ArgumentException("Invalid DHPublicKey: " + Platform.GetTypeName(obj), "obj"); + } + + public DHPublicKey(DerInteger y) + { + if (y == null) + throw new ArgumentNullException("y"); + + this.y = y; + } + + public DerInteger Y + { + get { return this.y; } + } + + public override Asn1Object ToAsn1Object() + { + return this.y; + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/x9/DHValidationParms.cs b/BouncyCastle/crypto/src/asn1/x9/DHValidationParms.cs new file mode 100644 index 0000000..ec34f89 --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/x9/DHValidationParms.cs @@ -0,0 +1,64 @@ +using System; + +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Asn1.X9 +{ + public class DHValidationParms + : Asn1Encodable + { + private readonly DerBitString seed; + private readonly DerInteger pgenCounter; + + public static DHValidationParms GetInstance(Asn1TaggedObject obj, bool isExplicit) + { + return GetInstance(Asn1Sequence.GetInstance(obj, isExplicit)); + } + + public static DHValidationParms GetInstance(object obj) + { + if (obj == null || obj is DHValidationParms) + return (DHValidationParms)obj; + + if (obj is Asn1Sequence) + return new DHValidationParms((Asn1Sequence)obj); + + throw new ArgumentException("Invalid DHValidationParms: " + Platform.GetTypeName(obj), "obj"); + } + + public DHValidationParms(DerBitString seed, DerInteger pgenCounter) + { + if (seed == null) + throw new ArgumentNullException("seed"); + if (pgenCounter == null) + throw new ArgumentNullException("pgenCounter"); + + this.seed = seed; + this.pgenCounter = pgenCounter; + } + + private DHValidationParms(Asn1Sequence seq) + { + if (seq.Count != 2) + throw new ArgumentException("Bad sequence size: " + seq.Count, "seq"); + + this.seed = DerBitString.GetInstance(seq[0]); + this.pgenCounter = DerInteger.GetInstance(seq[1]); + } + + public DerBitString Seed + { + get { return this.seed; } + } + + public DerInteger PgenCounter + { + get { return this.pgenCounter; } + } + + public override Asn1Object ToAsn1Object() + { + return new DerSequence(seed, pgenCounter); + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/x9/ECNamedCurveTable.cs b/BouncyCastle/crypto/src/asn1/x9/ECNamedCurveTable.cs new file mode 100644 index 0000000..f0d7027 --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/x9/ECNamedCurveTable.cs @@ -0,0 +1,239 @@ +using System; +using System.Collections; + +using Org.BouncyCastle.Asn1.Anssi; +using Org.BouncyCastle.Asn1.CryptoPro; +using Org.BouncyCastle.Asn1.GM; +using Org.BouncyCastle.Asn1.Nist; +using Org.BouncyCastle.Asn1.Sec; +using Org.BouncyCastle.Asn1.TeleTrust; +using Org.BouncyCastle.Utilities; +using Org.BouncyCastle.Utilities.Collections; + +namespace Org.BouncyCastle.Asn1.X9 +{ + /** + * A general class that reads all X9.62 style EC curve tables. + */ + public class ECNamedCurveTable + { + /** + * return a X9ECParameters object representing the passed in named + * curve. The routine returns null if the curve is not present. + * + * @param name the name of the curve requested + * @return an X9ECParameters object or null if the curve is not available. + */ + public static X9ECParameters GetByName(string name) + { + X9ECParameters ecP = X962NamedCurves.GetByName(name); + if (ecP == null) + { + ecP = SecNamedCurves.GetByName(name); + } + if (ecP == null) + { + ecP = NistNamedCurves.GetByName(name); + } + if (ecP == null) + { + ecP = TeleTrusTNamedCurves.GetByName(name); + } + if (ecP == null) + { + ecP = AnssiNamedCurves.GetByName(name); + } + if (ecP == null) + { + ecP = ECGost3410NamedCurves.GetByNameX9(name); + } + if (ecP == null) + { + ecP = GMNamedCurves.GetByName(name); + } + return ecP; + } + + public static X9ECParametersHolder GetByNameLazy(string name) + { + X9ECParametersHolder holder = X962NamedCurves.GetByNameLazy(name); + if (null == holder) + { + holder = SecNamedCurves.GetByNameLazy(name); + } + if (null == holder) + { + holder = NistNamedCurves.GetByNameLazy(name); + } + if (null == holder) + { + holder = TeleTrusTNamedCurves.GetByNameLazy(name); + } + if (null == holder) + { + holder = AnssiNamedCurves.GetByNameLazy(name); + } + if (null == holder) + { + holder = ECGost3410NamedCurves.GetByNameLazy(name); + } + if (null == holder) + { + holder = GMNamedCurves.GetByNameLazy(name); + } + return holder; + } + + public static string GetName(DerObjectIdentifier oid) + { + string name = X962NamedCurves.GetName(oid); + if (name == null) + { + name = SecNamedCurves.GetName(oid); + } + if (name == null) + { + name = NistNamedCurves.GetName(oid); + } + if (name == null) + { + name = TeleTrusTNamedCurves.GetName(oid); + } + if (name == null) + { + name = AnssiNamedCurves.GetName(oid); + } + if (name == null) + { + name = ECGost3410NamedCurves.GetName(oid); + } + if (name == null) + { + name = GMNamedCurves.GetName(oid); + } + return name; + } + + /** + * return the object identifier signified by the passed in name. Null + * if there is no object identifier associated with name. + * + * @return the object identifier associated with name, if present. + */ + public static DerObjectIdentifier GetOid(string name) + { + DerObjectIdentifier oid = X962NamedCurves.GetOid(name); + if (oid == null) + { + oid = SecNamedCurves.GetOid(name); + } + if (oid == null) + { + oid = NistNamedCurves.GetOid(name); + } + if (oid == null) + { + oid = TeleTrusTNamedCurves.GetOid(name); + } + if (oid == null) + { + oid = AnssiNamedCurves.GetOid(name); + } + if (oid == null) + { + oid = ECGost3410NamedCurves.GetOid(name); + } + if (oid == null) + { + oid = GMNamedCurves.GetOid(name); + } + return oid; + } + + /** + * return a X9ECParameters object representing the passed in named + * curve. + * + * @param oid the object id of the curve requested + * @return an X9ECParameters object or null if the curve is not available. + */ + public static X9ECParameters GetByOid(DerObjectIdentifier oid) + { + X9ECParameters ecP = X962NamedCurves.GetByOid(oid); + if (ecP == null) + { + ecP = SecNamedCurves.GetByOid(oid); + } + + // NOTE: All the NIST curves are currently from SEC, so no point in redundant OID lookup + + if (ecP == null) + { + ecP = TeleTrusTNamedCurves.GetByOid(oid); + } + if (ecP == null) + { + ecP = AnssiNamedCurves.GetByOid(oid); + } + if (ecP == null) + { + ecP = ECGost3410NamedCurves.GetByOidX9(oid); + } + if (ecP == null) + { + ecP = GMNamedCurves.GetByOid(oid); + } + return ecP; + } + + public static X9ECParametersHolder GetByOidLazy(DerObjectIdentifier oid) + { + X9ECParametersHolder holder = X962NamedCurves.GetByOidLazy(oid); + if (null == holder) + { + holder = SecNamedCurves.GetByOidLazy(oid); + } + + // NOTE: All the NIST curves are currently from SEC, so no point in redundant OID lookup + + if (null == holder) + { + holder = TeleTrusTNamedCurves.GetByOidLazy(oid); + } + if (null == holder) + { + holder = AnssiNamedCurves.GetByOidLazy(oid); + } + if (null == holder) + { + holder = ECGost3410NamedCurves.GetByOidLazy(oid); + } + if (null == holder) + { + holder = GMNamedCurves.GetByOidLazy(oid); + } + return holder; + } + + /** + * return an enumeration of the names of the available curves. + * + * @return an enumeration of the names of the available curves. + */ + public static IEnumerable Names + { + get + { + IList v = Platform.CreateArrayList(); + CollectionUtilities.AddRange(v, X962NamedCurves.Names); + CollectionUtilities.AddRange(v, SecNamedCurves.Names); + CollectionUtilities.AddRange(v, NistNamedCurves.Names); + CollectionUtilities.AddRange(v, TeleTrusTNamedCurves.Names); + CollectionUtilities.AddRange(v, AnssiNamedCurves.Names); + CollectionUtilities.AddRange(v, ECGost3410NamedCurves.Names); + CollectionUtilities.AddRange(v, GMNamedCurves.Names); + return v; + } + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/x9/KeySpecificInfo.cs b/BouncyCastle/crypto/src/asn1/x9/KeySpecificInfo.cs new file mode 100644 index 0000000..4629864 --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/x9/KeySpecificInfo.cs @@ -0,0 +1,58 @@ +using System.Collections; + +namespace Org.BouncyCastle.Asn1.X9 +{ + /** + * ASN.1 def for Diffie-Hellman key exchange KeySpecificInfo structure. See + * RFC 2631, or X9.42, for further details. + */ + public class KeySpecificInfo + : Asn1Encodable + { + private DerObjectIdentifier algorithm; + private Asn1OctetString counter; + + public KeySpecificInfo( + DerObjectIdentifier algorithm, + Asn1OctetString counter) + { + this.algorithm = algorithm; + this.counter = counter; + } + + public KeySpecificInfo( + Asn1Sequence seq) + { + IEnumerator e = seq.GetEnumerator(); + + e.MoveNext(); + algorithm = (DerObjectIdentifier)e.Current; + e.MoveNext(); + counter = (Asn1OctetString)e.Current; + } + + public DerObjectIdentifier Algorithm + { + get { return algorithm; } + } + + public Asn1OctetString Counter + { + get { return counter; } + } + + /** + * Produce an object suitable for an Asn1OutputStream. + * 
+         *  KeySpecificInfo ::= Sequence {
+         *      algorithm OBJECT IDENTIFIER,
+         *      counter OCTET STRING SIZE (4..4)
+         *  }
+         *
+ */ + public override Asn1Object ToAsn1Object() + { + return new DerSequence(algorithm, counter); + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/x9/OtherInfo.cs b/BouncyCastle/crypto/src/asn1/x9/OtherInfo.cs new file mode 100644 index 0000000..4a52b72 --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/x9/OtherInfo.cs @@ -0,0 +1,82 @@ +using System.Collections; + +namespace Org.BouncyCastle.Asn1.X9 +{ + /** + * ANS.1 def for Diffie-Hellman key exchange OtherInfo structure. See + * RFC 2631, or X9.42, for further details. + */ + public class OtherInfo + : Asn1Encodable + { + private KeySpecificInfo keyInfo; + private Asn1OctetString partyAInfo; + private Asn1OctetString suppPubInfo; + + public OtherInfo( + KeySpecificInfo keyInfo, + Asn1OctetString partyAInfo, + Asn1OctetString suppPubInfo) + { + this.keyInfo = keyInfo; + this.partyAInfo = partyAInfo; + this.suppPubInfo = suppPubInfo; + } + + public OtherInfo( + Asn1Sequence seq) + { + IEnumerator e = seq.GetEnumerator(); + + e.MoveNext(); + keyInfo = new KeySpecificInfo((Asn1Sequence) e.Current); + + while (e.MoveNext()) + { + DerTaggedObject o = (DerTaggedObject) e.Current; + + if (o.TagNo == 0) + { + partyAInfo = (Asn1OctetString) o.GetObject(); + } + else if ((int) o.TagNo == 2) + { + suppPubInfo = (Asn1OctetString) o.GetObject(); + } + } + } + + public KeySpecificInfo KeyInfo + { + get { return keyInfo; } + } + + public Asn1OctetString PartyAInfo + { + get { return partyAInfo; } + } + + public Asn1OctetString SuppPubInfo + { + get { return suppPubInfo; } + } + + /** + * Produce an object suitable for an Asn1OutputStream. + * 
+         *  OtherInfo ::= Sequence {
+         *      keyInfo KeySpecificInfo,
+         *      partyAInfo [0] OCTET STRING OPTIONAL,
+         *      suppPubInfo [2] OCTET STRING
+         *  }
+         *
+ */ + public override Asn1Object ToAsn1Object() + { + Asn1EncodableVector v = new Asn1EncodableVector(keyInfo); + v.AddOptionalTagged(true, 0, partyAInfo); + v.Add(new DerTaggedObject(2, suppPubInfo)); + return new DerSequence(v); + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/x9/X962NamedCurves.cs b/BouncyCastle/crypto/src/asn1/x9/X962NamedCurves.cs new file mode 100644 index 0000000..4fd3c8d --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/x9/X962NamedCurves.cs @@ -0,0 +1,872 @@ +using System; +using System.Collections; + +using Org.BouncyCastle.Math; +using Org.BouncyCastle.Math.EC; +using Org.BouncyCastle.Math.EC.Multiplier; +using Org.BouncyCastle.Utilities; +using Org.BouncyCastle.Utilities.Collections; +using Org.BouncyCastle.Utilities.Encoders; + +namespace Org.BouncyCastle.Asn1.X9 +{ + /** + * table of the current named curves defined in X.962 EC-DSA. + */ + public sealed class X962NamedCurves + { + private X962NamedCurves() + { + } + + private static X9ECPoint ConfigureBasepoint(ECCurve curve, string encoding) + { + X9ECPoint G = new X9ECPoint(curve, Hex.DecodeStrict(encoding)); + WNafUtilities.ConfigureBasepoint(G.Point); + return G; + } + + private static ECCurve ConfigureCurve(ECCurve curve) + { + return curve; + } + + private static BigInteger FromHex(string hex) + { + return new BigInteger(1, Hex.DecodeStrict(hex)); + } + + internal class Prime192v1Holder + : X9ECParametersHolder + { + private Prime192v1Holder() {} + + internal static readonly X9ECParametersHolder Instance = new Prime192v1Holder(); + + protected override ECCurve CreateCurve() + { + BigInteger n = FromHex("ffffffffffffffffffffffff99def836146bc9b1b4d22831"); + BigInteger h = BigInteger.One; + + return ConfigureCurve(new FpCurve( + FromHex("FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFFFFFFFFFFFF"), + FromHex("fffffffffffffffffffffffffffffffefffffffffffffffc"), + FromHex("64210519e59c80e70fa7e9ab72243049feb8deecc146b9b1"), + n, h, true)); + } + + protected override X9ECParameters CreateParameters() + { + byte[] S = Hex.DecodeStrict("3045AE6FC8422f64ED579528D38120EAE12196D5"); + ECCurve curve = Curve; + + X9ECPoint G = ConfigureBasepoint(curve, + "03188da80eb03090f67cbf20eb43a18800f4ff0afd82ff1012"); + + return new X9ECParameters(curve, G, curve.Order, curve.Cofactor, S); + } + } + + internal class Prime192v2Holder + : X9ECParametersHolder + { + private Prime192v2Holder() {} + + internal static readonly X9ECParametersHolder Instance = new Prime192v2Holder(); + + protected override ECCurve CreateCurve() + { + BigInteger n = FromHex("fffffffffffffffffffffffe5fb1a724dc80418648d8dd31"); + BigInteger h = BigInteger.One; + + return ConfigureCurve(new FpCurve( + FromHex("FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFFFFFFFFFFFF"), + FromHex("fffffffffffffffffffffffffffffffefffffffffffffffc"), + FromHex("cc22d6dfb95c6b25e49c0d6364a4e5980c393aa21668d953"), + n, h, true)); + } + + protected override X9ECParameters CreateParameters() + { + byte[] S = Hex.DecodeStrict("31a92ee2029fd10d901b113e990710f0d21ac6b6"); + ECCurve curve = Curve; + + X9ECPoint G = ConfigureBasepoint(curve, + "03eea2bae7e1497842f2de7769cfe9c989c072ad696f48034a"); + + return new X9ECParameters(curve, G, curve.Order, curve.Cofactor, S); + } + } + + internal class Prime192v3Holder + : X9ECParametersHolder + { + private Prime192v3Holder() {} + + internal static readonly X9ECParametersHolder Instance = new Prime192v3Holder(); + + protected override ECCurve CreateCurve() + { + BigInteger n = FromHex("ffffffffffffffffffffffff7a62d031c83f4294f640ec13"); + BigInteger h = BigInteger.One; + + return ConfigureCurve(new FpCurve( + FromHex("FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFFFFFFFFFFFF"), + FromHex("fffffffffffffffffffffffffffffffefffffffffffffffc"), + FromHex("22123dc2395a05caa7423daeccc94760a7d462256bd56916"), + n, h, true)); + } + + protected override X9ECParameters CreateParameters() + { + byte[] S = Hex.DecodeStrict("c469684435deb378c4b65ca9591e2a5763059a2e"); + ECCurve curve = Curve; + + X9ECPoint G = ConfigureBasepoint(curve, + "027d29778100c65a1da1783716588dce2b8b4aee8e228f1896"); + + return new X9ECParameters(curve, G, curve.Order, curve.Cofactor, S); + } + } + + internal class Prime239v1Holder + : X9ECParametersHolder + { + private Prime239v1Holder() {} + + internal static readonly X9ECParametersHolder Instance = new Prime239v1Holder(); + + protected override ECCurve CreateCurve() + { + BigInteger n = FromHex("7fffffffffffffffffffffff7fffff9e5e9a9f5d9071fbd1522688909d0b"); + BigInteger h = BigInteger.One; + + return ConfigureCurve(new FpCurve( + new BigInteger("883423532389192164791648750360308885314476597252960362792450860609699839"), + FromHex("7fffffffffffffffffffffff7fffffffffff8000000000007ffffffffffc"), + FromHex("6b016c3bdcf18941d0d654921475ca71a9db2fb27d1d37796185c2942c0a"), + n, h, true)); + } + + protected override X9ECParameters CreateParameters() + { + byte[] S = Hex.DecodeStrict("e43bb460f0b80cc0c0b075798e948060f8321b7d"); + ECCurve curve = Curve; + + X9ECPoint G = ConfigureBasepoint(curve, + "020ffa963cdca8816ccc33b8642bedf905c3d358573d3f27fbbd3b3cb9aaaf"); + + return new X9ECParameters(curve, G, curve.Order, curve.Cofactor, S); + } + } + + internal class Prime239v2Holder + : X9ECParametersHolder + { + private Prime239v2Holder() {} + + internal static readonly X9ECParametersHolder Instance = new Prime239v2Holder(); + + protected override ECCurve CreateCurve() + { + BigInteger n = FromHex("7fffffffffffffffffffffff800000cfa7e8594377d414c03821bc582063"); + BigInteger h = BigInteger.One; + + return ConfigureCurve(new FpCurve( + new BigInteger("883423532389192164791648750360308885314476597252960362792450860609699839"), + FromHex("7fffffffffffffffffffffff7fffffffffff8000000000007ffffffffffc"), + FromHex("617fab6832576cbbfed50d99f0249c3fee58b94ba0038c7ae84c8c832f2c"), + n, h, true)); + } + + protected override X9ECParameters CreateParameters() + { + byte[] S = Hex.DecodeStrict("e8b4011604095303ca3b8099982be09fcb9ae616"); + ECCurve curve = Curve; + + X9ECPoint G = ConfigureBasepoint(curve, + "0238af09d98727705120c921bb5e9e26296a3cdcf2f35757a0eafd87b830e7"); + + return new X9ECParameters(curve, G, curve.Order, curve.Cofactor, S); + } + } + + internal class Prime239v3Holder + : X9ECParametersHolder + { + private Prime239v3Holder() {} + + internal static readonly X9ECParametersHolder Instance = new Prime239v3Holder(); + + protected override ECCurve CreateCurve() + { + BigInteger n = FromHex("7fffffffffffffffffffffff7fffff975deb41b3a6057c3c432146526551"); + BigInteger h = BigInteger.One; + + return ConfigureCurve(new FpCurve( + new BigInteger("883423532389192164791648750360308885314476597252960362792450860609699839"), + FromHex("7fffffffffffffffffffffff7fffffffffff8000000000007ffffffffffc"), + FromHex("255705fa2a306654b1f4cb03d6a750a30c250102d4988717d9ba15ab6d3e"), + n, h, true)); + } + + protected override X9ECParameters CreateParameters() + { + byte[] S = Hex.DecodeStrict("7d7374168ffe3471b60a857686a19475d3bfa2ff"); + ECCurve curve = Curve; + + X9ECPoint G = ConfigureBasepoint(curve, + "036768ae8e18bb92cfcf005c949aa2c6d94853d0e660bbf854b1c9505fe95a"); + + return new X9ECParameters(curve, G, curve.Order, curve.Cofactor, S); + } + } + + internal class Prime256v1Holder + : X9ECParametersHolder + { + private Prime256v1Holder() {} + + internal static readonly X9ECParametersHolder Instance = new Prime256v1Holder(); + + protected override ECCurve CreateCurve() + { + BigInteger n = FromHex("ffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc632551"); + BigInteger h = BigInteger.One; + + return ConfigureCurve(new FpCurve( + new BigInteger("115792089210356248762697446949407573530086143415290314195533631308867097853951"), + FromHex("ffffffff00000001000000000000000000000000fffffffffffffffffffffffc"), + FromHex("5ac635d8aa3a93e7b3ebbd55769886bc651d06b0cc53b0f63bce3c3e27d2604b"), + n, h, true)); + } + + protected override X9ECParameters CreateParameters() + { + byte[] S = Hex.DecodeStrict("c49d360886e704936a6678e1139d26b7819f7e90"); + ECCurve curve = Curve; + + X9ECPoint G = ConfigureBasepoint(curve, + "036b17d1f2e12c4247f8bce6e563a440f277037d812deb33a0f4a13945d898c296"); + + return new X9ECParameters(curve, G, curve.Order, curve.Cofactor, S); + } + } + + /* + * F2m Curves + */ + internal class C2pnb163v1Holder + : X9ECParametersHolder + { + private C2pnb163v1Holder() {} + + internal static readonly X9ECParametersHolder Instance = new C2pnb163v1Holder(); + + protected override ECCurve CreateCurve() + { + BigInteger n = FromHex("0400000000000000000001E60FC8821CC74DAEAFC1"); + BigInteger h = BigInteger.Two; + + return ConfigureCurve(new F2mCurve( + 163, + 1, 2, 8, + FromHex("072546B5435234A422E0789675F432C89435DE5242"), + FromHex("00C9517D06D5240D3CFF38C74B20B6CD4D6F9DD4D9"), + n, h)); + } + + protected override X9ECParameters CreateParameters() + { + byte[] S = Hex.DecodeStrict("D2C0FB15760860DEF1EEF4D696E6768756151754"); + ECCurve curve = Curve; + + X9ECPoint G = ConfigureBasepoint(curve, + "0307AF69989546103D79329FCC3D74880F33BBE803CB"); + + return new X9ECParameters(curve, G, curve.Order, curve.Cofactor, S); + } + } + + internal class C2pnb163v2Holder + : X9ECParametersHolder + { + private C2pnb163v2Holder() {} + + internal static readonly X9ECParametersHolder Instance = new C2pnb163v2Holder(); + + protected override ECCurve CreateCurve() + { + BigInteger n = FromHex("03FFFFFFFFFFFFFFFFFFFDF64DE1151ADBB78F10A7"); + BigInteger h = BigInteger.Two; + + return ConfigureCurve(new F2mCurve( + 163, + 1, 2, 8, + FromHex("0108B39E77C4B108BED981ED0E890E117C511CF072"), + FromHex("0667ACEB38AF4E488C407433FFAE4F1C811638DF20"), + n, h)); + } + + protected override X9ECParameters CreateParameters() + { + byte[] S = null; + ECCurve curve = Curve; + + X9ECPoint G = ConfigureBasepoint(curve, + "030024266E4EB5106D0A964D92C4860E2671DB9B6CC5"); + + return new X9ECParameters(curve, G, curve.Order, curve.Cofactor, S); + } + } + + internal class C2pnb163v3Holder + : X9ECParametersHolder + { + private C2pnb163v3Holder() {} + + internal static readonly X9ECParametersHolder Instance = new C2pnb163v3Holder(); + + protected override ECCurve CreateCurve() + { + BigInteger n = FromHex("03FFFFFFFFFFFFFFFFFFFE1AEE140F110AFF961309"); + BigInteger h = BigInteger.Two; + + return ConfigureCurve(new F2mCurve( + 163, + 1, 2, 8, + FromHex("07A526C63D3E25A256A007699F5447E32AE456B50E"), + FromHex("03F7061798EB99E238FD6F1BF95B48FEEB4854252B"), + n, h)); + } + + protected override X9ECParameters CreateParameters() + { + byte[] S = null; + ECCurve curve = Curve; + + X9ECPoint G = ConfigureBasepoint(curve, + "0202F9F87B7C574D0BDECF8A22E6524775F98CDEBDCB"); + + return new X9ECParameters(curve, G, curve.Order, curve.Cofactor, S); + } + } + + internal class C2pnb176w1Holder + : X9ECParametersHolder + { + private C2pnb176w1Holder() {} + + internal static readonly X9ECParametersHolder Instance = new C2pnb176w1Holder(); + + protected override ECCurve CreateCurve() + { + BigInteger n = FromHex("010092537397ECA4F6145799D62B0A19CE06FE26AD"); + BigInteger h = BigInteger.ValueOf(0xFF6E); + + return ConfigureCurve(new F2mCurve( + 176, + 1, 2, 43, + FromHex("E4E6DB2995065C407D9D39B8D0967B96704BA8E9C90B"), + FromHex("5DDA470ABE6414DE8EC133AE28E9BBD7FCEC0AE0FFF2"), + n, h)); + } + + protected override X9ECParameters CreateParameters() + { + byte[] S = null; + ECCurve curve = Curve; + + X9ECPoint G = ConfigureBasepoint(curve, + "038D16C2866798B600F9F08BB4A8E860F3298CE04A5798"); + + return new X9ECParameters(curve, G, curve.Order, curve.Cofactor, S); + } + } + + internal class C2tnb191v1Holder + : X9ECParametersHolder + { + private C2tnb191v1Holder() {} + + internal static readonly X9ECParametersHolder Instance = new C2tnb191v1Holder(); + + protected override ECCurve CreateCurve() + { + BigInteger n = FromHex("40000000000000000000000004A20E90C39067C893BBB9A5"); + BigInteger h = BigInteger.Two; + + return ConfigureCurve(new F2mCurve( + 191, + 9, + FromHex("2866537B676752636A68F56554E12640276B649EF7526267"), + FromHex("2E45EF571F00786F67B0081B9495A3D95462F5DE0AA185EC"), + n, h)); + } + + protected override X9ECParameters CreateParameters() + { + byte[] S = Hex.DecodeStrict("4E13CA542744D696E67687561517552F279A8C84"); + ECCurve curve = Curve; + + X9ECPoint G = ConfigureBasepoint(curve, + "0236B3DAF8A23206F9C4F299D7B21A9C369137F2C84AE1AA0D"); + + return new X9ECParameters(curve, G, curve.Order, curve.Cofactor, S); + } + } + + internal class C2tnb191v2Holder + : X9ECParametersHolder + { + private C2tnb191v2Holder() {} + + internal static readonly X9ECParametersHolder Instance = new C2tnb191v2Holder(); + + protected override ECCurve CreateCurve() + { + BigInteger n = FromHex("20000000000000000000000050508CB89F652824E06B8173"); + BigInteger h = BigInteger.ValueOf(4); + + return ConfigureCurve(new F2mCurve( + 191, + 9, + FromHex("401028774D7777C7B7666D1366EA432071274F89FF01E718"), + FromHex("0620048D28BCBD03B6249C99182B7C8CD19700C362C46A01"), + n, h)); + } + + protected override X9ECParameters CreateParameters() + { + byte[] S = null; + ECCurve curve = Curve; + + X9ECPoint G = ConfigureBasepoint(curve, + "023809B2B7CC1B28CC5A87926AAD83FD28789E81E2C9E3BF10"); + + return new X9ECParameters(curve, G, curve.Order, curve.Cofactor, S); + } + } + + internal class C2tnb191v3Holder + : X9ECParametersHolder + { + private C2tnb191v3Holder() {} + + internal static readonly X9ECParametersHolder Instance = new C2tnb191v3Holder(); + + protected override ECCurve CreateCurve() + { + BigInteger n = FromHex("155555555555555555555555610C0B196812BFB6288A3EA3"); + BigInteger h = BigInteger.ValueOf(6); + + return ConfigureCurve(new F2mCurve( + 191, + 9, + FromHex("6C01074756099122221056911C77D77E77A777E7E7E77FCB"), + FromHex("71FE1AF926CF847989EFEF8DB459F66394D90F32AD3F15E8"), + n, h)); + } + + protected override X9ECParameters CreateParameters() + { + byte[] S = null; + ECCurve curve = Curve; + + X9ECPoint G = ConfigureBasepoint(curve, + "03375D4CE24FDE434489DE8746E71786015009E66E38A926DD"); + + return new X9ECParameters(curve, G, curve.Order, curve.Cofactor, S); + } + } + + internal class C2pnb208w1Holder + : X9ECParametersHolder + { + private C2pnb208w1Holder() {} + + internal static readonly X9ECParametersHolder Instance = new C2pnb208w1Holder(); + + protected override ECCurve CreateCurve() + { + BigInteger n = FromHex("0101BAF95C9723C57B6C21DA2EFF2D5ED588BDD5717E212F9D"); + BigInteger h = BigInteger.ValueOf(0xFE48); + + return ConfigureCurve(new F2mCurve( + 208, + 1, 2, 83, + BigInteger.Zero, + FromHex("C8619ED45A62E6212E1160349E2BFA844439FAFC2A3FD1638F9E"), + n, h)); + } + + protected override X9ECParameters CreateParameters() + { + byte[] S = null; + ECCurve curve = Curve; + + X9ECPoint G = ConfigureBasepoint(curve, + "0289FDFBE4ABE193DF9559ECF07AC0CE78554E2784EB8C1ED1A57A"); + + return new X9ECParameters(curve, G, curve.Order, curve.Cofactor, S); + } + } + + internal class C2tnb239v1Holder + : X9ECParametersHolder + { + private C2tnb239v1Holder() {} + + internal static readonly X9ECParametersHolder Instance = new C2tnb239v1Holder(); + + protected override ECCurve CreateCurve() + { + BigInteger n = FromHex("2000000000000000000000000000000F4D42FFE1492A4993F1CAD666E447"); + BigInteger h = BigInteger.ValueOf(4); + + return ConfigureCurve(new F2mCurve( + 239, + 36, + FromHex("32010857077C5431123A46B808906756F543423E8D27877578125778AC76"), + FromHex("790408F2EEDAF392B012EDEFB3392F30F4327C0CA3F31FC383C422AA8C16"), + n, h)); + } + + protected override X9ECParameters CreateParameters() + { + byte[] S = null; + ECCurve curve = Curve; + + X9ECPoint G = ConfigureBasepoint(curve, + "0257927098FA932E7C0A96D3FD5B706EF7E5F5C156E16B7E7C86038552E91D"); + + return new X9ECParameters(curve, G, curve.Order, curve.Cofactor, S); + } + } + + internal class C2tnb239v2Holder + : X9ECParametersHolder + { + private C2tnb239v2Holder() {} + + internal static readonly X9ECParametersHolder Instance = new C2tnb239v2Holder(); + + protected override ECCurve CreateCurve() + { + BigInteger n = FromHex("1555555555555555555555555555553C6F2885259C31E3FCDF154624522D"); + BigInteger h = BigInteger.ValueOf(6); + + return ConfigureCurve(new F2mCurve( + 239, + 36, + FromHex("4230017757A767FAE42398569B746325D45313AF0766266479B75654E65F"), + FromHex("5037EA654196CFF0CD82B2C14A2FCF2E3FF8775285B545722F03EACDB74B"), + n, h)); + } + + protected override X9ECParameters CreateParameters() + { + byte[] S = null; + ECCurve curve = Curve; + + X9ECPoint G = ConfigureBasepoint(curve, + "0228F9D04E900069C8DC47A08534FE76D2B900B7D7EF31F5709F200C4CA205"); + + return new X9ECParameters(curve, G, curve.Order, curve.Cofactor, S); + } + } + + internal class C2tnb239v3Holder + : X9ECParametersHolder + { + private C2tnb239v3Holder() {} + + internal static readonly X9ECParametersHolder Instance = new C2tnb239v3Holder(); + + protected override ECCurve CreateCurve() + { + BigInteger n = FromHex("0CCCCCCCCCCCCCCCCCCCCCCCCCCCCCAC4912D2D9DF903EF9888B8A0E4CFF"); + BigInteger h = BigInteger.ValueOf(10); + + return ConfigureCurve(new F2mCurve( + 239, + 36, + FromHex("01238774666A67766D6676F778E676B66999176666E687666D8766C66A9F"), + FromHex("6A941977BA9F6A435199ACFC51067ED587F519C5ECB541B8E44111DE1D40"), + n, h)); + } + + protected override X9ECParameters CreateParameters() + { + byte[] S = null; + ECCurve curve = Curve; + + X9ECPoint G = ConfigureBasepoint(curve, + "0370F6E9D04D289C4E89913CE3530BFDE903977D42B146D539BF1BDE4E9C92"); + + return new X9ECParameters(curve, G, curve.Order, curve.Cofactor, S); + } + } + + internal class C2pnb272w1Holder + : X9ECParametersHolder + { + private C2pnb272w1Holder() {} + + internal static readonly X9ECParametersHolder Instance = new C2pnb272w1Holder(); + + protected override ECCurve CreateCurve() + { + BigInteger n = FromHex("0100FAF51354E0E39E4892DF6E319C72C8161603FA45AA7B998A167B8F1E629521"); + BigInteger h = BigInteger.ValueOf(0xFF06); + + return ConfigureCurve(new F2mCurve( + 272, + 1, 3, 56, + FromHex("91A091F03B5FBA4AB2CCF49C4EDD220FB028712D42BE752B2C40094DBACDB586FB20"), + FromHex("7167EFC92BB2E3CE7C8AAAFF34E12A9C557003D7C73A6FAF003F99F6CC8482E540F7"), + n, h)); + } + + protected override X9ECParameters CreateParameters() + { + byte[] S = null; + ECCurve curve = Curve; + + X9ECPoint G = ConfigureBasepoint(curve, + "026108BABB2CEEBCF787058A056CBE0CFE622D7723A289E08A07AE13EF0D10D171DD8D"); + + return new X9ECParameters(curve, G, curve.Order, curve.Cofactor, S); + } + } + + internal class C2pnb304w1Holder + : X9ECParametersHolder + { + private C2pnb304w1Holder() {} + + internal static readonly X9ECParametersHolder Instance = new C2pnb304w1Holder(); + + protected override ECCurve CreateCurve() + { + BigInteger n = FromHex("0101D556572AABAC800101D556572AABAC8001022D5C91DD173F8FB561DA6899164443051D"); + BigInteger h = BigInteger.ValueOf(0xFE2E); + + return ConfigureCurve(new F2mCurve( + 304, + 1, 2, 11, + FromHex("FD0D693149A118F651E6DCE6802085377E5F882D1B510B44160074C1288078365A0396C8E681"), + FromHex("BDDB97E555A50A908E43B01C798EA5DAA6788F1EA2794EFCF57166B8C14039601E55827340BE"), + n, h)); + } + + protected override X9ECParameters CreateParameters() + { + byte[] S = null; + ECCurve curve = Curve; + + X9ECPoint G = ConfigureBasepoint(curve, + "02197B07845E9BE2D96ADB0F5F3C7F2CFFBD7A3EB8B6FEC35C7FD67F26DDF6285A644F740A2614"); + + return new X9ECParameters(curve, G, curve.Order, curve.Cofactor, S); + } + } + + internal class C2tnb359v1Holder + : X9ECParametersHolder + { + private C2tnb359v1Holder() {} + + internal static readonly X9ECParametersHolder Instance = new C2tnb359v1Holder(); + + protected override ECCurve CreateCurve() + { + BigInteger n = FromHex("01AF286BCA1AF286BCA1AF286BCA1AF286BCA1AF286BC9FB8F6B85C556892C20A7EB964FE7719E74F490758D3B"); + BigInteger h = BigInteger.ValueOf(0x4C); + + return ConfigureCurve(new F2mCurve( + 359, + 68, + FromHex("5667676A654B20754F356EA92017D946567C46675556F19556A04616B567D223A5E05656FB549016A96656A557"), + FromHex("2472E2D0197C49363F1FE7F5B6DB075D52B6947D135D8CA445805D39BC345626089687742B6329E70680231988"), + n, h)); + } + + protected override X9ECParameters CreateParameters() + { + byte[] S = null; + ECCurve curve = Curve; + + X9ECPoint G = ConfigureBasepoint(curve, + "033C258EF3047767E7EDE0F1FDAA79DAEE3841366A132E163ACED4ED2401DF9C6BDCDE98E8E707C07A2239B1B097"); + + return new X9ECParameters(curve, G, curve.Order, curve.Cofactor, S); + } + } + + internal class C2pnb368w1Holder + : X9ECParametersHolder + { + private C2pnb368w1Holder() {} + + internal static readonly X9ECParametersHolder Instance = new C2pnb368w1Holder(); + + protected override ECCurve CreateCurve() + { + BigInteger n = FromHex("010090512DA9AF72B08349D98A5DD4C7B0532ECA51CE03E2D10F3B7AC579BD87E909AE40A6F131E9CFCE5BD967"); + BigInteger h = BigInteger.ValueOf(0xFF70); + + return ConfigureCurve(new F2mCurve( + 368, + 1, 2, 85, + FromHex("E0D2EE25095206F5E2A4F9ED229F1F256E79A0E2B455970D8D0D865BD94778C576D62F0AB7519CCD2A1A906AE30D"), + FromHex("FC1217D4320A90452C760A58EDCD30C8DD069B3C34453837A34ED50CB54917E1C2112D84D164F444F8F74786046A"), + n, h)); + } + + protected override X9ECParameters CreateParameters() + { + byte[] S = null; + ECCurve curve = Curve; + + X9ECPoint G = ConfigureBasepoint(curve, + "021085E2755381DCCCE3C1557AFA10C2F0C0C2825646C5B34A394CBCFA8BC16B22E7E789E927BE216F02E1FB136A5F"); + + return new X9ECParameters(curve, G, curve.Order, curve.Cofactor, S); + } + } + + internal class C2tnb431r1Holder + : X9ECParametersHolder + { + private C2tnb431r1Holder() {} + + internal static readonly X9ECParametersHolder Instance = new C2tnb431r1Holder(); + + protected override ECCurve CreateCurve() + { + BigInteger n = FromHex("0340340340340340340340340340340340340340340340340340340323C313FAB50589703B5EC68D3587FEC60D161CC149C1AD4A91"); + BigInteger h = BigInteger.ValueOf(0x2760); + + return ConfigureCurve(new F2mCurve( + 431, + 120, + FromHex("1A827EF00DD6FC0E234CAF046C6A5D8A85395B236CC4AD2CF32A0CADBDC9DDF620B0EB9906D0957F6C6FEACD615468DF104DE296CD8F"), + FromHex("10D9B4A3D9047D8B154359ABFB1B7F5485B04CEB868237DDC9DEDA982A679A5A919B626D4E50A8DD731B107A9962381FB5D807BF2618"), + n, h)); + } + + protected override X9ECParameters CreateParameters() + { + byte[] S = null; + ECCurve curve = Curve; + + X9ECPoint G = ConfigureBasepoint(curve, + "02120FC05D3C67A99DE161D2F4092622FECA701BE4F50F4758714E8A87BBF2A658EF8C21E7C5EFE965361F6C2999C0C247B0DBD70CE6B7"); + + return new X9ECParameters(curve, G, curve.Order, curve.Cofactor, S); + } + } + + + private static readonly IDictionary objIds = Platform.CreateHashtable(); + private static readonly IDictionary curves = Platform.CreateHashtable(); + private static readonly IDictionary names = Platform.CreateHashtable(); + + private static void DefineCurve( + string name, + DerObjectIdentifier oid, + X9ECParametersHolder holder) + { + objIds.Add(Platform.ToUpperInvariant(name), oid); + names.Add(oid, name); + curves.Add(oid, holder); + } + + static X962NamedCurves() + { + DefineCurve("prime192v1", X9ObjectIdentifiers.Prime192v1, Prime192v1Holder.Instance); + DefineCurve("prime192v2", X9ObjectIdentifiers.Prime192v2, Prime192v2Holder.Instance); + DefineCurve("prime192v3", X9ObjectIdentifiers.Prime192v3, Prime192v3Holder.Instance); + DefineCurve("prime239v1", X9ObjectIdentifiers.Prime239v1, Prime239v1Holder.Instance); + DefineCurve("prime239v2", X9ObjectIdentifiers.Prime239v2, Prime239v2Holder.Instance); + DefineCurve("prime239v3", X9ObjectIdentifiers.Prime239v3, Prime239v3Holder.Instance); + DefineCurve("prime256v1", X9ObjectIdentifiers.Prime256v1, Prime256v1Holder.Instance); + DefineCurve("c2pnb163v1", X9ObjectIdentifiers.C2Pnb163v1, C2pnb163v1Holder.Instance); + DefineCurve("c2pnb163v2", X9ObjectIdentifiers.C2Pnb163v2, C2pnb163v2Holder.Instance); + DefineCurve("c2pnb163v3", X9ObjectIdentifiers.C2Pnb163v3, C2pnb163v3Holder.Instance); + DefineCurve("c2pnb176w1", X9ObjectIdentifiers.C2Pnb176w1, C2pnb176w1Holder.Instance); + DefineCurve("c2tnb191v1", X9ObjectIdentifiers.C2Tnb191v1, C2tnb191v1Holder.Instance); + DefineCurve("c2tnb191v2", X9ObjectIdentifiers.C2Tnb191v2, C2tnb191v2Holder.Instance); + DefineCurve("c2tnb191v3", X9ObjectIdentifiers.C2Tnb191v3, C2tnb191v3Holder.Instance); + DefineCurve("c2pnb208w1", X9ObjectIdentifiers.C2Pnb208w1, C2pnb208w1Holder.Instance); + DefineCurve("c2tnb239v1", X9ObjectIdentifiers.C2Tnb239v1, C2tnb239v1Holder.Instance); + DefineCurve("c2tnb239v2", X9ObjectIdentifiers.C2Tnb239v2, C2tnb239v2Holder.Instance); + DefineCurve("c2tnb239v3", X9ObjectIdentifiers.C2Tnb239v3, C2tnb239v3Holder.Instance); + DefineCurve("c2pnb272w1", X9ObjectIdentifiers.C2Pnb272w1, C2pnb272w1Holder.Instance); + DefineCurve("c2pnb304w1", X9ObjectIdentifiers.C2Pnb304w1, C2pnb304w1Holder.Instance); + DefineCurve("c2tnb359v1", X9ObjectIdentifiers.C2Tnb359v1, C2tnb359v1Holder.Instance); + DefineCurve("c2pnb368w1", X9ObjectIdentifiers.C2Pnb368w1, C2pnb368w1Holder.Instance); + DefineCurve("c2tnb431r1", X9ObjectIdentifiers.C2Tnb431r1, C2tnb431r1Holder.Instance); + } + + public static X9ECParameters GetByName(string name) + { + DerObjectIdentifier oid = GetOid(name); + return oid == null ? null : GetByOid(oid); + } + + public static X9ECParametersHolder GetByNameLazy(string name) + { + DerObjectIdentifier oid = GetOid(name); + return oid == null ? null : GetByOidLazy(oid); + } + + /** + * return the X9ECParameters object for the named curve represented by + * the passed in object identifier. Null if the curve isn't present. + * + * @param oid an object identifier representing a named curve, if present. + */ + public static X9ECParameters GetByOid(DerObjectIdentifier oid) + { + X9ECParametersHolder holder = GetByOidLazy(oid); + return holder == null ? null : holder.Parameters; + } + + public static X9ECParametersHolder GetByOidLazy(DerObjectIdentifier oid) + { + return (X9ECParametersHolder)curves[oid]; + } + + /** + * return the object identifier signified by the passed in name. Null + * if there is no object identifier associated with name. + * + * @return the object identifier associated with name, if present. + */ + public static DerObjectIdentifier GetOid( + string name) + { + return (DerObjectIdentifier)objIds[Platform.ToUpperInvariant(name)]; + } + + /** + * return the named curve name represented by the given object identifier. + */ + public static string GetName( + DerObjectIdentifier oid) + { + return (string)names[oid]; + } + + /** + * returns an enumeration containing the name strings for curves + * contained in this structure. + */ + public static IEnumerable Names + { + get { return new EnumerableProxy(names.Values); } + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/x9/X962Parameters.cs b/BouncyCastle/crypto/src/asn1/x9/X962Parameters.cs new file mode 100644 index 0000000..5bdabc6 --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/x9/X962Parameters.cs @@ -0,0 +1,95 @@ +using System; + +using Org.BouncyCastle.Asn1; + +namespace Org.BouncyCastle.Asn1.X9 +{ + public class X962Parameters + : Asn1Encodable, IAsn1Choice + { + private readonly Asn1Object _params; + + public static X962Parameters GetInstance( + object obj) + { + if (obj == null || obj is X962Parameters) + { + return (X962Parameters)obj; + } + + if (obj is Asn1Object) + { + return new X962Parameters((Asn1Object)obj); + } + + if (obj is byte[]) + { + try + { + return new X962Parameters(Asn1Object.FromByteArray((byte[])obj)); + } + catch (Exception e) + { + throw new ArgumentException("unable to parse encoded data: " + e.Message, e); + } + } + + throw new ArgumentException("unknown object in getInstance()"); + } + + public X962Parameters( + X9ECParameters ecParameters) + { + this._params = ecParameters.ToAsn1Object(); + } + + public X962Parameters( + DerObjectIdentifier namedCurve) + { + this._params = namedCurve; + } + + public X962Parameters( + Asn1Null obj) + { + this._params = obj; + } + + [Obsolete("Use 'GetInstance' instead")] + public X962Parameters( + Asn1Object obj) + { + this._params = obj; + } + + public bool IsNamedCurve + { + get { return (_params is DerObjectIdentifier); } + } + + public bool IsImplicitlyCA + { + get { return (_params is Asn1Null); } + } + + public Asn1Object Parameters + { + get { return _params; } + } + + /** + * Produce an object suitable for an Asn1OutputStream. + * 
+         * Parameters ::= CHOICE {
+         *    ecParameters ECParameters,
+         *    namedCurve   CURVES.&id({CurveNames}),
+         *    implicitlyCA Null
+         * }
+         *
+ */ + public override Asn1Object ToAsn1Object() + { + return _params; + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/x9/X9Curve.cs b/BouncyCastle/crypto/src/asn1/x9/X9Curve.cs new file mode 100644 index 0000000..0be9bf9 --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/x9/X9Curve.cs @@ -0,0 +1,155 @@ +using System; + +using Org.BouncyCastle.Math; +using Org.BouncyCastle.Math.EC; +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Asn1.X9 +{ + /** + * ASN.1 def for Elliptic-Curve Curve structure. See + * X9.62, for further details. + */ + public class X9Curve + : Asn1Encodable + { + private readonly ECCurve curve; + private readonly byte[] seed; + private readonly DerObjectIdentifier fieldIdentifier; + + public X9Curve( + ECCurve curve) + : this(curve, null) + { + } + + public X9Curve( + ECCurve curve, + byte[] seed) + { + if (curve == null) + throw new ArgumentNullException("curve"); + + this.curve = curve; + this.seed = Arrays.Clone(seed); + + if (ECAlgorithms.IsFpCurve(curve)) + { + this.fieldIdentifier = X9ObjectIdentifiers.PrimeField; + } + else if (ECAlgorithms.IsF2mCurve(curve)) + { + this.fieldIdentifier = X9ObjectIdentifiers.CharacteristicTwoField; + } + else + { + throw new ArgumentException("This type of ECCurve is not implemented"); + } + } + + [Obsolete("Use constructor including order/cofactor")] + public X9Curve( + X9FieldID fieldID, + Asn1Sequence seq) + : this(fieldID, null, null, seq) + { + } + + public X9Curve( + X9FieldID fieldID, + BigInteger order, + BigInteger cofactor, + Asn1Sequence seq) + { + if (fieldID == null) + throw new ArgumentNullException("fieldID"); + if (seq == null) + throw new ArgumentNullException("seq"); + + this.fieldIdentifier = fieldID.Identifier; + + if (fieldIdentifier.Equals(X9ObjectIdentifiers.PrimeField)) + { + BigInteger p = ((DerInteger)fieldID.Parameters).Value; + BigInteger A = new BigInteger(1, Asn1OctetString.GetInstance(seq[0]).GetOctets()); + BigInteger B = new BigInteger(1, Asn1OctetString.GetInstance(seq[1]).GetOctets()); + curve = new FpCurve(p, A, B, order, cofactor); + } + else if (fieldIdentifier.Equals(X9ObjectIdentifiers.CharacteristicTwoField)) + { + // Characteristic two field + DerSequence parameters = (DerSequence)fieldID.Parameters; + int m = ((DerInteger)parameters[0]).IntValueExact; + DerObjectIdentifier representation = (DerObjectIdentifier)parameters[1]; + + int k1 = 0; + int k2 = 0; + int k3 = 0; + if (representation.Equals(X9ObjectIdentifiers.TPBasis)) + { + // Trinomial basis representation + k1 = ((DerInteger)parameters[2]).IntValueExact; + } + else + { + // Pentanomial basis representation + DerSequence pentanomial = (DerSequence) parameters[2]; + k1 = ((DerInteger)pentanomial[0]).IntValueExact; + k2 = ((DerInteger)pentanomial[1]).IntValueExact; + k3 = ((DerInteger)pentanomial[2]).IntValueExact; + } + BigInteger A = new BigInteger(1, Asn1OctetString.GetInstance(seq[0]).GetOctets()); + BigInteger B = new BigInteger(1, Asn1OctetString.GetInstance(seq[1]).GetOctets()); + curve = new F2mCurve(m, k1, k2, k3, A, B, order, cofactor); + } + else + { + throw new ArgumentException("This type of ECCurve is not implemented"); + } + + if (seq.Count == 3) + { + seed = ((DerBitString)seq[2]).GetBytes(); + } + } + + public ECCurve Curve + { + get { return curve; } + } + + public byte[] GetSeed() + { + return Arrays.Clone(seed); + } + + /** + * Produce an object suitable for an Asn1OutputStream. + * 
+         *  Curve ::= Sequence {
+         *      a               FieldElement,
+         *      b               FieldElement,
+         *      seed            BIT STRING      OPTIONAL
+         *  }
+         *
+ */ + public override Asn1Object ToAsn1Object() + { + Asn1EncodableVector v = new Asn1EncodableVector(); + + if (fieldIdentifier.Equals(X9ObjectIdentifiers.PrimeField) + || fieldIdentifier.Equals(X9ObjectIdentifiers.CharacteristicTwoField)) + { + v.Add(new X9FieldElement(curve.A).ToAsn1Object()); + v.Add(new X9FieldElement(curve.B).ToAsn1Object()); + } + + if (seed != null) + { + v.Add(new DerBitString(seed)); + } + + return new DerSequence(v); + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/x9/X9ECParameters.cs b/BouncyCastle/crypto/src/asn1/x9/X9ECParameters.cs new file mode 100644 index 0000000..aa84063 --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/x9/X9ECParameters.cs @@ -0,0 +1,230 @@ +using System; + +using Org.BouncyCastle.Math; +using Org.BouncyCastle.Math.EC; +using Org.BouncyCastle.Math.Field; + +namespace Org.BouncyCastle.Asn1.X9 +{ + /** + * ASN.1 def for Elliptic-Curve ECParameters structure. See + * X9.62, for further details. + */ + public class X9ECParameters + : Asn1Encodable + { + private X9FieldID fieldID; + private ECCurve curve; + private X9ECPoint g; + private BigInteger n; + private BigInteger h; + private byte[] seed; + + public static X9ECParameters GetInstance(Object obj) + { + if (obj is X9ECParameters) + return (X9ECParameters)obj; + + if (obj != null) + return new X9ECParameters(Asn1Sequence.GetInstance(obj)); + + return null; + } + + public X9ECParameters( + Asn1Sequence seq) + { + if (!(seq[0] is DerInteger) + || !((DerInteger)seq[0]).HasValue(1)) + { + throw new ArgumentException("bad version in X9ECParameters"); + } + + this.n = ((DerInteger)seq[4]).Value; + + if (seq.Count == 6) + { + this.h = ((DerInteger)seq[5]).Value; + } + + X9Curve x9c = new X9Curve( + X9FieldID.GetInstance(seq[1]), n, h, + Asn1Sequence.GetInstance(seq[2])); + + this.curve = x9c.Curve; + object p = seq[3]; + + if (p is X9ECPoint) + { + this.g = (X9ECPoint)p; + } + else + { + this.g = new X9ECPoint(curve, (Asn1OctetString)p); + } + + this.seed = x9c.GetSeed(); + } + + public X9ECParameters( + ECCurve curve, + ECPoint g, + BigInteger n) + : this(curve, g, n, null, null) + { + } + + public X9ECParameters( + ECCurve curve, + X9ECPoint g, + BigInteger n, + BigInteger h) + : this(curve, g, n, h, null) + { + } + + public X9ECParameters( + ECCurve curve, + ECPoint g, + BigInteger n, + BigInteger h) + : this(curve, g, n, h, null) + { + } + + public X9ECParameters( + ECCurve curve, + ECPoint g, + BigInteger n, + BigInteger h, + byte[] seed) + : this(curve, new X9ECPoint(g), n, h, seed) + { + } + + public X9ECParameters( + ECCurve curve, + X9ECPoint g, + BigInteger n, + BigInteger h, + byte[] seed) + { + this.curve = curve; + this.g = g; + this.n = n; + this.h = h; + this.seed = seed; + + if (ECAlgorithms.IsFpCurve(curve)) + { + this.fieldID = new X9FieldID(curve.Field.Characteristic); + } + else if (ECAlgorithms.IsF2mCurve(curve)) + { + IPolynomialExtensionField field = (IPolynomialExtensionField)curve.Field; + int[] exponents = field.MinimalPolynomial.GetExponentsPresent(); + if (exponents.Length == 3) + { + this.fieldID = new X9FieldID(exponents[2], exponents[1]); + } + else if (exponents.Length == 5) + { + this.fieldID = new X9FieldID(exponents[4], exponents[1], exponents[2], exponents[3]); + } + else + { + throw new ArgumentException("Only trinomial and pentomial curves are supported"); + } + } + else + { + throw new ArgumentException("'curve' is of an unsupported type"); + } + } + + public ECCurve Curve + { + get { return curve; } + } + + public ECPoint G + { + get { return g.Point; } + } + + public BigInteger N + { + get { return n; } + } + + public BigInteger H + { + get { return h; } + } + + public byte[] GetSeed() + { + return seed; + } + + /** + * Return the ASN.1 entry representing the Curve. + * + * @return the X9Curve for the curve in these parameters. + */ + public X9Curve CurveEntry + { + get { return new X9Curve(curve, seed); } + } + + /** + * Return the ASN.1 entry representing the FieldID. + * + * @return the X9FieldID for the FieldID in these parameters. + */ + public X9FieldID FieldIDEntry + { + get { return fieldID; } + } + + /** + * Return the ASN.1 entry representing the base point G. + * + * @return the X9ECPoint for the base point in these parameters. + */ + public X9ECPoint BaseEntry + { + get { return g; } + } + + /** + * Produce an object suitable for an Asn1OutputStream. + * 
+         *  ECParameters ::= Sequence {
+         *      version         Integer { ecpVer1(1) } (ecpVer1),
+         *      fieldID         FieldID {{FieldTypes}},
+         *      curve           X9Curve,
+         *      base            X9ECPoint,
+         *      order           Integer,
+         *      cofactor        Integer OPTIONAL
+         *  }
+         *
+ */ + public override Asn1Object ToAsn1Object() + { + Asn1EncodableVector v = new Asn1EncodableVector( + new DerInteger(BigInteger.One), + fieldID, + new X9Curve(curve, seed), + g, + new DerInteger(n)); + + if (h != null) + { + v.Add(new DerInteger(h)); + } + + return new DerSequence(v); + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/x9/X9ECParametersHolder.cs b/BouncyCastle/crypto/src/asn1/x9/X9ECParametersHolder.cs new file mode 100644 index 0000000..ea72cc6 --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/x9/X9ECParametersHolder.cs @@ -0,0 +1,49 @@ +using Org.BouncyCastle.Math.EC; + +namespace Org.BouncyCastle.Asn1.X9 +{ + public abstract class X9ECParametersHolder + { + private ECCurve m_curve; + private X9ECParameters m_parameters; + + public ECCurve Curve + { + get + { + lock (this) + { + if (m_curve == null) + { + m_curve = CreateCurve(); + } + + return m_curve; + } + } + } + + public X9ECParameters Parameters + { + get + { + lock (this) + { + if (m_parameters == null) + { + m_parameters = CreateParameters(); + } + + return m_parameters; + } + } + } + + protected virtual ECCurve CreateCurve() + { + return CreateParameters().Curve; + } + + protected abstract X9ECParameters CreateParameters(); + } +} diff --git a/BouncyCastle/crypto/src/asn1/x9/X9ECPoint.cs b/BouncyCastle/crypto/src/asn1/x9/X9ECPoint.cs new file mode 100644 index 0000000..7ef4f13 --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/x9/X9ECPoint.cs @@ -0,0 +1,80 @@ +using Org.BouncyCastle.Math.EC; + +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Asn1.X9 +{ + /** + * class for describing an ECPoint as a Der object. + */ + public class X9ECPoint + : Asn1Encodable + { + private readonly Asn1OctetString encoding; + + private ECCurve c; + private ECPoint p; + + public X9ECPoint(ECPoint p) + : this(p, false) + { + } + + public X9ECPoint(ECPoint p, bool compressed) + { + this.p = p.Normalize(); + this.encoding = new DerOctetString(p.GetEncoded(compressed)); + } + + public X9ECPoint(ECCurve c, byte[] encoding) + { + this.c = c; + this.encoding = new DerOctetString(Arrays.Clone(encoding)); + } + + public X9ECPoint(ECCurve c, Asn1OctetString s) + : this(c, s.GetOctets()) + { + } + + public byte[] GetPointEncoding() + { + return Arrays.Clone(encoding.GetOctets()); + } + + public ECPoint Point + { + get + { + if (p == null) + { + p = c.DecodePoint(encoding.GetOctets()).Normalize(); + } + + return p; + } + } + + public bool IsPointCompressed + { + get + { + byte[] octets = encoding.GetOctets(); + return octets != null && octets.Length > 0 && (octets[0] == 2 || octets[0] == 3); + } + } + + /** + * Produce an object suitable for an Asn1OutputStream. + * 
+         *  ECPoint ::= OCTET STRING
+         *
+ *

+ * Octet string produced using ECPoint.GetEncoded().

+ */ + public override Asn1Object ToAsn1Object() + { + return encoding; + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/x9/X9FieldElement.cs b/BouncyCastle/crypto/src/asn1/x9/X9FieldElement.cs new file mode 100644 index 0000000..222b4cf --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/x9/X9FieldElement.cs @@ -0,0 +1,71 @@ +using System; + +using Org.BouncyCastle.Math; +using Org.BouncyCastle.Math.EC; + +namespace Org.BouncyCastle.Asn1.X9 +{ + /** + * Class for processing an ECFieldElement as a DER object. + */ + public class X9FieldElement + : Asn1Encodable + { + private ECFieldElement f; + + public X9FieldElement( + ECFieldElement f) + { + this.f = f; + } + + [Obsolete("Will be removed")] + public X9FieldElement( + BigInteger p, + Asn1OctetString s) + : this(new FpFieldElement(p, new BigInteger(1, s.GetOctets()))) + { + } + + [Obsolete("Will be removed")] + public X9FieldElement( + int m, + int k1, + int k2, + int k3, + Asn1OctetString s) + : this(new F2mFieldElement(m, k1, k2, k3, new BigInteger(1, s.GetOctets()))) + { + } + + public ECFieldElement Value + { + get { return f; } + } + + /** + * Produce an object suitable for an Asn1OutputStream. + * 
+         *  FieldElement ::= OCTET STRING
+         *
+ *

+ *

    + *
  1. if q is an odd prime then the field element is + * processed as an Integer and converted to an octet string + * according to x 9.62 4.3.1.
    2. + *
  2. if q is 2m then the bit string + * contained in the field element is converted into an octet + * string with the same ordering padded at the front if necessary. + *
    3. + *
+ *

+ */ + public override Asn1Object ToAsn1Object() + { + int byteCount = X9IntegerConverter.GetByteLength(f); + byte[] paddedBigInteger = X9IntegerConverter.IntegerToBytes(f.ToBigInteger(), byteCount); + + return new DerOctetString(paddedBigInteger); + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/x9/X9FieldID.cs b/BouncyCastle/crypto/src/asn1/x9/X9FieldID.cs new file mode 100644 index 0000000..08d7d71 --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/x9/X9FieldID.cs @@ -0,0 +1,132 @@ +using System; + +using Org.BouncyCastle.Math; + +namespace Org.BouncyCastle.Asn1.X9 +{ + /** + * ASN.1 def for Elliptic-Curve Field ID structure. See + * X9.62, for further details. + */ + public class X9FieldID + : Asn1Encodable + { + private readonly DerObjectIdentifier id; + private readonly Asn1Object parameters; + + /** + * Constructor for elliptic curves over prime fields + * F2. + * @param primeP The prime p defining the prime field. + */ + public X9FieldID( + BigInteger primeP) + { + this.id = X9ObjectIdentifiers.PrimeField; + this.parameters = new DerInteger(primeP); + } + + /** + * Constructor for elliptic curves over binary fields + * F2m. + * @param m The exponent m of + * F2m. + * @param k1 The integer k1 where xm + + * xk1 + 1 + * represents the reduction polynomial f(z). + */ + public X9FieldID(int m, int k1) + : this(m, k1, 0, 0) + { + } + + /** + * Constructor for elliptic curves over binary fields + * F2m. + * @param m The exponent m of + * F2m. + * @param k1 The integer k1 where xm + + * xk3 + xk2 + xk1 + 1 + * represents the reduction polynomial f(z). + * @param k2 The integer k2 where xm + + * xk3 + xk2 + xk1 + 1 + * represents the reduction polynomial f(z). + * @param k3 The integer k3 where xm + + * xk3 + xk2 + xk1 + 1 + * represents the reduction polynomial f(z).. + */ + public X9FieldID( + int m, + int k1, + int k2, + int k3) + { + this.id = X9ObjectIdentifiers.CharacteristicTwoField; + + Asn1EncodableVector fieldIdParams = new Asn1EncodableVector(new DerInteger(m)); + + if (k2 == 0) + { + if (k3 != 0) + throw new ArgumentException("inconsistent k values"); + + fieldIdParams.Add( + X9ObjectIdentifiers.TPBasis, + new DerInteger(k1)); + } + else + { + if (k2 <= k1 || k3 <= k2) + throw new ArgumentException("inconsistent k values"); + + fieldIdParams.Add( + X9ObjectIdentifiers.PPBasis, + new DerSequence( + new DerInteger(k1), + new DerInteger(k2), + new DerInteger(k3))); + } + + this.parameters = new DerSequence(fieldIdParams); + } + + private X9FieldID(Asn1Sequence seq) + { + this.id = DerObjectIdentifier.GetInstance(seq[0]); + this.parameters = seq[1].ToAsn1Object(); + } + + public static X9FieldID GetInstance(object obj) + { + if (obj is X9FieldID) + return (X9FieldID)obj; + if (obj == null) + return null; + return new X9FieldID(Asn1Sequence.GetInstance(obj)); + } + + public DerObjectIdentifier Identifier + { + get { return id; } + } + + public Asn1Object Parameters + { + get { return parameters; } + } + + /** + * Produce a Der encoding of the following structure. + * 
+         *  FieldID ::= Sequence {
+         *      fieldType       FIELD-ID.&id({IOSet}),
+         *      parameters      FIELD-ID.&Type({IOSet}{@fieldType})
+         *  }
+         *
+ */ + public override Asn1Object ToAsn1Object() + { + return new DerSequence(id, parameters); + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/x9/X9IntegerConverter.cs b/BouncyCastle/crypto/src/asn1/x9/X9IntegerConverter.cs new file mode 100644 index 0000000..e8f4571 --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/x9/X9IntegerConverter.cs @@ -0,0 +1,40 @@ +using System; + +using Org.BouncyCastle.Math; +using Org.BouncyCastle.Math.EC; + +namespace Org.BouncyCastle.Asn1.X9 +{ + public abstract class X9IntegerConverter + { + public static int GetByteLength(ECFieldElement fe) + { + return (fe.FieldSize + 7) / 8; + } + + public static int GetByteLength(ECCurve c) + { + return (c.FieldSize + 7) / 8; + } + + public static byte[] IntegerToBytes(BigInteger s, int qLength) + { + byte[] bytes = s.ToByteArrayUnsigned(); + + if (qLength < bytes.Length) + { + byte[] tmp = new byte[qLength]; + Array.Copy(bytes, bytes.Length - tmp.Length, tmp, 0, tmp.Length); + return tmp; + } + else if (qLength > bytes.Length) + { + byte[] tmp = new byte[qLength]; + Array.Copy(bytes, 0, tmp, tmp.Length - bytes.Length, bytes.Length); + return tmp; + } + + return bytes; + } + } +} diff --git a/BouncyCastle/crypto/src/asn1/x9/X9ObjectIdentifiers.cs b/BouncyCastle/crypto/src/asn1/x9/X9ObjectIdentifiers.cs new file mode 100644 index 0000000..9d7ecae --- /dev/null +++ b/BouncyCastle/crypto/src/asn1/x9/X9ObjectIdentifiers.cs @@ -0,0 +1,137 @@ +using System; + +namespace Org.BouncyCastle.Asn1.X9 +{ + public abstract class X9ObjectIdentifiers + { + // + // X9.62 + // + // ansi-X9-62 OBJECT IDENTIFIER ::= { iso(1) member-body(2) + // us(840) ansi-x962(10045) } + // + + internal const string AnsiX962 = "1.2.840.10045"; + + public static readonly DerObjectIdentifier ansi_X9_62 = new DerObjectIdentifier(AnsiX962); + + public static readonly DerObjectIdentifier IdFieldType = ansi_X9_62.Branch("1"); + + public static readonly DerObjectIdentifier PrimeField = IdFieldType.Branch("1"); + public static readonly DerObjectIdentifier CharacteristicTwoField = IdFieldType.Branch("2"); + + public static readonly DerObjectIdentifier GNBasis = CharacteristicTwoField.Branch("3.1"); + public static readonly DerObjectIdentifier TPBasis = CharacteristicTwoField.Branch("3.2"); + public static readonly DerObjectIdentifier PPBasis = CharacteristicTwoField.Branch("3.3"); + + [Obsolete("Use 'id_ecSigType' instead")] + public const string IdECSigType = AnsiX962 + ".4"; + public static readonly DerObjectIdentifier id_ecSigType = ansi_X9_62.Branch("4"); + + public static readonly DerObjectIdentifier ECDsaWithSha1 = id_ecSigType.Branch("1"); + + [Obsolete("Use 'id_publicKeyType' instead")] + public const string IdPublicKeyType = AnsiX962 + ".2"; + public static readonly DerObjectIdentifier id_publicKeyType = ansi_X9_62.Branch("2"); + + public static readonly DerObjectIdentifier IdECPublicKey = id_publicKeyType.Branch("1"); + + public static readonly DerObjectIdentifier ECDsaWithSha2 = id_ecSigType.Branch("3"); + + public static readonly DerObjectIdentifier ECDsaWithSha224 = ECDsaWithSha2.Branch("1"); + public static readonly DerObjectIdentifier ECDsaWithSha256 = ECDsaWithSha2.Branch("2"); + public static readonly DerObjectIdentifier ECDsaWithSha384 = ECDsaWithSha2.Branch("3"); + public static readonly DerObjectIdentifier ECDsaWithSha512 = ECDsaWithSha2.Branch("4"); + + + // + // named curves + // + public static readonly DerObjectIdentifier EllipticCurve = ansi_X9_62.Branch("3"); + + // + // Two Curves + // + public static readonly DerObjectIdentifier CTwoCurve = EllipticCurve.Branch("0"); + + public static readonly DerObjectIdentifier C2Pnb163v1 = CTwoCurve.Branch("1"); + public static readonly DerObjectIdentifier C2Pnb163v2 = CTwoCurve.Branch("2"); + public static readonly DerObjectIdentifier C2Pnb163v3 = CTwoCurve.Branch("3"); + public static readonly DerObjectIdentifier C2Pnb176w1 = CTwoCurve.Branch("4"); + public static readonly DerObjectIdentifier C2Tnb191v1 = CTwoCurve.Branch("5"); + public static readonly DerObjectIdentifier C2Tnb191v2 = CTwoCurve.Branch("6"); + public static readonly DerObjectIdentifier C2Tnb191v3 = CTwoCurve.Branch("7"); + public static readonly DerObjectIdentifier C2Onb191v4 = CTwoCurve.Branch("8"); + public static readonly DerObjectIdentifier C2Onb191v5 = CTwoCurve.Branch("9"); + public static readonly DerObjectIdentifier C2Pnb208w1 = CTwoCurve.Branch("10"); + public static readonly DerObjectIdentifier C2Tnb239v1 = CTwoCurve.Branch("11"); + public static readonly DerObjectIdentifier C2Tnb239v2 = CTwoCurve.Branch("12"); + public static readonly DerObjectIdentifier C2Tnb239v3 = CTwoCurve.Branch("13"); + public static readonly DerObjectIdentifier C2Onb239v4 = CTwoCurve.Branch("14"); + public static readonly DerObjectIdentifier C2Onb239v5 = CTwoCurve.Branch("15"); + public static readonly DerObjectIdentifier C2Pnb272w1 = CTwoCurve.Branch("16"); + public static readonly DerObjectIdentifier C2Pnb304w1 = CTwoCurve.Branch("17"); + public static readonly DerObjectIdentifier C2Tnb359v1 = CTwoCurve.Branch("18"); + public static readonly DerObjectIdentifier C2Pnb368w1 = CTwoCurve.Branch("19"); + public static readonly DerObjectIdentifier C2Tnb431r1 = CTwoCurve.Branch("20"); + + // + // Prime + // + public static readonly DerObjectIdentifier PrimeCurve = EllipticCurve.Branch("1"); + + public static readonly DerObjectIdentifier Prime192v1 = PrimeCurve.Branch("1"); + public static readonly DerObjectIdentifier Prime192v2 = PrimeCurve.Branch("2"); + public static readonly DerObjectIdentifier Prime192v3 = PrimeCurve.Branch("3"); + public static readonly DerObjectIdentifier Prime239v1 = PrimeCurve.Branch("4"); + public static readonly DerObjectIdentifier Prime239v2 = PrimeCurve.Branch("5"); + public static readonly DerObjectIdentifier Prime239v3 = PrimeCurve.Branch("6"); + public static readonly DerObjectIdentifier Prime256v1 = PrimeCurve.Branch("7"); + + // + // DSA + // + // dsapublicnumber OBJECT IDENTIFIER ::= { iso(1) member-body(2) + // us(840) ansi-x957(10040) number-type(4) 1 } + public static readonly DerObjectIdentifier IdDsa = new DerObjectIdentifier("1.2.840.10040.4.1"); + + /** + * id-dsa-with-sha1 OBJECT IDENTIFIER ::= { iso(1) member-body(2) + * us(840) x9-57 (10040) x9cm(4) 3 } + */ + public static readonly DerObjectIdentifier IdDsaWithSha1 = new DerObjectIdentifier("1.2.840.10040.4.3"); + + /** + * X9.63 + */ + public static readonly DerObjectIdentifier X9x63Scheme = new DerObjectIdentifier("1.3.133.16.840.63.0"); + public static readonly DerObjectIdentifier DHSinglePassStdDHSha1KdfScheme = X9x63Scheme.Branch("2"); + public static readonly DerObjectIdentifier DHSinglePassCofactorDHSha1KdfScheme = X9x63Scheme.Branch("3"); + public static readonly DerObjectIdentifier MqvSinglePassSha1KdfScheme = X9x63Scheme.Branch("16"); + + /** + * X9.42 + */ + + public static readonly DerObjectIdentifier ansi_x9_42 = new DerObjectIdentifier("1.2.840.10046"); + + // + // Diffie-Hellman + // + // dhpublicnumber OBJECT IDENTIFIER ::= { iso(1) member-body(2) + // us(840) ansi-x942(10046) number-type(2) 1 } + // + public static readonly DerObjectIdentifier DHPublicNumber = ansi_x9_42.Branch("2.1"); + + public static readonly DerObjectIdentifier X9x42Schemes = ansi_x9_42.Branch("2.3"); + + public static readonly DerObjectIdentifier DHStatic = X9x42Schemes.Branch("1"); + public static readonly DerObjectIdentifier DHEphem = X9x42Schemes.Branch("2"); + public static readonly DerObjectIdentifier DHOneFlow = X9x42Schemes.Branch("3"); + public static readonly DerObjectIdentifier DHHybrid1 = X9x42Schemes.Branch("4"); + public static readonly DerObjectIdentifier DHHybrid2 = X9x42Schemes.Branch("5"); + public static readonly DerObjectIdentifier DHHybridOneFlow = X9x42Schemes.Branch("6"); + public static readonly DerObjectIdentifier Mqv2 = X9x42Schemes.Branch("7"); + public static readonly DerObjectIdentifier Mqv1 = X9x42Schemes.Branch("8"); + } +} diff --git a/BouncyCastle/crypto/src/bcpg/ArmoredInputStream.cs b/BouncyCastle/crypto/src/bcpg/ArmoredInputStream.cs new file mode 100644 index 0000000..2895c37 --- /dev/null +++ b/BouncyCastle/crypto/src/bcpg/ArmoredInputStream.cs @@ -0,0 +1,541 @@ +using System; +using System.Collections; +using System.IO; +using System.Text; + +using Org.BouncyCastle.Utilities; +using Org.BouncyCastle.Utilities.IO; + +namespace Org.BouncyCastle.Bcpg +{ + /** + * reader for Base64 armored objects - read the headers and then start returning + * bytes when the data is reached. An IOException is thrown if the CRC check + * is detected and fails. + *

+ * By default a missing CRC will not cause an exception. To force CRC detection use: + * 

+     *     ArmoredInputStream aIn = ...
+     *
+     *     aIn.setDetectMissingCRC(true);
+     *
+ *

+ */ + public class ArmoredInputStream + : BaseInputStream + { + /* + * set up the decoding table. + */ + private readonly static byte[] decodingTable; + static ArmoredInputStream() + { + decodingTable = new byte[128]; + Arrays.Fill(decodingTable, 0xff); + for (int i = 'A'; i <= 'Z'; i++) + { + decodingTable[i] = (byte)(i - 'A'); + } + for (int i = 'a'; i <= 'z'; i++) + { + decodingTable[i] = (byte)(i - 'a' + 26); + } + for (int i = '0'; i <= '9'; i++) + { + decodingTable[i] = (byte)(i - '0' + 52); + } + decodingTable['+'] = 62; + decodingTable['/'] = 63; + } + + /** + * decode the base 64 encoded input data. + * + * @return the offset the data starts in out. + */ + private static int Decode(int in0, int in1, int in2, int in3, int[] result) + { + if (in3 < 0) + throw new EndOfStreamException("unexpected end of file in armored stream."); + + int b1, b2, b3, b4; + if (in2 == '=') + { + b1 = decodingTable[in0]; + b2 = decodingTable[in1]; + if ((b1 | b2) >= 128) + throw new IOException("invalid armor"); + + result[2] = ((b1 << 2) | (b2 >> 4)) & 0xff; + return 2; + } + else if (in3 == '=') + { + b1 = decodingTable[in0]; + b2 = decodingTable[in1]; + b3 = decodingTable[in2]; + if ((b1 | b2 | b3) >= 128) + throw new IOException("invalid armor"); + + result[1] = ((b1 << 2) | (b2 >> 4)) & 0xff; + result[2] = ((b2 << 4) | (b3 >> 2)) & 0xff; + return 1; + } + else + { + b1 = decodingTable[in0]; + b2 = decodingTable[in1]; + b3 = decodingTable[in2]; + b4 = decodingTable[in3]; + if ((b1 | b2 | b3 | b4) >= 128) + throw new IOException("invalid armor"); + + result[0] = ((b1 << 2) | (b2 >> 4)) & 0xff; + result[1] = ((b2 << 4) | (b3 >> 2)) & 0xff; + result[2] = ((b3 << 6) | b4) & 0xff; + return 0; + } + } + + /* + * Ignore missing CRC checksums. + * https://tests.sequoia-pgp.org/#ASCII_Armor suggests that missing CRC sums do not invalidate the message. + */ + private bool detectMissingChecksum = false; + + Stream input; + bool start = true; + int[] outBuf = new int[3]; + int bufPtr = 3; + Crc24 crc = new Crc24(); + bool crcFound = false; + bool hasHeaders = true; + string header = null; + bool newLineFound = false; + bool clearText = false; + bool restart = false; + IList headerList = Platform.CreateArrayList(); + int lastC = 0; + bool isEndOfStream; + + /** + * Create a stream for reading a PGP armoured message, parsing up to a header + * and then reading the data that follows. + * + * @param input + */ + public ArmoredInputStream(Stream input) + : this(input, true) + { + } + + /** + * Create an armoured input stream which will assume the data starts + * straight away, or parse for headers first depending on the value of + * hasHeaders. + * + * @param input + * @param hasHeaders true if headers are to be looked for, false otherwise. + */ + public ArmoredInputStream(Stream input, bool hasHeaders) + { + this.input = input; + this.hasHeaders = hasHeaders; + + if (hasHeaders) + { + ParseHeaders(); + } + + start = false; + } + + private bool ParseHeaders() + { + header = null; + + int c; + int last = 0; + bool headerFound = false; + + headerList = Platform.CreateArrayList(); + + // + // if restart we already have a header + // + if (restart) + { + headerFound = true; + } + else + { + while ((c = input.ReadByte()) >= 0) + { + if (c == '-' && (last == 0 || last == '\n' || last == '\r')) + { + headerFound = true; + break; + } + + last = c; + } + } + + if (headerFound) + { + StringBuilder buf = new StringBuilder("-"); + bool eolReached = false; + bool crLf = false; + + if (restart) // we've had to look ahead two '-' + { + buf.Append('-'); + } + + while ((c = input.ReadByte()) >= 0) + { + if (last == '\r' && c == '\n') + { + crLf = true; + } + if (eolReached && (last != '\r' && c == '\n')) + { + break; + } + if (eolReached && c == '\r') + { + break; + } + if (c == '\r' || (last != '\r' && c == '\n')) + { + string line = buf.ToString(); + if (line.Trim().Length < 1) + break; + + if (headerList.Count > 0 && line.IndexOf(':') < 0) + throw new IOException("invalid armor header"); + + headerList.Add(line); + buf.Length = 0; + } + + if (c != '\n' && c != '\r') + { + buf.Append((char)c); + eolReached = false; + } + else + { + if (c == '\r' || (last != '\r' && c == '\n')) + { + eolReached = true; + } + } + + last = c; + } + + if (crLf) + { + input.ReadByte(); // skip last \n + } + } + + if (headerList.Count > 0) + { + header = (string)headerList[0]; + } + + clearText = "-----BEGIN PGP SIGNED MESSAGE-----".Equals(header); + newLineFound = true; + + return headerFound; + } + + /** + * @return true if we are inside the clear text section of a PGP + * signed message. + */ + public bool IsClearText() + { + return clearText; + } + + /** + * @return true if the stream is actually at end of file. + */ + public bool IsEndOfStream() + { + return isEndOfStream; + } + + /** + * Return the armor header line (if there is one) + * @return the armor header line, null if none present. + */ + public string GetArmorHeaderLine() + { + return header; + } + + /** + * Return the armor headers (the lines after the armor header line), + * @return an array of armor headers, null if there aren't any. + */ + public string[] GetArmorHeaders() + { + if (headerList.Count <= 1) + return null; + + string[] hdrs = new string[headerList.Count - 1]; + for (int i = 0; i != hdrs.Length; i++) + { + hdrs[i] = (string)headerList[i + 1]; + } + + return hdrs; + } + + private int ReadIgnoreSpace() + { + int c; + do + { + c = input.ReadByte(); + } + while (c == ' ' || c == '\t' || c == '\f' || c == '\u000B') ; // \u000B ~ \v + + if (c >= 128) + throw new IOException("invalid armor"); + + return c; + } + + public override int ReadByte() + { + if (start) + { + if (hasHeaders) + { + ParseHeaders(); + } + + crc.Reset(); + start = false; + } + + int c; + + if (clearText) + { + c = input.ReadByte(); + + if (c == '\r' || (c == '\n' && lastC != '\r')) + { + newLineFound = true; + } + else if (newLineFound && c == '-') + { + c = input.ReadByte(); + if (c == '-') // a header, not dash escaped + { + clearText = false; + start = true; + restart = true; + } + else // a space - must be a dash escape + { + c = input.ReadByte(); + } + newLineFound = false; + } + else + { + if (c != '\n' && lastC != '\r') + { + newLineFound = false; + } + } + + lastC = c; + + if (c < 0) + { + isEndOfStream = true; + } + + return c; + } + + if (bufPtr > 2 || crcFound) + { + c = ReadIgnoreSpace(); + + if (c == '\r' || c == '\n') + { + c = ReadIgnoreSpace(); + + while (c == '\n' || c == '\r') + { + c = ReadIgnoreSpace(); + } + + if (c < 0) // EOF + { + isEndOfStream = true; + return -1; + } + + if (c == '=') // crc reached + { + bufPtr = Decode(ReadIgnoreSpace(), ReadIgnoreSpace(), ReadIgnoreSpace(), ReadIgnoreSpace(), outBuf); + if (bufPtr == 0) + { + int i = ((outBuf[0] & 0xff) << 16) + | ((outBuf[1] & 0xff) << 8) + | (outBuf[2] & 0xff); + + crcFound = true; + + if (i != crc.Value) + { + throw new IOException("crc check failed in armored message."); + } + return ReadByte(); + } + else + { + if (detectMissingChecksum) + { + throw new IOException("no crc found in armored message"); + } + } + } + else if (c == '-') // end of record reached + { + while ((c = input.ReadByte()) >= 0) + { + if (c == '\n' || c == '\r') + { + break; + } + } + + if (!crcFound && detectMissingChecksum) + { + throw new IOException("crc check not found"); + } + + crcFound = false; + start = true; + bufPtr = 3; + + if (c < 0) + { + isEndOfStream = true; + } + + return -1; + } + else // data + { + bufPtr = Decode(c, ReadIgnoreSpace(), ReadIgnoreSpace(), ReadIgnoreSpace(), outBuf); + } + } + else + { + if (c >= 0) + { + bufPtr = Decode(c, ReadIgnoreSpace(), ReadIgnoreSpace(), ReadIgnoreSpace(), outBuf); + } + else + { + isEndOfStream = true; + return -1; + } + } + } + + c = outBuf[bufPtr++]; + + crc.Update(c); + + return c; + } + + /** + * Reads up to len bytes of data from the input stream into + * an array of bytes. An attempt is made to read as many as + * len bytes, but a smaller number may be read. + * The number of bytes actually read is returned as an integer. + * + * The first byte read is stored into element b[off], the + * next one into b[off+1], and so on. The number of bytes read + * is, at most, equal to len. + * + * NOTE: We need to override the custom behavior of Java's {@link InputStream#read(byte[], int, int)}, + * as the upstream method silently swallows {@link IOException IOExceptions}. + * This would cause CRC checksum errors to go unnoticed. + * + * @see Related BC bug report + * @param b byte array + * @param off offset at which we start writing data to the array + * @param len number of bytes we write into the array + * @return total number of bytes read into the buffer + * + * @throws IOException if an exception happens AT ANY POINT + */ + public override int Read(byte[] b, int off, int len) + { + CheckIndexSize(b.Length, off, len); + + int pos = 0; + while (pos < len) + { + int c = ReadByte(); + if (c < 0) + break; + + b[off + pos++] = (byte)c; + } + return pos; + } + + private void CheckIndexSize(int size, int off, int len) + { + if (off < 0 || len < 0) + throw new IndexOutOfRangeException("Offset and length cannot be negative."); + if (off > size - len) + throw new IndexOutOfRangeException("Invalid offset and length."); + } + +#if PORTABLE + protected override void Dispose(bool disposing) + { + if (disposing) + { + Platform.Dispose(input); + } + base.Dispose(disposing); + } +#else + public override void Close() + { + Platform.Dispose(input); + base.Close(); + } +#endif + + /** + * Change how the stream should react if it encounters missing CRC checksum. + * The default value is false (ignore missing CRC checksums). If the behavior is set to true, + * an {@link IOException} will be thrown if a missing CRC checksum is encountered. + * + * @param detectMissing ignore missing CRC sums + */ + public virtual void SetDetectMissingCrc(bool detectMissing) + { + this.detectMissingChecksum = detectMissing; + } + } +} diff --git a/BouncyCastle/crypto/src/bcpg/ArmoredOutputStream.cs b/BouncyCastle/crypto/src/bcpg/ArmoredOutputStream.cs new file mode 100644 index 0000000..0df5d11 --- /dev/null +++ b/BouncyCastle/crypto/src/bcpg/ArmoredOutputStream.cs @@ -0,0 +1,415 @@ +using System; +using System.Collections; +using System.Diagnostics; +using System.IO; +using System.Reflection; +using System.Text; + +#if PORTABLE +using System.Linq; +#endif + +using Org.BouncyCastle.Utilities; +using Org.BouncyCastle.Utilities.IO; + +namespace Org.BouncyCastle.Bcpg +{ + /** + * Basic output stream. + */ + public class ArmoredOutputStream + : BaseOutputStream + { + public static readonly string HeaderVersion = "Version"; + + private static readonly byte[] encodingTable = + { + (byte)'A', (byte)'B', (byte)'C', (byte)'D', (byte)'E', (byte)'F', (byte)'G', + (byte)'H', (byte)'I', (byte)'J', (byte)'K', (byte)'L', (byte)'M', (byte)'N', + (byte)'O', (byte)'P', (byte)'Q', (byte)'R', (byte)'S', (byte)'T', (byte)'U', + (byte)'V', (byte)'W', (byte)'X', (byte)'Y', (byte)'Z', + (byte)'a', (byte)'b', (byte)'c', (byte)'d', (byte)'e', (byte)'f', (byte)'g', + (byte)'h', (byte)'i', (byte)'j', (byte)'k', (byte)'l', (byte)'m', (byte)'n', + (byte)'o', (byte)'p', (byte)'q', (byte)'r', (byte)'s', (byte)'t', (byte)'u', + (byte)'v', + (byte)'w', (byte)'x', (byte)'y', (byte)'z', + (byte)'0', (byte)'1', (byte)'2', (byte)'3', (byte)'4', (byte)'5', (byte)'6', + (byte)'7', (byte)'8', (byte)'9', + (byte)'+', (byte)'/' + }; + + /** + * encode the input data producing a base 64 encoded byte array. + */ + private static void Encode( + Stream outStream, + int[] data, + int len) + { + Debug.Assert(len > 0); + Debug.Assert(len < 4); + + byte[] bs = new byte[4]; + int d1 = data[0]; + bs[0] = encodingTable[(d1 >> 2) & 0x3f]; + + switch (len) + { + case 1: + { + bs[1] = encodingTable[(d1 << 4) & 0x3f]; + bs[2] = (byte)'='; + bs[3] = (byte)'='; + break; + } + case 2: + { + int d2 = data[1]; + bs[1] = encodingTable[((d1 << 4) | (d2 >> 4)) & 0x3f]; + bs[2] = encodingTable[(d2 << 2) & 0x3f]; + bs[3] = (byte)'='; + break; + } + case 3: + { + int d2 = data[1]; + int d3 = data[2]; + bs[1] = encodingTable[((d1 << 4) | (d2 >> 4)) & 0x3f]; + bs[2] = encodingTable[((d2 << 2) | (d3 >> 6)) & 0x3f]; + bs[3] = encodingTable[d3 & 0x3f]; + break; + } + } + + outStream.Write(bs, 0, bs.Length); + } + + private readonly Stream outStream; + private int[] buf = new int[3]; + private int bufPtr = 0; + private Crc24 crc = new Crc24(); + private int chunkCount = 0; + private int lastb; + + private bool start = true; + private bool clearText = false; + private bool newLine = false; + + private string type; + + private static readonly string nl = Platform.NewLine; + private static readonly string headerStart = "-----BEGIN PGP "; + private static readonly string headerTail = "-----"; + private static readonly string footerStart = "-----END PGP "; + private static readonly string footerTail = "-----"; + + private static readonly string Version = "BCPG C# v" + AssemblyInfo.Version; + + private readonly IDictionary headers; + + public ArmoredOutputStream(Stream outStream) + { + this.outStream = outStream; + this.headers = Platform.CreateHashtable(1); + SetHeader(HeaderVersion, Version); + } + + public ArmoredOutputStream(Stream outStream, IDictionary headers) + : this(outStream) + { + foreach (string header in headers.Keys) + { + IList headerList = Platform.CreateArrayList(1); + headerList.Add(headers[header]); + + this.headers[header] = headerList; + } + } + + /** + * Set an additional header entry. Any current value(s) under the same name will be + * replaced by the new one. A null value will clear the entry for name. * + * @param name the name of the header entry. + * @param v the value of the header entry. + */ + public void SetHeader(string name, string val) + { + if (val == null) + { + this.headers.Remove(name); + } + else + { + IList valueList = (IList)headers[name]; + if (valueList == null) + { + valueList = Platform.CreateArrayList(1); + this.headers[name] = valueList; + } + else + { + valueList.Clear(); + } + valueList.Add(val); + } + } + + /** + * Set an additional header entry. The current value(s) will continue to exist together + * with the new one. Adding a null value has no effect. + * + * @param name the name of the header entry. + * @param value the value of the header entry. + */ + public void AddHeader(string name, string val) + { + if (val == null || name == null) + return; + + IList valueList = (IList)headers[name]; + if (valueList == null) + { + valueList = Platform.CreateArrayList(1); + this.headers[name] = valueList; + } + valueList.Add(val); + } + + /** + * Reset the headers to only contain a Version string (if one is present). + */ + public void ResetHeaders() + { + IList versions = (IList)headers[HeaderVersion]; + + headers.Clear(); + + if (versions != null) + { + headers[HeaderVersion] = versions; + } + } + + /** + * Start a clear text signed message. + * @param hashAlgorithm + */ + public void BeginClearText( + HashAlgorithmTag hashAlgorithm) + { + string hash; + + switch (hashAlgorithm) + { + case HashAlgorithmTag.Sha1: + hash = "SHA1"; + break; + case HashAlgorithmTag.Sha256: + hash = "SHA256"; + break; + case HashAlgorithmTag.Sha384: + hash = "SHA384"; + break; + case HashAlgorithmTag.Sha512: + hash = "SHA512"; + break; + case HashAlgorithmTag.MD2: + hash = "MD2"; + break; + case HashAlgorithmTag.MD5: + hash = "MD5"; + break; + case HashAlgorithmTag.RipeMD160: + hash = "RIPEMD160"; + break; + default: + throw new IOException("unknown hash algorithm tag in beginClearText: " + hashAlgorithm); + } + + DoWrite("-----BEGIN PGP SIGNED MESSAGE-----" + nl); + DoWrite("Hash: " + hash + nl + nl); + + clearText = true; + newLine = true; + lastb = 0; + } + + public void EndClearText() + { + clearText = false; + } + + public override void WriteByte( + byte b) + { + if (clearText) + { + outStream.WriteByte(b); + + if (newLine) + { + if (!(b == '\n' && lastb == '\r')) + { + newLine = false; + } + if (b == '-') + { + outStream.WriteByte((byte)' '); + outStream.WriteByte((byte)'-'); // dash escape + } + } + if (b == '\r' || (b == '\n' && lastb != '\r')) + { + newLine = true; + } + lastb = b; + return; + } + + if (start) + { + bool newPacket = (b & 0x40) != 0; + + int tag; + if (newPacket) + { + tag = b & 0x3f; + } + else + { + tag = (b & 0x3f) >> 2; + } + + switch ((PacketTag)tag) + { + case PacketTag.PublicKey: + type = "PUBLIC KEY BLOCK"; + break; + case PacketTag.SecretKey: + type = "PRIVATE KEY BLOCK"; + break; + case PacketTag.Signature: + type = "SIGNATURE"; + break; + default: + type = "MESSAGE"; + break; + } + + DoWrite(headerStart + type + headerTail + nl); + + { + IList versionHeaders = (IList)headers[HeaderVersion]; + if (versionHeaders != null) + { + WriteHeaderEntry(HeaderVersion, versionHeaders[0].ToString()); + } + } + + foreach (DictionaryEntry de in headers) + { + string k = (string)de.Key; + if (k != HeaderVersion) + { + IList values = (IList)de.Value; + foreach (string v in values) + { + WriteHeaderEntry(k, v); + } + } + } + + DoWrite(nl); + + start = false; + } + + if (bufPtr == 3) + { + Encode(outStream, buf, bufPtr); + bufPtr = 0; + if ((++chunkCount & 0xf) == 0) + { + DoWrite(nl); + } + } + + crc.Update(b); + buf[bufPtr++] = b & 0xff; + } + + /** + * Note: Close() does not close the underlying stream. So it is possible to write + * multiple objects using armoring to a single stream. + */ +#if PORTABLE + protected override void Dispose(bool disposing) + { + if (disposing) + { + if (type == null) + return; + + DoClose(); + + type = null; + start = true; + } + base.Dispose(disposing); + } +#else + public override void Close() + { + if (type == null) + return; + + DoClose(); + + type = null; + start = true; + + base.Close(); + } +#endif + + private void DoClose() + { + if (bufPtr > 0) + { + Encode(outStream, buf, bufPtr); + } + + DoWrite(nl + '='); + + int crcV = crc.Value; + + buf[0] = ((crcV >> 16) & 0xff); + buf[1] = ((crcV >> 8) & 0xff); + buf[2] = (crcV & 0xff); + + Encode(outStream, buf, 3); + + DoWrite(nl); + DoWrite(footerStart); + DoWrite(type); + DoWrite(footerTail); + DoWrite(nl); + + outStream.Flush(); + } + + private void WriteHeaderEntry( + string name, + string v) + { + DoWrite(name + ": " + v + nl); + } + + private void DoWrite( + string s) + { + byte[] bs = Strings.ToAsciiByteArray(s); + outStream.Write(bs, 0, bs.Length); + } + } +} diff --git a/BouncyCastle/crypto/src/bcpg/BcpgInputStream.cs b/BouncyCastle/crypto/src/bcpg/BcpgInputStream.cs new file mode 100644 index 0000000..5efef19 --- /dev/null +++ b/BouncyCastle/crypto/src/bcpg/BcpgInputStream.cs @@ -0,0 +1,379 @@ +using System; +using System.IO; + +using Org.BouncyCastle.Asn1; +using Org.BouncyCastle.Utilities; +using Org.BouncyCastle.Utilities.IO; + +namespace Org.BouncyCastle.Bcpg +{ + /// Reader for PGP objects. + public class BcpgInputStream + : BaseInputStream + { + private Stream m_in; + private bool next = false; + private int nextB; + + internal static BcpgInputStream Wrap( + Stream inStr) + { + if (inStr is BcpgInputStream) + { + return (BcpgInputStream) inStr; + } + + return new BcpgInputStream(inStr); + } + + private BcpgInputStream( + Stream inputStream) + { + this.m_in = inputStream; + } + + public override int ReadByte() + { + if (next) + { + next = false; + return nextB; + } + + return m_in.ReadByte(); + } + + public override int Read( + byte[] buffer, + int offset, + int count) + { + // Strangely, when count == 0, we should still attempt to read a byte +// if (count == 0) +// return 0; + + if (!next) + return m_in.Read(buffer, offset, count); + + // We have next byte waiting, so return it + + if (nextB < 0) + return 0; // EndOfStream + + if (buffer == null) + throw new ArgumentNullException("buffer"); + + buffer[offset] = (byte) nextB; + next = false; + + return 1; + } + + public byte[] ReadAll() + { + return Streams.ReadAll(this); + } + + public void ReadFully( + byte[] buffer, + int off, + int len) + { + if (Streams.ReadFully(this, buffer, off, len) < len) + throw new EndOfStreamException(); + } + + public void ReadFully( + byte[] buffer) + { + ReadFully(buffer, 0, buffer.Length); + } + + /// Returns the next packet tag in the stream. + public PacketTag NextPacketTag() + { + if (!next) + { + try + { + nextB = m_in.ReadByte(); + } + catch (EndOfStreamException) + { + nextB = -1; + } + + next = true; + } + + if (nextB < 0) + return (PacketTag)nextB; + + int maskB = nextB & 0x3f; + if ((nextB & 0x40) == 0) // old + { + maskB >>= 2; + } + return (PacketTag)maskB; + } + + public Packet ReadPacket() + { + int hdr = this.ReadByte(); + + if (hdr < 0) + { + return null; + } + + if ((hdr & 0x80) == 0) + { + throw new IOException("invalid header encountered"); + } + + bool newPacket = (hdr & 0x40) != 0; + PacketTag tag = 0; + int bodyLen = 0; + bool partial = false; + + if (newPacket) + { + tag = (PacketTag)(hdr & 0x3f); + + int l = this.ReadByte(); + + if (l < 192) + { + bodyLen = l; + } + else if (l <= 223) + { + int b = m_in.ReadByte(); + bodyLen = ((l - 192) << 8) + (b) + 192; + } + else if (l == 255) + { + bodyLen = (m_in.ReadByte() << 24) | (m_in.ReadByte() << 16) + | (m_in.ReadByte() << 8) | m_in.ReadByte(); + } + else + { + partial = true; + bodyLen = 1 << (l & 0x1f); + } + } + else + { + int lengthType = hdr & 0x3; + + tag = (PacketTag)((hdr & 0x3f) >> 2); + + switch (lengthType) + { + case 0: + bodyLen = this.ReadByte(); + break; + case 1: + bodyLen = (this.ReadByte() << 8) | this.ReadByte(); + break; + case 2: + bodyLen = (this.ReadByte() << 24) | (this.ReadByte() << 16) + | (this.ReadByte() << 8) | this.ReadByte(); + break; + case 3: + partial = true; + break; + default: + throw new IOException("unknown length type encountered"); + } + } + + BcpgInputStream objStream; + if (bodyLen == 0 && partial) + { + objStream = this; + } + else + { + PartialInputStream pis = new PartialInputStream(this, partial, bodyLen); +#if NETCF_1_0 || NETCF_2_0 || SILVERLIGHT || PORTABLE + Stream buf = pis; +#else + Stream buf = new BufferedStream(pis); +#endif + objStream = new BcpgInputStream(buf); + } + + switch (tag) + { + case PacketTag.Reserved: + return new InputStreamPacket(objStream); + case PacketTag.PublicKeyEncryptedSession: + return new PublicKeyEncSessionPacket(objStream); + case PacketTag.Signature: + return new SignaturePacket(objStream); + case PacketTag.SymmetricKeyEncryptedSessionKey: + return new SymmetricKeyEncSessionPacket(objStream); + case PacketTag.OnePassSignature: + return new OnePassSignaturePacket(objStream); + case PacketTag.SecretKey: + return new SecretKeyPacket(objStream); + case PacketTag.PublicKey: + return new PublicKeyPacket(objStream); + case PacketTag.SecretSubkey: + return new SecretSubkeyPacket(objStream); + case PacketTag.CompressedData: + return new CompressedDataPacket(objStream); + case PacketTag.SymmetricKeyEncrypted: + return new SymmetricEncDataPacket(objStream); + case PacketTag.Marker: + return new MarkerPacket(objStream); + case PacketTag.LiteralData: + return new LiteralDataPacket(objStream); + case PacketTag.Trust: + return new TrustPacket(objStream); + case PacketTag.UserId: + return new UserIdPacket(objStream); + case PacketTag.UserAttribute: + return new UserAttributePacket(objStream); + case PacketTag.PublicSubkey: + return new PublicSubkeyPacket(objStream); + case PacketTag.SymmetricEncryptedIntegrityProtected: + return new SymmetricEncIntegrityPacket(objStream); + case PacketTag.ModificationDetectionCode: + return new ModDetectionCodePacket(objStream); + case PacketTag.Experimental1: + case PacketTag.Experimental2: + case PacketTag.Experimental3: + case PacketTag.Experimental4: + return new ExperimentalPacket(tag, objStream); + default: + throw new IOException("unknown packet type encountered: " + tag); + } + } + + public PacketTag SkipMarkerPackets() + { + PacketTag tag; + while ((tag = NextPacketTag()) == PacketTag.Marker) + { + ReadPacket(); + } + + return tag; + } + +#if PORTABLE + protected override void Dispose(bool disposing) + { + if (disposing) + { + Platform.Dispose(m_in); + } + base.Dispose(disposing); + } +#else + public override void Close() + { + Platform.Dispose(m_in); + base.Close(); + } +#endif + + /// + /// A stream that overlays our input stream, allowing the user to only read a segment of it. + /// NB: dataLength will be negative if the segment length is in the upper range above 2**31. + /// + private class PartialInputStream + : BaseInputStream + { + private BcpgInputStream m_in; + private bool partial; + private int dataLength; + + internal PartialInputStream( + BcpgInputStream bcpgIn, + bool partial, + int dataLength) + { + this.m_in = bcpgIn; + this.partial = partial; + this.dataLength = dataLength; + } + + public override int ReadByte() + { + do + { + if (dataLength != 0) + { + int ch = m_in.ReadByte(); + if (ch < 0) + { + throw new EndOfStreamException("Premature end of stream in PartialInputStream"); + } + dataLength--; + return ch; + } + } + while (partial && ReadPartialDataLength() >= 0); + + return -1; + } + + public override int Read(byte[] buffer, int offset, int count) + { + do + { + if (dataLength != 0) + { + int readLen = (dataLength > count || dataLength < 0) ? count : dataLength; + int len = m_in.Read(buffer, offset, readLen); + if (len < 1) + { + throw new EndOfStreamException("Premature end of stream in PartialInputStream"); + } + dataLength -= len; + return len; + } + } + while (partial && ReadPartialDataLength() >= 0); + + return 0; + } + + private int ReadPartialDataLength() + { + int l = m_in.ReadByte(); + + if (l < 0) + { + return -1; + } + + partial = false; + + if (l < 192) + { + dataLength = l; + } + else if (l <= 223) + { + dataLength = ((l - 192) << 8) + (m_in.ReadByte()) + 192; + } + else if (l == 255) + { + dataLength = (m_in.ReadByte() << 24) | (m_in.ReadByte() << 16) + | (m_in.ReadByte() << 8) | m_in.ReadByte(); + } + else + { + partial = true; + dataLength = 1 << (l & 0x1f); + } + + return 0; + } + } + } +} diff --git a/BouncyCastle/crypto/src/bcpg/BcpgObject.cs b/BouncyCastle/crypto/src/bcpg/BcpgObject.cs new file mode 100644 index 0000000..4807ad4 --- /dev/null +++ b/BouncyCastle/crypto/src/bcpg/BcpgObject.cs @@ -0,0 +1,22 @@ +using System; +using System.IO; + +namespace Org.BouncyCastle.Bcpg +{ + /// Base class for a PGP object. + public abstract class BcpgObject + { + public virtual byte[] GetEncoded() + { + MemoryStream bOut = new MemoryStream(); + BcpgOutputStream pOut = new BcpgOutputStream(bOut); + + pOut.WriteObject(this); + + return bOut.ToArray(); + } + + public abstract void Encode(BcpgOutputStream bcpgOut); + } +} + diff --git a/BouncyCastle/crypto/src/bcpg/BcpgOutputStream.cs b/BouncyCastle/crypto/src/bcpg/BcpgOutputStream.cs new file mode 100644 index 0000000..738c282 --- /dev/null +++ b/BouncyCastle/crypto/src/bcpg/BcpgOutputStream.cs @@ -0,0 +1,405 @@ +using System; +using System.IO; + +using Org.BouncyCastle.Utilities; +using Org.BouncyCastle.Utilities.IO; + +namespace Org.BouncyCastle.Bcpg +{ + /// Basic output stream. + public class BcpgOutputStream + : BaseOutputStream + { + internal static BcpgOutputStream Wrap( + Stream outStr) + { + if (outStr is BcpgOutputStream) + { + return (BcpgOutputStream) outStr; + } + + return new BcpgOutputStream(outStr); + } + + private Stream outStr; + private byte[] partialBuffer; + private int partialBufferLength; + private int partialPower; + private int partialOffset; + private const int BufferSizePower = 16; // 2^16 size buffer on long files + + /// Create a stream representing a general packet. + /// Output stream to write to. + public BcpgOutputStream( + Stream outStr) + { + if (outStr == null) + throw new ArgumentNullException("outStr"); + + this.outStr = outStr; + } + + /// Create a stream representing an old style partial object. + /// Output stream to write to. + /// The packet tag for the object. + public BcpgOutputStream( + Stream outStr, + PacketTag tag) + { + if (outStr == null) + throw new ArgumentNullException("outStr"); + + this.outStr = outStr; + this.WriteHeader(tag, true, true, 0); + } + + /// Create a stream representing a general packet. + /// Output stream to write to. + /// Packet tag. + /// Size of chunks making up the packet. + /// If true, the header is written out in old format. + public BcpgOutputStream( + Stream outStr, + PacketTag tag, + long length, + bool oldFormat) + { + if (outStr == null) + throw new ArgumentNullException("outStr"); + + this.outStr = outStr; + + if (length > 0xFFFFFFFFL) + { + this.WriteHeader(tag, false, true, 0); + this.partialBufferLength = 1 << BufferSizePower; + this.partialBuffer = new byte[partialBufferLength]; + this.partialPower = BufferSizePower; + this.partialOffset = 0; + } + else + { + this.WriteHeader(tag, oldFormat, false, length); + } + } + + /// Create a new style partial input stream buffered into chunks. + /// Output stream to write to. + /// Packet tag. + /// Size of chunks making up the packet. + public BcpgOutputStream( + Stream outStr, + PacketTag tag, + long length) + { + if (outStr == null) + throw new ArgumentNullException("outStr"); + + this.outStr = outStr; + this.WriteHeader(tag, false, false, length); + } + + /// Create a new style partial input stream buffered into chunks. + /// Output stream to write to. + /// Packet tag. + /// Buffer to use for collecting chunks. + public BcpgOutputStream( + Stream outStr, + PacketTag tag, + byte[] buffer) + { + if (outStr == null) + throw new ArgumentNullException("outStr"); + + this.outStr = outStr; + this.WriteHeader(tag, false, true, 0); + + this.partialBuffer = buffer; + + uint length = (uint) partialBuffer.Length; + for (partialPower = 0; length != 1; partialPower++) + { + length >>= 1; + } + + if (partialPower > 30) + { + throw new IOException("Buffer cannot be greater than 2^30 in length."); + } + this.partialBufferLength = 1 << partialPower; + this.partialOffset = 0; + } + + private void WriteNewPacketLength( + long bodyLen) + { + if (bodyLen < 192) + { + outStr.WriteByte((byte)bodyLen); + } + else if (bodyLen <= 8383) + { + bodyLen -= 192; + + outStr.WriteByte((byte)(((bodyLen >> 8) & 0xff) + 192)); + outStr.WriteByte((byte)bodyLen); + } + else + { + outStr.WriteByte(0xff); + outStr.WriteByte((byte)(bodyLen >> 24)); + outStr.WriteByte((byte)(bodyLen >> 16)); + outStr.WriteByte((byte)(bodyLen >> 8)); + outStr.WriteByte((byte)bodyLen); + } + } + + private void WriteHeader( + PacketTag tag, + bool oldPackets, + bool partial, + long bodyLen) + { + int hdr = 0x80; + + if (partialBuffer != null) + { + PartialFlush(true); + partialBuffer = null; + } + + if (oldPackets) + { + hdr |= ((int) tag) << 2; + + if (partial) + { + this.WriteByte((byte)(hdr | 0x03)); + } + else + { + if (bodyLen <= 0xff) + { + this.WriteByte((byte) hdr); + this.WriteByte((byte)bodyLen); + } + else if (bodyLen <= 0xffff) + { + this.WriteByte((byte)(hdr | 0x01)); + this.WriteByte((byte)(bodyLen >> 8)); + this.WriteByte((byte)(bodyLen)); + } + else + { + this.WriteByte((byte)(hdr | 0x02)); + this.WriteByte((byte)(bodyLen >> 24)); + this.WriteByte((byte)(bodyLen >> 16)); + this.WriteByte((byte)(bodyLen >> 8)); + this.WriteByte((byte)bodyLen); + } + } + } + else + { + hdr |= 0x40 | (int) tag; + this.WriteByte((byte) hdr); + + if (partial) + { + partialOffset = 0; + } + else + { + this.WriteNewPacketLength(bodyLen); + } + } + } + + private void PartialFlush( + bool isLast) + { + if (isLast) + { + WriteNewPacketLength(partialOffset); + outStr.Write(partialBuffer, 0, partialOffset); + } + else + { + outStr.WriteByte((byte)(0xE0 | partialPower)); + outStr.Write(partialBuffer, 0, partialBufferLength); + } + + partialOffset = 0; + } + + private void WritePartial( + byte b) + { + if (partialOffset == partialBufferLength) + { + PartialFlush(false); + } + + partialBuffer[partialOffset++] = b; + } + + private void WritePartial( + byte[] buffer, + int off, + int len) + { + if (partialOffset == partialBufferLength) + { + PartialFlush(false); + } + + if (len <= (partialBufferLength - partialOffset)) + { + Array.Copy(buffer, off, partialBuffer, partialOffset, len); + partialOffset += len; + } + else + { + int diff = partialBufferLength - partialOffset; + Array.Copy(buffer, off, partialBuffer, partialOffset, diff); + off += diff; + len -= diff; + PartialFlush(false); + while (len > partialBufferLength) + { + Array.Copy(buffer, off, partialBuffer, 0, partialBufferLength); + off += partialBufferLength; + len -= partialBufferLength; + PartialFlush(false); + } + Array.Copy(buffer, off, partialBuffer, 0, len); + partialOffset += len; + } + } + public override void WriteByte( + byte value) + { + if (partialBuffer != null) + { + WritePartial(value); + } + else + { + outStr.WriteByte(value); + } + } + public override void Write( + byte[] buffer, + int offset, + int count) + { + if (partialBuffer != null) + { + WritePartial(buffer, offset, count); + } + else + { + outStr.Write(buffer, offset, count); + } + } + + // Additional helper methods to write primitive types + internal virtual void WriteShort( + short n) + { + this.Write( + (byte)(n >> 8), + (byte)n); + } + internal virtual void WriteInt( + int n) + { + this.Write( + (byte)(n >> 24), + (byte)(n >> 16), + (byte)(n >> 8), + (byte)n); + } + internal virtual void WriteLong( + long n) + { + this.Write( + (byte)(n >> 56), + (byte)(n >> 48), + (byte)(n >> 40), + (byte)(n >> 32), + (byte)(n >> 24), + (byte)(n >> 16), + (byte)(n >> 8), + (byte)n); + } + + public void WritePacket( + ContainedPacket p) + { + p.Encode(this); + } + + internal void WritePacket( + PacketTag tag, + byte[] body, + bool oldFormat) + { + this.WriteHeader(tag, oldFormat, false, body.Length); + this.Write(body); + } + + public void WriteObject( + BcpgObject bcpgObject) + { + bcpgObject.Encode(this); + } + + public void WriteObjects( + params BcpgObject[] v) + { + foreach (BcpgObject o in v) + { + o.Encode(this); + } + } + + /// Flush the underlying stream. + public override void Flush() + { + outStr.Flush(); + } + + /// Finish writing out the current packet without closing the underlying stream. + public void Finish() + { + if (partialBuffer != null) + { + PartialFlush(true); + Array.Clear(partialBuffer, 0, partialBuffer.Length); + partialBuffer = null; + } + } + +#if PORTABLE + protected override void Dispose(bool disposing) + { + if (disposing) + { + this.Finish(); + outStr.Flush(); + Platform.Dispose(outStr); + } + base.Dispose(disposing); + } +#else + public override void Close() + { + this.Finish(); + outStr.Flush(); + Platform.Dispose(outStr); + base.Close(); + } +#endif + } +} diff --git a/BouncyCastle/crypto/src/bcpg/CompressedDataPacket.cs b/BouncyCastle/crypto/src/bcpg/CompressedDataPacket.cs new file mode 100644 index 0000000..2432825 --- /dev/null +++ b/BouncyCastle/crypto/src/bcpg/CompressedDataPacket.cs @@ -0,0 +1,24 @@ +using System.IO; + +namespace Org.BouncyCastle.Bcpg +{ + /// Generic compressed data object. + public class CompressedDataPacket + : InputStreamPacket + { + private readonly CompressionAlgorithmTag algorithm; + + internal CompressedDataPacket( + BcpgInputStream bcpgIn) + : base(bcpgIn) + { + this.algorithm = (CompressionAlgorithmTag) bcpgIn.ReadByte(); + } + + /// The algorithm tag value. + public CompressionAlgorithmTag Algorithm + { + get { return algorithm; } + } + } +} diff --git a/BouncyCastle/crypto/src/bcpg/CompressionAlgorithmTags.cs b/BouncyCastle/crypto/src/bcpg/CompressionAlgorithmTags.cs new file mode 100644 index 0000000..0e45229 --- /dev/null +++ b/BouncyCastle/crypto/src/bcpg/CompressionAlgorithmTags.cs @@ -0,0 +1,11 @@ +namespace Org.BouncyCastle.Bcpg +{ + /// Basic tags for compression algorithms. + public enum CompressionAlgorithmTag + { + Uncompressed = 0, // Uncompressed + Zip = 1, // ZIP (RFC 1951) + ZLib = 2, // ZLIB (RFC 1950) + BZip2 = 3, // BZ2 + } +} diff --git a/BouncyCastle/crypto/src/bcpg/ContainedPacket.cs b/BouncyCastle/crypto/src/bcpg/ContainedPacket.cs new file mode 100644 index 0000000..e8f387c --- /dev/null +++ b/BouncyCastle/crypto/src/bcpg/ContainedPacket.cs @@ -0,0 +1,22 @@ +using System; +using System.IO; + +namespace Org.BouncyCastle.Bcpg +{ + /// Basic type for a PGP packet. + public abstract class ContainedPacket + : Packet + { + public byte[] GetEncoded() + { + MemoryStream bOut = new MemoryStream(); + BcpgOutputStream pOut = new BcpgOutputStream(bOut); + + pOut.WritePacket(this); + + return bOut.ToArray(); + } + + public abstract void Encode(BcpgOutputStream bcpgOut); + } +} diff --git a/BouncyCastle/crypto/src/bcpg/Crc24.cs b/BouncyCastle/crypto/src/bcpg/Crc24.cs new file mode 100644 index 0000000..97846f4 --- /dev/null +++ b/BouncyCastle/crypto/src/bcpg/Crc24.cs @@ -0,0 +1,46 @@ +using System; + +namespace Org.BouncyCastle.Bcpg +{ + public class Crc24 + { + private const int Crc24Init = 0x0b704ce; + private const int Crc24Poly = 0x1864cfb; + + private int crc = Crc24Init; + + public Crc24() + { + } + + public void Update( + int b) + { + crc ^= b << 16; + for (int i = 0; i < 8; i++) + { + crc <<= 1; + if ((crc & 0x1000000) != 0) + { + crc ^= Crc24Poly; + } + } + } + + [Obsolete("Use 'Value' property instead")] + public int GetValue() + { + return crc; + } + + public int Value + { + get { return crc; } + } + + public void Reset() + { + crc = Crc24Init; + } + } +} diff --git a/BouncyCastle/crypto/src/bcpg/DsaPublicBcpgKey.cs b/BouncyCastle/crypto/src/bcpg/DsaPublicBcpgKey.cs new file mode 100644 index 0000000..11294cc --- /dev/null +++ b/BouncyCastle/crypto/src/bcpg/DsaPublicBcpgKey.cs @@ -0,0 +1,80 @@ +using System; + +using Org.BouncyCastle.Math; + +namespace Org.BouncyCastle.Bcpg +{ + /// Base class for a DSA public key. + public class DsaPublicBcpgKey + : BcpgObject, IBcpgKey + { + private readonly MPInteger p, q, g, y; + + /// The stream to read the packet from. + public DsaPublicBcpgKey( + BcpgInputStream bcpgIn) + { + this.p = new MPInteger(bcpgIn); + this.q = new MPInteger(bcpgIn); + this.g = new MPInteger(bcpgIn); + this.y = new MPInteger(bcpgIn); + } + + public DsaPublicBcpgKey( + BigInteger p, + BigInteger q, + BigInteger g, + BigInteger y) + { + this.p = new MPInteger(p); + this.q = new MPInteger(q); + this.g = new MPInteger(g); + this.y = new MPInteger(y); + } + + /// The format, as a string, always "PGP". + public string Format + { + get { return "PGP"; } + } + + /// Return the standard PGP encoding of the key. + public override byte[] GetEncoded() + { + try + { + return base.GetEncoded(); + } + catch (Exception) + { + return null; + } + } + + public override void Encode( + BcpgOutputStream bcpgOut) + { + bcpgOut.WriteObjects(p, q, g, y); + } + + public BigInteger G + { + get { return g.Value; } + } + + public BigInteger P + { + get { return p.Value; } + } + + public BigInteger Q + { + get { return q.Value; } + } + + public BigInteger Y + { + get { return y.Value; } + } + } +} diff --git a/BouncyCastle/crypto/src/bcpg/DsaSecretBcpgKey.cs b/BouncyCastle/crypto/src/bcpg/DsaSecretBcpgKey.cs new file mode 100644 index 0000000..41835d4 --- /dev/null +++ b/BouncyCastle/crypto/src/bcpg/DsaSecretBcpgKey.cs @@ -0,0 +1,61 @@ +using System; + +using Org.BouncyCastle.Math; + +namespace Org.BouncyCastle.Bcpg +{ + /// Base class for a DSA secret key. + public class DsaSecretBcpgKey + : BcpgObject, IBcpgKey + { + internal MPInteger x; + + /** + * @param in + */ + public DsaSecretBcpgKey( + BcpgInputStream bcpgIn) + { + this.x = new MPInteger(bcpgIn); + } + + public DsaSecretBcpgKey( + BigInteger x) + { + this.x = new MPInteger(x); + } + + /// The format, as a string, always "PGP". + public string Format + { + get { return "PGP"; } + } + + /// Return the standard PGP encoding of the key. + public override byte[] GetEncoded() + { + try + { + return base.GetEncoded(); + } + catch (Exception) + { + return null; + } + } + + public override void Encode( + BcpgOutputStream bcpgOut) + { + bcpgOut.WriteObject(x); + } + + /** + * @return x + */ + public BigInteger X + { + get { return x.Value; } + } + } +} diff --git a/BouncyCastle/crypto/src/bcpg/ECDHPublicBCPGKey.cs b/BouncyCastle/crypto/src/bcpg/ECDHPublicBCPGKey.cs new file mode 100644 index 0000000..dc225e3 --- /dev/null +++ b/BouncyCastle/crypto/src/bcpg/ECDHPublicBCPGKey.cs @@ -0,0 +1,102 @@ +using System; + +using Org.BouncyCastle.Asn1; +using Org.BouncyCastle.Math.EC; + +namespace Org.BouncyCastle.Bcpg +{ + /// Base class for an ECDH Public Key. + public class ECDHPublicBcpgKey + : ECPublicBcpgKey + { + private byte reserved; + private HashAlgorithmTag hashFunctionId; + private SymmetricKeyAlgorithmTag symAlgorithmId; + + /// The stream to read the packet from. + public ECDHPublicBcpgKey( + BcpgInputStream bcpgIn) + : base(bcpgIn) + { + int length = bcpgIn.ReadByte(); + byte[] kdfParameters = new byte[length]; + if (kdfParameters.Length != 3) + throw new InvalidOperationException("kdf parameters size of 3 expected."); + + bcpgIn.ReadFully(kdfParameters); + + reserved = kdfParameters[0]; + hashFunctionId = (HashAlgorithmTag)kdfParameters[1]; + symAlgorithmId = (SymmetricKeyAlgorithmTag)kdfParameters[2]; + + VerifyHashAlgorithm(); + VerifySymmetricKeyAlgorithm(); + } + + public ECDHPublicBcpgKey( + DerObjectIdentifier oid, + ECPoint point, + HashAlgorithmTag hashAlgorithm, + SymmetricKeyAlgorithmTag symmetricKeyAlgorithm) + : base(oid, point) + { + reserved = 1; + hashFunctionId = hashAlgorithm; + symAlgorithmId = symmetricKeyAlgorithm; + + VerifyHashAlgorithm(); + VerifySymmetricKeyAlgorithm(); + } + + public virtual byte Reserved + { + get { return reserved; } + } + + public virtual HashAlgorithmTag HashAlgorithm + { + get { return hashFunctionId; } + } + + public virtual SymmetricKeyAlgorithmTag SymmetricKeyAlgorithm + { + get { return symAlgorithmId; } + } + + public override void Encode( + BcpgOutputStream bcpgOut) + { + base.Encode(bcpgOut); + bcpgOut.WriteByte(0x3); + bcpgOut.WriteByte(reserved); + bcpgOut.WriteByte((byte)hashFunctionId); + bcpgOut.WriteByte((byte)symAlgorithmId); + } + + private void VerifyHashAlgorithm() + { + switch ((HashAlgorithmTag)hashFunctionId) + { + case HashAlgorithmTag.Sha256: + case HashAlgorithmTag.Sha384: + case HashAlgorithmTag.Sha512: + break; + default: + throw new InvalidOperationException("Hash algorithm must be SHA-256 or stronger."); + } + } + + private void VerifySymmetricKeyAlgorithm() + { + switch ((SymmetricKeyAlgorithmTag)symAlgorithmId) + { + case SymmetricKeyAlgorithmTag.Aes128: + case SymmetricKeyAlgorithmTag.Aes192: + case SymmetricKeyAlgorithmTag.Aes256: + break; + default: + throw new InvalidOperationException("Symmetric key algorithm must be AES-128 or stronger."); + } + } + } +} diff --git a/BouncyCastle/crypto/src/bcpg/ECDsaPublicBCPGKey.cs b/BouncyCastle/crypto/src/bcpg/ECDsaPublicBCPGKey.cs new file mode 100644 index 0000000..5f0c8ac --- /dev/null +++ b/BouncyCastle/crypto/src/bcpg/ECDsaPublicBCPGKey.cs @@ -0,0 +1,34 @@ +using System; + +using Org.BouncyCastle.Asn1; +using Org.BouncyCastle.Math; +using Org.BouncyCastle.Math.EC; + +namespace Org.BouncyCastle.Bcpg +{ + /// Base class for an ECDSA Public Key. + public class ECDsaPublicBcpgKey + : ECPublicBcpgKey + { + /// The stream to read the packet from. + protected internal ECDsaPublicBcpgKey( + BcpgInputStream bcpgIn) + : base(bcpgIn) + { + } + + public ECDsaPublicBcpgKey( + DerObjectIdentifier oid, + ECPoint point) + : base(oid, point) + { + } + + public ECDsaPublicBcpgKey( + DerObjectIdentifier oid, + BigInteger encodedPoint) + : base(oid, encodedPoint) + { + } + } +} diff --git a/BouncyCastle/crypto/src/bcpg/ECPublicBCPGKey.cs b/BouncyCastle/crypto/src/bcpg/ECPublicBCPGKey.cs new file mode 100644 index 0000000..4733ee6 --- /dev/null +++ b/BouncyCastle/crypto/src/bcpg/ECPublicBCPGKey.cs @@ -0,0 +1,99 @@ +using System; +using System.IO; + +using Org.BouncyCastle.Asn1; +using Org.BouncyCastle.Math; +using Org.BouncyCastle.Math.EC; + +namespace Org.BouncyCastle.Bcpg +{ + /// Base class for an EC Public Key. + public abstract class ECPublicBcpgKey + : BcpgObject, IBcpgKey + { + internal DerObjectIdentifier oid; + internal BigInteger point; + + /// The stream to read the packet from. + protected ECPublicBcpgKey( + BcpgInputStream bcpgIn) + { + this.oid = DerObjectIdentifier.GetInstance(Asn1Object.FromByteArray(ReadBytesOfEncodedLength(bcpgIn))); + this.point = new MPInteger(bcpgIn).Value; + } + + protected ECPublicBcpgKey( + DerObjectIdentifier oid, + ECPoint point) + { + this.point = new BigInteger(1, point.GetEncoded(false)); + this.oid = oid; + } + + protected ECPublicBcpgKey( + DerObjectIdentifier oid, + BigInteger encodedPoint) + { + this.point = encodedPoint; + this.oid = oid; + } + + /// The format, as a string, always "PGP". + public string Format + { + get { return "PGP"; } + } + + /// Return the standard PGP encoding of the key. + public override byte[] GetEncoded() + { + try + { + return base.GetEncoded(); + } + catch (IOException) + { + return null; + } + } + + public override void Encode( + BcpgOutputStream bcpgOut) + { + byte[] oid = this.oid.GetEncoded(); + bcpgOut.Write(oid, 1, oid.Length - 1); + + MPInteger point = new MPInteger(this.point); + bcpgOut.WriteObject(point); + } + + public virtual BigInteger EncodedPoint + { + get { return point; } + } + + public virtual DerObjectIdentifier CurveOid + { + get { return oid; } + } + + protected static byte[] ReadBytesOfEncodedLength( + BcpgInputStream bcpgIn) + { + int length = bcpgIn.ReadByte(); + if (length < 0) + throw new EndOfStreamException(); + if (length == 0 || length == 0xFF) + throw new IOException("future extensions not yet implemented"); + if (length > 127) + throw new IOException("unsupported OID"); + + byte[] buffer = new byte[length + 2]; + bcpgIn.ReadFully(buffer, 2, buffer.Length - 2); + buffer[0] = (byte)0x06; + buffer[1] = (byte)length; + + return buffer; + } + } +} diff --git a/BouncyCastle/crypto/src/bcpg/ECSecretBCPGKey.cs b/BouncyCastle/crypto/src/bcpg/ECSecretBCPGKey.cs new file mode 100644 index 0000000..22e0a34 --- /dev/null +++ b/BouncyCastle/crypto/src/bcpg/ECSecretBCPGKey.cs @@ -0,0 +1,56 @@ +using System; + +using Org.BouncyCastle.Asn1; +using Org.BouncyCastle.Math; + +namespace Org.BouncyCastle.Bcpg +{ + /// Base class for an EC Secret Key. + public class ECSecretBcpgKey + : BcpgObject, IBcpgKey + { + internal MPInteger x; + + public ECSecretBcpgKey( + BcpgInputStream bcpgIn) + { + this.x = new MPInteger(bcpgIn); + } + + public ECSecretBcpgKey( + BigInteger x) + { + this.x = new MPInteger(x); + } + + /// The format, as a string, always "PGP". + public string Format + { + get { return "PGP"; } + } + + /// Return the standard PGP encoding of the key. + public override byte[] GetEncoded() + { + try + { + return base.GetEncoded(); + } + catch (Exception) + { + return null; + } + } + + public override void Encode( + BcpgOutputStream bcpgOut) + { + bcpgOut.WriteObject(x); + } + + public virtual BigInteger X + { + get { return x.Value; } + } + } +} diff --git a/BouncyCastle/crypto/src/bcpg/ElGamalPublicBcpgKey.cs b/BouncyCastle/crypto/src/bcpg/ElGamalPublicBcpgKey.cs new file mode 100644 index 0000000..808e427 --- /dev/null +++ b/BouncyCastle/crypto/src/bcpg/ElGamalPublicBcpgKey.cs @@ -0,0 +1,71 @@ +using System; + +using Org.BouncyCastle.Math; + +namespace Org.BouncyCastle.Bcpg +{ + /// Base class for an ElGamal public key. + public class ElGamalPublicBcpgKey + : BcpgObject, IBcpgKey + { + internal MPInteger p, g, y; + + public ElGamalPublicBcpgKey( + BcpgInputStream bcpgIn) + { + this.p = new MPInteger(bcpgIn); + this.g = new MPInteger(bcpgIn); + this.y = new MPInteger(bcpgIn); + } + + public ElGamalPublicBcpgKey( + BigInteger p, + BigInteger g, + BigInteger y) + { + this.p = new MPInteger(p); + this.g = new MPInteger(g); + this.y = new MPInteger(y); + } + + /// The format, as a string, always "PGP". + public string Format + { + get { return "PGP"; } + } + + /// Return the standard PGP encoding of the key. + public override byte[] GetEncoded() + { + try + { + return base.GetEncoded(); + } + catch (Exception) + { + return null; + } + } + + public BigInteger P + { + get { return p.Value; } + } + + public BigInteger G + { + get { return g.Value; } + } + + public BigInteger Y + { + get { return y.Value; } + } + + public override void Encode( + BcpgOutputStream bcpgOut) + { + bcpgOut.WriteObjects(p, g, y); + } + } +} diff --git a/BouncyCastle/crypto/src/bcpg/ElGamalSecretBcpgKey.cs b/BouncyCastle/crypto/src/bcpg/ElGamalSecretBcpgKey.cs new file mode 100644 index 0000000..2d95b29 --- /dev/null +++ b/BouncyCastle/crypto/src/bcpg/ElGamalSecretBcpgKey.cs @@ -0,0 +1,61 @@ +using System; + +using Org.BouncyCastle.Math; + +namespace Org.BouncyCastle.Bcpg +{ + /// Base class for an ElGamal secret key. + public class ElGamalSecretBcpgKey + : BcpgObject, IBcpgKey + { + internal MPInteger x; + + /** + * @param in + */ + public ElGamalSecretBcpgKey( + BcpgInputStream bcpgIn) + { + this.x = new MPInteger(bcpgIn); + } + + /** + * @param x + */ + public ElGamalSecretBcpgKey( + BigInteger x) + { + this.x = new MPInteger(x); + } + + /// The format, as a string, always "PGP". + public string Format + { + get { return "PGP"; } + } + + public BigInteger X + { + get { return x.Value; } + } + + /// Return the standard PGP encoding of the key. + public override byte[] GetEncoded() + { + try + { + return base.GetEncoded(); + } + catch (Exception) + { + return null; + } + } + + public override void Encode( + BcpgOutputStream bcpgOut) + { + bcpgOut.WriteObject(x); + } + } +} diff --git a/BouncyCastle/crypto/src/bcpg/ExperimentalPacket.cs b/BouncyCastle/crypto/src/bcpg/ExperimentalPacket.cs new file mode 100644 index 0000000..36a254b --- /dev/null +++ b/BouncyCastle/crypto/src/bcpg/ExperimentalPacket.cs @@ -0,0 +1,38 @@ +using System; +using System.IO; + +namespace Org.BouncyCastle.Bcpg +{ + /// Basic packet for an experimental packet. + public class ExperimentalPacket + : ContainedPacket //, PublicKeyAlgorithmTag + { + private readonly PacketTag tag; + private readonly byte[] contents; + + internal ExperimentalPacket( + PacketTag tag, + BcpgInputStream bcpgIn) + { + this.tag = tag; + + this.contents = bcpgIn.ReadAll(); + } + + public PacketTag Tag + { + get { return tag; } + } + + public byte[] GetContents() + { + return (byte[]) contents.Clone(); + } + + public override void Encode( + BcpgOutputStream bcpgOut) + { + bcpgOut.WritePacket(tag, contents, true); + } + } +} diff --git a/BouncyCastle/crypto/src/bcpg/HashAlgorithmTags.cs b/BouncyCastle/crypto/src/bcpg/HashAlgorithmTags.cs new file mode 100644 index 0000000..96c0091 --- /dev/null +++ b/BouncyCastle/crypto/src/bcpg/HashAlgorithmTags.cs @@ -0,0 +1,19 @@ +namespace Org.BouncyCastle.Bcpg +{ + /// Basic tags for hash algorithms. + public enum HashAlgorithmTag + { + MD5 = 1, // MD5 + Sha1 = 2, // SHA-1 + RipeMD160 = 3, // RIPE-MD/160 + DoubleSha = 4, // Reserved for double-width SHA (experimental) + MD2 = 5, // MD2 + Tiger192 = 6, // Reserved for TIGER/192 + Haval5pass160 = 7, // Reserved for HAVAL (5 pass, 160-bit) + + Sha256 = 8, // SHA-256 + Sha384 = 9, // SHA-384 + Sha512 = 10, // SHA-512 + Sha224 = 11, // SHA-224 + } +} diff --git a/BouncyCastle/crypto/src/bcpg/IBcpgKey.cs b/BouncyCastle/crypto/src/bcpg/IBcpgKey.cs new file mode 100644 index 0000000..2754617 --- /dev/null +++ b/BouncyCastle/crypto/src/bcpg/IBcpgKey.cs @@ -0,0 +1,16 @@ +using System; + +namespace Org.BouncyCastle.Bcpg +{ + /// Base interface for a PGP key. + public interface IBcpgKey + { + /// + /// The base format for this key - in the case of the symmetric keys it will generally + /// be raw indicating that the key is just a straight byte representation, for an asymmetric + /// key the format will be PGP, indicating the key is a string of MPIs encoded in PGP format. + /// + /// "RAW" or "PGP". + string Format { get; } + } +} diff --git a/BouncyCastle/crypto/src/bcpg/InputStreamPacket.cs b/BouncyCastle/crypto/src/bcpg/InputStreamPacket.cs new file mode 100644 index 0000000..c45efab --- /dev/null +++ b/BouncyCastle/crypto/src/bcpg/InputStreamPacket.cs @@ -0,0 +1,20 @@ +namespace Org.BouncyCastle.Bcpg +{ + public class InputStreamPacket + : Packet + { + private readonly BcpgInputStream bcpgIn; + + public InputStreamPacket( + BcpgInputStream bcpgIn) + { + this.bcpgIn = bcpgIn; + } + + /// Note: you can only read from this once... + public BcpgInputStream GetInputStream() + { + return bcpgIn; + } + } +} diff --git a/BouncyCastle/crypto/src/bcpg/LiteralDataPacket.cs b/BouncyCastle/crypto/src/bcpg/LiteralDataPacket.cs new file mode 100644 index 0000000..b4d28a2 --- /dev/null +++ b/BouncyCastle/crypto/src/bcpg/LiteralDataPacket.cs @@ -0,0 +1,61 @@ +using System; +using System.IO; + +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Bcpg +{ + /// Generic literal data packet. + public class LiteralDataPacket + : InputStreamPacket + { + private int format; + private byte[] fileName; + private long modDate; + + internal LiteralDataPacket( + BcpgInputStream bcpgIn) + : base(bcpgIn) + { + format = bcpgIn.ReadByte(); + int len = bcpgIn.ReadByte(); + + fileName = new byte[len]; + for (int i = 0; i != len; ++i) + { + int ch = bcpgIn.ReadByte(); + if (ch < 0) + throw new IOException("literal data truncated in header"); + + fileName[i] = (byte)ch; + } + + modDate = (((uint)bcpgIn.ReadByte() << 24) + | ((uint)bcpgIn.ReadByte() << 16) + | ((uint)bcpgIn.ReadByte() << 8) + | (uint)bcpgIn.ReadByte()) * 1000L; + } + + /// The format tag value. + public int Format + { + get { return format; } + } + + /// The modification time of the file in milli-seconds (since Jan 1, 1970 UTC) + public long ModificationTime + { + get { return modDate; } + } + + public string FileName + { + get { return Strings.FromUtf8ByteArray(fileName); } + } + + public byte[] GetRawFileName() + { + return Arrays.Clone(fileName); + } + } +} diff --git a/BouncyCastle/crypto/src/bcpg/MPInteger.cs b/BouncyCastle/crypto/src/bcpg/MPInteger.cs new file mode 100644 index 0000000..4414072 --- /dev/null +++ b/BouncyCastle/crypto/src/bcpg/MPInteger.cs @@ -0,0 +1,59 @@ +using System; +using System.IO; + +using Org.BouncyCastle.Math; + +namespace Org.BouncyCastle.Bcpg +{ + /// A multiple precision integer + public class MPInteger + : BcpgObject + { + private readonly BigInteger val; + + public MPInteger( + BcpgInputStream bcpgIn) + { + if (bcpgIn == null) + throw new ArgumentNullException("bcpgIn"); + + int length = (bcpgIn.ReadByte() << 8) | bcpgIn.ReadByte(); + byte[] bytes = new byte[(length + 7) / 8]; + + bcpgIn.ReadFully(bytes); + + this.val = new BigInteger(1, bytes); + } + + public MPInteger( + BigInteger val) + { + if (val == null) + throw new ArgumentNullException("val"); + if (val.SignValue < 0) + throw new ArgumentException("Values must be positive", "val"); + + this.val = val; + } + + public BigInteger Value + { + get { return val; } + } + + public override void Encode( + BcpgOutputStream bcpgOut) + { + bcpgOut.WriteShort((short) val.BitLength); + bcpgOut.Write(val.ToByteArrayUnsigned()); + } + + internal static void Encode( + BcpgOutputStream bcpgOut, + BigInteger val) + { + bcpgOut.WriteShort((short) val.BitLength); + bcpgOut.Write(val.ToByteArrayUnsigned()); + } + } +} diff --git a/BouncyCastle/crypto/src/bcpg/MarkerPacket.cs b/BouncyCastle/crypto/src/bcpg/MarkerPacket.cs new file mode 100644 index 0000000..4dc4b5a --- /dev/null +++ b/BouncyCastle/crypto/src/bcpg/MarkerPacket.cs @@ -0,0 +1,24 @@ +using System.IO; + +namespace Org.BouncyCastle.Bcpg +{ + /// Basic type for a marker packet. + public class MarkerPacket + : ContainedPacket + { + // "PGP" + byte[] marker = { (byte)0x50, (byte)0x47, (byte)0x50 }; + + public MarkerPacket( + BcpgInputStream bcpgIn) + { + bcpgIn.ReadFully(marker); + } + + public override void Encode( + BcpgOutputStream bcpgOut) + { + bcpgOut.WritePacket(PacketTag.Marker, marker, true); + } + } +} diff --git a/BouncyCastle/crypto/src/bcpg/ModDetectionCodePacket.cs b/BouncyCastle/crypto/src/bcpg/ModDetectionCodePacket.cs new file mode 100644 index 0000000..6bb2364 --- /dev/null +++ b/BouncyCastle/crypto/src/bcpg/ModDetectionCodePacket.cs @@ -0,0 +1,42 @@ +using System; +using System.IO; + +namespace Org.BouncyCastle.Bcpg +{ + /// Basic packet for a modification detection code packet. + public class ModDetectionCodePacket + : ContainedPacket + { + private readonly byte[] digest; + + internal ModDetectionCodePacket( + BcpgInputStream bcpgIn) + { + if (bcpgIn == null) + throw new ArgumentNullException("bcpgIn"); + + this.digest = new byte[20]; + bcpgIn.ReadFully(this.digest); + } + + public ModDetectionCodePacket( + byte[] digest) + { + if (digest == null) + throw new ArgumentNullException("digest"); + + this.digest = (byte[]) digest.Clone(); + } + + public byte[] GetDigest() + { + return (byte[]) digest.Clone(); + } + + public override void Encode( + BcpgOutputStream bcpgOut) + { + bcpgOut.WritePacket(PacketTag.ModificationDetectionCode, digest, false); + } + } +} diff --git a/BouncyCastle/crypto/src/bcpg/OnePassSignaturePacket.cs b/BouncyCastle/crypto/src/bcpg/OnePassSignaturePacket.cs new file mode 100644 index 0000000..b67df0a --- /dev/null +++ b/BouncyCastle/crypto/src/bcpg/OnePassSignaturePacket.cs @@ -0,0 +1,93 @@ +using System; +using System.IO; + +namespace Org.BouncyCastle.Bcpg +{ + /// Generic signature object + public class OnePassSignaturePacket + : ContainedPacket + { + private int version; + private int sigType; + private HashAlgorithmTag hashAlgorithm; + private PublicKeyAlgorithmTag keyAlgorithm; + private long keyId; + private int nested; + + internal OnePassSignaturePacket( + BcpgInputStream bcpgIn) + { + version = bcpgIn.ReadByte(); + sigType = bcpgIn.ReadByte(); + hashAlgorithm = (HashAlgorithmTag) bcpgIn.ReadByte(); + keyAlgorithm = (PublicKeyAlgorithmTag) bcpgIn.ReadByte(); + + keyId |= (long)bcpgIn.ReadByte() << 56; + keyId |= (long)bcpgIn.ReadByte() << 48; + keyId |= (long)bcpgIn.ReadByte() << 40; + keyId |= (long)bcpgIn.ReadByte() << 32; + keyId |= (long)bcpgIn.ReadByte() << 24; + keyId |= (long)bcpgIn.ReadByte() << 16; + keyId |= (long)bcpgIn.ReadByte() << 8; + keyId |= (uint)bcpgIn.ReadByte(); + + nested = bcpgIn.ReadByte(); + } + + public OnePassSignaturePacket( + int sigType, + HashAlgorithmTag hashAlgorithm, + PublicKeyAlgorithmTag keyAlgorithm, + long keyId, + bool isNested) + { + this.version = 3; + this.sigType = sigType; + this.hashAlgorithm = hashAlgorithm; + this.keyAlgorithm = keyAlgorithm; + this.keyId = keyId; + this.nested = (isNested) ? 0 : 1; + } + + public int SignatureType + { + get { return sigType; } + } + + /// The encryption algorithm tag. + public PublicKeyAlgorithmTag KeyAlgorithm + { + get { return keyAlgorithm; } + } + + /// The hash algorithm tag. + public HashAlgorithmTag HashAlgorithm + { + get { return hashAlgorithm; } + } + + public long KeyId + { + get { return keyId; } + } + + public override void Encode( + BcpgOutputStream bcpgOut) + { + MemoryStream bOut = new MemoryStream(); + BcpgOutputStream pOut = new BcpgOutputStream(bOut); + + pOut.Write( + (byte) version, + (byte) sigType, + (byte) hashAlgorithm, + (byte) keyAlgorithm); + + pOut.WriteLong(keyId); + + pOut.WriteByte((byte) nested); + + bcpgOut.WritePacket(PacketTag.OnePassSignature, bOut.ToArray(), true); + } + } +} diff --git a/BouncyCastle/crypto/src/bcpg/OutputStreamPacket.cs b/BouncyCastle/crypto/src/bcpg/OutputStreamPacket.cs new file mode 100644 index 0000000..aa8316d --- /dev/null +++ b/BouncyCastle/crypto/src/bcpg/OutputStreamPacket.cs @@ -0,0 +1,24 @@ +using System; +using System.IO; + +namespace Org.BouncyCastle.Bcpg +{ + public abstract class OutputStreamPacket + { + private readonly BcpgOutputStream bcpgOut; + + internal OutputStreamPacket( + BcpgOutputStream bcpgOut) + { + if (bcpgOut == null) + throw new ArgumentNullException("bcpgOut"); + + this.bcpgOut = bcpgOut; + } + + public abstract BcpgOutputStream Open(); + + public abstract void Close(); + } +} + diff --git a/BouncyCastle/crypto/src/bcpg/Packet.cs b/BouncyCastle/crypto/src/bcpg/Packet.cs new file mode 100644 index 0000000..83f6d1f --- /dev/null +++ b/BouncyCastle/crypto/src/bcpg/Packet.cs @@ -0,0 +1,7 @@ +namespace Org.BouncyCastle.Bcpg +{ + public class Packet + //: PacketTag + { + } +} diff --git a/BouncyCastle/crypto/src/bcpg/PacketTags.cs b/BouncyCastle/crypto/src/bcpg/PacketTags.cs new file mode 100644 index 0000000..5a53d4e --- /dev/null +++ b/BouncyCastle/crypto/src/bcpg/PacketTags.cs @@ -0,0 +1,30 @@ +namespace Org.BouncyCastle.Bcpg +{ + /// Basic PGP packet tag types. + public enum PacketTag + { + Reserved = 0, // Reserved - a packet tag must not have this value + PublicKeyEncryptedSession = 1, // Public-Key Encrypted Session Key Packet + Signature = 2, // Signature Packet + SymmetricKeyEncryptedSessionKey = 3, // Symmetric-Key Encrypted Session Key Packet + OnePassSignature = 4, // One-Pass Signature Packet + SecretKey = 5, // Secret Key Packet + PublicKey = 6, // Public Key Packet + SecretSubkey = 7, // Secret Subkey Packet + CompressedData = 8, // Compressed Data Packet + SymmetricKeyEncrypted = 9, // Symmetrically Encrypted Data Packet + Marker = 10, // Marker Packet + LiteralData = 11, // Literal Data Packet + Trust = 12, // Trust Packet + UserId = 13, // User ID Packet + PublicSubkey = 14, // Public Subkey Packet + UserAttribute = 17, // User attribute + SymmetricEncryptedIntegrityProtected = 18, // Symmetric encrypted, integrity protected + ModificationDetectionCode = 19, // Modification detection code + + Experimental1 = 60, // Private or Experimental Values + Experimental2 = 61, + Experimental3 = 62, + Experimental4 = 63 + } +} diff --git a/BouncyCastle/crypto/src/bcpg/PublicKeyAlgorithmTags.cs b/BouncyCastle/crypto/src/bcpg/PublicKeyAlgorithmTags.cs new file mode 100644 index 0000000..7c93964 --- /dev/null +++ b/BouncyCastle/crypto/src/bcpg/PublicKeyAlgorithmTags.cs @@ -0,0 +1,33 @@ +using System; + +namespace Org.BouncyCastle.Bcpg +{ + /// Public Key Algorithm tag numbers. + public enum PublicKeyAlgorithmTag + { + RsaGeneral = 1, // RSA (Encrypt or Sign) + RsaEncrypt = 2, // RSA Encrypt-Only + RsaSign = 3, // RSA Sign-Only + ElGamalEncrypt = 16, // Elgamal (Encrypt-Only), see [ELGAMAL] + Dsa = 17, // DSA (Digital Signature Standard) + [Obsolete("Use 'ECDH' instead")] + EC = 18, // Reserved for Elliptic Curve + ECDH = 18, // Reserved for Elliptic Curve (actual algorithm name) + ECDsa = 19, // Reserved for ECDSA + ElGamalGeneral = 20, // Elgamal (Encrypt or Sign) + DiffieHellman = 21, // Reserved for Diffie-Hellman (X9.42, as defined for IETF-S/MIME) + EdDsa = 22, // EdDSA - (internet draft, but appearing in use) + + Experimental_1 = 100, + Experimental_2 = 101, + Experimental_3 = 102, + Experimental_4 = 103, + Experimental_5 = 104, + Experimental_6 = 105, + Experimental_7 = 106, + Experimental_8 = 107, + Experimental_9 = 108, + Experimental_10 = 109, + Experimental_11 = 110, + } +} diff --git a/BouncyCastle/crypto/src/bcpg/PublicKeyEncSessionPacket.cs b/BouncyCastle/crypto/src/bcpg/PublicKeyEncSessionPacket.cs new file mode 100644 index 0000000..831b5a1 --- /dev/null +++ b/BouncyCastle/crypto/src/bcpg/PublicKeyEncSessionPacket.cs @@ -0,0 +1,115 @@ +using System; +using System.IO; + +using Org.BouncyCastle.Math; +using Org.BouncyCastle.Utilities; +using Org.BouncyCastle.Utilities.IO; + +namespace Org.BouncyCastle.Bcpg +{ + /// Basic packet for a PGP public key. + public class PublicKeyEncSessionPacket + : ContainedPacket //, PublicKeyAlgorithmTag + { + private int version; + private long keyId; + private PublicKeyAlgorithmTag algorithm; + private byte[][] data; + + internal PublicKeyEncSessionPacket( + BcpgInputStream bcpgIn) + { + version = bcpgIn.ReadByte(); + + keyId |= (long)bcpgIn.ReadByte() << 56; + keyId |= (long)bcpgIn.ReadByte() << 48; + keyId |= (long)bcpgIn.ReadByte() << 40; + keyId |= (long)bcpgIn.ReadByte() << 32; + keyId |= (long)bcpgIn.ReadByte() << 24; + keyId |= (long)bcpgIn.ReadByte() << 16; + keyId |= (long)bcpgIn.ReadByte() << 8; + keyId |= (uint)bcpgIn.ReadByte(); + + algorithm = (PublicKeyAlgorithmTag) bcpgIn.ReadByte(); + + switch ((PublicKeyAlgorithmTag) algorithm) + { + case PublicKeyAlgorithmTag.RsaEncrypt: + case PublicKeyAlgorithmTag.RsaGeneral: + data = new byte[][]{ new MPInteger(bcpgIn).GetEncoded() }; + break; + case PublicKeyAlgorithmTag.ElGamalEncrypt: + case PublicKeyAlgorithmTag.ElGamalGeneral: + MPInteger p = new MPInteger(bcpgIn); + MPInteger g = new MPInteger(bcpgIn); + data = new byte[][]{ + p.GetEncoded(), + g.GetEncoded(), + }; + break; + case PublicKeyAlgorithmTag.ECDH: + data = new byte[][]{ Streams.ReadAll(bcpgIn) }; + break; + default: + throw new IOException("unknown PGP public key algorithm encountered"); + } + } + + public PublicKeyEncSessionPacket( + long keyId, + PublicKeyAlgorithmTag algorithm, + byte[][] data) + { + this.version = 3; + this.keyId = keyId; + this.algorithm = algorithm; + this.data = new byte[data.Length][]; + for (int i = 0; i < data.Length; ++i) + { + this.data[i] = Arrays.Clone(data[i]); + } + } + + public int Version + { + get { return version; } + } + + public long KeyId + { + get { return keyId; } + } + + public PublicKeyAlgorithmTag Algorithm + { + get { return algorithm; } + } + + public byte[][] GetEncSessionKey() + { + return data; + } + + public override void Encode( + BcpgOutputStream bcpgOut) + { + MemoryStream bOut = new MemoryStream(); + BcpgOutputStream pOut = new BcpgOutputStream(bOut); + + pOut.WriteByte((byte) version); + + pOut.WriteLong(keyId); + + pOut.WriteByte((byte)algorithm); + + for (int i = 0; i < data.Length; ++i) + { + pOut.Write(data[i]); + } + + Platform.Dispose(pOut); + + bcpgOut.WritePacket(PacketTag.PublicKeyEncryptedSession , bOut.ToArray(), true); + } + } +} diff --git a/BouncyCastle/crypto/src/bcpg/PublicKeyPacket.cs b/BouncyCastle/crypto/src/bcpg/PublicKeyPacket.cs new file mode 100644 index 0000000..bbed941 --- /dev/null +++ b/BouncyCastle/crypto/src/bcpg/PublicKeyPacket.cs @@ -0,0 +1,121 @@ +using System; +using System.IO; + +using Org.BouncyCastle.Utilities.Date; + +namespace Org.BouncyCastle.Bcpg +{ + /// Basic packet for a PGP public key. + public class PublicKeyPacket + : ContainedPacket //, PublicKeyAlgorithmTag + { + private int version; + private long time; + private int validDays; + private PublicKeyAlgorithmTag algorithm; + private IBcpgKey key; + + internal PublicKeyPacket( + BcpgInputStream bcpgIn) + { + version = bcpgIn.ReadByte(); + + time = ((uint)bcpgIn.ReadByte() << 24) | ((uint)bcpgIn.ReadByte() << 16) + | ((uint)bcpgIn.ReadByte() << 8) | (uint)bcpgIn.ReadByte(); + + if (version <= 3) + { + validDays = (bcpgIn.ReadByte() << 8) | bcpgIn.ReadByte(); + } + + algorithm = (PublicKeyAlgorithmTag) bcpgIn.ReadByte(); + + switch ((PublicKeyAlgorithmTag) algorithm) + { + case PublicKeyAlgorithmTag.RsaEncrypt: + case PublicKeyAlgorithmTag.RsaGeneral: + case PublicKeyAlgorithmTag.RsaSign: + key = new RsaPublicBcpgKey(bcpgIn); + break; + case PublicKeyAlgorithmTag.Dsa: + key = new DsaPublicBcpgKey(bcpgIn); + break; + case PublicKeyAlgorithmTag.ElGamalEncrypt: + case PublicKeyAlgorithmTag.ElGamalGeneral: + key = new ElGamalPublicBcpgKey(bcpgIn); + break; + case PublicKeyAlgorithmTag.ECDH: + key = new ECDHPublicBcpgKey(bcpgIn); + break; + case PublicKeyAlgorithmTag.ECDsa: + key = new ECDsaPublicBcpgKey(bcpgIn); + break; + default: + throw new IOException("unknown PGP public key algorithm encountered"); + } + } + + /// Construct a version 4 public key packet. + public PublicKeyPacket( + PublicKeyAlgorithmTag algorithm, + DateTime time, + IBcpgKey key) + { + this.version = 4; + this.time = DateTimeUtilities.DateTimeToUnixMs(time) / 1000L; + this.algorithm = algorithm; + this.key = key; + } + + public virtual int Version + { + get { return version; } + } + + public virtual PublicKeyAlgorithmTag Algorithm + { + get { return algorithm; } + } + + public virtual int ValidDays + { + get { return validDays; } + } + + public virtual DateTime GetTime() + { + return DateTimeUtilities.UnixMsToDateTime(time * 1000L); + } + + public virtual IBcpgKey Key + { + get { return key; } + } + + public virtual byte[] GetEncodedContents() + { + MemoryStream bOut = new MemoryStream(); + BcpgOutputStream pOut = new BcpgOutputStream(bOut); + + pOut.WriteByte((byte) version); + pOut.WriteInt((int) time); + + if (version <= 3) + { + pOut.WriteShort((short) validDays); + } + + pOut.WriteByte((byte) algorithm); + + pOut.WriteObject((BcpgObject)key); + + return bOut.ToArray(); + } + + public override void Encode( + BcpgOutputStream bcpgOut) + { + bcpgOut.WritePacket(PacketTag.PublicKey, GetEncodedContents(), true); + } + } +} diff --git a/BouncyCastle/crypto/src/bcpg/PublicSubkeyPacket.cs b/BouncyCastle/crypto/src/bcpg/PublicSubkeyPacket.cs new file mode 100644 index 0000000..6e1aeda --- /dev/null +++ b/BouncyCastle/crypto/src/bcpg/PublicSubkeyPacket.cs @@ -0,0 +1,30 @@ +using System; +using System.IO; +namespace Org.BouncyCastle.Bcpg +{ + /// Basic packet for a PGP public subkey + public class PublicSubkeyPacket + : PublicKeyPacket + { + internal PublicSubkeyPacket( + BcpgInputStream bcpgIn) + : base(bcpgIn) + { + } + + /// Construct a version 4 public subkey packet. + public PublicSubkeyPacket( + PublicKeyAlgorithmTag algorithm, + DateTime time, + IBcpgKey key) + : base(algorithm, time, key) + { + } + + public override void Encode( + BcpgOutputStream bcpgOut) + { + bcpgOut.WritePacket(PacketTag.PublicSubkey, GetEncodedContents(), true); + } + } +} diff --git a/BouncyCastle/crypto/src/bcpg/RsaPublicBcpgKey.cs b/BouncyCastle/crypto/src/bcpg/RsaPublicBcpgKey.cs new file mode 100644 index 0000000..fd2313c --- /dev/null +++ b/BouncyCastle/crypto/src/bcpg/RsaPublicBcpgKey.cs @@ -0,0 +1,66 @@ +using System; + +using Org.BouncyCastle.Math; + +namespace Org.BouncyCastle.Bcpg +{ + /// Base class for an RSA public key. + public class RsaPublicBcpgKey + : BcpgObject, IBcpgKey + { + private readonly MPInteger n, e; + + /// Construct an RSA public key from the passed in stream. + public RsaPublicBcpgKey( + BcpgInputStream bcpgIn) + { + this.n = new MPInteger(bcpgIn); + this.e = new MPInteger(bcpgIn); + } + + /// The modulus. + /// The public exponent. + public RsaPublicBcpgKey( + BigInteger n, + BigInteger e) + { + this.n = new MPInteger(n); + this.e = new MPInteger(e); + } + + public BigInteger PublicExponent + { + get { return e.Value; } + } + + public BigInteger Modulus + { + get { return n.Value; } + } + + /// The format, as a string, always "PGP". + public string Format + { + get { return "PGP"; } + } + + /// Return the standard PGP encoding of the key. + public override byte[] GetEncoded() + { + try + { + return base.GetEncoded(); + } + catch (Exception) + { + return null; + } + } + + public override void Encode( + BcpgOutputStream bcpgOut) + { + bcpgOut.WriteObjects(n, e); + } + } +} diff --git a/BouncyCastle/crypto/src/bcpg/RsaSecretBcpgKey.cs b/BouncyCastle/crypto/src/bcpg/RsaSecretBcpgKey.cs new file mode 100644 index 0000000..783f083 --- /dev/null +++ b/BouncyCastle/crypto/src/bcpg/RsaSecretBcpgKey.cs @@ -0,0 +1,115 @@ +using System; + +using Org.BouncyCastle.Math; +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Bcpg +{ + /// Base class for an RSA secret (or priate) key. + public class RsaSecretBcpgKey + : BcpgObject, IBcpgKey + { + private readonly MPInteger d, p, q, u; + private readonly BigInteger expP, expQ, crt; + + public RsaSecretBcpgKey( + BcpgInputStream bcpgIn) + { + this.d = new MPInteger(bcpgIn); + this.p = new MPInteger(bcpgIn); + this.q = new MPInteger(bcpgIn); + this.u = new MPInteger(bcpgIn); + + this.expP = d.Value.Remainder(p.Value.Subtract(BigInteger.One)); + this.expQ = d.Value.Remainder(q.Value.Subtract(BigInteger.One)); + this.crt = BigIntegers.ModOddInverse(p.Value, q.Value); + } + + public RsaSecretBcpgKey( + BigInteger d, + BigInteger p, + BigInteger q) + { + // PGP requires (p < q) + int cmp = p.CompareTo(q); + if (cmp >= 0) + { + if (cmp == 0) + throw new ArgumentException("p and q cannot be equal"); + + BigInteger tmp = p; + p = q; + q = tmp; + } + + this.d = new MPInteger(d); + this.p = new MPInteger(p); + this.q = new MPInteger(q); + this.u = new MPInteger(BigIntegers.ModOddInverse(q, p)); + + this.expP = d.Remainder(p.Subtract(BigInteger.One)); + this.expQ = d.Remainder(q.Subtract(BigInteger.One)); + this.crt = BigIntegers.ModOddInverse(p, q); + } + + public BigInteger Modulus + { + get { return p.Value.Multiply(q.Value); } + } + + public BigInteger PrivateExponent + { + get { return d.Value; } + } + + public BigInteger PrimeP + { + get { return p.Value; } + } + + public BigInteger PrimeQ + { + get { return q.Value; } + } + + public BigInteger PrimeExponentP + { + get { return expP; } + } + + public BigInteger PrimeExponentQ + { + get { return expQ; } + } + + public BigInteger CrtCoefficient + { + get { return crt; } + } + + /// The format, as a string, always "PGP". + public string Format + { + get { return "PGP"; } + } + + /// Return the standard PGP encoding of the key. + public override byte[] GetEncoded() + { + try + { + return base.GetEncoded(); + } + catch (Exception) + { + return null; + } + } + + public override void Encode( + BcpgOutputStream bcpgOut) + { + bcpgOut.WriteObjects(d, p, q, u); + } + } +} diff --git a/BouncyCastle/crypto/src/bcpg/S2k.cs b/BouncyCastle/crypto/src/bcpg/S2k.cs new file mode 100644 index 0000000..33fd792 --- /dev/null +++ b/BouncyCastle/crypto/src/bcpg/S2k.cs @@ -0,0 +1,149 @@ +using System; +using System.IO; + +using Org.BouncyCastle.Utilities; +using Org.BouncyCastle.Utilities.IO; + +namespace Org.BouncyCastle.Bcpg +{ + /// The string to key specifier class. + public class S2k + : BcpgObject + { + private const int ExpBias = 6; + + public const int Simple = 0; + public const int Salted = 1; + public const int SaltedAndIterated = 3; + public const int GnuDummyS2K = 101; + public const int GnuProtectionModeNoPrivateKey = 1; + public const int GnuProtectionModeDivertToCard = 2; + + internal int type; + internal HashAlgorithmTag algorithm; + internal byte[] iv; + internal int itCount = -1; + internal int protectionMode = -1; + + internal S2k( + Stream inStr) + { + type = inStr.ReadByte(); + algorithm = (HashAlgorithmTag) inStr.ReadByte(); + + // + // if this happens we have a dummy-S2k packet. + // + if (type != GnuDummyS2K) + { + if (type != 0) + { + iv = new byte[8]; + if (Streams.ReadFully(inStr, iv, 0, iv.Length) < iv.Length) + throw new EndOfStreamException(); + + if (type == 3) + { + itCount = inStr.ReadByte(); + } + } + } + else + { + inStr.ReadByte(); // G + inStr.ReadByte(); // N + inStr.ReadByte(); // U + protectionMode = inStr.ReadByte(); // protection mode + } + } + + public S2k( + HashAlgorithmTag algorithm) + { + this.type = 0; + this.algorithm = algorithm; + } + + public S2k( + HashAlgorithmTag algorithm, + byte[] iv) + { + this.type = 1; + this.algorithm = algorithm; + this.iv = iv; + } + + public S2k( + HashAlgorithmTag algorithm, + byte[] iv, + int itCount) + { + this.type = 3; + this.algorithm = algorithm; + this.iv = iv; + this.itCount = itCount; + } + + public virtual int Type + { + get { return type; } + } + + /// The hash algorithm. + public virtual HashAlgorithmTag HashAlgorithm + { + get { return algorithm; } + } + + /// The IV for the key generation algorithm. + public virtual byte[] GetIV() + { + return Arrays.Clone(iv); + } + + [Obsolete("Use 'IterationCount' property instead")] + public long GetIterationCount() + { + return IterationCount; + } + + /// The iteration count + public virtual long IterationCount + { + get { return (16 + (itCount & 15)) << ((itCount >> 4) + ExpBias); } + } + + /// The protection mode - only if GnuDummyS2K + public virtual int ProtectionMode + { + get { return protectionMode; } + } + + public override void Encode( + BcpgOutputStream bcpgOut) + { + bcpgOut.WriteByte((byte) type); + bcpgOut.WriteByte((byte) algorithm); + + if (type != GnuDummyS2K) + { + if (type != 0) + { + bcpgOut.Write(iv); + } + + if (type == 3) + { + bcpgOut.WriteByte((byte) itCount); + } + } + else + { + bcpgOut.WriteByte((byte) 'G'); + bcpgOut.WriteByte((byte) 'N'); + bcpgOut.WriteByte((byte) 'U'); + bcpgOut.WriteByte((byte) protectionMode); + } + } + } +} diff --git a/BouncyCastle/crypto/src/bcpg/SecretKeyPacket.cs b/BouncyCastle/crypto/src/bcpg/SecretKeyPacket.cs new file mode 100644 index 0000000..d9ceab4 --- /dev/null +++ b/BouncyCastle/crypto/src/bcpg/SecretKeyPacket.cs @@ -0,0 +1,170 @@ +using System; +using System.IO; + +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Bcpg +{ + /// Basic packet for a PGP secret key. + public class SecretKeyPacket + : ContainedPacket //, PublicKeyAlgorithmTag + { + public const int UsageNone = 0x00; + public const int UsageChecksum = 0xff; + public const int UsageSha1 = 0xfe; + + private PublicKeyPacket pubKeyPacket; + private readonly byte[] secKeyData; + private int s2kUsage; + private SymmetricKeyAlgorithmTag encAlgorithm; + private S2k s2k; + private byte[] iv; + + internal SecretKeyPacket( + BcpgInputStream bcpgIn) + { + if (this is SecretSubkeyPacket) + { + pubKeyPacket = new PublicSubkeyPacket(bcpgIn); + } + else + { + pubKeyPacket = new PublicKeyPacket(bcpgIn); + } + + s2kUsage = bcpgIn.ReadByte(); + + if (s2kUsage == UsageChecksum || s2kUsage == UsageSha1) + { + encAlgorithm = (SymmetricKeyAlgorithmTag) bcpgIn.ReadByte(); + s2k = new S2k(bcpgIn); + } + else + { + encAlgorithm = (SymmetricKeyAlgorithmTag) s2kUsage; + } + + if (!(s2k != null && s2k.Type == S2k.GnuDummyS2K && s2k.ProtectionMode == 0x01)) + { + if (s2kUsage != 0) + { + if (((int) encAlgorithm) < 7) + { + iv = new byte[8]; + } + else + { + iv = new byte[16]; + } + bcpgIn.ReadFully(iv); + } + } + + secKeyData = bcpgIn.ReadAll(); + } + + public SecretKeyPacket( + PublicKeyPacket pubKeyPacket, + SymmetricKeyAlgorithmTag encAlgorithm, + S2k s2k, + byte[] iv, + byte[] secKeyData) + { + this.pubKeyPacket = pubKeyPacket; + this.encAlgorithm = encAlgorithm; + + if (encAlgorithm != SymmetricKeyAlgorithmTag.Null) + { + this.s2kUsage = UsageChecksum; + } + else + { + this.s2kUsage = UsageNone; + } + + this.s2k = s2k; + this.iv = Arrays.Clone(iv); + this.secKeyData = secKeyData; + } + + public SecretKeyPacket( + PublicKeyPacket pubKeyPacket, + SymmetricKeyAlgorithmTag encAlgorithm, + int s2kUsage, + S2k s2k, + byte[] iv, + byte[] secKeyData) + { + this.pubKeyPacket = pubKeyPacket; + this.encAlgorithm = encAlgorithm; + this.s2kUsage = s2kUsage; + this.s2k = s2k; + this.iv = Arrays.Clone(iv); + this.secKeyData = secKeyData; + } + + public SymmetricKeyAlgorithmTag EncAlgorithm + { + get { return encAlgorithm; } + } + + public int S2kUsage + { + get { return s2kUsage; } + } + + public byte[] GetIV() + { + return Arrays.Clone(iv); + } + + public S2k S2k + { + get { return s2k; } + } + + public PublicKeyPacket PublicKeyPacket + { + get { return pubKeyPacket; } + } + + public byte[] GetSecretKeyData() + { + return secKeyData; + } + + public byte[] GetEncodedContents() + { + MemoryStream bOut = new MemoryStream(); + BcpgOutputStream pOut = new BcpgOutputStream(bOut); + + pOut.Write(pubKeyPacket.GetEncodedContents()); + + pOut.WriteByte((byte) s2kUsage); + + if (s2kUsage == UsageChecksum || s2kUsage == UsageSha1) + { + pOut.WriteByte((byte) encAlgorithm); + pOut.WriteObject(s2k); + } + + if (iv != null) + { + pOut.Write(iv); + } + + if (secKeyData != null && secKeyData.Length > 0) + { + pOut.Write(secKeyData); + } + + return bOut.ToArray(); + } + + public override void Encode( + BcpgOutputStream bcpgOut) + { + bcpgOut.WritePacket(PacketTag.SecretKey, GetEncodedContents(), true); + } + } +} diff --git a/BouncyCastle/crypto/src/bcpg/SecretSubkeyPacket.cs b/BouncyCastle/crypto/src/bcpg/SecretSubkeyPacket.cs new file mode 100644 index 0000000..8f17469 --- /dev/null +++ b/BouncyCastle/crypto/src/bcpg/SecretSubkeyPacket.cs @@ -0,0 +1,43 @@ +using System; +using System.IO; + +namespace Org.BouncyCastle.Bcpg +{ + /// Basic packet for a PGP secret key. + public class SecretSubkeyPacket + : SecretKeyPacket + { + internal SecretSubkeyPacket( + BcpgInputStream bcpgIn) + : base(bcpgIn) + { + } + + public SecretSubkeyPacket( + PublicKeyPacket pubKeyPacket, + SymmetricKeyAlgorithmTag encAlgorithm, + S2k s2k, + byte[] iv, + byte[] secKeyData) + : base(pubKeyPacket, encAlgorithm, s2k, iv, secKeyData) + { + } + + public SecretSubkeyPacket( + PublicKeyPacket pubKeyPacket, + SymmetricKeyAlgorithmTag encAlgorithm, + int s2kUsage, + S2k s2k, + byte[] iv, + byte[] secKeyData) + : base(pubKeyPacket, encAlgorithm, s2kUsage, s2k, iv, secKeyData) + { + } + + public override void Encode( + BcpgOutputStream bcpgOut) + { + bcpgOut.WritePacket(PacketTag.SecretSubkey, GetEncodedContents(), true); + } + } +} diff --git a/BouncyCastle/crypto/src/bcpg/SignaturePacket.cs b/BouncyCastle/crypto/src/bcpg/SignaturePacket.cs new file mode 100644 index 0000000..9a664f9 --- /dev/null +++ b/BouncyCastle/crypto/src/bcpg/SignaturePacket.cs @@ -0,0 +1,486 @@ +using System; +using System.Collections; +using System.IO; + +using Org.BouncyCastle.Bcpg.Sig; +using Org.BouncyCastle.Utilities; +using Org.BouncyCastle.Utilities.Date; +using Org.BouncyCastle.Utilities.IO; + +namespace Org.BouncyCastle.Bcpg +{ + /// Generic signature packet. + public class SignaturePacket + : ContainedPacket //, PublicKeyAlgorithmTag + { + private int version; + private int signatureType; + private long creationTime; + private long keyId; + private PublicKeyAlgorithmTag keyAlgorithm; + private HashAlgorithmTag hashAlgorithm; + private MPInteger[] signature; + private byte[] fingerprint; + private SignatureSubpacket[] hashedData; + private SignatureSubpacket[] unhashedData; + private byte[] signatureEncoding; + + internal SignaturePacket( + BcpgInputStream bcpgIn) + { + version = bcpgIn.ReadByte(); + + if (version == 3 || version == 2) + { +// int l = + bcpgIn.ReadByte(); + + signatureType = bcpgIn.ReadByte(); + creationTime = (((long)bcpgIn.ReadByte() << 24) | ((long)bcpgIn.ReadByte() << 16) + | ((long)bcpgIn.ReadByte() << 8) | (uint)bcpgIn.ReadByte()) * 1000L; + + keyId |= (long)bcpgIn.ReadByte() << 56; + keyId |= (long)bcpgIn.ReadByte() << 48; + keyId |= (long)bcpgIn.ReadByte() << 40; + keyId |= (long)bcpgIn.ReadByte() << 32; + keyId |= (long)bcpgIn.ReadByte() << 24; + keyId |= (long)bcpgIn.ReadByte() << 16; + keyId |= (long)bcpgIn.ReadByte() << 8; + keyId |= (uint)bcpgIn.ReadByte(); + + keyAlgorithm = (PublicKeyAlgorithmTag) bcpgIn.ReadByte(); + hashAlgorithm = (HashAlgorithmTag) bcpgIn.ReadByte(); + } + else if (version == 4) + { + signatureType = bcpgIn.ReadByte(); + keyAlgorithm = (PublicKeyAlgorithmTag) bcpgIn.ReadByte(); + hashAlgorithm = (HashAlgorithmTag) bcpgIn.ReadByte(); + + int hashedLength = (bcpgIn.ReadByte() << 8) | bcpgIn.ReadByte(); + byte[] hashed = new byte[hashedLength]; + + bcpgIn.ReadFully(hashed); + + // + // read the signature sub packet data. + // + SignatureSubpacketsParser sIn = new SignatureSubpacketsParser( + new MemoryStream(hashed, false)); + + IList v = Platform.CreateArrayList(); + SignatureSubpacket sub; + while ((sub = sIn.ReadPacket()) != null) + { + v.Add(sub); + } + + hashedData = new SignatureSubpacket[v.Count]; + + for (int i = 0; i != hashedData.Length; i++) + { + SignatureSubpacket p = (SignatureSubpacket)v[i]; + if (p is IssuerKeyId) + { + keyId = ((IssuerKeyId)p).KeyId; + } + else if (p is SignatureCreationTime) + { + creationTime = DateTimeUtilities.DateTimeToUnixMs( + ((SignatureCreationTime)p).GetTime()); + } + + hashedData[i] = p; + } + + int unhashedLength = (bcpgIn.ReadByte() << 8) | bcpgIn.ReadByte(); + byte[] unhashed = new byte[unhashedLength]; + + bcpgIn.ReadFully(unhashed); + + sIn = new SignatureSubpacketsParser(new MemoryStream(unhashed, false)); + + v.Clear(); + + while ((sub = sIn.ReadPacket()) != null) + { + v.Add(sub); + } + + unhashedData = new SignatureSubpacket[v.Count]; + + for (int i = 0; i != unhashedData.Length; i++) + { + SignatureSubpacket p = (SignatureSubpacket)v[i]; + if (p is IssuerKeyId) + { + keyId = ((IssuerKeyId)p).KeyId; + } + + unhashedData[i] = p; + } + } + else + { + Streams.Drain(bcpgIn); + + throw new UnsupportedPacketVersionException("unsupported version: " + version); + } + + fingerprint = new byte[2]; + bcpgIn.ReadFully(fingerprint); + + switch (keyAlgorithm) + { + case PublicKeyAlgorithmTag.RsaGeneral: + case PublicKeyAlgorithmTag.RsaSign: + MPInteger v = new MPInteger(bcpgIn); + signature = new MPInteger[]{ v }; + break; + case PublicKeyAlgorithmTag.Dsa: + MPInteger r = new MPInteger(bcpgIn); + MPInteger s = new MPInteger(bcpgIn); + signature = new MPInteger[]{ r, s }; + break; + case PublicKeyAlgorithmTag.ElGamalEncrypt: // yep, this really does happen sometimes. + case PublicKeyAlgorithmTag.ElGamalGeneral: + MPInteger p = new MPInteger(bcpgIn); + MPInteger g = new MPInteger(bcpgIn); + MPInteger y = new MPInteger(bcpgIn); + signature = new MPInteger[]{ p, g, y }; + break; + case PublicKeyAlgorithmTag.ECDsa: + MPInteger ecR = new MPInteger(bcpgIn); + MPInteger ecS = new MPInteger(bcpgIn); + signature = new MPInteger[]{ ecR, ecS }; + break; + default: + if (keyAlgorithm >= PublicKeyAlgorithmTag.Experimental_1 && keyAlgorithm <= PublicKeyAlgorithmTag.Experimental_11) + { + signature = null; + MemoryStream bOut = new MemoryStream(); + int ch; + while ((ch = bcpgIn.ReadByte()) >= 0) + { + bOut.WriteByte((byte) ch); + } + signatureEncoding = bOut.ToArray(); + } + else + { + throw new IOException("unknown signature key algorithm: " + keyAlgorithm); + } + break; + } + } + + /** + * Generate a version 4 signature packet. + * + * @param signatureType + * @param keyAlgorithm + * @param hashAlgorithm + * @param hashedData + * @param unhashedData + * @param fingerprint + * @param signature + */ + public SignaturePacket( + int signatureType, + long keyId, + PublicKeyAlgorithmTag keyAlgorithm, + HashAlgorithmTag hashAlgorithm, + SignatureSubpacket[] hashedData, + SignatureSubpacket[] unhashedData, + byte[] fingerprint, + MPInteger[] signature) + : this(4, signatureType, keyId, keyAlgorithm, hashAlgorithm, hashedData, unhashedData, fingerprint, signature) + { + } + + /** + * Generate a version 2/3 signature packet. + * + * @param signatureType + * @param keyAlgorithm + * @param hashAlgorithm + * @param fingerprint + * @param signature + */ + public SignaturePacket( + int version, + int signatureType, + long keyId, + PublicKeyAlgorithmTag keyAlgorithm, + HashAlgorithmTag hashAlgorithm, + long creationTime, + byte[] fingerprint, + MPInteger[] signature) + : this(version, signatureType, keyId, keyAlgorithm, hashAlgorithm, null, null, fingerprint, signature) + { + this.creationTime = creationTime; + } + + public SignaturePacket( + int version, + int signatureType, + long keyId, + PublicKeyAlgorithmTag keyAlgorithm, + HashAlgorithmTag hashAlgorithm, + SignatureSubpacket[] hashedData, + SignatureSubpacket[] unhashedData, + byte[] fingerprint, + MPInteger[] signature) + { + this.version = version; + this.signatureType = signatureType; + this.keyId = keyId; + this.keyAlgorithm = keyAlgorithm; + this.hashAlgorithm = hashAlgorithm; + this.hashedData = hashedData; + this.unhashedData = unhashedData; + this.fingerprint = fingerprint; + this.signature = signature; + + if (hashedData != null) + { + setCreationTime(); + } + } + + public int Version + { + get { return version; } + } + + public int SignatureType + { + get { return signatureType; } + } + + /** + * return the keyId + * @return the keyId that created the signature. + */ + public long KeyId + { + get { return keyId; } + } + + /** + * return the signature trailer that must be included with the data + * to reconstruct the signature + * + * @return byte[] + */ + public byte[] GetSignatureTrailer() + { + byte[] trailer = null; + + if (version == 3) + { + trailer = new byte[5]; + + long time = creationTime / 1000L; + + trailer[0] = (byte)signatureType; + trailer[1] = (byte)(time >> 24); + trailer[2] = (byte)(time >> 16); + trailer[3] = (byte)(time >> 8); + trailer[4] = (byte)(time); + } + else + { + MemoryStream sOut = new MemoryStream(); + + sOut.WriteByte((byte)this.Version); + sOut.WriteByte((byte)this.SignatureType); + sOut.WriteByte((byte)this.KeyAlgorithm); + sOut.WriteByte((byte)this.HashAlgorithm); + + MemoryStream hOut = new MemoryStream(); + SignatureSubpacket[] hashed = this.GetHashedSubPackets(); + + for (int i = 0; i != hashed.Length; i++) + { + hashed[i].Encode(hOut); + } + + byte[] data = hOut.ToArray(); + + sOut.WriteByte((byte)(data.Length >> 8)); + sOut.WriteByte((byte)data.Length); + sOut.Write(data, 0, data.Length); + + byte[] hData = sOut.ToArray(); + + sOut.WriteByte((byte)this.Version); + sOut.WriteByte((byte)0xff); + sOut.WriteByte((byte)(hData.Length>> 24)); + sOut.WriteByte((byte)(hData.Length >> 16)); + sOut.WriteByte((byte)(hData.Length >> 8)); + sOut.WriteByte((byte)(hData.Length)); + + trailer = sOut.ToArray(); + } + + return trailer; + } + + public PublicKeyAlgorithmTag KeyAlgorithm + { + get { return keyAlgorithm; } + } + + public HashAlgorithmTag HashAlgorithm + { + get { return hashAlgorithm; } + } + + /** + * return the signature as a set of integers - note this is normalised to be the + * ASN.1 encoding of what appears in the signature packet. + */ + public MPInteger[] GetSignature() + { + return signature; + } + + /** + * Return the byte encoding of the signature section. + * @return uninterpreted signature bytes. + */ + public byte[] GetSignatureBytes() + { + if (signatureEncoding != null) + { + return (byte[]) signatureEncoding.Clone(); + } + + MemoryStream bOut = new MemoryStream(); + BcpgOutputStream bcOut = new BcpgOutputStream(bOut); + + foreach (MPInteger sigObj in signature) + { + try + { + bcOut.WriteObject(sigObj); + } + catch (IOException e) + { + throw new Exception("internal error: " + e); + } + } + + return bOut.ToArray(); + } + + public SignatureSubpacket[] GetHashedSubPackets() + { + return hashedData; + } + + public SignatureSubpacket[] GetUnhashedSubPackets() + { + return unhashedData; + } + + /// Return the creation time in milliseconds since 1 Jan., 1970 UTC. + public long CreationTime + { + get { return creationTime; } + } + + public override void Encode( + BcpgOutputStream bcpgOut) + { + MemoryStream bOut = new MemoryStream(); + BcpgOutputStream pOut = new BcpgOutputStream(bOut); + + pOut.WriteByte((byte) version); + + if (version == 3 || version == 2) + { + pOut.Write( + 5, // the length of the next block + (byte) signatureType); + + pOut.WriteInt((int)(creationTime / 1000L)); + + pOut.WriteLong(keyId); + + pOut.Write( + (byte) keyAlgorithm, + (byte) hashAlgorithm); + } + else if (version == 4) + { + pOut.Write( + (byte) signatureType, + (byte) keyAlgorithm, + (byte) hashAlgorithm); + + EncodeLengthAndData(pOut, GetEncodedSubpackets(hashedData)); + + EncodeLengthAndData(pOut, GetEncodedSubpackets(unhashedData)); + } + else + { + throw new IOException("unknown version: " + version); + } + + pOut.Write(fingerprint); + + if (signature != null) + { + pOut.WriteObjects(signature); + } + else + { + pOut.Write(signatureEncoding); + } + + bcpgOut.WritePacket(PacketTag.Signature, bOut.ToArray(), true); + } + + private static void EncodeLengthAndData( + BcpgOutputStream pOut, + byte[] data) + { + pOut.WriteShort((short) data.Length); + pOut.Write(data); + } + + private static byte[] GetEncodedSubpackets( + SignatureSubpacket[] ps) + { + MemoryStream sOut = new MemoryStream(); + + foreach (SignatureSubpacket p in ps) + { + p.Encode(sOut); + } + + return sOut.ToArray(); + } + + private void setCreationTime() + { + foreach (SignatureSubpacket p in hashedData) + { + if (p is SignatureCreationTime) + { + creationTime = DateTimeUtilities.DateTimeToUnixMs( + ((SignatureCreationTime)p).GetTime()); + break; + } + } + } + public static SignaturePacket FromByteArray(byte[] data) + { + BcpgInputStream input = BcpgInputStream.Wrap(new MemoryStream(data)); + + return new SignaturePacket(input); + } + } +} diff --git a/BouncyCastle/crypto/src/bcpg/SignatureSubpacket.cs b/BouncyCastle/crypto/src/bcpg/SignatureSubpacket.cs new file mode 100644 index 0000000..5accadc --- /dev/null +++ b/BouncyCastle/crypto/src/bcpg/SignatureSubpacket.cs @@ -0,0 +1,115 @@ +using System.IO; + +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Bcpg +{ + /// Basic type for a PGP Signature sub-packet. + public class SignatureSubpacket + { + private readonly SignatureSubpacketTag type; + private readonly bool critical; + private readonly bool isLongLength; + internal byte[] data; + + protected internal SignatureSubpacket( + SignatureSubpacketTag type, + bool critical, + bool isLongLength, + byte[] data) + { + this.type = type; + this.critical = critical; + this.isLongLength = isLongLength; + this.data = data; + } + + public SignatureSubpacketTag SubpacketType + { + get { return type; } + } + + public bool IsCritical() + { + return critical; + } + + public bool IsLongLength() + { + return isLongLength; + } + + /// Return the generic data making up the packet. + public byte[] GetData() + { + return (byte[]) data.Clone(); + } + + public void Encode( + Stream os) + { + int bodyLen = data.Length + 1; + + if (isLongLength) + { + os.WriteByte(0xff); + os.WriteByte((byte)(bodyLen >> 24)); + os.WriteByte((byte)(bodyLen >> 16)); + os.WriteByte((byte)(bodyLen >> 8)); + os.WriteByte((byte)bodyLen); + } + else + { + if (bodyLen < 192) + { + os.WriteByte((byte)bodyLen); + } + else if (bodyLen <= 8383) + { + bodyLen -= 192; + + os.WriteByte((byte)(((bodyLen >> 8) & 0xff) + 192)); + os.WriteByte((byte)bodyLen); + } + else + { + os.WriteByte(0xff); + os.WriteByte((byte)(bodyLen >> 24)); + os.WriteByte((byte)(bodyLen >> 16)); + os.WriteByte((byte)(bodyLen >> 8)); + os.WriteByte((byte)bodyLen); + } + } + + if (critical) + { + os.WriteByte((byte)(0x80 | (int) type)); + } + else + { + os.WriteByte((byte) type); + } + + os.Write(data, 0, data.Length); + } + + public override int GetHashCode() + { + return (critical ? 1 : 0) + 7 * (int)type + 49 * Arrays.GetHashCode(data); + } + + public override bool Equals(object obj) + { + if (obj == this) + return true; + + SignatureSubpacket other = obj as SignatureSubpacket; + if (null == other) + return false; + + return this.type == other.type + && this.critical == other.critical + && Arrays.AreEqual(this.data, other.data); + } + } +} diff --git a/BouncyCastle/crypto/src/bcpg/SignatureSubpacketTags.cs b/BouncyCastle/crypto/src/bcpg/SignatureSubpacketTags.cs new file mode 100644 index 0000000..1a8e254 --- /dev/null +++ b/BouncyCastle/crypto/src/bcpg/SignatureSubpacketTags.cs @@ -0,0 +1,33 @@ +namespace Org.BouncyCastle.Bcpg +{ + /** + * Basic PGP signature sub-packet tag types. + */ + public enum SignatureSubpacketTag + { + CreationTime = 2, // signature creation time + ExpireTime = 3, // signature expiration time + Exportable = 4, // exportable certification + TrustSig = 5, // trust signature + RegExp = 6, // regular expression + Revocable = 7, // revocable + KeyExpireTime = 9, // key expiration time + Placeholder = 10, // placeholder for backward compatibility + PreferredSymmetricAlgorithms = 11, // preferred symmetric algorithms + RevocationKey = 12, // revocation key + IssuerKeyId = 16, // issuer key ID + NotationData = 20, // notation data + PreferredHashAlgorithms = 21, // preferred hash algorithms + PreferredCompressionAlgorithms = 22, // preferred compression algorithms + KeyServerPreferences = 23, // key server preferences + PreferredKeyServer = 24, // preferred key server + PrimaryUserId = 25, // primary user id + PolicyUrl = 26, // policy URL + KeyFlags = 27, // key flags + SignerUserId = 28, // signer's user id + RevocationReason = 29, // reason for revocation + Features = 30, // features + SignatureTarget = 31, // signature target + EmbeddedSignature = 32 // embedded signature + } +} diff --git a/BouncyCastle/crypto/src/bcpg/SignatureSubpacketsReader.cs b/BouncyCastle/crypto/src/bcpg/SignatureSubpacketsReader.cs new file mode 100644 index 0000000..86ad112 --- /dev/null +++ b/BouncyCastle/crypto/src/bcpg/SignatureSubpacketsReader.cs @@ -0,0 +1,135 @@ +using System; +using System.IO; + +using Org.BouncyCastle.Bcpg.Sig; +using Org.BouncyCastle.Utilities; +using Org.BouncyCastle.Utilities.IO; + +namespace Org.BouncyCastle.Bcpg +{ + /** + * reader for signature sub-packets + */ + public class SignatureSubpacketsParser + { + private readonly Stream input; + + public SignatureSubpacketsParser( + Stream input) + { + this.input = input; + } + + public SignatureSubpacket ReadPacket() + { + int l = input.ReadByte(); + if (l < 0) + return null; + + int bodyLen = 0; + bool isLongLength = false; + + if (l < 192) + { + bodyLen = l; + } + else if (l <= 223) + { + bodyLen = ((l - 192) << 8) + (input.ReadByte()) + 192; + } + else if (l == 255) + { + isLongLength = true; + bodyLen = (input.ReadByte() << 24) | (input.ReadByte() << 16) + | (input.ReadByte() << 8) | input.ReadByte(); + } + else + { + throw new IOException("unexpected length header"); + } + + int tag = input.ReadByte(); + if (tag < 0) + throw new EndOfStreamException("unexpected EOF reading signature sub packet"); + + if (bodyLen <= 0) + throw new EndOfStreamException("out of range data found in signature sub packet"); + + byte[] data = new byte[bodyLen - 1]; + + // + // this may seem a bit strange but it turns out some applications miscode the length + // in fixed length fields, so we check the length we do get, only throwing an exception if + // we really cannot continue + // + int bytesRead = Streams.ReadFully(input, data); + + bool isCritical = ((tag & 0x80) != 0); + SignatureSubpacketTag type = (SignatureSubpacketTag)(tag & 0x7f); + + if (bytesRead != data.Length) + { + switch (type) + { + case SignatureSubpacketTag.CreationTime: + data = CheckData(data, 4, bytesRead, "Signature Creation Time"); + break; + case SignatureSubpacketTag.IssuerKeyId: + data = CheckData(data, 8, bytesRead, "Issuer"); + break; + case SignatureSubpacketTag.KeyExpireTime: + data = CheckData(data, 4, bytesRead, "Signature Key Expiration Time"); + break; + case SignatureSubpacketTag.ExpireTime: + data = CheckData(data, 4, bytesRead, "Signature Expiration Time"); + break; + default: + throw new EndOfStreamException("truncated subpacket data."); + } + } + + switch (type) + { + case SignatureSubpacketTag.CreationTime: + return new SignatureCreationTime(isCritical, isLongLength, data); + case SignatureSubpacketTag.KeyExpireTime: + return new KeyExpirationTime(isCritical, isLongLength, data); + case SignatureSubpacketTag.ExpireTime: + return new SignatureExpirationTime(isCritical, isLongLength, data); + case SignatureSubpacketTag.Revocable: + return new Revocable(isCritical, isLongLength, data); + case SignatureSubpacketTag.Exportable: + return new Exportable(isCritical, isLongLength, data); + case SignatureSubpacketTag.IssuerKeyId: + return new IssuerKeyId(isCritical, isLongLength, data); + case SignatureSubpacketTag.TrustSig: + return new TrustSignature(isCritical, isLongLength, data); + case SignatureSubpacketTag.PreferredCompressionAlgorithms: + case SignatureSubpacketTag.PreferredHashAlgorithms: + case SignatureSubpacketTag.PreferredSymmetricAlgorithms: + return new PreferredAlgorithms(type, isCritical, isLongLength, data); + case SignatureSubpacketTag.KeyFlags: + return new KeyFlags(isCritical, isLongLength, data); + case SignatureSubpacketTag.PrimaryUserId: + return new PrimaryUserId(isCritical, isLongLength, data); + case SignatureSubpacketTag.SignerUserId: + return new SignerUserId(isCritical, isLongLength, data); + case SignatureSubpacketTag.NotationData: + return new NotationData(isCritical, isLongLength, data); + case SignatureSubpacketTag.RevocationReason: + return new RevocationReason(isCritical, isLongLength, data); + case SignatureSubpacketTag.RevocationKey: + return new RevocationKey(isCritical, isLongLength, data); + } + return new SignatureSubpacket(type, isCritical, isLongLength, data); + } + + private byte[] CheckData(byte[] data, int expected, int bytesRead, string name) + { + if (bytesRead != expected) + throw new EndOfStreamException("truncated " + name + " subpacket data."); + + return Arrays.CopyOfRange(data, 0, expected); + } + } +} diff --git a/BouncyCastle/crypto/src/bcpg/SymmetricEncDataPacket.cs b/BouncyCastle/crypto/src/bcpg/SymmetricEncDataPacket.cs new file mode 100644 index 0000000..17ee55b --- /dev/null +++ b/BouncyCastle/crypto/src/bcpg/SymmetricEncDataPacket.cs @@ -0,0 +1,15 @@ +using System; + +namespace Org.BouncyCastle.Bcpg +{ + /// Basic type for a symmetric key encrypted packet. + public class SymmetricEncDataPacket + : InputStreamPacket + { + public SymmetricEncDataPacket( + BcpgInputStream bcpgIn) + : base(bcpgIn) + { + } + } +} diff --git a/BouncyCastle/crypto/src/bcpg/SymmetricEncIntegrityPacket.cs b/BouncyCastle/crypto/src/bcpg/SymmetricEncIntegrityPacket.cs new file mode 100644 index 0000000..a9b6d06 --- /dev/null +++ b/BouncyCastle/crypto/src/bcpg/SymmetricEncIntegrityPacket.cs @@ -0,0 +1,18 @@ +using System; +using System.IO; + +namespace Org.BouncyCastle.Bcpg +{ + public class SymmetricEncIntegrityPacket + : InputStreamPacket + { + internal readonly int version; + + internal SymmetricEncIntegrityPacket( + BcpgInputStream bcpgIn) + : base(bcpgIn) + { + version = bcpgIn.ReadByte(); + } + } +} diff --git a/BouncyCastle/crypto/src/bcpg/SymmetricKeyAlgorithmTags.cs b/BouncyCastle/crypto/src/bcpg/SymmetricKeyAlgorithmTags.cs new file mode 100644 index 0000000..e05a486 --- /dev/null +++ b/BouncyCastle/crypto/src/bcpg/SymmetricKeyAlgorithmTags.cs @@ -0,0 +1,23 @@ +namespace Org.BouncyCastle.Bcpg +{ + /** + * Basic tags for symmetric key algorithms + */ + public enum SymmetricKeyAlgorithmTag + { + Null = 0, // Plaintext or unencrypted data + Idea = 1, // IDEA [IDEA] + TripleDes = 2, // Triple-DES (DES-EDE, as per spec -168 bit key derived from 192) + Cast5 = 3, // Cast5 (128 bit key, as per RFC 2144) + Blowfish = 4, // Blowfish (128 bit key, 16 rounds) [Blowfish] + Safer = 5, // Safer-SK128 (13 rounds) [Safer] + Des = 6, // Reserved for DES/SK + Aes128 = 7, // Reserved for AES with 128-bit key + Aes192 = 8, // Reserved for AES with 192-bit key + Aes256 = 9, // Reserved for AES with 256-bit key + Twofish = 10, // Reserved for Twofish + Camellia128 = 11, // Reserved for AES with 128-bit key + Camellia192 = 12, // Reserved for AES with 192-bit key + Camellia256 = 13 // Reserved for AES with 256-bit key + } +} diff --git a/BouncyCastle/crypto/src/bcpg/SymmetricKeyEncSessionPacket.cs b/BouncyCastle/crypto/src/bcpg/SymmetricKeyEncSessionPacket.cs new file mode 100644 index 0000000..0381fa3 --- /dev/null +++ b/BouncyCastle/crypto/src/bcpg/SymmetricKeyEncSessionPacket.cs @@ -0,0 +1,91 @@ +using System; +using System.IO; + +namespace Org.BouncyCastle.Bcpg +{ + /** + * Basic type for a symmetric encrypted session key packet + */ + public class SymmetricKeyEncSessionPacket + : ContainedPacket + { + private int version; + private SymmetricKeyAlgorithmTag encAlgorithm; + private S2k s2k; + private readonly byte[] secKeyData; + + public SymmetricKeyEncSessionPacket( + BcpgInputStream bcpgIn) + { + version = bcpgIn.ReadByte(); + encAlgorithm = (SymmetricKeyAlgorithmTag) bcpgIn.ReadByte(); + + s2k = new S2k(bcpgIn); + + secKeyData = bcpgIn.ReadAll(); + } + + public SymmetricKeyEncSessionPacket( + SymmetricKeyAlgorithmTag encAlgorithm, + S2k s2k, + byte[] secKeyData) + { + this.version = 4; + this.encAlgorithm = encAlgorithm; + this.s2k = s2k; + this.secKeyData = secKeyData; + } + + /** + * @return int + */ + public SymmetricKeyAlgorithmTag EncAlgorithm + { + get { return encAlgorithm; } + } + + /** + * @return S2k + */ + public S2k S2k + { + get { return s2k; } + } + + /** + * @return byte[] + */ + public byte[] GetSecKeyData() + { + return secKeyData; + } + + /** + * @return int + */ + public int Version + { + get { return version; } + } + + public override void Encode( + BcpgOutputStream bcpgOut) + { + MemoryStream bOut = new MemoryStream(); + BcpgOutputStream pOut = new BcpgOutputStream(bOut); + + pOut.Write( + (byte) version, + (byte) encAlgorithm); + + pOut.WriteObject(s2k); + + if (secKeyData != null && secKeyData.Length > 0) + { + pOut.Write(secKeyData); + } + + bcpgOut.WritePacket(PacketTag.SymmetricKeyEncryptedSessionKey, bOut.ToArray(), true); + } + } +} diff --git a/BouncyCastle/crypto/src/bcpg/TrustPacket.cs b/BouncyCastle/crypto/src/bcpg/TrustPacket.cs new file mode 100644 index 0000000..6f1969c --- /dev/null +++ b/BouncyCastle/crypto/src/bcpg/TrustPacket.cs @@ -0,0 +1,43 @@ +using System; +using System.IO; + +namespace Org.BouncyCastle.Bcpg +{ + /// Basic type for a trust packet. + public class TrustPacket + : ContainedPacket + { + private readonly byte[] levelAndTrustAmount; + + public TrustPacket( + BcpgInputStream bcpgIn) + { + MemoryStream bOut = new MemoryStream(); + + int ch; + while ((ch = bcpgIn.ReadByte()) >= 0) + { + bOut.WriteByte((byte) ch); + } + + levelAndTrustAmount = bOut.ToArray(); + } + + public TrustPacket( + int trustCode) + { + this.levelAndTrustAmount = new byte[]{ (byte) trustCode }; + } + + public byte[] GetLevelAndTrustAmount() + { + return (byte[]) levelAndTrustAmount.Clone(); + } + + public override void Encode( + BcpgOutputStream bcpgOut) + { + bcpgOut.WritePacket(PacketTag.Trust, levelAndTrustAmount, true); + } + } +} diff --git a/BouncyCastle/crypto/src/bcpg/UnsupportedPacketVersionException.cs b/BouncyCastle/crypto/src/bcpg/UnsupportedPacketVersionException.cs new file mode 100644 index 0000000..447d752 --- /dev/null +++ b/BouncyCastle/crypto/src/bcpg/UnsupportedPacketVersionException.cs @@ -0,0 +1,13 @@ +using System; + +namespace Org.BouncyCastle.Bcpg +{ + public class UnsupportedPacketVersionException + : Exception + { + public UnsupportedPacketVersionException(string msg) + : base(msg) + { + } + } +} diff --git a/BouncyCastle/crypto/src/bcpg/UserAttributePacket.cs b/BouncyCastle/crypto/src/bcpg/UserAttributePacket.cs new file mode 100644 index 0000000..20e3598 --- /dev/null +++ b/BouncyCastle/crypto/src/bcpg/UserAttributePacket.cs @@ -0,0 +1,61 @@ +using System; +using System.Collections; +using System.IO; + +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Bcpg +{ + /** + * Basic type for a user attribute packet. + */ + public class UserAttributePacket + : ContainedPacket + { + private readonly UserAttributeSubpacket[] subpackets; + + public UserAttributePacket( + BcpgInputStream bcpgIn) + { + UserAttributeSubpacketsParser sIn = new UserAttributeSubpacketsParser(bcpgIn); + UserAttributeSubpacket sub; + + IList v = Platform.CreateArrayList(); + while ((sub = sIn.ReadPacket()) != null) + { + v.Add(sub); + } + + subpackets = new UserAttributeSubpacket[v.Count]; + + for (int i = 0; i != subpackets.Length; i++) + { + subpackets[i] = (UserAttributeSubpacket)v[i]; + } + } + + public UserAttributePacket( + UserAttributeSubpacket[] subpackets) + { + this.subpackets = subpackets; + } + + public UserAttributeSubpacket[] GetSubpackets() + { + return subpackets; + } + + public override void Encode( + BcpgOutputStream bcpgOut) + { + MemoryStream bOut = new MemoryStream(); + + for (int i = 0; i != subpackets.Length; i++) + { + subpackets[i].Encode(bOut); + } + + bcpgOut.WritePacket(PacketTag.UserAttribute, bOut.ToArray(), false); + } + } +} diff --git a/BouncyCastle/crypto/src/bcpg/UserAttributeSubpacket.cs b/BouncyCastle/crypto/src/bcpg/UserAttributeSubpacket.cs new file mode 100644 index 0000000..05f60ac --- /dev/null +++ b/BouncyCastle/crypto/src/bcpg/UserAttributeSubpacket.cs @@ -0,0 +1,90 @@ +using System; +using System.IO; + +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Bcpg +{ + /** + * Basic type for a user attribute sub-packet. + */ + public class UserAttributeSubpacket + { + internal readonly UserAttributeSubpacketTag type; + private readonly bool longLength; // we preserve this as not everyone encodes length properly. + protected readonly byte[] data; + + protected internal UserAttributeSubpacket(UserAttributeSubpacketTag type, byte[] data) + : this(type, false, data) + { + } + + protected internal UserAttributeSubpacket(UserAttributeSubpacketTag type, bool forceLongLength, byte[] data) + { + this.type = type; + this.longLength = forceLongLength; + this.data = data; + } + + public virtual UserAttributeSubpacketTag SubpacketType + { + get { return type; } + } + + /** + * return the generic data making up the packet. + */ + public virtual byte[] GetData() + { + return data; + } + + public virtual void Encode(Stream os) + { + int bodyLen = data.Length + 1; + + if (bodyLen < 192 && !longLength) + { + os.WriteByte((byte)bodyLen); + } + else if (bodyLen <= 8383 && !longLength) + { + bodyLen -= 192; + + os.WriteByte((byte)(((bodyLen >> 8) & 0xff) + 192)); + os.WriteByte((byte)bodyLen); + } + else + { + os.WriteByte(0xff); + os.WriteByte((byte)(bodyLen >> 24)); + os.WriteByte((byte)(bodyLen >> 16)); + os.WriteByte((byte)(bodyLen >> 8)); + os.WriteByte((byte)bodyLen); + } + + os.WriteByte((byte) type); + os.Write(data, 0, data.Length); + } + + public override bool Equals( + object obj) + { + if (obj == this) + return true; + + UserAttributeSubpacket other = obj as UserAttributeSubpacket; + + if (other == null) + return false; + + return type == other.type + && Arrays.AreEqual(data, other.data); + } + + public override int GetHashCode() + { + return type.GetHashCode() ^ Arrays.GetHashCode(data); + } + } +} diff --git a/BouncyCastle/crypto/src/bcpg/UserAttributeSubpacketTags.cs b/BouncyCastle/crypto/src/bcpg/UserAttributeSubpacketTags.cs new file mode 100644 index 0000000..7a9cd1d --- /dev/null +++ b/BouncyCastle/crypto/src/bcpg/UserAttributeSubpacketTags.cs @@ -0,0 +1,10 @@ +namespace Org.BouncyCastle.Bcpg +{ + /** + * Basic PGP user attribute sub-packet tag types. + */ + public enum UserAttributeSubpacketTag + { + ImageAttribute = 1 + } +} diff --git a/BouncyCastle/crypto/src/bcpg/UserAttributeSubpacketsReader.cs b/BouncyCastle/crypto/src/bcpg/UserAttributeSubpacketsReader.cs new file mode 100644 index 0000000..f0cc1b8 --- /dev/null +++ b/BouncyCastle/crypto/src/bcpg/UserAttributeSubpacketsReader.cs @@ -0,0 +1,65 @@ +using System; +using System.IO; +using Org.BouncyCastle.Bcpg.Attr; +using Org.BouncyCastle.Utilities.IO; + +namespace Org.BouncyCastle.Bcpg +{ + /** + * reader for user attribute sub-packets + */ + public class UserAttributeSubpacketsParser + { + private readonly Stream input; + + public UserAttributeSubpacketsParser( + Stream input) + { + this.input = input; + } + + public virtual UserAttributeSubpacket ReadPacket() + { + int l = input.ReadByte(); + if (l < 0) + return null; + + int bodyLen = 0; + bool longLength = false; + if (l < 192) + { + bodyLen = l; + } + else if (l <= 223) + { + bodyLen = ((l - 192) << 8) + (input.ReadByte()) + 192; + } + else if (l == 255) + { + bodyLen = (input.ReadByte() << 24) | (input.ReadByte() << 16) + | (input.ReadByte() << 8) | input.ReadByte(); + longLength = true; + } + else + { + throw new IOException("unrecognised length reading user attribute sub packet"); + } + + int tag = input.ReadByte(); + if (tag < 0) + throw new EndOfStreamException("unexpected EOF reading user attribute sub packet"); + + byte[] data = new byte[bodyLen - 1]; + if (Streams.ReadFully(input, data) < data.Length) + throw new EndOfStreamException(); + + UserAttributeSubpacketTag type = (UserAttributeSubpacketTag) tag; + switch (type) + { + case UserAttributeSubpacketTag.ImageAttribute: + return new ImageAttrib(longLength, data); + } + return new UserAttributeSubpacket(type, longLength, data); + } + } +} diff --git a/BouncyCastle/crypto/src/bcpg/UserIdPacket.cs b/BouncyCastle/crypto/src/bcpg/UserIdPacket.cs new file mode 100644 index 0000000..a175e74 --- /dev/null +++ b/BouncyCastle/crypto/src/bcpg/UserIdPacket.cs @@ -0,0 +1,37 @@ +using System; +using System.Text; + +namespace Org.BouncyCastle.Bcpg +{ + /** + * Basic type for a user ID packet. + */ + public class UserIdPacket + : ContainedPacket + { + private readonly byte[] idData; + + public UserIdPacket( + BcpgInputStream bcpgIn) + { + this.idData = bcpgIn.ReadAll(); + } + + public UserIdPacket( + string id) + { + this.idData = Encoding.UTF8.GetBytes(id); + } + + public string GetId() + { + return Encoding.UTF8.GetString(idData, 0, idData.Length); + } + + public override void Encode( + BcpgOutputStream bcpgOut) + { + bcpgOut.WritePacket(PacketTag.UserId, idData, true); + } + } +} diff --git a/BouncyCastle/crypto/src/bcpg/attr/ImageAttrib.cs b/BouncyCastle/crypto/src/bcpg/attr/ImageAttrib.cs new file mode 100644 index 0000000..2d0fef8 --- /dev/null +++ b/BouncyCastle/crypto/src/bcpg/attr/ImageAttrib.cs @@ -0,0 +1,72 @@ +using System; +using System.IO; + +namespace Org.BouncyCastle.Bcpg.Attr +{ + /// Basic type for a image attribute packet. + public class ImageAttrib + : UserAttributeSubpacket + { + public enum Format : byte + { + Jpeg = 1 + } + + private static readonly byte[] Zeroes = new byte[12]; + + private int hdrLength; + private int _version; + private int _encoding; + private byte[] imageData; + + public ImageAttrib(byte[] data) + : this(false, data) + { + } + + public ImageAttrib(bool forceLongLength, byte[] data) + : base(UserAttributeSubpacketTag.ImageAttribute, forceLongLength, data) + { + hdrLength = ((data[1] & 0xff) << 8) | (data[0] & 0xff); + _version = data[2] & 0xff; + _encoding = data[3] & 0xff; + + imageData = new byte[data.Length - hdrLength]; + Array.Copy(data, hdrLength, imageData, 0, imageData.Length); + } + + public ImageAttrib( + Format imageType, + byte[] imageData) + : this(ToByteArray(imageType, imageData)) + { + } + + private static byte[] ToByteArray( + Format imageType, + byte[] imageData) + { + MemoryStream bOut = new MemoryStream(); + bOut.WriteByte(0x10); bOut.WriteByte(0x00); bOut.WriteByte(0x01); + bOut.WriteByte((byte) imageType); + bOut.Write(Zeroes, 0, Zeroes.Length); + bOut.Write(imageData, 0, imageData.Length); + return bOut.ToArray(); + } + + public virtual int Version + { + get { return _version; } + } + + public virtual int Encoding + { + get { return _encoding; } + } + + public virtual byte[] GetImageData() + { + return imageData; + } + } +} diff --git a/BouncyCastle/crypto/src/bcpg/sig/EmbeddedSignature.cs b/BouncyCastle/crypto/src/bcpg/sig/EmbeddedSignature.cs new file mode 100644 index 0000000..fffdaef --- /dev/null +++ b/BouncyCastle/crypto/src/bcpg/sig/EmbeddedSignature.cs @@ -0,0 +1,19 @@ +using System; + +namespace Org.BouncyCastle.Bcpg.Sig +{ + /** + * Packet embedded signature + */ + public class EmbeddedSignature + : SignatureSubpacket + { + public EmbeddedSignature( + bool critical, + bool isLongLength, + byte[] data) + : base(SignatureSubpacketTag.EmbeddedSignature, critical, isLongLength, data) + { + } + } +} diff --git a/BouncyCastle/crypto/src/bcpg/sig/Exportable.cs b/BouncyCastle/crypto/src/bcpg/sig/Exportable.cs new file mode 100644 index 0000000..4d03034 --- /dev/null +++ b/BouncyCastle/crypto/src/bcpg/sig/Exportable.cs @@ -0,0 +1,46 @@ +using System; + +namespace Org.BouncyCastle.Bcpg.Sig +{ + /** + * packet giving signature creation time. + */ + public class Exportable + : SignatureSubpacket + { + private static byte[] BooleanToByteArray(bool val) + { + byte[] data = new byte[1]; + + if (val) + { + data[0] = 1; + return data; + } + else + { + return data; + } + } + + public Exportable( + bool critical, + bool isLongLength, + byte[] data) + : base(SignatureSubpacketTag.Exportable, critical, isLongLength, data) + { + } + + public Exportable( + bool critical, + bool isExportable) + : base(SignatureSubpacketTag.Exportable, critical, false, BooleanToByteArray(isExportable)) + { + } + + public bool IsExportable() + { + return data[0] != 0; + } + } +} diff --git a/BouncyCastle/crypto/src/bcpg/sig/Features.cs b/BouncyCastle/crypto/src/bcpg/sig/Features.cs new file mode 100644 index 0000000..135d7f5 --- /dev/null +++ b/BouncyCastle/crypto/src/bcpg/sig/Features.cs @@ -0,0 +1,65 @@ +using System; + +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Bcpg.Sig +{ + /** + * packet giving signature expiration time. + */ + public class Features + : SignatureSubpacket + { + /** Identifier for the Modification Detection (packets 18 and 19) */ + public static readonly byte FEATURE_MODIFICATION_DETECTION = 0x01; + /** Identifier for the AEAD Encrypted Data Packet (packet 20) and version 5 + Symmetric-Key Encrypted Session Key Packets (packet 3) */ + public static readonly byte FEATURE_AEAD_ENCRYPTED_DATA = 0x02; + /** Identifier for the Version 5 Public-Key Packet format and corresponding new + fingerprint format */ + public static readonly byte FEATURE_VERSION_5_PUBLIC_KEY = 0x04; + + private static byte[] featureToByteArray(byte feature) + { + byte[] data = new byte[1]; + data[0] = feature; + return data; + } + + public Features( + bool critical, + bool isLongLength, + byte[] data): base(SignatureSubpacketTag.Features, critical, isLongLength, data) + { + + } + + + public Features(bool critical, byte features): this(critical, false, featureToByteArray(features)) + { + + } + + + public Features(bool critical, int features): this(critical, false, featureToByteArray((byte)features)) + { + + } + + /** + * Returns if modification detection is supported. + */ + public bool SupportsModificationDetection + { + get { return SupportsFeature(FEATURE_MODIFICATION_DETECTION); } + } + + /** + * Returns if a particular feature is supported. + */ + public bool SupportsFeature(byte feature) + { + return (data[0] & feature) != 0; + } + } +} diff --git a/BouncyCastle/crypto/src/bcpg/sig/IssuerKeyId.cs b/BouncyCastle/crypto/src/bcpg/sig/IssuerKeyId.cs new file mode 100644 index 0000000..627ea3e --- /dev/null +++ b/BouncyCastle/crypto/src/bcpg/sig/IssuerKeyId.cs @@ -0,0 +1,62 @@ +using System; + + + +namespace Org.BouncyCastle.Bcpg.Sig +{ + /** + * packet giving signature creation time. + */ + public class IssuerKeyId + : SignatureSubpacket + { + protected static byte[] KeyIdToBytes( + long keyId) + { + byte[] data = new byte[8]; + + data[0] = (byte)(keyId >> 56); + data[1] = (byte)(keyId >> 48); + data[2] = (byte)(keyId >> 40); + data[3] = (byte)(keyId >> 32); + data[4] = (byte)(keyId >> 24); + data[5] = (byte)(keyId >> 16); + data[6] = (byte)(keyId >> 8); + data[7] = (byte)keyId; + + return data; + } + + public IssuerKeyId( + bool critical, + bool isLongLength, + byte[] data) + : base(SignatureSubpacketTag.IssuerKeyId, critical, isLongLength, data) + { + } + + public IssuerKeyId( + bool critical, + long keyId) + : base(SignatureSubpacketTag.IssuerKeyId, critical, false, KeyIdToBytes(keyId)) + { + } + + public long KeyId + { + get + { + long keyId = ((long)(data[0] & 0xff) << 56) + | ((long)(data[1] & 0xff) << 48) + | ((long)(data[2] & 0xff) << 40) + | ((long)(data[3] & 0xff) << 32) + | ((long)(data[4] & 0xff) << 24) + | ((long)(data[5] & 0xff) << 16) + | ((long)(data[6] & 0xff) << 8) + | ((long)data[7] & 0xff); + + return keyId; + } + } + } +} diff --git a/BouncyCastle/crypto/src/bcpg/sig/KeyExpirationTime.cs b/BouncyCastle/crypto/src/bcpg/sig/KeyExpirationTime.cs new file mode 100644 index 0000000..dfd3e76 --- /dev/null +++ b/BouncyCastle/crypto/src/bcpg/sig/KeyExpirationTime.cs @@ -0,0 +1,55 @@ +using System; + +namespace Org.BouncyCastle.Bcpg.Sig +{ + /** + * packet giving time after creation at which the key expires. + */ + public class KeyExpirationTime + : SignatureSubpacket + { + protected static byte[] TimeToBytes( + long t) + { + byte[] data = new byte[4]; + + data[0] = (byte)(t >> 24); + data[1] = (byte)(t >> 16); + data[2] = (byte)(t >> 8); + data[3] = (byte)t; + + return data; + } + + public KeyExpirationTime( + bool critical, + bool isLongLength, + byte[] data) + : base(SignatureSubpacketTag.KeyExpireTime, critical, isLongLength, data) + { + } + + public KeyExpirationTime( + bool critical, + long seconds) + : base(SignatureSubpacketTag.KeyExpireTime, critical, false, TimeToBytes(seconds)) + { + } + + /** + * Return the number of seconds after creation time a key is valid for. + * + * @return second count for key validity. + */ + public long Time + { + get + { + long time = ((long)(data[0] & 0xff) << 24) | ((long)(data[1] & 0xff) << 16) + | ((long)(data[2] & 0xff) << 8) | ((long)data[3] & 0xff); + + return time; + } + } + } +} diff --git a/BouncyCastle/crypto/src/bcpg/sig/KeyFlags.cs b/BouncyCastle/crypto/src/bcpg/sig/KeyFlags.cs new file mode 100644 index 0000000..5b5d85a --- /dev/null +++ b/BouncyCastle/crypto/src/bcpg/sig/KeyFlags.cs @@ -0,0 +1,75 @@ +using System; + +using Org.BouncyCastle.Math; + +namespace Org.BouncyCastle.Bcpg.Sig +{ + /** + * Packet holding the key flag values. + */ + public class KeyFlags + : SignatureSubpacket + { + public const int CertifyOther = 0x01; + public const int SignData = 0x02; + public const int EncryptComms = 0x04; + public const int EncryptStorage = 0x08; + public const int Split = 0x10; + public const int Authentication = 0x20; + public const int Shared = 0x80; + + private static byte[] IntToByteArray( + int v) + { + byte[] tmp = new byte[4]; + int size = 0; + + for (int i = 0; i != 4; i++) + { + tmp[i] = (byte)(v >> (i * 8)); + if (tmp[i] != 0) + { + size = i; + } + } + + byte[] data = new byte[size + 1]; + Array.Copy(tmp, 0, data, 0, data.Length); + return data; + } + + public KeyFlags( + bool critical, + bool isLongLength, + byte[] data) + : base(SignatureSubpacketTag.KeyFlags, critical, isLongLength, data) + { + } + + public KeyFlags( + bool critical, + int flags) + : base(SignatureSubpacketTag.KeyFlags, critical, false, IntToByteArray(flags)) + { + } + + /// + /// Return the flag values contained in the first 4 octets (note: at the moment + /// the standard only uses the first one). + /// + public int Flags + { + get + { + int flags = 0; + + for (int i = 0; i != data.Length; i++) + { + flags |= (data[i] & 0xff) << (i * 8); + } + + return flags; + } + } + } +} diff --git a/BouncyCastle/crypto/src/bcpg/sig/NotationData.cs b/BouncyCastle/crypto/src/bcpg/sig/NotationData.cs new file mode 100644 index 0000000..9ac6f89 --- /dev/null +++ b/BouncyCastle/crypto/src/bcpg/sig/NotationData.cs @@ -0,0 +1,113 @@ +using System; +using System.IO; +using System.Text; + +namespace Org.BouncyCastle.Bcpg.Sig +{ + /** + * Class provided a NotationData object according to + * RFC2440, Chapter 5.2.3.15. Notation Data + */ + public class NotationData + : SignatureSubpacket + { + public const int HeaderFlagLength = 4; + public const int HeaderNameLength = 2; + public const int HeaderValueLength = 2; + + public NotationData( + bool critical, + bool isLongLength, + byte[] data) + : base(SignatureSubpacketTag.NotationData, critical, isLongLength, data) + { + } + + public NotationData( + bool critical, + bool humanReadable, + string notationName, + string notationValue) + : base(SignatureSubpacketTag.NotationData, critical, false, + CreateData(humanReadable, notationName, notationValue)) + { + } + + private static byte[] CreateData( + bool humanReadable, + string notationName, + string notationValue) + { + MemoryStream os = new MemoryStream(); + + // (4 octets of flags, 2 octets of name length (M), + // 2 octets of value length (N), + // M octets of name data, + // N octets of value data) + + // flags + os.WriteByte(humanReadable ? (byte)0x80 : (byte)0x00); + os.WriteByte(0x0); + os.WriteByte(0x0); + os.WriteByte(0x0); + + byte[] nameData, valueData = null; + int nameLength, valueLength; + + nameData = Encoding.UTF8.GetBytes(notationName); + nameLength = System.Math.Min(nameData.Length, 0xFF); + + valueData = Encoding.UTF8.GetBytes(notationValue); + valueLength = System.Math.Min(valueData.Length, 0xFF); + + // name length + os.WriteByte((byte)(nameLength >> 8)); + os.WriteByte((byte)(nameLength >> 0)); + + // value length + os.WriteByte((byte)(valueLength >> 8)); + os.WriteByte((byte)(valueLength >> 0)); + + // name + os.Write(nameData, 0, nameLength); + + // value + os.Write(valueData, 0, valueLength); + + return os.ToArray(); + } + + public bool IsHumanReadable + { + get { return data[0] == (byte)0x80; } + } + + public string GetNotationName() + { + int nameLength = ((data[HeaderFlagLength] << 8) + (data[HeaderFlagLength + 1] << 0)); + int namePos = HeaderFlagLength + HeaderNameLength + HeaderValueLength; + + return Encoding.UTF8.GetString(data, namePos, nameLength); + } + + public string GetNotationValue() + { + int nameLength = ((data[HeaderFlagLength] << 8) + (data[HeaderFlagLength + 1] << 0)); + int valueLength = ((data[HeaderFlagLength + HeaderNameLength] << 8) + (data[HeaderFlagLength + HeaderNameLength + 1] << 0)); + int valuePos = HeaderFlagLength + HeaderNameLength + HeaderValueLength + nameLength; + + return Encoding.UTF8.GetString(data, valuePos, valueLength); + } + + public byte[] GetNotationValueBytes() + { + int nameLength = ((data[HeaderFlagLength] << 8) + (data[HeaderFlagLength + 1] << 0)); + int valueLength = ((data[HeaderFlagLength + HeaderNameLength] << 8) + (data[HeaderFlagLength + HeaderNameLength + 1] << 0)); + int valuePos = HeaderFlagLength + HeaderNameLength + HeaderValueLength + nameLength; + + byte[] bytes = new byte[valueLength]; + Array.Copy(data, valuePos, bytes, 0, valueLength); + return bytes; + } + } +} diff --git a/BouncyCastle/crypto/src/bcpg/sig/PreferredAlgorithms.cs b/BouncyCastle/crypto/src/bcpg/sig/PreferredAlgorithms.cs new file mode 100644 index 0000000..9514bed --- /dev/null +++ b/BouncyCastle/crypto/src/bcpg/sig/PreferredAlgorithms.cs @@ -0,0 +1,53 @@ +using System; + +namespace Org.BouncyCastle.Bcpg.Sig +{ + /** + * packet giving signature creation time. + */ + public class PreferredAlgorithms + : SignatureSubpacket + { + private static byte[] IntToByteArray( + int[] v) + { + byte[] data = new byte[v.Length]; + + for (int i = 0; i != v.Length; i++) + { + data[i] = (byte)v[i]; + } + + return data; + } + + public PreferredAlgorithms( + SignatureSubpacketTag type, + bool critical, + bool isLongLength, + byte[] data) + : base(type, critical, isLongLength, data) + { + } + + public PreferredAlgorithms( + SignatureSubpacketTag type, + bool critical, + int[] preferences) + : base(type, critical, false, IntToByteArray(preferences)) + { + } + + public int[] GetPreferences() + { + int[] v = new int[data.Length]; + + for (int i = 0; i != v.Length; i++) + { + v[i] = data[i] & 0xff; + } + + return v; + } + } +} diff --git a/BouncyCastle/crypto/src/bcpg/sig/PrimaryUserId.cs b/BouncyCastle/crypto/src/bcpg/sig/PrimaryUserId.cs new file mode 100644 index 0000000..1f16f40 --- /dev/null +++ b/BouncyCastle/crypto/src/bcpg/sig/PrimaryUserId.cs @@ -0,0 +1,47 @@ +using System; + +namespace Org.BouncyCastle.Bcpg.Sig +{ + /** + * packet giving whether or not the signature is signed using the primary user ID for the key. + */ + public class PrimaryUserId + : SignatureSubpacket + { + private static byte[] BooleanToByteArray( + bool val) + { + byte[] data = new byte[1]; + + if (val) + { + data[0] = 1; + return data; + } + else + { + return data; + } + } + + public PrimaryUserId( + bool critical, + bool isLongLength, + byte[] data) + : base(SignatureSubpacketTag.PrimaryUserId, critical, isLongLength, data) + { + } + + public PrimaryUserId( + bool critical, + bool isPrimaryUserId) + : base(SignatureSubpacketTag.PrimaryUserId, critical, false, BooleanToByteArray(isPrimaryUserId)) + { + } + + public bool IsPrimaryUserId() + { + return data[0] != 0; + } + } +} diff --git a/BouncyCastle/crypto/src/bcpg/sig/Revocable.cs b/BouncyCastle/crypto/src/bcpg/sig/Revocable.cs new file mode 100644 index 0000000..7aa9139 --- /dev/null +++ b/BouncyCastle/crypto/src/bcpg/sig/Revocable.cs @@ -0,0 +1,47 @@ +using System; + +namespace Org.BouncyCastle.Bcpg.Sig +{ + /** + * packet giving whether or not is revocable. + */ + public class Revocable + : SignatureSubpacket + { + private static byte[] BooleanToByteArray( + bool value) + { + byte[] data = new byte[1]; + + if (value) + { + data[0] = 1; + return data; + } + else + { + return data; + } + } + + public Revocable( + bool critical, + bool isLongLength, + byte[] data) + : base(SignatureSubpacketTag.Revocable, critical, isLongLength, data) + { + } + + public Revocable( + bool critical, + bool isRevocable) + : base(SignatureSubpacketTag.Revocable, critical, false, BooleanToByteArray(isRevocable)) + { + } + + public bool IsRevocable() + { + return data[0] != 0; + } + } +} diff --git a/BouncyCastle/crypto/src/bcpg/sig/RevocationKey.cs b/BouncyCastle/crypto/src/bcpg/sig/RevocationKey.cs new file mode 100644 index 0000000..11467d2 --- /dev/null +++ b/BouncyCastle/crypto/src/bcpg/sig/RevocationKey.cs @@ -0,0 +1,63 @@ +using System; +using System.Text; + +namespace Org.BouncyCastle.Bcpg +{ + /// + /// Represents revocation key OpenPGP signature sub packet. + /// + public class RevocationKey + : SignatureSubpacket + { + // 1 octet of class, + // 1 octet of public-key algorithm ID, + // 20 octets of fingerprint + public RevocationKey( + bool isCritical, + bool isLongLength, + byte[] data) + : base(SignatureSubpacketTag.RevocationKey, isCritical, isLongLength, data) + { + } + + public RevocationKey( + bool isCritical, + RevocationKeyTag signatureClass, + PublicKeyAlgorithmTag keyAlgorithm, + byte[] fingerprint) + : base(SignatureSubpacketTag.RevocationKey, isCritical, false, + CreateData(signatureClass, keyAlgorithm, fingerprint)) + { + } + + private static byte[] CreateData( + RevocationKeyTag signatureClass, + PublicKeyAlgorithmTag keyAlgorithm, + byte[] fingerprint) + { + byte[] data = new byte[2 + fingerprint.Length]; + data[0] = (byte)signatureClass; + data[1] = (byte)keyAlgorithm; + Array.Copy(fingerprint, 0, data, 2, fingerprint.Length); + return data; + } + + public virtual RevocationKeyTag SignatureClass + { + get { return (RevocationKeyTag)this.GetData()[0]; } + } + + public virtual PublicKeyAlgorithmTag Algorithm + { + get { return (PublicKeyAlgorithmTag)this.GetData()[1]; } + } + + public virtual byte[] GetFingerprint() + { + byte[] data = this.GetData(); + byte[] fingerprint = new byte[data.Length - 2]; + Array.Copy(data, 2, fingerprint, 0, fingerprint.Length); + return fingerprint; + } + } +} diff --git a/BouncyCastle/crypto/src/bcpg/sig/RevocationKeyTags.cs b/BouncyCastle/crypto/src/bcpg/sig/RevocationKeyTags.cs new file mode 100644 index 0000000..d76d1dc --- /dev/null +++ b/BouncyCastle/crypto/src/bcpg/sig/RevocationKeyTags.cs @@ -0,0 +1,9 @@ +namespace Org.BouncyCastle.Bcpg +{ + public enum RevocationKeyTag + : byte + { + ClassDefault = 0x80, + ClassSensitive = 0x40 + } +} diff --git a/BouncyCastle/crypto/src/bcpg/sig/RevocationReason.cs b/BouncyCastle/crypto/src/bcpg/sig/RevocationReason.cs new file mode 100644 index 0000000..42afd5f --- /dev/null +++ b/BouncyCastle/crypto/src/bcpg/sig/RevocationReason.cs @@ -0,0 +1,59 @@ +using System; +using System.Text; + +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Bcpg +{ + /// + /// Represents revocation reason OpenPGP signature sub packet. + /// + public class RevocationReason + : SignatureSubpacket + { + public RevocationReason(bool isCritical, bool isLongLength, byte[] data) + : base(SignatureSubpacketTag.RevocationReason, isCritical, isLongLength, data) + { + } + + public RevocationReason( + bool isCritical, + RevocationReasonTag reason, + string description) + : base(SignatureSubpacketTag.RevocationReason, isCritical, false, CreateData(reason, description)) + { + } + + private static byte[] CreateData( + RevocationReasonTag reason, + string description) + { + byte[] descriptionBytes = Strings.ToUtf8ByteArray(description); + byte[] data = new byte[1 + descriptionBytes.Length]; + + data[0] = (byte)reason; + Array.Copy(descriptionBytes, 0, data, 1, descriptionBytes.Length); + + return data; + } + + public virtual RevocationReasonTag GetRevocationReason() + { + return (RevocationReasonTag)GetData()[0]; + } + + public virtual string GetRevocationDescription() + { + byte[] data = GetData(); + if (data.Length == 1) + { + return string.Empty; + } + + byte[] description = new byte[data.Length - 1]; + Array.Copy(data, 1, description, 0, description.Length); + + return Strings.FromUtf8ByteArray(description); + } + } +} diff --git a/BouncyCastle/crypto/src/bcpg/sig/RevocationReasonTags.cs b/BouncyCastle/crypto/src/bcpg/sig/RevocationReasonTags.cs new file mode 100644 index 0000000..524a58c --- /dev/null +++ b/BouncyCastle/crypto/src/bcpg/sig/RevocationReasonTags.cs @@ -0,0 +1,14 @@ +namespace Org.BouncyCastle.Bcpg +{ + public enum RevocationReasonTag + : byte + { + NoReason = 0, // No reason specified (key revocations or cert revocations) + KeySuperseded = 1, // Key is superseded (key revocations) + KeyCompromised = 2, // Key material has been compromised (key revocations) + KeyRetired = 3, // Key is retired and no longer used (key revocations) + UserNoLongerValid = 32, // User ID information is no longer valid (cert revocations) + + // 100-110 - Private Use + } +} diff --git a/BouncyCastle/crypto/src/bcpg/sig/SignatureCreationTime.cs b/BouncyCastle/crypto/src/bcpg/sig/SignatureCreationTime.cs new file mode 100644 index 0000000..d172e5d --- /dev/null +++ b/BouncyCastle/crypto/src/bcpg/sig/SignatureCreationTime.cs @@ -0,0 +1,51 @@ +using System; + +using Org.BouncyCastle.Utilities.Date; + +namespace Org.BouncyCastle.Bcpg.Sig +{ + /** + * packet giving signature creation time. + */ + public class SignatureCreationTime + : SignatureSubpacket + { + protected static byte[] TimeToBytes( + DateTime time) + { + long t = DateTimeUtilities.DateTimeToUnixMs(time) / 1000L; + byte[] data = new byte[4]; + data[0] = (byte)(t >> 24); + data[1] = (byte)(t >> 16); + data[2] = (byte)(t >> 8); + data[3] = (byte)t; + return data; + } + + public SignatureCreationTime( + bool critical, + bool isLongLength, + byte[] data) + : base(SignatureSubpacketTag.CreationTime, critical, isLongLength, data) + { + } + + public SignatureCreationTime( + bool critical, + DateTime date) + : base(SignatureSubpacketTag.CreationTime, critical, false, TimeToBytes(date)) + { + } + + public DateTime GetTime() + { + long time = (long)( + ((uint)data[0] << 24) + | ((uint)data[1] << 16) + | ((uint)data[2] << 8) + | ((uint)data[3]) + ); + return DateTimeUtilities.UnixMsToDateTime(time * 1000L); + } + } +} diff --git a/BouncyCastle/crypto/src/bcpg/sig/SignatureExpirationTime.cs b/BouncyCastle/crypto/src/bcpg/sig/SignatureExpirationTime.cs new file mode 100644 index 0000000..24f0a9f --- /dev/null +++ b/BouncyCastle/crypto/src/bcpg/sig/SignatureExpirationTime.cs @@ -0,0 +1,51 @@ +using System; + +namespace Org.BouncyCastle.Bcpg.Sig +{ + /** + * packet giving signature expiration time. + */ + public class SignatureExpirationTime + : SignatureSubpacket + { + protected static byte[] TimeToBytes( + long t) + { + byte[] data = new byte[4]; + data[0] = (byte)(t >> 24); + data[1] = (byte)(t >> 16); + data[2] = (byte)(t >> 8); + data[3] = (byte)t; + return data; + } + + public SignatureExpirationTime( + bool critical, + bool isLongLength, + byte[] data) + : base(SignatureSubpacketTag.ExpireTime, critical, isLongLength, data) + { + } + + public SignatureExpirationTime( + bool critical, + long seconds) + : base(SignatureSubpacketTag.ExpireTime, critical, false, TimeToBytes(seconds)) + { + } + + /** + * return time in seconds before signature expires after creation time. + */ + public long Time + { + get + { + long time = ((long)(data[0] & 0xff) << 24) | ((long)(data[1] & 0xff) << 16) + | ((long)(data[2] & 0xff) << 8) | ((long)data[3] & 0xff); + + return time; + } + } + } +} diff --git a/BouncyCastle/crypto/src/bcpg/sig/SignerUserId.cs b/BouncyCastle/crypto/src/bcpg/sig/SignerUserId.cs new file mode 100644 index 0000000..8ab62ed --- /dev/null +++ b/BouncyCastle/crypto/src/bcpg/sig/SignerUserId.cs @@ -0,0 +1,53 @@ +using System; + + + +namespace Org.BouncyCastle.Bcpg.Sig +{ + /** + * packet giving the User ID of the signer. + */ + public class SignerUserId + : SignatureSubpacket + { + private static byte[] UserIdToBytes( + string id) + { + byte[] idData = new byte[id.Length]; + + for (int i = 0; i != id.Length; i++) + { + idData[i] = (byte)id[i]; + } + + return idData; + } + + public SignerUserId( + bool critical, + bool isLongLength, + byte[] data) + : base(SignatureSubpacketTag.SignerUserId, critical, isLongLength, data) + { + } + + public SignerUserId( + bool critical, + string userId) + : base(SignatureSubpacketTag.SignerUserId, critical, false, UserIdToBytes(userId)) + { + } + + public string GetId() + { + char[] chars = new char[data.Length]; + + for (int i = 0; i != chars.Length; i++) + { + chars[i] = (char)(data[i] & 0xff); + } + + return new string(chars); + } + } +} diff --git a/BouncyCastle/crypto/src/bcpg/sig/TrustSignature.cs b/BouncyCastle/crypto/src/bcpg/sig/TrustSignature.cs new file mode 100644 index 0000000..9145882 --- /dev/null +++ b/BouncyCastle/crypto/src/bcpg/sig/TrustSignature.cs @@ -0,0 +1,44 @@ +using System; + +namespace Org.BouncyCastle.Bcpg.Sig +{ + /** + * packet giving trust. + */ + public class TrustSignature + : SignatureSubpacket + { + private static byte[] IntToByteArray( + int v1, + int v2) + { + return new byte[]{ (byte)v1, (byte)v2 }; + } + + public TrustSignature( + bool critical, + bool isLongLength, + byte[] data) + : base(SignatureSubpacketTag.TrustSig, critical, isLongLength, data) + { + } + + public TrustSignature( + bool critical, + int depth, + int trustAmount) + : base(SignatureSubpacketTag.TrustSig, critical, false, IntToByteArray(depth, trustAmount)) + { + } + + public int Depth + { + get { return data[0] & 0xff; } + } + + public int TrustAmount + { + get { return data[1] & 0xff; } + } + } +} diff --git a/BouncyCastle/crypto/src/cmp/CertificateConfirmationContent.cs b/BouncyCastle/crypto/src/cmp/CertificateConfirmationContent.cs new file mode 100644 index 0000000..ad46ca0 --- /dev/null +++ b/BouncyCastle/crypto/src/cmp/CertificateConfirmationContent.cs @@ -0,0 +1,42 @@ +using System; + +using Org.BouncyCastle.Asn1.Cmp; +using Org.BouncyCastle.Cms; + +namespace Org.BouncyCastle.Cmp +{ + public class CertificateConfirmationContent + { + private readonly DefaultDigestAlgorithmIdentifierFinder digestAlgFinder; + private readonly CertConfirmContent content; + + public CertificateConfirmationContent(CertConfirmContent content) + { + this.content = content; + } + + public CertificateConfirmationContent(CertConfirmContent content, + DefaultDigestAlgorithmIdentifierFinder digestAlgFinder) + { + this.content = content; + this.digestAlgFinder = digestAlgFinder; + } + + public CertConfirmContent ToAsn1Structure() + { + return content; + } + + public CertificateStatus[] GetStatusMessages() + { + CertStatus[] statusArray = content.ToCertStatusArray(); + CertificateStatus[] ret = new CertificateStatus[statusArray.Length]; + for (int i = 0; i != ret.Length; i++) + { + ret[i] = new CertificateStatus(digestAlgFinder, statusArray[i]); + } + + return ret; + } + } +} diff --git a/BouncyCastle/crypto/src/cmp/CertificateConfirmationContentBuilder.cs b/BouncyCastle/crypto/src/cmp/CertificateConfirmationContentBuilder.cs new file mode 100644 index 0000000..611fa44 --- /dev/null +++ b/BouncyCastle/crypto/src/cmp/CertificateConfirmationContentBuilder.cs @@ -0,0 +1,66 @@ +using System; +using System.Collections; + +using Org.BouncyCastle.Asn1; +using Org.BouncyCastle.Asn1.Cmp; +using Org.BouncyCastle.Asn1.X509; +using Org.BouncyCastle.Cms; +using Org.BouncyCastle.Crypto.IO; +using Org.BouncyCastle.Math; +using Org.BouncyCastle.Security; +using Org.BouncyCastle.Utilities; +using Org.BouncyCastle.X509; + +namespace Org.BouncyCastle.Cmp +{ + public class CertificateConfirmationContentBuilder + { + private static readonly DefaultSignatureAlgorithmIdentifierFinder sigAlgFinder = new DefaultSignatureAlgorithmIdentifierFinder(); + + private readonly DefaultDigestAlgorithmIdentifierFinder digestAlgFinder; + private readonly IList acceptedCerts = Platform.CreateArrayList(); + private readonly IList acceptedReqIds = Platform.CreateArrayList(); + + public CertificateConfirmationContentBuilder() + : this(new DefaultDigestAlgorithmIdentifierFinder()) + { + } + + public CertificateConfirmationContentBuilder(DefaultDigestAlgorithmIdentifierFinder digestAlgFinder) + { + this.digestAlgFinder = digestAlgFinder; + } + + public CertificateConfirmationContentBuilder AddAcceptedCertificate(X509Certificate certHolder, + BigInteger certReqId) + { + acceptedCerts.Add(certHolder); + acceptedReqIds.Add(certReqId); + return this; + } + + public CertificateConfirmationContent Build() + { + Asn1EncodableVector v = new Asn1EncodableVector(); + for (int i = 0; i != acceptedCerts.Count; i++) + { + X509Certificate cert = (X509Certificate)acceptedCerts[i]; + BigInteger reqId = (BigInteger)acceptedReqIds[i]; + + + AlgorithmIdentifier algorithmIdentifier = sigAlgFinder.Find(cert.SigAlgName); + + AlgorithmIdentifier digAlg = digestAlgFinder.find(algorithmIdentifier); + if (null == digAlg) + throw new CmpException("cannot find algorithm for digest from signature"); + + byte[] digest = DigestUtilities.CalculateDigest(digAlg.Algorithm, cert.GetEncoded()); + + v.Add(new CertStatus(digest, reqId)); + } + + return new CertificateConfirmationContent(CertConfirmContent.GetInstance(new DerSequence(v)), + digestAlgFinder); + } + } +} diff --git a/BouncyCastle/crypto/src/cmp/CertificateStatus.cs b/BouncyCastle/crypto/src/cmp/CertificateStatus.cs new file mode 100644 index 0000000..0f1d9af --- /dev/null +++ b/BouncyCastle/crypto/src/cmp/CertificateStatus.cs @@ -0,0 +1,48 @@ +using System; + +using Org.BouncyCastle.Asn1.Cmp; +using Org.BouncyCastle.Asn1.X509; +using Org.BouncyCastle.Cms; +using Org.BouncyCastle.Crypto.IO; +using Org.BouncyCastle.Math; +using Org.BouncyCastle.Security; +using Org.BouncyCastle.Utilities; +using Org.BouncyCastle.X509; + +namespace Org.BouncyCastle.Cmp +{ + public class CertificateStatus + { + private static readonly DefaultSignatureAlgorithmIdentifierFinder sigAlgFinder = new DefaultSignatureAlgorithmIdentifierFinder(); + + private readonly DefaultDigestAlgorithmIdentifierFinder digestAlgFinder; + private readonly CertStatus certStatus; + + public CertificateStatus(DefaultDigestAlgorithmIdentifierFinder digestAlgFinder, CertStatus certStatus) + { + this.digestAlgFinder = digestAlgFinder; + this.certStatus = certStatus; + } + + public PkiStatusInfo PkiStatusInfo + { + get { return certStatus.StatusInfo; } + } + + public BigInteger CertRequestId + { + get { return certStatus.CertReqID.Value; } + } + + public bool IsVerified(X509Certificate cert) + { + AlgorithmIdentifier digAlg = digestAlgFinder.find(sigAlgFinder.Find(cert.SigAlgName)); + if (null == digAlg) + throw new CmpException("cannot find algorithm for digest from signature " + cert.SigAlgName); + + byte[] digest = DigestUtilities.CalculateDigest(digAlg.Algorithm, cert.GetEncoded()); + + return Arrays.ConstantTimeAreEqual(certStatus.CertHash.GetOctets(), digest); + } + } +} diff --git a/BouncyCastle/crypto/src/cmp/CmpException.cs b/BouncyCastle/crypto/src/cmp/CmpException.cs new file mode 100644 index 0000000..6594e8f --- /dev/null +++ b/BouncyCastle/crypto/src/cmp/CmpException.cs @@ -0,0 +1,22 @@ +using System; + +namespace Org.BouncyCastle.Cmp +{ + public class CmpException + : Exception + { + public CmpException() + { + } + + public CmpException(string message) + : base(message) + { + } + + public CmpException(string message, Exception innerException) + : base(message, innerException) + { + } + } +} diff --git a/BouncyCastle/crypto/src/cmp/GeneralPkiMessage.cs b/BouncyCastle/crypto/src/cmp/GeneralPkiMessage.cs new file mode 100644 index 0000000..9b12ee7 --- /dev/null +++ b/BouncyCastle/crypto/src/cmp/GeneralPkiMessage.cs @@ -0,0 +1,59 @@ +using System; + +using Org.BouncyCastle.Asn1; +using Org.BouncyCastle.Asn1.Cmp; + +namespace Org.BouncyCastle.Cmp +{ + public class GeneralPkiMessage + { + private readonly PkiMessage pkiMessage; + + private static PkiMessage ParseBytes(byte[] encoding) + { + return PkiMessage.GetInstance(Asn1Object.FromByteArray(encoding)); + } + + /// + /// Wrap a PKIMessage ASN.1 structure. + /// + /// PKI message. + public GeneralPkiMessage(PkiMessage pkiMessage) + { + this.pkiMessage = pkiMessage; + } + + /// + /// Create a PKIMessage from the passed in bytes. + /// + /// BER/DER encoding of the PKIMessage + public GeneralPkiMessage(byte[] encoding) + : this(ParseBytes(encoding)) + { + } + + public PkiHeader Header + { + get { return pkiMessage.Header; } + } + + public PkiBody Body + { + get { return pkiMessage.Body; } + } + + /// + /// Return true if this message has protection bits on it. A return value of true + /// indicates the message can be used to construct a ProtectedPKIMessage. + /// + public bool HasProtection + { + get { return pkiMessage.Protection != null; } + } + + public PkiMessage ToAsn1Structure() + { + return pkiMessage; + } + } +} diff --git a/BouncyCastle/crypto/src/cmp/ProtectedPkiMessage.cs b/BouncyCastle/crypto/src/cmp/ProtectedPkiMessage.cs new file mode 100644 index 0000000..770fe54 --- /dev/null +++ b/BouncyCastle/crypto/src/cmp/ProtectedPkiMessage.cs @@ -0,0 +1,149 @@ +using System; + +using Org.BouncyCastle.Asn1; +using Org.BouncyCastle.Asn1.Cmp; +using Org.BouncyCastle.Asn1.X509; +using Org.BouncyCastle.Crmf; +using Org.BouncyCastle.Crypto; +using Org.BouncyCastle.Utilities; +using Org.BouncyCastle.X509; + +namespace Org.BouncyCastle.Cmp +{ + /// + /// Wrapper for a PKIMessage with protection attached to it. + /// + public class ProtectedPkiMessage + { + private readonly PkiMessage pkiMessage; + + /// + /// Wrap a general message. + /// + /// If the general message does not have protection. + /// The General message + public ProtectedPkiMessage(GeneralPkiMessage pkiMessage) + { + if (!pkiMessage.HasProtection) + throw new ArgumentException("pki message not protected"); + + this.pkiMessage = pkiMessage.ToAsn1Structure(); + } + + /// + /// Wrap a PKI message. + /// + /// If the PKI message does not have protection. + /// The PKI message + public ProtectedPkiMessage(PkiMessage pkiMessage) + { + if (null == pkiMessage.Header.ProtectionAlg) + throw new ArgumentException("pki message not protected"); + + this.pkiMessage = pkiMessage; + } + + /// + /// Message header + /// + public PkiHeader Header + { + get { return pkiMessage.Header; } + } + + /// + /// Message Body + /// + public PkiBody Body + { + get { return pkiMessage.Body; } + } + + /// + /// Return the underlying ASN.1 structure contained in this object. + /// + /// PKI Message structure + public PkiMessage ToAsn1Message() + { + return pkiMessage; + } + + /// + /// Determine whether the message is protected by a password based MAC. Use verify(PKMACBuilder, char[]) + /// to verify the message if this method returns true. + /// + /// true if protection MAC PBE based, false otherwise. + public bool HasPasswordBasedMacProtected + { + get { return Header.ProtectionAlg.Algorithm.Equals(CmpObjectIdentifiers.passwordBasedMac); } + } + + /// + /// Return the extra certificates associated with this message. + /// + /// an array of extra certificates, zero length if none present. + public X509Certificate[] GetCertificates() + { + CmpCertificate[] certs = pkiMessage.GetExtraCerts(); + if (null == certs) + return new X509Certificate[0]; + + X509Certificate[] res = new X509Certificate[certs.Length]; + for (int t = 0; t < certs.Length; t++) + { + res[t] = new X509Certificate(X509CertificateStructure.GetInstance(certs[t].GetEncoded())); + } + + return res; + } + + /// + /// Verify a message with a public key based signature attached. + /// + /// a factory of signature verifiers. + /// true if the provider is able to create a verifier that validates the signature, false otherwise. + public bool Verify(IVerifierFactory verifierFactory) + { + IStreamCalculator streamCalculator = verifierFactory.CreateCalculator(); + + IVerifier result = (IVerifier)Process(streamCalculator); + + return result.IsVerified(pkiMessage.Protection.GetBytes()); + } + + private object Process(IStreamCalculator streamCalculator) + { + Asn1EncodableVector avec = new Asn1EncodableVector(); + avec.Add(pkiMessage.Header); + avec.Add(pkiMessage.Body); + byte[] enc = new DerSequence(avec).GetDerEncoded(); + + streamCalculator.Stream.Write(enc, 0, enc.Length); + streamCalculator.Stream.Flush(); + Platform.Dispose(streamCalculator.Stream); + + return streamCalculator.GetResult(); + } + + /// + /// Verify a message with password based MAC protection. + /// + /// MAC builder that can be used to construct the appropriate MacCalculator + /// the MAC password + /// true if the passed in password and MAC builder verify the message, false otherwise. + /// if algorithm not MAC based, or an exception is thrown verifying the MAC. + public bool Verify(PKMacBuilder pkMacBuilder, char[] password) + { + if (!CmpObjectIdentifiers.passwordBasedMac.Equals(pkiMessage.Header.ProtectionAlg.Algorithm)) + throw new InvalidOperationException("protection algorithm is not mac based"); + + PbmParameter parameter = PbmParameter.GetInstance(pkiMessage.Header.ProtectionAlg.Parameters); + + pkMacBuilder.SetParameters(parameter); + + IBlockResult result = (IBlockResult)Process(pkMacBuilder.Build(password).CreateCalculator()); + + return Arrays.ConstantTimeAreEqual(result.Collect(), this.pkiMessage.Protection.GetBytes()); + } + } +} diff --git a/BouncyCastle/crypto/src/cmp/ProtectedPkiMessageBuilder.cs b/BouncyCastle/crypto/src/cmp/ProtectedPkiMessageBuilder.cs new file mode 100644 index 0000000..5939e92 --- /dev/null +++ b/BouncyCastle/crypto/src/cmp/ProtectedPkiMessageBuilder.cs @@ -0,0 +1,178 @@ +using System; +using System.Collections; + +using Org.BouncyCastle.Asn1; +using Org.BouncyCastle.Asn1.Cmp; +using Org.BouncyCastle.Asn1.X509; +using Org.BouncyCastle.Crypto; +using Org.BouncyCastle.Crypto.Operators; +using Org.BouncyCastle.Utilities; +using Org.BouncyCastle.X509; + +namespace Org.BouncyCastle.Cmp +{ + public class ProtectedPkiMessageBuilder + { + private PkiHeaderBuilder hdrBuilBuilder; + private PkiBody body; + private IList generalInfos = Platform.CreateArrayList(); + private IList extraCerts = Platform.CreateArrayList(); + + public ProtectedPkiMessageBuilder(GeneralName sender, GeneralName recipient) + : this(PkiHeader.CMP_2000, sender, recipient) + { + } + + public ProtectedPkiMessageBuilder(int pvno, GeneralName sender, GeneralName recipient) + { + hdrBuilBuilder = new PkiHeaderBuilder(pvno, sender, recipient); + } + + public ProtectedPkiMessageBuilder SetTransactionId(byte[] tid) + { + hdrBuilBuilder.SetTransactionID(tid); + return this; + } + + public ProtectedPkiMessageBuilder SetFreeText(PkiFreeText freeText) + { + hdrBuilBuilder.SetFreeText(freeText); + return this; + } + + public ProtectedPkiMessageBuilder AddGeneralInfo(InfoTypeAndValue genInfo) + { + generalInfos.Add(genInfo); + return this; + } + + public ProtectedPkiMessageBuilder SetMessageTime(DerGeneralizedTime generalizedTime) + { + hdrBuilBuilder.SetMessageTime(generalizedTime); + return this; + } + + public ProtectedPkiMessageBuilder SetRecipKID(byte[] id) + { + hdrBuilBuilder.SetRecipKID(id); + return this; + } + + public ProtectedPkiMessageBuilder SetRecipNonce(byte[] nonce) + { + hdrBuilBuilder.SetRecipNonce(nonce); + return this; + } + + public ProtectedPkiMessageBuilder SetSenderKID(byte[] id) + { + hdrBuilBuilder.SetSenderKID(id); + return this; + } + + public ProtectedPkiMessageBuilder SetSenderNonce(byte[] nonce) + { + hdrBuilBuilder.SetSenderNonce(nonce); + return this; + } + + public ProtectedPkiMessageBuilder SetBody(PkiBody body) + { + this.body = body; + return this; + } + + public ProtectedPkiMessageBuilder AddCmpCertificate(X509Certificate certificate) + { + extraCerts.Add(certificate); + return this; + } + + public ProtectedPkiMessage Build(ISignatureFactory signatureFactory) + { + if (null == body) + throw new InvalidOperationException("body must be set before building"); + + IStreamCalculator calculator = signatureFactory.CreateCalculator(); + + if (!(signatureFactory.AlgorithmDetails is AlgorithmIdentifier)) + { + throw new ArgumentException("AlgorithmDetails is not AlgorithmIdentifier"); + } + + FinalizeHeader((AlgorithmIdentifier)signatureFactory.AlgorithmDetails); + PkiHeader header = hdrBuilBuilder.Build(); + DerBitString protection = new DerBitString(CalculateSignature(calculator, header, body)); + return FinalizeMessage(header, protection); + } + + public ProtectedPkiMessage Build(IMacFactory factory) + { + if (null == body) + throw new InvalidOperationException("body must be set before building"); + + IStreamCalculator calculator = factory.CreateCalculator(); + FinalizeHeader((AlgorithmIdentifier)factory.AlgorithmDetails); + PkiHeader header = hdrBuilBuilder.Build(); + DerBitString protection = new DerBitString(CalculateSignature(calculator, header, body)); + return FinalizeMessage(header, protection); + } + + private void FinalizeHeader(AlgorithmIdentifier algorithmIdentifier) + { + hdrBuilBuilder.SetProtectionAlg(algorithmIdentifier); + if (generalInfos.Count > 0) + { + InfoTypeAndValue[] genInfos = new InfoTypeAndValue[generalInfos.Count]; + for (int t = 0; t < genInfos.Length; t++) + { + genInfos[t] = (InfoTypeAndValue)generalInfos[t]; + } + + hdrBuilBuilder.SetGeneralInfo(genInfos); + } + } + + private ProtectedPkiMessage FinalizeMessage(PkiHeader header, DerBitString protection) + { + if (extraCerts.Count > 0) + { + CmpCertificate[] cmpCertificates = new CmpCertificate[extraCerts.Count]; + for (int i = 0; i < cmpCertificates.Length; i++) + { + byte[] cert = ((X509Certificate)extraCerts[i]).GetEncoded(); + cmpCertificates[i] = CmpCertificate.GetInstance((Asn1Sequence.FromByteArray(cert))); + } + + return new ProtectedPkiMessage(new PkiMessage(header, body, protection, cmpCertificates)); + } + + return new ProtectedPkiMessage(new PkiMessage(header, body, protection)); + } + + private byte[] CalculateSignature(IStreamCalculator signer, PkiHeader header, PkiBody body) + { + Asn1EncodableVector avec = new Asn1EncodableVector(); + avec.Add(header); + avec.Add(body); + byte[] encoded = new DerSequence(avec).GetEncoded(); + signer.Stream.Write(encoded, 0, encoded.Length); + object result = signer.GetResult(); + + if (result is DefaultSignatureResult) + { + return ((DefaultSignatureResult)result).Collect(); + } + else if (result is IBlockResult) + { + return ((IBlockResult)result).Collect(); + } + else if (result is byte[]) + { + return (byte[])result; + } + + throw new InvalidOperationException("result is not byte[] or DefaultSignatureResult"); + } + } +} diff --git a/BouncyCastle/crypto/src/cmp/RevocationDetails.cs b/BouncyCastle/crypto/src/cmp/RevocationDetails.cs new file mode 100644 index 0000000..2d3f9a5 --- /dev/null +++ b/BouncyCastle/crypto/src/cmp/RevocationDetails.cs @@ -0,0 +1,38 @@ +using System; + +using Org.BouncyCastle.Asn1.Cmp; +using Org.BouncyCastle.Asn1.X509; +using Org.BouncyCastle.Math; + +namespace Org.BouncyCastle.Cmp +{ + public class RevocationDetails + { + private readonly RevDetails revDetails; + + public RevocationDetails(RevDetails revDetails) + { + this.revDetails = revDetails; + } + + public X509Name Subject + { + get { return revDetails.CertDetails.Subject; } + } + + public X509Name Issuer + { + get { return revDetails.CertDetails.Issuer; } + } + + public BigInteger SerialNumber + { + get { return revDetails.CertDetails.SerialNumber.Value; } + } + + public RevDetails ToASN1Structure() + { + return revDetails; + } + } +} diff --git a/BouncyCastle/crypto/src/cmp/RevocationDetailsBuilder.cs b/BouncyCastle/crypto/src/cmp/RevocationDetailsBuilder.cs new file mode 100644 index 0000000..b3be012 --- /dev/null +++ b/BouncyCastle/crypto/src/cmp/RevocationDetailsBuilder.cs @@ -0,0 +1,60 @@ +using System; + +using Org.BouncyCastle.Asn1; +using Org.BouncyCastle.Asn1.Cmp; +using Org.BouncyCastle.Asn1.Crmf; +using Org.BouncyCastle.Asn1.X509; +using Org.BouncyCastle.Math; + +namespace Org.BouncyCastle.Cmp +{ + public class RevocationDetailsBuilder + { + private readonly CertTemplateBuilder _templateBuilder = new CertTemplateBuilder(); + + public RevocationDetailsBuilder SetPublicKey(SubjectPublicKeyInfo publicKey) + { + if (publicKey != null) + { + _templateBuilder.SetPublicKey(publicKey); + } + + return this; + } + + public RevocationDetailsBuilder SetIssuer(X509Name issuer) + { + if (issuer != null) + { + _templateBuilder.SetIssuer(issuer); + } + + return this; + } + + public RevocationDetailsBuilder SetSerialNumber(BigInteger serialNumber) + { + if (serialNumber != null) + { + _templateBuilder.SetSerialNumber(new DerInteger(serialNumber)); + } + + return this; + } + + public RevocationDetailsBuilder SetSubject(X509Name subject) + { + if (subject != null) + { + _templateBuilder.SetSubject(subject); + } + + return this; + } + + public RevocationDetails Build() + { + return new RevocationDetails(new RevDetails(_templateBuilder.Build())); + } + } +} \ No newline at end of file diff --git a/BouncyCastle/crypto/src/cms/BaseDigestCalculator.cs b/BouncyCastle/crypto/src/cms/BaseDigestCalculator.cs new file mode 100644 index 0000000..3dcbca7 --- /dev/null +++ b/BouncyCastle/crypto/src/cms/BaseDigestCalculator.cs @@ -0,0 +1,23 @@ +using System; + +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Cms +{ + internal class BaseDigestCalculator + : IDigestCalculator + { + private readonly byte[] digest; + + internal BaseDigestCalculator( + byte[] digest) + { + this.digest = digest; + } + + public byte[] GetDigest() + { + return Arrays.Clone(digest); + } + } +} diff --git a/BouncyCastle/crypto/src/cms/CMSAttributeTableGenerationException.cs b/BouncyCastle/crypto/src/cms/CMSAttributeTableGenerationException.cs new file mode 100644 index 0000000..87dad99 --- /dev/null +++ b/BouncyCastle/crypto/src/cms/CMSAttributeTableGenerationException.cs @@ -0,0 +1,28 @@ +using System; + +namespace Org.BouncyCastle.Cms +{ +#if !(NETCF_1_0 || NETCF_2_0 || SILVERLIGHT || PORTABLE) + [Serializable] +#endif + public class CmsAttributeTableGenerationException + : CmsException + { + public CmsAttributeTableGenerationException() + { + } + + public CmsAttributeTableGenerationException( + string name) + : base(name) + { + } + + public CmsAttributeTableGenerationException( + string name, + Exception e) + : base(name, e) + { + } + } +} diff --git a/BouncyCastle/crypto/src/cms/CMSAttributeTableGenerator.cs b/BouncyCastle/crypto/src/cms/CMSAttributeTableGenerator.cs new file mode 100644 index 0000000..92c9a29 --- /dev/null +++ b/BouncyCastle/crypto/src/cms/CMSAttributeTableGenerator.cs @@ -0,0 +1,25 @@ +using System; +using System.Collections; + +using Org.BouncyCastle.Asn1.Cms; + +namespace Org.BouncyCastle.Cms +{ + /// + /// The 'Signature' parameter is only available when generating unsigned attributes. + /// + public enum CmsAttributeTableParameter + { +// const string ContentType = "contentType"; +// const string Digest = "digest"; +// const string Signature = "encryptedDigest"; +// const string DigestAlgorithmIdentifier = "digestAlgID"; + + ContentType, Digest, Signature, DigestAlgorithmIdentifier + } + + public interface CmsAttributeTableGenerator + { + AttributeTable GetAttributes(IDictionary parameters); + } +} diff --git a/BouncyCastle/crypto/src/cms/CMSAuthEnvelopedData.cs b/BouncyCastle/crypto/src/cms/CMSAuthEnvelopedData.cs new file mode 100644 index 0000000..d35e946 --- /dev/null +++ b/BouncyCastle/crypto/src/cms/CMSAuthEnvelopedData.cs @@ -0,0 +1,112 @@ +using System; +using System.Collections; +using System.IO; + +using Org.BouncyCastle.Asn1; +using Org.BouncyCastle.Asn1.Cms; +using Org.BouncyCastle.Asn1.X509; +using Org.BouncyCastle.Crypto.Parameters; + +namespace Org.BouncyCastle.Cms +{ + /** + * containing class for an CMS AuthEnveloped Data object + */ + internal class CmsAuthEnvelopedData + { + internal RecipientInformationStore recipientInfoStore; + internal ContentInfo contentInfo; + + private OriginatorInfo originator; + private AlgorithmIdentifier authEncAlg; + private Asn1Set authAttrs; + private byte[] mac; + private Asn1Set unauthAttrs; + + public CmsAuthEnvelopedData( + byte[] authEnvData) + : this(CmsUtilities.ReadContentInfo(authEnvData)) + { + } + + public CmsAuthEnvelopedData( + Stream authEnvData) + : this(CmsUtilities.ReadContentInfo(authEnvData)) + { + } + + public CmsAuthEnvelopedData( + ContentInfo contentInfo) + { + this.contentInfo = contentInfo; + + AuthEnvelopedData authEnvData = AuthEnvelopedData.GetInstance(contentInfo.Content); + + this.originator = authEnvData.OriginatorInfo; + + // + // read the recipients + // + Asn1Set recipientInfos = authEnvData.RecipientInfos; + + // + // read the auth-encrypted content info + // + EncryptedContentInfo authEncInfo = authEnvData.AuthEncryptedContentInfo; + this.authEncAlg = authEncInfo.ContentEncryptionAlgorithm; + CmsSecureReadable secureReadable = new AuthEnvelopedSecureReadable(this); + + // + // build the RecipientInformationStore + // + this.recipientInfoStore = CmsEnvelopedHelper.BuildRecipientInformationStore( + recipientInfos, secureReadable); + + // FIXME These need to be passed to the AEAD cipher as AAD (Additional Authenticated Data) + this.authAttrs = authEnvData.AuthAttrs; + this.mac = authEnvData.Mac.GetOctets(); + this.unauthAttrs = authEnvData.UnauthAttrs; + } + + private class AuthEnvelopedSecureReadable : CmsSecureReadable + { + private readonly CmsAuthEnvelopedData parent; + + internal AuthEnvelopedSecureReadable(CmsAuthEnvelopedData parent) + { + this.parent = parent; + } + + public AlgorithmIdentifier Algorithm + { + get { return parent.authEncAlg; } + } + + public object CryptoObject + { + get { return null; } + } + + public CmsReadable GetReadable(KeyParameter key) + { + // TODO Create AEAD cipher instance to decrypt and calculate tag ( MAC) + throw new CmsException("AuthEnveloped data decryption not yet implemented"); + +// RFC 5084 ASN.1 Module +// -- Parameters for AlgorithmIdentifier +// +// CCMParameters ::= SEQUENCE { +// aes-nonce OCTET STRING (SIZE(7..13)), +// aes-ICVlen AES-CCM-ICVlen DEFAULT 12 } +// +// AES-CCM-ICVlen ::= INTEGER (4 | 6 | 8 | 10 | 12 | 14 | 16) +// +// GCMParameters ::= SEQUENCE { +// aes-nonce OCTET STRING, -- recommended size is 12 octets +// aes-ICVlen AES-GCM-ICVlen DEFAULT 12 } +// +// AES-GCM-ICVlen ::= INTEGER (12 | 13 | 14 | 15 | 16) + } + } + } +} diff --git a/BouncyCastle/crypto/src/cms/CMSAuthEnvelopedGenerator.cs b/BouncyCastle/crypto/src/cms/CMSAuthEnvelopedGenerator.cs new file mode 100644 index 0000000..4273cff --- /dev/null +++ b/BouncyCastle/crypto/src/cms/CMSAuthEnvelopedGenerator.cs @@ -0,0 +1,16 @@ +using System; + +using Org.BouncyCastle.Asn1.Nist; + +namespace Org.BouncyCastle.Cms +{ + internal class CmsAuthEnvelopedGenerator + { + public static readonly string Aes128Ccm = NistObjectIdentifiers.IdAes128Ccm.Id; + public static readonly string Aes192Ccm = NistObjectIdentifiers.IdAes192Ccm.Id; + public static readonly string Aes256Ccm = NistObjectIdentifiers.IdAes256Ccm.Id; + public static readonly string Aes128Gcm = NistObjectIdentifiers.IdAes128Gcm.Id; + public static readonly string Aes192Gcm = NistObjectIdentifiers.IdAes192Gcm.Id; + public static readonly string Aes256Gcm = NistObjectIdentifiers.IdAes256Gcm.Id; + } +} diff --git a/BouncyCastle/crypto/src/cms/CMSAuthenticatedData.cs b/BouncyCastle/crypto/src/cms/CMSAuthenticatedData.cs new file mode 100644 index 0000000..33b4cc2 --- /dev/null +++ b/BouncyCastle/crypto/src/cms/CMSAuthenticatedData.cs @@ -0,0 +1,137 @@ +using System; +using System.Collections; +using System.IO; + +using Org.BouncyCastle.Asn1; +using Org.BouncyCastle.Asn1.Cms; +using Org.BouncyCastle.Asn1.X509; +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Cms +{ + /** + * containing class for an CMS Authenticated Data object + */ + public class CmsAuthenticatedData + { + internal RecipientInformationStore recipientInfoStore; + internal ContentInfo contentInfo; + + private AlgorithmIdentifier macAlg; + private Asn1Set authAttrs; + private Asn1Set unauthAttrs; + private byte[] mac; + + public CmsAuthenticatedData( + byte[] authData) + : this(CmsUtilities.ReadContentInfo(authData)) + { + } + + public CmsAuthenticatedData( + Stream authData) + : this(CmsUtilities.ReadContentInfo(authData)) + { + } + + public CmsAuthenticatedData( + ContentInfo contentInfo) + { + this.contentInfo = contentInfo; + + AuthenticatedData authData = AuthenticatedData.GetInstance(contentInfo.Content); + + // + // read the recipients + // + Asn1Set recipientInfos = authData.RecipientInfos; + + this.macAlg = authData.MacAlgorithm; + + // + // read the authenticated content info + // + ContentInfo encInfo = authData.EncapsulatedContentInfo; + CmsReadable readable = new CmsProcessableByteArray( + Asn1OctetString.GetInstance(encInfo.Content).GetOctets()); + CmsSecureReadable secureReadable = new CmsEnvelopedHelper.CmsAuthenticatedSecureReadable( + this.macAlg, readable); + + // + // build the RecipientInformationStore + // + this.recipientInfoStore = CmsEnvelopedHelper.BuildRecipientInformationStore( + recipientInfos, secureReadable); + + this.authAttrs = authData.AuthAttrs; + this.mac = authData.Mac.GetOctets(); + this.unauthAttrs = authData.UnauthAttrs; + } + + public byte[] GetMac() + { + return Arrays.Clone(mac); + } + + public AlgorithmIdentifier MacAlgorithmID + { + get { return macAlg; } + } + + /** + * return the object identifier for the content MAC algorithm. + */ + public string MacAlgOid + { + get { return macAlg.Algorithm.Id; } + } + + /** + * return a store of the intended recipients for this message + */ + public RecipientInformationStore GetRecipientInfos() + { + return recipientInfoStore; + } + + /** + * return the ContentInfo + */ + public ContentInfo ContentInfo + { + get { return contentInfo; } + } + + /** + * return a table of the digested attributes indexed by + * the OID of the attribute. + */ + public Asn1.Cms.AttributeTable GetAuthAttrs() + { + if (authAttrs == null) + return null; + + return new Asn1.Cms.AttributeTable(authAttrs); + } + + /** + * return a table of the undigested attributes indexed by + * the OID of the attribute. + */ + public Asn1.Cms.AttributeTable GetUnauthAttrs() + { + if (unauthAttrs == null) + return null; + + return new Asn1.Cms.AttributeTable(unauthAttrs); + } + + /** + * return the ASN.1 encoded representation of this object. + */ + public byte[] GetEncoded() + { + return contentInfo.GetEncoded(); + } + } +} diff --git a/BouncyCastle/crypto/src/cms/CMSAuthenticatedDataGenerator.cs b/BouncyCastle/crypto/src/cms/CMSAuthenticatedDataGenerator.cs new file mode 100644 index 0000000..addd14c --- /dev/null +++ b/BouncyCastle/crypto/src/cms/CMSAuthenticatedDataGenerator.cs @@ -0,0 +1,156 @@ +using System; +using System.IO; + +using Org.BouncyCastle.Asn1; +using Org.BouncyCastle.Asn1.Cms; +using Org.BouncyCastle.Asn1.X509; +using Org.BouncyCastle.Crypto; +using Org.BouncyCastle.Crypto.Generators; +using Org.BouncyCastle.Crypto.IO; +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Security; +using Org.BouncyCastle.Utilities; +using Org.BouncyCastle.Utilities.IO; + +namespace Org.BouncyCastle.Cms +{ + /** + * General class for generating a CMS authenticated-data message. + * + * A simple example of usage. + * + * 
+	 *      CMSAuthenticatedDataGenerator  fact = new CMSAuthenticatedDataGenerator();
+	 *
+	 *      fact.addKeyTransRecipient(cert);
+	 *
+	 *      CMSAuthenticatedData         data = fact.generate(content, algorithm, "BC");
+	 *
+ */ + public class CmsAuthenticatedDataGenerator + : CmsAuthenticatedGenerator + { + /** + * base constructor + */ + public CmsAuthenticatedDataGenerator() + { + } + + /** + * constructor allowing specific source of randomness + * @param rand instance of SecureRandom to use + */ + public CmsAuthenticatedDataGenerator( + SecureRandom rand) + : base(rand) + { + } + + /** + * generate an enveloped object that contains an CMS Enveloped Data + * object using the given provider and the passed in key generator. + */ + private CmsAuthenticatedData Generate( + CmsProcessable content, + string macOid, + CipherKeyGenerator keyGen) + { + AlgorithmIdentifier macAlgId; + KeyParameter encKey; + Asn1OctetString encContent; + Asn1OctetString macResult; + + try + { + // FIXME Will this work for macs? + byte[] encKeyBytes = keyGen.GenerateKey(); + encKey = ParameterUtilities.CreateKeyParameter(macOid, encKeyBytes); + + Asn1Encodable asn1Params = GenerateAsn1Parameters(macOid, encKeyBytes); + + ICipherParameters cipherParameters; + macAlgId = GetAlgorithmIdentifier( + macOid, encKey, asn1Params, out cipherParameters); + + IMac mac = MacUtilities.GetMac(macOid); + // TODO Confirm no ParametersWithRandom needed + // FIXME Only passing key at the moment +// mac.Init(cipherParameters); + mac.Init(encKey); + + MemoryStream bOut = new MemoryStream(); + Stream mOut = new TeeOutputStream(bOut, new MacSink(mac)); + + content.Write(mOut); + + Platform.Dispose(mOut); + + encContent = new BerOctetString(bOut.ToArray()); + + byte[] macOctets = MacUtilities.DoFinal(mac); + macResult = new DerOctetString(macOctets); + } + catch (SecurityUtilityException e) + { + throw new CmsException("couldn't create cipher.", e); + } + catch (InvalidKeyException e) + { + throw new CmsException("key invalid in message.", e); + } + catch (IOException e) + { + throw new CmsException("exception decoding algorithm parameters.", e); + } + + Asn1EncodableVector recipientInfos = new Asn1EncodableVector(); + + foreach (RecipientInfoGenerator rig in recipientInfoGenerators) + { + try + { + recipientInfos.Add(rig.Generate(encKey, rand)); + } + catch (InvalidKeyException e) + { + throw new CmsException("key inappropriate for algorithm.", e); + } + catch (GeneralSecurityException e) + { + throw new CmsException("error making encrypted content.", e); + } + } + + ContentInfo eci = new ContentInfo(CmsObjectIdentifiers.Data, encContent); + + ContentInfo contentInfo = new ContentInfo( + CmsObjectIdentifiers.AuthenticatedData, + new AuthenticatedData(null, new DerSet(recipientInfos), macAlgId, null, eci, null, macResult, null)); + + return new CmsAuthenticatedData(contentInfo); + } + + /** + * generate an authenticated object that contains an CMS Authenticated Data object + */ + public CmsAuthenticatedData Generate( + CmsProcessable content, + string encryptionOid) + { + try + { + // FIXME Will this work for macs? + CipherKeyGenerator keyGen = GeneratorUtilities.GetKeyGenerator(encryptionOid); + + keyGen.Init(new KeyGenerationParameters(rand, keyGen.DefaultStrength)); + + return Generate(content, encryptionOid, keyGen); + } + catch (SecurityUtilityException e) + { + throw new CmsException("can't find key generation algorithm.", e); + } + } + } +} diff --git a/BouncyCastle/crypto/src/cms/CMSAuthenticatedDataParser.cs b/BouncyCastle/crypto/src/cms/CMSAuthenticatedDataParser.cs new file mode 100644 index 0000000..7defafc --- /dev/null +++ b/BouncyCastle/crypto/src/cms/CMSAuthenticatedDataParser.cs @@ -0,0 +1,214 @@ +using System; +using System.Collections; +using System.IO; + +using Org.BouncyCastle.Asn1; +using Org.BouncyCastle.Asn1.Cms; +using Org.BouncyCastle.Asn1.X509; +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Cms +{ + /** + * Parsing class for an CMS Authenticated Data object from an input stream. + *

+ * Note: that because we are in a streaming mode only one recipient can be tried and it is important + * that the methods on the parser are called in the appropriate order. + *

+ *

+ * Example of use - assuming the first recipient matches the private key we have. + * 

+	*      CMSAuthenticatedDataParser     ad = new CMSAuthenticatedDataParser(inputStream);
+	*
+	*      RecipientInformationStore  recipients = ad.getRecipientInfos();
+	*
+	*      Collection  c = recipients.getRecipients();
+	*      Iterator    it = c.iterator();
+	*
+	*      if (it.hasNext())
+	*      {
+	*          RecipientInformation   recipient = (RecipientInformation)it.next();
+	*
+	*          CMSTypedStream recData = recipient.getContentStream(privateKey, "BC");
+	*
+	*          processDataStream(recData.getContentStream());
+	*
+	*          if (!Arrays.equals(ad.getMac(), recipient.getMac())
+	*          {
+	*              System.err.println("Data corrupted!!!!");
+	*          }
+	*      }
+	*
+ * Note: this class does not introduce buffering - if you are processing large files you should create + * the parser with: + * 
+	*          CMSAuthenticatedDataParser     ep = new CMSAuthenticatedDataParser(new BufferedInputStream(inputStream, bufSize));
+	*
+ * where bufSize is a suitably large buffer size. + *

+ */ + public class CmsAuthenticatedDataParser + : CmsContentInfoParser + { + internal RecipientInformationStore _recipientInfoStore; + internal AuthenticatedDataParser authData; + + private AlgorithmIdentifier macAlg; + private byte[] mac; + private Asn1.Cms.AttributeTable authAttrs; + private Asn1.Cms.AttributeTable unauthAttrs; + + private bool authAttrNotRead; + private bool unauthAttrNotRead; + + public CmsAuthenticatedDataParser( + byte[] envelopedData) + : this(new MemoryStream(envelopedData, false)) + { + } + + public CmsAuthenticatedDataParser( + Stream envelopedData) + : base(envelopedData) + { + this.authAttrNotRead = true; + this.authData = new AuthenticatedDataParser( + (Asn1SequenceParser)contentInfo.GetContent(Asn1Tags.Sequence)); + + // TODO Validate version? + //DerInteger version = this.authData.getVersion(); + + // + // read the recipients + // + Asn1Set recipientInfos = Asn1Set.GetInstance(authData.GetRecipientInfos().ToAsn1Object()); + + this.macAlg = authData.GetMacAlgorithm(); + + // + // read the authenticated content info + // + ContentInfoParser data = authData.GetEnapsulatedContentInfo(); + CmsReadable readable = new CmsProcessableInputStream( + ((Asn1OctetStringParser)data.GetContent(Asn1Tags.OctetString)).GetOctetStream()); + CmsSecureReadable secureReadable = new CmsEnvelopedHelper.CmsAuthenticatedSecureReadable( + this.macAlg, readable); + + // + // build the RecipientInformationStore + // + this._recipientInfoStore = CmsEnvelopedHelper.BuildRecipientInformationStore( + recipientInfos, secureReadable); + } + + public AlgorithmIdentifier MacAlgorithmID + { + get { return macAlg; } + } + + /** + * return the object identifier for the mac algorithm. + */ + public string MacAlgOid + { + get { return macAlg.Algorithm.Id; } + } + + + /** + * return the ASN.1 encoded encryption algorithm parameters, or null if + * there aren't any. + */ + public Asn1Object MacAlgParams + { + get + { + Asn1Encodable ae = macAlg.Parameters; + + return ae == null ? null : ae.ToAsn1Object(); + } + } + + /** + * return a store of the intended recipients for this message + */ + public RecipientInformationStore GetRecipientInfos() + { + return _recipientInfoStore; + } + + public byte[] GetMac() + { + if (mac == null) + { + GetAuthAttrs(); + mac = authData.GetMac().GetOctets(); + } + return Arrays.Clone(mac); + } + + /** + * return a table of the unauthenticated attributes indexed by + * the OID of the attribute. + * @exception java.io.IOException + */ + public Asn1.Cms.AttributeTable GetAuthAttrs() + { + if (authAttrs == null && authAttrNotRead) + { + Asn1SetParser s = authData.GetAuthAttrs(); + + authAttrNotRead = false; + + if (s != null) + { + Asn1EncodableVector v = new Asn1EncodableVector(); + + IAsn1Convertible o; + while ((o = s.ReadObject()) != null) + { + Asn1SequenceParser seq = (Asn1SequenceParser)o; + + v.Add(seq.ToAsn1Object()); + } + + authAttrs = new Asn1.Cms.AttributeTable(new DerSet(v)); + } + } + + return authAttrs; + } + + /** + * return a table of the unauthenticated attributes indexed by + * the OID of the attribute. + * @exception java.io.IOException + */ + public Asn1.Cms.AttributeTable GetUnauthAttrs() + { + if (unauthAttrs == null && unauthAttrNotRead) + { + Asn1SetParser s = authData.GetUnauthAttrs(); + + unauthAttrNotRead = false; + + if (s != null) + { + Asn1EncodableVector v = new Asn1EncodableVector(); + + IAsn1Convertible o; + while ((o = s.ReadObject()) != null) + { + Asn1SequenceParser seq = (Asn1SequenceParser)o; + + v.Add(seq.ToAsn1Object()); + } + + unauthAttrs = new Asn1.Cms.AttributeTable(new DerSet(v)); + } + } + + return unauthAttrs; + } + } +} diff --git a/BouncyCastle/crypto/src/cms/CMSAuthenticatedDataStreamGenerator.cs b/BouncyCastle/crypto/src/cms/CMSAuthenticatedDataStreamGenerator.cs new file mode 100644 index 0000000..b77758d --- /dev/null +++ b/BouncyCastle/crypto/src/cms/CMSAuthenticatedDataStreamGenerator.cs @@ -0,0 +1,297 @@ +using System; +using System.IO; + +using Org.BouncyCastle.Asn1; +using Org.BouncyCastle.Asn1.Cms; +using Org.BouncyCastle.Asn1.X509; +using Org.BouncyCastle.Crypto; +using Org.BouncyCastle.Crypto.Generators; +using Org.BouncyCastle.Crypto.IO; +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Security; +using Org.BouncyCastle.Utilities; +using Org.BouncyCastle.Utilities.IO; + +namespace Org.BouncyCastle.Cms +{ + /** + * General class for generating a CMS authenticated-data message stream. + *

+ * A simple example of usage. + * 

+	*      CMSAuthenticatedDataStreamGenerator edGen = new CMSAuthenticatedDataStreamGenerator();
+	*
+	*      edGen.addKeyTransRecipient(cert);
+	*
+	*      ByteArrayOutputStream  bOut = new ByteArrayOutputStream();
+	*
+	*      OutputStream out = edGen.open(
+	*                              bOut, CMSAuthenticatedDataGenerator.AES128_CBC, "BC");*
+	*      out.write(data);
+	*
+	*      out.close();
+	*
+ *

+ */ + public class CmsAuthenticatedDataStreamGenerator + : CmsAuthenticatedGenerator + { + // TODO Add support +// private object _originatorInfo = null; +// private object _unprotectedAttributes = null; + private int _bufferSize; + private bool _berEncodeRecipientSet; + + /** + * base constructor + */ + public CmsAuthenticatedDataStreamGenerator() + { + } + + /** + * constructor allowing specific source of randomness + * @param rand instance of SecureRandom to use + */ + public CmsAuthenticatedDataStreamGenerator( + SecureRandom rand) + : base(rand) + { + } + + /** + * Set the underlying string size for encapsulated data + * + * @param bufferSize length of octet strings to buffer the data. + */ + public void SetBufferSize( + int bufferSize) + { + _bufferSize = bufferSize; + } + + /** + * Use a BER Set to store the recipient information + */ + public void SetBerEncodeRecipients( + bool berEncodeRecipientSet) + { + _berEncodeRecipientSet = berEncodeRecipientSet; + } + + /** + * generate an enveloped object that contains an CMS Enveloped Data + * object using the given provider and the passed in key generator. + * @throws java.io.IOException + */ + private Stream Open( + Stream outStr, + string macOid, + CipherKeyGenerator keyGen) + { + // FIXME Will this work for macs? + byte[] encKeyBytes = keyGen.GenerateKey(); + KeyParameter encKey = ParameterUtilities.CreateKeyParameter(macOid, encKeyBytes); + + Asn1Encodable asn1Params = GenerateAsn1Parameters(macOid, encKeyBytes); + + ICipherParameters cipherParameters; + AlgorithmIdentifier macAlgId = GetAlgorithmIdentifier( + macOid, encKey, asn1Params, out cipherParameters); + + Asn1EncodableVector recipientInfos = new Asn1EncodableVector(); + + foreach (RecipientInfoGenerator rig in recipientInfoGenerators) + { + try + { + recipientInfos.Add(rig.Generate(encKey, rand)); + } + catch (InvalidKeyException e) + { + throw new CmsException("key inappropriate for algorithm.", e); + } + catch (GeneralSecurityException e) + { + throw new CmsException("error making encrypted content.", e); + } + } + + // FIXME Only passing key at the moment +// return Open(outStr, macAlgId, cipherParameters, recipientInfos); + return Open(outStr, macAlgId, encKey, recipientInfos); + } + + protected Stream Open( + Stream outStr, + AlgorithmIdentifier macAlgId, + ICipherParameters cipherParameters, + Asn1EncodableVector recipientInfos) + { + try + { + // + // ContentInfo + // + BerSequenceGenerator cGen = new BerSequenceGenerator(outStr); + + cGen.AddObject(CmsObjectIdentifiers.AuthenticatedData); + + // + // Authenticated Data + // + BerSequenceGenerator authGen = new BerSequenceGenerator( + cGen.GetRawOutputStream(), 0, true); + + authGen.AddObject(new DerInteger(AuthenticatedData.CalculateVersion(null))); + + Stream authRaw = authGen.GetRawOutputStream(); + Asn1Generator recipGen = _berEncodeRecipientSet + ? (Asn1Generator) new BerSetGenerator(authRaw) + : new DerSetGenerator(authRaw); + + foreach (Asn1Encodable ae in recipientInfos) + { + recipGen.AddObject(ae); + } + + recipGen.Close(); + + authGen.AddObject(macAlgId); + + BerSequenceGenerator eiGen = new BerSequenceGenerator(authRaw); + eiGen.AddObject(CmsObjectIdentifiers.Data); + + Stream octetOutputStream = CmsUtilities.CreateBerOctetOutputStream( + eiGen.GetRawOutputStream(), 0, true, _bufferSize); + + IMac mac = MacUtilities.GetMac(macAlgId.Algorithm); + // TODO Confirm no ParametersWithRandom needed + mac.Init(cipherParameters); + Stream mOut = new TeeOutputStream(octetOutputStream, new MacSink(mac)); + + return new CmsAuthenticatedDataOutputStream(mOut, mac, cGen, authGen, eiGen); + } + catch (SecurityUtilityException e) + { + throw new CmsException("couldn't create cipher.", e); + } + catch (InvalidKeyException e) + { + throw new CmsException("key invalid in message.", e); + } + catch (IOException e) + { + throw new CmsException("exception decoding algorithm parameters.", e); + } + } + + /** + * generate an enveloped object that contains an CMS Enveloped Data object + */ + public Stream Open( + Stream outStr, + string encryptionOid) + { + CipherKeyGenerator keyGen = GeneratorUtilities.GetKeyGenerator(encryptionOid); + + keyGen.Init(new KeyGenerationParameters(rand, keyGen.DefaultStrength)); + + return Open(outStr, encryptionOid, keyGen); + } + + /** + * generate an enveloped object that contains an CMS Enveloped Data object + */ + public Stream Open( + Stream outStr, + string encryptionOid, + int keySize) + { + CipherKeyGenerator keyGen = GeneratorUtilities.GetKeyGenerator(encryptionOid); + + keyGen.Init(new KeyGenerationParameters(rand, keySize)); + + return Open(outStr, encryptionOid, keyGen); + } + + private class CmsAuthenticatedDataOutputStream + : BaseOutputStream + { + private readonly Stream macStream; + private readonly IMac mac; + private readonly BerSequenceGenerator cGen; + private readonly BerSequenceGenerator authGen; + private readonly BerSequenceGenerator eiGen; + + public CmsAuthenticatedDataOutputStream( + Stream macStream, + IMac mac, + BerSequenceGenerator cGen, + BerSequenceGenerator authGen, + BerSequenceGenerator eiGen) + { + this.macStream = macStream; + this.mac = mac; + this.cGen = cGen; + this.authGen = authGen; + this.eiGen = eiGen; + } + + public override void WriteByte( + byte b) + { + macStream.WriteByte(b); + } + + public override void Write( + byte[] bytes, + int off, + int len) + { + macStream.Write(bytes, off, len); + } + +#if PORTABLE + protected override void Dispose(bool disposing) + { + if (disposing) + { + Platform.Dispose(macStream); + + // TODO Parent context(s) should really be be closed explicitly + + eiGen.Close(); + + // [TODO] auth attributes go here + byte[] macOctets = MacUtilities.DoFinal(mac); + authGen.AddObject(new DerOctetString(macOctets)); + // [TODO] unauth attributes go here + + authGen.Close(); + cGen.Close(); + } + base.Dispose(disposing); + } +#else + public override void Close() + { + Platform.Dispose(macStream); + + // TODO Parent context(s) should really be be closed explicitly + + eiGen.Close(); + + // [TODO] auth attributes go here + byte[] macOctets = MacUtilities.DoFinal(mac); + authGen.AddObject(new DerOctetString(macOctets)); + // [TODO] unauth attributes go here + + authGen.Close(); + cGen.Close(); + base.Close(); + } +#endif + } + } +} diff --git a/BouncyCastle/crypto/src/cms/CMSAuthenticatedGenerator.cs b/BouncyCastle/crypto/src/cms/CMSAuthenticatedGenerator.cs new file mode 100644 index 0000000..8824d19 --- /dev/null +++ b/BouncyCastle/crypto/src/cms/CMSAuthenticatedGenerator.cs @@ -0,0 +1,35 @@ +using System; +using System.IO; + +using Org.BouncyCastle.Asn1; +using Org.BouncyCastle.Asn1.X509; +using Org.BouncyCastle.Crypto; +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Security; +using Org.BouncyCastle.Utilities.Date; +using Org.BouncyCastle.Utilities.IO; + +namespace Org.BouncyCastle.Cms +{ + public class CmsAuthenticatedGenerator + : CmsEnvelopedGenerator + { + /** + * base constructor + */ + public CmsAuthenticatedGenerator() + { + } + + /** + * constructor allowing specific source of randomness + * + * @param rand instance of SecureRandom to use + */ + public CmsAuthenticatedGenerator( + SecureRandom rand) + : base(rand) + { + } + } +} diff --git a/BouncyCastle/crypto/src/cms/CMSCompressedData.cs b/BouncyCastle/crypto/src/cms/CMSCompressedData.cs new file mode 100644 index 0000000..21651f0 --- /dev/null +++ b/BouncyCastle/crypto/src/cms/CMSCompressedData.cs @@ -0,0 +1,108 @@ +using System; +using System.IO; + +using Org.BouncyCastle.Asn1; +using Org.BouncyCastle.Asn1.Cms; +using Org.BouncyCastle.Utilities; +using Org.BouncyCastle.Utilities.Zlib; + +namespace Org.BouncyCastle.Cms +{ + /** + * containing class for an CMS Compressed Data object + */ + public class CmsCompressedData + { + internal ContentInfo contentInfo; + + public CmsCompressedData( + byte[] compressedData) + : this(CmsUtilities.ReadContentInfo(compressedData)) + { + } + + public CmsCompressedData( + Stream compressedDataStream) + : this(CmsUtilities.ReadContentInfo(compressedDataStream)) + { + } + + public CmsCompressedData( + ContentInfo contentInfo) + { + this.contentInfo = contentInfo; + } + + /** + * Return the uncompressed content. + * + * @return the uncompressed content + * @throws CmsException if there is an exception uncompressing the data. + */ + public byte[] GetContent() + { + CompressedData comData = CompressedData.GetInstance(contentInfo.Content); + ContentInfo content = comData.EncapContentInfo; + + Asn1OctetString bytes = (Asn1OctetString) content.Content; + ZInputStream zIn = new ZInputStream(bytes.GetOctetStream()); + + try + { + return CmsUtilities.StreamToByteArray(zIn); + } + catch (IOException e) + { + throw new CmsException("exception reading compressed stream.", e); + } + finally + { + Platform.Dispose(zIn); + } + } + + /** + * Return the uncompressed content, throwing an exception if the data size + * is greater than the passed in limit. If the content is exceeded getCause() + * on the CMSException will contain a StreamOverflowException + * + * @param limit maximum number of bytes to read + * @return the content read + * @throws CMSException if there is an exception uncompressing the data. + */ + public byte[] GetContent(int limit) + { + CompressedData comData = CompressedData.GetInstance(contentInfo.Content); + ContentInfo content = comData.EncapContentInfo; + + Asn1OctetString bytes = (Asn1OctetString)content.Content; + + ZInputStream zIn = new ZInputStream(new MemoryStream(bytes.GetOctets(), false)); + + try + { + return CmsUtilities.StreamToByteArray(zIn, limit); + } + catch (IOException e) + { + throw new CmsException("exception reading compressed stream.", e); + } + } + + /** + * return the ContentInfo + */ + public ContentInfo ContentInfo + { + get { return contentInfo; } + } + + /** + * return the ASN.1 encoded representation of this object. + */ + public byte[] GetEncoded() + { + return contentInfo.GetEncoded(); + } + } +} diff --git a/BouncyCastle/crypto/src/cms/CMSCompressedDataGenerator.cs b/BouncyCastle/crypto/src/cms/CMSCompressedDataGenerator.cs new file mode 100644 index 0000000..d51de10 --- /dev/null +++ b/BouncyCastle/crypto/src/cms/CMSCompressedDataGenerator.cs @@ -0,0 +1,67 @@ +using System; +using System.Collections; +using System.IO; + +using Org.BouncyCastle.Asn1; +using Org.BouncyCastle.Asn1.Cms; +using Org.BouncyCastle.Asn1.X509; +using Org.BouncyCastle.Utilities; +using Org.BouncyCastle.Utilities.Zlib; + +namespace Org.BouncyCastle.Cms +{ + /** + * General class for generating a compressed CMS message. + *

+ * A simple example of usage.

+ *

+ * 

+    *      CMSCompressedDataGenerator fact = new CMSCompressedDataGenerator();
+    *      CMSCompressedData data = fact.Generate(content, algorithm);
+    *
+ *

+ */ + public class CmsCompressedDataGenerator + { + public const string ZLib = "1.2.840.113549.1.9.16.3.8"; + + public CmsCompressedDataGenerator() + { + } + + /** + * Generate an object that contains an CMS Compressed Data + */ + public CmsCompressedData Generate( + CmsProcessable content, + string compressionOid) + { + AlgorithmIdentifier comAlgId; + Asn1OctetString comOcts; + + try + { + MemoryStream bOut = new MemoryStream(); + ZOutputStream zOut = new ZOutputStream(bOut, JZlib.Z_DEFAULT_COMPRESSION); + + content.Write(zOut); + + Platform.Dispose(zOut); + + comAlgId = new AlgorithmIdentifier(new DerObjectIdentifier(compressionOid)); + comOcts = new BerOctetString(bOut.ToArray()); + } + catch (IOException e) + { + throw new CmsException("exception encoding data.", e); + } + + ContentInfo comContent = new ContentInfo(CmsObjectIdentifiers.Data, comOcts); + ContentInfo contentInfo = new ContentInfo( + CmsObjectIdentifiers.CompressedData, + new CompressedData(comAlgId, comContent)); + + return new CmsCompressedData(contentInfo); + } + } +} diff --git a/BouncyCastle/crypto/src/cms/CMSCompressedDataParser.cs b/BouncyCastle/crypto/src/cms/CMSCompressedDataParser.cs new file mode 100644 index 0000000..93dfa12 --- /dev/null +++ b/BouncyCastle/crypto/src/cms/CMSCompressedDataParser.cs @@ -0,0 +1,57 @@ +using System; +using System.Collections; +using System.IO; + +using Org.BouncyCastle.Asn1; +using Org.BouncyCastle.Asn1.Cms; +using Org.BouncyCastle.Utilities.Zlib; + +namespace Org.BouncyCastle.Cms +{ + /** + * Class for reading a CMS Compressed Data stream. + * 
+    *     CMSCompressedDataParser cp = new CMSCompressedDataParser(inputStream);
+    *
+    *     process(cp.GetContent().GetContentStream());
+    *
+ * Note: this class does not introduce buffering - if you are processing large files you should create + * the parser with: + * 
+    *      CMSCompressedDataParser     ep = new CMSCompressedDataParser(new BufferedInputStream(inputStream, bufSize));
+    *
+ * where bufSize is a suitably large buffer size. + */ + public class CmsCompressedDataParser + : CmsContentInfoParser + { + public CmsCompressedDataParser( + byte[] compressedData) + : this(new MemoryStream(compressedData, false)) + { + } + + public CmsCompressedDataParser( + Stream compressedData) + : base(compressedData) + { + } + + public CmsTypedStream GetContent() + { + try + { + CompressedDataParser comData = new CompressedDataParser((Asn1SequenceParser)this.contentInfo.GetContent(Asn1Tags.Sequence)); + ContentInfoParser content = comData.GetEncapContentInfo(); + + Asn1OctetStringParser bytes = (Asn1OctetStringParser)content.GetContent(Asn1Tags.OctetString); + + return new CmsTypedStream(content.ContentType.ToString(), new ZInputStream(bytes.GetOctetStream())); + } + catch (IOException e) + { + throw new CmsException("IOException reading compressed content.", e); + } + } + } +} diff --git a/BouncyCastle/crypto/src/cms/CMSCompressedDataStreamGenerator.cs b/BouncyCastle/crypto/src/cms/CMSCompressedDataStreamGenerator.cs new file mode 100644 index 0000000..0cb1bb6 --- /dev/null +++ b/BouncyCastle/crypto/src/cms/CMSCompressedDataStreamGenerator.cs @@ -0,0 +1,158 @@ +using System; +using System.IO; + +using Org.BouncyCastle.Asn1; +using Org.BouncyCastle.Asn1.Cms; +using Org.BouncyCastle.Asn1.X509; +using Org.BouncyCastle.Utilities; +using Org.BouncyCastle.Utilities.IO; +using Org.BouncyCastle.Utilities.Zlib; + +namespace Org.BouncyCastle.Cms +{ + /** + * General class for generating a compressed CMS message stream. + *

+ * A simple example of usage. + *

+ * 
+	*      CMSCompressedDataStreamGenerator gen = new CMSCompressedDataStreamGenerator();
+	*
+	*      Stream cOut = gen.Open(outputStream, CMSCompressedDataStreamGenerator.ZLIB);
+	*
+	*      cOut.Write(data);
+	*
+	*      cOut.Close();
+	*
+ */ + public class CmsCompressedDataStreamGenerator + { + public const string ZLib = "1.2.840.113549.1.9.16.3.8"; + + private int _bufferSize; + + /** + * base constructor + */ + public CmsCompressedDataStreamGenerator() + { + } + + /** + * Set the underlying string size for encapsulated data + * + * @param bufferSize length of octet strings to buffer the data. + */ + public void SetBufferSize( + int bufferSize) + { + _bufferSize = bufferSize; + } + + public Stream Open( + Stream outStream, + string compressionOID) + { + return Open(outStream, CmsObjectIdentifiers.Data.Id, compressionOID); + } + + public Stream Open( + Stream outStream, + string contentOID, + string compressionOID) + { + BerSequenceGenerator sGen = new BerSequenceGenerator(outStream); + + sGen.AddObject(CmsObjectIdentifiers.CompressedData); + + // + // Compressed Data + // + BerSequenceGenerator cGen = new BerSequenceGenerator( + sGen.GetRawOutputStream(), 0, true); + + // CMSVersion + cGen.AddObject(new DerInteger(0)); + + // CompressionAlgorithmIdentifier + cGen.AddObject(new AlgorithmIdentifier(new DerObjectIdentifier(ZLib))); + + // + // Encapsulated ContentInfo + // + BerSequenceGenerator eiGen = new BerSequenceGenerator(cGen.GetRawOutputStream()); + + eiGen.AddObject(new DerObjectIdentifier(contentOID)); + + Stream octetStream = CmsUtilities.CreateBerOctetOutputStream( + eiGen.GetRawOutputStream(), 0, true, _bufferSize); + + return new CmsCompressedOutputStream( + new ZOutputStream(octetStream, JZlib.Z_DEFAULT_COMPRESSION), sGen, cGen, eiGen); + } + + private class CmsCompressedOutputStream + : BaseOutputStream + { + private ZOutputStream _out; + private BerSequenceGenerator _sGen; + private BerSequenceGenerator _cGen; + private BerSequenceGenerator _eiGen; + + internal CmsCompressedOutputStream( + ZOutputStream outStream, + BerSequenceGenerator sGen, + BerSequenceGenerator cGen, + BerSequenceGenerator eiGen) + { + _out = outStream; + _sGen = sGen; + _cGen = cGen; + _eiGen = eiGen; + } + + public override void WriteByte( + byte b) + { + _out.WriteByte(b); + } + + public override void Write( + byte[] bytes, + int off, + int len) + { + _out.Write(bytes, off, len); + } + +#if PORTABLE + protected override void Dispose(bool disposing) + { + if (disposing) + { + Platform.Dispose(_out); + + // TODO Parent context(s) should really be be closed explicitly + + _eiGen.Close(); + _cGen.Close(); + _sGen.Close(); + } + base.Dispose(disposing); + } +#else + public override void Close() + { + Platform.Dispose(_out); + + // TODO Parent context(s) should really be be closed explicitly + + _eiGen.Close(); + _cGen.Close(); + _sGen.Close(); + base.Close(); + } +#endif + } + } +} diff --git a/BouncyCastle/crypto/src/cms/CMSContentInfoParser.cs b/BouncyCastle/crypto/src/cms/CMSContentInfoParser.cs new file mode 100644 index 0000000..a7b43f2 --- /dev/null +++ b/BouncyCastle/crypto/src/cms/CMSContentInfoParser.cs @@ -0,0 +1,48 @@ +using System; +using System.IO; + +using Org.BouncyCastle.Asn1; +using Org.BouncyCastle.Asn1.Cms; +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Cms +{ + public class CmsContentInfoParser + { + protected ContentInfoParser contentInfo; + protected Stream data; + + protected CmsContentInfoParser( + Stream data) + { + if (data == null) + throw new ArgumentNullException("data"); + + this.data = data; + + try + { + Asn1StreamParser inStream = new Asn1StreamParser(data); + + this.contentInfo = new ContentInfoParser((Asn1SequenceParser)inStream.ReadObject()); + } + catch (IOException e) + { + throw new CmsException("IOException reading content.", e); + } + catch (InvalidCastException e) + { + throw new CmsException("Unexpected object reading content.", e); + } + } + + /** + * Close the underlying data stream. + * @throws IOException if the close fails. + */ + public void Close() + { + Platform.Dispose(this.data); + } + } +} diff --git a/BouncyCastle/crypto/src/cms/CMSEnvelopedData.cs b/BouncyCastle/crypto/src/cms/CMSEnvelopedData.cs new file mode 100644 index 0000000..223d0ca --- /dev/null +++ b/BouncyCastle/crypto/src/cms/CMSEnvelopedData.cs @@ -0,0 +1,115 @@ +using System; +using System.Collections; +using System.IO; + +using Org.BouncyCastle.Asn1; +using Org.BouncyCastle.Asn1.Cms; +using Org.BouncyCastle.Asn1.X509; +using Org.BouncyCastle.Crypto; +using Org.BouncyCastle.Security; + +namespace Org.BouncyCastle.Cms +{ + /** + * containing class for an CMS Enveloped Data object + */ + public class CmsEnvelopedData + { + internal RecipientInformationStore recipientInfoStore; + internal ContentInfo contentInfo; + + private AlgorithmIdentifier encAlg; + private Asn1Set unprotectedAttributes; + + public CmsEnvelopedData( + byte[] envelopedData) + : this(CmsUtilities.ReadContentInfo(envelopedData)) + { + } + + public CmsEnvelopedData( + Stream envelopedData) + : this(CmsUtilities.ReadContentInfo(envelopedData)) + { + } + + public CmsEnvelopedData( + ContentInfo contentInfo) + { + this.contentInfo = contentInfo; + + EnvelopedData envData = EnvelopedData.GetInstance(contentInfo.Content); + + // + // read the recipients + // + Asn1Set recipientInfos = envData.RecipientInfos; + + // + // read the encrypted content info + // + EncryptedContentInfo encInfo = envData.EncryptedContentInfo; + this.encAlg = encInfo.ContentEncryptionAlgorithm; + CmsReadable readable = new CmsProcessableByteArray(encInfo.EncryptedContent.GetOctets()); + CmsSecureReadable secureReadable = new CmsEnvelopedHelper.CmsEnvelopedSecureReadable( + this.encAlg, readable); + + // + // build the RecipientInformationStore + // + this.recipientInfoStore = CmsEnvelopedHelper.BuildRecipientInformationStore( + recipientInfos, secureReadable); + + this.unprotectedAttributes = envData.UnprotectedAttrs; + } + + public AlgorithmIdentifier EncryptionAlgorithmID + { + get { return encAlg; } + } + + /** + * return the object identifier for the content encryption algorithm. + */ + public string EncryptionAlgOid + { + get { return encAlg.Algorithm.Id; } + } + + /** + * return a store of the intended recipients for this message + */ + public RecipientInformationStore GetRecipientInfos() + { + return recipientInfoStore; + } + + /** + * return the ContentInfo + */ + public ContentInfo ContentInfo + { + get { return contentInfo; } + } + + /** + * return a table of the unprotected attributes indexed by + * the OID of the attribute. + */ + public Asn1.Cms.AttributeTable GetUnprotectedAttributes() + { + if (unprotectedAttributes == null) + return null; + + return new Asn1.Cms.AttributeTable(unprotectedAttributes); + } + + /** + * return the ASN.1 encoded representation of this object. + */ + public byte[] GetEncoded() + { + return contentInfo.GetEncoded(); + } + } +} diff --git a/BouncyCastle/crypto/src/cms/CMSEnvelopedDataGenerator.cs b/BouncyCastle/crypto/src/cms/CMSEnvelopedDataGenerator.cs new file mode 100644 index 0000000..c844ca6 --- /dev/null +++ b/BouncyCastle/crypto/src/cms/CMSEnvelopedDataGenerator.cs @@ -0,0 +1,247 @@ +using System; +using System.Collections; +using System.IO; + +using Org.BouncyCastle.Asn1; +using Org.BouncyCastle.Asn1.Cms; +using Org.BouncyCastle.Asn1.Nist; +using Org.BouncyCastle.Asn1.Oiw; +using Org.BouncyCastle.Asn1.X509; +using Org.BouncyCastle.Asn1.X9; +using Org.BouncyCastle.Crypto; +using Org.BouncyCastle.Crypto.Generators; +using Org.BouncyCastle.Crypto.IO; +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Math; +using Org.BouncyCastle.Security; +using Org.BouncyCastle.Utilities; +using Org.BouncyCastle.Utilities.Date; +using Org.BouncyCastle.X509; + +namespace Org.BouncyCastle.Cms +{ + /// + /// General class for generating a CMS enveloped-data message. + /// + /// A simple example of usage. + /// + /// 
+    ///      CmsEnvelopedDataGenerator  fact = new CmsEnvelopedDataGenerator();
+    ///
+    ///      fact.AddKeyTransRecipient(cert);
+    ///
+    ///      CmsEnvelopedData         data = fact.Generate(content, algorithm);
+    ///
+ /// + public class CmsEnvelopedDataGenerator + : CmsEnvelopedGenerator + { + public CmsEnvelopedDataGenerator() + { + } + + /// Constructor allowing specific source of randomness + /// Instance of SecureRandom to use. + public CmsEnvelopedDataGenerator( + SecureRandom rand) + : base(rand) + { + } + + /// + /// Generate an enveloped object that contains a CMS Enveloped Data + /// object using the passed in key generator. + /// + private CmsEnvelopedData Generate( + CmsProcessable content, + string encryptionOid, + CipherKeyGenerator keyGen) + { + AlgorithmIdentifier encAlgId = null; + KeyParameter encKey; + Asn1OctetString encContent; + + try + { + byte[] encKeyBytes = keyGen.GenerateKey(); + encKey = ParameterUtilities.CreateKeyParameter(encryptionOid, encKeyBytes); + + Asn1Encodable asn1Params = GenerateAsn1Parameters(encryptionOid, encKeyBytes); + + ICipherParameters cipherParameters; + encAlgId = GetAlgorithmIdentifier( + encryptionOid, encKey, asn1Params, out cipherParameters); + + IBufferedCipher cipher = CipherUtilities.GetCipher(encryptionOid); + cipher.Init(true, new ParametersWithRandom(cipherParameters, rand)); + + MemoryStream bOut = new MemoryStream(); + CipherStream cOut = new CipherStream(bOut, null, cipher); + + content.Write(cOut); + + Platform.Dispose(cOut); + + encContent = new BerOctetString(bOut.ToArray()); + } + catch (SecurityUtilityException e) + { + throw new CmsException("couldn't create cipher.", e); + } + catch (InvalidKeyException e) + { + throw new CmsException("key invalid in message.", e); + } + catch (IOException e) + { + throw new CmsException("exception decoding algorithm parameters.", e); + } + + + Asn1EncodableVector recipientInfos = new Asn1EncodableVector(); + + foreach (RecipientInfoGenerator rig in recipientInfoGenerators) + { + try + { + recipientInfos.Add(rig.Generate(encKey, rand)); + } + catch (InvalidKeyException e) + { + throw new CmsException("key inappropriate for algorithm.", e); + } + catch (GeneralSecurityException e) + { + throw new CmsException("error making encrypted content.", e); + } + } + + EncryptedContentInfo eci = new EncryptedContentInfo( + CmsObjectIdentifiers.Data, + encAlgId, + encContent); + + Asn1Set unprotectedAttrSet = null; + if (unprotectedAttributeGenerator != null) + { + Asn1.Cms.AttributeTable attrTable = unprotectedAttributeGenerator.GetAttributes(Platform.CreateHashtable()); + + unprotectedAttrSet = new BerSet(attrTable.ToAsn1EncodableVector()); + } + + ContentInfo contentInfo = new ContentInfo( + CmsObjectIdentifiers.EnvelopedData, + new EnvelopedData(null, new DerSet(recipientInfos), eci, unprotectedAttrSet)); + + return new CmsEnvelopedData(contentInfo); + } + + /// Generate an enveloped object that contains an CMS Enveloped Data object. + public CmsEnvelopedData Generate( + CmsProcessable content, + string encryptionOid) + { + try + { + CipherKeyGenerator keyGen = GeneratorUtilities.GetKeyGenerator(encryptionOid); + + keyGen.Init(new KeyGenerationParameters(rand, keyGen.DefaultStrength)); + + return Generate(content, encryptionOid, keyGen); + } + catch (SecurityUtilityException e) + { + throw new CmsException("can't find key generation algorithm.", e); + } + } + + + public CmsEnvelopedData Generate(CmsProcessable content, ICipherBuilderWithKey cipherBuilder) + { + //AlgorithmIdentifier encAlgId = null; + KeyParameter encKey; + Asn1OctetString encContent; + + try + { + encKey = (KeyParameter) cipherBuilder.Key; + + MemoryStream collector = new MemoryStream(); + Stream bOut = cipherBuilder.BuildCipher(collector).Stream; + content.Write(bOut); + Platform.Dispose(bOut); + encContent = new BerOctetString(collector.ToArray()); + } + catch (SecurityUtilityException e) + { + throw new CmsException("couldn't create cipher.", e); + } + catch (InvalidKeyException e) + { + throw new CmsException("key invalid in message.", e); + } + catch (IOException e) + { + throw new CmsException("exception decoding algorithm parameters.", e); + } + + + Asn1EncodableVector recipientInfos = new Asn1EncodableVector(); + + foreach (RecipientInfoGenerator rig in recipientInfoGenerators) + { + try + { + recipientInfos.Add(rig.Generate(encKey, rand)); + } + catch (InvalidKeyException e) + { + throw new CmsException("key inappropriate for algorithm.", e); + } + catch (GeneralSecurityException e) + { + throw new CmsException("error making encrypted content.", e); + } + } + + EncryptedContentInfo eci = new EncryptedContentInfo( + CmsObjectIdentifiers.Data, + (AlgorithmIdentifier) cipherBuilder.AlgorithmDetails, + encContent); + + Asn1Set unprotectedAttrSet = null; + if (unprotectedAttributeGenerator != null) + { + Asn1.Cms.AttributeTable attrTable = unprotectedAttributeGenerator.GetAttributes(Platform.CreateHashtable()); + + unprotectedAttrSet = new BerSet(attrTable.ToAsn1EncodableVector()); + } + + ContentInfo contentInfo = new ContentInfo( + CmsObjectIdentifiers.EnvelopedData, + new EnvelopedData(null, new DerSet(recipientInfos), eci, unprotectedAttrSet)); + + return new CmsEnvelopedData(contentInfo); + } + + /// Generate an enveloped object that contains an CMS Enveloped Data object. + public CmsEnvelopedData Generate( + CmsProcessable content, + string encryptionOid, + int keySize) + { + try + { + CipherKeyGenerator keyGen = GeneratorUtilities.GetKeyGenerator(encryptionOid); + + keyGen.Init(new KeyGenerationParameters(rand, keySize)); + + return Generate(content, encryptionOid, keyGen); + } + catch (SecurityUtilityException e) + { + throw new CmsException("can't find key generation algorithm.", e); + } + } + } +} diff --git a/BouncyCastle/crypto/src/cms/CMSEnvelopedDataParser.cs b/BouncyCastle/crypto/src/cms/CMSEnvelopedDataParser.cs new file mode 100644 index 0000000..d5dfaf5 --- /dev/null +++ b/BouncyCastle/crypto/src/cms/CMSEnvelopedDataParser.cs @@ -0,0 +1,161 @@ +using System; +using System.Collections; +using System.IO; + +using Org.BouncyCastle.Asn1; +using Org.BouncyCastle.Asn1.Cms; +using Org.BouncyCastle.Asn1.X509; +using Org.BouncyCastle.Crypto; + +namespace Org.BouncyCastle.Cms +{ + /** + * Parsing class for an CMS Enveloped Data object from an input stream. + *

+ * Note: that because we are in a streaming mode only one recipient can be tried and it is important + * that the methods on the parser are called in the appropriate order. + *

+ *

+ * Example of use - assuming the first recipient matches the private key we have. + * 

+	*      CmsEnvelopedDataParser     ep = new CmsEnvelopedDataParser(inputStream);
+	*
+	*      RecipientInformationStore  recipients = ep.GetRecipientInfos();
+	*
+	*      Collection  c = recipients.getRecipients();
+	*      Iterator    it = c.iterator();
+	*
+	*      if (it.hasNext())
+	*      {
+	*          RecipientInformation   recipient = (RecipientInformation)it.next();
+	*
+	*          CMSTypedStream recData = recipient.getContentStream(privateKey);
+	*
+	*          processDataStream(recData.getContentStream());
+	*      }
+	*
+ * Note: this class does not introduce buffering - if you are processing large files you should create + * the parser with: + * 
+	*          CmsEnvelopedDataParser     ep = new CmsEnvelopedDataParser(new BufferedInputStream(inputStream, bufSize));
+	*
+ * where bufSize is a suitably large buffer size. + *

+ */ + public class CmsEnvelopedDataParser + : CmsContentInfoParser + { + internal RecipientInformationStore recipientInfoStore; + internal EnvelopedDataParser envelopedData; + + private AlgorithmIdentifier _encAlg; + private Asn1.Cms.AttributeTable _unprotectedAttributes; + private bool _attrNotRead; + + public CmsEnvelopedDataParser( + byte[] envelopedData) + : this(new MemoryStream(envelopedData, false)) + { + } + + public CmsEnvelopedDataParser( + Stream envelopedData) + : base(envelopedData) + { + this._attrNotRead = true; + this.envelopedData = new EnvelopedDataParser( + (Asn1SequenceParser)this.contentInfo.GetContent(Asn1Tags.Sequence)); + + // TODO Validate version? + //DerInteger version = this.envelopedData.Version; + + // + // read the recipients + // + Asn1Set recipientInfos = Asn1Set.GetInstance(this.envelopedData.GetRecipientInfos().ToAsn1Object()); + + // + // read the encrypted content info + // + EncryptedContentInfoParser encInfo = this.envelopedData.GetEncryptedContentInfo(); + this._encAlg = encInfo.ContentEncryptionAlgorithm; + CmsReadable readable = new CmsProcessableInputStream( + ((Asn1OctetStringParser)encInfo.GetEncryptedContent(Asn1Tags.OctetString)).GetOctetStream()); + CmsSecureReadable secureReadable = new CmsEnvelopedHelper.CmsEnvelopedSecureReadable( + this._encAlg, readable); + + // + // build the RecipientInformationStore + // + this.recipientInfoStore = CmsEnvelopedHelper.BuildRecipientInformationStore( + recipientInfos, secureReadable); + } + + public AlgorithmIdentifier EncryptionAlgorithmID + { + get { return _encAlg; } + } + + /** + * return the object identifier for the content encryption algorithm. + */ + public string EncryptionAlgOid + { + get { return _encAlg.Algorithm.Id; } + } + + /** + * return the ASN.1 encoded encryption algorithm parameters, or null if + * there aren't any. + */ + public Asn1Object EncryptionAlgParams + { + get + { + Asn1Encodable ae = _encAlg.Parameters; + + return ae == null ? null : ae.ToAsn1Object(); + } + } + + /** + * return a store of the intended recipients for this message + */ + public RecipientInformationStore GetRecipientInfos() + { + return this.recipientInfoStore; + } + + /** + * return a table of the unprotected attributes indexed by + * the OID of the attribute. + * @throws IOException + */ + public Asn1.Cms.AttributeTable GetUnprotectedAttributes() + { + if (_unprotectedAttributes == null && _attrNotRead) + { + Asn1SetParser asn1Set = this.envelopedData.GetUnprotectedAttrs(); + + _attrNotRead = false; + + if (asn1Set != null) + { + Asn1EncodableVector v = new Asn1EncodableVector(); + IAsn1Convertible o; + + while ((o = asn1Set.ReadObject()) != null) + { + Asn1SequenceParser seq = (Asn1SequenceParser)o; + + v.Add(seq.ToAsn1Object()); + } + + _unprotectedAttributes = new Asn1.Cms.AttributeTable(new DerSet(v)); + } + } + + return _unprotectedAttributes; + } + } +} diff --git a/BouncyCastle/crypto/src/cms/CMSEnvelopedDataStreamGenerator.cs b/BouncyCastle/crypto/src/cms/CMSEnvelopedDataStreamGenerator.cs new file mode 100644 index 0000000..e0822aa --- /dev/null +++ b/BouncyCastle/crypto/src/cms/CMSEnvelopedDataStreamGenerator.cs @@ -0,0 +1,308 @@ +using System; +using System.Collections; +using System.IO; + +using Org.BouncyCastle.Asn1; +using Org.BouncyCastle.Asn1.Cms; +using Org.BouncyCastle.Asn1.Nist; +using Org.BouncyCastle.Asn1.X509; +using Org.BouncyCastle.Crypto; +using Org.BouncyCastle.Crypto.Engines; +using Org.BouncyCastle.Crypto.Generators; +using Org.BouncyCastle.Crypto.IO; +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Security; +using Org.BouncyCastle.Security.Certificates; +using Org.BouncyCastle.Utilities; +using Org.BouncyCastle.Utilities.IO; +using Org.BouncyCastle.X509; + +namespace Org.BouncyCastle.Cms +{ + /** + * General class for generating a CMS enveloped-data message stream. + *

+ * A simple example of usage. + * 

+	*      CmsEnvelopedDataStreamGenerator edGen = new CmsEnvelopedDataStreamGenerator();
+	*
+	*      edGen.AddKeyTransRecipient(cert);
+	*
+	*      MemoryStream  bOut = new MemoryStream();
+	*
+	*      Stream out = edGen.Open(
+	*                              bOut, CMSEnvelopedDataGenerator.AES128_CBC);*
+	*      out.Write(data);
+	*
+	*      out.Close();
+	*
+ *

+ */ + public class CmsEnvelopedDataStreamGenerator + : CmsEnvelopedGenerator + { + private object _originatorInfo = null; + private object _unprotectedAttributes = null; + private int _bufferSize; + private bool _berEncodeRecipientSet; + + public CmsEnvelopedDataStreamGenerator() + { + } + + /// Constructor allowing specific source of randomness + /// Instance of SecureRandom to use. + public CmsEnvelopedDataStreamGenerator( + SecureRandom rand) + : base(rand) + { + } + + /// Set the underlying string size for encapsulated data. + /// Length of octet strings to buffer the data. + public void SetBufferSize( + int bufferSize) + { + _bufferSize = bufferSize; + } + + /// Use a BER Set to store the recipient information. + public void SetBerEncodeRecipients( + bool berEncodeRecipientSet) + { + _berEncodeRecipientSet = berEncodeRecipientSet; + } + + private DerInteger Version + { + get + { + int version = (_originatorInfo != null || _unprotectedAttributes != null) + ? 2 + : 0; + + return new DerInteger(version); + } + } + + /// + /// Generate an enveloped object that contains an CMS Enveloped Data + /// object using the passed in key generator. + /// + private Stream Open( + Stream outStream, + string encryptionOid, + CipherKeyGenerator keyGen) + { + byte[] encKeyBytes = keyGen.GenerateKey(); + KeyParameter encKey = ParameterUtilities.CreateKeyParameter(encryptionOid, encKeyBytes); + + Asn1Encodable asn1Params = GenerateAsn1Parameters(encryptionOid, encKeyBytes); + + ICipherParameters cipherParameters; + AlgorithmIdentifier encAlgID = GetAlgorithmIdentifier( + encryptionOid, encKey, asn1Params, out cipherParameters); + + Asn1EncodableVector recipientInfos = new Asn1EncodableVector(); + + foreach (RecipientInfoGenerator rig in recipientInfoGenerators) + { + try + { + recipientInfos.Add(rig.Generate(encKey, rand)); + } + catch (InvalidKeyException e) + { + throw new CmsException("key inappropriate for algorithm.", e); + } + catch (GeneralSecurityException e) + { + throw new CmsException("error making encrypted content.", e); + } + } + + return Open(outStream, encAlgID, cipherParameters, recipientInfos); + } + + private Stream Open( + Stream outStream, + AlgorithmIdentifier encAlgID, + ICipherParameters cipherParameters, + Asn1EncodableVector recipientInfos) + { + try + { + // + // ContentInfo + // + BerSequenceGenerator cGen = new BerSequenceGenerator(outStream); + + cGen.AddObject(CmsObjectIdentifiers.EnvelopedData); + + // + // Encrypted Data + // + BerSequenceGenerator envGen = new BerSequenceGenerator( + cGen.GetRawOutputStream(), 0, true); + + envGen.AddObject(this.Version); + + Stream envRaw = envGen.GetRawOutputStream(); + Asn1Generator recipGen = _berEncodeRecipientSet + ? (Asn1Generator) new BerSetGenerator(envRaw) + : new DerSetGenerator(envRaw); + + foreach (Asn1Encodable ae in recipientInfos) + { + recipGen.AddObject(ae); + } + + recipGen.Close(); + + BerSequenceGenerator eiGen = new BerSequenceGenerator(envRaw); + eiGen.AddObject(CmsObjectIdentifiers.Data); + eiGen.AddObject(encAlgID); + + Stream octetOutputStream = CmsUtilities.CreateBerOctetOutputStream( + eiGen.GetRawOutputStream(), 0, false, _bufferSize); + + IBufferedCipher cipher = CipherUtilities.GetCipher(encAlgID.Algorithm); + cipher.Init(true, new ParametersWithRandom(cipherParameters, rand)); + CipherStream cOut = new CipherStream(octetOutputStream, null, cipher); + + return new CmsEnvelopedDataOutputStream(this, cOut, cGen, envGen, eiGen); + } + catch (SecurityUtilityException e) + { + throw new CmsException("couldn't create cipher.", e); + } + catch (InvalidKeyException e) + { + throw new CmsException("key invalid in message.", e); + } + catch (IOException e) + { + throw new CmsException("exception decoding algorithm parameters.", e); + } + } + + /** + * generate an enveloped object that contains an CMS Enveloped Data object + * @throws IOException + */ + public Stream Open( + Stream outStream, + string encryptionOid) + { + CipherKeyGenerator keyGen = GeneratorUtilities.GetKeyGenerator(encryptionOid); + + keyGen.Init(new KeyGenerationParameters(rand, keyGen.DefaultStrength)); + + return Open(outStream, encryptionOid, keyGen); + } + + /** + * generate an enveloped object that contains an CMS Enveloped Data object + * @throws IOException + */ + public Stream Open( + Stream outStream, + string encryptionOid, + int keySize) + { + CipherKeyGenerator keyGen = GeneratorUtilities.GetKeyGenerator(encryptionOid); + + keyGen.Init(new KeyGenerationParameters(rand, keySize)); + + return Open(outStream, encryptionOid, keyGen); + } + + private class CmsEnvelopedDataOutputStream + : BaseOutputStream + { + private readonly CmsEnvelopedGenerator _outer; + + private readonly CipherStream _out; + private readonly BerSequenceGenerator _cGen; + private readonly BerSequenceGenerator _envGen; + private readonly BerSequenceGenerator _eiGen; + + public CmsEnvelopedDataOutputStream( + CmsEnvelopedGenerator outer, + CipherStream outStream, + BerSequenceGenerator cGen, + BerSequenceGenerator envGen, + BerSequenceGenerator eiGen) + { + _outer = outer; + _out = outStream; + _cGen = cGen; + _envGen = envGen; + _eiGen = eiGen; + } + + public override void WriteByte( + byte b) + { + _out.WriteByte(b); + } + + public override void Write( + byte[] bytes, + int off, + int len) + { + _out.Write(bytes, off, len); + } + +#if PORTABLE + protected override void Dispose(bool disposing) + { + if (disposing) + { + Platform.Dispose(_out); + + // TODO Parent context(s) should really be closed explicitly + + _eiGen.Close(); + + if (_outer.unprotectedAttributeGenerator != null) + { + Asn1.Cms.AttributeTable attrTable = _outer.unprotectedAttributeGenerator.GetAttributes(Platform.CreateHashtable()); + + Asn1Set unprotectedAttrs = new BerSet(attrTable.ToAsn1EncodableVector()); + + _envGen.AddObject(new DerTaggedObject(false, 1, unprotectedAttrs)); + } + + _envGen.Close(); + _cGen.Close(); + } + base.Dispose(disposing); + } +#else + public override void Close() + { + Platform.Dispose(_out); + + // TODO Parent context(s) should really be closed explicitly + + _eiGen.Close(); + + if (_outer.unprotectedAttributeGenerator != null) + { + Asn1.Cms.AttributeTable attrTable = _outer.unprotectedAttributeGenerator.GetAttributes(Platform.CreateHashtable()); + + Asn1Set unprotectedAttrs = new BerSet(attrTable.ToAsn1EncodableVector()); + + _envGen.AddObject(new DerTaggedObject(false, 1, unprotectedAttrs)); + } + + _envGen.Close(); + _cGen.Close(); + base.Close(); + } +#endif + } + } +} diff --git a/BouncyCastle/crypto/src/cms/CMSEnvelopedGenerator.cs b/BouncyCastle/crypto/src/cms/CMSEnvelopedGenerator.cs new file mode 100644 index 0000000..d7d3e4b --- /dev/null +++ b/BouncyCastle/crypto/src/cms/CMSEnvelopedGenerator.cs @@ -0,0 +1,338 @@ +using System; +using System.Collections; + +using Org.BouncyCastle.Asn1; +using Org.BouncyCastle.Asn1.Cms; +using Org.BouncyCastle.Asn1.Kisa; +using Org.BouncyCastle.Asn1.Nist; +using Org.BouncyCastle.Asn1.Ntt; +using Org.BouncyCastle.Asn1.Pkcs; +using Org.BouncyCastle.Asn1.X509; +using Org.BouncyCastle.Asn1.X9; +using Org.BouncyCastle.Crypto; +using Org.BouncyCastle.Crypto.Operators; +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Security; +using Org.BouncyCastle.Utilities; +using Org.BouncyCastle.X509; + +namespace Org.BouncyCastle.Cms +{ + /** + * General class for generating a CMS enveloped-data message. + * + * A simple example of usage. + * + * 
+	*      CMSEnvelopedDataGenerator  fact = new CMSEnvelopedDataGenerator();
+	*
+	*      fact.addKeyTransRecipient(cert);
+	*
+	*      CMSEnvelopedData         data = fact.generate(content, algorithm, "BC");
+	*
+ */ + public class CmsEnvelopedGenerator + { + // Note: These tables are complementary: If rc2Table[i]==j, then rc2Ekb[j]==i + internal static readonly short[] rc2Table = + { + 0xbd, 0x56, 0xea, 0xf2, 0xa2, 0xf1, 0xac, 0x2a, 0xb0, 0x93, 0xd1, 0x9c, 0x1b, 0x33, 0xfd, 0xd0, + 0x30, 0x04, 0xb6, 0xdc, 0x7d, 0xdf, 0x32, 0x4b, 0xf7, 0xcb, 0x45, 0x9b, 0x31, 0xbb, 0x21, 0x5a, + 0x41, 0x9f, 0xe1, 0xd9, 0x4a, 0x4d, 0x9e, 0xda, 0xa0, 0x68, 0x2c, 0xc3, 0x27, 0x5f, 0x80, 0x36, + 0x3e, 0xee, 0xfb, 0x95, 0x1a, 0xfe, 0xce, 0xa8, 0x34, 0xa9, 0x13, 0xf0, 0xa6, 0x3f, 0xd8, 0x0c, + 0x78, 0x24, 0xaf, 0x23, 0x52, 0xc1, 0x67, 0x17, 0xf5, 0x66, 0x90, 0xe7, 0xe8, 0x07, 0xb8, 0x60, + 0x48, 0xe6, 0x1e, 0x53, 0xf3, 0x92, 0xa4, 0x72, 0x8c, 0x08, 0x15, 0x6e, 0x86, 0x00, 0x84, 0xfa, + 0xf4, 0x7f, 0x8a, 0x42, 0x19, 0xf6, 0xdb, 0xcd, 0x14, 0x8d, 0x50, 0x12, 0xba, 0x3c, 0x06, 0x4e, + 0xec, 0xb3, 0x35, 0x11, 0xa1, 0x88, 0x8e, 0x2b, 0x94, 0x99, 0xb7, 0x71, 0x74, 0xd3, 0xe4, 0xbf, + 0x3a, 0xde, 0x96, 0x0e, 0xbc, 0x0a, 0xed, 0x77, 0xfc, 0x37, 0x6b, 0x03, 0x79, 0x89, 0x62, 0xc6, + 0xd7, 0xc0, 0xd2, 0x7c, 0x6a, 0x8b, 0x22, 0xa3, 0x5b, 0x05, 0x5d, 0x02, 0x75, 0xd5, 0x61, 0xe3, + 0x18, 0x8f, 0x55, 0x51, 0xad, 0x1f, 0x0b, 0x5e, 0x85, 0xe5, 0xc2, 0x57, 0x63, 0xca, 0x3d, 0x6c, + 0xb4, 0xc5, 0xcc, 0x70, 0xb2, 0x91, 0x59, 0x0d, 0x47, 0x20, 0xc8, 0x4f, 0x58, 0xe0, 0x01, 0xe2, + 0x16, 0x38, 0xc4, 0x6f, 0x3b, 0x0f, 0x65, 0x46, 0xbe, 0x7e, 0x2d, 0x7b, 0x82, 0xf9, 0x40, 0xb5, + 0x1d, 0x73, 0xf8, 0xeb, 0x26, 0xc7, 0x87, 0x97, 0x25, 0x54, 0xb1, 0x28, 0xaa, 0x98, 0x9d, 0xa5, + 0x64, 0x6d, 0x7a, 0xd4, 0x10, 0x81, 0x44, 0xef, 0x49, 0xd6, 0xae, 0x2e, 0xdd, 0x76, 0x5c, 0x2f, + 0xa7, 0x1c, 0xc9, 0x09, 0x69, 0x9a, 0x83, 0xcf, 0x29, 0x39, 0xb9, 0xe9, 0x4c, 0xff, 0x43, 0xab + }; + +// internal static readonly short[] rc2Ekb = +// { +// 0x5d, 0xbe, 0x9b, 0x8b, 0x11, 0x99, 0x6e, 0x4d, 0x59, 0xf3, 0x85, 0xa6, 0x3f, 0xb7, 0x83, 0xc5, +// 0xe4, 0x73, 0x6b, 0x3a, 0x68, 0x5a, 0xc0, 0x47, 0xa0, 0x64, 0x34, 0x0c, 0xf1, 0xd0, 0x52, 0xa5, +// 0xb9, 0x1e, 0x96, 0x43, 0x41, 0xd8, 0xd4, 0x2c, 0xdb, 0xf8, 0x07, 0x77, 0x2a, 0xca, 0xeb, 0xef, +// 0x10, 0x1c, 0x16, 0x0d, 0x38, 0x72, 0x2f, 0x89, 0xc1, 0xf9, 0x80, 0xc4, 0x6d, 0xae, 0x30, 0x3d, +// 0xce, 0x20, 0x63, 0xfe, 0xe6, 0x1a, 0xc7, 0xb8, 0x50, 0xe8, 0x24, 0x17, 0xfc, 0x25, 0x6f, 0xbb, +// 0x6a, 0xa3, 0x44, 0x53, 0xd9, 0xa2, 0x01, 0xab, 0xbc, 0xb6, 0x1f, 0x98, 0xee, 0x9a, 0xa7, 0x2d, +// 0x4f, 0x9e, 0x8e, 0xac, 0xe0, 0xc6, 0x49, 0x46, 0x29, 0xf4, 0x94, 0x8a, 0xaf, 0xe1, 0x5b, 0xc3, +// 0xb3, 0x7b, 0x57, 0xd1, 0x7c, 0x9c, 0xed, 0x87, 0x40, 0x8c, 0xe2, 0xcb, 0x93, 0x14, 0xc9, 0x61, +// 0x2e, 0xe5, 0xcc, 0xf6, 0x5e, 0xa8, 0x5c, 0xd6, 0x75, 0x8d, 0x62, 0x95, 0x58, 0x69, 0x76, 0xa1, +// 0x4a, 0xb5, 0x55, 0x09, 0x78, 0x33, 0x82, 0xd7, 0xdd, 0x79, 0xf5, 0x1b, 0x0b, 0xde, 0x26, 0x21, +// 0x28, 0x74, 0x04, 0x97, 0x56, 0xdf, 0x3c, 0xf0, 0x37, 0x39, 0xdc, 0xff, 0x06, 0xa4, 0xea, 0x42, +// 0x08, 0xda, 0xb4, 0x71, 0xb0, 0xcf, 0x12, 0x7a, 0x4e, 0xfa, 0x6c, 0x1d, 0x84, 0x00, 0xc8, 0x7f, +// 0x91, 0x45, 0xaa, 0x2b, 0xc2, 0xb1, 0x8f, 0xd5, 0xba, 0xf2, 0xad, 0x19, 0xb2, 0x67, 0x36, 0xf7, +// 0x0f, 0x0a, 0x92, 0x7d, 0xe3, 0x9d, 0xe9, 0x90, 0x3e, 0x23, 0x27, 0x66, 0x13, 0xec, 0x81, 0x15, +// 0xbd, 0x22, 0xbf, 0x9f, 0x7e, 0xa9, 0x51, 0x4b, 0x4c, 0xfb, 0x02, 0xd3, 0x70, 0x86, 0x31, 0xe7, +// 0x3b, 0x05, 0x03, 0x54, 0x60, 0x48, 0x65, 0x18, 0xd2, 0xcd, 0x5f, 0x32, 0x88, 0x0e, 0x35, 0xfd +// }; + + + // TODO Create named constants for all of these + public static readonly string DesEde3Cbc = PkcsObjectIdentifiers.DesEde3Cbc.Id; + public static readonly string RC2Cbc = PkcsObjectIdentifiers.RC2Cbc.Id; + public const string IdeaCbc = "1.3.6.1.4.1.188.7.1.1.2"; + public const string Cast5Cbc = "1.2.840.113533.7.66.10"; + public static readonly string Aes128Cbc = NistObjectIdentifiers.IdAes128Cbc.Id; + public static readonly string Aes192Cbc = NistObjectIdentifiers.IdAes192Cbc.Id; + public static readonly string Aes256Cbc = NistObjectIdentifiers.IdAes256Cbc.Id; + public static readonly string Camellia128Cbc = NttObjectIdentifiers.IdCamellia128Cbc.Id; + public static readonly string Camellia192Cbc = NttObjectIdentifiers.IdCamellia192Cbc.Id; + public static readonly string Camellia256Cbc = NttObjectIdentifiers.IdCamellia256Cbc.Id; + public static readonly string SeedCbc = KisaObjectIdentifiers.IdSeedCbc.Id; + + public static readonly string DesEde3Wrap = PkcsObjectIdentifiers.IdAlgCms3DesWrap.Id; + public static readonly string Aes128Wrap = NistObjectIdentifiers.IdAes128Wrap.Id; + public static readonly string Aes192Wrap = NistObjectIdentifiers.IdAes192Wrap.Id; + public static readonly string Aes256Wrap = NistObjectIdentifiers.IdAes256Wrap.Id; + public static readonly string Camellia128Wrap = NttObjectIdentifiers.IdCamellia128Wrap.Id; + public static readonly string Camellia192Wrap = NttObjectIdentifiers.IdCamellia192Wrap.Id; + public static readonly string Camellia256Wrap = NttObjectIdentifiers.IdCamellia256Wrap.Id; + public static readonly string SeedWrap = KisaObjectIdentifiers.IdNpkiAppCmsSeedWrap.Id; + + public static readonly string ECDHSha1Kdf = X9ObjectIdentifiers.DHSinglePassStdDHSha1KdfScheme.Id; + public static readonly string ECMqvSha1Kdf = X9ObjectIdentifiers.MqvSinglePassSha1KdfScheme.Id; + + internal readonly IList recipientInfoGenerators = Platform.CreateArrayList(); + internal readonly SecureRandom rand; + + internal CmsAttributeTableGenerator unprotectedAttributeGenerator = null; + + public CmsEnvelopedGenerator() + : this(new SecureRandom()) + { + } + + /// Constructor allowing specific source of randomness + /// Instance of SecureRandom to use. + public CmsEnvelopedGenerator( + SecureRandom rand) + { + this.rand = rand; + } + + public CmsAttributeTableGenerator UnprotectedAttributeGenerator + { + get { return this.unprotectedAttributeGenerator; } + set { this.unprotectedAttributeGenerator = value; } + } + + /** + * add a recipient. + * + * @param cert recipient's public key certificate + * @exception ArgumentException if there is a problem with the certificate + */ + public void AddKeyTransRecipient( + X509Certificate cert) + { + TbsCertificateStructure recipientTbsCert = CmsUtilities.GetTbsCertificateStructure(cert); + SubjectPublicKeyInfo info = recipientTbsCert.SubjectPublicKeyInfo; + this.AddRecipientInfoGenerator(new KeyTransRecipientInfoGenerator(cert, new Asn1KeyWrapper(info.AlgorithmID.Algorithm, info.AlgorithmID.Parameters, cert))); + } + + /** + * add a recipient + * + * @param key the public key used by the recipient + * @param subKeyId the identifier for the recipient's public key + * @exception ArgumentException if there is a problem with the key + */ + public void AddKeyTransRecipient( + AsymmetricKeyParameter pubKey, + byte[] subKeyId) + { + SubjectPublicKeyInfo info = SubjectPublicKeyInfoFactory.CreateSubjectPublicKeyInfo(pubKey); + this.AddRecipientInfoGenerator(new KeyTransRecipientInfoGenerator(subKeyId, new Asn1KeyWrapper(info.AlgorithmID.Algorithm, info.AlgorithmID.Parameters, pubKey))); + } + + /** + * add a KEK recipient. + * @param key the secret key to use for wrapping + * @param keyIdentifier the byte string that identifies the key + */ + public void AddKekRecipient( + string keyAlgorithm, // TODO Remove need for this parameter + KeyParameter key, + byte[] keyIdentifier) + { + AddKekRecipient(keyAlgorithm, key, new KekIdentifier(keyIdentifier, null, null)); + } + + /** + * add a KEK recipient. + * @param key the secret key to use for wrapping + * @param keyIdentifier the byte string that identifies the key + */ + public void AddKekRecipient( + string keyAlgorithm, // TODO Remove need for this parameter + KeyParameter key, + KekIdentifier kekIdentifier) + { + KekRecipientInfoGenerator kekrig = new KekRecipientInfoGenerator(); + kekrig.KekIdentifier = kekIdentifier; + kekrig.KeyEncryptionKeyOID = keyAlgorithm; + kekrig.KeyEncryptionKey = key; + + recipientInfoGenerators.Add(kekrig); + } + + public void AddPasswordRecipient( + CmsPbeKey pbeKey, + string kekAlgorithmOid) + { + Pbkdf2Params p = new Pbkdf2Params(pbeKey.Salt, pbeKey.IterationCount); + + PasswordRecipientInfoGenerator prig = new PasswordRecipientInfoGenerator(); + prig.KeyDerivationAlgorithm = new AlgorithmIdentifier(PkcsObjectIdentifiers.IdPbkdf2, p); + prig.KeyEncryptionKeyOID = kekAlgorithmOid; + prig.KeyEncryptionKey = pbeKey.GetEncoded(kekAlgorithmOid); + + recipientInfoGenerators.Add(prig); + } + + /** + * Add a key agreement based recipient. + * + * @param agreementAlgorithm key agreement algorithm to use. + * @param senderPrivateKey private key to initialise sender side of agreement with. + * @param senderPublicKey sender public key to include with message. + * @param recipientCert recipient's public key certificate. + * @param cekWrapAlgorithm OID for key wrapping algorithm to use. + * @exception SecurityUtilityException if the algorithm requested cannot be found + * @exception InvalidKeyException if the keys are inappropriate for the algorithm specified + */ + public void AddKeyAgreementRecipient( + string agreementAlgorithm, + AsymmetricKeyParameter senderPrivateKey, + AsymmetricKeyParameter senderPublicKey, + X509Certificate recipientCert, + string cekWrapAlgorithm) + { + IList recipientCerts = Platform.CreateArrayList(1); + recipientCerts.Add(recipientCert); + + AddKeyAgreementRecipients(agreementAlgorithm, senderPrivateKey, senderPublicKey, + recipientCerts, cekWrapAlgorithm); + } + + /** + * Add multiple key agreement based recipients (sharing a single KeyAgreeRecipientInfo structure). + * + * @param agreementAlgorithm key agreement algorithm to use. + * @param senderPrivateKey private key to initialise sender side of agreement with. + * @param senderPublicKey sender public key to include with message. + * @param recipientCerts recipients' public key certificates. + * @param cekWrapAlgorithm OID for key wrapping algorithm to use. + * @exception SecurityUtilityException if the algorithm requested cannot be found + * @exception InvalidKeyException if the keys are inappropriate for the algorithm specified + */ + public void AddKeyAgreementRecipients( + string agreementAlgorithm, + AsymmetricKeyParameter senderPrivateKey, + AsymmetricKeyParameter senderPublicKey, + ICollection recipientCerts, + string cekWrapAlgorithm) + { + if (!senderPrivateKey.IsPrivate) + throw new ArgumentException("Expected private key", "senderPrivateKey"); + if (senderPublicKey.IsPrivate) + throw new ArgumentException("Expected public key", "senderPublicKey"); + + /* TODO + * "a recipient X.509 version 3 certificate that contains a key usage extension MUST + * assert the keyAgreement bit." + */ + + KeyAgreeRecipientInfoGenerator karig = new KeyAgreeRecipientInfoGenerator(); + karig.KeyAgreementOID = new DerObjectIdentifier(agreementAlgorithm); + karig.KeyEncryptionOID = new DerObjectIdentifier(cekWrapAlgorithm); + karig.RecipientCerts = recipientCerts; + karig.SenderKeyPair = new AsymmetricCipherKeyPair(senderPublicKey, senderPrivateKey); + + recipientInfoGenerators.Add(karig); + } + + /// + /// Add a generator to produce the recipient info required. + /// + /// a generator of a recipient info object. + public void AddRecipientInfoGenerator(RecipientInfoGenerator recipientInfoGenerator) + { + recipientInfoGenerators.Add(recipientInfoGenerator); + } + + + protected internal virtual AlgorithmIdentifier GetAlgorithmIdentifier( + string encryptionOid, + KeyParameter encKey, + Asn1Encodable asn1Params, + out ICipherParameters cipherParameters) + { + Asn1Object asn1Object; + if (asn1Params != null) + { + asn1Object = asn1Params.ToAsn1Object(); + cipherParameters = ParameterUtilities.GetCipherParameters( + encryptionOid, encKey, asn1Object); + } + else + { + asn1Object = DerNull.Instance; + cipherParameters = encKey; + } + + return new AlgorithmIdentifier( + new DerObjectIdentifier(encryptionOid), + asn1Object); + } + + protected internal virtual Asn1Encodable GenerateAsn1Parameters( + string encryptionOid, + byte[] encKeyBytes) + { + Asn1Encodable asn1Params = null; + + try + { + if (encryptionOid.Equals(RC2Cbc)) + { + byte[] iv = new byte[8]; + rand.NextBytes(iv); + + // TODO Is this detailed repeat of Java version really necessary? + int effKeyBits = encKeyBytes.Length * 8; + int parameterVersion; + + if (effKeyBits < 256) + { + parameterVersion = rc2Table[effKeyBits]; + } + else + { + parameterVersion = effKeyBits; + } + + asn1Params = new RC2CbcParameter(parameterVersion, iv); + } + else + { + asn1Params = ParameterUtilities.GenerateParameters(encryptionOid, rand); + } + } + catch (SecurityUtilityException) + { + // No problem... no parameters generated + } + + return asn1Params; + } + } +} diff --git a/BouncyCastle/crypto/src/cms/CMSEnvelopedHelper.cs b/BouncyCastle/crypto/src/cms/CMSEnvelopedHelper.cs new file mode 100644 index 0000000..930ffcb --- /dev/null +++ b/BouncyCastle/crypto/src/cms/CMSEnvelopedHelper.cs @@ -0,0 +1,311 @@ +using System; +using System.Collections; +using System.IO; + +using Org.BouncyCastle.Asn1; +using Org.BouncyCastle.Asn1.Cms; +using Org.BouncyCastle.Asn1.X509; +using Org.BouncyCastle.Crypto; +using Org.BouncyCastle.Crypto.IO; +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Security; +using Org.BouncyCastle.Utilities; +using Org.BouncyCastle.Utilities.IO; + +namespace Org.BouncyCastle.Cms +{ + class CmsEnvelopedHelper + { + internal static readonly CmsEnvelopedHelper Instance = new CmsEnvelopedHelper(); + + private static readonly IDictionary KeySizes = Platform.CreateHashtable(); + private static readonly IDictionary BaseCipherNames = Platform.CreateHashtable(); + + static CmsEnvelopedHelper() + { + KeySizes.Add(CmsEnvelopedGenerator.DesEde3Cbc, 192); + KeySizes.Add(CmsEnvelopedGenerator.Aes128Cbc, 128); + KeySizes.Add(CmsEnvelopedGenerator.Aes192Cbc, 192); + KeySizes.Add(CmsEnvelopedGenerator.Aes256Cbc, 256); + + BaseCipherNames.Add(CmsEnvelopedGenerator.DesEde3Cbc, "DESEDE"); + BaseCipherNames.Add(CmsEnvelopedGenerator.Aes128Cbc, "AES"); + BaseCipherNames.Add(CmsEnvelopedGenerator.Aes192Cbc, "AES"); + BaseCipherNames.Add(CmsEnvelopedGenerator.Aes256Cbc, "AES"); + } + + private string GetAsymmetricEncryptionAlgName( + string encryptionAlgOid) + { + if (Asn1.Pkcs.PkcsObjectIdentifiers.RsaEncryption.Id.Equals(encryptionAlgOid)) + { + return "RSA/ECB/PKCS1Padding"; + } + + return encryptionAlgOid; + } + + internal IBufferedCipher CreateAsymmetricCipher( + string encryptionOid) + { + string asymName = GetAsymmetricEncryptionAlgName(encryptionOid); + if (!asymName.Equals(encryptionOid)) + { + try + { + return CipherUtilities.GetCipher(asymName); + } + catch (SecurityUtilityException) + { + // Ignore + } + } + return CipherUtilities.GetCipher(encryptionOid); + } + + internal IWrapper CreateWrapper( + string encryptionOid) + { + try + { + return WrapperUtilities.GetWrapper(encryptionOid); + } + catch (SecurityUtilityException) + { + return WrapperUtilities.GetWrapper(GetAsymmetricEncryptionAlgName(encryptionOid)); + } + } + + internal string GetRfc3211WrapperName( + string oid) + { + if (oid == null) + throw new ArgumentNullException("oid"); + + string alg = (string) BaseCipherNames[oid]; + + if (alg == null) + throw new ArgumentException("no name for " + oid, "oid"); + + return alg + "RFC3211Wrap"; + } + + internal int GetKeySize( + string oid) + { + if (!KeySizes.Contains(oid)) + { + throw new ArgumentException("no keysize for " + oid, "oid"); + } + + return (int) KeySizes[oid]; + } + + internal static RecipientInformationStore BuildRecipientInformationStore( + Asn1Set recipientInfos, CmsSecureReadable secureReadable) + { + IList infos = Platform.CreateArrayList(); + for (int i = 0; i != recipientInfos.Count; i++) + { + RecipientInfo info = RecipientInfo.GetInstance(recipientInfos[i]); + + ReadRecipientInfo(infos, info, secureReadable); + } + return new RecipientInformationStore(infos); + } + + private static void ReadRecipientInfo( + IList infos, RecipientInfo info, CmsSecureReadable secureReadable) + { + Asn1Encodable recipInfo = info.Info; + if (recipInfo is KeyTransRecipientInfo) + { + infos.Add(new KeyTransRecipientInformation((KeyTransRecipientInfo)recipInfo, secureReadable)); + } + else if (recipInfo is KekRecipientInfo) + { + infos.Add(new KekRecipientInformation((KekRecipientInfo)recipInfo, secureReadable)); + } + else if (recipInfo is KeyAgreeRecipientInfo) + { + KeyAgreeRecipientInformation.ReadRecipientInfo(infos, (KeyAgreeRecipientInfo)recipInfo, secureReadable); + } + else if (recipInfo is PasswordRecipientInfo) + { + infos.Add(new PasswordRecipientInformation((PasswordRecipientInfo)recipInfo, secureReadable)); + } + } + + internal class CmsAuthenticatedSecureReadable : CmsSecureReadable + { + private AlgorithmIdentifier algorithm; + private IMac mac; + private CmsReadable readable; + + internal CmsAuthenticatedSecureReadable(AlgorithmIdentifier algorithm, CmsReadable readable) + { + this.algorithm = algorithm; + this.readable = readable; + } + + public AlgorithmIdentifier Algorithm + { + get { return this.algorithm; } + } + + public object CryptoObject + { + get { return this.mac; } + } + + public CmsReadable GetReadable(KeyParameter sKey) + { + string macAlg = this.algorithm.Algorithm.Id; +// Asn1Object sParams = this.algorithm.Parameters.ToAsn1Object(); + + try + { + this.mac = MacUtilities.GetMac(macAlg); + + // FIXME Support for MAC algorithm parameters similar to cipher parameters +// ASN1Object sParams = (ASN1Object)macAlg.getParameters(); +// +// if (sParams != null && !(sParams instanceof ASN1Null)) +// { +// AlgorithmParameters params = CMSEnvelopedHelper.INSTANCE.createAlgorithmParameters(macAlg.getObjectId().getId(), provider); +// +// params.init(sParams.getEncoded(), "ASN.1"); +// +// mac.init(sKey, params.getParameterSpec(IvParameterSpec.class)); +// } +// else + { + mac.Init(sKey); + } + +// Asn1Object asn1Params = asn1Enc == null ? null : asn1Enc.ToAsn1Object(); +// +// ICipherParameters cipherParameters = sKey; +// +// if (asn1Params != null && !(asn1Params is Asn1Null)) +// { +// cipherParameters = ParameterUtilities.GetCipherParameters( +// macAlg.Algorithm, cipherParameters, asn1Params); +// } +// else +// { +// string alg = macAlg.Algorithm.Id; +// if (alg.Equals(CmsEnvelopedDataGenerator.DesEde3Cbc) +// || alg.Equals(CmsEnvelopedDataGenerator.IdeaCbc) +// || alg.Equals(CmsEnvelopedDataGenerator.Cast5Cbc)) +// { +// cipherParameters = new ParametersWithIV(cipherParameters, new byte[8]); +// } +// } +// +// mac.Init(cipherParameters); + } + catch (SecurityUtilityException e) + { + throw new CmsException("couldn't create cipher.", e); + } + catch (InvalidKeyException e) + { + throw new CmsException("key invalid in message.", e); + } + catch (IOException e) + { + throw new CmsException("error decoding algorithm parameters.", e); + } + + try + { + return new CmsProcessableInputStream( + new TeeInputStream( + readable.GetInputStream(), + new MacSink(this.mac))); + } + catch (IOException e) + { + throw new CmsException("error reading content.", e); + } + } + } + + internal class CmsEnvelopedSecureReadable : CmsSecureReadable + { + private AlgorithmIdentifier algorithm; + private IBufferedCipher cipher; + private CmsReadable readable; + + internal CmsEnvelopedSecureReadable(AlgorithmIdentifier algorithm, CmsReadable readable) + { + this.algorithm = algorithm; + this.readable = readable; + } + + public AlgorithmIdentifier Algorithm + { + get { return this.algorithm; } + } + + public object CryptoObject + { + get { return this.cipher; } + } + + public CmsReadable GetReadable(KeyParameter sKey) + { + try + { + this.cipher = CipherUtilities.GetCipher(this.algorithm.Algorithm); + + Asn1Encodable asn1Enc = this.algorithm.Parameters; + Asn1Object asn1Params = asn1Enc == null ? null : asn1Enc.ToAsn1Object(); + + ICipherParameters cipherParameters = sKey; + + if (asn1Params != null && !(asn1Params is Asn1Null)) + { + cipherParameters = ParameterUtilities.GetCipherParameters( + this.algorithm.Algorithm, cipherParameters, asn1Params); + } + else + { + string alg = this.algorithm.Algorithm.Id; + if (alg.Equals(CmsEnvelopedDataGenerator.DesEde3Cbc) + || alg.Equals(CmsEnvelopedDataGenerator.IdeaCbc) + || alg.Equals(CmsEnvelopedDataGenerator.Cast5Cbc)) + { + cipherParameters = new ParametersWithIV(cipherParameters, new byte[8]); + } + } + + cipher.Init(false, cipherParameters); + } + catch (SecurityUtilityException e) + { + throw new CmsException("couldn't create cipher.", e); + } + catch (InvalidKeyException e) + { + throw new CmsException("key invalid in message.", e); + } + catch (IOException e) + { + throw new CmsException("error decoding algorithm parameters.", e); + } + + try + { + return new CmsProcessableInputStream( + new CipherStream(readable.GetInputStream(), cipher, null)); + } + catch (IOException e) + { + throw new CmsException("error reading content.", e); + } + } + } + } +} \ No newline at end of file diff --git a/BouncyCastle/crypto/src/cms/CMSException.cs b/BouncyCastle/crypto/src/cms/CMSException.cs new file mode 100644 index 0000000..29fe0a6 --- /dev/null +++ b/BouncyCastle/crypto/src/cms/CMSException.cs @@ -0,0 +1,28 @@ +using System; + +namespace Org.BouncyCastle.Cms +{ +#if !(NETCF_1_0 || NETCF_2_0 || SILVERLIGHT || PORTABLE) + [Serializable] +#endif + public class CmsException + : Exception + { + public CmsException() + { + } + + public CmsException( + string msg) + : base(msg) + { + } + + public CmsException( + string msg, + Exception e) + : base(msg, e) + { + } + } +} diff --git a/BouncyCastle/crypto/src/cms/CMSPBEKey.cs b/BouncyCastle/crypto/src/cms/CMSPBEKey.cs new file mode 100644 index 0000000..e03307e --- /dev/null +++ b/BouncyCastle/crypto/src/cms/CMSPBEKey.cs @@ -0,0 +1,109 @@ +using System; + +using Org.BouncyCastle.Asn1.Pkcs; +using Org.BouncyCastle.Asn1.X509; +using Org.BouncyCastle.Crypto; +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Utilities; + +//import javax.crypto.interfaces.PBEKey; + +namespace Org.BouncyCastle.Cms +{ + public abstract class CmsPbeKey + // TODO Create an equivalent interface somewhere? + // : PBEKey + : ICipherParameters + { + internal readonly char[] password; + internal readonly byte[] salt; + internal readonly int iterationCount; + + [Obsolete("Use version taking 'char[]' instead")] + public CmsPbeKey( + string password, + byte[] salt, + int iterationCount) + : this(password.ToCharArray(), salt, iterationCount) + { + } + + [Obsolete("Use version taking 'char[]' instead")] + public CmsPbeKey( + string password, + AlgorithmIdentifier keyDerivationAlgorithm) + : this(password.ToCharArray(), keyDerivationAlgorithm) + { + } + + public CmsPbeKey( + char[] password, + byte[] salt, + int iterationCount) + { + this.password = (char[])password.Clone(); + this.salt = Arrays.Clone(salt); + this.iterationCount = iterationCount; + } + + public CmsPbeKey( + char[] password, + AlgorithmIdentifier keyDerivationAlgorithm) + { + if (!keyDerivationAlgorithm.Algorithm.Equals(PkcsObjectIdentifiers.IdPbkdf2)) + throw new ArgumentException("Unsupported key derivation algorithm: " + + keyDerivationAlgorithm.Algorithm); + + Pbkdf2Params kdfParams = Pbkdf2Params.GetInstance( + keyDerivationAlgorithm.Parameters.ToAsn1Object()); + + this.password = (char[])password.Clone(); + this.salt = kdfParams.GetSalt(); + this.iterationCount = kdfParams.IterationCount.IntValue; + } + + ~CmsPbeKey() + { + Array.Clear(this.password, 0, this.password.Length); + } + + [Obsolete("Will be removed")] + public string Password + { + get { return new string(password); } + } + + public byte[] Salt + { + get { return Arrays.Clone(salt); } + } + + [Obsolete("Use 'Salt' property instead")] + public byte[] GetSalt() + { + return Salt; + } + + public int IterationCount + { + get { return iterationCount; } + } + + public string Algorithm + { + get { return "PKCS5S2"; } + } + + public string Format + { + get { return "RAW"; } + } + + public byte[] GetEncoded() + { + return null; + } + + internal abstract KeyParameter GetEncoded(string algorithmOid); + } +} diff --git a/BouncyCastle/crypto/src/cms/CMSProcessable.cs b/BouncyCastle/crypto/src/cms/CMSProcessable.cs new file mode 100644 index 0000000..41018d1 --- /dev/null +++ b/BouncyCastle/crypto/src/cms/CMSProcessable.cs @@ -0,0 +1,19 @@ +using System; +using System.IO; + +namespace Org.BouncyCastle.Cms +{ + public interface CmsProcessable + { + /// + /// Generic routine to copy out the data we want processed. + /// + /// + /// This routine may be called multiple times. + /// + void Write(Stream outStream); + + [Obsolete] + object GetContent(); + } +} diff --git a/BouncyCastle/crypto/src/cms/CMSProcessableByteArray.cs b/BouncyCastle/crypto/src/cms/CMSProcessableByteArray.cs new file mode 100644 index 0000000..b09935d --- /dev/null +++ b/BouncyCastle/crypto/src/cms/CMSProcessableByteArray.cs @@ -0,0 +1,51 @@ +using System; +using System.IO; +using Org.BouncyCastle.Asn1; +using Org.BouncyCastle.Asn1.Cms; + +namespace Org.BouncyCastle.Cms +{ + /** + * a holding class for a byte array of data to be processed. + */ + public class CmsProcessableByteArray + : CmsProcessable, CmsReadable + { + private readonly DerObjectIdentifier type; + private readonly byte[] bytes; + + public CmsProcessableByteArray(byte[] bytes) + { + type = CmsObjectIdentifiers.Data; + this.bytes = bytes; + } + + public CmsProcessableByteArray(DerObjectIdentifier type, byte[] bytes) + { + this.bytes = bytes; + this.type = type; + } + + public DerObjectIdentifier Type + { + get { return type; } + } + + public virtual Stream GetInputStream() + { + return new MemoryStream(bytes, false); + } + + public virtual void Write(Stream zOut) + { + zOut.Write(bytes, 0, bytes.Length); + } + + /// A clone of the byte array + [Obsolete] + public virtual object GetContent() + { + return bytes.Clone(); + } + } +} diff --git a/BouncyCastle/crypto/src/cms/CMSProcessableFile.cs b/BouncyCastle/crypto/src/cms/CMSProcessableFile.cs new file mode 100644 index 0000000..486df19 --- /dev/null +++ b/BouncyCastle/crypto/src/cms/CMSProcessableFile.cs @@ -0,0 +1,52 @@ +#if !PORTABLE || DOTNET +using System; +using System.IO; + +using Org.BouncyCastle.Utilities; +using Org.BouncyCastle.Utilities.IO; + +namespace Org.BouncyCastle.Cms +{ + /** + * a holding class for a file of data to be processed. + */ + public class CmsProcessableFile + : CmsProcessable, CmsReadable + { + private const int DefaultBufSize = 32 * 1024; + + private readonly FileInfo _file; + private readonly int _bufSize; + + public CmsProcessableFile(FileInfo file) + : this(file, DefaultBufSize) + { + } + + public CmsProcessableFile(FileInfo file, int bufSize) + { + _file = file; + _bufSize = bufSize; + } + + public virtual Stream GetInputStream() + { + return new FileStream(_file.FullName, FileMode.Open, FileAccess.Read, FileShare.Read, _bufSize); + } + + public virtual void Write(Stream zOut) + { + Stream inStr = _file.OpenRead(); + Streams.PipeAll(inStr, zOut, _bufSize); + Platform.Dispose(inStr); + } + + /// The file handle + [Obsolete] + public virtual object GetContent() + { + return _file; + } + } +} +#endif diff --git a/BouncyCastle/crypto/src/cms/CMSProcessableInputStream.cs b/BouncyCastle/crypto/src/cms/CMSProcessableInputStream.cs new file mode 100644 index 0000000..b2abd6f --- /dev/null +++ b/BouncyCastle/crypto/src/cms/CMSProcessableInputStream.cs @@ -0,0 +1,53 @@ +using System; +using System.IO; + +using Org.BouncyCastle.Utilities; +using Org.BouncyCastle.Utilities.IO; + +namespace Org.BouncyCastle.Cms +{ + public class CmsProcessableInputStream + : CmsProcessable, CmsReadable + { + private readonly Stream input; + + private bool used = false; + + public CmsProcessableInputStream(Stream input) + { + this.input = input; + } + + public virtual Stream GetInputStream() + { + CheckSingleUsage(); + + return input; + } + + public virtual void Write(Stream output) + { + CheckSingleUsage(); + + Streams.PipeAll(input, output); + Platform.Dispose(input); + } + + [Obsolete] + public virtual object GetContent() + { + return GetInputStream(); + } + + protected virtual void CheckSingleUsage() + { + lock (this) + { + if (used) + throw new InvalidOperationException("CmsProcessableInputStream can only be used once"); + + used = true; + } + } + } +} diff --git a/BouncyCastle/crypto/src/cms/CMSReadable.cs b/BouncyCastle/crypto/src/cms/CMSReadable.cs new file mode 100644 index 0000000..ad83ba0 --- /dev/null +++ b/BouncyCastle/crypto/src/cms/CMSReadable.cs @@ -0,0 +1,10 @@ +using System; +using System.IO; + +namespace Org.BouncyCastle.Cms +{ + public interface CmsReadable + { + Stream GetInputStream(); + } +} diff --git a/BouncyCastle/crypto/src/cms/CMSSecureReadable.cs b/BouncyCastle/crypto/src/cms/CMSSecureReadable.cs new file mode 100644 index 0000000..5ceac24 --- /dev/null +++ b/BouncyCastle/crypto/src/cms/CMSSecureReadable.cs @@ -0,0 +1,14 @@ +using System; + +using Org.BouncyCastle.Asn1.X509; +using Org.BouncyCastle.Crypto.Parameters; + +namespace Org.BouncyCastle.Cms +{ + internal interface CmsSecureReadable + { + AlgorithmIdentifier Algorithm { get; } + object CryptoObject { get; } + CmsReadable GetReadable(KeyParameter key); + } +} diff --git a/BouncyCastle/crypto/src/cms/CMSSignedData.cs b/BouncyCastle/crypto/src/cms/CMSSignedData.cs new file mode 100644 index 0000000..6028de7 --- /dev/null +++ b/BouncyCastle/crypto/src/cms/CMSSignedData.cs @@ -0,0 +1,440 @@ +using System; +using System.Collections; +using System.IO; + +using Org.BouncyCastle.Asn1; +using Org.BouncyCastle.Asn1.Cms; +using Org.BouncyCastle.Asn1.X509; +using Org.BouncyCastle.Security.Certificates; +using Org.BouncyCastle.Utilities; +using Org.BouncyCastle.X509; +using Org.BouncyCastle.X509.Store; + +namespace Org.BouncyCastle.Cms +{ + /** + * general class for handling a pkcs7-signature message. + * + * A simple example of usage - note, in the example below the validity of + * the certificate isn't verified, just the fact that one of the certs + * matches the given signer... + * + * 
+	*  IX509Store              certs = s.GetCertificates();
+	*  SignerInformationStore  signers = s.GetSignerInfos();
+	*
+	*  foreach (SignerInformation signer in signers.GetSigners())
+	*  {
+	*      ArrayList       certList = new ArrayList(certs.GetMatches(signer.SignerID));
+	*      X509Certificate cert = (X509Certificate) certList[0];
+	*
+	*      if (signer.Verify(cert.GetPublicKey()))
+	*      {
+	*          verified++;
+	*      }
+	*  }
+	*
+ */ + public class CmsSignedData + { + private static readonly CmsSignedHelper Helper = CmsSignedHelper.Instance; + + private readonly CmsProcessable signedContent; + private SignedData signedData; + private ContentInfo contentInfo; + private SignerInformationStore signerInfoStore; + private IX509Store attrCertStore; + private IX509Store certificateStore; + private IX509Store crlStore; + private IDictionary hashes; + + private CmsSignedData( + CmsSignedData c) + { + this.signedData = c.signedData; + this.contentInfo = c.contentInfo; + this.signedContent = c.signedContent; + this.signerInfoStore = c.signerInfoStore; + } + + public CmsSignedData( + byte[] sigBlock) + : this(CmsUtilities.ReadContentInfo(new MemoryStream(sigBlock, false))) + { + } + + public CmsSignedData( + CmsProcessable signedContent, + byte[] sigBlock) + : this(signedContent, CmsUtilities.ReadContentInfo(new MemoryStream(sigBlock, false))) + { + } + + /** + * Content with detached signature, digests precomputed + * + * @param hashes a map of precomputed digests for content indexed by name of hash. + * @param sigBlock the signature object. + */ + public CmsSignedData( + IDictionary hashes, + byte[] sigBlock) + : this(hashes, CmsUtilities.ReadContentInfo(sigBlock)) + { + } + + /** + * base constructor - content with detached signature. + * + * @param signedContent the content that was signed. + * @param sigData the signature object. + */ + public CmsSignedData( + CmsProcessable signedContent, + Stream sigData) + : this(signedContent, CmsUtilities.ReadContentInfo(sigData)) + { + } + + /** + * base constructor - with encapsulated content + */ + public CmsSignedData( + Stream sigData) + : this(CmsUtilities.ReadContentInfo(sigData)) + { + } + + public CmsSignedData( + CmsProcessable signedContent, + ContentInfo sigData) + { + this.signedContent = signedContent; + this.contentInfo = sigData; + this.signedData = SignedData.GetInstance(contentInfo.Content); + } + + public CmsSignedData( + IDictionary hashes, + ContentInfo sigData) + { + this.hashes = hashes; + this.contentInfo = sigData; + this.signedData = SignedData.GetInstance(contentInfo.Content); + } + + public CmsSignedData( + ContentInfo sigData) + { + this.contentInfo = sigData; + this.signedData = SignedData.GetInstance(contentInfo.Content); + + // + // this can happen if the signed message is sent simply to send a + // certificate chain. + // + if (signedData.EncapContentInfo.Content != null) + { + this.signedContent = new CmsProcessableByteArray( + ((Asn1OctetString)(signedData.EncapContentInfo.Content)).GetOctets()); + } +// else +// { +// this.signedContent = null; +// } + } + + /// Return the version number for this object. + public int Version + { + get { return signedData.Version.IntValueExact; } + } + + internal IX509Store GetCertificates() + { + return Helper.GetCertificates(signedData.Certificates); + } + + /** + * return the collection of signers that are associated with the + * signatures for the message. + */ + public SignerInformationStore GetSignerInfos() + { + if (signerInfoStore == null) + { + IList signerInfos = Platform.CreateArrayList(); + Asn1Set s = signedData.SignerInfos; + + foreach (object obj in s) + { + SignerInfo info = SignerInfo.GetInstance(obj); + DerObjectIdentifier contentType = signedData.EncapContentInfo.ContentType; + + if (hashes == null) + { + signerInfos.Add(new SignerInformation(info, contentType, signedContent, null)); + } + else + { + byte[] hash = (byte[])hashes[info.DigestAlgorithm.Algorithm.Id]; + + signerInfos.Add(new SignerInformation(info, contentType, null, new BaseDigestCalculator(hash))); + } + } + + signerInfoStore = new SignerInformationStore(signerInfos); + } + + return signerInfoStore; + } + + /** + * return a X509Store containing the attribute certificates, if any, contained + * in this message. + * + * @param type type of store to create + * @return a store of attribute certificates + * @exception NoSuchStoreException if the store type isn't available. + * @exception CmsException if a general exception prevents creation of the X509Store + */ + public IX509Store GetAttributeCertificates( + string type) + { + if (attrCertStore == null) + { + attrCertStore = Helper.CreateAttributeStore(type, signedData.Certificates); + } + + return attrCertStore; + } + + /** + * return a X509Store containing the public key certificates, if any, contained + * in this message. + * + * @param type type of store to create + * @return a store of public key certificates + * @exception NoSuchStoreException if the store type isn't available. + * @exception CmsException if a general exception prevents creation of the X509Store + */ + public IX509Store GetCertificates( + string type) + { + if (certificateStore == null) + { + certificateStore = Helper.CreateCertificateStore(type, signedData.Certificates); + } + + return certificateStore; + } + + /** + * return a X509Store containing CRLs, if any, contained + * in this message. + * + * @param type type of store to create + * @return a store of CRLs + * @exception NoSuchStoreException if the store type isn't available. + * @exception CmsException if a general exception prevents creation of the X509Store + */ + public IX509Store GetCrls( + string type) + { + if (crlStore == null) + { + crlStore = Helper.CreateCrlStore(type, signedData.CRLs); + } + + return crlStore; + } + + [Obsolete("Use 'SignedContentType' property instead.")] + public string SignedContentTypeOid + { + get { return signedData.EncapContentInfo.ContentType.Id; } + } + + /// + /// Return the DerObjectIdentifier associated with the encapsulated + /// content info structure carried in the signed data. + /// + public DerObjectIdentifier SignedContentType + { + get { return signedData.EncapContentInfo.ContentType; } + } + + public CmsProcessable SignedContent + { + get { return signedContent; } + } + + /** + * return the ContentInfo + */ + public ContentInfo ContentInfo + { + get { return contentInfo; } + } + + /** + * return the ASN.1 encoded representation of this object. + */ + public byte[] GetEncoded() + { + return contentInfo.GetEncoded(); + } + + /** + * return the ASN.1 encoded representation of this object using the specified encoding. + * + * @param encoding the ASN.1 encoding format to use ("BER" or "DER"). + */ + public byte[] GetEncoded(string encoding) + { + return contentInfo.GetEncoded(encoding); + } + + /** + * Replace the signerinformation store associated with this + * CmsSignedData object with the new one passed in. You would + * probably only want to do this if you wanted to change the unsigned + * attributes associated with a signer, or perhaps delete one. + * + * @param signedData the signed data object to be used as a base. + * @param signerInformationStore the new signer information store to use. + * @return a new signed data object. + */ + public static CmsSignedData ReplaceSigners( + CmsSignedData signedData, + SignerInformationStore signerInformationStore) + { + // + // copy + // + CmsSignedData cms = new CmsSignedData(signedData); + + // + // replace the store + // + cms.signerInfoStore = signerInformationStore; + + // + // replace the signers in the SignedData object + // + Asn1EncodableVector digestAlgs = new Asn1EncodableVector(); + Asn1EncodableVector vec = new Asn1EncodableVector(); + + foreach (SignerInformation signer in signerInformationStore.GetSigners()) + { + digestAlgs.Add(Helper.FixAlgID(signer.DigestAlgorithmID)); + vec.Add(signer.ToSignerInfo()); + } + + Asn1Set digests = new DerSet(digestAlgs); + Asn1Set signers = new DerSet(vec); + Asn1Sequence sD = (Asn1Sequence)signedData.signedData.ToAsn1Object(); + + // + // signers are the last item in the sequence. + // + vec = new Asn1EncodableVector( + sD[0], // version + digests); + + for (int i = 2; i != sD.Count - 1; i++) + { + vec.Add(sD[i]); + } + + vec.Add(signers); + + cms.signedData = SignedData.GetInstance(new BerSequence(vec)); + + // + // replace the contentInfo with the new one + // + cms.contentInfo = new ContentInfo(cms.contentInfo.ContentType, cms.signedData); + + return cms; + } + + /** + * Replace the certificate and CRL information associated with this + * CmsSignedData object with the new one passed in. + * + * @param signedData the signed data object to be used as a base. + * @param x509Certs the new certificates to be used. + * @param x509Crls the new CRLs to be used. + * @return a new signed data object. + * @exception CmsException if there is an error processing the stores + */ + public static CmsSignedData ReplaceCertificatesAndCrls( + CmsSignedData signedData, + IX509Store x509Certs, + IX509Store x509Crls, + IX509Store x509AttrCerts) + { + if (x509AttrCerts != null) + throw Platform.CreateNotImplementedException("Currently can't replace attribute certificates"); + + // + // copy + // + CmsSignedData cms = new CmsSignedData(signedData); + + // + // replace the certs and crls in the SignedData object + // + Asn1Set certs = null; + try + { + Asn1Set asn1Set = CmsUtilities.CreateBerSetFromList( + CmsUtilities.GetCertificatesFromStore(x509Certs)); + + if (asn1Set.Count != 0) + { + certs = asn1Set; + } + } + catch (X509StoreException e) + { + throw new CmsException("error getting certificates from store", e); + } + + Asn1Set crls = null; + try + { + Asn1Set asn1Set = CmsUtilities.CreateBerSetFromList( + CmsUtilities.GetCrlsFromStore(x509Crls)); + + if (asn1Set.Count != 0) + { + crls = asn1Set; + } + } + catch (X509StoreException e) + { + throw new CmsException("error getting CRLs from store", e); + } + + // + // replace the CMS structure. + // + SignedData old = signedData.signedData; + cms.signedData = new SignedData( + old.DigestAlgorithms, + old.EncapContentInfo, + certs, + crls, + old.SignerInfos); + + // + // replace the contentInfo with the new one + // + cms.contentInfo = new ContentInfo(cms.contentInfo.ContentType, cms.signedData); + + return cms; + } + } +} diff --git a/BouncyCastle/crypto/src/cms/CMSSignedDataGenerator.cs b/BouncyCastle/crypto/src/cms/CMSSignedDataGenerator.cs new file mode 100644 index 0000000..f2d54ba --- /dev/null +++ b/BouncyCastle/crypto/src/cms/CMSSignedDataGenerator.cs @@ -0,0 +1,590 @@ +using System; +using System.Collections; +using System.IO; + +using Org.BouncyCastle.Asn1; +using Org.BouncyCastle.Asn1.Cms; +using Org.BouncyCastle.Asn1.X509; +using Org.BouncyCastle.Crypto; +using Org.BouncyCastle.Crypto.IO; +using Org.BouncyCastle.Security; +using Org.BouncyCastle.Security.Certificates; +using Org.BouncyCastle.Utilities; +using Org.BouncyCastle.X509; +using Org.BouncyCastle.Crypto.Operators; + +namespace Org.BouncyCastle.Cms +{ + /** + * general class for generating a pkcs7-signature message. + *

+ * A simple example of usage. + * + * 

+     *      IX509Store certs...
+     *      IX509Store crls...
+     *      CmsSignedDataGenerator gen = new CmsSignedDataGenerator();
+     *
+     *      gen.AddSigner(privKey, cert, CmsSignedGenerator.DigestSha1);
+     *      gen.AddCertificates(certs);
+     *      gen.AddCrls(crls);
+     *
+     *      CmsSignedData data = gen.Generate(content);
+     *
+ *

+ */ + public class CmsSignedDataGenerator + : CmsSignedGenerator + { + private static readonly CmsSignedHelper Helper = CmsSignedHelper.Instance; + + private readonly IList signerInfs = Platform.CreateArrayList(); + + private class SignerInf + { + private readonly CmsSignedGenerator outer; + + private readonly ISignatureFactory sigCalc; + private readonly SignerIdentifier signerIdentifier; + private readonly string digestOID; + private readonly string encOID; + private readonly CmsAttributeTableGenerator sAttr; + private readonly CmsAttributeTableGenerator unsAttr; + private readonly Asn1.Cms.AttributeTable baseSignedTable; + + internal SignerInf( + CmsSignedGenerator outer, + AsymmetricKeyParameter key, + SignerIdentifier signerIdentifier, + string digestOID, + string encOID, + CmsAttributeTableGenerator sAttr, + CmsAttributeTableGenerator unsAttr, + Asn1.Cms.AttributeTable baseSignedTable) + { + string digestName = Helper.GetDigestAlgName(digestOID); + + string signatureName = digestName + "with" + Helper.GetEncryptionAlgName(encOID); + + this.outer = outer; + this.sigCalc = new Asn1SignatureFactory(signatureName, key); + this.signerIdentifier = signerIdentifier; + this.digestOID = digestOID; + this.encOID = encOID; + this.sAttr = sAttr; + this.unsAttr = unsAttr; + this.baseSignedTable = baseSignedTable; + } + + internal SignerInf( + CmsSignedGenerator outer, + ISignatureFactory sigCalc, + SignerIdentifier signerIdentifier, + CmsAttributeTableGenerator sAttr, + CmsAttributeTableGenerator unsAttr, + Asn1.Cms.AttributeTable baseSignedTable) + { + this.outer = outer; + this.sigCalc = sigCalc; + this.signerIdentifier = signerIdentifier; + this.digestOID = new DefaultDigestAlgorithmIdentifierFinder().find((AlgorithmIdentifier)sigCalc.AlgorithmDetails).Algorithm.Id; + this.encOID = ((AlgorithmIdentifier)sigCalc.AlgorithmDetails).Algorithm.Id; + this.sAttr = sAttr; + this.unsAttr = unsAttr; + this.baseSignedTable = baseSignedTable; + } + + internal AlgorithmIdentifier DigestAlgorithmID + { + get { return new AlgorithmIdentifier(new DerObjectIdentifier(digestOID), DerNull.Instance); } + } + + internal CmsAttributeTableGenerator SignedAttributes + { + get { return sAttr; } + } + + internal CmsAttributeTableGenerator UnsignedAttributes + { + get { return unsAttr; } + } + + internal SignerInfo ToSignerInfo( + DerObjectIdentifier contentType, + CmsProcessable content, + SecureRandom random) + { + AlgorithmIdentifier digAlgId = DigestAlgorithmID; + string digestName = Helper.GetDigestAlgName(digestOID); + + string signatureName = digestName + "with" + Helper.GetEncryptionAlgName(encOID); + + byte[] hash; + if (outer._digests.Contains(digestOID)) + { + hash = (byte[])outer._digests[digestOID]; + } + else + { + IDigest dig = Helper.GetDigestInstance(digestName); + if (content != null) + { + content.Write(new DigestSink(dig)); + } + hash = DigestUtilities.DoFinal(dig); + outer._digests.Add(digestOID, hash.Clone()); + } + + IStreamCalculator calculator = sigCalc.CreateCalculator(); + +#if NETCF_1_0 || NETCF_2_0 || SILVERLIGHT || PORTABLE + Stream sigStr = calculator.Stream; +#else + Stream sigStr = new BufferedStream(calculator.Stream); +#endif + + Asn1Set signedAttr = null; + if (sAttr != null) + { + IDictionary parameters = outer.GetBaseParameters(contentType, digAlgId, hash); + +// Asn1.Cms.AttributeTable signed = sAttr.GetAttributes(Collections.unmodifiableMap(parameters)); + Asn1.Cms.AttributeTable signed = sAttr.GetAttributes(parameters); + + if (contentType == null) //counter signature + { + if (signed != null && signed[CmsAttributes.ContentType] != null) + { + IDictionary tmpSigned = signed.ToDictionary(); + tmpSigned.Remove(CmsAttributes.ContentType); + signed = new Asn1.Cms.AttributeTable(tmpSigned); + } + } + + // TODO Validate proposed signed attributes + + signedAttr = outer.GetAttributeSet(signed); + + // sig must be composed from the DER encoding. + signedAttr.EncodeTo(sigStr, Asn1Encodable.Der); + } + else if (content != null) + { + // TODO Use raw signature of the hash value instead + content.Write(sigStr); + } + + Platform.Dispose(sigStr); + byte[] sigBytes = ((IBlockResult)calculator.GetResult()).Collect(); + + Asn1Set unsignedAttr = null; + if (unsAttr != null) + { + IDictionary baseParameters = outer.GetBaseParameters(contentType, digAlgId, hash); + baseParameters[CmsAttributeTableParameter.Signature] = sigBytes.Clone(); + +// Asn1.Cms.AttributeTable unsigned = unsAttr.GetAttributes(Collections.unmodifiableMap(baseParameters)); + Asn1.Cms.AttributeTable unsigned = unsAttr.GetAttributes(baseParameters); + + // TODO Validate proposed unsigned attributes + + unsignedAttr = outer.GetAttributeSet(unsigned); + } + + // TODO[RSAPSS] Need the ability to specify non-default parameters + Asn1Encodable sigX509Parameters = SignerUtilities.GetDefaultX509Parameters(signatureName); + AlgorithmIdentifier encAlgId = Helper.GetEncAlgorithmIdentifier( + new DerObjectIdentifier(encOID), sigX509Parameters); + + return new SignerInfo(signerIdentifier, digAlgId, + signedAttr, encAlgId, new DerOctetString(sigBytes), unsignedAttr); + } + } + + public CmsSignedDataGenerator() + { + } + + /// Constructor allowing specific source of randomness + /// Instance of SecureRandom to use. + public CmsSignedDataGenerator( + SecureRandom rand) + : base(rand) + { + } + + /** + * add a signer - no attributes other than the default ones will be + * provided here. + * + * @param key signing key to use + * @param cert certificate containing corresponding public key + * @param digestOID digest algorithm OID + */ + public void AddSigner( + AsymmetricKeyParameter privateKey, + X509Certificate cert, + string digestOID) + { + AddSigner(privateKey, cert, Helper.GetEncOid(privateKey, digestOID), digestOID); + } + + /** + * add a signer, specifying the digest encryption algorithm to use - no attributes other than the default ones will be + * provided here. + * + * @param key signing key to use + * @param cert certificate containing corresponding public key + * @param encryptionOID digest encryption algorithm OID + * @param digestOID digest algorithm OID + */ + public void AddSigner( + AsymmetricKeyParameter privateKey, + X509Certificate cert, + string encryptionOID, + string digestOID) + { + doAddSigner(privateKey, GetSignerIdentifier(cert), encryptionOID, digestOID, + new DefaultSignedAttributeTableGenerator(), null, null); + } + + /** + * add a signer - no attributes other than the default ones will be + * provided here. + */ + public void AddSigner( + AsymmetricKeyParameter privateKey, + byte[] subjectKeyID, + string digestOID) + { + AddSigner(privateKey, subjectKeyID, Helper.GetEncOid(privateKey, digestOID), digestOID); + } + + /** + * add a signer, specifying the digest encryption algorithm to use - no attributes other than the default ones will be + * provided here. + */ + public void AddSigner( + AsymmetricKeyParameter privateKey, + byte[] subjectKeyID, + string encryptionOID, + string digestOID) + { + doAddSigner(privateKey, GetSignerIdentifier(subjectKeyID), encryptionOID, digestOID, + new DefaultSignedAttributeTableGenerator(), null, null); + } + + /** + * add a signer with extra signed/unsigned attributes. + * + * @param key signing key to use + * @param cert certificate containing corresponding public key + * @param digestOID digest algorithm OID + * @param signedAttr table of attributes to be included in signature + * @param unsignedAttr table of attributes to be included as unsigned + */ + public void AddSigner( + AsymmetricKeyParameter privateKey, + X509Certificate cert, + string digestOID, + Asn1.Cms.AttributeTable signedAttr, + Asn1.Cms.AttributeTable unsignedAttr) + { + AddSigner(privateKey, cert, Helper.GetEncOid(privateKey, digestOID), digestOID, + signedAttr, unsignedAttr); + } + + /** + * add a signer, specifying the digest encryption algorithm, with extra signed/unsigned attributes. + * + * @param key signing key to use + * @param cert certificate containing corresponding public key + * @param encryptionOID digest encryption algorithm OID + * @param digestOID digest algorithm OID + * @param signedAttr table of attributes to be included in signature + * @param unsignedAttr table of attributes to be included as unsigned + */ + public void AddSigner( + AsymmetricKeyParameter privateKey, + X509Certificate cert, + string encryptionOID, + string digestOID, + Asn1.Cms.AttributeTable signedAttr, + Asn1.Cms.AttributeTable unsignedAttr) + { + doAddSigner(privateKey, GetSignerIdentifier(cert), encryptionOID, digestOID, + new DefaultSignedAttributeTableGenerator(signedAttr), + new SimpleAttributeTableGenerator(unsignedAttr), + signedAttr); + } + + /** + * add a signer with extra signed/unsigned attributes. + * + * @param key signing key to use + * @param subjectKeyID subjectKeyID of corresponding public key + * @param digestOID digest algorithm OID + * @param signedAttr table of attributes to be included in signature + * @param unsignedAttr table of attributes to be included as unsigned + */ + public void AddSigner( + AsymmetricKeyParameter privateKey, + byte[] subjectKeyID, + string digestOID, + Asn1.Cms.AttributeTable signedAttr, + Asn1.Cms.AttributeTable unsignedAttr) + { + AddSigner(privateKey, subjectKeyID, Helper.GetEncOid(privateKey, digestOID), digestOID, + signedAttr, unsignedAttr); + } + + /** + * add a signer, specifying the digest encryption algorithm, with extra signed/unsigned attributes. + * + * @param key signing key to use + * @param subjectKeyID subjectKeyID of corresponding public key + * @param encryptionOID digest encryption algorithm OID + * @param digestOID digest algorithm OID + * @param signedAttr table of attributes to be included in signature + * @param unsignedAttr table of attributes to be included as unsigned + */ + public void AddSigner( + AsymmetricKeyParameter privateKey, + byte[] subjectKeyID, + string encryptionOID, + string digestOID, + Asn1.Cms.AttributeTable signedAttr, + Asn1.Cms.AttributeTable unsignedAttr) + { + doAddSigner(privateKey, GetSignerIdentifier(subjectKeyID), encryptionOID, digestOID, + new DefaultSignedAttributeTableGenerator(signedAttr), + new SimpleAttributeTableGenerator(unsignedAttr), + signedAttr); + } + + /** + * add a signer with extra signed/unsigned attributes based on generators. + */ + public void AddSigner( + AsymmetricKeyParameter privateKey, + X509Certificate cert, + string digestOID, + CmsAttributeTableGenerator signedAttrGen, + CmsAttributeTableGenerator unsignedAttrGen) + { + AddSigner(privateKey, cert, Helper.GetEncOid(privateKey, digestOID), digestOID, + signedAttrGen, unsignedAttrGen); + } + + /** + * add a signer, specifying the digest encryption algorithm, with extra signed/unsigned attributes based on generators. + */ + public void AddSigner( + AsymmetricKeyParameter privateKey, + X509Certificate cert, + string encryptionOID, + string digestOID, + CmsAttributeTableGenerator signedAttrGen, + CmsAttributeTableGenerator unsignedAttrGen) + { + doAddSigner(privateKey, GetSignerIdentifier(cert), encryptionOID, digestOID, signedAttrGen, + unsignedAttrGen, null); + } + + /** + * add a signer with extra signed/unsigned attributes based on generators. + */ + public void AddSigner( + AsymmetricKeyParameter privateKey, + byte[] subjectKeyID, + string digestOID, + CmsAttributeTableGenerator signedAttrGen, + CmsAttributeTableGenerator unsignedAttrGen) + { + AddSigner(privateKey, subjectKeyID, Helper.GetEncOid(privateKey, digestOID), digestOID, + signedAttrGen, unsignedAttrGen); + } + + /** + * add a signer, including digest encryption algorithm, with extra signed/unsigned attributes based on generators. + */ + public void AddSigner( + AsymmetricKeyParameter privateKey, + byte[] subjectKeyID, + string encryptionOID, + string digestOID, + CmsAttributeTableGenerator signedAttrGen, + CmsAttributeTableGenerator unsignedAttrGen) + { + doAddSigner(privateKey, GetSignerIdentifier(subjectKeyID), encryptionOID, digestOID, + signedAttrGen, unsignedAttrGen, null); + } + + public void AddSignerInfoGenerator(SignerInfoGenerator signerInfoGenerator) + { + signerInfs.Add(new SignerInf(this, signerInfoGenerator.contentSigner, signerInfoGenerator.sigId, + signerInfoGenerator.signedGen, signerInfoGenerator.unsignedGen, null)); + } + + private void doAddSigner( + AsymmetricKeyParameter privateKey, + SignerIdentifier signerIdentifier, + string encryptionOID, + string digestOID, + CmsAttributeTableGenerator signedAttrGen, + CmsAttributeTableGenerator unsignedAttrGen, + Asn1.Cms.AttributeTable baseSignedTable) + { + signerInfs.Add(new SignerInf(this, privateKey, signerIdentifier, digestOID, encryptionOID, + signedAttrGen, unsignedAttrGen, baseSignedTable)); + } + + /** + * generate a signed object that for a CMS Signed Data object + */ + public CmsSignedData Generate( + CmsProcessable content) + { + return Generate(content, false); + } + + /** + * generate a signed object that for a CMS Signed Data + * object - if encapsulate is true a copy + * of the message will be included in the signature. The content type + * is set according to the OID represented by the string signedContentType. + */ + public CmsSignedData Generate( + string signedContentType, + // FIXME Avoid accessing more than once to support CmsProcessableInputStream + CmsProcessable content, + bool encapsulate) + { + Asn1EncodableVector digestAlgs = new Asn1EncodableVector(); + Asn1EncodableVector signerInfos = new Asn1EncodableVector(); + + _digests.Clear(); // clear the current preserved digest state + + // + // add the precalculated SignerInfo objects. + // + foreach (SignerInformation signer in _signers) + { + digestAlgs.Add(Helper.FixAlgID(signer.DigestAlgorithmID)); + + // TODO Verify the content type and calculated digest match the precalculated SignerInfo + signerInfos.Add(signer.ToSignerInfo()); + } + + // + // add the SignerInfo objects + // + bool isCounterSignature = (signedContentType == null); + + DerObjectIdentifier contentTypeOid = isCounterSignature + ? null + : new DerObjectIdentifier(signedContentType); + + foreach (SignerInf signer in signerInfs) + { + try + { + digestAlgs.Add(signer.DigestAlgorithmID); + signerInfos.Add(signer.ToSignerInfo(contentTypeOid, content, rand)); + } + catch (IOException e) + { + throw new CmsException("encoding error.", e); + } + catch (InvalidKeyException e) + { + throw new CmsException("key inappropriate for signature.", e); + } + catch (SignatureException e) + { + throw new CmsException("error creating signature.", e); + } + catch (CertificateEncodingException e) + { + throw new CmsException("error creating sid.", e); + } + } + + Asn1Set certificates = null; + + if (_certs.Count != 0) + { + certificates = UseDerForCerts + ? CmsUtilities.CreateDerSetFromList(_certs) + : CmsUtilities.CreateBerSetFromList(_certs); + } + + Asn1Set certrevlist = null; + + if (_crls.Count != 0) + { + certrevlist = UseDerForCrls + ? CmsUtilities.CreateDerSetFromList(_crls) + : CmsUtilities.CreateBerSetFromList(_crls); + } + + Asn1OctetString octs = null; + if (encapsulate) + { + MemoryStream bOut = new MemoryStream(); + if (content != null) + { + try + { + content.Write(bOut); + } + catch (IOException e) + { + throw new CmsException("encapsulation error.", e); + } + } + octs = new BerOctetString(bOut.ToArray()); + } + + ContentInfo encInfo = new ContentInfo(contentTypeOid, octs); + + SignedData sd = new SignedData( + new DerSet(digestAlgs), + encInfo, + certificates, + certrevlist, + new DerSet(signerInfos)); + + ContentInfo contentInfo = new ContentInfo(CmsObjectIdentifiers.SignedData, sd); + + return new CmsSignedData(content, contentInfo); + } + + /** + * generate a signed object that for a CMS Signed Data + * object - if encapsulate is true a copy + * of the message will be included in the signature with the + * default content type "data". + */ + public CmsSignedData Generate( + CmsProcessable content, + bool encapsulate) + { + return this.Generate(Data, content, encapsulate); + } + + /** + * generate a set of one or more SignerInformation objects representing counter signatures on + * the passed in SignerInformation object. + * + * @param signer the signer to be countersigned + * @param sigProvider the provider to be used for counter signing. + * @return a store containing the signers. + */ + public SignerInformationStore GenerateCounterSigners( + SignerInformation signer) + { + return this.Generate(null, new CmsProcessableByteArray(signer.GetSignature()), false).GetSignerInfos(); + } + } +} diff --git a/BouncyCastle/crypto/src/cms/CMSSignedDataParser.cs b/BouncyCastle/crypto/src/cms/CMSSignedDataParser.cs new file mode 100644 index 0000000..c25f0aa --- /dev/null +++ b/BouncyCastle/crypto/src/cms/CMSSignedDataParser.cs @@ -0,0 +1,450 @@ +using System; +using System.Collections; +using System.IO; + +using Org.BouncyCastle.Asn1; +using Org.BouncyCastle.Asn1.Cms; +using Org.BouncyCastle.Asn1.X509; +using Org.BouncyCastle.Crypto; +using Org.BouncyCastle.Crypto.IO; +using Org.BouncyCastle.Security; +using Org.BouncyCastle.Security.Certificates; +using Org.BouncyCastle.Utilities; +using Org.BouncyCastle.Utilities.Collections; +using Org.BouncyCastle.Utilities.IO; +using Org.BouncyCastle.X509; +using Org.BouncyCastle.X509.Store; + +namespace Org.BouncyCastle.Cms +{ + /** + * Parsing class for an CMS Signed Data object from an input stream. + *

+ * Note: that because we are in a streaming mode only one signer can be tried and it is important + * that the methods on the parser are called in the appropriate order. + *

+ *

+ * A simple example of usage for an encapsulated signature. + *

+ *

+ * Two notes: first, in the example below the validity of + * the certificate isn't verified, just the fact that one of the certs + * matches the given signer, and, second, because we are in a streaming + * mode the order of the operations is important. + *

+ * 
+	*      CmsSignedDataParser     sp = new CmsSignedDataParser(encapSigData);
+	*
+	*      sp.GetSignedContent().Drain();
+	*
+	*      IX509Store              certs = sp.GetCertificates();
+	*      SignerInformationStore  signers = sp.GetSignerInfos();
+	*
+	*      foreach (SignerInformation signer in signers.GetSigners())
+	*      {
+	*          ArrayList       certList = new ArrayList(certs.GetMatches(signer.SignerID));
+	*          X509Certificate cert = (X509Certificate) certList[0];
+	*
+	*          Console.WriteLine("verify returns: " + signer.Verify(cert));
+	*      }
+	*
+ * Note also: this class does not introduce buffering - if you are processing large files you should create + * the parser with: + * 
+	*          CmsSignedDataParser     ep = new CmsSignedDataParser(new BufferedInputStream(encapSigData, bufSize));
+	*
+ * where bufSize is a suitably large buffer size. + */ + public class CmsSignedDataParser + : CmsContentInfoParser + { + private static readonly CmsSignedHelper Helper = CmsSignedHelper.Instance; + + private SignedDataParser _signedData; + private DerObjectIdentifier _signedContentType; + private CmsTypedStream _signedContent; + private IDictionary _digests; + private ISet _digestOids; + + private SignerInformationStore _signerInfoStore; + private Asn1Set _certSet, _crlSet; + private bool _isCertCrlParsed; + private IX509Store _attributeStore; + private IX509Store _certificateStore; + private IX509Store _crlStore; + + public CmsSignedDataParser( + byte[] sigBlock) + : this(new MemoryStream(sigBlock, false)) + { + } + + public CmsSignedDataParser( + CmsTypedStream signedContent, + byte[] sigBlock) + : this(signedContent, new MemoryStream(sigBlock, false)) + { + } + + /** + * base constructor - with encapsulated content + */ + public CmsSignedDataParser( + Stream sigData) + : this(null, sigData) + { + } + + /** + * base constructor + * + * @param signedContent the content that was signed. + * @param sigData the signature object. + */ + public CmsSignedDataParser( + CmsTypedStream signedContent, + Stream sigData) + : base(sigData) + { + try + { + this._signedContent = signedContent; + this._signedData = SignedDataParser.GetInstance(this.contentInfo.GetContent(Asn1Tags.Sequence)); + this._digests = Platform.CreateHashtable(); + this._digestOids = new HashSet(); + + Asn1SetParser digAlgs = _signedData.GetDigestAlgorithms(); + IAsn1Convertible o; + + while ((o = digAlgs.ReadObject()) != null) + { + AlgorithmIdentifier id = AlgorithmIdentifier.GetInstance(o.ToAsn1Object()); + + try + { + string digestOid = id.Algorithm.Id; + string digestName = Helper.GetDigestAlgName(digestOid); + + if (!this._digests.Contains(digestName)) + { + this._digests[digestName] = Helper.GetDigestInstance(digestName); + this._digestOids.Add(digestOid); + } + } + catch (SecurityUtilityException) + { + // TODO Should do something other than ignore it + } + } + + // + // If the message is simply a certificate chain message GetContent() may return null. + // + ContentInfoParser cont = _signedData.GetEncapContentInfo(); + Asn1OctetStringParser octs = (Asn1OctetStringParser) + cont.GetContent(Asn1Tags.OctetString); + + if (octs != null) + { + CmsTypedStream ctStr = new CmsTypedStream( + cont.ContentType.Id, octs.GetOctetStream()); + + if (_signedContent == null) + { + this._signedContent = ctStr; + } + else + { + // + // content passed in, need to read past empty encapsulated content info object if present + // + ctStr.Drain(); + } + } + + _signedContentType = _signedContent == null + ? cont.ContentType + : new DerObjectIdentifier(_signedContent.ContentType); + } + catch (IOException e) + { + throw new CmsException("io exception: " + e.Message, e); + } + } + + /** + * Return the version number for the SignedData object + * + * @return the version number + */ + public int Version + { + get { return _signedData.Version.IntValueExact; } + } + + public ISet DigestOids + { + get { return new HashSet(_digestOids); } + } + + /** + * return the collection of signers that are associated with the + * signatures for the message. + * @throws CmsException + */ + public SignerInformationStore GetSignerInfos() + { + if (_signerInfoStore == null) + { + PopulateCertCrlSets(); + + IList signerInfos = Platform.CreateArrayList(); + IDictionary hashes = Platform.CreateHashtable(); + + foreach (object digestKey in _digests.Keys) + { + hashes[digestKey] = DigestUtilities.DoFinal( + (IDigest)_digests[digestKey]); + } + + try + { + Asn1SetParser s = _signedData.GetSignerInfos(); + IAsn1Convertible o; + + while ((o = s.ReadObject()) != null) + { + SignerInfo info = SignerInfo.GetInstance(o.ToAsn1Object()); + string digestName = Helper.GetDigestAlgName( + info.DigestAlgorithm.Algorithm.Id); + + byte[] hash = (byte[]) hashes[digestName]; + + signerInfos.Add(new SignerInformation(info, _signedContentType, null, new BaseDigestCalculator(hash))); + } + } + catch (IOException e) + { + throw new CmsException("io exception: " + e.Message, e); + } + + _signerInfoStore = new SignerInformationStore(signerInfos); + } + + return _signerInfoStore; + } + + /** + * return a X509Store containing the attribute certificates, if any, contained + * in this message. + * + * @param type type of store to create + * @return a store of attribute certificates + * @exception org.bouncycastle.x509.NoSuchStoreException if the store type isn't available. + * @exception CmsException if a general exception prevents creation of the X509Store + */ + public IX509Store GetAttributeCertificates( + string type) + { + if (_attributeStore == null) + { + PopulateCertCrlSets(); + + _attributeStore = Helper.CreateAttributeStore(type, _certSet); + } + + return _attributeStore; + } + + /** + * return a X509Store containing the public key certificates, if any, contained + * in this message. + * + * @param type type of store to create + * @return a store of public key certificates + * @exception NoSuchStoreException if the store type isn't available. + * @exception CmsException if a general exception prevents creation of the X509Store + */ + public IX509Store GetCertificates( + string type) + { + if (_certificateStore == null) + { + PopulateCertCrlSets(); + + _certificateStore = Helper.CreateCertificateStore(type, _certSet); + } + + return _certificateStore; + } + + /** + * return a X509Store containing CRLs, if any, contained + * in this message. + * + * @param type type of store to create + * @return a store of CRLs + * @exception NoSuchStoreException if the store type isn't available. + * @exception CmsException if a general exception prevents creation of the X509Store + */ + public IX509Store GetCrls( + string type) + { + if (_crlStore == null) + { + PopulateCertCrlSets(); + + _crlStore = Helper.CreateCrlStore(type, _crlSet); + } + + return _crlStore; + } + + private void PopulateCertCrlSets() + { + if (_isCertCrlParsed) + return; + + _isCertCrlParsed = true; + + try + { + // care! Streaming - Must process the GetCertificates() result before calling GetCrls() + _certSet = GetAsn1Set(_signedData.GetCertificates()); + _crlSet = GetAsn1Set(_signedData.GetCrls()); + } + catch (IOException e) + { + throw new CmsException("problem parsing cert/crl sets", e); + } + } + + /// + /// Return the DerObjectIdentifier associated with the encapsulated + /// content info structure carried in the signed data. + /// + public DerObjectIdentifier SignedContentType + { + get { return _signedContentType; } + } + + public CmsTypedStream GetSignedContent() + { + if (_signedContent == null) + { + return null; + } + + Stream digStream = _signedContent.ContentStream; + + foreach (IDigest digest in _digests.Values) + { + digStream = new DigestStream(digStream, digest, null); + } + + return new CmsTypedStream(_signedContent.ContentType, digStream); + } + + /** + * Replace the signerinformation store associated with the passed + * in message contained in the stream original with the new one passed in. + * You would probably only want to do this if you wanted to change the unsigned + * attributes associated with a signer, or perhaps delete one. + *

+ * The output stream is returned unclosed. + *

+ * @param original the signed data stream to be used as a base. + * @param signerInformationStore the new signer information store to use. + * @param out the stream to Write the new signed data object to. + * @return out. + */ + public static Stream ReplaceSigners( + Stream original, + SignerInformationStore signerInformationStore, + Stream outStr) + { + // NB: SecureRandom would be ignored since using existing signatures only + CmsSignedDataStreamGenerator gen = new CmsSignedDataStreamGenerator(); + CmsSignedDataParser parser = new CmsSignedDataParser(original); + +// gen.AddDigests(parser.DigestOids); + gen.AddSigners(signerInformationStore); + + CmsTypedStream signedContent = parser.GetSignedContent(); + bool encapsulate = (signedContent != null); + Stream contentOut = gen.Open(outStr, parser.SignedContentType.Id, encapsulate); + if (encapsulate) + { + Streams.PipeAll(signedContent.ContentStream, contentOut); + } + + gen.AddAttributeCertificates(parser.GetAttributeCertificates("Collection")); + gen.AddCertificates(parser.GetCertificates("Collection")); + gen.AddCrls(parser.GetCrls("Collection")); + +// gen.AddSigners(parser.GetSignerInfos()); + + Platform.Dispose(contentOut); + + return outStr; + } + + /** + * Replace the certificate and CRL information associated with this + * CMSSignedData object with the new one passed in. + *

+ * The output stream is returned unclosed. + *

+ * @param original the signed data stream to be used as a base. + * @param certsAndCrls the new certificates and CRLs to be used. + * @param out the stream to Write the new signed data object to. + * @return out. + * @exception CmsException if there is an error processing the CertStore + */ + public static Stream ReplaceCertificatesAndCrls( + Stream original, + IX509Store x509Certs, + IX509Store x509Crls, + IX509Store x509AttrCerts, + Stream outStr) + { + // NB: SecureRandom would be ignored since using existing signatures only + CmsSignedDataStreamGenerator gen = new CmsSignedDataStreamGenerator(); + CmsSignedDataParser parser = new CmsSignedDataParser(original); + + gen.AddDigests(parser.DigestOids); + + CmsTypedStream signedContent = parser.GetSignedContent(); + bool encapsulate = (signedContent != null); + Stream contentOut = gen.Open(outStr, parser.SignedContentType.Id, encapsulate); + if (encapsulate) + { + Streams.PipeAll(signedContent.ContentStream, contentOut); + } + +// gen.AddAttributeCertificates(parser.GetAttributeCertificates("Collection")); +// gen.AddCertificates(parser.GetCertificates("Collection")); +// gen.AddCrls(parser.GetCrls("Collection")); + if (x509AttrCerts != null) + gen.AddAttributeCertificates(x509AttrCerts); + if (x509Certs != null) + gen.AddCertificates(x509Certs); + if (x509Crls != null) + gen.AddCrls(x509Crls); + + gen.AddSigners(parser.GetSignerInfos()); + + Platform.Dispose(contentOut); + + return outStr; + } + + private static Asn1Set GetAsn1Set( + Asn1SetParser asn1SetParser) + { + return asn1SetParser == null + ? null + : Asn1Set.GetInstance(asn1SetParser.ToAsn1Object()); + } + } +} diff --git a/BouncyCastle/crypto/src/cms/CMSSignedDataStreamGenerator.cs b/BouncyCastle/crypto/src/cms/CMSSignedDataStreamGenerator.cs new file mode 100644 index 0000000..e32f95d --- /dev/null +++ b/BouncyCastle/crypto/src/cms/CMSSignedDataStreamGenerator.cs @@ -0,0 +1,933 @@ +using System; +using System.Collections; +using System.Diagnostics; +using System.IO; + +using Org.BouncyCastle.Asn1; +using Org.BouncyCastle.Asn1.Cms; +using Org.BouncyCastle.Asn1.X509; +using Org.BouncyCastle.Crypto; +using Org.BouncyCastle.Crypto.IO; +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Security; +using Org.BouncyCastle.Security.Certificates; +using Org.BouncyCastle.Utilities; +using Org.BouncyCastle.Utilities.Collections; +using Org.BouncyCastle.Utilities.IO; +using Org.BouncyCastle.X509; + +namespace Org.BouncyCastle.Cms +{ + /** + * General class for generating a pkcs7-signature message stream. + *

+ * A simple example of usage. + *

+ * 
+    *      IX509Store                   certs...
+    *      CmsSignedDataStreamGenerator gen = new CmsSignedDataStreamGenerator();
+    *
+    *      gen.AddSigner(privateKey, cert, CmsSignedDataStreamGenerator.DIGEST_SHA1);
+    *
+    *      gen.AddCertificates(certs);
+    *
+    *      Stream sigOut = gen.Open(bOut);
+    *
+    *      sigOut.Write(Encoding.UTF8.GetBytes("Hello World!"));
+    *
+    *      sigOut.Close();
+    *
+ */ + public class CmsSignedDataStreamGenerator + : CmsSignedGenerator + { + private static readonly CmsSignedHelper Helper = CmsSignedHelper.Instance; + + private readonly IList _signerInfs = Platform.CreateArrayList(); + private readonly ISet _messageDigestOids = new HashSet(); + private readonly IDictionary _messageDigests = Platform.CreateHashtable(); + private readonly IDictionary _messageHashes = Platform.CreateHashtable(); + private bool _messageDigestsLocked; + private int _bufferSize; + + private class DigestAndSignerInfoGeneratorHolder + { + internal readonly ISignerInfoGenerator signerInf; + internal readonly string digestOID; + + internal DigestAndSignerInfoGeneratorHolder(ISignerInfoGenerator signerInf, String digestOID) + { + this.signerInf = signerInf; + this.digestOID = digestOID; + } + + internal AlgorithmIdentifier DigestAlgorithm + { + get { return new AlgorithmIdentifier(new DerObjectIdentifier(this.digestOID), DerNull.Instance); } + } + } + + private class SignerInfoGeneratorImpl : ISignerInfoGenerator + { + private readonly CmsSignedDataStreamGenerator outer; + + private readonly SignerIdentifier _signerIdentifier; + private readonly string _digestOID; + private readonly string _encOID; + private readonly CmsAttributeTableGenerator _sAttr; + private readonly CmsAttributeTableGenerator _unsAttr; + private readonly string _encName; + private readonly ISigner _sig; + + internal SignerInfoGeneratorImpl( + CmsSignedDataStreamGenerator outer, + AsymmetricKeyParameter key, + SignerIdentifier signerIdentifier, + string digestOID, + string encOID, + CmsAttributeTableGenerator sAttr, + CmsAttributeTableGenerator unsAttr) + { + this.outer = outer; + + _signerIdentifier = signerIdentifier; + _digestOID = digestOID; + _encOID = encOID; + _sAttr = sAttr; + _unsAttr = unsAttr; + _encName = Helper.GetEncryptionAlgName(_encOID); + + string digestName = Helper.GetDigestAlgName(_digestOID); + string signatureName = digestName + "with" + _encName; + + if (_sAttr != null) + { + _sig = Helper.GetSignatureInstance(signatureName); + } + else + { + // Note: Need to use raw signatures here since we have already calculated the digest + if (_encName.Equals("RSA")) + { + _sig = Helper.GetSignatureInstance("RSA"); + } + else if (_encName.Equals("DSA")) + { + _sig = Helper.GetSignatureInstance("NONEwithDSA"); + } + // TODO Add support for raw PSS +// else if (_encName.equals("RSAandMGF1")) +// { +// _sig = CMSSignedHelper.INSTANCE.getSignatureInstance("NONEWITHRSAPSS", _sigProvider); +// try +// { +// // Init the params this way to avoid having a 'raw' version of each PSS algorithm +// Signature sig2 = CMSSignedHelper.INSTANCE.getSignatureInstance(signatureName, _sigProvider); +// PSSParameterSpec spec = (PSSParameterSpec)sig2.getParameters().getParameterSpec(PSSParameterSpec.class); +// _sig.setParameter(spec); +// } +// catch (Exception e) +// { +// throw new SignatureException("algorithm: " + _encName + " could not be configured."); +// } +// } + else + { + throw new SignatureException("algorithm: " + _encName + " not supported in base signatures."); + } + } + + _sig.Init(true, new ParametersWithRandom(key, outer.rand)); + } + + public SignerInfo Generate(DerObjectIdentifier contentType, AlgorithmIdentifier digestAlgorithm, + byte[] calculatedDigest) + { + try + { + string digestName = Helper.GetDigestAlgName(_digestOID); + string signatureName = digestName + "with" + _encName; + +// AlgorithmIdentifier digAlgId = DigestAlgorithmID; +// +// byte[] hash = (byte[])outer._messageHashes[Helper.GetDigestAlgName(this._digestOID)]; +// outer._digests[_digestOID] = hash.Clone(); + + byte[] bytesToSign = calculatedDigest; + + /* RFC 3852 5.4 + * The result of the message digest calculation process depends on + * whether the signedAttrs field is present. When the field is absent, + * the result is just the message digest of the content as described + * + * above. When the field is present, however, the result is the message + * digest of the complete DER encoding of the SignedAttrs value + * contained in the signedAttrs field. + */ + Asn1Set signedAttr = null; + if (_sAttr != null) + { + IDictionary parameters = outer.GetBaseParameters(contentType, digestAlgorithm, calculatedDigest); + +// Asn1.Cms.AttributeTable signed = _sAttr.GetAttributes(Collections.unmodifiableMap(parameters)); + Asn1.Cms.AttributeTable signed = _sAttr.GetAttributes(parameters); + + if (contentType == null) //counter signature + { + if (signed != null && signed[CmsAttributes.ContentType] != null) + { + IDictionary tmpSigned = signed.ToDictionary(); + tmpSigned.Remove(CmsAttributes.ContentType); + signed = new Asn1.Cms.AttributeTable(tmpSigned); + } + } + + signedAttr = outer.GetAttributeSet(signed); + + // sig must be composed from the DER encoding. + bytesToSign = signedAttr.GetEncoded(Asn1Encodable.Der); + } + else + { + // Note: Need to use raw signatures here since we have already calculated the digest + if (_encName.Equals("RSA")) + { + DigestInfo dInfo = new DigestInfo(digestAlgorithm, calculatedDigest); + bytesToSign = dInfo.GetEncoded(Asn1Encodable.Der); + } + } + + _sig.BlockUpdate(bytesToSign, 0, bytesToSign.Length); + byte[] sigBytes = _sig.GenerateSignature(); + + Asn1Set unsignedAttr = null; + if (_unsAttr != null) + { + IDictionary parameters = outer.GetBaseParameters( + contentType, digestAlgorithm, calculatedDigest); + parameters[CmsAttributeTableParameter.Signature] = sigBytes.Clone(); + +// Asn1.Cms.AttributeTable unsigned = _unsAttr.getAttributes(Collections.unmodifiableMap(parameters)); + Asn1.Cms.AttributeTable unsigned = _unsAttr.GetAttributes(parameters); + + unsignedAttr = outer.GetAttributeSet(unsigned); + } + + // TODO[RSAPSS] Need the ability to specify non-default parameters + Asn1Encodable sigX509Parameters = SignerUtilities.GetDefaultX509Parameters(signatureName); + AlgorithmIdentifier digestEncryptionAlgorithm = Helper.GetEncAlgorithmIdentifier( + new DerObjectIdentifier(_encOID), sigX509Parameters); + + return new SignerInfo(_signerIdentifier, digestAlgorithm, + signedAttr, digestEncryptionAlgorithm, new DerOctetString(sigBytes), unsignedAttr); + } + catch (IOException e) + { + throw new CmsStreamException("encoding error.", e); + } + catch (SignatureException e) + { + throw new CmsStreamException("error creating signature.", e); + } + } + } + + public CmsSignedDataStreamGenerator() + { + } + + /// Constructor allowing specific source of randomness + /// Instance of SecureRandom to use. + public CmsSignedDataStreamGenerator( + SecureRandom rand) + : base(rand) + { + } + + /** + * Set the underlying string size for encapsulated data + * + * @param bufferSize length of octet strings to buffer the data. + */ + public void SetBufferSize( + int bufferSize) + { + _bufferSize = bufferSize; + } + + public void AddDigests( + params string[] digestOids) + { + AddDigests((IEnumerable) digestOids); + } + + public void AddDigests( + IEnumerable digestOids) + { + foreach (string digestOid in digestOids) + { + ConfigureDigest(digestOid); + } + } + + /** + * add a signer - no attributes other than the default ones will be + * provided here. + * @throws NoSuchAlgorithmException + * @throws InvalidKeyException + */ + public void AddSigner( + AsymmetricKeyParameter privateKey, + X509Certificate cert, + string digestOid) + { + AddSigner(privateKey, cert, digestOid, + new DefaultSignedAttributeTableGenerator(), null); + } + + /** + * add a signer, specifying the digest encryption algorithm - no attributes other than the default ones will be + * provided here. + * @throws NoSuchProviderException + * @throws NoSuchAlgorithmException + * @throws InvalidKeyException + */ + public void AddSigner( + AsymmetricKeyParameter privateKey, + X509Certificate cert, + string encryptionOid, + string digestOid) + { + AddSigner(privateKey, cert, encryptionOid, digestOid, + new DefaultSignedAttributeTableGenerator(), + (CmsAttributeTableGenerator)null); + } + + /** + * add a signer with extra signed/unsigned attributes. + * @throws NoSuchAlgorithmException + * @throws InvalidKeyException + */ + public void AddSigner( + AsymmetricKeyParameter privateKey, + X509Certificate cert, + string digestOid, + Asn1.Cms.AttributeTable signedAttr, + Asn1.Cms.AttributeTable unsignedAttr) + { + AddSigner(privateKey, cert, digestOid, + new DefaultSignedAttributeTableGenerator(signedAttr), + new SimpleAttributeTableGenerator(unsignedAttr)); + } + + /** + * add a signer with extra signed/unsigned attributes - specifying digest + * encryption algorithm. + * @throws NoSuchProviderException + * @throws NoSuchAlgorithmException + * @throws InvalidKeyException + */ + public void AddSigner( + AsymmetricKeyParameter privateKey, + X509Certificate cert, + string encryptionOid, + string digestOid, + Asn1.Cms.AttributeTable signedAttr, + Asn1.Cms.AttributeTable unsignedAttr) + { + AddSigner(privateKey, cert, encryptionOid, digestOid, + new DefaultSignedAttributeTableGenerator(signedAttr), + new SimpleAttributeTableGenerator(unsignedAttr)); + } + + public void AddSigner( + AsymmetricKeyParameter privateKey, + X509Certificate cert, + string digestOid, + CmsAttributeTableGenerator signedAttrGenerator, + CmsAttributeTableGenerator unsignedAttrGenerator) + { + AddSigner(privateKey, cert, Helper.GetEncOid(privateKey, digestOid), digestOid, + signedAttrGenerator, unsignedAttrGenerator); + } + + public void AddSigner( + AsymmetricKeyParameter privateKey, + X509Certificate cert, + string encryptionOid, + string digestOid, + CmsAttributeTableGenerator signedAttrGenerator, + CmsAttributeTableGenerator unsignedAttrGenerator) + { + DoAddSigner(privateKey, GetSignerIdentifier(cert), encryptionOid, digestOid, + signedAttrGenerator, unsignedAttrGenerator); + } + + /** + * add a signer - no attributes other than the default ones will be + * provided here. + * @throws NoSuchAlgorithmException + * @throws InvalidKeyException + */ + public void AddSigner( + AsymmetricKeyParameter privateKey, + byte[] subjectKeyID, + string digestOid) + { + AddSigner(privateKey, subjectKeyID, digestOid, new DefaultSignedAttributeTableGenerator(), + (CmsAttributeTableGenerator)null); + } + + /** + * add a signer - no attributes other than the default ones will be + * provided here. + * @throws NoSuchProviderException + * @throws NoSuchAlgorithmException + * @throws InvalidKeyException + */ + public void AddSigner( + AsymmetricKeyParameter privateKey, + byte[] subjectKeyID, + string encryptionOid, + string digestOid) + { + AddSigner(privateKey, subjectKeyID, encryptionOid, digestOid, + new DefaultSignedAttributeTableGenerator(), + (CmsAttributeTableGenerator)null); + } + + /** + * add a signer with extra signed/unsigned attributes. + * @throws NoSuchAlgorithmException + * @throws InvalidKeyException + */ + public void AddSigner( + AsymmetricKeyParameter privateKey, + byte[] subjectKeyID, + string digestOid, + Asn1.Cms.AttributeTable signedAttr, + Asn1.Cms.AttributeTable unsignedAttr) + { + AddSigner(privateKey, subjectKeyID, digestOid, + new DefaultSignedAttributeTableGenerator(signedAttr), + new SimpleAttributeTableGenerator(unsignedAttr)); + } + + public void AddSigner( + AsymmetricKeyParameter privateKey, + byte[] subjectKeyID, + string digestOid, + CmsAttributeTableGenerator signedAttrGenerator, + CmsAttributeTableGenerator unsignedAttrGenerator) + { + AddSigner(privateKey, subjectKeyID, Helper.GetEncOid(privateKey, digestOid), + digestOid, signedAttrGenerator, unsignedAttrGenerator); + } + + public void AddSigner( + AsymmetricKeyParameter privateKey, + byte[] subjectKeyID, + string encryptionOid, + string digestOid, + CmsAttributeTableGenerator signedAttrGenerator, + CmsAttributeTableGenerator unsignedAttrGenerator) + { + DoAddSigner(privateKey, GetSignerIdentifier(subjectKeyID), encryptionOid, digestOid, + signedAttrGenerator, unsignedAttrGenerator); + } + + private void DoAddSigner( + AsymmetricKeyParameter privateKey, + SignerIdentifier signerIdentifier, + string encryptionOid, + string digestOid, + CmsAttributeTableGenerator signedAttrGenerator, + CmsAttributeTableGenerator unsignedAttrGenerator) + { + ConfigureDigest(digestOid); + + SignerInfoGeneratorImpl signerInf = new SignerInfoGeneratorImpl(this, privateKey, + signerIdentifier, digestOid, encryptionOid, signedAttrGenerator, unsignedAttrGenerator); + + _signerInfs.Add(new DigestAndSignerInfoGeneratorHolder(signerInf, digestOid)); + } + + internal override void AddSignerCallback( + SignerInformation si) + { + // FIXME If there were parameters in si.DigestAlgorithmID.Parameters, they are lost + // NB: Would need to call FixAlgID on the DigestAlgorithmID + + // For precalculated signers, just need to register the algorithm, not configure a digest + RegisterDigestOid(si.DigestAlgorithmID.Algorithm.Id); + } + + /** + * generate a signed object that for a CMS Signed Data object + */ + public Stream Open( + Stream outStream) + { + return Open(outStream, false); + } + + /** + * generate a signed object that for a CMS Signed Data + * object - if encapsulate is true a copy + * of the message will be included in the signature with the + * default content type "data". + */ + public Stream Open( + Stream outStream, + bool encapsulate) + { + return Open(outStream, Data, encapsulate); + } + + /** + * generate a signed object that for a CMS Signed Data + * object using the given provider - if encapsulate is true a copy + * of the message will be included in the signature with the + * default content type "data". If dataOutputStream is non null the data + * being signed will be written to the stream as it is processed. + * @param out stream the CMS object is to be written to. + * @param encapsulate true if data should be encapsulated. + * @param dataOutputStream output stream to copy the data being signed to. + */ + public Stream Open( + Stream outStream, + bool encapsulate, + Stream dataOutputStream) + { + return Open(outStream, Data, encapsulate, dataOutputStream); + } + + /** + * generate a signed object that for a CMS Signed Data + * object - if encapsulate is true a copy + * of the message will be included in the signature. The content type + * is set according to the OID represented by the string signedContentType. + */ + public Stream Open( + Stream outStream, + string signedContentType, + bool encapsulate) + { + return Open(outStream, signedContentType, encapsulate, null); + } + + /** + * generate a signed object that for a CMS Signed Data + * object using the given provider - if encapsulate is true a copy + * of the message will be included in the signature. The content type + * is set according to the OID represented by the string signedContentType. + * @param out stream the CMS object is to be written to. + * @param signedContentType OID for data to be signed. + * @param encapsulate true if data should be encapsulated. + * @param dataOutputStream output stream to copy the data being signed to. + */ + public Stream Open( + Stream outStream, + string signedContentType, + bool encapsulate, + Stream dataOutputStream) + { + if (outStream == null) + throw new ArgumentNullException("outStream"); + if (!outStream.CanWrite) + throw new ArgumentException("Expected writeable stream", "outStream"); + if (dataOutputStream != null && !dataOutputStream.CanWrite) + throw new ArgumentException("Expected writeable stream", "dataOutputStream"); + + _messageDigestsLocked = true; + + // + // ContentInfo + // + BerSequenceGenerator sGen = new BerSequenceGenerator(outStream); + + sGen.AddObject(CmsObjectIdentifiers.SignedData); + + // + // Signed Data + // + BerSequenceGenerator sigGen = new BerSequenceGenerator( + sGen.GetRawOutputStream(), 0, true); + + bool isCounterSignature = (signedContentType == null); + + DerObjectIdentifier contentTypeOid = isCounterSignature + ? null + : new DerObjectIdentifier(signedContentType); + + sigGen.AddObject(CalculateVersion(contentTypeOid)); + + Asn1EncodableVector digestAlgs = new Asn1EncodableVector(); + + foreach (string digestOid in _messageDigestOids) + { + digestAlgs.Add( + new AlgorithmIdentifier(new DerObjectIdentifier(digestOid), DerNull.Instance)); + } + + { + byte[] tmp = new DerSet(digestAlgs).GetEncoded(); + sigGen.GetRawOutputStream().Write(tmp, 0, tmp.Length); + } + + BerSequenceGenerator eiGen = new BerSequenceGenerator(sigGen.GetRawOutputStream()); + eiGen.AddObject(contentTypeOid); + + // If encapsulating, add the data as an octet string in the sequence + Stream encapStream = encapsulate + ? CmsUtilities.CreateBerOctetOutputStream(eiGen.GetRawOutputStream(), 0, true, _bufferSize) + : null; + + // Also send the data to 'dataOutputStream' if necessary + Stream teeStream = GetSafeTeeOutputStream(dataOutputStream, encapStream); + + // Let all the digests see the data as it is written + Stream digStream = AttachDigestsToOutputStream(_messageDigests.Values, teeStream); + + return new CmsSignedDataOutputStream(this, digStream, signedContentType, sGen, sigGen, eiGen); + } + + private void RegisterDigestOid( + string digestOid) + { + if (_messageDigestsLocked) + { + if (!_messageDigestOids.Contains(digestOid)) + throw new InvalidOperationException("Cannot register new digest OIDs after the data stream is opened"); + } + else + { + _messageDigestOids.Add(digestOid); + } + } + + private void ConfigureDigest( + string digestOid) + { + RegisterDigestOid(digestOid); + + string digestName = Helper.GetDigestAlgName(digestOid); + IDigest dig = (IDigest)_messageDigests[digestName]; + if (dig == null) + { + if (_messageDigestsLocked) + throw new InvalidOperationException("Cannot configure new digests after the data stream is opened"); + + dig = Helper.GetDigestInstance(digestName); + _messageDigests[digestName] = dig; + } + } + + // TODO Make public? + internal void Generate( + Stream outStream, + string eContentType, + bool encapsulate, + Stream dataOutputStream, + CmsProcessable content) + { + Stream signedOut = Open(outStream, eContentType, encapsulate, dataOutputStream); + if (content != null) + { + content.Write(signedOut); + } + Platform.Dispose(signedOut); + } + + // RFC3852, section 5.1: + // IF ((certificates is present) AND + // (any certificates with a type of other are present)) OR + // ((crls is present) AND + // (any crls with a type of other are present)) + // THEN version MUST be 5 + // ELSE + // IF (certificates is present) AND + // (any version 2 attribute certificates are present) + // THEN version MUST be 4 + // ELSE + // IF ((certificates is present) AND + // (any version 1 attribute certificates are present)) OR + // (any SignerInfo structures are version 3) OR + // (encapContentInfo eContentType is other than id-data) + // THEN version MUST be 3 + // ELSE version MUST be 1 + // + private DerInteger CalculateVersion( + DerObjectIdentifier contentOid) + { + bool otherCert = false; + bool otherCrl = false; + bool attrCertV1Found = false; + bool attrCertV2Found = false; + + if (_certs != null) + { + foreach (object obj in _certs) + { + if (obj is Asn1TaggedObject) + { + Asn1TaggedObject tagged = (Asn1TaggedObject) obj; + + if (tagged.TagNo == 1) + { + attrCertV1Found = true; + } + else if (tagged.TagNo == 2) + { + attrCertV2Found = true; + } + else if (tagged.TagNo == 3) + { + otherCert = true; + break; + } + } + } + } + + if (otherCert) + { + return new DerInteger(5); + } + + if (_crls != null) + { + foreach (object obj in _crls) + { + if (obj is Asn1TaggedObject) + { + otherCrl = true; + break; + } + } + } + + if (otherCrl) + { + return new DerInteger(5); + } + + if (attrCertV2Found) + { + return new DerInteger(4); + } + + if (attrCertV1Found || !CmsObjectIdentifiers.Data.Equals(contentOid) || CheckForVersion3(_signers)) + { + return new DerInteger(3); + } + + return new DerInteger(1); + } + + private bool CheckForVersion3( + IList signerInfos) + { + foreach (SignerInformation si in signerInfos) + { + SignerInfo s = SignerInfo.GetInstance(si.ToSignerInfo()); + + if (s.Version.IntValueExact == 3) + { + return true; + } + } + + return false; + } + + private static Stream AttachDigestsToOutputStream(ICollection digests, Stream s) + { + Stream result = s; + foreach (IDigest digest in digests) + { + result = GetSafeTeeOutputStream(result, new DigestSink(digest)); + } + return result; + } + + private static Stream GetSafeOutputStream(Stream s) + { + if (s == null) + return new NullOutputStream(); + return s; + } + + private static Stream GetSafeTeeOutputStream(Stream s1, Stream s2) + { + if (s1 == null) + return GetSafeOutputStream(s2); + if (s2 == null) + return GetSafeOutputStream(s1); + return new TeeOutputStream(s1, s2); + } + + private class CmsSignedDataOutputStream + : BaseOutputStream + { + private readonly CmsSignedDataStreamGenerator outer; + + private Stream _out; + private DerObjectIdentifier _contentOID; + private BerSequenceGenerator _sGen; + private BerSequenceGenerator _sigGen; + private BerSequenceGenerator _eiGen; + + public CmsSignedDataOutputStream( + CmsSignedDataStreamGenerator outer, + Stream outStream, + string contentOID, + BerSequenceGenerator sGen, + BerSequenceGenerator sigGen, + BerSequenceGenerator eiGen) + { + this.outer = outer; + + _out = outStream; + _contentOID = new DerObjectIdentifier(contentOID); + _sGen = sGen; + _sigGen = sigGen; + _eiGen = eiGen; + } + + public override void WriteByte( + byte b) + { + _out.WriteByte(b); + } + + public override void Write( + byte[] bytes, + int off, + int len) + { + _out.Write(bytes, off, len); + } + +#if PORTABLE + protected override void Dispose(bool disposing) + { + if (disposing) + { + DoClose(); + } + base.Dispose(disposing); + } +#else + public override void Close() + { + DoClose(); + base.Close(); + } +#endif + + private void DoClose() + { + Platform.Dispose(_out); + + // TODO Parent context(s) should really be be closed explicitly + + _eiGen.Close(); + + outer._digests.Clear(); // clear the current preserved digest state + + if (outer._certs.Count > 0) + { + Asn1Set certs = outer.UseDerForCerts + ? CmsUtilities.CreateDerSetFromList(outer._certs) + : CmsUtilities.CreateBerSetFromList(outer._certs); + + WriteToGenerator(_sigGen, new BerTaggedObject(false, 0, certs)); + } + + if (outer._crls.Count > 0) + { + Asn1Set crls = outer.UseDerForCrls + ? CmsUtilities.CreateDerSetFromList(outer._crls) + : CmsUtilities.CreateBerSetFromList(outer._crls); + + WriteToGenerator(_sigGen, new BerTaggedObject(false, 1, crls)); + } + + // + // Calculate the digest hashes + // + foreach (DictionaryEntry de in outer._messageDigests) + { + outer._messageHashes.Add(de.Key, DigestUtilities.DoFinal((IDigest)de.Value)); + } + + // TODO If the digest OIDs for precalculated signers weren't mixed in with + // the others, we could fill in outer._digests here, instead of SignerInfoGenerator.Generate + + // + // collect all the SignerInfo objects + // + Asn1EncodableVector signerInfos = new Asn1EncodableVector(); + + // + // add the generated SignerInfo objects + // + { + foreach (DigestAndSignerInfoGeneratorHolder holder in outer._signerInfs) + { + AlgorithmIdentifier digestAlgorithm = holder.DigestAlgorithm; + + byte[] calculatedDigest = (byte[])outer._messageHashes[ + Helper.GetDigestAlgName(holder.digestOID)]; + outer._digests[holder.digestOID] = calculatedDigest.Clone(); + + signerInfos.Add(holder.signerInf.Generate(_contentOID, digestAlgorithm, calculatedDigest)); + } + } + + // + // add the precalculated SignerInfo objects. + // + { + foreach (SignerInformation signer in outer._signers) + { + // TODO Verify the content type and calculated digest match the precalculated SignerInfo +// if (!signer.ContentType.Equals(_contentOID)) +// { +// // TODO The precalculated content type did not match - error? +// } +// +// byte[] calculatedDigest = (byte[])outer._digests[signer.DigestAlgOid]; +// if (calculatedDigest == null) +// { +// // TODO We can't confirm this digest because we didn't calculate it - error? +// } +// else +// { +// if (!Arrays.AreEqual(signer.GetContentDigest(), calculatedDigest)) +// { +// // TODO The precalculated digest did not match - error? +// } +// } + + signerInfos.Add(signer.ToSignerInfo()); + } + } + + WriteToGenerator(_sigGen, new DerSet(signerInfos)); + + _sigGen.Close(); + _sGen.Close(); + } + + private static void WriteToGenerator( + Asn1Generator ag, + Asn1Encodable ae) + { + byte[] encoded = ae.GetEncoded(); + ag.GetRawOutputStream().Write(encoded, 0, encoded.Length); + } + } + } +} diff --git a/BouncyCastle/crypto/src/cms/CMSSignedGenerator.cs b/BouncyCastle/crypto/src/cms/CMSSignedGenerator.cs new file mode 100644 index 0000000..95d5ba6 --- /dev/null +++ b/BouncyCastle/crypto/src/cms/CMSSignedGenerator.cs @@ -0,0 +1,654 @@ +using System; +using System.Collections; +using System.IO; + +using Org.BouncyCastle.Asn1; +using Org.BouncyCastle.Asn1.BC; +using Org.BouncyCastle.Asn1.Bsi; +using Org.BouncyCastle.Asn1.Cms; +using Org.BouncyCastle.Asn1.CryptoPro; +using Org.BouncyCastle.Asn1.Eac; +using Org.BouncyCastle.Asn1.GM; +using Org.BouncyCastle.Asn1.Nist; +using Org.BouncyCastle.Asn1.Oiw; +using Org.BouncyCastle.Asn1.Pkcs; +using Org.BouncyCastle.Asn1.Rosstandart; +using Org.BouncyCastle.Asn1.TeleTrust; +using Org.BouncyCastle.Asn1.X509; +using Org.BouncyCastle.Asn1.X9; +using Org.BouncyCastle.Crypto; +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Security; +using Org.BouncyCastle.Utilities; +using Org.BouncyCastle.Utilities.Collections; +using Org.BouncyCastle.X509; +using Org.BouncyCastle.X509.Store; + +namespace Org.BouncyCastle.Cms +{ + public class DefaultSignatureAlgorithmIdentifierFinder + { + private static readonly IDictionary algorithms = Platform.CreateHashtable(); + private static readonly ISet noParams = new HashSet(); + private static readonly IDictionary _params = Platform.CreateHashtable(); + private static readonly ISet pkcs15RsaEncryption = new HashSet(); + private static readonly IDictionary digestOids = Platform.CreateHashtable(); + + private static readonly IDictionary digestBuilders = Platform.CreateHashtable(); + + private static readonly DerObjectIdentifier ENCRYPTION_RSA = PkcsObjectIdentifiers.RsaEncryption; + private static readonly DerObjectIdentifier ENCRYPTION_DSA = X9ObjectIdentifiers.IdDsaWithSha1; + private static readonly DerObjectIdentifier ENCRYPTION_ECDSA = X9ObjectIdentifiers.ECDsaWithSha1; + private static readonly DerObjectIdentifier ENCRYPTION_RSA_PSS = PkcsObjectIdentifiers.IdRsassaPss; + private static readonly DerObjectIdentifier ENCRYPTION_GOST3410 = CryptoProObjectIdentifiers.GostR3410x94; + private static readonly DerObjectIdentifier ENCRYPTION_ECGOST3410 = CryptoProObjectIdentifiers.GostR3410x2001; + private static readonly DerObjectIdentifier ENCRYPTION_ECGOST3410_2012_256 = RosstandartObjectIdentifiers.id_tc26_gost_3410_12_256; + private static readonly DerObjectIdentifier ENCRYPTION_ECGOST3410_2012_512 = RosstandartObjectIdentifiers.id_tc26_gost_3410_12_512; + + static DefaultSignatureAlgorithmIdentifierFinder() + { + algorithms["MD2WITHRSAENCRYPTION"] = PkcsObjectIdentifiers.MD2WithRsaEncryption; + algorithms["MD2WITHRSA"] = PkcsObjectIdentifiers.MD2WithRsaEncryption; + algorithms["MD5WITHRSAENCRYPTION"] = PkcsObjectIdentifiers.MD5WithRsaEncryption; + algorithms["MD5WITHRSA"] = PkcsObjectIdentifiers.MD5WithRsaEncryption; + algorithms["SHA1WITHRSAENCRYPTION"] = PkcsObjectIdentifiers.Sha1WithRsaEncryption; + algorithms["SHA-1WITHRSAENCRYPTION"] = PkcsObjectIdentifiers.Sha1WithRsaEncryption; + algorithms["SHA1WITHRSA"] = PkcsObjectIdentifiers.Sha1WithRsaEncryption; + algorithms["SHA-1WITHRSA"] = PkcsObjectIdentifiers.Sha1WithRsaEncryption; + algorithms["SHA224WITHRSAENCRYPTION"] = PkcsObjectIdentifiers.Sha224WithRsaEncryption; + algorithms["SHA-224WITHRSAENCRYPTION"] = PkcsObjectIdentifiers.Sha224WithRsaEncryption; + algorithms["SHA224WITHRSA"] = PkcsObjectIdentifiers.Sha224WithRsaEncryption; + algorithms["SHA-224WITHRSA"] = PkcsObjectIdentifiers.Sha224WithRsaEncryption; + algorithms["SHA256WITHRSAENCRYPTION"] = PkcsObjectIdentifiers.Sha256WithRsaEncryption; + algorithms["SHA-256WITHRSAENCRYPTION"] = PkcsObjectIdentifiers.Sha256WithRsaEncryption; + algorithms["SHA256WITHRSA"] = PkcsObjectIdentifiers.Sha256WithRsaEncryption; + algorithms["SHA-256WITHRSA"] = PkcsObjectIdentifiers.Sha256WithRsaEncryption; + algorithms["SHA384WITHRSAENCRYPTION"] = PkcsObjectIdentifiers.Sha384WithRsaEncryption; + algorithms["SHA-384WITHRSAENCRYPTION"] = PkcsObjectIdentifiers.Sha384WithRsaEncryption; + algorithms["SHA384WITHRSA"] = PkcsObjectIdentifiers.Sha384WithRsaEncryption; + algorithms["SHA-384WITHRSA"] = PkcsObjectIdentifiers.Sha384WithRsaEncryption; + algorithms["SHA512WITHRSAENCRYPTION"] = PkcsObjectIdentifiers.Sha512WithRsaEncryption; + algorithms["SHA-512WITHRSAENCRYPTION"] = PkcsObjectIdentifiers.Sha512WithRsaEncryption; + algorithms["SHA512WITHRSA"] = PkcsObjectIdentifiers.Sha512WithRsaEncryption; + algorithms["SHA-512WITHRSA"] = PkcsObjectIdentifiers.Sha512WithRsaEncryption; + algorithms["SHA512(224)WITHRSAENCRYPTION"] = PkcsObjectIdentifiers.Sha512_224WithRSAEncryption; + algorithms["SHA-512(224)WITHRSAENCRYPTION"] = PkcsObjectIdentifiers.Sha512_224WithRSAEncryption; + algorithms["SHA512(224)WITHRSA"] = PkcsObjectIdentifiers.Sha512_224WithRSAEncryption; + algorithms["SHA-512(224)WITHRSA"] = PkcsObjectIdentifiers.Sha512_224WithRSAEncryption; + algorithms["SHA512(256)WITHRSAENCRYPTION"] = PkcsObjectIdentifiers.Sha512_256WithRSAEncryption; + algorithms["SHA-512(256)WITHRSAENCRYPTION"] = PkcsObjectIdentifiers.Sha512_256WithRSAEncryption; + algorithms["SHA512(256)WITHRSA"] = PkcsObjectIdentifiers.Sha512_256WithRSAEncryption; + algorithms["SHA-512(256)WITHRSA"] = PkcsObjectIdentifiers.Sha512_256WithRSAEncryption; + algorithms["SHA1WITHRSAANDMGF1"] = PkcsObjectIdentifiers.IdRsassaPss; + algorithms["SHA224WITHRSAANDMGF1"] = PkcsObjectIdentifiers.IdRsassaPss; + algorithms["SHA256WITHRSAANDMGF1"] = PkcsObjectIdentifiers.IdRsassaPss; + algorithms["SHA384WITHRSAANDMGF1"] = PkcsObjectIdentifiers.IdRsassaPss; + algorithms["SHA512WITHRSAANDMGF1"] = PkcsObjectIdentifiers.IdRsassaPss; + algorithms["SHA3-224WITHRSAANDMGF1"] = PkcsObjectIdentifiers.IdRsassaPss; + algorithms["SHA3-256WITHRSAANDMGF1"] = PkcsObjectIdentifiers.IdRsassaPss; + algorithms["SHA3-384WITHRSAANDMGF1"] = PkcsObjectIdentifiers.IdRsassaPss; + algorithms["SHA3-512WITHRSAANDMGF1"] = PkcsObjectIdentifiers.IdRsassaPss; + algorithms["RIPEMD160WITHRSAENCRYPTION"] = TeleTrusTObjectIdentifiers.RsaSignatureWithRipeMD160; + algorithms["RIPEMD160WITHRSA"] = TeleTrusTObjectIdentifiers.RsaSignatureWithRipeMD160; + algorithms["RIPEMD128WITHRSAENCRYPTION"] = TeleTrusTObjectIdentifiers.RsaSignatureWithRipeMD128; + algorithms["RIPEMD128WITHRSA"] = TeleTrusTObjectIdentifiers.RsaSignatureWithRipeMD128; + algorithms["RIPEMD256WITHRSAENCRYPTION"] = TeleTrusTObjectIdentifiers.RsaSignatureWithRipeMD256; + algorithms["RIPEMD256WITHRSA"] = TeleTrusTObjectIdentifiers.RsaSignatureWithRipeMD256; + algorithms["SHA1WITHDSA"] = X9ObjectIdentifiers.IdDsaWithSha1; + algorithms["SHA-1WITHDSA"] = X9ObjectIdentifiers.IdDsaWithSha1; + algorithms["DSAWITHSHA1"] = X9ObjectIdentifiers.IdDsaWithSha1; + algorithms["SHA224WITHDSA"] = NistObjectIdentifiers.DsaWithSha224; + algorithms["SHA256WITHDSA"] = NistObjectIdentifiers.DsaWithSha256; + algorithms["SHA384WITHDSA"] = NistObjectIdentifiers.DsaWithSha384; + algorithms["SHA512WITHDSA"] = NistObjectIdentifiers.DsaWithSha512; + algorithms["SHA3-224WITHDSA"] = NistObjectIdentifiers.IdDsaWithSha3_224; + algorithms["SHA3-256WITHDSA"] = NistObjectIdentifiers.IdDsaWithSha3_256; + algorithms["SHA3-384WITHDSA"] = NistObjectIdentifiers.IdDsaWithSha3_384; + algorithms["SHA3-512WITHDSA"] = NistObjectIdentifiers.IdDsaWithSha3_512; + algorithms["SHA3-224WITHECDSA"] = NistObjectIdentifiers.IdEcdsaWithSha3_224; + algorithms["SHA3-256WITHECDSA"] = NistObjectIdentifiers.IdEcdsaWithSha3_256; + algorithms["SHA3-384WITHECDSA"] = NistObjectIdentifiers.IdEcdsaWithSha3_384; + algorithms["SHA3-512WITHECDSA"] = NistObjectIdentifiers.IdEcdsaWithSha3_512; + algorithms["SHA3-224WITHRSA"] = NistObjectIdentifiers.IdRsassaPkcs1V15WithSha3_224; + algorithms["SHA3-256WITHRSA"] = NistObjectIdentifiers.IdRsassaPkcs1V15WithSha3_256; + algorithms["SHA3-384WITHRSA"] = NistObjectIdentifiers.IdRsassaPkcs1V15WithSha3_384; + algorithms["SHA3-512WITHRSA"] = NistObjectIdentifiers.IdRsassaPkcs1V15WithSha3_512; + algorithms["SHA3-224WITHRSAENCRYPTION"] = NistObjectIdentifiers.IdRsassaPkcs1V15WithSha3_224; + algorithms["SHA3-256WITHRSAENCRYPTION"] = NistObjectIdentifiers.IdRsassaPkcs1V15WithSha3_256; + algorithms["SHA3-384WITHRSAENCRYPTION"] = NistObjectIdentifiers.IdRsassaPkcs1V15WithSha3_384; + algorithms["SHA3-512WITHRSAENCRYPTION"] = NistObjectIdentifiers.IdRsassaPkcs1V15WithSha3_512; + algorithms["SHA1WITHECDSA"] = X9ObjectIdentifiers.ECDsaWithSha1; + algorithms["ECDSAWITHSHA1"] = X9ObjectIdentifiers.ECDsaWithSha1; + algorithms["SHA224WITHECDSA"] = X9ObjectIdentifiers.ECDsaWithSha224; + algorithms["SHA256WITHECDSA"] = X9ObjectIdentifiers.ECDsaWithSha256; + algorithms["SHA384WITHECDSA"] = X9ObjectIdentifiers.ECDsaWithSha384; + algorithms["SHA512WITHECDSA"] = X9ObjectIdentifiers.ECDsaWithSha512; + + + algorithms["GOST3411WITHGOST3410"] = CryptoProObjectIdentifiers.GostR3411x94WithGostR3410x94; + algorithms["GOST3411WITHGOST3410-94"] = CryptoProObjectIdentifiers.GostR3411x94WithGostR3410x94; + algorithms["GOST3411WITHECGOST3410"] = CryptoProObjectIdentifiers.GostR3411x94WithGostR3410x2001; + algorithms["GOST3411WITHECGOST3410-2001"] = CryptoProObjectIdentifiers.GostR3411x94WithGostR3410x2001; + algorithms["GOST3411WITHGOST3410-2001"] = CryptoProObjectIdentifiers.GostR3411x94WithGostR3410x2001; + algorithms["GOST3411WITHECGOST3410-2012-256"] = RosstandartObjectIdentifiers.id_tc26_signwithdigest_gost_3410_12_256; + algorithms["GOST3411WITHECGOST3410-2012-512"] = RosstandartObjectIdentifiers.id_tc26_signwithdigest_gost_3410_12_512; + algorithms["GOST3411WITHGOST3410-2012-256"] = RosstandartObjectIdentifiers.id_tc26_signwithdigest_gost_3410_12_256; + algorithms["GOST3411WITHGOST3410-2012-512"] = RosstandartObjectIdentifiers.id_tc26_signwithdigest_gost_3410_12_512; + algorithms["GOST3411-2012-256WITHECGOST3410-2012-256"] = RosstandartObjectIdentifiers.id_tc26_signwithdigest_gost_3410_12_256; + algorithms["GOST3411-2012-512WITHECGOST3410-2012-512"] = RosstandartObjectIdentifiers.id_tc26_signwithdigest_gost_3410_12_512; + algorithms["GOST3411-2012-256WITHGOST3410-2012-256"] = RosstandartObjectIdentifiers.id_tc26_signwithdigest_gost_3410_12_256; + algorithms["GOST3411-2012-512WITHGOST3410-2012-512"] = RosstandartObjectIdentifiers.id_tc26_signwithdigest_gost_3410_12_512; + algorithms["SHA1WITHPLAIN-ECDSA"] = BsiObjectIdentifiers.ecdsa_plain_SHA1; + algorithms["SHA224WITHPLAIN-ECDSA"] = BsiObjectIdentifiers.ecdsa_plain_SHA224; + algorithms["SHA256WITHPLAIN-ECDSA"] = BsiObjectIdentifiers.ecdsa_plain_SHA256; + algorithms["SHA384WITHPLAIN-ECDSA"] = BsiObjectIdentifiers.ecdsa_plain_SHA384; + algorithms["SHA512WITHPLAIN-ECDSA"] = BsiObjectIdentifiers.ecdsa_plain_SHA512; + algorithms["RIPEMD160WITHPLAIN-ECDSA"] = BsiObjectIdentifiers.ecdsa_plain_RIPEMD160; + algorithms["SHA1WITHCVC-ECDSA"] = EacObjectIdentifiers.id_TA_ECDSA_SHA_1; + algorithms["SHA224WITHCVC-ECDSA"] = EacObjectIdentifiers.id_TA_ECDSA_SHA_224; + algorithms["SHA256WITHCVC-ECDSA"] = EacObjectIdentifiers.id_TA_ECDSA_SHA_256; + algorithms["SHA384WITHCVC-ECDSA"] = EacObjectIdentifiers.id_TA_ECDSA_SHA_384; + algorithms["SHA512WITHCVC-ECDSA"] = EacObjectIdentifiers.id_TA_ECDSA_SHA_512; + algorithms["SHA3-512WITHSPHINCS256"] = BCObjectIdentifiers.sphincs256_with_SHA3_512; + algorithms["SHA512WITHSPHINCS256"] = BCObjectIdentifiers.sphincs256_with_SHA512; + + algorithms["SHA256WITHSM2"] = GMObjectIdentifiers.sm2sign_with_sha256; + algorithms["SM3WITHSM2"] = GMObjectIdentifiers.sm2sign_with_sm3; + + algorithms["SHA256WITHXMSS"] = BCObjectIdentifiers.xmss_with_SHA256; + algorithms["SHA512WITHXMSS"] = BCObjectIdentifiers.xmss_with_SHA512; + algorithms["SHAKE128WITHXMSS"] = BCObjectIdentifiers.xmss_with_SHAKE128; + algorithms["SHAKE256WITHXMSS"] = BCObjectIdentifiers.xmss_with_SHAKE256; + + algorithms["SHA256WITHXMSSMT"] = BCObjectIdentifiers.xmss_mt_with_SHA256; + algorithms["SHA512WITHXMSSMT"] = BCObjectIdentifiers.xmss_mt_with_SHA512; + algorithms["SHAKE128WITHXMSSMT"] = BCObjectIdentifiers.xmss_mt_with_SHAKE128; + algorithms["SHAKE256WITHXMSSMT"] = BCObjectIdentifiers.xmss_mt_with_SHAKE256; + + + // + // According to RFC 3279, the ASN.1 encoding SHALL (id-dsa-with-sha1) or MUST (ecdsa-with-SHA*) omit the parameters field. + // The parameters field SHALL be NULL for RSA based signature algorithms. + // + noParams.Add((object)X9ObjectIdentifiers.ECDsaWithSha1); + noParams.Add((object)X9ObjectIdentifiers.ECDsaWithSha224); + noParams.Add((object)X9ObjectIdentifiers.ECDsaWithSha256); + noParams.Add((object)X9ObjectIdentifiers.ECDsaWithSha384); + noParams.Add((object)X9ObjectIdentifiers.ECDsaWithSha512); + noParams.Add((object)X9ObjectIdentifiers.IdDsaWithSha1); + noParams.Add((object)NistObjectIdentifiers.DsaWithSha224); + noParams.Add((object)NistObjectIdentifiers.DsaWithSha256); + noParams.Add((object)NistObjectIdentifiers.DsaWithSha384); + noParams.Add((object)NistObjectIdentifiers.DsaWithSha512); + noParams.Add((object)NistObjectIdentifiers.IdDsaWithSha3_224); + noParams.Add((object)NistObjectIdentifiers.IdDsaWithSha3_256); + noParams.Add((object)NistObjectIdentifiers.IdDsaWithSha3_384); + noParams.Add((object)NistObjectIdentifiers.IdDsaWithSha3_512); + noParams.Add((object)NistObjectIdentifiers.IdEcdsaWithSha3_224); + noParams.Add((object)NistObjectIdentifiers.IdEcdsaWithSha3_256); + noParams.Add((object)NistObjectIdentifiers.IdEcdsaWithSha3_384); + noParams.Add((object)NistObjectIdentifiers.IdEcdsaWithSha3_512); + + + // + // RFC 4491 + // + noParams.Add((object)CryptoProObjectIdentifiers.GostR3411x94WithGostR3410x94); + noParams.Add((object)CryptoProObjectIdentifiers.GostR3411x94WithGostR3410x2001); + noParams.Add((object)RosstandartObjectIdentifiers.id_tc26_signwithdigest_gost_3410_12_256); + noParams.Add((object)RosstandartObjectIdentifiers.id_tc26_signwithdigest_gost_3410_12_512); + + // + // SPHINCS-256 + // + noParams.Add((object)BCObjectIdentifiers.sphincs256_with_SHA512); + noParams.Add((object)BCObjectIdentifiers.sphincs256_with_SHA3_512); + + // + // XMSS + // + noParams.Add((object)BCObjectIdentifiers.xmss_with_SHA256); + noParams.Add((object)BCObjectIdentifiers.xmss_with_SHA512); + noParams.Add((object)BCObjectIdentifiers.xmss_with_SHAKE128); + noParams.Add((object)BCObjectIdentifiers.xmss_with_SHAKE256); + noParams.Add((object)BCObjectIdentifiers.xmss_mt_with_SHA256); + noParams.Add((object)BCObjectIdentifiers.xmss_mt_with_SHA512); + noParams.Add((object)BCObjectIdentifiers.xmss_mt_with_SHAKE128); + noParams.Add((object)BCObjectIdentifiers.xmss_mt_with_SHAKE256); + + // + // SM2 + // + noParams.Add((object)GMObjectIdentifiers.sm2sign_with_sha256); + noParams.Add((object)GMObjectIdentifiers.sm2sign_with_sm3); + + // + // PKCS 1.5 encrypted algorithms + // + pkcs15RsaEncryption.Add((object)PkcsObjectIdentifiers.Sha1WithRsaEncryption); + pkcs15RsaEncryption.Add((object)PkcsObjectIdentifiers.Sha224WithRsaEncryption); + pkcs15RsaEncryption.Add((object)PkcsObjectIdentifiers.Sha256WithRsaEncryption); + pkcs15RsaEncryption.Add((object)PkcsObjectIdentifiers.Sha384WithRsaEncryption); + pkcs15RsaEncryption.Add((object)PkcsObjectIdentifiers.Sha512WithRsaEncryption); + pkcs15RsaEncryption.Add((object)PkcsObjectIdentifiers.Sha512_224WithRSAEncryption); + pkcs15RsaEncryption.Add((object)PkcsObjectIdentifiers.Sha512_256WithRSAEncryption); + pkcs15RsaEncryption.Add((object)TeleTrusTObjectIdentifiers.RsaSignatureWithRipeMD128); + pkcs15RsaEncryption.Add((object)TeleTrusTObjectIdentifiers.RsaSignatureWithRipeMD160); + pkcs15RsaEncryption.Add((object)TeleTrusTObjectIdentifiers.RsaSignatureWithRipeMD256); + pkcs15RsaEncryption.Add((object)NistObjectIdentifiers.IdRsassaPkcs1V15WithSha3_224); + pkcs15RsaEncryption.Add((object)NistObjectIdentifiers.IdRsassaPkcs1V15WithSha3_256); + pkcs15RsaEncryption.Add((object)NistObjectIdentifiers.IdRsassaPkcs1V15WithSha3_384); + pkcs15RsaEncryption.Add((object)NistObjectIdentifiers.IdRsassaPkcs1V15WithSha3_512); + + // + // explicit params + // + AlgorithmIdentifier sha1AlgId = new AlgorithmIdentifier(OiwObjectIdentifiers.IdSha1, DerNull.Instance); + _params["SHA1WITHRSAANDMGF1"] = CreatePssParams(sha1AlgId, 20); + + AlgorithmIdentifier sha224AlgId = new AlgorithmIdentifier(NistObjectIdentifiers.IdSha224, DerNull.Instance); + _params["SHA224WITHRSAANDMGF1"] = CreatePssParams(sha224AlgId, 28); + + AlgorithmIdentifier sha256AlgId = new AlgorithmIdentifier(NistObjectIdentifiers.IdSha256, DerNull.Instance); + _params["SHA256WITHRSAANDMGF1"] = CreatePssParams(sha256AlgId, 32); + + AlgorithmIdentifier sha384AlgId = new AlgorithmIdentifier(NistObjectIdentifiers.IdSha384, DerNull.Instance); + _params["SHA384WITHRSAANDMGF1"] = CreatePssParams(sha384AlgId, 48); + + AlgorithmIdentifier sha512AlgId = new AlgorithmIdentifier(NistObjectIdentifiers.IdSha512, DerNull.Instance); + _params["SHA512WITHRSAANDMGF1"] = CreatePssParams(sha512AlgId, 64); + + AlgorithmIdentifier sha3_224AlgId = new AlgorithmIdentifier(NistObjectIdentifiers.IdSha3_224, DerNull.Instance); + _params["SHA3-224WITHRSAANDMGF1"] = CreatePssParams(sha3_224AlgId, 28); + + AlgorithmIdentifier sha3_256AlgId = new AlgorithmIdentifier(NistObjectIdentifiers.IdSha3_256, DerNull.Instance); + _params["SHA3-256WITHRSAANDMGF1"] = CreatePssParams(sha3_256AlgId, 32); + + AlgorithmIdentifier sha3_384AlgId = new AlgorithmIdentifier(NistObjectIdentifiers.IdSha3_384, DerNull.Instance); + _params["SHA3-384WITHRSAANDMGF1"] = CreatePssParams(sha3_384AlgId, 48); + + AlgorithmIdentifier sha3_512AlgId = new AlgorithmIdentifier(NistObjectIdentifiers.IdSha3_512, DerNull.Instance); + _params["SHA3-512WITHRSAANDMGF1"] = CreatePssParams(sha3_512AlgId, 64); + + // + // digests + // + digestOids[PkcsObjectIdentifiers.Sha224WithRsaEncryption] = NistObjectIdentifiers.IdSha224; + digestOids[PkcsObjectIdentifiers.Sha256WithRsaEncryption] = NistObjectIdentifiers.IdSha256; + digestOids[PkcsObjectIdentifiers.Sha384WithRsaEncryption] = NistObjectIdentifiers.IdSha384; + digestOids[PkcsObjectIdentifiers.Sha512WithRsaEncryption] = NistObjectIdentifiers.IdSha512; + digestOids[PkcsObjectIdentifiers.Sha512_224WithRSAEncryption] = NistObjectIdentifiers.IdSha512_224; + digestOids[PkcsObjectIdentifiers.Sha512_256WithRSAEncryption] = NistObjectIdentifiers.IdSha512_256; + digestOids[NistObjectIdentifiers.DsaWithSha224] = NistObjectIdentifiers.IdSha224; + digestOids[NistObjectIdentifiers.DsaWithSha256] = NistObjectIdentifiers.IdSha256; + digestOids[NistObjectIdentifiers.DsaWithSha384] = NistObjectIdentifiers.IdSha384; + digestOids[NistObjectIdentifiers.DsaWithSha512] = NistObjectIdentifiers.IdSha512; + digestOids[NistObjectIdentifiers.IdDsaWithSha3_224] = NistObjectIdentifiers.IdSha3_224; + digestOids[NistObjectIdentifiers.IdDsaWithSha3_256] = NistObjectIdentifiers.IdSha3_256; + digestOids[NistObjectIdentifiers.IdDsaWithSha3_384] = NistObjectIdentifiers.IdSha3_384; + digestOids[NistObjectIdentifiers.IdDsaWithSha3_512] = NistObjectIdentifiers.IdSha3_512; + digestOids[NistObjectIdentifiers.IdEcdsaWithSha3_224] = NistObjectIdentifiers.IdSha3_224; + digestOids[NistObjectIdentifiers.IdEcdsaWithSha3_256] = NistObjectIdentifiers.IdSha3_256; + digestOids[NistObjectIdentifiers.IdEcdsaWithSha3_384] = NistObjectIdentifiers.IdSha3_384; + digestOids[NistObjectIdentifiers.IdEcdsaWithSha3_512] = NistObjectIdentifiers.IdSha3_512; + digestOids[NistObjectIdentifiers.IdRsassaPkcs1V15WithSha3_224] = NistObjectIdentifiers.IdSha3_224; + digestOids[NistObjectIdentifiers.IdRsassaPkcs1V15WithSha3_256] = NistObjectIdentifiers.IdSha3_256; + digestOids[NistObjectIdentifiers.IdRsassaPkcs1V15WithSha3_384] = NistObjectIdentifiers.IdSha3_384; + digestOids[NistObjectIdentifiers.IdRsassaPkcs1V15WithSha3_512] = NistObjectIdentifiers.IdSha3_512; + + digestOids[PkcsObjectIdentifiers.MD2WithRsaEncryption] = PkcsObjectIdentifiers.MD2; + digestOids[PkcsObjectIdentifiers.MD4WithRsaEncryption] = PkcsObjectIdentifiers.MD4; + digestOids[PkcsObjectIdentifiers.MD5WithRsaEncryption] = PkcsObjectIdentifiers.MD5; + digestOids[PkcsObjectIdentifiers.Sha1WithRsaEncryption] = OiwObjectIdentifiers.IdSha1; + digestOids[TeleTrusTObjectIdentifiers.RsaSignatureWithRipeMD128] = TeleTrusTObjectIdentifiers.RipeMD128; + digestOids[TeleTrusTObjectIdentifiers.RsaSignatureWithRipeMD160] = TeleTrusTObjectIdentifiers.RipeMD160; + digestOids[TeleTrusTObjectIdentifiers.RsaSignatureWithRipeMD256] = TeleTrusTObjectIdentifiers.RipeMD256; + digestOids[CryptoProObjectIdentifiers.GostR3411x94WithGostR3410x94] = CryptoProObjectIdentifiers.GostR3411; + digestOids[CryptoProObjectIdentifiers.GostR3411x94WithGostR3410x2001] = CryptoProObjectIdentifiers.GostR3411; + digestOids[RosstandartObjectIdentifiers.id_tc26_signwithdigest_gost_3410_12_256] = RosstandartObjectIdentifiers.id_tc26_gost_3411_12_256; + digestOids[RosstandartObjectIdentifiers.id_tc26_signwithdigest_gost_3410_12_512] = RosstandartObjectIdentifiers.id_tc26_gost_3411_12_512; + + digestOids[GMObjectIdentifiers.sm2sign_with_sha256] = NistObjectIdentifiers.IdSha256; + digestOids[GMObjectIdentifiers.sm2sign_with_sm3] = GMObjectIdentifiers.sm3; + } + + private static AlgorithmIdentifier Generate(string signatureAlgorithm) + { + AlgorithmIdentifier sigAlgId; + AlgorithmIdentifier encAlgId; + AlgorithmIdentifier digAlgId; + + string algorithmName = Strings.ToUpperCase(signatureAlgorithm); + DerObjectIdentifier sigOID = (DerObjectIdentifier)algorithms[algorithmName]; + if (sigOID == null) + { + throw new ArgumentException("Unknown signature type requested: " + algorithmName); + } + + if (noParams.Contains(sigOID)) + { + sigAlgId = new AlgorithmIdentifier(sigOID); + } + else if (_params.Contains(algorithmName)) + { + sigAlgId = new AlgorithmIdentifier(sigOID, (Asn1Encodable)_params[algorithmName]); + } + else + { + sigAlgId = new AlgorithmIdentifier(sigOID, DerNull.Instance); + } + + if (pkcs15RsaEncryption.Contains(sigOID)) + { + encAlgId = new AlgorithmIdentifier(PkcsObjectIdentifiers.RsaEncryption, DerNull.Instance); + } + else + { + encAlgId = sigAlgId; + } + + if (sigAlgId.Algorithm.Equals(PkcsObjectIdentifiers.IdRsassaPss)) + { + digAlgId = ((RsassaPssParameters)sigAlgId.Parameters).HashAlgorithm; + } + else + { + digAlgId = new AlgorithmIdentifier((DerObjectIdentifier)digestOids[sigOID], DerNull.Instance); + } + + return sigAlgId; + } + + private static RsassaPssParameters CreatePssParams(AlgorithmIdentifier hashAlgId, int saltSize) + { + return new RsassaPssParameters( + hashAlgId, + new AlgorithmIdentifier(PkcsObjectIdentifiers.IdMgf1, hashAlgId), + new DerInteger(saltSize), + new DerInteger(1)); + } + + public AlgorithmIdentifier Find(string sigAlgName) + { + return Generate(sigAlgName); + } + } + + public class DefaultDigestAlgorithmIdentifierFinder + { + private static readonly IDictionary digestOids = Platform.CreateHashtable(); + private static readonly IDictionary digestNameToOids = Platform.CreateHashtable(); + + static DefaultDigestAlgorithmIdentifierFinder() + { + // + // digests + // + digestOids.Add(OiwObjectIdentifiers.MD4WithRsaEncryption, PkcsObjectIdentifiers.MD4); + digestOids.Add(OiwObjectIdentifiers.MD4WithRsa, PkcsObjectIdentifiers.MD4); + digestOids.Add(OiwObjectIdentifiers.MD5WithRsa, PkcsObjectIdentifiers.MD5); + digestOids.Add(OiwObjectIdentifiers.Sha1WithRsa, OiwObjectIdentifiers.IdSha1); + digestOids.Add(OiwObjectIdentifiers.DsaWithSha1, OiwObjectIdentifiers.IdSha1); + + digestOids.Add(PkcsObjectIdentifiers.Sha224WithRsaEncryption, NistObjectIdentifiers.IdSha224); + digestOids.Add(PkcsObjectIdentifiers.Sha256WithRsaEncryption, NistObjectIdentifiers.IdSha256); + digestOids.Add(PkcsObjectIdentifiers.Sha384WithRsaEncryption, NistObjectIdentifiers.IdSha384); + digestOids.Add(PkcsObjectIdentifiers.Sha512WithRsaEncryption, NistObjectIdentifiers.IdSha512); + digestOids.Add(PkcsObjectIdentifiers.Sha512_224WithRSAEncryption, NistObjectIdentifiers.IdSha512_224); + digestOids.Add(PkcsObjectIdentifiers.Sha512_256WithRSAEncryption, NistObjectIdentifiers.IdSha512_256); + + digestOids.Add(NistObjectIdentifiers.IdRsassaPkcs1V15WithSha3_224, NistObjectIdentifiers.IdSha3_224); + digestOids.Add(NistObjectIdentifiers.IdRsassaPkcs1V15WithSha3_256, NistObjectIdentifiers.IdSha3_256); + digestOids.Add(NistObjectIdentifiers.IdRsassaPkcs1V15WithSha3_384, NistObjectIdentifiers.IdSha3_384); + digestOids.Add(NistObjectIdentifiers.IdRsassaPkcs1V15WithSha3_512, NistObjectIdentifiers.IdSha3_512); + + digestOids.Add(PkcsObjectIdentifiers.MD2WithRsaEncryption, PkcsObjectIdentifiers.MD2); + digestOids.Add(PkcsObjectIdentifiers.MD4WithRsaEncryption, PkcsObjectIdentifiers.MD4); + digestOids.Add(PkcsObjectIdentifiers.MD5WithRsaEncryption, PkcsObjectIdentifiers.MD5); + digestOids.Add(PkcsObjectIdentifiers.Sha1WithRsaEncryption, OiwObjectIdentifiers.IdSha1); + + digestOids.Add(X9ObjectIdentifiers.ECDsaWithSha1, OiwObjectIdentifiers.IdSha1); + digestOids.Add(X9ObjectIdentifiers.ECDsaWithSha224, NistObjectIdentifiers.IdSha224); + digestOids.Add(X9ObjectIdentifiers.ECDsaWithSha256, NistObjectIdentifiers.IdSha256); + digestOids.Add(X9ObjectIdentifiers.ECDsaWithSha384, NistObjectIdentifiers.IdSha384); + digestOids.Add(X9ObjectIdentifiers.ECDsaWithSha512, NistObjectIdentifiers.IdSha512); + digestOids.Add(X9ObjectIdentifiers.IdDsaWithSha1, OiwObjectIdentifiers.IdSha1); + + digestOids.Add(NistObjectIdentifiers.DsaWithSha224, NistObjectIdentifiers.IdSha224); + digestOids.Add(NistObjectIdentifiers.DsaWithSha256, NistObjectIdentifiers.IdSha256); + digestOids.Add(NistObjectIdentifiers.DsaWithSha384, NistObjectIdentifiers.IdSha384); + digestOids.Add(NistObjectIdentifiers.DsaWithSha512, NistObjectIdentifiers.IdSha512); + + digestOids.Add(TeleTrusTObjectIdentifiers.RsaSignatureWithRipeMD128, TeleTrusTObjectIdentifiers.RipeMD128); + digestOids.Add(TeleTrusTObjectIdentifiers.RsaSignatureWithRipeMD160, TeleTrusTObjectIdentifiers.RipeMD160); + digestOids.Add(TeleTrusTObjectIdentifiers.RsaSignatureWithRipeMD256, TeleTrusTObjectIdentifiers.RipeMD256); + + digestOids.Add(CryptoProObjectIdentifiers.GostR3411x94WithGostR3410x94, CryptoProObjectIdentifiers.GostR3411); + digestOids.Add(CryptoProObjectIdentifiers.GostR3411x94WithGostR3410x2001, CryptoProObjectIdentifiers.GostR3411); + + digestNameToOids.Add("SHA-1", OiwObjectIdentifiers.IdSha1); + digestNameToOids.Add("SHA-224", NistObjectIdentifiers.IdSha224); + digestNameToOids.Add("SHA-256", NistObjectIdentifiers.IdSha256); + digestNameToOids.Add("SHA-384", NistObjectIdentifiers.IdSha384); + digestNameToOids.Add("SHA-512", NistObjectIdentifiers.IdSha512); + digestNameToOids.Add("SHA-512/224", NistObjectIdentifiers.IdSha512_224); + digestNameToOids.Add("SHA-512(224)", NistObjectIdentifiers.IdSha512_224); + digestNameToOids.Add("SHA-512/256", NistObjectIdentifiers.IdSha512_256); + digestNameToOids.Add("SHA-512(256)", NistObjectIdentifiers.IdSha512_256); + + digestNameToOids.Add("SHA1", OiwObjectIdentifiers.IdSha1); + digestNameToOids.Add("SHA224", NistObjectIdentifiers.IdSha224); + digestNameToOids.Add("SHA256", NistObjectIdentifiers.IdSha256); + digestNameToOids.Add("SHA384", NistObjectIdentifiers.IdSha384); + digestNameToOids.Add("SHA512", NistObjectIdentifiers.IdSha512); + digestNameToOids.Add("SHA512/224", NistObjectIdentifiers.IdSha512_224); + digestNameToOids.Add("SHA512(224)", NistObjectIdentifiers.IdSha512_224); + digestNameToOids.Add("SHA512/256", NistObjectIdentifiers.IdSha512_256); + digestNameToOids.Add("SHA512(256)", NistObjectIdentifiers.IdSha512_256); + + digestNameToOids.Add("SHA3-224", NistObjectIdentifiers.IdSha3_224); + digestNameToOids.Add("SHA3-256", NistObjectIdentifiers.IdSha3_256); + digestNameToOids.Add("SHA3-384", NistObjectIdentifiers.IdSha3_384); + digestNameToOids.Add("SHA3-512", NistObjectIdentifiers.IdSha3_512); + + digestNameToOids.Add("SHAKE-128", NistObjectIdentifiers.IdShake128); + digestNameToOids.Add("SHAKE-256", NistObjectIdentifiers.IdShake256); + + digestNameToOids.Add("GOST3411", CryptoProObjectIdentifiers.GostR3411); + + digestNameToOids.Add("MD2", PkcsObjectIdentifiers.MD2); + digestNameToOids.Add("MD4", PkcsObjectIdentifiers.MD4); + digestNameToOids.Add("MD5", PkcsObjectIdentifiers.MD5); + + digestNameToOids.Add("RIPEMD128", TeleTrusTObjectIdentifiers.RipeMD128); + digestNameToOids.Add("RIPEMD160", TeleTrusTObjectIdentifiers.RipeMD160); + digestNameToOids.Add("RIPEMD256", TeleTrusTObjectIdentifiers.RipeMD256); + } + + public AlgorithmIdentifier find(AlgorithmIdentifier sigAlgId) + { + AlgorithmIdentifier digAlgId; + + if (sigAlgId.Algorithm.Equals(PkcsObjectIdentifiers.IdRsassaPss)) + { + digAlgId = RsassaPssParameters.GetInstance(sigAlgId.Parameters).HashAlgorithm; + } + else + { + digAlgId = new AlgorithmIdentifier((DerObjectIdentifier)digestOids[sigAlgId.Algorithm], DerNull.Instance); + } + + return digAlgId; + } + + public AlgorithmIdentifier find(string digAlgName) + { + return new AlgorithmIdentifier((DerObjectIdentifier)digestNameToOids[digAlgName], DerNull.Instance); + } + } + + public class CmsSignedGenerator + { + /** + * Default type for the signed data. + */ + public static readonly string Data = CmsObjectIdentifiers.Data.Id; + + public static readonly string DigestSha1 = OiwObjectIdentifiers.IdSha1.Id; + public static readonly string DigestSha224 = NistObjectIdentifiers.IdSha224.Id; + public static readonly string DigestSha256 = NistObjectIdentifiers.IdSha256.Id; + public static readonly string DigestSha384 = NistObjectIdentifiers.IdSha384.Id; + public static readonly string DigestSha512 = NistObjectIdentifiers.IdSha512.Id; + public static readonly string DigestSha512_224 = NistObjectIdentifiers.IdSha512_224.Id; + public static readonly string DigestSha512_256 = NistObjectIdentifiers.IdSha512_256.Id; + public static readonly string DigestMD5 = PkcsObjectIdentifiers.MD5.Id; + public static readonly string DigestGost3411 = CryptoProObjectIdentifiers.GostR3411.Id; + public static readonly string DigestRipeMD128 = TeleTrusTObjectIdentifiers.RipeMD128.Id; + public static readonly string DigestRipeMD160 = TeleTrusTObjectIdentifiers.RipeMD160.Id; + public static readonly string DigestRipeMD256 = TeleTrusTObjectIdentifiers.RipeMD256.Id; + + public static readonly string EncryptionRsa = PkcsObjectIdentifiers.RsaEncryption.Id; + public static readonly string EncryptionDsa = X9ObjectIdentifiers.IdDsaWithSha1.Id; + public static readonly string EncryptionECDsa = X9ObjectIdentifiers.ECDsaWithSha1.Id; + public static readonly string EncryptionRsaPss = PkcsObjectIdentifiers.IdRsassaPss.Id; + public static readonly string EncryptionGost3410 = CryptoProObjectIdentifiers.GostR3410x94.Id; + public static readonly string EncryptionECGost3410 = CryptoProObjectIdentifiers.GostR3410x2001.Id; + + internal IList _certs = Platform.CreateArrayList(); + internal IList _crls = Platform.CreateArrayList(); + internal IList _signers = Platform.CreateArrayList(); + internal IDictionary _digests = Platform.CreateHashtable(); + internal bool _useDerForCerts = false; + internal bool _useDerForCrls = false; + + protected readonly SecureRandom rand; + + protected CmsSignedGenerator() + : this(new SecureRandom()) + { + } + + /// Constructor allowing specific source of randomness + /// Instance of SecureRandom to use. + protected CmsSignedGenerator( + SecureRandom rand) + { + this.rand = rand; + } + + internal protected virtual IDictionary GetBaseParameters( + DerObjectIdentifier contentType, + AlgorithmIdentifier digAlgId, + byte[] hash) + { + IDictionary param = Platform.CreateHashtable(); + + if (contentType != null) + { + param[CmsAttributeTableParameter.ContentType] = contentType; + } + + param[CmsAttributeTableParameter.DigestAlgorithmIdentifier] = digAlgId; + param[CmsAttributeTableParameter.Digest] = hash.Clone(); + + return param; + } + + internal protected virtual Asn1Set GetAttributeSet( + Asn1.Cms.AttributeTable attr) + { + return attr == null + ? null + : new DerSet(attr.ToAsn1EncodableVector()); + } + + public void AddCertificates( + IX509Store certStore) + { + CollectionUtilities.AddRange(_certs, CmsUtilities.GetCertificatesFromStore(certStore)); + } + + public void AddCrls( + IX509Store crlStore) + { + CollectionUtilities.AddRange(_crls, CmsUtilities.GetCrlsFromStore(crlStore)); + } + + /** + * Add the attribute certificates contained in the passed in store to the + * generator. + * + * @param store a store of Version 2 attribute certificates + * @throws CmsException if an error occurse processing the store. + */ + public void AddAttributeCertificates( + IX509Store store) + { + try + { + foreach (IX509AttributeCertificate attrCert in store.GetMatches(null)) + { + _certs.Add(new DerTaggedObject(false, 2, + AttributeCertificate.GetInstance(Asn1Object.FromByteArray(attrCert.GetEncoded())))); + } + } + catch (Exception e) + { + throw new CmsException("error processing attribute certs", e); + } + } + + /** + * Add a store of precalculated signers to the generator. + * + * @param signerStore store of signers + */ + public void AddSigners( + SignerInformationStore signerStore) + { + foreach (SignerInformation o in signerStore.GetSigners()) + { + _signers.Add(o); + AddSignerCallback(o); + } + } + + /** + * Return a map of oids and byte arrays representing the digests calculated on the content during + * the last generate. + * + * @return a map of oids (as string objects) and byte[] representing digests. + */ + public IDictionary GetGeneratedDigests() + { + return Platform.CreateHashtable(_digests); + } + + public bool UseDerForCerts + { + get { return _useDerForCerts; } + set { this._useDerForCerts = value; } + } + + public bool UseDerForCrls + { + get { return _useDerForCrls; } + set { this._useDerForCrls = value; } + } + + internal virtual void AddSignerCallback( + SignerInformation si) + { + } + + internal static SignerIdentifier GetSignerIdentifier(X509Certificate cert) + { + return new SignerIdentifier(CmsUtilities.GetIssuerAndSerialNumber(cert)); + } + + internal static SignerIdentifier GetSignerIdentifier(byte[] subjectKeyIdentifier) + { + return new SignerIdentifier(new DerOctetString(subjectKeyIdentifier)); + } + } +} diff --git a/BouncyCastle/crypto/src/cms/CMSSignedHelper.cs b/BouncyCastle/crypto/src/cms/CMSSignedHelper.cs new file mode 100644 index 0000000..6d17200 --- /dev/null +++ b/BouncyCastle/crypto/src/cms/CMSSignedHelper.cs @@ -0,0 +1,454 @@ +using System; +using System.Collections; + +using Org.BouncyCastle.Asn1; +using Org.BouncyCastle.Asn1.CryptoPro; +using Org.BouncyCastle.Asn1.Eac; +using Org.BouncyCastle.Asn1.Iana; +using Org.BouncyCastle.Asn1.Misc; +using Org.BouncyCastle.Asn1.Nist; +using Org.BouncyCastle.Asn1.Oiw; +using Org.BouncyCastle.Asn1.Pkcs; +using Org.BouncyCastle.Asn1.TeleTrust; +using Org.BouncyCastle.Asn1.X509; +using Org.BouncyCastle.Asn1.X9; +using Org.BouncyCastle.Crypto; +using Org.BouncyCastle.Security; +using Org.BouncyCastle.Security.Certificates; +using Org.BouncyCastle.Utilities; +using Org.BouncyCastle.X509; +using Org.BouncyCastle.X509.Store; +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Utilities.Collections; +using Org.BouncyCastle.Crypto.Tls; + +namespace Org.BouncyCastle.Cms +{ + internal class CmsSignedHelper + { + internal static readonly CmsSignedHelper Instance = new CmsSignedHelper(); + + private static readonly string EncryptionECDsaWithSha1 = X9ObjectIdentifiers.ECDsaWithSha1.Id; + private static readonly string EncryptionECDsaWithSha224 = X9ObjectIdentifiers.ECDsaWithSha224.Id; + private static readonly string EncryptionECDsaWithSha256 = X9ObjectIdentifiers.ECDsaWithSha256.Id; + private static readonly string EncryptionECDsaWithSha384 = X9ObjectIdentifiers.ECDsaWithSha384.Id; + private static readonly string EncryptionECDsaWithSha512 = X9ObjectIdentifiers.ECDsaWithSha512.Id; + + private static readonly IDictionary encryptionAlgs = Platform.CreateHashtable(); + private static readonly IDictionary digestAlgs = Platform.CreateHashtable(); + private static readonly IDictionary digestAliases = Platform.CreateHashtable(); + + private static readonly ISet noParams = new HashSet(); + private static readonly IDictionary ecAlgorithms = Platform.CreateHashtable(); + + private static void AddEntries(DerObjectIdentifier oid, string digest, string encryption) + { + string alias = oid.Id; + digestAlgs.Add(alias, digest); + encryptionAlgs.Add(alias, encryption); + } + + static CmsSignedHelper() + { + AddEntries(NistObjectIdentifiers.DsaWithSha224, "SHA224", "DSA"); + AddEntries(NistObjectIdentifiers.DsaWithSha256, "SHA256", "DSA"); + AddEntries(NistObjectIdentifiers.DsaWithSha384, "SHA384", "DSA"); + AddEntries(NistObjectIdentifiers.DsaWithSha512, "SHA512", "DSA"); + AddEntries(OiwObjectIdentifiers.DsaWithSha1, "SHA1", "DSA"); + AddEntries(OiwObjectIdentifiers.MD4WithRsa, "MD4", "RSA"); + AddEntries(OiwObjectIdentifiers.MD4WithRsaEncryption, "MD4", "RSA"); + AddEntries(OiwObjectIdentifiers.MD5WithRsa, "MD5", "RSA"); + AddEntries(OiwObjectIdentifiers.Sha1WithRsa, "SHA1", "RSA"); + AddEntries(PkcsObjectIdentifiers.MD2WithRsaEncryption, "MD2", "RSA"); + AddEntries(PkcsObjectIdentifiers.MD4WithRsaEncryption, "MD4", "RSA"); + AddEntries(PkcsObjectIdentifiers.MD5WithRsaEncryption, "MD5", "RSA"); + AddEntries(PkcsObjectIdentifiers.Sha1WithRsaEncryption, "SHA1", "RSA"); + AddEntries(PkcsObjectIdentifiers.Sha224WithRsaEncryption, "SHA224", "RSA"); + AddEntries(PkcsObjectIdentifiers.Sha256WithRsaEncryption, "SHA256", "RSA"); + AddEntries(PkcsObjectIdentifiers.Sha384WithRsaEncryption, "SHA384", "RSA"); + AddEntries(PkcsObjectIdentifiers.Sha512WithRsaEncryption, "SHA512", "RSA"); + AddEntries(PkcsObjectIdentifiers.Sha512_224WithRSAEncryption, "SHA512(224)", "RSA"); + AddEntries(PkcsObjectIdentifiers.Sha512_256WithRSAEncryption, "SHA512(256)", "RSA"); + AddEntries(NistObjectIdentifiers.IdRsassaPkcs1V15WithSha3_224, "SHA3-224", "RSA"); + AddEntries(NistObjectIdentifiers.IdRsassaPkcs1V15WithSha3_256, "SHA3-256", "RSA"); + AddEntries(NistObjectIdentifiers.IdRsassaPkcs1V15WithSha3_384, "SHA3-384", "RSA"); + AddEntries(NistObjectIdentifiers.IdRsassaPkcs1V15WithSha3_512, "SHA3-512", "RSA"); + AddEntries(X9ObjectIdentifiers.ECDsaWithSha1, "SHA1", "ECDSA"); + AddEntries(X9ObjectIdentifiers.ECDsaWithSha224, "SHA224", "ECDSA"); + AddEntries(X9ObjectIdentifiers.ECDsaWithSha256, "SHA256", "ECDSA"); + AddEntries(X9ObjectIdentifiers.ECDsaWithSha384, "SHA384", "ECDSA"); + AddEntries(X9ObjectIdentifiers.ECDsaWithSha512, "SHA512", "ECDSA"); + AddEntries(X9ObjectIdentifiers.IdDsaWithSha1, "SHA1", "DSA"); + AddEntries(EacObjectIdentifiers.id_TA_ECDSA_SHA_1, "SHA1", "ECDSA"); + AddEntries(EacObjectIdentifiers.id_TA_ECDSA_SHA_224, "SHA224", "ECDSA"); + AddEntries(EacObjectIdentifiers.id_TA_ECDSA_SHA_256, "SHA256", "ECDSA"); + AddEntries(EacObjectIdentifiers.id_TA_ECDSA_SHA_384, "SHA384", "ECDSA"); + AddEntries(EacObjectIdentifiers.id_TA_ECDSA_SHA_512, "SHA512", "ECDSA"); + AddEntries(EacObjectIdentifiers.id_TA_RSA_v1_5_SHA_1, "SHA1", "RSA"); + AddEntries(EacObjectIdentifiers.id_TA_RSA_v1_5_SHA_256, "SHA256", "RSA"); + AddEntries(EacObjectIdentifiers.id_TA_RSA_PSS_SHA_1, "SHA1", "RSAandMGF1"); + AddEntries(EacObjectIdentifiers.id_TA_RSA_PSS_SHA_256, "SHA256", "RSAandMGF1"); + + encryptionAlgs.Add(X9ObjectIdentifiers.IdDsa.Id, "DSA"); + encryptionAlgs.Add(PkcsObjectIdentifiers.RsaEncryption.Id, "RSA"); + encryptionAlgs.Add(TeleTrusTObjectIdentifiers.TeleTrusTRsaSignatureAlgorithm.Id, "RSA"); + encryptionAlgs.Add(X509ObjectIdentifiers.IdEARsa.Id, "RSA"); + encryptionAlgs.Add(CmsSignedGenerator.EncryptionRsaPss, "RSAandMGF1"); + encryptionAlgs.Add(CryptoProObjectIdentifiers.GostR3410x94.Id, "GOST3410"); + encryptionAlgs.Add(CryptoProObjectIdentifiers.GostR3410x2001.Id, "ECGOST3410"); + encryptionAlgs.Add("1.3.6.1.4.1.5849.1.6.2", "ECGOST3410"); + encryptionAlgs.Add("1.3.6.1.4.1.5849.1.1.5", "GOST3410"); + + digestAlgs.Add(PkcsObjectIdentifiers.MD2.Id, "MD2"); + digestAlgs.Add(PkcsObjectIdentifiers.MD4.Id, "MD4"); + digestAlgs.Add(PkcsObjectIdentifiers.MD5.Id, "MD5"); + digestAlgs.Add(OiwObjectIdentifiers.IdSha1.Id, "SHA1"); + digestAlgs.Add(NistObjectIdentifiers.IdSha224.Id, "SHA224"); + digestAlgs.Add(NistObjectIdentifiers.IdSha256.Id, "SHA256"); + digestAlgs.Add(NistObjectIdentifiers.IdSha384.Id, "SHA384"); + digestAlgs.Add(NistObjectIdentifiers.IdSha512.Id, "SHA512"); + digestAlgs.Add(NistObjectIdentifiers.IdSha512_224.Id, "SHA512(224)"); + digestAlgs.Add(NistObjectIdentifiers.IdSha512_256.Id, "SHA512(256)"); + digestAlgs.Add(NistObjectIdentifiers.IdSha3_224.Id, "SHA3-224"); + digestAlgs.Add(NistObjectIdentifiers.IdSha3_256.Id, "SHA3-256"); + digestAlgs.Add(NistObjectIdentifiers.IdSha3_384.Id, "SHA3-384"); + digestAlgs.Add(NistObjectIdentifiers.IdSha3_512.Id, "SHA3-512"); + digestAlgs.Add(TeleTrusTObjectIdentifiers.RipeMD128.Id, "RIPEMD128"); + digestAlgs.Add(TeleTrusTObjectIdentifiers.RipeMD160.Id, "RIPEMD160"); + digestAlgs.Add(TeleTrusTObjectIdentifiers.RipeMD256.Id, "RIPEMD256"); + digestAlgs.Add(CryptoProObjectIdentifiers.GostR3411.Id, "GOST3411"); + digestAlgs.Add("1.3.6.1.4.1.5849.1.2.1", "GOST3411"); + + digestAliases.Add("SHA1", new string[] { "SHA-1" }); + digestAliases.Add("SHA224", new string[] { "SHA-224" }); + digestAliases.Add("SHA256", new string[] { "SHA-256" }); + digestAliases.Add("SHA384", new string[] { "SHA-384" }); + digestAliases.Add("SHA512", new string[] { "SHA-512" }); + + noParams.Add(CmsSignedGenerator.EncryptionDsa); + // noParams.Add(EncryptionECDsa); + noParams.Add(EncryptionECDsaWithSha1); + noParams.Add(EncryptionECDsaWithSha224); + noParams.Add(EncryptionECDsaWithSha256); + noParams.Add(EncryptionECDsaWithSha384); + noParams.Add(EncryptionECDsaWithSha512); + + ecAlgorithms.Add(CmsSignedGenerator.DigestSha1, EncryptionECDsaWithSha1); + ecAlgorithms.Add(CmsSignedGenerator.DigestSha224, EncryptionECDsaWithSha224); + ecAlgorithms.Add(CmsSignedGenerator.DigestSha256, EncryptionECDsaWithSha256); + ecAlgorithms.Add(CmsSignedGenerator.DigestSha384, EncryptionECDsaWithSha384); + ecAlgorithms.Add(CmsSignedGenerator.DigestSha512, EncryptionECDsaWithSha512); + } + + + + /** + * Return the digest algorithm using one of the standard JCA string + * representations rather than the algorithm identifier (if possible). + */ + internal string GetDigestAlgName( + string digestAlgOid) + { + string algName = (string)digestAlgs[digestAlgOid]; + + if (algName != null) + { + return algName; + } + + return digestAlgOid; + } + + internal AlgorithmIdentifier GetEncAlgorithmIdentifier( + DerObjectIdentifier encOid, + Asn1Encodable sigX509Parameters) + { + if (noParams.Contains(encOid.Id)) + { + return new AlgorithmIdentifier(encOid); + } + + return new AlgorithmIdentifier(encOid, sigX509Parameters); + } + + internal string[] GetDigestAliases( + string algName) + { + string[] aliases = (string[]) digestAliases[algName]; + + return aliases == null ? new string[0] : (string[]) aliases.Clone(); + } + + /** + * Return the digest encryption algorithm using one of the standard + * JCA string representations rather than the algorithm identifier (if + * possible). + */ + internal string GetEncryptionAlgName( + string encryptionAlgOid) + { + string algName = (string) encryptionAlgs[encryptionAlgOid]; + + if (algName != null) + { + return algName; + } + + return encryptionAlgOid; + } + + internal IDigest GetDigestInstance( + string algorithm) + { + try + { + return DigestUtilities.GetDigest(algorithm); + } + catch (SecurityUtilityException e) + { + // This is probably superfluous on C#, since no provider infrastructure, + // assuming DigestUtilities already knows all the aliases + foreach (string alias in GetDigestAliases(algorithm)) + { + try { return DigestUtilities.GetDigest(alias); } + catch (SecurityUtilityException) {} + } + throw e; + } + } + + internal ISigner GetSignatureInstance( + string algorithm) + { + return SignerUtilities.GetSigner(algorithm); + } + + internal IX509Store CreateAttributeStore( + string type, + Asn1Set certSet) + { + IList certs = Platform.CreateArrayList(); + + if (certSet != null) + { + foreach (Asn1Encodable ae in certSet) + { + try + { + Asn1Object obj = ae.ToAsn1Object(); + + if (obj is Asn1TaggedObject) + { + Asn1TaggedObject tagged = (Asn1TaggedObject)obj; + + if (tagged.TagNo == 2) + { + certs.Add( + new X509V2AttributeCertificate( + Asn1Sequence.GetInstance(tagged, false).GetEncoded())); + } + } + } + catch (Exception ex) + { + throw new CmsException("can't re-encode attribute certificate!", ex); + } + } + } + + try + { + return X509StoreFactory.Create( + "AttributeCertificate/" + type, + new X509CollectionStoreParameters(certs)); + } + catch (ArgumentException e) + { + throw new CmsException("can't setup the X509Store", e); + } + } + + internal IX509Store CreateCertificateStore( + string type, + Asn1Set certSet) + { + IList certs = Platform.CreateArrayList(); + + if (certSet != null) + { + AddCertsFromSet(certs, certSet); + } + + try + { + return X509StoreFactory.Create( + "Certificate/" + type, + new X509CollectionStoreParameters(certs)); + } + catch (ArgumentException e) + { + throw new CmsException("can't setup the X509Store", e); + } + } + + internal IX509Store CreateCrlStore( + string type, + Asn1Set crlSet) + { + IList crls = Platform.CreateArrayList(); + + if (crlSet != null) + { + AddCrlsFromSet(crls, crlSet); + } + + try + { + return X509StoreFactory.Create( + "CRL/" + type, + new X509CollectionStoreParameters(crls)); + } + catch (ArgumentException e) + { + throw new CmsException("can't setup the X509Store", e); + } + } + + private void AddCertsFromSet( + IList certs, + Asn1Set certSet) + { + X509CertificateParser cf = new X509CertificateParser(); + + foreach (Asn1Encodable ae in certSet) + { + try + { + Asn1Object obj = ae.ToAsn1Object(); + + if (obj is Asn1Sequence) + { + // TODO Build certificate directly from sequence? + certs.Add(cf.ReadCertificate(obj.GetEncoded())); + } + } + catch (Exception ex) + { + throw new CmsException("can't re-encode certificate!", ex); + } + } + } + + private void AddCrlsFromSet( + IList crls, + Asn1Set crlSet) + { + X509CrlParser cf = new X509CrlParser(); + + foreach (Asn1Encodable ae in crlSet) + { + try + { + // TODO Build CRL directly from ae.ToAsn1Object()? + crls.Add(cf.ReadCrl(ae.GetEncoded())); + } + catch (Exception ex) + { + throw new CmsException("can't re-encode CRL!", ex); + } + } + } + + internal AlgorithmIdentifier FixAlgID( + AlgorithmIdentifier algId) + { + if (algId.Parameters == null) + return new AlgorithmIdentifier(algId.Algorithm, DerNull.Instance); + + return algId; + } + + internal string GetEncOid( + AsymmetricKeyParameter key, + string digestOID) + { + string encOID = null; + + if (key is RsaKeyParameters) + { + if (!((RsaKeyParameters)key).IsPrivate) + throw new ArgumentException("Expected RSA private key"); + + encOID = CmsSignedGenerator.EncryptionRsa; + } + else if (key is DsaPrivateKeyParameters) + { + if (digestOID.Equals(CmsSignedGenerator.DigestSha1)) + { + encOID = CmsSignedGenerator.EncryptionDsa; + } + else if (digestOID.Equals(CmsSignedGenerator.DigestSha224)) + { + encOID = NistObjectIdentifiers.DsaWithSha224.Id; + } + else if (digestOID.Equals(CmsSignedGenerator.DigestSha256)) + { + encOID = NistObjectIdentifiers.DsaWithSha256.Id; + } + else if (digestOID.Equals(CmsSignedGenerator.DigestSha384)) + { + encOID = NistObjectIdentifiers.DsaWithSha384.Id; + } + else if (digestOID.Equals(CmsSignedGenerator.DigestSha512)) + { + encOID = NistObjectIdentifiers.DsaWithSha512.Id; + } + else + { + throw new ArgumentException("can't mix DSA with anything but SHA1/SHA2"); + } + } + else if (key is ECPrivateKeyParameters) + { + ECPrivateKeyParameters ecPrivKey = (ECPrivateKeyParameters)key; + string algName = ecPrivKey.AlgorithmName; + + if (algName == "ECGOST3410") + { + encOID = CmsSignedGenerator.EncryptionECGost3410; + } + else + { + // TODO Should we insist on algName being one of "EC" or "ECDSA", as Java does? + encOID = (string)ecAlgorithms[digestOID]; + + if (encOID == null) + throw new ArgumentException("can't mix ECDSA with anything but SHA family digests"); + } + } + else if (key is Gost3410PrivateKeyParameters) + { + encOID = CmsSignedGenerator.EncryptionGost3410; + } + else + { + throw new ArgumentException("Unknown algorithm in CmsSignedGenerator.GetEncOid"); + } + + return encOID; + } + + public IX509Store GetCertificates(Asn1Set certificates) + { + IList certList = Platform.CreateArrayList(); + if (certificates != null) + { + foreach (Asn1Encodable enc in certificates) + { + certList.Add(X509CertificateStructure.GetInstance(enc)); + } + } + return new X509CollectionStore(certList); + } + } +} diff --git a/BouncyCastle/crypto/src/cms/CMSStreamException.cs b/BouncyCastle/crypto/src/cms/CMSStreamException.cs new file mode 100644 index 0000000..68a8be0 --- /dev/null +++ b/BouncyCastle/crypto/src/cms/CMSStreamException.cs @@ -0,0 +1,29 @@ +using System; +using System.IO; + +namespace Org.BouncyCastle.Cms +{ +#if !(NETCF_1_0 || NETCF_2_0 || SILVERLIGHT || PORTABLE) + [Serializable] +#endif + public class CmsStreamException + : IOException + { + public CmsStreamException() + { + } + + public CmsStreamException( + string name) + : base(name) + { + } + + public CmsStreamException( + string name, + Exception e) + : base(name, e) + { + } + } +} diff --git a/BouncyCastle/crypto/src/cms/CMSTypedStream.cs b/BouncyCastle/crypto/src/cms/CMSTypedStream.cs new file mode 100644 index 0000000..6815837 --- /dev/null +++ b/BouncyCastle/crypto/src/cms/CMSTypedStream.cs @@ -0,0 +1,72 @@ +using System; +using System.IO; + +using Org.BouncyCastle.Asn1.Pkcs; +using Org.BouncyCastle.Utilities; +using Org.BouncyCastle.Utilities.IO; + +namespace Org.BouncyCastle.Cms +{ + public class CmsTypedStream + { + private const int BufferSize = 32 * 1024; + + private readonly string _oid; + private readonly Stream _in; + + public CmsTypedStream( + Stream inStream) + : this(PkcsObjectIdentifiers.Data.Id, inStream, BufferSize) + { + } + + public CmsTypedStream( + string oid, + Stream inStream) + : this(oid, inStream, BufferSize) + { + } + + public CmsTypedStream( + string oid, + Stream inStream, + int bufSize) + { + _oid = oid; +#if NETCF_1_0 || NETCF_2_0 || SILVERLIGHT || PORTABLE + _in = new FullReaderStream(inStream); +#else + _in = new FullReaderStream(new BufferedStream(inStream, bufSize)); +#endif + } + + public string ContentType + { + get { return _oid; } + } + + public Stream ContentStream + { + get { return _in; } + } + + public void Drain() + { + Streams.Drain(_in); + Platform.Dispose(_in); + } + + private class FullReaderStream : FilterStream + { + internal FullReaderStream(Stream input) + : base(input) + { + } + + public override int Read(byte[] buf, int off, int len) + { + return Streams.ReadFully(base.s, buf, off, len); + } + } + } +} diff --git a/BouncyCastle/crypto/src/cms/CMSUtils.cs b/BouncyCastle/crypto/src/cms/CMSUtils.cs new file mode 100644 index 0000000..95d7106 --- /dev/null +++ b/BouncyCastle/crypto/src/cms/CMSUtils.cs @@ -0,0 +1,186 @@ +using System; +using System.Collections; +using System.IO; + +using Org.BouncyCastle.Asn1; +using Org.BouncyCastle.Asn1.Cms; +using Org.BouncyCastle.Asn1.X509; +using Org.BouncyCastle.Security.Certificates; +using Org.BouncyCastle.Utilities; +using Org.BouncyCastle.Utilities.IO; +using Org.BouncyCastle.X509; +using Org.BouncyCastle.X509.Store; + +namespace Org.BouncyCastle.Cms +{ + internal class CmsUtilities + { + // TODO Is there a .NET equivalent to this? +// private static readonly Runtime RUNTIME = Runtime.getRuntime(); + + internal static int MaximumMemory + { + get + { + // TODO Is there a .NET equivalent to this? + long maxMem = int.MaxValue;//RUNTIME.maxMemory(); + + if (maxMem > int.MaxValue) + { + return int.MaxValue; + } + + return (int)maxMem; + } + } + + internal static ContentInfo ReadContentInfo( + byte[] input) + { + // enforce limit checking as from a byte array + return ReadContentInfo(new Asn1InputStream(input)); + } + + internal static ContentInfo ReadContentInfo( + Stream input) + { + // enforce some limit checking + return ReadContentInfo(new Asn1InputStream(input, MaximumMemory)); + } + + private static ContentInfo ReadContentInfo( + Asn1InputStream aIn) + { + try + { + return ContentInfo.GetInstance(aIn.ReadObject()); + } + catch (IOException e) + { + throw new CmsException("IOException reading content.", e); + } + catch (InvalidCastException e) + { + throw new CmsException("Malformed content.", e); + } + catch (ArgumentException e) + { + throw new CmsException("Malformed content.", e); + } + } + + public static byte[] StreamToByteArray( + Stream inStream) + { + return Streams.ReadAll(inStream); + } + + public static byte[] StreamToByteArray( + Stream inStream, + int limit) + { + return Streams.ReadAllLimited(inStream, limit); + } + + public static IList GetCertificatesFromStore( + IX509Store certStore) + { + try + { + IList certs = Platform.CreateArrayList(); + + if (certStore != null) + { + foreach (X509Certificate c in certStore.GetMatches(null)) + { + certs.Add( + X509CertificateStructure.GetInstance( + Asn1Object.FromByteArray(c.GetEncoded()))); + } + } + + return certs; + } + catch (CertificateEncodingException e) + { + throw new CmsException("error encoding certs", e); + } + catch (Exception e) + { + throw new CmsException("error processing certs", e); + } + } + + public static IList GetCrlsFromStore( + IX509Store crlStore) + { + try + { + IList crls = Platform.CreateArrayList(); + + if (crlStore != null) + { + foreach (X509Crl c in crlStore.GetMatches(null)) + { + crls.Add( + CertificateList.GetInstance( + Asn1Object.FromByteArray(c.GetEncoded()))); + } + } + + return crls; + } + catch (CrlException e) + { + throw new CmsException("error encoding crls", e); + } + catch (Exception e) + { + throw new CmsException("error processing crls", e); + } + } + + public static Asn1Set CreateBerSetFromList( + IList berObjects) + { + Asn1EncodableVector v = new Asn1EncodableVector(); + + foreach (Asn1Encodable ae in berObjects) + { + v.Add(ae); + } + + return new BerSet(v); + } + + public static Asn1Set CreateDerSetFromList( + IList derObjects) + { + Asn1EncodableVector v = new Asn1EncodableVector(); + + foreach (Asn1Encodable ae in derObjects) + { + v.Add(ae); + } + + return new DerSet(v); + } + + internal static Stream CreateBerOctetOutputStream(Stream s, int tagNo, bool isExplicit, int bufferSize) + { + BerOctetStringGenerator octGen = new BerOctetStringGenerator(s, tagNo, isExplicit); + return octGen.GetOctetOutputStream(bufferSize); + } + + internal static TbsCertificateStructure GetTbsCertificateStructure(X509Certificate cert) + { + return TbsCertificateStructure.GetInstance(Asn1Object.FromByteArray(cert.GetTbsCertificate())); + } + + internal static IssuerAndSerialNumber GetIssuerAndSerialNumber(X509Certificate cert) + { + TbsCertificateStructure tbsCert = GetTbsCertificateStructure(cert); + return new IssuerAndSerialNumber(tbsCert.Issuer, tbsCert.SerialNumber.Value); + } + } +} diff --git a/BouncyCastle/crypto/src/cms/CounterSignatureDigestCalculator.cs b/BouncyCastle/crypto/src/cms/CounterSignatureDigestCalculator.cs new file mode 100644 index 0000000..6f8bf65 --- /dev/null +++ b/BouncyCastle/crypto/src/cms/CounterSignatureDigestCalculator.cs @@ -0,0 +1,28 @@ +using System; + +using Org.BouncyCastle.Crypto; +using Org.BouncyCastle.Security; + +namespace Org.BouncyCastle.Cms +{ + internal class CounterSignatureDigestCalculator + : IDigestCalculator + { + private readonly string alg; + private readonly byte[] data; + + internal CounterSignatureDigestCalculator( + string alg, + byte[] data) + { + this.alg = alg; + this.data = data; + } + + public byte[] GetDigest() + { + IDigest digest = CmsSignedHelper.Instance.GetDigestInstance(alg); + return DigestUtilities.DoFinal(digest, data); + } + } +} diff --git a/BouncyCastle/crypto/src/cms/DefaultAuthenticatedAttributeTableGenerator.cs b/BouncyCastle/crypto/src/cms/DefaultAuthenticatedAttributeTableGenerator.cs new file mode 100644 index 0000000..d49b1d9 --- /dev/null +++ b/BouncyCastle/crypto/src/cms/DefaultAuthenticatedAttributeTableGenerator.cs @@ -0,0 +1,90 @@ +using System; +using System.Collections; + +using Org.BouncyCastle.Asn1; +using Org.BouncyCastle.Asn1.Cms; +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Cms +{ + /** + * Default authenticated attributes generator. + */ + public class DefaultAuthenticatedAttributeTableGenerator + : CmsAttributeTableGenerator + { + private readonly IDictionary table; + + /** + * Initialise to use all defaults + */ + public DefaultAuthenticatedAttributeTableGenerator() + { + table = Platform.CreateHashtable(); + } + + /** + * Initialise with some extra attributes or overrides. + * + * @param attributeTable initial attribute table to use. + */ + public DefaultAuthenticatedAttributeTableGenerator( + AttributeTable attributeTable) + { + if (attributeTable != null) + { + table = attributeTable.ToDictionary(); + } + else + { + table = Platform.CreateHashtable(); + } + } + + /** + * Create a standard attribute table from the passed in parameters - this will + * normally include contentType and messageDigest. If the constructor + * using an AttributeTable was used, entries in it for contentType and + * messageDigest will override the generated ones. + * + * @param parameters source parameters for table generation. + * + * @return a filled in IDictionary of attributes. + */ + protected virtual IDictionary CreateStandardAttributeTable( + IDictionary parameters) + { + IDictionary std = Platform.CreateHashtable(table); + + if (!std.Contains(CmsAttributes.ContentType)) + { + DerObjectIdentifier contentType = (DerObjectIdentifier) + parameters[CmsAttributeTableParameter.ContentType]; + Asn1.Cms.Attribute attr = new Asn1.Cms.Attribute(CmsAttributes.ContentType, + new DerSet(contentType)); + std[attr.AttrType] = attr; + } + + if (!std.Contains(CmsAttributes.MessageDigest)) + { + byte[] messageDigest = (byte[])parameters[CmsAttributeTableParameter.Digest]; + Asn1.Cms.Attribute attr = new Asn1.Cms.Attribute(CmsAttributes.MessageDigest, + new DerSet(new DerOctetString(messageDigest))); + std[attr.AttrType] = attr; + } + + return std; + } + + /** + * @param parameters source parameters + * @return the populated attribute table + */ + public virtual AttributeTable GetAttributes( + IDictionary parameters) + { + IDictionary table = CreateStandardAttributeTable(parameters); + return new AttributeTable(table); + } + } +} diff --git a/BouncyCastle/crypto/src/cms/DefaultSignedAttributeTableGenerator.cs b/BouncyCastle/crypto/src/cms/DefaultSignedAttributeTableGenerator.cs new file mode 100644 index 0000000..925a98a --- /dev/null +++ b/BouncyCastle/crypto/src/cms/DefaultSignedAttributeTableGenerator.cs @@ -0,0 +1,124 @@ +using System; +using System.Collections; + +using Org.BouncyCastle.Asn1; +using Org.BouncyCastle.Asn1.Cms; +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Cms +{ + /** + * Default signed attributes generator. + */ + public class DefaultSignedAttributeTableGenerator + : CmsAttributeTableGenerator + { + private readonly IDictionary table; + + /** + * Initialise to use all defaults + */ + public DefaultSignedAttributeTableGenerator() + { + table = Platform.CreateHashtable(); + } + + /** + * Initialise with some extra attributes or overrides. + * + * @param attributeTable initial attribute table to use. + */ + public DefaultSignedAttributeTableGenerator( + AttributeTable attributeTable) + { + if (attributeTable != null) + { + table = attributeTable.ToDictionary(); + } + else + { + table = Platform.CreateHashtable(); + } + } + +#if SILVERLIGHT || PORTABLE + /** + * Create a standard attribute table from the passed in parameters - this will + * normally include contentType, signingTime, and messageDigest. If the constructor + * using an AttributeTable was used, entries in it for contentType, signingTime, and + * messageDigest will override the generated ones. + * + * @param parameters source parameters for table generation. + * + * @return a filled in Hashtable of attributes. + */ + protected virtual IDictionary createStandardAttributeTable( + IDictionary parameters) + { + IDictionary std = Platform.CreateHashtable(table); + DoCreateStandardAttributeTable(parameters, std); + return std; + } +#else + /** + * Create a standard attribute table from the passed in parameters - this will + * normally include contentType, signingTime, and messageDigest. If the constructor + * using an AttributeTable was used, entries in it for contentType, signingTime, and + * messageDigest will override the generated ones. + * + * @param parameters source parameters for table generation. + * + * @return a filled in Hashtable of attributes. + */ + protected virtual Hashtable createStandardAttributeTable( + IDictionary parameters) + { + Hashtable std = new Hashtable(table); + DoCreateStandardAttributeTable(parameters, std); + return std; + } +#endif + + private void DoCreateStandardAttributeTable(IDictionary parameters, IDictionary std) + { + // contentType will be absent if we're trying to generate a counter signature. + if (parameters.Contains(CmsAttributeTableParameter.ContentType)) + { + if (!std.Contains(CmsAttributes.ContentType)) + { + DerObjectIdentifier contentType = (DerObjectIdentifier) + parameters[CmsAttributeTableParameter.ContentType]; + Asn1.Cms.Attribute attr = new Asn1.Cms.Attribute(CmsAttributes.ContentType, + new DerSet(contentType)); + std[attr.AttrType] = attr; + } + } + + if (!std.Contains(CmsAttributes.SigningTime)) + { + Asn1.Cms.Attribute attr = new Asn1.Cms.Attribute(CmsAttributes.SigningTime, + new DerSet(new Time(DateTime.UtcNow))); + std[attr.AttrType] = attr; + } + + if (!std.Contains(CmsAttributes.MessageDigest)) + { + byte[] messageDigest = (byte[])parameters[CmsAttributeTableParameter.Digest]; + Asn1.Cms.Attribute attr = new Asn1.Cms.Attribute(CmsAttributes.MessageDigest, + new DerSet(new DerOctetString(messageDigest))); + std[attr.AttrType] = attr; + } + } + + /** + * @param parameters source parameters + * @return the populated attribute table + */ + public virtual AttributeTable GetAttributes( + IDictionary parameters) + { + IDictionary table = createStandardAttributeTable(parameters); + return new AttributeTable(table); + } + } +} diff --git a/BouncyCastle/crypto/src/cms/EnvelopedDataHelper.cs b/BouncyCastle/crypto/src/cms/EnvelopedDataHelper.cs new file mode 100644 index 0000000..6d1c7bb --- /dev/null +++ b/BouncyCastle/crypto/src/cms/EnvelopedDataHelper.cs @@ -0,0 +1,95 @@ +using System; +using System.Collections; + +using Org.BouncyCastle.Asn1; +using Org.BouncyCastle.Asn1.Nist; +using Org.BouncyCastle.Asn1.Oiw; +using Org.BouncyCastle.Asn1.Pkcs; +using Org.BouncyCastle.Asn1.X509; +using Org.BouncyCastle.Crypto; +using Org.BouncyCastle.Crypto.Digests; +using Org.BouncyCastle.Crypto.Engines; +using Org.BouncyCastle.Crypto.Operators; +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Crypto.Utilities; +using Org.BouncyCastle.Security; +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Cms +{ + internal class EnvelopedDataHelper + { + private static readonly IDictionary BaseCipherNames = Platform.CreateHashtable(); + private static readonly IDictionary MacAlgNames = Platform.CreateHashtable(); + //private static readonly IDictionary PrfDigests = Platform.CreateHashtable(); + + static EnvelopedDataHelper() + { + //PrfDigests.Add(PkcsObjectIdentifiers.IdHmacWithSha1, "SHA-1"); + //PrfDigests.Add(PkcsObjectIdentifiers.IdHmacWithSha224, "SHA-224"); + //PrfDigests.Add(PkcsObjectIdentifiers.IdHmacWithSha256, "SHA-256"); + //PrfDigests.Add(PkcsObjectIdentifiers.IdHmacWithSha384, "SHA-384"); + //PrfDigests.Add(PkcsObjectIdentifiers.IdHmacWithSha512, "SHA-512"); + + BaseCipherNames.Add(PkcsObjectIdentifiers.DesEde3Cbc, "DESEDE"); + BaseCipherNames.Add(NistObjectIdentifiers.IdAes128Cbc, "AES"); + BaseCipherNames.Add(NistObjectIdentifiers.IdAes192Cbc, "AES"); + BaseCipherNames.Add(NistObjectIdentifiers.IdAes256Cbc, "AES"); + + MacAlgNames.Add(PkcsObjectIdentifiers.DesEde3Cbc, "DESEDEMac"); + MacAlgNames.Add(NistObjectIdentifiers.IdAes128Cbc, "AESMac"); + MacAlgNames.Add(NistObjectIdentifiers.IdAes192Cbc, "AESMac"); + MacAlgNames.Add(NistObjectIdentifiers.IdAes256Cbc, "AESMac"); + MacAlgNames.Add(PkcsObjectIdentifiers.RC2Cbc, "RC2Mac"); + } + + //internal static IDigest GetPrf(AlgorithmIdentifier algID) + //{ + // string digestName = (string)PrfDigests[algID]; + + // return DigestUtilities.GetDigest(digestName); + //} + + //internal static IWrapper CreateRfc3211Wrapper(DerObjectIdentifier algorithm) + //{ + // if (NistObjectIdentifiers.IdAes128Cbc.Equals(algorithm) + // || NistObjectIdentifiers.IdAes192Cbc.Equals(algorithm) + // || NistObjectIdentifiers.IdAes256Cbc.Equals(algorithm)) + // { + // return new Rfc3211WrapEngine(new AesEngine()); + // } + // else if (PkcsObjectIdentifiers.DesEde3Cbc.Equals(algorithm)) + // { + // return new Rfc3211WrapEngine(new DesEdeEngine()); + // } + // else if (OiwObjectIdentifiers.DesCbc.Equals(algorithm)) + // { + // return new Rfc3211WrapEngine(new DesEngine()); + // } + // else if (PkcsObjectIdentifiers.RC2Cbc.Equals(algorithm)) + // { + // return new Rfc3211WrapEngine(new RC2Engine()); + // } + // else + // { + // throw new CmsException("cannot recognise wrapper: " + algorithm); + // } + //} + + public static object CreateContentCipher(bool forEncryption, ICipherParameters encKey, + AlgorithmIdentifier encryptionAlgID) + { + return CipherFactory.CreateContentCipher(forEncryption, encKey, encryptionAlgID); + } + + public AlgorithmIdentifier GenerateEncryptionAlgID(DerObjectIdentifier encryptionOID, KeyParameter encKey, SecureRandom random) + { + return AlgorithmIdentifierFactory.GenerateEncryptionAlgID(encryptionOID, encKey.GetKey().Length * 8, random); + } + + public CipherKeyGenerator CreateKeyGenerator(DerObjectIdentifier algorithm, SecureRandom random) + { + return CipherKeyGeneratorFactory.CreateKeyGenerator(algorithm, random); + } + } +} diff --git a/BouncyCastle/crypto/src/cms/IDigestCalculator.cs b/BouncyCastle/crypto/src/cms/IDigestCalculator.cs new file mode 100644 index 0000000..3661e40 --- /dev/null +++ b/BouncyCastle/crypto/src/cms/IDigestCalculator.cs @@ -0,0 +1,9 @@ +using System; + +namespace Org.BouncyCastle.Cms +{ + internal interface IDigestCalculator + { + byte[] GetDigest(); + } +} diff --git a/BouncyCastle/crypto/src/cms/KEKRecipientInfoGenerator.cs b/BouncyCastle/crypto/src/cms/KEKRecipientInfoGenerator.cs new file mode 100644 index 0000000..6f34fec --- /dev/null +++ b/BouncyCastle/crypto/src/cms/KEKRecipientInfoGenerator.cs @@ -0,0 +1,138 @@ +using System; + +using Org.BouncyCastle.Asn1; +using Org.BouncyCastle.Asn1.Cms; +using Org.BouncyCastle.Asn1.Kisa; +using Org.BouncyCastle.Asn1.Nist; +using Org.BouncyCastle.Asn1.Ntt; +using Org.BouncyCastle.Asn1.Pkcs; +using Org.BouncyCastle.Asn1.X509; +using Org.BouncyCastle.Crypto; +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Security; +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Cms +{ + internal class KekRecipientInfoGenerator : RecipientInfoGenerator + { + private static readonly CmsEnvelopedHelper Helper = CmsEnvelopedHelper.Instance; + + private KeyParameter keyEncryptionKey; + // TODO Can get this from keyEncryptionKey? + private string keyEncryptionKeyOID; + private KekIdentifier kekIdentifier; + + // Derived + private AlgorithmIdentifier keyEncryptionAlgorithm; + + internal KekRecipientInfoGenerator() + { + } + + internal KekIdentifier KekIdentifier + { + set { this.kekIdentifier = value; } + } + + internal KeyParameter KeyEncryptionKey + { + set + { + this.keyEncryptionKey = value; + this.keyEncryptionAlgorithm = DetermineKeyEncAlg(keyEncryptionKeyOID, keyEncryptionKey); + } + } + + internal string KeyEncryptionKeyOID + { + set { this.keyEncryptionKeyOID = value; } + } + + public RecipientInfo Generate(KeyParameter contentEncryptionKey, SecureRandom random) + { + byte[] keyBytes = contentEncryptionKey.GetKey(); + + IWrapper keyWrapper = Helper.CreateWrapper(keyEncryptionAlgorithm.Algorithm.Id); + keyWrapper.Init(true, new ParametersWithRandom(keyEncryptionKey, random)); + Asn1OctetString encryptedKey = new DerOctetString( + keyWrapper.Wrap(keyBytes, 0, keyBytes.Length)); + + return new RecipientInfo(new KekRecipientInfo(kekIdentifier, keyEncryptionAlgorithm, encryptedKey)); + } + + private static AlgorithmIdentifier DetermineKeyEncAlg( + string algorithm, KeyParameter key) + { + if (Platform.StartsWith(algorithm, "DES")) + { + return new AlgorithmIdentifier( + PkcsObjectIdentifiers.IdAlgCms3DesWrap, + DerNull.Instance); + } + else if (Platform.StartsWith(algorithm, "RC2")) + { + return new AlgorithmIdentifier( + PkcsObjectIdentifiers.IdAlgCmsRC2Wrap, + new DerInteger(58)); + } + else if (Platform.StartsWith(algorithm, "AES")) + { + int length = key.GetKey().Length * 8; + DerObjectIdentifier wrapOid; + + if (length == 128) + { + wrapOid = NistObjectIdentifiers.IdAes128Wrap; + } + else if (length == 192) + { + wrapOid = NistObjectIdentifiers.IdAes192Wrap; + } + else if (length == 256) + { + wrapOid = NistObjectIdentifiers.IdAes256Wrap; + } + else + { + throw new ArgumentException("illegal keysize in AES"); + } + + return new AlgorithmIdentifier(wrapOid); // parameters absent + } + else if (Platform.StartsWith(algorithm, "SEED")) + { + // parameters absent + return new AlgorithmIdentifier(KisaObjectIdentifiers.IdNpkiAppCmsSeedWrap); + } + else if (Platform.StartsWith(algorithm, "CAMELLIA")) + { + int length = key.GetKey().Length * 8; + DerObjectIdentifier wrapOid; + + if (length == 128) + { + wrapOid = NttObjectIdentifiers.IdCamellia128Wrap; + } + else if (length == 192) + { + wrapOid = NttObjectIdentifiers.IdCamellia192Wrap; + } + else if (length == 256) + { + wrapOid = NttObjectIdentifiers.IdCamellia256Wrap; + } + else + { + throw new ArgumentException("illegal keysize in Camellia"); + } + + return new AlgorithmIdentifier(wrapOid); // parameters must be absent + } + else + { + throw new ArgumentException("unknown algorithm"); + } + } + } +} diff --git a/BouncyCastle/crypto/src/cms/KEKRecipientInformation.cs b/BouncyCastle/crypto/src/cms/KEKRecipientInformation.cs new file mode 100644 index 0000000..871dc76 --- /dev/null +++ b/BouncyCastle/crypto/src/cms/KEKRecipientInformation.cs @@ -0,0 +1,62 @@ +using System; +using System.IO; + +using Org.BouncyCastle.Asn1.Cms; +using Org.BouncyCastle.Asn1.X509; +using Org.BouncyCastle.Crypto; +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Security; + +namespace Org.BouncyCastle.Cms +{ + /** + * the RecipientInfo class for a recipient who has been sent a message + * encrypted using a secret key known to the other side. + */ + public class KekRecipientInformation + : RecipientInformation + { + private KekRecipientInfo info; + + internal KekRecipientInformation( + KekRecipientInfo info, + CmsSecureReadable secureReadable) + : base(info.KeyEncryptionAlgorithm, secureReadable) + { + this.info = info; + this.rid = new RecipientID(); + + KekIdentifier kekId = info.KekID; + + rid.KeyIdentifier = kekId.KeyIdentifier.GetOctets(); + } + + /** + * decrypt the content and return an input stream. + */ + public override CmsTypedStream GetContentStream( + ICipherParameters key) + { + try + { + byte[] encryptedKey = info.EncryptedKey.GetOctets(); + IWrapper keyWrapper = WrapperUtilities.GetWrapper(keyEncAlg.Algorithm.Id); + + keyWrapper.Init(false, key); + + KeyParameter sKey = ParameterUtilities.CreateKeyParameter( + GetContentAlgorithmName(), keyWrapper.Unwrap(encryptedKey, 0, encryptedKey.Length)); + + return GetContentFromSessionKey(sKey); + } + catch (SecurityUtilityException e) + { + throw new CmsException("couldn't create cipher.", e); + } + catch (InvalidKeyException e) + { + throw new CmsException("key invalid in message.", e); + } + } + } +} diff --git a/BouncyCastle/crypto/src/cms/KeyAgreeRecipientInfoGenerator.cs b/BouncyCastle/crypto/src/cms/KeyAgreeRecipientInfoGenerator.cs new file mode 100644 index 0000000..6bd2cea --- /dev/null +++ b/BouncyCastle/crypto/src/cms/KeyAgreeRecipientInfoGenerator.cs @@ -0,0 +1,171 @@ +using System; +using System.Collections; +using System.IO; + +using Org.BouncyCastle.Asn1; +using Org.BouncyCastle.Asn1.Cms; +using Org.BouncyCastle.Asn1.Cms.Ecc; +using Org.BouncyCastle.Asn1.X509; +using Org.BouncyCastle.Asn1.X9; +using Org.BouncyCastle.Crypto; +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Math; +using Org.BouncyCastle.Security; +using Org.BouncyCastle.Utilities; +using Org.BouncyCastle.X509; + +namespace Org.BouncyCastle.Cms +{ + internal class KeyAgreeRecipientInfoGenerator : RecipientInfoGenerator + { + private static readonly CmsEnvelopedHelper Helper = CmsEnvelopedHelper.Instance; + + private DerObjectIdentifier keyAgreementOID; + private DerObjectIdentifier keyEncryptionOID; + private IList recipientCerts; + private AsymmetricCipherKeyPair senderKeyPair; + + internal KeyAgreeRecipientInfoGenerator() + { + } + + internal DerObjectIdentifier KeyAgreementOID + { + set { this.keyAgreementOID = value; } + } + + internal DerObjectIdentifier KeyEncryptionOID + { + set { this.keyEncryptionOID = value; } + } + + internal ICollection RecipientCerts + { + set { this.recipientCerts = Platform.CreateArrayList(value); } + } + + internal AsymmetricCipherKeyPair SenderKeyPair + { + set { this.senderKeyPair = value; } + } + + public RecipientInfo Generate(KeyParameter contentEncryptionKey, SecureRandom random) + { + byte[] keyBytes = contentEncryptionKey.GetKey(); + + AsymmetricKeyParameter senderPublicKey = senderKeyPair.Public; + ICipherParameters senderPrivateParams = senderKeyPair.Private; + + + OriginatorIdentifierOrKey originator; + try + { + originator = new OriginatorIdentifierOrKey( + CreateOriginatorPublicKey(senderPublicKey)); + } + catch (IOException e) + { + throw new InvalidKeyException("cannot extract originator public key: " + e); + } + + + Asn1OctetString ukm = null; + if (keyAgreementOID.Id.Equals(CmsEnvelopedGenerator.ECMqvSha1Kdf)) + { + try + { + IAsymmetricCipherKeyPairGenerator ephemKPG = + GeneratorUtilities.GetKeyPairGenerator(keyAgreementOID); + ephemKPG.Init( + ((ECPublicKeyParameters)senderPublicKey).CreateKeyGenerationParameters(random)); + + AsymmetricCipherKeyPair ephemKP = ephemKPG.GenerateKeyPair(); + + ukm = new DerOctetString( + new MQVuserKeyingMaterial( + CreateOriginatorPublicKey(ephemKP.Public), null)); + + senderPrivateParams = new MqvPrivateParameters( + (ECPrivateKeyParameters)senderPrivateParams, + (ECPrivateKeyParameters)ephemKP.Private, + (ECPublicKeyParameters)ephemKP.Public); + } + catch (IOException e) + { + throw new InvalidKeyException("cannot extract MQV ephemeral public key: " + e); + } + catch (SecurityUtilityException e) + { + throw new InvalidKeyException("cannot determine MQV ephemeral key pair parameters from public key: " + e); + } + } + + + DerSequence paramSeq = new DerSequence( + keyEncryptionOID, + DerNull.Instance); + AlgorithmIdentifier keyEncAlg = new AlgorithmIdentifier(keyAgreementOID, paramSeq); + + + Asn1EncodableVector recipientEncryptedKeys = new Asn1EncodableVector(); + foreach (X509Certificate recipientCert in recipientCerts) + { + TbsCertificateStructure tbsCert; + try + { + tbsCert = TbsCertificateStructure.GetInstance( + Asn1Object.FromByteArray(recipientCert.GetTbsCertificate())); + } + catch (Exception) + { + throw new ArgumentException("can't extract TBS structure from certificate"); + } + + // TODO Should there be a SubjectKeyIdentifier-based alternative? + IssuerAndSerialNumber issuerSerial = new IssuerAndSerialNumber( + tbsCert.Issuer, tbsCert.SerialNumber.Value); + KeyAgreeRecipientIdentifier karid = new KeyAgreeRecipientIdentifier(issuerSerial); + + ICipherParameters recipientPublicParams = recipientCert.GetPublicKey(); + if (keyAgreementOID.Id.Equals(CmsEnvelopedGenerator.ECMqvSha1Kdf)) + { + recipientPublicParams = new MqvPublicParameters( + (ECPublicKeyParameters)recipientPublicParams, + (ECPublicKeyParameters)recipientPublicParams); + } + + // Use key agreement to choose a wrap key for this recipient + IBasicAgreement keyAgreement = AgreementUtilities.GetBasicAgreementWithKdf( + keyAgreementOID, keyEncryptionOID.Id); + keyAgreement.Init(new ParametersWithRandom(senderPrivateParams, random)); + BigInteger agreedValue = keyAgreement.CalculateAgreement(recipientPublicParams); + + int keyEncryptionKeySize = GeneratorUtilities.GetDefaultKeySize(keyEncryptionOID) / 8; + byte[] keyEncryptionKeyBytes = X9IntegerConverter.IntegerToBytes(agreedValue, keyEncryptionKeySize); + KeyParameter keyEncryptionKey = ParameterUtilities.CreateKeyParameter( + keyEncryptionOID, keyEncryptionKeyBytes); + + // Wrap the content encryption key with the agreement key + IWrapper keyWrapper = Helper.CreateWrapper(keyEncryptionOID.Id); + keyWrapper.Init(true, new ParametersWithRandom(keyEncryptionKey, random)); + byte[] encryptedKeyBytes = keyWrapper.Wrap(keyBytes, 0, keyBytes.Length); + + Asn1OctetString encryptedKey = new DerOctetString(encryptedKeyBytes); + + recipientEncryptedKeys.Add(new RecipientEncryptedKey(karid, encryptedKey)); + } + + return new RecipientInfo(new KeyAgreeRecipientInfo(originator, ukm, keyEncAlg, + new DerSequence(recipientEncryptedKeys))); + } + + private static OriginatorPublicKey CreateOriginatorPublicKey( + AsymmetricKeyParameter publicKey) + { + SubjectPublicKeyInfo spki = SubjectPublicKeyInfoFactory.CreateSubjectPublicKeyInfo(publicKey); + return new OriginatorPublicKey( + new AlgorithmIdentifier(spki.AlgorithmID.Algorithm, DerNull.Instance), + spki.PublicKeyData.GetBytes()); + } + } +} diff --git a/BouncyCastle/crypto/src/cms/KeyAgreeRecipientInformation.cs b/BouncyCastle/crypto/src/cms/KeyAgreeRecipientInformation.cs new file mode 100644 index 0000000..73e57a7 --- /dev/null +++ b/BouncyCastle/crypto/src/cms/KeyAgreeRecipientInformation.cs @@ -0,0 +1,226 @@ +using System; +using System.Collections; +using System.IO; + +using Org.BouncyCastle.Asn1; +using Org.BouncyCastle.Asn1.Cms; +using Org.BouncyCastle.Asn1.Cms.Ecc; +using Org.BouncyCastle.Asn1.Pkcs; +using Org.BouncyCastle.Asn1.Utilities; +using Org.BouncyCastle.Asn1.X509; +using Org.BouncyCastle.Asn1.X9; +using Org.BouncyCastle.Crypto; +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Math; +using Org.BouncyCastle.Pkcs; +using Org.BouncyCastle.Security; +using Org.BouncyCastle.X509; + +namespace Org.BouncyCastle.Cms +{ + /** + * the RecipientInfo class for a recipient who has been sent a message + * encrypted using key agreement. + */ + public class KeyAgreeRecipientInformation + : RecipientInformation + { + private KeyAgreeRecipientInfo info; + private Asn1OctetString encryptedKey; + + internal static void ReadRecipientInfo(IList infos, KeyAgreeRecipientInfo info, + CmsSecureReadable secureReadable) + { + try + { + foreach (Asn1Encodable rek in info.RecipientEncryptedKeys) + { + RecipientEncryptedKey id = RecipientEncryptedKey.GetInstance(rek.ToAsn1Object()); + + RecipientID rid = new RecipientID(); + + Asn1.Cms.KeyAgreeRecipientIdentifier karid = id.Identifier; + + Asn1.Cms.IssuerAndSerialNumber iAndSN = karid.IssuerAndSerialNumber; + if (iAndSN != null) + { + rid.Issuer = iAndSN.Name; + rid.SerialNumber = iAndSN.SerialNumber.Value; + } + else + { + Asn1.Cms.RecipientKeyIdentifier rKeyID = karid.RKeyID; + + // Note: 'date' and 'other' fields of RecipientKeyIdentifier appear to be only informational + + rid.SubjectKeyIdentifier = rKeyID.SubjectKeyIdentifier.GetOctets(); + } + + infos.Add(new KeyAgreeRecipientInformation(info, rid, id.EncryptedKey, + secureReadable)); + } + } + catch (IOException e) + { + throw new ArgumentException("invalid rid in KeyAgreeRecipientInformation", e); + } + } + + internal KeyAgreeRecipientInformation( + KeyAgreeRecipientInfo info, + RecipientID rid, + Asn1OctetString encryptedKey, + CmsSecureReadable secureReadable) + : base(info.KeyEncryptionAlgorithm, secureReadable) + { + this.info = info; + this.rid = rid; + this.encryptedKey = encryptedKey; + } + + private AsymmetricKeyParameter GetSenderPublicKey( + AsymmetricKeyParameter receiverPrivateKey, + OriginatorIdentifierOrKey originator) + { + OriginatorPublicKey opk = originator.OriginatorPublicKey; + if (opk != null) + { + return GetPublicKeyFromOriginatorPublicKey(receiverPrivateKey, opk); + } + + OriginatorID origID = new OriginatorID(); + + Asn1.Cms.IssuerAndSerialNumber iAndSN = originator.IssuerAndSerialNumber; + if (iAndSN != null) + { + origID.Issuer = iAndSN.Name; + origID.SerialNumber = iAndSN.SerialNumber.Value; + } + else + { + SubjectKeyIdentifier ski = originator.SubjectKeyIdentifier; + + origID.SubjectKeyIdentifier = ski.GetKeyIdentifier(); + } + + return GetPublicKeyFromOriginatorID(origID); + } + + private AsymmetricKeyParameter GetPublicKeyFromOriginatorPublicKey( + AsymmetricKeyParameter receiverPrivateKey, + OriginatorPublicKey originatorPublicKey) + { + PrivateKeyInfo privInfo = PrivateKeyInfoFactory.CreatePrivateKeyInfo(receiverPrivateKey); + SubjectPublicKeyInfo pubInfo = new SubjectPublicKeyInfo( + privInfo.PrivateKeyAlgorithm, + originatorPublicKey.PublicKey.GetBytes()); + return PublicKeyFactory.CreateKey(pubInfo); + } + + private AsymmetricKeyParameter GetPublicKeyFromOriginatorID( + OriginatorID origID) + { + // TODO Support all alternatives for OriginatorIdentifierOrKey + // see RFC 3852 6.2.2 + throw new CmsException("No support for 'originator' as IssuerAndSerialNumber or SubjectKeyIdentifier"); + } + + private KeyParameter CalculateAgreedWrapKey( + string wrapAlg, + AsymmetricKeyParameter senderPublicKey, + AsymmetricKeyParameter receiverPrivateKey) + { + DerObjectIdentifier agreeAlgID = keyEncAlg.Algorithm; + + ICipherParameters senderPublicParams = senderPublicKey; + ICipherParameters receiverPrivateParams = receiverPrivateKey; + + if (agreeAlgID.Id.Equals(CmsEnvelopedGenerator.ECMqvSha1Kdf)) + { + byte[] ukmEncoding = info.UserKeyingMaterial.GetOctets(); + MQVuserKeyingMaterial ukm = MQVuserKeyingMaterial.GetInstance( + Asn1Object.FromByteArray(ukmEncoding)); + + AsymmetricKeyParameter ephemeralKey = GetPublicKeyFromOriginatorPublicKey( + receiverPrivateKey, ukm.EphemeralPublicKey); + + senderPublicParams = new MqvPublicParameters( + (ECPublicKeyParameters)senderPublicParams, + (ECPublicKeyParameters)ephemeralKey); + receiverPrivateParams = new MqvPrivateParameters( + (ECPrivateKeyParameters)receiverPrivateParams, + (ECPrivateKeyParameters)receiverPrivateParams); + } + + IBasicAgreement agreement = AgreementUtilities.GetBasicAgreementWithKdf( + agreeAlgID, wrapAlg); + agreement.Init(receiverPrivateParams); + BigInteger agreedValue = agreement.CalculateAgreement(senderPublicParams); + + int wrapKeySize = GeneratorUtilities.GetDefaultKeySize(wrapAlg) / 8; + byte[] wrapKeyBytes = X9IntegerConverter.IntegerToBytes(agreedValue, wrapKeySize); + return ParameterUtilities.CreateKeyParameter(wrapAlg, wrapKeyBytes); + } + + private KeyParameter UnwrapSessionKey( + string wrapAlg, + KeyParameter agreedKey) + { + byte[] encKeyOctets = encryptedKey.GetOctets(); + + IWrapper keyCipher = WrapperUtilities.GetWrapper(wrapAlg); + keyCipher.Init(false, agreedKey); + byte[] sKeyBytes = keyCipher.Unwrap(encKeyOctets, 0, encKeyOctets.Length); + return ParameterUtilities.CreateKeyParameter(GetContentAlgorithmName(), sKeyBytes); + } + + internal KeyParameter GetSessionKey( + AsymmetricKeyParameter receiverPrivateKey) + { + try + { + string wrapAlg = DerObjectIdentifier.GetInstance( + Asn1Sequence.GetInstance(keyEncAlg.Parameters)[0]).Id; + + AsymmetricKeyParameter senderPublicKey = GetSenderPublicKey( + receiverPrivateKey, info.Originator); + + KeyParameter agreedWrapKey = CalculateAgreedWrapKey(wrapAlg, + senderPublicKey, receiverPrivateKey); + + return UnwrapSessionKey(wrapAlg, agreedWrapKey); + } + catch (SecurityUtilityException e) + { + throw new CmsException("couldn't create cipher.", e); + } + catch (InvalidKeyException e) + { + throw new CmsException("key invalid in message.", e); + } + catch (Exception e) + { + throw new CmsException("originator key invalid.", e); + } + } + + /** + * decrypt the content and return an input stream. + */ + public override CmsTypedStream GetContentStream( + ICipherParameters key) + { + if (!(key is AsymmetricKeyParameter)) + throw new ArgumentException("KeyAgreement requires asymmetric key", "key"); + + AsymmetricKeyParameter receiverPrivateKey = (AsymmetricKeyParameter) key; + + if (!receiverPrivateKey.IsPrivate) + throw new ArgumentException("Expected private key", "key"); + + KeyParameter sKey = GetSessionKey(receiverPrivateKey); + + return GetContentFromSessionKey(sKey); + } + } +} diff --git a/BouncyCastle/crypto/src/cms/KeyTransRecipientInfoGenerator.cs b/BouncyCastle/crypto/src/cms/KeyTransRecipientInfoGenerator.cs new file mode 100644 index 0000000..6ee3af6 --- /dev/null +++ b/BouncyCastle/crypto/src/cms/KeyTransRecipientInfoGenerator.cs @@ -0,0 +1,83 @@ +using System; +using System.IO; + +using Org.BouncyCastle.Asn1; +using Org.BouncyCastle.Asn1.Cms; +using Org.BouncyCastle.Asn1.X509; +using Org.BouncyCastle.Crypto; +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Security; +using Org.BouncyCastle.X509; + +namespace Org.BouncyCastle.Cms +{ + public class KeyTransRecipientInfoGenerator : RecipientInfoGenerator + { + private static readonly CmsEnvelopedHelper Helper = CmsEnvelopedHelper.Instance; + + private Asn1OctetString subjectKeyIdentifier; + private IKeyWrapper keyWrapper; + + // Derived fields + private SubjectPublicKeyInfo info; + private IssuerAndSerialNumber issuerAndSerialNumber; + private SecureRandom random; + + + public KeyTransRecipientInfoGenerator(X509Certificate recipCert, IKeyWrapper keyWrapper) + : this(new Asn1.Cms.IssuerAndSerialNumber(recipCert.IssuerDN, new DerInteger(recipCert.SerialNumber)), keyWrapper) + { + } + + public KeyTransRecipientInfoGenerator(IssuerAndSerialNumber issuerAndSerial, IKeyWrapper keyWrapper) + { + this.issuerAndSerialNumber = issuerAndSerial; + this.keyWrapper = keyWrapper; + } + + public KeyTransRecipientInfoGenerator(byte[] subjectKeyID, IKeyWrapper keyWrapper) + { + this.subjectKeyIdentifier = new DerOctetString(subjectKeyID); + this.keyWrapper = keyWrapper; + } + + public RecipientInfo Generate(KeyParameter contentEncryptionKey, SecureRandom random) + { + AlgorithmIdentifier keyEncryptionAlgorithm = this.AlgorithmDetails; + + this.random = random; + + byte[] encryptedKeyBytes = GenerateWrappedKey(contentEncryptionKey); + + RecipientIdentifier recipId; + if (issuerAndSerialNumber != null) + { + recipId = new RecipientIdentifier(issuerAndSerialNumber); + } + else + { + recipId = new RecipientIdentifier(subjectKeyIdentifier); + } + + return new RecipientInfo(new KeyTransRecipientInfo(recipId, keyEncryptionAlgorithm, + new DerOctetString(encryptedKeyBytes))); + } + + protected virtual AlgorithmIdentifier AlgorithmDetails + { + get + { + if (this.keyWrapper != null) + { + return (AlgorithmIdentifier)keyWrapper.AlgorithmDetails; + } + return info.AlgorithmID; + } + } + + protected virtual byte[] GenerateWrappedKey(KeyParameter contentEncryptionKey) + { + return keyWrapper.Wrap(contentEncryptionKey.GetKey()).Collect(); + } + } +} diff --git a/BouncyCastle/crypto/src/cms/KeyTransRecipientInformation.cs b/BouncyCastle/crypto/src/cms/KeyTransRecipientInformation.cs new file mode 100644 index 0000000..2a40fed --- /dev/null +++ b/BouncyCastle/crypto/src/cms/KeyTransRecipientInformation.cs @@ -0,0 +1,132 @@ +using System; +using System.IO; + +using Org.BouncyCastle.Asn1; +using Org.BouncyCastle.Asn1.Cms; +using Asn1Pkcs = Org.BouncyCastle.Asn1.Pkcs; +using Org.BouncyCastle.Asn1.X509; +using Org.BouncyCastle.Crypto; +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Security; +using Org.BouncyCastle.X509; +using Org.BouncyCastle.Asn1.Pkcs; +using Org.BouncyCastle.Crypto.Operators; + +namespace Org.BouncyCastle.Cms +{ + /** + * the KeyTransRecipientInformation class for a recipient who has been sent a secret + * key encrypted using their public key that needs to be used to + * extract the message. + */ + public class KeyTransRecipientInformation + : RecipientInformation + { + private KeyTransRecipientInfo info; + + internal KeyTransRecipientInformation( + KeyTransRecipientInfo info, + CmsSecureReadable secureReadable) + : base(info.KeyEncryptionAlgorithm, secureReadable) + { + this.info = info; + this.rid = new RecipientID(); + + RecipientIdentifier r = info.RecipientIdentifier; + + try + { + if (r.IsTagged) + { + Asn1OctetString octs = Asn1OctetString.GetInstance(r.ID); + + rid.SubjectKeyIdentifier = octs.GetOctets(); + } + else + { + Asn1.Cms.IssuerAndSerialNumber iAnds = Asn1.Cms.IssuerAndSerialNumber.GetInstance(r.ID); + + rid.Issuer = iAnds.Name; + rid.SerialNumber = iAnds.SerialNumber.Value; + } + } + catch (IOException) + { + throw new ArgumentException("invalid rid in KeyTransRecipientInformation"); + } + } + + private string GetExchangeEncryptionAlgorithmName( + AlgorithmIdentifier algo) + { + DerObjectIdentifier oid = algo.Algorithm; + + if (Asn1Pkcs.PkcsObjectIdentifiers.RsaEncryption.Equals(oid)) + { + return "RSA//PKCS1Padding"; + } else if (Asn1Pkcs.PkcsObjectIdentifiers.IdRsaesOaep.Equals(oid)) + { + Asn1Pkcs.RsaesOaepParameters rsaParams = Asn1Pkcs.RsaesOaepParameters.GetInstance(algo.Parameters); + return "RSA//OAEPWITH"+DigestUtilities.GetAlgorithmName(rsaParams.HashAlgorithm.Algorithm)+"ANDMGF1Padding"; + } + + return oid.Id; + } + + internal KeyParameter UnwrapKey(ICipherParameters key) + { + byte[] encryptedKey = info.EncryptedKey.GetOctets(); + + + try + { + if (keyEncAlg.Algorithm.Equals(PkcsObjectIdentifiers.IdRsaesOaep)) + { + IKeyUnwrapper keyWrapper = new Asn1KeyUnwrapper(keyEncAlg.Algorithm, keyEncAlg.Parameters, key); + + return ParameterUtilities.CreateKeyParameter( + GetContentAlgorithmName(), keyWrapper.Unwrap(encryptedKey, 0, encryptedKey.Length).Collect()); + } + else + { + string keyExchangeAlgorithm = GetExchangeEncryptionAlgorithmName(keyEncAlg); + IWrapper keyWrapper = WrapperUtilities.GetWrapper(keyExchangeAlgorithm); + keyWrapper.Init(false, key); + + // FIXME Support for MAC algorithm parameters similar to cipher parameters + return ParameterUtilities.CreateKeyParameter( + GetContentAlgorithmName(), keyWrapper.Unwrap(encryptedKey, 0, encryptedKey.Length)); + } + } + catch (SecurityUtilityException e) + { + throw new CmsException("couldn't create cipher.", e); + } + catch (InvalidKeyException e) + { + throw new CmsException("key invalid in message.", e); + } +// catch (IllegalBlockSizeException e) + catch (DataLengthException e) + { + throw new CmsException("illegal blocksize in message.", e); + } +// catch (BadPaddingException e) + catch (InvalidCipherTextException e) + { + throw new CmsException("bad padding in message.", e); + } + } + + /** + * decrypt the content and return it as a byte array. + */ + public override CmsTypedStream GetContentStream( + ICipherParameters key) + { + KeyParameter sKey = UnwrapKey(key); + + return GetContentFromSessionKey(sKey); + } + } +} diff --git a/BouncyCastle/crypto/src/cms/OriginatorId.cs b/BouncyCastle/crypto/src/cms/OriginatorId.cs new file mode 100644 index 0000000..5a3b737 --- /dev/null +++ b/BouncyCastle/crypto/src/cms/OriginatorId.cs @@ -0,0 +1,51 @@ +using System; + +using Org.BouncyCastle.Asn1.X509; +using Org.BouncyCastle.Math; +using Org.BouncyCastle.Utilities; +using Org.BouncyCastle.X509.Store; + +namespace Org.BouncyCastle.Cms +{ + /** + * a basic index for an originator. + */ + public class OriginatorID + : X509CertStoreSelector + { + public override int GetHashCode() + { + int code = Arrays.GetHashCode(this.SubjectKeyIdentifier); + + BigInteger serialNumber = this.SerialNumber; + if (serialNumber != null) + { + code ^= serialNumber.GetHashCode(); + } + + X509Name issuer = this.Issuer; + if (issuer != null) + { + code ^= issuer.GetHashCode(); + } + + return code; + } + + public override bool Equals( + object obj) + { + if (obj == this) + return false; + + OriginatorID id = obj as OriginatorID; + + if (id == null) + return false; + + return Arrays.AreEqual(SubjectKeyIdentifier, id.SubjectKeyIdentifier) + && Platform.Equals(SerialNumber, id.SerialNumber) + && IssuersMatch(Issuer, id.Issuer); + } + } +} diff --git a/BouncyCastle/crypto/src/cms/OriginatorInfoGenerator.cs b/BouncyCastle/crypto/src/cms/OriginatorInfoGenerator.cs new file mode 100644 index 0000000..6bf1087 --- /dev/null +++ b/BouncyCastle/crypto/src/cms/OriginatorInfoGenerator.cs @@ -0,0 +1,42 @@ +using System; +using System.Collections; + +using Org.BouncyCastle.Asn1; +using Org.BouncyCastle.Asn1.Cms; +using Org.BouncyCastle.Utilities; +using Org.BouncyCastle.X509; +using Org.BouncyCastle.X509.Store; + +namespace Org.BouncyCastle.Cms +{ + public class OriginatorInfoGenerator + { + private readonly IList origCerts; + private readonly IList origCrls; + + public OriginatorInfoGenerator(X509Certificate origCert) + { + this.origCerts = Platform.CreateArrayList(1); + this.origCrls = null; + origCerts.Add(origCert.CertificateStructure); + } + + public OriginatorInfoGenerator(IX509Store origCerts) + : this(origCerts, null) + { + } + + public OriginatorInfoGenerator(IX509Store origCerts, IX509Store origCrls) + { + this.origCerts = CmsUtilities.GetCertificatesFromStore(origCerts); + this.origCrls = origCrls == null ? null : CmsUtilities.GetCrlsFromStore(origCrls); + } + + public virtual OriginatorInfo Generate() + { + Asn1Set certSet = CmsUtilities.CreateDerSetFromList(origCerts); + Asn1Set crlSet = origCrls == null ? null : CmsUtilities.CreateDerSetFromList(origCrls); + return new OriginatorInfo(certSet, crlSet); + } + } +} diff --git a/BouncyCastle/crypto/src/cms/OriginatorInformation.cs b/BouncyCastle/crypto/src/cms/OriginatorInformation.cs new file mode 100644 index 0000000..618add6 --- /dev/null +++ b/BouncyCastle/crypto/src/cms/OriginatorInformation.cs @@ -0,0 +1,96 @@ +using System; +using System.Collections; + +using Org.BouncyCastle.Asn1; +using Org.BouncyCastle.Asn1.Cms; +using Org.BouncyCastle.Asn1.X509; +using Org.BouncyCastle.Utilities; +using Org.BouncyCastle.X509; +using Org.BouncyCastle.X509.Store; + +namespace Org.BouncyCastle.Cms +{ + public class OriginatorInformation + { + private readonly OriginatorInfo originatorInfo; + + internal OriginatorInformation(OriginatorInfo originatorInfo) + { + this.originatorInfo = originatorInfo; + } + + /** + * Return the certificates stored in the underlying OriginatorInfo object. + * + * @return a Store of X509CertificateHolder objects. + */ + public virtual IX509Store GetCertificates() + { + Asn1Set certSet = originatorInfo.Certificates; + + if (certSet != null) + { + IList certList = Platform.CreateArrayList(certSet.Count); + + foreach (Asn1Encodable enc in certSet) + { + Asn1Object obj = enc.ToAsn1Object(); + if (obj is Asn1Sequence) + { + certList.Add(new X509Certificate(X509CertificateStructure.GetInstance(obj))); + } + } + + return X509StoreFactory.Create( + "Certificate/Collection", + new X509CollectionStoreParameters(certList)); + } + + return X509StoreFactory.Create( + "Certificate/Collection", + new X509CollectionStoreParameters(Platform.CreateArrayList())); + } + + /** + * Return the CRLs stored in the underlying OriginatorInfo object. + * + * @return a Store of X509CRLHolder objects. + */ + public virtual IX509Store GetCrls() + { + Asn1Set crlSet = originatorInfo.Certificates; + + if (crlSet != null) + { + IList crlList = Platform.CreateArrayList(crlSet.Count); + + foreach (Asn1Encodable enc in crlSet) + { + Asn1Object obj = enc.ToAsn1Object(); + if (obj is Asn1Sequence) + { + crlList.Add(new X509Crl(CertificateList.GetInstance(obj))); + } + } + + return X509StoreFactory.Create( + "CRL/Collection", + new X509CollectionStoreParameters(crlList)); + } + + return X509StoreFactory.Create( + "CRL/Collection", + new X509CollectionStoreParameters(Platform.CreateArrayList())); + } + + /** + * Return the underlying ASN.1 object defining this SignerInformation object. + * + * @return a OriginatorInfo. + */ + public virtual OriginatorInfo ToAsn1Structure() + { + return originatorInfo; + } + } +} diff --git a/BouncyCastle/crypto/src/cms/PKCS5Scheme2PBEKey.cs b/BouncyCastle/crypto/src/cms/PKCS5Scheme2PBEKey.cs new file mode 100644 index 0000000..08b8518 --- /dev/null +++ b/BouncyCastle/crypto/src/cms/PKCS5Scheme2PBEKey.cs @@ -0,0 +1,64 @@ +using System; + +using Org.BouncyCastle.Asn1.Pkcs; +using Org.BouncyCastle.Asn1.X509; +using Org.BouncyCastle.Crypto; +using Org.BouncyCastle.Crypto.Generators; +using Org.BouncyCastle.Crypto.Parameters; + +namespace Org.BouncyCastle.Cms +{ + /// + /// PKCS5 scheme-2 - password converted to bytes assuming ASCII. + /// + public class Pkcs5Scheme2PbeKey + : CmsPbeKey + { + [Obsolete("Use version taking 'char[]' instead")] + public Pkcs5Scheme2PbeKey( + string password, + byte[] salt, + int iterationCount) + : this(password.ToCharArray(), salt, iterationCount) + { + } + + [Obsolete("Use version taking 'char[]' instead")] + public Pkcs5Scheme2PbeKey( + string password, + AlgorithmIdentifier keyDerivationAlgorithm) + : this(password.ToCharArray(), keyDerivationAlgorithm) + { + } + + public Pkcs5Scheme2PbeKey( + char[] password, + byte[] salt, + int iterationCount) + : base(password, salt, iterationCount) + { + } + + public Pkcs5Scheme2PbeKey( + char[] password, + AlgorithmIdentifier keyDerivationAlgorithm) + : base(password, keyDerivationAlgorithm) + { + } + + internal override KeyParameter GetEncoded( + string algorithmOid) + { + Pkcs5S2ParametersGenerator gen = new Pkcs5S2ParametersGenerator(); + + gen.Init( + PbeParametersGenerator.Pkcs5PasswordToBytes(password), + salt, + iterationCount); + + return (KeyParameter) gen.GenerateDerivedParameters( + algorithmOid, + CmsEnvelopedHelper.Instance.GetKeySize(algorithmOid)); + } + } +} diff --git a/BouncyCastle/crypto/src/cms/PKCS5Scheme2UTF8PBEKey.cs b/BouncyCastle/crypto/src/cms/PKCS5Scheme2UTF8PBEKey.cs new file mode 100644 index 0000000..7aecc29 --- /dev/null +++ b/BouncyCastle/crypto/src/cms/PKCS5Scheme2UTF8PBEKey.cs @@ -0,0 +1,64 @@ +using System; + +using Org.BouncyCastle.Asn1.Pkcs; +using Org.BouncyCastle.Asn1.X509; +using Org.BouncyCastle.Crypto; +using Org.BouncyCastle.Crypto.Generators; +using Org.BouncyCastle.Crypto.Parameters; + +namespace Org.BouncyCastle.Cms +{ + /** + * PKCS5 scheme-2 - password converted to bytes using UTF-8. + */ + public class Pkcs5Scheme2Utf8PbeKey + : CmsPbeKey + { + [Obsolete("Use version taking 'char[]' instead")] + public Pkcs5Scheme2Utf8PbeKey( + string password, + byte[] salt, + int iterationCount) + : this(password.ToCharArray(), salt, iterationCount) + { + } + + [Obsolete("Use version taking 'char[]' instead")] + public Pkcs5Scheme2Utf8PbeKey( + string password, + AlgorithmIdentifier keyDerivationAlgorithm) + : this(password.ToCharArray(), keyDerivationAlgorithm) + { + } + + public Pkcs5Scheme2Utf8PbeKey( + char[] password, + byte[] salt, + int iterationCount) + : base(password, salt, iterationCount) + { + } + + public Pkcs5Scheme2Utf8PbeKey( + char[] password, + AlgorithmIdentifier keyDerivationAlgorithm) + : base(password, keyDerivationAlgorithm) + { + } + + internal override KeyParameter GetEncoded( + string algorithmOid) + { + Pkcs5S2ParametersGenerator gen = new Pkcs5S2ParametersGenerator(); + + gen.Init( + PbeParametersGenerator.Pkcs5PasswordToUtf8Bytes(password), + salt, + iterationCount); + + return (KeyParameter) gen.GenerateDerivedParameters( + algorithmOid, + CmsEnvelopedHelper.Instance.GetKeySize(algorithmOid)); + } + } +} diff --git a/BouncyCastle/crypto/src/cms/PasswordRecipientInfoGenerator.cs b/BouncyCastle/crypto/src/cms/PasswordRecipientInfoGenerator.cs new file mode 100644 index 0000000..9916edf --- /dev/null +++ b/BouncyCastle/crypto/src/cms/PasswordRecipientInfoGenerator.cs @@ -0,0 +1,70 @@ +using System; + +using Org.BouncyCastle.Asn1; +using Org.BouncyCastle.Asn1.Cms; +using Org.BouncyCastle.Asn1.Pkcs; +using Org.BouncyCastle.Asn1.X509; +using Org.BouncyCastle.Crypto; +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Security; +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Cms +{ + internal class PasswordRecipientInfoGenerator : RecipientInfoGenerator + { + private static readonly CmsEnvelopedHelper Helper = CmsEnvelopedHelper.Instance; + + private AlgorithmIdentifier keyDerivationAlgorithm; + private KeyParameter keyEncryptionKey; + // TODO Can get this from keyEncryptionKey? + private string keyEncryptionKeyOID; + + internal PasswordRecipientInfoGenerator() + { + } + + internal AlgorithmIdentifier KeyDerivationAlgorithm + { + set { this.keyDerivationAlgorithm = value; } + } + + internal KeyParameter KeyEncryptionKey + { + set { this.keyEncryptionKey = value; } + } + + internal string KeyEncryptionKeyOID + { + set { this.keyEncryptionKeyOID = value; } + } + + public RecipientInfo Generate(KeyParameter contentEncryptionKey, SecureRandom random) + { + byte[] keyBytes = contentEncryptionKey.GetKey(); + + string rfc3211WrapperName = Helper.GetRfc3211WrapperName(keyEncryptionKeyOID); + IWrapper keyWrapper = Helper.CreateWrapper(rfc3211WrapperName); + + // Note: In Java build, the IV is automatically generated in JCE layer + int ivLength = Platform.StartsWith(rfc3211WrapperName, "DESEDE") ? 8 : 16; + byte[] iv = new byte[ivLength]; + random.NextBytes(iv); + + ICipherParameters parameters = new ParametersWithIV(keyEncryptionKey, iv); + keyWrapper.Init(true, new ParametersWithRandom(parameters, random)); + Asn1OctetString encryptedKey = new DerOctetString( + keyWrapper.Wrap(keyBytes, 0, keyBytes.Length)); + + DerSequence seq = new DerSequence( + new DerObjectIdentifier(keyEncryptionKeyOID), + new DerOctetString(iv)); + + AlgorithmIdentifier keyEncryptionAlgorithm = new AlgorithmIdentifier( + PkcsObjectIdentifiers.IdAlgPwriKek, seq); + + return new RecipientInfo(new PasswordRecipientInfo( + keyDerivationAlgorithm, keyEncryptionAlgorithm, encryptedKey)); + } + } +} diff --git a/BouncyCastle/crypto/src/cms/PasswordRecipientInformation.cs b/BouncyCastle/crypto/src/cms/PasswordRecipientInformation.cs new file mode 100644 index 0000000..f629cab --- /dev/null +++ b/BouncyCastle/crypto/src/cms/PasswordRecipientInformation.cs @@ -0,0 +1,79 @@ +using System; +using System.IO; + +using Org.BouncyCastle.Asn1; +using Org.BouncyCastle.Asn1.Cms; +using Org.BouncyCastle.Asn1.X509; +using Org.BouncyCastle.Crypto; +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Security; + +namespace Org.BouncyCastle.Cms +{ + /** + * the RecipientInfo class for a recipient who has been sent a message + * encrypted using a password. + */ + public class PasswordRecipientInformation + : RecipientInformation + { + private readonly PasswordRecipientInfo info; + + internal PasswordRecipientInformation( + PasswordRecipientInfo info, + CmsSecureReadable secureReadable) + : base(info.KeyEncryptionAlgorithm, secureReadable) + { + this.info = info; + this.rid = new RecipientID(); + } + + /** + * return the object identifier for the key derivation algorithm, or null + * if there is none present. + * + * @return OID for key derivation algorithm, if present. + */ + public virtual AlgorithmIdentifier KeyDerivationAlgorithm + { + get { return info.KeyDerivationAlgorithm; } + } + + /** + * decrypt the content and return an input stream. + */ + public override CmsTypedStream GetContentStream( + ICipherParameters key) + { + try + { + AlgorithmIdentifier kekAlg = AlgorithmIdentifier.GetInstance(info.KeyEncryptionAlgorithm); + Asn1Sequence kekAlgParams = (Asn1Sequence)kekAlg.Parameters; + byte[] encryptedKey = info.EncryptedKey.GetOctets(); + string kekAlgName = DerObjectIdentifier.GetInstance(kekAlgParams[0]).Id; + string cName = CmsEnvelopedHelper.Instance.GetRfc3211WrapperName(kekAlgName); + IWrapper keyWrapper = WrapperUtilities.GetWrapper(cName); + + byte[] iv = Asn1OctetString.GetInstance(kekAlgParams[1]).GetOctets(); + + ICipherParameters parameters = ((CmsPbeKey)key).GetEncoded(kekAlgName); + parameters = new ParametersWithIV(parameters, iv); + + keyWrapper.Init(false, parameters); + + KeyParameter sKey = ParameterUtilities.CreateKeyParameter( + GetContentAlgorithmName(), keyWrapper.Unwrap(encryptedKey, 0, encryptedKey.Length)); + + return GetContentFromSessionKey(sKey); + } + catch (SecurityUtilityException e) + { + throw new CmsException("couldn't create cipher.", e); + } + catch (InvalidKeyException e) + { + throw new CmsException("key invalid in message.", e); + } + } + } +} diff --git a/BouncyCastle/crypto/src/cms/RecipientId.cs b/BouncyCastle/crypto/src/cms/RecipientId.cs new file mode 100644 index 0000000..9b6eb09 --- /dev/null +++ b/BouncyCastle/crypto/src/cms/RecipientId.cs @@ -0,0 +1,58 @@ +using System; + +using Org.BouncyCastle.Asn1.X509; +using Org.BouncyCastle.Math; +using Org.BouncyCastle.Utilities; +using Org.BouncyCastle.X509.Store; + +namespace Org.BouncyCastle.Cms +{ + public class RecipientID + : X509CertStoreSelector + { + private byte[] keyIdentifier; + + public byte[] KeyIdentifier + { + get { return Arrays.Clone(keyIdentifier); } + set { keyIdentifier = Arrays.Clone(value); } + } + + public override int GetHashCode() + { + int code = Arrays.GetHashCode(keyIdentifier) + ^ Arrays.GetHashCode(this.SubjectKeyIdentifier); + + BigInteger serialNumber = this.SerialNumber; + if (serialNumber != null) + { + code ^= serialNumber.GetHashCode(); + } + + X509Name issuer = this.Issuer; + if (issuer != null) + { + code ^= issuer.GetHashCode(); + } + + return code; + } + + public override bool Equals( + object obj) + { + if (obj == this) + return true; + + RecipientID id = obj as RecipientID; + + if (id == null) + return false; + + return Arrays.AreEqual(keyIdentifier, id.keyIdentifier) + && Arrays.AreEqual(SubjectKeyIdentifier, id.SubjectKeyIdentifier) + && Platform.Equals(SerialNumber, id.SerialNumber) + && IssuersMatch(Issuer, id.Issuer); + } + } +} diff --git a/BouncyCastle/crypto/src/cms/RecipientInfoGenerator.cs b/BouncyCastle/crypto/src/cms/RecipientInfoGenerator.cs new file mode 100644 index 0000000..75f5dcc --- /dev/null +++ b/BouncyCastle/crypto/src/cms/RecipientInfoGenerator.cs @@ -0,0 +1,26 @@ +using System; + +using Org.BouncyCastle.Asn1.Cms; +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Security; + +namespace Org.BouncyCastle.Cms +{ + public interface RecipientInfoGenerator + { + /// + /// Generate a RecipientInfo object for the given key. + /// + /// + /// A + /// + /// + /// A + /// + /// + /// A + /// + /// + RecipientInfo Generate(KeyParameter contentEncryptionKey, SecureRandom random); + } +} diff --git a/BouncyCastle/crypto/src/cms/RecipientInformation.cs b/BouncyCastle/crypto/src/cms/RecipientInformation.cs new file mode 100644 index 0000000..272b841 --- /dev/null +++ b/BouncyCastle/crypto/src/cms/RecipientInformation.cs @@ -0,0 +1,126 @@ +using System; +using System.IO; + +using Org.BouncyCastle.Asn1; +using Org.BouncyCastle.Asn1.Nist; +using Org.BouncyCastle.Asn1.Pkcs; +using Org.BouncyCastle.Asn1.X509; +using Org.BouncyCastle.Crypto; +using Org.BouncyCastle.Crypto.IO; +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Security; +using Org.BouncyCastle.Utilities; +using Org.BouncyCastle.Utilities.Collections; + +namespace Org.BouncyCastle.Cms +{ + public abstract class RecipientInformation + { + internal RecipientID rid = new RecipientID(); + internal AlgorithmIdentifier keyEncAlg; + internal CmsSecureReadable secureReadable; + + private byte[] resultMac; + + internal RecipientInformation( + AlgorithmIdentifier keyEncAlg, + CmsSecureReadable secureReadable) + { + this.keyEncAlg = keyEncAlg; + this.secureReadable = secureReadable; + } + + internal string GetContentAlgorithmName() + { + AlgorithmIdentifier algorithm = secureReadable.Algorithm; +// return CmsEnvelopedHelper.Instance.GetSymmetricCipherName(algorithm.Algorithm.Id); + return algorithm.Algorithm.Id; + } + + public RecipientID RecipientID + { + get { return rid; } + } + + public AlgorithmIdentifier KeyEncryptionAlgorithmID + { + get { return keyEncAlg; } + } + + /** + * return the object identifier for the key encryption algorithm. + * + * @return OID for key encryption algorithm. + */ + public string KeyEncryptionAlgOid + { + get { return keyEncAlg.Algorithm.Id; } + } + + /** + * return the ASN.1 encoded key encryption algorithm parameters, or null if + * there aren't any. + * + * @return ASN.1 encoding of key encryption algorithm parameters. + */ + public Asn1Object KeyEncryptionAlgParams + { + get + { + Asn1Encodable ae = keyEncAlg.Parameters; + + return ae == null ? null : ae.ToAsn1Object(); + } + } + + internal CmsTypedStream GetContentFromSessionKey( + KeyParameter sKey) + { + CmsReadable readable = secureReadable.GetReadable(sKey); + + try + { + return new CmsTypedStream(readable.GetInputStream()); + } + catch (IOException e) + { + throw new CmsException("error getting .", e); + } + } + + public byte[] GetContent( + ICipherParameters key) + { + try + { + return CmsUtilities.StreamToByteArray(GetContentStream(key).ContentStream); + } + catch (IOException e) + { + throw new Exception("unable to parse internal stream: " + e); + } + } + + /** + * Return the MAC calculated for the content stream. Note: this call is only meaningful once all + * the content has been read. + * + * @return byte array containing the mac. + */ + public byte[] GetMac() + { + if (resultMac == null) + { + object cryptoObject = secureReadable.CryptoObject; + if (cryptoObject is IMac) + { + resultMac = MacUtilities.DoFinal((IMac)cryptoObject); + } + } + + return Arrays.Clone(resultMac); + } + + public abstract CmsTypedStream GetContentStream(ICipherParameters key); + } +} diff --git a/BouncyCastle/crypto/src/cms/RecipientInformationStore.cs b/BouncyCastle/crypto/src/cms/RecipientInformationStore.cs new file mode 100644 index 0000000..33b472f --- /dev/null +++ b/BouncyCastle/crypto/src/cms/RecipientInformationStore.cs @@ -0,0 +1,86 @@ +using System; +using System.Collections; + +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Cms +{ + public class RecipientInformationStore + { + private readonly IList all; //ArrayList[RecipientInformation] + private readonly IDictionary table = Platform.CreateHashtable(); // Hashtable[RecipientID, ArrayList[RecipientInformation]] + + public RecipientInformationStore( + ICollection recipientInfos) + { + foreach (RecipientInformation recipientInformation in recipientInfos) + { + RecipientID rid = recipientInformation.RecipientID; + IList list = (IList)table[rid]; + + if (list == null) + { + table[rid] = list = Platform.CreateArrayList(1); + } + + list.Add(recipientInformation); + } + + this.all = Platform.CreateArrayList(recipientInfos); + } + + public RecipientInformation this[RecipientID selector] + { + get { return GetFirstRecipient(selector); } + } + + /** + * Return the first RecipientInformation object that matches the + * passed in selector. Null if there are no matches. + * + * @param selector to identify a recipient + * @return a single RecipientInformation object. Null if none matches. + */ + public RecipientInformation GetFirstRecipient( + RecipientID selector) + { + IList list = (IList) table[selector]; + + return list == null ? null : (RecipientInformation) list[0]; + } + + /** + * Return the number of recipients in the collection. + * + * @return number of recipients identified. + */ + public int Count + { + get { return all.Count; } + } + + /** + * Return all recipients in the collection + * + * @return a collection of recipients. + */ + public ICollection GetRecipients() + { + return Platform.CreateArrayList(all); + } + + /** + * Return possible empty collection with recipients matching the passed in RecipientID + * + * @param selector a recipient id to select against. + * @return a collection of RecipientInformation objects. + */ + public ICollection GetRecipients( + RecipientID selector) + { + IList list = (IList)table[selector]; + + return list == null ? Platform.CreateArrayList() : Platform.CreateArrayList(list); + } + } +} diff --git a/BouncyCastle/crypto/src/cms/SignerId.cs b/BouncyCastle/crypto/src/cms/SignerId.cs new file mode 100644 index 0000000..baac936 --- /dev/null +++ b/BouncyCastle/crypto/src/cms/SignerId.cs @@ -0,0 +1,51 @@ +using System; + +using Org.BouncyCastle.Asn1.X509; +using Org.BouncyCastle.Math; +using Org.BouncyCastle.Utilities; +using Org.BouncyCastle.X509.Store; + +namespace Org.BouncyCastle.Cms +{ + /** + * a basic index for a signer. + */ + public class SignerID + : X509CertStoreSelector + { + public override int GetHashCode() + { + int code = Arrays.GetHashCode(this.SubjectKeyIdentifier); + + BigInteger serialNumber = this.SerialNumber; + if (serialNumber != null) + { + code ^= serialNumber.GetHashCode(); + } + + X509Name issuer = this.Issuer; + if (issuer != null) + { + code ^= issuer.GetHashCode(); + } + + return code; + } + + public override bool Equals( + object obj) + { + if (obj == this) + return false; + + SignerID id = obj as SignerID; + + if (id == null) + return false; + + return Arrays.AreEqual(SubjectKeyIdentifier, id.SubjectKeyIdentifier) + && Platform.Equals(SerialNumber, id.SerialNumber) + && IssuersMatch(Issuer, id.Issuer); + } + } +} diff --git a/BouncyCastle/crypto/src/cms/SignerInfoGenerator.cs b/BouncyCastle/crypto/src/cms/SignerInfoGenerator.cs new file mode 100644 index 0000000..786749c --- /dev/null +++ b/BouncyCastle/crypto/src/cms/SignerInfoGenerator.cs @@ -0,0 +1,177 @@ +using System; + +using Org.BouncyCastle.Asn1; +using Org.BouncyCastle.Asn1.Cms; +using Org.BouncyCastle.Asn1.X509; +using Org.BouncyCastle.Crypto; +using Org.BouncyCastle.X509; + +namespace Org.BouncyCastle.Cms +{ + internal interface ISignerInfoGenerator + { + SignerInfo Generate(DerObjectIdentifier contentType, AlgorithmIdentifier digestAlgorithm, + byte[] calculatedDigest); + } + + public class SignerInfoGenerator + { + internal X509Certificate certificate; + internal ISignatureFactory contentSigner; + internal SignerIdentifier sigId; + internal CmsAttributeTableGenerator signedGen; + internal CmsAttributeTableGenerator unsignedGen; + private bool isDirectSignature; + + internal SignerInfoGenerator(SignerIdentifier sigId, ISignatureFactory signerFactory): this(sigId, signerFactory, false) + { + + } + + internal SignerInfoGenerator(SignerIdentifier sigId, ISignatureFactory signerFactory, bool isDirectSignature) + { + this.sigId = sigId; + this.contentSigner = signerFactory; + this.isDirectSignature = isDirectSignature; + if (this.isDirectSignature) + { + this.signedGen = null; + this.unsignedGen = null; + } + else + { + this.signedGen = new DefaultSignedAttributeTableGenerator(); + this.unsignedGen = null; + } + } + + internal SignerInfoGenerator(SignerIdentifier sigId, ISignatureFactory contentSigner, CmsAttributeTableGenerator signedGen, CmsAttributeTableGenerator unsignedGen) + { + this.sigId = sigId; + this.contentSigner = contentSigner; + this.signedGen = signedGen; + this.unsignedGen = unsignedGen; + this.isDirectSignature = false; + } + + internal void setAssociatedCertificate(X509Certificate certificate) + { + this.certificate = certificate; + } + + public SignerInfoGeneratorBuilder NewBuilder() + { + SignerInfoGeneratorBuilder builder = new SignerInfoGeneratorBuilder(); + builder.WithSignedAttributeGenerator(signedGen); + builder.WithUnsignedAttributeGenerator(unsignedGen); + builder.SetDirectSignature(isDirectSignature); + return builder; + } + + } + + public class SignerInfoGeneratorBuilder + { + private bool directSignature; + private CmsAttributeTableGenerator signedGen; + private CmsAttributeTableGenerator unsignedGen; + + public SignerInfoGeneratorBuilder() + { + } + + + /** + * If the passed in flag is true, the signer signature will be based on the data, not + * a collection of signed attributes, and no signed attributes will be included. + * + * @return the builder object + */ + public SignerInfoGeneratorBuilder SetDirectSignature(bool hasNoSignedAttributes) + { + this.directSignature = hasNoSignedAttributes; + + return this; + } + + /** + * Provide a custom signed attribute generator. + * + * @param signedGen a generator of signed attributes. + * @return the builder object + */ + public SignerInfoGeneratorBuilder WithSignedAttributeGenerator(CmsAttributeTableGenerator signedGen) + { + this.signedGen = signedGen; + + return this; + } + + /** + * Provide a generator of unsigned attributes. + * + * @param unsignedGen a generator for signed attributes. + * @return the builder object + */ + public SignerInfoGeneratorBuilder WithUnsignedAttributeGenerator(CmsAttributeTableGenerator unsignedGen) + { + this.unsignedGen = unsignedGen; + + return this; + } + + /** + * Build a generator with the passed in X.509 certificate issuer and serial number as the signerIdentifier. + * + * @param contentSigner operator for generating the final signature in the SignerInfo with. + * @param certificate X.509 certificate related to the contentSigner. + * @return a SignerInfoGenerator + * @throws OperatorCreationException if the generator cannot be built. + */ + public SignerInfoGenerator Build(ISignatureFactory contentSigner, X509Certificate certificate) + { + SignerIdentifier sigId = new SignerIdentifier(new IssuerAndSerialNumber(certificate.IssuerDN, new DerInteger(certificate.SerialNumber))); + + SignerInfoGenerator sigInfoGen = CreateGenerator(contentSigner, sigId); + + sigInfoGen.setAssociatedCertificate(certificate); + + return sigInfoGen; + } + + /** + * Build a generator with the passed in subjectKeyIdentifier as the signerIdentifier. If used you should + * try to follow the calculation described in RFC 5280 section 4.2.1.2. + * + * @param signerFactory operator factory for generating the final signature in the SignerInfo with. + * @param subjectKeyIdentifier key identifier to identify the public key for verifying the signature. + * @return a SignerInfoGenerator + */ + public SignerInfoGenerator Build(ISignatureFactory signerFactory, byte[] subjectKeyIdentifier) + { + SignerIdentifier sigId = new SignerIdentifier(new DerOctetString(subjectKeyIdentifier)); + + return CreateGenerator(signerFactory, sigId); + } + + private SignerInfoGenerator CreateGenerator(ISignatureFactory contentSigner, SignerIdentifier sigId) + { + if (directSignature) + { + return new SignerInfoGenerator(sigId, contentSigner, true); + } + + if (signedGen != null || unsignedGen != null) + { + if (signedGen == null) + { + signedGen = new DefaultSignedAttributeTableGenerator(); + } + + return new SignerInfoGenerator(sigId, contentSigner, signedGen, unsignedGen); + } + + return new SignerInfoGenerator(sigId, contentSigner); + } + } +} diff --git a/BouncyCastle/crypto/src/cms/SignerInformation.cs b/BouncyCastle/crypto/src/cms/SignerInformation.cs new file mode 100644 index 0000000..3ab1c09 --- /dev/null +++ b/BouncyCastle/crypto/src/cms/SignerInformation.cs @@ -0,0 +1,815 @@ +using System; +using System.Collections; +using System.IO; + +using Org.BouncyCastle.Asn1; +using Org.BouncyCastle.Asn1.Cms; +using Org.BouncyCastle.Asn1.X509; +using Org.BouncyCastle.Crypto; +using Org.BouncyCastle.Crypto.Engines; +using Org.BouncyCastle.Crypto.IO; +using Org.BouncyCastle.Crypto.Signers; +using Org.BouncyCastle.Security; +using Org.BouncyCastle.Utilities; +using Org.BouncyCastle.X509; + +namespace Org.BouncyCastle.Cms +{ + /** + * an expanded SignerInfo block from a CMS Signed message + */ + public class SignerInformation + { + private static readonly CmsSignedHelper Helper = CmsSignedHelper.Instance; + + private SignerID sid; + + private CmsProcessable content; + private byte[] signature; + private DerObjectIdentifier contentType; + private byte[] calculatedDigest; + private byte[] resultDigest; + + // Derived + private Asn1.Cms.AttributeTable signedAttributeTable; + private Asn1.Cms.AttributeTable unsignedAttributeTable; + private readonly bool isCounterSignature; + + protected SignerInfo info; + protected AlgorithmIdentifier digestAlgorithm; + protected AlgorithmIdentifier encryptionAlgorithm; + protected readonly Asn1Set signedAttributeSet; + protected readonly Asn1Set unsignedAttributeSet; + + internal SignerInformation( + SignerInfo info, + DerObjectIdentifier contentType, + CmsProcessable content, + IDigestCalculator digestCalculator) + { + this.info = info; + this.sid = new SignerID(); + this.contentType = contentType; + this.isCounterSignature = contentType == null; + + try + { + SignerIdentifier s = info.SignerID; + + if (s.IsTagged) + { + Asn1OctetString octs = Asn1OctetString.GetInstance(s.ID); + + sid.SubjectKeyIdentifier = octs.GetEncoded(); + } + else + { + Asn1.Cms.IssuerAndSerialNumber iAnds = + Asn1.Cms.IssuerAndSerialNumber.GetInstance(s.ID); + + sid.Issuer = iAnds.Name; + sid.SerialNumber = iAnds.SerialNumber.Value; + } + } + catch (IOException) + { + throw new ArgumentException("invalid sid in SignerInfo"); + } + + this.digestAlgorithm = info.DigestAlgorithm; + this.signedAttributeSet = info.AuthenticatedAttributes; + this.unsignedAttributeSet = info.UnauthenticatedAttributes; + this.encryptionAlgorithm = info.DigestEncryptionAlgorithm; + this.signature = (byte[])info.EncryptedDigest.GetOctets().Clone(); + + this.content = content; + this.calculatedDigest = (digestCalculator != null) ? digestCalculator.GetDigest() : null; + } + + /** + * Protected constructor. In some cases clients have their own idea about how to encode + * the signed attributes and calculate the signature. This constructor is to allow developers + * to deal with that by extending off the class and overriding e.g. SignedAttributes property. + * + * @param baseInfo the SignerInformation to base this one on. + */ + protected SignerInformation(SignerInformation baseInfo) + { + this.info = baseInfo.info; + this.content = baseInfo.content; + this.contentType = baseInfo.contentType; + this.isCounterSignature = baseInfo.IsCounterSignature; + this.sid = baseInfo.sid; + this.digestAlgorithm = info.DigestAlgorithm; + this.signedAttributeSet = info.AuthenticatedAttributes; + this.unsignedAttributeSet = info.UnauthenticatedAttributes; + this.encryptionAlgorithm = info.DigestEncryptionAlgorithm; + this.signature = (byte[])info.EncryptedDigest.GetOctets().Clone(); + + this.calculatedDigest = baseInfo.calculatedDigest; + this.signedAttributeTable = baseInfo.signedAttributeTable; + this.unsignedAttributeTable = baseInfo.unsignedAttributeTable; + } + + public bool IsCounterSignature + { + get { return isCounterSignature; } + } + + public DerObjectIdentifier ContentType + { + get { return contentType; } + } + + public SignerID SignerID + { + get { return sid; } + } + + /** + * return the version number for this objects underlying SignerInfo structure. + */ + public int Version + { + get { return info.Version.IntValueExact; } + } + + public AlgorithmIdentifier DigestAlgorithmID + { + get { return digestAlgorithm; } + } + + /** + * return the object identifier for the signature. + */ + public string DigestAlgOid + { + get { return digestAlgorithm.Algorithm.Id; } + } + + /** + * return the signature parameters, or null if there aren't any. + */ + public Asn1Object DigestAlgParams + { + get + { + Asn1Encodable ae = digestAlgorithm.Parameters; + + return ae == null ? null : ae.ToAsn1Object(); + } + } + + /** + * return the content digest that was calculated during verification. + */ + public byte[] GetContentDigest() + { + if (resultDigest == null) + { + throw new InvalidOperationException("method can only be called after verify."); + } + + return (byte[])resultDigest.Clone(); + } + + public AlgorithmIdentifier EncryptionAlgorithmID + { + get { return encryptionAlgorithm; } + } + + /** + * return the object identifier for the signature. + */ + public string EncryptionAlgOid + { + get { return encryptionAlgorithm.Algorithm.Id; } + } + + /** + * return the signature/encryption algorithm parameters, or null if + * there aren't any. + */ + public Asn1Object EncryptionAlgParams + { + get + { + Asn1Encodable ae = encryptionAlgorithm.Parameters; + + return ae == null ? null : ae.ToAsn1Object(); + } + } + + /** + * return a table of the signed attributes - indexed by + * the OID of the attribute. + */ + public Asn1.Cms.AttributeTable SignedAttributes + { + get + { + if (signedAttributeSet != null && signedAttributeTable == null) + { + signedAttributeTable = new Asn1.Cms.AttributeTable(signedAttributeSet); + } + return signedAttributeTable; + } + } + + /** + * return a table of the unsigned attributes indexed by + * the OID of the attribute. + */ + public Asn1.Cms.AttributeTable UnsignedAttributes + { + get + { + if (unsignedAttributeSet != null && unsignedAttributeTable == null) + { + unsignedAttributeTable = new Asn1.Cms.AttributeTable(unsignedAttributeSet); + } + return unsignedAttributeTable; + } + } + + /** + * return the encoded signature + */ + public byte[] GetSignature() + { + return (byte[]) signature.Clone(); + } + + /** + * Return a SignerInformationStore containing the counter signatures attached to this + * signer. If no counter signatures are present an empty store is returned. + */ + public SignerInformationStore GetCounterSignatures() + { + // TODO There are several checks implied by the RFC3852 comments that are missing + + /* + The countersignature attribute MUST be an unsigned attribute; it MUST + NOT be a signed attribute, an authenticated attribute, an + unauthenticated attribute, or an unprotected attribute. + */ + Asn1.Cms.AttributeTable unsignedAttributeTable = UnsignedAttributes; + if (unsignedAttributeTable == null) + { + return new SignerInformationStore(Platform.CreateArrayList(0)); + } + + IList counterSignatures = Platform.CreateArrayList(); + + /* + The UnsignedAttributes syntax is defined as a SET OF Attributes. The + UnsignedAttributes in a signerInfo may include multiple instances of + the countersignature attribute. + */ + Asn1EncodableVector allCSAttrs = unsignedAttributeTable.GetAll(CmsAttributes.CounterSignature); + + foreach (Asn1.Cms.Attribute counterSignatureAttribute in allCSAttrs) + { + /* + A countersignature attribute can have multiple attribute values. The + syntax is defined as a SET OF AttributeValue, and there MUST be one + or more instances of AttributeValue present. + */ + Asn1Set values = counterSignatureAttribute.AttrValues; + if (values.Count < 1) + { + // TODO Throw an appropriate exception? + } + + foreach (Asn1Encodable asn1Obj in values) + { + /* + Countersignature values have the same meaning as SignerInfo values + for ordinary signatures, except that: + + 1. The signedAttributes field MUST NOT contain a content-type + attribute; there is no content type for countersignatures. + + 2. The signedAttributes field MUST contain a message-digest + attribute if it contains any other attributes. + + 3. The input to the message-digesting process is the contents + octets of the DER encoding of the signatureValue field of the + SignerInfo value with which the attribute is associated. + */ + SignerInfo si = SignerInfo.GetInstance(asn1Obj.ToAsn1Object()); + + string digestName = CmsSignedHelper.Instance.GetDigestAlgName(si.DigestAlgorithm.Algorithm.Id); + + counterSignatures.Add(new SignerInformation(si, null, null, new CounterSignatureDigestCalculator(digestName, GetSignature()))); + } + } + + return new SignerInformationStore(counterSignatures); + } + + /** + * return the DER encoding of the signed attributes. + * @throws IOException if an encoding error occurs. + */ + public virtual byte[] GetEncodedSignedAttributes() + { + return signedAttributeSet == null + ? null + : signedAttributeSet.GetEncoded(Asn1Encodable.Der); + } + + private bool DoVerify( + AsymmetricKeyParameter key) + { + DerObjectIdentifier sigAlgOid = this.encryptionAlgorithm.Algorithm; + Asn1Encodable sigParams = this.encryptionAlgorithm.Parameters; + string digestName = Helper.GetDigestAlgName(this.EncryptionAlgOid); + + if (digestName.Equals(sigAlgOid.Id)) + { + digestName = Helper.GetDigestAlgName(this.DigestAlgOid); + } + + IDigest digest = Helper.GetDigestInstance(digestName); + ISigner sig; + + if (sigAlgOid.Equals(Asn1.Pkcs.PkcsObjectIdentifiers.IdRsassaPss)) + { + // RFC 4056 2.2 + // When the id-RSASSA-PSS algorithm identifier is used for a signature, + // the AlgorithmIdentifier parameters field MUST contain RSASSA-PSS-params. + if (sigParams == null) + throw new CmsException("RSASSA-PSS signature must specify algorithm parameters"); + + try + { + // TODO Provide abstract configuration mechanism + // (via alternate SignerUtilities.GetSigner method taking ASN.1 params) + + Asn1.Pkcs.RsassaPssParameters pss = Asn1.Pkcs.RsassaPssParameters.GetInstance( + sigParams.ToAsn1Object()); + + if (!pss.HashAlgorithm.Algorithm.Equals(this.digestAlgorithm.Algorithm)) + throw new CmsException("RSASSA-PSS signature parameters specified incorrect hash algorithm"); + if (!pss.MaskGenAlgorithm.Algorithm.Equals(Asn1.Pkcs.PkcsObjectIdentifiers.IdMgf1)) + throw new CmsException("RSASSA-PSS signature parameters specified unknown MGF"); + + IDigest pssDigest = DigestUtilities.GetDigest(pss.HashAlgorithm.Algorithm); + int saltLength = pss.SaltLength.IntValueExact; + + // RFC 4055 3.1 + // The value MUST be 1, which represents the trailer field with hexadecimal value 0xBC + if (!Asn1.Pkcs.RsassaPssParameters.DefaultTrailerField.Equals(pss.TrailerField)) + throw new CmsException("RSASSA-PSS signature parameters must have trailerField of 1"); + + IAsymmetricBlockCipher rsa = new RsaBlindedEngine(); + + if (signedAttributeSet == null && calculatedDigest != null) + { + sig = PssSigner.CreateRawSigner(rsa, pssDigest, pssDigest, saltLength, PssSigner.TrailerImplicit); + } + else + { + sig = new PssSigner(rsa, pssDigest, saltLength); + } + } + catch (Exception e) + { + throw new CmsException("failed to set RSASSA-PSS signature parameters", e); + } + } + else + { + // TODO Probably too strong a check at the moment + // if (sigParams != null) + // throw new CmsException("unrecognised signature parameters provided"); + + string signatureName = digestName + "with" + Helper.GetEncryptionAlgName(this.EncryptionAlgOid); + + sig = Helper.GetSignatureInstance(signatureName); + + //sig = Helper.GetSignatureInstance(this.EncryptionAlgOid); + //sig = SignerUtilities.GetSigner(sigAlgOid); + } + + try + { + if (calculatedDigest != null) + { + resultDigest = calculatedDigest; + } + else + { + if (content != null) + { + content.Write(new DigestSink(digest)); + } + else if (signedAttributeSet == null) + { + // TODO Get rid of this exception and just treat content==null as empty not missing? + throw new CmsException("data not encapsulated in signature - use detached constructor."); + } + + resultDigest = DigestUtilities.DoFinal(digest); + } + } + catch (IOException e) + { + throw new CmsException("can't process mime object to create signature.", e); + } + + // RFC 3852 11.1 Check the content-type attribute is correct + { + Asn1Object validContentType = GetSingleValuedSignedAttribute( + CmsAttributes.ContentType, "content-type"); + if (validContentType == null) + { + if (!isCounterSignature && signedAttributeSet != null) + throw new CmsException("The content-type attribute type MUST be present whenever signed attributes are present in signed-data"); + } + else + { + if (isCounterSignature) + throw new CmsException("[For counter signatures,] the signedAttributes field MUST NOT contain a content-type attribute"); + + if (!(validContentType is DerObjectIdentifier)) + throw new CmsException("content-type attribute value not of ASN.1 type 'OBJECT IDENTIFIER'"); + + DerObjectIdentifier signedContentType = (DerObjectIdentifier)validContentType; + + if (!signedContentType.Equals(contentType)) + throw new CmsException("content-type attribute value does not match eContentType"); + } + } + + // RFC 3852 11.2 Check the message-digest attribute is correct + { + Asn1Object validMessageDigest = GetSingleValuedSignedAttribute( + CmsAttributes.MessageDigest, "message-digest"); + if (validMessageDigest == null) + { + if (signedAttributeSet != null) + throw new CmsException("the message-digest signed attribute type MUST be present when there are any signed attributes present"); + } + else + { + if (!(validMessageDigest is Asn1OctetString)) + { + throw new CmsException("message-digest attribute value not of ASN.1 type 'OCTET STRING'"); + } + + Asn1OctetString signedMessageDigest = (Asn1OctetString)validMessageDigest; + + if (!Arrays.AreEqual(resultDigest, signedMessageDigest.GetOctets())) + throw new CmsException("message-digest attribute value does not match calculated value"); + } + } + + // RFC 3852 11.4 Validate countersignature attribute(s) + { + Asn1.Cms.AttributeTable signedAttrTable = this.SignedAttributes; + if (signedAttrTable != null + && signedAttrTable.GetAll(CmsAttributes.CounterSignature).Count > 0) + { + throw new CmsException("A countersignature attribute MUST NOT be a signed attribute"); + } + + Asn1.Cms.AttributeTable unsignedAttrTable = this.UnsignedAttributes; + if (unsignedAttrTable != null) + { + foreach (Asn1.Cms.Attribute csAttr in unsignedAttrTable.GetAll(CmsAttributes.CounterSignature)) + { + if (csAttr.AttrValues.Count < 1) + throw new CmsException("A countersignature attribute MUST contain at least one AttributeValue"); + + // Note: We don't recursively validate the countersignature value + } + } + } + + try + { + sig.Init(false, key); + + if (signedAttributeSet == null) + { + if (calculatedDigest != null) + { + if (sig is PssSigner) + { + sig.BlockUpdate(resultDigest, 0, resultDigest.Length); + } + else + { + // need to decrypt signature and check message bytes + return VerifyDigest(resultDigest, key, this.GetSignature()); + } + } + else if (content != null) + { + try + { + // TODO Use raw signature of the hash value instead + content.Write(new SignerSink(sig)); + } + catch (SignatureException e) + { + throw new CmsStreamException("signature problem: " + e); + } + } + } + else + { + byte[] tmp = this.GetEncodedSignedAttributes(); + sig.BlockUpdate(tmp, 0, tmp.Length); + } + + return sig.VerifySignature(this.GetSignature()); + } + catch (InvalidKeyException e) + { + throw new CmsException("key not appropriate to signature in message.", e); + } + catch (IOException e) + { + throw new CmsException("can't process mime object to create signature.", e); + } + catch (SignatureException e) + { + throw new CmsException("invalid signature format in message: " + e.Message, e); + } + } + + private bool IsNull( + Asn1Encodable o) + { + return (o is Asn1Null) || (o == null); + } + + private DigestInfo DerDecode( + byte[] encoding) + { + if (encoding[0] != (int)(Asn1Tags.Constructed | Asn1Tags.Sequence)) + { + throw new IOException("not a digest info object"); + } + + DigestInfo digInfo = DigestInfo.GetInstance(Asn1Object.FromByteArray(encoding)); + + // length check to avoid Bleichenbacher vulnerability + + if (digInfo.GetEncoded().Length != encoding.Length) + { + throw new CmsException("malformed RSA signature"); + } + + return digInfo; + } + + private bool VerifyDigest( + byte[] digest, + AsymmetricKeyParameter key, + byte[] signature) + { + string algorithm = Helper.GetEncryptionAlgName(this.EncryptionAlgOid); + + try + { + if (algorithm.Equals("RSA")) + { + IBufferedCipher c = CmsEnvelopedHelper.Instance.CreateAsymmetricCipher("RSA/ECB/PKCS1Padding"); + + c.Init(false, key); + + byte[] decrypt = c.DoFinal(signature); + + DigestInfo digInfo = DerDecode(decrypt); + + if (!digInfo.AlgorithmID.Algorithm.Equals(digestAlgorithm.Algorithm)) + { + return false; + } + + if (!IsNull(digInfo.AlgorithmID.Parameters)) + { + return false; + } + + byte[] sigHash = digInfo.GetDigest(); + + return Arrays.ConstantTimeAreEqual(digest, sigHash); + } + else if (algorithm.Equals("DSA")) + { + ISigner sig = SignerUtilities.GetSigner("NONEwithDSA"); + + sig.Init(false, key); + + sig.BlockUpdate(digest, 0, digest.Length); + + return sig.VerifySignature(signature); + } + else + { + throw new CmsException("algorithm: " + algorithm + " not supported in base signatures."); + } + } + catch (SecurityUtilityException e) + { + throw e; + } + catch (GeneralSecurityException e) + { + throw new CmsException("Exception processing signature: " + e, e); + } + catch (IOException e) + { + throw new CmsException("Exception decoding signature: " + e, e); + } + } + + /** + * verify that the given public key successfully handles and confirms the + * signature associated with this signer. + */ + public bool Verify( + AsymmetricKeyParameter pubKey) + { + if (pubKey.IsPrivate) + throw new ArgumentException("Expected public key", "pubKey"); + + // Optional, but still need to validate if present + GetSigningTime(); + + return DoVerify(pubKey); + } + + /** + * verify that the given certificate successfully handles and confirms + * the signature associated with this signer and, if a signingTime + * attribute is available, that the certificate was valid at the time the + * signature was generated. + */ + public bool Verify( + X509Certificate cert) + { + Asn1.Cms.Time signingTime = GetSigningTime(); + if (signingTime != null) + { + cert.CheckValidity(signingTime.Date); + } + + return DoVerify(cert.GetPublicKey()); + } + + /** + * Return the base ASN.1 CMS structure that this object contains. + * + * @return an object containing a CMS SignerInfo structure. + */ + public SignerInfo ToSignerInfo() + { + return info; + } + + private Asn1Object GetSingleValuedSignedAttribute( + DerObjectIdentifier attrOID, string printableName) + { + + Asn1.Cms.AttributeTable unsignedAttrTable = this.UnsignedAttributes; + if (unsignedAttrTable != null + && unsignedAttrTable.GetAll(attrOID).Count > 0) + { + throw new CmsException("The " + printableName + + " attribute MUST NOT be an unsigned attribute"); + } + + Asn1.Cms.AttributeTable signedAttrTable = this.SignedAttributes; + if (signedAttrTable == null) + { + return null; + } + + Asn1EncodableVector v = signedAttrTable.GetAll(attrOID); + switch (v.Count) + { + case 0: + return null; + case 1: + Asn1.Cms.Attribute t = (Asn1.Cms.Attribute) v[0]; + Asn1Set attrValues = t.AttrValues; + + if (attrValues.Count != 1) + throw new CmsException("A " + printableName + + " attribute MUST have a single attribute value"); + + return attrValues[0].ToAsn1Object(); + default: + throw new CmsException("The SignedAttributes in a signerInfo MUST NOT include multiple instances of the " + + printableName + " attribute"); + } + } + + private Asn1.Cms.Time GetSigningTime() + { + Asn1Object validSigningTime = GetSingleValuedSignedAttribute( + CmsAttributes.SigningTime, "signing-time"); + + if (validSigningTime == null) + return null; + + try + { + return Asn1.Cms.Time.GetInstance(validSigningTime); + } + catch (ArgumentException) + { + throw new CmsException("signing-time attribute value not a valid 'Time' structure"); + } + } + + /** + * Return a signer information object with the passed in unsigned + * attributes replacing the ones that are current associated with + * the object passed in. + * + * @param signerInformation the signerInfo to be used as the basis. + * @param unsignedAttributes the unsigned attributes to add. + * @return a copy of the original SignerInformationObject with the changed attributes. + */ + public static SignerInformation ReplaceUnsignedAttributes( + SignerInformation signerInformation, + Asn1.Cms.AttributeTable unsignedAttributes) + { + SignerInfo sInfo = signerInformation.info; + Asn1Set unsignedAttr = null; + + if (unsignedAttributes != null) + { + unsignedAttr = new DerSet(unsignedAttributes.ToAsn1EncodableVector()); + } + + return new SignerInformation( + new SignerInfo( + sInfo.SignerID, + sInfo.DigestAlgorithm, + sInfo.AuthenticatedAttributes, + sInfo.DigestEncryptionAlgorithm, + sInfo.EncryptedDigest, + unsignedAttr), + signerInformation.contentType, + signerInformation.content, + null); + } + + /** + * Return a signer information object with passed in SignerInformationStore representing counter + * signatures attached as an unsigned attribute. + * + * @param signerInformation the signerInfo to be used as the basis. + * @param counterSigners signer info objects carrying counter signature. + * @return a copy of the original SignerInformationObject with the changed attributes. + */ + public static SignerInformation AddCounterSigners( + SignerInformation signerInformation, + SignerInformationStore counterSigners) + { + // TODO Perform checks from RFC 3852 11.4 + + SignerInfo sInfo = signerInformation.info; + Asn1.Cms.AttributeTable unsignedAttr = signerInformation.UnsignedAttributes; + Asn1EncodableVector v; + + if (unsignedAttr != null) + { + v = unsignedAttr.ToAsn1EncodableVector(); + } + else + { + v = new Asn1EncodableVector(); + } + + Asn1EncodableVector sigs = new Asn1EncodableVector(); + + foreach (SignerInformation sigInf in counterSigners.GetSigners()) + { + sigs.Add(sigInf.ToSignerInfo()); + } + + v.Add(new Asn1.Cms.Attribute(CmsAttributes.CounterSignature, new DerSet(sigs))); + + return new SignerInformation( + new SignerInfo( + sInfo.SignerID, + sInfo.DigestAlgorithm, + sInfo.AuthenticatedAttributes, + sInfo.DigestEncryptionAlgorithm, + sInfo.EncryptedDigest, + new DerSet(v)), + signerInformation.contentType, + signerInformation.content, + null); + } + } +} diff --git a/BouncyCastle/crypto/src/cms/SignerInformationStore.cs b/BouncyCastle/crypto/src/cms/SignerInformationStore.cs new file mode 100644 index 0000000..2794086 --- /dev/null +++ b/BouncyCastle/crypto/src/cms/SignerInformationStore.cs @@ -0,0 +1,95 @@ +using System; +using System.Collections; +using System.IO; + +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Cms +{ + public class SignerInformationStore + { + private readonly IList all; //ArrayList[SignerInformation] + private readonly IDictionary table = Platform.CreateHashtable(); // Hashtable[SignerID, ArrayList[SignerInformation]] + + /** + * Create a store containing a single SignerInformation object. + * + * @param signerInfo the signer information to contain. + */ + public SignerInformationStore( + SignerInformation signerInfo) + { + this.all = Platform.CreateArrayList(1); + this.all.Add(signerInfo); + + SignerID sid = signerInfo.SignerID; + + table[sid] = all; + } + + /** + * Create a store containing a collection of SignerInformation objects. + * + * @param signerInfos a collection signer information objects to contain. + */ + public SignerInformationStore( + ICollection signerInfos) + { + foreach (SignerInformation signer in signerInfos) + { + SignerID sid = signer.SignerID; + IList list = (IList)table[sid]; + + if (list == null) + { + table[sid] = list = Platform.CreateArrayList(1); + } + + list.Add(signer); + } + + this.all = Platform.CreateArrayList(signerInfos); + } + + /** + * Return the first SignerInformation object that matches the + * passed in selector. Null if there are no matches. + * + * @param selector to identify a signer + * @return a single SignerInformation object. Null if none matches. + */ + public SignerInformation GetFirstSigner( + SignerID selector) + { + IList list = (IList) table[selector]; + + return list == null ? null : (SignerInformation) list[0]; + } + + /// The number of signers in the collection. + public int Count + { + get { return all.Count; } + } + + /// An ICollection of all signers in the collection + public ICollection GetSigners() + { + return Platform.CreateArrayList(all); + } + + /** + * Return possible empty collection with signers matching the passed in SignerID + * + * @param selector a signer id to select against. + * @return a collection of SignerInformation objects. + */ + public ICollection GetSigners( + SignerID selector) + { + IList list = (IList) table[selector]; + + return list == null ? Platform.CreateArrayList() : Platform.CreateArrayList(list); + } + } +} diff --git a/BouncyCastle/crypto/src/cms/SimpleAttributeTableGenerator.cs b/BouncyCastle/crypto/src/cms/SimpleAttributeTableGenerator.cs new file mode 100644 index 0000000..b3df21c --- /dev/null +++ b/BouncyCastle/crypto/src/cms/SimpleAttributeTableGenerator.cs @@ -0,0 +1,28 @@ +using System; +using System.Collections; + +using Org.BouncyCastle.Asn1.Cms; + +namespace Org.BouncyCastle.Cms +{ + /** + * Basic generator that just returns a preconstructed attribute table + */ + public class SimpleAttributeTableGenerator + : CmsAttributeTableGenerator + { + private readonly AttributeTable attributes; + + public SimpleAttributeTableGenerator( + AttributeTable attributes) + { + this.attributes = attributes; + } + + public virtual AttributeTable GetAttributes( + IDictionary parameters) + { + return attributes; + } + } +} diff --git a/BouncyCastle/crypto/src/crmf/AuthenticatorControl.cs b/BouncyCastle/crypto/src/crmf/AuthenticatorControl.cs new file mode 100644 index 0000000..fc546ed --- /dev/null +++ b/BouncyCastle/crypto/src/crmf/AuthenticatorControl.cs @@ -0,0 +1,52 @@ +using System; + +using Org.BouncyCastle.Asn1; +using Org.BouncyCastle.Asn1.Crmf; + +namespace Org.BouncyCastle.Crmf +{ + /// + /// Carrier for an authenticator control. + /// + public class AuthenticatorControl + : IControl + { + private static readonly DerObjectIdentifier type = CrmfObjectIdentifiers.id_regCtrl_authenticator; + + private readonly DerUtf8String token; + + /// + /// Basic constructor - build from a UTF-8 string representing the token. + /// + /// UTF-8 string representing the token. + public AuthenticatorControl(DerUtf8String token) + { + this.token = token; + } + + /// + /// Basic constructor - build from a string representing the token. + /// + /// string representing the token. + public AuthenticatorControl(string token) + { + this.token = new DerUtf8String(token); + } + + /// + /// Return the type of this control. + /// + public DerObjectIdentifier Type + { + get { return type; } + } + + /// + /// Return the token associated with this control (a UTF8String). + /// + public Asn1Encodable Value + { + get { return token; } + } + } +} diff --git a/BouncyCastle/crypto/src/crmf/CertificateRequestMessage.cs b/BouncyCastle/crypto/src/crmf/CertificateRequestMessage.cs new file mode 100644 index 0000000..c733eec --- /dev/null +++ b/BouncyCastle/crypto/src/crmf/CertificateRequestMessage.cs @@ -0,0 +1,229 @@ +using System; + +using Org.BouncyCastle.Asn1; +using Org.BouncyCastle.Asn1.Crmf; +using Org.BouncyCastle.Crypto; +using Org.BouncyCastle.Crypto.Operators; + +namespace Org.BouncyCastle.Crmf +{ + public class CertificateRequestMessage + { + public static readonly int popRaVerified = Org.BouncyCastle.Asn1.Crmf.ProofOfPossession.TYPE_RA_VERIFIED; + public static readonly int popSigningKey = Org.BouncyCastle.Asn1.Crmf.ProofOfPossession.TYPE_SIGNING_KEY; + public static readonly int popKeyEncipherment = Org.BouncyCastle.Asn1.Crmf.ProofOfPossession.TYPE_KEY_ENCIPHERMENT; + public static readonly int popKeyAgreement = Org.BouncyCastle.Asn1.Crmf.ProofOfPossession.TYPE_KEY_AGREEMENT; + + private readonly CertReqMsg certReqMsg; + private readonly Controls controls; + + private static CertReqMsg ParseBytes(byte[] encoding) + { + return CertReqMsg.GetInstance(encoding); + } + + /// + /// Create a CertificateRequestMessage from the passed in bytes. + /// + /// BER/DER encoding of the CertReqMsg structure. + public CertificateRequestMessage(byte[] encoded) + : this(CertReqMsg.GetInstance(encoded)) + { + } + + public CertificateRequestMessage(CertReqMsg certReqMsg) + { + this.certReqMsg = certReqMsg; + this.controls = certReqMsg.CertReq.Controls; + } + + /// + /// Return the underlying ASN.1 object defining this CertificateRequestMessage object. + /// + /// A CertReqMsg + public CertReqMsg ToAsn1Structure() + { + return certReqMsg; + } + + /// + /// Return the certificate template contained in this message. + /// + /// a CertTemplate structure. + public CertTemplate GetCertTemplate() + { + return this.certReqMsg.CertReq.CertTemplate; + } + + /// + /// Return whether or not this request has control values associated with it. + /// + /// true if there are control values present, false otherwise. + public bool HasControls + { + get { return controls != null; } + } + + /// + /// Return whether or not this request has a specific type of control value. + /// + /// the type OID for the control value we are checking for. + /// true if a control value of type is present, false otherwise. + public bool HasControl(DerObjectIdentifier objectIdentifier) + { + return FindControl(objectIdentifier) != null; + } + + /// + /// Return a control value of the specified type. + /// + /// the type OID for the control value we are checking for. + /// the control value if present, null otherwise. + public IControl GetControl(DerObjectIdentifier type) + { + AttributeTypeAndValue found = FindControl(type); + if (found != null) + { + if (found.Type.Equals(CrmfObjectIdentifiers.id_regCtrl_pkiArchiveOptions)) + { + return new PkiArchiveControl(PkiArchiveOptions.GetInstance(found.Value)); + } + + if (found.Type.Equals(CrmfObjectIdentifiers.id_regCtrl_regToken)) + { + return new RegTokenControl(DerUtf8String.GetInstance(found.Value)); + } + + if (found.Type.Equals(CrmfObjectIdentifiers.id_regCtrl_authenticator)) + { + return new AuthenticatorControl(DerUtf8String.GetInstance(found.Value)); + } + } + return null; + } + + public AttributeTypeAndValue FindControl(DerObjectIdentifier type) + { + if (controls == null) + { + return null; + } + + AttributeTypeAndValue[] tAndV = controls.ToAttributeTypeAndValueArray(); + AttributeTypeAndValue found = null; + + for (int i = 0; i < tAndV.Length; i++) + { + if (tAndV[i].Type.Equals(type)) + { + found = tAndV[i]; + break; + } + } + + return found; + } + + /// + /// Return whether or not this request message has a proof-of-possession field in it. + /// + /// true if proof-of-possession is present, false otherwise. + public bool HasProofOfPossession + { + get { return certReqMsg.Popo != null; } + } + + /// + /// Return the type of the proof-of-possession this request message provides. + /// + /// one of: popRaVerified, popSigningKey, popKeyEncipherment, popKeyAgreement + public int ProofOfPossession + { + get { return certReqMsg.Popo.Type; } + } + + /// + /// Return whether or not the proof-of-possession (POP) is of the type popSigningKey and + /// it has a public key MAC associated with it. + /// + /// true if POP is popSigningKey and a PKMAC is present, false otherwise. + public bool HasSigningKeyProofOfPossessionWithPkMac + { + get + { + ProofOfPossession pop = certReqMsg.Popo; + + if (pop.Type == popSigningKey) + { + PopoSigningKey popoSign = PopoSigningKey.GetInstance(pop.Object); + + return popoSign.PoposkInput.PublicKeyMac != null; + } + + return false; + } + } + + /// + /// Return whether or not a signing key proof-of-possession (POP) is valid. + /// + /// a provider that can produce content verifiers for the signature contained in this POP. + /// true if the POP is valid, false otherwise. + /// if there is a problem in verification or content verifier creation. + /// if POP not appropriate. + public bool IsValidSigningKeyPop(IVerifierFactoryProvider verifierProvider) + { + ProofOfPossession pop = certReqMsg.Popo; + if (pop.Type == popSigningKey) + { + PopoSigningKey popoSign = PopoSigningKey.GetInstance(pop.Object); + if (popoSign.PoposkInput != null && popoSign.PoposkInput.PublicKeyMac != null) + { + throw new InvalidOperationException("verification requires password check"); + } + return verifySignature(verifierProvider, popoSign); + } + + throw new InvalidOperationException("not Signing Key type of proof of possession"); + } + + private bool verifySignature(IVerifierFactoryProvider verifierFactoryProvider, PopoSigningKey signKey) + { + IVerifierFactory verifer; + IStreamCalculator calculator; + try + { + verifer = verifierFactoryProvider.CreateVerifierFactory(signKey.AlgorithmIdentifier); + calculator = verifer.CreateCalculator(); + } + catch (Exception ex) + { + throw new CrmfException("unable to create verifier: " + ex.Message, ex); + } + + if (signKey.PoposkInput != null) + { + byte[] b = signKey.GetDerEncoded(); + calculator.Stream.Write(b, 0, b.Length); + } + else + { + byte[] b = certReqMsg.CertReq.GetDerEncoded(); + calculator.Stream.Write(b, 0, b.Length); + } + + DefaultVerifierResult result = (DefaultVerifierResult)calculator.GetResult(); + + return result.IsVerified(signKey.Signature.GetBytes()); + } + + /// + /// Return the ASN.1 encoding of the certReqMsg we wrap. + /// + /// a byte array containing the binary encoding of the certReqMsg. + public byte[] GetEncoded() + { + return certReqMsg.GetEncoded(); + } + } +} diff --git a/BouncyCastle/crypto/src/crmf/CertificateRequestMessageBuilder.cs b/BouncyCastle/crypto/src/crmf/CertificateRequestMessageBuilder.cs new file mode 100644 index 0000000..88d1d87 --- /dev/null +++ b/BouncyCastle/crypto/src/crmf/CertificateRequestMessageBuilder.cs @@ -0,0 +1,263 @@ +using System; +using System.Collections; + +using Org.BouncyCastle.Asn1; +using Org.BouncyCastle.Asn1.Crmf; +using Org.BouncyCastle.Asn1.X509; +using Org.BouncyCastle.Crypto; +using Org.BouncyCastle.Crypto.Operators; +using Org.BouncyCastle.Math; +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Crmf +{ + public class CertificateRequestMessageBuilder + { + private readonly BigInteger _certReqId; + private X509ExtensionsGenerator _extGenerator; + private CertTemplateBuilder _templateBuilder; + private IList _controls = Platform.CreateArrayList(); + private ISignatureFactory _popSigner; + private PKMacBuilder _pkMacBuilder; + private char[] _password; + private GeneralName _sender; + private int _popoType = ProofOfPossession.TYPE_KEY_ENCIPHERMENT; + private PopoPrivKey _popoPrivKey; + private Asn1Null _popRaVerified; + private PKMacValue _agreeMac; + + public CertificateRequestMessageBuilder(BigInteger certReqId) + { + this._certReqId = certReqId; + this._extGenerator = new X509ExtensionsGenerator(); + this._templateBuilder = new CertTemplateBuilder(); + } + + public CertificateRequestMessageBuilder SetPublicKey(SubjectPublicKeyInfo publicKeyInfo) + { + if (publicKeyInfo != null) + { + _templateBuilder.SetPublicKey(publicKeyInfo); + } + + return this; + } + + public CertificateRequestMessageBuilder SetIssuer(X509Name issuer) + { + if (issuer != null) + { + _templateBuilder.SetIssuer(issuer); + } + + return this; + } + + public CertificateRequestMessageBuilder SetSubject(X509Name subject) + { + if (subject != null) + { + _templateBuilder.SetSubject(subject); + } + + return this; + } + + public CertificateRequestMessageBuilder SetSerialNumber(BigInteger serialNumber) + { + if (serialNumber != null) + { + _templateBuilder.SetSerialNumber(new DerInteger(serialNumber)); + } + + return this; + } + + public CertificateRequestMessageBuilder SetValidity(Time notBefore, Time notAfter) + { + _templateBuilder.SetValidity(new OptionalValidity(notBefore, notAfter)); + return this; + } + + public CertificateRequestMessageBuilder AddExtension(DerObjectIdentifier oid, bool critical, + Asn1Encodable value) + { + _extGenerator.AddExtension(oid, critical, value); + return this; + } + + public CertificateRequestMessageBuilder AddExtension(DerObjectIdentifier oid, bool critical, + byte[] value) + { + _extGenerator.AddExtension(oid, critical, value); + return this; + } + + public CertificateRequestMessageBuilder AddControl(IControl control) + { + _controls.Add(control); + return this; + } + + public CertificateRequestMessageBuilder SetProofOfPossessionSignKeySigner(ISignatureFactory popoSignatureFactory) + { + if (_popoPrivKey != null || _popRaVerified != null || _agreeMac != null) + { + throw new InvalidOperationException("only one proof of possession is allowed."); + } + + this._popSigner = popoSignatureFactory; + + return this; + } + + public CertificateRequestMessageBuilder SetProofOfPossessionSubsequentMessage(SubsequentMessage msg) + { + if (_popoPrivKey != null || _popRaVerified != null || _agreeMac != null) + { + throw new InvalidOperationException("only one proof of possession is allowed."); + } + + this._popoType = ProofOfPossession.TYPE_KEY_ENCIPHERMENT; + this._popoPrivKey = new PopoPrivKey(msg); + + return this; + } + + + public CertificateRequestMessageBuilder SetProofOfPossessionSubsequentMessage(int type, SubsequentMessage msg) + { + if (_popoPrivKey != null || _popRaVerified != null || _agreeMac != null) + { + throw new InvalidOperationException("only one proof of possession is allowed."); + } + + if (type != ProofOfPossession.TYPE_KEY_ENCIPHERMENT && type != ProofOfPossession.TYPE_KEY_AGREEMENT) + { + throw new ArgumentException("type must be ProofOfPossession.TYPE_KEY_ENCIPHERMENT || ProofOfPossession.TYPE_KEY_AGREEMENT"); + } + + this._popoType = type; + this._popoPrivKey = new PopoPrivKey(msg); + return this; + } + + public CertificateRequestMessageBuilder SetProofOfPossessionAgreeMac(PKMacValue macValue) + { + if (_popSigner != null || _popRaVerified != null || _popoPrivKey != null) + { + throw new InvalidOperationException("only one proof of possession allowed"); + } + + this._agreeMac = macValue; + return this; + } + + public CertificateRequestMessageBuilder SetProofOfPossessionRaVerified() + { + if (_popSigner != null || _popoPrivKey != null) + { + throw new InvalidOperationException("only one proof of possession allowed"); + } + + this._popRaVerified = DerNull.Instance; + + return this; + } + + public CertificateRequestMessageBuilder SetAuthInfoPKMAC(PKMacBuilder pkmacFactory, char[] password) + { + this._pkMacBuilder = pkmacFactory; + this._password = password; + + return this; + } + + public CertificateRequestMessageBuilder SetAuthInfoSender(X509Name sender) + { + return SetAuthInfoSender(new GeneralName(sender)); + } + + public CertificateRequestMessageBuilder SetAuthInfoSender(GeneralName sender) + { + this._sender = sender; + return this; + } + + public CertificateRequestMessage Build() + { + Asn1EncodableVector v = new Asn1EncodableVector(new DerInteger(this._certReqId)); + + if (!this._extGenerator.IsEmpty) + { + this._templateBuilder.SetExtensions(_extGenerator.Generate()); + } + + v.Add(_templateBuilder.Build()); + + if (_controls.Count > 0) + { + Asn1EncodableVector controlV = new Asn1EncodableVector(); + + foreach (object item in _controls) + { + IControl control = (IControl)item; + controlV.Add(new AttributeTypeAndValue(control.Type, control.Value)); + } + + v.Add(new DerSequence(controlV)); + } + + CertRequest request = CertRequest.GetInstance(new DerSequence(v)); + + v = new Asn1EncodableVector(request); + + if (_popSigner != null) + { + CertTemplate template = request.CertTemplate; + + if (template.Subject == null || template.PublicKey == null) + { + SubjectPublicKeyInfo pubKeyInfo = request.CertTemplate.PublicKey; + + ProofOfPossessionSigningKeyBuilder builder = new ProofOfPossessionSigningKeyBuilder(pubKeyInfo); + + if (_sender != null) + { + builder.SetSender(_sender); + } + else + { + //PKMACValueGenerator pkmacGenerator = new PKMACValueGenerator(_pkmacBuilder); + + builder.SetPublicKeyMac(_pkMacBuilder, _password); + } + + v.Add(new ProofOfPossession(builder.Build(_popSigner))); + } + else + { + ProofOfPossessionSigningKeyBuilder builder = new ProofOfPossessionSigningKeyBuilder(request); + + v.Add(new ProofOfPossession(builder.Build(_popSigner))); + } + } + else if (_popoPrivKey != null) + { + v.Add(new ProofOfPossession(_popoType, _popoPrivKey)); + } + else if (_agreeMac != null) + { + v.Add(new ProofOfPossession(ProofOfPossession.TYPE_KEY_AGREEMENT, + PopoPrivKey.GetInstance(new DerTaggedObject(false, PopoPrivKey.agreeMAC, _agreeMac), true))); + + } + else if (_popRaVerified != null) + { + v.Add(new ProofOfPossession()); + } + + return new CertificateRequestMessage(CertReqMsg.GetInstance(new DerSequence(v))); + } + } +} diff --git a/BouncyCastle/crypto/src/crmf/CrmfException.cs b/BouncyCastle/crypto/src/crmf/CrmfException.cs new file mode 100644 index 0000000..5ae13a0 --- /dev/null +++ b/BouncyCastle/crypto/src/crmf/CrmfException.cs @@ -0,0 +1,22 @@ +using System; + +namespace Org.BouncyCastle.Crmf +{ + public class CrmfException + : Exception + { + public CrmfException() + { + } + + public CrmfException(string message) + : base(message) + { + } + + public CrmfException(string message, Exception innerException) + : base(message, innerException) + { + } + } +} diff --git a/BouncyCastle/crypto/src/crmf/DefaultPKMacPrimitivesProvider.cs b/BouncyCastle/crypto/src/crmf/DefaultPKMacPrimitivesProvider.cs new file mode 100644 index 0000000..01e196e --- /dev/null +++ b/BouncyCastle/crypto/src/crmf/DefaultPKMacPrimitivesProvider.cs @@ -0,0 +1,22 @@ +using System; + +using Org.BouncyCastle.Asn1.X509; +using Org.BouncyCastle.Crypto; +using Org.BouncyCastle.Security; + +namespace Org.BouncyCastle.Crmf +{ + public class DefaultPKMacPrimitivesProvider + : IPKMacPrimitivesProvider + { + public IDigest CreateDigest(AlgorithmIdentifier digestAlg) + { + return DigestUtilities.GetDigest(digestAlg.Algorithm); + } + + public IMac CreateMac(AlgorithmIdentifier macAlg) + { + return MacUtilities.GetMac(macAlg.Algorithm); + } + } +} diff --git a/BouncyCastle/crypto/src/crmf/EncryptedValueBuilder.cs b/BouncyCastle/crypto/src/crmf/EncryptedValueBuilder.cs new file mode 100644 index 0000000..d958969 --- /dev/null +++ b/BouncyCastle/crypto/src/crmf/EncryptedValueBuilder.cs @@ -0,0 +1,161 @@ +using System; +using System.Collections; +using System.IO; +using System.Text; + +using Org.BouncyCastle.Asn1; +using Org.BouncyCastle.Asn1.Crmf; +using Org.BouncyCastle.Asn1.Nist; +using Org.BouncyCastle.Asn1.Pkcs; +using Org.BouncyCastle.Asn1.X509; +using Org.BouncyCastle.Crypto; +using Org.BouncyCastle.Crypto.Engines; +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Pkcs; +using Org.BouncyCastle.Utilities; +using Org.BouncyCastle.Utilities.IO; +using Org.BouncyCastle.X509; + +namespace Org.BouncyCastle.Crmf +{ + public class EncryptedValueBuilder + { + private readonly IKeyWrapper wrapper; + private readonly ICipherBuilderWithKey encryptor; + private readonly IEncryptedValuePadder padder; + + /// + /// Create a builder that makes EncryptedValue structures. + /// + /// wrapper a wrapper for key used to encrypt the actual data contained in the EncryptedValue. + /// encryptor an output encryptor to encrypt the actual data contained in the EncryptedValue. + /// + public EncryptedValueBuilder(IKeyWrapper wrapper, ICipherBuilderWithKey encryptor) + : this(wrapper, encryptor, null) + { + } + + /// + /// Create a builder that makes EncryptedValue structures with fixed length blocks padded using the passed in padder. + /// + /// a wrapper for key used to encrypt the actual data contained in the EncryptedValue. + /// encryptor an output encryptor to encrypt the actual data contained in the EncryptedValue. + /// padder a padder to ensure that the EncryptedValue created will always be a constant length. + /// + public EncryptedValueBuilder(IKeyWrapper wrapper, ICipherBuilderWithKey encryptor, IEncryptedValuePadder padder) + { + this.wrapper = wrapper; + this.encryptor = encryptor; + this.padder = padder; + } + + /// + /// Build an EncryptedValue structure containing the passed in pass phrase. + /// + /// a revocation pass phrase. + ///an EncryptedValue containing the encrypted pass phrase. + /// + public EncryptedValue Build(char[] revocationPassphrase) + { + return EncryptData(PadData(Strings.ToUtf8ByteArray(revocationPassphrase))); + } + + /// + /// Build an EncryptedValue structure containing the certificate contained in + /// the passed in holder. + /// + /// a holder containing a certificate. + /// an EncryptedValue containing the encrypted certificate. + /// on a failure to encrypt the data, or wrap the symmetric key for this value. + /// + public EncryptedValue Build(X509Certificate holder) + { + try + { + return EncryptData(PadData(holder.GetEncoded())); + } + catch (IOException e) + { + throw new CrmfException("cannot encode certificate: " + e.Message, e); + } + } + + /// + /// Build an EncryptedValue structure containing the private key contained in + /// the passed info structure. + /// + /// a PKCS#8 private key info structure. + /// an EncryptedValue containing an EncryptedPrivateKeyInfo structure. + /// on a failure to encrypt the data, or wrap the symmetric key for this value. + /// + public EncryptedValue Build(PrivateKeyInfo privateKeyInfo) + { + Pkcs8EncryptedPrivateKeyInfoBuilder encInfoBldr = new Pkcs8EncryptedPrivateKeyInfoBuilder(privateKeyInfo); + + AlgorithmIdentifier intendedAlg = privateKeyInfo.PrivateKeyAlgorithm; + AlgorithmIdentifier symmAlg = (AlgorithmIdentifier)encryptor.AlgorithmDetails; + DerBitString encSymmKey; + + try + { + Pkcs8EncryptedPrivateKeyInfo encInfo = encInfoBldr.Build(encryptor); + + encSymmKey = new DerBitString(wrapper.Wrap(((KeyParameter)encryptor.Key).GetKey()).Collect()); + + AlgorithmIdentifier keyAlg = (AlgorithmIdentifier)wrapper.AlgorithmDetails; + Asn1OctetString valueHint = null; + + return new EncryptedValue(intendedAlg, symmAlg, encSymmKey, keyAlg, valueHint, new DerBitString(encInfo.GetEncryptedData())); + } + catch (Exception e) + { + throw new CrmfException("cannot wrap key: " + e.Message, e); + } + } + + private EncryptedValue EncryptData(byte[] data) + { + MemoryOutputStream bOut = new MemoryOutputStream(); + Stream eOut = encryptor.BuildCipher(bOut).Stream; + + try + { + eOut.Write(data, 0, data.Length); + Platform.Dispose(eOut); + } + catch (IOException e) + { + throw new CrmfException("cannot process data: " + e.Message, e); + } + + AlgorithmIdentifier intendedAlg = null; + AlgorithmIdentifier symmAlg = (AlgorithmIdentifier)encryptor.AlgorithmDetails; + + DerBitString encSymmKey; + try + { + encSymmKey = new DerBitString(wrapper.Wrap(((KeyParameter)encryptor.Key).GetKey()).Collect()); + } + catch (Exception e) + { + throw new CrmfException("cannot wrap key: " + e.Message, e); + } + + AlgorithmIdentifier keyAlg = (AlgorithmIdentifier)wrapper.AlgorithmDetails; + Asn1OctetString valueHint = null; + DerBitString encValue = new DerBitString(bOut.ToArray()); + + return new EncryptedValue(intendedAlg, symmAlg, encSymmKey, keyAlg, valueHint, encValue); + } + + private byte[] PadData(byte[] data) + { + if (padder != null) + { + return padder.GetPaddedData(data); + } + + return data; + } + } +} diff --git a/BouncyCastle/crypto/src/crmf/IControl.cs b/BouncyCastle/crypto/src/crmf/IControl.cs new file mode 100644 index 0000000..9a29ac1 --- /dev/null +++ b/BouncyCastle/crypto/src/crmf/IControl.cs @@ -0,0 +1,22 @@ +using System; + +using Org.BouncyCastle.Asn1; + +namespace Org.BouncyCastle.Crmf +{ + /// + /// Generic interface for a CertificateRequestMessage control value. + /// + public interface IControl + { + /// + /// Return the type of this control. + /// + DerObjectIdentifier Type { get; } + + /// + /// Return the value contained in this control object. + /// + Asn1Encodable Value { get; } + } +} diff --git a/BouncyCastle/crypto/src/crmf/IEncryptedValuePadder.cs b/BouncyCastle/crypto/src/crmf/IEncryptedValuePadder.cs new file mode 100644 index 0000000..b898614 --- /dev/null +++ b/BouncyCastle/crypto/src/crmf/IEncryptedValuePadder.cs @@ -0,0 +1,27 @@ +using System; + +namespace Org.BouncyCastle.Crmf +{ + /// + /// An encrypted value padder is used to make sure that prior to a value been + /// encrypted the data is padded to a standard length. + /// + public interface IEncryptedValuePadder + { + /// + /// Return a byte array of padded data. + /// + /// the data to be padded. + /// a padded byte array containing data. + /// + byte[] GetPaddedData(byte[] data); + + /// + /// Return a byte array of with padding removed. + /// + /// the data to be padded. + /// an array containing the original unpadded data. + /// + byte[] GetUnpaddedData(byte[] paddedData); + } +} diff --git a/BouncyCastle/crypto/src/crmf/IPKMacPrimitivesProvider.cs b/BouncyCastle/crypto/src/crmf/IPKMacPrimitivesProvider.cs new file mode 100644 index 0000000..08f6a62 --- /dev/null +++ b/BouncyCastle/crypto/src/crmf/IPKMacPrimitivesProvider.cs @@ -0,0 +1,14 @@ +using System; + +using Org.BouncyCastle.Asn1.X509; +using Org.BouncyCastle.Crypto; + +namespace Org.BouncyCastle.Crmf +{ + public interface IPKMacPrimitivesProvider + { + IDigest CreateDigest(AlgorithmIdentifier digestAlg); + + IMac CreateMac(AlgorithmIdentifier macAlg); + } +} diff --git a/BouncyCastle/crypto/src/crmf/PKMacBuilder.cs b/BouncyCastle/crypto/src/crmf/PKMacBuilder.cs new file mode 100644 index 0000000..156936e --- /dev/null +++ b/BouncyCastle/crypto/src/crmf/PKMacBuilder.cs @@ -0,0 +1,280 @@ +using System; +using System.IO; + +using Org.BouncyCastle.Asn1; +using Org.BouncyCastle.Asn1.Cmp; +using Org.BouncyCastle.Asn1.Iana; +using Org.BouncyCastle.Asn1.Oiw; +using Org.BouncyCastle.Asn1.X509; +using Org.BouncyCastle.Crypto; +using Org.BouncyCastle.Crypto.IO; +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Security; +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Crmf +{ + internal class PKMacStreamCalculator + : IStreamCalculator + { + private readonly MacSink _stream; + + public PKMacStreamCalculator(IMac mac) + { + _stream = new MacSink(mac); + } + + public Stream Stream + { + get { return _stream; } + } + + public object GetResult() + { + return new DefaultPKMacResult(_stream.Mac); + } + } + + internal class PKMacFactory + : IMacFactory + { + protected readonly PbmParameter parameters; + private readonly byte[] key; + + public PKMacFactory(byte[] key, PbmParameter parameters) + { + this.key = Arrays.Clone(key); + this.parameters = parameters; + } + + public virtual object AlgorithmDetails + { + get { return new AlgorithmIdentifier(CmpObjectIdentifiers.passwordBasedMac, parameters); } + } + + public virtual IStreamCalculator CreateCalculator() + { + IMac mac = MacUtilities.GetMac(parameters.Mac.Algorithm); + mac.Init(new KeyParameter(key)); + return new PKMacStreamCalculator(mac); + } + } + + internal class DefaultPKMacResult + : IBlockResult + { + private readonly IMac mac; + + public DefaultPKMacResult(IMac mac) + { + this.mac = mac; + } + + public byte[] Collect() + { + byte[] res = new byte[mac.GetMacSize()]; + mac.DoFinal(res, 0); + return res; + } + + public int Collect(byte[] sig, int sigOff) + { + byte[] signature = Collect(); + signature.CopyTo(sig, sigOff); + return signature.Length; + } + } + + public class PKMacBuilder + { + private AlgorithmIdentifier owf; + private AlgorithmIdentifier mac; + private IPKMacPrimitivesProvider provider; + private SecureRandom random; + private PbmParameter parameters; + private int iterationCount; + private int saltLength = 20; + private int maxIterations; + + /// + /// Default, IterationCount = 1000, OIW=IdSha1, Mac=HmacSHA1 + /// + public PKMacBuilder() : + this(new AlgorithmIdentifier(OiwObjectIdentifiers.IdSha1), 1000, new AlgorithmIdentifier(IanaObjectIdentifiers.HmacSha1, DerNull.Instance), new DefaultPKMacPrimitivesProvider()) + { + } + + /// + /// Defaults with IPKMacPrimitivesProvider + /// + /// + public PKMacBuilder(IPKMacPrimitivesProvider provider) : + this(new AlgorithmIdentifier(OiwObjectIdentifiers.IdSha1), 1000, new AlgorithmIdentifier(IanaObjectIdentifiers.HmacSha1, DerNull.Instance), provider) + { + } + + /// + /// Create. + /// + /// The Mac provider + /// Digest Algorithm Id + /// Mac Algorithm Id + public PKMacBuilder(IPKMacPrimitivesProvider provider, AlgorithmIdentifier digestAlgorithmIdentifier, AlgorithmIdentifier macAlgorithmIdentifier) : + this(digestAlgorithmIdentifier, 1000, macAlgorithmIdentifier, provider) + { + } + + /// + /// Create a PKMAC builder enforcing a ceiling on the maximum iteration count. + /// + /// supporting calculator + /// max allowable value for iteration count. + public PKMacBuilder(IPKMacPrimitivesProvider provider, int maxIterations) + { + this.provider = provider; + this.maxIterations = maxIterations; + } + + private PKMacBuilder(AlgorithmIdentifier digestAlgorithmIdentifier, int iterationCount, AlgorithmIdentifier macAlgorithmIdentifier, IPKMacPrimitivesProvider provider) + { + this.iterationCount = iterationCount; + this.mac = macAlgorithmIdentifier; + this.owf = digestAlgorithmIdentifier; + this.provider = provider; + } + + /** + * Set the salt length in octets. + * + * @param saltLength length in octets of the salt to be generated. + * @return the generator + */ + public PKMacBuilder SetSaltLength(int saltLength) + { + if (saltLength < 8) + throw new ArgumentException("salt length must be at least 8 bytes"); + + this.saltLength = saltLength; + + return this; + } + + /// + /// Set the iteration count. + /// + /// the iteration count. + /// this + /// if iteration count is less than 100 + public PKMacBuilder SetIterationCount(int iterationCount) + { + if (iterationCount < 100) + throw new ArgumentException("iteration count must be at least 100"); + + CheckIterationCountCeiling(iterationCount); + + this.iterationCount = iterationCount; + + return this; + } + + /// + /// Set PbmParameters + /// + /// The parameters. + /// this + public PKMacBuilder SetParameters(PbmParameter parameters) + { + CheckIterationCountCeiling(parameters.IterationCount.IntValueExact); + + this.parameters = parameters; + + return this; + } + + /// + /// The Secure random + /// + /// The random. + /// this + public PKMacBuilder SetSecureRandom(SecureRandom random) + { + this.random = random; + + return this; + } + + /// + /// Build an IMacFactory. + /// + /// The password. + /// IMacFactory + public IMacFactory Build(char[] password) + { + if (parameters != null) + return GenCalculator(parameters, password); + + byte[] salt = new byte[saltLength]; + + if (random == null) + { + this.random = new SecureRandom(); + } + + random.NextBytes(salt); + + return GenCalculator(new PbmParameter(salt, owf, iterationCount, mac), password); + } + + private void CheckIterationCountCeiling(int iterationCount) + { + if (maxIterations > 0 && iterationCount > maxIterations) + throw new ArgumentException("iteration count exceeds limit (" + iterationCount + " > " + maxIterations + ")"); + } + + private IMacFactory GenCalculator(PbmParameter parameters, char[] password) + { + // From RFC 4211 + // + // 1. Generate a random salt value S + // + // 2. Append the salt to the pw. K = pw || salt. + // + // 3. Hash the value of K. K = HASH(K) + // + // 4. Iter = Iter - 1. If Iter is greater than zero. Goto step 3. + // + // 5. Compute an HMAC as documented in [HMAC]. + // + // MAC = HASH( K XOR opad, HASH( K XOR ipad, data) ) + // + // Where opad and ipad are defined in [HMAC]. + byte[] pw = Strings.ToUtf8ByteArray(password); + byte[] salt = parameters.Salt.GetOctets(); + byte[] K = new byte[pw.Length + salt.Length]; + + Array.Copy(pw, 0, K, 0, pw.Length); + Array.Copy(salt, 0, K, pw.Length, salt.Length); + + IDigest digest = provider.CreateDigest(parameters.Owf); + + int iter = parameters.IterationCount.IntValueExact; + + digest.BlockUpdate(K, 0, K.Length); + + K = new byte[digest.GetDigestSize()]; + + digest.DoFinal(K, 0); + + while (--iter > 0) + { + digest.BlockUpdate(K, 0, K.Length); + + digest.DoFinal(K, 0); + } + + byte[] key = K; + + return new PKMacFactory(key, parameters); + } + } +} diff --git a/BouncyCastle/crypto/src/crmf/PkiArchiveControl.cs b/BouncyCastle/crypto/src/crmf/PkiArchiveControl.cs new file mode 100644 index 0000000..251b8db --- /dev/null +++ b/BouncyCastle/crypto/src/crmf/PkiArchiveControl.cs @@ -0,0 +1,94 @@ +using System; + +using Org.BouncyCastle.Asn1; +using Org.BouncyCastle.Asn1.Cms; +using Org.BouncyCastle.Asn1.Crmf; +using Org.BouncyCastle.Cms; + +namespace Org.BouncyCastle.Crmf +{ + public class PkiArchiveControl + : IControl + { + public static readonly int encryptedPrivKey = PkiArchiveOptions.encryptedPrivKey; + public static readonly int keyGenParameters = PkiArchiveOptions.keyGenParameters; + public static readonly int archiveRemGenPrivKey = PkiArchiveOptions.archiveRemGenPrivKey; + + private static readonly DerObjectIdentifier type = CrmfObjectIdentifiers.id_regCtrl_pkiArchiveOptions; + + private readonly PkiArchiveOptions pkiArchiveOptions; + + /// + /// Basic constructor - build from an PKIArchiveOptions structure. + /// + /// the ASN.1 structure that will underlie this control. + public PkiArchiveControl(PkiArchiveOptions pkiArchiveOptions) + { + this.pkiArchiveOptions = pkiArchiveOptions; + } + + /// + /// Return the type of this control. + /// + /// CRMFObjectIdentifiers.id_regCtrl_pkiArchiveOptions + public DerObjectIdentifier Type + { + + get { return type; } + } + + /// + /// Return the underlying ASN.1 object. + /// + /// a PKIArchiveOptions structure. + public Asn1Encodable Value + { + get { return pkiArchiveOptions; } + } + + /// + /// Return the archive control type, one of: encryptedPrivKey,keyGenParameters,or archiveRemGenPrivKey. + /// + /// the archive control type. + public int ArchiveType + { + get { return pkiArchiveOptions.Type; } + } + + /// + /// Return whether this control contains enveloped data. + /// + /// true if the control contains enveloped data, false otherwise. + public bool EnvelopedData + { + get + { + EncryptedKey encKey = EncryptedKey.GetInstance(pkiArchiveOptions.Value); + return !encKey.IsEncryptedValue; + } + } + + /// + /// Return the enveloped data structure contained in this control. + /// + /// a CMSEnvelopedData object. + public CmsEnvelopedData GetEnvelopedData() + { + try + { + EncryptedKey encKey = EncryptedKey.GetInstance(pkiArchiveOptions.Value); + EnvelopedData data = Org.BouncyCastle.Asn1.Cms.EnvelopedData.GetInstance(encKey.Value); + + return new CmsEnvelopedData(new ContentInfo(CmsObjectIdentifiers.EnvelopedData, data)); + } + catch (CmsException e) + { + throw new CrmfException("CMS parsing error: " + e.Message, e); + } + catch (Exception e) + { + throw new CrmfException("CRMF parsing error: " + e.Message, e); + } + } + } +} diff --git a/BouncyCastle/crypto/src/crmf/PkiArchiveControlBuilder.cs b/BouncyCastle/crypto/src/crmf/PkiArchiveControlBuilder.cs new file mode 100644 index 0000000..d79f3b5 --- /dev/null +++ b/BouncyCastle/crypto/src/crmf/PkiArchiveControlBuilder.cs @@ -0,0 +1,59 @@ +using System; +using System.IO; + +using Org.BouncyCastle.Asn1.Cms; +using Org.BouncyCastle.Asn1.Crmf; +using Org.BouncyCastle.Asn1.Pkcs; +using Org.BouncyCastle.Asn1.X509; +using Org.BouncyCastle.Cms; +using Org.BouncyCastle.Crypto; + +namespace Org.BouncyCastle.Crmf +{ + public class PkiArchiveControlBuilder + { + private CmsEnvelopedDataGenerator envGen; + private CmsProcessableByteArray keyContent; + + /// + ///Basic constructor - specify the contents of the PKIArchiveControl structure. + /// + /// the private key to be archived. + /// the general name to be associated with the private key. + /// + public PkiArchiveControlBuilder(PrivateKeyInfo privateKeyInfo, GeneralName generalName) + { + EncKeyWithID encKeyWithID = new EncKeyWithID(privateKeyInfo, generalName); + + try + { + this.keyContent = new CmsProcessableByteArray(CrmfObjectIdentifiers.id_ct_encKeyWithID, encKeyWithID.GetEncoded()); + } + catch (IOException e) + { + throw new InvalidOperationException("unable to encode key and general name info", e); + } + + this.envGen = new CmsEnvelopedDataGenerator(); + } + + ///Add a recipient generator to this control. + /// recipient generator created for a specific recipient. + ///this builder object. + public PkiArchiveControlBuilder AddRecipientGenerator(RecipientInfoGenerator recipientGen) + { + envGen.AddRecipientInfoGenerator(recipientGen); + return this; + } + + /// Build the PKIArchiveControl using the passed in encryptor to encrypt its contents. + /// a suitable content encryptor. + /// a PKIArchiveControl object. + public PkiArchiveControl Build(ICipherBuilderWithKey contentEncryptor) + { + CmsEnvelopedData envContent = envGen.Generate(keyContent, contentEncryptor); + EnvelopedData envD = EnvelopedData.GetInstance(envContent.ContentInfo.Content); + return new PkiArchiveControl(new PkiArchiveOptions(new EncryptedKey(envD))); + } + } +} diff --git a/BouncyCastle/crypto/src/crmf/ProofOfPossessionSigningKeyBuilder.cs b/BouncyCastle/crypto/src/crmf/ProofOfPossessionSigningKeyBuilder.cs new file mode 100644 index 0000000..b7a3ae0 --- /dev/null +++ b/BouncyCastle/crypto/src/crmf/ProofOfPossessionSigningKeyBuilder.cs @@ -0,0 +1,89 @@ +using System; + +using Org.BouncyCastle.Asn1; +using Org.BouncyCastle.Asn1.Crmf; +using Org.BouncyCastle.Asn1.X509; +using Org.BouncyCastle.Crypto; +using Org.BouncyCastle.Crypto.Operators; +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Crmf +{ + public class ProofOfPossessionSigningKeyBuilder + { + private CertRequest _certRequest; + private SubjectPublicKeyInfo _pubKeyInfo; + private GeneralName _name; + private PKMacValue _publicKeyMAC; + + public ProofOfPossessionSigningKeyBuilder(CertRequest certRequest) + { + this._certRequest = certRequest; + } + + public ProofOfPossessionSigningKeyBuilder(SubjectPublicKeyInfo pubKeyInfo) + { + this._pubKeyInfo = pubKeyInfo; + } + + public ProofOfPossessionSigningKeyBuilder SetSender(GeneralName name) + { + this._name = name; + + return this; + } + + public ProofOfPossessionSigningKeyBuilder SetPublicKeyMac(PKMacBuilder generator, char[] password) + { + IMacFactory fact = generator.Build(password); + + IStreamCalculator calc = fact.CreateCalculator(); + byte[] d = _pubKeyInfo.GetDerEncoded(); + calc.Stream.Write(d, 0, d.Length); + calc.Stream.Flush(); + Platform.Dispose(calc.Stream); + + this._publicKeyMAC = new PKMacValue( + (AlgorithmIdentifier)fact.AlgorithmDetails, + new DerBitString(((IBlockResult)calc.GetResult()).Collect())); + + return this; + } + + public PopoSigningKey Build(ISignatureFactory signer) + { + if (_name != null && _publicKeyMAC != null) + { + throw new InvalidOperationException("name and publicKeyMAC cannot both be set."); + } + + PopoSigningKeyInput popo; + byte[] b; + IStreamCalculator calc = signer.CreateCalculator(); + if (_certRequest != null) + { + popo = null; + b = _certRequest.GetDerEncoded(); + calc.Stream.Write(b, 0, b.Length); + + } + else if (_name != null) + { + popo = new PopoSigningKeyInput(_name, _pubKeyInfo); + b = popo.GetDerEncoded(); + calc.Stream.Write(b, 0, b.Length); + } + else + { + popo = new PopoSigningKeyInput(_publicKeyMAC, _pubKeyInfo); + b = popo.GetDerEncoded(); + calc.Stream.Write(b, 0, b.Length); + } + + calc.Stream.Flush(); + Platform.Dispose(calc.Stream); + DefaultSignatureResult res = (DefaultSignatureResult)calc.GetResult(); + return new PopoSigningKey(popo, (AlgorithmIdentifier)signer.AlgorithmDetails, new DerBitString(res.Collect())); + } + } +} diff --git a/BouncyCastle/crypto/src/crmf/RegTokenControl.cs b/BouncyCastle/crypto/src/crmf/RegTokenControl.cs new file mode 100644 index 0000000..4348409 --- /dev/null +++ b/BouncyCastle/crypto/src/crmf/RegTokenControl.cs @@ -0,0 +1,51 @@ +using System; + +using Org.BouncyCastle.Asn1; +using Org.BouncyCastle.Asn1.Crmf; + +namespace Org.BouncyCastle.Crmf +{ + public class RegTokenControl + : IControl + { + private static readonly DerObjectIdentifier type = CrmfObjectIdentifiers.id_regCtrl_regToken; + + private readonly DerUtf8String token; + + /// + /// Basic constructor - build from a UTF-8 string representing the token. + /// + /// UTF-8 string representing the token. + public RegTokenControl(DerUtf8String token) + { + this.token = token; + } + + /// + /// Basic constructor - build from a string representing the token. + /// + /// string representing the token. + public RegTokenControl(string token) + { + this.token = new DerUtf8String(token); + } + + /// + /// Return the type of this control. + /// + /// CRMFObjectIdentifiers.id_regCtrl_regToken + public DerObjectIdentifier Type + { + get { return type; } + } + + /// + /// Return the token associated with this control (a UTF8String). + /// + /// a UTF8String. + public Asn1Encodable Value + { + get { return token; } + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/AsymmetricCipherKeyPair.cs b/BouncyCastle/crypto/src/crypto/AsymmetricCipherKeyPair.cs new file mode 100644 index 0000000..b00a3dc --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/AsymmetricCipherKeyPair.cs @@ -0,0 +1,52 @@ +using System; + +namespace Org.BouncyCastle.Crypto +{ + /** + * a holding class for public/private parameter pairs. + */ + public class AsymmetricCipherKeyPair + { + private readonly AsymmetricKeyParameter publicParameter; + private readonly AsymmetricKeyParameter privateParameter; + + /** + * basic constructor. + * + * @param publicParam a public key parameters object. + * @param privateParam the corresponding private key parameters. + */ + public AsymmetricCipherKeyPair( + AsymmetricKeyParameter publicParameter, + AsymmetricKeyParameter privateParameter) + { + if (publicParameter.IsPrivate) + throw new ArgumentException("Expected a public key", "publicParameter"); + if (!privateParameter.IsPrivate) + throw new ArgumentException("Expected a private key", "privateParameter"); + + this.publicParameter = publicParameter; + this.privateParameter = privateParameter; + } + + /** + * return the public key parameters. + * + * @return the public key parameters. + */ + public AsymmetricKeyParameter Public + { + get { return publicParameter; } + } + + /** + * return the private key parameters. + * + * @return the private key parameters. + */ + public AsymmetricKeyParameter Private + { + get { return privateParameter; } + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/AsymmetricKeyParameter.cs b/BouncyCastle/crypto/src/crypto/AsymmetricKeyParameter.cs new file mode 100644 index 0000000..7502ee3 --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/AsymmetricKeyParameter.cs @@ -0,0 +1,47 @@ +using System; + +using Org.BouncyCastle.Crypto; + +namespace Org.BouncyCastle.Crypto +{ + public abstract class AsymmetricKeyParameter + : ICipherParameters + { + private readonly bool privateKey; + + protected AsymmetricKeyParameter( + bool privateKey) + { + this.privateKey = privateKey; + } + + public bool IsPrivate + { + get { return privateKey; } + } + + public override bool Equals( + object obj) + { + AsymmetricKeyParameter other = obj as AsymmetricKeyParameter; + + if (other == null) + { + return false; + } + + return Equals(other); + } + + protected bool Equals( + AsymmetricKeyParameter other) + { + return privateKey == other.privateKey; + } + + public override int GetHashCode() + { + return privateKey.GetHashCode(); + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/BufferedAeadBlockCipher.cs b/BouncyCastle/crypto/src/crypto/BufferedAeadBlockCipher.cs new file mode 100644 index 0000000..7ba4109 --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/BufferedAeadBlockCipher.cs @@ -0,0 +1,247 @@ +using System; + +using Org.BouncyCastle.Crypto.Modes; +using Org.BouncyCastle.Crypto.Parameters; + +namespace Org.BouncyCastle.Crypto +{ + /** + * The AEAD block ciphers already handle buffering internally, so this class + * just takes care of implementing IBufferedCipher methods. + */ + public class BufferedAeadBlockCipher + : BufferedCipherBase + { + private readonly IAeadBlockCipher cipher; + + public BufferedAeadBlockCipher( + IAeadBlockCipher cipher) + { + if (cipher == null) + throw new ArgumentNullException("cipher"); + + this.cipher = cipher; + } + + public override string AlgorithmName + { + get { return cipher.AlgorithmName; } + } + + /** + * initialise the cipher. + * + * @param forEncryption if true the cipher is initialised for + * encryption, if false for decryption. + * @param param the key and other data required by the cipher. + * @exception ArgumentException if the parameters argument is + * inappropriate. + */ + public override void Init( + bool forEncryption, + ICipherParameters parameters) + { + if (parameters is ParametersWithRandom) + { + parameters = ((ParametersWithRandom) parameters).Parameters; + } + + cipher.Init(forEncryption, parameters); + } + + /** + * return the blocksize for the underlying cipher. + * + * @return the blocksize for the underlying cipher. + */ + public override int GetBlockSize() + { + return cipher.GetBlockSize(); + } + + /** + * return the size of the output buffer required for an update + * an input of len bytes. + * + * @param len the length of the input. + * @return the space required to accommodate a call to update + * with len bytes of input. + */ + public override int GetUpdateOutputSize( + int length) + { + return cipher.GetUpdateOutputSize(length); + } + + /** + * return the size of the output buffer required for an update plus a + * doFinal with an input of len bytes. + * + * @param len the length of the input. + * @return the space required to accommodate a call to update and doFinal + * with len bytes of input. + */ + public override int GetOutputSize( + int length) + { + return cipher.GetOutputSize(length); + } + + /** + * process a single byte, producing an output block if necessary. + * + * @param in the input byte. + * @param out the space for any output that might be produced. + * @param outOff the offset from which the output will be copied. + * @return the number of output bytes copied to out. + * @exception DataLengthException if there isn't enough space in out. + * @exception InvalidOperationException if the cipher isn't initialised. + */ + public override int ProcessByte( + byte input, + byte[] output, + int outOff) + { + return cipher.ProcessByte(input, output, outOff); + } + + public override byte[] ProcessByte( + byte input) + { + int outLength = GetUpdateOutputSize(1); + + byte[] outBytes = outLength > 0 ? new byte[outLength] : null; + + int pos = ProcessByte(input, outBytes, 0); + + if (outLength > 0 && pos < outLength) + { + byte[] tmp = new byte[pos]; + Array.Copy(outBytes, 0, tmp, 0, pos); + outBytes = tmp; + } + + return outBytes; + } + + public override byte[] ProcessBytes( + byte[] input, + int inOff, + int length) + { + if (input == null) + throw new ArgumentNullException("input"); + if (length < 1) + return null; + + int outLength = GetUpdateOutputSize(length); + + byte[] outBytes = outLength > 0 ? new byte[outLength] : null; + + int pos = ProcessBytes(input, inOff, length, outBytes, 0); + + if (outLength > 0 && pos < outLength) + { + byte[] tmp = new byte[pos]; + Array.Copy(outBytes, 0, tmp, 0, pos); + outBytes = tmp; + } + + return outBytes; + } + + /** + * process an array of bytes, producing output if necessary. + * + * @param in the input byte array. + * @param inOff the offset at which the input data starts. + * @param len the number of bytes to be copied out of the input array. + * @param out the space for any output that might be produced. + * @param outOff the offset from which the output will be copied. + * @return the number of output bytes copied to out. + * @exception DataLengthException if there isn't enough space in out. + * @exception InvalidOperationException if the cipher isn't initialised. + */ + public override int ProcessBytes( + byte[] input, + int inOff, + int length, + byte[] output, + int outOff) + { + return cipher.ProcessBytes(input, inOff, length, output, outOff); + } + + public override byte[] DoFinal() + { + byte[] outBytes = new byte[GetOutputSize(0)]; + + int pos = DoFinal(outBytes, 0); + + if (pos < outBytes.Length) + { + byte[] tmp = new byte[pos]; + Array.Copy(outBytes, 0, tmp, 0, pos); + outBytes = tmp; + } + + return outBytes; + } + + public override byte[] DoFinal( + byte[] input, + int inOff, + int inLen) + { + if (input == null) + throw new ArgumentNullException("input"); + + byte[] outBytes = new byte[GetOutputSize(inLen)]; + + int pos = (inLen > 0) + ? ProcessBytes(input, inOff, inLen, outBytes, 0) + : 0; + + pos += DoFinal(outBytes, pos); + + if (pos < outBytes.Length) + { + byte[] tmp = new byte[pos]; + Array.Copy(outBytes, 0, tmp, 0, pos); + outBytes = tmp; + } + + return outBytes; + } + + /** + * Process the last block in the buffer. + * + * @param out the array the block currently being held is copied into. + * @param outOff the offset at which the copying starts. + * @return the number of output bytes copied to out. + * @exception DataLengthException if there is insufficient space in out for + * the output, or the input is not block size aligned and should be. + * @exception InvalidOperationException if the underlying cipher is not + * initialised. + * @exception InvalidCipherTextException if padding is expected and not found. + * @exception DataLengthException if the input is not block size + * aligned. + */ + public override int DoFinal( + byte[] output, + int outOff) + { + return cipher.DoFinal(output, outOff); + } + + /** + * Reset the buffer and cipher. After resetting the object is in the same + * state as it was after the last init (if there was one). + */ + public override void Reset() + { + cipher.Reset(); + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/BufferedAeadCipher.cs b/BouncyCastle/crypto/src/crypto/BufferedAeadCipher.cs new file mode 100644 index 0000000..c689c1e --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/BufferedAeadCipher.cs @@ -0,0 +1,246 @@ +using System; + +using Org.BouncyCastle.Crypto.Modes; +using Org.BouncyCastle.Crypto.Parameters; + +namespace Org.BouncyCastle.Crypto +{ + /** + * The AEAD ciphers already handle buffering internally, so this class + * just takes care of implementing IBufferedCipher methods. + */ + public class BufferedAeadCipher + : BufferedCipherBase + { + private readonly IAeadCipher cipher; + + public BufferedAeadCipher(IAeadCipher cipher) + { + if (cipher == null) + throw new ArgumentNullException("cipher"); + + this.cipher = cipher; + } + + public override string AlgorithmName + { + get { return cipher.AlgorithmName; } + } + + /** + * initialise the cipher. + * + * @param forEncryption if true the cipher is initialised for + * encryption, if false for decryption. + * @param param the key and other data required by the cipher. + * @exception ArgumentException if the parameters argument is + * inappropriate. + */ + public override void Init( + bool forEncryption, + ICipherParameters parameters) + { + if (parameters is ParametersWithRandom) + { + parameters = ((ParametersWithRandom)parameters).Parameters; + } + + cipher.Init(forEncryption, parameters); + } + + /** + * return the blocksize for the underlying cipher. + * + * @return the blocksize for the underlying cipher. + */ + public override int GetBlockSize() + { + return 0; + } + + /** + * return the size of the output buffer required for an update + * an input of len bytes. + * + * @param len the length of the input. + * @return the space required to accommodate a call to update + * with len bytes of input. + */ + public override int GetUpdateOutputSize( + int length) + { + return cipher.GetUpdateOutputSize(length); + } + + /** + * return the size of the output buffer required for an update plus a + * doFinal with an input of len bytes. + * + * @param len the length of the input. + * @return the space required to accommodate a call to update and doFinal + * with len bytes of input. + */ + public override int GetOutputSize( + int length) + { + return cipher.GetOutputSize(length); + } + + /** + * process a single byte, producing an output block if necessary. + * + * @param in the input byte. + * @param out the space for any output that might be produced. + * @param outOff the offset from which the output will be copied. + * @return the number of output bytes copied to out. + * @exception DataLengthException if there isn't enough space in out. + * @exception InvalidOperationException if the cipher isn't initialised. + */ + public override int ProcessByte( + byte input, + byte[] output, + int outOff) + { + return cipher.ProcessByte(input, output, outOff); + } + + public override byte[] ProcessByte( + byte input) + { + int outLength = GetUpdateOutputSize(1); + + byte[] outBytes = outLength > 0 ? new byte[outLength] : null; + + int pos = ProcessByte(input, outBytes, 0); + + if (outLength > 0 && pos < outLength) + { + byte[] tmp = new byte[pos]; + Array.Copy(outBytes, 0, tmp, 0, pos); + outBytes = tmp; + } + + return outBytes; + } + + public override byte[] ProcessBytes( + byte[] input, + int inOff, + int length) + { + if (input == null) + throw new ArgumentNullException("input"); + if (length < 1) + return null; + + int outLength = GetUpdateOutputSize(length); + + byte[] outBytes = outLength > 0 ? new byte[outLength] : null; + + int pos = ProcessBytes(input, inOff, length, outBytes, 0); + + if (outLength > 0 && pos < outLength) + { + byte[] tmp = new byte[pos]; + Array.Copy(outBytes, 0, tmp, 0, pos); + outBytes = tmp; + } + + return outBytes; + } + + /** + * process an array of bytes, producing output if necessary. + * + * @param in the input byte array. + * @param inOff the offset at which the input data starts. + * @param len the number of bytes to be copied out of the input array. + * @param out the space for any output that might be produced. + * @param outOff the offset from which the output will be copied. + * @return the number of output bytes copied to out. + * @exception DataLengthException if there isn't enough space in out. + * @exception InvalidOperationException if the cipher isn't initialised. + */ + public override int ProcessBytes( + byte[] input, + int inOff, + int length, + byte[] output, + int outOff) + { + return cipher.ProcessBytes(input, inOff, length, output, outOff); + } + + public override byte[] DoFinal() + { + byte[] outBytes = new byte[GetOutputSize(0)]; + + int pos = DoFinal(outBytes, 0); + + if (pos < outBytes.Length) + { + byte[] tmp = new byte[pos]; + Array.Copy(outBytes, 0, tmp, 0, pos); + outBytes = tmp; + } + + return outBytes; + } + + public override byte[] DoFinal( + byte[] input, + int inOff, + int inLen) + { + if (input == null) + throw new ArgumentNullException("input"); + + byte[] outBytes = new byte[GetOutputSize(inLen)]; + + int pos = (inLen > 0) + ? ProcessBytes(input, inOff, inLen, outBytes, 0) + : 0; + + pos += DoFinal(outBytes, pos); + + if (pos < outBytes.Length) + { + byte[] tmp = new byte[pos]; + Array.Copy(outBytes, 0, tmp, 0, pos); + outBytes = tmp; + } + + return outBytes; + } + + /** + * Process the last block in the buffer. + * + * @param out the array the block currently being held is copied into. + * @param outOff the offset at which the copying starts. + * @return the number of output bytes copied to out. + * @exception DataLengthException if there is insufficient space in out for + * the output, or the input is not block size aligned and should be. + * @exception InvalidOperationException if the underlying cipher is not + * initialised. + * @exception InvalidCipherTextException if padding is expected and not found. + * @exception DataLengthException if the input is not block size + * aligned. + */ + public override int DoFinal( + byte[] output, + int outOff) + { + return cipher.DoFinal(output, outOff); + } + + /** + * Reset the buffer and cipher. After resetting the object is in the same + * state as it was after the last init (if there was one). + */ + public override void Reset() + { + cipher.Reset(); + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/BufferedAsymmetricBlockCipher.cs b/BouncyCastle/crypto/src/crypto/BufferedAsymmetricBlockCipher.cs new file mode 100644 index 0000000..09ec59f --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/BufferedAsymmetricBlockCipher.cs @@ -0,0 +1,152 @@ +using System; +using System.Diagnostics; + +using Org.BouncyCastle.Crypto.Engines; + +namespace Org.BouncyCastle.Crypto +{ + /** + * a buffer wrapper for an asymmetric block cipher, allowing input + * to be accumulated in a piecemeal fashion until final processing. + */ + public class BufferedAsymmetricBlockCipher + : BufferedCipherBase + { + private readonly IAsymmetricBlockCipher cipher; + + private byte[] buffer; + private int bufOff; + + /** + * base constructor. + * + * @param cipher the cipher this buffering object wraps. + */ + public BufferedAsymmetricBlockCipher( + IAsymmetricBlockCipher cipher) + { + this.cipher = cipher; + } + + /** + * return the amount of data sitting in the buffer. + * + * @return the amount of data sitting in the buffer. + */ + internal int GetBufferPosition() + { + return bufOff; + } + + public override string AlgorithmName + { + get { return cipher.AlgorithmName; } + } + + public override int GetBlockSize() + { + return cipher.GetInputBlockSize(); + } + + public override int GetOutputSize( + int length) + { + return cipher.GetOutputBlockSize(); + } + + public override int GetUpdateOutputSize( + int length) + { + return 0; + } + + /** + * initialise the buffer and the underlying cipher. + * + * @param forEncryption if true the cipher is initialised for + * encryption, if false for decryption. + * @param param the key and other data required by the cipher. + */ + public override void Init( + bool forEncryption, + ICipherParameters parameters) + { + Reset(); + + cipher.Init(forEncryption, parameters); + + // + // we allow for an extra byte where people are using their own padding + // mechanisms on a raw cipher. + // + this.buffer = new byte[cipher.GetInputBlockSize() + (forEncryption ? 1 : 0)]; + this.bufOff = 0; + } + + public override byte[] ProcessByte( + byte input) + { + if (bufOff >= buffer.Length) + throw new DataLengthException("attempt to process message to long for cipher"); + + buffer[bufOff++] = input; + return null; + } + + public override byte[] ProcessBytes( + byte[] input, + int inOff, + int length) + { + if (length < 1) + return null; + + if (input == null) + throw new ArgumentNullException("input"); + if (bufOff + length > buffer.Length) + throw new DataLengthException("attempt to process message to long for cipher"); + + Array.Copy(input, inOff, buffer, bufOff, length); + bufOff += length; + return null; + } + + /** + * process the contents of the buffer using the underlying + * cipher. + * + * @return the result of the encryption/decryption process on the + * buffer. + * @exception InvalidCipherTextException if we are given a garbage block. + */ + public override byte[] DoFinal() + { + byte[] outBytes = bufOff > 0 + ? cipher.ProcessBlock(buffer, 0, bufOff) + : EmptyBuffer; + + Reset(); + + return outBytes; + } + + public override byte[] DoFinal( + byte[] input, + int inOff, + int length) + { + ProcessBytes(input, inOff, length); + return DoFinal(); + } + + /// Reset the buffer + public override void Reset() + { + if (buffer != null) + { + Array.Clear(buffer, 0, buffer.Length); + bufOff = 0; + } + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/BufferedBlockCipher.cs b/BouncyCastle/crypto/src/crypto/BufferedBlockCipher.cs new file mode 100644 index 0000000..c87d2da --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/BufferedBlockCipher.cs @@ -0,0 +1,367 @@ +using System; +using System.Diagnostics; + +using Org.BouncyCastle.Crypto.Parameters; + +namespace Org.BouncyCastle.Crypto +{ + /** + * A wrapper class that allows block ciphers to be used to process data in + * a piecemeal fashion. The BufferedBlockCipher outputs a block only when the + * buffer is full and more data is being added, or on a doFinal. + *

+ * Note: in the case where the underlying cipher is either a CFB cipher or an + * OFB one the last block may not be a multiple of the block size. + *

+ */ + public class BufferedBlockCipher + : BufferedCipherBase + { + internal byte[] buf; + internal int bufOff; + internal bool forEncryption; + internal IBlockCipher cipher; + + /** + * constructor for subclasses + */ + protected BufferedBlockCipher() + { + } + + /** + * Create a buffered block cipher without padding. + * + * @param cipher the underlying block cipher this buffering object wraps. + * false otherwise. + */ + public BufferedBlockCipher( + IBlockCipher cipher) + { + if (cipher == null) + throw new ArgumentNullException("cipher"); + + this.cipher = cipher; + buf = new byte[cipher.GetBlockSize()]; + bufOff = 0; + } + + public override string AlgorithmName + { + get { return cipher.AlgorithmName; } + } + + /** + * initialise the cipher. + * + * @param forEncryption if true the cipher is initialised for + * encryption, if false for decryption. + * @param param the key and other data required by the cipher. + * @exception ArgumentException if the parameters argument is + * inappropriate. + */ + // Note: This doubles as the Init in the event that this cipher is being used as an IWrapper + public override void Init( + bool forEncryption, + ICipherParameters parameters) + { + this.forEncryption = forEncryption; + + ParametersWithRandom pwr = parameters as ParametersWithRandom; + if (pwr != null) + parameters = pwr.Parameters; + + Reset(); + + cipher.Init(forEncryption, parameters); + } + + /** + * return the blocksize for the underlying cipher. + * + * @return the blocksize for the underlying cipher. + */ + public override int GetBlockSize() + { + return cipher.GetBlockSize(); + } + + /** + * return the size of the output buffer required for an update + * an input of len bytes. + * + * @param len the length of the input. + * @return the space required to accommodate a call to update + * with len bytes of input. + */ + public override int GetUpdateOutputSize( + int length) + { + int total = length + bufOff; + int leftOver = total % buf.Length; + return total - leftOver; + } + + /** + * return the size of the output buffer required for an update plus a + * doFinal with an input of len bytes. + * + * @param len the length of the input. + * @return the space required to accommodate a call to update and doFinal + * with len bytes of input. + */ + public override int GetOutputSize( + int length) + { + // Note: Can assume IsPartialBlockOkay is true for purposes of this calculation + return length + bufOff; + } + + /** + * process a single byte, producing an output block if necessary. + * + * @param in the input byte. + * @param out the space for any output that might be produced. + * @param outOff the offset from which the output will be copied. + * @return the number of output bytes copied to out. + * @exception DataLengthException if there isn't enough space in out. + * @exception InvalidOperationException if the cipher isn't initialised. + */ + public override int ProcessByte( + byte input, + byte[] output, + int outOff) + { + buf[bufOff++] = input; + + if (bufOff == buf.Length) + { + if ((outOff + buf.Length) > output.Length) + throw new DataLengthException("output buffer too short"); + + bufOff = 0; + return cipher.ProcessBlock(buf, 0, output, outOff); + } + + return 0; + } + + public override byte[] ProcessByte( + byte input) + { + int outLength = GetUpdateOutputSize(1); + + byte[] outBytes = outLength > 0 ? new byte[outLength] : null; + + int pos = ProcessByte(input, outBytes, 0); + + if (outLength > 0 && pos < outLength) + { + byte[] tmp = new byte[pos]; + Array.Copy(outBytes, 0, tmp, 0, pos); + outBytes = tmp; + } + + return outBytes; + } + + public override byte[] ProcessBytes( + byte[] input, + int inOff, + int length) + { + if (input == null) + throw new ArgumentNullException("input"); + if (length < 1) + return null; + + int outLength = GetUpdateOutputSize(length); + + byte[] outBytes = outLength > 0 ? new byte[outLength] : null; + + int pos = ProcessBytes(input, inOff, length, outBytes, 0); + + if (outLength > 0 && pos < outLength) + { + byte[] tmp = new byte[pos]; + Array.Copy(outBytes, 0, tmp, 0, pos); + outBytes = tmp; + } + + return outBytes; + } + + /** + * process an array of bytes, producing output if necessary. + * + * @param in the input byte array. + * @param inOff the offset at which the input data starts. + * @param len the number of bytes to be copied out of the input array. + * @param out the space for any output that might be produced. + * @param outOff the offset from which the output will be copied. + * @return the number of output bytes copied to out. + * @exception DataLengthException if there isn't enough space in out. + * @exception InvalidOperationException if the cipher isn't initialised. + */ + public override int ProcessBytes( + byte[] input, + int inOff, + int length, + byte[] output, + int outOff) + { + if (length < 1) + { + if (length < 0) + throw new ArgumentException("Can't have a negative input length!"); + + return 0; + } + + int blockSize = GetBlockSize(); + int outLength = GetUpdateOutputSize(length); + + if (outLength > 0) + { + Check.OutputLength(output, outOff, outLength, "output buffer too short"); + } + + int resultLen = 0; + int gapLen = buf.Length - bufOff; + if (length > gapLen) + { + Array.Copy(input, inOff, buf, bufOff, gapLen); + resultLen += cipher.ProcessBlock(buf, 0, output, outOff); + bufOff = 0; + length -= gapLen; + inOff += gapLen; + while (length > buf.Length) + { + resultLen += cipher.ProcessBlock(input, inOff, output, outOff + resultLen); + length -= blockSize; + inOff += blockSize; + } + } + Array.Copy(input, inOff, buf, bufOff, length); + bufOff += length; + if (bufOff == buf.Length) + { + resultLen += cipher.ProcessBlock(buf, 0, output, outOff + resultLen); + bufOff = 0; + } + return resultLen; + } + + public override byte[] DoFinal() + { + byte[] outBytes = EmptyBuffer; + + int length = GetOutputSize(0); + if (length > 0) + { + outBytes = new byte[length]; + + int pos = DoFinal(outBytes, 0); + if (pos < outBytes.Length) + { + byte[] tmp = new byte[pos]; + Array.Copy(outBytes, 0, tmp, 0, pos); + outBytes = tmp; + } + } + else + { + Reset(); + } + + return outBytes; + } + + public override byte[] DoFinal( + byte[] input, + int inOff, + int inLen) + { + if (input == null) + throw new ArgumentNullException("input"); + + int length = GetOutputSize(inLen); + + byte[] outBytes = EmptyBuffer; + + if (length > 0) + { + outBytes = new byte[length]; + + int pos = (inLen > 0) + ? ProcessBytes(input, inOff, inLen, outBytes, 0) + : 0; + + pos += DoFinal(outBytes, pos); + + if (pos < outBytes.Length) + { + byte[] tmp = new byte[pos]; + Array.Copy(outBytes, 0, tmp, 0, pos); + outBytes = tmp; + } + } + else + { + Reset(); + } + + return outBytes; + } + + /** + * Process the last block in the buffer. + * + * @param out the array the block currently being held is copied into. + * @param outOff the offset at which the copying starts. + * @return the number of output bytes copied to out. + * @exception DataLengthException if there is insufficient space in out for + * the output, or the input is not block size aligned and should be. + * @exception InvalidOperationException if the underlying cipher is not + * initialised. + * @exception InvalidCipherTextException if padding is expected and not found. + * @exception DataLengthException if the input is not block size + * aligned. + */ + public override int DoFinal( + byte[] output, + int outOff) + { + try + { + if (bufOff != 0) + { + Check.DataLength(!cipher.IsPartialBlockOkay, "data not block size aligned"); + Check.OutputLength(output, outOff, bufOff, "output buffer too short for DoFinal()"); + + // NB: Can't copy directly, or we may write too much output + cipher.ProcessBlock(buf, 0, buf, 0); + Array.Copy(buf, 0, output, outOff, bufOff); + } + + return bufOff; + } + finally + { + Reset(); + } + } + + /** + * Reset the buffer and cipher. After resetting the object is in the same + * state as it was after the last init (if there was one). + */ + public override void Reset() + { + Array.Clear(buf, 0, buf.Length); + bufOff = 0; + + cipher.Reset(); + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/BufferedCipherBase.cs b/BouncyCastle/crypto/src/crypto/BufferedCipherBase.cs new file mode 100644 index 0000000..9d86102 --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/BufferedCipherBase.cs @@ -0,0 +1,113 @@ +using System; + +namespace Org.BouncyCastle.Crypto +{ + public abstract class BufferedCipherBase + : IBufferedCipher + { + protected static readonly byte[] EmptyBuffer = new byte[0]; + + public abstract string AlgorithmName { get; } + + public abstract void Init(bool forEncryption, ICipherParameters parameters); + + public abstract int GetBlockSize(); + + public abstract int GetOutputSize(int inputLen); + public abstract int GetUpdateOutputSize(int inputLen); + + public abstract byte[] ProcessByte(byte input); + + public virtual int ProcessByte( + byte input, + byte[] output, + int outOff) + { + byte[] outBytes = ProcessByte(input); + if (outBytes == null) + return 0; + if (outOff + outBytes.Length > output.Length) + throw new DataLengthException("output buffer too short"); + outBytes.CopyTo(output, outOff); + return outBytes.Length; + } + + public virtual byte[] ProcessBytes( + byte[] input) + { + return ProcessBytes(input, 0, input.Length); + } + + public abstract byte[] ProcessBytes(byte[] input, int inOff, int length); + + public virtual int ProcessBytes( + byte[] input, + byte[] output, + int outOff) + { + return ProcessBytes(input, 0, input.Length, output, outOff); + } + + public virtual int ProcessBytes( + byte[] input, + int inOff, + int length, + byte[] output, + int outOff) + { + byte[] outBytes = ProcessBytes(input, inOff, length); + if (outBytes == null) + return 0; + if (outOff + outBytes.Length > output.Length) + throw new DataLengthException("output buffer too short"); + outBytes.CopyTo(output, outOff); + return outBytes.Length; + } + + public abstract byte[] DoFinal(); + + public virtual byte[] DoFinal( + byte[] input) + { + return DoFinal(input, 0, input.Length); + } + + public abstract byte[] DoFinal( + byte[] input, + int inOff, + int length); + + public virtual int DoFinal( + byte[] output, + int outOff) + { + byte[] outBytes = DoFinal(); + if (outOff + outBytes.Length > output.Length) + throw new DataLengthException("output buffer too short"); + outBytes.CopyTo(output, outOff); + return outBytes.Length; + } + + public virtual int DoFinal( + byte[] input, + byte[] output, + int outOff) + { + return DoFinal(input, 0, input.Length, output, outOff); + } + + public virtual int DoFinal( + byte[] input, + int inOff, + int length, + byte[] output, + int outOff) + { + int len = ProcessBytes(input, inOff, length, output, outOff); + len += DoFinal(output, outOff + len); + return len; + } + + public abstract void Reset(); + } +} diff --git a/BouncyCastle/crypto/src/crypto/BufferedIesCipher.cs b/BouncyCastle/crypto/src/crypto/BufferedIesCipher.cs new file mode 100644 index 0000000..6dab4ae --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/BufferedIesCipher.cs @@ -0,0 +1,113 @@ +using System; +using System.IO; + +using Org.BouncyCastle.Crypto.Engines; +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Crypto +{ + public class BufferedIesCipher + : BufferedCipherBase + { + private readonly IesEngine engine; + private bool forEncryption; + private MemoryStream buffer = new MemoryStream(); + + public BufferedIesCipher( + IesEngine engine) + { + if (engine == null) + throw new ArgumentNullException("engine"); + + this.engine = engine; + } + + public override string AlgorithmName + { + // TODO Create IESEngine.AlgorithmName + get { return "IES"; } + } + + public override void Init( + bool forEncryption, + ICipherParameters parameters) + { + this.forEncryption = forEncryption; + + // TODO + throw Platform.CreateNotImplementedException("IES"); + } + + public override int GetBlockSize() + { + return 0; + } + + public override int GetOutputSize( + int inputLen) + { + if (engine == null) + throw new InvalidOperationException("cipher not initialised"); + + int baseLen = inputLen + (int) buffer.Length; + return forEncryption + ? baseLen + 20 + : baseLen - 20; + } + + public override int GetUpdateOutputSize( + int inputLen) + { + return 0; + } + + public override byte[] ProcessByte( + byte input) + { + buffer.WriteByte(input); + return null; + } + + public override byte[] ProcessBytes( + byte[] input, + int inOff, + int length) + { + if (input == null) + throw new ArgumentNullException("input"); + if (inOff < 0) + throw new ArgumentException("inOff"); + if (length < 0) + throw new ArgumentException("length"); + if (inOff + length > input.Length) + throw new ArgumentException("invalid offset/length specified for input array"); + + buffer.Write(input, inOff, length); + return null; + } + + public override byte[] DoFinal() + { + byte[] buf = buffer.ToArray(); + + Reset(); + + return engine.ProcessBlock(buf, 0, buf.Length); + } + + public override byte[] DoFinal( + byte[] input, + int inOff, + int length) + { + ProcessBytes(input, inOff, length); + return DoFinal(); + } + + public override void Reset() + { + buffer.SetLength(0); + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/BufferedStreamCipher.cs b/BouncyCastle/crypto/src/crypto/BufferedStreamCipher.cs new file mode 100644 index 0000000..2d4987b --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/BufferedStreamCipher.cs @@ -0,0 +1,131 @@ +using System; + +using Org.BouncyCastle.Crypto.Parameters; + +namespace Org.BouncyCastle.Crypto +{ + public class BufferedStreamCipher + : BufferedCipherBase + { + private readonly IStreamCipher cipher; + + public BufferedStreamCipher( + IStreamCipher cipher) + { + if (cipher == null) + throw new ArgumentNullException("cipher"); + + this.cipher = cipher; + } + + public override string AlgorithmName + { + get { return cipher.AlgorithmName; } + } + + public override void Init( + bool forEncryption, + ICipherParameters parameters) + { + if (parameters is ParametersWithRandom) + { + parameters = ((ParametersWithRandom) parameters).Parameters; + } + + cipher.Init(forEncryption, parameters); + } + + public override int GetBlockSize() + { + return 0; + } + + public override int GetOutputSize( + int inputLen) + { + return inputLen; + } + + public override int GetUpdateOutputSize( + int inputLen) + { + return inputLen; + } + + public override byte[] ProcessByte( + byte input) + { + return new byte[]{ cipher.ReturnByte(input) }; + } + + public override int ProcessByte( + byte input, + byte[] output, + int outOff) + { + if (outOff >= output.Length) + throw new DataLengthException("output buffer too short"); + + output[outOff] = cipher.ReturnByte(input); + return 1; + } + + public override byte[] ProcessBytes( + byte[] input, + int inOff, + int length) + { + if (length < 1) + return null; + + byte[] output = new byte[length]; + cipher.ProcessBytes(input, inOff, length, output, 0); + return output; + } + + public override int ProcessBytes( + byte[] input, + int inOff, + int length, + byte[] output, + int outOff) + { + if (length < 1) + return 0; + + if (length > 0) + { + cipher.ProcessBytes(input, inOff, length, output, outOff); + } + + return length; + } + + public override byte[] DoFinal() + { + Reset(); + + return EmptyBuffer; + } + + public override byte[] DoFinal( + byte[] input, + int inOff, + int length) + { + if (length < 1) + return EmptyBuffer; + + byte[] output = ProcessBytes(input, inOff, length); + + Reset(); + + return output; + } + + public override void Reset() + { + cipher.Reset(); + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/Check.cs b/BouncyCastle/crypto/src/crypto/Check.cs new file mode 100644 index 0000000..aacda14 --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/Check.cs @@ -0,0 +1,25 @@ +using System; + +namespace Org.BouncyCastle.Crypto +{ + internal class Check + { + internal static void DataLength(bool condition, string msg) + { + if (condition) + throw new DataLengthException(msg); + } + + internal static void DataLength(byte[] buf, int off, int len, string msg) + { + if (off > (buf.Length - len)) + throw new DataLengthException(msg); + } + + internal static void OutputLength(byte[] buf, int off, int len, string msg) + { + if (off > (buf.Length - len)) + throw new OutputLengthException(msg); + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/CipherKeyGenerator.cs b/BouncyCastle/crypto/src/crypto/CipherKeyGenerator.cs new file mode 100644 index 0000000..d8d9b29 --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/CipherKeyGenerator.cs @@ -0,0 +1,83 @@ +using System; + +using Org.BouncyCastle.Security; + +namespace Org.BouncyCastle.Crypto +{ + /** + * The base class for symmetric, or secret, cipher key generators. + */ + public class CipherKeyGenerator + { + protected internal SecureRandom random; + protected internal int strength; + private bool uninitialised = true; + private int defaultStrength; + + public CipherKeyGenerator() + { + } + + internal CipherKeyGenerator( + int defaultStrength) + { + if (defaultStrength < 1) + throw new ArgumentException("strength must be a positive value", "defaultStrength"); + + this.defaultStrength = defaultStrength; + } + + public int DefaultStrength + { + get { return defaultStrength; } + } + + /** + * initialise the key generator. + * + * @param param the parameters to be used for key generation + */ + public void Init( + KeyGenerationParameters parameters) + { + if (parameters == null) + throw new ArgumentNullException("parameters"); + + this.uninitialised = false; + + engineInit(parameters); + } + + protected virtual void engineInit( + KeyGenerationParameters parameters) + { + this.random = parameters.Random; + this.strength = (parameters.Strength + 7) / 8; + } + + /** + * Generate a secret key. + * + * @return a byte array containing the key value. + */ + public byte[] GenerateKey() + { + if (uninitialised) + { + if (defaultStrength < 1) + throw new InvalidOperationException("Generator has not been initialised"); + + uninitialised = false; + + engineInit(new KeyGenerationParameters(new SecureRandom(), defaultStrength)); + } + + return engineGenerateKey(); + } + + protected virtual byte[] engineGenerateKey() + { + return SecureRandom.GetNextBytes(random, strength); + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/CryptoException.cs b/BouncyCastle/crypto/src/crypto/CryptoException.cs new file mode 100644 index 0000000..73d450b --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/CryptoException.cs @@ -0,0 +1,28 @@ +using System; + +namespace Org.BouncyCastle.Crypto +{ +#if !(NETCF_1_0 || NETCF_2_0 || SILVERLIGHT || PORTABLE) + [Serializable] +#endif + public class CryptoException + : Exception + { + public CryptoException() + { + } + + public CryptoException( + string message) + : base(message) + { + } + + public CryptoException( + string message, + Exception exception) + : base(message, exception) + { + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/DataLengthException.cs b/BouncyCastle/crypto/src/crypto/DataLengthException.cs new file mode 100644 index 0000000..447ff2a --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/DataLengthException.cs @@ -0,0 +1,42 @@ +using System; + +namespace Org.BouncyCastle.Crypto +{ + /** + * this exception is thrown if a buffer that is meant to have output + * copied into it turns out to be too short, or if we've been given + * insufficient input. In general this exception will Get thrown rather + * than an ArrayOutOfBounds exception. + */ +#if !(NETCF_1_0 || NETCF_2_0 || SILVERLIGHT || PORTABLE) + [Serializable] +#endif + public class DataLengthException + : CryptoException + { + /** + * base constructor. + */ + public DataLengthException() + { + } + + /** + * create a DataLengthException with the given message. + * + * @param message the message to be carried with the exception. + */ + public DataLengthException( + string message) + : base(message) + { + } + + public DataLengthException( + string message, + Exception exception) + : base(message, exception) + { + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/IAlphabetMapper.cs b/BouncyCastle/crypto/src/crypto/IAlphabetMapper.cs new file mode 100644 index 0000000..af63caa --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/IAlphabetMapper.cs @@ -0,0 +1,32 @@ +using System; + +namespace Org.BouncyCastle.Crypto +{ +/** + * Base interface for mapping from an alphabet to a set of indexes + * suitable for use with FPE. + */ +public interface IAlphabetMapper +{ + /// + /// Return the number of characters in the alphabet. + /// + /// the radix for the alphabet. + int Radix { get; } + + /// + /// Return the passed in char[] as a byte array of indexes (indexes + /// can be more than 1 byte) + /// + /// an index array. + /// characters to be mapped. + byte[] ConvertToIndexes(char[] input); + + /// + /// Return a char[] for this alphabet based on the indexes passed. + /// + /// an array of char corresponding to the index values. + /// input array of indexes. + char[] ConvertToChars(byte[] input); +} +} diff --git a/BouncyCastle/crypto/src/crypto/IAsymmetricBlockCipher.cs b/BouncyCastle/crypto/src/crypto/IAsymmetricBlockCipher.cs new file mode 100644 index 0000000..455cfaa --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/IAsymmetricBlockCipher.cs @@ -0,0 +1,30 @@ +using System; + +namespace Org.BouncyCastle.Crypto +{ + /// Base interface for a public/private key block cipher. + public interface IAsymmetricBlockCipher + { + /// The name of the algorithm this cipher implements. + string AlgorithmName { get; } + + /// Initialise the cipher. + /// Initialise for encryption if true, for decryption if false. + /// The key or other data required by the cipher. + void Init(bool forEncryption, ICipherParameters parameters); + + /// The maximum size, in bytes, an input block may be. + int GetInputBlockSize(); + + /// The maximum size, in bytes, an output block will be. + int GetOutputBlockSize(); + + /// Process a block. + /// The input buffer. + /// The offset into inBuf that the input block begins. + /// The length of the input block. + /// Input decrypts improperly. + /// Input is too large for the cipher. + byte[] ProcessBlock(byte[] inBuf, int inOff, int inLen); + } +} diff --git a/BouncyCastle/crypto/src/crypto/IAsymmetricCipherKeyPairGenerator.cs b/BouncyCastle/crypto/src/crypto/IAsymmetricCipherKeyPairGenerator.cs new file mode 100644 index 0000000..9ec5dfa --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/IAsymmetricCipherKeyPairGenerator.cs @@ -0,0 +1,24 @@ +using System; + +namespace Org.BouncyCastle.Crypto +{ + /** + * interface that a public/private key pair generator should conform to. + */ + public interface IAsymmetricCipherKeyPairGenerator + { + /** + * intialise the key pair generator. + * + * @param the parameters the key pair is to be initialised with. + */ + void Init(KeyGenerationParameters parameters); + + /** + * return an AsymmetricCipherKeyPair containing the Generated keys. + * + * @return an AsymmetricCipherKeyPair containing the Generated keys. + */ + AsymmetricCipherKeyPair GenerateKeyPair(); + } +} diff --git a/BouncyCastle/crypto/src/crypto/IBasicAgreement.cs b/BouncyCastle/crypto/src/crypto/IBasicAgreement.cs new file mode 100644 index 0000000..7dfc618 --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/IBasicAgreement.cs @@ -0,0 +1,29 @@ +using System; +using Org.BouncyCastle.Math; + +namespace Org.BouncyCastle.Crypto +{ + /** + * The basic interface that basic Diffie-Hellman implementations + * conforms to. + */ + public interface IBasicAgreement + { + /** + * initialise the agreement engine. + */ + void Init(ICipherParameters parameters); + + /** + * return the field size for the agreement algorithm in bytes. + */ + int GetFieldSize(); + + /** + * given a public key from a given party calculate the next + * message in the agreement sequence. + */ + BigInteger CalculateAgreement(ICipherParameters pubKey); + } + +} diff --git a/BouncyCastle/crypto/src/crypto/IBlockCipher.cs b/BouncyCastle/crypto/src/crypto/IBlockCipher.cs new file mode 100644 index 0000000..a3ad6d6 --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/IBlockCipher.cs @@ -0,0 +1,36 @@ +using System; + +namespace Org.BouncyCastle.Crypto +{ + /// Base interface for a symmetric key block cipher. + public interface IBlockCipher + { + /// The name of the algorithm this cipher implements. + string AlgorithmName { get; } + + /// Initialise the cipher. + /// Initialise for encryption if true, for decryption if false. + /// The key or other data required by the cipher. + void Init(bool forEncryption, ICipherParameters parameters); + + /// The block size for this cipher, in bytes. + int GetBlockSize(); + + /// Indicates whether this cipher can handle partial blocks. + bool IsPartialBlockOkay { get; } + + /// Process a block. + /// The input buffer. + /// The offset into inBuf that the input block begins. + /// The output buffer. + /// The offset into outBuf to write the output block. + /// If input block is wrong size, or outBuf too small. + /// The number of bytes processed and produced. + int ProcessBlock(byte[] inBuf, int inOff, byte[] outBuf, int outOff); + + /// + /// Reset the cipher to the same state as it was after the last init (if there was one). + /// + void Reset(); + } +} diff --git a/BouncyCastle/crypto/src/crypto/IBlockResult.cs b/BouncyCastle/crypto/src/crypto/IBlockResult.cs new file mode 100644 index 0000000..0f054fe --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/IBlockResult.cs @@ -0,0 +1,24 @@ + +namespace Org.BouncyCastle.Crypto +{ + /// + /// Operators that reduce their input to a single block return an object + /// of this type. + /// + public interface IBlockResult + { + /// + /// Return the final result of the operation. + /// + /// A block of bytes, representing the result of an operation. + byte[] Collect(); + + /// + /// Store the final result of the operation by copying it into the destination array. + /// + /// The number of bytes copied into destination. + /// The byte array to copy the result into. + /// The offset into destination to start copying the result at. + int Collect(byte[] destination, int offset); + } +} diff --git a/BouncyCastle/crypto/src/crypto/IBufferedCipher.cs b/BouncyCastle/crypto/src/crypto/IBufferedCipher.cs new file mode 100644 index 0000000..69dec95 --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/IBufferedCipher.cs @@ -0,0 +1,44 @@ +using System; + +namespace Org.BouncyCastle.Crypto +{ + /// Block cipher engines are expected to conform to this interface. + public interface IBufferedCipher + { + /// The name of the algorithm this cipher implements. + string AlgorithmName { get; } + + /// Initialise the cipher. + /// If true the cipher is initialised for encryption, + /// if false for decryption. + /// The key and other data required by the cipher. + void Init(bool forEncryption, ICipherParameters parameters); + + int GetBlockSize(); + + int GetOutputSize(int inputLen); + + int GetUpdateOutputSize(int inputLen); + + byte[] ProcessByte(byte input); + int ProcessByte(byte input, byte[] output, int outOff); + + byte[] ProcessBytes(byte[] input); + byte[] ProcessBytes(byte[] input, int inOff, int length); + int ProcessBytes(byte[] input, byte[] output, int outOff); + int ProcessBytes(byte[] input, int inOff, int length, byte[] output, int outOff); + + byte[] DoFinal(); + byte[] DoFinal(byte[] input); + byte[] DoFinal(byte[] input, int inOff, int length); + int DoFinal(byte[] output, int outOff); + int DoFinal(byte[] input, byte[] output, int outOff); + int DoFinal(byte[] input, int inOff, int length, byte[] output, int outOff); + + /// + /// Reset the cipher. After resetting the cipher is in the same state + /// as it was after the last init (if there was one). + /// + void Reset(); + } +} diff --git a/BouncyCastle/crypto/src/crypto/ICipher.cs b/BouncyCastle/crypto/src/crypto/ICipher.cs new file mode 100644 index 0000000..3768ee0 --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/ICipher.cs @@ -0,0 +1,41 @@ +using System; +using System.IO; + +namespace Org.BouncyCastle.Crypto +{ + /// + /// Base interface for a ciphers that do not require data to be block aligned. + /// + /// Note: In cases where the underlying algorithm is block based, these ciphers may add or remove padding as needed. + /// + /// + public interface ICipher + { + /// + /// Return the size of the output buffer required for a Write() plus a + /// close() with the write() being passed inputLen bytes. + /// + /// The returned size may be dependent on the initialisation of this cipher + /// and may not be accurate once subsequent input data is processed as the cipher may + /// add, add or remove padding, as it sees fit. + /// + /// + /// The space required to accommodate a call to processBytes and doFinal with inputLen bytes of input. + /// The length of the expected input. + int GetMaxOutputSize(int inputLen); + + /// + /// Return the size of the output buffer required for a write() with the write() being + /// passed inputLen bytes and just updating the cipher output. + /// + /// The space required to accommodate a call to processBytes with inputLen bytes of input. + /// The length of the expected input. + int GetUpdateOutputSize(int inputLen); + + /// + /// Gets the stream for reading/writing data processed/to be processed. + /// + /// The stream associated with this cipher. + Stream Stream { get; } + } +} diff --git a/BouncyCastle/crypto/src/crypto/ICipherBuilder.cs b/BouncyCastle/crypto/src/crypto/ICipherBuilder.cs new file mode 100644 index 0000000..9b0e2b3 --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/ICipherBuilder.cs @@ -0,0 +1,30 @@ +using System; +using System.IO; + +namespace Org.BouncyCastle.Crypto +{ + /// + /// Base interface for cipher builders. + /// + public interface ICipherBuilder + { + /// + /// Return the algorithm and parameter details associated with any cipher built. + /// + object AlgorithmDetails { get; } + + /// + /// Return the maximum output size that a given input will produce. + /// + /// the length of the expected input. + /// The maximum possible output size that can produced for the expected input length. + int GetMaxOutputSize(int inputLen); + + /// + /// Build a cipher that operates on the passed in stream. + /// + /// The stream to write/read any encrypted/decrypted data. + /// A cipher based around the given stream. + ICipher BuildCipher(Stream stream); + } +} diff --git a/BouncyCastle/crypto/src/crypto/ICipherBuilderWithKey.cs b/BouncyCastle/crypto/src/crypto/ICipherBuilderWithKey.cs new file mode 100644 index 0000000..8e79a5e --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/ICipherBuilderWithKey.cs @@ -0,0 +1,16 @@ +using System; + +namespace Org.BouncyCastle.Crypto +{ + /// + /// A cipher builder that can also return the key it was initialized with. + /// + public interface ICipherBuilderWithKey + : ICipherBuilder + { + /// + /// Return the key we were initialized with. + /// + ICipherParameters Key { get; } + } +} diff --git a/BouncyCastle/crypto/src/crypto/ICipherParameters.cs b/BouncyCastle/crypto/src/crypto/ICipherParameters.cs new file mode 100644 index 0000000..fff0941 --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/ICipherParameters.cs @@ -0,0 +1,11 @@ +using System; + +namespace Org.BouncyCastle.Crypto +{ + /** + * all parameter classes implement this. + */ + public interface ICipherParameters + { + } +} diff --git a/BouncyCastle/crypto/src/crypto/IDSA.cs b/BouncyCastle/crypto/src/crypto/IDSA.cs new file mode 100644 index 0000000..7d1fd51 --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/IDSA.cs @@ -0,0 +1,41 @@ +using System; + +using Org.BouncyCastle.Math; + +namespace Org.BouncyCastle.Crypto +{ + /** + * interface for classes implementing the Digital Signature Algorithm + */ + public interface IDsa + { + string AlgorithmName { get; } + + /** + * initialise the signer for signature generation or signature + * verification. + * + * @param forSigning true if we are generating a signature, false + * otherwise. + * @param param key parameters for signature generation. + */ + void Init(bool forSigning, ICipherParameters parameters); + + /** + * sign the passed in message (usually the output of a hash function). + * + * @param message the message to be signed. + * @return two big integers representing the r and s values respectively. + */ + BigInteger[] GenerateSignature(byte[] message); + + /** + * verify the message message against the signature values r and s. + * + * @param message the message that was supposed to have been signed. + * @param r the r signature value. + * @param s the s signature value. + */ + bool VerifySignature(byte[] message, BigInteger r, BigInteger s); + } +} diff --git a/BouncyCastle/crypto/src/crypto/IDecryptorBuilderProvider.cs b/BouncyCastle/crypto/src/crypto/IDecryptorBuilderProvider.cs new file mode 100644 index 0000000..42ef2be --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/IDecryptorBuilderProvider.cs @@ -0,0 +1,17 @@ +using System; + +namespace Org.BouncyCastle.Crypto +{ + /// + /// Interface describing a provider of cipher builders for creating decrypting ciphers. + /// + public interface IDecryptorBuilderProvider + { + /// + /// Return a cipher builder for creating decrypting ciphers. + /// + /// The algorithm details/parameters to use to create the final cipher. + /// A new cipher builder. + ICipherBuilder CreateDecryptorBuilder(object algorithmDetails); + } +} diff --git a/BouncyCastle/crypto/src/crypto/IDerivationFunction.cs b/BouncyCastle/crypto/src/crypto/IDerivationFunction.cs new file mode 100644 index 0000000..7f289f7 --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/IDerivationFunction.cs @@ -0,0 +1,24 @@ +using System; + +namespace Org.BouncyCastle.Crypto +{ + /** + * base interface for general purpose byte derivation functions. + */ + public interface IDerivationFunction + { + void Init(IDerivationParameters parameters); + + /** + * return the message digest used as the basis for the function + */ + IDigest Digest + { + get; + } + + int GenerateBytes(byte[] output, int outOff, int length); + //throws DataLengthException, ArgumentException; + } + +} diff --git a/BouncyCastle/crypto/src/crypto/IDerivationParameters.cs b/BouncyCastle/crypto/src/crypto/IDerivationParameters.cs new file mode 100644 index 0000000..f1c8485 --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/IDerivationParameters.cs @@ -0,0 +1,11 @@ +using System; + +namespace Org.BouncyCastle.Crypto +{ + /** + * Parameters for key/byte stream derivation classes + */ + public interface IDerivationParameters + { + } +} diff --git a/BouncyCastle/crypto/src/crypto/IDigest.cs b/BouncyCastle/crypto/src/crypto/IDigest.cs new file mode 100644 index 0000000..6769dcc --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/IDigest.cs @@ -0,0 +1,61 @@ +using System; + +namespace Org.BouncyCastle.Crypto +{ + /** + * interface that a message digest conforms to. + */ + public interface IDigest + { + /** + * return the algorithm name + * + * @return the algorithm name + */ + string AlgorithmName { get; } + + /** + * return the size, in bytes, of the digest produced by this message digest. + * + * @return the size, in bytes, of the digest produced by this message digest. + */ + int GetDigestSize(); + + /** + * return the size, in bytes, of the internal buffer used by this digest. + * + * @return the size, in bytes, of the internal buffer used by this digest. + */ + int GetByteLength(); + + /** + * update the message digest with a single byte. + * + * @param inByte the input byte to be entered. + */ + void Update(byte input); + + /** + * update the message digest with a block of bytes. + * + * @param input the byte array containing the data. + * @param inOff the offset into the byte array where the data starts. + * @param len the length of the data. + */ + void BlockUpdate(byte[] input, int inOff, int length); + + /** + * Close the digest, producing the final digest value. The doFinal + * call leaves the digest reset. + * + * @param output the array the digest is to be copied into. + * @param outOff the offset into the out array the digest is to start at. + */ + int DoFinal(byte[] output, int outOff); + + /** + * reset the digest back to it's initial state. + */ + void Reset(); + } +} diff --git a/BouncyCastle/crypto/src/crypto/IDigestFactory.cs b/BouncyCastle/crypto/src/crypto/IDigestFactory.cs new file mode 100644 index 0000000..eedac14 --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/IDigestFactory.cs @@ -0,0 +1,25 @@ +using System; + +namespace Org.BouncyCastle.Crypto +{ + /// + /// Base interface for operator factories that create stream-based digest calculators. + /// + public interface IDigestFactory + { + /// The algorithm details object for calculators made by this factory. + object AlgorithmDetails { get ; } + + /// Return the size of the digest associated with this factory. + /// The length of the digest produced by this calculators from this factory in bytes. + int DigestLength { get; } + + /// + /// Create a stream calculator for the digest associated with this factory. The stream + /// calculator is used for the actual operation of entering the data to be digested + /// and producing the digest block. + /// + /// A calculator producing an IBlockResult with the final digest in it. + IStreamCalculator CreateCalculator(); + } +} diff --git a/BouncyCastle/crypto/src/crypto/IDsaExt.cs b/BouncyCastle/crypto/src/crypto/IDsaExt.cs new file mode 100644 index 0000000..15b5578 --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/IDsaExt.cs @@ -0,0 +1,17 @@ +using System; + +using Org.BouncyCastle.Math; + +namespace Org.BouncyCastle.Crypto +{ + /// + /// An "extended" interface for classes implementing DSA-style algorithms, that provides access + /// to the group order. + /// + public interface IDsaExt + : IDsa + { + /// The order of the group that the r, s values in signatures belong to. + BigInteger Order { get; } + } +} diff --git a/BouncyCastle/crypto/src/crypto/IEntropySource.cs b/BouncyCastle/crypto/src/crypto/IEntropySource.cs new file mode 100644 index 0000000..62e3bc7 --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/IEntropySource.cs @@ -0,0 +1,29 @@ +using System; + +namespace Org.BouncyCastle.Crypto +{ + /// + /// Base interface describing an entropy source for a DRBG. + /// + public interface IEntropySource + { + /// + /// Return whether or not this entropy source is regarded as prediction resistant. + /// + /// true if this instance is prediction resistant; otherwise, false. + bool IsPredictionResistant { get; } + + /// + /// Return a byte array of entropy. + /// + /// The entropy bytes. + byte[] GetEntropy(); + + /// + /// Return the number of bits of entropy this source can produce. + /// + /// The size, in bits, of the return value of getEntropy. + int EntropySize { get; } + } +} + diff --git a/BouncyCastle/crypto/src/crypto/IEntropySourceProvider.cs b/BouncyCastle/crypto/src/crypto/IEntropySourceProvider.cs new file mode 100644 index 0000000..7564141 --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/IEntropySourceProvider.cs @@ -0,0 +1,17 @@ +using System; + +namespace Org.BouncyCastle.Crypto +{ + /// + /// Base interface describing a provider of entropy sources. + /// + public interface IEntropySourceProvider + { + /// + /// Return an entropy source providing a block of entropy. + /// + /// The size of the block of entropy required. + /// An entropy source providing bitsRequired blocks of entropy. + IEntropySource Get(int bitsRequired); + } +} diff --git a/BouncyCastle/crypto/src/crypto/IKeyUnwrapper.cs b/BouncyCastle/crypto/src/crypto/IKeyUnwrapper.cs new file mode 100644 index 0000000..18d5a8d --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/IKeyUnwrapper.cs @@ -0,0 +1,24 @@ +using System; + +namespace Org.BouncyCastle.Crypto +{ + /// + /// Base interface for a key unwrapper. + /// + public interface IKeyUnwrapper + { + /// + /// The parameter set used to configure this key unwrapper. + /// + object AlgorithmDetails { get; } + + /// + /// Unwrap the passed in data. + /// + /// The array containing the data to be unwrapped. + /// The offset into cipherText at which the unwrapped data starts. + /// The length of the data to be unwrapped. + /// an IBlockResult containing the unwrapped key data. + IBlockResult Unwrap(byte[] cipherText, int offset, int length); + } +} diff --git a/BouncyCastle/crypto/src/crypto/IKeyWrapper.cs b/BouncyCastle/crypto/src/crypto/IKeyWrapper.cs new file mode 100644 index 0000000..27f3384 --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/IKeyWrapper.cs @@ -0,0 +1,22 @@ +using System; + +namespace Org.BouncyCastle.Crypto +{ + /// + /// Base interface for a key wrapper. + /// + public interface IKeyWrapper + { + /// + /// The parameter set used to configure this key wrapper. + /// + object AlgorithmDetails { get; } + + /// + /// Wrap the passed in key data. + /// + /// The key data to be wrapped. + /// an IBlockResult containing the wrapped key data. + IBlockResult Wrap(byte[] keyData); + } +} diff --git a/BouncyCastle/crypto/src/crypto/IMac.cs b/BouncyCastle/crypto/src/crypto/IMac.cs new file mode 100644 index 0000000..03a86e8 --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/IMac.cs @@ -0,0 +1,69 @@ +using System; + +namespace Org.BouncyCastle.Crypto +{ + /** + * The base interface for implementations of message authentication codes (MACs). + */ + public interface IMac + { + /** + * Initialise the MAC. + * + * @param param the key and other data required by the MAC. + * @exception ArgumentException if the parameters argument is + * inappropriate. + */ + void Init(ICipherParameters parameters); + + /** + * Return the name of the algorithm the MAC implements. + * + * @return the name of the algorithm the MAC implements. + */ + string AlgorithmName { get; } + + /** + * Return the block size for this MAC (in bytes). + * + * @return the block size for this MAC in bytes. + */ + int GetMacSize(); + + /** + * add a single byte to the mac for processing. + * + * @param in the byte to be processed. + * @exception InvalidOperationException if the MAC is not initialised. + */ + void Update(byte input); + + /** + * @param in the array containing the input. + * @param inOff the index in the array the data begins at. + * @param len the length of the input starting at inOff. + * @exception InvalidOperationException if the MAC is not initialised. + * @exception DataLengthException if there isn't enough data in in. + */ + void BlockUpdate(byte[] input, int inOff, int len); + + /** + * Compute the final stage of the MAC writing the output to the out + * parameter. + *

+ * doFinal leaves the MAC in the same state it was after the last init. + *

+ * @param out the array the MAC is to be output to. + * @param outOff the offset into the out buffer the output is to start at. + * @exception DataLengthException if there isn't enough space in out. + * @exception InvalidOperationException if the MAC is not initialised. + */ + int DoFinal(byte[] output, int outOff); + + /** + * Reset the MAC. At the end of resetting the MAC should be in the + * in the same state it was after the last init (if there was one). + */ + void Reset(); + } +} diff --git a/BouncyCastle/crypto/src/crypto/IMacDerivationFunction.cs b/BouncyCastle/crypto/src/crypto/IMacDerivationFunction.cs new file mode 100644 index 0000000..7297cd8 --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/IMacDerivationFunction.cs @@ -0,0 +1,7 @@ +namespace Org.BouncyCastle.Crypto +{ + public interface IMacDerivationFunction:IDerivationFunction + { + IMac GetMac(); + } +} \ No newline at end of file diff --git a/BouncyCastle/crypto/src/crypto/IMacFactory.cs b/BouncyCastle/crypto/src/crypto/IMacFactory.cs new file mode 100644 index 0000000..9180ef1 --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/IMacFactory.cs @@ -0,0 +1,18 @@ +using System; + +namespace Org.BouncyCastle.Crypto +{ + public interface IMacFactory + { + /// The algorithm details object for this calculator. + object AlgorithmDetails { get; } + + /// + /// Create a stream calculator for this signature calculator. The stream + /// calculator is used for the actual operation of entering the data to be signed + /// and producing the signature block. + /// + /// A calculator producing an IBlockResult with a signature in it. + IStreamCalculator CreateCalculator(); + } +} diff --git a/BouncyCastle/crypto/src/crypto/IRawAgreement.cs b/BouncyCastle/crypto/src/crypto/IRawAgreement.cs new file mode 100644 index 0000000..63e6648 --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/IRawAgreement.cs @@ -0,0 +1,13 @@ +using System; + +namespace Org.BouncyCastle.Crypto +{ + public interface IRawAgreement + { + void Init(ICipherParameters parameters); + + int AgreementSize { get; } + + void CalculateAgreement(ICipherParameters publicKey, byte[] buf, int off); + } +} diff --git a/BouncyCastle/crypto/src/crypto/IRsa.cs b/BouncyCastle/crypto/src/crypto/IRsa.cs new file mode 100644 index 0000000..f7bcc9e --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/IRsa.cs @@ -0,0 +1,16 @@ +using System; + +using Org.BouncyCastle.Math; + +namespace Org.BouncyCastle.Crypto +{ + public interface IRsa + { + void Init(bool forEncryption, ICipherParameters parameters); + int GetInputBlockSize(); + int GetOutputBlockSize(); + BigInteger ConvertInput(byte[] buf, int off, int len); + BigInteger ProcessBlock(BigInteger input); + byte[] ConvertOutput(BigInteger result); + } +} diff --git a/BouncyCastle/crypto/src/crypto/ISignatureFactory.cs b/BouncyCastle/crypto/src/crypto/ISignatureFactory.cs new file mode 100644 index 0000000..cbca7d1 --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/ISignatureFactory.cs @@ -0,0 +1,23 @@ +using System; + +namespace Org.BouncyCastle.Crypto +{ + /// + /// Base interface for operators that serve as stream-based signature calculators. + /// + public interface ISignatureFactory + { + /// The algorithm details object for this calculator. + Object AlgorithmDetails { get ; } + + /// + /// Create a stream calculator for this signature calculator. The stream + /// calculator is used for the actual operation of entering the data to be signed + /// and producing the signature block. + /// + /// A calculator producing an IBlockResult with a signature in it. + IStreamCalculator CreateCalculator(); + } +} + + diff --git a/BouncyCastle/crypto/src/crypto/ISigner.cs b/BouncyCastle/crypto/src/crypto/ISigner.cs new file mode 100644 index 0000000..e03bbf4 --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/ISigner.cs @@ -0,0 +1,50 @@ + +using System; +using System.Text; + +namespace Org.BouncyCastle.Crypto +{ + public interface ISigner + { + /** + * Return the name of the algorithm the signer implements. + * + * @return the name of the algorithm the signer implements. + */ + string AlgorithmName { get; } + + /** + * Initialise the signer for signing or verification. + * + * @param forSigning true if for signing, false otherwise + * @param param necessary parameters. + */ + void Init(bool forSigning, ICipherParameters parameters); + + /** + * update the internal digest with the byte b + */ + void Update(byte input); + + /** + * update the internal digest with the byte array in + */ + void BlockUpdate(byte[] input, int inOff, int length); + + /** + * Generate a signature for the message we've been loaded with using + * the key we were initialised with. + */ + byte[] GenerateSignature(); + /** + * return true if the internal state represents the signature described + * in the passed in array. + */ + bool VerifySignature(byte[] signature); + + /** + * reset the internal state + */ + void Reset(); + } +} diff --git a/BouncyCastle/crypto/src/crypto/ISignerWithRecovery.cs b/BouncyCastle/crypto/src/crypto/ISignerWithRecovery.cs new file mode 100644 index 0000000..024f5ce --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/ISignerWithRecovery.cs @@ -0,0 +1,37 @@ +using System; +using System.Text; + +namespace Org.BouncyCastle.Crypto +{ + /** + * Signer with message recovery. + */ + public interface ISignerWithRecovery + : ISigner + { + /** + * Returns true if the signer has recovered the full message as + * part of signature verification. + * + * @return true if full message recovered. + */ + bool HasFullMessage(); + + /** + * Returns a reference to what message was recovered (if any). + * + * @return full/partial message, null if nothing. + */ + byte[] GetRecoveredMessage(); + + /** + * Perform an update with the recovered message before adding any other data. This must + * be the first update method called, and calling it will result in the signer assuming + * that further calls to update will include message content past what is recoverable. + * + * @param signature the signature that we are in the process of verifying. + * @throws IllegalStateException + */ + void UpdateWithRecoveredMessage(byte[] signature); + } +} diff --git a/BouncyCastle/crypto/src/crypto/IStreamCalculator.cs b/BouncyCastle/crypto/src/crypto/IStreamCalculator.cs new file mode 100644 index 0000000..19a5428 --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/IStreamCalculator.cs @@ -0,0 +1,23 @@ +using System; +using System.IO; + +namespace Org.BouncyCastle.Crypto +{ + /// + /// Base interface for cryptographic operations such as Hashes, MACs, and Signatures which reduce a stream of data + /// to a single value. + /// + public interface IStreamCalculator + { + /// Return a "sink" stream which only exists to update the implementing object. + /// A stream to write to in order to update the implementing object. + Stream Stream { get; } + + /// + /// Return the result of processing the stream. This value is only available once the stream + /// has been closed. + /// + /// The result of processing the stream. + Object GetResult(); + } +} diff --git a/BouncyCastle/crypto/src/crypto/IStreamCipher.cs b/BouncyCastle/crypto/src/crypto/IStreamCipher.cs new file mode 100644 index 0000000..8e575a7 --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/IStreamCipher.cs @@ -0,0 +1,45 @@ +using System; + +namespace Org.BouncyCastle.Crypto +{ + /// The interface stream ciphers conform to. + public interface IStreamCipher + { + /// The name of the algorithm this cipher implements. + string AlgorithmName { get; } + + /// Initialise the cipher. + /// If true the cipher is initialised for encryption, + /// if false for decryption. + /// The key and other data required by the cipher. + /// + /// If the parameters argument is inappropriate. + /// + void Init(bool forEncryption, ICipherParameters parameters); + + /// encrypt/decrypt a single byte returning the result. + /// the byte to be processed. + /// the result of processing the input byte. + byte ReturnByte(byte input); + + /// + /// Process a block of bytes from input putting the result into output. + /// + /// The input byte array. + /// + /// The offset into input where the data to be processed starts. + /// + /// The number of bytes to be processed. + /// The output buffer the processed bytes go into. + /// + /// The offset into output the processed data starts at. + /// + /// If the output buffer is too small. + void ProcessBytes(byte[] input, int inOff, int length, byte[] output, int outOff); + + /// + /// Reset the cipher to the same state as it was after the last init (if there was one). + /// + void Reset(); + } +} diff --git a/BouncyCastle/crypto/src/crypto/IVerifier.cs b/BouncyCastle/crypto/src/crypto/IVerifier.cs new file mode 100644 index 0000000..560cabf --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/IVerifier.cs @@ -0,0 +1,25 @@ +namespace Org.BouncyCastle.Crypto +{ + /// + /// Operators that reduce their input to the validation of a signature produce this type. + /// + public interface IVerifier + { + /// + /// Return true if the passed in data matches what is expected by the verification result. + /// + /// The bytes representing the signature. + /// true if the signature verifies, false otherwise. + bool IsVerified(byte[] data); + + /// + /// Return true if the length bytes from off in the source array match the signature + /// expected by the verification result. + /// + /// Byte array containing the signature. + /// The offset into the source array where the signature starts. + /// The number of bytes in source making up the signature. + /// true if the signature verifies, false otherwise. + bool IsVerified(byte[] source, int off, int length); + } +} diff --git a/BouncyCastle/crypto/src/crypto/IVerifierFactory.cs b/BouncyCastle/crypto/src/crypto/IVerifierFactory.cs new file mode 100644 index 0000000..9502b14 --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/IVerifierFactory.cs @@ -0,0 +1,21 @@ +using System; + +namespace Org.BouncyCastle.Crypto +{ + /// + /// Base interface for operators that serve as stream-based signature verifiers. + /// + public interface IVerifierFactory + { + /// The algorithm details object for this verifier. + Object AlgorithmDetails { get ; } + + /// + /// Create a stream calculator for this verifier. The stream + /// calculator is used for the actual operation of entering the data to be verified + /// and producing a result which can be used to verify the original signature. + /// + /// A calculator producing an IVerifier which can verify the signature. + IStreamCalculator CreateCalculator(); + } +} diff --git a/BouncyCastle/crypto/src/crypto/IVerifierFactoryProvider.cs b/BouncyCastle/crypto/src/crypto/IVerifierFactoryProvider.cs new file mode 100644 index 0000000..9cfcbb2 --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/IVerifierFactoryProvider.cs @@ -0,0 +1,18 @@ +using System; + +namespace Org.BouncyCastle.Crypto +{ + /// + /// Base interface for a provider to support the dynamic creation of signature verifiers. + /// + public interface IVerifierFactoryProvider + { + /// + /// Return a signature verfier for signature algorithm described in the passed in algorithm details object. + /// + /// The details of the signature algorithm verification is required for. + /// A new signature verifier. + IVerifierFactory CreateVerifierFactory (Object algorithmDetails); + } +} + diff --git a/BouncyCastle/crypto/src/crypto/IWrapper.cs b/BouncyCastle/crypto/src/crypto/IWrapper.cs new file mode 100644 index 0000000..58202b3 --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/IWrapper.cs @@ -0,0 +1,18 @@ +using System; + +using Org.BouncyCastle.Security; + +namespace Org.BouncyCastle.Crypto +{ + public interface IWrapper + { + /// The name of the algorithm this cipher implements. + string AlgorithmName { get; } + + void Init(bool forWrapping, ICipherParameters parameters); + + byte[] Wrap(byte[] input, int inOff, int length); + + byte[] Unwrap(byte[] input, int inOff, int length); + } +} diff --git a/BouncyCastle/crypto/src/crypto/IXof.cs b/BouncyCastle/crypto/src/crypto/IXof.cs new file mode 100644 index 0000000..f76304d --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/IXof.cs @@ -0,0 +1,31 @@ +using System; + +namespace Org.BouncyCastle.Crypto +{ + /// + /// With FIPS PUB 202 a new kind of message digest was announced which supported extendable output, or variable digest sizes. + /// This interface provides the extra method required to support variable output on a digest implementation. + /// + public interface IXof + : IDigest + { + /// + /// Output the results of the final calculation for this digest to outLen number of bytes. + /// + /// output array to write the output bytes to. + /// offset to start writing the bytes at. + /// the number of output bytes requested. + /// the number of bytes written + int DoFinal(byte[] output, int outOff, int outLen); + + /// + /// Start outputting the results of the final calculation for this digest. Unlike DoFinal, this method + /// will continue producing output until the Xof is explicitly reset, or signals otherwise. + /// + /// output array to write the output bytes to. + /// offset to start writing the bytes at. + /// the number of output bytes requested. + /// the number of bytes written + int DoOutput(byte[] output, int outOff, int outLen); + } +} diff --git a/BouncyCastle/crypto/src/crypto/InvalidCipherTextException.cs b/BouncyCastle/crypto/src/crypto/InvalidCipherTextException.cs new file mode 100644 index 0000000..0fe540d --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/InvalidCipherTextException.cs @@ -0,0 +1,40 @@ +using System; + +namespace Org.BouncyCastle.Crypto +{ + /** + * this exception is thrown whenever we find something we don't expect in a + * message. + */ +#if !(NETCF_1_0 || NETCF_2_0 || SILVERLIGHT || PORTABLE) + [Serializable] +#endif + public class InvalidCipherTextException + : CryptoException + { + /** + * base constructor. + */ + public InvalidCipherTextException() + { + } + + /** + * create a InvalidCipherTextException with the given message. + * + * @param message the message to be carried with the exception. + */ + public InvalidCipherTextException( + string message) + : base(message) + { + } + + public InvalidCipherTextException( + string message, + Exception exception) + : base(message, exception) + { + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/KeyGenerationParameters.cs b/BouncyCastle/crypto/src/crypto/KeyGenerationParameters.cs new file mode 100644 index 0000000..0cb6b07 --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/KeyGenerationParameters.cs @@ -0,0 +1,55 @@ +using System; +using Org.BouncyCastle.Security; + +namespace Org.BouncyCastle.Crypto +{ + /** + * The base class for parameters to key generators. + */ + public class KeyGenerationParameters + { + private SecureRandom random; + private int strength; + + /** + * initialise the generator with a source of randomness + * and a strength (in bits). + * + * @param random the random byte source. + * @param strength the size, in bits, of the keys we want to produce. + */ + public KeyGenerationParameters( + SecureRandom random, + int strength) + { + if (random == null) + throw new ArgumentNullException("random"); + if (strength < 1) + throw new ArgumentException("strength must be a positive value", "strength"); + + this.random = random; + this.strength = strength; + } + + /** + * return the random source associated with this + * generator. + * + * @return the generators random source. + */ + public SecureRandom Random + { + get { return random; } + } + + /** + * return the bit strength for keys produced by this generator, + * + * @return the strength of the keys this generator produces (in bits). + */ + public int Strength + { + get { return strength; } + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/MaxBytesExceededException.cs b/BouncyCastle/crypto/src/crypto/MaxBytesExceededException.cs new file mode 100644 index 0000000..8992c45 --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/MaxBytesExceededException.cs @@ -0,0 +1,32 @@ +using System; + +namespace Org.BouncyCastle.Crypto +{ + /// + /// This exception is thrown whenever a cipher requires a change of key, iv + /// or similar after x amount of bytes enciphered + /// +#if !(NETCF_1_0 || NETCF_2_0 || SILVERLIGHT || PORTABLE) + [Serializable] +#endif + public class MaxBytesExceededException + : CryptoException + { + public MaxBytesExceededException() + { + } + + public MaxBytesExceededException( + string message) + : base(message) + { + } + + public MaxBytesExceededException( + string message, + Exception e) + : base(message, e) + { + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/OutputLengthException.cs b/BouncyCastle/crypto/src/crypto/OutputLengthException.cs new file mode 100644 index 0000000..437589f --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/OutputLengthException.cs @@ -0,0 +1,28 @@ +using System; + +namespace Org.BouncyCastle.Crypto +{ +#if !(NETCF_1_0 || NETCF_2_0 || SILVERLIGHT || PORTABLE) + [Serializable] +#endif + public class OutputLengthException + : DataLengthException + { + public OutputLengthException() + { + } + + public OutputLengthException( + string message) + : base(message) + { + } + + public OutputLengthException( + string message, + Exception exception) + : base(message, exception) + { + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/PbeParametersGenerator.cs b/BouncyCastle/crypto/src/crypto/PbeParametersGenerator.cs new file mode 100644 index 0000000..97d23df --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/PbeParametersGenerator.cs @@ -0,0 +1,202 @@ +using System; +using System.Text; + +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Crypto +{ + /** + * super class for all Password Based Encyrption (Pbe) parameter generator classes. + */ + public abstract class PbeParametersGenerator + { + protected byte[] mPassword; + protected byte[] mSalt; + protected int mIterationCount; + + /** + * base constructor. + */ + protected PbeParametersGenerator() + { + } + + /** + * initialise the Pbe generator. + * + * @param password the password converted into bytes (see below). + * @param salt the salt to be mixed with the password. + * @param iterationCount the number of iterations the "mixing" function + * is to be applied for. + */ + public virtual void Init( + byte[] password, + byte[] salt, + int iterationCount) + { + if (password == null) + throw new ArgumentNullException("password"); + if (salt == null) + throw new ArgumentNullException("salt"); + + this.mPassword = Arrays.Clone(password); + this.mSalt = Arrays.Clone(salt); + this.mIterationCount = iterationCount; + } + + public virtual byte[] Password + { + get { return Arrays.Clone(mPassword); } + } + + /** + * return the password byte array. + * + * @return the password byte array. + */ + [Obsolete("Use 'Password' property")] + public byte[] GetPassword() + { + return Password; + } + + public virtual byte[] Salt + { + get { return Arrays.Clone(mSalt); } + } + + /** + * return the salt byte array. + * + * @return the salt byte array. + */ + [Obsolete("Use 'Salt' property")] + public byte[] GetSalt() + { + return Salt; + } + + /** + * return the iteration count. + * + * @return the iteration count. + */ + public virtual int IterationCount + { + get { return mIterationCount; } + } + + /** + * Generate derived parameters for a key of length keySize. + * + * @param keySize the length, in bits, of the key required. + * @return a parameters object representing a key. + */ + [Obsolete("Use version with 'algorithm' parameter")] + public abstract ICipherParameters GenerateDerivedParameters(int keySize); + public abstract ICipherParameters GenerateDerivedParameters(string algorithm, int keySize); + + /** + * Generate derived parameters for a key of length keySize, and + * an initialisation vector (IV) of length ivSize. + * + * @param keySize the length, in bits, of the key required. + * @param ivSize the length, in bits, of the iv required. + * @return a parameters object representing a key and an IV. + */ + [Obsolete("Use version with 'algorithm' parameter")] + public abstract ICipherParameters GenerateDerivedParameters(int keySize, int ivSize); + public abstract ICipherParameters GenerateDerivedParameters(string algorithm, int keySize, int ivSize); + + /** + * Generate derived parameters for a key of length keySize, specifically + * for use with a MAC. + * + * @param keySize the length, in bits, of the key required. + * @return a parameters object representing a key. + */ + public abstract ICipherParameters GenerateDerivedMacParameters(int keySize); + + /** + * converts a password to a byte array according to the scheme in + * Pkcs5 (ascii, no padding) + * + * @param password a character array representing the password. + * @return a byte array representing the password. + */ + public static byte[] Pkcs5PasswordToBytes( + char[] password) + { + if (password == null) + return new byte[0]; + + return Strings.ToByteArray(password); + } + + [Obsolete("Use version taking 'char[]' instead")] + public static byte[] Pkcs5PasswordToBytes( + string password) + { + if (password == null) + return new byte[0]; + + return Strings.ToByteArray(password); + } + + /** + * converts a password to a byte array according to the scheme in + * PKCS5 (UTF-8, no padding) + * + * @param password a character array representing the password. + * @return a byte array representing the password. + */ + public static byte[] Pkcs5PasswordToUtf8Bytes( + char[] password) + { + if (password == null) + return new byte[0]; + + return Encoding.UTF8.GetBytes(password); + } + + [Obsolete("Use version taking 'char[]' instead")] + public static byte[] Pkcs5PasswordToUtf8Bytes( + string password) + { + if (password == null) + return new byte[0]; + + return Encoding.UTF8.GetBytes(password); + } + + /** + * converts a password to a byte array according to the scheme in + * Pkcs12 (unicode, big endian, 2 zero pad bytes at the end). + * + * @param password a character array representing the password. + * @return a byte array representing the password. + */ + public static byte[] Pkcs12PasswordToBytes( + char[] password) + { + return Pkcs12PasswordToBytes(password, false); + } + + public static byte[] Pkcs12PasswordToBytes( + char[] password, + bool wrongPkcs12Zero) + { + if (password == null || password.Length < 1) + { + return new byte[wrongPkcs12Zero ? 2 : 0]; + } + + // +1 for extra 2 pad bytes. + byte[] bytes = new byte[(password.Length + 1) * 2]; + + Encoding.BigEndianUnicode.GetBytes(password, 0, password.Length, bytes, 0); + + return bytes; + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/Security.cs b/BouncyCastle/crypto/src/crypto/Security.cs new file mode 100644 index 0000000..f6f6924 --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/Security.cs @@ -0,0 +1,76 @@ +using System; +using System.Text; + +using Org.BouncyCastle.Crypto; +using Org.BouncyCastle.Crypto.Digests; +using Org.BouncyCastle.Crypto.Engines; +using Org.BouncyCastle.Crypto.Generators; +using Org.BouncyCastle.Crypto.Modes; +using Org.BouncyCastle.Crypto.Paddings; +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Security; +using Org.BouncyCastle.Utilities.Encoders; + +namespace crypto +{ + public class Security + { + // USAGE + //var key = Security.GenerateText(32); + //var iv = Security.GenerateText(16); + //var encrypted = Security.Encrypt("MY SECRET", key, iv); + //var decrypted = Security.Decrypt(encrypted, key, iv); + + /// + /// Return a salted hash based on PBKDF2 for the UTF-8 encoding of the argument text. + /// + /// Provided key text + /// Base64 encoded string representing the salt + /// + public static string ComputeHash(string text, string salt) + { + byte[] data = Encoding.UTF8.GetBytes(text); + Sha512Digest sha = new Sha512Digest(); + Pkcs5S2ParametersGenerator gen = new Pkcs5S2ParametersGenerator(sha); + + gen.Init(data, Base64.Decode(salt), 2048); + + return Base64.ToBase64String(((KeyParameter)gen.GenerateDerivedParameters(sha.GetDigestSize() * 8)).GetKey()); + } + + public static string Decrypt(string cipherText, string key, string iv) + { + IBufferedCipher cipher = CreateCipher(false, key, iv); + byte[] textAsBytes = cipher.DoFinal(Base64.Decode(cipherText)); + + return Encoding.UTF8.GetString(textAsBytes, 0, textAsBytes.Length); + } + + public static string Encrypt(string plainText, string key, string iv) + { + IBufferedCipher cipher = CreateCipher(true, key, iv); + + return Base64.ToBase64String(cipher.DoFinal(Encoding.UTF8.GetBytes(plainText))); + } + + public static string GenerateText(int size) + { + byte[] textAsBytes = new byte[size]; + SecureRandom secureRandom = SecureRandom.GetInstance("SHA256PRNG", true); + + secureRandom.NextBytes(textAsBytes); + return Base64.ToBase64String(textAsBytes); + } + + private static IBufferedCipher CreateCipher(bool isEncryption, string key, string iv) + { + IBufferedCipher cipher = new PaddedBufferedBlockCipher(new CbcBlockCipher(new RijndaelEngine()), new ISO10126d2Padding()); + KeyParameter keyParam = new KeyParameter(Base64.Decode(key)); + ICipherParameters cipherParams = (null == iv || iv.Length < 1) + ? (ICipherParameters)keyParam + : new ParametersWithIV(keyParam, Base64.Decode(iv)); + cipher.Init(isEncryption, cipherParams); + return cipher; + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/SimpleBlockResult.cs b/BouncyCastle/crypto/src/crypto/SimpleBlockResult.cs new file mode 100644 index 0000000..6cacda6 --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/SimpleBlockResult.cs @@ -0,0 +1,53 @@ +using System; + +namespace Org.BouncyCastle.Crypto +{ + /// + /// A simple block result object which just carries a byte array. + /// + public class SimpleBlockResult + : IBlockResult + { + private readonly byte[] result; + + /// + /// Base constructor - a wrapper for the passed in byte array. + /// + /// The byte array to be wrapped. + public SimpleBlockResult(byte[] result) + { + this.result = result; + } + + /// + /// Return the number of bytes in the result + /// + /// The length of the result in bytes. + public int Length + { + get { return result.Length; } + } + + /// + /// Return the final result of the operation. + /// + /// A block of bytes, representing the result of an operation. + public byte[] Collect() + { + return result; + } + + /// + /// Store the final result of the operation by copying it into the destination array. + /// + /// The number of bytes copied into destination. + /// The byte array to copy the result into. + /// The offset into destination to start copying the result at. + public int Collect(byte[] destination, int offset) + { + Array.Copy(result, 0, destination, offset, result.Length); + + return result.Length; + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/StreamBlockCipher.cs b/BouncyCastle/crypto/src/crypto/StreamBlockCipher.cs new file mode 100644 index 0000000..ef2a8b6 --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/StreamBlockCipher.cs @@ -0,0 +1,109 @@ +using System; + +using Org.BouncyCastle.Crypto.Parameters; + +namespace Org.BouncyCastle.Crypto +{ + /** + * a wrapper for block ciphers with a single byte block size, so that they + * can be treated like stream ciphers. + */ + public class StreamBlockCipher + : IStreamCipher + { + private readonly IBlockCipher cipher; + private readonly byte[] oneByte = new byte[1]; + + /** + * basic constructor. + * + * @param cipher the block cipher to be wrapped. + * @exception ArgumentException if the cipher has a block size other than + * one. + */ + public StreamBlockCipher( + IBlockCipher cipher) + { + if (cipher == null) + throw new ArgumentNullException("cipher"); + if (cipher.GetBlockSize() != 1) + throw new ArgumentException("block cipher block size != 1.", "cipher"); + + this.cipher = cipher; + } + + /** + * initialise the underlying cipher. + * + * @param forEncryption true if we are setting up for encryption, false otherwise. + * @param param the necessary parameters for the underlying cipher to be initialised. + */ + public void Init( + bool forEncryption, + ICipherParameters parameters) + { + cipher.Init(forEncryption, parameters); + } + + /** + * return the name of the algorithm we are wrapping. + * + * @return the name of the algorithm we are wrapping. + */ + public string AlgorithmName + { + get { return cipher.AlgorithmName; } + } + + /** + * encrypt/decrypt a single byte returning the result. + * + * @param in the byte to be processed. + * @return the result of processing the input byte. + */ + public byte ReturnByte( + byte input) + { + oneByte[0] = input; + + cipher.ProcessBlock(oneByte, 0, oneByte, 0); + + return oneByte[0]; + } + + /** + * process a block of bytes from in putting the result into out. + * + * @param in the input byte array. + * @param inOff the offset into the in array where the data to be processed starts. + * @param len the number of bytes to be processed. + * @param out the output buffer the processed bytes go into. + * @param outOff the offset into the output byte array the processed data stars at. + * @exception DataLengthException if the output buffer is too small. + */ + public void ProcessBytes( + byte[] input, + int inOff, + int length, + byte[] output, + int outOff) + { + if (outOff + length > output.Length) + throw new DataLengthException("output buffer too small in ProcessBytes()"); + + for (int i = 0; i != length; i++) + { + cipher.ProcessBlock(input, inOff + i, output, outOff + i); + } + } + + /** + * reset the underlying cipher. This leaves it in the same state + * it was at after the last init (if there was one). + */ + public void Reset() + { + cipher.Reset(); + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/agreement/DHAgreement.cs b/BouncyCastle/crypto/src/crypto/agreement/DHAgreement.cs new file mode 100644 index 0000000..e988c0d --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/agreement/DHAgreement.cs @@ -0,0 +1,99 @@ +using System; +using System.Diagnostics; + +using Org.BouncyCastle.Crypto.Generators; +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Math; +using Org.BouncyCastle.Security; + +namespace Org.BouncyCastle.Crypto.Agreement +{ + /** + * a Diffie-Hellman key exchange engine. + *

+ * note: This uses MTI/A0 key agreement in order to make the key agreement + * secure against passive attacks. If you're doing Diffie-Hellman and both + * parties have long term public keys you should look at using this. For + * further information have a look at RFC 2631.

+ *

+ * It's possible to extend this to more than two parties as well, for the moment + * that is left as an exercise for the reader.

+ */ + public class DHAgreement + { + private DHPrivateKeyParameters key; + private DHParameters dhParams; + private BigInteger privateValue; + private SecureRandom random; + + public void Init( + ICipherParameters parameters) + { + AsymmetricKeyParameter kParam; + if (parameters is ParametersWithRandom) + { + ParametersWithRandom rParam = (ParametersWithRandom)parameters; + + this.random = rParam.Random; + kParam = (AsymmetricKeyParameter)rParam.Parameters; + } + else + { + this.random = new SecureRandom(); + kParam = (AsymmetricKeyParameter)parameters; + } + + if (!(kParam is DHPrivateKeyParameters)) + { + throw new ArgumentException("DHEngine expects DHPrivateKeyParameters"); + } + + this.key = (DHPrivateKeyParameters)kParam; + this.dhParams = key.Parameters; + } + + /** + * calculate our initial message. + */ + public BigInteger CalculateMessage() + { + DHKeyPairGenerator dhGen = new DHKeyPairGenerator(); + dhGen.Init(new DHKeyGenerationParameters(random, dhParams)); + AsymmetricCipherKeyPair dhPair = dhGen.GenerateKeyPair(); + + this.privateValue = ((DHPrivateKeyParameters)dhPair.Private).X; + + return ((DHPublicKeyParameters)dhPair.Public).Y; + } + + /** + * given a message from a given party and the corresponding public key + * calculate the next message in the agreement sequence. In this case + * this will represent the shared secret. + */ + public BigInteger CalculateAgreement( + DHPublicKeyParameters pub, + BigInteger message) + { + if (pub == null) + throw new ArgumentNullException("pub"); + if (message == null) + throw new ArgumentNullException("message"); + + if (!pub.Parameters.Equals(dhParams)) + throw new ArgumentException("Diffie-Hellman public key has wrong parameters."); + + BigInteger p = dhParams.P; + + BigInteger peerY = pub.Y; + if (peerY == null || peerY.CompareTo(BigInteger.One) <= 0 || peerY.CompareTo(p.Subtract(BigInteger.One)) >= 0) + throw new ArgumentException("Diffie-Hellman public key is weak"); + + BigInteger result = peerY.ModPow(privateValue, p); + if (result.Equals(BigInteger.One)) + throw new InvalidOperationException("Shared key can't be 1"); + + return message.ModPow(key.X, p).Multiply(result).Mod(p); + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/agreement/DHBasicAgreement.cs b/BouncyCastle/crypto/src/crypto/agreement/DHBasicAgreement.cs new file mode 100644 index 0000000..6c3fe65 --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/agreement/DHBasicAgreement.cs @@ -0,0 +1,72 @@ +using System; + +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Math; +using Org.BouncyCastle.Security; + +namespace Org.BouncyCastle.Crypto.Agreement +{ + /** + * a Diffie-Hellman key agreement class. + *

+ * note: This is only the basic algorithm, it doesn't take advantage of + * long term public keys if they are available. See the DHAgreement class + * for a "better" implementation.

+ */ + public class DHBasicAgreement + : IBasicAgreement + { + private DHPrivateKeyParameters key; + private DHParameters dhParams; + + public virtual void Init( + ICipherParameters parameters) + { + if (parameters is ParametersWithRandom) + { + parameters = ((ParametersWithRandom) parameters).Parameters; + } + + if (!(parameters is DHPrivateKeyParameters)) + { + throw new ArgumentException("DHEngine expects DHPrivateKeyParameters"); + } + + this.key = (DHPrivateKeyParameters) parameters; + this.dhParams = key.Parameters; + } + + public virtual int GetFieldSize() + { + return (key.Parameters.P.BitLength + 7) / 8; + } + + /** + * given a short term public key from a given party calculate the next + * message in the agreement sequence. + */ + public virtual BigInteger CalculateAgreement( + ICipherParameters pubKey) + { + if (this.key == null) + throw new InvalidOperationException("Agreement algorithm not initialised"); + + DHPublicKeyParameters pub = (DHPublicKeyParameters)pubKey; + + if (!pub.Parameters.Equals(dhParams)) + throw new ArgumentException("Diffie-Hellman public key has wrong parameters."); + + BigInteger p = dhParams.P; + + BigInteger peerY = pub.Y; + if (peerY == null || peerY.CompareTo(BigInteger.One) <= 0 || peerY.CompareTo(p.Subtract(BigInteger.One)) >= 0) + throw new ArgumentException("Diffie-Hellman public key is weak"); + + BigInteger result = peerY.ModPow(key.X, p); + if (result.Equals(BigInteger.One)) + throw new InvalidOperationException("Shared key can't be 1"); + + return result; + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/agreement/DHStandardGroups.cs b/BouncyCastle/crypto/src/crypto/agreement/DHStandardGroups.cs new file mode 100644 index 0000000..e334489 --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/agreement/DHStandardGroups.cs @@ -0,0 +1,249 @@ +using System; + +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Math; +using Org.BouncyCastle.Utilities.Encoders; + +namespace Org.BouncyCastle.Crypto.Agreement +{ + /// Standard Diffie-Hellman groups from various IETF specifications. + public class DHStandardGroups + { + private static readonly BigInteger Two = BigInteger.ValueOf(2); + + private static BigInteger FromHex(string hex) + { + return new BigInteger(1, Hex.DecodeStrict(hex)); + } + + private static DHParameters FromPG(string hexP, string hexG) + { + return new DHParameters(FromHex(hexP), FromHex(hexG)); + } + + private static DHParameters SafePrimeGen2(string hexP) + { + return SafePrimeGen2(hexP, 0); + } + + private static DHParameters SafePrimeGen2(string hexP, int l) + { + // NOTE: A group using a safe prime (i.e. q = (p-1)/2), and generator g = 2 + BigInteger p = FromHex(hexP); + return new DHParameters(p, Two, p.ShiftRight(1), l); + } + + /* + * RFC 2409 + */ + private static readonly string rfc2409_768_p = "FFFFFFFFFFFFFFFFC90FDAA22168C234C4C6628B80DC1CD1" + + "29024E088A67CC74020BBEA63B139B22514A08798E3404DD" + "EF9519B3CD3A431B302B0A6DF25F14374FE1356D6D51C245" + + "E485B576625E7EC6F44C42E9A63A3620FFFFFFFFFFFFFFFF"; + public static readonly DHParameters rfc2409_768 = SafePrimeGen2(rfc2409_768_p); + + private static readonly string rfc2409_1024_p = "FFFFFFFFFFFFFFFFC90FDAA22168C234C4C6628B80DC1CD1" + + "29024E088A67CC74020BBEA63B139B22514A08798E3404DD" + "EF9519B3CD3A431B302B0A6DF25F14374FE1356D6D51C245" + + "E485B576625E7EC6F44C42E9A637ED6B0BFF5CB6F406B7ED" + "EE386BFB5A899FA5AE9F24117C4B1FE649286651ECE65381" + + "FFFFFFFFFFFFFFFF"; + public static readonly DHParameters rfc2409_1024 = SafePrimeGen2(rfc2409_1024_p); + + /* + * RFC 3526 + */ + private static readonly string rfc3526_1536_p = "FFFFFFFFFFFFFFFFC90FDAA22168C234C4C6628B80DC1CD1" + + "29024E088A67CC74020BBEA63B139B22514A08798E3404DD" + "EF9519B3CD3A431B302B0A6DF25F14374FE1356D6D51C245" + + "E485B576625E7EC6F44C42E9A637ED6B0BFF5CB6F406B7ED" + "EE386BFB5A899FA5AE9F24117C4B1FE649286651ECE45B3D" + + "C2007CB8A163BF0598DA48361C55D39A69163FA8FD24CF5F" + "83655D23DCA3AD961C62F356208552BB9ED529077096966D" + + "670C354E4ABC9804F1746C08CA237327FFFFFFFFFFFFFFFF"; + private static readonly int rfc3526_1536_l = 200; // RFC3526/RFC7919 + public static readonly DHParameters rfc3526_1536 = SafePrimeGen2(rfc3526_1536_p, rfc3526_1536_l); + + private static readonly string rfc3526_2048_p = "FFFFFFFFFFFFFFFFC90FDAA22168C234C4C6628B80DC1CD1" + + "29024E088A67CC74020BBEA63B139B22514A08798E3404DD" + "EF9519B3CD3A431B302B0A6DF25F14374FE1356D6D51C245" + + "E485B576625E7EC6F44C42E9A637ED6B0BFF5CB6F406B7ED" + "EE386BFB5A899FA5AE9F24117C4B1FE649286651ECE45B3D" + + "C2007CB8A163BF0598DA48361C55D39A69163FA8FD24CF5F" + "83655D23DCA3AD961C62F356208552BB9ED529077096966D" + + "670C354E4ABC9804F1746C08CA18217C32905E462E36CE3B" + "E39E772C180E86039B2783A2EC07A28FB5C55DF06F4C52C9" + + "DE2BCBF6955817183995497CEA956AE515D2261898FA0510" + "15728E5A8AACAA68FFFFFFFFFFFFFFFF"; + private static readonly int rfc3526_2048_l = System.Math.Max(225, 112 * 2); // MAX(RFC3526/RFC7919,FIPS) + public static readonly DHParameters rfc3526_2048 = SafePrimeGen2(rfc3526_2048_p, rfc3526_2048_l); + + private static readonly string rfc3526_3072_p = "FFFFFFFFFFFFFFFFC90FDAA22168C234C4C6628B80DC1CD1" + + "29024E088A67CC74020BBEA63B139B22514A08798E3404DD" + "EF9519B3CD3A431B302B0A6DF25F14374FE1356D6D51C245" + + "E485B576625E7EC6F44C42E9A637ED6B0BFF5CB6F406B7ED" + "EE386BFB5A899FA5AE9F24117C4B1FE649286651ECE45B3D" + + "C2007CB8A163BF0598DA48361C55D39A69163FA8FD24CF5F" + "83655D23DCA3AD961C62F356208552BB9ED529077096966D" + + "670C354E4ABC9804F1746C08CA18217C32905E462E36CE3B" + "E39E772C180E86039B2783A2EC07A28FB5C55DF06F4C52C9" + + "DE2BCBF6955817183995497CEA956AE515D2261898FA0510" + "15728E5A8AAAC42DAD33170D04507A33A85521ABDF1CBA64" + + "ECFB850458DBEF0A8AEA71575D060C7DB3970F85A6E1E4C7" + "ABF5AE8CDB0933D71E8C94E04A25619DCEE3D2261AD2EE6B" + + "F12FFA06D98A0864D87602733EC86A64521F2B18177B200C" + "BBE117577A615D6C770988C0BAD946E208E24FA074E5AB31" + + "43DB5BFCE0FD108E4B82D120A93AD2CAFFFFFFFFFFFFFFFF"; + private static readonly int rfc3526_3072_l = System.Math.Max(275, 128 * 2); // MAX(RFC3526/RFC7919,FIPS) + public static readonly DHParameters rfc3526_3072 = SafePrimeGen2(rfc3526_3072_p, rfc3526_3072_l); + + private static readonly string rfc3526_4096_p = "FFFFFFFFFFFFFFFFC90FDAA22168C234C4C6628B80DC1CD1" + + "29024E088A67CC74020BBEA63B139B22514A08798E3404DD" + "EF9519B3CD3A431B302B0A6DF25F14374FE1356D6D51C245" + + "E485B576625E7EC6F44C42E9A637ED6B0BFF5CB6F406B7ED" + "EE386BFB5A899FA5AE9F24117C4B1FE649286651ECE45B3D" + + "C2007CB8A163BF0598DA48361C55D39A69163FA8FD24CF5F" + "83655D23DCA3AD961C62F356208552BB9ED529077096966D" + + "670C354E4ABC9804F1746C08CA18217C32905E462E36CE3B" + "E39E772C180E86039B2783A2EC07A28FB5C55DF06F4C52C9" + + "DE2BCBF6955817183995497CEA956AE515D2261898FA0510" + "15728E5A8AAAC42DAD33170D04507A33A85521ABDF1CBA64" + + "ECFB850458DBEF0A8AEA71575D060C7DB3970F85A6E1E4C7" + "ABF5AE8CDB0933D71E8C94E04A25619DCEE3D2261AD2EE6B" + + "F12FFA06D98A0864D87602733EC86A64521F2B18177B200C" + "BBE117577A615D6C770988C0BAD946E208E24FA074E5AB31" + + "43DB5BFCE0FD108E4B82D120A92108011A723C12A787E6D7" + "88719A10BDBA5B2699C327186AF4E23C1A946834B6150BDA" + + "2583E9CA2AD44CE8DBBBC2DB04DE8EF92E8EFC141FBECAA6" + "287C59474E6BC05D99B2964FA090C3A2233BA186515BE7ED" + + "1F612970CEE2D7AFB81BDD762170481CD0069127D5B05AA9" + "93B4EA988D8FDDC186FFB7DC90A6C08F4DF435C934063199" + + "FFFFFFFFFFFFFFFF"; + private static readonly int rfc3526_4096_l = System.Math.Max(325, 152 * 2); // MAX(RFC3526/RFC7919,FIPS) + public static readonly DHParameters rfc3526_4096 = SafePrimeGen2(rfc3526_4096_p, rfc3526_4096_l); + + private static readonly string rfc3526_6144_p = "FFFFFFFFFFFFFFFFC90FDAA22168C234C4C6628B80DC1CD129024E08" + + "8A67CC74020BBEA63B139B22514A08798E3404DDEF9519B3CD3A431B" + + "302B0A6DF25F14374FE1356D6D51C245E485B576625E7EC6F44C42E9" + + "A637ED6B0BFF5CB6F406B7EDEE386BFB5A899FA5AE9F24117C4B1FE6" + + "49286651ECE45B3DC2007CB8A163BF0598DA48361C55D39A69163FA8" + + "FD24CF5F83655D23DCA3AD961C62F356208552BB9ED529077096966D" + + "670C354E4ABC9804F1746C08CA18217C32905E462E36CE3BE39E772C" + + "180E86039B2783A2EC07A28FB5C55DF06F4C52C9DE2BCBF695581718" + + "3995497CEA956AE515D2261898FA051015728E5A8AAAC42DAD33170D" + + "04507A33A85521ABDF1CBA64ECFB850458DBEF0A8AEA71575D060C7D" + + "B3970F85A6E1E4C7ABF5AE8CDB0933D71E8C94E04A25619DCEE3D226" + + "1AD2EE6BF12FFA06D98A0864D87602733EC86A64521F2B18177B200C" + + "BBE117577A615D6C770988C0BAD946E208E24FA074E5AB3143DB5BFC" + + "E0FD108E4B82D120A92108011A723C12A787E6D788719A10BDBA5B26" + + "99C327186AF4E23C1A946834B6150BDA2583E9CA2AD44CE8DBBBC2DB" + + "04DE8EF92E8EFC141FBECAA6287C59474E6BC05D99B2964FA090C3A2" + + "233BA186515BE7ED1F612970CEE2D7AFB81BDD762170481CD0069127" + + "D5B05AA993B4EA988D8FDDC186FFB7DC90A6C08F4DF435C934028492" + + "36C3FAB4D27C7026C1D4DCB2602646DEC9751E763DBA37BDF8FF9406" + + "AD9E530EE5DB382F413001AEB06A53ED9027D831179727B0865A8918" + + "DA3EDBEBCF9B14ED44CE6CBACED4BB1BDB7F1447E6CC254B33205151" + + "2BD7AF426FB8F401378CD2BF5983CA01C64B92ECF032EA15D1721D03" + + "F482D7CE6E74FEF6D55E702F46980C82B5A84031900B1C9E59E7C97F" + + "BEC7E8F323A97A7E36CC88BE0F1D45B7FF585AC54BD407B22B4154AA" + + "CC8F6D7EBF48E1D814CC5ED20F8037E0A79715EEF29BE32806A1D58B" + + "B7C5DA76F550AA3D8A1FBFF0EB19CCB1A313D55CDA56C9EC2EF29632" + + "387FE8D76E3C0468043E8F663F4860EE12BF2D5B0B7474D6E694F91E" + + "6DCC4024FFFFFFFFFFFFFFFF"; + private static readonly int rfc3526_6144_l = System.Math.Max(375, 176 * 2); // MAX(RFC3526/RFC7919,FIPS) + public static readonly DHParameters rfc3526_6144 = SafePrimeGen2(rfc3526_6144_p, rfc3526_6144_l); + + private static readonly string rfc3526_8192_p = "FFFFFFFFFFFFFFFFC90FDAA22168C234C4C6628B80DC1CD1" + + "29024E088A67CC74020BBEA63B139B22514A08798E3404DD" + "EF9519B3CD3A431B302B0A6DF25F14374FE1356D6D51C245" + + "E485B576625E7EC6F44C42E9A637ED6B0BFF5CB6F406B7ED" + "EE386BFB5A899FA5AE9F24117C4B1FE649286651ECE45B3D" + + "C2007CB8A163BF0598DA48361C55D39A69163FA8FD24CF5F" + "83655D23DCA3AD961C62F356208552BB9ED529077096966D" + + "670C354E4ABC9804F1746C08CA18217C32905E462E36CE3B" + "E39E772C180E86039B2783A2EC07A28FB5C55DF06F4C52C9" + + "DE2BCBF6955817183995497CEA956AE515D2261898FA0510" + "15728E5A8AAAC42DAD33170D04507A33A85521ABDF1CBA64" + + "ECFB850458DBEF0A8AEA71575D060C7DB3970F85A6E1E4C7" + "ABF5AE8CDB0933D71E8C94E04A25619DCEE3D2261AD2EE6B" + + "F12FFA06D98A0864D87602733EC86A64521F2B18177B200C" + "BBE117577A615D6C770988C0BAD946E208E24FA074E5AB31" + + "43DB5BFCE0FD108E4B82D120A92108011A723C12A787E6D7" + "88719A10BDBA5B2699C327186AF4E23C1A946834B6150BDA" + + "2583E9CA2AD44CE8DBBBC2DB04DE8EF92E8EFC141FBECAA6" + "287C59474E6BC05D99B2964FA090C3A2233BA186515BE7ED" + + "1F612970CEE2D7AFB81BDD762170481CD0069127D5B05AA9" + "93B4EA988D8FDDC186FFB7DC90A6C08F4DF435C934028492" + + "36C3FAB4D27C7026C1D4DCB2602646DEC9751E763DBA37BD" + "F8FF9406AD9E530EE5DB382F413001AEB06A53ED9027D831" + + "179727B0865A8918DA3EDBEBCF9B14ED44CE6CBACED4BB1B" + "DB7F1447E6CC254B332051512BD7AF426FB8F401378CD2BF" + + "5983CA01C64B92ECF032EA15D1721D03F482D7CE6E74FEF6" + "D55E702F46980C82B5A84031900B1C9E59E7C97FBEC7E8F3" + + "23A97A7E36CC88BE0F1D45B7FF585AC54BD407B22B4154AA" + "CC8F6D7EBF48E1D814CC5ED20F8037E0A79715EEF29BE328" + + "06A1D58BB7C5DA76F550AA3D8A1FBFF0EB19CCB1A313D55C" + "DA56C9EC2EF29632387FE8D76E3C0468043E8F663F4860EE" + + "12BF2D5B0B7474D6E694F91E6DBE115974A3926F12FEE5E4" + "38777CB6A932DF8CD8BEC4D073B931BA3BC832B68D9DD300" + + "741FA7BF8AFC47ED2576F6936BA424663AAB639C5AE4F568" + "3423B4742BF1C978238F16CBE39D652DE3FDB8BEFC848AD9" + + "22222E04A4037C0713EB57A81A23F0C73473FC646CEA306B" + "4BCBC8862F8385DDFA9D4B7FA2C087E879683303ED5BDD3A" + + "062B3CF5B3A278A66D2A13F83F44F82DDF310EE074AB6A36" + "4597E899A0255DC164F31CC50846851DF9AB48195DED7EA1" + + "B1D510BD7EE74D73FAF36BC31ECFA268359046F4EB879F92" + "4009438B481C6CD7889A002ED5EE382BC9190DA6FC026E47" + + "9558E4475677E9AA9E3050E2765694DFC81F56E880B96E71" + "60C980DD98EDD3DFFFFFFFFFFFFFFFFF"; + private static readonly int rfc3526_8192_l = System.Math.Max(400, 200 * 2); // MAX(RFC3526/RFC7919,FIPS) + public static readonly DHParameters rfc3526_8192 = SafePrimeGen2(rfc3526_8192_p, rfc3526_8192_l); + + /* + * RFC 4306 + */ + public static readonly DHParameters rfc4306_768 = rfc2409_768; + public static readonly DHParameters rfc4306_1024 = rfc2409_1024; + + /* + * RFC 5996 + */ + public static readonly DHParameters rfc5996_768 = rfc4306_768; + public static readonly DHParameters rfc5996_1024 = rfc4306_1024; + + /* + * RFC 7919 + */ + private static readonly string rfc7919_ffdhe2048_p = "FFFFFFFFFFFFFFFFADF85458A2BB4A9AAFDC5620273D3CF1" + + "D8B9C583CE2D3695A9E13641146433FBCC939DCE249B3EF9" + "7D2FE363630C75D8F681B202AEC4617AD3DF1ED5D5FD6561" + + "2433F51F5F066ED0856365553DED1AF3B557135E7F57C935" + "984F0C70E0E68B77E2A689DAF3EFE8721DF158A136ADE735" + + "30ACCA4F483A797ABC0AB182B324FB61D108A94BB2C8E3FB" + "B96ADAB760D7F4681D4F42A3DE394DF4AE56EDE76372BB19" + + "0B07A7C8EE0A6D709E02FCE1CDF7E2ECC03404CD28342F61" + "9172FE9CE98583FF8E4F1232EEF28183C3FE3B1B4C6FAD73" + + "3BB5FCBC2EC22005C58EF1837D1683B2C6F34A26C1B2EFFA" + "886B423861285C97FFFFFFFFFFFFFFFF"; + private static readonly int rfc7919_ffdhe2048_l = System.Math.Max(225, 112 * 2); // MAX(RFC7919,FIPS) + public static readonly DHParameters rfc7919_ffdhe2048 = SafePrimeGen2(rfc7919_ffdhe2048_p, rfc7919_ffdhe2048_l); + + private static readonly string rfc7919_ffdhe3072_p = "FFFFFFFFFFFFFFFFADF85458A2BB4A9AAFDC5620273D3CF1" + + "D8B9C583CE2D3695A9E13641146433FBCC939DCE249B3EF9" + "7D2FE363630C75D8F681B202AEC4617AD3DF1ED5D5FD6561" + + "2433F51F5F066ED0856365553DED1AF3B557135E7F57C935" + "984F0C70E0E68B77E2A689DAF3EFE8721DF158A136ADE735" + + "30ACCA4F483A797ABC0AB182B324FB61D108A94BB2C8E3FB" + "B96ADAB760D7F4681D4F42A3DE394DF4AE56EDE76372BB19" + + "0B07A7C8EE0A6D709E02FCE1CDF7E2ECC03404CD28342F61" + "9172FE9CE98583FF8E4F1232EEF28183C3FE3B1B4C6FAD73" + + "3BB5FCBC2EC22005C58EF1837D1683B2C6F34A26C1B2EFFA" + "886B4238611FCFDCDE355B3B6519035BBC34F4DEF99C0238" + + "61B46FC9D6E6C9077AD91D2691F7F7EE598CB0FAC186D91C" + "AEFE130985139270B4130C93BC437944F4FD4452E2D74DD3" + + "64F2E21E71F54BFF5CAE82AB9C9DF69EE86D2BC522363A0D" + "ABC521979B0DEADA1DBF9A42D5C4484E0ABCD06BFA53DDEF" + + "3C1B20EE3FD59D7C25E41D2B66C62E37FFFFFFFFFFFFFFFF"; + private static readonly int rfc7919_ffdhe3072_l = System.Math.Max(275, 128 * 2); // MAX(RFC7919,FIPS) + public static readonly DHParameters rfc7919_ffdhe3072 = SafePrimeGen2(rfc7919_ffdhe3072_p, rfc7919_ffdhe3072_l); + + private static readonly string rfc7919_ffdhe4096_p = "FFFFFFFFFFFFFFFFADF85458A2BB4A9AAFDC5620273D3CF1" + + "D8B9C583CE2D3695A9E13641146433FBCC939DCE249B3EF9" + "7D2FE363630C75D8F681B202AEC4617AD3DF1ED5D5FD6561" + + "2433F51F5F066ED0856365553DED1AF3B557135E7F57C935" + "984F0C70E0E68B77E2A689DAF3EFE8721DF158A136ADE735" + + "30ACCA4F483A797ABC0AB182B324FB61D108A94BB2C8E3FB" + "B96ADAB760D7F4681D4F42A3DE394DF4AE56EDE76372BB19" + + "0B07A7C8EE0A6D709E02FCE1CDF7E2ECC03404CD28342F61" + "9172FE9CE98583FF8E4F1232EEF28183C3FE3B1B4C6FAD73" + + "3BB5FCBC2EC22005C58EF1837D1683B2C6F34A26C1B2EFFA" + "886B4238611FCFDCDE355B3B6519035BBC34F4DEF99C0238" + + "61B46FC9D6E6C9077AD91D2691F7F7EE598CB0FAC186D91C" + "AEFE130985139270B4130C93BC437944F4FD4452E2D74DD3" + + "64F2E21E71F54BFF5CAE82AB9C9DF69EE86D2BC522363A0D" + "ABC521979B0DEADA1DBF9A42D5C4484E0ABCD06BFA53DDEF" + + "3C1B20EE3FD59D7C25E41D2B669E1EF16E6F52C3164DF4FB" + "7930E9E4E58857B6AC7D5F42D69F6D187763CF1D55034004" + + "87F55BA57E31CC7A7135C886EFB4318AED6A1E012D9E6832" + "A907600A918130C46DC778F971AD0038092999A333CB8B7A" + + "1A1DB93D7140003C2A4ECEA9F98D0ACC0A8291CDCEC97DCF" + "8EC9B55A7F88A46B4DB5A851F44182E1C68A007E5E655F6A" + + "FFFFFFFFFFFFFFFF"; + private static readonly int rfc7919_ffdhe4096_l = System.Math.Max(325, 152 * 2); // MAX(RFC7919,FIPS) + public static readonly DHParameters rfc7919_ffdhe4096 = SafePrimeGen2(rfc7919_ffdhe4096_p, rfc7919_ffdhe4096_l); + + private static readonly string rfc7919_ffdhe6144_p = "FFFFFFFFFFFFFFFFADF85458A2BB4A9AAFDC5620273D3CF1" + + "D8B9C583CE2D3695A9E13641146433FBCC939DCE249B3EF9" + "7D2FE363630C75D8F681B202AEC4617AD3DF1ED5D5FD6561" + + "2433F51F5F066ED0856365553DED1AF3B557135E7F57C935" + "984F0C70E0E68B77E2A689DAF3EFE8721DF158A136ADE735" + + "30ACCA4F483A797ABC0AB182B324FB61D108A94BB2C8E3FB" + "B96ADAB760D7F4681D4F42A3DE394DF4AE56EDE76372BB19" + + "0B07A7C8EE0A6D709E02FCE1CDF7E2ECC03404CD28342F61" + "9172FE9CE98583FF8E4F1232EEF28183C3FE3B1B4C6FAD73" + + "3BB5FCBC2EC22005C58EF1837D1683B2C6F34A26C1B2EFFA" + "886B4238611FCFDCDE355B3B6519035BBC34F4DEF99C0238" + + "61B46FC9D6E6C9077AD91D2691F7F7EE598CB0FAC186D91C" + "AEFE130985139270B4130C93BC437944F4FD4452E2D74DD3" + + "64F2E21E71F54BFF5CAE82AB9C9DF69EE86D2BC522363A0D" + "ABC521979B0DEADA1DBF9A42D5C4484E0ABCD06BFA53DDEF" + + "3C1B20EE3FD59D7C25E41D2B669E1EF16E6F52C3164DF4FB" + "7930E9E4E58857B6AC7D5F42D69F6D187763CF1D55034004" + + "87F55BA57E31CC7A7135C886EFB4318AED6A1E012D9E6832" + "A907600A918130C46DC778F971AD0038092999A333CB8B7A" + + "1A1DB93D7140003C2A4ECEA9F98D0ACC0A8291CDCEC97DCF" + "8EC9B55A7F88A46B4DB5A851F44182E1C68A007E5E0DD902" + + "0BFD64B645036C7A4E677D2C38532A3A23BA4442CAF53EA6" + "3BB454329B7624C8917BDD64B1C0FD4CB38E8C334C701C3A" + + "CDAD0657FCCFEC719B1F5C3E4E46041F388147FB4CFDB477" + "A52471F7A9A96910B855322EDB6340D8A00EF092350511E3" + + "0ABEC1FFF9E3A26E7FB29F8C183023C3587E38DA0077D9B4" + "763E4E4B94B2BBC194C6651E77CAF992EEAAC0232A281BF6" + + "B3A739C1226116820AE8DB5847A67CBEF9C9091B462D538C" + "D72B03746AE77F5E62292C311562A846505DC82DB854338A" + + "E49F5235C95B91178CCF2DD5CACEF403EC9D1810C6272B04" + "5B3B71F9DC6B80D63FDD4A8E9ADB1E6962A69526D43161C1" + + "A41D570D7938DAD4A40E329CD0E40E65FFFFFFFFFFFFFFFF"; + private static readonly int rfc7919_ffdhe6144_l = System.Math.Max(375, 176 * 2); // MAX(RFC7919,FIPS) + public static readonly DHParameters rfc7919_ffdhe6144 = SafePrimeGen2(rfc7919_ffdhe6144_p, rfc7919_ffdhe6144_l); + + private static readonly string rfc7919_ffdhe8192_p = "FFFFFFFFFFFFFFFFADF85458A2BB4A9AAFDC5620273D3CF1" + + "D8B9C583CE2D3695A9E13641146433FBCC939DCE249B3EF9" + "7D2FE363630C75D8F681B202AEC4617AD3DF1ED5D5FD6561" + + "2433F51F5F066ED0856365553DED1AF3B557135E7F57C935" + "984F0C70E0E68B77E2A689DAF3EFE8721DF158A136ADE735" + + "30ACCA4F483A797ABC0AB182B324FB61D108A94BB2C8E3FB" + "B96ADAB760D7F4681D4F42A3DE394DF4AE56EDE76372BB19" + + "0B07A7C8EE0A6D709E02FCE1CDF7E2ECC03404CD28342F61" + "9172FE9CE98583FF8E4F1232EEF28183C3FE3B1B4C6FAD73" + + "3BB5FCBC2EC22005C58EF1837D1683B2C6F34A26C1B2EFFA" + "886B4238611FCFDCDE355B3B6519035BBC34F4DEF99C0238" + + "61B46FC9D6E6C9077AD91D2691F7F7EE598CB0FAC186D91C" + "AEFE130985139270B4130C93BC437944F4FD4452E2D74DD3" + + "64F2E21E71F54BFF5CAE82AB9C9DF69EE86D2BC522363A0D" + "ABC521979B0DEADA1DBF9A42D5C4484E0ABCD06BFA53DDEF" + + "3C1B20EE3FD59D7C25E41D2B669E1EF16E6F52C3164DF4FB" + "7930E9E4E58857B6AC7D5F42D69F6D187763CF1D55034004" + + "87F55BA57E31CC7A7135C886EFB4318AED6A1E012D9E6832" + "A907600A918130C46DC778F971AD0038092999A333CB8B7A" + + "1A1DB93D7140003C2A4ECEA9F98D0ACC0A8291CDCEC97DCF" + "8EC9B55A7F88A46B4DB5A851F44182E1C68A007E5E0DD902" + + "0BFD64B645036C7A4E677D2C38532A3A23BA4442CAF53EA6" + "3BB454329B7624C8917BDD64B1C0FD4CB38E8C334C701C3A" + + "CDAD0657FCCFEC719B1F5C3E4E46041F388147FB4CFDB477" + "A52471F7A9A96910B855322EDB6340D8A00EF092350511E3" + + "0ABEC1FFF9E3A26E7FB29F8C183023C3587E38DA0077D9B4" + "763E4E4B94B2BBC194C6651E77CAF992EEAAC0232A281BF6" + + "B3A739C1226116820AE8DB5847A67CBEF9C9091B462D538C" + "D72B03746AE77F5E62292C311562A846505DC82DB854338A" + + "E49F5235C95B91178CCF2DD5CACEF403EC9D1810C6272B04" + "5B3B71F9DC6B80D63FDD4A8E9ADB1E6962A69526D43161C1" + + "A41D570D7938DAD4A40E329CCFF46AAA36AD004CF600C838" + "1E425A31D951AE64FDB23FCEC9509D43687FEB69EDD1CC5E" + + "0B8CC3BDF64B10EF86B63142A3AB8829555B2F747C932665" + "CB2C0F1CC01BD70229388839D2AF05E454504AC78B758282" + + "2846C0BA35C35F5C59160CC046FD8251541FC68C9C86B022" + "BB7099876A460E7451A8A93109703FEE1C217E6C3826E52C" + + "51AA691E0E423CFC99E9E31650C1217B624816CDAD9A95F9" + "D5B8019488D9C0A0A1FE3075A577E23183F81D4A3F2FA457" + + "1EFC8CE0BA8A4FE8B6855DFE72B0A66EDED2FBABFBE58A30" + "FAFABE1C5D71A87E2F741EF8C1FE86FEA6BBFDE530677F0D" + + "97D11D49F7A8443D0822E506A9F4614E011E2A94838FF88C" + "D68C8BB7C5C6424CFFFFFFFFFFFFFFFF"; + private static readonly int rfc7919_ffdhe8192_l = System.Math.Max(400, 200 * 2); // MAX(RFC7919,FIPS) + public static readonly DHParameters rfc7919_ffdhe8192 = SafePrimeGen2(rfc7919_ffdhe8192_p, rfc7919_ffdhe8192_l); + } +} diff --git a/BouncyCastle/crypto/src/crypto/agreement/ECDHBasicAgreement.cs b/BouncyCastle/crypto/src/crypto/agreement/ECDHBasicAgreement.cs new file mode 100644 index 0000000..1358db0 --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/agreement/ECDHBasicAgreement.cs @@ -0,0 +1,74 @@ +using System; + +using Org.BouncyCastle.Math; +using Org.BouncyCastle.Math.EC; +using Org.BouncyCastle.Crypto; +using Org.BouncyCastle.Crypto.Parameters; + +namespace Org.BouncyCastle.Crypto.Agreement +{ + /** + * P1363 7.2.1 ECSVDP-DH + * + * ECSVDP-DH is Elliptic Curve Secret Value Derivation Primitive, + * Diffie-Hellman version. It is based on the work of [DH76], [Mil86], + * and [Kob87]. This primitive derives a shared secret value from one + * party's private key and another party's public key, where both have + * the same set of EC domain parameters. If two parties correctly + * execute this primitive, they will produce the same output. This + * primitive can be invoked by a scheme to derive a shared secret key; + * specifically, it may be used with the schemes ECKAS-DH1 and + * DL/ECKAS-DH2. It assumes that the input keys are valid (see also + * Section 7.2.2). + */ + public class ECDHBasicAgreement + : IBasicAgreement + { + protected internal ECPrivateKeyParameters privKey; + + public virtual void Init( + ICipherParameters parameters) + { + if (parameters is ParametersWithRandom) + { + parameters = ((ParametersWithRandom)parameters).Parameters; + } + + this.privKey = (ECPrivateKeyParameters)parameters; + } + + public virtual int GetFieldSize() + { + return (privKey.Parameters.Curve.FieldSize + 7) / 8; + } + + public virtual BigInteger CalculateAgreement( + ICipherParameters pubKey) + { + ECPublicKeyParameters pub = (ECPublicKeyParameters)pubKey; + ECDomainParameters dp = privKey.Parameters; + if (!dp.Equals(pub.Parameters)) + throw new InvalidOperationException("ECDH public key has wrong domain parameters"); + + BigInteger d = privKey.D; + + // Always perform calculations on the exact curve specified by our private key's parameters + ECPoint Q = ECAlgorithms.CleanPoint(dp.Curve, pub.Q); + if (Q.IsInfinity) + throw new InvalidOperationException("Infinity is not a valid public key for ECDH"); + + BigInteger h = dp.H; + if (!h.Equals(BigInteger.One)) + { + d = dp.HInv.Multiply(d).Mod(dp.N); + Q = ECAlgorithms.ReferenceMultiply(Q, h); + } + + ECPoint P = Q.Multiply(d).Normalize(); + if (P.IsInfinity) + throw new InvalidOperationException("Infinity is not a valid agreement value for ECDH"); + + return P.AffineXCoord.ToBigInteger(); + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/agreement/ECDHCBasicAgreement.cs b/BouncyCastle/crypto/src/crypto/agreement/ECDHCBasicAgreement.cs new file mode 100644 index 0000000..f0b5d1e --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/agreement/ECDHCBasicAgreement.cs @@ -0,0 +1,72 @@ +using System; +using Org.BouncyCastle.Math; +using Org.BouncyCastle.Math.EC; +using Org.BouncyCastle.Security; +using Org.BouncyCastle.Crypto; +using Org.BouncyCastle.Crypto.Parameters; + +namespace Org.BouncyCastle.Crypto.Agreement +{ + /** + * P1363 7.2.2 ECSVDP-DHC + * + * ECSVDP-DHC is Elliptic Curve Secret Value Derivation Primitive, + * Diffie-Hellman version with cofactor multiplication. It is based on + * the work of [DH76], [Mil86], [Kob87], [LMQ98] and [Kal98a]. This + * primitive derives a shared secret value from one party's private key + * and another party's public key, where both have the same set of EC + * domain parameters. If two parties correctly execute this primitive, + * they will produce the same output. This primitive can be invoked by a + * scheme to derive a shared secret key; specifically, it may be used + * with the schemes ECKAS-DH1 and DL/ECKAS-DH2. It does not assume the + * validity of the input public key (see also Section 7.2.1). + *

+ * Note: As stated P1363 compatibility mode with ECDH can be preset, and + * in this case the implementation doesn't have a ECDH compatibility mode + * (if you want that just use ECDHBasicAgreement and note they both implement + * BasicAgreement!).

+ */ + public class ECDHCBasicAgreement + : IBasicAgreement + { + private ECPrivateKeyParameters privKey; + + public virtual void Init( + ICipherParameters parameters) + { + if (parameters is ParametersWithRandom) + { + parameters = ((ParametersWithRandom) parameters).Parameters; + } + + this.privKey = (ECPrivateKeyParameters)parameters; + } + + public virtual int GetFieldSize() + { + return (privKey.Parameters.Curve.FieldSize + 7) / 8; + } + + public virtual BigInteger CalculateAgreement( + ICipherParameters pubKey) + { + ECPublicKeyParameters pub = (ECPublicKeyParameters)pubKey; + ECDomainParameters dp = privKey.Parameters; + if (!dp.Equals(pub.Parameters)) + throw new InvalidOperationException("ECDHC public key has wrong domain parameters"); + + BigInteger hd = dp.H.Multiply(privKey.D).Mod(dp.N); + + // Always perform calculations on the exact curve specified by our private key's parameters + ECPoint pubPoint = ECAlgorithms.CleanPoint(dp.Curve, pub.Q); + if (pubPoint.IsInfinity) + throw new InvalidOperationException("Infinity is not a valid public key for ECDHC"); + + ECPoint P = pubPoint.Multiply(hd).Normalize(); + if (P.IsInfinity) + throw new InvalidOperationException("Infinity is not a valid agreement value for ECDHC"); + + return P.AffineXCoord.ToBigInteger(); + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/agreement/ECDHWithKdfBasicAgreement.cs b/BouncyCastle/crypto/src/crypto/agreement/ECDHWithKdfBasicAgreement.cs new file mode 100644 index 0000000..1de80d1 --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/agreement/ECDHWithKdfBasicAgreement.cs @@ -0,0 +1,63 @@ +using System; +using System.Collections; + +using Org.BouncyCastle.Asn1; +using Org.BouncyCastle.Asn1.Nist; +using Org.BouncyCastle.Asn1.Pkcs; +using Org.BouncyCastle.Asn1.X9; +using Org.BouncyCastle.Crypto.Agreement.Kdf; +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Math; +using Org.BouncyCastle.Security; + +namespace Org.BouncyCastle.Crypto.Agreement +{ + public class ECDHWithKdfBasicAgreement + : ECDHBasicAgreement + { + private readonly string algorithm; + private readonly IDerivationFunction kdf; + + public ECDHWithKdfBasicAgreement( + string algorithm, + IDerivationFunction kdf) + { + if (algorithm == null) + throw new ArgumentNullException("algorithm"); + if (kdf == null) + throw new ArgumentNullException("kdf"); + + this.algorithm = algorithm; + this.kdf = kdf; + } + + public override BigInteger CalculateAgreement( + ICipherParameters pubKey) + { + // Note that the ec.KeyAgreement class in JCE only uses kdf in one + // of the engineGenerateSecret methods. + + BigInteger result = base.CalculateAgreement(pubKey); + + int keySize = GeneratorUtilities.GetDefaultKeySize(algorithm); + + DHKdfParameters dhKdfParams = new DHKdfParameters( + new DerObjectIdentifier(algorithm), + keySize, + BigIntToBytes(result)); + + kdf.Init(dhKdfParams); + + byte[] keyBytes = new byte[keySize / 8]; + kdf.GenerateBytes(keyBytes, 0, keyBytes.Length); + + return new BigInteger(1, keyBytes); + } + + private byte[] BigIntToBytes(BigInteger r) + { + int byteLength = X9IntegerConverter.GetByteLength(privKey.Parameters.Curve); + return X9IntegerConverter.IntegerToBytes(r, byteLength); + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/agreement/ECMqvBasicAgreement.cs b/BouncyCastle/crypto/src/crypto/agreement/ECMqvBasicAgreement.cs new file mode 100644 index 0000000..b71f5a7 --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/agreement/ECMqvBasicAgreement.cs @@ -0,0 +1,86 @@ +using System; + +using Org.BouncyCastle.Crypto; +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Math; +using Org.BouncyCastle.Math.EC; + +namespace Org.BouncyCastle.Crypto.Agreement +{ + public class ECMqvBasicAgreement + : IBasicAgreement + { + protected internal MqvPrivateParameters privParams; + + public virtual void Init( + ICipherParameters parameters) + { + if (parameters is ParametersWithRandom) + { + parameters = ((ParametersWithRandom)parameters).Parameters; + } + + this.privParams = (MqvPrivateParameters)parameters; + } + + public virtual int GetFieldSize() + { + return (privParams.StaticPrivateKey.Parameters.Curve.FieldSize + 7) / 8; + } + + public virtual BigInteger CalculateAgreement( + ICipherParameters pubKey) + { + MqvPublicParameters pubParams = (MqvPublicParameters)pubKey; + + ECPrivateKeyParameters staticPrivateKey = privParams.StaticPrivateKey; + ECDomainParameters parameters = staticPrivateKey.Parameters; + + if (!parameters.Equals(pubParams.StaticPublicKey.Parameters)) + throw new InvalidOperationException("ECMQV public key components have wrong domain parameters"); + + ECPoint agreement = CalculateMqvAgreement(parameters, staticPrivateKey, + privParams.EphemeralPrivateKey, privParams.EphemeralPublicKey, + pubParams.StaticPublicKey, pubParams.EphemeralPublicKey).Normalize(); + + if (agreement.IsInfinity) + throw new InvalidOperationException("Infinity is not a valid agreement value for MQV"); + + return agreement.AffineXCoord.ToBigInteger(); + } + + // The ECMQV Primitive as described in SEC-1, 3.4 + private static ECPoint CalculateMqvAgreement( + ECDomainParameters parameters, + ECPrivateKeyParameters d1U, + ECPrivateKeyParameters d2U, + ECPublicKeyParameters Q2U, + ECPublicKeyParameters Q1V, + ECPublicKeyParameters Q2V) + { + BigInteger n = parameters.N; + int e = (n.BitLength + 1) / 2; + BigInteger powE = BigInteger.One.ShiftLeft(e); + + ECCurve curve = parameters.Curve; + + ECPoint q2u = ECAlgorithms.CleanPoint(curve, Q2U.Q); + ECPoint q1v = ECAlgorithms.CleanPoint(curve, Q1V.Q); + ECPoint q2v = ECAlgorithms.CleanPoint(curve, Q2V.Q); + + BigInteger x = q2u.AffineXCoord.ToBigInteger(); + BigInteger xBar = x.Mod(powE); + BigInteger Q2UBar = xBar.SetBit(e); + BigInteger s = d1U.D.Multiply(Q2UBar).Add(d2U.D).Mod(n); + + BigInteger xPrime = q2v.AffineXCoord.ToBigInteger(); + BigInteger xPrimeBar = xPrime.Mod(powE); + BigInteger Q2VBar = xPrimeBar.SetBit(e); + + BigInteger hs = parameters.H.Multiply(s).Mod(n); + + return ECAlgorithms.SumOfTwoMultiplies( + q1v, Q2VBar.Multiply(hs).Mod(n), q2v, hs); + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/agreement/ECMqvWithKdfBasicAgreement.cs b/BouncyCastle/crypto/src/crypto/agreement/ECMqvWithKdfBasicAgreement.cs new file mode 100644 index 0000000..7d79fc4 --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/agreement/ECMqvWithKdfBasicAgreement.cs @@ -0,0 +1,63 @@ +using System; +using System.Collections; + +using Org.BouncyCastle.Asn1; +using Org.BouncyCastle.Asn1.Nist; +using Org.BouncyCastle.Asn1.Pkcs; +using Org.BouncyCastle.Asn1.X9; +using Org.BouncyCastle.Crypto.Agreement.Kdf; +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Math; +using Org.BouncyCastle.Security; + +namespace Org.BouncyCastle.Crypto.Agreement +{ + public class ECMqvWithKdfBasicAgreement + : ECMqvBasicAgreement + { + private readonly string algorithm; + private readonly IDerivationFunction kdf; + + public ECMqvWithKdfBasicAgreement( + string algorithm, + IDerivationFunction kdf) + { + if (algorithm == null) + throw new ArgumentNullException("algorithm"); + if (kdf == null) + throw new ArgumentNullException("kdf"); + + this.algorithm = algorithm; + this.kdf = kdf; + } + + public override BigInteger CalculateAgreement( + ICipherParameters pubKey) + { + // Note that the ec.KeyAgreement class in JCE only uses kdf in one + // of the engineGenerateSecret methods. + + BigInteger result = base.CalculateAgreement(pubKey); + + int keySize = GeneratorUtilities.GetDefaultKeySize(algorithm); + + DHKdfParameters dhKdfParams = new DHKdfParameters( + new DerObjectIdentifier(algorithm), + keySize, + BigIntToBytes(result)); + + kdf.Init(dhKdfParams); + + byte[] keyBytes = new byte[keySize / 8]; + kdf.GenerateBytes(keyBytes, 0, keyBytes.Length); + + return new BigInteger(1, keyBytes); + } + + private byte[] BigIntToBytes(BigInteger r) + { + int byteLength = X9IntegerConverter.GetByteLength(privParams.StaticPrivateKey.Parameters.Curve); + return X9IntegerConverter.IntegerToBytes(r, byteLength); + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/agreement/SM2KeyExchange.cs b/BouncyCastle/crypto/src/crypto/agreement/SM2KeyExchange.cs new file mode 100644 index 0000000..986d984 --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/agreement/SM2KeyExchange.cs @@ -0,0 +1,274 @@ +using System; + +using Org.BouncyCastle.Crypto.Digests; +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Crypto.Utilities; +using Org.BouncyCastle.Math; +using Org.BouncyCastle.Math.EC; +using Org.BouncyCastle.Security; +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Crypto.Agreement +{ + /// + /// SM2 Key Exchange protocol - based on https://tools.ietf.org/html/draft-shen-sm2-ecdsa-02 + /// + public class SM2KeyExchange + { + private readonly IDigest mDigest; + + private byte[] mUserID; + private ECPrivateKeyParameters mStaticKey; + private ECPoint mStaticPubPoint; + private ECPoint mEphemeralPubPoint; + private ECDomainParameters mECParams; + private int mW; + private ECPrivateKeyParameters mEphemeralKey; + private bool mInitiator; + + public SM2KeyExchange() + : this(new SM3Digest()) + { + } + + public SM2KeyExchange(IDigest digest) + { + this.mDigest = digest; + } + + public virtual void Init(ICipherParameters privParam) + { + SM2KeyExchangePrivateParameters baseParam; + + if (privParam is ParametersWithID) + { + baseParam = (SM2KeyExchangePrivateParameters)((ParametersWithID)privParam).Parameters; + mUserID = ((ParametersWithID)privParam).GetID(); + } + else + { + baseParam = (SM2KeyExchangePrivateParameters)privParam; + mUserID = new byte[0]; + } + + mInitiator = baseParam.IsInitiator; + mStaticKey = baseParam.StaticPrivateKey; + mEphemeralKey = baseParam.EphemeralPrivateKey; + mECParams = mStaticKey.Parameters; + mStaticPubPoint = baseParam.StaticPublicPoint; + mEphemeralPubPoint = baseParam.EphemeralPublicPoint; + mW = mECParams.Curve.FieldSize / 2 - 1; + } + + public virtual byte[] CalculateKey(int kLen, ICipherParameters pubParam) + { + SM2KeyExchangePublicParameters otherPub; + byte[] otherUserID; + + if (pubParam is ParametersWithID) + { + otherPub = (SM2KeyExchangePublicParameters)((ParametersWithID)pubParam).Parameters; + otherUserID = ((ParametersWithID)pubParam).GetID(); + } + else + { + otherPub = (SM2KeyExchangePublicParameters)pubParam; + otherUserID = new byte[0]; + } + + byte[] za = GetZ(mDigest, mUserID, mStaticPubPoint); + byte[] zb = GetZ(mDigest, otherUserID, otherPub.StaticPublicKey.Q); + + ECPoint U = CalculateU(otherPub); + + byte[] rv; + if (mInitiator) + { + rv = Kdf(U, za, zb, kLen); + } + else + { + rv = Kdf(U, zb, za, kLen); + } + + return rv; + } + + public virtual byte[][] CalculateKeyWithConfirmation(int kLen, byte[] confirmationTag, ICipherParameters pubParam) + { + SM2KeyExchangePublicParameters otherPub; + byte[] otherUserID; + + if (pubParam is ParametersWithID) + { + otherPub = (SM2KeyExchangePublicParameters)((ParametersWithID)pubParam).Parameters; + otherUserID = ((ParametersWithID)pubParam).GetID(); + } + else + { + otherPub = (SM2KeyExchangePublicParameters)pubParam; + otherUserID = new byte[0]; + } + + if (mInitiator && confirmationTag == null) + throw new ArgumentException("if initiating, confirmationTag must be set"); + + byte[] za = GetZ(mDigest, mUserID, mStaticPubPoint); + byte[] zb = GetZ(mDigest, otherUserID, otherPub.StaticPublicKey.Q); + + ECPoint U = CalculateU(otherPub); + + byte[] rv; + if (mInitiator) + { + rv = Kdf(U, za, zb, kLen); + + byte[] inner = CalculateInnerHash(mDigest, U, za, zb, mEphemeralPubPoint, otherPub.EphemeralPublicKey.Q); + + byte[] s1 = S1(mDigest, U, inner); + + if (!Arrays.ConstantTimeAreEqual(s1, confirmationTag)) + throw new InvalidOperationException("confirmation tag mismatch"); + + return new byte[][] { rv, S2(mDigest, U, inner)}; + } + else + { + rv = Kdf(U, zb, za, kLen); + + byte[] inner = CalculateInnerHash(mDigest, U, zb, za, otherPub.EphemeralPublicKey.Q, mEphemeralPubPoint); + + return new byte[][] { rv, S1(mDigest, U, inner), S2(mDigest, U, inner) }; + } + } + + protected virtual ECPoint CalculateU(SM2KeyExchangePublicParameters otherPub) + { + ECDomainParameters dp = mStaticKey.Parameters; + + ECPoint p1 = ECAlgorithms.CleanPoint(dp.Curve, otherPub.StaticPublicKey.Q); + ECPoint p2 = ECAlgorithms.CleanPoint(dp.Curve, otherPub.EphemeralPublicKey.Q); + + BigInteger x1 = Reduce(mEphemeralPubPoint.AffineXCoord.ToBigInteger()); + BigInteger x2 = Reduce(p2.AffineXCoord.ToBigInteger()); + BigInteger tA = mStaticKey.D.Add(x1.Multiply(mEphemeralKey.D)); + BigInteger k1 = mECParams.H.Multiply(tA).Mod(mECParams.N); + BigInteger k2 = k1.Multiply(x2).Mod(mECParams.N); + + return ECAlgorithms.SumOfTwoMultiplies(p1, k1, p2, k2).Normalize(); + } + + protected virtual byte[] Kdf(ECPoint u, byte[] za, byte[] zb, int klen) + { + int digestSize = mDigest.GetDigestSize(); + byte[] buf = new byte[System.Math.Max(4, digestSize)]; + byte[] rv = new byte[(klen + 7) / 8]; + int off = 0; + + IMemoable memo = mDigest as IMemoable; + IMemoable copy = null; + + if (memo != null) + { + AddFieldElement(mDigest, u.AffineXCoord); + AddFieldElement(mDigest, u.AffineYCoord); + mDigest.BlockUpdate(za, 0, za.Length); + mDigest.BlockUpdate(zb, 0, zb.Length); + copy = memo.Copy(); + } + + uint ct = 0; + + while (off < rv.Length) + { + if (memo != null) + { + memo.Reset(copy); + } + else + { + AddFieldElement(mDigest, u.AffineXCoord); + AddFieldElement(mDigest, u.AffineYCoord); + mDigest.BlockUpdate(za, 0, za.Length); + mDigest.BlockUpdate(zb, 0, zb.Length); + } + + Pack.UInt32_To_BE(++ct, buf, 0); + mDigest.BlockUpdate(buf, 0, 4); + mDigest.DoFinal(buf, 0); + + int copyLen = System.Math.Min(digestSize, rv.Length - off); + Array.Copy(buf, 0, rv, off, copyLen); + off += copyLen; + } + + return rv; + } + + //x1~=2^w+(x1 AND (2^w-1)) + private BigInteger Reduce(BigInteger x) + { + return x.And(BigInteger.One.ShiftLeft(mW).Subtract(BigInteger.One)).SetBit(mW); + } + + private byte[] S1(IDigest digest, ECPoint u, byte[] inner) + { + digest.Update((byte)0x02); + AddFieldElement(digest, u.AffineYCoord); + digest.BlockUpdate(inner, 0, inner.Length); + + return DigestUtilities.DoFinal(digest); + } + + private byte[] CalculateInnerHash(IDigest digest, ECPoint u, byte[] za, byte[] zb, ECPoint p1, ECPoint p2) + { + AddFieldElement(digest, u.AffineXCoord); + digest.BlockUpdate(za, 0, za.Length); + digest.BlockUpdate(zb, 0, zb.Length); + AddFieldElement(digest, p1.AffineXCoord); + AddFieldElement(digest, p1.AffineYCoord); + AddFieldElement(digest, p2.AffineXCoord); + AddFieldElement(digest, p2.AffineYCoord); + + return DigestUtilities.DoFinal(digest); + } + + private byte[] S2(IDigest digest, ECPoint u, byte[] inner) + { + digest.Update((byte)0x03); + AddFieldElement(digest, u.AffineYCoord); + digest.BlockUpdate(inner, 0, inner.Length); + + return DigestUtilities.DoFinal(digest); + } + + private byte[] GetZ(IDigest digest, byte[] userID, ECPoint pubPoint) + { + AddUserID(digest, userID); + + AddFieldElement(digest, mECParams.Curve.A); + AddFieldElement(digest, mECParams.Curve.B); + AddFieldElement(digest, mECParams.G.AffineXCoord); + AddFieldElement(digest, mECParams.G.AffineYCoord); + AddFieldElement(digest, pubPoint.AffineXCoord); + AddFieldElement(digest, pubPoint.AffineYCoord); + + return DigestUtilities.DoFinal(digest); + } + + private void AddUserID(IDigest digest, byte[] userID) + { + uint len = (uint)(userID.Length * 8); + + digest.Update((byte)(len >> 8)); + digest.Update((byte)len); + digest.BlockUpdate(userID, 0, userID.Length); + } + + private void AddFieldElement(IDigest digest, ECFieldElement v) + { + byte[] p = v.GetEncoded(); + digest.BlockUpdate(p, 0, p.Length); + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/agreement/X25519Agreement.cs b/BouncyCastle/crypto/src/crypto/agreement/X25519Agreement.cs new file mode 100644 index 0000000..7e5890c --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/agreement/X25519Agreement.cs @@ -0,0 +1,27 @@ +using System; + +using Org.BouncyCastle.Crypto.Parameters; + +namespace Org.BouncyCastle.Crypto.Agreement +{ + public sealed class X25519Agreement + : IRawAgreement + { + private X25519PrivateKeyParameters privateKey; + + public void Init(ICipherParameters parameters) + { + this.privateKey = (X25519PrivateKeyParameters)parameters; + } + + public int AgreementSize + { + get { return X25519PrivateKeyParameters.SecretSize; } + } + + public void CalculateAgreement(ICipherParameters publicKey, byte[] buf, int off) + { + privateKey.GenerateSecret((X25519PublicKeyParameters)publicKey, buf, off); + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/agreement/X448Agreement.cs b/BouncyCastle/crypto/src/crypto/agreement/X448Agreement.cs new file mode 100644 index 0000000..26f608c --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/agreement/X448Agreement.cs @@ -0,0 +1,27 @@ +using System; + +using Org.BouncyCastle.Crypto.Parameters; + +namespace Org.BouncyCastle.Crypto.Agreement +{ + public sealed class X448Agreement + : IRawAgreement + { + private X448PrivateKeyParameters privateKey; + + public void Init(ICipherParameters parameters) + { + this.privateKey = (X448PrivateKeyParameters)parameters; + } + + public int AgreementSize + { + get { return X448PrivateKeyParameters.SecretSize; } + } + + public void CalculateAgreement(ICipherParameters publicKey, byte[] buf, int off) + { + privateKey.GenerateSecret((X448PublicKeyParameters)publicKey, buf, off); + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/agreement/jpake/JPakeParticipant.cs b/BouncyCastle/crypto/src/crypto/agreement/jpake/JPakeParticipant.cs new file mode 100644 index 0000000..7942848 --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/agreement/jpake/JPakeParticipant.cs @@ -0,0 +1,456 @@ +using System; + +using Org.BouncyCastle.Crypto; +using Org.BouncyCastle.Crypto.Digests; +using Org.BouncyCastle.Math; +using Org.BouncyCastle.Security; + +namespace Org.BouncyCastle.Crypto.Agreement.JPake +{ + /// + /// A participant in a Password Authenticated Key Exchange by Juggling (J-PAKE) exchange. + /// + /// The J-PAKE exchange is defined by Feng Hao and Peter Ryan in the paper + /// + /// "Password Authenticated Key Exchange by Juggling, 2008." + /// + /// The J-PAKE protocol is symmetric. + /// There is no notion of a client or server, but rather just two participants. + /// An instance of JPakeParticipant represents one participant, and + /// is the primary interface for executing the exchange. + /// + /// To execute an exchange, construct a JPakeParticipant on each end, + /// and call the following 7 methods + /// (once and only once, in the given order, for each participant, sending messages between them as described): + /// + /// CreateRound1PayloadToSend() - and send the payload to the other participant + /// ValidateRound1PayloadReceived(JPakeRound1Payload) - use the payload received from the other participant + /// CreateRound2PayloadToSend() - and send the payload to the other participant + /// ValidateRound2PayloadReceived(JPakeRound2Payload) - use the payload received from the other participant + /// CalculateKeyingMaterial() + /// CreateRound3PayloadToSend(BigInteger) - and send the payload to the other participant + /// ValidateRound3PayloadReceived(JPakeRound3Payload, BigInteger) - use the payload received from the other participant + /// + /// Each side should derive a session key from the keying material returned by CalculateKeyingMaterial(). + /// The caller is responsible for deriving the session key using a secure key derivation function (KDF). + /// + /// Round 3 is an optional key confirmation process. + /// If you do not execute round 3, then there is no assurance that both participants are using the same key. + /// (i.e. if the participants used different passwords, then their session keys will differ.) + /// + /// If the round 3 validation succeeds, then the keys are guaranteed to be the same on both sides. + /// + /// The symmetric design can easily support the asymmetric cases when one party initiates the communication. + /// e.g. Sometimes the round1 payload and round2 payload may be sent in one pass. + /// Also, in some cases, the key confirmation payload can be sent together with the round2 payload. + /// These are the trivial techniques to optimize the communication. + /// + /// The key confirmation process is implemented as specified in + /// NIST SP 800-56A Revision 1, + /// Section 8.2 Unilateral Key Confirmation for Key Agreement Schemes. + /// + /// This class is stateful and NOT threadsafe. + /// Each instance should only be used for ONE complete J-PAKE exchange + /// (i.e. a new JPakeParticipant should be constructed for each new J-PAKE exchange). + /// + public class JPakeParticipant + { + // Possible internal states. Used for state checking. + public static readonly int STATE_INITIALIZED = 0; + public static readonly int STATE_ROUND_1_CREATED = 10; + public static readonly int STATE_ROUND_1_VALIDATED = 20; + public static readonly int STATE_ROUND_2_CREATED = 30; + public static readonly int STATE_ROUND_2_VALIDATED = 40; + public static readonly int STATE_KEY_CALCULATED = 50; + public static readonly int STATE_ROUND_3_CREATED = 60; + public static readonly int STATE_ROUND_3_VALIDATED = 70; + + // Unique identifier of this participant. + // The two participants in the exchange must NOT share the same id. + private string participantId; + + // Shared secret. This only contains the secret between construction + // and the call to CalculateKeyingMaterial(). + // + // i.e. When CalculateKeyingMaterial() is called, this buffer overwritten with 0's, + // and the field is set to null. + private char[] password; + + // Digest to use during calculations. + private IDigest digest; + + // Source of secure random data. + private readonly SecureRandom random; + + private readonly BigInteger p; + private readonly BigInteger q; + private readonly BigInteger g; + + // The participantId of the other participant in this exchange. + private string partnerParticipantId; + + // Alice's x1 or Bob's x3. + private BigInteger x1; + // Alice's x2 or Bob's x4. + private BigInteger x2; + // Alice's g^x1 or Bob's g^x3. + private BigInteger gx1; + // Alice's g^x2 or Bob's g^x4. + private BigInteger gx2; + // Alice's g^x3 or Bob's g^x1. + private BigInteger gx3; + // Alice's g^x4 or Bob's g^x2. + private BigInteger gx4; + // Alice's B or Bob's A. + private BigInteger b; + + // The current state. + // See the STATE_* constants for possible values. + private int state; + + /// + /// Convenience constructor for a new JPakeParticipant that uses + /// the JPakePrimeOrderGroups#NIST_3072 prime order group, + /// a SHA-256 digest, and a default SecureRandom implementation. + /// + /// After construction, the State state will be STATE_INITIALIZED. + /// + /// Throws NullReferenceException if any argument is null. Throws + /// ArgumentException if password is empty. + /// + /// Unique identifier of this participant. + /// The two participants in the exchange must NOT share the same id. + /// Shared secret. + /// A defensive copy of this array is made (and cleared once CalculateKeyingMaterial() is called). + /// Caller should clear the input password as soon as possible. + public JPakeParticipant(string participantId, char[] password) + : this(participantId, password, JPakePrimeOrderGroups.NIST_3072) { } + + /// + /// Convenience constructor for a new JPakeParticipant that uses + /// a SHA-256 digest, and a default SecureRandom implementation. + /// + /// After construction, the State state will be STATE_INITIALIZED. + /// + /// Throws NullReferenceException if any argument is null. Throws + /// ArgumentException if password is empty. + /// + /// Unique identifier of this participant. + /// The two participants in the exchange must NOT share the same id. + /// Shared secret. + /// A defensive copy of this array is made (and cleared once CalculateKeyingMaterial() is called). + /// Caller should clear the input password as soon as possible. + /// Prime order group. See JPakePrimeOrderGroups for standard groups. + public JPakeParticipant(string participantId, char[] password, JPakePrimeOrderGroup group) + : this(participantId, password, group, new Sha256Digest(), new SecureRandom()) { } + + + /// + /// Constructor for a new JPakeParticipant. + /// + /// After construction, the State state will be STATE_INITIALIZED. + /// + /// Throws NullReferenceException if any argument is null. Throws + /// ArgumentException if password is empty. + /// + /// Unique identifier of this participant. + /// The two participants in the exchange must NOT share the same id. + /// Shared secret. + /// A defensive copy of this array is made (and cleared once CalculateKeyingMaterial() is called). + /// Caller should clear the input password as soon as possible. + /// Prime order group. See JPakePrimeOrderGroups for standard groups. + /// Digest to use during zero knowledge proofs and key confirmation + /// (SHA-256 or stronger preferred). + /// Source of secure random data for x1 and x2, and for the zero knowledge proofs. + public JPakeParticipant(string participantId, char[] password, JPakePrimeOrderGroup group, IDigest digest, SecureRandom random) + { + JPakeUtilities.ValidateNotNull(participantId, "participantId"); + JPakeUtilities.ValidateNotNull(password, "password"); + JPakeUtilities.ValidateNotNull(group, "p"); + JPakeUtilities.ValidateNotNull(digest, "digest"); + JPakeUtilities.ValidateNotNull(random, "random"); + + if (password.Length == 0) + { + throw new ArgumentException("Password must not be empty."); + } + + this.participantId = participantId; + + // Create a defensive copy so as to fully encapsulate the password. + // + // This array will contain the password for the lifetime of this + // participant BEFORE CalculateKeyingMaterial() is called. + // + // i.e. When CalculateKeyingMaterial() is called, the array will be cleared + // in order to remove the password from memory. + // + // The caller is responsible for clearing the original password array + // given as input to this constructor. + this.password = new char[password.Length]; + Array.Copy(password, this.password, password.Length); + + this.p = group.P; + this.q = group.Q; + this.g = group.G; + + this.digest = digest; + this.random = random; + + this.state = STATE_INITIALIZED; + } + + /// + /// Gets the current state of this participant. + /// See the STATE_* constants for possible values. + /// + public virtual int State + { + get { return state; } + } + + + /// + /// Creates and returns the payload to send to the other participant during round 1. + /// + /// After execution, the State state} will be STATE_ROUND_1_CREATED}. + /// + public virtual JPakeRound1Payload CreateRound1PayloadToSend() + { + if (this.state >= STATE_ROUND_1_CREATED) + throw new InvalidOperationException("Round 1 payload already created for " + this.participantId); + + this.x1 = JPakeUtilities.GenerateX1(q, random); + this.x2 = JPakeUtilities.GenerateX2(q, random); + + this.gx1 = JPakeUtilities.CalculateGx(p, g, x1); + this.gx2 = JPakeUtilities.CalculateGx(p, g, x2); + BigInteger[] knowledgeProofForX1 = JPakeUtilities.CalculateZeroKnowledgeProof(p, q, g, gx1, x1, participantId, digest, random); + BigInteger[] knowledgeProofForX2 = JPakeUtilities.CalculateZeroKnowledgeProof(p, q, g, gx2, x2, participantId, digest, random); + + this.state = STATE_ROUND_1_CREATED; + + return new JPakeRound1Payload(participantId, gx1, gx2, knowledgeProofForX1, knowledgeProofForX2); + } + + /// + /// Validates the payload received from the other participant during round 1. + /// + /// Must be called prior to CreateRound2PayloadToSend(). + /// + /// After execution, the State state will be STATE_ROUND_1_VALIDATED. + /// + /// Throws CryptoException if validation fails. Throws InvalidOperationException + /// if called multiple times. + /// + public virtual void ValidateRound1PayloadReceived(JPakeRound1Payload round1PayloadReceived) + { + if (this.state >= STATE_ROUND_1_VALIDATED) + throw new InvalidOperationException("Validation already attempted for round 1 payload for " + this.participantId); + + this.partnerParticipantId = round1PayloadReceived.ParticipantId; + this.gx3 = round1PayloadReceived.Gx1; + this.gx4 = round1PayloadReceived.Gx2; + + BigInteger[] knowledgeProofForX3 = round1PayloadReceived.KnowledgeProofForX1; + BigInteger[] knowledgeProofForX4 = round1PayloadReceived.KnowledgeProofForX2; + + JPakeUtilities.ValidateParticipantIdsDiffer(participantId, round1PayloadReceived.ParticipantId); + JPakeUtilities.ValidateGx4(gx4); + JPakeUtilities.ValidateZeroKnowledgeProof(p, q, g, gx3, knowledgeProofForX3, round1PayloadReceived.ParticipantId, digest); + JPakeUtilities.ValidateZeroKnowledgeProof(p, q, g, gx4, knowledgeProofForX4, round1PayloadReceived.ParticipantId, digest); + this.state = STATE_ROUND_1_VALIDATED; + } + + /// + /// Creates and returns the payload to send to the other participant during round 2. + /// + /// ValidateRound1PayloadReceived(JPakeRound1Payload) must be called prior to this method. + /// + /// After execution, the State state will be STATE_ROUND_2_CREATED. + /// + /// Throws InvalidOperationException if called prior to ValidateRound1PayloadReceived(JPakeRound1Payload), or multiple times + /// + public virtual JPakeRound2Payload CreateRound2PayloadToSend() + { + if (this.state >= STATE_ROUND_2_CREATED) + throw new InvalidOperationException("Round 2 payload already created for " + this.participantId); + if (this.state < STATE_ROUND_1_VALIDATED) + throw new InvalidOperationException("Round 1 payload must be validated prior to creating round 2 payload for " + this.participantId); + + BigInteger gA = JPakeUtilities.CalculateGA(p, gx1, gx3, gx4); + BigInteger s = JPakeUtilities.CalculateS(password); + BigInteger x2s = JPakeUtilities.CalculateX2s(q, x2, s); + BigInteger A = JPakeUtilities.CalculateA(p, q, gA, x2s); + BigInteger[] knowledgeProofForX2s = JPakeUtilities.CalculateZeroKnowledgeProof(p, q, gA, A, x2s, participantId, digest, random); + + this.state = STATE_ROUND_2_CREATED; + + return new JPakeRound2Payload(participantId, A, knowledgeProofForX2s); + } + + /// + /// Validates the payload received from the other participant during round 2. + /// Note that this DOES NOT detect a non-common password. + /// The only indication of a non-common password is through derivation + /// of different keys (which can be detected explicitly by executing round 3 and round 4) + /// + /// Must be called prior to CalculateKeyingMaterial(). + /// + /// After execution, the State state will be STATE_ROUND_2_VALIDATED. + /// + /// Throws CryptoException if validation fails. Throws + /// InvalidOperationException if called prior to ValidateRound1PayloadReceived(JPakeRound1Payload), or multiple times + /// + public virtual void ValidateRound2PayloadReceived(JPakeRound2Payload round2PayloadReceived) + { + if (this.state >= STATE_ROUND_2_VALIDATED) + throw new InvalidOperationException("Validation already attempted for round 2 payload for " + this.participantId); + if (this.state < STATE_ROUND_1_VALIDATED) + throw new InvalidOperationException("Round 1 payload must be validated prior to validation round 2 payload for " + this.participantId); + + BigInteger gB = JPakeUtilities.CalculateGA(p, gx3, gx1, gx2); + this.b = round2PayloadReceived.A; + BigInteger[] knowledgeProofForX4s = round2PayloadReceived.KnowledgeProofForX2s; + + JPakeUtilities.ValidateParticipantIdsDiffer(participantId, round2PayloadReceived.ParticipantId); + JPakeUtilities.ValidateParticipantIdsEqual(this.partnerParticipantId, round2PayloadReceived.ParticipantId); + JPakeUtilities.ValidateGa(gB); + JPakeUtilities.ValidateZeroKnowledgeProof(p, q, gB, b, knowledgeProofForX4s, round2PayloadReceived.ParticipantId, digest); + + this.state = STATE_ROUND_2_VALIDATED; + } + + /// + /// Calculates and returns the key material. + /// A session key must be derived from this key material using a secure key derivation function (KDF). + /// The KDF used to derive the key is handled externally (i.e. not by JPakeParticipant). + /// + /// The keying material will be identical for each participant if and only if + /// each participant's password is the same. i.e. If the participants do not + /// share the same password, then each participant will derive a different key. + /// Therefore, if you immediately start using a key derived from + /// the keying material, then you must handle detection of incorrect keys. + /// If you want to handle this detection explicitly, you can optionally perform + /// rounds 3 and 4. See JPakeParticipant for details on how to execute + /// rounds 3 and 4. + /// + /// The keying material will be in the range [0, p-1]. + /// + /// ValidateRound2PayloadReceived(JPakeRound2Payload) must be called prior to this method. + /// + /// As a side effect, the internal password array is cleared, since it is no longer needed. + /// + /// After execution, the State state will be STATE_KEY_CALCULATED. + /// + /// Throws InvalidOperationException if called prior to ValidateRound2PayloadReceived(JPakeRound2Payload), + /// or if called multiple times. + /// + public virtual BigInteger CalculateKeyingMaterial() + { + if (this.state >= STATE_KEY_CALCULATED) + throw new InvalidOperationException("Key already calculated for " + participantId); + if (this.state < STATE_ROUND_2_VALIDATED) + throw new InvalidOperationException("Round 2 payload must be validated prior to creating key for " + participantId); + + BigInteger s = JPakeUtilities.CalculateS(password); + + // Clear the password array from memory, since we don't need it anymore. + // Also set the field to null as a flag to indicate that the key has already been calculated. + Array.Clear(password, 0, password.Length); + this.password = null; + + BigInteger keyingMaterial = JPakeUtilities.CalculateKeyingMaterial(p, q, gx4, x2, s, b); + + // Clear the ephemeral private key fields as well. + // Note that we're relying on the garbage collector to do its job to clean these up. + // The old objects will hang around in memory until the garbage collector destroys them. + // + // If the ephemeral private keys x1 and x2 are leaked, + // the attacker might be able to brute-force the password. + this.x1 = null; + this.x2 = null; + this.b = null; + + // Do not clear gx* yet, since those are needed by round 3. + + this.state = STATE_KEY_CALCULATED; + + return keyingMaterial; + } + + /// + /// Creates and returns the payload to send to the other participant during round 3. + /// + /// See JPakeParticipant for more details on round 3. + /// + /// After execution, the State state} will be STATE_ROUND_3_CREATED. + /// Throws InvalidOperationException if called prior to CalculateKeyingMaterial, or multiple + /// times. + /// + /// The keying material as returned from CalculateKeyingMaterial(). + public virtual JPakeRound3Payload CreateRound3PayloadToSend(BigInteger keyingMaterial) + { + if (this.state >= STATE_ROUND_3_CREATED) + throw new InvalidOperationException("Round 3 payload already created for " + this.participantId); + if (this.state < STATE_KEY_CALCULATED) + throw new InvalidOperationException("Keying material must be calculated prior to creating round 3 payload for " + this.participantId); + + BigInteger macTag = JPakeUtilities.CalculateMacTag( + this.participantId, + this.partnerParticipantId, + this.gx1, + this.gx2, + this.gx3, + this.gx4, + keyingMaterial, + this.digest); + + this.state = STATE_ROUND_3_CREATED; + + return new JPakeRound3Payload(participantId, macTag); + } + + /// + /// Validates the payload received from the other participant during round 3. + /// + /// See JPakeParticipant for more details on round 3. + /// + /// After execution, the State state will be STATE_ROUND_3_VALIDATED. + /// + /// Throws CryptoException if validation fails. Throws InvalidOperationException if called prior to + /// CalculateKeyingMaterial or multiple times + /// + /// The round 3 payload received from the other participant. + /// The keying material as returned from CalculateKeyingMaterial(). + public virtual void ValidateRound3PayloadReceived(JPakeRound3Payload round3PayloadReceived, BigInteger keyingMaterial) + { + if (this.state >= STATE_ROUND_3_VALIDATED) + throw new InvalidOperationException("Validation already attempted for round 3 payload for " + this.participantId); + if (this.state < STATE_KEY_CALCULATED) + throw new InvalidOperationException("Keying material must be calculated prior to validating round 3 payload for " + this.participantId); + + JPakeUtilities.ValidateParticipantIdsDiffer(participantId, round3PayloadReceived.ParticipantId); + JPakeUtilities.ValidateParticipantIdsEqual(this.partnerParticipantId, round3PayloadReceived.ParticipantId); + + JPakeUtilities.ValidateMacTag( + this.participantId, + this.partnerParticipantId, + this.gx1, + this.gx2, + this.gx3, + this.gx4, + keyingMaterial, + this.digest, + round3PayloadReceived.MacTag); + + // Clear the rest of the fields. + this.gx1 = null; + this.gx2 = null; + this.gx3 = null; + this.gx4 = null; + + this.state = STATE_ROUND_3_VALIDATED; + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/agreement/jpake/JPakePrimeOrderGroup.cs b/BouncyCastle/crypto/src/crypto/agreement/jpake/JPakePrimeOrderGroup.cs new file mode 100644 index 0000000..08ffe1a --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/agreement/jpake/JPakePrimeOrderGroup.cs @@ -0,0 +1,103 @@ +using System; + +using Org.BouncyCastle.Math; + +namespace Org.BouncyCastle.Crypto.Agreement.JPake +{ + /// + /// A pre-computed prime order group for use during a J-PAKE exchange. + /// + /// Typically a Schnorr group is used. In general, J-PAKE can use any prime order group + /// that is suitable for public key cryptography, including elliptic curve cryptography. + /// + /// See JPakePrimeOrderGroups for convenient standard groups. + /// + /// NIST publishes + /// many groups that can be used for the desired level of security. + /// + public class JPakePrimeOrderGroup + { + private readonly BigInteger p; + private readonly BigInteger q; + private readonly BigInteger g; + + /// + /// Constructs a new JPakePrimeOrderGroup. + /// + /// In general, you should use one of the pre-approved groups from + /// JPakePrimeOrderGroups, rather than manually constructing one. + /// + /// The following basic checks are performed: + /// + /// p-1 must be evenly divisible by q + /// g must be in [2, p-1] + /// g^q mod p must equal 1 + /// p must be prime (within reasonably certainty) + /// q must be prime (within reasonably certainty) + /// + /// The prime checks are performed using BigInteger#isProbablePrime(int), + /// and are therefore subject to the same probability guarantees. + /// + /// These checks prevent trivial mistakes. + /// However, due to the small uncertainties if p and q are not prime, + /// advanced attacks are not prevented. + /// Use it at your own risk. + /// + /// Throws NullReferenceException if any argument is null. Throws + /// InvalidOperationException is any of the above validations fail. + /// + public JPakePrimeOrderGroup(BigInteger p, BigInteger q, BigInteger g) + : this(p, q, g, false) + { + // Don't skip the checks on user-specified groups. + } + + /// + /// Constructor used by the pre-approved groups in JPakePrimeOrderGroups. + /// These pre-approved groups can avoid the expensive checks. + /// User-specified groups should not use this constructor. + /// + public JPakePrimeOrderGroup(BigInteger p, BigInteger q, BigInteger g, bool skipChecks) + { + JPakeUtilities.ValidateNotNull(p, "p"); + JPakeUtilities.ValidateNotNull(q, "q"); + JPakeUtilities.ValidateNotNull(g, "g"); + + if (!skipChecks) + { + if (!p.Subtract(JPakeUtilities.One).Mod(q).Equals(JPakeUtilities.Zero)) + throw new ArgumentException("p-1 must be evenly divisible by q"); + if (g.CompareTo(BigInteger.Two) == -1 || g.CompareTo(p.Subtract(JPakeUtilities.One)) == 1) + throw new ArgumentException("g must be in [2, p-1]"); + if (!g.ModPow(q, p).Equals(JPakeUtilities.One)) + throw new ArgumentException("g^q mod p must equal 1"); + + // Note these checks do not guarantee that p and q are prime. + // We just have reasonable certainty that they are prime. + if (!p.IsProbablePrime(20)) + throw new ArgumentException("p must be prime"); + if (!q.IsProbablePrime(20)) + throw new ArgumentException("q must be prime"); + } + + this.p = p; + this.q = q; + this.g = g; + } + + public virtual BigInteger P + { + get { return p; } + } + + public virtual BigInteger Q + { + get { return q; } + } + + public virtual BigInteger G + { + get { return g; } + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/agreement/jpake/JPakePrimeOrderGroups.cs b/BouncyCastle/crypto/src/crypto/agreement/jpake/JPakePrimeOrderGroups.cs new file mode 100644 index 0000000..192cd2b --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/agreement/jpake/JPakePrimeOrderGroups.cs @@ -0,0 +1,108 @@ +using Org.BouncyCastle.Math; + +namespace Org.BouncyCastle.Crypto.Agreement.JPake +{ + /// + /// Standard pre-computed prime order groups for use by J-PAKE. + /// (J-PAKE can use pre-computed prime order groups, same as DSA and Diffie-Hellman.) + ///

+ /// This class contains some convenient constants for use as input for + /// constructing {@link JPAKEParticipant}s. + ///

+ /// The prime order groups below are taken from Sun's JDK JavaDoc (docs/guide/security/CryptoSpec.html#AppB), + /// and from the prime order groups + /// published by NIST. + ///

+ public class JPakePrimeOrderGroups + { + /// + /// From Sun's JDK JavaDoc (docs/guide/security/CryptoSpec.html#AppB) + /// 1024-bit p, 160-bit q and 1024-bit g for 80-bit security. + /// + public static readonly JPakePrimeOrderGroup SUN_JCE_1024 = new JPakePrimeOrderGroup( + // p + new BigInteger( + "fd7f53811d75122952df4a9c2eece4e7f611b7523cef4400c31e3f80b6512669" + + "455d402251fb593d8d58fabfc5f5ba30f6cb9b556cd7813b801d346ff26660b7" + + "6b9950a5a49f9fe8047b1022c24fbba9d7feb7c61bf83b57e7c6a8a6150f04fb" + + "83f6d3c51ec3023554135a169132f675f3ae2b61d72aeff22203199dd14801c7", 16), + // q + new BigInteger("9760508f15230bccb292b982a2eb840bf0581cf5", 16), + // g + new BigInteger( + "f7e1a085d69b3ddecbbcab5c36b857b97994afbbfa3aea82f9574c0b3d078267" + + "5159578ebad4594fe67107108180b449167123e84c281613b7cf09328cc8a6e1" + + "3c167a8b547c8d28e0a3ae1e2bb3a675916ea37f0bfa213562f1fb627a01243b" + + "cca4f1bea8519089a883dfe15ae59f06928b665e807b552564014c3bfecf492a", 16), + true + ); + + /// + /// From NIST. + /// 2048-bit p, 224-bit q and 2048-bit g for 112-bit security. + /// + public static readonly JPakePrimeOrderGroup NIST_2048 = new JPakePrimeOrderGroup( + // p + new BigInteger( + "C196BA05AC29E1F9C3C72D56DFFC6154A033F1477AC88EC37F09BE6C5BB95F51" + + "C296DD20D1A28A067CCC4D4316A4BD1DCA55ED1066D438C35AEBAABF57E7DAE4" + + "28782A95ECA1C143DB701FD48533A3C18F0FE23557EA7AE619ECACC7E0B51652" + + "A8776D02A425567DED36EABD90CA33A1E8D988F0BBB92D02D1D20290113BB562" + + "CE1FC856EEB7CDD92D33EEA6F410859B179E7E789A8F75F645FAE2E136D252BF" + + "FAFF89528945C1ABE705A38DBC2D364AADE99BE0D0AAD82E5320121496DC65B3" + + "930E38047294FF877831A16D5228418DE8AB275D7D75651CEFED65F78AFC3EA7" + + "FE4D79B35F62A0402A1117599ADAC7B269A59F353CF450E6982D3B1702D9CA83", 16), + // q + new BigInteger("90EAF4D1AF0708B1B612FF35E0A2997EB9E9D263C9CE659528945C0D", 16), + // g + new BigInteger( + "A59A749A11242C58C894E9E5A91804E8FA0AC64B56288F8D47D51B1EDC4D6544" + + "4FECA0111D78F35FC9FDD4CB1F1B79A3BA9CBEE83A3F811012503C8117F98E50" + + "48B089E387AF6949BF8784EBD9EF45876F2E6A5A495BE64B6E770409494B7FEE" + + "1DBB1E4B2BC2A53D4F893D418B7159592E4FFFDF6969E91D770DAEBD0B5CB14C" + + "00AD68EC7DC1E5745EA55C706C4A1C5C88964E34D09DEB753AD418C1AD0F4FDF" + + "D049A955E5D78491C0B7A2F1575A008CCD727AB376DB6E695515B05BD412F5B8" + + "C2F4C77EE10DA48ABD53F5DD498927EE7B692BBBCDA2FB23A516C5B4533D7398" + + "0B2A3B60E384ED200AE21B40D273651AD6060C13D97FD69AA13C5611A51B9085", 16), + true + ); + + /// + /// From NIST. + /// 3072-bit p, 256-bit q and 3072-bit g for 128-bit security. + /// + public static readonly JPakePrimeOrderGroup NIST_3072 = new JPakePrimeOrderGroup( + // p + new BigInteger( + "90066455B5CFC38F9CAA4A48B4281F292C260FEEF01FD61037E56258A7795A1C" + + "7AD46076982CE6BB956936C6AB4DCFE05E6784586940CA544B9B2140E1EB523F" + + "009D20A7E7880E4E5BFA690F1B9004A27811CD9904AF70420EEFD6EA11EF7DA1" + + "29F58835FF56B89FAA637BC9AC2EFAAB903402229F491D8D3485261CD068699B" + + "6BA58A1DDBBEF6DB51E8FE34E8A78E542D7BA351C21EA8D8F1D29F5D5D159394" + + "87E27F4416B0CA632C59EFD1B1EB66511A5A0FBF615B766C5862D0BD8A3FE7A0" + + "E0DA0FB2FE1FCB19E8F9996A8EA0FCCDE538175238FC8B0EE6F29AF7F642773E" + + "BE8CD5402415A01451A840476B2FCEB0E388D30D4B376C37FE401C2A2C2F941D" + + "AD179C540C1C8CE030D460C4D983BE9AB0B20F69144C1AE13F9383EA1C08504F" + + "B0BF321503EFE43488310DD8DC77EC5B8349B8BFE97C2C560EA878DE87C11E3D" + + "597F1FEA742D73EEC7F37BE43949EF1A0D15C3F3E3FC0A8335617055AC91328E" + + "C22B50FC15B941D3D1624CD88BC25F3E941FDDC6200689581BFEC416B4B2CB73", 16), + // q + new BigInteger("CFA0478A54717B08CE64805B76E5B14249A77A4838469DF7F7DC987EFCCFB11D", 16), + // g + new BigInteger( + "5E5CBA992E0A680D885EB903AEA78E4A45A469103D448EDE3B7ACCC54D521E37" + + "F84A4BDD5B06B0970CC2D2BBB715F7B82846F9A0C393914C792E6A923E2117AB" + + "805276A975AADB5261D91673EA9AAFFEECBFA6183DFCB5D3B7332AA19275AFA1" + + "F8EC0B60FB6F66CC23AE4870791D5982AAD1AA9485FD8F4A60126FEB2CF05DB8" + + "A7F0F09B3397F3937F2E90B9E5B9C9B6EFEF642BC48351C46FB171B9BFA9EF17" + + "A961CE96C7E7A7CC3D3D03DFAD1078BA21DA425198F07D2481622BCE45969D9C" + + "4D6063D72AB7A0F08B2F49A7CC6AF335E08C4720E31476B67299E231F8BD90B3" + + "9AC3AE3BE0C6B6CACEF8289A2E2873D58E51E029CAFBD55E6841489AB66B5B4B" + + "9BA6E2F784660896AFF387D92844CCB8B69475496DE19DA2E58259B090489AC8" + + "E62363CDF82CFD8EF2A427ABCD65750B506F56DDE3B988567A88126B914D7828" + + "E2B63A6D7ED0747EC59E0E0A23CE7D8A74C1D2C2A7AFB6A29799620F00E11C33" + + "787F7DED3B30E1A22D09F1FBDA1ABBBFBF25CAE05A13F812E34563F99410E73B", 16), + true + ); + } +} diff --git a/BouncyCastle/crypto/src/crypto/agreement/jpake/JPakeRound1Payload.cs b/BouncyCastle/crypto/src/crypto/agreement/jpake/JPakeRound1Payload.cs new file mode 100644 index 0000000..9e4ab7a --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/agreement/jpake/JPakeRound1Payload.cs @@ -0,0 +1,101 @@ +using System; + +using Org.BouncyCastle.Math; + +namespace Org.BouncyCastle.Crypto.Agreement.JPake +{ + /// + /// The payload sent/received during the first round of a J-PAKE exchange. + /// + /// Each JPAKEParticipant creates and sends an instance of this payload to + /// the other. The payload to send should be created via + /// JPAKEParticipant.CreateRound1PayloadToSend(). + /// + /// Each participant must also validate the payload received from the other. + /// The received payload should be validated via + /// JPAKEParticipant.ValidateRound1PayloadReceived(JPakeRound1Payload). + /// + public class JPakeRound1Payload + { + /// + /// The id of the JPAKEParticipant who created/sent this payload. + /// + private readonly string participantId; + + /// + /// The value of g^x1 + /// + private readonly BigInteger gx1; + + /// + /// The value of g^x2 + /// + private readonly BigInteger gx2; + + /// + /// The zero knowledge proof for x1. + /// + /// This is a two element array, containing {g^v, r} for x1. + /// + private readonly BigInteger[] knowledgeProofForX1; + + /// + /// The zero knowledge proof for x2. + /// + /// This is a two element array, containing {g^v, r} for x2. + /// + private readonly BigInteger[] knowledgeProofForX2; + + public JPakeRound1Payload(string participantId, BigInteger gx1, BigInteger gx2, BigInteger[] knowledgeProofForX1, BigInteger[] knowledgeProofForX2) + { + JPakeUtilities.ValidateNotNull(participantId, "participantId"); + JPakeUtilities.ValidateNotNull(gx1, "gx1"); + JPakeUtilities.ValidateNotNull(gx2, "gx2"); + JPakeUtilities.ValidateNotNull(knowledgeProofForX1, "knowledgeProofForX1"); + JPakeUtilities.ValidateNotNull(knowledgeProofForX2, "knowledgeProofForX2"); + + this.participantId = participantId; + this.gx1 = gx1; + this.gx2 = gx2; + this.knowledgeProofForX1 = new BigInteger[knowledgeProofForX1.Length]; + Array.Copy(knowledgeProofForX1, this.knowledgeProofForX1, knowledgeProofForX1.Length); + this.knowledgeProofForX2 = new BigInteger[knowledgeProofForX2.Length]; + Array.Copy(knowledgeProofForX2, this.knowledgeProofForX2, knowledgeProofForX2.Length); + } + + public virtual string ParticipantId + { + get { return participantId; } + } + + public virtual BigInteger Gx1 + { + get { return gx1; } + } + + public virtual BigInteger Gx2 + { + get { return gx2; } + } + + public virtual BigInteger[] KnowledgeProofForX1 + { + get + { + BigInteger[] kp = new BigInteger[knowledgeProofForX1.Length]; + Array.Copy(knowledgeProofForX1, kp, knowledgeProofForX1.Length); + return kp; + } + } + + public virtual BigInteger[] KnowledgeProofForX2 + { + get + { + BigInteger[] kp = new BigInteger[knowledgeProofForX2.Length]; + Array.Copy(knowledgeProofForX2, kp, knowledgeProofForX2.Length); + return kp; + } + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/agreement/jpake/JPakeRound2Payload.cs b/BouncyCastle/crypto/src/crypto/agreement/jpake/JPakeRound2Payload.cs new file mode 100644 index 0000000..47962cb --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/agreement/jpake/JPakeRound2Payload.cs @@ -0,0 +1,72 @@ +using System; + +using Org.BouncyCastle.Math; +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Crypto.Agreement.JPake +{ + /// + /// The payload sent/received during the second round of a J-PAKE exchange. + /// + /// Each JPAKEParticipant creates and sends an instance + /// of this payload to the other JPAKEParticipant. + /// The payload to send should be created via + /// JPAKEParticipant#createRound2PayloadToSend() + /// + /// Each JPAKEParticipant must also validate the payload + /// received from the other JPAKEParticipant. + /// The received payload should be validated via + /// JPAKEParticipant#validateRound2PayloadReceived(JPakeRound2Payload) + /// + public class JPakeRound2Payload + { + /// + /// The id of the JPAKEParticipant who created/sent this payload. + /// + private readonly string participantId; + + /// + /// The value of A, as computed during round 2. + /// + private readonly BigInteger a; + + /// + /// The zero knowledge proof for x2 * s. + /// + /// This is a two element array, containing {g^v, r} for x2 * s. + /// + private readonly BigInteger[] knowledgeProofForX2s; + + public JPakeRound2Payload(string participantId, BigInteger a, BigInteger[] knowledgeProofForX2s) + { + JPakeUtilities.ValidateNotNull(participantId, "participantId"); + JPakeUtilities.ValidateNotNull(a, "a"); + JPakeUtilities.ValidateNotNull(knowledgeProofForX2s, "knowledgeProofForX2s"); + + this.participantId = participantId; + this.a = a; + this.knowledgeProofForX2s = new BigInteger[knowledgeProofForX2s.Length]; + knowledgeProofForX2s.CopyTo(this.knowledgeProofForX2s, 0); + } + + public virtual string ParticipantId + { + get { return participantId; } + } + + public virtual BigInteger A + { + get { return a; } + } + + public virtual BigInteger[] KnowledgeProofForX2s + { + get + { + BigInteger[] kp = new BigInteger[knowledgeProofForX2s.Length]; + Array.Copy(knowledgeProofForX2s, kp, knowledgeProofForX2s.Length); + return kp; + } + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/agreement/jpake/JPakeRound3Payload.cs b/BouncyCastle/crypto/src/crypto/agreement/jpake/JPakeRound3Payload.cs new file mode 100644 index 0000000..767702f --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/agreement/jpake/JPakeRound3Payload.cs @@ -0,0 +1,51 @@ +using System; + +using Org.BouncyCastle.Math; + +namespace Org.BouncyCastle.Crypto.Agreement.JPake +{ + /// + /// The payload sent/received during the optional third round of a J-PAKE exchange, + /// which is for explicit key confirmation. + /// + /// Each JPAKEParticipant creates and sends an instance + /// of this payload to the other JPAKEParticipant. + /// The payload to send should be created via + /// JPAKEParticipant#createRound3PayloadToSend(BigInteger) + /// + /// Eeach JPAKEParticipant must also validate the payload + /// received from the other JPAKEParticipant. + /// The received payload should be validated via + /// JPAKEParticipant#validateRound3PayloadReceived(JPakeRound3Payload, BigInteger) + /// + public class JPakeRound3Payload + { + /// + /// The id of the {@link JPAKEParticipant} who created/sent this payload. + /// + private readonly string participantId; + + /// + /// The value of MacTag, as computed by round 3. + /// + /// See JPAKEUtil#calculateMacTag(string, string, BigInteger, BigInteger, BigInteger, BigInteger, BigInteger, org.bouncycastle.crypto.Digest) + /// + private readonly BigInteger macTag; + + public JPakeRound3Payload(string participantId, BigInteger magTag) + { + this.participantId = participantId; + this.macTag = magTag; + } + + public virtual string ParticipantId + { + get { return participantId; } + } + + public virtual BigInteger MacTag + { + get { return macTag; } + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/agreement/jpake/JPakeUtilities.cs b/BouncyCastle/crypto/src/crypto/agreement/jpake/JPakeUtilities.cs new file mode 100644 index 0000000..b23518a --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/agreement/jpake/JPakeUtilities.cs @@ -0,0 +1,390 @@ +using System; +using System.Text; + +using Org.BouncyCastle.Crypto; +using Org.BouncyCastle.Crypto.Macs; +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Crypto.Utilities; +using Org.BouncyCastle.Math; +using Org.BouncyCastle.Security; +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Crypto.Agreement.JPake +{ + /// + /// Primitives needed for a J-PAKE exchange. + /// + /// The recommended way to perform a J-PAKE exchange is by using + /// two JPAKEParticipants. Internally, those participants + /// call these primitive operations in JPakeUtilities. + /// + /// The primitives, however, can be used without a JPAKEParticipant if needed. + /// + public abstract class JPakeUtilities + { + public static readonly BigInteger Zero = BigInteger.Zero; + public static readonly BigInteger One = BigInteger.One; + + /// + /// Return a value that can be used as x1 or x3 during round 1. + /// The returned value is a random value in the range [0, q-1]. + /// + public static BigInteger GenerateX1(BigInteger q, SecureRandom random) + { + BigInteger min = Zero; + BigInteger max = q.Subtract(One); + return BigIntegers.CreateRandomInRange(min, max, random); + } + + /// + /// Return a value that can be used as x2 or x4 during round 1. + /// The returned value is a random value in the range [1, q-1]. + /// + public static BigInteger GenerateX2(BigInteger q, SecureRandom random) + { + BigInteger min = One; + BigInteger max = q.Subtract(One); + return BigIntegers.CreateRandomInRange(min, max, random); + } + + /// + /// Converts the given password to a BigInteger + /// for use in arithmetic calculations. + /// + public static BigInteger CalculateS(char[] password) + { + return new BigInteger(Encoding.UTF8.GetBytes(password)); + } + + /// + /// Calculate g^x mod p as done in round 1. + /// + public static BigInteger CalculateGx(BigInteger p, BigInteger g, BigInteger x) + { + return g.ModPow(x, p); + } + + /// + /// Calculate ga as done in round 2. + /// + public static BigInteger CalculateGA(BigInteger p, BigInteger gx1, BigInteger gx3, BigInteger gx4) + { + // ga = g^(x1+x3+x4) = g^x1 * g^x3 * g^x4 + return gx1.Multiply(gx3).Multiply(gx4).Mod(p); + } + + /// + /// Calculate x2 * s as done in round 2. + /// + public static BigInteger CalculateX2s(BigInteger q, BigInteger x2, BigInteger s) + { + return x2.Multiply(s).Mod(q); + } + + /// + /// Calculate A as done in round 2. + /// + public static BigInteger CalculateA(BigInteger p, BigInteger q, BigInteger gA, BigInteger x2s) + { + // A = ga^(x*s) + return gA.ModPow(x2s, p); + } + + /// + /// Calculate a zero knowledge proof of x using Schnorr's signature. + /// The returned array has two elements {g^v, r = v-x*h} for x. + /// + public static BigInteger[] CalculateZeroKnowledgeProof(BigInteger p, BigInteger q, BigInteger g, + BigInteger gx, BigInteger x, string participantId, IDigest digest, SecureRandom random) + { + /* Generate a random v, and compute g^v */ + BigInteger vMin = Zero; + BigInteger vMax = q.Subtract(One); + BigInteger v = BigIntegers.CreateRandomInRange(vMin, vMax, random); + + BigInteger gv = g.ModPow(v, p); + BigInteger h = CalculateHashForZeroKnowledgeProof(g, gv, gx, participantId, digest); // h + + return new BigInteger[] + { + gv, + v.Subtract(x.Multiply(h)).Mod(q) // r = v-x*h + }; + } + + private static BigInteger CalculateHashForZeroKnowledgeProof(BigInteger g, BigInteger gr, BigInteger gx, + string participantId, IDigest digest) + { + digest.Reset(); + + UpdateDigestIncludingSize(digest, g); + + UpdateDigestIncludingSize(digest, gr); + + UpdateDigestIncludingSize(digest, gx); + + UpdateDigestIncludingSize(digest, participantId); + + byte[] output = DigestUtilities.DoFinal(digest); + + return new BigInteger(output); + } + + /// + /// Validates that g^x4 is not 1. + /// throws CryptoException if g^x4 is 1 + /// + public static void ValidateGx4(BigInteger gx4) + { + if (gx4.Equals(One)) + throw new CryptoException("g^x validation failed. g^x should not be 1."); + } + + /// + /// Validates that ga is not 1. + /// + /// As described by Feng Hao... + /// Alice could simply check ga != 1 to ensure it is a generator. + /// In fact, as we will explain in Section 3, (x1 + x3 + x4 ) is random over Zq even in the face of active attacks. + /// Hence, the probability for ga = 1 is extremely small - on the order of 2^160 for 160-bit q. + /// + /// throws CryptoException if ga is 1 + /// + public static void ValidateGa(BigInteger ga) + { + if (ga.Equals(One)) + throw new CryptoException("ga is equal to 1. It should not be. The chances of this happening are on the order of 2^160 for a 160-bit q. Try again."); + } + + /// + /// Validates the zero knowledge proof (generated by + /// calculateZeroKnowledgeProof(BigInteger, BigInteger, BigInteger, BigInteger, BigInteger, string, Digest, SecureRandom) + /// is correct. + /// + /// throws CryptoException if the zero knowledge proof is not correct + /// + public static void ValidateZeroKnowledgeProof(BigInteger p, BigInteger q, BigInteger g, + BigInteger gx, BigInteger[] zeroKnowledgeProof, string participantId, IDigest digest) + { + /* sig={g^v,r} */ + BigInteger gv = zeroKnowledgeProof[0]; + BigInteger r = zeroKnowledgeProof[1]; + + BigInteger h = CalculateHashForZeroKnowledgeProof(g, gv, gx, participantId, digest); + if (!(gx.CompareTo(Zero) == 1 && // g^x > 0 + gx.CompareTo(p) == -1 && // g^x < p + gx.ModPow(q, p).CompareTo(One) == 0 && // g^x^q mod q = 1 + /* + * Below, I took a straightforward way to compute g^r * g^x^h, + * which needs 2 exp. Using a simultaneous computation technique + * would only need 1 exp. + */ + g.ModPow(r, p).Multiply(gx.ModPow(h, p)).Mod(p).CompareTo(gv) == 0)) // g^v=g^r * g^x^h + { + throw new CryptoException("Zero-knowledge proof validation failed"); + } + } + + /// + /// Calculates the keying material, which can be done after round 2 has completed. + /// A session key must be derived from this key material using a secure key derivation function (KDF). + /// The KDF used to derive the key is handled externally (i.e. not by JPAKEParticipant). + /// + /// KeyingMaterial = (B/g^{x2*x4*s})^x2 + /// + public static BigInteger CalculateKeyingMaterial(BigInteger p, BigInteger q, + BigInteger gx4, BigInteger x2, BigInteger s, BigInteger B) + { + return gx4.ModPow(x2.Multiply(s).Negate().Mod(q), p).Multiply(B).ModPow(x2, p); + } + + /// + /// Validates that the given participant ids are not equal. + /// (For the J-PAKE exchange, each participant must use a unique id.) + /// + /// Throws CryptoException if the participantId strings are equal. + /// + public static void ValidateParticipantIdsDiffer(string participantId1, string participantId2) + { + if (participantId1.Equals(participantId2)) + { + throw new CryptoException( + "Both participants are using the same participantId (" + + participantId1 + + "). This is not allowed. " + + "Each participant must use a unique participantId."); + } + } + + /// + /// Validates that the given participant ids are equal. + /// This is used to ensure that the payloads received from + /// each round all come from the same participant. + /// + public static void ValidateParticipantIdsEqual(string expectedParticipantId, string actualParticipantId) + { + if (!expectedParticipantId.Equals(actualParticipantId)) + { + throw new CryptoException( + "Received payload from incorrect partner (" + + actualParticipantId + + "). Expected to receive payload from " + + expectedParticipantId + + "."); + } + } + + /// + /// Validates that the given object is not null. + /// throws NullReferenceException if the object is null. + /// + /// object in question + /// name of the object (to be used in exception message) + public static void ValidateNotNull(object obj, string description) + { + if (obj == null) + throw new ArgumentNullException(description); + } + + /// + /// Calculates the MacTag (to be used for key confirmation), as defined by + /// NIST SP 800-56A Revision 1, + /// Section 8.2 Unilateral Key Confirmation for Key Agreement Schemes. + /// + /// MacTag = HMAC(MacKey, MacLen, MacData) + /// MacKey = H(K || "JPAKE_KC") + /// MacData = "KC_1_U" || participantId || partnerParticipantId || gx1 || gx2 || gx3 || gx4 + /// + /// Note that both participants use "KC_1_U" because the sender of the round 3 message + /// is always the initiator for key confirmation. + /// + /// HMAC = {@link HMac} used with the given {@link Digest} + /// H = The given {@link Digest} + /// MacLen = length of MacTag + /// + public static BigInteger CalculateMacTag(string participantId, string partnerParticipantId, + BigInteger gx1, BigInteger gx2, BigInteger gx3, BigInteger gx4, BigInteger keyingMaterial, IDigest digest) + { + byte[] macKey = CalculateMacKey(keyingMaterial, digest); + + HMac mac = new HMac(digest); + mac.Init(new KeyParameter(macKey)); + Arrays.Fill(macKey, (byte)0); + + /* + * MacData = "KC_1_U" || participantId_Alice || participantId_Bob || gx1 || gx2 || gx3 || gx4. + */ + UpdateMac(mac, "KC_1_U"); + UpdateMac(mac, participantId); + UpdateMac(mac, partnerParticipantId); + UpdateMac(mac, gx1); + UpdateMac(mac, gx2); + UpdateMac(mac, gx3); + UpdateMac(mac, gx4); + + byte[] macOutput = MacUtilities.DoFinal(mac); + + return new BigInteger(macOutput); + } + + /// + /// Calculates the MacKey (i.e. the key to use when calculating the MagTag for key confirmation). + /// + /// MacKey = H(K || "JPAKE_KC") + /// + private static byte[] CalculateMacKey(BigInteger keyingMaterial, IDigest digest) + { + digest.Reset(); + + UpdateDigest(digest, keyingMaterial); + /* + * This constant is used to ensure that the macKey is NOT the same as the derived key. + */ + UpdateDigest(digest, "JPAKE_KC"); + + return DigestUtilities.DoFinal(digest); + } + + /// + /// Validates the MacTag received from the partner participant. + /// + /// throws CryptoException if the participantId strings are equal. + /// + public static void ValidateMacTag(string participantId, string partnerParticipantId, + BigInteger gx1, BigInteger gx2, BigInteger gx3, BigInteger gx4, + BigInteger keyingMaterial, IDigest digest, BigInteger partnerMacTag) + { + /* + * Calculate the expected MacTag using the parameters as the partner + * would have used when the partner called calculateMacTag. + * + * i.e. basically all the parameters are reversed. + * participantId <-> partnerParticipantId + * x1 <-> x3 + * x2 <-> x4 + */ + BigInteger expectedMacTag = CalculateMacTag(partnerParticipantId, participantId, gx3, gx4, gx1, gx2, keyingMaterial, digest); + + if (!expectedMacTag.Equals(partnerMacTag)) + { + throw new CryptoException( + "Partner MacTag validation failed. " + + "Therefore, the password, MAC, or digest algorithm of each participant does not match."); + } + } + + private static void UpdateDigest(IDigest digest, BigInteger bigInteger) + { + UpdateDigest(digest, BigIntegers.AsUnsignedByteArray(bigInteger)); + } + + private static void UpdateDigest(IDigest digest, string str) + { + UpdateDigest(digest, Encoding.UTF8.GetBytes(str)); + } + + private static void UpdateDigest(IDigest digest, byte[] bytes) + { + digest.BlockUpdate(bytes, 0, bytes.Length); + Arrays.Fill(bytes, (byte)0); + } + + private static void UpdateDigestIncludingSize(IDigest digest, BigInteger bigInteger) + { + UpdateDigestIncludingSize(digest, BigIntegers.AsUnsignedByteArray(bigInteger)); + } + + private static void UpdateDigestIncludingSize(IDigest digest, string str) + { + UpdateDigestIncludingSize(digest, Encoding.UTF8.GetBytes(str)); + } + + private static void UpdateDigestIncludingSize(IDigest digest, byte[] bytes) + { + digest.BlockUpdate(IntToByteArray(bytes.Length), 0, 4); + digest.BlockUpdate(bytes, 0, bytes.Length); + Arrays.Fill(bytes, (byte)0); + } + + private static void UpdateMac(IMac mac, BigInteger bigInteger) + { + UpdateMac(mac, BigIntegers.AsUnsignedByteArray(bigInteger)); + } + + private static void UpdateMac(IMac mac, string str) + { + UpdateMac(mac, Encoding.UTF8.GetBytes(str)); + } + + private static void UpdateMac(IMac mac, byte[] bytes) + { + mac.BlockUpdate(bytes, 0, bytes.Length); + Arrays.Fill(bytes, (byte)0); + } + + private static byte[] IntToByteArray(int value) + { + return Pack.UInt32_To_BE((uint)value); + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/agreement/kdf/ConcatenationKdfGenerator.cs b/BouncyCastle/crypto/src/crypto/agreement/kdf/ConcatenationKdfGenerator.cs new file mode 100644 index 0000000..d88f4df --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/agreement/kdf/ConcatenationKdfGenerator.cs @@ -0,0 +1,100 @@ +using System; + +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Crypto.Utilities; + +namespace Org.BouncyCastle.Crypto.Agreement.Kdf +{ + /** + * Generator for Concatenation Key Derivation Function defined in NIST SP 800-56A, Sect 5.8.1 + */ + public class ConcatenationKdfGenerator + : IDerivationFunction + { + private readonly IDigest mDigest; + + private byte[] mShared; + private byte[] mOtherInfo; + private int mHLen; + + /** + * @param digest the digest to be used as the source of generated bytes + */ + public ConcatenationKdfGenerator(IDigest digest) + { + this.mDigest = digest; + this.mHLen = digest.GetDigestSize(); + } + + public virtual void Init(IDerivationParameters param) + { + if (!(param is KdfParameters)) + throw new ArgumentException("KDF parameters required for ConcatenationKdfGenerator"); + + KdfParameters p = (KdfParameters)param; + + mShared = p.GetSharedSecret(); + mOtherInfo = p.GetIV(); + } + + /** + * return the underlying digest. + */ + public virtual IDigest Digest + { + get { return mDigest; } + } + + /** + * fill len bytes of the output buffer with bytes generated from + * the derivation function. + * + * @throws DataLengthException if the out buffer is too small. + */ + public virtual int GenerateBytes(byte[] outBytes, int outOff, int len) + { + if ((outBytes.Length - len) < outOff) + throw new DataLengthException("output buffer too small"); + + byte[] hashBuf = new byte[mHLen]; + byte[] C = new byte[4]; + uint counter = 1; + int outputLen = 0; + + mDigest.Reset(); + + if (len > mHLen) + { + do + { + Pack.UInt32_To_BE(counter, C); + + mDigest.BlockUpdate(C, 0, C.Length); + mDigest.BlockUpdate(mShared, 0, mShared.Length); + mDigest.BlockUpdate(mOtherInfo, 0, mOtherInfo.Length); + + mDigest.DoFinal(hashBuf, 0); + + Array.Copy(hashBuf, 0, outBytes, outOff + outputLen, mHLen); + outputLen += mHLen; + } + while ((counter++) < (len / mHLen)); + } + + if (outputLen < len) + { + Pack.UInt32_To_BE(counter, C); + + mDigest.BlockUpdate(C, 0, C.Length); + mDigest.BlockUpdate(mShared, 0, mShared.Length); + mDigest.BlockUpdate(mOtherInfo, 0, mOtherInfo.Length); + + mDigest.DoFinal(hashBuf, 0); + + Array.Copy(hashBuf, 0, outBytes, outOff + outputLen, len - outputLen); + } + + return len; + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/agreement/kdf/DHKdfParameters.cs b/BouncyCastle/crypto/src/crypto/agreement/kdf/DHKdfParameters.cs new file mode 100644 index 0000000..f6c9e60 --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/agreement/kdf/DHKdfParameters.cs @@ -0,0 +1,57 @@ +using System; + +using Org.BouncyCastle.Asn1; + +namespace Org.BouncyCastle.Crypto.Agreement.Kdf +{ + public class DHKdfParameters + : IDerivationParameters + { + private readonly DerObjectIdentifier algorithm; + private readonly int keySize; + private readonly byte[] z; + private readonly byte[] extraInfo; + + public DHKdfParameters( + DerObjectIdentifier algorithm, + int keySize, + byte[] z) + : this(algorithm, keySize, z, null) + { + } + + public DHKdfParameters( + DerObjectIdentifier algorithm, + int keySize, + byte[] z, + byte[] extraInfo) + { + this.algorithm = algorithm; + this.keySize = keySize; + this.z = z; // TODO Clone? + this.extraInfo = extraInfo; + } + + public DerObjectIdentifier Algorithm + { + get { return algorithm; } + } + + public int KeySize + { + get { return keySize; } + } + + public byte[] GetZ() + { + // TODO Clone? + return z; + } + + public byte[] GetExtraInfo() + { + // TODO Clone? + return extraInfo; + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/agreement/kdf/DHKekGenerator.cs b/BouncyCastle/crypto/src/crypto/agreement/kdf/DHKekGenerator.cs new file mode 100644 index 0000000..259e21e --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/agreement/kdf/DHKekGenerator.cs @@ -0,0 +1,112 @@ +using System; + +using Org.BouncyCastle.Asn1; +using Org.BouncyCastle.Crypto.Utilities; + +namespace Org.BouncyCastle.Crypto.Agreement.Kdf +{ + /** + * RFC 2631 Diffie-hellman KEK derivation function. + */ + public class DHKekGenerator + : IDerivationFunction + { + private readonly IDigest digest; + + private DerObjectIdentifier algorithm; + private int keySize; + private byte[] z; + private byte[] partyAInfo; + + public DHKekGenerator(IDigest digest) + { + this.digest = digest; + } + + public virtual void Init(IDerivationParameters param) + { + DHKdfParameters parameters = (DHKdfParameters)param; + + this.algorithm = parameters.Algorithm; + this.keySize = parameters.KeySize; + this.z = parameters.GetZ(); // TODO Clone? + this.partyAInfo = parameters.GetExtraInfo(); // TODO Clone? + } + + public virtual IDigest Digest + { + get { return digest; } + } + + public virtual int GenerateBytes(byte[] outBytes, int outOff, int len) + { + if ((outBytes.Length - len) < outOff) + { + throw new DataLengthException("output buffer too small"); + } + + long oBytes = len; + int outLen = digest.GetDigestSize(); + + // + // this is at odds with the standard implementation, the + // maximum value should be hBits * (2^32 - 1) where hBits + // is the digest output size in bits. We can't have an + // array with a long index at the moment... + // + if (oBytes > ((2L << 32) - 1)) + { + throw new ArgumentException("Output length too large"); + } + + int cThreshold = (int)((oBytes + outLen - 1) / outLen); + + byte[] dig = new byte[digest.GetDigestSize()]; + + uint counter = 1; + + for (int i = 0; i < cThreshold; i++) + { + digest.BlockUpdate(z, 0, z.Length); + + // KeySpecificInfo + DerSequence keyInfo = new DerSequence( + algorithm, + new DerOctetString(Pack.UInt32_To_BE(counter))); + + // OtherInfo + Asn1EncodableVector v1 = new Asn1EncodableVector(keyInfo); + + if (partyAInfo != null) + { + v1.Add(new DerTaggedObject(true, 0, new DerOctetString(partyAInfo))); + } + + v1.Add(new DerTaggedObject(true, 2, new DerOctetString(Pack.UInt32_To_BE((uint)keySize)))); + + byte[] other = new DerSequence(v1).GetDerEncoded(); + + digest.BlockUpdate(other, 0, other.Length); + + digest.DoFinal(dig, 0); + + if (len > outLen) + { + Array.Copy(dig, 0, outBytes, outOff, outLen); + outOff += outLen; + len -= outLen; + } + else + { + Array.Copy(dig, 0, outBytes, outOff, len); + } + + counter++; + } + + digest.Reset(); + + return (int)oBytes; + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/agreement/kdf/ECDHKekGenerator.cs b/BouncyCastle/crypto/src/crypto/agreement/kdf/ECDHKekGenerator.cs new file mode 100644 index 0000000..7446457 --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/agreement/kdf/ECDHKekGenerator.cs @@ -0,0 +1,55 @@ +using System; + +using Org.BouncyCastle.Asn1; +using Org.BouncyCastle.Asn1.X509; +using Org.BouncyCastle.Crypto.Generators; +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Crypto.Utilities; + +namespace Org.BouncyCastle.Crypto.Agreement.Kdf +{ + /** + * X9.63 based key derivation function for ECDH CMS. + */ + public class ECDHKekGenerator + : IDerivationFunction + { + private readonly IDerivationFunction kdf; + + private DerObjectIdentifier algorithm; + private int keySize; + private byte[] z; + + public ECDHKekGenerator(IDigest digest) + { + this.kdf = new Kdf2BytesGenerator(digest); + } + + public virtual void Init(IDerivationParameters param) + { + DHKdfParameters parameters = (DHKdfParameters)param; + + this.algorithm = parameters.Algorithm; + this.keySize = parameters.KeySize; + this.z = parameters.GetZ(); // TODO Clone? + } + + public virtual IDigest Digest + { + get { return kdf.Digest; } + } + + public virtual int GenerateBytes(byte[] outBytes, int outOff, int len) + { + // TODO Create an ASN.1 class for this (RFC3278) + // ECC-CMS-SharedInfo + DerSequence s = new DerSequence( + new AlgorithmIdentifier(algorithm, DerNull.Instance), + new DerTaggedObject(true, 2, new DerOctetString(Pack.UInt32_To_BE((uint)keySize)))); + + kdf.Init(new KdfParameters(z, s.GetDerEncoded())); + + return kdf.GenerateBytes(outBytes, outOff, len); + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/agreement/srp/SRP6Client.cs b/BouncyCastle/crypto/src/crypto/agreement/srp/SRP6Client.cs new file mode 100644 index 0000000..f075d7a --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/agreement/srp/SRP6Client.cs @@ -0,0 +1,164 @@ +using System; + +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Math; +using Org.BouncyCastle.Security; + +namespace Org.BouncyCastle.Crypto.Agreement.Srp +{ + /** + * Implements the client side SRP-6a protocol. Note that this class is stateful, and therefore NOT threadsafe. + * This implementation of SRP is based on the optimized message sequence put forth by Thomas Wu in the paper + * "SRP-6: Improvements and Refinements to the Secure Remote Password Protocol, 2002" + */ + public class Srp6Client + { + protected BigInteger N; + protected BigInteger g; + + protected BigInteger privA; + protected BigInteger pubA; + + protected BigInteger B; + + protected BigInteger x; + protected BigInteger u; + protected BigInteger S; + + protected BigInteger M1; + protected BigInteger M2; + protected BigInteger Key; + + protected IDigest digest; + protected SecureRandom random; + + public Srp6Client() + { + } + + /** + * Initialises the client to begin new authentication attempt + * @param N The safe prime associated with the client's verifier + * @param g The group parameter associated with the client's verifier + * @param digest The digest algorithm associated with the client's verifier + * @param random For key generation + */ + public virtual void Init(BigInteger N, BigInteger g, IDigest digest, SecureRandom random) + { + this.N = N; + this.g = g; + this.digest = digest; + this.random = random; + } + + public virtual void Init(Srp6GroupParameters group, IDigest digest, SecureRandom random) + { + Init(group.N, group.G, digest, random); + } + + /** + * Generates client's credentials given the client's salt, identity and password + * @param salt The salt used in the client's verifier. + * @param identity The user's identity (eg. username) + * @param password The user's password + * @return Client's public value to send to server + */ + public virtual BigInteger GenerateClientCredentials(byte[] salt, byte[] identity, byte[] password) + { + this.x = Srp6Utilities.CalculateX(digest, N, salt, identity, password); + this.privA = SelectPrivateValue(); + this.pubA = g.ModPow(privA, N); + + return pubA; + } + + /** + * Generates client's verification message given the server's credentials + * @param serverB The server's credentials + * @return Client's verification message for the server + * @throws CryptoException If server's credentials are invalid + */ + public virtual BigInteger CalculateSecret(BigInteger serverB) + { + this.B = Srp6Utilities.ValidatePublicValue(N, serverB); + this.u = Srp6Utilities.CalculateU(digest, N, pubA, B); + this.S = CalculateS(); + + return S; + } + + protected virtual BigInteger SelectPrivateValue() + { + return Srp6Utilities.GeneratePrivateValue(digest, N, g, random); + } + + private BigInteger CalculateS() + { + BigInteger k = Srp6Utilities.CalculateK(digest, N, g); + BigInteger exp = u.Multiply(x).Add(privA); + BigInteger tmp = g.ModPow(x, N).Multiply(k).Mod(N); + return B.Subtract(tmp).Mod(N).ModPow(exp, N); + } + + /** + * Computes the client evidence message M1 using the previously received values. + * To be called after calculating the secret S. + * @return M1: the client side generated evidence message + * @throws CryptoException + */ + public virtual BigInteger CalculateClientEvidenceMessage() + { + // Verify pre-requirements + if (this.pubA == null || this.B == null || this.S == null) + { + throw new CryptoException("Impossible to compute M1: " + + "some data are missing from the previous operations (A,B,S)"); + } + // compute the client evidence message 'M1' + this.M1 = Srp6Utilities.CalculateM1(digest, N, pubA, B, S); + return M1; + } + + /** Authenticates the server evidence message M2 received and saves it only if correct. + * @param M2: the server side generated evidence message + * @return A boolean indicating if the server message M2 was the expected one. + * @throws CryptoException + */ + public virtual bool VerifyServerEvidenceMessage(BigInteger serverM2) + { + // Verify pre-requirements + if (this.pubA == null || this.M1 == null || this.S == null) + { + throw new CryptoException("Impossible to compute and verify M2: " + + "some data are missing from the previous operations (A,M1,S)"); + } + + // Compute the own server evidence message 'M2' + BigInteger computedM2 = Srp6Utilities.CalculateM2(digest, N, pubA, M1, S); + if (computedM2.Equals(serverM2)) + { + this.M2 = serverM2; + return true; + } + return false; + } + + /** + * Computes the final session key as a result of the SRP successful mutual authentication + * To be called after verifying the server evidence message M2. + * @return Key: the mutually authenticated symmetric session key + * @throws CryptoException + */ + public virtual BigInteger CalculateSessionKey() + { + // Verify pre-requirements (here we enforce a previous calculation of M1 and M2) + if (this.S == null || this.M1 == null || this.M2 == null) + { + throw new CryptoException("Impossible to compute Key: " + + "some data are missing from the previous operations (S,M1,M2)"); + } + this.Key = Srp6Utilities.CalculateKey(digest, N, S); + return Key; + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/agreement/srp/SRP6Server.cs b/BouncyCastle/crypto/src/crypto/agreement/srp/SRP6Server.cs new file mode 100644 index 0000000..fd0c9f1 --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/agreement/srp/SRP6Server.cs @@ -0,0 +1,163 @@ +using System; + +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Math; +using Org.BouncyCastle.Security; + +namespace Org.BouncyCastle.Crypto.Agreement.Srp +{ + /** + * Implements the server side SRP-6a protocol. Note that this class is stateful, and therefore NOT threadsafe. + * This implementation of SRP is based on the optimized message sequence put forth by Thomas Wu in the paper + * "SRP-6: Improvements and Refinements to the Secure Remote Password Protocol, 2002" + */ + public class Srp6Server + { + protected BigInteger N; + protected BigInteger g; + protected BigInteger v; + + protected SecureRandom random; + protected IDigest digest; + + protected BigInteger A; + + protected BigInteger privB; + protected BigInteger pubB; + + protected BigInteger u; + protected BigInteger S; + protected BigInteger M1; + protected BigInteger M2; + protected BigInteger Key; + + public Srp6Server() + { + } + + /** + * Initialises the server to accept a new client authentication attempt + * @param N The safe prime associated with the client's verifier + * @param g The group parameter associated with the client's verifier + * @param v The client's verifier + * @param digest The digest algorithm associated with the client's verifier + * @param random For key generation + */ + public virtual void Init(BigInteger N, BigInteger g, BigInteger v, IDigest digest, SecureRandom random) + { + this.N = N; + this.g = g; + this.v = v; + + this.random = random; + this.digest = digest; + } + + public virtual void Init(Srp6GroupParameters group, BigInteger v, IDigest digest, SecureRandom random) + { + Init(group.N, group.G, v, digest, random); + } + + /** + * Generates the server's credentials that are to be sent to the client. + * @return The server's public value to the client + */ + public virtual BigInteger GenerateServerCredentials() + { + BigInteger k = Srp6Utilities.CalculateK(digest, N, g); + this.privB = SelectPrivateValue(); + this.pubB = k.Multiply(v).Mod(N).Add(g.ModPow(privB, N)).Mod(N); + + return pubB; + } + + /** + * Processes the client's credentials. If valid the shared secret is generated and returned. + * @param clientA The client's credentials + * @return A shared secret BigInteger + * @throws CryptoException If client's credentials are invalid + */ + public virtual BigInteger CalculateSecret(BigInteger clientA) + { + this.A = Srp6Utilities.ValidatePublicValue(N, clientA); + this.u = Srp6Utilities.CalculateU(digest, N, A, pubB); + this.S = CalculateS(); + + return S; + } + + protected virtual BigInteger SelectPrivateValue() + { + return Srp6Utilities.GeneratePrivateValue(digest, N, g, random); + } + + private BigInteger CalculateS() + { + return v.ModPow(u, N).Multiply(A).Mod(N).ModPow(privB, N); + } + + /** + * Authenticates the received client evidence message M1 and saves it only if correct. + * To be called after calculating the secret S. + * @param M1: the client side generated evidence message + * @return A boolean indicating if the client message M1 was the expected one. + * @throws CryptoException + */ + public virtual bool VerifyClientEvidenceMessage(BigInteger clientM1) + { + // Verify pre-requirements + if (this.A == null || this.pubB == null || this.S == null) + { + throw new CryptoException("Impossible to compute and verify M1: " + + "some data are missing from the previous operations (A,B,S)"); + } + + // Compute the own client evidence message 'M1' + BigInteger computedM1 = Srp6Utilities.CalculateM1(digest, N, A, pubB, S); + if (computedM1.Equals(clientM1)) + { + this.M1 = clientM1; + return true; + } + return false; + } + + /** + * Computes the server evidence message M2 using the previously verified values. + * To be called after successfully verifying the client evidence message M1. + * @return M2: the server side generated evidence message + * @throws CryptoException + */ + public virtual BigInteger CalculateServerEvidenceMessage() + { + // Verify pre-requirements + if (this.A == null || this.M1 == null || this.S == null) + { + throw new CryptoException("Impossible to compute M2: " + + "some data are missing from the previous operations (A,M1,S)"); + } + + // Compute the server evidence message 'M2' + this.M2 = Srp6Utilities.CalculateM2(digest, N, A, M1, S); + return M2; + } + + /** + * Computes the final session key as a result of the SRP successful mutual authentication + * To be called after calculating the server evidence message M2. + * @return Key: the mutual authenticated symmetric session key + * @throws CryptoException + */ + public virtual BigInteger CalculateSessionKey() + { + // Verify pre-requirements + if (this.S == null || this.M1 == null || this.M2 == null) + { + throw new CryptoException("Impossible to compute Key: " + + "some data are missing from the previous operations (S,M1,M2)"); + } + this.Key = Srp6Utilities.CalculateKey(digest, N, S); + return Key; + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/agreement/srp/SRP6StandardGroups.cs b/BouncyCastle/crypto/src/crypto/agreement/srp/SRP6StandardGroups.cs new file mode 100644 index 0000000..464777d --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/agreement/srp/SRP6StandardGroups.cs @@ -0,0 +1,159 @@ +using System; + +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Math; +using Org.BouncyCastle.Utilities.Encoders; + +namespace Org.BouncyCastle.Crypto.Agreement.Srp +{ + public class Srp6StandardGroups + { + private static BigInteger FromHex(string hex) + { + return new BigInteger(1, Hex.DecodeStrict(hex)); + } + + private static Srp6GroupParameters FromNG(string hexN, string hexG) + { + return new Srp6GroupParameters(FromHex(hexN), FromHex(hexG)); + } + + /* + * RFC 5054 + */ + private const string rfc5054_1024_N = "EEAF0AB9ADB38DD69C33F80AFA8FC5E86072618775FF3C0B9EA2314C" + + "9C256576D674DF7496EA81D3383B4813D692C6E0E0D5D8E250B98BE4" + + "8E495C1D6089DAD15DC7D7B46154D6B6CE8EF4AD69B15D4982559B29" + + "7BCF1885C529F566660E57EC68EDBC3C05726CC02FD4CBF4976EAA9A" + "FD5138FE8376435B9FC61D2FC0EB06E3"; + private const string rfc5054_1024_g = "02"; + public static readonly Srp6GroupParameters rfc5054_1024 = FromNG(rfc5054_1024_N, rfc5054_1024_g); + + private const string rfc5054_1536_N = "9DEF3CAFB939277AB1F12A8617A47BBBDBA51DF499AC4C80BEEEA961" + + "4B19CC4D5F4F5F556E27CBDE51C6A94BE4607A291558903BA0D0F843" + + "80B655BB9A22E8DCDF028A7CEC67F0D08134B1C8B97989149B609E0B" + + "E3BAB63D47548381DBC5B1FC764E3F4B53DD9DA1158BFD3E2B9C8CF5" + + "6EDF019539349627DB2FD53D24B7C48665772E437D6C7F8CE442734A" + + "F7CCB7AE837C264AE3A9BEB87F8A2FE9B8B5292E5A021FFF5E91479E" + + "8CE7A28C2442C6F315180F93499A234DCF76E3FED135F9BB"; + private const string rfc5054_1536_g = "02"; + public static readonly Srp6GroupParameters rfc5054_1536 = FromNG(rfc5054_1536_N, rfc5054_1536_g); + + private const string rfc5054_2048_N = "AC6BDB41324A9A9BF166DE5E1389582FAF72B6651987EE07FC319294" + + "3DB56050A37329CBB4A099ED8193E0757767A13DD52312AB4B03310D" + + "CD7F48A9DA04FD50E8083969EDB767B0CF6095179A163AB3661A05FB" + + "D5FAAAE82918A9962F0B93B855F97993EC975EEAA80D740ADBF4FF74" + + "7359D041D5C33EA71D281E446B14773BCA97B43A23FB801676BD207A" + + "436C6481F1D2B9078717461A5B9D32E688F87748544523B524B0D57D" + + "5EA77A2775D2ECFA032CFBDBF52FB3786160279004E57AE6AF874E73" + + "03CE53299CCC041C7BC308D82A5698F3A8D0C38271AE35F8E9DBFBB6" + + "94B5C803D89F7AE435DE236D525F54759B65E372FCD68EF20FA7111F" + "9E4AFF73"; + private const string rfc5054_2048_g = "02"; + public static readonly Srp6GroupParameters rfc5054_2048 = FromNG(rfc5054_2048_N, rfc5054_2048_g); + + private const string rfc5054_3072_N = "FFFFFFFFFFFFFFFFC90FDAA22168C234C4C6628B80DC1CD129024E08" + + "8A67CC74020BBEA63B139B22514A08798E3404DDEF9519B3CD3A431B" + + "302B0A6DF25F14374FE1356D6D51C245E485B576625E7EC6F44C42E9" + + "A637ED6B0BFF5CB6F406B7EDEE386BFB5A899FA5AE9F24117C4B1FE6" + + "49286651ECE45B3DC2007CB8A163BF0598DA48361C55D39A69163FA8" + + "FD24CF5F83655D23DCA3AD961C62F356208552BB9ED529077096966D" + + "670C354E4ABC9804F1746C08CA18217C32905E462E36CE3BE39E772C" + + "180E86039B2783A2EC07A28FB5C55DF06F4C52C9DE2BCBF695581718" + + "3995497CEA956AE515D2261898FA051015728E5A8AAAC42DAD33170D" + + "04507A33A85521ABDF1CBA64ECFB850458DBEF0A8AEA71575D060C7D" + + "B3970F85A6E1E4C7ABF5AE8CDB0933D71E8C94E04A25619DCEE3D226" + + "1AD2EE6BF12FFA06D98A0864D87602733EC86A64521F2B18177B200C" + + "BBE117577A615D6C770988C0BAD946E208E24FA074E5AB3143DB5BFC" + "E0FD108E4B82D120A93AD2CAFFFFFFFFFFFFFFFF"; + private const string rfc5054_3072_g = "05"; + public static readonly Srp6GroupParameters rfc5054_3072 = FromNG(rfc5054_3072_N, rfc5054_3072_g); + + private const string rfc5054_4096_N = "FFFFFFFFFFFFFFFFC90FDAA22168C234C4C6628B80DC1CD129024E08" + + "8A67CC74020BBEA63B139B22514A08798E3404DDEF9519B3CD3A431B" + + "302B0A6DF25F14374FE1356D6D51C245E485B576625E7EC6F44C42E9" + + "A637ED6B0BFF5CB6F406B7EDEE386BFB5A899FA5AE9F24117C4B1FE6" + + "49286651ECE45B3DC2007CB8A163BF0598DA48361C55D39A69163FA8" + + "FD24CF5F83655D23DCA3AD961C62F356208552BB9ED529077096966D" + + "670C354E4ABC9804F1746C08CA18217C32905E462E36CE3BE39E772C" + + "180E86039B2783A2EC07A28FB5C55DF06F4C52C9DE2BCBF695581718" + + "3995497CEA956AE515D2261898FA051015728E5A8AAAC42DAD33170D" + + "04507A33A85521ABDF1CBA64ECFB850458DBEF0A8AEA71575D060C7D" + + "B3970F85A6E1E4C7ABF5AE8CDB0933D71E8C94E04A25619DCEE3D226" + + "1AD2EE6BF12FFA06D98A0864D87602733EC86A64521F2B18177B200C" + + "BBE117577A615D6C770988C0BAD946E208E24FA074E5AB3143DB5BFC" + + "E0FD108E4B82D120A92108011A723C12A787E6D788719A10BDBA5B26" + + "99C327186AF4E23C1A946834B6150BDA2583E9CA2AD44CE8DBBBC2DB" + + "04DE8EF92E8EFC141FBECAA6287C59474E6BC05D99B2964FA090C3A2" + + "233BA186515BE7ED1F612970CEE2D7AFB81BDD762170481CD0069127" + + "D5B05AA993B4EA988D8FDDC186FFB7DC90A6C08F4DF435C934063199" + "FFFFFFFFFFFFFFFF"; + private const string rfc5054_4096_g = "05"; + public static readonly Srp6GroupParameters rfc5054_4096 = FromNG(rfc5054_4096_N, rfc5054_4096_g); + + private const string rfc5054_6144_N = "FFFFFFFFFFFFFFFFC90FDAA22168C234C4C6628B80DC1CD129024E08" + + "8A67CC74020BBEA63B139B22514A08798E3404DDEF9519B3CD3A431B" + + "302B0A6DF25F14374FE1356D6D51C245E485B576625E7EC6F44C42E9" + + "A637ED6B0BFF5CB6F406B7EDEE386BFB5A899FA5AE9F24117C4B1FE6" + + "49286651ECE45B3DC2007CB8A163BF0598DA48361C55D39A69163FA8" + + "FD24CF5F83655D23DCA3AD961C62F356208552BB9ED529077096966D" + + "670C354E4ABC9804F1746C08CA18217C32905E462E36CE3BE39E772C" + + "180E86039B2783A2EC07A28FB5C55DF06F4C52C9DE2BCBF695581718" + + "3995497CEA956AE515D2261898FA051015728E5A8AAAC42DAD33170D" + + "04507A33A85521ABDF1CBA64ECFB850458DBEF0A8AEA71575D060C7D" + + "B3970F85A6E1E4C7ABF5AE8CDB0933D71E8C94E04A25619DCEE3D226" + + "1AD2EE6BF12FFA06D98A0864D87602733EC86A64521F2B18177B200C" + + "BBE117577A615D6C770988C0BAD946E208E24FA074E5AB3143DB5BFC" + + "E0FD108E4B82D120A92108011A723C12A787E6D788719A10BDBA5B26" + + "99C327186AF4E23C1A946834B6150BDA2583E9CA2AD44CE8DBBBC2DB" + + "04DE8EF92E8EFC141FBECAA6287C59474E6BC05D99B2964FA090C3A2" + + "233BA186515BE7ED1F612970CEE2D7AFB81BDD762170481CD0069127" + + "D5B05AA993B4EA988D8FDDC186FFB7DC90A6C08F4DF435C934028492" + + "36C3FAB4D27C7026C1D4DCB2602646DEC9751E763DBA37BDF8FF9406" + + "AD9E530EE5DB382F413001AEB06A53ED9027D831179727B0865A8918" + + "DA3EDBEBCF9B14ED44CE6CBACED4BB1BDB7F1447E6CC254B33205151" + + "2BD7AF426FB8F401378CD2BF5983CA01C64B92ECF032EA15D1721D03" + + "F482D7CE6E74FEF6D55E702F46980C82B5A84031900B1C9E59E7C97F" + + "BEC7E8F323A97A7E36CC88BE0F1D45B7FF585AC54BD407B22B4154AA" + + "CC8F6D7EBF48E1D814CC5ED20F8037E0A79715EEF29BE32806A1D58B" + + "B7C5DA76F550AA3D8A1FBFF0EB19CCB1A313D55CDA56C9EC2EF29632" + + "387FE8D76E3C0468043E8F663F4860EE12BF2D5B0B7474D6E694F91E" + "6DCC4024FFFFFFFFFFFFFFFF"; + private const string rfc5054_6144_g = "05"; + public static readonly Srp6GroupParameters rfc5054_6144 = FromNG(rfc5054_6144_N, rfc5054_6144_g); + + private const string rfc5054_8192_N = "FFFFFFFFFFFFFFFFC90FDAA22168C234C4C6628B80DC1CD129024E08" + + "8A67CC74020BBEA63B139B22514A08798E3404DDEF9519B3CD3A431B" + + "302B0A6DF25F14374FE1356D6D51C245E485B576625E7EC6F44C42E9" + + "A637ED6B0BFF5CB6F406B7EDEE386BFB5A899FA5AE9F24117C4B1FE6" + + "49286651ECE45B3DC2007CB8A163BF0598DA48361C55D39A69163FA8" + + "FD24CF5F83655D23DCA3AD961C62F356208552BB9ED529077096966D" + + "670C354E4ABC9804F1746C08CA18217C32905E462E36CE3BE39E772C" + + "180E86039B2783A2EC07A28FB5C55DF06F4C52C9DE2BCBF695581718" + + "3995497CEA956AE515D2261898FA051015728E5A8AAAC42DAD33170D" + + "04507A33A85521ABDF1CBA64ECFB850458DBEF0A8AEA71575D060C7D" + + "B3970F85A6E1E4C7ABF5AE8CDB0933D71E8C94E04A25619DCEE3D226" + + "1AD2EE6BF12FFA06D98A0864D87602733EC86A64521F2B18177B200C" + + "BBE117577A615D6C770988C0BAD946E208E24FA074E5AB3143DB5BFC" + + "E0FD108E4B82D120A92108011A723C12A787E6D788719A10BDBA5B26" + + "99C327186AF4E23C1A946834B6150BDA2583E9CA2AD44CE8DBBBC2DB" + + "04DE8EF92E8EFC141FBECAA6287C59474E6BC05D99B2964FA090C3A2" + + "233BA186515BE7ED1F612970CEE2D7AFB81BDD762170481CD0069127" + + "D5B05AA993B4EA988D8FDDC186FFB7DC90A6C08F4DF435C934028492" + + "36C3FAB4D27C7026C1D4DCB2602646DEC9751E763DBA37BDF8FF9406" + + "AD9E530EE5DB382F413001AEB06A53ED9027D831179727B0865A8918" + + "DA3EDBEBCF9B14ED44CE6CBACED4BB1BDB7F1447E6CC254B33205151" + + "2BD7AF426FB8F401378CD2BF5983CA01C64B92ECF032EA15D1721D03" + + "F482D7CE6E74FEF6D55E702F46980C82B5A84031900B1C9E59E7C97F" + + "BEC7E8F323A97A7E36CC88BE0F1D45B7FF585AC54BD407B22B4154AA" + + "CC8F6D7EBF48E1D814CC5ED20F8037E0A79715EEF29BE32806A1D58B" + + "B7C5DA76F550AA3D8A1FBFF0EB19CCB1A313D55CDA56C9EC2EF29632" + + "387FE8D76E3C0468043E8F663F4860EE12BF2D5B0B7474D6E694F91E" + + "6DBE115974A3926F12FEE5E438777CB6A932DF8CD8BEC4D073B931BA" + + "3BC832B68D9DD300741FA7BF8AFC47ED2576F6936BA424663AAB639C" + + "5AE4F5683423B4742BF1C978238F16CBE39D652DE3FDB8BEFC848AD9" + + "22222E04A4037C0713EB57A81A23F0C73473FC646CEA306B4BCBC886" + + "2F8385DDFA9D4B7FA2C087E879683303ED5BDD3A062B3CF5B3A278A6" + + "6D2A13F83F44F82DDF310EE074AB6A364597E899A0255DC164F31CC5" + + "0846851DF9AB48195DED7EA1B1D510BD7EE74D73FAF36BC31ECFA268" + + "359046F4EB879F924009438B481C6CD7889A002ED5EE382BC9190DA6" + + "FC026E479558E4475677E9AA9E3050E2765694DFC81F56E880B96E71" + "60C980DD98EDD3DFFFFFFFFFFFFFFFFF"; + private const string rfc5054_8192_g = "13"; + public static readonly Srp6GroupParameters rfc5054_8192 = FromNG(rfc5054_8192_N, rfc5054_8192_g); + } +} diff --git a/BouncyCastle/crypto/src/crypto/agreement/srp/SRP6Utilities.cs b/BouncyCastle/crypto/src/crypto/agreement/srp/SRP6Utilities.cs new file mode 100644 index 0000000..ef6d8f2 --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/agreement/srp/SRP6Utilities.cs @@ -0,0 +1,153 @@ +using System; + +using Org.BouncyCastle.Math; +using Org.BouncyCastle.Security; +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Crypto.Agreement.Srp +{ + public class Srp6Utilities + { + public static BigInteger CalculateK(IDigest digest, BigInteger N, BigInteger g) + { + return HashPaddedPair(digest, N, N, g); + } + + public static BigInteger CalculateU(IDigest digest, BigInteger N, BigInteger A, BigInteger B) + { + return HashPaddedPair(digest, N, A, B); + } + + public static BigInteger CalculateX(IDigest digest, BigInteger N, byte[] salt, byte[] identity, byte[] password) + { + byte[] output = new byte[digest.GetDigestSize()]; + + digest.BlockUpdate(identity, 0, identity.Length); + digest.Update((byte)':'); + digest.BlockUpdate(password, 0, password.Length); + digest.DoFinal(output, 0); + + digest.BlockUpdate(salt, 0, salt.Length); + digest.BlockUpdate(output, 0, output.Length); + digest.DoFinal(output, 0); + + return new BigInteger(1, output); + } + + public static BigInteger GeneratePrivateValue(IDigest digest, BigInteger N, BigInteger g, SecureRandom random) + { + int minBits = System.Math.Min(256, N.BitLength / 2); + BigInteger min = BigInteger.One.ShiftLeft(minBits - 1); + BigInteger max = N.Subtract(BigInteger.One); + + return BigIntegers.CreateRandomInRange(min, max, random); + } + + public static BigInteger ValidatePublicValue(BigInteger N, BigInteger val) + { + val = val.Mod(N); + + // Check that val % N != 0 + if (val.Equals(BigInteger.Zero)) + throw new CryptoException("Invalid public value: 0"); + + return val; + } + + /** + * Computes the client evidence message (M1) according to the standard routine: + * M1 = H( A | B | S ) + * @param digest The Digest used as the hashing function H + * @param N Modulus used to get the pad length + * @param A The public client value + * @param B The public server value + * @param S The secret calculated by both sides + * @return M1 The calculated client evidence message + */ + public static BigInteger CalculateM1(IDigest digest, BigInteger N, BigInteger A, BigInteger B, BigInteger S) + { + BigInteger M1 = HashPaddedTriplet(digest, N, A, B, S); + return M1; + } + + /** + * Computes the server evidence message (M2) according to the standard routine: + * M2 = H( A | M1 | S ) + * @param digest The Digest used as the hashing function H + * @param N Modulus used to get the pad length + * @param A The public client value + * @param M1 The client evidence message + * @param S The secret calculated by both sides + * @return M2 The calculated server evidence message + */ + public static BigInteger CalculateM2(IDigest digest, BigInteger N, BigInteger A, BigInteger M1, BigInteger S) + { + BigInteger M2 = HashPaddedTriplet(digest, N, A, M1, S); + return M2; + } + + /** + * Computes the final Key according to the standard routine: Key = H(S) + * @param digest The Digest used as the hashing function H + * @param N Modulus used to get the pad length + * @param S The secret calculated by both sides + * @return + */ + public static BigInteger CalculateKey(IDigest digest, BigInteger N, BigInteger S) + { + int padLength = (N.BitLength + 7) / 8; + byte[] _S = GetPadded(S, padLength); + digest.BlockUpdate(_S, 0, _S.Length); + + byte[] output = new byte[digest.GetDigestSize()]; + digest.DoFinal(output, 0); + return new BigInteger(1, output); + } + + private static BigInteger HashPaddedTriplet(IDigest digest, BigInteger N, BigInteger n1, BigInteger n2, BigInteger n3) + { + int padLength = (N.BitLength + 7) / 8; + + byte[] n1_bytes = GetPadded(n1, padLength); + byte[] n2_bytes = GetPadded(n2, padLength); + byte[] n3_bytes = GetPadded(n3, padLength); + + digest.BlockUpdate(n1_bytes, 0, n1_bytes.Length); + digest.BlockUpdate(n2_bytes, 0, n2_bytes.Length); + digest.BlockUpdate(n3_bytes, 0, n3_bytes.Length); + + byte[] output = new byte[digest.GetDigestSize()]; + digest.DoFinal(output, 0); + + return new BigInteger(1, output); + } + + private static BigInteger HashPaddedPair(IDigest digest, BigInteger N, BigInteger n1, BigInteger n2) + { + int padLength = (N.BitLength + 7) / 8; + + byte[] n1_bytes = GetPadded(n1, padLength); + byte[] n2_bytes = GetPadded(n2, padLength); + + digest.BlockUpdate(n1_bytes, 0, n1_bytes.Length); + digest.BlockUpdate(n2_bytes, 0, n2_bytes.Length); + + byte[] output = new byte[digest.GetDigestSize()]; + digest.DoFinal(output, 0); + + return new BigInteger(1, output); + } + + private static byte[] GetPadded(BigInteger n, int length) + { + byte[] bs = BigIntegers.AsUnsignedByteArray(n); + if (bs.Length < length) + { + byte[] tmp = new byte[length]; + Array.Copy(bs, 0, tmp, length - bs.Length, bs.Length); + bs = tmp; + } + return bs; + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/agreement/srp/SRP6VerifierGenerator.cs b/BouncyCastle/crypto/src/crypto/agreement/srp/SRP6VerifierGenerator.cs new file mode 100644 index 0000000..9569735 --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/agreement/srp/SRP6VerifierGenerator.cs @@ -0,0 +1,55 @@ +using System; + +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Math; + +namespace Org.BouncyCastle.Crypto.Agreement.Srp +{ + /** + * Generates new SRP verifier for user + */ + public class Srp6VerifierGenerator + { + protected BigInteger N; + protected BigInteger g; + protected IDigest digest; + + public Srp6VerifierGenerator() + { + } + + /** + * Initialises generator to create new verifiers + * @param N The safe prime to use (see DHParametersGenerator) + * @param g The group parameter to use (see DHParametersGenerator) + * @param digest The digest to use. The same digest type will need to be used later for the actual authentication + * attempt. Also note that the final session key size is dependent on the chosen digest. + */ + public virtual void Init(BigInteger N, BigInteger g, IDigest digest) + { + this.N = N; + this.g = g; + this.digest = digest; + } + + public virtual void Init(Srp6GroupParameters group, IDigest digest) + { + Init(group.N, group.G, digest); + } + + /** + * Creates a new SRP verifier + * @param salt The salt to use, generally should be large and random + * @param identity The user's identifying information (eg. username) + * @param password The user's password + * @return A new verifier for use in future SRP authentication + */ + public virtual BigInteger GenerateVerifier(byte[] salt, byte[] identity, byte[] password) + { + BigInteger x = Srp6Utilities.CalculateX(digest, N, salt, identity, password); + + return g.ModPow(x, N); + } + } +} + diff --git a/BouncyCastle/crypto/src/crypto/digests/Blake2bDigest.cs b/BouncyCastle/crypto/src/crypto/digests/Blake2bDigest.cs new file mode 100644 index 0000000..770e35c --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/digests/Blake2bDigest.cs @@ -0,0 +1,531 @@ +using System; + +using Org.BouncyCastle.Crypto.Utilities; +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Crypto.Digests +{ + /* The BLAKE2 cryptographic hash function was designed by Jean- + Philippe Aumasson, Samuel Neves, Zooko Wilcox-O'Hearn, and Christian + Winnerlein. + + Reference Implementation and Description can be found at: https://blake2.net/ + Internet Draft: https://tools.ietf.org/html/draft-saarinen-blake2-02 + + This implementation does not support the Tree Hashing Mode. + + For unkeyed hashing, developers adapting BLAKE2 to ASN.1 - based + message formats SHOULD use the OID tree at x = 1.3.6.1.4.1.1722.12.2. + + Algorithm | Target | Collision | Hash | Hash ASN.1 | + Identifier | Arch | Security | nn | OID Suffix | + ---------------+--------+-----------+------+------------+ + id-blake2b160 | 64-bit | 2**80 | 20 | x.1.20 | + id-blake2b256 | 64-bit | 2**128 | 32 | x.1.32 | + id-blake2b384 | 64-bit | 2**192 | 48 | x.1.48 | + id-blake2b512 | 64-bit | 2**256 | 64 | x.1.64 | + ---------------+--------+-----------+------+------------+ + */ + + /** + * Implementation of the cryptographic hash function Blakbe2b. + *

+ * Blake2b offers a built-in keying mechanism to be used directly + * for authentication ("Prefix-MAC") rather than a HMAC construction. + *

+ * Blake2b offers a built-in support for a salt for randomized hashing + * and a personal string for defining a unique hash function for each application. + *

+ * BLAKE2b is optimized for 64-bit platforms and produces digests of any size + * between 1 and 64 bytes. + */ + public class Blake2bDigest + : IDigest + { + // Blake2b Initialization Vector: + private static readonly ulong[] blake2b_IV = + // Produced from the square root of primes 2, 3, 5, 7, 11, 13, 17, 19. + // The same as SHA-512 IV. + { + 0x6a09e667f3bcc908UL, 0xbb67ae8584caa73bUL, 0x3c6ef372fe94f82bUL, + 0xa54ff53a5f1d36f1UL, 0x510e527fade682d1UL, 0x9b05688c2b3e6c1fUL, + 0x1f83d9abfb41bd6bUL, 0x5be0cd19137e2179UL + }; + + // Message word permutations: + private static readonly byte[,] blake2b_sigma = + { + { 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15 }, + { 14, 10, 4, 8, 9, 15, 13, 6, 1, 12, 0, 2, 11, 7, 5, 3 }, + { 11, 8, 12, 0, 5, 2, 15, 13, 10, 14, 3, 6, 7, 1, 9, 4 }, + { 7, 9, 3, 1, 13, 12, 11, 14, 2, 6, 5, 10, 4, 0, 15, 8 }, + { 9, 0, 5, 7, 2, 4, 10, 15, 14, 1, 11, 12, 6, 8, 3, 13 }, + { 2, 12, 6, 10, 0, 11, 8, 3, 4, 13, 7, 5, 15, 14, 1, 9 }, + { 12, 5, 1, 15, 14, 13, 4, 10, 0, 7, 6, 3, 9, 2, 8, 11 }, + { 13, 11, 7, 14, 12, 1, 3, 9, 5, 0, 15, 4, 8, 6, 2, 10 }, + { 6, 15, 14, 9, 11, 3, 0, 8, 12, 2, 13, 7, 1, 4, 10, 5 }, + { 10, 2, 8, 4, 7, 6, 1, 5, 15, 11, 9, 14, 3, 12, 13, 0 }, + { 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15 }, + { 14, 10, 4, 8, 9, 15, 13, 6, 1, 12, 0, 2, 11, 7, 5, 3 } + }; + + private const int ROUNDS = 12; // to use for Catenas H' + private const int BLOCK_LENGTH_BYTES = 128;// bytes + + // General parameters: + private int digestLength = 64; // 1- 64 bytes + private int keyLength = 0; // 0 - 64 bytes for keyed hashing for MAC + private byte[] salt = null;// new byte[16]; + private byte[] personalization = null;// new byte[16]; + + // the key + private byte[] key = null; + + // Tree hashing parameters: + // Because this class does not implement the Tree Hashing Mode, + // these parameters can be treated as constants (see init() function) + /* + * private int fanout = 1; // 0-255 private int depth = 1; // 1 - 255 + * private int leafLength= 0; private long nodeOffset = 0L; private int + * nodeDepth = 0; private int innerHashLength = 0; + */ + + // whenever this buffer overflows, it will be processed + // in the Compress() function. + // For performance issues, long messages will not use this buffer. + private byte[] buffer = null;// new byte[BLOCK_LENGTH_BYTES]; + // Position of last inserted byte: + private int bufferPos = 0;// a value from 0 up to 128 + + private ulong[] internalState = new ulong[16]; // In the Blake2b paper it is + // called: v + private ulong[] chainValue = null; // state vector, in the Blake2b paper it + // is called: h + + private ulong t0 = 0UL; // holds last significant bits, counter (counts bytes) + private ulong t1 = 0UL; // counter: Length up to 2^128 are supported + private ulong f0 = 0UL; // finalization flag, for last block: ~0L + + // For Tree Hashing Mode, not used here: + // private long f1 = 0L; // finalization flag, for last node: ~0L + + public Blake2bDigest() + : this(512) + { + } + + public Blake2bDigest(Blake2bDigest digest) + { + this.bufferPos = digest.bufferPos; + this.buffer = Arrays.Clone(digest.buffer); + this.keyLength = digest.keyLength; + this.key = Arrays.Clone(digest.key); + this.digestLength = digest.digestLength; + this.chainValue = Arrays.Clone(digest.chainValue); + this.personalization = Arrays.Clone(digest.personalization); + this.salt = Arrays.Clone(digest.salt); + this.t0 = digest.t0; + this.t1 = digest.t1; + this.f0 = digest.f0; + } + + /** + * Basic sized constructor - size in bits. + * + * @param digestSize size of the digest in bits + */ + public Blake2bDigest(int digestSize) + { + if (digestSize < 8 || digestSize > 512 || digestSize % 8 != 0) + throw new ArgumentException("BLAKE2b digest bit length must be a multiple of 8 and not greater than 512"); + + buffer = new byte[BLOCK_LENGTH_BYTES]; + keyLength = 0; + this.digestLength = digestSize / 8; + Init(); + } + + /** + * Blake2b for authentication ("Prefix-MAC mode"). + * After calling the doFinal() method, the key will + * remain to be used for further computations of + * this instance. + * The key can be overwritten using the clearKey() method. + * + * @param key A key up to 64 bytes or null + */ + public Blake2bDigest(byte[] key) + { + buffer = new byte[BLOCK_LENGTH_BYTES]; + if (key != null) + { + this.key = new byte[key.Length]; + Array.Copy(key, 0, this.key, 0, key.Length); + + if (key.Length > 64) + throw new ArgumentException("Keys > 64 are not supported"); + + keyLength = key.Length; + Array.Copy(key, 0, buffer, 0, key.Length); + bufferPos = BLOCK_LENGTH_BYTES; // zero padding + } + digestLength = 64; + Init(); + } + + /** + * Blake2b with key, required digest length (in bytes), salt and personalization. + * After calling the doFinal() method, the key, the salt and the personal string + * will remain and might be used for further computations with this instance. + * The key can be overwritten using the clearKey() method, the salt (pepper) + * can be overwritten using the clearSalt() method. + * + * @param key A key up to 64 bytes or null + * @param digestLength from 1 up to 64 bytes + * @param salt 16 bytes or null + * @param personalization 16 bytes or null + */ + public Blake2bDigest(byte[] key, int digestLength, byte[] salt, byte[] personalization) + { + if (digestLength < 1 || digestLength > 64) + throw new ArgumentException("Invalid digest length (required: 1 - 64)"); + + this.digestLength = digestLength; + this.buffer = new byte[BLOCK_LENGTH_BYTES]; + + if (salt != null) + { + if (salt.Length != 16) + throw new ArgumentException("salt length must be exactly 16 bytes"); + + this.salt = new byte[16]; + Array.Copy(salt, 0, this.salt, 0, salt.Length); + } + if (personalization != null) + { + if (personalization.Length != 16) + throw new ArgumentException("personalization length must be exactly 16 bytes"); + + this.personalization = new byte[16]; + Array.Copy(personalization, 0, this.personalization, 0, personalization.Length); + } + if (key != null) + { + if (key.Length > 64) + throw new ArgumentException("Keys > 64 are not supported"); + + this.key = new byte[key.Length]; + Array.Copy(key, 0, this.key, 0, key.Length); + + keyLength = key.Length; + Array.Copy(key, 0, buffer, 0, key.Length); + bufferPos = BLOCK_LENGTH_BYTES; // zero padding + } + Init(); + } + + // initialize chainValue + private void Init() + { + if (chainValue == null) + { + chainValue = new ulong[8]; + + chainValue[0] = blake2b_IV[0] ^ (ulong)(digestLength | (keyLength << 8) | 0x1010000); + + // 0x1010000 = ((fanout << 16) | (depth << 24) | (leafLength << + // 32)); + // with fanout = 1; depth = 0; leafLength = 0; + chainValue[1] = blake2b_IV[1];// ^ nodeOffset; with nodeOffset = 0; + chainValue[2] = blake2b_IV[2];// ^ ( nodeDepth | (innerHashLength << 8) ); + // with nodeDepth = 0; innerHashLength = 0; + + chainValue[3] = blake2b_IV[3]; + + chainValue[4] = blake2b_IV[4]; + chainValue[5] = blake2b_IV[5]; + if (salt != null) + { + chainValue[4] ^= Pack.LE_To_UInt64(salt, 0); + chainValue[5] ^= Pack.LE_To_UInt64(salt, 8); + } + + chainValue[6] = blake2b_IV[6]; + chainValue[7] = blake2b_IV[7]; + if (personalization != null) + { + chainValue[6] ^= Pack.LE_To_UInt64(personalization, 0); + chainValue[7] ^= Pack.LE_To_UInt64(personalization, 8); + } + } + } + + private void InitializeInternalState() + { + // initialize v: + Array.Copy(chainValue, 0, internalState, 0, chainValue.Length); + Array.Copy(blake2b_IV, 0, internalState, chainValue.Length, 4); + internalState[12] = t0 ^ blake2b_IV[4]; + internalState[13] = t1 ^ blake2b_IV[5]; + internalState[14] = f0 ^ blake2b_IV[6]; + internalState[15] = blake2b_IV[7];// ^ f1 with f1 = 0 + } + + /** + * update the message digest with a single byte. + * + * @param b the input byte to be entered. + */ + public virtual void Update(byte b) + { + int remainingLength = 0; // left bytes of buffer + + // process the buffer if full else add to buffer: + remainingLength = BLOCK_LENGTH_BYTES - bufferPos; + if (remainingLength == 0) + { // full buffer + t0 += BLOCK_LENGTH_BYTES; + if (t0 == 0) + { // if message > 2^64 + t1++; + } + Compress(buffer, 0); + Array.Clear(buffer, 0, buffer.Length);// clear buffer + buffer[0] = b; + bufferPos = 1; + } + else + { + buffer[bufferPos] = b; + bufferPos++; + return; + } + } + + /** + * update the message digest with a block of bytes. + * + * @param message the byte array containing the data. + * @param offset the offset into the byte array where the data starts. + * @param len the length of the data. + */ + public virtual void BlockUpdate(byte[] message, int offset, int len) + { + if (message == null || len == 0) + return; + + int remainingLength = 0; // left bytes of buffer + + if (bufferPos != 0) + { // commenced, incomplete buffer + + // complete the buffer: + remainingLength = BLOCK_LENGTH_BYTES - bufferPos; + if (remainingLength < len) + { // full buffer + at least 1 byte + Array.Copy(message, offset, buffer, bufferPos, + remainingLength); + t0 += BLOCK_LENGTH_BYTES; + if (t0 == 0) + { // if message > 2^64 + t1++; + } + Compress(buffer, 0); + bufferPos = 0; + Array.Clear(buffer, 0, buffer.Length);// clear buffer + } + else + { + Array.Copy(message, offset, buffer, bufferPos, len); + bufferPos += len; + return; + } + } + + // process blocks except last block (also if last block is full) + int messagePos; + int blockWiseLastPos = offset + len - BLOCK_LENGTH_BYTES; + for (messagePos = offset + remainingLength; messagePos < blockWiseLastPos; messagePos += BLOCK_LENGTH_BYTES) + { // block wise 128 bytes + // without buffer: + t0 += BLOCK_LENGTH_BYTES; + if (t0 == 0) + { + t1++; + } + Compress(message, messagePos); + } + + // fill the buffer with left bytes, this might be a full block + Array.Copy(message, messagePos, buffer, 0, offset + len + - messagePos); + bufferPos += offset + len - messagePos; + } + + /** + * close the digest, producing the final digest value. The doFinal + * call leaves the digest reset. + * Key, salt and personal string remain. + * + * @param out the array the digest is to be copied into. + * @param outOffset the offset into the out array the digest is to start at. + */ + public virtual int DoFinal(byte[] output, int outOffset) + { + f0 = 0xFFFFFFFFFFFFFFFFUL; + t0 += (ulong)bufferPos; + if (bufferPos > 0 && t0 == 0) + { + t1++; + } + Compress(buffer, 0); + Array.Clear(buffer, 0, buffer.Length);// Holds eventually the key if input is null + Array.Clear(internalState, 0, internalState.Length); + + for (int i = 0; i < chainValue.Length && (i * 8 < digestLength); i++) + { + byte[] bytes = Pack.UInt64_To_LE(chainValue[i]); + + if (i * 8 < digestLength - 8) + { + Array.Copy(bytes, 0, output, outOffset + i * 8, 8); + } + else + { + Array.Copy(bytes, 0, output, outOffset + i * 8, digestLength - (i * 8)); + } + } + + Array.Clear(chainValue, 0, chainValue.Length); + + Reset(); + + return digestLength; + } + + /** + * Reset the digest back to it's initial state. + * The key, the salt and the personal string will + * remain for further computations. + */ + public virtual void Reset() + { + bufferPos = 0; + f0 = 0L; + t0 = 0L; + t1 = 0L; + chainValue = null; + Array.Clear(buffer, 0, buffer.Length); + if (key != null) + { + Array.Copy(key, 0, buffer, 0, key.Length); + bufferPos = BLOCK_LENGTH_BYTES; // zero padding + } + Init(); + } + + private void Compress(byte[] message, int messagePos) + { + InitializeInternalState(); + + ulong[] m = new ulong[16]; + for (int j = 0; j < 16; j++) + { + m[j] = Pack.LE_To_UInt64(message, messagePos + j * 8); + } + + for (int round = 0; round < ROUNDS; round++) + { + // G apply to columns of internalState:m[blake2b_sigma[round][2 * blockPos]] /+1 + G(m[blake2b_sigma[round,0]], m[blake2b_sigma[round,1]], 0, 4, 8, 12); + G(m[blake2b_sigma[round,2]], m[blake2b_sigma[round,3]], 1, 5, 9, 13); + G(m[blake2b_sigma[round,4]], m[blake2b_sigma[round,5]], 2, 6, 10, 14); + G(m[blake2b_sigma[round,6]], m[blake2b_sigma[round,7]], 3, 7, 11, 15); + // G apply to diagonals of internalState: + G(m[blake2b_sigma[round,8]], m[blake2b_sigma[round,9]], 0, 5, 10, 15); + G(m[blake2b_sigma[round,10]], m[blake2b_sigma[round,11]], 1, 6, 11, 12); + G(m[blake2b_sigma[round,12]], m[blake2b_sigma[round,13]], 2, 7, 8, 13); + G(m[blake2b_sigma[round,14]], m[blake2b_sigma[round,15]], 3, 4, 9, 14); + } + + // update chain values: + for (int offset = 0; offset < chainValue.Length; offset++) + { + chainValue[offset] = chainValue[offset] ^ internalState[offset] ^ internalState[offset + 8]; + } + } + + private void G(ulong m1, ulong m2, int posA, int posB, int posC, int posD) + { + internalState[posA] = internalState[posA] + internalState[posB] + m1; + internalState[posD] = Rotr64(internalState[posD] ^ internalState[posA], 32); + internalState[posC] = internalState[posC] + internalState[posD]; + internalState[posB] = Rotr64(internalState[posB] ^ internalState[posC], 24); // replaces 25 of BLAKE + internalState[posA] = internalState[posA] + internalState[posB] + m2; + internalState[posD] = Rotr64(internalState[posD] ^ internalState[posA], 16); + internalState[posC] = internalState[posC] + internalState[posD]; + internalState[posB] = Rotr64(internalState[posB] ^ internalState[posC], 63); // replaces 11 of BLAKE + } + + private static ulong Rotr64(ulong x, int rot) + { + return x >> rot | x << -rot; + } + + /** + * return the algorithm name + * + * @return the algorithm name + */ + public virtual string AlgorithmName + { + get { return "BLAKE2b"; } + } + + /** + * return the size, in bytes, of the digest produced by this message digest. + * + * @return the size, in bytes, of the digest produced by this message digest. + */ + public virtual int GetDigestSize() + { + return digestLength; + } + + /** + * Return the size in bytes of the internal buffer the digest applies it's compression + * function to. + * + * @return byte length of the digests internal buffer. + */ + public virtual int GetByteLength() + { + return BLOCK_LENGTH_BYTES; + } + + /** + * Overwrite the key + * if it is no longer used (zeroization) + */ + public virtual void ClearKey() + { + if (key != null) + { + Array.Clear(key, 0, key.Length); + Array.Clear(buffer, 0, buffer.Length); + } + } + + /** + * Overwrite the salt (pepper) if it + * is secret and no longer used (zeroization) + */ + public virtual void ClearSalt() + { + if (salt != null) + { + Array.Clear(salt, 0, salt.Length); + } + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/digests/Blake2sDigest.cs b/BouncyCastle/crypto/src/crypto/digests/Blake2sDigest.cs new file mode 100644 index 0000000..432b0f4 --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/digests/Blake2sDigest.cs @@ -0,0 +1,551 @@ +using System; + +using Org.BouncyCastle.Crypto.Utilities; +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Crypto.Digests +{ + /* + The BLAKE2 cryptographic hash function was designed by Jean- + Philippe Aumasson, Samuel Neves, Zooko Wilcox-O'Hearn, and Christian + Winnerlein. + + Reference Implementation and Description can be found at: https://blake2.net/ + RFC: https://tools.ietf.org/html/rfc7693 + + This implementation does not support the Tree Hashing Mode. + + For unkeyed hashing, developers adapting BLAKE2 to ASN.1 - based + message formats SHOULD use the OID tree at x = 1.3.6.1.4.1.1722.12.2. + + Algorithm | Target | Collision | Hash | Hash ASN.1 | + Identifier | Arch | Security | nn | OID Suffix | + ---------------+--------+-----------+------+------------+ + id-blake2s128 | 32-bit | 2**64 | 16 | x.2.4 | + id-blake2s160 | 32-bit | 2**80 | 20 | x.2.5 | + id-blake2s224 | 32-bit | 2**112 | 28 | x.2.7 | + id-blake2s256 | 32-bit | 2**128 | 32 | x.2.8 | + ---------------+--------+-----------+------+------------+ + */ + + /** + * Implementation of the cryptographic hash function BLAKE2s. + *

+ * BLAKE2s offers a built-in keying mechanism to be used directly + * for authentication ("Prefix-MAC") rather than a HMAC construction. + *

+ * BLAKE2s offers a built-in support for a salt for randomized hashing + * and a personal string for defining a unique hash function for each application. + *

+ * BLAKE2s is optimized for 32-bit platforms and produces digests of any size + * between 1 and 32 bytes. + */ + public class Blake2sDigest + : IDigest + { + /** + * BLAKE2s Initialization Vector + **/ + private static readonly uint[] blake2s_IV = + // Produced from the square root of primes 2, 3, 5, 7, 11, 13, 17, 19. + // The same as SHA-256 IV. + { + 0x6a09e667, 0xbb67ae85, 0x3c6ef372, + 0xa54ff53a, 0x510e527f, 0x9b05688c, + 0x1f83d9ab, 0x5be0cd19 + }; + + /** + * Message word permutations + **/ + private static readonly byte[,] blake2s_sigma = + { + { 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15 }, + { 14, 10, 4, 8, 9, 15, 13, 6, 1, 12, 0, 2, 11, 7, 5, 3 }, + { 11, 8, 12, 0, 5, 2, 15, 13, 10, 14, 3, 6, 7, 1, 9, 4 }, + { 7, 9, 3, 1, 13, 12, 11, 14, 2, 6, 5, 10, 4, 0, 15, 8 }, + { 9, 0, 5, 7, 2, 4, 10, 15, 14, 1, 11, 12, 6, 8, 3, 13 }, + { 2, 12, 6, 10, 0, 11, 8, 3, 4, 13, 7, 5, 15, 14, 1, 9 }, + { 12, 5, 1, 15, 14, 13, 4, 10, 0, 7, 6, 3, 9, 2, 8, 11 }, + { 13, 11, 7, 14, 12, 1, 3, 9, 5, 0, 15, 4, 8, 6, 2, 10 }, + { 6, 15, 14, 9, 11, 3, 0, 8, 12, 2, 13, 7, 1, 4, 10, 5 }, + { 10, 2, 8, 4, 7, 6, 1, 5, 15, 11, 9, 14, 3, 12, 13, 0 } + }; + + private const int ROUNDS = 10; // to use for Catenas H' + private const int BLOCK_LENGTH_BYTES = 64;// bytes + + // General parameters: + private int digestLength = 32; // 1- 32 bytes + private int keyLength = 0; // 0 - 32 bytes for keyed hashing for MAC + private byte[] salt = null; + private byte[] personalization = null; + private byte[] key = null; + + // Tree hashing parameters: + // Because this class does not implement the Tree Hashing Mode, + // these parameters can be treated as constants (see Init() function) + /* + * private int fanout = 1; // 0-255 + * private int depth = 1; // 1 - 255 + * private int leafLength= 0; + * private long nodeOffset = 0L; + * private int nodeDepth = 0; + * private int innerHashLength = 0; + */ + + /** + * Whenever this buffer overflows, it will be processed in the Compress() + * function. For performance issues, long messages will not use this buffer. + */ + private byte[] buffer = null; + /** + * Position of last inserted byte + **/ + private int bufferPos = 0;// a value from 0 up to BLOCK_LENGTH_BYTES + + /** + * Internal state, in the BLAKE2 paper it is called v + **/ + private uint[] internalState = new uint[16]; + /** + * State vector, in the BLAKE2 paper it is called h + **/ + private uint[] chainValue = null; + + // counter (counts bytes): Length up to 2^64 are supported + /** + * holds least significant bits of counter + **/ + private uint t0 = 0; + /** + * holds most significant bits of counter + **/ + private uint t1 = 0; + /** + * finalization flag, for last block: ~0 + **/ + private uint f0 = 0; + + // For Tree Hashing Mode, not used here: + // private long f1 = 0L; // finalization flag, for last node: ~0L + + /** + * BLAKE2s-256 for hashing. + */ + public Blake2sDigest() + : this(256) + { + } + + public Blake2sDigest(Blake2sDigest digest) + { + this.bufferPos = digest.bufferPos; + this.buffer = Arrays.Clone(digest.buffer); + this.keyLength = digest.keyLength; + this.key = Arrays.Clone(digest.key); + this.digestLength = digest.digestLength; + this.chainValue = Arrays.Clone(digest.chainValue); + this.personalization = Arrays.Clone(digest.personalization); + } + + /** + * BLAKE2s for hashing. + * + * @param digestBits the desired digest length in bits. Must be a multiple of 8 and less than 256. + */ + public Blake2sDigest(int digestBits) + { + if (digestBits < 8 || digestBits > 256 || digestBits % 8 != 0) + throw new ArgumentException("BLAKE2s digest bit length must be a multiple of 8 and not greater than 256"); + + buffer = new byte[BLOCK_LENGTH_BYTES]; + keyLength = 0; + digestLength = digestBits / 8; + Init(); + } + + /** + * BLAKE2s for authentication ("Prefix-MAC mode"). + *

+ * After calling the doFinal() method, the key will remain to be used for + * further computations of this instance. The key can be overwritten using + * the clearKey() method. + * + * @param key a key up to 32 bytes or null + */ + public Blake2sDigest(byte[] key) + { + buffer = new byte[BLOCK_LENGTH_BYTES]; + if (key != null) + { + if (key.Length > 32) + throw new ArgumentException("Keys > 32 are not supported"); + + this.key = new byte[key.Length]; + Array.Copy(key, 0, this.key, 0, key.Length); + + keyLength = key.Length; + Array.Copy(key, 0, buffer, 0, key.Length); + bufferPos = BLOCK_LENGTH_BYTES; // zero padding + } + digestLength = 32; + Init(); + } + + /** + * BLAKE2s with key, required digest length, salt and personalization. + *

+ * After calling the doFinal() method, the key, the salt and the personal + * string will remain and might be used for further computations with this + * instance. The key can be overwritten using the clearKey() method, the + * salt (pepper) can be overwritten using the clearSalt() method. + * + * @param key a key up to 32 bytes or null + * @param digestBytes from 1 up to 32 bytes + * @param salt 8 bytes or null + * @param personalization 8 bytes or null + */ + public Blake2sDigest(byte[] key, int digestBytes, byte[] salt, + byte[] personalization) + { + if (digestBytes < 1 || digestBytes > 32) + throw new ArgumentException("Invalid digest length (required: 1 - 32)"); + + this.digestLength = digestBytes; + this.buffer = new byte[BLOCK_LENGTH_BYTES]; + + if (salt != null) + { + if (salt.Length != 8) + throw new ArgumentException("Salt length must be exactly 8 bytes"); + + this.salt = new byte[8]; + Array.Copy(salt, 0, this.salt, 0, salt.Length); + } + if (personalization != null) + { + if (personalization.Length != 8) + throw new ArgumentException("Personalization length must be exactly 8 bytes"); + + this.personalization = new byte[8]; + Array.Copy(personalization, 0, this.personalization, 0, personalization.Length); + } + if (key != null) + { + if (key.Length > 32) + throw new ArgumentException("Keys > 32 bytes are not supported"); + + this.key = new byte[key.Length]; + Array.Copy(key, 0, this.key, 0, key.Length); + + keyLength = key.Length; + Array.Copy(key, 0, buffer, 0, key.Length); + bufferPos = BLOCK_LENGTH_BYTES; // zero padding + } + Init(); + } + + // initialize chainValue + private void Init() + { + if (chainValue == null) + { + chainValue = new uint[8]; + + chainValue[0] = blake2s_IV[0] ^ (uint)(digestLength | (keyLength << 8) | 0x1010000); + // 0x1010000 = ((fanout << 16) | (depth << 24)); + // with fanout = 1; depth = 0; + chainValue[1] = blake2s_IV[1];// ^ leafLength; with leafLength = 0; + chainValue[2] = blake2s_IV[2];// ^ nodeOffset; with nodeOffset = 0; + chainValue[3] = blake2s_IV[3];// ^ ( (nodeOffset << 32) | (nodeDepth << 16) | (innerHashLength << 24) ); + // with nodeDepth = 0; innerHashLength = 0; + + chainValue[4] = blake2s_IV[4]; + chainValue[5] = blake2s_IV[5]; + if (salt != null) + { + chainValue[4] ^= Pack.LE_To_UInt32(salt, 0); + chainValue[5] ^= Pack.LE_To_UInt32(salt, 4); + } + + chainValue[6] = blake2s_IV[6]; + chainValue[7] = blake2s_IV[7]; + if (personalization != null) + { + chainValue[6] ^= Pack.LE_To_UInt32(personalization, 0); + chainValue[7] ^= Pack.LE_To_UInt32(personalization, 4); + } + } + } + + private void InitializeInternalState() + { + // initialize v: + Array.Copy(chainValue, 0, internalState, 0, chainValue.Length); + Array.Copy(blake2s_IV, 0, internalState, chainValue.Length, 4); + internalState[12] = t0 ^ blake2s_IV[4]; + internalState[13] = t1 ^ blake2s_IV[5]; + internalState[14] = f0 ^ blake2s_IV[6]; + internalState[15] = blake2s_IV[7];// ^ f1 with f1 = 0 + } + + /** + * Update the message digest with a single byte. + * + * @param b the input byte to be entered. + */ + public virtual void Update(byte b) + { + int remainingLength; // left bytes of buffer + + // process the buffer if full else add to buffer: + remainingLength = BLOCK_LENGTH_BYTES - bufferPos; + if (remainingLength == 0) + { // full buffer + t0 += BLOCK_LENGTH_BYTES; + if (t0 == 0) + { // if message > 2^32 + t1++; + } + Compress(buffer, 0); + Array.Clear(buffer, 0, buffer.Length);// clear buffer + buffer[0] = b; + bufferPos = 1; + } + else + { + buffer[bufferPos] = b; + bufferPos++; + } + } + + /** + * Update the message digest with a block of bytes. + * + * @param message the byte array containing the data. + * @param offset the offset into the byte array where the data starts. + * @param len the length of the data. + */ + public virtual void BlockUpdate(byte[] message, int offset, int len) + { + if (message == null || len == 0) + return; + + int remainingLength = 0; // left bytes of buffer + + if (bufferPos != 0) + { // commenced, incomplete buffer + + // complete the buffer: + remainingLength = BLOCK_LENGTH_BYTES - bufferPos; + if (remainingLength < len) + { // full buffer + at least 1 byte + Array.Copy(message, offset, buffer, bufferPos, remainingLength); + t0 += BLOCK_LENGTH_BYTES; + if (t0 == 0) + { // if message > 2^32 + t1++; + } + Compress(buffer, 0); + bufferPos = 0; + Array.Clear(buffer, 0, buffer.Length);// clear buffer + } + else + { + Array.Copy(message, offset, buffer, bufferPos, len); + bufferPos += len; + return; + } + } + + // process blocks except last block (also if last block is full) + int messagePos; + int blockWiseLastPos = offset + len - BLOCK_LENGTH_BYTES; + for (messagePos = offset + remainingLength; + messagePos < blockWiseLastPos; + messagePos += BLOCK_LENGTH_BYTES) + { // block wise 64 bytes + // without buffer: + t0 += BLOCK_LENGTH_BYTES; + if (t0 == 0) + { + t1++; + } + Compress(message, messagePos); + } + + // fill the buffer with left bytes, this might be a full block + Array.Copy(message, messagePos, buffer, 0, offset + len + - messagePos); + bufferPos += offset + len - messagePos; + } + + /** + * Close the digest, producing the final digest value. The doFinal() call + * leaves the digest reset. Key, salt and personal string remain. + * + * @param out the array the digest is to be copied into. + * @param outOffset the offset into the out array the digest is to start at. + */ + public virtual int DoFinal(byte[] output, int outOffset) + { + f0 = 0xFFFFFFFFU; + t0 += (uint)bufferPos; + // bufferPos may be < 64, so (t0 == 0) does not work + // for 2^32 < message length > 2^32 - 63 + if ((t0 < 0) && (bufferPos > -t0)) + { + t1++; + } + Compress(buffer, 0); + Array.Clear(buffer, 0, buffer.Length);// Holds eventually the key if input is null + Array.Clear(internalState, 0, internalState.Length); + + for (int i = 0; i < chainValue.Length && (i * 4 < digestLength); i++) + { + byte[] bytes = Pack.UInt32_To_LE(chainValue[i]); + + if (i * 4 < digestLength - 4) + { + Array.Copy(bytes, 0, output, outOffset + i * 4, 4); + } + else + { + Array.Copy(bytes, 0, output, outOffset + i * 4, digestLength - (i * 4)); + } + } + + Array.Clear(chainValue, 0, chainValue.Length); + + Reset(); + + return digestLength; + } + + /** + * Reset the digest back to its initial state. The key, the salt and the + * personal string will remain for further computations. + */ + public virtual void Reset() + { + bufferPos = 0; + f0 = 0; + t0 = 0; + t1 = 0; + chainValue = null; + Array.Clear(buffer, 0, buffer.Length); + if (key != null) + { + Array.Copy(key, 0, buffer, 0, key.Length); + bufferPos = BLOCK_LENGTH_BYTES; // zero padding + } + Init(); + } + + private void Compress(byte[] message, int messagePos) + { + InitializeInternalState(); + + uint[] m = new uint[16]; + for (int j = 0; j < 16; j++) + { + m[j] = Pack.LE_To_UInt32(message, messagePos + j * 4); + } + + for (int round = 0; round < ROUNDS; round++) + { + + // G apply to columns of internalState:m[blake2s_sigma[round][2 * + // blockPos]] /+1 + G(m[blake2s_sigma[round,0]], m[blake2s_sigma[round,1]], 0, 4, 8, 12); + G(m[blake2s_sigma[round,2]], m[blake2s_sigma[round,3]], 1, 5, 9, 13); + G(m[blake2s_sigma[round,4]], m[blake2s_sigma[round,5]], 2, 6, 10, 14); + G(m[blake2s_sigma[round,6]], m[blake2s_sigma[round,7]], 3, 7, 11, 15); + // G apply to diagonals of internalState: + G(m[blake2s_sigma[round,8]], m[blake2s_sigma[round,9]], 0, 5, 10, 15); + G(m[blake2s_sigma[round,10]], m[blake2s_sigma[round,11]], 1, 6, 11, 12); + G(m[blake2s_sigma[round,12]], m[blake2s_sigma[round,13]], 2, 7, 8, 13); + G(m[blake2s_sigma[round,14]], m[blake2s_sigma[round,15]], 3, 4, 9, 14); + } + + // update chain values: + for (int offset = 0; offset < chainValue.Length; offset++) + { + chainValue[offset] = chainValue[offset] ^ internalState[offset] ^ internalState[offset + 8]; + } + } + + private void G(uint m1, uint m2, int posA, int posB, int posC, int posD) + { + internalState[posA] = internalState[posA] + internalState[posB] + m1; + internalState[posD] = rotr32(internalState[posD] ^ internalState[posA], 16); + internalState[posC] = internalState[posC] + internalState[posD]; + internalState[posB] = rotr32(internalState[posB] ^ internalState[posC], 12); + internalState[posA] = internalState[posA] + internalState[posB] + m2; + internalState[posD] = rotr32(internalState[posD] ^ internalState[posA], 8); + internalState[posC] = internalState[posC] + internalState[posD]; + internalState[posB] = rotr32(internalState[posB] ^ internalState[posC], 7); + } + + private uint rotr32(uint x, int rot) + { + return x >> rot | x << -rot; + } + + /** + * Return the algorithm name. + * + * @return the algorithm name + */ + public virtual string AlgorithmName + { + get { return "BLAKE2s"; } + } + + /** + * Return the size in bytes of the digest produced by this message digest. + * + * @return the size in bytes of the digest produced by this message digest. + */ + public virtual int GetDigestSize() + { + return digestLength; + } + + /** + * Return the size in bytes of the internal buffer the digest applies its + * compression function to. + * + * @return byte length of the digest's internal buffer. + */ + public virtual int GetByteLength() + { + return BLOCK_LENGTH_BYTES; + } + + /** + * Overwrite the key if it is no longer used (zeroization). + */ + public virtual void ClearKey() + { + if (key != null) + { + Array.Clear(key, 0, key.Length); + Array.Clear(buffer, 0, buffer.Length); + } + } + + /** + * Overwrite the salt (pepper) if it is secret and no longer used + * (zeroization). + */ + public virtual void ClearSalt() + { + if (salt != null) + { + Array.Clear(salt, 0, salt.Length); + } + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/digests/CSHAKEDigest.cs b/BouncyCastle/crypto/src/crypto/digests/CSHAKEDigest.cs new file mode 100644 index 0000000..c3b0b70 --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/digests/CSHAKEDigest.cs @@ -0,0 +1,108 @@ +using System; + +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Crypto.Digests +{ + ///

+ /// Customizable SHAKE function. + /// + public class CShakeDigest + : ShakeDigest + { + private static readonly byte[] padding = new byte[100]; + + private static byte[] EncodeString(byte[] str) + { + if (Arrays.IsNullOrEmpty(str)) + { + return XofUtilities.LeftEncode(0L); + } + + return Arrays.Concatenate(XofUtilities.LeftEncode(str.Length * 8L), str); + } + + private readonly byte[] diff; + + /// + /// Base constructor + /// + /// bit length of the underlying SHAKE function, 128 or 256. + /// the function name string, note this is reserved for use by NIST. Avoid using it if not required. + /// the customization string - available for local use. + public CShakeDigest(int bitLength, byte[] N, byte[] S) + : base(bitLength) + { + if ((N == null || N.Length == 0) && (S == null || S.Length == 0)) + { + diff = null; + } + else + { + diff = Arrays.ConcatenateAll(XofUtilities.LeftEncode(rate / 8), EncodeString(N), EncodeString(S)); + DiffPadAndAbsorb(); + } + } + + public CShakeDigest(CShakeDigest source) + : base(source) + { + this.diff = Arrays.Clone(source.diff); + } + + // bytepad in SP 800-185 + private void DiffPadAndAbsorb() + { + int blockSize = rate / 8; + Absorb(diff, 0, diff.Length); + + int delta = diff.Length % blockSize; + + // only add padding if needed + if (delta != 0) + { + int required = blockSize - delta; + + while (required > padding.Length) + { + Absorb(padding, 0, padding.Length); + required -= padding.Length; + } + + Absorb(padding, 0, required); + } + } + + public override string AlgorithmName + { + get { return "CSHAKE" + fixedOutputLength; } + } + + public override int DoOutput(byte[] output, int outOff, int outLen) + { + if (diff == null) + { + return base.DoOutput(output, outOff, outLen); + } + + if (!squeezing) + { + AbsorbBits(0x00, 2); + } + + Squeeze(output, outOff, ((long)outLen) << 3); + + return outLen; + } + + public override void Reset() + { + base.Reset(); + + if (diff != null) + { + DiffPadAndAbsorb(); + } + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/digests/DSTU7564Digest.cs b/BouncyCastle/crypto/src/crypto/digests/DSTU7564Digest.cs new file mode 100644 index 0000000..b2d9079 --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/digests/DSTU7564Digest.cs @@ -0,0 +1,530 @@ +using System; + +using Org.BouncyCastle.Crypto.Engines; +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Crypto.Utilities; + +using Org.BouncyCastle.Utilities; +using Org.BouncyCastle.Utilities.Encoders; + +namespace Org.BouncyCastle.Crypto.Digests +{ + /** + * implementation of Ukrainian DSTU 7564 hash function + */ + public class Dstu7564Digest + : IDigest, IMemoable + { + private const int NB_512 = 8; //Number of 8-byte words in state for <=256-bit hash code. + private const int NB_1024 = 16; //Number of 8-byte words in state for <=512-bit hash code. + + private const int NR_512 = 10; //Number of rounds for 512-bit state. + private const int NR_1024 = 14; //Number of rounds for 1024-bit state. + + private int hashSize; + private int blockSize; + + private int columns; + private int rounds; + + private ulong[] state; + private ulong[] tempState1; + private ulong[] tempState2; + + // TODO Guard against 'inputBlocks' overflow (2^64 blocks) + private ulong inputBlocks; + private int bufOff; + private byte[] buf; + + public Dstu7564Digest(Dstu7564Digest digest) + { + CopyIn(digest); + } + + private void CopyIn(Dstu7564Digest digest) + { + this.hashSize = digest.hashSize; + this.blockSize = digest.blockSize; + + this.rounds = digest.rounds; + if (columns > 0 && columns == digest.columns) + { + Array.Copy(digest.state, 0, state, 0, columns); + Array.Copy(digest.buf, 0, buf, 0, blockSize); + } + else + { + this.columns = digest.columns; + this.state = Arrays.Clone(digest.state); + this.tempState1 = new ulong[columns]; + this.tempState2 = new ulong[columns]; + this.buf = Arrays.Clone(digest.buf); + } + + this.inputBlocks = digest.inputBlocks; + this.bufOff = digest.bufOff; + } + + public Dstu7564Digest(int hashSizeBits) + { + if (hashSizeBits == 256 || hashSizeBits == 384 || hashSizeBits == 512) + { + this.hashSize = hashSizeBits / 8; + } + else + { + throw new ArgumentException("Hash size is not recommended. Use 256/384/512 instead"); + } + + if (hashSizeBits > 256) + { + this.columns = NB_1024; + this.rounds = NR_1024; + } + else + { + this.columns = NB_512; + this.rounds = NR_512; + } + + this.blockSize = columns << 3; + + this.state = new ulong[columns]; + this.state[0] = (ulong)blockSize; + + this.tempState1 = new ulong[columns]; + this.tempState2 = new ulong[columns]; + + this.buf = new byte[blockSize]; + } + + public virtual string AlgorithmName + { + get { return "DSTU7564"; } + } + + public virtual int GetDigestSize() + { + return hashSize; + } + + public virtual int GetByteLength() + { + return blockSize; + } + + public virtual void Update(byte input) + { + buf[bufOff++] = input; + if (bufOff == blockSize) + { + ProcessBlock(buf, 0); + bufOff = 0; + ++inputBlocks; + } + } + + public virtual void BlockUpdate(byte[] input, int inOff, int length) + { + while (bufOff != 0 && length > 0) + { + Update(input[inOff++]); + --length; + } + + if (length > 0) + { + while (length >= blockSize) + { + ProcessBlock(input, inOff); + inOff += blockSize; + length -= blockSize; + ++inputBlocks; + } + + while (length > 0) + { + Update(input[inOff++]); + --length; + } + } + } + + public virtual int DoFinal(byte[] output, int outOff) + { + // Apply padding: terminator byte and 96-bit length field + { + int inputBytes = bufOff; + buf[bufOff++] = (byte)0x80; + + int lenPos = blockSize - 12; + if (bufOff > lenPos) + { + while (bufOff < blockSize) + { + buf[bufOff++] = 0; + } + bufOff = 0; + ProcessBlock(buf, 0); + } + + while (bufOff < lenPos) + { + buf[bufOff++] = 0; + } + + ulong c = ((inputBlocks & 0xFFFFFFFFUL) * (ulong)blockSize + (uint)inputBytes) << 3; + Pack.UInt32_To_LE((uint)c, buf, bufOff); + bufOff += 4; + c >>= 32; + c += ((inputBlocks >> 32) * (ulong)blockSize) << 3; + Pack.UInt64_To_LE(c, buf, bufOff); + // bufOff += 8; + ProcessBlock(buf, 0); + } + + { + Array.Copy(state, 0, tempState1, 0, columns); + + P(tempState1); + + for (int col = 0; col < columns; ++col) + { + state[col] ^= tempState1[col]; + } + } + + int neededColumns = hashSize / 8; + for (int col = columns - neededColumns; col < columns; ++col) + { + Pack.UInt64_To_LE(state[col], output, outOff); + outOff += 8; + } + + Reset(); + + return hashSize; + } + + public virtual void Reset() + { + Array.Clear(state, 0, state.Length); + state[0] = (ulong)blockSize; + + inputBlocks = 0; + bufOff = 0; + } + + protected virtual void ProcessBlock(byte[] input, int inOff) + { + int pos = inOff; + for (int col = 0; col < columns; ++col) + { + ulong word = Pack.LE_To_UInt64(input, pos); + pos += 8; + + tempState1[col] = state[col] ^ word; + tempState2[col] = word; + } + + P(tempState1); + Q(tempState2); + + for (int col = 0; col < columns; ++col) + { + state[col] ^= tempState1[col] ^ tempState2[col]; + } + } + + private void P(ulong[] s) + { + for (int round = 0; round < rounds; ++round) + { + ulong rc = (ulong)round; + + /* AddRoundConstants */ + for (int col = 0; col < columns; ++col) + { + s[col] ^= rc; + rc += 0x10L; + } + + ShiftRows(s); + SubBytes(s); + MixColumns(s); + } + } + + private void Q(ulong[] s) + { + for (int round = 0; round < rounds; ++round) + { + /* AddRoundConstantsQ */ + ulong rc = ((ulong)(((columns - 1) << 4) ^ round) << 56) | 0x00F0F0F0F0F0F0F3UL; + + for (int col = 0; col < columns; ++col) + { + s[col] += rc; + rc -= 0x1000000000000000L; + } + + ShiftRows(s); + SubBytes(s); + MixColumns(s); + } + } + + private static ulong MixColumn(ulong c) + { + //// Calculate column multiplied by powers of 'x' + //ulong x0 = c; + //ulong x1 = ((x0 & 0x7F7F7F7F7F7F7F7FUL) << 1) ^ (((x0 & 0x8080808080808080UL) >> 7) * 0x1DUL); + //ulong x2 = ((x1 & 0x7F7F7F7F7F7F7F7FUL) << 1) ^ (((x1 & 0x8080808080808080UL) >> 7) * 0x1DUL); + //ulong x3 = ((x2 & 0x7F7F7F7F7F7F7F7FUL) << 1) ^ (((x2 & 0x8080808080808080UL) >> 7) * 0x1DUL); + + //// Calculate products with circulant matrix from (0x01, 0x01, 0x05, 0x01, 0x08, 0x06, 0x07, 0x04) + //ulong m0 = x0; + //ulong m1 = x0; + //ulong m2 = x0 ^ x2; + //ulong m3 = x0; + //ulong m4 = x3; + //ulong m5 = x1 ^ x2; + //ulong m6 = x0 ^ x1 ^ x2; + //ulong m7 = x2; + + //// Assemble the rotated products + //return m0 + // ^ Rotate(8, m1) + // ^ Rotate(16, m2) + // ^ Rotate(24, m3) + // ^ Rotate(32, m4) + // ^ Rotate(40, m5) + // ^ Rotate(48, m6) + // ^ Rotate(56, m7); + + // Multiply elements by 'x' + ulong x1 = ((c & 0x7F7F7F7F7F7F7F7FUL) << 1) ^ (((c & 0x8080808080808080UL) >> 7) * 0x1DUL); + ulong u, v; + + u = Rotate(8, c) ^ c; + u ^= Rotate(16, u); + u ^= Rotate(48, c); + + v = u ^ c ^ x1; + + // Multiply elements by 'x^2' + v = ((v & 0x3F3F3F3F3F3F3F3FUL) << 2) ^ (((v & 0x8080808080808080UL) >> 6) * 0x1DUL) ^ (((v & 0x4040404040404040UL) >> 6) * 0x1DUL); + + return u ^ Rotate(32, v) ^ Rotate(40, x1) ^ Rotate(48, x1); + } + + private void MixColumns(ulong[] s) + { + for (int col = 0; col < columns; ++col) + { + s[col] = MixColumn(s[col]); + } + } + + private static ulong Rotate(int n, ulong x) + { + return (x >> n) | (x << -n); + } + + private void ShiftRows(ulong[] s) + { + switch (columns) + { + case NB_512: + { + ulong c0 = s[0], c1 = s[1], c2 = s[2], c3 = s[3]; + ulong c4 = s[4], c5 = s[5], c6 = s[6], c7 = s[7]; + ulong d; + + d = (c0 ^ c4) & 0xFFFFFFFF00000000UL; c0 ^= d; c4 ^= d; + d = (c1 ^ c5) & 0x00FFFFFFFF000000UL; c1 ^= d; c5 ^= d; + d = (c2 ^ c6) & 0x0000FFFFFFFF0000UL; c2 ^= d; c6 ^= d; + d = (c3 ^ c7) & 0x000000FFFFFFFF00UL; c3 ^= d; c7 ^= d; + + d = (c0 ^ c2) & 0xFFFF0000FFFF0000UL; c0 ^= d; c2 ^= d; + d = (c1 ^ c3) & 0x00FFFF0000FFFF00UL; c1 ^= d; c3 ^= d; + d = (c4 ^ c6) & 0xFFFF0000FFFF0000UL; c4 ^= d; c6 ^= d; + d = (c5 ^ c7) & 0x00FFFF0000FFFF00UL; c5 ^= d; c7 ^= d; + + d = (c0 ^ c1) & 0xFF00FF00FF00FF00UL; c0 ^= d; c1 ^= d; + d = (c2 ^ c3) & 0xFF00FF00FF00FF00UL; c2 ^= d; c3 ^= d; + d = (c4 ^ c5) & 0xFF00FF00FF00FF00UL; c4 ^= d; c5 ^= d; + d = (c6 ^ c7) & 0xFF00FF00FF00FF00UL; c6 ^= d; c7 ^= d; + + s[0] = c0; s[1] = c1; s[2] = c2; s[3] = c3; + s[4] = c4; s[5] = c5; s[6] = c6; s[7] = c7; + break; + } + case NB_1024: + { + ulong c00 = s[0], c01 = s[1], c02 = s[2], c03 = s[3]; + ulong c04 = s[4], c05 = s[5], c06 = s[6], c07 = s[7]; + ulong c08 = s[8], c09 = s[9], c10 = s[10], c11 = s[11]; + ulong c12 = s[12], c13 = s[13], c14 = s[14], c15 = s[15]; + ulong d; + + // NOTE: Row 7 is shifted by 11 + + d = (c00 ^ c08) & 0xFF00000000000000UL; c00 ^= d; c08 ^= d; + d = (c01 ^ c09) & 0xFF00000000000000UL; c01 ^= d; c09 ^= d; + d = (c02 ^ c10) & 0xFFFF000000000000UL; c02 ^= d; c10 ^= d; + d = (c03 ^ c11) & 0xFFFFFF0000000000UL; c03 ^= d; c11 ^= d; + d = (c04 ^ c12) & 0xFFFFFFFF00000000UL; c04 ^= d; c12 ^= d; + d = (c05 ^ c13) & 0x00FFFFFFFF000000UL; c05 ^= d; c13 ^= d; + d = (c06 ^ c14) & 0x00FFFFFFFFFF0000UL; c06 ^= d; c14 ^= d; + d = (c07 ^ c15) & 0x00FFFFFFFFFFFF00UL; c07 ^= d; c15 ^= d; + + d = (c00 ^ c04) & 0x00FFFFFF00000000UL; c00 ^= d; c04 ^= d; + d = (c01 ^ c05) & 0xFFFFFFFFFF000000UL; c01 ^= d; c05 ^= d; + d = (c02 ^ c06) & 0xFF00FFFFFFFF0000UL; c02 ^= d; c06 ^= d; + d = (c03 ^ c07) & 0xFF0000FFFFFFFF00UL; c03 ^= d; c07 ^= d; + d = (c08 ^ c12) & 0x00FFFFFF00000000UL; c08 ^= d; c12 ^= d; + d = (c09 ^ c13) & 0xFFFFFFFFFF000000UL; c09 ^= d; c13 ^= d; + d = (c10 ^ c14) & 0xFF00FFFFFFFF0000UL; c10 ^= d; c14 ^= d; + d = (c11 ^ c15) & 0xFF0000FFFFFFFF00UL; c11 ^= d; c15 ^= d; + + d = (c00 ^ c02) & 0xFFFF0000FFFF0000UL; c00 ^= d; c02 ^= d; + d = (c01 ^ c03) & 0x00FFFF0000FFFF00UL; c01 ^= d; c03 ^= d; + d = (c04 ^ c06) & 0xFFFF0000FFFF0000UL; c04 ^= d; c06 ^= d; + d = (c05 ^ c07) & 0x00FFFF0000FFFF00UL; c05 ^= d; c07 ^= d; + d = (c08 ^ c10) & 0xFFFF0000FFFF0000UL; c08 ^= d; c10 ^= d; + d = (c09 ^ c11) & 0x00FFFF0000FFFF00UL; c09 ^= d; c11 ^= d; + d = (c12 ^ c14) & 0xFFFF0000FFFF0000UL; c12 ^= d; c14 ^= d; + d = (c13 ^ c15) & 0x00FFFF0000FFFF00UL; c13 ^= d; c15 ^= d; + + d = (c00 ^ c01) & 0xFF00FF00FF00FF00UL; c00 ^= d; c01 ^= d; + d = (c02 ^ c03) & 0xFF00FF00FF00FF00UL; c02 ^= d; c03 ^= d; + d = (c04 ^ c05) & 0xFF00FF00FF00FF00UL; c04 ^= d; c05 ^= d; + d = (c06 ^ c07) & 0xFF00FF00FF00FF00UL; c06 ^= d; c07 ^= d; + d = (c08 ^ c09) & 0xFF00FF00FF00FF00UL; c08 ^= d; c09 ^= d; + d = (c10 ^ c11) & 0xFF00FF00FF00FF00UL; c10 ^= d; c11 ^= d; + d = (c12 ^ c13) & 0xFF00FF00FF00FF00UL; c12 ^= d; c13 ^= d; + d = (c14 ^ c15) & 0xFF00FF00FF00FF00UL; c14 ^= d; c15 ^= d; + + s[0] = c00; s[1] = c01; s[2] = c02; s[3] = c03; + s[4] = c04; s[5] = c05; s[6] = c06; s[7] = c07; + s[8] = c08; s[9] = c09; s[10] = c10; s[11] = c11; + s[12] = c12; s[13] = c13; s[14] = c14; s[15] = c15; + break; + } + default: + { + throw new InvalidOperationException("unsupported state size: only 512/1024 are allowed"); + } + } + } + + private void SubBytes(ulong[] s) + { + for (int i = 0; i < columns; ++i) + { + ulong u = s[i]; + uint lo = (uint)u, hi = (uint)(u >> 32); + byte t0 = S0[lo & 0xFF]; + byte t1 = S1[(lo >> 8) & 0xFF]; + byte t2 = S2[(lo >> 16) & 0xFF]; + byte t3 = S3[lo >> 24]; + lo = (uint)t0 | ((uint)t1 << 8) | ((uint)t2 << 16) | ((uint)t3 << 24); + byte t4 = S0[hi & 0xFF]; + byte t5 = S1[(hi >> 8) & 0xFF]; + byte t6 = S2[(hi >> 16) & 0xFF]; + byte t7 = S3[hi >> 24]; + hi = (uint)t4 | ((uint)t5 << 8) | ((uint)t6 << 16) | ((uint)t7 << 24); + s[i] = (ulong)lo | ((ulong)hi << 32); + } + } + + private static readonly byte[] S0 = new byte[] { + 0xa8, 0x43, 0x5f, 0x06, 0x6b, 0x75, 0x6c, 0x59, 0x71, 0xdf, 0x87, 0x95, 0x17, 0xf0, 0xd8, 0x09, + 0x6d, 0xf3, 0x1d, 0xcb, 0xc9, 0x4d, 0x2c, 0xaf, 0x79, 0xe0, 0x97, 0xfd, 0x6f, 0x4b, 0x45, 0x39, + 0x3e, 0xdd, 0xa3, 0x4f, 0xb4, 0xb6, 0x9a, 0x0e, 0x1f, 0xbf, 0x15, 0xe1, 0x49, 0xd2, 0x93, 0xc6, + 0x92, 0x72, 0x9e, 0x61, 0xd1, 0x63, 0xfa, 0xee, 0xf4, 0x19, 0xd5, 0xad, 0x58, 0xa4, 0xbb, 0xa1, + 0xdc, 0xf2, 0x83, 0x37, 0x42, 0xe4, 0x7a, 0x32, 0x9c, 0xcc, 0xab, 0x4a, 0x8f, 0x6e, 0x04, 0x27, + 0x2e, 0xe7, 0xe2, 0x5a, 0x96, 0x16, 0x23, 0x2b, 0xc2, 0x65, 0x66, 0x0f, 0xbc, 0xa9, 0x47, 0x41, + 0x34, 0x48, 0xfc, 0xb7, 0x6a, 0x88, 0xa5, 0x53, 0x86, 0xf9, 0x5b, 0xdb, 0x38, 0x7b, 0xc3, 0x1e, + 0x22, 0x33, 0x24, 0x28, 0x36, 0xc7, 0xb2, 0x3b, 0x8e, 0x77, 0xba, 0xf5, 0x14, 0x9f, 0x08, 0x55, + 0x9b, 0x4c, 0xfe, 0x60, 0x5c, 0xda, 0x18, 0x46, 0xcd, 0x7d, 0x21, 0xb0, 0x3f, 0x1b, 0x89, 0xff, + 0xeb, 0x84, 0x69, 0x3a, 0x9d, 0xd7, 0xd3, 0x70, 0x67, 0x40, 0xb5, 0xde, 0x5d, 0x30, 0x91, 0xb1, + 0x78, 0x11, 0x01, 0xe5, 0x00, 0x68, 0x98, 0xa0, 0xc5, 0x02, 0xa6, 0x74, 0x2d, 0x0b, 0xa2, 0x76, + 0xb3, 0xbe, 0xce, 0xbd, 0xae, 0xe9, 0x8a, 0x31, 0x1c, 0xec, 0xf1, 0x99, 0x94, 0xaa, 0xf6, 0x26, + 0x2f, 0xef, 0xe8, 0x8c, 0x35, 0x03, 0xd4, 0x7f, 0xfb, 0x05, 0xc1, 0x5e, 0x90, 0x20, 0x3d, 0x82, + 0xf7, 0xea, 0x0a, 0x0d, 0x7e, 0xf8, 0x50, 0x1a, 0xc4, 0x07, 0x57, 0xb8, 0x3c, 0x62, 0xe3, 0xc8, + 0xac, 0x52, 0x64, 0x10, 0xd0, 0xd9, 0x13, 0x0c, 0x12, 0x29, 0x51, 0xb9, 0xcf, 0xd6, 0x73, 0x8d, + 0x81, 0x54, 0xc0, 0xed, 0x4e, 0x44, 0xa7, 0x2a, 0x85, 0x25, 0xe6, 0xca, 0x7c, 0x8b, 0x56, 0x80 + }; + + private static readonly byte[] S1 = new byte[] { + 0xce, 0xbb, 0xeb, 0x92, 0xea, 0xcb, 0x13, 0xc1, 0xe9, 0x3a, 0xd6, 0xb2, 0xd2, 0x90, 0x17, 0xf8, + 0x42, 0x15, 0x56, 0xb4, 0x65, 0x1c, 0x88, 0x43, 0xc5, 0x5c, 0x36, 0xba, 0xf5, 0x57, 0x67, 0x8d, + 0x31, 0xf6, 0x64, 0x58, 0x9e, 0xf4, 0x22, 0xaa, 0x75, 0x0f, 0x02, 0xb1, 0xdf, 0x6d, 0x73, 0x4d, + 0x7c, 0x26, 0x2e, 0xf7, 0x08, 0x5d, 0x44, 0x3e, 0x9f, 0x14, 0xc8, 0xae, 0x54, 0x10, 0xd8, 0xbc, + 0x1a, 0x6b, 0x69, 0xf3, 0xbd, 0x33, 0xab, 0xfa, 0xd1, 0x9b, 0x68, 0x4e, 0x16, 0x95, 0x91, 0xee, + 0x4c, 0x63, 0x8e, 0x5b, 0xcc, 0x3c, 0x19, 0xa1, 0x81, 0x49, 0x7b, 0xd9, 0x6f, 0x37, 0x60, 0xca, + 0xe7, 0x2b, 0x48, 0xfd, 0x96, 0x45, 0xfc, 0x41, 0x12, 0x0d, 0x79, 0xe5, 0x89, 0x8c, 0xe3, 0x20, + 0x30, 0xdc, 0xb7, 0x6c, 0x4a, 0xb5, 0x3f, 0x97, 0xd4, 0x62, 0x2d, 0x06, 0xa4, 0xa5, 0x83, 0x5f, + 0x2a, 0xda, 0xc9, 0x00, 0x7e, 0xa2, 0x55, 0xbf, 0x11, 0xd5, 0x9c, 0xcf, 0x0e, 0x0a, 0x3d, 0x51, + 0x7d, 0x93, 0x1b, 0xfe, 0xc4, 0x47, 0x09, 0x86, 0x0b, 0x8f, 0x9d, 0x6a, 0x07, 0xb9, 0xb0, 0x98, + 0x18, 0x32, 0x71, 0x4b, 0xef, 0x3b, 0x70, 0xa0, 0xe4, 0x40, 0xff, 0xc3, 0xa9, 0xe6, 0x78, 0xf9, + 0x8b, 0x46, 0x80, 0x1e, 0x38, 0xe1, 0xb8, 0xa8, 0xe0, 0x0c, 0x23, 0x76, 0x1d, 0x25, 0x24, 0x05, + 0xf1, 0x6e, 0x94, 0x28, 0x9a, 0x84, 0xe8, 0xa3, 0x4f, 0x77, 0xd3, 0x85, 0xe2, 0x52, 0xf2, 0x82, + 0x50, 0x7a, 0x2f, 0x74, 0x53, 0xb3, 0x61, 0xaf, 0x39, 0x35, 0xde, 0xcd, 0x1f, 0x99, 0xac, 0xad, + 0x72, 0x2c, 0xdd, 0xd0, 0x87, 0xbe, 0x5e, 0xa6, 0xec, 0x04, 0xc6, 0x03, 0x34, 0xfb, 0xdb, 0x59, + 0xb6, 0xc2, 0x01, 0xf0, 0x5a, 0xed, 0xa7, 0x66, 0x21, 0x7f, 0x8a, 0x27, 0xc7, 0xc0, 0x29, 0xd7 + }; + + private static readonly byte[] S2 = new byte[] { + 0x93, 0xd9, 0x9a, 0xb5, 0x98, 0x22, 0x45, 0xfc, 0xba, 0x6a, 0xdf, 0x02, 0x9f, 0xdc, 0x51, 0x59, + 0x4a, 0x17, 0x2b, 0xc2, 0x94, 0xf4, 0xbb, 0xa3, 0x62, 0xe4, 0x71, 0xd4, 0xcd, 0x70, 0x16, 0xe1, + 0x49, 0x3c, 0xc0, 0xd8, 0x5c, 0x9b, 0xad, 0x85, 0x53, 0xa1, 0x7a, 0xc8, 0x2d, 0xe0, 0xd1, 0x72, + 0xa6, 0x2c, 0xc4, 0xe3, 0x76, 0x78, 0xb7, 0xb4, 0x09, 0x3b, 0x0e, 0x41, 0x4c, 0xde, 0xb2, 0x90, + 0x25, 0xa5, 0xd7, 0x03, 0x11, 0x00, 0xc3, 0x2e, 0x92, 0xef, 0x4e, 0x12, 0x9d, 0x7d, 0xcb, 0x35, + 0x10, 0xd5, 0x4f, 0x9e, 0x4d, 0xa9, 0x55, 0xc6, 0xd0, 0x7b, 0x18, 0x97, 0xd3, 0x36, 0xe6, 0x48, + 0x56, 0x81, 0x8f, 0x77, 0xcc, 0x9c, 0xb9, 0xe2, 0xac, 0xb8, 0x2f, 0x15, 0xa4, 0x7c, 0xda, 0x38, + 0x1e, 0x0b, 0x05, 0xd6, 0x14, 0x6e, 0x6c, 0x7e, 0x66, 0xfd, 0xb1, 0xe5, 0x60, 0xaf, 0x5e, 0x33, + 0x87, 0xc9, 0xf0, 0x5d, 0x6d, 0x3f, 0x88, 0x8d, 0xc7, 0xf7, 0x1d, 0xe9, 0xec, 0xed, 0x80, 0x29, + 0x27, 0xcf, 0x99, 0xa8, 0x50, 0x0f, 0x37, 0x24, 0x28, 0x30, 0x95, 0xd2, 0x3e, 0x5b, 0x40, 0x83, + 0xb3, 0x69, 0x57, 0x1f, 0x07, 0x1c, 0x8a, 0xbc, 0x20, 0xeb, 0xce, 0x8e, 0xab, 0xee, 0x31, 0xa2, + 0x73, 0xf9, 0xca, 0x3a, 0x1a, 0xfb, 0x0d, 0xc1, 0xfe, 0xfa, 0xf2, 0x6f, 0xbd, 0x96, 0xdd, 0x43, + 0x52, 0xb6, 0x08, 0xf3, 0xae, 0xbe, 0x19, 0x89, 0x32, 0x26, 0xb0, 0xea, 0x4b, 0x64, 0x84, 0x82, + 0x6b, 0xf5, 0x79, 0xbf, 0x01, 0x5f, 0x75, 0x63, 0x1b, 0x23, 0x3d, 0x68, 0x2a, 0x65, 0xe8, 0x91, + 0xf6, 0xff, 0x13, 0x58, 0xf1, 0x47, 0x0a, 0x7f, 0xc5, 0xa7, 0xe7, 0x61, 0x5a, 0x06, 0x46, 0x44, + 0x42, 0x04, 0xa0, 0xdb, 0x39, 0x86, 0x54, 0xaa, 0x8c, 0x34, 0x21, 0x8b, 0xf8, 0x0c, 0x74, 0x67 + }; + + private static readonly byte[] S3 = new byte[] { + 0x68, 0x8d, 0xca, 0x4d, 0x73, 0x4b, 0x4e, 0x2a, 0xd4, 0x52, 0x26, 0xb3, 0x54, 0x1e, 0x19, 0x1f, + 0x22, 0x03, 0x46, 0x3d, 0x2d, 0x4a, 0x53, 0x83, 0x13, 0x8a, 0xb7, 0xd5, 0x25, 0x79, 0xf5, 0xbd, + 0x58, 0x2f, 0x0d, 0x02, 0xed, 0x51, 0x9e, 0x11, 0xf2, 0x3e, 0x55, 0x5e, 0xd1, 0x16, 0x3c, 0x66, + 0x70, 0x5d, 0xf3, 0x45, 0x40, 0xcc, 0xe8, 0x94, 0x56, 0x08, 0xce, 0x1a, 0x3a, 0xd2, 0xe1, 0xdf, + 0xb5, 0x38, 0x6e, 0x0e, 0xe5, 0xf4, 0xf9, 0x86, 0xe9, 0x4f, 0xd6, 0x85, 0x23, 0xcf, 0x32, 0x99, + 0x31, 0x14, 0xae, 0xee, 0xc8, 0x48, 0xd3, 0x30, 0xa1, 0x92, 0x41, 0xb1, 0x18, 0xc4, 0x2c, 0x71, + 0x72, 0x44, 0x15, 0xfd, 0x37, 0xbe, 0x5f, 0xaa, 0x9b, 0x88, 0xd8, 0xab, 0x89, 0x9c, 0xfa, 0x60, + 0xea, 0xbc, 0x62, 0x0c, 0x24, 0xa6, 0xa8, 0xec, 0x67, 0x20, 0xdb, 0x7c, 0x28, 0xdd, 0xac, 0x5b, + 0x34, 0x7e, 0x10, 0xf1, 0x7b, 0x8f, 0x63, 0xa0, 0x05, 0x9a, 0x43, 0x77, 0x21, 0xbf, 0x27, 0x09, + 0xc3, 0x9f, 0xb6, 0xd7, 0x29, 0xc2, 0xeb, 0xc0, 0xa4, 0x8b, 0x8c, 0x1d, 0xfb, 0xff, 0xc1, 0xb2, + 0x97, 0x2e, 0xf8, 0x65, 0xf6, 0x75, 0x07, 0x04, 0x49, 0x33, 0xe4, 0xd9, 0xb9, 0xd0, 0x42, 0xc7, + 0x6c, 0x90, 0x00, 0x8e, 0x6f, 0x50, 0x01, 0xc5, 0xda, 0x47, 0x3f, 0xcd, 0x69, 0xa2, 0xe2, 0x7a, + 0xa7, 0xc6, 0x93, 0x0f, 0x0a, 0x06, 0xe6, 0x2b, 0x96, 0xa3, 0x1c, 0xaf, 0x6a, 0x12, 0x84, 0x39, + 0xe7, 0xb0, 0x82, 0xf7, 0xfe, 0x9d, 0x87, 0x5c, 0x81, 0x35, 0xde, 0xb4, 0xa5, 0xfc, 0x80, 0xef, + 0xcb, 0xbb, 0x6b, 0x76, 0xba, 0x5a, 0x7d, 0x78, 0x0b, 0x95, 0xe3, 0xad, 0x74, 0x98, 0x3b, 0x36, + 0x64, 0x6d, 0xdc, 0xf0, 0x59, 0xa9, 0x4c, 0x17, 0x7f, 0x91, 0xb8, 0xc9, 0x57, 0x1b, 0xe0, 0x61 + }; + + public virtual IMemoable Copy() + { + return new Dstu7564Digest(this); + } + + public virtual void Reset(IMemoable other) + { + Dstu7564Digest d = (Dstu7564Digest)other; + + CopyIn(d); + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/digests/GOST3411Digest.cs b/BouncyCastle/crypto/src/crypto/digests/GOST3411Digest.cs new file mode 100644 index 0000000..218adf6 --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/digests/GOST3411Digest.cs @@ -0,0 +1,356 @@ +using System; + +using Org.BouncyCastle.Crypto.Engines; +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Crypto.Utilities; +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Crypto.Digests +{ + /** + * implementation of GOST R 34.11-94 + */ + public class Gost3411Digest + : IDigest, IMemoable + { + private const int DIGEST_LENGTH = 32; + + private byte[] H = new byte[32], L = new byte[32], + M = new byte[32], Sum = new byte[32]; + private byte[][] C = MakeC(); + + private byte[] xBuf = new byte[32]; + private int xBufOff; + private ulong byteCount; + + private readonly IBlockCipher cipher = new Gost28147Engine(); + private byte[] sBox; + + private static byte[][] MakeC() + { + byte[][] c = new byte[4][]; + for (int i = 0; i < 4; ++i) + { + c[i] = new byte[32]; + } + return c; + } + + /** + * Standard constructor + */ + public Gost3411Digest() + { + sBox = Gost28147Engine.GetSBox("D-A"); + cipher.Init(true, new ParametersWithSBox(null, sBox)); + + Reset(); + } + + /** + * Constructor to allow use of a particular sbox with GOST28147 + * @see GOST28147Engine#getSBox(String) + */ + public Gost3411Digest(byte[] sBoxParam) + { + sBox = Arrays.Clone(sBoxParam); + cipher.Init(true, new ParametersWithSBox(null, sBox)); + + Reset(); + } + + /** + * Copy constructor. This will copy the state of the provided + * message digest. + */ + public Gost3411Digest(Gost3411Digest t) + { + Reset(t); + } + + public string AlgorithmName + { + get { return "Gost3411"; } + } + + public int GetDigestSize() + { + return DIGEST_LENGTH; + } + + public void Update( + byte input) + { + xBuf[xBufOff++] = input; + if (xBufOff == xBuf.Length) + { + sumByteArray(xBuf); // calc sum M + processBlock(xBuf, 0); + xBufOff = 0; + } + byteCount++; + } + + public void BlockUpdate( + byte[] input, + int inOff, + int length) + { + while ((xBufOff != 0) && (length > 0)) + { + Update(input[inOff]); + inOff++; + length--; + } + + while (length > xBuf.Length) + { + Array.Copy(input, inOff, xBuf, 0, xBuf.Length); + + sumByteArray(xBuf); // calc sum M + processBlock(xBuf, 0); + inOff += xBuf.Length; + length -= xBuf.Length; + byteCount += (uint)xBuf.Length; + } + + // load in the remainder. + while (length > 0) + { + Update(input[inOff]); + inOff++; + length--; + } + } + + // (i + 1 + 4(k - 1)) = 8i + k i = 0-3, k = 1-8 + private byte[] K = new byte[32]; + + private byte[] P(byte[] input) + { + int fourK = 0; + for(int k = 0; k < 8; k++) + { + K[fourK++] = input[k]; + K[fourK++] = input[8 + k]; + K[fourK++] = input[16 + k]; + K[fourK++] = input[24 + k]; + } + + return K; + } + + //A (x) = (x0 ^ x1) || x3 || x2 || x1 + byte[] a = new byte[8]; + private byte[] A(byte[] input) + { + for(int j=0; j<8; j++) + { + a[j]=(byte)(input[j] ^ input[j+8]); + } + + Array.Copy(input, 8, input, 0, 24); + Array.Copy(a, 0, input, 24, 8); + + return input; + } + + //Encrypt function, ECB mode + private void E(byte[] key, byte[] s, int sOff, byte[] input, int inOff) + { + cipher.Init(true, new KeyParameter(key)); + + cipher.ProcessBlock(input, inOff, s, sOff); + } + + // (in:) n16||..||n1 ==> (out:) n1^n2^n3^n4^n13^n16||n16||..||n2 + internal short[] wS = new short[16], w_S = new short[16]; + + private void fw(byte[] input) + { + cpyBytesToShort(input, wS); + w_S[15] = (short)(wS[0] ^ wS[1] ^ wS[2] ^ wS[3] ^ wS[12] ^ wS[15]); + Array.Copy(wS, 1, w_S, 0, 15); + cpyShortToBytes(w_S, input); + } + + // block processing + internal byte[] S = new byte[32], U = new byte[32], V = new byte[32], W = new byte[32]; + + private void processBlock(byte[] input, int inOff) + { + Array.Copy(input, inOff, M, 0, 32); + + //key step 1 + + // H = h3 || h2 || h1 || h0 + // S = s3 || s2 || s1 || s0 + H.CopyTo(U, 0); + M.CopyTo(V, 0); + for (int j=0; j<32; j++) + { + W[j] = (byte)(U[j]^V[j]); + } + // Encrypt gost28147-ECB + E(P(W), S, 0, H, 0); // s0 = EK0 [h0] + + //keys step 2,3,4 + for (int i=1; i<4; i++) + { + byte[] tmpA = A(U); + for (int j=0; j<32; j++) + { + U[j] = (byte)(tmpA[j] ^ C[i][j]); + } + V = A(A(V)); + for (int j=0; j<32; j++) + { + W[j] = (byte)(U[j]^V[j]); + } + // Encrypt gost28147-ECB + E(P(W), S, i * 8, H, i * 8); // si = EKi [hi] + } + + // x(M, H) = y61(H^y(M^y12(S))) + for(int n = 0; n < 12; n++) + { + fw(S); + } + for(int n = 0; n < 32; n++) + { + S[n] = (byte)(S[n] ^ M[n]); + } + + fw(S); + + for(int n = 0; n < 32; n++) + { + S[n] = (byte)(H[n] ^ S[n]); + } + for(int n = 0; n < 61; n++) + { + fw(S); + } + Array.Copy(S, 0, H, 0, H.Length); + } + + private void finish() + { + ulong bitCount = byteCount * 8; + Pack.UInt64_To_LE(bitCount, L); + + while (xBufOff != 0) + { + Update((byte)0); + } + + processBlock(L, 0); + processBlock(Sum, 0); + } + + public int DoFinal( + byte[] output, + int outOff) + { + finish(); + + H.CopyTo(output, outOff); + + Reset(); + + return DIGEST_LENGTH; + } + + /** + * reset the chaining variables to the IV values. + */ + private static readonly byte[] C2 = { + 0x00,(byte)0xFF,0x00,(byte)0xFF,0x00,(byte)0xFF,0x00,(byte)0xFF, + (byte)0xFF,0x00,(byte)0xFF,0x00,(byte)0xFF,0x00,(byte)0xFF,0x00, + 0x00,(byte)0xFF,(byte)0xFF,0x00,(byte)0xFF,0x00,0x00,(byte)0xFF, + (byte)0xFF,0x00,0x00,0x00,(byte)0xFF,(byte)0xFF,0x00,(byte)0xFF + }; + + public void Reset() + { + byteCount = 0; + xBufOff = 0; + + Array.Clear(H, 0, H.Length); + Array.Clear(L, 0, L.Length); + Array.Clear(M, 0, M.Length); + Array.Clear(C[1], 0, C[1].Length); // real index C = +1 because index array with 0. + Array.Clear(C[3], 0, C[3].Length); + Array.Clear(Sum, 0, Sum.Length); + Array.Clear(xBuf, 0, xBuf.Length); + + C2.CopyTo(C[2], 0); + } + + // 256 bitsblock modul -> (Sum + a mod (2^256)) + private void sumByteArray( + byte[] input) + { + int carry = 0; + + for (int i = 0; i != Sum.Length; i++) + { + int sum = (Sum[i] & 0xff) + (input[i] & 0xff) + carry; + + Sum[i] = (byte)sum; + + carry = sum >> 8; + } + } + + private static void cpyBytesToShort(byte[] S, short[] wS) + { + for(int i = 0; i < S.Length / 2; i++) + { + wS[i] = (short)(((S[i*2+1]<<8)&0xFF00)|(S[i*2]&0xFF)); + } + } + + private static void cpyShortToBytes(short[] wS, byte[] S) + { + for(int i=0; i> 8); + S[i*2] = (byte)wS[i]; + } + } + + public int GetByteLength() + { + return 32; + } + + public IMemoable Copy() + { + return new Gost3411Digest(this); + } + + public void Reset(IMemoable other) + { + Gost3411Digest t = (Gost3411Digest)other; + + this.sBox = t.sBox; + cipher.Init(true, new ParametersWithSBox(null, sBox)); + + Reset(); + + Array.Copy(t.H, 0, this.H, 0, t.H.Length); + Array.Copy(t.L, 0, this.L, 0, t.L.Length); + Array.Copy(t.M, 0, this.M, 0, t.M.Length); + Array.Copy(t.Sum, 0, this.Sum, 0, t.Sum.Length); + Array.Copy(t.C[1], 0, this.C[1], 0, t.C[1].Length); + Array.Copy(t.C[2], 0, this.C[2], 0, t.C[2].Length); + Array.Copy(t.C[3], 0, this.C[3], 0, t.C[3].Length); + Array.Copy(t.xBuf, 0, this.xBuf, 0, t.xBuf.Length); + + this.xBufOff = t.xBufOff; + this.byteCount = t.byteCount; + } + } + +} diff --git a/BouncyCastle/crypto/src/crypto/digests/GOST3411_2012Digest.cs b/BouncyCastle/crypto/src/crypto/digests/GOST3411_2012Digest.cs new file mode 100644 index 0000000..68cb6c0 --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/digests/GOST3411_2012Digest.cs @@ -0,0 +1,1036 @@ +using System; +using Org.BouncyCastle.Crypto; +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Crypto.Digests +{ + public abstract class Gost3411_2012Digest:IDigest,IMemoable + { + private readonly byte[] IV = new byte[64]; + private readonly byte[] N = new byte[64]; + private readonly byte[] Sigma = new byte[64]; + private readonly byte[] Ki = new byte[64]; + private readonly byte[] m = new byte[64]; + private readonly byte[] h = new byte[64]; + + // Temporary buffers + private readonly byte[] tmp = new byte[64]; + private readonly byte[] block = new byte[64]; + + private int bOff = 64; + + protected Gost3411_2012Digest(byte[] IV) + { + System.Array.Copy(IV,this.IV,64); + System.Array.Copy(IV, h, 64); + } + + public abstract string AlgorithmName { get; } + + public abstract IMemoable Copy(); + + public virtual int DoFinal(byte[] output, int outOff) + { + int lenM = 64 - bOff; + + // At this point it is certain that lenM is smaller than 64 + for (int i = 0; i != 64 - lenM; i++) + { + m[i] = 0; + } + + m[63 - lenM] = 1; + + if (bOff != 64) + { + System.Array.Copy(block, bOff, m, 64 - lenM, lenM); + } + + g_N(h, N, m); + addMod512(N, lenM * 8); + addMod512(Sigma, m); + g_N(h, Zero, N); + g_N(h, Zero, Sigma); + + reverse(h, tmp); + + Array.Copy(tmp, 0, output, outOff, 64); + + Reset(); + return 64; + } + + public int GetByteLength() + { + return 64; + } + + public abstract int GetDigestSize(); + + + public void Reset() + { + bOff = 64; + Arrays.Fill(N, (byte)0); + Arrays.Fill(Sigma, (byte)0); + System.Array.Copy(IV, 0, h, 0, 64); + Arrays.Fill(block, (byte)0); + } + + public void Reset(IMemoable other) + { + Gost3411_2012Digest o = (Gost3411_2012Digest)other; + + System.Array.Copy(o.IV, 0, this.IV, 0, 64); + System.Array.Copy(o.N, 0, this.N, 0, 64); + System.Array.Copy(o.Sigma, 0, this.Sigma, 0, 64); + System.Array.Copy(o.Ki, 0, this.Ki, 0, 64); + System.Array.Copy(o.m, 0, this.m, 0, 64); + System.Array.Copy(o.h, 0, this.h, 0, 64); + + System.Array.Copy(o.block, 0, this.block, 0, 64); + this.bOff = o.bOff; + } + + public void Update(byte input) + { + block[--bOff] = input; + if (bOff == 0) + { + g_N(h, N, block); + addMod512(N, 512); + addMod512(Sigma, block); + bOff = 64; + } + } + + + public void BlockUpdate(byte[] input, int inOff, int len) + { + while (bOff != 64 && len > 0) + { + Update(input[inOff++]); + len--; + } + while (len >= 64) + { + System.Array.Copy(input, inOff, tmp, 0, 64); + reverse(tmp, block); + g_N(h, N, block); + addMod512(N, 512); + addMod512(Sigma, block); + + len -= 64; + inOff += 64; + } + while (len > 0) + { + Update(input[inOff++]); + len--; + } + } + + + + + private void F(byte[] V) + { + ulong[] res = new ulong[8]; + ulong r; + + r = 0; + r ^= T[0][(V[56] & 0xFF)]; + r ^= T[1][(V[48] & 0xFF)]; + r ^= T[2][(V[40] & 0xFF)]; + r ^= T[3][(V[32] & 0xFF)]; + r ^= T[4][(V[24] & 0xFF)]; + r ^= T[5][(V[16] & 0xFF)]; + r ^= T[6][(V[8] & 0xFF)]; + r ^= T[7][(V[0] & 0xFF)]; + res[0] = r; + + r = 0; + r ^= T[0][(V[57] & 0xFF)]; + r ^= T[1][(V[49] & 0xFF)]; + r ^= T[2][(V[41] & 0xFF)]; + r ^= T[3][(V[33] & 0xFF)]; + r ^= T[4][(V[25] & 0xFF)]; + r ^= T[5][(V[17] & 0xFF)]; + r ^= T[6][(V[9] & 0xFF)]; + r ^= T[7][(V[1] & 0xFF)]; + res[1] = r; + + r = 0; + r ^= T[0][(V[58] & 0xFF)]; + r ^= T[1][(V[50] & 0xFF)]; + r ^= T[2][(V[42] & 0xFF)]; + r ^= T[3][(V[34] & 0xFF)]; + r ^= T[4][(V[26] & 0xFF)]; + r ^= T[5][(V[18] & 0xFF)]; + r ^= T[6][(V[10] & 0xFF)]; + r ^= T[7][(V[2] & 0xFF)]; + res[2] = r; + + r = 0; + r ^= T[0][(V[59] & 0xFF)]; + r ^= T[1][(V[51] & 0xFF)]; + r ^= T[2][(V[43] & 0xFF)]; + r ^= T[3][(V[35] & 0xFF)]; + r ^= T[4][(V[27] & 0xFF)]; + r ^= T[5][(V[19] & 0xFF)]; + r ^= T[6][(V[11] & 0xFF)]; + r ^= T[7][(V[3] & 0xFF)]; + res[3] = r; + + r = 0; + r ^= T[0][(V[60] & 0xFF)]; + r ^= T[1][(V[52] & 0xFF)]; + r ^= T[2][(V[44] & 0xFF)]; + r ^= T[3][(V[36] & 0xFF)]; + r ^= T[4][(V[28] & 0xFF)]; + r ^= T[5][(V[20] & 0xFF)]; + r ^= T[6][(V[12] & 0xFF)]; + r ^= T[7][(V[4] & 0xFF)]; + res[4] = r; + + r = 0; + r ^= T[0][(V[61] & 0xFF)]; + r ^= T[1][(V[53] & 0xFF)]; + r ^= T[2][(V[45] & 0xFF)]; + r ^= T[3][(V[37] & 0xFF)]; + r ^= T[4][(V[29] & 0xFF)]; + r ^= T[5][(V[21] & 0xFF)]; + r ^= T[6][(V[13] & 0xFF)]; + r ^= T[7][(V[5] & 0xFF)]; + res[5] = r; + + r = 0; + r ^= T[0][(V[62] & 0xFF)]; + r ^= T[1][(V[54] & 0xFF)]; + r ^= T[2][(V[46] & 0xFF)]; + r ^= T[3][(V[38] & 0xFF)]; + r ^= T[4][(V[30] & 0xFF)]; + r ^= T[5][(V[22] & 0xFF)]; + r ^= T[6][(V[14] & 0xFF)]; + r ^= T[7][(V[6] & 0xFF)]; + res[6] = r; + + r = 0; + r ^= T[0][(V[63] & 0xFF)]; + r ^= T[1][(V[55] & 0xFF)]; + r ^= T[2][(V[47] & 0xFF)]; + r ^= T[3][(V[39] & 0xFF)]; + r ^= T[4][(V[31] & 0xFF)]; + r ^= T[5][(V[23] & 0xFF)]; + r ^= T[6][(V[15] & 0xFF)]; + r ^= T[7][(V[7] & 0xFF)]; + res[7] = r; + + r = res[0]; + V[7] = (byte)(r >> 56); + V[6] = (byte)(r >> 48); + V[5] = (byte)(r >> 40); + V[4] = (byte)(r >> 32); + V[3] = (byte)(r >> 24); + V[2] = (byte)(r >> 16); + V[1] = (byte)(r >> 8); + V[0] = (byte)(r); + + r = res[1]; + V[15] = (byte)(r >> 56); + V[14] = (byte)(r >> 48); + V[13] = (byte)(r >> 40); + V[12] = (byte)(r >> 32); + V[11] = (byte)(r >> 24); + V[10] = (byte)(r >> 16); + V[9] = (byte)(r >> 8); + V[8] = (byte)(r); + + r = res[2]; + V[23] = (byte)(r >> 56); + V[22] = (byte)(r >> 48); + V[21] = (byte)(r >> 40); + V[20] = (byte)(r >> 32); + V[19] = (byte)(r >> 24); + V[18] = (byte)(r >> 16); + V[17] = (byte)(r >> 8); + V[16] = (byte)(r); + + r = res[3]; + V[31] = (byte)(r >> 56); + V[30] = (byte)(r >> 48); + V[29] = (byte)(r >> 40); + V[28] = (byte)(r >> 32); + V[27] = (byte)(r >> 24); + V[26] = (byte)(r >> 16); + V[25] = (byte)(r >> 8); + V[24] = (byte)(r); + + r = res[4]; + V[39] = (byte)(r >> 56); + V[38] = (byte)(r >> 48); + V[37] = (byte)(r >> 40); + V[36] = (byte)(r >> 32); + V[35] = (byte)(r >> 24); + V[34] = (byte)(r >> 16); + V[33] = (byte)(r >> 8); + V[32] = (byte)(r); + + r = res[5]; + V[47] = (byte)(r >> 56); + V[46] = (byte)(r >> 48); + V[45] = (byte)(r >> 40); + V[44] = (byte)(r >> 32); + V[43] = (byte)(r >> 24); + V[42] = (byte)(r >> 16); + V[41] = (byte)(r >> 8); + V[40] = (byte)(r); + + r = res[6]; + V[55] = (byte)(r >> 56); + V[54] = (byte)(r >> 48); + V[53] = (byte)(r >> 40); + V[52] = (byte)(r >> 32); + V[51] = (byte)(r >> 24); + V[50] = (byte)(r >> 16); + V[49] = (byte)(r >> 8); + V[48] = (byte)(r); + + r = res[7]; + V[63] = (byte)(r >> 56); + V[62] = (byte)(r >> 48); + V[61] = (byte)(r >> 40); + V[60] = (byte)(r >> 32); + V[59] = (byte)(r >> 24); + V[58] = (byte)(r >> 16); + V[57] = (byte)(r >> 8); + V[56] = (byte)(r); + } + + private void xor512(byte[] A, byte[] B) + { + for (int i = 0; i < 64; ++i) + { + A[i] ^= B[i]; + } + } + + private void E(byte[] K, byte[] m) + { + System.Array.Copy(K, 0, Ki, 0, 64); + xor512(K, m); + F(K); + for (int i = 0; i < 11; ++i) + { + xor512(Ki, C[i]); + F(Ki); + xor512(K, Ki); + F(K); + } + xor512(Ki, C[11]); + F(Ki); + xor512(K, Ki); + } + + private void g_N(byte[] h, byte[] N, byte[] m) + { + System.Array.Copy(h, 0, tmp, 0, 64); + + xor512(h, N); + F(h); + + E(h, m); + xor512(h, tmp); + xor512(h, m); + } + + private void addMod512(byte[] A, int num) + { + int c; + c = (A[63] & 0xFF) + (num & 0xFF); + A[63] = (byte)c; + + c = (A[62] & 0xFF) + ((num >> 8) & 0xFF) + (c >> 8); + A[62] = (byte)c; + + for (int i = 61; (i >= 0) && (c > 0); --i) + { + c = (A[i] & 0xFF) + (c >> 8); + A[i] = (byte)c; + } + } + + private void addMod512(byte[] A, byte[] B) + { + for (int c = 0, i = 63; i >= 0; --i) + { + c = (A[i] & 0xFF) + (B[i] & 0xFF) + (c >> 8); + A[i] = (byte)c; + } + } + + private void reverse(byte[] src, byte[] dst) + { + int len = src.Length; + for (int i = 0; i < len; i++) + { + dst[len - 1 - i] = src[i]; + } + } + + private static readonly byte[][] C = new byte[][]{ new byte[]{ + (byte)0xb1, (byte)0x08, (byte)0x5b, (byte)0xda, (byte)0x1e, (byte)0xca, (byte)0xda, (byte)0xe9, + (byte)0xeb, (byte)0xcb, (byte)0x2f, (byte)0x81, (byte)0xc0, (byte)0x65, (byte)0x7c, (byte)0x1f, + (byte)0x2f, (byte)0x6a, (byte)0x76, (byte)0x43, (byte)0x2e, (byte)0x45, (byte)0xd0, (byte)0x16, + (byte)0x71, (byte)0x4e, (byte)0xb8, (byte)0x8d, (byte)0x75, (byte)0x85, (byte)0xc4, (byte)0xfc, + (byte)0x4b, (byte)0x7c, (byte)0xe0, (byte)0x91, (byte)0x92, (byte)0x67, (byte)0x69, (byte)0x01, + (byte)0xa2, (byte)0x42, (byte)0x2a, (byte)0x08, (byte)0xa4, (byte)0x60, (byte)0xd3, (byte)0x15, + (byte)0x05, (byte)0x76, (byte)0x74, (byte)0x36, (byte)0xcc, (byte)0x74, (byte)0x4d, (byte)0x23, + (byte)0xdd, (byte)0x80, (byte)0x65, (byte)0x59, (byte)0xf2, (byte)0xa6, (byte)0x45, (byte)0x07}, + + new byte[]{ + (byte)0x6f, (byte)0xa3, (byte)0xb5, (byte)0x8a, (byte)0xa9, (byte)0x9d, (byte)0x2f, (byte)0x1a, + (byte)0x4f, (byte)0xe3, (byte)0x9d, (byte)0x46, (byte)0x0f, (byte)0x70, (byte)0xb5, (byte)0xd7, + (byte)0xf3, (byte)0xfe, (byte)0xea, (byte)0x72, (byte)0x0a, (byte)0x23, (byte)0x2b, (byte)0x98, + (byte)0x61, (byte)0xd5, (byte)0x5e, (byte)0x0f, (byte)0x16, (byte)0xb5, (byte)0x01, (byte)0x31, + (byte)0x9a, (byte)0xb5, (byte)0x17, (byte)0x6b, (byte)0x12, (byte)0xd6, (byte)0x99, (byte)0x58, + (byte)0x5c, (byte)0xb5, (byte)0x61, (byte)0xc2, (byte)0xdb, (byte)0x0a, (byte)0xa7, (byte)0xca, + (byte)0x55, (byte)0xdd, (byte)0xa2, (byte)0x1b, (byte)0xd7, (byte)0xcb, (byte)0xcd, (byte)0x56, + (byte)0xe6, (byte)0x79, (byte)0x04, (byte)0x70, (byte)0x21, (byte)0xb1, (byte)0x9b, (byte)0xb7}, + new byte[]{ + (byte)0xf5, (byte)0x74, (byte)0xdc, (byte)0xac, (byte)0x2b, (byte)0xce, (byte)0x2f, (byte)0xc7, + (byte)0x0a, (byte)0x39, (byte)0xfc, (byte)0x28, (byte)0x6a, (byte)0x3d, (byte)0x84, (byte)0x35, + (byte)0x06, (byte)0xf1, (byte)0x5e, (byte)0x5f, (byte)0x52, (byte)0x9c, (byte)0x1f, (byte)0x8b, + (byte)0xf2, (byte)0xea, (byte)0x75, (byte)0x14, (byte)0xb1, (byte)0x29, (byte)0x7b, (byte)0x7b, + (byte)0xd3, (byte)0xe2, (byte)0x0f, (byte)0xe4, (byte)0x90, (byte)0x35, (byte)0x9e, (byte)0xb1, + (byte)0xc1, (byte)0xc9, (byte)0x3a, (byte)0x37, (byte)0x60, (byte)0x62, (byte)0xdb, (byte)0x09, + (byte)0xc2, (byte)0xb6, (byte)0xf4, (byte)0x43, (byte)0x86, (byte)0x7a, (byte)0xdb, (byte)0x31, + (byte)0x99, (byte)0x1e, (byte)0x96, (byte)0xf5, (byte)0x0a, (byte)0xba, (byte)0x0a, (byte)0xb2}, + new byte[]{ + (byte)0xef, (byte)0x1f, (byte)0xdf, (byte)0xb3, (byte)0xe8, (byte)0x15, (byte)0x66, (byte)0xd2, + (byte)0xf9, (byte)0x48, (byte)0xe1, (byte)0xa0, (byte)0x5d, (byte)0x71, (byte)0xe4, (byte)0xdd, + (byte)0x48, (byte)0x8e, (byte)0x85, (byte)0x7e, (byte)0x33, (byte)0x5c, (byte)0x3c, (byte)0x7d, + (byte)0x9d, (byte)0x72, (byte)0x1c, (byte)0xad, (byte)0x68, (byte)0x5e, (byte)0x35, (byte)0x3f, + (byte)0xa9, (byte)0xd7, (byte)0x2c, (byte)0x82, (byte)0xed, (byte)0x03, (byte)0xd6, (byte)0x75, + (byte)0xd8, (byte)0xb7, (byte)0x13, (byte)0x33, (byte)0x93, (byte)0x52, (byte)0x03, (byte)0xbe, + (byte)0x34, (byte)0x53, (byte)0xea, (byte)0xa1, (byte)0x93, (byte)0xe8, (byte)0x37, (byte)0xf1, + (byte)0x22, (byte)0x0c, (byte)0xbe, (byte)0xbc, (byte)0x84, (byte)0xe3, (byte)0xd1, (byte)0x2e}, + new byte[] { + (byte)0x4b, (byte)0xea, (byte)0x6b, (byte)0xac, (byte)0xad, (byte)0x47, (byte)0x47, (byte)0x99, + (byte)0x9a, (byte)0x3f, (byte)0x41, (byte)0x0c, (byte)0x6c, (byte)0xa9, (byte)0x23, (byte)0x63, + (byte)0x7f, (byte)0x15, (byte)0x1c, (byte)0x1f, (byte)0x16, (byte)0x86, (byte)0x10, (byte)0x4a, + (byte)0x35, (byte)0x9e, (byte)0x35, (byte)0xd7, (byte)0x80, (byte)0x0f, (byte)0xff, (byte)0xbd, + (byte)0xbf, (byte)0xcd, (byte)0x17, (byte)0x47, (byte)0x25, (byte)0x3a, (byte)0xf5, (byte)0xa3, + (byte)0xdf, (byte)0xff, (byte)0x00, (byte)0xb7, (byte)0x23, (byte)0x27, (byte)0x1a, (byte)0x16, + (byte)0x7a, (byte)0x56, (byte)0xa2, (byte)0x7e, (byte)0xa9, (byte)0xea, (byte)0x63, (byte)0xf5, + (byte)0x60, (byte)0x17, (byte)0x58, (byte)0xfd, (byte)0x7c, (byte)0x6c, (byte)0xfe, (byte)0x57}, + new byte[]{ + (byte)0xae, (byte)0x4f, (byte)0xae, (byte)0xae, (byte)0x1d, (byte)0x3a, (byte)0xd3, (byte)0xd9, + (byte)0x6f, (byte)0xa4, (byte)0xc3, (byte)0x3b, (byte)0x7a, (byte)0x30, (byte)0x39, (byte)0xc0, + (byte)0x2d, (byte)0x66, (byte)0xc4, (byte)0xf9, (byte)0x51, (byte)0x42, (byte)0xa4, (byte)0x6c, + (byte)0x18, (byte)0x7f, (byte)0x9a, (byte)0xb4, (byte)0x9a, (byte)0xf0, (byte)0x8e, (byte)0xc6, + (byte)0xcf, (byte)0xfa, (byte)0xa6, (byte)0xb7, (byte)0x1c, (byte)0x9a, (byte)0xb7, (byte)0xb4, + (byte)0x0a, (byte)0xf2, (byte)0x1f, (byte)0x66, (byte)0xc2, (byte)0xbe, (byte)0xc6, (byte)0xb6, + (byte)0xbf, (byte)0x71, (byte)0xc5, (byte)0x72, (byte)0x36, (byte)0x90, (byte)0x4f, (byte)0x35, + (byte)0xfa, (byte)0x68, (byte)0x40, (byte)0x7a, (byte)0x46, (byte)0x64, (byte)0x7d, (byte)0x6e}, + new byte[] { + (byte)0xf4, (byte)0xc7, (byte)0x0e, (byte)0x16, (byte)0xee, (byte)0xaa, (byte)0xc5, (byte)0xec, + (byte)0x51, (byte)0xac, (byte)0x86, (byte)0xfe, (byte)0xbf, (byte)0x24, (byte)0x09, (byte)0x54, + (byte)0x39, (byte)0x9e, (byte)0xc6, (byte)0xc7, (byte)0xe6, (byte)0xbf, (byte)0x87, (byte)0xc9, + (byte)0xd3, (byte)0x47, (byte)0x3e, (byte)0x33, (byte)0x19, (byte)0x7a, (byte)0x93, (byte)0xc9, + (byte)0x09, (byte)0x92, (byte)0xab, (byte)0xc5, (byte)0x2d, (byte)0x82, (byte)0x2c, (byte)0x37, + (byte)0x06, (byte)0x47, (byte)0x69, (byte)0x83, (byte)0x28, (byte)0x4a, (byte)0x05, (byte)0x04, + (byte)0x35, (byte)0x17, (byte)0x45, (byte)0x4c, (byte)0xa2, (byte)0x3c, (byte)0x4a, (byte)0xf3, + (byte)0x88, (byte)0x86, (byte)0x56, (byte)0x4d, (byte)0x3a, (byte)0x14, (byte)0xd4, (byte)0x93}, + new byte[] { + (byte)0x9b, (byte)0x1f, (byte)0x5b, (byte)0x42, (byte)0x4d, (byte)0x93, (byte)0xc9, (byte)0xa7, + (byte)0x03, (byte)0xe7, (byte)0xaa, (byte)0x02, (byte)0x0c, (byte)0x6e, (byte)0x41, (byte)0x41, + (byte)0x4e, (byte)0xb7, (byte)0xf8, (byte)0x71, (byte)0x9c, (byte)0x36, (byte)0xde, (byte)0x1e, + (byte)0x89, (byte)0xb4, (byte)0x44, (byte)0x3b, (byte)0x4d, (byte)0xdb, (byte)0xc4, (byte)0x9a, + (byte)0xf4, (byte)0x89, (byte)0x2b, (byte)0xcb, (byte)0x92, (byte)0x9b, (byte)0x06, (byte)0x90, + (byte)0x69, (byte)0xd1, (byte)0x8d, (byte)0x2b, (byte)0xd1, (byte)0xa5, (byte)0xc4, (byte)0x2f, + (byte)0x36, (byte)0xac, (byte)0xc2, (byte)0x35, (byte)0x59, (byte)0x51, (byte)0xa8, (byte)0xd9, + (byte)0xa4, (byte)0x7f, (byte)0x0d, (byte)0xd4, (byte)0xbf, (byte)0x02, (byte)0xe7, (byte)0x1e}, + new byte[]{ + (byte)0x37, (byte)0x8f, (byte)0x5a, (byte)0x54, (byte)0x16, (byte)0x31, (byte)0x22, (byte)0x9b, + (byte)0x94, (byte)0x4c, (byte)0x9a, (byte)0xd8, (byte)0xec, (byte)0x16, (byte)0x5f, (byte)0xde, + (byte)0x3a, (byte)0x7d, (byte)0x3a, (byte)0x1b, (byte)0x25, (byte)0x89, (byte)0x42, (byte)0x24, + (byte)0x3c, (byte)0xd9, (byte)0x55, (byte)0xb7, (byte)0xe0, (byte)0x0d, (byte)0x09, (byte)0x84, + (byte)0x80, (byte)0x0a, (byte)0x44, (byte)0x0b, (byte)0xdb, (byte)0xb2, (byte)0xce, (byte)0xb1, + (byte)0x7b, (byte)0x2b, (byte)0x8a, (byte)0x9a, (byte)0xa6, (byte)0x07, (byte)0x9c, (byte)0x54, + (byte)0x0e, (byte)0x38, (byte)0xdc, (byte)0x92, (byte)0xcb, (byte)0x1f, (byte)0x2a, (byte)0x60, + (byte)0x72, (byte)0x61, (byte)0x44, (byte)0x51, (byte)0x83, (byte)0x23, (byte)0x5a, (byte)0xdb}, + new byte[] { + (byte)0xab, (byte)0xbe, (byte)0xde, (byte)0xa6, (byte)0x80, (byte)0x05, (byte)0x6f, (byte)0x52, + (byte)0x38, (byte)0x2a, (byte)0xe5, (byte)0x48, (byte)0xb2, (byte)0xe4, (byte)0xf3, (byte)0xf3, + (byte)0x89, (byte)0x41, (byte)0xe7, (byte)0x1c, (byte)0xff, (byte)0x8a, (byte)0x78, (byte)0xdb, + (byte)0x1f, (byte)0xff, (byte)0xe1, (byte)0x8a, (byte)0x1b, (byte)0x33, (byte)0x61, (byte)0x03, + (byte)0x9f, (byte)0xe7, (byte)0x67, (byte)0x02, (byte)0xaf, (byte)0x69, (byte)0x33, (byte)0x4b, + (byte)0x7a, (byte)0x1e, (byte)0x6c, (byte)0x30, (byte)0x3b, (byte)0x76, (byte)0x52, (byte)0xf4, + (byte)0x36, (byte)0x98, (byte)0xfa, (byte)0xd1, (byte)0x15, (byte)0x3b, (byte)0xb6, (byte)0xc3, + (byte)0x74, (byte)0xb4, (byte)0xc7, (byte)0xfb, (byte)0x98, (byte)0x45, (byte)0x9c, (byte)0xed}, + new byte[] { + (byte)0x7b, (byte)0xcd, (byte)0x9e, (byte)0xd0, (byte)0xef, (byte)0xc8, (byte)0x89, (byte)0xfb, + (byte)0x30, (byte)0x02, (byte)0xc6, (byte)0xcd, (byte)0x63, (byte)0x5a, (byte)0xfe, (byte)0x94, + (byte)0xd8, (byte)0xfa, (byte)0x6b, (byte)0xbb, (byte)0xeb, (byte)0xab, (byte)0x07, (byte)0x61, + (byte)0x20, (byte)0x01, (byte)0x80, (byte)0x21, (byte)0x14, (byte)0x84, (byte)0x66, (byte)0x79, + (byte)0x8a, (byte)0x1d, (byte)0x71, (byte)0xef, (byte)0xea, (byte)0x48, (byte)0xb9, (byte)0xca, + (byte)0xef, (byte)0xba, (byte)0xcd, (byte)0x1d, (byte)0x7d, (byte)0x47, (byte)0x6e, (byte)0x98, + (byte)0xde, (byte)0xa2, (byte)0x59, (byte)0x4a, (byte)0xc0, (byte)0x6f, (byte)0xd8, (byte)0x5d, + (byte)0x6b, (byte)0xca, (byte)0xa4, (byte)0xcd, (byte)0x81, (byte)0xf3, (byte)0x2d, (byte)0x1b}, + new byte[] { + (byte)0x37, (byte)0x8e, (byte)0xe7, (byte)0x67, (byte)0xf1, (byte)0x16, (byte)0x31, (byte)0xba, + (byte)0xd2, (byte)0x13, (byte)0x80, (byte)0xb0, (byte)0x04, (byte)0x49, (byte)0xb1, (byte)0x7a, + (byte)0xcd, (byte)0xa4, (byte)0x3c, (byte)0x32, (byte)0xbc, (byte)0xdf, (byte)0x1d, (byte)0x77, + (byte)0xf8, (byte)0x20, (byte)0x12, (byte)0xd4, (byte)0x30, (byte)0x21, (byte)0x9f, (byte)0x9b, + (byte)0x5d, (byte)0x80, (byte)0xef, (byte)0x9d, (byte)0x18, (byte)0x91, (byte)0xcc, (byte)0x86, + (byte)0xe7, (byte)0x1d, (byte)0xa4, (byte)0xaa, (byte)0x88, (byte)0xe1, (byte)0x28, (byte)0x52, + (byte)0xfa, (byte)0xf4, (byte)0x17, (byte)0xd5, (byte)0xd9, (byte)0xb2, (byte)0x1b, (byte)0x99, + (byte)0x48, (byte)0xbc, (byte)0x92, (byte)0x4a, (byte)0xf1, (byte)0x1b, (byte)0xd7, (byte)0x20} + }; + + private static readonly byte[] Zero = { + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 + }; + + private readonly static ulong[][] T = { + new ulong[] { + 0xE6F87E5C5B711FD0L, 0x258377800924FA16L, 0xC849E07E852EA4A8L, 0x5B4686A18F06C16AL, + 0x0B32E9A2D77B416EL, 0xABDA37A467815C66L, 0xF61796A81A686676L, 0xF5DC0B706391954BL, + 0x4862F38DB7E64BF1L, 0xFF5C629A68BD85C5L, 0xCB827DA6FCD75795L, 0x66D36DAF69B9F089L, + 0x356C9F74483D83B0L, 0x7CBCECB1238C99A1L, 0x36A702AC31C4708DL, 0x9EB6A8D02FBCDFD6L, + 0x8B19FA51E5B3AE37L, 0x9CCFB5408A127D0BL, 0xBC0C78B508208F5AL, 0xE533E3842288ECEDL, + 0xCEC2C7D377C15FD2L, 0xEC7817B6505D0F5EL, 0xB94CC2C08336871DL, 0x8C205DB4CB0B04ADL, + 0x763C855B28A0892FL, 0x588D1B79F6FF3257L, 0x3FECF69E4311933EL, 0x0FC0D39F803A18C9L, + 0xEE010A26F5F3AD83L, 0x10EFE8F4411979A6L, 0x5DCDA10C7DE93A10L, 0x4A1BEE1D1248E92CL, + 0x53BFF2DB21847339L, 0xB4F50CCFA6A23D09L, 0x5FB4BC9CD84798CDL, 0xE88A2D8B071C56F9L, + 0x7F7771695A756A9CL, 0xC5F02E71A0BA1EBCL, 0xA663F9AB4215E672L, 0x2EB19E22DE5FBB78L, + 0x0DB9CE0F2594BA14L, 0x82520E6397664D84L, 0x2F031E6A0208EA98L, 0x5C7F2144A1BE6BF0L, + 0x7A37CB1CD16362DBL, 0x83E08E2B4B311C64L, 0xCF70479BAB960E32L, 0x856BA986B9DEE71EL, + 0xB5478C877AF56CE9L, 0xB8FE42885F61D6FDL, 0x1BDD0156966238C8L, 0x622157923EF8A92EL, + 0xFC97FF42114476F8L, 0x9D7D350856452CEBL, 0x4C90C9B0E0A71256L, 0x2308502DFBCB016CL, + 0x2D7A03FAA7A64845L, 0xF46E8B38BFC6C4ABL, 0xBDBEF8FDD477DEBAL, 0x3AAC4CEBC8079B79L, + 0xF09CB105E8879D0CL, 0x27FA6A10AC8A58CBL, 0x8960E7C1401D0CEAL, 0x1A6F811E4A356928L, + 0x90C4FB0773D196FFL, 0x43501A2F609D0A9FL, 0xF7A516E0C63F3796L, 0x1CE4A6B3B8DA9252L, + 0x1324752C38E08A9BL, 0xA5A864733BEC154FL, 0x2BF124575549B33FL, 0xD766DB15440DC5C7L, + 0xA7D179E39E42B792L, 0xDADF151A61997FD3L, 0x86A0345EC0271423L, 0x38D5517B6DA939A4L, + 0x6518F077104003B4L, 0x02791D90A5AEA2DDL, 0x88D267899C4A5D0AL, 0x930F66DF0A2865C2L, + 0x4EE9D4204509B08BL, 0x325538916685292AL, 0x412907BFC533A842L, 0xB27E2B62544DC673L, + 0x6C5304456295E007L, 0x5AF406E95351908AL, 0x1F2F3B6BC123616FL, 0xC37B09DC5255E5C6L, + 0x3967D133B1FE6844L, 0x298839C7F0E711E2L, 0x409B87F71964F9A2L, 0xE938ADC3DB4B0719L, + 0x0C0B4E47F9C3EBF4L, 0x5534D576D36B8843L, 0x4610A05AEB8B02D8L, 0x20C3CDF58232F251L, + 0x6DE1840DBEC2B1E7L, 0xA0E8DE06B0FA1D08L, 0x7B854B540D34333BL, 0x42E29A67BCCA5B7FL, + 0xD8A6088AC437DD0EL, 0xC63BB3A9D943ED81L, 0x21714DBD5E65A3B1L, 0x6761EDE7B5EEA169L, + 0x2431F7C8D573ABF6L, 0xD51FC685E1A3671AL, 0x5E063CD40410C92DL, 0x283AB98F2CB04002L, + 0x8FEBC06CB2F2F790L, 0x17D64F116FA1D33CL, 0xE07359F1A99EE4AAL, 0x784ED68C74CDC006L, + 0x6E2A19D5C73B42DAL, 0x8712B4161C7045C3L, 0x371582E4ED93216DL, 0xACE390414939F6FCL, + 0x7EC5F12186223B7CL, 0xC0B094042BAC16FBL, 0xF9D745379A527EBFL, 0x737C3F2EA3B68168L, + 0x33E7B8D9BAD278CAL, 0xA9A32A34C22FFEBBL, 0xE48163CCFEDFBD0DL, 0x8E5940246EA5A670L, + 0x51C6EF4B842AD1E4L, 0x22BAD065279C508CL, 0xD91488C218608CEEL, 0x319EA5491F7CDA17L, + 0xD394E128134C9C60L, 0x094BF43272D5E3B3L, 0x9BF612A5A4AAD791L, 0xCCBBDA43D26FFD0FL, + 0x34DE1F3C946AD250L, 0x4F5B5468995EE16BL, 0xDF9FAF6FEA8F7794L, 0x2648EA5870DD092BL, + 0xBFC7E56D71D97C67L, 0xDDE6B2FF4F21D549L, 0x3C276B463AE86003L, 0x91767B4FAF86C71FL, + 0x68A13E7835D4B9A0L, 0xB68C115F030C9FD4L, 0x141DD2C916582001L, 0x983D8F7DDD5324ACL, + 0x64AA703FCC175254L, 0xC2C989948E02B426L, 0x3E5E76D69F46C2DEL, 0x50746F03587D8004L, + 0x45DB3D829272F1E5L, 0x60584A029B560BF3L, 0xFBAE58A73FFCDC62L, 0xA15A5E4E6CAD4CE8L, + 0x4BA96E55CE1FB8CCL, 0x08F9747AAE82B253L, 0xC102144CF7FB471BL, 0x9F042898F3EB8E36L, + 0x068B27ADF2EFFB7AL, 0xEDCA97FE8C0A5EBEL, 0x778E0513F4F7D8CFL, 0x302C2501C32B8BF7L, + 0x8D92DDFC175C554DL, 0xF865C57F46052F5FL, 0xEAF3301BA2B2F424L, 0xAA68B7ECBBD60D86L, + 0x998F0F350104754CL, 0x0000000000000000L, 0xF12E314D34D0CCECL, 0x710522BE061823B5L, + 0xAF280D9930C005C1L, 0x97FD5CE25D693C65L, 0x19A41CC633CC9A15L, 0x95844172F8C79EB8L, + 0xDC5432B7937684A9L, 0x9436C13A2490CF58L, 0x802B13F332C8EF59L, 0xC442AE397CED4F5CL, + 0xFA1CD8EFE3AB8D82L, 0xF2E5AC954D293FD1L, 0x6AD823E8907A1B7DL, 0x4D2249F83CF043B6L, + 0x03CB9DD879F9F33DL, 0xDE2D2F2736D82674L, 0x2A43A41F891EE2DFL, 0x6F98999D1B6C133AL, + 0xD4AD46CD3DF436FAL, 0xBB35DF50269825C0L, 0x964FDCAA813E6D85L, 0xEB41B0537EE5A5C4L, + 0x0540BA758B160847L, 0xA41AE43BE7BB44AFL, 0xE3B8C429D0671797L, 0x819993BBEE9FBEB9L, + 0xAE9A8DD1EC975421L, 0xF3572CDD917E6E31L, 0x6393D7DAE2AFF8CEL, 0x47A2201237DC5338L, + 0xA32343DEC903EE35L, 0x79FC56C4A89A91E6L, 0x01B28048DC5751E0L, 0x1296F564E4B7DB7BL, + 0x75F7188351597A12L, 0xDB6D9552BDCE2E33L, 0x1E9DBB231D74308FL, 0x520D7293FDD322D9L, + 0xE20A44610C304677L, 0xFEEEE2D2B4EAD425L, 0xCA30FDEE20800675L, 0x61EACA4A47015A13L, + 0xE74AFE1487264E30L, 0x2CC883B27BF119A5L, 0x1664CF59B3F682DCL, 0xA811AA7C1E78AF5BL, + 0x1D5626FB648DC3B2L, 0xB73E9117DF5BCE34L, 0xD05F7CF06AB56F5DL, 0xFD257F0ACD132718L, + 0x574DC8E676C52A9EL, 0x0739A7E52EB8AA9AL, 0x5486553E0F3CD9A3L, 0x56FF48AEAA927B7EL, + 0xBE756525AD8E2D87L, 0x7D0E6CF9FFDBC841L, 0x3B1ECCA31450CA99L, 0x6913BE30E983E840L, + 0xAD511009956EA71CL, 0xB1B5B6BA2DB4354EL, 0x4469BDCA4E25A005L, 0x15AF5281CA0F71E1L, + 0x744598CB8D0E2BF2L, 0x593F9B312AA863B7L, 0xEFB38A6E29A4FC63L, 0x6B6AA3A04C2D4A9DL, + 0x3D95EB0EE6BF31E3L, 0xA291C3961554BFD5L, 0x18169C8EEF9BCBF5L, 0x115D68BC9D4E2846L, + 0xBA875F18FACF7420L, 0xD1EDFCB8B6E23EBDL, 0xB00736F2F1E364AEL, 0x84D929CE6589B6FEL, + 0x70B7A2F6DA4F7255L, 0x0E7253D75C6D4929L, 0x04F23A3D574159A7L, 0x0A8069EA0B2C108EL, + 0x49D073C56BB11A11L, 0x8AAB7A1939E4FFD7L, 0xCD095A0B0E38ACEFL, 0xC9FB60365979F548L, + 0x92BDE697D67F3422L, 0xC78933E10514BC61L, 0xE1C1D9B975C9B54AL, 0xD2266160CF1BCD80L, + 0x9A4492ED78FD8671L, 0xB3CCAB2A881A9793L, 0x72CEBF667FE1D088L, 0xD6D45B5D985A9427L + }, + new ulong[]{ + 0xC811A8058C3F55DEL, 0x65F5B43196B50619L, 0xF74F96B1D6706E43L, 0x859D1E8BCB43D336L, + 0x5AAB8A85CCFA3D84L, 0xF9C7BF99C295FCFDL, 0xA21FD5A1DE4B630FL, 0xCDB3EF763B8B456DL, + 0x803F59F87CF7C385L, 0xB27C73BE5F31913CL, 0x98E3AC6633B04821L, 0xBF61674C26B8F818L, + 0x0FFBC995C4C130C8L, 0xAAA0862010761A98L, 0x6057F342210116AAL, 0xF63C760C0654CC35L, + 0x2DDB45CC667D9042L, 0xBCF45A964BD40382L, 0x68E8A0C3EF3C6F3DL, 0xA7BD92D269FF73BCL, + 0x290AE20201ED2287L, 0xB7DE34CDE885818FL, 0xD901EEA7DD61059BL, 0xD6FA273219A03553L, + 0xD56F1AE874CCCEC9L, 0xEA31245C2E83F554L, 0x7034555DA07BE499L, 0xCE26D2AC56E7BEF7L, + 0xFD161857A5054E38L, 0x6A0E7DA4527436D1L, 0x5BD86A381CDE9FF2L, 0xCAF7756231770C32L, + 0xB09AAED9E279C8D0L, 0x5DEF1091C60674DBL, 0x111046A2515E5045L, 0x23536CE4729802FCL, + 0xC50CBCF7F5B63CFAL, 0x73A16887CD171F03L, 0x7D2941AFD9F28DBDL, 0x3F5E3EB45A4F3B9DL, + 0x84EEFE361B677140L, 0x3DB8E3D3E7076271L, 0x1A3A28F9F20FD248L, 0x7EBC7C75B49E7627L, + 0x74E5F293C7EB565CL, 0x18DCF59E4F478BA4L, 0x0C6EF44FA9ADCB52L, 0xC699812D98DAC760L, + 0x788B06DC6E469D0EL, 0xFC65F8EA7521EC4EL, 0x30A5F7219E8E0B55L, 0x2BEC3F65BCA57B6BL, + 0xDDD04969BAF1B75EL, 0x99904CDBE394EA57L, 0x14B201D1E6EA40F6L, 0xBBB0C08241284ADDL, + 0x50F20463BF8F1DFFL, 0xE8D7F93B93CBACB8L, 0x4D8CB68E477C86E8L, 0xC1DD1B3992268E3FL, + 0x7C5AA11209D62FCBL, 0x2F3D98ABDB35C9AEL, 0x671369562BFD5FF5L, 0x15C1E16C36CEE280L, + 0x1D7EB2EDF8F39B17L, 0xDA94D37DB00DFE01L, 0x877BC3EC760B8ADAL, 0xCB8495DFE153AE44L, + 0x05A24773B7B410B3L, 0x12857B783C32ABDFL, 0x8EB770D06812513BL, 0x536739B9D2E3E665L, + 0x584D57E271B26468L, 0xD789C78FC9849725L, 0xA935BBFA7D1AE102L, 0x8B1537A3DFA64188L, + 0xD0CD5D9BC378DE7AL, 0x4AC82C9A4D80CFB7L, 0x42777F1B83BDB620L, 0x72D2883A1D33BD75L, + 0x5E7A2D4BAB6A8F41L, 0xF4DAAB6BBB1C95D9L, 0x905CFFE7FD8D31B6L, 0x83AA6422119B381FL, + 0xC0AEFB8442022C49L, 0xA0F908C663033AE3L, 0xA428AF0804938826L, 0xADE41C341A8A53C7L, + 0xAE7121EE77E6A85DL, 0xC47F5C4A25929E8CL, 0xB538E9AA55CDD863L, 0x06377AA9DAD8EB29L, + 0xA18AE87BB3279895L, 0x6EDFDA6A35E48414L, 0x6B7D9D19825094A7L, 0xD41CFA55A4E86CBFL, + 0xE5CAEDC9EA42C59CL, 0xA36C351C0E6FC179L, 0x5181E4DE6FABBF89L, 0xFFF0C530184D17D4L, + 0x9D41EB1584045892L, 0x1C0D525028D73961L, 0xF178EC180CA8856AL, 0x9A0571018EF811CDL, + 0x4091A27C3EF5EFCCL, 0x19AF15239F6329D2L, 0x347450EFF91EB990L, 0xE11B4A078DD27759L, + 0xB9561DE5FC601331L, 0x912F1F5A2DA993C0L, 0x1654DCB65BA2191AL, 0x3E2DDE098A6B99EBL, + 0x8A66D71E0F82E3FEL, 0x8C51ADB7D55A08D7L, 0x4533E50F8941FF7FL, 0x02E6DD67BD4859ECL, + 0xE068AABA5DF6D52FL, 0xC24826E3FF4A75A5L, 0x6C39070D88ACDDF8L, 0x6486548C4691A46FL, + 0xD1BEBD26135C7C0CL, 0xB30F93038F15334AL, 0x82D9849FC1BF9A69L, 0x9C320BA85420FAE4L, + 0xFA528243AFF90767L, 0x9ED4D6CFE968A308L, 0xB825FD582C44B147L, 0x9B7691BC5EDCB3BBL, + 0xC7EA619048FE6516L, 0x1063A61F817AF233L, 0x47D538683409A693L, 0x63C2CE984C6DED30L, + 0x2A9FDFD86C81D91DL, 0x7B1E3B06032A6694L, 0x666089EBFBD9FD83L, 0x0A598EE67375207BL, + 0x07449A140AFC495FL, 0x2CA8A571B6593234L, 0x1F986F8A45BBC2FBL, 0x381AA4A050B372C2L, + 0x5423A3ADD81FAF3AL, 0x17273C0B8B86BB6CL, 0xFE83258DC869B5A2L, 0x287902BFD1C980F1L, + 0xF5A94BD66B3837AFL, 0x88800A79B2CABA12L, 0x55504310083B0D4CL, 0xDF36940E07B9EEB2L, + 0x04D1A7CE6790B2C5L, 0x612413FFF125B4DCL, 0x26F12B97C52C124FL, 0x86082351A62F28ACL, + 0xEF93632F9937E5E7L, 0x3507B052293A1BE6L, 0xE72C30AE570A9C70L, 0xD3586041AE1425E0L, + 0xDE4574B3D79D4CC4L, 0x92BA228040C5685AL, 0xF00B0CA5DC8C271CL, 0xBE1287F1F69C5A6EL, + 0xF39E317FB1E0DC86L, 0x495D114020EC342DL, 0x699B407E3F18CD4BL, 0xDCA3A9D46AD51528L, + 0x0D1D14F279896924L, 0x0000000000000000L, 0x593EB75FA196C61EL, 0x2E4E78160B116BD8L, + 0x6D4AE7B058887F8EL, 0xE65FD013872E3E06L, 0x7A6DDBBBD30EC4E2L, 0xAC97FC89CAAEF1B1L, + 0x09CCB33C1E19DBE1L, 0x89F3EAC462EE1864L, 0x7770CF49AA87ADC6L, 0x56C57ECA6557F6D6L, + 0x03953DDA6D6CFB9AL, 0x36928D884456E07CL, 0x1EEB8F37959F608DL, 0x31D6179C4EAAA923L, + 0x6FAC3AD7E5C02662L, 0x43049FA653991456L, 0xABD3669DC052B8EEL, 0xAF02C153A7C20A2BL, + 0x3CCB036E3723C007L, 0x93C9C23D90E1CA2CL, 0xC33BC65E2F6ED7D3L, 0x4CFF56339758249EL, + 0xB1E94E64325D6AA6L, 0x37E16D359472420AL, 0x79F8E661BE623F78L, 0x5214D90402C74413L, + 0x482EF1FDF0C8965BL, 0x13F69BC5EC1609A9L, 0x0E88292814E592BEL, 0x4E198B542A107D72L, + 0xCCC00FCBEBAFE71BL, 0x1B49C844222B703EL, 0x2564164DA840E9D5L, 0x20C6513E1FF4F966L, + 0xBAC3203F910CE8ABL, 0xF2EDD1C261C47EF0L, 0x814CB945ACD361F3L, 0x95FEB8944A392105L, + 0x5C9CF02C1622D6ADL, 0x971865F3F77178E9L, 0xBD87BA2B9BF0A1F4L, 0x444005B259655D09L, + 0xED75BE48247FBC0BL, 0x7596122E17CFF42AL, 0xB44B091785E97A15L, 0x966B854E2755DA9FL, + 0xEEE0839249134791L, 0x32432A4623C652B9L, 0xA8465B47AD3E4374L, 0xF8B45F2412B15E8BL, + 0x2417F6F078644BA3L, 0xFB2162FE7FDDA511L, 0x4BBBCC279DA46DC1L, 0x0173E0BDD024A276L, + 0x22208C59A2BCA08AL, 0x8FC4906DB836F34DL, 0xE4B90D743A6667EAL, 0x7147B5E0705F46EFL, + 0x2782CB2A1508B039L, 0xEC065EF5F45B1E7DL, 0x21B5B183CFD05B10L, 0xDBE733C060295C77L, + 0x9FA73672394C017EL, 0xCF55321186C31C81L, 0xD8720E1A0D45A7EDL, 0x3B8F997A3DDF8958L, + 0x3AFC79C7EDFB2B2EL, 0xE9A4198643EF0ECEL, 0x5F09CDF67B4E2D37L, 0x4F6A6BE9FA34DF04L, + 0xB6ADD47038A123F9L, 0x8D224D0A057EAAA1L, 0xC96248B85C1BF7A8L, 0xE3FD9760309A2EB5L, + 0x0B2A6E5BA351820DL, 0xEB42C4E1FEA75722L, 0x948D58299A1D8373L, 0x7FCF9CC864BAD451L, + 0xA55B4FB5D4B72A50L, 0x08BF5381CE3D7997L, 0x46A6D8D5E42D04E5L, 0xD22B80FC7E308796L, + 0x57B69E77B57354A0L, 0x3969441D8097D0B4L, 0x3330CAFBF3E2F0CFL, 0xE28E77DDE0BE8CC3L, + 0x62B12E259C494F46L, 0xA6CE726FB9DBD1CAL, 0x41E242C1EED14DBAL, 0x76032FF47AA30FB0L + }, + new ulong[]{ + 0x45B268A93ACDE4CCL, 0xAF7F0BE884549D08L, 0x048354B3C1468263L, 0x925435C2C80EFED2L, + 0xEE4E37F27FDFFBA7L, 0x167A33920C60F14DL, 0xFB123B52EA03E584L, 0x4A0CAB53FDBB9007L, + 0x9DEAF6380F788A19L, 0xCB48EC558F0CB32AL, 0xB59DC4B2D6FEF7E0L, 0xDCDBCA22F4F3ECB6L, + 0x11DF5813549A9C40L, 0xE33FDEDF568ACED3L, 0xA0C1C8124322E9C3L, 0x07A56B8158FA6D0DL, + 0x77279579B1E1F3DDL, 0xD9B18B74422AC004L, 0xB8EC2D9FFFABC294L, 0xF4ACF8A82D75914FL, + 0x7BBF69B1EF2B6878L, 0xC4F62FAF487AC7E1L, 0x76CE809CC67E5D0CL, 0x6711D88F92E4C14CL, + 0x627B99D9243DEDFEL, 0x234AA5C3DFB68B51L, 0x909B1F15262DBF6DL, 0x4F66EA054B62BCB5L, + 0x1AE2CF5A52AA6AE8L, 0xBEA053FBD0CE0148L, 0xED6808C0E66314C9L, 0x43FE16CD15A82710L, + 0xCD049231A06970F6L, 0xE7BC8A6C97CC4CB0L, 0x337CE835FCB3B9C0L, 0x65DEF2587CC780F3L, + 0x52214EDE4132BB50L, 0x95F15E4390F493DFL, 0x870839625DD2E0F1L, 0x41313C1AFB8B66AFL, + 0x91720AF051B211BCL, 0x477D427ED4EEA573L, 0x2E3B4CEEF6E3BE25L, 0x82627834EB0BCC43L, + 0x9C03E3DD78E724C8L, 0x2877328AD9867DF9L, 0x14B51945E243B0F2L, 0x574B0F88F7EB97E2L, + 0x88B6FA989AA4943AL, 0x19C4F068CB168586L, 0x50EE6409AF11FAEFL, 0x7DF317D5C04EABA4L, + 0x7A567C5498B4C6A9L, 0xB6BBFB804F42188EL, 0x3CC22BCF3BC5CD0BL, 0xD04336EAAA397713L, + 0xF02FAC1BEC33132CL, 0x2506DBA7F0D3488DL, 0xD7E65D6BF2C31A1EL, 0x5EB9B2161FF820F5L, + 0x842E0650C46E0F9FL, 0x716BEB1D9E843001L, 0xA933758CAB315ED4L, 0x3FE414FDA2792265L, + 0x27C9F1701EF00932L, 0x73A4C1CA70A771BEL, 0x94184BA6E76B3D0EL, 0x40D829FF8C14C87EL, + 0x0FBEC3FAC77674CBL, 0x3616A9634A6A9572L, 0x8F139119C25EF937L, 0xF545ED4D5AEA3F9EL, + 0xE802499650BA387BL, 0x6437E7BD0B582E22L, 0xE6559F89E053E261L, 0x80AD52E305288DFCL, + 0x6DC55A23E34B9935L, 0xDE14E0F51AD0AD09L, 0xC6390578A659865EL, 0x96D7617109487CB1L, + 0xE2D6CB3A21156002L, 0x01E915E5779FAED1L, 0xADB0213F6A77DCB7L, 0x9880B76EB9A1A6ABL, + 0x5D9F8D248644CF9BL, 0xFD5E4536C5662658L, 0xF1C6B9FE9BACBDFDL, 0xEACD6341BE9979C4L, + 0xEFA7221708405576L, 0x510771ECD88E543EL, 0xC2BA51CB671F043DL, 0x0AD482AC71AF5879L, + 0xFE787A045CDAC936L, 0xB238AF338E049AEDL, 0xBD866CC94972EE26L, 0x615DA6EBBD810290L, + 0x3295FDD08B2C1711L, 0xF834046073BF0AEAL, 0xF3099329758FFC42L, 0x1CAEB13E7DCFA934L, + 0xBA2307481188832BL, 0x24EFCE42874CE65CL, 0x0E57D61FB0E9DA1AL, 0xB3D1BAD6F99B343CL, + 0xC0757B1C893C4582L, 0x2B510DB8403A9297L, 0x5C7698C1F1DB614AL, 0x3E0D0118D5E68CB4L, + 0xD60F488E855CB4CFL, 0xAE961E0DF3CB33D9L, 0x3A8E55AB14A00ED7L, 0x42170328623789C1L, + 0x838B6DD19C946292L, 0x895FEF7DED3B3AEBL, 0xCFCBB8E64E4A3149L, 0x064C7E642F65C3DCL, + 0x3D2B3E2A4C5A63DAL, 0x5BD3F340A9210C47L, 0xB474D157A1615931L, 0xAC5934DA1DE87266L, + 0x6EE365117AF7765BL, 0xC86ED36716B05C44L, 0x9BA6885C201D49C5L, 0xB905387A88346C45L, + 0x131072C4BAB9DDFFL, 0xBF49461EA751AF99L, 0xD52977BC1CE05BA1L, 0xB0F785E46027DB52L, + 0x546D30BA6E57788CL, 0x305AD707650F56AEL, 0xC987C682612FF295L, 0xA5AB8944F5FBC571L, + 0x7ED528E759F244CAL, 0x8DDCBBCE2C7DB888L, 0xAA154ABE328DB1BAL, 0x1E619BE993ECE88BL, + 0x09F2BD9EE813B717L, 0x7401AA4B285D1CB3L, 0x21858F143195CAEEL, 0x48C381841398D1B8L, + 0xFCB750D3B2F98889L, 0x39A86A998D1CE1B9L, 0x1F888E0CE473465AL, 0x7899568376978716L, + 0x02CF2AD7EE2341BFL, 0x85C713B5B3F1A14EL, 0xFF916FE12B4567E7L, 0x7C1A0230B7D10575L, + 0x0C98FCC85ECA9BA5L, 0xA3E7F720DA9E06ADL, 0x6A6031A2BBB1F438L, 0x973E74947ED7D260L, + 0x2CF4663918C0FF9AL, 0x5F50A7F368678E24L, 0x34D983B4A449D4CDL, 0x68AF1B755592B587L, + 0x7F3C3D022E6DEA1BL, 0xABFC5F5B45121F6BL, 0x0D71E92D29553574L, 0xDFFDF5106D4F03D8L, + 0x081BA87B9F8C19C6L, 0xDB7EA1A3AC0981BBL, 0xBBCA12AD66172DFAL, 0x79704366010829C7L, + 0x179326777BFF5F9CL, 0x0000000000000000L, 0xEB2476A4C906D715L, 0x724DD42F0738DF6FL, + 0xB752EE6538DDB65FL, 0x37FFBC863DF53BA3L, 0x8EFA84FCB5C157E6L, 0xE9EB5C73272596AAL, + 0x1B0BDABF2535C439L, 0x86E12C872A4D4E20L, 0x9969A28BCE3E087AL, 0xFAFB2EB79D9C4B55L, + 0x056A4156B6D92CB2L, 0x5A3AE6A5DEBEA296L, 0x22A3B026A8292580L, 0x53C85B3B36AD1581L, + 0xB11E900117B87583L, 0xC51F3A4A3FE56930L, 0xE019E1EDCF3621BDL, 0xEC811D2591FCBA18L, + 0x445B7D4C4D524A1DL, 0xA8DA6069DCAEF005L, 0x58F5CC72309DE329L, 0xD4C062596B7FF570L, + 0xCE22AD0339D59F98L, 0x591CD99747024DF8L, 0x8B90C5AA03187B54L, 0xF663D27FC356D0F0L, + 0xD8589E9135B56ED5L, 0x35309651D3D67A1CL, 0x12F96721CD26732EL, 0xD28C1C3D441A36ACL, + 0x492A946164077F69L, 0x2D1D73DC6F5F514BL, 0x6F0A70F40D68D88AL, 0x60B4B30ECA1EAC41L, + 0xD36509D83385987DL, 0x0B3D97490630F6A8L, 0x9ECCC90A96C46577L, 0xA20EE2C5AD01A87CL, + 0xE49AB55E0E70A3DEL, 0xA4429CA182646BA0L, 0xDA97B446DB962F6AL, 0xCCED87D4D7F6DE27L, + 0x2AB8185D37A53C46L, 0x9F25DCEFE15BCBA6L, 0xC19C6EF9FEA3EB53L, 0xA764A3931BD884CEL, + 0x2FD2590B817C10F4L, 0x56A21A6D80743933L, 0xE573A0BB79EF0D0FL, 0x155C0CA095DC1E23L, + 0x6C2C4FC694D437E4L, 0x10364DF623053291L, 0xDD32DFC7836C4267L, 0x03263F3299BCEF6EL, + 0x66F8CD6AE57B6F9DL, 0x8C35AE2B5BE21659L, 0x31B3C2E21290F87FL, 0x93BD2027BF915003L, + 0x69460E90220D1B56L, 0x299E276FAE19D328L, 0x63928C3C53A2432FL, 0x7082FEF8E91B9ED0L, + 0xBC6F792C3EED40F7L, 0x4C40D537D2DE53DBL, 0x75E8BFAE5FC2B262L, 0x4DA9C0D2A541FD0AL, + 0x4E8FFFE03CFD1264L, 0x2620E495696FA7E3L, 0xE1F0F408B8A98F6CL, 0xD1AA230FDDA6D9C2L, + 0xC7D0109DD1C6288FL, 0x8A79D04F7487D585L, 0x4694579BA3710BA2L, 0x38417F7CFA834F68L, + 0x1D47A4DB0A5007E5L, 0x206C9AF1460A643FL, 0xA128DDF734BD4712L, 0x8144470672B7232DL, + 0xF2E086CC02105293L, 0x182DE58DBC892B57L, 0xCAA1F9B0F8931DFBL, 0x6B892447CC2E5AE9L, + 0xF9DD11850420A43BL, 0x4BE5BEB68A243ED6L, 0x5584255F19C8D65DL, 0x3B67404E633FA006L, + 0xA68DB6766C472A1FL, 0xF78AC79AB4C97E21L, 0xC353442E1080AAECL, 0x9A4F9DB95782E714L + }, + new ulong[] { + 0x05BA7BC82C9B3220L, 0x31A54665F8B65E4FL, 0xB1B651F77547F4D4L, 0x8BFA0D857BA46682L, + 0x85A96C5AA16A98BBL, 0x990FAEF908EB79C9L, 0xA15E37A247F4A62DL, 0x76857DCD5D27741EL, + 0xF8C50B800A1820BCL, 0xBE65DCB201F7A2B4L, 0x666D1B986F9426E7L, 0x4CC921BF53C4E648L, + 0x95410A0F93D9CA42L, 0x20CDCCAA647BA4EFL, 0x429A4060890A1871L, 0x0C4EA4F69B32B38BL, + 0xCCDA362DDE354CD3L, 0x96DC23BC7C5B2FA9L, 0xC309BB68AA851AB3L, 0xD26131A73648E013L, + 0x021DC52941FC4DB2L, 0xCD5ADAB7704BE48AL, 0xA77965D984ED71E6L, 0x32386FD61734BBA4L, + 0xE82D6DD538AB7245L, 0x5C2147EA6177B4B1L, 0x5DA1AB70CF091CE8L, 0xAC907FCE72B8BDFFL, + 0x57C85DFD972278A8L, 0xA4E44C6A6B6F940DL, 0x3851995B4F1FDFE4L, 0x62578CCAED71BC9EL, + 0xD9882BB0C01D2C0AL, 0x917B9D5D113C503BL, 0xA2C31E11A87643C6L, 0xE463C923A399C1CEL, + 0xF71686C57EA876DCL, 0x87B4A973E096D509L, 0xAF0D567D9D3A5814L, 0xB40C2A3F59DCC6F4L, + 0x3602F88495D121DDL, 0xD3E1DD3D9836484AL, 0xF945E71AA46688E5L, 0x7518547EB2A591F5L, + 0x9366587450C01D89L, 0x9EA81018658C065BL, 0x4F54080CBC4603A3L, 0x2D0384C65137BF3DL, + 0xDC325078EC861E2AL, 0xEA30A8FC79573FF7L, 0x214D2030CA050CB6L, 0x65F0322B8016C30CL, + 0x69BE96DD1B247087L, 0xDB95EE9981E161B8L, 0xD1FC1814D9CA05F8L, 0x820ED2BBCC0DE729L, + 0x63D76050430F14C7L, 0x3BCCB0E8A09D3A0FL, 0x8E40764D573F54A2L, 0x39D175C1E16177BDL, + 0x12F5A37C734F1F4BL, 0xAB37C12F1FDFC26DL, 0x5648B167395CD0F1L, 0x6C04ED1537BF42A7L, + 0xED97161D14304065L, 0x7D6C67DAAB72B807L, 0xEC17FA87BA4EE83CL, 0xDFAF79CB0304FBC1L, + 0x733F060571BC463EL, 0x78D61C1287E98A27L, 0xD07CF48E77B4ADA1L, 0xB9C262536C90DD26L, + 0xE2449B5860801605L, 0x8FC09AD7F941FCFBL, 0xFAD8CEA94BE46D0EL, 0xA343F28B0608EB9FL, + 0x9B126BD04917347BL, 0x9A92874AE7699C22L, 0x1B017C42C4E69EE0L, 0x3A4C5C720EE39256L, + 0x4B6E9F5E3EA399DAL, 0x6BA353F45AD83D35L, 0xE7FEE0904C1B2425L, 0x22D009832587E95DL, + 0x842980C00F1430E2L, 0xC6B3C0A0861E2893L, 0x087433A419D729F2L, 0x341F3DADD42D6C6FL, + 0xEE0A3FAEFBB2A58EL, 0x4AEE73C490DD3183L, 0xAAB72DB5B1A16A34L, 0xA92A04065E238FDFL, + 0x7B4B35A1686B6FCCL, 0x6A23BF6EF4A6956CL, 0x191CB96B851AD352L, 0x55D598D4D6DE351AL, + 0xC9604DE5F2AE7EF3L, 0x1CA6C2A3A981E172L, 0xDE2F9551AD7A5398L, 0x3025AAFF56C8F616L, + 0x15521D9D1E2860D9L, 0x506FE31CFA45073AL, 0x189C55F12B647B0BL, 0x0180EC9AAE7EA859L, + 0x7CEC8B40050C105EL, 0x2350E5198BF94104L, 0xEF8AD33455CC0DD7L, 0x07A7BEE16D677F92L, + 0xE5E325B90DE76997L, 0x5A061591A26E637AL, 0xB611EF1618208B46L, 0x09F4DF3EB7A981ABL, + 0x1EBB078AE87DACC0L, 0xB791038CB65E231FL, 0x0FD38D4574B05660L, 0x67EDF702C1EA8EBEL, + 0xBA5F4BE0831238CDL, 0xE3C477C2CEFEBE5CL, 0x0DCE486C354C1BD2L, 0x8C5DB36416C31910L, + 0x26EA9ED1A7627324L, 0x039D29B3EF82E5EBL, 0x9F28FC82CBF2AE02L, 0xA8AAE89CF05D2786L, + 0x431AACFA2774B028L, 0xCF471F9E31B7A938L, 0x581BD0B8E3922EC8L, 0xBC78199B400BEF06L, + 0x90FB71C7BF42F862L, 0x1F3BEB1046030499L, 0x683E7A47B55AD8DEL, 0x988F4263A695D190L, + 0xD808C72A6E638453L, 0x0627527BC319D7CBL, 0xEBB04466D72997AEL, 0xE67E0C0AE2658C7CL, + 0x14D2F107B056C880L, 0x7122C32C30400B8CL, 0x8A7AE11FD5DACEDBL, 0xA0DEDB38E98A0E74L, + 0xAD109354DCC615A6L, 0x0BE91A17F655CC19L, 0x8DDD5FFEB8BDB149L, 0xBFE53028AF890AEDL, + 0xD65BA6F5B4AD7A6AL, 0x7956F0882997227EL, 0x10E8665532B352F9L, 0x0E5361DFDACEFE39L, + 0xCEC7F3049FC90161L, 0xFF62B561677F5F2EL, 0x975CCF26D22587F0L, 0x51EF0F86543BAF63L, + 0x2F1E41EF10CBF28FL, 0x52722635BBB94A88L, 0xAE8DBAE73344F04DL, 0x410769D36688FD9AL, + 0xB3AB94DE34BBB966L, 0x801317928DF1AA9BL, 0xA564A0F0C5113C54L, 0xF131D4BEBDB1A117L, + 0x7F71A2F3EA8EF5B5L, 0x40878549C8F655C3L, 0x7EF14E6944F05DECL, 0xD44663DCF55137D8L, + 0xF2ACFD0D523344FCL, 0x0000000000000000L, 0x5FBC6E598EF5515AL, 0x16CF342EF1AA8532L, + 0xB036BD6DDB395C8DL, 0x13754FE6DD31B712L, 0xBBDFA77A2D6C9094L, 0x89E7C8AC3A582B30L, + 0x3C6B0E09CDFA459DL, 0xC4AE0589C7E26521L, 0x49735A777F5FD468L, 0xCAFD64561D2C9B18L, + 0xDA1502032F9FC9E1L, 0x8867243694268369L, 0x3782141E3BAF8984L, 0x9CB5D53124704BE9L, + 0xD7DB4A6F1AD3D233L, 0xA6F989432A93D9BFL, 0x9D3539AB8A0EE3B0L, 0x53F2CAAF15C7E2D1L, + 0x6E19283C76430F15L, 0x3DEBE2936384EDC4L, 0x5E3C82C3208BF903L, 0x33B8834CB94A13FDL, + 0x6470DEB12E686B55L, 0x359FD1377A53C436L, 0x61CAA57902F35975L, 0x043A975282E59A79L, + 0xFD7F70482683129CL, 0xC52EE913699CCD78L, 0x28B9FF0E7DAC8D1DL, 0x5455744E78A09D43L, + 0xCB7D88CCB3523341L, 0x44BD121B4A13CFBAL, 0x4D49CD25FDBA4E11L, 0x3E76CB208C06082FL, + 0x3FF627BA2278A076L, 0xC28957F204FBB2EAL, 0x453DFE81E46D67E3L, 0x94C1E6953DA7621BL, + 0x2C83685CFF491764L, 0xF32C1197FC4DECA5L, 0x2B24D6BD922E68F6L, 0xB22B78449AC5113FL, + 0x48F3B6EDD1217C31L, 0x2E9EAD75BEB55AD6L, 0x174FD8B45FD42D6BL, 0x4ED4E4961238ABFAL, + 0x92E6B4EEFEBEB5D0L, 0x46A0D7320BEF8208L, 0x47203BA8A5912A51L, 0x24F75BF8E69E3E96L, + 0xF0B1382413CF094EL, 0xFEE259FBC901F777L, 0x276A724B091CDB7DL, 0xBDF8F501EE75475FL, + 0x599B3C224DEC8691L, 0x6D84018F99C1EAFEL, 0x7498B8E41CDB39ACL, 0xE0595E71217C5BB7L, + 0x2AA43A273C50C0AFL, 0xF50B43EC3F543B6EL, 0x838E3E2162734F70L, 0xC09492DB4507FF58L, + 0x72BFEA9FDFC2EE67L, 0x11688ACF9CCDFAA0L, 0x1A8190D86A9836B9L, 0x7ACBD93BC615C795L, + 0xC7332C3A286080CAL, 0x863445E94EE87D50L, 0xF6966A5FD0D6DE85L, 0xE9AD814F96D5DA1CL, + 0x70A22FB69E3EA3D5L, 0x0A69F68D582B6440L, 0xB8428EC9C2EE757FL, 0x604A49E3AC8DF12CL, + 0x5B86F90B0C10CB23L, 0xE1D9B2EB8F02F3EEL, 0x29391394D3D22544L, 0xC8E0A17F5CD0D6AAL, + 0xB58CC6A5F7A26EADL, 0x8193FB08238F02C2L, 0xD5C68F465B2F9F81L, 0xFCFF9CD288FDBAC5L, + 0x77059157F359DC47L, 0x1D262E3907FF492BL, 0xFB582233E59AC557L, 0xDDB2BCE242F8B673L, + 0x2577B76248E096CFL, 0x6F99C4A6D83DA74CL, 0xC1147E41EB795701L, 0xF48BAF76912A9337L + }, + new ulong[] { + 0x3EF29D249B2C0A19L, 0xE9E16322B6F8622FL, 0x5536994047757F7AL, 0x9F4D56D5A47B0B33L, + 0x822567466AA1174CL, 0xB8F5057DEB082FB2L, 0xCC48C10BF4475F53L, 0x373088D4275DEC3AL, + 0x968F4325180AED10L, 0x173D232CF7016151L, 0xAE4ED09F946FCC13L, 0xFD4B4741C4539873L, + 0x1B5B3F0DD9933765L, 0x2FFCB0967B644052L, 0xE02376D20A89840CL, 0xA3AE3A70329B18D7L, + 0x419CBD2335DE8526L, 0xFAFEBF115B7C3199L, 0x0397074F85AA9B0DL, 0xC58AD4FB4836B970L, + 0xBEC60BE3FC4104A8L, 0x1EFF36DC4B708772L, 0x131FDC33ED8453B6L, 0x0844E33E341764D3L, + 0x0FF11B6EAB38CD39L, 0x64351F0A7761B85AL, 0x3B5694F509CFBA0EL, 0x30857084B87245D0L, + 0x47AFB3BD2297AE3CL, 0xF2BA5C2F6F6B554AL, 0x74BDC4761F4F70E1L, 0xCFDFC64471EDC45EL, + 0xE610784C1DC0AF16L, 0x7ACA29D63C113F28L, 0x2DED411776A859AFL, 0xAC5F211E99A3D5EEL, + 0xD484F949A87EF33BL, 0x3CE36CA596E013E4L, 0xD120F0983A9D432CL, 0x6BC40464DC597563L, + 0x69D5F5E5D1956C9EL, 0x9AE95F043698BB24L, 0xC9ECC8DA66A4EF44L, 0xD69508C8A5B2EAC6L, + 0xC40C2235C0503B80L, 0x38C193BA8C652103L, 0x1CEEC75D46BC9E8FL, 0xD331011937515AD1L, + 0xD8E2E56886ECA50FL, 0xB137108D5779C991L, 0x709F3B6905CA4206L, 0x4FEB50831680CAEFL, + 0xEC456AF3241BD238L, 0x58D673AFE181ABBEL, 0x242F54E7CAD9BF8CL, 0x0211F1810DCC19FDL, + 0x90BC4DBB0F43C60AL, 0x9518446A9DA0761DL, 0xA1BFCBF13F57012AL, 0x2BDE4F8961E172B5L, + 0x27B853A84F732481L, 0xB0B1E643DF1F4B61L, 0x18CC38425C39AC68L, 0xD2B7F7D7BF37D821L, + 0x3103864A3014C720L, 0x14AA246372ABFA5CL, 0x6E600DB54EBAC574L, 0x394765740403A3F3L, + 0x09C215F0BC71E623L, 0x2A58B947E987F045L, 0x7B4CDF18B477BDD8L, 0x9709B5EB906C6FE0L, + 0x73083C268060D90BL, 0xFEDC400E41F9037EL, 0x284948C6E44BE9B8L, 0x728ECAE808065BFBL, + 0x06330E9E17492B1AL, 0x5950856169E7294EL, 0xBAE4F4FCE6C4364FL, 0xCA7BCF95E30E7449L, + 0x7D7FD186A33E96C2L, 0x52836110D85AD690L, 0x4DFAA1021B4CD312L, 0x913ABB75872544FAL, + 0xDD46ECB9140F1518L, 0x3D659A6B1E869114L, 0xC23F2CABD719109AL, 0xD713FE062DD46836L, + 0xD0A60656B2FBC1DCL, 0x221C5A79DD909496L, 0xEFD26DBCA1B14935L, 0x0E77EDA0235E4FC9L, + 0xCBFD395B6B68F6B9L, 0x0DE0EAEFA6F4D4C4L, 0x0422FF1F1A8532E7L, 0xF969B85EDED6AA94L, + 0x7F6E2007AEF28F3FL, 0x3AD0623B81A938FEL, 0x6624EE8B7AADA1A7L, 0xB682E8DDC856607BL, + 0xA78CC56F281E2A30L, 0xC79B257A45FAA08DL, 0x5B4174E0642B30B3L, 0x5F638BFF7EAE0254L, + 0x4BC9AF9C0C05F808L, 0xCE59308AF98B46AEL, 0x8FC58DA9CC55C388L, 0x803496C7676D0EB1L, + 0xF33CAAE1E70DD7BAL, 0xBB6202326EA2B4BFL, 0xD5020F87201871CBL, 0x9D5CA754A9B712CEL, + 0x841669D87DE83C56L, 0x8A6184785EB6739FL, 0x420BBA6CB0741E2BL, 0xF12D5B60EAC1CE47L, + 0x76AC35F71283691CL, 0x2C6BB7D9FECEDB5FL, 0xFCCDB18F4C351A83L, 0x1F79C012C3160582L, + 0xF0ABADAE62A74CB7L, 0xE1A5801C82EF06FCL, 0x67A21845F2CB2357L, 0x5114665F5DF04D9DL, + 0xBF40FD2D74278658L, 0xA0393D3FB73183DAL, 0x05A409D192E3B017L, 0xA9FB28CF0B4065F9L, + 0x25A9A22942BF3D7CL, 0xDB75E22703463E02L, 0xB326E10C5AB5D06CL, 0xE7968E8295A62DE6L, + 0xB973F3B3636EAD42L, 0xDF571D3819C30CE5L, 0xEE549B7229D7CBC5L, 0x12992AFD65E2D146L, + 0xF8EF4E9056B02864L, 0xB7041E134030E28BL, 0xC02EDD2ADAD50967L, 0x932B4AF48AE95D07L, + 0x6FE6FB7BC6DC4784L, 0x239AACB755F61666L, 0x401A4BEDBDB807D6L, 0x485EA8D389AF6305L, + 0xA41BC220ADB4B13DL, 0x753B32B89729F211L, 0x997E584BB3322029L, 0x1D683193CEDA1C7FL, + 0xFF5AB6C0C99F818EL, 0x16BBD5E27F67E3A1L, 0xA59D34EE25D233CDL, 0x98F8AE853B54A2D9L, + 0x6DF70AFACB105E79L, 0x795D2E99B9BBA425L, 0x8E437B6744334178L, 0x0186F6CE886682F0L, + 0xEBF092A3BB347BD2L, 0xBCD7FA62F18D1D55L, 0xADD9D7D011C5571EL, 0x0BD3E471B1BDFFDEL, + 0xAA6C2F808EEAFEF4L, 0x5EE57D31F6C880A4L, 0xF50FA47FF044FCA0L, 0x1ADDC9C351F5B595L, + 0xEA76646D3352F922L, 0x0000000000000000L, 0x85909F16F58EBEA6L, 0x46294573AAF12CCCL, + 0x0A5512BF39DB7D2EL, 0x78DBD85731DD26D5L, 0x29CFBE086C2D6B48L, 0x218B5D36583A0F9BL, + 0x152CD2ADFACD78ACL, 0x83A39188E2C795BCL, 0xC3B9DA655F7F926AL, 0x9ECBA01B2C1D89C3L, + 0x07B5F8509F2FA9EAL, 0x7EE8D6C926940DCFL, 0x36B67E1AAF3B6ECAL, 0x86079859702425ABL, + 0xFB7849DFD31AB369L, 0x4C7C57CC932A51E2L, 0xD96413A60E8A27FFL, 0x263EA566C715A671L, + 0x6C71FC344376DC89L, 0x4A4F595284637AF8L, 0xDAF314E98B20BCF2L, 0x572768C14AB96687L, + 0x1088DB7C682EC8BBL, 0x887075F9537A6A62L, 0x2E7A4658F302C2A2L, 0x619116DBE582084DL, + 0xA87DDE018326E709L, 0xDCC01A779C6997E8L, 0xEDC39C3DAC7D50C8L, 0xA60A33A1A078A8C0L, + 0xC1A82BE452B38B97L, 0x3F746BEA134A88E9L, 0xA228CCBEBAFD9A27L, 0xABEAD94E068C7C04L, + 0xF48952B178227E50L, 0x5CF48CB0FB049959L, 0x6017E0156DE48ABDL, 0x4438B4F2A73D3531L, + 0x8C528AE649FF5885L, 0xB515EF924DFCFB76L, 0x0C661C212E925634L, 0xB493195CC59A7986L, + 0x9CDA519A21D1903EL, 0x32948105B5BE5C2DL, 0x194ACE8CD45F2E98L, 0x438D4CA238129CDBL, + 0x9B6FA9CABEFE39D4L, 0x81B26009EF0B8C41L, 0xDED1EBF691A58E15L, 0x4E6DA64D9EE6481FL, + 0x54B06F8ECF13FD8AL, 0x49D85E1D01C9E1F5L, 0xAFC826511C094EE3L, 0xF698A33075EE67ADL, + 0x5AC7822EEC4DB243L, 0x8DD47C28C199DA75L, 0x89F68337DB1CE892L, 0xCDCE37C57C21DDA3L, + 0x530597DE503C5460L, 0x6A42F2AA543FF793L, 0x5D727A7E73621BA9L, 0xE232875307459DF1L, + 0x56A19E0FC2DFE477L, 0xC61DD3B4CD9C227DL, 0xE5877F03986A341BL, 0x949EB2A415C6F4EDL, + 0x6206119460289340L, 0x6380E75AE84E11B0L, 0x8BE772B6D6D0F16FL, 0x50929091D596CF6DL, + 0xE86795EC3E9EE0DFL, 0x7CF927482B581432L, 0xC86A3E14EEC26DB4L, 0x7119CDA78DACC0F6L, + 0xE40189CD100CB6EBL, 0x92ADBC3A028FDFF7L, 0xB2A017C2D2D3529CL, 0x200DABF8D05C8D6BL, + 0x34A78F9BA2F77737L, 0xE3B4719D8F231F01L, 0x45BE423C2F5BB7C1L, 0xF71E55FEFD88E55DL, + 0x6853032B59F3EE6EL, 0x65B3E9C4FF073AAAL, 0x772AC3399AE5EBECL, 0x87816E97F842A75BL, + 0x110E2DB2E0484A4BL, 0x331277CB3DD8DEDDL, 0xBD510CAC79EB9FA5L, 0x352179552A91F5C7L + }, + new ulong[] { + 0x8AB0A96846E06A6DL, 0x43C7E80B4BF0B33AL, 0x08C9B3546B161EE5L, 0x39F1C235EBA990BEL, + 0xC1BEF2376606C7B2L, 0x2C209233614569AAL, 0xEB01523B6FC3289AL, 0x946953AB935ACEDDL, + 0x272838F63E13340EL, 0x8B0455ECA12BA052L, 0x77A1B2C4978FF8A2L, 0xA55122CA13E54086L, + 0x2276135862D3F1CDL, 0xDB8DDFDE08B76CFEL, 0x5D1E12C89E4A178AL, 0x0E56816B03969867L, + 0xEE5F79953303ED59L, 0xAFED748BAB78D71DL, 0x6D929F2DF93E53EEL, 0xF5D8A8F8BA798C2AL, + 0xF619B1698E39CF6BL, 0x95DDAF2F749104E2L, 0xEC2A9C80E0886427L, 0xCE5C8FD8825B95EAL, + 0xC4E0D9993AC60271L, 0x4699C3A5173076F9L, 0x3D1B151F50A29F42L, 0x9ED505EA2BC75946L, + 0x34665ACFDC7F4B98L, 0x61B1FB53292342F7L, 0xC721C0080E864130L, 0x8693CD1696FD7B74L, + 0x872731927136B14BL, 0xD3446C8A63A1721BL, 0x669A35E8A6680E4AL, 0xCAB658F239509A16L, + 0xA4E5DE4EF42E8AB9L, 0x37A7435EE83F08D9L, 0x134E6239E26C7F96L, 0x82791A3C2DF67488L, + 0x3F6EF00A8329163CL, 0x8E5A7E42FDEB6591L, 0x5CAAEE4C7981DDB5L, 0x19F234785AF1E80DL, + 0x255DDDE3ED98BD70L, 0x50898A32A99CCCACL, 0x28CA4519DA4E6656L, 0xAE59880F4CB31D22L, + 0x0D9798FA37D6DB26L, 0x32F968F0B4FFCD1AL, 0xA00F09644F258545L, 0xFA3AD5175E24DE72L, + 0xF46C547C5DB24615L, 0x713E80FBFF0F7E20L, 0x7843CF2B73D2AAFAL, 0xBD17EA36AEDF62B4L, + 0xFD111BACD16F92CFL, 0x4ABAA7DBC72D67E0L, 0xB3416B5DAD49FAD3L, 0xBCA316B24914A88BL, + 0x15D150068AECF914L, 0xE27C1DEBE31EFC40L, 0x4FE48C759BEDA223L, 0x7EDCFD141B522C78L, + 0x4E5070F17C26681CL, 0xE696CAC15815F3BCL, 0x35D2A64B3BB481A7L, 0x800CFF29FE7DFDF6L, + 0x1ED9FAC3D5BAA4B0L, 0x6C2663A91EF599D1L, 0x03C1199134404341L, 0xF7AD4DED69F20554L, + 0xCD9D9649B61BD6ABL, 0xC8C3BDE7EADB1368L, 0xD131899FB02AFB65L, 0x1D18E352E1FAE7F1L, + 0xDA39235AEF7CA6C1L, 0xA1BBF5E0A8EE4F7AL, 0x91377805CF9A0B1EL, 0x3138716180BF8E5BL, + 0xD9F83ACBDB3CE580L, 0x0275E515D38B897EL, 0x472D3F21F0FBBCC6L, 0x2D946EB7868EA395L, + 0xBA3C248D21942E09L, 0xE7223645BFDE3983L, 0xFF64FEB902E41BB1L, 0xC97741630D10D957L, + 0xC3CB1722B58D4ECCL, 0xA27AEC719CAE0C3BL, 0x99FECB51A48C15FBL, 0x1465AC826D27332BL, + 0xE1BD047AD75EBF01L, 0x79F733AF941960C5L, 0x672EC96C41A3C475L, 0xC27FEBA6524684F3L, + 0x64EFD0FD75E38734L, 0xED9E60040743AE18L, 0xFB8E2993B9EF144DL, 0x38453EB10C625A81L, + 0x6978480742355C12L, 0x48CF42CE14A6EE9EL, 0x1CAC1FD606312DCEL, 0x7B82D6BA4792E9BBL, + 0x9D141C7B1F871A07L, 0x5616B80DC11C4A2EL, 0xB849C198F21FA777L, 0x7CA91801C8D9A506L, + 0xB1348E487EC273ADL, 0x41B20D1E987B3A44L, 0x7460AB55A3CFBBE3L, 0x84E628034576F20AL, + 0x1B87D16D897A6173L, 0x0FE27DEFE45D5258L, 0x83CDE6B8CA3DBEB7L, 0x0C23647ED01D1119L, + 0x7A362A3EA0592384L, 0xB61F40F3F1893F10L, 0x75D457D1440471DCL, 0x4558DA34237035B8L, + 0xDCA6116587FC2043L, 0x8D9B67D3C9AB26D0L, 0x2B0B5C88EE0E2517L, 0x6FE77A382AB5DA90L, + 0x269CC472D9D8FE31L, 0x63C41E46FAA8CB89L, 0xB7ABBC771642F52FL, 0x7D1DE4852F126F39L, + 0xA8C6BA3024339BA0L, 0x600507D7CEE888C8L, 0x8FEE82C61A20AFAEL, 0x57A2448926D78011L, + 0xFCA5E72836A458F0L, 0x072BCEBB8F4B4CBDL, 0x497BBE4AF36D24A1L, 0x3CAFE99BB769557DL, + 0x12FA9EBD05A7B5A9L, 0xE8C04BAA5B836BDBL, 0x4273148FAC3B7905L, 0x908384812851C121L, + 0xE557D3506C55B0FDL, 0x72FF996ACB4F3D61L, 0x3EDA0C8E64E2DC03L, 0xF0868356E6B949E9L, + 0x04EAD72ABB0B0FFCL, 0x17A4B5135967706AL, 0xE3C8E16F04D5367FL, 0xF84F30028DAF570CL, + 0x1846C8FCBD3A2232L, 0x5B8120F7F6CA9108L, 0xD46FA231ECEA3EA6L, 0x334D947453340725L, + 0x58403966C28AD249L, 0xBED6F3A79A9F21F5L, 0x68CCB483A5FE962DL, 0xD085751B57E1315AL, + 0xFED0023DE52FD18EL, 0x4B0E5B5F20E6ADDFL, 0x1A332DE96EB1AB4CL, 0xA3CE10F57B65C604L, + 0x108F7BA8D62C3CD7L, 0xAB07A3A11073D8E1L, 0x6B0DAD1291BED56CL, 0xF2F366433532C097L, + 0x2E557726B2CEE0D4L, 0x0000000000000000L, 0xCB02A476DE9B5029L, 0xE4E32FD48B9E7AC2L, + 0x734B65EE2C84F75EL, 0x6E5386BCCD7E10AFL, 0x01B4FC84E7CBCA3FL, 0xCFE8735C65905FD5L, + 0x3613BFDA0FF4C2E6L, 0x113B872C31E7F6E8L, 0x2FE18BA255052AEBL, 0xE974B72EBC48A1E4L, + 0x0ABC5641B89D979BL, 0xB46AA5E62202B66EL, 0x44EC26B0C4BBFF87L, 0xA6903B5B27A503C7L, + 0x7F680190FC99E647L, 0x97A84A3AA71A8D9CL, 0xDD12EDE16037EA7CL, 0xC554251DDD0DC84EL, + 0x88C54C7D956BE313L, 0x4D91696048662B5DL, 0xB08072CC9909B992L, 0xB5DE5962C5C97C51L, + 0x81B803AD19B637C9L, 0xB2F597D94A8230ECL, 0x0B08AAC55F565DA4L, 0xF1327FD2017283D6L, + 0xAD98919E78F35E63L, 0x6AB9519676751F53L, 0x24E921670A53774FL, 0xB9FD3D1C15D46D48L, + 0x92F66194FBDA485FL, 0x5A35DC7311015B37L, 0xDED3F4705477A93DL, 0xC00A0EB381CD0D8DL, + 0xBB88D809C65FE436L, 0x16104997BEACBA55L, 0x21B70AC95693B28CL, 0x59F4C5E225411876L, + 0xD5DB5EB50B21F499L, 0x55D7A19CF55C096FL, 0xA97246B4C3F8519FL, 0x8552D487A2BD3835L, + 0x54635D181297C350L, 0x23C2EFDC85183BF2L, 0x9F61F96ECC0C9379L, 0x534893A39DDC8FEDL, + 0x5EDF0B59AA0A54CBL, 0xAC2C6D1A9F38945CL, 0xD7AEBBA0D8AA7DE7L, 0x2ABFA00C09C5EF28L, + 0xD84CC64F3CF72FBFL, 0x2003F64DB15878B3L, 0xA724C7DFC06EC9F8L, 0x069F323F68808682L, + 0xCC296ACD51D01C94L, 0x055E2BAE5CC0C5C3L, 0x6270E2C21D6301B6L, 0x3B842720382219C0L, + 0xD2F0900E846AB824L, 0x52FC6F277A1745D2L, 0xC6953C8CE94D8B0FL, 0xE009F8FE3095753EL, + 0x655B2C7992284D0BL, 0x984A37D54347DFC4L, 0xEAB5AEBF8808E2A5L, 0x9A3FD2C090CC56BAL, + 0x9CA0E0FFF84CD038L, 0x4C2595E4AFADE162L, 0xDF6708F4B3BC6302L, 0xBF620F237D54EBCAL, + 0x93429D101C118260L, 0x097D4FD08CDDD4DAL, 0x8C2F9B572E60ECEFL, 0x708A7C7F18C4B41FL, + 0x3A30DBA4DFE9D3FFL, 0x4006F19A7FB0F07BL, 0x5F6BF7DD4DC19EF4L, 0x1F6D064732716E8FL, + 0xF9FBCC866A649D33L, 0x308C8DE567744464L, 0x8971B0F972A0292CL, 0xD61A47243F61B7D8L, + 0xEFEB8511D4C82766L, 0x961CB6BE40D147A3L, 0xAAB35F25F7B812DEL, 0x76154E407044329DL, + 0x513D76B64E570693L, 0xF3479AC7D2F90AA8L, 0x9B8B2E4477079C85L, 0x297EB99D3D85AC69L + }, + new ulong[] { + 0x7E37E62DFC7D40C3L, 0x776F25A4EE939E5BL, 0xE045C850DD8FB5ADL, 0x86ED5BA711FF1952L, + 0xE91D0BD9CF616B35L, 0x37E0AB256E408FFBL, 0x9607F6C031025A7AL, 0x0B02F5E116D23C9DL, + 0xF3D8486BFB50650CL, 0x621CFF27C40875F5L, 0x7D40CB71FA5FD34AL, 0x6DAA6616DAA29062L, + 0x9F5F354923EC84E2L, 0xEC847C3DC507C3B3L, 0x025A3668043CE205L, 0xA8BF9E6C4DAC0B19L, + 0xFA808BE2E9BEBB94L, 0xB5B99C5277C74FA3L, 0x78D9BC95F0397BCCL, 0xE332E50CDBAD2624L, + 0xC74FCE129332797EL, 0x1729ECEB2EA709ABL, 0xC2D6B9F69954D1F8L, 0x5D898CBFBAB8551AL, + 0x859A76FB17DD8ADBL, 0x1BE85886362F7FB5L, 0xF6413F8FF136CD8AL, 0xD3110FA5BBB7E35CL, + 0x0A2FEED514CC4D11L, 0xE83010EDCD7F1AB9L, 0xA1E75DE55F42D581L, 0xEEDE4A55C13B21B6L, + 0xF2F5535FF94E1480L, 0x0CC1B46D1888761EL, 0xBCE15FDB6529913BL, 0x2D25E8975A7181C2L, + 0x71817F1CE2D7A554L, 0x2E52C5CB5C53124BL, 0xF9F7A6BEEF9C281DL, 0x9E722E7D21F2F56EL, + 0xCE170D9B81DCA7E6L, 0x0E9B82051CB4941BL, 0x1E712F623C49D733L, 0x21E45CFA42F9F7DCL, + 0xCB8E7A7F8BBA0F60L, 0x8E98831A010FB646L, 0x474CCF0D8E895B23L, 0xA99285584FB27A95L, + 0x8CC2B57205335443L, 0x42D5B8E984EFF3A5L, 0x012D1B34021E718CL, 0x57A6626AAE74180BL, + 0xFF19FC06E3D81312L, 0x35BA9D4D6A7C6DFEL, 0xC9D44C178F86ED65L, 0x506523E6A02E5288L, + 0x03772D5C06229389L, 0x8B01F4FE0B691EC0L, 0xF8DABD8AED825991L, 0x4C4E3AEC985B67BEL, + 0xB10DF0827FBF96A9L, 0x6A69279AD4F8DAE1L, 0xE78689DCD3D5FF2EL, 0x812E1A2B1FA553D1L, + 0xFBAD90D6EBA0CA18L, 0x1AC543B234310E39L, 0x1604F7DF2CB97827L, 0xA6241C6951189F02L, + 0x753513CCEAAF7C5EL, 0x64F2A59FC84C4EFAL, 0x247D2B1E489F5F5AL, 0xDB64D718AB474C48L, + 0x79F4A7A1F2270A40L, 0x1573DA832A9BEBAEL, 0x3497867968621C72L, 0x514838D2A2302304L, + 0xF0AF6537FD72F685L, 0x1D06023E3A6B44BAL, 0x678588C3CE6EDD73L, 0x66A893F7CC70ACFFL, + 0xD4D24E29B5EDA9DFL, 0x3856321470EA6A6CL, 0x07C3418C0E5A4A83L, 0x2BCBB22F5635BACDL, + 0x04B46CD00878D90AL, 0x06EE5AB80C443B0FL, 0x3B211F4876C8F9E5L, 0x0958C38912EEDE98L, + 0xD14B39CDBF8B0159L, 0x397B292072F41BE0L, 0x87C0409313E168DEL, 0xAD26E98847CAA39FL, + 0x4E140C849C6785BBL, 0xD5FF551DB7F3D853L, 0xA0CA46D15D5CA40DL, 0xCD6020C787FE346FL, + 0x84B76DCF15C3FB57L, 0xDEFDA0FCA121E4CEL, 0x4B8D7B6096012D3DL, 0x9AC642AD298A2C64L, + 0x0875D8BD10F0AF14L, 0xB357C6EA7B8374ACL, 0x4D6321D89A451632L, 0xEDA96709C719B23FL, + 0xF76C24BBF328BC06L, 0xC662D526912C08F2L, 0x3CE25EC47892B366L, 0xB978283F6F4F39BDL, + 0xC08C8F9E9D6833FDL, 0x4F3917B09E79F437L, 0x593DE06FB2C08C10L, 0xD6887841B1D14BDAL, + 0x19B26EEE32139DB0L, 0xB494876675D93E2FL, 0x825937771987C058L, 0x90E9AC783D466175L, + 0xF1827E03FF6C8709L, 0x945DC0A8353EB87FL, 0x4516F9658AB5B926L, 0x3F9573987EB020EFL, + 0xB855330B6D514831L, 0x2AE6A91B542BCB41L, 0x6331E413C6160479L, 0x408F8E8180D311A0L, + 0xEFF35161C325503AL, 0xD06622F9BD9570D5L, 0x8876D9A20D4B8D49L, 0xA5533135573A0C8BL, + 0xE168D364DF91C421L, 0xF41B09E7F50A2F8FL, 0x12B09B0F24C1A12DL, 0xDA49CC2CA9593DC4L, + 0x1F5C34563E57A6BFL, 0x54D14F36A8568B82L, 0xAF7CDFE043F6419AL, 0xEA6A2685C943F8BCL, + 0xE5DCBFB4D7E91D2BL, 0xB27ADDDE799D0520L, 0x6B443CAED6E6AB6DL, 0x7BAE91C9F61BE845L, + 0x3EB868AC7CAE5163L, 0x11C7B65322E332A4L, 0xD23C1491B9A992D0L, 0x8FB5982E0311C7CAL, + 0x70AC6428E0C9D4D8L, 0x895BC2960F55FCC5L, 0x76423E90EC8DEFD7L, 0x6FF0507EDE9E7267L, + 0x3DCF45F07A8CC2EAL, 0x4AA06054941F5CB1L, 0x5810FB5BB0DEFD9CL, 0x5EFEA1E3BC9AC693L, + 0x6EDD4B4ADC8003EBL, 0x741808F8E8B10DD2L, 0x145EC1B728859A22L, 0x28BC9F7350172944L, + 0x270A06424EBDCCD3L, 0x972AEDF4331C2BF6L, 0x059977E40A66A886L, 0x2550302A4A812ED6L, + 0xDD8A8DA0A7037747L, 0xC515F87A970E9B7BL, 0x3023EAA9601AC578L, 0xB7E3AA3A73FBADA6L, + 0x0FB699311EAAE597L, 0x0000000000000000L, 0x310EF19D6204B4F4L, 0x229371A644DB6455L, + 0x0DECAF591A960792L, 0x5CA4978BB8A62496L, 0x1C2B190A38753536L, 0x41A295B582CD602CL, + 0x3279DCC16426277DL, 0xC1A194AA9F764271L, 0x139D803B26DFD0A1L, 0xAE51C4D441E83016L, + 0xD813FA44AD65DFC1L, 0xAC0BF2BC45D4D213L, 0x23BE6A9246C515D9L, 0x49D74D08923DCF38L, + 0x9D05032127D066E7L, 0x2F7FDEFF5E4D63C7L, 0xA47E2A0155247D07L, 0x99B16FF12FA8BFEDL, + 0x4661D4398C972AAFL, 0xDFD0BBC8A33F9542L, 0xDCA79694A51D06CBL, 0xB020EBB67DA1E725L, + 0xBA0F0563696DAA34L, 0xE4F1A480D5F76CA7L, 0xC438E34E9510EAF7L, 0x939E81243B64F2FCL, + 0x8DEFAE46072D25CFL, 0x2C08F3A3586FF04EL, 0xD7A56375B3CF3A56L, 0x20C947CE40E78650L, + 0x43F8A3DD86F18229L, 0x568B795EAC6A6987L, 0x8003011F1DBB225DL, 0xF53612D3F7145E03L, + 0x189F75DA300DEC3CL, 0x9570DB9C3720C9F3L, 0xBB221E576B73DBB8L, 0x72F65240E4F536DDL, + 0x443BE25188ABC8AAL, 0xE21FFE38D9B357A8L, 0xFD43CA6EE7E4F117L, 0xCAA3614B89A47EECL, + 0xFE34E732E1C6629EL, 0x83742C431B99B1D4L, 0xCF3A16AF83C2D66AL, 0xAAE5A8044990E91CL, + 0x26271D764CA3BD5FL, 0x91C4B74C3F5810F9L, 0x7C6DD045F841A2C6L, 0x7F1AFD19FE63314FL, + 0xC8F957238D989CE9L, 0xA709075D5306EE8EL, 0x55FC5402AA48FA0EL, 0x48FA563C9023BEB4L, + 0x65DFBEABCA523F76L, 0x6C877D22D8BCE1EEL, 0xCC4D3BF385E045E3L, 0xBEBB69B36115733EL, + 0x10EAAD6720FD4328L, 0xB6CEB10E71E5DC2AL, 0xBDCC44EF6737E0B7L, 0x523F158EA412B08DL, + 0x989C74C52DB6CE61L, 0x9BEB59992B945DE8L, 0x8A2CEFCA09776F4CL, 0xA3BD6B8D5B7E3784L, + 0xEB473DB1CB5D8930L, 0xC3FBA2C29B4AA074L, 0x9C28181525CE176BL, 0x683311F2D0C438E4L, + 0x5FD3BAD7BE84B71FL, 0xFC6ED15AE5FA809BL, 0x36CDB0116C5EFE77L, 0x29918447520958C8L, + 0xA29070B959604608L, 0x53120EBAA60CC101L, 0x3A0C047C74D68869L, 0x691E0AC6D2DA4968L, + 0x73DB4974E6EB4751L, 0x7A838AFDF40599C9L, 0x5A4ACD33B4E21F99L, 0x6046C94FC03497F0L, + 0xE6AB92E8D1CB8EA2L, 0x3354C7F5663856F1L, 0xD93EE170AF7BAE4DL, 0x616BD27BC22AE67CL, + 0x92B39A10397A8370L, 0xABC8B3304B8E9890L, 0xBF967287630B02B2L, 0x5B67D607B6FC6E15L + }, + new ulong[] { + 0xD031C397CE553FE6L, 0x16BA5B01B006B525L, 0xA89BADE6296E70C8L, 0x6A1F525D77D3435BL, + 0x6E103570573DFA0BL, 0x660EFB2A17FC95ABL, 0x76327A9E97634BF6L, 0x4BAD9D6462458BF5L, + 0xF1830CAEDBC3F748L, 0xC5C8F542669131FFL, 0x95044A1CDC48B0CBL, 0x892962DF3CF8B866L, + 0xB0B9E208E930C135L, 0xA14FB3F0611A767CL, 0x8D2605F21C160136L, 0xD6B71922FECC549EL, + 0x37089438A5907D8BL, 0x0B5DA38E5803D49CL, 0x5A5BCC9CEA6F3CBCL, 0xEDAE246D3B73FFE5L, + 0xD2B87E0FDE22EDCEL, 0x5E54ABB1CA8185ECL, 0x1DE7F88FE80561B9L, 0xAD5E1A870135A08CL, + 0x2F2ADBD665CECC76L, 0x5780B5A782F58358L, 0x3EDC8A2EEDE47B3FL, 0xC9D95C3506BEE70FL, + 0x83BE111D6C4E05EEL, 0xA603B90959367410L, 0x103C81B4809FDE5DL, 0x2C69B6027D0C774AL, + 0x399080D7D5C87953L, 0x09D41E16487406B4L, 0xCDD63B1826505E5FL, 0xF99DC2F49B0298E8L, + 0x9CD0540A943CB67FL, 0xBCA84B7F891F17C5L, 0x723D1DB3B78DF2A6L, 0x78AA6E71E73B4F2EL, + 0x1433E699A071670DL, 0x84F21BE454620782L, 0x98DF3327B4D20F2FL, 0xF049DCE2D3769E5CL, + 0xDB6C60199656EB7AL, 0x648746B2078B4783L, 0x32CD23598DCBADCFL, 0x1EA4955BF0C7DA85L, + 0xE9A143401B9D46B5L, 0xFD92A5D9BBEC21B8L, 0xC8138C790E0B8E1BL, 0x2EE00B9A6D7BA562L, + 0xF85712B893B7F1FCL, 0xEB28FED80BEA949DL, 0x564A65EB8A40EA4CL, 0x6C9988E8474A2823L, + 0x4535898B121D8F2DL, 0xABD8C03231ACCBF4L, 0xBA2E91CAB9867CBDL, 0x7960BE3DEF8E263AL, + 0x0C11A977602FD6F0L, 0xCB50E1AD16C93527L, 0xEAE22E94035FFD89L, 0x2866D12F5DE2CE1AL, + 0xFF1B1841AB9BF390L, 0x9F9339DE8CFE0D43L, 0x964727C8C48A0BF7L, 0x524502C6AAAE531CL, + 0x9B9C5EF3AC10B413L, 0x4FA2FA4942AB32A5L, 0x3F165A62E551122BL, 0xC74148DA76E6E3D7L, + 0x924840E5E464B2A7L, 0xD372AE43D69784DAL, 0x233B72A105E11A86L, 0xA48A04914941A638L, + 0xB4B68525C9DE7865L, 0xDDEABAACA6CF8002L, 0x0A9773C250B6BD88L, 0xC284FFBB5EBD3393L, + 0x8BA0DF472C8F6A4EL, 0x2AEF6CB74D951C32L, 0x427983722A318D41L, 0x73F7CDFFBF389BB2L, + 0x074C0AF9382C026CL, 0x8A6A0F0B243A035AL, 0x6FDAE53C5F88931FL, 0xC68B98967E538AC3L, + 0x44FF59C71AA8E639L, 0xE2FCE0CE439E9229L, 0xA20CDE2479D8CD40L, 0x19E89FA2C8EBD8E9L, + 0xF446BBCFF398270CL, 0x43B3533E2284E455L, 0xD82F0DCD8E945046L, 0x51066F12B26CE820L, + 0xE73957AF6BC5426DL, 0x081ECE5A40C16FA0L, 0x3B193D4FC5BFAB7BL, 0x7FE66488DF174D42L, + 0x0E9814EF705804D8L, 0x8137AC857C39D7C6L, 0xB1733244E185A821L, 0x695C3F896F11F867L, + 0xF6CF0657E3EFF524L, 0x1AABF276D02963D5L, 0x2DA3664E75B91E5EL, 0x0289BD981077D228L, + 0x90C1FD7DF413608FL, 0x3C5537B6FD93A917L, 0xAA12107E3919A2E0L, 0x0686DAB530996B78L, + 0xDAA6B0559EE3826EL, 0xC34E2FF756085A87L, 0x6D5358A44FFF4137L, 0xFC587595B35948ACL, + 0x7CA5095CC7D5F67EL, 0xFB147F6C8B754AC0L, 0xBFEB26AB91DDACF9L, 0x6896EFC567A49173L, + 0xCA9A31E11E7C5C33L, 0xBBE44186B13315A9L, 0x0DDB793B689ABFE4L, 0x70B4A02BA7FA208EL, + 0xE47A3A7B7307F951L, 0x8CECD5BE14A36822L, 0xEEED49B923B144D9L, 0x17708B4DB8B3DC31L, + 0x6088219F2765FED3L, 0xB3FA8FDCF1F27A09L, 0x910B2D31FCA6099BL, 0x0F52C4A378ED6DCCL, + 0x50CCBF5EBAD98134L, 0x6BD582117F662A4FL, 0x94CE9A50D4FDD9DFL, 0x2B25BCFB45207526L, + 0x67C42B661F49FCBFL, 0x492420FC723259DDL, 0x03436DD418C2BB3CL, 0x1F6E4517F872B391L, + 0xA08563BC69AF1F68L, 0xD43EA4BAEEBB86B6L, 0x01CAD04C08B56914L, 0xAC94CACB0980C998L, + 0x54C3D8739A373864L, 0x26FEC5C02DBACAC2L, 0xDEA9D778BE0D3B3EL, 0x040F672D20EEB950L, + 0xE5B0EA377BB29045L, 0xF30AB136CBB42560L, 0x62019C0737122CFBL, 0xE86B930C13282FA1L, + 0xCC1CEB542EE5374BL, 0x538FD28AA21B3A08L, 0x1B61223AD89C0AC1L, 0x36C24474AD25149FL, + 0x7A23D3E9F74C9D06L, 0xBE21F6E79968C5EDL, 0xCF5F868036278C77L, 0xF705D61BEB5A9C30L, + 0x4D2B47D152DCE08DL, 0x5F9E7BFDC234ECF8L, 0x247778583DCD18EAL, 0x867BA67C4415D5AAL, + 0x4CE1979D5A698999L, 0x0000000000000000L, 0xEC64F42133C696F1L, 0xB57C5569C16B1171L, + 0xC1C7926F467F88AFL, 0x654D96FE0F3E2E97L, 0x15F936D5A8C40E19L, 0xB8A72C52A9F1AE95L, + 0xA9517DAA21DB19DCL, 0x58D27104FA18EE94L, 0x5918A148F2AD8780L, 0x5CDD1629DAF657C4L, + 0x8274C15164FB6CFAL, 0xD1FB13DBC6E056F2L, 0x7D6FD910CF609F6AL, 0xB63F38BDD9A9AA4DL, + 0x3D9FE7FAF526C003L, 0x74BBC706871499DEL, 0xDF630734B6B8522AL, 0x3AD3ED03CD0AC26FL, + 0xFADEAF2083C023D4L, 0xC00D42234ECAE1BBL, 0x8538CBA85CD76E96L, 0xC402250E6E2458EBL, + 0x47BC3413026A5D05L, 0xAFD7A71F114272A4L, 0x978DF784CC3F62E3L, 0xB96DFC1EA144C781L, + 0x21B2CF391596C8AEL, 0x318E4E8D950916F3L, 0xCE9556CC3E92E563L, 0x385A509BDD7D1047L, + 0x358129A0B5E7AFA3L, 0xE6F387E363702B79L, 0xE0755D5653E94001L, 0x7BE903A5FFF9F412L, + 0x12B53C2C90E80C75L, 0x3307F315857EC4DBL, 0x8FAFB86A0C61D31EL, 0xD9E5DD8186213952L, + 0x77F8AAD29FD622E2L, 0x25BDA814357871FEL, 0x7571174A8FA1F0CAL, 0x137FEC60985D6561L, + 0x30449EC19DBC7FE7L, 0xA540D4DD41F4CF2CL, 0xDC206AE0AE7AE916L, 0x5B911CD0E2DA55A8L, + 0xB2305F90F947131DL, 0x344BF9ECBD52C6B7L, 0x5D17C665D2433ED0L, 0x18224FEEC05EB1FDL, + 0x9E59E992844B6457L, 0x9A568EBFA4A5DD07L, 0xA3C60E68716DA454L, 0x7E2CB4C4D7A22456L, + 0x87B176304CA0BCBEL, 0x413AEEA632F3367DL, 0x9915E36BBC67663BL, 0x40F03EEA3A465F69L, + 0x1C2D28C3E0B008ADL, 0x4E682A054A1E5BB1L, 0x05C5B761285BD044L, 0xE1BF8D1A5B5C2915L, + 0xF2C0617AC3014C74L, 0xB7F5E8F1D11CC359L, 0x63CB4C4B3FA745EFL, 0x9D1A84469C89DF6BL, + 0xE33630824B2BFB3DL, 0xD5F474F6E60EEFA2L, 0xF58C6B83FB2D4E18L, 0x4676E45F0ADF3411L, + 0x20781F751D23A1BAL, 0xBD629B3381AA7ED1L, 0xAE1D775319F71BB0L, 0xFED1C80DA32E9A84L, + 0x5509083F92825170L, 0x29AC01635557A70EL, 0xA7C9694551831D04L, 0x8E65682604D4BA0AL, + 0x11F651F8882AB749L, 0xD77DC96EF6793D8AL, 0xEF2799F52B042DCDL, 0x48EEF0B07A8730C9L, + 0x22F1A2ED0D547392L, 0x6142F1D32FD097C7L, 0x4A674D286AF0E2E1L, 0x80FD7CC9748CBED2L, + 0x717E7067AF4F499AL, 0x938290A9ECD1DBB3L, 0x88E3B293344DD172L, 0x2734158C250FA3D6L + } + }; + + + } +} diff --git a/BouncyCastle/crypto/src/crypto/digests/GOST3411_2012_256Digest.cs b/BouncyCastle/crypto/src/crypto/digests/GOST3411_2012_256Digest.cs new file mode 100644 index 0000000..77cf6c5 --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/digests/GOST3411_2012_256Digest.cs @@ -0,0 +1,54 @@ +using System; +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Crypto.Digests +{ + public class Gost3411_2012_256Digest : Gost3411_2012Digest + { + private readonly static byte[] IV = { + 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, + 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, + 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, + 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, + 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, + 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, + 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, + 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01 + }; + + public override string AlgorithmName + { + get { return "GOST3411-2012-256"; } + } + + public Gost3411_2012_256Digest() : base(IV) + { + + } + + public Gost3411_2012_256Digest(Gost3411_2012_256Digest other) : base(IV) + { + Reset(other); + } + + public override int GetDigestSize() + { + return 32; + } + + public override int DoFinal(byte[] output, int outOff) + { + byte[] result = new byte[64]; + base.DoFinal(result, 0); + + Array.Copy(result, 32, output, outOff, 32); + + return 32; + } + + public override IMemoable Copy() + { + return new Gost3411_2012_256Digest(this); + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/digests/GOST3411_2012_512Digest.cs b/BouncyCastle/crypto/src/crypto/digests/GOST3411_2012_512Digest.cs new file mode 100644 index 0000000..2b77e36 --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/digests/GOST3411_2012_512Digest.cs @@ -0,0 +1,43 @@ +using System; +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Crypto.Digests +{ + public class Gost3411_2012_512Digest:Gost3411_2012Digest + { + private readonly static byte[] IV = { + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 + }; + + public override string AlgorithmName + { + get { return "GOST3411-2012-512"; } + } + + public Gost3411_2012_512Digest():base(IV) + { + } + + public Gost3411_2012_512Digest(Gost3411_2012_512Digest other) : base(IV) + { + Reset(other); + } + + public override int GetDigestSize() + { + return 64; + } + + public override IMemoable Copy() + { + return new Gost3411_2012_512Digest(this); + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/digests/GeneralDigest.cs b/BouncyCastle/crypto/src/crypto/digests/GeneralDigest.cs new file mode 100644 index 0000000..d40ad28 --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/digests/GeneralDigest.cs @@ -0,0 +1,133 @@ +using System; + +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Crypto.Digests +{ + /** + * base implementation of MD4 family style digest as outlined in + * "Handbook of Applied Cryptography", pages 344 - 347. + */ + public abstract class GeneralDigest + : IDigest, IMemoable + { + private const int BYTE_LENGTH = 64; + + private byte[] xBuf; + private int xBufOff; + + private long byteCount; + + internal GeneralDigest() + { + xBuf = new byte[4]; + } + + internal GeneralDigest(GeneralDigest t) + { + xBuf = new byte[t.xBuf.Length]; + CopyIn(t); + } + + protected void CopyIn(GeneralDigest t) + { + Array.Copy(t.xBuf, 0, xBuf, 0, t.xBuf.Length); + + xBufOff = t.xBufOff; + byteCount = t.byteCount; + } + + public void Update(byte input) + { + xBuf[xBufOff++] = input; + + if (xBufOff == xBuf.Length) + { + ProcessWord(xBuf, 0); + xBufOff = 0; + } + + byteCount++; + } + + public void BlockUpdate( + byte[] input, + int inOff, + int length) + { + length = System.Math.Max(0, length); + + // + // fill the current word + // + int i = 0; + if (xBufOff != 0) + { + while (i < length) + { + xBuf[xBufOff++] = input[inOff + i++]; + if (xBufOff == 4) + { + ProcessWord(xBuf, 0); + xBufOff = 0; + break; + } + } + } + + // + // process whole words. + // + int limit = ((length - i) & ~3) + i; + for (; i < limit; i += 4) + { + ProcessWord(input, inOff + i); + } + + // + // load in the remainder. + // + while (i < length) + { + xBuf[xBufOff++] = input[inOff + i++]; + } + + byteCount += length; + } + + public void Finish() + { + long bitLength = (byteCount << 3); + + // + // add the pad bytes. + // + Update((byte)128); + + while (xBufOff != 0) Update((byte)0); + ProcessLength(bitLength); + ProcessBlock(); + } + + public virtual void Reset() + { + byteCount = 0; + xBufOff = 0; + Array.Clear(xBuf, 0, xBuf.Length); + } + + public int GetByteLength() + { + return BYTE_LENGTH; + } + + internal abstract void ProcessWord(byte[] input, int inOff); + internal abstract void ProcessLength(long bitLength); + internal abstract void ProcessBlock(); + public abstract string AlgorithmName { get; } + public abstract int GetDigestSize(); + public abstract int DoFinal(byte[] output, int outOff); + public abstract IMemoable Copy(); + public abstract void Reset(IMemoable t); + } +} diff --git a/BouncyCastle/crypto/src/crypto/digests/KeccakDigest.cs b/BouncyCastle/crypto/src/crypto/digests/KeccakDigest.cs new file mode 100644 index 0000000..2da2e09 --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/digests/KeccakDigest.cs @@ -0,0 +1,414 @@ +using System; +using System.Diagnostics; + +using Org.BouncyCastle.Crypto.Utilities; +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Crypto.Digests +{ + /// + /// Implementation of Keccak based on following KeccakNISTInterface.c from http://keccak.noekeon.org/ + /// + /// + /// Following the naming conventions used in the C source code to enable easy review of the implementation. + /// + public class KeccakDigest + : IDigest, IMemoable + { + private static readonly ulong[] KeccakRoundConstants = new ulong[]{ + 0x0000000000000001UL, 0x0000000000008082UL, 0x800000000000808aUL, 0x8000000080008000UL, + 0x000000000000808bUL, 0x0000000080000001UL, 0x8000000080008081UL, 0x8000000000008009UL, + 0x000000000000008aUL, 0x0000000000000088UL, 0x0000000080008009UL, 0x000000008000000aUL, + 0x000000008000808bUL, 0x800000000000008bUL, 0x8000000000008089UL, 0x8000000000008003UL, + 0x8000000000008002UL, 0x8000000000000080UL, 0x000000000000800aUL, 0x800000008000000aUL, + 0x8000000080008081UL, 0x8000000000008080UL, 0x0000000080000001UL, 0x8000000080008008UL + }; + + private ulong[] state = new ulong[25]; + protected byte[] dataQueue = new byte[192]; + protected int rate; + protected int bitsInQueue; + protected internal int fixedOutputLength; + protected bool squeezing; + + public KeccakDigest() + : this(288) + { + } + + public KeccakDigest(int bitLength) + { + Init(bitLength); + } + + public KeccakDigest(KeccakDigest source) + { + CopyIn(source); + } + + private void CopyIn(KeccakDigest source) + { + Array.Copy(source.state, 0, this.state, 0, source.state.Length); + Array.Copy(source.dataQueue, 0, this.dataQueue, 0, source.dataQueue.Length); + this.rate = source.rate; + this.bitsInQueue = source.bitsInQueue; + this.fixedOutputLength = source.fixedOutputLength; + this.squeezing = source.squeezing; + } + + public virtual string AlgorithmName + { + get { return "Keccak-" + fixedOutputLength; } + } + + public virtual int GetDigestSize() + { + return fixedOutputLength >> 3; + } + + public virtual void Update(byte input) + { + Absorb(input); + } + + public virtual void BlockUpdate(byte[] input, int inOff, int len) + { + Absorb(input, inOff, len); + } + + public virtual int DoFinal(byte[] output, int outOff) + { + Squeeze(output, outOff, fixedOutputLength); + + Reset(); + + return GetDigestSize(); + } + + /* + * TODO Possible API change to support partial-byte suffixes. + */ + protected virtual int DoFinal(byte[] output, int outOff, byte partialByte, int partialBits) + { + if (partialBits > 0) + { + AbsorbBits(partialByte, partialBits); + } + + Squeeze(output, outOff, fixedOutputLength); + + Reset(); + + return GetDigestSize(); + } + + public virtual void Reset() + { + Init(fixedOutputLength); + } + + /** + * Return the size of block that the compression function is applied to in bytes. + * + * @return internal byte length of a block. + */ + public virtual int GetByteLength() + { + return rate >> 3; + } + + private void Init(int bitLength) + { + switch (bitLength) + { + case 128: + case 224: + case 256: + case 288: + case 384: + case 512: + InitSponge(1600 - (bitLength << 1)); + break; + default: + throw new ArgumentException("must be one of 128, 224, 256, 288, 384, or 512.", "bitLength"); + } + } + + private void InitSponge(int rate) + { + if (rate <= 0 || rate >= 1600 || (rate & 63) != 0) + throw new InvalidOperationException("invalid rate value"); + + this.rate = rate; + Array.Clear(state, 0, state.Length); + Arrays.Fill(this.dataQueue, (byte)0); + this.bitsInQueue = 0; + this.squeezing = false; + this.fixedOutputLength = (1600 - rate) >> 1; + } + + protected void Absorb(byte data) + { + if ((bitsInQueue & 7) != 0) + throw new InvalidOperationException("attempt to absorb with odd length queue"); + if (squeezing) + throw new InvalidOperationException("attempt to absorb while squeezing"); + + dataQueue[bitsInQueue >> 3] = data; + if ((bitsInQueue += 8) == rate) + { + KeccakAbsorb(dataQueue, 0); + bitsInQueue = 0; + } + } + + protected void Absorb(byte[] data, int off, int len) + { + if ((bitsInQueue & 7) != 0) + throw new InvalidOperationException("attempt to absorb with odd length queue"); + if (squeezing) + throw new InvalidOperationException("attempt to absorb while squeezing"); + + int bytesInQueue = bitsInQueue >> 3; + int rateBytes = rate >> 3; + + int available = rateBytes - bytesInQueue; + if (len < available) + { + Array.Copy(data, off, dataQueue, bytesInQueue, len); + this.bitsInQueue += len << 3; + return; + } + + int count = 0; + if (bytesInQueue > 0) + { + Array.Copy(data, off, dataQueue, bytesInQueue, available); + count += available; + KeccakAbsorb(dataQueue, 0); + } + + int remaining; + while ((remaining = (len - count)) >= rateBytes) + { + KeccakAbsorb(data, off + count); + count += rateBytes; + } + + Array.Copy(data, off + count, dataQueue, 0, remaining); + this.bitsInQueue = remaining << 3; + } + + protected void AbsorbBits(int data, int bits) + { + if (bits < 1 || bits > 7) + throw new ArgumentException("must be in the range 1 to 7", "bits"); + if ((bitsInQueue & 7) != 0) + throw new InvalidOperationException("attempt to absorb with odd length queue"); + if (squeezing) + throw new InvalidOperationException("attempt to absorb while squeezing"); + + int mask = (1 << bits) - 1; + dataQueue[bitsInQueue >> 3] = (byte)(data & mask); + + // NOTE: After this, bitsInQueue is no longer a multiple of 8, so no more absorbs will work + bitsInQueue += bits; + } + + private void PadAndSwitchToSqueezingPhase() + { + Debug.Assert(bitsInQueue < rate); + + dataQueue[bitsInQueue >> 3] |= (byte)(1 << (bitsInQueue & 7)); + + if (++bitsInQueue == rate) + { + KeccakAbsorb(dataQueue, 0); + } + else + { + int full = bitsInQueue >> 6, partial = bitsInQueue & 63; + int off = 0; + for (int i = 0; i < full; ++i) + { + state[i] ^= Pack.LE_To_UInt64(dataQueue, off); + off += 8; + } + if (partial > 0) + { + ulong mask = (1UL << partial) - 1UL; + state[full] ^= Pack.LE_To_UInt64(dataQueue, off) & mask; + } + } + + state[(rate - 1) >> 6] ^= (1UL << 63); + + bitsInQueue = 0; + squeezing = true; + } + + protected void Squeeze(byte[] output, int offset, long outputLength) + { + if (!squeezing) + { + PadAndSwitchToSqueezingPhase(); + } + if ((outputLength & 7L) != 0L) + throw new InvalidOperationException("outputLength not a multiple of 8"); + + long i = 0; + while (i < outputLength) + { + if (bitsInQueue == 0) + { + KeccakExtract(); + } + int partialBlock = (int)System.Math.Min((long)bitsInQueue, outputLength - i); + Array.Copy(dataQueue, (rate - bitsInQueue) >> 3, output, offset + (int)(i >> 3), partialBlock >> 3); + bitsInQueue -= partialBlock; + i += partialBlock; + } + } + + private void KeccakAbsorb(byte[] data, int off) + { + int count = rate >> 6; + for (int i = 0; i < count; ++i) + { + state[i] ^= Pack.LE_To_UInt64(data, off); + off += 8; + } + + KeccakPermutation(); + } + + private void KeccakExtract() + { + KeccakPermutation(); + + Pack.UInt64_To_LE(state, 0, rate >> 6, dataQueue, 0); + + this.bitsInQueue = rate; + } + + private void KeccakPermutation() + { + ulong[] A = state; + + ulong a00 = A[ 0], a01 = A[ 1], a02 = A[ 2], a03 = A[ 3], a04 = A[ 4]; + ulong a05 = A[ 5], a06 = A[ 6], a07 = A[ 7], a08 = A[ 8], a09 = A[ 9]; + ulong a10 = A[10], a11 = A[11], a12 = A[12], a13 = A[13], a14 = A[14]; + ulong a15 = A[15], a16 = A[16], a17 = A[17], a18 = A[18], a19 = A[19]; + ulong a20 = A[20], a21 = A[21], a22 = A[22], a23 = A[23], a24 = A[24]; + + for (int i = 0; i < 24; i++) + { + // theta + ulong c0 = a00 ^ a05 ^ a10 ^ a15 ^ a20; + ulong c1 = a01 ^ a06 ^ a11 ^ a16 ^ a21; + ulong c2 = a02 ^ a07 ^ a12 ^ a17 ^ a22; + ulong c3 = a03 ^ a08 ^ a13 ^ a18 ^ a23; + ulong c4 = a04 ^ a09 ^ a14 ^ a19 ^ a24; + + ulong d1 = (c1 << 1 | c1 >> -1) ^ c4; + ulong d2 = (c2 << 1 | c2 >> -1) ^ c0; + ulong d3 = (c3 << 1 | c3 >> -1) ^ c1; + ulong d4 = (c4 << 1 | c4 >> -1) ^ c2; + ulong d0 = (c0 << 1 | c0 >> -1) ^ c3; + + a00 ^= d1; a05 ^= d1; a10 ^= d1; a15 ^= d1; a20 ^= d1; + a01 ^= d2; a06 ^= d2; a11 ^= d2; a16 ^= d2; a21 ^= d2; + a02 ^= d3; a07 ^= d3; a12 ^= d3; a17 ^= d3; a22 ^= d3; + a03 ^= d4; a08 ^= d4; a13 ^= d4; a18 ^= d4; a23 ^= d4; + a04 ^= d0; a09 ^= d0; a14 ^= d0; a19 ^= d0; a24 ^= d0; + + // rho/pi + c1 = a01 << 1 | a01 >> 63; + a01 = a06 << 44 | a06 >> 20; + a06 = a09 << 20 | a09 >> 44; + a09 = a22 << 61 | a22 >> 3; + a22 = a14 << 39 | a14 >> 25; + a14 = a20 << 18 | a20 >> 46; + a20 = a02 << 62 | a02 >> 2; + a02 = a12 << 43 | a12 >> 21; + a12 = a13 << 25 | a13 >> 39; + a13 = a19 << 8 | a19 >> 56; + a19 = a23 << 56 | a23 >> 8; + a23 = a15 << 41 | a15 >> 23; + a15 = a04 << 27 | a04 >> 37; + a04 = a24 << 14 | a24 >> 50; + a24 = a21 << 2 | a21 >> 62; + a21 = a08 << 55 | a08 >> 9; + a08 = a16 << 45 | a16 >> 19; + a16 = a05 << 36 | a05 >> 28; + a05 = a03 << 28 | a03 >> 36; + a03 = a18 << 21 | a18 >> 43; + a18 = a17 << 15 | a17 >> 49; + a17 = a11 << 10 | a11 >> 54; + a11 = a07 << 6 | a07 >> 58; + a07 = a10 << 3 | a10 >> 61; + a10 = c1; + + // chi + c0 = a00 ^ (~a01 & a02); + c1 = a01 ^ (~a02 & a03); + a02 ^= ~a03 & a04; + a03 ^= ~a04 & a00; + a04 ^= ~a00 & a01; + a00 = c0; + a01 = c1; + + c0 = a05 ^ (~a06 & a07); + c1 = a06 ^ (~a07 & a08); + a07 ^= ~a08 & a09; + a08 ^= ~a09 & a05; + a09 ^= ~a05 & a06; + a05 = c0; + a06 = c1; + + c0 = a10 ^ (~a11 & a12); + c1 = a11 ^ (~a12 & a13); + a12 ^= ~a13 & a14; + a13 ^= ~a14 & a10; + a14 ^= ~a10 & a11; + a10 = c0; + a11 = c1; + + c0 = a15 ^ (~a16 & a17); + c1 = a16 ^ (~a17 & a18); + a17 ^= ~a18 & a19; + a18 ^= ~a19 & a15; + a19 ^= ~a15 & a16; + a15 = c0; + a16 = c1; + + c0 = a20 ^ (~a21 & a22); + c1 = a21 ^ (~a22 & a23); + a22 ^= ~a23 & a24; + a23 ^= ~a24 & a20; + a24 ^= ~a20 & a21; + a20 = c0; + a21 = c1; + + // iota + a00 ^= KeccakRoundConstants[i]; + } + + A[ 0] = a00; A[ 1] = a01; A[ 2] = a02; A[ 3] = a03; A[ 4] = a04; + A[ 5] = a05; A[ 6] = a06; A[ 7] = a07; A[ 8] = a08; A[ 9] = a09; + A[10] = a10; A[11] = a11; A[12] = a12; A[13] = a13; A[14] = a14; + A[15] = a15; A[16] = a16; A[17] = a17; A[18] = a18; A[19] = a19; + A[20] = a20; A[21] = a21; A[22] = a22; A[23] = a23; A[24] = a24; + } + + public virtual IMemoable Copy() + { + return new KeccakDigest(this); + } + + public virtual void Reset(IMemoable other) + { + CopyIn((KeccakDigest)other); + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/digests/LongDigest.cs b/BouncyCastle/crypto/src/crypto/digests/LongDigest.cs new file mode 100644 index 0000000..9ee9bcd --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/digests/LongDigest.cs @@ -0,0 +1,355 @@ +using System; + +using Org.BouncyCastle.Crypto; +using Org.BouncyCastle.Crypto.Utilities; +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Crypto.Digests +{ + /** + * Base class for SHA-384 and SHA-512. + */ + public abstract class LongDigest + : IDigest, IMemoable + { + private int MyByteLength = 128; + + private byte[] xBuf; + private int xBufOff; + + private long byteCount1; + private long byteCount2; + + internal ulong H1, H2, H3, H4, H5, H6, H7, H8; + + private ulong[] W = new ulong[80]; + private int wOff; + + /** + * Constructor for variable length word + */ + internal LongDigest() + { + xBuf = new byte[8]; + + Reset(); + } + + /** + * Copy constructor. We are using copy constructors in place + * of the object.Clone() interface as this interface is not + * supported by J2ME. + */ + internal LongDigest( + LongDigest t) + { + xBuf = new byte[t.xBuf.Length]; + + CopyIn(t); + } + + protected void CopyIn(LongDigest t) + { + Array.Copy(t.xBuf, 0, xBuf, 0, t.xBuf.Length); + + xBufOff = t.xBufOff; + byteCount1 = t.byteCount1; + byteCount2 = t.byteCount2; + + H1 = t.H1; + H2 = t.H2; + H3 = t.H3; + H4 = t.H4; + H5 = t.H5; + H6 = t.H6; + H7 = t.H7; + H8 = t.H8; + + Array.Copy(t.W, 0, W, 0, t.W.Length); + wOff = t.wOff; + } + + public void Update( + byte input) + { + xBuf[xBufOff++] = input; + + if (xBufOff == xBuf.Length) + { + ProcessWord(xBuf, 0); + xBufOff = 0; + } + + byteCount1++; + } + + public void BlockUpdate( + byte[] input, + int inOff, + int length) + { + // + // fill the current word + // + while ((xBufOff != 0) && (length > 0)) + { + Update(input[inOff]); + + inOff++; + length--; + } + + // + // process whole words. + // + while (length > xBuf.Length) + { + ProcessWord(input, inOff); + + inOff += xBuf.Length; + length -= xBuf.Length; + byteCount1 += xBuf.Length; + } + + // + // load in the remainder. + // + while (length > 0) + { + Update(input[inOff]); + + inOff++; + length--; + } + } + + public void Finish() + { + AdjustByteCounts(); + + long lowBitLength = byteCount1 << 3; + long hiBitLength = byteCount2; + + // + // add the pad bytes. + // + Update((byte)128); + + while (xBufOff != 0) + { + Update((byte)0); + } + + ProcessLength(lowBitLength, hiBitLength); + + ProcessBlock(); + } + + public virtual void Reset() + { + byteCount1 = 0; + byteCount2 = 0; + + xBufOff = 0; + for ( int i = 0; i < xBuf.Length; i++ ) + { + xBuf[i] = 0; + } + + wOff = 0; + Array.Clear(W, 0, W.Length); + } + + internal void ProcessWord( + byte[] input, + int inOff) + { + W[wOff] = Pack.BE_To_UInt64(input, inOff); + + if (++wOff == 16) + { + ProcessBlock(); + } + } + + /** + * adjust the byte counts so that byteCount2 represents the + * upper long (less 3 bits) word of the byte count. + */ + private void AdjustByteCounts() + { + if (byteCount1 > 0x1fffffffffffffffL) + { + byteCount2 += (long) ((ulong) byteCount1 >> 61); + byteCount1 &= 0x1fffffffffffffffL; + } + } + + internal void ProcessLength( + long lowW, + long hiW) + { + if (wOff > 14) + { + ProcessBlock(); + } + + W[14] = (ulong)hiW; + W[15] = (ulong)lowW; + } + + internal void ProcessBlock() + { + AdjustByteCounts(); + + // + // expand 16 word block into 80 word blocks. + // + for (int ti = 16; ti <= 79; ++ti) + { + W[ti] = Sigma1(W[ti - 2]) + W[ti - 7] + Sigma0(W[ti - 15]) + W[ti - 16]; + } + + // + // set up working variables. + // + ulong a = H1; + ulong b = H2; + ulong c = H3; + ulong d = H4; + ulong e = H5; + ulong f = H6; + ulong g = H7; + ulong h = H8; + + int t = 0; + for(int i = 0; i < 10; i ++) + { + // t = 8 * i + h += Sum1(e) + Ch(e, f, g) + K[t] + W[t++]; + d += h; + h += Sum0(a) + Maj(a, b, c); + + // t = 8 * i + 1 + g += Sum1(d) + Ch(d, e, f) + K[t] + W[t++]; + c += g; + g += Sum0(h) + Maj(h, a, b); + + // t = 8 * i + 2 + f += Sum1(c) + Ch(c, d, e) + K[t] + W[t++]; + b += f; + f += Sum0(g) + Maj(g, h, a); + + // t = 8 * i + 3 + e += Sum1(b) + Ch(b, c, d) + K[t] + W[t++]; + a += e; + e += Sum0(f) + Maj(f, g, h); + + // t = 8 * i + 4 + d += Sum1(a) + Ch(a, b, c) + K[t] + W[t++]; + h += d; + d += Sum0(e) + Maj(e, f, g); + + // t = 8 * i + 5 + c += Sum1(h) + Ch(h, a, b) + K[t] + W[t++]; + g += c; + c += Sum0(d) + Maj(d, e, f); + + // t = 8 * i + 6 + b += Sum1(g) + Ch(g, h, a) + K[t] + W[t++]; + f += b; + b += Sum0(c) + Maj(c, d, e); + + // t = 8 * i + 7 + a += Sum1(f) + Ch(f, g, h) + K[t] + W[t++]; + e += a; + a += Sum0(b) + Maj(b, c, d); + } + + H1 += a; + H2 += b; + H3 += c; + H4 += d; + H5 += e; + H6 += f; + H7 += g; + H8 += h; + + // + // reset the offset and clean out the word buffer. + // + wOff = 0; + Array.Clear(W, 0, 16); + } + + /* SHA-384 and SHA-512 functions (as for SHA-256 but for longs) */ + private static ulong Ch(ulong x, ulong y, ulong z) + { + return (x & y) ^ (~x & z); + } + + private static ulong Maj(ulong x, ulong y, ulong z) + { + return (x & y) ^ (x & z) ^ (y & z); + } + + private static ulong Sum0(ulong x) + { + return ((x << 36) | (x >> 28)) ^ ((x << 30) | (x >> 34)) ^ ((x << 25) | (x >> 39)); + } + + private static ulong Sum1(ulong x) + { + return ((x << 50) | (x >> 14)) ^ ((x << 46) | (x >> 18)) ^ ((x << 23) | (x >> 41)); + } + + private static ulong Sigma0(ulong x) + { + return ((x << 63) | (x >> 1)) ^ ((x << 56) | (x >> 8)) ^ (x >> 7); + } + + private static ulong Sigma1(ulong x) + { + return ((x << 45) | (x >> 19)) ^ ((x << 3) | (x >> 61)) ^ (x >> 6); + } + + /* SHA-384 and SHA-512 Constants + * (represent the first 64 bits of the fractional parts of the + * cube roots of the first sixty-four prime numbers) + */ + internal static readonly ulong[] K = + { + 0x428a2f98d728ae22, 0x7137449123ef65cd, 0xb5c0fbcfec4d3b2f, 0xe9b5dba58189dbbc, + 0x3956c25bf348b538, 0x59f111f1b605d019, 0x923f82a4af194f9b, 0xab1c5ed5da6d8118, + 0xd807aa98a3030242, 0x12835b0145706fbe, 0x243185be4ee4b28c, 0x550c7dc3d5ffb4e2, + 0x72be5d74f27b896f, 0x80deb1fe3b1696b1, 0x9bdc06a725c71235, 0xc19bf174cf692694, + 0xe49b69c19ef14ad2, 0xefbe4786384f25e3, 0x0fc19dc68b8cd5b5, 0x240ca1cc77ac9c65, + 0x2de92c6f592b0275, 0x4a7484aa6ea6e483, 0x5cb0a9dcbd41fbd4, 0x76f988da831153b5, + 0x983e5152ee66dfab, 0xa831c66d2db43210, 0xb00327c898fb213f, 0xbf597fc7beef0ee4, + 0xc6e00bf33da88fc2, 0xd5a79147930aa725, 0x06ca6351e003826f, 0x142929670a0e6e70, + 0x27b70a8546d22ffc, 0x2e1b21385c26c926, 0x4d2c6dfc5ac42aed, 0x53380d139d95b3df, + 0x650a73548baf63de, 0x766a0abb3c77b2a8, 0x81c2c92e47edaee6, 0x92722c851482353b, + 0xa2bfe8a14cf10364, 0xa81a664bbc423001, 0xc24b8b70d0f89791, 0xc76c51a30654be30, + 0xd192e819d6ef5218, 0xd69906245565a910, 0xf40e35855771202a, 0x106aa07032bbd1b8, + 0x19a4c116b8d2d0c8, 0x1e376c085141ab53, 0x2748774cdf8eeb99, 0x34b0bcb5e19b48a8, + 0x391c0cb3c5c95a63, 0x4ed8aa4ae3418acb, 0x5b9cca4f7763e373, 0x682e6ff3d6b2b8a3, + 0x748f82ee5defb2fc, 0x78a5636f43172f60, 0x84c87814a1f0ab72, 0x8cc702081a6439ec, + 0x90befffa23631e28, 0xa4506cebde82bde9, 0xbef9a3f7b2c67915, 0xc67178f2e372532b, + 0xca273eceea26619c, 0xd186b8c721c0c207, 0xeada7dd6cde0eb1e, 0xf57d4f7fee6ed178, + 0x06f067aa72176fba, 0x0a637dc5a2c898a6, 0x113f9804bef90dae, 0x1b710b35131c471b, + 0x28db77f523047d84, 0x32caab7b40c72493, 0x3c9ebe0a15c9bebc, 0x431d67c49c100d4c, + 0x4cc5d4becb3e42b6, 0x597f299cfc657e2a, 0x5fcb6fab3ad6faec, 0x6c44198c4a475817 + }; + + public int GetByteLength() + { + return MyByteLength; + } + + public abstract string AlgorithmName { get; } + public abstract int GetDigestSize(); + public abstract int DoFinal(byte[] output, int outOff); + public abstract IMemoable Copy(); + public abstract void Reset(IMemoable t); + } +} diff --git a/BouncyCastle/crypto/src/crypto/digests/MD2Digest.cs b/BouncyCastle/crypto/src/crypto/digests/MD2Digest.cs new file mode 100644 index 0000000..6d90f3f --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/digests/MD2Digest.cs @@ -0,0 +1,269 @@ +using System; + +using Org.BouncyCastle.Crypto; +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Crypto.Digests +{ + + /** + * implementation of MD2 + * as outlined in RFC1319 by B.Kaliski from RSA Laboratories April 1992 + */ + public class MD2Digest + : IDigest, IMemoable + { + private const int DigestLength = 16; + private const int BYTE_LENGTH = 16; + + /* X buffer */ + private byte[] X = new byte[48]; + private int xOff; + + /* M buffer */ + + private byte[] M = new byte[16]; + private int mOff; + + /* check sum */ + + private byte[] C = new byte[16]; + private int COff; + + public MD2Digest() + { + Reset(); + } + + public MD2Digest(MD2Digest t) + { + CopyIn(t); + } + + private void CopyIn(MD2Digest t) + { + Array.Copy(t.X, 0, X, 0, t.X.Length); + xOff = t.xOff; + Array.Copy(t.M, 0, M, 0, t.M.Length); + mOff = t.mOff; + Array.Copy(t.C, 0, C, 0, t.C.Length); + COff = t.COff; + } + + /** + * return the algorithm name + * + * @return the algorithm name + */ + public string AlgorithmName + { + get { return "MD2"; } + } + + public int GetDigestSize() + { + return DigestLength; + } + + public int GetByteLength() + { + return BYTE_LENGTH; + } + + /** + * Close the digest, producing the final digest value. The doFinal + * call leaves the digest reset. + * + * @param out the array the digest is to be copied into. + * @param outOff the offset into the out array the digest is to start at. + */ + public int DoFinal(byte[] output, int outOff) + { + // add padding + byte paddingByte = (byte)(M.Length - mOff); + for (int i=mOff;i 0)) + { + Update(input[inOff]); + inOff++; + length--; + } + + // + // process whole words. + // + while (length > 16) + { + Array.Copy(input,inOff,M,0,16); + ProcessChecksum(M); + ProcessBlock(M); + length -= 16; + inOff += 16; + } + + // + // load in the remainder. + // + while (length > 0) + { + Update(input[inOff]); + inOff++; + length--; + } + } + + internal void ProcessChecksum(byte[] m) + { + int L = C[15]; + for (int i=0;i<16;i++) + { + C[i] ^= S[(m[i] ^ L) & 0xff]; + L = C[i]; + } + } + internal void ProcessBlock(byte[] m) + { + for (int i=0;i<16;i++) + { + X[i+16] = m[i]; + X[i+32] = (byte)(m[i] ^ X[i]); + } + // encrypt block + int t = 0; + + for (int j=0;j<18;j++) + { + for (int k=0;k<48;k++) + { + t = X[k] ^= S[t]; + t = t & 0xff; + } + t = (t + j)%256; + } + } + + + + // 256-byte random permutation constructed from the digits of PI + private static readonly byte[] S = { + (byte)41,(byte)46,(byte)67,(byte)201,(byte)162,(byte)216,(byte)124, + (byte)1,(byte)61,(byte)54,(byte)84,(byte)161,(byte)236,(byte)240, + (byte)6,(byte)19,(byte)98,(byte)167,(byte)5,(byte)243,(byte)192, + (byte)199,(byte)115,(byte)140,(byte)152,(byte)147,(byte)43,(byte)217, + (byte)188,(byte)76,(byte)130,(byte)202,(byte)30,(byte)155,(byte)87, + (byte)60,(byte)253,(byte)212,(byte)224,(byte)22,(byte)103,(byte)66, + (byte)111,(byte)24,(byte)138,(byte)23,(byte)229,(byte)18,(byte)190, + (byte)78,(byte)196,(byte)214,(byte)218,(byte)158,(byte)222,(byte)73, + (byte)160,(byte)251,(byte)245,(byte)142,(byte)187,(byte)47,(byte)238, + (byte)122,(byte)169,(byte)104,(byte)121,(byte)145,(byte)21,(byte)178, + (byte)7,(byte)63,(byte)148,(byte)194,(byte)16,(byte)137,(byte)11, + (byte)34,(byte)95,(byte)33,(byte)128,(byte)127,(byte)93,(byte)154, + (byte)90,(byte)144,(byte)50,(byte)39,(byte)53,(byte)62,(byte)204, + (byte)231,(byte)191,(byte)247,(byte)151,(byte)3,(byte)255,(byte)25, + (byte)48,(byte)179,(byte)72,(byte)165,(byte)181,(byte)209,(byte)215, + (byte)94,(byte)146,(byte)42,(byte)172,(byte)86,(byte)170,(byte)198, + (byte)79,(byte)184,(byte)56,(byte)210,(byte)150,(byte)164,(byte)125, + (byte)182,(byte)118,(byte)252,(byte)107,(byte)226,(byte)156,(byte)116, + (byte)4,(byte)241,(byte)69,(byte)157,(byte)112,(byte)89,(byte)100, + (byte)113,(byte)135,(byte)32,(byte)134,(byte)91,(byte)207,(byte)101, + (byte)230,(byte)45,(byte)168,(byte)2,(byte)27,(byte)96,(byte)37, + (byte)173,(byte)174,(byte)176,(byte)185,(byte)246,(byte)28,(byte)70, + (byte)97,(byte)105,(byte)52,(byte)64,(byte)126,(byte)15,(byte)85, + (byte)71,(byte)163,(byte)35,(byte)221,(byte)81,(byte)175,(byte)58, + (byte)195,(byte)92,(byte)249,(byte)206,(byte)186,(byte)197,(byte)234, + (byte)38,(byte)44,(byte)83,(byte)13,(byte)110,(byte)133,(byte)40, + (byte)132, 9,(byte)211,(byte)223,(byte)205,(byte)244,(byte)65, + (byte)129,(byte)77,(byte)82,(byte)106,(byte)220,(byte)55,(byte)200, + (byte)108,(byte)193,(byte)171,(byte)250,(byte)36,(byte)225,(byte)123, + (byte)8,(byte)12,(byte)189,(byte)177,(byte)74,(byte)120,(byte)136, + (byte)149,(byte)139,(byte)227,(byte)99,(byte)232,(byte)109,(byte)233, + (byte)203,(byte)213,(byte)254,(byte)59,(byte)0,(byte)29,(byte)57, + (byte)242,(byte)239,(byte)183,(byte)14,(byte)102,(byte)88,(byte)208, + (byte)228,(byte)166,(byte)119,(byte)114,(byte)248,(byte)235,(byte)117, + (byte)75,(byte)10,(byte)49,(byte)68,(byte)80,(byte)180,(byte)143, + (byte)237,(byte)31,(byte)26,(byte)219,(byte)153,(byte)141,(byte)51, + (byte)159,(byte)17,(byte)131,(byte)20 + }; + + public IMemoable Copy() + { + return new MD2Digest(this); + } + + public void Reset(IMemoable other) + { + MD2Digest d = (MD2Digest)other; + + CopyIn(d); + } + + } + +} diff --git a/BouncyCastle/crypto/src/crypto/digests/MD4Digest.cs b/BouncyCastle/crypto/src/crypto/digests/MD4Digest.cs new file mode 100644 index 0000000..8743f7d --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/digests/MD4Digest.cs @@ -0,0 +1,292 @@ +using System; + +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Crypto.Digests +{ + /** + * implementation of MD4 as RFC 1320 by R. Rivest, MIT Laboratory for + * Computer Science and RSA Data Security, Inc. + *

+ * NOTE: This algorithm is only included for backwards compatibility + * with legacy applications, it's not secure, don't use it for anything new!

+ */ + public class MD4Digest + : GeneralDigest + { + private const int DigestLength = 16; + + private int H1, H2, H3, H4; // IV's + + private int[] X = new int[16]; + private int xOff; + + /** + * Standard constructor + */ + public MD4Digest() + { + Reset(); + } + + /** + * Copy constructor. This will copy the state of the provided + * message digest. + */ + public MD4Digest(MD4Digest t) : base(t) + { + CopyIn(t); + } + + private void CopyIn(MD4Digest t) + { + base.CopyIn(t); + H1 = t.H1; + H2 = t.H2; + H3 = t.H3; + H4 = t.H4; + + Array.Copy(t.X, 0, X, 0, t.X.Length); + xOff = t.xOff; + } + + public override string AlgorithmName + { + get { return "MD4"; } + } + + public override int GetDigestSize() + { + return DigestLength; + } + + internal override void ProcessWord( + byte[] input, + int inOff) + { + X[xOff++] = (input[inOff] & 0xff) | ((input[inOff + 1] & 0xff) << 8) + | ((input[inOff + 2] & 0xff) << 16) | ((input[inOff + 3] & 0xff) << 24); + + if (xOff == 16) + { + ProcessBlock(); + } + } + + internal override void ProcessLength( + long bitLength) + { + if (xOff > 14) + { + ProcessBlock(); + } + + X[14] = (int)(bitLength & 0xffffffff); + X[15] = (int)((ulong) bitLength >> 32); + } + + private void UnpackWord( + int word, + byte[] outBytes, + int outOff) + { + outBytes[outOff] = (byte)word; + outBytes[outOff + 1] = (byte)((uint) word >> 8); + outBytes[outOff + 2] = (byte)((uint) word >> 16); + outBytes[outOff + 3] = (byte)((uint) word >> 24); + } + + public override int DoFinal( + byte[] output, + int outOff) + { + Finish(); + + UnpackWord(H1, output, outOff); + UnpackWord(H2, output, outOff + 4); + UnpackWord(H3, output, outOff + 8); + UnpackWord(H4, output, outOff + 12); + + Reset(); + + return DigestLength; + } + + /** + * reset the chaining variables to the IV values. + */ + public override void Reset() + { + base.Reset(); + + H1 = unchecked((int) 0x67452301); + H2 = unchecked((int) 0xefcdab89); + H3 = unchecked((int) 0x98badcfe); + H4 = unchecked((int) 0x10325476); + + xOff = 0; + + for (int i = 0; i != X.Length; i++) + { + X[i] = 0; + } + } + + // + // round 1 left rotates + // + private const int S11 = 3; + private const int S12 = 7; + private const int S13 = 11; + private const int S14 = 19; + + // + // round 2 left rotates + // + private const int S21 = 3; + private const int S22 = 5; + private const int S23 = 9; + private const int S24 = 13; + + // + // round 3 left rotates + // + private const int S31 = 3; + private const int S32 = 9; + private const int S33 = 11; + private const int S34 = 15; + + /* + * rotate int x left n bits. + */ + private int RotateLeft( + int x, + int n) + { + return (x << n) | (int) ((uint) x >> (32 - n)); + } + + /* + * F, G, H and I are the basic MD4 functions. + */ + private int F( + int u, + int v, + int w) + { + return (u & v) | (~u & w); + } + + private int G( + int u, + int v, + int w) + { + return (u & v) | (u & w) | (v & w); + } + + private int H( + int u, + int v, + int w) + { + return u ^ v ^ w; + } + + internal override void ProcessBlock() + { + int a = H1; + int b = H2; + int c = H3; + int d = H4; + + // + // Round 1 - F cycle, 16 times. + // + a = RotateLeft((a + F(b, c, d) + X[ 0]), S11); + d = RotateLeft((d + F(a, b, c) + X[ 1]), S12); + c = RotateLeft((c + F(d, a, b) + X[ 2]), S13); + b = RotateLeft((b + F(c, d, a) + X[ 3]), S14); + a = RotateLeft((a + F(b, c, d) + X[ 4]), S11); + d = RotateLeft((d + F(a, b, c) + X[ 5]), S12); + c = RotateLeft((c + F(d, a, b) + X[ 6]), S13); + b = RotateLeft((b + F(c, d, a) + X[ 7]), S14); + a = RotateLeft((a + F(b, c, d) + X[ 8]), S11); + d = RotateLeft((d + F(a, b, c) + X[ 9]), S12); + c = RotateLeft((c + F(d, a, b) + X[10]), S13); + b = RotateLeft((b + F(c, d, a) + X[11]), S14); + a = RotateLeft((a + F(b, c, d) + X[12]), S11); + d = RotateLeft((d + F(a, b, c) + X[13]), S12); + c = RotateLeft((c + F(d, a, b) + X[14]), S13); + b = RotateLeft((b + F(c, d, a) + X[15]), S14); + + // + // Round 2 - G cycle, 16 times. + // + a = RotateLeft((a + G(b, c, d) + X[ 0] + 0x5a827999), S21); + d = RotateLeft((d + G(a, b, c) + X[ 4] + 0x5a827999), S22); + c = RotateLeft((c + G(d, a, b) + X[ 8] + 0x5a827999), S23); + b = RotateLeft((b + G(c, d, a) + X[12] + 0x5a827999), S24); + a = RotateLeft((a + G(b, c, d) + X[ 1] + 0x5a827999), S21); + d = RotateLeft((d + G(a, b, c) + X[ 5] + 0x5a827999), S22); + c = RotateLeft((c + G(d, a, b) + X[ 9] + 0x5a827999), S23); + b = RotateLeft((b + G(c, d, a) + X[13] + 0x5a827999), S24); + a = RotateLeft((a + G(b, c, d) + X[ 2] + 0x5a827999), S21); + d = RotateLeft((d + G(a, b, c) + X[ 6] + 0x5a827999), S22); + c = RotateLeft((c + G(d, a, b) + X[10] + 0x5a827999), S23); + b = RotateLeft((b + G(c, d, a) + X[14] + 0x5a827999), S24); + a = RotateLeft((a + G(b, c, d) + X[ 3] + 0x5a827999), S21); + d = RotateLeft((d + G(a, b, c) + X[ 7] + 0x5a827999), S22); + c = RotateLeft((c + G(d, a, b) + X[11] + 0x5a827999), S23); + b = RotateLeft((b + G(c, d, a) + X[15] + 0x5a827999), S24); + + // + // Round 3 - H cycle, 16 times. + // + a = RotateLeft((a + H(b, c, d) + X[ 0] + 0x6ed9eba1), S31); + d = RotateLeft((d + H(a, b, c) + X[ 8] + 0x6ed9eba1), S32); + c = RotateLeft((c + H(d, a, b) + X[ 4] + 0x6ed9eba1), S33); + b = RotateLeft((b + H(c, d, a) + X[12] + 0x6ed9eba1), S34); + a = RotateLeft((a + H(b, c, d) + X[ 2] + 0x6ed9eba1), S31); + d = RotateLeft((d + H(a, b, c) + X[10] + 0x6ed9eba1), S32); + c = RotateLeft((c + H(d, a, b) + X[ 6] + 0x6ed9eba1), S33); + b = RotateLeft((b + H(c, d, a) + X[14] + 0x6ed9eba1), S34); + a = RotateLeft((a + H(b, c, d) + X[ 1] + 0x6ed9eba1), S31); + d = RotateLeft((d + H(a, b, c) + X[ 9] + 0x6ed9eba1), S32); + c = RotateLeft((c + H(d, a, b) + X[ 5] + 0x6ed9eba1), S33); + b = RotateLeft((b + H(c, d, a) + X[13] + 0x6ed9eba1), S34); + a = RotateLeft((a + H(b, c, d) + X[ 3] + 0x6ed9eba1), S31); + d = RotateLeft((d + H(a, b, c) + X[11] + 0x6ed9eba1), S32); + c = RotateLeft((c + H(d, a, b) + X[ 7] + 0x6ed9eba1), S33); + b = RotateLeft((b + H(c, d, a) + X[15] + 0x6ed9eba1), S34); + + H1 += a; + H2 += b; + H3 += c; + H4 += d; + + // + // reset the offset and clean out the word buffer. + // + xOff = 0; + for (int i = 0; i != X.Length; i++) + { + X[i] = 0; + } + } + + public override IMemoable Copy() + { + return new MD4Digest(this); + } + + public override void Reset(IMemoable other) + { + MD4Digest d = (MD4Digest)other; + + CopyIn(d); + } + + } + +} diff --git a/BouncyCastle/crypto/src/crypto/digests/MD5Digest.cs b/BouncyCastle/crypto/src/crypto/digests/MD5Digest.cs new file mode 100644 index 0000000..c60ac92 --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/digests/MD5Digest.cs @@ -0,0 +1,313 @@ +using System; + +using Org.BouncyCastle.Crypto.Utilities; +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Crypto.Digests +{ + /** + * implementation of MD5 as outlined in "Handbook of Applied Cryptography", pages 346 - 347. + */ + public class MD5Digest + : GeneralDigest + { + private const int DigestLength = 16; + + private uint H1, H2, H3, H4; // IV's + + private uint[] X = new uint[16]; + private int xOff; + + public MD5Digest() + { + Reset(); + } + + /** + * Copy constructor. This will copy the state of the provided + * message digest. + */ + public MD5Digest(MD5Digest t) + : base(t) + { + CopyIn(t); + } + + private void CopyIn(MD5Digest t) + { + base.CopyIn(t); + H1 = t.H1; + H2 = t.H2; + H3 = t.H3; + H4 = t.H4; + + Array.Copy(t.X, 0, X, 0, t.X.Length); + xOff = t.xOff; + } + + public override string AlgorithmName + { + get { return "MD5"; } + } + + public override int GetDigestSize() + { + return DigestLength; + } + + internal override void ProcessWord( + byte[] input, + int inOff) + { + X[xOff] = Pack.LE_To_UInt32(input, inOff); + + if (++xOff == 16) + { + ProcessBlock(); + } + } + + internal override void ProcessLength( + long bitLength) + { + if (xOff > 14) + { + if (xOff == 15) + X[15] = 0; + + ProcessBlock(); + } + + for (int i = xOff; i < 14; ++i) + { + X[i] = 0; + } + + X[14] = (uint)((ulong)bitLength); + X[15] = (uint)((ulong)bitLength >> 32); + } + + public override int DoFinal( + byte[] output, + int outOff) + { + Finish(); + + Pack.UInt32_To_LE(H1, output, outOff); + Pack.UInt32_To_LE(H2, output, outOff + 4); + Pack.UInt32_To_LE(H3, output, outOff + 8); + Pack.UInt32_To_LE(H4, output, outOff + 12); + + Reset(); + + return DigestLength; + } + + /** + * reset the chaining variables to the IV values. + */ + public override void Reset() + { + base.Reset(); + + H1 = 0x67452301; + H2 = 0xefcdab89; + H3 = 0x98badcfe; + H4 = 0x10325476; + + xOff = 0; + + for (int i = 0; i != X.Length; i++) + { + X[i] = 0; + } + } + + // + // round 1 left rotates + // + private static readonly int S11 = 7; + private static readonly int S12 = 12; + private static readonly int S13 = 17; + private static readonly int S14 = 22; + + // + // round 2 left rotates + // + private static readonly int S21 = 5; + private static readonly int S22 = 9; + private static readonly int S23 = 14; + private static readonly int S24 = 20; + + // + // round 3 left rotates + // + private static readonly int S31 = 4; + private static readonly int S32 = 11; + private static readonly int S33 = 16; + private static readonly int S34 = 23; + + // + // round 4 left rotates + // + private static readonly int S41 = 6; + private static readonly int S42 = 10; + private static readonly int S43 = 15; + private static readonly int S44 = 21; + + /* + * rotate int x left n bits. + */ + private static uint RotateLeft( + uint x, + int n) + { + return (x << n) | (x >> (32 - n)); + } + + /* + * F, G, H and I are the basic MD5 functions. + */ + private static uint F( + uint u, + uint v, + uint w) + { + return (u & v) | (~u & w); + } + + private static uint G( + uint u, + uint v, + uint w) + { + return (u & w) | (v & ~w); + } + + private static uint H( + uint u, + uint v, + uint w) + { + return u ^ v ^ w; + } + + private static uint K( + uint u, + uint v, + uint w) + { + return v ^ (u | ~w); + } + + internal override void ProcessBlock() + { + uint a = H1; + uint b = H2; + uint c = H3; + uint d = H4; + + // + // Round 1 - F cycle, 16 times. + // + a = RotateLeft((a + F(b, c, d) + X[0] + 0xd76aa478), S11) + b; + d = RotateLeft((d + F(a, b, c) + X[1] + 0xe8c7b756), S12) + a; + c = RotateLeft((c + F(d, a, b) + X[2] + 0x242070db), S13) + d; + b = RotateLeft((b + F(c, d, a) + X[3] + 0xc1bdceee), S14) + c; + a = RotateLeft((a + F(b, c, d) + X[4] + 0xf57c0faf), S11) + b; + d = RotateLeft((d + F(a, b, c) + X[5] + 0x4787c62a), S12) + a; + c = RotateLeft((c + F(d, a, b) + X[6] + 0xa8304613), S13) + d; + b = RotateLeft((b + F(c, d, a) + X[7] + 0xfd469501), S14) + c; + a = RotateLeft((a + F(b, c, d) + X[8] + 0x698098d8), S11) + b; + d = RotateLeft((d + F(a, b, c) + X[9] + 0x8b44f7af), S12) + a; + c = RotateLeft((c + F(d, a, b) + X[10] + 0xffff5bb1), S13) + d; + b = RotateLeft((b + F(c, d, a) + X[11] + 0x895cd7be), S14) + c; + a = RotateLeft((a + F(b, c, d) + X[12] + 0x6b901122), S11) + b; + d = RotateLeft((d + F(a, b, c) + X[13] + 0xfd987193), S12) + a; + c = RotateLeft((c + F(d, a, b) + X[14] + 0xa679438e), S13) + d; + b = RotateLeft((b + F(c, d, a) + X[15] + 0x49b40821), S14) + c; + + // + // Round 2 - G cycle, 16 times. + // + a = RotateLeft((a + G(b, c, d) + X[1] + 0xf61e2562), S21) + b; + d = RotateLeft((d + G(a, b, c) + X[6] + 0xc040b340), S22) + a; + c = RotateLeft((c + G(d, a, b) + X[11] + 0x265e5a51), S23) + d; + b = RotateLeft((b + G(c, d, a) + X[0] + 0xe9b6c7aa), S24) + c; + a = RotateLeft((a + G(b, c, d) + X[5] + 0xd62f105d), S21) + b; + d = RotateLeft((d + G(a, b, c) + X[10] + 0x02441453), S22) + a; + c = RotateLeft((c + G(d, a, b) + X[15] + 0xd8a1e681), S23) + d; + b = RotateLeft((b + G(c, d, a) + X[4] + 0xe7d3fbc8), S24) + c; + a = RotateLeft((a + G(b, c, d) + X[9] + 0x21e1cde6), S21) + b; + d = RotateLeft((d + G(a, b, c) + X[14] + 0xc33707d6), S22) + a; + c = RotateLeft((c + G(d, a, b) + X[3] + 0xf4d50d87), S23) + d; + b = RotateLeft((b + G(c, d, a) + X[8] + 0x455a14ed), S24) + c; + a = RotateLeft((a + G(b, c, d) + X[13] + 0xa9e3e905), S21) + b; + d = RotateLeft((d + G(a, b, c) + X[2] + 0xfcefa3f8), S22) + a; + c = RotateLeft((c + G(d, a, b) + X[7] + 0x676f02d9), S23) + d; + b = RotateLeft((b + G(c, d, a) + X[12] + 0x8d2a4c8a), S24) + c; + + // + // Round 3 - H cycle, 16 times. + // + a = RotateLeft((a + H(b, c, d) + X[5] + 0xfffa3942), S31) + b; + d = RotateLeft((d + H(a, b, c) + X[8] + 0x8771f681), S32) + a; + c = RotateLeft((c + H(d, a, b) + X[11] + 0x6d9d6122), S33) + d; + b = RotateLeft((b + H(c, d, a) + X[14] + 0xfde5380c), S34) + c; + a = RotateLeft((a + H(b, c, d) + X[1] + 0xa4beea44), S31) + b; + d = RotateLeft((d + H(a, b, c) + X[4] + 0x4bdecfa9), S32) + a; + c = RotateLeft((c + H(d, a, b) + X[7] + 0xf6bb4b60), S33) + d; + b = RotateLeft((b + H(c, d, a) + X[10] + 0xbebfbc70), S34) + c; + a = RotateLeft((a + H(b, c, d) + X[13] + 0x289b7ec6), S31) + b; + d = RotateLeft((d + H(a, b, c) + X[0] + 0xeaa127fa), S32) + a; + c = RotateLeft((c + H(d, a, b) + X[3] + 0xd4ef3085), S33) + d; + b = RotateLeft((b + H(c, d, a) + X[6] + 0x04881d05), S34) + c; + a = RotateLeft((a + H(b, c, d) + X[9] + 0xd9d4d039), S31) + b; + d = RotateLeft((d + H(a, b, c) + X[12] + 0xe6db99e5), S32) + a; + c = RotateLeft((c + H(d, a, b) + X[15] + 0x1fa27cf8), S33) + d; + b = RotateLeft((b + H(c, d, a) + X[2] + 0xc4ac5665), S34) + c; + + // + // Round 4 - K cycle, 16 times. + // + a = RotateLeft((a + K(b, c, d) + X[0] + 0xf4292244), S41) + b; + d = RotateLeft((d + K(a, b, c) + X[7] + 0x432aff97), S42) + a; + c = RotateLeft((c + K(d, a, b) + X[14] + 0xab9423a7), S43) + d; + b = RotateLeft((b + K(c, d, a) + X[5] + 0xfc93a039), S44) + c; + a = RotateLeft((a + K(b, c, d) + X[12] + 0x655b59c3), S41) + b; + d = RotateLeft((d + K(a, b, c) + X[3] + 0x8f0ccc92), S42) + a; + c = RotateLeft((c + K(d, a, b) + X[10] + 0xffeff47d), S43) + d; + b = RotateLeft((b + K(c, d, a) + X[1] + 0x85845dd1), S44) + c; + a = RotateLeft((a + K(b, c, d) + X[8] + 0x6fa87e4f), S41) + b; + d = RotateLeft((d + K(a, b, c) + X[15] + 0xfe2ce6e0), S42) + a; + c = RotateLeft((c + K(d, a, b) + X[6] + 0xa3014314), S43) + d; + b = RotateLeft((b + K(c, d, a) + X[13] + 0x4e0811a1), S44) + c; + a = RotateLeft((a + K(b, c, d) + X[4] + 0xf7537e82), S41) + b; + d = RotateLeft((d + K(a, b, c) + X[11] + 0xbd3af235), S42) + a; + c = RotateLeft((c + K(d, a, b) + X[2] + 0x2ad7d2bb), S43) + d; + b = RotateLeft((b + K(c, d, a) + X[9] + 0xeb86d391), S44) + c; + + H1 += a; + H2 += b; + H3 += c; + H4 += d; + + xOff = 0; + } + + public override IMemoable Copy() + { + return new MD5Digest(this); + } + + public override void Reset(IMemoable other) + { + MD5Digest d = (MD5Digest)other; + + CopyIn(d); + } + + } + +} + diff --git a/BouncyCastle/crypto/src/crypto/digests/NonMemoableDigest.cs b/BouncyCastle/crypto/src/crypto/digests/NonMemoableDigest.cs new file mode 100644 index 0000000..02c49b8 --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/digests/NonMemoableDigest.cs @@ -0,0 +1,62 @@ +using System; + +namespace Org.BouncyCastle.Crypto.Digests +{ + /** + * Wrapper removes exposure to the IMemoable interface on an IDigest implementation. + */ + public class NonMemoableDigest + : IDigest + { + protected readonly IDigest mBaseDigest; + + /** + * Base constructor. + * + * @param baseDigest underlying digest to use. + * @exception IllegalArgumentException if baseDigest is null + */ + public NonMemoableDigest(IDigest baseDigest) + { + if (baseDigest == null) + throw new ArgumentNullException("baseDigest"); + + this.mBaseDigest = baseDigest; + } + + public virtual string AlgorithmName + { + get { return mBaseDigest.AlgorithmName; } + } + + public virtual int GetDigestSize() + { + return mBaseDigest.GetDigestSize(); + } + + public virtual void Update(byte input) + { + mBaseDigest.Update(input); + } + + public virtual void BlockUpdate(byte[] input, int inOff, int len) + { + mBaseDigest.BlockUpdate(input, inOff, len); + } + + public virtual int DoFinal(byte[] output, int outOff) + { + return mBaseDigest.DoFinal(output, outOff); + } + + public virtual void Reset() + { + mBaseDigest.Reset(); + } + + public virtual int GetByteLength() + { + return mBaseDigest.GetByteLength(); + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/digests/NullDigest.cs b/BouncyCastle/crypto/src/crypto/digests/NullDigest.cs new file mode 100644 index 0000000..76b69af --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/digests/NullDigest.cs @@ -0,0 +1,55 @@ +using System; +using System.IO; + +using Org.BouncyCastle.Utilities.IO; + +namespace Org.BouncyCastle.Crypto.Digests +{ + public class NullDigest : IDigest + { + private readonly MemoryStream bOut = new MemoryStream(); + + public string AlgorithmName + { + get { return "NULL"; } + } + + public int GetByteLength() + { + // TODO Is this okay? + return 0; + } + + public int GetDigestSize() + { + return (int)bOut.Length; + } + + public void Update(byte b) + { + bOut.WriteByte(b); + } + + public void BlockUpdate(byte[] inBytes, int inOff, int len) + { + bOut.Write(inBytes, inOff, len); + } + + public int DoFinal(byte[] outBytes, int outOff) + { + try + { + return Streams.WriteBufTo(bOut, outBytes, outOff); + } + finally + { + Reset(); + } + } + + public void Reset() + { + bOut.SetLength(0); + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/digests/ParallelHash.cs b/BouncyCastle/crypto/src/crypto/digests/ParallelHash.cs new file mode 100644 index 0000000..7d9be76 --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/digests/ParallelHash.cs @@ -0,0 +1,210 @@ +using System; + +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Crypto.Digests +{ + /// + /// ParallelHash - a hash designed to support the efficient hashing of very long strings, by taking advantage, + /// of the parallelism available in modern processors with an optional XOF mode. + /// + /// From NIST Special Publication 800-185 - SHA-3 Derived Functions:cSHAKE, KMAC, TupleHash and ParallelHash + /// + /// + public class ParallelHash + : IXof, IDigest + { + private static readonly byte[] N_PARALLEL_HASH = Strings.ToByteArray("ParallelHash"); + + private readonly CShakeDigest cshake; + private readonly CShakeDigest compressor; + private readonly int bitLength; + private readonly int outputLength; + private readonly int B; + private readonly byte[] buffer; + private readonly byte[] compressorBuffer; + + private bool firstOutput; + private int nCount; + private int bufOff; + + /** + * Base constructor. + * + * @param bitLength bit length of the underlying SHAKE function, 128 or 256. + * @param S the customization string - available for local use. + * @param B the blocksize (in bytes) for hashing. + */ + public ParallelHash(int bitLength, byte[] S, int B) + : this(bitLength, S, B, bitLength * 2) + { + + } + + public ParallelHash(int bitLength, byte[] S, int B, int outputSize) + { + this.cshake = new CShakeDigest(bitLength, N_PARALLEL_HASH, S); + this.compressor = new CShakeDigest(bitLength, new byte[0], new byte[0]); + this.bitLength = bitLength; + this.B = B; + this.outputLength = (outputSize + 7) / 8; + this.buffer = new byte[B]; + this.compressorBuffer = new byte[bitLength * 2 / 8]; + + Reset(); + } + + public ParallelHash(ParallelHash source) + { + this.cshake = new CShakeDigest(source.cshake); + this.compressor = new CShakeDigest(source.compressor); + this.bitLength = source.bitLength; + this.B = source.B; + this.outputLength = source.outputLength; + this.buffer = Arrays.Clone(source.buffer); + this.compressorBuffer = Arrays.Clone(source.compressorBuffer); + } + + public virtual string AlgorithmName + { + get { return "ParallelHash" + cshake.AlgorithmName.Substring(6); } + } + + public virtual int GetByteLength() + { + return cshake.GetByteLength(); + } + + public virtual int GetDigestSize() + { + return outputLength; + } + + public virtual void Update(byte b) + { + buffer[bufOff++] = b; + if (bufOff == buffer.Length) + { + compress(); + } + } + + public virtual void BlockUpdate(byte[] inBuf, int inOff, int len) + { + len = System.Math.Max(0, len); + + // + // fill the current word + // + int i = 0; + if (bufOff != 0) + { + while (i < len && bufOff != buffer.Length) + { + buffer[bufOff++] = inBuf[inOff + i++]; + } + + if (bufOff == buffer.Length) + { + compress(); + } + } + + if (i < len) + { + while (len - i > B) + { + compress(inBuf, inOff + i, B); + i += B; + } + } + + while (i < len) + { + Update(inBuf[inOff + i++]); + } + } + + private void compress() + { + compress(buffer, 0, bufOff); + bufOff = 0; + } + + private void compress(byte[] buf, int offSet, int len) + { + compressor.BlockUpdate(buf, offSet, len); + compressor.DoFinal(compressorBuffer, 0, compressorBuffer.Length); + + cshake.BlockUpdate(compressorBuffer, 0, compressorBuffer.Length); + + nCount++; + } + + private void wrapUp(int outputSize) + { + if (bufOff != 0) + { + compress(); + } + byte[] nOut = XofUtilities.RightEncode(nCount); + byte[] encOut = XofUtilities.RightEncode(outputSize * 8); + + cshake.BlockUpdate(nOut, 0, nOut.Length); + cshake.BlockUpdate(encOut, 0, encOut.Length); + + firstOutput = false; + } + + public virtual int DoFinal(byte[] outBuf, int outOff) + { + if (firstOutput) + { + wrapUp(outputLength); + } + + int rv = cshake.DoFinal(outBuf, outOff, GetDigestSize()); + + Reset(); + + return rv; + } + + public virtual int DoFinal(byte[] outBuf, int outOff, int outLen) + { + if (firstOutput) + { + wrapUp(outputLength); + } + + int rv = cshake.DoFinal(outBuf, outOff, outLen); + + Reset(); + + return rv; + } + + public virtual int DoOutput(byte[] outBuf, int outOff, int outLen) + { + if (firstOutput) + { + wrapUp(0); + } + + return cshake.DoOutput(outBuf, outOff, outLen); + } + + public virtual void Reset() + { + cshake.Reset(); + Arrays.Clear(buffer); + + byte[] hdr = XofUtilities.LeftEncode(B); + cshake.BlockUpdate(hdr, 0, hdr.Length); + + nCount = 0; + bufOff = 0; + firstOutput = true; + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/digests/RipeMD128Digest.cs b/BouncyCastle/crypto/src/crypto/digests/RipeMD128Digest.cs new file mode 100644 index 0000000..e8a0331 --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/digests/RipeMD128Digest.cs @@ -0,0 +1,484 @@ +using System; + +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Crypto.Digests +{ + /** + * implementation of RipeMD128 + */ + public class RipeMD128Digest + : GeneralDigest + { + private const int DigestLength = 16; + + private int H0, H1, H2, H3; // IV's + + private int[] X = new int[16]; + private int xOff; + + /** + * Standard constructor + */ + public RipeMD128Digest() + { + Reset(); + } + + /** + * Copy constructor. This will copy the state of the provided + * message digest. + */ + public RipeMD128Digest(RipeMD128Digest t) : base(t) + { + CopyIn(t); + } + + private void CopyIn(RipeMD128Digest t) + { + base.CopyIn(t); + + H0 = t.H0; + H1 = t.H1; + H2 = t.H2; + H3 = t.H3; + + Array.Copy(t.X, 0, X, 0, t.X.Length); + xOff = t.xOff; + } + + public override string AlgorithmName + { + get { return "RIPEMD128"; } + } + + public override int GetDigestSize() + { + return DigestLength; + } + + internal override void ProcessWord( + byte[] input, + int inOff) + { + X[xOff++] = (input[inOff] & 0xff) | ((input[inOff + 1] & 0xff) << 8) + | ((input[inOff + 2] & 0xff) << 16) | ((input[inOff + 3] & 0xff) << 24); + + if (xOff == 16) + { + ProcessBlock(); + } + } + + internal override void ProcessLength( + long bitLength) + { + if (xOff > 14) + { + ProcessBlock(); + } + + X[14] = (int)(bitLength & 0xffffffff); + X[15] = (int)((ulong) bitLength >> 32); + } + + private void UnpackWord( + int word, + byte[] outBytes, + int outOff) + { + outBytes[outOff] = (byte)word; + outBytes[outOff + 1] = (byte)((uint) word >> 8); + outBytes[outOff + 2] = (byte)((uint) word >> 16); + outBytes[outOff + 3] = (byte)((uint) word >> 24); + } + + public override int DoFinal( + byte[] output, + int outOff) + { + Finish(); + + UnpackWord(H0, output, outOff); + UnpackWord(H1, output, outOff + 4); + UnpackWord(H2, output, outOff + 8); + UnpackWord(H3, output, outOff + 12); + + Reset(); + + return DigestLength; + } + + /** + * reset the chaining variables to the IV values. + */ + public override void Reset() + { + base.Reset(); + + H0 = unchecked((int) 0x67452301); + H1 = unchecked((int) 0xefcdab89); + H2 = unchecked((int) 0x98badcfe); + H3 = unchecked((int) 0x10325476); + + xOff = 0; + + for (int i = 0; i != X.Length; i++) + { + X[i] = 0; + } + } + + /* + * rotate int x left n bits. + */ + private int RL( + int x, + int n) + { + return (x << n) | (int) ((uint) x >> (32 - n)); + } + + /* + * f1,f2,f3,f4 are the basic RipeMD128 functions. + */ + + /* + * F + */ + private int F1( + int x, + int y, + int z) + { + return x ^ y ^ z; + } + + /* + * G + */ + private int F2( + int x, + int y, + int z) + { + return (x & y) | (~x & z); + } + + /* + * H + */ + private int F3( + int x, + int y, + int z) + { + return (x | ~y) ^ z; + } + + /* + * I + */ + private int F4( + int x, + int y, + int z) + { + return (x & z) | (y & ~z); + } + + private int F1( + int a, + int b, + int c, + int d, + int x, + int s) + { + return RL(a + F1(b, c, d) + x, s); + } + + private int F2( + int a, + int b, + int c, + int d, + int x, + int s) + { + return RL(a + F2(b, c, d) + x + unchecked((int) 0x5a827999), s); + } + + private int F3( + int a, + int b, + int c, + int d, + int x, + int s) + { + return RL(a + F3(b, c, d) + x + unchecked((int) 0x6ed9eba1), s); + } + + private int F4( + int a, + int b, + int c, + int d, + int x, + int s) + { + return RL(a + F4(b, c, d) + x + unchecked((int) 0x8f1bbcdc), s); + } + + private int FF1( + int a, + int b, + int c, + int d, + int x, + int s) + { + return RL(a + F1(b, c, d) + x, s); + } + + private int FF2( + int a, + int b, + int c, + int d, + int x, + int s) + { + return RL(a + F2(b, c, d) + x + unchecked((int) 0x6d703ef3), s); + } + + private int FF3( + int a, + int b, + int c, + int d, + int x, + int s) + { + return RL(a + F3(b, c, d) + x + unchecked((int) 0x5c4dd124), s); + } + + private int FF4( + int a, + int b, + int c, + int d, + int x, + int s) + { + return RL(a + F4(b, c, d) + x + unchecked((int) 0x50a28be6), s); + } + + internal override void ProcessBlock() + { + int a, aa; + int b, bb; + int c, cc; + int d, dd; + + a = aa = H0; + b = bb = H1; + c = cc = H2; + d = dd = H3; + + // + // Round 1 + // + a = F1(a, b, c, d, X[ 0], 11); + d = F1(d, a, b, c, X[ 1], 14); + c = F1(c, d, a, b, X[ 2], 15); + b = F1(b, c, d, a, X[ 3], 12); + a = F1(a, b, c, d, X[ 4], 5); + d = F1(d, a, b, c, X[ 5], 8); + c = F1(c, d, a, b, X[ 6], 7); + b = F1(b, c, d, a, X[ 7], 9); + a = F1(a, b, c, d, X[ 8], 11); + d = F1(d, a, b, c, X[ 9], 13); + c = F1(c, d, a, b, X[10], 14); + b = F1(b, c, d, a, X[11], 15); + a = F1(a, b, c, d, X[12], 6); + d = F1(d, a, b, c, X[13], 7); + c = F1(c, d, a, b, X[14], 9); + b = F1(b, c, d, a, X[15], 8); + + // + // Round 2 + // + a = F2(a, b, c, d, X[ 7], 7); + d = F2(d, a, b, c, X[ 4], 6); + c = F2(c, d, a, b, X[13], 8); + b = F2(b, c, d, a, X[ 1], 13); + a = F2(a, b, c, d, X[10], 11); + d = F2(d, a, b, c, X[ 6], 9); + c = F2(c, d, a, b, X[15], 7); + b = F2(b, c, d, a, X[ 3], 15); + a = F2(a, b, c, d, X[12], 7); + d = F2(d, a, b, c, X[ 0], 12); + c = F2(c, d, a, b, X[ 9], 15); + b = F2(b, c, d, a, X[ 5], 9); + a = F2(a, b, c, d, X[ 2], 11); + d = F2(d, a, b, c, X[14], 7); + c = F2(c, d, a, b, X[11], 13); + b = F2(b, c, d, a, X[ 8], 12); + + // + // Round 3 + // + a = F3(a, b, c, d, X[ 3], 11); + d = F3(d, a, b, c, X[10], 13); + c = F3(c, d, a, b, X[14], 6); + b = F3(b, c, d, a, X[ 4], 7); + a = F3(a, b, c, d, X[ 9], 14); + d = F3(d, a, b, c, X[15], 9); + c = F3(c, d, a, b, X[ 8], 13); + b = F3(b, c, d, a, X[ 1], 15); + a = F3(a, b, c, d, X[ 2], 14); + d = F3(d, a, b, c, X[ 7], 8); + c = F3(c, d, a, b, X[ 0], 13); + b = F3(b, c, d, a, X[ 6], 6); + a = F3(a, b, c, d, X[13], 5); + d = F3(d, a, b, c, X[11], 12); + c = F3(c, d, a, b, X[ 5], 7); + b = F3(b, c, d, a, X[12], 5); + + // + // Round 4 + // + a = F4(a, b, c, d, X[ 1], 11); + d = F4(d, a, b, c, X[ 9], 12); + c = F4(c, d, a, b, X[11], 14); + b = F4(b, c, d, a, X[10], 15); + a = F4(a, b, c, d, X[ 0], 14); + d = F4(d, a, b, c, X[ 8], 15); + c = F4(c, d, a, b, X[12], 9); + b = F4(b, c, d, a, X[ 4], 8); + a = F4(a, b, c, d, X[13], 9); + d = F4(d, a, b, c, X[ 3], 14); + c = F4(c, d, a, b, X[ 7], 5); + b = F4(b, c, d, a, X[15], 6); + a = F4(a, b, c, d, X[14], 8); + d = F4(d, a, b, c, X[ 5], 6); + c = F4(c, d, a, b, X[ 6], 5); + b = F4(b, c, d, a, X[ 2], 12); + + // + // Parallel round 1 + // + aa = FF4(aa, bb, cc, dd, X[ 5], 8); + dd = FF4(dd, aa, bb, cc, X[14], 9); + cc = FF4(cc, dd, aa, bb, X[ 7], 9); + bb = FF4(bb, cc, dd, aa, X[ 0], 11); + aa = FF4(aa, bb, cc, dd, X[ 9], 13); + dd = FF4(dd, aa, bb, cc, X[ 2], 15); + cc = FF4(cc, dd, aa, bb, X[11], 15); + bb = FF4(bb, cc, dd, aa, X[ 4], 5); + aa = FF4(aa, bb, cc, dd, X[13], 7); + dd = FF4(dd, aa, bb, cc, X[ 6], 7); + cc = FF4(cc, dd, aa, bb, X[15], 8); + bb = FF4(bb, cc, dd, aa, X[ 8], 11); + aa = FF4(aa, bb, cc, dd, X[ 1], 14); + dd = FF4(dd, aa, bb, cc, X[10], 14); + cc = FF4(cc, dd, aa, bb, X[ 3], 12); + bb = FF4(bb, cc, dd, aa, X[12], 6); + + // + // Parallel round 2 + // + aa = FF3(aa, bb, cc, dd, X[ 6], 9); + dd = FF3(dd, aa, bb, cc, X[11], 13); + cc = FF3(cc, dd, aa, bb, X[ 3], 15); + bb = FF3(bb, cc, dd, aa, X[ 7], 7); + aa = FF3(aa, bb, cc, dd, X[ 0], 12); + dd = FF3(dd, aa, bb, cc, X[13], 8); + cc = FF3(cc, dd, aa, bb, X[ 5], 9); + bb = FF3(bb, cc, dd, aa, X[10], 11); + aa = FF3(aa, bb, cc, dd, X[14], 7); + dd = FF3(dd, aa, bb, cc, X[15], 7); + cc = FF3(cc, dd, aa, bb, X[ 8], 12); + bb = FF3(bb, cc, dd, aa, X[12], 7); + aa = FF3(aa, bb, cc, dd, X[ 4], 6); + dd = FF3(dd, aa, bb, cc, X[ 9], 15); + cc = FF3(cc, dd, aa, bb, X[ 1], 13); + bb = FF3(bb, cc, dd, aa, X[ 2], 11); + + // + // Parallel round 3 + // + aa = FF2(aa, bb, cc, dd, X[15], 9); + dd = FF2(dd, aa, bb, cc, X[ 5], 7); + cc = FF2(cc, dd, aa, bb, X[ 1], 15); + bb = FF2(bb, cc, dd, aa, X[ 3], 11); + aa = FF2(aa, bb, cc, dd, X[ 7], 8); + dd = FF2(dd, aa, bb, cc, X[14], 6); + cc = FF2(cc, dd, aa, bb, X[ 6], 6); + bb = FF2(bb, cc, dd, aa, X[ 9], 14); + aa = FF2(aa, bb, cc, dd, X[11], 12); + dd = FF2(dd, aa, bb, cc, X[ 8], 13); + cc = FF2(cc, dd, aa, bb, X[12], 5); + bb = FF2(bb, cc, dd, aa, X[ 2], 14); + aa = FF2(aa, bb, cc, dd, X[10], 13); + dd = FF2(dd, aa, bb, cc, X[ 0], 13); + cc = FF2(cc, dd, aa, bb, X[ 4], 7); + bb = FF2(bb, cc, dd, aa, X[13], 5); + + // + // Parallel round 4 + // + aa = FF1(aa, bb, cc, dd, X[ 8], 15); + dd = FF1(dd, aa, bb, cc, X[ 6], 5); + cc = FF1(cc, dd, aa, bb, X[ 4], 8); + bb = FF1(bb, cc, dd, aa, X[ 1], 11); + aa = FF1(aa, bb, cc, dd, X[ 3], 14); + dd = FF1(dd, aa, bb, cc, X[11], 14); + cc = FF1(cc, dd, aa, bb, X[15], 6); + bb = FF1(bb, cc, dd, aa, X[ 0], 14); + aa = FF1(aa, bb, cc, dd, X[ 5], 6); + dd = FF1(dd, aa, bb, cc, X[12], 9); + cc = FF1(cc, dd, aa, bb, X[ 2], 12); + bb = FF1(bb, cc, dd, aa, X[13], 9); + aa = FF1(aa, bb, cc, dd, X[ 9], 12); + dd = FF1(dd, aa, bb, cc, X[ 7], 5); + cc = FF1(cc, dd, aa, bb, X[10], 15); + bb = FF1(bb, cc, dd, aa, X[14], 8); + + dd += c + H1; // final result for H0 + + // + // combine the results + // + H1 = H2 + d + aa; + H2 = H3 + a + bb; + H3 = H0 + b + cc; + H0 = dd; + + // + // reset the offset and clean out the word buffer. + // + xOff = 0; + for (int i = 0; i != X.Length; i++) + { + X[i] = 0; + } + } + + public override IMemoable Copy() + { + return new RipeMD128Digest(this); + } + + public override void Reset(IMemoable other) + { + RipeMD128Digest d = (RipeMD128Digest)other; + + CopyIn(d); + } + + } + +} diff --git a/BouncyCastle/crypto/src/crypto/digests/RipeMD160Digest.cs b/BouncyCastle/crypto/src/crypto/digests/RipeMD160Digest.cs new file mode 100644 index 0000000..af4aa44 --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/digests/RipeMD160Digest.cs @@ -0,0 +1,445 @@ +using System; + +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Crypto.Digests +{ + /** + * implementation of RipeMD see, + * http://www.esat.kuleuven.ac.be/~bosselae/ripemd160.html + */ + public class RipeMD160Digest + : GeneralDigest + { + private const int DigestLength = 20; + + private int H0, H1, H2, H3, H4; // IV's + + private int[] X = new int[16]; + private int xOff; + + /** + * Standard constructor + */ + public RipeMD160Digest() + { + Reset(); + } + + /** + * Copy constructor. This will copy the state of the provided + * message digest. + */ + public RipeMD160Digest(RipeMD160Digest t) : base(t) + { + CopyIn(t); + } + + private void CopyIn(RipeMD160Digest t) + { + base.CopyIn(t); + + H0 = t.H0; + H1 = t.H1; + H2 = t.H2; + H3 = t.H3; + H4 = t.H4; + + Array.Copy(t.X, 0, X, 0, t.X.Length); + xOff = t.xOff; + } + + public override string AlgorithmName + { + get { return "RIPEMD160"; } + } + + public override int GetDigestSize() + { + return DigestLength; + } + + internal override void ProcessWord( + byte[] input, + int inOff) + { + X[xOff++] = (input[inOff] & 0xff) | ((input[inOff + 1] & 0xff) << 8) + | ((input[inOff + 2] & 0xff) << 16) | ((input[inOff + 3] & 0xff) << 24); + + if (xOff == 16) + { + ProcessBlock(); + } + } + + internal override void ProcessLength( + long bitLength) + { + if (xOff > 14) + { + ProcessBlock(); + } + + X[14] = (int)(bitLength & 0xffffffff); + X[15] = (int)((ulong) bitLength >> 32); + } + + private void UnpackWord( + int word, + byte[] outBytes, + int outOff) + { + outBytes[outOff] = (byte)word; + outBytes[outOff + 1] = (byte)((uint) word >> 8); + outBytes[outOff + 2] = (byte)((uint) word >> 16); + outBytes[outOff + 3] = (byte)((uint) word >> 24); + } + + public override int DoFinal( + byte[] output, + int outOff) + { + Finish(); + + UnpackWord(H0, output, outOff); + UnpackWord(H1, output, outOff + 4); + UnpackWord(H2, output, outOff + 8); + UnpackWord(H3, output, outOff + 12); + UnpackWord(H4, output, outOff + 16); + + Reset(); + + return DigestLength; + } + + /** + * reset the chaining variables to the IV values. + */ + public override void Reset() + { + base.Reset(); + + H0 = unchecked((int) 0x67452301); + H1 = unchecked((int) 0xefcdab89); + H2 = unchecked((int) 0x98badcfe); + H3 = unchecked((int) 0x10325476); + H4 = unchecked((int) 0xc3d2e1f0); + + xOff = 0; + + for (int i = 0; i != X.Length; i++) + { + X[i] = 0; + } + } + + /* + * rotate int x left n bits. + */ + private int RL( + int x, + int n) + { + return (x << n) | (int) ((uint) x >> (32 - n)); + } + + /* + * f1,f2,f3,f4,f5 are the basic RipeMD160 functions. + */ + + /* + * rounds 0-15 + */ + private int F1( + int x, + int y, + int z) + { + return x ^ y ^ z; + } + + /* + * rounds 16-31 + */ + private int F2( + int x, + int y, + int z) + { + return (x & y) | (~x & z); + } + + /* + * rounds 32-47 + */ + private int F3( + int x, + int y, + int z) + { + return (x | ~y) ^ z; + } + + /* + * rounds 48-63 + */ + private int F4( + int x, + int y, + int z) + { + return (x & z) | (y & ~z); + } + + /* + * rounds 64-79 + */ + private int F5( + int x, + int y, + int z) + { + return x ^ (y | ~z); + } + + internal override void ProcessBlock() + { + int a, aa; + int b, bb; + int c, cc; + int d, dd; + int e, ee; + + a = aa = H0; + b = bb = H1; + c = cc = H2; + d = dd = H3; + e = ee = H4; + + // + // Rounds 1 - 16 + // + // left + a = RL(a + F1(b,c,d) + X[ 0], 11) + e; c = RL(c, 10); + e = RL(e + F1(a,b,c) + X[ 1], 14) + d; b = RL(b, 10); + d = RL(d + F1(e,a,b) + X[ 2], 15) + c; a = RL(a, 10); + c = RL(c + F1(d,e,a) + X[ 3], 12) + b; e = RL(e, 10); + b = RL(b + F1(c,d,e) + X[ 4], 5) + a; d = RL(d, 10); + a = RL(a + F1(b,c,d) + X[ 5], 8) + e; c = RL(c, 10); + e = RL(e + F1(a,b,c) + X[ 6], 7) + d; b = RL(b, 10); + d = RL(d + F1(e,a,b) + X[ 7], 9) + c; a = RL(a, 10); + c = RL(c + F1(d,e,a) + X[ 8], 11) + b; e = RL(e, 10); + b = RL(b + F1(c,d,e) + X[ 9], 13) + a; d = RL(d, 10); + a = RL(a + F1(b,c,d) + X[10], 14) + e; c = RL(c, 10); + e = RL(e + F1(a,b,c) + X[11], 15) + d; b = RL(b, 10); + d = RL(d + F1(e,a,b) + X[12], 6) + c; a = RL(a, 10); + c = RL(c + F1(d,e,a) + X[13], 7) + b; e = RL(e, 10); + b = RL(b + F1(c,d,e) + X[14], 9) + a; d = RL(d, 10); + a = RL(a + F1(b,c,d) + X[15], 8) + e; c = RL(c, 10); + + // right + aa = RL(aa + F5(bb,cc,dd) + X[ 5] + unchecked((int) 0x50a28be6), 8) + ee; cc = RL(cc, 10); + ee = RL(ee + F5(aa,bb,cc) + X[14] + unchecked((int) 0x50a28be6), 9) + dd; bb = RL(bb, 10); + dd = RL(dd + F5(ee,aa,bb) + X[ 7] + unchecked((int) 0x50a28be6), 9) + cc; aa = RL(aa, 10); + cc = RL(cc + F5(dd,ee,aa) + X[ 0] + unchecked((int) 0x50a28be6), 11) + bb; ee = RL(ee, 10); + bb = RL(bb + F5(cc,dd,ee) + X[ 9] + unchecked((int) 0x50a28be6), 13) + aa; dd = RL(dd, 10); + aa = RL(aa + F5(bb,cc,dd) + X[ 2] + unchecked((int) 0x50a28be6), 15) + ee; cc = RL(cc, 10); + ee = RL(ee + F5(aa,bb,cc) + X[11] + unchecked((int) 0x50a28be6), 15) + dd; bb = RL(bb, 10); + dd = RL(dd + F5(ee,aa,bb) + X[ 4] + unchecked((int) 0x50a28be6), 5) + cc; aa = RL(aa, 10); + cc = RL(cc + F5(dd,ee,aa) + X[13] + unchecked((int) 0x50a28be6), 7) + bb; ee = RL(ee, 10); + bb = RL(bb + F5(cc,dd,ee) + X[ 6] + unchecked((int) 0x50a28be6), 7) + aa; dd = RL(dd, 10); + aa = RL(aa + F5(bb,cc,dd) + X[15] + unchecked((int) 0x50a28be6), 8) + ee; cc = RL(cc, 10); + ee = RL(ee + F5(aa,bb,cc) + X[ 8] + unchecked((int) 0x50a28be6), 11) + dd; bb = RL(bb, 10); + dd = RL(dd + F5(ee,aa,bb) + X[ 1] + unchecked((int) 0x50a28be6), 14) + cc; aa = RL(aa, 10); + cc = RL(cc + F5(dd,ee,aa) + X[10] + unchecked((int) 0x50a28be6), 14) + bb; ee = RL(ee, 10); + bb = RL(bb + F5(cc,dd,ee) + X[ 3] + unchecked((int) 0x50a28be6), 12) + aa; dd = RL(dd, 10); + aa = RL(aa + F5(bb,cc,dd) + X[12] + unchecked((int) 0x50a28be6), 6) + ee; cc = RL(cc, 10); + + // + // Rounds 16-31 + // + // left + e = RL(e + F2(a,b,c) + X[ 7] + unchecked((int) 0x5a827999), 7) + d; b = RL(b, 10); + d = RL(d + F2(e,a,b) + X[ 4] + unchecked((int) 0x5a827999), 6) + c; a = RL(a, 10); + c = RL(c + F2(d,e,a) + X[13] + unchecked((int) 0x5a827999), 8) + b; e = RL(e, 10); + b = RL(b + F2(c,d,e) + X[ 1] + unchecked((int) 0x5a827999), 13) + a; d = RL(d, 10); + a = RL(a + F2(b,c,d) + X[10] + unchecked((int) 0x5a827999), 11) + e; c = RL(c, 10); + e = RL(e + F2(a,b,c) + X[ 6] + unchecked((int) 0x5a827999), 9) + d; b = RL(b, 10); + d = RL(d + F2(e,a,b) + X[15] + unchecked((int) 0x5a827999), 7) + c; a = RL(a, 10); + c = RL(c + F2(d,e,a) + X[ 3] + unchecked((int) 0x5a827999), 15) + b; e = RL(e, 10); + b = RL(b + F2(c,d,e) + X[12] + unchecked((int) 0x5a827999), 7) + a; d = RL(d, 10); + a = RL(a + F2(b,c,d) + X[ 0] + unchecked((int) 0x5a827999), 12) + e; c = RL(c, 10); + e = RL(e + F2(a,b,c) + X[ 9] + unchecked((int) 0x5a827999), 15) + d; b = RL(b, 10); + d = RL(d + F2(e,a,b) + X[ 5] + unchecked((int) 0x5a827999), 9) + c; a = RL(a, 10); + c = RL(c + F2(d,e,a) + X[ 2] + unchecked((int) 0x5a827999), 11) + b; e = RL(e, 10); + b = RL(b + F2(c,d,e) + X[14] + unchecked((int) 0x5a827999), 7) + a; d = RL(d, 10); + a = RL(a + F2(b,c,d) + X[11] + unchecked((int) 0x5a827999), 13) + e; c = RL(c, 10); + e = RL(e + F2(a,b,c) + X[ 8] + unchecked((int) 0x5a827999), 12) + d; b = RL(b, 10); + + // right + ee = RL(ee + F4(aa,bb,cc) + X[ 6] + unchecked((int) 0x5c4dd124), 9) + dd; bb = RL(bb, 10); + dd = RL(dd + F4(ee,aa,bb) + X[11] + unchecked((int) 0x5c4dd124), 13) + cc; aa = RL(aa, 10); + cc = RL(cc + F4(dd,ee,aa) + X[ 3] + unchecked((int) 0x5c4dd124), 15) + bb; ee = RL(ee, 10); + bb = RL(bb + F4(cc,dd,ee) + X[ 7] + unchecked((int) 0x5c4dd124), 7) + aa; dd = RL(dd, 10); + aa = RL(aa + F4(bb,cc,dd) + X[ 0] + unchecked((int) 0x5c4dd124), 12) + ee; cc = RL(cc, 10); + ee = RL(ee + F4(aa,bb,cc) + X[13] + unchecked((int) 0x5c4dd124), 8) + dd; bb = RL(bb, 10); + dd = RL(dd + F4(ee,aa,bb) + X[ 5] + unchecked((int) 0x5c4dd124), 9) + cc; aa = RL(aa, 10); + cc = RL(cc + F4(dd,ee,aa) + X[10] + unchecked((int) 0x5c4dd124), 11) + bb; ee = RL(ee, 10); + bb = RL(bb + F4(cc,dd,ee) + X[14] + unchecked((int) 0x5c4dd124), 7) + aa; dd = RL(dd, 10); + aa = RL(aa + F4(bb,cc,dd) + X[15] + unchecked((int) 0x5c4dd124), 7) + ee; cc = RL(cc, 10); + ee = RL(ee + F4(aa,bb,cc) + X[ 8] + unchecked((int) 0x5c4dd124), 12) + dd; bb = RL(bb, 10); + dd = RL(dd + F4(ee,aa,bb) + X[12] + unchecked((int) 0x5c4dd124), 7) + cc; aa = RL(aa, 10); + cc = RL(cc + F4(dd,ee,aa) + X[ 4] + unchecked((int) 0x5c4dd124), 6) + bb; ee = RL(ee, 10); + bb = RL(bb + F4(cc,dd,ee) + X[ 9] + unchecked((int) 0x5c4dd124), 15) + aa; dd = RL(dd, 10); + aa = RL(aa + F4(bb,cc,dd) + X[ 1] + unchecked((int) 0x5c4dd124), 13) + ee; cc = RL(cc, 10); + ee = RL(ee + F4(aa,bb,cc) + X[ 2] + unchecked((int) 0x5c4dd124), 11) + dd; bb = RL(bb, 10); + + // + // Rounds 32-47 + // + // left + d = RL(d + F3(e,a,b) + X[ 3] + unchecked((int) 0x6ed9eba1), 11) + c; a = RL(a, 10); + c = RL(c + F3(d,e,a) + X[10] + unchecked((int) 0x6ed9eba1), 13) + b; e = RL(e, 10); + b = RL(b + F3(c,d,e) + X[14] + unchecked((int) 0x6ed9eba1), 6) + a; d = RL(d, 10); + a = RL(a + F3(b,c,d) + X[ 4] + unchecked((int) 0x6ed9eba1), 7) + e; c = RL(c, 10); + e = RL(e + F3(a,b,c) + X[ 9] + unchecked((int) 0x6ed9eba1), 14) + d; b = RL(b, 10); + d = RL(d + F3(e,a,b) + X[15] + unchecked((int) 0x6ed9eba1), 9) + c; a = RL(a, 10); + c = RL(c + F3(d,e,a) + X[ 8] + unchecked((int) 0x6ed9eba1), 13) + b; e = RL(e, 10); + b = RL(b + F3(c,d,e) + X[ 1] + unchecked((int) 0x6ed9eba1), 15) + a; d = RL(d, 10); + a = RL(a + F3(b,c,d) + X[ 2] + unchecked((int) 0x6ed9eba1), 14) + e; c = RL(c, 10); + e = RL(e + F3(a,b,c) + X[ 7] + unchecked((int) 0x6ed9eba1), 8) + d; b = RL(b, 10); + d = RL(d + F3(e,a,b) + X[ 0] + unchecked((int) 0x6ed9eba1), 13) + c; a = RL(a, 10); + c = RL(c + F3(d,e,a) + X[ 6] + unchecked((int) 0x6ed9eba1), 6) + b; e = RL(e, 10); + b = RL(b + F3(c,d,e) + X[13] + unchecked((int) 0x6ed9eba1), 5) + a; d = RL(d, 10); + a = RL(a + F3(b,c,d) + X[11] + unchecked((int) 0x6ed9eba1), 12) + e; c = RL(c, 10); + e = RL(e + F3(a,b,c) + X[ 5] + unchecked((int) 0x6ed9eba1), 7) + d; b = RL(b, 10); + d = RL(d + F3(e,a,b) + X[12] + unchecked((int) 0x6ed9eba1), 5) + c; a = RL(a, 10); + + // right + dd = RL(dd + F3(ee,aa,bb) + X[15] + unchecked((int) 0x6d703ef3), 9) + cc; aa = RL(aa, 10); + cc = RL(cc + F3(dd,ee,aa) + X[ 5] + unchecked((int) 0x6d703ef3), 7) + bb; ee = RL(ee, 10); + bb = RL(bb + F3(cc,dd,ee) + X[ 1] + unchecked((int) 0x6d703ef3), 15) + aa; dd = RL(dd, 10); + aa = RL(aa + F3(bb,cc,dd) + X[ 3] + unchecked((int) 0x6d703ef3), 11) + ee; cc = RL(cc, 10); + ee = RL(ee + F3(aa,bb,cc) + X[ 7] + unchecked((int) 0x6d703ef3), 8) + dd; bb = RL(bb, 10); + dd = RL(dd + F3(ee,aa,bb) + X[14] + unchecked((int) 0x6d703ef3), 6) + cc; aa = RL(aa, 10); + cc = RL(cc + F3(dd,ee,aa) + X[ 6] + unchecked((int) 0x6d703ef3), 6) + bb; ee = RL(ee, 10); + bb = RL(bb + F3(cc,dd,ee) + X[ 9] + unchecked((int) 0x6d703ef3), 14) + aa; dd = RL(dd, 10); + aa = RL(aa + F3(bb,cc,dd) + X[11] + unchecked((int) 0x6d703ef3), 12) + ee; cc = RL(cc, 10); + ee = RL(ee + F3(aa,bb,cc) + X[ 8] + unchecked((int) 0x6d703ef3), 13) + dd; bb = RL(bb, 10); + dd = RL(dd + F3(ee,aa,bb) + X[12] + unchecked((int) 0x6d703ef3), 5) + cc; aa = RL(aa, 10); + cc = RL(cc + F3(dd,ee,aa) + X[ 2] + unchecked((int) 0x6d703ef3), 14) + bb; ee = RL(ee, 10); + bb = RL(bb + F3(cc,dd,ee) + X[10] + unchecked((int) 0x6d703ef3), 13) + aa; dd = RL(dd, 10); + aa = RL(aa + F3(bb,cc,dd) + X[ 0] + unchecked((int) 0x6d703ef3), 13) + ee; cc = RL(cc, 10); + ee = RL(ee + F3(aa,bb,cc) + X[ 4] + unchecked((int) 0x6d703ef3), 7) + dd; bb = RL(bb, 10); + dd = RL(dd + F3(ee,aa,bb) + X[13] + unchecked((int) 0x6d703ef3), 5) + cc; aa = RL(aa, 10); + + // + // Rounds 48-63 + // + // left + c = RL(c + F4(d,e,a) + X[ 1] + unchecked((int) 0x8f1bbcdc), 11) + b; e = RL(e, 10); + b = RL(b + F4(c,d,e) + X[ 9] + unchecked((int) 0x8f1bbcdc), 12) + a; d = RL(d, 10); + a = RL(a + F4(b,c,d) + X[11] + unchecked((int) 0x8f1bbcdc), 14) + e; c = RL(c, 10); + e = RL(e + F4(a,b,c) + X[10] + unchecked((int) 0x8f1bbcdc), 15) + d; b = RL(b, 10); + d = RL(d + F4(e,a,b) + X[ 0] + unchecked((int) 0x8f1bbcdc), 14) + c; a = RL(a, 10); + c = RL(c + F4(d,e,a) + X[ 8] + unchecked((int) 0x8f1bbcdc), 15) + b; e = RL(e, 10); + b = RL(b + F4(c,d,e) + X[12] + unchecked((int) 0x8f1bbcdc), 9) + a; d = RL(d, 10); + a = RL(a + F4(b,c,d) + X[ 4] + unchecked((int) 0x8f1bbcdc), 8) + e; c = RL(c, 10); + e = RL(e + F4(a,b,c) + X[13] + unchecked((int) 0x8f1bbcdc), 9) + d; b = RL(b, 10); + d = RL(d + F4(e,a,b) + X[ 3] + unchecked((int) 0x8f1bbcdc), 14) + c; a = RL(a, 10); + c = RL(c + F4(d,e,a) + X[ 7] + unchecked((int) 0x8f1bbcdc), 5) + b; e = RL(e, 10); + b = RL(b + F4(c,d,e) + X[15] + unchecked((int) 0x8f1bbcdc), 6) + a; d = RL(d, 10); + a = RL(a + F4(b,c,d) + X[14] + unchecked((int) 0x8f1bbcdc), 8) + e; c = RL(c, 10); + e = RL(e + F4(a,b,c) + X[ 5] + unchecked((int) 0x8f1bbcdc), 6) + d; b = RL(b, 10); + d = RL(d + F4(e,a,b) + X[ 6] + unchecked((int) 0x8f1bbcdc), 5) + c; a = RL(a, 10); + c = RL(c + F4(d,e,a) + X[ 2] + unchecked((int) 0x8f1bbcdc), 12) + b; e = RL(e, 10); + + // right + cc = RL(cc + F2(dd,ee,aa) + X[ 8] + unchecked((int) 0x7a6d76e9), 15) + bb; ee = RL(ee, 10); + bb = RL(bb + F2(cc,dd,ee) + X[ 6] + unchecked((int) 0x7a6d76e9), 5) + aa; dd = RL(dd, 10); + aa = RL(aa + F2(bb,cc,dd) + X[ 4] + unchecked((int) 0x7a6d76e9), 8) + ee; cc = RL(cc, 10); + ee = RL(ee + F2(aa,bb,cc) + X[ 1] + unchecked((int) 0x7a6d76e9), 11) + dd; bb = RL(bb, 10); + dd = RL(dd + F2(ee,aa,bb) + X[ 3] + unchecked((int) 0x7a6d76e9), 14) + cc; aa = RL(aa, 10); + cc = RL(cc + F2(dd,ee,aa) + X[11] + unchecked((int) 0x7a6d76e9), 14) + bb; ee = RL(ee, 10); + bb = RL(bb + F2(cc,dd,ee) + X[15] + unchecked((int) 0x7a6d76e9), 6) + aa; dd = RL(dd, 10); + aa = RL(aa + F2(bb,cc,dd) + X[ 0] + unchecked((int) 0x7a6d76e9), 14) + ee; cc = RL(cc, 10); + ee = RL(ee + F2(aa,bb,cc) + X[ 5] + unchecked((int) 0x7a6d76e9), 6) + dd; bb = RL(bb, 10); + dd = RL(dd + F2(ee,aa,bb) + X[12] + unchecked((int) 0x7a6d76e9), 9) + cc; aa = RL(aa, 10); + cc = RL(cc + F2(dd,ee,aa) + X[ 2] + unchecked((int) 0x7a6d76e9), 12) + bb; ee = RL(ee, 10); + bb = RL(bb + F2(cc,dd,ee) + X[13] + unchecked((int) 0x7a6d76e9), 9) + aa; dd = RL(dd, 10); + aa = RL(aa + F2(bb,cc,dd) + X[ 9] + unchecked((int) 0x7a6d76e9), 12) + ee; cc = RL(cc, 10); + ee = RL(ee + F2(aa,bb,cc) + X[ 7] + unchecked((int) 0x7a6d76e9), 5) + dd; bb = RL(bb, 10); + dd = RL(dd + F2(ee,aa,bb) + X[10] + unchecked((int) 0x7a6d76e9), 15) + cc; aa = RL(aa, 10); + cc = RL(cc + F2(dd,ee,aa) + X[14] + unchecked((int) 0x7a6d76e9), 8) + bb; ee = RL(ee, 10); + + // + // Rounds 64-79 + // + // left + b = RL(b + F5(c,d,e) + X[ 4] + unchecked((int) 0xa953fd4e), 9) + a; d = RL(d, 10); + a = RL(a + F5(b,c,d) + X[ 0] + unchecked((int) 0xa953fd4e), 15) + e; c = RL(c, 10); + e = RL(e + F5(a,b,c) + X[ 5] + unchecked((int) 0xa953fd4e), 5) + d; b = RL(b, 10); + d = RL(d + F5(e,a,b) + X[ 9] + unchecked((int) 0xa953fd4e), 11) + c; a = RL(a, 10); + c = RL(c + F5(d,e,a) + X[ 7] + unchecked((int) 0xa953fd4e), 6) + b; e = RL(e, 10); + b = RL(b + F5(c,d,e) + X[12] + unchecked((int) 0xa953fd4e), 8) + a; d = RL(d, 10); + a = RL(a + F5(b,c,d) + X[ 2] + unchecked((int) 0xa953fd4e), 13) + e; c = RL(c, 10); + e = RL(e + F5(a,b,c) + X[10] + unchecked((int) 0xa953fd4e), 12) + d; b = RL(b, 10); + d = RL(d + F5(e,a,b) + X[14] + unchecked((int) 0xa953fd4e), 5) + c; a = RL(a, 10); + c = RL(c + F5(d,e,a) + X[ 1] + unchecked((int) 0xa953fd4e), 12) + b; e = RL(e, 10); + b = RL(b + F5(c,d,e) + X[ 3] + unchecked((int) 0xa953fd4e), 13) + a; d = RL(d, 10); + a = RL(a + F5(b,c,d) + X[ 8] + unchecked((int) 0xa953fd4e), 14) + e; c = RL(c, 10); + e = RL(e + F5(a,b,c) + X[11] + unchecked((int) 0xa953fd4e), 11) + d; b = RL(b, 10); + d = RL(d + F5(e,a,b) + X[ 6] + unchecked((int) 0xa953fd4e), 8) + c; a = RL(a, 10); + c = RL(c + F5(d,e,a) + X[15] + unchecked((int) 0xa953fd4e), 5) + b; e = RL(e, 10); + b = RL(b + F5(c,d,e) + X[13] + unchecked((int) 0xa953fd4e), 6) + a; d = RL(d, 10); + + // right + bb = RL(bb + F1(cc,dd,ee) + X[12], 8) + aa; dd = RL(dd, 10); + aa = RL(aa + F1(bb,cc,dd) + X[15], 5) + ee; cc = RL(cc, 10); + ee = RL(ee + F1(aa,bb,cc) + X[10], 12) + dd; bb = RL(bb, 10); + dd = RL(dd + F1(ee,aa,bb) + X[ 4], 9) + cc; aa = RL(aa, 10); + cc = RL(cc + F1(dd,ee,aa) + X[ 1], 12) + bb; ee = RL(ee, 10); + bb = RL(bb + F1(cc,dd,ee) + X[ 5], 5) + aa; dd = RL(dd, 10); + aa = RL(aa + F1(bb,cc,dd) + X[ 8], 14) + ee; cc = RL(cc, 10); + ee = RL(ee + F1(aa,bb,cc) + X[ 7], 6) + dd; bb = RL(bb, 10); + dd = RL(dd + F1(ee,aa,bb) + X[ 6], 8) + cc; aa = RL(aa, 10); + cc = RL(cc + F1(dd,ee,aa) + X[ 2], 13) + bb; ee = RL(ee, 10); + bb = RL(bb + F1(cc,dd,ee) + X[13], 6) + aa; dd = RL(dd, 10); + aa = RL(aa + F1(bb,cc,dd) + X[14], 5) + ee; cc = RL(cc, 10); + ee = RL(ee + F1(aa,bb,cc) + X[ 0], 15) + dd; bb = RL(bb, 10); + dd = RL(dd + F1(ee,aa,bb) + X[ 3], 13) + cc; aa = RL(aa, 10); + cc = RL(cc + F1(dd,ee,aa) + X[ 9], 11) + bb; ee = RL(ee, 10); + bb = RL(bb + F1(cc,dd,ee) + X[11], 11) + aa; dd = RL(dd, 10); + + dd += c + H1; + H1 = H2 + d + ee; + H2 = H3 + e + aa; + H3 = H4 + a + bb; + H4 = H0 + b + cc; + H0 = dd; + + // + // reset the offset and clean out the word buffer. + // + xOff = 0; + for (int i = 0; i != X.Length; i++) + { + X[i] = 0; + } + } + + public override IMemoable Copy() + { + return new RipeMD160Digest(this); + } + + public override void Reset(IMemoable other) + { + RipeMD160Digest d = (RipeMD160Digest)other; + + CopyIn(d); + } + + } + +} diff --git a/BouncyCastle/crypto/src/crypto/digests/RipeMD256Digest.cs b/BouncyCastle/crypto/src/crypto/digests/RipeMD256Digest.cs new file mode 100644 index 0000000..3062757 --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/digests/RipeMD256Digest.cs @@ -0,0 +1,430 @@ +using System; + +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Crypto.Digests +{ + /// + ///

Implementation of RipeMD256.

+ ///

Note: this algorithm offers the same level of security as RipeMD128.

+ /// + public class RipeMD256Digest + : GeneralDigest + { + public override string AlgorithmName + { + get { return "RIPEMD256"; } + } + + public override int GetDigestSize() + { + return DigestLength; + } + + private const int DigestLength = 32; + + private int H0, H1, H2, H3, H4, H5, H6, H7; // IV's + + private int[] X = new int[16]; + private int xOff; + + /// Standard constructor + public RipeMD256Digest() + { + Reset(); + } + + /// Copy constructor. This will copy the state of the provided + /// message digest. + /// + public RipeMD256Digest(RipeMD256Digest t):base(t) + { + CopyIn(t); + } + + private void CopyIn(RipeMD256Digest t) + { + base.CopyIn(t); + + H0 = t.H0; + H1 = t.H1; + H2 = t.H2; + H3 = t.H3; + H4 = t.H4; + H5 = t.H5; + H6 = t.H6; + H7 = t.H7; + + Array.Copy(t.X, 0, X, 0, t.X.Length); + xOff = t.xOff; + } + + internal override void ProcessWord( + byte[] input, + int inOff) + { + X[xOff++] = (input[inOff] & 0xff) | ((input[inOff + 1] & 0xff) << 8) + | ((input[inOff + 2] & 0xff) << 16) | ((input[inOff + 3] & 0xff) << 24); + + if (xOff == 16) + { + ProcessBlock(); + } + } + + internal override void ProcessLength( + long bitLength) + { + if (xOff > 14) + { + ProcessBlock(); + } + + X[14] = (int)(bitLength & 0xffffffff); + X[15] = (int)((ulong)bitLength >> 32); + } + + private void UnpackWord( + int word, + byte[] outBytes, + int outOff) + { + outBytes[outOff] = (byte)(uint)word; + outBytes[outOff + 1] = (byte)((uint)word >> 8); + outBytes[outOff + 2] = (byte)((uint)word >> 16); + outBytes[outOff + 3] = (byte)((uint)word >> 24); + } + + public override int DoFinal(byte[] output, int outOff) + { + Finish(); + + UnpackWord(H0, output, outOff); + UnpackWord(H1, output, outOff + 4); + UnpackWord(H2, output, outOff + 8); + UnpackWord(H3, output, outOff + 12); + UnpackWord(H4, output, outOff + 16); + UnpackWord(H5, output, outOff + 20); + UnpackWord(H6, output, outOff + 24); + UnpackWord(H7, output, outOff + 28); + + Reset(); + + return DigestLength; + } + + /// reset the chaining variables to the IV values. + public override void Reset() + { + base.Reset(); + + H0 = unchecked((int)0x67452301); + H1 = unchecked((int)0xefcdab89); + H2 = unchecked((int)0x98badcfe); + H3 = unchecked((int)0x10325476); + H4 = unchecked((int)0x76543210); + H5 = unchecked((int)0xFEDCBA98); + H6 = unchecked((int)0x89ABCDEF); + H7 = unchecked((int)0x01234567); + + xOff = 0; + + for (int i = 0; i != X.Length; i++) + { + X[i] = 0; + } + } + + /* + * rotate int x left n bits. + */ + private int RL( + int x, + int n) + { + return (x << n) | (int)((uint)x >> (32 - n)); + } + + /* + * f1,f2,f3,f4 are the basic RipeMD128 functions. + */ + + /* + * F + */ + private int F1(int x, int y, int z) + { + return x ^ y ^ z; + } + + /* + * G + */ + private int F2(int x, int y, int z) + { + return (x & y) | (~ x & z); + } + + /* + * H + */ + private int F3(int x, int y, int z) + { + return (x | ~ y) ^ z; + } + + /* + * I + */ + private int F4(int x, int y, int z) + { + return (x & z) | (y & ~ z); + } + + private int F1(int a, int b, int c, int d, int x, int s) + { + return RL(a + F1(b, c, d) + x, s); + } + + private int F2(int a, int b, int c, int d, int x, int s) + { + return RL(a + F2(b, c, d) + x + unchecked((int)0x5a827999), s); + } + + private int F3(int a, int b, int c, int d, int x, int s) + { + return RL(a + F3(b, c, d) + x + unchecked((int)0x6ed9eba1), s); + } + + private int F4(int a, int b, int c, int d, int x, int s) + { + return RL(a + F4(b, c, d) + x + unchecked((int)0x8f1bbcdc), s); + } + + private int FF1(int a, int b, int c, int d, int x, int s) + { + return RL(a + F1(b, c, d) + x, s); + } + + private int FF2(int a, int b, int c, int d, int x, int s) + { + return RL(a + F2(b, c, d) + x + unchecked((int)0x6d703ef3), s); + } + + private int FF3(int a, int b, int c, int d, int x, int s) + { + return RL(a + F3(b, c, d) + x + unchecked((int)0x5c4dd124), s); + } + + private int FF4(int a, int b, int c, int d, int x, int s) + { + return RL(a + F4(b, c, d) + x + unchecked((int)0x50a28be6), s); + } + + internal override void ProcessBlock() + { + int a, aa; + int b, bb; + int c, cc; + int d, dd; + int t; + + a = H0; + b = H1; + c = H2; + d = H3; + aa = H4; + bb = H5; + cc = H6; + dd = H7; + + // + // Round 1 + // + + a = F1(a, b, c, d, X[0], 11); + d = F1(d, a, b, c, X[1], 14); + c = F1(c, d, a, b, X[2], 15); + b = F1(b, c, d, a, X[3], 12); + a = F1(a, b, c, d, X[4], 5); + d = F1(d, a, b, c, X[5], 8); + c = F1(c, d, a, b, X[6], 7); + b = F1(b, c, d, a, X[7], 9); + a = F1(a, b, c, d, X[8], 11); + d = F1(d, a, b, c, X[9], 13); + c = F1(c, d, a, b, X[10], 14); + b = F1(b, c, d, a, X[11], 15); + a = F1(a, b, c, d, X[12], 6); + d = F1(d, a, b, c, X[13], 7); + c = F1(c, d, a, b, X[14], 9); + b = F1(b, c, d, a, X[15], 8); + + aa = FF4(aa, bb, cc, dd, X[5], 8); + dd = FF4(dd, aa, bb, cc, X[14], 9); + cc = FF4(cc, dd, aa, bb, X[7], 9); + bb = FF4(bb, cc, dd, aa, X[0], 11); + aa = FF4(aa, bb, cc, dd, X[9], 13); + dd = FF4(dd, aa, bb, cc, X[2], 15); + cc = FF4(cc, dd, aa, bb, X[11], 15); + bb = FF4(bb, cc, dd, aa, X[4], 5); + aa = FF4(aa, bb, cc, dd, X[13], 7); + dd = FF4(dd, aa, bb, cc, X[6], 7); + cc = FF4(cc, dd, aa, bb, X[15], 8); + bb = FF4(bb, cc, dd, aa, X[8], 11); + aa = FF4(aa, bb, cc, dd, X[1], 14); + dd = FF4(dd, aa, bb, cc, X[10], 14); + cc = FF4(cc, dd, aa, bb, X[3], 12); + bb = FF4(bb, cc, dd, aa, X[12], 6); + + t = a; a = aa; aa = t; + + // + // Round 2 + // + a = F2(a, b, c, d, X[7], 7); + d = F2(d, a, b, c, X[4], 6); + c = F2(c, d, a, b, X[13], 8); + b = F2(b, c, d, a, X[1], 13); + a = F2(a, b, c, d, X[10], 11); + d = F2(d, a, b, c, X[6], 9); + c = F2(c, d, a, b, X[15], 7); + b = F2(b, c, d, a, X[3], 15); + a = F2(a, b, c, d, X[12], 7); + d = F2(d, a, b, c, X[0], 12); + c = F2(c, d, a, b, X[9], 15); + b = F2(b, c, d, a, X[5], 9); + a = F2(a, b, c, d, X[2], 11); + d = F2(d, a, b, c, X[14], 7); + c = F2(c, d, a, b, X[11], 13); + b = F2(b, c, d, a, X[8], 12); + + aa = FF3(aa, bb, cc, dd, X[6], 9); + dd = FF3(dd, aa, bb, cc, X[11], 13); + cc = FF3(cc, dd, aa, bb, X[3], 15); + bb = FF3(bb, cc, dd, aa, X[7], 7); + aa = FF3(aa, bb, cc, dd, X[0], 12); + dd = FF3(dd, aa, bb, cc, X[13], 8); + cc = FF3(cc, dd, aa, bb, X[5], 9); + bb = FF3(bb, cc, dd, aa, X[10], 11); + aa = FF3(aa, bb, cc, dd, X[14], 7); + dd = FF3(dd, aa, bb, cc, X[15], 7); + cc = FF3(cc, dd, aa, bb, X[8], 12); + bb = FF3(bb, cc, dd, aa, X[12], 7); + aa = FF3(aa, bb, cc, dd, X[4], 6); + dd = FF3(dd, aa, bb, cc, X[9], 15); + cc = FF3(cc, dd, aa, bb, X[1], 13); + bb = FF3(bb, cc, dd, aa, X[2], 11); + + t = b; b = bb; bb = t; + + // + // Round 3 + // + a = F3(a, b, c, d, X[3], 11); + d = F3(d, a, b, c, X[10], 13); + c = F3(c, d, a, b, X[14], 6); + b = F3(b, c, d, a, X[4], 7); + a = F3(a, b, c, d, X[9], 14); + d = F3(d, a, b, c, X[15], 9); + c = F3(c, d, a, b, X[8], 13); + b = F3(b, c, d, a, X[1], 15); + a = F3(a, b, c, d, X[2], 14); + d = F3(d, a, b, c, X[7], 8); + c = F3(c, d, a, b, X[0], 13); + b = F3(b, c, d, a, X[6], 6); + a = F3(a, b, c, d, X[13], 5); + d = F3(d, a, b, c, X[11], 12); + c = F3(c, d, a, b, X[5], 7); + b = F3(b, c, d, a, X[12], 5); + + aa = FF2(aa, bb, cc, dd, X[15], 9); + dd = FF2(dd, aa, bb, cc, X[5], 7); + cc = FF2(cc, dd, aa, bb, X[1], 15); + bb = FF2(bb, cc, dd, aa, X[3], 11); + aa = FF2(aa, bb, cc, dd, X[7], 8); + dd = FF2(dd, aa, bb, cc, X[14], 6); + cc = FF2(cc, dd, aa, bb, X[6], 6); + bb = FF2(bb, cc, dd, aa, X[9], 14); + aa = FF2(aa, bb, cc, dd, X[11], 12); + dd = FF2(dd, aa, bb, cc, X[8], 13); + cc = FF2(cc, dd, aa, bb, X[12], 5); + bb = FF2(bb, cc, dd, aa, X[2], 14); + aa = FF2(aa, bb, cc, dd, X[10], 13); + dd = FF2(dd, aa, bb, cc, X[0], 13); + cc = FF2(cc, dd, aa, bb, X[4], 7); + bb = FF2(bb, cc, dd, aa, X[13], 5); + + t = c; c = cc; cc = t; + + // + // Round 4 + // + a = F4(a, b, c, d, X[1], 11); + d = F4(d, a, b, c, X[9], 12); + c = F4(c, d, a, b, X[11], 14); + b = F4(b, c, d, a, X[10], 15); + a = F4(a, b, c, d, X[0], 14); + d = F4(d, a, b, c, X[8], 15); + c = F4(c, d, a, b, X[12], 9); + b = F4(b, c, d, a, X[4], 8); + a = F4(a, b, c, d, X[13], 9); + d = F4(d, a, b, c, X[3], 14); + c = F4(c, d, a, b, X[7], 5); + b = F4(b, c, d, a, X[15], 6); + a = F4(a, b, c, d, X[14], 8); + d = F4(d, a, b, c, X[5], 6); + c = F4(c, d, a, b, X[6], 5); + b = F4(b, c, d, a, X[2], 12); + + aa = FF1(aa, bb, cc, dd, X[8], 15); + dd = FF1(dd, aa, bb, cc, X[6], 5); + cc = FF1(cc, dd, aa, bb, X[4], 8); + bb = FF1(bb, cc, dd, aa, X[1], 11); + aa = FF1(aa, bb, cc, dd, X[3], 14); + dd = FF1(dd, aa, bb, cc, X[11], 14); + cc = FF1(cc, dd, aa, bb, X[15], 6); + bb = FF1(bb, cc, dd, aa, X[0], 14); + aa = FF1(aa, bb, cc, dd, X[5], 6); + dd = FF1(dd, aa, bb, cc, X[12], 9); + cc = FF1(cc, dd, aa, bb, X[2], 12); + bb = FF1(bb, cc, dd, aa, X[13], 9); + aa = FF1(aa, bb, cc, dd, X[9], 12); + dd = FF1(dd, aa, bb, cc, X[7], 5); + cc = FF1(cc, dd, aa, bb, X[10], 15); + bb = FF1(bb, cc, dd, aa, X[14], 8); + + t = d; d = dd; dd = t; + + H0 += a; + H1 += b; + H2 += c; + H3 += d; + H4 += aa; + H5 += bb; + H6 += cc; + H7 += dd; + + // + // reset the offset and clean out the word buffer. + // + xOff = 0; + for (int i = 0; i != X.Length; i++) + { + X[i] = 0; + } + } + + public override IMemoable Copy() + { + return new RipeMD256Digest(this); + } + + public override void Reset(IMemoable other) + { + RipeMD256Digest d = (RipeMD256Digest)other; + + CopyIn(d); + } + + } +} diff --git a/BouncyCastle/crypto/src/crypto/digests/RipeMD320Digest.cs b/BouncyCastle/crypto/src/crypto/digests/RipeMD320Digest.cs new file mode 100644 index 0000000..767d74d --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/digests/RipeMD320Digest.cs @@ -0,0 +1,459 @@ +using System; + +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Crypto.Digests +{ + /// + ///

Implementation of RipeMD 320.

+ ///

Note: this algorithm offers the same level of security as RipeMD160.

+ /// + public class RipeMD320Digest + : GeneralDigest + { + public override string AlgorithmName + { + get { return "RIPEMD320"; } + } + + public override int GetDigestSize() + { + return DigestLength; + } + + private const int DigestLength = 40; + + private int H0, H1, H2, H3, H4, H5, H6, H7, H8, H9; // IV's + + private int[] X = new int[16]; + private int xOff; + + /// Standard constructor + public RipeMD320Digest() + { + Reset(); + } + + /// Copy constructor. This will copy the state of the provided + /// message digest. + /// + public RipeMD320Digest(RipeMD320Digest t) + : base(t) + { + CopyIn(t); + } + + private void CopyIn(RipeMD320Digest t) + { + base.CopyIn(t); + + H0 = t.H0; + H1 = t.H1; + H2 = t.H2; + H3 = t.H3; + H4 = t.H4; + H5 = t.H5; + H6 = t.H6; + H7 = t.H7; + H8 = t.H8; + H9 = t.H9; + + Array.Copy(t.X, 0, X, 0, t.X.Length); + xOff = t.xOff; + } + + internal override void ProcessWord( + byte[] input, + int inOff) + { + X[xOff++] = (input[inOff] & 0xff) | ((input[inOff + 1] & 0xff) << 8) + | ((input[inOff + 2] & 0xff) << 16) | ((input[inOff + 3] & 0xff) << 24); + + if (xOff == 16) + { + ProcessBlock(); + } + } + + internal override void ProcessLength( + long bitLength) + { + if (xOff > 14) + { + ProcessBlock(); + } + + X[14] = (int)(bitLength & 0xffffffff); + X[15] = (int)((ulong)bitLength >> 32); + } + + private void UnpackWord( + int word, + byte[] outBytes, + int outOff) + { + outBytes[outOff] = (byte)word; + outBytes[outOff + 1] = (byte)((uint)word >> 8); + outBytes[outOff + 2] = (byte)((uint)word >> 16); + outBytes[outOff + 3] = (byte)((uint)word >> 24); + } + + public override int DoFinal(byte[] output, int outOff) + { + Finish(); + + UnpackWord(H0, output, outOff); + UnpackWord(H1, output, outOff + 4); + UnpackWord(H2, output, outOff + 8); + UnpackWord(H3, output, outOff + 12); + UnpackWord(H4, output, outOff + 16); + UnpackWord(H5, output, outOff + 20); + UnpackWord(H6, output, outOff + 24); + UnpackWord(H7, output, outOff + 28); + UnpackWord(H8, output, outOff + 32); + UnpackWord(H9, output, outOff + 36); + + Reset(); + + return DigestLength; + } + + /// reset the chaining variables to the IV values. + public override void Reset() + { + base.Reset(); + + H0 = unchecked((int) 0x67452301); + H1 = unchecked((int) 0xefcdab89); + H2 = unchecked((int) 0x98badcfe); + H3 = unchecked((int) 0x10325476); + H4 = unchecked((int) 0xc3d2e1f0); + H5 = unchecked((int) 0x76543210); + H6 = unchecked((int) 0xFEDCBA98); + H7 = unchecked((int) 0x89ABCDEF); + H8 = unchecked((int) 0x01234567); + H9 = unchecked((int) 0x3C2D1E0F); + + xOff = 0; + + for (int i = 0; i != X.Length; i++) + { + X[i] = 0; + } + } + + /* + * rotate int x left n bits. + */ + private int RL( + int x, + int n) + { + return (x << n) | (int)(((uint)x) >> (32 - n)); + } + + /* + * f1,f2,f3,f4,f5 are the basic RipeMD160 functions. + */ + + /* + * rounds 0-15 + */ + private int F1(int x, int y, int z) + { + return x ^ y ^ z; + } + + /* + * rounds 16-31 + */ + private int F2(int x, int y, int z) + { + return (x & y) | (~ x & z); + } + + /* + * rounds 32-47 + */ + private int F3(int x, int y, int z) + { + return (x | ~ y) ^ z; + } + + /* + * rounds 48-63 + */ + private int F4(int x, int y, int z) + { + return (x & z) | (y & ~ z); + } + + /* + * rounds 64-79 + */ + private int F5(int x, int y, int z) + { + return x ^ (y | ~z); + } + + internal override void ProcessBlock() + { + int a, aa; + int b, bb; + int c, cc; + int d, dd; + int e, ee; + int t; + + a = H0; + b = H1; + c = H2; + d = H3; + e = H4; + aa = H5; + bb = H6; + cc = H7; + dd = H8; + ee = H9; + + // + // Rounds 1 - 16 + // + // left + a = RL(a + F1(b, c, d) + X[0], 11) + e; c = RL(c, 10); + e = RL(e + F1(a, b, c) + X[1], 14) + d; b = RL(b, 10); + d = RL(d + F1(e, a, b) + X[2], 15) + c; a = RL(a, 10); + c = RL(c + F1(d, e, a) + X[3], 12) + b; e = RL(e, 10); + b = RL(b + F1(c, d, e) + X[4], 5) + a; d = RL(d, 10); + a = RL(a + F1(b, c, d) + X[5], 8) + e; c = RL(c, 10); + e = RL(e + F1(a, b, c) + X[6], 7) + d; b = RL(b, 10); + d = RL(d + F1(e, a, b) + X[7], 9) + c; a = RL(a, 10); + c = RL(c + F1(d, e, a) + X[8], 11) + b; e = RL(e, 10); + b = RL(b + F1(c, d, e) + X[9], 13) + a; d = RL(d, 10); + a = RL(a + F1(b, c, d) + X[10], 14) + e; c = RL(c, 10); + e = RL(e + F1(a, b, c) + X[11], 15) + d; b = RL(b, 10); + d = RL(d + F1(e, a, b) + X[12], 6) + c; a = RL(a, 10); + c = RL(c + F1(d, e, a) + X[13], 7) + b; e = RL(e, 10); + b = RL(b + F1(c, d, e) + X[14], 9) + a; d = RL(d, 10); + a = RL(a + F1(b, c, d) + X[15], 8) + e; c = RL(c, 10); + + // right + aa = RL(aa + F5(bb, cc, dd) + X[5] + unchecked((int)0x50a28be6), 8) + ee; cc = RL(cc, 10); + ee = RL(ee + F5(aa, bb, cc) + X[14] + unchecked((int)0x50a28be6), 9) + dd; bb = RL(bb, 10); + dd = RL(dd + F5(ee, aa, bb) + X[7] + unchecked((int)0x50a28be6), 9) + cc; aa = RL(aa, 10); + cc = RL(cc + F5(dd, ee, aa) + X[0] + unchecked((int)0x50a28be6), 11) + bb; ee = RL(ee, 10); + bb = RL(bb + F5(cc, dd, ee) + X[9] + unchecked((int)0x50a28be6), 13) + aa; dd = RL(dd, 10); + aa = RL(aa + F5(bb, cc, dd) + X[2] + unchecked((int)0x50a28be6), 15) + ee; cc = RL(cc, 10); + ee = RL(ee + F5(aa, bb, cc) + X[11] + unchecked((int)0x50a28be6), 15) + dd; bb = RL(bb, 10); + dd = RL(dd + F5(ee, aa, bb) + X[4] + unchecked((int)0x50a28be6), 5) + cc; aa = RL(aa, 10); + cc = RL(cc + F5(dd, ee, aa) + X[13] + unchecked((int)0x50a28be6), 7) + bb; ee = RL(ee, 10); + bb = RL(bb + F5(cc, dd, ee) + X[6] + unchecked((int)0x50a28be6), 7) + aa; dd = RL(dd, 10); + aa = RL(aa + F5(bb, cc, dd) + X[15] + unchecked((int)0x50a28be6), 8) + ee; cc = RL(cc, 10); + ee = RL(ee + F5(aa, bb, cc) + X[8] + unchecked((int)0x50a28be6), 11) + dd; bb = RL(bb, 10); + dd = RL(dd + F5(ee, aa, bb) + X[1] + unchecked((int)0x50a28be6), 14) + cc; aa = RL(aa, 10); + cc = RL(cc + F5(dd, ee, aa) + X[10] + unchecked((int)0x50a28be6), 14) + bb; ee = RL(ee, 10); + bb = RL(bb + F5(cc, dd, ee) + X[3] + unchecked((int)0x50a28be6), 12) + aa; dd = RL(dd, 10); + aa = RL(aa + F5(bb, cc, dd) + X[12] + unchecked((int)0x50a28be6), 6) + ee; cc = RL(cc, 10); + + t = a; a = aa; aa = t; + // + // Rounds 16-31 + // + // left + e = RL(e + F2(a, b, c) + X[7] + unchecked((int)0x5a827999), 7) + d; b = RL(b, 10); + d = RL(d + F2(e, a, b) + X[4] + unchecked((int)0x5a827999), 6) + c; a = RL(a, 10); + c = RL(c + F2(d, e, a) + X[13] + unchecked((int)0x5a827999), 8) + b; e = RL(e, 10); + b = RL(b + F2(c, d, e) + X[1] + unchecked((int)0x5a827999), 13) + a; d = RL(d, 10); + a = RL(a + F2(b, c, d) + X[10] + unchecked((int)0x5a827999), 11) + e; c = RL(c, 10); + e = RL(e + F2(a, b, c) + X[6] + unchecked((int)0x5a827999), 9) + d; b = RL(b, 10); + d = RL(d + F2(e, a, b) + X[15] + unchecked((int)0x5a827999), 7) + c; a = RL(a, 10); + c = RL(c + F2(d, e, a) + X[3] + unchecked((int)0x5a827999), 15) + b; e = RL(e, 10); + b = RL(b + F2(c, d, e) + X[12] + unchecked((int)0x5a827999), 7) + a; d = RL(d, 10); + a = RL(a + F2(b, c, d) + X[0] + unchecked((int)0x5a827999), 12) + e; c = RL(c, 10); + e = RL(e + F2(a, b, c) + X[9] + unchecked((int)0x5a827999), 15) + d; b = RL(b, 10); + d = RL(d + F2(e, a, b) + X[5] + unchecked((int)0x5a827999), 9) + c; a = RL(a, 10); + c = RL(c + F2(d, e, a) + X[2] + unchecked((int)0x5a827999), 11) + b; e = RL(e, 10); + b = RL(b + F2(c, d, e) + X[14] + unchecked((int)0x5a827999), 7) + a; d = RL(d, 10); + a = RL(a + F2(b, c, d) + X[11] + unchecked((int)0x5a827999), 13) + e; c = RL(c, 10); + e = RL(e + F2(a, b, c) + X[8] + unchecked((int)0x5a827999), 12) + d; b = RL(b, 10); + + // right + ee = RL(ee + F4(aa, bb, cc) + X[6] + unchecked((int)0x5c4dd124), 9) + dd; bb = RL(bb, 10); + dd = RL(dd + F4(ee, aa, bb) + X[11] + unchecked((int)0x5c4dd124), 13) + cc; aa = RL(aa, 10); + cc = RL(cc + F4(dd, ee, aa) + X[3] + unchecked((int)0x5c4dd124), 15) + bb; ee = RL(ee, 10); + bb = RL(bb + F4(cc, dd, ee) + X[7] + unchecked((int)0x5c4dd124), 7) + aa; dd = RL(dd, 10); + aa = RL(aa + F4(bb, cc, dd) + X[0] + unchecked((int)0x5c4dd124), 12) + ee; cc = RL(cc, 10); + ee = RL(ee + F4(aa, bb, cc) + X[13] + unchecked((int)0x5c4dd124), 8) + dd; bb = RL(bb, 10); + dd = RL(dd + F4(ee, aa, bb) + X[5] + unchecked((int)0x5c4dd124), 9) + cc; aa = RL(aa, 10); + cc = RL(cc + F4(dd, ee, aa) + X[10] + unchecked((int)0x5c4dd124), 11) + bb; ee = RL(ee, 10); + bb = RL(bb + F4(cc, dd, ee) + X[14] + unchecked((int)0x5c4dd124), 7) + aa; dd = RL(dd, 10); + aa = RL(aa + F4(bb, cc, dd) + X[15] + unchecked((int)0x5c4dd124), 7) + ee; cc = RL(cc, 10); + ee = RL(ee + F4(aa, bb, cc) + X[8] + unchecked((int)0x5c4dd124), 12) + dd; bb = RL(bb, 10); + dd = RL(dd + F4(ee, aa, bb) + X[12] + unchecked((int)0x5c4dd124), 7) + cc; aa = RL(aa, 10); + cc = RL(cc + F4(dd, ee, aa) + X[4] + unchecked((int)0x5c4dd124), 6) + bb; ee = RL(ee, 10); + bb = RL(bb + F4(cc, dd, ee) + X[9] + unchecked((int)0x5c4dd124), 15) + aa; dd = RL(dd, 10); + aa = RL(aa + F4(bb, cc, dd) + X[1] + unchecked((int)0x5c4dd124), 13) + ee; cc = RL(cc, 10); + ee = RL(ee + F4(aa, bb, cc) + X[2] + unchecked((int)0x5c4dd124), 11) + dd; bb = RL(bb, 10); + + t = b; b = bb; bb = t; + + // + // Rounds 32-47 + // + // left + d = RL(d + F3(e, a, b) + X[3] + unchecked((int)0x6ed9eba1), 11) + c; a = RL(a, 10); + c = RL(c + F3(d, e, a) + X[10] + unchecked((int)0x6ed9eba1), 13) + b; e = RL(e, 10); + b = RL(b + F3(c, d, e) + X[14] + unchecked((int)0x6ed9eba1), 6) + a; d = RL(d, 10); + a = RL(a + F3(b, c, d) + X[4] + unchecked((int)0x6ed9eba1), 7) + e; c = RL(c, 10); + e = RL(e + F3(a, b, c) + X[9] + unchecked((int)0x6ed9eba1), 14) + d; b = RL(b, 10); + d = RL(d + F3(e, a, b) + X[15] + unchecked((int)0x6ed9eba1), 9) + c; a = RL(a, 10); + c = RL(c + F3(d, e, a) + X[8] + unchecked((int)0x6ed9eba1), 13) + b; e = RL(e, 10); + b = RL(b + F3(c, d, e) + X[1] + unchecked((int)0x6ed9eba1), 15) + a; d = RL(d, 10); + a = RL(a + F3(b, c, d) + X[2] + unchecked((int)0x6ed9eba1), 14) + e; c = RL(c, 10); + e = RL(e + F3(a, b, c) + X[7] + unchecked((int)0x6ed9eba1), 8) + d; b = RL(b, 10); + d = RL(d + F3(e, a, b) + X[0] + unchecked((int)0x6ed9eba1), 13) + c; a = RL(a, 10); + c = RL(c + F3(d, e, a) + X[6] + unchecked((int)0x6ed9eba1), 6) + b; e = RL(e, 10); + b = RL(b + F3(c, d, e) + X[13] + unchecked((int)0x6ed9eba1), 5) + a; d = RL(d, 10); + a = RL(a + F3(b, c, d) + X[11] + unchecked((int)0x6ed9eba1), 12) + e; c = RL(c, 10); + e = RL(e + F3(a, b, c) + X[5] + unchecked((int)0x6ed9eba1), 7) + d; b = RL(b, 10); + d = RL(d + F3(e, a, b) + X[12] + unchecked((int)0x6ed9eba1), 5) + c; a = RL(a, 10); + + // right + dd = RL(dd + F3(ee, aa, bb) + X[15] + unchecked((int)0x6d703ef3), 9) + cc; aa = RL(aa, 10); + cc = RL(cc + F3(dd, ee, aa) + X[5] + unchecked((int)0x6d703ef3), 7) + bb; ee = RL(ee, 10); + bb = RL(bb + F3(cc, dd, ee) + X[1] + unchecked((int)0x6d703ef3), 15) + aa; dd = RL(dd, 10); + aa = RL(aa + F3(bb, cc, dd) + X[3] + unchecked((int)0x6d703ef3), 11) + ee; cc = RL(cc, 10); + ee = RL(ee + F3(aa, bb, cc) + X[7] + unchecked((int)0x6d703ef3), 8) + dd; bb = RL(bb, 10); + dd = RL(dd + F3(ee, aa, bb) + X[14] + unchecked((int)0x6d703ef3), 6) + cc; aa = RL(aa, 10); + cc = RL(cc + F3(dd, ee, aa) + X[6] + unchecked((int)0x6d703ef3), 6) + bb; ee = RL(ee, 10); + bb = RL(bb + F3(cc, dd, ee) + X[9] + unchecked((int)0x6d703ef3), 14) + aa; dd = RL(dd, 10); + aa = RL(aa + F3(bb, cc, dd) + X[11] + unchecked((int)0x6d703ef3), 12) + ee; cc = RL(cc, 10); + ee = RL(ee + F3(aa, bb, cc) + X[8] + unchecked((int)0x6d703ef3), 13) + dd; bb = RL(bb, 10); + dd = RL(dd + F3(ee, aa, bb) + X[12] + unchecked((int)0x6d703ef3), 5) + cc; aa = RL(aa, 10); + cc = RL(cc + F3(dd, ee, aa) + X[2] + unchecked((int)0x6d703ef3), 14) + bb; ee = RL(ee, 10); + bb = RL(bb + F3(cc, dd, ee) + X[10] + unchecked((int)0x6d703ef3), 13) + aa; dd = RL(dd, 10); + aa = RL(aa + F3(bb, cc, dd) + X[0] + unchecked((int)0x6d703ef3), 13) + ee; cc = RL(cc, 10); + ee = RL(ee + F3(aa, bb, cc) + X[4] + unchecked((int)0x6d703ef3), 7) + dd; bb = RL(bb, 10); + dd = RL(dd + F3(ee, aa, bb) + X[13] + unchecked((int)0x6d703ef3), 5) + cc; aa = RL(aa, 10); + + t = c; c = cc; cc = t; + + // + // Rounds 48-63 + // + // left + c = RL(c + F4(d, e, a) + X[1] + unchecked((int)0x8f1bbcdc), 11) + b; e = RL(e, 10); + b = RL(b + F4(c, d, e) + X[9] + unchecked((int)0x8f1bbcdc), 12) + a; d = RL(d, 10); + a = RL(a + F4(b, c, d) + X[11] + unchecked((int)0x8f1bbcdc), 14) + e; c = RL(c, 10); + e = RL(e + F4(a, b, c) + X[10] + unchecked((int)0x8f1bbcdc), 15) + d; b = RL(b, 10); + d = RL(d + F4(e, a, b) + X[0] + unchecked((int)0x8f1bbcdc), 14) + c; a = RL(a, 10); + c = RL(c + F4(d, e, a) + X[8] + unchecked((int)0x8f1bbcdc), 15) + b; e = RL(e, 10); + b = RL(b + F4(c, d, e) + X[12] + unchecked((int)0x8f1bbcdc), 9) + a; d = RL(d, 10); + a = RL(a + F4(b, c, d) + X[4] + unchecked((int)0x8f1bbcdc), 8) + e; c = RL(c, 10); + e = RL(e + F4(a, b, c) + X[13] + unchecked((int)0x8f1bbcdc), 9) + d; b = RL(b, 10); + d = RL(d + F4(e, a, b) + X[3] + unchecked((int)0x8f1bbcdc), 14) + c; a = RL(a, 10); + c = RL(c + F4(d, e, a) + X[7] + unchecked((int)0x8f1bbcdc), 5) + b; e = RL(e, 10); + b = RL(b + F4(c, d, e) + X[15] + unchecked((int)0x8f1bbcdc), 6) + a; d = RL(d, 10); + a = RL(a + F4(b, c, d) + X[14] + unchecked((int)0x8f1bbcdc), 8) + e; c = RL(c, 10); + e = RL(e + F4(a, b, c) + X[5] + unchecked((int)0x8f1bbcdc), 6) + d; b = RL(b, 10); + d = RL(d + F4(e, a, b) + X[6] + unchecked((int)0x8f1bbcdc), 5) + c; a = RL(a, 10); + c = RL(c + F4(d, e, a) + X[2] + unchecked((int)0x8f1bbcdc), 12) + b; e = RL(e, 10); + + // right + cc = RL(cc + F2(dd, ee, aa) + X[8] + unchecked((int)0x7a6d76e9), 15) + bb; ee = RL(ee, 10); + bb = RL(bb + F2(cc, dd, ee) + X[6] + unchecked((int)0x7a6d76e9), 5) + aa; dd = RL(dd, 10); + aa = RL(aa + F2(bb, cc, dd) + X[4] + unchecked((int)0x7a6d76e9), 8) + ee; cc = RL(cc, 10); + ee = RL(ee + F2(aa, bb, cc) + X[1] + unchecked((int)0x7a6d76e9), 11) + dd; bb = RL(bb, 10); + dd = RL(dd + F2(ee, aa, bb) + X[3] + unchecked((int)0x7a6d76e9), 14) + cc; aa = RL(aa, 10); + cc = RL(cc + F2(dd, ee, aa) + X[11] + unchecked((int)0x7a6d76e9), 14) + bb; ee = RL(ee, 10); + bb = RL(bb + F2(cc, dd, ee) + X[15] + unchecked((int)0x7a6d76e9), 6) + aa; dd = RL(dd, 10); + aa = RL(aa + F2(bb, cc, dd) + X[0] + unchecked((int)0x7a6d76e9), 14) + ee; cc = RL(cc, 10); + ee = RL(ee + F2(aa, bb, cc) + X[5] + unchecked((int)0x7a6d76e9), 6) + dd; bb = RL(bb, 10); + dd = RL(dd + F2(ee, aa, bb) + X[12] + unchecked((int)0x7a6d76e9), 9) + cc; aa = RL(aa, 10); + cc = RL(cc + F2(dd, ee, aa) + X[2] + unchecked((int)0x7a6d76e9), 12) + bb; ee = RL(ee, 10); + bb = RL(bb + F2(cc, dd, ee) + X[13] + unchecked((int)0x7a6d76e9), 9) + aa; dd = RL(dd, 10); + aa = RL(aa + F2(bb, cc, dd) + X[9] + unchecked((int)0x7a6d76e9), 12) + ee; cc = RL(cc, 10); + ee = RL(ee + F2(aa, bb, cc) + X[7] + unchecked((int)0x7a6d76e9), 5) + dd; bb = RL(bb, 10); + dd = RL(dd + F2(ee, aa, bb) + X[10] + unchecked((int)0x7a6d76e9), 15) + cc; aa = RL(aa, 10); + cc = RL(cc + F2(dd, ee, aa) + X[14] + unchecked((int)0x7a6d76e9), 8) + bb; ee = RL(ee, 10); + + t = d; d = dd; dd = t; + + // + // Rounds 64-79 + // + // left + b = RL(b + F5(c, d, e) + X[4] + unchecked((int)0xa953fd4e), 9) + a; d = RL(d, 10); + a = RL(a + F5(b, c, d) + X[0] + unchecked((int)0xa953fd4e), 15) + e; c = RL(c, 10); + e = RL(e + F5(a, b, c) + X[5] + unchecked((int)0xa953fd4e), 5) + d; b = RL(b, 10); + d = RL(d + F5(e, a, b) + X[9] + unchecked((int)0xa953fd4e), 11) + c; a = RL(a, 10); + c = RL(c + F5(d, e, a) + X[7] + unchecked((int)0xa953fd4e), 6) + b; e = RL(e, 10); + b = RL(b + F5(c, d, e) + X[12] + unchecked((int)0xa953fd4e), 8) + a; d = RL(d, 10); + a = RL(a + F5(b, c, d) + X[2] + unchecked((int)0xa953fd4e), 13) + e; c = RL(c, 10); + e = RL(e + F5(a, b, c) + X[10] + unchecked((int)0xa953fd4e), 12) + d; b = RL(b, 10); + d = RL(d + F5(e, a, b) + X[14] + unchecked((int)0xa953fd4e), 5) + c; a = RL(a, 10); + c = RL(c + F5(d, e, a) + X[1] + unchecked((int)0xa953fd4e), 12) + b; e = RL(e, 10); + b = RL(b + F5(c, d, e) + X[3] + unchecked((int)0xa953fd4e), 13) + a; d = RL(d, 10); + a = RL(a + F5(b, c, d) + X[8] + unchecked((int)0xa953fd4e), 14) + e; c = RL(c, 10); + e = RL(e + F5(a, b, c) + X[11] + unchecked((int)0xa953fd4e), 11) + d; b = RL(b, 10); + d = RL(d + F5(e, a, b) + X[6] + unchecked((int)0xa953fd4e), 8) + c; a = RL(a, 10); + c = RL(c + F5(d, e, a) + X[15] + unchecked((int)0xa953fd4e), 5) + b; e = RL(e, 10); + b = RL(b + F5(c, d, e) + X[13] + unchecked((int)0xa953fd4e), 6) + a; d = RL(d, 10); + + // right + bb = RL(bb + F1(cc, dd, ee) + X[12], 8) + aa; dd = RL(dd, 10); + aa = RL(aa + F1(bb, cc, dd) + X[15], 5) + ee; cc = RL(cc, 10); + ee = RL(ee + F1(aa, bb, cc) + X[10], 12) + dd; bb = RL(bb, 10); + dd = RL(dd + F1(ee, aa, bb) + X[4], 9) + cc; aa = RL(aa, 10); + cc = RL(cc + F1(dd, ee, aa) + X[1], 12) + bb; ee = RL(ee, 10); + bb = RL(bb + F1(cc, dd, ee) + X[5], 5) + aa; dd = RL(dd, 10); + aa = RL(aa + F1(bb, cc, dd) + X[8], 14) + ee; cc = RL(cc, 10); + ee = RL(ee + F1(aa, bb, cc) + X[7], 6) + dd; bb = RL(bb, 10); + dd = RL(dd + F1(ee, aa, bb) + X[6], 8) + cc; aa = RL(aa, 10); + cc = RL(cc + F1(dd, ee, aa) + X[2], 13) + bb; ee = RL(ee, 10); + bb = RL(bb + F1(cc, dd, ee) + X[13], 6) + aa; dd = RL(dd, 10); + aa = RL(aa + F1(bb, cc, dd) + X[14], 5) + ee; cc = RL(cc, 10); + ee = RL(ee + F1(aa, bb, cc) + X[0], 15) + dd; bb = RL(bb, 10); + dd = RL(dd + F1(ee, aa, bb) + X[3], 13) + cc; aa = RL(aa, 10); + cc = RL(cc + F1(dd, ee, aa) + X[9], 11) + bb; ee = RL(ee, 10); + bb = RL(bb + F1(cc, dd, ee) + X[11], 11) + aa; dd = RL(dd, 10); + + // + // do (e, ee) swap as part of assignment. + // + + H0 += a; + H1 += b; + H2 += c; + H3 += d; + H4 += ee; + H5 += aa; + H6 += bb; + H7 += cc; + H8 += dd; + H9 += e; + + // + // reset the offset and clean out the word buffer. + // + xOff = 0; + for (int i = 0; i != X.Length; i++) + { + X[i] = 0; + } + } + + public override IMemoable Copy() + { + return new RipeMD320Digest(this); + } + + public override void Reset(IMemoable other) + { + RipeMD320Digest d = (RipeMD320Digest)other; + + CopyIn(d); + } + + } +} diff --git a/BouncyCastle/crypto/src/crypto/digests/SHA3Digest.cs b/BouncyCastle/crypto/src/crypto/digests/SHA3Digest.cs new file mode 100644 index 0000000..3dc63a6 --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/digests/SHA3Digest.cs @@ -0,0 +1,85 @@ +using System; +using System.Diagnostics; + +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Crypto.Digests +{ + /// + /// Implementation of SHA-3 based on following KeccakNISTInterface.c from http://keccak.noekeon.org/ + /// + /// + /// Following the naming conventions used in the C source code to enable easy review of the implementation. + /// + public class Sha3Digest + : KeccakDigest + { + private static int CheckBitLength(int bitLength) + { + switch (bitLength) + { + case 224: + case 256: + case 384: + case 512: + return bitLength; + default: + throw new ArgumentException(bitLength + " not supported for SHA-3", "bitLength"); + } + } + + public Sha3Digest() + : this(256) + { + } + + public Sha3Digest(int bitLength) + : base(CheckBitLength(bitLength)) + { + } + + public Sha3Digest(Sha3Digest source) + : base(source) + { + } + + public override string AlgorithmName + { + get { return "SHA3-" + fixedOutputLength; } + } + + public override int DoFinal(byte[] output, int outOff) + { + AbsorbBits(0x02, 2); + + return base.DoFinal(output, outOff); + } + + /* + * TODO Possible API change to support partial-byte suffixes. + */ + protected override int DoFinal(byte[] output, int outOff, byte partialByte, int partialBits) + { + if (partialBits < 0 || partialBits > 7) + throw new ArgumentException("must be in the range [0,7]", "partialBits"); + + int finalInput = (partialByte & ((1 << partialBits) - 1)) | (0x02 << partialBits); + Debug.Assert(finalInput >= 0); + int finalBits = partialBits + 2; + + if (finalBits >= 8) + { + Absorb((byte)finalInput); + finalBits -= 8; + finalInput >>= 8; + } + + return base.DoFinal(output, outOff, (byte)finalInput, finalBits); + } + + public override IMemoable Copy() + { + return new Sha3Digest(this); + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/digests/SM3Digest.cs b/BouncyCastle/crypto/src/crypto/digests/SM3Digest.cs new file mode 100644 index 0000000..449d7c1 --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/digests/SM3Digest.cs @@ -0,0 +1,320 @@ +using System; + +using Org.BouncyCastle.Crypto.Utilities; +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Crypto.Digests +{ + + /// + /// Implementation of Chinese SM3 digest as described at + /// http://tools.ietf.org/html/draft-shen-sm3-hash-00 + /// and at .... ( Chinese PDF ) + /// + /// + /// The specification says "process a bit stream", + /// but this is written to process bytes in blocks of 4, + /// meaning this will process 32-bit word groups. + /// But so do also most other digest specifications, + /// including the SHA-256 which was a origin for + /// this specification. + /// + public class SM3Digest + : GeneralDigest + { + private const int DIGEST_LENGTH = 32; // bytes + private const int BLOCK_SIZE = 64 / 4; // of 32 bit ints (16 ints) + + private uint[] V = new uint[DIGEST_LENGTH / 4]; // in 32 bit ints (8 ints) + private uint[] inwords = new uint[BLOCK_SIZE]; + private int xOff; + + // Work-bufs used within processBlock() + private uint[] W = new uint[68]; + + // Round constant T for processBlock() which is 32 bit integer rolled left up to (63 MOD 32) bit positions. + private static readonly uint[] T = new uint[64]; + + static SM3Digest() + { + for (int i = 0; i < 16; ++i) + { + uint t = 0x79CC4519; + T[i] = (t << i) | (t >> (32 - i)); + } + for (int i = 16; i < 64; ++i) + { + int n = i % 32; + uint t = 0x7A879D8A; + T[i] = (t << n) | (t >> (32 - n)); + } + } + + + /// + /// Standard constructor + /// + public SM3Digest() + { + Reset(); + } + + /// + /// Copy constructor. This will copy the state of the provided + /// message digest. + /// + public SM3Digest(SM3Digest t) + : base(t) + { + CopyIn(t); + } + + private void CopyIn(SM3Digest t) + { + Array.Copy(t.V, 0, this.V, 0, this.V.Length); + Array.Copy(t.inwords, 0, this.inwords, 0, this.inwords.Length); + xOff = t.xOff; + } + + public override string AlgorithmName + { + get { return "SM3"; } + } + + public override int GetDigestSize() + { + return DIGEST_LENGTH; + } + + public override IMemoable Copy() + { + return new SM3Digest(this); + } + + public override void Reset(IMemoable other) + { + SM3Digest d = (SM3Digest)other; + + base.CopyIn(d); + CopyIn(d); + } + + /// + /// reset the chaining variables + /// + public override void Reset() + { + base.Reset(); + + this.V[0] = 0x7380166F; + this.V[1] = 0x4914B2B9; + this.V[2] = 0x172442D7; + this.V[3] = 0xDA8A0600; + this.V[4] = 0xA96F30BC; + this.V[5] = 0x163138AA; + this.V[6] = 0xE38DEE4D; + this.V[7] = 0xB0FB0E4E; + + this.xOff = 0; + } + + + public override int DoFinal(byte[] output, int outOff) + { + Finish(); + + Pack.UInt32_To_BE(V, output, outOff); + + Reset(); + + return DIGEST_LENGTH; + } + + + internal override void ProcessWord(byte[] input, + int inOff) + { + uint n = Pack.BE_To_UInt32(input, inOff); + this.inwords[this.xOff] = n; + ++this.xOff; + + if (this.xOff >= 16) + { + ProcessBlock(); + } + } + + internal override void ProcessLength(long bitLength) + { + if (this.xOff > (BLOCK_SIZE - 2)) + { + // xOff == 15 --> can't fit the 64 bit length field at tail.. + this.inwords[this.xOff] = 0; // fill with zero + ++this.xOff; + + ProcessBlock(); + } + // Fill with zero words, until reach 2nd to last slot + while (this.xOff < (BLOCK_SIZE - 2)) + { + this.inwords[this.xOff] = 0; + ++this.xOff; + } + + // Store input data length in BITS + this.inwords[this.xOff++] = (uint)(bitLength >> 32); + this.inwords[this.xOff++] = (uint)(bitLength); + } + + /* + + 3.4.2. Constants + + + Tj = 79cc4519 when 0 < = j < = 15 + Tj = 7a879d8a when 16 < = j < = 63 + + 3.4.3. Boolean function + + + FFj(X;Y;Z) = X XOR Y XOR Z when 0 < = j < = 15 + = (X AND Y) OR (X AND Z) OR (Y AND Z) when 16 < = j < = 63 + + GGj(X;Y;Z) = X XOR Y XOR Z when 0 < = j < = 15 + = (X AND Y) OR (NOT X AND Z) when 16 < = j < = 63 + + The X, Y, Z in the fomular are words!GBP + + 3.4.4. Permutation function + + + P0(X) = X XOR (X <<< 9) XOR (X <<< 17) ## ROLL, not SHIFT + P1(X) = X XOR (X <<< 15) XOR (X <<< 23) ## ROLL, not SHIFT + + The X in the fomular are a word. + + ---------- + + Each ROLL converted to Java expression: + + ROLL 9 : ((x << 9) | (x >> (32-9)))) + ROLL 17 : ((x << 17) | (x >> (32-17))) + ROLL 15 : ((x << 15) | (x >> (32-15))) + ROLL 23 : ((x << 23) | (x >> (32-23))) + + */ + + private uint P0(uint x) + { + uint r9 = ((x << 9) | (x >> (32 - 9))); + uint r17 = ((x << 17) | (x >> (32 - 17))); + return (x ^ r9 ^ r17); + } + + private uint P1(uint x) + { + uint r15 = ((x << 15) | (x >> (32 - 15))); + uint r23 = ((x << 23) | (x >> (32 - 23))); + return (x ^ r15 ^ r23); + } + + private uint FF0(uint x, uint y, uint z) + { + return (x ^ y ^ z); + } + + private uint FF1(uint x, uint y, uint z) + { + return ((x & y) | (x & z) | (y & z)); + } + + private uint GG0(uint x, uint y, uint z) + { + return (x ^ y ^ z); + } + + private uint GG1(uint x, uint y, uint z) + { + return ((x & y) | ((~x) & z)); + } + + + internal override void ProcessBlock() + { + for (int j = 0; j < 16; ++j) + { + this.W[j] = this.inwords[j]; + } + for (int j = 16; j < 68; ++j) + { + uint wj3 = this.W[j - 3]; + uint r15 = ((wj3 << 15) | (wj3 >> (32 - 15))); + uint wj13 = this.W[j - 13]; + uint r7 = ((wj13 << 7) | (wj13 >> (32 - 7))); + this.W[j] = P1(this.W[j - 16] ^ this.W[j - 9] ^ r15) ^ r7 ^ this.W[j - 6]; + } + + uint A = this.V[0]; + uint B = this.V[1]; + uint C = this.V[2]; + uint D = this.V[3]; + uint E = this.V[4]; + uint F = this.V[5]; + uint G = this.V[6]; + uint H = this.V[7]; + + + for (int j = 0; j < 16; ++j) + { + uint a12 = ((A << 12) | (A >> (32 - 12))); + uint s1_ = a12 + E + T[j]; + uint SS1 = ((s1_ << 7) | (s1_ >> (32 - 7))); + uint SS2 = SS1 ^ a12; + uint Wj = W[j]; + uint W1j = Wj ^ W[j + 4]; + uint TT1 = FF0(A, B, C) + D + SS2 + W1j; + uint TT2 = GG0(E, F, G) + H + SS1 + Wj; + D = C; + C = ((B << 9) | (B >> (32 - 9))); + B = A; + A = TT1; + H = G; + G = ((F << 19) | (F >> (32 - 19))); + F = E; + E = P0(TT2); + } + + // Different FF,GG functions on rounds 16..63 + for (int j = 16; j < 64; ++j) + { + uint a12 = ((A << 12) | (A >> (32 - 12))); + uint s1_ = a12 + E + T[j]; + uint SS1 = ((s1_ << 7) | (s1_ >> (32 - 7))); + uint SS2 = SS1 ^ a12; + uint Wj = W[j]; + uint W1j = Wj ^ W[j + 4]; + uint TT1 = FF1(A, B, C) + D + SS2 + W1j; + uint TT2 = GG1(E, F, G) + H + SS1 + Wj; + D = C; + C = ((B << 9) | (B >> (32 - 9))); + B = A; + A = TT1; + H = G; + G = ((F << 19) | (F >> (32 - 19))); + F = E; + E = P0(TT2); + } + + this.V[0] ^= A; + this.V[1] ^= B; + this.V[2] ^= C; + this.V[3] ^= D; + this.V[4] ^= E; + this.V[5] ^= F; + this.V[6] ^= G; + this.V[7] ^= H; + + this.xOff = 0; + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/digests/Sha1Digest.cs b/BouncyCastle/crypto/src/crypto/digests/Sha1Digest.cs new file mode 100644 index 0000000..60ec651 --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/digests/Sha1Digest.cs @@ -0,0 +1,284 @@ +using System; + +using Org.BouncyCastle.Crypto.Utilities; +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Crypto.Digests +{ + + /** + * implementation of SHA-1 as outlined in "Handbook of Applied Cryptography", pages 346 - 349. + * + * It is interesting to ponder why the, apart from the extra IV, the other difference here from MD5 + * is the "endianness" of the word processing! + */ + public class Sha1Digest + : GeneralDigest + { + private const int DigestLength = 20; + + private uint H1, H2, H3, H4, H5; + + private uint[] X = new uint[80]; + private int xOff; + + public Sha1Digest() + { + Reset(); + } + + /** + * Copy constructor. This will copy the state of the provided + * message digest. + */ + public Sha1Digest(Sha1Digest t) + : base(t) + { + CopyIn(t); + } + + private void CopyIn(Sha1Digest t) + { + base.CopyIn(t); + + H1 = t.H1; + H2 = t.H2; + H3 = t.H3; + H4 = t.H4; + H5 = t.H5; + + Array.Copy(t.X, 0, X, 0, t.X.Length); + xOff = t.xOff; + } + + public override string AlgorithmName + { + get { return "SHA-1"; } + } + + public override int GetDigestSize() + { + return DigestLength; + } + + internal override void ProcessWord( + byte[] input, + int inOff) + { + X[xOff] = Pack.BE_To_UInt32(input, inOff); + + if (++xOff == 16) + { + ProcessBlock(); + } + } + + internal override void ProcessLength(long bitLength) + { + if (xOff > 14) + { + ProcessBlock(); + } + + X[14] = (uint)((ulong)bitLength >> 32); + X[15] = (uint)((ulong)bitLength); + } + + public override int DoFinal( + byte[] output, + int outOff) + { + Finish(); + + Pack.UInt32_To_BE(H1, output, outOff); + Pack.UInt32_To_BE(H2, output, outOff + 4); + Pack.UInt32_To_BE(H3, output, outOff + 8); + Pack.UInt32_To_BE(H4, output, outOff + 12); + Pack.UInt32_To_BE(H5, output, outOff + 16); + + Reset(); + + return DigestLength; + } + + /** + * reset the chaining variables + */ + public override void Reset() + { + base.Reset(); + + H1 = 0x67452301; + H2 = 0xefcdab89; + H3 = 0x98badcfe; + H4 = 0x10325476; + H5 = 0xc3d2e1f0; + + xOff = 0; + Array.Clear(X, 0, X.Length); + } + + // + // Additive constants + // + private const uint Y1 = 0x5a827999; + private const uint Y2 = 0x6ed9eba1; + private const uint Y3 = 0x8f1bbcdc; + private const uint Y4 = 0xca62c1d6; + + private static uint F(uint u, uint v, uint w) + { + return (u & v) | (~u & w); + } + + private static uint H(uint u, uint v, uint w) + { + return u ^ v ^ w; + } + + private static uint G(uint u, uint v, uint w) + { + return (u & v) | (u & w) | (v & w); + } + + internal override void ProcessBlock() + { + // + // expand 16 word block into 80 word block. + // + for (int i = 16; i < 80; i++) + { + uint t = X[i - 3] ^ X[i - 8] ^ X[i - 14] ^ X[i - 16]; + X[i] = t << 1 | t >> 31; + } + + // + // set up working variables. + // + uint A = H1; + uint B = H2; + uint C = H3; + uint D = H4; + uint E = H5; + + // + // round 1 + // + int idx = 0; + + for (int j = 0; j < 4; j++) + { + // E = rotateLeft(A, 5) + F(B, C, D) + E + X[idx++] + Y1 + // B = rotateLeft(B, 30) + E += (A << 5 | (A >> 27)) + F(B, C, D) + X[idx++] + Y1; + B = B << 30 | (B >> 2); + + D += (E << 5 | (E >> 27)) + F(A, B, C) + X[idx++] + Y1; + A = A << 30 | (A >> 2); + + C += (D << 5 | (D >> 27)) + F(E, A, B) + X[idx++] + Y1; + E = E << 30 | (E >> 2); + + B += (C << 5 | (C >> 27)) + F(D, E, A) + X[idx++] + Y1; + D = D << 30 | (D >> 2); + + A += (B << 5 | (B >> 27)) + F(C, D, E) + X[idx++] + Y1; + C = C << 30 | (C >> 2); + } + + // + // round 2 + // + for (int j = 0; j < 4; j++) + { + // E = rotateLeft(A, 5) + H(B, C, D) + E + X[idx++] + Y2 + // B = rotateLeft(B, 30) + E += (A << 5 | (A >> 27)) + H(B, C, D) + X[idx++] + Y2; + B = B << 30 | (B >> 2); + + D += (E << 5 | (E >> 27)) + H(A, B, C) + X[idx++] + Y2; + A = A << 30 | (A >> 2); + + C += (D << 5 | (D >> 27)) + H(E, A, B) + X[idx++] + Y2; + E = E << 30 | (E >> 2); + + B += (C << 5 | (C >> 27)) + H(D, E, A) + X[idx++] + Y2; + D = D << 30 | (D >> 2); + + A += (B << 5 | (B >> 27)) + H(C, D, E) + X[idx++] + Y2; + C = C << 30 | (C >> 2); + } + + // + // round 3 + // + for (int j = 0; j < 4; j++) + { + // E = rotateLeft(A, 5) + G(B, C, D) + E + X[idx++] + Y3 + // B = rotateLeft(B, 30) + E += (A << 5 | (A >> 27)) + G(B, C, D) + X[idx++] + Y3; + B = B << 30 | (B >> 2); + + D += (E << 5 | (E >> 27)) + G(A, B, C) + X[idx++] + Y3; + A = A << 30 | (A >> 2); + + C += (D << 5 | (D >> 27)) + G(E, A, B) + X[idx++] + Y3; + E = E << 30 | (E >> 2); + + B += (C << 5 | (C >> 27)) + G(D, E, A) + X[idx++] + Y3; + D = D << 30 | (D >> 2); + + A += (B << 5 | (B >> 27)) + G(C, D, E) + X[idx++] + Y3; + C = C << 30 | (C >> 2); + } + + // + // round 4 + // + for (int j = 0; j < 4; j++) + { + // E = rotateLeft(A, 5) + H(B, C, D) + E + X[idx++] + Y4 + // B = rotateLeft(B, 30) + E += (A << 5 | (A >> 27)) + H(B, C, D) + X[idx++] + Y4; + B = B << 30 | (B >> 2); + + D += (E << 5 | (E >> 27)) + H(A, B, C) + X[idx++] + Y4; + A = A << 30 | (A >> 2); + + C += (D << 5 | (D >> 27)) + H(E, A, B) + X[idx++] + Y4; + E = E << 30 | (E >> 2); + + B += (C << 5 | (C >> 27)) + H(D, E, A) + X[idx++] + Y4; + D = D << 30 | (D >> 2); + + A += (B << 5 | (B >> 27)) + H(C, D, E) + X[idx++] + Y4; + C = C << 30 | (C >> 2); + } + + H1 += A; + H2 += B; + H3 += C; + H4 += D; + H5 += E; + + // + // reset start of the buffer. + // + xOff = 0; + Array.Clear(X, 0, 16); + } + + public override IMemoable Copy() + { + return new Sha1Digest(this); + } + + public override void Reset(IMemoable other) + { + Sha1Digest d = (Sha1Digest)other; + + CopyIn(d); + } + + } +} diff --git a/BouncyCastle/crypto/src/crypto/digests/Sha224Digest.cs b/BouncyCastle/crypto/src/crypto/digests/Sha224Digest.cs new file mode 100644 index 0000000..b4e8537 --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/digests/Sha224Digest.cs @@ -0,0 +1,289 @@ +using System; + +using Org.BouncyCastle.Crypto.Utilities; +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Crypto.Digests +{ + /** + * SHA-224 as described in RFC 3874 + * 
+     *         block  word  digest
+     * SHA-1   512    32    160
+     * SHA-224 512    32    224
+     * SHA-256 512    32    256
+     * SHA-384 1024   64    384
+     * SHA-512 1024   64    512
+     *
+ */ + public class Sha224Digest + : GeneralDigest + { + private const int DigestLength = 28; + + private uint H1, H2, H3, H4, H5, H6, H7, H8; + + private uint[] X = new uint[64]; + private int xOff; + + /** + * Standard constructor + */ + public Sha224Digest() + { + Reset(); + } + + /** + * Copy constructor. This will copy the state of the provided + * message digest. + */ + public Sha224Digest( + Sha224Digest t) + : base(t) + { + CopyIn(t); + } + + private void CopyIn(Sha224Digest t) + { + base.CopyIn(t); + + H1 = t.H1; + H2 = t.H2; + H3 = t.H3; + H4 = t.H4; + H5 = t.H5; + H6 = t.H6; + H7 = t.H7; + H8 = t.H8; + + Array.Copy(t.X, 0, X, 0, t.X.Length); + xOff = t.xOff; + } + + public override string AlgorithmName + { + get { return "SHA-224"; } + } + + public override int GetDigestSize() + { + return DigestLength; + } + + internal override void ProcessWord( + byte[] input, + int inOff) + { + X[xOff] = Pack.BE_To_UInt32(input, inOff); + + if (++xOff == 16) + { + ProcessBlock(); + } + } + + internal override void ProcessLength( + long bitLength) + { + if (xOff > 14) + { + ProcessBlock(); + } + + X[14] = (uint)((ulong)bitLength >> 32); + X[15] = (uint)((ulong)bitLength); + } + + public override int DoFinal( + byte[] output, + int outOff) + { + Finish(); + + Pack.UInt32_To_BE(H1, output, outOff); + Pack.UInt32_To_BE(H2, output, outOff + 4); + Pack.UInt32_To_BE(H3, output, outOff + 8); + Pack.UInt32_To_BE(H4, output, outOff + 12); + Pack.UInt32_To_BE(H5, output, outOff + 16); + Pack.UInt32_To_BE(H6, output, outOff + 20); + Pack.UInt32_To_BE(H7, output, outOff + 24); + + Reset(); + + return DigestLength; + } + + /** + * reset the chaining variables + */ + public override void Reset() + { + base.Reset(); + + /* SHA-224 initial hash value + */ + H1 = 0xc1059ed8; + H2 = 0x367cd507; + H3 = 0x3070dd17; + H4 = 0xf70e5939; + H5 = 0xffc00b31; + H6 = 0x68581511; + H7 = 0x64f98fa7; + H8 = 0xbefa4fa4; + + xOff = 0; + Array.Clear(X, 0, X.Length); + } + + internal override void ProcessBlock() + { + // + // expand 16 word block into 64 word blocks. + // + for (int ti = 16; ti <= 63; ti++) + { + X[ti] = Theta1(X[ti - 2]) + X[ti - 7] + Theta0(X[ti - 15]) + X[ti - 16]; + } + + // + // set up working variables. + // + uint a = H1; + uint b = H2; + uint c = H3; + uint d = H4; + uint e = H5; + uint f = H6; + uint g = H7; + uint h = H8; + + int t = 0; + for(int i = 0; i < 8; i ++) + { + // t = 8 * i + h += Sum1(e) + Ch(e, f, g) + K[t] + X[t]; + d += h; + h += Sum0(a) + Maj(a, b, c); + ++t; + + // t = 8 * i + 1 + g += Sum1(d) + Ch(d, e, f) + K[t] + X[t]; + c += g; + g += Sum0(h) + Maj(h, a, b); + ++t; + + // t = 8 * i + 2 + f += Sum1(c) + Ch(c, d, e) + K[t] + X[t]; + b += f; + f += Sum0(g) + Maj(g, h, a); + ++t; + + // t = 8 * i + 3 + e += Sum1(b) + Ch(b, c, d) + K[t] + X[t]; + a += e; + e += Sum0(f) + Maj(f, g, h); + ++t; + + // t = 8 * i + 4 + d += Sum1(a) + Ch(a, b, c) + K[t] + X[t]; + h += d; + d += Sum0(e) + Maj(e, f, g); + ++t; + + // t = 8 * i + 5 + c += Sum1(h) + Ch(h, a, b) + K[t] + X[t]; + g += c; + c += Sum0(d) + Maj(d, e, f); + ++t; + + // t = 8 * i + 6 + b += Sum1(g) + Ch(g, h, a) + K[t] + X[t]; + f += b; + b += Sum0(c) + Maj(c, d, e); + ++t; + + // t = 8 * i + 7 + a += Sum1(f) + Ch(f, g, h) + K[t] + X[t]; + e += a; + a += Sum0(b) + Maj(b, c, d); + ++t; + } + + H1 += a; + H2 += b; + H3 += c; + H4 += d; + H5 += e; + H6 += f; + H7 += g; + H8 += h; + + // + // reset the offset and clean out the word buffer. + // + xOff = 0; + Array.Clear(X, 0, 16); + } + + /* SHA-224 functions */ + private static uint Ch(uint x, uint y, uint z) + { + return (x & y) ^ (~x & z); + } + + private static uint Maj(uint x, uint y, uint z) + { + return (x & y) ^ (x & z) ^ (y & z); + } + + private static uint Sum0(uint x) + { + return ((x >> 2) | (x << 30)) ^ ((x >> 13) | (x << 19)) ^ ((x >> 22) | (x << 10)); + } + + private static uint Sum1(uint x) + { + return ((x >> 6) | (x << 26)) ^ ((x >> 11) | (x << 21)) ^ ((x >> 25) | (x << 7)); + } + + private static uint Theta0(uint x) + { + return ((x >> 7) | (x << 25)) ^ ((x >> 18) | (x << 14)) ^ (x >> 3); + } + + private static uint Theta1(uint x) + { + return ((x >> 17) | (x << 15)) ^ ((x >> 19) | (x << 13)) ^ (x >> 10); + } + + /* SHA-224 Constants + * (represent the first 32 bits of the fractional parts of the + * cube roots of the first sixty-four prime numbers) + */ + internal static readonly uint[] K = { + 0x428a2f98, 0x71374491, 0xb5c0fbcf, 0xe9b5dba5, 0x3956c25b, 0x59f111f1, 0x923f82a4, 0xab1c5ed5, + 0xd807aa98, 0x12835b01, 0x243185be, 0x550c7dc3, 0x72be5d74, 0x80deb1fe, 0x9bdc06a7, 0xc19bf174, + 0xe49b69c1, 0xefbe4786, 0x0fc19dc6, 0x240ca1cc, 0x2de92c6f, 0x4a7484aa, 0x5cb0a9dc, 0x76f988da, + 0x983e5152, 0xa831c66d, 0xb00327c8, 0xbf597fc7, 0xc6e00bf3, 0xd5a79147, 0x06ca6351, 0x14292967, + 0x27b70a85, 0x2e1b2138, 0x4d2c6dfc, 0x53380d13, 0x650a7354, 0x766a0abb, 0x81c2c92e, 0x92722c85, + 0xa2bfe8a1, 0xa81a664b, 0xc24b8b70, 0xc76c51a3, 0xd192e819, 0xd6990624, 0xf40e3585, 0x106aa070, + 0x19a4c116, 0x1e376c08, 0x2748774c, 0x34b0bcb5, 0x391c0cb3, 0x4ed8aa4a, 0x5b9cca4f, 0x682e6ff3, + 0x748f82ee, 0x78a5636f, 0x84c87814, 0x8cc70208, 0x90befffa, 0xa4506ceb, 0xbef9a3f7, 0xc67178f2 + }; + + public override IMemoable Copy() + { + return new Sha224Digest(this); + } + + public override void Reset(IMemoable other) + { + Sha224Digest d = (Sha224Digest)other; + + CopyIn(d); + } + + } +} diff --git a/BouncyCastle/crypto/src/crypto/digests/Sha256Digest.cs b/BouncyCastle/crypto/src/crypto/digests/Sha256Digest.cs new file mode 100644 index 0000000..63d5b8b --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/digests/Sha256Digest.cs @@ -0,0 +1,318 @@ +using System; + +using Org.BouncyCastle.Crypto.Utilities; +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Crypto.Digests +{ + /** + * Draft FIPS 180-2 implementation of SHA-256. Note: As this is + * based on a draft this implementation is subject to change. + * + * 
+    *         block  word  digest
+    * SHA-1   512    32    160
+    * SHA-256 512    32    256
+    * SHA-384 1024   64    384
+    * SHA-512 1024   64    512
+    *
+ */ + public class Sha256Digest + : GeneralDigest + { + private const int DigestLength = 32; + + private uint H1, H2, H3, H4, H5, H6, H7, H8; + private uint[] X = new uint[64]; + private int xOff; + + public Sha256Digest() + { + initHs(); + } + + /** + * Copy constructor. This will copy the state of the provided + * message digest. + */ + public Sha256Digest(Sha256Digest t) : base(t) + { + CopyIn(t); + } + + private void CopyIn(Sha256Digest t) + { + base.CopyIn(t); + + H1 = t.H1; + H2 = t.H2; + H3 = t.H3; + H4 = t.H4; + H5 = t.H5; + H6 = t.H6; + H7 = t.H7; + H8 = t.H8; + + Array.Copy(t.X, 0, X, 0, t.X.Length); + xOff = t.xOff; + } + + public override string AlgorithmName + { + get { return "SHA-256"; } + } + + public override int GetDigestSize() + { + return DigestLength; + } + + internal override void ProcessWord( + byte[] input, + int inOff) + { + X[xOff] = Pack.BE_To_UInt32(input, inOff); + + if (++xOff == 16) + { + ProcessBlock(); + } + } + + internal override void ProcessLength( + long bitLength) + { + if (xOff > 14) + { + ProcessBlock(); + } + + X[14] = (uint)((ulong)bitLength >> 32); + X[15] = (uint)((ulong)bitLength); + } + + public override int DoFinal( + byte[] output, + int outOff) + { + Finish(); + + Pack.UInt32_To_BE((uint)H1, output, outOff); + Pack.UInt32_To_BE((uint)H2, output, outOff + 4); + Pack.UInt32_To_BE((uint)H3, output, outOff + 8); + Pack.UInt32_To_BE((uint)H4, output, outOff + 12); + Pack.UInt32_To_BE((uint)H5, output, outOff + 16); + Pack.UInt32_To_BE((uint)H6, output, outOff + 20); + Pack.UInt32_To_BE((uint)H7, output, outOff + 24); + Pack.UInt32_To_BE((uint)H8, output, outOff + 28); + + Reset(); + + return DigestLength; + } + + /** + * reset the chaining variables + */ + public override void Reset() + { + base.Reset(); + + initHs(); + + xOff = 0; + Array.Clear(X, 0, X.Length); + } + + private void initHs() + { + /* SHA-256 initial hash value + * The first 32 bits of the fractional parts of the square roots + * of the first eight prime numbers + */ + H1 = 0x6a09e667; + H2 = 0xbb67ae85; + H3 = 0x3c6ef372; + H4 = 0xa54ff53a; + H5 = 0x510e527f; + H6 = 0x9b05688c; + H7 = 0x1f83d9ab; + H8 = 0x5be0cd19; + } + + internal override void ProcessBlock() + { + // + // expand 16 word block into 64 word blocks. + // + for (int ti = 16; ti <= 63; ti++) + { + X[ti] = Theta1(X[ti - 2]) + X[ti - 7] + Theta0(X[ti - 15]) + X[ti - 16]; + } + + // + // set up working variables. + // + uint a = H1; + uint b = H2; + uint c = H3; + uint d = H4; + uint e = H5; + uint f = H6; + uint g = H7; + uint h = H8; + + int t = 0; + for(int i = 0; i < 8; ++i) + { + // t = 8 * i + h += Sum1Ch(e, f, g) + K[t] + X[t]; + d += h; + h += Sum0Maj(a, b, c); + ++t; + + // t = 8 * i + 1 + g += Sum1Ch(d, e, f) + K[t] + X[t]; + c += g; + g += Sum0Maj(h, a, b); + ++t; + + // t = 8 * i + 2 + f += Sum1Ch(c, d, e) + K[t] + X[t]; + b += f; + f += Sum0Maj(g, h, a); + ++t; + + // t = 8 * i + 3 + e += Sum1Ch(b, c, d) + K[t] + X[t]; + a += e; + e += Sum0Maj(f, g, h); + ++t; + + // t = 8 * i + 4 + d += Sum1Ch(a, b, c) + K[t] + X[t]; + h += d; + d += Sum0Maj(e, f, g); + ++t; + + // t = 8 * i + 5 + c += Sum1Ch(h, a, b) + K[t] + X[t]; + g += c; + c += Sum0Maj(d, e, f); + ++t; + + // t = 8 * i + 6 + b += Sum1Ch(g, h, a) + K[t] + X[t]; + f += b; + b += Sum0Maj(c, d, e); + ++t; + + // t = 8 * i + 7 + a += Sum1Ch(f, g, h) + K[t] + X[t]; + e += a; + a += Sum0Maj(b, c, d); + ++t; + } + + H1 += a; + H2 += b; + H3 += c; + H4 += d; + H5 += e; + H6 += f; + H7 += g; + H8 += h; + + // + // reset the offset and clean out the word buffer. + // + xOff = 0; + Array.Clear(X, 0, 16); + } + + private static uint Sum1Ch(uint x, uint y, uint z) + { +// return Sum1(x) + Ch(x, y, z); + return (((x >> 6) | (x << 26)) ^ ((x >> 11) | (x << 21)) ^ ((x >> 25) | (x << 7))) + //+ ((x & y) ^ ((~x) & z)); + + (z ^ (x & (y ^ z))); + } + + private static uint Sum0Maj(uint x, uint y, uint z) + { +// return Sum0(x) + Maj(x, y, z); + return (((x >> 2) | (x << 30)) ^ ((x >> 13) | (x << 19)) ^ ((x >> 22) | (x << 10))) + //+ ((x & y) ^ (x & z) ^ (y & z)); + + ((x & y) | (z & (x ^ y))); + } + +// /* SHA-256 functions */ +// private static uint Ch(uint x, uint y, uint z) +// { +// return (x & y) ^ ((~x) & z); +// //return z ^ (x & (y ^ z)); +// } +// +// private static uint Maj(uint x, uint y, uint z) +// { +// //return (x & y) ^ (x & z) ^ (y & z); +// return (x & y) | (z & (x ^ y)); +// } +// +// private static uint Sum0(uint x) +// { +// return ((x >> 2) | (x << 30)) ^ ((x >> 13) | (x << 19)) ^ ((x >> 22) | (x << 10)); +// } +// +// private static uint Sum1(uint x) +// { +// return ((x >> 6) | (x << 26)) ^ ((x >> 11) | (x << 21)) ^ ((x >> 25) | (x << 7)); +// } + + private static uint Theta0(uint x) + { + return ((x >> 7) | (x << 25)) ^ ((x >> 18) | (x << 14)) ^ (x >> 3); + } + + private static uint Theta1(uint x) + { + return ((x >> 17) | (x << 15)) ^ ((x >> 19) | (x << 13)) ^ (x >> 10); + } + + /* SHA-256 Constants + * (represent the first 32 bits of the fractional parts of the + * cube roots of the first sixty-four prime numbers) + */ + private static readonly uint[] K = { + 0x428a2f98, 0x71374491, 0xb5c0fbcf, 0xe9b5dba5, + 0x3956c25b, 0x59f111f1, 0x923f82a4, 0xab1c5ed5, + 0xd807aa98, 0x12835b01, 0x243185be, 0x550c7dc3, + 0x72be5d74, 0x80deb1fe, 0x9bdc06a7, 0xc19bf174, + 0xe49b69c1, 0xefbe4786, 0x0fc19dc6, 0x240ca1cc, + 0x2de92c6f, 0x4a7484aa, 0x5cb0a9dc, 0x76f988da, + 0x983e5152, 0xa831c66d, 0xb00327c8, 0xbf597fc7, + 0xc6e00bf3, 0xd5a79147, 0x06ca6351, 0x14292967, + 0x27b70a85, 0x2e1b2138, 0x4d2c6dfc, 0x53380d13, + 0x650a7354, 0x766a0abb, 0x81c2c92e, 0x92722c85, + 0xa2bfe8a1, 0xa81a664b, 0xc24b8b70, 0xc76c51a3, + 0xd192e819, 0xd6990624, 0xf40e3585, 0x106aa070, + 0x19a4c116, 0x1e376c08, 0x2748774c, 0x34b0bcb5, + 0x391c0cb3, 0x4ed8aa4a, 0x5b9cca4f, 0x682e6ff3, + 0x748f82ee, 0x78a5636f, 0x84c87814, 0x8cc70208, + 0x90befffa, 0xa4506ceb, 0xbef9a3f7, 0xc67178f2 + }; + + public override IMemoable Copy() + { + return new Sha256Digest(this); + } + + public override void Reset(IMemoable other) + { + Sha256Digest d = (Sha256Digest)other; + + CopyIn(d); + } + + } +} diff --git a/BouncyCastle/crypto/src/crypto/digests/Sha384Digest.cs b/BouncyCastle/crypto/src/crypto/digests/Sha384Digest.cs new file mode 100644 index 0000000..e6c9a9a --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/digests/Sha384Digest.cs @@ -0,0 +1,101 @@ +using System; + +using Org.BouncyCastle.Crypto.Utilities; +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Crypto.Digests +{ + /** + * Draft FIPS 180-2 implementation of SHA-384. Note: As this is + * based on a draft this implementation is subject to change. + * + * 
+     *         block  word  digest
+     * SHA-1   512    32    160
+     * SHA-256 512    32    256
+     * SHA-384 1024   64    384
+     * SHA-512 1024   64    512
+     *
+ */ + public class Sha384Digest + : LongDigest + { + private const int DigestLength = 48; + + public Sha384Digest() + { + } + + /** + * Copy constructor. This will copy the state of the provided + * message digest. + */ + public Sha384Digest( + Sha384Digest t) + : base(t) + { + } + + public override string AlgorithmName + { + get { return "SHA-384"; } + } + + public override int GetDigestSize() + { + return DigestLength; + } + + public override int DoFinal( + byte[] output, + int outOff) + { + Finish(); + + Pack.UInt64_To_BE(H1, output, outOff); + Pack.UInt64_To_BE(H2, output, outOff + 8); + Pack.UInt64_To_BE(H3, output, outOff + 16); + Pack.UInt64_To_BE(H4, output, outOff + 24); + Pack.UInt64_To_BE(H5, output, outOff + 32); + Pack.UInt64_To_BE(H6, output, outOff + 40); + + Reset(); + + return DigestLength; + } + + /** + * reset the chaining variables + */ + public override void Reset() + { + base.Reset(); + + /* SHA-384 initial hash value + * The first 64 bits of the fractional parts of the square roots + * of the 9th through 16th prime numbers + */ + H1 = 0xcbbb9d5dc1059ed8; + H2 = 0x629a292a367cd507; + H3 = 0x9159015a3070dd17; + H4 = 0x152fecd8f70e5939; + H5 = 0x67332667ffc00b31; + H6 = 0x8eb44a8768581511; + H7 = 0xdb0c2e0d64f98fa7; + H8 = 0x47b5481dbefa4fa4; + } + + public override IMemoable Copy() + { + return new Sha384Digest(this); + } + + public override void Reset(IMemoable other) + { + Sha384Digest d = (Sha384Digest)other; + + CopyIn(d); + } + + } +} diff --git a/BouncyCastle/crypto/src/crypto/digests/Sha512Digest.cs b/BouncyCastle/crypto/src/crypto/digests/Sha512Digest.cs new file mode 100644 index 0000000..2a0964f --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/digests/Sha512Digest.cs @@ -0,0 +1,104 @@ +using System; + +using Org.BouncyCastle.Crypto.Utilities; +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Crypto.Digests +{ + /** + * Draft FIPS 180-2 implementation of SHA-512. Note: As this is + * based on a draft this implementation is subject to change. + * + * 
+     *         block  word  digest
+     * SHA-1   512    32    160
+     * SHA-256 512    32    256
+     * SHA-384 1024   64    384
+     * SHA-512 1024   64    512
+     *
+ */ + public class Sha512Digest + : LongDigest + { + private const int DigestLength = 64; + + public Sha512Digest() + { + } + + /** + * Copy constructor. This will copy the state of the provided + * message digest. + */ + public Sha512Digest( + Sha512Digest t) + : base(t) + { + } + + public override string AlgorithmName + { + get { return "SHA-512"; } + } + + public override int GetDigestSize() + { + return DigestLength; + } + + public override int DoFinal( + byte[] output, + int outOff) + { + Finish(); + + Pack.UInt64_To_BE(H1, output, outOff); + Pack.UInt64_To_BE(H2, output, outOff + 8); + Pack.UInt64_To_BE(H3, output, outOff + 16); + Pack.UInt64_To_BE(H4, output, outOff + 24); + Pack.UInt64_To_BE(H5, output, outOff + 32); + Pack.UInt64_To_BE(H6, output, outOff + 40); + Pack.UInt64_To_BE(H7, output, outOff + 48); + Pack.UInt64_To_BE(H8, output, outOff + 56); + + Reset(); + + return DigestLength; + + } + + /** + * reset the chaining variables + */ + public override void Reset() + { + base.Reset(); + + /* SHA-512 initial hash value + * The first 64 bits of the fractional parts of the square roots + * of the first eight prime numbers + */ + H1 = 0x6a09e667f3bcc908; + H2 = 0xbb67ae8584caa73b; + H3 = 0x3c6ef372fe94f82b; + H4 = 0xa54ff53a5f1d36f1; + H5 = 0x510e527fade682d1; + H6 = 0x9b05688c2b3e6c1f; + H7 = 0x1f83d9abfb41bd6b; + H8 = 0x5be0cd19137e2179; + } + + public override IMemoable Copy() + { + return new Sha512Digest(this); + } + + public override void Reset(IMemoable other) + { + Sha512Digest d = (Sha512Digest)other; + + CopyIn(d); + } + + } +} diff --git a/BouncyCastle/crypto/src/crypto/digests/Sha512tDigest.cs b/BouncyCastle/crypto/src/crypto/digests/Sha512tDigest.cs new file mode 100644 index 0000000..2caefa7 --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/digests/Sha512tDigest.cs @@ -0,0 +1,200 @@ +using System; + +using Org.BouncyCastle.Crypto.Utilities; +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Crypto.Digests +{ + /** + * FIPS 180-4 implementation of SHA-512/t + */ + public class Sha512tDigest + : LongDigest + { + private const ulong A5 = 0xa5a5a5a5a5a5a5a5UL; + + private readonly int digestLength; + + private ulong H1t, H2t, H3t, H4t, H5t, H6t, H7t, H8t; + + /** + * Standard constructor + */ + public Sha512tDigest(int bitLength) + { + if (bitLength >= 512) + throw new ArgumentException("cannot be >= 512", "bitLength"); + if (bitLength % 8 != 0) + throw new ArgumentException("needs to be a multiple of 8", "bitLength"); + if (bitLength == 384) + throw new ArgumentException("cannot be 384 use SHA384 instead", "bitLength"); + + this.digestLength = bitLength / 8; + + tIvGenerate(digestLength * 8); + + Reset(); + } + + /** + * Copy constructor. This will copy the state of the provided + * message digest. + */ + public Sha512tDigest(Sha512tDigest t) + : base(t) + { + this.digestLength = t.digestLength; + + Reset(t); + } + + public override string AlgorithmName + { + get { return "SHA-512/" + (digestLength * 8); } + } + + public override int GetDigestSize() + { + return digestLength; + } + + public override int DoFinal(byte[] output, int outOff) + { + Finish(); + + UInt64_To_BE(H1, output, outOff, digestLength); + UInt64_To_BE(H2, output, outOff + 8, digestLength - 8); + UInt64_To_BE(H3, output, outOff + 16, digestLength - 16); + UInt64_To_BE(H4, output, outOff + 24, digestLength - 24); + UInt64_To_BE(H5, output, outOff + 32, digestLength - 32); + UInt64_To_BE(H6, output, outOff + 40, digestLength - 40); + UInt64_To_BE(H7, output, outOff + 48, digestLength - 48); + UInt64_To_BE(H8, output, outOff + 56, digestLength - 56); + + Reset(); + + return digestLength; + } + + /** + * reset the chaining variables + */ + public override void Reset() + { + base.Reset(); + + /* + * initial hash values use the iv generation algorithm for t. + */ + H1 = H1t; + H2 = H2t; + H3 = H3t; + H4 = H4t; + H5 = H5t; + H6 = H6t; + H7 = H7t; + H8 = H8t; + } + + private void tIvGenerate(int bitLength) + { + H1 = 0x6a09e667f3bcc908UL ^ A5; + H2 = 0xbb67ae8584caa73bUL ^ A5; + H3 = 0x3c6ef372fe94f82bUL ^ A5; + H4 = 0xa54ff53a5f1d36f1UL ^ A5; + H5 = 0x510e527fade682d1UL ^ A5; + H6 = 0x9b05688c2b3e6c1fUL ^ A5; + H7 = 0x1f83d9abfb41bd6bUL ^ A5; + H8 = 0x5be0cd19137e2179UL ^ A5; + + Update(0x53); + Update(0x48); + Update(0x41); + Update(0x2D); + Update(0x35); + Update(0x31); + Update(0x32); + Update(0x2F); + + if (bitLength > 100) + { + Update((byte)(bitLength / 100 + 0x30)); + bitLength = bitLength % 100; + Update((byte)(bitLength / 10 + 0x30)); + bitLength = bitLength % 10; + Update((byte)(bitLength + 0x30)); + } + else if (bitLength > 10) + { + Update((byte)(bitLength / 10 + 0x30)); + bitLength = bitLength % 10; + Update((byte)(bitLength + 0x30)); + } + else + { + Update((byte)(bitLength + 0x30)); + } + + Finish(); + + H1t = H1; + H2t = H2; + H3t = H3; + H4t = H4; + H5t = H5; + H6t = H6; + H7t = H7; + H8t = H8; + } + + private static void UInt64_To_BE(ulong n, byte[] bs, int off, int max) + { + if (max > 0) + { + UInt32_To_BE((uint)(n >> 32), bs, off, max); + + if (max > 4) + { + UInt32_To_BE((uint)n, bs, off + 4, max - 4); + } + } + } + + private static void UInt32_To_BE(uint n, byte[] bs, int off, int max) + { + int num = System.Math.Min(4, max); + while (--num >= 0) + { + int shift = 8 * (3 - num); + bs[off + num] = (byte)(n >> shift); + } + } + + public override IMemoable Copy() + { + return new Sha512tDigest(this); + } + + public override void Reset(IMemoable other) + { + Sha512tDigest t = (Sha512tDigest)other; + + if (this.digestLength != t.digestLength) + { + throw new MemoableResetException("digestLength inappropriate in other"); + } + + base.CopyIn(t); + + this.H1t = t.H1t; + this.H2t = t.H2t; + this.H3t = t.H3t; + this.H4t = t.H4t; + this.H5t = t.H5t; + this.H6t = t.H6t; + this.H7t = t.H7t; + this.H8t = t.H8t; + } + + } +} diff --git a/BouncyCastle/crypto/src/crypto/digests/ShakeDigest.cs b/BouncyCastle/crypto/src/crypto/digests/ShakeDigest.cs new file mode 100644 index 0000000..8d7a7d6 --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/digests/ShakeDigest.cs @@ -0,0 +1,124 @@ +using System; +using System.Diagnostics; + +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Crypto.Digests +{ + /// + /// Implementation of SHAKE based on following KeccakNISTInterface.c from http://keccak.noekeon.org/ + /// + /// + /// Following the naming conventions used in the C source code to enable easy review of the implementation. + /// + public class ShakeDigest + : KeccakDigest, IXof + { + private static int CheckBitLength(int bitLength) + { + switch (bitLength) + { + case 128: + case 256: + return bitLength; + default: + throw new ArgumentException(bitLength + " not supported for SHAKE", "bitLength"); + } + } + + public ShakeDigest() + : this(128) + { + } + + public ShakeDigest(int bitLength) + : base(CheckBitLength(bitLength)) + { + } + + public ShakeDigest(ShakeDigest source) + : base(source) + { + } + + public override string AlgorithmName + { + get { return "SHAKE" + fixedOutputLength; } + } + + public override int GetDigestSize() + { + return fixedOutputLength >> 2; + } + + public override int DoFinal(byte[] output, int outOff) + { + return DoFinal(output, outOff, GetDigestSize()); + } + + public virtual int DoFinal(byte[] output, int outOff, int outLen) + { + int length = DoOutput(output, outOff, outLen); + + Reset(); + + return length; + } + + public virtual int DoOutput(byte[] output, int outOff, int outLen) + { + if (!squeezing) + { + AbsorbBits(0x0F, 4); + } + + Squeeze(output, outOff, (long)outLen << 3); + + return outLen; + } + + /* + * TODO Possible API change to support partial-byte suffixes. + */ + protected override int DoFinal(byte[] output, int outOff, byte partialByte, int partialBits) + { + return DoFinal(output, outOff, GetDigestSize(), partialByte, partialBits); + } + + /* + * TODO Possible API change to support partial-byte suffixes. + */ + protected virtual int DoFinal(byte[] output, int outOff, int outLen, byte partialByte, int partialBits) + { + if (partialBits < 0 || partialBits > 7) + throw new ArgumentException("must be in the range [0,7]", "partialBits"); + + int finalInput = (partialByte & ((1 << partialBits) - 1)) | (0x0F << partialBits); + Debug.Assert(finalInput >= 0); + int finalBits = partialBits + 4; + + if (finalBits >= 8) + { + Absorb((byte)finalInput); + finalBits -= 8; + finalInput >>= 8; + } + + if (finalBits > 0) + { + AbsorbBits(finalInput, finalBits); + } + + Squeeze(output, outOff, (long)outLen << 3); + + Reset(); + + return outLen; + } + + public override IMemoable Copy() + { + return new ShakeDigest(this); + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/digests/ShortenedDigest.cs b/BouncyCastle/crypto/src/crypto/digests/ShortenedDigest.cs new file mode 100644 index 0000000..9e4d99e --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/digests/ShortenedDigest.cs @@ -0,0 +1,82 @@ +using System; +using Org.BouncyCastle.Crypto; + +namespace Org.BouncyCastle.Crypto.Digests +{ + /** + * Wrapper class that reduces the output length of a particular digest to + * only the first n bytes of the digest function. + */ + public class ShortenedDigest + : IDigest + { + private IDigest baseDigest; + private int length; + + /** + * Base constructor. + * + * @param baseDigest underlying digest to use. + * @param length length in bytes of the output of doFinal. + * @exception ArgumentException if baseDigest is null, or length is greater than baseDigest.GetDigestSize(). + */ + public ShortenedDigest( + IDigest baseDigest, + int length) + { + if (baseDigest == null) + { + throw new ArgumentNullException("baseDigest"); + } + + if (length > baseDigest.GetDigestSize()) + { + throw new ArgumentException("baseDigest output not large enough to support length"); + } + + this.baseDigest = baseDigest; + this.length = length; + } + + public string AlgorithmName + { + get { return baseDigest.AlgorithmName + "(" + length * 8 + ")"; } + } + + public int GetDigestSize() + { + return length; + } + + public void Update(byte input) + { + baseDigest.Update(input); + } + + public void BlockUpdate(byte[] input, int inOff, int length) + { + baseDigest.BlockUpdate(input, inOff, length); + } + + public int DoFinal(byte[] output, int outOff) + { + byte[] tmp = new byte[baseDigest.GetDigestSize()]; + + baseDigest.DoFinal(tmp, 0); + + Array.Copy(tmp, 0, output, outOff, length); + + return length; + } + + public void Reset() + { + baseDigest.Reset(); + } + + public int GetByteLength() + { + return baseDigest.GetByteLength(); + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/digests/SkeinDigest.cs b/BouncyCastle/crypto/src/crypto/digests/SkeinDigest.cs new file mode 100644 index 0000000..f826ce5 --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/digests/SkeinDigest.cs @@ -0,0 +1,117 @@ +using System; +using System.Collections; + +using Org.BouncyCastle.Crypto.Engines; +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Crypto.Digests +{ + + /// + /// Implementation of the Skein parameterised hash function in 256, 512 and 1024 bit block sizes, + /// based on the Threefish tweakable block cipher. + /// + /// + /// This is the 1.3 version of Skein defined in the Skein hash function submission to the NIST SHA-3 + /// competition in October 2010. + ///

+ /// Skein was designed by Niels Ferguson - Stefan Lucks - Bruce Schneier - Doug Whiting - Mihir + /// Bellare - Tadayoshi Kohno - Jon Callas - Jesse Walker. + /// + /// + /// + public class SkeinDigest + : IDigest, IMemoable + { + ///

+ /// 256 bit block size - Skein-256 + /// + public const int SKEIN_256 = SkeinEngine.SKEIN_256; + /// + /// 512 bit block size - Skein-512 + /// + public const int SKEIN_512 = SkeinEngine.SKEIN_512; + /// + /// 1024 bit block size - Skein-1024 + /// + public const int SKEIN_1024 = SkeinEngine.SKEIN_1024; + + private readonly SkeinEngine engine; + + /// + /// Constructs a Skein digest with an internal state size and output size. + /// + /// the internal state size in bits - one of or + /// . + /// the output/digest size to produce in bits, which must be an integral number of + /// bytes. + public SkeinDigest(int stateSizeBits, int digestSizeBits) + { + this.engine = new SkeinEngine(stateSizeBits, digestSizeBits); + Init(null); + } + + public SkeinDigest(SkeinDigest digest) + { + this.engine = new SkeinEngine(digest.engine); + } + + public void Reset(IMemoable other) + { + SkeinDigest d = (SkeinDigest)other; + engine.Reset(d.engine); + } + + public IMemoable Copy() + { + return new SkeinDigest(this); + } + + public String AlgorithmName + { + get { return "Skein-" + (engine.BlockSize * 8) + "-" + (engine.OutputSize * 8); } + } + + public int GetDigestSize() + { + return engine.OutputSize; + } + + public int GetByteLength() + { + return engine.BlockSize; + } + + /// + /// Optionally initialises the Skein digest with the provided parameters. + /// + /// See for details on the parameterisation of the Skein hash function. + /// the parameters to apply to this engine, or null to use no parameters. + public void Init(SkeinParameters parameters) + { + engine.Init(parameters); + } + + public void Reset() + { + engine.Reset(); + } + + public void Update(byte inByte) + { + engine.Update(inByte); + } + + public void BlockUpdate(byte[] inBytes, int inOff, int len) + { + engine.Update(inBytes, inOff, len); + } + + public int DoFinal(byte[] outBytes, int outOff) + { + return engine.DoFinal(outBytes, outOff); + } + + } +} \ No newline at end of file diff --git a/BouncyCastle/crypto/src/crypto/digests/SkeinEngine.cs b/BouncyCastle/crypto/src/crypto/digests/SkeinEngine.cs new file mode 100644 index 0000000..cfedfad --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/digests/SkeinEngine.cs @@ -0,0 +1,804 @@ +using System; +using System.Collections; + +using Org.BouncyCastle.Crypto.Engines; +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Crypto.Digests +{ + + /// + /// Implementation of the Skein family of parameterised hash functions in 256, 512 and 1024 bit block + /// sizes, based on the Threefish tweakable block cipher. + /// + /// + /// This is the 1.3 version of Skein defined in the Skein hash function submission to the NIST SHA-3 + /// competition in October 2010. + ///

+ /// Skein was designed by Niels Ferguson - Stefan Lucks - Bruce Schneier - Doug Whiting - Mihir + /// Bellare - Tadayoshi Kohno - Jon Callas - Jesse Walker. + ///

+ /// This implementation is the basis for and , implementing the + /// parameter based configuration system that allows Skein to be adapted to multiple applications.
+ /// Initialising the engine with allows standard and arbitrary parameters to + /// be applied during the Skein hash function. + ///

+ /// Implemented: + ///

    + ///
  • 256, 512 and 1024 bit internal states.
    • + ///
  • Full 96 bit input length.
    • + ///
  • Parameters defined in the Skein specification, and arbitrary other pre and post message + /// parameters.
    • + ///
  • Arbitrary output size in 1 byte intervals.
    • + ///
+ ///

+ /// Not implemented: + ///

    + ///
  • Sub-byte length input (bit padding).
    • + ///
  • Tree hashing.
    • + ///
+ /// + /// + public class SkeinEngine + : IMemoable + { + /// + /// 256 bit block size - Skein-256 + /// + public const int SKEIN_256 = ThreefishEngine.BLOCKSIZE_256; + /// + /// 512 bit block size - Skein-512 + /// + public const int SKEIN_512 = ThreefishEngine.BLOCKSIZE_512; + /// + /// 1024 bit block size - Skein-1024 + /// + public const int SKEIN_1024 = ThreefishEngine.BLOCKSIZE_1024; + + // Minimal at present, but more complex when tree hashing is implemented + private class Configuration + { + private byte[] bytes = new byte[32]; + + public Configuration(long outputSizeBits) + { + // 0..3 = ASCII SHA3 + bytes[0] = (byte)'S'; + bytes[1] = (byte)'H'; + bytes[2] = (byte)'A'; + bytes[3] = (byte)'3'; + + // 4..5 = version number in LSB order + bytes[4] = 1; + bytes[5] = 0; + + // 8..15 = output length + ThreefishEngine.WordToBytes((ulong)outputSizeBits, bytes, 8); + } + + public byte[] Bytes + { + get { return bytes; } + } + + } + + public class Parameter + { + private int type; + private byte[] value; + + public Parameter(int type, byte[] value) + { + this.type = type; + this.value = value; + } + + public int Type + { + get { return type; } + } + + public byte[] Value + { + get { return value; } + } + + } + + /** + * The parameter type for the Skein key. + */ + private const int PARAM_TYPE_KEY = 0; + + /** + * The parameter type for the Skein configuration block. + */ + private const int PARAM_TYPE_CONFIG = 4; + + /** + * The parameter type for the message. + */ + private const int PARAM_TYPE_MESSAGE = 48; + + /** + * The parameter type for the output transformation. + */ + private const int PARAM_TYPE_OUTPUT = 63; + + /** + * Precalculated UBI(CFG) states for common state/output combinations without key or other + * pre-message params. + */ + private static readonly IDictionary INITIAL_STATES = Platform.CreateHashtable(); + + static SkeinEngine() + { + // From Appendix C of the Skein 1.3 NIST submission + InitialState(SKEIN_256, 128, new ulong[]{ + 0xe1111906964d7260UL, + 0x883daaa77c8d811cUL, + 0x10080df491960f7aUL, + 0xccf7dde5b45bc1c2UL}); + + InitialState(SKEIN_256, 160, new ulong[]{ + 0x1420231472825e98UL, + 0x2ac4e9a25a77e590UL, + 0xd47a58568838d63eUL, + 0x2dd2e4968586ab7dUL}); + + InitialState(SKEIN_256, 224, new ulong[]{ + 0xc6098a8c9ae5ea0bUL, + 0x876d568608c5191cUL, + 0x99cb88d7d7f53884UL, + 0x384bddb1aeddb5deUL}); + + InitialState(SKEIN_256, 256, new ulong[]{ + 0xfc9da860d048b449UL, + 0x2fca66479fa7d833UL, + 0xb33bc3896656840fUL, + 0x6a54e920fde8da69UL}); + + InitialState(SKEIN_512, 128, new ulong[]{ + 0xa8bc7bf36fbf9f52UL, + 0x1e9872cebd1af0aaUL, + 0x309b1790b32190d3UL, + 0xbcfbb8543f94805cUL, + 0x0da61bcd6e31b11bUL, + 0x1a18ebead46a32e3UL, + 0xa2cc5b18ce84aa82UL, + 0x6982ab289d46982dUL}); + + InitialState(SKEIN_512, 160, new ulong[]{ + 0x28b81a2ae013bd91UL, + 0xc2f11668b5bdf78fUL, + 0x1760d8f3f6a56f12UL, + 0x4fb747588239904fUL, + 0x21ede07f7eaf5056UL, + 0xd908922e63ed70b8UL, + 0xb8ec76ffeccb52faUL, + 0x01a47bb8a3f27a6eUL}); + + InitialState(SKEIN_512, 224, new ulong[]{ + 0xccd0616248677224UL, + 0xcba65cf3a92339efUL, + 0x8ccd69d652ff4b64UL, + 0x398aed7b3ab890b4UL, + 0x0f59d1b1457d2bd0UL, + 0x6776fe6575d4eb3dUL, + 0x99fbc70e997413e9UL, + 0x9e2cfccfe1c41ef7UL}); + + InitialState(SKEIN_512, 384, new ulong[]{ + 0xa3f6c6bf3a75ef5fUL, + 0xb0fef9ccfd84faa4UL, + 0x9d77dd663d770cfeUL, + 0xd798cbf3b468fddaUL, + 0x1bc4a6668a0e4465UL, + 0x7ed7d434e5807407UL, + 0x548fc1acd4ec44d6UL, + 0x266e17546aa18ff8UL}); + + InitialState(SKEIN_512, 512, new ulong[]{ + 0x4903adff749c51ceUL, + 0x0d95de399746df03UL, + 0x8fd1934127c79bceUL, + 0x9a255629ff352cb1UL, + 0x5db62599df6ca7b0UL, + 0xeabe394ca9d5c3f4UL, + 0x991112c71a75b523UL, + 0xae18a40b660fcc33UL}); + } + + private static void InitialState(int blockSize, int outputSize, ulong[] state) + { + INITIAL_STATES.Add(VariantIdentifier(blockSize / 8, outputSize / 8), state); + } + + private static int VariantIdentifier(int blockSizeBytes, int outputSizeBytes) + { + return (outputSizeBytes << 16) | blockSizeBytes; + } + + private class UbiTweak + { + /** + * Point at which position might overflow long, so switch to add with carry logic + */ + private const ulong LOW_RANGE = UInt64.MaxValue - UInt32.MaxValue; + + /** + * Bit 127 = final + */ + private const ulong T1_FINAL = 1UL << 63; + + /** + * Bit 126 = first + */ + private const ulong T1_FIRST = 1UL << 62; + + /** + * UBI uses a 128 bit tweak + */ + private ulong[] tweak = new ulong[2]; + + /** + * Whether 64 bit position exceeded + */ + private bool extendedPosition; + + public UbiTweak() + { + Reset(); + } + + public void Reset(UbiTweak tweak) + { + this.tweak = Arrays.Clone(tweak.tweak, this.tweak); + this.extendedPosition = tweak.extendedPosition; + } + + public void Reset() + { + tweak[0] = 0; + tweak[1] = 0; + extendedPosition = false; + First = true; + } + + public uint Type + { + get + { + return (uint)((tweak[1] >> 56) & 0x3FUL); + } + + set + { + // Bits 120..125 = type + tweak[1] = (tweak[1] & 0xFFFFFFC000000000UL) | ((value & 0x3FUL) << 56); + } + } + + public bool First + { + get + { + return ((tweak[1] & T1_FIRST) != 0); + } + set + { + if (value) + { + tweak[1] |= T1_FIRST; + } + else + { + tweak[1] &= ~T1_FIRST; + } + } + } + + public bool Final + { + get + { + return ((tweak[1] & T1_FINAL) != 0); + } + set + { + if (value) + { + tweak[1] |= T1_FINAL; + } + else + { + tweak[1] &= ~T1_FINAL; + } + } + } + + /** + * Advances the position in the tweak by the specified value. + */ + public void AdvancePosition(int advance) + { + // Bits 0..95 = position + if (extendedPosition) + { + ulong[] parts = new ulong[3]; + parts[0] = tweak[0] & 0xFFFFFFFFUL; + parts[1] = (tweak[0] >> 32) & 0xFFFFFFFFUL; + parts[2] = tweak[1] & 0xFFFFFFFFUL; + + ulong carry = (ulong)advance; + for (int i = 0; i < parts.Length; i++) + { + carry += parts[i]; + parts[i] = carry; + carry >>= 32; + } + tweak[0] = ((parts[1] & 0xFFFFFFFFUL) << 32) | (parts[0] & 0xFFFFFFFFUL); + tweak[1] = (tweak[1] & 0xFFFFFFFF00000000UL) | (parts[2] & 0xFFFFFFFFUL); + } + else + { + ulong position = tweak[0]; + position += (uint)advance; + tweak[0] = position; + if (position > LOW_RANGE) + { + extendedPosition = true; + } + } + } + + public ulong[] GetWords() + { + return tweak; + } + + public override string ToString() + { + return Type + " first: " + First + ", final: " + Final; + } + + } + + /** + * The Unique Block Iteration chaining mode. + */ + // TODO: This might be better as methods... + private class UBI + { + private readonly UbiTweak tweak = new UbiTweak(); + + private readonly SkeinEngine engine; + + /** + * Buffer for the current block of message data + */ + private byte[] currentBlock; + + /** + * Offset into the current message block + */ + private int currentOffset; + + /** + * Buffer for message words for feedback into encrypted block + */ + private ulong[] message; + + public UBI(SkeinEngine engine, int blockSize) + { + this.engine = engine; + currentBlock = new byte[blockSize]; + message = new ulong[currentBlock.Length / 8]; + } + + public void Reset(UBI ubi) + { + currentBlock = Arrays.Clone(ubi.currentBlock, currentBlock); + currentOffset = ubi.currentOffset; + message = Arrays.Clone(ubi.message, this.message); + tweak.Reset(ubi.tweak); + } + + public void Reset(int type) + { + tweak.Reset(); + tweak.Type = (uint)type; + currentOffset = 0; + } + + public void Update(byte[] value, int offset, int len, ulong[] output) + { + /* + * Buffer complete blocks for the underlying Threefish cipher, only flushing when there + * are subsequent bytes (last block must be processed in doFinal() with final=true set). + */ + int copied = 0; + while (len > copied) + { + if (currentOffset == currentBlock.Length) + { + ProcessBlock(output); + tweak.First = false; + currentOffset = 0; + } + + int toCopy = System.Math.Min((len - copied), currentBlock.Length - currentOffset); + Array.Copy(value, offset + copied, currentBlock, currentOffset, toCopy); + copied += toCopy; + currentOffset += toCopy; + tweak.AdvancePosition(toCopy); + } + } + + private void ProcessBlock(ulong[] output) + { + engine.threefish.Init(true, engine.chain, tweak.GetWords()); + for (int i = 0; i < message.Length; i++) + { + message[i] = ThreefishEngine.BytesToWord(currentBlock, i * 8); + } + + engine.threefish.ProcessBlock(message, output); + + for (int i = 0; i < output.Length; i++) + { + output[i] ^= message[i]; + } + } + + public void DoFinal(ulong[] output) + { + // Pad remainder of current block with zeroes + for (int i = currentOffset; i < currentBlock.Length; i++) + { + currentBlock[i] = 0; + } + + tweak.Final = true; + ProcessBlock(output); + } + + } + + /** + * Underlying Threefish tweakable block cipher + */ + private readonly ThreefishEngine threefish; + + /** + * Size of the digest output, in bytes + */ + private readonly int outputSizeBytes; + + /** + * The current chaining/state value + */ + private ulong[] chain; + + /** + * The initial state value + */ + private ulong[] initialState; + + /** + * The (optional) key parameter + */ + private byte[] key; + + /** + * Parameters to apply prior to the message + */ + private Parameter[] preMessageParameters; + + /** + * Parameters to apply after the message, but prior to output + */ + private Parameter[] postMessageParameters; + + /** + * The current UBI operation + */ + private readonly UBI ubi; + + /** + * Buffer for single byte update method + */ + private readonly byte[] singleByte = new byte[1]; + + /// + /// Constructs a Skein digest with an internal state size and output size. + /// + /// the internal state size in bits - one of or + /// . + /// the output/digest size to produce in bits, which must be an integral number of + /// bytes. + public SkeinEngine(int blockSizeBits, int outputSizeBits) + { + if (outputSizeBits % 8 != 0) + { + throw new ArgumentException("Output size must be a multiple of 8 bits. :" + outputSizeBits); + } + // TODO: Prevent digest sizes > block size? + this.outputSizeBytes = outputSizeBits / 8; + + this.threefish = new ThreefishEngine(blockSizeBits); + this.ubi = new UBI(this,threefish.GetBlockSize()); + } + + /// + /// Creates a SkeinEngine as an exact copy of an existing instance. + /// + public SkeinEngine(SkeinEngine engine) + : this(engine.BlockSize * 8, engine.OutputSize * 8) + { + CopyIn(engine); + } + + private void CopyIn(SkeinEngine engine) + { + this.ubi.Reset(engine.ubi); + this.chain = Arrays.Clone(engine.chain, this.chain); + this.initialState = Arrays.Clone(engine.initialState, this.initialState); + this.key = Arrays.Clone(engine.key, this.key); + this.preMessageParameters = Clone(engine.preMessageParameters, this.preMessageParameters); + this.postMessageParameters = Clone(engine.postMessageParameters, this.postMessageParameters); + } + + private static Parameter[] Clone(Parameter[] data, Parameter[] existing) + { + if (data == null) + { + return null; + } + if ((existing == null) || (existing.Length != data.Length)) + { + existing = new Parameter[data.Length]; + } + Array.Copy(data, 0, existing, 0, existing.Length); + return existing; + } + + public IMemoable Copy() + { + return new SkeinEngine(this); + } + + public void Reset(IMemoable other) + { + SkeinEngine s = (SkeinEngine)other; + if ((BlockSize != s.BlockSize) || (outputSizeBytes != s.outputSizeBytes)) + { + throw new MemoableResetException("Incompatible parameters in provided SkeinEngine."); + } + CopyIn(s); + } + + public int OutputSize + { + get { return outputSizeBytes; } + } + + public int BlockSize + { + get { return threefish.GetBlockSize (); } + } + + /// + /// Initialises the Skein engine with the provided parameters. See for + /// details on the parameterisation of the Skein hash function. + /// + /// the parameters to apply to this engine, or null to use no parameters. + public void Init(SkeinParameters parameters) + { + this.chain = null; + this.key = null; + this.preMessageParameters = null; + this.postMessageParameters = null; + + if (parameters != null) + { + byte[] key = parameters.GetKey(); + if (key.Length < 16) + { + throw new ArgumentException("Skein key must be at least 128 bits."); + } + InitParams(parameters.GetParameters()); + } + CreateInitialState(); + + // Initialise message block + UbiInit(PARAM_TYPE_MESSAGE); + } + + private void InitParams(IDictionary parameters) + { + IEnumerator keys = parameters.Keys.GetEnumerator(); + IList pre = Platform.CreateArrayList(); + IList post = Platform.CreateArrayList(); + + while (keys.MoveNext()) + { + int type = (int)keys.Current; + byte[] value = (byte[])parameters[type]; + + if (type == PARAM_TYPE_KEY) + { + this.key = value; + } + else if (type < PARAM_TYPE_MESSAGE) + { + pre.Add(new Parameter(type, value)); + } + else + { + post.Add(new Parameter(type, value)); + } + } + preMessageParameters = new Parameter[pre.Count]; + pre.CopyTo(preMessageParameters, 0); + Array.Sort(preMessageParameters); + + postMessageParameters = new Parameter[post.Count]; + post.CopyTo(postMessageParameters, 0); + Array.Sort(postMessageParameters); + } + + /** + * Calculate the initial (pre message block) chaining state. + */ + private void CreateInitialState() + { + ulong[] precalc = (ulong[])INITIAL_STATES[VariantIdentifier(BlockSize, OutputSize)]; + if ((key == null) && (precalc != null)) + { + // Precalculated UBI(CFG) + chain = Arrays.Clone(precalc); + } + else + { + // Blank initial state + chain = new ulong[BlockSize / 8]; + + // Process key block + if (key != null) + { + UbiComplete(SkeinParameters.PARAM_TYPE_KEY, key); + } + + // Process configuration block + UbiComplete(PARAM_TYPE_CONFIG, new Configuration(outputSizeBytes * 8).Bytes); + } + + // Process additional pre-message parameters + if (preMessageParameters != null) + { + for (int i = 0; i < preMessageParameters.Length; i++) + { + Parameter param = preMessageParameters[i]; + UbiComplete(param.Type, param.Value); + } + } + initialState = Arrays.Clone(chain); + } + + /// + /// Reset the engine to the initial state (with the key and any pre-message parameters , ready to + /// accept message input. + /// + public void Reset() + { + Array.Copy(initialState, 0, chain, 0, chain.Length); + + UbiInit(PARAM_TYPE_MESSAGE); + } + + private void UbiComplete(int type, byte[] value) + { + UbiInit(type); + this.ubi.Update(value, 0, value.Length, chain); + UbiFinal(); + } + + private void UbiInit(int type) + { + this.ubi.Reset(type); + } + + private void UbiFinal() + { + ubi.DoFinal(chain); + } + + private void CheckInitialised() + { + if (this.ubi == null) + { + throw new ArgumentException("Skein engine is not initialised."); + } + } + + public void Update(byte inByte) + { + singleByte[0] = inByte; + Update(singleByte, 0, 1); + } + + public void Update(byte[] inBytes, int inOff, int len) + { + CheckInitialised(); + ubi.Update(inBytes, inOff, len, chain); + } + + public int DoFinal(byte[] outBytes, int outOff) + { + CheckInitialised(); + if (outBytes.Length < (outOff + outputSizeBytes)) + { + throw new DataLengthException("Output buffer is too short to hold output"); + } + + // Finalise message block + UbiFinal(); + + // Process additional post-message parameters + if (postMessageParameters != null) + { + for (int i = 0; i < postMessageParameters.Length; i++) + { + Parameter param = postMessageParameters[i]; + UbiComplete(param.Type, param.Value); + } + } + + // Perform the output transform + int blockSize = BlockSize; + int blocksRequired = ((outputSizeBytes + blockSize - 1) / blockSize); + for (int i = 0; i < blocksRequired; i++) + { + int toWrite = System.Math.Min(blockSize, outputSizeBytes - (i * blockSize)); + Output((ulong)i, outBytes, outOff + (i * blockSize), toWrite); + } + + Reset(); + + return outputSizeBytes; + } + + private void Output(ulong outputSequence, byte[] outBytes, int outOff, int outputBytes) + { + byte[] currentBytes = new byte[8]; + ThreefishEngine.WordToBytes(outputSequence, currentBytes, 0); + + // Output is a sequence of UBI invocations all of which use and preserve the pre-output + // state + ulong[] outputWords = new ulong[chain.Length]; + UbiInit(PARAM_TYPE_OUTPUT); + this.ubi.Update(currentBytes, 0, currentBytes.Length, outputWords); + ubi.DoFinal(outputWords); + + int wordsRequired = ((outputBytes + 8 - 1) / 8); + for (int i = 0; i < wordsRequired; i++) + { + int toWrite = System.Math.Min(8, outputBytes - (i * 8)); + if (toWrite == 8) + { + ThreefishEngine.WordToBytes(outputWords[i], outBytes, outOff + (i * 8)); + } + else + { + ThreefishEngine.WordToBytes(outputWords[i], currentBytes, 0); + Array.Copy(currentBytes, 0, outBytes, outOff + (i * 8), toWrite); + } + } + } + + } +} + diff --git a/BouncyCastle/crypto/src/crypto/digests/TigerDigest.cs b/BouncyCastle/crypto/src/crypto/digests/TigerDigest.cs new file mode 100644 index 0000000..059232d --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/digests/TigerDigest.cs @@ -0,0 +1,883 @@ +using System; + +using Org.BouncyCastle.Crypto; +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Crypto.Digests +{ + /** + * implementation of Tiger based on: + * + * http://www.cs.technion.ac.il/~biham/Reports/Tiger + */ + public class TigerDigest + : IDigest, IMemoable + { + private const int MyByteLength = 64; + + /* + * S-Boxes. + */ + private static readonly long[] t1 = { + unchecked((long) 0x02AAB17CF7E90C5EL) /* 0 */, unchecked((long) 0xAC424B03E243A8ECL) /* 1 */, + unchecked((long) 0x72CD5BE30DD5FCD3L) /* 2 */, unchecked((long) 0x6D019B93F6F97F3AL) /* 3 */, + unchecked((long) 0xCD9978FFD21F9193L) /* 4 */, unchecked((long) 0x7573A1C9708029E2L) /* 5 */, + unchecked((long) 0xB164326B922A83C3L) /* 6 */, unchecked((long) 0x46883EEE04915870L) /* 7 */, + unchecked((long) 0xEAACE3057103ECE6L) /* 8 */, unchecked((long) 0xC54169B808A3535CL) /* 9 */, + unchecked((long) 0x4CE754918DDEC47CL) /* 10 */, unchecked((long) 0x0AA2F4DFDC0DF40CL) /* 11 */, + unchecked((long) 0x10B76F18A74DBEFAL) /* 12 */, unchecked((long) 0xC6CCB6235AD1AB6AL) /* 13 */, + unchecked((long) 0x13726121572FE2FFL) /* 14 */, unchecked((long) 0x1A488C6F199D921EL) /* 15 */, + unchecked((long) 0x4BC9F9F4DA0007CAL) /* 16 */, unchecked((long) 0x26F5E6F6E85241C7L) /* 17 */, + unchecked((long) 0x859079DBEA5947B6L) /* 18 */, unchecked((long) 0x4F1885C5C99E8C92L) /* 19 */, + unchecked((long) 0xD78E761EA96F864BL) /* 20 */, unchecked((long) 0x8E36428C52B5C17DL) /* 21 */, + unchecked((long) 0x69CF6827373063C1L) /* 22 */, unchecked((long) 0xB607C93D9BB4C56EL) /* 23 */, + unchecked((long) 0x7D820E760E76B5EAL) /* 24 */, unchecked((long) 0x645C9CC6F07FDC42L) /* 25 */, + unchecked((long) 0xBF38A078243342E0L) /* 26 */, unchecked((long) 0x5F6B343C9D2E7D04L) /* 27 */, + unchecked((long) 0xF2C28AEB600B0EC6L) /* 28 */, unchecked((long) 0x6C0ED85F7254BCACL) /* 29 */, + unchecked((long) 0x71592281A4DB4FE5L) /* 30 */, unchecked((long) 0x1967FA69CE0FED9FL) /* 31 */, + unchecked((long) 0xFD5293F8B96545DBL) /* 32 */, unchecked((long) 0xC879E9D7F2A7600BL) /* 33 */, + unchecked((long) 0x860248920193194EL) /* 34 */, unchecked((long) 0xA4F9533B2D9CC0B3L) /* 35 */, + unchecked((long) 0x9053836C15957613L) /* 36 */, unchecked((long) 0xDB6DCF8AFC357BF1L) /* 37 */, + unchecked((long) 0x18BEEA7A7A370F57L) /* 38 */, unchecked((long) 0x037117CA50B99066L) /* 39 */, + unchecked((long) 0x6AB30A9774424A35L) /* 40 */, unchecked((long) 0xF4E92F02E325249BL) /* 41 */, + unchecked((long) 0x7739DB07061CCAE1L) /* 42 */, unchecked((long) 0xD8F3B49CECA42A05L) /* 43 */, + unchecked((long) 0xBD56BE3F51382F73L) /* 44 */, unchecked((long) 0x45FAED5843B0BB28L) /* 45 */, + unchecked((long) 0x1C813D5C11BF1F83L) /* 46 */, unchecked((long) 0x8AF0E4B6D75FA169L) /* 47 */, + unchecked((long) 0x33EE18A487AD9999L) /* 48 */, unchecked((long) 0x3C26E8EAB1C94410L) /* 49 */, + unchecked((long) 0xB510102BC0A822F9L) /* 50 */, unchecked((long) 0x141EEF310CE6123BL) /* 51 */, + unchecked((long) 0xFC65B90059DDB154L) /* 52 */, unchecked((long) 0xE0158640C5E0E607L) /* 53 */, + unchecked((long) 0x884E079826C3A3CFL) /* 54 */, unchecked((long) 0x930D0D9523C535FDL) /* 55 */, + unchecked((long) 0x35638D754E9A2B00L) /* 56 */, unchecked((long) 0x4085FCCF40469DD5L) /* 57 */, + unchecked((long) 0xC4B17AD28BE23A4CL) /* 58 */, unchecked((long) 0xCAB2F0FC6A3E6A2EL) /* 59 */, + unchecked((long) 0x2860971A6B943FCDL) /* 60 */, unchecked((long) 0x3DDE6EE212E30446L) /* 61 */, + unchecked((long) 0x6222F32AE01765AEL) /* 62 */, unchecked((long) 0x5D550BB5478308FEL) /* 63 */, + unchecked((long) 0xA9EFA98DA0EDA22AL) /* 64 */, unchecked((long) 0xC351A71686C40DA7L) /* 65 */, + unchecked((long) 0x1105586D9C867C84L) /* 66 */, unchecked((long) 0xDCFFEE85FDA22853L) /* 67 */, + unchecked((long) 0xCCFBD0262C5EEF76L) /* 68 */, unchecked((long) 0xBAF294CB8990D201L) /* 69 */, + unchecked((long) 0xE69464F52AFAD975L) /* 70 */, unchecked((long) 0x94B013AFDF133E14L) /* 71 */, + unchecked((long) 0x06A7D1A32823C958L) /* 72 */, unchecked((long) 0x6F95FE5130F61119L) /* 73 */, + unchecked((long) 0xD92AB34E462C06C0L) /* 74 */, unchecked((long) 0xED7BDE33887C71D2L) /* 75 */, + unchecked((long) 0x79746D6E6518393EL) /* 76 */, unchecked((long) 0x5BA419385D713329L) /* 77 */, + unchecked((long) 0x7C1BA6B948A97564L) /* 78 */, unchecked((long) 0x31987C197BFDAC67L) /* 79 */, + unchecked((long) 0xDE6C23C44B053D02L) /* 80 */, unchecked((long) 0x581C49FED002D64DL) /* 81 */, + unchecked((long) 0xDD474D6338261571L) /* 82 */, unchecked((long) 0xAA4546C3E473D062L) /* 83 */, + unchecked((long) 0x928FCE349455F860L) /* 84 */, unchecked((long) 0x48161BBACAAB94D9L) /* 85 */, + unchecked((long) 0x63912430770E6F68L) /* 86 */, unchecked((long) 0x6EC8A5E602C6641CL) /* 87 */, + unchecked((long) 0x87282515337DDD2BL) /* 88 */, unchecked((long) 0x2CDA6B42034B701BL) /* 89 */, + unchecked((long) 0xB03D37C181CB096DL) /* 90 */, unchecked((long) 0xE108438266C71C6FL) /* 91 */, + unchecked((long) 0x2B3180C7EB51B255L) /* 92 */, unchecked((long) 0xDF92B82F96C08BBCL) /* 93 */, + unchecked((long) 0x5C68C8C0A632F3BAL) /* 94 */, unchecked((long) 0x5504CC861C3D0556L) /* 95 */, + unchecked((long) 0xABBFA4E55FB26B8FL) /* 96 */, unchecked((long) 0x41848B0AB3BACEB4L) /* 97 */, + unchecked((long) 0xB334A273AA445D32L) /* 98 */, unchecked((long) 0xBCA696F0A85AD881L) /* 99 */, + unchecked((long) 0x24F6EC65B528D56CL) /* 100 */, unchecked((long) 0x0CE1512E90F4524AL) /* 101 */, + unchecked((long) 0x4E9DD79D5506D35AL) /* 102 */, unchecked((long) 0x258905FAC6CE9779L) /* 103 */, + unchecked((long) 0x2019295B3E109B33L) /* 104 */, unchecked((long) 0xF8A9478B73A054CCL) /* 105 */, + unchecked((long) 0x2924F2F934417EB0L) /* 106 */, unchecked((long) 0x3993357D536D1BC4L) /* 107 */, + unchecked((long) 0x38A81AC21DB6FF8BL) /* 108 */, unchecked((long) 0x47C4FBF17D6016BFL) /* 109 */, + unchecked((long) 0x1E0FAADD7667E3F5L) /* 110 */, unchecked((long) 0x7ABCFF62938BEB96L) /* 111 */, + unchecked((long) 0xA78DAD948FC179C9L) /* 112 */, unchecked((long) 0x8F1F98B72911E50DL) /* 113 */, + unchecked((long) 0x61E48EAE27121A91L) /* 114 */, unchecked((long) 0x4D62F7AD31859808L) /* 115 */, + unchecked((long) 0xECEBA345EF5CEAEBL) /* 116 */, unchecked((long) 0xF5CEB25EBC9684CEL) /* 117 */, + unchecked((long) 0xF633E20CB7F76221L) /* 118 */, unchecked((long) 0xA32CDF06AB8293E4L) /* 119 */, + unchecked((long) 0x985A202CA5EE2CA4L) /* 120 */, unchecked((long) 0xCF0B8447CC8A8FB1L) /* 121 */, + unchecked((long) 0x9F765244979859A3L) /* 122 */, unchecked((long) 0xA8D516B1A1240017L) /* 123 */, + unchecked((long) 0x0BD7BA3EBB5DC726L) /* 124 */, unchecked((long) 0xE54BCA55B86ADB39L) /* 125 */, + unchecked((long) 0x1D7A3AFD6C478063L) /* 126 */, unchecked((long) 0x519EC608E7669EDDL) /* 127 */, + unchecked((long) 0x0E5715A2D149AA23L) /* 128 */, unchecked((long) 0x177D4571848FF194L) /* 129 */, + unchecked((long) 0xEEB55F3241014C22L) /* 130 */, unchecked((long) 0x0F5E5CA13A6E2EC2L) /* 131 */, + unchecked((long) 0x8029927B75F5C361L) /* 132 */, unchecked((long) 0xAD139FABC3D6E436L) /* 133 */, + unchecked((long) 0x0D5DF1A94CCF402FL) /* 134 */, unchecked((long) 0x3E8BD948BEA5DFC8L) /* 135 */, + unchecked((long) 0xA5A0D357BD3FF77EL) /* 136 */, unchecked((long) 0xA2D12E251F74F645L) /* 137 */, + unchecked((long) 0x66FD9E525E81A082L) /* 138 */, unchecked((long) 0x2E0C90CE7F687A49L) /* 139 */, + unchecked((long) 0xC2E8BCBEBA973BC5L) /* 140 */, unchecked((long) 0x000001BCE509745FL) /* 141 */, + unchecked((long) 0x423777BBE6DAB3D6L) /* 142 */, unchecked((long) 0xD1661C7EAEF06EB5L) /* 143 */, + unchecked((long) 0xA1781F354DAACFD8L) /* 144 */, unchecked((long) 0x2D11284A2B16AFFCL) /* 145 */, + unchecked((long) 0xF1FC4F67FA891D1FL) /* 146 */, unchecked((long) 0x73ECC25DCB920ADAL) /* 147 */, + unchecked((long) 0xAE610C22C2A12651L) /* 148 */, unchecked((long) 0x96E0A810D356B78AL) /* 149 */, + unchecked((long) 0x5A9A381F2FE7870FL) /* 150 */, unchecked((long) 0xD5AD62EDE94E5530L) /* 151 */, + unchecked((long) 0xD225E5E8368D1427L) /* 152 */, unchecked((long) 0x65977B70C7AF4631L) /* 153 */, + unchecked((long) 0x99F889B2DE39D74FL) /* 154 */, unchecked((long) 0x233F30BF54E1D143L) /* 155 */, + unchecked((long) 0x9A9675D3D9A63C97L) /* 156 */, unchecked((long) 0x5470554FF334F9A8L) /* 157 */, + unchecked((long) 0x166ACB744A4F5688L) /* 158 */, unchecked((long) 0x70C74CAAB2E4AEADL) /* 159 */, + unchecked((long) 0xF0D091646F294D12L) /* 160 */, unchecked((long) 0x57B82A89684031D1L) /* 161 */, + unchecked((long) 0xEFD95A5A61BE0B6BL) /* 162 */, unchecked((long) 0x2FBD12E969F2F29AL) /* 163 */, + unchecked((long) 0x9BD37013FEFF9FE8L) /* 164 */, unchecked((long) 0x3F9B0404D6085A06L) /* 165 */, + unchecked((long) 0x4940C1F3166CFE15L) /* 166 */, unchecked((long) 0x09542C4DCDF3DEFBL) /* 167 */, + unchecked((long) 0xB4C5218385CD5CE3L) /* 168 */, unchecked((long) 0xC935B7DC4462A641L) /* 169 */, + unchecked((long) 0x3417F8A68ED3B63FL) /* 170 */, unchecked((long) 0xB80959295B215B40L) /* 171 */, + unchecked((long) 0xF99CDAEF3B8C8572L) /* 172 */, unchecked((long) 0x018C0614F8FCB95DL) /* 173 */, + unchecked((long) 0x1B14ACCD1A3ACDF3L) /* 174 */, unchecked((long) 0x84D471F200BB732DL) /* 175 */, + unchecked((long) 0xC1A3110E95E8DA16L) /* 176 */, unchecked((long) 0x430A7220BF1A82B8L) /* 177 */, + unchecked((long) 0xB77E090D39DF210EL) /* 178 */, unchecked((long) 0x5EF4BD9F3CD05E9DL) /* 179 */, + unchecked((long) 0x9D4FF6DA7E57A444L) /* 180 */, unchecked((long) 0xDA1D60E183D4A5F8L) /* 181 */, + unchecked((long) 0xB287C38417998E47L) /* 182 */, unchecked((long) 0xFE3EDC121BB31886L) /* 183 */, + unchecked((long) 0xC7FE3CCC980CCBEFL) /* 184 */, unchecked((long) 0xE46FB590189BFD03L) /* 185 */, + unchecked((long) 0x3732FD469A4C57DCL) /* 186 */, unchecked((long) 0x7EF700A07CF1AD65L) /* 187 */, + unchecked((long) 0x59C64468A31D8859L) /* 188 */, unchecked((long) 0x762FB0B4D45B61F6L) /* 189 */, + unchecked((long) 0x155BAED099047718L) /* 190 */, unchecked((long) 0x68755E4C3D50BAA6L) /* 191 */, + unchecked((long) 0xE9214E7F22D8B4DFL) /* 192 */, unchecked((long) 0x2ADDBF532EAC95F4L) /* 193 */, + unchecked((long) 0x32AE3909B4BD0109L) /* 194 */, unchecked((long) 0x834DF537B08E3450L) /* 195 */, + unchecked((long) 0xFA209DA84220728DL) /* 196 */, unchecked((long) 0x9E691D9B9EFE23F7L) /* 197 */, + unchecked((long) 0x0446D288C4AE8D7FL) /* 198 */, unchecked((long) 0x7B4CC524E169785BL) /* 199 */, + unchecked((long) 0x21D87F0135CA1385L) /* 200 */, unchecked((long) 0xCEBB400F137B8AA5L) /* 201 */, + unchecked((long) 0x272E2B66580796BEL) /* 202 */, unchecked((long) 0x3612264125C2B0DEL) /* 203 */, + unchecked((long) 0x057702BDAD1EFBB2L) /* 204 */, unchecked((long) 0xD4BABB8EACF84BE9L) /* 205 */, + unchecked((long) 0x91583139641BC67BL) /* 206 */, unchecked((long) 0x8BDC2DE08036E024L) /* 207 */, + unchecked((long) 0x603C8156F49F68EDL) /* 208 */, unchecked((long) 0xF7D236F7DBEF5111L) /* 209 */, + unchecked((long) 0x9727C4598AD21E80L) /* 210 */, unchecked((long) 0xA08A0896670A5FD7L) /* 211 */, + unchecked((long) 0xCB4A8F4309EBA9CBL) /* 212 */, unchecked((long) 0x81AF564B0F7036A1L) /* 213 */, + unchecked((long) 0xC0B99AA778199ABDL) /* 214 */, unchecked((long) 0x959F1EC83FC8E952L) /* 215 */, + unchecked((long) 0x8C505077794A81B9L) /* 216 */, unchecked((long) 0x3ACAAF8F056338F0L) /* 217 */, + unchecked((long) 0x07B43F50627A6778L) /* 218 */, unchecked((long) 0x4A44AB49F5ECCC77L) /* 219 */, + unchecked((long) 0x3BC3D6E4B679EE98L) /* 220 */, unchecked((long) 0x9CC0D4D1CF14108CL) /* 221 */, + unchecked((long) 0x4406C00B206BC8A0L) /* 222 */, unchecked((long) 0x82A18854C8D72D89L) /* 223 */, + unchecked((long) 0x67E366B35C3C432CL) /* 224 */, unchecked((long) 0xB923DD61102B37F2L) /* 225 */, + unchecked((long) 0x56AB2779D884271DL) /* 226 */, unchecked((long) 0xBE83E1B0FF1525AFL) /* 227 */, + unchecked((long) 0xFB7C65D4217E49A9L) /* 228 */, unchecked((long) 0x6BDBE0E76D48E7D4L) /* 229 */, + unchecked((long) 0x08DF828745D9179EL) /* 230 */, unchecked((long) 0x22EA6A9ADD53BD34L) /* 231 */, + unchecked((long) 0xE36E141C5622200AL) /* 232 */, unchecked((long) 0x7F805D1B8CB750EEL) /* 233 */, + unchecked((long) 0xAFE5C7A59F58E837L) /* 234 */, unchecked((long) 0xE27F996A4FB1C23CL) /* 235 */, + unchecked((long) 0xD3867DFB0775F0D0L) /* 236 */, unchecked((long) 0xD0E673DE6E88891AL) /* 237 */, + unchecked((long) 0x123AEB9EAFB86C25L) /* 238 */, unchecked((long) 0x30F1D5D5C145B895L) /* 239 */, + unchecked((long) 0xBB434A2DEE7269E7L) /* 240 */, unchecked((long) 0x78CB67ECF931FA38L) /* 241 */, + unchecked((long) 0xF33B0372323BBF9CL) /* 242 */, unchecked((long) 0x52D66336FB279C74L) /* 243 */, + unchecked((long) 0x505F33AC0AFB4EAAL) /* 244 */, unchecked((long) 0xE8A5CD99A2CCE187L) /* 245 */, + unchecked((long) 0x534974801E2D30BBL) /* 246 */, unchecked((long) 0x8D2D5711D5876D90L) /* 247 */, + unchecked((long) 0x1F1A412891BC038EL) /* 248 */, unchecked((long) 0xD6E2E71D82E56648L) /* 249 */, + unchecked((long) 0x74036C3A497732B7L) /* 250 */, unchecked((long) 0x89B67ED96361F5ABL) /* 251 */, + unchecked((long) 0xFFED95D8F1EA02A2L) /* 252 */, unchecked((long) 0xE72B3BD61464D43DL) /* 253 */, + unchecked((long) 0xA6300F170BDC4820L) /* 254 */, unchecked((long) 0xEBC18760ED78A77AL) /* 255 */, + }; + + private static readonly long[] t2 = { + unchecked((long) 0xE6A6BE5A05A12138L) /* 256 */, unchecked((long) 0xB5A122A5B4F87C98L) /* 257 */, + unchecked((long) 0x563C6089140B6990L) /* 258 */, unchecked((long) 0x4C46CB2E391F5DD5L) /* 259 */, + unchecked((long) 0xD932ADDBC9B79434L) /* 260 */, unchecked((long) 0x08EA70E42015AFF5L) /* 261 */, + unchecked((long) 0xD765A6673E478CF1L) /* 262 */, unchecked((long) 0xC4FB757EAB278D99L) /* 263 */, + unchecked((long) 0xDF11C6862D6E0692L) /* 264 */, unchecked((long) 0xDDEB84F10D7F3B16L) /* 265 */, + unchecked((long) 0x6F2EF604A665EA04L) /* 266 */, unchecked((long) 0x4A8E0F0FF0E0DFB3L) /* 267 */, + unchecked((long) 0xA5EDEEF83DBCBA51L) /* 268 */, unchecked((long) 0xFC4F0A2A0EA4371EL) /* 269 */, + unchecked((long) 0xE83E1DA85CB38429L) /* 270 */, unchecked((long) 0xDC8FF882BA1B1CE2L) /* 271 */, + unchecked((long) 0xCD45505E8353E80DL) /* 272 */, unchecked((long) 0x18D19A00D4DB0717L) /* 273 */, + unchecked((long) 0x34A0CFEDA5F38101L) /* 274 */, unchecked((long) 0x0BE77E518887CAF2L) /* 275 */, + unchecked((long) 0x1E341438B3C45136L) /* 276 */, unchecked((long) 0xE05797F49089CCF9L) /* 277 */, + unchecked((long) 0xFFD23F9DF2591D14L) /* 278 */, unchecked((long) 0x543DDA228595C5CDL) /* 279 */, + unchecked((long) 0x661F81FD99052A33L) /* 280 */, unchecked((long) 0x8736E641DB0F7B76L) /* 281 */, + unchecked((long) 0x15227725418E5307L) /* 282 */, unchecked((long) 0xE25F7F46162EB2FAL) /* 283 */, + unchecked((long) 0x48A8B2126C13D9FEL) /* 284 */, unchecked((long) 0xAFDC541792E76EEAL) /* 285 */, + unchecked((long) 0x03D912BFC6D1898FL) /* 286 */, unchecked((long) 0x31B1AAFA1B83F51BL) /* 287 */, + unchecked((long) 0xF1AC2796E42AB7D9L) /* 288 */, unchecked((long) 0x40A3A7D7FCD2EBACL) /* 289 */, + unchecked((long) 0x1056136D0AFBBCC5L) /* 290 */, unchecked((long) 0x7889E1DD9A6D0C85L) /* 291 */, + unchecked((long) 0xD33525782A7974AAL) /* 292 */, unchecked((long) 0xA7E25D09078AC09BL) /* 293 */, + unchecked((long) 0xBD4138B3EAC6EDD0L) /* 294 */, unchecked((long) 0x920ABFBE71EB9E70L) /* 295 */, + unchecked((long) 0xA2A5D0F54FC2625CL) /* 296 */, unchecked((long) 0xC054E36B0B1290A3L) /* 297 */, + unchecked((long) 0xF6DD59FF62FE932BL) /* 298 */, unchecked((long) 0x3537354511A8AC7DL) /* 299 */, + unchecked((long) 0xCA845E9172FADCD4L) /* 300 */, unchecked((long) 0x84F82B60329D20DCL) /* 301 */, + unchecked((long) 0x79C62CE1CD672F18L) /* 302 */, unchecked((long) 0x8B09A2ADD124642CL) /* 303 */, + unchecked((long) 0xD0C1E96A19D9E726L) /* 304 */, unchecked((long) 0x5A786A9B4BA9500CL) /* 305 */, + unchecked((long) 0x0E020336634C43F3L) /* 306 */, unchecked((long) 0xC17B474AEB66D822L) /* 307 */, + unchecked((long) 0x6A731AE3EC9BAAC2L) /* 308 */, unchecked((long) 0x8226667AE0840258L) /* 309 */, + unchecked((long) 0x67D4567691CAECA5L) /* 310 */, unchecked((long) 0x1D94155C4875ADB5L) /* 311 */, + unchecked((long) 0x6D00FD985B813FDFL) /* 312 */, unchecked((long) 0x51286EFCB774CD06L) /* 313 */, + unchecked((long) 0x5E8834471FA744AFL) /* 314 */, unchecked((long) 0xF72CA0AEE761AE2EL) /* 315 */, + unchecked((long) 0xBE40E4CDAEE8E09AL) /* 316 */, unchecked((long) 0xE9970BBB5118F665L) /* 317 */, + unchecked((long) 0x726E4BEB33DF1964L) /* 318 */, unchecked((long) 0x703B000729199762L) /* 319 */, + unchecked((long) 0x4631D816F5EF30A7L) /* 320 */, unchecked((long) 0xB880B5B51504A6BEL) /* 321 */, + unchecked((long) 0x641793C37ED84B6CL) /* 322 */, unchecked((long) 0x7B21ED77F6E97D96L) /* 323 */, + unchecked((long) 0x776306312EF96B73L) /* 324 */, unchecked((long) 0xAE528948E86FF3F4L) /* 325 */, + unchecked((long) 0x53DBD7F286A3F8F8L) /* 326 */, unchecked((long) 0x16CADCE74CFC1063L) /* 327 */, + unchecked((long) 0x005C19BDFA52C6DDL) /* 328 */, unchecked((long) 0x68868F5D64D46AD3L) /* 329 */, + unchecked((long) 0x3A9D512CCF1E186AL) /* 330 */, unchecked((long) 0x367E62C2385660AEL) /* 331 */, + unchecked((long) 0xE359E7EA77DCB1D7L) /* 332 */, unchecked((long) 0x526C0773749ABE6EL) /* 333 */, + unchecked((long) 0x735AE5F9D09F734BL) /* 334 */, unchecked((long) 0x493FC7CC8A558BA8L) /* 335 */, + unchecked((long) 0xB0B9C1533041AB45L) /* 336 */, unchecked((long) 0x321958BA470A59BDL) /* 337 */, + unchecked((long) 0x852DB00B5F46C393L) /* 338 */, unchecked((long) 0x91209B2BD336B0E5L) /* 339 */, + unchecked((long) 0x6E604F7D659EF19FL) /* 340 */, unchecked((long) 0xB99A8AE2782CCB24L) /* 341 */, + unchecked((long) 0xCCF52AB6C814C4C7L) /* 342 */, unchecked((long) 0x4727D9AFBE11727BL) /* 343 */, + unchecked((long) 0x7E950D0C0121B34DL) /* 344 */, unchecked((long) 0x756F435670AD471FL) /* 345 */, + unchecked((long) 0xF5ADD442615A6849L) /* 346 */, unchecked((long) 0x4E87E09980B9957AL) /* 347 */, + unchecked((long) 0x2ACFA1DF50AEE355L) /* 348 */, unchecked((long) 0xD898263AFD2FD556L) /* 349 */, + unchecked((long) 0xC8F4924DD80C8FD6L) /* 350 */, unchecked((long) 0xCF99CA3D754A173AL) /* 351 */, + unchecked((long) 0xFE477BACAF91BF3CL) /* 352 */, unchecked((long) 0xED5371F6D690C12DL) /* 353 */, + unchecked((long) 0x831A5C285E687094L) /* 354 */, unchecked((long) 0xC5D3C90A3708A0A4L) /* 355 */, + unchecked((long) 0x0F7F903717D06580L) /* 356 */, unchecked((long) 0x19F9BB13B8FDF27FL) /* 357 */, + unchecked((long) 0xB1BD6F1B4D502843L) /* 358 */, unchecked((long) 0x1C761BA38FFF4012L) /* 359 */, + unchecked((long) 0x0D1530C4E2E21F3BL) /* 360 */, unchecked((long) 0x8943CE69A7372C8AL) /* 361 */, + unchecked((long) 0xE5184E11FEB5CE66L) /* 362 */, unchecked((long) 0x618BDB80BD736621L) /* 363 */, + unchecked((long) 0x7D29BAD68B574D0BL) /* 364 */, unchecked((long) 0x81BB613E25E6FE5BL) /* 365 */, + unchecked((long) 0x071C9C10BC07913FL) /* 366 */, unchecked((long) 0xC7BEEB7909AC2D97L) /* 367 */, + unchecked((long) 0xC3E58D353BC5D757L) /* 368 */, unchecked((long) 0xEB017892F38F61E8L) /* 369 */, + unchecked((long) 0xD4EFFB9C9B1CC21AL) /* 370 */, unchecked((long) 0x99727D26F494F7ABL) /* 371 */, + unchecked((long) 0xA3E063A2956B3E03L) /* 372 */, unchecked((long) 0x9D4A8B9A4AA09C30L) /* 373 */, + unchecked((long) 0x3F6AB7D500090FB4L) /* 374 */, unchecked((long) 0x9CC0F2A057268AC0L) /* 375 */, + unchecked((long) 0x3DEE9D2DEDBF42D1L) /* 376 */, unchecked((long) 0x330F49C87960A972L) /* 377 */, + unchecked((long) 0xC6B2720287421B41L) /* 378 */, unchecked((long) 0x0AC59EC07C00369CL) /* 379 */, + unchecked((long) 0xEF4EAC49CB353425L) /* 380 */, unchecked((long) 0xF450244EEF0129D8L) /* 381 */, + unchecked((long) 0x8ACC46E5CAF4DEB6L) /* 382 */, unchecked((long) 0x2FFEAB63989263F7L) /* 383 */, + unchecked((long) 0x8F7CB9FE5D7A4578L) /* 384 */, unchecked((long) 0x5BD8F7644E634635L) /* 385 */, + unchecked((long) 0x427A7315BF2DC900L) /* 386 */, unchecked((long) 0x17D0C4AA2125261CL) /* 387 */, + unchecked((long) 0x3992486C93518E50L) /* 388 */, unchecked((long) 0xB4CBFEE0A2D7D4C3L) /* 389 */, + unchecked((long) 0x7C75D6202C5DDD8DL) /* 390 */, unchecked((long) 0xDBC295D8E35B6C61L) /* 391 */, + unchecked((long) 0x60B369D302032B19L) /* 392 */, unchecked((long) 0xCE42685FDCE44132L) /* 393 */, + unchecked((long) 0x06F3DDB9DDF65610L) /* 394 */, unchecked((long) 0x8EA4D21DB5E148F0L) /* 395 */, + unchecked((long) 0x20B0FCE62FCD496FL) /* 396 */, unchecked((long) 0x2C1B912358B0EE31L) /* 397 */, + unchecked((long) 0xB28317B818F5A308L) /* 398 */, unchecked((long) 0xA89C1E189CA6D2CFL) /* 399 */, + unchecked((long) 0x0C6B18576AAADBC8L) /* 400 */, unchecked((long) 0xB65DEAA91299FAE3L) /* 401 */, + unchecked((long) 0xFB2B794B7F1027E7L) /* 402 */, unchecked((long) 0x04E4317F443B5BEBL) /* 403 */, + unchecked((long) 0x4B852D325939D0A6L) /* 404 */, unchecked((long) 0xD5AE6BEEFB207FFCL) /* 405 */, + unchecked((long) 0x309682B281C7D374L) /* 406 */, unchecked((long) 0xBAE309A194C3B475L) /* 407 */, + unchecked((long) 0x8CC3F97B13B49F05L) /* 408 */, unchecked((long) 0x98A9422FF8293967L) /* 409 */, + unchecked((long) 0x244B16B01076FF7CL) /* 410 */, unchecked((long) 0xF8BF571C663D67EEL) /* 411 */, + unchecked((long) 0x1F0D6758EEE30DA1L) /* 412 */, unchecked((long) 0xC9B611D97ADEB9B7L) /* 413 */, + unchecked((long) 0xB7AFD5887B6C57A2L) /* 414 */, unchecked((long) 0x6290AE846B984FE1L) /* 415 */, + unchecked((long) 0x94DF4CDEACC1A5FDL) /* 416 */, unchecked((long) 0x058A5BD1C5483AFFL) /* 417 */, + unchecked((long) 0x63166CC142BA3C37L) /* 418 */, unchecked((long) 0x8DB8526EB2F76F40L) /* 419 */, + unchecked((long) 0xE10880036F0D6D4EL) /* 420 */, unchecked((long) 0x9E0523C9971D311DL) /* 421 */, + unchecked((long) 0x45EC2824CC7CD691L) /* 422 */, unchecked((long) 0x575B8359E62382C9L) /* 423 */, + unchecked((long) 0xFA9E400DC4889995L) /* 424 */, unchecked((long) 0xD1823ECB45721568L) /* 425 */, + unchecked((long) 0xDAFD983B8206082FL) /* 426 */, unchecked((long) 0xAA7D29082386A8CBL) /* 427 */, + unchecked((long) 0x269FCD4403B87588L) /* 428 */, unchecked((long) 0x1B91F5F728BDD1E0L) /* 429 */, + unchecked((long) 0xE4669F39040201F6L) /* 430 */, unchecked((long) 0x7A1D7C218CF04ADEL) /* 431 */, + unchecked((long) 0x65623C29D79CE5CEL) /* 432 */, unchecked((long) 0x2368449096C00BB1L) /* 433 */, + unchecked((long) 0xAB9BF1879DA503BAL) /* 434 */, unchecked((long) 0xBC23ECB1A458058EL) /* 435 */, + unchecked((long) 0x9A58DF01BB401ECCL) /* 436 */, unchecked((long) 0xA070E868A85F143DL) /* 437 */, + unchecked((long) 0x4FF188307DF2239EL) /* 438 */, unchecked((long) 0x14D565B41A641183L) /* 439 */, + unchecked((long) 0xEE13337452701602L) /* 440 */, unchecked((long) 0x950E3DCF3F285E09L) /* 441 */, + unchecked((long) 0x59930254B9C80953L) /* 442 */, unchecked((long) 0x3BF299408930DA6DL) /* 443 */, + unchecked((long) 0xA955943F53691387L) /* 444 */, unchecked((long) 0xA15EDECAA9CB8784L) /* 445 */, + unchecked((long) 0x29142127352BE9A0L) /* 446 */, unchecked((long) 0x76F0371FFF4E7AFBL) /* 447 */, + unchecked((long) 0x0239F450274F2228L) /* 448 */, unchecked((long) 0xBB073AF01D5E868BL) /* 449 */, + unchecked((long) 0xBFC80571C10E96C1L) /* 450 */, unchecked((long) 0xD267088568222E23L) /* 451 */, + unchecked((long) 0x9671A3D48E80B5B0L) /* 452 */, unchecked((long) 0x55B5D38AE193BB81L) /* 453 */, + unchecked((long) 0x693AE2D0A18B04B8L) /* 454 */, unchecked((long) 0x5C48B4ECADD5335FL) /* 455 */, + unchecked((long) 0xFD743B194916A1CAL) /* 456 */, unchecked((long) 0x2577018134BE98C4L) /* 457 */, + unchecked((long) 0xE77987E83C54A4ADL) /* 458 */, unchecked((long) 0x28E11014DA33E1B9L) /* 459 */, + unchecked((long) 0x270CC59E226AA213L) /* 460 */, unchecked((long) 0x71495F756D1A5F60L) /* 461 */, + unchecked((long) 0x9BE853FB60AFEF77L) /* 462 */, unchecked((long) 0xADC786A7F7443DBFL) /* 463 */, + unchecked((long) 0x0904456173B29A82L) /* 464 */, unchecked((long) 0x58BC7A66C232BD5EL) /* 465 */, + unchecked((long) 0xF306558C673AC8B2L) /* 466 */, unchecked((long) 0x41F639C6B6C9772AL) /* 467 */, + unchecked((long) 0x216DEFE99FDA35DAL) /* 468 */, unchecked((long) 0x11640CC71C7BE615L) /* 469 */, + unchecked((long) 0x93C43694565C5527L) /* 470 */, unchecked((long) 0xEA038E6246777839L) /* 471 */, + unchecked((long) 0xF9ABF3CE5A3E2469L) /* 472 */, unchecked((long) 0x741E768D0FD312D2L) /* 473 */, + unchecked((long) 0x0144B883CED652C6L) /* 474 */, unchecked((long) 0xC20B5A5BA33F8552L) /* 475 */, + unchecked((long) 0x1AE69633C3435A9DL) /* 476 */, unchecked((long) 0x97A28CA4088CFDECL) /* 477 */, + unchecked((long) 0x8824A43C1E96F420L) /* 478 */, unchecked((long) 0x37612FA66EEEA746L) /* 479 */, + unchecked((long) 0x6B4CB165F9CF0E5AL) /* 480 */, unchecked((long) 0x43AA1C06A0ABFB4AL) /* 481 */, + unchecked((long) 0x7F4DC26FF162796BL) /* 482 */, unchecked((long) 0x6CBACC8E54ED9B0FL) /* 483 */, + unchecked((long) 0xA6B7FFEFD2BB253EL) /* 484 */, unchecked((long) 0x2E25BC95B0A29D4FL) /* 485 */, + unchecked((long) 0x86D6A58BDEF1388CL) /* 486 */, unchecked((long) 0xDED74AC576B6F054L) /* 487 */, + unchecked((long) 0x8030BDBC2B45805DL) /* 488 */, unchecked((long) 0x3C81AF70E94D9289L) /* 489 */, + unchecked((long) 0x3EFF6DDA9E3100DBL) /* 490 */, unchecked((long) 0xB38DC39FDFCC8847L) /* 491 */, + unchecked((long) 0x123885528D17B87EL) /* 492 */, unchecked((long) 0xF2DA0ED240B1B642L) /* 493 */, + unchecked((long) 0x44CEFADCD54BF9A9L) /* 494 */, unchecked((long) 0x1312200E433C7EE6L) /* 495 */, + unchecked((long) 0x9FFCC84F3A78C748L) /* 496 */, unchecked((long) 0xF0CD1F72248576BBL) /* 497 */, + unchecked((long) 0xEC6974053638CFE4L) /* 498 */, unchecked((long) 0x2BA7B67C0CEC4E4CL) /* 499 */, + unchecked((long) 0xAC2F4DF3E5CE32EDL) /* 500 */, unchecked((long) 0xCB33D14326EA4C11L) /* 501 */, + unchecked((long) 0xA4E9044CC77E58BCL) /* 502 */, unchecked((long) 0x5F513293D934FCEFL) /* 503 */, + unchecked((long) 0x5DC9645506E55444L) /* 504 */, unchecked((long) 0x50DE418F317DE40AL) /* 505 */, + unchecked((long) 0x388CB31A69DDE259L) /* 506 */, unchecked((long) 0x2DB4A83455820A86L) /* 507 */, + unchecked((long) 0x9010A91E84711AE9L) /* 508 */, unchecked((long) 0x4DF7F0B7B1498371L) /* 509 */, + unchecked((long) 0xD62A2EABC0977179L) /* 510 */, unchecked((long) 0x22FAC097AA8D5C0EL) /* 511 */, + }; + + private static readonly long[] t3 = { + unchecked((long) 0xF49FCC2FF1DAF39BL) /* 512 */, unchecked((long) 0x487FD5C66FF29281L) /* 513 */, + unchecked((long) 0xE8A30667FCDCA83FL) /* 514 */, unchecked((long) 0x2C9B4BE3D2FCCE63L) /* 515 */, + unchecked((long) 0xDA3FF74B93FBBBC2L) /* 516 */, unchecked((long) 0x2FA165D2FE70BA66L) /* 517 */, + unchecked((long) 0xA103E279970E93D4L) /* 518 */, unchecked((long) 0xBECDEC77B0E45E71L) /* 519 */, + unchecked((long) 0xCFB41E723985E497L) /* 520 */, unchecked((long) 0xB70AAA025EF75017L) /* 521 */, + unchecked((long) 0xD42309F03840B8E0L) /* 522 */, unchecked((long) 0x8EFC1AD035898579L) /* 523 */, + unchecked((long) 0x96C6920BE2B2ABC5L) /* 524 */, unchecked((long) 0x66AF4163375A9172L) /* 525 */, + unchecked((long) 0x2174ABDCCA7127FBL) /* 526 */, unchecked((long) 0xB33CCEA64A72FF41L) /* 527 */, + unchecked((long) 0xF04A4933083066A5L) /* 528 */, unchecked((long) 0x8D970ACDD7289AF5L) /* 529 */, + unchecked((long) 0x8F96E8E031C8C25EL) /* 530 */, unchecked((long) 0xF3FEC02276875D47L) /* 531 */, + unchecked((long) 0xEC7BF310056190DDL) /* 532 */, unchecked((long) 0xF5ADB0AEBB0F1491L) /* 533 */, + unchecked((long) 0x9B50F8850FD58892L) /* 534 */, unchecked((long) 0x4975488358B74DE8L) /* 535 */, + unchecked((long) 0xA3354FF691531C61L) /* 536 */, unchecked((long) 0x0702BBE481D2C6EEL) /* 537 */, + unchecked((long) 0x89FB24057DEDED98L) /* 538 */, unchecked((long) 0xAC3075138596E902L) /* 539 */, + unchecked((long) 0x1D2D3580172772EDL) /* 540 */, unchecked((long) 0xEB738FC28E6BC30DL) /* 541 */, + unchecked((long) 0x5854EF8F63044326L) /* 542 */, unchecked((long) 0x9E5C52325ADD3BBEL) /* 543 */, + unchecked((long) 0x90AA53CF325C4623L) /* 544 */, unchecked((long) 0xC1D24D51349DD067L) /* 545 */, + unchecked((long) 0x2051CFEEA69EA624L) /* 546 */, unchecked((long) 0x13220F0A862E7E4FL) /* 547 */, + unchecked((long) 0xCE39399404E04864L) /* 548 */, unchecked((long) 0xD9C42CA47086FCB7L) /* 549 */, + unchecked((long) 0x685AD2238A03E7CCL) /* 550 */, unchecked((long) 0x066484B2AB2FF1DBL) /* 551 */, + unchecked((long) 0xFE9D5D70EFBF79ECL) /* 552 */, unchecked((long) 0x5B13B9DD9C481854L) /* 553 */, + unchecked((long) 0x15F0D475ED1509ADL) /* 554 */, unchecked((long) 0x0BEBCD060EC79851L) /* 555 */, + unchecked((long) 0xD58C6791183AB7F8L) /* 556 */, unchecked((long) 0xD1187C5052F3EEE4L) /* 557 */, + unchecked((long) 0xC95D1192E54E82FFL) /* 558 */, unchecked((long) 0x86EEA14CB9AC6CA2L) /* 559 */, + unchecked((long) 0x3485BEB153677D5DL) /* 560 */, unchecked((long) 0xDD191D781F8C492AL) /* 561 */, + unchecked((long) 0xF60866BAA784EBF9L) /* 562 */, unchecked((long) 0x518F643BA2D08C74L) /* 563 */, + unchecked((long) 0x8852E956E1087C22L) /* 564 */, unchecked((long) 0xA768CB8DC410AE8DL) /* 565 */, + unchecked((long) 0x38047726BFEC8E1AL) /* 566 */, unchecked((long) 0xA67738B4CD3B45AAL) /* 567 */, + unchecked((long) 0xAD16691CEC0DDE19L) /* 568 */, unchecked((long) 0xC6D4319380462E07L) /* 569 */, + unchecked((long) 0xC5A5876D0BA61938L) /* 570 */, unchecked((long) 0x16B9FA1FA58FD840L) /* 571 */, + unchecked((long) 0x188AB1173CA74F18L) /* 572 */, unchecked((long) 0xABDA2F98C99C021FL) /* 573 */, + unchecked((long) 0x3E0580AB134AE816L) /* 574 */, unchecked((long) 0x5F3B05B773645ABBL) /* 575 */, + unchecked((long) 0x2501A2BE5575F2F6L) /* 576 */, unchecked((long) 0x1B2F74004E7E8BA9L) /* 577 */, + unchecked((long) 0x1CD7580371E8D953L) /* 578 */, unchecked((long) 0x7F6ED89562764E30L) /* 579 */, + unchecked((long) 0xB15926FF596F003DL) /* 580 */, unchecked((long) 0x9F65293DA8C5D6B9L) /* 581 */, + unchecked((long) 0x6ECEF04DD690F84CL) /* 582 */, unchecked((long) 0x4782275FFF33AF88L) /* 583 */, + unchecked((long) 0xE41433083F820801L) /* 584 */, unchecked((long) 0xFD0DFE409A1AF9B5L) /* 585 */, + unchecked((long) 0x4325A3342CDB396BL) /* 586 */, unchecked((long) 0x8AE77E62B301B252L) /* 587 */, + unchecked((long) 0xC36F9E9F6655615AL) /* 588 */, unchecked((long) 0x85455A2D92D32C09L) /* 589 */, + unchecked((long) 0xF2C7DEA949477485L) /* 590 */, unchecked((long) 0x63CFB4C133A39EBAL) /* 591 */, + unchecked((long) 0x83B040CC6EBC5462L) /* 592 */, unchecked((long) 0x3B9454C8FDB326B0L) /* 593 */, + unchecked((long) 0x56F56A9E87FFD78CL) /* 594 */, unchecked((long) 0x2DC2940D99F42BC6L) /* 595 */, + unchecked((long) 0x98F7DF096B096E2DL) /* 596 */, unchecked((long) 0x19A6E01E3AD852BFL) /* 597 */, + unchecked((long) 0x42A99CCBDBD4B40BL) /* 598 */, unchecked((long) 0xA59998AF45E9C559L) /* 599 */, + unchecked((long) 0x366295E807D93186L) /* 600 */, unchecked((long) 0x6B48181BFAA1F773L) /* 601 */, + unchecked((long) 0x1FEC57E2157A0A1DL) /* 602 */, unchecked((long) 0x4667446AF6201AD5L) /* 603 */, + unchecked((long) 0xE615EBCACFB0F075L) /* 604 */, unchecked((long) 0xB8F31F4F68290778L) /* 605 */, + unchecked((long) 0x22713ED6CE22D11EL) /* 606 */, unchecked((long) 0x3057C1A72EC3C93BL) /* 607 */, + unchecked((long) 0xCB46ACC37C3F1F2FL) /* 608 */, unchecked((long) 0xDBB893FD02AAF50EL) /* 609 */, + unchecked((long) 0x331FD92E600B9FCFL) /* 610 */, unchecked((long) 0xA498F96148EA3AD6L) /* 611 */, + unchecked((long) 0xA8D8426E8B6A83EAL) /* 612 */, unchecked((long) 0xA089B274B7735CDCL) /* 613 */, + unchecked((long) 0x87F6B3731E524A11L) /* 614 */, unchecked((long) 0x118808E5CBC96749L) /* 615 */, + unchecked((long) 0x9906E4C7B19BD394L) /* 616 */, unchecked((long) 0xAFED7F7E9B24A20CL) /* 617 */, + unchecked((long) 0x6509EADEEB3644A7L) /* 618 */, unchecked((long) 0x6C1EF1D3E8EF0EDEL) /* 619 */, + unchecked((long) 0xB9C97D43E9798FB4L) /* 620 */, unchecked((long) 0xA2F2D784740C28A3L) /* 621 */, + unchecked((long) 0x7B8496476197566FL) /* 622 */, unchecked((long) 0x7A5BE3E6B65F069DL) /* 623 */, + unchecked((long) 0xF96330ED78BE6F10L) /* 624 */, unchecked((long) 0xEEE60DE77A076A15L) /* 625 */, + unchecked((long) 0x2B4BEE4AA08B9BD0L) /* 626 */, unchecked((long) 0x6A56A63EC7B8894EL) /* 627 */, + unchecked((long) 0x02121359BA34FEF4L) /* 628 */, unchecked((long) 0x4CBF99F8283703FCL) /* 629 */, + unchecked((long) 0x398071350CAF30C8L) /* 630 */, unchecked((long) 0xD0A77A89F017687AL) /* 631 */, + unchecked((long) 0xF1C1A9EB9E423569L) /* 632 */, unchecked((long) 0x8C7976282DEE8199L) /* 633 */, + unchecked((long) 0x5D1737A5DD1F7ABDL) /* 634 */, unchecked((long) 0x4F53433C09A9FA80L) /* 635 */, + unchecked((long) 0xFA8B0C53DF7CA1D9L) /* 636 */, unchecked((long) 0x3FD9DCBC886CCB77L) /* 637 */, + unchecked((long) 0xC040917CA91B4720L) /* 638 */, unchecked((long) 0x7DD00142F9D1DCDFL) /* 639 */, + unchecked((long) 0x8476FC1D4F387B58L) /* 640 */, unchecked((long) 0x23F8E7C5F3316503L) /* 641 */, + unchecked((long) 0x032A2244E7E37339L) /* 642 */, unchecked((long) 0x5C87A5D750F5A74BL) /* 643 */, + unchecked((long) 0x082B4CC43698992EL) /* 644 */, unchecked((long) 0xDF917BECB858F63CL) /* 645 */, + unchecked((long) 0x3270B8FC5BF86DDAL) /* 646 */, unchecked((long) 0x10AE72BB29B5DD76L) /* 647 */, + unchecked((long) 0x576AC94E7700362BL) /* 648 */, unchecked((long) 0x1AD112DAC61EFB8FL) /* 649 */, + unchecked((long) 0x691BC30EC5FAA427L) /* 650 */, unchecked((long) 0xFF246311CC327143L) /* 651 */, + unchecked((long) 0x3142368E30E53206L) /* 652 */, unchecked((long) 0x71380E31E02CA396L) /* 653 */, + unchecked((long) 0x958D5C960AAD76F1L) /* 654 */, unchecked((long) 0xF8D6F430C16DA536L) /* 655 */, + unchecked((long) 0xC8FFD13F1BE7E1D2L) /* 656 */, unchecked((long) 0x7578AE66004DDBE1L) /* 657 */, + unchecked((long) 0x05833F01067BE646L) /* 658 */, unchecked((long) 0xBB34B5AD3BFE586DL) /* 659 */, + unchecked((long) 0x095F34C9A12B97F0L) /* 660 */, unchecked((long) 0x247AB64525D60CA8L) /* 661 */, + unchecked((long) 0xDCDBC6F3017477D1L) /* 662 */, unchecked((long) 0x4A2E14D4DECAD24DL) /* 663 */, + unchecked((long) 0xBDB5E6D9BE0A1EEBL) /* 664 */, unchecked((long) 0x2A7E70F7794301ABL) /* 665 */, + unchecked((long) 0xDEF42D8A270540FDL) /* 666 */, unchecked((long) 0x01078EC0A34C22C1L) /* 667 */, + unchecked((long) 0xE5DE511AF4C16387L) /* 668 */, unchecked((long) 0x7EBB3A52BD9A330AL) /* 669 */, + unchecked((long) 0x77697857AA7D6435L) /* 670 */, unchecked((long) 0x004E831603AE4C32L) /* 671 */, + unchecked((long) 0xE7A21020AD78E312L) /* 672 */, unchecked((long) 0x9D41A70C6AB420F2L) /* 673 */, + unchecked((long) 0x28E06C18EA1141E6L) /* 674 */, unchecked((long) 0xD2B28CBD984F6B28L) /* 675 */, + unchecked((long) 0x26B75F6C446E9D83L) /* 676 */, unchecked((long) 0xBA47568C4D418D7FL) /* 677 */, + unchecked((long) 0xD80BADBFE6183D8EL) /* 678 */, unchecked((long) 0x0E206D7F5F166044L) /* 679 */, + unchecked((long) 0xE258A43911CBCA3EL) /* 680 */, unchecked((long) 0x723A1746B21DC0BCL) /* 681 */, + unchecked((long) 0xC7CAA854F5D7CDD3L) /* 682 */, unchecked((long) 0x7CAC32883D261D9CL) /* 683 */, + unchecked((long) 0x7690C26423BA942CL) /* 684 */, unchecked((long) 0x17E55524478042B8L) /* 685 */, + unchecked((long) 0xE0BE477656A2389FL) /* 686 */, unchecked((long) 0x4D289B5E67AB2DA0L) /* 687 */, + unchecked((long) 0x44862B9C8FBBFD31L) /* 688 */, unchecked((long) 0xB47CC8049D141365L) /* 689 */, + unchecked((long) 0x822C1B362B91C793L) /* 690 */, unchecked((long) 0x4EB14655FB13DFD8L) /* 691 */, + unchecked((long) 0x1ECBBA0714E2A97BL) /* 692 */, unchecked((long) 0x6143459D5CDE5F14L) /* 693 */, + unchecked((long) 0x53A8FBF1D5F0AC89L) /* 694 */, unchecked((long) 0x97EA04D81C5E5B00L) /* 695 */, + unchecked((long) 0x622181A8D4FDB3F3L) /* 696 */, unchecked((long) 0xE9BCD341572A1208L) /* 697 */, + unchecked((long) 0x1411258643CCE58AL) /* 698 */, unchecked((long) 0x9144C5FEA4C6E0A4L) /* 699 */, + unchecked((long) 0x0D33D06565CF620FL) /* 700 */, unchecked((long) 0x54A48D489F219CA1L) /* 701 */, + unchecked((long) 0xC43E5EAC6D63C821L) /* 702 */, unchecked((long) 0xA9728B3A72770DAFL) /* 703 */, + unchecked((long) 0xD7934E7B20DF87EFL) /* 704 */, unchecked((long) 0xE35503B61A3E86E5L) /* 705 */, + unchecked((long) 0xCAE321FBC819D504L) /* 706 */, unchecked((long) 0x129A50B3AC60BFA6L) /* 707 */, + unchecked((long) 0xCD5E68EA7E9FB6C3L) /* 708 */, unchecked((long) 0xB01C90199483B1C7L) /* 709 */, + unchecked((long) 0x3DE93CD5C295376CL) /* 710 */, unchecked((long) 0xAED52EDF2AB9AD13L) /* 711 */, + unchecked((long) 0x2E60F512C0A07884L) /* 712 */, unchecked((long) 0xBC3D86A3E36210C9L) /* 713 */, + unchecked((long) 0x35269D9B163951CEL) /* 714 */, unchecked((long) 0x0C7D6E2AD0CDB5FAL) /* 715 */, + unchecked((long) 0x59E86297D87F5733L) /* 716 */, unchecked((long) 0x298EF221898DB0E7L) /* 717 */, + unchecked((long) 0x55000029D1A5AA7EL) /* 718 */, unchecked((long) 0x8BC08AE1B5061B45L) /* 719 */, + unchecked((long) 0xC2C31C2B6C92703AL) /* 720 */, unchecked((long) 0x94CC596BAF25EF42L) /* 721 */, + unchecked((long) 0x0A1D73DB22540456L) /* 722 */, unchecked((long) 0x04B6A0F9D9C4179AL) /* 723 */, + unchecked((long) 0xEFFDAFA2AE3D3C60L) /* 724 */, unchecked((long) 0xF7C8075BB49496C4L) /* 725 */, + unchecked((long) 0x9CC5C7141D1CD4E3L) /* 726 */, unchecked((long) 0x78BD1638218E5534L) /* 727 */, + unchecked((long) 0xB2F11568F850246AL) /* 728 */, unchecked((long) 0xEDFABCFA9502BC29L) /* 729 */, + unchecked((long) 0x796CE5F2DA23051BL) /* 730 */, unchecked((long) 0xAAE128B0DC93537CL) /* 731 */, + unchecked((long) 0x3A493DA0EE4B29AEL) /* 732 */, unchecked((long) 0xB5DF6B2C416895D7L) /* 733 */, + unchecked((long) 0xFCABBD25122D7F37L) /* 734 */, unchecked((long) 0x70810B58105DC4B1L) /* 735 */, + unchecked((long) 0xE10FDD37F7882A90L) /* 736 */, unchecked((long) 0x524DCAB5518A3F5CL) /* 737 */, + unchecked((long) 0x3C9E85878451255BL) /* 738 */, unchecked((long) 0x4029828119BD34E2L) /* 739 */, + unchecked((long) 0x74A05B6F5D3CECCBL) /* 740 */, unchecked((long) 0xB610021542E13ECAL) /* 741 */, + unchecked((long) 0x0FF979D12F59E2ACL) /* 742 */, unchecked((long) 0x6037DA27E4F9CC50L) /* 743 */, + unchecked((long) 0x5E92975A0DF1847DL) /* 744 */, unchecked((long) 0xD66DE190D3E623FEL) /* 745 */, + unchecked((long) 0x5032D6B87B568048L) /* 746 */, unchecked((long) 0x9A36B7CE8235216EL) /* 747 */, + unchecked((long) 0x80272A7A24F64B4AL) /* 748 */, unchecked((long) 0x93EFED8B8C6916F7L) /* 749 */, + unchecked((long) 0x37DDBFF44CCE1555L) /* 750 */, unchecked((long) 0x4B95DB5D4B99BD25L) /* 751 */, + unchecked((long) 0x92D3FDA169812FC0L) /* 752 */, unchecked((long) 0xFB1A4A9A90660BB6L) /* 753 */, + unchecked((long) 0x730C196946A4B9B2L) /* 754 */, unchecked((long) 0x81E289AA7F49DA68L) /* 755 */, + unchecked((long) 0x64669A0F83B1A05FL) /* 756 */, unchecked((long) 0x27B3FF7D9644F48BL) /* 757 */, + unchecked((long) 0xCC6B615C8DB675B3L) /* 758 */, unchecked((long) 0x674F20B9BCEBBE95L) /* 759 */, + unchecked((long) 0x6F31238275655982L) /* 760 */, unchecked((long) 0x5AE488713E45CF05L) /* 761 */, + unchecked((long) 0xBF619F9954C21157L) /* 762 */, unchecked((long) 0xEABAC46040A8EAE9L) /* 763 */, + unchecked((long) 0x454C6FE9F2C0C1CDL) /* 764 */, unchecked((long) 0x419CF6496412691CL) /* 765 */, + unchecked((long) 0xD3DC3BEF265B0F70L) /* 766 */, unchecked((long) 0x6D0E60F5C3578A9EL) /* 767 */, + }; + + private static readonly long[] t4 = { + unchecked((long) 0x5B0E608526323C55L) /* 768 */, unchecked((long) 0x1A46C1A9FA1B59F5L) /* 769 */, + unchecked((long) 0xA9E245A17C4C8FFAL) /* 770 */, unchecked((long) 0x65CA5159DB2955D7L) /* 771 */, + unchecked((long) 0x05DB0A76CE35AFC2L) /* 772 */, unchecked((long) 0x81EAC77EA9113D45L) /* 773 */, + unchecked((long) 0x528EF88AB6AC0A0DL) /* 774 */, unchecked((long) 0xA09EA253597BE3FFL) /* 775 */, + unchecked((long) 0x430DDFB3AC48CD56L) /* 776 */, unchecked((long) 0xC4B3A67AF45CE46FL) /* 777 */, + unchecked((long) 0x4ECECFD8FBE2D05EL) /* 778 */, unchecked((long) 0x3EF56F10B39935F0L) /* 779 */, + unchecked((long) 0x0B22D6829CD619C6L) /* 780 */, unchecked((long) 0x17FD460A74DF2069L) /* 781 */, + unchecked((long) 0x6CF8CC8E8510ED40L) /* 782 */, unchecked((long) 0xD6C824BF3A6ECAA7L) /* 783 */, + unchecked((long) 0x61243D581A817049L) /* 784 */, unchecked((long) 0x048BACB6BBC163A2L) /* 785 */, + unchecked((long) 0xD9A38AC27D44CC32L) /* 786 */, unchecked((long) 0x7FDDFF5BAAF410ABL) /* 787 */, + unchecked((long) 0xAD6D495AA804824BL) /* 788 */, unchecked((long) 0xE1A6A74F2D8C9F94L) /* 789 */, + unchecked((long) 0xD4F7851235DEE8E3L) /* 790 */, unchecked((long) 0xFD4B7F886540D893L) /* 791 */, + unchecked((long) 0x247C20042AA4BFDAL) /* 792 */, unchecked((long) 0x096EA1C517D1327CL) /* 793 */, + unchecked((long) 0xD56966B4361A6685L) /* 794 */, unchecked((long) 0x277DA5C31221057DL) /* 795 */, + unchecked((long) 0x94D59893A43ACFF7L) /* 796 */, unchecked((long) 0x64F0C51CCDC02281L) /* 797 */, + unchecked((long) 0x3D33BCC4FF6189DBL) /* 798 */, unchecked((long) 0xE005CB184CE66AF1L) /* 799 */, + unchecked((long) 0xFF5CCD1D1DB99BEAL) /* 800 */, unchecked((long) 0xB0B854A7FE42980FL) /* 801 */, + unchecked((long) 0x7BD46A6A718D4B9FL) /* 802 */, unchecked((long) 0xD10FA8CC22A5FD8CL) /* 803 */, + unchecked((long) 0xD31484952BE4BD31L) /* 804 */, unchecked((long) 0xC7FA975FCB243847L) /* 805 */, + unchecked((long) 0x4886ED1E5846C407L) /* 806 */, unchecked((long) 0x28CDDB791EB70B04L) /* 807 */, + unchecked((long) 0xC2B00BE2F573417FL) /* 808 */, unchecked((long) 0x5C9590452180F877L) /* 809 */, + unchecked((long) 0x7A6BDDFFF370EB00L) /* 810 */, unchecked((long) 0xCE509E38D6D9D6A4L) /* 811 */, + unchecked((long) 0xEBEB0F00647FA702L) /* 812 */, unchecked((long) 0x1DCC06CF76606F06L) /* 813 */, + unchecked((long) 0xE4D9F28BA286FF0AL) /* 814 */, unchecked((long) 0xD85A305DC918C262L) /* 815 */, + unchecked((long) 0x475B1D8732225F54L) /* 816 */, unchecked((long) 0x2D4FB51668CCB5FEL) /* 817 */, + unchecked((long) 0xA679B9D9D72BBA20L) /* 818 */, unchecked((long) 0x53841C0D912D43A5L) /* 819 */, + unchecked((long) 0x3B7EAA48BF12A4E8L) /* 820 */, unchecked((long) 0x781E0E47F22F1DDFL) /* 821 */, + unchecked((long) 0xEFF20CE60AB50973L) /* 822 */, unchecked((long) 0x20D261D19DFFB742L) /* 823 */, + unchecked((long) 0x16A12B03062A2E39L) /* 824 */, unchecked((long) 0x1960EB2239650495L) /* 825 */, + unchecked((long) 0x251C16FED50EB8B8L) /* 826 */, unchecked((long) 0x9AC0C330F826016EL) /* 827 */, + unchecked((long) 0xED152665953E7671L) /* 828 */, unchecked((long) 0x02D63194A6369570L) /* 829 */, + unchecked((long) 0x5074F08394B1C987L) /* 830 */, unchecked((long) 0x70BA598C90B25CE1L) /* 831 */, + unchecked((long) 0x794A15810B9742F6L) /* 832 */, unchecked((long) 0x0D5925E9FCAF8C6CL) /* 833 */, + unchecked((long) 0x3067716CD868744EL) /* 834 */, unchecked((long) 0x910AB077E8D7731BL) /* 835 */, + unchecked((long) 0x6A61BBDB5AC42F61L) /* 836 */, unchecked((long) 0x93513EFBF0851567L) /* 837 */, + unchecked((long) 0xF494724B9E83E9D5L) /* 838 */, unchecked((long) 0xE887E1985C09648DL) /* 839 */, + unchecked((long) 0x34B1D3C675370CFDL) /* 840 */, unchecked((long) 0xDC35E433BC0D255DL) /* 841 */, + unchecked((long) 0xD0AAB84234131BE0L) /* 842 */, unchecked((long) 0x08042A50B48B7EAFL) /* 843 */, + unchecked((long) 0x9997C4EE44A3AB35L) /* 844 */, unchecked((long) 0x829A7B49201799D0L) /* 845 */, + unchecked((long) 0x263B8307B7C54441L) /* 846 */, unchecked((long) 0x752F95F4FD6A6CA6L) /* 847 */, + unchecked((long) 0x927217402C08C6E5L) /* 848 */, unchecked((long) 0x2A8AB754A795D9EEL) /* 849 */, + unchecked((long) 0xA442F7552F72943DL) /* 850 */, unchecked((long) 0x2C31334E19781208L) /* 851 */, + unchecked((long) 0x4FA98D7CEAEE6291L) /* 852 */, unchecked((long) 0x55C3862F665DB309L) /* 853 */, + unchecked((long) 0xBD0610175D53B1F3L) /* 854 */, unchecked((long) 0x46FE6CB840413F27L) /* 855 */, + unchecked((long) 0x3FE03792DF0CFA59L) /* 856 */, unchecked((long) 0xCFE700372EB85E8FL) /* 857 */, + unchecked((long) 0xA7BE29E7ADBCE118L) /* 858 */, unchecked((long) 0xE544EE5CDE8431DDL) /* 859 */, + unchecked((long) 0x8A781B1B41F1873EL) /* 860 */, unchecked((long) 0xA5C94C78A0D2F0E7L) /* 861 */, + unchecked((long) 0x39412E2877B60728L) /* 862 */, unchecked((long) 0xA1265EF3AFC9A62CL) /* 863 */, + unchecked((long) 0xBCC2770C6A2506C5L) /* 864 */, unchecked((long) 0x3AB66DD5DCE1CE12L) /* 865 */, + unchecked((long) 0xE65499D04A675B37L) /* 866 */, unchecked((long) 0x7D8F523481BFD216L) /* 867 */, + unchecked((long) 0x0F6F64FCEC15F389L) /* 868 */, unchecked((long) 0x74EFBE618B5B13C8L) /* 869 */, + unchecked((long) 0xACDC82B714273E1DL) /* 870 */, unchecked((long) 0xDD40BFE003199D17L) /* 871 */, + unchecked((long) 0x37E99257E7E061F8L) /* 872 */, unchecked((long) 0xFA52626904775AAAL) /* 873 */, + unchecked((long) 0x8BBBF63A463D56F9L) /* 874 */, unchecked((long) 0xF0013F1543A26E64L) /* 875 */, + unchecked((long) 0xA8307E9F879EC898L) /* 876 */, unchecked((long) 0xCC4C27A4150177CCL) /* 877 */, + unchecked((long) 0x1B432F2CCA1D3348L) /* 878 */, unchecked((long) 0xDE1D1F8F9F6FA013L) /* 879 */, + unchecked((long) 0x606602A047A7DDD6L) /* 880 */, unchecked((long) 0xD237AB64CC1CB2C7L) /* 881 */, + unchecked((long) 0x9B938E7225FCD1D3L) /* 882 */, unchecked((long) 0xEC4E03708E0FF476L) /* 883 */, + unchecked((long) 0xFEB2FBDA3D03C12DL) /* 884 */, unchecked((long) 0xAE0BCED2EE43889AL) /* 885 */, + unchecked((long) 0x22CB8923EBFB4F43L) /* 886 */, unchecked((long) 0x69360D013CF7396DL) /* 887 */, + unchecked((long) 0x855E3602D2D4E022L) /* 888 */, unchecked((long) 0x073805BAD01F784CL) /* 889 */, + unchecked((long) 0x33E17A133852F546L) /* 890 */, unchecked((long) 0xDF4874058AC7B638L) /* 891 */, + unchecked((long) 0xBA92B29C678AA14AL) /* 892 */, unchecked((long) 0x0CE89FC76CFAADCDL) /* 893 */, + unchecked((long) 0x5F9D4E0908339E34L) /* 894 */, unchecked((long) 0xF1AFE9291F5923B9L) /* 895 */, + unchecked((long) 0x6E3480F60F4A265FL) /* 896 */, unchecked((long) 0xEEBF3A2AB29B841CL) /* 897 */, + unchecked((long) 0xE21938A88F91B4ADL) /* 898 */, unchecked((long) 0x57DFEFF845C6D3C3L) /* 899 */, + unchecked((long) 0x2F006B0BF62CAAF2L) /* 900 */, unchecked((long) 0x62F479EF6F75EE78L) /* 901 */, + unchecked((long) 0x11A55AD41C8916A9L) /* 902 */, unchecked((long) 0xF229D29084FED453L) /* 903 */, + unchecked((long) 0x42F1C27B16B000E6L) /* 904 */, unchecked((long) 0x2B1F76749823C074L) /* 905 */, + unchecked((long) 0x4B76ECA3C2745360L) /* 906 */, unchecked((long) 0x8C98F463B91691BDL) /* 907 */, + unchecked((long) 0x14BCC93CF1ADE66AL) /* 908 */, unchecked((long) 0x8885213E6D458397L) /* 909 */, + unchecked((long) 0x8E177DF0274D4711L) /* 910 */, unchecked((long) 0xB49B73B5503F2951L) /* 911 */, + unchecked((long) 0x10168168C3F96B6BL) /* 912 */, unchecked((long) 0x0E3D963B63CAB0AEL) /* 913 */, + unchecked((long) 0x8DFC4B5655A1DB14L) /* 914 */, unchecked((long) 0xF789F1356E14DE5CL) /* 915 */, + unchecked((long) 0x683E68AF4E51DAC1L) /* 916 */, unchecked((long) 0xC9A84F9D8D4B0FD9L) /* 917 */, + unchecked((long) 0x3691E03F52A0F9D1L) /* 918 */, unchecked((long) 0x5ED86E46E1878E80L) /* 919 */, + unchecked((long) 0x3C711A0E99D07150L) /* 920 */, unchecked((long) 0x5A0865B20C4E9310L) /* 921 */, + unchecked((long) 0x56FBFC1FE4F0682EL) /* 922 */, unchecked((long) 0xEA8D5DE3105EDF9BL) /* 923 */, + unchecked((long) 0x71ABFDB12379187AL) /* 924 */, unchecked((long) 0x2EB99DE1BEE77B9CL) /* 925 */, + unchecked((long) 0x21ECC0EA33CF4523L) /* 926 */, unchecked((long) 0x59A4D7521805C7A1L) /* 927 */, + unchecked((long) 0x3896F5EB56AE7C72L) /* 928 */, unchecked((long) 0xAA638F3DB18F75DCL) /* 929 */, + unchecked((long) 0x9F39358DABE9808EL) /* 930 */, unchecked((long) 0xB7DEFA91C00B72ACL) /* 931 */, + unchecked((long) 0x6B5541FD62492D92L) /* 932 */, unchecked((long) 0x6DC6DEE8F92E4D5BL) /* 933 */, + unchecked((long) 0x353F57ABC4BEEA7EL) /* 934 */, unchecked((long) 0x735769D6DA5690CEL) /* 935 */, + unchecked((long) 0x0A234AA642391484L) /* 936 */, unchecked((long) 0xF6F9508028F80D9DL) /* 937 */, + unchecked((long) 0xB8E319A27AB3F215L) /* 938 */, unchecked((long) 0x31AD9C1151341A4DL) /* 939 */, + unchecked((long) 0x773C22A57BEF5805L) /* 940 */, unchecked((long) 0x45C7561A07968633L) /* 941 */, + unchecked((long) 0xF913DA9E249DBE36L) /* 942 */, unchecked((long) 0xDA652D9B78A64C68L) /* 943 */, + unchecked((long) 0x4C27A97F3BC334EFL) /* 944 */, unchecked((long) 0x76621220E66B17F4L) /* 945 */, + unchecked((long) 0x967743899ACD7D0BL) /* 946 */, unchecked((long) 0xF3EE5BCAE0ED6782L) /* 947 */, + unchecked((long) 0x409F753600C879FCL) /* 948 */, unchecked((long) 0x06D09A39B5926DB6L) /* 949 */, + unchecked((long) 0x6F83AEB0317AC588L) /* 950 */, unchecked((long) 0x01E6CA4A86381F21L) /* 951 */, + unchecked((long) 0x66FF3462D19F3025L) /* 952 */, unchecked((long) 0x72207C24DDFD3BFBL) /* 953 */, + unchecked((long) 0x4AF6B6D3E2ECE2EBL) /* 954 */, unchecked((long) 0x9C994DBEC7EA08DEL) /* 955 */, + unchecked((long) 0x49ACE597B09A8BC4L) /* 956 */, unchecked((long) 0xB38C4766CF0797BAL) /* 957 */, + unchecked((long) 0x131B9373C57C2A75L) /* 958 */, unchecked((long) 0xB1822CCE61931E58L) /* 959 */, + unchecked((long) 0x9D7555B909BA1C0CL) /* 960 */, unchecked((long) 0x127FAFDD937D11D2L) /* 961 */, + unchecked((long) 0x29DA3BADC66D92E4L) /* 962 */, unchecked((long) 0xA2C1D57154C2ECBCL) /* 963 */, + unchecked((long) 0x58C5134D82F6FE24L) /* 964 */, unchecked((long) 0x1C3AE3515B62274FL) /* 965 */, + unchecked((long) 0xE907C82E01CB8126L) /* 966 */, unchecked((long) 0xF8ED091913E37FCBL) /* 967 */, + unchecked((long) 0x3249D8F9C80046C9L) /* 968 */, unchecked((long) 0x80CF9BEDE388FB63L) /* 969 */, + unchecked((long) 0x1881539A116CF19EL) /* 970 */, unchecked((long) 0x5103F3F76BD52457L) /* 971 */, + unchecked((long) 0x15B7E6F5AE47F7A8L) /* 972 */, unchecked((long) 0xDBD7C6DED47E9CCFL) /* 973 */, + unchecked((long) 0x44E55C410228BB1AL) /* 974 */, unchecked((long) 0xB647D4255EDB4E99L) /* 975 */, + unchecked((long) 0x5D11882BB8AAFC30L) /* 976 */, unchecked((long) 0xF5098BBB29D3212AL) /* 977 */, + unchecked((long) 0x8FB5EA14E90296B3L) /* 978 */, unchecked((long) 0x677B942157DD025AL) /* 979 */, + unchecked((long) 0xFB58E7C0A390ACB5L) /* 980 */, unchecked((long) 0x89D3674C83BD4A01L) /* 981 */, + unchecked((long) 0x9E2DA4DF4BF3B93BL) /* 982 */, unchecked((long) 0xFCC41E328CAB4829L) /* 983 */, + unchecked((long) 0x03F38C96BA582C52L) /* 984 */, unchecked((long) 0xCAD1BDBD7FD85DB2L) /* 985 */, + unchecked((long) 0xBBB442C16082AE83L) /* 986 */, unchecked((long) 0xB95FE86BA5DA9AB0L) /* 987 */, + unchecked((long) 0xB22E04673771A93FL) /* 988 */, unchecked((long) 0x845358C9493152D8L) /* 989 */, + unchecked((long) 0xBE2A488697B4541EL) /* 990 */, unchecked((long) 0x95A2DC2DD38E6966L) /* 991 */, + unchecked((long) 0xC02C11AC923C852BL) /* 992 */, unchecked((long) 0x2388B1990DF2A87BL) /* 993 */, + unchecked((long) 0x7C8008FA1B4F37BEL) /* 994 */, unchecked((long) 0x1F70D0C84D54E503L) /* 995 */, + unchecked((long) 0x5490ADEC7ECE57D4L) /* 996 */, unchecked((long) 0x002B3C27D9063A3AL) /* 997 */, + unchecked((long) 0x7EAEA3848030A2BFL) /* 998 */, unchecked((long) 0xC602326DED2003C0L) /* 999 */, + unchecked((long) 0x83A7287D69A94086L) /* 1000 */, unchecked((long) 0xC57A5FCB30F57A8AL) /* 1001 */, + unchecked((long) 0xB56844E479EBE779L) /* 1002 */, unchecked((long) 0xA373B40F05DCBCE9L) /* 1003 */, + unchecked((long) 0xD71A786E88570EE2L) /* 1004 */, unchecked((long) 0x879CBACDBDE8F6A0L) /* 1005 */, + unchecked((long) 0x976AD1BCC164A32FL) /* 1006 */, unchecked((long) 0xAB21E25E9666D78BL) /* 1007 */, + unchecked((long) 0x901063AAE5E5C33CL) /* 1008 */, unchecked((long) 0x9818B34448698D90L) /* 1009 */, + unchecked((long) 0xE36487AE3E1E8ABBL) /* 1010 */, unchecked((long) 0xAFBDF931893BDCB4L) /* 1011 */, + unchecked((long) 0x6345A0DC5FBBD519L) /* 1012 */, unchecked((long) 0x8628FE269B9465CAL) /* 1013 */, + unchecked((long) 0x1E5D01603F9C51ECL) /* 1014 */, unchecked((long) 0x4DE44006A15049B7L) /* 1015 */, + unchecked((long) 0xBF6C70E5F776CBB1L) /* 1016 */, unchecked((long) 0x411218F2EF552BEDL) /* 1017 */, + unchecked((long) 0xCB0C0708705A36A3L) /* 1018 */, unchecked((long) 0xE74D14754F986044L) /* 1019 */, + unchecked((long) 0xCD56D9430EA8280EL) /* 1020 */, unchecked((long) 0xC12591D7535F5065L) /* 1021 */, + unchecked((long) 0xC83223F1720AEF96L) /* 1022 */, unchecked((long) 0xC3A0396F7363A51FL) /* 1023 */ + }; + + private const int DigestLength = 24; + + // + // registers + // + private long a, b, c; + private long byteCount; + + // + // buffers + // + private byte[] Buffer = new byte[8]; + private int bOff; + + private long[] x = new long[8]; + private int xOff; + + /** + * Standard constructor + */ + public TigerDigest() + { + Reset(); + } + + /** + * Copy constructor. This will copy the state of the provided + * message digest. + */ + public TigerDigest(TigerDigest t) + { + Reset(t); + } + + public string AlgorithmName + { + get { return "Tiger"; } + } + + public int GetDigestSize() + { + return DigestLength; + } + + public int GetByteLength() + { + return MyByteLength; + } + + private void ProcessWord( + byte[] b, + int off) + { + x[xOff++] = ((long)(b[off + 7] & 0xff) << 56) + | ((long)(b[off + 6] & 0xff) << 48) + | ((long)(b[off + 5] & 0xff) << 40) + | ((long)(b[off + 4] & 0xff) << 32) + | ((long)(b[off + 3] & 0xff) << 24) + | ((long)(b[off + 2] & 0xff) << 16) + | ((long)(b[off + 1] & 0xff) << 8) + | ((uint)(b[off + 0] & 0xff)); + + if (xOff == x.Length) + { + ProcessBlock(); + } + + bOff = 0; + } + + public void Update( + byte input) + { + Buffer[bOff++] = input; + + if (bOff == Buffer.Length) + { + ProcessWord(Buffer, 0); + } + + byteCount++; + } + + public void BlockUpdate( + byte[] input, + int inOff, + int length) + { + // + // fill the current word + // + while ((bOff != 0) && (length > 0)) + { + Update(input[inOff]); + + inOff++; + length--; + } + + // + // process whole words. + // + while (length > 8) + { + ProcessWord(input, inOff); + + inOff += 8; + length -= 8; + byteCount += 8; + } + + // + // load in the remainder. + // + while (length > 0) + { + Update(input[inOff]); + + inOff++; + length--; + } + } + + private void RoundABC( + long x, + long mul) + { + c ^= x ; + a -= t1[(int)c & 0xff] ^ t2[(int)(c >> 16) & 0xff] + ^ t3[(int)(c >> 32) & 0xff] ^ t4[(int)(c >> 48) & 0xff]; + b += t4[(int)(c >> 8) & 0xff] ^ t3[(int)(c >> 24) & 0xff] + ^ t2[(int)(c >> 40) & 0xff] ^ t1[(int)(c >> 56) & 0xff]; + b *= mul; + } + + private void RoundBCA( + long x, + long mul) + { + a ^= x ; + b -= t1[(int)a & 0xff] ^ t2[(int)(a >> 16) & 0xff] + ^ t3[(int)(a >> 32) & 0xff] ^ t4[(int)(a >> 48) & 0xff]; + c += t4[(int)(a >> 8) & 0xff] ^ t3[(int)(a >> 24) & 0xff] + ^ t2[(int)(a >> 40) & 0xff] ^ t1[(int)(a >> 56) & 0xff]; + c *= mul; + } + + private void RoundCAB( + long x, + long mul) + { + b ^= x ; + c -= t1[(int)b & 0xff] ^ t2[(int)(b >> 16) & 0xff] + ^ t3[(int)(b >> 32) & 0xff] ^ t4[(int)(b >> 48) & 0xff]; + a += t4[(int)(b >> 8) & 0xff] ^ t3[(int)(b >> 24) & 0xff] + ^ t2[(int)(b >> 40) & 0xff] ^ t1[(int)(b >> 56) & 0xff]; + a *= mul; + } + + private void KeySchedule() + { + x[0] -= x[7] ^ unchecked ((long) 0xA5A5A5A5A5A5A5A5L); + x[1] ^= x[0]; + x[2] += x[1]; + x[3] -= x[2] ^ ((~x[1]) << 19); + x[4] ^= x[3]; + x[5] += x[4]; + x[6] -= x[5] ^ (long) ((ulong) (~x[4]) >> 23); + x[7] ^= x[6]; + x[0] += x[7]; + x[1] -= x[0] ^ ((~x[7]) << 19); + x[2] ^= x[1]; + x[3] += x[2]; + x[4] -= x[3] ^ (long) ((ulong) (~x[2]) >> 23); + x[5] ^= x[4]; + x[6] += x[5]; + x[7] -= x[6] ^ 0x0123456789ABCDEFL; + } + + private void ProcessBlock() + { + // + // save abc + // + long aa = a; + long bb = b; + long cc = c; + + // + // rounds and schedule + // + RoundABC(x[0], 5); + RoundBCA(x[1], 5); + RoundCAB(x[2], 5); + RoundABC(x[3], 5); + RoundBCA(x[4], 5); + RoundCAB(x[5], 5); + RoundABC(x[6], 5); + RoundBCA(x[7], 5); + + KeySchedule(); + + RoundCAB(x[0], 7); + RoundABC(x[1], 7); + RoundBCA(x[2], 7); + RoundCAB(x[3], 7); + RoundABC(x[4], 7); + RoundBCA(x[5], 7); + RoundCAB(x[6], 7); + RoundABC(x[7], 7); + + KeySchedule(); + + RoundBCA(x[0], 9); + RoundCAB(x[1], 9); + RoundABC(x[2], 9); + RoundBCA(x[3], 9); + RoundCAB(x[4], 9); + RoundABC(x[5], 9); + RoundBCA(x[6], 9); + RoundCAB(x[7], 9); + + // + // feed forward + // + a ^= aa; + b -= bb; + c += cc; + + // + // clear the x buffer + // + xOff = 0; + for (int i = 0; i != x.Length; i++) + { + x[i] = 0; + } + } + + private void UnpackWord( + long r, + byte[] output, + int outOff) + { + output[outOff + 7] = (byte)(r >> 56); + output[outOff + 6] = (byte)(r >> 48); + output[outOff + 5] = (byte)(r >> 40); + output[outOff + 4] = (byte)(r >> 32); + output[outOff + 3] = (byte)(r >> 24); + output[outOff + 2] = (byte)(r >> 16); + output[outOff + 1] = (byte)(r >> 8); + output[outOff] = (byte)r; + } + + private void ProcessLength( + long bitLength) + { + x[7] = bitLength; + } + + private void Finish() + { + long bitLength = (byteCount << 3); + + Update((byte)0x01); + + while (bOff != 0) + { + Update((byte)0); + } + + ProcessLength(bitLength); + + ProcessBlock(); + } + + public int DoFinal( + byte[] output, + int outOff) + { + Finish(); + + UnpackWord(a, output, outOff); + UnpackWord(b, output, outOff + 8); + UnpackWord(c, output, outOff + 16); + + Reset(); + + return DigestLength; + } + + /** + * reset the chaining variables + */ + public void Reset() + { + a = unchecked((long) 0x0123456789ABCDEFL); + b = unchecked((long) 0xFEDCBA9876543210L); + c = unchecked((long) 0xF096A5B4C3B2E187L); + + xOff = 0; + for (int i = 0; i != x.Length; i++) + { + x[i] = 0; + } + + bOff = 0; + for (int i = 0; i != Buffer.Length; i++) + { + Buffer[i] = 0; + } + + byteCount = 0; + } + + public IMemoable Copy() + { + return new TigerDigest(this); + } + + public void Reset(IMemoable other) + { + TigerDigest t = (TigerDigest)other; + + a = t.a; + b = t.b; + c = t.c; + + Array.Copy(t.x, 0, x, 0, t.x.Length); + xOff = t.xOff; + + Array.Copy(t.Buffer, 0, Buffer, 0, t.Buffer.Length); + bOff = t.bOff; + + byteCount = t.byteCount; + } + + } +} diff --git a/BouncyCastle/crypto/src/crypto/digests/TupleHash.cs b/BouncyCastle/crypto/src/crypto/digests/TupleHash.cs new file mode 100644 index 0000000..98c2d2a --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/digests/TupleHash.cs @@ -0,0 +1,134 @@ +using System; + +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Crypto.Digests +{ + /// + /// TupleHash - a hash designed to simply hash a tuple of input strings, any or all of which may be empty strings, + /// in an unambiguous way with an optional XOF mode. + /// + /// From NIST Special Publication 800-185 - SHA-3 Derived Functions:cSHAKE, KMAC, TupleHash and ParallelHash + /// + /// + public class TupleHash + : IXof, IDigest + { + private static readonly byte[] N_TUPLE_HASH = Strings.ToByteArray("TupleHash"); + + private readonly CShakeDigest cshake; + private readonly int bitLength; + private readonly int outputLength; + + private bool firstOutput; + + /** + * Base constructor. + * + * @param bitLength bit length of the underlying SHAKE function, 128 or 256. + * @param S the customization string - available for local use. + */ + public TupleHash(int bitLength, byte[] S) + : this(bitLength, S, bitLength * 2) + { + + } + + public TupleHash(int bitLength, byte[] S, int outputSize) + { + this.cshake = new CShakeDigest(bitLength, N_TUPLE_HASH, S); + this.bitLength = bitLength; + this.outputLength = (outputSize + 7) / 8; + + Reset(); + } + + public TupleHash(TupleHash original) + { + this.cshake = new CShakeDigest(original.cshake); + this.bitLength = cshake.fixedOutputLength; + this.outputLength = bitLength * 2 / 8; + this.firstOutput = original.firstOutput; + } + + public virtual string AlgorithmName + { + get { return "TupleHash" + cshake.AlgorithmName.Substring(6); } + } + + public virtual int GetByteLength() + { + return cshake.GetByteLength(); + } + + public virtual int GetDigestSize() + { + return outputLength; + } + + public virtual void Update(byte b) + { + byte[] bytes = XofUtilities.Encode(b); + cshake.BlockUpdate(bytes, 0, bytes.Length); + } + + public virtual void BlockUpdate(byte[] inBuf, int inOff, int len) + { + byte[] bytes = XofUtilities.Encode(inBuf, inOff, len); + cshake.BlockUpdate(bytes, 0, bytes.Length); + } + + private void wrapUp(int outputSize) + { + byte[] encOut = XofUtilities.RightEncode(outputSize * 8); + + cshake.BlockUpdate(encOut, 0, encOut.Length); + + firstOutput = false; + } + + public virtual int DoFinal(byte[] outBuf, int outOff) + { + if (firstOutput) + { + wrapUp(GetDigestSize()); + } + + int rv = cshake.DoFinal(outBuf, outOff, GetDigestSize()); + + Reset(); + + return rv; + } + + public virtual int DoFinal(byte[] outBuf, int outOff, int outLen) + { + if (firstOutput) + { + wrapUp(GetDigestSize()); + } + + int rv = cshake.DoFinal(outBuf, outOff, outLen); + + Reset(); + + return rv; + } + + public virtual int DoOutput(byte[] outBuf, int outOff, int outLen) + { + if (firstOutput) + { + wrapUp(0); + } + + return cshake.DoOutput(outBuf, outOff, outLen); + } + + public virtual void Reset() + { + cshake.Reset(); + firstOutput = true; + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/digests/WhirlpoolDigest.cs b/BouncyCastle/crypto/src/crypto/digests/WhirlpoolDigest.cs new file mode 100644 index 0000000..55b7120 --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/digests/WhirlpoolDigest.cs @@ -0,0 +1,413 @@ +using System; + +using Org.BouncyCastle.Crypto; +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Crypto.Digests +{ + /** + * Implementation of WhirlpoolDigest, based on Java source published by Barreto + * and Rijmen. + * + */ + public sealed class WhirlpoolDigest + : IDigest, IMemoable + { + private const int BYTE_LENGTH = 64; + + private const int DIGEST_LENGTH_BYTES = 512 / 8; + private const int ROUNDS = 10; + private const int REDUCTION_POLYNOMIAL = 0x011d; // 2^8 + 2^4 + 2^3 + 2 + 1; + + private static readonly int[] SBOX = + { + 0x18, 0x23, 0xc6, 0xe8, 0x87, 0xb8, 0x01, 0x4f, 0x36, 0xa6, 0xd2, 0xf5, 0x79, 0x6f, 0x91, 0x52, + 0x60, 0xbc, 0x9b, 0x8e, 0xa3, 0x0c, 0x7b, 0x35, 0x1d, 0xe0, 0xd7, 0xc2, 0x2e, 0x4b, 0xfe, 0x57, + 0x15, 0x77, 0x37, 0xe5, 0x9f, 0xf0, 0x4a, 0xda, 0x58, 0xc9, 0x29, 0x0a, 0xb1, 0xa0, 0x6b, 0x85, + 0xbd, 0x5d, 0x10, 0xf4, 0xcb, 0x3e, 0x05, 0x67, 0xe4, 0x27, 0x41, 0x8b, 0xa7, 0x7d, 0x95, 0xd8, + 0xfb, 0xee, 0x7c, 0x66, 0xdd, 0x17, 0x47, 0x9e, 0xca, 0x2d, 0xbf, 0x07, 0xad, 0x5a, 0x83, 0x33, + 0x63, 0x02, 0xaa, 0x71, 0xc8, 0x19, 0x49, 0xd9, 0xf2, 0xe3, 0x5b, 0x88, 0x9a, 0x26, 0x32, 0xb0, + 0xe9, 0x0f, 0xd5, 0x80, 0xbe, 0xcd, 0x34, 0x48, 0xff, 0x7a, 0x90, 0x5f, 0x20, 0x68, 0x1a, 0xae, + 0xb4, 0x54, 0x93, 0x22, 0x64, 0xf1, 0x73, 0x12, 0x40, 0x08, 0xc3, 0xec, 0xdb, 0xa1, 0x8d, 0x3d, + 0x97, 0x00, 0xcf, 0x2b, 0x76, 0x82, 0xd6, 0x1b, 0xb5, 0xaf, 0x6a, 0x50, 0x45, 0xf3, 0x30, 0xef, + 0x3f, 0x55, 0xa2, 0xea, 0x65, 0xba, 0x2f, 0xc0, 0xde, 0x1c, 0xfd, 0x4d, 0x92, 0x75, 0x06, 0x8a, + 0xb2, 0xe6, 0x0e, 0x1f, 0x62, 0xd4, 0xa8, 0x96, 0xf9, 0xc5, 0x25, 0x59, 0x84, 0x72, 0x39, 0x4c, + 0x5e, 0x78, 0x38, 0x8c, 0xd1, 0xa5, 0xe2, 0x61, 0xb3, 0x21, 0x9c, 0x1e, 0x43, 0xc7, 0xfc, 0x04, + 0x51, 0x99, 0x6d, 0x0d, 0xfa, 0xdf, 0x7e, 0x24, 0x3b, 0xab, 0xce, 0x11, 0x8f, 0x4e, 0xb7, 0xeb, + 0x3c, 0x81, 0x94, 0xf7, 0xb9, 0x13, 0x2c, 0xd3, 0xe7, 0x6e, 0xc4, 0x03, 0x56, 0x44, 0x7f, 0xa9, + 0x2a, 0xbb, 0xc1, 0x53, 0xdc, 0x0b, 0x9d, 0x6c, 0x31, 0x74, 0xf6, 0x46, 0xac, 0x89, 0x14, 0xe1, + 0x16, 0x3a, 0x69, 0x09, 0x70, 0xb6, 0xd0, 0xed, 0xcc, 0x42, 0x98, 0xa4, 0x28, 0x5c, 0xf8, 0x86 + }; + + private static readonly long[] C0 = new long[256]; + private static readonly long[] C1 = new long[256]; + private static readonly long[] C2 = new long[256]; + private static readonly long[] C3 = new long[256]; + private static readonly long[] C4 = new long[256]; + private static readonly long[] C5 = new long[256]; + private static readonly long[] C6 = new long[256]; + private static readonly long[] C7 = new long[256]; + + private readonly long[] _rc = new long[ROUNDS + 1]; + + /* + * increment() can be implemented in this way using 2 arrays or + * by having some temporary variables that are used to set the + * value provided by EIGHT[i] and carry within the loop. + * + * not having done any timing, this seems likely to be faster + * at the slight expense of 32*(sizeof short) bytes + */ + private static readonly short[] EIGHT = new short[BITCOUNT_ARRAY_SIZE]; + + static WhirlpoolDigest() + { + EIGHT[BITCOUNT_ARRAY_SIZE - 1] = 8; + + for (int i = 0; i < 256; i++) + { + int v1 = SBOX[i]; + int v2 = maskWithReductionPolynomial(v1 << 1); + int v4 = maskWithReductionPolynomial(v2 << 1); + int v5 = v4 ^ v1; + int v8 = maskWithReductionPolynomial(v4 << 1); + int v9 = v8 ^ v1; + + C0[i] = packIntoLong(v1, v1, v4, v1, v8, v5, v2, v9); + C1[i] = packIntoLong(v9, v1, v1, v4, v1, v8, v5, v2); + C2[i] = packIntoLong(v2, v9, v1, v1, v4, v1, v8, v5); + C3[i] = packIntoLong(v5, v2, v9, v1, v1, v4, v1, v8); + C4[i] = packIntoLong(v8, v5, v2, v9, v1, v1, v4, v1); + C5[i] = packIntoLong(v1, v8, v5, v2, v9, v1, v1, v4); + C6[i] = packIntoLong(v4, v1, v8, v5, v2, v9, v1, v1); + C7[i] = packIntoLong(v1, v4, v1, v8, v5, v2, v9, v1); + } + } + + public WhirlpoolDigest() + { + _rc[0] = 0L; + for (int r = 1; r <= ROUNDS; r++) + { + int i = 8 * (r - 1); + _rc[r] = (long)((ulong)C0[i] & 0xff00000000000000L) ^ + (C1[i + 1] & (long) 0x00ff000000000000L) ^ + (C2[i + 2] & (long) 0x0000ff0000000000L) ^ + (C3[i + 3] & (long) 0x000000ff00000000L) ^ + (C4[i + 4] & (long) 0x00000000ff000000L) ^ + (C5[i + 5] & (long) 0x0000000000ff0000L) ^ + (C6[i + 6] & (long) 0x000000000000ff00L) ^ + (C7[i + 7] & (long) 0x00000000000000ffL); + } + } + + private static long packIntoLong(int b7, int b6, int b5, int b4, int b3, int b2, int b1, int b0) + { + return + ((long)b7 << 56) ^ + ((long)b6 << 48) ^ + ((long)b5 << 40) ^ + ((long)b4 << 32) ^ + ((long)b3 << 24) ^ + ((long)b2 << 16) ^ + ((long)b1 << 8) ^ + b0; + } + + /* + * int's are used to prevent sign extension. The values that are really being used are + * actually just 0..255 + */ + private static int maskWithReductionPolynomial(int input) + { + int rv = input; + if (rv >= 0x100L) // high bit set + { + rv ^= REDUCTION_POLYNOMIAL; // reduced by the polynomial + } + return rv; + } + + // --------------------------------------------------------------------------------------// + + // -- buffer information -- + private const int BITCOUNT_ARRAY_SIZE = 32; + private byte[] _buffer = new byte[64]; + private int _bufferPos; + private short[] _bitCount = new short[BITCOUNT_ARRAY_SIZE]; + + // -- internal hash state -- + private long[] _hash = new long[8]; + private long[] _K = new long[8]; // the round key + private long[] _L = new long[8]; + private long[] _block = new long[8]; // mu (buffer) + private long[] _state = new long[8]; // the current "cipher" state + + + + /** + * Copy constructor. This will copy the state of the provided message + * digest. + */ + public WhirlpoolDigest(WhirlpoolDigest originalDigest) + { + Reset(originalDigest); + } + + public string AlgorithmName + { + get { return "Whirlpool"; } + } + + public int GetDigestSize() + { + return DIGEST_LENGTH_BYTES; + } + + public int DoFinal(byte[] output, int outOff) + { + // sets output[outOff] .. output[outOff+DIGEST_LENGTH_BYTES] + finish(); + + for (int i = 0; i < 8; i++) + { + convertLongToByteArray(_hash[i], output, outOff + (i * 8)); + } + + Reset(); + + return GetDigestSize(); + } + + /** + * Reset the chaining variables + */ + public void Reset() + { + // set variables to null, blank, whatever + _bufferPos = 0; + Array.Clear(_bitCount, 0, _bitCount.Length); + Array.Clear(_buffer, 0, _buffer.Length); + Array.Clear(_hash, 0, _hash.Length); + Array.Clear(_K, 0, _K.Length); + Array.Clear(_L, 0, _L.Length); + Array.Clear(_block, 0, _block.Length); + Array.Clear(_state, 0, _state.Length); + } + + // this takes a buffer of information and fills the block + private void processFilledBuffer() + { + // copies into the block... + for (int i = 0; i < _state.Length; i++) + { + _block[i] = bytesToLongFromBuffer(_buffer, i * 8); + } + processBlock(); + _bufferPos = 0; + Array.Clear(_buffer, 0, _buffer.Length); + } + + private static long bytesToLongFromBuffer(byte[] buffer, int startPos) + { + long rv = (((buffer[startPos + 0] & 0xffL) << 56) | + ((buffer[startPos + 1] & 0xffL) << 48) | + ((buffer[startPos + 2] & 0xffL) << 40) | + ((buffer[startPos + 3] & 0xffL) << 32) | + ((buffer[startPos + 4] & 0xffL) << 24) | + ((buffer[startPos + 5] & 0xffL) << 16) | + ((buffer[startPos + 6] & 0xffL) << 8) | + ((buffer[startPos + 7]) & 0xffL)); + + return rv; + } + + private static void convertLongToByteArray(long inputLong, byte[] outputArray, int offSet) + { + for (int i = 0; i < 8; i++) + { + outputArray[offSet + i] = (byte)((inputLong >> (56 - (i * 8))) & 0xff); + } + } + + private void processBlock() + { + // buffer contents have been transferred to the _block[] array via + // processFilledBuffer + + // compute and apply K^0 + for (int i = 0; i < 8; i++) + { + _state[i] = _block[i] ^ (_K[i] = _hash[i]); + } + + // iterate over the rounds + for (int round = 1; round <= ROUNDS; round++) + { + for (int i = 0; i < 8; i++) + { + _L[i] = 0; + _L[i] ^= C0[(int)(_K[(i - 0) & 7] >> 56) & 0xff]; + _L[i] ^= C1[(int)(_K[(i - 1) & 7] >> 48) & 0xff]; + _L[i] ^= C2[(int)(_K[(i - 2) & 7] >> 40) & 0xff]; + _L[i] ^= C3[(int)(_K[(i - 3) & 7] >> 32) & 0xff]; + _L[i] ^= C4[(int)(_K[(i - 4) & 7] >> 24) & 0xff]; + _L[i] ^= C5[(int)(_K[(i - 5) & 7] >> 16) & 0xff]; + _L[i] ^= C6[(int)(_K[(i - 6) & 7] >> 8) & 0xff]; + _L[i] ^= C7[(int)(_K[(i - 7) & 7]) & 0xff]; + } + + Array.Copy(_L, 0, _K, 0, _K.Length); + + _K[0] ^= _rc[round]; + + // apply the round transformation + for (int i = 0; i < 8; i++) + { + _L[i] = _K[i]; + + _L[i] ^= C0[(int)(_state[(i - 0) & 7] >> 56) & 0xff]; + _L[i] ^= C1[(int)(_state[(i - 1) & 7] >> 48) & 0xff]; + _L[i] ^= C2[(int)(_state[(i - 2) & 7] >> 40) & 0xff]; + _L[i] ^= C3[(int)(_state[(i - 3) & 7] >> 32) & 0xff]; + _L[i] ^= C4[(int)(_state[(i - 4) & 7] >> 24) & 0xff]; + _L[i] ^= C5[(int)(_state[(i - 5) & 7] >> 16) & 0xff]; + _L[i] ^= C6[(int)(_state[(i - 6) & 7] >> 8) & 0xff]; + _L[i] ^= C7[(int)(_state[(i - 7) & 7]) & 0xff]; + } + + // save the current state + Array.Copy(_L, 0, _state, 0, _state.Length); + } + + // apply Miuaguchi-Preneel compression + for (int i = 0; i < 8; i++) + { + _hash[i] ^= _state[i] ^ _block[i]; + } + + } + + public void Update(byte input) + { + _buffer[_bufferPos] = input; + + //Console.WriteLine("adding to buffer = "+_buffer[_bufferPos]); + + ++_bufferPos; + + if (_bufferPos == _buffer.Length) + { + processFilledBuffer(); + } + + increment(); + } + + private void increment() + { + int carry = 0; + for (int i = _bitCount.Length - 1; i >= 0; i--) + { + int sum = (_bitCount[i] & 0xff) + EIGHT[i] + carry; + + carry = sum >> 8; + _bitCount[i] = (short)(sum & 0xff); + } + } + + public void BlockUpdate(byte[] input, int inOff, int length) + { + while (length > 0) + { + Update(input[inOff]); + ++inOff; + --length; + } + + } + + private void finish() + { + /* + * this makes a copy of the current bit length. at the expense of an + * object creation of 32 bytes rather than providing a _stopCounting + * boolean which was the alternative I could think of. + */ + byte[] bitLength = copyBitLength(); + + _buffer[_bufferPos++] |= 0x80; + + if (_bufferPos == _buffer.Length) + { + processFilledBuffer(); + } + + /* + * Final block contains + * [ ... data .... ][0][0][0][ length ] + * + * if [ length ] cannot fit. Need to create a new block. + */ + if (_bufferPos > 32) + { + while (_bufferPos != 0) + { + Update((byte)0); + } + } + + while (_bufferPos <= 32) + { + Update((byte)0); + } + + // copy the length information to the final 32 bytes of the + // 64 byte block.... + Array.Copy(bitLength, 0, _buffer, 32, bitLength.Length); + + processFilledBuffer(); + } + + private byte[] copyBitLength() + { + byte[] rv = new byte[BITCOUNT_ARRAY_SIZE]; + for (int i = 0; i < rv.Length; i++) + { + rv[i] = (byte)(_bitCount[i] & 0xff); + } + return rv; + } + + public int GetByteLength() + { + return BYTE_LENGTH; + } + + public IMemoable Copy() + { + return new WhirlpoolDigest(this); + } + + public void Reset(IMemoable other) + { + WhirlpoolDigest originalDigest = (WhirlpoolDigest)other; + + Array.Copy(originalDigest._rc, 0, _rc, 0, _rc.Length); + + Array.Copy(originalDigest._buffer, 0, _buffer, 0, _buffer.Length); + + this._bufferPos = originalDigest._bufferPos; + Array.Copy(originalDigest._bitCount, 0, _bitCount, 0, _bitCount.Length); + + // -- internal hash state -- + Array.Copy(originalDigest._hash, 0, _hash, 0, _hash.Length); + Array.Copy(originalDigest._K, 0, _K, 0, _K.Length); + Array.Copy(originalDigest._L, 0, _L, 0, _L.Length); + Array.Copy(originalDigest._block, 0, _block, 0, _block.Length); + Array.Copy(originalDigest._state, 0, _state, 0, _state.Length); + } + + + } +} diff --git a/BouncyCastle/crypto/src/crypto/digests/XofUtils.cs b/BouncyCastle/crypto/src/crypto/digests/XofUtils.cs new file mode 100644 index 0000000..a4d6622 --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/digests/XofUtils.cs @@ -0,0 +1,67 @@ +using System; + +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Crypto.Digests +{ + internal class XofUtilities + { + internal static byte[] LeftEncode(long strLen) + { + byte n = 1; + + long v = strLen; + while ((v >>= 8) != 0) + { + n++; + } + + byte[] b = new byte[n + 1]; + + b[0] = n; + + for (int i = 1; i <= n; i++) + { + b[i] = (byte)(strLen >> (8 * (n - i))); + } + + return b; + } + + internal static byte[] RightEncode(long strLen) + { + byte n = 1; + + long v = strLen; + while ((v >>= 8) != 0) + { + n++; + } + + byte[] b = new byte[n + 1]; + + b[n] = n; + + for (int i = 0; i < n; i++) + { + b[i] = (byte)(strLen >> (8 * (n - i - 1))); + } + + return b; + } + + internal static byte[] Encode(byte X) + { + return Arrays.Concatenate(LeftEncode(8), new byte[] { X }); + } + + internal static byte[] Encode(byte[] inBuf, int inOff, int len) + { + if (inBuf.Length == len) + { + return Arrays.Concatenate(LeftEncode(len * 8), inBuf); + } + return Arrays.Concatenate(LeftEncode(len * 8), Arrays.CopyOfRange(inBuf, inOff, inOff + len)); + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/ec/CustomNamedCurves.cs b/BouncyCastle/crypto/src/crypto/ec/CustomNamedCurves.cs new file mode 100644 index 0000000..166c0ad --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/ec/CustomNamedCurves.cs @@ -0,0 +1,1066 @@ +using System; +using System.Collections; + +using Org.BouncyCastle.Asn1; +using Org.BouncyCastle.Asn1.GM; +using Org.BouncyCastle.Asn1.Sec; +using Org.BouncyCastle.Asn1.X9; +using Org.BouncyCastle.Math; +using Org.BouncyCastle.Math.EC; +using Org.BouncyCastle.Math.EC.Custom.Djb; +using Org.BouncyCastle.Math.EC.Custom.GM; +using Org.BouncyCastle.Math.EC.Custom.Sec; +using Org.BouncyCastle.Math.EC.Endo; +using Org.BouncyCastle.Math.EC.Multiplier; +using Org.BouncyCastle.Utilities; +using Org.BouncyCastle.Utilities.Collections; +using Org.BouncyCastle.Utilities.Encoders; + +namespace Org.BouncyCastle.Crypto.EC +{ + public sealed class CustomNamedCurves + { + private CustomNamedCurves() + { + } + + private static X9ECPoint ConfigureBasepoint(ECCurve curve, string encoding) + { + X9ECPoint G = new X9ECPoint(curve, Hex.DecodeStrict(encoding)); + WNafUtilities.ConfigureBasepoint(G.Point); + return G; + } + + private static ECCurve ConfigureCurve(ECCurve curve) + { + return curve; + } + + private static ECCurve ConfigureCurveGlv(ECCurve c, GlvTypeBParameters p) + { + return c.Configure().SetEndomorphism(new GlvTypeBEndomorphism(c, p)).Create(); + } + + /* + * curve25519 + */ + internal class Curve25519Holder + : X9ECParametersHolder + { + private Curve25519Holder() {} + + internal static readonly X9ECParametersHolder Instance = new Curve25519Holder(); + + protected override ECCurve CreateCurve() + { + return ConfigureCurve(new Curve25519()); + } + + protected override X9ECParameters CreateParameters() + { + byte[] S = null; + ECCurve curve = Curve; + + /* + * NOTE: Curve25519 was specified in Montgomery form. Rewriting in Weierstrass form + * involves substitution of variables, so the base-point x coordinate is 9 + (486662 / 3). + * + * The Curve25519 paper doesn't say which of the two possible y values the base + * point has. The choice here is guided by language in the Ed25519 paper. + * + * (The other possible y value is 5F51E65E475F794B1FE122D388B72EB36DC2B28192839E4DD6163A5D81312C14) + */ + X9ECPoint G = ConfigureBasepoint(curve, + "042AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD245A20AE19A1B8A086B4E01EDD2C7748D14C923D4D7E6D7C61B229E9C5A27ECED3D9"); + + return new X9ECParameters(curve, G, curve.Order, curve.Cofactor, S); + } + } + + /* + * secp128r1 + */ + internal class SecP128R1Holder + : X9ECParametersHolder + { + private SecP128R1Holder() {} + + internal static readonly X9ECParametersHolder Instance = new SecP128R1Holder(); + + protected override ECCurve CreateCurve() + { + return ConfigureCurve(new SecP128R1Curve()); + } + + protected override X9ECParameters CreateParameters() + { + byte[] S = Hex.DecodeStrict("000E0D4D696E6768756151750CC03A4473D03679"); + ECCurve curve = Curve; + X9ECPoint G = ConfigureBasepoint(curve, + "04161FF7528B899B2D0C28607CA52C5B86CF5AC8395BAFEB13C02DA292DDED7A83"); + return new X9ECParameters(curve, G, curve.Order, curve.Cofactor, S); + } + }; + + /* + * secp160k1 + */ + internal class SecP160K1Holder + : X9ECParametersHolder + { + private SecP160K1Holder() {} + + internal static readonly X9ECParametersHolder Instance = new SecP160K1Holder(); + + protected override ECCurve CreateCurve() + { + GlvTypeBParameters glv = new GlvTypeBParameters( + new BigInteger("9ba48cba5ebcb9b6bd33b92830b2a2e0e192f10a", 16), + new BigInteger("c39c6c3b3a36d7701b9c71a1f5804ae5d0003f4", 16), + new ScalarSplitParameters( + new BigInteger[]{ + new BigInteger("9162fbe73984472a0a9e", 16), + new BigInteger("-96341f1138933bc2f505", 16) }, + new BigInteger[]{ + new BigInteger("127971af8721782ecffa3", 16), + new BigInteger("9162fbe73984472a0a9e", 16) }, + new BigInteger("9162fbe73984472a0a9d0590", 16), + new BigInteger("96341f1138933bc2f503fd44", 16), + 176)); + return ConfigureCurveGlv(new SecP160K1Curve(), glv); + } + + protected override X9ECParameters CreateParameters() + { + byte[] S = null; + ECCurve curve = Curve; + X9ECPoint G = ConfigureBasepoint(curve, + "043B4C382CE37AA192A4019E763036F4F5DD4D7EBB938CF935318FDCED6BC28286531733C3F03C4FEE"); + return new X9ECParameters(curve, G, curve.Order, curve.Cofactor, S); + } + }; + + /* + * secp160r1 + */ + internal class SecP160R1Holder + : X9ECParametersHolder + { + private SecP160R1Holder() {} + + internal static readonly X9ECParametersHolder Instance = new SecP160R1Holder(); + + protected override ECCurve CreateCurve() + { + return ConfigureCurve(new SecP160R1Curve()); + } + + protected override X9ECParameters CreateParameters() + { + byte[] S = Hex.DecodeStrict("1053CDE42C14D696E67687561517533BF3F83345"); + ECCurve curve = Curve; + X9ECPoint G = ConfigureBasepoint(curve, + "044A96B5688EF573284664698968C38BB913CBFC8223A628553168947D59DCC912042351377AC5FB32"); + return new X9ECParameters(curve, G, curve.Order, curve.Cofactor, S); + } + }; + + /* + * secp160r2 + */ + internal class SecP160R2Holder + : X9ECParametersHolder + { + private SecP160R2Holder() {} + + internal static readonly X9ECParametersHolder Instance = new SecP160R2Holder(); + + protected override ECCurve CreateCurve() + { + return ConfigureCurve(new SecP160R2Curve()); + } + + protected override X9ECParameters CreateParameters() + { + byte[] S = Hex.DecodeStrict("B99B99B099B323E02709A4D696E6768756151751"); + ECCurve curve = Curve; + X9ECPoint G = ConfigureBasepoint(curve, + "0452DCB034293A117E1F4FF11B30F7199D3144CE6DFEAFFEF2E331F296E071FA0DF9982CFEA7D43F2E"); + return new X9ECParameters(curve, G, curve.Order, curve.Cofactor, S); + } + }; + + /* + * secp192k1 + */ + internal class SecP192K1Holder + : X9ECParametersHolder + { + private SecP192K1Holder() {} + + internal static readonly X9ECParametersHolder Instance = new SecP192K1Holder(); + + protected override ECCurve CreateCurve() + { + GlvTypeBParameters glv = new GlvTypeBParameters( + new BigInteger("bb85691939b869c1d087f601554b96b80cb4f55b35f433c2", 16), + new BigInteger("3d84f26c12238d7b4f3d516613c1759033b1a5800175d0b1", 16), + new ScalarSplitParameters( + new BigInteger[]{ + new BigInteger("71169be7330b3038edb025f1", 16), + new BigInteger("-b3fb3400dec5c4adceb8655c", 16) }, + new BigInteger[]{ + new BigInteger("12511cfe811d0f4e6bc688b4d", 16), + new BigInteger("71169be7330b3038edb025f1", 16) }, + new BigInteger("71169be7330b3038edb025f1d0f9", 16), + new BigInteger("b3fb3400dec5c4adceb8655d4c94", 16), + 208)); + return ConfigureCurveGlv(new SecP192K1Curve(), glv); + } + + protected override X9ECParameters CreateParameters() + { + byte[] S = null; + ECCurve curve = Curve; + X9ECPoint G = ConfigureBasepoint(curve, + "04DB4FF10EC057E9AE26B07D0280B7F4341DA5D1B1EAE06C7D9B2F2F6D9C5628A7844163D015BE86344082AA88D95E2F9D"); + return new X9ECParameters(curve, G, curve.Order, curve.Cofactor, S); + } + } + + /* + * secp192r1 + */ + internal class SecP192R1Holder + : X9ECParametersHolder + { + private SecP192R1Holder() {} + + internal static readonly X9ECParametersHolder Instance = new SecP192R1Holder(); + + protected override ECCurve CreateCurve() + { + return ConfigureCurve(new SecP192R1Curve()); + } + + protected override X9ECParameters CreateParameters() + { + byte[] S = Hex.DecodeStrict("3045AE6FC8422F64ED579528D38120EAE12196D5"); + ECCurve curve = Curve; + X9ECPoint G = ConfigureBasepoint(curve, + "04188DA80EB03090F67CBF20EB43A18800F4FF0AFD82FF101207192B95FFC8DA78631011ED6B24CDD573F977A11E794811"); + return new X9ECParameters(curve, G, curve.Order, curve.Cofactor, S); + } + } + + /* + * secp224k1 + */ + internal class SecP224K1Holder + : X9ECParametersHolder + { + private SecP224K1Holder() {} + + internal static readonly X9ECParametersHolder Instance = new SecP224K1Holder(); + + protected override ECCurve CreateCurve() + { + GlvTypeBParameters glv = new GlvTypeBParameters( + new BigInteger("fe0e87005b4e83761908c5131d552a850b3f58b749c37cf5b84d6768", 16), + new BigInteger("60dcd2104c4cbc0be6eeefc2bdd610739ec34e317f9b33046c9e4788", 16), + new ScalarSplitParameters( + new BigInteger[]{ + new BigInteger("6b8cf07d4ca75c88957d9d670591", 16), + new BigInteger("-b8adf1378a6eb73409fa6c9c637d", 16) }, + new BigInteger[]{ + new BigInteger("1243ae1b4d71613bc9f780a03690e", 16), + new BigInteger("6b8cf07d4ca75c88957d9d670591", 16) }, + new BigInteger("6b8cf07d4ca75c88957d9d67059037a4", 16), + new BigInteger("b8adf1378a6eb73409fa6c9c637ba7f5", 16), + 240)); + return ConfigureCurveGlv(new SecP224K1Curve(), glv); + } + + protected override X9ECParameters CreateParameters() + { + byte[] S = null; + ECCurve curve = Curve; + X9ECPoint G = ConfigureBasepoint(curve, + "04A1455B334DF099DF30FC28A169A467E9E47075A90F7E650EB6B7A45C7E089FED7FBA344282CAFBD6F7E319F7C0B0BD59E2CA4BDB556D61A5"); + return new X9ECParameters(curve, G, curve.Order, curve.Cofactor, S); + } + } + + /* + * secp224r1 + */ + internal class SecP224R1Holder + : X9ECParametersHolder + { + private SecP224R1Holder() {} + + internal static readonly X9ECParametersHolder Instance = new SecP224R1Holder(); + + protected override ECCurve CreateCurve() + { + return ConfigureCurve(new SecP224R1Curve()); + } + + protected override X9ECParameters CreateParameters() + { + byte[] S = Hex.DecodeStrict("BD71344799D5C7FCDC45B59FA3B9AB8F6A948BC5"); + ECCurve curve = Curve; + X9ECPoint G = ConfigureBasepoint(curve, + "04B70E0CBD6BB4BF7F321390B94A03C1D356C21122343280D6115C1D21BD376388B5F723FB4C22DFE6CD4375A05A07476444D5819985007E34"); + return new X9ECParameters(curve, G, curve.Order, curve.Cofactor, S); + } + } + + /* + * secp256k1 + */ + internal class SecP256K1Holder + : X9ECParametersHolder + { + private SecP256K1Holder() {} + + internal static readonly X9ECParametersHolder Instance = new SecP256K1Holder(); + + protected override ECCurve CreateCurve() + { + GlvTypeBParameters glv = new GlvTypeBParameters( + new BigInteger("7ae96a2b657c07106e64479eac3434e99cf0497512f58995c1396c28719501ee", 16), + new BigInteger("5363ad4cc05c30e0a5261c028812645a122e22ea20816678df02967c1b23bd72", 16), + new ScalarSplitParameters( + new BigInteger[]{ + new BigInteger("3086d221a7d46bcde86c90e49284eb15", 16), + new BigInteger("-e4437ed6010e88286f547fa90abfe4c3", 16) }, + new BigInteger[]{ + new BigInteger("114ca50f7a8e2f3f657c1108d9d44cfd8", 16), + new BigInteger("3086d221a7d46bcde86c90e49284eb15", 16) }, + new BigInteger("3086d221a7d46bcde86c90e49284eb153dab", 16), + new BigInteger("e4437ed6010e88286f547fa90abfe4c42212", 16), + 272)); + return ConfigureCurveGlv(new SecP256K1Curve(), glv); + } + + protected override X9ECParameters CreateParameters() + { + byte[] S = null; + ECCurve curve = Curve; + X9ECPoint G = ConfigureBasepoint(curve, + "0479BE667EF9DCBBAC55A06295CE870B07029BFCDB2DCE28D959F2815B16F81798483ADA7726A3C4655DA4FBFC0E1108A8FD17B448A68554199C47D08FFB10D4B8"); + return new X9ECParameters(curve, G, curve.Order, curve.Cofactor, S); + } + } + + /* + * secp256r1 + */ + internal class SecP256R1Holder + : X9ECParametersHolder + { + private SecP256R1Holder() {} + + internal static readonly X9ECParametersHolder Instance = new SecP256R1Holder(); + + protected override ECCurve CreateCurve() + { + return ConfigureCurve(new SecP256R1Curve()); + } + + protected override X9ECParameters CreateParameters() + { + byte[] S = Hex.DecodeStrict("C49D360886E704936A6678E1139D26B7819F7E90"); + ECCurve curve = Curve; + X9ECPoint G = ConfigureBasepoint(curve, + "046B17D1F2E12C4247F8BCE6E563A440F277037D812DEB33A0F4A13945D898C2964FE342E2FE1A7F9B8EE7EB4A7C0F9E162BCE33576B315ECECBB6406837BF51F5"); + return new X9ECParameters(curve, G, curve.Order, curve.Cofactor, S); + } + } + + /* + * secp384r1 + */ + internal class SecP384R1Holder + : X9ECParametersHolder + { + private SecP384R1Holder() {} + + internal static readonly X9ECParametersHolder Instance = new SecP384R1Holder(); + + protected override ECCurve CreateCurve() + { + return ConfigureCurve(new SecP384R1Curve()); + } + + protected override X9ECParameters CreateParameters() + { + byte[] S = Hex.DecodeStrict("A335926AA319A27A1D00896A6773A4827ACDAC73"); + ECCurve curve = Curve; + X9ECPoint G = ConfigureBasepoint(curve, "04" + + "AA87CA22BE8B05378EB1C71EF320AD746E1D3B628BA79B9859F741E082542A385502F25DBF55296C3A545E3872760AB7" + + "3617DE4A96262C6F5D9E98BF9292DC29F8F41DBD289A147CE9DA3113B5F0B8C00A60B1CE1D7E819D7A431D7C90EA0E5F"); + return new X9ECParameters(curve, G, curve.Order, curve.Cofactor, S); + } + } + + /* + * secp521r1 + */ + internal class SecP521R1Holder + : X9ECParametersHolder + { + private SecP521R1Holder() {} + + internal static readonly X9ECParametersHolder Instance = new SecP521R1Holder(); + + protected override ECCurve CreateCurve() + { + return ConfigureCurve(new SecP521R1Curve()); + } + + protected override X9ECParameters CreateParameters() + { + byte[] S = Hex.DecodeStrict("D09E8800291CB85396CC6717393284AAA0DA64BA"); + ECCurve curve = Curve; + X9ECPoint G = ConfigureBasepoint(curve, "04" + + "00C6858E06B70404E9CD9E3ECB662395B4429C648139053FB521F828AF606B4D3DBAA14B5E77EFE75928FE1DC127A2FFA8DE3348B3C1856A429BF97E7E31C2E5BD66" + + "011839296A789A3BC0045C8A5FB42C7D1BD998F54449579B446817AFBD17273E662C97EE72995EF42640C550B9013FAD0761353C7086A272C24088BE94769FD16650"); + return new X9ECParameters(curve, G, curve.Order, curve.Cofactor, S); + } + } + + /* + * sect113r1 + */ + internal class SecT113R1Holder + : X9ECParametersHolder + { + private SecT113R1Holder() {} + + internal static readonly X9ECParametersHolder Instance = new SecT113R1Holder(); + + protected override ECCurve CreateCurve() + { + return ConfigureCurve(new SecT113R1Curve()); + } + + protected override X9ECParameters CreateParameters() + { + byte[] S = Hex.DecodeStrict("10E723AB14D696E6768756151756FEBF8FCB49A9"); + ECCurve curve = Curve; + X9ECPoint G = ConfigureBasepoint(curve, + "04009D73616F35F4AB1407D73562C10F00A52830277958EE84D1315ED31886"); + return new X9ECParameters(curve, G, curve.Order, curve.Cofactor, S); + } + }; + + /* + * sect113r2 + */ + internal class SecT113R2Holder + : X9ECParametersHolder + { + private SecT113R2Holder() {} + + internal static readonly X9ECParametersHolder Instance = new SecT113R2Holder(); + + protected override ECCurve CreateCurve() + { + return ConfigureCurve(new SecT113R2Curve()); + } + + protected override X9ECParameters CreateParameters() + { + byte[] S = Hex.DecodeStrict("10C0FB15760860DEF1EEF4D696E676875615175D"); + ECCurve curve = Curve; + X9ECPoint G = ConfigureBasepoint(curve, + "0401A57A6A7B26CA5EF52FCDB816479700B3ADC94ED1FE674C06E695BABA1D"); + return new X9ECParameters(curve, G, curve.Order, curve.Cofactor, S); + } + }; + + /* + * sect131r1 + */ + internal class SecT131R1Holder + : X9ECParametersHolder + { + private SecT131R1Holder() {} + + internal static readonly X9ECParametersHolder Instance = new SecT131R1Holder(); + + protected override ECCurve CreateCurve() + { + return ConfigureCurve(new SecT131R1Curve()); + } + + protected override X9ECParameters CreateParameters() + { + byte[] S = Hex.DecodeStrict("4D696E676875615175985BD3ADBADA21B43A97E2"); + ECCurve curve = Curve; + X9ECPoint G = ConfigureBasepoint(curve, + "040081BAF91FDF9833C40F9C181343638399078C6E7EA38C001F73C8134B1B4EF9E150"); + return new X9ECParameters(curve, G, curve.Order, curve.Cofactor, S); + } + }; + + /* + * sect131r2 + */ + internal class SecT131R2Holder + : X9ECParametersHolder + { + private SecT131R2Holder() {} + + internal static readonly X9ECParametersHolder Instance = new SecT131R2Holder(); + + protected override ECCurve CreateCurve() + { + return ConfigureCurve(new SecT131R2Curve()); + } + + protected override X9ECParameters CreateParameters() + { + byte[] S = Hex.DecodeStrict("985BD3ADBAD4D696E676875615175A21B43A97E3"); + ECCurve curve = Curve; + X9ECPoint G = ConfigureBasepoint(curve, + "040356DCD8F2F95031AD652D23951BB366A80648F06D867940A5366D9E265DE9EB240F"); + return new X9ECParameters(curve, G, curve.Order, curve.Cofactor, S); + } + }; + + /* + * sect163k1 + */ + internal class SecT163K1Holder + : X9ECParametersHolder + { + private SecT163K1Holder() {} + + internal static readonly X9ECParametersHolder Instance = new SecT163K1Holder(); + + protected override ECCurve CreateCurve() + { + return ConfigureCurve(new SecT163K1Curve()); + } + + protected override X9ECParameters CreateParameters() + { + byte[] S = null; + ECCurve curve = Curve; + X9ECPoint G = ConfigureBasepoint(curve, + "0402FE13C0537BBC11ACAA07D793DE4E6D5E5C94EEE80289070FB05D38FF58321F2E800536D538CCDAA3D9"); + return new X9ECParameters(curve, G, curve.Order, curve.Cofactor, S); + } + }; + + /* + * sect163r1 + */ + internal class SecT163R1Holder + : X9ECParametersHolder + { + private SecT163R1Holder() {} + + internal static readonly X9ECParametersHolder Instance = new SecT163R1Holder(); + + protected override ECCurve CreateCurve() + { + return ConfigureCurve(new SecT163R1Curve()); + } + + protected override X9ECParameters CreateParameters() + { + byte[] S = Hex.DecodeStrict("24B7B137C8A14D696E6768756151756FD0DA2E5C"); + ECCurve curve = Curve; + X9ECPoint G = ConfigureBasepoint(curve, + "040369979697AB43897789566789567F787A7876A65400435EDB42EFAFB2989D51FEFCE3C80988F41FF883"); + return new X9ECParameters(curve, G, curve.Order, curve.Cofactor, S); + } + }; + + /* + * sect163r2 + */ + internal class SecT163R2Holder + : X9ECParametersHolder + { + private SecT163R2Holder() {} + + internal static readonly X9ECParametersHolder Instance = new SecT163R2Holder(); + + protected override ECCurve CreateCurve() + { + return ConfigureCurve(new SecT163R2Curve()); + } + + protected override X9ECParameters CreateParameters() + { + byte[] S = Hex.DecodeStrict("85E25BFE5C86226CDB12016F7553F9D0E693A268"); + ECCurve curve = Curve; + X9ECPoint G = ConfigureBasepoint(curve, + "0403F0EBA16286A2D57EA0991168D4994637E8343E3600D51FBC6C71A0094FA2CDD545B11C5C0C797324F1"); + return new X9ECParameters(curve, G, curve.Order, curve.Cofactor, S); + } + }; + + /* + * sect193r1 + */ + internal class SecT193R1Holder + : X9ECParametersHolder + { + private SecT193R1Holder() {} + + internal static readonly X9ECParametersHolder Instance = new SecT193R1Holder(); + + protected override ECCurve CreateCurve() + { + return ConfigureCurve(new SecT193R1Curve()); + } + + protected override X9ECParameters CreateParameters() + { + byte[] S = Hex.DecodeStrict("103FAEC74D696E676875615175777FC5B191EF30"); + ECCurve curve = Curve; + X9ECPoint G = ConfigureBasepoint(curve, + "0401F481BC5F0FF84A74AD6CDF6FDEF4BF6179625372D8C0C5E10025E399F2903712CCF3EA9E3A1AD17FB0B3201B6AF7CE1B05"); + return new X9ECParameters(curve, G, curve.Order, curve.Cofactor, S); + } + }; + + /* + * sect193r2 + */ + internal class SecT193R2Holder + : X9ECParametersHolder + { + private SecT193R2Holder() {} + + internal static readonly X9ECParametersHolder Instance = new SecT193R2Holder(); + + protected override ECCurve CreateCurve() + { + return ConfigureCurve(new SecT193R2Curve()); + } + + protected override X9ECParameters CreateParameters() + { + byte[] S = Hex.DecodeStrict("10B7B4D696E676875615175137C8A16FD0DA2211"); + ECCurve curve = Curve; + X9ECPoint G = ConfigureBasepoint(curve, + "0400D9B67D192E0367C803F39E1A7E82CA14A651350AAE617E8F01CE94335607C304AC29E7DEFBD9CA01F596F927224CDECF6C"); + return new X9ECParameters(curve, G, curve.Order, curve.Cofactor, S); + } + }; + + /* + * sect233k1 + */ + internal class SecT233K1Holder + : X9ECParametersHolder + { + private SecT233K1Holder() {} + + internal static readonly X9ECParametersHolder Instance = new SecT233K1Holder(); + + protected override ECCurve CreateCurve() + { + return ConfigureCurve(new SecT233K1Curve()); + } + + protected override X9ECParameters CreateParameters() + { + byte[] S = null; + ECCurve curve = Curve; + X9ECPoint G = ConfigureBasepoint(curve, + "04017232BA853A7E731AF129F22FF4149563A419C26BF50A4C9D6EEFAD612601DB537DECE819B7F70F555A67C427A8CD9BF18AEB9B56E0C11056FAE6A3"); + return new X9ECParameters(curve, G, curve.Order, curve.Cofactor, S); + } + }; + + /* + * sect233r1 + */ + internal class SecT233R1Holder + : X9ECParametersHolder + { + private SecT233R1Holder() {} + + internal static readonly X9ECParametersHolder Instance = new SecT233R1Holder(); + + protected override ECCurve CreateCurve() + { + return ConfigureCurve(new SecT233R1Curve()); + } + + protected override X9ECParameters CreateParameters() + { + byte[] S = Hex.DecodeStrict("74D59FF07F6B413D0EA14B344B20A2DB049B50C3"); + ECCurve curve = Curve; + X9ECPoint G = ConfigureBasepoint(curve, + "0400FAC9DFCBAC8313BB2139F1BB755FEF65BC391F8B36F8F8EB7371FD558B01006A08A41903350678E58528BEBF8A0BEFF867A7CA36716F7E01F81052"); + return new X9ECParameters(curve, G, curve.Order, curve.Cofactor, S); + } + }; + + /* + * sect239k1 + */ + internal class SecT239K1Holder + : X9ECParametersHolder + { + private SecT239K1Holder() {} + + internal static readonly X9ECParametersHolder Instance = new SecT239K1Holder(); + + protected override ECCurve CreateCurve() + { + return ConfigureCurve(new SecT239K1Curve()); + } + + protected override X9ECParameters CreateParameters() + { + byte[] S = null; + ECCurve curve = Curve; + X9ECPoint G = ConfigureBasepoint(curve, + "0429A0B6A887A983E9730988A68727A8B2D126C44CC2CC7B2A6555193035DC76310804F12E549BDB011C103089E73510ACB275FC312A5DC6B76553F0CA"); + return new X9ECParameters(curve, G, curve.Order, curve.Cofactor, S); + } + }; + + /* + * sect283k1 + */ + internal class SecT283K1Holder + : X9ECParametersHolder + { + private SecT283K1Holder() {} + + internal static readonly X9ECParametersHolder Instance = new SecT283K1Holder(); + + protected override ECCurve CreateCurve() + { + return ConfigureCurve(new SecT283K1Curve()); + } + + protected override X9ECParameters CreateParameters() + { + byte[] S = null; + ECCurve curve = Curve; + X9ECPoint G = ConfigureBasepoint(curve, "04" + + "0503213F78CA44883F1A3B8162F188E553CD265F23C1567A16876913B0C2AC2458492836" + + "01CCDA380F1C9E318D90F95D07E5426FE87E45C0E8184698E45962364E34116177DD2259"); + return new X9ECParameters(curve, G, curve.Order, curve.Cofactor, S); + } + }; + + /* + * sect283r1 + */ + internal class SecT283R1Holder + : X9ECParametersHolder + { + private SecT283R1Holder() {} + + internal static readonly X9ECParametersHolder Instance = new SecT283R1Holder(); + + protected override ECCurve CreateCurve() + { + return ConfigureCurve(new SecT283R1Curve()); + } + + protected override X9ECParameters CreateParameters() + { + byte[] S = Hex.DecodeStrict("77E2B07370EB0F832A6DD5B62DFC88CD06BB84BE"); + ECCurve curve = Curve; + X9ECPoint G = ConfigureBasepoint(curve, "04" + + "05F939258DB7DD90E1934F8C70B0DFEC2EED25B8557EAC9C80E2E198F8CDBECD86B12053" + + "03676854FE24141CB98FE6D4B20D02B4516FF702350EDDB0826779C813F0DF45BE8112F4"); + return new X9ECParameters(curve, G, curve.Order, curve.Cofactor, S); + } + }; + + /* + * sect409k1 + */ + internal class SecT409K1Holder + : X9ECParametersHolder + { + private SecT409K1Holder() {} + + internal static readonly X9ECParametersHolder Instance = new SecT409K1Holder(); + + protected override ECCurve CreateCurve() + { + return ConfigureCurve(new SecT409K1Curve()); + } + + protected override X9ECParameters CreateParameters() + { + byte[] S = null; + ECCurve curve = Curve; + X9ECPoint G = ConfigureBasepoint(curve, "04" + + "0060F05F658F49C1AD3AB1890F7184210EFD0987E307C84C27ACCFB8F9F67CC2C460189EB5AAAA62EE222EB1B35540CFE9023746" + + "01E369050B7C4E42ACBA1DACBF04299C3460782F918EA427E6325165E9EA10E3DA5F6C42E9C55215AA9CA27A5863EC48D8E0286B"); + return new X9ECParameters(curve, G, curve.Order, curve.Cofactor, S); + } + }; + + /* + * sect409r1 + */ + internal class SecT409R1Holder + : X9ECParametersHolder + { + private SecT409R1Holder() {} + + internal static readonly X9ECParametersHolder Instance = new SecT409R1Holder(); + + protected override ECCurve CreateCurve() + { + return ConfigureCurve(new SecT409R1Curve()); + } + + protected override X9ECParameters CreateParameters() + { + byte[] S = Hex.DecodeStrict("4099B5A457F9D69F79213D094C4BCD4D4262210B"); + ECCurve curve = Curve; + X9ECPoint G = ConfigureBasepoint(curve, "04" + + "015D4860D088DDB3496B0C6064756260441CDE4AF1771D4DB01FFE5B34E59703DC255A868A1180515603AEAB60794E54BB7996A7" + + "0061B1CFAB6BE5F32BBFA78324ED106A7636B9C5A7BD198D0158AA4F5488D08F38514F1FDF4B4F40D2181B3681C364BA0273C706"); + return new X9ECParameters(curve, G, curve.Order, curve.Cofactor, S); + } + }; + + /* + * sect571k1 + */ + internal class SecT571K1Holder + : X9ECParametersHolder + { + private SecT571K1Holder() {} + + internal static readonly X9ECParametersHolder Instance = new SecT571K1Holder(); + + protected override ECCurve CreateCurve() + { + return ConfigureCurve(new SecT571K1Curve()); + } + + protected override X9ECParameters CreateParameters() + { + byte[] S = null; + ECCurve curve = Curve; + X9ECPoint G = ConfigureBasepoint(curve, "04" + + "026EB7A859923FBC82189631F8103FE4AC9CA2970012D5D46024804801841CA44370958493B205E647DA304DB4CEB08CBBD1BA39494776FB988B47174DCA88C7E2945283A01C8972" + + "0349DC807F4FBF374F4AEADE3BCA95314DD58CEC9F307A54FFC61EFC006D8A2C9D4979C0AC44AEA74FBEBBB9F772AEDCB620B01A7BA7AF1B320430C8591984F601CD4C143EF1C7A3"); + return new X9ECParameters(curve, G, curve.Order, curve.Cofactor, S); + } + }; + + /* + * sect571r1 + */ + internal class SecT571R1Holder + : X9ECParametersHolder + { + private SecT571R1Holder() {} + + internal static readonly X9ECParametersHolder Instance = new SecT571R1Holder(); + + protected override ECCurve CreateCurve() + { + return ConfigureCurve(new SecT571R1Curve()); + } + + protected override X9ECParameters CreateParameters() + { + byte[] S = Hex.DecodeStrict("2AA058F73A0E33AB486B0F610410C53A7F132310"); + ECCurve curve = Curve; + X9ECPoint G = ConfigureBasepoint(curve, "04" + + "0303001D34B856296C16C0D40D3CD7750A93D1D2955FA80AA5F40FC8DB7B2ABDBDE53950F4C0D293CDD711A35B67FB1499AE60038614F1394ABFA3B4C850D927E1E7769C8EEC2D19" + + "037BF27342DA639B6DCCFFFEB73D69D78C6C27A6009CBBCA1980F8533921E8A684423E43BAB08A576291AF8F461BB2A8B3531D2F0485C19B16E2F1516E23DD3C1A4827AF1B8AC15B"); + return new X9ECParameters(curve, G, curve.Order, curve.Cofactor, S); + } + }; + + /* + * sm2p256v1 + */ + internal class SM2P256V1Holder + : X9ECParametersHolder + { + private SM2P256V1Holder() {} + + internal static readonly X9ECParametersHolder Instance = new SM2P256V1Holder(); + + protected override ECCurve CreateCurve() + { + return ConfigureCurve(new SM2P256V1Curve()); + } + + protected override X9ECParameters CreateParameters() + { + byte[] S = null; + ECCurve curve = Curve; + X9ECPoint G = ConfigureBasepoint(curve, + "0432C4AE2C1F1981195F9904466A39C9948FE30BBFF2660BE1715A4589334C74C7BC3736A2F4F6779C59BDCEE36B692153D0A9877CC62A474002DF32E52139F0A0"); + return new X9ECParameters(curve, G, curve.Order, curve.Cofactor, S); + } + } + + + private static readonly IDictionary nameToCurve = Platform.CreateHashtable(); + private static readonly IDictionary nameToOid = Platform.CreateHashtable(); + private static readonly IDictionary oidToCurve = Platform.CreateHashtable(); + private static readonly IDictionary oidToName = Platform.CreateHashtable(); + private static readonly IList names = Platform.CreateArrayList(); + + private static void DefineCurve(string name, X9ECParametersHolder holder) + { + names.Add(name); + name = Platform.ToUpperInvariant(name); + nameToCurve.Add(name, holder); + } + + private static void DefineCurveWithOid(string name, DerObjectIdentifier oid, X9ECParametersHolder holder) + { + names.Add(name); + oidToName.Add(oid, name); + oidToCurve.Add(oid, holder); + name = Platform.ToUpperInvariant(name); + nameToOid.Add(name, oid); + nameToCurve.Add(name, holder); + } + + private static void DefineCurveAlias(string name, DerObjectIdentifier oid) + { + object curve = oidToCurve[oid]; + if (curve == null) + throw new InvalidOperationException(); + + name = Platform.ToUpperInvariant(name); + nameToOid.Add(name, oid); + nameToCurve.Add(name, curve); + } + + static CustomNamedCurves() + { + DefineCurve("curve25519", Curve25519Holder.Instance); + + //DefineCurveWithOid("secp112r1", SecObjectIdentifiers.SecP112r1, SecP112R1Holder.Instance); + //DefineCurveWithOid("secp112r2", SecObjectIdentifiers.SecP112r2, SecP112R2Holder.Instance); + DefineCurveWithOid("secp128r1", SecObjectIdentifiers.SecP128r1, SecP128R1Holder.Instance); + //DefineCurveWithOid("secp128r2", SecObjectIdentifiers.SecP128r2, SecP128R2Holder.Instance); + DefineCurveWithOid("secp160k1", SecObjectIdentifiers.SecP160k1, SecP160K1Holder.Instance); + DefineCurveWithOid("secp160r1", SecObjectIdentifiers.SecP160r1, SecP160R1Holder.Instance); + DefineCurveWithOid("secp160r2", SecObjectIdentifiers.SecP160r2, SecP160R2Holder.Instance); + DefineCurveWithOid("secp192k1", SecObjectIdentifiers.SecP192k1, SecP192K1Holder.Instance); + DefineCurveWithOid("secp192r1", SecObjectIdentifiers.SecP192r1, SecP192R1Holder.Instance); + DefineCurveWithOid("secp224k1", SecObjectIdentifiers.SecP224k1, SecP224K1Holder.Instance); + DefineCurveWithOid("secp224r1", SecObjectIdentifiers.SecP224r1, SecP224R1Holder.Instance); + DefineCurveWithOid("secp256k1", SecObjectIdentifiers.SecP256k1, SecP256K1Holder.Instance); + DefineCurveWithOid("secp256r1", SecObjectIdentifiers.SecP256r1, SecP256R1Holder.Instance); + DefineCurveWithOid("secp384r1", SecObjectIdentifiers.SecP384r1, SecP384R1Holder.Instance); + DefineCurveWithOid("secp521r1", SecObjectIdentifiers.SecP521r1, SecP521R1Holder.Instance); + + DefineCurveWithOid("sect113r1", SecObjectIdentifiers.SecT113r1, SecT113R1Holder.Instance); + DefineCurveWithOid("sect113r2", SecObjectIdentifiers.SecT113r2, SecT113R2Holder.Instance); + DefineCurveWithOid("sect131r1", SecObjectIdentifiers.SecT131r1, SecT131R1Holder.Instance); + DefineCurveWithOid("sect131r2", SecObjectIdentifiers.SecT131r2, SecT131R2Holder.Instance); + DefineCurveWithOid("sect163k1", SecObjectIdentifiers.SecT163k1, SecT163K1Holder.Instance); + DefineCurveWithOid("sect163r1", SecObjectIdentifiers.SecT163r1, SecT163R1Holder.Instance); + DefineCurveWithOid("sect163r2", SecObjectIdentifiers.SecT163r2, SecT163R2Holder.Instance); + DefineCurveWithOid("sect193r1", SecObjectIdentifiers.SecT193r1, SecT193R1Holder.Instance); + DefineCurveWithOid("sect193r2", SecObjectIdentifiers.SecT193r2, SecT193R2Holder.Instance); + DefineCurveWithOid("sect233k1", SecObjectIdentifiers.SecT233k1, SecT233K1Holder.Instance); + DefineCurveWithOid("sect233r1", SecObjectIdentifiers.SecT233r1, SecT233R1Holder.Instance); + DefineCurveWithOid("sect239k1", SecObjectIdentifiers.SecT239k1, SecT239K1Holder.Instance); + DefineCurveWithOid("sect283k1", SecObjectIdentifiers.SecT283k1, SecT283K1Holder.Instance); + DefineCurveWithOid("sect283r1", SecObjectIdentifiers.SecT283r1, SecT283R1Holder.Instance); + DefineCurveWithOid("sect409k1", SecObjectIdentifiers.SecT409k1, SecT409K1Holder.Instance); + DefineCurveWithOid("sect409r1", SecObjectIdentifiers.SecT409r1, SecT409R1Holder.Instance); + DefineCurveWithOid("sect571k1", SecObjectIdentifiers.SecT571k1, SecT571K1Holder.Instance); + DefineCurveWithOid("sect571r1", SecObjectIdentifiers.SecT571r1, SecT571R1Holder.Instance); + + DefineCurveWithOid("sm2p256v1", GMObjectIdentifiers.sm2p256v1, SM2P256V1Holder.Instance); + + DefineCurveAlias("B-163", SecObjectIdentifiers.SecT163r2); + DefineCurveAlias("B-233", SecObjectIdentifiers.SecT233r1); + DefineCurveAlias("B-283", SecObjectIdentifiers.SecT283r1); + DefineCurveAlias("B-409", SecObjectIdentifiers.SecT409r1); + DefineCurveAlias("B-571", SecObjectIdentifiers.SecT571r1); + + DefineCurveAlias("K-163", SecObjectIdentifiers.SecT163k1); + DefineCurveAlias("K-233", SecObjectIdentifiers.SecT233k1); + DefineCurveAlias("K-283", SecObjectIdentifiers.SecT283k1); + DefineCurveAlias("K-409", SecObjectIdentifiers.SecT409k1); + DefineCurveAlias("K-571", SecObjectIdentifiers.SecT571k1); + + DefineCurveAlias("P-192", SecObjectIdentifiers.SecP192r1); + DefineCurveAlias("P-224", SecObjectIdentifiers.SecP224r1); + DefineCurveAlias("P-256", SecObjectIdentifiers.SecP256r1); + DefineCurveAlias("P-384", SecObjectIdentifiers.SecP384r1); + DefineCurveAlias("P-521", SecObjectIdentifiers.SecP521r1); + } + + public static X9ECParameters GetByName(string name) + { + X9ECParametersHolder holder = GetByNameLazy(name); + return holder == null ? null : holder.Parameters; + } + + public static X9ECParametersHolder GetByNameLazy(string name) + { + return (X9ECParametersHolder)nameToCurve[Platform.ToUpperInvariant(name)]; + } + + /** + * return the X9ECParameters object for the named curve represented by + * the passed in object identifier. Null if the curve isn't present. + * + * @param oid an object identifier representing a named curve, if present. + */ + public static X9ECParameters GetByOid(DerObjectIdentifier oid) + { + X9ECParametersHolder holder = GetByOidLazy(oid); + return holder == null ? null : holder.Parameters; + } + + public static X9ECParametersHolder GetByOidLazy(DerObjectIdentifier oid) + { + return (X9ECParametersHolder)oidToCurve[oid]; + } + + /** + * return the object identifier signified by the passed in name. Null + * if there is no object identifier associated with name. + * + * @return the object identifier associated with name, if present. + */ + public static DerObjectIdentifier GetOid(string name) + { + return (DerObjectIdentifier)nameToOid[Platform.ToUpperInvariant(name)]; + } + + /** + * return the named curve name represented by the given object identifier. + */ + public static string GetName(DerObjectIdentifier oid) + { + return (string)oidToName[oid]; + } + + /** + * returns an enumeration containing the name strings for curves + * contained in this structure. + */ + public static IEnumerable Names + { + get { return new EnumerableProxy(names); } + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/encodings/ISO9796d1Encoding.cs b/BouncyCastle/crypto/src/crypto/encodings/ISO9796d1Encoding.cs new file mode 100644 index 0000000..30e9883 --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/encodings/ISO9796d1Encoding.cs @@ -0,0 +1,273 @@ +using System; +using Org.BouncyCastle.Crypto; +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Math; + +namespace Org.BouncyCastle.Crypto.Encodings +{ + /** + * ISO 9796-1 padding. Note in the light of recent results you should + * only use this with RSA (rather than the "simpler" Rabin keys) and you + * should never use it with anything other than a hash (ie. even if the + * message is small don't sign the message, sign it's hash) or some "random" + * value. See your favorite search engine for details. + */ + public class ISO9796d1Encoding + : IAsymmetricBlockCipher + { + private static readonly BigInteger Sixteen = BigInteger.ValueOf(16); + private static readonly BigInteger Six = BigInteger.ValueOf(6); + + private static readonly byte[] shadows = { 0xe, 0x3, 0x5, 0x8, 0x9, 0x4, 0x2, 0xf, + 0x0, 0xd, 0xb, 0x6, 0x7, 0xa, 0xc, 0x1 }; + private static readonly byte[] inverse = { 0x8, 0xf, 0x6, 0x1, 0x5, 0x2, 0xb, 0xc, + 0x3, 0x4, 0xd, 0xa, 0xe, 0x9, 0x0, 0x7 }; + + private readonly IAsymmetricBlockCipher engine; + private bool forEncryption; + private int bitSize; + private int padBits = 0; + private BigInteger modulus; + + public ISO9796d1Encoding( + IAsymmetricBlockCipher cipher) + { + this.engine = cipher; + } + + public string AlgorithmName + { + get { return engine.AlgorithmName + "/ISO9796-1Padding"; } + } + + public IAsymmetricBlockCipher GetUnderlyingCipher() + { + return engine; + } + + public void Init( + bool forEncryption, + ICipherParameters parameters) + { + RsaKeyParameters kParam; + if (parameters is ParametersWithRandom) + { + ParametersWithRandom rParam = (ParametersWithRandom)parameters; + kParam = (RsaKeyParameters)rParam.Parameters; + } + else + { + kParam = (RsaKeyParameters)parameters; + } + + engine.Init(forEncryption, parameters); + + modulus = kParam.Modulus; + bitSize = modulus.BitLength; + + this.forEncryption = forEncryption; + } + + /** + * return the input block size. The largest message we can process + * is (key_size_in_bits + 3)/16, which in our world comes to + * key_size_in_bytes / 2. + */ + public int GetInputBlockSize() + { + int baseBlockSize = engine.GetInputBlockSize(); + + if (forEncryption) + { + return (baseBlockSize + 1) / 2; + } + else + { + return baseBlockSize; + } + } + + /** + * return the maximum possible size for the output. + */ + public int GetOutputBlockSize() + { + int baseBlockSize = engine.GetOutputBlockSize(); + + if (forEncryption) + { + return baseBlockSize; + } + else + { + return (baseBlockSize + 1) / 2; + } + } + + /** + * set the number of bits in the next message to be treated as + * pad bits. + */ + public void SetPadBits( + int padBits) + { + if (padBits > 7) + { + throw new ArgumentException("padBits > 7"); + } + + this.padBits = padBits; + } + + /** + * retrieve the number of pad bits in the last decoded message. + */ + public int GetPadBits() + { + return padBits; + } + + public byte[] ProcessBlock( + byte[] input, + int inOff, + int length) + { + if (forEncryption) + { + return EncodeBlock(input, inOff, length); + } + else + { + return DecodeBlock(input, inOff, length); + } + } + + private byte[] EncodeBlock( + byte[] input, + int inOff, + int inLen) + { + byte[] block = new byte[(bitSize + 7) / 8]; + int r = padBits + 1; + int z = inLen; + int t = (bitSize + 13) / 16; + + for (int i = 0; i < t; i += z) + { + if (i > t - z) + { + Array.Copy(input, inOff + inLen - (t - i), + block, block.Length - t, t - i); + } + else + { + Array.Copy(input, inOff, block, block.Length - (i + z), z); + } + } + + for (int i = block.Length - 2 * t; i != block.Length; i += 2) + { + byte val = block[block.Length - t + i / 2]; + + block[i] = (byte)((shadows[(uint) (val & 0xff) >> 4] << 4) + | shadows[val & 0x0f]); + block[i + 1] = val; + } + + block[block.Length - 2 * z] ^= (byte) r; + block[block.Length - 1] = (byte)((block[block.Length - 1] << 4) | 0x06); + + int maxBit = (8 - (bitSize - 1) % 8); + int offSet = 0; + + if (maxBit != 8) + { + block[0] &= (byte) ((ushort) 0xff >> maxBit); + block[0] |= (byte) ((ushort) 0x80 >> maxBit); + } + else + { + block[0] = 0x00; + block[1] |= 0x80; + offSet = 1; + } + + return engine.ProcessBlock(block, offSet, block.Length - offSet); + } + + /** + * @exception InvalidCipherTextException if the decrypted block is not a valid ISO 9796 bit string + */ + private byte[] DecodeBlock( + byte[] input, + int inOff, + int inLen) + { + byte[] block = engine.ProcessBlock(input, inOff, inLen); + int r = 1; + int t = (bitSize + 13) / 16; + + BigInteger iS = new BigInteger(1, block); + BigInteger iR; + if (iS.Mod(Sixteen).Equals(Six)) + { + iR = iS; + } + else + { + iR = modulus.Subtract(iS); + + if (!iR.Mod(Sixteen).Equals(Six)) + throw new InvalidCipherTextException("resulting integer iS or (modulus - iS) is not congruent to 6 mod 16"); + } + + block = iR.ToByteArrayUnsigned(); + + if ((block[block.Length - 1] & 0x0f) != 0x6) + throw new InvalidCipherTextException("invalid forcing byte in block"); + + block[block.Length - 1] = + (byte)(((ushort)(block[block.Length - 1] & 0xff) >> 4) + | ((inverse[(block[block.Length - 2] & 0xff) >> 4]) << 4)); + + block[0] = (byte)((shadows[(uint) (block[1] & 0xff) >> 4] << 4) + | shadows[block[1] & 0x0f]); + + bool boundaryFound = false; + int boundary = 0; + + for (int i = block.Length - 1; i >= block.Length - 2 * t; i -= 2) + { + int val = ((shadows[(uint) (block[i] & 0xff) >> 4] << 4) + | shadows[block[i] & 0x0f]); + + if (((block[i - 1] ^ val) & 0xff) != 0) + { + if (!boundaryFound) + { + boundaryFound = true; + r = (block[i - 1] ^ val) & 0xff; + boundary = i - 1; + } + else + { + throw new InvalidCipherTextException("invalid tsums in block"); + } + } + } + + block[boundary] = 0; + + byte[] nblock = new byte[(block.Length - boundary) / 2]; + + for (int i = 0; i < nblock.Length; i++) + { + nblock[i] = block[2 * i + boundary + 1]; + } + + padBits = r - 1; + + return nblock; + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/encodings/OaepEncoding.cs b/BouncyCastle/crypto/src/crypto/encodings/OaepEncoding.cs new file mode 100644 index 0000000..f3550b9 --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/encodings/OaepEncoding.cs @@ -0,0 +1,361 @@ +using System; + +using Org.BouncyCastle.Crypto.Digests; +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Crypto.Utilities; +using Org.BouncyCastle.Security; +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Crypto.Encodings +{ + /** + * Optimal Asymmetric Encryption Padding (OAEP) - see PKCS 1 V 2. + */ + public class OaepEncoding + : IAsymmetricBlockCipher + { + private byte[] defHash; + private IDigest mgf1Hash; + + private IAsymmetricBlockCipher engine; + private SecureRandom random; + private bool forEncryption; + + public OaepEncoding( + IAsymmetricBlockCipher cipher) + : this(cipher, new Sha1Digest(), null) + { + } + + public OaepEncoding( + IAsymmetricBlockCipher cipher, + IDigest hash) + : this(cipher, hash, null) + { + } + + public OaepEncoding( + IAsymmetricBlockCipher cipher, + IDigest hash, + byte[] encodingParams) + : this(cipher, hash, hash, encodingParams) + { + } + + public OaepEncoding( + IAsymmetricBlockCipher cipher, + IDigest hash, + IDigest mgf1Hash, + byte[] encodingParams) + { + this.engine = cipher; + this.mgf1Hash = mgf1Hash; + this.defHash = new byte[hash.GetDigestSize()]; + + hash.Reset(); + + if (encodingParams != null) + { + hash.BlockUpdate(encodingParams, 0, encodingParams.Length); + } + + hash.DoFinal(defHash, 0); + } + + public IAsymmetricBlockCipher GetUnderlyingCipher() + { + return engine; + } + + public string AlgorithmName + { + get { return engine.AlgorithmName + "/OAEPPadding"; } + } + + public void Init( + bool forEncryption, + ICipherParameters param) + { + if (param is ParametersWithRandom) + { + ParametersWithRandom rParam = (ParametersWithRandom)param; + this.random = rParam.Random; + } + else + { + this.random = new SecureRandom(); + } + + engine.Init(forEncryption, param); + + this.forEncryption = forEncryption; + } + + public int GetInputBlockSize() + { + int baseBlockSize = engine.GetInputBlockSize(); + + if (forEncryption) + { + return baseBlockSize - 1 - 2 * defHash.Length; + } + else + { + return baseBlockSize; + } + } + + public int GetOutputBlockSize() + { + int baseBlockSize = engine.GetOutputBlockSize(); + + if (forEncryption) + { + return baseBlockSize; + } + else + { + return baseBlockSize - 1 - 2 * defHash.Length; + } + } + + public byte[] ProcessBlock( + byte[] inBytes, + int inOff, + int inLen) + { + if (forEncryption) + { + return EncodeBlock(inBytes, inOff, inLen); + } + else + { + return DecodeBlock(inBytes, inOff, inLen); + } + } + + private byte[] EncodeBlock( + byte[] inBytes, + int inOff, + int inLen) + { + Check.DataLength(inLen > GetInputBlockSize(), "input data too long"); + + byte[] block = new byte[GetInputBlockSize() + 1 + 2 * defHash.Length]; + + // + // copy in the message + // + Array.Copy(inBytes, inOff, block, block.Length - inLen, inLen); + + // + // add sentinel + // + block[block.Length - inLen - 1] = 0x01; + + // + // as the block is already zeroed - there's no need to add PS (the >= 0 pad of 0) + // + + // + // add the hash of the encoding params. + // + Array.Copy(defHash, 0, block, defHash.Length, defHash.Length); + + // + // generate the seed. + // + byte[] seed = SecureRandom.GetNextBytes(random, defHash.Length); + + // + // mask the message block. + // + byte[] mask = MaskGeneratorFunction(seed, 0, seed.Length, block.Length - defHash.Length); + + for (int i = defHash.Length; i != block.Length; i++) + { + block[i] ^= mask[i - defHash.Length]; + } + + // + // add in the seed + // + Array.Copy(seed, 0, block, 0, defHash.Length); + + // + // mask the seed. + // + mask = MaskGeneratorFunction( + block, defHash.Length, block.Length - defHash.Length, defHash.Length); + + for (int i = 0; i != defHash.Length; i++) + { + block[i] ^= mask[i]; + } + + return engine.ProcessBlock(block, 0, block.Length); + } + + /** + * @exception InvalidCipherTextException if the decrypted block turns out to + * be badly formatted. + */ + private byte[] DecodeBlock( + byte[] inBytes, + int inOff, + int inLen) + { + byte[] data = engine.ProcessBlock(inBytes, inOff, inLen); + byte[] block = new byte[engine.GetOutputBlockSize()]; + + // + // as we may have zeros in our leading bytes for the block we produced + // on encryption, we need to make sure our decrypted block comes back + // the same size. + // + // i.e. wrong when block.length < (2 * defHash.length) + 1 + int wrongMask = (block.Length - ((2 * defHash.Length) + 1)) >> 31; + + if (data.Length <= block.Length) + { + Array.Copy(data, 0, block, block.Length - data.Length, data.Length); + } + else + { + Array.Copy(data, 0, block, 0, block.Length); + wrongMask |= 1; + } + + // + // unmask the seed. + // + byte[] mask = MaskGeneratorFunction( + block, defHash.Length, block.Length - defHash.Length, defHash.Length); + + for (int i = 0; i != defHash.Length; i++) + { + block[i] ^= mask[i]; + } + + // + // unmask the message block. + // + mask = MaskGeneratorFunction(block, 0, defHash.Length, block.Length - defHash.Length); + + for (int i = defHash.Length; i != block.Length; i++) + { + block[i] ^= mask[i - defHash.Length]; + } + + // + // check the hash of the encoding params. + // long check to try to avoid this been a source of a timing attack. + // + for (int i = 0; i != defHash.Length; i++) + { + wrongMask |= defHash[i] ^ block[defHash.Length + i]; + } + + // + // find the data block + // + int start = -1; + + for (int index = 2 * defHash.Length; index != block.Length; index++) + { + int octet = block[index]; + + // i.e. mask will be 0xFFFFFFFF if octet is non-zero and start is (still) negative, else 0. + int shouldSetMask = (-octet & start) >> 31; + + start += index & shouldSetMask; + } + + wrongMask |= start >> 31; + ++start; + wrongMask |= block[start] ^ 1; + + if (wrongMask != 0) + { + Arrays.Fill(block, 0); + throw new InvalidCipherTextException("data wrong"); + } + + ++start; + + // + // extract the data block + // + byte[] output = new byte[block.Length - start]; + + Array.Copy(block, start, output, 0, output.Length); + Array.Clear(block, 0, block.Length); + + return output; + } + + private byte[] MaskGeneratorFunction( + byte[] Z, + int zOff, + int zLen, + int length) + { + if (mgf1Hash is IXof) + { + byte[] mask = new byte[length]; + mgf1Hash.BlockUpdate(Z, zOff, zLen); + ((IXof)mgf1Hash).DoFinal(mask, 0, mask.Length); + + return mask; + } + else + { + return MaskGeneratorFunction1(Z, zOff, zLen, length); + } + } + + /** + * mask generator function, as described in PKCS1v2. + */ + private byte[] MaskGeneratorFunction1( + byte[] Z, + int zOff, + int zLen, + int length) + { + byte[] mask = new byte[length]; + byte[] hashBuf = new byte[mgf1Hash.GetDigestSize()]; + byte[] C = new byte[4]; + int counter = 0; + + mgf1Hash.Reset(); + + while (counter < (length / hashBuf.Length)) + { + Pack.UInt32_To_BE((uint)counter, C); + + mgf1Hash.BlockUpdate(Z, zOff, zLen); + mgf1Hash.BlockUpdate(C, 0, C.Length); + mgf1Hash.DoFinal(hashBuf, 0); + + Array.Copy(hashBuf, 0, mask, counter * hashBuf.Length, hashBuf.Length); + + counter++; + } + + if ((counter * hashBuf.Length) < length) + { + Pack.UInt32_To_BE((uint)counter, C); + + mgf1Hash.BlockUpdate(Z, zOff, zLen); + mgf1Hash.BlockUpdate(C, 0, C.Length); + mgf1Hash.DoFinal(hashBuf, 0); + + Array.Copy(hashBuf, 0, mask, counter * hashBuf.Length, mask.Length - (counter * hashBuf.Length)); + } + + return mask; + } + } +} + diff --git a/BouncyCastle/crypto/src/crypto/encodings/Pkcs1Encoding.cs b/BouncyCastle/crypto/src/crypto/encodings/Pkcs1Encoding.cs new file mode 100644 index 0000000..53c046a --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/encodings/Pkcs1Encoding.cs @@ -0,0 +1,384 @@ +using System; + +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Crypto.Digests; +using Org.BouncyCastle.Security; +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Crypto.Encodings +{ + /** + * this does your basic Pkcs 1 v1.5 padding - whether or not you should be using this + * depends on your application - see Pkcs1 Version 2 for details. + */ + public class Pkcs1Encoding + : IAsymmetricBlockCipher + { + /** + * some providers fail to include the leading zero in PKCS1 encoded blocks. If you need to + * work with one of these set the system property Org.BouncyCastle.Pkcs1.Strict to false. + */ + public const string StrictLengthEnabledProperty = "Org.BouncyCastle.Pkcs1.Strict"; + + private const int HeaderLength = 10; + + /** + * The same effect can be achieved by setting the static property directly + *

+ * The static property is checked during construction of the encoding object, it is set to + * true by default. + *

+ */ + public static bool StrictLengthEnabled + { + get { return strictLengthEnabled[0]; } + set { strictLengthEnabled[0] = value; } + } + + private static readonly bool[] strictLengthEnabled; + + static Pkcs1Encoding() + { + string strictProperty = Platform.GetEnvironmentVariable(StrictLengthEnabledProperty); + + strictLengthEnabled = new bool[]{ strictProperty == null || Platform.EqualsIgnoreCase("true", strictProperty) }; + } + + + private SecureRandom random; + private IAsymmetricBlockCipher engine; + private bool forEncryption; + private bool forPrivateKey; + private bool useStrictLength; + private int pLen = -1; + private byte[] fallback = null; + private byte[] blockBuffer = null; + + /** + * Basic constructor. + * + * @param cipher + */ + public Pkcs1Encoding( + IAsymmetricBlockCipher cipher) + { + this.engine = cipher; + this.useStrictLength = StrictLengthEnabled; + } + + /** + * Constructor for decryption with a fixed plaintext length. + * + * @param cipher The cipher to use for cryptographic operation. + * @param pLen Length of the expected plaintext. + */ + public Pkcs1Encoding(IAsymmetricBlockCipher cipher, int pLen) + { + this.engine = cipher; + this.useStrictLength = StrictLengthEnabled; + this.pLen = pLen; + } + + /** + * Constructor for decryption with a fixed plaintext length and a fallback + * value that is returned, if the padding is incorrect. + * + * @param cipher + * The cipher to use for cryptographic operation. + * @param fallback + * The fallback value, we don't to a arraycopy here. + */ + public Pkcs1Encoding(IAsymmetricBlockCipher cipher, byte[] fallback) + { + this.engine = cipher; + this.useStrictLength = StrictLengthEnabled; + this.fallback = fallback; + this.pLen = fallback.Length; + } + + public IAsymmetricBlockCipher GetUnderlyingCipher() + { + return engine; + } + + public string AlgorithmName + { + get { return engine.AlgorithmName + "/PKCS1Padding"; } + } + + public void Init(bool forEncryption, ICipherParameters parameters) + { + AsymmetricKeyParameter kParam; + if (parameters is ParametersWithRandom) + { + ParametersWithRandom rParam = (ParametersWithRandom)parameters; + + this.random = rParam.Random; + kParam = (AsymmetricKeyParameter)rParam.Parameters; + } + else + { + this.random = new SecureRandom(); + kParam = (AsymmetricKeyParameter)parameters; + } + + engine.Init(forEncryption, parameters); + + this.forPrivateKey = kParam.IsPrivate; + this.forEncryption = forEncryption; + this.blockBuffer = new byte[engine.GetOutputBlockSize()]; + + if (pLen > 0 && fallback == null && random == null) + throw new ArgumentException("encoder requires random"); + } + + public int GetInputBlockSize() + { + int baseBlockSize = engine.GetInputBlockSize(); + + return forEncryption + ? baseBlockSize - HeaderLength + : baseBlockSize; + } + + public int GetOutputBlockSize() + { + int baseBlockSize = engine.GetOutputBlockSize(); + + return forEncryption + ? baseBlockSize + : baseBlockSize - HeaderLength; + } + + public byte[] ProcessBlock( + byte[] input, + int inOff, + int length) + { + return forEncryption + ? EncodeBlock(input, inOff, length) + : DecodeBlock(input, inOff, length); + } + + private byte[] EncodeBlock( + byte[] input, + int inOff, + int inLen) + { + if (inLen > GetInputBlockSize()) + throw new ArgumentException("input data too large", "inLen"); + + byte[] block = new byte[engine.GetInputBlockSize()]; + + if (forPrivateKey) + { + block[0] = 0x01; // type code 1 + + for (int i = 1; i != block.Length - inLen - 1; i++) + { + block[i] = (byte)0xFF; + } + } + else + { + random.NextBytes(block); // random fill + + block[0] = 0x02; // type code 2 + + // + // a zero byte marks the end of the padding, so all + // the pad bytes must be non-zero. + // + for (int i = 1; i != block.Length - inLen - 1; i++) + { + while (block[i] == 0) + { + block[i] = (byte)random.NextInt(); + } + } + } + + block[block.Length - inLen - 1] = 0x00; // mark the end of the padding + Array.Copy(input, inOff, block, block.Length - inLen, inLen); + + return engine.ProcessBlock(block, 0, block.Length); + } + + /** + * Checks if the argument is a correctly PKCS#1.5 encoded Plaintext + * for encryption. + * + * @param encoded The Plaintext. + * @param pLen Expected length of the plaintext. + * @return Either 0, if the encoding is correct, or -1, if it is incorrect. + */ + private static int CheckPkcs1Encoding(byte[] encoded, int pLen) + { + int correct = 0; + /* + * Check if the first two bytes are 0 2 + */ + correct |= (encoded[0] ^ 2); + + /* + * Now the padding check, check for no 0 byte in the padding + */ + int plen = encoded.Length - ( + pLen /* Length of the PMS */ + + 1 /* Final 0-byte before PMS */ + ); + + for (int i = 1; i < plen; i++) + { + int tmp = encoded[i]; + tmp |= tmp >> 1; + tmp |= tmp >> 2; + tmp |= tmp >> 4; + correct |= (tmp & 1) - 1; + } + + /* + * Make sure the padding ends with a 0 byte. + */ + correct |= encoded[encoded.Length - (pLen + 1)]; + + /* + * Return 0 or 1, depending on the result. + */ + correct |= correct >> 1; + correct |= correct >> 2; + correct |= correct >> 4; + return ~((correct & 1) - 1); + } + + /** + * Decode PKCS#1.5 encoding, and return a random value if the padding is not correct. + * + * @param in The encrypted block. + * @param inOff Offset in the encrypted block. + * @param inLen Length of the encrypted block. + * @param pLen Length of the desired output. + * @return The plaintext without padding, or a random value if the padding was incorrect. + * @throws InvalidCipherTextException + */ + private byte[] DecodeBlockOrRandom(byte[] input, int inOff, int inLen) + { + if (!forPrivateKey) + throw new InvalidCipherTextException("sorry, this method is only for decryption, not for signing"); + + byte[] block = engine.ProcessBlock(input, inOff, inLen); + byte[] random; + if (this.fallback == null) + { + random = new byte[this.pLen]; + this.random.NextBytes(random); + } + else + { + random = fallback; + } + + byte[] data = (useStrictLength & (block.Length != engine.GetOutputBlockSize())) ? blockBuffer : block; + + /* + * Check the padding. + */ + int correct = CheckPkcs1Encoding(data, this.pLen); + + /* + * Now, to a constant time constant memory copy of the decrypted value + * or the random value, depending on the validity of the padding. + */ + byte[] result = new byte[this.pLen]; + for (int i = 0; i < this.pLen; i++) + { + result[i] = (byte)((data[i + (data.Length - pLen)] & (~correct)) | (random[i] & correct)); + } + + Arrays.Fill(data, 0); + + return result; + } + + /** + * @exception InvalidCipherTextException if the decrypted block is not in Pkcs1 format. + */ + private byte[] DecodeBlock( + byte[] input, + int inOff, + int inLen) + { + /* + * If the length of the expected plaintext is known, we use a constant-time decryption. + * If the decryption fails, we return a random value. + */ + if (this.pLen != -1) + { + return this.DecodeBlockOrRandom(input, inOff, inLen); + } + + byte[] block = engine.ProcessBlock(input, inOff, inLen); + bool incorrectLength = (useStrictLength & (block.Length != engine.GetOutputBlockSize())); + + byte[] data; + if (block.Length < GetOutputBlockSize()) + { + data = blockBuffer; + } + else + { + data = block; + } + + byte expectedType = (byte)(forPrivateKey ? 2 : 1); + byte type = data[0]; + + bool badType = (type != expectedType); + + // + // find and extract the message block. + // + int start = FindStart(type, data); + + start++; // data should start at the next byte + + if (badType | (start < HeaderLength)) + { + Arrays.Fill(data, 0); + throw new InvalidCipherTextException("block incorrect"); + } + + // if we get this far, it's likely to be a genuine encoding error + if (incorrectLength) + { + Arrays.Fill(data, 0); + throw new InvalidCipherTextException("block incorrect size"); + } + + byte[] result = new byte[data.Length - start]; + + Array.Copy(data, start, result, 0, result.Length); + + return result; + } + + private int FindStart(byte type, byte[] block) + { + int start = -1; + bool padErr = false; + + for (int i = 1; i != block.Length; i++) + { + byte pad = block[i]; + + if (pad == 0 & start < 0) + { + start = i; + } + padErr |= ((type == 1) & (start < 0) & (pad != (byte)0xff)); + } + + return padErr ? -1 : start; + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/engines/AesEngine.cs b/BouncyCastle/crypto/src/crypto/engines/AesEngine.cs new file mode 100644 index 0000000..10c7209 --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/engines/AesEngine.cs @@ -0,0 +1,601 @@ +using System; +using System.Diagnostics; + +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Crypto.Utilities; +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Crypto.Engines +{ + /** + * an implementation of the AES (Rijndael), from FIPS-197. + *

+ * For further details see: http://csrc.nist.gov/encryption/aes/. + * + * This implementation is based on optimizations from Dr. Brian Gladman's paper and C code at + * http://fp.gladman.plus.com/cryptography_technology/rijndael/ + * + * There are three levels of tradeoff of speed vs memory + * Because java has no preprocessor, they are written as three separate classes from which to choose + * + * The fastest uses 8Kbytes of static tables to precompute round calculations, 4 256 word tables for encryption + * and 4 for decryption. + * + * The middle performance version uses only one 256 word table for each, for a total of 2Kbytes, + * adding 12 rotate operations per round to compute the values contained in the other tables from + * the contents of the first. + * + * The slowest version uses no static tables at all and computes the values in each round. + *

+ *

+ * This file contains the middle performance version with 2Kbytes of static tables for round precomputation. + *

+ */ + public class AesEngine + : IBlockCipher + { + // The S box + private static readonly byte[] S = + { + 99, 124, 119, 123, 242, 107, 111, 197, + 48, 1, 103, 43, 254, 215, 171, 118, + 202, 130, 201, 125, 250, 89, 71, 240, + 173, 212, 162, 175, 156, 164, 114, 192, + 183, 253, 147, 38, 54, 63, 247, 204, + 52, 165, 229, 241, 113, 216, 49, 21, + 4, 199, 35, 195, 24, 150, 5, 154, + 7, 18, 128, 226, 235, 39, 178, 117, + 9, 131, 44, 26, 27, 110, 90, 160, + 82, 59, 214, 179, 41, 227, 47, 132, + 83, 209, 0, 237, 32, 252, 177, 91, + 106, 203, 190, 57, 74, 76, 88, 207, + 208, 239, 170, 251, 67, 77, 51, 133, + 69, 249, 2, 127, 80, 60, 159, 168, + 81, 163, 64, 143, 146, 157, 56, 245, + 188, 182, 218, 33, 16, 255, 243, 210, + 205, 12, 19, 236, 95, 151, 68, 23, + 196, 167, 126, 61, 100, 93, 25, 115, + 96, 129, 79, 220, 34, 42, 144, 136, + 70, 238, 184, 20, 222, 94, 11, 219, + 224, 50, 58, 10, 73, 6, 36, 92, + 194, 211, 172, 98, 145, 149, 228, 121, + 231, 200, 55, 109, 141, 213, 78, 169, + 108, 86, 244, 234, 101, 122, 174, 8, + 186, 120, 37, 46, 28, 166, 180, 198, + 232, 221, 116, 31, 75, 189, 139, 138, + 112, 62, 181, 102, 72, 3, 246, 14, + 97, 53, 87, 185, 134, 193, 29, 158, + 225, 248, 152, 17, 105, 217, 142, 148, + 155, 30, 135, 233, 206, 85, 40, 223, + 140, 161, 137, 13, 191, 230, 66, 104, + 65, 153, 45, 15, 176, 84, 187, 22, + }; + + // The inverse S-box + private static readonly byte[] Si = + { + 82, 9, 106, 213, 48, 54, 165, 56, + 191, 64, 163, 158, 129, 243, 215, 251, + 124, 227, 57, 130, 155, 47, 255, 135, + 52, 142, 67, 68, 196, 222, 233, 203, + 84, 123, 148, 50, 166, 194, 35, 61, + 238, 76, 149, 11, 66, 250, 195, 78, + 8, 46, 161, 102, 40, 217, 36, 178, + 118, 91, 162, 73, 109, 139, 209, 37, + 114, 248, 246, 100, 134, 104, 152, 22, + 212, 164, 92, 204, 93, 101, 182, 146, + 108, 112, 72, 80, 253, 237, 185, 218, + 94, 21, 70, 87, 167, 141, 157, 132, + 144, 216, 171, 0, 140, 188, 211, 10, + 247, 228, 88, 5, 184, 179, 69, 6, + 208, 44, 30, 143, 202, 63, 15, 2, + 193, 175, 189, 3, 1, 19, 138, 107, + 58, 145, 17, 65, 79, 103, 220, 234, + 151, 242, 207, 206, 240, 180, 230, 115, + 150, 172, 116, 34, 231, 173, 53, 133, + 226, 249, 55, 232, 28, 117, 223, 110, + 71, 241, 26, 113, 29, 41, 197, 137, + 111, 183, 98, 14, 170, 24, 190, 27, + 252, 86, 62, 75, 198, 210, 121, 32, + 154, 219, 192, 254, 120, 205, 90, 244, + 31, 221, 168, 51, 136, 7, 199, 49, + 177, 18, 16, 89, 39, 128, 236, 95, + 96, 81, 127, 169, 25, 181, 74, 13, + 45, 229, 122, 159, 147, 201, 156, 239, + 160, 224, 59, 77, 174, 42, 245, 176, + 200, 235, 187, 60, 131, 83, 153, 97, + 23, 43, 4, 126, 186, 119, 214, 38, + 225, 105, 20, 99, 85, 33, 12, 125, + }; + + // vector used in calculating key schedule (powers of x in GF(256)) + private static readonly byte[] rcon = + { + 0x01, 0x02, 0x04, 0x08, 0x10, 0x20, 0x40, 0x80, 0x1b, 0x36, 0x6c, 0xd8, 0xab, 0x4d, 0x9a, + 0x2f, 0x5e, 0xbc, 0x63, 0xc6, 0x97, 0x35, 0x6a, 0xd4, 0xb3, 0x7d, 0xfa, 0xef, 0xc5, 0x91 + }; + + // precomputation tables of calculations for rounds + private static readonly uint[] T0 = + { + 0xa56363c6, 0x847c7cf8, 0x997777ee, 0x8d7b7bf6, 0x0df2f2ff, + 0xbd6b6bd6, 0xb16f6fde, 0x54c5c591, 0x50303060, 0x03010102, + 0xa96767ce, 0x7d2b2b56, 0x19fefee7, 0x62d7d7b5, 0xe6abab4d, + 0x9a7676ec, 0x45caca8f, 0x9d82821f, 0x40c9c989, 0x877d7dfa, + 0x15fafaef, 0xeb5959b2, 0xc947478e, 0x0bf0f0fb, 0xecadad41, + 0x67d4d4b3, 0xfda2a25f, 0xeaafaf45, 0xbf9c9c23, 0xf7a4a453, + 0x967272e4, 0x5bc0c09b, 0xc2b7b775, 0x1cfdfde1, 0xae93933d, + 0x6a26264c, 0x5a36366c, 0x413f3f7e, 0x02f7f7f5, 0x4fcccc83, + 0x5c343468, 0xf4a5a551, 0x34e5e5d1, 0x08f1f1f9, 0x937171e2, + 0x73d8d8ab, 0x53313162, 0x3f15152a, 0x0c040408, 0x52c7c795, + 0x65232346, 0x5ec3c39d, 0x28181830, 0xa1969637, 0x0f05050a, + 0xb59a9a2f, 0x0907070e, 0x36121224, 0x9b80801b, 0x3de2e2df, + 0x26ebebcd, 0x6927274e, 0xcdb2b27f, 0x9f7575ea, 0x1b090912, + 0x9e83831d, 0x742c2c58, 0x2e1a1a34, 0x2d1b1b36, 0xb26e6edc, + 0xee5a5ab4, 0xfba0a05b, 0xf65252a4, 0x4d3b3b76, 0x61d6d6b7, + 0xceb3b37d, 0x7b292952, 0x3ee3e3dd, 0x712f2f5e, 0x97848413, + 0xf55353a6, 0x68d1d1b9, 0x00000000, 0x2cededc1, 0x60202040, + 0x1ffcfce3, 0xc8b1b179, 0xed5b5bb6, 0xbe6a6ad4, 0x46cbcb8d, + 0xd9bebe67, 0x4b393972, 0xde4a4a94, 0xd44c4c98, 0xe85858b0, + 0x4acfcf85, 0x6bd0d0bb, 0x2aefefc5, 0xe5aaaa4f, 0x16fbfbed, + 0xc5434386, 0xd74d4d9a, 0x55333366, 0x94858511, 0xcf45458a, + 0x10f9f9e9, 0x06020204, 0x817f7ffe, 0xf05050a0, 0x443c3c78, + 0xba9f9f25, 0xe3a8a84b, 0xf35151a2, 0xfea3a35d, 0xc0404080, + 0x8a8f8f05, 0xad92923f, 0xbc9d9d21, 0x48383870, 0x04f5f5f1, + 0xdfbcbc63, 0xc1b6b677, 0x75dadaaf, 0x63212142, 0x30101020, + 0x1affffe5, 0x0ef3f3fd, 0x6dd2d2bf, 0x4ccdcd81, 0x140c0c18, + 0x35131326, 0x2fececc3, 0xe15f5fbe, 0xa2979735, 0xcc444488, + 0x3917172e, 0x57c4c493, 0xf2a7a755, 0x827e7efc, 0x473d3d7a, + 0xac6464c8, 0xe75d5dba, 0x2b191932, 0x957373e6, 0xa06060c0, + 0x98818119, 0xd14f4f9e, 0x7fdcdca3, 0x66222244, 0x7e2a2a54, + 0xab90903b, 0x8388880b, 0xca46468c, 0x29eeeec7, 0xd3b8b86b, + 0x3c141428, 0x79dedea7, 0xe25e5ebc, 0x1d0b0b16, 0x76dbdbad, + 0x3be0e0db, 0x56323264, 0x4e3a3a74, 0x1e0a0a14, 0xdb494992, + 0x0a06060c, 0x6c242448, 0xe45c5cb8, 0x5dc2c29f, 0x6ed3d3bd, + 0xefacac43, 0xa66262c4, 0xa8919139, 0xa4959531, 0x37e4e4d3, + 0x8b7979f2, 0x32e7e7d5, 0x43c8c88b, 0x5937376e, 0xb76d6dda, + 0x8c8d8d01, 0x64d5d5b1, 0xd24e4e9c, 0xe0a9a949, 0xb46c6cd8, + 0xfa5656ac, 0x07f4f4f3, 0x25eaeacf, 0xaf6565ca, 0x8e7a7af4, + 0xe9aeae47, 0x18080810, 0xd5baba6f, 0x887878f0, 0x6f25254a, + 0x722e2e5c, 0x241c1c38, 0xf1a6a657, 0xc7b4b473, 0x51c6c697, + 0x23e8e8cb, 0x7cdddda1, 0x9c7474e8, 0x211f1f3e, 0xdd4b4b96, + 0xdcbdbd61, 0x868b8b0d, 0x858a8a0f, 0x907070e0, 0x423e3e7c, + 0xc4b5b571, 0xaa6666cc, 0xd8484890, 0x05030306, 0x01f6f6f7, + 0x120e0e1c, 0xa36161c2, 0x5f35356a, 0xf95757ae, 0xd0b9b969, + 0x91868617, 0x58c1c199, 0x271d1d3a, 0xb99e9e27, 0x38e1e1d9, + 0x13f8f8eb, 0xb398982b, 0x33111122, 0xbb6969d2, 0x70d9d9a9, + 0x898e8e07, 0xa7949433, 0xb69b9b2d, 0x221e1e3c, 0x92878715, + 0x20e9e9c9, 0x49cece87, 0xff5555aa, 0x78282850, 0x7adfdfa5, + 0x8f8c8c03, 0xf8a1a159, 0x80898909, 0x170d0d1a, 0xdabfbf65, + 0x31e6e6d7, 0xc6424284, 0xb86868d0, 0xc3414182, 0xb0999929, + 0x772d2d5a, 0x110f0f1e, 0xcbb0b07b, 0xfc5454a8, 0xd6bbbb6d, + 0x3a16162c + }; + + private static readonly uint[] Tinv0 = + { + 0x50a7f451, 0x5365417e, 0xc3a4171a, 0x965e273a, 0xcb6bab3b, + 0xf1459d1f, 0xab58faac, 0x9303e34b, 0x55fa3020, 0xf66d76ad, + 0x9176cc88, 0x254c02f5, 0xfcd7e54f, 0xd7cb2ac5, 0x80443526, + 0x8fa362b5, 0x495ab1de, 0x671bba25, 0x980eea45, 0xe1c0fe5d, + 0x02752fc3, 0x12f04c81, 0xa397468d, 0xc6f9d36b, 0xe75f8f03, + 0x959c9215, 0xeb7a6dbf, 0xda595295, 0x2d83bed4, 0xd3217458, + 0x2969e049, 0x44c8c98e, 0x6a89c275, 0x78798ef4, 0x6b3e5899, + 0xdd71b927, 0xb64fe1be, 0x17ad88f0, 0x66ac20c9, 0xb43ace7d, + 0x184adf63, 0x82311ae5, 0x60335197, 0x457f5362, 0xe07764b1, + 0x84ae6bbb, 0x1ca081fe, 0x942b08f9, 0x58684870, 0x19fd458f, + 0x876cde94, 0xb7f87b52, 0x23d373ab, 0xe2024b72, 0x578f1fe3, + 0x2aab5566, 0x0728ebb2, 0x03c2b52f, 0x9a7bc586, 0xa50837d3, + 0xf2872830, 0xb2a5bf23, 0xba6a0302, 0x5c8216ed, 0x2b1ccf8a, + 0x92b479a7, 0xf0f207f3, 0xa1e2694e, 0xcdf4da65, 0xd5be0506, + 0x1f6234d1, 0x8afea6c4, 0x9d532e34, 0xa055f3a2, 0x32e18a05, + 0x75ebf6a4, 0x39ec830b, 0xaaef6040, 0x069f715e, 0x51106ebd, + 0xf98a213e, 0x3d06dd96, 0xae053edd, 0x46bde64d, 0xb58d5491, + 0x055dc471, 0x6fd40604, 0xff155060, 0x24fb9819, 0x97e9bdd6, + 0xcc434089, 0x779ed967, 0xbd42e8b0, 0x888b8907, 0x385b19e7, + 0xdbeec879, 0x470a7ca1, 0xe90f427c, 0xc91e84f8, 0x00000000, + 0x83868009, 0x48ed2b32, 0xac70111e, 0x4e725a6c, 0xfbff0efd, + 0x5638850f, 0x1ed5ae3d, 0x27392d36, 0x64d90f0a, 0x21a65c68, + 0xd1545b9b, 0x3a2e3624, 0xb1670a0c, 0x0fe75793, 0xd296eeb4, + 0x9e919b1b, 0x4fc5c080, 0xa220dc61, 0x694b775a, 0x161a121c, + 0x0aba93e2, 0xe52aa0c0, 0x43e0223c, 0x1d171b12, 0x0b0d090e, + 0xadc78bf2, 0xb9a8b62d, 0xc8a91e14, 0x8519f157, 0x4c0775af, + 0xbbdd99ee, 0xfd607fa3, 0x9f2601f7, 0xbcf5725c, 0xc53b6644, + 0x347efb5b, 0x7629438b, 0xdcc623cb, 0x68fcedb6, 0x63f1e4b8, + 0xcadc31d7, 0x10856342, 0x40229713, 0x2011c684, 0x7d244a85, + 0xf83dbbd2, 0x1132f9ae, 0x6da129c7, 0x4b2f9e1d, 0xf330b2dc, + 0xec52860d, 0xd0e3c177, 0x6c16b32b, 0x99b970a9, 0xfa489411, + 0x2264e947, 0xc48cfca8, 0x1a3ff0a0, 0xd82c7d56, 0xef903322, + 0xc74e4987, 0xc1d138d9, 0xfea2ca8c, 0x360bd498, 0xcf81f5a6, + 0x28de7aa5, 0x268eb7da, 0xa4bfad3f, 0xe49d3a2c, 0x0d927850, + 0x9bcc5f6a, 0x62467e54, 0xc2138df6, 0xe8b8d890, 0x5ef7392e, + 0xf5afc382, 0xbe805d9f, 0x7c93d069, 0xa92dd56f, 0xb31225cf, + 0x3b99acc8, 0xa77d1810, 0x6e639ce8, 0x7bbb3bdb, 0x097826cd, + 0xf418596e, 0x01b79aec, 0xa89a4f83, 0x656e95e6, 0x7ee6ffaa, + 0x08cfbc21, 0xe6e815ef, 0xd99be7ba, 0xce366f4a, 0xd4099fea, + 0xd67cb029, 0xafb2a431, 0x31233f2a, 0x3094a5c6, 0xc066a235, + 0x37bc4e74, 0xa6ca82fc, 0xb0d090e0, 0x15d8a733, 0x4a9804f1, + 0xf7daec41, 0x0e50cd7f, 0x2ff69117, 0x8dd64d76, 0x4db0ef43, + 0x544daacc, 0xdf0496e4, 0xe3b5d19e, 0x1b886a4c, 0xb81f2cc1, + 0x7f516546, 0x04ea5e9d, 0x5d358c01, 0x737487fa, 0x2e410bfb, + 0x5a1d67b3, 0x52d2db92, 0x335610e9, 0x1347d66d, 0x8c61d79a, + 0x7a0ca137, 0x8e14f859, 0x893c13eb, 0xee27a9ce, 0x35c961b7, + 0xede51ce1, 0x3cb1477a, 0x59dfd29c, 0x3f73f255, 0x79ce1418, + 0xbf37c773, 0xeacdf753, 0x5baafd5f, 0x146f3ddf, 0x86db4478, + 0x81f3afca, 0x3ec468b9, 0x2c342438, 0x5f40a3c2, 0x72c31d16, + 0x0c25e2bc, 0x8b493c28, 0x41950dff, 0x7101a839, 0xdeb30c08, + 0x9ce4b4d8, 0x90c15664, 0x6184cb7b, 0x70b632d5, 0x745c6c48, + 0x4257b8d0 + }; + + private static uint Shift(uint r, int shift) + { + return (r >> shift) | (r << (32 - shift)); + } + + /* multiply four bytes in GF(2^8) by 'x' {02} in parallel */ + + private const uint m1 = 0x80808080; + private const uint m2 = 0x7f7f7f7f; + private const uint m3 = 0x0000001b; + private const uint m4 = 0xC0C0C0C0; + private const uint m5 = 0x3f3f3f3f; + + private static uint FFmulX(uint x) + { + return ((x & m2) << 1) ^ (((x & m1) >> 7) * m3); + } + + private static uint FFmulX2(uint x) + { + uint t0 = (x & m5) << 2; + uint t1 = (x & m4); + t1 ^= (t1 >> 1); + return t0 ^ (t1 >> 2) ^ (t1 >> 5); + } + + /* + The following defines provide alternative definitions of FFmulX that might + give improved performance if a fast 32-bit multiply is not available. + + private int FFmulX(int x) { int u = x & m1; u |= (u >> 1); return ((x & m2) << 1) ^ ((u >>> 3) | (u >>> 6)); } + private static final int m4 = 0x1b1b1b1b; + private int FFmulX(int x) { int u = x & m1; return ((x & m2) << 1) ^ ((u - (u >>> 7)) & m4); } + + */ + + private static uint Inv_Mcol(uint x) + { + uint t0, t1; + t0 = x; + t1 = t0 ^ Shift(t0, 8); + t0 ^= FFmulX(t1); + t1 ^= FFmulX2(t0); + t0 ^= t1 ^ Shift(t1, 16); + return t0; + } + + private static uint SubWord(uint x) + { + return (uint)S[x&255] + | (((uint)S[(x>>8)&255]) << 8) + | (((uint)S[(x>>16)&255]) << 16) + | (((uint)S[(x>>24)&255]) << 24); + } + + /** + * Calculate the necessary round keys + * The number of calculations depends on key size and block size + * AES specified a fixed block size of 128 bits and key sizes 128/192/256 bits + * This code is written assuming those are the only possible values + */ + private uint[][] GenerateWorkingKey(byte[] key, bool forEncryption) + { + int keyLen = key.Length; + if (keyLen < 16 || keyLen > 32 || (keyLen & 7) != 0) + throw new ArgumentException("Key length not 128/192/256 bits."); + + int KC = keyLen >> 2; + this.ROUNDS = KC + 6; // This is not always true for the generalized Rijndael that allows larger block sizes + + uint[][] W = new uint[ROUNDS + 1][]; // 4 words in a block + for (int i = 0; i <= ROUNDS; ++i) + { + W[i] = new uint[4]; + } + + switch (KC) + { + case 4: + { + uint t0 = Pack.LE_To_UInt32(key, 0); W[0][0] = t0; + uint t1 = Pack.LE_To_UInt32(key, 4); W[0][1] = t1; + uint t2 = Pack.LE_To_UInt32(key, 8); W[0][2] = t2; + uint t3 = Pack.LE_To_UInt32(key, 12); W[0][3] = t3; + + for (int i = 1; i <= 10; ++i) + { + uint u = SubWord(Shift(t3, 8)) ^ rcon[i - 1]; + t0 ^= u; W[i][0] = t0; + t1 ^= t0; W[i][1] = t1; + t2 ^= t1; W[i][2] = t2; + t3 ^= t2; W[i][3] = t3; + } + + break; + } + case 6: + { + uint t0 = Pack.LE_To_UInt32(key, 0); W[0][0] = t0; + uint t1 = Pack.LE_To_UInt32(key, 4); W[0][1] = t1; + uint t2 = Pack.LE_To_UInt32(key, 8); W[0][2] = t2; + uint t3 = Pack.LE_To_UInt32(key, 12); W[0][3] = t3; + uint t4 = Pack.LE_To_UInt32(key, 16); W[1][0] = t4; + uint t5 = Pack.LE_To_UInt32(key, 20); W[1][1] = t5; + + uint rcon = 1; + uint u = SubWord(Shift(t5, 8)) ^ rcon; rcon <<= 1; + t0 ^= u; W[1][2] = t0; + t1 ^= t0; W[1][3] = t1; + t2 ^= t1; W[2][0] = t2; + t3 ^= t2; W[2][1] = t3; + t4 ^= t3; W[2][2] = t4; + t5 ^= t4; W[2][3] = t5; + + for (int i = 3; i < 12; i += 3) + { + u = SubWord(Shift(t5, 8)) ^ rcon; rcon <<= 1; + t0 ^= u; W[i ][0] = t0; + t1 ^= t0; W[i ][1] = t1; + t2 ^= t1; W[i ][2] = t2; + t3 ^= t2; W[i ][3] = t3; + t4 ^= t3; W[i + 1][0] = t4; + t5 ^= t4; W[i + 1][1] = t5; + u = SubWord(Shift(t5, 8)) ^ rcon; rcon <<= 1; + t0 ^= u; W[i + 1][2] = t0; + t1 ^= t0; W[i + 1][3] = t1; + t2 ^= t1; W[i + 2][0] = t2; + t3 ^= t2; W[i + 2][1] = t3; + t4 ^= t3; W[i + 2][2] = t4; + t5 ^= t4; W[i + 2][3] = t5; + } + + u = SubWord(Shift(t5, 8)) ^ rcon; + t0 ^= u; W[12][0] = t0; + t1 ^= t0; W[12][1] = t1; + t2 ^= t1; W[12][2] = t2; + t3 ^= t2; W[12][3] = t3; + + break; + } + case 8: + { + uint t0 = Pack.LE_To_UInt32(key, 0); W[0][0] = t0; + uint t1 = Pack.LE_To_UInt32(key, 4); W[0][1] = t1; + uint t2 = Pack.LE_To_UInt32(key, 8); W[0][2] = t2; + uint t3 = Pack.LE_To_UInt32(key, 12); W[0][3] = t3; + uint t4 = Pack.LE_To_UInt32(key, 16); W[1][0] = t4; + uint t5 = Pack.LE_To_UInt32(key, 20); W[1][1] = t5; + uint t6 = Pack.LE_To_UInt32(key, 24); W[1][2] = t6; + uint t7 = Pack.LE_To_UInt32(key, 28); W[1][3] = t7; + + uint u, rcon = 1; + + for (int i = 2; i < 14; i += 2) + { + u = SubWord(Shift(t7, 8)) ^ rcon; rcon <<= 1; + t0 ^= u; W[i ][0] = t0; + t1 ^= t0; W[i ][1] = t1; + t2 ^= t1; W[i ][2] = t2; + t3 ^= t2; W[i ][3] = t3; + u = SubWord(t3); + t4 ^= u; W[i + 1][0] = t4; + t5 ^= t4; W[i + 1][1] = t5; + t6 ^= t5; W[i + 1][2] = t6; + t7 ^= t6; W[i + 1][3] = t7; + } + + u = SubWord(Shift(t7, 8)) ^ rcon; + t0 ^= u; W[14][0] = t0; + t1 ^= t0; W[14][1] = t1; + t2 ^= t1; W[14][2] = t2; + t3 ^= t2; W[14][3] = t3; + + break; + } + default: + { + throw new InvalidOperationException("Should never get here"); + } + } + + if (!forEncryption) + { + for (int j = 1; j < ROUNDS; j++) + { + uint[] w = W[j]; + for (int i = 0; i < 4; i++) + { + w[i] = Inv_Mcol(w[i]); + } + } + } + + return W; + } + + private int ROUNDS; + private uint[][] WorkingKey; + private bool forEncryption; + + private byte[] s; + + private const int BLOCK_SIZE = 16; + + /** + * default constructor - 128 bit block size. + */ + public AesEngine() + { + } + + /** + * initialise an AES cipher. + * + * @param forEncryption whether or not we are for encryption. + * @param parameters the parameters required to set up the cipher. + * @exception ArgumentException if the parameters argument is + * inappropriate. + */ + public virtual void Init( + bool forEncryption, + ICipherParameters parameters) + { + KeyParameter keyParameter = parameters as KeyParameter; + + if (keyParameter == null) + throw new ArgumentException("invalid parameter passed to AES init - " + + Platform.GetTypeName(parameters)); + + WorkingKey = GenerateWorkingKey(keyParameter.GetKey(), forEncryption); + + this.forEncryption = forEncryption; + this.s = Arrays.Clone(forEncryption ? S : Si); + } + + public virtual string AlgorithmName + { + get { return "AES"; } + } + + public virtual bool IsPartialBlockOkay + { + get { return false; } + } + + public virtual int GetBlockSize() + { + return BLOCK_SIZE; + } + + public virtual int ProcessBlock(byte[] input, int inOff, byte[] output, int outOff) + { + if (WorkingKey == null) + throw new InvalidOperationException("AES engine not initialised"); + + Check.DataLength(input, inOff, 16, "input buffer too short"); + Check.OutputLength(output, outOff, 16, "output buffer too short"); + + if (forEncryption) + { + EncryptBlock(input, inOff, output, outOff, WorkingKey); + } + else + { + DecryptBlock(input, inOff, output, outOff, WorkingKey); + } + + return BLOCK_SIZE; + } + + public virtual void Reset() + { + } + + private void EncryptBlock(byte[] input, int inOff, byte[] output, int outOff, uint[][] KW) + { + uint C0 = Pack.LE_To_UInt32(input, inOff + 0); + uint C1 = Pack.LE_To_UInt32(input, inOff + 4); + uint C2 = Pack.LE_To_UInt32(input, inOff + 8); + uint C3 = Pack.LE_To_UInt32(input, inOff + 12); + + uint[] kw = KW[0]; + uint t0 = C0 ^ kw[0]; + uint t1 = C1 ^ kw[1]; + uint t2 = C2 ^ kw[2]; + + uint r0, r1, r2, r3 = C3 ^ kw[3]; + int r = 1; + while (r < ROUNDS - 1) + { + kw = KW[r++]; + r0 = T0[t0 & 255] ^ Shift(T0[(t1 >> 8) & 255], 24) ^ Shift(T0[(t2 >> 16) & 255], 16) ^ Shift(T0[(r3 >> 24) & 255], 8) ^ kw[0]; + r1 = T0[t1 & 255] ^ Shift(T0[(t2 >> 8) & 255], 24) ^ Shift(T0[(r3 >> 16) & 255], 16) ^ Shift(T0[(t0 >> 24) & 255], 8) ^ kw[1]; + r2 = T0[t2 & 255] ^ Shift(T0[(r3 >> 8) & 255], 24) ^ Shift(T0[(t0 >> 16) & 255], 16) ^ Shift(T0[(t1 >> 24) & 255], 8) ^ kw[2]; + r3 = T0[r3 & 255] ^ Shift(T0[(t0 >> 8) & 255], 24) ^ Shift(T0[(t1 >> 16) & 255], 16) ^ Shift(T0[(t2 >> 24) & 255], 8) ^ kw[3]; + kw = KW[r++]; + t0 = T0[r0 & 255] ^ Shift(T0[(r1 >> 8) & 255], 24) ^ Shift(T0[(r2 >> 16) & 255], 16) ^ Shift(T0[(r3 >> 24) & 255], 8) ^ kw[0]; + t1 = T0[r1 & 255] ^ Shift(T0[(r2 >> 8) & 255], 24) ^ Shift(T0[(r3 >> 16) & 255], 16) ^ Shift(T0[(r0 >> 24) & 255], 8) ^ kw[1]; + t2 = T0[r2 & 255] ^ Shift(T0[(r3 >> 8) & 255], 24) ^ Shift(T0[(r0 >> 16) & 255], 16) ^ Shift(T0[(r1 >> 24) & 255], 8) ^ kw[2]; + r3 = T0[r3 & 255] ^ Shift(T0[(r0 >> 8) & 255], 24) ^ Shift(T0[(r1 >> 16) & 255], 16) ^ Shift(T0[(r2 >> 24) & 255], 8) ^ kw[3]; + } + + kw = KW[r++]; + r0 = T0[t0 & 255] ^ Shift(T0[(t1 >> 8) & 255], 24) ^ Shift(T0[(t2 >> 16) & 255], 16) ^ Shift(T0[(r3 >> 24) & 255], 8) ^ kw[0]; + r1 = T0[t1 & 255] ^ Shift(T0[(t2 >> 8) & 255], 24) ^ Shift(T0[(r3 >> 16) & 255], 16) ^ Shift(T0[(t0 >> 24) & 255], 8) ^ kw[1]; + r2 = T0[t2 & 255] ^ Shift(T0[(r3 >> 8) & 255], 24) ^ Shift(T0[(t0 >> 16) & 255], 16) ^ Shift(T0[(t1 >> 24) & 255], 8) ^ kw[2]; + r3 = T0[r3 & 255] ^ Shift(T0[(t0 >> 8) & 255], 24) ^ Shift(T0[(t1 >> 16) & 255], 16) ^ Shift(T0[(t2 >> 24) & 255], 8) ^ kw[3]; + + // the final round's table is a simple function of S so we don't use a whole other four tables for it + + kw = KW[r]; + C0 = (uint)S[r0 & 255] ^ (((uint)S[(r1 >> 8) & 255]) << 8) ^ (((uint)s[(r2 >> 16) & 255]) << 16) ^ (((uint)s[(r3 >> 24) & 255]) << 24) ^ kw[0]; + C1 = (uint)s[r1 & 255] ^ (((uint)S[(r2 >> 8) & 255]) << 8) ^ (((uint)S[(r3 >> 16) & 255]) << 16) ^ (((uint)s[(r0 >> 24) & 255]) << 24) ^ kw[1]; + C2 = (uint)s[r2 & 255] ^ (((uint)S[(r3 >> 8) & 255]) << 8) ^ (((uint)S[(r0 >> 16) & 255]) << 16) ^ (((uint)S[(r1 >> 24) & 255]) << 24) ^ kw[2]; + C3 = (uint)s[r3 & 255] ^ (((uint)s[(r0 >> 8) & 255]) << 8) ^ (((uint)s[(r1 >> 16) & 255]) << 16) ^ (((uint)S[(r2 >> 24) & 255]) << 24) ^ kw[3]; + + Pack.UInt32_To_LE(C0, output, outOff + 0); + Pack.UInt32_To_LE(C1, output, outOff + 4); + Pack.UInt32_To_LE(C2, output, outOff + 8); + Pack.UInt32_To_LE(C3, output, outOff + 12); + } + + private void DecryptBlock(byte[] input, int inOff, byte[] output, int outOff, uint[][] KW) + { + uint C0 = Pack.LE_To_UInt32(input, inOff + 0); + uint C1 = Pack.LE_To_UInt32(input, inOff + 4); + uint C2 = Pack.LE_To_UInt32(input, inOff + 8); + uint C3 = Pack.LE_To_UInt32(input, inOff + 12); + + uint[] kw = KW[ROUNDS]; + uint t0 = C0 ^ kw[0]; + uint t1 = C1 ^ kw[1]; + uint t2 = C2 ^ kw[2]; + + uint r0, r1, r2, r3 = C3 ^ kw[3]; + int r = ROUNDS - 1; + while (r > 1) + { + kw = KW[r--]; + r0 = Tinv0[t0 & 255] ^ Shift(Tinv0[(r3 >> 8) & 255], 24) ^ Shift(Tinv0[(t2 >> 16) & 255], 16) ^ Shift(Tinv0[(t1 >> 24) & 255], 8) ^ kw[0]; + r1 = Tinv0[t1 & 255] ^ Shift(Tinv0[(t0 >> 8) & 255], 24) ^ Shift(Tinv0[(r3 >> 16) & 255], 16) ^ Shift(Tinv0[(t2 >> 24) & 255], 8) ^ kw[1]; + r2 = Tinv0[t2 & 255] ^ Shift(Tinv0[(t1 >> 8) & 255], 24) ^ Shift(Tinv0[(t0 >> 16) & 255], 16) ^ Shift(Tinv0[(r3 >> 24) & 255], 8) ^ kw[2]; + r3 = Tinv0[r3 & 255] ^ Shift(Tinv0[(t2 >> 8) & 255], 24) ^ Shift(Tinv0[(t1 >> 16) & 255], 16) ^ Shift(Tinv0[(t0 >> 24) & 255], 8) ^ kw[3]; + kw = KW[r--]; + t0 = Tinv0[r0 & 255] ^ Shift(Tinv0[(r3 >> 8) & 255], 24) ^ Shift(Tinv0[(r2 >> 16) & 255], 16) ^ Shift(Tinv0[(r1 >> 24) & 255], 8) ^ kw[0]; + t1 = Tinv0[r1 & 255] ^ Shift(Tinv0[(r0 >> 8) & 255], 24) ^ Shift(Tinv0[(r3 >> 16) & 255], 16) ^ Shift(Tinv0[(r2 >> 24) & 255], 8) ^ kw[1]; + t2 = Tinv0[r2 & 255] ^ Shift(Tinv0[(r1 >> 8) & 255], 24) ^ Shift(Tinv0[(r0 >> 16) & 255], 16) ^ Shift(Tinv0[(r3 >> 24) & 255], 8) ^ kw[2]; + r3 = Tinv0[r3 & 255] ^ Shift(Tinv0[(r2 >> 8) & 255], 24) ^ Shift(Tinv0[(r1 >> 16) & 255], 16) ^ Shift(Tinv0[(r0 >> 24) & 255], 8) ^ kw[3]; + } + + kw = KW[1]; + r0 = Tinv0[t0 & 255] ^ Shift(Tinv0[(r3 >> 8) & 255], 24) ^ Shift(Tinv0[(t2 >> 16) & 255], 16) ^ Shift(Tinv0[(t1 >> 24) & 255], 8) ^ kw[0]; + r1 = Tinv0[t1 & 255] ^ Shift(Tinv0[(t0 >> 8) & 255], 24) ^ Shift(Tinv0[(r3 >> 16) & 255], 16) ^ Shift(Tinv0[(t2 >> 24) & 255], 8) ^ kw[1]; + r2 = Tinv0[t2 & 255] ^ Shift(Tinv0[(t1 >> 8) & 255], 24) ^ Shift(Tinv0[(t0 >> 16) & 255], 16) ^ Shift(Tinv0[(r3 >> 24) & 255], 8) ^ kw[2]; + r3 = Tinv0[r3 & 255] ^ Shift(Tinv0[(t2 >> 8) & 255], 24) ^ Shift(Tinv0[(t1 >> 16) & 255], 16) ^ Shift(Tinv0[(t0 >> 24) & 255], 8) ^ kw[3]; + + // the final round's table is a simple function of Si so we don't use a whole other four tables for it + + kw = KW[0]; + C0 = (uint)Si[r0 & 255] ^ (((uint)s[(r3 >> 8) & 255]) << 8) ^ (((uint)s[(r2 >> 16) & 255]) << 16) ^ (((uint)Si[(r1 >> 24) & 255]) << 24) ^ kw[0]; + C1 = (uint)s[r1 & 255] ^ (((uint)s[(r0 >> 8) & 255]) << 8) ^ (((uint)Si[(r3 >> 16) & 255]) << 16) ^ (((uint)s[(r2 >> 24) & 255]) << 24) ^ kw[1]; + C2 = (uint)s[r2 & 255] ^ (((uint)Si[(r1 >> 8) & 255]) << 8) ^ (((uint)Si[(r0 >> 16) & 255]) << 16) ^ (((uint)s[(r3 >> 24) & 255]) << 24) ^ kw[2]; + C3 = (uint)Si[r3 & 255] ^ (((uint)s[(r2 >> 8) & 255]) << 8) ^ (((uint)s[(r1 >> 16) & 255]) << 16) ^ (((uint)s[(r0 >> 24) & 255]) << 24) ^ kw[3]; + + Pack.UInt32_To_LE(C0, output, outOff + 0); + Pack.UInt32_To_LE(C1, output, outOff + 4); + Pack.UInt32_To_LE(C2, output, outOff + 8); + Pack.UInt32_To_LE(C3, output, outOff + 12); + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/engines/AesFastEngine.cs b/BouncyCastle/crypto/src/crypto/engines/AesFastEngine.cs new file mode 100644 index 0000000..32e1795 --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/engines/AesFastEngine.cs @@ -0,0 +1,939 @@ +using System; +using System.Diagnostics; + +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Crypto.Utilities; +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Crypto.Engines +{ + /** + * an implementation of the AES (Rijndael)), from FIPS-197. + *

+ * For further details see: http://csrc.nist.gov/encryption/aes/. + * + * This implementation is based on optimizations from Dr. Brian Gladman's paper and C code at + * http://fp.gladman.plus.com/cryptography_technology/rijndael/ + * + * There are three levels of tradeoff of speed vs memory + * Because java has no preprocessor), they are written as three separate classes from which to choose + * + * The fastest uses 8Kbytes of static tables to precompute round calculations), 4 256 word tables for encryption + * and 4 for decryption. + * + * The middle performance version uses only one 256 word table for each), for a total of 2Kbytes), + * adding 12 rotate operations per round to compute the values contained in the other tables from + * the contents of the first + * + * The slowest version uses no static tables at all and computes the values in each round + *

+ *

+ * This file contains the fast version with 8Kbytes of static tables for round precomputation + *

+ */ + /// + /// Unfortunately this class has a few side channel issues. + /// In an environment where encryption/decryption may be closely observed it should not be used. + /// + [Obsolete("Use AesEngine instead")] + public class AesFastEngine + : IBlockCipher + { + // The S box + private static readonly byte[] S = + { + 99, 124, 119, 123, 242, 107, 111, 197, + 48, 1, 103, 43, 254, 215, 171, 118, + 202, 130, 201, 125, 250, 89, 71, 240, + 173, 212, 162, 175, 156, 164, 114, 192, + 183, 253, 147, 38, 54, 63, 247, 204, + 52, 165, 229, 241, 113, 216, 49, 21, + 4, 199, 35, 195, 24, 150, 5, 154, + 7, 18, 128, 226, 235, 39, 178, 117, + 9, 131, 44, 26, 27, 110, 90, 160, + 82, 59, 214, 179, 41, 227, 47, 132, + 83, 209, 0, 237, 32, 252, 177, 91, + 106, 203, 190, 57, 74, 76, 88, 207, + 208, 239, 170, 251, 67, 77, 51, 133, + 69, 249, 2, 127, 80, 60, 159, 168, + 81, 163, 64, 143, 146, 157, 56, 245, + 188, 182, 218, 33, 16, 255, 243, 210, + 205, 12, 19, 236, 95, 151, 68, 23, + 196, 167, 126, 61, 100, 93, 25, 115, + 96, 129, 79, 220, 34, 42, 144, 136, + 70, 238, 184, 20, 222, 94, 11, 219, + 224, 50, 58, 10, 73, 6, 36, 92, + 194, 211, 172, 98, 145, 149, 228, 121, + 231, 200, 55, 109, 141, 213, 78, 169, + 108, 86, 244, 234, 101, 122, 174, 8, + 186, 120, 37, 46, 28, 166, 180, 198, + 232, 221, 116, 31, 75, 189, 139, 138, + 112, 62, 181, 102, 72, 3, 246, 14, + 97, 53, 87, 185, 134, 193, 29, 158, + 225, 248, 152, 17, 105, 217, 142, 148, + 155, 30, 135, 233, 206, 85, 40, 223, + 140, 161, 137, 13, 191, 230, 66, 104, + 65, 153, 45, 15, 176, 84, 187, 22, + }; + + // The inverse S-box + private static readonly byte[] Si = + { + 82, 9, 106, 213, 48, 54, 165, 56, + 191, 64, 163, 158, 129, 243, 215, 251, + 124, 227, 57, 130, 155, 47, 255, 135, + 52, 142, 67, 68, 196, 222, 233, 203, + 84, 123, 148, 50, 166, 194, 35, 61, + 238, 76, 149, 11, 66, 250, 195, 78, + 8, 46, 161, 102, 40, 217, 36, 178, + 118, 91, 162, 73, 109, 139, 209, 37, + 114, 248, 246, 100, 134, 104, 152, 22, + 212, 164, 92, 204, 93, 101, 182, 146, + 108, 112, 72, 80, 253, 237, 185, 218, + 94, 21, 70, 87, 167, 141, 157, 132, + 144, 216, 171, 0, 140, 188, 211, 10, + 247, 228, 88, 5, 184, 179, 69, 6, + 208, 44, 30, 143, 202, 63, 15, 2, + 193, 175, 189, 3, 1, 19, 138, 107, + 58, 145, 17, 65, 79, 103, 220, 234, + 151, 242, 207, 206, 240, 180, 230, 115, + 150, 172, 116, 34, 231, 173, 53, 133, + 226, 249, 55, 232, 28, 117, 223, 110, + 71, 241, 26, 113, 29, 41, 197, 137, + 111, 183, 98, 14, 170, 24, 190, 27, + 252, 86, 62, 75, 198, 210, 121, 32, + 154, 219, 192, 254, 120, 205, 90, 244, + 31, 221, 168, 51, 136, 7, 199, 49, + 177, 18, 16, 89, 39, 128, 236, 95, + 96, 81, 127, 169, 25, 181, 74, 13, + 45, 229, 122, 159, 147, 201, 156, 239, + 160, 224, 59, 77, 174, 42, 245, 176, + 200, 235, 187, 60, 131, 83, 153, 97, + 23, 43, 4, 126, 186, 119, 214, 38, + 225, 105, 20, 99, 85, 33, 12, 125, + }; + + // vector used in calculating key schedule (powers of x in GF(256)) + private static readonly byte[] rcon = + { + 0x01, 0x02, 0x04, 0x08, 0x10, 0x20, 0x40, 0x80, 0x1b, 0x36, 0x6c, 0xd8, 0xab, 0x4d, 0x9a, + 0x2f, 0x5e, 0xbc, 0x63, 0xc6, 0x97, 0x35, 0x6a, 0xd4, 0xb3, 0x7d, 0xfa, 0xef, 0xc5, 0x91 + }; + + // precomputation tables of calculations for rounds + private static readonly uint[] T0 = + { + 0xa56363c6, 0x847c7cf8, 0x997777ee, 0x8d7b7bf6, 0x0df2f2ff, + 0xbd6b6bd6, 0xb16f6fde, 0x54c5c591, 0x50303060, 0x03010102, + 0xa96767ce, 0x7d2b2b56, 0x19fefee7, 0x62d7d7b5, 0xe6abab4d, + 0x9a7676ec, 0x45caca8f, 0x9d82821f, 0x40c9c989, 0x877d7dfa, + 0x15fafaef, 0xeb5959b2, 0xc947478e, 0x0bf0f0fb, 0xecadad41, + 0x67d4d4b3, 0xfda2a25f, 0xeaafaf45, 0xbf9c9c23, 0xf7a4a453, + 0x967272e4, 0x5bc0c09b, 0xc2b7b775, 0x1cfdfde1, 0xae93933d, + 0x6a26264c, 0x5a36366c, 0x413f3f7e, 0x02f7f7f5, 0x4fcccc83, + 0x5c343468, 0xf4a5a551, 0x34e5e5d1, 0x08f1f1f9, 0x937171e2, + 0x73d8d8ab, 0x53313162, 0x3f15152a, 0x0c040408, 0x52c7c795, + 0x65232346, 0x5ec3c39d, 0x28181830, 0xa1969637, 0x0f05050a, + 0xb59a9a2f, 0x0907070e, 0x36121224, 0x9b80801b, 0x3de2e2df, + 0x26ebebcd, 0x6927274e, 0xcdb2b27f, 0x9f7575ea, 0x1b090912, + 0x9e83831d, 0x742c2c58, 0x2e1a1a34, 0x2d1b1b36, 0xb26e6edc, + 0xee5a5ab4, 0xfba0a05b, 0xf65252a4, 0x4d3b3b76, 0x61d6d6b7, + 0xceb3b37d, 0x7b292952, 0x3ee3e3dd, 0x712f2f5e, 0x97848413, + 0xf55353a6, 0x68d1d1b9, 0x00000000, 0x2cededc1, 0x60202040, + 0x1ffcfce3, 0xc8b1b179, 0xed5b5bb6, 0xbe6a6ad4, 0x46cbcb8d, + 0xd9bebe67, 0x4b393972, 0xde4a4a94, 0xd44c4c98, 0xe85858b0, + 0x4acfcf85, 0x6bd0d0bb, 0x2aefefc5, 0xe5aaaa4f, 0x16fbfbed, + 0xc5434386, 0xd74d4d9a, 0x55333366, 0x94858511, 0xcf45458a, + 0x10f9f9e9, 0x06020204, 0x817f7ffe, 0xf05050a0, 0x443c3c78, + 0xba9f9f25, 0xe3a8a84b, 0xf35151a2, 0xfea3a35d, 0xc0404080, + 0x8a8f8f05, 0xad92923f, 0xbc9d9d21, 0x48383870, 0x04f5f5f1, + 0xdfbcbc63, 0xc1b6b677, 0x75dadaaf, 0x63212142, 0x30101020, + 0x1affffe5, 0x0ef3f3fd, 0x6dd2d2bf, 0x4ccdcd81, 0x140c0c18, + 0x35131326, 0x2fececc3, 0xe15f5fbe, 0xa2979735, 0xcc444488, + 0x3917172e, 0x57c4c493, 0xf2a7a755, 0x827e7efc, 0x473d3d7a, + 0xac6464c8, 0xe75d5dba, 0x2b191932, 0x957373e6, 0xa06060c0, + 0x98818119, 0xd14f4f9e, 0x7fdcdca3, 0x66222244, 0x7e2a2a54, + 0xab90903b, 0x8388880b, 0xca46468c, 0x29eeeec7, 0xd3b8b86b, + 0x3c141428, 0x79dedea7, 0xe25e5ebc, 0x1d0b0b16, 0x76dbdbad, + 0x3be0e0db, 0x56323264, 0x4e3a3a74, 0x1e0a0a14, 0xdb494992, + 0x0a06060c, 0x6c242448, 0xe45c5cb8, 0x5dc2c29f, 0x6ed3d3bd, + 0xefacac43, 0xa66262c4, 0xa8919139, 0xa4959531, 0x37e4e4d3, + 0x8b7979f2, 0x32e7e7d5, 0x43c8c88b, 0x5937376e, 0xb76d6dda, + 0x8c8d8d01, 0x64d5d5b1, 0xd24e4e9c, 0xe0a9a949, 0xb46c6cd8, + 0xfa5656ac, 0x07f4f4f3, 0x25eaeacf, 0xaf6565ca, 0x8e7a7af4, + 0xe9aeae47, 0x18080810, 0xd5baba6f, 0x887878f0, 0x6f25254a, + 0x722e2e5c, 0x241c1c38, 0xf1a6a657, 0xc7b4b473, 0x51c6c697, + 0x23e8e8cb, 0x7cdddda1, 0x9c7474e8, 0x211f1f3e, 0xdd4b4b96, + 0xdcbdbd61, 0x868b8b0d, 0x858a8a0f, 0x907070e0, 0x423e3e7c, + 0xc4b5b571, 0xaa6666cc, 0xd8484890, 0x05030306, 0x01f6f6f7, + 0x120e0e1c, 0xa36161c2, 0x5f35356a, 0xf95757ae, 0xd0b9b969, + 0x91868617, 0x58c1c199, 0x271d1d3a, 0xb99e9e27, 0x38e1e1d9, + 0x13f8f8eb, 0xb398982b, 0x33111122, 0xbb6969d2, 0x70d9d9a9, + 0x898e8e07, 0xa7949433, 0xb69b9b2d, 0x221e1e3c, 0x92878715, + 0x20e9e9c9, 0x49cece87, 0xff5555aa, 0x78282850, 0x7adfdfa5, + 0x8f8c8c03, 0xf8a1a159, 0x80898909, 0x170d0d1a, 0xdabfbf65, + 0x31e6e6d7, 0xc6424284, 0xb86868d0, 0xc3414182, 0xb0999929, + 0x772d2d5a, 0x110f0f1e, 0xcbb0b07b, 0xfc5454a8, 0xd6bbbb6d, + 0x3a16162c + }; + + private static readonly uint[] T1 = + { + 0x6363c6a5, 0x7c7cf884, 0x7777ee99, 0x7b7bf68d, 0xf2f2ff0d, + 0x6b6bd6bd, 0x6f6fdeb1, 0xc5c59154, 0x30306050, 0x01010203, + 0x6767cea9, 0x2b2b567d, 0xfefee719, 0xd7d7b562, 0xabab4de6, + 0x7676ec9a, 0xcaca8f45, 0x82821f9d, 0xc9c98940, 0x7d7dfa87, + 0xfafaef15, 0x5959b2eb, 0x47478ec9, 0xf0f0fb0b, 0xadad41ec, + 0xd4d4b367, 0xa2a25ffd, 0xafaf45ea, 0x9c9c23bf, 0xa4a453f7, + 0x7272e496, 0xc0c09b5b, 0xb7b775c2, 0xfdfde11c, 0x93933dae, + 0x26264c6a, 0x36366c5a, 0x3f3f7e41, 0xf7f7f502, 0xcccc834f, + 0x3434685c, 0xa5a551f4, 0xe5e5d134, 0xf1f1f908, 0x7171e293, + 0xd8d8ab73, 0x31316253, 0x15152a3f, 0x0404080c, 0xc7c79552, + 0x23234665, 0xc3c39d5e, 0x18183028, 0x969637a1, 0x05050a0f, + 0x9a9a2fb5, 0x07070e09, 0x12122436, 0x80801b9b, 0xe2e2df3d, + 0xebebcd26, 0x27274e69, 0xb2b27fcd, 0x7575ea9f, 0x0909121b, + 0x83831d9e, 0x2c2c5874, 0x1a1a342e, 0x1b1b362d, 0x6e6edcb2, + 0x5a5ab4ee, 0xa0a05bfb, 0x5252a4f6, 0x3b3b764d, 0xd6d6b761, + 0xb3b37dce, 0x2929527b, 0xe3e3dd3e, 0x2f2f5e71, 0x84841397, + 0x5353a6f5, 0xd1d1b968, 0x00000000, 0xededc12c, 0x20204060, + 0xfcfce31f, 0xb1b179c8, 0x5b5bb6ed, 0x6a6ad4be, 0xcbcb8d46, + 0xbebe67d9, 0x3939724b, 0x4a4a94de, 0x4c4c98d4, 0x5858b0e8, + 0xcfcf854a, 0xd0d0bb6b, 0xefefc52a, 0xaaaa4fe5, 0xfbfbed16, + 0x434386c5, 0x4d4d9ad7, 0x33336655, 0x85851194, 0x45458acf, + 0xf9f9e910, 0x02020406, 0x7f7ffe81, 0x5050a0f0, 0x3c3c7844, + 0x9f9f25ba, 0xa8a84be3, 0x5151a2f3, 0xa3a35dfe, 0x404080c0, + 0x8f8f058a, 0x92923fad, 0x9d9d21bc, 0x38387048, 0xf5f5f104, + 0xbcbc63df, 0xb6b677c1, 0xdadaaf75, 0x21214263, 0x10102030, + 0xffffe51a, 0xf3f3fd0e, 0xd2d2bf6d, 0xcdcd814c, 0x0c0c1814, + 0x13132635, 0xececc32f, 0x5f5fbee1, 0x979735a2, 0x444488cc, + 0x17172e39, 0xc4c49357, 0xa7a755f2, 0x7e7efc82, 0x3d3d7a47, + 0x6464c8ac, 0x5d5dbae7, 0x1919322b, 0x7373e695, 0x6060c0a0, + 0x81811998, 0x4f4f9ed1, 0xdcdca37f, 0x22224466, 0x2a2a547e, + 0x90903bab, 0x88880b83, 0x46468cca, 0xeeeec729, 0xb8b86bd3, + 0x1414283c, 0xdedea779, 0x5e5ebce2, 0x0b0b161d, 0xdbdbad76, + 0xe0e0db3b, 0x32326456, 0x3a3a744e, 0x0a0a141e, 0x494992db, + 0x06060c0a, 0x2424486c, 0x5c5cb8e4, 0xc2c29f5d, 0xd3d3bd6e, + 0xacac43ef, 0x6262c4a6, 0x919139a8, 0x959531a4, 0xe4e4d337, + 0x7979f28b, 0xe7e7d532, 0xc8c88b43, 0x37376e59, 0x6d6ddab7, + 0x8d8d018c, 0xd5d5b164, 0x4e4e9cd2, 0xa9a949e0, 0x6c6cd8b4, + 0x5656acfa, 0xf4f4f307, 0xeaeacf25, 0x6565caaf, 0x7a7af48e, + 0xaeae47e9, 0x08081018, 0xbaba6fd5, 0x7878f088, 0x25254a6f, + 0x2e2e5c72, 0x1c1c3824, 0xa6a657f1, 0xb4b473c7, 0xc6c69751, + 0xe8e8cb23, 0xdddda17c, 0x7474e89c, 0x1f1f3e21, 0x4b4b96dd, + 0xbdbd61dc, 0x8b8b0d86, 0x8a8a0f85, 0x7070e090, 0x3e3e7c42, + 0xb5b571c4, 0x6666ccaa, 0x484890d8, 0x03030605, 0xf6f6f701, + 0x0e0e1c12, 0x6161c2a3, 0x35356a5f, 0x5757aef9, 0xb9b969d0, + 0x86861791, 0xc1c19958, 0x1d1d3a27, 0x9e9e27b9, 0xe1e1d938, + 0xf8f8eb13, 0x98982bb3, 0x11112233, 0x6969d2bb, 0xd9d9a970, + 0x8e8e0789, 0x949433a7, 0x9b9b2db6, 0x1e1e3c22, 0x87871592, + 0xe9e9c920, 0xcece8749, 0x5555aaff, 0x28285078, 0xdfdfa57a, + 0x8c8c038f, 0xa1a159f8, 0x89890980, 0x0d0d1a17, 0xbfbf65da, + 0xe6e6d731, 0x424284c6, 0x6868d0b8, 0x414182c3, 0x999929b0, + 0x2d2d5a77, 0x0f0f1e11, 0xb0b07bcb, 0x5454a8fc, 0xbbbb6dd6, + 0x16162c3a + }; + + private static readonly uint[] T2 = + { + 0x63c6a563, 0x7cf8847c, 0x77ee9977, 0x7bf68d7b, 0xf2ff0df2, + 0x6bd6bd6b, 0x6fdeb16f, 0xc59154c5, 0x30605030, 0x01020301, + 0x67cea967, 0x2b567d2b, 0xfee719fe, 0xd7b562d7, 0xab4de6ab, + 0x76ec9a76, 0xca8f45ca, 0x821f9d82, 0xc98940c9, 0x7dfa877d, + 0xfaef15fa, 0x59b2eb59, 0x478ec947, 0xf0fb0bf0, 0xad41ecad, + 0xd4b367d4, 0xa25ffda2, 0xaf45eaaf, 0x9c23bf9c, 0xa453f7a4, + 0x72e49672, 0xc09b5bc0, 0xb775c2b7, 0xfde11cfd, 0x933dae93, + 0x264c6a26, 0x366c5a36, 0x3f7e413f, 0xf7f502f7, 0xcc834fcc, + 0x34685c34, 0xa551f4a5, 0xe5d134e5, 0xf1f908f1, 0x71e29371, + 0xd8ab73d8, 0x31625331, 0x152a3f15, 0x04080c04, 0xc79552c7, + 0x23466523, 0xc39d5ec3, 0x18302818, 0x9637a196, 0x050a0f05, + 0x9a2fb59a, 0x070e0907, 0x12243612, 0x801b9b80, 0xe2df3de2, + 0xebcd26eb, 0x274e6927, 0xb27fcdb2, 0x75ea9f75, 0x09121b09, + 0x831d9e83, 0x2c58742c, 0x1a342e1a, 0x1b362d1b, 0x6edcb26e, + 0x5ab4ee5a, 0xa05bfba0, 0x52a4f652, 0x3b764d3b, 0xd6b761d6, + 0xb37dceb3, 0x29527b29, 0xe3dd3ee3, 0x2f5e712f, 0x84139784, + 0x53a6f553, 0xd1b968d1, 0x00000000, 0xedc12ced, 0x20406020, + 0xfce31ffc, 0xb179c8b1, 0x5bb6ed5b, 0x6ad4be6a, 0xcb8d46cb, + 0xbe67d9be, 0x39724b39, 0x4a94de4a, 0x4c98d44c, 0x58b0e858, + 0xcf854acf, 0xd0bb6bd0, 0xefc52aef, 0xaa4fe5aa, 0xfbed16fb, + 0x4386c543, 0x4d9ad74d, 0x33665533, 0x85119485, 0x458acf45, + 0xf9e910f9, 0x02040602, 0x7ffe817f, 0x50a0f050, 0x3c78443c, + 0x9f25ba9f, 0xa84be3a8, 0x51a2f351, 0xa35dfea3, 0x4080c040, + 0x8f058a8f, 0x923fad92, 0x9d21bc9d, 0x38704838, 0xf5f104f5, + 0xbc63dfbc, 0xb677c1b6, 0xdaaf75da, 0x21426321, 0x10203010, + 0xffe51aff, 0xf3fd0ef3, 0xd2bf6dd2, 0xcd814ccd, 0x0c18140c, + 0x13263513, 0xecc32fec, 0x5fbee15f, 0x9735a297, 0x4488cc44, + 0x172e3917, 0xc49357c4, 0xa755f2a7, 0x7efc827e, 0x3d7a473d, + 0x64c8ac64, 0x5dbae75d, 0x19322b19, 0x73e69573, 0x60c0a060, + 0x81199881, 0x4f9ed14f, 0xdca37fdc, 0x22446622, 0x2a547e2a, + 0x903bab90, 0x880b8388, 0x468cca46, 0xeec729ee, 0xb86bd3b8, + 0x14283c14, 0xdea779de, 0x5ebce25e, 0x0b161d0b, 0xdbad76db, + 0xe0db3be0, 0x32645632, 0x3a744e3a, 0x0a141e0a, 0x4992db49, + 0x060c0a06, 0x24486c24, 0x5cb8e45c, 0xc29f5dc2, 0xd3bd6ed3, + 0xac43efac, 0x62c4a662, 0x9139a891, 0x9531a495, 0xe4d337e4, + 0x79f28b79, 0xe7d532e7, 0xc88b43c8, 0x376e5937, 0x6ddab76d, + 0x8d018c8d, 0xd5b164d5, 0x4e9cd24e, 0xa949e0a9, 0x6cd8b46c, + 0x56acfa56, 0xf4f307f4, 0xeacf25ea, 0x65caaf65, 0x7af48e7a, + 0xae47e9ae, 0x08101808, 0xba6fd5ba, 0x78f08878, 0x254a6f25, + 0x2e5c722e, 0x1c38241c, 0xa657f1a6, 0xb473c7b4, 0xc69751c6, + 0xe8cb23e8, 0xdda17cdd, 0x74e89c74, 0x1f3e211f, 0x4b96dd4b, + 0xbd61dcbd, 0x8b0d868b, 0x8a0f858a, 0x70e09070, 0x3e7c423e, + 0xb571c4b5, 0x66ccaa66, 0x4890d848, 0x03060503, 0xf6f701f6, + 0x0e1c120e, 0x61c2a361, 0x356a5f35, 0x57aef957, 0xb969d0b9, + 0x86179186, 0xc19958c1, 0x1d3a271d, 0x9e27b99e, 0xe1d938e1, + 0xf8eb13f8, 0x982bb398, 0x11223311, 0x69d2bb69, 0xd9a970d9, + 0x8e07898e, 0x9433a794, 0x9b2db69b, 0x1e3c221e, 0x87159287, + 0xe9c920e9, 0xce8749ce, 0x55aaff55, 0x28507828, 0xdfa57adf, + 0x8c038f8c, 0xa159f8a1, 0x89098089, 0x0d1a170d, 0xbf65dabf, + 0xe6d731e6, 0x4284c642, 0x68d0b868, 0x4182c341, 0x9929b099, + 0x2d5a772d, 0x0f1e110f, 0xb07bcbb0, 0x54a8fc54, 0xbb6dd6bb, + 0x162c3a16 + }; + + private static readonly uint[] T3 = + { + 0xc6a56363, 0xf8847c7c, 0xee997777, 0xf68d7b7b, 0xff0df2f2, + 0xd6bd6b6b, 0xdeb16f6f, 0x9154c5c5, 0x60503030, 0x02030101, + 0xcea96767, 0x567d2b2b, 0xe719fefe, 0xb562d7d7, 0x4de6abab, + 0xec9a7676, 0x8f45caca, 0x1f9d8282, 0x8940c9c9, 0xfa877d7d, + 0xef15fafa, 0xb2eb5959, 0x8ec94747, 0xfb0bf0f0, 0x41ecadad, + 0xb367d4d4, 0x5ffda2a2, 0x45eaafaf, 0x23bf9c9c, 0x53f7a4a4, + 0xe4967272, 0x9b5bc0c0, 0x75c2b7b7, 0xe11cfdfd, 0x3dae9393, + 0x4c6a2626, 0x6c5a3636, 0x7e413f3f, 0xf502f7f7, 0x834fcccc, + 0x685c3434, 0x51f4a5a5, 0xd134e5e5, 0xf908f1f1, 0xe2937171, + 0xab73d8d8, 0x62533131, 0x2a3f1515, 0x080c0404, 0x9552c7c7, + 0x46652323, 0x9d5ec3c3, 0x30281818, 0x37a19696, 0x0a0f0505, + 0x2fb59a9a, 0x0e090707, 0x24361212, 0x1b9b8080, 0xdf3de2e2, + 0xcd26ebeb, 0x4e692727, 0x7fcdb2b2, 0xea9f7575, 0x121b0909, + 0x1d9e8383, 0x58742c2c, 0x342e1a1a, 0x362d1b1b, 0xdcb26e6e, + 0xb4ee5a5a, 0x5bfba0a0, 0xa4f65252, 0x764d3b3b, 0xb761d6d6, + 0x7dceb3b3, 0x527b2929, 0xdd3ee3e3, 0x5e712f2f, 0x13978484, + 0xa6f55353, 0xb968d1d1, 0x00000000, 0xc12ceded, 0x40602020, + 0xe31ffcfc, 0x79c8b1b1, 0xb6ed5b5b, 0xd4be6a6a, 0x8d46cbcb, + 0x67d9bebe, 0x724b3939, 0x94de4a4a, 0x98d44c4c, 0xb0e85858, + 0x854acfcf, 0xbb6bd0d0, 0xc52aefef, 0x4fe5aaaa, 0xed16fbfb, + 0x86c54343, 0x9ad74d4d, 0x66553333, 0x11948585, 0x8acf4545, + 0xe910f9f9, 0x04060202, 0xfe817f7f, 0xa0f05050, 0x78443c3c, + 0x25ba9f9f, 0x4be3a8a8, 0xa2f35151, 0x5dfea3a3, 0x80c04040, + 0x058a8f8f, 0x3fad9292, 0x21bc9d9d, 0x70483838, 0xf104f5f5, + 0x63dfbcbc, 0x77c1b6b6, 0xaf75dada, 0x42632121, 0x20301010, + 0xe51affff, 0xfd0ef3f3, 0xbf6dd2d2, 0x814ccdcd, 0x18140c0c, + 0x26351313, 0xc32fecec, 0xbee15f5f, 0x35a29797, 0x88cc4444, + 0x2e391717, 0x9357c4c4, 0x55f2a7a7, 0xfc827e7e, 0x7a473d3d, + 0xc8ac6464, 0xbae75d5d, 0x322b1919, 0xe6957373, 0xc0a06060, + 0x19988181, 0x9ed14f4f, 0xa37fdcdc, 0x44662222, 0x547e2a2a, + 0x3bab9090, 0x0b838888, 0x8cca4646, 0xc729eeee, 0x6bd3b8b8, + 0x283c1414, 0xa779dede, 0xbce25e5e, 0x161d0b0b, 0xad76dbdb, + 0xdb3be0e0, 0x64563232, 0x744e3a3a, 0x141e0a0a, 0x92db4949, + 0x0c0a0606, 0x486c2424, 0xb8e45c5c, 0x9f5dc2c2, 0xbd6ed3d3, + 0x43efacac, 0xc4a66262, 0x39a89191, 0x31a49595, 0xd337e4e4, + 0xf28b7979, 0xd532e7e7, 0x8b43c8c8, 0x6e593737, 0xdab76d6d, + 0x018c8d8d, 0xb164d5d5, 0x9cd24e4e, 0x49e0a9a9, 0xd8b46c6c, + 0xacfa5656, 0xf307f4f4, 0xcf25eaea, 0xcaaf6565, 0xf48e7a7a, + 0x47e9aeae, 0x10180808, 0x6fd5baba, 0xf0887878, 0x4a6f2525, + 0x5c722e2e, 0x38241c1c, 0x57f1a6a6, 0x73c7b4b4, 0x9751c6c6, + 0xcb23e8e8, 0xa17cdddd, 0xe89c7474, 0x3e211f1f, 0x96dd4b4b, + 0x61dcbdbd, 0x0d868b8b, 0x0f858a8a, 0xe0907070, 0x7c423e3e, + 0x71c4b5b5, 0xccaa6666, 0x90d84848, 0x06050303, 0xf701f6f6, + 0x1c120e0e, 0xc2a36161, 0x6a5f3535, 0xaef95757, 0x69d0b9b9, + 0x17918686, 0x9958c1c1, 0x3a271d1d, 0x27b99e9e, 0xd938e1e1, + 0xeb13f8f8, 0x2bb39898, 0x22331111, 0xd2bb6969, 0xa970d9d9, + 0x07898e8e, 0x33a79494, 0x2db69b9b, 0x3c221e1e, 0x15928787, + 0xc920e9e9, 0x8749cece, 0xaaff5555, 0x50782828, 0xa57adfdf, + 0x038f8c8c, 0x59f8a1a1, 0x09808989, 0x1a170d0d, 0x65dabfbf, + 0xd731e6e6, 0x84c64242, 0xd0b86868, 0x82c34141, 0x29b09999, + 0x5a772d2d, 0x1e110f0f, 0x7bcbb0b0, 0xa8fc5454, 0x6dd6bbbb, + 0x2c3a1616 + }; + + private static readonly uint[] Tinv0 = + { + 0x50a7f451, 0x5365417e, 0xc3a4171a, 0x965e273a, 0xcb6bab3b, + 0xf1459d1f, 0xab58faac, 0x9303e34b, 0x55fa3020, 0xf66d76ad, + 0x9176cc88, 0x254c02f5, 0xfcd7e54f, 0xd7cb2ac5, 0x80443526, + 0x8fa362b5, 0x495ab1de, 0x671bba25, 0x980eea45, 0xe1c0fe5d, + 0x02752fc3, 0x12f04c81, 0xa397468d, 0xc6f9d36b, 0xe75f8f03, + 0x959c9215, 0xeb7a6dbf, 0xda595295, 0x2d83bed4, 0xd3217458, + 0x2969e049, 0x44c8c98e, 0x6a89c275, 0x78798ef4, 0x6b3e5899, + 0xdd71b927, 0xb64fe1be, 0x17ad88f0, 0x66ac20c9, 0xb43ace7d, + 0x184adf63, 0x82311ae5, 0x60335197, 0x457f5362, 0xe07764b1, + 0x84ae6bbb, 0x1ca081fe, 0x942b08f9, 0x58684870, 0x19fd458f, + 0x876cde94, 0xb7f87b52, 0x23d373ab, 0xe2024b72, 0x578f1fe3, + 0x2aab5566, 0x0728ebb2, 0x03c2b52f, 0x9a7bc586, 0xa50837d3, + 0xf2872830, 0xb2a5bf23, 0xba6a0302, 0x5c8216ed, 0x2b1ccf8a, + 0x92b479a7, 0xf0f207f3, 0xa1e2694e, 0xcdf4da65, 0xd5be0506, + 0x1f6234d1, 0x8afea6c4, 0x9d532e34, 0xa055f3a2, 0x32e18a05, + 0x75ebf6a4, 0x39ec830b, 0xaaef6040, 0x069f715e, 0x51106ebd, + 0xf98a213e, 0x3d06dd96, 0xae053edd, 0x46bde64d, 0xb58d5491, + 0x055dc471, 0x6fd40604, 0xff155060, 0x24fb9819, 0x97e9bdd6, + 0xcc434089, 0x779ed967, 0xbd42e8b0, 0x888b8907, 0x385b19e7, + 0xdbeec879, 0x470a7ca1, 0xe90f427c, 0xc91e84f8, 0x00000000, + 0x83868009, 0x48ed2b32, 0xac70111e, 0x4e725a6c, 0xfbff0efd, + 0x5638850f, 0x1ed5ae3d, 0x27392d36, 0x64d90f0a, 0x21a65c68, + 0xd1545b9b, 0x3a2e3624, 0xb1670a0c, 0x0fe75793, 0xd296eeb4, + 0x9e919b1b, 0x4fc5c080, 0xa220dc61, 0x694b775a, 0x161a121c, + 0x0aba93e2, 0xe52aa0c0, 0x43e0223c, 0x1d171b12, 0x0b0d090e, + 0xadc78bf2, 0xb9a8b62d, 0xc8a91e14, 0x8519f157, 0x4c0775af, + 0xbbdd99ee, 0xfd607fa3, 0x9f2601f7, 0xbcf5725c, 0xc53b6644, + 0x347efb5b, 0x7629438b, 0xdcc623cb, 0x68fcedb6, 0x63f1e4b8, + 0xcadc31d7, 0x10856342, 0x40229713, 0x2011c684, 0x7d244a85, + 0xf83dbbd2, 0x1132f9ae, 0x6da129c7, 0x4b2f9e1d, 0xf330b2dc, + 0xec52860d, 0xd0e3c177, 0x6c16b32b, 0x99b970a9, 0xfa489411, + 0x2264e947, 0xc48cfca8, 0x1a3ff0a0, 0xd82c7d56, 0xef903322, + 0xc74e4987, 0xc1d138d9, 0xfea2ca8c, 0x360bd498, 0xcf81f5a6, + 0x28de7aa5, 0x268eb7da, 0xa4bfad3f, 0xe49d3a2c, 0x0d927850, + 0x9bcc5f6a, 0x62467e54, 0xc2138df6, 0xe8b8d890, 0x5ef7392e, + 0xf5afc382, 0xbe805d9f, 0x7c93d069, 0xa92dd56f, 0xb31225cf, + 0x3b99acc8, 0xa77d1810, 0x6e639ce8, 0x7bbb3bdb, 0x097826cd, + 0xf418596e, 0x01b79aec, 0xa89a4f83, 0x656e95e6, 0x7ee6ffaa, + 0x08cfbc21, 0xe6e815ef, 0xd99be7ba, 0xce366f4a, 0xd4099fea, + 0xd67cb029, 0xafb2a431, 0x31233f2a, 0x3094a5c6, 0xc066a235, + 0x37bc4e74, 0xa6ca82fc, 0xb0d090e0, 0x15d8a733, 0x4a9804f1, + 0xf7daec41, 0x0e50cd7f, 0x2ff69117, 0x8dd64d76, 0x4db0ef43, + 0x544daacc, 0xdf0496e4, 0xe3b5d19e, 0x1b886a4c, 0xb81f2cc1, + 0x7f516546, 0x04ea5e9d, 0x5d358c01, 0x737487fa, 0x2e410bfb, + 0x5a1d67b3, 0x52d2db92, 0x335610e9, 0x1347d66d, 0x8c61d79a, + 0x7a0ca137, 0x8e14f859, 0x893c13eb, 0xee27a9ce, 0x35c961b7, + 0xede51ce1, 0x3cb1477a, 0x59dfd29c, 0x3f73f255, 0x79ce1418, + 0xbf37c773, 0xeacdf753, 0x5baafd5f, 0x146f3ddf, 0x86db4478, + 0x81f3afca, 0x3ec468b9, 0x2c342438, 0x5f40a3c2, 0x72c31d16, + 0x0c25e2bc, 0x8b493c28, 0x41950dff, 0x7101a839, 0xdeb30c08, + 0x9ce4b4d8, 0x90c15664, 0x6184cb7b, 0x70b632d5, 0x745c6c48, + 0x4257b8d0 + }; + + private static readonly uint[] Tinv1 = + { + 0xa7f45150, 0x65417e53, 0xa4171ac3, 0x5e273a96, 0x6bab3bcb, + 0x459d1ff1, 0x58faacab, 0x03e34b93, 0xfa302055, 0x6d76adf6, + 0x76cc8891, 0x4c02f525, 0xd7e54ffc, 0xcb2ac5d7, 0x44352680, + 0xa362b58f, 0x5ab1de49, 0x1bba2567, 0x0eea4598, 0xc0fe5de1, + 0x752fc302, 0xf04c8112, 0x97468da3, 0xf9d36bc6, 0x5f8f03e7, + 0x9c921595, 0x7a6dbfeb, 0x595295da, 0x83bed42d, 0x217458d3, + 0x69e04929, 0xc8c98e44, 0x89c2756a, 0x798ef478, 0x3e58996b, + 0x71b927dd, 0x4fe1beb6, 0xad88f017, 0xac20c966, 0x3ace7db4, + 0x4adf6318, 0x311ae582, 0x33519760, 0x7f536245, 0x7764b1e0, + 0xae6bbb84, 0xa081fe1c, 0x2b08f994, 0x68487058, 0xfd458f19, + 0x6cde9487, 0xf87b52b7, 0xd373ab23, 0x024b72e2, 0x8f1fe357, + 0xab55662a, 0x28ebb207, 0xc2b52f03, 0x7bc5869a, 0x0837d3a5, + 0x872830f2, 0xa5bf23b2, 0x6a0302ba, 0x8216ed5c, 0x1ccf8a2b, + 0xb479a792, 0xf207f3f0, 0xe2694ea1, 0xf4da65cd, 0xbe0506d5, + 0x6234d11f, 0xfea6c48a, 0x532e349d, 0x55f3a2a0, 0xe18a0532, + 0xebf6a475, 0xec830b39, 0xef6040aa, 0x9f715e06, 0x106ebd51, + 0x8a213ef9, 0x06dd963d, 0x053eddae, 0xbde64d46, 0x8d5491b5, + 0x5dc47105, 0xd406046f, 0x155060ff, 0xfb981924, 0xe9bdd697, + 0x434089cc, 0x9ed96777, 0x42e8b0bd, 0x8b890788, 0x5b19e738, + 0xeec879db, 0x0a7ca147, 0x0f427ce9, 0x1e84f8c9, 0x00000000, + 0x86800983, 0xed2b3248, 0x70111eac, 0x725a6c4e, 0xff0efdfb, + 0x38850f56, 0xd5ae3d1e, 0x392d3627, 0xd90f0a64, 0xa65c6821, + 0x545b9bd1, 0x2e36243a, 0x670a0cb1, 0xe757930f, 0x96eeb4d2, + 0x919b1b9e, 0xc5c0804f, 0x20dc61a2, 0x4b775a69, 0x1a121c16, + 0xba93e20a, 0x2aa0c0e5, 0xe0223c43, 0x171b121d, 0x0d090e0b, + 0xc78bf2ad, 0xa8b62db9, 0xa91e14c8, 0x19f15785, 0x0775af4c, + 0xdd99eebb, 0x607fa3fd, 0x2601f79f, 0xf5725cbc, 0x3b6644c5, + 0x7efb5b34, 0x29438b76, 0xc623cbdc, 0xfcedb668, 0xf1e4b863, + 0xdc31d7ca, 0x85634210, 0x22971340, 0x11c68420, 0x244a857d, + 0x3dbbd2f8, 0x32f9ae11, 0xa129c76d, 0x2f9e1d4b, 0x30b2dcf3, + 0x52860dec, 0xe3c177d0, 0x16b32b6c, 0xb970a999, 0x489411fa, + 0x64e94722, 0x8cfca8c4, 0x3ff0a01a, 0x2c7d56d8, 0x903322ef, + 0x4e4987c7, 0xd138d9c1, 0xa2ca8cfe, 0x0bd49836, 0x81f5a6cf, + 0xde7aa528, 0x8eb7da26, 0xbfad3fa4, 0x9d3a2ce4, 0x9278500d, + 0xcc5f6a9b, 0x467e5462, 0x138df6c2, 0xb8d890e8, 0xf7392e5e, + 0xafc382f5, 0x805d9fbe, 0x93d0697c, 0x2dd56fa9, 0x1225cfb3, + 0x99acc83b, 0x7d1810a7, 0x639ce86e, 0xbb3bdb7b, 0x7826cd09, + 0x18596ef4, 0xb79aec01, 0x9a4f83a8, 0x6e95e665, 0xe6ffaa7e, + 0xcfbc2108, 0xe815efe6, 0x9be7bad9, 0x366f4ace, 0x099fead4, + 0x7cb029d6, 0xb2a431af, 0x233f2a31, 0x94a5c630, 0x66a235c0, + 0xbc4e7437, 0xca82fca6, 0xd090e0b0, 0xd8a73315, 0x9804f14a, + 0xdaec41f7, 0x50cd7f0e, 0xf691172f, 0xd64d768d, 0xb0ef434d, + 0x4daacc54, 0x0496e4df, 0xb5d19ee3, 0x886a4c1b, 0x1f2cc1b8, + 0x5165467f, 0xea5e9d04, 0x358c015d, 0x7487fa73, 0x410bfb2e, + 0x1d67b35a, 0xd2db9252, 0x5610e933, 0x47d66d13, 0x61d79a8c, + 0x0ca1377a, 0x14f8598e, 0x3c13eb89, 0x27a9ceee, 0xc961b735, + 0xe51ce1ed, 0xb1477a3c, 0xdfd29c59, 0x73f2553f, 0xce141879, + 0x37c773bf, 0xcdf753ea, 0xaafd5f5b, 0x6f3ddf14, 0xdb447886, + 0xf3afca81, 0xc468b93e, 0x3424382c, 0x40a3c25f, 0xc31d1672, + 0x25e2bc0c, 0x493c288b, 0x950dff41, 0x01a83971, 0xb30c08de, + 0xe4b4d89c, 0xc1566490, 0x84cb7b61, 0xb632d570, 0x5c6c4874, + 0x57b8d042 + }; + + private static readonly uint[] Tinv2 = + { + 0xf45150a7, 0x417e5365, 0x171ac3a4, 0x273a965e, 0xab3bcb6b, + 0x9d1ff145, 0xfaacab58, 0xe34b9303, 0x302055fa, 0x76adf66d, + 0xcc889176, 0x02f5254c, 0xe54ffcd7, 0x2ac5d7cb, 0x35268044, + 0x62b58fa3, 0xb1de495a, 0xba25671b, 0xea45980e, 0xfe5de1c0, + 0x2fc30275, 0x4c8112f0, 0x468da397, 0xd36bc6f9, 0x8f03e75f, + 0x9215959c, 0x6dbfeb7a, 0x5295da59, 0xbed42d83, 0x7458d321, + 0xe0492969, 0xc98e44c8, 0xc2756a89, 0x8ef47879, 0x58996b3e, + 0xb927dd71, 0xe1beb64f, 0x88f017ad, 0x20c966ac, 0xce7db43a, + 0xdf63184a, 0x1ae58231, 0x51976033, 0x5362457f, 0x64b1e077, + 0x6bbb84ae, 0x81fe1ca0, 0x08f9942b, 0x48705868, 0x458f19fd, + 0xde94876c, 0x7b52b7f8, 0x73ab23d3, 0x4b72e202, 0x1fe3578f, + 0x55662aab, 0xebb20728, 0xb52f03c2, 0xc5869a7b, 0x37d3a508, + 0x2830f287, 0xbf23b2a5, 0x0302ba6a, 0x16ed5c82, 0xcf8a2b1c, + 0x79a792b4, 0x07f3f0f2, 0x694ea1e2, 0xda65cdf4, 0x0506d5be, + 0x34d11f62, 0xa6c48afe, 0x2e349d53, 0xf3a2a055, 0x8a0532e1, + 0xf6a475eb, 0x830b39ec, 0x6040aaef, 0x715e069f, 0x6ebd5110, + 0x213ef98a, 0xdd963d06, 0x3eddae05, 0xe64d46bd, 0x5491b58d, + 0xc471055d, 0x06046fd4, 0x5060ff15, 0x981924fb, 0xbdd697e9, + 0x4089cc43, 0xd967779e, 0xe8b0bd42, 0x8907888b, 0x19e7385b, + 0xc879dbee, 0x7ca1470a, 0x427ce90f, 0x84f8c91e, 0x00000000, + 0x80098386, 0x2b3248ed, 0x111eac70, 0x5a6c4e72, 0x0efdfbff, + 0x850f5638, 0xae3d1ed5, 0x2d362739, 0x0f0a64d9, 0x5c6821a6, + 0x5b9bd154, 0x36243a2e, 0x0a0cb167, 0x57930fe7, 0xeeb4d296, + 0x9b1b9e91, 0xc0804fc5, 0xdc61a220, 0x775a694b, 0x121c161a, + 0x93e20aba, 0xa0c0e52a, 0x223c43e0, 0x1b121d17, 0x090e0b0d, + 0x8bf2adc7, 0xb62db9a8, 0x1e14c8a9, 0xf1578519, 0x75af4c07, + 0x99eebbdd, 0x7fa3fd60, 0x01f79f26, 0x725cbcf5, 0x6644c53b, + 0xfb5b347e, 0x438b7629, 0x23cbdcc6, 0xedb668fc, 0xe4b863f1, + 0x31d7cadc, 0x63421085, 0x97134022, 0xc6842011, 0x4a857d24, + 0xbbd2f83d, 0xf9ae1132, 0x29c76da1, 0x9e1d4b2f, 0xb2dcf330, + 0x860dec52, 0xc177d0e3, 0xb32b6c16, 0x70a999b9, 0x9411fa48, + 0xe9472264, 0xfca8c48c, 0xf0a01a3f, 0x7d56d82c, 0x3322ef90, + 0x4987c74e, 0x38d9c1d1, 0xca8cfea2, 0xd498360b, 0xf5a6cf81, + 0x7aa528de, 0xb7da268e, 0xad3fa4bf, 0x3a2ce49d, 0x78500d92, + 0x5f6a9bcc, 0x7e546246, 0x8df6c213, 0xd890e8b8, 0x392e5ef7, + 0xc382f5af, 0x5d9fbe80, 0xd0697c93, 0xd56fa92d, 0x25cfb312, + 0xacc83b99, 0x1810a77d, 0x9ce86e63, 0x3bdb7bbb, 0x26cd0978, + 0x596ef418, 0x9aec01b7, 0x4f83a89a, 0x95e6656e, 0xffaa7ee6, + 0xbc2108cf, 0x15efe6e8, 0xe7bad99b, 0x6f4ace36, 0x9fead409, + 0xb029d67c, 0xa431afb2, 0x3f2a3123, 0xa5c63094, 0xa235c066, + 0x4e7437bc, 0x82fca6ca, 0x90e0b0d0, 0xa73315d8, 0x04f14a98, + 0xec41f7da, 0xcd7f0e50, 0x91172ff6, 0x4d768dd6, 0xef434db0, + 0xaacc544d, 0x96e4df04, 0xd19ee3b5, 0x6a4c1b88, 0x2cc1b81f, + 0x65467f51, 0x5e9d04ea, 0x8c015d35, 0x87fa7374, 0x0bfb2e41, + 0x67b35a1d, 0xdb9252d2, 0x10e93356, 0xd66d1347, 0xd79a8c61, + 0xa1377a0c, 0xf8598e14, 0x13eb893c, 0xa9ceee27, 0x61b735c9, + 0x1ce1ede5, 0x477a3cb1, 0xd29c59df, 0xf2553f73, 0x141879ce, + 0xc773bf37, 0xf753eacd, 0xfd5f5baa, 0x3ddf146f, 0x447886db, + 0xafca81f3, 0x68b93ec4, 0x24382c34, 0xa3c25f40, 0x1d1672c3, + 0xe2bc0c25, 0x3c288b49, 0x0dff4195, 0xa8397101, 0x0c08deb3, + 0xb4d89ce4, 0x566490c1, 0xcb7b6184, 0x32d570b6, 0x6c48745c, + 0xb8d04257 + }; + + private static readonly uint[] Tinv3 = + { + 0x5150a7f4, 0x7e536541, 0x1ac3a417, 0x3a965e27, 0x3bcb6bab, + 0x1ff1459d, 0xacab58fa, 0x4b9303e3, 0x2055fa30, 0xadf66d76, + 0x889176cc, 0xf5254c02, 0x4ffcd7e5, 0xc5d7cb2a, 0x26804435, + 0xb58fa362, 0xde495ab1, 0x25671bba, 0x45980eea, 0x5de1c0fe, + 0xc302752f, 0x8112f04c, 0x8da39746, 0x6bc6f9d3, 0x03e75f8f, + 0x15959c92, 0xbfeb7a6d, 0x95da5952, 0xd42d83be, 0x58d32174, + 0x492969e0, 0x8e44c8c9, 0x756a89c2, 0xf478798e, 0x996b3e58, + 0x27dd71b9, 0xbeb64fe1, 0xf017ad88, 0xc966ac20, 0x7db43ace, + 0x63184adf, 0xe582311a, 0x97603351, 0x62457f53, 0xb1e07764, + 0xbb84ae6b, 0xfe1ca081, 0xf9942b08, 0x70586848, 0x8f19fd45, + 0x94876cde, 0x52b7f87b, 0xab23d373, 0x72e2024b, 0xe3578f1f, + 0x662aab55, 0xb20728eb, 0x2f03c2b5, 0x869a7bc5, 0xd3a50837, + 0x30f28728, 0x23b2a5bf, 0x02ba6a03, 0xed5c8216, 0x8a2b1ccf, + 0xa792b479, 0xf3f0f207, 0x4ea1e269, 0x65cdf4da, 0x06d5be05, + 0xd11f6234, 0xc48afea6, 0x349d532e, 0xa2a055f3, 0x0532e18a, + 0xa475ebf6, 0x0b39ec83, 0x40aaef60, 0x5e069f71, 0xbd51106e, + 0x3ef98a21, 0x963d06dd, 0xddae053e, 0x4d46bde6, 0x91b58d54, + 0x71055dc4, 0x046fd406, 0x60ff1550, 0x1924fb98, 0xd697e9bd, + 0x89cc4340, 0x67779ed9, 0xb0bd42e8, 0x07888b89, 0xe7385b19, + 0x79dbeec8, 0xa1470a7c, 0x7ce90f42, 0xf8c91e84, 0x00000000, + 0x09838680, 0x3248ed2b, 0x1eac7011, 0x6c4e725a, 0xfdfbff0e, + 0x0f563885, 0x3d1ed5ae, 0x3627392d, 0x0a64d90f, 0x6821a65c, + 0x9bd1545b, 0x243a2e36, 0x0cb1670a, 0x930fe757, 0xb4d296ee, + 0x1b9e919b, 0x804fc5c0, 0x61a220dc, 0x5a694b77, 0x1c161a12, + 0xe20aba93, 0xc0e52aa0, 0x3c43e022, 0x121d171b, 0x0e0b0d09, + 0xf2adc78b, 0x2db9a8b6, 0x14c8a91e, 0x578519f1, 0xaf4c0775, + 0xeebbdd99, 0xa3fd607f, 0xf79f2601, 0x5cbcf572, 0x44c53b66, + 0x5b347efb, 0x8b762943, 0xcbdcc623, 0xb668fced, 0xb863f1e4, + 0xd7cadc31, 0x42108563, 0x13402297, 0x842011c6, 0x857d244a, + 0xd2f83dbb, 0xae1132f9, 0xc76da129, 0x1d4b2f9e, 0xdcf330b2, + 0x0dec5286, 0x77d0e3c1, 0x2b6c16b3, 0xa999b970, 0x11fa4894, + 0x472264e9, 0xa8c48cfc, 0xa01a3ff0, 0x56d82c7d, 0x22ef9033, + 0x87c74e49, 0xd9c1d138, 0x8cfea2ca, 0x98360bd4, 0xa6cf81f5, + 0xa528de7a, 0xda268eb7, 0x3fa4bfad, 0x2ce49d3a, 0x500d9278, + 0x6a9bcc5f, 0x5462467e, 0xf6c2138d, 0x90e8b8d8, 0x2e5ef739, + 0x82f5afc3, 0x9fbe805d, 0x697c93d0, 0x6fa92dd5, 0xcfb31225, + 0xc83b99ac, 0x10a77d18, 0xe86e639c, 0xdb7bbb3b, 0xcd097826, + 0x6ef41859, 0xec01b79a, 0x83a89a4f, 0xe6656e95, 0xaa7ee6ff, + 0x2108cfbc, 0xefe6e815, 0xbad99be7, 0x4ace366f, 0xead4099f, + 0x29d67cb0, 0x31afb2a4, 0x2a31233f, 0xc63094a5, 0x35c066a2, + 0x7437bc4e, 0xfca6ca82, 0xe0b0d090, 0x3315d8a7, 0xf14a9804, + 0x41f7daec, 0x7f0e50cd, 0x172ff691, 0x768dd64d, 0x434db0ef, + 0xcc544daa, 0xe4df0496, 0x9ee3b5d1, 0x4c1b886a, 0xc1b81f2c, + 0x467f5165, 0x9d04ea5e, 0x015d358c, 0xfa737487, 0xfb2e410b, + 0xb35a1d67, 0x9252d2db, 0xe9335610, 0x6d1347d6, 0x9a8c61d7, + 0x377a0ca1, 0x598e14f8, 0xeb893c13, 0xceee27a9, 0xb735c961, + 0xe1ede51c, 0x7a3cb147, 0x9c59dfd2, 0x553f73f2, 0x1879ce14, + 0x73bf37c7, 0x53eacdf7, 0x5f5baafd, 0xdf146f3d, 0x7886db44, + 0xca81f3af, 0xb93ec468, 0x382c3424, 0xc25f40a3, 0x1672c31d, + 0xbc0c25e2, 0x288b493c, 0xff41950d, 0x397101a8, 0x08deb30c, + 0xd89ce4b4, 0x6490c156, 0x7b6184cb, 0xd570b632, 0x48745c6c, + 0xd04257b8 + }; + + private static uint Shift(uint r, int shift) + { + return (r >> shift) | (r << (32 - shift)); + } + + /* multiply four bytes in GF(2^8) by 'x' {02} in parallel */ + + private const uint m1 = 0x80808080; + private const uint m2 = 0x7f7f7f7f; + private const uint m3 = 0x0000001b; + private const uint m4 = 0xC0C0C0C0; + private const uint m5 = 0x3f3f3f3f; + + private static uint FFmulX(uint x) + { + return ((x & m2) << 1) ^ (((x & m1) >> 7) * m3); + } + + private static uint FFmulX2(uint x) + { + uint t0 = (x & m5) << 2; + uint t1 = (x & m4); + t1 ^= (t1 >> 1); + return t0 ^ (t1 >> 2) ^ (t1 >> 5); + } + + /* + The following defines provide alternative definitions of FFmulX that might + give improved performance if a fast 32-bit multiply is not available. + + private int FFmulX(int x) { int u = x & m1; u |= (u >> 1); return ((x & m2) << 1) ^ ((u >>> 3) | (u >>> 6)); } + private static final int m4 = 0x1b1b1b1b; + private int FFmulX(int x) { int u = x & m1; return ((x & m2) << 1) ^ ((u - (u >>> 7)) & m4); } + + */ + + private static uint Inv_Mcol(uint x) + { + uint t0, t1; + t0 = x; + t1 = t0 ^ Shift(t0, 8); + t0 ^= FFmulX(t1); + t1 ^= FFmulX2(t0); + t0 ^= t1 ^ Shift(t1, 16); + return t0; + } + + private static uint SubWord(uint x) + { + return (uint)S[x&255] + | (((uint)S[(x>>8)&255]) << 8) + | (((uint)S[(x>>16)&255]) << 16) + | (((uint)S[(x>>24)&255]) << 24); + } + + /** + * Calculate the necessary round keys + * The number of calculations depends on key size and block size + * AES specified a fixed block size of 128 bits and key sizes 128/192/256 bits + * This code is written assuming those are the only possible values + */ + private uint[][] GenerateWorkingKey(byte[] key, bool forEncryption) + { + int keyLen = key.Length; + if (keyLen < 16 || keyLen > 32 || (keyLen & 7) != 0) + throw new ArgumentException("Key length not 128/192/256 bits."); + + int KC = keyLen >> 2; + this.ROUNDS = KC + 6; // This is not always true for the generalized Rijndael that allows larger block sizes + + uint[][] W = new uint[ROUNDS + 1][]; // 4 words in a block + for (int i = 0; i <= ROUNDS; ++i) + { + W[i] = new uint[4]; + } + + switch (KC) + { + case 4: + { + uint t0 = Pack.LE_To_UInt32(key, 0); W[0][0] = t0; + uint t1 = Pack.LE_To_UInt32(key, 4); W[0][1] = t1; + uint t2 = Pack.LE_To_UInt32(key, 8); W[0][2] = t2; + uint t3 = Pack.LE_To_UInt32(key, 12); W[0][3] = t3; + + for (int i = 1; i <= 10; ++i) + { + uint u = SubWord(Shift(t3, 8)) ^ rcon[i - 1]; + t0 ^= u; W[i][0] = t0; + t1 ^= t0; W[i][1] = t1; + t2 ^= t1; W[i][2] = t2; + t3 ^= t2; W[i][3] = t3; + } + + break; + } + case 6: + { + uint t0 = Pack.LE_To_UInt32(key, 0); W[0][0] = t0; + uint t1 = Pack.LE_To_UInt32(key, 4); W[0][1] = t1; + uint t2 = Pack.LE_To_UInt32(key, 8); W[0][2] = t2; + uint t3 = Pack.LE_To_UInt32(key, 12); W[0][3] = t3; + uint t4 = Pack.LE_To_UInt32(key, 16); W[1][0] = t4; + uint t5 = Pack.LE_To_UInt32(key, 20); W[1][1] = t5; + + uint rcon = 1; + uint u = SubWord(Shift(t5, 8)) ^ rcon; rcon <<= 1; + t0 ^= u; W[1][2] = t0; + t1 ^= t0; W[1][3] = t1; + t2 ^= t1; W[2][0] = t2; + t3 ^= t2; W[2][1] = t3; + t4 ^= t3; W[2][2] = t4; + t5 ^= t4; W[2][3] = t5; + + for (int i = 3; i < 12; i += 3) + { + u = SubWord(Shift(t5, 8)) ^ rcon; rcon <<= 1; + t0 ^= u; W[i ][0] = t0; + t1 ^= t0; W[i ][1] = t1; + t2 ^= t1; W[i ][2] = t2; + t3 ^= t2; W[i ][3] = t3; + t4 ^= t3; W[i + 1][0] = t4; + t5 ^= t4; W[i + 1][1] = t5; + u = SubWord(Shift(t5, 8)) ^ rcon; rcon <<= 1; + t0 ^= u; W[i + 1][2] = t0; + t1 ^= t0; W[i + 1][3] = t1; + t2 ^= t1; W[i + 2][0] = t2; + t3 ^= t2; W[i + 2][1] = t3; + t4 ^= t3; W[i + 2][2] = t4; + t5 ^= t4; W[i + 2][3] = t5; + } + + u = SubWord(Shift(t5, 8)) ^ rcon; + t0 ^= u; W[12][0] = t0; + t1 ^= t0; W[12][1] = t1; + t2 ^= t1; W[12][2] = t2; + t3 ^= t2; W[12][3] = t3; + + break; + } + case 8: + { + uint t0 = Pack.LE_To_UInt32(key, 0); W[0][0] = t0; + uint t1 = Pack.LE_To_UInt32(key, 4); W[0][1] = t1; + uint t2 = Pack.LE_To_UInt32(key, 8); W[0][2] = t2; + uint t3 = Pack.LE_To_UInt32(key, 12); W[0][3] = t3; + uint t4 = Pack.LE_To_UInt32(key, 16); W[1][0] = t4; + uint t5 = Pack.LE_To_UInt32(key, 20); W[1][1] = t5; + uint t6 = Pack.LE_To_UInt32(key, 24); W[1][2] = t6; + uint t7 = Pack.LE_To_UInt32(key, 28); W[1][3] = t7; + + uint u, rcon = 1; + + for (int i = 2; i < 14; i += 2) + { + u = SubWord(Shift(t7, 8)) ^ rcon; rcon <<= 1; + t0 ^= u; W[i ][0] = t0; + t1 ^= t0; W[i ][1] = t1; + t2 ^= t1; W[i ][2] = t2; + t3 ^= t2; W[i ][3] = t3; + u = SubWord(t3); + t4 ^= u; W[i + 1][0] = t4; + t5 ^= t4; W[i + 1][1] = t5; + t6 ^= t5; W[i + 1][2] = t6; + t7 ^= t6; W[i + 1][3] = t7; + } + + u = SubWord(Shift(t7, 8)) ^ rcon; + t0 ^= u; W[14][0] = t0; + t1 ^= t0; W[14][1] = t1; + t2 ^= t1; W[14][2] = t2; + t3 ^= t2; W[14][3] = t3; + + break; + } + default: + { + throw new InvalidOperationException("Should never get here"); + } + } + + if (!forEncryption) + { + for (int j = 1; j < ROUNDS; j++) + { + uint[] w = W[j]; + for (int i = 0; i < 4; i++) + { + w[i] = Inv_Mcol(w[i]); + } + } + } + + return W; + } + + private int ROUNDS; + private uint[][] WorkingKey; + private bool forEncryption; + + private const int BLOCK_SIZE = 16; + + /** + * default constructor - 128 bit block size. + */ + public AesFastEngine() + { + } + + /** + * initialise an AES cipher. + * + * @param forEncryption whether or not we are for encryption. + * @param parameters the parameters required to set up the cipher. + * @exception ArgumentException if the parameters argument is + * inappropriate. + */ + public virtual void Init( + bool forEncryption, + ICipherParameters parameters) + { + KeyParameter keyParameter = parameters as KeyParameter; + + if (keyParameter == null) + throw new ArgumentException("invalid parameter passed to AES init - " + + Platform.GetTypeName(parameters)); + + WorkingKey = GenerateWorkingKey(keyParameter.GetKey(), forEncryption); + + this.forEncryption = forEncryption; + } + + public virtual string AlgorithmName + { + get { return "AES"; } + } + + public virtual bool IsPartialBlockOkay + { + get { return false; } + } + + public virtual int GetBlockSize() + { + return BLOCK_SIZE; + } + + public virtual int ProcessBlock(byte[] input, int inOff, byte[] output, int outOff) + { + if (WorkingKey == null) + throw new InvalidOperationException("AES engine not initialised"); + + Check.DataLength(input, inOff, 16, "input buffer too short"); + Check.OutputLength(output, outOff, 16, "output buffer too short"); + + if (forEncryption) + { + EncryptBlock(input, inOff, output, outOff, WorkingKey); + } + else + { + DecryptBlock(input, inOff, output, outOff, WorkingKey); + } + + return BLOCK_SIZE; + } + + public virtual void Reset() + { + } + + private void EncryptBlock(byte[] input, int inOff, byte[] output, int outOff, uint[][] KW) + { + uint C0 = Pack.LE_To_UInt32(input, inOff + 0); + uint C1 = Pack.LE_To_UInt32(input, inOff + 4); + uint C2 = Pack.LE_To_UInt32(input, inOff + 8); + uint C3 = Pack.LE_To_UInt32(input, inOff + 12); + + uint[] kw = KW[0]; + uint t0 = C0 ^ kw[0]; + uint t1 = C1 ^ kw[1]; + uint t2 = C2 ^ kw[2]; + + uint r0, r1, r2, r3 = C3 ^ kw[3]; + int r = 1; + while (r < ROUNDS - 1) + { + kw = KW[r++]; + r0 = T0[t0 & 255] ^ T1[(t1 >> 8) & 255] ^ T2[(t2 >> 16) & 255] ^ T3[r3 >> 24] ^ kw[0]; + r1 = T0[t1 & 255] ^ T1[(t2 >> 8) & 255] ^ T2[(r3 >> 16) & 255] ^ T3[t0 >> 24] ^ kw[1]; + r2 = T0[t2 & 255] ^ T1[(r3 >> 8) & 255] ^ T2[(t0 >> 16) & 255] ^ T3[t1 >> 24] ^ kw[2]; + r3 = T0[r3 & 255] ^ T1[(t0 >> 8) & 255] ^ T2[(t1 >> 16) & 255] ^ T3[t2 >> 24] ^ kw[3]; + kw = KW[r++]; + t0 = T0[r0 & 255] ^ T1[(r1 >> 8) & 255] ^ T2[(r2 >> 16) & 255] ^ T3[r3 >> 24] ^ kw[0]; + t1 = T0[r1 & 255] ^ T1[(r2 >> 8) & 255] ^ T2[(r3 >> 16) & 255] ^ T3[r0 >> 24] ^ kw[1]; + t2 = T0[r2 & 255] ^ T1[(r3 >> 8) & 255] ^ T2[(r0 >> 16) & 255] ^ T3[r1 >> 24] ^ kw[2]; + r3 = T0[r3 & 255] ^ T1[(r0 >> 8) & 255] ^ T2[(r1 >> 16) & 255] ^ T3[r2 >> 24] ^ kw[3]; + } + + kw = KW[r++]; + r0 = T0[t0 & 255] ^ T1[(t1 >> 8) & 255] ^ T2[(t2 >> 16) & 255] ^ T3[r3 >> 24] ^ kw[0]; + r1 = T0[t1 & 255] ^ T1[(t2 >> 8) & 255] ^ T2[(r3 >> 16) & 255] ^ T3[t0 >> 24] ^ kw[1]; + r2 = T0[t2 & 255] ^ T1[(r3 >> 8) & 255] ^ T2[(t0 >> 16) & 255] ^ T3[t1 >> 24] ^ kw[2]; + r3 = T0[r3 & 255] ^ T1[(t0 >> 8) & 255] ^ T2[(t1 >> 16) & 255] ^ T3[t2 >> 24] ^ kw[3]; + + // the final round's table is a simple function of S so we don't use a whole other four tables for it + + kw = KW[r]; + C0 = (uint)S[r0 & 255] ^ (((uint)S[(r1 >> 8) & 255]) << 8) ^ (((uint)S[(r2 >> 16) & 255]) << 16) ^ (((uint)S[r3 >> 24]) << 24) ^ kw[0]; + C1 = (uint)S[r1 & 255] ^ (((uint)S[(r2 >> 8) & 255]) << 8) ^ (((uint)S[(r3 >> 16) & 255]) << 16) ^ (((uint)S[r0 >> 24]) << 24) ^ kw[1]; + C2 = (uint)S[r2 & 255] ^ (((uint)S[(r3 >> 8) & 255]) << 8) ^ (((uint)S[(r0 >> 16) & 255]) << 16) ^ (((uint)S[r1 >> 24]) << 24) ^ kw[2]; + C3 = (uint)S[r3 & 255] ^ (((uint)S[(r0 >> 8) & 255]) << 8) ^ (((uint)S[(r1 >> 16) & 255]) << 16) ^ (((uint)S[r2 >> 24]) << 24) ^ kw[3]; + + Pack.UInt32_To_LE(C0, output, outOff + 0); + Pack.UInt32_To_LE(C1, output, outOff + 4); + Pack.UInt32_To_LE(C2, output, outOff + 8); + Pack.UInt32_To_LE(C3, output, outOff + 12); + } + + private void DecryptBlock(byte[] input, int inOff, byte[] output, int outOff, uint[][] KW) + { + uint C0 = Pack.LE_To_UInt32(input, inOff + 0); + uint C1 = Pack.LE_To_UInt32(input, inOff + 4); + uint C2 = Pack.LE_To_UInt32(input, inOff + 8); + uint C3 = Pack.LE_To_UInt32(input, inOff + 12); + + uint[] kw = KW[ROUNDS]; + uint t0 = C0 ^ kw[0]; + uint t1 = C1 ^ kw[1]; + uint t2 = C2 ^ kw[2]; + + uint r0, r1, r2, r3 = C3 ^ kw[3]; + int r = ROUNDS - 1; + while (r > 1) + { + kw = KW[r--]; + r0 = Tinv0[t0 & 255] ^ Tinv1[(r3 >> 8) & 255] ^ Tinv2[(t2 >> 16) & 255] ^ Tinv3[t1 >> 24] ^ kw[0]; + r1 = Tinv0[t1 & 255] ^ Tinv1[(t0 >> 8) & 255] ^ Tinv2[(r3 >> 16) & 255] ^ Tinv3[t2 >> 24] ^ kw[1]; + r2 = Tinv0[t2 & 255] ^ Tinv1[(t1 >> 8) & 255] ^ Tinv2[(t0 >> 16) & 255] ^ Tinv3[r3 >> 24] ^ kw[2]; + r3 = Tinv0[r3 & 255] ^ Tinv1[(t2 >> 8) & 255] ^ Tinv2[(t1 >> 16) & 255] ^ Tinv3[t0 >> 24] ^ kw[3]; + kw = KW[r--]; + t0 = Tinv0[r0 & 255] ^ Tinv1[(r3 >> 8) & 255] ^ Tinv2[(r2 >> 16) & 255] ^ Tinv3[r1 >> 24] ^ kw[0]; + t1 = Tinv0[r1 & 255] ^ Tinv1[(r0 >> 8) & 255] ^ Tinv2[(r3 >> 16) & 255] ^ Tinv3[r2 >> 24] ^ kw[1]; + t2 = Tinv0[r2 & 255] ^ Tinv1[(r1 >> 8) & 255] ^ Tinv2[(r0 >> 16) & 255] ^ Tinv3[r3 >> 24] ^ kw[2]; + r3 = Tinv0[r3 & 255] ^ Tinv1[(r2 >> 8) & 255] ^ Tinv2[(r1 >> 16) & 255] ^ Tinv3[r0 >> 24] ^ kw[3]; + } + + kw = KW[1]; + r0 = Tinv0[t0 & 255] ^ Tinv1[(r3 >> 8) & 255] ^ Tinv2[(t2 >> 16) & 255] ^ Tinv3[t1 >> 24] ^ kw[0]; + r1 = Tinv0[t1 & 255] ^ Tinv1[(t0 >> 8) & 255] ^ Tinv2[(r3 >> 16) & 255] ^ Tinv3[t2 >> 24] ^ kw[1]; + r2 = Tinv0[t2 & 255] ^ Tinv1[(t1 >> 8) & 255] ^ Tinv2[(t0 >> 16) & 255] ^ Tinv3[r3 >> 24] ^ kw[2]; + r3 = Tinv0[r3 & 255] ^ Tinv1[(t2 >> 8) & 255] ^ Tinv2[(t1 >> 16) & 255] ^ Tinv3[t0 >> 24] ^ kw[3]; + + // the final round's table is a simple function of Si so we don't use a whole other four tables for it + + kw = KW[0]; + C0 = (uint)Si[r0 & 255] ^ (((uint)Si[(r3 >> 8) & 255]) << 8) ^ (((uint)Si[(r2 >> 16) & 255]) << 16) ^ (((uint)Si[r1 >> 24]) << 24) ^ kw[0]; + C1 = (uint)Si[r1 & 255] ^ (((uint)Si[(r0 >> 8) & 255]) << 8) ^ (((uint)Si[(r3 >> 16) & 255]) << 16) ^ (((uint)Si[r2 >> 24]) << 24) ^ kw[1]; + C2 = (uint)Si[r2 & 255] ^ (((uint)Si[(r1 >> 8) & 255]) << 8) ^ (((uint)Si[(r0 >> 16) & 255]) << 16) ^ (((uint)Si[r3 >> 24]) << 24) ^ kw[2]; + C3 = (uint)Si[r3 & 255] ^ (((uint)Si[(r2 >> 8) & 255]) << 8) ^ (((uint)Si[(r1 >> 16) & 255]) << 16) ^ (((uint)Si[r0 >> 24]) << 24) ^ kw[3]; + + Pack.UInt32_To_LE(C0, output, outOff + 0); + Pack.UInt32_To_LE(C1, output, outOff + 4); + Pack.UInt32_To_LE(C2, output, outOff + 8); + Pack.UInt32_To_LE(C3, output, outOff + 12); + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/engines/AesLightEngine.cs b/BouncyCastle/crypto/src/crypto/engines/AesLightEngine.cs new file mode 100644 index 0000000..8d5a98a --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/engines/AesLightEngine.cs @@ -0,0 +1,495 @@ +using System; +using System.Diagnostics; + +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Crypto.Utilities; +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Crypto.Engines +{ + /** + * an implementation of the AES (Rijndael), from FIPS-197. + *

+ * For further details see: http://csrc.nist.gov/encryption/aes/. + * + * This implementation is based on optimizations from Dr. Brian Gladman's paper and C code at + * http://fp.gladman.plus.com/cryptography_technology/rijndael/ + * + * There are three levels of tradeoff of speed vs memory + * Because java has no preprocessor, they are written as three separate classes from which to choose + * + * The fastest uses 8Kbytes of static tables to precompute round calculations, 4 256 word tables for encryption + * and 4 for decryption. + * + * The middle performance version uses only one 256 word table for each, for a total of 2Kbytes, + * adding 12 rotate operations per round to compute the values contained in the other tables from + * the contents of the first + * + * The slowest version uses no static tables at all and computes the values + * in each round. + *

+ *

+ * This file contains the slowest performance version with no static tables + * for round precomputation, but it has the smallest foot print. + *

+ */ + public class AesLightEngine + : IBlockCipher + { + // The S box + private static readonly byte[] S = + { + 99, 124, 119, 123, 242, 107, 111, 197, + 48, 1, 103, 43, 254, 215, 171, 118, + 202, 130, 201, 125, 250, 89, 71, 240, + 173, 212, 162, 175, 156, 164, 114, 192, + 183, 253, 147, 38, 54, 63, 247, 204, + 52, 165, 229, 241, 113, 216, 49, 21, + 4, 199, 35, 195, 24, 150, 5, 154, + 7, 18, 128, 226, 235, 39, 178, 117, + 9, 131, 44, 26, 27, 110, 90, 160, + 82, 59, 214, 179, 41, 227, 47, 132, + 83, 209, 0, 237, 32, 252, 177, 91, + 106, 203, 190, 57, 74, 76, 88, 207, + 208, 239, 170, 251, 67, 77, 51, 133, + 69, 249, 2, 127, 80, 60, 159, 168, + 81, 163, 64, 143, 146, 157, 56, 245, + 188, 182, 218, 33, 16, 255, 243, 210, + 205, 12, 19, 236, 95, 151, 68, 23, + 196, 167, 126, 61, 100, 93, 25, 115, + 96, 129, 79, 220, 34, 42, 144, 136, + 70, 238, 184, 20, 222, 94, 11, 219, + 224, 50, 58, 10, 73, 6, 36, 92, + 194, 211, 172, 98, 145, 149, 228, 121, + 231, 200, 55, 109, 141, 213, 78, 169, + 108, 86, 244, 234, 101, 122, 174, 8, + 186, 120, 37, 46, 28, 166, 180, 198, + 232, 221, 116, 31, 75, 189, 139, 138, + 112, 62, 181, 102, 72, 3, 246, 14, + 97, 53, 87, 185, 134, 193, 29, 158, + 225, 248, 152, 17, 105, 217, 142, 148, + 155, 30, 135, 233, 206, 85, 40, 223, + 140, 161, 137, 13, 191, 230, 66, 104, + 65, 153, 45, 15, 176, 84, 187, 22, + }; + + // The inverse S-box + private static readonly byte[] Si = + { + 82, 9, 106, 213, 48, 54, 165, 56, + 191, 64, 163, 158, 129, 243, 215, 251, + 124, 227, 57, 130, 155, 47, 255, 135, + 52, 142, 67, 68, 196, 222, 233, 203, + 84, 123, 148, 50, 166, 194, 35, 61, + 238, 76, 149, 11, 66, 250, 195, 78, + 8, 46, 161, 102, 40, 217, 36, 178, + 118, 91, 162, 73, 109, 139, 209, 37, + 114, 248, 246, 100, 134, 104, 152, 22, + 212, 164, 92, 204, 93, 101, 182, 146, + 108, 112, 72, 80, 253, 237, 185, 218, + 94, 21, 70, 87, 167, 141, 157, 132, + 144, 216, 171, 0, 140, 188, 211, 10, + 247, 228, 88, 5, 184, 179, 69, 6, + 208, 44, 30, 143, 202, 63, 15, 2, + 193, 175, 189, 3, 1, 19, 138, 107, + 58, 145, 17, 65, 79, 103, 220, 234, + 151, 242, 207, 206, 240, 180, 230, 115, + 150, 172, 116, 34, 231, 173, 53, 133, + 226, 249, 55, 232, 28, 117, 223, 110, + 71, 241, 26, 113, 29, 41, 197, 137, + 111, 183, 98, 14, 170, 24, 190, 27, + 252, 86, 62, 75, 198, 210, 121, 32, + 154, 219, 192, 254, 120, 205, 90, 244, + 31, 221, 168, 51, 136, 7, 199, 49, + 177, 18, 16, 89, 39, 128, 236, 95, + 96, 81, 127, 169, 25, 181, 74, 13, + 45, 229, 122, 159, 147, 201, 156, 239, + 160, 224, 59, 77, 174, 42, 245, 176, + 200, 235, 187, 60, 131, 83, 153, 97, + 23, 43, 4, 126, 186, 119, 214, 38, + 225, 105, 20, 99, 85, 33, 12, 125, + }; + + // vector used in calculating key schedule (powers of x in GF(256)) + private static readonly byte[] rcon = + { + 0x01, 0x02, 0x04, 0x08, 0x10, 0x20, 0x40, 0x80, 0x1b, 0x36, 0x6c, 0xd8, 0xab, 0x4d, 0x9a, + 0x2f, 0x5e, 0xbc, 0x63, 0xc6, 0x97, 0x35, 0x6a, 0xd4, 0xb3, 0x7d, 0xfa, 0xef, 0xc5, 0x91 + }; + + private static uint Shift(uint r, int shift) + { + return (r >> shift) | (r << (32 - shift)); + } + + /* multiply four bytes in GF(2^8) by 'x' {02} in parallel */ + + private const uint m1 = 0x80808080; + private const uint m2 = 0x7f7f7f7f; + private const uint m3 = 0x0000001b; + private const uint m4 = 0xC0C0C0C0; + private const uint m5 = 0x3f3f3f3f; + + private static uint FFmulX(uint x) + { + return ((x & m2) << 1) ^ (((x & m1) >> 7) * m3); + } + + private static uint FFmulX2(uint x) + { + uint t0 = (x & m5) << 2; + uint t1 = (x & m4); + t1 ^= (t1 >> 1); + return t0 ^ (t1 >> 2) ^ (t1 >> 5); + } + + /* + The following defines provide alternative definitions of FFmulX that might + give improved performance if a fast 32-bit multiply is not available. + + private int FFmulX(int x) { int u = x & m1; u |= (u >> 1); return ((x & m2) << 1) ^ ((u >>> 3) | (u >>> 6)); } + private static final int m4 = 0x1b1b1b1b; + private int FFmulX(int x) { int u = x & m1; return ((x & m2) << 1) ^ ((u - (u >>> 7)) & m4); } + + */ + + private static uint Mcol(uint x) + { + uint t0, t1; + t0 = Shift(x, 8); + t1 = x ^ t0; + return Shift(t1, 16) ^ t0 ^ FFmulX(t1); + } + + private static uint Inv_Mcol(uint x) + { + uint t0, t1; + t0 = x; + t1 = t0 ^ Shift(t0, 8); + t0 ^= FFmulX(t1); + t1 ^= FFmulX2(t0); + t0 ^= t1 ^ Shift(t1, 16); + return t0; + } + + private static uint SubWord(uint x) + { + return (uint)S[x&255] + | (((uint)S[(x>>8)&255]) << 8) + | (((uint)S[(x>>16)&255]) << 16) + | (((uint)S[(x>>24)&255]) << 24); + } + + /** + * Calculate the necessary round keys + * The number of calculations depends on key size and block size + * AES specified a fixed block size of 128 bits and key sizes 128/192/256 bits + * This code is written assuming those are the only possible values + */ + private uint[][] GenerateWorkingKey(byte[] key, bool forEncryption) + { + int keyLen = key.Length; + if (keyLen < 16 || keyLen > 32 || (keyLen & 7) != 0) + throw new ArgumentException("Key length not 128/192/256 bits."); + + int KC = keyLen >> 2; + this.ROUNDS = KC + 6; // This is not always true for the generalized Rijndael that allows larger block sizes + + uint[][] W = new uint[ROUNDS + 1][]; // 4 words in a block + for (int i = 0; i <= ROUNDS; ++i) + { + W[i] = new uint[4]; + } + + switch (KC) + { + case 4: + { + uint t0 = Pack.LE_To_UInt32(key, 0); W[0][0] = t0; + uint t1 = Pack.LE_To_UInt32(key, 4); W[0][1] = t1; + uint t2 = Pack.LE_To_UInt32(key, 8); W[0][2] = t2; + uint t3 = Pack.LE_To_UInt32(key, 12); W[0][3] = t3; + + for (int i = 1; i <= 10; ++i) + { + uint u = SubWord(Shift(t3, 8)) ^ rcon[i - 1]; + t0 ^= u; W[i][0] = t0; + t1 ^= t0; W[i][1] = t1; + t2 ^= t1; W[i][2] = t2; + t3 ^= t2; W[i][3] = t3; + } + + break; + } + case 6: + { + uint t0 = Pack.LE_To_UInt32(key, 0); W[0][0] = t0; + uint t1 = Pack.LE_To_UInt32(key, 4); W[0][1] = t1; + uint t2 = Pack.LE_To_UInt32(key, 8); W[0][2] = t2; + uint t3 = Pack.LE_To_UInt32(key, 12); W[0][3] = t3; + uint t4 = Pack.LE_To_UInt32(key, 16); W[1][0] = t4; + uint t5 = Pack.LE_To_UInt32(key, 20); W[1][1] = t5; + + uint rcon = 1; + uint u = SubWord(Shift(t5, 8)) ^ rcon; rcon <<= 1; + t0 ^= u; W[1][2] = t0; + t1 ^= t0; W[1][3] = t1; + t2 ^= t1; W[2][0] = t2; + t3 ^= t2; W[2][1] = t3; + t4 ^= t3; W[2][2] = t4; + t5 ^= t4; W[2][3] = t5; + + for (int i = 3; i < 12; i += 3) + { + u = SubWord(Shift(t5, 8)) ^ rcon; rcon <<= 1; + t0 ^= u; W[i ][0] = t0; + t1 ^= t0; W[i ][1] = t1; + t2 ^= t1; W[i ][2] = t2; + t3 ^= t2; W[i ][3] = t3; + t4 ^= t3; W[i + 1][0] = t4; + t5 ^= t4; W[i + 1][1] = t5; + u = SubWord(Shift(t5, 8)) ^ rcon; rcon <<= 1; + t0 ^= u; W[i + 1][2] = t0; + t1 ^= t0; W[i + 1][3] = t1; + t2 ^= t1; W[i + 2][0] = t2; + t3 ^= t2; W[i + 2][1] = t3; + t4 ^= t3; W[i + 2][2] = t4; + t5 ^= t4; W[i + 2][3] = t5; + } + + u = SubWord(Shift(t5, 8)) ^ rcon; + t0 ^= u; W[12][0] = t0; + t1 ^= t0; W[12][1] = t1; + t2 ^= t1; W[12][2] = t2; + t3 ^= t2; W[12][3] = t3; + + break; + } + case 8: + { + uint t0 = Pack.LE_To_UInt32(key, 0); W[0][0] = t0; + uint t1 = Pack.LE_To_UInt32(key, 4); W[0][1] = t1; + uint t2 = Pack.LE_To_UInt32(key, 8); W[0][2] = t2; + uint t3 = Pack.LE_To_UInt32(key, 12); W[0][3] = t3; + uint t4 = Pack.LE_To_UInt32(key, 16); W[1][0] = t4; + uint t5 = Pack.LE_To_UInt32(key, 20); W[1][1] = t5; + uint t6 = Pack.LE_To_UInt32(key, 24); W[1][2] = t6; + uint t7 = Pack.LE_To_UInt32(key, 28); W[1][3] = t7; + + uint u, rcon = 1; + + for (int i = 2; i < 14; i += 2) + { + u = SubWord(Shift(t7, 8)) ^ rcon; rcon <<= 1; + t0 ^= u; W[i ][0] = t0; + t1 ^= t0; W[i ][1] = t1; + t2 ^= t1; W[i ][2] = t2; + t3 ^= t2; W[i ][3] = t3; + u = SubWord(t3); + t4 ^= u; W[i + 1][0] = t4; + t5 ^= t4; W[i + 1][1] = t5; + t6 ^= t5; W[i + 1][2] = t6; + t7 ^= t6; W[i + 1][3] = t7; + } + + u = SubWord(Shift(t7, 8)) ^ rcon; + t0 ^= u; W[14][0] = t0; + t1 ^= t0; W[14][1] = t1; + t2 ^= t1; W[14][2] = t2; + t3 ^= t2; W[14][3] = t3; + + break; + } + default: + { + throw new InvalidOperationException("Should never get here"); + } + } + + if (!forEncryption) + { + for (int j = 1; j < ROUNDS; j++) + { + uint[] w = W[j]; + for (int i = 0; i < 4; i++) + { + w[i] = Inv_Mcol(w[i]); + } + } + } + + return W; + } + + private int ROUNDS; + private uint[][] WorkingKey; + private bool forEncryption; + + private const int BLOCK_SIZE = 16; + + /** + * default constructor - 128 bit block size. + */ + public AesLightEngine() + { + } + + /** + * initialise an AES cipher. + * + * @param forEncryption whether or not we are for encryption. + * @param parameters the parameters required to set up the cipher. + * @exception ArgumentException if the parameters argument is + * inappropriate. + */ + public virtual void Init( + bool forEncryption, + ICipherParameters parameters) + { + KeyParameter keyParameter = parameters as KeyParameter; + + if (keyParameter == null) + throw new ArgumentException("invalid parameter passed to AES init - " + + Platform.GetTypeName(parameters)); + + WorkingKey = GenerateWorkingKey(keyParameter.GetKey(), forEncryption); + + this.forEncryption = forEncryption; + } + + public virtual string AlgorithmName + { + get { return "AES"; } + } + + public virtual bool IsPartialBlockOkay + { + get { return false; } + } + + public virtual int GetBlockSize() + { + return BLOCK_SIZE; + } + + public virtual int ProcessBlock(byte[] input, int inOff, byte[] output, int outOff) + { + if (WorkingKey == null) + throw new InvalidOperationException("AES engine not initialised"); + + Check.DataLength(input, inOff, 16, "input buffer too short"); + Check.OutputLength(output, outOff, 16, "output buffer too short"); + + if (forEncryption) + { + EncryptBlock(input, inOff, output, outOff, WorkingKey); + } + else + { + DecryptBlock(input, inOff, output, outOff, WorkingKey); + } + + return BLOCK_SIZE; + } + + public virtual void Reset() + { + } + + private void EncryptBlock(byte[] input, int inOff, byte[] output, int outOff, uint[][] KW) + { + uint C0 = Pack.LE_To_UInt32(input, inOff + 0); + uint C1 = Pack.LE_To_UInt32(input, inOff + 4); + uint C2 = Pack.LE_To_UInt32(input, inOff + 8); + uint C3 = Pack.LE_To_UInt32(input, inOff + 12); + + uint[] kw = KW[0]; + uint t0 = C0 ^ kw[0]; + uint t1 = C1 ^ kw[1]; + uint t2 = C2 ^ kw[2]; + + uint r0, r1, r2, r3 = C3 ^ kw[3]; + int r = 1; + while (r < ROUNDS - 1) + { + kw = KW[r++]; + r0 = Mcol((uint)S[t0 & 255] ^ (((uint)S[(t1 >> 8) & 255]) << 8) ^ (((uint)S[(t2 >> 16) & 255]) << 16) ^ (((uint)S[(r3 >> 24) & 255]) << 24)) ^ kw[0]; + r1 = Mcol((uint)S[t1 & 255] ^ (((uint)S[(t2 >> 8) & 255]) << 8) ^ (((uint)S[(r3 >> 16) & 255]) << 16) ^ (((uint)S[(t0 >> 24) & 255]) << 24)) ^ kw[1]; + r2 = Mcol((uint)S[t2 & 255] ^ (((uint)S[(r3 >> 8) & 255]) << 8) ^ (((uint)S[(t0 >> 16) & 255]) << 16) ^ (((uint)S[(t1 >> 24) & 255]) << 24)) ^ kw[2]; + r3 = Mcol((uint)S[r3 & 255] ^ (((uint)S[(t0 >> 8) & 255]) << 8) ^ (((uint)S[(t1 >> 16) & 255]) << 16) ^ (((uint)S[(t2 >> 24) & 255]) << 24)) ^ kw[3]; + kw = KW[r++]; + t0 = Mcol((uint)S[r0 & 255] ^ (((uint)S[(r1 >> 8) & 255]) << 8) ^ (((uint)S[(r2 >> 16) & 255]) << 16) ^ (((uint)S[(r3 >> 24) & 255]) << 24)) ^ kw[0]; + t1 = Mcol((uint)S[r1 & 255] ^ (((uint)S[(r2 >> 8) & 255]) << 8) ^ (((uint)S[(r3 >> 16) & 255]) << 16) ^ (((uint)S[(r0 >> 24) & 255]) << 24)) ^ kw[1]; + t2 = Mcol((uint)S[r2 & 255] ^ (((uint)S[(r3 >> 8) & 255]) << 8) ^ (((uint)S[(r0 >> 16) & 255]) << 16) ^ (((uint)S[(r1 >> 24) & 255]) << 24)) ^ kw[2]; + r3 = Mcol((uint)S[r3 & 255] ^ (((uint)S[(r0 >> 8) & 255]) << 8) ^ (((uint)S[(r1 >> 16) & 255]) << 16) ^ (((uint)S[(r2 >> 24) & 255]) << 24)) ^ kw[3]; + } + + kw = KW[r++]; + r0 = Mcol((uint)S[t0 & 255] ^ (((uint)S[(t1 >> 8) & 255]) << 8) ^ (((uint)S[(t2 >> 16) & 255]) << 16) ^ (((uint)S[(r3 >> 24) & 255]) << 24)) ^ kw[0]; + r1 = Mcol((uint)S[t1 & 255] ^ (((uint)S[(t2 >> 8) & 255]) << 8) ^ (((uint)S[(r3 >> 16) & 255]) << 16) ^ (((uint)S[(t0 >> 24) & 255]) << 24)) ^ kw[1]; + r2 = Mcol((uint)S[t2 & 255] ^ (((uint)S[(r3 >> 8) & 255]) << 8) ^ (((uint)S[(t0 >> 16) & 255]) << 16) ^ (((uint)S[(t1 >> 24) & 255]) << 24)) ^ kw[2]; + r3 = Mcol((uint)S[r3 & 255] ^ (((uint)S[(t0 >> 8) & 255]) << 8) ^ (((uint)S[(t1 >> 16) & 255]) << 16) ^ (((uint)S[(t2 >> 24) & 255]) << 24)) ^ kw[3]; + + // the final round is a simple function of S + + kw = KW[r]; + C0 = (uint)S[r0 & 255] ^ (((uint)S[(r1 >> 8) & 255]) << 8) ^ (((uint)S[(r2 >> 16) & 255]) << 16) ^ (((uint)S[(r3 >> 24) & 255]) << 24) ^ kw[0]; + C1 = (uint)S[r1 & 255] ^ (((uint)S[(r2 >> 8) & 255]) << 8) ^ (((uint)S[(r3 >> 16) & 255]) << 16) ^ (((uint)S[(r0 >> 24) & 255]) << 24) ^ kw[1]; + C2 = (uint)S[r2 & 255] ^ (((uint)S[(r3 >> 8) & 255]) << 8) ^ (((uint)S[(r0 >> 16) & 255]) << 16) ^ (((uint)S[(r1 >> 24) & 255]) << 24) ^ kw[2]; + C3 = (uint)S[r3 & 255] ^ (((uint)S[(r0 >> 8) & 255]) << 8) ^ (((uint)S[(r1 >> 16) & 255]) << 16) ^ (((uint)S[(r2 >> 24) & 255]) << 24) ^ kw[3]; + + Pack.UInt32_To_LE(C0, output, outOff + 0); + Pack.UInt32_To_LE(C1, output, outOff + 4); + Pack.UInt32_To_LE(C2, output, outOff + 8); + Pack.UInt32_To_LE(C3, output, outOff + 12); + } + + private void DecryptBlock(byte[] input, int inOff, byte[] output, int outOff, uint[][] KW) + { + uint C0 = Pack.LE_To_UInt32(input, inOff + 0); + uint C1 = Pack.LE_To_UInt32(input, inOff + 4); + uint C2 = Pack.LE_To_UInt32(input, inOff + 8); + uint C3 = Pack.LE_To_UInt32(input, inOff + 12); + + uint[] kw = KW[ROUNDS]; + uint t0 = C0 ^ kw[0]; + uint t1 = C1 ^ kw[1]; + uint t2 = C2 ^ kw[2]; + + uint r0, r1, r2, r3 = C3 ^ kw[3]; + int r = ROUNDS - 1; + while (r > 1) + { + kw = KW[r--]; + r0 = Inv_Mcol((uint)Si[t0 & 255] ^ (((uint)Si[(r3 >> 8) & 255]) << 8) ^ (((uint)Si[(t2 >> 16) & 255]) << 16) ^ ((uint)Si[(t1 >> 24) & 255] << 24)) ^ kw[0]; + r1 = Inv_Mcol((uint)Si[t1 & 255] ^ (((uint)Si[(t0 >> 8) & 255]) << 8) ^ (((uint)Si[(r3 >> 16) & 255]) << 16) ^ ((uint)Si[(t2 >> 24) & 255] << 24)) ^ kw[1]; + r2 = Inv_Mcol((uint)Si[t2 & 255] ^ (((uint)Si[(t1 >> 8) & 255]) << 8) ^ (((uint)Si[(t0 >> 16) & 255]) << 16) ^ ((uint)Si[(r3 >> 24) & 255] << 24)) ^ kw[2]; + r3 = Inv_Mcol((uint)Si[r3 & 255] ^ (((uint)Si[(t2 >> 8) & 255]) << 8) ^ (((uint)Si[(t1 >> 16) & 255]) << 16) ^ ((uint)Si[(t0 >> 24) & 255] << 24)) ^ kw[3]; + kw = KW[r--]; + t0 = Inv_Mcol((uint)Si[r0 & 255] ^ (((uint)Si[(r3 >> 8) & 255]) << 8) ^ (((uint)Si[(r2 >> 16) & 255]) << 16) ^ ((uint)Si[(r1 >> 24) & 255] << 24)) ^ kw[0]; + t1 = Inv_Mcol((uint)Si[r1 & 255] ^ (((uint)Si[(r0 >> 8) & 255]) << 8) ^ (((uint)Si[(r3 >> 16) & 255]) << 16) ^ ((uint)Si[(r2 >> 24) & 255] << 24)) ^ kw[1]; + t2 = Inv_Mcol((uint)Si[r2 & 255] ^ (((uint)Si[(r1 >> 8) & 255]) << 8) ^ (((uint)Si[(r0 >> 16) & 255]) << 16) ^ ((uint)Si[(r3 >> 24) & 255] << 24)) ^ kw[2]; + r3 = Inv_Mcol((uint)Si[r3 & 255] ^ (((uint)Si[(r2 >> 8) & 255]) << 8) ^ (((uint)Si[(r1 >> 16) & 255]) << 16) ^ ((uint)Si[(r0 >> 24) & 255] << 24)) ^ kw[3]; + } + + kw = KW[1]; + r0 = Inv_Mcol((uint)Si[t0 & 255] ^ (((uint)Si[(r3 >> 8) & 255]) << 8) ^ (((uint)Si[(t2 >> 16) & 255]) << 16) ^ ((uint)Si[(t1 >> 24) & 255] << 24)) ^ kw[0]; + r1 = Inv_Mcol((uint)Si[t1 & 255] ^ (((uint)Si[(t0 >> 8) & 255]) << 8) ^ (((uint)Si[(r3 >> 16) & 255]) << 16) ^ ((uint)Si[(t2 >> 24) & 255] << 24)) ^ kw[1]; + r2 = Inv_Mcol((uint)Si[t2 & 255] ^ (((uint)Si[(t1 >> 8) & 255]) << 8) ^ (((uint)Si[(t0 >> 16) & 255]) << 16) ^ ((uint)Si[(r3 >> 24) & 255] << 24)) ^ kw[2]; + r3 = Inv_Mcol((uint)Si[r3 & 255] ^ (((uint)Si[(t2 >> 8) & 255]) << 8) ^ (((uint)Si[(t1 >> 16) & 255]) << 16) ^ ((uint)Si[(t0 >> 24) & 255] << 24)) ^ kw[3]; + + // the final round's table is a simple function of Si + + kw = KW[0]; + C0 = (uint)Si[r0 & 255] ^ (((uint)Si[(r3 >> 8) & 255]) << 8) ^ (((uint)Si[(r2 >> 16) & 255]) << 16) ^ (((uint)Si[(r1 >> 24) & 255]) << 24) ^ kw[0]; + C1 = (uint)Si[r1 & 255] ^ (((uint)Si[(r0 >> 8) & 255]) << 8) ^ (((uint)Si[(r3 >> 16) & 255]) << 16) ^ (((uint)Si[(r2 >> 24) & 255]) << 24) ^ kw[1]; + C2 = (uint)Si[r2 & 255] ^ (((uint)Si[(r1 >> 8) & 255]) << 8) ^ (((uint)Si[(r0 >> 16) & 255]) << 16) ^ (((uint)Si[(r3 >> 24) & 255]) << 24) ^ kw[2]; + C3 = (uint)Si[r3 & 255] ^ (((uint)Si[(r2 >> 8) & 255]) << 8) ^ (((uint)Si[(r1 >> 16) & 255]) << 16) ^ (((uint)Si[(r0 >> 24) & 255]) << 24) ^ kw[3]; + + Pack.UInt32_To_LE(C0, output, outOff + 0); + Pack.UInt32_To_LE(C1, output, outOff + 4); + Pack.UInt32_To_LE(C2, output, outOff + 8); + Pack.UInt32_To_LE(C3, output, outOff + 12); + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/engines/AesWrapEngine.cs b/BouncyCastle/crypto/src/crypto/engines/AesWrapEngine.cs new file mode 100644 index 0000000..1ce0154 --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/engines/AesWrapEngine.cs @@ -0,0 +1,16 @@ +namespace Org.BouncyCastle.Crypto.Engines +{ + /// + /// An implementation of the AES Key Wrapper from the NIST Key Wrap Specification. + ///

+ /// For further details see: http://csrc.nist.gov/encryption/kms/key-wrap.pdf. + /// + public class AesWrapEngine + : Rfc3394WrapEngine + { + public AesWrapEngine() + : base(new AesEngine()) + { + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/engines/AriaEngine.cs b/BouncyCastle/crypto/src/crypto/engines/AriaEngine.cs new file mode 100644 index 0000000..2f94dc0 --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/engines/AriaEngine.cs @@ -0,0 +1,421 @@ +using System; + +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Utilities; +using Org.BouncyCastle.Utilities.Encoders; + +namespace Org.BouncyCastle.Crypto.Engines +{ + /** + * RFC 5794. + * + * ARIA is a 128-bit block cipher with 128-, 192-, and 256-bit keys. + */ + public class AriaEngine + : IBlockCipher + { + private static readonly byte[][] C = { Hex.DecodeStrict("517cc1b727220a94fe13abe8fa9a6ee0"), + Hex.DecodeStrict("6db14acc9e21c820ff28b1d5ef5de2b0"), Hex.DecodeStrict("db92371d2126e9700324977504e8c90e") }; + + private static readonly byte[] SB1_sbox = { (byte)0x63, (byte)0x7c, (byte)0x77, (byte)0x7b, (byte)0xf2, (byte)0x6b, + (byte)0x6f, (byte)0xc5, (byte)0x30, (byte)0x01, (byte)0x67, (byte)0x2b, (byte)0xfe, (byte)0xd7, (byte)0xab, + (byte)0x76, (byte)0xca, (byte)0x82, (byte)0xc9, (byte)0x7d, (byte)0xfa, (byte)0x59, (byte)0x47, (byte)0xf0, + (byte)0xad, (byte)0xd4, (byte)0xa2, (byte)0xaf, (byte)0x9c, (byte)0xa4, (byte)0x72, (byte)0xc0, (byte)0xb7, + (byte)0xfd, (byte)0x93, (byte)0x26, (byte)0x36, (byte)0x3f, (byte)0xf7, (byte)0xcc, (byte)0x34, (byte)0xa5, + (byte)0xe5, (byte)0xf1, (byte)0x71, (byte)0xd8, (byte)0x31, (byte)0x15, (byte)0x04, (byte)0xc7, (byte)0x23, + (byte)0xc3, (byte)0x18, (byte)0x96, (byte)0x05, (byte)0x9a, (byte)0x07, (byte)0x12, (byte)0x80, (byte)0xe2, + (byte)0xeb, (byte)0x27, (byte)0xb2, (byte)0x75, (byte)0x09, (byte)0x83, (byte)0x2c, (byte)0x1a, (byte)0x1b, + (byte)0x6e, (byte)0x5a, (byte)0xa0, (byte)0x52, (byte)0x3b, (byte)0xd6, (byte)0xb3, (byte)0x29, (byte)0xe3, + (byte)0x2f, (byte)0x84, (byte)0x53, (byte)0xd1, (byte)0x00, (byte)0xed, (byte)0x20, (byte)0xfc, (byte)0xb1, + (byte)0x5b, (byte)0x6a, (byte)0xcb, (byte)0xbe, (byte)0x39, (byte)0x4a, (byte)0x4c, (byte)0x58, (byte)0xcf, + (byte)0xd0, (byte)0xef, (byte)0xaa, (byte)0xfb, (byte)0x43, (byte)0x4d, (byte)0x33, (byte)0x85, (byte)0x45, + (byte)0xf9, (byte)0x02, (byte)0x7f, (byte)0x50, (byte)0x3c, (byte)0x9f, (byte)0xa8, (byte)0x51, (byte)0xa3, + (byte)0x40, (byte)0x8f, (byte)0x92, (byte)0x9d, (byte)0x38, (byte)0xf5, (byte)0xbc, (byte)0xb6, (byte)0xda, + (byte)0x21, (byte)0x10, (byte)0xff, (byte)0xf3, (byte)0xd2, (byte)0xcd, (byte)0x0c, (byte)0x13, (byte)0xec, + (byte)0x5f, (byte)0x97, (byte)0x44, (byte)0x17, (byte)0xc4, (byte)0xa7, (byte)0x7e, (byte)0x3d, (byte)0x64, + (byte)0x5d, (byte)0x19, (byte)0x73, (byte)0x60, (byte)0x81, (byte)0x4f, (byte)0xdc, (byte)0x22, (byte)0x2a, + (byte)0x90, (byte)0x88, (byte)0x46, (byte)0xee, (byte)0xb8, (byte)0x14, (byte)0xde, (byte)0x5e, (byte)0x0b, + (byte)0xdb, (byte)0xe0, (byte)0x32, (byte)0x3a, (byte)0x0a, (byte)0x49, (byte)0x06, (byte)0x24, (byte)0x5c, + (byte)0xc2, (byte)0xd3, (byte)0xac, (byte)0x62, (byte)0x91, (byte)0x95, (byte)0xe4, (byte)0x79, (byte)0xe7, + (byte)0xc8, (byte)0x37, (byte)0x6d, (byte)0x8d, (byte)0xd5, (byte)0x4e, (byte)0xa9, (byte)0x6c, (byte)0x56, + (byte)0xf4, (byte)0xea, (byte)0x65, (byte)0x7a, (byte)0xae, (byte)0x08, (byte)0xba, (byte)0x78, (byte)0x25, + (byte)0x2e, (byte)0x1c, (byte)0xa6, (byte)0xb4, (byte)0xc6, (byte)0xe8, (byte)0xdd, (byte)0x74, (byte)0x1f, + (byte)0x4b, (byte)0xbd, (byte)0x8b, (byte)0x8a, (byte)0x70, (byte)0x3e, (byte)0xb5, (byte)0x66, (byte)0x48, + (byte)0x03, (byte)0xf6, (byte)0x0e, (byte)0x61, (byte)0x35, (byte)0x57, (byte)0xb9, (byte)0x86, (byte)0xc1, + (byte)0x1d, (byte)0x9e, (byte)0xe1, (byte)0xf8, (byte)0x98, (byte)0x11, (byte)0x69, (byte)0xd9, (byte)0x8e, + (byte)0x94, (byte)0x9b, (byte)0x1e, (byte)0x87, (byte)0xe9, (byte)0xce, (byte)0x55, (byte)0x28, (byte)0xdf, + (byte)0x8c, (byte)0xa1, (byte)0x89, (byte)0x0d, (byte)0xbf, (byte)0xe6, (byte)0x42, (byte)0x68, (byte)0x41, + (byte)0x99, (byte)0x2d, (byte)0x0f, (byte)0xb0, (byte)0x54, (byte)0xbb, (byte)0x16 }; + + private static readonly byte[] SB2_sbox = { (byte)0xe2, (byte)0x4e, (byte)0x54, (byte)0xfc, (byte)0x94, (byte)0xc2, + (byte)0x4a, (byte)0xcc, (byte)0x62, (byte)0x0d, (byte)0x6a, (byte)0x46, (byte)0x3c, (byte)0x4d, (byte)0x8b, + (byte)0xd1, (byte)0x5e, (byte)0xfa, (byte)0x64, (byte)0xcb, (byte)0xb4, (byte)0x97, (byte)0xbe, (byte)0x2b, + (byte)0xbc, (byte)0x77, (byte)0x2e, (byte)0x03, (byte)0xd3, (byte)0x19, (byte)0x59, (byte)0xc1, (byte)0x1d, + (byte)0x06, (byte)0x41, (byte)0x6b, (byte)0x55, (byte)0xf0, (byte)0x99, (byte)0x69, (byte)0xea, (byte)0x9c, + (byte)0x18, (byte)0xae, (byte)0x63, (byte)0xdf, (byte)0xe7, (byte)0xbb, (byte)0x00, (byte)0x73, (byte)0x66, + (byte)0xfb, (byte)0x96, (byte)0x4c, (byte)0x85, (byte)0xe4, (byte)0x3a, (byte)0x09, (byte)0x45, (byte)0xaa, + (byte)0x0f, (byte)0xee, (byte)0x10, (byte)0xeb, (byte)0x2d, (byte)0x7f, (byte)0xf4, (byte)0x29, (byte)0xac, + (byte)0xcf, (byte)0xad, (byte)0x91, (byte)0x8d, (byte)0x78, (byte)0xc8, (byte)0x95, (byte)0xf9, (byte)0x2f, + (byte)0xce, (byte)0xcd, (byte)0x08, (byte)0x7a, (byte)0x88, (byte)0x38, (byte)0x5c, (byte)0x83, (byte)0x2a, + (byte)0x28, (byte)0x47, (byte)0xdb, (byte)0xb8, (byte)0xc7, (byte)0x93, (byte)0xa4, (byte)0x12, (byte)0x53, + (byte)0xff, (byte)0x87, (byte)0x0e, (byte)0x31, (byte)0x36, (byte)0x21, (byte)0x58, (byte)0x48, (byte)0x01, + (byte)0x8e, (byte)0x37, (byte)0x74, (byte)0x32, (byte)0xca, (byte)0xe9, (byte)0xb1, (byte)0xb7, (byte)0xab, + (byte)0x0c, (byte)0xd7, (byte)0xc4, (byte)0x56, (byte)0x42, (byte)0x26, (byte)0x07, (byte)0x98, (byte)0x60, + (byte)0xd9, (byte)0xb6, (byte)0xb9, (byte)0x11, (byte)0x40, (byte)0xec, (byte)0x20, (byte)0x8c, (byte)0xbd, + (byte)0xa0, (byte)0xc9, (byte)0x84, (byte)0x04, (byte)0x49, (byte)0x23, (byte)0xf1, (byte)0x4f, (byte)0x50, + (byte)0x1f, (byte)0x13, (byte)0xdc, (byte)0xd8, (byte)0xc0, (byte)0x9e, (byte)0x57, (byte)0xe3, (byte)0xc3, + (byte)0x7b, (byte)0x65, (byte)0x3b, (byte)0x02, (byte)0x8f, (byte)0x3e, (byte)0xe8, (byte)0x25, (byte)0x92, + (byte)0xe5, (byte)0x15, (byte)0xdd, (byte)0xfd, (byte)0x17, (byte)0xa9, (byte)0xbf, (byte)0xd4, (byte)0x9a, + (byte)0x7e, (byte)0xc5, (byte)0x39, (byte)0x67, (byte)0xfe, (byte)0x76, (byte)0x9d, (byte)0x43, (byte)0xa7, + (byte)0xe1, (byte)0xd0, (byte)0xf5, (byte)0x68, (byte)0xf2, (byte)0x1b, (byte)0x34, (byte)0x70, (byte)0x05, + (byte)0xa3, (byte)0x8a, (byte)0xd5, (byte)0x79, (byte)0x86, (byte)0xa8, (byte)0x30, (byte)0xc6, (byte)0x51, + (byte)0x4b, (byte)0x1e, (byte)0xa6, (byte)0x27, (byte)0xf6, (byte)0x35, (byte)0xd2, (byte)0x6e, (byte)0x24, + (byte)0x16, (byte)0x82, (byte)0x5f, (byte)0xda, (byte)0xe6, (byte)0x75, (byte)0xa2, (byte)0xef, (byte)0x2c, + (byte)0xb2, (byte)0x1c, (byte)0x9f, (byte)0x5d, (byte)0x6f, (byte)0x80, (byte)0x0a, (byte)0x72, (byte)0x44, + (byte)0x9b, (byte)0x6c, (byte)0x90, (byte)0x0b, (byte)0x5b, (byte)0x33, (byte)0x7d, (byte)0x5a, (byte)0x52, + (byte)0xf3, (byte)0x61, (byte)0xa1, (byte)0xf7, (byte)0xb0, (byte)0xd6, (byte)0x3f, (byte)0x7c, (byte)0x6d, + (byte)0xed, (byte)0x14, (byte)0xe0, (byte)0xa5, (byte)0x3d, (byte)0x22, (byte)0xb3, (byte)0xf8, (byte)0x89, + (byte)0xde, (byte)0x71, (byte)0x1a, (byte)0xaf, (byte)0xba, (byte)0xb5, (byte)0x81 }; + + private static readonly byte[] SB3_sbox = { (byte)0x52, (byte)0x09, (byte)0x6a, (byte)0xd5, (byte)0x30, (byte)0x36, + (byte)0xa5, (byte)0x38, (byte)0xbf, (byte)0x40, (byte)0xa3, (byte)0x9e, (byte)0x81, (byte)0xf3, (byte)0xd7, + (byte)0xfb, (byte)0x7c, (byte)0xe3, (byte)0x39, (byte)0x82, (byte)0x9b, (byte)0x2f, (byte)0xff, (byte)0x87, + (byte)0x34, (byte)0x8e, (byte)0x43, (byte)0x44, (byte)0xc4, (byte)0xde, (byte)0xe9, (byte)0xcb, (byte)0x54, + (byte)0x7b, (byte)0x94, (byte)0x32, (byte)0xa6, (byte)0xc2, (byte)0x23, (byte)0x3d, (byte)0xee, (byte)0x4c, + (byte)0x95, (byte)0x0b, (byte)0x42, (byte)0xfa, (byte)0xc3, (byte)0x4e, (byte)0x08, (byte)0x2e, (byte)0xa1, + (byte)0x66, (byte)0x28, (byte)0xd9, (byte)0x24, (byte)0xb2, (byte)0x76, (byte)0x5b, (byte)0xa2, (byte)0x49, + (byte)0x6d, (byte)0x8b, (byte)0xd1, (byte)0x25, (byte)0x72, (byte)0xf8, (byte)0xf6, (byte)0x64, (byte)0x86, + (byte)0x68, (byte)0x98, (byte)0x16, (byte)0xd4, (byte)0xa4, (byte)0x5c, (byte)0xcc, (byte)0x5d, (byte)0x65, + (byte)0xb6, (byte)0x92, (byte)0x6c, (byte)0x70, (byte)0x48, (byte)0x50, (byte)0xfd, (byte)0xed, (byte)0xb9, + (byte)0xda, (byte)0x5e, (byte)0x15, (byte)0x46, (byte)0x57, (byte)0xa7, (byte)0x8d, (byte)0x9d, (byte)0x84, + (byte)0x90, (byte)0xd8, (byte)0xab, (byte)0x00, (byte)0x8c, (byte)0xbc, (byte)0xd3, (byte)0x0a, (byte)0xf7, + (byte)0xe4, (byte)0x58, (byte)0x05, (byte)0xb8, (byte)0xb3, (byte)0x45, (byte)0x06, (byte)0xd0, (byte)0x2c, + (byte)0x1e, (byte)0x8f, (byte)0xca, (byte)0x3f, (byte)0x0f, (byte)0x02, (byte)0xc1, (byte)0xaf, (byte)0xbd, + (byte)0x03, (byte)0x01, (byte)0x13, (byte)0x8a, (byte)0x6b, (byte)0x3a, (byte)0x91, (byte)0x11, (byte)0x41, + (byte)0x4f, (byte)0x67, (byte)0xdc, (byte)0xea, (byte)0x97, (byte)0xf2, (byte)0xcf, (byte)0xce, (byte)0xf0, + (byte)0xb4, (byte)0xe6, (byte)0x73, (byte)0x96, (byte)0xac, (byte)0x74, (byte)0x22, (byte)0xe7, (byte)0xad, + (byte)0x35, (byte)0x85, (byte)0xe2, (byte)0xf9, (byte)0x37, (byte)0xe8, (byte)0x1c, (byte)0x75, (byte)0xdf, + (byte)0x6e, (byte)0x47, (byte)0xf1, (byte)0x1a, (byte)0x71, (byte)0x1d, (byte)0x29, (byte)0xc5, (byte)0x89, + (byte)0x6f, (byte)0xb7, (byte)0x62, (byte)0x0e, (byte)0xaa, (byte)0x18, (byte)0xbe, (byte)0x1b, (byte)0xfc, + (byte)0x56, (byte)0x3e, (byte)0x4b, (byte)0xc6, (byte)0xd2, (byte)0x79, (byte)0x20, (byte)0x9a, (byte)0xdb, + (byte)0xc0, (byte)0xfe, (byte)0x78, (byte)0xcd, (byte)0x5a, (byte)0xf4, (byte)0x1f, (byte)0xdd, (byte)0xa8, + (byte)0x33, (byte)0x88, (byte)0x07, (byte)0xc7, (byte)0x31, (byte)0xb1, (byte)0x12, (byte)0x10, (byte)0x59, + (byte)0x27, (byte)0x80, (byte)0xec, (byte)0x5f, (byte)0x60, (byte)0x51, (byte)0x7f, (byte)0xa9, (byte)0x19, + (byte)0xb5, (byte)0x4a, (byte)0x0d, (byte)0x2d, (byte)0xe5, (byte)0x7a, (byte)0x9f, (byte)0x93, (byte)0xc9, + (byte)0x9c, (byte)0xef, (byte)0xa0, (byte)0xe0, (byte)0x3b, (byte)0x4d, (byte)0xae, (byte)0x2a, (byte)0xf5, + (byte)0xb0, (byte)0xc8, (byte)0xeb, (byte)0xbb, (byte)0x3c, (byte)0x83, (byte)0x53, (byte)0x99, (byte)0x61, + (byte)0x17, (byte)0x2b, (byte)0x04, (byte)0x7e, (byte)0xba, (byte)0x77, (byte)0xd6, (byte)0x26, (byte)0xe1, + (byte)0x69, (byte)0x14, (byte)0x63, (byte)0x55, (byte)0x21, (byte)0x0c, (byte)0x7d }; + + private static readonly byte[] SB4_sbox = { (byte)0x30, (byte)0x68, (byte)0x99, (byte)0x1b, (byte)0x87, (byte)0xb9, + (byte)0x21, (byte)0x78, (byte)0x50, (byte)0x39, (byte)0xdb, (byte)0xe1, (byte)0x72, (byte)0x9, (byte)0x62, + (byte)0x3c, (byte)0x3e, (byte)0x7e, (byte)0x5e, (byte)0x8e, (byte)0xf1, (byte)0xa0, (byte)0xcc, (byte)0xa3, + (byte)0x2a, (byte)0x1d, (byte)0xfb, (byte)0xb6, (byte)0xd6, (byte)0x20, (byte)0xc4, (byte)0x8d, (byte)0x81, + (byte)0x65, (byte)0xf5, (byte)0x89, (byte)0xcb, (byte)0x9d, (byte)0x77, (byte)0xc6, (byte)0x57, (byte)0x43, + (byte)0x56, (byte)0x17, (byte)0xd4, (byte)0x40, (byte)0x1a, (byte)0x4d, (byte)0xc0, (byte)0x63, (byte)0x6c, + (byte)0xe3, (byte)0xb7, (byte)0xc8, (byte)0x64, (byte)0x6a, (byte)0x53, (byte)0xaa, (byte)0x38, (byte)0x98, + (byte)0x0c, (byte)0xf4, (byte)0x9b, (byte)0xed, (byte)0x7f, (byte)0x22, (byte)0x76, (byte)0xaf, (byte)0xdd, + (byte)0x3a, (byte)0x0b, (byte)0x58, (byte)0x67, (byte)0x88, (byte)0x06, (byte)0xc3, (byte)0x35, (byte)0x0d, + (byte)0x01, (byte)0x8b, (byte)0x8c, (byte)0xc2, (byte)0xe6, (byte)0x5f, (byte)0x02, (byte)0x24, (byte)0x75, + (byte)0x93, (byte)0x66, (byte)0x1e, (byte)0xe5, (byte)0xe2, (byte)0x54, (byte)0xd8, (byte)0x10, (byte)0xce, + (byte)0x7a, (byte)0xe8, (byte)0x08, (byte)0x2c, (byte)0x12, (byte)0x97, (byte)0x32, (byte)0xab, (byte)0xb4, + (byte)0x27, (byte)0x0a, (byte)0x23, (byte)0xdf, (byte)0xef, (byte)0xca, (byte)0xd9, (byte)0xb8, (byte)0xfa, + (byte)0xdc, (byte)0x31, (byte)0x6b, (byte)0xd1, (byte)0xad, (byte)0x19, (byte)0x49, (byte)0xbd, (byte)0x51, + (byte)0x96, (byte)0xee, (byte)0xe4, (byte)0xa8, (byte)0x41, (byte)0xda, (byte)0xff, (byte)0xcd, (byte)0x55, + (byte)0x86, (byte)0x36, (byte)0xbe, (byte)0x61, (byte)0x52, (byte)0xf8, (byte)0xbb, (byte)0x0e, (byte)0x82, + (byte)0x48, (byte)0x69, (byte)0x9a, (byte)0xe0, (byte)0x47, (byte)0x9e, (byte)0x5c, (byte)0x04, (byte)0x4b, + (byte)0x34, (byte)0x15, (byte)0x79, (byte)0x26, (byte)0xa7, (byte)0xde, (byte)0x29, (byte)0xae, (byte)0x92, + (byte)0xd7, (byte)0x84, (byte)0xe9, (byte)0xd2, (byte)0xba, (byte)0x5d, (byte)0xf3, (byte)0xc5, (byte)0xb0, + (byte)0xbf, (byte)0xa4, (byte)0x3b, (byte)0x71, (byte)0x44, (byte)0x46, (byte)0x2b, (byte)0xfc, (byte)0xeb, + (byte)0x6f, (byte)0xd5, (byte)0xf6, (byte)0x14, (byte)0xfe, (byte)0x7c, (byte)0x70, (byte)0x5a, (byte)0x7d, + (byte)0xfd, (byte)0x2f, (byte)0x18, (byte)0x83, (byte)0x16, (byte)0xa5, (byte)0x91, (byte)0x1f, (byte)0x05, + (byte)0x95, (byte)0x74, (byte)0xa9, (byte)0xc1, (byte)0x5b, (byte)0x4a, (byte)0x85, (byte)0x6d, (byte)0x13, + (byte)0x07, (byte)0x4f, (byte)0x4e, (byte)0x45, (byte)0xb2, (byte)0x0f, (byte)0xc9, (byte)0x1c, (byte)0xa6, + (byte)0xbc, (byte)0xec, (byte)0x73, (byte)0x90, (byte)0x7b, (byte)0xcf, (byte)0x59, (byte)0x8f, (byte)0xa1, + (byte)0xf9, (byte)0x2d, (byte)0xf2, (byte)0xb1, (byte)0x00, (byte)0x94, (byte)0x37, (byte)0x9f, (byte)0xd0, + (byte)0x2e, (byte)0x9c, (byte)0x6e, (byte)0x28, (byte)0x3f, (byte)0x80, (byte)0xf0, (byte)0x3d, (byte)0xd3, + (byte)0x25, (byte)0x8a, (byte)0xb5, (byte)0xe7, (byte)0x42, (byte)0xb3, (byte)0xc7, (byte)0xea, (byte)0xf7, + (byte)0x4c, (byte)0x11, (byte)0x33, (byte)0x03, (byte)0xa2, (byte)0xac, (byte)0x60 }; + + protected const int BlockSize = 16; + + private byte[][] m_roundKeys; + + public virtual void Init(bool forEncryption, ICipherParameters parameters) + { + KeyParameter keyParameter = parameters as KeyParameter; + + if (keyParameter == null) + throw new ArgumentException("invalid parameter passed to ARIA init - " + + Platform.GetTypeName(parameters)); + + this.m_roundKeys = KeySchedule(forEncryption, keyParameter.GetKey()); + } + + public virtual string AlgorithmName + { + get { return "ARIA"; } + } + + public virtual bool IsPartialBlockOkay + { + get { return false; } + } + + public virtual int GetBlockSize() + { + return BlockSize; + } + + public virtual int ProcessBlock(byte[] input, int inOff, byte[] output, int outOff) + { + if (m_roundKeys == null) + throw new InvalidOperationException("ARIA engine not initialised"); + + Check.DataLength(input, inOff, BlockSize, "input buffer too short"); + Check.OutputLength(output, outOff, BlockSize, "output buffer too short"); + + byte[] z = new byte[BlockSize]; + Array.Copy(input, inOff, z, 0, BlockSize); + + int i = 0, rounds = m_roundKeys.Length - 3; + while (i < rounds) + { + FO(z, m_roundKeys[i++]); + FE(z, m_roundKeys[i++]); + } + + FO(z, m_roundKeys[i++]); + Xor(z, m_roundKeys[i++]); + SL2(z); + Xor(z, m_roundKeys[i]); + + Array.Copy(z, 0, output, outOff, BlockSize); + + return BlockSize; + } + + public virtual void Reset() + { + // Empty + } + + protected static void A(byte[] z) + { + byte x0 = z[0], x1 = z[1], x2 = z[2], x3 = z[3], x4 = z[4], x5 = z[5], x6 = z[6], x7 = z[7], x8 = z[8], + x9 = z[9], x10 = z[10], x11 = z[11], x12 = z[12], x13 = z[13], x14 = z[14], x15 = z[15]; + + z[0] = (byte)(x3 ^ x4 ^ x6 ^ x8 ^ x9 ^ x13 ^ x14); + z[1] = (byte)(x2 ^ x5 ^ x7 ^ x8 ^ x9 ^ x12 ^ x15); + z[2] = (byte)(x1 ^ x4 ^ x6 ^ x10 ^ x11 ^ x12 ^ x15); + z[3] = (byte)(x0 ^ x5 ^ x7 ^ x10 ^ x11 ^ x13 ^ x14); + z[4] = (byte)(x0 ^ x2 ^ x5 ^ x8 ^ x11 ^ x14 ^ x15); + z[5] = (byte)(x1 ^ x3 ^ x4 ^ x9 ^ x10 ^ x14 ^ x15); + z[6] = (byte)(x0 ^ x2 ^ x7 ^ x9 ^ x10 ^ x12 ^ x13); + z[7] = (byte)(x1 ^ x3 ^ x6 ^ x8 ^ x11 ^ x12 ^ x13); + z[8] = (byte)(x0 ^ x1 ^ x4 ^ x7 ^ x10 ^ x13 ^ x15); + z[9] = (byte)(x0 ^ x1 ^ x5 ^ x6 ^ x11 ^ x12 ^ x14); + z[10] = (byte)(x2 ^ x3 ^ x5 ^ x6 ^ x8 ^ x13 ^ x15); + z[11] = (byte)(x2 ^ x3 ^ x4 ^ x7 ^ x9 ^ x12 ^ x14); + z[12] = (byte)(x1 ^ x2 ^ x6 ^ x7 ^ x9 ^ x11 ^ x12); + z[13] = (byte)(x0 ^ x3 ^ x6 ^ x7 ^ x8 ^ x10 ^ x13); + z[14] = (byte)(x0 ^ x3 ^ x4 ^ x5 ^ x9 ^ x11 ^ x14); + z[15] = (byte)(x1 ^ x2 ^ x4 ^ x5 ^ x8 ^ x10 ^ x15); + } + + protected static void FE(byte[] D, byte[] RK) + { + Xor(D, RK); + SL2(D); + A(D); + } + + protected static void FO(byte[] D, byte[] RK) + { + Xor(D, RK); + SL1(D); + A(D); + } + + protected static byte[][] KeySchedule(bool forEncryption, byte[] K) + { + int keyLen = K.Length; + if (keyLen < 16 || keyLen > 32 || (keyLen & 7) != 0) + throw new ArgumentException("Key length not 128/192/256 bits."); + + int keyLenIdx = (keyLen >> 3) - 2; + + byte[] CK1 = C[keyLenIdx]; + byte[] CK2 = C[(keyLenIdx + 1) % 3]; + byte[] CK3 = C[(keyLenIdx + 2) % 3]; + + byte[] KL = new byte[16], KR = new byte[16]; + Array.Copy(K, 0, KL, 0, 16); + Array.Copy(K, 16, KR, 0, keyLen - 16); + + byte[] W0 = new byte[16]; + byte[] W1 = new byte[16]; + byte[] W2 = new byte[16]; + byte[] W3 = new byte[16]; + + Array.Copy(KL, 0, W0, 0, 16); + + Array.Copy(W0, 0, W1, 0, 16); + FO(W1, CK1); + Xor(W1, KR); + + Array.Copy(W1, 0, W2, 0, 16); + FE(W2, CK2); + Xor(W2, W0); + + Array.Copy(W2, 0, W3, 0, 16); + FO(W3, CK3); + Xor(W3, W1); + + int numRounds = 12 + (keyLenIdx * 2); + byte[][] rks = new byte[numRounds + 1][]; + + rks[0] = KeyScheduleRound(W0, W1, 19); + rks[1] = KeyScheduleRound(W1, W2, 19); + rks[2] = KeyScheduleRound(W2, W3, 19); + rks[3] = KeyScheduleRound(W3, W0, 19); + + rks[4] = KeyScheduleRound(W0, W1, 31); + rks[5] = KeyScheduleRound(W1, W2, 31); + rks[6] = KeyScheduleRound(W2, W3, 31); + rks[7] = KeyScheduleRound(W3, W0, 31); + + rks[8] = KeyScheduleRound(W0, W1, 67); + rks[9] = KeyScheduleRound(W1, W2, 67); + rks[10] = KeyScheduleRound(W2, W3, 67); + rks[11] = KeyScheduleRound(W3, W0, 67); + + rks[12] = KeyScheduleRound(W0, W1, 97); + if (numRounds > 12) + { + rks[13] = KeyScheduleRound(W1, W2, 97); + rks[14] = KeyScheduleRound(W2, W3, 97); + if (numRounds > 14) + { + rks[15] = KeyScheduleRound(W3, W0, 97); + + rks[16] = KeyScheduleRound(W0, W1, 109); + } + } + + if (!forEncryption) + { + ReverseKeys(rks); + + for (int i = 1; i < numRounds; ++i) + { + A(rks[i]); + } + } + + return rks; + } + + protected static byte[] KeyScheduleRound(byte[] w, byte[] wr, int n) + { + byte[] rk = new byte[16]; + + int off = n >> 3, right = n & 7, left = 8 - right; + + int hi = wr[15 - off] & 0xFF; + + for (int to = 0; to < 16; ++to) + { + int lo = wr[(to - off) & 0xF] & 0xFF; + + int b = (hi << left) | (lo >> right); + b ^= (w[to] & 0xFF); + + rk[to] = (byte)b; + + hi = lo; + } + + return rk; + } + + protected static void ReverseKeys(byte[][] keys) + { + int length = keys.Length, limit = length / 2, last = length - 1; + for (int i = 0; i < limit; ++i) + { + byte[] t = keys[i]; + keys[i] = keys[last - i]; + keys[last - i] = t; + } + } + + protected static byte SB1(byte x) + { + return SB1_sbox[x & 0xFF]; + } + + protected static byte SB2(byte x) + { + return SB2_sbox[x & 0xFF]; + } + + protected static byte SB3(byte x) + { + return SB3_sbox[x & 0xFF]; + } + + protected static byte SB4(byte x) + { + return SB4_sbox[x & 0xFF]; + } + + protected static void SL1(byte[] z) + { + z[0] = SB1(z[0]); + z[1] = SB2(z[1]); + z[2] = SB3(z[2]); + z[3] = SB4(z[3]); + z[4] = SB1(z[4]); + z[5] = SB2(z[5]); + z[6] = SB3(z[6]); + z[7] = SB4(z[7]); + z[8] = SB1(z[8]); + z[9] = SB2(z[9]); + z[10] = SB3(z[10]); + z[11] = SB4(z[11]); + z[12] = SB1(z[12]); + z[13] = SB2(z[13]); + z[14] = SB3(z[14]); + z[15] = SB4(z[15]); + } + + protected static void SL2(byte[] z) + { + z[0] = SB3(z[0]); + z[1] = SB4(z[1]); + z[2] = SB1(z[2]); + z[3] = SB2(z[3]); + z[4] = SB3(z[4]); + z[5] = SB4(z[5]); + z[6] = SB1(z[6]); + z[7] = SB2(z[7]); + z[8] = SB3(z[8]); + z[9] = SB4(z[9]); + z[10] = SB1(z[10]); + z[11] = SB2(z[11]); + z[12] = SB3(z[12]); + z[13] = SB4(z[13]); + z[14] = SB1(z[14]); + z[15] = SB2(z[15]); + } + + protected static void Xor(byte[] z, byte[] x) + { + for (int i = 0; i < 16; ++i) + { + z[i] ^= x[i]; + } + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/engines/BlowfishEngine.cs b/BouncyCastle/crypto/src/crypto/engines/BlowfishEngine.cs new file mode 100644 index 0000000..1b3dd97 --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/engines/BlowfishEngine.cs @@ -0,0 +1,558 @@ +using System; + +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Crypto.Utilities; +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Crypto.Engines +{ + /** + * A class that provides Blowfish key encryption operations, + * such as encoding data and generating keys. + * All the algorithms herein are from Applied Cryptography + * and implement a simplified cryptography interface. + */ + public sealed class BlowfishEngine + : IBlockCipher + { + private readonly static uint[] KP = + { + 0x243F6A88, 0x85A308D3, 0x13198A2E, 0x03707344, + 0xA4093822, 0x299F31D0, 0x082EFA98, 0xEC4E6C89, + 0x452821E6, 0x38D01377, 0xBE5466CF, 0x34E90C6C, + 0xC0AC29B7, 0xC97C50DD, 0x3F84D5B5, 0xB5470917, + 0x9216D5D9, 0x8979FB1B + }, + KS0 = + { + 0xD1310BA6, 0x98DFB5AC, 0x2FFD72DB, 0xD01ADFB7, + 0xB8E1AFED, 0x6A267E96, 0xBA7C9045, 0xF12C7F99, + 0x24A19947, 0xB3916CF7, 0x0801F2E2, 0x858EFC16, + 0x636920D8, 0x71574E69, 0xA458FEA3, 0xF4933D7E, + 0x0D95748F, 0x728EB658, 0x718BCD58, 0x82154AEE, + 0x7B54A41D, 0xC25A59B5, 0x9C30D539, 0x2AF26013, + 0xC5D1B023, 0x286085F0, 0xCA417918, 0xB8DB38EF, + 0x8E79DCB0, 0x603A180E, 0x6C9E0E8B, 0xB01E8A3E, + 0xD71577C1, 0xBD314B27, 0x78AF2FDA, 0x55605C60, + 0xE65525F3, 0xAA55AB94, 0x57489862, 0x63E81440, + 0x55CA396A, 0x2AAB10B6, 0xB4CC5C34, 0x1141E8CE, + 0xA15486AF, 0x7C72E993, 0xB3EE1411, 0x636FBC2A, + 0x2BA9C55D, 0x741831F6, 0xCE5C3E16, 0x9B87931E, + 0xAFD6BA33, 0x6C24CF5C, 0x7A325381, 0x28958677, + 0x3B8F4898, 0x6B4BB9AF, 0xC4BFE81B, 0x66282193, + 0x61D809CC, 0xFB21A991, 0x487CAC60, 0x5DEC8032, + 0xEF845D5D, 0xE98575B1, 0xDC262302, 0xEB651B88, + 0x23893E81, 0xD396ACC5, 0x0F6D6FF3, 0x83F44239, + 0x2E0B4482, 0xA4842004, 0x69C8F04A, 0x9E1F9B5E, + 0x21C66842, 0xF6E96C9A, 0x670C9C61, 0xABD388F0, + 0x6A51A0D2, 0xD8542F68, 0x960FA728, 0xAB5133A3, + 0x6EEF0B6C, 0x137A3BE4, 0xBA3BF050, 0x7EFB2A98, + 0xA1F1651D, 0x39AF0176, 0x66CA593E, 0x82430E88, + 0x8CEE8619, 0x456F9FB4, 0x7D84A5C3, 0x3B8B5EBE, + 0xE06F75D8, 0x85C12073, 0x401A449F, 0x56C16AA6, + 0x4ED3AA62, 0x363F7706, 0x1BFEDF72, 0x429B023D, + 0x37D0D724, 0xD00A1248, 0xDB0FEAD3, 0x49F1C09B, + 0x075372C9, 0x80991B7B, 0x25D479D8, 0xF6E8DEF7, + 0xE3FE501A, 0xB6794C3B, 0x976CE0BD, 0x04C006BA, + 0xC1A94FB6, 0x409F60C4, 0x5E5C9EC2, 0x196A2463, + 0x68FB6FAF, 0x3E6C53B5, 0x1339B2EB, 0x3B52EC6F, + 0x6DFC511F, 0x9B30952C, 0xCC814544, 0xAF5EBD09, + 0xBEE3D004, 0xDE334AFD, 0x660F2807, 0x192E4BB3, + 0xC0CBA857, 0x45C8740F, 0xD20B5F39, 0xB9D3FBDB, + 0x5579C0BD, 0x1A60320A, 0xD6A100C6, 0x402C7279, + 0x679F25FE, 0xFB1FA3CC, 0x8EA5E9F8, 0xDB3222F8, + 0x3C7516DF, 0xFD616B15, 0x2F501EC8, 0xAD0552AB, + 0x323DB5FA, 0xFD238760, 0x53317B48, 0x3E00DF82, + 0x9E5C57BB, 0xCA6F8CA0, 0x1A87562E, 0xDF1769DB, + 0xD542A8F6, 0x287EFFC3, 0xAC6732C6, 0x8C4F5573, + 0x695B27B0, 0xBBCA58C8, 0xE1FFA35D, 0xB8F011A0, + 0x10FA3D98, 0xFD2183B8, 0x4AFCB56C, 0x2DD1D35B, + 0x9A53E479, 0xB6F84565, 0xD28E49BC, 0x4BFB9790, + 0xE1DDF2DA, 0xA4CB7E33, 0x62FB1341, 0xCEE4C6E8, + 0xEF20CADA, 0x36774C01, 0xD07E9EFE, 0x2BF11FB4, + 0x95DBDA4D, 0xAE909198, 0xEAAD8E71, 0x6B93D5A0, + 0xD08ED1D0, 0xAFC725E0, 0x8E3C5B2F, 0x8E7594B7, + 0x8FF6E2FB, 0xF2122B64, 0x8888B812, 0x900DF01C, + 0x4FAD5EA0, 0x688FC31C, 0xD1CFF191, 0xB3A8C1AD, + 0x2F2F2218, 0xBE0E1777, 0xEA752DFE, 0x8B021FA1, + 0xE5A0CC0F, 0xB56F74E8, 0x18ACF3D6, 0xCE89E299, + 0xB4A84FE0, 0xFD13E0B7, 0x7CC43B81, 0xD2ADA8D9, + 0x165FA266, 0x80957705, 0x93CC7314, 0x211A1477, + 0xE6AD2065, 0x77B5FA86, 0xC75442F5, 0xFB9D35CF, + 0xEBCDAF0C, 0x7B3E89A0, 0xD6411BD3, 0xAE1E7E49, + 0x00250E2D, 0x2071B35E, 0x226800BB, 0x57B8E0AF, + 0x2464369B, 0xF009B91E, 0x5563911D, 0x59DFA6AA, + 0x78C14389, 0xD95A537F, 0x207D5BA2, 0x02E5B9C5, + 0x83260376, 0x6295CFA9, 0x11C81968, 0x4E734A41, + 0xB3472DCA, 0x7B14A94A, 0x1B510052, 0x9A532915, + 0xD60F573F, 0xBC9BC6E4, 0x2B60A476, 0x81E67400, + 0x08BA6FB5, 0x571BE91F, 0xF296EC6B, 0x2A0DD915, + 0xB6636521, 0xE7B9F9B6, 0xFF34052E, 0xC5855664, + 0x53B02D5D, 0xA99F8FA1, 0x08BA4799, 0x6E85076A + }, + KS1 = + { + 0x4B7A70E9, 0xB5B32944, 0xDB75092E, 0xC4192623, + 0xAD6EA6B0, 0x49A7DF7D, 0x9CEE60B8, 0x8FEDB266, + 0xECAA8C71, 0x699A17FF, 0x5664526C, 0xC2B19EE1, + 0x193602A5, 0x75094C29, 0xA0591340, 0xE4183A3E, + 0x3F54989A, 0x5B429D65, 0x6B8FE4D6, 0x99F73FD6, + 0xA1D29C07, 0xEFE830F5, 0x4D2D38E6, 0xF0255DC1, + 0x4CDD2086, 0x8470EB26, 0x6382E9C6, 0x021ECC5E, + 0x09686B3F, 0x3EBAEFC9, 0x3C971814, 0x6B6A70A1, + 0x687F3584, 0x52A0E286, 0xB79C5305, 0xAA500737, + 0x3E07841C, 0x7FDEAE5C, 0x8E7D44EC, 0x5716F2B8, + 0xB03ADA37, 0xF0500C0D, 0xF01C1F04, 0x0200B3FF, + 0xAE0CF51A, 0x3CB574B2, 0x25837A58, 0xDC0921BD, + 0xD19113F9, 0x7CA92FF6, 0x94324773, 0x22F54701, + 0x3AE5E581, 0x37C2DADC, 0xC8B57634, 0x9AF3DDA7, + 0xA9446146, 0x0FD0030E, 0xECC8C73E, 0xA4751E41, + 0xE238CD99, 0x3BEA0E2F, 0x3280BBA1, 0x183EB331, + 0x4E548B38, 0x4F6DB908, 0x6F420D03, 0xF60A04BF, + 0x2CB81290, 0x24977C79, 0x5679B072, 0xBCAF89AF, + 0xDE9A771F, 0xD9930810, 0xB38BAE12, 0xDCCF3F2E, + 0x5512721F, 0x2E6B7124, 0x501ADDE6, 0x9F84CD87, + 0x7A584718, 0x7408DA17, 0xBC9F9ABC, 0xE94B7D8C, + 0xEC7AEC3A, 0xDB851DFA, 0x63094366, 0xC464C3D2, + 0xEF1C1847, 0x3215D908, 0xDD433B37, 0x24C2BA16, + 0x12A14D43, 0x2A65C451, 0x50940002, 0x133AE4DD, + 0x71DFF89E, 0x10314E55, 0x81AC77D6, 0x5F11199B, + 0x043556F1, 0xD7A3C76B, 0x3C11183B, 0x5924A509, + 0xF28FE6ED, 0x97F1FBFA, 0x9EBABF2C, 0x1E153C6E, + 0x86E34570, 0xEAE96FB1, 0x860E5E0A, 0x5A3E2AB3, + 0x771FE71C, 0x4E3D06FA, 0x2965DCB9, 0x99E71D0F, + 0x803E89D6, 0x5266C825, 0x2E4CC978, 0x9C10B36A, + 0xC6150EBA, 0x94E2EA78, 0xA5FC3C53, 0x1E0A2DF4, + 0xF2F74EA7, 0x361D2B3D, 0x1939260F, 0x19C27960, + 0x5223A708, 0xF71312B6, 0xEBADFE6E, 0xEAC31F66, + 0xE3BC4595, 0xA67BC883, 0xB17F37D1, 0x018CFF28, + 0xC332DDEF, 0xBE6C5AA5, 0x65582185, 0x68AB9802, + 0xEECEA50F, 0xDB2F953B, 0x2AEF7DAD, 0x5B6E2F84, + 0x1521B628, 0x29076170, 0xECDD4775, 0x619F1510, + 0x13CCA830, 0xEB61BD96, 0x0334FE1E, 0xAA0363CF, + 0xB5735C90, 0x4C70A239, 0xD59E9E0B, 0xCBAADE14, + 0xEECC86BC, 0x60622CA7, 0x9CAB5CAB, 0xB2F3846E, + 0x648B1EAF, 0x19BDF0CA, 0xA02369B9, 0x655ABB50, + 0x40685A32, 0x3C2AB4B3, 0x319EE9D5, 0xC021B8F7, + 0x9B540B19, 0x875FA099, 0x95F7997E, 0x623D7DA8, + 0xF837889A, 0x97E32D77, 0x11ED935F, 0x16681281, + 0x0E358829, 0xC7E61FD6, 0x96DEDFA1, 0x7858BA99, + 0x57F584A5, 0x1B227263, 0x9B83C3FF, 0x1AC24696, + 0xCDB30AEB, 0x532E3054, 0x8FD948E4, 0x6DBC3128, + 0x58EBF2EF, 0x34C6FFEA, 0xFE28ED61, 0xEE7C3C73, + 0x5D4A14D9, 0xE864B7E3, 0x42105D14, 0x203E13E0, + 0x45EEE2B6, 0xA3AAABEA, 0xDB6C4F15, 0xFACB4FD0, + 0xC742F442, 0xEF6ABBB5, 0x654F3B1D, 0x41CD2105, + 0xD81E799E, 0x86854DC7, 0xE44B476A, 0x3D816250, + 0xCF62A1F2, 0x5B8D2646, 0xFC8883A0, 0xC1C7B6A3, + 0x7F1524C3, 0x69CB7492, 0x47848A0B, 0x5692B285, + 0x095BBF00, 0xAD19489D, 0x1462B174, 0x23820E00, + 0x58428D2A, 0x0C55F5EA, 0x1DADF43E, 0x233F7061, + 0x3372F092, 0x8D937E41, 0xD65FECF1, 0x6C223BDB, + 0x7CDE3759, 0xCBEE7460, 0x4085F2A7, 0xCE77326E, + 0xA6078084, 0x19F8509E, 0xE8EFD855, 0x61D99735, + 0xA969A7AA, 0xC50C06C2, 0x5A04ABFC, 0x800BCADC, + 0x9E447A2E, 0xC3453484, 0xFDD56705, 0x0E1E9EC9, + 0xDB73DBD3, 0x105588CD, 0x675FDA79, 0xE3674340, + 0xC5C43465, 0x713E38D8, 0x3D28F89E, 0xF16DFF20, + 0x153E21E7, 0x8FB03D4A, 0xE6E39F2B, 0xDB83ADF7 + }, + KS2 = + { + 0xE93D5A68, 0x948140F7, 0xF64C261C, 0x94692934, + 0x411520F7, 0x7602D4F7, 0xBCF46B2E, 0xD4A20068, + 0xD4082471, 0x3320F46A, 0x43B7D4B7, 0x500061AF, + 0x1E39F62E, 0x97244546, 0x14214F74, 0xBF8B8840, + 0x4D95FC1D, 0x96B591AF, 0x70F4DDD3, 0x66A02F45, + 0xBFBC09EC, 0x03BD9785, 0x7FAC6DD0, 0x31CB8504, + 0x96EB27B3, 0x55FD3941, 0xDA2547E6, 0xABCA0A9A, + 0x28507825, 0x530429F4, 0x0A2C86DA, 0xE9B66DFB, + 0x68DC1462, 0xD7486900, 0x680EC0A4, 0x27A18DEE, + 0x4F3FFEA2, 0xE887AD8C, 0xB58CE006, 0x7AF4D6B6, + 0xAACE1E7C, 0xD3375FEC, 0xCE78A399, 0x406B2A42, + 0x20FE9E35, 0xD9F385B9, 0xEE39D7AB, 0x3B124E8B, + 0x1DC9FAF7, 0x4B6D1856, 0x26A36631, 0xEAE397B2, + 0x3A6EFA74, 0xDD5B4332, 0x6841E7F7, 0xCA7820FB, + 0xFB0AF54E, 0xD8FEB397, 0x454056AC, 0xBA489527, + 0x55533A3A, 0x20838D87, 0xFE6BA9B7, 0xD096954B, + 0x55A867BC, 0xA1159A58, 0xCCA92963, 0x99E1DB33, + 0xA62A4A56, 0x3F3125F9, 0x5EF47E1C, 0x9029317C, + 0xFDF8E802, 0x04272F70, 0x80BB155C, 0x05282CE3, + 0x95C11548, 0xE4C66D22, 0x48C1133F, 0xC70F86DC, + 0x07F9C9EE, 0x41041F0F, 0x404779A4, 0x5D886E17, + 0x325F51EB, 0xD59BC0D1, 0xF2BCC18F, 0x41113564, + 0x257B7834, 0x602A9C60, 0xDFF8E8A3, 0x1F636C1B, + 0x0E12B4C2, 0x02E1329E, 0xAF664FD1, 0xCAD18115, + 0x6B2395E0, 0x333E92E1, 0x3B240B62, 0xEEBEB922, + 0x85B2A20E, 0xE6BA0D99, 0xDE720C8C, 0x2DA2F728, + 0xD0127845, 0x95B794FD, 0x647D0862, 0xE7CCF5F0, + 0x5449A36F, 0x877D48FA, 0xC39DFD27, 0xF33E8D1E, + 0x0A476341, 0x992EFF74, 0x3A6F6EAB, 0xF4F8FD37, + 0xA812DC60, 0xA1EBDDF8, 0x991BE14C, 0xDB6E6B0D, + 0xC67B5510, 0x6D672C37, 0x2765D43B, 0xDCD0E804, + 0xF1290DC7, 0xCC00FFA3, 0xB5390F92, 0x690FED0B, + 0x667B9FFB, 0xCEDB7D9C, 0xA091CF0B, 0xD9155EA3, + 0xBB132F88, 0x515BAD24, 0x7B9479BF, 0x763BD6EB, + 0x37392EB3, 0xCC115979, 0x8026E297, 0xF42E312D, + 0x6842ADA7, 0xC66A2B3B, 0x12754CCC, 0x782EF11C, + 0x6A124237, 0xB79251E7, 0x06A1BBE6, 0x4BFB6350, + 0x1A6B1018, 0x11CAEDFA, 0x3D25BDD8, 0xE2E1C3C9, + 0x44421659, 0x0A121386, 0xD90CEC6E, 0xD5ABEA2A, + 0x64AF674E, 0xDA86A85F, 0xBEBFE988, 0x64E4C3FE, + 0x9DBC8057, 0xF0F7C086, 0x60787BF8, 0x6003604D, + 0xD1FD8346, 0xF6381FB0, 0x7745AE04, 0xD736FCCC, + 0x83426B33, 0xF01EAB71, 0xB0804187, 0x3C005E5F, + 0x77A057BE, 0xBDE8AE24, 0x55464299, 0xBF582E61, + 0x4E58F48F, 0xF2DDFDA2, 0xF474EF38, 0x8789BDC2, + 0x5366F9C3, 0xC8B38E74, 0xB475F255, 0x46FCD9B9, + 0x7AEB2661, 0x8B1DDF84, 0x846A0E79, 0x915F95E2, + 0x466E598E, 0x20B45770, 0x8CD55591, 0xC902DE4C, + 0xB90BACE1, 0xBB8205D0, 0x11A86248, 0x7574A99E, + 0xB77F19B6, 0xE0A9DC09, 0x662D09A1, 0xC4324633, + 0xE85A1F02, 0x09F0BE8C, 0x4A99A025, 0x1D6EFE10, + 0x1AB93D1D, 0x0BA5A4DF, 0xA186F20F, 0x2868F169, + 0xDCB7DA83, 0x573906FE, 0xA1E2CE9B, 0x4FCD7F52, + 0x50115E01, 0xA70683FA, 0xA002B5C4, 0x0DE6D027, + 0x9AF88C27, 0x773F8641, 0xC3604C06, 0x61A806B5, + 0xF0177A28, 0xC0F586E0, 0x006058AA, 0x30DC7D62, + 0x11E69ED7, 0x2338EA63, 0x53C2DD94, 0xC2C21634, + 0xBBCBEE56, 0x90BCB6DE, 0xEBFC7DA1, 0xCE591D76, + 0x6F05E409, 0x4B7C0188, 0x39720A3D, 0x7C927C24, + 0x86E3725F, 0x724D9DB9, 0x1AC15BB4, 0xD39EB8FC, + 0xED545578, 0x08FCA5B5, 0xD83D7CD3, 0x4DAD0FC4, + 0x1E50EF5E, 0xB161E6F8, 0xA28514D9, 0x6C51133C, + 0x6FD5C7E7, 0x56E14EC4, 0x362ABFCE, 0xDDC6C837, + 0xD79A3234, 0x92638212, 0x670EFA8E, 0x406000E0 + }, + KS3 = + { + 0x3A39CE37, 0xD3FAF5CF, 0xABC27737, 0x5AC52D1B, + 0x5CB0679E, 0x4FA33742, 0xD3822740, 0x99BC9BBE, + 0xD5118E9D, 0xBF0F7315, 0xD62D1C7E, 0xC700C47B, + 0xB78C1B6B, 0x21A19045, 0xB26EB1BE, 0x6A366EB4, + 0x5748AB2F, 0xBC946E79, 0xC6A376D2, 0x6549C2C8, + 0x530FF8EE, 0x468DDE7D, 0xD5730A1D, 0x4CD04DC6, + 0x2939BBDB, 0xA9BA4650, 0xAC9526E8, 0xBE5EE304, + 0xA1FAD5F0, 0x6A2D519A, 0x63EF8CE2, 0x9A86EE22, + 0xC089C2B8, 0x43242EF6, 0xA51E03AA, 0x9CF2D0A4, + 0x83C061BA, 0x9BE96A4D, 0x8FE51550, 0xBA645BD6, + 0x2826A2F9, 0xA73A3AE1, 0x4BA99586, 0xEF5562E9, + 0xC72FEFD3, 0xF752F7DA, 0x3F046F69, 0x77FA0A59, + 0x80E4A915, 0x87B08601, 0x9B09E6AD, 0x3B3EE593, + 0xE990FD5A, 0x9E34D797, 0x2CF0B7D9, 0x022B8B51, + 0x96D5AC3A, 0x017DA67D, 0xD1CF3ED6, 0x7C7D2D28, + 0x1F9F25CF, 0xADF2B89B, 0x5AD6B472, 0x5A88F54C, + 0xE029AC71, 0xE019A5E6, 0x47B0ACFD, 0xED93FA9B, + 0xE8D3C48D, 0x283B57CC, 0xF8D56629, 0x79132E28, + 0x785F0191, 0xED756055, 0xF7960E44, 0xE3D35E8C, + 0x15056DD4, 0x88F46DBA, 0x03A16125, 0x0564F0BD, + 0xC3EB9E15, 0x3C9057A2, 0x97271AEC, 0xA93A072A, + 0x1B3F6D9B, 0x1E6321F5, 0xF59C66FB, 0x26DCF319, + 0x7533D928, 0xB155FDF5, 0x03563482, 0x8ABA3CBB, + 0x28517711, 0xC20AD9F8, 0xABCC5167, 0xCCAD925F, + 0x4DE81751, 0x3830DC8E, 0x379D5862, 0x9320F991, + 0xEA7A90C2, 0xFB3E7BCE, 0x5121CE64, 0x774FBE32, + 0xA8B6E37E, 0xC3293D46, 0x48DE5369, 0x6413E680, + 0xA2AE0810, 0xDD6DB224, 0x69852DFD, 0x09072166, + 0xB39A460A, 0x6445C0DD, 0x586CDECF, 0x1C20C8AE, + 0x5BBEF7DD, 0x1B588D40, 0xCCD2017F, 0x6BB4E3BB, + 0xDDA26A7E, 0x3A59FF45, 0x3E350A44, 0xBCB4CDD5, + 0x72EACEA8, 0xFA6484BB, 0x8D6612AE, 0xBF3C6F47, + 0xD29BE463, 0x542F5D9E, 0xAEC2771B, 0xF64E6370, + 0x740E0D8D, 0xE75B1357, 0xF8721671, 0xAF537D5D, + 0x4040CB08, 0x4EB4E2CC, 0x34D2466A, 0x0115AF84, + 0xE1B00428, 0x95983A1D, 0x06B89FB4, 0xCE6EA048, + 0x6F3F3B82, 0x3520AB82, 0x011A1D4B, 0x277227F8, + 0x611560B1, 0xE7933FDC, 0xBB3A792B, 0x344525BD, + 0xA08839E1, 0x51CE794B, 0x2F32C9B7, 0xA01FBAC9, + 0xE01CC87E, 0xBCC7D1F6, 0xCF0111C3, 0xA1E8AAC7, + 0x1A908749, 0xD44FBD9A, 0xD0DADECB, 0xD50ADA38, + 0x0339C32A, 0xC6913667, 0x8DF9317C, 0xE0B12B4F, + 0xF79E59B7, 0x43F5BB3A, 0xF2D519FF, 0x27D9459C, + 0xBF97222C, 0x15E6FC2A, 0x0F91FC71, 0x9B941525, + 0xFAE59361, 0xCEB69CEB, 0xC2A86459, 0x12BAA8D1, + 0xB6C1075E, 0xE3056A0C, 0x10D25065, 0xCB03A442, + 0xE0EC6E0E, 0x1698DB3B, 0x4C98A0BE, 0x3278E964, + 0x9F1F9532, 0xE0D392DF, 0xD3A0342B, 0x8971F21E, + 0x1B0A7441, 0x4BA3348C, 0xC5BE7120, 0xC37632D8, + 0xDF359F8D, 0x9B992F2E, 0xE60B6F47, 0x0FE3F11D, + 0xE54CDA54, 0x1EDAD891, 0xCE6279CF, 0xCD3E7E6F, + 0x1618B166, 0xFD2C1D05, 0x848FD2C5, 0xF6FB2299, + 0xF523F357, 0xA6327623, 0x93A83531, 0x56CCCD02, + 0xACF08162, 0x5A75EBB5, 0x6E163697, 0x88D273CC, + 0xDE966292, 0x81B949D0, 0x4C50901B, 0x71C65614, + 0xE6C6C7BD, 0x327A140A, 0x45E1D006, 0xC3F27B9A, + 0xC9AA53FD, 0x62A80F00, 0xBB25BFE2, 0x35BDD2F6, + 0x71126905, 0xB2040222, 0xB6CBCF7C, 0xCD769C2B, + 0x53113EC0, 0x1640E3D3, 0x38ABBD60, 0x2547ADF0, + 0xBA38209C, 0xF746CE76, 0x77AFA1C5, 0x20756060, + 0x85CBFE4E, 0x8AE88DD8, 0x7AAAF9B0, 0x4CF9AA7E, + 0x1948C25C, 0x02FB8A8C, 0x01C36AE4, 0xD6EBE1F9, + 0x90D4F869, 0xA65CDEA0, 0x3F09252D, 0xC208E69F, + 0xB74E6132, 0xCE77E25B, 0x578FDFE3, 0x3AC372E6 + }; + + //==================================== + // Useful constants + //==================================== + + private static readonly int ROUNDS = 16; + private const int BLOCK_SIZE = 8; // bytes = 64 bits + private static readonly int SBOX_SK = 256; + private static readonly int P_SZ = ROUNDS+2; + + private readonly uint[] S0, S1, S2, S3; // the s-boxes + private readonly uint[] P; // the p-array + + private bool encrypting; + + private byte[] workingKey; + + public BlowfishEngine() + { + S0 = new uint[SBOX_SK]; + S1 = new uint[SBOX_SK]; + S2 = new uint[SBOX_SK]; + S3 = new uint[SBOX_SK]; + P = new uint[P_SZ]; + } + + /** + * initialise a Blowfish cipher. + * + * @param forEncryption whether or not we are for encryption. + * @param parameters the parameters required to set up the cipher. + * @exception ArgumentException if the parameters argument is + * inappropriate. + */ + public void Init( + bool forEncryption, + ICipherParameters parameters) + { + if (!(parameters is KeyParameter)) + throw new ArgumentException("invalid parameter passed to Blowfish init - " + Platform.GetTypeName(parameters)); + + this.encrypting = forEncryption; + this.workingKey = ((KeyParameter)parameters).GetKey(); + SetKey(this.workingKey); + } + + public string AlgorithmName + { + get { return "Blowfish"; } + } + + public bool IsPartialBlockOkay + { + get { return false; } + } + + public int ProcessBlock( + byte[] input, + int inOff, + byte[] output, + int outOff) + { + if (workingKey == null) + throw new InvalidOperationException("Blowfish not initialised"); + + Check.DataLength(input, inOff, BLOCK_SIZE, "input buffer too short"); + Check.OutputLength(output, outOff, BLOCK_SIZE, "output buffer too short"); + + if (encrypting) + { + EncryptBlock(input, inOff, output, outOff); + } + else + { + DecryptBlock(input, inOff, output, outOff); + } + + return BLOCK_SIZE; + } + + public void Reset() + { + } + + public int GetBlockSize() + { + return BLOCK_SIZE; + } + + //================================== + // Private Implementation + //================================== + + private uint F(uint x) + { + return (((S0[x >> 24] + S1[(x >> 16) & 0xff]) ^ S2[(x >> 8) & 0xff]) + S3[x & 0xff]); + } + + /** + * apply the encryption cycle to each value pair in the table. + */ + private void ProcessTable( + uint xl, + uint xr, + uint[] table) + { + int size = table.Length; + + for (int s = 0; s < size; s += 2) + { + xl ^= P[0]; + + for (int i = 1; i < ROUNDS; i += 2) + { + xr ^= F(xl) ^ P[i]; + xl ^= F(xr) ^ P[i + 1]; + } + + xr ^= P[ROUNDS + 1]; + + table[s] = xr; + table[s + 1] = xl; + + xr = xl; // end of cycle swap + xl = table[s]; + } + } + + private void SetKey(byte[] key) + { + if (key.Length < 4 || key.Length > 56) + { + throw new ArgumentException("key length must be in range 32 to 448 bits"); + } + + /* + * - comments are from _Applied Crypto_, Schneier, p338 + * please be careful comparing the two, AC numbers the + * arrays from 1, the enclosed code from 0. + * + * (1) + * Initialise the S-boxes and the P-array, with a fixed string + * This string contains the hexadecimal digits of pi (3.141...) + */ + Array.Copy(KS0, 0, S0, 0, SBOX_SK); + Array.Copy(KS1, 0, S1, 0, SBOX_SK); + Array.Copy(KS2, 0, S2, 0, SBOX_SK); + Array.Copy(KS3, 0, S3, 0, SBOX_SK); + + Array.Copy(KP, 0, P, 0, P_SZ); + + /* + * (2) + * Now, XOR P[0] with the first 32 bits of the key, XOR P[1] with the + * second 32-bits of the key, and so on for all bits of the key + * (up to P[17]). Repeatedly cycle through the key bits until the + * entire P-array has been XOR-ed with the key bits + */ + int keyLength = key.Length; + int keyIndex = 0; + + for (int i=0; i < P_SZ; i++) + { + // Get the 32 bits of the key, in 4 * 8 bit chunks + uint data = 0x0000000; + for (int j=0; j < 4; j++) + { + // create a 32 bit block + data = (data << 8) | (uint)key[keyIndex++]; + + // wrap when we get to the end of the key + if (keyIndex >= keyLength) + { + keyIndex = 0; + } + } + // XOR the newly created 32 bit chunk onto the P-array + P[i] ^= data; + } + + /* + * (3) + * Encrypt the all-zero string with the Blowfish algorithm, using + * the subkeys described in (1) and (2) + * + * (4) + * Replace P1 and P2 with the output of step (3) + * + * (5) + * Encrypt the output of step(3) using the Blowfish algorithm, + * with the modified subkeys. + * + * (6) + * Replace P3 and P4 with the output of step (5) + * + * (7) + * Continue the process, replacing all elements of the P-array + * and then all four S-boxes in order, with the output of the + * continuously changing Blowfish algorithm + */ + + ProcessTable(0, 0, P); + ProcessTable(P[P_SZ - 2], P[P_SZ - 1], S0); + ProcessTable(S0[SBOX_SK - 2], S0[SBOX_SK - 1], S1); + ProcessTable(S1[SBOX_SK - 2], S1[SBOX_SK - 1], S2); + ProcessTable(S2[SBOX_SK - 2], S2[SBOX_SK - 1], S3); + } + + /** + * Encrypt the given input starting at the given offset and place + * the result in the provided buffer starting at the given offset. + * The input will be an exact multiple of our blocksize. + */ + private void EncryptBlock( + byte[] src, + int srcIndex, + byte[] dst, + int dstIndex) + { + uint xl = Pack.BE_To_UInt32(src, srcIndex); + uint xr = Pack.BE_To_UInt32(src, srcIndex+4); + + xl ^= P[0]; + + for (int i = 1; i < ROUNDS; i += 2) + { + xr ^= F(xl) ^ P[i]; + xl ^= F(xr) ^ P[i + 1]; + } + + xr ^= P[ROUNDS + 1]; + + Pack.UInt32_To_BE(xr, dst, dstIndex); + Pack.UInt32_To_BE(xl, dst, dstIndex + 4); + } + + /** + * Decrypt the given input starting at the given offset and place + * the result in the provided buffer starting at the given offset. + * The input will be an exact multiple of our blocksize. + */ + private void DecryptBlock( + byte[] src, + int srcIndex, + byte[] dst, + int dstIndex) + { + uint xl = Pack.BE_To_UInt32(src, srcIndex); + uint xr = Pack.BE_To_UInt32(src, srcIndex + 4); + + xl ^= P[ROUNDS + 1]; + + for (int i = ROUNDS; i > 0 ; i -= 2) + { + xr ^= F(xl) ^ P[i]; + xl ^= F(xr) ^ P[i - 1]; + } + + xr ^= P[0]; + + Pack.UInt32_To_BE(xr, dst, dstIndex); + Pack.UInt32_To_BE(xl, dst, dstIndex + 4); + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/engines/CamelliaEngine.cs b/BouncyCastle/crypto/src/crypto/engines/CamelliaEngine.cs new file mode 100644 index 0000000..2222e4b --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/engines/CamelliaEngine.cs @@ -0,0 +1,670 @@ +using System; + +using Org.BouncyCastle.Crypto.Parameters; + +namespace Org.BouncyCastle.Crypto.Engines +{ + /** + * Camellia - based on RFC 3713. + */ + public class CamelliaEngine + : IBlockCipher + { + private bool initialised = false; + private bool _keyIs128; + + private const int BLOCK_SIZE = 16; + + private uint[] subkey = new uint[24 * 4]; + private uint[] kw = new uint[4 * 2]; // for whitening + private uint[] ke = new uint[6 * 2]; // for FL and FL^(-1) + + private static readonly uint[] SIGMA = new uint[]{ + 0xa09e667f, 0x3bcc908b, + 0xb67ae858, 0x4caa73b2, + 0xc6ef372f, 0xe94f82be, + 0x54ff53a5, 0xf1d36f1c, + 0x10e527fa, 0xde682d1d, + 0xb05688c2, 0xb3e6c1fd + }; + + /* + * + * S-box data + * + */ + private static readonly uint[] SBOX1_1110 = new uint[]{ + 0x70707000, 0x82828200, 0x2c2c2c00, 0xececec00, 0xb3b3b300, 0x27272700, + 0xc0c0c000, 0xe5e5e500, 0xe4e4e400, 0x85858500, 0x57575700, 0x35353500, + 0xeaeaea00, 0x0c0c0c00, 0xaeaeae00, 0x41414100, 0x23232300, 0xefefef00, + 0x6b6b6b00, 0x93939300, 0x45454500, 0x19191900, 0xa5a5a500, 0x21212100, + 0xededed00, 0x0e0e0e00, 0x4f4f4f00, 0x4e4e4e00, 0x1d1d1d00, 0x65656500, + 0x92929200, 0xbdbdbd00, 0x86868600, 0xb8b8b800, 0xafafaf00, 0x8f8f8f00, + 0x7c7c7c00, 0xebebeb00, 0x1f1f1f00, 0xcecece00, 0x3e3e3e00, 0x30303000, + 0xdcdcdc00, 0x5f5f5f00, 0x5e5e5e00, 0xc5c5c500, 0x0b0b0b00, 0x1a1a1a00, + 0xa6a6a600, 0xe1e1e100, 0x39393900, 0xcacaca00, 0xd5d5d500, 0x47474700, + 0x5d5d5d00, 0x3d3d3d00, 0xd9d9d900, 0x01010100, 0x5a5a5a00, 0xd6d6d600, + 0x51515100, 0x56565600, 0x6c6c6c00, 0x4d4d4d00, 0x8b8b8b00, 0x0d0d0d00, + 0x9a9a9a00, 0x66666600, 0xfbfbfb00, 0xcccccc00, 0xb0b0b000, 0x2d2d2d00, + 0x74747400, 0x12121200, 0x2b2b2b00, 0x20202000, 0xf0f0f000, 0xb1b1b100, + 0x84848400, 0x99999900, 0xdfdfdf00, 0x4c4c4c00, 0xcbcbcb00, 0xc2c2c200, + 0x34343400, 0x7e7e7e00, 0x76767600, 0x05050500, 0x6d6d6d00, 0xb7b7b700, + 0xa9a9a900, 0x31313100, 0xd1d1d100, 0x17171700, 0x04040400, 0xd7d7d700, + 0x14141400, 0x58585800, 0x3a3a3a00, 0x61616100, 0xdedede00, 0x1b1b1b00, + 0x11111100, 0x1c1c1c00, 0x32323200, 0x0f0f0f00, 0x9c9c9c00, 0x16161600, + 0x53535300, 0x18181800, 0xf2f2f200, 0x22222200, 0xfefefe00, 0x44444400, + 0xcfcfcf00, 0xb2b2b200, 0xc3c3c300, 0xb5b5b500, 0x7a7a7a00, 0x91919100, + 0x24242400, 0x08080800, 0xe8e8e800, 0xa8a8a800, 0x60606000, 0xfcfcfc00, + 0x69696900, 0x50505000, 0xaaaaaa00, 0xd0d0d000, 0xa0a0a000, 0x7d7d7d00, + 0xa1a1a100, 0x89898900, 0x62626200, 0x97979700, 0x54545400, 0x5b5b5b00, + 0x1e1e1e00, 0x95959500, 0xe0e0e000, 0xffffff00, 0x64646400, 0xd2d2d200, + 0x10101000, 0xc4c4c400, 0x00000000, 0x48484800, 0xa3a3a300, 0xf7f7f700, + 0x75757500, 0xdbdbdb00, 0x8a8a8a00, 0x03030300, 0xe6e6e600, 0xdadada00, + 0x09090900, 0x3f3f3f00, 0xdddddd00, 0x94949400, 0x87878700, 0x5c5c5c00, + 0x83838300, 0x02020200, 0xcdcdcd00, 0x4a4a4a00, 0x90909000, 0x33333300, + 0x73737300, 0x67676700, 0xf6f6f600, 0xf3f3f300, 0x9d9d9d00, 0x7f7f7f00, + 0xbfbfbf00, 0xe2e2e200, 0x52525200, 0x9b9b9b00, 0xd8d8d800, 0x26262600, + 0xc8c8c800, 0x37373700, 0xc6c6c600, 0x3b3b3b00, 0x81818100, 0x96969600, + 0x6f6f6f00, 0x4b4b4b00, 0x13131300, 0xbebebe00, 0x63636300, 0x2e2e2e00, + 0xe9e9e900, 0x79797900, 0xa7a7a700, 0x8c8c8c00, 0x9f9f9f00, 0x6e6e6e00, + 0xbcbcbc00, 0x8e8e8e00, 0x29292900, 0xf5f5f500, 0xf9f9f900, 0xb6b6b600, + 0x2f2f2f00, 0xfdfdfd00, 0xb4b4b400, 0x59595900, 0x78787800, 0x98989800, + 0x06060600, 0x6a6a6a00, 0xe7e7e700, 0x46464600, 0x71717100, 0xbababa00, + 0xd4d4d400, 0x25252500, 0xababab00, 0x42424200, 0x88888800, 0xa2a2a200, + 0x8d8d8d00, 0xfafafa00, 0x72727200, 0x07070700, 0xb9b9b900, 0x55555500, + 0xf8f8f800, 0xeeeeee00, 0xacacac00, 0x0a0a0a00, 0x36363600, 0x49494900, + 0x2a2a2a00, 0x68686800, 0x3c3c3c00, 0x38383800, 0xf1f1f100, 0xa4a4a400, + 0x40404000, 0x28282800, 0xd3d3d300, 0x7b7b7b00, 0xbbbbbb00, 0xc9c9c900, + 0x43434300, 0xc1c1c100, 0x15151500, 0xe3e3e300, 0xadadad00, 0xf4f4f400, + 0x77777700, 0xc7c7c700, 0x80808000, 0x9e9e9e00 + }; + + private static readonly uint[] SBOX4_4404 = new uint[]{ + 0x70700070, 0x2c2c002c, 0xb3b300b3, 0xc0c000c0, 0xe4e400e4, 0x57570057, + 0xeaea00ea, 0xaeae00ae, 0x23230023, 0x6b6b006b, 0x45450045, 0xa5a500a5, + 0xeded00ed, 0x4f4f004f, 0x1d1d001d, 0x92920092, 0x86860086, 0xafaf00af, + 0x7c7c007c, 0x1f1f001f, 0x3e3e003e, 0xdcdc00dc, 0x5e5e005e, 0x0b0b000b, + 0xa6a600a6, 0x39390039, 0xd5d500d5, 0x5d5d005d, 0xd9d900d9, 0x5a5a005a, + 0x51510051, 0x6c6c006c, 0x8b8b008b, 0x9a9a009a, 0xfbfb00fb, 0xb0b000b0, + 0x74740074, 0x2b2b002b, 0xf0f000f0, 0x84840084, 0xdfdf00df, 0xcbcb00cb, + 0x34340034, 0x76760076, 0x6d6d006d, 0xa9a900a9, 0xd1d100d1, 0x04040004, + 0x14140014, 0x3a3a003a, 0xdede00de, 0x11110011, 0x32320032, 0x9c9c009c, + 0x53530053, 0xf2f200f2, 0xfefe00fe, 0xcfcf00cf, 0xc3c300c3, 0x7a7a007a, + 0x24240024, 0xe8e800e8, 0x60600060, 0x69690069, 0xaaaa00aa, 0xa0a000a0, + 0xa1a100a1, 0x62620062, 0x54540054, 0x1e1e001e, 0xe0e000e0, 0x64640064, + 0x10100010, 0x00000000, 0xa3a300a3, 0x75750075, 0x8a8a008a, 0xe6e600e6, + 0x09090009, 0xdddd00dd, 0x87870087, 0x83830083, 0xcdcd00cd, 0x90900090, + 0x73730073, 0xf6f600f6, 0x9d9d009d, 0xbfbf00bf, 0x52520052, 0xd8d800d8, + 0xc8c800c8, 0xc6c600c6, 0x81810081, 0x6f6f006f, 0x13130013, 0x63630063, + 0xe9e900e9, 0xa7a700a7, 0x9f9f009f, 0xbcbc00bc, 0x29290029, 0xf9f900f9, + 0x2f2f002f, 0xb4b400b4, 0x78780078, 0x06060006, 0xe7e700e7, 0x71710071, + 0xd4d400d4, 0xabab00ab, 0x88880088, 0x8d8d008d, 0x72720072, 0xb9b900b9, + 0xf8f800f8, 0xacac00ac, 0x36360036, 0x2a2a002a, 0x3c3c003c, 0xf1f100f1, + 0x40400040, 0xd3d300d3, 0xbbbb00bb, 0x43430043, 0x15150015, 0xadad00ad, + 0x77770077, 0x80800080, 0x82820082, 0xecec00ec, 0x27270027, 0xe5e500e5, + 0x85850085, 0x35350035, 0x0c0c000c, 0x41410041, 0xefef00ef, 0x93930093, + 0x19190019, 0x21210021, 0x0e0e000e, 0x4e4e004e, 0x65650065, 0xbdbd00bd, + 0xb8b800b8, 0x8f8f008f, 0xebeb00eb, 0xcece00ce, 0x30300030, 0x5f5f005f, + 0xc5c500c5, 0x1a1a001a, 0xe1e100e1, 0xcaca00ca, 0x47470047, 0x3d3d003d, + 0x01010001, 0xd6d600d6, 0x56560056, 0x4d4d004d, 0x0d0d000d, 0x66660066, + 0xcccc00cc, 0x2d2d002d, 0x12120012, 0x20200020, 0xb1b100b1, 0x99990099, + 0x4c4c004c, 0xc2c200c2, 0x7e7e007e, 0x05050005, 0xb7b700b7, 0x31310031, + 0x17170017, 0xd7d700d7, 0x58580058, 0x61610061, 0x1b1b001b, 0x1c1c001c, + 0x0f0f000f, 0x16160016, 0x18180018, 0x22220022, 0x44440044, 0xb2b200b2, + 0xb5b500b5, 0x91910091, 0x08080008, 0xa8a800a8, 0xfcfc00fc, 0x50500050, + 0xd0d000d0, 0x7d7d007d, 0x89890089, 0x97970097, 0x5b5b005b, 0x95950095, + 0xffff00ff, 0xd2d200d2, 0xc4c400c4, 0x48480048, 0xf7f700f7, 0xdbdb00db, + 0x03030003, 0xdada00da, 0x3f3f003f, 0x94940094, 0x5c5c005c, 0x02020002, + 0x4a4a004a, 0x33330033, 0x67670067, 0xf3f300f3, 0x7f7f007f, 0xe2e200e2, + 0x9b9b009b, 0x26260026, 0x37370037, 0x3b3b003b, 0x96960096, 0x4b4b004b, + 0xbebe00be, 0x2e2e002e, 0x79790079, 0x8c8c008c, 0x6e6e006e, 0x8e8e008e, + 0xf5f500f5, 0xb6b600b6, 0xfdfd00fd, 0x59590059, 0x98980098, 0x6a6a006a, + 0x46460046, 0xbaba00ba, 0x25250025, 0x42420042, 0xa2a200a2, 0xfafa00fa, + 0x07070007, 0x55550055, 0xeeee00ee, 0x0a0a000a, 0x49490049, 0x68680068, + 0x38380038, 0xa4a400a4, 0x28280028, 0x7b7b007b, 0xc9c900c9, 0xc1c100c1, + 0xe3e300e3, 0xf4f400f4, 0xc7c700c7, 0x9e9e009e + }; + + private static readonly uint[] SBOX2_0222 = new uint[]{ + 0x00e0e0e0, 0x00050505, 0x00585858, 0x00d9d9d9, 0x00676767, 0x004e4e4e, + 0x00818181, 0x00cbcbcb, 0x00c9c9c9, 0x000b0b0b, 0x00aeaeae, 0x006a6a6a, + 0x00d5d5d5, 0x00181818, 0x005d5d5d, 0x00828282, 0x00464646, 0x00dfdfdf, + 0x00d6d6d6, 0x00272727, 0x008a8a8a, 0x00323232, 0x004b4b4b, 0x00424242, + 0x00dbdbdb, 0x001c1c1c, 0x009e9e9e, 0x009c9c9c, 0x003a3a3a, 0x00cacaca, + 0x00252525, 0x007b7b7b, 0x000d0d0d, 0x00717171, 0x005f5f5f, 0x001f1f1f, + 0x00f8f8f8, 0x00d7d7d7, 0x003e3e3e, 0x009d9d9d, 0x007c7c7c, 0x00606060, + 0x00b9b9b9, 0x00bebebe, 0x00bcbcbc, 0x008b8b8b, 0x00161616, 0x00343434, + 0x004d4d4d, 0x00c3c3c3, 0x00727272, 0x00959595, 0x00ababab, 0x008e8e8e, + 0x00bababa, 0x007a7a7a, 0x00b3b3b3, 0x00020202, 0x00b4b4b4, 0x00adadad, + 0x00a2a2a2, 0x00acacac, 0x00d8d8d8, 0x009a9a9a, 0x00171717, 0x001a1a1a, + 0x00353535, 0x00cccccc, 0x00f7f7f7, 0x00999999, 0x00616161, 0x005a5a5a, + 0x00e8e8e8, 0x00242424, 0x00565656, 0x00404040, 0x00e1e1e1, 0x00636363, + 0x00090909, 0x00333333, 0x00bfbfbf, 0x00989898, 0x00979797, 0x00858585, + 0x00686868, 0x00fcfcfc, 0x00ececec, 0x000a0a0a, 0x00dadada, 0x006f6f6f, + 0x00535353, 0x00626262, 0x00a3a3a3, 0x002e2e2e, 0x00080808, 0x00afafaf, + 0x00282828, 0x00b0b0b0, 0x00747474, 0x00c2c2c2, 0x00bdbdbd, 0x00363636, + 0x00222222, 0x00383838, 0x00646464, 0x001e1e1e, 0x00393939, 0x002c2c2c, + 0x00a6a6a6, 0x00303030, 0x00e5e5e5, 0x00444444, 0x00fdfdfd, 0x00888888, + 0x009f9f9f, 0x00656565, 0x00878787, 0x006b6b6b, 0x00f4f4f4, 0x00232323, + 0x00484848, 0x00101010, 0x00d1d1d1, 0x00515151, 0x00c0c0c0, 0x00f9f9f9, + 0x00d2d2d2, 0x00a0a0a0, 0x00555555, 0x00a1a1a1, 0x00414141, 0x00fafafa, + 0x00434343, 0x00131313, 0x00c4c4c4, 0x002f2f2f, 0x00a8a8a8, 0x00b6b6b6, + 0x003c3c3c, 0x002b2b2b, 0x00c1c1c1, 0x00ffffff, 0x00c8c8c8, 0x00a5a5a5, + 0x00202020, 0x00898989, 0x00000000, 0x00909090, 0x00474747, 0x00efefef, + 0x00eaeaea, 0x00b7b7b7, 0x00151515, 0x00060606, 0x00cdcdcd, 0x00b5b5b5, + 0x00121212, 0x007e7e7e, 0x00bbbbbb, 0x00292929, 0x000f0f0f, 0x00b8b8b8, + 0x00070707, 0x00040404, 0x009b9b9b, 0x00949494, 0x00212121, 0x00666666, + 0x00e6e6e6, 0x00cecece, 0x00ededed, 0x00e7e7e7, 0x003b3b3b, 0x00fefefe, + 0x007f7f7f, 0x00c5c5c5, 0x00a4a4a4, 0x00373737, 0x00b1b1b1, 0x004c4c4c, + 0x00919191, 0x006e6e6e, 0x008d8d8d, 0x00767676, 0x00030303, 0x002d2d2d, + 0x00dedede, 0x00969696, 0x00262626, 0x007d7d7d, 0x00c6c6c6, 0x005c5c5c, + 0x00d3d3d3, 0x00f2f2f2, 0x004f4f4f, 0x00191919, 0x003f3f3f, 0x00dcdcdc, + 0x00797979, 0x001d1d1d, 0x00525252, 0x00ebebeb, 0x00f3f3f3, 0x006d6d6d, + 0x005e5e5e, 0x00fbfbfb, 0x00696969, 0x00b2b2b2, 0x00f0f0f0, 0x00313131, + 0x000c0c0c, 0x00d4d4d4, 0x00cfcfcf, 0x008c8c8c, 0x00e2e2e2, 0x00757575, + 0x00a9a9a9, 0x004a4a4a, 0x00575757, 0x00848484, 0x00111111, 0x00454545, + 0x001b1b1b, 0x00f5f5f5, 0x00e4e4e4, 0x000e0e0e, 0x00737373, 0x00aaaaaa, + 0x00f1f1f1, 0x00dddddd, 0x00595959, 0x00141414, 0x006c6c6c, 0x00929292, + 0x00545454, 0x00d0d0d0, 0x00787878, 0x00707070, 0x00e3e3e3, 0x00494949, + 0x00808080, 0x00505050, 0x00a7a7a7, 0x00f6f6f6, 0x00777777, 0x00939393, + 0x00868686, 0x00838383, 0x002a2a2a, 0x00c7c7c7, 0x005b5b5b, 0x00e9e9e9, + 0x00eeeeee, 0x008f8f8f, 0x00010101, 0x003d3d3d + }; + + private static readonly uint[] SBOX3_3033 = new uint[]{ + 0x38003838, 0x41004141, 0x16001616, 0x76007676, 0xd900d9d9, 0x93009393, + 0x60006060, 0xf200f2f2, 0x72007272, 0xc200c2c2, 0xab00abab, 0x9a009a9a, + 0x75007575, 0x06000606, 0x57005757, 0xa000a0a0, 0x91009191, 0xf700f7f7, + 0xb500b5b5, 0xc900c9c9, 0xa200a2a2, 0x8c008c8c, 0xd200d2d2, 0x90009090, + 0xf600f6f6, 0x07000707, 0xa700a7a7, 0x27002727, 0x8e008e8e, 0xb200b2b2, + 0x49004949, 0xde00dede, 0x43004343, 0x5c005c5c, 0xd700d7d7, 0xc700c7c7, + 0x3e003e3e, 0xf500f5f5, 0x8f008f8f, 0x67006767, 0x1f001f1f, 0x18001818, + 0x6e006e6e, 0xaf00afaf, 0x2f002f2f, 0xe200e2e2, 0x85008585, 0x0d000d0d, + 0x53005353, 0xf000f0f0, 0x9c009c9c, 0x65006565, 0xea00eaea, 0xa300a3a3, + 0xae00aeae, 0x9e009e9e, 0xec00ecec, 0x80008080, 0x2d002d2d, 0x6b006b6b, + 0xa800a8a8, 0x2b002b2b, 0x36003636, 0xa600a6a6, 0xc500c5c5, 0x86008686, + 0x4d004d4d, 0x33003333, 0xfd00fdfd, 0x66006666, 0x58005858, 0x96009696, + 0x3a003a3a, 0x09000909, 0x95009595, 0x10001010, 0x78007878, 0xd800d8d8, + 0x42004242, 0xcc00cccc, 0xef00efef, 0x26002626, 0xe500e5e5, 0x61006161, + 0x1a001a1a, 0x3f003f3f, 0x3b003b3b, 0x82008282, 0xb600b6b6, 0xdb00dbdb, + 0xd400d4d4, 0x98009898, 0xe800e8e8, 0x8b008b8b, 0x02000202, 0xeb00ebeb, + 0x0a000a0a, 0x2c002c2c, 0x1d001d1d, 0xb000b0b0, 0x6f006f6f, 0x8d008d8d, + 0x88008888, 0x0e000e0e, 0x19001919, 0x87008787, 0x4e004e4e, 0x0b000b0b, + 0xa900a9a9, 0x0c000c0c, 0x79007979, 0x11001111, 0x7f007f7f, 0x22002222, + 0xe700e7e7, 0x59005959, 0xe100e1e1, 0xda00dada, 0x3d003d3d, 0xc800c8c8, + 0x12001212, 0x04000404, 0x74007474, 0x54005454, 0x30003030, 0x7e007e7e, + 0xb400b4b4, 0x28002828, 0x55005555, 0x68006868, 0x50005050, 0xbe00bebe, + 0xd000d0d0, 0xc400c4c4, 0x31003131, 0xcb00cbcb, 0x2a002a2a, 0xad00adad, + 0x0f000f0f, 0xca00caca, 0x70007070, 0xff00ffff, 0x32003232, 0x69006969, + 0x08000808, 0x62006262, 0x00000000, 0x24002424, 0xd100d1d1, 0xfb00fbfb, + 0xba00baba, 0xed00eded, 0x45004545, 0x81008181, 0x73007373, 0x6d006d6d, + 0x84008484, 0x9f009f9f, 0xee00eeee, 0x4a004a4a, 0xc300c3c3, 0x2e002e2e, + 0xc100c1c1, 0x01000101, 0xe600e6e6, 0x25002525, 0x48004848, 0x99009999, + 0xb900b9b9, 0xb300b3b3, 0x7b007b7b, 0xf900f9f9, 0xce00cece, 0xbf00bfbf, + 0xdf00dfdf, 0x71007171, 0x29002929, 0xcd00cdcd, 0x6c006c6c, 0x13001313, + 0x64006464, 0x9b009b9b, 0x63006363, 0x9d009d9d, 0xc000c0c0, 0x4b004b4b, + 0xb700b7b7, 0xa500a5a5, 0x89008989, 0x5f005f5f, 0xb100b1b1, 0x17001717, + 0xf400f4f4, 0xbc00bcbc, 0xd300d3d3, 0x46004646, 0xcf00cfcf, 0x37003737, + 0x5e005e5e, 0x47004747, 0x94009494, 0xfa00fafa, 0xfc00fcfc, 0x5b005b5b, + 0x97009797, 0xfe00fefe, 0x5a005a5a, 0xac00acac, 0x3c003c3c, 0x4c004c4c, + 0x03000303, 0x35003535, 0xf300f3f3, 0x23002323, 0xb800b8b8, 0x5d005d5d, + 0x6a006a6a, 0x92009292, 0xd500d5d5, 0x21002121, 0x44004444, 0x51005151, + 0xc600c6c6, 0x7d007d7d, 0x39003939, 0x83008383, 0xdc00dcdc, 0xaa00aaaa, + 0x7c007c7c, 0x77007777, 0x56005656, 0x05000505, 0x1b001b1b, 0xa400a4a4, + 0x15001515, 0x34003434, 0x1e001e1e, 0x1c001c1c, 0xf800f8f8, 0x52005252, + 0x20002020, 0x14001414, 0xe900e9e9, 0xbd00bdbd, 0xdd00dddd, 0xe400e4e4, + 0xa100a1a1, 0xe000e0e0, 0x8a008a8a, 0xf100f1f1, 0xd600d6d6, 0x7a007a7a, + 0xbb00bbbb, 0xe300e3e3, 0x40004040, 0x4f004f4f + }; + + private static uint rightRotate(uint x, int s) + { + return ((x >> s) + (x << (32 - s))); + } + + private static uint leftRotate(uint x, int s) + { + return (x << s) + (x >> (32 - s)); + } + + private static void roldq(int rot, uint[] ki, int ioff, uint[] ko, int ooff) + { + ko[0 + ooff] = (ki[0 + ioff] << rot) | (ki[1 + ioff] >> (32 - rot)); + ko[1 + ooff] = (ki[1 + ioff] << rot) | (ki[2 + ioff] >> (32 - rot)); + ko[2 + ooff] = (ki[2 + ioff] << rot) | (ki[3 + ioff] >> (32 - rot)); + ko[3 + ooff] = (ki[3 + ioff] << rot) | (ki[0 + ioff] >> (32 - rot)); + ki[0 + ioff] = ko[0 + ooff]; + ki[1 + ioff] = ko[1 + ooff]; + ki[2 + ioff] = ko[2 + ooff]; + ki[3 + ioff] = ko[3 + ooff]; + } + + private static void decroldq(int rot, uint[] ki, int ioff, uint[] ko, int ooff) + { + ko[2 + ooff] = (ki[0 + ioff] << rot) | (ki[1 + ioff] >> (32 - rot)); + ko[3 + ooff] = (ki[1 + ioff] << rot) | (ki[2 + ioff] >> (32 - rot)); + ko[0 + ooff] = (ki[2 + ioff] << rot) | (ki[3 + ioff] >> (32 - rot)); + ko[1 + ooff] = (ki[3 + ioff] << rot) | (ki[0 + ioff] >> (32 - rot)); + ki[0 + ioff] = ko[2 + ooff]; + ki[1 + ioff] = ko[3 + ooff]; + ki[2 + ioff] = ko[0 + ooff]; + ki[3 + ioff] = ko[1 + ooff]; + } + + private static void roldqo32(int rot, uint[] ki, int ioff, uint[] ko, int ooff) + { + ko[0 + ooff] = (ki[1 + ioff] << (rot - 32)) | (ki[2 + ioff] >> (64 - rot)); + ko[1 + ooff] = (ki[2 + ioff] << (rot - 32)) | (ki[3 + ioff] >> (64 - rot)); + ko[2 + ooff] = (ki[3 + ioff] << (rot - 32)) | (ki[0 + ioff] >> (64 - rot)); + ko[3 + ooff] = (ki[0 + ioff] << (rot - 32)) | (ki[1 + ioff] >> (64 - rot)); + ki[0 + ioff] = ko[0 + ooff]; + ki[1 + ioff] = ko[1 + ooff]; + ki[2 + ioff] = ko[2 + ooff]; + ki[3 + ioff] = ko[3 + ooff]; + } + + private static void decroldqo32(int rot, uint[] ki, int ioff, uint[] ko, int ooff) + { + ko[2 + ooff] = (ki[1 + ioff] << (rot - 32)) | (ki[2 + ioff] >> (64 - rot)); + ko[3 + ooff] = (ki[2 + ioff] << (rot - 32)) | (ki[3 + ioff] >> (64 - rot)); + ko[0 + ooff] = (ki[3 + ioff] << (rot - 32)) | (ki[0 + ioff] >> (64 - rot)); + ko[1 + ooff] = (ki[0 + ioff] << (rot - 32)) | (ki[1 + ioff] >> (64 - rot)); + ki[0 + ioff] = ko[2 + ooff]; + ki[1 + ioff] = ko[3 + ooff]; + ki[2 + ioff] = ko[0 + ooff]; + ki[3 + ioff] = ko[1 + ooff]; + } + + private static uint bytes2uint(byte[] src, int offset) + { + uint word = 0; + for (int i = 0; i < 4; i++) + { + word = (word << 8) + (uint)src[i + offset]; + } + return word; + } + + private static void uint2bytes(uint word, byte[] dst, int offset) + { + for (int i = 0; i < 4; i++) + { + dst[(3 - i) + offset] = (byte)word; + word >>= 8; + } + } + + private static void camelliaF2(uint[] s, uint[] skey, int keyoff) + { + uint t1, t2, u, v; + + t1 = s[0] ^ skey[0 + keyoff]; + u = SBOX4_4404[(byte)t1]; + u ^= SBOX3_3033[(byte)(t1 >> 8)]; + u ^= SBOX2_0222[(byte)(t1 >> 16)]; + u ^= SBOX1_1110[(byte)(t1 >> 24)]; + t2 = s[1] ^ skey[1 + keyoff]; + v = SBOX1_1110[(byte)t2]; + v ^= SBOX4_4404[(byte)(t2 >> 8)]; + v ^= SBOX3_3033[(byte)(t2 >> 16)]; + v ^= SBOX2_0222[(byte)(t2 >> 24)]; + + s[2] ^= u ^ v; + s[3] ^= u ^ v ^ rightRotate(u, 8); + + t1 = s[2] ^ skey[2 + keyoff]; + u = SBOX4_4404[(byte)t1]; + u ^= SBOX3_3033[(byte)(t1 >> 8)]; + u ^= SBOX2_0222[(byte)(t1 >> 16)]; + u ^= SBOX1_1110[(byte)(t1 >> 24)]; + t2 = s[3] ^ skey[3 + keyoff]; + v = SBOX1_1110[(byte)t2]; + v ^= SBOX4_4404[(byte)(t2 >> 8)]; + v ^= SBOX3_3033[(byte)(t2 >> 16)]; + v ^= SBOX2_0222[(byte)(t2 >> 24)]; + + s[0] ^= u ^ v; + s[1] ^= u ^ v ^ rightRotate(u, 8); + } + + private static void camelliaFLs(uint[] s, uint[] fkey, int keyoff) + { + + s[1] ^= leftRotate(s[0] & fkey[0 + keyoff], 1); + s[0] ^= fkey[1 + keyoff] | s[1]; + + s[2] ^= fkey[3 + keyoff] | s[3]; + s[3] ^= leftRotate(fkey[2 + keyoff] & s[2], 1); + } + + private void setKey(bool forEncryption, byte[] key) + { + uint[] k = new uint[8]; + uint[] ka = new uint[4]; + uint[] kb = new uint[4]; + uint[] t = new uint[4]; + + switch (key.Length) + { + case 16: + _keyIs128 = true; + k[0] = bytes2uint(key, 0); + k[1] = bytes2uint(key, 4); + k[2] = bytes2uint(key, 8); + k[3] = bytes2uint(key, 12); + k[4] = k[5] = k[6] = k[7] = 0; + break; + case 24: + k[0] = bytes2uint(key, 0); + k[1] = bytes2uint(key, 4); + k[2] = bytes2uint(key, 8); + k[3] = bytes2uint(key, 12); + k[4] = bytes2uint(key, 16); + k[5] = bytes2uint(key, 20); + k[6] = ~k[4]; + k[7] = ~k[5]; + _keyIs128 = false; + break; + case 32: + k[0] = bytes2uint(key, 0); + k[1] = bytes2uint(key, 4); + k[2] = bytes2uint(key, 8); + k[3] = bytes2uint(key, 12); + k[4] = bytes2uint(key, 16); + k[5] = bytes2uint(key, 20); + k[6] = bytes2uint(key, 24); + k[7] = bytes2uint(key, 28); + _keyIs128 = false; + break; + default: + throw new ArgumentException("key sizes are only 16/24/32 bytes."); + } + + for (int i = 0; i < 4; i++) + { + ka[i] = k[i] ^ k[i + 4]; + } + /* compute KA */ + camelliaF2(ka, SIGMA, 0); + for (int i = 0; i < 4; i++) + { + ka[i] ^= k[i]; + } + camelliaF2(ka, SIGMA, 4); + + if (_keyIs128) + { + if (forEncryption) + { + /* KL dependant keys */ + kw[0] = k[0]; + kw[1] = k[1]; + kw[2] = k[2]; + kw[3] = k[3]; + roldq(15, k, 0, subkey, 4); + roldq(30, k, 0, subkey, 12); + roldq(15, k, 0, t, 0); + subkey[18] = t[2]; + subkey[19] = t[3]; + roldq(17, k, 0, ke, 4); + roldq(17, k, 0, subkey, 24); + roldq(17, k, 0, subkey, 32); + /* KA dependant keys */ + subkey[0] = ka[0]; + subkey[1] = ka[1]; + subkey[2] = ka[2]; + subkey[3] = ka[3]; + roldq(15, ka, 0, subkey, 8); + roldq(15, ka, 0, ke, 0); + roldq(15, ka, 0, t, 0); + subkey[16] = t[0]; + subkey[17] = t[1]; + roldq(15, ka, 0, subkey, 20); + roldqo32(34, ka, 0, subkey, 28); + roldq(17, ka, 0, kw, 4); + + } + else + { // decryption + /* KL dependant keys */ + kw[4] = k[0]; + kw[5] = k[1]; + kw[6] = k[2]; + kw[7] = k[3]; + decroldq(15, k, 0, subkey, 28); + decroldq(30, k, 0, subkey, 20); + decroldq(15, k, 0, t, 0); + subkey[16] = t[0]; + subkey[17] = t[1]; + decroldq(17, k, 0, ke, 0); + decroldq(17, k, 0, subkey, 8); + decroldq(17, k, 0, subkey, 0); + /* KA dependant keys */ + subkey[34] = ka[0]; + subkey[35] = ka[1]; + subkey[32] = ka[2]; + subkey[33] = ka[3]; + decroldq(15, ka, 0, subkey, 24); + decroldq(15, ka, 0, ke, 4); + decroldq(15, ka, 0, t, 0); + subkey[18] = t[2]; + subkey[19] = t[3]; + decroldq(15, ka, 0, subkey, 12); + decroldqo32(34, ka, 0, subkey, 4); + roldq(17, ka, 0, kw, 0); + } + } + else + { // 192bit or 256bit + /* compute KB */ + for (int i = 0; i < 4; i++) + { + kb[i] = ka[i] ^ k[i + 4]; + } + camelliaF2(kb, SIGMA, 8); + + if (forEncryption) + { + /* KL dependant keys */ + kw[0] = k[0]; + kw[1] = k[1]; + kw[2] = k[2]; + kw[3] = k[3]; + roldqo32(45, k, 0, subkey, 16); + roldq(15, k, 0, ke, 4); + roldq(17, k, 0, subkey, 32); + roldqo32(34, k, 0, subkey, 44); + /* KR dependant keys */ + roldq(15, k, 4, subkey, 4); + roldq(15, k, 4, ke, 0); + roldq(30, k, 4, subkey, 24); + roldqo32(34, k, 4, subkey, 36); + /* KA dependant keys */ + roldq(15, ka, 0, subkey, 8); + roldq(30, ka, 0, subkey, 20); + /* 32bit rotation */ + ke[8] = ka[1]; + ke[9] = ka[2]; + ke[10] = ka[3]; + ke[11] = ka[0]; + roldqo32(49, ka, 0, subkey, 40); + + /* KB dependant keys */ + subkey[0] = kb[0]; + subkey[1] = kb[1]; + subkey[2] = kb[2]; + subkey[3] = kb[3]; + roldq(30, kb, 0, subkey, 12); + roldq(30, kb, 0, subkey, 28); + roldqo32(51, kb, 0, kw, 4); + + } + else + { // decryption + /* KL dependant keys */ + kw[4] = k[0]; + kw[5] = k[1]; + kw[6] = k[2]; + kw[7] = k[3]; + decroldqo32(45, k, 0, subkey, 28); + decroldq(15, k, 0, ke, 4); + decroldq(17, k, 0, subkey, 12); + decroldqo32(34, k, 0, subkey, 0); + /* KR dependant keys */ + decroldq(15, k, 4, subkey, 40); + decroldq(15, k, 4, ke, 8); + decroldq(30, k, 4, subkey, 20); + decroldqo32(34, k, 4, subkey, 8); + /* KA dependant keys */ + decroldq(15, ka, 0, subkey, 36); + decroldq(30, ka, 0, subkey, 24); + /* 32bit rotation */ + ke[2] = ka[1]; + ke[3] = ka[2]; + ke[0] = ka[3]; + ke[1] = ka[0]; + decroldqo32(49, ka, 0, subkey, 4); + + /* KB dependant keys */ + subkey[46] = kb[0]; + subkey[47] = kb[1]; + subkey[44] = kb[2]; + subkey[45] = kb[3]; + decroldq(30, kb, 0, subkey, 32); + decroldq(30, kb, 0, subkey, 16); + roldqo32(51, kb, 0, kw, 0); + } + } + } + + private int processBlock128(byte[] input, int inOff, byte[] output, int outOff) + { + uint[] state = new uint[4]; + + for (int i = 0; i < 4; i++) + { + state[i] = bytes2uint(input, inOff + (i * 4)) ^ kw[i]; + } + + camelliaF2(state, subkey, 0); + camelliaF2(state, subkey, 4); + camelliaF2(state, subkey, 8); + camelliaFLs(state, ke, 0); + camelliaF2(state, subkey, 12); + camelliaF2(state, subkey, 16); + camelliaF2(state, subkey, 20); + camelliaFLs(state, ke, 4); + camelliaF2(state, subkey, 24); + camelliaF2(state, subkey, 28); + camelliaF2(state, subkey, 32); + + state[2] ^= kw[4]; + state[3] ^= kw[5]; + state[0] ^= kw[6]; + state[1] ^= kw[7]; + + uint2bytes(state[2], output, outOff); + uint2bytes(state[3], output, outOff + 4); + uint2bytes(state[0], output, outOff + 8); + uint2bytes(state[1], output, outOff + 12); + + return BLOCK_SIZE; + } + + private int processBlock192or256(byte[] input, int inOff, byte[] output, int outOff) + { + uint[] state = new uint[4]; + + for (int i = 0; i < 4; i++) + { + state[i] = bytes2uint(input, inOff + (i * 4)) ^ kw[i]; + } + + camelliaF2(state, subkey, 0); + camelliaF2(state, subkey, 4); + camelliaF2(state, subkey, 8); + camelliaFLs(state, ke, 0); + camelliaF2(state, subkey, 12); + camelliaF2(state, subkey, 16); + camelliaF2(state, subkey, 20); + camelliaFLs(state, ke, 4); + camelliaF2(state, subkey, 24); + camelliaF2(state, subkey, 28); + camelliaF2(state, subkey, 32); + camelliaFLs(state, ke, 8); + camelliaF2(state, subkey, 36); + camelliaF2(state, subkey, 40); + camelliaF2(state, subkey, 44); + + state[2] ^= kw[4]; + state[3] ^= kw[5]; + state[0] ^= kw[6]; + state[1] ^= kw[7]; + + uint2bytes(state[2], output, outOff); + uint2bytes(state[3], output, outOff + 4); + uint2bytes(state[0], output, outOff + 8); + uint2bytes(state[1], output, outOff + 12); + + return BLOCK_SIZE; + } + + public CamelliaEngine() + { + } + + public virtual void Init( + bool forEncryption, + ICipherParameters parameters) + { + if (!(parameters is KeyParameter)) + throw new ArgumentException("only simple KeyParameter expected."); + + setKey(forEncryption, ((KeyParameter)parameters).GetKey()); + + initialised = true; + } + + public virtual string AlgorithmName + { + get { return "Camellia"; } + } + + public virtual bool IsPartialBlockOkay + { + get { return false; } + } + + public virtual int GetBlockSize() + { + return BLOCK_SIZE; + } + + public virtual int ProcessBlock( + byte[] input, + int inOff, + byte[] output, + int outOff) + { + if (!initialised) + throw new InvalidOperationException("Camellia engine not initialised"); + + Check.DataLength(input, inOff, BLOCK_SIZE, "input buffer too short"); + Check.OutputLength(output, outOff, BLOCK_SIZE, "output buffer too short"); + + if (_keyIs128) + { + return processBlock128(input, inOff, output, outOff); + } + else + { + return processBlock192or256(input, inOff, output, outOff); + } + } + + public virtual void Reset() + { + // nothing + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/engines/CamelliaLightEngine.cs b/BouncyCastle/crypto/src/crypto/engines/CamelliaLightEngine.cs new file mode 100644 index 0000000..daf0316 --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/engines/CamelliaLightEngine.cs @@ -0,0 +1,582 @@ +using System; + +using Org.BouncyCastle.Crypto.Parameters; + +namespace Org.BouncyCastle.Crypto.Engines +{ + /** + * Camellia - based on RFC 3713, smaller implementation, about half the size of CamelliaEngine. + */ + public class CamelliaLightEngine + : IBlockCipher + { + private const int BLOCK_SIZE = 16; +// private const int MASK8 = 0xff; + private bool initialised; + private bool _keyis128; + + private uint[] subkey = new uint[24 * 4]; + private uint[] kw = new uint[4 * 2]; // for whitening + private uint[] ke = new uint[6 * 2]; // for FL and FL^(-1) + + private static readonly uint[] SIGMA = { + 0xa09e667f, 0x3bcc908b, + 0xb67ae858, 0x4caa73b2, + 0xc6ef372f, 0xe94f82be, + 0x54ff53a5, 0xf1d36f1c, + 0x10e527fa, 0xde682d1d, + 0xb05688c2, 0xb3e6c1fd + }; + + /* + * + * S-box data + * + */ + private static readonly byte[] SBOX1 = { + (byte)112, (byte)130, (byte)44, (byte)236, + (byte)179, (byte)39, (byte)192, (byte)229, + (byte)228, (byte)133, (byte)87, (byte)53, + (byte)234, (byte)12, (byte)174, (byte)65, + (byte)35, (byte)239, (byte)107, (byte)147, + (byte)69, (byte)25, (byte)165, (byte)33, + (byte)237, (byte)14, (byte)79, (byte)78, + (byte)29, (byte)101, (byte)146, (byte)189, + (byte)134, (byte)184, (byte)175, (byte)143, + (byte)124, (byte)235, (byte)31, (byte)206, + (byte)62, (byte)48, (byte)220, (byte)95, + (byte)94, (byte)197, (byte)11, (byte)26, + (byte)166, (byte)225, (byte)57, (byte)202, + (byte)213, (byte)71, (byte)93, (byte)61, + (byte)217, (byte)1, (byte)90, (byte)214, + (byte)81, (byte)86, (byte)108, (byte)77, + (byte)139, (byte)13, (byte)154, (byte)102, + (byte)251, (byte)204, (byte)176, (byte)45, + (byte)116, (byte)18, (byte)43, (byte)32, + (byte)240, (byte)177, (byte)132, (byte)153, + (byte)223, (byte)76, (byte)203, (byte)194, + (byte)52, (byte)126, (byte)118, (byte)5, + (byte)109, (byte)183, (byte)169, (byte)49, + (byte)209, (byte)23, (byte)4, (byte)215, + (byte)20, (byte)88, (byte)58, (byte)97, + (byte)222, (byte)27, (byte)17, (byte)28, + (byte)50, (byte)15, (byte)156, (byte)22, + (byte)83, (byte)24, (byte)242, (byte)34, + (byte)254, (byte)68, (byte)207, (byte)178, + (byte)195, (byte)181, (byte)122, (byte)145, + (byte)36, (byte)8, (byte)232, (byte)168, + (byte)96, (byte)252, (byte)105, (byte)80, + (byte)170, (byte)208, (byte)160, (byte)125, + (byte)161, (byte)137, (byte)98, (byte)151, + (byte)84, (byte)91, (byte)30, (byte)149, + (byte)224, (byte)255, (byte)100, (byte)210, + (byte)16, (byte)196, (byte)0, (byte)72, + (byte)163, (byte)247, (byte)117, (byte)219, + (byte)138, (byte)3, (byte)230, (byte)218, + (byte)9, (byte)63, (byte)221, (byte)148, + (byte)135, (byte)92, (byte)131, (byte)2, + (byte)205, (byte)74, (byte)144, (byte)51, + (byte)115, (byte)103, (byte)246, (byte)243, + (byte)157, (byte)127, (byte)191, (byte)226, + (byte)82, (byte)155, (byte)216, (byte)38, + (byte)200, (byte)55, (byte)198, (byte)59, + (byte)129, (byte)150, (byte)111, (byte)75, + (byte)19, (byte)190, (byte)99, (byte)46, + (byte)233, (byte)121, (byte)167, (byte)140, + (byte)159, (byte)110, (byte)188, (byte)142, + (byte)41, (byte)245, (byte)249, (byte)182, + (byte)47, (byte)253, (byte)180, (byte)89, + (byte)120, (byte)152, (byte)6, (byte)106, + (byte)231, (byte)70, (byte)113, (byte)186, + (byte)212, (byte)37, (byte)171, (byte)66, + (byte)136, (byte)162, (byte)141, (byte)250, + (byte)114, (byte)7, (byte)185, (byte)85, + (byte)248, (byte)238, (byte)172, (byte)10, + (byte)54, (byte)73, (byte)42, (byte)104, + (byte)60, (byte)56, (byte)241, (byte)164, + (byte)64, (byte)40, (byte)211, (byte)123, + (byte)187, (byte)201, (byte)67, (byte)193, + (byte)21, (byte)227, (byte)173, (byte)244, + (byte)119, (byte)199, (byte)128, (byte)158 + }; + + private static uint rightRotate(uint x, int s) + { + return ((x >> s) + (x << (32 - s))); + } + + private static uint leftRotate(uint x, int s) + { + return (x << s) + (x >> (32 - s)); + } + + private static void roldq(int rot, uint[] ki, int ioff, uint[] ko, int ooff) + { + ko[0 + ooff] = (ki[0 + ioff] << rot) | (ki[1 + ioff] >> (32 - rot)); + ko[1 + ooff] = (ki[1 + ioff] << rot) | (ki[2 + ioff] >> (32 - rot)); + ko[2 + ooff] = (ki[2 + ioff] << rot) | (ki[3 + ioff] >> (32 - rot)); + ko[3 + ooff] = (ki[3 + ioff] << rot) | (ki[0 + ioff] >> (32 - rot)); + ki[0 + ioff] = ko[0 + ooff]; + ki[1 + ioff] = ko[1 + ooff]; + ki[2 + ioff] = ko[2 + ooff]; + ki[3 + ioff] = ko[3 + ooff]; + } + + private static void decroldq(int rot, uint[] ki, int ioff, uint[] ko, int ooff) + { + ko[2 + ooff] = (ki[0 + ioff] << rot) | (ki[1 + ioff] >> (32 - rot)); + ko[3 + ooff] = (ki[1 + ioff] << rot) | (ki[2 + ioff] >> (32 - rot)); + ko[0 + ooff] = (ki[2 + ioff] << rot) | (ki[3 + ioff] >> (32 - rot)); + ko[1 + ooff] = (ki[3 + ioff] << rot) | (ki[0 + ioff] >> (32 - rot)); + ki[0 + ioff] = ko[2 + ooff]; + ki[1 + ioff] = ko[3 + ooff]; + ki[2 + ioff] = ko[0 + ooff]; + ki[3 + ioff] = ko[1 + ooff]; + } + + private static void roldqo32(int rot, uint[] ki, int ioff, uint[] ko, int ooff) + { + ko[0 + ooff] = (ki[1 + ioff] << (rot - 32)) | (ki[2 + ioff] >> (64 - rot)); + ko[1 + ooff] = (ki[2 + ioff] << (rot - 32)) | (ki[3 + ioff] >> (64 - rot)); + ko[2 + ooff] = (ki[3 + ioff] << (rot - 32)) | (ki[0 + ioff] >> (64 - rot)); + ko[3 + ooff] = (ki[0 + ioff] << (rot - 32)) | (ki[1 + ioff] >> (64 - rot)); + ki[0 + ioff] = ko[0 + ooff]; + ki[1 + ioff] = ko[1 + ooff]; + ki[2 + ioff] = ko[2 + ooff]; + ki[3 + ioff] = ko[3 + ooff]; + } + + private static void decroldqo32(int rot, uint[] ki, int ioff, uint[] ko, int ooff) + { + ko[2 + ooff] = (ki[1 + ioff] << (rot - 32)) | (ki[2 + ioff] >> (64 - rot)); + ko[3 + ooff] = (ki[2 + ioff] << (rot - 32)) | (ki[3 + ioff] >> (64 - rot)); + ko[0 + ooff] = (ki[3 + ioff] << (rot - 32)) | (ki[0 + ioff] >> (64 - rot)); + ko[1 + ooff] = (ki[0 + ioff] << (rot - 32)) | (ki[1 + ioff] >> (64 - rot)); + ki[0 + ioff] = ko[2 + ooff]; + ki[1 + ioff] = ko[3 + ooff]; + ki[2 + ioff] = ko[0 + ooff]; + ki[3 + ioff] = ko[1 + ooff]; + } + + private static uint bytes2uint(byte[] src, int offset) + { + uint word = 0; + for (int i = 0; i < 4; i++) + { + word = (word << 8) + (uint)src[i + offset]; + } + return word; + } + + private static void uint2bytes(uint word, byte[] dst, int offset) + { + for (int i = 0; i < 4; i++) + { + dst[(3 - i) + offset] = (byte)word; + word >>= 8; + } + } + + private byte lRot8(byte v, int rot) + { + return (byte)(((uint)v << rot) | ((uint)v >> (8 - rot))); + } + + private uint sbox2(int x) + { + return (uint)lRot8(SBOX1[x], 1); + } + + private uint sbox3(int x) + { + return (uint)lRot8(SBOX1[x], 7); + } + + private uint sbox4(int x) + { + return (uint)SBOX1[lRot8((byte)x, 1)]; + } + + private void camelliaF2(uint[] s, uint[] skey, int keyoff) + { + uint t1, t2, u, v; + + t1 = s[0] ^ skey[0 + keyoff]; + u = sbox4((byte)t1); + u |= (sbox3((byte)(t1 >> 8)) << 8); + u |= (sbox2((byte)(t1 >> 16)) << 16); + u |= ((uint)(SBOX1[(byte)(t1 >> 24)]) << 24); + + t2 = s[1] ^ skey[1 + keyoff]; + v = (uint)SBOX1[(byte)t2]; + v |= (sbox4((byte)(t2 >> 8)) << 8); + v |= (sbox3((byte)(t2 >> 16)) << 16); + v |= (sbox2((byte)(t2 >> 24)) << 24); + + v = leftRotate(v, 8); + u ^= v; + v = leftRotate(v, 8) ^ u; + u = rightRotate(u, 8) ^ v; + s[2] ^= leftRotate(v, 16) ^ u; + s[3] ^= leftRotate(u, 8); + + t1 = s[2] ^ skey[2 + keyoff]; + u = sbox4((byte)t1); + u |= sbox3((byte)(t1 >> 8)) << 8; + u |= sbox2((byte)(t1 >> 16)) << 16; + u |= ((uint)SBOX1[(byte)(t1 >> 24)]) << 24; + + t2 = s[3] ^ skey[3 + keyoff]; + v = (uint)SBOX1[(byte)t2]; + v |= sbox4((byte)(t2 >> 8)) << 8; + v |= sbox3((byte)(t2 >> 16)) << 16; + v |= sbox2((byte)(t2 >> 24)) << 24; + + v = leftRotate(v, 8); + u ^= v; + v = leftRotate(v, 8) ^ u; + u = rightRotate(u, 8) ^ v; + s[0] ^= leftRotate(v, 16) ^ u; + s[1] ^= leftRotate(u, 8); + } + + private void camelliaFLs(uint[] s, uint[] fkey, int keyoff) + { + s[1] ^= leftRotate(s[0] & fkey[0 + keyoff], 1); + s[0] ^= fkey[1 + keyoff] | s[1]; + + s[2] ^= fkey[3 + keyoff] | s[3]; + s[3] ^= leftRotate(fkey[2 + keyoff] & s[2], 1); + } + + private void setKey(bool forEncryption, byte[] key) + { + uint[] k = new uint[8]; + uint[] ka = new uint[4]; + uint[] kb = new uint[4]; + uint[] t = new uint[4]; + + switch (key.Length) + { + case 16: + _keyis128 = true; + k[0] = bytes2uint(key, 0); + k[1] = bytes2uint(key, 4); + k[2] = bytes2uint(key, 8); + k[3] = bytes2uint(key, 12); + k[4] = k[5] = k[6] = k[7] = 0; + break; + case 24: + k[0] = bytes2uint(key, 0); + k[1] = bytes2uint(key, 4); + k[2] = bytes2uint(key, 8); + k[3] = bytes2uint(key, 12); + k[4] = bytes2uint(key, 16); + k[5] = bytes2uint(key, 20); + k[6] = ~k[4]; + k[7] = ~k[5]; + _keyis128 = false; + break; + case 32: + k[0] = bytes2uint(key, 0); + k[1] = bytes2uint(key, 4); + k[2] = bytes2uint(key, 8); + k[3] = bytes2uint(key, 12); + k[4] = bytes2uint(key, 16); + k[5] = bytes2uint(key, 20); + k[6] = bytes2uint(key, 24); + k[7] = bytes2uint(key, 28); + _keyis128 = false; + break; + default: + throw new ArgumentException("key sizes are only 16/24/32 bytes."); + } + + for (int i = 0; i < 4; i++) + { + ka[i] = k[i] ^ k[i + 4]; + } + /* compute KA */ + camelliaF2(ka, SIGMA, 0); + for (int i = 0; i < 4; i++) + { + ka[i] ^= k[i]; + } + camelliaF2(ka, SIGMA, 4); + + if (_keyis128) + { + if (forEncryption) + { + /* KL dependant keys */ + kw[0] = k[0]; + kw[1] = k[1]; + kw[2] = k[2]; + kw[3] = k[3]; + roldq(15, k, 0, subkey, 4); + roldq(30, k, 0, subkey, 12); + roldq(15, k, 0, t, 0); + subkey[18] = t[2]; + subkey[19] = t[3]; + roldq(17, k, 0, ke, 4); + roldq(17, k, 0, subkey, 24); + roldq(17, k, 0, subkey, 32); + /* KA dependant keys */ + subkey[0] = ka[0]; + subkey[1] = ka[1]; + subkey[2] = ka[2]; + subkey[3] = ka[3]; + roldq(15, ka, 0, subkey, 8); + roldq(15, ka, 0, ke, 0); + roldq(15, ka, 0, t, 0); + subkey[16] = t[0]; + subkey[17] = t[1]; + roldq(15, ka, 0, subkey, 20); + roldqo32(34, ka, 0, subkey, 28); + roldq(17, ka, 0, kw, 4); + + } + else + { // decryption + /* KL dependant keys */ + kw[4] = k[0]; + kw[5] = k[1]; + kw[6] = k[2]; + kw[7] = k[3]; + decroldq(15, k, 0, subkey, 28); + decroldq(30, k, 0, subkey, 20); + decroldq(15, k, 0, t, 0); + subkey[16] = t[0]; + subkey[17] = t[1]; + decroldq(17, k, 0, ke, 0); + decroldq(17, k, 0, subkey, 8); + decroldq(17, k, 0, subkey, 0); + /* KA dependant keys */ + subkey[34] = ka[0]; + subkey[35] = ka[1]; + subkey[32] = ka[2]; + subkey[33] = ka[3]; + decroldq(15, ka, 0, subkey, 24); + decroldq(15, ka, 0, ke, 4); + decroldq(15, ka, 0, t, 0); + subkey[18] = t[2]; + subkey[19] = t[3]; + decroldq(15, ka, 0, subkey, 12); + decroldqo32(34, ka, 0, subkey, 4); + roldq(17, ka, 0, kw, 0); + } + } + else + { // 192bit or 256bit + /* compute KB */ + for (int i = 0; i < 4; i++) + { + kb[i] = ka[i] ^ k[i + 4]; + } + camelliaF2(kb, SIGMA, 8); + + if (forEncryption) + { + /* KL dependant keys */ + kw[0] = k[0]; + kw[1] = k[1]; + kw[2] = k[2]; + kw[3] = k[3]; + roldqo32(45, k, 0, subkey, 16); + roldq(15, k, 0, ke, 4); + roldq(17, k, 0, subkey, 32); + roldqo32(34, k, 0, subkey, 44); + /* KR dependant keys */ + roldq(15, k, 4, subkey, 4); + roldq(15, k, 4, ke, 0); + roldq(30, k, 4, subkey, 24); + roldqo32(34, k, 4, subkey, 36); + /* KA dependant keys */ + roldq(15, ka, 0, subkey, 8); + roldq(30, ka, 0, subkey, 20); + /* 32bit rotation */ + ke[8] = ka[1]; + ke[9] = ka[2]; + ke[10] = ka[3]; + ke[11] = ka[0]; + roldqo32(49, ka, 0, subkey, 40); + + /* KB dependant keys */ + subkey[0] = kb[0]; + subkey[1] = kb[1]; + subkey[2] = kb[2]; + subkey[3] = kb[3]; + roldq(30, kb, 0, subkey, 12); + roldq(30, kb, 0, subkey, 28); + roldqo32(51, kb, 0, kw, 4); + + } + else + { // decryption + /* KL dependant keys */ + kw[4] = k[0]; + kw[5] = k[1]; + kw[6] = k[2]; + kw[7] = k[3]; + decroldqo32(45, k, 0, subkey, 28); + decroldq(15, k, 0, ke, 4); + decroldq(17, k, 0, subkey, 12); + decroldqo32(34, k, 0, subkey, 0); + /* KR dependant keys */ + decroldq(15, k, 4, subkey, 40); + decroldq(15, k, 4, ke, 8); + decroldq(30, k, 4, subkey, 20); + decroldqo32(34, k, 4, subkey, 8); + /* KA dependant keys */ + decroldq(15, ka, 0, subkey, 36); + decroldq(30, ka, 0, subkey, 24); + /* 32bit rotation */ + ke[2] = ka[1]; + ke[3] = ka[2]; + ke[0] = ka[3]; + ke[1] = ka[0]; + decroldqo32(49, ka, 0, subkey, 4); + + /* KB dependant keys */ + subkey[46] = kb[0]; + subkey[47] = kb[1]; + subkey[44] = kb[2]; + subkey[45] = kb[3]; + decroldq(30, kb, 0, subkey, 32); + decroldq(30, kb, 0, subkey, 16); + roldqo32(51, kb, 0, kw, 0); + } + } + } + + private int processBlock128(byte[] input, int inOff, byte[] output, int outOff) + { + uint[] state = new uint[4]; + + for (int i = 0; i < 4; i++) + { + state[i] = bytes2uint(input, inOff + (i * 4)) ^ kw[i]; + } + + camelliaF2(state, subkey, 0); + camelliaF2(state, subkey, 4); + camelliaF2(state, subkey, 8); + camelliaFLs(state, ke, 0); + camelliaF2(state, subkey, 12); + camelliaF2(state, subkey, 16); + camelliaF2(state, subkey, 20); + camelliaFLs(state, ke, 4); + camelliaF2(state, subkey, 24); + camelliaF2(state, subkey, 28); + camelliaF2(state, subkey, 32); + + state[2] ^= kw[4]; + state[3] ^= kw[5]; + state[0] ^= kw[6]; + state[1] ^= kw[7]; + + uint2bytes(state[2], output, outOff); + uint2bytes(state[3], output, outOff + 4); + uint2bytes(state[0], output, outOff + 8); + uint2bytes(state[1], output, outOff + 12); + + return BLOCK_SIZE; + } + + private int processBlock192or256(byte[] input, int inOff, byte[] output, int outOff) + { + uint[] state = new uint[4]; + + for (int i = 0; i < 4; i++) + { + state[i] = bytes2uint(input, inOff + (i * 4)) ^ kw[i]; + } + + camelliaF2(state, subkey, 0); + camelliaF2(state, subkey, 4); + camelliaF2(state, subkey, 8); + camelliaFLs(state, ke, 0); + camelliaF2(state, subkey, 12); + camelliaF2(state, subkey, 16); + camelliaF2(state, subkey, 20); + camelliaFLs(state, ke, 4); + camelliaF2(state, subkey, 24); + camelliaF2(state, subkey, 28); + camelliaF2(state, subkey, 32); + camelliaFLs(state, ke, 8); + camelliaF2(state, subkey, 36); + camelliaF2(state, subkey, 40); + camelliaF2(state, subkey, 44); + + state[2] ^= kw[4]; + state[3] ^= kw[5]; + state[0] ^= kw[6]; + state[1] ^= kw[7]; + + uint2bytes(state[2], output, outOff); + uint2bytes(state[3], output, outOff + 4); + uint2bytes(state[0], output, outOff + 8); + uint2bytes(state[1], output, outOff + 12); + + return BLOCK_SIZE; + } + + public CamelliaLightEngine() + { + initialised = false; + } + + public virtual string AlgorithmName + { + get { return "Camellia"; } + } + + public virtual bool IsPartialBlockOkay + { + get { return false; } + } + + public virtual int GetBlockSize() + { + return BLOCK_SIZE; + } + + public virtual void Init( + bool forEncryption, + ICipherParameters parameters) + { + if (!(parameters is KeyParameter)) + throw new ArgumentException("only simple KeyParameter expected."); + + setKey(forEncryption, ((KeyParameter)parameters).GetKey()); + + initialised = true; + } + + public virtual int ProcessBlock( + byte[] input, + int inOff, + byte[] output, + int outOff) + { + if (!initialised) + throw new InvalidOperationException("Camellia engine not initialised"); + + Check.DataLength(input, inOff, BLOCK_SIZE, "input buffer too short"); + Check.OutputLength(output, outOff, BLOCK_SIZE, "output buffer too short"); + + if (_keyis128) + { + return processBlock128(input, inOff, output, outOff); + } + else + { + return processBlock192or256(input, inOff, output, outOff); + } + } + + public virtual void Reset() + { + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/engines/CamelliaWrapEngine.cs b/BouncyCastle/crypto/src/crypto/engines/CamelliaWrapEngine.cs new file mode 100644 index 0000000..49dc833 --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/engines/CamelliaWrapEngine.cs @@ -0,0 +1,16 @@ +namespace Org.BouncyCastle.Crypto.Engines +{ + /// + /// An implementation of the Camellia key wrapper based on RFC 3657/RFC 3394. + ///

+ /// For further details see: http://www.ietf.org/rfc/rfc3657.txt. + /// + public class CamelliaWrapEngine + : Rfc3394WrapEngine + { + public CamelliaWrapEngine() + : base(new CamelliaEngine()) + { + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/engines/Cast5Engine.cs b/BouncyCastle/crypto/src/crypto/engines/Cast5Engine.cs new file mode 100644 index 0000000..398f6d4 --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/engines/Cast5Engine.cs @@ -0,0 +1,802 @@ +using System; + +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Crypto.Utilities; +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Crypto.Engines +{ + /** + * A class that provides CAST key encryption operations, + * such as encoding data and generating keys. + * + * All the algorithms herein are from the Internet RFC's + * + * RFC2144 - Cast5 (64bit block, 40-128bit key) + * RFC2612 - CAST6 (128bit block, 128-256bit key) + * + * and implement a simplified cryptography interface. + */ + public class Cast5Engine + : IBlockCipher + { + private static readonly uint[] S1 = + { + 0x30fb40d4, 0x9fa0ff0b, 0x6beccd2f, 0x3f258c7a, 0x1e213f2f, 0x9c004dd3, 0x6003e540, 0xcf9fc949, + 0xbfd4af27, 0x88bbbdb5, 0xe2034090, 0x98d09675, 0x6e63a0e0, 0x15c361d2, 0xc2e7661d, 0x22d4ff8e, + 0x28683b6f, 0xc07fd059, 0xff2379c8, 0x775f50e2, 0x43c340d3, 0xdf2f8656, 0x887ca41a, 0xa2d2bd2d, + 0xa1c9e0d6, 0x346c4819, 0x61b76d87, 0x22540f2f, 0x2abe32e1, 0xaa54166b, 0x22568e3a, 0xa2d341d0, + 0x66db40c8, 0xa784392f, 0x004dff2f, 0x2db9d2de, 0x97943fac, 0x4a97c1d8, 0x527644b7, 0xb5f437a7, + 0xb82cbaef, 0xd751d159, 0x6ff7f0ed, 0x5a097a1f, 0x827b68d0, 0x90ecf52e, 0x22b0c054, 0xbc8e5935, + 0x4b6d2f7f, 0x50bb64a2, 0xd2664910, 0xbee5812d, 0xb7332290, 0xe93b159f, 0xb48ee411, 0x4bff345d, + 0xfd45c240, 0xad31973f, 0xc4f6d02e, 0x55fc8165, 0xd5b1caad, 0xa1ac2dae, 0xa2d4b76d, 0xc19b0c50, + 0x882240f2, 0x0c6e4f38, 0xa4e4bfd7, 0x4f5ba272, 0x564c1d2f, 0xc59c5319, 0xb949e354, 0xb04669fe, + 0xb1b6ab8a, 0xc71358dd, 0x6385c545, 0x110f935d, 0x57538ad5, 0x6a390493, 0xe63d37e0, 0x2a54f6b3, + 0x3a787d5f, 0x6276a0b5, 0x19a6fcdf, 0x7a42206a, 0x29f9d4d5, 0xf61b1891, 0xbb72275e, 0xaa508167, + 0x38901091, 0xc6b505eb, 0x84c7cb8c, 0x2ad75a0f, 0x874a1427, 0xa2d1936b, 0x2ad286af, 0xaa56d291, + 0xd7894360, 0x425c750d, 0x93b39e26, 0x187184c9, 0x6c00b32d, 0x73e2bb14, 0xa0bebc3c, 0x54623779, + 0x64459eab, 0x3f328b82, 0x7718cf82, 0x59a2cea6, 0x04ee002e, 0x89fe78e6, 0x3fab0950, 0x325ff6c2, + 0x81383f05, 0x6963c5c8, 0x76cb5ad6, 0xd49974c9, 0xca180dcf, 0x380782d5, 0xc7fa5cf6, 0x8ac31511, + 0x35e79e13, 0x47da91d0, 0xf40f9086, 0xa7e2419e, 0x31366241, 0x051ef495, 0xaa573b04, 0x4a805d8d, + 0x548300d0, 0x00322a3c, 0xbf64cddf, 0xba57a68e, 0x75c6372b, 0x50afd341, 0xa7c13275, 0x915a0bf5, + 0x6b54bfab, 0x2b0b1426, 0xab4cc9d7, 0x449ccd82, 0xf7fbf265, 0xab85c5f3, 0x1b55db94, 0xaad4e324, + 0xcfa4bd3f, 0x2deaa3e2, 0x9e204d02, 0xc8bd25ac, 0xeadf55b3, 0xd5bd9e98, 0xe31231b2, 0x2ad5ad6c, + 0x954329de, 0xadbe4528, 0xd8710f69, 0xaa51c90f, 0xaa786bf6, 0x22513f1e, 0xaa51a79b, 0x2ad344cc, + 0x7b5a41f0, 0xd37cfbad, 0x1b069505, 0x41ece491, 0xb4c332e6, 0x032268d4, 0xc9600acc, 0xce387e6d, + 0xbf6bb16c, 0x6a70fb78, 0x0d03d9c9, 0xd4df39de, 0xe01063da, 0x4736f464, 0x5ad328d8, 0xb347cc96, + 0x75bb0fc3, 0x98511bfb, 0x4ffbcc35, 0xb58bcf6a, 0xe11f0abc, 0xbfc5fe4a, 0xa70aec10, 0xac39570a, + 0x3f04442f, 0x6188b153, 0xe0397a2e, 0x5727cb79, 0x9ceb418f, 0x1cacd68d, 0x2ad37c96, 0x0175cb9d, + 0xc69dff09, 0xc75b65f0, 0xd9db40d8, 0xec0e7779, 0x4744ead4, 0xb11c3274, 0xdd24cb9e, 0x7e1c54bd, + 0xf01144f9, 0xd2240eb1, 0x9675b3fd, 0xa3ac3755, 0xd47c27af, 0x51c85f4d, 0x56907596, 0xa5bb15e6, + 0x580304f0, 0xca042cf1, 0x011a37ea, 0x8dbfaadb, 0x35ba3e4a, 0x3526ffa0, 0xc37b4d09, 0xbc306ed9, + 0x98a52666, 0x5648f725, 0xff5e569d, 0x0ced63d0, 0x7c63b2cf, 0x700b45e1, 0xd5ea50f1, 0x85a92872, + 0xaf1fbda7, 0xd4234870, 0xa7870bf3, 0x2d3b4d79, 0x42e04198, 0x0cd0ede7, 0x26470db8, 0xf881814c, + 0x474d6ad7, 0x7c0c5e5c, 0xd1231959, 0x381b7298, 0xf5d2f4db, 0xab838653, 0x6e2f1e23, 0x83719c9e, + 0xbd91e046, 0x9a56456e, 0xdc39200c, 0x20c8c571, 0x962bda1c, 0xe1e696ff, 0xb141ab08, 0x7cca89b9, + 0x1a69e783, 0x02cc4843, 0xa2f7c579, 0x429ef47d, 0x427b169c, 0x5ac9f049, 0xdd8f0f00, 0x5c8165bf + }, + S2 = + { + 0x1f201094, 0xef0ba75b, 0x69e3cf7e, 0x393f4380, 0xfe61cf7a, 0xeec5207a, 0x55889c94, 0x72fc0651, + 0xada7ef79, 0x4e1d7235, 0xd55a63ce, 0xde0436ba, 0x99c430ef, 0x5f0c0794, 0x18dcdb7d, 0xa1d6eff3, + 0xa0b52f7b, 0x59e83605, 0xee15b094, 0xe9ffd909, 0xdc440086, 0xef944459, 0xba83ccb3, 0xe0c3cdfb, + 0xd1da4181, 0x3b092ab1, 0xf997f1c1, 0xa5e6cf7b, 0x01420ddb, 0xe4e7ef5b, 0x25a1ff41, 0xe180f806, + 0x1fc41080, 0x179bee7a, 0xd37ac6a9, 0xfe5830a4, 0x98de8b7f, 0x77e83f4e, 0x79929269, 0x24fa9f7b, + 0xe113c85b, 0xacc40083, 0xd7503525, 0xf7ea615f, 0x62143154, 0x0d554b63, 0x5d681121, 0xc866c359, + 0x3d63cf73, 0xcee234c0, 0xd4d87e87, 0x5c672b21, 0x071f6181, 0x39f7627f, 0x361e3084, 0xe4eb573b, + 0x602f64a4, 0xd63acd9c, 0x1bbc4635, 0x9e81032d, 0x2701f50c, 0x99847ab4, 0xa0e3df79, 0xba6cf38c, + 0x10843094, 0x2537a95e, 0xf46f6ffe, 0xa1ff3b1f, 0x208cfb6a, 0x8f458c74, 0xd9e0a227, 0x4ec73a34, + 0xfc884f69, 0x3e4de8df, 0xef0e0088, 0x3559648d, 0x8a45388c, 0x1d804366, 0x721d9bfd, 0xa58684bb, + 0xe8256333, 0x844e8212, 0x128d8098, 0xfed33fb4, 0xce280ae1, 0x27e19ba5, 0xd5a6c252, 0xe49754bd, + 0xc5d655dd, 0xeb667064, 0x77840b4d, 0xa1b6a801, 0x84db26a9, 0xe0b56714, 0x21f043b7, 0xe5d05860, + 0x54f03084, 0x066ff472, 0xa31aa153, 0xdadc4755, 0xb5625dbf, 0x68561be6, 0x83ca6b94, 0x2d6ed23b, + 0xeccf01db, 0xa6d3d0ba, 0xb6803d5c, 0xaf77a709, 0x33b4a34c, 0x397bc8d6, 0x5ee22b95, 0x5f0e5304, + 0x81ed6f61, 0x20e74364, 0xb45e1378, 0xde18639b, 0x881ca122, 0xb96726d1, 0x8049a7e8, 0x22b7da7b, + 0x5e552d25, 0x5272d237, 0x79d2951c, 0xc60d894c, 0x488cb402, 0x1ba4fe5b, 0xa4b09f6b, 0x1ca815cf, + 0xa20c3005, 0x8871df63, 0xb9de2fcb, 0x0cc6c9e9, 0x0beeff53, 0xe3214517, 0xb4542835, 0x9f63293c, + 0xee41e729, 0x6e1d2d7c, 0x50045286, 0x1e6685f3, 0xf33401c6, 0x30a22c95, 0x31a70850, 0x60930f13, + 0x73f98417, 0xa1269859, 0xec645c44, 0x52c877a9, 0xcdff33a6, 0xa02b1741, 0x7cbad9a2, 0x2180036f, + 0x50d99c08, 0xcb3f4861, 0xc26bd765, 0x64a3f6ab, 0x80342676, 0x25a75e7b, 0xe4e6d1fc, 0x20c710e6, + 0xcdf0b680, 0x17844d3b, 0x31eef84d, 0x7e0824e4, 0x2ccb49eb, 0x846a3bae, 0x8ff77888, 0xee5d60f6, + 0x7af75673, 0x2fdd5cdb, 0xa11631c1, 0x30f66f43, 0xb3faec54, 0x157fd7fa, 0xef8579cc, 0xd152de58, + 0xdb2ffd5e, 0x8f32ce19, 0x306af97a, 0x02f03ef8, 0x99319ad5, 0xc242fa0f, 0xa7e3ebb0, 0xc68e4906, + 0xb8da230c, 0x80823028, 0xdcdef3c8, 0xd35fb171, 0x088a1bc8, 0xbec0c560, 0x61a3c9e8, 0xbca8f54d, + 0xc72feffa, 0x22822e99, 0x82c570b4, 0xd8d94e89, 0x8b1c34bc, 0x301e16e6, 0x273be979, 0xb0ffeaa6, + 0x61d9b8c6, 0x00b24869, 0xb7ffce3f, 0x08dc283b, 0x43daf65a, 0xf7e19798, 0x7619b72f, 0x8f1c9ba4, + 0xdc8637a0, 0x16a7d3b1, 0x9fc393b7, 0xa7136eeb, 0xc6bcc63e, 0x1a513742, 0xef6828bc, 0x520365d6, + 0x2d6a77ab, 0x3527ed4b, 0x821fd216, 0x095c6e2e, 0xdb92f2fb, 0x5eea29cb, 0x145892f5, 0x91584f7f, + 0x5483697b, 0x2667a8cc, 0x85196048, 0x8c4bacea, 0x833860d4, 0x0d23e0f9, 0x6c387e8a, 0x0ae6d249, + 0xb284600c, 0xd835731d, 0xdcb1c647, 0xac4c56ea, 0x3ebd81b3, 0x230eabb0, 0x6438bc87, 0xf0b5b1fa, + 0x8f5ea2b3, 0xfc184642, 0x0a036b7a, 0x4fb089bd, 0x649da589, 0xa345415e, 0x5c038323, 0x3e5d3bb9, + 0x43d79572, 0x7e6dd07c, 0x06dfdf1e, 0x6c6cc4ef, 0x7160a539, 0x73bfbe70, 0x83877605, 0x4523ecf1 + }, + S3 = + { + 0x8defc240, 0x25fa5d9f, 0xeb903dbf, 0xe810c907, 0x47607fff, 0x369fe44b, 0x8c1fc644, 0xaececa90, + 0xbeb1f9bf, 0xeefbcaea, 0xe8cf1950, 0x51df07ae, 0x920e8806, 0xf0ad0548, 0xe13c8d83, 0x927010d5, + 0x11107d9f, 0x07647db9, 0xb2e3e4d4, 0x3d4f285e, 0xb9afa820, 0xfade82e0, 0xa067268b, 0x8272792e, + 0x553fb2c0, 0x489ae22b, 0xd4ef9794, 0x125e3fbc, 0x21fffcee, 0x825b1bfd, 0x9255c5ed, 0x1257a240, + 0x4e1a8302, 0xbae07fff, 0x528246e7, 0x8e57140e, 0x3373f7bf, 0x8c9f8188, 0xa6fc4ee8, 0xc982b5a5, + 0xa8c01db7, 0x579fc264, 0x67094f31, 0xf2bd3f5f, 0x40fff7c1, 0x1fb78dfc, 0x8e6bd2c1, 0x437be59b, + 0x99b03dbf, 0xb5dbc64b, 0x638dc0e6, 0x55819d99, 0xa197c81c, 0x4a012d6e, 0xc5884a28, 0xccc36f71, + 0xb843c213, 0x6c0743f1, 0x8309893c, 0x0feddd5f, 0x2f7fe850, 0xd7c07f7e, 0x02507fbf, 0x5afb9a04, + 0xa747d2d0, 0x1651192e, 0xaf70bf3e, 0x58c31380, 0x5f98302e, 0x727cc3c4, 0x0a0fb402, 0x0f7fef82, + 0x8c96fdad, 0x5d2c2aae, 0x8ee99a49, 0x50da88b8, 0x8427f4a0, 0x1eac5790, 0x796fb449, 0x8252dc15, + 0xefbd7d9b, 0xa672597d, 0xada840d8, 0x45f54504, 0xfa5d7403, 0xe83ec305, 0x4f91751a, 0x925669c2, + 0x23efe941, 0xa903f12e, 0x60270df2, 0x0276e4b6, 0x94fd6574, 0x927985b2, 0x8276dbcb, 0x02778176, + 0xf8af918d, 0x4e48f79e, 0x8f616ddf, 0xe29d840e, 0x842f7d83, 0x340ce5c8, 0x96bbb682, 0x93b4b148, + 0xef303cab, 0x984faf28, 0x779faf9b, 0x92dc560d, 0x224d1e20, 0x8437aa88, 0x7d29dc96, 0x2756d3dc, + 0x8b907cee, 0xb51fd240, 0xe7c07ce3, 0xe566b4a1, 0xc3e9615e, 0x3cf8209d, 0x6094d1e3, 0xcd9ca341, + 0x5c76460e, 0x00ea983b, 0xd4d67881, 0xfd47572c, 0xf76cedd9, 0xbda8229c, 0x127dadaa, 0x438a074e, + 0x1f97c090, 0x081bdb8a, 0x93a07ebe, 0xb938ca15, 0x97b03cff, 0x3dc2c0f8, 0x8d1ab2ec, 0x64380e51, + 0x68cc7bfb, 0xd90f2788, 0x12490181, 0x5de5ffd4, 0xdd7ef86a, 0x76a2e214, 0xb9a40368, 0x925d958f, + 0x4b39fffa, 0xba39aee9, 0xa4ffd30b, 0xfaf7933b, 0x6d498623, 0x193cbcfa, 0x27627545, 0x825cf47a, + 0x61bd8ba0, 0xd11e42d1, 0xcead04f4, 0x127ea392, 0x10428db7, 0x8272a972, 0x9270c4a8, 0x127de50b, + 0x285ba1c8, 0x3c62f44f, 0x35c0eaa5, 0xe805d231, 0x428929fb, 0xb4fcdf82, 0x4fb66a53, 0x0e7dc15b, + 0x1f081fab, 0x108618ae, 0xfcfd086d, 0xf9ff2889, 0x694bcc11, 0x236a5cae, 0x12deca4d, 0x2c3f8cc5, + 0xd2d02dfe, 0xf8ef5896, 0xe4cf52da, 0x95155b67, 0x494a488c, 0xb9b6a80c, 0x5c8f82bc, 0x89d36b45, + 0x3a609437, 0xec00c9a9, 0x44715253, 0x0a874b49, 0xd773bc40, 0x7c34671c, 0x02717ef6, 0x4feb5536, + 0xa2d02fff, 0xd2bf60c4, 0xd43f03c0, 0x50b4ef6d, 0x07478cd1, 0x006e1888, 0xa2e53f55, 0xb9e6d4bc, + 0xa2048016, 0x97573833, 0xd7207d67, 0xde0f8f3d, 0x72f87b33, 0xabcc4f33, 0x7688c55d, 0x7b00a6b0, + 0x947b0001, 0x570075d2, 0xf9bb88f8, 0x8942019e, 0x4264a5ff, 0x856302e0, 0x72dbd92b, 0xee971b69, + 0x6ea22fde, 0x5f08ae2b, 0xaf7a616d, 0xe5c98767, 0xcf1febd2, 0x61efc8c2, 0xf1ac2571, 0xcc8239c2, + 0x67214cb8, 0xb1e583d1, 0xb7dc3e62, 0x7f10bdce, 0xf90a5c38, 0x0ff0443d, 0x606e6dc6, 0x60543a49, + 0x5727c148, 0x2be98a1d, 0x8ab41738, 0x20e1be24, 0xaf96da0f, 0x68458425, 0x99833be5, 0x600d457d, + 0x282f9350, 0x8334b362, 0xd91d1120, 0x2b6d8da0, 0x642b1e31, 0x9c305a00, 0x52bce688, 0x1b03588a, + 0xf7baefd5, 0x4142ed9c, 0xa4315c11, 0x83323ec5, 0xdfef4636, 0xa133c501, 0xe9d3531c, 0xee353783 + }, + S4 = + { + 0x9db30420, 0x1fb6e9de, 0xa7be7bef, 0xd273a298, 0x4a4f7bdb, 0x64ad8c57, 0x85510443, 0xfa020ed1, + 0x7e287aff, 0xe60fb663, 0x095f35a1, 0x79ebf120, 0xfd059d43, 0x6497b7b1, 0xf3641f63, 0x241e4adf, + 0x28147f5f, 0x4fa2b8cd, 0xc9430040, 0x0cc32220, 0xfdd30b30, 0xc0a5374f, 0x1d2d00d9, 0x24147b15, + 0xee4d111a, 0x0fca5167, 0x71ff904c, 0x2d195ffe, 0x1a05645f, 0x0c13fefe, 0x081b08ca, 0x05170121, + 0x80530100, 0xe83e5efe, 0xac9af4f8, 0x7fe72701, 0xd2b8ee5f, 0x06df4261, 0xbb9e9b8a, 0x7293ea25, + 0xce84ffdf, 0xf5718801, 0x3dd64b04, 0xa26f263b, 0x7ed48400, 0x547eebe6, 0x446d4ca0, 0x6cf3d6f5, + 0x2649abdf, 0xaea0c7f5, 0x36338cc1, 0x503f7e93, 0xd3772061, 0x11b638e1, 0x72500e03, 0xf80eb2bb, + 0xabe0502e, 0xec8d77de, 0x57971e81, 0xe14f6746, 0xc9335400, 0x6920318f, 0x081dbb99, 0xffc304a5, + 0x4d351805, 0x7f3d5ce3, 0xa6c866c6, 0x5d5bcca9, 0xdaec6fea, 0x9f926f91, 0x9f46222f, 0x3991467d, + 0xa5bf6d8e, 0x1143c44f, 0x43958302, 0xd0214eeb, 0x022083b8, 0x3fb6180c, 0x18f8931e, 0x281658e6, + 0x26486e3e, 0x8bd78a70, 0x7477e4c1, 0xb506e07c, 0xf32d0a25, 0x79098b02, 0xe4eabb81, 0x28123b23, + 0x69dead38, 0x1574ca16, 0xdf871b62, 0x211c40b7, 0xa51a9ef9, 0x0014377b, 0x041e8ac8, 0x09114003, + 0xbd59e4d2, 0xe3d156d5, 0x4fe876d5, 0x2f91a340, 0x557be8de, 0x00eae4a7, 0x0ce5c2ec, 0x4db4bba6, + 0xe756bdff, 0xdd3369ac, 0xec17b035, 0x06572327, 0x99afc8b0, 0x56c8c391, 0x6b65811c, 0x5e146119, + 0x6e85cb75, 0xbe07c002, 0xc2325577, 0x893ff4ec, 0x5bbfc92d, 0xd0ec3b25, 0xb7801ab7, 0x8d6d3b24, + 0x20c763ef, 0xc366a5fc, 0x9c382880, 0x0ace3205, 0xaac9548a, 0xeca1d7c7, 0x041afa32, 0x1d16625a, + 0x6701902c, 0x9b757a54, 0x31d477f7, 0x9126b031, 0x36cc6fdb, 0xc70b8b46, 0xd9e66a48, 0x56e55a79, + 0x026a4ceb, 0x52437eff, 0x2f8f76b4, 0x0df980a5, 0x8674cde3, 0xedda04eb, 0x17a9be04, 0x2c18f4df, + 0xb7747f9d, 0xab2af7b4, 0xefc34d20, 0x2e096b7c, 0x1741a254, 0xe5b6a035, 0x213d42f6, 0x2c1c7c26, + 0x61c2f50f, 0x6552daf9, 0xd2c231f8, 0x25130f69, 0xd8167fa2, 0x0418f2c8, 0x001a96a6, 0x0d1526ab, + 0x63315c21, 0x5e0a72ec, 0x49bafefd, 0x187908d9, 0x8d0dbd86, 0x311170a7, 0x3e9b640c, 0xcc3e10d7, + 0xd5cad3b6, 0x0caec388, 0xf73001e1, 0x6c728aff, 0x71eae2a1, 0x1f9af36e, 0xcfcbd12f, 0xc1de8417, + 0xac07be6b, 0xcb44a1d8, 0x8b9b0f56, 0x013988c3, 0xb1c52fca, 0xb4be31cd, 0xd8782806, 0x12a3a4e2, + 0x6f7de532, 0x58fd7eb6, 0xd01ee900, 0x24adffc2, 0xf4990fc5, 0x9711aac5, 0x001d7b95, 0x82e5e7d2, + 0x109873f6, 0x00613096, 0xc32d9521, 0xada121ff, 0x29908415, 0x7fbb977f, 0xaf9eb3db, 0x29c9ed2a, + 0x5ce2a465, 0xa730f32c, 0xd0aa3fe8, 0x8a5cc091, 0xd49e2ce7, 0x0ce454a9, 0xd60acd86, 0x015f1919, + 0x77079103, 0xdea03af6, 0x78a8565e, 0xdee356df, 0x21f05cbe, 0x8b75e387, 0xb3c50651, 0xb8a5c3ef, + 0xd8eeb6d2, 0xe523be77, 0xc2154529, 0x2f69efdf, 0xafe67afb, 0xf470c4b2, 0xf3e0eb5b, 0xd6cc9876, + 0x39e4460c, 0x1fda8538, 0x1987832f, 0xca007367, 0xa99144f8, 0x296b299e, 0x492fc295, 0x9266beab, + 0xb5676e69, 0x9bd3ddda, 0xdf7e052f, 0xdb25701c, 0x1b5e51ee, 0xf65324e6, 0x6afce36c, 0x0316cc04, + 0x8644213e, 0xb7dc59d0, 0x7965291f, 0xccd6fd43, 0x41823979, 0x932bcdf6, 0xb657c34d, 0x4edfd282, + 0x7ae5290c, 0x3cb9536b, 0x851e20fe, 0x9833557e, 0x13ecf0b0, 0xd3ffb372, 0x3f85c5c1, 0x0aef7ed2 + }, + S5 = + { + 0x7ec90c04, 0x2c6e74b9, 0x9b0e66df, 0xa6337911, 0xb86a7fff, 0x1dd358f5, 0x44dd9d44, 0x1731167f, + 0x08fbf1fa, 0xe7f511cc, 0xd2051b00, 0x735aba00, 0x2ab722d8, 0x386381cb, 0xacf6243a, 0x69befd7a, + 0xe6a2e77f, 0xf0c720cd, 0xc4494816, 0xccf5c180, 0x38851640, 0x15b0a848, 0xe68b18cb, 0x4caadeff, + 0x5f480a01, 0x0412b2aa, 0x259814fc, 0x41d0efe2, 0x4e40b48d, 0x248eb6fb, 0x8dba1cfe, 0x41a99b02, + 0x1a550a04, 0xba8f65cb, 0x7251f4e7, 0x95a51725, 0xc106ecd7, 0x97a5980a, 0xc539b9aa, 0x4d79fe6a, + 0xf2f3f763, 0x68af8040, 0xed0c9e56, 0x11b4958b, 0xe1eb5a88, 0x8709e6b0, 0xd7e07156, 0x4e29fea7, + 0x6366e52d, 0x02d1c000, 0xc4ac8e05, 0x9377f571, 0x0c05372a, 0x578535f2, 0x2261be02, 0xd642a0c9, + 0xdf13a280, 0x74b55bd2, 0x682199c0, 0xd421e5ec, 0x53fb3ce8, 0xc8adedb3, 0x28a87fc9, 0x3d959981, + 0x5c1ff900, 0xfe38d399, 0x0c4eff0b, 0x062407ea, 0xaa2f4fb1, 0x4fb96976, 0x90c79505, 0xb0a8a774, + 0xef55a1ff, 0xe59ca2c2, 0xa6b62d27, 0xe66a4263, 0xdf65001f, 0x0ec50966, 0xdfdd55bc, 0x29de0655, + 0x911e739a, 0x17af8975, 0x32c7911c, 0x89f89468, 0x0d01e980, 0x524755f4, 0x03b63cc9, 0x0cc844b2, + 0xbcf3f0aa, 0x87ac36e9, 0xe53a7426, 0x01b3d82b, 0x1a9e7449, 0x64ee2d7e, 0xcddbb1da, 0x01c94910, + 0xb868bf80, 0x0d26f3fd, 0x9342ede7, 0x04a5c284, 0x636737b6, 0x50f5b616, 0xf24766e3, 0x8eca36c1, + 0x136e05db, 0xfef18391, 0xfb887a37, 0xd6e7f7d4, 0xc7fb7dc9, 0x3063fcdf, 0xb6f589de, 0xec2941da, + 0x26e46695, 0xb7566419, 0xf654efc5, 0xd08d58b7, 0x48925401, 0xc1bacb7f, 0xe5ff550f, 0xb6083049, + 0x5bb5d0e8, 0x87d72e5a, 0xab6a6ee1, 0x223a66ce, 0xc62bf3cd, 0x9e0885f9, 0x68cb3e47, 0x086c010f, + 0xa21de820, 0xd18b69de, 0xf3f65777, 0xfa02c3f6, 0x407edac3, 0xcbb3d550, 0x1793084d, 0xb0d70eba, + 0x0ab378d5, 0xd951fb0c, 0xded7da56, 0x4124bbe4, 0x94ca0b56, 0x0f5755d1, 0xe0e1e56e, 0x6184b5be, + 0x580a249f, 0x94f74bc0, 0xe327888e, 0x9f7b5561, 0xc3dc0280, 0x05687715, 0x646c6bd7, 0x44904db3, + 0x66b4f0a3, 0xc0f1648a, 0x697ed5af, 0x49e92ff6, 0x309e374f, 0x2cb6356a, 0x85808573, 0x4991f840, + 0x76f0ae02, 0x083be84d, 0x28421c9a, 0x44489406, 0x736e4cb8, 0xc1092910, 0x8bc95fc6, 0x7d869cf4, + 0x134f616f, 0x2e77118d, 0xb31b2be1, 0xaa90b472, 0x3ca5d717, 0x7d161bba, 0x9cad9010, 0xaf462ba2, + 0x9fe459d2, 0x45d34559, 0xd9f2da13, 0xdbc65487, 0xf3e4f94e, 0x176d486f, 0x097c13ea, 0x631da5c7, + 0x445f7382, 0x175683f4, 0xcdc66a97, 0x70be0288, 0xb3cdcf72, 0x6e5dd2f3, 0x20936079, 0x459b80a5, + 0xbe60e2db, 0xa9c23101, 0xeba5315c, 0x224e42f2, 0x1c5c1572, 0xf6721b2c, 0x1ad2fff3, 0x8c25404e, + 0x324ed72f, 0x4067b7fd, 0x0523138e, 0x5ca3bc78, 0xdc0fd66e, 0x75922283, 0x784d6b17, 0x58ebb16e, + 0x44094f85, 0x3f481d87, 0xfcfeae7b, 0x77b5ff76, 0x8c2302bf, 0xaaf47556, 0x5f46b02a, 0x2b092801, + 0x3d38f5f7, 0x0ca81f36, 0x52af4a8a, 0x66d5e7c0, 0xdf3b0874, 0x95055110, 0x1b5ad7a8, 0xf61ed5ad, + 0x6cf6e479, 0x20758184, 0xd0cefa65, 0x88f7be58, 0x4a046826, 0x0ff6f8f3, 0xa09c7f70, 0x5346aba0, + 0x5ce96c28, 0xe176eda3, 0x6bac307f, 0x376829d2, 0x85360fa9, 0x17e3fe2a, 0x24b79767, 0xf5a96b20, + 0xd6cd2595, 0x68ff1ebf, 0x7555442c, 0xf19f06be, 0xf9e0659a, 0xeeb9491d, 0x34010718, 0xbb30cab8, + 0xe822fe15, 0x88570983, 0x750e6249, 0xda627e55, 0x5e76ffa8, 0xb1534546, 0x6d47de08, 0xefe9e7d4 + }, + S6 = + { + 0xf6fa8f9d, 0x2cac6ce1, 0x4ca34867, 0xe2337f7c, 0x95db08e7, 0x016843b4, 0xeced5cbc, 0x325553ac, + 0xbf9f0960, 0xdfa1e2ed, 0x83f0579d, 0x63ed86b9, 0x1ab6a6b8, 0xde5ebe39, 0xf38ff732, 0x8989b138, + 0x33f14961, 0xc01937bd, 0xf506c6da, 0xe4625e7e, 0xa308ea99, 0x4e23e33c, 0x79cbd7cc, 0x48a14367, + 0xa3149619, 0xfec94bd5, 0xa114174a, 0xeaa01866, 0xa084db2d, 0x09a8486f, 0xa888614a, 0x2900af98, + 0x01665991, 0xe1992863, 0xc8f30c60, 0x2e78ef3c, 0xd0d51932, 0xcf0fec14, 0xf7ca07d2, 0xd0a82072, + 0xfd41197e, 0x9305a6b0, 0xe86be3da, 0x74bed3cd, 0x372da53c, 0x4c7f4448, 0xdab5d440, 0x6dba0ec3, + 0x083919a7, 0x9fbaeed9, 0x49dbcfb0, 0x4e670c53, 0x5c3d9c01, 0x64bdb941, 0x2c0e636a, 0xba7dd9cd, + 0xea6f7388, 0xe70bc762, 0x35f29adb, 0x5c4cdd8d, 0xf0d48d8c, 0xb88153e2, 0x08a19866, 0x1ae2eac8, + 0x284caf89, 0xaa928223, 0x9334be53, 0x3b3a21bf, 0x16434be3, 0x9aea3906, 0xefe8c36e, 0xf890cdd9, + 0x80226dae, 0xc340a4a3, 0xdf7e9c09, 0xa694a807, 0x5b7c5ecc, 0x221db3a6, 0x9a69a02f, 0x68818a54, + 0xceb2296f, 0x53c0843a, 0xfe893655, 0x25bfe68a, 0xb4628abc, 0xcf222ebf, 0x25ac6f48, 0xa9a99387, + 0x53bddb65, 0xe76ffbe7, 0xe967fd78, 0x0ba93563, 0x8e342bc1, 0xe8a11be9, 0x4980740d, 0xc8087dfc, + 0x8de4bf99, 0xa11101a0, 0x7fd37975, 0xda5a26c0, 0xe81f994f, 0x9528cd89, 0xfd339fed, 0xb87834bf, + 0x5f04456d, 0x22258698, 0xc9c4c83b, 0x2dc156be, 0x4f628daa, 0x57f55ec5, 0xe2220abe, 0xd2916ebf, + 0x4ec75b95, 0x24f2c3c0, 0x42d15d99, 0xcd0d7fa0, 0x7b6e27ff, 0xa8dc8af0, 0x7345c106, 0xf41e232f, + 0x35162386, 0xe6ea8926, 0x3333b094, 0x157ec6f2, 0x372b74af, 0x692573e4, 0xe9a9d848, 0xf3160289, + 0x3a62ef1d, 0xa787e238, 0xf3a5f676, 0x74364853, 0x20951063, 0x4576698d, 0xb6fad407, 0x592af950, + 0x36f73523, 0x4cfb6e87, 0x7da4cec0, 0x6c152daa, 0xcb0396a8, 0xc50dfe5d, 0xfcd707ab, 0x0921c42f, + 0x89dff0bb, 0x5fe2be78, 0x448f4f33, 0x754613c9, 0x2b05d08d, 0x48b9d585, 0xdc049441, 0xc8098f9b, + 0x7dede786, 0xc39a3373, 0x42410005, 0x6a091751, 0x0ef3c8a6, 0x890072d6, 0x28207682, 0xa9a9f7be, + 0xbf32679d, 0xd45b5b75, 0xb353fd00, 0xcbb0e358, 0x830f220a, 0x1f8fb214, 0xd372cf08, 0xcc3c4a13, + 0x8cf63166, 0x061c87be, 0x88c98f88, 0x6062e397, 0x47cf8e7a, 0xb6c85283, 0x3cc2acfb, 0x3fc06976, + 0x4e8f0252, 0x64d8314d, 0xda3870e3, 0x1e665459, 0xc10908f0, 0x513021a5, 0x6c5b68b7, 0x822f8aa0, + 0x3007cd3e, 0x74719eef, 0xdc872681, 0x073340d4, 0x7e432fd9, 0x0c5ec241, 0x8809286c, 0xf592d891, + 0x08a930f6, 0x957ef305, 0xb7fbffbd, 0xc266e96f, 0x6fe4ac98, 0xb173ecc0, 0xbc60b42a, 0x953498da, + 0xfba1ae12, 0x2d4bd736, 0x0f25faab, 0xa4f3fceb, 0xe2969123, 0x257f0c3d, 0x9348af49, 0x361400bc, + 0xe8816f4a, 0x3814f200, 0xa3f94043, 0x9c7a54c2, 0xbc704f57, 0xda41e7f9, 0xc25ad33a, 0x54f4a084, + 0xb17f5505, 0x59357cbe, 0xedbd15c8, 0x7f97c5ab, 0xba5ac7b5, 0xb6f6deaf, 0x3a479c3a, 0x5302da25, + 0x653d7e6a, 0x54268d49, 0x51a477ea, 0x5017d55b, 0xd7d25d88, 0x44136c76, 0x0404a8c8, 0xb8e5a121, + 0xb81a928a, 0x60ed5869, 0x97c55b96, 0xeaec991b, 0x29935913, 0x01fdb7f1, 0x088e8dfa, 0x9ab6f6f5, + 0x3b4cbf9f, 0x4a5de3ab, 0xe6051d35, 0xa0e1d855, 0xd36b4cf1, 0xf544edeb, 0xb0e93524, 0xbebb8fbd, + 0xa2d762cf, 0x49c92f54, 0x38b5f331, 0x7128a454, 0x48392905, 0xa65b1db8, 0x851c97bd, 0xd675cf2f + }, + S7 = + { + 0x85e04019, 0x332bf567, 0x662dbfff, 0xcfc65693, 0x2a8d7f6f, 0xab9bc912, 0xde6008a1, 0x2028da1f, + 0x0227bce7, 0x4d642916, 0x18fac300, 0x50f18b82, 0x2cb2cb11, 0xb232e75c, 0x4b3695f2, 0xb28707de, + 0xa05fbcf6, 0xcd4181e9, 0xe150210c, 0xe24ef1bd, 0xb168c381, 0xfde4e789, 0x5c79b0d8, 0x1e8bfd43, + 0x4d495001, 0x38be4341, 0x913cee1d, 0x92a79c3f, 0x089766be, 0xbaeeadf4, 0x1286becf, 0xb6eacb19, + 0x2660c200, 0x7565bde4, 0x64241f7a, 0x8248dca9, 0xc3b3ad66, 0x28136086, 0x0bd8dfa8, 0x356d1cf2, + 0x107789be, 0xb3b2e9ce, 0x0502aa8f, 0x0bc0351e, 0x166bf52a, 0xeb12ff82, 0xe3486911, 0xd34d7516, + 0x4e7b3aff, 0x5f43671b, 0x9cf6e037, 0x4981ac83, 0x334266ce, 0x8c9341b7, 0xd0d854c0, 0xcb3a6c88, + 0x47bc2829, 0x4725ba37, 0xa66ad22b, 0x7ad61f1e, 0x0c5cbafa, 0x4437f107, 0xb6e79962, 0x42d2d816, + 0x0a961288, 0xe1a5c06e, 0x13749e67, 0x72fc081a, 0xb1d139f7, 0xf9583745, 0xcf19df58, 0xbec3f756, + 0xc06eba30, 0x07211b24, 0x45c28829, 0xc95e317f, 0xbc8ec511, 0x38bc46e9, 0xc6e6fa14, 0xbae8584a, + 0xad4ebc46, 0x468f508b, 0x7829435f, 0xf124183b, 0x821dba9f, 0xaff60ff4, 0xea2c4e6d, 0x16e39264, + 0x92544a8b, 0x009b4fc3, 0xaba68ced, 0x9ac96f78, 0x06a5b79a, 0xb2856e6e, 0x1aec3ca9, 0xbe838688, + 0x0e0804e9, 0x55f1be56, 0xe7e5363b, 0xb3a1f25d, 0xf7debb85, 0x61fe033c, 0x16746233, 0x3c034c28, + 0xda6d0c74, 0x79aac56c, 0x3ce4e1ad, 0x51f0c802, 0x98f8f35a, 0x1626a49f, 0xeed82b29, 0x1d382fe3, + 0x0c4fb99a, 0xbb325778, 0x3ec6d97b, 0x6e77a6a9, 0xcb658b5c, 0xd45230c7, 0x2bd1408b, 0x60c03eb7, + 0xb9068d78, 0xa33754f4, 0xf430c87d, 0xc8a71302, 0xb96d8c32, 0xebd4e7be, 0xbe8b9d2d, 0x7979fb06, + 0xe7225308, 0x8b75cf77, 0x11ef8da4, 0xe083c858, 0x8d6b786f, 0x5a6317a6, 0xfa5cf7a0, 0x5dda0033, + 0xf28ebfb0, 0xf5b9c310, 0xa0eac280, 0x08b9767a, 0xa3d9d2b0, 0x79d34217, 0x021a718d, 0x9ac6336a, + 0x2711fd60, 0x438050e3, 0x069908a8, 0x3d7fedc4, 0x826d2bef, 0x4eeb8476, 0x488dcf25, 0x36c9d566, + 0x28e74e41, 0xc2610aca, 0x3d49a9cf, 0xbae3b9df, 0xb65f8de6, 0x92aeaf64, 0x3ac7d5e6, 0x9ea80509, + 0xf22b017d, 0xa4173f70, 0xdd1e16c3, 0x15e0d7f9, 0x50b1b887, 0x2b9f4fd5, 0x625aba82, 0x6a017962, + 0x2ec01b9c, 0x15488aa9, 0xd716e740, 0x40055a2c, 0x93d29a22, 0xe32dbf9a, 0x058745b9, 0x3453dc1e, + 0xd699296e, 0x496cff6f, 0x1c9f4986, 0xdfe2ed07, 0xb87242d1, 0x19de7eae, 0x053e561a, 0x15ad6f8c, + 0x66626c1c, 0x7154c24c, 0xea082b2a, 0x93eb2939, 0x17dcb0f0, 0x58d4f2ae, 0x9ea294fb, 0x52cf564c, + 0x9883fe66, 0x2ec40581, 0x763953c3, 0x01d6692e, 0xd3a0c108, 0xa1e7160e, 0xe4f2dfa6, 0x693ed285, + 0x74904698, 0x4c2b0edd, 0x4f757656, 0x5d393378, 0xa132234f, 0x3d321c5d, 0xc3f5e194, 0x4b269301, + 0xc79f022f, 0x3c997e7e, 0x5e4f9504, 0x3ffafbbd, 0x76f7ad0e, 0x296693f4, 0x3d1fce6f, 0xc61e45be, + 0xd3b5ab34, 0xf72bf9b7, 0x1b0434c0, 0x4e72b567, 0x5592a33d, 0xb5229301, 0xcfd2a87f, 0x60aeb767, + 0x1814386b, 0x30bcc33d, 0x38a0c07d, 0xfd1606f2, 0xc363519b, 0x589dd390, 0x5479f8e6, 0x1cb8d647, + 0x97fd61a9, 0xea7759f4, 0x2d57539d, 0x569a58cf, 0xe84e63ad, 0x462e1b78, 0x6580f87e, 0xf3817914, + 0x91da55f4, 0x40a230f3, 0xd1988f35, 0xb6e318d2, 0x3ffa50bc, 0x3d40f021, 0xc3c0bdae, 0x4958c24c, + 0x518f36b2, 0x84b1d370, 0x0fedce83, 0x878ddada, 0xf2a279c7, 0x94e01be8, 0x90716f4b, 0x954b8aa3 + }, + S8 = + { + 0xe216300d, 0xbbddfffc, 0xa7ebdabd, 0x35648095, 0x7789f8b7, 0xe6c1121b, 0x0e241600, 0x052ce8b5, + 0x11a9cfb0, 0xe5952f11, 0xece7990a, 0x9386d174, 0x2a42931c, 0x76e38111, 0xb12def3a, 0x37ddddfc, + 0xde9adeb1, 0x0a0cc32c, 0xbe197029, 0x84a00940, 0xbb243a0f, 0xb4d137cf, 0xb44e79f0, 0x049eedfd, + 0x0b15a15d, 0x480d3168, 0x8bbbde5a, 0x669ded42, 0xc7ece831, 0x3f8f95e7, 0x72df191b, 0x7580330d, + 0x94074251, 0x5c7dcdfa, 0xabbe6d63, 0xaa402164, 0xb301d40a, 0x02e7d1ca, 0x53571dae, 0x7a3182a2, + 0x12a8ddec, 0xfdaa335d, 0x176f43e8, 0x71fb46d4, 0x38129022, 0xce949ad4, 0xb84769ad, 0x965bd862, + 0x82f3d055, 0x66fb9767, 0x15b80b4e, 0x1d5b47a0, 0x4cfde06f, 0xc28ec4b8, 0x57e8726e, 0x647a78fc, + 0x99865d44, 0x608bd593, 0x6c200e03, 0x39dc5ff6, 0x5d0b00a3, 0xae63aff2, 0x7e8bd632, 0x70108c0c, + 0xbbd35049, 0x2998df04, 0x980cf42a, 0x9b6df491, 0x9e7edd53, 0x06918548, 0x58cb7e07, 0x3b74ef2e, + 0x522fffb1, 0xd24708cc, 0x1c7e27cd, 0xa4eb215b, 0x3cf1d2e2, 0x19b47a38, 0x424f7618, 0x35856039, + 0x9d17dee7, 0x27eb35e6, 0xc9aff67b, 0x36baf5b8, 0x09c467cd, 0xc18910b1, 0xe11dbf7b, 0x06cd1af8, + 0x7170c608, 0x2d5e3354, 0xd4de495a, 0x64c6d006, 0xbcc0c62c, 0x3dd00db3, 0x708f8f34, 0x77d51b42, + 0x264f620f, 0x24b8d2bf, 0x15c1b79e, 0x46a52564, 0xf8d7e54e, 0x3e378160, 0x7895cda5, 0x859c15a5, + 0xe6459788, 0xc37bc75f, 0xdb07ba0c, 0x0676a3ab, 0x7f229b1e, 0x31842e7b, 0x24259fd7, 0xf8bef472, + 0x835ffcb8, 0x6df4c1f2, 0x96f5b195, 0xfd0af0fc, 0xb0fe134c, 0xe2506d3d, 0x4f9b12ea, 0xf215f225, + 0xa223736f, 0x9fb4c428, 0x25d04979, 0x34c713f8, 0xc4618187, 0xea7a6e98, 0x7cd16efc, 0x1436876c, + 0xf1544107, 0xbedeee14, 0x56e9af27, 0xa04aa441, 0x3cf7c899, 0x92ecbae6, 0xdd67016d, 0x151682eb, + 0xa842eedf, 0xfdba60b4, 0xf1907b75, 0x20e3030f, 0x24d8c29e, 0xe139673b, 0xefa63fb8, 0x71873054, + 0xb6f2cf3b, 0x9f326442, 0xcb15a4cc, 0xb01a4504, 0xf1e47d8d, 0x844a1be5, 0xbae7dfdc, 0x42cbda70, + 0xcd7dae0a, 0x57e85b7a, 0xd53f5af6, 0x20cf4d8c, 0xcea4d428, 0x79d130a4, 0x3486ebfb, 0x33d3cddc, + 0x77853b53, 0x37effcb5, 0xc5068778, 0xe580b3e6, 0x4e68b8f4, 0xc5c8b37e, 0x0d809ea2, 0x398feb7c, + 0x132a4f94, 0x43b7950e, 0x2fee7d1c, 0x223613bd, 0xdd06caa2, 0x37df932b, 0xc4248289, 0xacf3ebc3, + 0x5715f6b7, 0xef3478dd, 0xf267616f, 0xc148cbe4, 0x9052815e, 0x5e410fab, 0xb48a2465, 0x2eda7fa4, + 0xe87b40e4, 0xe98ea084, 0x5889e9e1, 0xefd390fc, 0xdd07d35b, 0xdb485694, 0x38d7e5b2, 0x57720101, + 0x730edebc, 0x5b643113, 0x94917e4f, 0x503c2fba, 0x646f1282, 0x7523d24a, 0xe0779695, 0xf9c17a8f, + 0x7a5b2121, 0xd187b896, 0x29263a4d, 0xba510cdf, 0x81f47c9f, 0xad1163ed, 0xea7b5965, 0x1a00726e, + 0x11403092, 0x00da6d77, 0x4a0cdd61, 0xad1f4603, 0x605bdfb0, 0x9eedc364, 0x22ebe6a8, 0xcee7d28a, + 0xa0e736a0, 0x5564a6b9, 0x10853209, 0xc7eb8f37, 0x2de705ca, 0x8951570f, 0xdf09822b, 0xbd691a6c, + 0xaa12e4f2, 0x87451c0f, 0xe0f6a27a, 0x3ada4819, 0x4cf1764f, 0x0d771c2b, 0x67cdb156, 0x350d8384, + 0x5938fa0f, 0x42399ef3, 0x36997b07, 0x0e84093d, 0x4aa93e61, 0x8360d87b, 0x1fa98b0c, 0x1149382c, + 0xe97625a5, 0x0614d1b7, 0x0e25244b, 0x0c768347, 0x589e8d82, 0x0d2059d1, 0xa466bb1e, 0xf8da0a82, + 0x04f19130, 0xba6e4ec0, 0x99265164, 0x1ee7230d, 0x50b2ad80, 0xeaee6801, 0x8db2a283, 0xea8bf59e + }; + + //==================================== + // Useful constants + //==================================== + + internal static readonly int MAX_ROUNDS = 16; + internal static readonly int RED_ROUNDS = 12; + + private const int BLOCK_SIZE = 8; // bytes = 64 bits + + private int[] _Kr = new int[17]; // the rotating round key + private uint[] _Km = new uint[17]; // the masking round key + + private bool _encrypting; + + private byte[] _workingKey; + private int _rounds = MAX_ROUNDS; + + public Cast5Engine() + { + } + + /** + * initialise a CAST cipher. + * + * @param forEncryption whether or not we are for encryption. + * @param parameters the parameters required to set up the cipher. + * @exception ArgumentException if the parameters argument is + * inappropriate. + */ + public virtual void Init( + bool forEncryption, + ICipherParameters parameters) + { + if (!(parameters is KeyParameter)) + throw new ArgumentException("Invalid parameter passed to "+ AlgorithmName +" init - " + Platform.GetTypeName(parameters)); + + _encrypting = forEncryption; + _workingKey = ((KeyParameter)parameters).GetKey(); + SetKey(_workingKey); + } + + public virtual string AlgorithmName + { + get { return "CAST5"; } + } + + public virtual bool IsPartialBlockOkay + { + get { return false; } + } + + public virtual int ProcessBlock( + byte[] input, + int inOff, + byte[] output, + int outOff) + { + int blockSize = GetBlockSize(); + if (_workingKey == null) + throw new InvalidOperationException(AlgorithmName + " not initialised"); + + Check.DataLength(input, inOff, blockSize, "input buffer too short"); + Check.OutputLength(output, outOff, blockSize, "output buffer too short"); + + if (_encrypting) + { + return EncryptBlock(input, inOff, output, outOff); + } + else + { + return DecryptBlock(input, inOff, output, outOff); + } + } + + public virtual void Reset() + { + } + + public virtual int GetBlockSize() + { + return BLOCK_SIZE; + } + + //================================== + // Private Implementation + //================================== + + /* + * Creates the subkeys using the same nomenclature + * as described in RFC2144. + * + * See section 2.4 + */ + internal virtual void SetKey(byte[] key) + { + /* + * Determine the key size here, if required + * + * if keysize <= 80bits, use 12 rounds instead of 16 + * if keysize < 128bits, pad with 0 + * + * Typical key sizes => 40, 64, 80, 128 + */ + + if (key.Length < 11) + { + _rounds = RED_ROUNDS; + } + + int [] z = new int[16]; + int [] x = new int[16]; + + uint z03, z47, z8B, zCF; + uint x03, x47, x8B, xCF; + + /* copy the key into x */ + for (int i=0; i< key.Length; i++) + { + x[i] = (int)(key[i] & 0xff); + } + + /* + * This will look different because the selection of + * bytes from the input key I've already chosen the + * correct int. + */ + x03 = IntsTo32bits(x, 0x0); + x47 = IntsTo32bits(x, 0x4); + x8B = IntsTo32bits(x, 0x8); + xCF = IntsTo32bits(x, 0xC); + + z03 = x03 ^S5[x[0xD]] ^S6[x[0xF]] ^S7[x[0xC]] ^S8[x[0xE]] ^S7[x[0x8]]; + + Bits32ToInts(z03, z, 0x0); + z47 = x8B ^S5[z[0x0]] ^S6[z[0x2]] ^S7[z[0x1]] ^S8[z[0x3]] ^S8[x[0xA]]; + Bits32ToInts(z47, z, 0x4); + z8B = xCF ^S5[z[0x7]] ^S6[z[0x6]] ^S7[z[0x5]] ^S8[z[0x4]] ^S5[x[0x9]]; + Bits32ToInts(z8B, z, 0x8); + zCF = x47 ^S5[z[0xA]] ^S6[z[0x9]] ^S7[z[0xB]] ^S8[z[0x8]] ^S6[x[0xB]]; + Bits32ToInts(zCF, z, 0xC); + _Km[ 1]= S5[z[0x8]] ^ S6[z[0x9]] ^ S7[z[0x7]] ^ S8[z[0x6]] ^ S5[z[0x2]]; + _Km[ 2]= S5[z[0xA]] ^ S6[z[0xB]] ^ S7[z[0x5]] ^ S8[z[0x4]] ^ S6[z[0x6]]; + _Km[ 3]= S5[z[0xC]] ^ S6[z[0xD]] ^ S7[z[0x3]] ^ S8[z[0x2]] ^ S7[z[0x9]]; + _Km[ 4]= S5[z[0xE]] ^ S6[z[0xF]] ^ S7[z[0x1]] ^ S8[z[0x0]] ^ S8[z[0xC]]; + + z03 = IntsTo32bits(z, 0x0); + z47 = IntsTo32bits(z, 0x4); + z8B = IntsTo32bits(z, 0x8); + zCF = IntsTo32bits(z, 0xC); + x03 = z8B ^S5[z[0x5]] ^S6[z[0x7]] ^S7[z[0x4]] ^S8[z[0x6]] ^S7[z[0x0]]; + Bits32ToInts(x03, x, 0x0); + x47 = z03 ^S5[x[0x0]] ^S6[x[0x2]] ^S7[x[0x1]] ^S8[x[0x3]] ^S8[z[0x2]]; + Bits32ToInts(x47, x, 0x4); + x8B = z47 ^S5[x[0x7]] ^S6[x[0x6]] ^S7[x[0x5]] ^S8[x[0x4]] ^S5[z[0x1]]; + Bits32ToInts(x8B, x, 0x8); + xCF = zCF ^S5[x[0xA]] ^S6[x[0x9]] ^S7[x[0xB]] ^S8[x[0x8]] ^S6[z[0x3]]; + Bits32ToInts(xCF, x, 0xC); + _Km[ 5]= S5[x[0x3]] ^ S6[x[0x2]] ^ S7[x[0xC]] ^ S8[x[0xD]] ^ S5[x[0x8]]; + _Km[ 6]= S5[x[0x1]] ^ S6[x[0x0]] ^ S7[x[0xE]] ^ S8[x[0xF]] ^ S6[x[0xD]]; + _Km[ 7]= S5[x[0x7]] ^ S6[x[0x6]] ^ S7[x[0x8]] ^ S8[x[0x9]] ^ S7[x[0x3]]; + _Km[ 8]= S5[x[0x5]] ^ S6[x[0x4]] ^ S7[x[0xA]] ^ S8[x[0xB]] ^ S8[x[0x7]]; + + x03 = IntsTo32bits(x, 0x0); + x47 = IntsTo32bits(x, 0x4); + x8B = IntsTo32bits(x, 0x8); + xCF = IntsTo32bits(x, 0xC); + z03 = x03 ^S5[x[0xD]] ^S6[x[0xF]] ^S7[x[0xC]] ^S8[x[0xE]] ^S7[x[0x8]]; + Bits32ToInts(z03, z, 0x0); + z47 = x8B ^S5[z[0x0]] ^S6[z[0x2]] ^S7[z[0x1]] ^S8[z[0x3]] ^S8[x[0xA]]; + Bits32ToInts(z47, z, 0x4); + z8B = xCF ^S5[z[0x7]] ^S6[z[0x6]] ^S7[z[0x5]] ^S8[z[0x4]] ^S5[x[0x9]]; + Bits32ToInts(z8B, z, 0x8); + zCF = x47 ^S5[z[0xA]] ^S6[z[0x9]] ^S7[z[0xB]] ^S8[z[0x8]] ^S6[x[0xB]]; + Bits32ToInts(zCF, z, 0xC); + _Km[ 9]= S5[z[0x3]] ^ S6[z[0x2]] ^ S7[z[0xC]] ^ S8[z[0xD]] ^ S5[z[0x9]]; + _Km[10]= S5[z[0x1]] ^ S6[z[0x0]] ^ S7[z[0xE]] ^ S8[z[0xF]] ^ S6[z[0xc]]; + _Km[11]= S5[z[0x7]] ^ S6[z[0x6]] ^ S7[z[0x8]] ^ S8[z[0x9]] ^ S7[z[0x2]]; + _Km[12]= S5[z[0x5]] ^ S6[z[0x4]] ^ S7[z[0xA]] ^ S8[z[0xB]] ^ S8[z[0x6]]; + + z03 = IntsTo32bits(z, 0x0); + z47 = IntsTo32bits(z, 0x4); + z8B = IntsTo32bits(z, 0x8); + zCF = IntsTo32bits(z, 0xC); + x03 = z8B ^S5[z[0x5]] ^S6[z[0x7]] ^S7[z[0x4]] ^S8[z[0x6]] ^S7[z[0x0]]; + Bits32ToInts(x03, x, 0x0); + x47 = z03 ^S5[x[0x0]] ^S6[x[0x2]] ^S7[x[0x1]] ^S8[x[0x3]] ^S8[z[0x2]]; + Bits32ToInts(x47, x, 0x4); + x8B = z47 ^S5[x[0x7]] ^S6[x[0x6]] ^S7[x[0x5]] ^S8[x[0x4]] ^S5[z[0x1]]; + Bits32ToInts(x8B, x, 0x8); + xCF = zCF ^S5[x[0xA]] ^S6[x[0x9]] ^S7[x[0xB]] ^S8[x[0x8]] ^S6[z[0x3]]; + Bits32ToInts(xCF, x, 0xC); + _Km[13]= S5[x[0x8]] ^ S6[x[0x9]] ^ S7[x[0x7]] ^ S8[x[0x6]] ^ S5[x[0x3]]; + _Km[14]= S5[x[0xA]] ^ S6[x[0xB]] ^ S7[x[0x5]] ^ S8[x[0x4]] ^ S6[x[0x7]]; + _Km[15]= S5[x[0xC]] ^ S6[x[0xD]] ^ S7[x[0x3]] ^ S8[x[0x2]] ^ S7[x[0x8]]; + _Km[16]= S5[x[0xE]] ^ S6[x[0xF]] ^ S7[x[0x1]] ^ S8[x[0x0]] ^ S8[x[0xD]]; + + x03 = IntsTo32bits(x, 0x0); + x47 = IntsTo32bits(x, 0x4); + x8B = IntsTo32bits(x, 0x8); + xCF = IntsTo32bits(x, 0xC); + z03 = x03 ^S5[x[0xD]] ^S6[x[0xF]] ^S7[x[0xC]] ^S8[x[0xE]] ^S7[x[0x8]]; + Bits32ToInts(z03, z, 0x0); + z47 = x8B ^S5[z[0x0]] ^S6[z[0x2]] ^S7[z[0x1]] ^S8[z[0x3]] ^S8[x[0xA]]; + Bits32ToInts(z47, z, 0x4); + z8B = xCF ^S5[z[0x7]] ^S6[z[0x6]] ^S7[z[0x5]] ^S8[z[0x4]] ^S5[x[0x9]]; + Bits32ToInts(z8B, z, 0x8); + zCF = x47 ^S5[z[0xA]] ^S6[z[0x9]] ^S7[z[0xB]] ^S8[z[0x8]] ^S6[x[0xB]]; + Bits32ToInts(zCF, z, 0xC); + _Kr[ 1]=(int)((S5[z[0x8]]^S6[z[0x9]]^S7[z[0x7]]^S8[z[0x6]] ^ S5[z[0x2]])&0x1f); + _Kr[ 2]=(int)((S5[z[0xA]]^S6[z[0xB]]^S7[z[0x5]]^S8[z[0x4]] ^ S6[z[0x6]])&0x1f); + _Kr[ 3]=(int)((S5[z[0xC]]^S6[z[0xD]]^S7[z[0x3]]^S8[z[0x2]] ^ S7[z[0x9]])&0x1f); + _Kr[ 4]=(int)((S5[z[0xE]]^S6[z[0xF]]^S7[z[0x1]]^S8[z[0x0]] ^ S8[z[0xC]])&0x1f); + + z03 = IntsTo32bits(z, 0x0); + z47 = IntsTo32bits(z, 0x4); + z8B = IntsTo32bits(z, 0x8); + zCF = IntsTo32bits(z, 0xC); + x03 = z8B ^S5[z[0x5]] ^S6[z[0x7]] ^S7[z[0x4]] ^S8[z[0x6]] ^S7[z[0x0]]; + Bits32ToInts(x03, x, 0x0); + x47 = z03 ^S5[x[0x0]] ^S6[x[0x2]] ^S7[x[0x1]] ^S8[x[0x3]] ^S8[z[0x2]]; + Bits32ToInts(x47, x, 0x4); + x8B = z47 ^S5[x[0x7]] ^S6[x[0x6]] ^S7[x[0x5]] ^S8[x[0x4]] ^S5[z[0x1]]; + Bits32ToInts(x8B, x, 0x8); + xCF = zCF ^S5[x[0xA]] ^S6[x[0x9]] ^S7[x[0xB]] ^S8[x[0x8]] ^S6[z[0x3]]; + Bits32ToInts(xCF, x, 0xC); + _Kr[ 5]=(int)((S5[x[0x3]]^S6[x[0x2]]^S7[x[0xC]]^S8[x[0xD]]^S5[x[0x8]])&0x1f); + _Kr[ 6]=(int)((S5[x[0x1]]^S6[x[0x0]]^S7[x[0xE]]^S8[x[0xF]]^S6[x[0xD]])&0x1f); + _Kr[ 7]=(int)((S5[x[0x7]]^S6[x[0x6]]^S7[x[0x8]]^S8[x[0x9]]^S7[x[0x3]])&0x1f); + _Kr[ 8]=(int)((S5[x[0x5]]^S6[x[0x4]]^S7[x[0xA]]^S8[x[0xB]]^S8[x[0x7]])&0x1f); + + x03 = IntsTo32bits(x, 0x0); + x47 = IntsTo32bits(x, 0x4); + x8B = IntsTo32bits(x, 0x8); + xCF = IntsTo32bits(x, 0xC); + z03 = x03 ^S5[x[0xD]] ^S6[x[0xF]] ^S7[x[0xC]] ^S8[x[0xE]] ^S7[x[0x8]]; + Bits32ToInts(z03, z, 0x0); + z47 = x8B ^S5[z[0x0]] ^S6[z[0x2]] ^S7[z[0x1]] ^S8[z[0x3]] ^S8[x[0xA]]; + Bits32ToInts(z47, z, 0x4); + z8B = xCF ^S5[z[0x7]] ^S6[z[0x6]] ^S7[z[0x5]] ^S8[z[0x4]] ^S5[x[0x9]]; + Bits32ToInts(z8B, z, 0x8); + zCF = x47 ^S5[z[0xA]] ^S6[z[0x9]] ^S7[z[0xB]] ^S8[z[0x8]] ^S6[x[0xB]]; + Bits32ToInts(zCF, z, 0xC); + _Kr[ 9]=(int)((S5[z[0x3]]^S6[z[0x2]]^S7[z[0xC]]^S8[z[0xD]]^S5[z[0x9]])&0x1f); + _Kr[10]=(int)((S5[z[0x1]]^S6[z[0x0]]^S7[z[0xE]]^S8[z[0xF]]^S6[z[0xc]])&0x1f); + _Kr[11]=(int)((S5[z[0x7]]^S6[z[0x6]]^S7[z[0x8]]^S8[z[0x9]]^S7[z[0x2]])&0x1f); + _Kr[12]=(int)((S5[z[0x5]]^S6[z[0x4]]^S7[z[0xA]]^S8[z[0xB]]^S8[z[0x6]])&0x1f); + + z03 = IntsTo32bits(z, 0x0); + z47 = IntsTo32bits(z, 0x4); + z8B = IntsTo32bits(z, 0x8); + zCF = IntsTo32bits(z, 0xC); + x03 = z8B ^S5[z[0x5]] ^S6[z[0x7]] ^S7[z[0x4]] ^S8[z[0x6]] ^S7[z[0x0]]; + Bits32ToInts(x03, x, 0x0); + x47 = z03 ^S5[x[0x0]] ^S6[x[0x2]] ^S7[x[0x1]] ^S8[x[0x3]] ^S8[z[0x2]]; + Bits32ToInts(x47, x, 0x4); + x8B = z47 ^S5[x[0x7]] ^S6[x[0x6]] ^S7[x[0x5]] ^S8[x[0x4]] ^S5[z[0x1]]; + Bits32ToInts(x8B, x, 0x8); + xCF = zCF ^S5[x[0xA]] ^S6[x[0x9]] ^S7[x[0xB]] ^S8[x[0x8]] ^S6[z[0x3]]; + Bits32ToInts(xCF, x, 0xC); + _Kr[13]=(int)((S5[x[0x8]]^S6[x[0x9]]^S7[x[0x7]]^S8[x[0x6]]^S5[x[0x3]])&0x1f); + _Kr[14]=(int)((S5[x[0xA]]^S6[x[0xB]]^S7[x[0x5]]^S8[x[0x4]]^S6[x[0x7]])&0x1f); + _Kr[15]=(int)((S5[x[0xC]]^S6[x[0xD]]^S7[x[0x3]]^S8[x[0x2]]^S7[x[0x8]])&0x1f); + _Kr[16]=(int)((S5[x[0xE]]^S6[x[0xF]]^S7[x[0x1]]^S8[x[0x0]]^S8[x[0xD]])&0x1f); + } + + /** + * Encrypt the given input starting at the given offset and place + * the result in the provided buffer starting at the given offset. + * + * @param src The plaintext buffer + * @param srcIndex An offset into src + * @param dst The ciphertext buffer + * @param dstIndex An offset into dst + */ + internal virtual int EncryptBlock( + byte[] src, + int srcIndex, + byte[] dst, + int dstIndex) + { + // process the input block + // batch the units up into a 32 bit chunk and go for it + // the array is in bytes, the increment is 8x8 bits = 64 + + uint L0 = Pack.BE_To_UInt32(src, srcIndex); + uint R0 = Pack.BE_To_UInt32(src, srcIndex + 4); + + uint[] result = new uint[2]; + CAST_Encipher(L0, R0, result); + + // now stuff them into the destination block + Pack.UInt32_To_BE(result[0], dst, dstIndex); + Pack.UInt32_To_BE(result[1], dst, dstIndex + 4); + + return BLOCK_SIZE; + } + + /** + * Decrypt the given input starting at the given offset and place + * the result in the provided buffer starting at the given offset. + * + * @param src The plaintext buffer + * @param srcIndex An offset into src + * @param dst The ciphertext buffer + * @param dstIndex An offset into dst + */ + internal virtual int DecryptBlock( + byte[] src, + int srcIndex, + byte[] dst, + int dstIndex) + { + // process the input block + // batch the units up into a 32 bit chunk and go for it + // the array is in bytes, the increment is 8x8 bits = 64 + uint L16 = Pack.BE_To_UInt32(src, srcIndex); + uint R16 = Pack.BE_To_UInt32(src, srcIndex + 4); + + uint[] result = new uint[2]; + CAST_Decipher(L16, R16, result); + + // now stuff them into the destination block + Pack.UInt32_To_BE(result[0], dst, dstIndex); + Pack.UInt32_To_BE(result[1], dst, dstIndex + 4); + + return BLOCK_SIZE; + } + + /** + * The first of the three processing functions for the + * encryption and decryption. + * + * @param D the input to be processed + * @param Kmi the mask to be used from Km[n] + * @param Kri the rotation value to be used + * + */ + internal static uint F1(uint D, uint Kmi, int Kri) + { + uint I = Kmi + D; + I = I << Kri | (I >> (32-Kri)); + return ((S1[(I>>24)&0xff]^S2[(I>>16)&0xff])-S3[(I>>8)&0xff])+S4[I&0xff]; + } + + /** + * The second of the three processing functions for the + * encryption and decryption. + * + * @param D the input to be processed + * @param Kmi the mask to be used from Km[n] + * @param Kri the rotation value to be used + * + */ + internal static uint F2(uint D, uint Kmi, int Kri) + { + uint I = Kmi ^ D; + I = I << Kri | (I >> (32-Kri)); + return ((S1[(I>>24)&0xff]-S2[(I>>16)&0xff])+S3[(I>>8)&0xff])^S4[I&0xff]; + } + + /** + * The third of the three processing functions for the + * encryption and decryption. + * + * @param D the input to be processed + * @param Kmi the mask to be used from Km[n] + * @param Kri the rotation value to be used + * + */ + internal static uint F3(uint D, uint Kmi, int Kri) + { + uint I = Kmi - D; + I = I << Kri | (I >> (32-Kri)); + return ((S1[(I>>24)&0xff]+S2[(I>>16)&0xff])^S3[(I>>8)&0xff])-S4[I&0xff]; + } + + /** + * Does the 16 rounds to encrypt the block. + * + * @param L0 the LH-32bits of the plaintext block + * @param R0 the RH-32bits of the plaintext block + */ + internal void CAST_Encipher(uint L0, uint R0, uint[] result) + { + uint Lp = L0; // the previous value, equiv to L[i-1] + uint Rp = R0; // equivalent to R[i-1] + + /* + * numbering consistent with paper to make + * checking and validating easier + */ + uint Li = L0, Ri = R0; + + for (int i = 1; i<=_rounds ; i++) + { + Lp = Li; + Rp = Ri; + + Li = Rp; + switch (i) + { + case 1: + case 4: + case 7: + case 10: + case 13: + case 16: + Ri = Lp ^ F1(Rp, _Km[i], _Kr[i]); + break; + case 2: + case 5: + case 8: + case 11: + case 14: + Ri = Lp ^ F2(Rp, _Km[i], _Kr[i]); + break; + case 3: + case 6: + case 9: + case 12: + case 15: + Ri = Lp ^ F3(Rp, _Km[i], _Kr[i]); + break; + } + } + + result[0] = Ri; + result[1] = Li; + + return; + } + + internal void CAST_Decipher(uint L16, uint R16, uint[] result) + { + uint Lp = L16; // the previous value, equiv to L[i-1] + uint Rp = R16; // equivalent to R[i-1] + + /* + * numbering consistent with paper to make + * checking and validating easier + */ + uint Li = L16, Ri = R16; + + for (int i = _rounds; i > 0; i--) + { + Lp = Li; + Rp = Ri; + + Li = Rp; + switch (i) + { + case 1: + case 4: + case 7: + case 10: + case 13: + case 16: + Ri = Lp ^ F1(Rp, _Km[i], _Kr[i]); + break; + case 2: + case 5: + case 8: + case 11: + case 14: + Ri = Lp ^ F2(Rp, _Km[i], _Kr[i]); + break; + case 3: + case 6: + case 9: + case 12: + case 15: + Ri = Lp ^ F3(Rp, _Km[i], _Kr[i]); + break; + } + } + + result[0] = Ri; + result[1] = Li; + + return; + } + + internal static void Bits32ToInts(uint inData, int[] b, int offset) + { + b[offset + 3] = (int) (inData & 0xff); + b[offset + 2] = (int) ((inData >> 8) & 0xff); + b[offset + 1] = (int) ((inData >> 16) & 0xff); + b[offset] = (int) ((inData >> 24) & 0xff); + } + + internal static uint IntsTo32bits(int[] b, int i) + { + return (uint)(((b[i] & 0xff) << 24) | + ((b[i+1] & 0xff) << 16) | + ((b[i+2] & 0xff) << 8) | + ((b[i+3] & 0xff))); + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/engines/Cast6Engine.cs b/BouncyCastle/crypto/src/crypto/engines/Cast6Engine.cs new file mode 100644 index 0000000..c5c419b --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/engines/Cast6Engine.cs @@ -0,0 +1,279 @@ +using System; + +using Org.BouncyCastle.Crypto.Utilities; + +namespace Org.BouncyCastle.Crypto.Engines +{ + /** + * A class that provides CAST6 key encryption operations, + * such as encoding data and generating keys. + * + * All the algorithms herein are from the Internet RFC + * + * RFC2612 - CAST6 (128bit block, 128-256bit key) + * + * and implement a simplified cryptography interface. + */ + public sealed class Cast6Engine + : Cast5Engine + { + //==================================== + // Useful constants + //==================================== + private const int ROUNDS = 12; + private const int BLOCK_SIZE = 16; // bytes = 128 bits + + /* + * Put the round and mask keys into an array. + * Kr0[i] => _Kr[i*4 + 0] + */ + private int []_Kr = new int[ROUNDS*4]; // the rotating round key(s) + private uint []_Km = new uint[ROUNDS*4]; // the masking round key(s) + + /* + * Key setup + */ + private int []_Tr = new int[24 * 8]; + private uint []_Tm = new uint[24 * 8]; + private uint[] _workingKey = new uint[8]; + + public Cast6Engine() + { + } + + public override string AlgorithmName + { + get { return "CAST6"; } + } + + public override void Reset() + { + } + + public override int GetBlockSize() + { + return BLOCK_SIZE; + } + + //================================== + // Private Implementation + //================================== + /* + * Creates the subkeys using the same nomenclature + * as described in RFC2612. + * + * See section 2.4 + */ + internal override void SetKey( + byte[] key) + { + uint Cm = 0x5a827999; + uint Mm = 0x6ed9eba1; + int Cr = 19; + int Mr = 17; + /* + * Determine the key size here, if required + * + * if keysize < 256 bytes, pad with 0 + * + * Typical key sizes => 128, 160, 192, 224, 256 + */ + for (int i=0; i< 24; i++) + { + for (int j=0; j< 8; j++) + { + _Tm[i*8 + j] = Cm; + Cm += Mm; //mod 2^32; + _Tr[i*8 + j] = Cr; + Cr = (Cr + Mr) & 0x1f; // mod 32 + } + } + + byte[] tmpKey = new byte[64]; + key.CopyTo(tmpKey, 0); + + // now create ABCDEFGH + for (int i = 0; i < 8; i++) + { + _workingKey[i] = Pack.BE_To_UInt32(tmpKey, i*4); + } + + // Generate the key schedule + for (int i = 0; i < 12; i++) + { + // KAPPA <- W2i(KAPPA) + int i2 = i*2 *8; + _workingKey[6] ^= F1(_workingKey[7], _Tm[i2], _Tr[i2]); + _workingKey[5] ^= F2(_workingKey[6], _Tm[i2+1], _Tr[i2+1]); + _workingKey[4] ^= F3(_workingKey[5], _Tm[i2+2], _Tr[i2+2]); + _workingKey[3] ^= F1(_workingKey[4], _Tm[i2+3], _Tr[i2+3]); + _workingKey[2] ^= F2(_workingKey[3], _Tm[i2+4], _Tr[i2+4]); + _workingKey[1] ^= F3(_workingKey[2], _Tm[i2+5], _Tr[i2+5]); + _workingKey[0] ^= F1(_workingKey[1], _Tm[i2+6], _Tr[i2+6]); + _workingKey[7] ^= F2(_workingKey[0], _Tm[i2+7], _Tr[i2+7]); + // KAPPA <- W2i+1(KAPPA) + i2 = (i*2 + 1)*8; + _workingKey[6] ^= F1(_workingKey[7], _Tm[i2], _Tr[i2]); + _workingKey[5] ^= F2(_workingKey[6], _Tm[i2+1], _Tr[i2+1]); + _workingKey[4] ^= F3(_workingKey[5], _Tm[i2+2], _Tr[i2+2]); + _workingKey[3] ^= F1(_workingKey[4], _Tm[i2+3], _Tr[i2+3]); + _workingKey[2] ^= F2(_workingKey[3], _Tm[i2+4], _Tr[i2+4]); + _workingKey[1] ^= F3(_workingKey[2], _Tm[i2+5], _Tr[i2+5]); + _workingKey[0] ^= F1(_workingKey[1], _Tm[i2+6], _Tr[i2+6]); + _workingKey[7] ^= F2(_workingKey[0], _Tm[i2+7], _Tr[i2+7]); + // Kr_(i) <- KAPPA + _Kr[i*4] = (int)(_workingKey[0] & 0x1f); + _Kr[i*4 + 1] = (int)(_workingKey[2] & 0x1f); + _Kr[i*4 + 2] = (int)(_workingKey[4] & 0x1f); + _Kr[i*4 + 3] = (int)(_workingKey[6] & 0x1f); + // Km_(i) <- KAPPA + _Km[i*4] = _workingKey[7]; + _Km[i*4 + 1] = _workingKey[5]; + _Km[i*4 + 2] = _workingKey[3]; + _Km[i*4 + 3] = _workingKey[1]; + } + } + + /** + * Encrypt the given input starting at the given offset and place + * the result in the provided buffer starting at the given offset. + * + * @param src The plaintext buffer + * @param srcIndex An offset into src + * @param dst The ciphertext buffer + * @param dstIndex An offset into dst + */ + internal override int EncryptBlock( + byte[] src, + int srcIndex, + byte[] dst, + int dstIndex) + { + // process the input block + // batch the units up into 4x32 bit chunks and go for it + uint A = Pack.BE_To_UInt32(src, srcIndex); + uint B = Pack.BE_To_UInt32(src, srcIndex + 4); + uint C = Pack.BE_To_UInt32(src, srcIndex + 8); + uint D = Pack.BE_To_UInt32(src, srcIndex + 12); + uint[] result = new uint[4]; + CAST_Encipher(A, B, C, D, result); + // now stuff them into the destination block + Pack.UInt32_To_BE(result[0], dst, dstIndex); + Pack.UInt32_To_BE(result[1], dst, dstIndex + 4); + Pack.UInt32_To_BE(result[2], dst, dstIndex + 8); + Pack.UInt32_To_BE(result[3], dst, dstIndex + 12); + return BLOCK_SIZE; + } + + /** + * Decrypt the given input starting at the given offset and place + * the result in the provided buffer starting at the given offset. + * + * @param src The plaintext buffer + * @param srcIndex An offset into src + * @param dst The ciphertext buffer + * @param dstIndex An offset into dst + */ + internal override int DecryptBlock( + byte[] src, + int srcIndex, + byte[] dst, + int dstIndex) + { + // process the input block + // batch the units up into 4x32 bit chunks and go for it + uint A = Pack.BE_To_UInt32(src, srcIndex); + uint B = Pack.BE_To_UInt32(src, srcIndex + 4); + uint C = Pack.BE_To_UInt32(src, srcIndex + 8); + uint D = Pack.BE_To_UInt32(src, srcIndex + 12); + uint[] result = new uint[4]; + CAST_Decipher(A, B, C, D, result); + // now stuff them into the destination block + Pack.UInt32_To_BE(result[0], dst, dstIndex); + Pack.UInt32_To_BE(result[1], dst, dstIndex + 4); + Pack.UInt32_To_BE(result[2], dst, dstIndex + 8); + Pack.UInt32_To_BE(result[3], dst, dstIndex + 12); + return BLOCK_SIZE; + } + + /** + * Does the 12 quad rounds rounds to encrypt the block. + * + * @param A the 00-31 bits of the plaintext block + * @param B the 32-63 bits of the plaintext block + * @param C the 64-95 bits of the plaintext block + * @param D the 96-127 bits of the plaintext block + * @param result the resulting ciphertext + */ + private void CAST_Encipher( + uint A, + uint B, + uint C, + uint D, + uint[] result) + { + for (int i = 0; i < 6; i++) + { + int x = i*4; + // BETA <- Qi(BETA) + C ^= F1(D, _Km[x], _Kr[x]); + B ^= F2(C, _Km[x + 1], _Kr[x + 1]); + A ^= F3(B, _Km[x + 2], _Kr[x + 2]); + D ^= F1(A, _Km[x + 3], _Kr[x + 3]); + } + for (int i = 6; i < 12; i++) + { + int x = i*4; + // BETA <- QBARi(BETA) + D ^= F1(A, _Km[x + 3], _Kr[x + 3]); + A ^= F3(B, _Km[x + 2], _Kr[x + 2]); + B ^= F2(C, _Km[x + 1], _Kr[x + 1]); + C ^= F1(D, _Km[x], _Kr[x]); + } + result[0] = A; + result[1] = B; + result[2] = C; + result[3] = D; + } + + /** + * Does the 12 quad rounds rounds to decrypt the block. + * + * @param A the 00-31 bits of the ciphertext block + * @param B the 32-63 bits of the ciphertext block + * @param C the 64-95 bits of the ciphertext block + * @param D the 96-127 bits of the ciphertext block + * @param result the resulting plaintext + */ + private void CAST_Decipher( + uint A, + uint B, + uint C, + uint D, + uint[] result) + { + for (int i = 0; i < 6; i++) + { + int x = (11-i)*4; + // BETA <- Qi(BETA) + C ^= F1(D, _Km[x], _Kr[x]); + B ^= F2(C, _Km[x + 1], _Kr[x + 1]); + A ^= F3(B, _Km[x + 2], _Kr[x + 2]); + D ^= F1(A, _Km[x + 3], _Kr[x + 3]); + } + for (int i=6; i<12; i++) + { + int x = (11-i)*4; + // BETA <- QBARi(BETA) + D ^= F1(A, _Km[x + 3], _Kr[x + 3]); + A ^= F3(B, _Km[x + 2], _Kr[x + 2]); + B ^= F2(C, _Km[x + 1], _Kr[x + 1]); + C ^= F1(D, _Km[x], _Kr[x]); + } + result[0] = A; + result[1] = B; + result[2] = C; + result[3] = D; + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/engines/ChaCha7539Engine.cs b/BouncyCastle/crypto/src/crypto/engines/ChaCha7539Engine.cs new file mode 100644 index 0000000..206416a --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/engines/ChaCha7539Engine.cs @@ -0,0 +1,66 @@ +using System; + +using Org.BouncyCastle.Crypto.Utilities; + +namespace Org.BouncyCastle.Crypto.Engines +{ + ///

+ /// Implementation of Daniel J. Bernstein's ChaCha stream cipher. + /// + public class ChaCha7539Engine + : Salsa20Engine + { + /// + /// Creates a 20 rounds ChaCha engine. + /// + public ChaCha7539Engine() + : base() + { + } + + public override string AlgorithmName + { + get { return "ChaCha7539"; } + } + + protected override int NonceSize + { + get { return 12; } + } + + protected override void AdvanceCounter() + { + if (++engineState[12] == 0) + throw new InvalidOperationException("attempt to increase counter past 2^32."); + } + + protected override void ResetCounter() + { + engineState[12] = 0; + } + + protected override void SetKey(byte[] keyBytes, byte[] ivBytes) + { + if (keyBytes != null) + { + if (keyBytes.Length != 32) + throw new ArgumentException(AlgorithmName + " requires 256 bit key"); + + PackTauOrSigma(keyBytes.Length, engineState, 0); + + // Key + Pack.LE_To_UInt32(keyBytes, 0, engineState, 4, 8); + } + + // IV + Pack.LE_To_UInt32(ivBytes, 0, engineState, 13, 3); + } + + protected override void GenerateKeyStream(byte[] output) + { + ChaChaEngine.ChachaCore(rounds, engineState, x); + Pack.UInt32_To_LE(x, output, 0); + } + } +} + diff --git a/BouncyCastle/crypto/src/crypto/engines/ChaChaEngine.cs b/BouncyCastle/crypto/src/crypto/engines/ChaChaEngine.cs new file mode 100644 index 0000000..a97c04e --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/engines/ChaChaEngine.cs @@ -0,0 +1,158 @@ +using System; + +using Org.BouncyCastle.Crypto.Utilities; +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Crypto.Engines +{ + /// + /// Implementation of Daniel J. Bernstein's ChaCha stream cipher. + /// + public class ChaChaEngine + : Salsa20Engine + { + /// + /// Creates a 20 rounds ChaCha engine. + /// + public ChaChaEngine() + { + } + + /// + /// Creates a ChaCha engine with a specific number of rounds. + /// + /// the number of rounds (must be an even number). + public ChaChaEngine(int rounds) + : base(rounds) + { + } + + public override string AlgorithmName + { + get { return "ChaCha" + rounds; } + } + + protected override void AdvanceCounter() + { + if (++engineState[12] == 0) + { + ++engineState[13]; + } + } + + protected override void ResetCounter() + { + engineState[12] = engineState[13] = 0; + } + + protected override void SetKey(byte[] keyBytes, byte[] ivBytes) + { + if (keyBytes != null) + { + if ((keyBytes.Length != 16) && (keyBytes.Length != 32)) + throw new ArgumentException(AlgorithmName + " requires 128 bit or 256 bit key"); + + PackTauOrSigma(keyBytes.Length, engineState, 0); + + // Key + Pack.LE_To_UInt32(keyBytes, 0, engineState, 4, 4); + Pack.LE_To_UInt32(keyBytes, keyBytes.Length - 16, engineState, 8, 4); + } + + // IV + Pack.LE_To_UInt32(ivBytes, 0, engineState, 14, 2); + } + + protected override void GenerateKeyStream(byte[] output) + { + ChachaCore(rounds, engineState, x); + Pack.UInt32_To_LE(x, output, 0); + } + + /// + /// ChaCha function. + /// + /// The number of ChaCha rounds to execute + /// The input words. + /// The ChaCha state to modify. + internal static void ChachaCore(int rounds, uint[] input, uint[] x) + { + if (input.Length != 16) + throw new ArgumentException(); + if (x.Length != 16) + throw new ArgumentException(); + if (rounds % 2 != 0) + throw new ArgumentException("Number of rounds must be even"); + + uint x00 = input[ 0]; + uint x01 = input[ 1]; + uint x02 = input[ 2]; + uint x03 = input[ 3]; + uint x04 = input[ 4]; + uint x05 = input[ 5]; + uint x06 = input[ 6]; + uint x07 = input[ 7]; + uint x08 = input[ 8]; + uint x09 = input[ 9]; + uint x10 = input[10]; + uint x11 = input[11]; + uint x12 = input[12]; + uint x13 = input[13]; + uint x14 = input[14]; + uint x15 = input[15]; + + for (int i = rounds; i > 0; i -= 2) + { + x00 += x04; x12 = Integers.RotateLeft(x12 ^ x00, 16); + x08 += x12; x04 = Integers.RotateLeft(x04 ^ x08, 12); + x00 += x04; x12 = Integers.RotateLeft(x12 ^ x00, 8); + x08 += x12; x04 = Integers.RotateLeft(x04 ^ x08, 7); + x01 += x05; x13 = Integers.RotateLeft(x13 ^ x01, 16); + x09 += x13; x05 = Integers.RotateLeft(x05 ^ x09, 12); + x01 += x05; x13 = Integers.RotateLeft(x13 ^ x01, 8); + x09 += x13; x05 = Integers.RotateLeft(x05 ^ x09, 7); + x02 += x06; x14 = Integers.RotateLeft(x14 ^ x02, 16); + x10 += x14; x06 = Integers.RotateLeft(x06 ^ x10, 12); + x02 += x06; x14 = Integers.RotateLeft(x14 ^ x02, 8); + x10 += x14; x06 = Integers.RotateLeft(x06 ^ x10, 7); + x03 += x07; x15 = Integers.RotateLeft(x15 ^ x03, 16); + x11 += x15; x07 = Integers.RotateLeft(x07 ^ x11, 12); + x03 += x07; x15 = Integers.RotateLeft(x15 ^ x03, 8); + x11 += x15; x07 = Integers.RotateLeft(x07 ^ x11, 7); + x00 += x05; x15 = Integers.RotateLeft(x15 ^ x00, 16); + x10 += x15; x05 = Integers.RotateLeft(x05 ^ x10, 12); + x00 += x05; x15 = Integers.RotateLeft(x15 ^ x00, 8); + x10 += x15; x05 = Integers.RotateLeft(x05 ^ x10, 7); + x01 += x06; x12 = Integers.RotateLeft(x12 ^ x01, 16); + x11 += x12; x06 = Integers.RotateLeft(x06 ^ x11, 12); + x01 += x06; x12 = Integers.RotateLeft(x12 ^ x01, 8); + x11 += x12; x06 = Integers.RotateLeft(x06 ^ x11, 7); + x02 += x07; x13 = Integers.RotateLeft(x13 ^ x02, 16); + x08 += x13; x07 = Integers.RotateLeft(x07 ^ x08, 12); + x02 += x07; x13 = Integers.RotateLeft(x13 ^ x02, 8); + x08 += x13; x07 = Integers.RotateLeft(x07 ^ x08, 7); + x03 += x04; x14 = Integers.RotateLeft(x14 ^ x03, 16); + x09 += x14; x04 = Integers.RotateLeft(x04 ^ x09, 12); + x03 += x04; x14 = Integers.RotateLeft(x14 ^ x03, 8); + x09 += x14; x04 = Integers.RotateLeft(x04 ^ x09, 7); + } + + x[ 0] = x00 + input[ 0]; + x[ 1] = x01 + input[ 1]; + x[ 2] = x02 + input[ 2]; + x[ 3] = x03 + input[ 3]; + x[ 4] = x04 + input[ 4]; + x[ 5] = x05 + input[ 5]; + x[ 6] = x06 + input[ 6]; + x[ 7] = x07 + input[ 7]; + x[ 8] = x08 + input[ 8]; + x[ 9] = x09 + input[ 9]; + x[10] = x10 + input[10]; + x[11] = x11 + input[11]; + x[12] = x12 + input[12]; + x[13] = x13 + input[13]; + x[14] = x14 + input[14]; + x[15] = x15 + input[15]; + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/engines/DesEdeEngine.cs b/BouncyCastle/crypto/src/crypto/engines/DesEdeEngine.cs new file mode 100644 index 0000000..2fac24a --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/engines/DesEdeEngine.cs @@ -0,0 +1,100 @@ +using System; + +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Crypto.Engines +{ + /// A class that provides a basic DESede (or Triple DES) engine. + public class DesEdeEngine + : DesEngine + { + private int[] workingKey1, workingKey2, workingKey3; + private bool forEncryption; + + /** + * initialise a DESede cipher. + * + * @param forEncryption whether or not we are for encryption. + * @param parameters the parameters required to set up the cipher. + * @exception ArgumentException if the parameters argument is + * inappropriate. + */ + public override void Init( + bool forEncryption, + ICipherParameters parameters) + { + if (!(parameters is KeyParameter)) + throw new ArgumentException("invalid parameter passed to DESede init - " + Platform.GetTypeName(parameters)); + + byte[] keyMaster = ((KeyParameter)parameters).GetKey(); + if (keyMaster.Length != 24 && keyMaster.Length != 16) + throw new ArgumentException("key size must be 16 or 24 bytes."); + + this.forEncryption = forEncryption; + + byte[] key1 = new byte[8]; + Array.Copy(keyMaster, 0, key1, 0, key1.Length); + workingKey1 = GenerateWorkingKey(forEncryption, key1); + + byte[] key2 = new byte[8]; + Array.Copy(keyMaster, 8, key2, 0, key2.Length); + workingKey2 = GenerateWorkingKey(!forEncryption, key2); + + if (keyMaster.Length == 24) + { + byte[] key3 = new byte[8]; + Array.Copy(keyMaster, 16, key3, 0, key3.Length); + workingKey3 = GenerateWorkingKey(forEncryption, key3); + } + else // 16 byte key + { + workingKey3 = workingKey1; + } + } + + public override string AlgorithmName + { + get { return "DESede"; } + } + + public override int GetBlockSize() + { + return BLOCK_SIZE; + } + + public override int ProcessBlock( + byte[] input, + int inOff, + byte[] output, + int outOff) + { + if (workingKey1 == null) + throw new InvalidOperationException("DESede engine not initialised"); + + Check.DataLength(input, inOff, BLOCK_SIZE, "input buffer too short"); + Check.OutputLength(output, outOff, BLOCK_SIZE, "output buffer too short"); + + byte[] temp = new byte[BLOCK_SIZE]; + + if (forEncryption) + { + DesFunc(workingKey1, input, inOff, temp, 0); + DesFunc(workingKey2, temp, 0, temp, 0); + DesFunc(workingKey3, temp, 0, output, outOff); + } + else + { + DesFunc(workingKey3, input, inOff, temp, 0); + DesFunc(workingKey2, temp, 0, temp, 0); + DesFunc(workingKey1, temp, 0, output, outOff); + } + + return BLOCK_SIZE; + } + + public override void Reset() + { + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/engines/DesEdeWrapEngine.cs b/BouncyCastle/crypto/src/crypto/engines/DesEdeWrapEngine.cs new file mode 100644 index 0000000..43100a9 --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/engines/DesEdeWrapEngine.cs @@ -0,0 +1,322 @@ +using System; + +using Org.BouncyCastle.Crypto.Digests; +using Org.BouncyCastle.Crypto.Modes; +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Security; +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Crypto.Engines +{ + /** + * Wrap keys according to + * + * draft-ietf-smime-key-wrap-01.txt. + *

+ * Note: + *

    + *
  • this is based on a draft, and as such is subject to change - don't use this class for anything requiring long term storage.
    • + *
  • if you are using this to wrap triple-des keys you need to set the + * parity bits on the key and, if it's a two-key triple-des key, pad it + * yourself.
    • + *
+ *

+ */ + public class DesEdeWrapEngine + : IWrapper + { + /** Field engine */ + private CbcBlockCipher engine; + /** Field param */ + private KeyParameter param; + /** Field paramPlusIV */ + private ParametersWithIV paramPlusIV; + /** Field iv */ + private byte[] iv; + /** Field forWrapping */ + private bool forWrapping; + /** Field IV2 */ + private static readonly byte[] IV2 = { (byte) 0x4a, (byte) 0xdd, (byte) 0xa2, + (byte) 0x2c, (byte) 0x79, (byte) 0xe8, + (byte) 0x21, (byte) 0x05 }; + + // + // checksum digest + // + private readonly IDigest sha1 = new Sha1Digest(); + private readonly byte[] digest = new byte[20]; + + /** + * Method init + * + * @param forWrapping + * @param param + */ + public virtual void Init( + bool forWrapping, + ICipherParameters parameters) + { + this.forWrapping = forWrapping; + this.engine = new CbcBlockCipher(new DesEdeEngine()); + + SecureRandom sr; + if (parameters is ParametersWithRandom) + { + ParametersWithRandom pr = (ParametersWithRandom) parameters; + parameters = pr.Parameters; + sr = pr.Random; + } + else + { + sr = new SecureRandom(); + } + + if (parameters is KeyParameter) + { + this.param = (KeyParameter) parameters; + if (this.forWrapping) + { + // Hm, we have no IV but we want to wrap ?!? + // well, then we have to create our own IV. + this.iv = new byte[8]; + sr.NextBytes(iv); + + this.paramPlusIV = new ParametersWithIV(this.param, this.iv); + } + } + else if (parameters is ParametersWithIV) + { + if (!forWrapping) + throw new ArgumentException("You should not supply an IV for unwrapping"); + + this.paramPlusIV = (ParametersWithIV) parameters; + this.iv = this.paramPlusIV.GetIV(); + this.param = (KeyParameter) this.paramPlusIV.Parameters; + + if (this.iv.Length != 8) + throw new ArgumentException("IV is not 8 octets", "parameters"); + } + } + + /** + * Method GetAlgorithmName + * + * @return + */ + public virtual string AlgorithmName + { + get { return "DESede"; } + } + + /** + * Method wrap + * + * @param in + * @param inOff + * @param inLen + * @return + */ + public virtual byte[] Wrap( + byte[] input, + int inOff, + int length) + { + if (!forWrapping) + { + throw new InvalidOperationException("Not initialized for wrapping"); + } + + byte[] keyToBeWrapped = new byte[length]; + Array.Copy(input, inOff, keyToBeWrapped, 0, length); + + // Compute the CMS Key Checksum, (section 5.6.1), call this CKS. + byte[] CKS = CalculateCmsKeyChecksum(keyToBeWrapped); + + // Let WKCKS = WK || CKS where || is concatenation. + byte[] WKCKS = new byte[keyToBeWrapped.Length + CKS.Length]; + Array.Copy(keyToBeWrapped, 0, WKCKS, 0, keyToBeWrapped.Length); + Array.Copy(CKS, 0, WKCKS, keyToBeWrapped.Length, CKS.Length); + + // Encrypt WKCKS in CBC mode using KEK as the key and IV as the + // initialization vector. Call the results TEMP1. + + int blockSize = engine.GetBlockSize(); + + if (WKCKS.Length % blockSize != 0) + throw new InvalidOperationException("Not multiple of block length"); + + engine.Init(true, paramPlusIV); + + byte [] TEMP1 = new byte[WKCKS.Length]; + + for (int currentBytePos = 0; currentBytePos != WKCKS.Length; currentBytePos += blockSize) + { + engine.ProcessBlock(WKCKS, currentBytePos, TEMP1, currentBytePos); + } + + // Let TEMP2 = IV || TEMP1. + byte[] TEMP2 = new byte[this.iv.Length + TEMP1.Length]; + Array.Copy(this.iv, 0, TEMP2, 0, this.iv.Length); + Array.Copy(TEMP1, 0, TEMP2, this.iv.Length, TEMP1.Length); + + // Reverse the order of the octets in TEMP2 and call the result TEMP3. + byte[] TEMP3 = reverse(TEMP2); + + // Encrypt TEMP3 in CBC mode using the KEK and an initialization vector + // of 0x 4a dd a2 2c 79 e8 21 05. The resulting cipher text is the desired + // result. It is 40 octets long if a 168 bit key is being wrapped. + ParametersWithIV param2 = new ParametersWithIV(this.param, IV2); + this.engine.Init(true, param2); + + for (int currentBytePos = 0; currentBytePos != TEMP3.Length; currentBytePos += blockSize) + { + engine.ProcessBlock(TEMP3, currentBytePos, TEMP3, currentBytePos); + } + + return TEMP3; + } + + /** + * Method unwrap + * + * @param in + * @param inOff + * @param inLen + * @return + * @throws InvalidCipherTextException + */ + public virtual byte[] Unwrap( + byte[] input, + int inOff, + int length) + { + if (forWrapping) + { + throw new InvalidOperationException("Not set for unwrapping"); + } + if (input == null) + { + throw new InvalidCipherTextException("Null pointer as ciphertext"); + } + + int blockSize = engine.GetBlockSize(); + + if (length % blockSize != 0) + { + throw new InvalidCipherTextException("Ciphertext not multiple of " + blockSize); + } + + /* + // Check if the length of the cipher text is reasonable given the key + // type. It must be 40 bytes for a 168 bit key and either 32, 40, or + // 48 bytes for a 128, 192, or 256 bit key. If the length is not supported + // or inconsistent with the algorithm for which the key is intended, + // return error. + // + // we do not accept 168 bit keys. it has to be 192 bit. + int lengthA = (estimatedKeyLengthInBit / 8) + 16; + int lengthB = estimatedKeyLengthInBit % 8; + if ((lengthA != keyToBeUnwrapped.Length) || (lengthB != 0)) { + throw new XMLSecurityException("empty"); + } + */ + + // Decrypt the cipher text with TRIPLedeS in CBC mode using the KEK + // and an initialization vector (IV) of 0x4adda22c79e82105. Call the output TEMP3. + ParametersWithIV param2 = new ParametersWithIV(this.param, IV2); + this.engine.Init(false, param2); + + byte [] TEMP3 = new byte[length]; + + for (int currentBytePos = 0; currentBytePos != TEMP3.Length; currentBytePos += blockSize) + { + engine.ProcessBlock(input, inOff + currentBytePos, TEMP3, currentBytePos); + } + + // Reverse the order of the octets in TEMP3 and call the result TEMP2. + byte[] TEMP2 = reverse(TEMP3); + + // Decompose TEMP2 into IV, the first 8 octets, and TEMP1, the remaining octets. + this.iv = new byte[8]; + byte[] TEMP1 = new byte[TEMP2.Length - 8]; + Array.Copy(TEMP2, 0, this.iv, 0, 8); + Array.Copy(TEMP2, 8, TEMP1, 0, TEMP2.Length - 8); + + // Decrypt TEMP1 using TRIPLedeS in CBC mode using the KEK and the IV + // found in the previous step. Call the result WKCKS. + this.paramPlusIV = new ParametersWithIV(this.param, this.iv); + this.engine.Init(false, this.paramPlusIV); + + byte[] WKCKS = new byte[TEMP1.Length]; + + for (int currentBytePos = 0; currentBytePos != WKCKS.Length; currentBytePos += blockSize) + { + engine.ProcessBlock(TEMP1, currentBytePos, WKCKS, currentBytePos); + } + + // Decompose WKCKS. CKS is the last 8 octets and WK, the wrapped key, are + // those octets before the CKS. + byte[] result = new byte[WKCKS.Length - 8]; + byte[] CKStoBeVerified = new byte[8]; + Array.Copy(WKCKS, 0, result, 0, WKCKS.Length - 8); + Array.Copy(WKCKS, WKCKS.Length - 8, CKStoBeVerified, 0, 8); + + // Calculate a CMS Key Checksum, (section 5.6.1), over the WK and compare + // with the CKS extracted in the above step. If they are not equal, return error. + if (!CheckCmsKeyChecksum(result, CKStoBeVerified)) { + throw new InvalidCipherTextException( + "Checksum inside ciphertext is corrupted"); + } + + // WK is the wrapped key, now extracted for use in data decryption. + return result; + } + + /** + * Some key wrap algorithms make use of the Key Checksum defined + * in CMS [CMS-Algorithms]. This is used to provide an integrity + * check value for the key being wrapped. The algorithm is + * + * - Compute the 20 octet SHA-1 hash on the key being wrapped. + * - Use the first 8 octets of this hash as the checksum value. + * + * @param key + * @return + * @throws Exception + * @see http://www.w3.org/TR/xmlenc-core/#sec-CMSKeyChecksum + */ + private byte[] CalculateCmsKeyChecksum( + byte[] key) + { + sha1.BlockUpdate(key, 0, key.Length); + sha1.DoFinal(digest, 0); + + byte[] result = new byte[8]; + Array.Copy(digest, 0, result, 0, 8); + return result; + } + + /** + * @param key + * @param checksum + * @return + * @see http://www.w3.org/TR/xmlenc-core/#sec-CMSKeyChecksum + */ + private bool CheckCmsKeyChecksum( + byte[] key, + byte[] checksum) + { + return Arrays.ConstantTimeAreEqual(CalculateCmsKeyChecksum(key), checksum); + } + + private static byte[] reverse(byte[] bs) + { + byte[] result = new byte[bs.Length]; + for (int i = 0; i < bs.Length; i++) + { + result[i] = bs[bs.Length - (i + 1)]; + } + return result; + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/engines/DesEngine.cs b/BouncyCastle/crypto/src/crypto/engines/DesEngine.cs new file mode 100644 index 0000000..cfd5068 --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/engines/DesEngine.cs @@ -0,0 +1,475 @@ +using System; + +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Crypto.Utilities; +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Crypto.Engines +{ + /// A class that provides a basic DES engine. + public class DesEngine + : IBlockCipher + { + internal const int BLOCK_SIZE = 8; + + private int[] workingKey; + + public virtual int[] GetWorkingKey() + { + return workingKey; + } + + /** + * initialise a DES cipher. + * + * @param forEncryption whether or not we are for encryption. + * @param parameters the parameters required to set up the cipher. + * @exception ArgumentException if the parameters argument is + * inappropriate. + */ + public virtual void Init( + bool forEncryption, + ICipherParameters parameters) + { + if (!(parameters is KeyParameter)) + throw new ArgumentException("invalid parameter passed to DES init - " + Platform.GetTypeName(parameters)); + + workingKey = GenerateWorkingKey(forEncryption, ((KeyParameter)parameters).GetKey()); + } + + public virtual string AlgorithmName + { + get { return "DES"; } + } + + public virtual bool IsPartialBlockOkay + { + get { return false; } + } + + public virtual int GetBlockSize() + { + return BLOCK_SIZE; + } + + public virtual int ProcessBlock( + byte[] input, + int inOff, + byte[] output, + int outOff) + { + if (workingKey == null) + throw new InvalidOperationException("DES engine not initialised"); + + Check.DataLength(input, inOff, BLOCK_SIZE, "input buffer too short"); + Check.OutputLength(output, outOff, BLOCK_SIZE, "output buffer too short"); + + DesFunc(workingKey, input, inOff, output, outOff); + + return BLOCK_SIZE; + } + + public virtual void Reset() + { + } + + /** + * what follows is mainly taken from "Applied Cryptography", by + * Bruce Schneier, however it also bears great resemblance to Richard + * Outerbridge's D3DES... + */ + +// private static readonly short[] Df_Key = +// { +// 0x01,0x23,0x45,0x67,0x89,0xab,0xcd,0xef, +// 0xfe,0xdc,0xba,0x98,0x76,0x54,0x32,0x10, +// 0x89,0xab,0xcd,0xef,0x01,0x23,0x45,0x67 +// }; + + private static readonly short[] bytebit = + { + 128, 64, 32, 16, 8, 4, 2, 1 + }; + + private static readonly int[] bigbyte = + { + 0x800000, 0x400000, 0x200000, 0x100000, + 0x80000, 0x40000, 0x20000, 0x10000, + 0x8000, 0x4000, 0x2000, 0x1000, + 0x800, 0x400, 0x200, 0x100, + 0x80, 0x40, 0x20, 0x10, + 0x8, 0x4, 0x2, 0x1 + }; + + /* + * Use the key schedule specified in the Standard (ANSI X3.92-1981). + */ + private static readonly byte[] pc1 = + { + 56, 48, 40, 32, 24, 16, 8, 0, 57, 49, 41, 33, 25, 17, + 9, 1, 58, 50, 42, 34, 26, 18, 10, 2, 59, 51, 43, 35, + 62, 54, 46, 38, 30, 22, 14, 6, 61, 53, 45, 37, 29, 21, + 13, 5, 60, 52, 44, 36, 28, 20, 12, 4, 27, 19, 11, 3 + }; + + private static readonly byte[] totrot = + { + 1, 2, 4, 6, 8, 10, 12, 14, + 15, 17, 19, 21, 23, 25, 27, 28 + }; + + private static readonly byte[] pc2 = + { + 13, 16, 10, 23, 0, 4, 2, 27, 14, 5, 20, 9, + 22, 18, 11, 3, 25, 7, 15, 6, 26, 19, 12, 1, + 40, 51, 30, 36, 46, 54, 29, 39, 50, 44, 32, 47, + 43, 48, 38, 55, 33, 52, 45, 41, 49, 35, 28, 31 + }; + + private static readonly uint[] SP1 = + { + 0x01010400, 0x00000000, 0x00010000, 0x01010404, + 0x01010004, 0x00010404, 0x00000004, 0x00010000, + 0x00000400, 0x01010400, 0x01010404, 0x00000400, + 0x01000404, 0x01010004, 0x01000000, 0x00000004, + 0x00000404, 0x01000400, 0x01000400, 0x00010400, + 0x00010400, 0x01010000, 0x01010000, 0x01000404, + 0x00010004, 0x01000004, 0x01000004, 0x00010004, + 0x00000000, 0x00000404, 0x00010404, 0x01000000, + 0x00010000, 0x01010404, 0x00000004, 0x01010000, + 0x01010400, 0x01000000, 0x01000000, 0x00000400, + 0x01010004, 0x00010000, 0x00010400, 0x01000004, + 0x00000400, 0x00000004, 0x01000404, 0x00010404, + 0x01010404, 0x00010004, 0x01010000, 0x01000404, + 0x01000004, 0x00000404, 0x00010404, 0x01010400, + 0x00000404, 0x01000400, 0x01000400, 0x00000000, + 0x00010004, 0x00010400, 0x00000000, 0x01010004 + }; + + private static readonly uint[] SP2 = + { + 0x80108020, 0x80008000, 0x00008000, 0x00108020, + 0x00100000, 0x00000020, 0x80100020, 0x80008020, + 0x80000020, 0x80108020, 0x80108000, 0x80000000, + 0x80008000, 0x00100000, 0x00000020, 0x80100020, + 0x00108000, 0x00100020, 0x80008020, 0x00000000, + 0x80000000, 0x00008000, 0x00108020, 0x80100000, + 0x00100020, 0x80000020, 0x00000000, 0x00108000, + 0x00008020, 0x80108000, 0x80100000, 0x00008020, + 0x00000000, 0x00108020, 0x80100020, 0x00100000, + 0x80008020, 0x80100000, 0x80108000, 0x00008000, + 0x80100000, 0x80008000, 0x00000020, 0x80108020, + 0x00108020, 0x00000020, 0x00008000, 0x80000000, + 0x00008020, 0x80108000, 0x00100000, 0x80000020, + 0x00100020, 0x80008020, 0x80000020, 0x00100020, + 0x00108000, 0x00000000, 0x80008000, 0x00008020, + 0x80000000, 0x80100020, 0x80108020, 0x00108000 + }; + + private static readonly uint[] SP3 = + { + 0x00000208, 0x08020200, 0x00000000, 0x08020008, + 0x08000200, 0x00000000, 0x00020208, 0x08000200, + 0x00020008, 0x08000008, 0x08000008, 0x00020000, + 0x08020208, 0x00020008, 0x08020000, 0x00000208, + 0x08000000, 0x00000008, 0x08020200, 0x00000200, + 0x00020200, 0x08020000, 0x08020008, 0x00020208, + 0x08000208, 0x00020200, 0x00020000, 0x08000208, + 0x00000008, 0x08020208, 0x00000200, 0x08000000, + 0x08020200, 0x08000000, 0x00020008, 0x00000208, + 0x00020000, 0x08020200, 0x08000200, 0x00000000, + 0x00000200, 0x00020008, 0x08020208, 0x08000200, + 0x08000008, 0x00000200, 0x00000000, 0x08020008, + 0x08000208, 0x00020000, 0x08000000, 0x08020208, + 0x00000008, 0x00020208, 0x00020200, 0x08000008, + 0x08020000, 0x08000208, 0x00000208, 0x08020000, + 0x00020208, 0x00000008, 0x08020008, 0x00020200 + }; + + private static readonly uint[] SP4 = + { + 0x00802001, 0x00002081, 0x00002081, 0x00000080, + 0x00802080, 0x00800081, 0x00800001, 0x00002001, + 0x00000000, 0x00802000, 0x00802000, 0x00802081, + 0x00000081, 0x00000000, 0x00800080, 0x00800001, + 0x00000001, 0x00002000, 0x00800000, 0x00802001, + 0x00000080, 0x00800000, 0x00002001, 0x00002080, + 0x00800081, 0x00000001, 0x00002080, 0x00800080, + 0x00002000, 0x00802080, 0x00802081, 0x00000081, + 0x00800080, 0x00800001, 0x00802000, 0x00802081, + 0x00000081, 0x00000000, 0x00000000, 0x00802000, + 0x00002080, 0x00800080, 0x00800081, 0x00000001, + 0x00802001, 0x00002081, 0x00002081, 0x00000080, + 0x00802081, 0x00000081, 0x00000001, 0x00002000, + 0x00800001, 0x00002001, 0x00802080, 0x00800081, + 0x00002001, 0x00002080, 0x00800000, 0x00802001, + 0x00000080, 0x00800000, 0x00002000, 0x00802080 + }; + + private static readonly uint[] SP5 = + { + 0x00000100, 0x02080100, 0x02080000, 0x42000100, + 0x00080000, 0x00000100, 0x40000000, 0x02080000, + 0x40080100, 0x00080000, 0x02000100, 0x40080100, + 0x42000100, 0x42080000, 0x00080100, 0x40000000, + 0x02000000, 0x40080000, 0x40080000, 0x00000000, + 0x40000100, 0x42080100, 0x42080100, 0x02000100, + 0x42080000, 0x40000100, 0x00000000, 0x42000000, + 0x02080100, 0x02000000, 0x42000000, 0x00080100, + 0x00080000, 0x42000100, 0x00000100, 0x02000000, + 0x40000000, 0x02080000, 0x42000100, 0x40080100, + 0x02000100, 0x40000000, 0x42080000, 0x02080100, + 0x40080100, 0x00000100, 0x02000000, 0x42080000, + 0x42080100, 0x00080100, 0x42000000, 0x42080100, + 0x02080000, 0x00000000, 0x40080000, 0x42000000, + 0x00080100, 0x02000100, 0x40000100, 0x00080000, + 0x00000000, 0x40080000, 0x02080100, 0x40000100 + }; + + private static readonly uint[] SP6 = + { + 0x20000010, 0x20400000, 0x00004000, 0x20404010, + 0x20400000, 0x00000010, 0x20404010, 0x00400000, + 0x20004000, 0x00404010, 0x00400000, 0x20000010, + 0x00400010, 0x20004000, 0x20000000, 0x00004010, + 0x00000000, 0x00400010, 0x20004010, 0x00004000, + 0x00404000, 0x20004010, 0x00000010, 0x20400010, + 0x20400010, 0x00000000, 0x00404010, 0x20404000, + 0x00004010, 0x00404000, 0x20404000, 0x20000000, + 0x20004000, 0x00000010, 0x20400010, 0x00404000, + 0x20404010, 0x00400000, 0x00004010, 0x20000010, + 0x00400000, 0x20004000, 0x20000000, 0x00004010, + 0x20000010, 0x20404010, 0x00404000, 0x20400000, + 0x00404010, 0x20404000, 0x00000000, 0x20400010, + 0x00000010, 0x00004000, 0x20400000, 0x00404010, + 0x00004000, 0x00400010, 0x20004010, 0x00000000, + 0x20404000, 0x20000000, 0x00400010, 0x20004010 + }; + + private static readonly uint[] SP7 = + { + 0x00200000, 0x04200002, 0x04000802, 0x00000000, + 0x00000800, 0x04000802, 0x00200802, 0x04200800, + 0x04200802, 0x00200000, 0x00000000, 0x04000002, + 0x00000002, 0x04000000, 0x04200002, 0x00000802, + 0x04000800, 0x00200802, 0x00200002, 0x04000800, + 0x04000002, 0x04200000, 0x04200800, 0x00200002, + 0x04200000, 0x00000800, 0x00000802, 0x04200802, + 0x00200800, 0x00000002, 0x04000000, 0x00200800, + 0x04000000, 0x00200800, 0x00200000, 0x04000802, + 0x04000802, 0x04200002, 0x04200002, 0x00000002, + 0x00200002, 0x04000000, 0x04000800, 0x00200000, + 0x04200800, 0x00000802, 0x00200802, 0x04200800, + 0x00000802, 0x04000002, 0x04200802, 0x04200000, + 0x00200800, 0x00000000, 0x00000002, 0x04200802, + 0x00000000, 0x00200802, 0x04200000, 0x00000800, + 0x04000002, 0x04000800, 0x00000800, 0x00200002 + }; + + private static readonly uint[] SP8 = + { + 0x10001040, 0x00001000, 0x00040000, 0x10041040, + 0x10000000, 0x10001040, 0x00000040, 0x10000000, + 0x00040040, 0x10040000, 0x10041040, 0x00041000, + 0x10041000, 0x00041040, 0x00001000, 0x00000040, + 0x10040000, 0x10000040, 0x10001000, 0x00001040, + 0x00041000, 0x00040040, 0x10040040, 0x10041000, + 0x00001040, 0x00000000, 0x00000000, 0x10040040, + 0x10000040, 0x10001000, 0x00041040, 0x00040000, + 0x00041040, 0x00040000, 0x10041000, 0x00001000, + 0x00000040, 0x10040040, 0x00001000, 0x00041040, + 0x10001000, 0x00000040, 0x10000040, 0x10040000, + 0x10040040, 0x10000000, 0x00040000, 0x10001040, + 0x00000000, 0x10041040, 0x00040040, 0x10000040, + 0x10040000, 0x10001000, 0x10001040, 0x00000000, + 0x10041040, 0x00041000, 0x00041000, 0x00001040, + 0x00001040, 0x00040040, 0x10000000, 0x10041000 + }; + + /** + * Generate an integer based working key based on our secret key + * and what we processing we are planning to do. + * + * Acknowledgements for this routine go to James Gillogly and Phil Karn. + * (whoever, and wherever they are!). + */ + protected static int[] GenerateWorkingKey( + bool encrypting, + byte[] key) + { + int[] newKey = new int[32]; + bool[] pc1m = new bool[56]; + bool[] pcr = new bool[56]; + + for (int j = 0; j < 56; j++ ) + { + int l = pc1[j]; + + pc1m[j] = ((key[(uint) l >> 3] & bytebit[l & 07]) != 0); + } + + for (int i = 0; i < 16; i++) + { + int l, m, n; + + if (encrypting) + { + m = i << 1; + } + else + { + m = (15 - i) << 1; + } + + n = m + 1; + newKey[m] = newKey[n] = 0; + + for (int j = 0; j < 28; j++) + { + l = j + totrot[i]; + if ( l < 28 ) + { + pcr[j] = pc1m[l]; + } + else + { + pcr[j] = pc1m[l - 28]; + } + } + + for (int j = 28; j < 56; j++) + { + l = j + totrot[i]; + if (l < 56 ) + { + pcr[j] = pc1m[l]; + } + else + { + pcr[j] = pc1m[l - 28]; + } + } + + for (int j = 0; j < 24; j++) + { + if (pcr[pc2[j]]) + { + newKey[m] |= bigbyte[j]; + } + + if (pcr[pc2[j + 24]]) + { + newKey[n] |= bigbyte[j]; + } + } + } + + // + // store the processed key + // + for (int i = 0; i != 32; i += 2) + { + int i1, i2; + + i1 = newKey[i]; + i2 = newKey[i + 1]; + + newKey[i] = (int) ( (uint) ((i1 & 0x00fc0000) << 6) | + (uint) ((i1 & 0x00000fc0) << 10) | + ((uint) (i2 & 0x00fc0000) >> 10) | + ((uint) (i2 & 0x00000fc0) >> 6)); + + newKey[i + 1] = (int) ( (uint) ((i1 & 0x0003f000) << 12) | + (uint) ((i1 & 0x0000003f) << 16) | + ((uint) (i2 & 0x0003f000) >> 4) | + (uint) (i2 & 0x0000003f)); + } + + return newKey; + } + + /** + * the DES engine. + */ + internal static void DesFunc( + int[] wKey, + byte[] input, + int inOff, + byte[] outBytes, + int outOff) + { + uint left = Pack.BE_To_UInt32(input, inOff); + uint right = Pack.BE_To_UInt32(input, inOff + 4); + uint work; + + work = ((left >> 4) ^ right) & 0x0f0f0f0f; + right ^= work; + left ^= (work << 4); + work = ((left >> 16) ^ right) & 0x0000ffff; + right ^= work; + left ^= (work << 16); + work = ((right >> 2) ^ left) & 0x33333333; + left ^= work; + right ^= (work << 2); + work = ((right >> 8) ^ left) & 0x00ff00ff; + left ^= work; + right ^= (work << 8); + right = (right << 1) | (right >> 31); + work = (left ^ right) & 0xaaaaaaaa; + left ^= work; + right ^= work; + left = (left << 1) | (left >> 31); + + for (int round = 0; round < 8; round++) + { + uint fval; + + work = (right << 28) | (right >> 4); + work ^= (uint)wKey[round * 4 + 0]; + fval = SP7[work & 0x3f]; + fval |= SP5[(work >> 8) & 0x3f]; + fval |= SP3[(work >> 16) & 0x3f]; + fval |= SP1[(work >> 24) & 0x3f]; + work = right ^ (uint)wKey[round * 4 + 1]; + fval |= SP8[ work & 0x3f]; + fval |= SP6[(work >> 8) & 0x3f]; + fval |= SP4[(work >> 16) & 0x3f]; + fval |= SP2[(work >> 24) & 0x3f]; + left ^= fval; + work = (left << 28) | (left >> 4); + work ^= (uint)wKey[round * 4 + 2]; + fval = SP7[ work & 0x3f]; + fval |= SP5[(work >> 8) & 0x3f]; + fval |= SP3[(work >> 16) & 0x3f]; + fval |= SP1[(work >> 24) & 0x3f]; + work = left ^ (uint)wKey[round * 4 + 3]; + fval |= SP8[ work & 0x3f]; + fval |= SP6[(work >> 8) & 0x3f]; + fval |= SP4[(work >> 16) & 0x3f]; + fval |= SP2[(work >> 24) & 0x3f]; + right ^= fval; + } + + right = (right << 31) | (right >> 1); + work = (left ^ right) & 0xaaaaaaaa; + left ^= work; + right ^= work; + left = (left << 31) | (left >> 1); + work = ((left >> 8) ^ right) & 0x00ff00ff; + right ^= work; + left ^= (work << 8); + work = ((left >> 2) ^ right) & 0x33333333; + right ^= work; + left ^= (work << 2); + work = ((right >> 16) ^ left) & 0x0000ffff; + left ^= work; + right ^= (work << 16); + work = ((right >> 4) ^ left) & 0x0f0f0f0f; + left ^= work; + right ^= (work << 4); + + Pack.UInt32_To_BE(right, outBytes, outOff); + Pack.UInt32_To_BE(left, outBytes, outOff + 4); + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/engines/Dstu7624Engine.cs b/BouncyCastle/crypto/src/crypto/engines/Dstu7624Engine.cs new file mode 100644 index 0000000..4242d3a --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/engines/Dstu7624Engine.cs @@ -0,0 +1,1084 @@ +using System; +using System.Collections; + +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Crypto.Utilities; +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Crypto.Engines +{ + /** + * implementation of DSTU 7624 (Kalyna) + */ + public class Dstu7624Engine + : IBlockCipher + { + private ulong[] internalState; + private ulong[] workingKey; + private ulong[][] roundKeys; + + /* Number of 64-bit words in block */ + private int wordsInBlock; + + /* Number of 64-bit words in key */ + private int wordsInKey; + + /* Number of encryption rounds depending on key length */ + private const int ROUNDS_128 = 10; + private const int ROUNDS_256 = 14; + private const int ROUNDS_512 = 18; + + private int roundsAmount; + + private bool forEncryption; + + public Dstu7624Engine(int blockSizeBits) + { + /* DSTU7624 supports 128 | 256 | 512 key/block sizes */ + if (blockSizeBits != 128 && blockSizeBits != 256 && blockSizeBits != 512) + { + throw new ArgumentException("unsupported block length: only 128/256/512 are allowed"); + } + + wordsInBlock = blockSizeBits / 64; + internalState = new ulong[wordsInBlock]; + } + + #region INITIALIZATION + + public virtual void Init(bool forEncryption, ICipherParameters parameters) + { + if (!(parameters is KeyParameter)) + throw new ArgumentException("Invalid parameter passed to Dstu7624Engine Init"); + + this.forEncryption = forEncryption; + + byte[] keyBytes = ((KeyParameter)parameters).GetKey(); + int keyBitLength = keyBytes.Length << 3; + int blockBitLength = wordsInBlock << 6; + + if (keyBitLength != 128 && keyBitLength != 256 && keyBitLength != 512) + { + throw new ArgumentException("unsupported key length: only 128/256/512 are allowed"); + } + + /* Limitations on key lengths depending on block lengths. See table 6.1 in standard */ + if (keyBitLength != blockBitLength && keyBitLength != (2 * blockBitLength)) + { + throw new ArgumentException("Unsupported key length"); + } + + switch (keyBitLength) + { + case 128: + roundsAmount = ROUNDS_128; + break; + case 256: + roundsAmount = ROUNDS_256; + break; + case 512: + roundsAmount = ROUNDS_512; + break; + } + + wordsInKey = keyBitLength / 64; + + /* +1 round key as defined in standard */ + roundKeys = new ulong[roundsAmount + 1][]; + for (int roundKeyIndex = 0; roundKeyIndex < roundKeys.Length; roundKeyIndex++) + { + roundKeys[roundKeyIndex] = new ulong[wordsInBlock]; + } + + workingKey = new ulong[wordsInKey]; + + if (keyBytes.Length != wordsInKey * 8) + { + throw new ArgumentException("Invalid key parameter passed to Dstu7624Engine Init"); + } + + /* Unpack encryption key bytes to words */ + Pack.LE_To_UInt64(keyBytes, 0, workingKey); + + ulong[] tempKeys = new ulong[wordsInBlock]; + + /* KSA in DSTU7624 is strengthened to mitigate known weaknesses in AES KSA (eprint.iacr.org/2012/260.pdf) */ + WorkingKeyExpandKT(workingKey, tempKeys); + WorkingKeyExpandEven(workingKey, tempKeys); + WorkingKeyExpandOdd(); + } + + private void WorkingKeyExpandKT(ulong[] workingKey, ulong[] tempKeys) + { + ulong[] k0 = new ulong[wordsInBlock]; + ulong[] k1 = new ulong[wordsInBlock]; + + internalState = new ulong[wordsInBlock]; + internalState[0] += (ulong)(wordsInBlock + wordsInKey + 1); + + if (wordsInBlock == wordsInKey) + { + Array.Copy(workingKey, 0, k0, 0, k0.Length); + Array.Copy(workingKey, 0, k1, 0, k1.Length); + } + else + { + Array.Copy(workingKey, 0, k0, 0, wordsInBlock); + Array.Copy(workingKey, wordsInBlock, k1, 0, wordsInBlock); + } + + + for (int wordIndex = 0; wordIndex < internalState.Length; wordIndex++) + { + internalState[wordIndex] += k0[wordIndex]; + } + + EncryptionRound(); + + for (int wordIndex = 0; wordIndex < internalState.Length; wordIndex++) + { + internalState[wordIndex] ^= k1[wordIndex]; + } + + EncryptionRound(); + + for (int wordIndex = 0; wordIndex < internalState.Length; wordIndex++) + { + internalState[wordIndex] += k0[wordIndex]; + } + + EncryptionRound(); + + Array.Copy(internalState, 0, tempKeys, 0, wordsInBlock); + } + + private void WorkingKeyExpandEven(ulong[] workingKey, ulong[] tempKey) + { + ulong[] initialData = new ulong[wordsInKey]; + ulong[] tempRoundKey = new ulong[wordsInBlock]; + + int round = 0; + + Array.Copy(workingKey, 0, initialData, 0, wordsInKey); + + ulong tmv = 0x0001000100010001UL; + + while (true) + { + for (int wordIndex = 0; wordIndex < wordsInBlock; wordIndex++) + { + tempRoundKey[wordIndex] = tempKey[wordIndex] + tmv; + } + + for (int wordIndex = 0; wordIndex < wordsInBlock; wordIndex++) + { + internalState[wordIndex] = initialData[wordIndex] + tempRoundKey[wordIndex]; + } + + EncryptionRound(); + + for (int wordIndex = 0; wordIndex < wordsInBlock; wordIndex++) + { + internalState[wordIndex] ^= tempRoundKey[wordIndex]; + } + + EncryptionRound(); + + for (int wordIndex = 0; wordIndex < wordsInBlock; wordIndex++) + { + internalState[wordIndex] += tempRoundKey[wordIndex]; + } + + Array.Copy(internalState, 0, roundKeys[round], 0, wordsInBlock); + + if (roundsAmount == round) + { + break; + } + + if (wordsInKey != wordsInBlock) + { + round += 2; + tmv <<= 1; + + for (int wordIndex = 0; wordIndex < wordsInBlock; wordIndex++) + { + tempRoundKey[wordIndex] = tempKey[wordIndex] + tmv; + } + + for (int wordIndex = 0; wordIndex < wordsInBlock; wordIndex++) + { + internalState[wordIndex] = initialData[wordsInBlock + wordIndex] + tempRoundKey[wordIndex]; + } + + EncryptionRound(); + + for (int wordIndex = 0; wordIndex < wordsInBlock; wordIndex++) + { + internalState[wordIndex] ^= tempRoundKey[wordIndex]; + } + + EncryptionRound(); + + for (int wordIndex = 0; wordIndex < wordsInBlock; wordIndex++) + { + internalState[wordIndex] += tempRoundKey[wordIndex]; + } + + Array.Copy(internalState, 0, roundKeys[round], 0, wordsInBlock); + + if (roundsAmount == round) + { + break; + } + } + + round += 2; + tmv <<= 1; + + ulong temp = initialData[0]; + for (int i = 1; i < initialData.Length; ++i) + { + initialData[i - 1] = initialData[i]; + } + initialData[initialData.Length - 1] = temp; + } + } + + private void WorkingKeyExpandOdd() + { + for (int roundIndex = 1; roundIndex < roundsAmount; roundIndex += 2) + { + RotateLeft(roundKeys[roundIndex - 1], roundKeys[roundIndex]); + } + } + + #endregion + + public virtual int ProcessBlock(byte[] input, int inOff, byte[] output, int outOff) + { + if (workingKey == null) + throw new InvalidOperationException("Dstu7624Engine not initialised"); + + Check.DataLength(input, inOff, GetBlockSize(), "input buffer too short"); + Check.OutputLength(output, outOff, GetBlockSize(), "output buffer too short"); + + if (forEncryption) + { + /* Encrypt */ + switch (wordsInBlock) + { + case 2: + { + EncryptBlock_128(input, inOff, output, outOff); + break; + } + default: + { + Pack.LE_To_UInt64(input, inOff, internalState); + AddRoundKey(0); + for (int round = 0;;) + { + EncryptionRound(); + + if (++round == roundsAmount) + { + break; + } + + XorRoundKey(round); + } + AddRoundKey(roundsAmount); + Pack.UInt64_To_LE(internalState, output, outOff); + break; + } + } + } + else + { + /* Decrypt */ + switch (wordsInBlock) + { + case 2: + { + DecryptBlock_128(input, inOff, output, outOff); + break; + } + default: + { + Pack.LE_To_UInt64(input, inOff, internalState); + SubRoundKey(roundsAmount); + for (int round = roundsAmount;;) + { + DecryptionRound(); + + if (--round == 0) + { + break; + } + + XorRoundKey(round); + } + SubRoundKey(0); + Pack.UInt64_To_LE(internalState, output, outOff); + break; + } + } + } + + return GetBlockSize(); + } + + private void EncryptionRound() + { + SubBytes(); + ShiftRows(); + MixColumns(); + } + + private void DecryptionRound() + { + MixColumnsInv(); + InvShiftRows(); + InvSubBytes(); + } + + private void DecryptBlock_128(byte[] input, int inOff, byte[] output, int outOff) + { + ulong c0 = Pack.LE_To_UInt64(input, inOff); + ulong c1 = Pack.LE_To_UInt64(input, inOff + 8); + + ulong[] roundKey = roundKeys[roundsAmount]; + c0 -= roundKey[0]; + c1 -= roundKey[1]; + + for (int round = roundsAmount;;) + { + c0 = MixColumnInv(c0); + c1 = MixColumnInv(c1); + + uint lo0 = (uint)c0, hi0 = (uint)(c0 >> 32); + uint lo1 = (uint)c1, hi1 = (uint)(c1 >> 32); + + { + byte t0 = T0[lo0 & 0xFF]; + byte t1 = T1[(lo0 >> 8) & 0xFF]; + byte t2 = T2[(lo0 >> 16) & 0xFF]; + byte t3 = T3[lo0 >> 24]; + lo0 = (uint)t0 | ((uint)t1 << 8) | ((uint)t2 << 16) | ((uint)t3 << 24); + byte t4 = T0[hi1 & 0xFF]; + byte t5 = T1[(hi1 >> 8) & 0xFF]; + byte t6 = T2[(hi1 >> 16) & 0xFF]; + byte t7 = T3[hi1 >> 24]; + hi1 = (uint)t4 | ((uint)t5 << 8) | ((uint)t6 << 16) | ((uint)t7 << 24); + c0 = (ulong)lo0 | ((ulong)hi1 << 32); + } + + { + byte t0 = T0[lo1 & 0xFF]; + byte t1 = T1[(lo1 >> 8) & 0xFF]; + byte t2 = T2[(lo1 >> 16) & 0xFF]; + byte t3 = T3[lo1 >> 24]; + lo1 = (uint)t0 | ((uint)t1 << 8) | ((uint)t2 << 16) | ((uint)t3 << 24); + byte t4 = T0[hi0 & 0xFF]; + byte t5 = T1[(hi0 >> 8) & 0xFF]; + byte t6 = T2[(hi0 >> 16) & 0xFF]; + byte t7 = T3[hi0 >> 24]; + hi0 = (uint)t4 | ((uint)t5 << 8) | ((uint)t6 << 16) | ((uint)t7 << 24); + c1 = (ulong)lo1 | ((ulong)hi0 << 32); + } + + if (--round == 0) + { + break; + } + + roundKey = roundKeys[round]; + c0 ^= roundKey[0]; + c1 ^= roundKey[1]; + } + + roundKey = roundKeys[0]; + c0 -= roundKey[0]; + c1 -= roundKey[1]; + + Pack.UInt64_To_LE(c0, output, outOff); + Pack.UInt64_To_LE(c1, output, outOff + 8); + } + + private void EncryptBlock_128(byte[] input, int inOff, byte[] output, int outOff) + { + ulong c0 = Pack.LE_To_UInt64(input, inOff); + ulong c1 = Pack.LE_To_UInt64(input, inOff + 8); + + ulong[] roundKey = roundKeys[0]; + c0 += roundKey[0]; + c1 += roundKey[1]; + + for (int round = 0;;) + { + uint lo0 = (uint)c0, hi0 = (uint)(c0 >> 32); + uint lo1 = (uint)c1, hi1 = (uint)(c1 >> 32); + + { + byte t0 = S0[lo0 & 0xFF]; + byte t1 = S1[(lo0 >> 8) & 0xFF]; + byte t2 = S2[(lo0 >> 16) & 0xFF]; + byte t3 = S3[lo0 >> 24]; + lo0 = (uint)t0 | ((uint)t1 << 8) | ((uint)t2 << 16) | ((uint)t3 << 24); + byte t4 = S0[hi1 & 0xFF]; + byte t5 = S1[(hi1 >> 8) & 0xFF]; + byte t6 = S2[(hi1 >> 16) & 0xFF]; + byte t7 = S3[hi1 >> 24]; + hi1 = (uint)t4 | ((uint)t5 << 8) | ((uint)t6 << 16) | ((uint)t7 << 24); + c0 = (ulong)lo0 | ((ulong)hi1 << 32); + } + + { + byte t0 = S0[lo1 & 0xFF]; + byte t1 = S1[(lo1 >> 8) & 0xFF]; + byte t2 = S2[(lo1 >> 16) & 0xFF]; + byte t3 = S3[lo1 >> 24]; + lo1 = (uint)t0 | ((uint)t1 << 8) | ((uint)t2 << 16) | ((uint)t3 << 24); + byte t4 = S0[hi0 & 0xFF]; + byte t5 = S1[(hi0 >> 8) & 0xFF]; + byte t6 = S2[(hi0 >> 16) & 0xFF]; + byte t7 = S3[hi0 >> 24]; + hi0 = (uint)t4 | ((uint)t5 << 8) | ((uint)t6 << 16) | ((uint)t7 << 24); + c1 = (ulong)lo1 | ((ulong)hi0 << 32); + } + + c0 = MixColumn(c0); + c1 = MixColumn(c1); + + if (++round == roundsAmount) + { + break; + } + + roundKey = roundKeys[round]; + c0 ^= roundKey[0]; + c1 ^= roundKey[1]; + } + + roundKey = roundKeys[roundsAmount]; + c0 += roundKey[0]; + c1 += roundKey[1]; + + Pack.UInt64_To_LE(c0, output, outOff); + Pack.UInt64_To_LE(c1, output, outOff + 8); + } + + private void SubBytes() + { + for (int i = 0; i < wordsInBlock; i++) + { + ulong u = internalState[i]; + uint lo = (uint)u, hi = (uint)(u >> 32); + byte t0 = S0[lo & 0xFF]; + byte t1 = S1[(lo >> 8) & 0xFF]; + byte t2 = S2[(lo >> 16) & 0xFF]; + byte t3 = S3[lo >> 24]; + lo = (uint)t0 | ((uint)t1 << 8) | ((uint)t2 << 16) | ((uint)t3 << 24); + byte t4 = S0[hi & 0xFF]; + byte t5 = S1[(hi >> 8) & 0xFF]; + byte t6 = S2[(hi >> 16) & 0xFF]; + byte t7 = S3[hi >> 24]; + hi = (uint)t4 | ((uint)t5 << 8) | ((uint)t6 << 16) | ((uint)t7 << 24); + internalState[i] = (ulong)lo | ((ulong)hi << 32); + } + } + + private void InvSubBytes() + { + for (int i = 0; i < wordsInBlock; i++) + { + ulong u = internalState[i]; + uint lo = (uint)u, hi = (uint)(u >> 32); + byte t0 = T0[lo & 0xFF]; + byte t1 = T1[(lo >> 8) & 0xFF]; + byte t2 = T2[(lo >> 16) & 0xFF]; + byte t3 = T3[lo >> 24]; + lo = (uint)t0 | ((uint)t1 << 8) | ((uint)t2 << 16) | ((uint)t3 << 24); + byte t4 = T0[hi & 0xFF]; + byte t5 = T1[(hi >> 8) & 0xFF]; + byte t6 = T2[(hi >> 16) & 0xFF]; + byte t7 = T3[hi >> 24]; + hi = (uint)t4 | ((uint)t5 << 8) | ((uint)t6 << 16) | ((uint)t7 << 24); + internalState[i] = (ulong)lo | ((ulong)hi << 32); + } + } + + private void ShiftRows() + { + switch (wordsInBlock) + { + case 2: + { + ulong c0 = internalState[0], c1 = internalState[1]; + ulong d; + + d = (c0 ^ c1) & 0xFFFFFFFF00000000UL; c0 ^= d; c1 ^= d; + + internalState[0] = c0; + internalState[1] = c1; + break; + } + case 4: + { + ulong c0 = internalState[0], c1 = internalState[1], c2 = internalState[2], c3 = internalState[3]; + ulong d; + + d = (c0 ^ c2) & 0xFFFFFFFF00000000UL; c0 ^= d; c2 ^= d; + d = (c1 ^ c3) & 0x0000FFFFFFFF0000UL; c1 ^= d; c3 ^= d; + + d = (c0 ^ c1) & 0xFFFF0000FFFF0000UL; c0 ^= d; c1 ^= d; + d = (c2 ^ c3) & 0xFFFF0000FFFF0000UL; c2 ^= d; c3 ^= d; + + internalState[0] = c0; + internalState[1] = c1; + internalState[2] = c2; + internalState[3] = c3; + break; + } + case 8: + { + ulong c0 = internalState[0], c1 = internalState[1], c2 = internalState[2], c3 = internalState[3]; + ulong c4 = internalState[4], c5 = internalState[5], c6 = internalState[6], c7 = internalState[7]; + ulong d; + + d = (c0 ^ c4) & 0xFFFFFFFF00000000UL; c0 ^= d; c4 ^= d; + d = (c1 ^ c5) & 0x00FFFFFFFF000000UL; c1 ^= d; c5 ^= d; + d = (c2 ^ c6) & 0x0000FFFFFFFF0000UL; c2 ^= d; c6 ^= d; + d = (c3 ^ c7) & 0x000000FFFFFFFF00UL; c3 ^= d; c7 ^= d; + + d = (c0 ^ c2) & 0xFFFF0000FFFF0000UL; c0 ^= d; c2 ^= d; + d = (c1 ^ c3) & 0x00FFFF0000FFFF00UL; c1 ^= d; c3 ^= d; + d = (c4 ^ c6) & 0xFFFF0000FFFF0000UL; c4 ^= d; c6 ^= d; + d = (c5 ^ c7) & 0x00FFFF0000FFFF00UL; c5 ^= d; c7 ^= d; + + d = (c0 ^ c1) & 0xFF00FF00FF00FF00UL; c0 ^= d; c1 ^= d; + d = (c2 ^ c3) & 0xFF00FF00FF00FF00UL; c2 ^= d; c3 ^= d; + d = (c4 ^ c5) & 0xFF00FF00FF00FF00UL; c4 ^= d; c5 ^= d; + d = (c6 ^ c7) & 0xFF00FF00FF00FF00UL; c6 ^= d; c7 ^= d; + + internalState[0] = c0; + internalState[1] = c1; + internalState[2] = c2; + internalState[3] = c3; + internalState[4] = c4; + internalState[5] = c5; + internalState[6] = c6; + internalState[7] = c7; + break; + } + default: + { + throw new InvalidOperationException("unsupported block length: only 128/256/512 are allowed"); + } + } + } + + private void InvShiftRows() + { + switch (wordsInBlock) + { + case 2: + { + ulong c0 = internalState[0], c1 = internalState[1]; + ulong d; + + d = (c0 ^ c1) & 0xFFFFFFFF00000000UL; c0 ^= d; c1 ^= d; + + internalState[0] = c0; + internalState[1] = c1; + break; + } + case 4: + { + ulong c0 = internalState[0], c1 = internalState[1], c2 = internalState[2], c3 = internalState[3]; + ulong d; + + d = (c0 ^ c1) & 0xFFFF0000FFFF0000UL; c0 ^= d; c1 ^= d; + d = (c2 ^ c3) & 0xFFFF0000FFFF0000UL; c2 ^= d; c3 ^= d; + + d = (c0 ^ c2) & 0xFFFFFFFF00000000UL; c0 ^= d; c2 ^= d; + d = (c1 ^ c3) & 0x0000FFFFFFFF0000UL; c1 ^= d; c3 ^= d; + + internalState[0] = c0; + internalState[1] = c1; + internalState[2] = c2; + internalState[3] = c3; + break; + } + case 8: + { + ulong c0 = internalState[0], c1 = internalState[1], c2 = internalState[2], c3 = internalState[3]; + ulong c4 = internalState[4], c5 = internalState[5], c6 = internalState[6], c7 = internalState[7]; + ulong d; + + d = (c0 ^ c1) & 0xFF00FF00FF00FF00UL; c0 ^= d; c1 ^= d; + d = (c2 ^ c3) & 0xFF00FF00FF00FF00UL; c2 ^= d; c3 ^= d; + d = (c4 ^ c5) & 0xFF00FF00FF00FF00UL; c4 ^= d; c5 ^= d; + d = (c6 ^ c7) & 0xFF00FF00FF00FF00UL; c6 ^= d; c7 ^= d; + + d = (c0 ^ c2) & 0xFFFF0000FFFF0000UL; c0 ^= d; c2 ^= d; + d = (c1 ^ c3) & 0x00FFFF0000FFFF00UL; c1 ^= d; c3 ^= d; + d = (c4 ^ c6) & 0xFFFF0000FFFF0000UL; c4 ^= d; c6 ^= d; + d = (c5 ^ c7) & 0x00FFFF0000FFFF00UL; c5 ^= d; c7 ^= d; + + d = (c0 ^ c4) & 0xFFFFFFFF00000000UL; c0 ^= d; c4 ^= d; + d = (c1 ^ c5) & 0x00FFFFFFFF000000UL; c1 ^= d; c5 ^= d; + d = (c2 ^ c6) & 0x0000FFFFFFFF0000UL; c2 ^= d; c6 ^= d; + d = (c3 ^ c7) & 0x000000FFFFFFFF00UL; c3 ^= d; c7 ^= d; + + internalState[0] = c0; + internalState[1] = c1; + internalState[2] = c2; + internalState[3] = c3; + internalState[4] = c4; + internalState[5] = c5; + internalState[6] = c6; + internalState[7] = c7; + break; + } + default: + { + throw new InvalidOperationException("unsupported block length: only 128/256/512 are allowed"); + } + } + } + + private void AddRoundKey(int round) + { + ulong[] roundKey = roundKeys[round]; + for (int i = 0; i < wordsInBlock; ++i) + { + internalState[i] += roundKey[i]; + } + } + + private void SubRoundKey(int round) + { + ulong[] roundKey = roundKeys[round]; + for (int i = 0; i < wordsInBlock; ++i) + { + internalState[i] -= roundKey[i]; + } + } + + private void XorRoundKey(int round) + { + ulong[] roundKey = roundKeys[round]; + for (int i = 0; i < wordsInBlock; i++) + { + internalState[i] ^= roundKey[i]; + } + } + + private static ulong MixColumn(ulong c) + { + //// Calculate column multiplied by powers of 'x' + //ulong x0 = c; + //ulong x1 = MulX(x0); + //ulong x2 = MulX(x1); + //ulong x3 = MulX(x2); + + //// Calculate products with circulant matrix from (0x01, 0x01, 0x05, 0x01, 0x08, 0x06, 0x07, 0x04) + //ulong m0 = x0; + //ulong m1 = x0; + //ulong m2 = x0 ^ x2; + //ulong m3 = x0; + //ulong m4 = x3; + //ulong m5 = x1 ^ x2; + //ulong m6 = x0 ^ x1 ^ x2; + //ulong m7 = x2; + + //// Assemble the rotated products + //return m0 + // ^ Rotate(8, m1) + // ^ Rotate(16, m2) + // ^ Rotate(24, m3) + // ^ Rotate(32, m4) + // ^ Rotate(40, m5) + // ^ Rotate(48, m6) + // ^ Rotate(56, m7); + + ulong x1 = MulX(c); + ulong u, v; + + u = Rotate(8, c) ^ c; + u ^= Rotate(16, u); + u ^= Rotate(48, c); + + v = MulX2(u ^ c ^ x1); + + return u ^ Rotate(32, v) ^ Rotate(40, x1) ^ Rotate(48, x1); + } + + private void MixColumns() + { + for (int col = 0; col < wordsInBlock; ++col) + { + internalState[col] = MixColumn(internalState[col]); + } + } + + private static ulong MixColumnInv(ulong c) + { +/* + // Calculate column multiplied by powers of 'x' + ulong x0 = c; + ulong x1 = MulX(x0); + ulong x2 = MulX(x1); + ulong x3 = MulX(x2); + ulong x4 = MulX(x3); + ulong x5 = MulX(x4); + ulong x6 = MulX(x5); + ulong x7 = MulX(x6); + + // Calculate products with circulant matrix from (0xAD,0x95,0x76,0xA8,0x2F,0x49,0xD7,0xCA) + //long m0 = x0 ^ x2 ^ x3 ^ x5 ^ x7; + //long m1 = x0 ^ x2 ^ x4 ^ x7; + //long m2 = x1 ^ x2 ^ x4 ^ x5 ^ x6; + //long m3 = x3 ^ x5 ^ x7; + //long m4 = x0 ^ x1 ^ x2 ^ x3 ^ x5; + //long m5 = x0 ^ x3 ^ x6; + //long m6 = x0 ^ x1 ^ x2 ^ x4 ^ x6 ^ x7; + //long m7 = x1 ^ x3 ^ x6 ^ x7; + + ulong m5 = x0 ^ x3 ^ x6; + x0 ^= x2; + ulong m3 = x3 ^ x5 ^ x7; + ulong m0 = m3 ^ x0; + ulong m6 = x0 ^ x4; + ulong m1 = m6 ^ x7; + x5 ^= x1; + x7 ^= x1 ^ x6; + ulong m2 = x2 ^ x4 ^ x5 ^ x6; + ulong m4 = x0 ^ x3 ^ x5; + m6 ^= x7; + ulong m7 = x3 ^ x7; + + // Assemble the rotated products + return m0 + ^ Rotate(8, m1) + ^ Rotate(16, m2) + ^ Rotate(24, m3) + ^ Rotate(32, m4) + ^ Rotate(40, m5) + ^ Rotate(48, m6) + ^ Rotate(56, m7); +*/ + + ulong u0 = c; + u0 ^= Rotate( 8, u0); + u0 ^= Rotate(32, u0); + u0 ^= Rotate(48, c); + + ulong t = u0 ^ c; + + ulong c48 = Rotate(48, c); + ulong c56 = Rotate(56, c); + + ulong u7 = t ^ c56; + ulong u6 = Rotate(56, t); + u6 ^= MulX(u7); + ulong u5 = Rotate(16, t) ^ c; + u5 ^= Rotate(40, MulX(u6) ^ c); + ulong u4 = t ^ c48; + u4 ^= MulX(u5); + ulong u3 = Rotate(16, u0); + u3 ^= MulX(u4); + ulong u2 = t ^ Rotate(24, c) ^ c48 ^ c56; + u2 ^= MulX(u3); + ulong u1 = Rotate(32, t) ^ c ^ c56; + u1 ^= MulX(u2); + u0 ^= MulX(Rotate(40, u1)); + + return u0; + } + + private void MixColumnsInv() + { + for (int col = 0; col < wordsInBlock; ++col) + { + internalState[col] = MixColumnInv(internalState[col]); + } + } + + private static ulong MulX(ulong n) + { + return ((n & 0x7F7F7F7F7F7F7F7FUL) << 1) ^ (((n & 0x8080808080808080UL) >> 7) * 0x1DUL); + } + + private static ulong MulX2(ulong n) + { + return ((n & 0x3F3F3F3F3F3F3F3FUL) << 2) ^ (((n & 0x8080808080808080UL) >> 6) * 0x1DUL) ^ (((n & 0x4040404040404040UL) >> 6) * 0x1DUL); + } + + //private static ulong MulX4(ulong n) + //{ + // ulong u = n & 0xF0F0F0F0F0F0F0F0UL; + // return ((n & 0x0F0F0F0F0F0F0F0FUL) << 4) ^ u ^ (u >> 1) ^ (u >> 2) ^ (u >> 4); + //} + + /* + * Pair-wise modular multiplication of 8 byte-pairs. + * + * REDUCTION_POLYNOMIAL is x^8 + x^4 + x^3 + x^2 + 1 + */ + //private static ulong MultiplyGFx8(ulong u, ulong v, int vMaxDegree) + //{ + // ulong r = u & ((v & 0x0101010101010101UL) * 0xFFUL); + // for (int i = 1; i <= vMaxDegree; ++i) + // { + // u = ((u & 0x7F7F7F7F7F7F7F7FUL) << 1) ^ (((u >> 7) & 0x0101010101010101UL) * 0x1DUL); + // v >>= 1; + + // r ^= u & ((v & 0x0101010101010101UL) * 0xFFUL); + // } + + // return r; + //} + + //private static ulong MultiplyMds(ulong u) + //{ + // ulong r = 0, s = 0, t = (u >> 8); + // r ^= u & 0x0000001F00000000UL; r <<= 1; + // s ^= t & 0x00000000E0000000UL; s <<= 1; + // r ^= u & 0x3F3F3F00003F0000UL; r <<= 1; + // s ^= t & 0x00C0C0C00000C000UL; s <<= 1; + // r ^= u & 0x007F7F0000000000UL; r <<= 1; + // s ^= t & 0x0000808000000000UL; s <<= 1; + // r ^= u & 0x00FF0000FFFFFFFFUL; + // r ^= s ^ (s << 2) ^ (s << 3) ^ (s << 4); + // return r; + //} + + private static ulong Rotate(int n, ulong x) + { + return (x >> n) | (x << -n); + } + + private void RotateLeft(ulong[] x, ulong[] z) + { + switch (wordsInBlock) + { + case 2: + { + ulong x0 = x[0], x1 = x[1]; + z[0] = (x0 >> 56) | (x1 << 8); + z[1] = (x1 >> 56) | (x0 << 8); + break; + } + case 4: + { + ulong x0 = x[0], x1 = x[1], x2 = x[2], x3 = x[3]; + z[0] = (x1 >> 24) | (x2 << 40); + z[1] = (x2 >> 24) | (x3 << 40); + z[2] = (x3 >> 24) | (x0 << 40); + z[3] = (x0 >> 24) | (x1 << 40); + break; + } + case 8: + { + ulong x0 = x[0], x1 = x[1], x2 = x[2], x3 = x[3]; + ulong x4 = x[4], x5 = x[5], x6 = x[6], x7 = x[7]; + z[0] = (x2 >> 24) | (x3 << 40); + z[1] = (x3 >> 24) | (x4 << 40); + z[2] = (x4 >> 24) | (x5 << 40); + z[3] = (x5 >> 24) | (x6 << 40); + z[4] = (x6 >> 24) | (x7 << 40); + z[5] = (x7 >> 24) | (x0 << 40); + z[6] = (x0 >> 24) | (x1 << 40); + z[7] = (x1 >> 24) | (x2 << 40); + break; + } + default: + { + throw new InvalidOperationException("unsupported block length: only 128/256/512 are allowed"); + } + } + } + + #region TABLES AND S-BOXES + + private const ulong mdsMatrix = 0x0407060801050101UL; + private const ulong mdsInvMatrix = 0xCAD7492FA87695ADUL; + + private static readonly byte[] S0 = new byte[]{ + 0xa8, 0x43, 0x5f, 0x06, 0x6b, 0x75, 0x6c, 0x59, 0x71, 0xdf, 0x87, 0x95, 0x17, 0xf0, 0xd8, 0x09, + 0x6d, 0xf3, 0x1d, 0xcb, 0xc9, 0x4d, 0x2c, 0xaf, 0x79, 0xe0, 0x97, 0xfd, 0x6f, 0x4b, 0x45, 0x39, + 0x3e, 0xdd, 0xa3, 0x4f, 0xb4, 0xb6, 0x9a, 0x0e, 0x1f, 0xbf, 0x15, 0xe1, 0x49, 0xd2, 0x93, 0xc6, + 0x92, 0x72, 0x9e, 0x61, 0xd1, 0x63, 0xfa, 0xee, 0xf4, 0x19, 0xd5, 0xad, 0x58, 0xa4, 0xbb, 0xa1, + 0xdc, 0xf2, 0x83, 0x37, 0x42, 0xe4, 0x7a, 0x32, 0x9c, 0xcc, 0xab, 0x4a, 0x8f, 0x6e, 0x04, 0x27, + 0x2e, 0xe7, 0xe2, 0x5a, 0x96, 0x16, 0x23, 0x2b, 0xc2, 0x65, 0x66, 0x0f, 0xbc, 0xa9, 0x47, 0x41, + 0x34, 0x48, 0xfc, 0xb7, 0x6a, 0x88, 0xa5, 0x53, 0x86, 0xf9, 0x5b, 0xdb, 0x38, 0x7b, 0xc3, 0x1e, + 0x22, 0x33, 0x24, 0x28, 0x36, 0xc7, 0xb2, 0x3b, 0x8e, 0x77, 0xba, 0xf5, 0x14, 0x9f, 0x08, 0x55, + 0x9b, 0x4c, 0xfe, 0x60, 0x5c, 0xda, 0x18, 0x46, 0xcd, 0x7d, 0x21, 0xb0, 0x3f, 0x1b, 0x89, 0xff, + 0xeb, 0x84, 0x69, 0x3a, 0x9d, 0xd7, 0xd3, 0x70, 0x67, 0x40, 0xb5, 0xde, 0x5d, 0x30, 0x91, 0xb1, + 0x78, 0x11, 0x01, 0xe5, 0x00, 0x68, 0x98, 0xa0, 0xc5, 0x02, 0xa6, 0x74, 0x2d, 0x0b, 0xa2, 0x76, + 0xb3, 0xbe, 0xce, 0xbd, 0xae, 0xe9, 0x8a, 0x31, 0x1c, 0xec, 0xf1, 0x99, 0x94, 0xaa, 0xf6, 0x26, + 0x2f, 0xef, 0xe8, 0x8c, 0x35, 0x03, 0xd4, 0x7f, 0xfb, 0x05, 0xc1, 0x5e, 0x90, 0x20, 0x3d, 0x82, + 0xf7, 0xea, 0x0a, 0x0d, 0x7e, 0xf8, 0x50, 0x1a, 0xc4, 0x07, 0x57, 0xb8, 0x3c, 0x62, 0xe3, 0xc8, + 0xac, 0x52, 0x64, 0x10, 0xd0, 0xd9, 0x13, 0x0c, 0x12, 0x29, 0x51, 0xb9, 0xcf, 0xd6, 0x73, 0x8d, + 0x81, 0x54, 0xc0, 0xed, 0x4e, 0x44, 0xa7, 0x2a, 0x85, 0x25, 0xe6, 0xca, 0x7c, 0x8b, 0x56, 0x80 + }; + + private static readonly byte[] S1 = new byte[]{ + 0xce, 0xbb, 0xeb, 0x92, 0xea, 0xcb, 0x13, 0xc1, 0xe9, 0x3a, 0xd6, 0xb2, 0xd2, 0x90, 0x17, 0xf8, + 0x42, 0x15, 0x56, 0xb4, 0x65, 0x1c, 0x88, 0x43, 0xc5, 0x5c, 0x36, 0xba, 0xf5, 0x57, 0x67, 0x8d, + 0x31, 0xf6, 0x64, 0x58, 0x9e, 0xf4, 0x22, 0xaa, 0x75, 0x0f, 0x02, 0xb1, 0xdf, 0x6d, 0x73, 0x4d, + 0x7c, 0x26, 0x2e, 0xf7, 0x08, 0x5d, 0x44, 0x3e, 0x9f, 0x14, 0xc8, 0xae, 0x54, 0x10, 0xd8, 0xbc, + 0x1a, 0x6b, 0x69, 0xf3, 0xbd, 0x33, 0xab, 0xfa, 0xd1, 0x9b, 0x68, 0x4e, 0x16, 0x95, 0x91, 0xee, + 0x4c, 0x63, 0x8e, 0x5b, 0xcc, 0x3c, 0x19, 0xa1, 0x81, 0x49, 0x7b, 0xd9, 0x6f, 0x37, 0x60, 0xca, + 0xe7, 0x2b, 0x48, 0xfd, 0x96, 0x45, 0xfc, 0x41, 0x12, 0x0d, 0x79, 0xe5, 0x89, 0x8c, 0xe3, 0x20, + 0x30, 0xdc, 0xb7, 0x6c, 0x4a, 0xb5, 0x3f, 0x97, 0xd4, 0x62, 0x2d, 0x06, 0xa4, 0xa5, 0x83, 0x5f, + 0x2a, 0xda, 0xc9, 0x00, 0x7e, 0xa2, 0x55, 0xbf, 0x11, 0xd5, 0x9c, 0xcf, 0x0e, 0x0a, 0x3d, 0x51, + 0x7d, 0x93, 0x1b, 0xfe, 0xc4, 0x47, 0x09, 0x86, 0x0b, 0x8f, 0x9d, 0x6a, 0x07, 0xb9, 0xb0, 0x98, + 0x18, 0x32, 0x71, 0x4b, 0xef, 0x3b, 0x70, 0xa0, 0xe4, 0x40, 0xff, 0xc3, 0xa9, 0xe6, 0x78, 0xf9, + 0x8b, 0x46, 0x80, 0x1e, 0x38, 0xe1, 0xb8, 0xa8, 0xe0, 0x0c, 0x23, 0x76, 0x1d, 0x25, 0x24, 0x05, + 0xf1, 0x6e, 0x94, 0x28, 0x9a, 0x84, 0xe8, 0xa3, 0x4f, 0x77, 0xd3, 0x85, 0xe2, 0x52, 0xf2, 0x82, + 0x50, 0x7a, 0x2f, 0x74, 0x53, 0xb3, 0x61, 0xaf, 0x39, 0x35, 0xde, 0xcd, 0x1f, 0x99, 0xac, 0xad, + 0x72, 0x2c, 0xdd, 0xd0, 0x87, 0xbe, 0x5e, 0xa6, 0xec, 0x04, 0xc6, 0x03, 0x34, 0xfb, 0xdb, 0x59, + 0xb6, 0xc2, 0x01, 0xf0, 0x5a, 0xed, 0xa7, 0x66, 0x21, 0x7f, 0x8a, 0x27, 0xc7, 0xc0, 0x29, 0xd7 + }; + + private static readonly byte[] S2 = new byte[]{ + 0x93, 0xd9, 0x9a, 0xb5, 0x98, 0x22, 0x45, 0xfc, 0xba, 0x6a, 0xdf, 0x02, 0x9f, 0xdc, 0x51, 0x59, + 0x4a, 0x17, 0x2b, 0xc2, 0x94, 0xf4, 0xbb, 0xa3, 0x62, 0xe4, 0x71, 0xd4, 0xcd, 0x70, 0x16, 0xe1, + 0x49, 0x3c, 0xc0, 0xd8, 0x5c, 0x9b, 0xad, 0x85, 0x53, 0xa1, 0x7a, 0xc8, 0x2d, 0xe0, 0xd1, 0x72, + 0xa6, 0x2c, 0xc4, 0xe3, 0x76, 0x78, 0xb7, 0xb4, 0x09, 0x3b, 0x0e, 0x41, 0x4c, 0xde, 0xb2, 0x90, + 0x25, 0xa5, 0xd7, 0x03, 0x11, 0x00, 0xc3, 0x2e, 0x92, 0xef, 0x4e, 0x12, 0x9d, 0x7d, 0xcb, 0x35, + 0x10, 0xd5, 0x4f, 0x9e, 0x4d, 0xa9, 0x55, 0xc6, 0xd0, 0x7b, 0x18, 0x97, 0xd3, 0x36, 0xe6, 0x48, + 0x56, 0x81, 0x8f, 0x77, 0xcc, 0x9c, 0xb9, 0xe2, 0xac, 0xb8, 0x2f, 0x15, 0xa4, 0x7c, 0xda, 0x38, + 0x1e, 0x0b, 0x05, 0xd6, 0x14, 0x6e, 0x6c, 0x7e, 0x66, 0xfd, 0xb1, 0xe5, 0x60, 0xaf, 0x5e, 0x33, + 0x87, 0xc9, 0xf0, 0x5d, 0x6d, 0x3f, 0x88, 0x8d, 0xc7, 0xf7, 0x1d, 0xe9, 0xec, 0xed, 0x80, 0x29, + 0x27, 0xcf, 0x99, 0xa8, 0x50, 0x0f, 0x37, 0x24, 0x28, 0x30, 0x95, 0xd2, 0x3e, 0x5b, 0x40, 0x83, + 0xb3, 0x69, 0x57, 0x1f, 0x07, 0x1c, 0x8a, 0xbc, 0x20, 0xeb, 0xce, 0x8e, 0xab, 0xee, 0x31, 0xa2, + 0x73, 0xf9, 0xca, 0x3a, 0x1a, 0xfb, 0x0d, 0xc1, 0xfe, 0xfa, 0xf2, 0x6f, 0xbd, 0x96, 0xdd, 0x43, + 0x52, 0xb6, 0x08, 0xf3, 0xae, 0xbe, 0x19, 0x89, 0x32, 0x26, 0xb0, 0xea, 0x4b, 0x64, 0x84, 0x82, + 0x6b, 0xf5, 0x79, 0xbf, 0x01, 0x5f, 0x75, 0x63, 0x1b, 0x23, 0x3d, 0x68, 0x2a, 0x65, 0xe8, 0x91, + 0xf6, 0xff, 0x13, 0x58, 0xf1, 0x47, 0x0a, 0x7f, 0xc5, 0xa7, 0xe7, 0x61, 0x5a, 0x06, 0x46, 0x44, + 0x42, 0x04, 0xa0, 0xdb, 0x39, 0x86, 0x54, 0xaa, 0x8c, 0x34, 0x21, 0x8b, 0xf8, 0x0c, 0x74, 0x67 + }; + + private static readonly byte[] S3 = new byte[]{ + 0x68, 0x8d, 0xca, 0x4d, 0x73, 0x4b, 0x4e, 0x2a, 0xd4, 0x52, 0x26, 0xb3, 0x54, 0x1e, 0x19, 0x1f, + 0x22, 0x03, 0x46, 0x3d, 0x2d, 0x4a, 0x53, 0x83, 0x13, 0x8a, 0xb7, 0xd5, 0x25, 0x79, 0xf5, 0xbd, + 0x58, 0x2f, 0x0d, 0x02, 0xed, 0x51, 0x9e, 0x11, 0xf2, 0x3e, 0x55, 0x5e, 0xd1, 0x16, 0x3c, 0x66, + 0x70, 0x5d, 0xf3, 0x45, 0x40, 0xcc, 0xe8, 0x94, 0x56, 0x08, 0xce, 0x1a, 0x3a, 0xd2, 0xe1, 0xdf, + 0xb5, 0x38, 0x6e, 0x0e, 0xe5, 0xf4, 0xf9, 0x86, 0xe9, 0x4f, 0xd6, 0x85, 0x23, 0xcf, 0x32, 0x99, + 0x31, 0x14, 0xae, 0xee, 0xc8, 0x48, 0xd3, 0x30, 0xa1, 0x92, 0x41, 0xb1, 0x18, 0xc4, 0x2c, 0x71, + 0x72, 0x44, 0x15, 0xfd, 0x37, 0xbe, 0x5f, 0xaa, 0x9b, 0x88, 0xd8, 0xab, 0x89, 0x9c, 0xfa, 0x60, + 0xea, 0xbc, 0x62, 0x0c, 0x24, 0xa6, 0xa8, 0xec, 0x67, 0x20, 0xdb, 0x7c, 0x28, 0xdd, 0xac, 0x5b, + 0x34, 0x7e, 0x10, 0xf1, 0x7b, 0x8f, 0x63, 0xa0, 0x05, 0x9a, 0x43, 0x77, 0x21, 0xbf, 0x27, 0x09, + 0xc3, 0x9f, 0xb6, 0xd7, 0x29, 0xc2, 0xeb, 0xc0, 0xa4, 0x8b, 0x8c, 0x1d, 0xfb, 0xff, 0xc1, 0xb2, + 0x97, 0x2e, 0xf8, 0x65, 0xf6, 0x75, 0x07, 0x04, 0x49, 0x33, 0xe4, 0xd9, 0xb9, 0xd0, 0x42, 0xc7, + 0x6c, 0x90, 0x00, 0x8e, 0x6f, 0x50, 0x01, 0xc5, 0xda, 0x47, 0x3f, 0xcd, 0x69, 0xa2, 0xe2, 0x7a, + 0xa7, 0xc6, 0x93, 0x0f, 0x0a, 0x06, 0xe6, 0x2b, 0x96, 0xa3, 0x1c, 0xaf, 0x6a, 0x12, 0x84, 0x39, + 0xe7, 0xb0, 0x82, 0xf7, 0xfe, 0x9d, 0x87, 0x5c, 0x81, 0x35, 0xde, 0xb4, 0xa5, 0xfc, 0x80, 0xef, + 0xcb, 0xbb, 0x6b, 0x76, 0xba, 0x5a, 0x7d, 0x78, 0x0b, 0x95, 0xe3, 0xad, 0x74, 0x98, 0x3b, 0x36, + 0x64, 0x6d, 0xdc, 0xf0, 0x59, 0xa9, 0x4c, 0x17, 0x7f, 0x91, 0xb8, 0xc9, 0x57, 0x1b, 0xe0, 0x61 + }; + + private static readonly byte[] T0 = new byte[]{ + 0xa4, 0xa2, 0xa9, 0xc5, 0x4e, 0xc9, 0x03, 0xd9, 0x7e, 0x0f, 0xd2, 0xad, 0xe7, 0xd3, 0x27, 0x5b, + 0xe3, 0xa1, 0xe8, 0xe6, 0x7c, 0x2a, 0x55, 0x0c, 0x86, 0x39, 0xd7, 0x8d, 0xb8, 0x12, 0x6f, 0x28, + 0xcd, 0x8a, 0x70, 0x56, 0x72, 0xf9, 0xbf, 0x4f, 0x73, 0xe9, 0xf7, 0x57, 0x16, 0xac, 0x50, 0xc0, + 0x9d, 0xb7, 0x47, 0x71, 0x60, 0xc4, 0x74, 0x43, 0x6c, 0x1f, 0x93, 0x77, 0xdc, 0xce, 0x20, 0x8c, + 0x99, 0x5f, 0x44, 0x01, 0xf5, 0x1e, 0x87, 0x5e, 0x61, 0x2c, 0x4b, 0x1d, 0x81, 0x15, 0xf4, 0x23, + 0xd6, 0xea, 0xe1, 0x67, 0xf1, 0x7f, 0xfe, 0xda, 0x3c, 0x07, 0x53, 0x6a, 0x84, 0x9c, 0xcb, 0x02, + 0x83, 0x33, 0xdd, 0x35, 0xe2, 0x59, 0x5a, 0x98, 0xa5, 0x92, 0x64, 0x04, 0x06, 0x10, 0x4d, 0x1c, + 0x97, 0x08, 0x31, 0xee, 0xab, 0x05, 0xaf, 0x79, 0xa0, 0x18, 0x46, 0x6d, 0xfc, 0x89, 0xd4, 0xc7, + 0xff, 0xf0, 0xcf, 0x42, 0x91, 0xf8, 0x68, 0x0a, 0x65, 0x8e, 0xb6, 0xfd, 0xc3, 0xef, 0x78, 0x4c, + 0xcc, 0x9e, 0x30, 0x2e, 0xbc, 0x0b, 0x54, 0x1a, 0xa6, 0xbb, 0x26, 0x80, 0x48, 0x94, 0x32, 0x7d, + 0xa7, 0x3f, 0xae, 0x22, 0x3d, 0x66, 0xaa, 0xf6, 0x00, 0x5d, 0xbd, 0x4a, 0xe0, 0x3b, 0xb4, 0x17, + 0x8b, 0x9f, 0x76, 0xb0, 0x24, 0x9a, 0x25, 0x63, 0xdb, 0xeb, 0x7a, 0x3e, 0x5c, 0xb3, 0xb1, 0x29, + 0xf2, 0xca, 0x58, 0x6e, 0xd8, 0xa8, 0x2f, 0x75, 0xdf, 0x14, 0xfb, 0x13, 0x49, 0x88, 0xb2, 0xec, + 0xe4, 0x34, 0x2d, 0x96, 0xc6, 0x3a, 0xed, 0x95, 0x0e, 0xe5, 0x85, 0x6b, 0x40, 0x21, 0x9b, 0x09, + 0x19, 0x2b, 0x52, 0xde, 0x45, 0xa3, 0xfa, 0x51, 0xc2, 0xb5, 0xd1, 0x90, 0xb9, 0xf3, 0x37, 0xc1, + 0x0d, 0xba, 0x41, 0x11, 0x38, 0x7b, 0xbe, 0xd0, 0xd5, 0x69, 0x36, 0xc8, 0x62, 0x1b, 0x82, 0x8f + }; + + private static readonly byte[] T1 = new byte[]{ + 0x83, 0xf2, 0x2a, 0xeb, 0xe9, 0xbf, 0x7b, 0x9c, 0x34, 0x96, 0x8d, 0x98, 0xb9, 0x69, 0x8c, 0x29, + 0x3d, 0x88, 0x68, 0x06, 0x39, 0x11, 0x4c, 0x0e, 0xa0, 0x56, 0x40, 0x92, 0x15, 0xbc, 0xb3, 0xdc, + 0x6f, 0xf8, 0x26, 0xba, 0xbe, 0xbd, 0x31, 0xfb, 0xc3, 0xfe, 0x80, 0x61, 0xe1, 0x7a, 0x32, 0xd2, + 0x70, 0x20, 0xa1, 0x45, 0xec, 0xd9, 0x1a, 0x5d, 0xb4, 0xd8, 0x09, 0xa5, 0x55, 0x8e, 0x37, 0x76, + 0xa9, 0x67, 0x10, 0x17, 0x36, 0x65, 0xb1, 0x95, 0x62, 0x59, 0x74, 0xa3, 0x50, 0x2f, 0x4b, 0xc8, + 0xd0, 0x8f, 0xcd, 0xd4, 0x3c, 0x86, 0x12, 0x1d, 0x23, 0xef, 0xf4, 0x53, 0x19, 0x35, 0xe6, 0x7f, + 0x5e, 0xd6, 0x79, 0x51, 0x22, 0x14, 0xf7, 0x1e, 0x4a, 0x42, 0x9b, 0x41, 0x73, 0x2d, 0xc1, 0x5c, + 0xa6, 0xa2, 0xe0, 0x2e, 0xd3, 0x28, 0xbb, 0xc9, 0xae, 0x6a, 0xd1, 0x5a, 0x30, 0x90, 0x84, 0xf9, + 0xb2, 0x58, 0xcf, 0x7e, 0xc5, 0xcb, 0x97, 0xe4, 0x16, 0x6c, 0xfa, 0xb0, 0x6d, 0x1f, 0x52, 0x99, + 0x0d, 0x4e, 0x03, 0x91, 0xc2, 0x4d, 0x64, 0x77, 0x9f, 0xdd, 0xc4, 0x49, 0x8a, 0x9a, 0x24, 0x38, + 0xa7, 0x57, 0x85, 0xc7, 0x7c, 0x7d, 0xe7, 0xf6, 0xb7, 0xac, 0x27, 0x46, 0xde, 0xdf, 0x3b, 0xd7, + 0x9e, 0x2b, 0x0b, 0xd5, 0x13, 0x75, 0xf0, 0x72, 0xb6, 0x9d, 0x1b, 0x01, 0x3f, 0x44, 0xe5, 0x87, + 0xfd, 0x07, 0xf1, 0xab, 0x94, 0x18, 0xea, 0xfc, 0x3a, 0x82, 0x5f, 0x05, 0x54, 0xdb, 0x00, 0x8b, + 0xe3, 0x48, 0x0c, 0xca, 0x78, 0x89, 0x0a, 0xff, 0x3e, 0x5b, 0x81, 0xee, 0x71, 0xe2, 0xda, 0x2c, + 0xb8, 0xb5, 0xcc, 0x6e, 0xa8, 0x6b, 0xad, 0x60, 0xc6, 0x08, 0x04, 0x02, 0xe8, 0xf5, 0x4f, 0xa4, + 0xf3, 0xc0, 0xce, 0x43, 0x25, 0x1c, 0x21, 0x33, 0x0f, 0xaf, 0x47, 0xed, 0x66, 0x63, 0x93, 0xaa + }; + + private static readonly byte[] T2 = new byte[]{ + 0x45, 0xd4, 0x0b, 0x43, 0xf1, 0x72, 0xed, 0xa4, 0xc2, 0x38, 0xe6, 0x71, 0xfd, 0xb6, 0x3a, 0x95, + 0x50, 0x44, 0x4b, 0xe2, 0x74, 0x6b, 0x1e, 0x11, 0x5a, 0xc6, 0xb4, 0xd8, 0xa5, 0x8a, 0x70, 0xa3, + 0xa8, 0xfa, 0x05, 0xd9, 0x97, 0x40, 0xc9, 0x90, 0x98, 0x8f, 0xdc, 0x12, 0x31, 0x2c, 0x47, 0x6a, + 0x99, 0xae, 0xc8, 0x7f, 0xf9, 0x4f, 0x5d, 0x96, 0x6f, 0xf4, 0xb3, 0x39, 0x21, 0xda, 0x9c, 0x85, + 0x9e, 0x3b, 0xf0, 0xbf, 0xef, 0x06, 0xee, 0xe5, 0x5f, 0x20, 0x10, 0xcc, 0x3c, 0x54, 0x4a, 0x52, + 0x94, 0x0e, 0xc0, 0x28, 0xf6, 0x56, 0x60, 0xa2, 0xe3, 0x0f, 0xec, 0x9d, 0x24, 0x83, 0x7e, 0xd5, + 0x7c, 0xeb, 0x18, 0xd7, 0xcd, 0xdd, 0x78, 0xff, 0xdb, 0xa1, 0x09, 0xd0, 0x76, 0x84, 0x75, 0xbb, + 0x1d, 0x1a, 0x2f, 0xb0, 0xfe, 0xd6, 0x34, 0x63, 0x35, 0xd2, 0x2a, 0x59, 0x6d, 0x4d, 0x77, 0xe7, + 0x8e, 0x61, 0xcf, 0x9f, 0xce, 0x27, 0xf5, 0x80, 0x86, 0xc7, 0xa6, 0xfb, 0xf8, 0x87, 0xab, 0x62, + 0x3f, 0xdf, 0x48, 0x00, 0x14, 0x9a, 0xbd, 0x5b, 0x04, 0x92, 0x02, 0x25, 0x65, 0x4c, 0x53, 0x0c, + 0xf2, 0x29, 0xaf, 0x17, 0x6c, 0x41, 0x30, 0xe9, 0x93, 0x55, 0xf7, 0xac, 0x68, 0x26, 0xc4, 0x7d, + 0xca, 0x7a, 0x3e, 0xa0, 0x37, 0x03, 0xc1, 0x36, 0x69, 0x66, 0x08, 0x16, 0xa7, 0xbc, 0xc5, 0xd3, + 0x22, 0xb7, 0x13, 0x46, 0x32, 0xe8, 0x57, 0x88, 0x2b, 0x81, 0xb2, 0x4e, 0x64, 0x1c, 0xaa, 0x91, + 0x58, 0x2e, 0x9b, 0x5c, 0x1b, 0x51, 0x73, 0x42, 0x23, 0x01, 0x6e, 0xf3, 0x0d, 0xbe, 0x3d, 0x0a, + 0x2d, 0x1f, 0x67, 0x33, 0x19, 0x7b, 0x5e, 0xea, 0xde, 0x8b, 0xcb, 0xa9, 0x8c, 0x8d, 0xad, 0x49, + 0x82, 0xe4, 0xba, 0xc3, 0x15, 0xd1, 0xe0, 0x89, 0xfc, 0xb1, 0xb9, 0xb5, 0x07, 0x79, 0xb8, 0xe1 + }; + + private static readonly byte[] T3 = new byte[]{ + 0xb2, 0xb6, 0x23, 0x11, 0xa7, 0x88, 0xc5, 0xa6, 0x39, 0x8f, 0xc4, 0xe8, 0x73, 0x22, 0x43, 0xc3, + 0x82, 0x27, 0xcd, 0x18, 0x51, 0x62, 0x2d, 0xf7, 0x5c, 0x0e, 0x3b, 0xfd, 0xca, 0x9b, 0x0d, 0x0f, + 0x79, 0x8c, 0x10, 0x4c, 0x74, 0x1c, 0x0a, 0x8e, 0x7c, 0x94, 0x07, 0xc7, 0x5e, 0x14, 0xa1, 0x21, + 0x57, 0x50, 0x4e, 0xa9, 0x80, 0xd9, 0xef, 0x64, 0x41, 0xcf, 0x3c, 0xee, 0x2e, 0x13, 0x29, 0xba, + 0x34, 0x5a, 0xae, 0x8a, 0x61, 0x33, 0x12, 0xb9, 0x55, 0xa8, 0x15, 0x05, 0xf6, 0x03, 0x06, 0x49, + 0xb5, 0x25, 0x09, 0x16, 0x0c, 0x2a, 0x38, 0xfc, 0x20, 0xf4, 0xe5, 0x7f, 0xd7, 0x31, 0x2b, 0x66, + 0x6f, 0xff, 0x72, 0x86, 0xf0, 0xa3, 0x2f, 0x78, 0x00, 0xbc, 0xcc, 0xe2, 0xb0, 0xf1, 0x42, 0xb4, + 0x30, 0x5f, 0x60, 0x04, 0xec, 0xa5, 0xe3, 0x8b, 0xe7, 0x1d, 0xbf, 0x84, 0x7b, 0xe6, 0x81, 0xf8, + 0xde, 0xd8, 0xd2, 0x17, 0xce, 0x4b, 0x47, 0xd6, 0x69, 0x6c, 0x19, 0x99, 0x9a, 0x01, 0xb3, 0x85, + 0xb1, 0xf9, 0x59, 0xc2, 0x37, 0xe9, 0xc8, 0xa0, 0xed, 0x4f, 0x89, 0x68, 0x6d, 0xd5, 0x26, 0x91, + 0x87, 0x58, 0xbd, 0xc9, 0x98, 0xdc, 0x75, 0xc0, 0x76, 0xf5, 0x67, 0x6b, 0x7e, 0xeb, 0x52, 0xcb, + 0xd1, 0x5b, 0x9f, 0x0b, 0xdb, 0x40, 0x92, 0x1a, 0xfa, 0xac, 0xe4, 0xe1, 0x71, 0x1f, 0x65, 0x8d, + 0x97, 0x9e, 0x95, 0x90, 0x5d, 0xb7, 0xc1, 0xaf, 0x54, 0xfb, 0x02, 0xe0, 0x35, 0xbb, 0x3a, 0x4d, + 0xad, 0x2c, 0x3d, 0x56, 0x08, 0x1b, 0x4a, 0x93, 0x6a, 0xab, 0xb8, 0x7a, 0xf2, 0x7d, 0xda, 0x3f, + 0xfe, 0x3e, 0xbe, 0xea, 0xaa, 0x44, 0xc6, 0xd0, 0x36, 0x48, 0x70, 0x96, 0x77, 0x24, 0x53, 0xdf, + 0xf3, 0x83, 0x28, 0x32, 0x45, 0x1e, 0xa4, 0xd3, 0xa2, 0x46, 0x6e, 0x9c, 0xdd, 0x63, 0xd4, 0x9d + }; + + #endregion + + public virtual string AlgorithmName + { + get { return "DSTU7624"; } + } + + public virtual int GetBlockSize() + { + return wordsInBlock << 3; + } + + public virtual bool IsPartialBlockOkay + { + get { return false; } + } + + public virtual void Reset() + { + Array.Clear(internalState, 0, internalState.Length); + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/engines/Dstu7624WrapEngine.cs b/BouncyCastle/crypto/src/crypto/engines/Dstu7624WrapEngine.cs new file mode 100644 index 0000000..9cb9824 --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/engines/Dstu7624WrapEngine.cs @@ -0,0 +1,216 @@ +using System; +using System.Collections; + +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Crypto.Utilities; +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Crypto.Engines +{ + public class Dstu7624WrapEngine + : IWrapper + { + private KeyParameter param; + private Dstu7624Engine engine; + private bool forWrapping; + private int blockSize; + + public Dstu7624WrapEngine(int blockSizeBits) + { + engine = new Dstu7624Engine(blockSizeBits); + param = null; + + blockSize = blockSizeBits / 8; + } + + public string AlgorithmName + { + get { return "Dstu7624WrapEngine"; } + } + + public void Init(bool forWrapping, ICipherParameters parameters) + { + this.forWrapping = forWrapping; + + if (parameters is KeyParameter) + { + this.param = (KeyParameter)parameters; + + engine.Init(forWrapping, param); + } + else + { + throw new ArgumentException("Bad parameters passed to Dstu7624WrapEngine"); + } + } + + public byte[] Wrap(byte[] input, int inOff, int length) + { + if (!forWrapping) + throw new InvalidOperationException("Not set for wrapping"); + + if (length % blockSize != 0) + throw new ArgumentException("Padding not supported"); + + int n = 2 * (1 + length / blockSize); + int V = (n - 1) * 6; + + byte[] buffer = new byte[length + blockSize]; + Array.Copy(input, inOff, buffer, 0, length); + //Console.WriteLine(Org.BouncyCastle.Utilities.Encoders.Hex.ToHexString(buffer)); + + byte[] B = new byte[blockSize / 2]; + Array.Copy(buffer, 0, B, 0, blockSize / 2); + //Console.WriteLine("B0: "+ Org.BouncyCastle.Utilities.Encoders.Hex.ToHexString(B)); + + IList bTemp = Platform.CreateArrayList(); + int bHalfBlocksLen = buffer.Length - blockSize / 2; + int bufOff = blockSize / 2; + while (bHalfBlocksLen != 0) + { + byte[] temp = new byte[blockSize / 2]; + Array.Copy(buffer, bufOff, temp, 0, blockSize / 2); + //Console.WriteLine(Org.BouncyCastle.Utilities.Encoders.Hex.ToHexString(buffer)); + //Console.WriteLine(buffer.Length); + //Console.WriteLine("b: " + Org.BouncyCastle.Utilities.Encoders.Hex.ToHexString(temp)); + + bTemp.Add(temp); + + bHalfBlocksLen -= blockSize / 2; + bufOff += blockSize / 2; + } + + for (int j = 0; j < V; j++) + { + Array.Copy(B, 0, buffer, 0, blockSize / 2); + Array.Copy((byte[])bTemp[0], 0, buffer, blockSize / 2, blockSize / 2); + + engine.ProcessBlock(buffer, 0, buffer, 0); + + byte[] intArray = Pack.UInt32_To_LE((uint)(j + 1)); + for (int byteNum = 0; byteNum < intArray.Length; byteNum++) + { + buffer[byteNum + blockSize / 2] ^= intArray[byteNum]; + } + + Array.Copy(buffer, blockSize / 2, B, 0, blockSize / 2); + + for (int i = 2; i < n; i++) + { + Array.Copy((byte[])bTemp[i - 1], 0, (byte[])bTemp[i - 2], 0, blockSize / 2); + } + + Array.Copy(buffer, 0, (byte[])bTemp[n - 2], 0, blockSize / 2); + + //Console.WriteLine("B" + j.ToString() + ": " + Org.BouncyCastle.Utilities.Encoders.Hex.ToHexString(B)); + //Console.WriteLine("b: " + Org.BouncyCastle.Utilities.Encoders.Hex.ToHexString(bTemp[0])); + //Console.WriteLine("b: " + Org.BouncyCastle.Utilities.Encoders.Hex.ToHexString(bTemp[1])); + //Console.WriteLine("b: " + Org.BouncyCastle.Utilities.Encoders.Hex.ToHexString(bTemp[2])); + + //Console.WriteLine(Org.BouncyCastle.Utilities.Encoders.Hex.ToHexString(buffer)); + } + + Array.Copy(B, 0, buffer, 0, blockSize / 2); + bufOff = blockSize / 2; + + for (int i = 0; i < n - 1; i++) + { + Array.Copy((byte[])bTemp[i], 0, buffer, bufOff, blockSize / 2); + bufOff += blockSize / 2; + } + + return buffer; + } + + public byte[] Unwrap(byte[] input, int inOff, int length) + { + if (forWrapping) + throw new InvalidOperationException("not set for unwrapping"); + + if (length % blockSize != 0) + throw new ArgumentException("Padding not supported"); + + int n = 2 * length / blockSize; + int V = (n - 1) * 6; + + byte[] buffer = new byte[length]; + Array.Copy(input, inOff, buffer, 0, length); + + byte[] B = new byte[blockSize / 2]; + Array.Copy(buffer, 0, B, 0, blockSize / 2); + //Console.WriteLine("B18: " + Org.BouncyCastle.Utilities.Encoders.Hex.ToHexString(B)); + + IList bTemp = Platform.CreateArrayList(); + + int bHalfBlocksLen = buffer.Length - blockSize / 2; + int bufOff = blockSize / 2; + while (bHalfBlocksLen != 0) + { + byte[] temp = new byte[blockSize / 2]; + Array.Copy(buffer, bufOff, temp, 0, blockSize / 2); + //Console.WriteLine(Org.BouncyCastle.Utilities.Encoders.Hex.ToHexString(buffer)); + //Console.WriteLine(buffer.Length); + //Console.WriteLine("b: " + Org.BouncyCastle.Utilities.Encoders.Hex.ToHexString(temp)); + + bTemp.Add(temp); + + bHalfBlocksLen -= blockSize / 2; + bufOff += blockSize / 2; + } + + for (int j = 0; j < V; j++) + { + Array.Copy((byte[])bTemp[n - 2], 0, buffer, 0, blockSize / 2); + Array.Copy(B, 0, buffer, blockSize / 2, blockSize / 2); + + byte[] intArray = Pack.UInt32_To_LE((uint)(V - j)); + for (int byteNum = 0; byteNum < intArray.Length; byteNum++) + { + buffer[byteNum + blockSize / 2] ^= intArray[byteNum]; + } + + //Console.WriteLine(Org.BouncyCastle.Utilities.Encoders.Hex.ToHexString(buffer)); + + engine.ProcessBlock(buffer, 0, buffer, 0); + + //Console.WriteLine(Org.BouncyCastle.Utilities.Encoders.Hex.ToHexString(buffer)); + + Array.Copy(buffer, 0, B, 0, blockSize / 2); + + for (int i = 2; i < n; i++) + { + Array.Copy((byte[])bTemp[n - i - 1], 0, (byte[])bTemp[n - i], 0, blockSize / 2); + } + + Array.Copy(buffer, blockSize / 2, (byte[])bTemp[0], 0, blockSize / 2); + + //Console.WriteLine("B" + (V - j - 1).ToString() + ": " + Org.BouncyCastle.Utilities.Encoders.Hex.ToHexString(B)); + //Console.WriteLine("b: " + Org.BouncyCastle.Utilities.Encoders.Hex.ToHexString(bTemp[0])); + //Console.WriteLine("b: " + Org.BouncyCastle.Utilities.Encoders.Hex.ToHexString(bTemp[1])); + //Console.WriteLine("b: " + Org.BouncyCastle.Utilities.Encoders.Hex.ToHexString(bTemp[2])); + + //Console.WriteLine(Org.BouncyCastle.Utilities.Encoders.Hex.ToHexString(buffer)); + } + + Array.Copy(B, 0, buffer, 0, blockSize / 2); + bufOff = blockSize / 2; + + for (int i = 0; i < n - 1; i++) + { + Array.Copy((byte[])bTemp[i], 0, buffer, bufOff, blockSize / 2); + bufOff += blockSize / 2; + } + + byte diff = 0; + for (int i = buffer.Length - blockSize; i < buffer.Length; ++i) + { + diff |= buffer[i]; + } + + if (diff != 0) + throw new InvalidCipherTextException("checksum failed"); + + return Arrays.CopyOfRange(buffer, 0, buffer.Length - blockSize); + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/engines/ElGamalEngine.cs b/BouncyCastle/crypto/src/crypto/engines/ElGamalEngine.cs new file mode 100644 index 0000000..197d7bc --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/engines/ElGamalEngine.cs @@ -0,0 +1,178 @@ +using System; + +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Math; +using Org.BouncyCastle.Security; + +namespace Org.BouncyCastle.Crypto.Engines +{ + /** + * this does your basic ElGamal algorithm. + */ + public class ElGamalEngine + : IAsymmetricBlockCipher + { + private ElGamalKeyParameters key; + private SecureRandom random; + private bool forEncryption; + private int bitSize; + + public virtual string AlgorithmName + { + get { return "ElGamal"; } + } + + /** + * initialise the ElGamal engine. + * + * @param forEncryption true if we are encrypting, false otherwise. + * @param param the necessary ElGamal key parameters. + */ + public virtual void Init( + bool forEncryption, + ICipherParameters parameters) + { + if (parameters is ParametersWithRandom) + { + ParametersWithRandom p = (ParametersWithRandom) parameters; + + this.key = (ElGamalKeyParameters) p.Parameters; + this.random = p.Random; + } + else + { + this.key = (ElGamalKeyParameters) parameters; + this.random = new SecureRandom(); + } + + this.forEncryption = forEncryption; + this.bitSize = key.Parameters.P.BitLength; + + if (forEncryption) + { + if (!(key is ElGamalPublicKeyParameters)) + { + throw new ArgumentException("ElGamalPublicKeyParameters are required for encryption."); + } + } + else + { + if (!(key is ElGamalPrivateKeyParameters)) + { + throw new ArgumentException("ElGamalPrivateKeyParameters are required for decryption."); + } + } + } + + /** + * Return the maximum size for an input block to this engine. + * For ElGamal this is always one byte less than the size of P on + * encryption, and twice the length as the size of P on decryption. + * + * @return maximum size for an input block. + */ + public virtual int GetInputBlockSize() + { + if (forEncryption) + { + return (bitSize - 1) / 8; + } + + return 2 * ((bitSize + 7) / 8); + } + + /** + * Return the maximum size for an output block to this engine. + * For ElGamal this is always one byte less than the size of P on + * decryption, and twice the length as the size of P on encryption. + * + * @return maximum size for an output block. + */ + public virtual int GetOutputBlockSize() + { + if (forEncryption) + { + return 2 * ((bitSize + 7) / 8); + } + + return (bitSize - 1) / 8; + } + + /** + * Process a single block using the basic ElGamal algorithm. + * + * @param in the input array. + * @param inOff the offset into the input buffer where the data starts. + * @param length the length of the data to be processed. + * @return the result of the ElGamal process. + * @exception DataLengthException the input block is too large. + */ + public virtual byte[] ProcessBlock( + byte[] input, + int inOff, + int length) + { + if (key == null) + throw new InvalidOperationException("ElGamal engine not initialised"); + + int maxLength = forEncryption + ? (bitSize - 1 + 7) / 8 + : GetInputBlockSize(); + + if (length > maxLength) + throw new DataLengthException("input too large for ElGamal cipher.\n"); + + BigInteger p = key.Parameters.P; + + byte[] output; + if (key is ElGamalPrivateKeyParameters) // decryption + { + int halfLength = length / 2; + BigInteger gamma = new BigInteger(1, input, inOff, halfLength); + BigInteger phi = new BigInteger(1, input, inOff + halfLength, halfLength); + + ElGamalPrivateKeyParameters priv = (ElGamalPrivateKeyParameters) key; + + // a shortcut, which generally relies on p being prime amongst other things. + // if a problem with this shows up, check the p and g values! + BigInteger m = gamma.ModPow(p.Subtract(BigInteger.One).Subtract(priv.X), p).Multiply(phi).Mod(p); + + output = m.ToByteArrayUnsigned(); + } + else // encryption + { + BigInteger tmp = new BigInteger(1, input, inOff, length); + + if (tmp.BitLength >= p.BitLength) + throw new DataLengthException("input too large for ElGamal cipher.\n"); + + + ElGamalPublicKeyParameters pub = (ElGamalPublicKeyParameters) key; + + BigInteger pSub2 = p.Subtract(BigInteger.Two); + + // TODO In theory, a series of 'k', 'g.ModPow(k, p)' and 'y.ModPow(k, p)' can be pre-calculated + BigInteger k; + do + { + k = new BigInteger(p.BitLength, random); + } + while (k.SignValue == 0 || k.CompareTo(pSub2) > 0); + + BigInteger g = key.Parameters.G; + BigInteger gamma = g.ModPow(k, p); + BigInteger phi = tmp.Multiply(pub.Y.ModPow(k, p)).Mod(p); + + output = new byte[this.GetOutputBlockSize()]; + + // TODO Add methods to allow writing BigInteger to existing byte array? + byte[] out1 = gamma.ToByteArrayUnsigned(); + byte[] out2 = phi.ToByteArrayUnsigned(); + out1.CopyTo(output, output.Length / 2 - out1.Length); + out2.CopyTo(output, output.Length - out2.Length); + } + + return output; + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/engines/GOST28147Engine.cs b/BouncyCastle/crypto/src/crypto/engines/GOST28147Engine.cs new file mode 100644 index 0000000..acf0be2 --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/engines/GOST28147Engine.cs @@ -0,0 +1,382 @@ +using System; +using System.Collections; + +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Crypto.Engines +{ + /** + * implementation of GOST 28147-89 + */ + public class Gost28147Engine + : IBlockCipher + { + private const int BlockSize = 8; + private int[] workingKey = null; + private bool forEncryption; + + private byte[] S = Sbox_Default; + + // these are the S-boxes given in Applied Cryptography 2nd Ed., p. 333 + // This is default S-box! + private static readonly byte[] Sbox_Default = { + 0x4,0xA,0x9,0x2,0xD,0x8,0x0,0xE,0x6,0xB,0x1,0xC,0x7,0xF,0x5,0x3, + 0xE,0xB,0x4,0xC,0x6,0xD,0xF,0xA,0x2,0x3,0x8,0x1,0x0,0x7,0x5,0x9, + 0x5,0x8,0x1,0xD,0xA,0x3,0x4,0x2,0xE,0xF,0xC,0x7,0x6,0x0,0x9,0xB, + 0x7,0xD,0xA,0x1,0x0,0x8,0x9,0xF,0xE,0x4,0x6,0xC,0xB,0x2,0x5,0x3, + 0x6,0xC,0x7,0x1,0x5,0xF,0xD,0x8,0x4,0xA,0x9,0xE,0x0,0x3,0xB,0x2, + 0x4,0xB,0xA,0x0,0x7,0x2,0x1,0xD,0x3,0x6,0x8,0x5,0x9,0xC,0xF,0xE, + 0xD,0xB,0x4,0x1,0x3,0xF,0x5,0x9,0x0,0xA,0xE,0x7,0x6,0x8,0x2,0xC, + 0x1,0xF,0xD,0x0,0x5,0x7,0xA,0x4,0x9,0x2,0x3,0xE,0x6,0xB,0x8,0xC + }; + + /* + * class content S-box parameters for encrypting + * getting from, see: http://tools.ietf.org/id/draft-popov-cryptopro-cpalgs-01.txt + * http://tools.ietf.org/id/draft-popov-cryptopro-cpalgs-02.txt + */ + private static readonly byte[] ESbox_Test = { + 0x4,0x2,0xF,0x5,0x9,0x1,0x0,0x8,0xE,0x3,0xB,0xC,0xD,0x7,0xA,0x6, + 0xC,0x9,0xF,0xE,0x8,0x1,0x3,0xA,0x2,0x7,0x4,0xD,0x6,0x0,0xB,0x5, + 0xD,0x8,0xE,0xC,0x7,0x3,0x9,0xA,0x1,0x5,0x2,0x4,0x6,0xF,0x0,0xB, + 0xE,0x9,0xB,0x2,0x5,0xF,0x7,0x1,0x0,0xD,0xC,0x6,0xA,0x4,0x3,0x8, + 0x3,0xE,0x5,0x9,0x6,0x8,0x0,0xD,0xA,0xB,0x7,0xC,0x2,0x1,0xF,0x4, + 0x8,0xF,0x6,0xB,0x1,0x9,0xC,0x5,0xD,0x3,0x7,0xA,0x0,0xE,0x2,0x4, + 0x9,0xB,0xC,0x0,0x3,0x6,0x7,0x5,0x4,0x8,0xE,0xF,0x1,0xA,0x2,0xD, + 0xC,0x6,0x5,0x2,0xB,0x0,0x9,0xD,0x3,0xE,0x7,0xA,0xF,0x4,0x1,0x8 + }; + + private static readonly byte[] ESbox_A = { + 0x9,0x6,0x3,0x2,0x8,0xB,0x1,0x7,0xA,0x4,0xE,0xF,0xC,0x0,0xD,0x5, + 0x3,0x7,0xE,0x9,0x8,0xA,0xF,0x0,0x5,0x2,0x6,0xC,0xB,0x4,0xD,0x1, + 0xE,0x4,0x6,0x2,0xB,0x3,0xD,0x8,0xC,0xF,0x5,0xA,0x0,0x7,0x1,0x9, + 0xE,0x7,0xA,0xC,0xD,0x1,0x3,0x9,0x0,0x2,0xB,0x4,0xF,0x8,0x5,0x6, + 0xB,0x5,0x1,0x9,0x8,0xD,0xF,0x0,0xE,0x4,0x2,0x3,0xC,0x7,0xA,0x6, + 0x3,0xA,0xD,0xC,0x1,0x2,0x0,0xB,0x7,0x5,0x9,0x4,0x8,0xF,0xE,0x6, + 0x1,0xD,0x2,0x9,0x7,0xA,0x6,0x0,0x8,0xC,0x4,0x5,0xF,0x3,0xB,0xE, + 0xB,0xA,0xF,0x5,0x0,0xC,0xE,0x8,0x6,0x2,0x3,0x9,0x1,0x7,0xD,0x4 + }; + + private static readonly byte[] ESbox_B = { + 0x8,0x4,0xB,0x1,0x3,0x5,0x0,0x9,0x2,0xE,0xA,0xC,0xD,0x6,0x7,0xF, + 0x0,0x1,0x2,0xA,0x4,0xD,0x5,0xC,0x9,0x7,0x3,0xF,0xB,0x8,0x6,0xE, + 0xE,0xC,0x0,0xA,0x9,0x2,0xD,0xB,0x7,0x5,0x8,0xF,0x3,0x6,0x1,0x4, + 0x7,0x5,0x0,0xD,0xB,0x6,0x1,0x2,0x3,0xA,0xC,0xF,0x4,0xE,0x9,0x8, + 0x2,0x7,0xC,0xF,0x9,0x5,0xA,0xB,0x1,0x4,0x0,0xD,0x6,0x8,0xE,0x3, + 0x8,0x3,0x2,0x6,0x4,0xD,0xE,0xB,0xC,0x1,0x7,0xF,0xA,0x0,0x9,0x5, + 0x5,0x2,0xA,0xB,0x9,0x1,0xC,0x3,0x7,0x4,0xD,0x0,0x6,0xF,0x8,0xE, + 0x0,0x4,0xB,0xE,0x8,0x3,0x7,0x1,0xA,0x2,0x9,0x6,0xF,0xD,0x5,0xC + }; + + private static readonly byte[] ESbox_C = { + 0x1,0xB,0xC,0x2,0x9,0xD,0x0,0xF,0x4,0x5,0x8,0xE,0xA,0x7,0x6,0x3, + 0x0,0x1,0x7,0xD,0xB,0x4,0x5,0x2,0x8,0xE,0xF,0xC,0x9,0xA,0x6,0x3, + 0x8,0x2,0x5,0x0,0x4,0x9,0xF,0xA,0x3,0x7,0xC,0xD,0x6,0xE,0x1,0xB, + 0x3,0x6,0x0,0x1,0x5,0xD,0xA,0x8,0xB,0x2,0x9,0x7,0xE,0xF,0xC,0x4, + 0x8,0xD,0xB,0x0,0x4,0x5,0x1,0x2,0x9,0x3,0xC,0xE,0x6,0xF,0xA,0x7, + 0xC,0x9,0xB,0x1,0x8,0xE,0x2,0x4,0x7,0x3,0x6,0x5,0xA,0x0,0xF,0xD, + 0xA,0x9,0x6,0x8,0xD,0xE,0x2,0x0,0xF,0x3,0x5,0xB,0x4,0x1,0xC,0x7, + 0x7,0x4,0x0,0x5,0xA,0x2,0xF,0xE,0xC,0x6,0x1,0xB,0xD,0x9,0x3,0x8 + }; + + private static readonly byte[] ESbox_D = { + 0xF,0xC,0x2,0xA,0x6,0x4,0x5,0x0,0x7,0x9,0xE,0xD,0x1,0xB,0x8,0x3, + 0xB,0x6,0x3,0x4,0xC,0xF,0xE,0x2,0x7,0xD,0x8,0x0,0x5,0xA,0x9,0x1, + 0x1,0xC,0xB,0x0,0xF,0xE,0x6,0x5,0xA,0xD,0x4,0x8,0x9,0x3,0x7,0x2, + 0x1,0x5,0xE,0xC,0xA,0x7,0x0,0xD,0x6,0x2,0xB,0x4,0x9,0x3,0xF,0x8, + 0x0,0xC,0x8,0x9,0xD,0x2,0xA,0xB,0x7,0x3,0x6,0x5,0x4,0xE,0xF,0x1, + 0x8,0x0,0xF,0x3,0x2,0x5,0xE,0xB,0x1,0xA,0x4,0x7,0xC,0x9,0xD,0x6, + 0x3,0x0,0x6,0xF,0x1,0xE,0x9,0x2,0xD,0x8,0xC,0x4,0xB,0xA,0x5,0x7, + 0x1,0xA,0x6,0x8,0xF,0xB,0x0,0x4,0xC,0x3,0x5,0x9,0x7,0xD,0x2,0xE + }; + + //S-box for digest + private static readonly byte[] DSbox_Test = { + 0x4,0xA,0x9,0x2,0xD,0x8,0x0,0xE,0x6,0xB,0x1,0xC,0x7,0xF,0x5,0x3, + 0xE,0xB,0x4,0xC,0x6,0xD,0xF,0xA,0x2,0x3,0x8,0x1,0x0,0x7,0x5,0x9, + 0x5,0x8,0x1,0xD,0xA,0x3,0x4,0x2,0xE,0xF,0xC,0x7,0x6,0x0,0x9,0xB, + 0x7,0xD,0xA,0x1,0x0,0x8,0x9,0xF,0xE,0x4,0x6,0xC,0xB,0x2,0x5,0x3, + 0x6,0xC,0x7,0x1,0x5,0xF,0xD,0x8,0x4,0xA,0x9,0xE,0x0,0x3,0xB,0x2, + 0x4,0xB,0xA,0x0,0x7,0x2,0x1,0xD,0x3,0x6,0x8,0x5,0x9,0xC,0xF,0xE, + 0xD,0xB,0x4,0x1,0x3,0xF,0x5,0x9,0x0,0xA,0xE,0x7,0x6,0x8,0x2,0xC, + 0x1,0xF,0xD,0x0,0x5,0x7,0xA,0x4,0x9,0x2,0x3,0xE,0x6,0xB,0x8,0xC + }; + + private static readonly byte[] DSbox_A = { + 0xA,0x4,0x5,0x6,0x8,0x1,0x3,0x7,0xD,0xC,0xE,0x0,0x9,0x2,0xB,0xF, + 0x5,0xF,0x4,0x0,0x2,0xD,0xB,0x9,0x1,0x7,0x6,0x3,0xC,0xE,0xA,0x8, + 0x7,0xF,0xC,0xE,0x9,0x4,0x1,0x0,0x3,0xB,0x5,0x2,0x6,0xA,0x8,0xD, + 0x4,0xA,0x7,0xC,0x0,0xF,0x2,0x8,0xE,0x1,0x6,0x5,0xD,0xB,0x9,0x3, + 0x7,0x6,0x4,0xB,0x9,0xC,0x2,0xA,0x1,0x8,0x0,0xE,0xF,0xD,0x3,0x5, + 0x7,0x6,0x2,0x4,0xD,0x9,0xF,0x0,0xA,0x1,0x5,0xB,0x8,0xE,0xC,0x3, + 0xD,0xE,0x4,0x1,0x7,0x0,0x5,0xA,0x3,0xC,0x8,0xF,0x6,0x2,0x9,0xB, + 0x1,0x3,0xA,0x9,0x5,0xB,0x4,0xF,0x8,0x6,0x7,0xE,0xD,0x0,0x2,0xC + }; + + // + // pre-defined sbox table + // + private static readonly IDictionary sBoxes = Platform.CreateHashtable(); + + static Gost28147Engine() + { + AddSBox("Default", Sbox_Default); + AddSBox("E-TEST", ESbox_Test); + AddSBox("E-A", ESbox_A); + AddSBox("E-B", ESbox_B); + AddSBox("E-C", ESbox_C); + AddSBox("E-D", ESbox_D); + AddSBox("D-TEST", DSbox_Test); + AddSBox("D-A", DSbox_A); + } + + private static void AddSBox(string sBoxName, byte[] sBox) + { + sBoxes.Add(Platform.ToUpperInvariant(sBoxName), sBox); + } + + /** + * standard constructor. + */ + public Gost28147Engine() + { + } + + /** + * initialise an Gost28147 cipher. + * + * @param forEncryption whether or not we are for encryption. + * @param parameters the parameters required to set up the cipher. + * @exception ArgumentException if the parameters argument is inappropriate. + */ + public virtual void Init( + bool forEncryption, + ICipherParameters parameters) + { + if (parameters is ParametersWithSBox) + { + ParametersWithSBox param = (ParametersWithSBox)parameters; + + // + // Set the S-Box + // + byte[] sBox = param.GetSBox(); + if (sBox.Length != Sbox_Default.Length) + throw new ArgumentException("invalid S-box passed to GOST28147 init"); + + this.S = Arrays.Clone(sBox); + + // + // set key if there is one + // + if (param.Parameters != null) + { + workingKey = generateWorkingKey(forEncryption, + ((KeyParameter)param.Parameters).GetKey()); + } + } + else if (parameters is KeyParameter) + { + workingKey = generateWorkingKey(forEncryption, + ((KeyParameter)parameters).GetKey()); + } + else if (parameters != null) + { + throw new ArgumentException("invalid parameter passed to Gost28147 init - " + + Platform.GetTypeName(parameters)); + } + } + + public virtual string AlgorithmName + { + get { return "Gost28147"; } + } + + public virtual bool IsPartialBlockOkay + { + get { return false; } + } + + public virtual int GetBlockSize() + { + return BlockSize; + } + + public virtual int ProcessBlock( + byte[] input, + int inOff, + byte[] output, + int outOff) + { + if (workingKey == null) + throw new InvalidOperationException("Gost28147 engine not initialised"); + + Check.DataLength(input, inOff, BlockSize, "input buffer too short"); + Check.OutputLength(output, outOff, BlockSize, "output buffer too short"); + + Gost28147Func(workingKey, input, inOff, output, outOff); + + return BlockSize; + } + + public virtual void Reset() + { + } + + private int[] generateWorkingKey( + bool forEncryption, + byte[] userKey) + { + this.forEncryption = forEncryption; + + if (userKey.Length != 32) + { + throw new ArgumentException("Key length invalid. Key needs to be 32 byte - 256 bit!!!"); + } + + int[] key = new int[8]; + for(int i=0; i!=8; i++) + { + key[i] = bytesToint(userKey,i*4); + } + + return key; + } + + private int Gost28147_mainStep(int n1, int key) + { + int cm = (key + n1); // CM1 + + // S-box replacing + + int om = S[ 0 + ((cm >> (0 * 4)) & 0xF)] << (0 * 4); + om += S[ 16 + ((cm >> (1 * 4)) & 0xF)] << (1 * 4); + om += S[ 32 + ((cm >> (2 * 4)) & 0xF)] << (2 * 4); + om += S[ 48 + ((cm >> (3 * 4)) & 0xF)] << (3 * 4); + om += S[ 64 + ((cm >> (4 * 4)) & 0xF)] << (4 * 4); + om += S[ 80 + ((cm >> (5 * 4)) & 0xF)] << (5 * 4); + om += S[ 96 + ((cm >> (6 * 4)) & 0xF)] << (6 * 4); + om += S[112 + ((cm >> (7 * 4)) & 0xF)] << (7 * 4); + +// return om << 11 | om >>> (32-11); // 11-leftshift + int omLeft = om << 11; + int omRight = (int)(((uint) om) >> (32 - 11)); // Note: Casts required to get unsigned bit rotation + + return omLeft | omRight; + } + + private void Gost28147Func( + int[] workingKey, + byte[] inBytes, + int inOff, + byte[] outBytes, + int outOff) + { + int N1, N2, tmp; //tmp -> for saving N1 + N1 = bytesToint(inBytes, inOff); + N2 = bytesToint(inBytes, inOff + 4); + + if (this.forEncryption) + { + for(int k = 0; k < 3; k++) // 1-24 steps + { + for(int j = 0; j < 8; j++) + { + tmp = N1; + int step = Gost28147_mainStep(N1, workingKey[j]); + N1 = N2 ^ step; // CM2 + N2 = tmp; + } + } + for(int j = 7; j > 0; j--) // 25-31 steps + { + tmp = N1; + N1 = N2 ^ Gost28147_mainStep(N1, workingKey[j]); // CM2 + N2 = tmp; + } + } + else //decrypt + { + for(int j = 0; j < 8; j++) // 1-8 steps + { + tmp = N1; + N1 = N2 ^ Gost28147_mainStep(N1, workingKey[j]); // CM2 + N2 = tmp; + } + for(int k = 0; k < 3; k++) //9-31 steps + { + for(int j = 7; j >= 0; j--) + { + if ((k == 2) && (j==0)) + { + break; // break 32 step + } + tmp = N1; + N1 = N2 ^ Gost28147_mainStep(N1, workingKey[j]); // CM2 + N2 = tmp; + } + } + } + + N2 = N2 ^ Gost28147_mainStep(N1, workingKey[0]); // 32 step (N1=N1) + + intTobytes(N1, outBytes, outOff); + intTobytes(N2, outBytes, outOff + 4); + } + + //array of bytes to type int + private static int bytesToint( + byte[] inBytes, + int inOff) + { + return (int)((inBytes[inOff + 3] << 24) & 0xff000000) + ((inBytes[inOff + 2] << 16) & 0xff0000) + + ((inBytes[inOff + 1] << 8) & 0xff00) + (inBytes[inOff] & 0xff); + } + + //int to array of bytes + private static void intTobytes( + int num, + byte[] outBytes, + int outOff) + { + outBytes[outOff + 3] = (byte)(num >> 24); + outBytes[outOff + 2] = (byte)(num >> 16); + outBytes[outOff + 1] = (byte)(num >> 8); + outBytes[outOff] = (byte)num; + } + + /** + * Return the S-Box associated with SBoxName + * @param sBoxName name of the S-Box + * @return byte array representing the S-Box + */ + public static byte[] GetSBox( + string sBoxName) + { + byte[] sBox = (byte[])sBoxes[Platform.ToUpperInvariant(sBoxName)]; + + if (sBox == null) + { + throw new ArgumentException("Unknown S-Box - possible types: " + + "\"Default\", \"E-Test\", \"E-A\", \"E-B\", \"E-C\", \"E-D\", \"D-Test\", \"D-A\"."); + } + + return Arrays.Clone(sBox); + } + + public static string GetSBoxName(byte[] sBox) + { + foreach (string name in sBoxes.Keys) + { + byte[] sb = (byte[])sBoxes[name]; + if (Arrays.AreEqual(sb, sBox)) + { + return name; + } + } + + throw new ArgumentException("SBOX provided did not map to a known one"); + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/engines/HC128Engine.cs b/BouncyCastle/crypto/src/crypto/engines/HC128Engine.cs new file mode 100644 index 0000000..b83eb70 --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/engines/HC128Engine.cs @@ -0,0 +1,235 @@ +using System; + +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Crypto.Utilities; +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Crypto.Engines +{ + /** + * HC-128 is a software-efficient stream cipher created by Hongjun Wu. It + * generates keystream from a 128-bit secret key and a 128-bit initialization + * vector. + *

+ * http://www.ecrypt.eu.org/stream/p3ciphers/hc/hc128_p3.pdf + *

+ * It is a third phase candidate in the eStream contest, and is patent-free. + * No attacks are known as of today (April 2007). See + * + * http://www.ecrypt.eu.org/stream/hcp3.html + *

+ */ + public class HC128Engine + : IStreamCipher + { + private uint[] p = new uint[512]; + private uint[] q = new uint[512]; + private uint cnt = 0; + + private static uint F1(uint x) + { + return RotateRight(x, 7) ^ RotateRight(x, 18) ^ (x >> 3); + } + + private static uint F2(uint x) + { + return RotateRight(x, 17) ^ RotateRight(x, 19) ^ (x >> 10); + } + + private uint G1(uint x, uint y, uint z) + { + return (RotateRight(x, 10) ^ RotateRight(z, 23)) + RotateRight(y, 8); + } + + private uint G2(uint x, uint y, uint z) + { + return (RotateLeft(x, 10) ^ RotateLeft(z, 23)) + RotateLeft(y, 8); + } + + private static uint RotateLeft(uint x, int bits) + { + return (x << bits) | (x >> -bits); + } + + private static uint RotateRight(uint x, int bits) + { + return (x >> bits) | (x << -bits); + } + + private uint H1(uint x) + { + return q[x & 0xFF] + q[((x >> 16) & 0xFF) + 256]; + } + + private uint H2(uint x) + { + return p[x & 0xFF] + p[((x >> 16) & 0xFF) + 256]; + } + + private static uint Mod1024(uint x) + { + return x & 0x3FF; + } + + private static uint Mod512(uint x) + { + return x & 0x1FF; + } + + private static uint Dim(uint x, uint y) + { + return Mod512(x - y); + } + + private uint Step() + { + uint j = Mod512(cnt); + uint ret; + if (cnt < 512) + { + p[j] += G1(p[Dim(j, 3)], p[Dim(j, 10)], p[Dim(j, 511)]); + ret = H1(p[Dim(j, 12)]) ^ p[j]; + } + else + { + q[j] += G2(q[Dim(j, 3)], q[Dim(j, 10)], q[Dim(j, 511)]); + ret = H2(q[Dim(j, 12)]) ^ q[j]; + } + cnt = Mod1024(cnt + 1); + return ret; + } + + private byte[] key, iv; + private bool initialised; + + private void Init() + { + if (key.Length != 16) + throw new ArgumentException("The key must be 128 bits long"); + + idx = 0; + cnt = 0; + + uint[] w = new uint[1280]; + + for (int i = 0; i < 16; i++) + { + w[i >> 2] |= ((uint)key[i] << (8 * (i & 0x3))); + } + Array.Copy(w, 0, w, 4, 4); + + for (int i = 0; i < iv.Length && i < 16; i++) + { + w[(i >> 2) + 8] |= ((uint)iv[i] << (8 * (i & 0x3))); + } + Array.Copy(w, 8, w, 12, 4); + + for (uint i = 16; i < 1280; i++) + { + w[i] = F2(w[i - 2]) + w[i - 7] + F1(w[i - 15]) + w[i - 16] + i; + } + + Array.Copy(w, 256, p, 0, 512); + Array.Copy(w, 768, q, 0, 512); + + for (int i = 0; i < 512; i++) + { + p[i] = Step(); + } + for (int i = 0; i < 512; i++) + { + q[i] = Step(); + } + + cnt = 0; + } + + public virtual string AlgorithmName + { + get { return "HC-128"; } + } + + /** + * Initialise a HC-128 cipher. + * + * @param forEncryption whether or not we are for encryption. Irrelevant, as + * encryption and decryption are the same. + * @param params the parameters required to set up the cipher. + * @throws ArgumentException if the params argument is + * inappropriate (ie. the key is not 128 bit long). + */ + public virtual void Init( + bool forEncryption, + ICipherParameters parameters) + { + ICipherParameters keyParam = parameters; + + if (parameters is ParametersWithIV) + { + iv = ((ParametersWithIV)parameters).GetIV(); + keyParam = ((ParametersWithIV)parameters).Parameters; + } + else + { + iv = new byte[0]; + } + + if (keyParam is KeyParameter) + { + key = ((KeyParameter)keyParam).GetKey(); + Init(); + } + else + { + throw new ArgumentException( + "Invalid parameter passed to HC128 init - " + Platform.GetTypeName(parameters), + "parameters"); + } + + initialised = true; + } + + private byte[] buf = new byte[4]; + private int idx = 0; + + private byte GetByte() + { + if (idx == 0) + { + Pack.UInt32_To_LE(Step(), buf); + } + byte ret = buf[idx]; + idx = idx + 1 & 0x3; + return ret; + } + + public virtual void ProcessBytes( + byte[] input, + int inOff, + int len, + byte[] output, + int outOff) + { + if (!initialised) + throw new InvalidOperationException(AlgorithmName + " not initialised"); + + Check.DataLength(input, inOff, len, "input buffer too short"); + Check.OutputLength(output, outOff, len, "output buffer too short"); + + for (int i = 0; i < len; i++) + { + output[outOff + i] = (byte)(input[inOff + i] ^ GetByte()); + } + } + + public virtual void Reset() + { + Init(); + } + + public virtual byte ReturnByte(byte input) + { + return (byte)(input ^ GetByte()); + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/engines/HC256Engine.cs b/BouncyCastle/crypto/src/crypto/engines/HC256Engine.cs new file mode 100644 index 0000000..d8d83a6 --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/engines/HC256Engine.cs @@ -0,0 +1,224 @@ +using System; + +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Crypto.Utilities; +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Crypto.Engines +{ + /** + * HC-256 is a software-efficient stream cipher created by Hongjun Wu. It + * generates keystream from a 256-bit secret key and a 256-bit initialization + * vector. + *

+ * http://www.ecrypt.eu.org/stream/p3ciphers/hc/hc256_p3.pdf + *

+ * Its brother, HC-128, is a third phase candidate in the eStream contest. + * The algorithm is patent-free. No attacks are known as of today (April 2007). + * See + * + * http://www.ecrypt.eu.org/stream/hcp3.html + *

+ */ + public class HC256Engine + : IStreamCipher + { + private uint[] p = new uint[1024]; + private uint[] q = new uint[1024]; + private uint cnt = 0; + + private uint Step() + { + uint j = cnt & 0x3FF; + uint ret; + if (cnt < 1024) + { + uint x = p[(j - 3 & 0x3FF)]; + uint y = p[(j - 1023 & 0x3FF)]; + p[j] += p[(j - 10 & 0x3FF)] + + (RotateRight(x, 10) ^ RotateRight(y, 23)) + + q[((x ^ y) & 0x3FF)]; + + x = p[(j - 12 & 0x3FF)]; + ret = (q[x & 0xFF] + q[((x >> 8) & 0xFF) + 256] + + q[((x >> 16) & 0xFF) + 512] + q[((x >> 24) & 0xFF) + 768]) + ^ p[j]; + } + else + { + uint x = q[(j - 3 & 0x3FF)]; + uint y = q[(j - 1023 & 0x3FF)]; + q[j] += q[(j - 10 & 0x3FF)] + + (RotateRight(x, 10) ^ RotateRight(y, 23)) + + p[((x ^ y) & 0x3FF)]; + + x = q[(j - 12 & 0x3FF)]; + ret = (p[x & 0xFF] + p[((x >> 8) & 0xFF) + 256] + + p[((x >> 16) & 0xFF) + 512] + p[((x >> 24) & 0xFF) + 768]) + ^ q[j]; + } + cnt = cnt + 1 & 0x7FF; + return ret; + } + + private byte[] key, iv; + private bool initialised; + + private void Init() + { + if (key.Length != 32 && key.Length != 16) + throw new ArgumentException("The key must be 128/256 bits long"); + + if (iv.Length < 16) + throw new ArgumentException("The IV must be at least 128 bits long"); + + if (key.Length != 32) + { + byte[] k = new byte[32]; + + Array.Copy(key, 0, k, 0, key.Length); + Array.Copy(key, 0, k, 16, key.Length); + + key = k; + } + + if (iv.Length < 32) + { + byte[] newIV = new byte[32]; + + Array.Copy(iv, 0, newIV, 0, iv.Length); + Array.Copy(iv, 0, newIV, iv.Length, newIV.Length - iv.Length); + + iv = newIV; + } + + idx = 0; + cnt = 0; + + uint[] w = new uint[2560]; + + for (int i = 0; i < 32; i++) + { + w[i >> 2] |= ((uint)key[i] << (8 * (i & 0x3))); + } + + for (int i = 0; i < 32; i++) + { + w[(i >> 2) + 8] |= ((uint)iv[i] << (8 * (i & 0x3))); + } + + for (uint i = 16; i < 2560; i++) + { + uint x = w[i - 2]; + uint y = w[i - 15]; + w[i] = (RotateRight(x, 17) ^ RotateRight(x, 19) ^ (x >> 10)) + + w[i - 7] + + (RotateRight(y, 7) ^ RotateRight(y, 18) ^ (y >> 3)) + + w[i - 16] + i; + } + + Array.Copy(w, 512, p, 0, 1024); + Array.Copy(w, 1536, q, 0, 1024); + + for (int i = 0; i < 4096; i++) + { + Step(); + } + + cnt = 0; + } + + public virtual string AlgorithmName + { + get { return "HC-256"; } + } + + /** + * Initialise a HC-256 cipher. + * + * @param forEncryption whether or not we are for encryption. Irrelevant, as + * encryption and decryption are the same. + * @param params the parameters required to set up the cipher. + * @throws ArgumentException if the params argument is + * inappropriate (ie. the key is not 256 bit long). + */ + public virtual void Init( + bool forEncryption, + ICipherParameters parameters) + { + ICipherParameters keyParam = parameters; + + if (parameters is ParametersWithIV) + { + iv = ((ParametersWithIV)parameters).GetIV(); + keyParam = ((ParametersWithIV)parameters).Parameters; + } + else + { + iv = new byte[0]; + } + + if (keyParam is KeyParameter) + { + key = ((KeyParameter)keyParam).GetKey(); + Init(); + } + else + { + throw new ArgumentException( + "Invalid parameter passed to HC256 init - " + Platform.GetTypeName(parameters), + "parameters"); + } + + initialised = true; + } + + private byte[] buf = new byte[4]; + private int idx = 0; + + private byte GetByte() + { + if (idx == 0) + { + Pack.UInt32_To_LE(Step(), buf); + } + byte ret = buf[idx]; + idx = idx + 1 & 0x3; + return ret; + } + + public virtual void ProcessBytes( + byte[] input, + int inOff, + int len, + byte[] output, + int outOff) + { + if (!initialised) + throw new InvalidOperationException(AlgorithmName + " not initialised"); + + Check.DataLength(input, inOff, len, "input buffer too short"); + Check.OutputLength(output, outOff, len, "output buffer too short"); + + for (int i = 0; i < len; i++) + { + output[outOff + i] = (byte)(input[inOff + i] ^ GetByte()); + } + } + + public virtual void Reset() + { + Init(); + } + + public virtual byte ReturnByte(byte input) + { + return (byte)(input ^ GetByte()); + } + + private static uint RotateRight(uint x, int bits) + { + return (x >> bits) | (x << -bits); + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/engines/ISAACEngine.cs b/BouncyCastle/crypto/src/crypto/engines/ISAACEngine.cs new file mode 100644 index 0000000..b94ee6e --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/engines/ISAACEngine.cs @@ -0,0 +1,212 @@ +using System; + +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Crypto.Utilities; +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Crypto.Engines +{ + /** + * Implementation of Bob Jenkin's ISAAC (Indirection Shift Accumulate Add and Count). + * see: http://www.burtleburtle.net/bob/rand/isaacafa.html + */ + public class IsaacEngine + : IStreamCipher + { + // Constants + private static readonly int sizeL = 8, + stateArraySize = sizeL<<5; // 256 + + // Cipher's internal state + private uint[] engineState = null, // mm + results = null; // randrsl + private uint a = 0, b = 0, c = 0; + + // Engine state + private int index = 0; + private byte[] keyStream = new byte[stateArraySize<<2], // results expanded into bytes + workingKey = null; + private bool initialised = false; + + /** + * initialise an ISAAC cipher. + * + * @param forEncryption whether or not we are for encryption. + * @param params the parameters required to set up the cipher. + * @exception ArgumentException if the params argument is + * inappropriate. + */ + public virtual void Init( + bool forEncryption, + ICipherParameters parameters) + { + if (!(parameters is KeyParameter)) + throw new ArgumentException( + "invalid parameter passed to ISAAC Init - " + Platform.GetTypeName(parameters), + "parameters"); + + /* + * ISAAC encryption and decryption is completely + * symmetrical, so the 'forEncryption' is + * irrelevant. + */ + KeyParameter p = (KeyParameter) parameters; + setKey(p.GetKey()); + } + + public virtual byte ReturnByte( + byte input) + { + if (index == 0) + { + isaac(); + keyStream = Pack.UInt32_To_BE(results); + } + + byte output = (byte)(keyStream[index]^input); + index = (index + 1) & 1023; + + return output; + } + + public virtual void ProcessBytes( + byte[] input, + int inOff, + int len, + byte[] output, + int outOff) + { + if (!initialised) + throw new InvalidOperationException(AlgorithmName + " not initialised"); + + Check.DataLength(input, inOff, len, "input buffer too short"); + Check.OutputLength(output, outOff, len, "output buffer too short"); + + for (int i = 0; i < len; i++) + { + if (index == 0) + { + isaac(); + keyStream = Pack.UInt32_To_BE(results); + } + output[i+outOff] = (byte)(keyStream[index]^input[i+inOff]); + index = (index + 1) & 1023; + } + } + + public virtual string AlgorithmName + { + get { return "ISAAC"; } + } + + public virtual void Reset() + { + setKey(workingKey); + } + + // Private implementation + private void setKey( + byte[] keyBytes) + { + workingKey = keyBytes; + + if (engineState == null) + { + engineState = new uint[stateArraySize]; + } + + if (results == null) + { + results = new uint[stateArraySize]; + } + + int i, j, k; + + // Reset state + for (i = 0; i < stateArraySize; i++) + { + engineState[i] = results[i] = 0; + } + a = b = c = 0; + + // Reset index counter for output + index = 0; + + // Convert the key bytes to ints and put them into results[] for initialization + byte[] t = new byte[keyBytes.Length + (keyBytes.Length & 3)]; + Array.Copy(keyBytes, 0, t, 0, keyBytes.Length); + for (i = 0; i < t.Length; i+=4) + { + results[i >> 2] = Pack.LE_To_UInt32(t, i); + } + + // It has begun? + uint[] abcdefgh = new uint[sizeL]; + + for (i = 0; i < sizeL; i++) + { + abcdefgh[i] = 0x9e3779b9; // Phi (golden ratio) + } + + for (i = 0; i < 4; i++) + { + mix(abcdefgh); + } + + for (i = 0; i < 2; i++) + { + for (j = 0; j < stateArraySize; j+=sizeL) + { + for (k = 0; k < sizeL; k++) + { + abcdefgh[k] += (i<1) ? results[j+k] : engineState[j+k]; + } + + mix(abcdefgh); + + for (k = 0; k < sizeL; k++) + { + engineState[j+k] = abcdefgh[k]; + } + } + } + + isaac(); + + initialised = true; + } + + private void isaac() + { + uint x, y; + + b += ++c; + for (int i = 0; i < stateArraySize; i++) + { + x = engineState[i]; + switch (i & 3) + { + case 0: a ^= (a << 13); break; + case 1: a ^= (a >> 6); break; + case 2: a ^= (a << 2); break; + case 3: a ^= (a >> 16); break; + } + a += engineState[(i+128) & 0xFF]; + engineState[i] = y = engineState[(int)((uint)x >> 2) & 0xFF] + a + b; + results[i] = b = engineState[(int)((uint)y >> 10) & 0xFF] + x; + } + } + + private void mix(uint[] x) + { + x[0]^=x[1]<< 11; x[3]+=x[0]; x[1]+=x[2]; + x[1]^=x[2]>> 2; x[4]+=x[1]; x[2]+=x[3]; + x[2]^=x[3]<< 8; x[5]+=x[2]; x[3]+=x[4]; + x[3]^=x[4]>> 16; x[6]+=x[3]; x[4]+=x[5]; + x[4]^=x[5]<< 10; x[7]+=x[4]; x[5]+=x[6]; + x[5]^=x[6]>> 4; x[0]+=x[5]; x[6]+=x[7]; + x[6]^=x[7]<< 8; x[1]+=x[6]; x[7]+=x[0]; + x[7]^=x[0]>> 9; x[2]+=x[7]; x[0]+=x[1]; + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/engines/IdeaEngine.cs b/BouncyCastle/crypto/src/crypto/engines/IdeaEngine.cs new file mode 100644 index 0000000..6c03791 --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/engines/IdeaEngine.cs @@ -0,0 +1,322 @@ +using System; + +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Crypto.Engines +{ + /** + * A class that provides a basic International Data Encryption Algorithm (IDEA) engine. + *

+ * This implementation is based on the "HOWTO: INTERNATIONAL DATA ENCRYPTION ALGORITHM" + * implementation summary by Fauzan Mirza (F.U.Mirza@sheffield.ac.uk). (barring 1 typo at the + * end of the MulInv function!). + *

+ *

+ * It can be found at ftp://ftp.funet.fi/pub/crypt/cryptography/symmetric/idea/ + *

+ *

+ * Note: This algorithm was patented in the USA, Japan and Europe. These patents expired in 2011/2012. + *

+ */ + public class IdeaEngine + : IBlockCipher + { + private const int BLOCK_SIZE = 8; + private int[] workingKey; + /** + * standard constructor. + */ + public IdeaEngine() + { + } + /** + * initialise an IDEA cipher. + * + * @param forEncryption whether or not we are for encryption. + * @param parameters the parameters required to set up the cipher. + * @exception ArgumentException if the parameters argument is + * inappropriate. + */ + public virtual void Init( + bool forEncryption, + ICipherParameters parameters) + { + if (!(parameters is KeyParameter)) + throw new ArgumentException("invalid parameter passed to IDEA init - " + Platform.GetTypeName(parameters)); + + workingKey = GenerateWorkingKey(forEncryption, + ((KeyParameter)parameters).GetKey()); + } + + public virtual string AlgorithmName + { + get { return "IDEA"; } + } + + public virtual bool IsPartialBlockOkay + { + get { return false; } + } + + public virtual int GetBlockSize() + { + return BLOCK_SIZE; + } + + public virtual int ProcessBlock( + byte[] input, + int inOff, + byte[] output, + int outOff) + { + if (workingKey == null) + throw new InvalidOperationException("IDEA engine not initialised"); + + Check.DataLength(input, inOff, BLOCK_SIZE, "input buffer too short"); + Check.OutputLength(output, outOff, BLOCK_SIZE, "output buffer too short"); + + IdeaFunc(workingKey, input, inOff, output, outOff); + return BLOCK_SIZE; + } + public virtual void Reset() + { + } + private static readonly int MASK = 0xffff; + private static readonly int BASE = 0x10001; + private int BytesToWord( + byte[] input, + int inOff) + { + return ((input[inOff] << 8) & 0xff00) + (input[inOff + 1] & 0xff); + } + private void WordToBytes( + int word, + byte[] outBytes, + int outOff) + { + outBytes[outOff] = (byte)((uint) word >> 8); + outBytes[outOff + 1] = (byte)word; + } + /** + * return x = x * y where the multiplication is done modulo + * 65537 (0x10001) (as defined in the IDEA specification) and + * a zero input is taken to be 65536 (0x10000). + * + * @param x the x value + * @param y the y value + * @return x = x * y + */ + private int Mul( + int x, + int y) + { + if (x == 0) + { + x = (BASE - y); + } + else if (y == 0) + { + x = (BASE - x); + } + else + { + int p = x * y; + y = p & MASK; + x = (int) ((uint) p >> 16); + x = y - x + ((y < x) ? 1 : 0); + } + return x & MASK; + } + private void IdeaFunc( + int[] workingKey, + byte[] input, + int inOff, + byte[] outBytes, + int outOff) + { + int x0, x1, x2, x3, t0, t1; + int keyOff = 0; + x0 = BytesToWord(input, inOff); + x1 = BytesToWord(input, inOff + 2); + x2 = BytesToWord(input, inOff + 4); + x3 = BytesToWord(input, inOff + 6); + for (int round = 0; round < 8; round++) + { + x0 = Mul(x0, workingKey[keyOff++]); + x1 += workingKey[keyOff++]; + x1 &= MASK; + x2 += workingKey[keyOff++]; + x2 &= MASK; + x3 = Mul(x3, workingKey[keyOff++]); + t0 = x1; + t1 = x2; + x2 ^= x0; + x1 ^= x3; + x2 = Mul(x2, workingKey[keyOff++]); + x1 += x2; + x1 &= MASK; + x1 = Mul(x1, workingKey[keyOff++]); + x2 += x1; + x2 &= MASK; + x0 ^= x1; + x3 ^= x2; + x1 ^= t1; + x2 ^= t0; + } + WordToBytes(Mul(x0, workingKey[keyOff++]), outBytes, outOff); + WordToBytes(x2 + workingKey[keyOff++], outBytes, outOff + 2); /* NB: Order */ + WordToBytes(x1 + workingKey[keyOff++], outBytes, outOff + 4); + WordToBytes(Mul(x3, workingKey[keyOff]), outBytes, outOff + 6); + } + /** + * The following function is used to expand the user key to the encryption + * subkey. The first 16 bytes are the user key, and the rest of the subkey + * is calculated by rotating the previous 16 bytes by 25 bits to the left, + * and so on until the subkey is completed. + */ + private int[] ExpandKey( + byte[] uKey) + { + int[] key = new int[52]; + if (uKey.Length < 16) + { + byte[] tmp = new byte[16]; + Array.Copy(uKey, 0, tmp, tmp.Length - uKey.Length, uKey.Length); + uKey = tmp; + } + for (int i = 0; i < 8; i++) + { + key[i] = BytesToWord(uKey, i * 2); + } + for (int i = 8; i < 52; i++) + { + if ((i & 7) < 6) + { + key[i] = ((key[i - 7] & 127) << 9 | key[i - 6] >> 7) & MASK; + } + else if ((i & 7) == 6) + { + key[i] = ((key[i - 7] & 127) << 9 | key[i - 14] >> 7) & MASK; + } + else + { + key[i] = ((key[i - 15] & 127) << 9 | key[i - 14] >> 7) & MASK; + } + } + return key; + } + /** + * This function computes multiplicative inverse using Euclid's Greatest + * Common Divisor algorithm. Zero and one are self inverse. + *

+ * i.e. x * MulInv(x) == 1 (modulo BASE) + *

+ */ + private int MulInv( + int x) + { + int t0, t1, q, y; + + if (x < 2) + { + return x; + } + t0 = 1; + t1 = BASE / x; + y = BASE % x; + while (y != 1) + { + q = x / y; + x = x % y; + t0 = (t0 + (t1 * q)) & MASK; + if (x == 1) + { + return t0; + } + q = y / x; + y = y % x; + t1 = (t1 + (t0 * q)) & MASK; + } + return (1 - t1) & MASK; + } + /** + * Return the additive inverse of x. + *

+ * i.e. x + AddInv(x) == 0 + *

+ */ + int AddInv( + int x) + { + return (0 - x) & MASK; + } + + /** + * The function to invert the encryption subkey to the decryption subkey. + * It also involves the multiplicative inverse and the additive inverse functions. + */ + private int[] InvertKey( + int[] inKey) + { + int t1, t2, t3, t4; + int p = 52; /* We work backwards */ + int[] key = new int[52]; + int inOff = 0; + + t1 = MulInv(inKey[inOff++]); + t2 = AddInv(inKey[inOff++]); + t3 = AddInv(inKey[inOff++]); + t4 = MulInv(inKey[inOff++]); + key[--p] = t4; + key[--p] = t3; + key[--p] = t2; + key[--p] = t1; + + for (int round = 1; round < 8; round++) + { + t1 = inKey[inOff++]; + t2 = inKey[inOff++]; + key[--p] = t2; + key[--p] = t1; + + t1 = MulInv(inKey[inOff++]); + t2 = AddInv(inKey[inOff++]); + t3 = AddInv(inKey[inOff++]); + t4 = MulInv(inKey[inOff++]); + key[--p] = t4; + key[--p] = t2; /* NB: Order */ + key[--p] = t3; + key[--p] = t1; + } + t1 = inKey[inOff++]; + t2 = inKey[inOff++]; + key[--p] = t2; + key[--p] = t1; + + t1 = MulInv(inKey[inOff++]); + t2 = AddInv(inKey[inOff++]); + t3 = AddInv(inKey[inOff++]); + t4 = MulInv(inKey[inOff]); + key[--p] = t4; + key[--p] = t3; + key[--p] = t2; + key[--p] = t1; + return key; + } + + private int[] GenerateWorkingKey( + bool forEncryption, + byte[] userKey) + { + if (forEncryption) + { + return ExpandKey(userKey); + } + else + { + return InvertKey(ExpandKey(userKey)); + } + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/engines/IesEngine.cs b/BouncyCastle/crypto/src/crypto/engines/IesEngine.cs new file mode 100644 index 0000000..307cc7a --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/engines/IesEngine.cs @@ -0,0 +1,243 @@ +using System; + +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Math; +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Crypto.Engines +{ + /** + * support class for constructing intergrated encryption ciphers + * for doing basic message exchanges on top of key agreement ciphers + */ + public class IesEngine + { + private readonly IBasicAgreement agree; + private readonly IDerivationFunction kdf; + private readonly IMac mac; + private readonly BufferedBlockCipher cipher; + private readonly byte[] macBuf; + + private bool forEncryption; + private ICipherParameters privParam, pubParam; + private IesParameters param; + + /** + * set up for use with stream mode, where the key derivation function + * is used to provide a stream of bytes to xor with the message. + * + * @param agree the key agreement used as the basis for the encryption + * @param kdf the key derivation function used for byte generation + * @param mac the message authentication code generator for the message + */ + public IesEngine( + IBasicAgreement agree, + IDerivationFunction kdf, + IMac mac) + { + this.agree = agree; + this.kdf = kdf; + this.mac = mac; + this.macBuf = new byte[mac.GetMacSize()]; +// this.cipher = null; + } + + /** + * set up for use in conjunction with a block cipher to handle the + * message. + * + * @param agree the key agreement used as the basis for the encryption + * @param kdf the key derivation function used for byte generation + * @param mac the message authentication code generator for the message + * @param cipher the cipher to used for encrypting the message + */ + public IesEngine( + IBasicAgreement agree, + IDerivationFunction kdf, + IMac mac, + BufferedBlockCipher cipher) + { + this.agree = agree; + this.kdf = kdf; + this.mac = mac; + this.macBuf = new byte[mac.GetMacSize()]; + this.cipher = cipher; + } + + /** + * Initialise the encryptor. + * + * @param forEncryption whether or not this is encryption/decryption. + * @param privParam our private key parameters + * @param pubParam the recipient's/sender's public key parameters + * @param param encoding and derivation parameters. + */ + public virtual void Init( + bool forEncryption, + ICipherParameters privParameters, + ICipherParameters pubParameters, + ICipherParameters iesParameters) + { + this.forEncryption = forEncryption; + this.privParam = privParameters; + this.pubParam = pubParameters; + this.param = (IesParameters)iesParameters; + } + + private byte[] DecryptBlock( + byte[] in_enc, + int inOff, + int inLen, + byte[] z) + { + byte[] M = null; + KeyParameter macKey = null; + KdfParameters kParam = new KdfParameters(z, param.GetDerivationV()); + int macKeySize = param.MacKeySize; + + kdf.Init(kParam); + + // Ensure that the length of the input is greater than the MAC in bytes + if (inLen < mac.GetMacSize()) + throw new InvalidCipherTextException("Length of input must be greater than the MAC"); + + inLen -= mac.GetMacSize(); + + if (cipher == null) // stream mode + { + byte[] Buffer = GenerateKdfBytes(kParam, inLen + (macKeySize / 8)); + + M = new byte[inLen]; + + for (int i = 0; i != inLen; i++) + { + M[i] = (byte)(in_enc[inOff + i] ^ Buffer[i]); + } + + macKey = new KeyParameter(Buffer, inLen, (macKeySize / 8)); + } + else + { + int cipherKeySize = ((IesWithCipherParameters)param).CipherKeySize; + byte[] Buffer = GenerateKdfBytes(kParam, (cipherKeySize / 8) + (macKeySize / 8)); + + cipher.Init(false, new KeyParameter(Buffer, 0, (cipherKeySize / 8))); + + M = cipher.DoFinal(in_enc, inOff, inLen); + + macKey = new KeyParameter(Buffer, (cipherKeySize / 8), (macKeySize / 8)); + } + + byte[] macIV = param.GetEncodingV(); + + mac.Init(macKey); + mac.BlockUpdate(in_enc, inOff, inLen); + mac.BlockUpdate(macIV, 0, macIV.Length); + mac.DoFinal(macBuf, 0); + + inOff += inLen; + + byte[] T1 = Arrays.CopyOfRange(in_enc, inOff, inOff + macBuf.Length); + + if (!Arrays.ConstantTimeAreEqual(T1, macBuf)) + throw (new InvalidCipherTextException("Invalid MAC.")); + + return M; + } + + private byte[] EncryptBlock( + byte[] input, + int inOff, + int inLen, + byte[] z) + { + byte[] C = null; + KeyParameter macKey = null; + KdfParameters kParam = new KdfParameters(z, param.GetDerivationV()); + int c_text_length = 0; + int macKeySize = param.MacKeySize; + + if (cipher == null) // stream mode + { + byte[] Buffer = GenerateKdfBytes(kParam, inLen + (macKeySize / 8)); + + C = new byte[inLen + mac.GetMacSize()]; + c_text_length = inLen; + + for (int i = 0; i != inLen; i++) + { + C[i] = (byte)(input[inOff + i] ^ Buffer[i]); + } + + macKey = new KeyParameter(Buffer, inLen, (macKeySize / 8)); + } + else + { + int cipherKeySize = ((IesWithCipherParameters)param).CipherKeySize; + byte[] Buffer = GenerateKdfBytes(kParam, (cipherKeySize / 8) + (macKeySize / 8)); + + cipher.Init(true, new KeyParameter(Buffer, 0, (cipherKeySize / 8))); + + c_text_length = cipher.GetOutputSize(inLen); + byte[] tmp = new byte[c_text_length]; + + int len = cipher.ProcessBytes(input, inOff, inLen, tmp, 0); + len += cipher.DoFinal(tmp, len); + + C = new byte[len + mac.GetMacSize()]; + c_text_length = len; + + Array.Copy(tmp, 0, C, 0, len); + + macKey = new KeyParameter(Buffer, (cipherKeySize / 8), (macKeySize / 8)); + } + + byte[] macIV = param.GetEncodingV(); + + mac.Init(macKey); + mac.BlockUpdate(C, 0, c_text_length); + mac.BlockUpdate(macIV, 0, macIV.Length); + // + // return the message and it's MAC + // + mac.DoFinal(C, c_text_length); + return C; + } + + private byte[] GenerateKdfBytes( + KdfParameters kParam, + int length) + { + byte[] buf = new byte[length]; + + kdf.Init(kParam); + + kdf.GenerateBytes(buf, 0, buf.Length); + + return buf; + } + + public virtual byte[] ProcessBlock( + byte[] input, + int inOff, + int inLen) + { + agree.Init(privParam); + + BigInteger z = agree.CalculateAgreement(pubParam); + + byte[] zBytes = BigIntegers.AsUnsignedByteArray(agree.GetFieldSize(), z); + + try + { + return forEncryption + ? EncryptBlock(input, inOff, inLen, zBytes) + : DecryptBlock(input, inOff, inLen, zBytes); + } + finally + { + Array.Clear(zBytes, 0, zBytes.Length); + } + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/engines/NaccacheSternEngine.cs b/BouncyCastle/crypto/src/crypto/engines/NaccacheSternEngine.cs new file mode 100644 index 0000000..fe2d78d --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/engines/NaccacheSternEngine.cs @@ -0,0 +1,358 @@ +using System; +using System.Collections; + +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Math; +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Crypto.Engines +{ + /** + * NaccacheStern Engine. For details on this cipher, please see + * http://www.gemplus.com/smart/rd/publications/pdf/NS98pkcs.pdf + */ + public class NaccacheSternEngine + : IAsymmetricBlockCipher + { + private bool forEncryption; + + private NaccacheSternKeyParameters key; + + private IList[] lookup = null; + + public string AlgorithmName + { + get { return "NaccacheStern"; } + } + + /** + * Initializes this algorithm. Must be called before all other Functions. + * + * @see org.bouncycastle.crypto.AsymmetricBlockCipher#init(bool, + * org.bouncycastle.crypto.CipherParameters) + */ + public virtual void Init( + bool forEncryption, + ICipherParameters parameters) + { + this.forEncryption = forEncryption; + + if (parameters is ParametersWithRandom) + { + parameters = ((ParametersWithRandom) parameters).Parameters; + } + + key = (NaccacheSternKeyParameters)parameters; + + // construct lookup table for faster decryption if necessary + if (!this.forEncryption) + { + NaccacheSternPrivateKeyParameters priv = (NaccacheSternPrivateKeyParameters)key; + IList primes = priv.SmallPrimesList; + lookup = new IList[primes.Count]; + for (int i = 0; i < primes.Count; i++) + { + BigInteger actualPrime = (BigInteger) primes[i]; + int actualPrimeValue = actualPrime.IntValue; + + lookup[i] = Platform.CreateArrayList(actualPrimeValue); + lookup[i].Add(BigInteger.One); + + BigInteger accJ = BigInteger.Zero; + + for (int j = 1; j < actualPrimeValue; j++) + { +// BigInteger bigJ = BigInteger.ValueOf(j); +// accJ = priv.PhiN.Multiply(bigJ); + accJ = accJ.Add(priv.PhiN); + BigInteger comp = accJ.Divide(actualPrime); + lookup[i].Add(priv.G.ModPow(comp, priv.Modulus)); + } + } + } + } + + [Obsolete("Remove: no longer used")] + public virtual bool Debug + { + set {} + } + + /** + * Returns the input block size of this algorithm. + * + * @see org.bouncycastle.crypto.AsymmetricBlockCipher#GetInputBlockSize() + */ + public virtual int GetInputBlockSize() + { + if (forEncryption) + { + // We can only encrypt values up to lowerSigmaBound + return (key.LowerSigmaBound + 7) / 8 - 1; + } + else + { + // We pad to modulus-size bytes for easier decryption. +// return key.Modulus.ToByteArray().Length; + return key.Modulus.BitLength / 8 + 1; + } + } + + /** + * Returns the output block size of this algorithm. + * + * @see org.bouncycastle.crypto.AsymmetricBlockCipher#GetOutputBlockSize() + */ + public virtual int GetOutputBlockSize() + { + if (forEncryption) + { + // encrypted Data is always padded up to modulus size +// return key.Modulus.ToByteArray().Length; + return key.Modulus.BitLength / 8 + 1; + } + else + { + // decrypted Data has upper limit lowerSigmaBound + return (key.LowerSigmaBound + 7) / 8 - 1; + } + } + + /** + * Process a single Block using the Naccache-Stern algorithm. + * + * @see org.bouncycastle.crypto.AsymmetricBlockCipher#ProcessBlock(byte[], + * int, int) + */ + public virtual byte[] ProcessBlock( + byte[] inBytes, + int inOff, + int length) + { + if (key == null) + throw new InvalidOperationException("NaccacheStern engine not initialised"); + if (length > (GetInputBlockSize() + 1)) + throw new DataLengthException("input too large for Naccache-Stern cipher.\n"); + + if (!forEncryption) + { + // At decryption make sure that we receive padded data blocks + if (length < GetInputBlockSize()) + { + throw new InvalidCipherTextException("BlockLength does not match modulus for Naccache-Stern cipher.\n"); + } + } + + // transform input into BigInteger + BigInteger input = new BigInteger(1, inBytes, inOff, length); + + byte[] output; + if (forEncryption) + { + output = Encrypt(input); + } + else + { + IList plain = Platform.CreateArrayList(); + NaccacheSternPrivateKeyParameters priv = (NaccacheSternPrivateKeyParameters)key; + IList primes = priv.SmallPrimesList; + // Get Chinese Remainders of CipherText + for (int i = 0; i < primes.Count; i++) + { + BigInteger exp = input.ModPow(priv.PhiN.Divide((BigInteger)primes[i]), priv.Modulus); + IList al = lookup[i]; + if (lookup[i].Count != ((BigInteger)primes[i]).IntValue) + { + throw new InvalidCipherTextException("Error in lookup Array for " + + ((BigInteger)primes[i]).IntValue + + ": Size mismatch. Expected ArrayList with length " + + ((BigInteger)primes[i]).IntValue + " but found ArrayList of length " + + lookup[i].Count); + } + int lookedup = al.IndexOf(exp); + + if (lookedup == -1) + { + throw new InvalidCipherTextException("Lookup failed"); + } + plain.Add(BigInteger.ValueOf(lookedup)); + } + BigInteger test = chineseRemainder(plain, primes); + + // Should not be used as an oracle, so reencrypt output to see + // if it corresponds to input + + // this breaks probabilisic encryption, so disable it. Anyway, we do + // use the first n primes for key generation, so it is pretty easy + // to guess them. But as stated in the paper, this is not a security + // breach. So we can just work with the correct sigma. + + // if ((key.G.ModPow(test, key.Modulus)).Equals(input)) { + // output = test.ToByteArray(); + // } else { + // output = null; + // } + + output = test.ToByteArray(); + } + + return output; + } + + /** + * Encrypts a BigInteger aka Plaintext with the public key. + * + * @param plain + * The BigInteger to encrypt + * @return The byte[] representation of the encrypted BigInteger (i.e. + * crypted.toByteArray()) + */ + public virtual byte[] Encrypt( + BigInteger plain) + { + // Always return modulus size values 0-padded at the beginning + // 0-padding at the beginning is correctly parsed by BigInteger :) +// byte[] output = key.Modulus.ToByteArray(); +// Array.Clear(output, 0, output.Length); + byte[] output = new byte[key.Modulus.BitLength / 8 + 1]; + + byte[] tmp = key.G.ModPow(plain, key.Modulus).ToByteArray(); + Array.Copy(tmp, 0, output, output.Length - tmp.Length, tmp.Length); + return output; + } + + /** + * Adds the contents of two encrypted blocks mod sigma + * + * @param block1 + * the first encrypted block + * @param block2 + * the second encrypted block + * @return encrypt((block1 + block2) mod sigma) + * @throws InvalidCipherTextException + */ + public virtual byte[] AddCryptedBlocks( + byte[] block1, + byte[] block2) + { + // check for correct blocksize + if (forEncryption) + { + if ((block1.Length > GetOutputBlockSize()) + || (block2.Length > GetOutputBlockSize())) + { + throw new InvalidCipherTextException( + "BlockLength too large for simple addition.\n"); + } + } + else + { + if ((block1.Length > GetInputBlockSize()) + || (block2.Length > GetInputBlockSize())) + { + throw new InvalidCipherTextException( + "BlockLength too large for simple addition.\n"); + } + } + + // calculate resulting block + BigInteger m1Crypt = new BigInteger(1, block1); + BigInteger m2Crypt = new BigInteger(1, block2); + BigInteger m1m2Crypt = m1Crypt.Multiply(m2Crypt); + m1m2Crypt = m1m2Crypt.Mod(key.Modulus); + + //byte[] output = key.Modulus.ToByteArray(); + //Array.Clear(output, 0, output.Length); + byte[] output = new byte[key.Modulus.BitLength / 8 + 1]; + + byte[] m1m2CryptBytes = m1m2Crypt.ToByteArray(); + Array.Copy(m1m2CryptBytes, 0, output, + output.Length - m1m2CryptBytes.Length, m1m2CryptBytes.Length); + + return output; + } + + /** + * Convenience Method for data exchange with the cipher. + * + * Determines blocksize and splits data to blocksize. + * + * @param data the data to be processed + * @return the data after it went through the NaccacheSternEngine. + * @throws InvalidCipherTextException + */ + public virtual byte[] ProcessData( + byte[] data) + { + if (data.Length > GetInputBlockSize()) + { + int inBlocksize = GetInputBlockSize(); + int outBlocksize = GetOutputBlockSize(); + int datapos = 0; + int retpos = 0; + byte[] retval = new byte[(data.Length / inBlocksize + 1) * outBlocksize]; + while (datapos < data.Length) + { + byte[] tmp; + if (datapos + inBlocksize < data.Length) + { + tmp = ProcessBlock(data, datapos, inBlocksize); + datapos += inBlocksize; + } + else + { + tmp = ProcessBlock(data, datapos, data.Length - datapos); + datapos += data.Length - datapos; + } + if (tmp != null) + { + tmp.CopyTo(retval, retpos); + retpos += tmp.Length; + } + else + { + throw new InvalidCipherTextException("cipher returned null"); + } + } + byte[] ret = new byte[retpos]; + Array.Copy(retval, 0, ret, 0, retpos); + return ret; + } + else + { + return ProcessBlock(data, 0, data.Length); + } + } + + /** + * Computes the integer x that is expressed through the given primes and the + * congruences with the chinese remainder theorem (CRT). + * + * @param congruences + * the congruences c_i + * @param primes + * the primes p_i + * @return an integer x for that x % p_i == c_i + */ + private static BigInteger chineseRemainder(IList congruences, IList primes) + { + BigInteger retval = BigInteger.Zero; + BigInteger all = BigInteger.One; + for (int i = 0; i < primes.Count; i++) + { + all = all.Multiply((BigInteger)primes[i]); + } + for (int i = 0; i < primes.Count; i++) + { + BigInteger a = (BigInteger)primes[i]; + BigInteger b = all.Divide(a); + BigInteger b2 = b.ModInverse(a); + BigInteger tmp = b.Multiply(b2); + tmp = tmp.Multiply((BigInteger)congruences[i]); + retval = retval.Add(tmp); + } + + return retval.Mod(all); + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/engines/NoekeonEngine.cs b/BouncyCastle/crypto/src/crypto/engines/NoekeonEngine.cs new file mode 100644 index 0000000..838a403 --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/engines/NoekeonEngine.cs @@ -0,0 +1,258 @@ +using System; + +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Crypto.Utilities; +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Crypto.Engines +{ + /** + * A Noekeon engine, using direct-key mode. + */ + public class NoekeonEngine + : IBlockCipher + { + // Block and key size, as well as the amount of rounds. + private const int Size = 16; + + private static readonly byte[] RoundConstants = { 0x80, 0x1b, 0x36, 0x6c, 0xd8, 0xab, 0x4d, 0x9a, 0x2f, 0x5e, + 0xbc, 0x63, 0xc6, 0x97, 0x35, 0x6a, 0xd4 }; + + private readonly uint[] k = new uint[4]; + + private bool _initialised, _forEncryption; + + /** + * Create an instance of the Noekeon encryption algorithm + * and set some defaults + */ + public NoekeonEngine() + { + _initialised = false; + } + + public virtual string AlgorithmName + { + get { return "Noekeon"; } + } + + public virtual bool IsPartialBlockOkay + { + get { return false; } + } + + public virtual int GetBlockSize() + { + return Size; + } + + /** + * initialise + * + * @param forEncryption whether or not we are for encryption. + * @param params the parameters required to set up the cipher. + * @exception ArgumentException if the params argument is + * inappropriate. + */ + public virtual void Init(bool forEncryption, ICipherParameters parameters) + { + if (!(parameters is KeyParameter)) + throw new ArgumentException("Invalid parameters passed to Noekeon init - " + + Platform.GetTypeName(parameters), "parameters"); + + KeyParameter p = (KeyParameter) parameters; + byte[] key = p.GetKey(); + if (key.Length != 16) + throw new ArgumentException("Key length not 128 bits."); + + Pack.BE_To_UInt32(key, 0, k, 0, 4); + + if (!forEncryption) + { + // theta(k, new uint[]{ 0x00, 0x00, 0x00, 0x00 }); + { + uint a0 = k[0], a1 = k[1], a2 = k[2], a3 = k[3]; + + uint t02 = a0 ^ a2; + t02 ^= Integers.RotateLeft(t02, 8) ^ Integers.RotateLeft(t02, 24); + + uint t13 = a1 ^ a3; + t13 ^= Integers.RotateLeft(t13, 8) ^ Integers.RotateLeft(t13, 24); + + a0 ^= t13; + a1 ^= t02; + a2 ^= t13; + a3 ^= t02; + + k[0] = a0; k[1] = a1; k[2] = a2; k[3] = a3; + } + } + + this._forEncryption = forEncryption; + this._initialised = true; + } + + public virtual int ProcessBlock( + byte[] input, + int inOff, + byte[] output, + int outOff) + { + if (!_initialised) + throw new InvalidOperationException(AlgorithmName + " not initialised"); + + Check.DataLength(input, inOff, Size, "input buffer too short"); + Check.OutputLength(output, outOff, Size, "output buffer too short"); + + return _forEncryption + ? EncryptBlock(input, inOff, output, outOff) + : DecryptBlock(input, inOff, output, outOff); + } + + public virtual void Reset() + { + } + + private int EncryptBlock(byte[] input, int inOff, byte[] output, int outOff) + { + uint a0 = Pack.BE_To_UInt32(input, inOff); + uint a1 = Pack.BE_To_UInt32(input, inOff + 4); + uint a2 = Pack.BE_To_UInt32(input, inOff + 8); + uint a3 = Pack.BE_To_UInt32(input, inOff + 12); + + uint k0 = k[0], k1 = k[1], k2 = k[2], k3 = k[3]; + + int round = 0; + for (;;) + { + a0 ^= RoundConstants[round]; + + // theta(a, k); + { + uint t02 = a0 ^ a2; + t02 ^= Integers.RotateLeft(t02, 8) ^ Integers.RotateLeft(t02, 24); + + a0 ^= k0; + a1 ^= k1; + a2 ^= k2; + a3 ^= k3; + + uint t13 = a1 ^ a3; + t13 ^= Integers.RotateLeft(t13, 8) ^ Integers.RotateLeft(t13, 24); + + a0 ^= t13; + a1 ^= t02; + a2 ^= t13; + a3 ^= t02; + } + + if (++round > Size) + break; + + // pi1(a); + { + a1 = Integers.RotateLeft(a1, 1); + a2 = Integers.RotateLeft(a2, 5); + a3 = Integers.RotateLeft(a3, 2); + } + + // gamma(a); + { + uint t = a3; + a1 ^= a3 | a2; + a3 = a0 ^ (a2 & ~a1); + + a2 = t ^ ~a1 ^ a2 ^ a3; + + a1 ^= a3 | a2; + a0 = t ^ (a2 & a1); + } + + // pi2(a); + { + a1 = Integers.RotateLeft(a1, 31); + a2 = Integers.RotateLeft(a2, 27); + a3 = Integers.RotateLeft(a3, 30); + } + } + + Pack.UInt32_To_BE(a0, output, outOff); + Pack.UInt32_To_BE(a1, output, outOff + 4); + Pack.UInt32_To_BE(a2, output, outOff + 8); + Pack.UInt32_To_BE(a3, output, outOff + 12); + + return Size; + } + + private int DecryptBlock(byte[] input, int inOff, byte[] output, int outOff) + { + uint a0 = Pack.BE_To_UInt32(input, inOff); + uint a1 = Pack.BE_To_UInt32(input, inOff + 4); + uint a2 = Pack.BE_To_UInt32(input, inOff + 8); + uint a3 = Pack.BE_To_UInt32(input, inOff + 12); + + uint k0 = k[0], k1 = k[1], k2 = k[2], k3 = k[3]; + + int round = Size; + for (;;) + { + // theta(a, k); + { + uint t02 = a0 ^ a2; + t02 ^= Integers.RotateLeft(t02, 8) ^ Integers.RotateLeft(t02, 24); + + a0 ^= k0; + a1 ^= k1; + a2 ^= k2; + a3 ^= k3; + + uint t13 = a1 ^ a3; + t13 ^= Integers.RotateLeft(t13, 8) ^ Integers.RotateLeft(t13, 24); + + a0 ^= t13; + a1 ^= t02; + a2 ^= t13; + a3 ^= t02; + } + + a0 ^= RoundConstants[round]; + + if (--round < 0) + break; + + // pi1(a); + { + a1 = Integers.RotateLeft(a1, 1); + a2 = Integers.RotateLeft(a2, 5); + a3 = Integers.RotateLeft(a3, 2); + } + + // gamma(a); + { + uint t = a3; + a1 ^= a3 | a2; + a3 = a0 ^ (a2 & ~a1); + + a2 = t ^ ~a1 ^ a2 ^ a3; + + a1 ^= a3 | a2; + a0 = t ^ (a2 & a1); + } + + // pi2(a); + { + a1 = Integers.RotateLeft(a1, 31); + a2 = Integers.RotateLeft(a2, 27); + a3 = Integers.RotateLeft(a3, 30); + } + } + + Pack.UInt32_To_BE(a0, output, outOff); + Pack.UInt32_To_BE(a1, output, outOff + 4); + Pack.UInt32_To_BE(a2, output, outOff + 8); + Pack.UInt32_To_BE(a3, output, outOff + 12); + + return Size; + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/engines/NullEngine.cs b/BouncyCastle/crypto/src/crypto/engines/NullEngine.cs new file mode 100644 index 0000000..f883b7c --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/engines/NullEngine.cs @@ -0,0 +1,69 @@ +using System; + +using Org.BouncyCastle.Crypto.Parameters; + +namespace Org.BouncyCastle.Crypto.Engines +{ + /** + * The no-op engine that just copies bytes through, irrespective of whether encrypting and decrypting. + * Provided for the sake of completeness. + */ + public class NullEngine + : IBlockCipher + { + private bool initialised; + private const int BlockSize = 1; + + public NullEngine() + { + } + + public virtual void Init( + bool forEncryption, + ICipherParameters parameters) + { + // we don't mind any parameters that may come in + initialised = true; + } + + public virtual string AlgorithmName + { + get { return "Null"; } + } + + public virtual bool IsPartialBlockOkay + { + get { return true; } + } + + public virtual int GetBlockSize() + { + return BlockSize; + } + + public virtual int ProcessBlock( + byte[] input, + int inOff, + byte[] output, + int outOff) + { + if (!initialised) + throw new InvalidOperationException("Null engine not initialised"); + + Check.DataLength(input, inOff, BlockSize, "input buffer too short"); + Check.OutputLength(output, outOff, BlockSize, "output buffer too short"); + + for (int i = 0; i < BlockSize; ++i) + { + output[outOff + i] = input[inOff + i]; + } + + return BlockSize; + } + + public virtual void Reset() + { + // nothing needs to be done + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/engines/RC2Engine.cs b/BouncyCastle/crypto/src/crypto/engines/RC2Engine.cs new file mode 100644 index 0000000..4aca189 --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/engines/RC2Engine.cs @@ -0,0 +1,311 @@ +using System; + +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Crypto.Engines +{ + /** + * an implementation of RC2 as described in RFC 2268 + * "A Description of the RC2(r) Encryption Algorithm" R. Rivest. + */ + public class RC2Engine + : IBlockCipher + { + // + // the values we use for key expansion (based on the digits of PI) + // + private static readonly byte[] piTable = + { + (byte)0xd9, (byte)0x78, (byte)0xf9, (byte)0xc4, (byte)0x19, (byte)0xdd, (byte)0xb5, (byte)0xed, + (byte)0x28, (byte)0xe9, (byte)0xfd, (byte)0x79, (byte)0x4a, (byte)0xa0, (byte)0xd8, (byte)0x9d, + (byte)0xc6, (byte)0x7e, (byte)0x37, (byte)0x83, (byte)0x2b, (byte)0x76, (byte)0x53, (byte)0x8e, + (byte)0x62, (byte)0x4c, (byte)0x64, (byte)0x88, (byte)0x44, (byte)0x8b, (byte)0xfb, (byte)0xa2, + (byte)0x17, (byte)0x9a, (byte)0x59, (byte)0xf5, (byte)0x87, (byte)0xb3, (byte)0x4f, (byte)0x13, + (byte)0x61, (byte)0x45, (byte)0x6d, (byte)0x8d, (byte)0x9, (byte)0x81, (byte)0x7d, (byte)0x32, + (byte)0xbd, (byte)0x8f, (byte)0x40, (byte)0xeb, (byte)0x86, (byte)0xb7, (byte)0x7b, (byte)0xb, + (byte)0xf0, (byte)0x95, (byte)0x21, (byte)0x22, (byte)0x5c, (byte)0x6b, (byte)0x4e, (byte)0x82, + (byte)0x54, (byte)0xd6, (byte)0x65, (byte)0x93, (byte)0xce, (byte)0x60, (byte)0xb2, (byte)0x1c, + (byte)0x73, (byte)0x56, (byte)0xc0, (byte)0x14, (byte)0xa7, (byte)0x8c, (byte)0xf1, (byte)0xdc, + (byte)0x12, (byte)0x75, (byte)0xca, (byte)0x1f, (byte)0x3b, (byte)0xbe, (byte)0xe4, (byte)0xd1, + (byte)0x42, (byte)0x3d, (byte)0xd4, (byte)0x30, (byte)0xa3, (byte)0x3c, (byte)0xb6, (byte)0x26, + (byte)0x6f, (byte)0xbf, (byte)0xe, (byte)0xda, (byte)0x46, (byte)0x69, (byte)0x7, (byte)0x57, + (byte)0x27, (byte)0xf2, (byte)0x1d, (byte)0x9b, (byte)0xbc, (byte)0x94, (byte)0x43, (byte)0x3, + (byte)0xf8, (byte)0x11, (byte)0xc7, (byte)0xf6, (byte)0x90, (byte)0xef, (byte)0x3e, (byte)0xe7, + (byte)0x6, (byte)0xc3, (byte)0xd5, (byte)0x2f, (byte)0xc8, (byte)0x66, (byte)0x1e, (byte)0xd7, + (byte)0x8, (byte)0xe8, (byte)0xea, (byte)0xde, (byte)0x80, (byte)0x52, (byte)0xee, (byte)0xf7, + (byte)0x84, (byte)0xaa, (byte)0x72, (byte)0xac, (byte)0x35, (byte)0x4d, (byte)0x6a, (byte)0x2a, + (byte)0x96, (byte)0x1a, (byte)0xd2, (byte)0x71, (byte)0x5a, (byte)0x15, (byte)0x49, (byte)0x74, + (byte)0x4b, (byte)0x9f, (byte)0xd0, (byte)0x5e, (byte)0x4, (byte)0x18, (byte)0xa4, (byte)0xec, + (byte)0xc2, (byte)0xe0, (byte)0x41, (byte)0x6e, (byte)0xf, (byte)0x51, (byte)0xcb, (byte)0xcc, + (byte)0x24, (byte)0x91, (byte)0xaf, (byte)0x50, (byte)0xa1, (byte)0xf4, (byte)0x70, (byte)0x39, + (byte)0x99, (byte)0x7c, (byte)0x3a, (byte)0x85, (byte)0x23, (byte)0xb8, (byte)0xb4, (byte)0x7a, + (byte)0xfc, (byte)0x2, (byte)0x36, (byte)0x5b, (byte)0x25, (byte)0x55, (byte)0x97, (byte)0x31, + (byte)0x2d, (byte)0x5d, (byte)0xfa, (byte)0x98, (byte)0xe3, (byte)0x8a, (byte)0x92, (byte)0xae, + (byte)0x5, (byte)0xdf, (byte)0x29, (byte)0x10, (byte)0x67, (byte)0x6c, (byte)0xba, (byte)0xc9, + (byte)0xd3, (byte)0x0, (byte)0xe6, (byte)0xcf, (byte)0xe1, (byte)0x9e, (byte)0xa8, (byte)0x2c, + (byte)0x63, (byte)0x16, (byte)0x1, (byte)0x3f, (byte)0x58, (byte)0xe2, (byte)0x89, (byte)0xa9, + (byte)0xd, (byte)0x38, (byte)0x34, (byte)0x1b, (byte)0xab, (byte)0x33, (byte)0xff, (byte)0xb0, + (byte)0xbb, (byte)0x48, (byte)0xc, (byte)0x5f, (byte)0xb9, (byte)0xb1, (byte)0xcd, (byte)0x2e, + (byte)0xc5, (byte)0xf3, (byte)0xdb, (byte)0x47, (byte)0xe5, (byte)0xa5, (byte)0x9c, (byte)0x77, + (byte)0xa, (byte)0xa6, (byte)0x20, (byte)0x68, (byte)0xfe, (byte)0x7f, (byte)0xc1, (byte)0xad + }; + + private const int BLOCK_SIZE = 8; + + private int[] workingKey; + private bool encrypting; + + private int[] GenerateWorkingKey( + byte[] key, + int bits) + { + int x; + int[] xKey = new int[128]; + + for (int i = 0; i != key.Length; i++) + { + xKey[i] = key[i] & 0xff; + } + + // Phase 1: Expand input key to 128 bytes + int len = key.Length; + + if (len < 128) + { + int index = 0; + + x = xKey[len - 1]; + + do + { + x = piTable[(x + xKey[index++]) & 255] & 0xff; + xKey[len++] = x; + } + while (len < 128); + } + + // Phase 2 - reduce effective key size to "bits" + len = (bits + 7) >> 3; + x = piTable[xKey[128 - len] & (255 >> (7 & -bits))] & 0xff; + xKey[128 - len] = x; + + for (int i = 128 - len - 1; i >= 0; i--) + { + x = piTable[x ^ xKey[i + len]] & 0xff; + xKey[i] = x; + } + + // Phase 3 - copy to newKey in little-endian order + int[] newKey = new int[64]; + + for (int i = 0; i != newKey.Length; i++) + { + newKey[i] = (xKey[2 * i] + (xKey[2 * i + 1] << 8)); + } + + return newKey; + } + + /** + * initialise a RC2 cipher. + * + * @param forEncryption whether or not we are for encryption. + * @param parameters the parameters required to set up the cipher. + * @exception ArgumentException if the parameters argument is + * inappropriate. + */ + public virtual void Init( + bool forEncryption, + ICipherParameters parameters) + { + this.encrypting = forEncryption; + + if (parameters is RC2Parameters) + { + RC2Parameters param = (RC2Parameters) parameters; + + workingKey = GenerateWorkingKey(param.GetKey(), param.EffectiveKeyBits); + } + else if (parameters is KeyParameter) + { + KeyParameter param = (KeyParameter) parameters; + byte[] key = param.GetKey(); + + workingKey = GenerateWorkingKey(key, key.Length * 8); + } + else + { + throw new ArgumentException("invalid parameter passed to RC2 init - " + Platform.GetTypeName(parameters)); + } + } + + public virtual void Reset() + { + } + + public virtual string AlgorithmName + { + get { return "RC2"; } + } + + public virtual bool IsPartialBlockOkay + { + get { return false; } + } + + public virtual int GetBlockSize() + { + return BLOCK_SIZE; + } + + public virtual int ProcessBlock( + byte[] input, + int inOff, + byte[] output, + int outOff) + { + if (workingKey == null) + throw new InvalidOperationException("RC2 engine not initialised"); + + Check.DataLength(input, inOff, BLOCK_SIZE, "input buffer too short"); + Check.OutputLength(output, outOff, BLOCK_SIZE, "output buffer too short"); + + if (encrypting) + { + EncryptBlock(input, inOff, output, outOff); + } + else + { + DecryptBlock(input, inOff, output, outOff); + } + + return BLOCK_SIZE; + } + + /** + * return the result rotating the 16 bit number in x left by y + */ + private int RotateWordLeft( + int x, + int y) + { + x &= 0xffff; + return (x << y) | (x >> (16 - y)); + } + + private void EncryptBlock( + byte[] input, + int inOff, + byte[] outBytes, + int outOff) + { + int x76, x54, x32, x10; + + x76 = ((input[inOff + 7] & 0xff) << 8) + (input[inOff + 6] & 0xff); + x54 = ((input[inOff + 5] & 0xff) << 8) + (input[inOff + 4] & 0xff); + x32 = ((input[inOff + 3] & 0xff) << 8) + (input[inOff + 2] & 0xff); + x10 = ((input[inOff + 1] & 0xff) << 8) + (input[inOff + 0] & 0xff); + + for (int i = 0; i <= 16; i += 4) + { + x10 = RotateWordLeft(x10 + (x32 & ~x76) + (x54 & x76) + workingKey[i ], 1); + x32 = RotateWordLeft(x32 + (x54 & ~x10) + (x76 & x10) + workingKey[i+1], 2); + x54 = RotateWordLeft(x54 + (x76 & ~x32) + (x10 & x32) + workingKey[i+2], 3); + x76 = RotateWordLeft(x76 + (x10 & ~x54) + (x32 & x54) + workingKey[i+3], 5); + } + + x10 += workingKey[x76 & 63]; + x32 += workingKey[x10 & 63]; + x54 += workingKey[x32 & 63]; + x76 += workingKey[x54 & 63]; + + for (int i = 20; i <= 40; i += 4) + { + x10 = RotateWordLeft(x10 + (x32 & ~x76) + (x54 & x76) + workingKey[i ], 1); + x32 = RotateWordLeft(x32 + (x54 & ~x10) + (x76 & x10) + workingKey[i+1], 2); + x54 = RotateWordLeft(x54 + (x76 & ~x32) + (x10 & x32) + workingKey[i+2], 3); + x76 = RotateWordLeft(x76 + (x10 & ~x54) + (x32 & x54) + workingKey[i+3], 5); + } + + x10 += workingKey[x76 & 63]; + x32 += workingKey[x10 & 63]; + x54 += workingKey[x32 & 63]; + x76 += workingKey[x54 & 63]; + + for (int i = 44; i < 64; i += 4) + { + x10 = RotateWordLeft(x10 + (x32 & ~x76) + (x54 & x76) + workingKey[i ], 1); + x32 = RotateWordLeft(x32 + (x54 & ~x10) + (x76 & x10) + workingKey[i+1], 2); + x54 = RotateWordLeft(x54 + (x76 & ~x32) + (x10 & x32) + workingKey[i+2], 3); + x76 = RotateWordLeft(x76 + (x10 & ~x54) + (x32 & x54) + workingKey[i+3], 5); + } + + outBytes[outOff + 0] = (byte)x10; + outBytes[outOff + 1] = (byte)(x10 >> 8); + outBytes[outOff + 2] = (byte)x32; + outBytes[outOff + 3] = (byte)(x32 >> 8); + outBytes[outOff + 4] = (byte)x54; + outBytes[outOff + 5] = (byte)(x54 >> 8); + outBytes[outOff + 6] = (byte)x76; + outBytes[outOff + 7] = (byte)(x76 >> 8); + } + + private void DecryptBlock( + byte[] input, + int inOff, + byte[] outBytes, + int outOff) + { + int x76, x54, x32, x10; + + x76 = ((input[inOff + 7] & 0xff) << 8) + (input[inOff + 6] & 0xff); + x54 = ((input[inOff + 5] & 0xff) << 8) + (input[inOff + 4] & 0xff); + x32 = ((input[inOff + 3] & 0xff) << 8) + (input[inOff + 2] & 0xff); + x10 = ((input[inOff + 1] & 0xff) << 8) + (input[inOff + 0] & 0xff); + + for (int i = 60; i >= 44; i -= 4) + { + x76 = RotateWordLeft(x76, 11) - ((x10 & ~x54) + (x32 & x54) + workingKey[i+3]); + x54 = RotateWordLeft(x54, 13) - ((x76 & ~x32) + (x10 & x32) + workingKey[i+2]); + x32 = RotateWordLeft(x32, 14) - ((x54 & ~x10) + (x76 & x10) + workingKey[i+1]); + x10 = RotateWordLeft(x10, 15) - ((x32 & ~x76) + (x54 & x76) + workingKey[i ]); + } + + x76 -= workingKey[x54 & 63]; + x54 -= workingKey[x32 & 63]; + x32 -= workingKey[x10 & 63]; + x10 -= workingKey[x76 & 63]; + + for (int i = 40; i >= 20; i -= 4) + { + x76 = RotateWordLeft(x76, 11) - ((x10 & ~x54) + (x32 & x54) + workingKey[i+3]); + x54 = RotateWordLeft(x54, 13) - ((x76 & ~x32) + (x10 & x32) + workingKey[i+2]); + x32 = RotateWordLeft(x32, 14) - ((x54 & ~x10) + (x76 & x10) + workingKey[i+1]); + x10 = RotateWordLeft(x10, 15) - ((x32 & ~x76) + (x54 & x76) + workingKey[i ]); + } + + x76 -= workingKey[x54 & 63]; + x54 -= workingKey[x32 & 63]; + x32 -= workingKey[x10 & 63]; + x10 -= workingKey[x76 & 63]; + + for (int i = 16; i >= 0; i -= 4) + { + x76 = RotateWordLeft(x76, 11) - ((x10 & ~x54) + (x32 & x54) + workingKey[i+3]); + x54 = RotateWordLeft(x54, 13) - ((x76 & ~x32) + (x10 & x32) + workingKey[i+2]); + x32 = RotateWordLeft(x32, 14) - ((x54 & ~x10) + (x76 & x10) + workingKey[i+1]); + x10 = RotateWordLeft(x10, 15) - ((x32 & ~x76) + (x54 & x76) + workingKey[i ]); + } + + outBytes[outOff + 0] = (byte)x10; + outBytes[outOff + 1] = (byte)(x10 >> 8); + outBytes[outOff + 2] = (byte)x32; + outBytes[outOff + 3] = (byte)(x32 >> 8); + outBytes[outOff + 4] = (byte)x54; + outBytes[outOff + 5] = (byte)(x54 >> 8); + outBytes[outOff + 6] = (byte)x76; + outBytes[outOff + 7] = (byte)(x76 >> 8); + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/engines/RC2WrapEngine.cs b/BouncyCastle/crypto/src/crypto/engines/RC2WrapEngine.cs new file mode 100644 index 0000000..5742aa8 --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/engines/RC2WrapEngine.cs @@ -0,0 +1,370 @@ +using System; + +using Org.BouncyCastle.Crypto.Digests; +using Org.BouncyCastle.Crypto.Modes; +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Security; +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Crypto.Engines +{ + /** + * Wrap keys according to RFC 3217 - RC2 mechanism + */ + public class RC2WrapEngine + : IWrapper + { + /** Field engine */ + private CbcBlockCipher engine; + + /** Field param */ + private ICipherParameters parameters; + + /** Field paramPlusIV */ + private ParametersWithIV paramPlusIV; + + /** Field iv */ + private byte[] iv; + + /** Field forWrapping */ + private bool forWrapping; + + private SecureRandom sr; + + /** Field IV2 */ + private static readonly byte[] IV2 = + { + (byte) 0x4a, (byte) 0xdd, (byte) 0xa2, + (byte) 0x2c, (byte) 0x79, (byte) 0xe8, + (byte) 0x21, (byte) 0x05 + }; + + // + // checksum digest + // + IDigest sha1 = new Sha1Digest(); + byte[] digest = new byte[20]; + + /** + * Method init + * + * @param forWrapping + * @param param + */ + public virtual void Init( + bool forWrapping, + ICipherParameters parameters) + { + this.forWrapping = forWrapping; + this.engine = new CbcBlockCipher(new RC2Engine()); + + if (parameters is ParametersWithRandom) + { + ParametersWithRandom pWithR = (ParametersWithRandom)parameters; + sr = pWithR.Random; + parameters = pWithR.Parameters; + } + else + { + sr = new SecureRandom(); + } + + if (parameters is ParametersWithIV) + { + if (!forWrapping) + throw new ArgumentException("You should not supply an IV for unwrapping"); + + this.paramPlusIV = (ParametersWithIV)parameters; + this.iv = this.paramPlusIV.GetIV(); + this.parameters = this.paramPlusIV.Parameters; + + if (this.iv.Length != 8) + throw new ArgumentException("IV is not 8 octets"); + } + else + { + this.parameters = parameters; + + if (this.forWrapping) + { + // Hm, we have no IV but we want to wrap ?!? + // well, then we have to create our own IV. + this.iv = new byte[8]; + sr.NextBytes(iv); + this.paramPlusIV = new ParametersWithIV(this.parameters, this.iv); + } + } + } + + /** + * Method GetAlgorithmName + * + * @return + */ + public virtual string AlgorithmName + { + get { return "RC2"; } + } + + /** + * Method wrap + * + * @param in + * @param inOff + * @param inLen + * @return + */ + public virtual byte[] Wrap( + byte[] input, + int inOff, + int length) + { + if (!forWrapping) + { + throw new InvalidOperationException("Not initialized for wrapping"); + } + + int len = length + 1; + if ((len % 8) != 0) + { + len += 8 - (len % 8); + } + + byte [] keyToBeWrapped = new byte[len]; + + keyToBeWrapped[0] = (byte)length; + Array.Copy(input, inOff, keyToBeWrapped, 1, length); + + byte[] pad = new byte[keyToBeWrapped.Length - length - 1]; + + if (pad.Length > 0) + { + sr.NextBytes(pad); + Array.Copy(pad, 0, keyToBeWrapped, length + 1, pad.Length); + } + + // Compute the CMS Key Checksum, (section 5.6.1), call this CKS. + byte[] CKS = CalculateCmsKeyChecksum(keyToBeWrapped); + + // Let WKCKS = WK || CKS where || is concatenation. + byte[] WKCKS = new byte[keyToBeWrapped.Length + CKS.Length]; + + Array.Copy(keyToBeWrapped, 0, WKCKS, 0, keyToBeWrapped.Length); + Array.Copy(CKS, 0, WKCKS, keyToBeWrapped.Length, CKS.Length); + + // Encrypt WKCKS in CBC mode using KEK as the key and IV as the + // initialization vector. Call the results TEMP1. + byte [] TEMP1 = new byte[WKCKS.Length]; + + Array.Copy(WKCKS, 0, TEMP1, 0, WKCKS.Length); + + int noOfBlocks = WKCKS.Length / engine.GetBlockSize(); + int extraBytes = WKCKS.Length % engine.GetBlockSize(); + + if (extraBytes != 0) + { + throw new InvalidOperationException("Not multiple of block length"); + } + + engine.Init(true, paramPlusIV); + + for (int i = 0; i < noOfBlocks; i++) + { + int currentBytePos = i * engine.GetBlockSize(); + + engine.ProcessBlock(TEMP1, currentBytePos, TEMP1, currentBytePos); + } + + // Left TEMP2 = IV || TEMP1. + byte[] TEMP2 = new byte[this.iv.Length + TEMP1.Length]; + + Array.Copy(this.iv, 0, TEMP2, 0, this.iv.Length); + Array.Copy(TEMP1, 0, TEMP2, this.iv.Length, TEMP1.Length); + + // Reverse the order of the octets in TEMP2 and call the result TEMP3. + byte[] TEMP3 = new byte[TEMP2.Length]; + + for (int i = 0; i < TEMP2.Length; i++) + { + TEMP3[i] = TEMP2[TEMP2.Length - (i + 1)]; + } + + // Encrypt TEMP3 in CBC mode using the KEK and an initialization vector + // of 0x 4a dd a2 2c 79 e8 21 05. The resulting cipher text is the desired + // result. It is 40 octets long if a 168 bit key is being wrapped. + ParametersWithIV param2 = new ParametersWithIV(this.parameters, IV2); + + this.engine.Init(true, param2); + + for (int i = 0; i < noOfBlocks + 1; i++) + { + int currentBytePos = i * engine.GetBlockSize(); + + engine.ProcessBlock(TEMP3, currentBytePos, TEMP3, currentBytePos); + } + + return TEMP3; + } + + /** + * Method unwrap + * + * @param in + * @param inOff + * @param inLen + * @return + * @throws InvalidCipherTextException + */ + public virtual byte[] Unwrap( + byte[] input, + int inOff, + int length) + { + if (forWrapping) + { + throw new InvalidOperationException("Not set for unwrapping"); + } + + if (input == null) + { + throw new InvalidCipherTextException("Null pointer as ciphertext"); + } + + if (length % engine.GetBlockSize() != 0) + { + throw new InvalidCipherTextException("Ciphertext not multiple of " + + engine.GetBlockSize()); + } + + /* + // Check if the length of the cipher text is reasonable given the key + // type. It must be 40 bytes for a 168 bit key and either 32, 40, or + // 48 bytes for a 128, 192, or 256 bit key. If the length is not supported + // or inconsistent with the algorithm for which the key is intended, + // return error. + // + // we do not accept 168 bit keys. it has to be 192 bit. + int lengthA = (estimatedKeyLengthInBit / 8) + 16; + int lengthB = estimatedKeyLengthInBit % 8; + + if ((lengthA != keyToBeUnwrapped.Length) || (lengthB != 0)) { + throw new XMLSecurityException("empty"); + } + */ + + // Decrypt the cipher text with TRIPLedeS in CBC mode using the KEK + // and an initialization vector (IV) of 0x4adda22c79e82105. Call the output TEMP3. + ParametersWithIV param2 = new ParametersWithIV(this.parameters, IV2); + + this.engine.Init(false, param2); + + byte [] TEMP3 = new byte[length]; + + Array.Copy(input, inOff, TEMP3, 0, length); + + for (int i = 0; i < (TEMP3.Length / engine.GetBlockSize()); i++) + { + int currentBytePos = i * engine.GetBlockSize(); + + engine.ProcessBlock(TEMP3, currentBytePos, TEMP3, currentBytePos); + } + + // Reverse the order of the octets in TEMP3 and call the result TEMP2. + byte[] TEMP2 = new byte[TEMP3.Length]; + + for (int i = 0; i < TEMP3.Length; i++) + { + TEMP2[i] = TEMP3[TEMP3.Length - (i + 1)]; + } + + // Decompose TEMP2 into IV, the first 8 octets, and TEMP1, the remaining octets. + this.iv = new byte[8]; + + byte[] TEMP1 = new byte[TEMP2.Length - 8]; + + Array.Copy(TEMP2, 0, this.iv, 0, 8); + Array.Copy(TEMP2, 8, TEMP1, 0, TEMP2.Length - 8); + + // Decrypt TEMP1 using TRIPLedeS in CBC mode using the KEK and the IV + // found in the previous step. Call the result WKCKS. + this.paramPlusIV = new ParametersWithIV(this.parameters, this.iv); + + this.engine.Init(false, this.paramPlusIV); + + byte[] LCEKPADICV = new byte[TEMP1.Length]; + + Array.Copy(TEMP1, 0, LCEKPADICV, 0, TEMP1.Length); + + for (int i = 0; i < (LCEKPADICV.Length / engine.GetBlockSize()); i++) + { + int currentBytePos = i * engine.GetBlockSize(); + + engine.ProcessBlock(LCEKPADICV, currentBytePos, LCEKPADICV, currentBytePos); + } + + // Decompose LCEKPADICV. CKS is the last 8 octets and WK, the wrapped key, are + // those octets before the CKS. + byte[] result = new byte[LCEKPADICV.Length - 8]; + byte[] CKStoBeVerified = new byte[8]; + + Array.Copy(LCEKPADICV, 0, result, 0, LCEKPADICV.Length - 8); + Array.Copy(LCEKPADICV, LCEKPADICV.Length - 8, CKStoBeVerified, 0, 8); + + // Calculate a CMS Key Checksum, (section 5.6.1), over the WK and compare + // with the CKS extracted in the above step. If they are not equal, return error. + if (!CheckCmsKeyChecksum(result, CKStoBeVerified)) + { + throw new InvalidCipherTextException( + "Checksum inside ciphertext is corrupted"); + } + + if ((result.Length - ((result[0] & 0xff) + 1)) > 7) + { + throw new InvalidCipherTextException( + "too many pad bytes (" + (result.Length - ((result[0] & 0xff) + 1)) + ")"); + } + + // CEK is the wrapped key, now extracted for use in data decryption. + byte[] CEK = new byte[result[0]]; + Array.Copy(result, 1, CEK, 0, CEK.Length); + return CEK; + } + + /** + * Some key wrap algorithms make use of the Key Checksum defined + * in CMS [CMS-Algorithms]. This is used to provide an integrity + * check value for the key being wrapped. The algorithm is + * + * - Compute the 20 octet SHA-1 hash on the key being wrapped. + * - Use the first 8 octets of this hash as the checksum value. + * + * @param key + * @return + * @throws Exception + * @see http://www.w3.org/TR/xmlenc-core/#sec-CMSKeyChecksum + */ + private byte[] CalculateCmsKeyChecksum( + byte[] key) + { + sha1.BlockUpdate(key, 0, key.Length); + sha1.DoFinal(digest, 0); + + byte[] result = new byte[8]; + Array.Copy(digest, 0, result, 0, 8); + return result; + } + + /** + * @param key + * @param checksum + * @return + * @see http://www.w3.org/TR/xmlenc-core/#sec-CMSKeyChecksum + */ + private bool CheckCmsKeyChecksum( + byte[] key, + byte[] checksum) + { + return Arrays.ConstantTimeAreEqual(CalculateCmsKeyChecksum(key), checksum); + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/engines/RC4Engine.cs b/BouncyCastle/crypto/src/crypto/engines/RC4Engine.cs new file mode 100644 index 0000000..a515bb0 --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/engines/RC4Engine.cs @@ -0,0 +1,139 @@ +using System; + +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Crypto.Engines +{ + public class RC4Engine + : IStreamCipher + { + private readonly static int STATE_LENGTH = 256; + + /* + * variables to hold the state of the RC4 engine + * during encryption and decryption + */ + + private byte[] engineState; + private int x; + private int y; + private byte[] workingKey; + + /** + * initialise a RC4 cipher. + * + * @param forEncryption whether or not we are for encryption. + * @param parameters the parameters required to set up the cipher. + * @exception ArgumentException if the parameters argument is + * inappropriate. + */ + public virtual void Init( + bool forEncryption, + ICipherParameters parameters) + { + if (parameters is KeyParameter) + { + /* + * RC4 encryption and decryption is completely + * symmetrical, so the 'forEncryption' is + * irrelevant. + */ + workingKey = ((KeyParameter)parameters).GetKey(); + SetKey(workingKey); + + return; + } + + throw new ArgumentException("invalid parameter passed to RC4 init - " + Platform.GetTypeName(parameters)); + } + + public virtual string AlgorithmName + { + get { return "RC4"; } + } + + public virtual byte ReturnByte( + byte input) + { + x = (x + 1) & 0xff; + y = (engineState[x] + y) & 0xff; + + // swap + byte tmp = engineState[x]; + engineState[x] = engineState[y]; + engineState[y] = tmp; + + // xor + return (byte)(input ^ engineState[(engineState[x] + engineState[y]) & 0xff]); + } + + public virtual void ProcessBytes( + byte[] input, + int inOff, + int length, + byte[] output, + int outOff) + { + Check.DataLength(input, inOff, length, "input buffer too short"); + Check.OutputLength(output, outOff, length, "output buffer too short"); + + for (int i = 0; i < length ; i++) + { + x = (x + 1) & 0xff; + y = (engineState[x] + y) & 0xff; + + // swap + byte tmp = engineState[x]; + engineState[x] = engineState[y]; + engineState[y] = tmp; + + // xor + output[i+outOff] = (byte)(input[i + inOff] + ^ engineState[(engineState[x] + engineState[y]) & 0xff]); + } + } + + public virtual void Reset() + { + SetKey(workingKey); + } + + // Private implementation + + private void SetKey( + byte[] keyBytes) + { + workingKey = keyBytes; + + // System.out.println("the key length is ; "+ workingKey.Length); + + x = 0; + y = 0; + + if (engineState == null) + { + engineState = new byte[STATE_LENGTH]; + } + + // reset the state of the engine + for (int i=0; i < STATE_LENGTH; i++) + { + engineState[i] = (byte)i; + } + + int i1 = 0; + int i2 = 0; + + for (int i=0; i < STATE_LENGTH; i++) + { + i2 = ((keyBytes[i1] & 0xff) + engineState[i] + i2) & 0xff; + // do the byte-swap inline + byte tmp = engineState[i]; + engineState[i] = engineState[i2]; + engineState[i2] = tmp; + i1 = (i1+1) % keyBytes.Length; + } + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/engines/RC532Engine.cs b/BouncyCastle/crypto/src/crypto/engines/RC532Engine.cs new file mode 100644 index 0000000..d1c29e6 --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/engines/RC532Engine.cs @@ -0,0 +1,294 @@ +using System; + +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Crypto.Engines +{ + /** + * The specification for RC5 came from the RC5 Encryption Algorithm + * publication in RSA CryptoBytes, Spring of 1995. + * http://www.rsasecurity.com/rsalabs/cryptobytes. + *

+ * This implementation has a word size of 32 bits.

+ */ + public class RC532Engine + : IBlockCipher + { + /* + * the number of rounds to perform + */ + private int _noRounds; + + /* + * the expanded key array of size 2*(rounds + 1) + */ + private int [] _S; + + /* + * our "magic constants" for 32 32 + * + * Pw = Odd((e-2) * 2^wordsize) + * Qw = Odd((o-2) * 2^wordsize) + * + * where e is the base of natural logarithms (2.718281828...) + * and o is the golden ratio (1.61803398...) + */ + private static readonly int P32 = unchecked((int) 0xb7e15163); + private static readonly int Q32 = unchecked((int) 0x9e3779b9); + + private bool forEncryption; + + /** + * Create an instance of the RC5 encryption algorithm + * and set some defaults + */ + public RC532Engine() + { + _noRounds = 12; // the default +// _S = null; + } + + public virtual string AlgorithmName + { + get { return "RC5-32"; } + } + + public virtual bool IsPartialBlockOkay + { + get { return false; } + } + + public virtual int GetBlockSize() + { + return 2 * 4; + } + + /** + * initialise a RC5-32 cipher. + * + * @param forEncryption whether or not we are for encryption. + * @param parameters the parameters required to set up the cipher. + * @exception ArgumentException if the parameters argument is + * inappropriate. + */ + public virtual void Init( + bool forEncryption, + ICipherParameters parameters) + { + if (typeof(RC5Parameters).IsInstanceOfType(parameters)) + { + RC5Parameters p = (RC5Parameters)parameters; + + _noRounds = p.Rounds; + + SetKey(p.GetKey()); + } + else if (typeof(KeyParameter).IsInstanceOfType(parameters)) + { + KeyParameter p = (KeyParameter)parameters; + + SetKey(p.GetKey()); + } + else + { + throw new ArgumentException("invalid parameter passed to RC532 init - " + Platform.GetTypeName(parameters)); + } + + this.forEncryption = forEncryption; + } + + public virtual int ProcessBlock( + byte[] input, + int inOff, + byte[] output, + int outOff) + { + return (forEncryption) + ? EncryptBlock(input, inOff, output, outOff) + : DecryptBlock(input, inOff, output, outOff); + } + + public virtual void Reset() + { + } + + /** + * Re-key the cipher. + * + * @param key the key to be used + */ + private void SetKey( + byte[] key) + { + // + // KEY EXPANSION: + // + // There are 3 phases to the key expansion. + // + // Phase 1: + // Copy the secret key K[0...b-1] into an array L[0..c-1] of + // c = ceil(b/u), where u = 32/8 in little-endian order. + // In other words, we fill up L using u consecutive key bytes + // of K. Any unfilled byte positions in L are zeroed. In the + // case that b = c = 0, set c = 1 and L[0] = 0. + // + int[] L = new int[(key.Length + (4 - 1)) / 4]; + + for (int i = 0; i != key.Length; i++) + { + L[i / 4] += (key[i] & 0xff) << (8 * (i % 4)); + } + + // + // Phase 2: + // Initialize S to a particular fixed pseudo-random bit pattern + // using an arithmetic progression modulo 2^wordsize determined + // by the magic numbers, Pw & Qw. + // + _S = new int[2*(_noRounds + 1)]; + + _S[0] = P32; + for (int i=1; i < _S.Length; i++) + { + _S[i] = (_S[i-1] + Q32); + } + + // + // Phase 3: + // Mix in the user's secret key in 3 passes over the arrays S & L. + // The max of the arrays sizes is used as the loop control + // + int iter; + + if (L.Length > _S.Length) + { + iter = 3 * L.Length; + } + else + { + iter = 3 * _S.Length; + } + + int A = 0, B = 0; + int ii = 0, jj = 0; + + for (int k = 0; k < iter; k++) + { + A = _S[ii] = RotateLeft(_S[ii] + A + B, 3); + B = L[jj] = RotateLeft( L[jj] + A + B, A+B); + ii = (ii+1) % _S.Length; + jj = (jj+1) % L.Length; + } + } + + /** + * Encrypt the given block starting at the given offset and place + * the result in the provided buffer starting at the given offset. + * + * @param in in byte buffer containing data to encrypt + * @param inOff offset into src buffer + * @param out out buffer where encrypted data is written + * @param outOff offset into out buffer + */ + private int EncryptBlock( + byte[] input, + int inOff, + byte[] outBytes, + int outOff) + { + int A = BytesToWord(input, inOff) + _S[0]; + int B = BytesToWord(input, inOff + 4) + _S[1]; + + for (int i = 1; i <= _noRounds; i++) + { + A = RotateLeft(A ^ B, B) + _S[2*i]; + B = RotateLeft(B ^ A, A) + _S[2*i+1]; + } + + WordToBytes(A, outBytes, outOff); + WordToBytes(B, outBytes, outOff + 4); + + return 2 * 4; + } + + private int DecryptBlock( + byte[] input, + int inOff, + byte[] outBytes, + int outOff) + { + int A = BytesToWord(input, inOff); + int B = BytesToWord(input, inOff + 4); + + for (int i = _noRounds; i >= 1; i--) + { + B = RotateRight(B - _S[2*i+1], A) ^ A; + A = RotateRight(A - _S[2*i], B) ^ B; + } + + WordToBytes(A - _S[0], outBytes, outOff); + WordToBytes(B - _S[1], outBytes, outOff + 4); + + return 2 * 4; + } + + + ////////////////////////////////////////////////////////////// + // + // PRIVATE Helper Methods + // + ////////////////////////////////////////////////////////////// + + /** + * Perform a left "spin" of the word. The rotation of the given + * word x is rotated left by y bits. + * Only the lg(32) low-order bits of y + * are used to determine the rotation amount. Here it is + * assumed that the wordsize used is a power of 2. + * + * @param x word to rotate + * @param y number of bits to rotate % 32 + */ + private int RotateLeft(int x, int y) { + return ((int) ( (uint) (x << (y & (32-1))) | + ((uint) x >> (32 - (y & (32-1)))) ) + ); + } + + /** + * Perform a right "spin" of the word. The rotation of the given + * word x is rotated left by y bits. + * Only the lg(32) low-order bits of y + * are used to determine the rotation amount. Here it is + * assumed that the wordsize used is a power of 2. + * + * @param x word to rotate + * @param y number of bits to rotate % 32 + */ + private int RotateRight(int x, int y) { + return ((int) ( ((uint) x >> (y & (32-1))) | + (uint) (x << (32 - (y & (32-1)))) ) + ); + } + + private int BytesToWord( + byte[] src, + int srcOff) + { + return (src[srcOff] & 0xff) | ((src[srcOff + 1] & 0xff) << 8) + | ((src[srcOff + 2] & 0xff) << 16) | ((src[srcOff + 3] & 0xff) << 24); + } + + private void WordToBytes( + int word, + byte[] dst, + int dstOff) + { + dst[dstOff] = (byte)word; + dst[dstOff + 1] = (byte)(word >> 8); + dst[dstOff + 2] = (byte)(word >> 16); + dst[dstOff + 3] = (byte)(word >> 24); + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/engines/RC564Engine.cs b/BouncyCastle/crypto/src/crypto/engines/RC564Engine.cs new file mode 100644 index 0000000..097fd60 --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/engines/RC564Engine.cs @@ -0,0 +1,295 @@ +using System; + +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Crypto.Engines +{ + /** + * The specification for RC5 came from the RC5 Encryption Algorithm + * publication in RSA CryptoBytes, Spring of 1995. + * http://www.rsasecurity.com/rsalabs/cryptobytes. + *

+ * This implementation is set to work with a 64 bit word size.

+ */ + public class RC564Engine + : IBlockCipher + { + private static readonly int wordSize = 64; + private static readonly int bytesPerWord = wordSize / 8; + + /* + * the number of rounds to perform + */ + private int _noRounds; + + /* + * the expanded key array of size 2*(rounds + 1) + */ + private long [] _S; + + /* + * our "magic constants" for wordSize 62 + * + * Pw = Odd((e-2) * 2^wordsize) + * Qw = Odd((o-2) * 2^wordsize) + * + * where e is the base of natural logarithms (2.718281828...) + * and o is the golden ratio (1.61803398...) + */ + private static readonly long P64 = unchecked( (long) 0xb7e151628aed2a6bL); + private static readonly long Q64 = unchecked( (long) 0x9e3779b97f4a7c15L); + + private bool forEncryption; + + /** + * Create an instance of the RC5 encryption algorithm + * and set some defaults + */ + public RC564Engine() + { + _noRounds = 12; +// _S = null; + } + + public virtual string AlgorithmName + { + get { return "RC5-64"; } + } + + public virtual bool IsPartialBlockOkay + { + get { return false; } + } + + public virtual int GetBlockSize() + { + return 2 * bytesPerWord; + } + + /** + * initialise a RC5-64 cipher. + * + * @param forEncryption whether or not we are for encryption. + * @param parameters the parameters required to set up the cipher. + * @exception ArgumentException if the parameters argument is + * inappropriate. + */ + public virtual void Init( + bool forEncryption, + ICipherParameters parameters) + { + if (!(typeof(RC5Parameters).IsInstanceOfType(parameters))) + { + throw new ArgumentException("invalid parameter passed to RC564 init - " + Platform.GetTypeName(parameters)); + } + + RC5Parameters p = (RC5Parameters)parameters; + + this.forEncryption = forEncryption; + + _noRounds = p.Rounds; + + SetKey(p.GetKey()); + } + + public virtual int ProcessBlock( + byte[] input, + int inOff, + byte[] output, + int outOff) + { + return (forEncryption) ? EncryptBlock(input, inOff, output, outOff) + : DecryptBlock(input, inOff, output, outOff); + } + + public virtual void Reset() + { + } + + /** + * Re-key the cipher. + * + * @param key the key to be used + */ + private void SetKey( + byte[] key) + { + // + // KEY EXPANSION: + // + // There are 3 phases to the key expansion. + // + // Phase 1: + // Copy the secret key K[0...b-1] into an array L[0..c-1] of + // c = ceil(b/u), where u = wordSize/8 in little-endian order. + // In other words, we fill up L using u consecutive key bytes + // of K. Any unfilled byte positions in L are zeroed. In the + // case that b = c = 0, set c = 1 and L[0] = 0. + // + long[] L = new long[(key.Length + (bytesPerWord - 1)) / bytesPerWord]; + + for (int i = 0; i != key.Length; i++) + { + L[i / bytesPerWord] += (long)(key[i] & 0xff) << (8 * (i % bytesPerWord)); + } + + // + // Phase 2: + // Initialize S to a particular fixed pseudo-random bit pattern + // using an arithmetic progression modulo 2^wordsize determined + // by the magic numbers, Pw & Qw. + // + _S = new long[2*(_noRounds + 1)]; + + _S[0] = P64; + for (int i=1; i < _S.Length; i++) + { + _S[i] = (_S[i-1] + Q64); + } + + // + // Phase 3: + // Mix in the user's secret key in 3 passes over the arrays S & L. + // The max of the arrays sizes is used as the loop control + // + int iter; + + if (L.Length > _S.Length) + { + iter = 3 * L.Length; + } + else + { + iter = 3 * _S.Length; + } + + long A = 0, B = 0; + int ii = 0, jj = 0; + + for (int k = 0; k < iter; k++) + { + A = _S[ii] = RotateLeft(_S[ii] + A + B, 3); + B = L[jj] = RotateLeft( L[jj] + A + B, A+B); + ii = (ii+1) % _S.Length; + jj = (jj+1) % L.Length; + } + } + + /** + * Encrypt the given block starting at the given offset and place + * the result in the provided buffer starting at the given offset. + * + * @param in in byte buffer containing data to encrypt + * @param inOff offset into src buffer + * @param out out buffer where encrypted data is written + * @param outOff offset into out buffer + */ + private int EncryptBlock( + byte[] input, + int inOff, + byte[] outBytes, + int outOff) + { + long A = BytesToWord(input, inOff) + _S[0]; + long B = BytesToWord(input, inOff + bytesPerWord) + _S[1]; + + for (int i = 1; i <= _noRounds; i++) + { + A = RotateLeft(A ^ B, B) + _S[2*i]; + B = RotateLeft(B ^ A, A) + _S[2*i+1]; + } + + WordToBytes(A, outBytes, outOff); + WordToBytes(B, outBytes, outOff + bytesPerWord); + + return 2 * bytesPerWord; + } + + private int DecryptBlock( + byte[] input, + int inOff, + byte[] outBytes, + int outOff) + { + long A = BytesToWord(input, inOff); + long B = BytesToWord(input, inOff + bytesPerWord); + + for (int i = _noRounds; i >= 1; i--) + { + B = RotateRight(B - _S[2*i+1], A) ^ A; + A = RotateRight(A - _S[2*i], B) ^ B; + } + + WordToBytes(A - _S[0], outBytes, outOff); + WordToBytes(B - _S[1], outBytes, outOff + bytesPerWord); + + return 2 * bytesPerWord; + } + + + ////////////////////////////////////////////////////////////// + // + // PRIVATE Helper Methods + // + ////////////////////////////////////////////////////////////// + + /** + * Perform a left "spin" of the word. The rotation of the given + * word x is rotated left by y bits. + * Only the lg(wordSize) low-order bits of y + * are used to determine the rotation amount. Here it is + * assumed that the wordsize used is a power of 2. + * + * @param x word to rotate + * @param y number of bits to rotate % wordSize + */ + private long RotateLeft(long x, long y) { + return ((long) ( (ulong) (x << (int) (y & (wordSize-1))) | + ((ulong) x >> (int) (wordSize - (y & (wordSize-1))))) + ); + } + + /** + * Perform a right "spin" of the word. The rotation of the given + * word x is rotated left by y bits. + * Only the lg(wordSize) low-order bits of y + * are used to determine the rotation amount. Here it is + * assumed that the wordsize used is a power of 2. + * + * @param x word to rotate + * @param y number of bits to rotate % wordSize + */ + private long RotateRight(long x, long y) { + return ((long) ( ((ulong) x >> (int) (y & (wordSize-1))) | + (ulong) (x << (int) (wordSize - (y & (wordSize-1))))) + ); + } + + private long BytesToWord( + byte[] src, + int srcOff) + { + long word = 0; + + for (int i = bytesPerWord - 1; i >= 0; i--) + { + word = (word << 8) + (src[i + srcOff] & 0xff); + } + + return word; + } + + private void WordToBytes( + long word, + byte[] dst, + int dstOff) + { + for (int i = 0; i < bytesPerWord; i++) + { + dst[i + dstOff] = (byte)word; + word = (long) ((ulong) word >> 8); + } + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/engines/RC6Engine.cs b/BouncyCastle/crypto/src/crypto/engines/RC6Engine.cs new file mode 100644 index 0000000..9aeb1e7 --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/engines/RC6Engine.cs @@ -0,0 +1,361 @@ +using System; + +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Crypto.Engines +{ + /** + * An RC6 engine. + */ + public class RC6Engine + : IBlockCipher + { + private static readonly int wordSize = 32; + private static readonly int bytesPerWord = wordSize / 8; + + /* + * the number of rounds to perform + */ + private static readonly int _noRounds = 20; + + /* + * the expanded key array of size 2*(rounds + 1) + */ + private int [] _S; + + /* + * our "magic constants" for wordSize 32 + * + * Pw = Odd((e-2) * 2^wordsize) + * Qw = Odd((o-2) * 2^wordsize) + * + * where e is the base of natural logarithms (2.718281828...) + * and o is the golden ratio (1.61803398...) + */ + private static readonly int P32 = unchecked((int) 0xb7e15163); + private static readonly int Q32 = unchecked((int) 0x9e3779b9); + + private static readonly int LGW = 5; // log2(32) + + private bool forEncryption; + + /** + * Create an instance of the RC6 encryption algorithm + * and set some defaults + */ + public RC6Engine() + { +// _S = null; + } + + public virtual string AlgorithmName + { + get { return "RC6"; } + } + + public virtual bool IsPartialBlockOkay + { + get { return false; } + } + + public virtual int GetBlockSize() + { + return 4 * bytesPerWord; + } + + /** + * initialise a RC5-32 cipher. + * + * @param forEncryption whether or not we are for encryption. + * @param parameters the parameters required to set up the cipher. + * @exception ArgumentException if the parameters argument is + * inappropriate. + */ + public virtual void Init( + bool forEncryption, + ICipherParameters parameters) + { + if (!(parameters is KeyParameter)) + throw new ArgumentException("invalid parameter passed to RC6 init - " + Platform.GetTypeName(parameters)); + + this.forEncryption = forEncryption; + + KeyParameter p = (KeyParameter)parameters; + SetKey(p.GetKey()); + } + + public virtual int ProcessBlock( + byte[] input, + int inOff, + byte[] output, + int outOff) + { + int blockSize = GetBlockSize(); + if (_S == null) + throw new InvalidOperationException("RC6 engine not initialised"); + + Check.DataLength(input, inOff, blockSize, "input buffer too short"); + Check.OutputLength(output, outOff, blockSize, "output buffer too short"); + + return (forEncryption) + ? EncryptBlock(input, inOff, output, outOff) + : DecryptBlock(input, inOff, output, outOff); + } + + public virtual void Reset() + { + } + + /** + * Re-key the cipher. + * + * @param inKey the key to be used + */ + private void SetKey( + byte[] key) + { + // + // KEY EXPANSION: + // + // There are 3 phases to the key expansion. + // + // Phase 1: + // Copy the secret key K[0...b-1] into an array L[0..c-1] of + // c = ceil(b/u), where u = wordSize/8 in little-endian order. + // In other words, we fill up L using u consecutive key bytes + // of K. Any unfilled byte positions in L are zeroed. In the + // case that b = c = 0, set c = 1 and L[0] = 0. + // + // compute number of dwords + int c = (key.Length + (bytesPerWord - 1)) / bytesPerWord; + if (c == 0) + { + c = 1; + } + int[] L = new int[(key.Length + bytesPerWord - 1) / bytesPerWord]; + + // load all key bytes into array of key dwords + for (int i = key.Length - 1; i >= 0; i--) + { + L[i / bytesPerWord] = (L[i / bytesPerWord] << 8) + (key[i] & 0xff); + } + + // + // Phase 2: + // Key schedule is placed in a array of 2+2*ROUNDS+2 = 44 dwords. + // Initialize S to a particular fixed pseudo-random bit pattern + // using an arithmetic progression modulo 2^wordsize determined + // by the magic numbers, Pw & Qw. + // + _S = new int[2+2*_noRounds+2]; + + _S[0] = P32; + for (int i=1; i < _S.Length; i++) + { + _S[i] = (_S[i-1] + Q32); + } + + // + // Phase 3: + // Mix in the user's secret key in 3 passes over the arrays S & L. + // The max of the arrays sizes is used as the loop control + // + int iter; + + if (L.Length > _S.Length) + { + iter = 3 * L.Length; + } + else + { + iter = 3 * _S.Length; + } + + int A = 0; + int B = 0; + int ii = 0, jj = 0; + + for (int k = 0; k < iter; k++) + { + A = _S[ii] = RotateLeft(_S[ii] + A + B, 3); + B = L[jj] = RotateLeft( L[jj] + A + B, A+B); + ii = (ii+1) % _S.Length; + jj = (jj+1) % L.Length; + } + } + + private int EncryptBlock( + byte[] input, + int inOff, + byte[] outBytes, + int outOff) + { + // load A,B,C and D registers from in. + int A = BytesToWord(input, inOff); + int B = BytesToWord(input, inOff + bytesPerWord); + int C = BytesToWord(input, inOff + bytesPerWord*2); + int D = BytesToWord(input, inOff + bytesPerWord*3); + + // Do pseudo-round #0: pre-whitening of B and D + B += _S[0]; + D += _S[1]; + + // perform round #1,#2 ... #ROUNDS of encryption + for (int i = 1; i <= _noRounds; i++) + { + int t = 0,u = 0; + + t = B*(2*B+1); + t = RotateLeft(t,5); + + u = D*(2*D+1); + u = RotateLeft(u,5); + + A ^= t; + A = RotateLeft(A,u); + A += _S[2*i]; + + C ^= u; + C = RotateLeft(C,t); + C += _S[2*i+1]; + + int temp = A; + A = B; + B = C; + C = D; + D = temp; + } + // do pseudo-round #(ROUNDS+1) : post-whitening of A and C + A += _S[2*_noRounds+2]; + C += _S[2*_noRounds+3]; + + // store A, B, C and D registers to out + WordToBytes(A, outBytes, outOff); + WordToBytes(B, outBytes, outOff + bytesPerWord); + WordToBytes(C, outBytes, outOff + bytesPerWord*2); + WordToBytes(D, outBytes, outOff + bytesPerWord*3); + + return 4 * bytesPerWord; + } + + private int DecryptBlock( + byte[] input, + int inOff, + byte[] outBytes, + int outOff) + { + // load A,B,C and D registers from out. + int A = BytesToWord(input, inOff); + int B = BytesToWord(input, inOff + bytesPerWord); + int C = BytesToWord(input, inOff + bytesPerWord*2); + int D = BytesToWord(input, inOff + bytesPerWord*3); + + // Undo pseudo-round #(ROUNDS+1) : post whitening of A and C + C -= _S[2*_noRounds+3]; + A -= _S[2*_noRounds+2]; + + // Undo round #ROUNDS, .., #2,#1 of encryption + for (int i = _noRounds; i >= 1; i--) + { + int t=0,u = 0; + + int temp = D; + D = C; + C = B; + B = A; + A = temp; + + t = B*(2*B+1); + t = RotateLeft(t, LGW); + + u = D*(2*D+1); + u = RotateLeft(u, LGW); + + C -= _S[2*i+1]; + C = RotateRight(C,t); + C ^= u; + + A -= _S[2*i]; + A = RotateRight(A,u); + A ^= t; + + } + // Undo pseudo-round #0: pre-whitening of B and D + D -= _S[1]; + B -= _S[0]; + + WordToBytes(A, outBytes, outOff); + WordToBytes(B, outBytes, outOff + bytesPerWord); + WordToBytes(C, outBytes, outOff + bytesPerWord*2); + WordToBytes(D, outBytes, outOff + bytesPerWord*3); + + return 4 * bytesPerWord; + } + + + ////////////////////////////////////////////////////////////// + // + // PRIVATE Helper Methods + // + ////////////////////////////////////////////////////////////// + + /** + * Perform a left "spin" of the word. The rotation of the given + * word x is rotated left by y bits. + * Only the lg(wordSize) low-order bits of y + * are used to determine the rotation amount. Here it is + * assumed that the wordsize used is a power of 2. + * + * @param x word to rotate + * @param y number of bits to rotate % wordSize + */ + private int RotateLeft(int x, int y) + { + return ((int)((uint)(x << (y & (wordSize-1))) + | ((uint) x >> (wordSize - (y & (wordSize-1)))))); + } + + /** + * Perform a right "spin" of the word. The rotation of the given + * word x is rotated left by y bits. + * Only the lg(wordSize) low-order bits of y + * are used to determine the rotation amount. Here it is + * assumed that the wordsize used is a power of 2. + * + * @param x word to rotate + * @param y number of bits to rotate % wordSize + */ + private int RotateRight(int x, int y) + { + return ((int)(((uint) x >> (y & (wordSize-1))) + | (uint)(x << (wordSize - (y & (wordSize-1)))))); + } + + private int BytesToWord( + byte[] src, + int srcOff) + { + int word = 0; + + for (int i = bytesPerWord - 1; i >= 0; i--) + { + word = (word << 8) + (src[i + srcOff] & 0xff); + } + + return word; + } + + private void WordToBytes( + int word, + byte[] dst, + int dstOff) + { + for (int i = 0; i < bytesPerWord; i++) + { + dst[i + dstOff] = (byte)word; + word = (int) ((uint) word >> 8); + } + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/engines/RFC3211WrapEngine.cs b/BouncyCastle/crypto/src/crypto/engines/RFC3211WrapEngine.cs new file mode 100644 index 0000000..8648014 --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/engines/RFC3211WrapEngine.cs @@ -0,0 +1,179 @@ +using System; + +using Org.BouncyCastle.Crypto.Modes; +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Security; + +namespace Org.BouncyCastle.Crypto.Engines +{ + /** + * an implementation of the RFC 3211 Key Wrap + * Specification. + */ + public class Rfc3211WrapEngine + : IWrapper + { + private CbcBlockCipher engine; + private ParametersWithIV param; + private bool forWrapping; + private SecureRandom rand; + + public Rfc3211WrapEngine( + IBlockCipher engine) + { + this.engine = new CbcBlockCipher(engine); + } + + public virtual void Init( + bool forWrapping, + ICipherParameters param) + { + this.forWrapping = forWrapping; + + if (param is ParametersWithRandom) + { + ParametersWithRandom p = (ParametersWithRandom)param; + + this.rand = p.Random; + this.param = p.Parameters as ParametersWithIV; + } + else + { + if (forWrapping) + { + rand = new SecureRandom(); + } + + this.param = param as ParametersWithIV; + } + + if (null == this.param) + throw new ArgumentException("RFC3211Wrap requires an IV", "param"); + } + + public virtual string AlgorithmName + { + get { return engine.GetUnderlyingCipher().AlgorithmName + "/RFC3211Wrap"; } + } + + public virtual byte[] Wrap( + byte[] inBytes, + int inOff, + int inLen) + { + if (!forWrapping) + throw new InvalidOperationException("not set for wrapping"); + if (inLen > 255 || inLen < 0) + throw new ArgumentException("input must be from 0 to 255 bytes", "inLen"); + + engine.Init(true, param); + + int blockSize = engine.GetBlockSize(); + byte[] cekBlock; + + if (inLen + 4 < blockSize * 2) + { + cekBlock = new byte[blockSize * 2]; + } + else + { + cekBlock = new byte[(inLen + 4) % blockSize == 0 ? inLen + 4 : ((inLen + 4) / blockSize + 1) * blockSize]; + } + + cekBlock[0] = (byte)inLen; + + Array.Copy(inBytes, inOff, cekBlock, 4, inLen); + + rand.NextBytes(cekBlock, inLen + 4, cekBlock.Length - inLen - 4); + + cekBlock[1] = (byte)~cekBlock[4]; + cekBlock[2] = (byte)~cekBlock[4 + 1]; + cekBlock[3] = (byte)~cekBlock[4 + 2]; + + for (int i = 0; i < cekBlock.Length; i += blockSize) + { + engine.ProcessBlock(cekBlock, i, cekBlock, i); + } + + for (int i = 0; i < cekBlock.Length; i += blockSize) + { + engine.ProcessBlock(cekBlock, i, cekBlock, i); + } + + return cekBlock; + } + + public virtual byte[] Unwrap( + byte[] inBytes, + int inOff, + int inLen) + { + if (forWrapping) + { + throw new InvalidOperationException("not set for unwrapping"); + } + + int blockSize = engine.GetBlockSize(); + + if (inLen < 2 * blockSize) + { + throw new InvalidCipherTextException("input too short"); + } + + byte[] cekBlock = new byte[inLen]; + byte[] iv = new byte[blockSize]; + + Array.Copy(inBytes, inOff, cekBlock, 0, inLen); + Array.Copy(inBytes, inOff, iv, 0, iv.Length); + + engine.Init(false, new ParametersWithIV(param.Parameters, iv)); + + for (int i = blockSize; i < cekBlock.Length; i += blockSize) + { + engine.ProcessBlock(cekBlock, i, cekBlock, i); + } + + Array.Copy(cekBlock, cekBlock.Length - iv.Length, iv, 0, iv.Length); + + engine.Init(false, new ParametersWithIV(param.Parameters, iv)); + + engine.ProcessBlock(cekBlock, 0, cekBlock, 0); + + engine.Init(false, param); + + for (int i = 0; i < cekBlock.Length; i += blockSize) + { + engine.ProcessBlock(cekBlock, i, cekBlock, i); + } + + bool invalidLength = (int)cekBlock[0] > (cekBlock.Length - 4); + + byte[] key; + if (invalidLength) + { + key = new byte[cekBlock.Length - 4]; + } + else + { + key = new byte[cekBlock[0]]; + } + + Array.Copy(cekBlock, 4, key, 0, key.Length); + + // Note: Using constant time comparison + int nonEqual = 0; + for (int i = 0; i != 3; i++) + { + byte check = (byte)~cekBlock[1 + i]; + nonEqual |= (check ^ cekBlock[4 + i]); + } + + Array.Clear(cekBlock, 0, cekBlock.Length); + + if (nonEqual != 0 | invalidLength) + throw new InvalidCipherTextException("wrapped key corrupted"); + + return key; + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/engines/RFC3394WrapEngine.cs b/BouncyCastle/crypto/src/crypto/engines/RFC3394WrapEngine.cs new file mode 100644 index 0000000..4bb0e21 --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/engines/RFC3394WrapEngine.cs @@ -0,0 +1,178 @@ +using System; + +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Crypto.Engines +{ + /// + /// An implementation of the AES Key Wrapper from the NIST Key Wrap + /// Specification as described in RFC 3394. + ///

+ /// For further details see: http://www.ietf.org/rfc/rfc3394.txt + /// and http://csrc.nist.gov/encryption/kms/key-wrap.pdf. + /// + public class Rfc3394WrapEngine + : IWrapper + { + private readonly IBlockCipher engine; + + private KeyParameter param; + private bool forWrapping; + + private byte[] iv = + { + 0xa6, 0xa6, 0xa6, 0xa6, + 0xa6, 0xa6, 0xa6, 0xa6 + }; + + public Rfc3394WrapEngine( + IBlockCipher engine) + { + this.engine = engine; + } + + public virtual void Init( + bool forWrapping, + ICipherParameters parameters) + { + this.forWrapping = forWrapping; + + if (parameters is ParametersWithRandom) + { + parameters = ((ParametersWithRandom) parameters).Parameters; + } + + if (parameters is KeyParameter) + { + this.param = (KeyParameter) parameters; + } + else if (parameters is ParametersWithIV) + { + ParametersWithIV pIV = (ParametersWithIV) parameters; + byte[] iv = pIV.GetIV(); + + if (iv.Length != 8) + throw new ArgumentException("IV length not equal to 8", "parameters"); + + this.iv = iv; + this.param = (KeyParameter) pIV.Parameters; + } + else + { + // TODO Throw an exception for bad parameters? + } + } + + public virtual string AlgorithmName + { + get { return engine.AlgorithmName; } + } + + public virtual byte[] Wrap( + byte[] input, + int inOff, + int inLen) + { + if (!forWrapping) + { + throw new InvalidOperationException("not set for wrapping"); + } + + int n = inLen / 8; + + if ((n * 8) != inLen) + { + throw new DataLengthException("wrap data must be a multiple of 8 bytes"); + } + + byte[] block = new byte[inLen + iv.Length]; + byte[] buf = new byte[8 + iv.Length]; + + Array.Copy(iv, 0, block, 0, iv.Length); + Array.Copy(input, inOff, block, iv.Length, inLen); + + engine.Init(true, param); + + for (int j = 0; j != 6; j++) + { + for (int i = 1; i <= n; i++) + { + Array.Copy(block, 0, buf, 0, iv.Length); + Array.Copy(block, 8 * i, buf, iv.Length, 8); + engine.ProcessBlock(buf, 0, buf, 0); + + int t = n * j + i; + for (int k = 1; t != 0; k++) + { + byte v = (byte)t; + + buf[iv.Length - k] ^= v; + t = (int) ((uint)t >> 8); + } + + Array.Copy(buf, 0, block, 0, 8); + Array.Copy(buf, 8, block, 8 * i, 8); + } + } + + return block; + } + + public virtual byte[] Unwrap( + byte[] input, + int inOff, + int inLen) + { + if (forWrapping) + { + throw new InvalidOperationException("not set for unwrapping"); + } + + int n = inLen / 8; + + if ((n * 8) != inLen) + { + throw new InvalidCipherTextException("unwrap data must be a multiple of 8 bytes"); + } + + byte[] block = new byte[inLen - iv.Length]; + byte[] a = new byte[iv.Length]; + byte[] buf = new byte[8 + iv.Length]; + + Array.Copy(input, inOff, a, 0, iv.Length); + Array.Copy(input, inOff + iv.Length, block, 0, inLen - iv.Length); + + engine.Init(false, param); + + n = n - 1; + + for (int j = 5; j >= 0; j--) + { + for (int i = n; i >= 1; i--) + { + Array.Copy(a, 0, buf, 0, iv.Length); + Array.Copy(block, 8 * (i - 1), buf, iv.Length, 8); + + int t = n * j + i; + for (int k = 1; t != 0; k++) + { + byte v = (byte)t; + + buf[iv.Length - k] ^= v; + t = (int) ((uint)t >> 8); + } + + engine.ProcessBlock(buf, 0, buf, 0); + Array.Copy(buf, 0, a, 0, 8); + Array.Copy(buf, 8, block, 8 * (i - 1), 8); + } + } + + if (!Arrays.ConstantTimeAreEqual(a, iv)) + throw new InvalidCipherTextException("checksum failed"); + + return block; + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/engines/RSABlindedEngine.cs b/BouncyCastle/crypto/src/crypto/engines/RSABlindedEngine.cs new file mode 100644 index 0000000..637bf3c --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/engines/RSABlindedEngine.cs @@ -0,0 +1,155 @@ +using System; + +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Math; +using Org.BouncyCastle.Security; +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Crypto.Engines +{ + /** + * this does your basic RSA algorithm with blinding + */ + public class RsaBlindedEngine + : IAsymmetricBlockCipher + { + private readonly IRsa core; + + private RsaKeyParameters key; + private SecureRandom random; + + public RsaBlindedEngine() + : this(new RsaCoreEngine()) + { + } + + public RsaBlindedEngine(IRsa rsa) + { + this.core = rsa; + } + + public virtual string AlgorithmName + { + get { return "RSA"; } + } + + /** + * initialise the RSA engine. + * + * @param forEncryption true if we are encrypting, false otherwise. + * @param param the necessary RSA key parameters. + */ + public virtual void Init( + bool forEncryption, + ICipherParameters param) + { + core.Init(forEncryption, param); + + if (param is ParametersWithRandom) + { + ParametersWithRandom rParam = (ParametersWithRandom)param; + + this.key = (RsaKeyParameters)rParam.Parameters; + + if (key is RsaPrivateCrtKeyParameters) + { + this.random = rParam.Random; + } + else + { + this.random = null; + } + } + else + { + this.key = (RsaKeyParameters)param; + + if (key is RsaPrivateCrtKeyParameters) + { + this.random = new SecureRandom(); + } + else + { + this.random = null; + } + } + } + + /** + * Return the maximum size for an input block to this engine. + * For RSA this is always one byte less than the key size on + * encryption, and the same length as the key size on decryption. + * + * @return maximum size for an input block. + */ + public virtual int GetInputBlockSize() + { + return core.GetInputBlockSize(); + } + + /** + * Return the maximum size for an output block to this engine. + * For RSA this is always one byte less than the key size on + * decryption, and the same length as the key size on encryption. + * + * @return maximum size for an output block. + */ + public virtual int GetOutputBlockSize() + { + return core.GetOutputBlockSize(); + } + + /** + * Process a single block using the basic RSA algorithm. + * + * @param inBuf the input array. + * @param inOff the offset into the input buffer where the data starts. + * @param inLen the length of the data to be processed. + * @return the result of the RSA process. + * @exception DataLengthException the input block is too large. + */ + public virtual byte[] ProcessBlock( + byte[] inBuf, + int inOff, + int inLen) + { + if (key == null) + throw new InvalidOperationException("RSA engine not initialised"); + + BigInteger input = core.ConvertInput(inBuf, inOff, inLen); + + BigInteger result; + if (key is RsaPrivateCrtKeyParameters) + { + RsaPrivateCrtKeyParameters k = (RsaPrivateCrtKeyParameters)key; + BigInteger e = k.PublicExponent; + if (e != null) // can't do blinding without a public exponent + { + BigInteger m = k.Modulus; + BigInteger r = BigIntegers.CreateRandomInRange( + BigInteger.One, m.Subtract(BigInteger.One), random); + + BigInteger blindedInput = r.ModPow(e, m).Multiply(input).Mod(m); + BigInteger blindedResult = core.ProcessBlock(blindedInput); + + BigInteger rInv = BigIntegers.ModOddInverse(m, r); + result = blindedResult.Multiply(rInv).Mod(m); + + // defence against Arjen Lenstras CRT attack + if (!input.Equals(result.ModPow(e, m))) + throw new InvalidOperationException("RSA engine faulty decryption/signing detected"); + } + else + { + result = core.ProcessBlock(input); + } + } + else + { + result = core.ProcessBlock(input); + } + + return core.ConvertOutput(result); + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/engines/RSABlindingEngine.cs b/BouncyCastle/crypto/src/crypto/engines/RSABlindingEngine.cs new file mode 100644 index 0000000..11bb8d9 --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/engines/RSABlindingEngine.cs @@ -0,0 +1,150 @@ +using System; + +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Math; +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Crypto.Engines +{ + /** + * This does your basic RSA Chaum's blinding and unblinding as outlined in + * "Handbook of Applied Cryptography", page 475. You need to use this if you are + * trying to get another party to generate signatures without them being aware + * of the message they are signing. + */ + public class RsaBlindingEngine + : IAsymmetricBlockCipher + { + private readonly IRsa core; + + private RsaKeyParameters key; + private BigInteger blindingFactor; + + private bool forEncryption; + + public RsaBlindingEngine() + : this(new RsaCoreEngine()) + { + } + + public RsaBlindingEngine(IRsa rsa) + { + this.core = rsa; + } + + public virtual string AlgorithmName + { + get { return "RSA"; } + } + + /** + * Initialise the blinding engine. + * + * @param forEncryption true if we are encrypting (blinding), false otherwise. + * @param param the necessary RSA key parameters. + */ + public virtual void Init( + bool forEncryption, + ICipherParameters param) + { + RsaBlindingParameters p; + + if (param is ParametersWithRandom) + { + ParametersWithRandom rParam = (ParametersWithRandom)param; + + p = (RsaBlindingParameters)rParam.Parameters; + } + else + { + p = (RsaBlindingParameters)param; + } + + core.Init(forEncryption, p.PublicKey); + + this.forEncryption = forEncryption; + this.key = p.PublicKey; + this.blindingFactor = p.BlindingFactor; + } + + /** + * Return the maximum size for an input block to this engine. + * For RSA this is always one byte less than the key size on + * encryption, and the same length as the key size on decryption. + * + * @return maximum size for an input block. + */ + public virtual int GetInputBlockSize() + { + return core.GetInputBlockSize(); + } + + /** + * Return the maximum size for an output block to this engine. + * For RSA this is always one byte less than the key size on + * decryption, and the same length as the key size on encryption. + * + * @return maximum size for an output block. + */ + public virtual int GetOutputBlockSize() + { + return core.GetOutputBlockSize(); + } + + /** + * Process a single block using the RSA blinding algorithm. + * + * @param in the input array. + * @param inOff the offset into the input buffer where the data starts. + * @param inLen the length of the data to be processed. + * @return the result of the RSA process. + * @throws DataLengthException the input block is too large. + */ + public virtual byte[] ProcessBlock( + byte[] inBuf, + int inOff, + int inLen) + { + BigInteger msg = core.ConvertInput(inBuf, inOff, inLen); + + if (forEncryption) + { + msg = BlindMessage(msg); + } + else + { + msg = UnblindMessage(msg); + } + + return core.ConvertOutput(msg); + } + + /* + * Blind message with the blind factor. + */ + private BigInteger BlindMessage( + BigInteger msg) + { + BigInteger blindMsg = blindingFactor; + blindMsg = msg.Multiply(blindMsg.ModPow(key.Exponent, key.Modulus)); + blindMsg = blindMsg.Mod(key.Modulus); + + return blindMsg; + } + + /* + * Unblind the message blinded with the blind factor. + */ + private BigInteger UnblindMessage( + BigInteger blindedMsg) + { + BigInteger m = key.Modulus; + BigInteger msg = blindedMsg; + BigInteger blindFactorInverse = BigIntegers.ModOddInverse(m, blindingFactor); + msg = msg.Multiply(blindFactorInverse); + msg = msg.Mod(m); + + return msg; + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/engines/RSACoreEngine.cs b/BouncyCastle/crypto/src/crypto/engines/RSACoreEngine.cs new file mode 100644 index 0000000..5f6e98e --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/engines/RSACoreEngine.cs @@ -0,0 +1,173 @@ +using System; + +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Math; +using Org.BouncyCastle.Security; + +namespace Org.BouncyCastle.Crypto.Engines +{ + /** + * this does your basic RSA algorithm. + */ + public class RsaCoreEngine + : IRsa + { + private RsaKeyParameters key; + private bool forEncryption; + private int bitSize; + + private void CheckInitialised() + { + if (key == null) + throw new InvalidOperationException("RSA engine not initialised"); + } + + /** + * initialise the RSA engine. + * + * @param forEncryption true if we are encrypting, false otherwise. + * @param param the necessary RSA key parameters. + */ + public virtual void Init( + bool forEncryption, + ICipherParameters parameters) + { + if (parameters is ParametersWithRandom) + { + parameters = ((ParametersWithRandom) parameters).Parameters; + } + + if (!(parameters is RsaKeyParameters)) + throw new InvalidKeyException("Not an RSA key"); + + this.key = (RsaKeyParameters) parameters; + this.forEncryption = forEncryption; + this.bitSize = key.Modulus.BitLength; + } + + /** + * Return the maximum size for an input block to this engine. + * For RSA this is always one byte less than the key size on + * encryption, and the same length as the key size on decryption. + * + * @return maximum size for an input block. + */ + public virtual int GetInputBlockSize() + { + CheckInitialised(); + + if (forEncryption) + { + return (bitSize - 1) / 8; + } + + return (bitSize + 7) / 8; + } + + /** + * Return the maximum size for an output block to this engine. + * For RSA this is always one byte less than the key size on + * decryption, and the same length as the key size on encryption. + * + * @return maximum size for an output block. + */ + public virtual int GetOutputBlockSize() + { + CheckInitialised(); + + if (forEncryption) + { + return (bitSize + 7) / 8; + } + + return (bitSize - 1) / 8; + } + + public virtual BigInteger ConvertInput( + byte[] inBuf, + int inOff, + int inLen) + { + CheckInitialised(); + + int maxLength = (bitSize + 7) / 8; + + if (inLen > maxLength) + throw new DataLengthException("input too large for RSA cipher."); + + BigInteger input = new BigInteger(1, inBuf, inOff, inLen); + + if (input.CompareTo(key.Modulus) >= 0) + throw new DataLengthException("input too large for RSA cipher."); + + return input; + } + + public virtual byte[] ConvertOutput( + BigInteger result) + { + CheckInitialised(); + + byte[] output = result.ToByteArrayUnsigned(); + + if (forEncryption) + { + int outSize = GetOutputBlockSize(); + + // TODO To avoid this, create version of BigInteger.ToByteArray that + // writes to an existing array + if (output.Length < outSize) // have ended up with less bytes than normal, lengthen + { + byte[] tmp = new byte[outSize]; + output.CopyTo(tmp, tmp.Length - output.Length); + output = tmp; + } + } + + return output; + } + + public virtual BigInteger ProcessBlock( + BigInteger input) + { + CheckInitialised(); + + if (key is RsaPrivateCrtKeyParameters) + { + // + // we have the extra factors, use the Chinese Remainder Theorem - the author + // wishes to express his thanks to Dirk Bonekaemper at rtsffm.com for + // advice regarding the expression of this. + // + RsaPrivateCrtKeyParameters crtKey = (RsaPrivateCrtKeyParameters)key; + + BigInteger p = crtKey.P; + BigInteger q = crtKey.Q; + BigInteger dP = crtKey.DP; + BigInteger dQ = crtKey.DQ; + BigInteger qInv = crtKey.QInv; + + BigInteger mP, mQ, h, m; + + // mP = ((input Mod p) ^ dP)) Mod p + mP = (input.Remainder(p)).ModPow(dP, p); + + // mQ = ((input Mod q) ^ dQ)) Mod q + mQ = (input.Remainder(q)).ModPow(dQ, q); + + // h = qInv * (mP - mQ) Mod p + h = mP.Subtract(mQ); + h = h.Multiply(qInv); + h = h.Mod(p); // Mod (in Java) returns the positive residual + + // m = h * q + mQ + m = h.Multiply(q); + m = m.Add(mQ); + + return m; + } + + return input.ModPow(key.Exponent, key.Modulus); + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/engines/RijndaelEngine.cs b/BouncyCastle/crypto/src/crypto/engines/RijndaelEngine.cs new file mode 100644 index 0000000..7025cb5 --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/engines/RijndaelEngine.cs @@ -0,0 +1,738 @@ +using System; + +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Crypto.Engines +{ + /** + * an implementation of Rijndael, based on the documentation and reference implementation + * by Paulo Barreto, Vincent Rijmen, for v2.0 August '99. + *

+ * Note: this implementation is based on information prior to readonly NIST publication. + *

+ */ + public class RijndaelEngine + : IBlockCipher + { + private static readonly int MAXROUNDS = 14; + + private static readonly int MAXKC = (256/4); + + private static readonly byte[] Logtable = + { + 0, 0, 25, 1, 50, 2, 26, 198, + 75, 199, 27, 104, 51, 238, 223, 3, + 100, 4, 224, 14, 52, 141, 129, 239, + 76, 113, 8, 200, 248, 105, 28, 193, + 125, 194, 29, 181, 249, 185, 39, 106, + 77, 228, 166, 114, 154, 201, 9, 120, + 101, 47, 138, 5, 33, 15, 225, 36, + 18, 240, 130, 69, 53, 147, 218, 142, + 150, 143, 219, 189, 54, 208, 206, 148, + 19, 92, 210, 241, 64, 70, 131, 56, + 102, 221, 253, 48, 191, 6, 139, 98, + 179, 37, 226, 152, 34, 136, 145, 16, + 126, 110, 72, 195, 163, 182, 30, 66, + 58, 107, 40, 84, 250, 133, 61, 186, + 43, 121, 10, 21, 155, 159, 94, 202, + 78, 212, 172, 229, 243, 115, 167, 87, + 175, 88, 168, 80, 244, 234, 214, 116, + 79, 174, 233, 213, 231, 230, 173, 232, + 44, 215, 117, 122, 235, 22, 11, 245, + 89, 203, 95, 176, 156, 169, 81, 160, + 127, 12, 246, 111, 23, 196, 73, 236, + 216, 67, 31, 45, 164, 118, 123, 183, + 204, 187, 62, 90, 251, 96, 177, 134, + 59, 82, 161, 108, 170, 85, 41, 157, + 151, 178, 135, 144, 97, 190, 220, 252, + 188, 149, 207, 205, 55, 63, 91, 209, + 83, 57, 132, 60, 65, 162, 109, 71, + 20, 42, 158, 93, 86, 242, 211, 171, + 68, 17, 146, 217, 35, 32, 46, 137, + 180, 124, 184, 38, 119, 153, 227, 165, + 103, 74, 237, 222, 197, 49, 254, 24, + 13, 99, 140, 128, 192, 247, 112, 7 + }; + + private static readonly byte[] Alogtable = + { + 0, 3, 5, 15, 17, 51, 85, 255, 26, 46, 114, 150, 161, 248, 19, 53, + 95, 225, 56, 72, 216, 115, 149, 164, 247, 2, 6, 10, 30, 34, 102, 170, + 229, 52, 92, 228, 55, 89, 235, 38, 106, 190, 217, 112, 144, 171, 230, 49, + 83, 245, 4, 12, 20, 60, 68, 204, 79, 209, 104, 184, 211, 110, 178, 205, + 76, 212, 103, 169, 224, 59, 77, 215, 98, 166, 241, 8, 24, 40, 120, 136, + 131, 158, 185, 208, 107, 189, 220, 127, 129, 152, 179, 206, 73, 219, 118, 154, + 181, 196, 87, 249, 16, 48, 80, 240, 11, 29, 39, 105, 187, 214, 97, 163, + 254, 25, 43, 125, 135, 146, 173, 236, 47, 113, 147, 174, 233, 32, 96, 160, + 251, 22, 58, 78, 210, 109, 183, 194, 93, 231, 50, 86, 250, 21, 63, 65, + 195, 94, 226, 61, 71, 201, 64, 192, 91, 237, 44, 116, 156, 191, 218, 117, + 159, 186, 213, 100, 172, 239, 42, 126, 130, 157, 188, 223, 122, 142, 137, 128, + 155, 182, 193, 88, 232, 35, 101, 175, 234, 37, 111, 177, 200, 67, 197, 84, + 252, 31, 33, 99, 165, 244, 7, 9, 27, 45, 119, 153, 176, 203, 70, 202, + 69, 207, 74, 222, 121, 139, 134, 145, 168, 227, 62, 66, 198, 81, 243, 14, + 18, 54, 90, 238, 41, 123, 141, 140, 143, 138, 133, 148, 167, 242, 13, 23, + 57, 75, 221, 124, 132, 151, 162, 253, 28, 36, 108, 180, 199, 82, 246, 1, + 3, 5, 15, 17, 51, 85, 255, 26, 46, 114, 150, 161, 248, 19, 53, + 95, 225, 56, 72, 216, 115, 149, 164, 247, 2, 6, 10, 30, 34, 102, 170, + 229, 52, 92, 228, 55, 89, 235, 38, 106, 190, 217, 112, 144, 171, 230, 49, + 83, 245, 4, 12, 20, 60, 68, 204, 79, 209, 104, 184, 211, 110, 178, 205, + 76, 212, 103, 169, 224, 59, 77, 215, 98, 166, 241, 8, 24, 40, 120, 136, + 131, 158, 185, 208, 107, 189, 220, 127, 129, 152, 179, 206, 73, 219, 118, 154, + 181, 196, 87, 249, 16, 48, 80, 240, 11, 29, 39, 105, 187, 214, 97, 163, + 254, 25, 43, 125, 135, 146, 173, 236, 47, 113, 147, 174, 233, 32, 96, 160, + 251, 22, 58, 78, 210, 109, 183, 194, 93, 231, 50, 86, 250, 21, 63, 65, + 195, 94, 226, 61, 71, 201, 64, 192, 91, 237, 44, 116, 156, 191, 218, 117, + 159, 186, 213, 100, 172, 239, 42, 126, 130, 157, 188, 223, 122, 142, 137, 128, + 155, 182, 193, 88, 232, 35, 101, 175, 234, 37, 111, 177, 200, 67, 197, 84, + 252, 31, 33, 99, 165, 244, 7, 9, 27, 45, 119, 153, 176, 203, 70, 202, + 69, 207, 74, 222, 121, 139, 134, 145, 168, 227, 62, 66, 198, 81, 243, 14, + 18, 54, 90, 238, 41, 123, 141, 140, 143, 138, 133, 148, 167, 242, 13, 23, + 57, 75, 221, 124, 132, 151, 162, 253, 28, 36, 108, 180, 199, 82, 246, 1, + }; + + private static readonly byte[] S = + { + 99, 124, 119, 123, 242, 107, 111, 197, 48, 1, 103, 43, 254, 215, 171, 118, + 202, 130, 201, 125, 250, 89, 71, 240, 173, 212, 162, 175, 156, 164, 114, 192, + 183, 253, 147, 38, 54, 63, 247, 204, 52, 165, 229, 241, 113, 216, 49, 21, + 4, 199, 35, 195, 24, 150, 5, 154, 7, 18, 128, 226, 235, 39, 178, 117, + 9, 131, 44, 26, 27, 110, 90, 160, 82, 59, 214, 179, 41, 227, 47, 132, + 83, 209, 0, 237, 32, 252, 177, 91, 106, 203, 190, 57, 74, 76, 88, 207, + 208, 239, 170, 251, 67, 77, 51, 133, 69, 249, 2, 127, 80, 60, 159, 168, + 81, 163, 64, 143, 146, 157, 56, 245, 188, 182, 218, 33, 16, 255, 243, 210, + 205, 12, 19, 236, 95, 151, 68, 23, 196, 167, 126, 61, 100, 93, 25, 115, + 96, 129, 79, 220, 34, 42, 144, 136, 70, 238, 184, 20, 222, 94, 11, 219, + 224, 50, 58, 10, 73, 6, 36, 92, 194, 211, 172, 98, 145, 149, 228, 121, + 231, 200, 55, 109, 141, 213, 78, 169, 108, 86, 244, 234, 101, 122, 174, 8, + 186, 120, 37, 46, 28, 166, 180, 198, 232, 221, 116, 31, 75, 189, 139, 138, + 112, 62, 181, 102, 72, 3, 246, 14, 97, 53, 87, 185, 134, 193, 29, 158, + 225, 248, 152, 17, 105, 217, 142, 148, 155, 30, 135, 233, 206, 85, 40, 223, + 140, 161, 137, 13, 191, 230, 66, 104, 65, 153, 45, 15, 176, 84, 187, 22, + }; + + private static readonly byte[] Si = + { + 82, 9, 106, 213, 48, 54, 165, 56, 191, 64, 163, 158, 129, 243, 215, 251, + 124, 227, 57, 130, 155, 47, 255, 135, 52, 142, 67, 68, 196, 222, 233, 203, + 84, 123, 148, 50, 166, 194, 35, 61, 238, 76, 149, 11, 66, 250, 195, 78, + 8, 46, 161, 102, 40, 217, 36, 178, 118, 91, 162, 73, 109, 139, 209, 37, + 114, 248, 246, 100, 134, 104, 152, 22, 212, 164, 92, 204, 93, 101, 182, 146, + 108, 112, 72, 80, 253, 237, 185, 218, 94, 21, 70, 87, 167, 141, 157, 132, + 144, 216, 171, 0, 140, 188, 211, 10, 247, 228, 88, 5, 184, 179, 69, 6, + 208, 44, 30, 143, 202, 63, 15, 2, 193, 175, 189, 3, 1, 19, 138, 107, + 58, 145, 17, 65, 79, 103, 220, 234, 151, 242, 207, 206, 240, 180, 230, 115, + 150, 172, 116, 34, 231, 173, 53, 133, 226, 249, 55, 232, 28, 117, 223, 110, + 71, 241, 26, 113, 29, 41, 197, 137, 111, 183, 98, 14, 170, 24, 190, 27, + 252, 86, 62, 75, 198, 210, 121, 32, 154, 219, 192, 254, 120, 205, 90, 244, + 31, 221, 168, 51, 136, 7, 199, 49, 177, 18, 16, 89, 39, 128, 236, 95, + 96, 81, 127, 169, 25, 181, 74, 13, 45, 229, 122, 159, 147, 201, 156, 239, + 160, 224, 59, 77, 174, 42, 245, 176, 200, 235, 187, 60, 131, 83, 153, 97, + 23, 43, 4, 126, 186, 119, 214, 38, 225, 105, 20, 99, 85, 33, 12, 125, + }; + + private static readonly byte[] rcon = + { + 0x01, 0x02, 0x04, 0x08, 0x10, 0x20, 0x40, 0x80, 0x1b, 0x36, 0x6c, 0xd8, 0xab, 0x4d, 0x9a, + 0x2f, 0x5e, 0xbc, 0x63, 0xc6, 0x97, 0x35, 0x6a, 0xd4, 0xb3, 0x7d, 0xfa, 0xef, 0xc5, 0x91 + }; + + static readonly byte[][] shifts0 = new byte [][] + { + new byte[]{ 0, 8, 16, 24 }, + new byte[]{ 0, 8, 16, 24 }, + new byte[]{ 0, 8, 16, 24 }, + new byte[]{ 0, 8, 16, 32 }, + new byte[]{ 0, 8, 24, 32 } + }; + + static readonly byte[][] shifts1 = + { + new byte[]{ 0, 24, 16, 8 }, + new byte[]{ 0, 32, 24, 16 }, + new byte[]{ 0, 40, 32, 24 }, + new byte[]{ 0, 48, 40, 24 }, + new byte[]{ 0, 56, 40, 32 } + }; + + /** + * multiply two elements of GF(2^m) + * needed for MixColumn and InvMixColumn + */ + private byte Mul0x2( + int b) + { + if (b != 0) + { + return Alogtable[25 + (Logtable[b] & 0xff)]; + } + else + { + return 0; + } + } + + private byte Mul0x3( + int b) + { + if (b != 0) + { + return Alogtable[1 + (Logtable[b] & 0xff)]; + } + else + { + return 0; + } + } + + private byte Mul0x9( + int b) + { + if (b >= 0) + { + return Alogtable[199 + b]; + } + else + { + return 0; + } + } + + private byte Mul0xb( + int b) + { + if (b >= 0) + { + return Alogtable[104 + b]; + } + else + { + return 0; + } + } + + private byte Mul0xd( + int b) + { + if (b >= 0) + { + return Alogtable[238 + b]; + } + else + { + return 0; + } + } + + private byte Mul0xe( + int b) + { + if (b >= 0) + { + return Alogtable[223 + b]; + } + else + { + return 0; + } + } + + /** + * xor corresponding text input and round key input bytes + */ + private void KeyAddition( + long[] rk) + { + A0 ^= rk[0]; + A1 ^= rk[1]; + A2 ^= rk[2]; + A3 ^= rk[3]; + } + + private long Shift( + long r, + int shift) + { + //return (((long)((ulong) r >> shift) | (r << (BC - shift)))) & BC_MASK; + + ulong temp = (ulong) r >> shift; + + // NB: This corrects for Mono Bug #79087 (fixed in 1.1.17) + if (shift > 31) + { + temp &= 0xFFFFFFFFUL; + } + + return ((long) temp | (r << (BC - shift))) & BC_MASK; + } + + /** + * Row 0 remains unchanged + * The other three rows are shifted a variable amount + */ + private void ShiftRow( + byte[] shiftsSC) + { + A1 = Shift(A1, shiftsSC[1]); + A2 = Shift(A2, shiftsSC[2]); + A3 = Shift(A3, shiftsSC[3]); + } + + private long ApplyS( + long r, + byte[] box) + { + long res = 0; + + for (int j = 0; j < BC; j += 8) + { + res |= (long)(box[(int)((r >> j) & 0xff)] & 0xff) << j; + } + + return res; + } + + /** + * Replace every byte of the input by the byte at that place + * in the nonlinear S-box + */ + private void Substitution( + byte[] box) + { + A0 = ApplyS(A0, box); + A1 = ApplyS(A1, box); + A2 = ApplyS(A2, box); + A3 = ApplyS(A3, box); + } + + /** + * Mix the bytes of every column in a linear way + */ + private void MixColumn() + { + long r0, r1, r2, r3; + + r0 = r1 = r2 = r3 = 0; + + for (int j = 0; j < BC; j += 8) + { + int a0 = (int)((A0 >> j) & 0xff); + int a1 = (int)((A1 >> j) & 0xff); + int a2 = (int)((A2 >> j) & 0xff); + int a3 = (int)((A3 >> j) & 0xff); + + r0 |= (long)((Mul0x2(a0) ^ Mul0x3(a1) ^ a2 ^ a3) & 0xff) << j; + + r1 |= (long)((Mul0x2(a1) ^ Mul0x3(a2) ^ a3 ^ a0) & 0xff) << j; + + r2 |= (long)((Mul0x2(a2) ^ Mul0x3(a3) ^ a0 ^ a1) & 0xff) << j; + + r3 |= (long)((Mul0x2(a3) ^ Mul0x3(a0) ^ a1 ^ a2) & 0xff) << j; + } + + A0 = r0; + A1 = r1; + A2 = r2; + A3 = r3; + } + + /** + * Mix the bytes of every column in a linear way + * This is the opposite operation of Mixcolumn + */ + private void InvMixColumn() + { + long r0, r1, r2, r3; + + r0 = r1 = r2 = r3 = 0; + for (int j = 0; j < BC; j += 8) + { + int a0 = (int)((A0 >> j) & 0xff); + int a1 = (int)((A1 >> j) & 0xff); + int a2 = (int)((A2 >> j) & 0xff); + int a3 = (int)((A3 >> j) & 0xff); + + // + // pre-lookup the log table + // + a0 = (a0 != 0) ? (Logtable[a0 & 0xff] & 0xff) : -1; + a1 = (a1 != 0) ? (Logtable[a1 & 0xff] & 0xff) : -1; + a2 = (a2 != 0) ? (Logtable[a2 & 0xff] & 0xff) : -1; + a3 = (a3 != 0) ? (Logtable[a3 & 0xff] & 0xff) : -1; + + r0 |= (long)((Mul0xe(a0) ^ Mul0xb(a1) ^ Mul0xd(a2) ^ Mul0x9(a3)) & 0xff) << j; + + r1 |= (long)((Mul0xe(a1) ^ Mul0xb(a2) ^ Mul0xd(a3) ^ Mul0x9(a0)) & 0xff) << j; + + r2 |= (long)((Mul0xe(a2) ^ Mul0xb(a3) ^ Mul0xd(a0) ^ Mul0x9(a1)) & 0xff) << j; + + r3 |= (long)((Mul0xe(a3) ^ Mul0xb(a0) ^ Mul0xd(a1) ^ Mul0x9(a2)) & 0xff) << j; + } + + A0 = r0; + A1 = r1; + A2 = r2; + A3 = r3; + } + + /** + * Calculate the necessary round keys + * The number of calculations depends on keyBits and blockBits + */ + private long[][] GenerateWorkingKey( + byte[] key) + { + int KC; + int t, rconpointer = 0; + int keyBits = key.Length * 8; + byte[,] tk = new byte[4,MAXKC]; + //long[,] W = new long[MAXROUNDS+1,4]; + long[][] W = new long[MAXROUNDS+1][]; + + for (int i = 0; i < MAXROUNDS+1; i++) W[i] = new long[4]; + + switch (keyBits) + { + case 128: + KC = 4; + break; + case 160: + KC = 5; + break; + case 192: + KC = 6; + break; + case 224: + KC = 7; + break; + case 256: + KC = 8; + break; + default : + throw new ArgumentException("Key length not 128/160/192/224/256 bits."); + } + + if (keyBits >= blockBits) + { + ROUNDS = KC + 6; + } + else + { + ROUNDS = (BC / 8) + 6; + } + + // + // copy the key into the processing area + // + int index = 0; + + for (int i = 0; i < key.Length; i++) + { + tk[i % 4,i / 4] = key[index++]; + } + + t = 0; + + // + // copy values into round key array + // + for (int j = 0; (j < KC) && (t < (ROUNDS+1)*(BC / 8)); j++, t++) + { + for (int i = 0; i < 4; i++) + { + W[t / (BC / 8)][i] |= (long)(tk[i,j] & 0xff) << ((t * 8) % BC); + } + } + + // + // while not enough round key material calculated + // calculate new values + // + while (t < (ROUNDS+1)*(BC/8)) + { + for (int i = 0; i < 4; i++) + { + tk[i,0] ^= S[tk[(i+1)%4,KC-1] & 0xff]; + } + tk[0,0] ^= (byte) rcon[rconpointer++]; + + if (KC <= 6) + { + for (int j = 1; j < KC; j++) + { + for (int i = 0; i < 4; i++) + { + tk[i,j] ^= tk[i,j-1]; + } + } + } + else + { + for (int j = 1; j < 4; j++) + { + for (int i = 0; i < 4; i++) + { + tk[i,j] ^= tk[i,j-1]; + } + } + for (int i = 0; i < 4; i++) + { + tk[i,4] ^= S[tk[i,3] & 0xff]; + } + for (int j = 5; j < KC; j++) + { + for (int i = 0; i < 4; i++) + { + tk[i,j] ^= tk[i,j-1]; + } + } + } + + // + // copy values into round key array + // + for (int j = 0; (j < KC) && (t < (ROUNDS+1)*(BC/8)); j++, t++) + { + for (int i = 0; i < 4; i++) + { + W[t / (BC/8)][i] |= (long)(tk[i,j] & 0xff) << ((t * 8) % (BC)); + } + } + } + return W; + } + + private int BC; + private long BC_MASK; + private int ROUNDS; + private int blockBits; + private long[][] workingKey; + private long A0, A1, A2, A3; + private bool forEncryption; + private byte[] shifts0SC; + private byte[] shifts1SC; + + /** + * default constructor - 128 bit block size. + */ + public RijndaelEngine() : this(128) {} + + /** + * basic constructor - set the cipher up for a given blocksize + * + * @param blocksize the blocksize in bits, must be 128, 192, or 256. + */ + public RijndaelEngine( + int blockBits) + { + switch (blockBits) + { + case 128: + BC = 32; + BC_MASK = 0xffffffffL; + shifts0SC = shifts0[0]; + shifts1SC = shifts1[0]; + break; + case 160: + BC = 40; + BC_MASK = 0xffffffffffL; + shifts0SC = shifts0[1]; + shifts1SC = shifts1[1]; + break; + case 192: + BC = 48; + BC_MASK = 0xffffffffffffL; + shifts0SC = shifts0[2]; + shifts1SC = shifts1[2]; + break; + case 224: + BC = 56; + BC_MASK = 0xffffffffffffffL; + shifts0SC = shifts0[3]; + shifts1SC = shifts1[3]; + break; + case 256: + BC = 64; + BC_MASK = unchecked( (long)0xffffffffffffffffL); + shifts0SC = shifts0[4]; + shifts1SC = shifts1[4]; + break; + default: + throw new ArgumentException("unknown blocksize to Rijndael"); + } + + this.blockBits = blockBits; + } + + /** + * initialise a Rijndael cipher. + * + * @param forEncryption whether or not we are for encryption. + * @param parameters the parameters required to set up the cipher. + * @exception ArgumentException if the parameters argument is + * inappropriate. + */ + public virtual void Init( + bool forEncryption, + ICipherParameters parameters) + { + if (typeof(KeyParameter).IsInstanceOfType(parameters)) + { + workingKey = GenerateWorkingKey(((KeyParameter)parameters).GetKey()); + this.forEncryption = forEncryption; + return; + } + + throw new ArgumentException("invalid parameter passed to Rijndael init - " + Platform.GetTypeName(parameters)); + } + + public virtual string AlgorithmName + { + get { return "Rijndael"; } + } + + public virtual bool IsPartialBlockOkay + { + get { return false; } + } + + public virtual int GetBlockSize() + { + return BC / 2; + } + + public virtual int ProcessBlock( + byte[] input, + int inOff, + byte[] output, + int outOff) + { + if (workingKey == null) + throw new InvalidOperationException("Rijndael engine not initialised"); + + Check.DataLength(input, inOff, (BC / 2), "input buffer too short"); + Check.OutputLength(output, outOff, (BC / 2), "output buffer too short"); + + UnPackBlock(input, inOff); + + if (forEncryption) + { + EncryptBlock(workingKey); + } + else + { + DecryptBlock(workingKey); + } + + PackBlock(output, outOff); + + return BC / 2; + } + + public virtual void Reset() + { + } + + private void UnPackBlock( + byte[] bytes, + int off) + { + int index = off; + + A0 = (long)(bytes[index++] & 0xff); + A1 = (long)(bytes[index++] & 0xff); + A2 = (long)(bytes[index++] & 0xff); + A3 = (long)(bytes[index++] & 0xff); + + for (int j = 8; j != BC; j += 8) + { + A0 |= (long)(bytes[index++] & 0xff) << j; + A1 |= (long)(bytes[index++] & 0xff) << j; + A2 |= (long)(bytes[index++] & 0xff) << j; + A3 |= (long)(bytes[index++] & 0xff) << j; + } + } + + private void PackBlock( + byte[] bytes, + int off) + { + int index = off; + + for (int j = 0; j != BC; j += 8) + { + bytes[index++] = (byte)(A0 >> j); + bytes[index++] = (byte)(A1 >> j); + bytes[index++] = (byte)(A2 >> j); + bytes[index++] = (byte)(A3 >> j); + } + } + + private void EncryptBlock( + long[][] rk) + { + int r; + + // + // begin with a key addition + // + KeyAddition(rk[0]); + + // + // ROUNDS-1 ordinary rounds + // + for (r = 1; r < ROUNDS; r++) + { + Substitution(S); + ShiftRow(shifts0SC); + MixColumn(); + KeyAddition(rk[r]); + } + + // + // Last round is special: there is no MixColumn + // + Substitution(S); + ShiftRow(shifts0SC); + KeyAddition(rk[ROUNDS]); + } + + private void DecryptBlock( + long[][] rk) + { + int r; + + // To decrypt: apply the inverse operations of the encrypt routine, + // in opposite order + // + // (KeyAddition is an involution: it 's equal to its inverse) + // (the inverse of Substitution with table S is Substitution with the inverse table of S) + // (the inverse of Shiftrow is Shiftrow over a suitable distance) + // + + // First the special round: + // without InvMixColumn + // with extra KeyAddition + // + KeyAddition(rk[ROUNDS]); + Substitution(Si); + ShiftRow(shifts1SC); + + // + // ROUNDS-1 ordinary rounds + // + for (r = ROUNDS-1; r > 0; r--) + { + KeyAddition(rk[r]); + InvMixColumn(); + Substitution(Si); + ShiftRow(shifts1SC); + } + + // + // End with the extra key addition + // + KeyAddition(rk[0]); + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/engines/RsaEngine.cs b/BouncyCastle/crypto/src/crypto/engines/RsaEngine.cs new file mode 100644 index 0000000..95bfb23 --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/engines/RsaEngine.cs @@ -0,0 +1,86 @@ +using System; + +using Org.BouncyCastle.Math; + +namespace Org.BouncyCastle.Crypto.Engines +{ + /** + * this does your basic RSA algorithm. + */ + public class RsaEngine + : IAsymmetricBlockCipher + { + private readonly IRsa core; + + public RsaEngine() + : this(new RsaCoreEngine()) + { + } + + public RsaEngine(IRsa rsa) + { + this.core = rsa; + } + + public virtual string AlgorithmName + { + get { return "RSA"; } + } + + /** + * initialise the RSA engine. + * + * @param forEncryption true if we are encrypting, false otherwise. + * @param param the necessary RSA key parameters. + */ + public virtual void Init( + bool forEncryption, + ICipherParameters parameters) + { + core.Init(forEncryption, parameters); + } + + /** + * Return the maximum size for an input block to this engine. + * For RSA this is always one byte less than the key size on + * encryption, and the same length as the key size on decryption. + * + * @return maximum size for an input block. + */ + public virtual int GetInputBlockSize() + { + return core.GetInputBlockSize(); + } + + /** + * Return the maximum size for an output block to this engine. + * For RSA this is always one byte less than the key size on + * decryption, and the same length as the key size on encryption. + * + * @return maximum size for an output block. + */ + public virtual int GetOutputBlockSize() + { + return core.GetOutputBlockSize(); + } + + /** + * Process a single block using the basic RSA algorithm. + * + * @param inBuf the input array. + * @param inOff the offset into the input buffer where the data starts. + * @param inLen the length of the data to be processed. + * @return the result of the RSA process. + * @exception DataLengthException the input block is too large. + */ + public virtual byte[] ProcessBlock( + byte[] inBuf, + int inOff, + int inLen) + { + BigInteger input = core.ConvertInput(inBuf, inOff, inLen); + BigInteger output = core.ProcessBlock(input); + return core.ConvertOutput(output); + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/engines/SEEDEngine.cs b/BouncyCastle/crypto/src/crypto/engines/SEEDEngine.cs new file mode 100644 index 0000000..d4142c8 --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/engines/SEEDEngine.cs @@ -0,0 +1,363 @@ +using System; +using Org.BouncyCastle.Crypto.Parameters; + +namespace Org.BouncyCastle.Crypto.Engines +{ + /** + * Implementation of the SEED algorithm as described in RFC 4009 + */ + public class SeedEngine + : IBlockCipher + { + private const int BlockSize = 16; + + private static readonly uint[] SS0 = + { + 0x2989a1a8, 0x05858184, 0x16c6d2d4, 0x13c3d3d0, 0x14445054, 0x1d0d111c, 0x2c8ca0ac, 0x25052124, + 0x1d4d515c, 0x03434340, 0x18081018, 0x1e0e121c, 0x11415150, 0x3cccf0fc, 0x0acac2c8, 0x23436360, + 0x28082028, 0x04444044, 0x20002020, 0x1d8d919c, 0x20c0e0e0, 0x22c2e2e0, 0x08c8c0c8, 0x17071314, + 0x2585a1a4, 0x0f8f838c, 0x03030300, 0x3b4b7378, 0x3b8bb3b8, 0x13031310, 0x12c2d2d0, 0x2ecee2ec, + 0x30407070, 0x0c8c808c, 0x3f0f333c, 0x2888a0a8, 0x32023230, 0x1dcdd1dc, 0x36c6f2f4, 0x34447074, + 0x2ccce0ec, 0x15859194, 0x0b0b0308, 0x17475354, 0x1c4c505c, 0x1b4b5358, 0x3d8db1bc, 0x01010100, + 0x24042024, 0x1c0c101c, 0x33437370, 0x18889098, 0x10001010, 0x0cccc0cc, 0x32c2f2f0, 0x19c9d1d8, + 0x2c0c202c, 0x27c7e3e4, 0x32427270, 0x03838380, 0x1b8b9398, 0x11c1d1d0, 0x06868284, 0x09c9c1c8, + 0x20406060, 0x10405050, 0x2383a3a0, 0x2bcbe3e8, 0x0d0d010c, 0x3686b2b4, 0x1e8e929c, 0x0f4f434c, + 0x3787b3b4, 0x1a4a5258, 0x06c6c2c4, 0x38487078, 0x2686a2a4, 0x12021210, 0x2f8fa3ac, 0x15c5d1d4, + 0x21416160, 0x03c3c3c0, 0x3484b0b4, 0x01414140, 0x12425250, 0x3d4d717c, 0x0d8d818c, 0x08080008, + 0x1f0f131c, 0x19899198, 0x00000000, 0x19091118, 0x04040004, 0x13435350, 0x37c7f3f4, 0x21c1e1e0, + 0x3dcdf1fc, 0x36467274, 0x2f0f232c, 0x27072324, 0x3080b0b0, 0x0b8b8388, 0x0e0e020c, 0x2b8ba3a8, + 0x2282a2a0, 0x2e4e626c, 0x13839390, 0x0d4d414c, 0x29496168, 0x3c4c707c, 0x09090108, 0x0a0a0208, + 0x3f8fb3bc, 0x2fcfe3ec, 0x33c3f3f0, 0x05c5c1c4, 0x07878384, 0x14041014, 0x3ecef2fc, 0x24446064, + 0x1eced2dc, 0x2e0e222c, 0x0b4b4348, 0x1a0a1218, 0x06060204, 0x21012120, 0x2b4b6368, 0x26466264, + 0x02020200, 0x35c5f1f4, 0x12829290, 0x0a8a8288, 0x0c0c000c, 0x3383b3b0, 0x3e4e727c, 0x10c0d0d0, + 0x3a4a7278, 0x07474344, 0x16869294, 0x25c5e1e4, 0x26062224, 0x00808080, 0x2d8da1ac, 0x1fcfd3dc, + 0x2181a1a0, 0x30003030, 0x37073334, 0x2e8ea2ac, 0x36063234, 0x15051114, 0x22022220, 0x38083038, + 0x34c4f0f4, 0x2787a3a4, 0x05454144, 0x0c4c404c, 0x01818180, 0x29c9e1e8, 0x04848084, 0x17879394, + 0x35053134, 0x0bcbc3c8, 0x0ecec2cc, 0x3c0c303c, 0x31417170, 0x11011110, 0x07c7c3c4, 0x09898188, + 0x35457174, 0x3bcbf3f8, 0x1acad2d8, 0x38c8f0f8, 0x14849094, 0x19495158, 0x02828280, 0x04c4c0c4, + 0x3fcff3fc, 0x09494148, 0x39093138, 0x27476364, 0x00c0c0c0, 0x0fcfc3cc, 0x17c7d3d4, 0x3888b0b8, + 0x0f0f030c, 0x0e8e828c, 0x02424240, 0x23032320, 0x11819190, 0x2c4c606c, 0x1bcbd3d8, 0x2484a0a4, + 0x34043034, 0x31c1f1f0, 0x08484048, 0x02c2c2c0, 0x2f4f636c, 0x3d0d313c, 0x2d0d212c, 0x00404040, + 0x3e8eb2bc, 0x3e0e323c, 0x3c8cb0bc, 0x01c1c1c0, 0x2a8aa2a8, 0x3a8ab2b8, 0x0e4e424c, 0x15455154, + 0x3b0b3338, 0x1cccd0dc, 0x28486068, 0x3f4f737c, 0x1c8c909c, 0x18c8d0d8, 0x0a4a4248, 0x16465254, + 0x37477374, 0x2080a0a0, 0x2dcde1ec, 0x06464244, 0x3585b1b4, 0x2b0b2328, 0x25456164, 0x3acaf2f8, + 0x23c3e3e0, 0x3989b1b8, 0x3181b1b0, 0x1f8f939c, 0x1e4e525c, 0x39c9f1f8, 0x26c6e2e4, 0x3282b2b0, + 0x31013130, 0x2acae2e8, 0x2d4d616c, 0x1f4f535c, 0x24c4e0e4, 0x30c0f0f0, 0x0dcdc1cc, 0x08888088, + 0x16061214, 0x3a0a3238, 0x18485058, 0x14c4d0d4, 0x22426260, 0x29092128, 0x07070304, 0x33033330, + 0x28c8e0e8, 0x1b0b1318, 0x05050104, 0x39497178, 0x10809090, 0x2a4a6268, 0x2a0a2228, 0x1a8a9298 + }; + + private static readonly uint[] SS1 = + { + 0x38380830, 0xe828c8e0, 0x2c2d0d21, 0xa42686a2, 0xcc0fcfc3, 0xdc1eced2, 0xb03383b3, 0xb83888b0, + 0xac2f8fa3, 0x60204060, 0x54154551, 0xc407c7c3, 0x44044440, 0x6c2f4f63, 0x682b4b63, 0x581b4b53, + 0xc003c3c3, 0x60224262, 0x30330333, 0xb43585b1, 0x28290921, 0xa02080a0, 0xe022c2e2, 0xa42787a3, + 0xd013c3d3, 0x90118191, 0x10110111, 0x04060602, 0x1c1c0c10, 0xbc3c8cb0, 0x34360632, 0x480b4b43, + 0xec2fcfe3, 0x88088880, 0x6c2c4c60, 0xa82888a0, 0x14170713, 0xc404c4c0, 0x14160612, 0xf434c4f0, + 0xc002c2c2, 0x44054541, 0xe021c1e1, 0xd416c6d2, 0x3c3f0f33, 0x3c3d0d31, 0x8c0e8e82, 0x98188890, + 0x28280820, 0x4c0e4e42, 0xf436c6f2, 0x3c3e0e32, 0xa42585a1, 0xf839c9f1, 0x0c0d0d01, 0xdc1fcfd3, + 0xd818c8d0, 0x282b0b23, 0x64264662, 0x783a4a72, 0x24270723, 0x2c2f0f23, 0xf031c1f1, 0x70324272, + 0x40024242, 0xd414c4d0, 0x40014141, 0xc000c0c0, 0x70334373, 0x64274763, 0xac2c8ca0, 0x880b8b83, + 0xf437c7f3, 0xac2d8da1, 0x80008080, 0x1c1f0f13, 0xc80acac2, 0x2c2c0c20, 0xa82a8aa2, 0x34340430, + 0xd012c2d2, 0x080b0b03, 0xec2ecee2, 0xe829c9e1, 0x5c1d4d51, 0x94148490, 0x18180810, 0xf838c8f0, + 0x54174753, 0xac2e8ea2, 0x08080800, 0xc405c5c1, 0x10130313, 0xcc0dcdc1, 0x84068682, 0xb83989b1, + 0xfc3fcff3, 0x7c3d4d71, 0xc001c1c1, 0x30310131, 0xf435c5f1, 0x880a8a82, 0x682a4a62, 0xb03181b1, + 0xd011c1d1, 0x20200020, 0xd417c7d3, 0x00020202, 0x20220222, 0x04040400, 0x68284860, 0x70314171, + 0x04070703, 0xd81bcbd3, 0x9c1d8d91, 0x98198991, 0x60214161, 0xbc3e8eb2, 0xe426c6e2, 0x58194951, + 0xdc1dcdd1, 0x50114151, 0x90108090, 0xdc1cccd0, 0x981a8a92, 0xa02383a3, 0xa82b8ba3, 0xd010c0d0, + 0x80018181, 0x0c0f0f03, 0x44074743, 0x181a0a12, 0xe023c3e3, 0xec2ccce0, 0x8c0d8d81, 0xbc3f8fb3, + 0x94168692, 0x783b4b73, 0x5c1c4c50, 0xa02282a2, 0xa02181a1, 0x60234363, 0x20230323, 0x4c0d4d41, + 0xc808c8c0, 0x9c1e8e92, 0x9c1c8c90, 0x383a0a32, 0x0c0c0c00, 0x2c2e0e22, 0xb83a8ab2, 0x6c2e4e62, + 0x9c1f8f93, 0x581a4a52, 0xf032c2f2, 0x90128292, 0xf033c3f3, 0x48094941, 0x78384870, 0xcc0cccc0, + 0x14150511, 0xf83bcbf3, 0x70304070, 0x74354571, 0x7c3f4f73, 0x34350531, 0x10100010, 0x00030303, + 0x64244460, 0x6c2d4d61, 0xc406c6c2, 0x74344470, 0xd415c5d1, 0xb43484b0, 0xe82acae2, 0x08090901, + 0x74364672, 0x18190911, 0xfc3ecef2, 0x40004040, 0x10120212, 0xe020c0e0, 0xbc3d8db1, 0x04050501, + 0xf83acaf2, 0x00010101, 0xf030c0f0, 0x282a0a22, 0x5c1e4e52, 0xa82989a1, 0x54164652, 0x40034343, + 0x84058581, 0x14140410, 0x88098981, 0x981b8b93, 0xb03080b0, 0xe425c5e1, 0x48084840, 0x78394971, + 0x94178793, 0xfc3cccf0, 0x1c1e0e12, 0x80028282, 0x20210121, 0x8c0c8c80, 0x181b0b13, 0x5c1f4f53, + 0x74374773, 0x54144450, 0xb03282b2, 0x1c1d0d11, 0x24250521, 0x4c0f4f43, 0x00000000, 0x44064642, + 0xec2dcde1, 0x58184850, 0x50124252, 0xe82bcbe3, 0x7c3e4e72, 0xd81acad2, 0xc809c9c1, 0xfc3dcdf1, + 0x30300030, 0x94158591, 0x64254561, 0x3c3c0c30, 0xb43686b2, 0xe424c4e0, 0xb83b8bb3, 0x7c3c4c70, + 0x0c0e0e02, 0x50104050, 0x38390931, 0x24260622, 0x30320232, 0x84048480, 0x68294961, 0x90138393, + 0x34370733, 0xe427c7e3, 0x24240420, 0xa42484a0, 0xc80bcbc3, 0x50134353, 0x080a0a02, 0x84078783, + 0xd819c9d1, 0x4c0c4c40, 0x80038383, 0x8c0f8f83, 0xcc0ecec2, 0x383b0b33, 0x480a4a42, 0xb43787b3 + }; + + private static readonly uint[] SS2 = + { + + 0xa1a82989, 0x81840585, 0xd2d416c6, 0xd3d013c3, 0x50541444, 0x111c1d0d, 0xa0ac2c8c, 0x21242505, + 0x515c1d4d, 0x43400343, 0x10181808, 0x121c1e0e, 0x51501141, 0xf0fc3ccc, 0xc2c80aca, 0x63602343, + 0x20282808, 0x40440444, 0x20202000, 0x919c1d8d, 0xe0e020c0, 0xe2e022c2, 0xc0c808c8, 0x13141707, + 0xa1a42585, 0x838c0f8f, 0x03000303, 0x73783b4b, 0xb3b83b8b, 0x13101303, 0xd2d012c2, 0xe2ec2ece, + 0x70703040, 0x808c0c8c, 0x333c3f0f, 0xa0a82888, 0x32303202, 0xd1dc1dcd, 0xf2f436c6, 0x70743444, + 0xe0ec2ccc, 0x91941585, 0x03080b0b, 0x53541747, 0x505c1c4c, 0x53581b4b, 0xb1bc3d8d, 0x01000101, + 0x20242404, 0x101c1c0c, 0x73703343, 0x90981888, 0x10101000, 0xc0cc0ccc, 0xf2f032c2, 0xd1d819c9, + 0x202c2c0c, 0xe3e427c7, 0x72703242, 0x83800383, 0x93981b8b, 0xd1d011c1, 0x82840686, 0xc1c809c9, + 0x60602040, 0x50501040, 0xa3a02383, 0xe3e82bcb, 0x010c0d0d, 0xb2b43686, 0x929c1e8e, 0x434c0f4f, + 0xb3b43787, 0x52581a4a, 0xc2c406c6, 0x70783848, 0xa2a42686, 0x12101202, 0xa3ac2f8f, 0xd1d415c5, + 0x61602141, 0xc3c003c3, 0xb0b43484, 0x41400141, 0x52501242, 0x717c3d4d, 0x818c0d8d, 0x00080808, + 0x131c1f0f, 0x91981989, 0x00000000, 0x11181909, 0x00040404, 0x53501343, 0xf3f437c7, 0xe1e021c1, + 0xf1fc3dcd, 0x72743646, 0x232c2f0f, 0x23242707, 0xb0b03080, 0x83880b8b, 0x020c0e0e, 0xa3a82b8b, + 0xa2a02282, 0x626c2e4e, 0x93901383, 0x414c0d4d, 0x61682949, 0x707c3c4c, 0x01080909, 0x02080a0a, + 0xb3bc3f8f, 0xe3ec2fcf, 0xf3f033c3, 0xc1c405c5, 0x83840787, 0x10141404, 0xf2fc3ece, 0x60642444, + 0xd2dc1ece, 0x222c2e0e, 0x43480b4b, 0x12181a0a, 0x02040606, 0x21202101, 0x63682b4b, 0x62642646, + 0x02000202, 0xf1f435c5, 0x92901282, 0x82880a8a, 0x000c0c0c, 0xb3b03383, 0x727c3e4e, 0xd0d010c0, + 0x72783a4a, 0x43440747, 0x92941686, 0xe1e425c5, 0x22242606, 0x80800080, 0xa1ac2d8d, 0xd3dc1fcf, + 0xa1a02181, 0x30303000, 0x33343707, 0xa2ac2e8e, 0x32343606, 0x11141505, 0x22202202, 0x30383808, + 0xf0f434c4, 0xa3a42787, 0x41440545, 0x404c0c4c, 0x81800181, 0xe1e829c9, 0x80840484, 0x93941787, + 0x31343505, 0xc3c80bcb, 0xc2cc0ece, 0x303c3c0c, 0x71703141, 0x11101101, 0xc3c407c7, 0x81880989, + 0x71743545, 0xf3f83bcb, 0xd2d81aca, 0xf0f838c8, 0x90941484, 0x51581949, 0x82800282, 0xc0c404c4, + 0xf3fc3fcf, 0x41480949, 0x31383909, 0x63642747, 0xc0c000c0, 0xc3cc0fcf, 0xd3d417c7, 0xb0b83888, + 0x030c0f0f, 0x828c0e8e, 0x42400242, 0x23202303, 0x91901181, 0x606c2c4c, 0xd3d81bcb, 0xa0a42484, + 0x30343404, 0xf1f031c1, 0x40480848, 0xc2c002c2, 0x636c2f4f, 0x313c3d0d, 0x212c2d0d, 0x40400040, + 0xb2bc3e8e, 0x323c3e0e, 0xb0bc3c8c, 0xc1c001c1, 0xa2a82a8a, 0xb2b83a8a, 0x424c0e4e, 0x51541545, + 0x33383b0b, 0xd0dc1ccc, 0x60682848, 0x737c3f4f, 0x909c1c8c, 0xd0d818c8, 0x42480a4a, 0x52541646, + 0x73743747, 0xa0a02080, 0xe1ec2dcd, 0x42440646, 0xb1b43585, 0x23282b0b, 0x61642545, 0xf2f83aca, + 0xe3e023c3, 0xb1b83989, 0xb1b03181, 0x939c1f8f, 0x525c1e4e, 0xf1f839c9, 0xe2e426c6, 0xb2b03282, + 0x31303101, 0xe2e82aca, 0x616c2d4d, 0x535c1f4f, 0xe0e424c4, 0xf0f030c0, 0xc1cc0dcd, 0x80880888, + 0x12141606, 0x32383a0a, 0x50581848, 0xd0d414c4, 0x62602242, 0x21282909, 0x03040707, 0x33303303, + 0xe0e828c8, 0x13181b0b, 0x01040505, 0x71783949, 0x90901080, 0x62682a4a, 0x22282a0a, 0x92981a8a + }; + + private static readonly uint[] SS3 = + { + + 0x08303838, 0xc8e0e828, 0x0d212c2d, 0x86a2a426, 0xcfc3cc0f, 0xced2dc1e, 0x83b3b033, 0x88b0b838, + 0x8fa3ac2f, 0x40606020, 0x45515415, 0xc7c3c407, 0x44404404, 0x4f636c2f, 0x4b63682b, 0x4b53581b, + 0xc3c3c003, 0x42626022, 0x03333033, 0x85b1b435, 0x09212829, 0x80a0a020, 0xc2e2e022, 0x87a3a427, + 0xc3d3d013, 0x81919011, 0x01111011, 0x06020406, 0x0c101c1c, 0x8cb0bc3c, 0x06323436, 0x4b43480b, + 0xcfe3ec2f, 0x88808808, 0x4c606c2c, 0x88a0a828, 0x07131417, 0xc4c0c404, 0x06121416, 0xc4f0f434, + 0xc2c2c002, 0x45414405, 0xc1e1e021, 0xc6d2d416, 0x0f333c3f, 0x0d313c3d, 0x8e828c0e, 0x88909818, + 0x08202828, 0x4e424c0e, 0xc6f2f436, 0x0e323c3e, 0x85a1a425, 0xc9f1f839, 0x0d010c0d, 0xcfd3dc1f, + 0xc8d0d818, 0x0b23282b, 0x46626426, 0x4a72783a, 0x07232427, 0x0f232c2f, 0xc1f1f031, 0x42727032, + 0x42424002, 0xc4d0d414, 0x41414001, 0xc0c0c000, 0x43737033, 0x47636427, 0x8ca0ac2c, 0x8b83880b, + 0xc7f3f437, 0x8da1ac2d, 0x80808000, 0x0f131c1f, 0xcac2c80a, 0x0c202c2c, 0x8aa2a82a, 0x04303434, + 0xc2d2d012, 0x0b03080b, 0xcee2ec2e, 0xc9e1e829, 0x4d515c1d, 0x84909414, 0x08101818, 0xc8f0f838, + 0x47535417, 0x8ea2ac2e, 0x08000808, 0xc5c1c405, 0x03131013, 0xcdc1cc0d, 0x86828406, 0x89b1b839, + 0xcff3fc3f, 0x4d717c3d, 0xc1c1c001, 0x01313031, 0xc5f1f435, 0x8a82880a, 0x4a62682a, 0x81b1b031, + 0xc1d1d011, 0x00202020, 0xc7d3d417, 0x02020002, 0x02222022, 0x04000404, 0x48606828, 0x41717031, + 0x07030407, 0xcbd3d81b, 0x8d919c1d, 0x89919819, 0x41616021, 0x8eb2bc3e, 0xc6e2e426, 0x49515819, + 0xcdd1dc1d, 0x41515011, 0x80909010, 0xccd0dc1c, 0x8a92981a, 0x83a3a023, 0x8ba3a82b, 0xc0d0d010, + 0x81818001, 0x0f030c0f, 0x47434407, 0x0a12181a, 0xc3e3e023, 0xcce0ec2c, 0x8d818c0d, 0x8fb3bc3f, + 0x86929416, 0x4b73783b, 0x4c505c1c, 0x82a2a022, 0x81a1a021, 0x43636023, 0x03232023, 0x4d414c0d, + 0xc8c0c808, 0x8e929c1e, 0x8c909c1c, 0x0a32383a, 0x0c000c0c, 0x0e222c2e, 0x8ab2b83a, 0x4e626c2e, + 0x8f939c1f, 0x4a52581a, 0xc2f2f032, 0x82929012, 0xc3f3f033, 0x49414809, 0x48707838, 0xccc0cc0c, + 0x05111415, 0xcbf3f83b, 0x40707030, 0x45717435, 0x4f737c3f, 0x05313435, 0x00101010, 0x03030003, + 0x44606424, 0x4d616c2d, 0xc6c2c406, 0x44707434, 0xc5d1d415, 0x84b0b434, 0xcae2e82a, 0x09010809, + 0x46727436, 0x09111819, 0xcef2fc3e, 0x40404000, 0x02121012, 0xc0e0e020, 0x8db1bc3d, 0x05010405, + 0xcaf2f83a, 0x01010001, 0xc0f0f030, 0x0a22282a, 0x4e525c1e, 0x89a1a829, 0x46525416, 0x43434003, + 0x85818405, 0x04101414, 0x89818809, 0x8b93981b, 0x80b0b030, 0xc5e1e425, 0x48404808, 0x49717839, + 0x87939417, 0xccf0fc3c, 0x0e121c1e, 0x82828002, 0x01212021, 0x8c808c0c, 0x0b13181b, 0x4f535c1f, + 0x47737437, 0x44505414, 0x82b2b032, 0x0d111c1d, 0x05212425, 0x4f434c0f, 0x00000000, 0x46424406, + 0xcde1ec2d, 0x48505818, 0x42525012, 0xcbe3e82b, 0x4e727c3e, 0xcad2d81a, 0xc9c1c809, 0xcdf1fc3d, + 0x00303030, 0x85919415, 0x45616425, 0x0c303c3c, 0x86b2b436, 0xc4e0e424, 0x8bb3b83b, 0x4c707c3c, + 0x0e020c0e, 0x40505010, 0x09313839, 0x06222426, 0x02323032, 0x84808404, 0x49616829, 0x83939013, + 0x07333437, 0xc7e3e427, 0x04202424, 0x84a0a424, 0xcbc3c80b, 0x43535013, 0x0a02080a, 0x87838407, + 0xc9d1d819, 0x4c404c0c, 0x83838003, 0x8f838c0f, 0xcec2cc0e, 0x0b33383b, 0x4a42480a, 0x87b3b437 + }; + + private static readonly uint[] KC = + { + 0x9e3779b9, 0x3c6ef373, 0x78dde6e6, 0xf1bbcdcc, + 0xe3779b99, 0xc6ef3733, 0x8dde6e67, 0x1bbcdccf, + 0x3779b99e, 0x6ef3733c, 0xdde6e678, 0xbbcdccf1, + 0x779b99e3, 0xef3733c6, 0xde6e678d, 0xbcdccf1b + }; + + private int[] wKey; + private bool forEncryption; + + public virtual void Init( + bool forEncryption, + ICipherParameters parameters) + { + this.forEncryption = forEncryption; + wKey = createWorkingKey(((KeyParameter)parameters).GetKey()); + } + + public virtual string AlgorithmName + { + get { return "SEED"; } + } + + public virtual bool IsPartialBlockOkay + { + get { return false; } + } + + public virtual int GetBlockSize() + { + return BlockSize; + } + + public virtual int ProcessBlock( + byte[] inBuf, + int inOff, + byte[] outBuf, + int outOff) + { + if (wKey == null) + throw new InvalidOperationException("SEED engine not initialised"); + + Check.DataLength(inBuf, inOff, BlockSize, "input buffer too short"); + Check.OutputLength(outBuf, outOff, BlockSize, "output buffer too short"); + + long l = bytesToLong(inBuf, inOff + 0); + long r = bytesToLong(inBuf, inOff + 8); + + if (forEncryption) + { + for (int i = 0; i < 16; i++) + { + long nl = r; + + r = l ^ F(wKey[2 * i], wKey[(2 * i) + 1], r); + l = nl; + } + } + else + { + for (int i = 15; i >= 0; i--) + { + long nl = r; + + r = l ^ F(wKey[2 * i], wKey[(2 * i) + 1], r); + l = nl; + } + } + + longToBytes(outBuf, outOff + 0, r); + longToBytes(outBuf, outOff + 8, l); + + return BlockSize; + } + + public virtual void Reset() + { + } + + private int[] createWorkingKey( + byte[] inKey) + { + if (inKey.Length != 16) + throw new ArgumentException("key size must be 128 bits"); + + int[] key = new int[32]; + long lower = bytesToLong(inKey, 0); + long upper = bytesToLong(inKey, 8); + + int key0 = extractW0(lower); + int key1 = extractW1(lower); + int key2 = extractW0(upper); + int key3 = extractW1(upper); + + for (int i = 0; i < 16; i++) + { + key[2 * i] = G(key0 + key2 - (int)KC[i]); + key[2 * i + 1] = G(key1 - key3 + (int)KC[i]); + + if (i % 2 == 0) + { + lower = rotateRight8(lower); + key0 = extractW0(lower); + key1 = extractW1(lower); + } + else + { + upper = rotateLeft8(upper); + key2 = extractW0(upper); + key3 = extractW1(upper); + } + } + + return key; + } + + private int extractW1( + long lVal) + { + return (int)lVal; + } + + private int extractW0( + long lVal) + { + return (int)(lVal >> 32); + } + + private long rotateLeft8( + long x) + { + return (x << 8) | ((long)((ulong) x >> 56)); + } + + private long rotateRight8( + long x) + { + return ((long)((ulong) x >> 8)) | (x << 56); + } + + private long bytesToLong( + byte[] src, + int srcOff) + { + long word = 0; + + for (int i = 0; i <= 7; i++) + { + word = (word << 8) + (src[i + srcOff] & 0xff); + } + + return word; + } + + private void longToBytes( + byte[] dest, + int destOff, + long value) + { + for (int i = 0; i < 8; i++) + { + dest[i + destOff] = (byte)(value >> ((7 - i) * 8)); + } + } + + private int G( + int x) + { + return (int)(SS0[x & 0xff] ^ SS1[(x >> 8) & 0xff] ^ SS2[(x >> 16) & 0xff] ^ SS3[(x >> 24) & 0xff]); + } + + private long F( + int ki0, + int ki1, + long r) + { + int r0 = (int)(r >> 32); + int r1 = (int)r; + int rd1 = phaseCalc2(r0, ki0, r1, ki1); + int rd0 = rd1 + phaseCalc1(r0, ki0, r1, ki1); + + return ((long)rd0 << 32) | (rd1 & 0xffffffffL); + } + + private int phaseCalc1( + int r0, + int ki0, + int r1, + int ki1) + { + return G(G((r0 ^ ki0) ^ (r1 ^ ki1)) + (r0 ^ ki0)); + } + + private int phaseCalc2( + int r0, + int ki0, + int r1, + int ki1) + { + return G(phaseCalc1(r0, ki0, r1, ki1) + G((r0 ^ ki0) ^ (r1 ^ ki1))); + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/engines/SEEDWrapEngine.cs b/BouncyCastle/crypto/src/crypto/engines/SEEDWrapEngine.cs new file mode 100644 index 0000000..6b71f94 --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/engines/SEEDWrapEngine.cs @@ -0,0 +1,16 @@ +namespace Org.BouncyCastle.Crypto.Engines +{ + /// + /// An implementation of the SEED key wrapper based on RFC 4010/RFC 3394. + ///

+ /// For further details see: http://www.ietf.org/rfc/rfc4010.txt. + /// + public class SeedWrapEngine + : Rfc3394WrapEngine + { + public SeedWrapEngine() + : base(new SeedEngine()) + { + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/engines/SM2Engine.cs b/BouncyCastle/crypto/src/crypto/engines/SM2Engine.cs new file mode 100644 index 0000000..ab7e9cd --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/engines/SM2Engine.cs @@ -0,0 +1,238 @@ +using System; + +using Org.BouncyCastle.Crypto.Digests; +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Crypto.Utilities; +using Org.BouncyCastle.Math; +using Org.BouncyCastle.Math.EC; +using Org.BouncyCastle.Math.EC.Multiplier; +using Org.BouncyCastle.Security; +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Crypto.Engines +{ + ///

+ /// SM2 public key encryption engine - based on https://tools.ietf.org/html/draft-shen-sm2-ecdsa-02. + /// + public class SM2Engine + { + private readonly IDigest mDigest; + + private bool mForEncryption; + private ECKeyParameters mECKey; + private ECDomainParameters mECParams; + private int mCurveLength; + private SecureRandom mRandom; + + public SM2Engine() + : this(new SM3Digest()) + { + } + + public SM2Engine(IDigest digest) + { + this.mDigest = digest; + } + + public virtual void Init(bool forEncryption, ICipherParameters param) + { + this.mForEncryption = forEncryption; + + if (forEncryption) + { + ParametersWithRandom rParam = (ParametersWithRandom)param; + + mECKey = (ECKeyParameters)rParam.Parameters; + mECParams = mECKey.Parameters; + + ECPoint s = ((ECPublicKeyParameters)mECKey).Q.Multiply(mECParams.H); + if (s.IsInfinity) + throw new ArgumentException("invalid key: [h]Q at infinity"); + + mRandom = rParam.Random; + } + else + { + mECKey = (ECKeyParameters)param; + mECParams = mECKey.Parameters; + } + + mCurveLength = (mECParams.Curve.FieldSize + 7) / 8; + } + + public virtual byte[] ProcessBlock(byte[] input, int inOff, int inLen) + { + if (mForEncryption) + { + return Encrypt(input, inOff, inLen); + } + else + { + return Decrypt(input, inOff, inLen); + } + } + + protected virtual ECMultiplier CreateBasePointMultiplier() + { + return new FixedPointCombMultiplier(); + } + + private byte[] Encrypt(byte[] input, int inOff, int inLen) + { + byte[] c2 = new byte[inLen]; + + Array.Copy(input, inOff, c2, 0, c2.Length); + + ECMultiplier multiplier = CreateBasePointMultiplier(); + + byte[] c1; + ECPoint kPB; + do + { + BigInteger k = NextK(); + + ECPoint c1P = multiplier.Multiply(mECParams.G, k).Normalize(); + + c1 = c1P.GetEncoded(false); + + kPB = ((ECPublicKeyParameters)mECKey).Q.Multiply(k).Normalize(); + + Kdf(mDigest, kPB, c2); + } + while (NotEncrypted(c2, input, inOff)); + + AddFieldElement(mDigest, kPB.AffineXCoord); + mDigest.BlockUpdate(input, inOff, inLen); + AddFieldElement(mDigest, kPB.AffineYCoord); + + byte[] c3 = DigestUtilities.DoFinal(mDigest); + + return Arrays.ConcatenateAll(c1, c2, c3); + } + + private byte[] Decrypt(byte[] input, int inOff, int inLen) + { + byte[] c1 = new byte[mCurveLength * 2 + 1]; + + Array.Copy(input, inOff, c1, 0, c1.Length); + + ECPoint c1P = mECParams.Curve.DecodePoint(c1); + + ECPoint s = c1P.Multiply(mECParams.H); + if (s.IsInfinity) + throw new InvalidCipherTextException("[h]C1 at infinity"); + + c1P = c1P.Multiply(((ECPrivateKeyParameters)mECKey).D).Normalize(); + + byte[] c2 = new byte[inLen - c1.Length - mDigest.GetDigestSize()]; + + Array.Copy(input, inOff + c1.Length, c2, 0, c2.Length); + + Kdf(mDigest, c1P, c2); + + AddFieldElement(mDigest, c1P.AffineXCoord); + mDigest.BlockUpdate(c2, 0, c2.Length); + AddFieldElement(mDigest, c1P.AffineYCoord); + + byte[] c3 = DigestUtilities.DoFinal(mDigest); + + int check = 0; + for (int i = 0; i != c3.Length; i++) + { + check |= c3[i] ^ input[inOff + c1.Length + c2.Length + i]; + } + + Arrays.Fill(c1, 0); + Arrays.Fill(c3, 0); + + if (check != 0) + { + Arrays.Fill(c2, 0); + throw new InvalidCipherTextException("invalid cipher text"); + } + + return c2; + } + + private bool NotEncrypted(byte[] encData, byte[] input, int inOff) + { + for (int i = 0; i != encData.Length; i++) + { + if (encData[i] != input[inOff + i]) + { + return false; + } + } + + return true; + } + + private void Kdf(IDigest digest, ECPoint c1, byte[] encData) + { + int digestSize = digest.GetDigestSize(); + byte[] buf = new byte[System.Math.Max(4, digestSize)]; + int off = 0; + + IMemoable memo = digest as IMemoable; + IMemoable copy = null; + + if (memo != null) + { + AddFieldElement(digest, c1.AffineXCoord); + AddFieldElement(digest, c1.AffineYCoord); + copy = memo.Copy(); + } + + uint ct = 0; + + while (off < encData.Length) + { + if (memo != null) + { + memo.Reset(copy); + } + else + { + AddFieldElement(digest, c1.AffineXCoord); + AddFieldElement(digest, c1.AffineYCoord); + } + + Pack.UInt32_To_BE(++ct, buf, 0); + digest.BlockUpdate(buf, 0, 4); + digest.DoFinal(buf, 0); + + int xorLen = System.Math.Min(digestSize, encData.Length - off); + Xor(encData, buf, off, xorLen); + off += xorLen; + } + } + + private void Xor(byte[] data, byte[] kdfOut, int dOff, int dRemaining) + { + for (int i = 0; i != dRemaining; i++) + { + data[dOff + i] ^= kdfOut[i]; + } + } + + private BigInteger NextK() + { + int qBitLength = mECParams.N.BitLength; + + BigInteger k; + do + { + k = new BigInteger(qBitLength, mRandom); + } + while (k.SignValue == 0 || k.CompareTo(mECParams.N) >= 0); + + return k; + } + + private void AddFieldElement(IDigest digest, ECFieldElement v) + { + byte[] p = v.GetEncoded(); + digest.BlockUpdate(p, 0, p.Length); + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/engines/SM4Engine.cs b/BouncyCastle/crypto/src/crypto/engines/SM4Engine.cs new file mode 100644 index 0000000..7477b07 --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/engines/SM4Engine.cs @@ -0,0 +1,189 @@ +using System; + +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Crypto.Utilities; +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Crypto.Engines +{ + /// SM4 Block Cipher - SM4 is a 128 bit block cipher with a 128 bit key. + /// + /// The implementation here is based on the document http://eprint.iacr.org/2008/329.pdf + /// by Whitfield Diffie and George Ledin, which is a translation of Prof. LU Shu-wang's original standard. + /// + public class SM4Engine + : IBlockCipher + { + private const int BlockSize = 16; + + private static readonly byte[] Sbox = + { + 0xd6, 0x90, 0xe9, 0xfe, 0xcc, 0xe1, 0x3d, 0xb7, 0x16, 0xb6, 0x14, 0xc2, 0x28, 0xfb, 0x2c, 0x05, + 0x2b, 0x67, 0x9a, 0x76, 0x2a, 0xbe, 0x04, 0xc3, 0xaa, 0x44, 0x13, 0x26, 0x49, 0x86, 0x06, 0x99, + 0x9c, 0x42, 0x50, 0xf4, 0x91, 0xef, 0x98, 0x7a, 0x33, 0x54, 0x0b, 0x43, 0xed, 0xcf, 0xac, 0x62, + 0xe4, 0xb3, 0x1c, 0xa9, 0xc9, 0x08, 0xe8, 0x95, 0x80, 0xdf, 0x94, 0xfa, 0x75, 0x8f, 0x3f, 0xa6, + 0x47, 0x07, 0xa7, 0xfc, 0xf3, 0x73, 0x17, 0xba, 0x83, 0x59, 0x3c, 0x19, 0xe6, 0x85, 0x4f, 0xa8, + 0x68, 0x6b, 0x81, 0xb2, 0x71, 0x64, 0xda, 0x8b, 0xf8, 0xeb, 0x0f, 0x4b, 0x70, 0x56, 0x9d, 0x35, + 0x1e, 0x24, 0x0e, 0x5e, 0x63, 0x58, 0xd1, 0xa2, 0x25, 0x22, 0x7c, 0x3b, 0x01, 0x21, 0x78, 0x87, + 0xd4, 0x00, 0x46, 0x57, 0x9f, 0xd3, 0x27, 0x52, 0x4c, 0x36, 0x02, 0xe7, 0xa0, 0xc4, 0xc8, 0x9e, + 0xea, 0xbf, 0x8a, 0xd2, 0x40, 0xc7, 0x38, 0xb5, 0xa3, 0xf7, 0xf2, 0xce, 0xf9, 0x61, 0x15, 0xa1, + 0xe0, 0xae, 0x5d, 0xa4, 0x9b, 0x34, 0x1a, 0x55, 0xad, 0x93, 0x32, 0x30, 0xf5, 0x8c, 0xb1, 0xe3, + 0x1d, 0xf6, 0xe2, 0x2e, 0x82, 0x66, 0xca, 0x60, 0xc0, 0x29, 0x23, 0xab, 0x0d, 0x53, 0x4e, 0x6f, + 0xd5, 0xdb, 0x37, 0x45, 0xde, 0xfd, 0x8e, 0x2f, 0x03, 0xff, 0x6a, 0x72, 0x6d, 0x6c, 0x5b, 0x51, + 0x8d, 0x1b, 0xaf, 0x92, 0xbb, 0xdd, 0xbc, 0x7f, 0x11, 0xd9, 0x5c, 0x41, 0x1f, 0x10, 0x5a, 0xd8, + 0x0a, 0xc1, 0x31, 0x88, 0xa5, 0xcd, 0x7b, 0xbd, 0x2d, 0x74, 0xd0, 0x12, 0xb8, 0xe5, 0xb4, 0xb0, + 0x89, 0x69, 0x97, 0x4a, 0x0c, 0x96, 0x77, 0x7e, 0x65, 0xb9, 0xf1, 0x09, 0xc5, 0x6e, 0xc6, 0x84, + 0x18, 0xf0, 0x7d, 0xec, 0x3a, 0xdc, 0x4d, 0x20, 0x79, 0xee, 0x5f, 0x3e, 0xd7, 0xcb, 0x39, 0x48 + }; + + private static readonly uint[] CK = + { + 0x00070e15, 0x1c232a31, 0x383f464d, 0x545b6269, + 0x70777e85, 0x8c939aa1, 0xa8afb6bd, 0xc4cbd2d9, + 0xe0e7eef5, 0xfc030a11, 0x181f262d, 0x343b4249, + 0x50575e65, 0x6c737a81, 0x888f969d, 0xa4abb2b9, + 0xc0c7ced5, 0xdce3eaf1, 0xf8ff060d, 0x141b2229, + 0x30373e45, 0x4c535a61, 0x686f767d, 0x848b9299, + 0xa0a7aeb5, 0xbcc3cad1, 0xd8dfe6ed, 0xf4fb0209, + 0x10171e25, 0x2c333a41, 0x484f565d, 0x646b7279 + }; + + private static readonly uint[] FK = + { + 0xa3b1bac6, 0x56aa3350, 0x677d9197, 0xb27022dc + }; + + private uint[] rk; + + // non-linear substitution tau. + private static uint tau(uint A) + { + uint b0 = Sbox[A >> 24]; + uint b1 = Sbox[(A >> 16) & 0xFF]; + uint b2 = Sbox[(A >> 8) & 0xFF]; + uint b3 = Sbox[A & 0xFF]; + + return (b0 << 24) | (b1 << 16) | (b2 << 8) | b3; + } + + private static uint L_ap(uint B) + { + return B ^ Integers.RotateLeft(B, 13) ^ Integers.RotateLeft(B, 23); + } + + private uint T_ap(uint Z) + { + return L_ap(tau(Z)); + } + + // Key expansion + private void ExpandKey(bool forEncryption, byte[] key) + { + uint K0 = Pack.BE_To_UInt32(key, 0) ^ FK[0]; + uint K1 = Pack.BE_To_UInt32(key, 4) ^ FK[1]; + uint K2 = Pack.BE_To_UInt32(key, 8) ^ FK[2]; + uint K3 = Pack.BE_To_UInt32(key, 12) ^ FK[3]; + + if (forEncryption) + { + rk[0] = K0 ^ T_ap(K1 ^ K2 ^ K3 ^ CK[0]); + rk[1] = K1 ^ T_ap(K2 ^ K3 ^ rk[0] ^ CK[1]); + rk[2] = K2 ^ T_ap(K3 ^ rk[0] ^ rk[1] ^ CK[2]); + rk[3] = K3 ^ T_ap(rk[0] ^ rk[1] ^ rk[2] ^ CK[3]); + for (int i = 4; i < 32; ++i) + { + rk[i] = rk[i - 4] ^ T_ap(rk[i - 3] ^ rk[i - 2] ^ rk[i - 1] ^ CK[i]); + } + } + else + { + rk[31] = K0 ^ T_ap(K1 ^ K2 ^ K3 ^ CK[0]); + rk[30] = K1 ^ T_ap(K2 ^ K3 ^ rk[31] ^ CK[1]); + rk[29] = K2 ^ T_ap(K3 ^ rk[31] ^ rk[30] ^ CK[2]); + rk[28] = K3 ^ T_ap(rk[31] ^ rk[30] ^ rk[29] ^ CK[3]); + for (int i = 27; i >= 0; --i) + { + rk[i] = rk[i + 4] ^ T_ap(rk[i + 3] ^ rk[i + 2] ^ rk[i + 1] ^ CK[31 - i]); + } + } + } + + // Linear substitution L + private static uint L(uint B) + { + return B ^ Integers.RotateLeft(B, 2) ^ Integers.RotateLeft(B, 10) ^ Integers.RotateLeft(B, 18) ^ Integers.RotateLeft(B, 24); + } + + // Mixer-substitution T + private static uint T(uint Z) + { + return L(tau(Z)); + } + + public virtual void Init(bool forEncryption, ICipherParameters parameters) + { + KeyParameter keyParameter = parameters as KeyParameter; + if (null == keyParameter) + throw new ArgumentException("invalid parameter passed to SM4 init - " + Platform.GetTypeName(parameters), "parameters"); + + byte[] key = keyParameter.GetKey(); + if (key.Length != 16) + throw new ArgumentException("SM4 requires a 128 bit key", "parameters"); + + if (null == rk) + { + rk = new uint[32]; + } + + ExpandKey(forEncryption, key); + } + + public virtual string AlgorithmName + { + get { return "SM4"; } + } + + public virtual bool IsPartialBlockOkay + { + get { return false; } + } + + public virtual int GetBlockSize() + { + return BlockSize; + } + + public virtual int ProcessBlock(byte[] input, int inOff, byte[] output, int outOff) + { + if (null == rk) + throw new InvalidOperationException("SM4 not initialised"); + + Check.DataLength(input, inOff, BlockSize, "input buffer too short"); + Check.OutputLength(output, outOff, BlockSize, "output buffer too short"); + + uint X0 = Pack.BE_To_UInt32(input, inOff); + uint X1 = Pack.BE_To_UInt32(input, inOff + 4); + uint X2 = Pack.BE_To_UInt32(input, inOff + 8); + uint X3 = Pack.BE_To_UInt32(input, inOff + 12); + + for (int i = 0; i < 32; i += 4) + { + X0 ^= T(X1 ^ X2 ^ X3 ^ rk[i ]); // F0 + X1 ^= T(X2 ^ X3 ^ X0 ^ rk[i + 1]); // F1 + X2 ^= T(X3 ^ X0 ^ X1 ^ rk[i + 2]); // F2 + X3 ^= T(X0 ^ X1 ^ X2 ^ rk[i + 3]); // F3 + } + + Pack.UInt32_To_BE(X3, output, outOff); + Pack.UInt32_To_BE(X2, output, outOff + 4); + Pack.UInt32_To_BE(X1, output, outOff + 8); + Pack.UInt32_To_BE(X0, output, outOff + 12); + + return BlockSize; + } + + public virtual void Reset() + { + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/engines/Salsa20Engine.cs b/BouncyCastle/crypto/src/crypto/engines/Salsa20Engine.cs new file mode 100644 index 0000000..056fc09 --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/engines/Salsa20Engine.cs @@ -0,0 +1,349 @@ +using System; +using System.Text; + +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Crypto.Utilities; +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Crypto.Engines +{ + /// + /// Implementation of Daniel J. Bernstein's Salsa20 stream cipher, Snuffle 2005 + /// + public class Salsa20Engine + : IStreamCipher + { + public static readonly int DEFAULT_ROUNDS = 20; + + /** Constants */ + private const int StateSize = 16; // 16, 32 bit ints = 64 bytes + + private readonly static uint[] TAU_SIGMA = Pack.LE_To_UInt32(Strings.ToAsciiByteArray("expand 16-byte k" + "expand 32-byte k"), 0, 8); + + internal void PackTauOrSigma(int keyLength, uint[] state, int stateOffset) + { + int tsOff = (keyLength - 16) / 4; + state[stateOffset] = TAU_SIGMA[tsOff]; + state[stateOffset + 1] = TAU_SIGMA[tsOff + 1]; + state[stateOffset + 2] = TAU_SIGMA[tsOff + 2]; + state[stateOffset + 3] = TAU_SIGMA[tsOff + 3]; + } + + [Obsolete] + protected readonly static byte[] + sigma = Strings.ToAsciiByteArray("expand 32-byte k"), + tau = Strings.ToAsciiByteArray("expand 16-byte k"); + + protected int rounds; + + /* + * variables to hold the state of the engine + * during encryption and decryption + */ + private int index = 0; + internal uint[] engineState = new uint[StateSize]; // state + internal uint[] x = new uint[StateSize]; // internal buffer + private byte[] keyStream = new byte[StateSize * 4]; // expanded state, 64 bytes + private bool initialised = false; + + /* + * internal counter + */ + private uint cW0, cW1, cW2; + + /// + /// Creates a 20 round Salsa20 engine. + /// + public Salsa20Engine() + : this(DEFAULT_ROUNDS) + { + } + + /// + /// Creates a Salsa20 engine with a specific number of rounds. + /// + /// the number of rounds (must be an even number). + public Salsa20Engine(int rounds) + { + if (rounds <= 0 || (rounds & 1) != 0) + { + throw new ArgumentException("'rounds' must be a positive, even number"); + } + + this.rounds = rounds; + } + + public virtual void Init( + bool forEncryption, + ICipherParameters parameters) + { + /* + * Salsa20 encryption and decryption is completely + * symmetrical, so the 'forEncryption' is + * irrelevant. (Like 90% of stream ciphers) + */ + + ParametersWithIV ivParams = parameters as ParametersWithIV; + if (ivParams == null) + throw new ArgumentException(AlgorithmName + " Init requires an IV", "parameters"); + + byte[] iv = ivParams.GetIV(); + if (iv == null || iv.Length != NonceSize) + throw new ArgumentException(AlgorithmName + " requires exactly " + NonceSize + " bytes of IV"); + + ICipherParameters keyParam = ivParams.Parameters; + if (keyParam == null) + { + if (!initialised) + throw new InvalidOperationException(AlgorithmName + " KeyParameter can not be null for first initialisation"); + + SetKey(null, iv); + } + else if (keyParam is KeyParameter) + { + SetKey(((KeyParameter)keyParam).GetKey(), iv); + } + else + { + throw new ArgumentException(AlgorithmName + " Init parameters must contain a KeyParameter (or null for re-init)"); + } + + Reset(); + initialised = true; + } + + protected virtual int NonceSize + { + get { return 8; } + } + + public virtual string AlgorithmName + { + get + { + string name = "Salsa20"; + if (rounds != DEFAULT_ROUNDS) + { + name += "/" + rounds; + } + return name; + } + } + + public virtual byte ReturnByte( + byte input) + { + if (LimitExceeded()) + { + throw new MaxBytesExceededException("2^70 byte limit per IV; Change IV"); + } + + if (index == 0) + { + GenerateKeyStream(keyStream); + AdvanceCounter(); + } + + byte output = (byte)(keyStream[index] ^ input); + index = (index + 1) & 63; + + return output; + } + + protected virtual void AdvanceCounter() + { + if (++engineState[8] == 0) + { + ++engineState[9]; + } + } + + public virtual void ProcessBytes( + byte[] inBytes, + int inOff, + int len, + byte[] outBytes, + int outOff) + { + if (!initialised) + throw new InvalidOperationException(AlgorithmName + " not initialised"); + + Check.DataLength(inBytes, inOff, len, "input buffer too short"); + Check.OutputLength(outBytes, outOff, len, "output buffer too short"); + + if (LimitExceeded((uint)len)) + throw new MaxBytesExceededException("2^70 byte limit per IV would be exceeded; Change IV"); + + for (int i = 0; i < len; i++) + { + if (index == 0) + { + GenerateKeyStream(keyStream); + AdvanceCounter(); + } + outBytes[i+outOff] = (byte)(keyStream[index]^inBytes[i+inOff]); + index = (index + 1) & 63; + } + } + + public virtual void Reset() + { + index = 0; + ResetLimitCounter(); + ResetCounter(); + } + + protected virtual void ResetCounter() + { + engineState[8] = engineState[9] = 0; + } + + protected virtual void SetKey(byte[] keyBytes, byte[] ivBytes) + { + if (keyBytes != null) + { + if ((keyBytes.Length != 16) && (keyBytes.Length != 32)) + throw new ArgumentException(AlgorithmName + " requires 128 bit or 256 bit key"); + + int tsOff = (keyBytes.Length - 16) / 4; + engineState[0] = TAU_SIGMA[tsOff]; + engineState[5] = TAU_SIGMA[tsOff + 1]; + engineState[10] = TAU_SIGMA[tsOff + 2]; + engineState[15] = TAU_SIGMA[tsOff + 3]; + + // Key + Pack.LE_To_UInt32(keyBytes, 0, engineState, 1, 4); + Pack.LE_To_UInt32(keyBytes, keyBytes.Length - 16, engineState, 11, 4); + } + + // IV + Pack.LE_To_UInt32(ivBytes, 0, engineState, 6, 2); + } + + protected virtual void GenerateKeyStream(byte[] output) + { + SalsaCore(rounds, engineState, x); + Pack.UInt32_To_LE(x, output, 0); + } + + internal static void SalsaCore(int rounds, uint[] input, uint[] x) + { + if (input.Length != 16) + throw new ArgumentException(); + if (x.Length != 16) + throw new ArgumentException(); + if (rounds % 2 != 0) + throw new ArgumentException("Number of rounds must be even"); + + uint x00 = input[ 0]; + uint x01 = input[ 1]; + uint x02 = input[ 2]; + uint x03 = input[ 3]; + uint x04 = input[ 4]; + uint x05 = input[ 5]; + uint x06 = input[ 6]; + uint x07 = input[ 7]; + uint x08 = input[ 8]; + uint x09 = input[ 9]; + uint x10 = input[10]; + uint x11 = input[11]; + uint x12 = input[12]; + uint x13 = input[13]; + uint x14 = input[14]; + uint x15 = input[15]; + + for (int i = rounds; i > 0; i -= 2) + { + x04 ^= Integers.RotateLeft((x00+x12), 7); + x08 ^= Integers.RotateLeft((x04+x00), 9); + x12 ^= Integers.RotateLeft((x08+x04),13); + x00 ^= Integers.RotateLeft((x12+x08),18); + x09 ^= Integers.RotateLeft((x05+x01), 7); + x13 ^= Integers.RotateLeft((x09+x05), 9); + x01 ^= Integers.RotateLeft((x13+x09),13); + x05 ^= Integers.RotateLeft((x01+x13),18); + x14 ^= Integers.RotateLeft((x10+x06), 7); + x02 ^= Integers.RotateLeft((x14+x10), 9); + x06 ^= Integers.RotateLeft((x02+x14),13); + x10 ^= Integers.RotateLeft((x06+x02),18); + x03 ^= Integers.RotateLeft((x15+x11), 7); + x07 ^= Integers.RotateLeft((x03+x15), 9); + x11 ^= Integers.RotateLeft((x07+x03),13); + x15 ^= Integers.RotateLeft((x11+x07),18); + + x01 ^= Integers.RotateLeft((x00+x03), 7); + x02 ^= Integers.RotateLeft((x01+x00), 9); + x03 ^= Integers.RotateLeft((x02+x01),13); + x00 ^= Integers.RotateLeft((x03+x02),18); + x06 ^= Integers.RotateLeft((x05+x04), 7); + x07 ^= Integers.RotateLeft((x06+x05), 9); + x04 ^= Integers.RotateLeft((x07+x06),13); + x05 ^= Integers.RotateLeft((x04+x07),18); + x11 ^= Integers.RotateLeft((x10+x09), 7); + x08 ^= Integers.RotateLeft((x11+x10), 9); + x09 ^= Integers.RotateLeft((x08+x11),13); + x10 ^= Integers.RotateLeft((x09+x08),18); + x12 ^= Integers.RotateLeft((x15+x14), 7); + x13 ^= Integers.RotateLeft((x12+x15), 9); + x14 ^= Integers.RotateLeft((x13+x12),13); + x15 ^= Integers.RotateLeft((x14+x13),18); + } + + x[ 0] = x00 + input[ 0]; + x[ 1] = x01 + input[ 1]; + x[ 2] = x02 + input[ 2]; + x[ 3] = x03 + input[ 3]; + x[ 4] = x04 + input[ 4]; + x[ 5] = x05 + input[ 5]; + x[ 6] = x06 + input[ 6]; + x[ 7] = x07 + input[ 7]; + x[ 8] = x08 + input[ 8]; + x[ 9] = x09 + input[ 9]; + x[10] = x10 + input[10]; + x[11] = x11 + input[11]; + x[12] = x12 + input[12]; + x[13] = x13 + input[13]; + x[14] = x14 + input[14]; + x[15] = x15 + input[15]; + } + + private void ResetLimitCounter() + { + cW0 = 0; + cW1 = 0; + cW2 = 0; + } + + private bool LimitExceeded() + { + if (++cW0 == 0) + { + if (++cW1 == 0) + { + return (++cW2 & 0x20) != 0; // 2^(32 + 32 + 6) + } + } + + return false; + } + + /* + * this relies on the fact len will always be positive. + */ + private bool LimitExceeded( + uint len) + { + uint old = cW0; + cW0 += len; + if (cW0 < old) + { + if (++cW1 == 0) + { + return (++cW2 & 0x20) != 0; // 2^(32 + 32 + 6) + } + } + + return false; + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/engines/SerpentEngine.cs b/BouncyCastle/crypto/src/crypto/engines/SerpentEngine.cs new file mode 100644 index 0000000..76799f0 --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/engines/SerpentEngine.cs @@ -0,0 +1,292 @@ +using System; + +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Crypto.Utilities; + +namespace Org.BouncyCastle.Crypto.Engines +{ + /** + * Serpent is a 128-bit 32-round block cipher with variable key lengths, + * including 128, 192 and 256 bit keys conjectured to be at least as + * secure as three-key triple-DES. + *

+ * Serpent was designed by Ross Anderson, Eli Biham and Lars Knudsen as a + * candidate algorithm for the NIST AES Quest. + *

+ *

+ * For full details see The Serpent home page + *

+ */ + public sealed class SerpentEngine + : SerpentEngineBase + { + /** + * Expand a user-supplied key material into a session key. + * + * @param key The user-key bytes (multiples of 4) to use. + * @exception ArgumentException + */ + protected override int[] MakeWorkingKey(byte[] key) + { + // + // pad key to 256 bits + // + int[] kPad = new int[16]; + int off = 0; + int length = 0; + + for (off = 0; (off + 4) < key.Length; off += 4) + { + kPad[length++] = (int)Pack.LE_To_UInt32(key, off); + } + + if (off % 4 == 0) + { + kPad[length++] = (int)Pack.LE_To_UInt32(key, off); + if (length < 8) + { + kPad[length] = 1; + } + } + else + { + throw new ArgumentException("key must be a multiple of 4 bytes"); + } + + // + // expand the padded key up to 33 x 128 bits of key material + // + int amount = (ROUNDS + 1) * 4; + int[] w = new int[amount]; + + // + // compute w0 to w7 from w-8 to w-1 + // + for (int i = 8; i < 16; i++) + { + kPad[i] = RotateLeft(kPad[i - 8] ^ kPad[i - 5] ^ kPad[i - 3] ^ kPad[i - 1] ^ PHI ^ (i - 8), 11); + } + + Array.Copy(kPad, 8, w, 0, 8); + + // + // compute w8 to w136 + // + for (int i = 8; i < amount; i++) + { + w[i] = RotateLeft(w[i - 8] ^ w[i - 5] ^ w[i - 3] ^ w[i - 1] ^ PHI ^ i, 11); + } + + // + // create the working keys by processing w with the Sbox and IP + // + Sb3(w[0], w[1], w[2], w[3]); + w[0] = X0; w[1] = X1; w[2] = X2; w[3] = X3; + Sb2(w[4], w[5], w[6], w[7]); + w[4] = X0; w[5] = X1; w[6] = X2; w[7] = X3; + Sb1(w[8], w[9], w[10], w[11]); + w[8] = X0; w[9] = X1; w[10] = X2; w[11] = X3; + Sb0(w[12], w[13], w[14], w[15]); + w[12] = X0; w[13] = X1; w[14] = X2; w[15] = X3; + Sb7(w[16], w[17], w[18], w[19]); + w[16] = X0; w[17] = X1; w[18] = X2; w[19] = X3; + Sb6(w[20], w[21], w[22], w[23]); + w[20] = X0; w[21] = X1; w[22] = X2; w[23] = X3; + Sb5(w[24], w[25], w[26], w[27]); + w[24] = X0; w[25] = X1; w[26] = X2; w[27] = X3; + Sb4(w[28], w[29], w[30], w[31]); + w[28] = X0; w[29] = X1; w[30] = X2; w[31] = X3; + Sb3(w[32], w[33], w[34], w[35]); + w[32] = X0; w[33] = X1; w[34] = X2; w[35] = X3; + Sb2(w[36], w[37], w[38], w[39]); + w[36] = X0; w[37] = X1; w[38] = X2; w[39] = X3; + Sb1(w[40], w[41], w[42], w[43]); + w[40] = X0; w[41] = X1; w[42] = X2; w[43] = X3; + Sb0(w[44], w[45], w[46], w[47]); + w[44] = X0; w[45] = X1; w[46] = X2; w[47] = X3; + Sb7(w[48], w[49], w[50], w[51]); + w[48] = X0; w[49] = X1; w[50] = X2; w[51] = X3; + Sb6(w[52], w[53], w[54], w[55]); + w[52] = X0; w[53] = X1; w[54] = X2; w[55] = X3; + Sb5(w[56], w[57], w[58], w[59]); + w[56] = X0; w[57] = X1; w[58] = X2; w[59] = X3; + Sb4(w[60], w[61], w[62], w[63]); + w[60] = X0; w[61] = X1; w[62] = X2; w[63] = X3; + Sb3(w[64], w[65], w[66], w[67]); + w[64] = X0; w[65] = X1; w[66] = X2; w[67] = X3; + Sb2(w[68], w[69], w[70], w[71]); + w[68] = X0; w[69] = X1; w[70] = X2; w[71] = X3; + Sb1(w[72], w[73], w[74], w[75]); + w[72] = X0; w[73] = X1; w[74] = X2; w[75] = X3; + Sb0(w[76], w[77], w[78], w[79]); + w[76] = X0; w[77] = X1; w[78] = X2; w[79] = X3; + Sb7(w[80], w[81], w[82], w[83]); + w[80] = X0; w[81] = X1; w[82] = X2; w[83] = X3; + Sb6(w[84], w[85], w[86], w[87]); + w[84] = X0; w[85] = X1; w[86] = X2; w[87] = X3; + Sb5(w[88], w[89], w[90], w[91]); + w[88] = X0; w[89] = X1; w[90] = X2; w[91] = X3; + Sb4(w[92], w[93], w[94], w[95]); + w[92] = X0; w[93] = X1; w[94] = X2; w[95] = X3; + Sb3(w[96], w[97], w[98], w[99]); + w[96] = X0; w[97] = X1; w[98] = X2; w[99] = X3; + Sb2(w[100], w[101], w[102], w[103]); + w[100] = X0; w[101] = X1; w[102] = X2; w[103] = X3; + Sb1(w[104], w[105], w[106], w[107]); + w[104] = X0; w[105] = X1; w[106] = X2; w[107] = X3; + Sb0(w[108], w[109], w[110], w[111]); + w[108] = X0; w[109] = X1; w[110] = X2; w[111] = X3; + Sb7(w[112], w[113], w[114], w[115]); + w[112] = X0; w[113] = X1; w[114] = X2; w[115] = X3; + Sb6(w[116], w[117], w[118], w[119]); + w[116] = X0; w[117] = X1; w[118] = X2; w[119] = X3; + Sb5(w[120], w[121], w[122], w[123]); + w[120] = X0; w[121] = X1; w[122] = X2; w[123] = X3; + Sb4(w[124], w[125], w[126], w[127]); + w[124] = X0; w[125] = X1; w[126] = X2; w[127] = X3; + Sb3(w[128], w[129], w[130], w[131]); + w[128] = X0; w[129] = X1; w[130] = X2; w[131] = X3; + + return w; + } + + /** + * Encrypt one block of plaintext. + * + * @param input the array containing the input data. + * @param inOff offset into the in array the data starts at. + * @param output the array the output data will be copied into. + * @param outOff the offset into the out array the output will start at. + */ + protected override void EncryptBlock(byte[] input, int inOff, byte[] output, int outOff) + { + X0 = (int)Pack.LE_To_UInt32(input, inOff); + X1 = (int)Pack.LE_To_UInt32(input, inOff + 4); + X2 = (int)Pack.LE_To_UInt32(input, inOff + 8); + X3 = (int)Pack.LE_To_UInt32(input, inOff + 12); + + Sb0(wKey[0] ^ X0, wKey[1] ^ X1, wKey[2] ^ X2, wKey[3] ^ X3); LT(); + Sb1(wKey[4] ^ X0, wKey[5] ^ X1, wKey[6] ^ X2, wKey[7] ^ X3); LT(); + Sb2(wKey[8] ^ X0, wKey[9] ^ X1, wKey[10] ^ X2, wKey[11] ^ X3); LT(); + Sb3(wKey[12] ^ X0, wKey[13] ^ X1, wKey[14] ^ X2, wKey[15] ^ X3); LT(); + Sb4(wKey[16] ^ X0, wKey[17] ^ X1, wKey[18] ^ X2, wKey[19] ^ X3); LT(); + Sb5(wKey[20] ^ X0, wKey[21] ^ X1, wKey[22] ^ X2, wKey[23] ^ X3); LT(); + Sb6(wKey[24] ^ X0, wKey[25] ^ X1, wKey[26] ^ X2, wKey[27] ^ X3); LT(); + Sb7(wKey[28] ^ X0, wKey[29] ^ X1, wKey[30] ^ X2, wKey[31] ^ X3); LT(); + Sb0(wKey[32] ^ X0, wKey[33] ^ X1, wKey[34] ^ X2, wKey[35] ^ X3); LT(); + Sb1(wKey[36] ^ X0, wKey[37] ^ X1, wKey[38] ^ X2, wKey[39] ^ X3); LT(); + Sb2(wKey[40] ^ X0, wKey[41] ^ X1, wKey[42] ^ X2, wKey[43] ^ X3); LT(); + Sb3(wKey[44] ^ X0, wKey[45] ^ X1, wKey[46] ^ X2, wKey[47] ^ X3); LT(); + Sb4(wKey[48] ^ X0, wKey[49] ^ X1, wKey[50] ^ X2, wKey[51] ^ X3); LT(); + Sb5(wKey[52] ^ X0, wKey[53] ^ X1, wKey[54] ^ X2, wKey[55] ^ X3); LT(); + Sb6(wKey[56] ^ X0, wKey[57] ^ X1, wKey[58] ^ X2, wKey[59] ^ X3); LT(); + Sb7(wKey[60] ^ X0, wKey[61] ^ X1, wKey[62] ^ X2, wKey[63] ^ X3); LT(); + Sb0(wKey[64] ^ X0, wKey[65] ^ X1, wKey[66] ^ X2, wKey[67] ^ X3); LT(); + Sb1(wKey[68] ^ X0, wKey[69] ^ X1, wKey[70] ^ X2, wKey[71] ^ X3); LT(); + Sb2(wKey[72] ^ X0, wKey[73] ^ X1, wKey[74] ^ X2, wKey[75] ^ X3); LT(); + Sb3(wKey[76] ^ X0, wKey[77] ^ X1, wKey[78] ^ X2, wKey[79] ^ X3); LT(); + Sb4(wKey[80] ^ X0, wKey[81] ^ X1, wKey[82] ^ X2, wKey[83] ^ X3); LT(); + Sb5(wKey[84] ^ X0, wKey[85] ^ X1, wKey[86] ^ X2, wKey[87] ^ X3); LT(); + Sb6(wKey[88] ^ X0, wKey[89] ^ X1, wKey[90] ^ X2, wKey[91] ^ X3); LT(); + Sb7(wKey[92] ^ X0, wKey[93] ^ X1, wKey[94] ^ X2, wKey[95] ^ X3); LT(); + Sb0(wKey[96] ^ X0, wKey[97] ^ X1, wKey[98] ^ X2, wKey[99] ^ X3); LT(); + Sb1(wKey[100] ^ X0, wKey[101] ^ X1, wKey[102] ^ X2, wKey[103] ^ X3); LT(); + Sb2(wKey[104] ^ X0, wKey[105] ^ X1, wKey[106] ^ X2, wKey[107] ^ X3); LT(); + Sb3(wKey[108] ^ X0, wKey[109] ^ X1, wKey[110] ^ X2, wKey[111] ^ X3); LT(); + Sb4(wKey[112] ^ X0, wKey[113] ^ X1, wKey[114] ^ X2, wKey[115] ^ X3); LT(); + Sb5(wKey[116] ^ X0, wKey[117] ^ X1, wKey[118] ^ X2, wKey[119] ^ X3); LT(); + Sb6(wKey[120] ^ X0, wKey[121] ^ X1, wKey[122] ^ X2, wKey[123] ^ X3); LT(); + Sb7(wKey[124] ^ X0, wKey[125] ^ X1, wKey[126] ^ X2, wKey[127] ^ X3); + + Pack.UInt32_To_LE((uint)(wKey[128] ^ X0), output, outOff); + Pack.UInt32_To_LE((uint)(wKey[129] ^ X1), output, outOff + 4); + Pack.UInt32_To_LE((uint)(wKey[130] ^ X2), output, outOff + 8); + Pack.UInt32_To_LE((uint)(wKey[131] ^ X3), output, outOff + 12); + } + + /** + * Decrypt one block of ciphertext. + * + * @param input the array containing the input data. + * @param inOff offset into the in array the data starts at. + * @param output the array the output data will be copied into. + * @param outOff the offset into the out array the output will start at. + */ + protected override void DecryptBlock(byte[] input, int inOff, byte[] output, int outOff) + { + X0 = wKey[128] ^ (int)Pack.LE_To_UInt32(input, inOff); + X1 = wKey[129] ^ (int)Pack.LE_To_UInt32(input, inOff + 4); + X2 = wKey[130] ^ (int)Pack.LE_To_UInt32(input, inOff + 8); + X3 = wKey[131] ^ (int)Pack.LE_To_UInt32(input, inOff + 12); + + Ib7(X0, X1, X2, X3); + X0 ^= wKey[124]; X1 ^= wKey[125]; X2 ^= wKey[126]; X3 ^= wKey[127]; + InverseLT(); Ib6(X0, X1, X2, X3); + X0 ^= wKey[120]; X1 ^= wKey[121]; X2 ^= wKey[122]; X3 ^= wKey[123]; + InverseLT(); Ib5(X0, X1, X2, X3); + X0 ^= wKey[116]; X1 ^= wKey[117]; X2 ^= wKey[118]; X3 ^= wKey[119]; + InverseLT(); Ib4(X0, X1, X2, X3); + X0 ^= wKey[112]; X1 ^= wKey[113]; X2 ^= wKey[114]; X3 ^= wKey[115]; + InverseLT(); Ib3(X0, X1, X2, X3); + X0 ^= wKey[108]; X1 ^= wKey[109]; X2 ^= wKey[110]; X3 ^= wKey[111]; + InverseLT(); Ib2(X0, X1, X2, X3); + X0 ^= wKey[104]; X1 ^= wKey[105]; X2 ^= wKey[106]; X3 ^= wKey[107]; + InverseLT(); Ib1(X0, X1, X2, X3); + X0 ^= wKey[100]; X1 ^= wKey[101]; X2 ^= wKey[102]; X3 ^= wKey[103]; + InverseLT(); Ib0(X0, X1, X2, X3); + X0 ^= wKey[96]; X1 ^= wKey[97]; X2 ^= wKey[98]; X3 ^= wKey[99]; + InverseLT(); Ib7(X0, X1, X2, X3); + X0 ^= wKey[92]; X1 ^= wKey[93]; X2 ^= wKey[94]; X3 ^= wKey[95]; + InverseLT(); Ib6(X0, X1, X2, X3); + X0 ^= wKey[88]; X1 ^= wKey[89]; X2 ^= wKey[90]; X3 ^= wKey[91]; + InverseLT(); Ib5(X0, X1, X2, X3); + X0 ^= wKey[84]; X1 ^= wKey[85]; X2 ^= wKey[86]; X3 ^= wKey[87]; + InverseLT(); Ib4(X0, X1, X2, X3); + X0 ^= wKey[80]; X1 ^= wKey[81]; X2 ^= wKey[82]; X3 ^= wKey[83]; + InverseLT(); Ib3(X0, X1, X2, X3); + X0 ^= wKey[76]; X1 ^= wKey[77]; X2 ^= wKey[78]; X3 ^= wKey[79]; + InverseLT(); Ib2(X0, X1, X2, X3); + X0 ^= wKey[72]; X1 ^= wKey[73]; X2 ^= wKey[74]; X3 ^= wKey[75]; + InverseLT(); Ib1(X0, X1, X2, X3); + X0 ^= wKey[68]; X1 ^= wKey[69]; X2 ^= wKey[70]; X3 ^= wKey[71]; + InverseLT(); Ib0(X0, X1, X2, X3); + X0 ^= wKey[64]; X1 ^= wKey[65]; X2 ^= wKey[66]; X3 ^= wKey[67]; + InverseLT(); Ib7(X0, X1, X2, X3); + X0 ^= wKey[60]; X1 ^= wKey[61]; X2 ^= wKey[62]; X3 ^= wKey[63]; + InverseLT(); Ib6(X0, X1, X2, X3); + X0 ^= wKey[56]; X1 ^= wKey[57]; X2 ^= wKey[58]; X3 ^= wKey[59]; + InverseLT(); Ib5(X0, X1, X2, X3); + X0 ^= wKey[52]; X1 ^= wKey[53]; X2 ^= wKey[54]; X3 ^= wKey[55]; + InverseLT(); Ib4(X0, X1, X2, X3); + X0 ^= wKey[48]; X1 ^= wKey[49]; X2 ^= wKey[50]; X3 ^= wKey[51]; + InverseLT(); Ib3(X0, X1, X2, X3); + X0 ^= wKey[44]; X1 ^= wKey[45]; X2 ^= wKey[46]; X3 ^= wKey[47]; + InverseLT(); Ib2(X0, X1, X2, X3); + X0 ^= wKey[40]; X1 ^= wKey[41]; X2 ^= wKey[42]; X3 ^= wKey[43]; + InverseLT(); Ib1(X0, X1, X2, X3); + X0 ^= wKey[36]; X1 ^= wKey[37]; X2 ^= wKey[38]; X3 ^= wKey[39]; + InverseLT(); Ib0(X0, X1, X2, X3); + X0 ^= wKey[32]; X1 ^= wKey[33]; X2 ^= wKey[34]; X3 ^= wKey[35]; + InverseLT(); Ib7(X0, X1, X2, X3); + X0 ^= wKey[28]; X1 ^= wKey[29]; X2 ^= wKey[30]; X3 ^= wKey[31]; + InverseLT(); Ib6(X0, X1, X2, X3); + X0 ^= wKey[24]; X1 ^= wKey[25]; X2 ^= wKey[26]; X3 ^= wKey[27]; + InverseLT(); Ib5(X0, X1, X2, X3); + X0 ^= wKey[20]; X1 ^= wKey[21]; X2 ^= wKey[22]; X3 ^= wKey[23]; + InverseLT(); Ib4(X0, X1, X2, X3); + X0 ^= wKey[16]; X1 ^= wKey[17]; X2 ^= wKey[18]; X3 ^= wKey[19]; + InverseLT(); Ib3(X0, X1, X2, X3); + X0 ^= wKey[12]; X1 ^= wKey[13]; X2 ^= wKey[14]; X3 ^= wKey[15]; + InverseLT(); Ib2(X0, X1, X2, X3); + X0 ^= wKey[8]; X1 ^= wKey[9]; X2 ^= wKey[10]; X3 ^= wKey[11]; + InverseLT(); Ib1(X0, X1, X2, X3); + X0 ^= wKey[4]; X1 ^= wKey[5]; X2 ^= wKey[6]; X3 ^= wKey[7]; + InverseLT(); Ib0(X0, X1, X2, X3); + + Pack.UInt32_To_LE((uint)(X0 ^ wKey[0]), output, outOff); + Pack.UInt32_To_LE((uint)(X1 ^ wKey[1]), output, outOff + 4); + Pack.UInt32_To_LE((uint)(X2 ^ wKey[2]), output, outOff + 8); + Pack.UInt32_To_LE((uint)(X3 ^ wKey[3]), output, outOff + 12); + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/engines/SerpentEngineBase.cs b/BouncyCastle/crypto/src/crypto/engines/SerpentEngineBase.cs new file mode 100644 index 0000000..9de5522 --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/engines/SerpentEngineBase.cs @@ -0,0 +1,469 @@ +using System; + +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Crypto.Engines +{ + public abstract class SerpentEngineBase + : IBlockCipher + { + protected static readonly int BlockSize = 16; + + internal const int ROUNDS = 32; + internal const int PHI = unchecked((int)0x9E3779B9); // (sqrt(5) - 1) * 2**31 + + protected bool encrypting; + protected int[] wKey; + + protected int X0, X1, X2, X3; // registers + + protected SerpentEngineBase() + { + } + + /** + * initialise a Serpent cipher. + * + * @param encrypting whether or not we are for encryption. + * @param params the parameters required to set up the cipher. + * @throws IllegalArgumentException if the params argument is + * inappropriate. + */ + public virtual void Init(bool encrypting, ICipherParameters parameters) + { + if (!(parameters is KeyParameter)) + throw new ArgumentException("invalid parameter passed to " + AlgorithmName + " init - " + Platform.GetTypeName(parameters)); + + this.encrypting = encrypting; + this.wKey = MakeWorkingKey(((KeyParameter)parameters).GetKey()); + } + + public virtual string AlgorithmName + { + get { return "Serpent"; } + } + + public virtual bool IsPartialBlockOkay + { + get { return false; } + } + + public virtual int GetBlockSize() + { + return BlockSize; + } + + /** + * Process one block of input from the array in and write it to + * the out array. + * + * @param in the array containing the input data. + * @param inOff offset into the in array the data starts at. + * @param out the array the output data will be copied into. + * @param outOff the offset into the out array the output will start at. + * @return the number of bytes processed and produced. + * @throws DataLengthException if there isn't enough data in in, or + * space in out. + * @throws IllegalStateException if the cipher isn't initialised. + */ + public int ProcessBlock(byte[] input, int inOff, byte[] output, int outOff) + { + if (wKey == null) + throw new InvalidOperationException(AlgorithmName + " not initialised"); + + Check.DataLength(input, inOff, BlockSize, "input buffer too short"); + Check.OutputLength(output, outOff, BlockSize, "output buffer too short"); + + if (encrypting) + { + EncryptBlock(input, inOff, output, outOff); + } + else + { + DecryptBlock(input, inOff, output, outOff); + } + + return BlockSize; + } + + public virtual void Reset() + { + } + + protected static int RotateLeft(int x, int bits) + { + return ((x << bits) | (int) ((uint)x >> (32 - bits))); + } + + private static int RotateRight(int x, int bits) + { + return ( (int)((uint)x >> bits) | (x << (32 - bits))); + } + + /* + * The sboxes below are based on the work of Brian Gladman and + * Sam Simpson, whose original notice appears below. + *

+ * For further details see: + * http://fp.gladman.plus.com/cryptography_technology/serpent/ + *

+ */ + + /* Partially optimised Serpent S Box boolean functions derived */ + /* using a recursive descent analyser but without a full search */ + /* of all subtrees. This set of S boxes is the result of work */ + /* by Sam Simpson and Brian Gladman using the spare time on a */ + /* cluster of high capacity servers to search for S boxes with */ + /* this customised search engine. There are now an average of */ + /* 15.375 terms per S box. */ + /* */ + /* Copyright: Dr B. R Gladman (gladman@seven77.demon.co.uk) */ + /* and Sam Simpson (s.simpson@mia.co.uk) */ + /* 17th December 1998 */ + /* */ + /* We hereby give permission for information in this file to be */ + /* used freely subject only to acknowledgement of its origin. */ + + /* + * S0 - { 3, 8,15, 1,10, 6, 5,11,14,13, 4, 2, 7, 0, 9,12 } - 15 terms. + */ + protected void Sb0(int a, int b, int c, int d) + { + int t1 = a ^ d; + int t3 = c ^ t1; + int t4 = b ^ t3; + X3 = (a & d) ^ t4; + int t7 = a ^ (b & t1); + X2 = t4 ^ (c | t7); + int t12 = X3 & (t3 ^ t7); + X1 = (~t3) ^ t12; + X0 = t12 ^ (~t7); + } + + /** + * InvSO - {13, 3,11, 0,10, 6, 5,12, 1,14, 4, 7,15, 9, 8, 2 } - 15 terms. + */ + protected void Ib0(int a, int b, int c, int d) + { + int t1 = ~a; + int t2 = a ^ b; + int t4 = d ^ (t1 | t2); + int t5 = c ^ t4; + X2 = t2 ^ t5; + int t8 = t1 ^ (d & t2); + X1 = t4 ^ (X2 & t8); + X3 = (a & t4) ^ (t5 | X1); + X0 = X3 ^ (t5 ^ t8); + } + + /** + * S1 - {15,12, 2, 7, 9, 0, 5,10, 1,11,14, 8, 6,13, 3, 4 } - 14 terms. + */ + protected void Sb1(int a, int b, int c, int d) + { + int t2 = b ^ (~a); + int t5 = c ^ (a | t2); + X2 = d ^ t5; + int t7 = b ^ (d | t2); + int t8 = t2 ^ X2; + X3 = t8 ^ (t5 & t7); + int t11 = t5 ^ t7; + X1 = X3 ^ t11; + X0 = t5 ^ (t8 & t11); + } + + /** + * InvS1 - { 5, 8, 2,14,15, 6,12, 3,11, 4, 7, 9, 1,13,10, 0 } - 14 steps. + */ + protected void Ib1(int a, int b, int c, int d) + { + int t1 = b ^ d; + int t3 = a ^ (b & t1); + int t4 = t1 ^ t3; + X3 = c ^ t4; + int t7 = b ^ (t1 & t3); + int t8 = X3 | t7; + X1 = t3 ^ t8; + int t10 = ~X1; + int t11 = X3 ^ t7; + X0 = t10 ^ t11; + X2 = t4 ^ (t10 | t11); + } + + /** + * S2 - { 8, 6, 7, 9, 3,12,10,15,13, 1,14, 4, 0,11, 5, 2 } - 16 terms. + */ + protected void Sb2(int a, int b, int c, int d) + { + int t1 = ~a; + int t2 = b ^ d; + int t3 = c & t1; + X0 = t2 ^ t3; + int t5 = c ^ t1; + int t6 = c ^ X0; + int t7 = b & t6; + X3 = t5 ^ t7; + X2 = a ^ ((d | t7) & (X0 | t5)); + X1 = (t2 ^ X3) ^ (X2 ^ (d | t1)); + } + + /** + * InvS2 - {12, 9,15, 4,11,14, 1, 2, 0, 3, 6,13, 5, 8,10, 7 } - 16 steps. + */ + protected void Ib2(int a, int b, int c, int d) + { + int t1 = b ^ d; + int t2 = ~t1; + int t3 = a ^ c; + int t4 = c ^ t1; + int t5 = b & t4; + X0 = t3 ^ t5; + int t7 = a | t2; + int t8 = d ^ t7; + int t9 = t3 | t8; + X3 = t1 ^ t9; + int t11 = ~t4; + int t12 = X0 | X3; + X1 = t11 ^ t12; + X2 = (d & t11) ^ (t3 ^ t12); + } + + /** + * S3 - { 0,15,11, 8,12, 9, 6, 3,13, 1, 2, 4,10, 7, 5,14 } - 16 terms. + */ + protected void Sb3(int a, int b, int c, int d) + { + int t1 = a ^ b; + int t2 = a & c; + int t3 = a | d; + int t4 = c ^ d; + int t5 = t1 & t3; + int t6 = t2 | t5; + X2 = t4 ^ t6; + int t8 = b ^ t3; + int t9 = t6 ^ t8; + int t10 = t4 & t9; + X0 = t1 ^ t10; + int t12 = X2 & X0; + X1 = t9 ^ t12; + X3 = (b | d) ^ (t4 ^ t12); + } + + /** + * InvS3 - { 0, 9,10, 7,11,14, 6,13, 3, 5,12, 2, 4, 8,15, 1 } - 15 terms + */ + protected void Ib3(int a, int b, int c, int d) + { + int t1 = a | b; + int t2 = b ^ c; + int t3 = b & t2; + int t4 = a ^ t3; + int t5 = c ^ t4; + int t6 = d | t4; + X0 = t2 ^ t6; + int t8 = t2 | t6; + int t9 = d ^ t8; + X2 = t5 ^ t9; + int t11 = t1 ^ t9; + int t12 = X0 & t11; + X3 = t4 ^ t12; + X1 = X3 ^ (X0 ^ t11); + } + + /** + * S4 - { 1,15, 8, 3,12, 0,11, 6, 2, 5, 4,10, 9,14, 7,13 } - 15 terms. + */ + protected void Sb4(int a, int b, int c, int d) + { + int t1 = a ^ d; + int t2 = d & t1; + int t3 = c ^ t2; + int t4 = b | t3; + X3 = t1 ^ t4; + int t6 = ~b; + int t7 = t1 | t6; + X0 = t3 ^ t7; + int t9 = a & X0; + int t10 = t1 ^ t6; + int t11 = t4 & t10; + X2 = t9 ^ t11; + X1 = (a ^ t3) ^ (t10 & X2); + } + + /** + * InvS4 - { 5, 0, 8, 3,10, 9, 7,14, 2,12,11, 6, 4,15,13, 1 } - 15 terms. + */ + protected void Ib4(int a, int b, int c, int d) + { + int t1 = c | d; + int t2 = a & t1; + int t3 = b ^ t2; + int t4 = a & t3; + int t5 = c ^ t4; + X1 = d ^ t5; + int t7 = ~a; + int t8 = t5 & X1; + X3 = t3 ^ t8; + int t10 = X1 | t7; + int t11 = d ^ t10; + X0 = X3 ^ t11; + X2 = (t3 & t11) ^ (X1 ^ t7); + } + + /** + * S5 - {15, 5, 2,11, 4,10, 9,12, 0, 3,14, 8,13, 6, 7, 1 } - 16 terms. + */ + protected void Sb5(int a, int b, int c, int d) + { + int t1 = ~a; + int t2 = a ^ b; + int t3 = a ^ d; + int t4 = c ^ t1; + int t5 = t2 | t3; + X0 = t4 ^ t5; + int t7 = d & X0; + int t8 = t2 ^ X0; + X1 = t7 ^ t8; + int t10 = t1 | X0; + int t11 = t2 | t7; + int t12 = t3 ^ t10; + X2 = t11 ^ t12; + X3 = (b ^ t7) ^ (X1 & t12); + } + + /** + * InvS5 - { 8,15, 2, 9, 4, 1,13,14,11, 6, 5, 3, 7,12,10, 0 } - 16 terms. + */ + protected void Ib5(int a, int b, int c, int d) + { + int t1 = ~c; + int t2 = b & t1; + int t3 = d ^ t2; + int t4 = a & t3; + int t5 = b ^ t1; + X3 = t4 ^ t5; + int t7 = b | X3; + int t8 = a & t7; + X1 = t3 ^ t8; + int t10 = a | d; + int t11 = t1 ^ t7; + X0 = t10 ^ t11; + X2 = (b & t10) ^ (t4 | (a ^ c)); + } + + /** + * S6 - { 7, 2,12, 5, 8, 4, 6,11,14, 9, 1,15,13, 3,10, 0 } - 15 terms. + */ + protected void Sb6(int a, int b, int c, int d) + { + int t1 = ~a; + int t2 = a ^ d; + int t3 = b ^ t2; + int t4 = t1 | t2; + int t5 = c ^ t4; + X1 = b ^ t5; + int t7 = t2 | X1; + int t8 = d ^ t7; + int t9 = t5 & t8; + X2 = t3 ^ t9; + int t11 = t5 ^ t8; + X0 = X2 ^ t11; + X3 = (~t5) ^ (t3 & t11); + } + + /** + * InvS6 - {15,10, 1,13, 5, 3, 6, 0, 4, 9,14, 7, 2,12, 8,11 } - 15 terms. + */ + protected void Ib6(int a, int b, int c, int d) + { + int t1 = ~a; + int t2 = a ^ b; + int t3 = c ^ t2; + int t4 = c | t1; + int t5 = d ^ t4; + X1 = t3 ^ t5; + int t7 = t3 & t5; + int t8 = t2 ^ t7; + int t9 = b | t8; + X3 = t5 ^ t9; + int t11 = b | X3; + X0 = t8 ^ t11; + X2 = (d & t1) ^ (t3 ^ t11); + } + + /** + * S7 - { 1,13,15, 0,14, 8, 2,11, 7, 4,12,10, 9, 3, 5, 6 } - 16 terms. + */ + protected void Sb7(int a, int b, int c, int d) + { + int t1 = b ^ c; + int t2 = c & t1; + int t3 = d ^ t2; + int t4 = a ^ t3; + int t5 = d | t1; + int t6 = t4 & t5; + X1 = b ^ t6; + int t8 = t3 | X1; + int t9 = a & t4; + X3 = t1 ^ t9; + int t11 = t4 ^ t8; + int t12 = X3 & t11; + X2 = t3 ^ t12; + X0 = (~t11) ^ (X3 & X2); + } + + /** + * InvS7 - { 3, 0, 6,13, 9,14,15, 8, 5,12,11, 7,10, 1, 4, 2 } - 17 terms. + */ + protected void Ib7(int a, int b, int c, int d) + { + int t3 = c | (a & b); + int t4 = d & (a | b); + X3 = t3 ^ t4; + int t6 = ~d; + int t7 = b ^ t4; + int t9 = t7 | (X3 ^ t6); + X1 = a ^ t9; + X0 = (c ^ t7) ^ (d | X1); + X2 = (t3 ^ X1) ^ (X0 ^ (a & X3)); + } + + /** + * Apply the linear transformation to the register set. + */ + protected void LT() + { + int x0 = RotateLeft(X0, 13); + int x2 = RotateLeft(X2, 3); + int x1 = X1 ^ x0 ^ x2; + int x3 = X3 ^ x2 ^ x0 << 3; + + X1 = RotateLeft(x1, 1); + X3 = RotateLeft(x3, 7); + X0 = RotateLeft(x0 ^ X1 ^ X3, 5); + X2 = RotateLeft(x2 ^ X3 ^ (X1 << 7), 22); + } + + /** + * Apply the inverse of the linear transformation to the register set. + */ + protected void InverseLT() + { + int x2 = RotateRight(X2, 22) ^ X3 ^ (X1 << 7); + int x0 = RotateRight(X0, 5) ^ X1 ^ X3; + int x3 = RotateRight(X3, 7); + int x1 = RotateRight(X1, 1); + X3 = x3 ^ x2 ^ x0 << 3; + X1 = x1 ^ x0 ^ x2; + X2 = RotateRight(x2, 3); + X0 = RotateRight(x0, 13); + } + + protected abstract int[] MakeWorkingKey(byte[] key); + + protected abstract void EncryptBlock(byte[] input, int inOff, byte[] output, int outOff); + + protected abstract void DecryptBlock(byte[] input, int inOff, byte[] output, int outOff); + } +} diff --git a/BouncyCastle/crypto/src/crypto/engines/SkipjackEngine.cs b/BouncyCastle/crypto/src/crypto/engines/SkipjackEngine.cs new file mode 100644 index 0000000..c90646c --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/engines/SkipjackEngine.cs @@ -0,0 +1,254 @@ +using System; + +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Crypto.Engines +{ + /** + * a class that provides a basic SKIPJACK engine. + */ + public class SkipjackEngine + : IBlockCipher + { + const int BLOCK_SIZE = 8; + + static readonly short [] ftable = + { + 0xa3, 0xd7, 0x09, 0x83, 0xf8, 0x48, 0xf6, 0xf4, 0xb3, 0x21, 0x15, 0x78, 0x99, 0xb1, 0xaf, 0xf9, + 0xe7, 0x2d, 0x4d, 0x8a, 0xce, 0x4c, 0xca, 0x2e, 0x52, 0x95, 0xd9, 0x1e, 0x4e, 0x38, 0x44, 0x28, + 0x0a, 0xdf, 0x02, 0xa0, 0x17, 0xf1, 0x60, 0x68, 0x12, 0xb7, 0x7a, 0xc3, 0xe9, 0xfa, 0x3d, 0x53, + 0x96, 0x84, 0x6b, 0xba, 0xf2, 0x63, 0x9a, 0x19, 0x7c, 0xae, 0xe5, 0xf5, 0xf7, 0x16, 0x6a, 0xa2, + 0x39, 0xb6, 0x7b, 0x0f, 0xc1, 0x93, 0x81, 0x1b, 0xee, 0xb4, 0x1a, 0xea, 0xd0, 0x91, 0x2f, 0xb8, + 0x55, 0xb9, 0xda, 0x85, 0x3f, 0x41, 0xbf, 0xe0, 0x5a, 0x58, 0x80, 0x5f, 0x66, 0x0b, 0xd8, 0x90, + 0x35, 0xd5, 0xc0, 0xa7, 0x33, 0x06, 0x65, 0x69, 0x45, 0x00, 0x94, 0x56, 0x6d, 0x98, 0x9b, 0x76, + 0x97, 0xfc, 0xb2, 0xc2, 0xb0, 0xfe, 0xdb, 0x20, 0xe1, 0xeb, 0xd6, 0xe4, 0xdd, 0x47, 0x4a, 0x1d, + 0x42, 0xed, 0x9e, 0x6e, 0x49, 0x3c, 0xcd, 0x43, 0x27, 0xd2, 0x07, 0xd4, 0xde, 0xc7, 0x67, 0x18, + 0x89, 0xcb, 0x30, 0x1f, 0x8d, 0xc6, 0x8f, 0xaa, 0xc8, 0x74, 0xdc, 0xc9, 0x5d, 0x5c, 0x31, 0xa4, + 0x70, 0x88, 0x61, 0x2c, 0x9f, 0x0d, 0x2b, 0x87, 0x50, 0x82, 0x54, 0x64, 0x26, 0x7d, 0x03, 0x40, + 0x34, 0x4b, 0x1c, 0x73, 0xd1, 0xc4, 0xfd, 0x3b, 0xcc, 0xfb, 0x7f, 0xab, 0xe6, 0x3e, 0x5b, 0xa5, + 0xad, 0x04, 0x23, 0x9c, 0x14, 0x51, 0x22, 0xf0, 0x29, 0x79, 0x71, 0x7e, 0xff, 0x8c, 0x0e, 0xe2, + 0x0c, 0xef, 0xbc, 0x72, 0x75, 0x6f, 0x37, 0xa1, 0xec, 0xd3, 0x8e, 0x62, 0x8b, 0x86, 0x10, 0xe8, + 0x08, 0x77, 0x11, 0xbe, 0x92, 0x4f, 0x24, 0xc5, 0x32, 0x36, 0x9d, 0xcf, 0xf3, 0xa6, 0xbb, 0xac, + 0x5e, 0x6c, 0xa9, 0x13, 0x57, 0x25, 0xb5, 0xe3, 0xbd, 0xa8, 0x3a, 0x01, 0x05, 0x59, 0x2a, 0x46 + }; + + private int[] key0, key1, key2, key3; + private bool encrypting; + + /** + * initialise a SKIPJACK cipher. + * + * @param forEncryption whether or not we are for encryption. + * @param parameters the parameters required to set up the cipher. + * @exception ArgumentException if the parameters argument is + * inappropriate. + */ + public virtual void Init( + bool forEncryption, + ICipherParameters parameters) + { + if (!(parameters is KeyParameter)) + throw new ArgumentException("invalid parameter passed to SKIPJACK init - " + Platform.GetTypeName(parameters)); + + byte[] keyBytes = ((KeyParameter)parameters).GetKey(); + + this.encrypting = forEncryption; + this.key0 = new int[32]; + this.key1 = new int[32]; + this.key2 = new int[32]; + this.key3 = new int[32]; + + // + // expand the key to 128 bytes in 4 parts (saving us a modulo, multiply + // and an addition). + // + for (int i = 0; i < 32; i ++) + { + key0[i] = keyBytes[(i * 4) % 10] & 0xff; + key1[i] = keyBytes[(i * 4 + 1) % 10] & 0xff; + key2[i] = keyBytes[(i * 4 + 2) % 10] & 0xff; + key3[i] = keyBytes[(i * 4 + 3) % 10] & 0xff; + } + } + + public virtual string AlgorithmName + { + get { return "SKIPJACK"; } + } + + public virtual bool IsPartialBlockOkay + { + get { return false; } + } + + public virtual int GetBlockSize() + { + return BLOCK_SIZE; + } + + public virtual int ProcessBlock( + byte[] input, + int inOff, + byte[] output, + int outOff) + { + if (key1 == null) + throw new InvalidOperationException("SKIPJACK engine not initialised"); + + Check.DataLength(input, inOff, BLOCK_SIZE, "input buffer too short"); + Check.OutputLength(output, outOff, BLOCK_SIZE, "output buffer too short"); + + if (encrypting) + { + EncryptBlock(input, inOff, output, outOff); + } + else + { + DecryptBlock(input, inOff, output, outOff); + } + + return BLOCK_SIZE; + } + + public virtual void Reset() + { + } + + /** + * The G permutation + */ + private int G( + int k, + int w) + { + int g1, g2, g3, g4, g5, g6; + + g1 = (w >> 8) & 0xff; + g2 = w & 0xff; + + g3 = ftable[g2 ^ key0[k]] ^ g1; + g4 = ftable[g3 ^ key1[k]] ^ g2; + g5 = ftable[g4 ^ key2[k]] ^ g3; + g6 = ftable[g5 ^ key3[k]] ^ g4; + + return ((g5 << 8) + g6); + } + + public virtual int EncryptBlock( + byte[] input, + int inOff, + byte[] outBytes, + int outOff) + { + int w1 = (input[inOff + 0] << 8) + (input[inOff + 1] & 0xff); + int w2 = (input[inOff + 2] << 8) + (input[inOff + 3] & 0xff); + int w3 = (input[inOff + 4] << 8) + (input[inOff + 5] & 0xff); + int w4 = (input[inOff + 6] << 8) + (input[inOff + 7] & 0xff); + + int k = 0; + + for (int t = 0; t < 2; t++) + { + for(int i = 0; i < 8; i++) + { + int tmp = w4; + w4 = w3; + w3 = w2; + w2 = G(k, w1); + w1 = w2 ^ tmp ^ (k + 1); + k++; + } + + for(int i = 0; i < 8; i++) + { + int tmp = w4; + w4 = w3; + w3 = w1 ^ w2 ^ (k + 1); + w2 = G(k, w1); + w1 = tmp; + k++; + } + } + + outBytes[outOff + 0] = (byte)((w1 >> 8)); + outBytes[outOff + 1] = (byte)(w1); + outBytes[outOff + 2] = (byte)((w2 >> 8)); + outBytes[outOff + 3] = (byte)(w2); + outBytes[outOff + 4] = (byte)((w3 >> 8)); + outBytes[outOff + 5] = (byte)(w3); + outBytes[outOff + 6] = (byte)((w4 >> 8)); + outBytes[outOff + 7] = (byte)(w4); + + return BLOCK_SIZE; + } + + /** + * the inverse of the G permutation. + */ + private int H( + int k, + int w) + { + int h1, h2, h3, h4, h5, h6; + + h1 = w & 0xff; + h2 = (w >> 8) & 0xff; + + h3 = ftable[h2 ^ key3[k]] ^ h1; + h4 = ftable[h3 ^ key2[k]] ^ h2; + h5 = ftable[h4 ^ key1[k]] ^ h3; + h6 = ftable[h5 ^ key0[k]] ^ h4; + + return ((h6 << 8) + h5); + } + + public virtual int DecryptBlock( + byte[] input, + int inOff, + byte[] outBytes, + int outOff) + { + int w2 = (input[inOff + 0] << 8) + (input[inOff + 1] & 0xff); + int w1 = (input[inOff + 2] << 8) + (input[inOff + 3] & 0xff); + int w4 = (input[inOff + 4] << 8) + (input[inOff + 5] & 0xff); + int w3 = (input[inOff + 6] << 8) + (input[inOff + 7] & 0xff); + + int k = 31; + + for (int t = 0; t < 2; t++) + { + for(int i = 0; i < 8; i++) + { + int tmp = w4; + w4 = w3; + w3 = w2; + w2 = H(k, w1); + w1 = w2 ^ tmp ^ (k + 1); + k--; + } + + for(int i = 0; i < 8; i++) + { + int tmp = w4; + w4 = w3; + w3 = w1 ^ w2 ^ (k + 1); + w2 = H(k, w1); + w1 = tmp; + k--; + } + } + + outBytes[outOff + 0] = (byte)((w2 >> 8)); + outBytes[outOff + 1] = (byte)(w2); + outBytes[outOff + 2] = (byte)((w1 >> 8)); + outBytes[outOff + 3] = (byte)(w1); + outBytes[outOff + 4] = (byte)((w4 >> 8)); + outBytes[outOff + 5] = (byte)(w4); + outBytes[outOff + 6] = (byte)((w3 >> 8)); + outBytes[outOff + 7] = (byte)(w3); + + return BLOCK_SIZE; + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/engines/TEAEngine.cs b/BouncyCastle/crypto/src/crypto/engines/TEAEngine.cs new file mode 100644 index 0000000..7b70014 --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/engines/TEAEngine.cs @@ -0,0 +1,166 @@ +using System; + +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Crypto.Utilities; +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Crypto.Engines +{ + /** + * An TEA engine. + */ + public class TeaEngine + : IBlockCipher + { + private const int + rounds = 32, + block_size = 8; +// key_size = 16, + + private const uint + delta = 0x9E3779B9, + d_sum = 0xC6EF3720; // sum on decrypt + + /* + * the expanded key array of 4 subkeys + */ + private uint _a, _b, _c, _d; + private bool _initialised; + private bool _forEncryption; + + /** + * Create an instance of the TEA encryption algorithm + * and set some defaults + */ + public TeaEngine() + { + _initialised = false; + } + + public virtual string AlgorithmName + { + get { return "TEA"; } + } + + public virtual bool IsPartialBlockOkay + { + get { return false; } + } + + public virtual int GetBlockSize() + { + return block_size; + } + + /** + * initialise + * + * @param forEncryption whether or not we are for encryption. + * @param params the parameters required to set up the cipher. + * @exception ArgumentException if the params argument is + * inappropriate. + */ + public virtual void Init( + bool forEncryption, + ICipherParameters parameters) + { + if (!(parameters is KeyParameter)) + { + throw new ArgumentException("invalid parameter passed to TEA init - " + + Platform.GetTypeName(parameters)); + } + + _forEncryption = forEncryption; + _initialised = true; + + KeyParameter p = (KeyParameter) parameters; + + setKey(p.GetKey()); + } + + public virtual int ProcessBlock( + byte[] inBytes, + int inOff, + byte[] outBytes, + int outOff) + { + if (!_initialised) + throw new InvalidOperationException(AlgorithmName + " not initialised"); + + Check.DataLength(inBytes, inOff, block_size, "input buffer too short"); + Check.OutputLength(outBytes, outOff, block_size, "output buffer too short"); + + return _forEncryption + ? encryptBlock(inBytes, inOff, outBytes, outOff) + : decryptBlock(inBytes, inOff, outBytes, outOff); + } + + public virtual void Reset() + { + } + + /** + * Re-key the cipher. + * + * @param key the key to be used + */ + private void setKey( + byte[] key) + { + _a = Pack.BE_To_UInt32(key, 0); + _b = Pack.BE_To_UInt32(key, 4); + _c = Pack.BE_To_UInt32(key, 8); + _d = Pack.BE_To_UInt32(key, 12); + } + + private int encryptBlock( + byte[] inBytes, + int inOff, + byte[] outBytes, + int outOff) + { + // Pack bytes into integers + uint v0 = Pack.BE_To_UInt32(inBytes, inOff); + uint v1 = Pack.BE_To_UInt32(inBytes, inOff + 4); + + uint sum = 0; + + for (int i = 0; i != rounds; i++) + { + sum += delta; + v0 += ((v1 << 4) + _a) ^ (v1 + sum) ^ ((v1 >> 5) + _b); + v1 += ((v0 << 4) + _c) ^ (v0 + sum) ^ ((v0 >> 5) + _d); + } + + Pack.UInt32_To_BE(v0, outBytes, outOff); + Pack.UInt32_To_BE(v1, outBytes, outOff + 4); + + return block_size; + } + + private int decryptBlock( + byte[] inBytes, + int inOff, + byte[] outBytes, + int outOff) + { + // Pack bytes into integers + uint v0 = Pack.BE_To_UInt32(inBytes, inOff); + uint v1 = Pack.BE_To_UInt32(inBytes, inOff + 4); + + uint sum = d_sum; + + for (int i = 0; i != rounds; i++) + { + v1 -= ((v0 << 4) + _c) ^ (v0 + sum) ^ ((v0 >> 5) + _d); + v0 -= ((v1 << 4) + _a) ^ (v1 + sum) ^ ((v1 >> 5) + _b); + sum -= delta; + } + + Pack.UInt32_To_BE(v0, outBytes, outOff); + Pack.UInt32_To_BE(v1, outBytes, outOff + 4); + + return block_size; + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/engines/ThreefishEngine.cs b/BouncyCastle/crypto/src/crypto/engines/ThreefishEngine.cs new file mode 100644 index 0000000..eade3cc --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/engines/ThreefishEngine.cs @@ -0,0 +1,1491 @@ +using System; + +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Crypto.Utilities; +using Org.BouncyCastle.Utilities; +using Org.BouncyCastle.Utilities.Encoders; + +namespace Org.BouncyCastle.Crypto.Engines +{ + /// + /// Implementation of the Threefish tweakable large block cipher in 256, 512 and 1024 bit block + /// sizes. + /// + /// + /// This is the 1.3 version of Threefish defined in the Skein hash function submission to the NIST + /// SHA-3 competition in October 2010. + ///

+ /// Threefish was designed by Niels Ferguson - Stefan Lucks - Bruce Schneier - Doug Whiting - Mihir + /// Bellare - Tadayoshi Kohno - Jon Callas - Jesse Walker. + ///

+ /// This implementation inlines all round functions, unrolls 8 rounds, and uses 1.2k of static tables + /// to speed up key schedule injection.
+ /// 2 x block size state is retained by each cipher instance. + /// + public class ThreefishEngine + : IBlockCipher + { + ///

+ /// 256 bit block size - Threefish-256 + /// + public const int BLOCKSIZE_256 = 256; + /// + /// 512 bit block size - Threefish-512 + /// + public const int BLOCKSIZE_512 = 512; + /// + /// 1024 bit block size - Threefish-1024 + /// + public const int BLOCKSIZE_1024 = 1024; + + /** + * Size of the tweak in bytes (always 128 bit/16 bytes) + */ + private const int TWEAK_SIZE_BYTES = 16; + private const int TWEAK_SIZE_WORDS = TWEAK_SIZE_BYTES / 8; + + /** + * Rounds in Threefish-256 + */ + private const int ROUNDS_256 = 72; + /** + * Rounds in Threefish-512 + */ + private const int ROUNDS_512 = 72; + /** + * Rounds in Threefish-1024 + */ + private const int ROUNDS_1024 = 80; + + /** + * Max rounds of any of the variants + */ + private const int MAX_ROUNDS = ROUNDS_1024; + + /** + * Key schedule parity constant + */ + private const ulong C_240 = 0x1BD11BDAA9FC1A22L; + + /* Pre-calculated modulo arithmetic tables for key schedule lookups */ + private static readonly int[] MOD9 = new int[MAX_ROUNDS]; + private static readonly int[] MOD17 = new int[MOD9.Length]; + private static readonly int[] MOD5 = new int[MOD9.Length]; + private static readonly int[] MOD3 = new int[MOD9.Length]; + + static ThreefishEngine() + { + for (int i = 0; i < MOD9.Length; i++) + { + MOD17[i] = i % 17; + MOD9[i] = i % 9; + MOD5[i] = i % 5; + MOD3[i] = i % 3; + } + } + + /** + * Block size in bytes + */ + private readonly int blocksizeBytes; + + /** + * Block size in 64 bit words + */ + private readonly int blocksizeWords; + + /** + * Buffer for byte oriented processBytes to call internal word API + */ + private readonly ulong[] currentBlock; + + /** + * Tweak bytes (2 byte t1,t2, calculated t3 and repeat of t1,t2 for modulo free lookup + */ + private readonly ulong[] t = new ulong[5]; + + /** + * Key schedule words + */ + private readonly ulong[] kw; + + /** + * The internal cipher implementation (varies by blocksize) + */ + private readonly ThreefishCipher cipher; + + private bool forEncryption; + + /// + /// Constructs a new Threefish cipher, with a specified block size. + /// + /// the block size in bits, one of , , + /// . + public ThreefishEngine(int blocksizeBits) + { + this.blocksizeBytes = (blocksizeBits / 8); + this.blocksizeWords = (this.blocksizeBytes / 8); + this.currentBlock = new ulong[blocksizeWords]; + + /* + * Provide room for original key words, extended key word and repeat of key words for modulo + * free lookup of key schedule words. + */ + this.kw = new ulong[2 * blocksizeWords + 1]; + + switch (blocksizeBits) + { + case BLOCKSIZE_256: + cipher = new Threefish256Cipher(kw, t); + break; + case BLOCKSIZE_512: + cipher = new Threefish512Cipher(kw, t); + break; + case BLOCKSIZE_1024: + cipher = new Threefish1024Cipher(kw, t); + break; + default: + throw new ArgumentException( + "Invalid blocksize - Threefish is defined with block size of 256, 512, or 1024 bits"); + } + } + + /// + /// Initialise the engine. + /// + /// Initialise for encryption if true, for decryption if false. + /// an instance of or (to + /// use a 0 tweak) + public virtual void Init(bool forEncryption, ICipherParameters parameters) + { + byte[] keyBytes; + byte[] tweakBytes; + + if (parameters is TweakableBlockCipherParameters) + { + TweakableBlockCipherParameters tParams = (TweakableBlockCipherParameters)parameters; + keyBytes = tParams.Key.GetKey(); + tweakBytes = tParams.Tweak; + } + else if (parameters is KeyParameter) + { + keyBytes = ((KeyParameter)parameters).GetKey(); + tweakBytes = null; + } + else + { + throw new ArgumentException("Invalid parameter passed to Threefish init - " + + Platform.GetTypeName(parameters)); + } + + ulong[] keyWords = null; + ulong[] tweakWords = null; + + if (keyBytes != null) + { + if (keyBytes.Length != this.blocksizeBytes) + { + throw new ArgumentException("Threefish key must be same size as block (" + blocksizeBytes + + " bytes)"); + } + keyWords = new ulong[blocksizeWords]; + for (int i = 0; i < keyWords.Length; i++) + { + keyWords[i] = BytesToWord(keyBytes, i * 8); + } + } + if (tweakBytes != null) + { + if (tweakBytes.Length != TWEAK_SIZE_BYTES) + { + throw new ArgumentException("Threefish tweak must be " + TWEAK_SIZE_BYTES + " bytes"); + } + tweakWords = new ulong[]{BytesToWord(tweakBytes, 0), BytesToWord(tweakBytes, 8)}; + } + Init(forEncryption, keyWords, tweakWords); + } + + /// + /// Initialise the engine, specifying the key and tweak directly. + /// + /// the cipher mode. + /// the words of the key, or null to use the current key. + /// the 2 word (128 bit) tweak, or null to use the current tweak. + internal void Init(bool forEncryption, ulong[] key, ulong[] tweak) + { + this.forEncryption = forEncryption; + if (key != null) + { + SetKey(key); + } + if (tweak != null) + { + SetTweak(tweak); + } + } + + private void SetKey(ulong[] key) + { + if (key.Length != this.blocksizeWords) + { + throw new ArgumentException("Threefish key must be same size as block (" + blocksizeWords + + " words)"); + } + + /* + * Full subkey schedule is deferred to execution to avoid per cipher overhead (10k for 512, + * 20k for 1024). + * + * Key and tweak word sequences are repeated, and static MOD17/MOD9/MOD5/MOD3 calculations + * used, to avoid expensive mod computations during cipher operation. + */ + + ulong knw = C_240; + for (int i = 0; i < blocksizeWords; i++) + { + kw[i] = key[i]; + knw = knw ^ kw[i]; + } + kw[blocksizeWords] = knw; + Array.Copy(kw, 0, kw, blocksizeWords + 1, blocksizeWords); + } + + private void SetTweak(ulong[] tweak) + { + if (tweak.Length != TWEAK_SIZE_WORDS) + { + throw new ArgumentException("Tweak must be " + TWEAK_SIZE_WORDS + " words."); + } + + /* + * Tweak schedule partially repeated to avoid mod computations during cipher operation + */ + t[0] = tweak[0]; + t[1] = tweak[1]; + t[2] = t[0] ^ t[1]; + t[3] = t[0]; + t[4] = t[1]; + } + + public virtual string AlgorithmName + { + get { return "Threefish-" + (blocksizeBytes * 8); } + } + + public virtual bool IsPartialBlockOkay + { + get { return false; } + } + + public virtual int GetBlockSize() + { + return blocksizeBytes; + } + + public virtual void Reset() + { + } + + public virtual int ProcessBlock(byte[] inBytes, int inOff, byte[] outBytes, int outOff) + { + if ((outOff + blocksizeBytes) > outBytes.Length) + { + throw new DataLengthException("Output buffer too short"); + } + + if ((inOff + blocksizeBytes) > inBytes.Length) + { + throw new DataLengthException("Input buffer too short"); + } + + for (int i = 0; i < blocksizeBytes; i += 8) + { + currentBlock[i >> 3] = BytesToWord(inBytes, inOff + i); + } + ProcessBlock(this.currentBlock, this.currentBlock); + for (int i = 0; i < blocksizeBytes; i += 8) + { + WordToBytes(this.currentBlock[i >> 3], outBytes, outOff + i); + } + + return blocksizeBytes; + } + + /// + /// Process a block of data represented as 64 bit words. + /// + /// the number of 8 byte words processed (which will be the same as the block size). + /// a block sized buffer of words to process. + /// a block sized buffer of words to receive the output of the operation. + /// if either the input or output is not block sized + /// if this engine is not initialised + internal int ProcessBlock(ulong[] inWords, ulong[] outWords) + { + if (kw[blocksizeWords] == 0) + { + throw new InvalidOperationException("Threefish engine not initialised"); + } + + if (inWords.Length != blocksizeWords) + { + throw new DataLengthException("Input buffer too short"); + } + if (outWords.Length != blocksizeWords) + { + throw new DataLengthException("Output buffer too short"); + } + + if (forEncryption) + { + cipher.EncryptBlock(inWords, outWords); + } + else + { + cipher.DecryptBlock(inWords, outWords); + } + + return blocksizeWords; + } + + /// + /// Read a single 64 bit word from input in LSB first order. + /// + internal static ulong BytesToWord(byte[] bytes, int off) + { + if ((off + 8) > bytes.Length) + { + // Help the JIT avoid index checks + throw new ArgumentException(); + } + + ulong word = 0; + int index = off; + + word = (bytes[index++] & 0xffUL); + word |= (bytes[index++] & 0xffUL) << 8; + word |= (bytes[index++] & 0xffUL) << 16; + word |= (bytes[index++] & 0xffUL) << 24; + word |= (bytes[index++] & 0xffUL) << 32; + word |= (bytes[index++] & 0xffUL) << 40; + word |= (bytes[index++] & 0xffUL) << 48; + word |= (bytes[index++] & 0xffUL) << 56; + + return word; + } + + /// + /// Write a 64 bit word to output in LSB first order. + /// + internal static void WordToBytes(ulong word, byte[] bytes, int off) + { + if ((off + 8) > bytes.Length) + { + // Help the JIT avoid index checks + throw new ArgumentException(); + } + int index = off; + + bytes[index++] = (byte)word; + bytes[index++] = (byte)(word >> 8); + bytes[index++] = (byte)(word >> 16); + bytes[index++] = (byte)(word >> 24); + bytes[index++] = (byte)(word >> 32); + bytes[index++] = (byte)(word >> 40); + bytes[index++] = (byte)(word >> 48); + bytes[index++] = (byte)(word >> 56); + } + + /** + * Rotate left + xor part of the mix operation. + */ + private static ulong RotlXor(ulong x, int n, ulong xor) + { + return ((x << n) | (x >> (64 - n))) ^ xor; + } + + /** + * Rotate xor + rotate right part of the unmix operation. + */ + private static ulong XorRotr(ulong x, int n, ulong xor) + { + ulong xored = x ^ xor; + return (xored >> n) | (xored << (64 - n)); + } + + private abstract class ThreefishCipher + { + /** + * The extended + repeated tweak words + */ + protected readonly ulong[] t; + /** + * The extended + repeated key words + */ + protected readonly ulong[] kw; + + protected ThreefishCipher(ulong[] kw, ulong[] t) + { + this.kw = kw; + this.t = t; + } + + internal abstract void EncryptBlock(ulong[] block, ulong[] outWords); + + internal abstract void DecryptBlock(ulong[] block, ulong[] outWords); + + } + + private sealed class Threefish256Cipher + : ThreefishCipher + { + /** + * Mix rotation constants defined in Skein 1.3 specification + */ + private const int ROTATION_0_0 = 14, ROTATION_0_1 = 16; + private const int ROTATION_1_0 = 52, ROTATION_1_1 = 57; + private const int ROTATION_2_0 = 23, ROTATION_2_1 = 40; + private const int ROTATION_3_0 = 5, ROTATION_3_1 = 37; + + private const int ROTATION_4_0 = 25, ROTATION_4_1 = 33; + private const int ROTATION_5_0 = 46, ROTATION_5_1 = 12; + private const int ROTATION_6_0 = 58, ROTATION_6_1 = 22; + private const int ROTATION_7_0 = 32, ROTATION_7_1 = 32; + + public Threefish256Cipher(ulong[] kw, ulong[] t) + : base(kw, t) + { + } + + internal override void EncryptBlock(ulong[] block, ulong[] outWords) + { + ulong[] kw = this.kw; + ulong[] t = this.t; + int[] mod5 = MOD5; + int[] mod3 = MOD3; + + /* Help the JIT avoid index bounds checks */ + if (kw.Length != 9) + { + throw new ArgumentException(); + } + if (t.Length != 5) + { + throw new ArgumentException(); + } + + /* + * Read 4 words of plaintext data, not using arrays for cipher state + */ + ulong b0 = block[0]; + ulong b1 = block[1]; + ulong b2 = block[2]; + ulong b3 = block[3]; + + /* + * First subkey injection. + */ + b0 += kw[0]; + b1 += kw[1] + t[0]; + b2 += kw[2] + t[1]; + b3 += kw[3]; + + /* + * Rounds loop, unrolled to 8 rounds per iteration. + * + * Unrolling to multiples of 4 avoids the mod 4 check for key injection, and allows + * inlining of the permutations, which cycle every of 2 rounds (avoiding array + * index/lookup). + * + * Unrolling to multiples of 8 avoids the mod 8 rotation constant lookup, and allows + * inlining constant rotation values (avoiding array index/lookup). + */ + + for (int d = 1; d < (ROUNDS_256 / 4); d += 2) + { + int dm5 = mod5[d]; + int dm3 = mod3[d]; + + /* + * 4 rounds of mix and permute. + * + * Permute schedule has a 2 round cycle, so permutes are inlined in the mix + * operations in each 4 round block. + */ + b1 = RotlXor(b1, ROTATION_0_0, b0 += b1); + b3 = RotlXor(b3, ROTATION_0_1, b2 += b3); + + b3 = RotlXor(b3, ROTATION_1_0, b0 += b3); + b1 = RotlXor(b1, ROTATION_1_1, b2 += b1); + + b1 = RotlXor(b1, ROTATION_2_0, b0 += b1); + b3 = RotlXor(b3, ROTATION_2_1, b2 += b3); + + b3 = RotlXor(b3, ROTATION_3_0, b0 += b3); + b1 = RotlXor(b1, ROTATION_3_1, b2 += b1); + + /* + * Subkey injection for first 4 rounds. + */ + b0 += kw[dm5]; + b1 += kw[dm5 + 1] + t[dm3]; + b2 += kw[dm5 + 2] + t[dm3 + 1]; + b3 += kw[dm5 + 3] + (uint)d; + + /* + * 4 more rounds of mix/permute + */ + b1 = RotlXor(b1, ROTATION_4_0, b0 += b1); + b3 = RotlXor(b3, ROTATION_4_1, b2 += b3); + + b3 = RotlXor(b3, ROTATION_5_0, b0 += b3); + b1 = RotlXor(b1, ROTATION_5_1, b2 += b1); + + b1 = RotlXor(b1, ROTATION_6_0, b0 += b1); + b3 = RotlXor(b3, ROTATION_6_1, b2 += b3); + + b3 = RotlXor(b3, ROTATION_7_0, b0 += b3); + b1 = RotlXor(b1, ROTATION_7_1, b2 += b1); + + /* + * Subkey injection for next 4 rounds. + */ + b0 += kw[dm5 + 1]; + b1 += kw[dm5 + 2] + t[dm3 + 1]; + b2 += kw[dm5 + 3] + t[dm3 + 2]; + b3 += kw[dm5 + 4] + (uint)d + 1; + } + + /* + * Output cipher state. + */ + outWords[0] = b0; + outWords[1] = b1; + outWords[2] = b2; + outWords[3] = b3; + } + + internal override void DecryptBlock(ulong[] block, ulong[] state) + { + ulong[] kw = this.kw; + ulong[] t = this.t; + int[] mod5 = MOD5; + int[] mod3 = MOD3; + + /* Help the JIT avoid index bounds checks */ + if (kw.Length != 9) + { + throw new ArgumentException(); + } + if (t.Length != 5) + { + throw new ArgumentException(); + } + + ulong b0 = block[0]; + ulong b1 = block[1]; + ulong b2 = block[2]; + ulong b3 = block[3]; + + for (int d = (ROUNDS_256 / 4) - 1; d >= 1; d -= 2) + { + int dm5 = mod5[d]; + int dm3 = mod3[d]; + + /* Reverse key injection for second 4 rounds */ + b0 -= kw[dm5 + 1]; + b1 -= kw[dm5 + 2] + t[dm3 + 1]; + b2 -= kw[dm5 + 3] + t[dm3 + 2]; + b3 -= kw[dm5 + 4] + (uint)d + 1; + + /* Reverse second 4 mix/permute rounds */ + + b3 = XorRotr(b3, ROTATION_7_0, b0); + b0 -= b3; + b1 = XorRotr(b1, ROTATION_7_1, b2); + b2 -= b1; + + b1 = XorRotr(b1, ROTATION_6_0, b0); + b0 -= b1; + b3 = XorRotr(b3, ROTATION_6_1, b2); + b2 -= b3; + + b3 = XorRotr(b3, ROTATION_5_0, b0); + b0 -= b3; + b1 = XorRotr(b1, ROTATION_5_1, b2); + b2 -= b1; + + b1 = XorRotr(b1, ROTATION_4_0, b0); + b0 -= b1; + b3 = XorRotr(b3, ROTATION_4_1, b2); + b2 -= b3; + + /* Reverse key injection for first 4 rounds */ + b0 -= kw[dm5]; + b1 -= kw[dm5 + 1] + t[dm3]; + b2 -= kw[dm5 + 2] + t[dm3 + 1]; + b3 -= kw[dm5 + 3] + (uint)d; + + /* Reverse first 4 mix/permute rounds */ + b3 = XorRotr(b3, ROTATION_3_0, b0); + b0 -= b3; + b1 = XorRotr(b1, ROTATION_3_1, b2); + b2 -= b1; + + b1 = XorRotr(b1, ROTATION_2_0, b0); + b0 -= b1; + b3 = XorRotr(b3, ROTATION_2_1, b2); + b2 -= b3; + + b3 = XorRotr(b3, ROTATION_1_0, b0); + b0 -= b3; + b1 = XorRotr(b1, ROTATION_1_1, b2); + b2 -= b1; + + b1 = XorRotr(b1, ROTATION_0_0, b0); + b0 -= b1; + b3 = XorRotr(b3, ROTATION_0_1, b2); + b2 -= b3; + } + + /* + * First subkey uninjection. + */ + b0 -= kw[0]; + b1 -= kw[1] + t[0]; + b2 -= kw[2] + t[1]; + b3 -= kw[3]; + + /* + * Output cipher state. + */ + state[0] = b0; + state[1] = b1; + state[2] = b2; + state[3] = b3; + } + + } + + private sealed class Threefish512Cipher + : ThreefishCipher + { + /** + * Mix rotation constants defined in Skein 1.3 specification + */ + private const int ROTATION_0_0 = 46, ROTATION_0_1 = 36, ROTATION_0_2 = 19, ROTATION_0_3 = 37; + private const int ROTATION_1_0 = 33, ROTATION_1_1 = 27, ROTATION_1_2 = 14, ROTATION_1_3 = 42; + private const int ROTATION_2_0 = 17, ROTATION_2_1 = 49, ROTATION_2_2 = 36, ROTATION_2_3 = 39; + private const int ROTATION_3_0 = 44, ROTATION_3_1 = 9, ROTATION_3_2 = 54, ROTATION_3_3 = 56; + + private const int ROTATION_4_0 = 39, ROTATION_4_1 = 30, ROTATION_4_2 = 34, ROTATION_4_3 = 24; + private const int ROTATION_5_0 = 13, ROTATION_5_1 = 50, ROTATION_5_2 = 10, ROTATION_5_3 = 17; + private const int ROTATION_6_0 = 25, ROTATION_6_1 = 29, ROTATION_6_2 = 39, ROTATION_6_3 = 43; + private const int ROTATION_7_0 = 8, ROTATION_7_1 = 35, ROTATION_7_2 = 56, ROTATION_7_3 = 22; + + internal Threefish512Cipher(ulong[] kw, ulong[] t) + : base(kw, t) + { + } + + internal override void EncryptBlock(ulong[] block, ulong[] outWords) + { + ulong[] kw = this.kw; + ulong[] t = this.t; + int[] mod9 = MOD9; + int[] mod3 = MOD3; + + /* Help the JIT avoid index bounds checks */ + if (kw.Length != 17) + { + throw new ArgumentException(); + } + if (t.Length != 5) + { + throw new ArgumentException(); + } + + /* + * Read 8 words of plaintext data, not using arrays for cipher state + */ + ulong b0 = block[0]; + ulong b1 = block[1]; + ulong b2 = block[2]; + ulong b3 = block[3]; + ulong b4 = block[4]; + ulong b5 = block[5]; + ulong b6 = block[6]; + ulong b7 = block[7]; + + /* + * First subkey injection. + */ + b0 += kw[0]; + b1 += kw[1]; + b2 += kw[2]; + b3 += kw[3]; + b4 += kw[4]; + b5 += kw[5] + t[0]; + b6 += kw[6] + t[1]; + b7 += kw[7]; + + /* + * Rounds loop, unrolled to 8 rounds per iteration. + * + * Unrolling to multiples of 4 avoids the mod 4 check for key injection, and allows + * inlining of the permutations, which cycle every of 4 rounds (avoiding array + * index/lookup). + * + * Unrolling to multiples of 8 avoids the mod 8 rotation constant lookup, and allows + * inlining constant rotation values (avoiding array index/lookup). + */ + + for (int d = 1; d < (ROUNDS_512 / 4); d += 2) + { + int dm9 = mod9[d]; + int dm3 = mod3[d]; + + /* + * 4 rounds of mix and permute. + * + * Permute schedule has a 4 round cycle, so permutes are inlined in the mix + * operations in each 4 round block. + */ + b1 = RotlXor(b1, ROTATION_0_0, b0 += b1); + b3 = RotlXor(b3, ROTATION_0_1, b2 += b3); + b5 = RotlXor(b5, ROTATION_0_2, b4 += b5); + b7 = RotlXor(b7, ROTATION_0_3, b6 += b7); + + b1 = RotlXor(b1, ROTATION_1_0, b2 += b1); + b7 = RotlXor(b7, ROTATION_1_1, b4 += b7); + b5 = RotlXor(b5, ROTATION_1_2, b6 += b5); + b3 = RotlXor(b3, ROTATION_1_3, b0 += b3); + + b1 = RotlXor(b1, ROTATION_2_0, b4 += b1); + b3 = RotlXor(b3, ROTATION_2_1, b6 += b3); + b5 = RotlXor(b5, ROTATION_2_2, b0 += b5); + b7 = RotlXor(b7, ROTATION_2_3, b2 += b7); + + b1 = RotlXor(b1, ROTATION_3_0, b6 += b1); + b7 = RotlXor(b7, ROTATION_3_1, b0 += b7); + b5 = RotlXor(b5, ROTATION_3_2, b2 += b5); + b3 = RotlXor(b3, ROTATION_3_3, b4 += b3); + + /* + * Subkey injection for first 4 rounds. + */ + b0 += kw[dm9]; + b1 += kw[dm9 + 1]; + b2 += kw[dm9 + 2]; + b3 += kw[dm9 + 3]; + b4 += kw[dm9 + 4]; + b5 += kw[dm9 + 5] + t[dm3]; + b6 += kw[dm9 + 6] + t[dm3 + 1]; + b7 += kw[dm9 + 7] + (uint)d; + + /* + * 4 more rounds of mix/permute + */ + b1 = RotlXor(b1, ROTATION_4_0, b0 += b1); + b3 = RotlXor(b3, ROTATION_4_1, b2 += b3); + b5 = RotlXor(b5, ROTATION_4_2, b4 += b5); + b7 = RotlXor(b7, ROTATION_4_3, b6 += b7); + + b1 = RotlXor(b1, ROTATION_5_0, b2 += b1); + b7 = RotlXor(b7, ROTATION_5_1, b4 += b7); + b5 = RotlXor(b5, ROTATION_5_2, b6 += b5); + b3 = RotlXor(b3, ROTATION_5_3, b0 += b3); + + b1 = RotlXor(b1, ROTATION_6_0, b4 += b1); + b3 = RotlXor(b3, ROTATION_6_1, b6 += b3); + b5 = RotlXor(b5, ROTATION_6_2, b0 += b5); + b7 = RotlXor(b7, ROTATION_6_3, b2 += b7); + + b1 = RotlXor(b1, ROTATION_7_0, b6 += b1); + b7 = RotlXor(b7, ROTATION_7_1, b0 += b7); + b5 = RotlXor(b5, ROTATION_7_2, b2 += b5); + b3 = RotlXor(b3, ROTATION_7_3, b4 += b3); + + /* + * Subkey injection for next 4 rounds. + */ + b0 += kw[dm9 + 1]; + b1 += kw[dm9 + 2]; + b2 += kw[dm9 + 3]; + b3 += kw[dm9 + 4]; + b4 += kw[dm9 + 5]; + b5 += kw[dm9 + 6] + t[dm3 + 1]; + b6 += kw[dm9 + 7] + t[dm3 + 2]; + b7 += kw[dm9 + 8] + (uint)d + 1; + } + + /* + * Output cipher state. + */ + outWords[0] = b0; + outWords[1] = b1; + outWords[2] = b2; + outWords[3] = b3; + outWords[4] = b4; + outWords[5] = b5; + outWords[6] = b6; + outWords[7] = b7; + } + + internal override void DecryptBlock(ulong[] block, ulong[] state) + { + ulong[] kw = this.kw; + ulong[] t = this.t; + int[] mod9 = MOD9; + int[] mod3 = MOD3; + + /* Help the JIT avoid index bounds checks */ + if (kw.Length != 17) + { + throw new ArgumentException(); + } + if (t.Length != 5) + { + throw new ArgumentException(); + } + + ulong b0 = block[0]; + ulong b1 = block[1]; + ulong b2 = block[2]; + ulong b3 = block[3]; + ulong b4 = block[4]; + ulong b5 = block[5]; + ulong b6 = block[6]; + ulong b7 = block[7]; + + for (int d = (ROUNDS_512 / 4) - 1; d >= 1; d -= 2) + { + int dm9 = mod9[d]; + int dm3 = mod3[d]; + + /* Reverse key injection for second 4 rounds */ + b0 -= kw[dm9 + 1]; + b1 -= kw[dm9 + 2]; + b2 -= kw[dm9 + 3]; + b3 -= kw[dm9 + 4]; + b4 -= kw[dm9 + 5]; + b5 -= kw[dm9 + 6] + t[dm3 + 1]; + b6 -= kw[dm9 + 7] + t[dm3 + 2]; + b7 -= kw[dm9 + 8] + (uint)d + 1; + + /* Reverse second 4 mix/permute rounds */ + + b1 = XorRotr(b1, ROTATION_7_0, b6); + b6 -= b1; + b7 = XorRotr(b7, ROTATION_7_1, b0); + b0 -= b7; + b5 = XorRotr(b5, ROTATION_7_2, b2); + b2 -= b5; + b3 = XorRotr(b3, ROTATION_7_3, b4); + b4 -= b3; + + b1 = XorRotr(b1, ROTATION_6_0, b4); + b4 -= b1; + b3 = XorRotr(b3, ROTATION_6_1, b6); + b6 -= b3; + b5 = XorRotr(b5, ROTATION_6_2, b0); + b0 -= b5; + b7 = XorRotr(b7, ROTATION_6_3, b2); + b2 -= b7; + + b1 = XorRotr(b1, ROTATION_5_0, b2); + b2 -= b1; + b7 = XorRotr(b7, ROTATION_5_1, b4); + b4 -= b7; + b5 = XorRotr(b5, ROTATION_5_2, b6); + b6 -= b5; + b3 = XorRotr(b3, ROTATION_5_3, b0); + b0 -= b3; + + b1 = XorRotr(b1, ROTATION_4_0, b0); + b0 -= b1; + b3 = XorRotr(b3, ROTATION_4_1, b2); + b2 -= b3; + b5 = XorRotr(b5, ROTATION_4_2, b4); + b4 -= b5; + b7 = XorRotr(b7, ROTATION_4_3, b6); + b6 -= b7; + + /* Reverse key injection for first 4 rounds */ + b0 -= kw[dm9]; + b1 -= kw[dm9 + 1]; + b2 -= kw[dm9 + 2]; + b3 -= kw[dm9 + 3]; + b4 -= kw[dm9 + 4]; + b5 -= kw[dm9 + 5] + t[dm3]; + b6 -= kw[dm9 + 6] + t[dm3 + 1]; + b7 -= kw[dm9 + 7] + (uint)d; + + /* Reverse first 4 mix/permute rounds */ + b1 = XorRotr(b1, ROTATION_3_0, b6); + b6 -= b1; + b7 = XorRotr(b7, ROTATION_3_1, b0); + b0 -= b7; + b5 = XorRotr(b5, ROTATION_3_2, b2); + b2 -= b5; + b3 = XorRotr(b3, ROTATION_3_3, b4); + b4 -= b3; + + b1 = XorRotr(b1, ROTATION_2_0, b4); + b4 -= b1; + b3 = XorRotr(b3, ROTATION_2_1, b6); + b6 -= b3; + b5 = XorRotr(b5, ROTATION_2_2, b0); + b0 -= b5; + b7 = XorRotr(b7, ROTATION_2_3, b2); + b2 -= b7; + + b1 = XorRotr(b1, ROTATION_1_0, b2); + b2 -= b1; + b7 = XorRotr(b7, ROTATION_1_1, b4); + b4 -= b7; + b5 = XorRotr(b5, ROTATION_1_2, b6); + b6 -= b5; + b3 = XorRotr(b3, ROTATION_1_3, b0); + b0 -= b3; + + b1 = XorRotr(b1, ROTATION_0_0, b0); + b0 -= b1; + b3 = XorRotr(b3, ROTATION_0_1, b2); + b2 -= b3; + b5 = XorRotr(b5, ROTATION_0_2, b4); + b4 -= b5; + b7 = XorRotr(b7, ROTATION_0_3, b6); + b6 -= b7; + } + + /* + * First subkey uninjection. + */ + b0 -= kw[0]; + b1 -= kw[1]; + b2 -= kw[2]; + b3 -= kw[3]; + b4 -= kw[4]; + b5 -= kw[5] + t[0]; + b6 -= kw[6] + t[1]; + b7 -= kw[7]; + + /* + * Output cipher state. + */ + state[0] = b0; + state[1] = b1; + state[2] = b2; + state[3] = b3; + state[4] = b4; + state[5] = b5; + state[6] = b6; + state[7] = b7; + } + } + + private sealed class Threefish1024Cipher + : ThreefishCipher + { + /** + * Mix rotation constants defined in Skein 1.3 specification + */ + private const int ROTATION_0_0 = 24, ROTATION_0_1 = 13, ROTATION_0_2 = 8, ROTATION_0_3 = 47; + private const int ROTATION_0_4 = 8, ROTATION_0_5 = 17, ROTATION_0_6 = 22, ROTATION_0_7 = 37; + private const int ROTATION_1_0 = 38, ROTATION_1_1 = 19, ROTATION_1_2 = 10, ROTATION_1_3 = 55; + private const int ROTATION_1_4 = 49, ROTATION_1_5 = 18, ROTATION_1_6 = 23, ROTATION_1_7 = 52; + private const int ROTATION_2_0 = 33, ROTATION_2_1 = 4, ROTATION_2_2 = 51, ROTATION_2_3 = 13; + private const int ROTATION_2_4 = 34, ROTATION_2_5 = 41, ROTATION_2_6 = 59, ROTATION_2_7 = 17; + private const int ROTATION_3_0 = 5, ROTATION_3_1 = 20, ROTATION_3_2 = 48, ROTATION_3_3 = 41; + private const int ROTATION_3_4 = 47, ROTATION_3_5 = 28, ROTATION_3_6 = 16, ROTATION_3_7 = 25; + + private const int ROTATION_4_0 = 41, ROTATION_4_1 = 9, ROTATION_4_2 = 37, ROTATION_4_3 = 31; + private const int ROTATION_4_4 = 12, ROTATION_4_5 = 47, ROTATION_4_6 = 44, ROTATION_4_7 = 30; + private const int ROTATION_5_0 = 16, ROTATION_5_1 = 34, ROTATION_5_2 = 56, ROTATION_5_3 = 51; + private const int ROTATION_5_4 = 4, ROTATION_5_5 = 53, ROTATION_5_6 = 42, ROTATION_5_7 = 41; + private const int ROTATION_6_0 = 31, ROTATION_6_1 = 44, ROTATION_6_2 = 47, ROTATION_6_3 = 46; + private const int ROTATION_6_4 = 19, ROTATION_6_5 = 42, ROTATION_6_6 = 44, ROTATION_6_7 = 25; + private const int ROTATION_7_0 = 9, ROTATION_7_1 = 48, ROTATION_7_2 = 35, ROTATION_7_3 = 52; + private const int ROTATION_7_4 = 23, ROTATION_7_5 = 31, ROTATION_7_6 = 37, ROTATION_7_7 = 20; + + public Threefish1024Cipher(ulong[] kw, ulong[] t) + : base(kw, t) + { + } + + internal override void EncryptBlock(ulong[] block, ulong[] outWords) + { + ulong[] kw = this.kw; + ulong[] t = this.t; + int[] mod17 = MOD17; + int[] mod3 = MOD3; + + /* Help the JIT avoid index bounds checks */ + if (kw.Length != 33) + { + throw new ArgumentException(); + } + if (t.Length != 5) + { + throw new ArgumentException(); + } + + /* + * Read 16 words of plaintext data, not using arrays for cipher state + */ + ulong b0 = block[0]; + ulong b1 = block[1]; + ulong b2 = block[2]; + ulong b3 = block[3]; + ulong b4 = block[4]; + ulong b5 = block[5]; + ulong b6 = block[6]; + ulong b7 = block[7]; + ulong b8 = block[8]; + ulong b9 = block[9]; + ulong b10 = block[10]; + ulong b11 = block[11]; + ulong b12 = block[12]; + ulong b13 = block[13]; + ulong b14 = block[14]; + ulong b15 = block[15]; + + /* + * First subkey injection. + */ + b0 += kw[0]; + b1 += kw[1]; + b2 += kw[2]; + b3 += kw[3]; + b4 += kw[4]; + b5 += kw[5]; + b6 += kw[6]; + b7 += kw[7]; + b8 += kw[8]; + b9 += kw[9]; + b10 += kw[10]; + b11 += kw[11]; + b12 += kw[12]; + b13 += kw[13] + t[0]; + b14 += kw[14] + t[1]; + b15 += kw[15]; + + /* + * Rounds loop, unrolled to 8 rounds per iteration. + * + * Unrolling to multiples of 4 avoids the mod 4 check for key injection, and allows + * inlining of the permutations, which cycle every of 4 rounds (avoiding array + * index/lookup). + * + * Unrolling to multiples of 8 avoids the mod 8 rotation constant lookup, and allows + * inlining constant rotation values (avoiding array index/lookup). + */ + + for (int d = 1; d < (ROUNDS_1024 / 4); d += 2) + { + int dm17 = mod17[d]; + int dm3 = mod3[d]; + + /* + * 4 rounds of mix and permute. + * + * Permute schedule has a 4 round cycle, so permutes are inlined in the mix + * operations in each 4 round block. + */ + b1 = RotlXor(b1, ROTATION_0_0, b0 += b1); + b3 = RotlXor(b3, ROTATION_0_1, b2 += b3); + b5 = RotlXor(b5, ROTATION_0_2, b4 += b5); + b7 = RotlXor(b7, ROTATION_0_3, b6 += b7); + b9 = RotlXor(b9, ROTATION_0_4, b8 += b9); + b11 = RotlXor(b11, ROTATION_0_5, b10 += b11); + b13 = RotlXor(b13, ROTATION_0_6, b12 += b13); + b15 = RotlXor(b15, ROTATION_0_7, b14 += b15); + + b9 = RotlXor(b9, ROTATION_1_0, b0 += b9); + b13 = RotlXor(b13, ROTATION_1_1, b2 += b13); + b11 = RotlXor(b11, ROTATION_1_2, b6 += b11); + b15 = RotlXor(b15, ROTATION_1_3, b4 += b15); + b7 = RotlXor(b7, ROTATION_1_4, b10 += b7); + b3 = RotlXor(b3, ROTATION_1_5, b12 += b3); + b5 = RotlXor(b5, ROTATION_1_6, b14 += b5); + b1 = RotlXor(b1, ROTATION_1_7, b8 += b1); + + b7 = RotlXor(b7, ROTATION_2_0, b0 += b7); + b5 = RotlXor(b5, ROTATION_2_1, b2 += b5); + b3 = RotlXor(b3, ROTATION_2_2, b4 += b3); + b1 = RotlXor(b1, ROTATION_2_3, b6 += b1); + b15 = RotlXor(b15, ROTATION_2_4, b12 += b15); + b13 = RotlXor(b13, ROTATION_2_5, b14 += b13); + b11 = RotlXor(b11, ROTATION_2_6, b8 += b11); + b9 = RotlXor(b9, ROTATION_2_7, b10 += b9); + + b15 = RotlXor(b15, ROTATION_3_0, b0 += b15); + b11 = RotlXor(b11, ROTATION_3_1, b2 += b11); + b13 = RotlXor(b13, ROTATION_3_2, b6 += b13); + b9 = RotlXor(b9, ROTATION_3_3, b4 += b9); + b1 = RotlXor(b1, ROTATION_3_4, b14 += b1); + b5 = RotlXor(b5, ROTATION_3_5, b8 += b5); + b3 = RotlXor(b3, ROTATION_3_6, b10 += b3); + b7 = RotlXor(b7, ROTATION_3_7, b12 += b7); + + /* + * Subkey injection for first 4 rounds. + */ + b0 += kw[dm17]; + b1 += kw[dm17 + 1]; + b2 += kw[dm17 + 2]; + b3 += kw[dm17 + 3]; + b4 += kw[dm17 + 4]; + b5 += kw[dm17 + 5]; + b6 += kw[dm17 + 6]; + b7 += kw[dm17 + 7]; + b8 += kw[dm17 + 8]; + b9 += kw[dm17 + 9]; + b10 += kw[dm17 + 10]; + b11 += kw[dm17 + 11]; + b12 += kw[dm17 + 12]; + b13 += kw[dm17 + 13] + t[dm3]; + b14 += kw[dm17 + 14] + t[dm3 + 1]; + b15 += kw[dm17 + 15] + (uint)d; + + /* + * 4 more rounds of mix/permute + */ + b1 = RotlXor(b1, ROTATION_4_0, b0 += b1); + b3 = RotlXor(b3, ROTATION_4_1, b2 += b3); + b5 = RotlXor(b5, ROTATION_4_2, b4 += b5); + b7 = RotlXor(b7, ROTATION_4_3, b6 += b7); + b9 = RotlXor(b9, ROTATION_4_4, b8 += b9); + b11 = RotlXor(b11, ROTATION_4_5, b10 += b11); + b13 = RotlXor(b13, ROTATION_4_6, b12 += b13); + b15 = RotlXor(b15, ROTATION_4_7, b14 += b15); + + b9 = RotlXor(b9, ROTATION_5_0, b0 += b9); + b13 = RotlXor(b13, ROTATION_5_1, b2 += b13); + b11 = RotlXor(b11, ROTATION_5_2, b6 += b11); + b15 = RotlXor(b15, ROTATION_5_3, b4 += b15); + b7 = RotlXor(b7, ROTATION_5_4, b10 += b7); + b3 = RotlXor(b3, ROTATION_5_5, b12 += b3); + b5 = RotlXor(b5, ROTATION_5_6, b14 += b5); + b1 = RotlXor(b1, ROTATION_5_7, b8 += b1); + + b7 = RotlXor(b7, ROTATION_6_0, b0 += b7); + b5 = RotlXor(b5, ROTATION_6_1, b2 += b5); + b3 = RotlXor(b3, ROTATION_6_2, b4 += b3); + b1 = RotlXor(b1, ROTATION_6_3, b6 += b1); + b15 = RotlXor(b15, ROTATION_6_4, b12 += b15); + b13 = RotlXor(b13, ROTATION_6_5, b14 += b13); + b11 = RotlXor(b11, ROTATION_6_6, b8 += b11); + b9 = RotlXor(b9, ROTATION_6_7, b10 += b9); + + b15 = RotlXor(b15, ROTATION_7_0, b0 += b15); + b11 = RotlXor(b11, ROTATION_7_1, b2 += b11); + b13 = RotlXor(b13, ROTATION_7_2, b6 += b13); + b9 = RotlXor(b9, ROTATION_7_3, b4 += b9); + b1 = RotlXor(b1, ROTATION_7_4, b14 += b1); + b5 = RotlXor(b5, ROTATION_7_5, b8 += b5); + b3 = RotlXor(b3, ROTATION_7_6, b10 += b3); + b7 = RotlXor(b7, ROTATION_7_7, b12 += b7); + + /* + * Subkey injection for next 4 rounds. + */ + b0 += kw[dm17 + 1]; + b1 += kw[dm17 + 2]; + b2 += kw[dm17 + 3]; + b3 += kw[dm17 + 4]; + b4 += kw[dm17 + 5]; + b5 += kw[dm17 + 6]; + b6 += kw[dm17 + 7]; + b7 += kw[dm17 + 8]; + b8 += kw[dm17 + 9]; + b9 += kw[dm17 + 10]; + b10 += kw[dm17 + 11]; + b11 += kw[dm17 + 12]; + b12 += kw[dm17 + 13]; + b13 += kw[dm17 + 14] + t[dm3 + 1]; + b14 += kw[dm17 + 15] + t[dm3 + 2]; + b15 += kw[dm17 + 16] + (uint)d + 1; + + } + + /* + * Output cipher state. + */ + outWords[0] = b0; + outWords[1] = b1; + outWords[2] = b2; + outWords[3] = b3; + outWords[4] = b4; + outWords[5] = b5; + outWords[6] = b6; + outWords[7] = b7; + outWords[8] = b8; + outWords[9] = b9; + outWords[10] = b10; + outWords[11] = b11; + outWords[12] = b12; + outWords[13] = b13; + outWords[14] = b14; + outWords[15] = b15; + } + + internal override void DecryptBlock(ulong[] block, ulong[] state) + { + ulong[] kw = this.kw; + ulong[] t = this.t; + int[] mod17 = MOD17; + int[] mod3 = MOD3; + + /* Help the JIT avoid index bounds checks */ + if (kw.Length != 33) + { + throw new ArgumentException(); + } + if (t.Length != 5) + { + throw new ArgumentException(); + } + + ulong b0 = block[0]; + ulong b1 = block[1]; + ulong b2 = block[2]; + ulong b3 = block[3]; + ulong b4 = block[4]; + ulong b5 = block[5]; + ulong b6 = block[6]; + ulong b7 = block[7]; + ulong b8 = block[8]; + ulong b9 = block[9]; + ulong b10 = block[10]; + ulong b11 = block[11]; + ulong b12 = block[12]; + ulong b13 = block[13]; + ulong b14 = block[14]; + ulong b15 = block[15]; + + for (int d = (ROUNDS_1024 / 4) - 1; d >= 1; d -= 2) + { + int dm17 = mod17[d]; + int dm3 = mod3[d]; + + /* Reverse key injection for second 4 rounds */ + b0 -= kw[dm17 + 1]; + b1 -= kw[dm17 + 2]; + b2 -= kw[dm17 + 3]; + b3 -= kw[dm17 + 4]; + b4 -= kw[dm17 + 5]; + b5 -= kw[dm17 + 6]; + b6 -= kw[dm17 + 7]; + b7 -= kw[dm17 + 8]; + b8 -= kw[dm17 + 9]; + b9 -= kw[dm17 + 10]; + b10 -= kw[dm17 + 11]; + b11 -= kw[dm17 + 12]; + b12 -= kw[dm17 + 13]; + b13 -= kw[dm17 + 14] + t[dm3 + 1]; + b14 -= kw[dm17 + 15] + t[dm3 + 2]; + b15 -= kw[dm17 + 16] + (uint)d + 1; + + /* Reverse second 4 mix/permute rounds */ + b15 = XorRotr(b15, ROTATION_7_0, b0); + b0 -= b15; + b11 = XorRotr(b11, ROTATION_7_1, b2); + b2 -= b11; + b13 = XorRotr(b13, ROTATION_7_2, b6); + b6 -= b13; + b9 = XorRotr(b9, ROTATION_7_3, b4); + b4 -= b9; + b1 = XorRotr(b1, ROTATION_7_4, b14); + b14 -= b1; + b5 = XorRotr(b5, ROTATION_7_5, b8); + b8 -= b5; + b3 = XorRotr(b3, ROTATION_7_6, b10); + b10 -= b3; + b7 = XorRotr(b7, ROTATION_7_7, b12); + b12 -= b7; + + b7 = XorRotr(b7, ROTATION_6_0, b0); + b0 -= b7; + b5 = XorRotr(b5, ROTATION_6_1, b2); + b2 -= b5; + b3 = XorRotr(b3, ROTATION_6_2, b4); + b4 -= b3; + b1 = XorRotr(b1, ROTATION_6_3, b6); + b6 -= b1; + b15 = XorRotr(b15, ROTATION_6_4, b12); + b12 -= b15; + b13 = XorRotr(b13, ROTATION_6_5, b14); + b14 -= b13; + b11 = XorRotr(b11, ROTATION_6_6, b8); + b8 -= b11; + b9 = XorRotr(b9, ROTATION_6_7, b10); + b10 -= b9; + + b9 = XorRotr(b9, ROTATION_5_0, b0); + b0 -= b9; + b13 = XorRotr(b13, ROTATION_5_1, b2); + b2 -= b13; + b11 = XorRotr(b11, ROTATION_5_2, b6); + b6 -= b11; + b15 = XorRotr(b15, ROTATION_5_3, b4); + b4 -= b15; + b7 = XorRotr(b7, ROTATION_5_4, b10); + b10 -= b7; + b3 = XorRotr(b3, ROTATION_5_5, b12); + b12 -= b3; + b5 = XorRotr(b5, ROTATION_5_6, b14); + b14 -= b5; + b1 = XorRotr(b1, ROTATION_5_7, b8); + b8 -= b1; + + b1 = XorRotr(b1, ROTATION_4_0, b0); + b0 -= b1; + b3 = XorRotr(b3, ROTATION_4_1, b2); + b2 -= b3; + b5 = XorRotr(b5, ROTATION_4_2, b4); + b4 -= b5; + b7 = XorRotr(b7, ROTATION_4_3, b6); + b6 -= b7; + b9 = XorRotr(b9, ROTATION_4_4, b8); + b8 -= b9; + b11 = XorRotr(b11, ROTATION_4_5, b10); + b10 -= b11; + b13 = XorRotr(b13, ROTATION_4_6, b12); + b12 -= b13; + b15 = XorRotr(b15, ROTATION_4_7, b14); + b14 -= b15; + + /* Reverse key injection for first 4 rounds */ + b0 -= kw[dm17]; + b1 -= kw[dm17 + 1]; + b2 -= kw[dm17 + 2]; + b3 -= kw[dm17 + 3]; + b4 -= kw[dm17 + 4]; + b5 -= kw[dm17 + 5]; + b6 -= kw[dm17 + 6]; + b7 -= kw[dm17 + 7]; + b8 -= kw[dm17 + 8]; + b9 -= kw[dm17 + 9]; + b10 -= kw[dm17 + 10]; + b11 -= kw[dm17 + 11]; + b12 -= kw[dm17 + 12]; + b13 -= kw[dm17 + 13] + t[dm3]; + b14 -= kw[dm17 + 14] + t[dm3 + 1]; + b15 -= kw[dm17 + 15] + (uint)d; + + /* Reverse first 4 mix/permute rounds */ + b15 = XorRotr(b15, ROTATION_3_0, b0); + b0 -= b15; + b11 = XorRotr(b11, ROTATION_3_1, b2); + b2 -= b11; + b13 = XorRotr(b13, ROTATION_3_2, b6); + b6 -= b13; + b9 = XorRotr(b9, ROTATION_3_3, b4); + b4 -= b9; + b1 = XorRotr(b1, ROTATION_3_4, b14); + b14 -= b1; + b5 = XorRotr(b5, ROTATION_3_5, b8); + b8 -= b5; + b3 = XorRotr(b3, ROTATION_3_6, b10); + b10 -= b3; + b7 = XorRotr(b7, ROTATION_3_7, b12); + b12 -= b7; + + b7 = XorRotr(b7, ROTATION_2_0, b0); + b0 -= b7; + b5 = XorRotr(b5, ROTATION_2_1, b2); + b2 -= b5; + b3 = XorRotr(b3, ROTATION_2_2, b4); + b4 -= b3; + b1 = XorRotr(b1, ROTATION_2_3, b6); + b6 -= b1; + b15 = XorRotr(b15, ROTATION_2_4, b12); + b12 -= b15; + b13 = XorRotr(b13, ROTATION_2_5, b14); + b14 -= b13; + b11 = XorRotr(b11, ROTATION_2_6, b8); + b8 -= b11; + b9 = XorRotr(b9, ROTATION_2_7, b10); + b10 -= b9; + + b9 = XorRotr(b9, ROTATION_1_0, b0); + b0 -= b9; + b13 = XorRotr(b13, ROTATION_1_1, b2); + b2 -= b13; + b11 = XorRotr(b11, ROTATION_1_2, b6); + b6 -= b11; + b15 = XorRotr(b15, ROTATION_1_3, b4); + b4 -= b15; + b7 = XorRotr(b7, ROTATION_1_4, b10); + b10 -= b7; + b3 = XorRotr(b3, ROTATION_1_5, b12); + b12 -= b3; + b5 = XorRotr(b5, ROTATION_1_6, b14); + b14 -= b5; + b1 = XorRotr(b1, ROTATION_1_7, b8); + b8 -= b1; + + b1 = XorRotr(b1, ROTATION_0_0, b0); + b0 -= b1; + b3 = XorRotr(b3, ROTATION_0_1, b2); + b2 -= b3; + b5 = XorRotr(b5, ROTATION_0_2, b4); + b4 -= b5; + b7 = XorRotr(b7, ROTATION_0_3, b6); + b6 -= b7; + b9 = XorRotr(b9, ROTATION_0_4, b8); + b8 -= b9; + b11 = XorRotr(b11, ROTATION_0_5, b10); + b10 -= b11; + b13 = XorRotr(b13, ROTATION_0_6, b12); + b12 -= b13; + b15 = XorRotr(b15, ROTATION_0_7, b14); + b14 -= b15; + } + + /* + * First subkey uninjection. + */ + b0 -= kw[0]; + b1 -= kw[1]; + b2 -= kw[2]; + b3 -= kw[3]; + b4 -= kw[4]; + b5 -= kw[5]; + b6 -= kw[6]; + b7 -= kw[7]; + b8 -= kw[8]; + b9 -= kw[9]; + b10 -= kw[10]; + b11 -= kw[11]; + b12 -= kw[12]; + b13 -= kw[13] + t[0]; + b14 -= kw[14] + t[1]; + b15 -= kw[15]; + + /* + * Output cipher state. + */ + state[0] = b0; + state[1] = b1; + state[2] = b2; + state[3] = b3; + state[4] = b4; + state[5] = b5; + state[6] = b6; + state[7] = b7; + state[8] = b8; + state[9] = b9; + state[10] = b10; + state[11] = b11; + state[12] = b12; + state[13] = b13; + state[14] = b14; + state[15] = b15; + } + + } + + } +} \ No newline at end of file diff --git a/BouncyCastle/crypto/src/crypto/engines/TnepresEngine.cs b/BouncyCastle/crypto/src/crypto/engines/TnepresEngine.cs new file mode 100644 index 0000000..ce687d1 --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/engines/TnepresEngine.cs @@ -0,0 +1,299 @@ +using System; + +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Crypto.Utilities; + +namespace Org.BouncyCastle.Crypto.Engines +{ + /** + * Tnepres is a 128-bit 32-round block cipher with variable key lengths, + * including 128, 192 and 256 bit keys conjectured to be at least as + * secure as three-key triple-DES. + *

+ * Tnepres is based on Serpent which was designed by Ross Anderson, Eli Biham and Lars Knudsen as a + * candidate algorithm for the NIST AES Quest. Unfortunately there was an endianness issue + * with test vectors in the AES submission and the resulting confusion lead to the Tnepres cipher + * as well, which is a byte swapped version of Serpent. + *

+ *

+ * For full details see The Serpent home page + *

+ */ + public sealed class TnepresEngine + : SerpentEngineBase + { + public override string AlgorithmName + { + get { return "Tnepres"; } + } + + /** + * Expand a user-supplied key material into a session key. + * + * @param key The user-key bytes (multiples of 4) to use. + * @exception ArgumentException + */ + protected override int[] MakeWorkingKey(byte[] key) + { + // + // pad key to 256 bits + // + int[] kPad = new int[16]; + int off = 0; + int length = 0; + + for (off = key.Length - 4; off > 0; off -= 4) + { + kPad[length++] = (int)Pack.BE_To_UInt32(key, off); + } + + if (off == 0) + { + kPad[length++] = (int)Pack.BE_To_UInt32(key, 0); + if (length < 8) + { + kPad[length] = 1; + } + } + else + { + throw new ArgumentException("key must be a multiple of 4 bytes"); + } + + // + // expand the padded key up to 33 x 128 bits of key material + // + int amount = (ROUNDS + 1) * 4; + int[] w = new int[amount]; + + // + // compute w0 to w7 from w-8 to w-1 + // + for (int i = 8; i < 16; i++) + { + kPad[i] = RotateLeft(kPad[i - 8] ^ kPad[i - 5] ^ kPad[i - 3] ^ kPad[i - 1] ^ PHI ^ (i - 8), 11); + } + + Array.Copy(kPad, 8, w, 0, 8); + + // + // compute w8 to w136 + // + for (int i = 8; i < amount; i++) + { + w[i] = RotateLeft(w[i - 8] ^ w[i - 5] ^ w[i - 3] ^ w[i - 1] ^ PHI ^ i, 11); + } + + // + // create the working keys by processing w with the Sbox and IP + // + Sb3(w[0], w[1], w[2], w[3]); + w[0] = X0; w[1] = X1; w[2] = X2; w[3] = X3; + Sb2(w[4], w[5], w[6], w[7]); + w[4] = X0; w[5] = X1; w[6] = X2; w[7] = X3; + Sb1(w[8], w[9], w[10], w[11]); + w[8] = X0; w[9] = X1; w[10] = X2; w[11] = X3; + Sb0(w[12], w[13], w[14], w[15]); + w[12] = X0; w[13] = X1; w[14] = X2; w[15] = X3; + Sb7(w[16], w[17], w[18], w[19]); + w[16] = X0; w[17] = X1; w[18] = X2; w[19] = X3; + Sb6(w[20], w[21], w[22], w[23]); + w[20] = X0; w[21] = X1; w[22] = X2; w[23] = X3; + Sb5(w[24], w[25], w[26], w[27]); + w[24] = X0; w[25] = X1; w[26] = X2; w[27] = X3; + Sb4(w[28], w[29], w[30], w[31]); + w[28] = X0; w[29] = X1; w[30] = X2; w[31] = X3; + Sb3(w[32], w[33], w[34], w[35]); + w[32] = X0; w[33] = X1; w[34] = X2; w[35] = X3; + Sb2(w[36], w[37], w[38], w[39]); + w[36] = X0; w[37] = X1; w[38] = X2; w[39] = X3; + Sb1(w[40], w[41], w[42], w[43]); + w[40] = X0; w[41] = X1; w[42] = X2; w[43] = X3; + Sb0(w[44], w[45], w[46], w[47]); + w[44] = X0; w[45] = X1; w[46] = X2; w[47] = X3; + Sb7(w[48], w[49], w[50], w[51]); + w[48] = X0; w[49] = X1; w[50] = X2; w[51] = X3; + Sb6(w[52], w[53], w[54], w[55]); + w[52] = X0; w[53] = X1; w[54] = X2; w[55] = X3; + Sb5(w[56], w[57], w[58], w[59]); + w[56] = X0; w[57] = X1; w[58] = X2; w[59] = X3; + Sb4(w[60], w[61], w[62], w[63]); + w[60] = X0; w[61] = X1; w[62] = X2; w[63] = X3; + Sb3(w[64], w[65], w[66], w[67]); + w[64] = X0; w[65] = X1; w[66] = X2; w[67] = X3; + Sb2(w[68], w[69], w[70], w[71]); + w[68] = X0; w[69] = X1; w[70] = X2; w[71] = X3; + Sb1(w[72], w[73], w[74], w[75]); + w[72] = X0; w[73] = X1; w[74] = X2; w[75] = X3; + Sb0(w[76], w[77], w[78], w[79]); + w[76] = X0; w[77] = X1; w[78] = X2; w[79] = X3; + Sb7(w[80], w[81], w[82], w[83]); + w[80] = X0; w[81] = X1; w[82] = X2; w[83] = X3; + Sb6(w[84], w[85], w[86], w[87]); + w[84] = X0; w[85] = X1; w[86] = X2; w[87] = X3; + Sb5(w[88], w[89], w[90], w[91]); + w[88] = X0; w[89] = X1; w[90] = X2; w[91] = X3; + Sb4(w[92], w[93], w[94], w[95]); + w[92] = X0; w[93] = X1; w[94] = X2; w[95] = X3; + Sb3(w[96], w[97], w[98], w[99]); + w[96] = X0; w[97] = X1; w[98] = X2; w[99] = X3; + Sb2(w[100], w[101], w[102], w[103]); + w[100] = X0; w[101] = X1; w[102] = X2; w[103] = X3; + Sb1(w[104], w[105], w[106], w[107]); + w[104] = X0; w[105] = X1; w[106] = X2; w[107] = X3; + Sb0(w[108], w[109], w[110], w[111]); + w[108] = X0; w[109] = X1; w[110] = X2; w[111] = X3; + Sb7(w[112], w[113], w[114], w[115]); + w[112] = X0; w[113] = X1; w[114] = X2; w[115] = X3; + Sb6(w[116], w[117], w[118], w[119]); + w[116] = X0; w[117] = X1; w[118] = X2; w[119] = X3; + Sb5(w[120], w[121], w[122], w[123]); + w[120] = X0; w[121] = X1; w[122] = X2; w[123] = X3; + Sb4(w[124], w[125], w[126], w[127]); + w[124] = X0; w[125] = X1; w[126] = X2; w[127] = X3; + Sb3(w[128], w[129], w[130], w[131]); + w[128] = X0; w[129] = X1; w[130] = X2; w[131] = X3; + + return w; + } + + /** + * Encrypt one block of plaintext. + * + * @param input the array containing the input data. + * @param inOff offset into the in array the data starts at. + * @param output the array the output data will be copied into. + * @param outOff the offset into the out array the output will start at. + */ + protected override void EncryptBlock(byte[] input, int inOff, byte[] output, int outOff) + { + X3 = (int)Pack.BE_To_UInt32(input, inOff); + X2 = (int)Pack.BE_To_UInt32(input, inOff + 4); + X1 = (int)Pack.BE_To_UInt32(input, inOff + 8); + X0 = (int)Pack.BE_To_UInt32(input, inOff + 12); + + Sb0(wKey[0] ^ X0, wKey[1] ^ X1, wKey[2] ^ X2, wKey[3] ^ X3); LT(); + Sb1(wKey[4] ^ X0, wKey[5] ^ X1, wKey[6] ^ X2, wKey[7] ^ X3); LT(); + Sb2(wKey[8] ^ X0, wKey[9] ^ X1, wKey[10] ^ X2, wKey[11] ^ X3); LT(); + Sb3(wKey[12] ^ X0, wKey[13] ^ X1, wKey[14] ^ X2, wKey[15] ^ X3); LT(); + Sb4(wKey[16] ^ X0, wKey[17] ^ X1, wKey[18] ^ X2, wKey[19] ^ X3); LT(); + Sb5(wKey[20] ^ X0, wKey[21] ^ X1, wKey[22] ^ X2, wKey[23] ^ X3); LT(); + Sb6(wKey[24] ^ X0, wKey[25] ^ X1, wKey[26] ^ X2, wKey[27] ^ X3); LT(); + Sb7(wKey[28] ^ X0, wKey[29] ^ X1, wKey[30] ^ X2, wKey[31] ^ X3); LT(); + Sb0(wKey[32] ^ X0, wKey[33] ^ X1, wKey[34] ^ X2, wKey[35] ^ X3); LT(); + Sb1(wKey[36] ^ X0, wKey[37] ^ X1, wKey[38] ^ X2, wKey[39] ^ X3); LT(); + Sb2(wKey[40] ^ X0, wKey[41] ^ X1, wKey[42] ^ X2, wKey[43] ^ X3); LT(); + Sb3(wKey[44] ^ X0, wKey[45] ^ X1, wKey[46] ^ X2, wKey[47] ^ X3); LT(); + Sb4(wKey[48] ^ X0, wKey[49] ^ X1, wKey[50] ^ X2, wKey[51] ^ X3); LT(); + Sb5(wKey[52] ^ X0, wKey[53] ^ X1, wKey[54] ^ X2, wKey[55] ^ X3); LT(); + Sb6(wKey[56] ^ X0, wKey[57] ^ X1, wKey[58] ^ X2, wKey[59] ^ X3); LT(); + Sb7(wKey[60] ^ X0, wKey[61] ^ X1, wKey[62] ^ X2, wKey[63] ^ X3); LT(); + Sb0(wKey[64] ^ X0, wKey[65] ^ X1, wKey[66] ^ X2, wKey[67] ^ X3); LT(); + Sb1(wKey[68] ^ X0, wKey[69] ^ X1, wKey[70] ^ X2, wKey[71] ^ X3); LT(); + Sb2(wKey[72] ^ X0, wKey[73] ^ X1, wKey[74] ^ X2, wKey[75] ^ X3); LT(); + Sb3(wKey[76] ^ X0, wKey[77] ^ X1, wKey[78] ^ X2, wKey[79] ^ X3); LT(); + Sb4(wKey[80] ^ X0, wKey[81] ^ X1, wKey[82] ^ X2, wKey[83] ^ X3); LT(); + Sb5(wKey[84] ^ X0, wKey[85] ^ X1, wKey[86] ^ X2, wKey[87] ^ X3); LT(); + Sb6(wKey[88] ^ X0, wKey[89] ^ X1, wKey[90] ^ X2, wKey[91] ^ X3); LT(); + Sb7(wKey[92] ^ X0, wKey[93] ^ X1, wKey[94] ^ X2, wKey[95] ^ X3); LT(); + Sb0(wKey[96] ^ X0, wKey[97] ^ X1, wKey[98] ^ X2, wKey[99] ^ X3); LT(); + Sb1(wKey[100] ^ X0, wKey[101] ^ X1, wKey[102] ^ X2, wKey[103] ^ X3); LT(); + Sb2(wKey[104] ^ X0, wKey[105] ^ X1, wKey[106] ^ X2, wKey[107] ^ X3); LT(); + Sb3(wKey[108] ^ X0, wKey[109] ^ X1, wKey[110] ^ X2, wKey[111] ^ X3); LT(); + Sb4(wKey[112] ^ X0, wKey[113] ^ X1, wKey[114] ^ X2, wKey[115] ^ X3); LT(); + Sb5(wKey[116] ^ X0, wKey[117] ^ X1, wKey[118] ^ X2, wKey[119] ^ X3); LT(); + Sb6(wKey[120] ^ X0, wKey[121] ^ X1, wKey[122] ^ X2, wKey[123] ^ X3); LT(); + Sb7(wKey[124] ^ X0, wKey[125] ^ X1, wKey[126] ^ X2, wKey[127] ^ X3); + + Pack.UInt32_To_BE((uint)(wKey[131] ^ X3), output, outOff); + Pack.UInt32_To_BE((uint)(wKey[130] ^ X2), output, outOff + 4); + Pack.UInt32_To_BE((uint)(wKey[129] ^ X1), output, outOff + 8); + Pack.UInt32_To_BE((uint)(wKey[128] ^ X0), output, outOff + 12); + } + + /** + * Decrypt one block of ciphertext. + * + * @param input the array containing the input data. + * @param inOff offset into the in array the data starts at. + * @param output the array the output data will be copied into. + * @param outOff the offset into the out array the output will start at. + */ + protected override void DecryptBlock(byte[] input, int inOff, byte[] output, int outOff) + { + X3 = wKey[131] ^ (int)Pack.BE_To_UInt32(input, inOff); + X2 = wKey[130] ^ (int)Pack.BE_To_UInt32(input, inOff + 4); + X1 = wKey[129] ^ (int)Pack.BE_To_UInt32(input, inOff + 8); + X0 = wKey[128] ^ (int)Pack.BE_To_UInt32(input, inOff + 12); + + Ib7(X0, X1, X2, X3); + X0 ^= wKey[124]; X1 ^= wKey[125]; X2 ^= wKey[126]; X3 ^= wKey[127]; + InverseLT(); Ib6(X0, X1, X2, X3); + X0 ^= wKey[120]; X1 ^= wKey[121]; X2 ^= wKey[122]; X3 ^= wKey[123]; + InverseLT(); Ib5(X0, X1, X2, X3); + X0 ^= wKey[116]; X1 ^= wKey[117]; X2 ^= wKey[118]; X3 ^= wKey[119]; + InverseLT(); Ib4(X0, X1, X2, X3); + X0 ^= wKey[112]; X1 ^= wKey[113]; X2 ^= wKey[114]; X3 ^= wKey[115]; + InverseLT(); Ib3(X0, X1, X2, X3); + X0 ^= wKey[108]; X1 ^= wKey[109]; X2 ^= wKey[110]; X3 ^= wKey[111]; + InverseLT(); Ib2(X0, X1, X2, X3); + X0 ^= wKey[104]; X1 ^= wKey[105]; X2 ^= wKey[106]; X3 ^= wKey[107]; + InverseLT(); Ib1(X0, X1, X2, X3); + X0 ^= wKey[100]; X1 ^= wKey[101]; X2 ^= wKey[102]; X3 ^= wKey[103]; + InverseLT(); Ib0(X0, X1, X2, X3); + X0 ^= wKey[96]; X1 ^= wKey[97]; X2 ^= wKey[98]; X3 ^= wKey[99]; + InverseLT(); Ib7(X0, X1, X2, X3); + X0 ^= wKey[92]; X1 ^= wKey[93]; X2 ^= wKey[94]; X3 ^= wKey[95]; + InverseLT(); Ib6(X0, X1, X2, X3); + X0 ^= wKey[88]; X1 ^= wKey[89]; X2 ^= wKey[90]; X3 ^= wKey[91]; + InverseLT(); Ib5(X0, X1, X2, X3); + X0 ^= wKey[84]; X1 ^= wKey[85]; X2 ^= wKey[86]; X3 ^= wKey[87]; + InverseLT(); Ib4(X0, X1, X2, X3); + X0 ^= wKey[80]; X1 ^= wKey[81]; X2 ^= wKey[82]; X3 ^= wKey[83]; + InverseLT(); Ib3(X0, X1, X2, X3); + X0 ^= wKey[76]; X1 ^= wKey[77]; X2 ^= wKey[78]; X3 ^= wKey[79]; + InverseLT(); Ib2(X0, X1, X2, X3); + X0 ^= wKey[72]; X1 ^= wKey[73]; X2 ^= wKey[74]; X3 ^= wKey[75]; + InverseLT(); Ib1(X0, X1, X2, X3); + X0 ^= wKey[68]; X1 ^= wKey[69]; X2 ^= wKey[70]; X3 ^= wKey[71]; + InverseLT(); Ib0(X0, X1, X2, X3); + X0 ^= wKey[64]; X1 ^= wKey[65]; X2 ^= wKey[66]; X3 ^= wKey[67]; + InverseLT(); Ib7(X0, X1, X2, X3); + X0 ^= wKey[60]; X1 ^= wKey[61]; X2 ^= wKey[62]; X3 ^= wKey[63]; + InverseLT(); Ib6(X0, X1, X2, X3); + X0 ^= wKey[56]; X1 ^= wKey[57]; X2 ^= wKey[58]; X3 ^= wKey[59]; + InverseLT(); Ib5(X0, X1, X2, X3); + X0 ^= wKey[52]; X1 ^= wKey[53]; X2 ^= wKey[54]; X3 ^= wKey[55]; + InverseLT(); Ib4(X0, X1, X2, X3); + X0 ^= wKey[48]; X1 ^= wKey[49]; X2 ^= wKey[50]; X3 ^= wKey[51]; + InverseLT(); Ib3(X0, X1, X2, X3); + X0 ^= wKey[44]; X1 ^= wKey[45]; X2 ^= wKey[46]; X3 ^= wKey[47]; + InverseLT(); Ib2(X0, X1, X2, X3); + X0 ^= wKey[40]; X1 ^= wKey[41]; X2 ^= wKey[42]; X3 ^= wKey[43]; + InverseLT(); Ib1(X0, X1, X2, X3); + X0 ^= wKey[36]; X1 ^= wKey[37]; X2 ^= wKey[38]; X3 ^= wKey[39]; + InverseLT(); Ib0(X0, X1, X2, X3); + X0 ^= wKey[32]; X1 ^= wKey[33]; X2 ^= wKey[34]; X3 ^= wKey[35]; + InverseLT(); Ib7(X0, X1, X2, X3); + X0 ^= wKey[28]; X1 ^= wKey[29]; X2 ^= wKey[30]; X3 ^= wKey[31]; + InverseLT(); Ib6(X0, X1, X2, X3); + X0 ^= wKey[24]; X1 ^= wKey[25]; X2 ^= wKey[26]; X3 ^= wKey[27]; + InverseLT(); Ib5(X0, X1, X2, X3); + X0 ^= wKey[20]; X1 ^= wKey[21]; X2 ^= wKey[22]; X3 ^= wKey[23]; + InverseLT(); Ib4(X0, X1, X2, X3); + X0 ^= wKey[16]; X1 ^= wKey[17]; X2 ^= wKey[18]; X3 ^= wKey[19]; + InverseLT(); Ib3(X0, X1, X2, X3); + X0 ^= wKey[12]; X1 ^= wKey[13]; X2 ^= wKey[14]; X3 ^= wKey[15]; + InverseLT(); Ib2(X0, X1, X2, X3); + X0 ^= wKey[8]; X1 ^= wKey[9]; X2 ^= wKey[10]; X3 ^= wKey[11]; + InverseLT(); Ib1(X0, X1, X2, X3); + X0 ^= wKey[4]; X1 ^= wKey[5]; X2 ^= wKey[6]; X3 ^= wKey[7]; + InverseLT(); Ib0(X0, X1, X2, X3); + + Pack.UInt32_To_BE((uint)(X3 ^ wKey[3]), output, outOff); + Pack.UInt32_To_BE((uint)(X2 ^ wKey[2]), output, outOff + 4); + Pack.UInt32_To_BE((uint)(X1 ^ wKey[1]), output, outOff + 8); + Pack.UInt32_To_BE((uint)(X0 ^ wKey[0]), output, outOff + 12); + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/engines/TwofishEngine.cs b/BouncyCastle/crypto/src/crypto/engines/TwofishEngine.cs new file mode 100644 index 0000000..0758451 --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/engines/TwofishEngine.cs @@ -0,0 +1,659 @@ +using System; + +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Crypto.Utilities; +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Crypto.Engines +{ + /** + * A class that provides Twofish encryption operations. + * + * This Java implementation is based on the Java reference + * implementation provided by Bruce Schneier and developed + * by Raif S. Naffah. + */ + public sealed class TwofishEngine + : IBlockCipher + { + private static readonly byte[,] P = { + { // p0 + (byte) 0xA9, (byte) 0x67, (byte) 0xB3, (byte) 0xE8, + (byte) 0x04, (byte) 0xFD, (byte) 0xA3, (byte) 0x76, + (byte) 0x9A, (byte) 0x92, (byte) 0x80, (byte) 0x78, + (byte) 0xE4, (byte) 0xDD, (byte) 0xD1, (byte) 0x38, + (byte) 0x0D, (byte) 0xC6, (byte) 0x35, (byte) 0x98, + (byte) 0x18, (byte) 0xF7, (byte) 0xEC, (byte) 0x6C, + (byte) 0x43, (byte) 0x75, (byte) 0x37, (byte) 0x26, + (byte) 0xFA, (byte) 0x13, (byte) 0x94, (byte) 0x48, + (byte) 0xF2, (byte) 0xD0, (byte) 0x8B, (byte) 0x30, + (byte) 0x84, (byte) 0x54, (byte) 0xDF, (byte) 0x23, + (byte) 0x19, (byte) 0x5B, (byte) 0x3D, (byte) 0x59, + (byte) 0xF3, (byte) 0xAE, (byte) 0xA2, (byte) 0x82, + (byte) 0x63, (byte) 0x01, (byte) 0x83, (byte) 0x2E, + (byte) 0xD9, (byte) 0x51, (byte) 0x9B, (byte) 0x7C, + (byte) 0xA6, (byte) 0xEB, (byte) 0xA5, (byte) 0xBE, + (byte) 0x16, (byte) 0x0C, (byte) 0xE3, (byte) 0x61, + (byte) 0xC0, (byte) 0x8C, (byte) 0x3A, (byte) 0xF5, + (byte) 0x73, (byte) 0x2C, (byte) 0x25, (byte) 0x0B, + (byte) 0xBB, (byte) 0x4E, (byte) 0x89, (byte) 0x6B, + (byte) 0x53, (byte) 0x6A, (byte) 0xB4, (byte) 0xF1, + (byte) 0xE1, (byte) 0xE6, (byte) 0xBD, (byte) 0x45, + (byte) 0xE2, (byte) 0xF4, (byte) 0xB6, (byte) 0x66, + (byte) 0xCC, (byte) 0x95, (byte) 0x03, (byte) 0x56, + (byte) 0xD4, (byte) 0x1C, (byte) 0x1E, (byte) 0xD7, + (byte) 0xFB, (byte) 0xC3, (byte) 0x8E, (byte) 0xB5, + (byte) 0xE9, (byte) 0xCF, (byte) 0xBF, (byte) 0xBA, + (byte) 0xEA, (byte) 0x77, (byte) 0x39, (byte) 0xAF, + (byte) 0x33, (byte) 0xC9, (byte) 0x62, (byte) 0x71, + (byte) 0x81, (byte) 0x79, (byte) 0x09, (byte) 0xAD, + (byte) 0x24, (byte) 0xCD, (byte) 0xF9, (byte) 0xD8, + (byte) 0xE5, (byte) 0xC5, (byte) 0xB9, (byte) 0x4D, + (byte) 0x44, (byte) 0x08, (byte) 0x86, (byte) 0xE7, + (byte) 0xA1, (byte) 0x1D, (byte) 0xAA, (byte) 0xED, + (byte) 0x06, (byte) 0x70, (byte) 0xB2, (byte) 0xD2, + (byte) 0x41, (byte) 0x7B, (byte) 0xA0, (byte) 0x11, + (byte) 0x31, (byte) 0xC2, (byte) 0x27, (byte) 0x90, + (byte) 0x20, (byte) 0xF6, (byte) 0x60, (byte) 0xFF, + (byte) 0x96, (byte) 0x5C, (byte) 0xB1, (byte) 0xAB, + (byte) 0x9E, (byte) 0x9C, (byte) 0x52, (byte) 0x1B, + (byte) 0x5F, (byte) 0x93, (byte) 0x0A, (byte) 0xEF, + (byte) 0x91, (byte) 0x85, (byte) 0x49, (byte) 0xEE, + (byte) 0x2D, (byte) 0x4F, (byte) 0x8F, (byte) 0x3B, + (byte) 0x47, (byte) 0x87, (byte) 0x6D, (byte) 0x46, + (byte) 0xD6, (byte) 0x3E, (byte) 0x69, (byte) 0x64, + (byte) 0x2A, (byte) 0xCE, (byte) 0xCB, (byte) 0x2F, + (byte) 0xFC, (byte) 0x97, (byte) 0x05, (byte) 0x7A, + (byte) 0xAC, (byte) 0x7F, (byte) 0xD5, (byte) 0x1A, + (byte) 0x4B, (byte) 0x0E, (byte) 0xA7, (byte) 0x5A, + (byte) 0x28, (byte) 0x14, (byte) 0x3F, (byte) 0x29, + (byte) 0x88, (byte) 0x3C, (byte) 0x4C, (byte) 0x02, + (byte) 0xB8, (byte) 0xDA, (byte) 0xB0, (byte) 0x17, + (byte) 0x55, (byte) 0x1F, (byte) 0x8A, (byte) 0x7D, + (byte) 0x57, (byte) 0xC7, (byte) 0x8D, (byte) 0x74, + (byte) 0xB7, (byte) 0xC4, (byte) 0x9F, (byte) 0x72, + (byte) 0x7E, (byte) 0x15, (byte) 0x22, (byte) 0x12, + (byte) 0x58, (byte) 0x07, (byte) 0x99, (byte) 0x34, + (byte) 0x6E, (byte) 0x50, (byte) 0xDE, (byte) 0x68, + (byte) 0x65, (byte) 0xBC, (byte) 0xDB, (byte) 0xF8, + (byte) 0xC8, (byte) 0xA8, (byte) 0x2B, (byte) 0x40, + (byte) 0xDC, (byte) 0xFE, (byte) 0x32, (byte) 0xA4, + (byte) 0xCA, (byte) 0x10, (byte) 0x21, (byte) 0xF0, + (byte) 0xD3, (byte) 0x5D, (byte) 0x0F, (byte) 0x00, + (byte) 0x6F, (byte) 0x9D, (byte) 0x36, (byte) 0x42, + (byte) 0x4A, (byte) 0x5E, (byte) 0xC1, (byte) 0xE0 }, + { // p1 + (byte) 0x75, (byte) 0xF3, (byte) 0xC6, (byte) 0xF4, + (byte) 0xDB, (byte) 0x7B, (byte) 0xFB, (byte) 0xC8, + (byte) 0x4A, (byte) 0xD3, (byte) 0xE6, (byte) 0x6B, + (byte) 0x45, (byte) 0x7D, (byte) 0xE8, (byte) 0x4B, + (byte) 0xD6, (byte) 0x32, (byte) 0xD8, (byte) 0xFD, + (byte) 0x37, (byte) 0x71, (byte) 0xF1, (byte) 0xE1, + (byte) 0x30, (byte) 0x0F, (byte) 0xF8, (byte) 0x1B, + (byte) 0x87, (byte) 0xFA, (byte) 0x06, (byte) 0x3F, + (byte) 0x5E, (byte) 0xBA, (byte) 0xAE, (byte) 0x5B, + (byte) 0x8A, (byte) 0x00, (byte) 0xBC, (byte) 0x9D, + (byte) 0x6D, (byte) 0xC1, (byte) 0xB1, (byte) 0x0E, + (byte) 0x80, (byte) 0x5D, (byte) 0xD2, (byte) 0xD5, + (byte) 0xA0, (byte) 0x84, (byte) 0x07, (byte) 0x14, + (byte) 0xB5, (byte) 0x90, (byte) 0x2C, (byte) 0xA3, + (byte) 0xB2, (byte) 0x73, (byte) 0x4C, (byte) 0x54, + (byte) 0x92, (byte) 0x74, (byte) 0x36, (byte) 0x51, + (byte) 0x38, (byte) 0xB0, (byte) 0xBD, (byte) 0x5A, + (byte) 0xFC, (byte) 0x60, (byte) 0x62, (byte) 0x96, + (byte) 0x6C, (byte) 0x42, (byte) 0xF7, (byte) 0x10, + (byte) 0x7C, (byte) 0x28, (byte) 0x27, (byte) 0x8C, + (byte) 0x13, (byte) 0x95, (byte) 0x9C, (byte) 0xC7, + (byte) 0x24, (byte) 0x46, (byte) 0x3B, (byte) 0x70, + (byte) 0xCA, (byte) 0xE3, (byte) 0x85, (byte) 0xCB, + (byte) 0x11, (byte) 0xD0, (byte) 0x93, (byte) 0xB8, + (byte) 0xA6, (byte) 0x83, (byte) 0x20, (byte) 0xFF, + (byte) 0x9F, (byte) 0x77, (byte) 0xC3, (byte) 0xCC, + (byte) 0x03, (byte) 0x6F, (byte) 0x08, (byte) 0xBF, + (byte) 0x40, (byte) 0xE7, (byte) 0x2B, (byte) 0xE2, + (byte) 0x79, (byte) 0x0C, (byte) 0xAA, (byte) 0x82, + (byte) 0x41, (byte) 0x3A, (byte) 0xEA, (byte) 0xB9, + (byte) 0xE4, (byte) 0x9A, (byte) 0xA4, (byte) 0x97, + (byte) 0x7E, (byte) 0xDA, (byte) 0x7A, (byte) 0x17, + (byte) 0x66, (byte) 0x94, (byte) 0xA1, (byte) 0x1D, + (byte) 0x3D, (byte) 0xF0, (byte) 0xDE, (byte) 0xB3, + (byte) 0x0B, (byte) 0x72, (byte) 0xA7, (byte) 0x1C, + (byte) 0xEF, (byte) 0xD1, (byte) 0x53, (byte) 0x3E, + (byte) 0x8F, (byte) 0x33, (byte) 0x26, (byte) 0x5F, + (byte) 0xEC, (byte) 0x76, (byte) 0x2A, (byte) 0x49, + (byte) 0x81, (byte) 0x88, (byte) 0xEE, (byte) 0x21, + (byte) 0xC4, (byte) 0x1A, (byte) 0xEB, (byte) 0xD9, + (byte) 0xC5, (byte) 0x39, (byte) 0x99, (byte) 0xCD, + (byte) 0xAD, (byte) 0x31, (byte) 0x8B, (byte) 0x01, + (byte) 0x18, (byte) 0x23, (byte) 0xDD, (byte) 0x1F, + (byte) 0x4E, (byte) 0x2D, (byte) 0xF9, (byte) 0x48, + (byte) 0x4F, (byte) 0xF2, (byte) 0x65, (byte) 0x8E, + (byte) 0x78, (byte) 0x5C, (byte) 0x58, (byte) 0x19, + (byte) 0x8D, (byte) 0xE5, (byte) 0x98, (byte) 0x57, + (byte) 0x67, (byte) 0x7F, (byte) 0x05, (byte) 0x64, + (byte) 0xAF, (byte) 0x63, (byte) 0xB6, (byte) 0xFE, + (byte) 0xF5, (byte) 0xB7, (byte) 0x3C, (byte) 0xA5, + (byte) 0xCE, (byte) 0xE9, (byte) 0x68, (byte) 0x44, + (byte) 0xE0, (byte) 0x4D, (byte) 0x43, (byte) 0x69, + (byte) 0x29, (byte) 0x2E, (byte) 0xAC, (byte) 0x15, + (byte) 0x59, (byte) 0xA8, (byte) 0x0A, (byte) 0x9E, + (byte) 0x6E, (byte) 0x47, (byte) 0xDF, (byte) 0x34, + (byte) 0x35, (byte) 0x6A, (byte) 0xCF, (byte) 0xDC, + (byte) 0x22, (byte) 0xC9, (byte) 0xC0, (byte) 0x9B, + (byte) 0x89, (byte) 0xD4, (byte) 0xED, (byte) 0xAB, + (byte) 0x12, (byte) 0xA2, (byte) 0x0D, (byte) 0x52, + (byte) 0xBB, (byte) 0x02, (byte) 0x2F, (byte) 0xA9, + (byte) 0xD7, (byte) 0x61, (byte) 0x1E, (byte) 0xB4, + (byte) 0x50, (byte) 0x04, (byte) 0xF6, (byte) 0xC2, + (byte) 0x16, (byte) 0x25, (byte) 0x86, (byte) 0x56, + (byte) 0x55, (byte) 0x09, (byte) 0xBE, (byte) 0x91 } + }; + + /** + * Define the fixed p0/p1 permutations used in keyed S-box lookup. + * By changing the following constant definitions, the S-boxes will + * automatically Get changed in the Twofish engine. + */ + private const int P_00 = 1; + private const int P_01 = 0; + private const int P_02 = 0; + private const int P_03 = P_01 ^ 1; + private const int P_04 = 1; + + private const int P_10 = 0; + private const int P_11 = 0; + private const int P_12 = 1; + private const int P_13 = P_11 ^ 1; + private const int P_14 = 0; + + private const int P_20 = 1; + private const int P_21 = 1; + private const int P_22 = 0; + private const int P_23 = P_21 ^ 1; + private const int P_24 = 0; + + private const int P_30 = 0; + private const int P_31 = 1; + private const int P_32 = 1; + private const int P_33 = P_31 ^ 1; + private const int P_34 = 1; + + /* Primitive polynomial for GF(256) */ + private const int GF256_FDBK = 0x169; + private const int GF256_FDBK_2 = GF256_FDBK / 2; + private const int GF256_FDBK_4 = GF256_FDBK / 4; + + private const int RS_GF_FDBK = 0x14D; // field generator + + //==================================== + // Useful constants + //==================================== + + private const int ROUNDS = 16; + private const int MAX_ROUNDS = 16; // bytes = 128 bits + private const int BLOCK_SIZE = 16; // bytes = 128 bits + private const int MAX_KEY_BITS = 256; + + private const int INPUT_WHITEN=0; + private const int OUTPUT_WHITEN=INPUT_WHITEN+BLOCK_SIZE/4; // 4 + private const int ROUND_SUBKEYS=OUTPUT_WHITEN+BLOCK_SIZE/4;// 8 + + private const int TOTAL_SUBKEYS=ROUND_SUBKEYS+2*MAX_ROUNDS;// 40 + + private const int SK_STEP = 0x02020202; + private const int SK_BUMP = 0x01010101; + private const int SK_ROTL = 9; + + private bool encrypting; + + private int[] gMDS0 = new int[MAX_KEY_BITS]; + private int[] gMDS1 = new int[MAX_KEY_BITS]; + private int[] gMDS2 = new int[MAX_KEY_BITS]; + private int[] gMDS3 = new int[MAX_KEY_BITS]; + + /** + * gSubKeys[] and gSBox[] are eventually used in the + * encryption and decryption methods. + */ + private int[] gSubKeys; + private int[] gSBox; + + private int k64Cnt; + + private byte[] workingKey; + + public TwofishEngine() + { + // calculate the MDS matrix + int[] m1 = new int[2]; + int[] mX = new int[2]; + int[] mY = new int[2]; + int j; + + for (int i=0; i< MAX_KEY_BITS ; i++) + { + j = P[0,i] & 0xff; + m1[0] = j; + mX[0] = Mx_X(j) & 0xff; + mY[0] = Mx_Y(j) & 0xff; + + j = P[1,i] & 0xff; + m1[1] = j; + mX[1] = Mx_X(j) & 0xff; + mY[1] = Mx_Y(j) & 0xff; + + gMDS0[i] = m1[P_00] | mX[P_00] << 8 | + mY[P_00] << 16 | mY[P_00] << 24; + + gMDS1[i] = mY[P_10] | mY[P_10] << 8 | + mX[P_10] << 16 | m1[P_10] << 24; + + gMDS2[i] = mX[P_20] | mY[P_20] << 8 | + m1[P_20] << 16 | mY[P_20] << 24; + + gMDS3[i] = mX[P_30] | m1[P_30] << 8 | + mY[P_30] << 16 | mX[P_30] << 24; + } + } + + /** + * initialise a Twofish cipher. + * + * @param forEncryption whether or not we are for encryption. + * @param parameters the parameters required to set up the cipher. + * @exception ArgumentException if the parameters argument is + * inappropriate. + */ + public void Init( + bool forEncryption, + ICipherParameters parameters) + { + if (!(parameters is KeyParameter)) + throw new ArgumentException("invalid parameter passed to Twofish init - " + Platform.GetTypeName(parameters)); + + this.encrypting = forEncryption; + this.workingKey = ((KeyParameter)parameters).GetKey(); + + int keyBits = this.workingKey.Length * 8; + switch (keyBits) + { + case 128: + case 192: + case 256: + break; + default: + throw new ArgumentException("Key length not 128/192/256 bits."); + } + + this.k64Cnt = this.workingKey.Length / 8; + SetKey(this.workingKey); + } + + public string AlgorithmName + { + get { return "Twofish"; } + } + + public bool IsPartialBlockOkay + { + get { return false; } + } + + public int ProcessBlock( + byte[] input, + int inOff, + byte[] output, + int outOff) + { + if (workingKey == null) + throw new InvalidOperationException("Twofish not initialised"); + + Check.DataLength(input, inOff, BLOCK_SIZE, "input buffer too short"); + Check.OutputLength(output, outOff, BLOCK_SIZE, "output buffer too short"); + + if (encrypting) + { + EncryptBlock(input, inOff, output, outOff); + } + else + { + DecryptBlock(input, inOff, output, outOff); + } + + return BLOCK_SIZE; + } + + public void Reset() + { + if (this.workingKey != null) + { + SetKey(this.workingKey); + } + } + + public int GetBlockSize() + { + return BLOCK_SIZE; + } + + //================================== + // Private Implementation + //================================== + + private void SetKey(byte[] key) + { + int[] k32e = new int[MAX_KEY_BITS/64]; // 4 + int[] k32o = new int[MAX_KEY_BITS/64]; // 4 + + int[] sBoxKeys = new int[MAX_KEY_BITS/64]; // 4 + gSubKeys = new int[TOTAL_SUBKEYS]; + + /* + * k64Cnt is the number of 8 byte blocks (64 chunks) that are in the input key. + * The input key is 16, 24 or 32 bytes, so the range for k64Cnt is 2..4 + */ + for (int i = 0; i < k64Cnt; i++) + { + int p = i * 8; + + k32e[i] = (int)Pack.LE_To_UInt32(key, p); + k32o[i] = (int)Pack.LE_To_UInt32(key, p + 4); + + sBoxKeys[k64Cnt-1-i] = RS_MDS_Encode(k32e[i], k32o[i]); + } + + int q,A,B; + for (int i=0; i < TOTAL_SUBKEYS / 2 ; i++) + { + q = i*SK_STEP; + A = F32(q, k32e); + B = F32(q+SK_BUMP, k32o); + B = Integers.RotateLeft(B, 8); + A += B; + gSubKeys[i*2] = A; + A += B; + gSubKeys[i*2 + 1] = Integers.RotateLeft(A, SK_ROTL); + } + + /* + * fully expand the table for speed + */ + int k0 = sBoxKeys[0]; + int k1 = sBoxKeys[1]; + int k2 = sBoxKeys[2]; + int k3 = sBoxKeys[3]; + int b0, b1, b2, b3; + gSBox = new int[4*MAX_KEY_BITS]; + for (int i=0; i + * 
+        * G(x) = x^4 + (a+1/a)x^3 + ax^2 + (a+1/a)x + 1
+        *
+ * where a = primitive root of field generator 0x14D + *

+ */ + private int RS_rem(int x) + { + int b = (int) (((uint)x >> 24) & 0xff); + int g2 = ((b << 1) ^ + ((b & 0x80) != 0 ? RS_GF_FDBK : 0)) & 0xff; + int g3 = ( (int)((uint)b >> 1) ^ + ((b & 0x01) != 0 ? (int)((uint)RS_GF_FDBK >> 1) : 0)) ^ g2 ; + return ((x << 8) ^ (g3 << 24) ^ (g2 << 16) ^ (g3 << 8) ^ b); + } + + private int LFSR1(int x) + { + return (x >> 1) ^ + (((x & 0x01) != 0) ? GF256_FDBK_2 : 0); + } + + private int LFSR2(int x) + { + return (x >> 2) ^ + (((x & 0x02) != 0) ? GF256_FDBK_2 : 0) ^ + (((x & 0x01) != 0) ? GF256_FDBK_4 : 0); + } + + private int Mx_X(int x) + { + return x ^ LFSR2(x); + } // 5B + + private int Mx_Y(int x) + { + return x ^ LFSR1(x) ^ LFSR2(x); + } // EF + + private int M_b0(int x) + { + return x & 0xff; + } + + private int M_b1(int x) + { + return (int)((uint)x >> 8) & 0xff; + } + + private int M_b2(int x) + { + return (int)((uint)x >> 16) & 0xff; + } + + private int M_b3(int x) + { + return (int)((uint)x >> 24) & 0xff; + } + + private int Fe32_0(int x) + { + return gSBox[ 0x000 + 2*(x & 0xff) ] ^ + gSBox[ 0x001 + 2*((int)((uint)x >> 8) & 0xff) ] ^ + gSBox[ 0x200 + 2*((int)((uint)x >> 16) & 0xff) ] ^ + gSBox[ 0x201 + 2*((int)((uint)x >> 24) & 0xff) ]; + } + + private int Fe32_3(int x) + { + return gSBox[ 0x000 + 2*((int)((uint)x >> 24) & 0xff) ] ^ + gSBox[ 0x001 + 2*(x & 0xff) ] ^ + gSBox[ 0x200 + 2*((int)((uint)x >> 8) & 0xff) ] ^ + gSBox[ 0x201 + 2*((int)((uint)x >> 16) & 0xff) ]; + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/engines/VMPCEngine.cs b/BouncyCastle/crypto/src/crypto/engines/VMPCEngine.cs new file mode 100644 index 0000000..852901e --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/engines/VMPCEngine.cs @@ -0,0 +1,133 @@ +using System; + +using Org.BouncyCastle.Crypto.Parameters; + +namespace Org.BouncyCastle.Crypto.Engines +{ + public class VmpcEngine + : IStreamCipher + { + /* + * variables to hold the state of the VMPC engine during encryption and + * decryption + */ + protected byte n = 0; + protected byte[] P = null; + protected byte s = 0; + + protected byte[] workingIV; + protected byte[] workingKey; + + public virtual string AlgorithmName + { + get { return "VMPC"; } + } + + /** + * initialise a VMPC cipher. + * + * @param forEncryption + * whether or not we are for encryption. + * @param params + * the parameters required to set up the cipher. + * @exception ArgumentException + * if the params argument is inappropriate. + */ + public virtual void Init( + bool forEncryption, + ICipherParameters parameters) + { + if (!(parameters is ParametersWithIV)) + throw new ArgumentException("VMPC Init parameters must include an IV"); + + ParametersWithIV ivParams = (ParametersWithIV) parameters; + + if (!(ivParams.Parameters is KeyParameter)) + throw new ArgumentException("VMPC Init parameters must include a key"); + + KeyParameter key = (KeyParameter)ivParams.Parameters; + + this.workingIV = ivParams.GetIV(); + + if (workingIV == null || workingIV.Length < 1 || workingIV.Length > 768) + throw new ArgumentException("VMPC requires 1 to 768 bytes of IV"); + + this.workingKey = key.GetKey(); + + InitKey(this.workingKey, this.workingIV); + } + + protected virtual void InitKey( + byte[] keyBytes, + byte[] ivBytes) + { + s = 0; + P = new byte[256]; + for (int i = 0; i < 256; i++) + { + P[i] = (byte) i; + } + + for (int m = 0; m < 768; m++) + { + s = P[(s + P[m & 0xff] + keyBytes[m % keyBytes.Length]) & 0xff]; + byte temp = P[m & 0xff]; + P[m & 0xff] = P[s & 0xff]; + P[s & 0xff] = temp; + } + for (int m = 0; m < 768; m++) + { + s = P[(s + P[m & 0xff] + ivBytes[m % ivBytes.Length]) & 0xff]; + byte temp = P[m & 0xff]; + P[m & 0xff] = P[s & 0xff]; + P[s & 0xff] = temp; + } + n = 0; + } + + public virtual void ProcessBytes( + byte[] input, + int inOff, + int len, + byte[] output, + int outOff) + { + Check.DataLength(input, inOff, len, "input buffer too short"); + Check.OutputLength(output, outOff, len, "output buffer too short"); + + for (int i = 0; i < len; i++) + { + s = P[(s + P[n & 0xff]) & 0xff]; + byte z = P[(P[(P[s & 0xff]) & 0xff] + 1) & 0xff]; + // encryption + byte temp = P[n & 0xff]; + P[n & 0xff] = P[s & 0xff]; + P[s & 0xff] = temp; + n = (byte) ((n + 1) & 0xff); + + // xor + output[i + outOff] = (byte) (input[i + inOff] ^ z); + } + } + + public virtual void Reset() + { + InitKey(this.workingKey, this.workingIV); + } + + public virtual byte ReturnByte( + byte input) + { + s = P[(s + P[n & 0xff]) & 0xff]; + byte z = P[(P[(P[s & 0xff]) & 0xff] + 1) & 0xff]; + // encryption + byte temp = P[n & 0xff]; + P[n & 0xff] = P[s & 0xff]; + P[s & 0xff] = temp; + n = (byte) ((n + 1) & 0xff); + + // xor + return (byte) (input ^ z); + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/engines/VMPCKSA3Engine.cs b/BouncyCastle/crypto/src/crypto/engines/VMPCKSA3Engine.cs new file mode 100644 index 0000000..95b6813 --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/engines/VMPCKSA3Engine.cs @@ -0,0 +1,51 @@ +using System; + +namespace Org.BouncyCastle.Crypto.Engines +{ + public class VmpcKsa3Engine + : VmpcEngine + { + public override string AlgorithmName + { + get { return "VMPC-KSA3"; } + } + + protected override void InitKey( + byte[] keyBytes, + byte[] ivBytes) + { + s = 0; + P = new byte[256]; + for (int i = 0; i < 256; i++) + { + P[i] = (byte) i; + } + + for (int m = 0; m < 768; m++) + { + s = P[(s + P[m & 0xff] + keyBytes[m % keyBytes.Length]) & 0xff]; + byte temp = P[m & 0xff]; + P[m & 0xff] = P[s & 0xff]; + P[s & 0xff] = temp; + } + + for (int m = 0; m < 768; m++) + { + s = P[(s + P[m & 0xff] + ivBytes[m % ivBytes.Length]) & 0xff]; + byte temp = P[m & 0xff]; + P[m & 0xff] = P[s & 0xff]; + P[s & 0xff] = temp; + } + + for (int m = 0; m < 768; m++) + { + s = P[(s + P[m & 0xff] + keyBytes[m % keyBytes.Length]) & 0xff]; + byte temp = P[m & 0xff]; + P[m & 0xff] = P[s & 0xff]; + P[s & 0xff] = temp; + } + + n = 0; + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/engines/XSalsa20Engine.cs b/BouncyCastle/crypto/src/crypto/engines/XSalsa20Engine.cs new file mode 100644 index 0000000..50c51a8 --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/engines/XSalsa20Engine.cs @@ -0,0 +1,64 @@ +using System; + +using Org.BouncyCastle.Crypto.Utilities; + +namespace Org.BouncyCastle.Crypto.Engines +{ + /// + /// Implementation of Daniel J. Bernstein's XSalsa20 stream cipher - Salsa20 with an extended nonce. + /// + /// + /// XSalsa20 requires a 256 bit key, and a 192 bit nonce. + /// + public class XSalsa20Engine + : Salsa20Engine + { + public override string AlgorithmName + { + get { return "XSalsa20"; } + } + + protected override int NonceSize + { + get { return 24; } + } + + /// + /// XSalsa20 key generation: process 256 bit input key and 128 bits of the input nonce + /// using a core Salsa20 function without input addition to produce 256 bit working key + /// and use that with the remaining 64 bits of nonce to initialize a standard Salsa20 engine state. + /// + protected override void SetKey(byte[] keyBytes, byte[] ivBytes) + { + if (keyBytes == null) + throw new ArgumentException(AlgorithmName + " doesn't support re-init with null key"); + + if (keyBytes.Length != 32) + throw new ArgumentException(AlgorithmName + " requires a 256 bit key"); + + // Set key for HSalsa20 + base.SetKey(keyBytes, ivBytes); + + // Pack next 64 bits of IV into engine state instead of counter + Pack.LE_To_UInt32(ivBytes, 8, engineState, 8, 2); + + // Process engine state to generate Salsa20 key + uint[] hsalsa20Out = new uint[engineState.Length]; + SalsaCore(20, engineState, hsalsa20Out); + + // Set new key, removing addition in last round of salsaCore + engineState[1] = hsalsa20Out[0] - engineState[0]; + engineState[2] = hsalsa20Out[5] - engineState[5]; + engineState[3] = hsalsa20Out[10] - engineState[10]; + engineState[4] = hsalsa20Out[15] - engineState[15]; + + engineState[11] = hsalsa20Out[6] - engineState[6]; + engineState[12] = hsalsa20Out[7] - engineState[7]; + engineState[13] = hsalsa20Out[8] - engineState[8]; + engineState[14] = hsalsa20Out[9] - engineState[9]; + + // Last 64 bits of input IV + Pack.LE_To_UInt32(ivBytes, 16, engineState, 6, 2); + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/engines/XTEAEngine.cs b/BouncyCastle/crypto/src/crypto/engines/XTEAEngine.cs new file mode 100644 index 0000000..5fcfa4a --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/engines/XTEAEngine.cs @@ -0,0 +1,166 @@ +using System; + +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Crypto.Utilities; +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Crypto.Engines +{ + /** + * An XTEA engine. + */ + public class XteaEngine + : IBlockCipher + { + private const int + rounds = 32, + block_size = 8, +// key_size = 16, + delta = unchecked((int) 0x9E3779B9); + + /* + * the expanded key array of 4 subkeys + */ + private uint[] _S = new uint[4], + _sum0 = new uint[32], + _sum1 = new uint[32]; + private bool _initialised, _forEncryption; + + /** + * Create an instance of the TEA encryption algorithm + * and set some defaults + */ + public XteaEngine() + { + _initialised = false; + } + + public virtual string AlgorithmName + { + get { return "XTEA"; } + } + + public virtual bool IsPartialBlockOkay + { + get { return false; } + } + + public virtual int GetBlockSize() + { + return block_size; + } + + /** + * initialise + * + * @param forEncryption whether or not we are for encryption. + * @param params the parameters required to set up the cipher. + * @exception ArgumentException if the params argument is + * inappropriate. + */ + public virtual void Init( + bool forEncryption, + ICipherParameters parameters) + { + if (!(parameters is KeyParameter)) + { + throw new ArgumentException("invalid parameter passed to TEA init - " + + Platform.GetTypeName(parameters)); + } + + _forEncryption = forEncryption; + _initialised = true; + + KeyParameter p = (KeyParameter) parameters; + + setKey(p.GetKey()); + } + + public virtual int ProcessBlock( + byte[] inBytes, + int inOff, + byte[] outBytes, + int outOff) + { + if (!_initialised) + throw new InvalidOperationException(AlgorithmName + " not initialised"); + + Check.DataLength(inBytes, inOff, block_size, "input buffer too short"); + Check.OutputLength(outBytes, outOff, block_size, "output buffer too short"); + + return _forEncryption + ? encryptBlock(inBytes, inOff, outBytes, outOff) + : decryptBlock(inBytes, inOff, outBytes, outOff); + } + + public virtual void Reset() + { + } + + /** + * Re-key the cipher. + * + * @param key the key to be used + */ + private void setKey( + byte[] key) + { + int i, j; + for (i = j = 0; i < 4; i++,j+=4) + { + _S[i] = Pack.BE_To_UInt32(key, j); + } + + for (i = j = 0; i < rounds; i++) + { + _sum0[i] = ((uint)j + _S[j & 3]); + j += delta; + _sum1[i] = ((uint)j + _S[j >> 11 & 3]); + } + } + + private int encryptBlock( + byte[] inBytes, + int inOff, + byte[] outBytes, + int outOff) + { + // Pack bytes into integers + uint v0 = Pack.BE_To_UInt32(inBytes, inOff); + uint v1 = Pack.BE_To_UInt32(inBytes, inOff + 4); + + for (int i = 0; i < rounds; i++) + { + v0 += ((v1 << 4 ^ v1 >> 5) + v1) ^ _sum0[i]; + v1 += ((v0 << 4 ^ v0 >> 5) + v0) ^ _sum1[i]; + } + + Pack.UInt32_To_BE(v0, outBytes, outOff); + Pack.UInt32_To_BE(v1, outBytes, outOff + 4); + + return block_size; + } + + private int decryptBlock( + byte[] inBytes, + int inOff, + byte[] outBytes, + int outOff) + { + // Pack bytes into integers + uint v0 = Pack.BE_To_UInt32(inBytes, inOff); + uint v1 = Pack.BE_To_UInt32(inBytes, inOff + 4); + + for (int i = rounds-1; i >= 0; i--) + { + v1 -= ((v0 << 4 ^ v0 >> 5) + v0) ^ _sum1[i]; + v0 -= ((v1 << 4 ^ v1 >> 5) + v1) ^ _sum0[i]; + } + + Pack.UInt32_To_BE(v0, outBytes, outOff); + Pack.UInt32_To_BE(v1, outBytes, outOff + 4); + + return block_size; + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/fpe/FpeEngine.cs b/BouncyCastle/crypto/src/crypto/fpe/FpeEngine.cs new file mode 100644 index 0000000..5545b7d --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/fpe/FpeEngine.cs @@ -0,0 +1,73 @@ +using System; + +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Crypto.Fpe +{ + /// Base class for format-preserving encryption. + public abstract class FpeEngine + { + protected readonly IBlockCipher baseCipher; + + protected bool forEncryption; + protected FpeParameters fpeParameters; + + protected FpeEngine(IBlockCipher baseCipher) + { + this.baseCipher = baseCipher; + } + + /// + /// Process length bytes from inBuf, writing the output to outBuf. + /// + /// number of bytes output. + /// input data. + /// offset in input data to start at. + /// number of bytes to process. + /// destination buffer. + /// offset to start writing at in destination buffer. + public virtual int ProcessBlock(byte[] inBuf, int inOff, int length, byte[] outBuf, int outOff) + { + if (fpeParameters == null) + throw new InvalidOperationException("FPE engine not initialized"); + if (length < 0) + throw new ArgumentException("cannot be negative", "length"); + if (inBuf == null) + throw new ArgumentNullException("inBuf"); + if (outBuf == null) + throw new ArgumentNullException("outBuf"); + + Check.DataLength(inBuf, inOff, length, "input buffer too short"); + Check.OutputLength(outBuf, outOff, length, "output buffer too short"); + + if (forEncryption) + { + return EncryptBlock(inBuf, inOff, length, outBuf, outOff); + } + else + { + return DecryptBlock(inBuf, inOff, length, outBuf, outOff); + } + } + + protected static bool IsOverrideSet(string propName) + { + string propValue = Platform.GetEnvironmentVariable(propName); + + return propValue != null && Platform.EqualsIgnoreCase("true", propValue); + } + + /// + /// Initialize the FPE engine for encryption/decryption. + /// + /// number of bytes output. + /// true if initialising for encryption, false otherwise. + /// the key and other parameters to use to set the engine up. + public abstract void Init(bool forEncryption, ICipherParameters parameters); + + protected abstract int EncryptBlock(byte[] inBuf, int inOff, int length, byte[] outBuf, int outOff); + + protected abstract int DecryptBlock(byte[] inBuf, int inOff, int length, byte[] outBuf, int outOff); + } +} diff --git a/BouncyCastle/crypto/src/crypto/fpe/FpeFf1Engine.cs b/BouncyCastle/crypto/src/crypto/fpe/FpeFf1Engine.cs new file mode 100644 index 0000000..acd31b6 --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/fpe/FpeFf1Engine.cs @@ -0,0 +1,83 @@ +using System; + +using Org.BouncyCastle.Crypto.Engines; +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Crypto.Utilities; + +namespace Org.BouncyCastle.Crypto.Fpe +{ + public class FpeFf1Engine + : FpeEngine + { + public FpeFf1Engine() + : this(new AesEngine()) + { + } + + public FpeFf1Engine(IBlockCipher baseCipher) + : base(baseCipher) + { + if (IsOverrideSet(SP80038G.FPE_DISABLED) || + IsOverrideSet(SP80038G.FF1_DISABLED)) + { + throw new InvalidOperationException("FF1 encryption disabled"); + } + } + + public override void Init(bool forEncryption, ICipherParameters parameters) + { + this.forEncryption = forEncryption; + this.fpeParameters = (FpeParameters)parameters; + + baseCipher.Init(!fpeParameters.UseInverseFunction, fpeParameters.Key); + } + + protected override int EncryptBlock(byte[] inBuf, int inOff, int length, byte[] outBuf, int outOff) + { + byte[] enc; + + if (fpeParameters.Radix > 256) + { + if ((length & 1) != 0) + throw new ArgumentException("input must be an even number of bytes for a wide radix"); + + ushort[] u16In = Pack.BE_To_UInt16(inBuf, inOff, length); + ushort[] u16Out = SP80038G.EncryptFF1w(baseCipher, fpeParameters.Radix, fpeParameters.GetTweak(), + u16In, 0, u16In.Length); + enc = Pack.UInt16_To_BE(u16Out, 0, u16Out.Length); + } + else + { + enc = SP80038G.EncryptFF1(baseCipher, fpeParameters.Radix, fpeParameters.GetTweak(), inBuf, inOff, length); + } + + Array.Copy(enc, 0, outBuf, outOff, length); + + return length; + } + + protected override int DecryptBlock(byte[] inBuf, int inOff, int length, byte[] outBuf, int outOff) + { + byte[] dec; + + if (fpeParameters.Radix > 256) + { + if ((length & 1) != 0) + throw new ArgumentException("input must be an even number of bytes for a wide radix"); + + ushort[] u16In = Pack.BE_To_UInt16(inBuf, inOff, length); + ushort[] u16Out = SP80038G.DecryptFF1w(baseCipher, fpeParameters.Radix, fpeParameters.GetTweak(), + u16In, 0, u16In.Length); + dec = Pack.UInt16_To_BE(u16Out, 0, u16Out.Length); + } + else + { + dec = SP80038G.DecryptFF1(baseCipher, fpeParameters.Radix, fpeParameters.GetTweak(), inBuf, inOff, length); + } + + Array.Copy(dec, 0, outBuf, outOff, length); + + return length; + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/fpe/FpeFf3_1Engine.cs b/BouncyCastle/crypto/src/crypto/fpe/FpeFf3_1Engine.cs new file mode 100644 index 0000000..aa238e4 --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/fpe/FpeFf3_1Engine.cs @@ -0,0 +1,86 @@ +using System; + +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Crypto.Engines; +using Org.BouncyCastle.Crypto.Utilities; +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Crypto.Fpe +{ + public class FpeFf3_1Engine + : FpeEngine + { + public FpeFf3_1Engine() + : this(new AesEngine()) + { + } + + public FpeFf3_1Engine(IBlockCipher baseCipher) + : base(baseCipher) + { + if (IsOverrideSet(SP80038G.FPE_DISABLED)) + { + throw new InvalidOperationException("FPE disabled"); + } + } + + public override void Init(bool forEncryption, ICipherParameters parameters) + { + this.forEncryption = forEncryption; + this.fpeParameters = (FpeParameters)parameters; + + baseCipher.Init(!fpeParameters.UseInverseFunction, new KeyParameter(Arrays.Reverse(fpeParameters.Key.GetKey()))); + + if (fpeParameters.GetTweak().Length != 7) + throw new ArgumentException("tweak should be 56 bits"); + } + + protected override int EncryptBlock(byte[] inBuf, int inOff, int length, byte[] outBuf, int outOff) + { + byte[] enc; + + if (fpeParameters.Radix > 256) + { + if ((length & 1) != 0) + throw new ArgumentException("input must be an even number of bytes for a wide radix"); + + ushort[] u16In = Pack.BE_To_UInt16(inBuf, inOff, length); + ushort[] u16Out = SP80038G.EncryptFF3_1w(baseCipher, fpeParameters.Radix, fpeParameters.GetTweak(), + u16In, 0, u16In.Length); + enc = Pack.UInt16_To_BE(u16Out, 0, u16Out.Length); + } + else + { + enc = SP80038G.EncryptFF3_1(baseCipher, fpeParameters.Radix, fpeParameters.GetTweak(), inBuf, inOff, length); + } + + Array.Copy(enc, 0, outBuf, outOff, length); + + return length; + } + + protected override int DecryptBlock(byte[] inBuf, int inOff, int length, byte[] outBuf, int outOff) + { + byte[] dec; + + if (fpeParameters.Radix > 256) + { + if ((length & 1) != 0) + throw new ArgumentException("input must be an even number of bytes for a wide radix"); + + ushort[] u16In = Pack.BE_To_UInt16(inBuf, inOff, length); + ushort[] u16Out = SP80038G.DecryptFF3_1w(baseCipher, fpeParameters.Radix, fpeParameters.GetTweak(), + u16In, 0, u16In.Length); + dec = Pack.UInt16_To_BE(u16Out, 0, u16Out.Length); + } + else + { + dec = SP80038G.DecryptFF3_1(baseCipher, fpeParameters.Radix, fpeParameters.GetTweak(), inBuf, inOff, length); + } + + Array.Copy(dec, 0, outBuf, outOff, length); + + return length; + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/fpe/SP80038G.cs b/BouncyCastle/crypto/src/crypto/fpe/SP80038G.cs new file mode 100644 index 0000000..53efc14 --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/fpe/SP80038G.cs @@ -0,0 +1,694 @@ +using System; + +using Org.BouncyCastle.Crypto.Utilities; +using Org.BouncyCastle.Math; +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Crypto.Fpe +{ + /* + * SP800-38G Format-Preserving Encryption + * + * TODOs + * - Initialize the cipher internally or externally? + * 1. Algs 7-10 don't appear to require forward vs. inverse transform, although sample data is forward. + * 2. Algs 9-10 specify reversal of the cipher key! + * - Separate construction/initialization stage for "prerequisites" + */ + internal class SP80038G + { + internal static readonly string FPE_DISABLED = "Org.BouncyCastle.Fpe.Disable"; + internal static readonly string FF1_DISABLED = "Org.BouncyCastle.Fpe.Disable_Ff1"; + + protected static readonly int BLOCK_SIZE = 16; + protected static readonly double LOG2 = System.Math.Log(2.0); + protected static readonly double TWO_TO_96 = System.Math.Pow(2, 96); + + public static byte[] DecryptFF1(IBlockCipher cipher, int radix, byte[] tweak, byte[] buf, int off, int len) + { + checkArgs(cipher, true, radix, buf, off, len); + + // Algorithm 8 + int n = len; + int u = n / 2, v = n - u; + + ushort[] A = toShort(buf, off, u); + ushort[] B = toShort(buf, off + u, v); + + ushort[] rv = decFF1(cipher, radix, tweak, n, u, v, A, B); + + return toByte(rv); + } + + public static ushort[] DecryptFF1w(IBlockCipher cipher, int radix, byte[] tweak, ushort[] buf, int off, int len) + { + checkArgs(cipher, true, radix, buf, off, len); + + // Algorithm 8 + int n = len; + int u = n / 2, v = n - u; + + ushort[] A = new ushort[u]; + ushort[] B = new ushort[v]; + + Array.Copy(buf, off, A, 0, u); + Array.Copy(buf, off + u, B, 0, v); + + return decFF1(cipher, radix, tweak, n, u, v, A, B); + } + + private static ushort[] decFF1(IBlockCipher cipher, int radix, byte[] T, int n, int u, int v, ushort[] A, ushort[] B) + { + int t = T.Length; + int b = ((int)Ceil(System.Math.Log((double)radix) * (double)v / LOG2) + 7) / 8; + int d = (((b + 3) / 4) * 4) + 4; + + byte[] P = calculateP_FF1(radix, (byte)u, n, t); + + BigInteger bigRadix = BigInteger.ValueOf(radix); + BigInteger[] modUV = calculateModUV(bigRadix, u, v); + + int m = u; + + for (int i = 9; i >= 0; --i) + { + // i. - iv. + BigInteger y = calculateY_FF1(cipher, bigRadix, T, b, d, i, P, A); + + // v. + m = n - m; + BigInteger modulus = modUV[i & 1]; + + // vi. + BigInteger c = num(bigRadix, B).Subtract(y).Mod(modulus); + + // vii. - ix. + ushort[] C = B; + B = A; + A = C; + str(bigRadix, c, m, C, 0); + } + + return Arrays.Concatenate(A, B); + } + + public static byte[] DecryptFF3(IBlockCipher cipher, int radix, byte[] tweak64, byte[] buf, int off, int len) + { + checkArgs(cipher, false, radix, buf, off, len); + + if (tweak64.Length != 8) + { + throw new ArgumentException(); + } + + return implDecryptFF3(cipher, radix, tweak64, buf, off, len); + } + + public static byte[] DecryptFF3_1(IBlockCipher cipher, int radix, byte[] tweak56, byte[] buf, int off, int len) + { + checkArgs(cipher, false, radix, buf, off, len); + + if (tweak56.Length != 7) + { + throw new ArgumentException("tweak should be 56 bits"); + } + + byte[] tweak64 = calculateTweak64_FF3_1(tweak56); + + return implDecryptFF3(cipher, radix, tweak64, buf, off, len); + } + + public static ushort[] DecryptFF3_1w(IBlockCipher cipher, int radix, byte[] tweak56, ushort[] buf, int off, int len) + { + checkArgs(cipher, false, radix, buf, off, len); + + if (tweak56.Length != 7) + { + throw new ArgumentException("tweak should be 56 bits"); + } + + byte[] tweak64 = calculateTweak64_FF3_1(tweak56); + + return implDecryptFF3w(cipher, radix, tweak64, buf, off, len); + } + + public static byte[] EncryptFF1(IBlockCipher cipher, int radix, byte[] tweak, byte[] buf, int off, int len) + { + checkArgs(cipher, true, radix, buf, off, len); + + // Algorithm 7 + int n = len; + int u = n / 2, v = n - u; + + ushort[] A = toShort(buf, off, u); + ushort[] B = toShort(buf, off + u, v); + + return toByte(encFF1(cipher, radix, tweak, n, u, v, A, B)); + } + + public static ushort[] EncryptFF1w(IBlockCipher cipher, int radix, byte[] tweak, ushort[] buf, int off, int len) + { + checkArgs(cipher, true, radix, buf, off, len); + + // Algorithm 7 + int n = len; + int u = n / 2, v = n - u; + + ushort[] A = new ushort[u]; + ushort[] B = new ushort[v]; + + Array.Copy(buf, off, A, 0, u); + Array.Copy(buf, off + u, B, 0, v); + + return encFF1(cipher, radix, tweak, n, u, v, A, B); + } + + private static ushort[] encFF1(IBlockCipher cipher, int radix, byte[] T, int n, int u, int v, ushort[] A, ushort[] B) + { + int t = T.Length; + + int b = ((int)Ceil(System.Math.Log((double)radix) * (double)v / LOG2) + 7) / 8; + int d = (((b + 3) / 4) * 4) + 4; + + byte[] P = calculateP_FF1(radix, (byte)u, n, t); + + BigInteger bigRadix = BigInteger.ValueOf(radix); + BigInteger[] modUV = calculateModUV(bigRadix, u, v); + + int m = v; + + for (int i = 0; i < 10; ++i) + { + // i. - iv. + BigInteger y = calculateY_FF1(cipher, bigRadix, T, b, d, i, P, B); + + // v. + m = n - m; + BigInteger modulus = modUV[i & 1]; + + // vi. + BigInteger c = num(bigRadix, A).Add(y).Mod(modulus); + + // vii. - ix. + ushort[] C = A; + A = B; + B = C; + str(bigRadix, c, m, C, 0); + } + + return Arrays.Concatenate(A, B); + } + + public static byte[] EncryptFF3(IBlockCipher cipher, int radix, byte[] tweak64, byte[] buf, int off, int len) + { + checkArgs(cipher, false, radix, buf, off, len); + + if (tweak64.Length != 8) + { + throw new ArgumentException(); + } + + return implEncryptFF3(cipher, radix, tweak64, buf, off, len); + } + + public static ushort[] EncryptFF3w(IBlockCipher cipher, int radix, byte[] tweak64, ushort[] buf, int off, int len) + { + checkArgs(cipher, false, radix, buf, off, len); + + if (tweak64.Length != 8) + { + throw new ArgumentException(); + } + + return implEncryptFF3w(cipher, radix, tweak64, buf, off, len); + } + + public static ushort[] EncryptFF3_1w(IBlockCipher cipher, int radix, byte[] tweak56, ushort[] buf, int off, int len) + { + checkArgs(cipher, false, radix, buf, off, len); + + if (tweak56.Length != 7) + { + throw new ArgumentException("tweak should be 56 bits"); + } + byte[] tweak64 = calculateTweak64_FF3_1(tweak56); + + return EncryptFF3w(cipher, radix, tweak64, buf, off, len); + } + + public static byte[] EncryptFF3_1(IBlockCipher cipher, int radix, byte[] tweak56, byte[] buf, int off, int len) + { + checkArgs(cipher, false, radix, buf, off, len); + + if (tweak56.Length != 7) + { + throw new ArgumentException("tweak should be 56 bits"); + } + + byte[] tweak64 = calculateTweak64_FF3_1(tweak56); + + return EncryptFF3(cipher, radix, tweak64, buf, off, len); + } + + protected static BigInteger[] calculateModUV(BigInteger bigRadix, int u, int v) + { + BigInteger[] modUV = new BigInteger[2]; + modUV[0] = bigRadix.Pow(u); + modUV[1] = modUV[0]; + if (v != u) + { + modUV[1] = modUV[1].Multiply(bigRadix); + } + return modUV; + } + + protected static byte[] calculateP_FF1(int radix, byte uLow, int n, int t) + { + byte[] P = new byte[BLOCK_SIZE]; + P[0] = 1; + P[1] = 2; + P[2] = 1; + + // Radix + P[3] = 0; + P[4] = (byte)(radix >> 8); + P[5] = (byte)radix; + + P[6] = 10; + P[7] = uLow; + Pack.UInt32_To_BE((uint)n, P, 8); + Pack.UInt32_To_BE((uint)t, P, 12); + return P; + } + + protected static byte[] calculateTweak64_FF3_1(byte[] tweak56) + { + byte[] tweak64 = new byte[8]; + tweak64[0] = tweak56[0]; + tweak64[1] = tweak56[1]; + tweak64[2] = tweak56[2]; + tweak64[3] = (byte)(tweak56[3] & 0xF0); + tweak64[4] = tweak56[4]; + tweak64[5] = tweak56[5]; + tweak64[6] = tweak56[6]; + tweak64[7] = (byte)(tweak56[3] << 4); + + return tweak64; + } + + protected static BigInteger calculateY_FF1(IBlockCipher cipher, BigInteger bigRadix, byte[] T, int b, int d, int round, byte[] P, ushort[] AB) + { + int t = T.Length; + + // i. + BigInteger numAB = num(bigRadix, AB); + byte[] bytesAB = BigIntegers.AsUnsignedByteArray(numAB); + + int zeroes = -(t + b + 1) & 15; + byte[] Q = new byte[t + zeroes + 1 + b]; + Array.Copy(T, 0, Q, 0, t); + Q[t + zeroes] = (byte)round; + Array.Copy(bytesAB, 0, Q, Q.Length - bytesAB.Length, bytesAB.Length); + + // ii. + byte[] R = prf(cipher, Arrays.Concatenate(P, Q)); + + // iii. + byte[] sBlocks = R; + if (d > BLOCK_SIZE) + { + int sBlocksLen = (d + BLOCK_SIZE - 1) / BLOCK_SIZE; + sBlocks = new byte[sBlocksLen * BLOCK_SIZE]; + Array.Copy(R, 0, sBlocks, 0, BLOCK_SIZE); + + byte[] uint32 = new byte[4]; + for (uint j = 1; j < sBlocksLen; ++j) + { + int sOff = (int)(j * BLOCK_SIZE); + Array.Copy(R, 0, sBlocks, sOff, BLOCK_SIZE); + Pack.UInt32_To_BE(j, uint32, 0); + xor(uint32, 0, sBlocks, sOff + BLOCK_SIZE - 4, 4); + cipher.ProcessBlock(sBlocks, sOff, sBlocks, sOff); + } + } + + // iv. + return num(sBlocks, 0, d); + } + + protected static BigInteger calculateY_FF3(IBlockCipher cipher, BigInteger bigRadix, byte[] T, int wOff, uint round, ushort[] AB) + { + // ii. + byte[] P = new byte[BLOCK_SIZE]; + Pack.UInt32_To_BE(round, P, 0); + xor(T, wOff, P, 0, 4); + BigInteger numAB = num(bigRadix, AB); + + byte[] bytesAB = BigIntegers.AsUnsignedByteArray(numAB); + + if ((P.Length - bytesAB.Length) < 4) // to be sure... + { + throw new InvalidOperationException("input out of range"); + } + Array.Copy(bytesAB, 0, P, P.Length - bytesAB.Length, bytesAB.Length); + + // iii. + rev(P); + cipher.ProcessBlock(P, 0, P, 0); + rev(P); + byte[] S = P; + + // iv. + return num(S, 0, S.Length); + } + + protected static void checkArgs(IBlockCipher cipher, bool isFF1, int radix, ushort[] buf, int off, int len) + { + checkCipher(cipher); + if (radix < 2 || radix > (1 << 16)) + { + throw new ArgumentException(); + } + checkData(isFF1, radix, buf, off, len); + } + + protected static void checkArgs(IBlockCipher cipher, bool isFF1, int radix, byte[] buf, int off, int len) + { + checkCipher(cipher); + if (radix < 2 || radix > (1 << 8)) + { + throw new ArgumentException(); + } + checkData(isFF1, radix, buf, off, len); + } + + protected static void checkCipher(IBlockCipher cipher) + { + if (BLOCK_SIZE != cipher.GetBlockSize()) + { + throw new ArgumentException(); + } + } + + protected static void checkData(bool isFF1, int radix, ushort[] buf, int off, int len) + { + checkLength(isFF1, radix, len); + for (int i = 0; i < len; ++i) + { + int b = buf[off + i] & 0xFFFF; + if (b >= radix) + { + throw new ArgumentException("input data outside of radix"); + } + } + } + + protected static void checkData(bool isFF1, int radix, byte[] buf, int off, int len) + { + checkLength(isFF1, radix, len); + for (int i = 0; i < len; ++i) + { + int b = buf[off + i] & 0xFF; + if (b >= radix) + { + throw new ArgumentException("input data outside of radix"); + } + } + } + + private static void checkLength(bool isFF1, int radix, int len) + { + if (len < 2 || System.Math.Pow(radix, len) < 1000000) + { + throw new ArgumentException("input too short"); + } + if (!isFF1) + { + int maxLen = 2 * (int)(System.Math.Floor(System.Math.Log(TWO_TO_96) / System.Math.Log(radix))); + if (len > maxLen) + { + throw new ArgumentException("maximum input length is " + maxLen); + } + } + } + + protected static byte[] implDecryptFF3(IBlockCipher cipher, int radix, byte[] tweak64, byte[] buf, int off, int len) + { + // Algorithm 10 + byte[] T = tweak64; + int n = len; + int v = n / 2, u = n - v; + + ushort[] A = toShort(buf, off, u); + ushort[] B = toShort(buf, off + u, v); + + ushort[] rv = decFF3_1(cipher, radix, T, n, v, u, A, B); + + return toByte(rv); + } + + protected static ushort[] implDecryptFF3w(IBlockCipher cipher, int radix, byte[] tweak64, ushort[] buf, int off, int len) + { + // Algorithm 10 + byte[] T = tweak64; + int n = len; + int v = n / 2, u = n - v; + + ushort[] A = new ushort[u]; + ushort[] B = new ushort[v]; + + Array.Copy(buf, off, A, 0, u); + Array.Copy(buf, off + u, B, 0, v); + + return decFF3_1(cipher, radix, T, n, v, u, A, B); + } + + private static ushort[] decFF3_1(IBlockCipher cipher, int radix, byte[] T, int n, int v, int u, ushort[] A, ushort[] B) + { + BigInteger bigRadix = BigInteger.ValueOf(radix); + BigInteger[] modVU = calculateModUV(bigRadix, v, u); + + int m = u; + + // Note we keep A, B in reverse order throughout + rev(A); + rev(B); + + for (int i = 7; i >= 0; --i) + { + // i. + m = n - m; + BigInteger modulus = modVU[1 - (i & 1)]; + int wOff = 4 - ((i & 1) * 4); + + // ii. - iv. + BigInteger y = calculateY_FF3(cipher, bigRadix, T, wOff, (uint)i, A); + + // v. + BigInteger c = num(bigRadix, B).Subtract(y).Mod(modulus); + + // vi. - viii. + ushort[] C = B; + B = A; + A = C; + str(bigRadix, c, m, C, 0); + } + + rev(A); + rev(B); + + return Arrays.Concatenate(A, B); + } + + protected static byte[] implEncryptFF3(IBlockCipher cipher, int radix, byte[] tweak64, byte[] buf, int off, int len) + { + // Algorithm 9 + byte[] T = tweak64; + int n = len; + int v = n / 2, u = n - v; + + ushort[] A = toShort(buf, off, u); + ushort[] B = toShort(buf, off + u, v); + + ushort[] rv = encFF3_1(cipher, radix, T, n, v, u, A, B); + + return toByte(rv); + } + + protected static ushort[] implEncryptFF3w(IBlockCipher cipher, int radix, byte[] tweak64, ushort[] buf, int off, int len) + { + // Algorithm 9 + byte[] T = tweak64; + int n = len; + int v = n / 2, u = n - v; + + ushort[] A = new ushort[u]; + ushort[] B = new ushort[v]; + + Array.Copy(buf, off, A, 0, u); + Array.Copy(buf, off + u, B, 0, v); + + return encFF3_1(cipher, radix, T, n, v, u, A, B); + } + + private static ushort[] encFF3_1(IBlockCipher cipher, int radix, byte[] t, int n, int v, int u, ushort[] a, ushort[] b) + { + BigInteger bigRadix = BigInteger.ValueOf(radix); + BigInteger[] modVU = calculateModUV(bigRadix, v, u); + + int m = v; + + // Note we keep A, B in reverse order throughout + rev(a); + rev(b); + + for (uint i = 0; i < 8; ++i) + { + // i. + m = n - m; + BigInteger modulus = modVU[1 - (i & 1)]; + int wOff = 4 - (int)((i & 1) * 4); + + // ii. - iv. + BigInteger y = calculateY_FF3(cipher, bigRadix, t, wOff, i, b); + + // v. + BigInteger c = num(bigRadix, a).Add(y).Mod(modulus); + + // vi. - viii. + ushort[] C = a; + a = b; + b = C; + str(bigRadix, c, m, C, 0); + } + + rev(a); + rev(b); + + return Arrays.Concatenate(a, b); + } + + protected static BigInteger num(byte[] buf, int off, int len) + { + return new BigInteger(1, Arrays.CopyOfRange(buf, off, off + len)); + } + + protected static BigInteger num(BigInteger R, ushort[] x) + { + BigInteger result = BigInteger.Zero; + for (int i = 0; i < x.Length; ++i) + { + result = result.Multiply(R).Add(BigInteger.ValueOf(x[i] & 0xFFFF)); + } + return result; + } + + protected static byte[] prf(IBlockCipher c, byte[] x) + { + if ((x.Length % BLOCK_SIZE) != 0) + { + throw new ArgumentException(); + } + + int m = x.Length / BLOCK_SIZE; + byte[] y = new byte[BLOCK_SIZE]; + + for (int i = 0; i < m; ++i) + { + xor(x, i * BLOCK_SIZE, y, 0, BLOCK_SIZE); + c.ProcessBlock(y, 0, y, 0); + } + + return y; + } + + // protected static void rev(byte[] x, int xOff, byte[] y, int yOff, int len) + // { + // for (int i = 1; i <= len; ++i) + // { + // y[yOff + len - i] = x[xOff + i - 1]; + // } + // } + + protected static void rev(byte[] x) + { + int half = x.Length / 2, end = x.Length - 1; + for (int i = 0; i < half; ++i) + { + byte tmp = x[i]; + x[i] = x[end - i]; + x[end - i] = tmp; + } + } + + protected static void rev(ushort[] x) + { + int half = x.Length / 2, end = x.Length - 1; + for (int i = 0; i < half; ++i) + { + ushort tmp = x[i]; + x[i] = x[end - i]; + x[end - i] = tmp; + } + } + + protected static void str(BigInteger R, BigInteger x, int m, ushort[] output, int off) + { + if (x.SignValue < 0) + { + throw new ArgumentException(); + } + for (int i = 1; i <= m; ++i) + { + BigInteger[] qr = x.DivideAndRemainder(R); + output[off + m - i] = (ushort)qr[1].IntValue; + x = qr[0]; + } + if (x.SignValue != 0) + { + throw new ArgumentException(); + } + } + + protected static void xor(byte[] x, int xOff, byte[] y, int yOff, int len) + { + for (int i = 0; i < len; ++i) + { + y[yOff + i] ^= x[xOff + i]; + } + } + + private static byte[] toByte(ushort[] buf) + { + byte[] s = new byte[buf.Length]; + + for (int i = 0; i != s.Length; i++) + { + s[i] = (byte)buf[i]; + } + + return s; + } + + private static ushort[] toShort(byte[] buf, int off, int len) + { + ushort[] s = new ushort[len]; + + for (int i = 0; i != s.Length; i++) + { + s[i] = (ushort)(buf[off + i] & 0xFF); + } + + return s; + } + + private static int Ceil(double v) + { + int rv = (int)v; + if ((double)rv < v) + return rv + 1; + + return rv; + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/generators/BCrypt.cs b/BouncyCastle/crypto/src/crypto/generators/BCrypt.cs new file mode 100644 index 0000000..6e9611a --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/generators/BCrypt.cs @@ -0,0 +1,628 @@ +using System; + +using Org.BouncyCastle.Crypto.Utilities; +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Crypto.Generators +{ + /** + * Core of password hashing scheme Bcrypt, + * designed by Niels Provos and David Mazières, + * corresponds to the C reference implementation. + *

+ * This implementation does not correspondent to the 1999 published paper + * "A Future-Adaptable Password Scheme" of Niels Provos and David Mazières, + * see: https://www.usenix.org/legacy/events/usenix99/provos/provos_html/node1.html. + * In contrast to the paper, the order of key setup and salt setup is reversed: + * state <- ExpandKey(state, 0, key) + * state %lt;- ExpandKey(state, 0, salt) + * This corresponds to the OpenBSD reference implementation of Bcrypt. + *

+ * Note: + * There is no successful cryptanalysis (status 2015), but + * the amount of memory and the band width of Bcrypt + * may be insufficient to effectively prevent attacks + * with custom hardware like FPGAs, ASICs + *

+ * This implementation uses some parts of Bouncy Castle's BlowfishEngine. + *

+ */ + public sealed class BCrypt + { + // magic String "OrpheanBeholderScryDoubt" is used as clear text for encryption + private static readonly uint[] MAGIC_STRING = + { + 0x4F727068, 0x65616E42, 0x65686F6C, + 0x64657253, 0x63727944, 0x6F756274 + }; + + internal const int MAGIC_STRING_LENGTH = 6; + + private static readonly uint[] + KP = { + 0x243F6A88, 0x85A308D3, 0x13198A2E, 0x03707344, + 0xA4093822, 0x299F31D0, 0x082EFA98, 0xEC4E6C89, + 0x452821E6, 0x38D01377, 0xBE5466CF, 0x34E90C6C, + 0xC0AC29B7, 0xC97C50DD, 0x3F84D5B5, 0xB5470917, + 0x9216D5D9, 0x8979FB1B + }, + + KS0 = { + 0xD1310BA6, 0x98DFB5AC, 0x2FFD72DB, 0xD01ADFB7, + 0xB8E1AFED, 0x6A267E96, 0xBA7C9045, 0xF12C7F99, + 0x24A19947, 0xB3916CF7, 0x0801F2E2, 0x858EFC16, + 0x636920D8, 0x71574E69, 0xA458FEA3, 0xF4933D7E, + 0x0D95748F, 0x728EB658, 0x718BCD58, 0x82154AEE, + 0x7B54A41D, 0xC25A59B5, 0x9C30D539, 0x2AF26013, + 0xC5D1B023, 0x286085F0, 0xCA417918, 0xB8DB38EF, + 0x8E79DCB0, 0x603A180E, 0x6C9E0E8B, 0xB01E8A3E, + 0xD71577C1, 0xBD314B27, 0x78AF2FDA, 0x55605C60, + 0xE65525F3, 0xAA55AB94, 0x57489862, 0x63E81440, + 0x55CA396A, 0x2AAB10B6, 0xB4CC5C34, 0x1141E8CE, + 0xA15486AF, 0x7C72E993, 0xB3EE1411, 0x636FBC2A, + 0x2BA9C55D, 0x741831F6, 0xCE5C3E16, 0x9B87931E, + 0xAFD6BA33, 0x6C24CF5C, 0x7A325381, 0x28958677, + 0x3B8F4898, 0x6B4BB9AF, 0xC4BFE81B, 0x66282193, + 0x61D809CC, 0xFB21A991, 0x487CAC60, 0x5DEC8032, + 0xEF845D5D, 0xE98575B1, 0xDC262302, 0xEB651B88, + 0x23893E81, 0xD396ACC5, 0x0F6D6FF3, 0x83F44239, + 0x2E0B4482, 0xA4842004, 0x69C8F04A, 0x9E1F9B5E, + 0x21C66842, 0xF6E96C9A, 0x670C9C61, 0xABD388F0, + 0x6A51A0D2, 0xD8542F68, 0x960FA728, 0xAB5133A3, + 0x6EEF0B6C, 0x137A3BE4, 0xBA3BF050, 0x7EFB2A98, + 0xA1F1651D, 0x39AF0176, 0x66CA593E, 0x82430E88, + 0x8CEE8619, 0x456F9FB4, 0x7D84A5C3, 0x3B8B5EBE, + 0xE06F75D8, 0x85C12073, 0x401A449F, 0x56C16AA6, + 0x4ED3AA62, 0x363F7706, 0x1BFEDF72, 0x429B023D, + 0x37D0D724, 0xD00A1248, 0xDB0FEAD3, 0x49F1C09B, + 0x075372C9, 0x80991B7B, 0x25D479D8, 0xF6E8DEF7, + 0xE3FE501A, 0xB6794C3B, 0x976CE0BD, 0x04C006BA, + 0xC1A94FB6, 0x409F60C4, 0x5E5C9EC2, 0x196A2463, + 0x68FB6FAF, 0x3E6C53B5, 0x1339B2EB, 0x3B52EC6F, + 0x6DFC511F, 0x9B30952C, 0xCC814544, 0xAF5EBD09, + 0xBEE3D004, 0xDE334AFD, 0x660F2807, 0x192E4BB3, + 0xC0CBA857, 0x45C8740F, 0xD20B5F39, 0xB9D3FBDB, + 0x5579C0BD, 0x1A60320A, 0xD6A100C6, 0x402C7279, + 0x679F25FE, 0xFB1FA3CC, 0x8EA5E9F8, 0xDB3222F8, + 0x3C7516DF, 0xFD616B15, 0x2F501EC8, 0xAD0552AB, + 0x323DB5FA, 0xFD238760, 0x53317B48, 0x3E00DF82, + 0x9E5C57BB, 0xCA6F8CA0, 0x1A87562E, 0xDF1769DB, + 0xD542A8F6, 0x287EFFC3, 0xAC6732C6, 0x8C4F5573, + 0x695B27B0, 0xBBCA58C8, 0xE1FFA35D, 0xB8F011A0, + 0x10FA3D98, 0xFD2183B8, 0x4AFCB56C, 0x2DD1D35B, + 0x9A53E479, 0xB6F84565, 0xD28E49BC, 0x4BFB9790, + 0xE1DDF2DA, 0xA4CB7E33, 0x62FB1341, 0xCEE4C6E8, + 0xEF20CADA, 0x36774C01, 0xD07E9EFE, 0x2BF11FB4, + 0x95DBDA4D, 0xAE909198, 0xEAAD8E71, 0x6B93D5A0, + 0xD08ED1D0, 0xAFC725E0, 0x8E3C5B2F, 0x8E7594B7, + 0x8FF6E2FB, 0xF2122B64, 0x8888B812, 0x900DF01C, + 0x4FAD5EA0, 0x688FC31C, 0xD1CFF191, 0xB3A8C1AD, + 0x2F2F2218, 0xBE0E1777, 0xEA752DFE, 0x8B021FA1, + 0xE5A0CC0F, 0xB56F74E8, 0x18ACF3D6, 0xCE89E299, + 0xB4A84FE0, 0xFD13E0B7, 0x7CC43B81, 0xD2ADA8D9, + 0x165FA266, 0x80957705, 0x93CC7314, 0x211A1477, + 0xE6AD2065, 0x77B5FA86, 0xC75442F5, 0xFB9D35CF, + 0xEBCDAF0C, 0x7B3E89A0, 0xD6411BD3, 0xAE1E7E49, + 0x00250E2D, 0x2071B35E, 0x226800BB, 0x57B8E0AF, + 0x2464369B, 0xF009B91E, 0x5563911D, 0x59DFA6AA, + 0x78C14389, 0xD95A537F, 0x207D5BA2, 0x02E5B9C5, + 0x83260376, 0x6295CFA9, 0x11C81968, 0x4E734A41, + 0xB3472DCA, 0x7B14A94A, 0x1B510052, 0x9A532915, + 0xD60F573F, 0xBC9BC6E4, 0x2B60A476, 0x81E67400, + 0x08BA6FB5, 0x571BE91F, 0xF296EC6B, 0x2A0DD915, + 0xB6636521, 0xE7B9F9B6, 0xFF34052E, 0xC5855664, + 0x53B02D5D, 0xA99F8FA1, 0x08BA4799, 0x6E85076A + }, + + KS1 = { + 0x4B7A70E9, 0xB5B32944, 0xDB75092E, 0xC4192623, + 0xAD6EA6B0, 0x49A7DF7D, 0x9CEE60B8, 0x8FEDB266, + 0xECAA8C71, 0x699A17FF, 0x5664526C, 0xC2B19EE1, + 0x193602A5, 0x75094C29, 0xA0591340, 0xE4183A3E, + 0x3F54989A, 0x5B429D65, 0x6B8FE4D6, 0x99F73FD6, + 0xA1D29C07, 0xEFE830F5, 0x4D2D38E6, 0xF0255DC1, + 0x4CDD2086, 0x8470EB26, 0x6382E9C6, 0x021ECC5E, + 0x09686B3F, 0x3EBAEFC9, 0x3C971814, 0x6B6A70A1, + 0x687F3584, 0x52A0E286, 0xB79C5305, 0xAA500737, + 0x3E07841C, 0x7FDEAE5C, 0x8E7D44EC, 0x5716F2B8, + 0xB03ADA37, 0xF0500C0D, 0xF01C1F04, 0x0200B3FF, + 0xAE0CF51A, 0x3CB574B2, 0x25837A58, 0xDC0921BD, + 0xD19113F9, 0x7CA92FF6, 0x94324773, 0x22F54701, + 0x3AE5E581, 0x37C2DADC, 0xC8B57634, 0x9AF3DDA7, + 0xA9446146, 0x0FD0030E, 0xECC8C73E, 0xA4751E41, + 0xE238CD99, 0x3BEA0E2F, 0x3280BBA1, 0x183EB331, + 0x4E548B38, 0x4F6DB908, 0x6F420D03, 0xF60A04BF, + 0x2CB81290, 0x24977C79, 0x5679B072, 0xBCAF89AF, + 0xDE9A771F, 0xD9930810, 0xB38BAE12, 0xDCCF3F2E, + 0x5512721F, 0x2E6B7124, 0x501ADDE6, 0x9F84CD87, + 0x7A584718, 0x7408DA17, 0xBC9F9ABC, 0xE94B7D8C, + 0xEC7AEC3A, 0xDB851DFA, 0x63094366, 0xC464C3D2, + 0xEF1C1847, 0x3215D908, 0xDD433B37, 0x24C2BA16, + 0x12A14D43, 0x2A65C451, 0x50940002, 0x133AE4DD, + 0x71DFF89E, 0x10314E55, 0x81AC77D6, 0x5F11199B, + 0x043556F1, 0xD7A3C76B, 0x3C11183B, 0x5924A509, + 0xF28FE6ED, 0x97F1FBFA, 0x9EBABF2C, 0x1E153C6E, + 0x86E34570, 0xEAE96FB1, 0x860E5E0A, 0x5A3E2AB3, + 0x771FE71C, 0x4E3D06FA, 0x2965DCB9, 0x99E71D0F, + 0x803E89D6, 0x5266C825, 0x2E4CC978, 0x9C10B36A, + 0xC6150EBA, 0x94E2EA78, 0xA5FC3C53, 0x1E0A2DF4, + 0xF2F74EA7, 0x361D2B3D, 0x1939260F, 0x19C27960, + 0x5223A708, 0xF71312B6, 0xEBADFE6E, 0xEAC31F66, + 0xE3BC4595, 0xA67BC883, 0xB17F37D1, 0x018CFF28, + 0xC332DDEF, 0xBE6C5AA5, 0x65582185, 0x68AB9802, + 0xEECEA50F, 0xDB2F953B, 0x2AEF7DAD, 0x5B6E2F84, + 0x1521B628, 0x29076170, 0xECDD4775, 0x619F1510, + 0x13CCA830, 0xEB61BD96, 0x0334FE1E, 0xAA0363CF, + 0xB5735C90, 0x4C70A239, 0xD59E9E0B, 0xCBAADE14, + 0xEECC86BC, 0x60622CA7, 0x9CAB5CAB, 0xB2F3846E, + 0x648B1EAF, 0x19BDF0CA, 0xA02369B9, 0x655ABB50, + 0x40685A32, 0x3C2AB4B3, 0x319EE9D5, 0xC021B8F7, + 0x9B540B19, 0x875FA099, 0x95F7997E, 0x623D7DA8, + 0xF837889A, 0x97E32D77, 0x11ED935F, 0x16681281, + 0x0E358829, 0xC7E61FD6, 0x96DEDFA1, 0x7858BA99, + 0x57F584A5, 0x1B227263, 0x9B83C3FF, 0x1AC24696, + 0xCDB30AEB, 0x532E3054, 0x8FD948E4, 0x6DBC3128, + 0x58EBF2EF, 0x34C6FFEA, 0xFE28ED61, 0xEE7C3C73, + 0x5D4A14D9, 0xE864B7E3, 0x42105D14, 0x203E13E0, + 0x45EEE2B6, 0xA3AAABEA, 0xDB6C4F15, 0xFACB4FD0, + 0xC742F442, 0xEF6ABBB5, 0x654F3B1D, 0x41CD2105, + 0xD81E799E, 0x86854DC7, 0xE44B476A, 0x3D816250, + 0xCF62A1F2, 0x5B8D2646, 0xFC8883A0, 0xC1C7B6A3, + 0x7F1524C3, 0x69CB7492, 0x47848A0B, 0x5692B285, + 0x095BBF00, 0xAD19489D, 0x1462B174, 0x23820E00, + 0x58428D2A, 0x0C55F5EA, 0x1DADF43E, 0x233F7061, + 0x3372F092, 0x8D937E41, 0xD65FECF1, 0x6C223BDB, + 0x7CDE3759, 0xCBEE7460, 0x4085F2A7, 0xCE77326E, + 0xA6078084, 0x19F8509E, 0xE8EFD855, 0x61D99735, + 0xA969A7AA, 0xC50C06C2, 0x5A04ABFC, 0x800BCADC, + 0x9E447A2E, 0xC3453484, 0xFDD56705, 0x0E1E9EC9, + 0xDB73DBD3, 0x105588CD, 0x675FDA79, 0xE3674340, + 0xC5C43465, 0x713E38D8, 0x3D28F89E, 0xF16DFF20, + 0x153E21E7, 0x8FB03D4A, 0xE6E39F2B, 0xDB83ADF7 + }, + + KS2 = { + 0xE93D5A68, 0x948140F7, 0xF64C261C, 0x94692934, + 0x411520F7, 0x7602D4F7, 0xBCF46B2E, 0xD4A20068, + 0xD4082471, 0x3320F46A, 0x43B7D4B7, 0x500061AF, + 0x1E39F62E, 0x97244546, 0x14214F74, 0xBF8B8840, + 0x4D95FC1D, 0x96B591AF, 0x70F4DDD3, 0x66A02F45, + 0xBFBC09EC, 0x03BD9785, 0x7FAC6DD0, 0x31CB8504, + 0x96EB27B3, 0x55FD3941, 0xDA2547E6, 0xABCA0A9A, + 0x28507825, 0x530429F4, 0x0A2C86DA, 0xE9B66DFB, + 0x68DC1462, 0xD7486900, 0x680EC0A4, 0x27A18DEE, + 0x4F3FFEA2, 0xE887AD8C, 0xB58CE006, 0x7AF4D6B6, + 0xAACE1E7C, 0xD3375FEC, 0xCE78A399, 0x406B2A42, + 0x20FE9E35, 0xD9F385B9, 0xEE39D7AB, 0x3B124E8B, + 0x1DC9FAF7, 0x4B6D1856, 0x26A36631, 0xEAE397B2, + 0x3A6EFA74, 0xDD5B4332, 0x6841E7F7, 0xCA7820FB, + 0xFB0AF54E, 0xD8FEB397, 0x454056AC, 0xBA489527, + 0x55533A3A, 0x20838D87, 0xFE6BA9B7, 0xD096954B, + 0x55A867BC, 0xA1159A58, 0xCCA92963, 0x99E1DB33, + 0xA62A4A56, 0x3F3125F9, 0x5EF47E1C, 0x9029317C, + 0xFDF8E802, 0x04272F70, 0x80BB155C, 0x05282CE3, + 0x95C11548, 0xE4C66D22, 0x48C1133F, 0xC70F86DC, + 0x07F9C9EE, 0x41041F0F, 0x404779A4, 0x5D886E17, + 0x325F51EB, 0xD59BC0D1, 0xF2BCC18F, 0x41113564, + 0x257B7834, 0x602A9C60, 0xDFF8E8A3, 0x1F636C1B, + 0x0E12B4C2, 0x02E1329E, 0xAF664FD1, 0xCAD18115, + 0x6B2395E0, 0x333E92E1, 0x3B240B62, 0xEEBEB922, + 0x85B2A20E, 0xE6BA0D99, 0xDE720C8C, 0x2DA2F728, + 0xD0127845, 0x95B794FD, 0x647D0862, 0xE7CCF5F0, + 0x5449A36F, 0x877D48FA, 0xC39DFD27, 0xF33E8D1E, + 0x0A476341, 0x992EFF74, 0x3A6F6EAB, 0xF4F8FD37, + 0xA812DC60, 0xA1EBDDF8, 0x991BE14C, 0xDB6E6B0D, + 0xC67B5510, 0x6D672C37, 0x2765D43B, 0xDCD0E804, + 0xF1290DC7, 0xCC00FFA3, 0xB5390F92, 0x690FED0B, + 0x667B9FFB, 0xCEDB7D9C, 0xA091CF0B, 0xD9155EA3, + 0xBB132F88, 0x515BAD24, 0x7B9479BF, 0x763BD6EB, + 0x37392EB3, 0xCC115979, 0x8026E297, 0xF42E312D, + 0x6842ADA7, 0xC66A2B3B, 0x12754CCC, 0x782EF11C, + 0x6A124237, 0xB79251E7, 0x06A1BBE6, 0x4BFB6350, + 0x1A6B1018, 0x11CAEDFA, 0x3D25BDD8, 0xE2E1C3C9, + 0x44421659, 0x0A121386, 0xD90CEC6E, 0xD5ABEA2A, + 0x64AF674E, 0xDA86A85F, 0xBEBFE988, 0x64E4C3FE, + 0x9DBC8057, 0xF0F7C086, 0x60787BF8, 0x6003604D, + 0xD1FD8346, 0xF6381FB0, 0x7745AE04, 0xD736FCCC, + 0x83426B33, 0xF01EAB71, 0xB0804187, 0x3C005E5F, + 0x77A057BE, 0xBDE8AE24, 0x55464299, 0xBF582E61, + 0x4E58F48F, 0xF2DDFDA2, 0xF474EF38, 0x8789BDC2, + 0x5366F9C3, 0xC8B38E74, 0xB475F255, 0x46FCD9B9, + 0x7AEB2661, 0x8B1DDF84, 0x846A0E79, 0x915F95E2, + 0x466E598E, 0x20B45770, 0x8CD55591, 0xC902DE4C, + 0xB90BACE1, 0xBB8205D0, 0x11A86248, 0x7574A99E, + 0xB77F19B6, 0xE0A9DC09, 0x662D09A1, 0xC4324633, + 0xE85A1F02, 0x09F0BE8C, 0x4A99A025, 0x1D6EFE10, + 0x1AB93D1D, 0x0BA5A4DF, 0xA186F20F, 0x2868F169, + 0xDCB7DA83, 0x573906FE, 0xA1E2CE9B, 0x4FCD7F52, + 0x50115E01, 0xA70683FA, 0xA002B5C4, 0x0DE6D027, + 0x9AF88C27, 0x773F8641, 0xC3604C06, 0x61A806B5, + 0xF0177A28, 0xC0F586E0, 0x006058AA, 0x30DC7D62, + 0x11E69ED7, 0x2338EA63, 0x53C2DD94, 0xC2C21634, + 0xBBCBEE56, 0x90BCB6DE, 0xEBFC7DA1, 0xCE591D76, + 0x6F05E409, 0x4B7C0188, 0x39720A3D, 0x7C927C24, + 0x86E3725F, 0x724D9DB9, 0x1AC15BB4, 0xD39EB8FC, + 0xED545578, 0x08FCA5B5, 0xD83D7CD3, 0x4DAD0FC4, + 0x1E50EF5E, 0xB161E6F8, 0xA28514D9, 0x6C51133C, + 0x6FD5C7E7, 0x56E14EC4, 0x362ABFCE, 0xDDC6C837, + 0xD79A3234, 0x92638212, 0x670EFA8E, 0x406000E0 + }, + + KS3 = { + 0x3A39CE37, 0xD3FAF5CF, 0xABC27737, 0x5AC52D1B, + 0x5CB0679E, 0x4FA33742, 0xD3822740, 0x99BC9BBE, + 0xD5118E9D, 0xBF0F7315, 0xD62D1C7E, 0xC700C47B, + 0xB78C1B6B, 0x21A19045, 0xB26EB1BE, 0x6A366EB4, + 0x5748AB2F, 0xBC946E79, 0xC6A376D2, 0x6549C2C8, + 0x530FF8EE, 0x468DDE7D, 0xD5730A1D, 0x4CD04DC6, + 0x2939BBDB, 0xA9BA4650, 0xAC9526E8, 0xBE5EE304, + 0xA1FAD5F0, 0x6A2D519A, 0x63EF8CE2, 0x9A86EE22, + 0xC089C2B8, 0x43242EF6, 0xA51E03AA, 0x9CF2D0A4, + 0x83C061BA, 0x9BE96A4D, 0x8FE51550, 0xBA645BD6, + 0x2826A2F9, 0xA73A3AE1, 0x4BA99586, 0xEF5562E9, + 0xC72FEFD3, 0xF752F7DA, 0x3F046F69, 0x77FA0A59, + 0x80E4A915, 0x87B08601, 0x9B09E6AD, 0x3B3EE593, + 0xE990FD5A, 0x9E34D797, 0x2CF0B7D9, 0x022B8B51, + 0x96D5AC3A, 0x017DA67D, 0xD1CF3ED6, 0x7C7D2D28, + 0x1F9F25CF, 0xADF2B89B, 0x5AD6B472, 0x5A88F54C, + 0xE029AC71, 0xE019A5E6, 0x47B0ACFD, 0xED93FA9B, + 0xE8D3C48D, 0x283B57CC, 0xF8D56629, 0x79132E28, + 0x785F0191, 0xED756055, 0xF7960E44, 0xE3D35E8C, + 0x15056DD4, 0x88F46DBA, 0x03A16125, 0x0564F0BD, + 0xC3EB9E15, 0x3C9057A2, 0x97271AEC, 0xA93A072A, + 0x1B3F6D9B, 0x1E6321F5, 0xF59C66FB, 0x26DCF319, + 0x7533D928, 0xB155FDF5, 0x03563482, 0x8ABA3CBB, + 0x28517711, 0xC20AD9F8, 0xABCC5167, 0xCCAD925F, + 0x4DE81751, 0x3830DC8E, 0x379D5862, 0x9320F991, + 0xEA7A90C2, 0xFB3E7BCE, 0x5121CE64, 0x774FBE32, + 0xA8B6E37E, 0xC3293D46, 0x48DE5369, 0x6413E680, + 0xA2AE0810, 0xDD6DB224, 0x69852DFD, 0x09072166, + 0xB39A460A, 0x6445C0DD, 0x586CDECF, 0x1C20C8AE, + 0x5BBEF7DD, 0x1B588D40, 0xCCD2017F, 0x6BB4E3BB, + 0xDDA26A7E, 0x3A59FF45, 0x3E350A44, 0xBCB4CDD5, + 0x72EACEA8, 0xFA6484BB, 0x8D6612AE, 0xBF3C6F47, + 0xD29BE463, 0x542F5D9E, 0xAEC2771B, 0xF64E6370, + 0x740E0D8D, 0xE75B1357, 0xF8721671, 0xAF537D5D, + 0x4040CB08, 0x4EB4E2CC, 0x34D2466A, 0x0115AF84, + 0xE1B00428, 0x95983A1D, 0x06B89FB4, 0xCE6EA048, + 0x6F3F3B82, 0x3520AB82, 0x011A1D4B, 0x277227F8, + 0x611560B1, 0xE7933FDC, 0xBB3A792B, 0x344525BD, + 0xA08839E1, 0x51CE794B, 0x2F32C9B7, 0xA01FBAC9, + 0xE01CC87E, 0xBCC7D1F6, 0xCF0111C3, 0xA1E8AAC7, + 0x1A908749, 0xD44FBD9A, 0xD0DADECB, 0xD50ADA38, + 0x0339C32A, 0xC6913667, 0x8DF9317C, 0xE0B12B4F, + 0xF79E59B7, 0x43F5BB3A, 0xF2D519FF, 0x27D9459C, + 0xBF97222C, 0x15E6FC2A, 0x0F91FC71, 0x9B941525, + 0xFAE59361, 0xCEB69CEB, 0xC2A86459, 0x12BAA8D1, + 0xB6C1075E, 0xE3056A0C, 0x10D25065, 0xCB03A442, + 0xE0EC6E0E, 0x1698DB3B, 0x4C98A0BE, 0x3278E964, + 0x9F1F9532, 0xE0D392DF, 0xD3A0342B, 0x8971F21E, + 0x1B0A7441, 0x4BA3348C, 0xC5BE7120, 0xC37632D8, + 0xDF359F8D, 0x9B992F2E, 0xE60B6F47, 0x0FE3F11D, + 0xE54CDA54, 0x1EDAD891, 0xCE6279CF, 0xCD3E7E6F, + 0x1618B166, 0xFD2C1D05, 0x848FD2C5, 0xF6FB2299, + 0xF523F357, 0xA6327623, 0x93A83531, 0x56CCCD02, + 0xACF08162, 0x5A75EBB5, 0x6E163697, 0x88D273CC, + 0xDE966292, 0x81B949D0, 0x4C50901B, 0x71C65614, + 0xE6C6C7BD, 0x327A140A, 0x45E1D006, 0xC3F27B9A, + 0xC9AA53FD, 0x62A80F00, 0xBB25BFE2, 0x35BDD2F6, + 0x71126905, 0xB2040222, 0xB6CBCF7C, 0xCD769C2B, + 0x53113EC0, 0x1640E3D3, 0x38ABBD60, 0x2547ADF0, + 0xBA38209C, 0xF746CE76, 0x77AFA1C5, 0x20756060, + 0x85CBFE4E, 0x8AE88DD8, 0x7AAAF9B0, 0x4CF9AA7E, + 0x1948C25C, 0x02FB8A8C, 0x01C36AE4, 0xD6EBE1F9, + 0x90D4F869, 0xA65CDEA0, 0x3F09252D, 0xC208E69F, + 0xB74E6132, 0xCE77E25B, 0x578FDFE3, 0x3AC372E6 + }; + + //==================================== + // Useful constants + //==================================== + + private const int ROUNDS = 16; + private const int SBOX_SK = 256; + private const int SBOX_SK2 = SBOX_SK * 2; + private const int SBOX_SK3 = SBOX_SK * 3; + private const int P_SZ = ROUNDS + 2; + + private readonly uint[] S; // the s-boxes + private readonly uint[] P; // the p-array + + private BCrypt() + { + S = new uint[SBOX_SK * 4]; + P = new uint[P_SZ]; + } + + //================================== + // Private Implementation + //================================== + + private uint F(uint x) + { + return (((S[(x >> 24)] + S[SBOX_SK + ((x >> 16) & 0xff)]) + ^ S[SBOX_SK2 + ((x >> 8) & 0xff)]) + S[SBOX_SK3 + (x & 0xff)]); + } + + /* + * apply the encryption cycle to each value pair in the table. + */ + private void ProcessTable(uint xl, uint xr, uint[] table) + { + int size = table.Length; + + for (int s = 0; s < size; s += 2) + { + xl ^= P[0]; + + for (int i = 1; i < ROUNDS; i += 2) + { + xr ^= F(xl) ^ P[i]; + xl ^= F(xr) ^ P[i + 1]; + } + + xr ^= P[ROUNDS + 1]; + + table[s] = xr; + table[s + 1] = xl; + + xr = xl; // end of cycle swap + xl = table[s]; + } + } + + /* + * Initialize the S-boxes and the P-array, with a fixed string + * This string contains the hexadecimal digits of pi (3.141...) + */ + private void InitState() + { + Array.Copy(KS0, 0, S, 0, SBOX_SK); + Array.Copy(KS1, 0, S, SBOX_SK, SBOX_SK); + Array.Copy(KS2, 0, S, SBOX_SK2, SBOX_SK); + Array.Copy(KS3, 0, S, SBOX_SK3, SBOX_SK); + + Array.Copy(KP, 0, P, 0, P_SZ); + } + + /* + * XOR P with key cyclic. + * This is the first part of ExpandKey function + */ + private void CyclicXorKey(byte[] key) + { + int keyLength = key.Length; + int keyIndex = 0; + + for (int i = 0; i < P_SZ; i++) + { + // get the 32 bits of the key, in 4 * 8 bit chunks + uint data = 0x0000000; + for (int j = 0; j < 4; j++) + { + // create a 32 bit block + data = (data << 8) | key[keyIndex]; + + // wrap when we get to the end of the key + if (++keyIndex >= keyLength) + { + keyIndex = 0; + } + } + // XOR the newly created 32 bit chunk onto the P-array + P[i] ^= data; + } + } + + + /* + * encrypt magic String 64 times in ECB + */ + private byte[] EncryptMagicString() + { + uint[] text = { + MAGIC_STRING[0], MAGIC_STRING[1], + MAGIC_STRING[2], MAGIC_STRING[3], + MAGIC_STRING[4], MAGIC_STRING[5] + }; + for (int i = 0; i < 64; i++) + { + for (int j = 0; j < MAGIC_STRING_LENGTH; j += 2) + { + uint left = text[j]; + uint right = text[j + 1]; + + left ^= P[0]; + for (int k = 1; k < ROUNDS; k += 2) + { + right ^= F(left) ^ P[k]; + left ^= F(right) ^ P[k + 1]; + } + right ^= P[ROUNDS + 1]; + // swap values: + text[j] = right; + text[j + 1] = left; + } + } + byte[] result = new byte[24]; // holds 192 bit key + Pack.UInt32_To_BE(text, result, 0); + Array.Clear(text, 0, text.Length); + Array.Clear(P, 0, P.Length); + Array.Clear(S, 0, S.Length); + + return result; + } + + /* + * This is a part of Eksblowfish function + * + * @param table: sub-keys or working key + * @param salt32Bit: a 16 byte salt as two 32 bit words + * @param iv1: value from last proceeded table + * @param iv2: value from last proceeded table + */ + private void ProcessTableWithSalt(uint[] table, uint[] salt32Bit, uint iv1, uint iv2) + { + uint xl = iv1 ^ salt32Bit[0]; + uint xr = iv2 ^ salt32Bit[1]; + + uint yl; + uint yr; + int size = table.Length; + + for (int s = 0; s < size; s += 4) + { + xl ^= P[0]; + for (int i = 1; i < ROUNDS; i += 2) + { + xr ^= F(xl) ^ P[i]; + xl ^= F(xr) ^ P[i + 1]; + } + xr ^= P[ROUNDS + 1]; + + table[s] = xr; + table[s + 1] = xl; + + yl = salt32Bit[2] ^ xr; + yr = salt32Bit[3] ^ xl; + + if (s + 2 >= size) // P holds 18 values + { + break; + } + + yl ^= P[0]; + for (int i = 1; i < ROUNDS; i += 2) + { + yr ^= F(yl) ^ P[i]; + yl ^= F(yr) ^ P[i + 1]; + } + yr ^= P[ROUNDS + 1]; + + table[s + 2] = yr; + table[s + 3] = yl; + + xl = salt32Bit[0] ^ yr; + xr = salt32Bit[1] ^ yl; + } + } + + /** + * Derives a raw 192 bit Bcrypt key + * + * @param cost the cost factor, treated as an exponent of 2 + * @param salt a 16 byte salt + * @param psw the password + * @return a 192 bit key + */ + private byte[] DeriveRawKey(int cost, byte[] salt, byte[] psw) + { + if (salt.Length != 16) + throw new DataLengthException("Invalid salt size: 16 bytes expected."); + if (cost < 4 || cost > 31) + throw new ArgumentException("Illegal cost factor: 4 - 31 expected.", "cost"); + + if (psw.Length == 0) + { + psw = new byte[4]; + } + + // state <- InitState() + InitState(); + + uint[] salt32Bit = new uint[4]; // holds 16 byte salt + Pack.BE_To_UInt32(salt, 0, salt32Bit); + + uint[] salt32Bit2 = new uint[salt.Length]; // swapped values + salt32Bit2[0] = salt32Bit[2]; + salt32Bit2[1] = salt32Bit[3]; + salt32Bit2[2] = salt32Bit[0]; + salt32Bit2[3] = salt32Bit[1]; + + // ExpandKey( state, salt, key): + CyclicXorKey(psw); + ProcessTableWithSalt(P, salt32Bit, 0, 0); + Array.Clear(salt32Bit, 0, salt32Bit.Length); + ProcessTableWithSalt(S, salt32Bit2, P[P.Length - 2], P[P.Length - 1]); + Array.Clear(salt32Bit2, 0, salt32Bit2.Length); + + int rounds = 1 << cost; + for (int i = 0; i != rounds; i++) // rounds may be negative if cost is 31 + { + // state <- ExpandKey(state, 0, key); + CyclicXorKey(psw); + ProcessTable(0, 0, P); + ProcessTable(P[P_SZ - 2], P[P_SZ - 1], S); + + // state <- ExpandKey(state, 0, salt); + CyclicXorKey(salt); + ProcessTable(0, 0, P); + ProcessTable(P[P_SZ - 2], P[P_SZ - 1], S); + } + + // encrypt magicString 64 times + return EncryptMagicString(); + } + + /** + * Size of the salt parameter in bytes + */ + internal const int SALT_SIZE_BYTES = 16; + + /** + * Minimum value of cost parameter, equal to log2(bytes of salt) + */ + internal const int MIN_COST = 4; + + /** + * Maximum value of cost parameter (31 == 2,147,483,648) + */ + internal const int MAX_COST = 31; + + /** + * Maximum size of password == max (unrestricted) size of Blowfish key + */ + // Blowfish spec limits keys to 448bit/56 bytes to ensure all bits of key affect all ciphertext + // bits, but technically algorithm handles 72 byte keys and most implementations support this. + internal const int MAX_PASSWORD_BYTES = 72; + + /** + * Converts a character password to bytes incorporating the required trailing zero byte. + * + * @param password the password to be encoded. + * @return a byte representation of the password in UTF8 + trailing zero. + */ + public static byte[] PasswordToByteArray(char[] password) + { + return Arrays.Append(Strings.ToUtf8ByteArray(password), 0); + } + + /** + * Calculates the bcrypt hash of a password. + *

+ * This implements the raw bcrypt function as defined in the bcrypt specification, not + * the crypt encoded version implemented in OpenBSD. + *

+ * @param password the password bytes (up to 72 bytes) to use for this invocation. + * @param salt the 128 bit salt to use for this invocation. + * @param cost the bcrypt cost parameter. The cost of the bcrypt function grows as + * 2^cost. Legal values are 4..31 inclusive. + * @return the output of the raw bcrypt operation: a 192 bit (24 byte) hash. + */ + public static byte[] Generate(byte[] password, byte[] salt, int cost) + { + if (password == null) + throw new ArgumentNullException("password"); + if (password.Length > MAX_PASSWORD_BYTES) + throw new ArgumentException("BCrypt password must be <= 72 bytes", "password"); + if (salt == null) + throw new ArgumentNullException("salt"); + if (salt.Length != SALT_SIZE_BYTES) + throw new ArgumentException("BCrypt salt must be 128 bits", "salt"); + if (cost < MIN_COST || cost > MAX_COST) + throw new ArgumentException("BCrypt cost must be from 4..31", "cost"); + + return new BCrypt().DeriveRawKey(cost, salt, password); + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/generators/BaseKdfBytesGenerator.cs b/BouncyCastle/crypto/src/crypto/generators/BaseKdfBytesGenerator.cs new file mode 100644 index 0000000..bca4207 --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/generators/BaseKdfBytesGenerator.cs @@ -0,0 +1,132 @@ +using System; + +using Org.BouncyCastle.Crypto; +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Crypto.Utilities; + +namespace Org.BouncyCastle.Crypto.Generators +{ + /** + * Basic KDF generator for derived keys and ivs as defined by IEEE P1363a/ISO 18033 + *
+ * This implementation is based on ISO 18033/P1363a. + */ + public class BaseKdfBytesGenerator + : IDerivationFunction + { + private int counterStart; + private IDigest digest; + private byte[] shared; + private byte[] iv; + + /** + * Construct a KDF Parameters generator. + * + * @param counterStart value of counter. + * @param digest the digest to be used as the source of derived keys. + */ + public BaseKdfBytesGenerator(int counterStart, IDigest digest) + { + this.counterStart = counterStart; + this.digest = digest; + } + + public virtual void Init(IDerivationParameters parameters) + { + if (parameters is KdfParameters) + { + KdfParameters p = (KdfParameters)parameters; + + shared = p.GetSharedSecret(); + iv = p.GetIV(); + } + else if (parameters is Iso18033KdfParameters) + { + Iso18033KdfParameters p = (Iso18033KdfParameters)parameters; + + shared = p.GetSeed(); + iv = null; + } + else + { + throw new ArgumentException("KDF parameters required for KDF Generator"); + } + } + + /** + * return the underlying digest. + */ + public virtual IDigest Digest + { + get { return digest; } + } + + /** + * fill len bytes of the output buffer with bytes generated from + * the derivation function. + * + * @throws ArgumentException if the size of the request will cause an overflow. + * @throws DataLengthException if the out buffer is too small. + */ + public virtual int GenerateBytes(byte[] output, int outOff, int length) + { + if ((output.Length - length) < outOff) + throw new DataLengthException("output buffer too small"); + + long oBytes = length; + int outLen = digest.GetDigestSize(); + + // + // this is at odds with the standard implementation, the + // maximum value should be hBits * (2^32 - 1) where hBits + // is the digest output size in bits. We can't have an + // array with a long index at the moment... + // + if (oBytes > ((2L << 32) - 1)) + throw new ArgumentException("Output length too large"); + + int cThreshold = (int)((oBytes + outLen - 1) / outLen); + + byte[] dig = new byte[digest.GetDigestSize()]; + + byte[] C = new byte[4]; + Pack.UInt32_To_BE((uint)counterStart, C, 0); + + uint counterBase = (uint)(counterStart & ~0xFF); + + for (int i = 0; i < cThreshold; i++) + { + digest.BlockUpdate(shared, 0, shared.Length); + digest.BlockUpdate(C, 0, 4); + + if (iv != null) + { + digest.BlockUpdate(iv, 0, iv.Length); + } + + digest.DoFinal(dig, 0); + + if (length > outLen) + { + Array.Copy(dig, 0, output, outOff, outLen); + outOff += outLen; + length -= outLen; + } + else + { + Array.Copy(dig, 0, output, outOff, length); + } + + if (++C[3] == 0) + { + counterBase += 0x100; + Pack.UInt32_To_BE(counterBase, C, 0); + } + } + + digest.Reset(); + + return (int)oBytes; + } + } +} \ No newline at end of file diff --git a/BouncyCastle/crypto/src/crypto/generators/DHBasicKeyPairGenerator.cs b/BouncyCastle/crypto/src/crypto/generators/DHBasicKeyPairGenerator.cs new file mode 100644 index 0000000..51b3af6 --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/generators/DHBasicKeyPairGenerator.cs @@ -0,0 +1,38 @@ +using System; + +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Math; + +namespace Org.BouncyCastle.Crypto.Generators +{ + /** + * a basic Diffie-Hellman key pair generator. + * + * This generates keys consistent for use with the basic algorithm for + * Diffie-Hellman. + */ + public class DHBasicKeyPairGenerator + : IAsymmetricCipherKeyPairGenerator + { + private DHKeyGenerationParameters param; + + public virtual void Init( + KeyGenerationParameters parameters) + { + this.param = (DHKeyGenerationParameters)parameters; + } + + public virtual AsymmetricCipherKeyPair GenerateKeyPair() + { + DHKeyGeneratorHelper helper = DHKeyGeneratorHelper.Instance; + DHParameters dhp = param.Parameters; + + BigInteger x = helper.CalculatePrivate(dhp, param.Random); + BigInteger y = helper.CalculatePublic(dhp, x); + + return new AsymmetricCipherKeyPair( + new DHPublicKeyParameters(y, dhp), + new DHPrivateKeyParameters(x, dhp)); + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/generators/DHKeyGeneratorHelper.cs b/BouncyCastle/crypto/src/crypto/generators/DHKeyGeneratorHelper.cs new file mode 100644 index 0000000..68aba64 --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/generators/DHKeyGeneratorHelper.cs @@ -0,0 +1,72 @@ +using System; + +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Math; +using Org.BouncyCastle.Math.EC.Multiplier; +using Org.BouncyCastle.Security; +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Crypto.Generators +{ + class DHKeyGeneratorHelper + { + internal static readonly DHKeyGeneratorHelper Instance = new DHKeyGeneratorHelper(); + + private DHKeyGeneratorHelper() + { + } + + internal BigInteger CalculatePrivate( + DHParameters dhParams, + SecureRandom random) + { + int limit = dhParams.L; + + if (limit != 0) + { + int minWeight = limit >> 2; + for (;;) + { + BigInteger x = new BigInteger(limit, random).SetBit(limit - 1); + if (WNafUtilities.GetNafWeight(x) >= minWeight) + { + return x; + } + } + } + + BigInteger min = BigInteger.Two; + int m = dhParams.M; + if (m != 0) + { + min = BigInteger.One.ShiftLeft(m - 1); + } + + BigInteger q = dhParams.Q; + if (q == null) + { + q = dhParams.P; + } + BigInteger max = q.Subtract(BigInteger.Two); + + { + int minWeight = max.BitLength >> 2; + for (;;) + { + BigInteger x = BigIntegers.CreateRandomInRange(min, max, random); + if (WNafUtilities.GetNafWeight(x) >= minWeight) + { + return x; + } + } + } + } + + internal BigInteger CalculatePublic( + DHParameters dhParams, + BigInteger x) + { + return dhParams.G.ModPow(x, dhParams.P); + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/generators/DHKeyPairGenerator.cs b/BouncyCastle/crypto/src/crypto/generators/DHKeyPairGenerator.cs new file mode 100644 index 0000000..3bf58ba --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/generators/DHKeyPairGenerator.cs @@ -0,0 +1,38 @@ +using System; + +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Math; + +namespace Org.BouncyCastle.Crypto.Generators +{ + /** + * a Diffie-Hellman key pair generator. + * + * This generates keys consistent for use in the MTI/A0 key agreement protocol + * as described in "Handbook of Applied Cryptography", Pages 516-519. + */ + public class DHKeyPairGenerator + : IAsymmetricCipherKeyPairGenerator + { + private DHKeyGenerationParameters param; + + public virtual void Init( + KeyGenerationParameters parameters) + { + this.param = (DHKeyGenerationParameters)parameters; + } + + public virtual AsymmetricCipherKeyPair GenerateKeyPair() + { + DHKeyGeneratorHelper helper = DHKeyGeneratorHelper.Instance; + DHParameters dhp = param.Parameters; + + BigInteger x = helper.CalculatePrivate(dhp, param.Random); + BigInteger y = helper.CalculatePublic(dhp, x); + + return new AsymmetricCipherKeyPair( + new DHPublicKeyParameters(y, dhp), + new DHPrivateKeyParameters(x, dhp)); + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/generators/DHParametersGenerator.cs b/BouncyCastle/crypto/src/crypto/generators/DHParametersGenerator.cs new file mode 100644 index 0000000..e752c84 --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/generators/DHParametersGenerator.cs @@ -0,0 +1,45 @@ +using System; + +using Org.BouncyCastle.Math; +using Org.BouncyCastle.Security; +using Org.BouncyCastle.Crypto.Parameters; + +namespace Org.BouncyCastle.Crypto.Generators +{ + public class DHParametersGenerator + { + private int size; + private int certainty; + private SecureRandom random; + + public virtual void Init( + int size, + int certainty, + SecureRandom random) + { + this.size = size; + this.certainty = certainty; + this.random = random; + } + + /** + * which Generates the p and g values from the given parameters, + * returning the DHParameters object. + *

+ * Note: can take a while...

+ */ + public virtual DHParameters GenerateParameters() + { + // + // find a safe prime p where p = 2*q + 1, where p and q are prime. + // + BigInteger[] safePrimes = DHParametersHelper.GenerateSafePrimes(size, certainty, random); + + BigInteger p = safePrimes[0]; + BigInteger q = safePrimes[1]; + BigInteger g = DHParametersHelper.SelectGenerator(p, q, random); + + return new DHParameters(p, g, q, BigInteger.Two, null); + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/generators/DHParametersHelper.cs b/BouncyCastle/crypto/src/crypto/generators/DHParametersHelper.cs new file mode 100644 index 0000000..3856904 --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/generators/DHParametersHelper.cs @@ -0,0 +1,156 @@ +using System; + +using Org.BouncyCastle.Math; +using Org.BouncyCastle.Math.EC.Multiplier; +using Org.BouncyCastle.Security; +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Crypto.Generators +{ + internal class DHParametersHelper + { + private static readonly BigInteger Six = BigInteger.ValueOf(6); + + private static readonly int[][] primeLists = BigInteger.primeLists; + private static readonly int[] primeProducts = BigInteger.primeProducts; + private static readonly BigInteger[] BigPrimeProducts = ConstructBigPrimeProducts(primeProducts); + + private static BigInteger[] ConstructBigPrimeProducts(int[] primeProducts) + { + BigInteger[] bpp = new BigInteger[primeProducts.Length]; + for (int i = 0; i < bpp.Length; ++i) + { + bpp[i] = BigInteger.ValueOf(primeProducts[i]); + } + return bpp; + } + + /* + * Finds a pair of prime BigInteger's {p, q: p = 2q + 1} + * + * (see: Handbook of Applied Cryptography 4.86) + */ + internal static BigInteger[] GenerateSafePrimes(int size, int certainty, SecureRandom random) + { + BigInteger p, q; + int qLength = size - 1; + int minWeight = size >> 2; + + if (size <= 32) + { + for (;;) + { + q = new BigInteger(qLength, 2, random); + + p = q.ShiftLeft(1).Add(BigInteger.One); + + if (!p.IsProbablePrime(certainty, true)) + continue; + + if (certainty > 2 && !q.IsProbablePrime(certainty, true)) + continue; + + break; + } + } + else + { + // Note: Modified from Java version for speed + for (;;) + { + q = new BigInteger(qLength, 0, random); + + retry: + for (int i = 0; i < primeLists.Length; ++i) + { + int test = q.Remainder(BigPrimeProducts[i]).IntValue; + + if (i == 0) + { + int rem3 = test % 3; + if (rem3 != 2) + { + int diff = 2 * rem3 + 2; + q = q.Add(BigInteger.ValueOf(diff)); + test = (test + diff) % primeProducts[i]; + } + } + + int[] primeList = primeLists[i]; + for (int j = 0; j < primeList.Length; ++j) + { + int prime = primeList[j]; + int qRem = test % prime; + if (qRem == 0 || qRem == (prime >> 1)) + { + q = q.Add(Six); + goto retry; + } + } + } + + if (q.BitLength != qLength) + continue; + + if (!q.RabinMillerTest(2, random, true)) + continue; + + p = q.ShiftLeft(1).Add(BigInteger.One); + + if (!p.RabinMillerTest(certainty, random, true)) + continue; + + if (certainty > 2 && !q.RabinMillerTest(certainty - 2, random, true)) + continue; + + /* + * Require a minimum weight of the NAF representation, since low-weight primes may be + * weak against a version of the number-field-sieve for the discrete-logarithm-problem. + * + * See "The number field sieve for integers of low weight", Oliver Schirokauer. + */ + if (WNafUtilities.GetNafWeight(p) < minWeight) + continue; + + break; + } + } + + return new BigInteger[] { p, q }; + } + + /* + * Select a high order element of the multiplicative group Zp* + * + * p and q must be s.t. p = 2*q + 1, where p and q are prime (see generateSafePrimes) + */ + internal static BigInteger SelectGenerator(BigInteger p, BigInteger q, SecureRandom random) + { + BigInteger pMinusTwo = p.Subtract(BigInteger.Two); + BigInteger g; + + /* + * (see: Handbook of Applied Cryptography 4.80) + */ +// do +// { +// g = BigIntegers.CreateRandomInRange(BigInteger.Two, pMinusTwo, random); +// } +// while (g.ModPow(BigInteger.Two, p).Equals(BigInteger.One) +// || g.ModPow(q, p).Equals(BigInteger.One)); + + /* + * RFC 2631 2.2.1.2 (and see: Handbook of Applied Cryptography 4.81) + */ + do + { + BigInteger h = BigIntegers.CreateRandomInRange(BigInteger.Two, pMinusTwo, random); + + g = h.ModPow(BigInteger.Two, p); + } + while (g.Equals(BigInteger.One)); + + return g; + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/generators/DesEdeKeyGenerator.cs b/BouncyCastle/crypto/src/crypto/generators/DesEdeKeyGenerator.cs new file mode 100644 index 0000000..904cc71 --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/generators/DesEdeKeyGenerator.cs @@ -0,0 +1,67 @@ +using System; + +using Org.BouncyCastle.Crypto.Parameters; + +namespace Org.BouncyCastle.Crypto.Generators +{ + public class DesEdeKeyGenerator + : DesKeyGenerator + { + public DesEdeKeyGenerator() + { + } + + internal DesEdeKeyGenerator( + int defaultStrength) + : base(defaultStrength) + { + } + + /** + * initialise the key generator - if strength is set to zero + * the key Generated will be 192 bits in size, otherwise + * strength can be 128 or 192 (or 112 or 168 if you don't count + * parity bits), depending on whether you wish to do 2-key or 3-key + * triple DES. + * + * @param param the parameters to be used for key generation + */ + protected override void engineInit( + KeyGenerationParameters parameters) + { + this.random = parameters.Random; + this.strength = (parameters.Strength + 7) / 8; + + if (strength == 0 || strength == (168 / 8)) + { + strength = DesEdeParameters.DesEdeKeyLength; + } + else if (strength == (112 / 8)) + { + strength = 2 * DesEdeParameters.DesKeyLength; + } + else if (strength != DesEdeParameters.DesEdeKeyLength + && strength != (2 * DesEdeParameters.DesKeyLength)) + { + throw new ArgumentException("DESede key must be " + + (DesEdeParameters.DesEdeKeyLength * 8) + " or " + + (2 * 8 * DesEdeParameters.DesKeyLength) + + " bits long."); + } + } + + protected override byte[] engineGenerateKey() + { + byte[] newKey = new byte[strength]; + + do + { + random.NextBytes(newKey); + DesEdeParameters.SetOddParity(newKey); + } + while (DesEdeParameters.IsWeakKey(newKey, 0, newKey.Length) || !DesEdeParameters.IsRealEdeKey(newKey, 0)); + + return newKey; + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/generators/DesKeyGenerator.cs b/BouncyCastle/crypto/src/crypto/generators/DesKeyGenerator.cs new file mode 100644 index 0000000..4c2051d --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/generators/DesKeyGenerator.cs @@ -0,0 +1,57 @@ +using System; + +using Org.BouncyCastle.Crypto.Parameters; + +namespace Org.BouncyCastle.Crypto.Generators +{ + public class DesKeyGenerator + : CipherKeyGenerator + { + public DesKeyGenerator() + { + } + + internal DesKeyGenerator( + int defaultStrength) + : base(defaultStrength) + { + } + + /** + * initialise the key generator - if strength is set to zero + * the key generated will be 64 bits in size, otherwise + * strength can be 64 or 56 bits (if you don't count the parity bits). + * + * @param param the parameters to be used for key generation + */ + protected override void engineInit( + KeyGenerationParameters parameters) + { + base.engineInit(parameters); + + if (strength == 0 || strength == (56 / 8)) + { + strength = DesParameters.DesKeyLength; + } + else if (strength != DesParameters.DesKeyLength) + { + throw new ArgumentException( + "DES key must be " + (DesParameters.DesKeyLength * 8) + " bits long."); + } + } + + protected override byte[] engineGenerateKey() + { + byte[] newKey = new byte[DesParameters.DesKeyLength]; + + do + { + random.NextBytes(newKey); + DesParameters.SetOddParity(newKey); + } + while (DesParameters.IsWeakKey(newKey, 0)); + + return newKey; + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/generators/DsaKeyPairGenerator.cs b/BouncyCastle/crypto/src/crypto/generators/DsaKeyPairGenerator.cs new file mode 100644 index 0000000..1c9ce5a --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/generators/DsaKeyPairGenerator.cs @@ -0,0 +1,72 @@ +using System; + +using Org.BouncyCastle.Crypto; +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Math; +using Org.BouncyCastle.Math.EC.Multiplier; +using Org.BouncyCastle.Security; +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Crypto.Generators +{ + /** + * a DSA key pair generator. + * + * This Generates DSA keys in line with the method described + * in FIPS 186-3 B.1 FFC Key Pair Generation. + */ + public class DsaKeyPairGenerator + : IAsymmetricCipherKeyPairGenerator + { + private static readonly BigInteger One = BigInteger.One; + + private DsaKeyGenerationParameters param; + + public void Init( + KeyGenerationParameters parameters) + { + if (parameters == null) + throw new ArgumentNullException("parameters"); + + // Note: If we start accepting instances of KeyGenerationParameters, + // must apply constraint checking on strength (see DsaParametersGenerator.Init) + + this.param = (DsaKeyGenerationParameters) parameters; + } + + public AsymmetricCipherKeyPair GenerateKeyPair() + { + DsaParameters dsaParams = param.Parameters; + + BigInteger x = GeneratePrivateKey(dsaParams.Q, param.Random); + BigInteger y = CalculatePublicKey(dsaParams.P, dsaParams.G, x); + + return new AsymmetricCipherKeyPair( + new DsaPublicKeyParameters(y, dsaParams), + new DsaPrivateKeyParameters(x, dsaParams)); + } + + private static BigInteger GeneratePrivateKey(BigInteger q, SecureRandom random) + { + // B.1.2 Key Pair Generation by Testing Candidates + int minWeight = q.BitLength >> 2; + for (;;) + { + // TODO Prefer this method? (change test cases that used fixed random) + // B.1.1 Key Pair Generation Using Extra Random Bits + //BigInteger x = new BigInteger(q.BitLength + 64, random).Mod(q.Subtract(One)).Add(One); + + BigInteger x = BigIntegers.CreateRandomInRange(One, q.Subtract(One), random); + if (WNafUtilities.GetNafWeight(x) >= minWeight) + { + return x; + } + } + } + + private static BigInteger CalculatePublicKey(BigInteger p, BigInteger g, BigInteger x) + { + return g.ModPow(x, p); + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/generators/DsaParametersGenerator.cs b/BouncyCastle/crypto/src/crypto/generators/DsaParametersGenerator.cs new file mode 100644 index 0000000..97c20d1 --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/generators/DsaParametersGenerator.cs @@ -0,0 +1,355 @@ +using System; + +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Crypto.Digests; +using Org.BouncyCastle.Math; +using Org.BouncyCastle.Security; +using Org.BouncyCastle.Utilities; +using Org.BouncyCastle.Utilities.Encoders; + +namespace Org.BouncyCastle.Crypto.Generators +{ + /** + * Generate suitable parameters for DSA, in line with FIPS 186-2, or FIPS 186-3. + */ + public class DsaParametersGenerator + { + private IDigest digest; + private int L, N; + private int certainty; + private SecureRandom random; + private bool use186_3; + private int usageIndex; + + public DsaParametersGenerator() + : this(new Sha1Digest()) + { + } + + public DsaParametersGenerator(IDigest digest) + { + this.digest = digest; + } + + /// Initialise the generator + /// This form can only be used for older DSA (pre-DSA2) parameters + /// the size of keys in bits (from 512 up to 1024, and a multiple of 64) + /// measure of robustness of primes (at least 80 for FIPS 186-2 compliance) + /// the source of randomness to use + public virtual void Init( + int size, + int certainty, + SecureRandom random) + { + if (!IsValidDsaStrength(size)) + throw new ArgumentException("size must be from 512 - 1024 and a multiple of 64", "size"); + + this.use186_3 = false; + this.L = size; + this.N = GetDefaultN(size); + this.certainty = certainty; + this.random = random; + } + + /// Initialise the generator for DSA 2 + /// You must use this Init method if you need to generate parameters for DSA 2 keys + /// An instance of DsaParameterGenerationParameters used to configure this generator + public virtual void Init(DsaParameterGenerationParameters parameters) + { + // TODO Should we enforce the minimum 'certainty' values as per C.3 Table C.1? + this.use186_3 = true; + this.L = parameters.L; + this.N = parameters.N; + this.certainty = parameters.Certainty; + this.random = parameters.Random; + this.usageIndex = parameters.UsageIndex; + + if ((L < 1024 || L > 3072) || L % 1024 != 0) + throw new ArgumentException("Values must be between 1024 and 3072 and a multiple of 1024", "L"); + if (L == 1024 && N != 160) + throw new ArgumentException("N must be 160 for L = 1024"); + if (L == 2048 && (N != 224 && N != 256)) + throw new ArgumentException("N must be 224 or 256 for L = 2048"); + if (L == 3072 && N != 256) + throw new ArgumentException("N must be 256 for L = 3072"); + + if (digest.GetDigestSize() * 8 < N) + throw new InvalidOperationException("Digest output size too small for value of N"); + } + + /// Generates a set of DsaParameters + /// Can take a while... + public virtual DsaParameters GenerateParameters() + { + return use186_3 + ? GenerateParameters_FIPS186_3() + : GenerateParameters_FIPS186_2(); + } + + protected virtual DsaParameters GenerateParameters_FIPS186_2() + { + byte[] seed = new byte[20]; + byte[] part1 = new byte[20]; + byte[] part2 = new byte[20]; + byte[] u = new byte[20]; + int n = (L - 1) / 160; + byte[] w = new byte[L / 8]; + + if (!(digest is Sha1Digest)) + throw new InvalidOperationException("can only use SHA-1 for generating FIPS 186-2 parameters"); + + for (;;) + { + random.NextBytes(seed); + + Hash(digest, seed, part1); + Array.Copy(seed, 0, part2, 0, seed.Length); + Inc(part2); + Hash(digest, part2, part2); + + for (int i = 0; i != u.Length; i++) + { + u[i] = (byte)(part1[i] ^ part2[i]); + } + + u[0] |= (byte)0x80; + u[19] |= (byte)0x01; + + BigInteger q = new BigInteger(1, u); + + if (!q.IsProbablePrime(certainty)) + continue; + + byte[] offset = Arrays.Clone(seed); + Inc(offset); + + for (int counter = 0; counter < 4096; ++counter) + { + for (int k = 0; k < n; k++) + { + Inc(offset); + Hash(digest, offset, part1); + Array.Copy(part1, 0, w, w.Length - (k + 1) * part1.Length, part1.Length); + } + + Inc(offset); + Hash(digest, offset, part1); + Array.Copy(part1, part1.Length - ((w.Length - (n) * part1.Length)), w, 0, w.Length - n * part1.Length); + + w[0] |= (byte)0x80; + + BigInteger x = new BigInteger(1, w); + + BigInteger c = x.Mod(q.ShiftLeft(1)); + + BigInteger p = x.Subtract(c.Subtract(BigInteger.One)); + + if (p.BitLength != L) + continue; + + if (p.IsProbablePrime(certainty)) + { + BigInteger g = CalculateGenerator_FIPS186_2(p, q, random); + + return new DsaParameters(p, q, g, new DsaValidationParameters(seed, counter)); + } + } + } + } + + protected virtual BigInteger CalculateGenerator_FIPS186_2(BigInteger p, BigInteger q, SecureRandom r) + { + BigInteger e = p.Subtract(BigInteger.One).Divide(q); + BigInteger pSub2 = p.Subtract(BigInteger.Two); + + for (;;) + { + BigInteger h = BigIntegers.CreateRandomInRange(BigInteger.Two, pSub2, r); + BigInteger g = h.ModPow(e, p); + + if (g.BitLength > 1) + return g; + } + } + + /** + * generate suitable parameters for DSA, in line with + * FIPS 186-3 A.1 Generation of the FFC Primes p and q. + */ + protected virtual DsaParameters GenerateParameters_FIPS186_3() + { +// A.1.1.2 Generation of the Probable Primes p and q Using an Approved Hash Function + IDigest d = digest; + int outlen = d.GetDigestSize() * 8; + +// 1. Check that the (L, N) pair is in the list of acceptable (L, N pairs) (see Section 4.2). If +// the pair is not in the list, then return INVALID. + // Note: checked at initialisation + +// 2. If (seedlen < N), then return INVALID. + // FIXME This should be configurable (must be >= N) + int seedlen = N; + byte[] seed = new byte[seedlen / 8]; + +// 3. n = ceiling(L ⁄ outlen) – 1. + int n = (L - 1) / outlen; + +// 4. b = L – 1 – (n ∗ outlen). + int b = (L - 1) % outlen; + + byte[] output = new byte[d.GetDigestSize()]; + for (;;) + { +// 5. Get an arbitrary sequence of seedlen bits as the domain_parameter_seed. + random.NextBytes(seed); + +// 6. U = Hash (domain_parameter_seed) mod 2^(N–1). + Hash(d, seed, output); + BigInteger U = new BigInteger(1, output).Mod(BigInteger.One.ShiftLeft(N - 1)); + +// 7. q = 2^(N–1) + U + 1 – ( U mod 2). + BigInteger q = U.SetBit(0).SetBit(N - 1); + +// 8. Test whether or not q is prime as specified in Appendix C.3. + // TODO Review C.3 for primality checking + if (!q.IsProbablePrime(certainty)) + { +// 9. If q is not a prime, then go to step 5. + continue; + } + +// 10. offset = 1. + // Note: 'offset' value managed incrementally + byte[] offset = Arrays.Clone(seed); + +// 11. For counter = 0 to (4L – 1) do + int counterLimit = 4 * L; + for (int counter = 0; counter < counterLimit; ++counter) + { +// 11.1 For j = 0 to n do +// Vj = Hash ((domain_parameter_seed + offset + j) mod 2^seedlen). +// 11.2 W = V0 + (V1 ∗ 2^outlen) + ... + (V^(n–1) ∗ 2^((n–1) ∗ outlen)) + ((Vn mod 2^b) ∗ 2^(n ∗ outlen)). + // TODO Assemble w as a byte array + BigInteger W = BigInteger.Zero; + for (int j = 0, exp = 0; j <= n; ++j, exp += outlen) + { + Inc(offset); + Hash(d, offset, output); + + BigInteger Vj = new BigInteger(1, output); + if (j == n) + { + Vj = Vj.Mod(BigInteger.One.ShiftLeft(b)); + } + + W = W.Add(Vj.ShiftLeft(exp)); + } + +// 11.3 X = W + 2^(L–1). Comment: 0 ≤ W < 2L–1; hence, 2L–1 ≤ X < 2L. + BigInteger X = W.Add(BigInteger.One.ShiftLeft(L - 1)); + +// 11.4 c = X mod 2q. + BigInteger c = X.Mod(q.ShiftLeft(1)); + +// 11.5 p = X - (c - 1). Comment: p ≡ 1 (mod 2q). + BigInteger p = X.Subtract(c.Subtract(BigInteger.One)); + + // 11.6 If (p < 2^(L - 1)), then go to step 11.9 + if (p.BitLength != L) + continue; + +// 11.7 Test whether or not p is prime as specified in Appendix C.3. + // TODO Review C.3 for primality checking + if (p.IsProbablePrime(certainty)) + { +// 11.8 If p is determined to be prime, then return VALID and the values of p, q and +// (optionally) the values of domain_parameter_seed and counter. + // TODO Make configurable (8-bit unsigned)? + + if (usageIndex >= 0) + { + BigInteger g = CalculateGenerator_FIPS186_3_Verifiable(d, p, q, seed, usageIndex); + if (g != null) + return new DsaParameters(p, q, g, new DsaValidationParameters(seed, counter, usageIndex)); + } + + { + BigInteger g = CalculateGenerator_FIPS186_3_Unverifiable(p, q, random); + + return new DsaParameters(p, q, g, new DsaValidationParameters(seed, counter)); + } + } + +// 11.9 offset = offset + n + 1. Comment: Increment offset; then, as part of +// the loop in step 11, increment counter; if +// counter < 4L, repeat steps 11.1 through 11.8. + // Note: 'offset' value already incremented in inner loop + } +// 12. Go to step 5. + } + } + + protected virtual BigInteger CalculateGenerator_FIPS186_3_Unverifiable(BigInteger p, BigInteger q, + SecureRandom r) + { + return CalculateGenerator_FIPS186_2(p, q, r); + } + + protected virtual BigInteger CalculateGenerator_FIPS186_3_Verifiable(IDigest d, BigInteger p, BigInteger q, + byte[] seed, int index) + { + // A.2.3 Verifiable Canonical Generation of the Generator g + BigInteger e = p.Subtract(BigInteger.One).Divide(q); + byte[] ggen = Hex.DecodeStrict("6767656E"); + + // 7. U = domain_parameter_seed || "ggen" || index || count. + byte[] U = new byte[seed.Length + ggen.Length + 1 + 2]; + Array.Copy(seed, 0, U, 0, seed.Length); + Array.Copy(ggen, 0, U, seed.Length, ggen.Length); + U[U.Length - 3] = (byte)index; + + byte[] w = new byte[d.GetDigestSize()]; + for (int count = 1; count < (1 << 16); ++count) + { + Inc(U); + Hash(d, U, w); + BigInteger W = new BigInteger(1, w); + BigInteger g = W.ModPow(e, p); + + if (g.CompareTo(BigInteger.Two) >= 0) + return g; + } + + return null; + } + + private static bool IsValidDsaStrength( + int strength) + { + return strength >= 512 && strength <= 1024 && strength % 64 == 0; + } + + protected static void Hash(IDigest d, byte[] input, byte[] output) + { + d.BlockUpdate(input, 0, input.Length); + d.DoFinal(output, 0); + } + + private static int GetDefaultN(int L) + { + return L > 1024 ? 256 : 160; + } + + protected static void Inc(byte[] buf) + { + for (int i = buf.Length - 1; i >= 0; --i) + { + byte b = (byte)(buf[i] + 1); + buf[i] = b; + + if (b != 0) + break; + } + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/generators/ECKeyPairGenerator.cs b/BouncyCastle/crypto/src/crypto/generators/ECKeyPairGenerator.cs new file mode 100644 index 0000000..7b6ee16 --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/generators/ECKeyPairGenerator.cs @@ -0,0 +1,186 @@ +using System; + +using Org.BouncyCastle.Asn1; +using Org.BouncyCastle.Asn1.Sec; +using Org.BouncyCastle.Asn1.X9; +using Org.BouncyCastle.Crypto.EC; +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Math; +using Org.BouncyCastle.Math.EC; +using Org.BouncyCastle.Math.EC.Multiplier; +using Org.BouncyCastle.Security; + +namespace Org.BouncyCastle.Crypto.Generators +{ + public class ECKeyPairGenerator + : IAsymmetricCipherKeyPairGenerator + { + private readonly string algorithm; + + private ECDomainParameters parameters; + private DerObjectIdentifier publicKeyParamSet; + private SecureRandom random; + + public ECKeyPairGenerator() + : this("EC") + { + } + + public ECKeyPairGenerator( + string algorithm) + { + if (algorithm == null) + throw new ArgumentNullException("algorithm"); + + this.algorithm = ECKeyParameters.VerifyAlgorithmName(algorithm); + } + + public void Init( + KeyGenerationParameters parameters) + { + if (parameters is ECKeyGenerationParameters) + { + ECKeyGenerationParameters ecP = (ECKeyGenerationParameters) parameters; + + this.publicKeyParamSet = ecP.PublicKeyParamSet; + this.parameters = ecP.DomainParameters; + } + else + { + DerObjectIdentifier oid; + switch (parameters.Strength) + { + case 192: + oid = X9ObjectIdentifiers.Prime192v1; + break; + case 224: + oid = SecObjectIdentifiers.SecP224r1; + break; + case 239: + oid = X9ObjectIdentifiers.Prime239v1; + break; + case 256: + oid = X9ObjectIdentifiers.Prime256v1; + break; + case 384: + oid = SecObjectIdentifiers.SecP384r1; + break; + case 521: + oid = SecObjectIdentifiers.SecP521r1; + break; + default: + throw new InvalidParameterException("unknown key size."); + } + + X9ECParameters ecps = FindECCurveByOid(oid); + + this.publicKeyParamSet = oid; + this.parameters = new ECDomainParameters( + ecps.Curve, ecps.G, ecps.N, ecps.H, ecps.GetSeed()); + } + + this.random = parameters.Random; + + if (this.random == null) + { + this.random = new SecureRandom(); + } + } + + /** + * Given the domain parameters this routine generates an EC key + * pair in accordance with X9.62 section 5.2.1 pages 26, 27. + */ + public AsymmetricCipherKeyPair GenerateKeyPair() + { + BigInteger n = parameters.N; + BigInteger d; + int minWeight = n.BitLength >> 2; + + for (;;) + { + d = new BigInteger(n.BitLength, random); + + if (d.CompareTo(BigInteger.One) < 0 || d.CompareTo(n) >= 0) + continue; + + if (WNafUtilities.GetNafWeight(d) < minWeight) + continue; + + break; + } + + ECPoint q = CreateBasePointMultiplier().Multiply(parameters.G, d); + + if (publicKeyParamSet != null) + { + return new AsymmetricCipherKeyPair( + new ECPublicKeyParameters(algorithm, q, publicKeyParamSet), + new ECPrivateKeyParameters(algorithm, d, publicKeyParamSet)); + } + + return new AsymmetricCipherKeyPair( + new ECPublicKeyParameters(algorithm, q, parameters), + new ECPrivateKeyParameters(algorithm, d, parameters)); + } + + protected virtual ECMultiplier CreateBasePointMultiplier() + { + return new FixedPointCombMultiplier(); + } + + internal static X9ECParameters FindECCurveByName(string name) + { + X9ECParameters ecP = CustomNamedCurves.GetByName(name); + if (ecP == null) + { + ecP = ECNamedCurveTable.GetByName(name); + } + return ecP; + } + + internal static X9ECParametersHolder FindECCurveByNameLazy(string name) + { + X9ECParametersHolder holder = CustomNamedCurves.GetByNameLazy(name); + if (holder == null) + { + holder = ECNamedCurveTable.GetByNameLazy(name); + } + return holder; + } + + internal static X9ECParameters FindECCurveByOid(DerObjectIdentifier oid) + { + X9ECParameters ecP = CustomNamedCurves.GetByOid(oid); + if (ecP == null) + { + ecP = ECNamedCurveTable.GetByOid(oid); + } + return ecP; + } + + internal static X9ECParametersHolder FindECCurveByOidLazy(DerObjectIdentifier oid) + { + X9ECParametersHolder holder = CustomNamedCurves.GetByOidLazy(oid); + if (holder == null) + { + holder = ECNamedCurveTable.GetByOidLazy(oid); + } + return holder; + } + + internal static ECPublicKeyParameters GetCorrespondingPublicKey( + ECPrivateKeyParameters privKey) + { + ECDomainParameters ec = privKey.Parameters; + ECPoint q = new FixedPointCombMultiplier().Multiply(ec.G, privKey.D); + + if (privKey.PublicKeyParamSet != null) + { + return new ECPublicKeyParameters(privKey.AlgorithmName, q, privKey.PublicKeyParamSet); + } + + return new ECPublicKeyParameters(privKey.AlgorithmName, q, ec); + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/generators/Ed25519KeyPairGenerator.cs b/BouncyCastle/crypto/src/crypto/generators/Ed25519KeyPairGenerator.cs new file mode 100644 index 0000000..266d111 --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/generators/Ed25519KeyPairGenerator.cs @@ -0,0 +1,25 @@ +using System; + +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Security; + +namespace Org.BouncyCastle.Crypto.Generators +{ + public class Ed25519KeyPairGenerator + : IAsymmetricCipherKeyPairGenerator + { + private SecureRandom random; + + public virtual void Init(KeyGenerationParameters parameters) + { + this.random = parameters.Random; + } + + public virtual AsymmetricCipherKeyPair GenerateKeyPair() + { + Ed25519PrivateKeyParameters privateKey = new Ed25519PrivateKeyParameters(random); + Ed25519PublicKeyParameters publicKey = privateKey.GeneratePublicKey(); + return new AsymmetricCipherKeyPair(publicKey, privateKey); + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/generators/Ed448KeyPairGenerator.cs b/BouncyCastle/crypto/src/crypto/generators/Ed448KeyPairGenerator.cs new file mode 100644 index 0000000..50aee63 --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/generators/Ed448KeyPairGenerator.cs @@ -0,0 +1,25 @@ +using System; + +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Security; + +namespace Org.BouncyCastle.Crypto.Generators +{ + public class Ed448KeyPairGenerator + : IAsymmetricCipherKeyPairGenerator + { + private SecureRandom random; + + public virtual void Init(KeyGenerationParameters parameters) + { + this.random = parameters.Random; + } + + public virtual AsymmetricCipherKeyPair GenerateKeyPair() + { + Ed448PrivateKeyParameters privateKey = new Ed448PrivateKeyParameters(random); + Ed448PublicKeyParameters publicKey = privateKey.GeneratePublicKey(); + return new AsymmetricCipherKeyPair(publicKey, privateKey); + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/generators/ElGamalKeyPairGenerator.cs b/BouncyCastle/crypto/src/crypto/generators/ElGamalKeyPairGenerator.cs new file mode 100644 index 0000000..227e7fe --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/generators/ElGamalKeyPairGenerator.cs @@ -0,0 +1,40 @@ +using System; + +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Math; + +namespace Org.BouncyCastle.Crypto.Generators +{ + /** + * a ElGamal key pair generator. + *

+ * This Generates keys consistent for use with ElGamal as described in + * page 164 of "Handbook of Applied Cryptography".

+ */ + public class ElGamalKeyPairGenerator + : IAsymmetricCipherKeyPairGenerator + { + private ElGamalKeyGenerationParameters param; + + public void Init( + KeyGenerationParameters parameters) + { + this.param = (ElGamalKeyGenerationParameters) parameters; + } + + public AsymmetricCipherKeyPair GenerateKeyPair() + { + DHKeyGeneratorHelper helper = DHKeyGeneratorHelper.Instance; + ElGamalParameters egp = param.Parameters; + DHParameters dhp = new DHParameters(egp.P, egp.G, null, 0, egp.L); + + BigInteger x = helper.CalculatePrivate(dhp, param.Random); + BigInteger y = helper.CalculatePublic(dhp, x); + + return new AsymmetricCipherKeyPair( + new ElGamalPublicKeyParameters(y, egp), + new ElGamalPrivateKeyParameters(x, egp)); + } + } + +} diff --git a/BouncyCastle/crypto/src/crypto/generators/ElGamalParametersGenerator.cs b/BouncyCastle/crypto/src/crypto/generators/ElGamalParametersGenerator.cs new file mode 100644 index 0000000..8443bb0 --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/generators/ElGamalParametersGenerator.cs @@ -0,0 +1,46 @@ +using System; + +using Org.BouncyCastle.Math; +using Org.BouncyCastle.Security; +using Org.BouncyCastle.Crypto.Parameters; + +namespace Org.BouncyCastle.Crypto.Generators +{ + public class ElGamalParametersGenerator + { + private int size; + private int certainty; + private SecureRandom random; + + public void Init( + int size, + int certainty, + SecureRandom random) + { + this.size = size; + this.certainty = certainty; + this.random = random; + } + + /** + * which Generates the p and g values from the given parameters, + * returning the ElGamalParameters object. + *

+ * Note: can take a while... + *

+ */ + public ElGamalParameters GenerateParameters() + { + // + // find a safe prime p where p = 2*q + 1, where p and q are prime. + // + BigInteger[] safePrimes = DHParametersHelper.GenerateSafePrimes(size, certainty, random); + + BigInteger p = safePrimes[0]; + BigInteger q = safePrimes[1]; + BigInteger g = DHParametersHelper.SelectGenerator(p, q, random); + + return new ElGamalParameters(p, g); + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/generators/GOST3410KeyPairGenerator.cs b/BouncyCastle/crypto/src/crypto/generators/GOST3410KeyPairGenerator.cs new file mode 100644 index 0000000..520820b --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/generators/GOST3410KeyPairGenerator.cs @@ -0,0 +1,82 @@ +using System; + +using Org.BouncyCastle.Asn1.CryptoPro; +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Math; +using Org.BouncyCastle.Math.EC.Multiplier; +using Org.BouncyCastle.Security; + +namespace Org.BouncyCastle.Crypto.Generators +{ + /** + * a GOST3410 key pair generator. + * This generates GOST3410 keys in line with the method described + * in GOST R 34.10-94. + */ + public class Gost3410KeyPairGenerator + : IAsymmetricCipherKeyPairGenerator + { + private Gost3410KeyGenerationParameters param; + + public void Init( + KeyGenerationParameters parameters) + { + if (parameters is Gost3410KeyGenerationParameters) + { + this.param = (Gost3410KeyGenerationParameters) parameters; + } + else + { + Gost3410KeyGenerationParameters kgp = new Gost3410KeyGenerationParameters( + parameters.Random, + CryptoProObjectIdentifiers.GostR3410x94CryptoProA); + + if (parameters.Strength != kgp.Parameters.P.BitLength - 1) + { + // TODO Should we complain? + } + + this.param = kgp; + } + } + + public AsymmetricCipherKeyPair GenerateKeyPair() + { + SecureRandom random = param.Random; + Gost3410Parameters gost3410Params = param.Parameters; + + BigInteger q = gost3410Params.Q, x; + + int minWeight = 64; + for (;;) + { + x = new BigInteger(256, random); + + if (x.SignValue < 1 || x.CompareTo(q) >= 0) + continue; + + if (WNafUtilities.GetNafWeight(x) < minWeight) + continue; + + break; + } + + BigInteger p = gost3410Params.P; + BigInteger a = gost3410Params.A; + + // calculate the public key. + BigInteger y = a.ModPow(x, p); + + if (param.PublicKeyParamSet != null) + { + return new AsymmetricCipherKeyPair( + new Gost3410PublicKeyParameters(y, param.PublicKeyParamSet), + new Gost3410PrivateKeyParameters(x, param.PublicKeyParamSet)); + } + + return new AsymmetricCipherKeyPair( + new Gost3410PublicKeyParameters(y, gost3410Params), + new Gost3410PrivateKeyParameters(x, gost3410Params)); + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/generators/GOST3410ParametersGenerator.cs b/BouncyCastle/crypto/src/crypto/generators/GOST3410ParametersGenerator.cs new file mode 100644 index 0000000..52a9f5a --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/generators/GOST3410ParametersGenerator.cs @@ -0,0 +1,530 @@ +using System; + +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Math; +using Org.BouncyCastle.Security; + +namespace Org.BouncyCastle.Crypto.Generators +{ + /** + * generate suitable parameters for GOST3410. + */ + public class Gost3410ParametersGenerator + { + private int size; + private int typeproc; + private SecureRandom init_random; + + /** + * initialise the key generator. + * + * @param size size of the key + * @param typeProcedure type procedure A,B = 1; A',B' - else + * @param random random byte source. + */ + public void Init( + int size, + int typeProcedure, + SecureRandom random) + { + this.size = size; + this.typeproc = typeProcedure; + this.init_random = random; + } + + //Procedure A + private int procedure_A(int x0, int c, BigInteger[] pq, int size) + { + //Verify and perform condition: 065536) + { + x0 = init_random.NextInt()/32768; + } + + while((c<0 || c>65536) || (c/2==0)) + { + c = init_random.NextInt()/32768 + 1; + } + + BigInteger C = BigInteger.ValueOf(c); + BigInteger constA16 = BigInteger.ValueOf(19381); + + //step1 + BigInteger[] y = new BigInteger[1]; // begin length = 1 + y[0] = BigInteger.ValueOf(x0); + + //step 2 + int[] t = new int[1]; // t - orders; begin length = 1 + t[0] = size; + int s = 0; + for (int i=0; t[i]>=17; i++) + { + // extension array t + int[] tmp_t = new int[t.Length + 1]; /////////////// + Array.Copy(t,0,tmp_t,0,t.Length); // extension + t = new int[tmp_t.Length]; // array t + Array.Copy(tmp_t, 0, t, 0, tmp_t.Length); /////////////// + + t[i+1] = t[i]/2; + s = i+1; + } + + //step3 + BigInteger[] p = new BigInteger[s+1]; + p[s] = new BigInteger("8003",16); //set min prime number length 16 bit + + int m = s-1; //step4 + + for (int i=0; i t[m]) + { + goto step6; //step 12 + } + + p[m] = NByLastP.Add(BigInteger.One); + + //step13 + if (BigInteger.Two.ModPow(NByLastP, p[m]).CompareTo(BigInteger.One) == 0 + && BigInteger.Two.ModPow(N, p[m]).CompareTo(BigInteger.One) != 0) + { + break; + } + + N = N.Add(BigInteger.Two); + } + + if (--m < 0) + { + pq[0] = p[0]; + pq[1] = p[1]; + return y[0].IntValue; //return for procedure B step 2 + } + + break; //step 14 + } + } + return y[0].IntValue; + } + + //Procedure A' + private long procedure_Aa(long x0, long c, BigInteger[] pq, int size) + { + //Verify and perform condition: 04294967296L) + { + x0 = init_random.NextInt()*2; + } + + while((c<0 || c>4294967296L) || (c/2==0)) + { + c = init_random.NextInt()*2+1; + } + + BigInteger C = BigInteger.ValueOf(c); + BigInteger constA32 = BigInteger.ValueOf(97781173); + + //step1 + BigInteger[] y = new BigInteger[1]; // begin length = 1 + y[0] = BigInteger.ValueOf(x0); + + //step 2 + int[] t = new int[1]; // t - orders; begin length = 1 + t[0] = size; + int s = 0; + for (int i=0; t[i]>=33; i++) + { + // extension array t + int[] tmp_t = new int[t.Length + 1]; /////////////// + Array.Copy(t,0,tmp_t,0,t.Length); // extension + t = new int[tmp_t.Length]; // array t + Array.Copy(tmp_t, 0, t, 0, tmp_t.Length); /////////////// + + t[i+1] = t[i]/2; + s = i+1; + } + + //step3 + BigInteger[] p = new BigInteger[s+1]; + p[s] = new BigInteger("8000000B",16); //set min prime number length 32 bit + + int m = s-1; //step4 + + for (int i=0; i t[m]) + { + goto step6; //step 12 + } + + p[m] = NByLastP.Add(BigInteger.One); + + //step13 + if (BigInteger.Two.ModPow(NByLastP, p[m]).CompareTo(BigInteger.One) == 0 + && BigInteger.Two.ModPow(N, p[m]).CompareTo(BigInteger.One) != 0) + { + break; + } + + N = N.Add(BigInteger.Two); + } + + if (--m < 0) + { + pq[0] = p[0]; + pq[1] = p[1]; + return y[0].LongValue; //return for procedure B' step 2 + } + + break; //step 14 + } + } + return y[0].LongValue; + } + + //Procedure B + private void procedure_B(int x0, int c, BigInteger[] pq) + { + //Verify and perform condition: 065536) + { + x0 = init_random.NextInt()/32768; + } + + while((c<0 || c>65536) || (c/2==0)) + { + c = init_random.NextInt()/32768 + 1; + } + + BigInteger [] qp = new BigInteger[2]; + BigInteger q = null, Q = null, p = null; + BigInteger C = BigInteger.ValueOf(c); + BigInteger constA16 = BigInteger.ValueOf(19381); + + //step1 + x0 = procedure_A(x0, c, qp, 256); + q = qp[0]; + + //step2 + x0 = procedure_A(x0, c, qp, 512); + Q = qp[0]; + + BigInteger[] y = new BigInteger[65]; + y[0] = BigInteger.ValueOf(x0); + + const int tp = 1024; + + BigInteger qQ = q.Multiply(Q); + +step3: + for(;;) + { + //step 3 + for (int j=0; j<64; j++) + { + y[j+1] = (y[j].Multiply(constA16).Add(C)).Mod(BigInteger.Two.Pow(16)); + } + + //step 4 + BigInteger Y = BigInteger.Zero; + + for (int j=0; j<64; j++) + { + Y = Y.Add(y[j].ShiftLeft(16*j)); + } + + y[0] = y[64]; //step 5 + + //step 6 + BigInteger N = BigInteger.One.ShiftLeft(tp-1).Divide(qQ).Add( + Y.ShiftLeft(tp-1).Divide(qQ.ShiftLeft(1024))); + + if (N.TestBit(0)) + { + N = N.Add(BigInteger.One); + } + + //step 7 + + for(;;) + { + //step 11 + BigInteger qQN = qQ.Multiply(N); + + if (qQN.BitLength > tp) + { + goto step3; //step 9 + } + + p = qQN.Add(BigInteger.One); + + //step10 + if (BigInteger.Two.ModPow(qQN, p).CompareTo(BigInteger.One) == 0 + && BigInteger.Two.ModPow(q.Multiply(N), p).CompareTo(BigInteger.One) != 0) + { + pq[0] = p; + pq[1] = q; + return; + } + + N = N.Add(BigInteger.Two); + } + } + } + + //Procedure B' + private void procedure_Bb(long x0, long c, BigInteger[] pq) + { + //Verify and perform condition: 04294967296L) + { + x0 = init_random.NextInt()*2; + } + + while((c<0 || c>4294967296L) || (c/2==0)) + { + c = init_random.NextInt()*2+1; + } + + BigInteger [] qp = new BigInteger[2]; + BigInteger q = null, Q = null, p = null; + BigInteger C = BigInteger.ValueOf(c); + BigInteger constA32 = BigInteger.ValueOf(97781173); + + //step1 + x0 = procedure_Aa(x0, c, qp, 256); + q = qp[0]; + + //step2 + x0 = procedure_Aa(x0, c, qp, 512); + Q = qp[0]; + + BigInteger[] y = new BigInteger[33]; + y[0] = BigInteger.ValueOf(x0); + + const int tp = 1024; + + BigInteger qQ = q.Multiply(Q); + +step3: + for(;;) + { + //step 3 + for (int j=0; j<32; j++) + { + y[j+1] = (y[j].Multiply(constA32).Add(C)).Mod(BigInteger.Two.Pow(32)); + } + + //step 4 + BigInteger Y = BigInteger.Zero; + for (int j=0; j<32; j++) + { + Y = Y.Add(y[j].ShiftLeft(32*j)); + } + + y[0] = y[32]; //step 5 + + //step 6 + BigInteger N = BigInteger.One.ShiftLeft(tp-1).Divide(qQ).Add( + Y.ShiftLeft(tp-1).Divide(qQ.ShiftLeft(1024))); + + if (N.TestBit(0)) + { + N = N.Add(BigInteger.One); + } + + //step 7 + + for(;;) + { + //step 11 + BigInteger qQN = qQ.Multiply(N); + + if (qQN.BitLength > tp) + { + goto step3; //step 9 + } + + p = qQN.Add(BigInteger.One); + + //step10 + if (BigInteger.Two.ModPow(qQN, p).CompareTo(BigInteger.One) == 0 + && BigInteger.Two.ModPow(q.Multiply(N), p).CompareTo(BigInteger.One) != 0) + { + pq[0] = p; + pq[1] = q; + return; + } + + N = N.Add(BigInteger.Two); + } + } + } + + + /** + * Procedure C + * procedure generates the a value from the given p,q, + * returning the a value. + */ + private BigInteger procedure_C(BigInteger p, BigInteger q) + { + BigInteger pSub1 = p.Subtract(BigInteger.One); + BigInteger pSub1Divq = pSub1.Divide(q); + + for(;;) + { + BigInteger d = new BigInteger(p.BitLength, init_random); + + // 1 < d < p-1 + if (d.CompareTo(BigInteger.One) > 0 && d.CompareTo(pSub1) < 0) + { + BigInteger a = d.ModPow(pSub1Divq, p); + + if (a.CompareTo(BigInteger.One) != 0) + { + return a; + } + } + } + } + + /** + * which generates the p , q and a values from the given parameters, + * returning the Gost3410Parameters object. + */ + public Gost3410Parameters GenerateParameters() + { + BigInteger [] pq = new BigInteger[2]; + BigInteger q = null, p = null, a = null; + + int x0, c; + long x0L, cL; + + if (typeproc==1) + { + x0 = init_random.NextInt(); + c = init_random.NextInt(); + + switch(size) + { + case 512: + procedure_A(x0, c, pq, 512); + break; + case 1024: + procedure_B(x0, c, pq); + break; + default: + throw new ArgumentException("Ooops! key size 512 or 1024 bit."); + } + p = pq[0]; q = pq[1]; + a = procedure_C(p, q); + //System.out.println("p:"+p.toString(16)+"\n"+"q:"+q.toString(16)+"\n"+"a:"+a.toString(16)); + //System.out.println("p:"+p+"\n"+"q:"+q+"\n"+"a:"+a); + return new Gost3410Parameters(p, q, a, new Gost3410ValidationParameters(x0, c)); + } + else + { + x0L = init_random.NextLong(); + cL = init_random.NextLong(); + + switch(size) + { + case 512: + procedure_Aa(x0L, cL, pq, 512); + break; + case 1024: + procedure_Bb(x0L, cL, pq); + break; + default: + throw new InvalidOperationException("Ooops! key size 512 or 1024 bit."); + } + p = pq[0]; q = pq[1]; + a = procedure_C(p, q); + //System.out.println("p:"+p.toString(16)+"\n"+"q:"+q.toString(16)+"\n"+"a:"+a.toString(16)); + //System.out.println("p:"+p+"\n"+"q:"+q+"\n"+"a:"+a); + return new Gost3410Parameters(p, q, a, new Gost3410ValidationParameters(x0L, cL)); + } + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/generators/HKdfBytesGenerator.cs b/BouncyCastle/crypto/src/crypto/generators/HKdfBytesGenerator.cs new file mode 100644 index 0000000..6f36a6f --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/generators/HKdfBytesGenerator.cs @@ -0,0 +1,152 @@ +using System; + +using Org.BouncyCastle.Crypto.Macs; +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Crypto.Generators +{ + /** + * HMAC-based Extract-and-Expand Key Derivation Function (HKDF) implemented + * according to IETF RFC 5869, May 2010 as specified by H. Krawczyk, IBM + * Research & P. Eronen, Nokia. It uses a HMac internally to compute de OKM + * (output keying material) and is likely to have better security properties + * than KDF's based on just a hash function. + */ + public class HkdfBytesGenerator + : IDerivationFunction + { + private HMac hMacHash; + private int hashLen; + + private byte[] info; + private byte[] currentT; + + private int generatedBytes; + + /** + * Creates a HKDFBytesGenerator based on the given hash function. + * + * @param hash the digest to be used as the source of generatedBytes bytes + */ + public HkdfBytesGenerator(IDigest hash) + { + this.hMacHash = new HMac(hash); + this.hashLen = hash.GetDigestSize(); + } + + public virtual void Init(IDerivationParameters parameters) + { + if (!(parameters is HkdfParameters)) + throw new ArgumentException("HKDF parameters required for HkdfBytesGenerator", "parameters"); + + HkdfParameters hkdfParameters = (HkdfParameters)parameters; + if (hkdfParameters.SkipExtract) + { + // use IKM directly as PRK + hMacHash.Init(new KeyParameter(hkdfParameters.GetIkm())); + } + else + { + hMacHash.Init(Extract(hkdfParameters.GetSalt(), hkdfParameters.GetIkm())); + } + + info = hkdfParameters.GetInfo(); + + generatedBytes = 0; + currentT = new byte[hashLen]; + } + + /** + * Performs the extract part of the key derivation function. + * + * @param salt the salt to use + * @param ikm the input keying material + * @return the PRK as KeyParameter + */ + private KeyParameter Extract(byte[] salt, byte[] ikm) + { + if (salt == null) + { + // TODO check if hashLen is indeed same as HMAC size + hMacHash.Init(new KeyParameter(new byte[hashLen])); + } + else + { + hMacHash.Init(new KeyParameter(salt)); + } + + hMacHash.BlockUpdate(ikm, 0, ikm.Length); + + byte[] prk = new byte[hashLen]; + hMacHash.DoFinal(prk, 0); + return new KeyParameter(prk); + } + + /** + * Performs the expand part of the key derivation function, using currentT + * as input and output buffer. + * + * @throws DataLengthException if the total number of bytes generated is larger than the one + * specified by RFC 5869 (255 * HashLen) + */ + private void ExpandNext() + { + int n = generatedBytes / hashLen + 1; + if (n >= 256) + { + throw new DataLengthException( + "HKDF cannot generate more than 255 blocks of HashLen size"); + } + // special case for T(0): T(0) is empty, so no update + if (generatedBytes != 0) + { + hMacHash.BlockUpdate(currentT, 0, hashLen); + } + hMacHash.BlockUpdate(info, 0, info.Length); + hMacHash.Update((byte)n); + hMacHash.DoFinal(currentT, 0); + } + + public virtual IDigest Digest + { + get { return hMacHash.GetUnderlyingDigest(); } + } + + public virtual int GenerateBytes(byte[] output, int outOff, int len) + { + if (generatedBytes + len > 255 * hashLen) + { + throw new DataLengthException( + "HKDF may only be used for 255 * HashLen bytes of output"); + } + + if (generatedBytes % hashLen == 0) + { + ExpandNext(); + } + + // copy what is left in the currentT (1..hash + int toGenerate = len; + int posInT = generatedBytes % hashLen; + int leftInT = hashLen - generatedBytes % hashLen; + int toCopy = System.Math.Min(leftInT, toGenerate); + Array.Copy(currentT, posInT, output, outOff, toCopy); + generatedBytes += toCopy; + toGenerate -= toCopy; + outOff += toCopy; + + while (toGenerate > 0) + { + ExpandNext(); + toCopy = System.Math.Min(hashLen, toGenerate); + Array.Copy(currentT, 0, output, outOff, toCopy); + generatedBytes += toCopy; + toGenerate -= toCopy; + outOff += toCopy; + } + + return len; + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/generators/KDFCounterBytesGenerator.cs b/BouncyCastle/crypto/src/crypto/generators/KDFCounterBytesGenerator.cs new file mode 100644 index 0000000..9c2b2fd --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/generators/KDFCounterBytesGenerator.cs @@ -0,0 +1,154 @@ +using System; + +using Org.BouncyCastle.Crypto.Macs; +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Math; +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Crypto.Generators +{ + public class KdfCounterBytesGenerator : IMacDerivationFunction + { + + private static readonly BigInteger IntegerMax = BigInteger.ValueOf(0x7fffffff); + private static readonly BigInteger Two = BigInteger.Two; + + + private readonly IMac prf; + private readonly int h; + + private byte[] fixedInputDataCtrPrefix; + private byte[] fixedInputData_afterCtr; + private int maxSizeExcl; + // ios is i defined as an octet string (the binary representation) + private byte[] ios; + + // operational + private int generatedBytes; + // k is used as buffer for all K(i) values + private byte[] k; + + public KdfCounterBytesGenerator(IMac prf) + { + this.prf = prf; + this.h = prf.GetMacSize(); + this.k = new byte[h]; + } + + public void Init(IDerivationParameters param) + { + KdfCounterParameters kdfParams = param as KdfCounterParameters; + if (kdfParams == null) + { + throw new ArgumentException("Wrong type of arguments given"); + } + + + + // --- init mac based PRF --- + + this.prf.Init(new KeyParameter(kdfParams.Ki)); + + // --- set arguments --- + + this.fixedInputDataCtrPrefix = kdfParams.FixedInputDataCounterPrefix; + this.fixedInputData_afterCtr = kdfParams.FixedInputDataCounterSuffix; + + int r = kdfParams.R; + this.ios = new byte[r / 8]; + + BigInteger maxSize = Two.Pow(r).Multiply(BigInteger.ValueOf(h)); + this.maxSizeExcl = maxSize.CompareTo(IntegerMax) == 1 ? + Int32.MaxValue : maxSize.IntValue; + + // --- set operational state --- + + generatedBytes = 0; + } + + + public IMac GetMac() + { + return prf; + } + + public IDigest Digest + { + get { return prf is HMac ? ((HMac)prf).GetUnderlyingDigest() : null; } + } + + public int GenerateBytes(byte[] output, int outOff, int length) + { + int generatedBytesAfter = generatedBytes + length; + if (generatedBytesAfter < 0 || generatedBytesAfter >= maxSizeExcl) + { + throw new DataLengthException( + "Current KDFCTR may only be used for " + maxSizeExcl + " bytes"); + } + + if (generatedBytes % h == 0) + { + generateNext(); + } + + // copy what is left in the currentT (1..hash + int toGenerate = length; + int posInK = generatedBytes % h; + int leftInK = h - generatedBytes % h; + int toCopy = System.Math.Min(leftInK, toGenerate); + Array.Copy(k, posInK, output, outOff, toCopy); + generatedBytes += toCopy; + toGenerate -= toCopy; + outOff += toCopy; + + while (toGenerate > 0) + { + generateNext(); + toCopy = System.Math.Min(h, toGenerate); + Array.Copy(k, 0, output, outOff, toCopy); + generatedBytes += toCopy; + toGenerate -= toCopy; + outOff += toCopy; + } + + return length; + + } + + private void generateNext() + { + + int i = generatedBytes / h + 1; + + // encode i into counter buffer + switch (ios.Length) + { + case 4: + ios[0] = (byte)(i >> 24); + goto case 3; + // fall through + case 3: + ios[ios.Length - 3] = (byte)(i >> 16); + // fall through + goto case 2; + case 2: + ios[ios.Length - 2] = (byte)(i >> 8); + // fall through + goto case 1; + case 1: + ios[ios.Length - 1] = (byte)i; + break; + default: + throw new InvalidOperationException("Unsupported size of counter i"); + } + + + + // special case for K(0): K(0) is empty, so no update + prf.BlockUpdate(fixedInputDataCtrPrefix, 0, fixedInputDataCtrPrefix.Length); + prf.BlockUpdate(ios, 0, ios.Length); + prf.BlockUpdate(fixedInputData_afterCtr, 0, fixedInputData_afterCtr.Length); + prf.DoFinal(k, 0); + } + } +} \ No newline at end of file diff --git a/BouncyCastle/crypto/src/crypto/generators/KDFDoublePipelineIterationBytesGenerator.cs b/BouncyCastle/crypto/src/crypto/generators/KDFDoublePipelineIterationBytesGenerator.cs new file mode 100644 index 0000000..9010ae2 --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/generators/KDFDoublePipelineIterationBytesGenerator.cs @@ -0,0 +1,182 @@ +using System; + +using Org.BouncyCastle.Crypto.Macs; +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Math; + +namespace Org.BouncyCastle.Crypto.Generators +{ + public class KdfDoublePipelineIterationBytesGenerator : IMacDerivationFunction + { + private static readonly BigInteger IntegerMax = BigInteger.ValueOf(0x7fffffff); + private static readonly BigInteger Two = BigInteger.Two; + + // fields set by the constructor + private readonly IMac prf; + private readonly int h; + + // fields set by init + private byte[] fixedInputData; + private int maxSizeExcl; + // ios is i defined as an octet string (the binary representation) + private byte[] ios; + private bool useCounter; + + // operational + private int generatedBytes; + // k is used as buffer for all K(i) values + private byte[] a; + private byte[] k; + + + public KdfDoublePipelineIterationBytesGenerator(IMac prf) + { + this.prf = prf; + this.h = prf.GetMacSize(); + this.a = new byte[h]; + this.k = new byte[h]; + } + + + public void Init(IDerivationParameters parameters) + { + KdfDoublePipelineIterationParameters dpiParams = parameters as KdfDoublePipelineIterationParameters; + if (dpiParams == null) + { + throw new ArgumentException("Wrong type of arguments given"); + } + + + + // --- init mac based PRF --- + + this.prf.Init(new KeyParameter(dpiParams.Ki)); + + // --- set arguments --- + + this.fixedInputData = dpiParams.FixedInputData; + + int r = dpiParams.R; + this.ios = new byte[r / 8]; + + if (dpiParams.UseCounter) + { + // this is more conservative than the spec + BigInteger maxSize = Two.Pow(r).Multiply(BigInteger.ValueOf(h)); + this.maxSizeExcl = maxSize.CompareTo(IntegerMax) == 1 ? + Int32.MaxValue : maxSize.IntValue; + } + else + { + this.maxSizeExcl = IntegerMax.IntValue; + } + + this.useCounter = dpiParams.UseCounter; + + // --- set operational state --- + + generatedBytes = 0; + } + + + + + private void generateNext() + { + + if (generatedBytes == 0) + { + // --- step 4 --- + prf.BlockUpdate(fixedInputData, 0, fixedInputData.Length); + prf.DoFinal(a, 0); + } + else + { + // --- step 5a --- + prf.BlockUpdate(a, 0, a.Length); + prf.DoFinal(a, 0); + } + + // --- step 5b --- + prf.BlockUpdate(a, 0, a.Length); + + if (useCounter) + { + int i = generatedBytes / h + 1; + + // encode i into counter buffer + switch (ios.Length) + { + case 4: + ios[0] = (byte)(i >> 24); + // fall through + goto case 3; + case 3: + ios[ios.Length - 3] = (byte)(i >> 16); + // fall through + goto case 2; + case 2: + ios[ios.Length - 2] = (byte)(i >> 8); + // fall through + goto case 1; + case 1: + ios[ios.Length - 1] = (byte)i; + break; + default: + throw new InvalidOperationException("Unsupported size of counter i"); + } + prf.BlockUpdate(ios, 0, ios.Length); + } + + prf.BlockUpdate(fixedInputData, 0, fixedInputData.Length); + prf.DoFinal(k, 0); + } + + public IDigest Digest + { + get { return prf is HMac ? ((HMac)prf).GetUnderlyingDigest() : null; } + } + + public int GenerateBytes(byte[] output, int outOff, int length) + { + int generatedBytesAfter = generatedBytes + length; + if (generatedBytesAfter < 0 || generatedBytesAfter >= maxSizeExcl) + { + throw new DataLengthException( + "Current KDFCTR may only be used for " + maxSizeExcl + " bytes"); + } + + if (generatedBytes % h == 0) + { + generateNext(); + } + + // copy what is left in the currentT (1..hash + int toGenerate = length; + int posInK = generatedBytes % h; + int leftInK = h - generatedBytes % h; + int toCopy = System.Math.Min(leftInK, toGenerate); + Array.Copy(k, posInK, output, outOff, toCopy); + generatedBytes += toCopy; + toGenerate -= toCopy; + outOff += toCopy; + + while (toGenerate > 0) + { + generateNext(); + toCopy = System.Math.Min(h, toGenerate); + Array.Copy(k, 0, output, outOff, toCopy); + generatedBytes += toCopy; + toGenerate -= toCopy; + outOff += toCopy; + } + + return length; + } + + public IMac GetMac() + { + return prf; + } + } +} \ No newline at end of file diff --git a/BouncyCastle/crypto/src/crypto/generators/KDFFeedbackBytesGenerator.cs b/BouncyCastle/crypto/src/crypto/generators/KDFFeedbackBytesGenerator.cs new file mode 100644 index 0000000..19ce0ea --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/generators/KDFFeedbackBytesGenerator.cs @@ -0,0 +1,177 @@ +using System; + +using Org.BouncyCastle.Crypto.Macs; +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Math; + +namespace Org.BouncyCastle.Crypto.Generators +{ + public class KdfFeedbackBytesGenerator : IMacDerivationFunction + { + private static readonly BigInteger IntegerMax = BigInteger.ValueOf(0x7fffffff); + private static readonly BigInteger Two = BigInteger.Two; + + // please refer to the standard for the meaning of the variable names + // all field lengths are in bytes, not in bits as specified by the standard + + // fields set by the constructor + private readonly IMac prf; + private readonly int h; + + // fields set by init + private byte[] fixedInputData; + private int maxSizeExcl; + // ios is i defined as an octet string (the binary representation) + private byte[] ios; + private byte[] iv; + private bool useCounter; + + // operational + private int generatedBytes; + // k is used as buffer for all K(i) values + private byte[] k; + + public KdfFeedbackBytesGenerator(IMac prf) + { + this.prf = prf; + this.h = prf.GetMacSize(); + this.k = new byte[h]; + } + + + public void Init(IDerivationParameters parameters) + { + KdfFeedbackParameters feedbackParams = parameters as KdfFeedbackParameters; + if (feedbackParams == null) + { + throw new ArgumentException("Wrong type of arguments given"); + } + + + // --- init mac based PRF --- + + this.prf.Init(new KeyParameter(feedbackParams.Ki)); + + // --- set arguments --- + + this.fixedInputData = feedbackParams.FixedInputData; + + int r = feedbackParams.R; + this.ios = new byte[r / 8]; + + if (feedbackParams.UseCounter) + { + // this is more conservative than the spec + BigInteger maxSize = Two.Pow(r).Multiply(BigInteger.ValueOf(h)); + this.maxSizeExcl = maxSize.CompareTo(IntegerMax) == 1 ? + Int32.MaxValue : maxSize.IntValue; + } + else + { + this.maxSizeExcl = Int32.MaxValue; + } + + this.iv = feedbackParams.Iv; + this.useCounter = feedbackParams.UseCounter; + + // --- set operational state --- + + generatedBytes = 0; + } + + public IDigest Digest + { + get { return prf is HMac ? ((HMac)prf).GetUnderlyingDigest() : null; } + } + + public int GenerateBytes(byte[] output, int outOff, int length) + { + int generatedBytesAfter = generatedBytes + length; + if (generatedBytesAfter < 0 || generatedBytesAfter >= maxSizeExcl) + { + throw new DataLengthException( + "Current KDFCTR may only be used for " + maxSizeExcl + " bytes"); + } + + if (generatedBytes % h == 0) + { + generateNext(); + } + + // copy what is left in the currentT (1..hash + int toGenerate = length; + int posInK = generatedBytes % h; + int leftInK = h - generatedBytes % h; + + + int toCopy = System.Math.Min(leftInK, toGenerate); + Array.Copy(k, posInK, output, outOff, toCopy); + + generatedBytes += toCopy; + toGenerate -= toCopy; + outOff += toCopy; + + while (toGenerate > 0) + { + generateNext(); + toCopy = System.Math.Min(h, toGenerate); + Array.Copy(k, 0, output, outOff, toCopy); + generatedBytes += toCopy; + toGenerate -= toCopy; + outOff += toCopy; + } + + return length; + } + + private void generateNext() + { + + // TODO enable IV + if (generatedBytes == 0) + { + prf.BlockUpdate(iv, 0, iv.Length); + } + else + { + prf.BlockUpdate(k, 0, k.Length); + } + + if (useCounter) + { + int i = generatedBytes / h + 1; + + // encode i into counter buffer + switch (ios.Length) + { + case 4: + ios[0] = (byte)(i >> 24); + goto case 3; + // fall through + case 3: + ios[ios.Length - 3] = (byte)(i >> 16); + // fall through + goto case 2; + case 2: + ios[ios.Length - 2] = (byte)(i >> 8); + // fall through + goto case 1; + case 1: + ios[ios.Length - 1] = (byte)i; + break; + default: + throw new InvalidOperationException("Unsupported size of counter i"); + } + prf.BlockUpdate(ios, 0, ios.Length); + } + + prf.BlockUpdate(fixedInputData, 0, fixedInputData.Length); + prf.DoFinal(k, 0); + } + + public IMac GetMac() + { + return prf; + } + } +} \ No newline at end of file diff --git a/BouncyCastle/crypto/src/crypto/generators/Kdf1BytesGenerator.cs b/BouncyCastle/crypto/src/crypto/generators/Kdf1BytesGenerator.cs new file mode 100644 index 0000000..0ddf6c1 --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/generators/Kdf1BytesGenerator.cs @@ -0,0 +1,26 @@ +using System; + +using Org.BouncyCastle.Crypto; +using Org.BouncyCastle.Crypto.Parameters; + +namespace Org.BouncyCastle.Crypto.Generators +{ + /** + * KFD2 generator for derived keys and ivs as defined by IEEE P1363a/ISO 18033 + *
+ * This implementation is based on IEEE P1363/ISO 18033. + */ + public class Kdf1BytesGenerator + : BaseKdfBytesGenerator + { + /** + * Construct a KDF1 byte generator. + * + * @param digest the digest to be used as the source of derived keys. + */ + public Kdf1BytesGenerator(IDigest digest) + : base(0, digest) + { + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/generators/Kdf2BytesGenerator.cs b/BouncyCastle/crypto/src/crypto/generators/Kdf2BytesGenerator.cs new file mode 100644 index 0000000..8a68219 --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/generators/Kdf2BytesGenerator.cs @@ -0,0 +1,27 @@ +using System; + +using Org.BouncyCastle.Crypto; +using Org.BouncyCastle.Crypto.Parameters; + +namespace Org.BouncyCastle.Crypto.Generators +{ + /** + * KDF2 generator for derived keys and ivs as defined by IEEE P1363a/ISO 18033 + *
+ * This implementation is based on IEEE P1363/ISO 18033. + */ + public class Kdf2BytesGenerator + : BaseKdfBytesGenerator + { + /** + * Construct a KDF2 bytes generator. Generates key material + * according to IEEE P1363 or ISO 18033 depending on the initialisation. + * + * @param digest the digest to be used as the source of derived keys. + */ + public Kdf2BytesGenerator(IDigest digest) + : base(1, digest) + { + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/generators/Mgf1BytesGenerator.cs b/BouncyCastle/crypto/src/crypto/generators/Mgf1BytesGenerator.cs new file mode 100644 index 0000000..23a3aca --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/generators/Mgf1BytesGenerator.cs @@ -0,0 +1,117 @@ +using System; +//using Org.BouncyCastle.Math; +//using Org.BouncyCastle.Security; +using Org.BouncyCastle.Crypto; +using Org.BouncyCastle.Crypto.Parameters; + +namespace Org.BouncyCastle.Crypto.Generators +{ + /** + * Generator for MGF1 as defined in Pkcs 1v2 + */ + public class Mgf1BytesGenerator : IDerivationFunction + { + private IDigest digest; + private byte[] seed; + private int hLen; + + /** + * @param digest the digest to be used as the source of Generated bytes + */ + public Mgf1BytesGenerator( + IDigest digest) + { + this.digest = digest; + this.hLen = digest.GetDigestSize(); + } + + public void Init( + IDerivationParameters parameters) + { + if (!(typeof(MgfParameters).IsInstanceOfType(parameters))) + { + throw new ArgumentException("MGF parameters required for MGF1Generator"); + } + + MgfParameters p = (MgfParameters)parameters; + + seed = p.GetSeed(); + } + + /** + * return the underlying digest. + */ + public IDigest Digest + { + get + { + return digest; + } + } + + /** + * int to octet string. + */ + private void ItoOSP( + int i, + byte[] sp) + { + sp[0] = (byte)((uint) i >> 24); + sp[1] = (byte)((uint) i >> 16); + sp[2] = (byte)((uint) i >> 8); + sp[3] = (byte)((uint) i >> 0); + } + + /** + * fill len bytes of the output buffer with bytes Generated from + * the derivation function. + * + * @throws DataLengthException if the out buffer is too small. + */ + public int GenerateBytes( + byte[] output, + int outOff, + int length) + { + if ((output.Length - length) < outOff) + { + throw new DataLengthException("output buffer too small"); + } + + byte[] hashBuf = new byte[hLen]; + byte[] C = new byte[4]; + int counter = 0; + + digest.Reset(); + + if (length > hLen) + { + do + { + ItoOSP(counter, C); + + digest.BlockUpdate(seed, 0, seed.Length); + digest.BlockUpdate(C, 0, C.Length); + digest.DoFinal(hashBuf, 0); + + Array.Copy(hashBuf, 0, output, outOff + counter * hLen, hLen); + } + while (++counter < (length / hLen)); + } + + if ((counter * hLen) < length) + { + ItoOSP(counter, C); + + digest.BlockUpdate(seed, 0, seed.Length); + digest.BlockUpdate(C, 0, C.Length); + digest.DoFinal(hashBuf, 0); + + Array.Copy(hashBuf, 0, output, outOff + counter * hLen, length - (counter * hLen)); + } + + return length; + } + } + +} diff --git a/BouncyCastle/crypto/src/crypto/generators/NaccacheSternKeyPairGenerator.cs b/BouncyCastle/crypto/src/crypto/generators/NaccacheSternKeyPairGenerator.cs new file mode 100644 index 0000000..d681068 --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/generators/NaccacheSternKeyPairGenerator.cs @@ -0,0 +1,268 @@ +using System; +using System.Collections; + +using Org.BouncyCastle.Crypto; +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Math; +using Org.BouncyCastle.Security; +using Org.BouncyCastle.Utilities; +using Org.BouncyCastle.Utilities.Collections; + +namespace Org.BouncyCastle.Crypto.Generators +{ + /** + * Key generation parameters for NaccacheStern cipher. For details on this cipher, please see + * + * http://www.gemplus.com/smart/rd/publications/pdf/NS98pkcs.pdf + */ + public class NaccacheSternKeyPairGenerator + : IAsymmetricCipherKeyPairGenerator + { + private static readonly int[] smallPrimes = + { + 3, 5, 7, 11, 13, 17, 19, 23, 29, 31, 37, 41, 43, 47, 53, 59, 61, 67, + 71, 73, 79, 83, 89, 97, 101, 103, 107, 109, 113, 127, 131, 137, 139, 149, + 151, 157, 163, 167, 173, 179, 181, 191, 193, 197, 199, 211, 223, 227, 229, 233, + 239, 241, 251, 257, 263, 269, 271, 277, 281, 283, 293, 307, 311, 313, 317, 331, + 337, 347, 349, 353, 359, 367, 373, 379, 383, 389, 397, 401, 409, 419, 421, 431, + 433, 439, 443, 449, 457, 461, 463, 467, 479, 487, 491, 499, 503, 509, 521, 523, + 541, 547, 557 + }; + + private NaccacheSternKeyGenerationParameters param; + + /* + * (non-Javadoc) + * + * @see org.bouncycastle.crypto.AsymmetricCipherKeyPairGenerator#init(org.bouncycastle.crypto.KeyGenerationParameters) + */ + public void Init(KeyGenerationParameters parameters) + { + this.param = (NaccacheSternKeyGenerationParameters)parameters; + } + + /* + * (non-Javadoc) + * + * @see org.bouncycastle.crypto.AsymmetricCipherKeyPairGenerator#generateKeyPair() + */ + public AsymmetricCipherKeyPair GenerateKeyPair() + { + int strength = param.Strength; + SecureRandom rand = param.Random; + int certainty = param.Certainty; + + IList smallPrimes = findFirstPrimes(param.CountSmallPrimes); + + smallPrimes = permuteList(smallPrimes, rand); + + BigInteger u = BigInteger.One; + BigInteger v = BigInteger.One; + + for (int i = 0; i < smallPrimes.Count / 2; i++) + { + u = u.Multiply((BigInteger)smallPrimes[i]); + } + for (int i = smallPrimes.Count / 2; i < smallPrimes.Count; i++) + { + v = v.Multiply((BigInteger)smallPrimes[i]); + } + + BigInteger sigma = u.Multiply(v); + + // n = (2 a u _p + 1 ) ( 2 b v _q + 1) + // -> |n| = strength + // |2| = 1 in bits + // -> |a| * |b| = |n| - |u| - |v| - |_p| - |_q| - |2| -|2| + // remainingStrength = strength - sigma.bitLength() - _p.bitLength() - + // _q.bitLength() - 1 -1 + int remainingStrength = strength - sigma.BitLength - 48; + BigInteger a = generatePrime(remainingStrength / 2 + 1, certainty, rand); + BigInteger b = generatePrime(remainingStrength / 2 + 1, certainty, rand); + + BigInteger _p; + BigInteger _q; + BigInteger p; + BigInteger q; + + long tries = 0; + + BigInteger _2au = a.Multiply(u).ShiftLeft(1); + BigInteger _2bv = b.Multiply(v).ShiftLeft(1); + + for (;;) + { + tries++; + + _p = generatePrime(24, certainty, rand); + + p = _p.Multiply(_2au).Add(BigInteger.One); + + if (!p.IsProbablePrime(certainty, true)) + continue; + + for (;;) + { + _q = generatePrime(24, certainty, rand); + + if (_p.Equals(_q)) + continue; + + q = _q.Multiply(_2bv).Add(BigInteger.One); + + if (q.IsProbablePrime(certainty, true)) + break; + } + + if (!sigma.Gcd(_p.Multiply(_q)).Equals(BigInteger.One)) + { + //Console.WriteLine("sigma.gcd(_p.mult(_q)) != 1!\n _p: " + _p +"\n _q: "+ _q ); + continue; + } + + if (p.Multiply(q).BitLength < strength) + { + continue; + } + break; + } + + BigInteger n = p.Multiply(q); + BigInteger phi_n = p.Subtract(BigInteger.One).Multiply(q.Subtract(BigInteger.One)); + BigInteger g; + tries = 0; + + for (;;) + { + // TODO After the first loop, just regenerate one randomly-selected gPart each time? + IList gParts = Platform.CreateArrayList(); + for (int ind = 0; ind != smallPrimes.Count; ind++) + { + BigInteger i = (BigInteger)smallPrimes[ind]; + BigInteger e = phi_n.Divide(i); + + for (;;) + { + tries++; + + g = generatePrime(strength, certainty, rand); + + if (!g.ModPow(e, n).Equals(BigInteger.One)) + { + gParts.Add(g); + break; + } + } + } + g = BigInteger.One; + for (int i = 0; i < smallPrimes.Count; i++) + { + BigInteger gPart = (BigInteger) gParts[i]; + BigInteger smallPrime = (BigInteger) smallPrimes[i]; + g = g.Multiply(gPart.ModPow(sigma.Divide(smallPrime), n)).Mod(n); + } + + // make sure that g is not divisible by p_i or q_i + bool divisible = false; + for (int i = 0; i < smallPrimes.Count; i++) + { + if (g.ModPow(phi_n.Divide((BigInteger)smallPrimes[i]), n).Equals(BigInteger.One)) + { + divisible = true; + break; + } + } + + if (divisible) + { + continue; + } + + // make sure that g has order > phi_n/4 + + //if (g.ModPow(phi_n.Divide(BigInteger.ValueOf(4)), n).Equals(BigInteger.One)) + if (g.ModPow(phi_n.ShiftRight(2), n).Equals(BigInteger.One)) + { + continue; + } + + if (g.ModPow(phi_n.Divide(_p), n).Equals(BigInteger.One)) + { + continue; + } + if (g.ModPow(phi_n.Divide(_q), n).Equals(BigInteger.One)) + { + continue; + } + if (g.ModPow(phi_n.Divide(a), n).Equals(BigInteger.One)) + { + continue; + } + if (g.ModPow(phi_n.Divide(b), n).Equals(BigInteger.One)) + { + continue; + } + break; + } + + return new AsymmetricCipherKeyPair(new NaccacheSternKeyParameters(false, g, n, sigma.BitLength), + new NaccacheSternPrivateKeyParameters(g, n, sigma.BitLength, smallPrimes, phi_n)); + } + + private static BigInteger generatePrime( + int bitLength, + int certainty, + SecureRandom rand) + { + return new BigInteger(bitLength, certainty, rand); + } + + /** + * Generates a permuted ArrayList from the original one. The original List + * is not modified + * + * @param arr + * the ArrayList to be permuted + * @param rand + * the source of Randomness for permutation + * @return a new IList with the permuted elements. + */ + private static IList permuteList( + IList arr, + SecureRandom rand) + { + // TODO Create a utility method for generating permutation of first 'n' integers + + IList retval = Platform.CreateArrayList(arr.Count); + + foreach (object element in arr) + { + int index = rand.Next(retval.Count + 1); + retval.Insert(index, element); + } + + return retval; + } + + /** + * Finds the first 'count' primes starting with 3 + * + * @param count + * the number of primes to find + * @return a vector containing the found primes as Integer + */ + private static IList findFirstPrimes( + int count) + { + IList primes = Platform.CreateArrayList(count); + + for (int i = 0; i != count; i++) + { + primes.Add(BigInteger.ValueOf(smallPrimes[i])); + } + + return primes; + } + + } +} diff --git a/BouncyCastle/crypto/src/crypto/generators/OpenBsdBCrypt.cs b/BouncyCastle/crypto/src/crypto/generators/OpenBsdBCrypt.cs new file mode 100644 index 0000000..da6e2b9 --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/generators/OpenBsdBCrypt.cs @@ -0,0 +1,305 @@ +using System; +using System.IO; +using System.Text; + +using Org.BouncyCastle.Utilities; +using Org.BouncyCastle.Utilities.Collections; + +namespace Org.BouncyCastle.Crypto.Generators +{ + /** + * Password hashing scheme BCrypt, + * designed by Niels Provos and David Mazières, using the + * String format and the Base64 encoding + * of the reference implementation on OpenBSD + */ + public class OpenBsdBCrypt + { + private static readonly byte[] EncodingTable = // the Bcrypts encoding table for OpenBSD + { + (byte)'.', (byte)'/', (byte)'A', (byte)'B', (byte)'C', (byte)'D', + (byte)'E', (byte)'F', (byte)'G', (byte)'H', (byte)'I', (byte)'J', + (byte)'K', (byte)'L', (byte)'M', (byte)'N', (byte)'O', (byte)'P', + (byte)'Q', (byte)'R', (byte)'S', (byte)'T', (byte)'U', (byte)'V', + (byte)'W', (byte)'X', (byte)'Y', (byte)'Z', (byte)'a', (byte)'b', + (byte)'c', (byte)'d', (byte)'e', (byte)'f', (byte)'g', (byte)'h', + (byte)'i', (byte)'j', (byte)'k', (byte)'l', (byte)'m', (byte)'n', + (byte)'o', (byte)'p', (byte)'q', (byte)'r', (byte)'s', (byte)'t', + (byte)'u', (byte)'v', (byte)'w', (byte)'x', (byte)'y', (byte)'z', + (byte)'0', (byte)'1', (byte)'2', (byte)'3', (byte)'4', (byte)'5', + (byte)'6', (byte)'7', (byte)'8', (byte)'9' + }; + + /* + * set up the decoding table. + */ + private static readonly byte[] DecodingTable = new byte[128]; + private static readonly string DefaultVersion = "2y"; + private static readonly ISet AllowedVersions = new HashSet(); + + static OpenBsdBCrypt() + { + // Presently just the Bcrypt versions. + AllowedVersions.Add("2a"); + AllowedVersions.Add("2y"); + AllowedVersions.Add("2b"); + + for (int i = 0; i < DecodingTable.Length; i++) + { + DecodingTable[i] = (byte)0xff; + } + + for (int i = 0; i < EncodingTable.Length; i++) + { + DecodingTable[EncodingTable[i]] = (byte)i; + } + } + + public OpenBsdBCrypt() + { + } + + /** + * Creates a 60 character Bcrypt String, including + * version, cost factor, salt and hash, separated by '$' + * + * @param version the version, 2y,2b or 2a. (2a is not backwards compatible.) + * @param cost the cost factor, treated as an exponent of 2 + * @param salt a 16 byte salt + * @param password the password + * @return a 60 character Bcrypt String + */ + private static string CreateBcryptString(string version, byte[] password, byte[] salt, int cost) + { + if (!AllowedVersions.Contains(version)) + throw new ArgumentException("Version " + version + " is not accepted by this implementation.", "version"); + + StringBuilder sb = new StringBuilder(60); + sb.Append('$'); + sb.Append(version); + sb.Append('$'); + sb.Append(cost < 10 ? ("0" + cost) : cost.ToString()); + sb.Append('$'); + sb.Append(EncodeData(salt)); + + byte[] key = BCrypt.Generate(password, salt, cost); + + sb.Append(EncodeData(key)); + + return sb.ToString(); + } + + /** + * Creates a 60 character Bcrypt String, including + * version, cost factor, salt and hash, separated by '$' using version + * '2y'. + * + * @param cost the cost factor, treated as an exponent of 2 + * @param salt a 16 byte salt + * @param password the password + * @return a 60 character Bcrypt String + */ + public static string Generate(char[] password, byte[] salt, int cost) + { + return Generate(DefaultVersion, password, salt, cost); + } + + /** + * Creates a 60 character Bcrypt String, including + * version, cost factor, salt and hash, separated by '$' + * + * @param version the version, may be 2b, 2y or 2a. (2a is not backwards compatible.) + * @param cost the cost factor, treated as an exponent of 2 + * @param salt a 16 byte salt + * @param password the password + * @return a 60 character Bcrypt String + */ + public static string Generate(string version, char[] password, byte[] salt, int cost) + { + if (!AllowedVersions.Contains(version)) + throw new ArgumentException("Version " + version + " is not accepted by this implementation.", "version"); + if (password == null) + throw new ArgumentNullException("password"); + if (salt == null) + throw new ArgumentNullException("salt"); + if (salt.Length != 16) + throw new DataLengthException("16 byte salt required: " + salt.Length); + + if (cost < 4 || cost > 31) // Minimum rounds: 16, maximum 2^31 + throw new ArgumentException("Invalid cost factor.", "cost"); + + byte[] psw = Strings.ToUtf8ByteArray(password); + + // 0 termination: + + byte[] tmp = new byte[psw.Length >= 72 ? 72 : psw.Length + 1]; + int copyLen = System.Math.Min(psw.Length, tmp.Length); + Array.Copy(psw, 0, tmp, 0, copyLen); + + Array.Clear(psw, 0, psw.Length); + + string rv = CreateBcryptString(version, tmp, salt, cost); + + Array.Clear(tmp, 0, tmp.Length); + + return rv; + } + + /** + * Checks if a password corresponds to a 60 character Bcrypt String + * + * @param bcryptString a 60 character Bcrypt String, including + * version, cost factor, salt and hash, + * separated by '$' + * @param password the password as an array of chars + * @return true if the password corresponds to the + * Bcrypt String, otherwise false + */ + public static bool CheckPassword(string bcryptString, char[] password) + { + // validate bcryptString: + if (bcryptString.Length != 60) + throw new DataLengthException("Bcrypt String length: " + bcryptString.Length + ", 60 required."); + if (bcryptString[0] != '$' || bcryptString[3] != '$' || bcryptString[6] != '$') + throw new ArgumentException("Invalid Bcrypt String format.", "bcryptString"); + + string version = bcryptString.Substring(1, 2); + if (!AllowedVersions.Contains(version)) + throw new ArgumentException("Bcrypt version '" + version + "' is not supported by this implementation", "bcryptString"); + + int cost = 0; + try + { + cost = Int32.Parse(bcryptString.Substring(4, 2)); + } + catch (Exception nfe) + { +#if PORTABLE + throw new ArgumentException("Invalid cost factor: " + bcryptString.Substring(4, 2), "bcryptString"); +#else + throw new ArgumentException("Invalid cost factor: " + bcryptString.Substring(4, 2), "bcryptString", nfe); +#endif + } + if (cost < 4 || cost > 31) + throw new ArgumentException("Invalid cost factor: " + cost + ", 4 < cost < 31 expected."); + + // check password: + if (password == null) + throw new ArgumentNullException("Missing password."); + + int start = bcryptString.LastIndexOf('$') + 1, end = bcryptString.Length - 31; + byte[] salt = DecodeSaltString(bcryptString.Substring(start, end - start)); + + string newBcryptString = Generate(version, password, salt, cost); + + return bcryptString.Equals(newBcryptString); + } + + /* + * encode the input data producing a Bcrypt base 64 string. + * + * @param a byte representation of the salt or the password + * @return the Bcrypt base64 string + */ + private static string EncodeData(byte[] data) + { + if (data.Length != 24 && data.Length != 16) // 192 bit key or 128 bit salt expected + throw new DataLengthException("Invalid length: " + data.Length + ", 24 for key or 16 for salt expected"); + + bool salt = false; + if (data.Length == 16)//salt + { + salt = true; + byte[] tmp = new byte[18];// zero padding + Array.Copy(data, 0, tmp, 0, data.Length); + data = tmp; + } + else // key + { + data[data.Length - 1] = (byte)0; + } + + MemoryStream mOut = new MemoryStream(); + int len = data.Length; + + uint a1, a2, a3; + int i; + for (i = 0; i < len; i += 3) + { + a1 = data[i]; + a2 = data[i + 1]; + a3 = data[i + 2]; + + mOut.WriteByte(EncodingTable[(a1 >> 2) & 0x3f]); + mOut.WriteByte(EncodingTable[((a1 << 4) | (a2 >> 4)) & 0x3f]); + mOut.WriteByte(EncodingTable[((a2 << 2) | (a3 >> 6)) & 0x3f]); + mOut.WriteByte(EncodingTable[a3 & 0x3f]); + } + + string result = Strings.FromByteArray(mOut.ToArray()); + int resultLen = salt + ? 22 // truncate padding + : result.Length - 1; + + return result.Substring(0, resultLen); + } + + + /* + * decodes the bcrypt base 64 encoded SaltString + * + * @param a 22 character Bcrypt base 64 encoded String + * @return the 16 byte salt + * @exception DataLengthException if the length + * of parameter is not 22 + * @exception InvalidArgumentException if the parameter + * contains a value other than from Bcrypts base 64 encoding table + */ + private static byte[] DecodeSaltString(string saltString) + { + char[] saltChars = saltString.ToCharArray(); + + MemoryStream mOut = new MemoryStream(16); + byte b1, b2, b3, b4; + + if (saltChars.Length != 22)// bcrypt salt must be 22 (16 bytes) + throw new DataLengthException("Invalid base64 salt length: " + saltChars.Length + " , 22 required."); + + // check string for invalid characters: + for (int i = 0; i < saltChars.Length; i++) + { + int value = saltChars[i]; + if (value > 122 || value < 46 || (value > 57 && value < 65)) + throw new ArgumentException("Salt string contains invalid character: " + value, "saltString"); + } + + // Padding: add two '\u0000' + char[] tmp = new char[22 + 2]; + Array.Copy(saltChars, 0, tmp, 0, saltChars.Length); + saltChars = tmp; + + int len = saltChars.Length; + + for (int i = 0; i < len; i += 4) + { + b1 = DecodingTable[saltChars[i]]; + b2 = DecodingTable[saltChars[i + 1]]; + b3 = DecodingTable[saltChars[i + 2]]; + b4 = DecodingTable[saltChars[i + 3]]; + + mOut.WriteByte((byte)((b1 << 2) | (b2 >> 4))); + mOut.WriteByte((byte)((b2 << 4) | (b3 >> 2))); + mOut.WriteByte((byte)((b3 << 6) | b4)); + } + + byte[] saltBytes = mOut.ToArray(); + + // truncate: + byte[] tmpSalt = new byte[16]; + Array.Copy(saltBytes, 0, tmpSalt, 0, tmpSalt.Length); + saltBytes = tmpSalt; + + return saltBytes; + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/generators/OpenSSLPBEParametersGenerator.cs b/BouncyCastle/crypto/src/crypto/generators/OpenSSLPBEParametersGenerator.cs new file mode 100644 index 0000000..1b77d34 --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/generators/OpenSSLPBEParametersGenerator.cs @@ -0,0 +1,183 @@ +using System; + +using Org.BouncyCastle.Crypto.Digests; +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Security; + +namespace Org.BouncyCastle.Crypto.Generators +{ + /// + /// + /// + /// Generator for PBE derived keys and ivs as usd by OpenSSL. + ///

+ /// Originally this scheme was a simple extension of PKCS 5 V2.0 Scheme 1 using MD5 with an + /// iteration count of 1. The default digest was changed to SHA-256 with OpenSSL 1.1.0. This + /// implementation still defaults to MD5, but the digest can now be set. + /// + /// + public class OpenSslPbeParametersGenerator + : PbeParametersGenerator + { + private readonly IDigest digest; + + /// + /// + /// Construct a OpenSSL Parameters generator - digest the original MD5. + /// + /// + public OpenSslPbeParametersGenerator() : this(new MD5Digest()) + { + } + + /// + /// + /// Construct a OpenSSL Parameters generator - digest as specified. + /// + /// the digest to use as the PRF. + /// + public OpenSslPbeParametersGenerator(IDigest digest) + { + this.digest = digest; + } + + public override void Init( + byte[] password, + byte[] salt, + int iterationCount) + { + // Ignore the provided iterationCount + base.Init(password, salt, 1); + } + + /** + * Initialise - note the iteration count for this algorithm is fixed at 1. + * + * @param password password to use. + * @param salt salt to use. + */ + public virtual void Init( + byte[] password, + byte[] salt) + { + base.Init(password, salt, 1); + } + + /** + * the derived key function, the ith hash of the password and the salt. + */ + private byte[] GenerateDerivedKey( + int bytesNeeded) + { + byte[] buf = new byte[digest.GetDigestSize()]; + byte[] key = new byte[bytesNeeded]; + int offset = 0; + + for (;;) + { + digest.BlockUpdate(mPassword, 0, mPassword.Length); + digest.BlockUpdate(mSalt, 0, mSalt.Length); + + digest.DoFinal(buf, 0); + + int len = (bytesNeeded > buf.Length) ? buf.Length : bytesNeeded; + Array.Copy(buf, 0, key, offset, len); + offset += len; + + // check if we need any more + bytesNeeded -= len; + if (bytesNeeded == 0) + { + break; + } + + // do another round + digest.Reset(); + digest.BlockUpdate(buf, 0, buf.Length); + } + + return key; + } + + /** + * Generate a key parameter derived from the password, salt, and iteration + * count we are currently initialised with. + * + * @param keySize the size of the key we want (in bits) + * @return a KeyParameter object. + * @exception ArgumentException if the key length larger than the base hash size. + */ + [Obsolete("Use version with 'algorithm' parameter")] + public override ICipherParameters GenerateDerivedParameters( + int keySize) + { + return GenerateDerivedMacParameters(keySize); + } + + public override ICipherParameters GenerateDerivedParameters( + string algorithm, + int keySize) + { + keySize /= 8; + + byte[] dKey = GenerateDerivedKey(keySize); + + return ParameterUtilities.CreateKeyParameter(algorithm, dKey, 0, keySize); + } + + /** + * Generate a key with initialisation vector parameter derived from + * the password, salt, and iteration count we are currently initialised + * with. + * + * @param keySize the size of the key we want (in bits) + * @param ivSize the size of the iv we want (in bits) + * @return a ParametersWithIV object. + * @exception ArgumentException if keySize + ivSize is larger than the base hash size. + */ + [Obsolete("Use version with 'algorithm' parameter")] + public override ICipherParameters GenerateDerivedParameters( + int keySize, + int ivSize) + { + keySize = keySize / 8; + ivSize = ivSize / 8; + + byte[] dKey = GenerateDerivedKey(keySize + ivSize); + + return new ParametersWithIV(new KeyParameter(dKey, 0, keySize), dKey, keySize, ivSize); + } + + public override ICipherParameters GenerateDerivedParameters( + string algorithm, + int keySize, + int ivSize) + { + keySize /= 8; + ivSize /= 8; + + byte[] dKey = GenerateDerivedKey(keySize + ivSize); + KeyParameter key = ParameterUtilities.CreateKeyParameter(algorithm, dKey, 0, keySize); + + return new ParametersWithIV(key, dKey, keySize, ivSize); + } + + /** + * Generate a key parameter for use with a MAC derived from the password, + * salt, and iteration count we are currently initialised with. + * + * @param keySize the size of the key we want (in bits) + * @return a KeyParameter object. + * @exception ArgumentException if the key length larger than the base hash size. + */ + public override ICipherParameters GenerateDerivedMacParameters( + int keySize) + { + keySize = keySize / 8; + + byte[] dKey = GenerateDerivedKey(keySize); + + return new KeyParameter(dKey, 0, keySize); + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/generators/Pkcs12ParametersGenerator.cs b/BouncyCastle/crypto/src/crypto/generators/Pkcs12ParametersGenerator.cs new file mode 100644 index 0000000..85543a0 --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/generators/Pkcs12ParametersGenerator.cs @@ -0,0 +1,243 @@ +using System; + +using Org.BouncyCastle.Crypto; +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Math; +using Org.BouncyCastle.Security; + +namespace Org.BouncyCastle.Crypto.Generators +{ + /** + * Generator for Pbe derived keys and ivs as defined by Pkcs 12 V1.0. + *

+ * The document this implementation is based on can be found at + * + * RSA's Pkcs12 Page + *

+ */ + public class Pkcs12ParametersGenerator + : PbeParametersGenerator + { + public const int KeyMaterial = 1; + public const int IVMaterial = 2; + public const int MacMaterial = 3; + + private readonly IDigest digest; + + private readonly int u; + private readonly int v; + + /** + * Construct a Pkcs 12 Parameters generator. + * + * @param digest the digest to be used as the source of derived keys. + * @exception ArgumentException if an unknown digest is passed in. + */ + public Pkcs12ParametersGenerator( + IDigest digest) + { + this.digest = digest; + + u = digest.GetDigestSize(); + v = digest.GetByteLength(); + } + + /** + * add a + b + 1, returning the result in a. The a value is treated + * as a BigInteger of length (b.Length * 8) bits. The result is + * modulo 2^b.Length in case of overflow. + */ + private void Adjust( + byte[] a, + int aOff, + byte[] b) + { + int x = (b[b.Length - 1] & 0xff) + (a[aOff + b.Length - 1] & 0xff) + 1; + + a[aOff + b.Length - 1] = (byte)x; + x = (int) ((uint) x >> 8); + + for (int i = b.Length - 2; i >= 0; i--) + { + x += (b[i] & 0xff) + (a[aOff + i] & 0xff); + a[aOff + i] = (byte)x; + x = (int) ((uint) x >> 8); + } + } + + /** + * generation of a derived key ala Pkcs12 V1.0. + */ + private byte[] GenerateDerivedKey( + int idByte, + int n) + { + byte[] D = new byte[v]; + byte[] dKey = new byte[n]; + + for (int i = 0; i != D.Length; i++) + { + D[i] = (byte)idByte; + } + + byte[] S; + + if ((mSalt != null) && (mSalt.Length != 0)) + { + S = new byte[v * ((mSalt.Length + v - 1) / v)]; + + for (int i = 0; i != S.Length; i++) + { + S[i] = mSalt[i % mSalt.Length]; + } + } + else + { + S = new byte[0]; + } + + byte[] P; + + if ((mPassword != null) && (mPassword.Length != 0)) + { + P = new byte[v * ((mPassword.Length + v - 1) / v)]; + + for (int i = 0; i != P.Length; i++) + { + P[i] = mPassword[i % mPassword.Length]; + } + } + else + { + P = new byte[0]; + } + + byte[] I = new byte[S.Length + P.Length]; + + Array.Copy(S, 0, I, 0, S.Length); + Array.Copy(P, 0, I, S.Length, P.Length); + + byte[] B = new byte[v]; + int c = (n + u - 1) / u; + byte[] A = new byte[u]; + + for (int i = 1; i <= c; i++) + { + digest.BlockUpdate(D, 0, D.Length); + digest.BlockUpdate(I, 0, I.Length); + digest.DoFinal(A, 0); + + for (int j = 1; j != mIterationCount; j++) + { + digest.BlockUpdate(A, 0, A.Length); + digest.DoFinal(A, 0); + } + + for (int j = 0; j != B.Length; j++) + { + B[j] = A[j % A.Length]; + } + + for (int j = 0; j != I.Length / v; j++) + { + Adjust(I, j * v, B); + } + + if (i == c) + { + Array.Copy(A, 0, dKey, (i - 1) * u, dKey.Length - ((i - 1) * u)); + } + else + { + Array.Copy(A, 0, dKey, (i - 1) * u, A.Length); + } + } + + return dKey; + } + + /** + * Generate a key parameter derived from the password, salt, and iteration + * count we are currently initialised with. + * + * @param keySize the size of the key we want (in bits) + * @return a KeyParameter object. + */ + public override ICipherParameters GenerateDerivedParameters( + int keySize) + { + keySize /= 8; + + byte[] dKey = GenerateDerivedKey(KeyMaterial, keySize); + + return new KeyParameter(dKey, 0, keySize); + } + + public override ICipherParameters GenerateDerivedParameters( + string algorithm, + int keySize) + { + keySize /= 8; + + byte[] dKey = GenerateDerivedKey(KeyMaterial, keySize); + + return ParameterUtilities.CreateKeyParameter(algorithm, dKey, 0, keySize); + } + + /** + * Generate a key with initialisation vector parameter derived from + * the password, salt, and iteration count we are currently initialised + * with. + * + * @param keySize the size of the key we want (in bits) + * @param ivSize the size of the iv we want (in bits) + * @return a ParametersWithIV object. + */ + public override ICipherParameters GenerateDerivedParameters( + int keySize, + int ivSize) + { + keySize /= 8; + ivSize /= 8; + + byte[] dKey = GenerateDerivedKey(KeyMaterial, keySize); + + byte[] iv = GenerateDerivedKey(IVMaterial, ivSize); + + return new ParametersWithIV(new KeyParameter(dKey, 0, keySize), iv, 0, ivSize); + } + + public override ICipherParameters GenerateDerivedParameters( + string algorithm, + int keySize, + int ivSize) + { + keySize /= 8; + ivSize /= 8; + + byte[] dKey = GenerateDerivedKey(KeyMaterial, keySize); + KeyParameter key = ParameterUtilities.CreateKeyParameter(algorithm, dKey, 0, keySize); + + byte[] iv = GenerateDerivedKey(IVMaterial, ivSize); + + return new ParametersWithIV(key, iv, 0, ivSize); + } + + /** + * Generate a key parameter for use with a MAC derived from the password, + * salt, and iteration count we are currently initialised with. + * + * @param keySize the size of the key we want (in bits) + * @return a KeyParameter object. + */ + public override ICipherParameters GenerateDerivedMacParameters( + int keySize) + { + keySize /= 8; + + byte[] dKey = GenerateDerivedKey(MacMaterial, keySize); + + return new KeyParameter(dKey, 0, keySize); + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/generators/Pkcs5S1ParametersGenerator.cs b/BouncyCastle/crypto/src/crypto/generators/Pkcs5S1ParametersGenerator.cs new file mode 100644 index 0000000..9b39a5f --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/generators/Pkcs5S1ParametersGenerator.cs @@ -0,0 +1,160 @@ +using System; + +using Org.BouncyCastle.Crypto; +using Org.BouncyCastle.Crypto.Digests; +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Math; +using Org.BouncyCastle.Security; + +namespace Org.BouncyCastle.Crypto.Generators +{ + /** + * Generator for Pbe derived keys and ivs as defined by Pkcs 5 V2.0 Scheme 1. + * Note this generator is limited to the size of the hash produced by the + * digest used to drive it. + *

+ * The document this implementation is based on can be found at + * + * RSA's Pkcs5 Page + *

+ */ + public class Pkcs5S1ParametersGenerator + : PbeParametersGenerator + { + private readonly IDigest digest; + + /** + * Construct a Pkcs 5 Scheme 1 Parameters generator. + * + * @param digest the digest to be used as the source of derived keys. + */ + public Pkcs5S1ParametersGenerator( + IDigest digest) + { + this.digest = digest; + } + + /** + * the derived key function, the ith hash of the mPassword and the mSalt. + */ + private byte[] GenerateDerivedKey() + { + byte[] digestBytes = new byte[digest.GetDigestSize()]; + + digest.BlockUpdate(mPassword, 0, mPassword.Length); + digest.BlockUpdate(mSalt, 0, mSalt.Length); + + digest.DoFinal(digestBytes, 0); + for (int i = 1; i < mIterationCount; i++) + { + digest.BlockUpdate(digestBytes, 0, digestBytes.Length); + digest.DoFinal(digestBytes, 0); + } + + return digestBytes; + } + + /** + * Generate a key parameter derived from the mPassword, mSalt, and iteration + * count we are currently initialised with. + * + * @param keySize the size of the key we want (in bits) + * @return a KeyParameter object. + * @exception ArgumentException if the key length larger than the base hash size. + */ + public override ICipherParameters GenerateDerivedParameters( + int keySize) + { + return GenerateDerivedMacParameters(keySize); + } + + public override ICipherParameters GenerateDerivedParameters( + string algorithm, + int keySize) + { + keySize /= 8; + + if (keySize > digest.GetDigestSize()) + { + throw new ArgumentException( + "Can't Generate a derived key " + keySize + " bytes long."); + } + + byte[] dKey = GenerateDerivedKey(); + + return ParameterUtilities.CreateKeyParameter(algorithm, dKey, 0, keySize); + } + + /** + * Generate a key with initialisation vector parameter derived from + * the mPassword, mSalt, and iteration count we are currently initialised + * with. + * + * @param keySize the size of the key we want (in bits) + * @param ivSize the size of the iv we want (in bits) + * @return a ParametersWithIV object. + * @exception ArgumentException if keySize + ivSize is larger than the base hash size. + */ + public override ICipherParameters GenerateDerivedParameters( + int keySize, + int ivSize) + { + keySize /= 8; + ivSize /= 8; + + if ((keySize + ivSize) > digest.GetDigestSize()) + { + throw new ArgumentException( + "Can't Generate a derived key " + (keySize + ivSize) + " bytes long."); + } + + byte[] dKey = GenerateDerivedKey(); + + return new ParametersWithIV(new KeyParameter(dKey, 0, keySize), dKey, keySize, ivSize); + } + + public override ICipherParameters GenerateDerivedParameters( + string algorithm, + int keySize, + int ivSize) + { + keySize /= 8; + ivSize /= 8; + + if ((keySize + ivSize) > digest.GetDigestSize()) + { + throw new ArgumentException( + "Can't Generate a derived key " + (keySize + ivSize) + " bytes long."); + } + + byte[] dKey = GenerateDerivedKey(); + KeyParameter key = ParameterUtilities.CreateKeyParameter(algorithm, dKey, 0, keySize); + + return new ParametersWithIV(key, dKey, keySize, ivSize); + } + + /** + * Generate a key parameter for use with a MAC derived from the mPassword, + * mSalt, and iteration count we are currently initialised with. + * + * @param keySize the size of the key we want (in bits) + * @return a KeyParameter object. + * @exception ArgumentException if the key length larger than the base hash size. + */ + public override ICipherParameters GenerateDerivedMacParameters( + int keySize) + { + keySize /= 8; + + if (keySize > digest.GetDigestSize()) + { + throw new ArgumentException( + "Can't Generate a derived key " + keySize + " bytes long."); + } + + byte[] dKey = GenerateDerivedKey(); + + return new KeyParameter(dKey, 0, keySize); + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/generators/Pkcs5S2ParametersGenerator.cs b/BouncyCastle/crypto/src/crypto/generators/Pkcs5S2ParametersGenerator.cs new file mode 100644 index 0000000..0b0caa0 --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/generators/Pkcs5S2ParametersGenerator.cs @@ -0,0 +1,178 @@ +using System; + +using Org.BouncyCastle.Crypto; +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Crypto.Digests; +using Org.BouncyCastle.Crypto.Macs; +using Org.BouncyCastle.Crypto.Utilities; +using Org.BouncyCastle.Math; +using Org.BouncyCastle.Security; + +namespace Org.BouncyCastle.Crypto.Generators +{ + /** + * Generator for Pbe derived keys and ivs as defined by Pkcs 5 V2.0 Scheme 2. + * This generator uses a SHA-1 HMac as the calculation function. + *

+ * The document this implementation is based on can be found at + * + * RSA's Pkcs5 Page

+ */ + public class Pkcs5S2ParametersGenerator + : PbeParametersGenerator + { + private readonly IMac hMac; + private readonly byte[] state; + + /** + * construct a Pkcs5 Scheme 2 Parameters generator. + */ + public Pkcs5S2ParametersGenerator() + : this(new Sha1Digest()) + { + } + + public Pkcs5S2ParametersGenerator(IDigest digest) + { + this.hMac = new HMac(digest); + this.state = new byte[hMac.GetMacSize()]; + } + + private void F( + byte[] S, + int c, + byte[] iBuf, + byte[] outBytes, + int outOff) + { + if (c == 0) + throw new ArgumentException("iteration count must be at least 1."); + + if (S != null) + { + hMac.BlockUpdate(S, 0, S.Length); + } + + hMac.BlockUpdate(iBuf, 0, iBuf.Length); + hMac.DoFinal(state, 0); + + Array.Copy(state, 0, outBytes, outOff, state.Length); + + for (int count = 1; count < c; ++count) + { + hMac.BlockUpdate(state, 0, state.Length); + hMac.DoFinal(state, 0); + + for (int j = 0; j < state.Length; ++j) + { + outBytes[outOff + j] ^= state[j]; + } + } + } + + private byte[] GenerateDerivedKey( + int dkLen) + { + int hLen = hMac.GetMacSize(); + int l = (dkLen + hLen - 1) / hLen; + byte[] iBuf = new byte[4]; + byte[] outBytes = new byte[l * hLen]; + int outPos = 0; + + ICipherParameters param = new KeyParameter(mPassword); + + hMac.Init(param); + + for (int i = 1; i <= l; i++) + { + // Increment the value in 'iBuf' + int pos = 3; + while (++iBuf[pos] == 0) + { + --pos; + } + + F(mSalt, mIterationCount, iBuf, outBytes, outPos); + outPos += hLen; + } + + return outBytes; + } + + /** + * Generate a key parameter derived from the password, salt, and iteration + * count we are currently initialised with. + * + * @param keySize the size of the key we want (in bits) + * @return a KeyParameter object. + */ + public override ICipherParameters GenerateDerivedParameters( + int keySize) + { + return GenerateDerivedMacParameters(keySize); + } + + public override ICipherParameters GenerateDerivedParameters( + string algorithm, + int keySize) + { + keySize /= 8; + + byte[] dKey = GenerateDerivedKey(keySize); + + return ParameterUtilities.CreateKeyParameter(algorithm, dKey, 0, keySize); + } + + /** + * Generate a key with initialisation vector parameter derived from + * the password, salt, and iteration count we are currently initialised + * with. + * + * @param keySize the size of the key we want (in bits) + * @param ivSize the size of the iv we want (in bits) + * @return a ParametersWithIV object. + */ + public override ICipherParameters GenerateDerivedParameters( + int keySize, + int ivSize) + { + keySize /= 8; + ivSize /= 8; + + byte[] dKey = GenerateDerivedKey(keySize + ivSize); + + return new ParametersWithIV(new KeyParameter(dKey, 0, keySize), dKey, keySize, ivSize); + } + + public override ICipherParameters GenerateDerivedParameters( + string algorithm, + int keySize, + int ivSize) + { + keySize /= 8; + ivSize /= 8; + + byte[] dKey = GenerateDerivedKey(keySize + ivSize); + KeyParameter key = ParameterUtilities.CreateKeyParameter(algorithm, dKey, 0, keySize); + + return new ParametersWithIV(key, dKey, keySize, ivSize); + } + + /** + * Generate a key parameter for use with a MAC derived from the password, + * salt, and iteration count we are currently initialised with. + * + * @param keySize the size of the key we want (in bits) + * @return a KeyParameter object. + */ + public override ICipherParameters GenerateDerivedMacParameters( + int keySize) + { + keySize /= 8; + + byte[] dKey = GenerateDerivedKey(keySize); + + return new KeyParameter(dKey, 0, keySize); + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/generators/Poly1305KeyGenerator.cs b/BouncyCastle/crypto/src/crypto/generators/Poly1305KeyGenerator.cs new file mode 100644 index 0000000..cdb24bf --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/generators/Poly1305KeyGenerator.cs @@ -0,0 +1,116 @@ +using System; + +using Org.BouncyCastle.Crypto; +using Org.BouncyCastle.Crypto.Macs; +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Math; + +namespace Org.BouncyCastle.Crypto.Generators +{ + /// + /// Generates keys for the Poly1305 MAC. + /// + /// + /// Poly1305 keys are 256 bit keys consisting of a 128 bit secret key used for the underlying block + /// cipher followed by a 128 bit {@code r} value used for the polynomial portion of the Mac.
+ /// The {@code r} value has a specific format with some bits required to be cleared, resulting in an + /// effective 106 bit key.
+ /// A separately generated 256 bit key can be modified to fit the Poly1305 key format by using the + /// {@link #clamp(byte[])} method to clear the required bits. + /// + /// + public class Poly1305KeyGenerator + : CipherKeyGenerator + { + private const byte R_MASK_LOW_2 = (byte)0xFC; + private const byte R_MASK_HIGH_4 = (byte)0x0F; + + /// + /// Initialises the key generator. + /// + /// + /// Poly1305 keys are always 256 bits, so the key length in the provided parameters is ignored. + /// + protected override void engineInit(KeyGenerationParameters param) + { + // Poly1305 keys are always 256 bits + this.random = param.Random; + this.strength = 32; + } + + /// + /// Generates a 256 bit key in the format required for Poly1305 - e.g. + /// k[0] ... k[15], r[0] ... r[15] with the required bits in r cleared + /// as per . + /// + protected override byte[] engineGenerateKey() + { + byte[] key = base.engineGenerateKey(); + Clamp(key); + return key; + } + + /// + /// Modifies an existing 32 byte key value to comply with the requirements of the Poly1305 key by + /// clearing required bits in the r (second 16 bytes) portion of the key.
+ /// Specifically: + ///
    + ///
  • r[3], r[7], r[11], r[15] have top four bits clear (i.e., are {0, 1, . . . , 15})
    • + ///
  • r[4], r[8], r[12] have bottom two bits clear (i.e., are in {0, 4, 8, . . . , 252})
    • + ///
+ /// + /// a 32 byte key value k[0] ... k[15], r[0] ... r[15] + public static void Clamp(byte[] key) + { + /* + * Key is k[0] ... k[15], r[0] ... r[15] as per poly1305_aes_clamp in ref impl. + */ + if (key.Length != 32) + throw new ArgumentException("Poly1305 key must be 256 bits."); + + /* + * r[3], r[7], r[11], r[15] have top four bits clear (i.e., are {0, 1, . . . , 15}) + */ + key[3] &= R_MASK_HIGH_4; + key[7] &= R_MASK_HIGH_4; + key[11] &= R_MASK_HIGH_4; + key[15] &= R_MASK_HIGH_4; + + /* + * r[4], r[8], r[12] have bottom two bits clear (i.e., are in {0, 4, 8, . . . , 252}). + */ + key[4] &= R_MASK_LOW_2; + key[8] &= R_MASK_LOW_2; + key[12] &= R_MASK_LOW_2; + } + + /// + /// Checks a 32 byte key for compliance with the Poly1305 key requirements, e.g. + /// k[0] ... k[15], r[0] ... r[15] with the required bits in r cleared + /// as per . + /// + /// Key. + /// if the key is of the wrong length, or has invalid bits set + /// in the r portion of the key. + public static void CheckKey(byte[] key) + { + if (key.Length != 32) + throw new ArgumentException("Poly1305 key must be 256 bits."); + + CheckMask(key[3], R_MASK_HIGH_4); + CheckMask(key[7], R_MASK_HIGH_4); + CheckMask(key[11], R_MASK_HIGH_4); + CheckMask(key[15], R_MASK_HIGH_4); + + CheckMask(key[4], R_MASK_LOW_2); + CheckMask(key[8], R_MASK_LOW_2); + CheckMask(key[12], R_MASK_LOW_2); + } + + private static void CheckMask(byte b, byte mask) + { + if ((b & (~mask)) != 0) + throw new ArgumentException("Invalid format for r portion of Poly1305 key."); + } + } +} \ No newline at end of file diff --git a/BouncyCastle/crypto/src/crypto/generators/RSABlindingFactorGenerator.cs b/BouncyCastle/crypto/src/crypto/generators/RSABlindingFactorGenerator.cs new file mode 100644 index 0000000..e2f63fa --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/generators/RSABlindingFactorGenerator.cs @@ -0,0 +1,69 @@ +using System; + +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Math; +using Org.BouncyCastle.Security; + +namespace Org.BouncyCastle.Crypto.Generators +{ + /** + * Generate a random factor suitable for use with RSA blind signatures + * as outlined in Chaum's blinding and unblinding as outlined in + * "Handbook of Applied Cryptography", page 475. + */ + public class RsaBlindingFactorGenerator + { + private RsaKeyParameters key; + private SecureRandom random; + + /** + * Initialise the factor generator + * + * @param param the necessary RSA key parameters. + */ + public void Init( + ICipherParameters param) + { + if (param is ParametersWithRandom) + { + ParametersWithRandom rParam = (ParametersWithRandom)param; + + key = (RsaKeyParameters)rParam.Parameters; + random = rParam.Random; + } + else + { + key = (RsaKeyParameters)param; + random = new SecureRandom(); + } + + if (key.IsPrivate) + throw new ArgumentException("generator requires RSA public key"); + } + + /** + * Generate a suitable blind factor for the public key the generator was initialised with. + * + * @return a random blind factor + */ + public BigInteger GenerateBlindingFactor() + { + if (key == null) + throw new InvalidOperationException("generator not initialised"); + + BigInteger m = key.Modulus; + int length = m.BitLength - 1; // must be less than m.BitLength + BigInteger factor; + BigInteger gcd; + + do + { + factor = new BigInteger(length, random); + gcd = factor.Gcd(m); + } + while (factor.SignValue == 0 || factor.Equals(BigInteger.One) || !gcd.Equals(BigInteger.One)); + + return factor; + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/generators/RsaKeyPairGenerator.cs b/BouncyCastle/crypto/src/crypto/generators/RsaKeyPairGenerator.cs new file mode 100644 index 0000000..78c9eb1 --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/generators/RsaKeyPairGenerator.cs @@ -0,0 +1,163 @@ +using System; + +using Org.BouncyCastle.Crypto; +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Math; +using Org.BouncyCastle.Math.EC.Multiplier; +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Crypto.Generators +{ + /** + * an RSA key pair generator. + */ + public class RsaKeyPairGenerator + : IAsymmetricCipherKeyPairGenerator + { + private static readonly int[] SPECIAL_E_VALUES = new int[]{ 3, 5, 17, 257, 65537 }; + private static readonly int SPECIAL_E_HIGHEST = SPECIAL_E_VALUES[SPECIAL_E_VALUES.Length - 1]; + private static readonly int SPECIAL_E_BITS = BigInteger.ValueOf(SPECIAL_E_HIGHEST).BitLength; + + protected static readonly BigInteger One = BigInteger.One; + protected static readonly BigInteger DefaultPublicExponent = BigInteger.ValueOf(0x10001); + protected const int DefaultTests = 100; + + protected RsaKeyGenerationParameters parameters; + + public virtual void Init( + KeyGenerationParameters parameters) + { + if (parameters is RsaKeyGenerationParameters) + { + this.parameters = (RsaKeyGenerationParameters)parameters; + } + else + { + this.parameters = new RsaKeyGenerationParameters( + DefaultPublicExponent, parameters.Random, parameters.Strength, DefaultTests); + } + } + + public virtual AsymmetricCipherKeyPair GenerateKeyPair() + { + for (;;) + { + // + // p and q values should have a length of half the strength in bits + // + int strength = parameters.Strength; + int pBitlength = (strength + 1) / 2; + int qBitlength = strength - pBitlength; + int mindiffbits = strength / 3; + int minWeight = strength >> 2; + + BigInteger e = parameters.PublicExponent; + + // TODO Consider generating safe primes for p, q (see DHParametersHelper.generateSafePrimes) + // (then p-1 and q-1 will not consist of only small factors - see "Pollard's algorithm") + + BigInteger p = ChooseRandomPrime(pBitlength, e); + BigInteger q, n; + + // + // generate a modulus of the required length + // + for (;;) + { + q = ChooseRandomPrime(qBitlength, e); + + // p and q should not be too close together (or equal!) + BigInteger diff = q.Subtract(p).Abs(); + if (diff.BitLength < mindiffbits) + continue; + + // + // calculate the modulus + // + n = p.Multiply(q); + + if (n.BitLength != strength) + { + // + // if we get here our primes aren't big enough, make the largest + // of the two p and try again + // + p = p.Max(q); + continue; + } + + /* + * Require a minimum weight of the NAF representation, since low-weight composites may + * be weak against a version of the number-field-sieve for factoring. + * + * See "The number field sieve for integers of low weight", Oliver Schirokauer. + */ + if (WNafUtilities.GetNafWeight(n) < minWeight) + { + p = ChooseRandomPrime(pBitlength, e); + continue; + } + + break; + } + + if (p.CompareTo(q) < 0) + { + BigInteger tmp = p; + p = q; + q = tmp; + } + + BigInteger pSub1 = p.Subtract(One); + BigInteger qSub1 = q.Subtract(One); + //BigInteger phi = pSub1.Multiply(qSub1); + BigInteger gcd = pSub1.Gcd(qSub1); + BigInteger lcm = pSub1.Divide(gcd).Multiply(qSub1); + + // + // calculate the private exponent + // + BigInteger d = e.ModInverse(lcm); + + if (d.BitLength <= qBitlength) + continue; + + // + // calculate the CRT factors + // + BigInteger dP = d.Remainder(pSub1); + BigInteger dQ = d.Remainder(qSub1); + BigInteger qInv = BigIntegers.ModOddInverse(p, q); + + return new AsymmetricCipherKeyPair( + new RsaKeyParameters(false, n, e), + new RsaPrivateCrtKeyParameters(n, e, d, p, q, dP, dQ, qInv)); + } + } + + /// Choose a random prime value for use with RSA + /// the bit-length of the returned prime + /// the RSA public exponent + /// a prime p, with (p-1) relatively prime to e + protected virtual BigInteger ChooseRandomPrime(int bitlength, BigInteger e) + { + bool eIsKnownOddPrime = (e.BitLength <= SPECIAL_E_BITS) && Arrays.Contains(SPECIAL_E_VALUES, e.IntValue); + + for (;;) + { + BigInteger p = new BigInteger(bitlength, 1, parameters.Random); + + if (p.Mod(e).Equals(One)) + continue; + + if (!p.IsProbablePrime(parameters.Certainty, true)) + continue; + + if (!eIsKnownOddPrime && !e.Gcd(p.Subtract(One)).Equals(One)) + continue; + + return p; + } + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/generators/SCrypt.cs b/BouncyCastle/crypto/src/crypto/generators/SCrypt.cs new file mode 100644 index 0000000..0753820 --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/generators/SCrypt.cs @@ -0,0 +1,210 @@ +using System; +using System.Diagnostics; + +using Org.BouncyCastle.Crypto.Digests; +using Org.BouncyCastle.Crypto.Engines; +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Crypto.Utilities; +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Crypto.Generators +{ + /// Implementation of the scrypt a password-based key derivation function. + /// + /// Scrypt was created by Colin Percival and is specified in + /// draft-josefsson-scrypt-kd. + /// + public class SCrypt + { + /// Generate a key using the scrypt key derivation function. + /// the bytes of the pass phrase. + /// the salt to use for this invocation. + /// CPU/Memory cost parameter. Must be larger than 1, a power of 2 and less than + /// 2^(128 * r / 8). + /// the block size, must be >= 1. + /// Parallelization parameter. Must be a positive integer less than or equal to + /// Int32.MaxValue / (128 * r * 8). + /// the length of the key to generate. + /// the generated key. + public static byte[] Generate(byte[] P, byte[] S, int N, int r, int p, int dkLen) + { + if (P == null) + throw new ArgumentNullException("Passphrase P must be provided."); + if (S == null) + throw new ArgumentNullException("Salt S must be provided."); + if (N <= 1 || !IsPowerOf2(N)) + throw new ArgumentException("Cost parameter N must be > 1 and a power of 2."); + // Only value of r that cost (as an int) could be exceeded for is 1 + if (r == 1 && N >= 65536) + throw new ArgumentException("Cost parameter N must be > 1 and < 65536."); + if (r < 1) + throw new ArgumentException("Block size r must be >= 1."); + int maxParallel = Int32.MaxValue / (128 * r * 8); + if (p < 1 || p > maxParallel) + { + throw new ArgumentException("Parallelisation parameter p must be >= 1 and <= " + maxParallel + + " (based on block size r of " + r + ")"); + } + if (dkLen < 1) + throw new ArgumentException("Generated key length dkLen must be >= 1."); + + return MFcrypt(P, S, N, r, p, dkLen); + } + + private static byte[] MFcrypt(byte[] P, byte[] S, int N, int r, int p, int dkLen) + { + int MFLenBytes = r * 128; + byte[] bytes = SingleIterationPBKDF2(P, S, p * MFLenBytes); + + uint[] B = null; + + try + { + int BLen = bytes.Length >> 2; + B = new uint[BLen]; + + Pack.LE_To_UInt32(bytes, 0, B); + + /* + * Chunk memory allocations; We choose 'd' so that there will be 2**d chunks, each not + * larger than 32KiB, except that the minimum chunk size is 2 * r * 32. + */ + int d = 0, total = N * r; + while ((N - d) > 2 && total > (1 << 10)) + { + ++d; + total >>= 1; + } + + int MFLenWords = MFLenBytes >> 2; + for (int BOff = 0; BOff < BLen; BOff += MFLenWords) + { + // TODO These can be done in parallel threads + SMix(B, BOff, N, d, r); + } + + Pack.UInt32_To_LE(B, bytes, 0); + + return SingleIterationPBKDF2(P, bytes, dkLen); + } + finally + { + ClearAll(bytes, B); + } + } + + private static byte[] SingleIterationPBKDF2(byte[] P, byte[] S, int dkLen) + { + PbeParametersGenerator pGen = new Pkcs5S2ParametersGenerator(new Sha256Digest()); + pGen.Init(P, S, 1); + KeyParameter key = (KeyParameter)pGen.GenerateDerivedMacParameters(dkLen * 8); + return key.GetKey(); + } + + private static void SMix(uint[] B, int BOff, int N, int d, int r) + { + int powN = Integers.NumberOfTrailingZeros(N); + int blocksPerChunk = N >> d; + int chunkCount = 1 << d, chunkMask = blocksPerChunk - 1, chunkPow = powN - d; + + int BCount = r * 32; + + uint[] blockX1 = new uint[16]; + uint[] blockX2 = new uint[16]; + uint[] blockY = new uint[BCount]; + + uint[] X = new uint[BCount]; + uint[][] VV = new uint[chunkCount][]; + + try + { + Array.Copy(B, BOff, X, 0, BCount); + + for (int c = 0; c < chunkCount; ++c) + { + uint[] V = new uint[blocksPerChunk * BCount]; + VV[c] = V; + + int off = 0; + for (int i = 0; i < blocksPerChunk; i += 2) + { + Array.Copy(X, 0, V, off, BCount); + off += BCount; + BlockMix(X, blockX1, blockX2, blockY, r); + Array.Copy(blockY, 0, V, off, BCount); + off += BCount; + BlockMix(blockY, blockX1, blockX2, X, r); + } + } + + uint mask = (uint)N - 1; + for (int i = 0; i < N; ++i) + { + int j = (int)(X[BCount - 16] & mask); + uint[] V = VV[j >> chunkPow]; + int VOff = (j & chunkMask) * BCount; + Array.Copy(V, VOff, blockY, 0, BCount); + Xor(blockY, X, 0, blockY); + BlockMix(blockY, blockX1, blockX2, X, r); + } + + Array.Copy(X, 0, B, BOff, BCount); + } + finally + { + ClearAll(VV); + ClearAll(X, blockX1, blockX2, blockY); + } + } + + private static void BlockMix(uint[] B, uint[] X1, uint[] X2, uint[] Y, int r) + { + Array.Copy(B, B.Length - 16, X1, 0, 16); + + int BOff = 0, YOff = 0, halfLen = B.Length >> 1; + + for (int i = 2 * r; i > 0; --i) + { + Xor(X1, B, BOff, X2); + + Salsa20Engine.SalsaCore(8, X2, X1); + Array.Copy(X1, 0, Y, YOff, 16); + + YOff = halfLen + BOff - YOff; + BOff += 16; + } + } + + private static void Xor(uint[] a, uint[] b, int bOff, uint[] output) + { + for (int i = output.Length - 1; i >= 0; --i) + { + output[i] = a[i] ^ b[bOff + i]; + } + } + + private static void Clear(Array array) + { + if (array != null) + { + Array.Clear(array, 0, array.Length); + } + } + + private static void ClearAll(params Array[] arrays) + { + foreach (Array array in arrays) + { + Clear(array); + } + } + + // note: we know X is non-zero + private static bool IsPowerOf2(int x) + { + Debug.Assert(x != 0); + + return (x & (x - 1)) == 0; + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/generators/X25519KeyPairGenerator.cs b/BouncyCastle/crypto/src/crypto/generators/X25519KeyPairGenerator.cs new file mode 100644 index 0000000..9437844 --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/generators/X25519KeyPairGenerator.cs @@ -0,0 +1,25 @@ +using System; + +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Security; + +namespace Org.BouncyCastle.Crypto.Generators +{ + public class X25519KeyPairGenerator + : IAsymmetricCipherKeyPairGenerator + { + private SecureRandom random; + + public virtual void Init(KeyGenerationParameters parameters) + { + this.random = parameters.Random; + } + + public virtual AsymmetricCipherKeyPair GenerateKeyPair() + { + X25519PrivateKeyParameters privateKey = new X25519PrivateKeyParameters(random); + X25519PublicKeyParameters publicKey = privateKey.GeneratePublicKey(); + return new AsymmetricCipherKeyPair(publicKey, privateKey); + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/generators/X448KeyPairGenerator.cs b/BouncyCastle/crypto/src/crypto/generators/X448KeyPairGenerator.cs new file mode 100644 index 0000000..4a203e4 --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/generators/X448KeyPairGenerator.cs @@ -0,0 +1,25 @@ +using System; + +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Security; + +namespace Org.BouncyCastle.Crypto.Generators +{ + public class X448KeyPairGenerator + : IAsymmetricCipherKeyPairGenerator + { + private SecureRandom random; + + public virtual void Init(KeyGenerationParameters parameters) + { + this.random = parameters.Random; + } + + public virtual AsymmetricCipherKeyPair GenerateKeyPair() + { + X448PrivateKeyParameters privateKey = new X448PrivateKeyParameters(random); + X448PublicKeyParameters publicKey = privateKey.GeneratePublicKey(); + return new AsymmetricCipherKeyPair(publicKey, privateKey); + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/io/CipherStream.cs b/BouncyCastle/crypto/src/crypto/io/CipherStream.cs new file mode 100644 index 0000000..b5e6830 --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/io/CipherStream.cs @@ -0,0 +1,252 @@ +using System; +using System.Diagnostics; +using System.IO; + +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Crypto.IO +{ + public class CipherStream + : Stream + { + internal Stream stream; + internal IBufferedCipher inCipher, outCipher; + private byte[] mInBuf; + private int mInPos; + private bool inStreamEnded; + + public CipherStream( + Stream stream, + IBufferedCipher readCipher, + IBufferedCipher writeCipher) + { + this.stream = stream; + + if (readCipher != null) + { + this.inCipher = readCipher; + mInBuf = null; + } + + if (writeCipher != null) + { + this.outCipher = writeCipher; + } + } + + public IBufferedCipher ReadCipher + { + get { return inCipher; } + } + + public IBufferedCipher WriteCipher + { + get { return outCipher; } + } + + public override int ReadByte() + { + if (inCipher == null) + return stream.ReadByte(); + + if (mInBuf == null || mInPos >= mInBuf.Length) + { + if (!FillInBuf()) + return -1; + } + + return mInBuf[mInPos++]; + } + + public override int Read( + byte[] buffer, + int offset, + int count) + { + if (inCipher == null) + return stream.Read(buffer, offset, count); + + int num = 0; + while (num < count) + { + if (mInBuf == null || mInPos >= mInBuf.Length) + { + if (!FillInBuf()) + break; + } + + int numToCopy = System.Math.Min(count - num, mInBuf.Length - mInPos); + Array.Copy(mInBuf, mInPos, buffer, offset + num, numToCopy); + mInPos += numToCopy; + num += numToCopy; + } + + return num; + } + + private bool FillInBuf() + { + if (inStreamEnded) + return false; + + mInPos = 0; + + do + { + mInBuf = ReadAndProcessBlock(); + } + while (!inStreamEnded && mInBuf == null); + + return mInBuf != null; + } + + private byte[] ReadAndProcessBlock() + { + int blockSize = inCipher.GetBlockSize(); + int readSize = (blockSize == 0) ? 256 : blockSize; + + byte[] block = new byte[readSize]; + int numRead = 0; + do + { + int count = stream.Read(block, numRead, block.Length - numRead); + if (count < 1) + { + inStreamEnded = true; + break; + } + numRead += count; + } + while (numRead < block.Length); + + Debug.Assert(inStreamEnded || numRead == block.Length); + + byte[] bytes = inStreamEnded + ? inCipher.DoFinal(block, 0, numRead) + : inCipher.ProcessBytes(block); + + if (bytes != null && bytes.Length == 0) + { + bytes = null; + } + + return bytes; + } + + public override void Write( + byte[] buffer, + int offset, + int count) + { + Debug.Assert(buffer != null); + Debug.Assert(0 <= offset && offset <= buffer.Length); + Debug.Assert(count >= 0); + + int end = offset + count; + + Debug.Assert(0 <= end && end <= buffer.Length); + + if (outCipher == null) + { + stream.Write(buffer, offset, count); + return; + } + + byte[] data = outCipher.ProcessBytes(buffer, offset, count); + if (data != null) + { + stream.Write(data, 0, data.Length); + } + } + + public override void WriteByte( + byte b) + { + if (outCipher == null) + { + stream.WriteByte(b); + return; + } + + byte[] data = outCipher.ProcessByte(b); + if (data != null) + { + stream.Write(data, 0, data.Length); + } + } + + public override bool CanRead + { + get { return stream.CanRead && (inCipher != null); } + } + + public override bool CanWrite + { + get { return stream.CanWrite && (outCipher != null); } + } + + public override bool CanSeek + { + get { return false; } + } + + public sealed override long Length + { + get { throw new NotSupportedException(); } + } + + public sealed override long Position + { + get { throw new NotSupportedException(); } + set { throw new NotSupportedException(); } + } + +#if PORTABLE + protected override void Dispose(bool disposing) + { + if (disposing) + { + if (outCipher != null) + { + byte[] data = outCipher.DoFinal(); + stream.Write(data, 0, data.Length); + stream.Flush(); + } + Platform.Dispose(stream); + } + base.Dispose(disposing); + } +#else + public override void Close() + { + if (outCipher != null) + { + byte[] data = outCipher.DoFinal(); + stream.Write(data, 0, data.Length); + stream.Flush(); + } + Platform.Dispose(stream); + base.Close(); + } +#endif + + public override void Flush() + { + // Note: outCipher.DoFinal is only called during Close() + stream.Flush(); + } + + public sealed override long Seek( + long offset, + SeekOrigin origin) + { + throw new NotSupportedException(); + } + + public sealed override void SetLength( + long length) + { + throw new NotSupportedException(); + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/io/DigestSink.cs b/BouncyCastle/crypto/src/crypto/io/DigestSink.cs new file mode 100644 index 0000000..98307e5 --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/io/DigestSink.cs @@ -0,0 +1,35 @@ +using System; + +using Org.BouncyCastle.Utilities.IO; + +namespace Org.BouncyCastle.Crypto.IO +{ + public class DigestSink + : BaseOutputStream + { + private readonly IDigest mDigest; + + public DigestSink(IDigest digest) + { + this.mDigest = digest; + } + + public virtual IDigest Digest + { + get { return mDigest; } + } + + public override void WriteByte(byte b) + { + mDigest.Update(b); + } + + public override void Write(byte[] buf, int off, int len) + { + if (len > 0) + { + mDigest.BlockUpdate(buf, off, len); + } + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/io/DigestStream.cs b/BouncyCastle/crypto/src/crypto/io/DigestStream.cs new file mode 100644 index 0000000..dce8757 --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/io/DigestStream.cs @@ -0,0 +1,151 @@ +using System; +using System.IO; + +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Crypto.IO +{ + public class DigestStream + : Stream + { + protected readonly Stream stream; + protected readonly IDigest inDigest; + protected readonly IDigest outDigest; + + public DigestStream( + Stream stream, + IDigest readDigest, + IDigest writeDigest) + { + this.stream = stream; + this.inDigest = readDigest; + this.outDigest = writeDigest; + } + + public virtual IDigest ReadDigest() + { + return inDigest; + } + + public virtual IDigest WriteDigest() + { + return outDigest; + } + + public override int Read( + byte[] buffer, + int offset, + int count) + { + int n = stream.Read(buffer, offset, count); + if (inDigest != null) + { + if (n > 0) + { + inDigest.BlockUpdate(buffer, offset, n); + } + } + return n; + } + + public override int ReadByte() + { + int b = stream.ReadByte(); + if (inDigest != null) + { + if (b >= 0) + { + inDigest.Update((byte)b); + } + } + return b; + } + + public override void Write( + byte[] buffer, + int offset, + int count) + { + if (outDigest != null) + { + if (count > 0) + { + outDigest.BlockUpdate(buffer, offset, count); + } + } + stream.Write(buffer, offset, count); + } + + public override void WriteByte( + byte b) + { + if (outDigest != null) + { + outDigest.Update(b); + } + stream.WriteByte(b); + } + + public override bool CanRead + { + get { return stream.CanRead; } + } + + public override bool CanWrite + { + get { return stream.CanWrite; } + } + + public override bool CanSeek + { + get { return stream.CanSeek; } + } + + public override long Length + { + get { return stream.Length; } + } + + public override long Position + { + get { return stream.Position; } + set { stream.Position = value; } + } + +#if PORTABLE + protected override void Dispose(bool disposing) + { + if (disposing) + { + Platform.Dispose(stream); + } + base.Dispose(disposing); + } +#else + public override void Close() + { + Platform.Dispose(stream); + base.Close(); + } +#endif + + public override void Flush() + { + stream.Flush(); + } + + public override long Seek( + long offset, + SeekOrigin origin) + { + return stream.Seek(offset, origin); + } + + public override void SetLength( + long length) + { + stream.SetLength(length); + } + } +} + diff --git a/BouncyCastle/crypto/src/crypto/io/MacSink.cs b/BouncyCastle/crypto/src/crypto/io/MacSink.cs new file mode 100644 index 0000000..c4fe716 --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/io/MacSink.cs @@ -0,0 +1,35 @@ +using System; + +using Org.BouncyCastle.Utilities.IO; + +namespace Org.BouncyCastle.Crypto.IO +{ + public class MacSink + : BaseOutputStream + { + private readonly IMac mMac; + + public MacSink(IMac mac) + { + this.mMac = mac; + } + + public virtual IMac Mac + { + get { return mMac; } + } + + public override void WriteByte(byte b) + { + mMac.Update(b); + } + + public override void Write(byte[] buf, int off, int len) + { + if (len > 0) + { + mMac.BlockUpdate(buf, off, len); + } + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/io/MacStream.cs b/BouncyCastle/crypto/src/crypto/io/MacStream.cs new file mode 100644 index 0000000..d9b8323 --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/io/MacStream.cs @@ -0,0 +1,150 @@ +using System; +using System.IO; + +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Crypto.IO +{ + public class MacStream + : Stream + { + protected readonly Stream stream; + protected readonly IMac inMac; + protected readonly IMac outMac; + + public MacStream( + Stream stream, + IMac readMac, + IMac writeMac) + { + this.stream = stream; + this.inMac = readMac; + this.outMac = writeMac; + } + + public virtual IMac ReadMac() + { + return inMac; + } + + public virtual IMac WriteMac() + { + return outMac; + } + + public override int Read( + byte[] buffer, + int offset, + int count) + { + int n = stream.Read(buffer, offset, count); + if (inMac != null) + { + if (n > 0) + { + inMac.BlockUpdate(buffer, offset, n); + } + } + return n; + } + + public override int ReadByte() + { + int b = stream.ReadByte(); + if (inMac != null) + { + if (b >= 0) + { + inMac.Update((byte)b); + } + } + return b; + } + + public override void Write( + byte[] buffer, + int offset, + int count) + { + if (outMac != null) + { + if (count > 0) + { + outMac.BlockUpdate(buffer, offset, count); + } + } + stream.Write(buffer, offset, count); + } + + public override void WriteByte(byte b) + { + if (outMac != null) + { + outMac.Update(b); + } + stream.WriteByte(b); + } + + public override bool CanRead + { + get { return stream.CanRead; } + } + + public override bool CanWrite + { + get { return stream.CanWrite; } + } + + public override bool CanSeek + { + get { return stream.CanSeek; } + } + + public override long Length + { + get { return stream.Length; } + } + + public override long Position + { + get { return stream.Position; } + set { stream.Position = value; } + } + +#if PORTABLE + protected override void Dispose(bool disposing) + { + if (disposing) + { + Platform.Dispose(stream); + } + base.Dispose(disposing); + } +#else + public override void Close() + { + Platform.Dispose(stream); + base.Close(); + } +#endif + + public override void Flush() + { + stream.Flush(); + } + + public override long Seek( + long offset, + SeekOrigin origin) + { + return stream.Seek(offset,origin); + } + + public override void SetLength( + long length) + { + stream.SetLength(length); + } + } +} + diff --git a/BouncyCastle/crypto/src/crypto/io/SignerSink.cs b/BouncyCastle/crypto/src/crypto/io/SignerSink.cs new file mode 100644 index 0000000..c9bd8b9 --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/io/SignerSink.cs @@ -0,0 +1,35 @@ +using System; + +using Org.BouncyCastle.Utilities.IO; + +namespace Org.BouncyCastle.Crypto.IO +{ + public class SignerSink + : BaseOutputStream + { + private readonly ISigner mSigner; + + public SignerSink(ISigner signer) + { + this.mSigner = signer; + } + + public virtual ISigner Signer + { + get { return mSigner; } + } + + public override void WriteByte(byte b) + { + mSigner.Update(b); + } + + public override void Write(byte[] buf, int off, int len) + { + if (len > 0) + { + mSigner.BlockUpdate(buf, off, len); + } + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/io/SignerStream.cs b/BouncyCastle/crypto/src/crypto/io/SignerStream.cs new file mode 100644 index 0000000..1e37c8d --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/io/SignerStream.cs @@ -0,0 +1,151 @@ +using System; +using System.IO; + +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Crypto.IO +{ + public class SignerStream + : Stream + { + protected readonly Stream stream; + protected readonly ISigner inSigner; + protected readonly ISigner outSigner; + + public SignerStream( + Stream stream, + ISigner readSigner, + ISigner writeSigner) + { + this.stream = stream; + this.inSigner = readSigner; + this.outSigner = writeSigner; + } + + public virtual ISigner ReadSigner() + { + return inSigner; + } + + public virtual ISigner WriteSigner() + { + return outSigner; + } + + public override int Read( + byte[] buffer, + int offset, + int count) + { + int n = stream.Read(buffer, offset, count); + if (inSigner != null) + { + if (n > 0) + { + inSigner.BlockUpdate(buffer, offset, n); + } + } + return n; + } + + public override int ReadByte() + { + int b = stream.ReadByte(); + if (inSigner != null) + { + if (b >= 0) + { + inSigner.Update((byte)b); + } + } + return b; + } + + public override void Write( + byte[] buffer, + int offset, + int count) + { + if (outSigner != null) + { + if (count > 0) + { + outSigner.BlockUpdate(buffer, offset, count); + } + } + stream.Write(buffer, offset, count); + } + + public override void WriteByte( + byte b) + { + if (outSigner != null) + { + outSigner.Update(b); + } + stream.WriteByte(b); + } + + public override bool CanRead + { + get { return stream.CanRead; } + } + + public override bool CanWrite + { + get { return stream.CanWrite; } + } + + public override bool CanSeek + { + get { return stream.CanSeek; } + } + + public override long Length + { + get { return stream.Length; } + } + + public override long Position + { + get { return stream.Position; } + set { stream.Position = value; } + } + +#if PORTABLE + protected override void Dispose(bool disposing) + { + if (disposing) + { + Platform.Dispose(stream); + } + base.Dispose(disposing); + } +#else + public override void Close() + { + Platform.Dispose(stream); + base.Close(); + } +#endif + + public override void Flush() + { + stream.Flush(); + } + + public override long Seek( + long offset, + SeekOrigin origin) + { + return stream.Seek(offset, origin); + } + + public override void SetLength( + long length) + { + stream.SetLength(length); + } + } +} + diff --git a/BouncyCastle/crypto/src/crypto/macs/CMac.cs b/BouncyCastle/crypto/src/crypto/macs/CMac.cs new file mode 100644 index 0000000..682c12b --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/macs/CMac.cs @@ -0,0 +1,257 @@ +using System; + +using Org.BouncyCastle.Crypto.Modes; +using Org.BouncyCastle.Crypto.Paddings; +using Org.BouncyCastle.Crypto.Parameters; + +namespace Org.BouncyCastle.Crypto.Macs +{ + /** + * CMAC - as specified at www.nuee.nagoya-u.ac.jp/labs/tiwata/omac/omac.html + *

+ * CMAC is analogous to OMAC1 - see also en.wikipedia.org/wiki/CMAC + *

+ * CMAC is a NIST recomendation - see + * csrc.nist.gov/CryptoToolkit/modes/800-38_Series_Publications/SP800-38B.pdf + *

+ * CMAC/OMAC1 is a blockcipher-based message authentication code designed and + * analyzed by Tetsu Iwata and Kaoru Kurosawa. + *

+ * CMAC/OMAC1 is a simple variant of the CBC MAC (Cipher Block Chaining Message + * Authentication Code). OMAC stands for One-Key CBC MAC. + *

+ * It supports 128- or 64-bits block ciphers, with any key size, and returns + * a MAC with dimension less or equal to the block size of the underlying + * cipher. + *

+ */ + public class CMac + : IMac + { + private const byte CONSTANT_128 = (byte)0x87; + private const byte CONSTANT_64 = (byte)0x1b; + + private byte[] ZEROES; + + private byte[] mac; + + private byte[] buf; + private int bufOff; + private IBlockCipher cipher; + + private int macSize; + + private byte[] L, Lu, Lu2; + + /** + * create a standard MAC based on a CBC block cipher (64 or 128 bit block). + * This will produce an authentication code the length of the block size + * of the cipher. + * + * @param cipher the cipher to be used as the basis of the MAC generation. + */ + public CMac( + IBlockCipher cipher) + : this(cipher, cipher.GetBlockSize() * 8) + { + } + + /** + * create a standard MAC based on a block cipher with the size of the + * MAC been given in bits. + *

+ * Note: the size of the MAC must be at least 24 bits (FIPS Publication 81), + * or 16 bits if being used as a data authenticator (FIPS Publication 113), + * and in general should be less than the size of the block cipher as it reduces + * the chance of an exhaustive attack (see Handbook of Applied Cryptography). + * + * @param cipher the cipher to be used as the basis of the MAC generation. + * @param macSizeInBits the size of the MAC in bits, must be a multiple of 8 and @lt;= 128. + */ + public CMac( + IBlockCipher cipher, + int macSizeInBits) + { + if ((macSizeInBits % 8) != 0) + throw new ArgumentException("MAC size must be multiple of 8"); + + if (macSizeInBits > (cipher.GetBlockSize() * 8)) + { + throw new ArgumentException( + "MAC size must be less or equal to " + + (cipher.GetBlockSize() * 8)); + } + + if (cipher.GetBlockSize() != 8 && cipher.GetBlockSize() != 16) + { + throw new ArgumentException( + "Block size must be either 64 or 128 bits"); + } + + this.cipher = new CbcBlockCipher(cipher); + this.macSize = macSizeInBits / 8; + + mac = new byte[cipher.GetBlockSize()]; + + buf = new byte[cipher.GetBlockSize()]; + + ZEROES = new byte[cipher.GetBlockSize()]; + + bufOff = 0; + } + + public string AlgorithmName + { + get { return cipher.AlgorithmName; } + } + + private static int ShiftLeft(byte[] block, byte[] output) + { + int i = block.Length; + uint bit = 0; + while (--i >= 0) + { + uint b = block[i]; + output[i] = (byte)((b << 1) | bit); + bit = (b >> 7) & 1; + } + return (int)bit; + } + + private static byte[] DoubleLu(byte[] input) + { + byte[] ret = new byte[input.Length]; + int carry = ShiftLeft(input, ret); + int xor = input.Length == 16 ? CONSTANT_128 : CONSTANT_64; + + /* + * NOTE: This construction is an attempt at a constant-time implementation. + */ + ret[input.Length - 1] ^= (byte)(xor >> ((1 - carry) << 3)); + + return ret; + } + + public void Init( + ICipherParameters parameters) + { + if (parameters is KeyParameter) + { + cipher.Init(true, parameters); + + //initializes the L, Lu, Lu2 numbers + L = new byte[ZEROES.Length]; + cipher.ProcessBlock(ZEROES, 0, L, 0); + Lu = DoubleLu(L); + Lu2 = DoubleLu(Lu); + } + else if (parameters != null) + { + // CMAC mode does not permit IV to underlying CBC mode + throw new ArgumentException("CMac mode only permits key to be set.", "parameters"); + } + + Reset(); + } + + public int GetMacSize() + { + return macSize; + } + + public void Update( + byte input) + { + if (bufOff == buf.Length) + { + cipher.ProcessBlock(buf, 0, mac, 0); + bufOff = 0; + } + + buf[bufOff++] = input; + } + + public void BlockUpdate( + byte[] inBytes, + int inOff, + int len) + { + if (len < 0) + throw new ArgumentException("Can't have a negative input length!"); + + int blockSize = cipher.GetBlockSize(); + int gapLen = blockSize - bufOff; + + if (len > gapLen) + { + Array.Copy(inBytes, inOff, buf, bufOff, gapLen); + + cipher.ProcessBlock(buf, 0, mac, 0); + + bufOff = 0; + len -= gapLen; + inOff += gapLen; + + while (len > blockSize) + { + cipher.ProcessBlock(inBytes, inOff, mac, 0); + + len -= blockSize; + inOff += blockSize; + } + } + + Array.Copy(inBytes, inOff, buf, bufOff, len); + + bufOff += len; + } + + public int DoFinal( + byte[] outBytes, + int outOff) + { + int blockSize = cipher.GetBlockSize(); + + byte[] lu; + if (bufOff == blockSize) + { + lu = Lu; + } + else + { + new ISO7816d4Padding().AddPadding(buf, bufOff); + lu = Lu2; + } + + for (int i = 0; i < mac.Length; i++) + { + buf[i] ^= lu[i]; + } + + cipher.ProcessBlock(buf, 0, mac, 0); + + Array.Copy(mac, 0, outBytes, outOff, macSize); + + Reset(); + + return macSize; + } + + /** + * Reset the mac generator. + */ + public void Reset() + { + /* + * clean the buffer. + */ + Array.Clear(buf, 0, buf.Length); + bufOff = 0; + + /* + * Reset the underlying cipher. + */ + cipher.Reset(); + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/macs/CbcBlockCipherMac.cs b/BouncyCastle/crypto/src/crypto/macs/CbcBlockCipherMac.cs new file mode 100644 index 0000000..146e16a --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/macs/CbcBlockCipherMac.cs @@ -0,0 +1,209 @@ +using System; + +using Org.BouncyCastle.Crypto.Modes; +using Org.BouncyCastle.Crypto.Paddings; + +namespace Org.BouncyCastle.Crypto.Macs +{ + /** + * standard CBC Block Cipher MAC - if no padding is specified the default of + * pad of zeroes is used. + */ + public class CbcBlockCipherMac + : IMac + { + private byte[] buf; + private int bufOff; + private IBlockCipher cipher; + private IBlockCipherPadding padding; + private int macSize; + + /** + * create a standard MAC based on a CBC block cipher. This will produce an + * authentication code half the length of the block size of the cipher. + * + * @param cipher the cipher to be used as the basis of the MAC generation. + */ + public CbcBlockCipherMac( + IBlockCipher cipher) + : this(cipher, (cipher.GetBlockSize() * 8) / 2, null) + { + } + + /** + * create a standard MAC based on a CBC block cipher. This will produce an + * authentication code half the length of the block size of the cipher. + * + * @param cipher the cipher to be used as the basis of the MAC generation. + * @param padding the padding to be used to complete the last block. + */ + public CbcBlockCipherMac( + IBlockCipher cipher, + IBlockCipherPadding padding) + : this(cipher, (cipher.GetBlockSize() * 8) / 2, padding) + { + } + + /** + * create a standard MAC based on a block cipher with the size of the + * MAC been given in bits. This class uses CBC mode as the basis for the + * MAC generation. + *

+ * Note: the size of the MAC must be at least 24 bits (FIPS Publication 81), + * or 16 bits if being used as a data authenticator (FIPS Publication 113), + * and in general should be less than the size of the block cipher as it reduces + * the chance of an exhaustive attack (see Handbook of Applied Cryptography). + *

+ * @param cipher the cipher to be used as the basis of the MAC generation. + * @param macSizeInBits the size of the MAC in bits, must be a multiple of 8. + */ + public CbcBlockCipherMac( + IBlockCipher cipher, + int macSizeInBits) + : this(cipher, macSizeInBits, null) + { + } + + /** + * create a standard MAC based on a block cipher with the size of the + * MAC been given in bits. This class uses CBC mode as the basis for the + * MAC generation. + *

+ * Note: the size of the MAC must be at least 24 bits (FIPS Publication 81), + * or 16 bits if being used as a data authenticator (FIPS Publication 113), + * and in general should be less than the size of the block cipher as it reduces + * the chance of an exhaustive attack (see Handbook of Applied Cryptography). + *

+ * @param cipher the cipher to be used as the basis of the MAC generation. + * @param macSizeInBits the size of the MAC in bits, must be a multiple of 8. + * @param padding the padding to be used to complete the last block. + */ + public CbcBlockCipherMac( + IBlockCipher cipher, + int macSizeInBits, + IBlockCipherPadding padding) + { + if ((macSizeInBits % 8) != 0) + throw new ArgumentException("MAC size must be multiple of 8"); + + this.cipher = new CbcBlockCipher(cipher); + this.padding = padding; + this.macSize = macSizeInBits / 8; + + buf = new byte[cipher.GetBlockSize()]; + bufOff = 0; + } + + public string AlgorithmName + { + get { return cipher.AlgorithmName; } + } + + public void Init( + ICipherParameters parameters) + { + Reset(); + + cipher.Init(true, parameters); + } + + public int GetMacSize() + { + return macSize; + } + + public void Update( + byte input) + { + if (bufOff == buf.Length) + { + cipher.ProcessBlock(buf, 0, buf, 0); + bufOff = 0; + } + + buf[bufOff++] = input; + } + + public void BlockUpdate( + byte[] input, + int inOff, + int len) + { + if (len < 0) + throw new ArgumentException("Can't have a negative input length!"); + + int blockSize = cipher.GetBlockSize(); + int gapLen = blockSize - bufOff; + + if (len > gapLen) + { + Array.Copy(input, inOff, buf, bufOff, gapLen); + + cipher.ProcessBlock(buf, 0, buf, 0); + + bufOff = 0; + len -= gapLen; + inOff += gapLen; + + while (len > blockSize) + { + cipher.ProcessBlock(input, inOff, buf, 0); + + len -= blockSize; + inOff += blockSize; + } + } + + Array.Copy(input, inOff, buf, bufOff, len); + + bufOff += len; + } + + public int DoFinal( + byte[] output, + int outOff) + { + int blockSize = cipher.GetBlockSize(); + + if (padding == null) + { + // pad with zeroes + while (bufOff < blockSize) + { + buf[bufOff++] = 0; + } + } + else + { + if (bufOff == blockSize) + { + cipher.ProcessBlock(buf, 0, buf, 0); + bufOff = 0; + } + + padding.AddPadding(buf, bufOff); + } + + cipher.ProcessBlock(buf, 0, buf, 0); + + Array.Copy(buf, 0, output, outOff, macSize); + + Reset(); + + return macSize; + } + + /** + * Reset the mac generator. + */ + public void Reset() + { + // Clear the buffer. + Array.Clear(buf, 0, buf.Length); + bufOff = 0; + + // Reset the underlying cipher. + cipher.Reset(); + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/macs/CfbBlockCipherMac.cs b/BouncyCastle/crypto/src/crypto/macs/CfbBlockCipherMac.cs new file mode 100644 index 0000000..364cf84 --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/macs/CfbBlockCipherMac.cs @@ -0,0 +1,368 @@ +using System; + +using Org.BouncyCastle.Crypto.Modes; +using Org.BouncyCastle.Crypto.Paddings; +using Org.BouncyCastle.Crypto.Parameters; + +namespace Org.BouncyCastle.Crypto.Macs +{ + /** + * implements a Cipher-FeedBack (CFB) mode on top of a simple cipher. + */ + class MacCFBBlockCipher + : IBlockCipher + { + private byte[] IV; + private byte[] cfbV; + private byte[] cfbOutV; + + private readonly int blockSize; + private readonly IBlockCipher cipher; + + /** + * Basic constructor. + * + * @param cipher the block cipher to be used as the basis of the + * feedback mode. + * @param blockSize the block size in bits (note: a multiple of 8) + */ + public MacCFBBlockCipher( + IBlockCipher cipher, + int bitBlockSize) + { + this.cipher = cipher; + this.blockSize = bitBlockSize / 8; + + this.IV = new byte[cipher.GetBlockSize()]; + this.cfbV = new byte[cipher.GetBlockSize()]; + this.cfbOutV = new byte[cipher.GetBlockSize()]; + } + + /** + * Initialise the cipher and, possibly, the initialisation vector (IV). + * If an IV isn't passed as part of the parameter, the IV will be all zeros. + * An IV which is too short is handled in FIPS compliant fashion. + * + * @param param the key and other data required by the cipher. + * @exception ArgumentException if the parameters argument is + * inappropriate. + */ + public void Init( + bool forEncryption, + ICipherParameters parameters) + { + if (parameters is ParametersWithIV) + { + ParametersWithIV ivParam = (ParametersWithIV)parameters; + byte[] iv = ivParam.GetIV(); + + if (iv.Length < IV.Length) + { + Array.Copy(iv, 0, IV, IV.Length - iv.Length, iv.Length); + } + else + { + Array.Copy(iv, 0, IV, 0, IV.Length); + } + + parameters = ivParam.Parameters; + } + + Reset(); + + cipher.Init(true, parameters); + } + + /** + * return the algorithm name and mode. + * + * @return the name of the underlying algorithm followed by "/CFB" + * and the block size in bits. + */ + public string AlgorithmName + { + get { return cipher.AlgorithmName + "/CFB" + (blockSize * 8); } + } + + public bool IsPartialBlockOkay + { + get { return true; } + } + + /** + * return the block size we are operating at. + * + * @return the block size we are operating at (in bytes). + */ + public int GetBlockSize() + { + return blockSize; + } + + /** + * Process one block of input from the array in and write it to + * the out array. + * + * @param in the array containing the input data. + * @param inOff offset into the in array the data starts at. + * @param out the array the output data will be copied into. + * @param outOff the offset into the out array the output will start at. + * @exception DataLengthException if there isn't enough data in in, or + * space in out. + * @exception InvalidOperationException if the cipher isn't initialised. + * @return the number of bytes processed and produced. + */ + public int ProcessBlock( + byte[] input, + int inOff, + byte[] outBytes, + int outOff) + { + if ((inOff + blockSize) > input.Length) + throw new DataLengthException("input buffer too short"); + + if ((outOff + blockSize) > outBytes.Length) + throw new DataLengthException("output buffer too short"); + + cipher.ProcessBlock(cfbV, 0, cfbOutV, 0); + + // + // XOR the cfbV with the plaintext producing the cipher text + // + for (int i = 0; i < blockSize; i++) + { + outBytes[outOff + i] = (byte)(cfbOutV[i] ^ input[inOff + i]); + } + + // + // change over the input block. + // + Array.Copy(cfbV, blockSize, cfbV, 0, cfbV.Length - blockSize); + Array.Copy(outBytes, outOff, cfbV, cfbV.Length - blockSize, blockSize); + + return blockSize; + } + + /** + * reset the chaining vector back to the IV and reset the underlying + * cipher. + */ + public void Reset() + { + IV.CopyTo(cfbV, 0); + + cipher.Reset(); + } + + public void GetMacBlock( + byte[] mac) + { + cipher.ProcessBlock(cfbV, 0, mac, 0); + } + } + + public class CfbBlockCipherMac + : IMac + { + private byte[] mac; + private byte[] Buffer; + private int bufOff; + private MacCFBBlockCipher cipher; + private IBlockCipherPadding padding; + private int macSize; + + /** + * create a standard MAC based on a CFB block cipher. This will produce an + * authentication code half the length of the block size of the cipher, with + * the CFB mode set to 8 bits. + * + * @param cipher the cipher to be used as the basis of the MAC generation. + */ + public CfbBlockCipherMac( + IBlockCipher cipher) + : this(cipher, 8, (cipher.GetBlockSize() * 8) / 2, null) + { + } + + /** + * create a standard MAC based on a CFB block cipher. This will produce an + * authentication code half the length of the block size of the cipher, with + * the CFB mode set to 8 bits. + * + * @param cipher the cipher to be used as the basis of the MAC generation. + * @param padding the padding to be used. + */ + public CfbBlockCipherMac( + IBlockCipher cipher, + IBlockCipherPadding padding) + : this(cipher, 8, (cipher.GetBlockSize() * 8) / 2, padding) + { + } + + /** + * create a standard MAC based on a block cipher with the size of the + * MAC been given in bits. This class uses CFB mode as the basis for the + * MAC generation. + *

+ * Note: the size of the MAC must be at least 24 bits (FIPS Publication 81), + * or 16 bits if being used as a data authenticator (FIPS Publication 113), + * and in general should be less than the size of the block cipher as it reduces + * the chance of an exhaustive attack (see Handbook of Applied Cryptography). + *

+ * @param cipher the cipher to be used as the basis of the MAC generation. + * @param cfbBitSize the size of an output block produced by the CFB mode. + * @param macSizeInBits the size of the MAC in bits, must be a multiple of 8. + */ + public CfbBlockCipherMac( + IBlockCipher cipher, + int cfbBitSize, + int macSizeInBits) + : this(cipher, cfbBitSize, macSizeInBits, null) + { + } + + /** + * create a standard MAC based on a block cipher with the size of the + * MAC been given in bits. This class uses CFB mode as the basis for the + * MAC generation. + *

+ * Note: the size of the MAC must be at least 24 bits (FIPS Publication 81), + * or 16 bits if being used as a data authenticator (FIPS Publication 113), + * and in general should be less than the size of the block cipher as it reduces + * the chance of an exhaustive attack (see Handbook of Applied Cryptography). + *

+ * @param cipher the cipher to be used as the basis of the MAC generation. + * @param cfbBitSize the size of an output block produced by the CFB mode. + * @param macSizeInBits the size of the MAC in bits, must be a multiple of 8. + * @param padding a padding to be used. + */ + public CfbBlockCipherMac( + IBlockCipher cipher, + int cfbBitSize, + int macSizeInBits, + IBlockCipherPadding padding) + { + if ((macSizeInBits % 8) != 0) + throw new ArgumentException("MAC size must be multiple of 8"); + + mac = new byte[cipher.GetBlockSize()]; + + this.cipher = new MacCFBBlockCipher(cipher, cfbBitSize); + this.padding = padding; + this.macSize = macSizeInBits / 8; + + Buffer = new byte[this.cipher.GetBlockSize()]; + bufOff = 0; + } + + public string AlgorithmName + { + get { return cipher.AlgorithmName; } + } + + public void Init( + ICipherParameters parameters) + { + Reset(); + + cipher.Init(true, parameters); + } + + public int GetMacSize() + { + return macSize; + } + + public void Update( + byte input) + { + if (bufOff == Buffer.Length) + { + cipher.ProcessBlock(Buffer, 0, mac, 0); + bufOff = 0; + } + + Buffer[bufOff++] = input; + } + + public void BlockUpdate( + byte[] input, + int inOff, + int len) + { + if (len < 0) + throw new ArgumentException("Can't have a negative input length!"); + + int blockSize = cipher.GetBlockSize(); + int resultLen = 0; + int gapLen = blockSize - bufOff; + + if (len > gapLen) + { + Array.Copy(input, inOff, Buffer, bufOff, gapLen); + + resultLen += cipher.ProcessBlock(Buffer, 0, mac, 0); + + bufOff = 0; + len -= gapLen; + inOff += gapLen; + + while (len > blockSize) + { + resultLen += cipher.ProcessBlock(input, inOff, mac, 0); + + len -= blockSize; + inOff += blockSize; + } + } + + Array.Copy(input, inOff, Buffer, bufOff, len); + + bufOff += len; + } + + public int DoFinal( + byte[] output, + int outOff) + { + int blockSize = cipher.GetBlockSize(); + + // pad with zeroes + if (this.padding == null) + { + while (bufOff < blockSize) + { + Buffer[bufOff++] = 0; + } + } + else + { + padding.AddPadding(Buffer, bufOff); + } + + cipher.ProcessBlock(Buffer, 0, mac, 0); + + cipher.GetMacBlock(mac); + + Array.Copy(mac, 0, output, outOff, macSize); + + Reset(); + + return macSize; + } + + /** + * Reset the mac generator. + */ + public void Reset() + { + // Clear the buffer. + Array.Clear(Buffer, 0, Buffer.Length); + bufOff = 0; + + // Reset the underlying cipher. + cipher.Reset(); + } + } + +} diff --git a/BouncyCastle/crypto/src/crypto/macs/DSTU7564Mac.cs b/BouncyCastle/crypto/src/crypto/macs/DSTU7564Mac.cs new file mode 100644 index 0000000..36e8641 --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/macs/DSTU7564Mac.cs @@ -0,0 +1,143 @@ +using System; + +using Org.BouncyCastle.Crypto.Digests; +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Crypto.Utilities; + +namespace Org.BouncyCastle.Crypto.Macs +{ + /// + /// Implementation of DSTU7564 mac mode + /// + public class Dstu7564Mac + : IMac + { + private Dstu7564Digest engine; + private int macSize; + + private ulong inputLength; + + byte[] paddedKey; + byte[] invertedKey; + + public string AlgorithmName + { + get { return "DSTU7564Mac"; } + } + + public Dstu7564Mac(int macSizeBits) + { + engine = new Dstu7564Digest(macSizeBits); + macSize = macSizeBits / 8; + } + + public void Init(ICipherParameters parameters) + { + if (parameters is KeyParameter) + { + byte[] key = ((KeyParameter)parameters).GetKey(); + + invertedKey = new byte[key.Length]; + + paddedKey = PadKey(key); + + for (int byteIndex = 0; byteIndex < invertedKey.Length; byteIndex++) + { + invertedKey[byteIndex] = (byte)(key[byteIndex] ^ (byte)0xFF); + } + } + else + { + throw new ArgumentException("Bad parameter passed"); + } + + engine.BlockUpdate(paddedKey, 0, paddedKey.Length); + } + + public int GetMacSize() + { + return macSize; + } + + public void BlockUpdate(byte[] input, int inOff, int len) + { + Check.DataLength(input, inOff, len, "Input buffer too short"); + + if (paddedKey == null) + throw new InvalidOperationException(AlgorithmName + " not initialised"); + + engine.BlockUpdate(input, inOff, len); + inputLength += (ulong)len; + } + + public void Update(byte input) + { + engine.Update(input); + inputLength++; + } + + public int DoFinal(byte[] output, int outOff) + { + Check.OutputLength(output, outOff, macSize, "Output buffer too short"); + + if (paddedKey == null) + throw new InvalidOperationException(AlgorithmName + " not initialised"); + + Pad(); + + engine.BlockUpdate(invertedKey, 0, invertedKey.Length); + + inputLength = 0; + + return engine.DoFinal(output, outOff); + } + + public void Reset() + { + inputLength = 0; + engine.Reset(); + if (paddedKey != null) + { + engine.BlockUpdate(paddedKey, 0, paddedKey.Length); + } + } + + private void Pad() + { + int extra = engine.GetByteLength() - (int)(inputLength % (ulong)engine.GetByteLength()); + if (extra < 13) // terminator byte + 96 bits of length + { + extra += engine.GetByteLength(); + } + + byte[] padded = new byte[extra]; + + padded[0] = (byte)0x80; // Defined in standard; + + // Defined in standard; + Pack.UInt64_To_LE(inputLength * 8, padded, padded.Length - 12); + + engine.BlockUpdate(padded, 0, padded.Length); + } + + private byte[] PadKey(byte[] input) + { + int paddedLen = ((input.Length + engine.GetByteLength() - 1) / engine.GetByteLength()) * engine.GetByteLength(); + + int extra = engine.GetByteLength() - (int)(input.Length % engine.GetByteLength()); + if (extra < 13) // terminator byte + 96 bits of length + { + paddedLen += engine.GetByteLength(); + } + + byte[] padded = new byte[paddedLen]; + + Array.Copy(input, 0, padded, 0, input.Length); + + padded[input.Length] = (byte)0x80; // Defined in standard; + Pack.UInt32_To_LE((uint)(input.Length * 8), padded, padded.Length - 12); // Defined in standard; + + return padded; + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/macs/DSTU7624Mac.cs b/BouncyCastle/crypto/src/crypto/macs/DSTU7624Mac.cs new file mode 100644 index 0000000..953d816 --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/macs/DSTU7624Mac.cs @@ -0,0 +1,160 @@ +using System; + +using Org.BouncyCastle.Utilities; +using Org.BouncyCastle.Crypto; +using Org.BouncyCastle.Crypto.Engines; +using Org.BouncyCastle.Crypto.Parameters; + + +namespace Org.BouncyCastle.Crypto.Macs +{ + /** + * implementation of DSTU 7624 MAC + */ + public class Dstu7624Mac : IMac + { + private int macSize; + + private Dstu7624Engine engine; + private int blockSize; + + private byte[] c, cTemp, kDelta; + private byte[] buf; + private int bufOff; + + public Dstu7624Mac(int blockSizeBits, int q) + { + engine = new Dstu7624Engine(blockSizeBits); + + blockSize = blockSizeBits / 8; + + macSize = q / 8; + + c = new byte[blockSize]; + + cTemp = new byte[blockSize]; + + kDelta = new byte[blockSize]; + buf = new byte[blockSize]; + } + + public void Init(ICipherParameters parameters) + { + if (parameters is KeyParameter) + { + engine.Init(true, (KeyParameter)parameters); + + engine.ProcessBlock(kDelta, 0, kDelta, 0); + } + else + { + throw new ArgumentException("invalid parameter passed to Dstu7624Mac init - " + + Platform.GetTypeName(parameters)); + } + } + + public string AlgorithmName + { + get { return "Dstu7624Mac"; } + } + + public int GetMacSize() + { + return macSize; + } + + public void Update(byte input) + { + if (bufOff == buf.Length) + { + processBlock(buf, 0); + bufOff = 0; + } + + buf[bufOff++] = input; + } + + public void BlockUpdate(byte[] input, int inOff, int len) + { + if (len < 0) + { + throw new ArgumentException( + "Can't have a negative input length!"); + } + + int blockSize = engine.GetBlockSize(); + int gapLen = blockSize - bufOff; + + if (len > gapLen) + { + Array.Copy(input, inOff, buf, bufOff, gapLen); + + processBlock(buf, 0); + + bufOff = 0; + len -= gapLen; + inOff += gapLen; + + while (len > blockSize) + { + processBlock(input, inOff); + + len -= blockSize; + inOff += blockSize; + } + } + + Array.Copy(input, inOff, buf, bufOff, len); + + bufOff += len; + } + + private void processBlock(byte[] input, int inOff) + { + Xor(c, 0, input, inOff, cTemp); + + engine.ProcessBlock(cTemp, 0, c, 0); + } + + private void Xor(byte[] c, int cOff, byte[] input, int inOff, byte[] xorResult) + { + for (int byteIndex = 0; byteIndex < blockSize; byteIndex++) + { + xorResult[byteIndex] = (byte)(c[byteIndex + cOff] ^ input[byteIndex + inOff]); + } + } + + public int DoFinal(byte[] output, int outOff) + { + if (bufOff % buf.Length != 0) + { + throw new DataLengthException("Input must be a multiple of blocksize"); + } + + //Last block + Xor(c, 0, buf, 0, cTemp); + Xor(cTemp, 0, kDelta, 0, c); + engine.ProcessBlock(c, 0, c, 0); + + if (macSize + outOff > output.Length) + { + throw new DataLengthException("Output buffer too short"); + } + + Array.Copy(c, 0, output, outOff, macSize); + + return macSize; + } + + public void Reset() + { + Arrays.Fill(c, (byte)0x00); + Arrays.Fill(cTemp, (byte)0x00); + Arrays.Fill(kDelta, (byte)0x00); + Arrays.Fill(buf, (byte)0x00); + engine.Reset(); + engine.ProcessBlock(kDelta, 0, kDelta, 0); + bufOff = 0; + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/macs/GMac.cs b/BouncyCastle/crypto/src/crypto/macs/GMac.cs new file mode 100644 index 0000000..f2c3990 --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/macs/GMac.cs @@ -0,0 +1,112 @@ +using System; +using System.Collections; + +using Org.BouncyCastle.Crypto; +using Org.BouncyCastle.Crypto.Modes; +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Crypto.Macs +{ + /// + /// The GMAC specialisation of Galois/Counter mode (GCM) detailed in NIST Special Publication + /// 800-38D. + /// + /// + /// GMac is an invocation of the GCM mode where no data is encrypted (i.e. all input data to the Mac + /// is processed as additional authenticated data with the underlying GCM block cipher). + /// + public class GMac + : IMac + { + private readonly GcmBlockCipher cipher; + private readonly int macSizeBits; + + /// + /// Creates a GMAC based on the operation of a block cipher in GCM mode. + /// + /// + /// This will produce an authentication code the length of the block size of the cipher. + /// + /// the cipher to be used in GCM mode to generate the MAC. + public GMac(GcmBlockCipher cipher) + : this(cipher, 128) + { + } + + /// + /// Creates a GMAC based on the operation of a 128 bit block cipher in GCM mode. + /// + /// + /// This will produce an authentication code the length of the block size of the cipher. + /// + /// the cipher to be used in GCM mode to generate the MAC. + /// the mac size to generate, in bits. Must be a multiple of 8, between 32 and 128 (inclusive). + /// Sizes less than 96 are not recommended, but are supported for specialized applications. + public GMac(GcmBlockCipher cipher, int macSizeBits) + { + this.cipher = cipher; + this.macSizeBits = macSizeBits; + } + + /// + /// Initialises the GMAC - requires a + /// providing a and a nonce. + /// + public void Init(ICipherParameters parameters) + { + if (parameters is ParametersWithIV) + { + ParametersWithIV param = (ParametersWithIV)parameters; + + byte[] iv = param.GetIV(); + KeyParameter keyParam = (KeyParameter)param.Parameters; + + // GCM is always operated in encrypt mode to calculate MAC + cipher.Init(true, new AeadParameters(keyParam, macSizeBits, iv)); + } + else + { + throw new ArgumentException("GMAC requires ParametersWithIV"); + } + } + + public string AlgorithmName + { + get { return cipher.GetUnderlyingCipher().AlgorithmName + "-GMAC"; } + } + + public int GetMacSize() + { + return macSizeBits / 8; + } + + public void Update(byte input) + { + cipher.ProcessAadByte(input); + } + + public void BlockUpdate(byte[] input, int inOff, int len) + { + cipher.ProcessAadBytes(input, inOff, len); + } + + public int DoFinal(byte[] output, int outOff) + { + try + { + return cipher.DoFinal(output, outOff); + } + catch (InvalidCipherTextException e) + { + // Impossible in encrypt mode + throw new InvalidOperationException(e.ToString()); + } + } + + public void Reset() + { + cipher.Reset(); + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/macs/GOST28147Mac.cs b/BouncyCastle/crypto/src/crypto/macs/GOST28147Mac.cs new file mode 100644 index 0000000..33c2d67 --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/macs/GOST28147Mac.cs @@ -0,0 +1,315 @@ +using System; + +using Org.BouncyCastle.Crypto; +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Crypto.Macs +{ + /** + * implementation of GOST 28147-89 MAC + */ + public class Gost28147Mac : IMac + { + private const int blockSize = 8; + private const int macSize = 4; + private int bufOff; + private byte[] buf; + private byte[] mac; + private bool firstStep = true; + private int[] workingKey; + private byte[] macIV = null; + + // + // This is default S-box - E_A. + private byte[] S = + { + 0x9,0x6,0x3,0x2,0x8,0xB,0x1,0x7,0xA,0x4,0xE,0xF,0xC,0x0,0xD,0x5, + 0x3,0x7,0xE,0x9,0x8,0xA,0xF,0x0,0x5,0x2,0x6,0xC,0xB,0x4,0xD,0x1, + 0xE,0x4,0x6,0x2,0xB,0x3,0xD,0x8,0xC,0xF,0x5,0xA,0x0,0x7,0x1,0x9, + 0xE,0x7,0xA,0xC,0xD,0x1,0x3,0x9,0x0,0x2,0xB,0x4,0xF,0x8,0x5,0x6, + 0xB,0x5,0x1,0x9,0x8,0xD,0xF,0x0,0xE,0x4,0x2,0x3,0xC,0x7,0xA,0x6, + 0x3,0xA,0xD,0xC,0x1,0x2,0x0,0xB,0x7,0x5,0x9,0x4,0x8,0xF,0xE,0x6, + 0x1,0xD,0x2,0x9,0x7,0xA,0x6,0x0,0x8,0xC,0x4,0x5,0xF,0x3,0xB,0xE, + 0xB,0xA,0xF,0x5,0x0,0xC,0xE,0x8,0x6,0x2,0x3,0x9,0x1,0x7,0xD,0x4 + }; + + public Gost28147Mac() + { + mac = new byte[blockSize]; + buf = new byte[blockSize]; + bufOff = 0; + } + + private static int[] GenerateWorkingKey( + byte[] userKey) + { + if (userKey.Length != 32) + throw new ArgumentException("Key length invalid. Key needs to be 32 byte - 256 bit!!!"); + + int[] key = new int[8]; + for(int i=0; i!=8; i++) + { + key[i] = bytesToint(userKey,i*4); + } + + return key; + } + + public void Init( + ICipherParameters parameters) + { + Reset(); + buf = new byte[blockSize]; + macIV = null; + if (parameters is ParametersWithSBox) + { + ParametersWithSBox param = (ParametersWithSBox)parameters; + + // + // Set the S-Box + // + param.GetSBox().CopyTo(this.S, 0); + + // + // set key if there is one + // + if (param.Parameters != null) + { + workingKey = GenerateWorkingKey(((KeyParameter)param.Parameters).GetKey()); + } + } + else if (parameters is KeyParameter) + { + workingKey = GenerateWorkingKey(((KeyParameter)parameters).GetKey()); + } + else if (parameters is ParametersWithIV) + { + ParametersWithIV p = (ParametersWithIV)parameters; + + workingKey = GenerateWorkingKey(((KeyParameter)p.Parameters).GetKey()); + Array.Copy(p.GetIV(), 0, mac, 0, mac.Length); + macIV = p.GetIV(); // don't skip the initial CM5Func + } + else + { + throw new ArgumentException("invalid parameter passed to Gost28147 init - " + + Platform.GetTypeName(parameters)); + } + } + + public string AlgorithmName + { + get { return "Gost28147Mac"; } + } + + public int GetMacSize() + { + return macSize; + } + + private int gost28147_mainStep(int n1, int key) + { + int cm = (key + n1); // CM1 + + // S-box replacing + + int om = S[ 0 + ((cm >> (0 * 4)) & 0xF)] << (0 * 4); + om += S[ 16 + ((cm >> (1 * 4)) & 0xF)] << (1 * 4); + om += S[ 32 + ((cm >> (2 * 4)) & 0xF)] << (2 * 4); + om += S[ 48 + ((cm >> (3 * 4)) & 0xF)] << (3 * 4); + om += S[ 64 + ((cm >> (4 * 4)) & 0xF)] << (4 * 4); + om += S[ 80 + ((cm >> (5 * 4)) & 0xF)] << (5 * 4); + om += S[ 96 + ((cm >> (6 * 4)) & 0xF)] << (6 * 4); + om += S[112 + ((cm >> (7 * 4)) & 0xF)] << (7 * 4); + +// return om << 11 | om >>> (32-11); // 11-leftshift + int omLeft = om << 11; + int omRight = (int)(((uint) om) >> (32 - 11)); // Note: Casts required to get unsigned bit rotation + + return omLeft | omRight; + } + + private void gost28147MacFunc( + int[] workingKey, + byte[] input, + int inOff, + byte[] output, + int outOff) + { + int N1, N2, tmp; //tmp -> for saving N1 + N1 = bytesToint(input, inOff); + N2 = bytesToint(input, inOff + 4); + + for (int k = 0; k < 2; k++) // 1-16 steps + { + for (int j = 0; j < 8; j++) + { + tmp = N1; + N1 = N2 ^ gost28147_mainStep(N1, workingKey[j]); // CM2 + N2 = tmp; + } + } + + intTobytes(N1, output, outOff); + intTobytes(N2, output, outOff + 4); + } + + //array of bytes to type int + private static int bytesToint( + byte[] input, + int inOff) + { + return (int)((input[inOff + 3] << 24) & 0xff000000) + ((input[inOff + 2] << 16) & 0xff0000) + + ((input[inOff + 1] << 8) & 0xff00) + (input[inOff] & 0xff); + } + + //int to array of bytes + private static void intTobytes( + int num, + byte[] output, + int outOff) + { + output[outOff + 3] = (byte)(num >> 24); + output[outOff + 2] = (byte)(num >> 16); + output[outOff + 1] = (byte)(num >> 8); + output[outOff] = (byte)num; + } + + private static byte[] CM5func( + byte[] buf, + int bufOff, + byte[] mac) + { + byte[] sum = new byte[buf.Length - bufOff]; + + Array.Copy(buf, bufOff, sum, 0, mac.Length); + + for (int i = 0; i != mac.Length; i++) + { + sum[i] = (byte)(sum[i] ^ mac[i]); + } + + return sum; + } + + public void Update( + byte input) + { + if (bufOff == buf.Length) + { + byte[] sumbuf = new byte[buf.Length]; + Array.Copy(buf, 0, sumbuf, 0, mac.Length); + + if (firstStep) + { + firstStep = false; + if (macIV != null) + { + sumbuf = CM5func(buf, 0, macIV); + } + } + else + { + sumbuf = CM5func(buf, 0, mac); + } + + gost28147MacFunc(workingKey, sumbuf, 0, mac, 0); + bufOff = 0; + } + + buf[bufOff++] = input; + } + + public void BlockUpdate( + byte[] input, + int inOff, + int len) + { + if (len < 0) + throw new ArgumentException("Can't have a negative input length!"); + + int gapLen = blockSize - bufOff; + + if (len > gapLen) + { + Array.Copy(input, inOff, buf, bufOff, gapLen); + + byte[] sumbuf = new byte[buf.Length]; + Array.Copy(buf, 0, sumbuf, 0, mac.Length); + + if (firstStep) + { + firstStep = false; + if (macIV != null) + { + sumbuf = CM5func(buf, 0, macIV); + } + } + else + { + sumbuf = CM5func(buf, 0, mac); + } + + gost28147MacFunc(workingKey, sumbuf, 0, mac, 0); + + bufOff = 0; + len -= gapLen; + inOff += gapLen; + + while (len > blockSize) + { + sumbuf = CM5func(input, inOff, mac); + gost28147MacFunc(workingKey, sumbuf, 0, mac, 0); + + len -= blockSize; + inOff += blockSize; + } + } + + Array.Copy(input, inOff, buf, bufOff, len); + + bufOff += len; + } + + public int DoFinal( + byte[] output, + int outOff) + { + //padding with zero + while (bufOff < blockSize) + { + buf[bufOff++] = 0; + } + + byte[] sumbuf = new byte[buf.Length]; + Array.Copy(buf, 0, sumbuf, 0, mac.Length); + + if (firstStep) + { + firstStep = false; + } + else + { + sumbuf = CM5func(buf, 0, mac); + } + + gost28147MacFunc(workingKey, sumbuf, 0, mac, 0); + + Array.Copy(mac, (mac.Length/2)-macSize, output, outOff, macSize); + + Reset(); + + return macSize; + } + + public void Reset() + { + // Clear the buffer. + Array.Clear(buf, 0, buf.Length); + bufOff = 0; + + firstStep = true; + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/macs/HMac.cs b/BouncyCastle/crypto/src/crypto/macs/HMac.cs new file mode 100644 index 0000000..460f3c5 --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/macs/HMac.cs @@ -0,0 +1,154 @@ +using System; +using System.Collections; + +using Org.BouncyCastle.Crypto; +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Crypto.Macs +{ + /** + * HMAC implementation based on RFC2104 + * + * H(K XOR opad, H(K XOR ipad, text)) + */ + public class HMac + : IMac + { + private const byte IPAD = (byte)0x36; + private const byte OPAD = (byte)0x5C; + + private readonly IDigest digest; + private readonly int digestSize; + private readonly int blockLength; + private IMemoable ipadState; + private IMemoable opadState; + + private readonly byte[] inputPad; + private readonly byte[] outputBuf; + + public HMac(IDigest digest) + { + this.digest = digest; + this.digestSize = digest.GetDigestSize(); + this.blockLength = digest.GetByteLength(); + this.inputPad = new byte[blockLength]; + this.outputBuf = new byte[blockLength + digestSize]; + } + + public virtual string AlgorithmName + { + get { return digest.AlgorithmName + "/HMAC"; } + } + + public virtual IDigest GetUnderlyingDigest() + { + return digest; + } + + public virtual void Init(ICipherParameters parameters) + { + digest.Reset(); + + byte[] key = ((KeyParameter)parameters).GetKey(); + int keyLength = key.Length; + + if (keyLength > blockLength) + { + digest.BlockUpdate(key, 0, keyLength); + digest.DoFinal(inputPad, 0); + + keyLength = digestSize; + } + else + { + Array.Copy(key, 0, inputPad, 0, keyLength); + } + + Array.Clear(inputPad, keyLength, blockLength - keyLength); + Array.Copy(inputPad, 0, outputBuf, 0, blockLength); + + XorPad(inputPad, blockLength, IPAD); + XorPad(outputBuf, blockLength, OPAD); + + if (digest is IMemoable) + { + opadState = ((IMemoable)digest).Copy(); + + ((IDigest)opadState).BlockUpdate(outputBuf, 0, blockLength); + } + + digest.BlockUpdate(inputPad, 0, inputPad.Length); + + if (digest is IMemoable) + { + ipadState = ((IMemoable)digest).Copy(); + } + } + + public virtual int GetMacSize() + { + return digestSize; + } + + public virtual void Update(byte input) + { + digest.Update(input); + } + + public virtual void BlockUpdate(byte[] input, int inOff, int len) + { + digest.BlockUpdate(input, inOff, len); + } + + public virtual int DoFinal(byte[] output, int outOff) + { + digest.DoFinal(outputBuf, blockLength); + + if (opadState != null) + { + ((IMemoable)digest).Reset(opadState); + digest.BlockUpdate(outputBuf, blockLength, digest.GetDigestSize()); + } + else + { + digest.BlockUpdate(outputBuf, 0, outputBuf.Length); + } + + int len = digest.DoFinal(output, outOff); + + Array.Clear(outputBuf, blockLength, digestSize); + + if (ipadState != null) + { + ((IMemoable)digest).Reset(ipadState); + } + else + { + digest.BlockUpdate(inputPad, 0, inputPad.Length); + } + + return len; + } + + /** + * Reset the mac generator. + */ + public virtual void Reset() + { + // Reset underlying digest + digest.Reset(); + + // Initialise the digest + digest.BlockUpdate(inputPad, 0, inputPad.Length); + } + + private static void XorPad(byte[] pad, int len, byte n) + { + for (int i = 0; i < len; ++i) + { + pad[i] ^= n; + } + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/macs/ISO9797Alg3Mac.cs b/BouncyCastle/crypto/src/crypto/macs/ISO9797Alg3Mac.cs new file mode 100644 index 0000000..6fee619 --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/macs/ISO9797Alg3Mac.cs @@ -0,0 +1,275 @@ +using System; + +using Org.BouncyCastle.Crypto.Engines; +using Org.BouncyCastle.Crypto.Modes; +using Org.BouncyCastle.Crypto.Paddings; +using Org.BouncyCastle.Crypto.Parameters; + +namespace Org.BouncyCastle.Crypto.Macs +{ + /** + * DES based CBC Block Cipher MAC according to ISO9797, algorithm 3 (ANSI X9.19 Retail MAC) + * + * This could as well be derived from CBCBlockCipherMac, but then the property mac in the base + * class must be changed to protected + */ + public class ISO9797Alg3Mac : IMac + { + private byte[] mac; + private byte[] buf; + private int bufOff; + private IBlockCipher cipher; + private IBlockCipherPadding padding; + private int macSize; + private KeyParameter lastKey2; + private KeyParameter lastKey3; + + /** + * create a Retail-MAC based on a CBC block cipher. This will produce an + * authentication code of the length of the block size of the cipher. + * + * @param cipher the cipher to be used as the basis of the MAC generation. This must + * be DESEngine. + */ + public ISO9797Alg3Mac( + IBlockCipher cipher) + : this(cipher, cipher.GetBlockSize() * 8, null) + { + } + + /** + * create a Retail-MAC based on a CBC block cipher. This will produce an + * authentication code of the length of the block size of the cipher. + * + * @param cipher the cipher to be used as the basis of the MAC generation. + * @param padding the padding to be used to complete the last block. + */ + public ISO9797Alg3Mac( + IBlockCipher cipher, + IBlockCipherPadding padding) + : this(cipher, cipher.GetBlockSize() * 8, padding) + { + } + + /** + * create a Retail-MAC based on a block cipher with the size of the + * MAC been given in bits. This class uses single DES CBC mode as the basis for the + * MAC generation. + *

+ * Note: the size of the MAC must be at least 24 bits (FIPS Publication 81), + * or 16 bits if being used as a data authenticator (FIPS Publication 113), + * and in general should be less than the size of the block cipher as it reduces + * the chance of an exhaustive attack (see Handbook of Applied Cryptography). + *

+ * @param cipher the cipher to be used as the basis of the MAC generation. + * @param macSizeInBits the size of the MAC in bits, must be a multiple of 8. + */ + public ISO9797Alg3Mac( + IBlockCipher cipher, + int macSizeInBits) + : this(cipher, macSizeInBits, null) + { + } + + /** + * create a standard MAC based on a block cipher with the size of the + * MAC been given in bits. This class uses single DES CBC mode as the basis for the + * MAC generation. The final block is decrypted and then encrypted using the + * middle and right part of the key. + *

+ * Note: the size of the MAC must be at least 24 bits (FIPS Publication 81), + * or 16 bits if being used as a data authenticator (FIPS Publication 113), + * and in general should be less than the size of the block cipher as it reduces + * the chance of an exhaustive attack (see Handbook of Applied Cryptography). + *

+ * @param cipher the cipher to be used as the basis of the MAC generation. + * @param macSizeInBits the size of the MAC in bits, must be a multiple of 8. + * @param padding the padding to be used to complete the last block. + */ + public ISO9797Alg3Mac( + IBlockCipher cipher, + int macSizeInBits, + IBlockCipherPadding padding) + { + if ((macSizeInBits % 8) != 0) + throw new ArgumentException("MAC size must be multiple of 8"); + + if (!(cipher is DesEngine)) + throw new ArgumentException("cipher must be instance of DesEngine"); + + this.cipher = new CbcBlockCipher(cipher); + this.padding = padding; + this.macSize = macSizeInBits / 8; + + mac = new byte[cipher.GetBlockSize()]; + buf = new byte[cipher.GetBlockSize()]; + bufOff = 0; + } + + public string AlgorithmName + { + get { return "ISO9797Alg3"; } + } + + public void Init( + ICipherParameters parameters) + { + Reset(); + + if (!(parameters is KeyParameter || parameters is ParametersWithIV)) + throw new ArgumentException("parameters must be an instance of KeyParameter or ParametersWithIV"); + + // KeyParameter must contain a double or triple length DES key, + // however the underlying cipher is a single DES. The middle and + // right key are used only in the final step. + + KeyParameter kp; + if (parameters is KeyParameter) + { + kp = (KeyParameter)parameters; + } + else + { + kp = (KeyParameter)((ParametersWithIV)parameters).Parameters; + } + + KeyParameter key1; + byte[] keyvalue = kp.GetKey(); + + if (keyvalue.Length == 16) + { // Double length DES key + key1 = new KeyParameter(keyvalue, 0, 8); + this.lastKey2 = new KeyParameter(keyvalue, 8, 8); + this.lastKey3 = key1; + } + else if (keyvalue.Length == 24) + { // Triple length DES key + key1 = new KeyParameter(keyvalue, 0, 8); + this.lastKey2 = new KeyParameter(keyvalue, 8, 8); + this.lastKey3 = new KeyParameter(keyvalue, 16, 8); + } + else + { + throw new ArgumentException("Key must be either 112 or 168 bit long"); + } + + if (parameters is ParametersWithIV) + { + cipher.Init(true, new ParametersWithIV(key1, ((ParametersWithIV)parameters).GetIV())); + } + else + { + cipher.Init(true, key1); + } + } + + public int GetMacSize() + { + return macSize; + } + + public void Update( + byte input) + { + if (bufOff == buf.Length) + { + cipher.ProcessBlock(buf, 0, mac, 0); + bufOff = 0; + } + + buf[bufOff++] = input; + } + + public void BlockUpdate( + byte[] input, + int inOff, + int len) + { + if (len < 0) + throw new ArgumentException("Can't have a negative input length!"); + + int blockSize = cipher.GetBlockSize(); + int resultLen = 0; + int gapLen = blockSize - bufOff; + + if (len > gapLen) + { + Array.Copy(input, inOff, buf, bufOff, gapLen); + + resultLen += cipher.ProcessBlock(buf, 0, mac, 0); + + bufOff = 0; + len -= gapLen; + inOff += gapLen; + + while (len > blockSize) + { + resultLen += cipher.ProcessBlock(input, inOff, mac, 0); + + len -= blockSize; + inOff += blockSize; + } + } + + Array.Copy(input, inOff, buf, bufOff, len); + + bufOff += len; + } + + public int DoFinal( + byte[] output, + int outOff) + { + int blockSize = cipher.GetBlockSize(); + + if (padding == null) + { + // pad with zeroes + while (bufOff < blockSize) + { + buf[bufOff++] = 0; + } + } + else + { + if (bufOff == blockSize) + { + cipher.ProcessBlock(buf, 0, mac, 0); + bufOff = 0; + } + + padding.AddPadding(buf, bufOff); + } + + cipher.ProcessBlock(buf, 0, mac, 0); + + // Added to code from base class + DesEngine deseng = new DesEngine(); + + deseng.Init(false, this.lastKey2); + deseng.ProcessBlock(mac, 0, mac, 0); + + deseng.Init(true, this.lastKey3); + deseng.ProcessBlock(mac, 0, mac, 0); + // **** + + Array.Copy(mac, 0, output, outOff, macSize); + + Reset(); + + return macSize; + } + + /** + * Reset the mac generator. + */ + public void Reset() + { + Array.Clear(buf, 0, buf.Length); + bufOff = 0; + + // reset the underlying cipher. + cipher.Reset(); + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/macs/KMac.cs b/BouncyCastle/crypto/src/crypto/macs/KMac.cs new file mode 100644 index 0000000..05031ac --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/macs/KMac.cs @@ -0,0 +1,173 @@ +using System; + +using Org.BouncyCastle.Crypto.Digests; +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Crypto.Macs +{ + public class KMac + : IMac, IXof + { + private static readonly byte[] padding = new byte[100]; + + private readonly CShakeDigest cshake; + private readonly int bitLength; + private readonly int outputLength; + + private byte[] key; + private bool initialised; + private bool firstOutput; + + public KMac(int bitLength, byte[] S) + { + this.cshake = new CShakeDigest(bitLength, Strings.ToAsciiByteArray("KMAC"), S); + this.bitLength = bitLength; + this.outputLength = bitLength * 2 / 8; + } + + public string AlgorithmName + { + get { return "KMAC" + cshake.AlgorithmName.Substring(6); } + } + + public void BlockUpdate(byte[] input, int inOff, int len) + { + if (!initialised) + throw new InvalidOperationException("KMAC not initialized"); + + cshake.BlockUpdate(input, inOff, len); + } + + public int DoFinal(byte[] output, int outOff) + { + if (firstOutput) + { + if (!initialised) + throw new InvalidOperationException("KMAC not initialized"); + + byte[] encOut = XofUtilities.RightEncode(GetMacSize() * 8); + + cshake.BlockUpdate(encOut, 0, encOut.Length); + } + + int rv = cshake.DoFinal(output, outOff, GetMacSize()); + + Reset(); + + return rv; + } + + public int DoFinal(byte[] output, int outOff, int outLen) + { + if (firstOutput) + { + if (!initialised) + throw new InvalidOperationException("KMAC not initialized"); + + byte[] encOut = XofUtilities.RightEncode(outLen * 8); + + cshake.BlockUpdate(encOut, 0, encOut.Length); + } + + int rv = cshake.DoFinal(output, outOff, outLen); + + Reset(); + + return rv; + } + + public int DoOutput(byte[] output, int outOff, int outLen) + { + if (firstOutput) + { + if (!initialised) + throw new InvalidOperationException("KMAC not initialized"); + + byte[] encOut = XofUtilities.RightEncode(0); + + cshake.BlockUpdate(encOut, 0, encOut.Length); + + firstOutput = false; + } + + return cshake.DoOutput(output, outOff, outLen); + } + + public int GetByteLength() + { + return cshake.GetByteLength(); + } + + public int GetDigestSize() + { + return outputLength; + } + + public int GetMacSize() + { + return outputLength; + } + + public void Init(ICipherParameters parameters) + { + KeyParameter kParam = (KeyParameter)parameters; + this.key = Arrays.Clone(kParam.GetKey()); + this.initialised = true; + Reset(); + } + + public void Reset() + { + cshake.Reset(); + + if (key != null) + { + if (bitLength == 128) + { + bytePad(key, 168); + } + else + { + bytePad(key, 136); + } + } + + firstOutput = true; + } + + private void bytePad(byte[] X, int w) + { + byte[] bytes = XofUtilities.LeftEncode(w); + BlockUpdate(bytes, 0, bytes.Length); + byte[] encX = encode(X); + BlockUpdate(encX, 0, encX.Length); + + int required = w - ((bytes.Length + encX.Length) % w); + + if (required > 0 && required != w) + { + while (required > padding.Length) + { + BlockUpdate(padding, 0, padding.Length); + required -= padding.Length; + } + + BlockUpdate(padding, 0, required); + } + } + + private static byte[] encode(byte[] X) + { + return Arrays.Concatenate(XofUtilities.LeftEncode(X.Length * 8), X); + } + + public void Update(byte input) + { + if (!initialised) + throw new InvalidOperationException("KMAC not initialized"); + + cshake.Update(input); + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/macs/Poly1305.cs b/BouncyCastle/crypto/src/crypto/macs/Poly1305.cs new file mode 100644 index 0000000..c0a660f --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/macs/Poly1305.cs @@ -0,0 +1,293 @@ +using System; + +using Org.BouncyCastle.Crypto.Generators; +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Crypto.Utilities; + +namespace Org.BouncyCastle.Crypto.Macs +{ + + /// + /// Poly1305 message authentication code, designed by D. J. Bernstein. + /// + /// + /// Poly1305 computes a 128-bit (16 bytes) authenticator, using a 128 bit nonce and a 256 bit key + /// consisting of a 128 bit key applied to an underlying cipher, and a 128 bit key (with 106 + /// effective key bits) used in the authenticator. + /// + /// The polynomial calculation in this implementation is adapted from the public domain poly1305-donna-unrolled C implementation + /// by Andrew M (@floodyberry). + /// + /// + public class Poly1305 + : IMac + { + private const int BlockSize = 16; + + private readonly IBlockCipher cipher; + + private readonly byte[] singleByte = new byte[1]; + + // Initialised state + + /** Polynomial key */ + private uint r0, r1, r2, r3, r4; + + /** Precomputed 5 * r[1..4] */ + private uint s1, s2, s3, s4; + + /** Encrypted nonce */ + private uint k0, k1, k2, k3; + + // Accumulating state + + /** Current block of buffered input */ + private byte[] currentBlock = new byte[BlockSize]; + + /** Current offset in input buffer */ + private int currentBlockOffset = 0; + + /** Polynomial accumulator */ + private uint h0, h1, h2, h3, h4; + + /** + * Constructs a Poly1305 MAC, where the key passed to init() will be used directly. + */ + public Poly1305() + { + this.cipher = null; + } + + /** + * Constructs a Poly1305 MAC, using a 128 bit block cipher. + */ + public Poly1305(IBlockCipher cipher) + { + if (cipher.GetBlockSize() != BlockSize) + { + throw new ArgumentException("Poly1305 requires a 128 bit block cipher."); + } + this.cipher = cipher; + } + + /// + /// Initialises the Poly1305 MAC. + /// + /// a {@link ParametersWithIV} containing a 128 bit nonce and a {@link KeyParameter} with + /// a 256 bit key complying to the {@link Poly1305KeyGenerator Poly1305 key format}. + public void Init(ICipherParameters parameters) + { + byte[] nonce = null; + + if (cipher != null) + { + if (!(parameters is ParametersWithIV)) + throw new ArgumentException("Poly1305 requires an IV when used with a block cipher.", "parameters"); + + ParametersWithIV ivParams = (ParametersWithIV)parameters; + nonce = ivParams.GetIV(); + parameters = ivParams.Parameters; + } + + if (!(parameters is KeyParameter)) + throw new ArgumentException("Poly1305 requires a key."); + + KeyParameter keyParams = (KeyParameter)parameters; + + SetKey(keyParams.GetKey(), nonce); + + Reset(); + } + + private void SetKey(byte[] key, byte[] nonce) + { + if (key.Length != 32) + throw new ArgumentException("Poly1305 key must be 256 bits."); + + if (cipher != null && (nonce == null || nonce.Length != BlockSize)) + throw new ArgumentException("Poly1305 requires a 128 bit IV."); + + // Extract r portion of key (and "clamp" the values) + uint t0 = Pack.LE_To_UInt32(key, 0); + uint t1 = Pack.LE_To_UInt32(key, 4); + uint t2 = Pack.LE_To_UInt32(key, 8); + uint t3 = Pack.LE_To_UInt32(key, 12); + + // NOTE: The masks perform the key "clamping" implicitly + r0 = t0 & 0x03FFFFFFU; + r1 = ((t0 >> 26) | (t1 << 6)) & 0x03FFFF03U; + r2 = ((t1 >> 20) | (t2 << 12)) & 0x03FFC0FFU; + r3 = ((t2 >> 14) | (t3 << 18)) & 0x03F03FFFU; + r4 = (t3 >> 8) & 0x000FFFFFU; + + // Precompute multipliers + s1 = r1 * 5; + s2 = r2 * 5; + s3 = r3 * 5; + s4 = r4 * 5; + + byte[] kBytes; + int kOff; + + if (cipher == null) + { + kBytes = key; + kOff = BlockSize; + } + else + { + // Compute encrypted nonce + kBytes = new byte[BlockSize]; + kOff = 0; + + cipher.Init(true, new KeyParameter(key, BlockSize, BlockSize)); + cipher.ProcessBlock(nonce, 0, kBytes, 0); + } + + k0 = Pack.LE_To_UInt32(kBytes, kOff + 0); + k1 = Pack.LE_To_UInt32(kBytes, kOff + 4); + k2 = Pack.LE_To_UInt32(kBytes, kOff + 8); + k3 = Pack.LE_To_UInt32(kBytes, kOff + 12); + } + + public string AlgorithmName + { + get { return cipher == null ? "Poly1305" : "Poly1305-" + cipher.AlgorithmName; } + } + + public int GetMacSize() + { + return BlockSize; + } + + public void Update(byte input) + { + singleByte[0] = input; + BlockUpdate(singleByte, 0, 1); + } + + public void BlockUpdate(byte[] input, int inOff, int len) + { + int copied = 0; + while (len > copied) + { + if (currentBlockOffset == BlockSize) + { + ProcessBlock(); + currentBlockOffset = 0; + } + + int toCopy = System.Math.Min((len - copied), BlockSize - currentBlockOffset); + Array.Copy(input, copied + inOff, currentBlock, currentBlockOffset, toCopy); + copied += toCopy; + currentBlockOffset += toCopy; + } + + } + + private void ProcessBlock() + { + if (currentBlockOffset < BlockSize) + { + currentBlock[currentBlockOffset] = 1; + for (int i = currentBlockOffset + 1; i < BlockSize; i++) + { + currentBlock[i] = 0; + } + } + + ulong t0 = Pack.LE_To_UInt32(currentBlock, 0); + ulong t1 = Pack.LE_To_UInt32(currentBlock, 4); + ulong t2 = Pack.LE_To_UInt32(currentBlock, 8); + ulong t3 = Pack.LE_To_UInt32(currentBlock, 12); + + h0 += (uint)(t0 & 0x3ffffffU); + h1 += (uint)((((t1 << 32) | t0) >> 26) & 0x3ffffff); + h2 += (uint)((((t2 << 32) | t1) >> 20) & 0x3ffffff); + h3 += (uint)((((t3 << 32) | t2) >> 14) & 0x3ffffff); + h4 += (uint)(t3 >> 8); + + if (currentBlockOffset == BlockSize) + { + h4 += (1 << 24); + } + + ulong tp0 = mul32x32_64(h0,r0) + mul32x32_64(h1,s4) + mul32x32_64(h2,s3) + mul32x32_64(h3,s2) + mul32x32_64(h4,s1); + ulong tp1 = mul32x32_64(h0,r1) + mul32x32_64(h1,r0) + mul32x32_64(h2,s4) + mul32x32_64(h3,s3) + mul32x32_64(h4,s2); + ulong tp2 = mul32x32_64(h0,r2) + mul32x32_64(h1,r1) + mul32x32_64(h2,r0) + mul32x32_64(h3,s4) + mul32x32_64(h4,s3); + ulong tp3 = mul32x32_64(h0,r3) + mul32x32_64(h1,r2) + mul32x32_64(h2,r1) + mul32x32_64(h3,r0) + mul32x32_64(h4,s4); + ulong tp4 = mul32x32_64(h0,r4) + mul32x32_64(h1,r3) + mul32x32_64(h2,r2) + mul32x32_64(h3,r1) + mul32x32_64(h4,r0); + + h0 = (uint)tp0 & 0x3ffffff; tp1 += (tp0 >> 26); + h1 = (uint)tp1 & 0x3ffffff; tp2 += (tp1 >> 26); + h2 = (uint)tp2 & 0x3ffffff; tp3 += (tp2 >> 26); + h3 = (uint)tp3 & 0x3ffffff; tp4 += (tp3 >> 26); + h4 = (uint)tp4 & 0x3ffffff; + h0 += (uint)(tp4 >> 26) * 5; + h1 += (h0 >> 26); h0 &= 0x3ffffff; + } + + public int DoFinal(byte[] output, int outOff) + { + Check.DataLength(output, outOff, BlockSize, "Output buffer is too short."); + + if (currentBlockOffset > 0) + { + // Process padded block + ProcessBlock(); + } + + h1 += (h0 >> 26); h0 &= 0x3ffffff; + h2 += (h1 >> 26); h1 &= 0x3ffffff; + h3 += (h2 >> 26); h2 &= 0x3ffffff; + h4 += (h3 >> 26); h3 &= 0x3ffffff; + h0 += (h4 >> 26) * 5; h4 &= 0x3ffffff; + h1 += (h0 >> 26); h0 &= 0x3ffffff; + + uint g0, g1, g2, g3, g4, b; + g0 = h0 + 5; b = g0 >> 26; g0 &= 0x3ffffff; + g1 = h1 + b; b = g1 >> 26; g1 &= 0x3ffffff; + g2 = h2 + b; b = g2 >> 26; g2 &= 0x3ffffff; + g3 = h3 + b; b = g3 >> 26; g3 &= 0x3ffffff; + g4 = h4 + b - (1 << 26); + + b = (g4 >> 31) - 1; + uint nb = ~b; + h0 = (h0 & nb) | (g0 & b); + h1 = (h1 & nb) | (g1 & b); + h2 = (h2 & nb) | (g2 & b); + h3 = (h3 & nb) | (g3 & b); + h4 = (h4 & nb) | (g4 & b); + + ulong f0, f1, f2, f3; + f0 = ((h0 ) | (h1 << 26)) + (ulong)k0; + f1 = ((h1 >> 6 ) | (h2 << 20)) + (ulong)k1; + f2 = ((h2 >> 12) | (h3 << 14)) + (ulong)k2; + f3 = ((h3 >> 18) | (h4 << 8 )) + (ulong)k3; + + Pack.UInt32_To_LE((uint)f0, output, outOff); + f1 += (f0 >> 32); + Pack.UInt32_To_LE((uint)f1, output, outOff + 4); + f2 += (f1 >> 32); + Pack.UInt32_To_LE((uint)f2, output, outOff + 8); + f3 += (f2 >> 32); + Pack.UInt32_To_LE((uint)f3, output, outOff + 12); + + Reset(); + return BlockSize; + } + + public void Reset() + { + currentBlockOffset = 0; + + h0 = h1 = h2 = h3 = h4 = 0; + } + + private static ulong mul32x32_64(uint i1, uint i2) + { + return ((ulong)i1) * i2; + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/macs/SipHash.cs b/BouncyCastle/crypto/src/crypto/macs/SipHash.cs new file mode 100644 index 0000000..e1a19fa --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/macs/SipHash.cs @@ -0,0 +1,199 @@ +using System; + +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Crypto.Utilities; + +namespace Org.BouncyCastle.Crypto.Macs +{ + /// + /// Implementation of SipHash as specified in "SipHash: a fast short-input PRF", by Jean-Philippe + /// Aumasson and Daniel J. Bernstein (https://131002.net/siphash/siphash.pdf). + /// + /// + /// "SipHash is a family of PRFs SipHash-c-d where the integer parameters c and d are the number of + /// compression rounds and the number of finalization rounds. A compression round is identical to a + /// finalization round and this round function is called SipRound. Given a 128-bit key k and a + /// (possibly empty) byte string m, SipHash-c-d returns a 64-bit value..." + /// + public class SipHash + : IMac + { + protected readonly int c, d; + + protected long k0, k1; + protected long v0, v1, v2, v3; + + protected long m = 0; + protected int wordPos = 0; + protected int wordCount = 0; + + /// SipHash-2-4 + public SipHash() + : this(2, 4) + { + } + + /// SipHash-c-d + /// the number of compression rounds + /// the number of finalization rounds + public SipHash(int c, int d) + { + this.c = c; + this.d = d; + } + + public virtual string AlgorithmName + { + get { return "SipHash-" + c + "-" + d; } + } + + public virtual int GetMacSize() + { + return 8; + } + + public virtual void Init(ICipherParameters parameters) + { + KeyParameter keyParameter = parameters as KeyParameter; + if (keyParameter == null) + throw new ArgumentException("must be an instance of KeyParameter", "parameters"); + byte[] key = keyParameter.GetKey(); + if (key.Length != 16) + throw new ArgumentException("must be a 128-bit key", "parameters"); + + this.k0 = (long)Pack.LE_To_UInt64(key, 0); + this.k1 = (long)Pack.LE_To_UInt64(key, 8); + + Reset(); + } + + public virtual void Update(byte input) + { + m = (long)(((ulong)m >> 8) | ((ulong)input << 56)); + + if (++wordPos == 8) + { + ProcessMessageWord(); + wordPos = 0; + } + } + + public virtual void BlockUpdate(byte[] input, int offset, int length) + { + int i = 0, fullWords = length & ~7; + if (wordPos == 0) + { + for (; i < fullWords; i += 8) + { + m = (long)Pack.LE_To_UInt64(input, offset + i); + ProcessMessageWord(); + } + for (; i < length; ++i) + { + m = (long)(((ulong)m >> 8) | ((ulong)input[offset + i] << 56)); + } + wordPos = length - fullWords; + } + else + { + int bits = wordPos << 3; + for (; i < fullWords; i += 8) + { + ulong n = Pack.LE_To_UInt64(input, offset + i); + m = (long)((n << bits) | ((ulong)m >> -bits)); + ProcessMessageWord(); + m = (long)n; + } + for (; i < length; ++i) + { + m = (long)(((ulong)m >> 8) | ((ulong)input[offset + i] << 56)); + + if (++wordPos == 8) + { + ProcessMessageWord(); + wordPos = 0; + } + } + } + } + + public virtual long DoFinal() + { + // NOTE: 2 distinct shifts to avoid "64-bit shift" when wordPos == 0 + m = (long)((ulong)m >> ((7 - wordPos) << 3)); + m = (long)((ulong)m >> 8); + m = (long)((ulong)m | ((ulong)((wordCount << 3) + wordPos) << 56)); + + ProcessMessageWord(); + + v2 ^= 0xffL; + + ApplySipRounds(d); + + long result = v0 ^ v1 ^ v2 ^ v3; + + Reset(); + + return result; + } + + public virtual int DoFinal(byte[] output, int outOff) + { + long result = DoFinal(); + Pack.UInt64_To_LE((ulong)result, output, outOff); + return 8; + } + + public virtual void Reset() + { + v0 = k0 ^ 0x736f6d6570736575L; + v1 = k1 ^ 0x646f72616e646f6dL; + v2 = k0 ^ 0x6c7967656e657261L; + v3 = k1 ^ 0x7465646279746573L; + + m = 0; + wordPos = 0; + wordCount = 0; + } + + protected virtual void ProcessMessageWord() + { + ++wordCount; + v3 ^= m; + ApplySipRounds(c); + v0 ^= m; + } + + protected virtual void ApplySipRounds(int n) + { + long r0 = v0, r1 = v1, r2 = v2, r3 = v3; + + for (int r = 0; r < n; ++r) + { + r0 += r1; + r2 += r3; + r1 = RotateLeft(r1, 13); + r3 = RotateLeft(r3, 16); + r1 ^= r0; + r3 ^= r2; + r0 = RotateLeft(r0, 32); + r2 += r1; + r0 += r3; + r1 = RotateLeft(r1, 17); + r3 = RotateLeft(r3, 21); + r1 ^= r2; + r3 ^= r0; + r2 = RotateLeft(r2, 32); + } + + v0 = r0; v1 = r1; v2 = r2; v3 = r3; + } + + protected static long RotateLeft(long x, int n) + { + ulong ux = (ulong)x; + ux = (ux << n) | (ux >> -n); + return (long)ux; + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/macs/SkeinMac.cs b/BouncyCastle/crypto/src/crypto/macs/SkeinMac.cs new file mode 100644 index 0000000..07eff24 --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/macs/SkeinMac.cs @@ -0,0 +1,118 @@ +using System; + +using Org.BouncyCastle.Crypto.Digests; +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Crypto.Utilities; +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Crypto.Macs +{ + + /// + /// Implementation of the Skein parameterised MAC function in 256, 512 and 1024 bit block sizes, + /// based on the Threefish tweakable block cipher. + /// + /// + /// This is the 1.3 version of Skein defined in the Skein hash function submission to the NIST SHA-3 + /// competition in October 2010. + ///

+ /// Skein was designed by Niels Ferguson - Stefan Lucks - Bruce Schneier - Doug Whiting - Mihir + /// Bellare - Tadayoshi Kohno - Jon Callas - Jesse Walker. + /// + /// + /// + public class SkeinMac + : IMac + { + ///

+ /// 256 bit block size - Skein-256 + /// + public const int SKEIN_256 = SkeinEngine.SKEIN_256; + /// + /// 512 bit block size - Skein-512 + /// + public const int SKEIN_512 = SkeinEngine.SKEIN_512; + /// + /// 1024 bit block size - Skein-1024 + /// + public const int SKEIN_1024 = SkeinEngine.SKEIN_1024; + + private readonly SkeinEngine engine; + + /// + /// Constructs a Skein MAC with an internal state size and output size. + /// + /// the internal state size in bits - one of or + /// . + /// the output/MAC size to produce in bits, which must be an integral number of + /// bytes. + public SkeinMac(int stateSizeBits, int digestSizeBits) + { + this.engine = new SkeinEngine(stateSizeBits, digestSizeBits); + } + + public SkeinMac(SkeinMac mac) + { + this.engine = new SkeinEngine(mac.engine); + } + + public string AlgorithmName + { + get { return "Skein-MAC-" + (engine.BlockSize * 8) + "-" + (engine.OutputSize * 8); } + } + + /// + /// Optionally initialises the Skein digest with the provided parameters. + /// + /// See for details on the parameterisation of the Skein hash function. + /// the parameters to apply to this engine, or null to use no parameters. + public void Init(ICipherParameters parameters) + { + SkeinParameters skeinParameters; + if (parameters is SkeinParameters) + { + skeinParameters = (SkeinParameters)parameters; + } + else if (parameters is KeyParameter) + { + skeinParameters = new SkeinParameters.Builder().SetKey(((KeyParameter)parameters).GetKey()).Build(); + } + else + { + throw new ArgumentException("Invalid parameter passed to Skein MAC init - " + + Platform.GetTypeName(parameters)); + } + if (skeinParameters.GetKey() == null) + { + throw new ArgumentException("Skein MAC requires a key parameter."); + } + engine.Init(skeinParameters); + } + + public int GetMacSize() + { + return engine.OutputSize; + } + + public void Reset() + { + engine.Reset(); + } + + public void Update(byte inByte) + { + engine.Update(inByte); + } + + public void BlockUpdate(byte[] input, int inOff, int len) + { + engine.Update(input, inOff, len); + } + + public int DoFinal(byte[] output, int outOff) + { + return engine.DoFinal(output, outOff); + } + + } +} diff --git a/BouncyCastle/crypto/src/crypto/macs/VMPCMac.cs b/BouncyCastle/crypto/src/crypto/macs/VMPCMac.cs new file mode 100644 index 0000000..6f2da07 --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/macs/VMPCMac.cs @@ -0,0 +1,173 @@ +using System; + +using Org.BouncyCastle.Crypto.Parameters; + +namespace Org.BouncyCastle.Crypto.Macs +{ + public class VmpcMac + : IMac + { + private byte g; + + private byte n = 0; + private byte[] P = null; + private byte s = 0; + + private byte[] T; + private byte[] workingIV; + + private byte[] workingKey; + + private byte x1, x2, x3, x4; + + public virtual int DoFinal(byte[] output, int outOff) + { + // Execute the Post-Processing Phase + for (int r = 1; r < 25; r++) + { + s = P[(s + P[n & 0xff]) & 0xff]; + + x4 = P[(x4 + x3 + r) & 0xff]; + x3 = P[(x3 + x2 + r) & 0xff]; + x2 = P[(x2 + x1 + r) & 0xff]; + x1 = P[(x1 + s + r) & 0xff]; + T[g & 0x1f] = (byte) (T[g & 0x1f] ^ x1); + T[(g + 1) & 0x1f] = (byte) (T[(g + 1) & 0x1f] ^ x2); + T[(g + 2) & 0x1f] = (byte) (T[(g + 2) & 0x1f] ^ x3); + T[(g + 3) & 0x1f] = (byte) (T[(g + 3) & 0x1f] ^ x4); + g = (byte) ((g + 4) & 0x1f); + + byte temp = P[n & 0xff]; + P[n & 0xff] = P[s & 0xff]; + P[s & 0xff] = temp; + n = (byte) ((n + 1) & 0xff); + } + + // Input T to the IV-phase of the VMPC KSA + for (int m = 0; m < 768; m++) + { + s = P[(s + P[m & 0xff] + T[m & 0x1f]) & 0xff]; + byte temp = P[m & 0xff]; + P[m & 0xff] = P[s & 0xff]; + P[s & 0xff] = temp; + } + + // Store 20 new outputs of the VMPC Stream Cipher input table M + byte[] M = new byte[20]; + for (int i = 0; i < 20; i++) + { + s = P[(s + P[i & 0xff]) & 0xff]; + M[i] = P[(P[(P[s & 0xff]) & 0xff] + 1) & 0xff]; + + byte temp = P[i & 0xff]; + P[i & 0xff] = P[s & 0xff]; + P[s & 0xff] = temp; + } + + Array.Copy(M, 0, output, outOff, M.Length); + Reset(); + + return M.Length; + } + + public virtual string AlgorithmName + { + get { return "VMPC-MAC"; } + } + + public virtual int GetMacSize() + { + return 20; + } + + public virtual void Init(ICipherParameters parameters) + { + if (!(parameters is ParametersWithIV)) + throw new ArgumentException("VMPC-MAC Init parameters must include an IV", "parameters"); + + ParametersWithIV ivParams = (ParametersWithIV) parameters; + KeyParameter key = (KeyParameter) ivParams.Parameters; + + if (!(ivParams.Parameters is KeyParameter)) + throw new ArgumentException("VMPC-MAC Init parameters must include a key", "parameters"); + + this.workingIV = ivParams.GetIV(); + + if (workingIV == null || workingIV.Length < 1 || workingIV.Length > 768) + throw new ArgumentException("VMPC-MAC requires 1 to 768 bytes of IV", "parameters"); + + this.workingKey = key.GetKey(); + + Reset(); + + } + + private void initKey(byte[] keyBytes, byte[] ivBytes) + { + s = 0; + P = new byte[256]; + for (int i = 0; i < 256; i++) + { + P[i] = (byte) i; + } + for (int m = 0; m < 768; m++) + { + s = P[(s + P[m & 0xff] + keyBytes[m % keyBytes.Length]) & 0xff]; + byte temp = P[m & 0xff]; + P[m & 0xff] = P[s & 0xff]; + P[s & 0xff] = temp; + } + for (int m = 0; m < 768; m++) + { + s = P[(s + P[m & 0xff] + ivBytes[m % ivBytes.Length]) & 0xff]; + byte temp = P[m & 0xff]; + P[m & 0xff] = P[s & 0xff]; + P[s & 0xff] = temp; + } + n = 0; + } + + public virtual void Reset() + { + initKey(this.workingKey, this.workingIV); + g = x1 = x2 = x3 = x4 = n = 0; + T = new byte[32]; + for (int i = 0; i < 32; i++) + { + T[i] = 0; + } + } + + public virtual void Update(byte input) + { + s = P[(s + P[n & 0xff]) & 0xff]; + byte c = (byte) (input ^ P[(P[(P[s & 0xff]) & 0xff] + 1) & 0xff]); + + x4 = P[(x4 + x3) & 0xff]; + x3 = P[(x3 + x2) & 0xff]; + x2 = P[(x2 + x1) & 0xff]; + x1 = P[(x1 + s + c) & 0xff]; + T[g & 0x1f] = (byte) (T[g & 0x1f] ^ x1); + T[(g + 1) & 0x1f] = (byte) (T[(g + 1) & 0x1f] ^ x2); + T[(g + 2) & 0x1f] = (byte) (T[(g + 2) & 0x1f] ^ x3); + T[(g + 3) & 0x1f] = (byte) (T[(g + 3) & 0x1f] ^ x4); + g = (byte) ((g + 4) & 0x1f); + + byte temp = P[n & 0xff]; + P[n & 0xff] = P[s & 0xff]; + P[s & 0xff] = temp; + n = (byte) ((n + 1) & 0xff); + } + + public virtual void BlockUpdate(byte[] input, int inOff, int len) + { + if ((inOff + len) > input.Length) + throw new DataLengthException("input buffer too short"); + + for (int i = 0; i < len; i++) + { + Update(input[inOff + i]); + } + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/modes/CbcBlockCipher.cs b/BouncyCastle/crypto/src/crypto/modes/CbcBlockCipher.cs new file mode 100644 index 0000000..9345fd8 --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/modes/CbcBlockCipher.cs @@ -0,0 +1,241 @@ +using System; + +using Org.BouncyCastle.Crypto.Parameters; + +namespace Org.BouncyCastle.Crypto.Modes +{ + /** + * implements Cipher-Block-Chaining (CBC) mode on top of a simple cipher. + */ + public class CbcBlockCipher + : IBlockCipher + { + private byte[] IV, cbcV, cbcNextV; + private int blockSize; + private IBlockCipher cipher; + private bool encrypting; + + /** + * Basic constructor. + * + * @param cipher the block cipher to be used as the basis of chaining. + */ + public CbcBlockCipher( + IBlockCipher cipher) + { + this.cipher = cipher; + this.blockSize = cipher.GetBlockSize(); + + this.IV = new byte[blockSize]; + this.cbcV = new byte[blockSize]; + this.cbcNextV = new byte[blockSize]; + } + + /** + * return the underlying block cipher that we are wrapping. + * + * @return the underlying block cipher that we are wrapping. + */ + public IBlockCipher GetUnderlyingCipher() + { + return cipher; + } + + /** + * Initialise the cipher and, possibly, the initialisation vector (IV). + * If an IV isn't passed as part of the parameter, the IV will be all zeros. + * + * @param forEncryption if true the cipher is initialised for + * encryption, if false for decryption. + * @param param the key and other data required by the cipher. + * @exception ArgumentException if the parameters argument is + * inappropriate. + */ + public void Init( + bool forEncryption, + ICipherParameters parameters) + { + bool oldEncrypting = this.encrypting; + + this.encrypting = forEncryption; + + if (parameters is ParametersWithIV) + { + ParametersWithIV ivParam = (ParametersWithIV)parameters; + byte[] iv = ivParam.GetIV(); + + if (iv.Length != blockSize) + { + throw new ArgumentException("initialisation vector must be the same length as block size"); + } + + Array.Copy(iv, 0, IV, 0, iv.Length); + + parameters = ivParam.Parameters; + } + + Reset(); + + // if null it's an IV changed only. + if (parameters != null) + { + cipher.Init(encrypting, parameters); + } + else if (oldEncrypting != encrypting) + { + throw new ArgumentException("cannot change encrypting state without providing key."); + } + } + + /** + * return the algorithm name and mode. + * + * @return the name of the underlying algorithm followed by "/CBC". + */ + public string AlgorithmName + { + get { return cipher.AlgorithmName + "/CBC"; } + } + + public bool IsPartialBlockOkay + { + get { return false; } + } + + /** + * return the block size of the underlying cipher. + * + * @return the block size of the underlying cipher. + */ + public int GetBlockSize() + { + return cipher.GetBlockSize(); + } + + /** + * Process one block of input from the array in and write it to + * the out array. + * + * @param in the array containing the input data. + * @param inOff offset into the in array the data starts at. + * @param out the array the output data will be copied into. + * @param outOff the offset into the out array the output will start at. + * @exception DataLengthException if there isn't enough data in in, or + * space in out. + * @exception InvalidOperationException if the cipher isn't initialised. + * @return the number of bytes processed and produced. + */ + public int ProcessBlock( + byte[] input, + int inOff, + byte[] output, + int outOff) + { + return (encrypting) + ? EncryptBlock(input, inOff, output, outOff) + : DecryptBlock(input, inOff, output, outOff); + } + + /** + * reset the chaining vector back to the IV and reset the underlying + * cipher. + */ + public void Reset() + { + Array.Copy(IV, 0, cbcV, 0, IV.Length); + Array.Clear(cbcNextV, 0, cbcNextV.Length); + + cipher.Reset(); + } + + /** + * Do the appropriate chaining step for CBC mode encryption. + * + * @param in the array containing the data to be encrypted. + * @param inOff offset into the in array the data starts at. + * @param out the array the encrypted data will be copied into. + * @param outOff the offset into the out array the output will start at. + * @exception DataLengthException if there isn't enough data in in, or + * space in out. + * @exception InvalidOperationException if the cipher isn't initialised. + * @return the number of bytes processed and produced. + */ + private int EncryptBlock( + byte[] input, + int inOff, + byte[] outBytes, + int outOff) + { + if ((inOff + blockSize) > input.Length) + { + throw new DataLengthException("input buffer too short"); + } + + /* + * XOR the cbcV and the input, + * then encrypt the cbcV + */ + for (int i = 0; i < blockSize; i++) + { + cbcV[i] ^= input[inOff + i]; + } + + int length = cipher.ProcessBlock(cbcV, 0, outBytes, outOff); + + /* + * copy ciphertext to cbcV + */ + Array.Copy(outBytes, outOff, cbcV, 0, cbcV.Length); + + return length; + } + + /** + * Do the appropriate chaining step for CBC mode decryption. + * + * @param in the array containing the data to be decrypted. + * @param inOff offset into the in array the data starts at. + * @param out the array the decrypted data will be copied into. + * @param outOff the offset into the out array the output will start at. + * @exception DataLengthException if there isn't enough data in in, or + * space in out. + * @exception InvalidOperationException if the cipher isn't initialised. + * @return the number of bytes processed and produced. + */ + private int DecryptBlock( + byte[] input, + int inOff, + byte[] outBytes, + int outOff) + { + if ((inOff + blockSize) > input.Length) + { + throw new DataLengthException("input buffer too short"); + } + + Array.Copy(input, inOff, cbcNextV, 0, blockSize); + + int length = cipher.ProcessBlock(input, inOff, outBytes, outOff); + + /* + * XOR the cbcV and the output + */ + for (int i = 0; i < blockSize; i++) + { + outBytes[outOff + i] ^= cbcV[i]; + } + + /* + * swap the back up buffer into next position + */ + byte[] tmp; + + tmp = cbcV; + cbcV = cbcNextV; + cbcNextV = tmp; + + return length; + } + } + +} diff --git a/BouncyCastle/crypto/src/crypto/modes/CcmBlockCipher.cs b/BouncyCastle/crypto/src/crypto/modes/CcmBlockCipher.cs new file mode 100644 index 0000000..2981fdc --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/modes/CcmBlockCipher.cs @@ -0,0 +1,455 @@ +using System; +using System.IO; + +using Org.BouncyCastle.Crypto; +using Org.BouncyCastle.Crypto.Macs; +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Crypto.Modes +{ + /** + * Implements the Counter with Cipher Block Chaining mode (CCM) detailed in + * NIST Special Publication 800-38C. + *

+ * Note: this mode is a packet mode - it needs all the data up front. + *

+ */ + public class CcmBlockCipher + : IAeadBlockCipher + { + private static readonly int BlockSize = 16; + + private readonly IBlockCipher cipher; + private readonly byte[] macBlock; + private bool forEncryption; + private byte[] nonce; + private byte[] initialAssociatedText; + private int macSize; + private ICipherParameters keyParam; + private readonly MemoryStream associatedText = new MemoryStream(); + private readonly MemoryStream data = new MemoryStream(); + + /** + * Basic constructor. + * + * @param cipher the block cipher to be used. + */ + public CcmBlockCipher( + IBlockCipher cipher) + { + this.cipher = cipher; + this.macBlock = new byte[BlockSize]; + + if (cipher.GetBlockSize() != BlockSize) + throw new ArgumentException("cipher required with a block size of " + BlockSize + "."); + } + + /** + * return the underlying block cipher that we are wrapping. + * + * @return the underlying block cipher that we are wrapping. + */ + public virtual IBlockCipher GetUnderlyingCipher() + { + return cipher; + } + + public virtual void Init( + bool forEncryption, + ICipherParameters parameters) + { + this.forEncryption = forEncryption; + + ICipherParameters cipherParameters; + if (parameters is AeadParameters) + { + AeadParameters param = (AeadParameters) parameters; + + nonce = param.GetNonce(); + initialAssociatedText = param.GetAssociatedText(); + macSize = GetMacSize(forEncryption, param.MacSize); + cipherParameters = param.Key; + } + else if (parameters is ParametersWithIV) + { + ParametersWithIV param = (ParametersWithIV) parameters; + + nonce = param.GetIV(); + initialAssociatedText = null; + macSize = GetMacSize(forEncryption, 64); + cipherParameters = param.Parameters; + } + else + { + throw new ArgumentException("invalid parameters passed to CCM"); + } + + // NOTE: Very basic support for key re-use, but no performance gain from it + if (cipherParameters != null) + { + keyParam = cipherParameters; + } + + if (nonce == null || nonce.Length < 7 || nonce.Length > 13) + throw new ArgumentException("nonce must have length from 7 to 13 octets"); + + Reset(); + } + + public virtual string AlgorithmName + { + get { return cipher.AlgorithmName + "/CCM"; } + } + + public virtual int GetBlockSize() + { + return cipher.GetBlockSize(); + } + + public virtual void ProcessAadByte(byte input) + { + associatedText.WriteByte(input); + } + + public virtual void ProcessAadBytes(byte[] inBytes, int inOff, int len) + { + // TODO: Process AAD online + associatedText.Write(inBytes, inOff, len); + } + + public virtual int ProcessByte( + byte input, + byte[] outBytes, + int outOff) + { + data.WriteByte(input); + + return 0; + } + + public virtual int ProcessBytes( + byte[] inBytes, + int inOff, + int inLen, + byte[] outBytes, + int outOff) + { + Check.DataLength(inBytes, inOff, inLen, "Input buffer too short"); + + data.Write(inBytes, inOff, inLen); + + return 0; + } + + public virtual int DoFinal( + byte[] outBytes, + int outOff) + { +#if PORTABLE + byte[] input = data.ToArray(); + int inLen = input.Length; +#else + byte[] input = data.GetBuffer(); + int inLen = (int)data.Position; +#endif + + int len = ProcessPacket(input, 0, inLen, outBytes, outOff); + + Reset(); + + return len; + } + + public virtual void Reset() + { + cipher.Reset(); + associatedText.SetLength(0); + data.SetLength(0); + } + + /** + * Returns a byte array containing the mac calculated as part of the + * last encrypt or decrypt operation. + * + * @return the last mac calculated. + */ + public virtual byte[] GetMac() + { + return Arrays.CopyOfRange(macBlock, 0, macSize); + } + + public virtual int GetUpdateOutputSize( + int len) + { + return 0; + } + + public virtual int GetOutputSize( + int len) + { + int totalData = (int)data.Length + len; + + if (forEncryption) + { + return totalData + macSize; + } + + return totalData < macSize ? 0 : totalData - macSize; + } + + /** + * Process a packet of data for either CCM decryption or encryption. + * + * @param in data for processing. + * @param inOff offset at which data starts in the input array. + * @param inLen length of the data in the input array. + * @return a byte array containing the processed input.. + * @throws IllegalStateException if the cipher is not appropriately set up. + * @throws InvalidCipherTextException if the input data is truncated or the mac check fails. + */ + public virtual byte[] ProcessPacket(byte[] input, int inOff, int inLen) + { + byte[] output; + + if (forEncryption) + { + output = new byte[inLen + macSize]; + } + else + { + if (inLen < macSize) + throw new InvalidCipherTextException("data too short"); + + output = new byte[inLen - macSize]; + } + + ProcessPacket(input, inOff, inLen, output, 0); + + return output; + } + + /** + * Process a packet of data for either CCM decryption or encryption. + * + * @param in data for processing. + * @param inOff offset at which data starts in the input array. + * @param inLen length of the data in the input array. + * @param output output array. + * @param outOff offset into output array to start putting processed bytes. + * @return the number of bytes added to output. + * @throws IllegalStateException if the cipher is not appropriately set up. + * @throws InvalidCipherTextException if the input data is truncated or the mac check fails. + * @throws DataLengthException if output buffer too short. + */ + public virtual int ProcessPacket(byte[] input, int inOff, int inLen, byte[] output, int outOff) + { + // TODO: handle null keyParam (e.g. via RepeatedKeySpec) + // Need to keep the CTR and CBC Mac parts around and reset + if (keyParam == null) + throw new InvalidOperationException("CCM cipher unitialized."); + + int n = nonce.Length; + int q = 15 - n; + if (q < 4) + { + int limitLen = 1 << (8 * q); + if (inLen >= limitLen) + throw new InvalidOperationException("CCM packet too large for choice of q."); + } + + byte[] iv = new byte[BlockSize]; + iv[0] = (byte)((q - 1) & 0x7); + nonce.CopyTo(iv, 1); + + IBlockCipher ctrCipher = new SicBlockCipher(cipher); + ctrCipher.Init(forEncryption, new ParametersWithIV(keyParam, iv)); + + int outputLen; + int inIndex = inOff; + int outIndex = outOff; + + if (forEncryption) + { + outputLen = inLen + macSize; + Check.OutputLength(output, outOff, outputLen, "Output buffer too short."); + + CalculateMac(input, inOff, inLen, macBlock); + + byte[] encMac = new byte[BlockSize]; + ctrCipher.ProcessBlock(macBlock, 0, encMac, 0); // S0 + + while (inIndex < (inOff + inLen - BlockSize)) // S1... + { + ctrCipher.ProcessBlock(input, inIndex, output, outIndex); + outIndex += BlockSize; + inIndex += BlockSize; + } + + byte[] block = new byte[BlockSize]; + + Array.Copy(input, inIndex, block, 0, inLen + inOff - inIndex); + + ctrCipher.ProcessBlock(block, 0, block, 0); + + Array.Copy(block, 0, output, outIndex, inLen + inOff - inIndex); + + Array.Copy(encMac, 0, output, outOff + inLen, macSize); + } + else + { + if (inLen < macSize) + throw new InvalidCipherTextException("data too short"); + + outputLen = inLen - macSize; + Check.OutputLength(output, outOff, outputLen, "Output buffer too short."); + + Array.Copy(input, inOff + outputLen, macBlock, 0, macSize); + + ctrCipher.ProcessBlock(macBlock, 0, macBlock, 0); + + for (int i = macSize; i != macBlock.Length; i++) + { + macBlock[i] = 0; + } + + while (inIndex < (inOff + outputLen - BlockSize)) + { + ctrCipher.ProcessBlock(input, inIndex, output, outIndex); + outIndex += BlockSize; + inIndex += BlockSize; + } + + byte[] block = new byte[BlockSize]; + + Array.Copy(input, inIndex, block, 0, outputLen - (inIndex - inOff)); + + ctrCipher.ProcessBlock(block, 0, block, 0); + + Array.Copy(block, 0, output, outIndex, outputLen - (inIndex - inOff)); + + byte[] calculatedMacBlock = new byte[BlockSize]; + + CalculateMac(output, outOff, outputLen, calculatedMacBlock); + + if (!Arrays.ConstantTimeAreEqual(macBlock, calculatedMacBlock)) + throw new InvalidCipherTextException("mac check in CCM failed"); + } + + return outputLen; + } + + private int CalculateMac(byte[] data, int dataOff, int dataLen, byte[] macBlock) + { + IMac cMac = new CbcBlockCipherMac(cipher, macSize * 8); + + cMac.Init(keyParam); + + // + // build b0 + // + byte[] b0 = new byte[16]; + + if (HasAssociatedText()) + { + b0[0] |= 0x40; + } + + b0[0] |= (byte)((((cMac.GetMacSize() - 2) / 2) & 0x7) << 3); + + b0[0] |= (byte)(((15 - nonce.Length) - 1) & 0x7); + + Array.Copy(nonce, 0, b0, 1, nonce.Length); + + int q = dataLen; + int count = 1; + while (q > 0) + { + b0[b0.Length - count] = (byte)(q & 0xff); + q >>= 8; + count++; + } + + cMac.BlockUpdate(b0, 0, b0.Length); + + // + // process associated text + // + if (HasAssociatedText()) + { + int extra; + + int textLength = GetAssociatedTextLength(); + if (textLength < ((1 << 16) - (1 << 8))) + { + cMac.Update((byte)(textLength >> 8)); + cMac.Update((byte)textLength); + + extra = 2; + } + else // can't go any higher than 2^32 + { + cMac.Update((byte)0xff); + cMac.Update((byte)0xfe); + cMac.Update((byte)(textLength >> 24)); + cMac.Update((byte)(textLength >> 16)); + cMac.Update((byte)(textLength >> 8)); + cMac.Update((byte)textLength); + + extra = 6; + } + + if (initialAssociatedText != null) + { + cMac.BlockUpdate(initialAssociatedText, 0, initialAssociatedText.Length); + } + if (associatedText.Position > 0) + { +#if PORTABLE + byte[] input = associatedText.ToArray(); + int len = input.Length; +#else + byte[] input = associatedText.GetBuffer(); + int len = (int)associatedText.Position; +#endif + + cMac.BlockUpdate(input, 0, len); + } + + extra = (extra + textLength) % 16; + if (extra != 0) + { + for (int i = extra; i < 16; ++i) + { + cMac.Update((byte)0x00); + } + } + } + + // + // add the text + // + cMac.BlockUpdate(data, dataOff, dataLen); + + return cMac.DoFinal(macBlock, 0); + } + + private int GetMacSize(bool forEncryption, int requestedMacBits) + { + if (forEncryption && (requestedMacBits < 32 || requestedMacBits > 128 || 0 != (requestedMacBits & 15))) + throw new ArgumentException("tag length in octets must be one of {4,6,8,10,12,14,16}"); + + return requestedMacBits >> 3; + } + + private int GetAssociatedTextLength() + { + return (int)associatedText.Length + ((initialAssociatedText == null) ? 0 : initialAssociatedText.Length); + } + + private bool HasAssociatedText() + { + return GetAssociatedTextLength() > 0; + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/modes/CfbBlockCipher.cs b/BouncyCastle/crypto/src/crypto/modes/CfbBlockCipher.cs new file mode 100644 index 0000000..ed0be40 --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/modes/CfbBlockCipher.cs @@ -0,0 +1,227 @@ +using System; + +using Org.BouncyCastle.Crypto.Parameters; + +namespace Org.BouncyCastle.Crypto.Modes +{ + /** + * implements a Cipher-FeedBack (CFB) mode on top of a simple cipher. + */ + public class CfbBlockCipher + : IBlockCipher + { + private byte[] IV; + private byte[] cfbV; + private byte[] cfbOutV; + private bool encrypting; + + private readonly int blockSize; + private readonly IBlockCipher cipher; + + /** + * Basic constructor. + * + * @param cipher the block cipher to be used as the basis of the + * feedback mode. + * @param blockSize the block size in bits (note: a multiple of 8) + */ + public CfbBlockCipher( + IBlockCipher cipher, + int bitBlockSize) + { + if (bitBlockSize < 8 || (bitBlockSize & 7) != 0) + throw new ArgumentException("CFB" + bitBlockSize + " not supported", "bitBlockSize"); + + this.cipher = cipher; + this.blockSize = bitBlockSize / 8; + this.IV = new byte[cipher.GetBlockSize()]; + this.cfbV = new byte[cipher.GetBlockSize()]; + this.cfbOutV = new byte[cipher.GetBlockSize()]; + } + /** + * return the underlying block cipher that we are wrapping. + * + * @return the underlying block cipher that we are wrapping. + */ + public IBlockCipher GetUnderlyingCipher() + { + return cipher; + } + /** + * Initialise the cipher and, possibly, the initialisation vector (IV). + * If an IV isn't passed as part of the parameter, the IV will be all zeros. + * An IV which is too short is handled in FIPS compliant fashion. + * + * @param forEncryption if true the cipher is initialised for + * encryption, if false for decryption. + * @param param the key and other data required by the cipher. + * @exception ArgumentException if the parameters argument is + * inappropriate. + */ + public void Init( + bool forEncryption, + ICipherParameters parameters) + { + this.encrypting = forEncryption; + if (parameters is ParametersWithIV) + { + ParametersWithIV ivParam = (ParametersWithIV) parameters; + byte[] iv = ivParam.GetIV(); + int diff = IV.Length - iv.Length; + Array.Copy(iv, 0, IV, diff, iv.Length); + Array.Clear(IV, 0, diff); + + parameters = ivParam.Parameters; + } + Reset(); + + // if it's null, key is to be reused. + if (parameters != null) + { + cipher.Init(true, parameters); + } + } + + /** + * return the algorithm name and mode. + * + * @return the name of the underlying algorithm followed by "/CFB" + * and the block size in bits. + */ + public string AlgorithmName + { + get { return cipher.AlgorithmName + "/CFB" + (blockSize * 8); } + } + + public bool IsPartialBlockOkay + { + get { return true; } + } + + /** + * return the block size we are operating at. + * + * @return the block size we are operating at (in bytes). + */ + public int GetBlockSize() + { + return blockSize; + } + + /** + * Process one block of input from the array in and write it to + * the out array. + * + * @param in the array containing the input data. + * @param inOff offset into the in array the data starts at. + * @param out the array the output data will be copied into. + * @param outOff the offset into the out array the output will start at. + * @exception DataLengthException if there isn't enough data in in, or + * space in out. + * @exception InvalidOperationException if the cipher isn't initialised. + * @return the number of bytes processed and produced. + */ + public int ProcessBlock( + byte[] input, + int inOff, + byte[] output, + int outOff) + { + return (encrypting) + ? EncryptBlock(input, inOff, output, outOff) + : DecryptBlock(input, inOff, output, outOff); + } + + /** + * Do the appropriate processing for CFB mode encryption. + * + * @param in the array containing the data to be encrypted. + * @param inOff offset into the in array the data starts at. + * @param out the array the encrypted data will be copied into. + * @param outOff the offset into the out array the output will start at. + * @exception DataLengthException if there isn't enough data in in, or + * space in out. + * @exception InvalidOperationException if the cipher isn't initialised. + * @return the number of bytes processed and produced. + */ + public int EncryptBlock( + byte[] input, + int inOff, + byte[] outBytes, + int outOff) + { + if ((inOff + blockSize) > input.Length) + { + throw new DataLengthException("input buffer too short"); + } + if ((outOff + blockSize) > outBytes.Length) + { + throw new DataLengthException("output buffer too short"); + } + cipher.ProcessBlock(cfbV, 0, cfbOutV, 0); + // + // XOR the cfbV with the plaintext producing the ciphertext + // + for (int i = 0; i < blockSize; i++) + { + outBytes[outOff + i] = (byte)(cfbOutV[i] ^ input[inOff + i]); + } + // + // change over the input block. + // + Array.Copy(cfbV, blockSize, cfbV, 0, cfbV.Length - blockSize); + Array.Copy(outBytes, outOff, cfbV, cfbV.Length - blockSize, blockSize); + return blockSize; + } + /** + * Do the appropriate processing for CFB mode decryption. + * + * @param in the array containing the data to be decrypted. + * @param inOff offset into the in array the data starts at. + * @param out the array the encrypted data will be copied into. + * @param outOff the offset into the out array the output will start at. + * @exception DataLengthException if there isn't enough data in in, or + * space in out. + * @exception InvalidOperationException if the cipher isn't initialised. + * @return the number of bytes processed and produced. + */ + public int DecryptBlock( + byte[] input, + int inOff, + byte[] outBytes, + int outOff) + { + if ((inOff + blockSize) > input.Length) + { + throw new DataLengthException("input buffer too short"); + } + if ((outOff + blockSize) > outBytes.Length) + { + throw new DataLengthException("output buffer too short"); + } + cipher.ProcessBlock(cfbV, 0, cfbOutV, 0); + // + // change over the input block. + // + Array.Copy(cfbV, blockSize, cfbV, 0, cfbV.Length - blockSize); + Array.Copy(input, inOff, cfbV, cfbV.Length - blockSize, blockSize); + // + // XOR the cfbV with the ciphertext producing the plaintext + // + for (int i = 0; i < blockSize; i++) + { + outBytes[outOff + i] = (byte)(cfbOutV[i] ^ input[inOff + i]); + } + return blockSize; + } + /** + * reset the chaining vector back to the IV and reset the underlying + * cipher. + */ + public void Reset() + { + Array.Copy(IV, 0, cfbV, 0, IV.Length); + cipher.Reset(); + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/modes/ChaCha20Poly1305.cs b/BouncyCastle/crypto/src/crypto/modes/ChaCha20Poly1305.cs new file mode 100644 index 0000000..6ca32d9 --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/modes/ChaCha20Poly1305.cs @@ -0,0 +1,557 @@ +using System; + +using Org.BouncyCastle.Crypto.Engines; +using Org.BouncyCastle.Crypto.Macs; +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Crypto.Utilities; +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Crypto.Modes +{ + public class ChaCha20Poly1305 + : IAeadCipher + { + private enum State + { + Uninitialized = 0, + EncInit = 1, + EncAad = 2, + EncData = 3, + EncFinal = 4, + DecInit = 5, + DecAad = 6, + DecData = 7, + DecFinal = 8, + } + + private const int BufSize = 64; + private const int KeySize = 32; + private const int NonceSize = 12; + private const int MacSize = 16; + private static readonly byte[] Zeroes = new byte[MacSize - 1]; + + private const ulong AadLimit = ulong.MaxValue; + private const ulong DataLimit = ((1UL << 32) - 1) * 64; + + private readonly ChaCha7539Engine mChacha20; + private readonly IMac mPoly1305; + + private readonly byte[] mKey = new byte[KeySize]; + private readonly byte[] mNonce = new byte[NonceSize]; + private readonly byte[] mBuf = new byte[BufSize + MacSize]; + private readonly byte[] mMac = new byte[MacSize]; + + private byte[] mInitialAad; + + private ulong mAadCount; + private ulong mDataCount; + private State mState = State.Uninitialized; + private int mBufPos; + + public ChaCha20Poly1305() + : this(new Poly1305()) + { + } + + public ChaCha20Poly1305(IMac poly1305) + { + if (null == poly1305) + throw new ArgumentNullException("poly1305"); + if (MacSize != poly1305.GetMacSize()) + throw new ArgumentException("must be a 128-bit MAC", "poly1305"); + + this.mChacha20 = new ChaCha7539Engine(); + this.mPoly1305 = poly1305; + } + + public virtual string AlgorithmName + { + get { return "ChaCha20Poly1305"; } + } + + public virtual void Init(bool forEncryption, ICipherParameters parameters) + { + KeyParameter initKeyParam; + byte[] initNonce; + ICipherParameters chacha20Params; + + if (parameters is AeadParameters) + { + AeadParameters aeadParams = (AeadParameters)parameters; + + int macSizeBits = aeadParams.MacSize; + if ((MacSize * 8) != macSizeBits) + throw new ArgumentException("Invalid value for MAC size: " + macSizeBits); + + initKeyParam = aeadParams.Key; + initNonce = aeadParams.GetNonce(); + chacha20Params = new ParametersWithIV(initKeyParam, initNonce); + + this.mInitialAad = aeadParams.GetAssociatedText(); + } + else if (parameters is ParametersWithIV) + { + ParametersWithIV ivParams = (ParametersWithIV)parameters; + + initKeyParam = (KeyParameter)ivParams.Parameters; + initNonce = ivParams.GetIV(); + chacha20Params = ivParams; + + this.mInitialAad = null; + } + else + { + throw new ArgumentException("invalid parameters passed to ChaCha20Poly1305", "parameters"); + } + + // Validate key + if (null == initKeyParam) + { + if (State.Uninitialized == mState) + throw new ArgumentException("Key must be specified in initial init"); + } + else + { + if (KeySize != initKeyParam.GetKey().Length) + throw new ArgumentException("Key must be 256 bits"); + } + + // Validate nonce + if (null == initNonce || NonceSize != initNonce.Length) + throw new ArgumentException("Nonce must be 96 bits"); + + // Check for encryption with reused nonce + if (State.Uninitialized != mState && forEncryption && Arrays.AreEqual(mNonce, initNonce)) + { + if (null == initKeyParam || Arrays.AreEqual(mKey, initKeyParam.GetKey())) + throw new ArgumentException("cannot reuse nonce for ChaCha20Poly1305 encryption"); + } + + if (null != initKeyParam) + { + Array.Copy(initKeyParam.GetKey(), 0, mKey, 0, KeySize); + } + + Array.Copy(initNonce, 0, mNonce, 0, NonceSize); + + mChacha20.Init(true, chacha20Params); + + this.mState = forEncryption ? State.EncInit : State.DecInit; + + Reset(true, false); + } + + public virtual int GetOutputSize(int len) + { + int total = System.Math.Max(0, len) + mBufPos; + + switch (mState) + { + case State.DecInit: + case State.DecAad: + case State.DecData: + return System.Math.Max(0, total - MacSize); + case State.EncInit: + case State.EncAad: + case State.EncData: + return total + MacSize; + default: + throw new InvalidOperationException(); + } + } + + public virtual int GetUpdateOutputSize(int len) + { + int total = System.Math.Max(0, len) + mBufPos; + + switch (mState) + { + case State.DecInit: + case State.DecAad: + case State.DecData: + total = System.Math.Max(0, total - MacSize); + break; + case State.EncInit: + case State.EncAad: + case State.EncData: + break; + default: + throw new InvalidOperationException(); + } + + return total - (total % BufSize); + } + + public virtual void ProcessAadByte(byte input) + { + CheckAad(); + + this.mAadCount = IncrementCount(mAadCount, 1, AadLimit); + mPoly1305.Update(input); + } + + public virtual void ProcessAadBytes(byte[] inBytes, int inOff, int len) + { + if (null == inBytes) + throw new ArgumentNullException("inBytes"); + if (inOff < 0) + throw new ArgumentException("cannot be negative", "inOff"); + if (len < 0) + throw new ArgumentException("cannot be negative", "len"); + Check.DataLength(inBytes, inOff, len, "input buffer too short"); + + CheckAad(); + + if (len > 0) + { + this.mAadCount = IncrementCount(mAadCount, (uint)len, AadLimit); + mPoly1305.BlockUpdate(inBytes, inOff, len); + } + } + + public virtual int ProcessByte(byte input, byte[] outBytes, int outOff) + { + CheckData(); + + switch (mState) + { + case State.DecData: + { + mBuf[mBufPos] = input; + if (++mBufPos == mBuf.Length) + { + mPoly1305.BlockUpdate(mBuf, 0, BufSize); + ProcessData(mBuf, 0, BufSize, outBytes, outOff); + Array.Copy(mBuf, BufSize, mBuf, 0, MacSize); + this.mBufPos = MacSize; + return BufSize; + } + + return 0; + } + case State.EncData: + { + mBuf[mBufPos] = input; + if (++mBufPos == BufSize) + { + ProcessData(mBuf, 0, BufSize, outBytes, outOff); + mPoly1305.BlockUpdate(outBytes, outOff, BufSize); + this.mBufPos = 0; + return BufSize; + } + + return 0; + } + default: + throw new InvalidOperationException(); + } + } + + public virtual int ProcessBytes(byte[] inBytes, int inOff, int len, byte[] outBytes, int outOff) + { + if (null == inBytes) + throw new ArgumentNullException("inBytes"); + /* + * Following bc-java, we allow null when no output is expected (e.g. based on a + * GetUpdateOutputSize call). + */ + if (null == outBytes) + { + //throw new ArgumentNullException("outBytes"); + } + if (inOff < 0) + throw new ArgumentException("cannot be negative", "inOff"); + if (len < 0) + throw new ArgumentException("cannot be negative", "len"); + Check.DataLength(inBytes, inOff, len, "input buffer too short"); + if (outOff < 0) + throw new ArgumentException("cannot be negative", "outOff"); + + CheckData(); + + int resultLen = 0; + + switch (mState) + { + case State.DecData: + { + for (int i = 0; i < len; ++i) + { + mBuf[mBufPos] = inBytes[inOff + i]; + if (++mBufPos == mBuf.Length) + { + mPoly1305.BlockUpdate(mBuf, 0, BufSize); + ProcessData(mBuf, 0, BufSize, outBytes, outOff + resultLen); + Array.Copy(mBuf, BufSize, mBuf, 0, MacSize); + this.mBufPos = MacSize; + resultLen += BufSize; + } + } + break; + } + case State.EncData: + { + if (mBufPos != 0) + { + while (len > 0) + { + --len; + mBuf[mBufPos] = inBytes[inOff++]; + if (++mBufPos == BufSize) + { + ProcessData(mBuf, 0, BufSize, outBytes, outOff); + mPoly1305.BlockUpdate(outBytes, outOff, BufSize); + this.mBufPos = 0; + resultLen = BufSize; + break; + } + } + } + + while (len >= BufSize) + { + ProcessData(inBytes, inOff, BufSize, outBytes, outOff + resultLen); + mPoly1305.BlockUpdate(outBytes, outOff + resultLen, BufSize); + inOff += BufSize; + len -= BufSize; + resultLen += BufSize; + } + + if (len > 0) + { + Array.Copy(inBytes, inOff, mBuf, 0, len); + this.mBufPos = len; + } + break; + } + default: + throw new InvalidOperationException(); + } + + return resultLen; + } + + public virtual int DoFinal(byte[] outBytes, int outOff) + { + if (null == outBytes) + throw new ArgumentNullException("outBytes"); + if (outOff < 0) + throw new ArgumentException("cannot be negative", "outOff"); + + CheckData(); + + Array.Clear(mMac, 0, MacSize); + + int resultLen = 0; + + switch (mState) + { + case State.DecData: + { + if (mBufPos < MacSize) + throw new InvalidCipherTextException("data too short"); + + resultLen = mBufPos - MacSize; + + Check.OutputLength(outBytes, outOff, resultLen, "output buffer too short"); + + if (resultLen > 0) + { + mPoly1305.BlockUpdate(mBuf, 0, resultLen); + ProcessData(mBuf, 0, resultLen, outBytes, outOff); + } + + FinishData(State.DecFinal); + + if (!Arrays.ConstantTimeAreEqual(MacSize, mMac, 0, mBuf, resultLen)) + { + throw new InvalidCipherTextException("mac check in ChaCha20Poly1305 failed"); + } + + break; + } + case State.EncData: + { + resultLen = mBufPos + MacSize; + + Check.OutputLength(outBytes, outOff, resultLen, "output buffer too short"); + + if (mBufPos > 0) + { + ProcessData(mBuf, 0, mBufPos, outBytes, outOff); + mPoly1305.BlockUpdate(outBytes, outOff, mBufPos); + } + + FinishData(State.EncFinal); + + Array.Copy(mMac, 0, outBytes, outOff + mBufPos, MacSize); + break; + } + default: + throw new InvalidOperationException(); + } + + Reset(false, true); + + return resultLen; + } + + public virtual byte[] GetMac() + { + return Arrays.Clone(mMac); + } + + public virtual void Reset() + { + Reset(true, true); + } + + private void CheckAad() + { + switch (mState) + { + case State.DecInit: + this.mState = State.DecAad; + break; + case State.EncInit: + this.mState = State.EncAad; + break; + case State.DecAad: + case State.EncAad: + break; + case State.EncFinal: + throw new InvalidOperationException("ChaCha20Poly1305 cannot be reused for encryption"); + default: + throw new InvalidOperationException(); + } + } + + private void CheckData() + { + switch (mState) + { + case State.DecInit: + case State.DecAad: + FinishAad(State.DecData); + break; + case State.EncInit: + case State.EncAad: + FinishAad(State.EncData); + break; + case State.DecData: + case State.EncData: + break; + case State.EncFinal: + throw new InvalidOperationException("ChaCha20Poly1305 cannot be reused for encryption"); + default: + throw new InvalidOperationException(); + } + } + + private void FinishAad(State nextState) + { + PadMac(mAadCount); + + this.mState = nextState; + } + + private void FinishData(State nextState) + { + PadMac(mDataCount); + + byte[] lengths = new byte[16]; + Pack.UInt64_To_LE(mAadCount, lengths, 0); + Pack.UInt64_To_LE(mDataCount, lengths, 8); + mPoly1305.BlockUpdate(lengths, 0, 16); + + mPoly1305.DoFinal(mMac, 0); + + this.mState = nextState; + } + + private ulong IncrementCount(ulong count, uint increment, ulong limit) + { + if (count > (limit - increment)) + throw new InvalidOperationException ("Limit exceeded"); + + return count + increment; + } + + private void InitMac() + { + byte[] firstBlock = new byte[64]; + try + { + mChacha20.ProcessBytes(firstBlock, 0, 64, firstBlock, 0); + mPoly1305.Init(new KeyParameter(firstBlock, 0, 32)); + } + finally + { + Array.Clear(firstBlock, 0, 64); + } + } + + private void PadMac(ulong count) + { + int partial = (int)count & (MacSize - 1); + if (0 != partial) + { + mPoly1305.BlockUpdate(Zeroes, 0, MacSize - partial); + } + } + + private void ProcessData(byte[] inBytes, int inOff, int inLen, byte[] outBytes, int outOff) + { + Check.OutputLength(outBytes, outOff, inLen, "output buffer too short"); + + mChacha20.ProcessBytes(inBytes, inOff, inLen, outBytes, outOff); + + this.mDataCount = IncrementCount(mDataCount, (uint)inLen, DataLimit); + } + + private void Reset(bool clearMac, bool resetCipher) + { + Array.Clear(mBuf, 0, mBuf.Length); + + if (clearMac) + { + Array.Clear(mMac, 0, mMac.Length); + } + + this.mAadCount = 0UL; + this.mDataCount = 0UL; + this.mBufPos = 0; + + switch (mState) + { + case State.DecInit: + case State.EncInit: + break; + case State.DecAad: + case State.DecData: + case State.DecFinal: + this.mState = State.DecInit; + break; + case State.EncAad: + case State.EncData: + case State.EncFinal: + this.mState = State.EncFinal; + return; + default: + throw new InvalidOperationException(); + } + + if (resetCipher) + { + mChacha20.Reset(); + } + + InitMac(); + + if (null != mInitialAad) + { + ProcessAadBytes(mInitialAad, 0, mInitialAad.Length); + } + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/modes/CtsBlockCipher.cs b/BouncyCastle/crypto/src/crypto/modes/CtsBlockCipher.cs new file mode 100644 index 0000000..ff37844 --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/modes/CtsBlockCipher.cs @@ -0,0 +1,253 @@ +using System; +using System.Diagnostics; + +using Org.BouncyCastle.Crypto; +using Org.BouncyCastle.Crypto.Parameters; + +namespace Org.BouncyCastle.Crypto.Modes +{ + /** + * A Cipher Text Stealing (CTS) mode cipher. CTS allows block ciphers to + * be used to produce cipher text which is the same outLength as the plain text. + */ + public class CtsBlockCipher + : BufferedBlockCipher + { + private readonly int blockSize; + + /** + * Create a buffered block cipher that uses Cipher Text Stealing + * + * @param cipher the underlying block cipher this buffering object wraps. + */ + public CtsBlockCipher( + IBlockCipher cipher) + { + // TODO Should this test for acceptable ones instead? + if (cipher is OfbBlockCipher || cipher is CfbBlockCipher) + throw new ArgumentException("CtsBlockCipher can only accept ECB, or CBC ciphers"); + + this.cipher = cipher; + + blockSize = cipher.GetBlockSize(); + + buf = new byte[blockSize * 2]; + bufOff = 0; + } + + /** + * return the size of the output buffer required for an update of 'length' bytes. + * + * @param length the outLength of the input. + * @return the space required to accommodate a call to update + * with length bytes of input. + */ + public override int GetUpdateOutputSize( + int length) + { + int total = length + bufOff; + int leftOver = total % buf.Length; + + if (leftOver == 0) + { + return total - buf.Length; + } + + return total - leftOver; + } + + /** + * return the size of the output buffer required for an update plus a + * doFinal with an input of length bytes. + * + * @param length the outLength of the input. + * @return the space required to accommodate a call to update and doFinal + * with length bytes of input. + */ + public override int GetOutputSize( + int length) + { + return length + bufOff; + } + + /** + * process a single byte, producing an output block if necessary. + * + * @param in the input byte. + * @param out the space for any output that might be produced. + * @param outOff the offset from which the output will be copied. + * @return the number of output bytes copied to out. + * @exception DataLengthException if there isn't enough space in out. + * @exception InvalidOperationException if the cipher isn't initialised. + */ + public override int ProcessByte( + byte input, + byte[] output, + int outOff) + { + int resultLen = 0; + + if (bufOff == buf.Length) + { + resultLen = cipher.ProcessBlock(buf, 0, output, outOff); + Debug.Assert(resultLen == blockSize); + + Array.Copy(buf, blockSize, buf, 0, blockSize); + bufOff = blockSize; + } + + buf[bufOff++] = input; + + return resultLen; + } + + /** + * process an array of bytes, producing output if necessary. + * + * @param in the input byte array. + * @param inOff the offset at which the input data starts. + * @param length the number of bytes to be copied out of the input array. + * @param out the space for any output that might be produced. + * @param outOff the offset from which the output will be copied. + * @return the number of output bytes copied to out. + * @exception DataLengthException if there isn't enough space in out. + * @exception InvalidOperationException if the cipher isn't initialised. + */ + public override int ProcessBytes( + byte[] input, + int inOff, + int length, + byte[] output, + int outOff) + { + if (length < 0) + { + throw new ArgumentException("Can't have a negative input outLength!"); + } + + int blockSize = GetBlockSize(); + int outLength = GetUpdateOutputSize(length); + + if (outLength > 0) + { + if ((outOff + outLength) > output.Length) + { + throw new DataLengthException("output buffer too short"); + } + } + + int resultLen = 0; + int gapLen = buf.Length - bufOff; + + if (length > gapLen) + { + Array.Copy(input, inOff, buf, bufOff, gapLen); + + resultLen += cipher.ProcessBlock(buf, 0, output, outOff); + Array.Copy(buf, blockSize, buf, 0, blockSize); + + bufOff = blockSize; + + length -= gapLen; + inOff += gapLen; + + while (length > blockSize) + { + Array.Copy(input, inOff, buf, bufOff, blockSize); + resultLen += cipher.ProcessBlock(buf, 0, output, outOff + resultLen); + Array.Copy(buf, blockSize, buf, 0, blockSize); + + length -= blockSize; + inOff += blockSize; + } + } + + Array.Copy(input, inOff, buf, bufOff, length); + + bufOff += length; + + return resultLen; + } + + /** + * Process the last block in the buffer. + * + * @param out the array the block currently being held is copied into. + * @param outOff the offset at which the copying starts. + * @return the number of output bytes copied to out. + * @exception DataLengthException if there is insufficient space in out for + * the output. + * @exception InvalidOperationException if the underlying cipher is not + * initialised. + * @exception InvalidCipherTextException if cipher text decrypts wrongly (in + * case the exception will never Get thrown). + */ + public override int DoFinal( + byte[] output, + int outOff) + { + if (bufOff + outOff > output.Length) + { + throw new DataLengthException("output buffer too small in doFinal"); + } + + int blockSize = cipher.GetBlockSize(); + int length = bufOff - blockSize; + byte[] block = new byte[blockSize]; + + if (forEncryption) + { + cipher.ProcessBlock(buf, 0, block, 0); + + if (bufOff < blockSize) + { + throw new DataLengthException("need at least one block of input for CTS"); + } + + for (int i = bufOff; i != buf.Length; i++) + { + buf[i] = block[i - blockSize]; + } + + for (int i = blockSize; i != bufOff; i++) + { + buf[i] ^= block[i - blockSize]; + } + + IBlockCipher c = (cipher is CbcBlockCipher) + ? ((CbcBlockCipher)cipher).GetUnderlyingCipher() + : cipher; + + c.ProcessBlock(buf, blockSize, output, outOff); + + Array.Copy(block, 0, output, outOff + blockSize, length); + } + else + { + byte[] lastBlock = new byte[blockSize]; + + IBlockCipher c = (cipher is CbcBlockCipher) + ? ((CbcBlockCipher)cipher).GetUnderlyingCipher() + : cipher; + + c.ProcessBlock(buf, 0, block, 0); + + for (int i = blockSize; i != bufOff; i++) + { + lastBlock[i - blockSize] = (byte)(block[i - blockSize] ^ buf[i]); + } + + Array.Copy(buf, blockSize, block, 0, length); + + cipher.ProcessBlock(block, 0, output, outOff); + Array.Copy(lastBlock, 0, output, outOff + blockSize, length); + } + + int offset = bufOff; + + Reset(); + + return offset; + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/modes/EAXBlockCipher.cs b/BouncyCastle/crypto/src/crypto/modes/EAXBlockCipher.cs new file mode 100644 index 0000000..624f385 --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/modes/EAXBlockCipher.cs @@ -0,0 +1,379 @@ +using System; + +using Org.BouncyCastle.Crypto.Macs; +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Crypto.Modes +{ + /** + * A Two-Pass Authenticated-Encryption Scheme Optimized for Simplicity and + * Efficiency - by M. Bellare, P. Rogaway, D. Wagner. + * + * http://www.cs.ucdavis.edu/~rogaway/papers/eax.pdf + * + * EAX is an AEAD scheme based on CTR and OMAC1/CMAC, that uses a single block + * cipher to encrypt and authenticate data. It's on-line (the length of a + * message isn't needed to begin processing it), has good performances, it's + * simple and provably secure (provided the underlying block cipher is secure). + * + * Of course, this implementations is NOT thread-safe. + */ + public class EaxBlockCipher + : IAeadBlockCipher + { + private enum Tag : byte { N, H, C }; + + private SicBlockCipher cipher; + + private bool forEncryption; + + private int blockSize; + + private IMac mac; + + private byte[] nonceMac; + private byte[] associatedTextMac; + private byte[] macBlock; + + private int macSize; + private byte[] bufBlock; + private int bufOff; + + private bool cipherInitialized; + private byte[] initialAssociatedText; + + /** + * Constructor that accepts an instance of a block cipher engine. + * + * @param cipher the engine to use + */ + public EaxBlockCipher( + IBlockCipher cipher) + { + blockSize = cipher.GetBlockSize(); + mac = new CMac(cipher); + macBlock = new byte[blockSize]; + associatedTextMac = new byte[mac.GetMacSize()]; + nonceMac = new byte[mac.GetMacSize()]; + this.cipher = new SicBlockCipher(cipher); + } + + public virtual string AlgorithmName + { + get { return cipher.GetUnderlyingCipher().AlgorithmName + "/EAX"; } + } + + public virtual IBlockCipher GetUnderlyingCipher() + { + return cipher; + } + + public virtual int GetBlockSize() + { + return cipher.GetBlockSize(); + } + + public virtual void Init( + bool forEncryption, + ICipherParameters parameters) + { + this.forEncryption = forEncryption; + + byte[] nonce; + ICipherParameters keyParam; + + if (parameters is AeadParameters) + { + AeadParameters param = (AeadParameters) parameters; + + nonce = param.GetNonce(); + initialAssociatedText = param.GetAssociatedText(); + macSize = param.MacSize / 8; + keyParam = param.Key; + } + else if (parameters is ParametersWithIV) + { + ParametersWithIV param = (ParametersWithIV) parameters; + + nonce = param.GetIV(); + initialAssociatedText = null; + macSize = mac.GetMacSize() / 2; + keyParam = param.Parameters; + } + else + { + throw new ArgumentException("invalid parameters passed to EAX"); + } + + bufBlock = new byte[forEncryption ? blockSize : (blockSize + macSize)]; + + byte[] tag = new byte[blockSize]; + + // Key reuse implemented in CBC mode of underlying CMac + mac.Init(keyParam); + + tag[blockSize - 1] = (byte)Tag.N; + mac.BlockUpdate(tag, 0, blockSize); + mac.BlockUpdate(nonce, 0, nonce.Length); + mac.DoFinal(nonceMac, 0); + + // Same BlockCipher underlies this and the mac, so reuse last key on cipher + cipher.Init(true, new ParametersWithIV(null, nonceMac)); + + Reset(); + } + + private void InitCipher() + { + if (cipherInitialized) + { + return; + } + + cipherInitialized = true; + + mac.DoFinal(associatedTextMac, 0); + + byte[] tag = new byte[blockSize]; + tag[blockSize - 1] = (byte)Tag.C; + mac.BlockUpdate(tag, 0, blockSize); + } + + private void CalculateMac() + { + byte[] outC = new byte[blockSize]; + mac.DoFinal(outC, 0); + + for (int i = 0; i < macBlock.Length; i++) + { + macBlock[i] = (byte)(nonceMac[i] ^ associatedTextMac[i] ^ outC[i]); + } + } + + public virtual void Reset() + { + Reset(true); + } + + private void Reset( + bool clearMac) + { + cipher.Reset(); // TODO Redundant since the mac will reset it? + mac.Reset(); + + bufOff = 0; + Array.Clear(bufBlock, 0, bufBlock.Length); + + if (clearMac) + { + Array.Clear(macBlock, 0, macBlock.Length); + } + + byte[] tag = new byte[blockSize]; + tag[blockSize - 1] = (byte)Tag.H; + mac.BlockUpdate(tag, 0, blockSize); + + cipherInitialized = false; + + if (initialAssociatedText != null) + { + ProcessAadBytes(initialAssociatedText, 0, initialAssociatedText.Length); + } + } + + public virtual void ProcessAadByte(byte input) + { + if (cipherInitialized) + { + throw new InvalidOperationException("AAD data cannot be added after encryption/decryption processing has begun."); + } + mac.Update(input); + } + + public virtual void ProcessAadBytes(byte[] inBytes, int inOff, int len) + { + if (cipherInitialized) + { + throw new InvalidOperationException("AAD data cannot be added after encryption/decryption processing has begun."); + } + mac.BlockUpdate(inBytes, inOff, len); + } + + public virtual int ProcessByte( + byte input, + byte[] outBytes, + int outOff) + { + InitCipher(); + + return Process(input, outBytes, outOff); + } + + public virtual int ProcessBytes( + byte[] inBytes, + int inOff, + int len, + byte[] outBytes, + int outOff) + { + InitCipher(); + + int resultLen = 0; + + for (int i = 0; i != len; i++) + { + resultLen += Process(inBytes[inOff + i], outBytes, outOff + resultLen); + } + + return resultLen; + } + + public virtual int DoFinal( + byte[] outBytes, + int outOff) + { + InitCipher(); + + int extra = bufOff; + byte[] tmp = new byte[bufBlock.Length]; + + bufOff = 0; + + if (forEncryption) + { + Check.OutputLength(outBytes, outOff, extra + macSize, "Output buffer too short"); + + cipher.ProcessBlock(bufBlock, 0, tmp, 0); + + Array.Copy(tmp, 0, outBytes, outOff, extra); + + mac.BlockUpdate(tmp, 0, extra); + + CalculateMac(); + + Array.Copy(macBlock, 0, outBytes, outOff + extra, macSize); + + Reset(false); + + return extra + macSize; + } + else + { + if (extra < macSize) + throw new InvalidCipherTextException("data too short"); + + Check.OutputLength(outBytes, outOff, extra - macSize, "Output buffer too short"); + + if (extra > macSize) + { + mac.BlockUpdate(bufBlock, 0, extra - macSize); + + cipher.ProcessBlock(bufBlock, 0, tmp, 0); + + Array.Copy(tmp, 0, outBytes, outOff, extra - macSize); + } + + CalculateMac(); + + if (!VerifyMac(bufBlock, extra - macSize)) + throw new InvalidCipherTextException("mac check in EAX failed"); + + Reset(false); + + return extra - macSize; + } + } + + public virtual byte[] GetMac() + { + byte[] mac = new byte[macSize]; + + Array.Copy(macBlock, 0, mac, 0, macSize); + + return mac; + } + + public virtual int GetUpdateOutputSize( + int len) + { + int totalData = len + bufOff; + if (!forEncryption) + { + if (totalData < macSize) + { + return 0; + } + totalData -= macSize; + } + return totalData - totalData % blockSize; + } + + public virtual int GetOutputSize( + int len) + { + int totalData = len + bufOff; + + if (forEncryption) + { + return totalData + macSize; + } + + return totalData < macSize ? 0 : totalData - macSize; + } + + private int Process( + byte b, + byte[] outBytes, + int outOff) + { + bufBlock[bufOff++] = b; + + if (bufOff == bufBlock.Length) + { + Check.OutputLength(outBytes, outOff, blockSize, "Output buffer is too short"); + + // TODO Could move the ProcessByte(s) calls to here +// InitCipher(); + + int size; + + if (forEncryption) + { + size = cipher.ProcessBlock(bufBlock, 0, outBytes, outOff); + + mac.BlockUpdate(outBytes, outOff, blockSize); + } + else + { + mac.BlockUpdate(bufBlock, 0, blockSize); + + size = cipher.ProcessBlock(bufBlock, 0, outBytes, outOff); + } + + bufOff = 0; + if (!forEncryption) + { + Array.Copy(bufBlock, blockSize, bufBlock, 0, macSize); + bufOff = macSize; + } + + return size; + } + + return 0; + } + + private bool VerifyMac(byte[] mac, int off) + { + int nonEqual = 0; + + for (int i = 0; i < macSize; i++) + { + nonEqual |= (macBlock[i] ^ mac[off + i]); + } + + return nonEqual == 0; + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/modes/GCMBlockCipher.cs b/BouncyCastle/crypto/src/crypto/modes/GCMBlockCipher.cs new file mode 100644 index 0000000..88b413f --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/modes/GCMBlockCipher.cs @@ -0,0 +1,645 @@ +using System; + +using Org.BouncyCastle.Crypto.Macs; +using Org.BouncyCastle.Crypto.Modes.Gcm; +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Crypto.Utilities; +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Crypto.Modes +{ + /// + /// Implements the Galois/Counter mode (GCM) detailed in + /// NIST Special Publication 800-38D. + /// + public class GcmBlockCipher + : IAeadBlockCipher + { + private const int BlockSize = 16; + + private readonly IBlockCipher cipher; + private readonly IGcmMultiplier multiplier; + private IGcmExponentiator exp; + + // These fields are set by Init and not modified by processing + private bool forEncryption; + private bool initialised; + private int macSize; + private byte[] lastKey; + private byte[] nonce; + private byte[] initialAssociatedText; + private byte[] H; + private byte[] J0; + + // These fields are modified during processing + private byte[] bufBlock; + private byte[] macBlock; + private byte[] S, S_at, S_atPre; + private byte[] counter; + private uint blocksRemaining; + private int bufOff; + private ulong totalLength; + private byte[] atBlock; + private int atBlockPos; + private ulong atLength; + private ulong atLengthPre; + + public GcmBlockCipher( + IBlockCipher c) + : this(c, null) + { + } + + public GcmBlockCipher( + IBlockCipher c, + IGcmMultiplier m) + { + if (c.GetBlockSize() != BlockSize) + throw new ArgumentException("cipher required with a block size of " + BlockSize + "."); + + if (m == null) + { + m = new Tables4kGcmMultiplier(); + } + + this.cipher = c; + this.multiplier = m; + } + + public virtual string AlgorithmName + { + get { return cipher.AlgorithmName + "/GCM"; } + } + + public IBlockCipher GetUnderlyingCipher() + { + return cipher; + } + + public virtual int GetBlockSize() + { + return BlockSize; + } + + /// + /// MAC sizes from 32 bits to 128 bits (must be a multiple of 8) are supported. The default is 128 bits. + /// Sizes less than 96 are not recommended, but are supported for specialized applications. + /// + public virtual void Init( + bool forEncryption, + ICipherParameters parameters) + { + this.forEncryption = forEncryption; + this.macBlock = null; + this.initialised = true; + + KeyParameter keyParam; + byte[] newNonce = null; + + if (parameters is AeadParameters) + { + AeadParameters param = (AeadParameters)parameters; + + newNonce = param.GetNonce(); + initialAssociatedText = param.GetAssociatedText(); + + int macSizeBits = param.MacSize; + if (macSizeBits < 32 || macSizeBits > 128 || macSizeBits % 8 != 0) + { + throw new ArgumentException("Invalid value for MAC size: " + macSizeBits); + } + + macSize = macSizeBits / 8; + keyParam = param.Key; + } + else if (parameters is ParametersWithIV) + { + ParametersWithIV param = (ParametersWithIV)parameters; + + newNonce = param.GetIV(); + initialAssociatedText = null; + macSize = 16; + keyParam = (KeyParameter)param.Parameters; + } + else + { + throw new ArgumentException("invalid parameters passed to GCM"); + } + + int bufLength = forEncryption ? BlockSize : (BlockSize + macSize); + this.bufBlock = new byte[bufLength]; + + if (newNonce == null || newNonce.Length < 1) + { + throw new ArgumentException("IV must be at least 1 byte"); + } + + if (forEncryption) + { + if (nonce != null && Arrays.AreEqual(nonce, newNonce)) + { + if (keyParam == null) + { + throw new ArgumentException("cannot reuse nonce for GCM encryption"); + } + if (lastKey != null && Arrays.AreEqual(lastKey, keyParam.GetKey())) + { + throw new ArgumentException("cannot reuse nonce for GCM encryption"); + } + } + } + + nonce = newNonce; + if (keyParam != null) + { + lastKey = keyParam.GetKey(); + } + + // TODO Restrict macSize to 16 if nonce length not 12? + + // Cipher always used in forward mode + // if keyParam is null we're reusing the last key. + if (keyParam != null) + { + cipher.Init(true, keyParam); + + this.H = new byte[BlockSize]; + cipher.ProcessBlock(H, 0, H, 0); + + // if keyParam is null we're reusing the last key and the multiplier doesn't need re-init + multiplier.Init(H); + exp = null; + } + else if (this.H == null) + { + throw new ArgumentException("Key must be specified in initial init"); + } + + this.J0 = new byte[BlockSize]; + + if (nonce.Length == 12) + { + Array.Copy(nonce, 0, J0, 0, nonce.Length); + this.J0[BlockSize - 1] = 0x01; + } + else + { + gHASH(J0, nonce, nonce.Length); + byte[] X = new byte[BlockSize]; + Pack.UInt64_To_BE((ulong)nonce.Length * 8UL, X, 8); + gHASHBlock(J0, X); + } + + this.S = new byte[BlockSize]; + this.S_at = new byte[BlockSize]; + this.S_atPre = new byte[BlockSize]; + this.atBlock = new byte[BlockSize]; + this.atBlockPos = 0; + this.atLength = 0; + this.atLengthPre = 0; + this.counter = Arrays.Clone(J0); + this.blocksRemaining = uint.MaxValue - 1; // page 8, len(P) <= 2^39 - 256, 1 block used by tag + this.bufOff = 0; + this.totalLength = 0; + + if (initialAssociatedText != null) + { + ProcessAadBytes(initialAssociatedText, 0, initialAssociatedText.Length); + } + } + + public virtual byte[] GetMac() + { + return macBlock == null + ? new byte[macSize] + : Arrays.Clone(macBlock); + } + + public virtual int GetOutputSize( + int len) + { + int totalData = len + bufOff; + + if (forEncryption) + { + return totalData + macSize; + } + + return totalData < macSize ? 0 : totalData - macSize; + } + + public virtual int GetUpdateOutputSize( + int len) + { + int totalData = len + bufOff; + if (!forEncryption) + { + if (totalData < macSize) + { + return 0; + } + totalData -= macSize; + } + return totalData - totalData % BlockSize; + } + + public virtual void ProcessAadByte(byte input) + { + CheckStatus(); + + atBlock[atBlockPos] = input; + if (++atBlockPos == BlockSize) + { + // Hash each block as it fills + gHASHBlock(S_at, atBlock); + atBlockPos = 0; + atLength += BlockSize; + } + } + + public virtual void ProcessAadBytes(byte[] inBytes, int inOff, int len) + { + CheckStatus(); + + for (int i = 0; i < len; ++i) + { + atBlock[atBlockPos] = inBytes[inOff + i]; + if (++atBlockPos == BlockSize) + { + // Hash each block as it fills + gHASHBlock(S_at, atBlock); + atBlockPos = 0; + atLength += BlockSize; + } + } + } + + private void InitCipher() + { + if (atLength > 0) + { + Array.Copy(S_at, 0, S_atPre, 0, BlockSize); + atLengthPre = atLength; + } + + // Finish hash for partial AAD block + if (atBlockPos > 0) + { + gHASHPartial(S_atPre, atBlock, 0, atBlockPos); + atLengthPre += (uint)atBlockPos; + } + + if (atLengthPre > 0) + { + Array.Copy(S_atPre, 0, S, 0, BlockSize); + } + } + + public virtual int ProcessByte( + byte input, + byte[] output, + int outOff) + { + CheckStatus(); + + bufBlock[bufOff] = input; + if (++bufOff == bufBlock.Length) + { + ProcessBlock(bufBlock, 0, output, outOff); + if (forEncryption) + { + bufOff = 0; + } + else + { + Array.Copy(bufBlock, BlockSize, bufBlock, 0, macSize); + bufOff = macSize; + } + return BlockSize; + } + return 0; + } + + public virtual int ProcessBytes( + byte[] input, + int inOff, + int len, + byte[] output, + int outOff) + { + CheckStatus(); + + Check.DataLength(input, inOff, len, "input buffer too short"); + + int resultLen = 0; + + if (forEncryption) + { + if (bufOff != 0) + { + while (len > 0) + { + --len; + bufBlock[bufOff] = input[inOff++]; + if (++bufOff == BlockSize) + { + ProcessBlock(bufBlock, 0, output, outOff); + bufOff = 0; + resultLen += BlockSize; + break; + } + } + } + + while (len >= BlockSize) + { + ProcessBlock(input, inOff, output, outOff + resultLen); + inOff += BlockSize; + len -= BlockSize; + resultLen += BlockSize; + } + + if (len > 0) + { + Array.Copy(input, inOff, bufBlock, 0, len); + bufOff = len; + } + } + else + { + for (int i = 0; i < len; ++i) + { + bufBlock[bufOff] = input[inOff + i]; + if (++bufOff == bufBlock.Length) + { + ProcessBlock(bufBlock, 0, output, outOff + resultLen); + Array.Copy(bufBlock, BlockSize, bufBlock, 0, macSize); + bufOff = macSize; + resultLen += BlockSize; + } + } + } + + return resultLen; + } + + public int DoFinal(byte[] output, int outOff) + { + CheckStatus(); + + if (totalLength == 0) + { + InitCipher(); + } + + int extra = bufOff; + + if (forEncryption) + { + Check.OutputLength(output, outOff, extra + macSize, "Output buffer too short"); + } + else + { + if (extra < macSize) + throw new InvalidCipherTextException("data too short"); + + extra -= macSize; + + Check.OutputLength(output, outOff, extra, "Output buffer too short"); + } + + if (extra > 0) + { + ProcessPartial(bufBlock, 0, extra, output, outOff); + } + + atLength += (uint)atBlockPos; + + if (atLength > atLengthPre) + { + /* + * Some AAD was sent after the cipher started. We determine the difference b/w the hash value + * we actually used when the cipher started (S_atPre) and the final hash value calculated (S_at). + * Then we carry this difference forward by multiplying by H^c, where c is the number of (full or + * partial) cipher-text blocks produced, and adjust the current hash. + */ + + // Finish hash for partial AAD block + if (atBlockPos > 0) + { + gHASHPartial(S_at, atBlock, 0, atBlockPos); + } + + // Find the difference between the AAD hashes + if (atLengthPre > 0) + { + GcmUtilities.Xor(S_at, S_atPre); + } + + // Number of cipher-text blocks produced + long c = (long)(((totalLength * 8) + 127) >> 7); + + // Calculate the adjustment factor + byte[] H_c = new byte[16]; + if (exp == null) + { + exp = new BasicGcmExponentiator(); + exp.Init(H); + } + exp.ExponentiateX(c, H_c); + + // Carry the difference forward + GcmUtilities.Multiply(S_at, H_c); + + // Adjust the current hash + GcmUtilities.Xor(S, S_at); + } + + // Final gHASH + byte[] X = new byte[BlockSize]; + Pack.UInt64_To_BE(atLength * 8UL, X, 0); + Pack.UInt64_To_BE(totalLength * 8UL, X, 8); + + gHASHBlock(S, X); + + // T = MSBt(GCTRk(J0,S)) + byte[] tag = new byte[BlockSize]; + cipher.ProcessBlock(J0, 0, tag, 0); + GcmUtilities.Xor(tag, S); + + int resultLen = extra; + + // We place into macBlock our calculated value for T + this.macBlock = new byte[macSize]; + Array.Copy(tag, 0, macBlock, 0, macSize); + + if (forEncryption) + { + // Append T to the message + Array.Copy(macBlock, 0, output, outOff + bufOff, macSize); + resultLen += macSize; + } + else + { + // Retrieve the T value from the message and compare to calculated one + byte[] msgMac = new byte[macSize]; + Array.Copy(bufBlock, extra, msgMac, 0, macSize); + if (!Arrays.ConstantTimeAreEqual(this.macBlock, msgMac)) + throw new InvalidCipherTextException("mac check in GCM failed"); + } + + Reset(false); + + return resultLen; + } + + public virtual void Reset() + { + Reset(true); + } + + private void Reset( + bool clearMac) + { + cipher.Reset(); + + // note: we do not reset the nonce. + + S = new byte[BlockSize]; + S_at = new byte[BlockSize]; + S_atPre = new byte[BlockSize]; + atBlock = new byte[BlockSize]; + atBlockPos = 0; + atLength = 0; + atLengthPre = 0; + counter = Arrays.Clone(J0); + blocksRemaining = uint.MaxValue - 1; + bufOff = 0; + totalLength = 0; + + if (bufBlock != null) + { + Arrays.Fill(bufBlock, 0); + } + + if (clearMac) + { + macBlock = null; + } + + if (forEncryption) + { + initialised = false; + } + else + { + if (initialAssociatedText != null) + { + ProcessAadBytes(initialAssociatedText, 0, initialAssociatedText.Length); + } + } + } + + private void ProcessBlock(byte[] buf, int bufOff, byte[] output, int outOff) + { + Check.OutputLength(output, outOff, BlockSize, "Output buffer too short"); + + if (totalLength == 0) + { + InitCipher(); + } + + byte[] ctrBlock = new byte[BlockSize]; + GetNextCtrBlock(ctrBlock); + + if (forEncryption) + { + GcmUtilities.Xor(ctrBlock, buf, bufOff); + gHASHBlock(S, ctrBlock); + Array.Copy(ctrBlock, 0, output, outOff, BlockSize); + } + else + { + gHASHBlock(S, buf, bufOff); + GcmUtilities.Xor(ctrBlock, 0, buf, bufOff, output, outOff); + } + + totalLength += BlockSize; + } + + private void ProcessPartial(byte[] buf, int off, int len, byte[] output, int outOff) + { + byte[] ctrBlock = new byte[BlockSize]; + GetNextCtrBlock(ctrBlock); + + if (forEncryption) + { + GcmUtilities.Xor(buf, off, ctrBlock, 0, len); + gHASHPartial(S, buf, off, len); + } + else + { + gHASHPartial(S, buf, off, len); + GcmUtilities.Xor(buf, off, ctrBlock, 0, len); + } + + Array.Copy(buf, off, output, outOff, len); + totalLength += (uint)len; + } + + private void gHASH(byte[] Y, byte[] b, int len) + { + for (int pos = 0; pos < len; pos += BlockSize) + { + int num = System.Math.Min(len - pos, BlockSize); + gHASHPartial(Y, b, pos, num); + } + } + + private void gHASHBlock(byte[] Y, byte[] b) + { + GcmUtilities.Xor(Y, b); + multiplier.MultiplyH(Y); + } + + private void gHASHBlock(byte[] Y, byte[] b, int off) + { + GcmUtilities.Xor(Y, b, off); + multiplier.MultiplyH(Y); + } + + private void gHASHPartial(byte[] Y, byte[] b, int off, int len) + { + GcmUtilities.Xor(Y, b, off, len); + multiplier.MultiplyH(Y); + } + + private void GetNextCtrBlock(byte[] block) + { + if (blocksRemaining == 0) + throw new InvalidOperationException("Attempt to process too many blocks"); + + blocksRemaining--; + + uint c = 1; + c += counter[15]; counter[15] = (byte)c; c >>= 8; + c += counter[14]; counter[14] = (byte)c; c >>= 8; + c += counter[13]; counter[13] = (byte)c; c >>= 8; + c += counter[12]; counter[12] = (byte)c; + + cipher.ProcessBlock(counter, 0, block, 0); + } + + private void CheckStatus() + { + if (!initialised) + { + if (forEncryption) + { + throw new InvalidOperationException("GCM cipher cannot be reused for encryption"); + } + throw new InvalidOperationException("GCM cipher needs to be initialised"); + } + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/modes/GOFBBlockCipher.cs b/BouncyCastle/crypto/src/crypto/modes/GOFBBlockCipher.cs new file mode 100644 index 0000000..436b58a --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/modes/GOFBBlockCipher.cs @@ -0,0 +1,234 @@ +using System; + +using Org.BouncyCastle.Crypto; +using Org.BouncyCastle.Crypto.Parameters; + +namespace Org.BouncyCastle.Crypto.Modes +{ + /** + * implements the GOST 28147 OFB counter mode (GCTR). + */ + public class GOfbBlockCipher + : IBlockCipher + { + private byte[] IV; + private byte[] ofbV; + private byte[] ofbOutV; + + private readonly int blockSize; + private readonly IBlockCipher cipher; + + bool firstStep = true; + int N3; + int N4; + const int C1 = 16843012; //00000001000000010000000100000100 + const int C2 = 16843009; //00000001000000010000000100000001 + + /** + * Basic constructor. + * + * @param cipher the block cipher to be used as the basis of the + * counter mode (must have a 64 bit block size). + */ + public GOfbBlockCipher( + IBlockCipher cipher) + { + this.cipher = cipher; + this.blockSize = cipher.GetBlockSize(); + + if (blockSize != 8) + { + throw new ArgumentException("GCTR only for 64 bit block ciphers"); + } + + this.IV = new byte[cipher.GetBlockSize()]; + this.ofbV = new byte[cipher.GetBlockSize()]; + this.ofbOutV = new byte[cipher.GetBlockSize()]; + } + + /** + * return the underlying block cipher that we are wrapping. + * + * @return the underlying block cipher that we are wrapping. + */ + public IBlockCipher GetUnderlyingCipher() + { + return cipher; + } + + /** + * Initialise the cipher and, possibly, the initialisation vector (IV). + * If an IV isn't passed as part of the parameter, the IV will be all zeros. + * An IV which is too short is handled in FIPS compliant fashion. + * + * @param encrypting if true the cipher is initialised for + * encryption, if false for decryption. + * @param parameters the key and other data required by the cipher. + * @exception ArgumentException if the parameters argument is inappropriate. + */ + public void Init( + bool forEncryption, //ignored by this CTR mode + ICipherParameters parameters) + { + firstStep = true; + N3 = 0; + N4 = 0; + + if (parameters is ParametersWithIV) + { + ParametersWithIV ivParam = (ParametersWithIV)parameters; + byte[] iv = ivParam.GetIV(); + + if (iv.Length < IV.Length) + { + // prepend the supplied IV with zeros (per FIPS PUB 81) + Array.Copy(iv, 0, IV, IV.Length - iv.Length, iv.Length); + for (int i = 0; i < IV.Length - iv.Length; i++) + { + IV[i] = 0; + } + } + else + { + Array.Copy(iv, 0, IV, 0, IV.Length); + } + + parameters = ivParam.Parameters; + } + + Reset(); + + // if it's null, key is to be reused. + if (parameters != null) + { + cipher.Init(true, parameters); + } + } + + /** + * return the algorithm name and mode. + * + * @return the name of the underlying algorithm followed by "/GCTR" + * and the block size in bits + */ + public string AlgorithmName + { + get { return cipher.AlgorithmName + "/GCTR"; } + } + + public bool IsPartialBlockOkay + { + get { return true; } + } + + /** + * return the block size we are operating at (in bytes). + * + * @return the block size we are operating at (in bytes). + */ + public int GetBlockSize() + { + return blockSize; + } + + /** + * Process one block of input from the array in and write it to + * the out array. + * + * @param in the array containing the input data. + * @param inOff offset into the in array the data starts at. + * @param out the array the output data will be copied into. + * @param outOff the offset into the out array the output will start at. + * @exception DataLengthException if there isn't enough data in in, or + * space in out. + * @exception InvalidOperationException if the cipher isn't initialised. + * @return the number of bytes processed and produced. + */ + public int ProcessBlock( + byte[] input, + int inOff, + byte[] output, + int outOff) + { + if ((inOff + blockSize) > input.Length) + { + throw new DataLengthException("input buffer too short"); + } + + if ((outOff + blockSize) > output.Length) + { + throw new DataLengthException("output buffer too short"); + } + + if (firstStep) + { + firstStep = false; + cipher.ProcessBlock(ofbV, 0, ofbOutV, 0); + N3 = bytesToint(ofbOutV, 0); + N4 = bytesToint(ofbOutV, 4); + } + N3 += C2; + N4 += C1; + if (N4 < C1) // addition is mod (2**32 - 1) + { + if (N4 > 0) + { + N4++; + } + } + intTobytes(N3, ofbV, 0); + intTobytes(N4, ofbV, 4); + + cipher.ProcessBlock(ofbV, 0, ofbOutV, 0); + + // + // XOR the ofbV with the plaintext producing the cipher text (and + // the next input block). + // + for (int i = 0; i < blockSize; i++) + { + output[outOff + i] = (byte)(ofbOutV[i] ^ input[inOff + i]); + } + + // + // change over the input block. + // + Array.Copy(ofbV, blockSize, ofbV, 0, ofbV.Length - blockSize); + Array.Copy(ofbOutV, 0, ofbV, ofbV.Length - blockSize, blockSize); + + return blockSize; + } + + /** + * reset the feedback vector back to the IV and reset the underlying + * cipher. + */ + public void Reset() + { + Array.Copy(IV, 0, ofbV, 0, IV.Length); + + cipher.Reset(); + } + + //array of bytes to type int + private int bytesToint( + byte[] inBytes, + int inOff) + { + return (int)((inBytes[inOff + 3] << 24) & 0xff000000) + ((inBytes[inOff + 2] << 16) & 0xff0000) + + ((inBytes[inOff + 1] << 8) & 0xff00) + (inBytes[inOff] & 0xff); + } + + //int to array of bytes + private void intTobytes( + int num, + byte[] outBytes, + int outOff) + { + outBytes[outOff + 3] = (byte)(num >> 24); + outBytes[outOff + 2] = (byte)(num >> 16); + outBytes[outOff + 1] = (byte)(num >> 8); + outBytes[outOff] = (byte)num; + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/modes/GcmSivBlockCipher.cs b/BouncyCastle/crypto/src/crypto/modes/GcmSivBlockCipher.cs new file mode 100644 index 0000000..9615931 --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/modes/GcmSivBlockCipher.cs @@ -0,0 +1,931 @@ +using System; +using System.IO; + +using Org.BouncyCastle.Crypto.Engines; +using Org.BouncyCastle.Crypto.Modes.Gcm; +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Crypto.Utilities; +using Org.BouncyCastle.Utilities; +using Org.BouncyCastle.Utilities.IO; + +namespace Org.BouncyCastle.Crypto.Modes +{ + /** + * GCM-SIV Mode. + *

It should be noted that the specified limit of 236 bytes is not supported. This is because all bytes are + * cached in a ByteArrayOutputStream object (which has a limit of a little less than 231 bytes), + * and are output on the DoFinal() call (which can only process a maximum of 231 bytes).

+ *

The practical limit of 231 - 24 bytes is policed, and attempts to breach the limit will be rejected

+ *

In order to properly support the higher limit, an extended form of ByteArrayOutputStream would be needed + * which would use multiple arrays to store the data. In addition, a new doOutput method would be required (similar + * to that in XOF digests), which would allow the data to be output over multiple calls. Alternatively an extended + * form of ByteArrayInputStream could be used to deliver the data.

+ */ + public class GcmSivBlockCipher + : IAeadBlockCipher + { + /// The buffer length. + private static readonly int BUFLEN = 16; + + /// The halfBuffer length. + private static readonly int HALFBUFLEN = BUFLEN >> 1; + + /// The nonce length. + private static readonly int NONCELEN = 12; + + /** + * The maximum data length (AEAD/PlainText). Due to implementation constraints this is restricted to the maximum + * array length (https://programming.guide/java/array-maximum-length.html) minus the BUFLEN to allow for the MAC + */ + private static readonly int MAX_DATALEN = Int32.MaxValue - 8 - BUFLEN; + + /** + * The top bit mask. + */ + private static readonly byte MASK = (byte)0x80; + + /** + * The addition constant. + */ + private static readonly byte ADD = (byte)0xE1; + + /** + * The initialisation flag. + */ + private static readonly int INIT = 1; + + /** + * The aeadComplete flag. + */ + private static readonly int AEAD_COMPLETE = 2; + + /** + * The cipher. + */ + private readonly IBlockCipher theCipher; + + /** + * The multiplier. + */ + private readonly IGcmMultiplier theMultiplier; + + /** + * The gHash buffer. + */ + internal readonly byte[] theGHash = new byte[BUFLEN]; + + /** + * The reverse buffer. + */ + internal readonly byte[] theReverse = new byte[BUFLEN]; + + /** + * The aeadHasher. + */ + private readonly GcmSivHasher theAEADHasher; + + /** + * The dataHasher. + */ + private readonly GcmSivHasher theDataHasher; + + /** + * The plainDataStream. + */ + private GcmSivCache thePlain; + + /** + * The encryptedDataStream (decryption only). + */ + private GcmSivCache theEncData; + + /** + * Are we encrypting? + */ + private bool forEncryption; + + /** + * The initialAEAD. + */ + private byte[] theInitialAEAD; + + /** + * The nonce. + */ + private byte[] theNonce; + + /** + * The flags. + */ + private int theFlags; + + /** + * Constructor. + */ + public GcmSivBlockCipher() + : this(new AesEngine()) + { + } + + /** + * Constructor. + * @param pCipher the underlying cipher + */ + public GcmSivBlockCipher(IBlockCipher pCipher) + : this(pCipher, new Tables4kGcmMultiplier()) + { + } + + /** + * Constructor. + * @param pCipher the underlying cipher + * @param pMultiplier the multiplier + */ + public GcmSivBlockCipher(IBlockCipher pCipher, IGcmMultiplier pMultiplier) + { + /* Ensure that the cipher is the correct size */ + if (pCipher.GetBlockSize() != BUFLEN) + throw new ArgumentException("Cipher required with a block size of " + BUFLEN + "."); + + /* Store parameters */ + theCipher = pCipher; + theMultiplier = pMultiplier; + + /* Create the hashers */ + theAEADHasher = new GcmSivHasher(this); + theDataHasher = new GcmSivHasher(this); + } + + public virtual IBlockCipher GetUnderlyingCipher() + { + return theCipher; + } + + public virtual int GetBlockSize() + { + return theCipher.GetBlockSize(); + } + + public virtual void Init(bool pEncrypt, ICipherParameters cipherParameters) + { + /* Set defaults */ + byte[] myInitialAEAD = null; + byte[] myNonce = null; + KeyParameter myKey = null; + + /* Access parameters */ + if (cipherParameters is AeadParameters) + { + AeadParameters myAEAD = (AeadParameters)cipherParameters; + myInitialAEAD = myAEAD.GetAssociatedText(); + myNonce = myAEAD.GetNonce(); + myKey = myAEAD.Key; + } + else if (cipherParameters is ParametersWithIV) + { + ParametersWithIV myParms = (ParametersWithIV)cipherParameters; + myNonce = myParms.GetIV(); + myKey = (KeyParameter)myParms.Parameters; + } + else + { + throw new ArgumentException("invalid parameters passed to GCM_SIV"); + } + + /* Check nonceSize */ + if (myNonce == null || myNonce.Length != NONCELEN) + { + throw new ArgumentException("Invalid nonce"); + } + + /* Check keysize */ + if (myKey == null) + { + throw new ArgumentException("Invalid key"); + } + + byte[] k = myKey.GetKey(); + + if (k.Length != BUFLEN + && k.Length != (BUFLEN << 1)) + { + throw new ArgumentException("Invalid key"); + } + + /* Reset details */ + forEncryption = pEncrypt; + theInitialAEAD = myInitialAEAD; + theNonce = myNonce; + + /* Initialise the keys */ + deriveKeys(myKey); + ResetStreams(); + } + + public virtual string AlgorithmName + { + get { return theCipher.AlgorithmName + "-GCM-SIV"; } + } + + /** + * check AEAD status. + * @param pLen the aeadLength + */ + private void CheckAeadStatus(int pLen) + { + /* Check we are initialised */ + if ((theFlags & INIT) == 0) + { + throw new InvalidOperationException("Cipher is not initialised"); + } + + /* Check AAD is allowed */ + if ((theFlags & AEAD_COMPLETE) != 0) + { + throw new InvalidOperationException("AEAD data cannot be processed after ordinary data"); + } + + /* Make sure that we haven't breached AEAD data limit */ + if ((long)theAEADHasher.getBytesProcessed() + Int64.MinValue > (MAX_DATALEN - pLen) + Int64.MinValue) + { + throw new InvalidOperationException("AEAD byte count exceeded"); + } + } + + /** + * check status. + * @param pLen the dataLength + */ + private void CheckStatus(int pLen) + { + /* Check we are initialised */ + if ((theFlags & INIT) == 0) + { + throw new InvalidOperationException("Cipher is not initialised"); + } + + /* Complete the AEAD section if this is the first data */ + if ((theFlags & AEAD_COMPLETE) == 0) + { + theAEADHasher.completeHash(); + theFlags |= AEAD_COMPLETE; + } + + /* Make sure that we haven't breached data limit */ + long dataLimit = MAX_DATALEN; + long currBytes = thePlain.Length; + if (!forEncryption) + { + dataLimit += BUFLEN; + currBytes = theEncData.Length; + } + if (currBytes + System.Int64.MinValue + > (dataLimit - pLen) + System.Int64.MinValue) + { + throw new InvalidOperationException("byte count exceeded"); + } + } + + public virtual void ProcessAadByte(byte pByte) + { + /* Check that we can supply AEAD */ + CheckAeadStatus(1); + + /* Process the aead */ + theAEADHasher.updateHash(pByte); + } + + public virtual void ProcessAadBytes(byte[] pData, int pOffset, int pLen) + { + /* Check that we can supply AEAD */ + CheckAeadStatus(pLen); + + /* Check input buffer */ + CheckBuffer(pData, pOffset, pLen, false); + + /* Process the aead */ + theAEADHasher.updateHash(pData, pOffset, pLen); + } + + public virtual int ProcessByte(byte pByte, byte[] pOutput, int pOutOffset) + { + /* Check that we have initialised */ + CheckStatus(1); + + /* Store the data */ + if (forEncryption) + { + thePlain.WriteByte(pByte); + theDataHasher.updateHash(pByte); + } + else + { + theEncData.WriteByte(pByte); + } + + /* No data returned */ + return 0; + } + + public virtual int ProcessBytes(byte[] pData, int pOffset, int pLen, byte[] pOutput, int pOutOffset) + { + /* Check that we have initialised */ + CheckStatus(pLen); + + /* Check input buffer */ + CheckBuffer(pData, pOffset, pLen, false); + + /* Store the data */ + if (forEncryption) + { + thePlain.Write(pData, pOffset, pLen); + theDataHasher.updateHash(pData, pOffset, pLen); + } + else + { + theEncData.Write(pData, pOffset, pLen); + } + + /* No data returned */ + return 0; + } + + public virtual int DoFinal(byte[] pOutput, int pOffset) + { + /* Check that we have initialised */ + CheckStatus(0); + + /* Check output buffer */ + CheckBuffer(pOutput, pOffset, GetOutputSize(0), true); + + /* If we are encrypting */ + if (forEncryption) + { + /* Derive the tag */ + byte[] myTag = calculateTag(); + + /* encrypt the plain text */ + int myDataLen = BUFLEN + encryptPlain(myTag, pOutput, pOffset); + + /* Add the tag to the output */ + Array.Copy(myTag, 0, pOutput, pOffset + (int)thePlain.Length, BUFLEN); + + /* Reset the streams */ + ResetStreams(); + return myDataLen; + + /* else we are decrypting */ + } + else + { + /* decrypt to plain text */ + decryptPlain(); + + /* Release plain text */ + int myDataLen = Streams.WriteBufTo(thePlain, pOutput, pOffset); + + /* Reset the streams */ + ResetStreams(); + return myDataLen; + } + } + + public virtual byte[] GetMac() + { + throw new InvalidOperationException(); + } + + public virtual int GetUpdateOutputSize(int pLen) + { + return 0; + } + + public virtual int GetOutputSize(int pLen) + { + if (forEncryption) + { + return (int)(pLen + thePlain.Length + BUFLEN); + } + int myCurr = (int)(pLen + theEncData.Length); + return myCurr > BUFLEN ? myCurr - BUFLEN : 0; + } + + public virtual void Reset() + { + ResetStreams(); + } + + /** + * Reset Streams. + */ + private void ResetStreams() + { + /* Clear the plainText buffer */ + if (thePlain != null) + { + thePlain.Position = 0L; + Streams.WriteZeroes(thePlain, thePlain.Capacity); + } + + /* Reset hashers */ + theAEADHasher.Reset(); + theDataHasher.Reset(); + + /* Recreate streams (to release memory) */ + thePlain = new GcmSivCache(); + theEncData = forEncryption ? null : new GcmSivCache(); + + /* Initialise AEAD if required */ + theFlags &= ~AEAD_COMPLETE; + Arrays.Fill(theGHash, (byte)0); + if (theInitialAEAD != null) + { + theAEADHasher.updateHash(theInitialAEAD, 0, theInitialAEAD.Length); + } + } + + /** + * Obtain buffer length (allowing for null). + * @param pBuffer the buffere + * @return the length + */ + private static int bufLength(byte[] pBuffer) + { + return pBuffer == null ? 0 : pBuffer.Length; + } + + /** + * Check buffer. + * @param pBuffer the buffer + * @param pOffset the offset + * @param pLen the length + * @param pOutput is this an output buffer? + */ + private static void CheckBuffer(byte[] pBuffer, int pOffset, int pLen, bool pOutput) + { + /* Access lengths */ + int myBufLen = bufLength(pBuffer); + int myLast = pOffset + pLen; + + /* Check for negative values and buffer overflow */ + bool badLen = pLen < 0 || pOffset < 0 || myLast < 0; + if (badLen || myLast > myBufLen) + { + throw pOutput + ? new OutputLengthException("Output buffer too short.") + : new DataLengthException("Input buffer too short."); + } + } + + /** + * encrypt data stream. + * @param pCounter the counter + * @param pTarget the target buffer + * @param pOffset the target offset + * @return the length of data encrypted + */ + private int encryptPlain(byte[] pCounter, byte[] pTarget, int pOffset) + { + /* Access buffer and length */ +#if PORTABLE + byte[] thePlainBuf = thePlain.ToArray(); + int thePlainLen = thePlainBuf.Length; +#else + byte[] thePlainBuf = thePlain.GetBuffer(); + int thePlainLen = (int)thePlain.Length; +#endif + + byte[] mySrc = thePlainBuf; + byte[] myCounter = Arrays.Clone(pCounter); + myCounter[BUFLEN - 1] |= MASK; + byte[] myMask = new byte[BUFLEN]; + long myRemaining = thePlainLen; + int myOff = 0; + + /* While we have data to process */ + while (myRemaining > 0) + { + /* Generate the next mask */ + theCipher.ProcessBlock(myCounter, 0, myMask, 0); + + /* Xor data into mask */ + int myLen = (int)System.Math.Min(BUFLEN, myRemaining); + xorBlock(myMask, mySrc, myOff, myLen); + + /* Copy encrypted data to output */ + Array.Copy(myMask, 0, pTarget, pOffset + myOff, myLen); + + /* Adjust counters */ + myRemaining -= myLen; + myOff += myLen; + incrementCounter(myCounter); + } + + /* Return the amount of data processed */ + return thePlainLen; + } + + /** + * decrypt data stream. + * @throws InvalidCipherTextException on data too short or mac check failed + */ + private void decryptPlain() + { + /* Access buffer and length */ +#if PORTABLE + byte[] theEncDataBuf = theEncData.ToArray(); + int theEncDataLen = theEncDataBuf.Length; +#else + byte[] theEncDataBuf = theEncData.GetBuffer(); + int theEncDataLen = (int)theEncData.Length; +#endif + + byte[] mySrc = theEncDataBuf; + int myRemaining = theEncDataLen - BUFLEN; + + /* Check for insufficient data */ + if (myRemaining < 0) + { + throw new InvalidCipherTextException("Data too short"); + } + + /* Access counter */ + byte[] myExpected = Arrays.CopyOfRange(mySrc, myRemaining, myRemaining + BUFLEN); + byte[] myCounter = Arrays.Clone(myExpected); + myCounter[BUFLEN - 1] |= MASK; + byte[] myMask = new byte[BUFLEN]; + int myOff = 0; + + /* While we have data to process */ + while (myRemaining > 0) + { + /* Generate the next mask */ + theCipher.ProcessBlock(myCounter, 0, myMask, 0); + + /* Xor data into mask */ + int myLen = System.Math.Min(BUFLEN, myRemaining); + xorBlock(myMask, mySrc, myOff, myLen); + + /* Write data to plain dataStream */ + thePlain.Write(myMask, 0, myLen); + theDataHasher.updateHash(myMask, 0, myLen); + + /* Adjust counters */ + myRemaining -= myLen; + myOff += myLen; + incrementCounter(myCounter); + } + + /* Derive and check the tag */ + byte[] myTag = calculateTag(); + if (!Arrays.ConstantTimeAreEqual(myTag, myExpected)) + { + Reset(); + throw new InvalidCipherTextException("mac check failed"); + } + } + + /** + * calculate tag. + * @return the calculated tag + */ + private byte[] calculateTag() + { + /* Complete the hash */ + theDataHasher.completeHash(); + byte[] myPolyVal = completePolyVal(); + + /* calculate polyVal */ + byte[] myResult = new byte[BUFLEN]; + + /* Fold in the nonce */ + for (int i = 0; i < NONCELEN; i++) + { + myPolyVal[i] ^= theNonce[i]; + } + + /* Clear top bit */ + myPolyVal[BUFLEN - 1] &= (byte)(MASK - 1); + + /* Calculate tag and return it */ + theCipher.ProcessBlock(myPolyVal, 0, myResult, 0); + return myResult; + } + + /** + * complete polyVAL. + * @return the calculated value + */ + private byte[] completePolyVal() + { + /* Build the polyVal result */ + byte[] myResult = new byte[BUFLEN]; + gHashLengths(); + fillReverse(theGHash, 0, BUFLEN, myResult); + return myResult; + } + + /** + * process lengths. + */ + private void gHashLengths() + { + /* Create reversed bigEndian buffer to keep it simple */ + byte[] myIn = new byte[BUFLEN]; + Pack.UInt64_To_BE((ulong)Bytes.NumBits * theDataHasher.getBytesProcessed(), myIn, 0); + Pack.UInt64_To_BE((ulong)Bytes.NumBits * theAEADHasher.getBytesProcessed(), myIn, Longs.NumBytes); + + /* hash value */ + gHASH(myIn); + } + + /** + * perform the next GHASH step. + * @param pNext the next value + */ + private void gHASH(byte[] pNext) + { + xorBlock(theGHash, pNext); + theMultiplier.MultiplyH(theGHash); + } + + /** + * Byte reverse a buffer. + * @param pInput the input buffer + * @param pOffset the offset + * @param pLength the length of data (<= BUFLEN) + * @param pOutput the output buffer + */ + private static void fillReverse(byte[] pInput, int pOffset, int pLength, byte[] pOutput) + { + /* Loop through the buffer */ + for (int i = 0, j = BUFLEN - 1; i < pLength; i++, j--) + { + /* Copy byte */ + pOutput[j] = pInput[pOffset + i]; + } + } + + /** + * xor a full block buffer. + * @param pLeft the left operand and result + * @param pRight the right operand + */ + private static void xorBlock(byte[] pLeft, byte[] pRight) + { + /* Loop through the bytes */ + for (int i = 0; i < BUFLEN; i++) + { + pLeft[i] ^= pRight[i]; + } + } + + /** + * xor a partial block buffer. + * @param pLeft the left operand and result + * @param pRight the right operand + * @param pOffset the offset in the right operand + * @param pLength the length of data in the right operand + */ + private static void xorBlock(byte[] pLeft, byte[] pRight, int pOffset, int pLength) + { + /* Loop through the bytes */ + for (int i = 0; i < pLength; i++) + { + pLeft[i] ^= pRight[i + pOffset]; + } + } + + /** + * increment the counter. + * @param pCounter the counter to increment + */ + private static void incrementCounter(byte[] pCounter) + { + /* Loop through the bytes incrementing counter */ + for (int i = 0; i < Integers.NumBytes; i++) + { + if (++pCounter[i] != 0) + { + break; + } + } + } + + /** + * multiply by X. + * @param pValue the value to adjust + */ + private static void mulX(byte[] pValue) + { + /* Loop through the bytes */ + byte myMask = (byte)0; + for (int i = 0; i < BUFLEN; i++) + { + byte myValue = pValue[i]; + pValue[i] = (byte)(((myValue >> 1) & ~MASK) | myMask); + myMask = (byte)((myValue & 1) == 0 ? (byte)0 : MASK); + } + + /* Xor in addition if last bit was set */ + if (myMask != 0) + { + pValue[0] ^= ADD; + } + } + + /** + * Derive Keys. + * @param pKey the keyGeneration key + */ + private void deriveKeys(KeyParameter pKey) + { + /* Create the buffers */ + byte[] myIn = new byte[BUFLEN]; + byte[] myOut = new byte[BUFLEN]; + byte[] myResult = new byte[BUFLEN]; + byte[] myEncKey = new byte[pKey.GetKey().Length]; + + /* Prepare for encryption */ + Array.Copy(theNonce, 0, myIn, BUFLEN - NONCELEN, NONCELEN); + theCipher.Init(true, pKey); + + /* Derive authentication key */ + int myOff = 0; + theCipher.ProcessBlock(myIn, 0, myOut, 0); + Array.Copy(myOut, 0, myResult, myOff, HALFBUFLEN); + myIn[0]++; + myOff += HALFBUFLEN; + theCipher.ProcessBlock(myIn, 0, myOut, 0); + Array.Copy(myOut, 0, myResult, myOff, HALFBUFLEN); + + /* Derive encryption key */ + myIn[0]++; + myOff = 0; + theCipher.ProcessBlock(myIn, 0, myOut, 0); + Array.Copy(myOut, 0, myEncKey, myOff, HALFBUFLEN); + myIn[0]++; + myOff += HALFBUFLEN; + theCipher.ProcessBlock(myIn, 0, myOut, 0); + Array.Copy(myOut, 0, myEncKey, myOff, HALFBUFLEN); + + /* If we have a 32byte key */ + if (myEncKey.Length == BUFLEN << 1) + { + /* Derive remainder of encryption key */ + myIn[0]++; + myOff += HALFBUFLEN; + theCipher.ProcessBlock(myIn, 0, myOut, 0); + Array.Copy(myOut, 0, myEncKey, myOff, HALFBUFLEN); + myIn[0]++; + myOff += HALFBUFLEN; + theCipher.ProcessBlock(myIn, 0, myOut, 0); + Array.Copy(myOut, 0, myEncKey, myOff, HALFBUFLEN); + } + + /* Initialise the Cipher */ + theCipher.Init(true, new KeyParameter(myEncKey)); + + /* Initialise the multiplier */ + fillReverse(myResult, 0, BUFLEN, myOut); + mulX(myOut); + theMultiplier.Init(myOut); + theFlags |= INIT; + } + + private class GcmSivCache + : MemoryStream + { + internal GcmSivCache() + { + } + } + + /** + * Hash Control. + */ + private class GcmSivHasher + { + /** + * Cache. + */ + private readonly byte[] theBuffer = new byte[BUFLEN]; + + /** + * Single byte cache. + */ + private readonly byte[] theByte = new byte[1]; + + /** + * Count of active bytes in cache. + */ + private int numActive; + + /** + * Count of hashed bytes. + */ + private ulong numHashed; + + private readonly GcmSivBlockCipher parent; + + internal GcmSivHasher(GcmSivBlockCipher parent) + { + this.parent = parent; + } + + /** + * Obtain the count of bytes hashed. + * @return the count + */ + internal ulong getBytesProcessed() + { + return numHashed; + } + + /** + * Reset the hasher. + */ + internal void Reset() + { + numActive = 0; + numHashed = 0; + } + + /** + * update hash. + * @param pByte the byte + */ + internal void updateHash(byte pByte) + { + theByte[0] = pByte; + updateHash(theByte, 0, 1); + } + + /** + * update hash. + * @param pBuffer the buffer + * @param pOffset the offset within the buffer + * @param pLen the length of data + */ + internal void updateHash(byte[] pBuffer, int pOffset, int pLen) + { + /* If we should process the cache */ + int mySpace = BUFLEN - numActive; + int numProcessed = 0; + int myRemaining = pLen; + if (numActive > 0 && pLen >= mySpace) + { + /* Copy data into the cache and hash it */ + Array.Copy(pBuffer, pOffset, theBuffer, numActive, mySpace); + fillReverse(theBuffer, 0, BUFLEN, parent.theReverse); + parent.gHASH(parent.theReverse); + + /* Adjust counters */ + numProcessed += mySpace; + myRemaining -= mySpace; + numActive = 0; + } + + /* While we have full blocks */ + while (myRemaining >= BUFLEN) + { + /* Access the next data */ + fillReverse(pBuffer, pOffset + numProcessed, BUFLEN, parent.theReverse); + parent.gHASH(parent.theReverse); + + /* Adjust counters */ + numProcessed += mySpace; + myRemaining -= mySpace; + } + + /* If we have remaining data */ + if (myRemaining > 0) + { + /* Copy data into the cache */ + Array.Copy(pBuffer, pOffset + numProcessed, theBuffer, numActive, myRemaining); + numActive += myRemaining; + } + + /* Adjust the number of bytes processed */ + numHashed += (ulong)pLen; + } + + /** + * complete hash. + */ + internal void completeHash() + { + /* If we have remaining data */ + if (numActive > 0) + { + /* Access the next data */ + Arrays.Fill(parent.theReverse, (byte)0); + fillReverse(theBuffer, 0, numActive, parent.theReverse); + + /* hash value */ + parent.gHASH(parent.theReverse); + } + } + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/modes/IAeadBlockCipher.cs b/BouncyCastle/crypto/src/crypto/modes/IAeadBlockCipher.cs new file mode 100644 index 0000000..ebe5ef2 --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/modes/IAeadBlockCipher.cs @@ -0,0 +1,15 @@ +using System; + +namespace Org.BouncyCastle.Crypto.Modes +{ + /// An IAeadCipher based on an IBlockCipher. + public interface IAeadBlockCipher + : IAeadCipher + { + /// The block size for this cipher, in bytes. + int GetBlockSize(); + + /// The block cipher underlying this algorithm. + IBlockCipher GetUnderlyingCipher(); + } +} diff --git a/BouncyCastle/crypto/src/crypto/modes/IAeadCipher.cs b/BouncyCastle/crypto/src/crypto/modes/IAeadCipher.cs new file mode 100644 index 0000000..437693c --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/modes/IAeadCipher.cs @@ -0,0 +1,111 @@ +using System; + +using Org.BouncyCastle.Crypto.Parameters; + +namespace Org.BouncyCastle.Crypto.Modes +{ + /// + /// A cipher mode that includes authenticated encryption with a streaming mode and optional + /// associated data. + /// + /// + /// Implementations of this interface may operate in a packet mode (where all input data is + /// buffered and processed during the call to DoFinal, or in a streaming mode (where output + /// data is incrementally produced with each call to ProcessByte or ProcessBytes. This is + /// important to consider during decryption: in a streaming mode, unauthenticated plaintext + /// data may be output prior to the call to DoFinal that results in an authentication failure. + /// The higher level protocol utilising this cipher must ensure the plaintext data is handled + /// appropriately until the end of data is reached and the entire ciphertext is authenticated. + /// + /// + public interface IAeadCipher + { + /// The name of the algorithm this cipher implements. + string AlgorithmName { get; } + + /// Initialise the cipher. + /// Parameter can either be an AeadParameters or a ParametersWithIV object. + /// Initialise for encryption if true, for decryption if false. + /// The key or other data required by the cipher. + void Init(bool forEncryption, ICipherParameters parameters); + + /// Add a single byte to the associated data check. + /// If the implementation supports it, this will be an online operation and will not retain the associated data. + /// The byte to be processed. + void ProcessAadByte(byte input); + + /// Add a sequence of bytes to the associated data check. + /// If the implementation supports it, this will be an online operation and will not retain the associated data. + /// The input byte array. + /// The offset into the input array where the data to be processed starts. + /// The number of bytes to be processed. + void ProcessAadBytes(byte[] inBytes, int inOff, int len); + + /** + * Encrypt/decrypt a single byte. + * + * @param input the byte to be processed. + * @param outBytes the output buffer the processed byte goes into. + * @param outOff the offset into the output byte array the processed data starts at. + * @return the number of bytes written to out. + * @exception DataLengthException if the output buffer is too small. + */ + int ProcessByte(byte input, byte[] outBytes, int outOff); + + /** + * Process a block of bytes from in putting the result into out. + * + * @param inBytes the input byte array. + * @param inOff the offset into the in array where the data to be processed starts. + * @param len the number of bytes to be processed. + * @param outBytes the output buffer the processed bytes go into. + * @param outOff the offset into the output byte array the processed data starts at. + * @return the number of bytes written to out. + * @exception DataLengthException if the output buffer is too small. + */ + int ProcessBytes(byte[] inBytes, int inOff, int len, byte[] outBytes, int outOff); + + /** + * Finish the operation either appending or verifying the MAC at the end of the data. + * + * @param outBytes space for any resulting output data. + * @param outOff offset into out to start copying the data at. + * @return number of bytes written into out. + * @throws InvalidOperationException if the cipher is in an inappropriate state. + * @throws InvalidCipherTextException if the MAC fails to match. + */ + int DoFinal(byte[] outBytes, int outOff); + + /** + * Return the value of the MAC associated with the last stream processed. + * + * @return MAC for plaintext data. + */ + byte[] GetMac(); + + /** + * Return the size of the output buffer required for a ProcessBytes + * an input of len bytes. + * + * @param len the length of the input. + * @return the space required to accommodate a call to ProcessBytes + * with len bytes of input. + */ + int GetUpdateOutputSize(int len); + + /** + * Return the size of the output buffer required for a ProcessBytes plus a + * DoFinal with an input of len bytes. + * + * @param len the length of the input. + * @return the space required to accommodate a call to ProcessBytes and DoFinal + * with len bytes of input. + */ + int GetOutputSize(int len); + + /// + /// Reset the cipher to the same state as it was after the last init (if there was one). + /// + void Reset(); + } +} diff --git a/BouncyCastle/crypto/src/crypto/modes/KCcmBlockCipher.cs b/BouncyCastle/crypto/src/crypto/modes/KCcmBlockCipher.cs new file mode 100644 index 0000000..4f78214 --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/modes/KCcmBlockCipher.cs @@ -0,0 +1,490 @@ +using System; +using System.IO; +using System.Text; + +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Crypto.Modes +{ + public class KCcmBlockCipher: IAeadBlockCipher + { + private static readonly int BYTES_IN_INT = 4; + private static readonly int BITS_IN_BYTE = 8; + + private static readonly int MAX_MAC_BIT_LENGTH = 512; + private static readonly int MIN_MAC_BIT_LENGTH = 64; + + private IBlockCipher engine; + + private int macSize; + private bool forEncryption; + + private byte[] initialAssociatedText; + private byte[] mac; + private byte[] macBlock; + + private byte[] nonce; + + private byte[] G1; + private byte[] buffer; + + private byte[] s; + private byte[] counter; + + private readonly MemoryStream associatedText = new MemoryStream(); + private readonly MemoryStream data = new MemoryStream(); + + /* + * + * + */ + private int Nb_ = 4; + + private void setNb(int Nb) + { + if (Nb == 4 || Nb == 6 || Nb == 8) + { + Nb_ = Nb; + } + else + { + throw new ArgumentException("Nb = 4 is recommended by DSTU7624 but can be changed to only 6 or 8 in this implementation"); + } + } + + /// + /// Base constructor. Nb value is set to 4. + /// + /// base cipher to use under CCM. + public KCcmBlockCipher(IBlockCipher engine): this(engine, 4) + { + } + + /// + /// Constructor allowing Nb configuration. + /// + /// Nb is a parameter specified in CCM mode of DSTU7624 standard. + /// This parameter specifies maximum possible length of input.It should + /// be calculated as follows: Nb = 1 / 8 * (-3 + log[2]Nmax) + 1, + /// where Nmax - length of input message in bits.For practical reasons + /// Nmax usually less than 4Gb, e.g. for Nmax = 2^32 - 1, Nb = 4. + /// + /// base cipher to use under CCM. + /// Nb value to use. + public KCcmBlockCipher(IBlockCipher engine, int Nb) + { + this.engine = engine; + this.macSize = engine.GetBlockSize(); + this.nonce = new byte[engine.GetBlockSize()]; + this.initialAssociatedText = new byte[engine.GetBlockSize()]; + this.mac = new byte[engine.GetBlockSize()]; + this.macBlock = new byte[engine.GetBlockSize()]; + this.G1 = new byte[engine.GetBlockSize()]; + this.buffer = new byte[engine.GetBlockSize()]; + this.s = new byte[engine.GetBlockSize()]; + this.counter = new byte[engine.GetBlockSize()]; + setNb(Nb); + } + + public virtual void Init(bool forEncryption, ICipherParameters parameters) + { + + ICipherParameters cipherParameters; + if (parameters is AeadParameters) + { + + AeadParameters param = (AeadParameters)parameters; + + if (param.MacSize > MAX_MAC_BIT_LENGTH || param.MacSize < MIN_MAC_BIT_LENGTH || param.MacSize % 8 != 0) + { + throw new ArgumentException("Invalid mac size specified"); + } + + nonce = param.GetNonce(); + macSize = param.MacSize / BITS_IN_BYTE; + initialAssociatedText = param.GetAssociatedText(); + cipherParameters = param.Key; + } + else if (parameters is ParametersWithIV) + { + nonce = ((ParametersWithIV)parameters).GetIV(); + macSize = engine.GetBlockSize(); // use default blockSize for MAC if it is not specified + initialAssociatedText = null; + cipherParameters = ((ParametersWithIV)parameters).Parameters; + } + else + { + throw new ArgumentException("Invalid parameters specified"); + } + + this.mac = new byte[macSize]; + this.forEncryption = forEncryption; + engine.Init(true, cipherParameters); + + counter[0] = 0x01; // defined in standard + + if (initialAssociatedText != null) + { + ProcessAadBytes(initialAssociatedText, 0, initialAssociatedText.Length); + } + } + + public virtual String AlgorithmName + { + get + { + return engine.AlgorithmName + "/KCCM"; + } + } + + public virtual int GetBlockSize() + { + return engine.GetBlockSize(); + } + + public virtual IBlockCipher GetUnderlyingCipher() + { + return engine; + } + + public virtual void ProcessAadByte(byte input) + { + associatedText.WriteByte(input); + } + + public virtual void ProcessAadBytes(byte[] input, int inOff, int len) + { + associatedText.Write(input, inOff, len); + } + + private void ProcessAAD(byte[] assocText, int assocOff, int assocLen, int dataLen) + { + if (assocLen - assocOff < engine.GetBlockSize()) + { + throw new ArgumentException("authText buffer too short"); + } + if (assocLen % engine.GetBlockSize() != 0) + { + throw new ArgumentException("padding not supported"); + } + + Array.Copy(nonce, 0, G1, 0, nonce.Length - Nb_ - 1); + + intToBytes(dataLen, buffer, 0); // for G1 + + Array.Copy(buffer, 0, G1, nonce.Length - Nb_ - 1, BYTES_IN_INT); + + G1[G1.Length - 1] = getFlag(true, macSize); + + engine.ProcessBlock(G1, 0, macBlock, 0); + + intToBytes(assocLen, buffer, 0); // for G2 + + if (assocLen <= engine.GetBlockSize() - Nb_) + { + for (int byteIndex = 0; byteIndex < assocLen; byteIndex++) + { + buffer[byteIndex + Nb_] ^= assocText[assocOff + byteIndex]; + } + + for (int byteIndex = 0; byteIndex < engine.GetBlockSize(); byteIndex++) + { + macBlock[byteIndex] ^= buffer[byteIndex]; + } + + engine.ProcessBlock(macBlock, 0, macBlock, 0); + + return; + } + + for (int byteIndex = 0; byteIndex < engine.GetBlockSize(); byteIndex++) + { + macBlock[byteIndex] ^= buffer[byteIndex]; + } + + engine.ProcessBlock(macBlock, 0, macBlock, 0); + + int authLen = assocLen; + while (authLen != 0) + { + for (int byteIndex = 0; byteIndex < engine.GetBlockSize(); byteIndex++) + { + macBlock[byteIndex] ^= assocText[byteIndex + assocOff]; + } + + engine.ProcessBlock(macBlock, 0, macBlock, 0); + + assocOff += engine.GetBlockSize(); + authLen -= engine.GetBlockSize(); + } + } + + public virtual int ProcessByte(byte input, byte[] output, int outOff) + { + data.WriteByte(input); + + return 0; + } + + public virtual int ProcessBytes(byte[] input, int inOff, int inLen, byte[] output, int outOff) + { + Check.DataLength(input, inOff, inLen, "input buffer too short"); + + data.Write(input, inOff, inLen); + + return 0; + } + + public int ProcessPacket(byte[] input, int inOff, int len, byte[] output, int outOff) + { + Check.DataLength(input, inOff, len, "input buffer too short"); + Check.OutputLength(output, outOff, len, "output buffer too short"); + + if (associatedText.Length > 0) + { +#if PORTABLE + byte[] aad = associatedText.ToArray(); + int aadLen = aad.Length; +#else + byte[] aad = associatedText.GetBuffer(); + int aadLen = (int)associatedText.Length; +#endif + + int dataLen = forEncryption ? (int)data.Length : ((int)data.Length - macSize); + + ProcessAAD(aad, 0, aadLen, dataLen); + } + + if (forEncryption) + { + Check.DataLength(len % engine.GetBlockSize() != 0, "partial blocks not supported"); + + CalculateMac(input, inOff, len); + engine.ProcessBlock(nonce, 0, s, 0); + + int totalLength = len; + while (totalLength > 0) + { + ProcessBlock(input, inOff, len, output, outOff); + totalLength -= engine.GetBlockSize(); + inOff += engine.GetBlockSize(); + outOff += engine.GetBlockSize(); + } + + for (int byteIndex = 0; byteIndex inOff) + { + for (int byteIndex = 0; byteIndex 0) + { + for (int byteIndex = 0; byteIndex < engine.GetBlockSize(); byteIndex++) + { + macBlock[byteIndex] ^= authText[authOff + byteIndex]; + } + + engine.ProcessBlock(macBlock, 0, macBlock, 0); + + totalLen -= engine.GetBlockSize(); + authOff += engine.GetBlockSize(); + } + } + + public virtual int DoFinal(byte[] output, int outOff) + { +#if PORTABLE + byte[] buf = data.ToArray(); + int bufLen = buf.Length; +#else + byte[] buf = data.GetBuffer(); + int bufLen = (int)data.Length; +#endif + + int len = ProcessPacket(buf, 0, bufLen, output, outOff); + + Reset(); + + return len; + } + + public virtual byte[] GetMac() + { + return Arrays.Clone(mac); + } + + public virtual int GetUpdateOutputSize(int len) + { + return len; + } + + public virtual int GetOutputSize(int len) + { + return len + macSize; + } + + public virtual void Reset() + { + Arrays.Fill(G1, (byte)0); + Arrays.Fill(buffer, (byte)0); + Arrays.Fill(counter, (byte)0); + Arrays.Fill(macBlock, (byte)0); + + counter[0] = 0x01; + data.SetLength(0); + associatedText.SetLength(0); + + if (initialAssociatedText != null) + { + ProcessAadBytes(initialAssociatedText, 0, initialAssociatedText.Length); + } + } + + private void intToBytes( + int num, + byte[] outBytes, + int outOff) + { + outBytes[outOff + 3] = (byte)(num >> 24); + outBytes[outOff + 2] = (byte)(num >> 16); + outBytes[outOff + 1] = (byte)(num >> 8); + outBytes[outOff] = (byte)num; + } + + private byte getFlag(bool authTextPresents, int macSize) + { + StringBuilder flagByte = new StringBuilder(); + + if (authTextPresents) + { + flagByte.Append("1"); + } + else + { + flagByte.Append("0"); + } + + + switch (macSize) + { + case 8: + flagByte.Append("010"); // binary 2 + break; + case 16: + flagByte.Append("011"); // binary 3 + break; + case 32: + flagByte.Append("100"); // binary 4 + break; + case 48: + flagByte.Append("101"); // binary 5 + break; + case 64: + flagByte.Append("110"); // binary 6 + break; + } + + String binaryNb = Convert.ToString(Nb_ - 1, 2); + while (binaryNb.Length < 4) + { + binaryNb = new StringBuilder(binaryNb).Insert(0, "0").ToString(); + } + + flagByte.Append(binaryNb); + + return (byte)Convert.ToInt32(flagByte.ToString(), 2); + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/modes/KCtrBlockCipher.cs b/BouncyCastle/crypto/src/crypto/modes/KCtrBlockCipher.cs new file mode 100644 index 0000000..ff0249a --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/modes/KCtrBlockCipher.cs @@ -0,0 +1,235 @@ +using System; + +using Org.BouncyCastle.Crypto.Parameters; + +namespace Org.BouncyCastle.Crypto.Modes +{ + /** + * Implements a Gamming or Counter (CTR) mode on top of a DSTU 7624 block cipher. + */ + public class KCtrBlockCipher : IStreamCipher, IBlockCipher + { + private byte[] IV; + private byte[] ofbV; + private byte[] ofbOutV; + private bool initialised; + + private int byteCount; + + private readonly int blockSize; + private readonly IBlockCipher cipher; + + /** + * Basic constructor. + * + * @param cipher the block cipher to be used as the basis of the + * feedback mode. + */ + public KCtrBlockCipher(IBlockCipher cipher) + { + this.cipher = cipher; + this.IV = new byte[cipher.GetBlockSize()]; + this.blockSize = cipher.GetBlockSize(); + + this.ofbV = new byte[cipher.GetBlockSize()]; + this.ofbOutV = new byte[cipher.GetBlockSize()]; + } + + /** + * return the underlying block cipher that we are wrapping. + * + * @return the underlying block cipher that we are wrapping. + */ + public IBlockCipher GetUnderlyingCipher() + { + return cipher; + } + /** + * Initialise the cipher and, possibly, the initialisation vector (IV). + * If an IV isn't passed as part of the parameter, the IV will be all zeros. + * An IV which is too short is handled in FIPS compliant fashion. + * + * @param forEncryption if true the cipher is initialised for + * encryption, if false for decryption. + * @param param the key and other data required by the cipher. + * @exception ArgumentException if the parameters argument is + * inappropriate. + */ + public void Init( + bool forEncryption, + ICipherParameters parameters) + { + this.initialised = true; + if (parameters is ParametersWithIV) + { + ParametersWithIV ivParam = (ParametersWithIV)parameters; + byte[] iv = ivParam.GetIV(); + int diff = IV.Length - iv.Length; + + Array.Clear(IV, 0, IV.Length); + Array.Copy(iv, 0, IV, diff, iv.Length); + + parameters = ivParam.Parameters; + } + else + { + throw new ArgumentException("Invalid parameter passed"); + } + + // if it's null, key is to be reused. + if (parameters != null) + { + cipher.Init(true, parameters); + } + + Reset(); + } + + /** + * return the algorithm name and mode. + * + * @return the name of the underlying algorithm followed by "/KCTR" + * and the block size in bits. + */ + public string AlgorithmName + { + get { return cipher.AlgorithmName + "/KCTR"; } + } + + public bool IsPartialBlockOkay + { + get { return true; } + } + + /** + * return the block size we are operating at. + * + * @return the block size we are operating at (in bytes). + */ + public int GetBlockSize() + { + return cipher.GetBlockSize(); + } + + public byte ReturnByte(byte input) + { + return CalculateByte(input); + } + + public void ProcessBytes(byte[] input, int inOff, int len, byte[] output, int outOff) + { + if (outOff + len > output.Length) + { + throw new DataLengthException("Output buffer too short"); + } + + if (inOff + len > input.Length) + { + throw new DataLengthException("Input buffer too small"); + } + + int inStart = inOff; + int inEnd = inOff + len; + int outStart = outOff; + + while (inStartRFC 7253 on The OCB + * Authenticated-Encryption Algorithm, licensed per: + * + *

License for + * Open-Source Software Implementations of OCB (Jan 9, 2013) - 'License 1'
+ * Under this license, you are authorized to make, use, and distribute open-source software + * implementations of OCB. This license terminates for you if you sue someone over their open-source + * software implementation of OCB claiming that you have a patent covering their implementation. + *

+ * This is a non-binding summary of a legal document (the link above). The parameters of the license + * are specified in the license document and that document is controlling.

+ */ + public class OcbBlockCipher + : IAeadBlockCipher + { + private const int BLOCK_SIZE = 16; + + private readonly IBlockCipher hashCipher; + private readonly IBlockCipher mainCipher; + + /* + * CONFIGURATION + */ + private bool forEncryption; + private int macSize; + private byte[] initialAssociatedText; + + /* + * KEY-DEPENDENT + */ + // NOTE: elements are lazily calculated + private IList L; + private byte[] L_Asterisk, L_Dollar; + + /* + * NONCE-DEPENDENT + */ + private byte[] KtopInput = null; + private byte[] Stretch = new byte[24]; + private byte[] OffsetMAIN_0 = new byte[16]; + + /* + * PER-ENCRYPTION/DECRYPTION + */ + private byte[] hashBlock, mainBlock; + private int hashBlockPos, mainBlockPos; + private long hashBlockCount, mainBlockCount; + private byte[] OffsetHASH; + private byte[] Sum; + private byte[] OffsetMAIN = new byte[16]; + private byte[] Checksum; + + // NOTE: The MAC value is preserved after doFinal + private byte[] macBlock; + + public OcbBlockCipher(IBlockCipher hashCipher, IBlockCipher mainCipher) + { + if (hashCipher == null) + throw new ArgumentNullException("hashCipher"); + if (hashCipher.GetBlockSize() != BLOCK_SIZE) + throw new ArgumentException("must have a block size of " + BLOCK_SIZE, "hashCipher"); + if (mainCipher == null) + throw new ArgumentNullException("mainCipher"); + if (mainCipher.GetBlockSize() != BLOCK_SIZE) + throw new ArgumentException("must have a block size of " + BLOCK_SIZE, "mainCipher"); + + if (!hashCipher.AlgorithmName.Equals(mainCipher.AlgorithmName)) + throw new ArgumentException("'hashCipher' and 'mainCipher' must be the same algorithm"); + + this.hashCipher = hashCipher; + this.mainCipher = mainCipher; + } + + public virtual IBlockCipher GetUnderlyingCipher() + { + return mainCipher; + } + + public virtual string AlgorithmName + { + get { return mainCipher.AlgorithmName + "/OCB"; } + } + + public virtual void Init(bool forEncryption, ICipherParameters parameters) + { + bool oldForEncryption = this.forEncryption; + this.forEncryption = forEncryption; + this.macBlock = null; + + KeyParameter keyParameter; + + byte[] N; + if (parameters is AeadParameters) + { + AeadParameters aeadParameters = (AeadParameters) parameters; + + N = aeadParameters.GetNonce(); + initialAssociatedText = aeadParameters.GetAssociatedText(); + + int macSizeBits = aeadParameters.MacSize; + if (macSizeBits < 64 || macSizeBits > 128 || macSizeBits % 8 != 0) + throw new ArgumentException("Invalid value for MAC size: " + macSizeBits); + + macSize = macSizeBits / 8; + keyParameter = aeadParameters.Key; + } + else if (parameters is ParametersWithIV) + { + ParametersWithIV parametersWithIV = (ParametersWithIV) parameters; + + N = parametersWithIV.GetIV(); + initialAssociatedText = null; + macSize = 16; + keyParameter = (KeyParameter) parametersWithIV.Parameters; + } + else + { + throw new ArgumentException("invalid parameters passed to OCB"); + } + + this.hashBlock = new byte[16]; + this.mainBlock = new byte[forEncryption ? BLOCK_SIZE : (BLOCK_SIZE + macSize)]; + + if (N == null) + { + N = new byte[0]; + } + + if (N.Length > 15) + { + throw new ArgumentException("IV must be no more than 15 bytes"); + } + + /* + * KEY-DEPENDENT INITIALISATION + */ + + if (keyParameter != null) + { + // hashCipher always used in forward mode + hashCipher.Init(true, keyParameter); + mainCipher.Init(forEncryption, keyParameter); + KtopInput = null; + } + else if (oldForEncryption != forEncryption) + { + throw new ArgumentException("cannot change encrypting state without providing key."); + } + + this.L_Asterisk = new byte[16]; + hashCipher.ProcessBlock(L_Asterisk, 0, L_Asterisk, 0); + + this.L_Dollar = OCB_double(L_Asterisk); + + this.L = Platform.CreateArrayList(); + this.L.Add(OCB_double(L_Dollar)); + + /* + * NONCE-DEPENDENT AND PER-ENCRYPTION/DECRYPTION INITIALISATION + */ + + int bottom = ProcessNonce(N); + + int bits = bottom % 8, bytes = bottom / 8; + if (bits == 0) + { + Array.Copy(Stretch, bytes, OffsetMAIN_0, 0, 16); + } + else + { + for (int i = 0; i < 16; ++i) + { + uint b1 = Stretch[bytes]; + uint b2 = Stretch[++bytes]; + this.OffsetMAIN_0[i] = (byte) ((b1 << bits) | (b2 >> (8 - bits))); + } + } + + this.hashBlockPos = 0; + this.mainBlockPos = 0; + + this.hashBlockCount = 0; + this.mainBlockCount = 0; + + this.OffsetHASH = new byte[16]; + this.Sum = new byte[16]; + Array.Copy(OffsetMAIN_0, 0, OffsetMAIN, 0, 16); + this.Checksum = new byte[16]; + + if (initialAssociatedText != null) + { + ProcessAadBytes(initialAssociatedText, 0, initialAssociatedText.Length); + } + } + + protected virtual int ProcessNonce(byte[] N) + { + byte[] nonce = new byte[16]; + Array.Copy(N, 0, nonce, nonce.Length - N.Length, N.Length); + nonce[0] = (byte)(macSize << 4); + nonce[15 - N.Length] |= 1; + + int bottom = nonce[15] & 0x3F; + nonce[15] &= 0xC0; + + /* + * When used with incrementing nonces, the cipher is only applied once every 64 inits. + */ + if (KtopInput == null || !Arrays.AreEqual(nonce, KtopInput)) + { + byte[] Ktop = new byte[16]; + KtopInput = nonce; + hashCipher.ProcessBlock(KtopInput, 0, Ktop, 0); + Array.Copy(Ktop, 0, Stretch, 0, 16); + for (int i = 0; i < 8; ++i) + { + Stretch[16 + i] = (byte)(Ktop[i] ^ Ktop[i + 1]); + } + } + + return bottom; + } + + public virtual int GetBlockSize() + { + return BLOCK_SIZE; + } + + public virtual byte[] GetMac() + { + return macBlock == null + ? new byte[macSize] + : Arrays.Clone(macBlock); + } + + public virtual int GetOutputSize(int len) + { + int totalData = len + mainBlockPos; + if (forEncryption) + { + return totalData + macSize; + } + return totalData < macSize ? 0 : totalData - macSize; + } + + public virtual int GetUpdateOutputSize(int len) + { + int totalData = len + mainBlockPos; + if (!forEncryption) + { + if (totalData < macSize) + { + return 0; + } + totalData -= macSize; + } + return totalData - totalData % BLOCK_SIZE; + } + + public virtual void ProcessAadByte(byte input) + { + hashBlock[hashBlockPos] = input; + if (++hashBlockPos == hashBlock.Length) + { + ProcessHashBlock(); + } + } + + public virtual void ProcessAadBytes(byte[] input, int off, int len) + { + for (int i = 0; i < len; ++i) + { + hashBlock[hashBlockPos] = input[off + i]; + if (++hashBlockPos == hashBlock.Length) + { + ProcessHashBlock(); + } + } + } + + public virtual int ProcessByte(byte input, byte[] output, int outOff) + { + mainBlock[mainBlockPos] = input; + if (++mainBlockPos == mainBlock.Length) + { + ProcessMainBlock(output, outOff); + return BLOCK_SIZE; + } + return 0; + } + + public virtual int ProcessBytes(byte[] input, int inOff, int len, byte[] output, int outOff) + { + int resultLen = 0; + + for (int i = 0; i < len; ++i) + { + mainBlock[mainBlockPos] = input[inOff + i]; + if (++mainBlockPos == mainBlock.Length) + { + ProcessMainBlock(output, outOff + resultLen); + resultLen += BLOCK_SIZE; + } + } + + return resultLen; + } + + public virtual int DoFinal(byte[] output, int outOff) + { + /* + * For decryption, get the tag from the end of the message + */ + byte[] tag = null; + if (!forEncryption) { + if (mainBlockPos < macSize) + throw new InvalidCipherTextException("data too short"); + + mainBlockPos -= macSize; + tag = new byte[macSize]; + Array.Copy(mainBlock, mainBlockPos, tag, 0, macSize); + } + + /* + * HASH: Process any final partial block; compute final hash value + */ + if (hashBlockPos > 0) + { + OCB_extend(hashBlock, hashBlockPos); + UpdateHASH(L_Asterisk); + } + + /* + * OCB-ENCRYPT/OCB-DECRYPT: Process any final partial block + */ + if (mainBlockPos > 0) + { + if (forEncryption) + { + OCB_extend(mainBlock, mainBlockPos); + Xor(Checksum, mainBlock); + } + + Xor(OffsetMAIN, L_Asterisk); + + byte[] Pad = new byte[16]; + hashCipher.ProcessBlock(OffsetMAIN, 0, Pad, 0); + + Xor(mainBlock, Pad); + + Check.OutputLength(output, outOff, mainBlockPos, "Output buffer too short"); + Array.Copy(mainBlock, 0, output, outOff, mainBlockPos); + + if (!forEncryption) + { + OCB_extend(mainBlock, mainBlockPos); + Xor(Checksum, mainBlock); + } + } + + /* + * OCB-ENCRYPT/OCB-DECRYPT: Compute raw tag + */ + Xor(Checksum, OffsetMAIN); + Xor(Checksum, L_Dollar); + hashCipher.ProcessBlock(Checksum, 0, Checksum, 0); + Xor(Checksum, Sum); + + this.macBlock = new byte[macSize]; + Array.Copy(Checksum, 0, macBlock, 0, macSize); + + /* + * Validate or append tag and reset this cipher for the next run + */ + int resultLen = mainBlockPos; + + if (forEncryption) + { + Check.OutputLength(output, outOff, resultLen + macSize, "Output buffer too short"); + + // Append tag to the message + Array.Copy(macBlock, 0, output, outOff + resultLen, macSize); + resultLen += macSize; + } + else + { + // Compare the tag from the message with the calculated one + if (!Arrays.ConstantTimeAreEqual(macBlock, tag)) + throw new InvalidCipherTextException("mac check in OCB failed"); + } + + Reset(false); + + return resultLen; + } + + public virtual void Reset() + { + Reset(true); + } + + protected virtual void Clear(byte[] bs) + { + if (bs != null) + { + Array.Clear(bs, 0, bs.Length); + } + } + + protected virtual byte[] GetLSub(int n) + { + while (n >= L.Count) + { + L.Add(OCB_double((byte[]) L[L.Count - 1])); + } + return (byte[])L[n]; + } + + protected virtual void ProcessHashBlock() + { + /* + * HASH: Process any whole blocks + */ + UpdateHASH(GetLSub(OCB_ntz(++hashBlockCount))); + hashBlockPos = 0; + } + + protected virtual void ProcessMainBlock(byte[] output, int outOff) + { + Check.DataLength(output, outOff, BLOCK_SIZE, "Output buffer too short"); + + /* + * OCB-ENCRYPT/OCB-DECRYPT: Process any whole blocks + */ + + if (forEncryption) + { + Xor(Checksum, mainBlock); + mainBlockPos = 0; + } + + Xor(OffsetMAIN, GetLSub(OCB_ntz(++mainBlockCount))); + + Xor(mainBlock, OffsetMAIN); + mainCipher.ProcessBlock(mainBlock, 0, mainBlock, 0); + Xor(mainBlock, OffsetMAIN); + + Array.Copy(mainBlock, 0, output, outOff, 16); + + if (!forEncryption) + { + Xor(Checksum, mainBlock); + Array.Copy(mainBlock, BLOCK_SIZE, mainBlock, 0, macSize); + mainBlockPos = macSize; + } + } + + protected virtual void Reset(bool clearMac) + { + hashCipher.Reset(); + mainCipher.Reset(); + + Clear(hashBlock); + Clear(mainBlock); + + hashBlockPos = 0; + mainBlockPos = 0; + + hashBlockCount = 0; + mainBlockCount = 0; + + Clear(OffsetHASH); + Clear(Sum); + Array.Copy(OffsetMAIN_0, 0, OffsetMAIN, 0, 16); + Clear(Checksum); + + if (clearMac) + { + macBlock = null; + } + + if (initialAssociatedText != null) + { + ProcessAadBytes(initialAssociatedText, 0, initialAssociatedText.Length); + } + } + + protected virtual void UpdateHASH(byte[] LSub) + { + Xor(OffsetHASH, LSub); + Xor(hashBlock, OffsetHASH); + hashCipher.ProcessBlock(hashBlock, 0, hashBlock, 0); + Xor(Sum, hashBlock); + } + + protected static byte[] OCB_double(byte[] block) + { + byte[] result = new byte[16]; + int carry = ShiftLeft(block, result); + + /* + * NOTE: This construction is an attempt at a constant-time implementation. + */ + result[15] ^= (byte)(0x87 >> ((1 - carry) << 3)); + + return result; + } + + protected static void OCB_extend(byte[] block, int pos) + { + block[pos] = (byte) 0x80; + while (++pos < 16) + { + block[pos] = 0; + } + } + + protected static int OCB_ntz(long x) + { + if (x == 0) + { + return 64; + } + + int n = 0; + ulong ux = (ulong)x; + while ((ux & 1UL) == 0UL) + { + ++n; + ux >>= 1; + } + return n; + } + + protected static int ShiftLeft(byte[] block, byte[] output) + { + int i = 16; + uint bit = 0; + while (--i >= 0) + { + uint b = block[i]; + output[i] = (byte) ((b << 1) | bit); + bit = (b >> 7) & 1; + } + return (int)bit; + } + + protected static void Xor(byte[] block, byte[] val) + { + for (int i = 15; i >= 0; --i) + { + block[i] ^= val[i]; + } + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/modes/OfbBlockCipher.cs b/BouncyCastle/crypto/src/crypto/modes/OfbBlockCipher.cs new file mode 100644 index 0000000..a99f8c5 --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/modes/OfbBlockCipher.cs @@ -0,0 +1,182 @@ +using System; + +using Org.BouncyCastle.Crypto.Parameters; + +namespace Org.BouncyCastle.Crypto.Modes +{ + /** + * implements a Output-FeedBack (OFB) mode on top of a simple cipher. + */ + public class OfbBlockCipher + : IBlockCipher + { + private byte[] IV; + private byte[] ofbV; + private byte[] ofbOutV; + + private readonly int blockSize; + private readonly IBlockCipher cipher; + + /** + * Basic constructor. + * + * @param cipher the block cipher to be used as the basis of the + * feedback mode. + * @param blockSize the block size in bits (note: a multiple of 8) + */ + public OfbBlockCipher( + IBlockCipher cipher, + int blockSize) + { + this.cipher = cipher; + this.blockSize = blockSize / 8; + + this.IV = new byte[cipher.GetBlockSize()]; + this.ofbV = new byte[cipher.GetBlockSize()]; + this.ofbOutV = new byte[cipher.GetBlockSize()]; + } + + /** + * return the underlying block cipher that we are wrapping. + * + * @return the underlying block cipher that we are wrapping. + */ + public IBlockCipher GetUnderlyingCipher() + { + return cipher; + } + + /** + * Initialise the cipher and, possibly, the initialisation vector (IV). + * If an IV isn't passed as part of the parameter, the IV will be all zeros. + * An IV which is too short is handled in FIPS compliant fashion. + * + * @param forEncryption if true the cipher is initialised for + * encryption, if false for decryption. + * @param param the key and other data required by the cipher. + * @exception ArgumentException if the parameters argument is + * inappropriate. + */ + public void Init( + bool forEncryption, //ignored by this OFB mode + ICipherParameters parameters) + { + if (parameters is ParametersWithIV) + { + ParametersWithIV ivParam = (ParametersWithIV)parameters; + byte[] iv = ivParam.GetIV(); + + if (iv.Length < IV.Length) + { + // prepend the supplied IV with zeros (per FIPS PUB 81) + Array.Copy(iv, 0, IV, IV.Length - iv.Length, iv.Length); + for (int i = 0; i < IV.Length - iv.Length; i++) + { + IV[i] = 0; + } + } + else + { + Array.Copy(iv, 0, IV, 0, IV.Length); + } + + parameters = ivParam.Parameters; + } + + Reset(); + + // if it's null, key is to be reused. + if (parameters != null) + { + cipher.Init(true, parameters); + } + } + + /** + * return the algorithm name and mode. + * + * @return the name of the underlying algorithm followed by "/OFB" + * and the block size in bits + */ + public string AlgorithmName + { + get { return cipher.AlgorithmName + "/OFB" + (blockSize * 8); } + } + + public bool IsPartialBlockOkay + { + get { return true; } + } + + /** + * return the block size we are operating at (in bytes). + * + * @return the block size we are operating at (in bytes). + */ + public int GetBlockSize() + { + return blockSize; + } + + /** + * Process one block of input from the array in and write it to + * the out array. + * + * @param in the array containing the input data. + * @param inOff offset into the in array the data starts at. + * @param out the array the output data will be copied into. + * @param outOff the offset into the out array the output will start at. + * @exception DataLengthException if there isn't enough data in in, or + * space in out. + * @exception InvalidOperationException if the cipher isn't initialised. + * @return the number of bytes processed and produced. + */ + public int ProcessBlock( + byte[] input, + int inOff, + byte[] output, + int outOff) + { + if ((inOff + blockSize) > input.Length) + { + throw new DataLengthException("input buffer too short"); + } + + if ((outOff + blockSize) > output.Length) + { + throw new DataLengthException("output buffer too short"); + } + + cipher.ProcessBlock(ofbV, 0, ofbOutV, 0); + + // + // XOR the ofbV with the plaintext producing the cipher text (and + // the next input block). + // + for (int i = 0; i < blockSize; i++) + { + output[outOff + i] = (byte)(ofbOutV[i] ^ input[inOff + i]); + } + + // + // change over the input block. + // + Array.Copy(ofbV, blockSize, ofbV, 0, ofbV.Length - blockSize); + Array.Copy(ofbOutV, 0, ofbV, ofbV.Length - blockSize, blockSize); + + return blockSize; + } + + /** + * reset the feedback vector back to the IV and reset the underlying + * cipher. + */ + public void Reset() + { + Array.Copy(IV, 0, ofbV, 0, IV.Length); + + cipher.Reset(); + } + } + +} diff --git a/BouncyCastle/crypto/src/crypto/modes/OpenPgpCfbBlockCipher.cs b/BouncyCastle/crypto/src/crypto/modes/OpenPgpCfbBlockCipher.cs new file mode 100644 index 0000000..038ca78 --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/modes/OpenPgpCfbBlockCipher.cs @@ -0,0 +1,337 @@ +using System; + +using Org.BouncyCastle.Crypto.Parameters; + +namespace Org.BouncyCastle.Crypto.Modes +{ + /** + * Implements OpenPGP's rather strange version of Cipher-FeedBack (CFB) mode + * on top of a simple cipher. This class assumes the IV has been prepended + * to the data stream already, and just accomodates the reset after + * (blockSize + 2) bytes have been read. + *

+ * For further info see RFC 2440. + *

+ */ + public class OpenPgpCfbBlockCipher + : IBlockCipher + { + private byte[] IV; + private byte[] FR; + private byte[] FRE; + + private readonly IBlockCipher cipher; + private readonly int blockSize; + + private int count; + private bool forEncryption; + + /** + * Basic constructor. + * + * @param cipher the block cipher to be used as the basis of the + * feedback mode. + */ + public OpenPgpCfbBlockCipher( + IBlockCipher cipher) + { + this.cipher = cipher; + + this.blockSize = cipher.GetBlockSize(); + this.IV = new byte[blockSize]; + this.FR = new byte[blockSize]; + this.FRE = new byte[blockSize]; + } + + /** + * return the underlying block cipher that we are wrapping. + * + * @return the underlying block cipher that we are wrapping. + */ + public IBlockCipher GetUnderlyingCipher() + { + return cipher; + } + + /** + * return the algorithm name and mode. + * + * @return the name of the underlying algorithm followed by "/PGPCFB" + * and the block size in bits. + */ + public string AlgorithmName + { + get { return cipher.AlgorithmName + "/OpenPGPCFB"; } + } + + public bool IsPartialBlockOkay + { + get { return true; } + } + + /** + * return the block size we are operating at. + * + * @return the block size we are operating at (in bytes). + */ + public int GetBlockSize() + { + return cipher.GetBlockSize(); + } + + /** + * Process one block of input from the array in and write it to + * the out array. + * + * @param in the array containing the input data. + * @param inOff offset into the in array the data starts at. + * @param out the array the output data will be copied into. + * @param outOff the offset into the out array the output will start at. + * @exception DataLengthException if there isn't enough data in in, or + * space in out. + * @exception InvalidOperationException if the cipher isn't initialised. + * @return the number of bytes processed and produced. + */ + public int ProcessBlock( + byte[] input, + int inOff, + byte[] output, + int outOff) + { + return (forEncryption) ? EncryptBlock(input, inOff, output, outOff) : DecryptBlock(input, inOff, output, outOff); + } + + /** + * reset the chaining vector back to the IV and reset the underlying + * cipher. + */ + public void Reset() + { + count = 0; + + Array.Copy(IV, 0, FR, 0, FR.Length); + + cipher.Reset(); + } + + /** + * Initialise the cipher and, possibly, the initialisation vector (IV). + * If an IV isn't passed as part of the parameter, the IV will be all zeros. + * An IV which is too short is handled in FIPS compliant fashion. + * + * @param forEncryption if true the cipher is initialised for + * encryption, if false for decryption. + * @param parameters the key and other data required by the cipher. + * @exception ArgumentException if the parameters argument is + * inappropriate. + */ + public void Init( + bool forEncryption, + ICipherParameters parameters) + { + this.forEncryption = forEncryption; + + if (parameters is ParametersWithIV) + { + ParametersWithIV ivParam = (ParametersWithIV)parameters; + byte[] iv = ivParam.GetIV(); + + if (iv.Length < IV.Length) + { + // prepend the supplied IV with zeros (per FIPS PUB 81) + Array.Copy(iv, 0, IV, IV.Length - iv.Length, iv.Length); + for (int i = 0; i < IV.Length - iv.Length; i++) + { + IV[i] = 0; + } + } + else + { + Array.Copy(iv, 0, IV, 0, IV.Length); + } + + parameters = ivParam.Parameters; + } + + Reset(); + + cipher.Init(true, parameters); + } + + /** + * Encrypt one byte of data according to CFB mode. + * @param data the byte to encrypt + * @param blockOff offset in the current block + * @returns the encrypted byte + */ + private byte EncryptByte(byte data, int blockOff) + { + return (byte)(FRE[blockOff] ^ data); + } + + /** + * Do the appropriate processing for CFB IV mode encryption. + * + * @param in the array containing the data to be encrypted. + * @param inOff offset into the in array the data starts at. + * @param out the array the encrypted data will be copied into. + * @param outOff the offset into the out array the output will start at. + * @exception DataLengthException if there isn't enough data in in, or + * space in out. + * @exception InvalidOperationException if the cipher isn't initialised. + * @return the number of bytes processed and produced. + */ + private int EncryptBlock( + byte[] input, + int inOff, + byte[] outBytes, + int outOff) + { + if ((inOff + blockSize) > input.Length) + { + throw new DataLengthException("input buffer too short"); + } + + if ((outOff + blockSize) > outBytes.Length) + { + throw new DataLengthException("output buffer too short"); + } + + if (count > blockSize) + { + FR[blockSize - 2] = outBytes[outOff] = EncryptByte(input[inOff], blockSize - 2); + FR[blockSize - 1] = outBytes[outOff + 1] = EncryptByte(input[inOff + 1], blockSize - 1); + + cipher.ProcessBlock(FR, 0, FRE, 0); + + for (int n = 2; n < blockSize; n++) + { + FR[n - 2] = outBytes[outOff + n] = EncryptByte(input[inOff + n], n - 2); + } + } + else if (count == 0) + { + cipher.ProcessBlock(FR, 0, FRE, 0); + + for (int n = 0; n < blockSize; n++) + { + FR[n] = outBytes[outOff + n] = EncryptByte(input[inOff + n], n); + } + + count += blockSize; + } + else if (count == blockSize) + { + cipher.ProcessBlock(FR, 0, FRE, 0); + + outBytes[outOff] = EncryptByte(input[inOff], 0); + outBytes[outOff + 1] = EncryptByte(input[inOff + 1], 1); + + // + // do reset + // + Array.Copy(FR, 2, FR, 0, blockSize - 2); + Array.Copy(outBytes, outOff, FR, blockSize - 2, 2); + + cipher.ProcessBlock(FR, 0, FRE, 0); + + for (int n = 2; n < blockSize; n++) + { + FR[n - 2] = outBytes[outOff + n] = EncryptByte(input[inOff + n], n - 2); + } + + count += blockSize; + } + + return blockSize; + } + + /** + * Do the appropriate processing for CFB IV mode decryption. + * + * @param in the array containing the data to be decrypted. + * @param inOff offset into the in array the data starts at. + * @param out the array the encrypted data will be copied into. + * @param outOff the offset into the out array the output will start at. + * @exception DataLengthException if there isn't enough data in in, or + * space in out. + * @exception InvalidOperationException if the cipher isn't initialised. + * @return the number of bytes processed and produced. + */ + private int DecryptBlock( + byte[] input, + int inOff, + byte[] outBytes, + int outOff) + { + if ((inOff + blockSize) > input.Length) + { + throw new DataLengthException("input buffer too short"); + } + + if ((outOff + blockSize) > outBytes.Length) + { + throw new DataLengthException("output buffer too short"); + } + + if (count > blockSize) + { + byte inVal = input[inOff]; + FR[blockSize - 2] = inVal; + outBytes[outOff] = EncryptByte(inVal, blockSize - 2); + + inVal = input[inOff + 1]; + FR[blockSize - 1] = inVal; + outBytes[outOff + 1] = EncryptByte(inVal, blockSize - 1); + + cipher.ProcessBlock(FR, 0, FRE, 0); + + for (int n = 2; n < blockSize; n++) + { + inVal = input[inOff + n]; + FR[n - 2] = inVal; + outBytes[outOff + n] = EncryptByte(inVal, n - 2); + } + } + else if (count == 0) + { + cipher.ProcessBlock(FR, 0, FRE, 0); + + for (int n = 0; n < blockSize; n++) + { + FR[n] = input[inOff + n]; + outBytes[n] = EncryptByte(input[inOff + n], n); + } + + count += blockSize; + } + else if (count == blockSize) + { + cipher.ProcessBlock(FR, 0, FRE, 0); + + byte inVal1 = input[inOff]; + byte inVal2 = input[inOff + 1]; + outBytes[outOff ] = EncryptByte(inVal1, 0); + outBytes[outOff + 1] = EncryptByte(inVal2, 1); + + Array.Copy(FR, 2, FR, 0, blockSize - 2); + + FR[blockSize - 2] = inVal1; + FR[blockSize - 1] = inVal2; + + cipher.ProcessBlock(FR, 0, FRE, 0); + + for (int n = 2; n < blockSize; n++) + { + byte inVal = input[inOff + n]; + FR[n - 2] = inVal; + outBytes[outOff + n] = EncryptByte(inVal, n - 2); + } + + count += blockSize; + } + + return blockSize; + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/modes/SicBlockCipher.cs b/BouncyCastle/crypto/src/crypto/modes/SicBlockCipher.cs new file mode 100644 index 0000000..0bea4a4 --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/modes/SicBlockCipher.cs @@ -0,0 +1,120 @@ +using System; + +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Math; + +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Crypto.Modes +{ + /** + * Implements the Segmented Integer Counter (SIC) mode on top of a simple + * block cipher. + */ + public class SicBlockCipher + : IBlockCipher + { + private readonly IBlockCipher cipher; + private readonly int blockSize; + private readonly byte[] counter; + private readonly byte[] counterOut; + private byte[] IV; + + /** + * Basic constructor. + * + * @param c the block cipher to be used. + */ + public SicBlockCipher(IBlockCipher cipher) + { + this.cipher = cipher; + this.blockSize = cipher.GetBlockSize(); + this.counter = new byte[blockSize]; + this.counterOut = new byte[blockSize]; + this.IV = new byte[blockSize]; + } + + /** + * return the underlying block cipher that we are wrapping. + * + * @return the underlying block cipher that we are wrapping. + */ + public virtual IBlockCipher GetUnderlyingCipher() + { + return cipher; + } + + public virtual void Init( + bool forEncryption, //ignored by this CTR mode + ICipherParameters parameters) + { + ParametersWithIV ivParam = parameters as ParametersWithIV; + if (ivParam == null) + throw new ArgumentException("CTR/SIC mode requires ParametersWithIV", "parameters"); + + this.IV = Arrays.Clone(ivParam.GetIV()); + + if (blockSize < IV.Length) + throw new ArgumentException("CTR/SIC mode requires IV no greater than: " + blockSize + " bytes."); + + int maxCounterSize = System.Math.Min(8, blockSize / 2); + if (blockSize - IV.Length > maxCounterSize) + throw new ArgumentException("CTR/SIC mode requires IV of at least: " + (blockSize - maxCounterSize) + " bytes."); + + // if null it's an IV changed only. + if (ivParam.Parameters != null) + { + cipher.Init(true, ivParam.Parameters); + } + + Reset(); + } + + public virtual string AlgorithmName + { + get { return cipher.AlgorithmName + "/SIC"; } + } + + public virtual bool IsPartialBlockOkay + { + get { return true; } + } + + public virtual int GetBlockSize() + { + return cipher.GetBlockSize(); + } + + public virtual int ProcessBlock( + byte[] input, + int inOff, + byte[] output, + int outOff) + { + cipher.ProcessBlock(counter, 0, counterOut, 0); + + // + // XOR the counterOut with the plaintext producing the cipher text + // + for (int i = 0; i < counterOut.Length; i++) + { + output[outOff + i] = (byte)(counterOut[i] ^ input[inOff + i]); + } + + // Increment the counter + int j = counter.Length; + while (--j >= 0 && ++counter[j] == 0) + { + } + + return counter.Length; + } + + public virtual void Reset() + { + Arrays.Fill(counter, (byte)0); + Array.Copy(IV, 0, counter, 0, IV.Length); + cipher.Reset(); + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/modes/gcm/BasicGcmExponentiator.cs b/BouncyCastle/crypto/src/crypto/modes/gcm/BasicGcmExponentiator.cs new file mode 100644 index 0000000..4ef1bf7 --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/modes/gcm/BasicGcmExponentiator.cs @@ -0,0 +1,38 @@ +using System; + +namespace Org.BouncyCastle.Crypto.Modes.Gcm +{ + public class BasicGcmExponentiator + : IGcmExponentiator + { + private GcmUtilities.FieldElement x; + + public void Init(byte[] x) + { + GcmUtilities.AsFieldElement(x, out this.x); + } + + public void ExponentiateX(long pow, byte[] output) + { + GcmUtilities.FieldElement y; + GcmUtilities.One(out y); + + if (pow > 0) + { + GcmUtilities.FieldElement powX = x; + do + { + if ((pow & 1L) != 0) + { + GcmUtilities.Multiply(ref y, ref powX); + } + GcmUtilities.Square(ref powX); + pow >>= 1; + } + while (pow > 0); + } + + GcmUtilities.AsBytes(ref y, output); + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/modes/gcm/BasicGcmMultiplier.cs b/BouncyCastle/crypto/src/crypto/modes/gcm/BasicGcmMultiplier.cs new file mode 100644 index 0000000..bf19e17 --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/modes/gcm/BasicGcmMultiplier.cs @@ -0,0 +1,20 @@ +using System; + +namespace Org.BouncyCastle.Crypto.Modes.Gcm +{ + public class BasicGcmMultiplier + : IGcmMultiplier + { + private GcmUtilities.FieldElement H; + + public void Init(byte[] H) + { + GcmUtilities.AsFieldElement(H, out this.H); + } + + public void MultiplyH(byte[] x) + { + GcmUtilities.Multiply(x, ref H); + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/modes/gcm/GcmUtilities.cs b/BouncyCastle/crypto/src/crypto/modes/gcm/GcmUtilities.cs new file mode 100644 index 0000000..5bbf78d --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/modes/gcm/GcmUtilities.cs @@ -0,0 +1,682 @@ +using System; + +using Org.BouncyCastle.Crypto.Utilities; +using Org.BouncyCastle.Math.Raw; +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Crypto.Modes.Gcm +{ + internal abstract class GcmUtilities + { + internal struct FieldElement + { + internal ulong n0, n1; + } + + private const uint E1 = 0xe1000000; + private const ulong E1UL = (ulong)E1 << 32; + + internal static void One(out FieldElement x) + { + x.n0 = 1UL << 63; + x.n1 = 0UL; + } + + internal static byte[] OneAsBytes() + { + byte[] tmp = new byte[16]; + tmp[0] = 0x80; + return tmp; + } + + internal static uint[] OneAsUints() + { + uint[] tmp = new uint[4]; + tmp[0] = 0x80000000; + return tmp; + } + + internal static ulong[] OneAsUlongs() + { + ulong[] tmp = new ulong[2]; + tmp[0] = 1UL << 63; + return tmp; + } + + internal static byte[] AsBytes(uint[] x) + { + return Pack.UInt32_To_BE(x); + } + + internal static void AsBytes(uint[] x, byte[] z) + { + Pack.UInt32_To_BE(x, z, 0); + } + + internal static byte[] AsBytes(ulong[] x) + { + byte[] z = new byte[16]; + Pack.UInt64_To_BE(x, z, 0); + return z; + } + + internal static void AsBytes(ulong[] x, byte[] z) + { + Pack.UInt64_To_BE(x, z, 0); + } + + internal static void AsBytes(ref FieldElement x, byte[] z) + { + Pack.UInt64_To_BE(x.n0, z, 0); + Pack.UInt64_To_BE(x.n1, z, 8); + } + + internal static void AsFieldElement(byte[] x, out FieldElement z) + { + z.n0 = Pack.BE_To_UInt64(x, 0); + z.n1 = Pack.BE_To_UInt64(x, 8); + } + + internal static uint[] AsUints(byte[] bs) + { + uint[] output = new uint[4]; + Pack.BE_To_UInt32(bs, 0, output); + return output; + } + + internal static void AsUints(byte[] bs, uint[] output) + { + Pack.BE_To_UInt32(bs, 0, output); + } + + internal static ulong[] AsUlongs(byte[] x) + { + ulong[] z = new ulong[2]; + Pack.BE_To_UInt64(x, 0, z); + return z; + } + + internal static void AsUlongs(byte[] x, ulong[] z) + { + Pack.BE_To_UInt64(x, 0, z); + } + + internal static void AsUlongs(byte[] x, ulong[] z, int zOff) + { + Pack.BE_To_UInt64(x, 0, z, zOff, 2); + } + + internal static void Copy(uint[] x, uint[] z) + { + z[0] = x[0]; + z[1] = x[1]; + z[2] = x[2]; + z[3] = x[3]; + } + + internal static void Copy(ulong[] x, ulong[] z) + { + z[0] = x[0]; + z[1] = x[1]; + } + + internal static void Copy(ulong[] x, int xOff, ulong[] z, int zOff) + { + z[zOff + 0] = x[xOff + 0]; + z[zOff + 1] = x[xOff + 1]; + } + + internal static void DivideP(ulong[] x, ulong[] z) + { + ulong x0 = x[0], x1 = x[1]; + ulong m = (ulong)((long)x0 >> 63); + x0 ^= (m & E1UL); + z[0] = (x0 << 1) | (x1 >> 63); + z[1] = (x1 << 1) | (ulong)(-(long)m); + } + + internal static void DivideP(ulong[] x, int xOff, ulong[] z, int zOff) + { + ulong x0 = x[xOff + 0], x1 = x[xOff + 1]; + ulong m = (ulong)((long)x0 >> 63); + x0 ^= (m & E1UL); + z[zOff + 0] = (x0 << 1) | (x1 >> 63); + z[zOff + 1] = (x1 << 1) | (ulong)(-(long)m); + } + + internal static void DivideP(ref FieldElement x, out FieldElement z) + { + ulong x0 = x.n0, x1 = x.n1; + ulong m = (ulong)((long)x0 >> 63); + x0 ^= (m & E1UL); + z.n0 = (x0 << 1) | (x1 >> 63); + z.n1 = (x1 << 1) | (ulong)(-(long)m); + } + + internal static void Multiply(byte[] x, byte[] y) + { + ulong[] t1 = AsUlongs(x); + ulong[] t2 = AsUlongs(y); + Multiply(t1, t2); + AsBytes(t1, x); + } + + internal static void Multiply(byte[] x, ref FieldElement y) + { + /* + * "Three-way recursion" as described in "Batch binary Edwards", Daniel J. Bernstein. + * + * Without access to the high part of a 64x64 product x * y, we use a bit reversal to calculate it: + * rev(x) * rev(y) == rev((x * y) << 1) + */ + + ulong x0 = Pack.BE_To_UInt64(x, 0); + ulong x1 = Pack.BE_To_UInt64(x, 8); + ulong y0 = y.n0, y1 = y.n1; + ulong x0r = Longs.Reverse(x0), x1r = Longs.Reverse(x1); + ulong y0r = Longs.Reverse(y0), y1r = Longs.Reverse(y1); + + ulong h0 = Longs.Reverse(ImplMul64(x0r, y0r)); + ulong h1 = ImplMul64(x0, y0) << 1; + ulong h2 = Longs.Reverse(ImplMul64(x1r, y1r)); + ulong h3 = ImplMul64(x1, y1) << 1; + ulong h4 = Longs.Reverse(ImplMul64(x0r ^ x1r, y0r ^ y1r)); + ulong h5 = ImplMul64(x0 ^ x1, y0 ^ y1) << 1; + + ulong z0 = h0; + ulong z1 = h1 ^ h0 ^ h2 ^ h4; + ulong z2 = h2 ^ h1 ^ h3 ^ h5; + ulong z3 = h3; + + z1 ^= z3 ^ (z3 >> 1) ^ (z3 >> 2) ^ (z3 >> 7); +// z2 ^= (z3 << 63) ^ (z3 << 62) ^ (z3 << 57); + z2 ^= (z3 << 62) ^ (z3 << 57); + + z0 ^= z2 ^ (z2 >> 1) ^ (z2 >> 2) ^ (z2 >> 7); + z1 ^= (z2 << 63) ^ (z2 << 62) ^ (z2 << 57); + + Pack.UInt64_To_BE(z0, x, 0); + Pack.UInt64_To_BE(z1, x, 8); + } + + internal static void Multiply(uint[] x, uint[] y) + { + uint y0 = y[0], y1 = y[1], y2 = y[2], y3 = y[3]; + uint z0 = 0, z1 = 0, z2 = 0, z3 = 0; + + for (int i = 0; i < 4; ++i) + { + int bits = (int)x[i]; + for (int j = 0; j < 32; ++j) + { + uint m1 = (uint)(bits >> 31); bits <<= 1; + z0 ^= y0 & m1; + z1 ^= y1 & m1; + z2 ^= y2 & m1; + z3 ^= y3 & m1; + + uint m2 = (uint)((int)(y3 << 31) >> 8); + y3 = (y3 >> 1) | (y2 << 31); + y2 = (y2 >> 1) | (y1 << 31); + y1 = (y1 >> 1) | (y0 << 31); + y0 = (y0 >> 1) ^ (m2 & E1); + } + } + + x[0] = z0; + x[1] = z1; + x[2] = z2; + x[3] = z3; + } + + internal static void Multiply(ulong[] x, ulong[] y) + { + //ulong x0 = x[0], x1 = x[1]; + //ulong y0 = y[0], y1 = y[1]; + //ulong z0 = 0, z1 = 0, z2 = 0; + + //for (int j = 0; j < 64; ++j) + //{ + // ulong m0 = (ulong)((long)x0 >> 63); x0 <<= 1; + // z0 ^= y0 & m0; + // z1 ^= y1 & m0; + + // ulong m1 = (ulong)((long)x1 >> 63); x1 <<= 1; + // z1 ^= y0 & m1; + // z2 ^= y1 & m1; + + // ulong c = (ulong)((long)(y1 << 63) >> 8); + // y1 = (y1 >> 1) | (y0 << 63); + // y0 = (y0 >> 1) ^ (c & E1UL); + //} + + //z0 ^= z2 ^ (z2 >> 1) ^ (z2 >> 2) ^ (z2 >> 7); + //z1 ^= (z2 << 63) ^ (z2 << 62) ^ (z2 << 57); + + //x[0] = z0; + //x[1] = z1; + + /* + * "Three-way recursion" as described in "Batch binary Edwards", Daniel J. Bernstein. + * + * Without access to the high part of a 64x64 product x * y, we use a bit reversal to calculate it: + * rev(x) * rev(y) == rev((x * y) << 1) + */ + + ulong x0 = x[0], x1 = x[1]; + ulong y0 = y[0], y1 = y[1]; + ulong x0r = Longs.Reverse(x0), x1r = Longs.Reverse(x1); + ulong y0r = Longs.Reverse(y0), y1r = Longs.Reverse(y1); + + ulong h0 = Longs.Reverse(ImplMul64(x0r, y0r)); + ulong h1 = ImplMul64(x0, y0) << 1; + ulong h2 = Longs.Reverse(ImplMul64(x1r, y1r)); + ulong h3 = ImplMul64(x1, y1) << 1; + ulong h4 = Longs.Reverse(ImplMul64(x0r ^ x1r, y0r ^ y1r)); + ulong h5 = ImplMul64(x0 ^ x1, y0 ^ y1) << 1; + + ulong z0 = h0; + ulong z1 = h1 ^ h0 ^ h2 ^ h4; + ulong z2 = h2 ^ h1 ^ h3 ^ h5; + ulong z3 = h3; + + z1 ^= z3 ^ (z3 >> 1) ^ (z3 >> 2) ^ (z3 >> 7); +// z2 ^= (z3 << 63) ^ (z3 << 62) ^ (z3 << 57); + z2 ^= (z3 << 62) ^ (z3 << 57); + + z0 ^= z2 ^ (z2 >> 1) ^ (z2 >> 2) ^ (z2 >> 7); + z1 ^= (z2 << 63) ^ (z2 << 62) ^ (z2 << 57); + + x[0] = z0; + x[1] = z1; + } + + internal static void Multiply(ref FieldElement x, ref FieldElement y) + { + /* + * "Three-way recursion" as described in "Batch binary Edwards", Daniel J. Bernstein. + * + * Without access to the high part of a 64x64 product x * y, we use a bit reversal to calculate it: + * rev(x) * rev(y) == rev((x * y) << 1) + */ + + ulong x0 = x.n0, x1 = x.n1; + ulong y0 = y.n0, y1 = y.n1; + ulong x0r = Longs.Reverse(x0), x1r = Longs.Reverse(x1); + ulong y0r = Longs.Reverse(y0), y1r = Longs.Reverse(y1); + + ulong h0 = Longs.Reverse(ImplMul64(x0r, y0r)); + ulong h1 = ImplMul64(x0, y0) << 1; + ulong h2 = Longs.Reverse(ImplMul64(x1r, y1r)); + ulong h3 = ImplMul64(x1, y1) << 1; + ulong h4 = Longs.Reverse(ImplMul64(x0r ^ x1r, y0r ^ y1r)); + ulong h5 = ImplMul64(x0 ^ x1, y0 ^ y1) << 1; + + ulong z0 = h0; + ulong z1 = h1 ^ h0 ^ h2 ^ h4; + ulong z2 = h2 ^ h1 ^ h3 ^ h5; + ulong z3 = h3; + + z1 ^= z3 ^ (z3 >> 1) ^ (z3 >> 2) ^ (z3 >> 7); +// z2 ^= (z3 << 63) ^ (z3 << 62) ^ (z3 << 57); + z2 ^= (z3 << 62) ^ (z3 << 57); + + z0 ^= z2 ^ (z2 >> 1) ^ (z2 >> 2) ^ (z2 >> 7); + z1 ^= (z2 << 63) ^ (z2 << 62) ^ (z2 << 57); + + x.n0 = z0; + x.n1 = z1; + } + + internal static void MultiplyP(uint[] x) + { + uint x0 = x[0], x1 = x[1], x2 = x[2], x3 = x[3]; + uint m = (uint)((int)(x3 << 31) >> 31); + x[0] = (x0 >> 1) ^ (m & E1); + x[1] = (x1 >> 1) | (x0 << 31); + x[2] = (x2 >> 1) | (x1 << 31); + x[3] = (x3 >> 1) | (x2 << 31); + } + + internal static void MultiplyP(uint[] x, uint[] z) + { + uint x0 = x[0], x1 = x[1], x2 = x[2], x3 = x[3]; + uint m = (uint)((int)(x3 << 31) >> 31); + z[0] = (x0 >> 1) ^ (m & E1); + z[1] = (x1 >> 1) | (x0 << 31); + z[2] = (x2 >> 1) | (x1 << 31); + z[3] = (x3 >> 1) | (x2 << 31); + } + + internal static void MultiplyP(ulong[] x) + { + ulong x0 = x[0], x1 = x[1]; + ulong m = (ulong)((long)(x1 << 63) >> 63); + x[0] = (x0 >> 1) ^ (m & E1UL); + x[1] = (x1 >> 1) | (x0 << 63); + } + + internal static void MultiplyP(ulong[] x, ulong[] z) + { + ulong x0 = x[0], x1 = x[1]; + ulong m = (ulong)((long)(x1 << 63) >> 63); + z[0] = (x0 >> 1) ^ (m & E1UL); + z[1] = (x1 >> 1) | (x0 << 63); + } + + internal static void MultiplyP3(ulong[] x, ulong[] z) + { + ulong x0 = x[0], x1 = x[1]; + ulong c = x1 << 61; + z[0] = (x0 >> 3) ^ c ^ (c >> 1) ^ (c >> 2) ^ (c >> 7); + z[1] = (x1 >> 3) | (x0 << 61); + } + + internal static void MultiplyP3(ulong[] x, int xOff, ulong[] z, int zOff) + { + ulong x0 = x[xOff + 0], x1 = x[xOff + 1]; + ulong c = x1 << 61; + z[zOff + 0] = (x0 >> 3) ^ c ^ (c >> 1) ^ (c >> 2) ^ (c >> 7); + z[zOff + 1] = (x1 >> 3) | (x0 << 61); + } + + internal static void MultiplyP4(ulong[] x, ulong[] z) + { + ulong x0 = x[0], x1 = x[1]; + ulong c = x1 << 60; + z[0] = (x0 >> 4) ^ c ^ (c >> 1) ^ (c >> 2) ^ (c >> 7); + z[1] = (x1 >> 4) | (x0 << 60); + } + + internal static void MultiplyP4(ulong[] x, int xOff, ulong[] z, int zOff) + { + ulong x0 = x[xOff + 0], x1 = x[xOff + 1]; + ulong c = x1 << 60; + z[zOff + 0] = (x0 >> 4) ^ c ^ (c >> 1) ^ (c >> 2) ^ (c >> 7); + z[zOff + 1] = (x1 >> 4) | (x0 << 60); + } + + internal static void MultiplyP7(ulong[] x, ulong[] z) + { + ulong x0 = x[0], x1 = x[1]; + ulong c = x1 << 57; + z[0] = (x0 >> 7) ^ c ^ (c >> 1) ^ (c >> 2) ^ (c >> 7); + z[1] = (x1 >> 7) | (x0 << 57); + } + + internal static void MultiplyP7(ulong[] x, int xOff, ulong[] z, int zOff) + { + ulong x0 = x[xOff + 0], x1 = x[xOff + 1]; + ulong c = x1 << 57; + z[zOff + 0] = (x0 >> 7) ^ c ^ (c >> 1) ^ (c >> 2) ^ (c >> 7); + z[zOff + 1] = (x1 >> 7) | (x0 << 57); + } + + internal static void MultiplyP7(ref FieldElement x) + { + ulong x0 = x.n0, x1 = x.n1; + ulong c = x1 << 57; + x.n0 = (x0 >> 7) ^ c ^ (c >> 1) ^ (c >> 2) ^ (c >> 7); + x.n1 = (x1 >> 7) | (x0 << 57); + } + + internal static void MultiplyP8(uint[] x) + { + uint x0 = x[0], x1 = x[1], x2 = x[2], x3 = x[3]; + uint c = x3 << 24; + x[0] = (x0 >> 8) ^ c ^ (c >> 1) ^ (c >> 2) ^ (c >> 7); + x[1] = (x1 >> 8) | (x0 << 24); + x[2] = (x2 >> 8) | (x1 << 24); + x[3] = (x3 >> 8) | (x2 << 24); + } + + internal static void MultiplyP8(uint[] x, uint[] y) + { + uint x0 = x[0], x1 = x[1], x2 = x[2], x3 = x[3]; + uint c = x3 << 24; + y[0] = (x0 >> 8) ^ c ^ (c >> 1) ^ (c >> 2) ^ (c >> 7); + y[1] = (x1 >> 8) | (x0 << 24); + y[2] = (x2 >> 8) | (x1 << 24); + y[3] = (x3 >> 8) | (x2 << 24); + } + + internal static void MultiplyP8(ulong[] x) + { + ulong x0 = x[0], x1 = x[1]; + ulong c = x1 << 56; + x[0] = (x0 >> 8) ^ c ^ (c >> 1) ^ (c >> 2) ^ (c >> 7); + x[1] = (x1 >> 8) | (x0 << 56); + } + + internal static void MultiplyP8(ulong[] x, ulong[] y) + { + ulong x0 = x[0], x1 = x[1]; + ulong c = x1 << 56; + y[0] = (x0 >> 8) ^ c ^ (c >> 1) ^ (c >> 2) ^ (c >> 7); + y[1] = (x1 >> 8) | (x0 << 56); + } + + internal static void MultiplyP8(ulong[] x, int xOff, ulong[] y, int yOff) + { + ulong x0 = x[xOff + 0], x1 = x[xOff + 1]; + ulong c = x1 << 56; + y[yOff + 0] = (x0 >> 8) ^ c ^ (c >> 1) ^ (c >> 2) ^ (c >> 7); + y[yOff + 1] = (x1 >> 8) | (x0 << 56); + } + + internal static void MultiplyP8(ref FieldElement x) + { + ulong x0 = x.n0, x1 = x.n1; + ulong c = x1 << 56; + x.n0 = (x0 >> 8) ^ c ^ (c >> 1) ^ (c >> 2) ^ (c >> 7); + x.n1 = (x1 >> 8) | (x0 << 56); + } + + internal static void MultiplyP8(ref FieldElement x, out FieldElement y) + { + ulong x0 = x.n0, x1 = x.n1; + ulong c = x1 << 56; + y.n0 = (x0 >> 8) ^ c ^ (c >> 1) ^ (c >> 2) ^ (c >> 7); + y.n1 = (x1 >> 8) | (x0 << 56); + } + + internal static void MultiplyP16(ulong[] x) + { + ulong x0 = x[0], x1 = x[1]; + ulong c = x1 << 48; + x[0] = (x0 >> 16) ^ c ^ (c >> 1) ^ (c >> 2) ^ (c >> 7); + x[1] = (x1 >> 16) | (x0 << 48); + } + + internal static void MultiplyP16(ref FieldElement x) + { + ulong x0 = x.n0, x1 = x.n1; + ulong c = x1 << 48; + x.n0 = (x0 >> 16) ^ c ^ (c >> 1) ^ (c >> 2) ^ (c >> 7); + x.n1 = (x1 >> 16) | (x0 << 48); + } + + internal static void Square(ulong[] x, ulong[] z) + { + ulong[] t = new ulong[4]; + Interleave.Expand64To128Rev(x[0], t, 0); + Interleave.Expand64To128Rev(x[1], t, 2); + + ulong z0 = t[0], z1 = t[1], z2 = t[2], z3 = t[3]; + + z1 ^= z3 ^ (z3 >> 1) ^ (z3 >> 2) ^ (z3 >> 7); +// z2 ^= (z3 << 63) ^ (z3 << 62) ^ (z3 << 57); + z2 ^= (z3 << 62) ^ (z3 << 57); + + z0 ^= z2 ^ (z2 >> 1) ^ (z2 >> 2) ^ (z2 >> 7); + z1 ^= (z2 << 63) ^ (z2 << 62) ^ (z2 << 57); + + z[0] = z0; + z[1] = z1; + } + + internal static void Square(ref FieldElement x) + { + ulong[] t = new ulong[4]; + Interleave.Expand64To128Rev(x.n0, t, 0); + Interleave.Expand64To128Rev(x.n1, t, 2); + + ulong z0 = t[0], z1 = t[1], z2 = t[2], z3 = t[3]; + + z1 ^= z3 ^ (z3 >> 1) ^ (z3 >> 2) ^ (z3 >> 7); +// z2 ^= (z3 << 63) ^ (z3 << 62) ^ (z3 << 57); + z2 ^= (z3 << 62) ^ (z3 << 57); + + z0 ^= z2 ^ (z2 >> 1) ^ (z2 >> 2) ^ (z2 >> 7); + z1 ^= (z2 << 63) ^ (z2 << 62) ^ (z2 << 57); + + x.n0 = z0; + x.n1 = z1; + } + + internal static void Xor(byte[] x, byte[] y) + { + int i = 0; + do + { + x[i] ^= y[i]; ++i; + x[i] ^= y[i]; ++i; + x[i] ^= y[i]; ++i; + x[i] ^= y[i]; ++i; + } + while (i < 16); + } + + internal static void Xor(byte[] x, byte[] y, int yOff) + { + int i = 0; + do + { + x[i] ^= y[yOff + i]; ++i; + x[i] ^= y[yOff + i]; ++i; + x[i] ^= y[yOff + i]; ++i; + x[i] ^= y[yOff + i]; ++i; + } + while (i < 16); + } + + internal static void Xor(byte[] x, int xOff, byte[] y, int yOff, byte[] z, int zOff) + { + int i = 0; + do + { + z[zOff + i] = (byte)(x[xOff + i] ^ y[yOff + i]); ++i; + z[zOff + i] = (byte)(x[xOff + i] ^ y[yOff + i]); ++i; + z[zOff + i] = (byte)(x[xOff + i] ^ y[yOff + i]); ++i; + z[zOff + i] = (byte)(x[xOff + i] ^ y[yOff + i]); ++i; + } + while (i < 16); + } + + internal static void Xor(byte[] x, byte[] y, int yOff, int yLen) + { + while (--yLen >= 0) + { + x[yLen] ^= y[yOff + yLen]; + } + } + + internal static void Xor(byte[] x, int xOff, byte[] y, int yOff, int len) + { + while (--len >= 0) + { + x[xOff + len] ^= y[yOff + len]; + } + } + + internal static void Xor(byte[] x, byte[] y, byte[] z) + { + int i = 0; + do + { + z[i] = (byte)(x[i] ^ y[i]); ++i; + z[i] = (byte)(x[i] ^ y[i]); ++i; + z[i] = (byte)(x[i] ^ y[i]); ++i; + z[i] = (byte)(x[i] ^ y[i]); ++i; + } + while (i < 16); + } + + internal static void Xor(uint[] x, uint[] y) + { + x[0] ^= y[0]; + x[1] ^= y[1]; + x[2] ^= y[2]; + x[3] ^= y[3]; + } + + internal static void Xor(uint[] x, uint[] y, uint[] z) + { + z[0] = x[0] ^ y[0]; + z[1] = x[1] ^ y[1]; + z[2] = x[2] ^ y[2]; + z[3] = x[3] ^ y[3]; + } + + internal static void Xor(ulong[] x, ulong[] y) + { + x[0] ^= y[0]; + x[1] ^= y[1]; + } + + internal static void Xor(ulong[] x, int xOff, ulong[] y, int yOff) + { + x[xOff + 0] ^= y[yOff + 0]; + x[xOff + 1] ^= y[yOff + 1]; + } + + internal static void Xor(ulong[] x, ulong[] y, ulong[] z) + { + z[0] = x[0] ^ y[0]; + z[1] = x[1] ^ y[1]; + } + + internal static void Xor(ulong[] x, int xOff, ulong[] y, int yOff, ulong[] z, int zOff) + { + z[zOff + 0] = x[xOff + 0] ^ y[yOff + 0]; + z[zOff + 1] = x[xOff + 1] ^ y[yOff + 1]; + } + + internal static void Xor(ref FieldElement x, ref FieldElement y, out FieldElement z) + { + z.n0 = x.n0 ^ y.n0; + z.n1 = x.n1 ^ y.n1; + } + + internal static void Xor(ref FieldElement x, ref FieldElement y) + { + x.n0 ^= y.n0; + x.n1 ^= y.n1; + } + + private static ulong ImplMul64(ulong x, ulong y) + { + ulong x0 = x & 0x1111111111111111UL; + ulong x1 = x & 0x2222222222222222UL; + ulong x2 = x & 0x4444444444444444UL; + ulong x3 = x & 0x8888888888888888UL; + + ulong y0 = y & 0x1111111111111111UL; + ulong y1 = y & 0x2222222222222222UL; + ulong y2 = y & 0x4444444444444444UL; + ulong y3 = y & 0x8888888888888888UL; + + ulong z0 = (x0 * y0) ^ (x1 * y3) ^ (x2 * y2) ^ (x3 * y1); + ulong z1 = (x0 * y1) ^ (x1 * y0) ^ (x2 * y3) ^ (x3 * y2); + ulong z2 = (x0 * y2) ^ (x1 * y1) ^ (x2 * y0) ^ (x3 * y3); + ulong z3 = (x0 * y3) ^ (x1 * y2) ^ (x2 * y1) ^ (x3 * y0); + + z0 &= 0x1111111111111111UL; + z1 &= 0x2222222222222222UL; + z2 &= 0x4444444444444444UL; + z3 &= 0x8888888888888888UL; + + return z0 | z1 | z2 | z3; + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/modes/gcm/IGcmExponentiator.cs b/BouncyCastle/crypto/src/crypto/modes/gcm/IGcmExponentiator.cs new file mode 100644 index 0000000..5b4ce9d --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/modes/gcm/IGcmExponentiator.cs @@ -0,0 +1,10 @@ +using System; + +namespace Org.BouncyCastle.Crypto.Modes.Gcm +{ + public interface IGcmExponentiator + { + void Init(byte[] x); + void ExponentiateX(long pow, byte[] output); + } +} diff --git a/BouncyCastle/crypto/src/crypto/modes/gcm/IGcmMultiplier.cs b/BouncyCastle/crypto/src/crypto/modes/gcm/IGcmMultiplier.cs new file mode 100644 index 0000000..ec7b906 --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/modes/gcm/IGcmMultiplier.cs @@ -0,0 +1,10 @@ +using System; + +namespace Org.BouncyCastle.Crypto.Modes.Gcm +{ + public interface IGcmMultiplier + { + void Init(byte[] H); + void MultiplyH(byte[] x); + } +} diff --git a/BouncyCastle/crypto/src/crypto/modes/gcm/Tables1kGcmExponentiator.cs b/BouncyCastle/crypto/src/crypto/modes/gcm/Tables1kGcmExponentiator.cs new file mode 100644 index 0000000..4a15712 --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/modes/gcm/Tables1kGcmExponentiator.cs @@ -0,0 +1,61 @@ +using System; +using System.Collections; + +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Crypto.Modes.Gcm +{ + public class Tables1kGcmExponentiator + : IGcmExponentiator + { + // A lookup table of the power-of-two powers of 'x' + // - lookupPowX2[i] = x^(2^i) + private IList lookupPowX2; + + public void Init(byte[] x) + { + GcmUtilities.FieldElement y; + GcmUtilities.AsFieldElement(x, out y); + if (lookupPowX2 != null && y.Equals(lookupPowX2[0])) + return; + + lookupPowX2 = Platform.CreateArrayList(8); + lookupPowX2.Add(y); + } + + public void ExponentiateX(long pow, byte[] output) + { + GcmUtilities.FieldElement y; + GcmUtilities.One(out y); + int bit = 0; + while (pow > 0) + { + if ((pow & 1L) != 0) + { + EnsureAvailable(bit); + GcmUtilities.FieldElement powX2 = (GcmUtilities.FieldElement)lookupPowX2[bit]; + GcmUtilities.Multiply(ref y, ref powX2); + } + ++bit; + pow >>= 1; + } + + GcmUtilities.AsBytes(ref y, output); + } + + private void EnsureAvailable(int bit) + { + int count = lookupPowX2.Count; + if (count <= bit) + { + GcmUtilities.FieldElement powX2 = (GcmUtilities.FieldElement)lookupPowX2[count - 1]; + do + { + GcmUtilities.Square(ref powX2); + lookupPowX2.Add(powX2); + } + while (++count <= bit); + } + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/modes/gcm/Tables4kGcmMultiplier.cs b/BouncyCastle/crypto/src/crypto/modes/gcm/Tables4kGcmMultiplier.cs new file mode 100644 index 0000000..7867a0b --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/modes/gcm/Tables4kGcmMultiplier.cs @@ -0,0 +1,69 @@ +using System; + +using Org.BouncyCastle.Crypto.Utilities; +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Crypto.Modes.Gcm +{ + public class Tables4kGcmMultiplier + : IGcmMultiplier + { + private byte[] H; + private GcmUtilities.FieldElement[] T; + + public void Init(byte[] H) + { + if (T == null) + { + T = new GcmUtilities.FieldElement[256]; + } + else if (Arrays.AreEqual(this.H, H)) + { + return; + } + + this.H = Arrays.Clone(H); + + // T[0] = 0 + + // T[1] = H.p^7 + GcmUtilities.AsFieldElement(this.H, out T[1]); + GcmUtilities.MultiplyP7(ref T[1]); + + for (int n = 1; n < 128; ++n) + { + // T[2.n] = T[n].p^-1 + GcmUtilities.DivideP(ref T[n], out T[n << 1]); + + // T[2.n + 1] = T[2.n] + T[1] + GcmUtilities.Xor(ref T[n << 1], ref T[1], out T[(n << 1) + 1]); + } + } + + public void MultiplyH(byte[] x) + { + //GcmUtilities.FieldElement z = T[x[15]]; + //for (int i = 14; i >= 0; --i) + //{ + // GcmUtilities.MultiplyP8(ref z); + // GcmUtilities.Xor(ref z, ref T[x[i]]); + //} + //GcmUtilities.AsBytes(ref z, x); + + int pos = x[15]; + ulong z0 = T[pos].n0, z1 = T[pos].n1; + + for (int i = 14; i >= 0; --i) + { + pos = x[i]; + + ulong c = z1 << 56; + z1 = T[pos].n1 ^ ((z1 >> 8) | (z0 << 56)); + z0 = T[pos].n0 ^ (z0 >> 8) ^ c ^ (c >> 1) ^ (c >> 2) ^ (c >> 7); + } + + Pack.UInt64_To_BE(z0, x, 0); + Pack.UInt64_To_BE(z1, x, 8); + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/modes/gcm/Tables64kGcmMultiplier.cs b/BouncyCastle/crypto/src/crypto/modes/gcm/Tables64kGcmMultiplier.cs new file mode 100644 index 0000000..364c070 --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/modes/gcm/Tables64kGcmMultiplier.cs @@ -0,0 +1,81 @@ +using System; + +using Org.BouncyCastle.Crypto.Utilities; +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Crypto.Modes.Gcm +{ + public class Tables64kGcmMultiplier + : IGcmMultiplier + { + private byte[] H; + private GcmUtilities.FieldElement[][] T; + + public void Init(byte[] H) + { + if (T == null) + { + T = new GcmUtilities.FieldElement[16][]; + } + else if (Arrays.AreEqual(this.H, H)) + { + return; + } + + this.H = Arrays.Clone(H); + + for (int i = 0; i < 16; ++i) + { + GcmUtilities.FieldElement[] t = T[i] = new GcmUtilities.FieldElement[256]; + + // t[0] = 0 + + if (i == 0) + { + // t[1] = H.p^7 + GcmUtilities.AsFieldElement(this.H, out t[1]); + GcmUtilities.MultiplyP7(ref t[1]); + } + else + { + // t[1] = T[i-1][1].p^8 + GcmUtilities.MultiplyP8(ref T[i - 1][1], out t[1]); + } + + for (int n = 1; n < 128; ++n) + { + // t[2.n] = t[n].p^-1 + GcmUtilities.DivideP(ref t[n], out t[n << 1]); + + // t[2.n + 1] = t[2.n] + t[1] + GcmUtilities.Xor(ref t[n << 1], ref t[1], out t[(n << 1) + 1]); + } + } + } + + public void MultiplyH(byte[] x) + { + //GcmUtilities.FieldElement z = T[15][x[15]]; + //for (int i = 14; i >= 0; --i) + //{ + // GcmUtilities.Xor(ref z, ref T[i][x[i]]); + //} + //GcmUtilities.AsBytes(ref z, x); + + GcmUtilities.FieldElement[] t = T[15]; + int tPos = x[15]; + ulong z0 = t[tPos].n0, z1 = t[tPos].n1; + + for (int i = 14; i >= 0; --i) + { + t = T[i]; + tPos = x[i]; + z0 ^= t[tPos].n0; + z1 ^= t[tPos].n1; + } + + Pack.UInt64_To_BE(z0, x, 0); + Pack.UInt64_To_BE(z1, x, 8); + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/modes/gcm/Tables8kGcmMultiplier.cs b/BouncyCastle/crypto/src/crypto/modes/gcm/Tables8kGcmMultiplier.cs new file mode 100644 index 0000000..67a709a --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/modes/gcm/Tables8kGcmMultiplier.cs @@ -0,0 +1,89 @@ +using System; + +using Org.BouncyCastle.Crypto.Utilities; +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Crypto.Modes.Gcm +{ + public class Tables8kGcmMultiplier + : IGcmMultiplier + { + private byte[] H; + private GcmUtilities.FieldElement[][] T; + + public void Init(byte[] H) + { + if (T == null) + { + T = new GcmUtilities.FieldElement[2][]; + } + else if (Arrays.AreEqual(this.H, H)) + { + return; + } + + this.H = Arrays.Clone(H); + + for (int i = 0; i < 2; ++i) + { + GcmUtilities.FieldElement[] t = T[i] = new GcmUtilities.FieldElement[256]; + + // t[0] = 0 + + if (i == 0) + { + // t[1] = H.p^7 + GcmUtilities.AsFieldElement(this.H, out t[1]); + GcmUtilities.MultiplyP7(ref t[1]); + } + else + { + // t[1] = T[i-1][1].p^8 + GcmUtilities.MultiplyP8(ref T[i - 1][1], out t[1]); + } + + for (int n = 1; n < 128; ++n) + { + // t[2.n] = t[n].p^-1 + GcmUtilities.DivideP(ref t[n], out t[n << 1]); + + // t[2.n + 1] = t[2.n] + t[1] + GcmUtilities.Xor(ref t[n << 1], ref t[1], out t[(n << 1) + 1]); + } + } + } + + public void MultiplyH(byte[] x) + { + GcmUtilities.FieldElement[] T0 = T[0], T1 = T[1]; + + //GcmUtilities.FieldElement z; + //GcmUtilities.Xor(ref T0[x[14]], ref T1[x[15]], out z); + //for (int i = 12; i >= 0; i -= 2) + //{ + // GcmUtilities.MultiplyP16(ref z); + // GcmUtilities.Xor(ref z, ref T0[x[i]]); + // GcmUtilities.Xor(ref z, ref T1[x[i + 1]]); + //} + //GcmUtilities.AsBytes(ref z, x); + + int vPos = x[15]; + int uPos = x[14]; + ulong z1 = T0[uPos].n1 ^ T1[vPos].n1; + ulong z0 = T0[uPos].n0 ^ T1[vPos].n0; + + for (int i = 12; i >= 0; i -= 2) + { + vPos = x[i + 1]; + uPos = x[i]; + + ulong c = z1 << 48; + z1 = T0[uPos].n1 ^ T1[vPos].n1 ^ ((z1 >> 16) | (z0 << 48)); + z0 = T0[uPos].n0 ^ T1[vPos].n0 ^ (z0 >> 16) ^ c ^ (c >> 1) ^ (c >> 2) ^ (c >> 7); + } + + Pack.UInt64_To_BE(z0, x, 0); + Pack.UInt64_To_BE(z1, x, 8); + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/operators/Asn1CipherBuilder.cs b/BouncyCastle/crypto/src/crypto/operators/Asn1CipherBuilder.cs new file mode 100644 index 0000000..d584074 --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/operators/Asn1CipherBuilder.cs @@ -0,0 +1,100 @@ +using System; +using System.Collections; +using System.IO; + +using Org.BouncyCastle.Asn1; +using Org.BouncyCastle.Asn1.Nist; +using Org.BouncyCastle.Asn1.Ntt; +using Org.BouncyCastle.Asn1.X509; +using Org.BouncyCastle.Cms; +using Org.BouncyCastle.Crypto.IO; +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Crypto.Utilities; +using Org.BouncyCastle.Security; +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Crypto.Operators +{ + public class Asn1CipherBuilderWithKey : ICipherBuilderWithKey + { + private readonly KeyParameter encKey; + private AlgorithmIdentifier algorithmIdentifier; + + public Asn1CipherBuilderWithKey(DerObjectIdentifier encryptionOID, int keySize, SecureRandom random) + { + if (random == null) + { + random = new SecureRandom(); + } + + CipherKeyGenerator keyGen = CipherKeyGeneratorFactory.CreateKeyGenerator(encryptionOID, random); + + encKey = new KeyParameter(keyGen.GenerateKey()); + algorithmIdentifier = AlgorithmIdentifierFactory.GenerateEncryptionAlgID(encryptionOID, encKey.GetKey().Length * 8, random); + } + + public object AlgorithmDetails + { + get { return algorithmIdentifier; } + } + + public int GetMaxOutputSize(int inputLen) + { + throw new NotImplementedException(); + } + + public ICipher BuildCipher(Stream stream) + { + object cipher = EnvelopedDataHelper.CreateContentCipher(true, encKey, algorithmIdentifier); + + // + // BufferedBlockCipher + // IStreamCipher + // + + if (cipher is IStreamCipher) + { + cipher = new BufferedStreamCipher((IStreamCipher)cipher); + } + + if (stream == null) + { + stream = new MemoryStream(); + } + + return new BufferedCipherWrapper((IBufferedCipher)cipher, stream); + } + + public ICipherParameters Key + { + get { return encKey; } + } + } + + public class BufferedCipherWrapper : ICipher + { + private readonly IBufferedCipher bufferedCipher; + private readonly CipherStream stream; + + public BufferedCipherWrapper(IBufferedCipher bufferedCipher, Stream source) + { + this.bufferedCipher = bufferedCipher; + stream = new CipherStream(source, bufferedCipher, bufferedCipher); + } + + public int GetMaxOutputSize(int inputLen) + { + return bufferedCipher.GetOutputSize(inputLen); + } + + public int GetUpdateOutputSize(int inputLen) + { + return bufferedCipher.GetUpdateOutputSize(inputLen); + } + + public Stream Stream + { + get { return stream; } + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/operators/Asn1DigestFactory.cs b/BouncyCastle/crypto/src/crypto/operators/Asn1DigestFactory.cs new file mode 100644 index 0000000..91fb46c --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/operators/Asn1DigestFactory.cs @@ -0,0 +1,70 @@ +using System; +using System.IO; + +using Org.BouncyCastle.Asn1; +using Org.BouncyCastle.Asn1.X509; +using Org.BouncyCastle.Crypto.IO; +using Org.BouncyCastle.Security; + +namespace Org.BouncyCastle.Crypto.Operators +{ + public class Asn1DigestFactory : IDigestFactory + { + public static Asn1DigestFactory Get(DerObjectIdentifier oid) + { + return new Asn1DigestFactory(DigestUtilities.GetDigest(oid), oid); + } + + public static Asn1DigestFactory Get(String mechanism) + { + DerObjectIdentifier oid = DigestUtilities.GetObjectIdentifier(mechanism); + return new Asn1DigestFactory(DigestUtilities.GetDigest(oid), oid); + } + + private readonly IDigest mDigest; + private readonly DerObjectIdentifier mOid; + + public Asn1DigestFactory(IDigest digest, DerObjectIdentifier oid) + { + this.mDigest = digest; + this.mOid = oid; + } + + public virtual object AlgorithmDetails + { + get { return new AlgorithmIdentifier(mOid); } + } + + public virtual int DigestLength + { + get { return mDigest.GetDigestSize(); } + } + + public virtual IStreamCalculator CreateCalculator() + { + return new DfDigestStream(mDigest); + } + } + + internal class DfDigestStream : IStreamCalculator + { + private readonly DigestSink mStream; + + public DfDigestStream(IDigest digest) + { + this.mStream = new DigestSink(digest); + } + + public Stream Stream + { + get { return mStream; } + } + + public object GetResult() + { + byte[] result = new byte[mStream.Digest.GetDigestSize()]; + mStream.Digest.DoFinal(result, 0); + return new SimpleBlockResult(result); + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/operators/Asn1KeyWrapper.cs b/BouncyCastle/crypto/src/crypto/operators/Asn1KeyWrapper.cs new file mode 100644 index 0000000..a34d93d --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/operators/Asn1KeyWrapper.cs @@ -0,0 +1,318 @@ +using System; +using System.Collections; + +using Org.BouncyCastle.Asn1; +using Org.BouncyCastle.Asn1.Nist; +using Org.BouncyCastle.Asn1.Oiw; +using Org.BouncyCastle.Asn1.Pkcs; +using Org.BouncyCastle.Asn1.X509; +using Org.BouncyCastle.Crypto.Encodings; +using Org.BouncyCastle.Crypto.Engines; +using Org.BouncyCastle.Security; +using Org.BouncyCastle.Utilities; +using Org.BouncyCastle.X509; + +namespace Org.BouncyCastle.Crypto.Operators +{ + public class Asn1KeyWrapper + : IKeyWrapper + { + private string algorithm; + private IKeyWrapper wrapper; + + public Asn1KeyWrapper(string algorithm, X509Certificate cert) + { + this.algorithm = algorithm; + wrapper = KeyWrapperUtil.WrapperForName(algorithm, cert.GetPublicKey()); + } + + public Asn1KeyWrapper(DerObjectIdentifier algorithm, X509Certificate cert) + : this(algorithm, cert.GetPublicKey()) + { + } + + public Asn1KeyWrapper(DerObjectIdentifier algorithm, ICipherParameters key) + : this(algorithm, null, key) + { + } + + public Asn1KeyWrapper(DerObjectIdentifier algorithm, Asn1Encodable parameters, X509Certificate cert) + :this(algorithm, parameters, cert.GetPublicKey()) + { + } + + public Asn1KeyWrapper(DerObjectIdentifier algorithm, Asn1Encodable parameters, ICipherParameters key) + { + this.algorithm = algorithm.Id; + if (algorithm.Equals(PkcsObjectIdentifiers.IdRsaesOaep)) + { + RsaesOaepParameters oaepParams = RsaesOaepParameters.GetInstance(parameters); + WrapperProvider provider; + if (oaepParams.MaskGenAlgorithm.Algorithm.Equals(PkcsObjectIdentifiers.IdMgf1)) + { + AlgorithmIdentifier digAlg = AlgorithmIdentifier.GetInstance(oaepParams.MaskGenAlgorithm.Parameters); + + provider = new RsaOaepWrapperProvider(oaepParams.HashAlgorithm.Algorithm, digAlg.Algorithm); + } + else + { + provider = new RsaOaepWrapperProvider(oaepParams.HashAlgorithm.Algorithm, oaepParams.MaskGenAlgorithm.Algorithm); + } + wrapper = (IKeyWrapper)provider.CreateWrapper(true, key); + } + else if (algorithm.Equals(PkcsObjectIdentifiers.RsaEncryption)) + { + wrapper = (IKeyWrapper)new RsaPkcs1Wrapper(true, key); + } + else + { + throw new ArgumentException("unknown algorithm: " + algorithm.Id); + } + } + + public object AlgorithmDetails + { + get { return wrapper.AlgorithmDetails; } + } + + public IBlockResult Wrap(byte[] keyData) + { + return wrapper.Wrap(keyData); + } + } + + public class Asn1KeyUnwrapper + : IKeyUnwrapper + { + private string algorithm; + private IKeyUnwrapper wrapper; + + public Asn1KeyUnwrapper(string algorithm, ICipherParameters key) + { + this.algorithm = algorithm; + wrapper = KeyWrapperUtil.UnwrapperForName(algorithm, key); + } + + public Asn1KeyUnwrapper(DerObjectIdentifier algorithm, ICipherParameters key) + : this(algorithm, null, key) + { + } + + public Asn1KeyUnwrapper(DerObjectIdentifier algorithm, Asn1Encodable parameters, ICipherParameters key) + { + this.algorithm = algorithm.Id; + if (algorithm.Equals(PkcsObjectIdentifiers.IdRsaesOaep)) + { + RsaesOaepParameters oaepParams = RsaesOaepParameters.GetInstance(parameters); + WrapperProvider provider; + if (oaepParams.MaskGenAlgorithm.Algorithm.Equals(PkcsObjectIdentifiers.IdMgf1)) + { + AlgorithmIdentifier digAlg = AlgorithmIdentifier.GetInstance(oaepParams.MaskGenAlgorithm.Parameters); + + provider = new RsaOaepWrapperProvider(oaepParams.HashAlgorithm.Algorithm, digAlg.Algorithm); + } + else + { + provider = new RsaOaepWrapperProvider(oaepParams.HashAlgorithm.Algorithm, oaepParams.MaskGenAlgorithm.Algorithm); + } + wrapper = (IKeyUnwrapper)provider.CreateWrapper(false, key); + } + else if (algorithm.Equals(PkcsObjectIdentifiers.RsaEncryption)) + { + RsaesOaepParameters oaepParams = RsaesOaepParameters.GetInstance(parameters); + WrapperProvider provider; + if (oaepParams.MaskGenAlgorithm.Algorithm.Equals(PkcsObjectIdentifiers.IdMgf1)) + { + AlgorithmIdentifier digAlg = AlgorithmIdentifier.GetInstance(oaepParams.MaskGenAlgorithm.Parameters); + + provider = new RsaOaepWrapperProvider(oaepParams.HashAlgorithm.Algorithm, digAlg.Algorithm); + } + else + { + provider = new RsaOaepWrapperProvider(oaepParams.HashAlgorithm.Algorithm, oaepParams.MaskGenAlgorithm.Algorithm); + } + wrapper = (IKeyUnwrapper)new RsaPkcs1Wrapper(false, key); + } + else + { + throw new ArgumentException("unknown algorithm: " + algorithm.Id); + } + } + + public object AlgorithmDetails + { + get { return wrapper.AlgorithmDetails; } + } + + public IBlockResult Unwrap(byte[] keyData, int offSet, int length) + { + return wrapper.Unwrap(keyData, offSet, length); + } + } + + internal class KeyWrapperUtil + { + // + // Provider + // + private static readonly IDictionary providerMap = Platform.CreateHashtable(); + + static KeyWrapperUtil() + + { + providerMap.Add("RSA/ECB/PKCS1PADDING", new RsaOaepWrapperProvider(OiwObjectIdentifiers.IdSha1)); + providerMap.Add("RSA/NONE/PKCS1PADDING", new RsaOaepWrapperProvider(OiwObjectIdentifiers.IdSha1)); + providerMap.Add("RSA/NONE/OAEPWITHSHA1ANDMGF1PADDING", new RsaOaepWrapperProvider(OiwObjectIdentifiers.IdSha1)); + providerMap.Add("RSA/NONE/OAEPWITHSHA224ANDMGF1PADDING", new RsaOaepWrapperProvider(NistObjectIdentifiers.IdSha224)); + providerMap.Add("RSA/NONE/OAEPWITHSHA256ANDMGF1PADDING", new RsaOaepWrapperProvider(NistObjectIdentifiers.IdSha256)); + providerMap.Add("RSA/NONE/OAEPWITHSHA384ANDMGF1PADDING", new RsaOaepWrapperProvider(NistObjectIdentifiers.IdSha384)); + providerMap.Add("RSA/NONE/OAEPWITHSHA512ANDMGF1PADDING", new RsaOaepWrapperProvider(NistObjectIdentifiers.IdSha512)); + providerMap.Add("RSA/NONE/OAEPWITHSHA256ANDMGF1WITHSHA1PADDING", new RsaOaepWrapperProvider(NistObjectIdentifiers.IdSha256, OiwObjectIdentifiers.IdSha1)); + } + + public static IKeyWrapper WrapperForName(string algorithm, ICipherParameters parameters) + { + WrapperProvider provider = (WrapperProvider)providerMap[Strings.ToUpperCase(algorithm)]; + + if (provider == null) + throw new ArgumentException("could not resolve " + algorithm + " to a KeyWrapper"); + + return (IKeyWrapper)provider.CreateWrapper(true, parameters); + } + + public static IKeyUnwrapper UnwrapperForName(string algorithm, ICipherParameters parameters) + { + WrapperProvider provider = (WrapperProvider)providerMap[Strings.ToUpperCase(algorithm)]; + if (provider == null) + throw new ArgumentException("could not resolve " + algorithm + " to a KeyUnwrapper"); + + return (IKeyUnwrapper)provider.CreateWrapper(false, parameters); + } + } + + internal interface WrapperProvider + { + object CreateWrapper(bool forWrapping, ICipherParameters parameters); + } + + internal class RsaPkcs1Wrapper : IKeyWrapper, IKeyUnwrapper + { + private readonly AlgorithmIdentifier algId; + private readonly IAsymmetricBlockCipher engine; + + public RsaPkcs1Wrapper(bool forWrapping, ICipherParameters parameters) + { + this.algId = new AlgorithmIdentifier( + PkcsObjectIdentifiers.RsaEncryption, + DerNull.Instance); + + this.engine = new Pkcs1Encoding(new RsaBlindedEngine()); + this.engine.Init(forWrapping, parameters); + } + + public object AlgorithmDetails + { + get { return algId; } + } + + public IBlockResult Unwrap(byte[] cipherText, int offset, int length) + { + return new SimpleBlockResult(engine.ProcessBlock(cipherText, offset, length)); + } + + public IBlockResult Wrap(byte[] keyData) + { + return new SimpleBlockResult(engine.ProcessBlock(keyData, 0, keyData.Length)); + } + } + + internal class RsaPkcs1WrapperProvider + : WrapperProvider + { + internal RsaPkcs1WrapperProvider() + { + } + + object WrapperProvider.CreateWrapper(bool forWrapping, ICipherParameters parameters) + { + return new RsaPkcs1Wrapper(forWrapping, parameters); + } + } + + internal class RsaOaepWrapper : IKeyWrapper, IKeyUnwrapper + { + private readonly AlgorithmIdentifier algId; + private readonly IAsymmetricBlockCipher engine; + + public RsaOaepWrapper(bool forWrapping, ICipherParameters parameters, DerObjectIdentifier digestOid) + : this(forWrapping, parameters, digestOid, digestOid) + { + } + + public RsaOaepWrapper(bool forWrapping, ICipherParameters parameters, DerObjectIdentifier digestOid, DerObjectIdentifier mgfOid) + { + AlgorithmIdentifier digestAlgId = new AlgorithmIdentifier(digestOid, DerNull.Instance); + + if (mgfOid.Equals(NistObjectIdentifiers.IdShake128) || mgfOid.Equals(NistObjectIdentifiers.IdShake256)) + { + this.algId = new AlgorithmIdentifier( + PkcsObjectIdentifiers.IdRsaesOaep, + new RsaesOaepParameters( + digestAlgId, + new AlgorithmIdentifier(mgfOid), + RsaesOaepParameters.DefaultPSourceAlgorithm)); + } + else + { + this.algId = new AlgorithmIdentifier( + PkcsObjectIdentifiers.IdRsaesOaep, + new RsaesOaepParameters( + digestAlgId, + new AlgorithmIdentifier(PkcsObjectIdentifiers.IdMgf1, new AlgorithmIdentifier(mgfOid, DerNull.Instance)), + RsaesOaepParameters.DefaultPSourceAlgorithm)); + } + + this.engine = new OaepEncoding(new RsaBlindedEngine(), DigestUtilities.GetDigest(digestOid), DigestUtilities.GetDigest(mgfOid), null); + this.engine.Init(forWrapping, parameters); + } + + public object AlgorithmDetails + { + get { return algId; } + } + + public IBlockResult Unwrap(byte[] cipherText, int offset, int length) + { + return new SimpleBlockResult(engine.ProcessBlock(cipherText, offset, length)); + } + + public IBlockResult Wrap(byte[] keyData) + { + return new SimpleBlockResult(engine.ProcessBlock(keyData, 0, keyData.Length)); + } + } + + internal class RsaOaepWrapperProvider + : WrapperProvider + { + private readonly DerObjectIdentifier digestOid; + private readonly DerObjectIdentifier mgfOid; + + internal RsaOaepWrapperProvider(DerObjectIdentifier digestOid) + { + this.digestOid = digestOid; + this.mgfOid = digestOid; + } + + internal RsaOaepWrapperProvider(DerObjectIdentifier digestOid, DerObjectIdentifier mgfOid) + { + this.digestOid = digestOid; + this.mgfOid = mgfOid; + } + + object WrapperProvider.CreateWrapper(bool forWrapping, ICipherParameters parameters) + { + return new RsaOaepWrapper(forWrapping, parameters, digestOid, mgfOid); + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/operators/Asn1Signature.cs b/BouncyCastle/crypto/src/crypto/operators/Asn1Signature.cs new file mode 100644 index 0000000..965f8e7 --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/operators/Asn1Signature.cs @@ -0,0 +1,423 @@ +using System; +using System.Collections; +using System.IO; + +using Org.BouncyCastle.Asn1; +using Org.BouncyCastle.Asn1.CryptoPro; +using Org.BouncyCastle.Asn1.Nist; +using Org.BouncyCastle.Asn1.Oiw; +using Org.BouncyCastle.Asn1.Pkcs; +using Org.BouncyCastle.Asn1.TeleTrust; +using Org.BouncyCastle.Asn1.X509; +using Org.BouncyCastle.Asn1.X9; +using Org.BouncyCastle.Crypto.IO; +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Crypto.Signers; +using Org.BouncyCastle.Security; +using Org.BouncyCastle.Utilities; +using Org.BouncyCastle.Utilities.Collections; + +namespace Org.BouncyCastle.Crypto.Operators +{ + internal class X509Utilities + { + private static readonly Asn1Null derNull = DerNull.Instance; + + private static readonly IDictionary algorithms = Platform.CreateHashtable(); + private static readonly IDictionary exParams = Platform.CreateHashtable(); + private static readonly ISet noParams = new HashSet(); + + static X509Utilities() + { + algorithms.Add("MD2WITHRSAENCRYPTION", PkcsObjectIdentifiers.MD2WithRsaEncryption); + algorithms.Add("MD2WITHRSA", PkcsObjectIdentifiers.MD2WithRsaEncryption); + algorithms.Add("MD5WITHRSAENCRYPTION", PkcsObjectIdentifiers.MD5WithRsaEncryption); + algorithms.Add("MD5WITHRSA", PkcsObjectIdentifiers.MD5WithRsaEncryption); + algorithms.Add("SHA1WITHRSAENCRYPTION", PkcsObjectIdentifiers.Sha1WithRsaEncryption); + algorithms.Add("SHA-1WITHRSAENCRYPTION", PkcsObjectIdentifiers.Sha1WithRsaEncryption); + algorithms.Add("SHA1WITHRSA", PkcsObjectIdentifiers.Sha1WithRsaEncryption); + algorithms.Add("SHA-1WITHRSA", PkcsObjectIdentifiers.Sha1WithRsaEncryption); + algorithms.Add("SHA224WITHRSAENCRYPTION", PkcsObjectIdentifiers.Sha224WithRsaEncryption); + algorithms.Add("SHA-224WITHRSAENCRYPTION", PkcsObjectIdentifiers.Sha224WithRsaEncryption); + algorithms.Add("SHA224WITHRSA", PkcsObjectIdentifiers.Sha224WithRsaEncryption); + algorithms.Add("SHA-224WITHRSA", PkcsObjectIdentifiers.Sha224WithRsaEncryption); + algorithms.Add("SHA256WITHRSAENCRYPTION", PkcsObjectIdentifiers.Sha256WithRsaEncryption); + algorithms.Add("SHA-256WITHRSAENCRYPTION", PkcsObjectIdentifiers.Sha256WithRsaEncryption); + algorithms.Add("SHA256WITHRSA", PkcsObjectIdentifiers.Sha256WithRsaEncryption); + algorithms.Add("SHA-256WITHRSA", PkcsObjectIdentifiers.Sha256WithRsaEncryption); + algorithms.Add("SHA384WITHRSAENCRYPTION", PkcsObjectIdentifiers.Sha384WithRsaEncryption); + algorithms.Add("SHA-384WITHRSAENCRYPTION", PkcsObjectIdentifiers.Sha384WithRsaEncryption); + algorithms.Add("SHA384WITHRSA", PkcsObjectIdentifiers.Sha384WithRsaEncryption); + algorithms.Add("SHA-384WITHRSA", PkcsObjectIdentifiers.Sha384WithRsaEncryption); + algorithms.Add("SHA512WITHRSAENCRYPTION", PkcsObjectIdentifiers.Sha512WithRsaEncryption); + algorithms.Add("SHA-512WITHRSAENCRYPTION", PkcsObjectIdentifiers.Sha512WithRsaEncryption); + algorithms.Add("SHA512WITHRSA", PkcsObjectIdentifiers.Sha512WithRsaEncryption); + algorithms.Add("SHA-512WITHRSA", PkcsObjectIdentifiers.Sha512WithRsaEncryption); + algorithms.Add("SHA512(224)WITHRSAENCRYPTION", PkcsObjectIdentifiers.Sha512_224WithRSAEncryption); + algorithms.Add("SHA-512(224)WITHRSAENCRYPTION", PkcsObjectIdentifiers.Sha512_224WithRSAEncryption); + algorithms.Add("SHA512(224)WITHRSA", PkcsObjectIdentifiers.Sha512_224WithRSAEncryption); + algorithms.Add("SHA-512(224)WITHRSA", PkcsObjectIdentifiers.Sha512_224WithRSAEncryption); + algorithms.Add("SHA512(256)WITHRSAENCRYPTION", PkcsObjectIdentifiers.Sha512_256WithRSAEncryption); + algorithms.Add("SHA-512(256)WITHRSAENCRYPTION", PkcsObjectIdentifiers.Sha512_256WithRSAEncryption); + algorithms.Add("SHA512(256)WITHRSA", PkcsObjectIdentifiers.Sha512_256WithRSAEncryption); + algorithms.Add("SHA-512(256)WITHRSA", PkcsObjectIdentifiers.Sha512_256WithRSAEncryption); + algorithms.Add("SHA3-224WITHRSAENCRYPTION", NistObjectIdentifiers.IdRsassaPkcs1V15WithSha3_224); + algorithms.Add("SHA3-256WITHRSAENCRYPTION", NistObjectIdentifiers.IdRsassaPkcs1V15WithSha3_256); + algorithms.Add("SHA3-384WITHRSAENCRYPTION", NistObjectIdentifiers.IdRsassaPkcs1V15WithSha3_384); + algorithms.Add("SHA3-512WITHRSAENCRYPTION", NistObjectIdentifiers.IdRsassaPkcs1V15WithSha3_512); + algorithms.Add("SHA3-224WITHRSA", NistObjectIdentifiers.IdRsassaPkcs1V15WithSha3_224); + algorithms.Add("SHA3-256WITHRSA", NistObjectIdentifiers.IdRsassaPkcs1V15WithSha3_256); + algorithms.Add("SHA3-384WITHRSA", NistObjectIdentifiers.IdRsassaPkcs1V15WithSha3_384); + algorithms.Add("SHA3-512WITHRSA", NistObjectIdentifiers.IdRsassaPkcs1V15WithSha3_512); + algorithms.Add("SHA1WITHRSAANDMGF1", PkcsObjectIdentifiers.IdRsassaPss); + algorithms.Add("SHA224WITHRSAANDMGF1", PkcsObjectIdentifiers.IdRsassaPss); + algorithms.Add("SHA256WITHRSAANDMGF1", PkcsObjectIdentifiers.IdRsassaPss); + algorithms.Add("SHA384WITHRSAANDMGF1", PkcsObjectIdentifiers.IdRsassaPss); + algorithms.Add("SHA512WITHRSAANDMGF1", PkcsObjectIdentifiers.IdRsassaPss); + algorithms.Add("RIPEMD160WITHRSAENCRYPTION", TeleTrusTObjectIdentifiers.RsaSignatureWithRipeMD160); + algorithms.Add("RIPEMD160WITHRSA", TeleTrusTObjectIdentifiers.RsaSignatureWithRipeMD160); + algorithms.Add("RIPEMD128WITHRSAENCRYPTION", TeleTrusTObjectIdentifiers.RsaSignatureWithRipeMD128); + algorithms.Add("RIPEMD128WITHRSA", TeleTrusTObjectIdentifiers.RsaSignatureWithRipeMD128); + algorithms.Add("RIPEMD256WITHRSAENCRYPTION", TeleTrusTObjectIdentifiers.RsaSignatureWithRipeMD256); + algorithms.Add("RIPEMD256WITHRSA", TeleTrusTObjectIdentifiers.RsaSignatureWithRipeMD256); + algorithms.Add("SHA1WITHDSA", X9ObjectIdentifiers.IdDsaWithSha1); + algorithms.Add("DSAWITHSHA1", X9ObjectIdentifiers.IdDsaWithSha1); + algorithms.Add("SHA224WITHDSA", NistObjectIdentifiers.DsaWithSha224); + algorithms.Add("SHA256WITHDSA", NistObjectIdentifiers.DsaWithSha256); + algorithms.Add("SHA384WITHDSA", NistObjectIdentifiers.DsaWithSha384); + algorithms.Add("SHA512WITHDSA", NistObjectIdentifiers.DsaWithSha512); + algorithms.Add("SHA1WITHECDSA", X9ObjectIdentifiers.ECDsaWithSha1); + algorithms.Add("ECDSAWITHSHA1", X9ObjectIdentifiers.ECDsaWithSha1); + algorithms.Add("SHA224WITHECDSA", X9ObjectIdentifiers.ECDsaWithSha224); + algorithms.Add("SHA256WITHECDSA", X9ObjectIdentifiers.ECDsaWithSha256); + algorithms.Add("SHA384WITHECDSA", X9ObjectIdentifiers.ECDsaWithSha384); + algorithms.Add("SHA512WITHECDSA", X9ObjectIdentifiers.ECDsaWithSha512); + algorithms.Add("GOST3411WITHGOST3410", CryptoProObjectIdentifiers.GostR3411x94WithGostR3410x94); + algorithms.Add("GOST3411WITHGOST3410-94", CryptoProObjectIdentifiers.GostR3411x94WithGostR3410x94); + algorithms.Add("GOST3411WITHECGOST3410", CryptoProObjectIdentifiers.GostR3411x94WithGostR3410x2001); + algorithms.Add("GOST3411WITHECGOST3410-2001", CryptoProObjectIdentifiers.GostR3411x94WithGostR3410x2001); + algorithms.Add("GOST3411WITHGOST3410-2001", CryptoProObjectIdentifiers.GostR3411x94WithGostR3410x2001); + + // + // According to RFC 3279, the ASN.1 encoding SHALL (id-dsa-with-sha1) or MUST (ecdsa-with-SHA*) omit the parameters field. + // The parameters field SHALL be NULL for RSA based signature algorithms. + // + noParams.Add(X9ObjectIdentifiers.ECDsaWithSha1); + noParams.Add(X9ObjectIdentifiers.ECDsaWithSha224); + noParams.Add(X9ObjectIdentifiers.ECDsaWithSha256); + noParams.Add(X9ObjectIdentifiers.ECDsaWithSha384); + noParams.Add(X9ObjectIdentifiers.ECDsaWithSha512); + noParams.Add(X9ObjectIdentifiers.IdDsaWithSha1); + noParams.Add(OiwObjectIdentifiers.DsaWithSha1); + noParams.Add(NistObjectIdentifiers.DsaWithSha224); + noParams.Add(NistObjectIdentifiers.DsaWithSha256); + noParams.Add(NistObjectIdentifiers.DsaWithSha384); + noParams.Add(NistObjectIdentifiers.DsaWithSha512); + + // + // RFC 4491 + // + noParams.Add(CryptoProObjectIdentifiers.GostR3411x94WithGostR3410x94); + noParams.Add(CryptoProObjectIdentifiers.GostR3411x94WithGostR3410x2001); + + // + // explicit params + // + AlgorithmIdentifier sha1AlgId = new AlgorithmIdentifier(OiwObjectIdentifiers.IdSha1, DerNull.Instance); + exParams.Add("SHA1WITHRSAANDMGF1", CreatePssParams(sha1AlgId, 20)); + + AlgorithmIdentifier sha224AlgId = new AlgorithmIdentifier(NistObjectIdentifiers.IdSha224, DerNull.Instance); + exParams.Add("SHA224WITHRSAANDMGF1", CreatePssParams(sha224AlgId, 28)); + + AlgorithmIdentifier sha256AlgId = new AlgorithmIdentifier(NistObjectIdentifiers.IdSha256, DerNull.Instance); + exParams.Add("SHA256WITHRSAANDMGF1", CreatePssParams(sha256AlgId, 32)); + + AlgorithmIdentifier sha384AlgId = new AlgorithmIdentifier(NistObjectIdentifiers.IdSha384, DerNull.Instance); + exParams.Add("SHA384WITHRSAANDMGF1", CreatePssParams(sha384AlgId, 48)); + + AlgorithmIdentifier sha512AlgId = new AlgorithmIdentifier(NistObjectIdentifiers.IdSha512, DerNull.Instance); + exParams.Add("SHA512WITHRSAANDMGF1", CreatePssParams(sha512AlgId, 64)); + } + + /** + * Return the digest algorithm using one of the standard JCA string + * representations rather than the algorithm identifier (if possible). + */ + private static string GetDigestAlgName( + DerObjectIdentifier digestAlgOID) + { + if (PkcsObjectIdentifiers.MD5.Equals(digestAlgOID)) + { + return "MD5"; + } + else if (OiwObjectIdentifiers.IdSha1.Equals(digestAlgOID)) + { + return "SHA1"; + } + else if (NistObjectIdentifiers.IdSha224.Equals(digestAlgOID)) + { + return "SHA224"; + } + else if (NistObjectIdentifiers.IdSha256.Equals(digestAlgOID)) + { + return "SHA256"; + } + else if (NistObjectIdentifiers.IdSha384.Equals(digestAlgOID)) + { + return "SHA384"; + } + else if (NistObjectIdentifiers.IdSha512.Equals(digestAlgOID)) + { + return "SHA512"; + } + else if (NistObjectIdentifiers.IdSha512_224.Equals(digestAlgOID)) + { + return "SHA512(224)"; + } + else if (NistObjectIdentifiers.IdSha512_256.Equals(digestAlgOID)) + { + return "SHA512(256)"; + } + else if (TeleTrusTObjectIdentifiers.RipeMD128.Equals(digestAlgOID)) + { + return "RIPEMD128"; + } + else if (TeleTrusTObjectIdentifiers.RipeMD160.Equals(digestAlgOID)) + { + return "RIPEMD160"; + } + else if (TeleTrusTObjectIdentifiers.RipeMD256.Equals(digestAlgOID)) + { + return "RIPEMD256"; + } + else if (CryptoProObjectIdentifiers.GostR3411.Equals(digestAlgOID)) + { + return "GOST3411"; + } + else + { + return digestAlgOID.Id; + } + } + + internal static string GetSignatureName(AlgorithmIdentifier sigAlgId) + { + Asn1Encodable parameters = sigAlgId.Parameters; + + if (parameters != null && !derNull.Equals(parameters)) + { + if (sigAlgId.Algorithm.Equals(PkcsObjectIdentifiers.IdRsassaPss)) + { + RsassaPssParameters rsaParams = RsassaPssParameters.GetInstance(parameters); + + return GetDigestAlgName(rsaParams.HashAlgorithm.Algorithm) + "withRSAandMGF1"; + } + if (sigAlgId.Algorithm.Equals(X9ObjectIdentifiers.ECDsaWithSha2)) + { + Asn1Sequence ecDsaParams = Asn1Sequence.GetInstance(parameters); + + return GetDigestAlgName((DerObjectIdentifier)ecDsaParams[0]) + "withECDSA"; + } + } + + return sigAlgId.Algorithm.Id; + } + + private static RsassaPssParameters CreatePssParams( + AlgorithmIdentifier hashAlgId, + int saltSize) + { + return new RsassaPssParameters( + hashAlgId, + new AlgorithmIdentifier(PkcsObjectIdentifiers.IdMgf1, hashAlgId), + new DerInteger(saltSize), + new DerInteger(1)); + } + + internal static DerObjectIdentifier GetAlgorithmOid( + string algorithmName) + { + algorithmName = Platform.ToUpperInvariant(algorithmName); + + if (algorithms.Contains(algorithmName)) + { + return (DerObjectIdentifier) algorithms[algorithmName]; + } + + return new DerObjectIdentifier(algorithmName); + } + + internal static AlgorithmIdentifier GetSigAlgID( + DerObjectIdentifier sigOid, + string algorithmName) + { + if (noParams.Contains(sigOid)) + { + return new AlgorithmIdentifier(sigOid); + } + + algorithmName = Platform.ToUpperInvariant(algorithmName); + + if (exParams.Contains(algorithmName)) + { + return new AlgorithmIdentifier(sigOid, (Asn1Encodable) exParams[algorithmName]); + } + + return new AlgorithmIdentifier(sigOid, DerNull.Instance); + } + + internal static IEnumerable GetAlgNames() + { + return new EnumerableProxy(algorithms.Keys); + } + } + + + + /// + /// Calculator factory class for signature generation in ASN.1 based profiles that use an AlgorithmIdentifier to preserve + /// signature algorithm details. + /// + public class Asn1SignatureFactory + : ISignatureFactory + { + private readonly AlgorithmIdentifier algID; + private readonly string algorithm; + private readonly AsymmetricKeyParameter privateKey; + private readonly SecureRandom random; + + /// + /// Base constructor. + /// + /// The name of the signature algorithm to use. + /// The private key to be used in the signing operation. + public Asn1SignatureFactory (string algorithm, AsymmetricKeyParameter privateKey) + : this(algorithm, privateKey, null) + { + } + + /// + /// Constructor which also specifies a source of randomness to be used if one is required. + /// + /// The name of the signature algorithm to use. + /// The private key to be used in the signing operation. + /// The source of randomness to be used in signature calculation. + public Asn1SignatureFactory(string algorithm, AsymmetricKeyParameter privateKey, SecureRandom random) + { + if (algorithm == null) + throw new ArgumentNullException("algorithm"); + if (privateKey == null) + throw new ArgumentNullException("privateKey"); + if (!privateKey.IsPrivate) + throw new ArgumentException("Key for signing must be private", "privateKey"); + + DerObjectIdentifier sigOid = X509Utilities.GetAlgorithmOid(algorithm); + + this.algorithm = algorithm; + this.privateKey = privateKey; + this.random = random; + this.algID = X509Utilities.GetSigAlgID(sigOid, algorithm); + } + + public Object AlgorithmDetails + { + get { return this.algID; } + } + + public IStreamCalculator CreateCalculator() + { + ISigner signer = SignerUtilities.InitSigner(algorithm, true, privateKey, random); + + return new DefaultSignatureCalculator(signer); + } + + /// + /// Allows enumeration of the signature names supported by the verifier provider. + /// + public static IEnumerable SignatureAlgNames + { + get { return X509Utilities.GetAlgNames(); } + } + } + + /// + /// Verifier class for signature verification in ASN.1 based profiles that use an AlgorithmIdentifier to preserve + /// signature algorithm details. + /// + public class Asn1VerifierFactory + : IVerifierFactory + { + private readonly AlgorithmIdentifier algID; + private readonly AsymmetricKeyParameter publicKey; + + /// + /// Base constructor. + /// + /// The name of the signature algorithm to use. + /// The public key to be used in the verification operation. + public Asn1VerifierFactory(string algorithm, AsymmetricKeyParameter publicKey) + { + if (algorithm == null) + throw new ArgumentNullException("algorithm"); + if (publicKey == null) + throw new ArgumentNullException("publicKey"); + if (publicKey.IsPrivate) + throw new ArgumentException("Key for verifying must be public", "publicKey"); + + DerObjectIdentifier sigOid = X509Utilities.GetAlgorithmOid(algorithm); + + this.publicKey = publicKey; + this.algID = X509Utilities.GetSigAlgID(sigOid, algorithm); + } + + public Asn1VerifierFactory(AlgorithmIdentifier algorithm, AsymmetricKeyParameter publicKey) + { + this.publicKey = publicKey; + this.algID = algorithm; + } + + public Object AlgorithmDetails + { + get { return this.algID; } + } + + public IStreamCalculator CreateCalculator() + { + + ISigner verifier = SignerUtilities.InitSigner(X509Utilities.GetSignatureName(algID), false, publicKey, null); + + return new DefaultVerifierCalculator(verifier); + } + } + + /// + /// Provider class which supports dynamic creation of signature verifiers. + /// + public class Asn1VerifierFactoryProvider: IVerifierFactoryProvider + { + private readonly AsymmetricKeyParameter publicKey; + + /// + /// Base constructor - specify the public key to be used in verification. + /// + /// The public key to be used in creating verifiers provided by this object. + public Asn1VerifierFactoryProvider(AsymmetricKeyParameter publicKey) + { + this.publicKey = publicKey; + } + + public IVerifierFactory CreateVerifierFactory(Object algorithmDetails) + { + return new Asn1VerifierFactory((AlgorithmIdentifier)algorithmDetails, publicKey); + } + + /// + /// Allows enumeration of the signature names supported by the verifier provider. + /// + public IEnumerable SignatureAlgNames + { + get { return X509Utilities.GetAlgNames(); } + } + } +} + diff --git a/BouncyCastle/crypto/src/crypto/operators/CmsContentEncryptorBuilder.cs b/BouncyCastle/crypto/src/crypto/operators/CmsContentEncryptorBuilder.cs new file mode 100644 index 0000000..690e970 --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/operators/CmsContentEncryptorBuilder.cs @@ -0,0 +1,67 @@ +using System; +using System.Collections; +using System.IO; + +using Org.BouncyCastle.Asn1; +using Org.BouncyCastle.Asn1.Nist; +using Org.BouncyCastle.Asn1.Ntt; +using Org.BouncyCastle.Asn1.X509; +using Org.BouncyCastle.Cms; +using Org.BouncyCastle.Crypto.IO; +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Security; +using Org.BouncyCastle.Utilities; +using Org.BouncyCastle.Crypto; +using Org.BouncyCastle.Crypto.Operators; + +namespace Org.BouncyCastle.Operators +{ + public class CmsContentEncryptorBuilder + { + private static readonly IDictionary KeySizes = Platform.CreateHashtable(); + + static CmsContentEncryptorBuilder() + { + KeySizes[NistObjectIdentifiers.IdAes128Cbc] = 128; + KeySizes[NistObjectIdentifiers.IdAes192Cbc] = 192; + KeySizes[NistObjectIdentifiers.IdAes256Cbc] = 256; + + KeySizes[NttObjectIdentifiers.IdCamellia128Cbc] = 128; + KeySizes[NttObjectIdentifiers.IdCamellia192Cbc] = 192; + KeySizes[NttObjectIdentifiers.IdCamellia256Cbc] = 256; + } + + private static int GetKeySize(DerObjectIdentifier oid) + { + if (KeySizes.Contains(oid)) + { + return (int)KeySizes[oid]; + } + + return -1; + } + + private readonly DerObjectIdentifier encryptionOID; + private readonly int keySize; + + private readonly EnvelopedDataHelper helper = new EnvelopedDataHelper(); + //private SecureRandom random; + + public CmsContentEncryptorBuilder(DerObjectIdentifier encryptionOID) + : this(encryptionOID, GetKeySize(encryptionOID)) + { + } + + public CmsContentEncryptorBuilder(DerObjectIdentifier encryptionOID, int keySize) + { + this.encryptionOID = encryptionOID; + this.keySize = keySize; + } + + public ICipherBuilderWithKey Build() + { + //return new Asn1CipherBuilderWithKey(encryptionOID, keySize, random); + return new Asn1CipherBuilderWithKey(encryptionOID, keySize, null); + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/operators/CmsKeyTransRecipientInfoGenerator.cs b/BouncyCastle/crypto/src/crypto/operators/CmsKeyTransRecipientInfoGenerator.cs new file mode 100644 index 0000000..0165f6a --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/operators/CmsKeyTransRecipientInfoGenerator.cs @@ -0,0 +1,30 @@ +using System; + +using Org.BouncyCastle.Asn1; +using Org.BouncyCastle.Asn1.Cms; +using Org.BouncyCastle.Asn1.X509; +using Org.BouncyCastle.Cms; +using Org.BouncyCastle.Crypto; +using Org.BouncyCastle.X509; + +namespace Org.BouncyCastle.Operators +{ + /// Use KeyTransRecipientInfoGenerator + public class CmsKeyTransRecipientInfoGenerator + : KeyTransRecipientInfoGenerator + { + public CmsKeyTransRecipientInfoGenerator(X509Certificate recipCert, IKeyWrapper keyWrapper) + : base(new Asn1.Cms.IssuerAndSerialNumber(recipCert.IssuerDN, new DerInteger(recipCert.SerialNumber)), keyWrapper) + { + } + + public CmsKeyTransRecipientInfoGenerator(IssuerAndSerialNumber issuerAndSerial, IKeyWrapper keyWrapper) + : base(issuerAndSerial, keyWrapper) + { + } + + public CmsKeyTransRecipientInfoGenerator(byte[] subjectKeyID, IKeyWrapper keyWrapper) : base(subjectKeyID, keyWrapper) + { + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/operators/DefaultSignatureCalculator.cs b/BouncyCastle/crypto/src/crypto/operators/DefaultSignatureCalculator.cs new file mode 100644 index 0000000..8ca1c01 --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/operators/DefaultSignatureCalculator.cs @@ -0,0 +1,28 @@ +using System; +using System.IO; + +using Org.BouncyCastle.Crypto.IO; + +namespace Org.BouncyCastle.Crypto.Operators +{ + public class DefaultSignatureCalculator + : IStreamCalculator + { + private readonly SignerSink mSignerSink; + + public DefaultSignatureCalculator(ISigner signer) + { + this.mSignerSink = new SignerSink(signer); + } + + public Stream Stream + { + get { return mSignerSink; } + } + + public object GetResult() + { + return new DefaultSignatureResult(mSignerSink.Signer); + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/operators/DefaultSignatureResult.cs b/BouncyCastle/crypto/src/crypto/operators/DefaultSignatureResult.cs new file mode 100644 index 0000000..615f67d --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/operators/DefaultSignatureResult.cs @@ -0,0 +1,27 @@ +using System; + +namespace Org.BouncyCastle.Crypto.Operators +{ + public class DefaultSignatureResult + : IBlockResult + { + private readonly ISigner mSigner; + + public DefaultSignatureResult(ISigner signer) + { + this.mSigner = signer; + } + + public byte[] Collect() + { + return mSigner.GenerateSignature(); + } + + public int Collect(byte[] sig, int sigOff) + { + byte[] signature = Collect(); + signature.CopyTo(sig, sigOff); + return signature.Length; + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/operators/DefaultVerifierCalculator.cs b/BouncyCastle/crypto/src/crypto/operators/DefaultVerifierCalculator.cs new file mode 100644 index 0000000..c985e81 --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/operators/DefaultVerifierCalculator.cs @@ -0,0 +1,28 @@ +using System; +using System.IO; + +using Org.BouncyCastle.Crypto.IO; + +namespace Org.BouncyCastle.Crypto.Operators +{ + public class DefaultVerifierCalculator + : IStreamCalculator + { + private readonly SignerSink mSignerSink; + + public DefaultVerifierCalculator(ISigner signer) + { + this.mSignerSink = new SignerSink(signer); + } + + public Stream Stream + { + get { return mSignerSink; } + } + + public object GetResult() + { + return new DefaultVerifierResult(mSignerSink.Signer); + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/operators/DefaultVerifierResult.cs b/BouncyCastle/crypto/src/crypto/operators/DefaultVerifierResult.cs new file mode 100644 index 0000000..fb259c8 --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/operators/DefaultVerifierResult.cs @@ -0,0 +1,29 @@ +using System; + +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Crypto.Operators +{ + public class DefaultVerifierResult + : IVerifier + { + private readonly ISigner mSigner; + + public DefaultVerifierResult(ISigner signer) + { + this.mSigner = signer; + } + + public bool IsVerified(byte[] signature) + { + return mSigner.VerifySignature(signature); + } + + public bool IsVerified(byte[] sig, int sigOff, int sigLen) + { + byte[] signature = Arrays.CopyOfRange(sig, sigOff, sigOff + sigLen); + + return IsVerified(signature); + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/operators/GenericKey.cs b/BouncyCastle/crypto/src/crypto/operators/GenericKey.cs new file mode 100644 index 0000000..89512c7 --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/operators/GenericKey.cs @@ -0,0 +1,40 @@ +using System; + +using Org.BouncyCastle.Asn1.X509; + +namespace Org.BouncyCastle.Crypto.Operators +{ + public class GenericKey + { + private readonly AlgorithmIdentifier algorithmIdentifier; + private readonly object representation; + + public GenericKey(object representation) + { + this.algorithmIdentifier = null; + this.representation = representation; + } + + public GenericKey(AlgorithmIdentifier algorithmIdentifier, byte[] representation) + { + this.algorithmIdentifier = algorithmIdentifier; + this.representation = representation; + } + + public GenericKey(AlgorithmIdentifier algorithmIdentifier, object representation) + { + this.algorithmIdentifier = algorithmIdentifier; + this.representation = representation; + } + + public AlgorithmIdentifier AlgorithmIdentifier + { + get { return algorithmIdentifier; } + } + + public object Representation + { + get { return representation; } + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/paddings/BlockCipherPadding.cs b/BouncyCastle/crypto/src/crypto/paddings/BlockCipherPadding.cs new file mode 100644 index 0000000..33a5f9f --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/paddings/BlockCipherPadding.cs @@ -0,0 +1,43 @@ +using System; +using Org.BouncyCastle.Crypto; +using Org.BouncyCastle.Security; + + +namespace Org.BouncyCastle.Crypto.Paddings +{ + /** + * Block cipher padders are expected to conform to this interface + */ + public interface IBlockCipherPadding + { + /** + * Initialise the padder. + * + * @param param parameters, if any required. + */ + void Init(SecureRandom random); + //throws ArgumentException; + + /** + * Return the name of the algorithm the cipher implements. + * + * @return the name of the algorithm the cipher implements. + */ + string PaddingName { get; } + + /** + * add the pad bytes to the passed in block, returning the + * number of bytes added. + */ + int AddPadding(byte[] input, int inOff); + + /** + * return the number of pad bytes present in the block. + * @exception InvalidCipherTextException if the padding is badly formed + * or invalid. + */ + int PadCount(byte[] input); + //throws InvalidCipherTextException; + } + +} diff --git a/BouncyCastle/crypto/src/crypto/paddings/ISO10126d2Padding.cs b/BouncyCastle/crypto/src/crypto/paddings/ISO10126d2Padding.cs new file mode 100644 index 0000000..e132a62 --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/paddings/ISO10126d2Padding.cs @@ -0,0 +1,76 @@ +using System; +using Org.BouncyCastle.Crypto; +using Org.BouncyCastle.Security; + + +namespace Org.BouncyCastle.Crypto.Paddings +{ + + /** + * A padder that adds ISO10126-2 padding to a block. + */ + public class ISO10126d2Padding: IBlockCipherPadding + { + private SecureRandom random; + + /** + * Initialise the padder. + * + * @param random a SecureRandom if available. + */ + public void Init( + SecureRandom random) + //throws ArgumentException + { + this.random = (random != null) ? random : new SecureRandom(); + } + + /** + * Return the name of the algorithm the cipher implements. + * + * @return the name of the algorithm the cipher implements. + */ + public string PaddingName + { + get { return "ISO10126-2"; } + } + + /** + * add the pad bytes to the passed in block, returning the + * number of bytes added. + */ + public int AddPadding( + byte[] input, + int inOff) + { + byte code = (byte)(input.Length - inOff); + + while (inOff < (input.Length - 1)) + { + input[inOff] = (byte)random.NextInt(); + inOff++; + } + + input[inOff] = code; + + return code; + } + + /** + * return the number of pad bytes present in the block. + */ + public int PadCount(byte[] input) + //throws InvalidCipherTextException + { + int count = input[input.Length - 1] & 0xff; + + if (count > input.Length) + { + throw new InvalidCipherTextException("pad block corrupted"); + } + + return count; + } + } + +} diff --git a/BouncyCastle/crypto/src/crypto/paddings/ISO7816d4Padding.cs b/BouncyCastle/crypto/src/crypto/paddings/ISO7816d4Padding.cs new file mode 100644 index 0000000..016b25a --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/paddings/ISO7816d4Padding.cs @@ -0,0 +1,79 @@ +using System; + +using Org.BouncyCastle.Crypto; +using Org.BouncyCastle.Security; + +namespace Org.BouncyCastle.Crypto.Paddings +{ + /** + * A padder that adds the padding according to the scheme referenced in + * ISO 7814-4 - scheme 2 from ISO 9797-1. The first byte is 0x80, rest is 0x00 + */ + public class ISO7816d4Padding + : IBlockCipherPadding + { + /** + * Initialise the padder. + * + * @param random - a SecureRandom if available. + */ + public void Init( + SecureRandom random) + { + // nothing to do. + } + + /** + * Return the name of the algorithm the padder implements. + * + * @return the name of the algorithm the padder implements. + */ + public string PaddingName + { + get { return "ISO7816-4"; } + } + + /** + * add the pad bytes to the passed in block, returning the + * number of bytes added. + */ + public int AddPadding( + byte[] input, + int inOff) + { + int added = (input.Length - inOff); + + input[inOff]= (byte) 0x80; + inOff ++; + + while (inOff < input.Length) + { + input[inOff] = (byte) 0; + inOff++; + } + + return added; + } + + /** + * return the number of pad bytes present in the block. + */ + public int PadCount( + byte[] input) + { + int count = input.Length - 1; + + while (count > 0 && input[count] == 0) + { + count--; + } + + if (input[count] != (byte)0x80) + { + throw new InvalidCipherTextException("pad block corrupted"); + } + + return input.Length - count; + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/paddings/PaddedBufferedBlockCipher.cs b/BouncyCastle/crypto/src/crypto/paddings/PaddedBufferedBlockCipher.cs new file mode 100644 index 0000000..5d2f8cf --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/paddings/PaddedBufferedBlockCipher.cs @@ -0,0 +1,285 @@ +using System; + +using Org.BouncyCastle.Crypto; +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Security; + +namespace Org.BouncyCastle.Crypto.Paddings +{ + /** + * A wrapper class that allows block ciphers to be used to process data in + * a piecemeal fashion with padding. The PaddedBufferedBlockCipher + * outputs a block only when the buffer is full and more data is being added, + * or on a doFinal (unless the current block in the buffer is a pad block). + * The default padding mechanism used is the one outlined in Pkcs5/Pkcs7. + */ + public class PaddedBufferedBlockCipher + : BufferedBlockCipher + { + private readonly IBlockCipherPadding padding; + + /** + * Create a buffered block cipher with the desired padding. + * + * @param cipher the underlying block cipher this buffering object wraps. + * @param padding the padding type. + */ + public PaddedBufferedBlockCipher( + IBlockCipher cipher, + IBlockCipherPadding padding) + { + this.cipher = cipher; + this.padding = padding; + + buf = new byte[cipher.GetBlockSize()]; + bufOff = 0; + } + + /** + * Create a buffered block cipher Pkcs7 padding + * + * @param cipher the underlying block cipher this buffering object wraps. + */ + public PaddedBufferedBlockCipher( + IBlockCipher cipher) + : this(cipher, new Pkcs7Padding()) { } + + /** + * initialise the cipher. + * + * @param forEncryption if true the cipher is initialised for + * encryption, if false for decryption. + * @param param the key and other data required by the cipher. + * @exception ArgumentException if the parameters argument is + * inappropriate. + */ + public override void Init( + bool forEncryption, + ICipherParameters parameters) + { + this.forEncryption = forEncryption; + + SecureRandom initRandom = null; + if (parameters is ParametersWithRandom) + { + ParametersWithRandom p = (ParametersWithRandom)parameters; + initRandom = p.Random; + parameters = p.Parameters; + } + + Reset(); + padding.Init(initRandom); + cipher.Init(forEncryption, parameters); + } + + /** + * return the minimum size of the output buffer required for an update + * plus a doFinal with an input of len bytes. + * + * @param len the length of the input. + * @return the space required to accommodate a call to update and doFinal + * with len bytes of input. + */ + public override int GetOutputSize( + int length) + { + int total = length + bufOff; + int leftOver = total % buf.Length; + + if (leftOver == 0) + { + if (forEncryption) + { + return total + buf.Length; + } + + return total; + } + + return total - leftOver + buf.Length; + } + + /** + * return the size of the output buffer required for an update + * an input of len bytes. + * + * @param len the length of the input. + * @return the space required to accommodate a call to update + * with len bytes of input. + */ + public override int GetUpdateOutputSize( + int length) + { + int total = length + bufOff; + int leftOver = total % buf.Length; + + if (leftOver == 0) + { + return total - buf.Length; + } + + return total - leftOver; + } + + /** + * process a single byte, producing an output block if necessary. + * + * @param in the input byte. + * @param out the space for any output that might be produced. + * @param outOff the offset from which the output will be copied. + * @return the number of output bytes copied to out. + * @exception DataLengthException if there isn't enough space in out. + * @exception InvalidOperationException if the cipher isn't initialised. + */ + public override int ProcessByte( + byte input, + byte[] output, + int outOff) + { + int resultLen = 0; + + if (bufOff == buf.Length) + { + resultLen = cipher.ProcessBlock(buf, 0, output, outOff); + bufOff = 0; + } + + buf[bufOff++] = input; + + return resultLen; + } + + /** + * process an array of bytes, producing output if necessary. + * + * @param in the input byte array. + * @param inOff the offset at which the input data starts. + * @param len the number of bytes to be copied out of the input array. + * @param out the space for any output that might be produced. + * @param outOff the offset from which the output will be copied. + * @return the number of output bytes copied to out. + * @exception DataLengthException if there isn't enough space in out. + * @exception InvalidOperationException if the cipher isn't initialised. + */ + public override int ProcessBytes( + byte[] input, + int inOff, + int length, + byte[] output, + int outOff) + { + if (length < 0) + { + throw new ArgumentException("Can't have a negative input length!"); + } + + int blockSize = GetBlockSize(); + int outLength = GetUpdateOutputSize(length); + + if (outLength > 0) + { + Check.OutputLength(output, outOff, outLength, "output buffer too short"); + } + + int resultLen = 0; + int gapLen = buf.Length - bufOff; + + if (length > gapLen) + { + Array.Copy(input, inOff, buf, bufOff, gapLen); + + resultLen += cipher.ProcessBlock(buf, 0, output, outOff); + + bufOff = 0; + length -= gapLen; + inOff += gapLen; + + while (length > buf.Length) + { + resultLen += cipher.ProcessBlock(input, inOff, output, outOff + resultLen); + + length -= blockSize; + inOff += blockSize; + } + } + + Array.Copy(input, inOff, buf, bufOff, length); + + bufOff += length; + + return resultLen; + } + + /** + * Process the last block in the buffer. If the buffer is currently + * full and padding needs to be added a call to doFinal will produce + * 2 * GetBlockSize() bytes. + * + * @param out the array the block currently being held is copied into. + * @param outOff the offset at which the copying starts. + * @return the number of output bytes copied to out. + * @exception DataLengthException if there is insufficient space in out for + * the output or we are decrypting and the input is not block size aligned. + * @exception InvalidOperationException if the underlying cipher is not + * initialised. + * @exception InvalidCipherTextException if padding is expected and not found. + */ + public override int DoFinal( + byte[] output, + int outOff) + { + int blockSize = cipher.GetBlockSize(); + int resultLen = 0; + + if (forEncryption) + { + if (bufOff == blockSize) + { + if ((outOff + 2 * blockSize) > output.Length) + { + Reset(); + + throw new OutputLengthException("output buffer too short"); + } + + resultLen = cipher.ProcessBlock(buf, 0, output, outOff); + bufOff = 0; + } + + padding.AddPadding(buf, bufOff); + + resultLen += cipher.ProcessBlock(buf, 0, output, outOff + resultLen); + + Reset(); + } + else + { + if (bufOff == blockSize) + { + resultLen = cipher.ProcessBlock(buf, 0, buf, 0); + bufOff = 0; + } + else + { + Reset(); + + throw new DataLengthException("last block incomplete in decryption"); + } + + try + { + resultLen -= padding.PadCount(buf); + + Array.Copy(buf, 0, output, outOff, resultLen); + } + finally + { + Reset(); + } + } + + return resultLen; + } + } + +} diff --git a/BouncyCastle/crypto/src/crypto/paddings/Pkcs7Padding.cs b/BouncyCastle/crypto/src/crypto/paddings/Pkcs7Padding.cs new file mode 100644 index 0000000..1158564 --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/paddings/Pkcs7Padding.cs @@ -0,0 +1,76 @@ +using System; + +using Org.BouncyCastle.Crypto; +using Org.BouncyCastle.Security; + +namespace Org.BouncyCastle.Crypto.Paddings +{ + /** + * A padder that adds Pkcs7/Pkcs5 padding to a block. + */ + public class Pkcs7Padding + : IBlockCipherPadding + { + /** + * Initialise the padder. + * + * @param random - a SecureRandom if available. + */ + public void Init( + SecureRandom random) + { + // nothing to do. + } + + /** + * Return the name of the algorithm the cipher implements. + * + * @return the name of the algorithm the cipher implements. + */ + public string PaddingName + { + get { return "PKCS7"; } + } + + /** + * add the pad bytes to the passed in block, returning the + * number of bytes added. + */ + public int AddPadding( + byte[] input, + int inOff) + { + byte code = (byte)(input.Length - inOff); + + while (inOff < input.Length) + { + input[inOff] = code; + inOff++; + } + + return code; + } + + /** + * return the number of pad bytes present in the block. + */ + public int PadCount( + byte[] input) + { + byte countAsByte = input[input.Length - 1]; + int count = countAsByte; + + if (count < 1 || count > input.Length) + throw new InvalidCipherTextException("pad block corrupted"); + + for (int i = 2; i <= count; i++) + { + if (input[input.Length - i] != countAsByte) + throw new InvalidCipherTextException("pad block corrupted"); + } + + return count; + } + } + +} diff --git a/BouncyCastle/crypto/src/crypto/paddings/TbcPadding.cs b/BouncyCastle/crypto/src/crypto/paddings/TbcPadding.cs new file mode 100644 index 0000000..74b64e8 --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/paddings/TbcPadding.cs @@ -0,0 +1,79 @@ +using System; +using Org.BouncyCastle.Crypto; +using Org.BouncyCastle.Security; + +namespace Org.BouncyCastle.Crypto.Paddings +{ + + /// A padder that adds Trailing-Bit-Compliment padding to a block. + ///

+ /// This padding pads the block out compliment of the last bit + /// of the plain text. + ///

+ /// + public class TbcPadding + : IBlockCipherPadding + { + /// Return the name of the algorithm the cipher implements. + /// the name of the algorithm the cipher implements. + /// + public string PaddingName + { + get { return "TBC"; } + } + + /// Initialise the padder. + /// - a SecureRandom if available. + /// + public virtual void Init(SecureRandom random) + { + // nothing to do. + } + + /// add the pad bytes to the passed in block, returning the + /// number of bytes added. + ///

+ /// Note: this assumes that the last block of plain text is always + /// passed to it inside in. i.e. if inOff is zero, indicating the + /// entire block is to be overwritten with padding the value of in + /// should be the same as the last block of plain text. + ///

+ /// + public virtual int AddPadding(byte[] input, int inOff) + { + int count = input.Length - inOff; + byte code; + + if (inOff > 0) + { + code = (byte)((input[inOff - 1] & 0x01) == 0?0xff:0x00); + } + else + { + code = (byte)((input[input.Length - 1] & 0x01) == 0?0xff:0x00); + } + + while (inOff < input.Length) + { + input[inOff] = code; + inOff++; + } + + return count; + } + + /// return the number of pad bytes present in the block. + public virtual int PadCount(byte[] input) + { + byte code = input[input.Length - 1]; + + int index = input.Length - 1; + while (index > 0 && input[index - 1] == code) + { + index--; + } + + return input.Length - index; + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/paddings/X923Padding.cs b/BouncyCastle/crypto/src/crypto/paddings/X923Padding.cs new file mode 100644 index 0000000..cc1b52b --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/paddings/X923Padding.cs @@ -0,0 +1,82 @@ +using System; + +using Org.BouncyCastle.Crypto; +using Org.BouncyCastle.Security; + +namespace Org.BouncyCastle.Crypto.Paddings +{ + /** + * A padder that adds X9.23 padding to a block - if a SecureRandom is + * passed in random padding is assumed, otherwise padding with zeros is used. + */ + public class X923Padding + : IBlockCipherPadding + { + private SecureRandom random; + + /** + * Initialise the padder. + * + * @param random a SecureRandom if one is available. + */ + public void Init( + SecureRandom random) + { + this.random = random; + } + + /** + * Return the name of the algorithm the cipher implements. + * + * @return the name of the algorithm the cipher implements. + */ + public string PaddingName + { + get { return "X9.23"; } + } + + /** + * add the pad bytes to the passed in block, returning the + * number of bytes added. + */ + public int AddPadding( + byte[] input, + int inOff) + { + byte code = (byte)(input.Length - inOff); + + while (inOff < input.Length - 1) + { + if (random == null) + { + input[inOff] = 0; + } + else + { + input[inOff] = (byte)random.NextInt(); + } + inOff++; + } + + input[inOff] = code; + + return code; + } + + /** + * return the number of pad bytes present in the block. + */ + public int PadCount( + byte[] input) + { + int count = input[input.Length - 1] & 0xff; + + if (count > input.Length) + { + throw new InvalidCipherTextException("pad block corrupted"); + } + + return count; + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/paddings/ZeroBytePadding.cs b/BouncyCastle/crypto/src/crypto/paddings/ZeroBytePadding.cs new file mode 100644 index 0000000..0d55ca4 --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/paddings/ZeroBytePadding.cs @@ -0,0 +1,68 @@ +using System; +using Org.BouncyCastle.Crypto; +using Org.BouncyCastle.Security; + +namespace Org.BouncyCastle.Crypto.Paddings +{ + + /// A padder that adds Null byte padding to a block. + public class ZeroBytePadding : IBlockCipherPadding + { + /// Return the name of the algorithm the cipher implements. + /// + /// + /// the name of the algorithm the cipher implements. + /// + public string PaddingName + { + get { return "ZeroBytePadding"; } + } + + /// Initialise the padder. + /// + /// + /// - a SecureRandom if available. + /// + public void Init(SecureRandom random) + { + // nothing to do. + } + + /// add the pad bytes to the passed in block, returning the + /// number of bytes added. + /// + public int AddPadding( + byte[] input, + int inOff) + { + int added = (input.Length - inOff); + + while (inOff < input.Length) + { + input[inOff] = (byte) 0; + inOff++; + } + + return added; + } + + /// return the number of pad bytes present in the block. + public int PadCount( + byte[] input) + { + int count = input.Length; + + while (count > 0) + { + if (input[count - 1] != 0) + { + break; + } + + count--; + } + + return input.Length - count; + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/parameters/AEADParameters.cs b/BouncyCastle/crypto/src/crypto/parameters/AEADParameters.cs new file mode 100644 index 0000000..825d6b7 --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/parameters/AEADParameters.cs @@ -0,0 +1,65 @@ +using System; + +namespace Org.BouncyCastle.Crypto.Parameters +{ + public class AeadParameters + : ICipherParameters + { + private readonly byte[] associatedText; + private readonly byte[] nonce; + private readonly KeyParameter key; + private readonly int macSize; + + /** + * Base constructor. + * + * @param key key to be used by underlying cipher + * @param macSize macSize in bits + * @param nonce nonce to be used + */ + public AeadParameters(KeyParameter key, int macSize, byte[] nonce) + : this(key, macSize, nonce, null) + { + } + + /** + * Base constructor. + * + * @param key key to be used by underlying cipher + * @param macSize macSize in bits + * @param nonce nonce to be used + * @param associatedText associated text, if any + */ + public AeadParameters( + KeyParameter key, + int macSize, + byte[] nonce, + byte[] associatedText) + { + this.key = key; + this.nonce = nonce; + this.macSize = macSize; + this.associatedText = associatedText; + } + + public virtual KeyParameter Key + { + get { return key; } + } + + public virtual int MacSize + { + get { return macSize; } + } + + public virtual byte[] GetAssociatedText() + { + return associatedText; + } + + public virtual byte[] GetNonce() + { + return nonce; + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/parameters/CcmParameters.cs b/BouncyCastle/crypto/src/crypto/parameters/CcmParameters.cs new file mode 100644 index 0000000..d445908 --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/parameters/CcmParameters.cs @@ -0,0 +1,26 @@ +using System; + +namespace Org.BouncyCastle.Crypto.Parameters +{ + [Obsolete("Use AeadParameters")] + public class CcmParameters + : AeadParameters + { + /** + * Base constructor. + * + * @param key key to be used by underlying cipher + * @param macSize macSize in bits + * @param nonce nonce to be used + * @param associatedText associated text, if any + */ + public CcmParameters( + KeyParameter key, + int macSize, + byte[] nonce, + byte[] associatedText) + : base(key, macSize, nonce, associatedText) + { + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/parameters/DHKeyGenerationParameters.cs b/BouncyCastle/crypto/src/crypto/parameters/DHKeyGenerationParameters.cs new file mode 100644 index 0000000..ab3e18f --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/parameters/DHKeyGenerationParameters.cs @@ -0,0 +1,31 @@ +using System; + +using Org.BouncyCastle.Security; + +namespace Org.BouncyCastle.Crypto.Parameters +{ + public class DHKeyGenerationParameters + : KeyGenerationParameters + { + private readonly DHParameters parameters; + + public DHKeyGenerationParameters( + SecureRandom random, + DHParameters parameters) + : base(random, GetStrength(parameters)) + { + this.parameters = parameters; + } + + public DHParameters Parameters + { + get { return parameters; } + } + + internal static int GetStrength( + DHParameters parameters) + { + return parameters.L != 0 ? parameters.L : parameters.P.BitLength; + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/parameters/DHKeyParameters.cs b/BouncyCastle/crypto/src/crypto/parameters/DHKeyParameters.cs new file mode 100644 index 0000000..1a5c138 --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/parameters/DHKeyParameters.cs @@ -0,0 +1,76 @@ +using System; + +using Org.BouncyCastle.Asn1; +using Org.BouncyCastle.Asn1.Pkcs; +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Crypto.Parameters +{ + public class DHKeyParameters + : AsymmetricKeyParameter + { + private readonly DHParameters parameters; + private readonly DerObjectIdentifier algorithmOid; + + protected DHKeyParameters( + bool isPrivate, + DHParameters parameters) + : this(isPrivate, parameters, PkcsObjectIdentifiers.DhKeyAgreement) + { + } + + protected DHKeyParameters( + bool isPrivate, + DHParameters parameters, + DerObjectIdentifier algorithmOid) + : base(isPrivate) + { + // TODO Should we allow parameters to be null? + this.parameters = parameters; + this.algorithmOid = algorithmOid; + } + + public DHParameters Parameters + { + get { return parameters; } + } + + public DerObjectIdentifier AlgorithmOid + { + get { return algorithmOid; } + } + + public override bool Equals( + object obj) + { + if (obj == this) + return true; + + DHKeyParameters other = obj as DHKeyParameters; + + if (other == null) + return false; + + return Equals(other); + } + + protected bool Equals( + DHKeyParameters other) + { + return Platform.Equals(parameters, other.parameters) + && base.Equals(other); + } + + public override int GetHashCode() + { + int hc = base.GetHashCode(); + + if (parameters != null) + { + hc ^= parameters.GetHashCode(); + } + + return hc; + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/parameters/DHParameters.cs b/BouncyCastle/crypto/src/crypto/parameters/DHParameters.cs new file mode 100644 index 0000000..bdea124 --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/parameters/DHParameters.cs @@ -0,0 +1,185 @@ +using System; + +using Org.BouncyCastle.Math; +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Crypto.Parameters +{ + public class DHParameters + : ICipherParameters + { + private const int DefaultMinimumLength = 160; + + private readonly BigInteger p, g, q, j; + private readonly int m, l; + private readonly DHValidationParameters validation; + + private static int GetDefaultMParam( + int lParam) + { + if (lParam == 0) + return DefaultMinimumLength; + + return System.Math.Min(lParam, DefaultMinimumLength); + } + + public DHParameters( + BigInteger p, + BigInteger g) + : this(p, g, null, 0) + { + } + + public DHParameters( + BigInteger p, + BigInteger g, + BigInteger q) + : this(p, g, q, 0) + { + } + + public DHParameters( + BigInteger p, + BigInteger g, + BigInteger q, + int l) + : this(p, g, q, GetDefaultMParam(l), l, null, null) + { + } + + public DHParameters( + BigInteger p, + BigInteger g, + BigInteger q, + int m, + int l) + : this(p, g, q, m, l, null, null) + { + } + + public DHParameters( + BigInteger p, + BigInteger g, + BigInteger q, + BigInteger j, + DHValidationParameters validation) + : this(p, g, q, DefaultMinimumLength, 0, j, validation) + { + } + + public DHParameters( + BigInteger p, + BigInteger g, + BigInteger q, + int m, + int l, + BigInteger j, + DHValidationParameters validation) + { + if (p == null) + throw new ArgumentNullException("p"); + if (g == null) + throw new ArgumentNullException("g"); + if (!p.TestBit(0)) + throw new ArgumentException("field must be an odd prime", "p"); + if (g.CompareTo(BigInteger.Two) < 0 + || g.CompareTo(p.Subtract(BigInteger.Two)) > 0) + throw new ArgumentException("generator must in the range [2, p - 2]", "g"); + if (q != null && q.BitLength >= p.BitLength) + throw new ArgumentException("q too big to be a factor of (p-1)", "q"); + if (m >= p.BitLength) + throw new ArgumentException("m value must be < bitlength of p", "m"); + if (l != 0) + { + // TODO Check this against the Java version, which has 'l > p.BitLength' here + if (l >= p.BitLength) + throw new ArgumentException("when l value specified, it must be less than bitlength(p)", "l"); + if (l < m) + throw new ArgumentException("when l value specified, it may not be less than m value", "l"); + } + if (j != null && j.CompareTo(BigInteger.Two) < 0) + throw new ArgumentException("subgroup factor must be >= 2", "j"); + + // TODO If q, j both provided, validate p = jq + 1 ? + + this.p = p; + this.g = g; + this.q = q; + this.m = m; + this.l = l; + this.j = j; + this.validation = validation; + } + + public BigInteger P + { + get { return p; } + } + + public BigInteger G + { + get { return g; } + } + + public BigInteger Q + { + get { return q; } + } + + public BigInteger J + { + get { return j; } + } + + /// The minimum bitlength of the private value. + public int M + { + get { return m; } + } + + /// The bitlength of the private value. + public int L + { + get { return l; } + } + + public DHValidationParameters ValidationParameters + { + get { return validation; } + } + + public override bool Equals( + object obj) + { + if (obj == this) + return true; + + DHParameters other = obj as DHParameters; + + if (other == null) + return false; + + return Equals(other); + } + + protected virtual bool Equals( + DHParameters other) + { + return p.Equals(other.p) + && g.Equals(other.g) + && Platform.Equals(q, other.q); + } + + public override int GetHashCode() + { + int hc = p.GetHashCode() ^ g.GetHashCode(); + + if (q != null) + { + hc ^= q.GetHashCode(); + } + + return hc; + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/parameters/DHPrivateKeyParameters.cs b/BouncyCastle/crypto/src/crypto/parameters/DHPrivateKeyParameters.cs new file mode 100644 index 0000000..fc724df --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/parameters/DHPrivateKeyParameters.cs @@ -0,0 +1,60 @@ +using System; + +using Org.BouncyCastle.Asn1; +using Org.BouncyCastle.Math; + +namespace Org.BouncyCastle.Crypto.Parameters +{ + public class DHPrivateKeyParameters + : DHKeyParameters + { + private readonly BigInteger x; + + public DHPrivateKeyParameters( + BigInteger x, + DHParameters parameters) + : base(true, parameters) + { + this.x = x; + } + + public DHPrivateKeyParameters( + BigInteger x, + DHParameters parameters, + DerObjectIdentifier algorithmOid) + : base(true, parameters, algorithmOid) + { + this.x = x; + } + + public BigInteger X + { + get { return x; } + } + + public override bool Equals( + object obj) + { + if (obj == this) + return true; + + DHPrivateKeyParameters other = obj as DHPrivateKeyParameters; + + if (other == null) + return false; + + return Equals(other); + } + + protected bool Equals( + DHPrivateKeyParameters other) + { + return x.Equals(other.x) && base.Equals(other); + } + + public override int GetHashCode() + { + return x.GetHashCode() ^ base.GetHashCode(); + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/parameters/DHPublicKeyParameters.cs b/BouncyCastle/crypto/src/crypto/parameters/DHPublicKeyParameters.cs new file mode 100644 index 0000000..19e732b --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/parameters/DHPublicKeyParameters.cs @@ -0,0 +1,167 @@ +using System; + +using Org.BouncyCastle.Asn1; +using Org.BouncyCastle.Math; +using Org.BouncyCastle.Math.Raw; +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Crypto.Parameters +{ + public class DHPublicKeyParameters + : DHKeyParameters + { + private static BigInteger Validate(BigInteger y, DHParameters dhParams) + { + if (y == null) + throw new ArgumentNullException("y"); + + BigInteger p = dhParams.P; + + // TLS check + if (y.CompareTo(BigInteger.Two) < 0 || y.CompareTo(p.Subtract(BigInteger.Two)) > 0) + throw new ArgumentException("invalid DH public key", "y"); + + BigInteger q = dhParams.Q; + + // We can't validate without Q. + if (q == null) + return y; + + if (p.TestBit(0) + && p.BitLength - 1 == q.BitLength + && p.ShiftRight(1).Equals(q)) + { + // Safe prime case + if (1 == Legendre(y, p)) + return y; + } + else + { + if (BigInteger.One.Equals(y.ModPow(q, p))) + return y; + } + + throw new ArgumentException("value does not appear to be in correct group", "y"); + } + + private readonly BigInteger y; + + public DHPublicKeyParameters( + BigInteger y, + DHParameters parameters) + : base(false, parameters) + { + this.y = Validate(y, parameters); + } + + public DHPublicKeyParameters( + BigInteger y, + DHParameters parameters, + DerObjectIdentifier algorithmOid) + : base(false, parameters, algorithmOid) + { + this.y = Validate(y, parameters); + } + + public virtual BigInteger Y + { + get { return y; } + } + + public override bool Equals( + object obj) + { + if (obj == this) + return true; + + DHPublicKeyParameters other = obj as DHPublicKeyParameters; + + if (other == null) + return false; + + return Equals(other); + } + + protected bool Equals( + DHPublicKeyParameters other) + { + return y.Equals(other.y) && base.Equals(other); + } + + public override int GetHashCode() + { + return y.GetHashCode() ^ base.GetHashCode(); + } + + private static int Legendre(BigInteger a, BigInteger b) + { + //int r = 0, bits = b.IntValue; + + //for (;;) + //{ + // int lowestSetBit = a.GetLowestSetBit(); + // a = a.ShiftRight(lowestSetBit); + // r ^= (bits ^ (bits >> 1)) & (lowestSetBit << 1); + + // int cmp = a.CompareTo(b); + // if (cmp == 0) + // break; + + // if (cmp < 0) + // { + // BigInteger t = a; a = b; b = t; + + // int oldBits = bits; + // bits = b.IntValue; + // r ^= oldBits & bits; + // } + + // a = a.Subtract(b); + //} + + //return BigInteger.One.Equals(b) ? (1 - (r & 2)) : 0; + + int bitLength = b.BitLength; + uint[] A = Nat.FromBigInteger(bitLength, a); + uint[] B = Nat.FromBigInteger(bitLength, b); + + int r = 0; + + int len = B.Length; + for (;;) + { + while (A[0] == 0) + { + Nat.ShiftDownWord(len, A, 0); + } + + int shift = Integers.NumberOfTrailingZeros((int)A[0]); + if (shift > 0) + { + Nat.ShiftDownBits(len, A, shift, 0); + int bits = (int)B[0]; + r ^= (bits ^ (bits >> 1)) & (shift << 1); + } + + int cmp = Nat.Compare(len, A, B); + if (cmp == 0) + break; + + if (cmp < 0) + { + r ^= (int)(A[0] & B[0]); + uint[] t = A; A = B; B = t; + } + + while (A[len - 1] == 0) + { + len = len - 1; + } + + Nat.Sub(len, A, B, A); + } + + return Nat.IsOne(len, B) ? (1 - (r & 2)) : 0; + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/parameters/DHValidationParameters.cs b/BouncyCastle/crypto/src/crypto/parameters/DHValidationParameters.cs new file mode 100644 index 0000000..50c0739 --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/parameters/DHValidationParameters.cs @@ -0,0 +1,59 @@ +using System; + +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Crypto.Parameters +{ + public class DHValidationParameters + { + private readonly byte[] seed; + private readonly int counter; + + public DHValidationParameters( + byte[] seed, + int counter) + { + if (seed == null) + throw new ArgumentNullException("seed"); + + this.seed = (byte[]) seed.Clone(); + this.counter = counter; + } + + public byte[] GetSeed() + { + return (byte[]) seed.Clone(); + } + + public int Counter + { + get { return counter; } + } + + public override bool Equals( + object obj) + { + if (obj == this) + return true; + + DHValidationParameters other = obj as DHValidationParameters; + + if (other == null) + return false; + + return Equals(other); + } + + protected bool Equals( + DHValidationParameters other) + { + return counter == other.counter + && Arrays.AreEqual(this.seed, other.seed); + } + + public override int GetHashCode() + { + return counter.GetHashCode() ^ Arrays.GetHashCode(seed); + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/parameters/DSAParameterGenerationParameters.cs b/BouncyCastle/crypto/src/crypto/parameters/DSAParameterGenerationParameters.cs new file mode 100644 index 0000000..7427574 --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/parameters/DSAParameterGenerationParameters.cs @@ -0,0 +1,74 @@ +using System; + +using Org.BouncyCastle.Security; + +namespace Org.BouncyCastle.Crypto.Parameters +{ + public class DsaParameterGenerationParameters + { + public const int DigitalSignatureUsage = 1; + public const int KeyEstablishmentUsage = 2; + + private readonly int l; + private readonly int n; + private readonly int certainty; + private readonly SecureRandom random; + private readonly int usageIndex; + + /** + * Construct without a usage index, this will do a random construction of G. + * + * @param L desired length of prime P in bits (the effective key size). + * @param N desired length of prime Q in bits. + * @param certainty certainty level for prime number generation. + * @param random the source of randomness to use. + */ + public DsaParameterGenerationParameters(int L, int N, int certainty, SecureRandom random) + : this(L, N, certainty, random, -1) + { + } + + /** + * Construct for a specific usage index - this has the effect of using verifiable canonical generation of G. + * + * @param L desired length of prime P in bits (the effective key size). + * @param N desired length of prime Q in bits. + * @param certainty certainty level for prime number generation. + * @param random the source of randomness to use. + * @param usageIndex a valid usage index. + */ + public DsaParameterGenerationParameters(int L, int N, int certainty, SecureRandom random, int usageIndex) + { + this.l = L; + this.n = N; + this.certainty = certainty; + this.random = random; + this.usageIndex = usageIndex; + } + + public virtual int L + { + get { return l; } + } + + public virtual int N + { + get { return n; } + } + + public virtual int UsageIndex + { + get { return usageIndex; } + } + + public virtual int Certainty + { + get { return certainty; } + } + + public virtual SecureRandom Random + { + get { return random; } + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/parameters/DesEdeParameters.cs b/BouncyCastle/crypto/src/crypto/parameters/DesEdeParameters.cs new file mode 100644 index 0000000..6be56fb --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/parameters/DesEdeParameters.cs @@ -0,0 +1,140 @@ +using System; + +namespace Org.BouncyCastle.Crypto.Parameters +{ + public class DesEdeParameters + : DesParameters + { + /* + * DES-EDE Key length in bytes. + */ + public const int DesEdeKeyLength = 24; + + private static byte[] FixKey( + byte[] key, + int keyOff, + int keyLen) + { + byte[] tmp = new byte[24]; + + switch (keyLen) + { + case 16: + Array.Copy(key, keyOff, tmp, 0, 16); + Array.Copy(key, keyOff, tmp, 16, 8); + break; + case 24: + Array.Copy(key, keyOff, tmp, 0, 24); + break; + default: + throw new ArgumentException("Bad length for DESede key: " + keyLen, "keyLen"); + } + + if (IsWeakKey(tmp)) + throw new ArgumentException("attempt to create weak DESede key"); + + return tmp; + } + + public DesEdeParameters( + byte[] key) + : base(FixKey(key, 0, key.Length)) + { + } + + public DesEdeParameters( + byte[] key, + int keyOff, + int keyLen) + : base(FixKey(key, keyOff, keyLen)) + { + } + + /** + * return true if the passed in key is a DES-EDE weak key. + * + * @param key bytes making up the key + * @param offset offset into the byte array the key starts at + * @param length number of bytes making up the key + */ + public static bool IsWeakKey( + byte[] key, + int offset, + int length) + { + for (int i = offset; i < length; i += DesKeyLength) + { + if (DesParameters.IsWeakKey(key, i)) + { + return true; + } + } + + return false; + } + + /** + * return true if the passed in key is a DES-EDE weak key. + * + * @param key bytes making up the key + * @param offset offset into the byte array the key starts at + */ + public static new bool IsWeakKey( + byte[] key, + int offset) + { + return IsWeakKey(key, offset, key.Length - offset); + } + + public static new bool IsWeakKey( + byte[] key) + { + return IsWeakKey(key, 0, key.Length); + } + + /** + * return true if the passed in key is a real 2/3 part DES-EDE key. + * + * @param key bytes making up the key + * @param offset offset into the byte array the key starts at + */ + public static bool IsRealEdeKey(byte[] key, int offset) + { + return key.Length == 16 ? IsReal2Key(key, offset) : IsReal3Key(key, offset); + } + + /** + * return true if the passed in key is a real 2 part DES-EDE key. + * + * @param key bytes making up the key + * @param offset offset into the byte array the key starts at + */ + public static bool IsReal2Key(byte[] key, int offset) + { + bool isValid = false; + for (int i = offset; i != offset + 8; i++) + { + isValid |= (key[i] != key[i + 8]); + } + return isValid; + } + + /** + * return true if the passed in key is a real 3 part DES-EDE key. + * + * @param key bytes making up the key + * @param offset offset into the byte array the key starts at + */ + public static bool IsReal3Key(byte[] key, int offset) + { + bool diff12 = false, diff13 = false, diff23 = false; + for (int i = offset; i != offset + 8; i++) + { + diff12 |= (key[i] != key[i + 8]); + diff13 |= (key[i] != key[i + 16]); + diff23 |= (key[i + 8] != key[i + 16]); + } + return diff12 && diff13 && diff23; + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/parameters/DesParameters.cs b/BouncyCastle/crypto/src/crypto/parameters/DesParameters.cs new file mode 100644 index 0000000..a1f67e2 --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/parameters/DesParameters.cs @@ -0,0 +1,139 @@ +using System; + +namespace Org.BouncyCastle.Crypto.Parameters +{ + public class DesParameters + : KeyParameter + { + public DesParameters( + byte[] key) + : base(key) + { + if (IsWeakKey(key)) + throw new ArgumentException("attempt to create weak DES key"); + } + + public DesParameters( + byte[] key, + int keyOff, + int keyLen) + : base(key, keyOff, keyLen) + { + if (IsWeakKey(key, keyOff)) + throw new ArgumentException("attempt to create weak DES key"); + } + + /* + * DES Key Length in bytes. + */ + public const int DesKeyLength = 8; + + /* + * Table of weak and semi-weak keys taken from Schneier pp281 + */ + private const int N_DES_WEAK_KEYS = 16; + + private static readonly byte[] DES_weak_keys = + { + /* weak keys */ + (byte)0x01,(byte)0x01,(byte)0x01,(byte)0x01, (byte)0x01,(byte)0x01,(byte)0x01,(byte)0x01, + (byte)0x1f,(byte)0x1f,(byte)0x1f,(byte)0x1f, (byte)0x0e,(byte)0x0e,(byte)0x0e,(byte)0x0e, + (byte)0xe0,(byte)0xe0,(byte)0xe0,(byte)0xe0, (byte)0xf1,(byte)0xf1,(byte)0xf1,(byte)0xf1, + (byte)0xfe,(byte)0xfe,(byte)0xfe,(byte)0xfe, (byte)0xfe,(byte)0xfe,(byte)0xfe,(byte)0xfe, + + /* semi-weak keys */ + (byte)0x01,(byte)0xfe,(byte)0x01,(byte)0xfe, (byte)0x01,(byte)0xfe,(byte)0x01,(byte)0xfe, + (byte)0x1f,(byte)0xe0,(byte)0x1f,(byte)0xe0, (byte)0x0e,(byte)0xf1,(byte)0x0e,(byte)0xf1, + (byte)0x01,(byte)0xe0,(byte)0x01,(byte)0xe0, (byte)0x01,(byte)0xf1,(byte)0x01,(byte)0xf1, + (byte)0x1f,(byte)0xfe,(byte)0x1f,(byte)0xfe, (byte)0x0e,(byte)0xfe,(byte)0x0e,(byte)0xfe, + (byte)0x01,(byte)0x1f,(byte)0x01,(byte)0x1f, (byte)0x01,(byte)0x0e,(byte)0x01,(byte)0x0e, + (byte)0xe0,(byte)0xfe,(byte)0xe0,(byte)0xfe, (byte)0xf1,(byte)0xfe,(byte)0xf1,(byte)0xfe, + (byte)0xfe,(byte)0x01,(byte)0xfe,(byte)0x01, (byte)0xfe,(byte)0x01,(byte)0xfe,(byte)0x01, + (byte)0xe0,(byte)0x1f,(byte)0xe0,(byte)0x1f, (byte)0xf1,(byte)0x0e,(byte)0xf1,(byte)0x0e, + (byte)0xe0,(byte)0x01,(byte)0xe0,(byte)0x01, (byte)0xf1,(byte)0x01,(byte)0xf1,(byte)0x01, + (byte)0xfe,(byte)0x1f,(byte)0xfe,(byte)0x1f, (byte)0xfe,(byte)0x0e,(byte)0xfe,(byte)0x0e, + (byte)0x1f,(byte)0x01,(byte)0x1f,(byte)0x01, (byte)0x0e,(byte)0x01,(byte)0x0e,(byte)0x01, + (byte)0xfe,(byte)0xe0,(byte)0xfe,(byte)0xe0, (byte)0xfe,(byte)0xf1,(byte)0xfe,(byte)0xf1 + }; + + /** + * DES has 16 weak keys. This method will check + * if the given DES key material is weak or semi-weak. + * Key material that is too short is regarded as weak. + *

+ * See "Applied + * Cryptography" by Bruce Schneier for more information. + *

+ * @return true if the given DES key material is weak or semi-weak, + * false otherwise. + */ + public static bool IsWeakKey( + byte[] key, + int offset) + { + if (key.Length - offset < DesKeyLength) + throw new ArgumentException("key material too short."); + + //nextkey: + for (int i = 0; i < N_DES_WEAK_KEYS; i++) + { + bool unmatch = false; + for (int j = 0; j < DesKeyLength; j++) + { + if (key[j + offset] != DES_weak_keys[i * DesKeyLength + j]) + { + //continue nextkey; + unmatch = true; + break; + } + } + + if (!unmatch) + { + return true; + } + } + + return false; + } + + public static bool IsWeakKey( + byte[] key) + { + return IsWeakKey(key, 0); + } + + public static byte SetOddParity(byte b) + { + uint parity = b ^ 1U; + parity ^= (parity >> 4); + parity ^= (parity >> 2); + parity ^= (parity >> 1); + parity &= 1U; + + return (byte)(b ^ parity); + } + + /** + * DES Keys use the LSB as the odd parity bit. This can + * be used to check for corrupt keys. + * + * @param bytes the byte array to set the parity on. + */ + public static void SetOddParity(byte[] bytes) + { + for (int i = 0; i < bytes.Length; i++) + { + bytes[i] = SetOddParity(bytes[i]); + } + } + + public static void SetOddParity(byte[] bytes, int off, int len) + { + for (int i = 0; i < len; i++) + { + bytes[off + i] = SetOddParity(bytes[off + i]); + } + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/parameters/DsaKeyGenerationParameters.cs b/BouncyCastle/crypto/src/crypto/parameters/DsaKeyGenerationParameters.cs new file mode 100644 index 0000000..86d6f5b --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/parameters/DsaKeyGenerationParameters.cs @@ -0,0 +1,26 @@ +using System; + +using Org.BouncyCastle.Security; + +namespace Org.BouncyCastle.Crypto.Parameters +{ + public class DsaKeyGenerationParameters + : KeyGenerationParameters + { + private readonly DsaParameters parameters; + + public DsaKeyGenerationParameters( + SecureRandom random, + DsaParameters parameters) + : base(random, parameters.P.BitLength - 1) + { + this.parameters = parameters; + } + + public DsaParameters Parameters + { + get { return parameters; } + } + } + +} diff --git a/BouncyCastle/crypto/src/crypto/parameters/DsaKeyParameters.cs b/BouncyCastle/crypto/src/crypto/parameters/DsaKeyParameters.cs new file mode 100644 index 0000000..5fe6d7a --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/parameters/DsaKeyParameters.cs @@ -0,0 +1,59 @@ +using System; + +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Crypto.Parameters +{ + public abstract class DsaKeyParameters + : AsymmetricKeyParameter + { + private readonly DsaParameters parameters; + + protected DsaKeyParameters( + bool isPrivate, + DsaParameters parameters) + : base(isPrivate) + { + // Note: parameters may be null + this.parameters = parameters; + } + + public DsaParameters Parameters + { + get { return parameters; } + } + + public override bool Equals( + object obj) + { + if (obj == this) + return true; + + DsaKeyParameters other = obj as DsaKeyParameters; + + if (other == null) + return false; + + return Equals(other); + } + + protected bool Equals( + DsaKeyParameters other) + { + return Platform.Equals(parameters, other.parameters) + && base.Equals(other); + } + + public override int GetHashCode() + { + int hc = base.GetHashCode(); + + if (parameters != null) + { + hc ^= parameters.GetHashCode(); + } + + return hc; + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/parameters/DsaParameters.cs b/BouncyCastle/crypto/src/crypto/parameters/DsaParameters.cs new file mode 100644 index 0000000..50d080e --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/parameters/DsaParameters.cs @@ -0,0 +1,85 @@ +using System; + +using Org.BouncyCastle.Math; + +namespace Org.BouncyCastle.Crypto.Parameters +{ + public class DsaParameters + : ICipherParameters + { + private readonly BigInteger p, q , g; + private readonly DsaValidationParameters validation; + + public DsaParameters( + BigInteger p, + BigInteger q, + BigInteger g) + : this(p, q, g, null) + { + } + + public DsaParameters( + BigInteger p, + BigInteger q, + BigInteger g, + DsaValidationParameters parameters) + { + if (p == null) + throw new ArgumentNullException("p"); + if (q == null) + throw new ArgumentNullException("q"); + if (g == null) + throw new ArgumentNullException("g"); + + this.p = p; + this.q = q; + this.g = g; + this.validation = parameters; + } + + public BigInteger P + { + get { return p; } + } + + public BigInteger Q + { + get { return q; } + } + + public BigInteger G + { + get { return g; } + } + + public DsaValidationParameters ValidationParameters + { + get { return validation; } + } + + public override bool Equals( + object obj) + { + if (obj == this) + return true; + + DsaParameters other = obj as DsaParameters; + + if (other == null) + return false; + + return Equals(other); + } + + protected bool Equals( + DsaParameters other) + { + return p.Equals(other.p) && q.Equals(other.q) && g.Equals(other.g); + } + + public override int GetHashCode() + { + return p.GetHashCode() ^ q.GetHashCode() ^ g.GetHashCode(); + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/parameters/DsaPrivateKeyParameters.cs b/BouncyCastle/crypto/src/crypto/parameters/DsaPrivateKeyParameters.cs new file mode 100644 index 0000000..2abdd0e --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/parameters/DsaPrivateKeyParameters.cs @@ -0,0 +1,53 @@ +using System; + +using Org.BouncyCastle.Math; + +namespace Org.BouncyCastle.Crypto.Parameters +{ + public class DsaPrivateKeyParameters + : DsaKeyParameters + { + private readonly BigInteger x; + + public DsaPrivateKeyParameters( + BigInteger x, + DsaParameters parameters) + : base(true, parameters) + { + if (x == null) + throw new ArgumentNullException("x"); + + this.x = x; + } + + public BigInteger X + { + get { return x; } + } + + public override bool Equals( + object obj) + { + if (obj == this) + return true; + + DsaPrivateKeyParameters other = obj as DsaPrivateKeyParameters; + + if (other == null) + return false; + + return Equals(other); + } + + protected bool Equals( + DsaPrivateKeyParameters other) + { + return x.Equals(other.x) && base.Equals(other); + } + + public override int GetHashCode() + { + return x.GetHashCode() ^ base.GetHashCode(); + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/parameters/DsaPublicKeyParameters.cs b/BouncyCastle/crypto/src/crypto/parameters/DsaPublicKeyParameters.cs new file mode 100644 index 0000000..3a81bfd --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/parameters/DsaPublicKeyParameters.cs @@ -0,0 +1,68 @@ +using System; + +using Org.BouncyCastle.Math; + +namespace Org.BouncyCastle.Crypto.Parameters +{ + public class DsaPublicKeyParameters + : DsaKeyParameters + { + private static BigInteger Validate(BigInteger y, DsaParameters parameters) + { + // we can't validate without params, fortunately we can't use the key either... + if (parameters != null) + { + if (y.CompareTo(BigInteger.Two) < 0 + || y.CompareTo(parameters.P.Subtract(BigInteger.Two)) > 0 + || !y.ModPow(parameters.Q, parameters.P).Equals(BigInteger.One)) + { + throw new ArgumentException("y value does not appear to be in correct group"); + } + } + + return y; + } + + private readonly BigInteger y; + + public DsaPublicKeyParameters( + BigInteger y, + DsaParameters parameters) + : base(false, parameters) + { + if (y == null) + throw new ArgumentNullException("y"); + + this.y = Validate(y, parameters); + } + + public BigInteger Y + { + get { return y; } + } + + public override bool Equals(object obj) + { + if (obj == this) + return true; + + DsaPublicKeyParameters other = obj as DsaPublicKeyParameters; + + if (other == null) + return false; + + return Equals(other); + } + + protected bool Equals( + DsaPublicKeyParameters other) + { + return y.Equals(other.y) && base.Equals(other); + } + + public override int GetHashCode() + { + return y.GetHashCode() ^ base.GetHashCode(); + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/parameters/DsaValidationParameters.cs b/BouncyCastle/crypto/src/crypto/parameters/DsaValidationParameters.cs new file mode 100644 index 0000000..c2f84c7 --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/parameters/DsaValidationParameters.cs @@ -0,0 +1,72 @@ +using System; + +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Crypto.Parameters +{ + public class DsaValidationParameters + { + private readonly byte[] seed; + private readonly int counter; + private readonly int usageIndex; + + public DsaValidationParameters(byte[] seed, int counter) + : this(seed, counter, -1) + { + } + + public DsaValidationParameters( + byte[] seed, + int counter, + int usageIndex) + { + if (seed == null) + throw new ArgumentNullException("seed"); + + this.seed = (byte[]) seed.Clone(); + this.counter = counter; + this.usageIndex = usageIndex; + } + + public virtual byte[] GetSeed() + { + return (byte[]) seed.Clone(); + } + + public virtual int Counter + { + get { return counter; } + } + + public virtual int UsageIndex + { + get { return usageIndex; } + } + + public override bool Equals( + object obj) + { + if (obj == this) + return true; + + DsaValidationParameters other = obj as DsaValidationParameters; + + if (other == null) + return false; + + return Equals(other); + } + + protected virtual bool Equals( + DsaValidationParameters other) + { + return counter == other.counter + && Arrays.AreEqual(seed, other.seed); + } + + public override int GetHashCode() + { + return counter.GetHashCode() ^ Arrays.GetHashCode(seed); + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/parameters/ECDomainParameters.cs b/BouncyCastle/crypto/src/crypto/parameters/ECDomainParameters.cs new file mode 100644 index 0000000..b5ca183 --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/parameters/ECDomainParameters.cs @@ -0,0 +1,171 @@ +using System; + +using Org.BouncyCastle.Asn1.X9; +using Org.BouncyCastle.Math; +using Org.BouncyCastle.Math.EC; +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Crypto.Parameters +{ + public class ECDomainParameters + { + private readonly ECCurve curve; + private readonly byte[] seed; + private readonly ECPoint g; + private readonly BigInteger n; + private readonly BigInteger h; + + private BigInteger hInv; + + public ECDomainParameters(X9ECParameters x9) + : this(x9.Curve, x9.G, x9.N, x9.H, x9.GetSeed()) + { + } + + public ECDomainParameters( + ECCurve curve, + ECPoint g, + BigInteger n) + : this(curve, g, n, BigInteger.One, null) + { + } + + public ECDomainParameters( + ECCurve curve, + ECPoint g, + BigInteger n, + BigInteger h) + : this(curve, g, n, h, null) + { + } + + public ECDomainParameters( + ECCurve curve, + ECPoint g, + BigInteger n, + BigInteger h, + byte[] seed) + { + if (curve == null) + throw new ArgumentNullException("curve"); + if (g == null) + throw new ArgumentNullException("g"); + if (n == null) + throw new ArgumentNullException("n"); + // we can't check for h == null here as h is optional in X9.62 as it is not required for ECDSA + + this.curve = curve; + this.g = ValidatePublicPoint(curve, g); + this.n = n; + this.h = h; + this.seed = Arrays.Clone(seed); + } + + public ECCurve Curve + { + get { return curve; } + } + + public ECPoint G + { + get { return g; } + } + + public BigInteger N + { + get { return n; } + } + + public BigInteger H + { + get { return h; } + } + + public BigInteger HInv + { + get + { + lock (this) + { + if (hInv == null) + { + hInv = BigIntegers.ModOddInverseVar(n, h); + } + return hInv; + } + } + } + + public byte[] GetSeed() + { + return Arrays.Clone(seed); + } + + public override bool Equals( + object obj) + { + if (obj == this) + return true; + + ECDomainParameters other = obj as ECDomainParameters; + + if (other == null) + return false; + + return Equals(other); + } + + protected virtual bool Equals( + ECDomainParameters other) + { + return curve.Equals(other.curve) + && g.Equals(other.g) + && n.Equals(other.n); + } + + public override int GetHashCode() + { + //return Arrays.GetHashCode(new object[]{ curve, g, n }); + int hc = 4; + hc *= 257; + hc ^= curve.GetHashCode(); + hc *= 257; + hc ^= g.GetHashCode(); + hc *= 257; + hc ^= n.GetHashCode(); + return hc; + } + + public BigInteger ValidatePrivateScalar(BigInteger d) + { + if (null == d) + throw new ArgumentNullException("d", "Scalar cannot be null"); + + if (d.CompareTo(BigInteger.One) < 0 || (d.CompareTo(N) >= 0)) + throw new ArgumentException("Scalar is not in the interval [1, n - 1]", "d"); + + return d; + } + + public ECPoint ValidatePublicPoint(ECPoint q) + { + return ValidatePublicPoint(Curve, q); + } + + internal static ECPoint ValidatePublicPoint(ECCurve c, ECPoint q) + { + if (null == q) + throw new ArgumentNullException("q", "Point cannot be null"); + + q = ECAlgorithms.ImportPoint(c, q).Normalize(); + + if (q.IsInfinity) + throw new ArgumentException("Point at infinity", "q"); + + if (!q.IsValid()) + throw new ArgumentException("Point not on curve", "q"); + + return q; + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/parameters/ECGOST3410Parameters.cs b/BouncyCastle/crypto/src/crypto/parameters/ECGOST3410Parameters.cs new file mode 100644 index 0000000..6abcb16 --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/parameters/ECGOST3410Parameters.cs @@ -0,0 +1,53 @@ +using System; + +using Org.BouncyCastle.Asn1; +using Org.BouncyCastle.Math; +using Org.BouncyCastle.Math.EC; + +namespace Org.BouncyCastle.Crypto.Parameters +{ + public class ECGost3410Parameters + : ECNamedDomainParameters + { + private readonly DerObjectIdentifier _publicKeyParamSet; + private readonly DerObjectIdentifier _digestParamSet; + private readonly DerObjectIdentifier _encryptionParamSet; + + public DerObjectIdentifier PublicKeyParamSet + { + get { return _publicKeyParamSet; } + } + + public DerObjectIdentifier DigestParamSet + { + get { return _digestParamSet; } + } + + public DerObjectIdentifier EncryptionParamSet + { + get { return _encryptionParamSet; } + } + + public ECGost3410Parameters( + ECNamedDomainParameters dp, + DerObjectIdentifier publicKeyParamSet, + DerObjectIdentifier digestParamSet, + DerObjectIdentifier encryptionParamSet) + : base(dp.Name, dp.Curve, dp.G, dp.N, dp.H, dp.GetSeed()) + { + this._publicKeyParamSet = publicKeyParamSet; + this._digestParamSet = digestParamSet; + this._encryptionParamSet = encryptionParamSet; + } + + public ECGost3410Parameters(ECDomainParameters dp, DerObjectIdentifier publicKeyParamSet, + DerObjectIdentifier digestParamSet, + DerObjectIdentifier encryptionParamSet) + : base(publicKeyParamSet, dp.Curve, dp.G, dp.N, dp.H, dp.GetSeed()) + { + this._publicKeyParamSet = publicKeyParamSet; + this._digestParamSet = digestParamSet; + this._encryptionParamSet = encryptionParamSet; + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/parameters/ECKeyGenerationParameters.cs b/BouncyCastle/crypto/src/crypto/parameters/ECKeyGenerationParameters.cs new file mode 100644 index 0000000..9b2b988 --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/parameters/ECKeyGenerationParameters.cs @@ -0,0 +1,41 @@ +using System; + +using Org.BouncyCastle.Asn1; +using Org.BouncyCastle.Asn1.CryptoPro; +using Org.BouncyCastle.Security; + +namespace Org.BouncyCastle.Crypto.Parameters +{ + public class ECKeyGenerationParameters + : KeyGenerationParameters + { + private readonly ECDomainParameters domainParams; + private readonly DerObjectIdentifier publicKeyParamSet; + + public ECKeyGenerationParameters( + ECDomainParameters domainParameters, + SecureRandom random) + : base(random, domainParameters.N.BitLength) + { + this.domainParams = domainParameters; + } + + public ECKeyGenerationParameters( + DerObjectIdentifier publicKeyParamSet, + SecureRandom random) + : this(ECKeyParameters.LookupParameters(publicKeyParamSet), random) + { + this.publicKeyParamSet = publicKeyParamSet; + } + + public ECDomainParameters DomainParameters + { + get { return domainParams; } + } + + public DerObjectIdentifier PublicKeyParamSet + { + get { return publicKeyParamSet; } + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/parameters/ECKeyParameters.cs b/BouncyCastle/crypto/src/crypto/parameters/ECKeyParameters.cs new file mode 100644 index 0000000..49bd4fe --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/parameters/ECKeyParameters.cs @@ -0,0 +1,127 @@ +using System; +using System.Collections; + +using Org.BouncyCastle.Asn1; +using Org.BouncyCastle.Asn1.CryptoPro; +using Org.BouncyCastle.Asn1.X9; +using Org.BouncyCastle.Crypto.Generators; +using Org.BouncyCastle.Security; +using Org.BouncyCastle.Utilities; +using Org.BouncyCastle.Utilities.Collections; + +namespace Org.BouncyCastle.Crypto.Parameters +{ + public abstract class ECKeyParameters + : AsymmetricKeyParameter + { + private static readonly string[] algorithms = { "EC", "ECDSA", "ECDH", "ECDHC", "ECGOST3410", "ECMQV" }; + + private readonly string algorithm; + private readonly ECDomainParameters parameters; + private readonly DerObjectIdentifier publicKeyParamSet; + + protected ECKeyParameters( + string algorithm, + bool isPrivate, + ECDomainParameters parameters) + : base(isPrivate) + { + if (algorithm == null) + throw new ArgumentNullException("algorithm"); + if (parameters == null) + throw new ArgumentNullException("parameters"); + + this.algorithm = VerifyAlgorithmName(algorithm); + this.parameters = parameters; + } + + protected ECKeyParameters( + string algorithm, + bool isPrivate, + DerObjectIdentifier publicKeyParamSet) + : base(isPrivate) + { + if (algorithm == null) + throw new ArgumentNullException("algorithm"); + if (publicKeyParamSet == null) + throw new ArgumentNullException("publicKeyParamSet"); + + this.algorithm = VerifyAlgorithmName(algorithm); + this.parameters = LookupParameters(publicKeyParamSet); + this.publicKeyParamSet = publicKeyParamSet; + } + + public string AlgorithmName + { + get { return algorithm; } + } + + public ECDomainParameters Parameters + { + get { return parameters; } + } + + public DerObjectIdentifier PublicKeyParamSet + { + get { return publicKeyParamSet; } + } + + public override bool Equals( + object obj) + { + if (obj == this) + return true; + + ECDomainParameters other = obj as ECDomainParameters; + + if (other == null) + return false; + + return Equals(other); + } + + protected bool Equals( + ECKeyParameters other) + { + return parameters.Equals(other.parameters) && base.Equals(other); + } + + public override int GetHashCode() + { + return parameters.GetHashCode() ^ base.GetHashCode(); + } + + internal ECKeyGenerationParameters CreateKeyGenerationParameters( + SecureRandom random) + { + if (publicKeyParamSet != null) + { + return new ECKeyGenerationParameters(publicKeyParamSet, random); + } + + return new ECKeyGenerationParameters(parameters, random); + } + + internal static string VerifyAlgorithmName(string algorithm) + { + string upper = Platform.ToUpperInvariant(algorithm); + if (Array.IndexOf(algorithms, algorithm, 0, algorithms.Length) < 0) + throw new ArgumentException("unrecognised algorithm: " + algorithm, "algorithm"); + return upper; + } + + internal static ECDomainParameters LookupParameters( + DerObjectIdentifier publicKeyParamSet) + { + if (publicKeyParamSet == null) + throw new ArgumentNullException("publicKeyParamSet"); + + X9ECParameters x9 = ECKeyPairGenerator.FindECCurveByOid(publicKeyParamSet); + + if (x9 == null) + throw new ArgumentException("OID is not a valid public key parameter set", "publicKeyParamSet"); + + return new ECDomainParameters(x9); + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/parameters/ECNamedDomainParameters.cs b/BouncyCastle/crypto/src/crypto/parameters/ECNamedDomainParameters.cs new file mode 100644 index 0000000..aa20e32 --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/parameters/ECNamedDomainParameters.cs @@ -0,0 +1,49 @@ +using System; + +using Org.BouncyCastle.Asn1; +using Org.BouncyCastle.Asn1.X9; +using Org.BouncyCastle.Math; +using Org.BouncyCastle.Math.EC; + +namespace Org.BouncyCastle.Crypto.Parameters +{ + public class ECNamedDomainParameters + : ECDomainParameters + { + private readonly DerObjectIdentifier name; + + public DerObjectIdentifier Name + { + get { return name; } + } + + public ECNamedDomainParameters(DerObjectIdentifier name, ECDomainParameters dp) + : this(name, dp.Curve, dp.G, dp.N, dp.H, dp.GetSeed()) + { + } + + public ECNamedDomainParameters(DerObjectIdentifier name, X9ECParameters x9) + : base(x9) + { + this.name = name; + } + + public ECNamedDomainParameters(DerObjectIdentifier name, ECCurve curve, ECPoint g, BigInteger n) + : base(curve, g, n) + { + this.name = name; + } + + public ECNamedDomainParameters(DerObjectIdentifier name, ECCurve curve, ECPoint g, BigInteger n, BigInteger h) + : base(curve, g, n, h) + { + this.name = name; + } + + public ECNamedDomainParameters(DerObjectIdentifier name, ECCurve curve, ECPoint g, BigInteger n, BigInteger h, byte[] seed) + : base(curve, g, n, h, seed) + { + this.name = name; + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/parameters/ECPrivateKeyParameters.cs b/BouncyCastle/crypto/src/crypto/parameters/ECPrivateKeyParameters.cs new file mode 100644 index 0000000..47e53ef --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/parameters/ECPrivateKeyParameters.cs @@ -0,0 +1,78 @@ +using System; +using System.Globalization; + +using Org.BouncyCastle.Asn1; +using Org.BouncyCastle.Math; + +namespace Org.BouncyCastle.Crypto.Parameters +{ + public class ECPrivateKeyParameters + : ECKeyParameters + { + private readonly BigInteger d; + + public ECPrivateKeyParameters( + BigInteger d, + ECDomainParameters parameters) + : this("EC", d, parameters) + { + } + + [Obsolete("Use version with explicit 'algorithm' parameter")] + public ECPrivateKeyParameters( + BigInteger d, + DerObjectIdentifier publicKeyParamSet) + : base("ECGOST3410", true, publicKeyParamSet) + { + this.d = Parameters.ValidatePrivateScalar(d); + } + + public ECPrivateKeyParameters( + string algorithm, + BigInteger d, + ECDomainParameters parameters) + : base(algorithm, true, parameters) + { + this.d = Parameters.ValidatePrivateScalar(d); + } + + public ECPrivateKeyParameters( + string algorithm, + BigInteger d, + DerObjectIdentifier publicKeyParamSet) + : base(algorithm, true, publicKeyParamSet) + { + this.d = Parameters.ValidatePrivateScalar(d); + } + + public BigInteger D + { + get { return d; } + } + + public override bool Equals( + object obj) + { + if (obj == this) + return true; + + ECPrivateKeyParameters other = obj as ECPrivateKeyParameters; + + if (other == null) + return false; + + return Equals(other); + } + + protected bool Equals( + ECPrivateKeyParameters other) + { + return d.Equals(other.d) && base.Equals(other); + } + + public override int GetHashCode() + { + return d.GetHashCode() ^ base.GetHashCode(); + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/parameters/ECPublicKeyParameters.cs b/BouncyCastle/crypto/src/crypto/parameters/ECPublicKeyParameters.cs new file mode 100644 index 0000000..d43ac7e --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/parameters/ECPublicKeyParameters.cs @@ -0,0 +1,77 @@ +using System; +using System.Globalization; + +using Org.BouncyCastle.Asn1; +using Org.BouncyCastle.Math.EC; + +namespace Org.BouncyCastle.Crypto.Parameters +{ + public class ECPublicKeyParameters + : ECKeyParameters + { + private readonly ECPoint q; + + public ECPublicKeyParameters( + ECPoint q, + ECDomainParameters parameters) + : this("EC", q, parameters) + { + } + + [Obsolete("Use version with explicit 'algorithm' parameter")] + public ECPublicKeyParameters( + ECPoint q, + DerObjectIdentifier publicKeyParamSet) + : base("ECGOST3410", false, publicKeyParamSet) + { + this.q = ECDomainParameters.ValidatePublicPoint(Parameters.Curve, q); + } + + public ECPublicKeyParameters( + string algorithm, + ECPoint q, + ECDomainParameters parameters) + : base(algorithm, false, parameters) + { + this.q = ECDomainParameters.ValidatePublicPoint(Parameters.Curve, q); + } + + public ECPublicKeyParameters( + string algorithm, + ECPoint q, + DerObjectIdentifier publicKeyParamSet) + : base(algorithm, false, publicKeyParamSet) + { + this.q = ECDomainParameters.ValidatePublicPoint(Parameters.Curve, q); + } + + public ECPoint Q + { + get { return q; } + } + + public override bool Equals(object obj) + { + if (obj == this) + return true; + + ECPublicKeyParameters other = obj as ECPublicKeyParameters; + + if (other == null) + return false; + + return Equals(other); + } + + protected bool Equals( + ECPublicKeyParameters other) + { + return q.Equals(other.q) && base.Equals(other); + } + + public override int GetHashCode() + { + return q.GetHashCode() ^ base.GetHashCode(); + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/parameters/Ed25519KeyGenerationParameters.cs b/BouncyCastle/crypto/src/crypto/parameters/Ed25519KeyGenerationParameters.cs new file mode 100644 index 0000000..daf3856 --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/parameters/Ed25519KeyGenerationParameters.cs @@ -0,0 +1,15 @@ +using System; + +using Org.BouncyCastle.Security; + +namespace Org.BouncyCastle.Crypto.Parameters +{ + public class Ed25519KeyGenerationParameters + : KeyGenerationParameters + { + public Ed25519KeyGenerationParameters(SecureRandom random) + : base(random, 256) + { + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/parameters/Ed25519PrivateKeyParameters.cs b/BouncyCastle/crypto/src/crypto/parameters/Ed25519PrivateKeyParameters.cs new file mode 100644 index 0000000..4e61a0f --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/parameters/Ed25519PrivateKeyParameters.cs @@ -0,0 +1,123 @@ +using System; +using System.IO; + +using Org.BouncyCastle.Math.EC.Rfc8032; +using Org.BouncyCastle.Security; +using Org.BouncyCastle.Utilities; +using Org.BouncyCastle.Utilities.IO; + +namespace Org.BouncyCastle.Crypto.Parameters +{ + public sealed class Ed25519PrivateKeyParameters + : AsymmetricKeyParameter + { + public static readonly int KeySize = Ed25519.SecretKeySize; + public static readonly int SignatureSize = Ed25519.SignatureSize; + + private readonly byte[] data = new byte[KeySize]; + + private Ed25519PublicKeyParameters cachedPublicKey; + + public Ed25519PrivateKeyParameters(SecureRandom random) + : base(true) + { + Ed25519.GeneratePrivateKey(random, data); + } + + public Ed25519PrivateKeyParameters(byte[] buf) + : this(Validate(buf), 0) + { + } + + public Ed25519PrivateKeyParameters(byte[] buf, int off) + : base(true) + { + Array.Copy(buf, off, data, 0, KeySize); + } + + public Ed25519PrivateKeyParameters(Stream input) + : base(true) + { + if (KeySize != Streams.ReadFully(input, data)) + throw new EndOfStreamException("EOF encountered in middle of Ed25519 private key"); + } + + public void Encode(byte[] buf, int off) + { + Array.Copy(data, 0, buf, off, KeySize); + } + + public byte[] GetEncoded() + { + return Arrays.Clone(data); + } + + public Ed25519PublicKeyParameters GeneratePublicKey() + { + lock (data) + { + if (null == cachedPublicKey) + { + byte[] publicKey = new byte[Ed25519.PublicKeySize]; + Ed25519.GeneratePublicKey(data, 0, publicKey, 0); + cachedPublicKey = new Ed25519PublicKeyParameters(publicKey, 0); + } + + return cachedPublicKey; + } + } + + [Obsolete("Use overload that doesn't take a public key")] + public void Sign(Ed25519.Algorithm algorithm, Ed25519PublicKeyParameters publicKey, byte[] ctx, byte[] msg, int msgOff, int msgLen, + byte[] sig, int sigOff) + { + Sign(algorithm, ctx, msg, msgOff, msgLen, sig, sigOff); + } + + public void Sign(Ed25519.Algorithm algorithm, byte[] ctx, byte[] msg, int msgOff, int msgLen, + byte[] sig, int sigOff) + { + Ed25519PublicKeyParameters publicKey = GeneratePublicKey(); + + byte[] pk = new byte[Ed25519.PublicKeySize]; + publicKey.Encode(pk, 0); + + switch (algorithm) + { + case Ed25519.Algorithm.Ed25519: + { + if (null != ctx) + throw new ArgumentException("ctx"); + + Ed25519.Sign(data, 0, pk, 0, msg, msgOff, msgLen, sig, sigOff); + break; + } + case Ed25519.Algorithm.Ed25519ctx: + { + Ed25519.Sign(data, 0, pk, 0, ctx, msg, msgOff, msgLen, sig, sigOff); + break; + } + case Ed25519.Algorithm.Ed25519ph: + { + if (Ed25519.PrehashSize != msgLen) + throw new ArgumentException("msgLen"); + + Ed25519.SignPrehash(data, 0, pk, 0, ctx, msg, msgOff, sig, sigOff); + break; + } + default: + { + throw new ArgumentException("algorithm"); + } + } + } + + private static byte[] Validate(byte[] buf) + { + if (buf.Length != KeySize) + throw new ArgumentException("must have length " + KeySize, "buf"); + + return buf; + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/parameters/Ed25519PublicKeyParameters.cs b/BouncyCastle/crypto/src/crypto/parameters/Ed25519PublicKeyParameters.cs new file mode 100644 index 0000000..8a9139e --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/parameters/Ed25519PublicKeyParameters.cs @@ -0,0 +1,53 @@ +using System; +using System.IO; + +using Org.BouncyCastle.Math.EC.Rfc8032; +using Org.BouncyCastle.Utilities; +using Org.BouncyCastle.Utilities.IO; + +namespace Org.BouncyCastle.Crypto.Parameters +{ + public sealed class Ed25519PublicKeyParameters + : AsymmetricKeyParameter + { + public static readonly int KeySize = Ed25519.PublicKeySize; + + private readonly byte[] data = new byte[KeySize]; + + public Ed25519PublicKeyParameters(byte[] buf) + : this(Validate(buf), 0) + { + } + + public Ed25519PublicKeyParameters(byte[] buf, int off) + : base(false) + { + Array.Copy(buf, off, data, 0, KeySize); + } + + public Ed25519PublicKeyParameters(Stream input) + : base(false) + { + if (KeySize != Streams.ReadFully(input, data)) + throw new EndOfStreamException("EOF encountered in middle of Ed25519 public key"); + } + + public void Encode(byte[] buf, int off) + { + Array.Copy(data, 0, buf, off, KeySize); + } + + public byte[] GetEncoded() + { + return Arrays.Clone(data); + } + + private static byte[] Validate(byte[] buf) + { + if (buf.Length != KeySize) + throw new ArgumentException("must have length " + KeySize, "buf"); + + return buf; + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/parameters/Ed448KeyGenerationParameters.cs b/BouncyCastle/crypto/src/crypto/parameters/Ed448KeyGenerationParameters.cs new file mode 100644 index 0000000..830d15a --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/parameters/Ed448KeyGenerationParameters.cs @@ -0,0 +1,15 @@ +using System; + +using Org.BouncyCastle.Security; + +namespace Org.BouncyCastle.Crypto.Parameters +{ + public class Ed448KeyGenerationParameters + : KeyGenerationParameters + { + public Ed448KeyGenerationParameters(SecureRandom random) + : base(random, 448) + { + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/parameters/Ed448PrivateKeyParameters.cs b/BouncyCastle/crypto/src/crypto/parameters/Ed448PrivateKeyParameters.cs new file mode 100644 index 0000000..705ad8c --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/parameters/Ed448PrivateKeyParameters.cs @@ -0,0 +1,115 @@ +using System; +using System.IO; + +using Org.BouncyCastle.Math.EC.Rfc8032; +using Org.BouncyCastle.Security; +using Org.BouncyCastle.Utilities; +using Org.BouncyCastle.Utilities.IO; + +namespace Org.BouncyCastle.Crypto.Parameters +{ + public sealed class Ed448PrivateKeyParameters + : AsymmetricKeyParameter + { + public static readonly int KeySize = Ed448.SecretKeySize; + public static readonly int SignatureSize = Ed448.SignatureSize; + + private readonly byte[] data = new byte[KeySize]; + + private Ed448PublicKeyParameters cachedPublicKey; + + public Ed448PrivateKeyParameters(SecureRandom random) + : base(true) + { + Ed448.GeneratePrivateKey(random, data); + } + + public Ed448PrivateKeyParameters(byte[] buf) + : this(Validate(buf), 0) + { + } + + public Ed448PrivateKeyParameters(byte[] buf, int off) + : base(true) + { + Array.Copy(buf, off, data, 0, KeySize); + } + + public Ed448PrivateKeyParameters(Stream input) + : base(true) + { + if (KeySize != Streams.ReadFully(input, data)) + throw new EndOfStreamException("EOF encountered in middle of Ed448 private key"); + } + + public void Encode(byte[] buf, int off) + { + Array.Copy(data, 0, buf, off, KeySize); + } + + public byte[] GetEncoded() + { + return Arrays.Clone(data); + } + + public Ed448PublicKeyParameters GeneratePublicKey() + { + lock (data) + { + if (null == cachedPublicKey) + { + byte[] publicKey = new byte[Ed448.PublicKeySize]; + Ed448.GeneratePublicKey(data, 0, publicKey, 0); + cachedPublicKey = new Ed448PublicKeyParameters(publicKey, 0); + } + + return cachedPublicKey; + } + } + + [Obsolete("Use overload that doesn't take a public key")] + public void Sign(Ed448.Algorithm algorithm, Ed448PublicKeyParameters publicKey, byte[] ctx, byte[] msg, int msgOff, int msgLen, + byte[] sig, int sigOff) + { + Sign(algorithm, ctx, msg, msgOff, msgLen, sig, sigOff); + } + + public void Sign(Ed448.Algorithm algorithm, byte[] ctx, byte[] msg, int msgOff, int msgLen, + byte[] sig, int sigOff) + { + Ed448PublicKeyParameters publicKey = GeneratePublicKey(); + + byte[] pk = new byte[Ed448.PublicKeySize]; + publicKey.Encode(pk, 0); + + switch (algorithm) + { + case Ed448.Algorithm.Ed448: + { + Ed448.Sign(data, 0, pk, 0, ctx, msg, msgOff, msgLen, sig, sigOff); + break; + } + case Ed448.Algorithm.Ed448ph: + { + if (Ed448.PrehashSize != msgLen) + throw new ArgumentException("msgLen"); + + Ed448.SignPrehash(data, 0, pk, 0, ctx, msg, msgOff, sig, sigOff); + break; + } + default: + { + throw new ArgumentException("algorithm"); + } + } + } + + private static byte[] Validate(byte[] buf) + { + if (buf.Length != KeySize) + throw new ArgumentException("must have length " + KeySize, "buf"); + + return buf; + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/parameters/Ed448PublicKeyParameters.cs b/BouncyCastle/crypto/src/crypto/parameters/Ed448PublicKeyParameters.cs new file mode 100644 index 0000000..8a89be0 --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/parameters/Ed448PublicKeyParameters.cs @@ -0,0 +1,53 @@ +using System; +using System.IO; + +using Org.BouncyCastle.Math.EC.Rfc8032; +using Org.BouncyCastle.Utilities; +using Org.BouncyCastle.Utilities.IO; + +namespace Org.BouncyCastle.Crypto.Parameters +{ + public sealed class Ed448PublicKeyParameters + : AsymmetricKeyParameter + { + public static readonly int KeySize = Ed448.PublicKeySize; + + private readonly byte[] data = new byte[KeySize]; + + public Ed448PublicKeyParameters(byte[] buf) + : this(Validate(buf), 0) + { + } + + public Ed448PublicKeyParameters(byte[] buf, int off) + : base(false) + { + Array.Copy(buf, off, data, 0, KeySize); + } + + public Ed448PublicKeyParameters(Stream input) + : base(false) + { + if (KeySize != Streams.ReadFully(input, data)) + throw new EndOfStreamException("EOF encountered in middle of Ed448 public key"); + } + + public void Encode(byte[] buf, int off) + { + Array.Copy(data, 0, buf, off, KeySize); + } + + public byte[] GetEncoded() + { + return Arrays.Clone(data); + } + + private static byte[] Validate(byte[] buf) + { + if (buf.Length != KeySize) + throw new ArgumentException("must have length " + KeySize, "buf"); + + return buf; + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/parameters/ElGamalKeyGenerationParameters.cs b/BouncyCastle/crypto/src/crypto/parameters/ElGamalKeyGenerationParameters.cs new file mode 100644 index 0000000..40ca70d --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/parameters/ElGamalKeyGenerationParameters.cs @@ -0,0 +1,31 @@ +using System; + +using Org.BouncyCastle.Security; + +namespace Org.BouncyCastle.Crypto.Parameters +{ + public class ElGamalKeyGenerationParameters + : KeyGenerationParameters + { + private readonly ElGamalParameters parameters; + + public ElGamalKeyGenerationParameters( + SecureRandom random, + ElGamalParameters parameters) + : base(random, GetStrength(parameters)) + { + this.parameters = parameters; + } + + public ElGamalParameters Parameters + { + get { return parameters; } + } + + internal static int GetStrength( + ElGamalParameters parameters) + { + return parameters.L != 0 ? parameters.L : parameters.P.BitLength; + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/parameters/ElGamalKeyParameters.cs b/BouncyCastle/crypto/src/crypto/parameters/ElGamalKeyParameters.cs new file mode 100644 index 0000000..8b6e279 --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/parameters/ElGamalKeyParameters.cs @@ -0,0 +1,59 @@ +using System; + +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Crypto.Parameters +{ + public class ElGamalKeyParameters + : AsymmetricKeyParameter + { + private readonly ElGamalParameters parameters; + + protected ElGamalKeyParameters( + bool isPrivate, + ElGamalParameters parameters) + : base(isPrivate) + { + // TODO Should we allow 'parameters' to be null? + this.parameters = parameters; + } + + public ElGamalParameters Parameters + { + get { return parameters; } + } + + public override bool Equals( + object obj) + { + if (obj == this) + return true; + + ElGamalKeyParameters other = obj as ElGamalKeyParameters; + + if (other == null) + return false; + + return Equals(other); + } + + protected bool Equals( + ElGamalKeyParameters other) + { + return Platform.Equals(parameters, other.parameters) + && base.Equals(other); + } + + public override int GetHashCode() + { + int hc = base.GetHashCode(); + + if (parameters != null) + { + hc ^= parameters.GetHashCode(); + } + + return hc; + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/parameters/ElGamalParameters.cs b/BouncyCastle/crypto/src/crypto/parameters/ElGamalParameters.cs new file mode 100644 index 0000000..ab6d3e7 --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/parameters/ElGamalParameters.cs @@ -0,0 +1,81 @@ +using System; + +using Org.BouncyCastle.Math; + +namespace Org.BouncyCastle.Crypto.Parameters +{ + public class ElGamalParameters + : ICipherParameters + { + private readonly BigInteger p, g; + private readonly int l; + + public ElGamalParameters( + BigInteger p, + BigInteger g) + : this(p, g, 0) + { + } + + public ElGamalParameters( + BigInteger p, + BigInteger g, + int l) + { + if (p == null) + throw new ArgumentNullException("p"); + if (g == null) + throw new ArgumentNullException("g"); + + this.p = p; + this.g = g; + this.l = l; + } + + public BigInteger P + { + get { return p; } + } + + /** + * return the generator - g + */ + public BigInteger G + { + get { return g; } + } + + /** + * return private value limit - l + */ + public int L + { + get { return l; } + } + + public override bool Equals( + object obj) + { + if (obj == this) + return true; + + ElGamalParameters other = obj as ElGamalParameters; + + if (other == null) + return false; + + return Equals(other); + } + + protected bool Equals( + ElGamalParameters other) + { + return p.Equals(other.p) && g.Equals(other.g) && l == other.l; + } + + public override int GetHashCode() + { + return p.GetHashCode() ^ g.GetHashCode() ^ l; + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/parameters/ElGamalPrivateKeyParameters.cs b/BouncyCastle/crypto/src/crypto/parameters/ElGamalPrivateKeyParameters.cs new file mode 100644 index 0000000..6363f2b --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/parameters/ElGamalPrivateKeyParameters.cs @@ -0,0 +1,53 @@ +using System; + +using Org.BouncyCastle.Math; + +namespace Org.BouncyCastle.Crypto.Parameters +{ + public class ElGamalPrivateKeyParameters + : ElGamalKeyParameters + { + private readonly BigInteger x; + + public ElGamalPrivateKeyParameters( + BigInteger x, + ElGamalParameters parameters) + : base(true, parameters) + { + if (x == null) + throw new ArgumentNullException("x"); + + this.x = x; + } + + public BigInteger X + { + get { return x; } + } + + public override bool Equals( + object obj) + { + if (obj == this) + return true; + + ElGamalPrivateKeyParameters other = obj as ElGamalPrivateKeyParameters; + + if (other == null) + return false; + + return Equals(other); + } + + protected bool Equals( + ElGamalPrivateKeyParameters other) + { + return other.x.Equals(x) && base.Equals(other); + } + + public override int GetHashCode() + { + return x.GetHashCode() ^ base.GetHashCode(); + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/parameters/ElGamalPublicKeyParameters.cs b/BouncyCastle/crypto/src/crypto/parameters/ElGamalPublicKeyParameters.cs new file mode 100644 index 0000000..25ac625 --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/parameters/ElGamalPublicKeyParameters.cs @@ -0,0 +1,53 @@ +using System; + +using Org.BouncyCastle.Math; + +namespace Org.BouncyCastle.Crypto.Parameters +{ + public class ElGamalPublicKeyParameters + : ElGamalKeyParameters + { + private readonly BigInteger y; + + public ElGamalPublicKeyParameters( + BigInteger y, + ElGamalParameters parameters) + : base(false, parameters) + { + if (y == null) + throw new ArgumentNullException("y"); + + this.y = y; + } + + public BigInteger Y + { + get { return y; } + } + + public override bool Equals( + object obj) + { + if (obj == this) + return true; + + ElGamalPublicKeyParameters other = obj as ElGamalPublicKeyParameters; + + if (other == null) + return false; + + return Equals(other); + } + + protected bool Equals( + ElGamalPublicKeyParameters other) + { + return y.Equals(other.y) && base.Equals(other); + } + + public override int GetHashCode() + { + return y.GetHashCode() ^ base.GetHashCode(); + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/parameters/FpeParameters.cs b/BouncyCastle/crypto/src/crypto/parameters/FpeParameters.cs new file mode 100644 index 0000000..ab88333 --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/parameters/FpeParameters.cs @@ -0,0 +1,49 @@ +using System; + +using Org.BouncyCastle.Crypto; +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Crypto.Parameters +{ +public sealed class FpeParameters + : ICipherParameters +{ + private readonly KeyParameter key; + private readonly int radix; + private readonly byte[] tweak; + private readonly bool useInverse; + + public FpeParameters(KeyParameter key, int radix, byte[] tweak): this(key, radix, tweak, false) + { + + } + + public FpeParameters(KeyParameter key, int radix, byte[] tweak, bool useInverse) + { + this.key = key; + this.radix = radix; + this.tweak = Arrays.Clone(tweak); + this.useInverse = useInverse; + } + + public KeyParameter Key + { + get { return key; } + } + + public int Radix + { + get { return radix; } + } + + public bool UseInverseFunction + { + get { return useInverse; } + } + + public byte[] GetTweak() + { + return Arrays.Clone(tweak); + } +} +} diff --git a/BouncyCastle/crypto/src/crypto/parameters/GOST3410KeyGenerationParameters.cs b/BouncyCastle/crypto/src/crypto/parameters/GOST3410KeyGenerationParameters.cs new file mode 100644 index 0000000..b06a5d8 --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/parameters/GOST3410KeyGenerationParameters.cs @@ -0,0 +1,55 @@ +using System; + +using Org.BouncyCastle.Asn1; +using Org.BouncyCastle.Asn1.CryptoPro; +using Org.BouncyCastle.Security; + +namespace Org.BouncyCastle.Crypto.Parameters +{ + public class Gost3410KeyGenerationParameters + : KeyGenerationParameters + { + private readonly Gost3410Parameters parameters; + private readonly DerObjectIdentifier publicKeyParamSet; + + public Gost3410KeyGenerationParameters( + SecureRandom random, + Gost3410Parameters parameters) + : base(random, parameters.P.BitLength - 1) + { + this.parameters = parameters; + } + + public Gost3410KeyGenerationParameters( + SecureRandom random, + DerObjectIdentifier publicKeyParamSet) + : this(random, LookupParameters(publicKeyParamSet)) + { + this.publicKeyParamSet = publicKeyParamSet; + } + + public Gost3410Parameters Parameters + { + get { return parameters; } + } + + public DerObjectIdentifier PublicKeyParamSet + { + get { return publicKeyParamSet; } + } + + private static Gost3410Parameters LookupParameters( + DerObjectIdentifier publicKeyParamSet) + { + if (publicKeyParamSet == null) + throw new ArgumentNullException("publicKeyParamSet"); + + Gost3410ParamSetParameters p = Gost3410NamedParameters.GetByOid(publicKeyParamSet); + + if (p == null) + throw new ArgumentException("OID is not a valid CryptoPro public key parameter set", "publicKeyParamSet"); + + return new Gost3410Parameters(p.P, p.Q, p.A); + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/parameters/GOST3410KeyParameters.cs b/BouncyCastle/crypto/src/crypto/parameters/GOST3410KeyParameters.cs new file mode 100644 index 0000000..f771c4d --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/parameters/GOST3410KeyParameters.cs @@ -0,0 +1,58 @@ +using System; + +using Org.BouncyCastle.Asn1; +using Org.BouncyCastle.Asn1.CryptoPro; +using Org.BouncyCastle.Math; + +namespace Org.BouncyCastle.Crypto.Parameters +{ + public abstract class Gost3410KeyParameters + : AsymmetricKeyParameter + { + private readonly Gost3410Parameters parameters; + private readonly DerObjectIdentifier publicKeyParamSet; + + protected Gost3410KeyParameters( + bool isPrivate, + Gost3410Parameters parameters) + : base(isPrivate) + { + this.parameters = parameters; + } + + protected Gost3410KeyParameters( + bool isPrivate, + DerObjectIdentifier publicKeyParamSet) + : base(isPrivate) + { + this.parameters = LookupParameters(publicKeyParamSet); + this.publicKeyParamSet = publicKeyParamSet; + } + + public Gost3410Parameters Parameters + { + get { return parameters; } + } + + public DerObjectIdentifier PublicKeyParamSet + { + get { return publicKeyParamSet; } + } + + // TODO Implement Equals/GetHashCode + + private static Gost3410Parameters LookupParameters( + DerObjectIdentifier publicKeyParamSet) + { + if (publicKeyParamSet == null) + throw new ArgumentNullException("publicKeyParamSet"); + + Gost3410ParamSetParameters p = Gost3410NamedParameters.GetByOid(publicKeyParamSet); + + if (p == null) + throw new ArgumentException("OID is not a valid CryptoPro public key parameter set", "publicKeyParamSet"); + + return new Gost3410Parameters(p.P, p.Q, p.A); + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/parameters/GOST3410Parameters.cs b/BouncyCastle/crypto/src/crypto/parameters/GOST3410Parameters.cs new file mode 100644 index 0000000..2ec167e --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/parameters/GOST3410Parameters.cs @@ -0,0 +1,86 @@ +using System; + +using Org.BouncyCastle.Crypto; +using Org.BouncyCastle.Math; + +namespace Org.BouncyCastle.Crypto.Parameters +{ + public class Gost3410Parameters + : ICipherParameters + { + private readonly BigInteger p, q, a; + private readonly Gost3410ValidationParameters validation; + + public Gost3410Parameters( + BigInteger p, + BigInteger q, + BigInteger a) + : this(p, q, a, null) + { + } + + public Gost3410Parameters( + BigInteger p, + BigInteger q, + BigInteger a, + Gost3410ValidationParameters validation) + { + if (p == null) + throw new ArgumentNullException("p"); + if (q == null) + throw new ArgumentNullException("q"); + if (a == null) + throw new ArgumentNullException("a"); + + this.p = p; + this.q = q; + this.a = a; + this.validation = validation; + } + + public BigInteger P + { + get { return p; } + } + + public BigInteger Q + { + get { return q; } + } + + public BigInteger A + { + get { return a; } + } + + public Gost3410ValidationParameters ValidationParameters + { + get { return validation; } + } + + public override bool Equals( + object obj) + { + if (obj == this) + return true; + + Gost3410Parameters other = obj as Gost3410Parameters; + + if (other == null) + return false; + + return Equals(other); + } + + protected bool Equals( + Gost3410Parameters other) + { + return p.Equals(other.p) && q.Equals(other.q) && a.Equals(other.a); + } + + public override int GetHashCode() + { + return p.GetHashCode() ^ q.GetHashCode() ^ a.GetHashCode(); + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/parameters/GOST3410PrivateKeyParameters.cs b/BouncyCastle/crypto/src/crypto/parameters/GOST3410PrivateKeyParameters.cs new file mode 100644 index 0000000..e3a613d --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/parameters/GOST3410PrivateKeyParameters.cs @@ -0,0 +1,41 @@ +using System; + +using Org.BouncyCastle.Asn1; +using Org.BouncyCastle.Asn1.CryptoPro; +using Org.BouncyCastle.Math; + +namespace Org.BouncyCastle.Crypto.Parameters +{ + public class Gost3410PrivateKeyParameters + : Gost3410KeyParameters + { + private readonly BigInteger x; + + public Gost3410PrivateKeyParameters( + BigInteger x, + Gost3410Parameters parameters) + : base(true, parameters) + { + if (x.SignValue < 1 || x.BitLength > 256 || x.CompareTo(Parameters.Q) >= 0) + throw new ArgumentException("Invalid x for GOST3410 private key", "x"); + + this.x = x; + } + + public Gost3410PrivateKeyParameters( + BigInteger x, + DerObjectIdentifier publicKeyParamSet) + : base(true, publicKeyParamSet) + { + if (x.SignValue < 1 || x.BitLength > 256 || x.CompareTo(Parameters.Q) >= 0) + throw new ArgumentException("Invalid x for GOST3410 private key", "x"); + + this.x = x; + } + + public BigInteger X + { + get { return x; } + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/parameters/GOST3410PublicKeyParameters.cs b/BouncyCastle/crypto/src/crypto/parameters/GOST3410PublicKeyParameters.cs new file mode 100644 index 0000000..96b7e91 --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/parameters/GOST3410PublicKeyParameters.cs @@ -0,0 +1,40 @@ +using System; + +using Org.BouncyCastle.Asn1; +using Org.BouncyCastle.Math; + +namespace Org.BouncyCastle.Crypto.Parameters +{ + public class Gost3410PublicKeyParameters + : Gost3410KeyParameters + { + private readonly BigInteger y; + + public Gost3410PublicKeyParameters( + BigInteger y, + Gost3410Parameters parameters) + : base(false, parameters) + { + if (y.SignValue < 1 || y.CompareTo(Parameters.P) >= 0) + throw new ArgumentException("Invalid y for GOST3410 public key", "y"); + + this.y = y; + } + + public Gost3410PublicKeyParameters( + BigInteger y, + DerObjectIdentifier publicKeyParamSet) + : base(false, publicKeyParamSet) + { + if (y.SignValue < 1 || y.CompareTo(Parameters.P) >= 0) + throw new ArgumentException("Invalid y for GOST3410 public key", "y"); + + this.y = y; + } + + public BigInteger Y + { + get { return y; } + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/parameters/GOST3410ValidationParameters.cs b/BouncyCastle/crypto/src/crypto/parameters/GOST3410ValidationParameters.cs new file mode 100644 index 0000000..21e5af8 --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/parameters/GOST3410ValidationParameters.cs @@ -0,0 +1,51 @@ +using System; + +namespace Org.BouncyCastle.Crypto.Parameters +{ + public class Gost3410ValidationParameters + { + private int x0; + private int c; + private long x0L; + private long cL; + + public Gost3410ValidationParameters( + int x0, + int c) + { + this.x0 = x0; + this.c = c; + } + + public Gost3410ValidationParameters( + long x0L, + long cL) + { + this.x0L = x0L; + this.cL = cL; + } + + public int C { get { return c; } } + public int X0 { get { return x0; } } + public long CL { get { return cL; } } + public long X0L { get { return x0L; } } + + public override bool Equals( + object obj) + { + Gost3410ValidationParameters other = obj as Gost3410ValidationParameters; + + return other != null + && other.c == this.c + && other.x0 == this.x0 + && other.cL == this.cL + && other.x0L == this.x0L; + } + + public override int GetHashCode() + { + return c.GetHashCode() ^ x0.GetHashCode() ^ cL.GetHashCode() ^ x0L.GetHashCode(); + } + + } +} diff --git a/BouncyCastle/crypto/src/crypto/parameters/HKdfParameters.cs b/BouncyCastle/crypto/src/crypto/parameters/HKdfParameters.cs new file mode 100644 index 0000000..6d1465e --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/parameters/HKdfParameters.cs @@ -0,0 +1,119 @@ +using System; + +using Org.BouncyCastle.Crypto.Macs; +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Crypto.Parameters +{ + /** + * Parameter class for the HkdfBytesGenerator class. + */ + public class HkdfParameters + : IDerivationParameters + { + private readonly byte[] ikm; + private readonly bool skipExpand; + private readonly byte[] salt; + private readonly byte[] info; + + private HkdfParameters(byte[] ikm, bool skip, byte[] salt, byte[] info) + { + if (ikm == null) + throw new ArgumentNullException("ikm"); + + this.ikm = Arrays.Clone(ikm); + this.skipExpand = skip; + + if (salt == null || salt.Length == 0) + { + this.salt = null; + } + else + { + this.salt = Arrays.Clone(salt); + } + + if (info == null) + { + this.info = new byte[0]; + } + else + { + this.info = Arrays.Clone(info); + } + } + + /** + * Generates parameters for HKDF, specifying both the optional salt and + * optional info. Step 1: Extract won't be skipped. + * + * @param ikm the input keying material or seed + * @param salt the salt to use, may be null for a salt for hashLen zeros + * @param info the info to use, may be null for an info field of zero bytes + */ + public HkdfParameters(byte[] ikm, byte[] salt, byte[] info) + : this(ikm, false, salt, info) + { + } + + /** + * Factory method that makes the HKDF skip the extract part of the key + * derivation function. + * + * @param ikm the input keying material or seed, directly used for step 2: + * Expand + * @param info the info to use, may be null for an info field of zero bytes + * @return HKDFParameters that makes the implementation skip step 1 + */ + public static HkdfParameters SkipExtractParameters(byte[] ikm, byte[] info) + { + return new HkdfParameters(ikm, true, null, info); + } + + public static HkdfParameters DefaultParameters(byte[] ikm) + { + return new HkdfParameters(ikm, false, null, null); + } + + /** + * Returns the input keying material or seed. + * + * @return the keying material + */ + public virtual byte[] GetIkm() + { + return Arrays.Clone(ikm); + } + + /** + * Returns if step 1: extract has to be skipped or not + * + * @return true for skipping, false for no skipping of step 1 + */ + public virtual bool SkipExtract + { + get { return skipExpand; } + } + + /** + * Returns the salt, or null if the salt should be generated as a byte array + * of HashLen zeros. + * + * @return the salt, or null + */ + public virtual byte[] GetSalt() + { + return Arrays.Clone(salt); + } + + /** + * Returns the info field, which may be empty (null is converted to empty). + * + * @return the info field, never null + */ + public virtual byte[] GetInfo() + { + return Arrays.Clone(info); + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/parameters/ISO18033KDFParameters.cs b/BouncyCastle/crypto/src/crypto/parameters/ISO18033KDFParameters.cs new file mode 100644 index 0000000..2d8fff8 --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/parameters/ISO18033KDFParameters.cs @@ -0,0 +1,25 @@ +using System; +using Org.BouncyCastle.Crypto; + +namespace Org.BouncyCastle.Crypto.Parameters +{ + /** + * parameters for Key derivation functions for ISO-18033 + */ + public class Iso18033KdfParameters + : IDerivationParameters + { + byte[] seed; + + public Iso18033KdfParameters( + byte[] seed) + { + this.seed = seed; + } + + public byte[] GetSeed() + { + return seed; + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/parameters/IesParameters.cs b/BouncyCastle/crypto/src/crypto/parameters/IesParameters.cs new file mode 100644 index 0000000..d306b2c --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/parameters/IesParameters.cs @@ -0,0 +1,49 @@ +using System; +using Org.BouncyCastle.Crypto; + +namespace Org.BouncyCastle.Crypto.Parameters +{ + /** + * parameters for using an integrated cipher in stream mode. + */ + public class IesParameters : ICipherParameters + { + private byte[] derivation; + private byte[] encoding; + private int macKeySize; + + /** + * @param derivation the derivation parameter for the KDF function. + * @param encoding the encoding parameter for the KDF function. + * @param macKeySize the size of the MAC key (in bits). + */ + public IesParameters( + byte[] derivation, + byte[] encoding, + int macKeySize) + { + this.derivation = derivation; + this.encoding = encoding; + this.macKeySize = macKeySize; + } + + public byte[] GetDerivationV() + { + return derivation; + } + + public byte[] GetEncodingV() + { + return encoding; + } + + public int MacKeySize + { + get + { + return macKeySize; + } + } + } + +} diff --git a/BouncyCastle/crypto/src/crypto/parameters/IesWithCipherParameters.cs b/BouncyCastle/crypto/src/crypto/parameters/IesWithCipherParameters.cs new file mode 100644 index 0000000..70ef55d --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/parameters/IesWithCipherParameters.cs @@ -0,0 +1,33 @@ +using System; + +namespace Org.BouncyCastle.Crypto.Parameters +{ + public class IesWithCipherParameters : IesParameters + { + private int cipherKeySize; + + /** + * @param derivation the derivation parameter for the KDF function. + * @param encoding the encoding parameter for the KDF function. + * @param macKeySize the size of the MAC key (in bits). + * @param cipherKeySize the size of the associated Cipher key (in bits). + */ + public IesWithCipherParameters( + byte[] derivation, + byte[] encoding, + int macKeySize, + int cipherKeySize) : base(derivation, encoding, macKeySize) + { + this.cipherKeySize = cipherKeySize; + } + + public int CipherKeySize + { + get + { + return cipherKeySize; + } + } + } + +} diff --git a/BouncyCastle/crypto/src/crypto/parameters/KDFCounterParameters.cs b/BouncyCastle/crypto/src/crypto/parameters/KDFCounterParameters.cs new file mode 100644 index 0000000..49d6f7d --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/parameters/KDFCounterParameters.cs @@ -0,0 +1,92 @@ +using System; + +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Crypto.Parameters +{ + public class KdfCounterParameters : IDerivationParameters + { + private byte[] ki; + private byte[] fixedInputDataCounterPrefix; + private byte[] fixedInputDataCounterSuffix; + private int r; + + /// + /// Base constructor - suffix fixed input data only. + /// + /// the KDF seed + /// fixed input data to follow counter. + /// length of the counter in bits + public KdfCounterParameters(byte[] ki, byte[] fixedInputDataCounterSuffix, int r) : this(ki, null, fixedInputDataCounterSuffix, r) + { + } + + + + /// + /// Base constructor - prefix and suffix fixed input data. + /// + /// the KDF seed + /// fixed input data to precede counter + /// fixed input data to follow counter. + /// length of the counter in bits. + public KdfCounterParameters(byte[] ki, byte[] fixedInputDataCounterPrefix, byte[] fixedInputDataCounterSuffix, int r) + { + if (ki == null) + { + throw new ArgumentException("A KDF requires Ki (a seed) as input"); + } + this.ki = Arrays.Clone(ki); + + if (fixedInputDataCounterPrefix == null) + { + this.fixedInputDataCounterPrefix = new byte[0]; + } + else + { + this.fixedInputDataCounterPrefix = Arrays.Clone(fixedInputDataCounterPrefix); + } + + if (fixedInputDataCounterSuffix == null) + { + this.fixedInputDataCounterSuffix = new byte[0]; + } + else + { + this.fixedInputDataCounterSuffix = Arrays.Clone(fixedInputDataCounterSuffix); + } + + if (r != 8 && r != 16 && r != 24 && r != 32) + { + throw new ArgumentException("Length of counter should be 8, 16, 24 or 32"); + } + this.r = r; + } + + public byte[] Ki + { + get { return ki; } + } + + public byte[] FixedInputData + { + get { return Arrays.Clone(fixedInputDataCounterSuffix); } + } + + public byte[] FixedInputDataCounterPrefix + { + get { return Arrays.Clone(fixedInputDataCounterPrefix); } + + } + + public byte[] FixedInputDataCounterSuffix + { + get { return Arrays.Clone(fixedInputDataCounterSuffix); } + } + + public int R + { + get { return r; } + } + } +} \ No newline at end of file diff --git a/BouncyCastle/crypto/src/crypto/parameters/KDFDoublePipelineIterationParameters.cs b/BouncyCastle/crypto/src/crypto/parameters/KDFDoublePipelineIterationParameters.cs new file mode 100644 index 0000000..9e2a68b --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/parameters/KDFDoublePipelineIterationParameters.cs @@ -0,0 +1,77 @@ +using System; + +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Crypto.Parameters +{ + public class KdfDoublePipelineIterationParameters : IDerivationParameters + { + // could be any valid value, using 32, don't know why + private static readonly int UNUSED_R = 32; + + private readonly byte[] ki; + private readonly bool useCounter; + private readonly int r; + private readonly byte[] fixedInputData; + + private KdfDoublePipelineIterationParameters(byte[] ki, byte[] fixedInputData, int r, bool useCounter) + { + if (ki == null) + { + throw new ArgumentException("A KDF requires Ki (a seed) as input"); + } + + this.ki = Arrays.Clone(ki); + + if (fixedInputData == null) + { + this.fixedInputData = new byte[0]; + } + else + { + this.fixedInputData = Arrays.Clone(fixedInputData); + } + + if (r != 8 && r != 16 && r != 24 && r != 32) + { + throw new ArgumentException("Length of counter should be 8, 16, 24 or 32"); + } + + this.r = r; + + this.useCounter = useCounter; + } + + public static KdfDoublePipelineIterationParameters CreateWithCounter( + byte[] ki, byte[] fixedInputData, int r) + { + return new KdfDoublePipelineIterationParameters(ki, fixedInputData, r, true); + } + + public static KdfDoublePipelineIterationParameters CreateWithoutCounter( + byte[] ki, byte[] fixedInputData) + { + return new KdfDoublePipelineIterationParameters(ki, fixedInputData, UNUSED_R, false); + } + + public byte[] Ki + { + get { return Arrays.Clone(ki); } + } + + public bool UseCounter + { + get { return useCounter; } + } + + public int R + { + get { return r; } + } + + public byte[] FixedInputData + { + get { return Arrays.Clone(fixedInputData); } + } + } +} \ No newline at end of file diff --git a/BouncyCastle/crypto/src/crypto/parameters/KDFFeedbackParameters.cs b/BouncyCastle/crypto/src/crypto/parameters/KDFFeedbackParameters.cs new file mode 100644 index 0000000..86ea232 --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/parameters/KDFFeedbackParameters.cs @@ -0,0 +1,92 @@ +using System; + +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Crypto.Parameters +{ + public class KdfFeedbackParameters : IDerivationParameters + { + // could be any valid value, using 32, don't know why + private static readonly int UNUSED_R = -1; + + private readonly byte[] ki; + private readonly byte[] iv; + private readonly bool useCounter; + private readonly int r; + private readonly byte[] fixedInputData; + + private KdfFeedbackParameters(byte[] ki, byte[] iv, byte[] fixedInputData, int r, bool useCounter) + { + if (ki == null) + { + throw new ArgumentException("A KDF requires Ki (a seed) as input"); + } + + this.ki = Arrays.Clone(ki); + + if (fixedInputData == null) + { + this.fixedInputData = new byte[0]; + } + else + { + this.fixedInputData = Arrays.Clone(fixedInputData); + } + + this.r = r; + + if (iv == null) + { + this.iv = new byte[0]; + } + else + { + this.iv = Arrays.Clone(iv); + } + + this.useCounter = useCounter; + } + + public static KdfFeedbackParameters CreateWithCounter( + byte[] ki, byte[] iv, byte[] fixedInputData, int r) + { + if (r != 8 && r != 16 && r != 24 && r != 32) + { + throw new ArgumentException("Length of counter should be 8, 16, 24 or 32"); + } + + return new KdfFeedbackParameters(ki, iv, fixedInputData, r, true); + } + + public static KdfFeedbackParameters CreateWithoutCounter( + byte[] ki, byte[] iv, byte[] fixedInputData) + { + return new KdfFeedbackParameters(ki, iv, fixedInputData, UNUSED_R, false); + } + + public byte[] Ki + { + get { return Arrays.Clone(ki); } + } + + public byte[] Iv + { + get { return Arrays.Clone(iv); } + } + + public bool UseCounter + { + get { return useCounter; } + } + + public int R + { + get { return r; } + } + + public byte[] FixedInputData + { + get { return Arrays.Clone(fixedInputData); } + } + } +} \ No newline at end of file diff --git a/BouncyCastle/crypto/src/crypto/parameters/KdfParameters.cs b/BouncyCastle/crypto/src/crypto/parameters/KdfParameters.cs new file mode 100644 index 0000000..bc5c905 --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/parameters/KdfParameters.cs @@ -0,0 +1,33 @@ +using System; +using Org.BouncyCastle.Crypto; + +namespace Org.BouncyCastle.Crypto.Parameters +{ + /** + * parameters for Key derivation functions for IEEE P1363a + */ + public class KdfParameters : IDerivationParameters + { + byte[] iv; + byte[] shared; + + public KdfParameters( + byte[] shared, + byte[] iv) + { + this.shared = shared; + this.iv = iv; + } + + public byte[] GetSharedSecret() + { + return shared; + } + + public byte[] GetIV() + { + return iv; + } + } + +} diff --git a/BouncyCastle/crypto/src/crypto/parameters/KeyParameter.cs b/BouncyCastle/crypto/src/crypto/parameters/KeyParameter.cs new file mode 100644 index 0000000..043adf2 --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/parameters/KeyParameter.cs @@ -0,0 +1,43 @@ +using System; + +using Org.BouncyCastle.Crypto; + +namespace Org.BouncyCastle.Crypto.Parameters +{ + public class KeyParameter + : ICipherParameters + { + private readonly byte[] key; + + public KeyParameter( + byte[] key) + { + if (key == null) + throw new ArgumentNullException("key"); + + this.key = (byte[]) key.Clone(); + } + + public KeyParameter( + byte[] key, + int keyOff, + int keyLen) + { + if (key == null) + throw new ArgumentNullException("key"); + if (keyOff < 0 || keyOff > key.Length) + throw new ArgumentOutOfRangeException("keyOff"); + if (keyLen < 0 || keyLen > (key.Length - keyOff)) + throw new ArgumentOutOfRangeException("keyLen"); + + this.key = new byte[keyLen]; + Array.Copy(key, keyOff, this.key, 0, keyLen); + } + + public byte[] GetKey() + { + return (byte[]) key.Clone(); + } + } + +} diff --git a/BouncyCastle/crypto/src/crypto/parameters/MgfParameters.cs b/BouncyCastle/crypto/src/crypto/parameters/MgfParameters.cs new file mode 100644 index 0000000..11983b8 --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/parameters/MgfParameters.cs @@ -0,0 +1,31 @@ +using System; + +namespace Org.BouncyCastle.Crypto.Parameters +{ + /// Parameters for mask derivation functions. + public class MgfParameters + : IDerivationParameters + { + private readonly byte[] seed; + + public MgfParameters( + byte[] seed) + : this(seed, 0, seed.Length) + { + } + + public MgfParameters( + byte[] seed, + int off, + int len) + { + this.seed = new byte[len]; + Array.Copy(seed, off, this.seed, 0, len); + } + + public byte[] GetSeed() + { + return (byte[]) seed.Clone(); + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/parameters/MqvPrivateParameters.cs b/BouncyCastle/crypto/src/crypto/parameters/MqvPrivateParameters.cs new file mode 100644 index 0000000..3714571 --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/parameters/MqvPrivateParameters.cs @@ -0,0 +1,67 @@ +using System; + +using Org.BouncyCastle.Math.EC; +using Org.BouncyCastle.Math.EC.Multiplier; + +namespace Org.BouncyCastle.Crypto.Parameters +{ + public class MqvPrivateParameters + : ICipherParameters + { + private readonly ECPrivateKeyParameters staticPrivateKey; + private readonly ECPrivateKeyParameters ephemeralPrivateKey; + private readonly ECPublicKeyParameters ephemeralPublicKey; + + public MqvPrivateParameters( + ECPrivateKeyParameters staticPrivateKey, + ECPrivateKeyParameters ephemeralPrivateKey) + : this(staticPrivateKey, ephemeralPrivateKey, null) + { + } + + public MqvPrivateParameters( + ECPrivateKeyParameters staticPrivateKey, + ECPrivateKeyParameters ephemeralPrivateKey, + ECPublicKeyParameters ephemeralPublicKey) + { + if (staticPrivateKey == null) + throw new ArgumentNullException("staticPrivateKey"); + if (ephemeralPrivateKey == null) + throw new ArgumentNullException("ephemeralPrivateKey"); + + ECDomainParameters parameters = staticPrivateKey.Parameters; + if (!parameters.Equals(ephemeralPrivateKey.Parameters)) + throw new ArgumentException("Static and ephemeral private keys have different domain parameters"); + + if (ephemeralPublicKey == null) + { + ECPoint q = new FixedPointCombMultiplier().Multiply(parameters.G, ephemeralPrivateKey.D); + + ephemeralPublicKey = new ECPublicKeyParameters(q, parameters); + } + else if (!parameters.Equals(ephemeralPublicKey.Parameters)) + { + throw new ArgumentException("Ephemeral public key has different domain parameters"); + } + + this.staticPrivateKey = staticPrivateKey; + this.ephemeralPrivateKey = ephemeralPrivateKey; + this.ephemeralPublicKey = ephemeralPublicKey; + } + + public virtual ECPrivateKeyParameters StaticPrivateKey + { + get { return staticPrivateKey; } + } + + public virtual ECPrivateKeyParameters EphemeralPrivateKey + { + get { return ephemeralPrivateKey; } + } + + public virtual ECPublicKeyParameters EphemeralPublicKey + { + get { return ephemeralPublicKey; } + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/parameters/MqvPublicParameters.cs b/BouncyCastle/crypto/src/crypto/parameters/MqvPublicParameters.cs new file mode 100644 index 0000000..239afa3 --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/parameters/MqvPublicParameters.cs @@ -0,0 +1,36 @@ +using System; + +namespace Org.BouncyCastle.Crypto.Parameters +{ + public class MqvPublicParameters + : ICipherParameters + { + private readonly ECPublicKeyParameters staticPublicKey; + private readonly ECPublicKeyParameters ephemeralPublicKey; + + public MqvPublicParameters( + ECPublicKeyParameters staticPublicKey, + ECPublicKeyParameters ephemeralPublicKey) + { + if (staticPublicKey == null) + throw new ArgumentNullException("staticPublicKey"); + if (ephemeralPublicKey == null) + throw new ArgumentNullException("ephemeralPublicKey"); + if (!staticPublicKey.Parameters.Equals(ephemeralPublicKey.Parameters)) + throw new ArgumentException("Static and ephemeral public keys have different domain parameters"); + + this.staticPublicKey = staticPublicKey; + this.ephemeralPublicKey = ephemeralPublicKey; + } + + public virtual ECPublicKeyParameters StaticPublicKey + { + get { return staticPublicKey; } + } + + public virtual ECPublicKeyParameters EphemeralPublicKey + { + get { return ephemeralPublicKey; } + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/parameters/NaccacheSternKeyGenerationParameters.cs b/BouncyCastle/crypto/src/crypto/parameters/NaccacheSternKeyGenerationParameters.cs new file mode 100644 index 0000000..44fc906 --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/parameters/NaccacheSternKeyGenerationParameters.cs @@ -0,0 +1,98 @@ +using System; + +using Org.BouncyCastle.Crypto; +using Org.BouncyCastle.Math; +using Org.BouncyCastle.Security; + +namespace Org.BouncyCastle.Crypto.Parameters +{ + /** + * Parameters for NaccacheStern public private key generation. For details on + * this cipher, please see + * + * http://www.gemplus.com/smart/rd/publications/pdf/NS98pkcs.pdf + */ + public class NaccacheSternKeyGenerationParameters : KeyGenerationParameters + { + // private BigInteger publicExponent; + private readonly int certainty; + private readonly int countSmallPrimes; + + /** + * Parameters for generating a NaccacheStern KeyPair. + * + * @param random + * The source of randomness + * @param strength + * The desired strength of the Key in Bits + * @param certainty + * the probability that the generated primes are not really prime + * as integer: 2^(-certainty) is then the probability + * @param countSmallPrimes + * How many small key factors are desired + */ + public NaccacheSternKeyGenerationParameters( + SecureRandom random, + int strength, + int certainty, + int countSmallPrimes) + : base(random, strength) + { + if (countSmallPrimes % 2 == 1) + throw new ArgumentException("countSmallPrimes must be a multiple of 2"); + if (countSmallPrimes < 30) + throw new ArgumentException("countSmallPrimes must be >= 30 for security reasons"); + + this.certainty = certainty; + this.countSmallPrimes = countSmallPrimes; + } + + /** + * Parameters for a NaccacheStern KeyPair. + * + * @param random + * The source of randomness + * @param strength + * The desired strength of the Key in Bits + * @param certainty + * the probability that the generated primes are not really prime + * as integer: 2^(-certainty) is then the probability + * @param cntSmallPrimes + * How many small key factors are desired + * @param debug + * Ignored + */ + [Obsolete("Use version without 'debug' parameter")] + public NaccacheSternKeyGenerationParameters( + SecureRandom random, + int strength, + int certainty, + int countSmallPrimes, + bool debug) + : this(random, strength, certainty, countSmallPrimes) + { + } + + /** + * @return Returns the certainty. + */ + public int Certainty + { + get { return certainty; } + } + + /** + * @return Returns the countSmallPrimes. + */ + public int CountSmallPrimes + { + get { return countSmallPrimes; } + } + + [Obsolete("Remove: always false")] + public bool IsDebug + { + get { return false; } + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/parameters/NaccacheSternKeyParameters.cs b/BouncyCastle/crypto/src/crypto/parameters/NaccacheSternKeyParameters.cs new file mode 100644 index 0000000..8be7ad8 --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/parameters/NaccacheSternKeyParameters.cs @@ -0,0 +1,44 @@ +using System; + +using Org.BouncyCastle.Math; + +namespace Org.BouncyCastle.Crypto.Parameters +{ + /** + * Public key parameters for NaccacheStern cipher. For details on this cipher, + * please see + * + * http://www.gemplus.com/smart/rd/publications/pdf/NS98pkcs.pdf + */ + public class NaccacheSternKeyParameters : AsymmetricKeyParameter + { + private readonly BigInteger g, n; + private readonly int lowerSigmaBound; + + /** + * @param privateKey + */ + public NaccacheSternKeyParameters(bool privateKey, BigInteger g, BigInteger n, int lowerSigmaBound) + : base(privateKey) + { + this.g = g; + this.n = n; + this.lowerSigmaBound = lowerSigmaBound; + } + + /** + * @return Returns the g. + */ + public BigInteger G { get { return g; } } + + /** + * @return Returns the lowerSigmaBound. + */ + public int LowerSigmaBound { get { return lowerSigmaBound; } } + + /** + * @return Returns the n. + */ + public BigInteger Modulus { get { return n; } } + } +} diff --git a/BouncyCastle/crypto/src/crypto/parameters/NaccacheSternPrivateKeyParameters.cs b/BouncyCastle/crypto/src/crypto/parameters/NaccacheSternPrivateKeyParameters.cs new file mode 100644 index 0000000..42a0454 --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/parameters/NaccacheSternPrivateKeyParameters.cs @@ -0,0 +1,79 @@ +using System; +using System.Collections; + +using Org.BouncyCastle.Math; + +namespace Org.BouncyCastle.Crypto.Parameters +{ + /** + * Private key parameters for NaccacheStern cipher. For details on this cipher, + * please see + * + * http://www.gemplus.com/smart/rd/publications/pdf/NS98pkcs.pdf + */ + public class NaccacheSternPrivateKeyParameters : NaccacheSternKeyParameters + { + private readonly BigInteger phiN; + private readonly IList smallPrimes; + +#if !(SILVERLIGHT || PORTABLE) + [Obsolete] + public NaccacheSternPrivateKeyParameters( + BigInteger g, + BigInteger n, + int lowerSigmaBound, + ArrayList smallPrimes, + BigInteger phiN) + : base(true, g, n, lowerSigmaBound) + { + this.smallPrimes = smallPrimes; + this.phiN = phiN; + } +#endif + + /** + * Constructs a NaccacheSternPrivateKey + * + * @param g + * the public enryption parameter g + * @param n + * the public modulus n = p*q + * @param lowerSigmaBound + * the public lower sigma bound up to which data can be encrypted + * @param smallPrimes + * the small primes, of which sigma is constructed in the right + * order + * @param phi_n + * the private modulus phi(n) = (p-1)(q-1) + */ + public NaccacheSternPrivateKeyParameters( + BigInteger g, + BigInteger n, + int lowerSigmaBound, + IList smallPrimes, + BigInteger phiN) + : base(true, g, n, lowerSigmaBound) + { + this.smallPrimes = smallPrimes; + this.phiN = phiN; + } + + public BigInteger PhiN + { + get { return phiN; } + } + +#if !(SILVERLIGHT || PORTABLE) + [Obsolete("Use 'SmallPrimesList' instead")] + public ArrayList SmallPrimes + { + get { return new ArrayList(smallPrimes); } + } +#endif + + public IList SmallPrimesList + { + get { return smallPrimes; } + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/parameters/ParametersWithID.cs b/BouncyCastle/crypto/src/crypto/parameters/ParametersWithID.cs new file mode 100644 index 0000000..37f6870 --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/parameters/ParametersWithID.cs @@ -0,0 +1,36 @@ +using System; + +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Crypto.Parameters +{ + public class ParametersWithID + : ICipherParameters + { + private readonly ICipherParameters parameters; + private readonly byte[] id; + + public ParametersWithID(ICipherParameters parameters, + byte[] id) + : this(parameters, id, 0, id.Length) + { + } + + public ParametersWithID(ICipherParameters parameters, + byte[] id, int idOff, int idLen) + { + this.parameters = parameters; + this.id = Arrays.CopyOfRange(id, idOff, idOff + idLen); + } + + public byte[] GetID() + { + return id; + } + + public ICipherParameters Parameters + { + get { return parameters; } + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/parameters/ParametersWithIV.cs b/BouncyCastle/crypto/src/crypto/parameters/ParametersWithIV.cs new file mode 100644 index 0000000..4b2eb93 --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/parameters/ParametersWithIV.cs @@ -0,0 +1,40 @@ +using System; + +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Crypto.Parameters +{ + public class ParametersWithIV + : ICipherParameters + { + private readonly ICipherParameters parameters; + private readonly byte[] iv; + + public ParametersWithIV(ICipherParameters parameters, + byte[] iv) + : this(parameters, iv, 0, iv.Length) + { + } + + public ParametersWithIV(ICipherParameters parameters, + byte[] iv, int ivOff, int ivLen) + { + // NOTE: 'parameters' may be null to imply key re-use + if (iv == null) + throw new ArgumentNullException("iv"); + + this.parameters = parameters; + this.iv = Arrays.CopyOfRange(iv, ivOff, ivOff + ivLen); + } + + public byte[] GetIV() + { + return (byte[])iv.Clone(); + } + + public ICipherParameters Parameters + { + get { return parameters; } + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/parameters/ParametersWithRandom.cs b/BouncyCastle/crypto/src/crypto/parameters/ParametersWithRandom.cs new file mode 100644 index 0000000..276dc26 --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/parameters/ParametersWithRandom.cs @@ -0,0 +1,48 @@ +using System; + +using Org.BouncyCastle.Security; + +namespace Org.BouncyCastle.Crypto.Parameters +{ + public class ParametersWithRandom + : ICipherParameters + { + private readonly ICipherParameters parameters; + private readonly SecureRandom random; + + public ParametersWithRandom( + ICipherParameters parameters, + SecureRandom random) + { + if (parameters == null) + throw new ArgumentNullException("parameters"); + if (random == null) + throw new ArgumentNullException("random"); + + this.parameters = parameters; + this.random = random; + } + + public ParametersWithRandom( + ICipherParameters parameters) + : this(parameters, new SecureRandom()) + { + } + + [Obsolete("Use Random property instead")] + public SecureRandom GetRandom() + { + return Random; + } + + public SecureRandom Random + { + get { return random; } + } + + public ICipherParameters Parameters + { + get { return parameters; } + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/parameters/ParametersWithSBox.cs b/BouncyCastle/crypto/src/crypto/parameters/ParametersWithSBox.cs new file mode 100644 index 0000000..6473796 --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/parameters/ParametersWithSBox.cs @@ -0,0 +1,24 @@ +using System; + +using Org.BouncyCastle.Crypto; + +namespace Org.BouncyCastle.Crypto.Parameters +{ + public class ParametersWithSBox : ICipherParameters + { + private ICipherParameters parameters; + private byte[] sBox; + + public ParametersWithSBox( + ICipherParameters parameters, + byte[] sBox) + { + this.parameters = parameters; + this.sBox = sBox; + } + + public byte[] GetSBox() { return sBox; } + + public ICipherParameters Parameters { get { return parameters; } } + } +} diff --git a/BouncyCastle/crypto/src/crypto/parameters/ParametersWithSalt.cs b/BouncyCastle/crypto/src/crypto/parameters/ParametersWithSalt.cs new file mode 100644 index 0000000..7f4cd6c --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/parameters/ParametersWithSalt.cs @@ -0,0 +1,39 @@ +using System; + +using Org.BouncyCastle.Crypto; + +namespace Org.BouncyCastle.Crypto.Parameters +{ + + /// Cipher parameters with a fixed salt value associated with them. + public class ParametersWithSalt : ICipherParameters + { + private byte[] salt; + private ICipherParameters parameters; + + public ParametersWithSalt(ICipherParameters parameters, byte[] salt):this(parameters, salt, 0, salt.Length) + { + } + + public ParametersWithSalt(ICipherParameters parameters, byte[] salt, int saltOff, int saltLen) + { + this.salt = new byte[saltLen]; + this.parameters = parameters; + + Array.Copy(salt, saltOff, this.salt, 0, saltLen); + } + + public byte[] GetSalt() + { + return salt; + } + + public ICipherParameters Parameters + { + get + { + return parameters; + } + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/parameters/RC2Parameters.cs b/BouncyCastle/crypto/src/crypto/parameters/RC2Parameters.cs new file mode 100644 index 0000000..7a6d5bb --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/parameters/RC2Parameters.cs @@ -0,0 +1,47 @@ +using System; + +namespace Org.BouncyCastle.Crypto.Parameters +{ + public class RC2Parameters + : KeyParameter + { + private readonly int bits; + + public RC2Parameters( + byte[] key) + : this(key, (key.Length > 128) ? 1024 : (key.Length * 8)) + { + } + + public RC2Parameters( + byte[] key, + int keyOff, + int keyLen) + : this(key, keyOff, keyLen, (keyLen > 128) ? 1024 : (keyLen * 8)) + { + } + + public RC2Parameters( + byte[] key, + int bits) + : base(key) + { + this.bits = bits; + } + + public RC2Parameters( + byte[] key, + int keyOff, + int keyLen, + int bits) + : base(key, keyOff, keyLen) + { + this.bits = bits; + } + + public int EffectiveKeyBits + { + get { return bits; } + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/parameters/RC5Parameters.cs b/BouncyCastle/crypto/src/crypto/parameters/RC5Parameters.cs new file mode 100644 index 0000000..88a59e1 --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/parameters/RC5Parameters.cs @@ -0,0 +1,27 @@ +using System; +using Org.BouncyCastle.Crypto; + +namespace Org.BouncyCastle.Crypto.Parameters +{ + public class RC5Parameters + : KeyParameter + { + private readonly int rounds; + + public RC5Parameters( + byte[] key, + int rounds) + : base(key) + { + if (key.Length > 255) + throw new ArgumentException("RC5 key length can be no greater than 255"); + + this.rounds = rounds; + } + + public int Rounds + { + get { return rounds; } + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/parameters/RSABlindingParameters.cs b/BouncyCastle/crypto/src/crypto/parameters/RSABlindingParameters.cs new file mode 100644 index 0000000..49c7bcc --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/parameters/RSABlindingParameters.cs @@ -0,0 +1,34 @@ +using System; + +using Org.BouncyCastle.Math; + +namespace Org.BouncyCastle.Crypto.Parameters +{ + public class RsaBlindingParameters + : ICipherParameters + { + private readonly RsaKeyParameters publicKey; + private readonly BigInteger blindingFactor; + + public RsaBlindingParameters( + RsaKeyParameters publicKey, + BigInteger blindingFactor) + { + if (publicKey.IsPrivate) + throw new ArgumentException("RSA parameters should be for a public key"); + + this.publicKey = publicKey; + this.blindingFactor = blindingFactor; + } + + public RsaKeyParameters PublicKey + { + get { return publicKey; } + } + + public BigInteger BlindingFactor + { + get { return blindingFactor; } + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/parameters/RsaKeyGenerationParameters.cs b/BouncyCastle/crypto/src/crypto/parameters/RsaKeyGenerationParameters.cs new file mode 100644 index 0000000..619ab65 --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/parameters/RsaKeyGenerationParameters.cs @@ -0,0 +1,55 @@ +using System; + +using Org.BouncyCastle.Crypto; +using Org.BouncyCastle.Math; +using Org.BouncyCastle.Security; + +namespace Org.BouncyCastle.Crypto.Parameters +{ + public class RsaKeyGenerationParameters + : KeyGenerationParameters + { + private readonly BigInteger publicExponent; + private readonly int certainty; + + public RsaKeyGenerationParameters( + BigInteger publicExponent, + SecureRandom random, + int strength, + int certainty) + : base(random, strength) + { + this.publicExponent = publicExponent; + this.certainty = certainty; + } + + public BigInteger PublicExponent + { + get { return publicExponent; } + } + + public int Certainty + { + get { return certainty; } + } + + public override bool Equals( + object obj) + { + RsaKeyGenerationParameters other = obj as RsaKeyGenerationParameters; + + if (other == null) + { + return false; + } + + return certainty == other.certainty + && publicExponent.Equals(other.publicExponent); + } + + public override int GetHashCode() + { + return certainty.GetHashCode() ^ publicExponent.GetHashCode(); + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/parameters/RsaKeyParameters.cs b/BouncyCastle/crypto/src/crypto/parameters/RsaKeyParameters.cs new file mode 100644 index 0000000..4f8dba6 --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/parameters/RsaKeyParameters.cs @@ -0,0 +1,106 @@ +using System; + +using Org.BouncyCastle.Crypto; +using Org.BouncyCastle.Math; +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Crypto.Parameters +{ + public class RsaKeyParameters + : AsymmetricKeyParameter + { + // Hexadecimal value of the product of the 131 smallest odd primes from 3 to 743 + private static readonly BigInteger SmallPrimesProduct = new BigInteger( + "8138e8a0fcf3a4e84a771d40fd305d7f4aa59306d7251de54d98af8fe95729a1f" + + "73d893fa424cd2edc8636a6c3285e022b0e3866a565ae8108eed8591cd4fe8d2" + + "ce86165a978d719ebf647f362d33fca29cd179fb42401cbaf3df0c614056f9c8" + + "f3cfd51e474afb6bc6974f78db8aba8e9e517fded658591ab7502bd41849462f", + 16); + + private static BigInteger Validate(BigInteger modulus) + { + if ((modulus.IntValue & 1) == 0) + throw new ArgumentException("RSA modulus is even", "modulus"); + if (!modulus.Gcd(SmallPrimesProduct).Equals(BigInteger.One)) + throw new ArgumentException("RSA modulus has a small prime factor"); + + int maxBitLength = AsInteger("Org.BouncyCastle.Rsa.MaxSize", 15360); + + int modBitLength = modulus.BitLength; + if (maxBitLength < modBitLength) + { + throw new ArgumentException("modulus value out of range"); + } + + // TODO: add additional primePower/Composite test - expensive!! + + return modulus; + } + + private readonly BigInteger modulus; + private readonly BigInteger exponent; + + public RsaKeyParameters( + bool isPrivate, + BigInteger modulus, + BigInteger exponent) + : base(isPrivate) + { + if (modulus == null) + throw new ArgumentNullException("modulus"); + if (exponent == null) + throw new ArgumentNullException("exponent"); + if (modulus.SignValue <= 0) + throw new ArgumentException("Not a valid RSA modulus", "modulus"); + if (exponent.SignValue <= 0) + throw new ArgumentException("Not a valid RSA exponent", "exponent"); + if (!isPrivate && (exponent.IntValue & 1) == 0) + throw new ArgumentException("RSA publicExponent is even", "exponent"); + + this.modulus = Validate(modulus); + this.exponent = exponent; + } + + public BigInteger Modulus + { + get { return modulus; } + } + + public BigInteger Exponent + { + get { return exponent; } + } + + public override bool Equals( + object obj) + { + RsaKeyParameters kp = obj as RsaKeyParameters; + + if (kp == null) + { + return false; + } + + return kp.IsPrivate == this.IsPrivate + && kp.Modulus.Equals(this.modulus) + && kp.Exponent.Equals(this.exponent); + } + + public override int GetHashCode() + { + return modulus.GetHashCode() ^ exponent.GetHashCode() ^ IsPrivate.GetHashCode(); + } + + internal static int AsInteger(string envVariable, int defaultValue) + { + String v = Platform.GetEnvironmentVariable(envVariable); + + if (v == null) + { + return defaultValue; + } + + return Int32.Parse(v); + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/parameters/RsaPrivateCrtKeyParameters.cs b/BouncyCastle/crypto/src/crypto/parameters/RsaPrivateCrtKeyParameters.cs new file mode 100644 index 0000000..557ee94 --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/parameters/RsaPrivateCrtKeyParameters.cs @@ -0,0 +1,118 @@ +using System; + +using Org.BouncyCastle.Crypto; +using Org.BouncyCastle.Math; +using Org.BouncyCastle.Asn1.Pkcs; + +namespace Org.BouncyCastle.Crypto.Parameters +{ + public class RsaPrivateCrtKeyParameters + : RsaKeyParameters + { + private readonly BigInteger e, p, q, dP, dQ, qInv; + + public RsaPrivateCrtKeyParameters( + BigInteger modulus, + BigInteger publicExponent, + BigInteger privateExponent, + BigInteger p, + BigInteger q, + BigInteger dP, + BigInteger dQ, + BigInteger qInv) + : base(true, modulus, privateExponent) + { + ValidateValue(publicExponent, "publicExponent", "exponent"); + ValidateValue(p, "p", "P value"); + ValidateValue(q, "q", "Q value"); + ValidateValue(dP, "dP", "DP value"); + ValidateValue(dQ, "dQ", "DQ value"); + ValidateValue(qInv, "qInv", "InverseQ value"); + + this.e = publicExponent; + this.p = p; + this.q = q; + this.dP = dP; + this.dQ = dQ; + this.qInv = qInv; + } + + public RsaPrivateCrtKeyParameters(RsaPrivateKeyStructure rsaPrivateKey) + : this( + rsaPrivateKey.Modulus, + rsaPrivateKey.PublicExponent, + rsaPrivateKey.PrivateExponent, + rsaPrivateKey.Prime1, + rsaPrivateKey.Prime2, + rsaPrivateKey.Exponent1, + rsaPrivateKey.Exponent2, + rsaPrivateKey.Coefficient) + { + } + + public BigInteger PublicExponent + { + get { return e; } + } + + public BigInteger P + { + get { return p; } + } + + public BigInteger Q + { + get { return q; } + } + + public BigInteger DP + { + get { return dP; } + } + + public BigInteger DQ + { + get { return dQ; } + } + + public BigInteger QInv + { + get { return qInv; } + } + + public override bool Equals( + object obj) + { + if (obj == this) + return true; + + RsaPrivateCrtKeyParameters kp = obj as RsaPrivateCrtKeyParameters; + + if (kp == null) + return false; + + return kp.DP.Equals(dP) + && kp.DQ.Equals(dQ) + && kp.Exponent.Equals(this.Exponent) + && kp.Modulus.Equals(this.Modulus) + && kp.P.Equals(p) + && kp.Q.Equals(q) + && kp.PublicExponent.Equals(e) + && kp.QInv.Equals(qInv); + } + + public override int GetHashCode() + { + return DP.GetHashCode() ^ DQ.GetHashCode() ^ Exponent.GetHashCode() ^ Modulus.GetHashCode() + ^ P.GetHashCode() ^ Q.GetHashCode() ^ PublicExponent.GetHashCode() ^ QInv.GetHashCode(); + } + + private static void ValidateValue(BigInteger x, string name, string desc) + { + if (x == null) + throw new ArgumentNullException(name); + if (x.SignValue <= 0) + throw new ArgumentException("Not a valid RSA " + desc, name); + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/parameters/SM2KeyExchangePrivateParameters.cs b/BouncyCastle/crypto/src/crypto/parameters/SM2KeyExchangePrivateParameters.cs new file mode 100644 index 0000000..6665664 --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/parameters/SM2KeyExchangePrivateParameters.cs @@ -0,0 +1,67 @@ +using System; + +using Org.BouncyCastle.Math.EC; +using Org.BouncyCastle.Math.EC.Multiplier; + +namespace Org.BouncyCastle.Crypto.Parameters +{ + /// Private parameters for an SM2 key exchange. + /// The ephemeralPrivateKey is used to calculate the random point used in the algorithm. + public class SM2KeyExchangePrivateParameters + : ICipherParameters + { + private readonly bool mInitiator; + private readonly ECPrivateKeyParameters mStaticPrivateKey; + private readonly ECPoint mStaticPublicPoint; + private readonly ECPrivateKeyParameters mEphemeralPrivateKey; + private readonly ECPoint mEphemeralPublicPoint; + + public SM2KeyExchangePrivateParameters( + bool initiator, + ECPrivateKeyParameters staticPrivateKey, + ECPrivateKeyParameters ephemeralPrivateKey) + { + if (staticPrivateKey == null) + throw new ArgumentNullException("staticPrivateKey"); + if (ephemeralPrivateKey == null) + throw new ArgumentNullException("ephemeralPrivateKey"); + + ECDomainParameters parameters = staticPrivateKey.Parameters; + if (!parameters.Equals(ephemeralPrivateKey.Parameters)) + throw new ArgumentException("Static and ephemeral private keys have different domain parameters"); + + ECMultiplier m = new FixedPointCombMultiplier(); + + this.mInitiator = initiator; + this.mStaticPrivateKey = staticPrivateKey; + this.mStaticPublicPoint = m.Multiply(parameters.G, staticPrivateKey.D).Normalize(); + this.mEphemeralPrivateKey = ephemeralPrivateKey; + this.mEphemeralPublicPoint = m.Multiply(parameters.G, ephemeralPrivateKey.D).Normalize(); + } + + public virtual bool IsInitiator + { + get { return mInitiator; } + } + + public virtual ECPrivateKeyParameters StaticPrivateKey + { + get { return mStaticPrivateKey; } + } + + public virtual ECPoint StaticPublicPoint + { + get { return mStaticPublicPoint; } + } + + public virtual ECPrivateKeyParameters EphemeralPrivateKey + { + get { return mEphemeralPrivateKey; } + } + + public virtual ECPoint EphemeralPublicPoint + { + get { return mEphemeralPublicPoint; } + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/parameters/SM2KeyExchangePublicParameters.cs b/BouncyCastle/crypto/src/crypto/parameters/SM2KeyExchangePublicParameters.cs new file mode 100644 index 0000000..5c21315 --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/parameters/SM2KeyExchangePublicParameters.cs @@ -0,0 +1,40 @@ +using System; + +using Org.BouncyCastle.Math.EC; + +namespace Org.BouncyCastle.Crypto.Parameters +{ + /// Public parameters for an SM2 key exchange. + /// In this case the ephemeralPublicKey provides the random point used in the algorithm. + public class SM2KeyExchangePublicParameters + : ICipherParameters + { + private readonly ECPublicKeyParameters mStaticPublicKey; + private readonly ECPublicKeyParameters mEphemeralPublicKey; + + public SM2KeyExchangePublicParameters( + ECPublicKeyParameters staticPublicKey, + ECPublicKeyParameters ephemeralPublicKey) + { + if (staticPublicKey == null) + throw new ArgumentNullException("staticPublicKey"); + if (ephemeralPublicKey == null) + throw new ArgumentNullException("ephemeralPublicKey"); + if (!staticPublicKey.Parameters.Equals(ephemeralPublicKey.Parameters)) + throw new ArgumentException("Static and ephemeral public keys have different domain parameters"); + + this.mStaticPublicKey = staticPublicKey; + this.mEphemeralPublicKey = ephemeralPublicKey; + } + + public virtual ECPublicKeyParameters StaticPublicKey + { + get { return mStaticPublicKey; } + } + + public virtual ECPublicKeyParameters EphemeralPublicKey + { + get { return mEphemeralPublicKey; } + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/parameters/SkeinParameters.cs b/BouncyCastle/crypto/src/crypto/parameters/SkeinParameters.cs new file mode 100644 index 0000000..cc57ef5 --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/parameters/SkeinParameters.cs @@ -0,0 +1,286 @@ +using System; +using System.Collections; +using System.Globalization; +using System.IO; + +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Crypto.Parameters +{ + + /// + /// Parameters for the Skein hash function - a series of byte[] strings identified by integer tags. + /// + /// + /// Parameterised Skein can be used for: + ///
    + ///
  • MAC generation, by providing a key.
    • + ///
  • Randomised hashing, by providing a nonce.
    • + ///
  • A hash function for digital signatures, associating a + /// public key with the message digest.
    • + ///
  • A key derivation function, by providing a + /// key identifier.
    • + ///
  • Personalised hashing, by providing a + /// recommended format or + /// arbitrary personalisation string.
    • + ///
+ /// + /// + /// + /// + public class SkeinParameters + : ICipherParameters + { + /// + /// The parameter type for a secret key, supporting MAC or KDF functions: 0 + /// + public const int PARAM_TYPE_KEY = 0; + + /// + /// The parameter type for the Skein configuration block: 4 + /// + public const int PARAM_TYPE_CONFIG = 4; + + /// + /// The parameter type for a personalisation string: 8 + /// + public const int PARAM_TYPE_PERSONALISATION = 8; + + /// + /// The parameter type for a public key: 12 + /// + public const int PARAM_TYPE_PUBLIC_KEY = 12; + + /// + /// The parameter type for a key identifier string: 16 + /// + public const int PARAM_TYPE_KEY_IDENTIFIER = 16; + + /// + /// The parameter type for a nonce: 20 + /// + public const int PARAM_TYPE_NONCE = 20; + + /// + /// The parameter type for the message: 48 + /// + public const int PARAM_TYPE_MESSAGE = 48; + + /// + /// The parameter type for the output transformation: 63 + /// + public const int PARAM_TYPE_OUTPUT = 63; + + private IDictionary parameters; + + public SkeinParameters() + : this(Platform.CreateHashtable()) + + { + } + + private SkeinParameters(IDictionary parameters) + { + this.parameters = parameters; + } + + /// + /// Obtains a map of type (int) to value (byte[]) for the parameters tracked in this object. + /// + public IDictionary GetParameters() + { + return parameters; + } + + /// + /// Obtains the value of the key parameter, or null if not + /// set. + /// + /// The key. + public byte[] GetKey() + { + return (byte[])parameters[PARAM_TYPE_KEY]; + } + + /// + /// Obtains the value of the personalisation parameter, or + /// null if not set. + /// + public byte[] GetPersonalisation() + { + return (byte[])parameters[PARAM_TYPE_PERSONALISATION]; + } + + /// + /// Obtains the value of the public key parameter, or + /// null if not set. + /// + public byte[] GetPublicKey() + { + return (byte[])parameters[PARAM_TYPE_PUBLIC_KEY]; + } + + /// + /// Obtains the value of the key identifier parameter, or + /// null if not set. + /// + public byte[] GetKeyIdentifier() + { + return (byte[])parameters[PARAM_TYPE_KEY_IDENTIFIER]; + } + + /// + /// Obtains the value of the nonce parameter, or null if + /// not set. + /// + public byte[] GetNonce() + { + return (byte[])parameters[PARAM_TYPE_NONCE]; + } + + /// + /// A builder for . + /// + public class Builder + { + private IDictionary parameters = Platform.CreateHashtable(); + + public Builder() + { + } + + public Builder(IDictionary paramsMap) + { + IEnumerator keys = paramsMap.Keys.GetEnumerator(); + while (keys.MoveNext()) + { + int key = (int)keys.Current; + parameters.Add(key, paramsMap[key]); + } + } + + public Builder(SkeinParameters parameters) + { + IEnumerator keys = parameters.parameters.Keys.GetEnumerator(); + while (keys.MoveNext()) + { + int key = (int)keys.Current; + this.parameters.Add(key, parameters.parameters[key]); + } + } + + /// + /// Sets a parameters to apply to the Skein hash function. + /// + /// + /// Parameter types must be in the range 0,5..62, and cannot use the value 48 + /// (reserved for message body). + ///

+ /// Parameters with type < 48 are processed before + /// the message content, parameters with type > 48 + /// are processed after the message and prior to output. + /// + /// the type of the parameter, in the range 5..62. + /// the byte sequence of the parameter. + public Builder Set(int type, byte[] value) + { + if (value == null) + { + throw new ArgumentException("Parameter value must not be null."); + } + if ((type != PARAM_TYPE_KEY) + && (type <= PARAM_TYPE_CONFIG || type >= PARAM_TYPE_OUTPUT || type == PARAM_TYPE_MESSAGE)) + { + throw new ArgumentException("Parameter types must be in the range 0,5..47,49..62."); + } + if (type == PARAM_TYPE_CONFIG) + { + throw new ArgumentException("Parameter type " + PARAM_TYPE_CONFIG + + " is reserved for internal use."); + } + this.parameters.Add(type, value); + return this; + } + + ///

+ /// Sets the parameter. + /// + public Builder SetKey(byte[] key) + { + return Set(PARAM_TYPE_KEY, key); + } + + /// + /// Sets the parameter. + /// + public Builder SetPersonalisation(byte[] personalisation) + { + return Set(PARAM_TYPE_PERSONALISATION, personalisation); + } + + /// + /// Implements the recommended personalisation format for Skein defined in Section 4.11 of + /// the Skein 1.3 specification. + /// + /// + /// The format is YYYYMMDD email@address distinguisher, encoded to a byte + /// sequence using UTF-8 encoding. + /// + /// the date the personalised application of the Skein was defined. + /// the email address of the creation of the personalised application. + /// an arbitrary personalisation string distinguishing the application. + public Builder SetPersonalisation(DateTime date, string emailAddress, string distinguisher) + { + try + { + MemoryStream bout = new MemoryStream(); + StreamWriter outBytes = new StreamWriter(bout, System.Text.Encoding.UTF8); + outBytes.Write(date.ToString("YYYYMMDD", CultureInfo.InvariantCulture)); + outBytes.Write(" "); + outBytes.Write(emailAddress); + outBytes.Write(" "); + outBytes.Write(distinguisher); + Platform.Dispose(outBytes); + return Set(PARAM_TYPE_PERSONALISATION, bout.ToArray()); + } + catch (IOException e) + { + throw new InvalidOperationException("Byte I/O failed.", e); + } + } + + /// + /// Sets the parameter. + /// + public Builder SetPublicKey(byte[] publicKey) + { + return Set(PARAM_TYPE_PUBLIC_KEY, publicKey); + } + + /// + /// Sets the parameter. + /// + public Builder SetKeyIdentifier(byte[] keyIdentifier) + { + return Set(PARAM_TYPE_KEY_IDENTIFIER, keyIdentifier); + } + + /// + /// Sets the parameter. + /// + public Builder SetNonce(byte[] nonce) + { + return Set(PARAM_TYPE_NONCE, nonce); + } + + /// + /// Constructs a new instance with the parameters provided to this + /// builder. + /// + public SkeinParameters Build() + { + return new SkeinParameters(parameters); + } + } + } +} \ No newline at end of file diff --git a/BouncyCastle/crypto/src/crypto/parameters/Srp6GroupParameters.cs b/BouncyCastle/crypto/src/crypto/parameters/Srp6GroupParameters.cs new file mode 100644 index 0000000..6762dd3 --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/parameters/Srp6GroupParameters.cs @@ -0,0 +1,27 @@ +using System; + +using Org.BouncyCastle.Math; + +namespace Org.BouncyCastle.Crypto.Parameters +{ + public sealed class Srp6GroupParameters + { + private readonly BigInteger n, g; + + public Srp6GroupParameters(BigInteger N, BigInteger g) + { + this.n = N; + this.g = g; + } + + public BigInteger G + { + get { return g; } + } + + public BigInteger N + { + get { return n; } + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/parameters/TweakableBlockCipherParameters.cs b/BouncyCastle/crypto/src/crypto/parameters/TweakableBlockCipherParameters.cs new file mode 100644 index 0000000..f757266 --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/parameters/TweakableBlockCipherParameters.cs @@ -0,0 +1,40 @@ +using System; +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Crypto.Parameters +{ + + /// + /// Parameters for tweakable block ciphers. + /// + public class TweakableBlockCipherParameters + : ICipherParameters + { + private readonly byte[] tweak; + private readonly KeyParameter key; + + public TweakableBlockCipherParameters(KeyParameter key, byte[] tweak) + { + this.key = key; + this.tweak = Arrays.Clone(tweak); + } + + /// + /// Gets the key. + /// + /// the key to use, or null to use the current key. + public KeyParameter Key + { + get { return key; } + } + + /// + /// Gets the tweak value. + /// + /// The tweak to use, or null to use the current tweak. + public byte[] Tweak + { + get { return tweak; } + } + } +} \ No newline at end of file diff --git a/BouncyCastle/crypto/src/crypto/parameters/X25519KeyGenerationParameters.cs b/BouncyCastle/crypto/src/crypto/parameters/X25519KeyGenerationParameters.cs new file mode 100644 index 0000000..d0bcffa --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/parameters/X25519KeyGenerationParameters.cs @@ -0,0 +1,15 @@ +using System; + +using Org.BouncyCastle.Security; + +namespace Org.BouncyCastle.Crypto.Parameters +{ + public class X25519KeyGenerationParameters + : KeyGenerationParameters + { + public X25519KeyGenerationParameters(SecureRandom random) + : base(random, 255) + { + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/parameters/X25519PrivateKeyParameters.cs b/BouncyCastle/crypto/src/crypto/parameters/X25519PrivateKeyParameters.cs new file mode 100644 index 0000000..63e72d3 --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/parameters/X25519PrivateKeyParameters.cs @@ -0,0 +1,76 @@ +using System; +using System.IO; + +using Org.BouncyCastle.Math.EC.Rfc7748; +using Org.BouncyCastle.Security; +using Org.BouncyCastle.Utilities; +using Org.BouncyCastle.Utilities.IO; + +namespace Org.BouncyCastle.Crypto.Parameters +{ + public sealed class X25519PrivateKeyParameters + : AsymmetricKeyParameter + { + public static readonly int KeySize = X25519.ScalarSize; + public static readonly int SecretSize = X25519.PointSize; + + private readonly byte[] data = new byte[KeySize]; + + public X25519PrivateKeyParameters(SecureRandom random) + : base(true) + { + X25519.GeneratePrivateKey(random, data); + } + + public X25519PrivateKeyParameters(byte[] buf) + : this(Validate(buf), 0) + { + } + + public X25519PrivateKeyParameters(byte[] buf, int off) + : base(true) + { + Array.Copy(buf, off, data, 0, KeySize); + } + + public X25519PrivateKeyParameters(Stream input) + : base(true) + { + if (KeySize != Streams.ReadFully(input, data)) + throw new EndOfStreamException("EOF encountered in middle of X25519 private key"); + } + + public void Encode(byte[] buf, int off) + { + Array.Copy(data, 0, buf, off, KeySize); + } + + public byte[] GetEncoded() + { + return Arrays.Clone(data); + } + + public X25519PublicKeyParameters GeneratePublicKey() + { + byte[] publicKey = new byte[X25519.PointSize]; + X25519.GeneratePublicKey(data, 0, publicKey, 0); + return new X25519PublicKeyParameters(publicKey, 0); + } + + public void GenerateSecret(X25519PublicKeyParameters publicKey, byte[] buf, int off) + { + byte[] encoded = new byte[X25519.PointSize]; + publicKey.Encode(encoded, 0); + if (!X25519.CalculateAgreement(data, 0, encoded, 0, buf, off)) + throw new InvalidOperationException("X25519 agreement failed"); + } + + private static byte[] Validate(byte[] buf) + { + if (buf.Length != KeySize) + throw new ArgumentException("must have length " + KeySize, "buf"); + + return buf; + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/parameters/X25519PublicKeyParameters.cs b/BouncyCastle/crypto/src/crypto/parameters/X25519PublicKeyParameters.cs new file mode 100644 index 0000000..c28e4de --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/parameters/X25519PublicKeyParameters.cs @@ -0,0 +1,53 @@ +using System; +using System.IO; + +using Org.BouncyCastle.Math.EC.Rfc7748; +using Org.BouncyCastle.Utilities; +using Org.BouncyCastle.Utilities.IO; + +namespace Org.BouncyCastle.Crypto.Parameters +{ + public sealed class X25519PublicKeyParameters + : AsymmetricKeyParameter + { + public static readonly int KeySize = X25519.PointSize; + + private readonly byte[] data = new byte[KeySize]; + + public X25519PublicKeyParameters(byte[] buf) + : this(Validate(buf), 0) + { + } + + public X25519PublicKeyParameters(byte[] buf, int off) + : base(false) + { + Array.Copy(buf, off, data, 0, KeySize); + } + + public X25519PublicKeyParameters(Stream input) + : base(false) + { + if (KeySize != Streams.ReadFully(input, data)) + throw new EndOfStreamException("EOF encountered in middle of X25519 public key"); + } + + public void Encode(byte[] buf, int off) + { + Array.Copy(data, 0, buf, off, KeySize); + } + + public byte[] GetEncoded() + { + return Arrays.Clone(data); + } + + private static byte[] Validate(byte[] buf) + { + if (buf.Length != KeySize) + throw new ArgumentException("must have length " + KeySize, "buf"); + + return buf; + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/parameters/X448KeyGenerationParameters.cs b/BouncyCastle/crypto/src/crypto/parameters/X448KeyGenerationParameters.cs new file mode 100644 index 0000000..a7cb558 --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/parameters/X448KeyGenerationParameters.cs @@ -0,0 +1,15 @@ +using System; + +using Org.BouncyCastle.Security; + +namespace Org.BouncyCastle.Crypto.Parameters +{ + public class X448KeyGenerationParameters + : KeyGenerationParameters + { + public X448KeyGenerationParameters(SecureRandom random) + : base(random, 448) + { + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/parameters/X448PrivateKeyParameters.cs b/BouncyCastle/crypto/src/crypto/parameters/X448PrivateKeyParameters.cs new file mode 100644 index 0000000..d10a903 --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/parameters/X448PrivateKeyParameters.cs @@ -0,0 +1,76 @@ +using System; +using System.IO; + +using Org.BouncyCastle.Math.EC.Rfc7748; +using Org.BouncyCastle.Security; +using Org.BouncyCastle.Utilities; +using Org.BouncyCastle.Utilities.IO; + +namespace Org.BouncyCastle.Crypto.Parameters +{ + public sealed class X448PrivateKeyParameters + : AsymmetricKeyParameter + { + public static readonly int KeySize = X448.ScalarSize; + public static readonly int SecretSize = X448.PointSize; + + private readonly byte[] data = new byte[KeySize]; + + public X448PrivateKeyParameters(SecureRandom random) + : base(true) + { + X448.GeneratePrivateKey(random, data); + } + + public X448PrivateKeyParameters(byte[] buf) + : this(Validate(buf), 0) + { + } + + public X448PrivateKeyParameters(byte[] buf, int off) + : base(true) + { + Array.Copy(buf, off, data, 0, KeySize); + } + + public X448PrivateKeyParameters(Stream input) + : base(true) + { + if (KeySize != Streams.ReadFully(input, data)) + throw new EndOfStreamException("EOF encountered in middle of X448 private key"); + } + + public void Encode(byte[] buf, int off) + { + Array.Copy(data, 0, buf, off, KeySize); + } + + public byte[] GetEncoded() + { + return Arrays.Clone(data); + } + + public X448PublicKeyParameters GeneratePublicKey() + { + byte[] publicKey = new byte[X448.PointSize]; + X448.GeneratePublicKey(data, 0, publicKey, 0); + return new X448PublicKeyParameters(publicKey, 0); + } + + public void GenerateSecret(X448PublicKeyParameters publicKey, byte[] buf, int off) + { + byte[] encoded = new byte[X448.PointSize]; + publicKey.Encode(encoded, 0); + if (!X448.CalculateAgreement(data, 0, encoded, 0, buf, off)) + throw new InvalidOperationException("X448 agreement failed"); + } + + private static byte[] Validate(byte[] buf) + { + if (buf.Length != KeySize) + throw new ArgumentException("must have length " + KeySize, "buf"); + + return buf; + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/parameters/X448PublicKeyParameters.cs b/BouncyCastle/crypto/src/crypto/parameters/X448PublicKeyParameters.cs new file mode 100644 index 0000000..704d2f7 --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/parameters/X448PublicKeyParameters.cs @@ -0,0 +1,53 @@ +using System; +using System.IO; + +using Org.BouncyCastle.Math.EC.Rfc7748; +using Org.BouncyCastle.Utilities; +using Org.BouncyCastle.Utilities.IO; + +namespace Org.BouncyCastle.Crypto.Parameters +{ + public sealed class X448PublicKeyParameters + : AsymmetricKeyParameter + { + public static readonly int KeySize = X448.PointSize; + + private readonly byte[] data = new byte[KeySize]; + + public X448PublicKeyParameters(byte[] buf) + : this(Validate(buf), 0) + { + } + + public X448PublicKeyParameters(byte[] buf, int off) + : base(false) + { + Array.Copy(buf, off, data, 0, KeySize); + } + + public X448PublicKeyParameters(Stream input) + : base(false) + { + if (KeySize != Streams.ReadFully(input, data)) + throw new EndOfStreamException("EOF encountered in middle of X448 public key"); + } + + public void Encode(byte[] buf, int off) + { + Array.Copy(data, 0, buf, off, KeySize); + } + + public byte[] GetEncoded() + { + return Arrays.Clone(data); + } + + private static byte[] Validate(byte[] buf) + { + if (buf.Length != KeySize) + throw new ArgumentException("must have length " + KeySize, "buf"); + + return buf; + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/prng/BasicEntropySourceProvider.cs b/BouncyCastle/crypto/src/crypto/prng/BasicEntropySourceProvider.cs new file mode 100644 index 0000000..31a8461 --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/prng/BasicEntropySourceProvider.cs @@ -0,0 +1,71 @@ +using System; + +using Org.BouncyCastle.Security; + +namespace Org.BouncyCastle.Crypto.Prng +{ + /** + * An EntropySourceProvider where entropy generation is based on a SecureRandom output using SecureRandom.generateSeed(). + */ + public class BasicEntropySourceProvider + : IEntropySourceProvider + { + private readonly SecureRandom mSecureRandom; + private readonly bool mPredictionResistant; + + /** + * Create a entropy source provider based on the passed in SecureRandom. + * + * @param secureRandom the SecureRandom to base EntropySource construction on. + * @param isPredictionResistant boolean indicating if the SecureRandom is based on prediction resistant entropy or not (true if it is). + */ + public BasicEntropySourceProvider(SecureRandom secureRandom, bool isPredictionResistant) + { + mSecureRandom = secureRandom; + mPredictionResistant = isPredictionResistant; + } + + /** + * Return an entropy source that will create bitsRequired bits of entropy on + * each invocation of getEntropy(). + * + * @param bitsRequired size (in bits) of entropy to be created by the provided source. + * @return an EntropySource that generates bitsRequired bits of entropy on each call to its getEntropy() method. + */ + public IEntropySource Get(int bitsRequired) + { + return new BasicEntropySource(mSecureRandom, mPredictionResistant, bitsRequired); + } + + private class BasicEntropySource + : IEntropySource + { + private readonly SecureRandom mSecureRandom; + private readonly bool mPredictionResistant; + private readonly int mEntropySize; + + internal BasicEntropySource(SecureRandom secureRandom, bool predictionResistant, int entropySize) + { + this.mSecureRandom = secureRandom; + this.mPredictionResistant = predictionResistant; + this.mEntropySize = entropySize; + } + + bool IEntropySource.IsPredictionResistant + { + get { return mPredictionResistant; } + } + + byte[] IEntropySource.GetEntropy() + { + // TODO[FIPS] Not all SecureRandom implementations are considered valid entropy sources + return SecureRandom.GetNextBytes(mSecureRandom, (mEntropySize + 7) / 8); + } + + int IEntropySource.EntropySize + { + get { return mEntropySize; } + } + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/prng/CryptoApiEntropySourceProvider.cs b/BouncyCastle/crypto/src/crypto/prng/CryptoApiEntropySourceProvider.cs new file mode 100644 index 0000000..459d3a7 --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/prng/CryptoApiEntropySourceProvider.cs @@ -0,0 +1,70 @@ +#if !(NETCF_1_0 || PORTABLE) +using System; +using System.Security.Cryptography; + +namespace Org.BouncyCastle.Crypto.Prng +{ + public class CryptoApiEntropySourceProvider + : IEntropySourceProvider + { + private readonly RandomNumberGenerator mRng; + private readonly bool mPredictionResistant; + + public CryptoApiEntropySourceProvider() + : this(RandomNumberGenerator.Create(), true) + { + } + + public CryptoApiEntropySourceProvider(RandomNumberGenerator rng, bool isPredictionResistant) + { + if (rng == null) + throw new ArgumentNullException("rng"); + + mRng = rng; + mPredictionResistant = isPredictionResistant; + } + + public IEntropySource Get(int bitsRequired) + { + return new CryptoApiEntropySource(mRng, mPredictionResistant, bitsRequired); + } + + private class CryptoApiEntropySource + : IEntropySource + { + private readonly RandomNumberGenerator mRng; + private readonly bool mPredictionResistant; + private readonly int mEntropySize; + + internal CryptoApiEntropySource(RandomNumberGenerator rng, bool predictionResistant, int entropySize) + { + this.mRng = rng; + this.mPredictionResistant = predictionResistant; + this.mEntropySize = entropySize; + } + + #region IEntropySource Members + + bool IEntropySource.IsPredictionResistant + { + get { return mPredictionResistant; } + } + + byte[] IEntropySource.GetEntropy() + { + byte[] result = new byte[(mEntropySize + 7) / 8]; + mRng.GetBytes(result); + return result; + } + + int IEntropySource.EntropySize + { + get { return mEntropySize; } + } + + #endregion + } + } +} + +#endif diff --git a/BouncyCastle/crypto/src/crypto/prng/CryptoApiRandomGenerator.cs b/BouncyCastle/crypto/src/crypto/prng/CryptoApiRandomGenerator.cs new file mode 100644 index 0000000..0b65920 --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/prng/CryptoApiRandomGenerator.cs @@ -0,0 +1,66 @@ +#if !(NETCF_1_0 || PORTABLE) + +using System; +using System.Security.Cryptography; + +namespace Org.BouncyCastle.Crypto.Prng +{ + /// + /// Uses RandomNumberGenerator.Create() to get randomness generator + /// + public class CryptoApiRandomGenerator + : IRandomGenerator + { + private readonly RandomNumberGenerator rndProv; + + public CryptoApiRandomGenerator() + : this(RandomNumberGenerator.Create()) + { + } + + public CryptoApiRandomGenerator(RandomNumberGenerator rng) + { + this.rndProv = rng; + } + + #region IRandomGenerator Members + + public virtual void AddSeedMaterial(byte[] seed) + { + // We don't care about the seed + } + + public virtual void AddSeedMaterial(long seed) + { + // We don't care about the seed + } + + public virtual void NextBytes(byte[] bytes) + { + rndProv.GetBytes(bytes); + } + + public virtual void NextBytes(byte[] bytes, int start, int len) + { + if (start < 0) + throw new ArgumentException("Start offset cannot be negative", "start"); + if (bytes.Length < (start + len)) + throw new ArgumentException("Byte array too small for requested offset and length"); + + if (bytes.Length == len && start == 0) + { + NextBytes(bytes); + } + else + { + byte[] tmpBuf = new byte[len]; + NextBytes(tmpBuf); + Array.Copy(tmpBuf, 0, bytes, start, len); + } + } + + #endregion + } +} + +#endif diff --git a/BouncyCastle/crypto/src/crypto/prng/DigestRandomGenerator.cs b/BouncyCastle/crypto/src/crypto/prng/DigestRandomGenerator.cs new file mode 100644 index 0000000..024db28 --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/prng/DigestRandomGenerator.cs @@ -0,0 +1,130 @@ +using System; + +using Org.BouncyCastle.Crypto.Utilities; +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Crypto.Prng +{ + /** + * Random generation based on the digest with counter. Calling AddSeedMaterial will + * always increase the entropy of the hash. + *

+ * Internal access to the digest is synchronized so a single one of these can be shared. + *

+ */ + public class DigestRandomGenerator + : IRandomGenerator + { + private const long CYCLE_COUNT = 10; + + private long stateCounter; + private long seedCounter; + private IDigest digest; + private byte[] state; + private byte[] seed; + + public DigestRandomGenerator( + IDigest digest) + { + this.digest = digest; + + this.seed = new byte[digest.GetDigestSize()]; + this.seedCounter = 1; + + this.state = new byte[digest.GetDigestSize()]; + this.stateCounter = 1; + } + + public void AddSeedMaterial( + byte[] inSeed) + { + lock (this) + { + if (!Arrays.IsNullOrEmpty(inSeed)) + { + DigestUpdate(inSeed); + } + DigestUpdate(seed); + DigestDoFinal(seed); + } + } + + public void AddSeedMaterial( + long rSeed) + { + lock (this) + { + DigestAddCounter(rSeed); + DigestUpdate(seed); + DigestDoFinal(seed); + } + } + + public void NextBytes( + byte[] bytes) + { + NextBytes(bytes, 0, bytes.Length); + } + + public void NextBytes( + byte[] bytes, + int start, + int len) + { + lock (this) + { + int stateOff = 0; + + GenerateState(); + + int end = start + len; + for (int i = start; i < end; ++i) + { + if (stateOff == state.Length) + { + GenerateState(); + stateOff = 0; + } + bytes[i] = state[stateOff++]; + } + } + } + + private void CycleSeed() + { + DigestUpdate(seed); + DigestAddCounter(seedCounter++); + DigestDoFinal(seed); + } + + private void GenerateState() + { + DigestAddCounter(stateCounter++); + DigestUpdate(state); + DigestUpdate(seed); + DigestDoFinal(state); + + if ((stateCounter % CYCLE_COUNT) == 0) + { + CycleSeed(); + } + } + + private void DigestAddCounter(long seedVal) + { + byte[] bytes = new byte[8]; + Pack.UInt64_To_LE((ulong)seedVal, bytes); + digest.BlockUpdate(bytes, 0, bytes.Length); + } + + private void DigestUpdate(byte[] inSeed) + { + digest.BlockUpdate(inSeed, 0, inSeed.Length); + } + + private void DigestDoFinal(byte[] result) + { + digest.DoFinal(result, 0); + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/prng/EntropyUtilities.cs b/BouncyCastle/crypto/src/crypto/prng/EntropyUtilities.cs new file mode 100644 index 0000000..58c8703 --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/prng/EntropyUtilities.cs @@ -0,0 +1,30 @@ +using System; + +using Org.BouncyCastle.Security; + +namespace Org.BouncyCastle.Crypto.Prng +{ + public abstract class EntropyUtilities + { + /** + * Generate numBytes worth of entropy from the passed in entropy source. + * + * @param entropySource the entropy source to request the data from. + * @param numBytes the number of bytes of entropy requested. + * @return a byte array populated with the random data. + */ + public static byte[] GenerateSeed(IEntropySource entropySource, int numBytes) + { + byte[] bytes = new byte[numBytes]; + int count = 0; + while (count < numBytes) + { + byte[] entropy = entropySource.GetEntropy(); + int toCopy = System.Math.Min(bytes.Length, numBytes - count); + Array.Copy(entropy, 0, bytes, count, toCopy); + count += toCopy; + } + return bytes; + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/prng/IDrbgProvider.cs b/BouncyCastle/crypto/src/crypto/prng/IDrbgProvider.cs new file mode 100644 index 0000000..5ebf5fd --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/prng/IDrbgProvider.cs @@ -0,0 +1,11 @@ +using System; + +using Org.BouncyCastle.Crypto.Prng.Drbg; + +namespace Org.BouncyCastle.Crypto.Prng +{ + internal interface IDrbgProvider + { + ISP80090Drbg Get(IEntropySource entropySource); + } +} diff --git a/BouncyCastle/crypto/src/crypto/prng/IRandomGenerator.cs b/BouncyCastle/crypto/src/crypto/prng/IRandomGenerator.cs new file mode 100644 index 0000000..8dbe406 --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/prng/IRandomGenerator.cs @@ -0,0 +1,26 @@ +using System; + +namespace Org.BouncyCastle.Crypto.Prng +{ + /// Generic interface for objects generating random bytes. + public interface IRandomGenerator + { + /// Add more seed material to the generator. + /// A byte array to be mixed into the generator's state. + void AddSeedMaterial(byte[] seed); + + /// Add more seed material to the generator. + /// A long value to be mixed into the generator's state. + void AddSeedMaterial(long seed); + + /// Fill byte array with random values. + /// Array to be filled. + void NextBytes(byte[] bytes); + + /// Fill byte array with random values. + /// Array to receive bytes. + /// Index to start filling at. + /// Length of segment to fill. + void NextBytes(byte[] bytes, int start, int len); + } +} diff --git a/BouncyCastle/crypto/src/crypto/prng/ReversedWindowGenerator.cs b/BouncyCastle/crypto/src/crypto/prng/ReversedWindowGenerator.cs new file mode 100644 index 0000000..dd28c52 --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/prng/ReversedWindowGenerator.cs @@ -0,0 +1,98 @@ +using System; + +namespace Org.BouncyCastle.Crypto.Prng +{ + /// + /// Takes bytes generated by an underling RandomGenerator and reverses the order in + /// each small window (of configurable size). + ///

+ /// Access to internals is synchronized so a single one of these can be shared. + ///

+ /// + public class ReversedWindowGenerator + : IRandomGenerator + { + private readonly IRandomGenerator generator; + + private byte[] window; + private int windowCount; + + public ReversedWindowGenerator( + IRandomGenerator generator, + int windowSize) + { + if (generator == null) + throw new ArgumentNullException("generator"); + if (windowSize < 2) + throw new ArgumentException("Window size must be at least 2", "windowSize"); + + this.generator = generator; + this.window = new byte[windowSize]; + } + + /// Add more seed material to the generator. + /// A byte array to be mixed into the generator's state. + public virtual void AddSeedMaterial( + byte[] seed) + { + lock (this) + { + windowCount = 0; + generator.AddSeedMaterial(seed); + } + } + + /// Add more seed material to the generator. + /// A long value to be mixed into the generator's state. + public virtual void AddSeedMaterial( + long seed) + { + lock (this) + { + windowCount = 0; + generator.AddSeedMaterial(seed); + } + } + + /// Fill byte array with random values. + /// Array to be filled. + public virtual void NextBytes( + byte[] bytes) + { + doNextBytes(bytes, 0, bytes.Length); + } + + /// Fill byte array with random values. + /// Array to receive bytes. + /// Index to start filling at. + /// Length of segment to fill. + public virtual void NextBytes( + byte[] bytes, + int start, + int len) + { + doNextBytes(bytes, start, len); + } + + private void doNextBytes( + byte[] bytes, + int start, + int len) + { + lock (this) + { + int done = 0; + while (done < len) + { + if (windowCount < 1) + { + generator.NextBytes(window, 0, window.Length); + windowCount = window.Length; + } + + bytes[start + done++] = window[--windowCount]; + } + } + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/prng/SP800SecureRandom.cs b/BouncyCastle/crypto/src/crypto/prng/SP800SecureRandom.cs new file mode 100644 index 0000000..30c838c --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/prng/SP800SecureRandom.cs @@ -0,0 +1,95 @@ +using System; + +using Org.BouncyCastle.Crypto.Prng.Drbg; +using Org.BouncyCastle.Security; + +namespace Org.BouncyCastle.Crypto.Prng +{ + public class SP800SecureRandom + : SecureRandom + { + private readonly IDrbgProvider mDrbgProvider; + private readonly bool mPredictionResistant; + private readonly SecureRandom mRandomSource; + private readonly IEntropySource mEntropySource; + + private ISP80090Drbg mDrbg; + + internal SP800SecureRandom(SecureRandom randomSource, IEntropySource entropySource, IDrbgProvider drbgProvider, bool predictionResistant) + : base((IRandomGenerator)null) + { + this.mRandomSource = randomSource; + this.mEntropySource = entropySource; + this.mDrbgProvider = drbgProvider; + this.mPredictionResistant = predictionResistant; + } + + public override void SetSeed(byte[] seed) + { + lock (this) + { + if (mRandomSource != null) + { + this.mRandomSource.SetSeed(seed); + } + } + } + + public override void SetSeed(long seed) + { + lock (this) + { + // this will happen when SecureRandom() is created + if (mRandomSource != null) + { + this.mRandomSource.SetSeed(seed); + } + } + } + + public override void NextBytes(byte[] bytes) + { + lock (this) + { + if (mDrbg == null) + { + mDrbg = mDrbgProvider.Get(mEntropySource); + } + + // check if a reseed is required... + if (mDrbg.Generate(bytes, null, mPredictionResistant) < 0) + { + mDrbg.Reseed(null); + mDrbg.Generate(bytes, null, mPredictionResistant); + } + } + } + + public override void NextBytes(byte[] buf, int off, int len) + { + byte[] bytes = new byte[len]; + NextBytes(bytes); + Array.Copy(bytes, 0, buf, off, len); + } + + public override byte[] GenerateSeed(int numBytes) + { + return EntropyUtilities.GenerateSeed(mEntropySource, numBytes); + } + + /// Force a reseed of the DRBG. + /// optional additional input + public virtual void Reseed(byte[] additionalInput) + { + lock (this) + { + if (mDrbg == null) + { + mDrbg = mDrbgProvider.Get(mEntropySource); + } + + mDrbg.Reseed(additionalInput); + } + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/prng/SP800SecureRandomBuilder.cs b/BouncyCastle/crypto/src/crypto/prng/SP800SecureRandomBuilder.cs new file mode 100644 index 0000000..7199f1a --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/prng/SP800SecureRandomBuilder.cs @@ -0,0 +1,208 @@ +using System; + +using Org.BouncyCastle.Crypto.Prng.Drbg; +using Org.BouncyCastle.Security; + +namespace Org.BouncyCastle.Crypto.Prng +{ + /** + * Builder class for making SecureRandom objects based on SP 800-90A Deterministic Random Bit Generators (DRBG). + */ + public class SP800SecureRandomBuilder + { + private readonly SecureRandom mRandom; + private readonly IEntropySourceProvider mEntropySourceProvider; + + private byte[] mPersonalizationString = null; + private int mSecurityStrength = 256; + private int mEntropyBitsRequired = 256; + + /** + * Basic constructor, creates a builder using an EntropySourceProvider based on the default SecureRandom with + * predictionResistant set to false. + *

+ * Any SecureRandom created from a builder constructed like this will make use of input passed to SecureRandom.setSeed() if + * the default SecureRandom does for its generateSeed() call. + *

+ */ + public SP800SecureRandomBuilder() + : this(new SecureRandom(), false) + { + } + + /** + * Construct a builder with an EntropySourceProvider based on the passed in SecureRandom and the passed in value + * for prediction resistance. + *

+ * Any SecureRandom created from a builder constructed like this will make use of input passed to SecureRandom.setSeed() if + * the passed in SecureRandom does for its generateSeed() call. + *

+ * @param entropySource + * @param predictionResistant + */ + public SP800SecureRandomBuilder(SecureRandom entropySource, bool predictionResistant) + { + this.mRandom = entropySource; + this.mEntropySourceProvider = new BasicEntropySourceProvider(entropySource, predictionResistant); + } + + /** + * Create a builder which makes creates the SecureRandom objects from a specified entropy source provider. + *

+ * Note: If this constructor is used any calls to setSeed() in the resulting SecureRandom will be ignored. + *

+ * @param entropySourceProvider a provider of EntropySource objects. + */ + public SP800SecureRandomBuilder(IEntropySourceProvider entropySourceProvider) + { + this.mRandom = null; + this.mEntropySourceProvider = entropySourceProvider; + } + + /** + * Set the personalization string for DRBG SecureRandoms created by this builder + * @param personalizationString the personalisation string for the underlying DRBG. + * @return the current builder. + */ + public SP800SecureRandomBuilder SetPersonalizationString(byte[] personalizationString) + { + this.mPersonalizationString = personalizationString; + return this; + } + + /** + * Set the security strength required for DRBGs used in building SecureRandom objects. + * + * @param securityStrength the security strength (in bits) + * @return the current builder. + */ + public SP800SecureRandomBuilder SetSecurityStrength(int securityStrength) + { + this.mSecurityStrength = securityStrength; + return this; + } + + /** + * Set the amount of entropy bits required for seeding and reseeding DRBGs used in building SecureRandom objects. + * + * @param entropyBitsRequired the number of bits of entropy to be requested from the entropy source on each seed/reseed. + * @return the current builder. + */ + public SP800SecureRandomBuilder SetEntropyBitsRequired(int entropyBitsRequired) + { + this.mEntropyBitsRequired = entropyBitsRequired; + return this; + } + + /** + * Build a SecureRandom based on a SP 800-90A Hash DRBG. + * + * @param digest digest algorithm to use in the DRBG underneath the SecureRandom. + * @param nonce nonce value to use in DRBG construction. + * @param predictionResistant specify whether the underlying DRBG in the resulting SecureRandom should reseed on each request for bytes. + * @return a SecureRandom supported by a Hash DRBG. + */ + public SP800SecureRandom BuildHash(IDigest digest, byte[] nonce, bool predictionResistant) + { + return new SP800SecureRandom(mRandom, mEntropySourceProvider.Get(mEntropyBitsRequired), + new HashDrbgProvider(digest, nonce, mPersonalizationString, mSecurityStrength), predictionResistant); + } + + /** + * Build a SecureRandom based on a SP 800-90A CTR DRBG. + * + * @param cipher the block cipher to base the DRBG on. + * @param keySizeInBits key size in bits to be used with the block cipher. + * @param nonce nonce value to use in DRBG construction. + * @param predictionResistant specify whether the underlying DRBG in the resulting SecureRandom should reseed on each request for bytes. + * @return a SecureRandom supported by a CTR DRBG. + */ + public SP800SecureRandom BuildCtr(IBlockCipher cipher, int keySizeInBits, byte[] nonce, bool predictionResistant) + { + return new SP800SecureRandom(mRandom, mEntropySourceProvider.Get(mEntropyBitsRequired), + new CtrDrbgProvider(cipher, keySizeInBits, nonce, mPersonalizationString, mSecurityStrength), predictionResistant); + } + + /** + * Build a SecureRandom based on a SP 800-90A HMAC DRBG. + * + * @param hMac HMAC algorithm to use in the DRBG underneath the SecureRandom. + * @param nonce nonce value to use in DRBG construction. + * @param predictionResistant specify whether the underlying DRBG in the resulting SecureRandom should reseed on each request for bytes. + * @return a SecureRandom supported by a HMAC DRBG. + */ + public SP800SecureRandom BuildHMac(IMac hMac, byte[] nonce, bool predictionResistant) + { + return new SP800SecureRandom(mRandom, mEntropySourceProvider.Get(mEntropyBitsRequired), + new HMacDrbgProvider(hMac, nonce, mPersonalizationString, mSecurityStrength), predictionResistant); + } + + private class HashDrbgProvider + : IDrbgProvider + { + private readonly IDigest mDigest; + private readonly byte[] mNonce; + private readonly byte[] mPersonalizationString; + private readonly int mSecurityStrength; + + public HashDrbgProvider(IDigest digest, byte[] nonce, byte[] personalizationString, int securityStrength) + { + this.mDigest = digest; + this.mNonce = nonce; + this.mPersonalizationString = personalizationString; + this.mSecurityStrength = securityStrength; + } + + public ISP80090Drbg Get(IEntropySource entropySource) + { + return new HashSP800Drbg(mDigest, mSecurityStrength, entropySource, mPersonalizationString, mNonce); + } + } + + private class HMacDrbgProvider + : IDrbgProvider + { + private readonly IMac mHMac; + private readonly byte[] mNonce; + private readonly byte[] mPersonalizationString; + private readonly int mSecurityStrength; + + public HMacDrbgProvider(IMac hMac, byte[] nonce, byte[] personalizationString, int securityStrength) + { + this.mHMac = hMac; + this.mNonce = nonce; + this.mPersonalizationString = personalizationString; + this.mSecurityStrength = securityStrength; + } + + public ISP80090Drbg Get(IEntropySource entropySource) + { + return new HMacSP800Drbg(mHMac, mSecurityStrength, entropySource, mPersonalizationString, mNonce); + } + } + + private class CtrDrbgProvider + : IDrbgProvider + { + private readonly IBlockCipher mBlockCipher; + private readonly int mKeySizeInBits; + private readonly byte[] mNonce; + private readonly byte[] mPersonalizationString; + private readonly int mSecurityStrength; + + public CtrDrbgProvider(IBlockCipher blockCipher, int keySizeInBits, byte[] nonce, byte[] personalizationString, int securityStrength) + { + this.mBlockCipher = blockCipher; + this.mKeySizeInBits = keySizeInBits; + this.mNonce = nonce; + this.mPersonalizationString = personalizationString; + this.mSecurityStrength = securityStrength; + } + + public ISP80090Drbg Get(IEntropySource entropySource) + { + return new CtrSP800Drbg(mBlockCipher, mKeySizeInBits, mSecurityStrength, entropySource, mPersonalizationString, mNonce); + } + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/prng/ThreadedSeedGenerator.cs b/BouncyCastle/crypto/src/crypto/prng/ThreadedSeedGenerator.cs new file mode 100644 index 0000000..f12b832 --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/prng/ThreadedSeedGenerator.cs @@ -0,0 +1,144 @@ +using System; +using System.Threading; + +#if NO_THREADS +using System.Threading.Tasks; +#endif + +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Crypto.Prng +{ + /** + * A thread based seed generator - one source of randomness. + *

+ * Based on an idea from Marcus Lippert. + *

+ */ + public class ThreadedSeedGenerator + { + private class SeedGenerator + { +#if NETCF_1_0 + // No volatile keyword, but all fields implicitly volatile anyway + private int counter = 0; + private bool stop = false; +#else + private volatile int counter = 0; + private volatile bool stop = false; +#endif + + private void Run(object ignored) + { + while (!this.stop) + { + this.counter++; + } + } + + public byte[] GenerateSeed( + int numBytes, + bool fast) + { +#if SILVERLIGHT || PORTABLE + return DoGenerateSeed(numBytes, fast); +#else + ThreadPriority originalPriority = Thread.CurrentThread.Priority; + try + { + Thread.CurrentThread.Priority = ThreadPriority.Normal; + return DoGenerateSeed(numBytes, fast); + } + finally + { + Thread.CurrentThread.Priority = originalPriority; + } +#endif + } + + private byte[] DoGenerateSeed( + int numBytes, + bool fast) + { + this.counter = 0; + this.stop = false; + + byte[] result = new byte[numBytes]; + int last = 0; + int end = fast ? numBytes : numBytes * 8; + +#if NO_THREADS + Task.Factory.StartNew(() => Run(null), TaskCreationOptions.None); +#else + ThreadPool.QueueUserWorkItem(new WaitCallback(Run)); +#endif + +#if PORTABLE + AutoResetEvent autoResetEvent = new AutoResetEvent(false); +#endif + + try + { + for (int i = 0; i < end; i++) + { + while (this.counter == last) + { + try + { +#if PORTABLE + autoResetEvent.WaitOne(1); +#else + Thread.Sleep(1); +#endif + } + catch (Exception) + { + // ignore + } + } + + last = this.counter; + + if (fast) + { + result[i] = (byte)last; + } + else + { + int bytepos = i / 8; + result[bytepos] = (byte)((result[bytepos] << 1) | (last & 1)); + } + } + } + finally + { +#if PORTABLE + autoResetEvent.Dispose(); +#endif + } + + this.stop = true; + + return result; + } + } + + /** + * Generate seed bytes. Set fast to false for best quality. + *

+ * If fast is set to true, the code should be round about 8 times faster when + * generating a long sequence of random bytes. 20 bytes of random values using + * the fast mode take less than half a second on a Nokia e70. If fast is set to false, + * it takes round about 2500 ms. + *

+ * @param numBytes the number of bytes to generate + * @param fast true if fast mode should be used + */ + public byte[] GenerateSeed( + int numBytes, + bool fast) + { + return new SeedGenerator().GenerateSeed(numBytes, fast); + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/prng/VMPCRandomGenerator.cs b/BouncyCastle/crypto/src/crypto/prng/VMPCRandomGenerator.cs new file mode 100644 index 0000000..64f287d --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/prng/VMPCRandomGenerator.cs @@ -0,0 +1,114 @@ +using System; + +using Org.BouncyCastle.Crypto.Utilities; + +namespace Org.BouncyCastle.Crypto.Prng +{ + public class VmpcRandomGenerator + : IRandomGenerator + { + private byte n = 0; + + /// + /// Permutation generated by code: + /// + /// // First 1850 fractional digit of Pi number. + /// byte[] key = new BigInteger("14159265358979323846...5068006422512520511").ToByteArray(); + /// s = 0; + /// P = new byte[256]; + /// for (int i = 0; i < 256; i++) + /// { + /// P[i] = (byte) i; + /// } + /// for (int m = 0; m < 768; m++) + /// { + /// s = P[(s + P[m & 0xff] + key[m % key.length]) & 0xff]; + /// byte temp = P[m & 0xff]; + /// P[m & 0xff] = P[s & 0xff]; + /// P[s & 0xff] = temp; + /// } + /// + private byte[] P = + { + (byte) 0xbb, (byte) 0x2c, (byte) 0x62, (byte) 0x7f, (byte) 0xb5, (byte) 0xaa, (byte) 0xd4, + (byte) 0x0d, (byte) 0x81, (byte) 0xfe, (byte) 0xb2, (byte) 0x82, (byte) 0xcb, (byte) 0xa0, (byte) 0xa1, + (byte) 0x08, (byte) 0x18, (byte) 0x71, (byte) 0x56, (byte) 0xe8, (byte) 0x49, (byte) 0x02, (byte) 0x10, + (byte) 0xc4, (byte) 0xde, (byte) 0x35, (byte) 0xa5, (byte) 0xec, (byte) 0x80, (byte) 0x12, (byte) 0xb8, + (byte) 0x69, (byte) 0xda, (byte) 0x2f, (byte) 0x75, (byte) 0xcc, (byte) 0xa2, (byte) 0x09, (byte) 0x36, + (byte) 0x03, (byte) 0x61, (byte) 0x2d, (byte) 0xfd, (byte) 0xe0, (byte) 0xdd, (byte) 0x05, (byte) 0x43, + (byte) 0x90, (byte) 0xad, (byte) 0xc8, (byte) 0xe1, (byte) 0xaf, (byte) 0x57, (byte) 0x9b, (byte) 0x4c, + (byte) 0xd8, (byte) 0x51, (byte) 0xae, (byte) 0x50, (byte) 0x85, (byte) 0x3c, (byte) 0x0a, (byte) 0xe4, + (byte) 0xf3, (byte) 0x9c, (byte) 0x26, (byte) 0x23, (byte) 0x53, (byte) 0xc9, (byte) 0x83, (byte) 0x97, + (byte) 0x46, (byte) 0xb1, (byte) 0x99, (byte) 0x64, (byte) 0x31, (byte) 0x77, (byte) 0xd5, (byte) 0x1d, + (byte) 0xd6, (byte) 0x78, (byte) 0xbd, (byte) 0x5e, (byte) 0xb0, (byte) 0x8a, (byte) 0x22, (byte) 0x38, + (byte) 0xf8, (byte) 0x68, (byte) 0x2b, (byte) 0x2a, (byte) 0xc5, (byte) 0xd3, (byte) 0xf7, (byte) 0xbc, + (byte) 0x6f, (byte) 0xdf, (byte) 0x04, (byte) 0xe5, (byte) 0x95, (byte) 0x3e, (byte) 0x25, (byte) 0x86, + (byte) 0xa6, (byte) 0x0b, (byte) 0x8f, (byte) 0xf1, (byte) 0x24, (byte) 0x0e, (byte) 0xd7, (byte) 0x40, + (byte) 0xb3, (byte) 0xcf, (byte) 0x7e, (byte) 0x06, (byte) 0x15, (byte) 0x9a, (byte) 0x4d, (byte) 0x1c, + (byte) 0xa3, (byte) 0xdb, (byte) 0x32, (byte) 0x92, (byte) 0x58, (byte) 0x11, (byte) 0x27, (byte) 0xf4, + (byte) 0x59, (byte) 0xd0, (byte) 0x4e, (byte) 0x6a, (byte) 0x17, (byte) 0x5b, (byte) 0xac, (byte) 0xff, + (byte) 0x07, (byte) 0xc0, (byte) 0x65, (byte) 0x79, (byte) 0xfc, (byte) 0xc7, (byte) 0xcd, (byte) 0x76, + (byte) 0x42, (byte) 0x5d, (byte) 0xe7, (byte) 0x3a, (byte) 0x34, (byte) 0x7a, (byte) 0x30, (byte) 0x28, + (byte) 0x0f, (byte) 0x73, (byte) 0x01, (byte) 0xf9, (byte) 0xd1, (byte) 0xd2, (byte) 0x19, (byte) 0xe9, + (byte) 0x91, (byte) 0xb9, (byte) 0x5a, (byte) 0xed, (byte) 0x41, (byte) 0x6d, (byte) 0xb4, (byte) 0xc3, + (byte) 0x9e, (byte) 0xbf, (byte) 0x63, (byte) 0xfa, (byte) 0x1f, (byte) 0x33, (byte) 0x60, (byte) 0x47, + (byte) 0x89, (byte) 0xf0, (byte) 0x96, (byte) 0x1a, (byte) 0x5f, (byte) 0x93, (byte) 0x3d, (byte) 0x37, + (byte) 0x4b, (byte) 0xd9, (byte) 0xa8, (byte) 0xc1, (byte) 0x1b, (byte) 0xf6, (byte) 0x39, (byte) 0x8b, + (byte) 0xb7, (byte) 0x0c, (byte) 0x20, (byte) 0xce, (byte) 0x88, (byte) 0x6e, (byte) 0xb6, (byte) 0x74, + (byte) 0x8e, (byte) 0x8d, (byte) 0x16, (byte) 0x29, (byte) 0xf2, (byte) 0x87, (byte) 0xf5, (byte) 0xeb, + (byte) 0x70, (byte) 0xe3, (byte) 0xfb, (byte) 0x55, (byte) 0x9f, (byte) 0xc6, (byte) 0x44, (byte) 0x4a, + (byte) 0x45, (byte) 0x7d, (byte) 0xe2, (byte) 0x6b, (byte) 0x5c, (byte) 0x6c, (byte) 0x66, (byte) 0xa9, + (byte) 0x8c, (byte) 0xee, (byte) 0x84, (byte) 0x13, (byte) 0xa7, (byte) 0x1e, (byte) 0x9d, (byte) 0xdc, + (byte) 0x67, (byte) 0x48, (byte) 0xba, (byte) 0x2e, (byte) 0xe6, (byte) 0xa4, (byte) 0xab, (byte) 0x7c, + (byte) 0x94, (byte) 0x00, (byte) 0x21, (byte) 0xef, (byte) 0xea, (byte) 0xbe, (byte) 0xca, (byte) 0x72, + (byte) 0x4f, (byte) 0x52, (byte) 0x98, (byte) 0x3f, (byte) 0xc2, (byte) 0x14, (byte) 0x7b, (byte) 0x3b, + (byte) 0x54 + }; + + /// Value generated in the same way as P. + private byte s = (byte) 0xbe; + + public VmpcRandomGenerator() + { + } + + public virtual void AddSeedMaterial(byte[] seed) + { + for (int m = 0; m < seed.Length; m++) + { + s = P[(s + P[n & 0xff] + seed[m]) & 0xff]; + byte temp = P[n & 0xff]; + P[n & 0xff] = P[s & 0xff]; + P[s & 0xff] = temp; + n = (byte) ((n + 1) & 0xff); + } + } + + public virtual void AddSeedMaterial(long seed) + { + AddSeedMaterial(Pack.UInt64_To_BE((ulong)seed)); + } + + public virtual void NextBytes(byte[] bytes) + { + NextBytes(bytes, 0, bytes.Length); + } + + public virtual void NextBytes(byte[] bytes, int start, int len) + { + lock (P) + { + int end = start + len; + for (int i = start; i != end; i++) + { + s = P[(s + P[n & 0xff]) & 0xff]; + bytes[i] = P[(P[(P[s & 0xff]) & 0xff] + 1) & 0xff]; + byte temp = P[n & 0xff]; + P[n & 0xff] = P[s & 0xff]; + P[s & 0xff] = temp; + n = (byte) ((n + 1) & 0xff); + } + } + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/prng/X931Rng.cs b/BouncyCastle/crypto/src/crypto/prng/X931Rng.cs new file mode 100644 index 0000000..2bd8e0c --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/prng/X931Rng.cs @@ -0,0 +1,146 @@ +using System; + +namespace Org.BouncyCastle.Crypto.Prng +{ + internal class X931Rng + { + private const long BLOCK64_RESEED_MAX = 1L << (16 - 1); + private const long BLOCK128_RESEED_MAX = 1L << (24 - 1); + private const int BLOCK64_MAX_BITS_REQUEST = 1 << (13 - 1); + private const int BLOCK128_MAX_BITS_REQUEST = 1 << (19 - 1); + + private readonly IBlockCipher mEngine; + private readonly IEntropySource mEntropySource; + + private readonly byte[] mDT; + private readonly byte[] mI; + private readonly byte[] mR; + + private byte[] mV; + + private long mReseedCounter = 1; + + /** + * + * @param engine + * @param entropySource + */ + internal X931Rng(IBlockCipher engine, byte[] dateTimeVector, IEntropySource entropySource) + { + this.mEngine = engine; + this.mEntropySource = entropySource; + + this.mDT = new byte[engine.GetBlockSize()]; + + Array.Copy(dateTimeVector, 0, mDT, 0, mDT.Length); + + this.mI = new byte[engine.GetBlockSize()]; + this.mR = new byte[engine.GetBlockSize()]; + } + + /** + * Populate a passed in array with random data. + * + * @param output output array for generated bits. + * @param predictionResistant true if a reseed should be forced, false otherwise. + * + * @return number of bits generated, -1 if a reseed required. + */ + internal int Generate(byte[] output, bool predictionResistant) + { + if (mR.Length == 8) // 64 bit block size + { + if (mReseedCounter > BLOCK64_RESEED_MAX) + return -1; + + if (IsTooLarge(output, BLOCK64_MAX_BITS_REQUEST / 8)) + throw new ArgumentException("Number of bits per request limited to " + BLOCK64_MAX_BITS_REQUEST, "output"); + } + else + { + if (mReseedCounter > BLOCK128_RESEED_MAX) + return -1; + + if (IsTooLarge(output, BLOCK128_MAX_BITS_REQUEST / 8)) + throw new ArgumentException("Number of bits per request limited to " + BLOCK128_MAX_BITS_REQUEST, "output"); + } + + if (predictionResistant || mV == null) + { + mV = mEntropySource.GetEntropy(); + if (mV.Length != mEngine.GetBlockSize()) + throw new InvalidOperationException("Insufficient entropy returned"); + } + + int m = output.Length / mR.Length; + + for (int i = 0; i < m; i++) + { + mEngine.ProcessBlock(mDT, 0, mI, 0); + Process(mR, mI, mV); + Process(mV, mR, mI); + + Array.Copy(mR, 0, output, i * mR.Length, mR.Length); + + Increment(mDT); + } + + int bytesToCopy = (output.Length - m * mR.Length); + + if (bytesToCopy > 0) + { + mEngine.ProcessBlock(mDT, 0, mI, 0); + Process(mR, mI, mV); + Process(mV, mR, mI); + + Array.Copy(mR, 0, output, m * mR.Length, bytesToCopy); + + Increment(mDT); + } + + mReseedCounter++; + + return output.Length; + } + + /** + * Reseed the RNG. + */ + internal void Reseed() + { + mV = mEntropySource.GetEntropy(); + if (mV.Length != mEngine.GetBlockSize()) + throw new InvalidOperationException("Insufficient entropy returned"); + mReseedCounter = 1; + } + + internal IEntropySource EntropySource + { + get { return mEntropySource; } + } + + private void Process(byte[] res, byte[] a, byte[] b) + { + for (int i = 0; i != res.Length; i++) + { + res[i] = (byte)(a[i] ^ b[i]); + } + + mEngine.ProcessBlock(res, 0, res, 0); + } + + private void Increment(byte[] val) + { + for (int i = val.Length - 1; i >= 0; i--) + { + if (++val[i] != 0) + break; + } + } + + private static bool IsTooLarge(byte[] bytes, int maxBytes) + { + return bytes != null && bytes.Length > maxBytes; + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/prng/X931SecureRandom.cs b/BouncyCastle/crypto/src/crypto/prng/X931SecureRandom.cs new file mode 100644 index 0000000..d2e4849 --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/prng/X931SecureRandom.cs @@ -0,0 +1,70 @@ +using System; + +using Org.BouncyCastle.Security; + +namespace Org.BouncyCastle.Crypto.Prng +{ + public class X931SecureRandom + : SecureRandom + { + private readonly bool mPredictionResistant; + private readonly SecureRandom mRandomSource; + private readonly X931Rng mDrbg; + + internal X931SecureRandom(SecureRandom randomSource, X931Rng drbg, bool predictionResistant) + : base((IRandomGenerator)null) + { + this.mRandomSource = randomSource; + this.mDrbg = drbg; + this.mPredictionResistant = predictionResistant; + } + + public override void SetSeed(byte[] seed) + { + lock (this) + { + if (mRandomSource != null) + { + this.mRandomSource.SetSeed(seed); + } + } + } + + public override void SetSeed(long seed) + { + lock (this) + { + // this will happen when SecureRandom() is created + if (mRandomSource != null) + { + this.mRandomSource.SetSeed(seed); + } + } + } + + public override void NextBytes(byte[] bytes) + { + lock (this) + { + // check if a reseed is required... + if (mDrbg.Generate(bytes, mPredictionResistant) < 0) + { + mDrbg.Reseed(); + mDrbg.Generate(bytes, mPredictionResistant); + } + } + } + + public override void NextBytes(byte[] buf, int off, int len) + { + byte[] bytes = new byte[len]; + NextBytes(bytes); + Array.Copy(bytes, 0, buf, off, len); + } + + public override byte[] GenerateSeed(int numBytes) + { + return EntropyUtilities.GenerateSeed(mDrbg.EntropySource, numBytes); + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/prng/X931SecureRandomBuilder.cs b/BouncyCastle/crypto/src/crypto/prng/X931SecureRandomBuilder.cs new file mode 100644 index 0000000..31e9431 --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/prng/X931SecureRandomBuilder.cs @@ -0,0 +1,87 @@ +using System; + +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Crypto.Utilities; +using Org.BouncyCastle.Security; +using Org.BouncyCastle.Utilities.Date; + +namespace Org.BouncyCastle.Crypto.Prng +{ + public class X931SecureRandomBuilder + { + private readonly SecureRandom mRandom; // JDK 1.1 complains on final. + + private IEntropySourceProvider mEntropySourceProvider; + private byte[] mDateTimeVector; + + /** + * Basic constructor, creates a builder using an EntropySourceProvider based on the default SecureRandom with + * predictionResistant set to false. + *

+ * Any SecureRandom created from a builder constructed like this will make use of input passed to SecureRandom.setSeed() if + * the default SecureRandom does for its generateSeed() call. + *

+ */ + public X931SecureRandomBuilder() + : this(new SecureRandom(), false) + { + } + + /** + * Construct a builder with an EntropySourceProvider based on the passed in SecureRandom and the passed in value + * for prediction resistance. + *

+ * Any SecureRandom created from a builder constructed like this will make use of input passed to SecureRandom.setSeed() if + * the passed in SecureRandom does for its generateSeed() call. + *

+ * @param entropySource + * @param predictionResistant + */ + public X931SecureRandomBuilder(SecureRandom entropySource, bool predictionResistant) + { + this.mRandom = entropySource; + this.mEntropySourceProvider = new BasicEntropySourceProvider(mRandom, predictionResistant); + } + + /** + * Create a builder which makes creates the SecureRandom objects from a specified entropy source provider. + *

+ * Note: If this constructor is used any calls to setSeed() in the resulting SecureRandom will be ignored. + *

+ * @param entropySourceProvider a provider of EntropySource objects. + */ + public X931SecureRandomBuilder(IEntropySourceProvider entropySourceProvider) + { + this.mRandom = null; + this.mEntropySourceProvider = entropySourceProvider; + } + + public X931SecureRandomBuilder SetDateTimeVector(byte[] dateTimeVector) + { + this.mDateTimeVector = dateTimeVector; + return this; + } + + /** + * Construct a X9.31 secure random generator using the passed in engine and key. If predictionResistant is true the + * generator will be reseeded on each request. + * + * @param engine a block cipher to use as the operator. + * @param key the block cipher key to initialise engine with. + * @param predictionResistant true if engine to be reseeded on each use, false otherwise. + * @return a SecureRandom. + */ + public X931SecureRandom Build(IBlockCipher engine, KeyParameter key, bool predictionResistant) + { + if (mDateTimeVector == null) + { + mDateTimeVector = new byte[engine.GetBlockSize()]; + Pack.UInt64_To_BE((ulong)DateTimeUtilities.CurrentUnixMs(), mDateTimeVector, 0); + } + + engine.Init(true, key); + + return new X931SecureRandom(mRandom, new X931Rng(engine, mDateTimeVector, mEntropySourceProvider.Get(engine.GetBlockSize() * 8)), predictionResistant); + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/prng/drbg/CtrSP800Drbg.cs b/BouncyCastle/crypto/src/crypto/prng/drbg/CtrSP800Drbg.cs new file mode 100644 index 0000000..5715a91 --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/prng/drbg/CtrSP800Drbg.cs @@ -0,0 +1,466 @@ +using System; + +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Utilities; +using Org.BouncyCastle.Utilities.Encoders; + +namespace Org.BouncyCastle.Crypto.Prng.Drbg +{ + /** + * A SP800-90A CTR DRBG. + */ + public class CtrSP800Drbg + : ISP80090Drbg + { + private static readonly long TDEA_RESEED_MAX = 1L << (32 - 1); + private static readonly long AES_RESEED_MAX = 1L << (48 - 1); + private static readonly int TDEA_MAX_BITS_REQUEST = 1 << (13 - 1); + private static readonly int AES_MAX_BITS_REQUEST = 1 << (19 - 1); + + private readonly IEntropySource mEntropySource; + private readonly IBlockCipher mEngine; + private readonly int mKeySizeInBits; + private readonly int mSeedLength; + private readonly int mSecurityStrength; + + // internal state + private byte[] mKey; + private byte[] mV; + private long mReseedCounter = 0; + private bool mIsTdea = false; + + /** + * Construct a SP800-90A CTR DRBG. + *

+ * Minimum entropy requirement is the security strength requested. + *

+ * @param engine underlying block cipher to use to support DRBG + * @param keySizeInBits size of the key to use with the block cipher. + * @param securityStrength security strength required (in bits) + * @param entropySource source of entropy to use for seeding/reseeding. + * @param personalizationString personalization string to distinguish this DRBG (may be null). + * @param nonce nonce to further distinguish this DRBG (may be null). + */ + public CtrSP800Drbg(IBlockCipher engine, int keySizeInBits, int securityStrength, IEntropySource entropySource, + byte[] personalizationString, byte[] nonce) + { + if (securityStrength > 256) + throw new ArgumentException("Requested security strength is not supported by the derivation function"); + if (GetMaxSecurityStrength(engine, keySizeInBits) < securityStrength) + throw new ArgumentException("Requested security strength is not supported by block cipher and key size"); + if (entropySource.EntropySize < securityStrength) + throw new ArgumentException("Not enough entropy for security strength required"); + + mEntropySource = entropySource; + mEngine = engine; + + mKeySizeInBits = keySizeInBits; + mSecurityStrength = securityStrength; + mSeedLength = keySizeInBits + engine.GetBlockSize() * 8; + mIsTdea = IsTdea(engine); + + byte[] entropy = GetEntropy(); // Get_entropy_input + + CTR_DRBG_Instantiate_algorithm(entropy, nonce, personalizationString); + } + + private void CTR_DRBG_Instantiate_algorithm(byte[] entropy, byte[] nonce, byte[] personalisationString) + { + byte[] seedMaterial = Arrays.ConcatenateAll(entropy, nonce, personalisationString); + byte[] seed = Block_Cipher_df(seedMaterial, mSeedLength); + + int outlen = mEngine.GetBlockSize(); + + mKey = new byte[(mKeySizeInBits + 7) / 8]; + mV = new byte[outlen]; + + // mKey & mV are modified by this call + CTR_DRBG_Update(seed, mKey, mV); + + mReseedCounter = 1; + } + + private void CTR_DRBG_Update(byte[] seed, byte[] key, byte[] v) + { + byte[] temp = new byte[seed.Length]; + byte[] outputBlock = new byte[mEngine.GetBlockSize()]; + + int i = 0; + int outLen = mEngine.GetBlockSize(); + + mEngine.Init(true, new KeyParameter(ExpandKey(key))); + while (i*outLen < seed.Length) + { + AddOneTo(v); + mEngine.ProcessBlock(v, 0, outputBlock, 0); + + int bytesToCopy = ((temp.Length - i * outLen) > outLen) + ? outLen : (temp.Length - i * outLen); + + Array.Copy(outputBlock, 0, temp, i * outLen, bytesToCopy); + ++i; + } + + XOR(temp, seed, temp, 0); + + Array.Copy(temp, 0, key, 0, key.Length); + Array.Copy(temp, key.Length, v, 0, v.Length); + } + + private void CTR_DRBG_Reseed_algorithm(byte[] additionalInput) + { + byte[] seedMaterial = Arrays.Concatenate(GetEntropy(), additionalInput); + + seedMaterial = Block_Cipher_df(seedMaterial, mSeedLength); + + CTR_DRBG_Update(seedMaterial, mKey, mV); + + mReseedCounter = 1; + } + + private void XOR(byte[] output, byte[] a, byte[] b, int bOff) + { + for (int i = 0; i < output.Length; i++) + { + output[i] = (byte)(a[i] ^ b[bOff + i]); + } + } + + private void AddOneTo(byte[] longer) + { + uint carry = 1; + int i = longer.Length; + while (--i >= 0) + { + carry += longer[i]; + longer[i] = (byte)carry; + carry >>= 8; + } + } + + private byte[] GetEntropy() + { + byte[] entropy = mEntropySource.GetEntropy(); + if (entropy.Length < (mSecurityStrength + 7) / 8) + throw new InvalidOperationException("Insufficient entropy provided by entropy source"); + return entropy; + } + + // -- Internal state migration --- + + private static readonly byte[] K_BITS = Hex.DecodeStrict("000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F"); + + // 1. If (number_of_bits_to_return > max_number_of_bits), then return an + // ERROR_FLAG. + // 2. L = len (input_string)/8. + // 3. N = number_of_bits_to_return/8. + // Comment: L is the bitstring represention of + // the integer resulting from len (input_string)/8. + // L shall be represented as a 32-bit integer. + // + // Comment : N is the bitstring represention of + // the integer resulting from + // number_of_bits_to_return/8. N shall be + // represented as a 32-bit integer. + // + // 4. S = L || N || input_string || 0x80. + // 5. While (len (S) mod outlen) + // Comment : Pad S with zeros, if necessary. + // 0, S = S || 0x00. + // + // Comment : Compute the starting value. + // 6. temp = the Null string. + // 7. i = 0. + // 8. K = Leftmost keylen bits of 0x00010203...1D1E1F. + // 9. While len (temp) < keylen + outlen, do + // + // IV = i || 0outlen - len (i). + // + // 9.1 + // + // temp = temp || BCC (K, (IV || S)). + // + // 9.2 + // + // i = i + 1. + // + // 9.3 + // + // Comment : i shall be represented as a 32-bit + // integer, i.e., len (i) = 32. + // + // Comment: The 32-bit integer represenation of + // i is padded with zeros to outlen bits. + // + // Comment: Compute the requested number of + // bits. + // + // 10. K = Leftmost keylen bits of temp. + // + // 11. X = Next outlen bits of temp. + // + // 12. temp = the Null string. + // + // 13. While len (temp) < number_of_bits_to_return, do + // + // 13.1 X = Block_Encrypt (K, X). + // + // 13.2 temp = temp || X. + // + // 14. requested_bits = Leftmost number_of_bits_to_return of temp. + // + // 15. Return SUCCESS and requested_bits. + private byte[] Block_Cipher_df(byte[] inputString, int bitLength) + { + int outLen = mEngine.GetBlockSize(); + int L = inputString.Length; // already in bytes + int N = bitLength / 8; + // 4 S = L || N || inputstring || 0x80 + int sLen = 4 + 4 + L + 1; + int blockLen = ((sLen + outLen - 1) / outLen) * outLen; + byte[] S = new byte[blockLen]; + copyIntToByteArray(S, L, 0); + copyIntToByteArray(S, N, 4); + Array.Copy(inputString, 0, S, 8, L); + S[8 + L] = (byte)0x80; + // S already padded with zeros + + byte[] temp = new byte[mKeySizeInBits / 8 + outLen]; + byte[] bccOut = new byte[outLen]; + + byte[] IV = new byte[outLen]; + + int i = 0; + byte[] K = new byte[mKeySizeInBits / 8]; + Array.Copy(K_BITS, 0, K, 0, K.Length); + + while (i*outLen*8 < mKeySizeInBits + outLen *8) + { + copyIntToByteArray(IV, i, 0); + BCC(bccOut, K, IV, S); + + int bytesToCopy = ((temp.Length - i * outLen) > outLen) + ? outLen + : (temp.Length - i * outLen); + + Array.Copy(bccOut, 0, temp, i * outLen, bytesToCopy); + ++i; + } + + byte[] X = new byte[outLen]; + Array.Copy(temp, 0, K, 0, K.Length); + Array.Copy(temp, K.Length, X, 0, X.Length); + + temp = new byte[bitLength / 2]; + + i = 0; + mEngine.Init(true, new KeyParameter(ExpandKey(K))); + + while (i * outLen < temp.Length) + { + mEngine.ProcessBlock(X, 0, X, 0); + + int bytesToCopy = ((temp.Length - i * outLen) > outLen) + ? outLen + : (temp.Length - i * outLen); + + Array.Copy(X, 0, temp, i * outLen, bytesToCopy); + i++; + } + + return temp; + } + + /* + * 1. chaining_value = 0^outlen + * . Comment: Set the first chaining value to outlen zeros. + * 2. n = len (data)/outlen. + * 3. Starting with the leftmost bits of data, split the data into n blocks of outlen bits + * each, forming block(1) to block(n). + * 4. For i = 1 to n do + * 4.1 input_block = chaining_value ^ block(i) . + * 4.2 chaining_value = Block_Encrypt (Key, input_block). + * 5. output_block = chaining_value. + * 6. Return output_block. + */ + private void BCC(byte[] bccOut, byte[] k, byte[] iV, byte[] data) + { + int outlen = mEngine.GetBlockSize(); + byte[] chainingValue = new byte[outlen]; // initial values = 0 + int n = data.Length / outlen; + + byte[] inputBlock = new byte[outlen]; + + mEngine.Init(true, new KeyParameter(ExpandKey(k))); + + mEngine.ProcessBlock(iV, 0, chainingValue, 0); + + for (int i = 0; i < n; i++) + { + XOR(inputBlock, chainingValue, data, i*outlen); + mEngine.ProcessBlock(inputBlock, 0, chainingValue, 0); + } + + Array.Copy(chainingValue, 0, bccOut, 0, bccOut.Length); + } + + private void copyIntToByteArray(byte[] buf, int value, int offSet) + { + buf[offSet + 0] = ((byte)(value >> 24)); + buf[offSet + 1] = ((byte)(value >> 16)); + buf[offSet + 2] = ((byte)(value >> 8)); + buf[offSet + 3] = ((byte)(value)); + } + + /** + * Return the block size (in bits) of the DRBG. + * + * @return the number of bits produced on each internal round of the DRBG. + */ + public int BlockSize + { + get { return mV.Length * 8; } + } + + /** + * Populate a passed in array with random data. + * + * @param output output array for generated bits. + * @param additionalInput additional input to be added to the DRBG in this step. + * @param predictionResistant true if a reseed should be forced, false otherwise. + * + * @return number of bits generated, -1 if a reseed required. + */ + public int Generate(byte[] output, byte[] additionalInput, bool predictionResistant) + { + if (mIsTdea) + { + if (mReseedCounter > TDEA_RESEED_MAX) + return -1; + + if (DrbgUtilities.IsTooLarge(output, TDEA_MAX_BITS_REQUEST / 8)) + throw new ArgumentException("Number of bits per request limited to " + TDEA_MAX_BITS_REQUEST, "output"); + } + else + { + if (mReseedCounter > AES_RESEED_MAX) + return -1; + + if (DrbgUtilities.IsTooLarge(output, AES_MAX_BITS_REQUEST / 8)) + throw new ArgumentException("Number of bits per request limited to " + AES_MAX_BITS_REQUEST, "output"); + } + + if (predictionResistant) + { + CTR_DRBG_Reseed_algorithm(additionalInput); + additionalInput = null; + } + + if (additionalInput != null) + { + additionalInput = Block_Cipher_df(additionalInput, mSeedLength); + CTR_DRBG_Update(additionalInput, mKey, mV); + } + else + { + additionalInput = new byte[mSeedLength]; + } + + byte[] tmp = new byte[mV.Length]; + + mEngine.Init(true, new KeyParameter(ExpandKey(mKey))); + + for (int i = 0; i <= output.Length / tmp.Length; i++) + { + int bytesToCopy = ((output.Length - i * tmp.Length) > tmp.Length) + ? tmp.Length + : (output.Length - i * mV.Length); + + if (bytesToCopy != 0) + { + AddOneTo(mV); + + mEngine.ProcessBlock(mV, 0, tmp, 0); + + Array.Copy(tmp, 0, output, i * tmp.Length, bytesToCopy); + } + } + + CTR_DRBG_Update(additionalInput, mKey, mV); + + mReseedCounter++; + + return output.Length * 8; + } + + /** + * Reseed the DRBG. + * + * @param additionalInput additional input to be added to the DRBG in this step. + */ + public void Reseed(byte[] additionalInput) + { + CTR_DRBG_Reseed_algorithm(additionalInput); + } + + private bool IsTdea(IBlockCipher cipher) + { + return cipher.AlgorithmName.Equals("DESede") || cipher.AlgorithmName.Equals("TDEA"); + } + + private int GetMaxSecurityStrength(IBlockCipher cipher, int keySizeInBits) + { + if (IsTdea(cipher) && keySizeInBits == 168) + { + return 112; + } + if (cipher.AlgorithmName.Equals("AES")) + { + return keySizeInBits; + } + + return -1; + } + + private byte[] ExpandKey(byte[] key) + { + if (mIsTdea) + { + // expand key to 192 bits. + byte[] tmp = new byte[24]; + + PadKey(key, 0, tmp, 0); + PadKey(key, 7, tmp, 8); + PadKey(key, 14, tmp, 16); + + return tmp; + } + else + { + return key; + } + } + + /** + * Pad out a key for TDEA, setting odd parity for each byte. + * + * @param keyMaster + * @param keyOff + * @param tmp + * @param tmpOff + */ + private void PadKey(byte[] keyMaster, int keyOff, byte[] tmp, int tmpOff) + { + tmp[tmpOff + 0] = (byte)(keyMaster[keyOff + 0] & 0xfe); + tmp[tmpOff + 1] = (byte)((keyMaster[keyOff + 0] << 7) | ((keyMaster[keyOff + 1] & 0xfc) >> 1)); + tmp[tmpOff + 2] = (byte)((keyMaster[keyOff + 1] << 6) | ((keyMaster[keyOff + 2] & 0xf8) >> 2)); + tmp[tmpOff + 3] = (byte)((keyMaster[keyOff + 2] << 5) | ((keyMaster[keyOff + 3] & 0xf0) >> 3)); + tmp[tmpOff + 4] = (byte)((keyMaster[keyOff + 3] << 4) | ((keyMaster[keyOff + 4] & 0xe0) >> 4)); + tmp[tmpOff + 5] = (byte)((keyMaster[keyOff + 4] << 3) | ((keyMaster[keyOff + 5] & 0xc0) >> 5)); + tmp[tmpOff + 6] = (byte)((keyMaster[keyOff + 5] << 2) | ((keyMaster[keyOff + 6] & 0x80) >> 6)); + tmp[tmpOff + 7] = (byte)(keyMaster[keyOff + 6] << 1); + + DesParameters.SetOddParity(tmp, tmpOff, 8); + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/prng/drbg/DrbgUtilities.cs b/BouncyCastle/crypto/src/crypto/prng/drbg/DrbgUtilities.cs new file mode 100644 index 0000000..d9a1c43 --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/prng/drbg/DrbgUtilities.cs @@ -0,0 +1,103 @@ +using System; +using System.Collections; + +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Crypto.Prng.Drbg +{ + internal class DrbgUtilities + { + private static readonly IDictionary maxSecurityStrengths = Platform.CreateHashtable(); + + static DrbgUtilities() + { + maxSecurityStrengths.Add("SHA-1", 128); + + maxSecurityStrengths.Add("SHA-224", 192); + maxSecurityStrengths.Add("SHA-256", 256); + maxSecurityStrengths.Add("SHA-384", 256); + maxSecurityStrengths.Add("SHA-512", 256); + + maxSecurityStrengths.Add("SHA-512/224", 192); + maxSecurityStrengths.Add("SHA-512/256", 256); + } + + internal static int GetMaxSecurityStrength(IDigest d) + { + return (int)maxSecurityStrengths[d.AlgorithmName]; + } + + internal static int GetMaxSecurityStrength(IMac m) + { + string name = m.AlgorithmName; + + return (int)maxSecurityStrengths[name.Substring(0, name.IndexOf("/"))]; + } + + /** + * Used by both Dual EC and Hash. + */ + internal static byte[] HashDF(IDigest digest, byte[] seedMaterial, int seedLength) + { + // 1. temp = the Null string. + // 2. . + // 3. counter = an 8-bit binary value representing the integer "1". + // 4. For i = 1 to len do + // Comment : In step 4.1, no_of_bits_to_return + // is used as a 32-bit string. + // 4.1 temp = temp || Hash (counter || no_of_bits_to_return || + // input_string). + // 4.2 counter = counter + 1. + // 5. requested_bits = Leftmost (no_of_bits_to_return) of temp. + // 6. Return SUCCESS and requested_bits. + byte[] temp = new byte[(seedLength + 7) / 8]; + + int len = temp.Length / digest.GetDigestSize(); + int counter = 1; + + byte[] dig = new byte[digest.GetDigestSize()]; + + for (int i = 0; i <= len; i++) + { + digest.Update((byte)counter); + + digest.Update((byte)(seedLength >> 24)); + digest.Update((byte)(seedLength >> 16)); + digest.Update((byte)(seedLength >> 8)); + digest.Update((byte)seedLength); + + digest.BlockUpdate(seedMaterial, 0, seedMaterial.Length); + + digest.DoFinal(dig, 0); + + int bytesToCopy = ((temp.Length - i * dig.Length) > dig.Length) + ? dig.Length + : (temp.Length - i * dig.Length); + Array.Copy(dig, 0, temp, i * dig.Length, bytesToCopy); + + counter++; + } + + // do a left shift to get rid of excess bits. + if (seedLength % 8 != 0) + { + int shift = 8 - (seedLength % 8); + uint carry = 0; + + for (int i = 0; i != temp.Length; i++) + { + uint b = temp[i]; + temp[i] = (byte)((b >> shift) | (carry << (8 - shift))); + carry = b; + } + } + + return temp; + } + + internal static bool IsTooLarge(byte[] bytes, int maxBytes) + { + return bytes != null && bytes.Length > maxBytes; + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/prng/drbg/HMacSP800Drbg.cs b/BouncyCastle/crypto/src/crypto/prng/drbg/HMacSP800Drbg.cs new file mode 100644 index 0000000..7833170 --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/prng/drbg/HMacSP800Drbg.cs @@ -0,0 +1,186 @@ +using System; + +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Crypto.Prng.Drbg +{ + /** + * A SP800-90A HMAC DRBG. + */ + public class HMacSP800Drbg + : ISP80090Drbg + { + private readonly static long RESEED_MAX = 1L << (48 - 1); + private readonly static int MAX_BITS_REQUEST = 1 << (19 - 1); + + private readonly byte[] mK; + private readonly byte[] mV; + private readonly IEntropySource mEntropySource; + private readonly IMac mHMac; + private readonly int mSecurityStrength; + + private long mReseedCounter; + + /** + * Construct a SP800-90A Hash DRBG. + *

+ * Minimum entropy requirement is the security strength requested. + *

+ * @param hMac Hash MAC to base the DRBG on. + * @param securityStrength security strength required (in bits) + * @param entropySource source of entropy to use for seeding/reseeding. + * @param personalizationString personalization string to distinguish this DRBG (may be null). + * @param nonce nonce to further distinguish this DRBG (may be null). + */ + public HMacSP800Drbg(IMac hMac, int securityStrength, IEntropySource entropySource, byte[] personalizationString, byte[] nonce) + { + if (securityStrength > DrbgUtilities.GetMaxSecurityStrength(hMac)) + throw new ArgumentException("Requested security strength is not supported by the derivation function"); + if (entropySource.EntropySize < securityStrength) + throw new ArgumentException("Not enough entropy for security strength required"); + + mHMac = hMac; + mSecurityStrength = securityStrength; + mEntropySource = entropySource; + + byte[] entropy = GetEntropy(); + byte[] seedMaterial = Arrays.ConcatenateAll(entropy, nonce, personalizationString); + + mK = new byte[hMac.GetMacSize()]; + mV = new byte[mK.Length]; + Arrays.Fill(mV, (byte)1); + + hmac_DRBG_Update(seedMaterial); + + mReseedCounter = 1; + } + + private void hmac_DRBG_Update(byte[] seedMaterial) + { + hmac_DRBG_Update_Func(seedMaterial, (byte)0x00); + if (seedMaterial != null) + { + hmac_DRBG_Update_Func(seedMaterial, (byte)0x01); + } + } + + private void hmac_DRBG_Update_Func(byte[] seedMaterial, byte vValue) + { + mHMac.Init(new KeyParameter(mK)); + + mHMac.BlockUpdate(mV, 0, mV.Length); + mHMac.Update(vValue); + + if (seedMaterial != null) + { + mHMac.BlockUpdate(seedMaterial, 0, seedMaterial.Length); + } + + mHMac.DoFinal(mK, 0); + + mHMac.Init(new KeyParameter(mK)); + mHMac.BlockUpdate(mV, 0, mV.Length); + + mHMac.DoFinal(mV, 0); + } + + /** + * Return the block size (in bits) of the DRBG. + * + * @return the number of bits produced on each round of the DRBG. + */ + public int BlockSize + { + get { return mV.Length * 8; } + } + + /** + * Populate a passed in array with random data. + * + * @param output output array for generated bits. + * @param additionalInput additional input to be added to the DRBG in this step. + * @param predictionResistant true if a reseed should be forced, false otherwise. + * + * @return number of bits generated, -1 if a reseed required. + */ + public int Generate(byte[] output, byte[] additionalInput, bool predictionResistant) + { + int numberOfBits = output.Length * 8; + + if (numberOfBits > MAX_BITS_REQUEST) + throw new ArgumentException("Number of bits per request limited to " + MAX_BITS_REQUEST, "output"); + + if (mReseedCounter > RESEED_MAX) + { + return -1; + } + + if (predictionResistant) + { + Reseed(additionalInput); + additionalInput = null; + } + + // 2. + if (additionalInput != null) + { + hmac_DRBG_Update(additionalInput); + } + + // 3. + byte[] rv = new byte[output.Length]; + + int m = output.Length / mV.Length; + + mHMac.Init(new KeyParameter(mK)); + + for (int i = 0; i < m; i++) + { + mHMac.BlockUpdate(mV, 0, mV.Length); + mHMac.DoFinal(mV, 0); + + Array.Copy(mV, 0, rv, i * mV.Length, mV.Length); + } + + if (m * mV.Length < rv.Length) + { + mHMac.BlockUpdate(mV, 0, mV.Length); + mHMac.DoFinal(mV, 0); + + Array.Copy(mV, 0, rv, m * mV.Length, rv.Length - (m * mV.Length)); + } + + hmac_DRBG_Update(additionalInput); + + mReseedCounter++; + + Array.Copy(rv, 0, output, 0, output.Length); + + return numberOfBits; + } + + /** + * Reseed the DRBG. + * + * @param additionalInput additional input to be added to the DRBG in this step. + */ + public void Reseed(byte[] additionalInput) + { + byte[] entropy = GetEntropy(); + byte[] seedMaterial = Arrays.Concatenate(entropy, additionalInput); + + hmac_DRBG_Update(seedMaterial); + + mReseedCounter = 1; + } + + private byte[] GetEntropy() + { + byte[] entropy = mEntropySource.GetEntropy(); + if (entropy.Length < (mSecurityStrength + 7) / 8) + throw new InvalidOperationException("Insufficient entropy provided by entropy source"); + return entropy; + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/prng/drbg/HashSP800Drbg.cs b/BouncyCastle/crypto/src/crypto/prng/drbg/HashSP800Drbg.cs new file mode 100644 index 0000000..493da5a --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/prng/drbg/HashSP800Drbg.cs @@ -0,0 +1,287 @@ +using System; +using System.Collections; + +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Crypto.Prng.Drbg +{ + /** + * A SP800-90A Hash DRBG. + */ + public class HashSP800Drbg + : ISP80090Drbg + { + private readonly static byte[] ONE = { 0x01 }; + + private readonly static long RESEED_MAX = 1L << (48 - 1); + private readonly static int MAX_BITS_REQUEST = 1 << (19 - 1); + + private static readonly IDictionary seedlens = Platform.CreateHashtable(); + + static HashSP800Drbg() + { + seedlens.Add("SHA-1", 440); + seedlens.Add("SHA-224", 440); + seedlens.Add("SHA-256", 440); + seedlens.Add("SHA-512/256", 440); + seedlens.Add("SHA-512/224", 440); + seedlens.Add("SHA-384", 888); + seedlens.Add("SHA-512", 888); + } + + private readonly IDigest mDigest; + private readonly IEntropySource mEntropySource; + private readonly int mSecurityStrength; + private readonly int mSeedLength; + + private byte[] mV; + private byte[] mC; + private long mReseedCounter; + + /** + * Construct a SP800-90A Hash DRBG. + *

+ * Minimum entropy requirement is the security strength requested. + *

+ * @param digest source digest to use for DRB stream. + * @param securityStrength security strength required (in bits) + * @param entropySource source of entropy to use for seeding/reseeding. + * @param personalizationString personalization string to distinguish this DRBG (may be null). + * @param nonce nonce to further distinguish this DRBG (may be null). + */ + public HashSP800Drbg(IDigest digest, int securityStrength, IEntropySource entropySource, byte[] personalizationString, byte[] nonce) + { + if (securityStrength > DrbgUtilities.GetMaxSecurityStrength(digest)) + throw new ArgumentException("Requested security strength is not supported by the derivation function"); + if (entropySource.EntropySize < securityStrength) + throw new ArgumentException("Not enough entropy for security strength required"); + + mDigest = digest; + mEntropySource = entropySource; + mSecurityStrength = securityStrength; + mSeedLength = (int)seedlens[digest.AlgorithmName]; + + // 1. seed_material = entropy_input || nonce || personalization_string. + // 2. seed = Hash_df (seed_material, seedlen). + // 3. V = seed. + // 4. C = Hash_df ((0x00 || V), seedlen). Comment: Preceed V with a byte + // of zeros. + // 5. reseed_counter = 1. + // 6. Return V, C, and reseed_counter as the initial_working_state + + byte[] entropy = GetEntropy(); + byte[] seedMaterial = Arrays.ConcatenateAll(entropy, nonce, personalizationString); + byte[] seed = DrbgUtilities.HashDF(mDigest, seedMaterial, mSeedLength); + + mV = seed; + byte[] subV = new byte[mV.Length + 1]; + Array.Copy(mV, 0, subV, 1, mV.Length); + mC = DrbgUtilities.HashDF(mDigest, subV, mSeedLength); + + mReseedCounter = 1; + } + + /** + * Return the block size (in bits) of the DRBG. + * + * @return the number of bits produced on each internal round of the DRBG. + */ + public int BlockSize + { + get { return mDigest.GetDigestSize () * 8; } + } + + /** + * Populate a passed in array with random data. + * + * @param output output array for generated bits. + * @param additionalInput additional input to be added to the DRBG in this step. + * @param predictionResistant true if a reseed should be forced, false otherwise. + * + * @return number of bits generated, -1 if a reseed required. + */ + public int Generate(byte[] output, byte[] additionalInput, bool predictionResistant) + { + // 1. If reseed_counter > reseed_interval, then return an indication that a + // reseed is required. + // 2. If (additional_input != Null), then do + // 2.1 w = Hash (0x02 || V || additional_input). + // 2.2 V = (V + w) mod 2^seedlen + // . + // 3. (returned_bits) = Hashgen (requested_number_of_bits, V). + // 4. H = Hash (0x03 || V). + // 5. V = (V + H + C + reseed_counter) mod 2^seedlen + // . + // 6. reseed_counter = reseed_counter + 1. + // 7. Return SUCCESS, returned_bits, and the new values of V, C, and + // reseed_counter for the new_working_state. + int numberOfBits = output.Length * 8; + + if (numberOfBits > MAX_BITS_REQUEST) + throw new ArgumentException("Number of bits per request limited to " + MAX_BITS_REQUEST, "output"); + + if (mReseedCounter > RESEED_MAX) + return -1; + + if (predictionResistant) + { + Reseed(additionalInput); + additionalInput = null; + } + + // 2. + if (additionalInput != null) + { + byte[] newInput = new byte[1 + mV.Length + additionalInput.Length]; + newInput[0] = 0x02; + Array.Copy(mV, 0, newInput, 1, mV.Length); + // TODO: inOff / inLength + Array.Copy(additionalInput, 0, newInput, 1 + mV.Length, additionalInput.Length); + byte[] w = Hash(newInput); + + AddTo(mV, w); + } + + // 3. + byte[] rv = hashgen(mV, numberOfBits); + + // 4. + byte[] subH = new byte[mV.Length + 1]; + Array.Copy(mV, 0, subH, 1, mV.Length); + subH[0] = 0x03; + + byte[] H = Hash(subH); + + // 5. + AddTo(mV, H); + AddTo(mV, mC); + byte[] c = new byte[4]; + c[0] = (byte)(mReseedCounter >> 24); + c[1] = (byte)(mReseedCounter >> 16); + c[2] = (byte)(mReseedCounter >> 8); + c[3] = (byte)mReseedCounter; + + AddTo(mV, c); + + mReseedCounter++; + + Array.Copy(rv, 0, output, 0, output.Length); + + return numberOfBits; + } + + private byte[] GetEntropy() + { + byte[] entropy = mEntropySource.GetEntropy(); + if (entropy.Length < (mSecurityStrength + 7) / 8) + throw new InvalidOperationException("Insufficient entropy provided by entropy source"); + return entropy; + } + + // this will always add the shorter length byte array mathematically to the + // longer length byte array. + // be careful.... + private void AddTo(byte[] longer, byte[] shorter) + { + int off = longer.Length - shorter.Length; + + uint carry = 0; + int i = shorter.Length; + while (--i >= 0) + { + carry += (uint)longer[off + i] + (uint)shorter[i]; + longer[off + i] = (byte)carry; + carry >>= 8; + } + + i = off; + while (--i >= 0) + { + carry += longer[i]; + longer[i] = (byte)carry; + carry >>= 8; + } + } + + /** + * Reseed the DRBG. + * + * @param additionalInput additional input to be added to the DRBG in this step. + */ + public void Reseed(byte[] additionalInput) + { + // 1. seed_material = 0x01 || V || entropy_input || additional_input. + // + // 2. seed = Hash_df (seed_material, seedlen). + // + // 3. V = seed. + // + // 4. C = Hash_df ((0x00 || V), seedlen). + // + // 5. reseed_counter = 1. + // + // 6. Return V, C, and reseed_counter for the new_working_state. + // + // Comment: Precede with a byte of all zeros. + byte[] entropy = GetEntropy(); + byte[] seedMaterial = Arrays.ConcatenateAll(ONE, mV, entropy, additionalInput); + byte[] seed = DrbgUtilities.HashDF(mDigest, seedMaterial, mSeedLength); + + mV = seed; + byte[] subV = new byte[mV.Length + 1]; + subV[0] = 0x00; + Array.Copy(mV, 0, subV, 1, mV.Length); + mC = DrbgUtilities.HashDF(mDigest, subV, mSeedLength); + + mReseedCounter = 1; + } + + private byte[] Hash(byte[] input) + { + byte[] hash = new byte[mDigest.GetDigestSize()]; + DoHash(input, hash); + return hash; + } + + private void DoHash(byte[] input, byte[] output) + { + mDigest.BlockUpdate(input, 0, input.Length); + mDigest.DoFinal(output, 0); + } + + // 1. m = [requested_number_of_bits / outlen] + // 2. data = V. + // 3. W = the Null string. + // 4. For i = 1 to m + // 4.1 wi = Hash (data). + // 4.2 W = W || wi. + // 4.3 data = (data + 1) mod 2^seedlen + // . + // 5. returned_bits = Leftmost (requested_no_of_bits) bits of W. + private byte[] hashgen(byte[] input, int lengthInBits) + { + int digestSize = mDigest.GetDigestSize(); + int m = (lengthInBits / 8) / digestSize; + + byte[] data = new byte[input.Length]; + Array.Copy(input, 0, data, 0, input.Length); + + byte[] W = new byte[lengthInBits / 8]; + + byte[] dig = new byte[mDigest.GetDigestSize()]; + for (int i = 0; i <= m; i++) + { + DoHash(data, dig); + + int bytesToCopy = ((W.Length - i * dig.Length) > dig.Length) + ? dig.Length + : (W.Length - i * dig.Length); + Array.Copy(dig, 0, W, i * dig.Length, bytesToCopy); + + AddTo(data, ONE); + } + + return W; + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/prng/drbg/ISP80090Drbg.cs b/BouncyCastle/crypto/src/crypto/prng/drbg/ISP80090Drbg.cs new file mode 100644 index 0000000..0e39820 --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/prng/drbg/ISP80090Drbg.cs @@ -0,0 +1,35 @@ +using System; + +namespace Org.BouncyCastle.Crypto.Prng.Drbg +{ + /** + * Interface to SP800-90A deterministic random bit generators. + */ + public interface ISP80090Drbg + { + /** + * Return the block size of the DRBG. + * + * @return the block size (in bits) produced by each round of the DRBG. + */ + int BlockSize { get; } + + /** + * Populate a passed in array with random data. + * + * @param output output array for generated bits. + * @param additionalInput additional input to be added to the DRBG in this step. + * @param predictionResistant true if a reseed should be forced, false otherwise. + * + * @return number of bits generated, -1 if a reseed required. + */ + int Generate(byte[] output, byte[] additionalInput, bool predictionResistant); + + /** + * Reseed the DRBG. + * + * @param additionalInput additional input to be added to the DRBG in this step. + */ + void Reseed(byte[] additionalInput); + } +} diff --git a/BouncyCastle/crypto/src/crypto/signers/DsaDigestSigner.cs b/BouncyCastle/crypto/src/crypto/signers/DsaDigestSigner.cs new file mode 100644 index 0000000..15444a0 --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/signers/DsaDigestSigner.cs @@ -0,0 +1,146 @@ +using System; + +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Math; +using Org.BouncyCastle.Security; + +namespace Org.BouncyCastle.Crypto.Signers +{ + public class DsaDigestSigner + : ISigner + { + private readonly IDsa dsa; + private readonly IDigest digest; + private readonly IDsaEncoding encoding; + private bool forSigning; + + public DsaDigestSigner( + IDsa dsa, + IDigest digest) + { + this.dsa = dsa; + this.digest = digest; + this.encoding = StandardDsaEncoding.Instance; + } + + public DsaDigestSigner( + IDsaExt dsa, + IDigest digest, + IDsaEncoding encoding) + { + this.dsa = dsa; + this.digest = digest; + this.encoding = encoding; + } + + public virtual string AlgorithmName + { + get { return digest.AlgorithmName + "with" + dsa.AlgorithmName; } + } + + public virtual void Init( + bool forSigning, + ICipherParameters parameters) + { + this.forSigning = forSigning; + + AsymmetricKeyParameter k; + + if (parameters is ParametersWithRandom) + { + k = (AsymmetricKeyParameter)((ParametersWithRandom)parameters).Parameters; + } + else + { + k = (AsymmetricKeyParameter)parameters; + } + + if (forSigning && !k.IsPrivate) + throw new InvalidKeyException("Signing Requires Private Key."); + + if (!forSigning && k.IsPrivate) + throw new InvalidKeyException("Verification Requires Public Key."); + + Reset(); + + dsa.Init(forSigning, parameters); + } + + /** + * update the internal digest with the byte b + */ + public virtual void Update( + byte input) + { + digest.Update(input); + } + + /** + * update the internal digest with the byte array in + */ + public virtual void BlockUpdate( + byte[] input, + int inOff, + int length) + { + digest.BlockUpdate(input, inOff, length); + } + + /** + * Generate a signature for the message we've been loaded with using + * the key we were initialised with. + */ + public virtual byte[] GenerateSignature() + { + if (!forSigning) + throw new InvalidOperationException("DSADigestSigner not initialised for signature generation."); + + byte[] hash = new byte[digest.GetDigestSize()]; + digest.DoFinal(hash, 0); + + BigInteger[] sig = dsa.GenerateSignature(hash); + + try + { + return encoding.Encode(GetOrder(), sig[0], sig[1]); + } + catch (Exception) + { + throw new InvalidOperationException("unable to encode signature"); + } + } + + /// true if the internal state represents the signature described in the passed in array. + public virtual bool VerifySignature( + byte[] signature) + { + if (forSigning) + throw new InvalidOperationException("DSADigestSigner not initialised for verification"); + + byte[] hash = new byte[digest.GetDigestSize()]; + digest.DoFinal(hash, 0); + + try + { + BigInteger[] sig = encoding.Decode(GetOrder(), signature); + + return dsa.VerifySignature(hash, sig[0], sig[1]); + } + catch (Exception) + { + return false; + } + } + + /// Reset the internal state + public virtual void Reset() + { + digest.Reset(); + } + + protected virtual BigInteger GetOrder() + { + return dsa is IDsaExt ? ((IDsaExt)dsa).Order : null; + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/signers/DsaSigner.cs b/BouncyCastle/crypto/src/crypto/signers/DsaSigner.cs new file mode 100644 index 0000000..1f5d9b9 --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/signers/DsaSigner.cs @@ -0,0 +1,161 @@ +using System; + +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Math; +using Org.BouncyCastle.Security; +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Crypto.Signers +{ + /** + * The Digital Signature Algorithm - as described in "Handbook of Applied + * Cryptography", pages 452 - 453. + */ + public class DsaSigner + : IDsaExt + { + protected readonly IDsaKCalculator kCalculator; + + protected DsaKeyParameters key = null; + protected SecureRandom random = null; + + /** + * Default configuration, random K values. + */ + public DsaSigner() + { + this.kCalculator = new RandomDsaKCalculator(); + } + + /** + * Configuration with an alternate, possibly deterministic calculator of K. + * + * @param kCalculator a K value calculator. + */ + public DsaSigner(IDsaKCalculator kCalculator) + { + this.kCalculator = kCalculator; + } + + public virtual string AlgorithmName + { + get { return "DSA"; } + } + + public virtual void Init(bool forSigning, ICipherParameters parameters) + { + SecureRandom providedRandom = null; + + if (forSigning) + { + if (parameters is ParametersWithRandom) + { + ParametersWithRandom rParam = (ParametersWithRandom)parameters; + + providedRandom = rParam.Random; + parameters = rParam.Parameters; + } + + if (!(parameters is DsaPrivateKeyParameters)) + throw new InvalidKeyException("DSA private key required for signing"); + + this.key = (DsaPrivateKeyParameters)parameters; + } + else + { + if (!(parameters is DsaPublicKeyParameters)) + throw new InvalidKeyException("DSA public key required for verification"); + + this.key = (DsaPublicKeyParameters)parameters; + } + + this.random = InitSecureRandom(forSigning && !kCalculator.IsDeterministic, providedRandom); + } + + public virtual BigInteger Order + { + get { return key.Parameters.Q; } + } + + /** + * Generate a signature for the given message using the key we were + * initialised with. For conventional DSA the message should be a SHA-1 + * hash of the message of interest. + * + * @param message the message that will be verified later. + */ + public virtual BigInteger[] GenerateSignature(byte[] message) + { + DsaParameters parameters = key.Parameters; + BigInteger q = parameters.Q; + BigInteger m = CalculateE(q, message); + BigInteger x = ((DsaPrivateKeyParameters)key).X; + + if (kCalculator.IsDeterministic) + { + kCalculator.Init(q, x, message); + } + else + { + kCalculator.Init(q, random); + } + + BigInteger k = kCalculator.NextK(); + + BigInteger r = parameters.G.ModPow(k, parameters.P).Mod(q); + + k = BigIntegers.ModOddInverse(q, k).Multiply(m.Add(x.Multiply(r))); + + BigInteger s = k.Mod(q); + + return new BigInteger[]{ r, s }; + } + + /** + * return true if the value r and s represent a DSA signature for + * the passed in message for standard DSA the message should be a + * SHA-1 hash of the real message to be verified. + */ + public virtual bool VerifySignature(byte[] message, BigInteger r, BigInteger s) + { + DsaParameters parameters = key.Parameters; + BigInteger q = parameters.Q; + BigInteger m = CalculateE(q, message); + + if (r.SignValue <= 0 || q.CompareTo(r) <= 0) + { + return false; + } + + if (s.SignValue <= 0 || q.CompareTo(s) <= 0) + { + return false; + } + + BigInteger w = BigIntegers.ModOddInverseVar(q, s); + + BigInteger u1 = m.Multiply(w).Mod(q); + BigInteger u2 = r.Multiply(w).Mod(q); + + BigInteger p = parameters.P; + u1 = parameters.G.ModPow(u1, p); + u2 = ((DsaPublicKeyParameters)key).Y.ModPow(u2, p); + + BigInteger v = u1.Multiply(u2).Mod(p).Mod(q); + + return v.Equals(r); + } + + protected virtual BigInteger CalculateE(BigInteger n, byte[] message) + { + int length = System.Math.Min(message.Length, n.BitLength / 8); + + return new BigInteger(1, message, 0, length); + } + + protected virtual SecureRandom InitSecureRandom(bool needed, SecureRandom provided) + { + return !needed ? null : (provided != null) ? provided : new SecureRandom(); + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/signers/ECDsaSigner.cs b/BouncyCastle/crypto/src/crypto/signers/ECDsaSigner.cs new file mode 100644 index 0000000..0a265d9 --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/signers/ECDsaSigner.cs @@ -0,0 +1,246 @@ +using System; + +using Org.BouncyCastle.Crypto.Digests; +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Math; +using Org.BouncyCastle.Math.EC; +using Org.BouncyCastle.Math.EC.Multiplier; +using Org.BouncyCastle.Security; +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Crypto.Signers +{ + /** + * EC-DSA as described in X9.62 + */ + public class ECDsaSigner + : IDsaExt + { + private static readonly BigInteger Eight = BigInteger.ValueOf(8); + + protected readonly IDsaKCalculator kCalculator; + + protected ECKeyParameters key = null; + protected SecureRandom random = null; + + /** + * Default configuration, random K values. + */ + public ECDsaSigner() + { + this.kCalculator = new RandomDsaKCalculator(); + } + + /** + * Configuration with an alternate, possibly deterministic calculator of K. + * + * @param kCalculator a K value calculator. + */ + public ECDsaSigner(IDsaKCalculator kCalculator) + { + this.kCalculator = kCalculator; + } + + public virtual string AlgorithmName + { + get { return "ECDSA"; } + } + + public virtual void Init(bool forSigning, ICipherParameters parameters) + { + SecureRandom providedRandom = null; + + if (forSigning) + { + if (parameters is ParametersWithRandom) + { + ParametersWithRandom rParam = (ParametersWithRandom)parameters; + + providedRandom = rParam.Random; + parameters = rParam.Parameters; + } + + if (!(parameters is ECPrivateKeyParameters)) + throw new InvalidKeyException("EC private key required for signing"); + + this.key = (ECPrivateKeyParameters)parameters; + } + else + { + if (!(parameters is ECPublicKeyParameters)) + throw new InvalidKeyException("EC public key required for verification"); + + this.key = (ECPublicKeyParameters)parameters; + } + + this.random = InitSecureRandom(forSigning && !kCalculator.IsDeterministic, providedRandom); + } + + public virtual BigInteger Order + { + get { return key.Parameters.N; } + } + + // 5.3 pg 28 + /** + * Generate a signature for the given message using the key we were + * initialised with. For conventional DSA the message should be a SHA-1 + * hash of the message of interest. + * + * @param message the message that will be verified later. + */ + public virtual BigInteger[] GenerateSignature(byte[] message) + { + ECDomainParameters ec = key.Parameters; + BigInteger n = ec.N; + BigInteger e = CalculateE(n, message); + BigInteger d = ((ECPrivateKeyParameters)key).D; + + if (kCalculator.IsDeterministic) + { + kCalculator.Init(n, d, message); + } + else + { + kCalculator.Init(n, random); + } + + BigInteger r, s; + + ECMultiplier basePointMultiplier = CreateBasePointMultiplier(); + + // 5.3.2 + do // Generate s + { + BigInteger k; + do // Generate r + { + k = kCalculator.NextK(); + + ECPoint p = basePointMultiplier.Multiply(ec.G, k).Normalize(); + + // 5.3.3 + r = p.AffineXCoord.ToBigInteger().Mod(n); + } + while (r.SignValue == 0); + + s = BigIntegers.ModOddInverse(n, k).Multiply(e.Add(d.Multiply(r))).Mod(n); + } + while (s.SignValue == 0); + + return new BigInteger[]{ r, s }; + } + + // 5.4 pg 29 + /** + * return true if the value r and s represent a DSA signature for + * the passed in message (for standard DSA the message should be + * a SHA-1 hash of the real message to be verified). + */ + public virtual bool VerifySignature(byte[] message, BigInteger r, BigInteger s) + { + BigInteger n = key.Parameters.N; + + // r and s should both in the range [1,n-1] + if (r.SignValue < 1 || s.SignValue < 1 + || r.CompareTo(n) >= 0 || s.CompareTo(n) >= 0) + { + return false; + } + + BigInteger e = CalculateE(n, message); + BigInteger c = BigIntegers.ModOddInverseVar(n, s); + + BigInteger u1 = e.Multiply(c).Mod(n); + BigInteger u2 = r.Multiply(c).Mod(n); + + ECPoint G = key.Parameters.G; + ECPoint Q = ((ECPublicKeyParameters) key).Q; + + ECPoint point = ECAlgorithms.SumOfTwoMultiplies(G, u1, Q, u2); + + if (point.IsInfinity) + return false; + + /* + * If possible, avoid normalizing the point (to save a modular inversion in the curve field). + * + * There are ~cofactor elements of the curve field that reduce (modulo the group order) to 'r'. + * If the cofactor is known and small, we generate those possible field values and project each + * of them to the same "denominator" (depending on the particular projective coordinates in use) + * as the calculated point.X. If any of the projected values matches point.X, then we have: + * (point.X / Denominator mod p) mod n == r + * as required, and verification succeeds. + * + * Based on an original idea by Gregory Maxwell (https://github.com/gmaxwell), as implemented in + * the libsecp256k1 project (https://github.com/bitcoin/secp256k1). + */ + ECCurve curve = point.Curve; + if (curve != null) + { + BigInteger cofactor = curve.Cofactor; + if (cofactor != null && cofactor.CompareTo(Eight) <= 0) + { + ECFieldElement D = GetDenominator(curve.CoordinateSystem, point); + if (D != null && !D.IsZero) + { + ECFieldElement X = point.XCoord; + while (curve.IsValidFieldElement(r)) + { + ECFieldElement R = curve.FromBigInteger(r).Multiply(D); + if (R.Equals(X)) + { + return true; + } + r = r.Add(n); + } + return false; + } + } + } + + BigInteger v = point.Normalize().AffineXCoord.ToBigInteger().Mod(n); + return v.Equals(r); + } + + protected virtual BigInteger CalculateE(BigInteger n, byte[] message) + { + int messageBitLength = message.Length * 8; + BigInteger trunc = new BigInteger(1, message); + + if (n.BitLength < messageBitLength) + { + trunc = trunc.ShiftRight(messageBitLength - n.BitLength); + } + + return trunc; + } + + protected virtual ECMultiplier CreateBasePointMultiplier() + { + return new FixedPointCombMultiplier(); + } + + protected virtual ECFieldElement GetDenominator(int coordinateSystem, ECPoint p) + { + switch (coordinateSystem) + { + case ECCurve.COORD_HOMOGENEOUS: + case ECCurve.COORD_LAMBDA_PROJECTIVE: + case ECCurve.COORD_SKEWED: + return p.GetZCoord(0); + case ECCurve.COORD_JACOBIAN: + case ECCurve.COORD_JACOBIAN_CHUDNOVSKY: + case ECCurve.COORD_JACOBIAN_MODIFIED: + return p.GetZCoord(0).Square(); + default: + return null; + } + } + + protected virtual SecureRandom InitSecureRandom(bool needed, SecureRandom provided) + { + return !needed ? null : (provided != null) ? provided : new SecureRandom(); + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/signers/ECGOST3410Signer.cs b/BouncyCastle/crypto/src/crypto/signers/ECGOST3410Signer.cs new file mode 100644 index 0000000..7df43f0 --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/signers/ECGOST3410Signer.cs @@ -0,0 +1,171 @@ +using System; + +using Org.BouncyCastle.Crypto; +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Math; +using Org.BouncyCastle.Math.EC; +using Org.BouncyCastle.Math.EC.Multiplier; +using Org.BouncyCastle.Security; +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Crypto.Signers +{ + /** + * GOST R 34.10-2001 Signature Algorithm + */ + public class ECGost3410Signer + : IDsaExt + { + private ECKeyParameters key; + private SecureRandom random; + private bool forSigning; + + public virtual string AlgorithmName + { + get { return key.AlgorithmName; } + } + + public virtual void Init( + bool forSigning, + ICipherParameters parameters) + { + this.forSigning = forSigning; + + if (forSigning) + { + if (parameters is ParametersWithRandom) + { + ParametersWithRandom rParam = (ParametersWithRandom)parameters; + + this.random = rParam.Random; + parameters = rParam.Parameters; + } + else + { + this.random = new SecureRandom(); + } + + if (!(parameters is ECPrivateKeyParameters)) + throw new InvalidKeyException("EC private key required for signing"); + + this.key = (ECPrivateKeyParameters) parameters; + } + else + { + if (!(parameters is ECPublicKeyParameters)) + throw new InvalidKeyException("EC public key required for verification"); + + this.key = (ECPublicKeyParameters)parameters; + } + } + + public virtual BigInteger Order + { + get { return key.Parameters.N; } + } + + /** + * generate a signature for the given message using the key we were + * initialised with. For conventional GOST3410 the message should be a GOST3411 + * hash of the message of interest. + * + * @param message the message that will be verified later. + */ + public virtual BigInteger[] GenerateSignature( + byte[] message) + { + if (!forSigning) + { + throw new InvalidOperationException("not initialized for signing"); + } + + byte[] mRev = Arrays.Reverse(message); // conversion is little-endian + BigInteger e = new BigInteger(1, mRev); + + ECDomainParameters ec = key.Parameters; + BigInteger n = ec.N; + BigInteger d = ((ECPrivateKeyParameters)key).D; + + BigInteger r, s = null; + + ECMultiplier basePointMultiplier = CreateBasePointMultiplier(); + + do // generate s + { + BigInteger k; + do // generate r + { + do + { + k = new BigInteger(n.BitLength, random); + } + while (k.SignValue == 0); + + ECPoint p = basePointMultiplier.Multiply(ec.G, k).Normalize(); + + r = p.AffineXCoord.ToBigInteger().Mod(n); + } + while (r.SignValue == 0); + + s = (k.Multiply(e)).Add(d.Multiply(r)).Mod(n); + } + while (s.SignValue == 0); + + return new BigInteger[]{ r, s }; + } + + /** + * return true if the value r and s represent a GOST3410 signature for + * the passed in message (for standard GOST3410 the message should be + * a GOST3411 hash of the real message to be verified). + */ + public virtual bool VerifySignature( + byte[] message, + BigInteger r, + BigInteger s) + { + if (forSigning) + { + throw new InvalidOperationException("not initialized for verification"); + } + + byte[] mRev = Arrays.Reverse(message); // conversion is little-endian + BigInteger e = new BigInteger(1, mRev); + BigInteger n = key.Parameters.N; + + // r in the range [1,n-1] + if (r.CompareTo(BigInteger.One) < 0 || r.CompareTo(n) >= 0) + { + return false; + } + + // s in the range [1,n-1] + if (s.CompareTo(BigInteger.One) < 0 || s.CompareTo(n) >= 0) + { + return false; + } + + BigInteger v = BigIntegers.ModOddInverseVar(n, e); + + BigInteger z1 = s.Multiply(v).Mod(n); + BigInteger z2 = (n.Subtract(r)).Multiply(v).Mod(n); + + ECPoint G = key.Parameters.G; // P + ECPoint Q = ((ECPublicKeyParameters)key).Q; + + ECPoint point = ECAlgorithms.SumOfTwoMultiplies(G, z1, Q, z2).Normalize(); + + if (point.IsInfinity) + return false; + + BigInteger R = point.AffineXCoord.ToBigInteger().Mod(n); + + return R.Equals(r); + } + + protected virtual ECMultiplier CreateBasePointMultiplier() + { + return new FixedPointCombMultiplier(); + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/signers/ECNRSigner.cs b/BouncyCastle/crypto/src/crypto/signers/ECNRSigner.cs new file mode 100644 index 0000000..bc193e7 --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/signers/ECNRSigner.cs @@ -0,0 +1,193 @@ +using System; + +using Org.BouncyCastle.Crypto; +using Org.BouncyCastle.Crypto.Generators; +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Math; +using Org.BouncyCastle.Math.EC; +using Org.BouncyCastle.Security; + +namespace Org.BouncyCastle.Crypto.Signers +{ + /** + * EC-NR as described in IEEE 1363-2000 + */ + public class ECNRSigner + : IDsaExt + { + private bool forSigning; + private ECKeyParameters key; + private SecureRandom random; + + public virtual string AlgorithmName + { + get { return "ECNR"; } + } + + public virtual void Init( + bool forSigning, + ICipherParameters parameters) + { + this.forSigning = forSigning; + + if (forSigning) + { + if (parameters is ParametersWithRandom) + { + ParametersWithRandom rParam = (ParametersWithRandom) parameters; + + this.random = rParam.Random; + parameters = rParam.Parameters; + } + else + { + this.random = new SecureRandom(); + } + + if (!(parameters is ECPrivateKeyParameters)) + throw new InvalidKeyException("EC private key required for signing"); + + this.key = (ECPrivateKeyParameters) parameters; + } + else + { + if (!(parameters is ECPublicKeyParameters)) + throw new InvalidKeyException("EC public key required for verification"); + + this.key = (ECPublicKeyParameters) parameters; + } + } + + public virtual BigInteger Order + { + get { return key.Parameters.N; } + } + + // Section 7.2.5 ECSP-NR, pg 34 + /** + * generate a signature for the given message using the key we were + * initialised with. Generally, the order of the curve should be at + * least as long as the hash of the message of interest, and with + * ECNR it *must* be at least as long. + * + * @param digest the digest to be signed. + * @exception DataLengthException if the digest is longer than the key allows + */ + public virtual BigInteger[] GenerateSignature( + byte[] message) + { + if (!this.forSigning) + { + // not properly initilaized... deal with it + throw new InvalidOperationException("not initialised for signing"); + } + + BigInteger n = Order; + int nBitLength = n.BitLength; + + BigInteger e = new BigInteger(1, message); + int eBitLength = e.BitLength; + + ECPrivateKeyParameters privKey = (ECPrivateKeyParameters)key; + + if (eBitLength > nBitLength) + { + throw new DataLengthException("input too large for ECNR key."); + } + + BigInteger r = null; + BigInteger s = null; + + AsymmetricCipherKeyPair tempPair; + do // generate r + { + // generate another, but very temporary, key pair using + // the same EC parameters + ECKeyPairGenerator keyGen = new ECKeyPairGenerator(); + + keyGen.Init(new ECKeyGenerationParameters(privKey.Parameters, this.random)); + + tempPair = keyGen.GenerateKeyPair(); + + // BigInteger Vx = tempPair.getPublic().getW().getAffineX(); + ECPublicKeyParameters V = (ECPublicKeyParameters) tempPair.Public; // get temp's public key + BigInteger Vx = V.Q.AffineXCoord.ToBigInteger(); // get the point's x coordinate + + r = Vx.Add(e).Mod(n); + } + while (r.SignValue == 0); + + // generate s + BigInteger x = privKey.D; // private key value + BigInteger u = ((ECPrivateKeyParameters) tempPair.Private).D; // temp's private key value + s = u.Subtract(r.Multiply(x)).Mod(n); + + return new BigInteger[]{ r, s }; + } + + // Section 7.2.6 ECVP-NR, pg 35 + /** + * return true if the value r and s represent a signature for the + * message passed in. Generally, the order of the curve should be at + * least as long as the hash of the message of interest, and with + * ECNR, it *must* be at least as long. But just in case the signer + * applied mod(n) to the longer digest, this implementation will + * apply mod(n) during verification. + * + * @param digest the digest to be verified. + * @param r the r value of the signature. + * @param s the s value of the signature. + * @exception DataLengthException if the digest is longer than the key allows + */ + public virtual bool VerifySignature( + byte[] message, + BigInteger r, + BigInteger s) + { + if (this.forSigning) + { + // not properly initilaized... deal with it + throw new InvalidOperationException("not initialised for verifying"); + } + + ECPublicKeyParameters pubKey = (ECPublicKeyParameters)key; + BigInteger n = pubKey.Parameters.N; + int nBitLength = n.BitLength; + + BigInteger e = new BigInteger(1, message); + int eBitLength = e.BitLength; + + if (eBitLength > nBitLength) + { + throw new DataLengthException("input too large for ECNR key."); + } + + // r in the range [1,n-1] + if (r.CompareTo(BigInteger.One) < 0 || r.CompareTo(n) >= 0) + { + return false; + } + + // s in the range [0,n-1] NB: ECNR spec says 0 + if (s.CompareTo(BigInteger.Zero) < 0 || s.CompareTo(n) >= 0) + { + return false; + } + + // compute P = sG + rW + + ECPoint G = pubKey.Parameters.G; + ECPoint W = pubKey.Q; + // calculate P using Bouncy math + ECPoint P = ECAlgorithms.SumOfTwoMultiplies(G, s, W, r).Normalize(); + + if (P.IsInfinity) + return false; + + BigInteger x = P.AffineXCoord.ToBigInteger(); + BigInteger t = r.Subtract(x).Mod(n); + + return t.Equals(e); + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/signers/Ed25519Signer.cs b/BouncyCastle/crypto/src/crypto/signers/Ed25519Signer.cs new file mode 100644 index 0000000..eb3d253 --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/signers/Ed25519Signer.cs @@ -0,0 +1,138 @@ +using System; +using System.IO; + +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Math.EC.Rfc8032; +using Org.BouncyCastle.Utilities; +using Org.BouncyCastle.Utilities.IO; + +namespace Org.BouncyCastle.Crypto.Signers +{ + public class Ed25519Signer + : ISigner + { + private readonly Buffer buffer = new Buffer(); + + private bool forSigning; + private Ed25519PrivateKeyParameters privateKey; + private Ed25519PublicKeyParameters publicKey; + + public Ed25519Signer() + { + } + + public virtual string AlgorithmName + { + get { return "Ed25519"; } + } + + public virtual void Init(bool forSigning, ICipherParameters parameters) + { + this.forSigning = forSigning; + + if (forSigning) + { + this.privateKey = (Ed25519PrivateKeyParameters)parameters; + this.publicKey = null; + } + else + { + this.privateKey = null; + this.publicKey = (Ed25519PublicKeyParameters)parameters; + } + + Reset(); + } + + public virtual void Update(byte b) + { + buffer.WriteByte(b); + } + + public virtual void BlockUpdate(byte[] buf, int off, int len) + { + buffer.Write(buf, off, len); + } + + public virtual byte[] GenerateSignature() + { + if (!forSigning || null == privateKey) + throw new InvalidOperationException("Ed25519Signer not initialised for signature generation."); + + return buffer.GenerateSignature(privateKey); + } + + public virtual bool VerifySignature(byte[] signature) + { + if (forSigning || null == publicKey) + throw new InvalidOperationException("Ed25519Signer not initialised for verification"); + + return buffer.VerifySignature(publicKey, signature); + } + + public virtual void Reset() + { + buffer.Reset(); + } + + private class Buffer : MemoryStream + { + internal byte[] GenerateSignature(Ed25519PrivateKeyParameters privateKey) + { + lock (this) + { +#if PORTABLE + byte[] buf = ToArray(); + int count = buf.Length; +#else + byte[] buf = GetBuffer(); + int count = (int)Position; +#endif + byte[] signature = new byte[Ed25519PrivateKeyParameters.SignatureSize]; + privateKey.Sign(Ed25519.Algorithm.Ed25519, null, buf, 0, count, signature, 0); + Reset(); + return signature; + } + } + + internal bool VerifySignature(Ed25519PublicKeyParameters publicKey, byte[] signature) + { + if (Ed25519.SignatureSize != signature.Length) + { + Reset(); + return false; + } + + lock (this) + { +#if PORTABLE + byte[] buf = ToArray(); + int count = buf.Length; +#else + byte[] buf = GetBuffer(); + int count = (int)Position; +#endif + byte[] pk = publicKey.GetEncoded(); + bool result = Ed25519.Verify(signature, 0, pk, 0, buf, 0, count); + Reset(); + return result; + } + } + + internal void Reset() + { + lock (this) + { + long count = Position; +#if PORTABLE + this.Position = 0L; + Streams.WriteZeroes(this, count); +#else + Array.Clear(GetBuffer(), 0, (int)count); +#endif + this.Position = 0L; + } + } + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/signers/Ed25519ctxSigner.cs b/BouncyCastle/crypto/src/crypto/signers/Ed25519ctxSigner.cs new file mode 100644 index 0000000..3610e25 --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/signers/Ed25519ctxSigner.cs @@ -0,0 +1,140 @@ +using System; +using System.IO; + +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Math.EC.Rfc8032; +using Org.BouncyCastle.Utilities; +using Org.BouncyCastle.Utilities.IO; + +namespace Org.BouncyCastle.Crypto.Signers +{ + public class Ed25519ctxSigner + : ISigner + { + private readonly Buffer buffer = new Buffer(); + private readonly byte[] context; + + private bool forSigning; + private Ed25519PrivateKeyParameters privateKey; + private Ed25519PublicKeyParameters publicKey; + + public Ed25519ctxSigner(byte[] context) + { + this.context = Arrays.Clone(context); + } + + public virtual string AlgorithmName + { + get { return "Ed25519ctx"; } + } + + public virtual void Init(bool forSigning, ICipherParameters parameters) + { + this.forSigning = forSigning; + + if (forSigning) + { + this.privateKey = (Ed25519PrivateKeyParameters)parameters; + this.publicKey = null; + } + else + { + this.privateKey = null; + this.publicKey = (Ed25519PublicKeyParameters)parameters; + } + + Reset(); + } + + public virtual void Update(byte b) + { + buffer.WriteByte(b); + } + + public virtual void BlockUpdate(byte[] buf, int off, int len) + { + buffer.Write(buf, off, len); + } + + public virtual byte[] GenerateSignature() + { + if (!forSigning || null == privateKey) + throw new InvalidOperationException("Ed25519ctxSigner not initialised for signature generation."); + + return buffer.GenerateSignature(privateKey, context); + } + + public virtual bool VerifySignature(byte[] signature) + { + if (forSigning || null == publicKey) + throw new InvalidOperationException("Ed25519ctxSigner not initialised for verification"); + + return buffer.VerifySignature(publicKey, context, signature); + } + + public virtual void Reset() + { + buffer.Reset(); + } + + private class Buffer : MemoryStream + { + internal byte[] GenerateSignature(Ed25519PrivateKeyParameters privateKey, byte[] ctx) + { + lock (this) + { +#if PORTABLE + byte[] buf = ToArray(); + int count = buf.Length; +#else + byte[] buf = GetBuffer(); + int count = (int)Position; +#endif + byte[] signature = new byte[Ed25519PrivateKeyParameters.SignatureSize]; + privateKey.Sign(Ed25519.Algorithm.Ed25519ctx, ctx, buf, 0, count, signature, 0); + Reset(); + return signature; + } + } + + internal bool VerifySignature(Ed25519PublicKeyParameters publicKey, byte[] ctx, byte[] signature) + { + if (Ed25519.SignatureSize != signature.Length) + { + Reset(); + return false; + } + + lock (this) + { +#if PORTABLE + byte[] buf = ToArray(); + int count = buf.Length; +#else + byte[] buf = GetBuffer(); + int count = (int)Position; +#endif + byte[] pk = publicKey.GetEncoded(); + bool result = Ed25519.Verify(signature, 0, pk, 0, ctx, buf, 0, count); + Reset(); + return result; + } + } + + internal void Reset() + { + lock (this) + { + long count = Position; +#if PORTABLE + this.Position = 0L; + Streams.WriteZeroes(this, count); +#else + Array.Clear(GetBuffer(), 0, (int)count); +#endif + this.Position = 0L; + } + } + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/signers/Ed25519phSigner.cs b/BouncyCastle/crypto/src/crypto/signers/Ed25519phSigner.cs new file mode 100644 index 0000000..8f4afab --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/signers/Ed25519phSigner.cs @@ -0,0 +1,91 @@ +using System; +using System.IO; + +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Math.EC.Rfc8032; +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Crypto.Signers +{ + public class Ed25519phSigner + : ISigner + { + private readonly IDigest prehash = Ed25519.CreatePrehash(); + private readonly byte[] context; + + private bool forSigning; + private Ed25519PrivateKeyParameters privateKey; + private Ed25519PublicKeyParameters publicKey; + + public Ed25519phSigner(byte[] context) + { + this.context = Arrays.Clone(context); + } + + public virtual string AlgorithmName + { + get { return "Ed25519ph"; } + } + + public virtual void Init(bool forSigning, ICipherParameters parameters) + { + this.forSigning = forSigning; + + if (forSigning) + { + this.privateKey = (Ed25519PrivateKeyParameters)parameters; + this.publicKey = null; + } + else + { + this.privateKey = null; + this.publicKey = (Ed25519PublicKeyParameters)parameters; + } + + Reset(); + } + + public virtual void Update(byte b) + { + prehash.Update(b); + } + + public virtual void BlockUpdate(byte[] buf, int off, int len) + { + prehash.BlockUpdate(buf, off, len); + } + + public virtual byte[] GenerateSignature() + { + if (!forSigning || null == privateKey) + throw new InvalidOperationException("Ed25519phSigner not initialised for signature generation."); + + byte[] msg = new byte[Ed25519.PrehashSize]; + if (Ed25519.PrehashSize != prehash.DoFinal(msg, 0)) + throw new InvalidOperationException("Prehash digest failed"); + + byte[] signature = new byte[Ed25519PrivateKeyParameters.SignatureSize]; + privateKey.Sign(Ed25519.Algorithm.Ed25519ph, context, msg, 0, Ed25519.PrehashSize, signature, 0); + return signature; + } + + public virtual bool VerifySignature(byte[] signature) + { + if (forSigning || null == publicKey) + throw new InvalidOperationException("Ed25519phSigner not initialised for verification"); + if (Ed25519.SignatureSize != signature.Length) + { + prehash.Reset(); + return false; + } + + byte[] pk = publicKey.GetEncoded(); + return Ed25519.VerifyPrehash(signature, 0, pk, 0, context, prehash); + } + + public void Reset() + { + prehash.Reset(); + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/signers/Ed448Signer.cs b/BouncyCastle/crypto/src/crypto/signers/Ed448Signer.cs new file mode 100644 index 0000000..7460298 --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/signers/Ed448Signer.cs @@ -0,0 +1,140 @@ +using System; +using System.IO; + +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Math.EC.Rfc8032; +using Org.BouncyCastle.Utilities; +using Org.BouncyCastle.Utilities.IO; + +namespace Org.BouncyCastle.Crypto.Signers +{ + public class Ed448Signer + : ISigner + { + private readonly Buffer buffer = new Buffer(); + private readonly byte[] context; + + private bool forSigning; + private Ed448PrivateKeyParameters privateKey; + private Ed448PublicKeyParameters publicKey; + + public Ed448Signer(byte[] context) + { + this.context = Arrays.Clone(context); + } + + public virtual string AlgorithmName + { + get { return "Ed448"; } + } + + public virtual void Init(bool forSigning, ICipherParameters parameters) + { + this.forSigning = forSigning; + + if (forSigning) + { + this.privateKey = (Ed448PrivateKeyParameters)parameters; + this.publicKey = null; + } + else + { + this.privateKey = null; + this.publicKey = (Ed448PublicKeyParameters)parameters; + } + + Reset(); + } + + public virtual void Update(byte b) + { + buffer.WriteByte(b); + } + + public virtual void BlockUpdate(byte[] buf, int off, int len) + { + buffer.Write(buf, off, len); + } + + public virtual byte[] GenerateSignature() + { + if (!forSigning || null == privateKey) + throw new InvalidOperationException("Ed448Signer not initialised for signature generation."); + + return buffer.GenerateSignature(privateKey, context); + } + + public virtual bool VerifySignature(byte[] signature) + { + if (forSigning || null == publicKey) + throw new InvalidOperationException("Ed448Signer not initialised for verification"); + + return buffer.VerifySignature(publicKey, context, signature); + } + + public virtual void Reset() + { + buffer.Reset(); + } + + private class Buffer : MemoryStream + { + internal byte[] GenerateSignature(Ed448PrivateKeyParameters privateKey, byte[] ctx) + { + lock (this) + { +#if PORTABLE + byte[] buf = ToArray(); + int count = buf.Length; +#else + byte[] buf = GetBuffer(); + int count = (int)Position; +#endif + byte[] signature = new byte[Ed448PrivateKeyParameters.SignatureSize]; + privateKey.Sign(Ed448.Algorithm.Ed448, ctx, buf, 0, count, signature, 0); + Reset(); + return signature; + } + } + + internal bool VerifySignature(Ed448PublicKeyParameters publicKey, byte[] ctx, byte[] signature) + { + if (Ed448.SignatureSize != signature.Length) + { + Reset(); + return false; + } + + lock (this) + { +#if PORTABLE + byte[] buf = ToArray(); + int count = buf.Length; +#else + byte[] buf = GetBuffer(); + int count = (int)Position; +#endif + byte[] pk = publicKey.GetEncoded(); + bool result = Ed448.Verify(signature, 0, pk, 0, ctx, buf, 0, count); + Reset(); + return result; + } + } + + internal void Reset() + { + lock (this) + { + long count = Position; +#if PORTABLE + this.Position = 0L; + Streams.WriteZeroes(this, count); +#else + Array.Clear(GetBuffer(), 0, (int)count); +#endif + this.Position = 0L; + } + } + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/signers/Ed448phSigner.cs b/BouncyCastle/crypto/src/crypto/signers/Ed448phSigner.cs new file mode 100644 index 0000000..197c2f7 --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/signers/Ed448phSigner.cs @@ -0,0 +1,91 @@ +using System; +using System.IO; + +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Math.EC.Rfc8032; +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Crypto.Signers +{ + public class Ed448phSigner + : ISigner + { + private readonly IXof prehash = Ed448.CreatePrehash(); + private readonly byte[] context; + + private bool forSigning; + private Ed448PrivateKeyParameters privateKey; + private Ed448PublicKeyParameters publicKey; + + public Ed448phSigner(byte[] context) + { + this.context = Arrays.Clone(context); + } + + public virtual string AlgorithmName + { + get { return "Ed448ph"; } + } + + public virtual void Init(bool forSigning, ICipherParameters parameters) + { + this.forSigning = forSigning; + + if (forSigning) + { + this.privateKey = (Ed448PrivateKeyParameters)parameters; + this.publicKey = null; + } + else + { + this.privateKey = null; + this.publicKey = (Ed448PublicKeyParameters)parameters; + } + + Reset(); + } + + public virtual void Update(byte b) + { + prehash.Update(b); + } + + public virtual void BlockUpdate(byte[] buf, int off, int len) + { + prehash.BlockUpdate(buf, off, len); + } + + public virtual byte[] GenerateSignature() + { + if (!forSigning || null == privateKey) + throw new InvalidOperationException("Ed448phSigner not initialised for signature generation."); + + byte[] msg = new byte[Ed448.PrehashSize]; + if (Ed448.PrehashSize != prehash.DoFinal(msg, 0, Ed448.PrehashSize)) + throw new InvalidOperationException("Prehash digest failed"); + + byte[] signature = new byte[Ed448PrivateKeyParameters.SignatureSize]; + privateKey.Sign(Ed448.Algorithm.Ed448ph, context, msg, 0, Ed448.PrehashSize, signature, 0); + return signature; + } + + public virtual bool VerifySignature(byte[] signature) + { + if (forSigning || null == publicKey) + throw new InvalidOperationException("Ed448phSigner not initialised for verification"); + if (Ed448.SignatureSize != signature.Length) + { + prehash.Reset(); + return false; + } + + byte[] pk = publicKey.GetEncoded(); + return Ed448.VerifyPrehash(signature, 0, pk, 0, context, prehash); + } + + public void Reset() + { + prehash.Reset(); + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/signers/GOST3410DigestSigner.cs b/BouncyCastle/crypto/src/crypto/signers/GOST3410DigestSigner.cs new file mode 100644 index 0000000..bff3586 --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/signers/GOST3410DigestSigner.cs @@ -0,0 +1,154 @@ +using System; +using System.Collections; +using System.IO; +using System.Text; + +using Org.BouncyCastle.Asn1; +using Org.BouncyCastle.Crypto.Signers; +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Math; +using Org.BouncyCastle.Security; + +namespace Org.BouncyCastle.Crypto.Signers +{ + public class Gost3410DigestSigner + : ISigner + { + private readonly IDigest digest; + private readonly IDsa dsaSigner; + private readonly int size; + private int halfSize; + private bool forSigning; + + + + public Gost3410DigestSigner( + IDsa signer, + IDigest digest) + { + this.dsaSigner = signer; + this.digest = digest; + + halfSize = digest.GetDigestSize(); + this.size = halfSize * 2; + + } + + public virtual string AlgorithmName + { + get { return digest.AlgorithmName + "with" + dsaSigner.AlgorithmName; } + } + + public virtual void Init( + bool forSigning, + ICipherParameters parameters) + { + this.forSigning = forSigning; + + AsymmetricKeyParameter k; + if (parameters is ParametersWithRandom) + { + k = (AsymmetricKeyParameter)((ParametersWithRandom)parameters).Parameters; + } + else + { + k = (AsymmetricKeyParameter)parameters; + } + + if (forSigning && !k.IsPrivate) + { + throw new InvalidKeyException("Signing Requires Private Key."); + } + + if (!forSigning && k.IsPrivate) + { + throw new InvalidKeyException("Verification Requires Public Key."); + } + + + Reset(); + + dsaSigner.Init(forSigning, parameters); + } + + /** + * update the internal digest with the byte b + */ + public virtual void Update( + byte input) + { + digest.Update(input); + } + + /** + * update the internal digest with the byte array in + */ + public virtual void BlockUpdate( + byte[] input, + int inOff, + int length) + { + digest.BlockUpdate(input, inOff, length); + } + + /** + * Generate a signature for the message we've been loaded with using + * the key we were initialised with. + */ + public virtual byte[] GenerateSignature() + { + if (!forSigning) + throw new InvalidOperationException("GOST3410DigestSigner not initialised for signature generation."); + + byte[] hash = new byte[digest.GetDigestSize()]; + digest.DoFinal(hash, 0); + + try + { + BigInteger[] sig = dsaSigner.GenerateSignature(hash); + byte[] sigBytes = new byte[size]; + + // TODO Add methods to allow writing BigInteger to existing byte array? + byte[] r = sig[0].ToByteArrayUnsigned(); + byte[] s = sig[1].ToByteArrayUnsigned(); + s.CopyTo(sigBytes, halfSize - s.Length); + r.CopyTo(sigBytes, size - r.Length); + return sigBytes; + } + catch (Exception e) + { + throw new SignatureException(e.Message, e); + } + } + + /// true if the internal state represents the signature described in the passed in array. + public virtual bool VerifySignature( + byte[] signature) + { + if (forSigning) + throw new InvalidOperationException("DSADigestSigner not initialised for verification"); + + byte[] hash = new byte[digest.GetDigestSize()]; + digest.DoFinal(hash, 0); + + BigInteger R, S; + try + { + R = new BigInteger(1, signature, halfSize, halfSize); + S = new BigInteger(1, signature, 0, halfSize); + } + catch (Exception e) + { + throw new SignatureException("error decoding signature bytes.", e); + } + + return dsaSigner.VerifySignature(hash, R, S); + } + + /// Reset the internal state + public virtual void Reset() + { + digest.Reset(); + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/signers/GOST3410Signer.cs b/BouncyCastle/crypto/src/crypto/signers/GOST3410Signer.cs new file mode 100644 index 0000000..bcc1125 --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/signers/GOST3410Signer.cs @@ -0,0 +1,128 @@ +using System; + +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Math; +using Org.BouncyCastle.Security; +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Crypto.Signers +{ + /** + * Gost R 34.10-94 Signature Algorithm + */ + public class Gost3410Signer + : IDsaExt + { + private Gost3410KeyParameters key; + private SecureRandom random; + + public virtual string AlgorithmName + { + get { return "GOST3410"; } + } + + public virtual void Init( + bool forSigning, + ICipherParameters parameters) + { + if (forSigning) + { + if (parameters is ParametersWithRandom) + { + ParametersWithRandom rParam = (ParametersWithRandom)parameters; + + this.random = rParam.Random; + parameters = rParam.Parameters; + } + else + { + this.random = new SecureRandom(); + } + + if (!(parameters is Gost3410PrivateKeyParameters)) + throw new InvalidKeyException("GOST3410 private key required for signing"); + + this.key = (Gost3410PrivateKeyParameters) parameters; + } + else + { + if (!(parameters is Gost3410PublicKeyParameters)) + throw new InvalidKeyException("GOST3410 public key required for signing"); + + this.key = (Gost3410PublicKeyParameters) parameters; + } + } + + public virtual BigInteger Order + { + get { return key.Parameters.Q; } + } + + /** + * generate a signature for the given message using the key we were + * initialised with. For conventional Gost3410 the message should be a Gost3411 + * hash of the message of interest. + * + * @param message the message that will be verified later. + */ + public virtual BigInteger[] GenerateSignature( + byte[] message) + { + byte[] mRev = Arrays.Reverse(message); // conversion is little-endian + BigInteger m = new BigInteger(1, mRev); + Gost3410Parameters parameters = key.Parameters; + BigInteger k; + + do + { + k = new BigInteger(parameters.Q.BitLength, random); + } + while (k.CompareTo(parameters.Q) >= 0); + + BigInteger r = parameters.A.ModPow(k, parameters.P).Mod(parameters.Q); + + BigInteger s = k.Multiply(m). + Add(((Gost3410PrivateKeyParameters)key).X.Multiply(r)). + Mod(parameters.Q); + + return new BigInteger[]{ r, s }; + } + + /** + * return true if the value r and s represent a Gost3410 signature for + * the passed in message for standard Gost3410 the message should be a + * Gost3411 hash of the real message to be verified. + */ + public virtual bool VerifySignature( + byte[] message, + BigInteger r, + BigInteger s) + { + byte[] mRev = Arrays.Reverse(message); // conversion is little-endian + BigInteger m = new BigInteger(1, mRev); + Gost3410Parameters parameters = key.Parameters; + + if (r.SignValue < 0 || parameters.Q.CompareTo(r) <= 0) + { + return false; + } + + if (s.SignValue < 0 || parameters.Q.CompareTo(s) <= 0) + { + return false; + } + + BigInteger v = m.ModPow(parameters.Q.Subtract(BigInteger.Two), parameters.Q); + + BigInteger z1 = s.Multiply(v).Mod(parameters.Q); + BigInteger z2 = (parameters.Q.Subtract(r)).Multiply(v).Mod(parameters.Q); + + z1 = parameters.A.ModPow(z1, parameters.P); + z2 = ((Gost3410PublicKeyParameters)key).Y.ModPow(z2, parameters.P); + + BigInteger u = z1.Multiply(z2).Mod(parameters.P).Mod(parameters.Q); + + return u.Equals(r); + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/signers/GenericSigner.cs b/BouncyCastle/crypto/src/crypto/signers/GenericSigner.cs new file mode 100644 index 0000000..a551217 --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/signers/GenericSigner.cs @@ -0,0 +1,130 @@ +using System; + +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Security; +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Crypto.Signers +{ + public class GenericSigner + : ISigner + { + private readonly IAsymmetricBlockCipher engine; + private readonly IDigest digest; + private bool forSigning; + + public GenericSigner( + IAsymmetricBlockCipher engine, + IDigest digest) + { + this.engine = engine; + this.digest = digest; + } + + public virtual string AlgorithmName + { + get { return "Generic(" + engine.AlgorithmName + "/" + digest.AlgorithmName + ")"; } + } + + /** + * initialise the signer for signing or verification. + * + * @param forSigning + * true if for signing, false otherwise + * @param parameters + * necessary parameters. + */ + public virtual void Init(bool forSigning, ICipherParameters parameters) + { + this.forSigning = forSigning; + + AsymmetricKeyParameter k; + if (parameters is ParametersWithRandom) + { + k = (AsymmetricKeyParameter)((ParametersWithRandom)parameters).Parameters; + } + else + { + k = (AsymmetricKeyParameter)parameters; + } + + if (forSigning && !k.IsPrivate) + throw new InvalidKeyException("Signing requires private key."); + + if (!forSigning && k.IsPrivate) + throw new InvalidKeyException("Verification requires public key."); + + Reset(); + + engine.Init(forSigning, parameters); + } + + /** + * update the internal digest with the byte b + */ + public virtual void Update(byte input) + { + digest.Update(input); + } + + /** + * update the internal digest with the byte array in + */ + public virtual void BlockUpdate(byte[] input, int inOff, int length) + { + digest.BlockUpdate(input, inOff, length); + } + + /** + * Generate a signature for the message we've been loaded with using the key + * we were initialised with. + */ + public virtual byte[] GenerateSignature() + { + if (!forSigning) + throw new InvalidOperationException("GenericSigner not initialised for signature generation."); + + byte[] hash = new byte[digest.GetDigestSize()]; + digest.DoFinal(hash, 0); + + return engine.ProcessBlock(hash, 0, hash.Length); + } + + /** + * return true if the internal state represents the signature described in + * the passed in array. + */ + public virtual bool VerifySignature(byte[] signature) + { + if (forSigning) + throw new InvalidOperationException("GenericSigner not initialised for verification"); + + byte[] hash = new byte[digest.GetDigestSize()]; + digest.DoFinal(hash, 0); + + try + { + byte[] sig = engine.ProcessBlock(signature, 0, signature.Length); + + // Extend with leading zeroes to match the digest size, if necessary. + if (sig.Length < hash.Length) + { + byte[] tmp = new byte[hash.Length]; + Array.Copy(sig, 0, tmp, tmp.Length - sig.Length, sig.Length); + sig = tmp; + } + + return Arrays.ConstantTimeAreEqual(sig, hash); + } + catch (Exception) + { + return false; + } + } + + public virtual void Reset() + { + digest.Reset(); + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/signers/HMacDsaKCalculator.cs b/BouncyCastle/crypto/src/crypto/signers/HMacDsaKCalculator.cs new file mode 100644 index 0000000..2641f58 --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/signers/HMacDsaKCalculator.cs @@ -0,0 +1,168 @@ +using System; + +using Org.BouncyCastle.Crypto.Macs; +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Math; +using Org.BouncyCastle.Security; +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Crypto.Signers +{ + /** + * A deterministic K calculator based on the algorithm in section 3.2 of RFC 6979. + */ + public class HMacDsaKCalculator + : IDsaKCalculator + { + private readonly HMac hMac; + private readonly byte[] K; + private readonly byte[] V; + + private BigInteger n; + + /** + * Base constructor. + * + * @param digest digest to build the HMAC on. + */ + public HMacDsaKCalculator(IDigest digest) + { + this.hMac = new HMac(digest); + this.V = new byte[hMac.GetMacSize()]; + this.K = new byte[hMac.GetMacSize()]; + } + + public virtual bool IsDeterministic + { + get { return true; } + } + + public virtual void Init(BigInteger n, SecureRandom random) + { + throw new InvalidOperationException("Operation not supported"); + } + + public void Init(BigInteger n, BigInteger d, byte[] message) + { + this.n = n; + + Arrays.Fill(V, (byte)0x01); + Arrays.Fill(K, (byte)0); + + int size = BigIntegers.GetUnsignedByteLength(n); + byte[] x = new byte[size]; + byte[] dVal = BigIntegers.AsUnsignedByteArray(d); + + Array.Copy(dVal, 0, x, x.Length - dVal.Length, dVal.Length); + + byte[] m = new byte[size]; + + BigInteger mInt = BitsToInt(message); + + if (mInt.CompareTo(n) >= 0) + { + mInt = mInt.Subtract(n); + } + + byte[] mVal = BigIntegers.AsUnsignedByteArray(mInt); + + Array.Copy(mVal, 0, m, m.Length - mVal.Length, mVal.Length); + + hMac.Init(new KeyParameter(K)); + + hMac.BlockUpdate(V, 0, V.Length); + hMac.Update((byte)0x00); + hMac.BlockUpdate(x, 0, x.Length); + hMac.BlockUpdate(m, 0, m.Length); + InitAdditionalInput0(hMac); + + hMac.DoFinal(K, 0); + + hMac.Init(new KeyParameter(K)); + + hMac.BlockUpdate(V, 0, V.Length); + + hMac.DoFinal(V, 0); + + hMac.BlockUpdate(V, 0, V.Length); + hMac.Update((byte)0x01); + hMac.BlockUpdate(x, 0, x.Length); + hMac.BlockUpdate(m, 0, m.Length); + + hMac.DoFinal(K, 0); + + hMac.Init(new KeyParameter(K)); + + hMac.BlockUpdate(V, 0, V.Length); + + hMac.DoFinal(V, 0); + } + + public virtual BigInteger NextK() + { + byte[] t = new byte[BigIntegers.GetUnsignedByteLength(n)]; + + for (;;) + { + int tOff = 0; + + while (tOff < t.Length) + { + hMac.BlockUpdate(V, 0, V.Length); + + hMac.DoFinal(V, 0); + + int len = System.Math.Min(t.Length - tOff, V.Length); + Array.Copy(V, 0, t, tOff, len); + tOff += len; + } + + BigInteger k = BitsToInt(t); + + if (k.SignValue > 0 && k.CompareTo(n) < 0) + { + return k; + } + + hMac.BlockUpdate(V, 0, V.Length); + hMac.Update((byte)0x00); + + hMac.DoFinal(K, 0); + + hMac.Init(new KeyParameter(K)); + + hMac.BlockUpdate(V, 0, V.Length); + + hMac.DoFinal(V, 0); + } + } + + /// Supports use of additional input. + /// + /// RFC 6979 3.6. Additional data may be added to the input of HMAC [..]. A use case may be a protocol that + /// requires a non-deterministic signature algorithm on a system that does not have access to a high-quality + /// random source. It suffices that the additional data[..] is non-repeating(e.g., a signature counter or a + /// monotonic clock) to ensure "random-looking" signatures are indistinguishable, in a cryptographic way, from + /// plain (EC)DSA signatures. + /// + /// By default there is no additional input. Override this method to supply additional input, bearing in mind + /// that this calculator may be used for many signatures. + /// + /// The to which the additional input should be added. + protected virtual void InitAdditionalInput0(HMac hmac0) + { + } + + private BigInteger BitsToInt(byte[] t) + { + BigInteger v = new BigInteger(1, t); + + if (t.Length * 8 > n.BitLength) + { + v = v.ShiftRight(t.Length * 8 - n.BitLength); + } + + return v; + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/signers/IDsaEncoding.cs b/BouncyCastle/crypto/src/crypto/signers/IDsaEncoding.cs new file mode 100644 index 0000000..cccc4f9 --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/signers/IDsaEncoding.cs @@ -0,0 +1,25 @@ +using System; + +using Org.BouncyCastle.Math; + +namespace Org.BouncyCastle.Crypto.Signers +{ + /// + /// An interface for different encoding formats for DSA signatures. + /// + public interface IDsaEncoding + { + /// Decode the (r, s) pair of a DSA signature. + /// The order of the group that r, s belong to. + /// An encoding of the (r, s) pair of a DSA signature. + /// The (r, s) of a DSA signature, stored in an array of exactly two elements, r followed by s. + BigInteger[] Decode(BigInteger n, byte[] encoding); + + /// Encode the (r, s) pair of a DSA signature. + /// The order of the group that r, s belong to. + /// The r value of a DSA signature. + /// The s value of a DSA signature. + /// An encoding of the DSA signature given by the provided (r, s) pair. + byte[] Encode(BigInteger n, BigInteger r, BigInteger s); + } +} diff --git a/BouncyCastle/crypto/src/crypto/signers/IDsaKCalculator.cs b/BouncyCastle/crypto/src/crypto/signers/IDsaKCalculator.cs new file mode 100644 index 0000000..645186d --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/signers/IDsaKCalculator.cs @@ -0,0 +1,44 @@ +using System; + +using Org.BouncyCastle.Math; +using Org.BouncyCastle.Security; + +namespace Org.BouncyCastle.Crypto.Signers +{ + /** + * Interface define calculators of K values for DSA/ECDSA. + */ + public interface IDsaKCalculator + { + /** + * Return true if this calculator is deterministic, false otherwise. + * + * @return true if deterministic, otherwise false. + */ + bool IsDeterministic { get; } + + /** + * Non-deterministic initialiser. + * + * @param n the order of the DSA group. + * @param random a source of randomness. + */ + void Init(BigInteger n, SecureRandom random); + + /** + * Deterministic initialiser. + * + * @param n the order of the DSA group. + * @param d the DSA private value. + * @param message the message being signed. + */ + void Init(BigInteger n, BigInteger d, byte[] message); + + /** + * Return the next valid value of K. + * + * @return a K value. + */ + BigInteger NextK(); + } +} diff --git a/BouncyCastle/crypto/src/crypto/signers/Iso9796d2PssSigner.cs b/BouncyCastle/crypto/src/crypto/signers/Iso9796d2PssSigner.cs new file mode 100644 index 0000000..6b80370 --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/signers/Iso9796d2PssSigner.cs @@ -0,0 +1,619 @@ +using System; +using System.Collections; + +using Org.BouncyCastle.Crypto.Digests; +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Security; +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Crypto.Signers +{ + /// ISO9796-2 - mechanism using a hash function with recovery (scheme 2 and 3). + ///

+ /// Note: the usual length for the salt is the length of the hash + /// function used in bytes.

+ /// + public class Iso9796d2PssSigner + : ISignerWithRecovery + { + /// + /// Return a reference to the recoveredMessage message. + /// + /// The full/partial recoveredMessage message. + /// + public byte[] GetRecoveredMessage() + { + return recoveredMessage; + } + + [Obsolete("Use 'IsoTrailers' instead")] + public const int TrailerImplicit = 0xBC; + [Obsolete("Use 'IsoTrailers' instead")] + public const int TrailerRipeMD160 = 0x31CC; + [Obsolete("Use 'IsoTrailers' instead")] + public const int TrailerRipeMD128 = 0x32CC; + [Obsolete("Use 'IsoTrailers' instead")] + public const int TrailerSha1 = 0x33CC; + [Obsolete("Use 'IsoTrailers' instead")] + public const int TrailerSha256 = 0x34CC; + [Obsolete("Use 'IsoTrailers' instead")] + public const int TrailerSha512 = 0x35CC; + [Obsolete("Use 'IsoTrailers' instead")] + public const int TrailerSha384 = 0x36CC; + [Obsolete("Use 'IsoTrailers' instead")] + public const int TrailerWhirlpool = 0x37CC; + + private IDigest digest; + private IAsymmetricBlockCipher cipher; + + private SecureRandom random; + private byte[] standardSalt; + + private int hLen; + private int trailer; + private int keyBits; + private byte[] block; + private byte[] mBuf; + private int messageLength; + private readonly int saltLength; + private bool fullMessage; + private byte[] recoveredMessage; + + private byte[] preSig; + private byte[] preBlock; + private int preMStart; + private int preTLength; + + /// + /// Generate a signer with either implicit or explicit trailers for ISO9796-2, scheme 2 or 3. + /// + /// base cipher to use for signature creation/verification + /// digest to use. + /// length of salt in bytes. + /// whether or not the trailer is implicit or gives the hash. + public Iso9796d2PssSigner( + IAsymmetricBlockCipher cipher, + IDigest digest, + int saltLength, + bool isImplicit) + { + this.cipher = cipher; + this.digest = digest; + this.hLen = digest.GetDigestSize(); + this.saltLength = saltLength; + + if (isImplicit) + { + trailer = IsoTrailers.TRAILER_IMPLICIT; + } + else if (IsoTrailers.NoTrailerAvailable(digest)) + { + throw new ArgumentException("no valid trailer", "digest"); + } + else + { + trailer = IsoTrailers.GetTrailer(digest); + } + } + + /// Constructor for a signer with an explicit digest trailer. + /// + /// + /// cipher to use. + /// + /// digest to sign with. + /// + /// length of salt in bytes. + /// + public Iso9796d2PssSigner( + IAsymmetricBlockCipher cipher, + IDigest digest, + int saltLength) + : this(cipher, digest, saltLength, false) + { + } + + public virtual string AlgorithmName + { + get { return digest.AlgorithmName + "with" + "ISO9796-2S2"; } + } + + /// Initialise the signer. + /// true if for signing, false if for verification. + /// parameters for signature generation/verification. If the + /// parameters are for generation they should be a ParametersWithRandom, + /// a ParametersWithSalt, or just an RsaKeyParameters object. If RsaKeyParameters + /// are passed in a SecureRandom will be created. + /// + /// if wrong parameter type or a fixed + /// salt is passed in which is the wrong length. + /// + public virtual void Init( + bool forSigning, + ICipherParameters parameters) + { + RsaKeyParameters kParam; + if (parameters is ParametersWithRandom) + { + ParametersWithRandom p = (ParametersWithRandom) parameters; + + kParam = (RsaKeyParameters) p.Parameters; + + if (forSigning) + { + random = p.Random; + } + } + else if (parameters is ParametersWithSalt) + { + if (!forSigning) + throw new ArgumentException("ParametersWithSalt only valid for signing", "parameters"); + + ParametersWithSalt p = (ParametersWithSalt) parameters; + + kParam = (RsaKeyParameters) p.Parameters; + standardSalt = p.GetSalt(); + + if (standardSalt.Length != saltLength) + throw new ArgumentException("Fixed salt is of wrong length"); + } + else + { + kParam = (RsaKeyParameters) parameters; + + if (forSigning) + { + random = new SecureRandom(); + } + } + + cipher.Init(forSigning, kParam); + + keyBits = kParam.Modulus.BitLength; + + block = new byte[(keyBits + 7) / 8]; + + if (trailer == IsoTrailers.TRAILER_IMPLICIT) + { + mBuf = new byte[block.Length - digest.GetDigestSize() - saltLength - 1 - 1]; + } + else + { + mBuf = new byte[block.Length - digest.GetDigestSize() - saltLength - 1 - 2]; + } + + Reset(); + } + + /// compare two byte arrays - constant time. + private bool IsSameAs(byte[] a, byte[] b) + { + if (messageLength != b.Length) + { + return false; + } + + bool isOkay = true; + + for (int i = 0; i != b.Length; i++) + { + if (a[i] != b[i]) + { + isOkay = false; + } + } + + return isOkay; + } + + /// clear possible sensitive data + private void ClearBlock( + byte[] block) + { + Array.Clear(block, 0, block.Length); + } + + public virtual void UpdateWithRecoveredMessage( + byte[] signature) + { + byte[] block = cipher.ProcessBlock(signature, 0, signature.Length); + + // + // adjust block size for leading zeroes if necessary + // + if (block.Length < (keyBits + 7) / 8) + { + byte[] tmp = new byte[(keyBits + 7) / 8]; + + Array.Copy(block, 0, tmp, tmp.Length - block.Length, block.Length); + ClearBlock(block); + block = tmp; + } + + int tLength; + + if (((block[block.Length - 1] & 0xFF) ^ 0xBC) == 0) + { + tLength = 1; + } + else + { + int sigTrail = ((block[block.Length - 2] & 0xFF) << 8) | (block[block.Length - 1] & 0xFF); + + if (IsoTrailers.NoTrailerAvailable(digest)) + throw new ArgumentException("unrecognised hash in signature"); + + if (sigTrail != IsoTrailers.GetTrailer(digest)) + throw new InvalidOperationException("signer initialised with wrong digest for trailer " + sigTrail); + + tLength = 2; + } + + // + // calculate H(m2) + // + byte[] m2Hash = new byte[hLen]; + digest.DoFinal(m2Hash, 0); + + // + // remove the mask + // + byte[] dbMask = MaskGeneratorFunction1(block, block.Length - hLen - tLength, hLen, block.Length - hLen - tLength); + for (int i = 0; i != dbMask.Length; i++) + { + block[i] ^= dbMask[i]; + } + + block[0] &= 0x7f; + + // + // find out how much padding we've got + // + int mStart = 0; + + while (mStart < block.Length) + { + if (block[mStart++] == 0x01) + break; + } + + if (mStart >= block.Length) + { + ClearBlock(block); + } + + fullMessage = (mStart > 1); + + recoveredMessage = new byte[dbMask.Length - mStart - saltLength]; + + Array.Copy(block, mStart, recoveredMessage, 0, recoveredMessage.Length); + recoveredMessage.CopyTo(mBuf, 0); + + preSig = signature; + preBlock = block; + preMStart = mStart; + preTLength = tLength; + } + + /// update the internal digest with the byte b + public virtual void Update( + byte input) + { + if (preSig == null && messageLength < mBuf.Length) + { + mBuf[messageLength++] = input; + } + else + { + digest.Update(input); + } + } + + /// update the internal digest with the byte array in + public virtual void BlockUpdate( + byte[] input, + int inOff, + int length) + { + if (preSig == null) + { + while (length > 0 && messageLength < mBuf.Length) + { + this.Update(input[inOff]); + inOff++; + length--; + } + } + + if (length > 0) + { + digest.BlockUpdate(input, inOff, length); + } + } + + /// reset the internal state + public virtual void Reset() + { + digest.Reset(); + messageLength = 0; + if (mBuf != null) + { + ClearBlock(mBuf); + } + if (recoveredMessage != null) + { + ClearBlock(recoveredMessage); + recoveredMessage = null; + } + fullMessage = false; + if (preSig != null) + { + preSig = null; + ClearBlock(preBlock); + preBlock = null; + } + } + + /// Generate a signature for the loaded message using the key we were + /// initialised with. + /// + public virtual byte[] GenerateSignature() + { + int digSize = digest.GetDigestSize(); + byte[] m2Hash = new byte[digSize]; + digest.DoFinal(m2Hash, 0); + + byte[] C = new byte[8]; + LtoOSP(messageLength * 8, C); + + digest.BlockUpdate(C, 0, C.Length); + digest.BlockUpdate(mBuf, 0, messageLength); + digest.BlockUpdate(m2Hash, 0, m2Hash.Length); + + byte[] salt; + if (standardSalt != null) + { + salt = standardSalt; + } + else + { + salt = new byte[saltLength]; + random.NextBytes(salt); + } + + digest.BlockUpdate(salt, 0, salt.Length); + + byte[] hash = new byte[digest.GetDigestSize()]; + digest.DoFinal(hash, 0); + + int tLength = 2; + if (trailer == IsoTrailers.TRAILER_IMPLICIT) + { + tLength = 1; + } + + int off = block.Length - messageLength - salt.Length - hLen - tLength - 1; + + block[off] = (byte) (0x01); + + Array.Copy(mBuf, 0, block, off + 1, messageLength); + Array.Copy(salt, 0, block, off + 1 + messageLength, salt.Length); + + byte[] dbMask = MaskGeneratorFunction1(hash, 0, hash.Length, block.Length - hLen - tLength); + for (int i = 0; i != dbMask.Length; i++) + { + block[i] ^= dbMask[i]; + } + + Array.Copy(hash, 0, block, block.Length - hLen - tLength, hLen); + + if (trailer == IsoTrailers.TRAILER_IMPLICIT) + { + block[block.Length - 1] = (byte)IsoTrailers.TRAILER_IMPLICIT; + } + else + { + block[block.Length - 2] = (byte) ((uint)trailer >> 8); + block[block.Length - 1] = (byte) trailer; + } + + block[0] &= (byte) (0x7f); + + byte[] b = cipher.ProcessBlock(block, 0, block.Length); + + ClearBlock(mBuf); + ClearBlock(block); + messageLength = 0; + + return b; + } + + /// return true if the signature represents a ISO9796-2 signature + /// for the passed in message. + /// + public virtual bool VerifySignature( + byte[] signature) + { + // + // calculate H(m2) + // + byte[] m2Hash = new byte[hLen]; + digest.DoFinal(m2Hash, 0); + + byte[] block; + int tLength; + int mStart = 0; + + if (preSig == null) + { + try + { + UpdateWithRecoveredMessage(signature); + } + catch (Exception) + { + return false; + } + } + else + { + if (!Arrays.AreEqual(preSig, signature)) + { + throw new InvalidOperationException("UpdateWithRecoveredMessage called on different signature"); + } + } + + block = preBlock; + mStart = preMStart; + tLength = preTLength; + + preSig = null; + preBlock = null; + + // + // check the hashes + // + byte[] C = new byte[8]; + LtoOSP(recoveredMessage.Length * 8, C); + + digest.BlockUpdate(C, 0, C.Length); + + if (recoveredMessage.Length != 0) + { + digest.BlockUpdate(recoveredMessage, 0, recoveredMessage.Length); + } + + digest.BlockUpdate(m2Hash, 0, m2Hash.Length); + + // Update for the salt + if (standardSalt != null) + { + digest.BlockUpdate(standardSalt, 0, standardSalt.Length); + } + else + { + digest.BlockUpdate(block, mStart + recoveredMessage.Length, saltLength); + } + + byte[] hash = new byte[digest.GetDigestSize()]; + digest.DoFinal(hash, 0); + + int off = block.Length - tLength - hash.Length; + + bool isOkay = true; + + for (int i = 0; i != hash.Length; i++) + { + if (hash[i] != block[off + i]) + { + isOkay = false; + } + } + + ClearBlock(block); + ClearBlock(hash); + + if (!isOkay) + { + fullMessage = false; + messageLength = 0; + ClearBlock(recoveredMessage); + return false; + } + + // + // if they've input a message check what we've recovered against + // what was input. + // + if (messageLength != 0) + { + if (!IsSameAs(mBuf, recoveredMessage)) + { + messageLength = 0; + ClearBlock(mBuf); + return false; + } + } + + messageLength = 0; + + ClearBlock(mBuf); + return true; + } + + /// + /// Return true if the full message was recoveredMessage. + /// + /// true on full message recovery, false otherwise, or if not sure. + /// + public virtual bool HasFullMessage() + { + return fullMessage; + } + + /// int to octet string. + /// int to octet string. + private void ItoOSP( + int i, + byte[] sp) + { + sp[0] = (byte)((uint)i >> 24); + sp[1] = (byte)((uint)i >> 16); + sp[2] = (byte)((uint)i >> 8); + sp[3] = (byte)((uint)i >> 0); + } + + /// long to octet string. + private void LtoOSP(long l, byte[] sp) + { + sp[0] = (byte)((ulong)l >> 56); + sp[1] = (byte)((ulong)l >> 48); + sp[2] = (byte)((ulong)l >> 40); + sp[3] = (byte)((ulong)l >> 32); + sp[4] = (byte)((ulong)l >> 24); + sp[5] = (byte)((ulong)l >> 16); + sp[6] = (byte)((ulong)l >> 8); + sp[7] = (byte)((ulong)l >> 0); + } + + /// mask generator function, as described in Pkcs1v2. + private byte[] MaskGeneratorFunction1( + byte[] Z, + int zOff, + int zLen, + int length) + { + byte[] mask = new byte[length]; + byte[] hashBuf = new byte[hLen]; + byte[] C = new byte[4]; + int counter = 0; + + digest.Reset(); + + do + { + ItoOSP(counter, C); + + digest.BlockUpdate(Z, zOff, zLen); + digest.BlockUpdate(C, 0, C.Length); + digest.DoFinal(hashBuf, 0); + + Array.Copy(hashBuf, 0, mask, counter * hLen, hLen); + } + while (++counter < (length / hLen)); + + if ((counter * hLen) < length) + { + ItoOSP(counter, C); + + digest.BlockUpdate(Z, zOff, zLen); + digest.BlockUpdate(C, 0, C.Length); + digest.DoFinal(hashBuf, 0); + + Array.Copy(hashBuf, 0, mask, counter * hLen, mask.Length - (counter * hLen)); + } + + return mask; + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/signers/Iso9796d2Signer.cs b/BouncyCastle/crypto/src/crypto/signers/Iso9796d2Signer.cs new file mode 100644 index 0000000..3039130 --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/signers/Iso9796d2Signer.cs @@ -0,0 +1,556 @@ +using System; +using System.Collections; + +using Org.BouncyCastle.Crypto; +using Org.BouncyCastle.Crypto.Digests; +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Crypto.Signers +{ + /// ISO9796-2 - mechanism using a hash function with recovery (scheme 1) + public class Iso9796d2Signer : ISignerWithRecovery + { + /// + /// Return a reference to the recoveredMessage message. + /// + /// The full/partial recoveredMessage message. + /// + public byte[] GetRecoveredMessage() + { + return recoveredMessage; + } + + [Obsolete("Use 'IsoTrailers' instead")] + public const int TrailerImplicit = 0xBC; + [Obsolete("Use 'IsoTrailers' instead")] + public const int TrailerRipeMD160 = 0x31CC; + [Obsolete("Use 'IsoTrailers' instead")] + public const int TrailerRipeMD128 = 0x32CC; + [Obsolete("Use 'IsoTrailers' instead")] + public const int TrailerSha1 = 0x33CC; + [Obsolete("Use 'IsoTrailers' instead")] + public const int TrailerSha256 = 0x34CC; + [Obsolete("Use 'IsoTrailers' instead")] + public const int TrailerSha512 = 0x35CC; + [Obsolete("Use 'IsoTrailers' instead")] + public const int TrailerSha384 = 0x36CC; + [Obsolete("Use 'IsoTrailers' instead")] + public const int TrailerWhirlpool = 0x37CC; + + private IDigest digest; + private IAsymmetricBlockCipher cipher; + + private int trailer; + private int keyBits; + private byte[] block; + private byte[] mBuf; + private int messageLength; + private bool fullMessage; + private byte[] recoveredMessage; + + private byte[] preSig; + private byte[] preBlock; + + /// + /// Generate a signer with either implicit or explicit trailers for ISO9796-2. + /// + /// base cipher to use for signature creation/verification + /// digest to use. + /// whether or not the trailer is implicit or gives the hash. + public Iso9796d2Signer( + IAsymmetricBlockCipher cipher, + IDigest digest, + bool isImplicit) + { + this.cipher = cipher; + this.digest = digest; + + if (isImplicit) + { + trailer = IsoTrailers.TRAILER_IMPLICIT; + } + else if (IsoTrailers.NoTrailerAvailable(digest)) + { + throw new ArgumentException("no valid trailer", "digest"); + } + else + { + trailer = IsoTrailers.GetTrailer(digest); + } + } + + /// Constructor for a signer with an explicit digest trailer. + /// + /// + /// cipher to use. + /// + /// digest to sign with. + /// + public Iso9796d2Signer(IAsymmetricBlockCipher cipher, IDigest digest) + : this(cipher, digest, false) + { + } + + public virtual string AlgorithmName + { + get { return digest.AlgorithmName + "with" + "ISO9796-2S1"; } + } + + public virtual void Init(bool forSigning, ICipherParameters parameters) + { + RsaKeyParameters kParam = (RsaKeyParameters) parameters; + + cipher.Init(forSigning, kParam); + + keyBits = kParam.Modulus.BitLength; + + block = new byte[(keyBits + 7) / 8]; + if (trailer == IsoTrailers.TRAILER_IMPLICIT) + { + mBuf = new byte[block.Length - digest.GetDigestSize() - 2]; + } + else + { + mBuf = new byte[block.Length - digest.GetDigestSize() - 3]; + } + + Reset(); + } + + /// compare two byte arrays - constant time. + private bool IsSameAs(byte[] a, byte[] b) + { + int checkLen; + if (messageLength > mBuf.Length) + { + if (mBuf.Length > b.Length) + { + return false; + } + + checkLen = mBuf.Length; + } + else + { + if (messageLength != b.Length) + { + return false; + } + + checkLen = b.Length; + } + + bool isOkay = true; + + for (int i = 0; i != checkLen; i++) + { + if (a[i] != b[i]) + { + isOkay = false; + } + } + + return isOkay; + } + + /// clear possible sensitive data + private void ClearBlock( + byte[] block) + { + Array.Clear(block, 0, block.Length); + } + + public virtual void UpdateWithRecoveredMessage( + byte[] signature) + { + byte[] block = cipher.ProcessBlock(signature, 0, signature.Length); + + if (((block[0] & 0xC0) ^ 0x40) != 0) + throw new InvalidCipherTextException("malformed signature"); + + if (((block[block.Length - 1] & 0xF) ^ 0xC) != 0) + throw new InvalidCipherTextException("malformed signature"); + + int delta = 0; + + if (((block[block.Length - 1] & 0xFF) ^ 0xBC) == 0) + { + delta = 1; + } + else + { + int sigTrail = ((block[block.Length - 2] & 0xFF) << 8) | (block[block.Length - 1] & 0xFF); + + if (IsoTrailers.NoTrailerAvailable(digest)) + throw new ArgumentException("unrecognised hash in signature"); + + if (sigTrail != IsoTrailers.GetTrailer(digest)) + throw new InvalidOperationException("signer initialised with wrong digest for trailer " + sigTrail); + + delta = 2; + } + + // + // find out how much padding we've got + // + int mStart = 0; + + for (mStart = 0; mStart != block.Length; mStart++) + { + if (((block[mStart] & 0x0f) ^ 0x0a) == 0) + break; + } + + mStart++; + + int off = block.Length - delta - digest.GetDigestSize(); + + // + // there must be at least one byte of message string + // + if ((off - mStart) <= 0) + throw new InvalidCipherTextException("malformed block"); + + // + // if we contain the whole message as well, check the hash of that. + // + if ((block[0] & 0x20) == 0) + { + fullMessage = true; + + recoveredMessage = new byte[off - mStart]; + Array.Copy(block, mStart, recoveredMessage, 0, recoveredMessage.Length); + } + else + { + fullMessage = false; + + recoveredMessage = new byte[off - mStart]; + Array.Copy(block, mStart, recoveredMessage, 0, recoveredMessage.Length); + } + + preSig = signature; + preBlock = block; + + digest.BlockUpdate(recoveredMessage, 0, recoveredMessage.Length); + messageLength = recoveredMessage.Length; + recoveredMessage.CopyTo(mBuf, 0); + } + + /// update the internal digest with the byte b + public virtual void Update( + byte input) + { + digest.Update(input); + + if (messageLength < mBuf.Length) + { + mBuf[messageLength] = input; + } + + messageLength++; + } + + /// update the internal digest with the byte array in + public virtual void BlockUpdate( + byte[] input, + int inOff, + int length) + { + while (length > 0 && messageLength < mBuf.Length) + { + //for (int i = 0; i < length && (i + messageLength) < mBuf.Length; i++) + //{ + // mBuf[messageLength + i] = input[inOff + i]; + //} + this.Update(input[inOff]); + inOff++; + length--; + } + + digest.BlockUpdate(input, inOff, length); + messageLength += length; + } + + /// reset the internal state + public virtual void Reset() + { + digest.Reset(); + messageLength = 0; + ClearBlock(mBuf); + + if (recoveredMessage != null) + { + ClearBlock(recoveredMessage); + } + + recoveredMessage = null; + fullMessage = false; + + if (preSig != null) + { + preSig = null; + ClearBlock(preBlock); + preBlock = null; + } + } + + /// Generate a signature for the loaded message using the key we were + /// initialised with. + /// + public virtual byte[] GenerateSignature() + { + int digSize = digest.GetDigestSize(); + + int t = 0; + int delta = 0; + + if (trailer == IsoTrailers.TRAILER_IMPLICIT) + { + t = 8; + delta = block.Length - digSize - 1; + digest.DoFinal(block, delta); + block[block.Length - 1] = (byte)IsoTrailers.TRAILER_IMPLICIT; + } + else + { + t = 16; + delta = block.Length - digSize - 2; + digest.DoFinal(block, delta); + block[block.Length - 2] = (byte) ((uint)trailer >> 8); + block[block.Length - 1] = (byte) trailer; + } + + byte header = 0; + int x = (digSize + messageLength) * 8 + t + 4 - keyBits; + + if (x > 0) + { + int mR = messageLength - ((x + 7) / 8); + header = (byte) (0x60); + + delta -= mR; + + Array.Copy(mBuf, 0, block, delta, mR); + } + else + { + header = (byte) (0x40); + delta -= messageLength; + + Array.Copy(mBuf, 0, block, delta, messageLength); + } + + if ((delta - 1) > 0) + { + for (int i = delta - 1; i != 0; i--) + { + block[i] = (byte) 0xbb; + } + block[delta - 1] ^= (byte) 0x01; + block[0] = (byte) 0x0b; + block[0] |= header; + } + else + { + block[0] = (byte) 0x0a; + block[0] |= header; + } + + byte[] b = cipher.ProcessBlock(block, 0, block.Length); + + messageLength = 0; + + ClearBlock(mBuf); + ClearBlock(block); + + return b; + } + + /// return true if the signature represents a ISO9796-2 signature + /// for the passed in message. + /// + public virtual bool VerifySignature(byte[] signature) + { + byte[] block; + + if (preSig == null) + { + try + { + block = cipher.ProcessBlock(signature, 0, signature.Length); + } + catch (Exception) + { + return false; + } + } + else + { + if (!Arrays.AreEqual(preSig, signature)) + throw new InvalidOperationException("updateWithRecoveredMessage called on different signature"); + + block = preBlock; + + preSig = null; + preBlock = null; + } + + if (((block[0] & 0xC0) ^ 0x40) != 0) + return ReturnFalse(block); + + if (((block[block.Length - 1] & 0xF) ^ 0xC) != 0) + return ReturnFalse(block); + + int delta = 0; + + if (((block[block.Length - 1] & 0xFF) ^ 0xBC) == 0) + { + delta = 1; + } + else + { + int sigTrail = ((block[block.Length - 2] & 0xFF) << 8) | (block[block.Length - 1] & 0xFF); + + if (IsoTrailers.NoTrailerAvailable(digest)) + throw new ArgumentException("unrecognised hash in signature"); + + if (sigTrail != IsoTrailers.GetTrailer(digest)) + throw new InvalidOperationException("signer initialised with wrong digest for trailer " + sigTrail); + + delta = 2; + } + + // + // find out how much padding we've got + // + int mStart = 0; + for (; mStart != block.Length; mStart++) + { + if (((block[mStart] & 0x0f) ^ 0x0a) == 0) + { + break; + } + } + + mStart++; + + // + // check the hashes + // + byte[] hash = new byte[digest.GetDigestSize()]; + + int off = block.Length - delta - hash.Length; + + // + // there must be at least one byte of message string + // + if ((off - mStart) <= 0) + { + return ReturnFalse(block); + } + + // + // if we contain the whole message as well, check the hash of that. + // + if ((block[0] & 0x20) == 0) + { + fullMessage = true; + + // check right number of bytes passed in. + if (messageLength > off - mStart) + { + return ReturnFalse(block); + } + + digest.Reset(); + digest.BlockUpdate(block, mStart, off - mStart); + digest.DoFinal(hash, 0); + + bool isOkay = true; + + for (int i = 0; i != hash.Length; i++) + { + block[off + i] ^= hash[i]; + if (block[off + i] != 0) + { + isOkay = false; + } + } + + if (!isOkay) + { + return ReturnFalse(block); + } + + recoveredMessage = new byte[off - mStart]; + Array.Copy(block, mStart, recoveredMessage, 0, recoveredMessage.Length); + } + else + { + fullMessage = false; + + digest.DoFinal(hash, 0); + + bool isOkay = true; + + for (int i = 0; i != hash.Length; i++) + { + block[off + i] ^= hash[i]; + if (block[off + i] != 0) + { + isOkay = false; + } + } + + if (!isOkay) + { + return ReturnFalse(block); + } + + recoveredMessage = new byte[off - mStart]; + Array.Copy(block, mStart, recoveredMessage, 0, recoveredMessage.Length); + } + + // + // if they've input a message check what we've recovered against + // what was input. + // + if (messageLength != 0) + { + if (!IsSameAs(mBuf, recoveredMessage)) + { + return ReturnFalse(block); + } + } + + ClearBlock(mBuf); + ClearBlock(block); + + messageLength = 0; + + return true; + } + + private bool ReturnFalse(byte[] block) + { + messageLength = 0; + + ClearBlock(mBuf); + ClearBlock(block); + + return false; + } + + /// + /// Return true if the full message was recoveredMessage. + /// + /// true on full message recovery, false otherwise. + /// + public virtual bool HasFullMessage() + { + return fullMessage; + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/signers/IsoTrailers.cs b/BouncyCastle/crypto/src/crypto/signers/IsoTrailers.cs new file mode 100644 index 0000000..497ffaf --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/signers/IsoTrailers.cs @@ -0,0 +1,57 @@ +using System; +using System.Collections; + +using Org.BouncyCastle.Crypto.Digests; +using Org.BouncyCastle.Utilities; +using Org.BouncyCastle.Utilities.Collections; + +namespace Org.BouncyCastle.Crypto.Signers +{ + public class IsoTrailers + { + public const int TRAILER_IMPLICIT = 0xBC; + public const int TRAILER_RIPEMD160 = 0x31CC; + public const int TRAILER_RIPEMD128 = 0x32CC; + public const int TRAILER_SHA1 = 0x33CC; + public const int TRAILER_SHA256 = 0x34CC; + public const int TRAILER_SHA512 = 0x35CC; + public const int TRAILER_SHA384 = 0x36CC; + public const int TRAILER_WHIRLPOOL = 0x37CC; + public const int TRAILER_SHA224 = 0x38CC; + public const int TRAILER_SHA512_224 = 0x39CC; + public const int TRAILER_SHA512_256 = 0x40CC; + + private static IDictionary CreateTrailerMap() + { + IDictionary trailers = Platform.CreateHashtable(); + + trailers.Add("RIPEMD128", TRAILER_RIPEMD128); + trailers.Add("RIPEMD160", TRAILER_RIPEMD160); + + trailers.Add("SHA-1", TRAILER_SHA1); + trailers.Add("SHA-224", TRAILER_SHA224); + trailers.Add("SHA-256", TRAILER_SHA256); + trailers.Add("SHA-384", TRAILER_SHA384); + trailers.Add("SHA-512", TRAILER_SHA512); + trailers.Add("SHA-512/224", TRAILER_SHA512_224); + trailers.Add("SHA-512/256", TRAILER_SHA512_256); + + trailers.Add("Whirlpool", TRAILER_WHIRLPOOL); + + return CollectionUtilities.ReadOnly(trailers); + } + + // IDictionary is (string -> Int32) + private static readonly IDictionary trailerMap = CreateTrailerMap(); + + public static int GetTrailer(IDigest digest) + { + return (int)trailerMap[digest.AlgorithmName]; + } + + public static bool NoTrailerAvailable(IDigest digest) + { + return !trailerMap.Contains(digest.AlgorithmName); + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/signers/PlainDsaEncoding.cs b/BouncyCastle/crypto/src/crypto/signers/PlainDsaEncoding.cs new file mode 100644 index 0000000..2e1f65a --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/signers/PlainDsaEncoding.cs @@ -0,0 +1,58 @@ +using System; + +using Org.BouncyCastle.Math; +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Crypto.Signers +{ + public class PlainDsaEncoding + : IDsaEncoding + { + public static readonly PlainDsaEncoding Instance = new PlainDsaEncoding(); + + public virtual BigInteger[] Decode(BigInteger n, byte[] encoding) + { + int valueLength = BigIntegers.GetUnsignedByteLength(n); + if (encoding.Length != valueLength * 2) + throw new ArgumentException("Encoding has incorrect length", "encoding"); + + return new BigInteger[] { + DecodeValue(n, encoding, 0, valueLength), + DecodeValue(n, encoding, valueLength, valueLength), + }; + } + + public virtual byte[] Encode(BigInteger n, BigInteger r, BigInteger s) + { + int valueLength = BigIntegers.GetUnsignedByteLength(n); + byte[] result = new byte[valueLength * 2]; + EncodeValue(n, r, result, 0, valueLength); + EncodeValue(n, s, result, valueLength, valueLength); + return result; + } + + protected virtual BigInteger CheckValue(BigInteger n, BigInteger x) + { + if (x.SignValue < 0 || x.CompareTo(n) >= 0) + throw new ArgumentException("Value out of range", "x"); + + return x; + } + + protected virtual BigInteger DecodeValue(BigInteger n, byte[] buf, int off, int len) + { + return CheckValue(n, new BigInteger(1, buf, off, len)); + } + + protected virtual void EncodeValue(BigInteger n, BigInteger x, byte[] buf, int off, int len) + { + byte[] bs = CheckValue(n, x).ToByteArrayUnsigned(); + int bsOff = System.Math.Max(0, bs.Length - len); + int bsLen = bs.Length - bsOff; + + int pos = len - bsLen; + Arrays.Fill(buf, off, off + pos, 0); + Array.Copy(bs, bsOff, buf, off + pos, bsLen); + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/signers/PssSigner.cs b/BouncyCastle/crypto/src/crypto/signers/PssSigner.cs new file mode 100644 index 0000000..66efa51 --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/signers/PssSigner.cs @@ -0,0 +1,412 @@ +using System; + +using Org.BouncyCastle.Crypto.Digests; +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Security; +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Crypto.Signers +{ + /// RSA-PSS as described in Pkcs# 1 v 2.1. + ///

+ /// Note: the usual value for the salt length is the number of + /// bytes in the hash function.

+ /// + public class PssSigner + : ISigner + { + public const byte TrailerImplicit = (byte)0xBC; + + private readonly IDigest contentDigest1, contentDigest2; + private readonly IDigest mgfDigest; + private readonly IAsymmetricBlockCipher cipher; + + private SecureRandom random; + + private int hLen; + private int mgfhLen; + private int sLen; + private bool sSet; + private int emBits; + private byte[] salt; + private byte[] mDash; + private byte[] block; + private byte trailer; + + public static PssSigner CreateRawSigner( + IAsymmetricBlockCipher cipher, + IDigest digest) + { + return new PssSigner(cipher, new NullDigest(), digest, digest, digest.GetDigestSize(), null, TrailerImplicit); + } + + public static PssSigner CreateRawSigner( + IAsymmetricBlockCipher cipher, + IDigest contentDigest, + IDigest mgfDigest, + int saltLen, + byte trailer) + { + return new PssSigner(cipher, new NullDigest(), contentDigest, mgfDigest, saltLen, null, trailer); + } + + public PssSigner( + IAsymmetricBlockCipher cipher, + IDigest digest) + : this(cipher, digest, digest.GetDigestSize()) + { + } + + /// Basic constructor + /// the asymmetric cipher to use. + /// the digest to use. + /// the length of the salt to use (in bytes). + public PssSigner( + IAsymmetricBlockCipher cipher, + IDigest digest, + int saltLen) + : this(cipher, digest, saltLen, TrailerImplicit) + { + } + + /// Basic constructor + /// the asymmetric cipher to use. + /// the digest to use. + /// the fixed salt to be used. + public PssSigner( + IAsymmetricBlockCipher cipher, + IDigest digest, + byte[] salt) + : this(cipher, digest, digest, digest, salt.Length, salt, TrailerImplicit) + { + } + + public PssSigner( + IAsymmetricBlockCipher cipher, + IDigest contentDigest, + IDigest mgfDigest, + int saltLen) + : this(cipher, contentDigest, mgfDigest, saltLen, TrailerImplicit) + { + } + + public PssSigner( + IAsymmetricBlockCipher cipher, + IDigest contentDigest, + IDigest mgfDigest, + byte[] salt) + : this(cipher, contentDigest, contentDigest, mgfDigest, salt.Length, salt, TrailerImplicit) + { + } + + public PssSigner( + IAsymmetricBlockCipher cipher, + IDigest digest, + int saltLen, + byte trailer) + : this(cipher, digest, digest, saltLen, trailer) + { + } + + public PssSigner( + IAsymmetricBlockCipher cipher, + IDigest contentDigest, + IDigest mgfDigest, + int saltLen, + byte trailer) + : this(cipher, contentDigest, contentDigest, mgfDigest, saltLen, null, trailer) + { + } + + private PssSigner( + IAsymmetricBlockCipher cipher, + IDigest contentDigest1, + IDigest contentDigest2, + IDigest mgfDigest, + int saltLen, + byte[] salt, + byte trailer) + { + this.cipher = cipher; + this.contentDigest1 = contentDigest1; + this.contentDigest2 = contentDigest2; + this.mgfDigest = mgfDigest; + this.hLen = contentDigest2.GetDigestSize(); + this.mgfhLen = mgfDigest.GetDigestSize(); + this.sLen = saltLen; + this.sSet = salt != null; + if (sSet) + { + this.salt = salt; + } + else + { + this.salt = new byte[saltLen]; + } + this.mDash = new byte[8 + saltLen + hLen]; + this.trailer = trailer; + } + + public virtual string AlgorithmName + { + get { return mgfDigest.AlgorithmName + "withRSAandMGF1"; } + } + + public virtual void Init( + bool forSigning, + ICipherParameters parameters) + { + if (parameters is ParametersWithRandom) + { + ParametersWithRandom p = (ParametersWithRandom) parameters; + + parameters = p.Parameters; + random = p.Random; + } + else + { + if (forSigning) + { + random = new SecureRandom(); + } + } + + cipher.Init(forSigning, parameters); + + RsaKeyParameters kParam; + if (parameters is RsaBlindingParameters) + { + kParam = ((RsaBlindingParameters) parameters).PublicKey; + } + else + { + kParam = (RsaKeyParameters) parameters; + } + + emBits = kParam.Modulus.BitLength - 1; + + if (emBits < (8 * hLen + 8 * sLen + 9)) + throw new ArgumentException("key too small for specified hash and salt lengths"); + + block = new byte[(emBits + 7) / 8]; + } + + /// clear possible sensitive data + private void ClearBlock( + byte[] block) + { + Array.Clear(block, 0, block.Length); + } + + /// update the internal digest with the byte b + public virtual void Update( + byte input) + { + contentDigest1.Update(input); + } + + /// update the internal digest with the byte array in + public virtual void BlockUpdate( + byte[] input, + int inOff, + int length) + { + contentDigest1.BlockUpdate(input, inOff, length); + } + + /// reset the internal state + public virtual void Reset() + { + contentDigest1.Reset(); + } + + /// Generate a signature for the message we've been loaded with using + /// the key we were initialised with. + /// + public virtual byte[] GenerateSignature() + { + contentDigest1.DoFinal(mDash, mDash.Length - hLen - sLen); + + if (sLen != 0) + { + if (!sSet) + { + random.NextBytes(salt); + } + salt.CopyTo(mDash, mDash.Length - sLen); + } + + byte[] h = new byte[hLen]; + + contentDigest2.BlockUpdate(mDash, 0, mDash.Length); + + contentDigest2.DoFinal(h, 0); + + block[block.Length - sLen - 1 - hLen - 1] = (byte) (0x01); + salt.CopyTo(block, block.Length - sLen - hLen - 1); + + byte[] dbMask = MaskGeneratorFunction(h, 0, h.Length, block.Length - hLen - 1); + for (int i = 0; i != dbMask.Length; i++) + { + block[i] ^= dbMask[i]; + } + + h.CopyTo(block, block.Length - hLen - 1); + + uint firstByteMask = 0xFFU >> ((block.Length * 8) - emBits); + + block[0] &= (byte)firstByteMask; + block[block.Length - 1] = trailer; + + byte[] b = cipher.ProcessBlock(block, 0, block.Length); + + ClearBlock(block); + + return b; + } + + /// return true if the internal state represents the signature described + /// in the passed in array. + /// + public virtual bool VerifySignature( + byte[] signature) + { + contentDigest1.DoFinal(mDash, mDash.Length - hLen - sLen); + + byte[] b = cipher.ProcessBlock(signature, 0, signature.Length); + Arrays.Fill(block, 0, block.Length - b.Length, 0); + b.CopyTo(block, block.Length - b.Length); + + uint firstByteMask = 0xFFU >> ((block.Length * 8) - emBits); + + if (block[0] != (byte)(block[0] & firstByteMask) + || block[block.Length - 1] != trailer) + { + ClearBlock(block); + return false; + } + + byte[] dbMask = MaskGeneratorFunction(block, block.Length - hLen - 1, hLen, block.Length - hLen - 1); + + for (int i = 0; i != dbMask.Length; i++) + { + block[i] ^= dbMask[i]; + } + + block[0] &= (byte)firstByteMask; + + for (int i = 0; i != block.Length - hLen - sLen - 2; i++) + { + if (block[i] != 0) + { + ClearBlock(block); + return false; + } + } + + if (block[block.Length - hLen - sLen - 2] != 0x01) + { + ClearBlock(block); + return false; + } + + if (sSet) + { + Array.Copy(salt, 0, mDash, mDash.Length - sLen, sLen); + } + else + { + Array.Copy(block, block.Length - sLen - hLen - 1, mDash, mDash.Length - sLen, sLen); + } + + contentDigest2.BlockUpdate(mDash, 0, mDash.Length); + contentDigest2.DoFinal(mDash, mDash.Length - hLen); + + for (int i = block.Length - hLen - 1, j = mDash.Length - hLen; j != mDash.Length; i++, j++) + { + if ((block[i] ^ mDash[j]) != 0) + { + ClearBlock(mDash); + ClearBlock(block); + return false; + } + } + + ClearBlock(mDash); + ClearBlock(block); + + return true; + } + + /// int to octet string. + private void ItoOSP( + int i, + byte[] sp) + { + sp[0] = (byte)((uint) i >> 24); + sp[1] = (byte)((uint) i >> 16); + sp[2] = (byte)((uint) i >> 8); + sp[3] = (byte)((uint) i >> 0); + } + + private byte[] MaskGeneratorFunction( + byte[] Z, + int zOff, + int zLen, + int length) + { + if (mgfDigest is IXof) + { + byte[] mask = new byte[length]; + mgfDigest.BlockUpdate(Z, zOff, zLen); + ((IXof)mgfDigest).DoFinal(mask, 0, mask.Length); + + return mask; + } + else + { + return MaskGeneratorFunction1(Z, zOff, zLen, length); + } + } + + /// mask generator function, as described in Pkcs1v2. + private byte[] MaskGeneratorFunction1( + byte[] Z, + int zOff, + int zLen, + int length) + { + byte[] mask = new byte[length]; + byte[] hashBuf = new byte[mgfhLen]; + byte[] C = new byte[4]; + int counter = 0; + + mgfDigest.Reset(); + + while (counter < (length / mgfhLen)) + { + ItoOSP(counter, C); + + mgfDigest.BlockUpdate(Z, zOff, zLen); + mgfDigest.BlockUpdate(C, 0, C.Length); + mgfDigest.DoFinal(hashBuf, 0); + + hashBuf.CopyTo(mask, counter * mgfhLen); + ++counter; + } + + if ((counter * mgfhLen) < length) + { + ItoOSP(counter, C); + + mgfDigest.BlockUpdate(Z, zOff, zLen); + mgfDigest.BlockUpdate(C, 0, C.Length); + mgfDigest.DoFinal(hashBuf, 0); + + Array.Copy(hashBuf, 0, mask, counter * mgfhLen, mask.Length - (counter * mgfhLen)); + } + + return mask; + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/signers/RandomDsaKCalculator.cs b/BouncyCastle/crypto/src/crypto/signers/RandomDsaKCalculator.cs new file mode 100644 index 0000000..022cc26 --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/signers/RandomDsaKCalculator.cs @@ -0,0 +1,44 @@ +using System; + +using Org.BouncyCastle.Math; +using Org.BouncyCastle.Security; + +namespace Org.BouncyCastle.Crypto.Signers +{ + public class RandomDsaKCalculator + : IDsaKCalculator + { + private BigInteger q; + private SecureRandom random; + + public virtual bool IsDeterministic + { + get { return false; } + } + + public virtual void Init(BigInteger n, SecureRandom random) + { + this.q = n; + this.random = random; + } + + public virtual void Init(BigInteger n, BigInteger d, byte[] message) + { + throw new InvalidOperationException("Operation not supported"); + } + + public virtual BigInteger NextK() + { + int qBitLength = q.BitLength; + + BigInteger k; + do + { + k = new BigInteger(qBitLength, random); + } + while (k.SignValue < 1 || k.CompareTo(q) >= 0); + + return k; + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/signers/RsaDigestSigner.cs b/BouncyCastle/crypto/src/crypto/signers/RsaDigestSigner.cs new file mode 100644 index 0000000..ce6bcb2 --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/signers/RsaDigestSigner.cs @@ -0,0 +1,239 @@ +using System; +using System.Collections; +using System.IO; +using System.Text; + +using Org.BouncyCastle.Asn1; +using Org.BouncyCastle.Asn1.Nist; +using Org.BouncyCastle.Asn1.Pkcs; +using Org.BouncyCastle.Asn1.TeleTrust; +using Org.BouncyCastle.Asn1.Utilities; +using Org.BouncyCastle.Asn1.X509; +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Crypto.Encodings; +using Org.BouncyCastle.Crypto.Engines; +using Org.BouncyCastle.Crypto.Signers; +using Org.BouncyCastle.Security; +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Crypto.Signers +{ + public class RsaDigestSigner + : ISigner + { + private readonly IAsymmetricBlockCipher rsaEngine; + private readonly AlgorithmIdentifier algId; + private readonly IDigest digest; + private bool forSigning; + + private static readonly IDictionary oidMap = Platform.CreateHashtable(); + + /// + /// Load oid table. + /// + static RsaDigestSigner() + { + oidMap["RIPEMD128"] = TeleTrusTObjectIdentifiers.RipeMD128; + oidMap["RIPEMD160"] = TeleTrusTObjectIdentifiers.RipeMD160; + oidMap["RIPEMD256"] = TeleTrusTObjectIdentifiers.RipeMD256; + + oidMap["SHA-1"] = X509ObjectIdentifiers.IdSha1; + oidMap["SHA-224"] = NistObjectIdentifiers.IdSha224; + oidMap["SHA-256"] = NistObjectIdentifiers.IdSha256; + oidMap["SHA-384"] = NistObjectIdentifiers.IdSha384; + oidMap["SHA-512"] = NistObjectIdentifiers.IdSha512; + oidMap["SHA-512/224"] = NistObjectIdentifiers.IdSha512_224; + oidMap["SHA-512/256"] = NistObjectIdentifiers.IdSha512_256; + oidMap["SHA3-224"] = NistObjectIdentifiers.IdSha3_224; + oidMap["SHA3-256"] = NistObjectIdentifiers.IdSha3_256; + oidMap["SHA3-384"] = NistObjectIdentifiers.IdSha3_384; + oidMap["SHA3-512"] = NistObjectIdentifiers.IdSha3_512; + + oidMap["MD2"] = PkcsObjectIdentifiers.MD2; + oidMap["MD4"] = PkcsObjectIdentifiers.MD4; + oidMap["MD5"] = PkcsObjectIdentifiers.MD5; + } + + public RsaDigestSigner(IDigest digest) + : this(digest, (DerObjectIdentifier)oidMap[digest.AlgorithmName]) + { + } + + public RsaDigestSigner(IDigest digest, DerObjectIdentifier digestOid) + : this(digest, new AlgorithmIdentifier(digestOid, DerNull.Instance)) + { + } + + public RsaDigestSigner(IDigest digest, AlgorithmIdentifier algId) + : this(new RsaCoreEngine(), digest, algId) + { + } + + public RsaDigestSigner(IRsa rsa, IDigest digest, DerObjectIdentifier digestOid) + : this(rsa, digest, new AlgorithmIdentifier(digestOid, DerNull.Instance)) + { + } + + public RsaDigestSigner(IRsa rsa, IDigest digest, AlgorithmIdentifier algId) + : this(new RsaBlindedEngine(rsa), digest, algId) + { + } + + public RsaDigestSigner(IAsymmetricBlockCipher rsaEngine, IDigest digest, AlgorithmIdentifier algId) + { + this.rsaEngine = new Pkcs1Encoding(rsaEngine); + this.digest = digest; + this.algId = algId; + } + + public virtual string AlgorithmName + { + get { return digest.AlgorithmName + "withRSA"; } + } + + /** + * Initialise the signer for signing or verification. + * + * @param forSigning true if for signing, false otherwise + * @param param necessary parameters. + */ + public virtual void Init( + bool forSigning, + ICipherParameters parameters) + { + this.forSigning = forSigning; + AsymmetricKeyParameter k; + + if (parameters is ParametersWithRandom) + { + k = (AsymmetricKeyParameter)((ParametersWithRandom)parameters).Parameters; + } + else + { + k = (AsymmetricKeyParameter)parameters; + } + + if (forSigning && !k.IsPrivate) + throw new InvalidKeyException("Signing requires private key."); + + if (!forSigning && k.IsPrivate) + throw new InvalidKeyException("Verification requires public key."); + + Reset(); + + rsaEngine.Init(forSigning, parameters); + } + + /** + * update the internal digest with the byte b + */ + public virtual void Update( + byte input) + { + digest.Update(input); + } + + /** + * update the internal digest with the byte array in + */ + public virtual void BlockUpdate( + byte[] input, + int inOff, + int length) + { + digest.BlockUpdate(input, inOff, length); + } + + /** + * Generate a signature for the message we've been loaded with using + * the key we were initialised with. + */ + public virtual byte[] GenerateSignature() + { + if (!forSigning) + throw new InvalidOperationException("RsaDigestSigner not initialised for signature generation."); + + byte[] hash = new byte[digest.GetDigestSize()]; + digest.DoFinal(hash, 0); + + byte[] data = DerEncode(hash); + return rsaEngine.ProcessBlock(data, 0, data.Length); + } + + /** + * return true if the internal state represents the signature described + * in the passed in array. + */ + public virtual bool VerifySignature( + byte[] signature) + { + if (forSigning) + throw new InvalidOperationException("RsaDigestSigner not initialised for verification"); + + byte[] hash = new byte[digest.GetDigestSize()]; + digest.DoFinal(hash, 0); + + byte[] sig; + byte[] expected; + + try + { + sig = rsaEngine.ProcessBlock(signature, 0, signature.Length); + expected = DerEncode(hash); + } + catch (Exception) + { + return false; + } + + if (sig.Length == expected.Length) + { + return Arrays.ConstantTimeAreEqual(sig, expected); + } + else if (sig.Length == expected.Length - 2) // NULL left out + { + int sigOffset = sig.Length - hash.Length - 2; + int expectedOffset = expected.Length - hash.Length - 2; + + expected[1] -= 2; // adjust lengths + expected[3] -= 2; + + int nonEqual = 0; + + for (int i = 0; i < hash.Length; i++) + { + nonEqual |= (sig[sigOffset + i] ^ expected[expectedOffset + i]); + } + + for (int i = 0; i < sigOffset; i++) + { + nonEqual |= (sig[i] ^ expected[i]); // check header less NULL + } + + return nonEqual == 0; + } + else + { + return false; + } + } + + public virtual void Reset() + { + digest.Reset(); + } + + private byte[] DerEncode(byte[] hash) + { + if (algId == null) + { + // For raw RSA, the DigestInfo must be prepared externally + return hash; + } + + DigestInfo dInfo = new DigestInfo(algId, hash); + + return dInfo.GetDerEncoded(); + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/signers/SM2Signer.cs b/BouncyCastle/crypto/src/crypto/signers/SM2Signer.cs new file mode 100644 index 0000000..c344a22 --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/signers/SM2Signer.cs @@ -0,0 +1,259 @@ +using System; + +using Org.BouncyCastle.Crypto.Digests; +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Math; +using Org.BouncyCastle.Math.EC; +using Org.BouncyCastle.Math.EC.Multiplier; +using Org.BouncyCastle.Security; +using Org.BouncyCastle.Utilities; +using Org.BouncyCastle.Utilities.Encoders; + +namespace Org.BouncyCastle.Crypto.Signers +{ + /// The SM2 Digital Signature algorithm. + public class SM2Signer + : ISigner + { + private readonly IDsaKCalculator kCalculator = new RandomDsaKCalculator(); + private readonly IDigest digest; + private readonly IDsaEncoding encoding; + + private ECDomainParameters ecParams; + private ECPoint pubPoint; + private ECKeyParameters ecKey; + private byte[] z; + + public SM2Signer() + : this(StandardDsaEncoding.Instance, new SM3Digest()) + { + } + + public SM2Signer(IDigest digest) + : this(StandardDsaEncoding.Instance, digest) + { + } + + public SM2Signer(IDsaEncoding encoding) + : this(encoding, new SM3Digest()) + { + } + + public SM2Signer(IDsaEncoding encoding, IDigest digest) + { + this.encoding = encoding; + this.digest = digest; + } + + public virtual string AlgorithmName + { + get { return "SM2Sign"; } + } + + public virtual void Init(bool forSigning, ICipherParameters parameters) + { + ICipherParameters baseParam; + byte[] userID; + + if (parameters is ParametersWithID) + { + baseParam = ((ParametersWithID)parameters).Parameters; + userID = ((ParametersWithID)parameters).GetID(); + + if (userID.Length >= 8192) + throw new ArgumentException("SM2 user ID must be less than 2^16 bits long"); + } + else + { + baseParam = parameters; + // the default value, string value is "1234567812345678" + userID = Hex.DecodeStrict("31323334353637383132333435363738"); + } + + if (forSigning) + { + if (baseParam is ParametersWithRandom) + { + ParametersWithRandom rParam = (ParametersWithRandom)baseParam; + + ecKey = (ECKeyParameters)rParam.Parameters; + ecParams = ecKey.Parameters; + kCalculator.Init(ecParams.N, rParam.Random); + } + else + { + ecKey = (ECKeyParameters)baseParam; + ecParams = ecKey.Parameters; + kCalculator.Init(ecParams.N, new SecureRandom()); + } + pubPoint = CreateBasePointMultiplier().Multiply(ecParams.G, ((ECPrivateKeyParameters)ecKey).D).Normalize(); + } + else + { + ecKey = (ECKeyParameters)baseParam; + ecParams = ecKey.Parameters; + pubPoint = ((ECPublicKeyParameters)ecKey).Q; + } + + digest.Reset(); + z = GetZ(userID); + + digest.BlockUpdate(z, 0, z.Length); + } + + public virtual void Update(byte b) + { + digest.Update(b); + } + + public virtual void BlockUpdate(byte[] buf, int off, int len) + { + digest.BlockUpdate(buf, off, len); + } + + public virtual bool VerifySignature(byte[] signature) + { + try + { + BigInteger[] rs = encoding.Decode(ecParams.N, signature); + + return VerifySignature(rs[0], rs[1]); + } + catch (Exception) + { + } + + return false; + } + + public virtual void Reset() + { + if (z != null) + { + digest.Reset(); + digest.BlockUpdate(z, 0, z.Length); + } + } + + public virtual byte[] GenerateSignature() + { + byte[] eHash = DigestUtilities.DoFinal(digest); + + BigInteger n = ecParams.N; + BigInteger e = CalculateE(n, eHash); + BigInteger d = ((ECPrivateKeyParameters)ecKey).D; + + BigInteger r, s; + + ECMultiplier basePointMultiplier = CreateBasePointMultiplier(); + + // 5.2.1 Draft RFC: SM2 Public Key Algorithms + do // generate s + { + BigInteger k; + do // generate r + { + // A3 + k = kCalculator.NextK(); + + // A4 + ECPoint p = basePointMultiplier.Multiply(ecParams.G, k).Normalize(); + + // A5 + r = e.Add(p.AffineXCoord.ToBigInteger()).Mod(n); + } + while (r.SignValue == 0 || r.Add(k).Equals(n)); + + // A6 + BigInteger dPlus1ModN = BigIntegers.ModOddInverse(n, d.Add(BigIntegers.One)); + + s = k.Subtract(r.Multiply(d)).Mod(n); + s = dPlus1ModN.Multiply(s).Mod(n); + } + while (s.SignValue == 0); + + // A7 + try + { + return encoding.Encode(ecParams.N, r, s); + } + catch (Exception ex) + { + throw new CryptoException("unable to encode signature: " + ex.Message, ex); + } + } + + private bool VerifySignature(BigInteger r, BigInteger s) + { + BigInteger n = ecParams.N; + + // 5.3.1 Draft RFC: SM2 Public Key Algorithms + // B1 + if (r.CompareTo(BigInteger.One) < 0 || r.CompareTo(n) >= 0) + return false; + + // B2 + if (s.CompareTo(BigInteger.One) < 0 || s.CompareTo(n) >= 0) + return false; + + // B3 + byte[] eHash = DigestUtilities.DoFinal(digest); + + // B4 + BigInteger e = CalculateE(n, eHash); + + // B5 + BigInteger t = r.Add(s).Mod(n); + if (t.SignValue == 0) + return false; + + // B6 + ECPoint q = ((ECPublicKeyParameters)ecKey).Q; + ECPoint x1y1 = ECAlgorithms.SumOfTwoMultiplies(ecParams.G, s, q, t).Normalize(); + if (x1y1.IsInfinity) + return false; + + // B7 + return r.Equals(e.Add(x1y1.AffineXCoord.ToBigInteger()).Mod(n)); + } + + private byte[] GetZ(byte[] userID) + { + AddUserID(digest, userID); + + AddFieldElement(digest, ecParams.Curve.A); + AddFieldElement(digest, ecParams.Curve.B); + AddFieldElement(digest, ecParams.G.AffineXCoord); + AddFieldElement(digest, ecParams.G.AffineYCoord); + AddFieldElement(digest, pubPoint.AffineXCoord); + AddFieldElement(digest, pubPoint.AffineYCoord); + + return DigestUtilities.DoFinal(digest); + } + + private void AddUserID(IDigest digest, byte[] userID) + { + int len = userID.Length * 8; + digest.Update((byte)(len >> 8)); + digest.Update((byte)len); + digest.BlockUpdate(userID, 0, userID.Length); + } + + private void AddFieldElement(IDigest digest, ECFieldElement v) + { + byte[] p = v.GetEncoded(); + digest.BlockUpdate(p, 0, p.Length); + } + + protected virtual BigInteger CalculateE(BigInteger n, byte[] message) + { + // TODO Should hashes larger than the order be truncated as with ECDSA? + return new BigInteger(1, message); + } + + protected virtual ECMultiplier CreateBasePointMultiplier() + { + return new FixedPointCombMultiplier(); + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/signers/StandardDsaEncoding.cs b/BouncyCastle/crypto/src/crypto/signers/StandardDsaEncoding.cs new file mode 100644 index 0000000..75ac084 --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/signers/StandardDsaEncoding.cs @@ -0,0 +1,56 @@ +using System; + +using Org.BouncyCastle.Asn1; +using Org.BouncyCastle.Math; +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Crypto.Signers +{ + public class StandardDsaEncoding + : IDsaEncoding + { + public static readonly StandardDsaEncoding Instance = new StandardDsaEncoding(); + + public virtual BigInteger[] Decode(BigInteger n, byte[] encoding) + { + Asn1Sequence seq = (Asn1Sequence)Asn1Object.FromByteArray(encoding); + if (seq.Count == 2) + { + BigInteger r = DecodeValue(n, seq, 0); + BigInteger s = DecodeValue(n, seq, 1); + + byte[] expectedEncoding = Encode(n, r, s); + if (Arrays.AreEqual(expectedEncoding, encoding)) + return new BigInteger[]{ r, s }; + } + + throw new ArgumentException("Malformed signature", "encoding"); + } + + public virtual byte[] Encode(BigInteger n, BigInteger r, BigInteger s) + { + return new DerSequence( + EncodeValue(n, r), + EncodeValue(n, s) + ).GetEncoded(Asn1Encodable.Der); + } + + protected virtual BigInteger CheckValue(BigInteger n, BigInteger x) + { + if (x.SignValue < 0 || (null != n && x.CompareTo(n) >= 0)) + throw new ArgumentException("Value out of range", "x"); + + return x; + } + + protected virtual BigInteger DecodeValue(BigInteger n, Asn1Sequence s, int pos) + { + return CheckValue(n, ((DerInteger)s[pos]).Value); + } + + protected virtual DerInteger EncodeValue(BigInteger n, BigInteger x) + { + return new DerInteger(CheckValue(n, x)); + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/signers/X931Signer.cs b/BouncyCastle/crypto/src/crypto/signers/X931Signer.cs new file mode 100644 index 0000000..6aeff87 --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/signers/X931Signer.cs @@ -0,0 +1,226 @@ +using System; +using System.Collections; + +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Math; +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Crypto.Signers +{ + /** + * X9.31-1998 - signing using a hash. + *

+ * The message digest hash, H, is encapsulated to form a byte string as follows + *

+ * 
+     * EB = 06 || PS || 0xBA || H || TRAILER
+     *
+ * where PS is a string of bytes all of value 0xBB of length such that |EB|=|n|, and TRAILER is the ISO/IEC 10118 part number† for the digest. The byte string, EB, is converted to an integer value, the message representative, f. + */ + public class X931Signer + : ISigner + { + [Obsolete("Use 'IsoTrailers' instead")] + public const int TRAILER_IMPLICIT = 0xBC; + [Obsolete("Use 'IsoTrailers' instead")] + public const int TRAILER_RIPEMD160 = 0x31CC; + [Obsolete("Use 'IsoTrailers' instead")] + public const int TRAILER_RIPEMD128 = 0x32CC; + [Obsolete("Use 'IsoTrailers' instead")] + public const int TRAILER_SHA1 = 0x33CC; + [Obsolete("Use 'IsoTrailers' instead")] + public const int TRAILER_SHA256 = 0x34CC; + [Obsolete("Use 'IsoTrailers' instead")] + public const int TRAILER_SHA512 = 0x35CC; + [Obsolete("Use 'IsoTrailers' instead")] + public const int TRAILER_SHA384 = 0x36CC; + [Obsolete("Use 'IsoTrailers' instead")] + public const int TRAILER_WHIRLPOOL = 0x37CC; + [Obsolete("Use 'IsoTrailers' instead")] + public const int TRAILER_SHA224 = 0x38CC; + + private IDigest digest; + private IAsymmetricBlockCipher cipher; + private RsaKeyParameters kParam; + + private int trailer; + private int keyBits; + private byte[] block; + + /** + * Generate a signer with either implicit or explicit trailers for X9.31. + * + * @param cipher base cipher to use for signature creation/verification + * @param digest digest to use. + * @param implicit whether or not the trailer is implicit or gives the hash. + */ + public X931Signer(IAsymmetricBlockCipher cipher, IDigest digest, bool isImplicit) + { + this.cipher = cipher; + this.digest = digest; + + if (isImplicit) + { + trailer = IsoTrailers.TRAILER_IMPLICIT; + } + else if (IsoTrailers.NoTrailerAvailable(digest)) + { + throw new ArgumentException("no valid trailer", "digest"); + } + else + { + trailer = IsoTrailers.GetTrailer(digest); + } + } + + public virtual string AlgorithmName + { + get { return digest.AlgorithmName + "with" + cipher.AlgorithmName + "/X9.31"; } + } + + /** + * Constructor for a signer with an explicit digest trailer. + * + * @param cipher cipher to use. + * @param digest digest to sign with. + */ + public X931Signer(IAsymmetricBlockCipher cipher, IDigest digest) + : this(cipher, digest, false) + { + } + + public virtual void Init(bool forSigning, ICipherParameters parameters) + { + kParam = (RsaKeyParameters)parameters; + + cipher.Init(forSigning, kParam); + + keyBits = kParam.Modulus.BitLength; + + block = new byte[(keyBits + 7) / 8]; + + Reset(); + } + + /// clear possible sensitive data + private void ClearBlock(byte[] block) + { + Array.Clear(block, 0, block.Length); + } + + /** + * update the internal digest with the byte b + */ + public virtual void Update(byte b) + { + digest.Update(b); + } + + /** + * update the internal digest with the byte array in + */ + public virtual void BlockUpdate(byte[] input, int off, int len) + { + digest.BlockUpdate(input, off, len); + } + + /** + * reset the internal state + */ + public virtual void Reset() + { + digest.Reset(); + } + + /** + * generate a signature for the loaded message using the key we were + * initialised with. + */ + public virtual byte[] GenerateSignature() + { + CreateSignatureBlock(); + + BigInteger t = new BigInteger(1, cipher.ProcessBlock(block, 0, block.Length)); + ClearBlock(block); + + t = t.Min(kParam.Modulus.Subtract(t)); + + int size = BigIntegers.GetUnsignedByteLength(kParam.Modulus); + return BigIntegers.AsUnsignedByteArray(size, t); + } + + private void CreateSignatureBlock() + { + int digSize = digest.GetDigestSize(); + + int delta; + if (trailer == IsoTrailers.TRAILER_IMPLICIT) + { + delta = block.Length - digSize - 1; + digest.DoFinal(block, delta); + block[block.Length - 1] = (byte)IsoTrailers.TRAILER_IMPLICIT; + } + else + { + delta = block.Length - digSize - 2; + digest.DoFinal(block, delta); + block[block.Length - 2] = (byte)(trailer >> 8); + block[block.Length - 1] = (byte)trailer; + } + + block[0] = 0x6b; + for (int i = delta - 2; i != 0; i--) + { + block[i] = (byte)0xbb; + } + block[delta - 1] = (byte)0xba; + } + + /** + * return true if the signature represents a ISO9796-2 signature + * for the passed in message. + */ + public virtual bool VerifySignature(byte[] signature) + { + try + { + block = cipher.ProcessBlock(signature, 0, signature.Length); + } + catch (Exception) + { + return false; + } + + BigInteger t = new BigInteger(1, block); + BigInteger f; + + if ((t.IntValue & 15) == 12) + { + f = t; + } + else + { + t = kParam.Modulus.Subtract(t); + if ((t.IntValue & 15) == 12) + { + f = t; + } + else + { + return false; + } + } + + CreateSignatureBlock(); + + byte[] fBlock = BigIntegers.AsUnsignedByteArray(block.Length, f); + + bool rv = Arrays.ConstantTimeAreEqual(block, fBlock); + + ClearBlock(block); + ClearBlock(fBlock); + + return rv; + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/tls/AbstractTlsAgreementCredentials.cs b/BouncyCastle/crypto/src/crypto/tls/AbstractTlsAgreementCredentials.cs new file mode 100644 index 0000000..2d7af80 --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/tls/AbstractTlsAgreementCredentials.cs @@ -0,0 +1,12 @@ +using System; +using System.IO; + +namespace Org.BouncyCastle.Crypto.Tls +{ + public abstract class AbstractTlsAgreementCredentials + : AbstractTlsCredentials, TlsAgreementCredentials + { + /// + public abstract byte[] GenerateAgreement(AsymmetricKeyParameter peerPublicKey); + } +} diff --git a/BouncyCastle/crypto/src/crypto/tls/AbstractTlsCipherFactory.cs b/BouncyCastle/crypto/src/crypto/tls/AbstractTlsCipherFactory.cs new file mode 100644 index 0000000..141ee65 --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/tls/AbstractTlsCipherFactory.cs @@ -0,0 +1,15 @@ +using System; +using System.IO; + +namespace Org.BouncyCastle.Crypto.Tls +{ + public class AbstractTlsCipherFactory + : TlsCipherFactory + { + /// + public virtual TlsCipher CreateCipher(TlsContext context, int encryptionAlgorithm, int macAlgorithm) + { + throw new TlsFatalAlert(AlertDescription.internal_error); + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/tls/AbstractTlsClient.cs b/BouncyCastle/crypto/src/crypto/tls/AbstractTlsClient.cs new file mode 100644 index 0000000..356aab8 --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/tls/AbstractTlsClient.cs @@ -0,0 +1,266 @@ +using System; +using System.Collections; +using System.IO; + +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Crypto.Tls +{ + public abstract class AbstractTlsClient + : AbstractTlsPeer, TlsClient + { + protected TlsCipherFactory mCipherFactory; + + protected TlsClientContext mContext; + + protected IList mSupportedSignatureAlgorithms; + protected int[] mNamedCurves; + protected byte[] mClientECPointFormats, mServerECPointFormats; + + protected int mSelectedCipherSuite; + protected short mSelectedCompressionMethod; + + public AbstractTlsClient() + : this(new DefaultTlsCipherFactory()) + { + } + + public AbstractTlsClient(TlsCipherFactory cipherFactory) + { + this.mCipherFactory = cipherFactory; + } + + protected virtual bool AllowUnexpectedServerExtension(int extensionType, byte[] extensionData) + { + switch (extensionType) + { + case ExtensionType.supported_groups: + /* + * Exception added based on field reports that some servers do send this, although the + * Supported Elliptic Curves Extension is clearly intended to be client-only. If + * present, we still require that it is a valid EllipticCurveList. + */ + TlsEccUtilities.ReadSupportedEllipticCurvesExtension(extensionData); + return true; + + case ExtensionType.ec_point_formats: + /* + * Exception added based on field reports that some servers send this even when they + * didn't negotiate an ECC cipher suite. If present, we still require that it is a valid + * ECPointFormatList. + */ + TlsEccUtilities.ReadSupportedPointFormatsExtension(extensionData); + return true; + + default: + return false; + } + } + + protected virtual void CheckForUnexpectedServerExtension(IDictionary serverExtensions, int extensionType) + { + byte[] extensionData = TlsUtilities.GetExtensionData(serverExtensions, extensionType); + if (extensionData != null && !AllowUnexpectedServerExtension(extensionType, extensionData)) + { + throw new TlsFatalAlert(AlertDescription.illegal_parameter); + } + } + + public virtual void Init(TlsClientContext context) + { + this.mContext = context; + } + + public virtual TlsSession GetSessionToResume() + { + return null; + } + + public virtual ProtocolVersion ClientHelloRecordLayerVersion + { + get + { + // "{03,00}" + //return ProtocolVersion.SSLv3; + + // "the lowest version number supported by the client" + //return MinimumVersion; + + // "the value of ClientHello.client_version" + return ClientVersion; + } + } + + public virtual ProtocolVersion ClientVersion + { + get { return ProtocolVersion.TLSv12; } + } + + public virtual bool IsFallback + { + /* + * RFC 7507 4. The TLS_FALLBACK_SCSV cipher suite value is meant for use by clients that + * repeat a connection attempt with a downgraded protocol (perform a "fallback retry") in + * order to work around interoperability problems with legacy servers. + */ + get { return false; } + } + + public virtual IDictionary GetClientExtensions() + { + IDictionary clientExtensions = null; + + ProtocolVersion clientVersion = mContext.ClientVersion; + + /* + * RFC 5246 7.4.1.4.1. Note: this extension is not meaningful for TLS versions prior to 1.2. + * Clients MUST NOT offer it if they are offering prior versions. + */ + if (TlsUtilities.IsSignatureAlgorithmsExtensionAllowed(clientVersion)) + { + // TODO Provide a way for the user to specify the acceptable hash/signature algorithms. + + this.mSupportedSignatureAlgorithms = TlsUtilities.GetDefaultSupportedSignatureAlgorithms(); + + clientExtensions = TlsExtensionsUtilities.EnsureExtensionsInitialised(clientExtensions); + + TlsUtilities.AddSignatureAlgorithmsExtension(clientExtensions, mSupportedSignatureAlgorithms); + } + + if (TlsEccUtilities.ContainsEccCipherSuites(GetCipherSuites())) + { + /* + * RFC 4492 5.1. A client that proposes ECC cipher suites in its ClientHello message + * appends these extensions (along with any others), enumerating the curves it supports + * and the point formats it can parse. Clients SHOULD send both the Supported Elliptic + * Curves Extension and the Supported Point Formats Extension. + */ + /* + * TODO Could just add all the curves since we support them all, but users may not want + * to use unnecessarily large fields. Need configuration options. + */ + this.mNamedCurves = new int[]{ NamedCurve.secp256r1, NamedCurve.secp384r1 }; + this.mClientECPointFormats = new byte[]{ ECPointFormat.uncompressed, + ECPointFormat.ansiX962_compressed_prime, ECPointFormat.ansiX962_compressed_char2, }; + + clientExtensions = TlsExtensionsUtilities.EnsureExtensionsInitialised(clientExtensions); + + TlsEccUtilities.AddSupportedEllipticCurvesExtension(clientExtensions, mNamedCurves); + TlsEccUtilities.AddSupportedPointFormatsExtension(clientExtensions, mClientECPointFormats); + } + + return clientExtensions; + } + + public virtual ProtocolVersion MinimumVersion + { + get { return ProtocolVersion.TLSv10; } + } + + public virtual void NotifyServerVersion(ProtocolVersion serverVersion) + { + if (!MinimumVersion.IsEqualOrEarlierVersionOf(serverVersion)) + throw new TlsFatalAlert(AlertDescription.protocol_version); + } + + public abstract int[] GetCipherSuites(); + + public virtual byte[] GetCompressionMethods() + { + return new byte[]{ CompressionMethod.cls_null }; + } + + public virtual void NotifySessionID(byte[] sessionID) + { + // Currently ignored + } + + public virtual void NotifySelectedCipherSuite(int selectedCipherSuite) + { + this.mSelectedCipherSuite = selectedCipherSuite; + } + + public virtual void NotifySelectedCompressionMethod(byte selectedCompressionMethod) + { + this.mSelectedCompressionMethod = selectedCompressionMethod; + } + + public virtual void ProcessServerExtensions(IDictionary serverExtensions) + { + /* + * TlsProtocol implementation validates that any server extensions received correspond to + * client extensions sent. By default, we don't send any, and this method is not called. + */ + if (serverExtensions != null) + { + /* + * RFC 5246 7.4.1.4.1. Servers MUST NOT send this extension. + */ + CheckForUnexpectedServerExtension(serverExtensions, ExtensionType.signature_algorithms); + + CheckForUnexpectedServerExtension(serverExtensions, ExtensionType.supported_groups); + + if (TlsEccUtilities.IsEccCipherSuite(this.mSelectedCipherSuite)) + { + this.mServerECPointFormats = TlsEccUtilities.GetSupportedPointFormatsExtension(serverExtensions); + } + else + { + CheckForUnexpectedServerExtension(serverExtensions, ExtensionType.ec_point_formats); + } + + /* + * RFC 7685 3. The server MUST NOT echo the extension. + */ + CheckForUnexpectedServerExtension(serverExtensions, ExtensionType.padding); + } + } + + public virtual void ProcessServerSupplementalData(IList serverSupplementalData) + { + if (serverSupplementalData != null) + throw new TlsFatalAlert(AlertDescription.unexpected_message); + } + + public abstract TlsKeyExchange GetKeyExchange(); + + public abstract TlsAuthentication GetAuthentication(); + + public virtual IList GetClientSupplementalData() + { + return null; + } + + public override TlsCompression GetCompression() + { + switch (mSelectedCompressionMethod) + { + case CompressionMethod.cls_null: + return new TlsNullCompression(); + + case CompressionMethod.DEFLATE: + return new TlsDeflateCompression(); + + default: + /* + * Note: internal error here; the TlsProtocol implementation verifies that the + * server-selected compression method was in the list of client-offered compression + * methods, so if we now can't produce an implementation, we shouldn't have offered it! + */ + throw new TlsFatalAlert(AlertDescription.internal_error); + } + } + + public override TlsCipher GetCipher() + { + int encryptionAlgorithm = TlsUtilities.GetEncryptionAlgorithm(mSelectedCipherSuite); + int macAlgorithm = TlsUtilities.GetMacAlgorithm(mSelectedCipherSuite); + + return mCipherFactory.CreateCipher(mContext, encryptionAlgorithm, macAlgorithm); + } + + public virtual void NotifyNewSessionTicket(NewSessionTicket newSessionTicket) + { + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/tls/AbstractTlsContext.cs b/BouncyCastle/crypto/src/crypto/tls/AbstractTlsContext.cs new file mode 100644 index 0000000..bbcdb5e --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/tls/AbstractTlsContext.cs @@ -0,0 +1,166 @@ +using System; +using System.Threading; + +using Org.BouncyCastle.Crypto.Prng; +using Org.BouncyCastle.Crypto.Utilities; +using Org.BouncyCastle.Security; +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Crypto.Tls +{ + internal abstract class AbstractTlsContext + : TlsContext + { + private static long counter = Times.NanoTime(); + +#if NETCF_1_0 + private static object counterLock = new object(); + private static long NextCounterValue() + { + lock (counterLock) + { + return ++counter; + } + } +#else + private static long NextCounterValue() + { + return Interlocked.Increment(ref counter); + } +#endif + + private static IRandomGenerator CreateNonceRandom(SecureRandom secureRandom, int connectionEnd) + { + byte[] additionalSeedMaterial = new byte[16]; + Pack.UInt64_To_BE((ulong)NextCounterValue(), additionalSeedMaterial, 0); + Pack.UInt64_To_BE((ulong)Times.NanoTime(), additionalSeedMaterial, 8); + additionalSeedMaterial[0] &= 0x7F; + additionalSeedMaterial[0] |= (byte)(connectionEnd << 7); + + IDigest digest = TlsUtilities.CreateHash(HashAlgorithm.sha256); + + byte[] seed = new byte[digest.GetDigestSize()]; + secureRandom.NextBytes(seed); + + IRandomGenerator nonceRandom = new DigestRandomGenerator(digest); + nonceRandom.AddSeedMaterial(additionalSeedMaterial); + nonceRandom.AddSeedMaterial(seed); + return nonceRandom; + } + + private readonly IRandomGenerator mNonceRandom; + private readonly SecureRandom mSecureRandom; + private readonly SecurityParameters mSecurityParameters; + + private ProtocolVersion mClientVersion = null; + private ProtocolVersion mServerVersion = null; + private TlsSession mSession = null; + private object mUserObject = null; + + internal AbstractTlsContext(SecureRandom secureRandom, SecurityParameters securityParameters) + { + this.mSecureRandom = secureRandom; + this.mSecurityParameters = securityParameters; + this.mNonceRandom = CreateNonceRandom(secureRandom, securityParameters.Entity); + } + + public virtual IRandomGenerator NonceRandomGenerator + { + get { return mNonceRandom; } + } + + public virtual SecureRandom SecureRandom + { + get { return mSecureRandom; } + } + + public virtual SecurityParameters SecurityParameters + { + get { return mSecurityParameters; } + } + + public abstract bool IsServer { get; } + + public virtual ProtocolVersion ClientVersion + { + get { return mClientVersion; } + } + + internal virtual void SetClientVersion(ProtocolVersion clientVersion) + { + this.mClientVersion = clientVersion; + } + + public virtual ProtocolVersion ServerVersion + { + get { return mServerVersion; } + } + + internal virtual void SetServerVersion(ProtocolVersion serverVersion) + { + this.mServerVersion = serverVersion; + } + + public virtual TlsSession ResumableSession + { + get { return mSession; } + } + + internal virtual void SetResumableSession(TlsSession session) + { + this.mSession = session; + } + + public virtual object UserObject + { + get { return mUserObject; } + set { this.mUserObject = value; } + } + + public virtual byte[] ExportKeyingMaterial(string asciiLabel, byte[] context_value, int length) + { + if (context_value != null && !TlsUtilities.IsValidUint16(context_value.Length)) + throw new ArgumentException("must have length less than 2^16 (or be null)", "context_value"); + + SecurityParameters sp = SecurityParameters; + if (!sp.IsExtendedMasterSecret) + { + /* + * RFC 7627 5.4. If a client or server chooses to continue with a full handshake without + * the extended master secret extension, [..] the client or server MUST NOT export any + * key material based on the new master secret for any subsequent application-level + * authentication. In particular, it MUST disable [RFC5705] [..]. + */ + throw new InvalidOperationException("cannot export keying material without extended_master_secret"); + } + + byte[] cr = sp.ClientRandom, sr = sp.ServerRandom; + + int seedLength = cr.Length + sr.Length; + if (context_value != null) + { + seedLength += (2 + context_value.Length); + } + + byte[] seed = new byte[seedLength]; + int seedPos = 0; + + Array.Copy(cr, 0, seed, seedPos, cr.Length); + seedPos += cr.Length; + Array.Copy(sr, 0, seed, seedPos, sr.Length); + seedPos += sr.Length; + if (context_value != null) + { + TlsUtilities.WriteUint16(context_value.Length, seed, seedPos); + seedPos += 2; + Array.Copy(context_value, 0, seed, seedPos, context_value.Length); + seedPos += context_value.Length; + } + + if (seedPos != seedLength) + throw new InvalidOperationException("error in calculation of seed for export"); + + return TlsUtilities.PRF(this, sp.MasterSecret, asciiLabel, seed, length); + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/tls/AbstractTlsCredentials.cs b/BouncyCastle/crypto/src/crypto/tls/AbstractTlsCredentials.cs new file mode 100644 index 0000000..6411b81 --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/tls/AbstractTlsCredentials.cs @@ -0,0 +1,10 @@ +using System; + +namespace Org.BouncyCastle.Crypto.Tls +{ + public abstract class AbstractTlsCredentials + : TlsCredentials + { + public abstract Certificate Certificate { get; } + } +} diff --git a/BouncyCastle/crypto/src/crypto/tls/AbstractTlsEncryptionCredentials.cs b/BouncyCastle/crypto/src/crypto/tls/AbstractTlsEncryptionCredentials.cs new file mode 100644 index 0000000..05b129c --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/tls/AbstractTlsEncryptionCredentials.cs @@ -0,0 +1,12 @@ +using System; +using System.IO; + +namespace Org.BouncyCastle.Crypto.Tls +{ + public abstract class AbstractTlsEncryptionCredentials + : AbstractTlsCredentials, TlsEncryptionCredentials + { + /// + public abstract byte[] DecryptPreMasterSecret(byte[] encryptedPreMasterSecret); + } +} diff --git a/BouncyCastle/crypto/src/crypto/tls/AbstractTlsKeyExchange.cs b/BouncyCastle/crypto/src/crypto/tls/AbstractTlsKeyExchange.cs new file mode 100644 index 0000000..294b249 --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/tls/AbstractTlsKeyExchange.cs @@ -0,0 +1,177 @@ +using System; +using System.Collections; +using System.IO; + +namespace Org.BouncyCastle.Crypto.Tls +{ + public abstract class AbstractTlsKeyExchange + : TlsKeyExchange + { + protected readonly int mKeyExchange; + protected IList mSupportedSignatureAlgorithms; + + protected TlsContext mContext; + + protected AbstractTlsKeyExchange(int keyExchange, IList supportedSignatureAlgorithms) + { + this.mKeyExchange = keyExchange; + this.mSupportedSignatureAlgorithms = supportedSignatureAlgorithms; + } + + protected virtual DigitallySigned ParseSignature(Stream input) + { + DigitallySigned signature = DigitallySigned.Parse(mContext, input); + SignatureAndHashAlgorithm signatureAlgorithm = signature.Algorithm; + if (signatureAlgorithm != null) + { + TlsUtilities.VerifySupportedSignatureAlgorithm(mSupportedSignatureAlgorithms, signatureAlgorithm); + } + return signature; + } + + public virtual void Init(TlsContext context) + { + this.mContext = context; + + ProtocolVersion clientVersion = context.ClientVersion; + + if (TlsUtilities.IsSignatureAlgorithmsExtensionAllowed(clientVersion)) + { + /* + * RFC 5246 7.4.1.4.1. If the client does not send the signature_algorithms extension, + * the server MUST do the following: + * + * - If the negotiated key exchange algorithm is one of (RSA, DHE_RSA, DH_RSA, RSA_PSK, + * ECDH_RSA, ECDHE_RSA), behave as if client had sent the value {sha1,rsa}. + * + * - If the negotiated key exchange algorithm is one of (DHE_DSS, DH_DSS), behave as if + * the client had sent the value {sha1,dsa}. + * + * - If the negotiated key exchange algorithm is one of (ECDH_ECDSA, ECDHE_ECDSA), + * behave as if the client had sent value {sha1,ecdsa}. + */ + if (this.mSupportedSignatureAlgorithms == null) + { + switch (mKeyExchange) + { + case KeyExchangeAlgorithm.DH_DSS: + case KeyExchangeAlgorithm.DHE_DSS: + case KeyExchangeAlgorithm.SRP_DSS: + { + this.mSupportedSignatureAlgorithms = TlsUtilities.GetDefaultDssSignatureAlgorithms(); + break; + } + + case KeyExchangeAlgorithm.ECDH_ECDSA: + case KeyExchangeAlgorithm.ECDHE_ECDSA: + { + this.mSupportedSignatureAlgorithms = TlsUtilities.GetDefaultECDsaSignatureAlgorithms(); + break; + } + + case KeyExchangeAlgorithm.DH_RSA: + case KeyExchangeAlgorithm.DHE_RSA: + case KeyExchangeAlgorithm.ECDH_RSA: + case KeyExchangeAlgorithm.ECDHE_RSA: + case KeyExchangeAlgorithm.RSA: + case KeyExchangeAlgorithm.RSA_PSK: + case KeyExchangeAlgorithm.SRP_RSA: + { + this.mSupportedSignatureAlgorithms = TlsUtilities.GetDefaultRsaSignatureAlgorithms(); + break; + } + + case KeyExchangeAlgorithm.DHE_PSK: + case KeyExchangeAlgorithm.ECDHE_PSK: + case KeyExchangeAlgorithm.PSK: + case KeyExchangeAlgorithm.SRP: + break; + + default: + throw new InvalidOperationException("unsupported key exchange algorithm"); + } + } + + } + else if (this.mSupportedSignatureAlgorithms != null) + { + throw new InvalidOperationException("supported_signature_algorithms not allowed for " + clientVersion); + } + } + + public abstract void SkipServerCredentials(); + + public virtual void ProcessServerCertificate(Certificate serverCertificate) + { + if (mSupportedSignatureAlgorithms == null) + { + /* + * TODO RFC 2246 7.4.2. Unless otherwise specified, the signing algorithm for the + * certificate must be the same as the algorithm for the certificate key. + */ + } + else + { + /* + * TODO RFC 5246 7.4.2. If the client provided a "signature_algorithms" extension, then + * all certificates provided by the server MUST be signed by a hash/signature algorithm + * pair that appears in that extension. + */ + } + } + + public virtual void ProcessServerCredentials(TlsCredentials serverCredentials) + { + ProcessServerCertificate(serverCredentials.Certificate); + } + + public virtual bool RequiresServerKeyExchange + { + get { return false; } + } + + public virtual byte[] GenerateServerKeyExchange() + { + if (RequiresServerKeyExchange) + throw new TlsFatalAlert(AlertDescription.internal_error); + + return null; + } + + public virtual void SkipServerKeyExchange() + { + if (RequiresServerKeyExchange) + throw new TlsFatalAlert(AlertDescription.unexpected_message); + } + + public virtual void ProcessServerKeyExchange(Stream input) + { + if (!RequiresServerKeyExchange) + { + throw new TlsFatalAlert(AlertDescription.unexpected_message); + } + } + + public abstract void ValidateCertificateRequest(CertificateRequest certificateRequest); + + public virtual void SkipClientCredentials() + { + } + + public abstract void ProcessClientCredentials(TlsCredentials clientCredentials); + + public virtual void ProcessClientCertificate(Certificate clientCertificate) + { + } + + public abstract void GenerateClientKeyExchange(Stream output); + + public virtual void ProcessClientKeyExchange(Stream input) + { + // Key exchange implementation MUST support client key exchange + throw new TlsFatalAlert(AlertDescription.internal_error); + } + + public abstract byte[] GeneratePremasterSecret(); + } +} diff --git a/BouncyCastle/crypto/src/crypto/tls/AbstractTlsPeer.cs b/BouncyCastle/crypto/src/crypto/tls/AbstractTlsPeer.cs new file mode 100644 index 0000000..e7bfc17 --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/tls/AbstractTlsPeer.cs @@ -0,0 +1,75 @@ +using System; +using System.IO; + +namespace Org.BouncyCastle.Crypto.Tls +{ + public abstract class AbstractTlsPeer + : TlsPeer + { + private volatile TlsCloseable mCloseHandle; + + /// + public virtual void Cancel() + { + TlsCloseable closeHandle = this.mCloseHandle; + if (null != closeHandle) + { + closeHandle.Close(); + } + } + + public virtual void NotifyCloseHandle(TlsCloseable closeHandle) + { + this.mCloseHandle = closeHandle; + } + + public virtual int GetHandshakeTimeoutMillis() + { + return 0; + } + + public virtual bool RequiresExtendedMasterSecret() + { + return false; + } + + public virtual bool ShouldUseGmtUnixTime() + { + /* + * draft-mathewson-no-gmtunixtime-00 2. For the reasons we discuss above, we recommend that + * TLS implementors MUST by default set the entire value the ClientHello.Random and + * ServerHello.Random fields, including gmt_unix_time, to a cryptographically random + * sequence. + */ + return false; + } + + public virtual void NotifySecureRenegotiation(bool secureRenegotiation) + { + if (!secureRenegotiation) + { + /* + * RFC 5746 3.4/3.6. In this case, some clients/servers may want to terminate the handshake instead + * of continuing; see Section 4.1/4.3 for discussion. + */ + throw new TlsFatalAlert(AlertDescription.handshake_failure); + } + } + + public abstract TlsCompression GetCompression(); + + public abstract TlsCipher GetCipher(); + + public virtual void NotifyAlertRaised(byte alertLevel, byte alertDescription, string message, Exception cause) + { + } + + public virtual void NotifyAlertReceived(byte alertLevel, byte alertDescription) + { + } + + public virtual void NotifyHandshakeComplete() + { + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/tls/AbstractTlsServer.cs b/BouncyCastle/crypto/src/crypto/tls/AbstractTlsServer.cs new file mode 100644 index 0000000..52a79c9 --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/tls/AbstractTlsServer.cs @@ -0,0 +1,351 @@ +using System; +using System.Collections; +using System.IO; + +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Crypto.Tls +{ + public abstract class AbstractTlsServer + : AbstractTlsPeer, TlsServer + { + protected TlsCipherFactory mCipherFactory; + + protected TlsServerContext mContext; + + protected ProtocolVersion mClientVersion; + protected int[] mOfferedCipherSuites; + protected byte[] mOfferedCompressionMethods; + protected IDictionary mClientExtensions; + + protected bool mEncryptThenMacOffered; + protected short mMaxFragmentLengthOffered; + protected bool mTruncatedHMacOffered; + protected IList mSupportedSignatureAlgorithms; + protected bool mEccCipherSuitesOffered; + protected int[] mNamedCurves; + protected byte[] mClientECPointFormats, mServerECPointFormats; + + protected ProtocolVersion mServerVersion; + protected int mSelectedCipherSuite; + protected byte mSelectedCompressionMethod; + protected IDictionary mServerExtensions; + + public AbstractTlsServer() + : this(new DefaultTlsCipherFactory()) + { + } + + public AbstractTlsServer(TlsCipherFactory cipherFactory) + { + this.mCipherFactory = cipherFactory; + } + + protected virtual bool AllowEncryptThenMac + { + get { return true; } + } + + protected virtual bool AllowTruncatedHMac + { + get { return false; } + } + + protected virtual IDictionary CheckServerExtensions() + { + return this.mServerExtensions = TlsExtensionsUtilities.EnsureExtensionsInitialised(this.mServerExtensions); + } + + protected abstract int[] GetCipherSuites(); + + protected byte[] GetCompressionMethods() + { + return new byte[] { CompressionMethod.cls_null }; + } + + protected virtual ProtocolVersion MaximumVersion + { + get { return ProtocolVersion.TLSv11; } + } + + protected virtual ProtocolVersion MinimumVersion + { + get { return ProtocolVersion.TLSv10; } + } + + protected virtual bool SupportsClientEccCapabilities(int[] namedCurves, byte[] ecPointFormats) + { + // NOTE: BC supports all the current set of point formats so we don't check them here + + if (namedCurves == null) + { + /* + * RFC 4492 4. A client that proposes ECC cipher suites may choose not to include these + * extensions. In this case, the server is free to choose any one of the elliptic curves + * or point formats [...]. + */ + return TlsEccUtilities.HasAnySupportedNamedCurves(); + } + + for (int i = 0; i < namedCurves.Length; ++i) + { + int namedCurve = namedCurves[i]; + if (NamedCurve.IsValid(namedCurve) + && (!NamedCurve.RefersToASpecificNamedCurve(namedCurve) || TlsEccUtilities.IsSupportedNamedCurve(namedCurve))) + { + return true; + } + } + + return false; + } + + public virtual void Init(TlsServerContext context) + { + this.mContext = context; + } + + public virtual void NotifyClientVersion(ProtocolVersion clientVersion) + { + this.mClientVersion = clientVersion; + } + + public virtual void NotifyFallback(bool isFallback) + { + /* + * RFC 7507 3. If TLS_FALLBACK_SCSV appears in ClientHello.cipher_suites and the highest + * protocol version supported by the server is higher than the version indicated in + * ClientHello.client_version, the server MUST respond with a fatal inappropriate_fallback + * alert [..]. + */ + if (isFallback && MaximumVersion.IsLaterVersionOf(mClientVersion)) + throw new TlsFatalAlert(AlertDescription.inappropriate_fallback); + } + + public virtual void NotifyOfferedCipherSuites(int[] offeredCipherSuites) + { + this.mOfferedCipherSuites = offeredCipherSuites; + this.mEccCipherSuitesOffered = TlsEccUtilities.ContainsEccCipherSuites(this.mOfferedCipherSuites); + } + + public virtual void NotifyOfferedCompressionMethods(byte[] offeredCompressionMethods) + { + this.mOfferedCompressionMethods = offeredCompressionMethods; + } + + public virtual void ProcessClientExtensions(IDictionary clientExtensions) + { + this.mClientExtensions = clientExtensions; + + if (clientExtensions != null) + { + this.mEncryptThenMacOffered = TlsExtensionsUtilities.HasEncryptThenMacExtension(clientExtensions); + + this.mMaxFragmentLengthOffered = TlsExtensionsUtilities.GetMaxFragmentLengthExtension(clientExtensions); + if (mMaxFragmentLengthOffered >= 0 && !MaxFragmentLength.IsValid((byte)mMaxFragmentLengthOffered)) + throw new TlsFatalAlert(AlertDescription.illegal_parameter); + + this.mTruncatedHMacOffered = TlsExtensionsUtilities.HasTruncatedHMacExtension(clientExtensions); + + this.mSupportedSignatureAlgorithms = TlsUtilities.GetSignatureAlgorithmsExtension(clientExtensions); + if (this.mSupportedSignatureAlgorithms != null) + { + /* + * RFC 5246 7.4.1.4.1. Note: this extension is not meaningful for TLS versions prior + * to 1.2. Clients MUST NOT offer it if they are offering prior versions. + */ + if (!TlsUtilities.IsSignatureAlgorithmsExtensionAllowed(mClientVersion)) + throw new TlsFatalAlert(AlertDescription.illegal_parameter); + } + + this.mNamedCurves = TlsEccUtilities.GetSupportedEllipticCurvesExtension(clientExtensions); + this.mClientECPointFormats = TlsEccUtilities.GetSupportedPointFormatsExtension(clientExtensions); + } + + /* + * RFC 4429 4. The client MUST NOT include these extensions in the ClientHello message if it + * does not propose any ECC cipher suites. + * + * NOTE: This was overly strict as there may be ECC cipher suites that we don't recognize. + * Also, draft-ietf-tls-negotiated-ff-dhe will be overloading the 'elliptic_curves' + * extension to explicitly allow FFDHE (i.e. non-ECC) groups. + */ + //if (!this.mEccCipherSuitesOffered && (this.mNamedCurves != null || this.mClientECPointFormats != null)) + // throw new TlsFatalAlert(AlertDescription.illegal_parameter); + } + + public virtual ProtocolVersion GetServerVersion() + { + if (MinimumVersion.IsEqualOrEarlierVersionOf(mClientVersion)) + { + ProtocolVersion maximumVersion = MaximumVersion; + if (mClientVersion.IsEqualOrEarlierVersionOf(maximumVersion)) + { + return mServerVersion = mClientVersion; + } + if (mClientVersion.IsLaterVersionOf(maximumVersion)) + { + return mServerVersion = maximumVersion; + } + } + throw new TlsFatalAlert(AlertDescription.protocol_version); + } + + public virtual int GetSelectedCipherSuite() + { + /* + * RFC 5246 7.4.3. In order to negotiate correctly, the server MUST check any candidate + * cipher suites against the "signature_algorithms" extension before selecting them. This is + * somewhat inelegant but is a compromise designed to minimize changes to the original + * cipher suite design. + */ + IList sigAlgs = TlsUtilities.GetUsableSignatureAlgorithms(this.mSupportedSignatureAlgorithms); + + /* + * RFC 4429 5.1. A server that receives a ClientHello containing one or both of these + * extensions MUST use the client's enumerated capabilities to guide its selection of an + * appropriate cipher suite. One of the proposed ECC cipher suites must be negotiated only + * if the server can successfully complete the handshake while using the curves and point + * formats supported by the client [...]. + */ + bool eccCipherSuitesEnabled = SupportsClientEccCapabilities(this.mNamedCurves, this.mClientECPointFormats); + + int[] cipherSuites = GetCipherSuites(); + for (int i = 0; i < cipherSuites.Length; ++i) + { + int cipherSuite = cipherSuites[i]; + + if (Arrays.Contains(this.mOfferedCipherSuites, cipherSuite) + && (eccCipherSuitesEnabled || !TlsEccUtilities.IsEccCipherSuite(cipherSuite)) + && TlsUtilities.IsValidCipherSuiteForVersion(cipherSuite, mServerVersion) + && TlsUtilities.IsValidCipherSuiteForSignatureAlgorithms(cipherSuite, sigAlgs)) + { + return this.mSelectedCipherSuite = cipherSuite; + } + } + throw new TlsFatalAlert(AlertDescription.handshake_failure); + } + + public virtual byte GetSelectedCompressionMethod() + { + byte[] compressionMethods = GetCompressionMethods(); + for (int i = 0; i < compressionMethods.Length; ++i) + { + if (Arrays.Contains(mOfferedCompressionMethods, compressionMethods[i])) + { + return this.mSelectedCompressionMethod = compressionMethods[i]; + } + } + throw new TlsFatalAlert(AlertDescription.handshake_failure); + } + + // IDictionary is (Int32 -> byte[]) + public virtual IDictionary GetServerExtensions() + { + if (this.mEncryptThenMacOffered && AllowEncryptThenMac) + { + /* + * RFC 7366 3. If a server receives an encrypt-then-MAC request extension from a client + * and then selects a stream or Authenticated Encryption with Associated Data (AEAD) + * ciphersuite, it MUST NOT send an encrypt-then-MAC response extension back to the + * client. + */ + if (TlsUtilities.IsBlockCipherSuite(this.mSelectedCipherSuite)) + { + TlsExtensionsUtilities.AddEncryptThenMacExtension(CheckServerExtensions()); + } + } + + if (this.mMaxFragmentLengthOffered >= 0 + && TlsUtilities.IsValidUint8(mMaxFragmentLengthOffered) + && MaxFragmentLength.IsValid((byte)mMaxFragmentLengthOffered)) + { + TlsExtensionsUtilities.AddMaxFragmentLengthExtension(CheckServerExtensions(), (byte)mMaxFragmentLengthOffered); + } + + if (this.mTruncatedHMacOffered && AllowTruncatedHMac) + { + TlsExtensionsUtilities.AddTruncatedHMacExtension(CheckServerExtensions()); + } + + if (this.mClientECPointFormats != null && TlsEccUtilities.IsEccCipherSuite(this.mSelectedCipherSuite)) + { + /* + * RFC 4492 5.2. A server that selects an ECC cipher suite in response to a ClientHello + * message including a Supported Point Formats Extension appends this extension (along + * with others) to its ServerHello message, enumerating the point formats it can parse. + */ + this.mServerECPointFormats = new byte[]{ ECPointFormat.uncompressed, + ECPointFormat.ansiX962_compressed_prime, ECPointFormat.ansiX962_compressed_char2, }; + + TlsEccUtilities.AddSupportedPointFormatsExtension(CheckServerExtensions(), mServerECPointFormats); + } + + return mServerExtensions; + } + + public virtual IList GetServerSupplementalData() + { + return null; + } + + public abstract TlsCredentials GetCredentials(); + + public virtual CertificateStatus GetCertificateStatus() + { + return null; + } + + public abstract TlsKeyExchange GetKeyExchange(); + + public virtual CertificateRequest GetCertificateRequest() + { + return null; + } + + public virtual void ProcessClientSupplementalData(IList clientSupplementalData) + { + if (clientSupplementalData != null) + throw new TlsFatalAlert(AlertDescription.unexpected_message); + } + + public virtual void NotifyClientCertificate(Certificate clientCertificate) + { + throw new TlsFatalAlert(AlertDescription.internal_error); + } + + public override TlsCompression GetCompression() + { + switch (mSelectedCompressionMethod) + { + case CompressionMethod.cls_null: + return new TlsNullCompression(); + + default: + /* + * Note: internal error here; we selected the compression method, so if we now can't + * produce an implementation, we shouldn't have chosen it! + */ + throw new TlsFatalAlert(AlertDescription.internal_error); + } + } + + public override TlsCipher GetCipher() + { + int encryptionAlgorithm = TlsUtilities.GetEncryptionAlgorithm(mSelectedCipherSuite); + int macAlgorithm = TlsUtilities.GetMacAlgorithm(mSelectedCipherSuite); + + return mCipherFactory.CreateCipher(mContext, encryptionAlgorithm, macAlgorithm); + } + + public virtual NewSessionTicket GetNewSessionTicket() + { + /* + * RFC 5077 3.3. If the server determines that it does not want to include a ticket after it + * has included the SessionTicket extension in the ServerHello, then it sends a zero-length + * ticket in the NewSessionTicket handshake message. + */ + return new NewSessionTicket(0L, TlsUtilities.EmptyBytes); + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/tls/AbstractTlsSigner.cs b/BouncyCastle/crypto/src/crypto/tls/AbstractTlsSigner.cs new file mode 100644 index 0000000..1f4aabf --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/tls/AbstractTlsSigner.cs @@ -0,0 +1,50 @@ +using System; + +using Org.BouncyCastle.Crypto; +using Org.BouncyCastle.Crypto.Parameters; + +namespace Org.BouncyCastle.Crypto.Tls +{ + public abstract class AbstractTlsSigner + : TlsSigner + { + protected TlsContext mContext; + + public virtual void Init(TlsContext context) + { + this.mContext = context; + } + + public virtual byte[] GenerateRawSignature(AsymmetricKeyParameter privateKey, byte[] md5AndSha1) + { + return GenerateRawSignature(null, privateKey, md5AndSha1); + } + + public abstract byte[] GenerateRawSignature(SignatureAndHashAlgorithm algorithm, + AsymmetricKeyParameter privateKey, byte[] hash); + + public virtual bool VerifyRawSignature(byte[] sigBytes, AsymmetricKeyParameter publicKey, byte[] md5AndSha1) + { + return VerifyRawSignature(null, sigBytes, publicKey, md5AndSha1); + } + + public abstract bool VerifyRawSignature(SignatureAndHashAlgorithm algorithm, byte[] sigBytes, + AsymmetricKeyParameter publicKey, byte[] hash); + + public virtual ISigner CreateSigner(AsymmetricKeyParameter privateKey) + { + return CreateSigner(null, privateKey); + } + + public abstract ISigner CreateSigner(SignatureAndHashAlgorithm algorithm, AsymmetricKeyParameter privateKey); + + public virtual ISigner CreateVerifyer(AsymmetricKeyParameter publicKey) + { + return CreateVerifyer(null, publicKey); + } + + public abstract ISigner CreateVerifyer(SignatureAndHashAlgorithm algorithm, AsymmetricKeyParameter publicKey); + + public abstract bool IsValidPublicKey(AsymmetricKeyParameter publicKey); + } +} diff --git a/BouncyCastle/crypto/src/crypto/tls/AbstractTlsSignerCredentials.cs b/BouncyCastle/crypto/src/crypto/tls/AbstractTlsSignerCredentials.cs new file mode 100644 index 0000000..886c46c --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/tls/AbstractTlsSignerCredentials.cs @@ -0,0 +1,20 @@ +using System; +using System.IO; + +namespace Org.BouncyCastle.Crypto.Tls +{ + public abstract class AbstractTlsSignerCredentials + : AbstractTlsCredentials, TlsSignerCredentials + { + /// + public abstract byte[] GenerateCertificateSignature(byte[] hash); + + public virtual SignatureAndHashAlgorithm SignatureAndHashAlgorithm + { + get + { + throw new InvalidOperationException("TlsSignerCredentials implementation does not support (D)TLS 1.2+"); + } + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/tls/AlertDescription.cs b/BouncyCastle/crypto/src/crypto/tls/AlertDescription.cs new file mode 100644 index 0000000..4e2464b --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/tls/AlertDescription.cs @@ -0,0 +1,304 @@ +namespace Org.BouncyCastle.Crypto.Tls +{ + /// + /// RFC 5246 7.2 + /// + public abstract class AlertDescription + { + /** + * This message notifies the recipient that the sender will not send any more messages on this + * connection. Note that as of TLS 1.1, failure to properly close a connection no longer + * requires that a session not be resumed. This is a change from TLS 1.0 ("The session becomes + * unresumable if any connection is terminated without proper close_notify messages with level + * equal to warning.") to conform with widespread implementation practice. + */ + public const byte close_notify = 0; + + /** + * An inappropriate message was received. This alert is always fatal and should never be + * observed in communication between proper implementations. + */ + public const byte unexpected_message = 10; + + /** + * This alert is returned if a record is received with an incorrect MAC. This alert also MUST be + * returned if an alert is sent because a TLSCiphertext decrypted in an invalid way: either it + * wasn't an even multiple of the block length, or its padding values, when checked, weren't + * correct. This message is always fatal and should never be observed in communication between + * proper implementations (except when messages were corrupted in the network). + */ + public const byte bad_record_mac = 20; + + /** + * This alert was used in some earlier versions of TLS, and may have permitted certain attacks + * against the CBC mode [CBCATT]. It MUST NOT be sent by compliant implementations. + */ + public const byte decryption_failed = 21; + + /** + * A TLSCiphertext record was received that had a length more than 2^14+2048 bytes, or a record + * decrypted to a TLSCompressed record with more than 2^14+1024 bytes. This message is always + * fatal and should never be observed in communication between proper implementations (except + * when messages were corrupted in the network). + */ + public const byte record_overflow = 22; + + /** + * The decompression function received improper input (e.g., data that would expand to excessive + * length). This message is always fatal and should never be observed in communication between + * proper implementations. + */ + public const byte decompression_failure = 30; + + /** + * Reception of a handshake_failure alert message indicates that the sender was unable to + * negotiate an acceptable set of security parameters given the options available. This is a + * fatal error. + */ + public const byte handshake_failure = 40; + + /** + * This alert was used in SSLv3 but not any version of TLS. It MUST NOT be sent by compliant + * implementations. + */ + public const byte no_certificate = 41; + + /** + * A certificate was corrupt, contained signatures that did not verify correctly, etc. + */ + public const byte bad_certificate = 42; + + /** + * A certificate was of an unsupported type. + */ + public const byte unsupported_certificate = 43; + + /** + * A certificate was revoked by its signer. + */ + public const byte certificate_revoked = 44; + + /** + * A certificate has expired or is not currently valid. + */ + public const byte certificate_expired = 45; + + /** + * Some other (unspecified) issue arose in processing the certificate, rendering it + * unacceptable. + */ + public const byte certificate_unknown = 46; + + /** + * A field in the handshake was out of range or inconsistent with other fields. This message is + * always fatal. + */ + public const byte illegal_parameter = 47; + + /** + * A valid certificate chain or partial chain was received, but the certificate was not accepted + * because the CA certificate could not be located or couldn't be matched with a known, trusted + * CA. This message is always fatal. + */ + public const byte unknown_ca = 48; + + /** + * A valid certificate was received, but when access control was applied, the sender decided not + * to proceed with negotiation. This message is always fatal. + */ + public const byte access_denied = 49; + + /** + * A message could not be decoded because some field was out of the specified range or the + * length of the message was incorrect. This message is always fatal and should never be + * observed in communication between proper implementations (except when messages were corrupted + * in the network). + */ + public const byte decode_error = 50; + + /** + * A handshake cryptographic operation failed, including being unable to correctly verify a + * signature or validate a Finished message. This message is always fatal. + */ + public const byte decrypt_error = 51; + + /** + * This alert was used in some earlier versions of TLS. It MUST NOT be sent by compliant + * implementations. + */ + public const byte export_restriction = 60; + + /** + * The protocol version the client has attempted to negotiate is recognized but not supported. + * (For example, old protocol versions might be avoided for security reasons.) This message is + * always fatal. + */ + public const byte protocol_version = 70; + + /** + * Returned instead of handshake_failure when a negotiation has failed specifically because the + * server requires ciphers more secure than those supported by the client. This message is + * always fatal. + */ + public const byte insufficient_security = 71; + + /** + * An internal error unrelated to the peer or the correctness of the protocol (such as a memory + * allocation failure) makes it impossible to continue. This message is always fatal. + */ + public const byte internal_error = 80; + + /** + * This handshake is being canceled for some reason unrelated to a protocol failure. If the user + * cancels an operation after the handshake is complete, just closing the connection by sending + * a close_notify is more appropriate. This alert should be followed by a close_notify. This + * message is generally a warning. + */ + public const byte user_canceled = 90; + + /** + * Sent by the client in response to a hello request or by the server in response to a client + * hello after initial handshaking. Either of these would normally lead to renegotiation; when + * that is not appropriate, the recipient should respond with this alert. At that point, the + * original requester can decide whether to proceed with the connection. One case where this + * would be appropriate is where a server has spawned a process to satisfy a request; the + * process might receive security parameters (key length, authentication, etc.) at startup, and + * it might be difficult to communicate changes to these parameters after that point. This + * message is always a warning. + */ + public const byte no_renegotiation = 100; + + /** + * Sent by clients that receive an extended server hello containing an extension that they did + * not put in the corresponding client hello. This message is always fatal. + */ + public const byte unsupported_extension = 110; + + /* + * RFC 3546 + */ + + /** + * This alert is sent by servers who are unable to retrieve a certificate chain from the URL + * supplied by the client (see Section 3.3). This message MAY be fatal - for example if client + * authentication is required by the server for the handshake to continue and the server is + * unable to retrieve the certificate chain, it may send a fatal alert. + */ + public const byte certificate_unobtainable = 111; + + /** + * This alert is sent by servers that receive a server_name extension request, but do not + * recognize the server name. This message MAY be fatal. + */ + public const byte unrecognized_name = 112; + + /** + * This alert is sent by clients that receive an invalid certificate status response (see + * Section 3.6). This message is always fatal. + */ + public const byte bad_certificate_status_response = 113; + + /** + * This alert is sent by servers when a certificate hash does not match a client provided + * certificate_hash. This message is always fatal. + */ + public const byte bad_certificate_hash_value = 114; + + /* + * RFC 4279 + */ + + /** + * If the server does not recognize the PSK identity, it MAY respond with an + * "unknown_psk_identity" alert message. + */ + public const byte unknown_psk_identity = 115; + + /* + * RFC 7507 + */ + + /** + * If TLS_FALLBACK_SCSV appears in ClientHello.cipher_suites and the highest protocol version + * supported by the server is higher than the version indicated in ClientHello.client_version, + * the server MUST respond with a fatal inappropriate_fallback alert [..]. + */ + public const byte inappropriate_fallback = 86; + + public static string GetName(byte alertDescription) + { + switch (alertDescription) + { + case close_notify: + return "close_notify"; + case unexpected_message: + return "unexpected_message"; + case bad_record_mac: + return "bad_record_mac"; + case decryption_failed: + return "decryption_failed"; + case record_overflow: + return "record_overflow"; + case decompression_failure: + return "decompression_failure"; + case handshake_failure: + return "handshake_failure"; + case no_certificate: + return "no_certificate"; + case bad_certificate: + return "bad_certificate"; + case unsupported_certificate: + return "unsupported_certificate"; + case certificate_revoked: + return "certificate_revoked"; + case certificate_expired: + return "certificate_expired"; + case certificate_unknown: + return "certificate_unknown"; + case illegal_parameter: + return "illegal_parameter"; + case unknown_ca: + return "unknown_ca"; + case access_denied: + return "access_denied"; + case decode_error: + return "decode_error"; + case decrypt_error: + return "decrypt_error"; + case export_restriction: + return "export_restriction"; + case protocol_version: + return "protocol_version"; + case insufficient_security: + return "insufficient_security"; + case internal_error: + return "internal_error"; + case user_canceled: + return "user_canceled"; + case no_renegotiation: + return "no_renegotiation"; + case unsupported_extension: + return "unsupported_extension"; + case certificate_unobtainable: + return "certificate_unobtainable"; + case unrecognized_name: + return "unrecognized_name"; + case bad_certificate_status_response: + return "bad_certificate_status_response"; + case bad_certificate_hash_value: + return "bad_certificate_hash_value"; + case unknown_psk_identity: + return "unknown_psk_identity"; + case inappropriate_fallback: + return "inappropriate_fallback"; + default: + return "UNKNOWN"; + } + } + + public static string GetText(byte alertDescription) + { + return GetName(alertDescription) + "(" + alertDescription + ")"; + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/tls/AlertLevel.cs b/BouncyCastle/crypto/src/crypto/tls/AlertLevel.cs new file mode 100644 index 0000000..9461a0b --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/tls/AlertLevel.cs @@ -0,0 +1,29 @@ +namespace Org.BouncyCastle.Crypto.Tls +{ + /// + /// RFC 5246 7.2 + /// + public abstract class AlertLevel + { + public const byte warning = 1; + public const byte fatal = 2; + + public static string GetName(byte alertDescription) + { + switch (alertDescription) + { + case warning: + return "warning"; + case fatal: + return "fatal"; + default: + return "UNKNOWN"; + } + } + + public static string GetText(byte alertDescription) + { + return GetName(alertDescription) + "(" + alertDescription + ")"; + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/tls/BasicTlsPskIdentity.cs b/BouncyCastle/crypto/src/crypto/tls/BasicTlsPskIdentity.cs new file mode 100644 index 0000000..7a3bbe7 --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/tls/BasicTlsPskIdentity.cs @@ -0,0 +1,43 @@ +using System; + +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Crypto.Tls +{ + public class BasicTlsPskIdentity + : TlsPskIdentity + { + protected byte[] mIdentity; + protected byte[] mPsk; + + public BasicTlsPskIdentity(byte[] identity, byte[] psk) + { + this.mIdentity = Arrays.Clone(identity); + this.mPsk = Arrays.Clone(psk); + } + + public BasicTlsPskIdentity(string identity, byte[] psk) + { + this.mIdentity = Strings.ToUtf8ByteArray(identity); + this.mPsk = Arrays.Clone(psk); + } + + public virtual void SkipIdentityHint() + { + } + + public virtual void NotifyIdentityHint(byte[] psk_identity_hint) + { + } + + public virtual byte[] GetPskIdentity() + { + return mIdentity; + } + + public virtual byte[] GetPsk() + { + return Arrays.Clone(mPsk); + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/tls/BulkCipherAlgorithm.cs b/BouncyCastle/crypto/src/crypto/tls/BulkCipherAlgorithm.cs new file mode 100644 index 0000000..07ff8dc --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/tls/BulkCipherAlgorithm.cs @@ -0,0 +1,25 @@ +using System; + +namespace Org.BouncyCastle.Crypto.Tls +{ + /// RFC 2246 + /// + /// Note that the values here are implementation-specific and arbitrary. It is recommended not to + /// depend on the particular values (e.g. serialization). + /// + public abstract class BulkCipherAlgorithm + { + public const int cls_null = 0; + public const int rc4 = 1; + public const int rc2 = 2; + public const int des = 3; + public const int cls_3des = 4; + public const int des40 = 5; + + /* + * RFC 4346 + */ + public const int aes = 6; + public const int idea = 7; + } +} diff --git a/BouncyCastle/crypto/src/crypto/tls/ByteQueue.cs b/BouncyCastle/crypto/src/crypto/tls/ByteQueue.cs new file mode 100644 index 0000000..b4df685 --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/tls/ByteQueue.cs @@ -0,0 +1,211 @@ +using System; +using System.IO; + +namespace Org.BouncyCastle.Crypto.Tls +{ + /// + /// A queue for bytes. + ///

+ /// This file could be more optimized. + ///

+ /// + public class ByteQueue + { + /// The smallest number which can be written as 2^x which is bigger than i. + public static int NextTwoPow( + int i) + { + /* + * This code is based of a lot of code I found on the Internet + * which mostly referenced a book called "Hacking delight". + * + */ + i |= (i >> 1); + i |= (i >> 2); + i |= (i >> 4); + i |= (i >> 8); + i |= (i >> 16); + return i + 1; + } + + /** + * The initial size for our buffer. + */ + private const int DefaultCapacity = 1024; + + /** + * The buffer where we store our data. + */ + private byte[] databuf; + + /** + * How many bytes at the beginning of the buffer are skipped. + */ + private int skipped = 0; + + /** + * How many bytes in the buffer are valid data. + */ + private int available = 0; + + private bool readOnlyBuf = false; + + public ByteQueue() + : this(DefaultCapacity) + { + } + + public ByteQueue(int capacity) + { + this.databuf = capacity == 0 ? TlsUtilities.EmptyBytes : new byte[capacity]; + } + + public ByteQueue(byte[] buf, int off, int len) + { + this.databuf = buf; + this.skipped = off; + this.available = len; + this.readOnlyBuf = true; + } + + /// Add some data to our buffer. + /// A byte-array to read data from. + /// How many bytes to skip at the beginning of the array. + /// How many bytes to read from the array. + public void AddData( + byte[] data, + int offset, + int len) + { + if (readOnlyBuf) + throw new InvalidOperationException("Cannot add data to read-only buffer"); + + if ((skipped + available + len) > databuf.Length) + { + int desiredSize = ByteQueue.NextTwoPow(available + len); + if (desiredSize > databuf.Length) + { + byte[] tmp = new byte[desiredSize]; + Array.Copy(databuf, skipped, tmp, 0, available); + databuf = tmp; + } + else + { + Array.Copy(databuf, skipped, databuf, 0, available); + } + skipped = 0; + } + + Array.Copy(data, offset, databuf, skipped + available, len); + available += len; + } + + /// The number of bytes which are available in this buffer. + public int Available + { + get { return available; } + } + + /// Copy some bytes from the beginning of the data to the provided Stream. + /// The Stream to copy the bytes to. + /// How many bytes to copy. + /// If insufficient data is available. + /// If there is a problem copying the data. + public void CopyTo(Stream output, int length) + { + if (length > available) + throw new InvalidOperationException("Cannot copy " + length + " bytes, only got " + available); + + output.Write(databuf, skipped, length); + } + + /// Read data from the buffer. + /// The buffer where the read data will be copied to. + /// How many bytes to skip at the beginning of buf. + /// How many bytes to read at all. + /// How many bytes from our data to skip. + public void Read( + byte[] buf, + int offset, + int len, + int skip) + { + if ((buf.Length - offset) < len) + { + throw new ArgumentException("Buffer size of " + buf.Length + " is too small for a read of " + len + " bytes"); + } + if ((available - skip) < len) + { + throw new InvalidOperationException("Not enough data to read"); + } + Array.Copy(databuf, skipped + skip, buf, offset, len); + } + + /// Return a MemoryStream over some bytes at the beginning of the data. + /// How many bytes will be readable. + /// A MemoryStream over the data. + /// If insufficient data is available. + public MemoryStream ReadFrom(int length) + { + if (length > available) + throw new InvalidOperationException("Cannot read " + length + " bytes, only got " + available); + + int position = skipped; + + available -= length; + skipped += length; + + return new MemoryStream(databuf, position, length, false); + } + + /// Remove some bytes from our data from the beginning. + /// How many bytes to remove. + public void RemoveData( + int i) + { + if (i > available) + { + throw new InvalidOperationException("Cannot remove " + i + " bytes, only got " + available); + } + + /* + * Skip the data. + */ + available -= i; + skipped += i; + } + + public void RemoveData(byte[] buf, int off, int len, int skip) + { + Read(buf, off, len, skip); + RemoveData(skip + len); + } + + public byte[] RemoveData(int len, int skip) + { + byte[] buf = new byte[len]; + RemoveData(buf, 0, len, skip); + return buf; + } + + public void Shrink() + { + if (available == 0) + { + databuf = TlsUtilities.EmptyBytes; + skipped = 0; + } + else + { + int desiredSize = ByteQueue.NextTwoPow(available); + if (desiredSize < databuf.Length) + { + byte[] tmp = new byte[desiredSize]; + Array.Copy(databuf, skipped, tmp, 0, available); + databuf = tmp; + skipped = 0; + } + } + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/tls/ByteQueueStream.cs b/BouncyCastle/crypto/src/crypto/tls/ByteQueueStream.cs new file mode 100644 index 0000000..249e609 --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/tls/ByteQueueStream.cs @@ -0,0 +1,110 @@ +using System; +using System.IO; + +namespace Org.BouncyCastle.Crypto.Tls +{ + public class ByteQueueStream + : Stream + { + private readonly ByteQueue buffer; + + public ByteQueueStream() + { + this.buffer = new ByteQueue(); + } + + public virtual int Available + { + get { return buffer.Available; } + } + + public override bool CanRead + { + get { return true; } + } + + public override bool CanSeek + { + get { return false; } + } + + public override bool CanWrite + { + get { return true; } + } + + public override void Flush() + { + } + + public override long Length + { + get { throw new NotSupportedException(); } + } + + public virtual int Peek(byte[] buf) + { + int bytesToRead = System.Math.Min(buffer.Available, buf.Length); + buffer.Read(buf, 0, bytesToRead, 0); + return bytesToRead; + } + + public override long Position + { + get { throw new NotSupportedException(); } + set { throw new NotSupportedException(); } + } + + public virtual int Read(byte[] buf) + { + return Read(buf, 0, buf.Length); + } + + public override int Read(byte[] buf, int off, int len) + { + int bytesToRead = System.Math.Min(buffer.Available, len); + buffer.RemoveData(buf, off, bytesToRead, 0); + return bytesToRead; + } + + public override int ReadByte() + { + if (buffer.Available == 0) + return -1; + + return buffer.RemoveData(1, 0)[0] & 0xFF; + } + + public override long Seek(long offset, SeekOrigin origin) + { + throw new NotSupportedException(); + } + + public override void SetLength(long value) + { + throw new NotSupportedException(); + } + + public virtual int Skip(int n) + { + int bytesToSkip = System.Math.Min(buffer.Available, n); + buffer.RemoveData(bytesToSkip); + return bytesToSkip; + } + + public virtual void Write(byte[] buf) + { + buffer.AddData(buf, 0, buf.Length); + } + + public override void Write(byte[] buf, int off, int len) + { + buffer.AddData(buf, off, len); + } + + public override void WriteByte(byte b) + { + buffer.AddData(new byte[]{ b }, 0, 1); + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/tls/CertChainType.cs b/BouncyCastle/crypto/src/crypto/tls/CertChainType.cs new file mode 100644 index 0000000..cbb1834 --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/tls/CertChainType.cs @@ -0,0 +1,18 @@ +using System; + +namespace Org.BouncyCastle.Crypto.Tls +{ + /* + * RFC 3546 3.3. + */ + public abstract class CertChainType + { + public const byte individual_certs = 0; + public const byte pkipath = 1; + + public static bool IsValid(byte certChainType) + { + return certChainType >= individual_certs && certChainType <= pkipath; + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/tls/Certificate.cs b/BouncyCastle/crypto/src/crypto/tls/Certificate.cs new file mode 100644 index 0000000..e047999 --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/tls/Certificate.cs @@ -0,0 +1,136 @@ +using System; +using System.Collections; +using System.IO; + +using Org.BouncyCastle.Asn1; +using Org.BouncyCastle.Asn1.X509; +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Crypto.Tls +{ + /** + * Parsing and encoding of a Certificate struct from RFC 4346. + *

+ * 

+     * opaque ASN.1Cert<2^24-1>;
+     *
+     * struct {
+     *     ASN.1Cert certificate_list<0..2^24-1>;
+     * } Certificate;
+     *
+ * + * @see Org.BouncyCastle.Asn1.X509.X509CertificateStructure + */ + public class Certificate + { + public static readonly Certificate EmptyChain = new Certificate(new X509CertificateStructure[0]); + + /** + * The certificates. + */ + protected readonly X509CertificateStructure[] mCertificateList; + + public Certificate(X509CertificateStructure[] certificateList) + { + if (certificateList == null) + throw new ArgumentNullException("certificateList"); + + this.mCertificateList = certificateList; + } + + /** + * @return an array of {@link org.bouncycastle.asn1.x509.Certificate} representing a certificate + * chain. + */ + public virtual X509CertificateStructure[] GetCertificateList() + { + return CloneCertificateList(); + } + + public virtual X509CertificateStructure GetCertificateAt(int index) + { + return mCertificateList[index]; + } + + public virtual int Length + { + get { return mCertificateList.Length; } + } + + /** + * @return true if this certificate chain contains no certificates, or + * false otherwise. + */ + public virtual bool IsEmpty + { + get { return mCertificateList.Length == 0; } + } + + /** + * Encode this {@link Certificate} to a {@link Stream}. + * + * @param output the {@link Stream} to encode to. + * @throws IOException + */ + public virtual void Encode(Stream output) + { + IList derEncodings = Platform.CreateArrayList(mCertificateList.Length); + + int totalLength = 0; + foreach (Asn1Encodable asn1Cert in mCertificateList) + { + byte[] derEncoding = asn1Cert.GetEncoded(Asn1Encodable.Der); + derEncodings.Add(derEncoding); + totalLength += derEncoding.Length + 3; + } + + TlsUtilities.CheckUint24(totalLength); + TlsUtilities.WriteUint24(totalLength, output); + + foreach (byte[] derEncoding in derEncodings) + { + TlsUtilities.WriteOpaque24(derEncoding, output); + } + } + + /** + * Parse a {@link Certificate} from a {@link Stream}. + * + * @param input the {@link Stream} to parse from. + * @return a {@link Certificate} object. + * @throws IOException + */ + public static Certificate Parse(Stream input) + { + int totalLength = TlsUtilities.ReadUint24(input); + if (totalLength == 0) + { + return EmptyChain; + } + + byte[] certListData = TlsUtilities.ReadFully(totalLength, input); + + MemoryStream buf = new MemoryStream(certListData, false); + + IList certificate_list = Platform.CreateArrayList(); + while (buf.Position < buf.Length) + { + byte[] berEncoding = TlsUtilities.ReadOpaque24(buf); + Asn1Object asn1Cert = TlsUtilities.ReadAsn1Object(berEncoding); + certificate_list.Add(X509CertificateStructure.GetInstance(asn1Cert)); + } + + X509CertificateStructure[] certificateList = new X509CertificateStructure[certificate_list.Count]; + for (int i = 0; i < certificate_list.Count; ++i) + { + certificateList[i] = (X509CertificateStructure)certificate_list[i]; + } + return new Certificate(certificateList); + } + + protected virtual X509CertificateStructure[] CloneCertificateList() + { + return (X509CertificateStructure[])mCertificateList.Clone(); + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/tls/CertificateRequest.cs b/BouncyCastle/crypto/src/crypto/tls/CertificateRequest.cs new file mode 100644 index 0000000..f3dcb3b --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/tls/CertificateRequest.cs @@ -0,0 +1,156 @@ +using System; +using System.Collections; +using System.IO; + +using Org.BouncyCastle.Asn1; +using Org.BouncyCastle.Asn1.X509; +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Crypto.Tls +{ + /** + * Parsing and encoding of a CertificateRequest struct from RFC 4346. + *

+ * 

+     * struct {
+     *     ClientCertificateType certificate_types<1..2^8-1>;
+     *     DistinguishedName certificate_authorities<3..2^16-1>
+     * } CertificateRequest;
+     *
+ * + * @see ClientCertificateType + * @see X509Name + */ + public class CertificateRequest + { + protected readonly byte[] mCertificateTypes; + protected readonly IList mSupportedSignatureAlgorithms; + protected readonly IList mCertificateAuthorities; + + /** + * @param certificateTypes see {@link ClientCertificateType} for valid constants. + * @param certificateAuthorities an {@link IList} of {@link X509Name}. + */ + public CertificateRequest(byte[] certificateTypes, IList supportedSignatureAlgorithms, + IList certificateAuthorities) + { + this.mCertificateTypes = certificateTypes; + this.mSupportedSignatureAlgorithms = supportedSignatureAlgorithms; + this.mCertificateAuthorities = certificateAuthorities; + } + + /** + * @return an array of certificate types + * @see {@link ClientCertificateType} + */ + public virtual byte[] CertificateTypes + { + get { return mCertificateTypes; } + } + + /** + * @return an {@link IList} of {@link SignatureAndHashAlgorithm} (or null before TLS 1.2). + */ + public virtual IList SupportedSignatureAlgorithms + { + get { return mSupportedSignatureAlgorithms; } + } + + /** + * @return an {@link IList} of {@link X509Name} + */ + public virtual IList CertificateAuthorities + { + get { return mCertificateAuthorities; } + } + + /** + * Encode this {@link CertificateRequest} to a {@link Stream}. + * + * @param output the {@link Stream} to encode to. + * @throws IOException + */ + public virtual void Encode(Stream output) + { + if (mCertificateTypes == null || mCertificateTypes.Length == 0) + { + TlsUtilities.WriteUint8(0, output); + } + else + { + TlsUtilities.WriteUint8ArrayWithUint8Length(mCertificateTypes, output); + } + + if (mSupportedSignatureAlgorithms != null) + { + // TODO Check whether SignatureAlgorithm.anonymous is allowed here + TlsUtilities.EncodeSupportedSignatureAlgorithms(mSupportedSignatureAlgorithms, false, output); + } + + if (mCertificateAuthorities == null || mCertificateAuthorities.Count < 1) + { + TlsUtilities.WriteUint16(0, output); + } + else + { + IList derEncodings = Platform.CreateArrayList(mCertificateAuthorities.Count); + + int totalLength = 0; + foreach (Asn1Encodable certificateAuthority in mCertificateAuthorities) + { + byte[] derEncoding = certificateAuthority.GetEncoded(Asn1Encodable.Der); + derEncodings.Add(derEncoding); + totalLength += derEncoding.Length + 2; + } + + TlsUtilities.CheckUint16(totalLength); + TlsUtilities.WriteUint16(totalLength, output); + + foreach (byte[] derEncoding in derEncodings) + { + TlsUtilities.WriteOpaque16(derEncoding, output); + } + } + } + + /** + * Parse a {@link CertificateRequest} from a {@link Stream}. + * + * @param context + * the {@link TlsContext} of the current connection. + * @param input + * the {@link Stream} to parse from. + * @return a {@link CertificateRequest} object. + * @throws IOException + */ + public static CertificateRequest Parse(TlsContext context, Stream input) + { + int numTypes = TlsUtilities.ReadUint8(input); + byte[] certificateTypes = new byte[numTypes]; + for (int i = 0; i < numTypes; ++i) + { + certificateTypes[i] = TlsUtilities.ReadUint8(input); + } + + IList supportedSignatureAlgorithms = null; + if (TlsUtilities.IsTlsV12(context)) + { + // TODO Check whether SignatureAlgorithm.anonymous is allowed here + supportedSignatureAlgorithms = TlsUtilities.ParseSupportedSignatureAlgorithms(false, input); + } + + IList certificateAuthorities = Platform.CreateArrayList(); + byte[] certAuthData = TlsUtilities.ReadOpaque16(input); + MemoryStream bis = new MemoryStream(certAuthData, false); + while (bis.Position < bis.Length) + { + byte[] derEncoding = TlsUtilities.ReadOpaque16(bis); + Asn1Object asn1 = TlsUtilities.ReadDerObject(derEncoding); + // TODO Switch to X500Name when available + certificateAuthorities.Add(X509Name.GetInstance(asn1)); + } + + return new CertificateRequest(certificateTypes, supportedSignatureAlgorithms, certificateAuthorities); + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/tls/CertificateStatus.cs b/BouncyCastle/crypto/src/crypto/tls/CertificateStatus.cs new file mode 100644 index 0000000..bc41287 --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/tls/CertificateStatus.cs @@ -0,0 +1,102 @@ +using System; +using System.IO; + +using Org.BouncyCastle.Asn1; +using Org.BouncyCastle.Asn1.Ocsp; + +namespace Org.BouncyCastle.Crypto.Tls +{ + public class CertificateStatus + { + protected readonly byte mStatusType; + protected readonly object mResponse; + + public CertificateStatus(byte statusType, object response) + { + if (!IsCorrectType(statusType, response)) + throw new ArgumentException("not an instance of the correct type", "response"); + + this.mStatusType = statusType; + this.mResponse = response; + } + + public virtual byte StatusType + { + get { return mStatusType; } + } + + public virtual object Response + { + get { return mResponse; } + } + + public virtual OcspResponse GetOcspResponse() + { + if (!IsCorrectType(CertificateStatusType.ocsp, mResponse)) + throw new InvalidOperationException("'response' is not an OcspResponse"); + + return (OcspResponse)mResponse; + } + + /** + * Encode this {@link CertificateStatus} to a {@link Stream}. + * + * @param output + * the {@link Stream} to encode to. + * @throws IOException + */ + public virtual void Encode(Stream output) + { + TlsUtilities.WriteUint8(mStatusType, output); + + switch (mStatusType) + { + case CertificateStatusType.ocsp: + byte[] derEncoding = ((OcspResponse)mResponse).GetEncoded(Asn1Encodable.Der); + TlsUtilities.WriteOpaque24(derEncoding, output); + break; + default: + throw new TlsFatalAlert(AlertDescription.internal_error); + } + } + + /** + * Parse a {@link CertificateStatus} from a {@link Stream}. + * + * @param input + * the {@link Stream} to parse from. + * @return a {@link CertificateStatus} object. + * @throws IOException + */ + public static CertificateStatus Parse(Stream input) + { + byte status_type = TlsUtilities.ReadUint8(input); + object response; + + switch (status_type) + { + case CertificateStatusType.ocsp: + { + byte[] derEncoding = TlsUtilities.ReadOpaque24(input); + response = OcspResponse.GetInstance(TlsUtilities.ReadDerObject(derEncoding)); + break; + } + default: + throw new TlsFatalAlert(AlertDescription.decode_error); + } + + return new CertificateStatus(status_type, response); + } + + protected static bool IsCorrectType(byte statusType, object response) + { + switch (statusType) + { + case CertificateStatusType.ocsp: + return response is OcspResponse; + default: + throw new ArgumentException("unsupported CertificateStatusType", "statusType"); + } + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/tls/CertificateStatusRequest.cs b/BouncyCastle/crypto/src/crypto/tls/CertificateStatusRequest.cs new file mode 100644 index 0000000..24ce376 --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/tls/CertificateStatusRequest.cs @@ -0,0 +1,95 @@ +using System; +using System.IO; + +namespace Org.BouncyCastle.Crypto.Tls +{ + public class CertificateStatusRequest + { + protected readonly byte mStatusType; + protected readonly object mRequest; + + public CertificateStatusRequest(byte statusType, Object request) + { + if (!IsCorrectType(statusType, request)) + throw new ArgumentException("not an instance of the correct type", "request"); + + this.mStatusType = statusType; + this.mRequest = request; + } + + public virtual byte StatusType + { + get { return mStatusType; } + } + + public virtual object Request + { + get { return mRequest; } + } + + public virtual OcspStatusRequest GetOcspStatusRequest() + { + if (!IsCorrectType(CertificateStatusType.ocsp, mRequest)) + throw new InvalidOperationException("'request' is not an OCSPStatusRequest"); + + return (OcspStatusRequest)mRequest; + } + + /** + * Encode this {@link CertificateStatusRequest} to a {@link Stream}. + * + * @param output + * the {@link Stream} to encode to. + * @throws IOException + */ + public virtual void Encode(Stream output) + { + TlsUtilities.WriteUint8(mStatusType, output); + + switch (mStatusType) + { + case CertificateStatusType.ocsp: + ((OcspStatusRequest)mRequest).Encode(output); + break; + default: + throw new TlsFatalAlert(AlertDescription.internal_error); + } + } + + /** + * Parse a {@link CertificateStatusRequest} from a {@link Stream}. + * + * @param input + * the {@link Stream} to parse from. + * @return a {@link CertificateStatusRequest} object. + * @throws IOException + */ + public static CertificateStatusRequest Parse(Stream input) + { + byte status_type = TlsUtilities.ReadUint8(input); + object result; + + switch (status_type) + { + case CertificateStatusType.ocsp: + result = OcspStatusRequest.Parse(input); + break; + default: + throw new TlsFatalAlert(AlertDescription.decode_error); + } + + return new CertificateStatusRequest(status_type, result); + } + + protected static bool IsCorrectType(byte statusType, object request) + { + switch (statusType) + { + case CertificateStatusType.ocsp: + return request is OcspStatusRequest; + default: + throw new ArgumentException("unsupported CertificateStatusType", "statusType"); + } + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/tls/CertificateStatusType.cs b/BouncyCastle/crypto/src/crypto/tls/CertificateStatusType.cs new file mode 100644 index 0000000..54b741b --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/tls/CertificateStatusType.cs @@ -0,0 +1,12 @@ +using System; + +namespace Org.BouncyCastle.Crypto.Tls +{ + public abstract class CertificateStatusType + { + /* + * RFC 3546 3.6 + */ + public const byte ocsp = 1; + } +} diff --git a/BouncyCastle/crypto/src/crypto/tls/CertificateType.cs b/BouncyCastle/crypto/src/crypto/tls/CertificateType.cs new file mode 100644 index 0000000..47ec05c --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/tls/CertificateType.cs @@ -0,0 +1,18 @@ +using System; + +namespace Org.BouncyCastle.Crypto.Tls +{ + /** + * RFC 6091 + */ + public class CertificateType + { + public const byte X509 = 0; + public const byte OpenPGP = 1; + + /* + * RFC 7250 + */ + public const byte RawPublicKey = 2; + } +} diff --git a/BouncyCastle/crypto/src/crypto/tls/CertificateUrl.cs b/BouncyCastle/crypto/src/crypto/tls/CertificateUrl.cs new file mode 100644 index 0000000..aff9995 --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/tls/CertificateUrl.cs @@ -0,0 +1,125 @@ +using System; +using System.Collections; +using System.IO; + +using Org.BouncyCastle.Utilities; +using Org.BouncyCastle.Utilities.IO; + +namespace Org.BouncyCastle.Crypto.Tls +{ + /* + * RFC 3546 3.3 + */ + public class CertificateUrl + { + protected readonly byte mType; + protected readonly IList mUrlAndHashList; + + /** + * @param type + * see {@link CertChainType} for valid constants. + * @param urlAndHashList + * a {@link IList} of {@link UrlAndHash}. + */ + public CertificateUrl(byte type, IList urlAndHashList) + { + if (!CertChainType.IsValid(type)) + throw new ArgumentException("not a valid CertChainType value", "type"); + if (urlAndHashList == null || urlAndHashList.Count < 1) + throw new ArgumentException("must have length > 0", "urlAndHashList"); + + this.mType = type; + this.mUrlAndHashList = urlAndHashList; + } + + /** + * @return {@link CertChainType} + */ + public virtual byte Type + { + get { return mType; } + } + + /** + * @return an {@link IList} of {@link UrlAndHash} + */ + public virtual IList UrlAndHashList + { + get { return mUrlAndHashList; } + } + + /** + * Encode this {@link CertificateUrl} to a {@link Stream}. + * + * @param output the {@link Stream} to encode to. + * @throws IOException + */ + public virtual void Encode(Stream output) + { + TlsUtilities.WriteUint8(this.mType, output); + + ListBuffer16 buf = new ListBuffer16(); + foreach (UrlAndHash urlAndHash in this.mUrlAndHashList) + { + urlAndHash.Encode(buf); + } + buf.EncodeTo(output); + } + + /** + * Parse a {@link CertificateUrl} from a {@link Stream}. + * + * @param context + * the {@link TlsContext} of the current connection. + * @param input + * the {@link Stream} to parse from. + * @return a {@link CertificateUrl} object. + * @throws IOException + */ + public static CertificateUrl parse(TlsContext context, Stream input) + { + byte type = TlsUtilities.ReadUint8(input); + if (!CertChainType.IsValid(type)) + throw new TlsFatalAlert(AlertDescription.decode_error); + + int totalLength = TlsUtilities.ReadUint16(input); + if (totalLength < 1) + throw new TlsFatalAlert(AlertDescription.decode_error); + + byte[] urlAndHashListData = TlsUtilities.ReadFully(totalLength, input); + + MemoryStream buf = new MemoryStream(urlAndHashListData, false); + + IList url_and_hash_list = Platform.CreateArrayList(); + while (buf.Position < buf.Length) + { + UrlAndHash url_and_hash = UrlAndHash.Parse(context, buf); + url_and_hash_list.Add(url_and_hash); + } + + return new CertificateUrl(type, url_and_hash_list); + } + + // TODO Could be more generally useful + internal class ListBuffer16 + : MemoryStream + { + internal ListBuffer16() + { + // Reserve space for length + TlsUtilities.WriteUint16(0, this); + } + + internal void EncodeTo(Stream output) + { + // Patch actual length back in + long length = Length - 2; + TlsUtilities.CheckUint16(length); + this.Position = 0; + TlsUtilities.WriteUint16((int)length, this); + Streams.WriteBufTo(this, output); + Platform.Dispose(this); + } + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/tls/Chacha20Poly1305.cs b/BouncyCastle/crypto/src/crypto/tls/Chacha20Poly1305.cs new file mode 100644 index 0000000..8687803 --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/tls/Chacha20Poly1305.cs @@ -0,0 +1,199 @@ +using System; +using System.IO; + +using Org.BouncyCastle.Crypto.Engines; +using Org.BouncyCastle.Crypto.Generators; +using Org.BouncyCastle.Crypto.Macs; +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Crypto.Utilities; +using Org.BouncyCastle.Security; +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Crypto.Tls +{ + /** + * draft-ietf-tls-chacha20-poly1305-04 + */ + public class Chacha20Poly1305 + : TlsCipher + { + private static readonly byte[] Zeroes = new byte[15]; + + protected readonly TlsContext context; + + protected readonly ChaCha7539Engine encryptCipher, decryptCipher; + protected readonly byte[] encryptIV, decryptIV; + + /// + public Chacha20Poly1305(TlsContext context) + { + if (!TlsUtilities.IsTlsV12(context)) + throw new TlsFatalAlert(AlertDescription.internal_error); + + this.context = context; + + int cipherKeySize = 32; + // TODO SecurityParameters.fixed_iv_length + int fixed_iv_length = 12; + // TODO SecurityParameters.record_iv_length = 0 + + int key_block_size = (2 * cipherKeySize) + (2 * fixed_iv_length); + + byte[] key_block = TlsUtilities.CalculateKeyBlock(context, key_block_size); + + int offset = 0; + + KeyParameter client_write_key = new KeyParameter(key_block, offset, cipherKeySize); + offset += cipherKeySize; + KeyParameter server_write_key = new KeyParameter(key_block, offset, cipherKeySize); + offset += cipherKeySize; + byte[] client_write_IV = Arrays.CopyOfRange(key_block, offset, offset + fixed_iv_length); + offset += fixed_iv_length; + byte[] server_write_IV = Arrays.CopyOfRange(key_block, offset, offset + fixed_iv_length); + offset += fixed_iv_length; + + if (offset != key_block_size) + throw new TlsFatalAlert(AlertDescription.internal_error); + + this.encryptCipher = new ChaCha7539Engine(); + this.decryptCipher = new ChaCha7539Engine(); + + KeyParameter encryptKey, decryptKey; + if (context.IsServer) + { + encryptKey = server_write_key; + decryptKey = client_write_key; + this.encryptIV = server_write_IV; + this.decryptIV = client_write_IV; + } + else + { + encryptKey = client_write_key; + decryptKey = server_write_key; + this.encryptIV = client_write_IV; + this.decryptIV = server_write_IV; + } + + this.encryptCipher.Init(true, new ParametersWithIV(encryptKey, encryptIV)); + this.decryptCipher.Init(false, new ParametersWithIV(decryptKey, decryptIV)); + } + + public virtual int GetPlaintextLimit(int ciphertextLimit) + { + return ciphertextLimit - 16; + } + + /// + public virtual byte[] EncodePlaintext(long seqNo, byte type, byte[] plaintext, int offset, int len) + { + KeyParameter macKey = InitRecord(encryptCipher, true, seqNo, encryptIV); + + byte[] output = new byte[len + 16]; + encryptCipher.ProcessBytes(plaintext, offset, len, output, 0); + + byte[] additionalData = GetAdditionalData(seqNo, type, len); + byte[] mac = CalculateRecordMac(macKey, additionalData, output, 0, len); + Array.Copy(mac, 0, output, len, mac.Length); + + return output; + } + + /// + public virtual byte[] DecodeCiphertext(long seqNo, byte type, byte[] ciphertext, int offset, int len) + { + if (GetPlaintextLimit(len) < 0) + throw new TlsFatalAlert(AlertDescription.decode_error); + + KeyParameter macKey = InitRecord(decryptCipher, false, seqNo, decryptIV); + + int plaintextLength = len - 16; + + byte[] additionalData = GetAdditionalData(seqNo, type, plaintextLength); + byte[] calculatedMac = CalculateRecordMac(macKey, additionalData, ciphertext, offset, plaintextLength); + byte[] receivedMac = Arrays.CopyOfRange(ciphertext, offset + plaintextLength, offset + len); + + if (!Arrays.ConstantTimeAreEqual(calculatedMac, receivedMac)) + throw new TlsFatalAlert(AlertDescription.bad_record_mac); + + byte[] output = new byte[plaintextLength]; + decryptCipher.ProcessBytes(ciphertext, offset, plaintextLength, output, 0); + return output; + } + + protected virtual KeyParameter InitRecord(IStreamCipher cipher, bool forEncryption, long seqNo, byte[] iv) + { + byte[] nonce = CalculateNonce(seqNo, iv); + cipher.Init(forEncryption, new ParametersWithIV(null, nonce)); + return GenerateRecordMacKey(cipher); + } + + protected virtual byte[] CalculateNonce(long seqNo, byte[] iv) + { + byte[] nonce = new byte[12]; + TlsUtilities.WriteUint64(seqNo, nonce, 4); + + for (int i = 0; i < 12; ++i) + { + nonce[i] ^= iv[i]; + } + + return nonce; + } + + protected virtual KeyParameter GenerateRecordMacKey(IStreamCipher cipher) + { + byte[] firstBlock = new byte[64]; + cipher.ProcessBytes(firstBlock, 0, firstBlock.Length, firstBlock, 0); + + KeyParameter macKey = new KeyParameter(firstBlock, 0, 32); + Arrays.Fill(firstBlock, (byte)0); + return macKey; + } + + protected virtual byte[] CalculateRecordMac(KeyParameter macKey, byte[] additionalData, byte[] buf, int off, int len) + { + IMac mac = new Poly1305(); + mac.Init(macKey); + + UpdateRecordMacText(mac, additionalData, 0, additionalData.Length); + UpdateRecordMacText(mac, buf, off, len); + UpdateRecordMacLength(mac, additionalData.Length); + UpdateRecordMacLength(mac, len); + + return MacUtilities.DoFinal(mac); + } + + protected virtual void UpdateRecordMacLength(IMac mac, int len) + { + byte[] longLen = Pack.UInt64_To_LE((ulong)len); + mac.BlockUpdate(longLen, 0, longLen.Length); + } + + protected virtual void UpdateRecordMacText(IMac mac, byte[] buf, int off, int len) + { + mac.BlockUpdate(buf, off, len); + + int partial = len % 16; + if (partial != 0) + { + mac.BlockUpdate(Zeroes, 0, 16 - partial); + } + } + + /// + protected virtual byte[] GetAdditionalData(long seqNo, byte type, int len) + { + /* + * additional_data = seq_num + TLSCompressed.type + TLSCompressed.version + + * TLSCompressed.length + */ + byte[] additional_data = new byte[13]; + TlsUtilities.WriteUint64(seqNo, additional_data, 0); + TlsUtilities.WriteUint8(type, additional_data, 8); + TlsUtilities.WriteVersion(context.ServerVersion, additional_data, 9); + TlsUtilities.WriteUint16(len, additional_data, 11); + + return additional_data; + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/tls/ChangeCipherSpec.cs b/BouncyCastle/crypto/src/crypto/tls/ChangeCipherSpec.cs new file mode 100644 index 0000000..323de91 --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/tls/ChangeCipherSpec.cs @@ -0,0 +1,9 @@ +using System; + +namespace Org.BouncyCastle.Crypto.Tls +{ + public abstract class ChangeCipherSpec + { + public const byte change_cipher_spec = 1; + } +} diff --git a/BouncyCastle/crypto/src/crypto/tls/CipherSuite.cs b/BouncyCastle/crypto/src/crypto/tls/CipherSuite.cs new file mode 100644 index 0000000..5aa5563 --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/tls/CipherSuite.cs @@ -0,0 +1,361 @@ +namespace Org.BouncyCastle.Crypto.Tls +{ + /// + /// RFC 2246 A.5 + /// + public abstract class CipherSuite + { + public const int TLS_NULL_WITH_NULL_NULL = 0x0000; + public const int TLS_RSA_WITH_NULL_MD5 = 0x0001; + public const int TLS_RSA_WITH_NULL_SHA = 0x0002; + public const int TLS_RSA_EXPORT_WITH_RC4_40_MD5 = 0x0003; + public const int TLS_RSA_WITH_RC4_128_MD5 = 0x0004; + public const int TLS_RSA_WITH_RC4_128_SHA = 0x0005; + public const int TLS_RSA_EXPORT_WITH_RC2_CBC_40_MD5 = 0x0006; + public const int TLS_RSA_WITH_IDEA_CBC_SHA = 0x0007; + public const int TLS_RSA_EXPORT_WITH_DES40_CBC_SHA = 0x0008; + public const int TLS_RSA_WITH_DES_CBC_SHA = 0x0009; + public const int TLS_RSA_WITH_3DES_EDE_CBC_SHA = 0x000A; + public const int TLS_DH_DSS_EXPORT_WITH_DES40_CBC_SHA = 0x000B; + public const int TLS_DH_DSS_WITH_DES_CBC_SHA = 0x000C; + public const int TLS_DH_DSS_WITH_3DES_EDE_CBC_SHA = 0x000D; + public const int TLS_DH_RSA_EXPORT_WITH_DES40_CBC_SHA = 0x000E; + public const int TLS_DH_RSA_WITH_DES_CBC_SHA = 0x000F; + public const int TLS_DH_RSA_WITH_3DES_EDE_CBC_SHA = 0x0010; + public const int TLS_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA = 0x0011; + public const int TLS_DHE_DSS_WITH_DES_CBC_SHA = 0x0012; + public const int TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA = 0x0013; + public const int TLS_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA = 0x0014; + public const int TLS_DHE_RSA_WITH_DES_CBC_SHA = 0x0015; + public const int TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA = 0x0016; + public const int TLS_DH_anon_EXPORT_WITH_RC4_40_MD5 = 0x0017; + public const int TLS_DH_anon_WITH_RC4_128_MD5 = 0x0018; + public const int TLS_DH_anon_EXPORT_WITH_DES40_CBC_SHA = 0x0019; + public const int TLS_DH_anon_WITH_DES_CBC_SHA = 0x001A; + public const int TLS_DH_anon_WITH_3DES_EDE_CBC_SHA = 0x001B; + + /* + * Note: The cipher suite values { 0x00, 0x1C } and { 0x00, 0x1D } are reserved to avoid + * collision with Fortezza-based cipher suites in SSL 3. + */ + + /* + * RFC 3268 + */ + public const int TLS_RSA_WITH_AES_128_CBC_SHA = 0x002F; + public const int TLS_DH_DSS_WITH_AES_128_CBC_SHA = 0x0030; + public const int TLS_DH_RSA_WITH_AES_128_CBC_SHA = 0x0031; + public const int TLS_DHE_DSS_WITH_AES_128_CBC_SHA = 0x0032; + public const int TLS_DHE_RSA_WITH_AES_128_CBC_SHA = 0x0033; + public const int TLS_DH_anon_WITH_AES_128_CBC_SHA = 0x0034; + public const int TLS_RSA_WITH_AES_256_CBC_SHA = 0x0035; + public const int TLS_DH_DSS_WITH_AES_256_CBC_SHA = 0x0036; + public const int TLS_DH_RSA_WITH_AES_256_CBC_SHA = 0x0037; + public const int TLS_DHE_DSS_WITH_AES_256_CBC_SHA = 0x0038; + public const int TLS_DHE_RSA_WITH_AES_256_CBC_SHA = 0x0039; + public const int TLS_DH_anon_WITH_AES_256_CBC_SHA = 0x003A; + + /* + * RFC 5932 + */ + public const int TLS_RSA_WITH_CAMELLIA_128_CBC_SHA = 0x0041; + public const int TLS_DH_DSS_WITH_CAMELLIA_128_CBC_SHA = 0x0042; + public const int TLS_DH_RSA_WITH_CAMELLIA_128_CBC_SHA = 0x0043; + public const int TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA = 0x0044; + public const int TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA = 0x0045; + public const int TLS_DH_anon_WITH_CAMELLIA_128_CBC_SHA = 0x0046; + + public const int TLS_RSA_WITH_CAMELLIA_256_CBC_SHA = 0x0084; + public const int TLS_DH_DSS_WITH_CAMELLIA_256_CBC_SHA = 0x0085; + public const int TLS_DH_RSA_WITH_CAMELLIA_256_CBC_SHA = 0x0086; + public const int TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA = 0x0087; + public const int TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA = 0x0088; + public const int TLS_DH_anon_WITH_CAMELLIA_256_CBC_SHA = 0x0089; + + public const int TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256 = 0x00BA; + public const int TLS_DH_DSS_WITH_CAMELLIA_128_CBC_SHA256 = 0x00BB; + public const int TLS_DH_RSA_WITH_CAMELLIA_128_CBC_SHA256 = 0x00BC; + public const int TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA256 = 0x00BD; + public const int TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 = 0x00BE; + public const int TLS_DH_anon_WITH_CAMELLIA_128_CBC_SHA256 = 0x00BF; + + public const int TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256 = 0x00C0; + public const int TLS_DH_DSS_WITH_CAMELLIA_256_CBC_SHA256 = 0x00C1; + public const int TLS_DH_RSA_WITH_CAMELLIA_256_CBC_SHA256 = 0x00C2; + public const int TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA256 = 0x00C3; + public const int TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256 = 0x00C4; + public const int TLS_DH_anon_WITH_CAMELLIA_256_CBC_SHA256 = 0x00C5; + + /* + * RFC 4162 + */ + public const int TLS_RSA_WITH_SEED_CBC_SHA = 0x0096; + public const int TLS_DH_DSS_WITH_SEED_CBC_SHA = 0x0097; + public const int TLS_DH_RSA_WITH_SEED_CBC_SHA = 0x0098; + public const int TLS_DHE_DSS_WITH_SEED_CBC_SHA = 0x0099; + public const int TLS_DHE_RSA_WITH_SEED_CBC_SHA = 0x009A; + public const int TLS_DH_anon_WITH_SEED_CBC_SHA = 0x009B; + + /* + * RFC 4279 + */ + public const int TLS_PSK_WITH_RC4_128_SHA = 0x008A; + public const int TLS_PSK_WITH_3DES_EDE_CBC_SHA = 0x008B; + public const int TLS_PSK_WITH_AES_128_CBC_SHA = 0x008C; + public const int TLS_PSK_WITH_AES_256_CBC_SHA = 0x008D; + public const int TLS_DHE_PSK_WITH_RC4_128_SHA = 0x008E; + public const int TLS_DHE_PSK_WITH_3DES_EDE_CBC_SHA = 0x008F; + public const int TLS_DHE_PSK_WITH_AES_128_CBC_SHA = 0x0090; + public const int TLS_DHE_PSK_WITH_AES_256_CBC_SHA = 0x0091; + public const int TLS_RSA_PSK_WITH_RC4_128_SHA = 0x0092; + public const int TLS_RSA_PSK_WITH_3DES_EDE_CBC_SHA = 0x0093; + public const int TLS_RSA_PSK_WITH_AES_128_CBC_SHA = 0x0094; + public const int TLS_RSA_PSK_WITH_AES_256_CBC_SHA = 0x0095; + + /* + * RFC 4492 + */ + public const int TLS_ECDH_ECDSA_WITH_NULL_SHA = 0xC001; + public const int TLS_ECDH_ECDSA_WITH_RC4_128_SHA = 0xC002; + public const int TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA = 0xC003; + public const int TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA = 0xC004; + public const int TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA = 0xC005; + public const int TLS_ECDHE_ECDSA_WITH_NULL_SHA = 0xC006; + public const int TLS_ECDHE_ECDSA_WITH_RC4_128_SHA = 0xC007; + public const int TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA = 0xC008; + public const int TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA = 0xC009; + public const int TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA = 0xC00A; + public const int TLS_ECDH_RSA_WITH_NULL_SHA = 0xC00B; + public const int TLS_ECDH_RSA_WITH_RC4_128_SHA = 0xC00C; + public const int TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA = 0xC00D; + public const int TLS_ECDH_RSA_WITH_AES_128_CBC_SHA = 0xC00E; + public const int TLS_ECDH_RSA_WITH_AES_256_CBC_SHA = 0xC00F; + public const int TLS_ECDHE_RSA_WITH_NULL_SHA = 0xC010; + public const int TLS_ECDHE_RSA_WITH_RC4_128_SHA = 0xC011; + public const int TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA = 0xC012; + public const int TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA = 0xC013; + public const int TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA = 0xC014; + public const int TLS_ECDH_anon_WITH_NULL_SHA = 0xC015; + public const int TLS_ECDH_anon_WITH_RC4_128_SHA = 0xC016; + public const int TLS_ECDH_anon_WITH_3DES_EDE_CBC_SHA = 0xC017; + public const int TLS_ECDH_anon_WITH_AES_128_CBC_SHA = 0xC018; + public const int TLS_ECDH_anon_WITH_AES_256_CBC_SHA = 0xC019; + + /* + * RFC 4785 + */ + public const int TLS_PSK_WITH_NULL_SHA = 0x002C; + public const int TLS_DHE_PSK_WITH_NULL_SHA = 0x002D; + public const int TLS_RSA_PSK_WITH_NULL_SHA = 0x002E; + + /* + * RFC 5054 + */ + public const int TLS_SRP_SHA_WITH_3DES_EDE_CBC_SHA = 0xC01A; + public const int TLS_SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHA = 0xC01B; + public const int TLS_SRP_SHA_DSS_WITH_3DES_EDE_CBC_SHA = 0xC01C; + public const int TLS_SRP_SHA_WITH_AES_128_CBC_SHA = 0xC01D; + public const int TLS_SRP_SHA_RSA_WITH_AES_128_CBC_SHA = 0xC01E; + public const int TLS_SRP_SHA_DSS_WITH_AES_128_CBC_SHA = 0xC01F; + public const int TLS_SRP_SHA_WITH_AES_256_CBC_SHA = 0xC020; + public const int TLS_SRP_SHA_RSA_WITH_AES_256_CBC_SHA = 0xC021; + public const int TLS_SRP_SHA_DSS_WITH_AES_256_CBC_SHA = 0xC022; + + /* + * RFC 5246 + */ + public const int TLS_RSA_WITH_NULL_SHA256 = 0x003B; + public const int TLS_RSA_WITH_AES_128_CBC_SHA256 = 0x003C; + public const int TLS_RSA_WITH_AES_256_CBC_SHA256 = 0x003D; + public const int TLS_DH_DSS_WITH_AES_128_CBC_SHA256 = 0x003E; + public const int TLS_DH_RSA_WITH_AES_128_CBC_SHA256 = 0x003F; + public const int TLS_DHE_DSS_WITH_AES_128_CBC_SHA256 = 0x0040; + public const int TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 = 0x0067; + public const int TLS_DH_DSS_WITH_AES_256_CBC_SHA256 = 0x0068; + public const int TLS_DH_RSA_WITH_AES_256_CBC_SHA256 = 0x0069; + public const int TLS_DHE_DSS_WITH_AES_256_CBC_SHA256 = 0x006A; + public const int TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 = 0x006B; + public const int TLS_DH_anon_WITH_AES_128_CBC_SHA256 = 0x006C; + public const int TLS_DH_anon_WITH_AES_256_CBC_SHA256 = 0x006D; + + /* + * RFC 5288 + */ + public const int TLS_RSA_WITH_AES_128_GCM_SHA256 = 0x009C; + public const int TLS_RSA_WITH_AES_256_GCM_SHA384 = 0x009D; + public const int TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 = 0x009E; + public const int TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 = 0x009F; + public const int TLS_DH_RSA_WITH_AES_128_GCM_SHA256 = 0x00A0; + public const int TLS_DH_RSA_WITH_AES_256_GCM_SHA384 = 0x00A1; + public const int TLS_DHE_DSS_WITH_AES_128_GCM_SHA256 = 0x00A2; + public const int TLS_DHE_DSS_WITH_AES_256_GCM_SHA384 = 0x00A3; + public const int TLS_DH_DSS_WITH_AES_128_GCM_SHA256 = 0x00A4; + public const int TLS_DH_DSS_WITH_AES_256_GCM_SHA384 = 0x00A5; + public const int TLS_DH_anon_WITH_AES_128_GCM_SHA256 = 0x00A6; + public const int TLS_DH_anon_WITH_AES_256_GCM_SHA384 = 0x00A7; + + /* + * RFC 5289 + */ + public const int TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 = 0xC023; + public const int TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384 = 0xC024; + public const int TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256 = 0xC025; + public const int TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384 = 0xC026; + public const int TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 = 0xC027; + public const int TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 = 0xC028; + public const int TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256 = 0xC029; + public const int TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384 = 0xC02A; + public const int TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 = 0xC02B; + public const int TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 = 0xC02C; + public const int TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256 = 0xC02D; + public const int TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384 = 0xC02E; + public const int TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 = 0xC02F; + public const int TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 = 0xC030; + public const int TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256 = 0xC031; + public const int TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384 = 0xC032; + + /* + * RFC 5487 + */ + public const int TLS_PSK_WITH_AES_128_GCM_SHA256 = 0x00A8; + public const int TLS_PSK_WITH_AES_256_GCM_SHA384 = 0x00A9; + public const int TLS_DHE_PSK_WITH_AES_128_GCM_SHA256 = 0x00AA; + public const int TLS_DHE_PSK_WITH_AES_256_GCM_SHA384 = 0x00AB; + public const int TLS_RSA_PSK_WITH_AES_128_GCM_SHA256 = 0x00AC; + public const int TLS_RSA_PSK_WITH_AES_256_GCM_SHA384 = 0x00AD; + public const int TLS_PSK_WITH_AES_128_CBC_SHA256 = 0x00AE; + public const int TLS_PSK_WITH_AES_256_CBC_SHA384 = 0x00AF; + public const int TLS_PSK_WITH_NULL_SHA256 = 0x00B0; + public const int TLS_PSK_WITH_NULL_SHA384 = 0x00B1; + public const int TLS_DHE_PSK_WITH_AES_128_CBC_SHA256 = 0x00B2; + public const int TLS_DHE_PSK_WITH_AES_256_CBC_SHA384 = 0x00B3; + public const int TLS_DHE_PSK_WITH_NULL_SHA256 = 0x00B4; + public const int TLS_DHE_PSK_WITH_NULL_SHA384 = 0x00B5; + public const int TLS_RSA_PSK_WITH_AES_128_CBC_SHA256 = 0x00B6; + public const int TLS_RSA_PSK_WITH_AES_256_CBC_SHA384 = 0x00B7; + public const int TLS_RSA_PSK_WITH_NULL_SHA256 = 0x00B8; + public const int TLS_RSA_PSK_WITH_NULL_SHA384 = 0x00B9; + + /* + * RFC 5489 + */ + public const int TLS_ECDHE_PSK_WITH_RC4_128_SHA = 0xC033; + public const int TLS_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA = 0xC034; + public const int TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA = 0xC035; + public const int TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA = 0xC036; + public const int TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256 = 0xC037; + public const int TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384 = 0xC038; + public const int TLS_ECDHE_PSK_WITH_NULL_SHA = 0xC039; + public const int TLS_ECDHE_PSK_WITH_NULL_SHA256 = 0xC03A; + public const int TLS_ECDHE_PSK_WITH_NULL_SHA384 = 0xC03B; + + /* + * RFC 5746 + */ + public const int TLS_EMPTY_RENEGOTIATION_INFO_SCSV = 0x00FF; + + /* + * RFC 6367 + */ + public const int TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256 = 0xC072; + public const int TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384 = 0xC073; + public const int TLS_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256 = 0xC074; + public const int TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384 = 0xC075; + public const int TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 = 0xC076; + public const int TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384 = 0xC077; + public const int TLS_ECDH_RSA_WITH_CAMELLIA_128_CBC_SHA256 = 0xC078; + public const int TLS_ECDH_RSA_WITH_CAMELLIA_256_CBC_SHA384 = 0xC079; + + public const int TLS_RSA_WITH_CAMELLIA_128_GCM_SHA256 = 0xC07A; + public const int TLS_RSA_WITH_CAMELLIA_256_GCM_SHA384 = 0xC07B; + public const int TLS_DHE_RSA_WITH_CAMELLIA_128_GCM_SHA256 = 0xC07C; + public const int TLS_DHE_RSA_WITH_CAMELLIA_256_GCM_SHA384 = 0xC07D; + public const int TLS_DH_RSA_WITH_CAMELLIA_128_GCM_SHA256 = 0xC07E; + public const int TLS_DH_RSA_WITH_CAMELLIA_256_GCM_SHA384 = 0xC07F; + public const int TLS_DHE_DSS_WITH_CAMELLIA_128_GCM_SHA256 = 0xC080; + public const int TLS_DHE_DSS_WITH_CAMELLIA_256_GCM_SHA384 = 0xC081; + public const int TLS_DH_DSS_WITH_CAMELLIA_128_GCM_SHA256 = 0xC082; + public const int TLS_DH_DSS_WITH_CAMELLIA_256_GCM_SHA384 = 0xC083; + public const int TLS_DH_anon_WITH_CAMELLIA_128_GCM_SHA256 = 0xC084; + public const int TLS_DH_anon_WITH_CAMELLIA_256_GCM_SHA384 = 0xC085; + public const int TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_GCM_SHA256 = 0xC086; + public const int TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_GCM_SHA384 = 0xC087; + public const int TLS_ECDH_ECDSA_WITH_CAMELLIA_128_GCM_SHA256 = 0xC088; + public const int TLS_ECDH_ECDSA_WITH_CAMELLIA_256_GCM_SHA384 = 0xC089; + public const int TLS_ECDHE_RSA_WITH_CAMELLIA_128_GCM_SHA256 = 0xC08A; + public const int TLS_ECDHE_RSA_WITH_CAMELLIA_256_GCM_SHA384 = 0xC08B; + public const int TLS_ECDH_RSA_WITH_CAMELLIA_128_GCM_SHA256 = 0xC08C; + public const int TLS_ECDH_RSA_WITH_CAMELLIA_256_GCM_SHA384 = 0xC08D; + + public const int TLS_PSK_WITH_CAMELLIA_128_GCM_SHA256 = 0xC08E; + public const int TLS_PSK_WITH_CAMELLIA_256_GCM_SHA384 = 0xC08F; + public const int TLS_DHE_PSK_WITH_CAMELLIA_128_GCM_SHA256 = 0xC090; + public const int TLS_DHE_PSK_WITH_CAMELLIA_256_GCM_SHA384 = 0xC091; + public const int TLS_RSA_PSK_WITH_CAMELLIA_128_GCM_SHA256 = 0xC092; + public const int TLS_RSA_PSK_WITH_CAMELLIA_256_GCM_SHA384 = 0xC093; + public const int TLS_PSK_WITH_CAMELLIA_128_CBC_SHA256 = 0xC094; + public const int TLS_PSK_WITH_CAMELLIA_256_CBC_SHA384 = 0xC095; + public const int TLS_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256 = 0xC096; + public const int TLS_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384 = 0xC097; + public const int TLS_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256 = 0xC098; + public const int TLS_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384 = 0xC099; + public const int TLS_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256 = 0xC09A; + public const int TLS_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384 = 0xC09B; + + /* + * RFC 6655 + */ + public const int TLS_RSA_WITH_AES_128_CCM = 0xC09C; + public const int TLS_RSA_WITH_AES_256_CCM = 0xC09D; + public const int TLS_DHE_RSA_WITH_AES_128_CCM = 0xC09E; + public const int TLS_DHE_RSA_WITH_AES_256_CCM = 0xC09F; + public const int TLS_RSA_WITH_AES_128_CCM_8 = 0xC0A0; + public const int TLS_RSA_WITH_AES_256_CCM_8 = 0xC0A1; + public const int TLS_DHE_RSA_WITH_AES_128_CCM_8 = 0xC0A2; + public const int TLS_DHE_RSA_WITH_AES_256_CCM_8 = 0xC0A3; + public const int TLS_PSK_WITH_AES_128_CCM = 0xC0A4; + public const int TLS_PSK_WITH_AES_256_CCM = 0xC0A5; + public const int TLS_DHE_PSK_WITH_AES_128_CCM = 0xC0A6; + public const int TLS_DHE_PSK_WITH_AES_256_CCM = 0xC0A7; + public const int TLS_PSK_WITH_AES_128_CCM_8 = 0xC0A8; + public const int TLS_PSK_WITH_AES_256_CCM_8 = 0xC0A9; + public const int TLS_PSK_DHE_WITH_AES_128_CCM_8 = 0xC0AA; + public const int TLS_PSK_DHE_WITH_AES_256_CCM_8 = 0xC0AB; + + /* + * RFC 7251 + */ + public const int TLS_ECDHE_ECDSA_WITH_AES_128_CCM = 0xC0AC; + public const int TLS_ECDHE_ECDSA_WITH_AES_256_CCM = 0xC0AD; + public const int TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8 = 0xC0AE; + public const int TLS_ECDHE_ECDSA_WITH_AES_256_CCM_8 = 0xC0AF; + + /* + * RFC 7507 + */ + public const int TLS_FALLBACK_SCSV = 0x5600; + + /* + * draft-ietf-tls-chacha20-poly1305-04 + */ + public const int DRAFT_TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256 = 0xCCA8; + public const int DRAFT_TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256 = 0xCCA9; + public const int DRAFT_TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256 = 0xCCAA; + public const int DRAFT_TLS_PSK_WITH_CHACHA20_POLY1305_SHA256 = 0xCCAB; + public const int DRAFT_TLS_ECDHE_PSK_WITH_CHACHA20_POLY1305_SHA256 = 0xCCAC; + public const int DRAFT_TLS_DHE_PSK_WITH_CHACHA20_POLY1305_SHA256 = 0xCCAD; + public const int DRAFT_TLS_RSA_PSK_WITH_CHACHA20_POLY1305_SHA256 = 0xCCAE; + + public static bool IsScsv(int cipherSuite) + { + switch (cipherSuite) + { + case TLS_EMPTY_RENEGOTIATION_INFO_SCSV: + case TLS_FALLBACK_SCSV: + return true; + default: + return false; + } + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/tls/CipherType.cs b/BouncyCastle/crypto/src/crypto/tls/CipherType.cs new file mode 100644 index 0000000..b2ad7d8 --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/tls/CipherType.cs @@ -0,0 +1,20 @@ +using System; + +namespace Org.BouncyCastle.Crypto.Tls +{ + /// RFC 2246 + /// + /// Note that the values here are implementation-specific and arbitrary. It is recommended not to + /// depend on the particular values (e.g. serialization). + /// + public abstract class CipherType + { + public const int stream = 0; + public const int block = 1; + + /* + * RFC 5246 + */ + public const int aead = 2; + } +} diff --git a/BouncyCastle/crypto/src/crypto/tls/ClientAuthenticationType.cs b/BouncyCastle/crypto/src/crypto/tls/ClientAuthenticationType.cs new file mode 100644 index 0000000..dd248f3 --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/tls/ClientAuthenticationType.cs @@ -0,0 +1,14 @@ +using System; + +namespace Org.BouncyCastle.Crypto.Tls +{ + public abstract class ClientAuthenticationType + { + /* + * RFC 5077 4 + */ + public const byte anonymous = 0; + public const byte certificate_based = 1; + public const byte psk = 2; + } +} diff --git a/BouncyCastle/crypto/src/crypto/tls/ClientCertificateType.cs b/BouncyCastle/crypto/src/crypto/tls/ClientCertificateType.cs new file mode 100644 index 0000000..a291a46 --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/tls/ClientCertificateType.cs @@ -0,0 +1,23 @@ +namespace Org.BouncyCastle.Crypto.Tls +{ + public abstract class ClientCertificateType + { + /* + * RFC 4346 7.4.4 + */ + public const byte rsa_sign = 1; + public const byte dss_sign = 2; + public const byte rsa_fixed_dh = 3; + public const byte dss_fixed_dh = 4; + public const byte rsa_ephemeral_dh_RESERVED = 5; + public const byte dss_ephemeral_dh_RESERVED = 6; + public const byte fortezza_dms_RESERVED = 20; + + /* + * RFC 4492 5.5 + */ + public const byte ecdsa_sign = 64; + public const byte rsa_fixed_ecdh = 65; + public const byte ecdsa_fixed_ecdh = 66; + } +} diff --git a/BouncyCastle/crypto/src/crypto/tls/CombinedHash.cs b/BouncyCastle/crypto/src/crypto/tls/CombinedHash.cs new file mode 100644 index 0000000..74a52d5 --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/tls/CombinedHash.cs @@ -0,0 +1,133 @@ +using System; + +using Org.BouncyCastle.Security; + +namespace Org.BouncyCastle.Crypto.Tls +{ + /** + * A combined hash, which implements md5(m) || sha1(m). + */ + internal class CombinedHash + : TlsHandshakeHash + { + protected TlsContext mContext; + protected IDigest mMd5; + protected IDigest mSha1; + + internal CombinedHash() + { + this.mMd5 = TlsUtilities.CreateHash(HashAlgorithm.md5); + this.mSha1 = TlsUtilities.CreateHash(HashAlgorithm.sha1); + } + + internal CombinedHash(CombinedHash t) + { + this.mContext = t.mContext; + this.mMd5 = TlsUtilities.CloneHash(HashAlgorithm.md5, t.mMd5); + this.mSha1 = TlsUtilities.CloneHash(HashAlgorithm.sha1, t.mSha1); + } + + public virtual void Init(TlsContext context) + { + this.mContext = context; + } + + public virtual TlsHandshakeHash NotifyPrfDetermined() + { + return this; + } + + public virtual void TrackHashAlgorithm(byte hashAlgorithm) + { + throw new InvalidOperationException("CombinedHash only supports calculating the legacy PRF for handshake hash"); + } + + public virtual void SealHashAlgorithms() + { + } + + public virtual TlsHandshakeHash StopTracking() + { + return new CombinedHash(this); + } + + public virtual IDigest ForkPrfHash() + { + return new CombinedHash(this); + } + + public virtual byte[] GetFinalHash(byte hashAlgorithm) + { + throw new InvalidOperationException("CombinedHash doesn't support multiple hashes"); + } + + public virtual string AlgorithmName + { + get { return mMd5.AlgorithmName + " and " + mSha1.AlgorithmName; } + } + + public virtual int GetByteLength() + { + return System.Math.Max(mMd5.GetByteLength(), mSha1.GetByteLength()); + } + + public virtual int GetDigestSize() + { + return mMd5.GetDigestSize() + mSha1.GetDigestSize(); + } + + public virtual void Update(byte input) + { + mMd5.Update(input); + mSha1.Update(input); + } + + /** + * @see org.bouncycastle.crypto.Digest#update(byte[], int, int) + */ + public virtual void BlockUpdate(byte[] input, int inOff, int len) + { + mMd5.BlockUpdate(input, inOff, len); + mSha1.BlockUpdate(input, inOff, len); + } + + /** + * @see org.bouncycastle.crypto.Digest#doFinal(byte[], int) + */ + public virtual int DoFinal(byte[] output, int outOff) + { + if (mContext != null && TlsUtilities.IsSsl(mContext)) + { + Ssl3Complete(mMd5, Ssl3Mac.IPAD, Ssl3Mac.OPAD, 48); + Ssl3Complete(mSha1, Ssl3Mac.IPAD, Ssl3Mac.OPAD, 40); + } + + int i1 = mMd5.DoFinal(output, outOff); + int i2 = mSha1.DoFinal(output, outOff + i1); + return i1 + i2; + } + + /** + * @see org.bouncycastle.crypto.Digest#reset() + */ + public virtual void Reset() + { + mMd5.Reset(); + mSha1.Reset(); + } + + protected virtual void Ssl3Complete(IDigest d, byte[] ipad, byte[] opad, int padLength) + { + byte[] master_secret = mContext.SecurityParameters.masterSecret; + + d.BlockUpdate(master_secret, 0, master_secret.Length); + d.BlockUpdate(ipad, 0, padLength); + + byte[] tmp = DigestUtilities.DoFinal(d); + + d.BlockUpdate(master_secret, 0, master_secret.Length); + d.BlockUpdate(opad, 0, padLength); + d.BlockUpdate(tmp, 0, tmp.Length); + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/tls/CompressionMethod.cs b/BouncyCastle/crypto/src/crypto/tls/CompressionMethod.cs new file mode 100644 index 0000000..89c1f5f --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/tls/CompressionMethod.cs @@ -0,0 +1,22 @@ +using System; + +namespace Org.BouncyCastle.Crypto.Tls +{ + /// + /// RFC 2246 6.1 + /// + public abstract class CompressionMethod + { + public const byte cls_null = 0; + + /* + * RFC 3749 2 + */ + public const byte DEFLATE = 1; + + /* + * Values from 224 decimal (0xE0) through 255 decimal (0xFF) + * inclusive are reserved for private use. + */ + } +} diff --git a/BouncyCastle/crypto/src/crypto/tls/ConnectionEnd.cs b/BouncyCastle/crypto/src/crypto/tls/ConnectionEnd.cs new file mode 100644 index 0000000..afc9460 --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/tls/ConnectionEnd.cs @@ -0,0 +1,15 @@ +using System; + +namespace Org.BouncyCastle.Crypto.Tls +{ + /// RFC 2246 + /// + /// Note that the values here are implementation-specific and arbitrary. It is recommended not to + /// depend on the particular values (e.g. serialization). + /// + public abstract class ConnectionEnd + { + public const int server = 0; + public const int client = 1; + } +} diff --git a/BouncyCastle/crypto/src/crypto/tls/ContentType.cs b/BouncyCastle/crypto/src/crypto/tls/ContentType.cs new file mode 100644 index 0000000..d6ab438 --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/tls/ContentType.cs @@ -0,0 +1,14 @@ +namespace Org.BouncyCastle.Crypto.Tls +{ + /** + * RFC 2246 6.2.1 + */ + public abstract class ContentType + { + public const byte change_cipher_spec = 20; + public const byte alert = 21; + public const byte handshake = 22; + public const byte application_data = 23; + public const byte heartbeat = 24; + } +} diff --git a/BouncyCastle/crypto/src/crypto/tls/DatagramTransport.cs b/BouncyCastle/crypto/src/crypto/tls/DatagramTransport.cs new file mode 100644 index 0000000..42f958d --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/tls/DatagramTransport.cs @@ -0,0 +1,21 @@ +using System; +using System.IO; + +namespace Org.BouncyCastle.Crypto.Tls +{ + public interface DatagramTransport + : TlsCloseable + { + /// + int GetReceiveLimit(); + + /// + int GetSendLimit(); + + /// + int Receive(byte[] buf, int off, int len, int waitMillis); + + /// + void Send(byte[] buf, int off, int len); + } +} diff --git a/BouncyCastle/crypto/src/crypto/tls/DefaultTlsAgreementCredentials.cs b/BouncyCastle/crypto/src/crypto/tls/DefaultTlsAgreementCredentials.cs new file mode 100644 index 0000000..fab9788 --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/tls/DefaultTlsAgreementCredentials.cs @@ -0,0 +1,69 @@ +using System; +using System.IO; + +using Org.BouncyCastle.Crypto.Agreement; +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Math; +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Crypto.Tls +{ + public class DefaultTlsAgreementCredentials + : AbstractTlsAgreementCredentials + { + protected readonly Certificate mCertificate; + protected readonly AsymmetricKeyParameter mPrivateKey; + + protected readonly IBasicAgreement mBasicAgreement; + protected readonly bool mTruncateAgreement; + + public DefaultTlsAgreementCredentials(Certificate certificate, AsymmetricKeyParameter privateKey) + { + if (certificate == null) + throw new ArgumentNullException("certificate"); + if (certificate.IsEmpty) + throw new ArgumentException("cannot be empty", "certificate"); + if (privateKey == null) + throw new ArgumentNullException("privateKey"); + if (!privateKey.IsPrivate) + throw new ArgumentException("must be private", "privateKey"); + + if (privateKey is DHPrivateKeyParameters) + { + mBasicAgreement = new DHBasicAgreement(); + mTruncateAgreement = true; + } + else if (privateKey is ECPrivateKeyParameters) + { + mBasicAgreement = new ECDHBasicAgreement(); + mTruncateAgreement = false; + } + else + { + throw new ArgumentException("type not supported: " + Platform.GetTypeName(privateKey), "privateKey"); + } + + this.mCertificate = certificate; + this.mPrivateKey = privateKey; + } + + public override Certificate Certificate + { + get { return mCertificate; } + } + + /// + public override byte[] GenerateAgreement(AsymmetricKeyParameter peerPublicKey) + { + mBasicAgreement.Init(mPrivateKey); + BigInteger agreementValue = mBasicAgreement.CalculateAgreement(peerPublicKey); + + if (mTruncateAgreement) + { + return BigIntegers.AsUnsignedByteArray(agreementValue); + } + + return BigIntegers.AsUnsignedByteArray(mBasicAgreement.GetFieldSize(), agreementValue); + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/tls/DefaultTlsCipherFactory.cs b/BouncyCastle/crypto/src/crypto/tls/DefaultTlsCipherFactory.cs new file mode 100644 index 0000000..af0ec12 --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/tls/DefaultTlsCipherFactory.cs @@ -0,0 +1,227 @@ +using System; +using System.IO; + +using Org.BouncyCastle.Crypto.Engines; +using Org.BouncyCastle.Crypto.Modes; + +namespace Org.BouncyCastle.Crypto.Tls +{ + public class DefaultTlsCipherFactory + : AbstractTlsCipherFactory + { + /// + public override TlsCipher CreateCipher(TlsContext context, int encryptionAlgorithm, int macAlgorithm) + { + switch (encryptionAlgorithm) + { + case EncryptionAlgorithm.cls_3DES_EDE_CBC: + return CreateDesEdeCipher(context, macAlgorithm); + case EncryptionAlgorithm.AES_128_CBC: + return CreateAESCipher(context, 16, macAlgorithm); + case EncryptionAlgorithm.AES_128_CCM: + // NOTE: Ignores macAlgorithm + return CreateCipher_Aes_Ccm(context, 16, 16); + case EncryptionAlgorithm.AES_128_CCM_8: + // NOTE: Ignores macAlgorithm + return CreateCipher_Aes_Ccm(context, 16, 8); + case EncryptionAlgorithm.AES_128_GCM: + // NOTE: Ignores macAlgorithm + return CreateCipher_Aes_Gcm(context, 16, 16); + case EncryptionAlgorithm.AES_128_OCB_TAGLEN96: + // NOTE: Ignores macAlgorithm + return CreateCipher_Aes_Ocb(context, 16, 12); + case EncryptionAlgorithm.AES_256_CBC: + return CreateAESCipher(context, 32, macAlgorithm); + case EncryptionAlgorithm.AES_256_CCM: + // NOTE: Ignores macAlgorithm + return CreateCipher_Aes_Ccm(context, 32, 16); + case EncryptionAlgorithm.AES_256_CCM_8: + // NOTE: Ignores macAlgorithm + return CreateCipher_Aes_Ccm(context, 32, 8); + case EncryptionAlgorithm.AES_256_GCM: + // NOTE: Ignores macAlgorithm + return CreateCipher_Aes_Gcm(context, 32, 16); + case EncryptionAlgorithm.AES_256_OCB_TAGLEN96: + // NOTE: Ignores macAlgorithm + return CreateCipher_Aes_Ocb(context, 32, 12); + case EncryptionAlgorithm.CAMELLIA_128_CBC: + return CreateCamelliaCipher(context, 16, macAlgorithm); + case EncryptionAlgorithm.CAMELLIA_128_GCM: + // NOTE: Ignores macAlgorithm + return CreateCipher_Camellia_Gcm(context, 16, 16); + case EncryptionAlgorithm.CAMELLIA_256_CBC: + return CreateCamelliaCipher(context, 32, macAlgorithm); + case EncryptionAlgorithm.CAMELLIA_256_GCM: + // NOTE: Ignores macAlgorithm + return CreateCipher_Camellia_Gcm(context, 32, 16); + case EncryptionAlgorithm.CHACHA20_POLY1305: + // NOTE: Ignores macAlgorithm + return CreateChaCha20Poly1305(context); + case EncryptionAlgorithm.NULL: + return CreateNullCipher(context, macAlgorithm); + case EncryptionAlgorithm.RC4_128: + return CreateRC4Cipher(context, 16, macAlgorithm); + case EncryptionAlgorithm.SEED_CBC: + return CreateSeedCipher(context, macAlgorithm); + default: + throw new TlsFatalAlert(AlertDescription.internal_error); + } + } + + /// + protected virtual TlsBlockCipher CreateAESCipher(TlsContext context, int cipherKeySize, int macAlgorithm) + { + return new TlsBlockCipher(context, CreateAesBlockCipher(), CreateAesBlockCipher(), + CreateHMacDigest(macAlgorithm), CreateHMacDigest(macAlgorithm), cipherKeySize); + } + + /// + protected virtual TlsBlockCipher CreateCamelliaCipher(TlsContext context, int cipherKeySize, int macAlgorithm) + { + return new TlsBlockCipher(context, CreateCamelliaBlockCipher(), + CreateCamelliaBlockCipher(), CreateHMacDigest(macAlgorithm), + CreateHMacDigest(macAlgorithm), cipherKeySize); + } + + /// + protected virtual TlsCipher CreateChaCha20Poly1305(TlsContext context) + { + return new Chacha20Poly1305(context); + } + + /// + protected virtual TlsAeadCipher CreateCipher_Aes_Ccm(TlsContext context, int cipherKeySize, int macSize) + { + return new TlsAeadCipher(context, CreateAeadBlockCipher_Aes_Ccm(), + CreateAeadBlockCipher_Aes_Ccm(), cipherKeySize, macSize); + } + + /// + protected virtual TlsAeadCipher CreateCipher_Aes_Gcm(TlsContext context, int cipherKeySize, int macSize) + { + return new TlsAeadCipher(context, CreateAeadBlockCipher_Aes_Gcm(), + CreateAeadBlockCipher_Aes_Gcm(), cipherKeySize, macSize); + } + + /// + protected virtual TlsAeadCipher CreateCipher_Aes_Ocb(TlsContext context, int cipherKeySize, int macSize) + { + return new TlsAeadCipher(context, CreateAeadBlockCipher_Aes_Ocb(), + CreateAeadBlockCipher_Aes_Ocb(), cipherKeySize, macSize, TlsAeadCipher.NONCE_DRAFT_CHACHA20_POLY1305); + } + + /// + protected virtual TlsAeadCipher CreateCipher_Camellia_Gcm(TlsContext context, int cipherKeySize, int macSize) + { + return new TlsAeadCipher(context, CreateAeadBlockCipher_Camellia_Gcm(), + CreateAeadBlockCipher_Camellia_Gcm(), cipherKeySize, macSize); + } + + /// + protected virtual TlsBlockCipher CreateDesEdeCipher(TlsContext context, int macAlgorithm) + { + return new TlsBlockCipher(context, CreateDesEdeBlockCipher(), CreateDesEdeBlockCipher(), + CreateHMacDigest(macAlgorithm), CreateHMacDigest(macAlgorithm), 24); + } + + /// + protected virtual TlsNullCipher CreateNullCipher(TlsContext context, int macAlgorithm) + { + return new TlsNullCipher(context, CreateHMacDigest(macAlgorithm), + CreateHMacDigest(macAlgorithm)); + } + + /// + protected virtual TlsStreamCipher CreateRC4Cipher(TlsContext context, int cipherKeySize, int macAlgorithm) + { + return new TlsStreamCipher(context, CreateRC4StreamCipher(), CreateRC4StreamCipher(), + CreateHMacDigest(macAlgorithm), CreateHMacDigest(macAlgorithm), cipherKeySize, false); + } + + /// + protected virtual TlsBlockCipher CreateSeedCipher(TlsContext context, int macAlgorithm) + { + return new TlsBlockCipher(context, CreateSeedBlockCipher(), CreateSeedBlockCipher(), + CreateHMacDigest(macAlgorithm), CreateHMacDigest(macAlgorithm), 16); + } + + protected virtual IBlockCipher CreateAesEngine() + { + return new AesEngine(); + } + + protected virtual IBlockCipher CreateCamelliaEngine() + { + return new CamelliaEngine(); + } + + protected virtual IBlockCipher CreateAesBlockCipher() + { + return new CbcBlockCipher(CreateAesEngine()); + } + + protected virtual IAeadBlockCipher CreateAeadBlockCipher_Aes_Ccm() + { + return new CcmBlockCipher(CreateAesEngine()); + } + + protected virtual IAeadBlockCipher CreateAeadBlockCipher_Aes_Gcm() + { + // TODO Consider allowing custom configuration of multiplier + return new GcmBlockCipher(CreateAesEngine()); + } + + protected virtual IAeadBlockCipher CreateAeadBlockCipher_Aes_Ocb() + { + return new OcbBlockCipher(CreateAesEngine(), CreateAesEngine()); + } + + protected virtual IAeadBlockCipher CreateAeadBlockCipher_Camellia_Gcm() + { + // TODO Consider allowing custom configuration of multiplier + return new GcmBlockCipher(CreateCamelliaEngine()); + } + + protected virtual IBlockCipher CreateCamelliaBlockCipher() + { + return new CbcBlockCipher(CreateCamelliaEngine()); + } + + protected virtual IBlockCipher CreateDesEdeBlockCipher() + { + return new CbcBlockCipher(new DesEdeEngine()); + } + + protected virtual IStreamCipher CreateRC4StreamCipher() + { + return new RC4Engine(); + } + + protected virtual IBlockCipher CreateSeedBlockCipher() + { + return new CbcBlockCipher(new SeedEngine()); + } + + /// + protected virtual IDigest CreateHMacDigest(int macAlgorithm) + { + switch (macAlgorithm) + { + case MacAlgorithm.cls_null: + return null; + case MacAlgorithm.hmac_md5: + return TlsUtilities.CreateHash(HashAlgorithm.md5); + case MacAlgorithm.hmac_sha1: + return TlsUtilities.CreateHash(HashAlgorithm.sha1); + case MacAlgorithm.hmac_sha256: + return TlsUtilities.CreateHash(HashAlgorithm.sha256); + case MacAlgorithm.hmac_sha384: + return TlsUtilities.CreateHash(HashAlgorithm.sha384); + case MacAlgorithm.hmac_sha512: + return TlsUtilities.CreateHash(HashAlgorithm.sha512); + default: + throw new TlsFatalAlert(AlertDescription.internal_error); + } + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/tls/DefaultTlsClient.cs b/BouncyCastle/crypto/src/crypto/tls/DefaultTlsClient.cs new file mode 100644 index 0000000..64d2986 --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/tls/DefaultTlsClient.cs @@ -0,0 +1,115 @@ +using System; +using System.Collections; +using System.IO; + +using Org.BouncyCastle.Asn1.X509; +using Org.BouncyCastle.Crypto; +using Org.BouncyCastle.Crypto.Digests; +using Org.BouncyCastle.Crypto.Engines; +using Org.BouncyCastle.Crypto.Modes; +using Org.BouncyCastle.Crypto.Parameters; + +namespace Org.BouncyCastle.Crypto.Tls +{ + public abstract class DefaultTlsClient + : AbstractTlsClient + { + protected TlsDHVerifier mDHVerifier; + + public DefaultTlsClient() + : this(new DefaultTlsCipherFactory()) + { + } + + public DefaultTlsClient(TlsCipherFactory cipherFactory) + : this(cipherFactory, new DefaultTlsDHVerifier()) + { + } + + public DefaultTlsClient(TlsCipherFactory cipherFactory, TlsDHVerifier dhVerifier) + : base(cipherFactory) + { + this.mDHVerifier = dhVerifier; + } + + public override int[] GetCipherSuites() + { + return new int[] + { + CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, + CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256, + CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, + CipherSuite.TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, + CipherSuite.TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256, + CipherSuite.TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, + CipherSuite.TLS_RSA_WITH_AES_128_GCM_SHA256, + CipherSuite.TLS_RSA_WITH_AES_128_CBC_SHA256, + CipherSuite.TLS_RSA_WITH_AES_128_CBC_SHA, + }; + } + + public override TlsKeyExchange GetKeyExchange() + { + int keyExchangeAlgorithm = TlsUtilities.GetKeyExchangeAlgorithm(mSelectedCipherSuite); + + switch (keyExchangeAlgorithm) + { + case KeyExchangeAlgorithm.DH_anon: + case KeyExchangeAlgorithm.DH_DSS: + case KeyExchangeAlgorithm.DH_RSA: + return CreateDHKeyExchange(keyExchangeAlgorithm); + + case KeyExchangeAlgorithm.DHE_DSS: + case KeyExchangeAlgorithm.DHE_RSA: + return CreateDheKeyExchange(keyExchangeAlgorithm); + + case KeyExchangeAlgorithm.ECDH_anon: + case KeyExchangeAlgorithm.ECDH_ECDSA: + case KeyExchangeAlgorithm.ECDH_RSA: + return CreateECDHKeyExchange(keyExchangeAlgorithm); + + case KeyExchangeAlgorithm.ECDHE_ECDSA: + case KeyExchangeAlgorithm.ECDHE_RSA: + return CreateECDheKeyExchange(keyExchangeAlgorithm); + + case KeyExchangeAlgorithm.RSA: + return CreateRsaKeyExchange(); + + default: + /* + * Note: internal error here; the TlsProtocol implementation verifies that the + * server-selected cipher suite was in the list of client-offered cipher suites, so if + * we now can't produce an implementation, we shouldn't have offered it! + */ + throw new TlsFatalAlert(AlertDescription.internal_error); + } + } + + protected virtual TlsKeyExchange CreateDHKeyExchange(int keyExchange) + { + return new TlsDHKeyExchange(keyExchange, mSupportedSignatureAlgorithms, mDHVerifier, null); + } + + protected virtual TlsKeyExchange CreateDheKeyExchange(int keyExchange) + { + return new TlsDheKeyExchange(keyExchange, mSupportedSignatureAlgorithms, mDHVerifier, null); + } + + protected virtual TlsKeyExchange CreateECDHKeyExchange(int keyExchange) + { + return new TlsECDHKeyExchange(keyExchange, mSupportedSignatureAlgorithms, mNamedCurves, mClientECPointFormats, + mServerECPointFormats); + } + + protected virtual TlsKeyExchange CreateECDheKeyExchange(int keyExchange) + { + return new TlsECDheKeyExchange(keyExchange, mSupportedSignatureAlgorithms, mNamedCurves, mClientECPointFormats, + mServerECPointFormats); + } + + protected virtual TlsKeyExchange CreateRsaKeyExchange() + { + return new TlsRsaKeyExchange(mSupportedSignatureAlgorithms); + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/tls/DefaultTlsDHVerifier.cs b/BouncyCastle/crypto/src/crypto/tls/DefaultTlsDHVerifier.cs new file mode 100644 index 0000000..ae26d04 --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/tls/DefaultTlsDHVerifier.cs @@ -0,0 +1,101 @@ +using System; +using System.Collections; + +using Org.BouncyCastle.Crypto.Agreement; +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Math; +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Crypto.Tls +{ + public class DefaultTlsDHVerifier + : TlsDHVerifier + { + public static readonly int DefaultMinimumPrimeBits = 2048; + + protected static readonly IList DefaultGroups = Platform.CreateArrayList(); + + private static void AddDefaultGroup(DHParameters dhParameters) + { + DefaultGroups.Add(dhParameters); + } + + static DefaultTlsDHVerifier() + { + AddDefaultGroup(DHStandardGroups.rfc7919_ffdhe2048); + AddDefaultGroup(DHStandardGroups.rfc7919_ffdhe3072); + AddDefaultGroup(DHStandardGroups.rfc7919_ffdhe4096); + AddDefaultGroup(DHStandardGroups.rfc7919_ffdhe6144); + AddDefaultGroup(DHStandardGroups.rfc7919_ffdhe8192); + + AddDefaultGroup(DHStandardGroups.rfc3526_1536); + AddDefaultGroup(DHStandardGroups.rfc3526_2048); + AddDefaultGroup(DHStandardGroups.rfc3526_3072); + AddDefaultGroup(DHStandardGroups.rfc3526_4096); + AddDefaultGroup(DHStandardGroups.rfc3526_6144); + AddDefaultGroup(DHStandardGroups.rfc3526_8192); + } + + // IList is (DHParameters) + protected readonly IList mGroups; + protected readonly int mMinimumPrimeBits; + + /// Accept various standard DH groups with 'P' at least DefaultMinimumPrimeBits bits. + public DefaultTlsDHVerifier() + : this(DefaultMinimumPrimeBits) + { + } + + /// Accept various standard DH groups with 'P' at least the specified number of bits. + public DefaultTlsDHVerifier(int minimumPrimeBits) + : this(DefaultGroups, minimumPrimeBits) + { + } + + /// Accept a custom set of group parameters, subject to a minimum bitlength for 'P'. + /// An IList of acceptable DHParameters. + /// The minimum acceptable bitlength of the 'P' parameter. + public DefaultTlsDHVerifier(IList groups, int minimumPrimeBits) + { + this.mGroups = groups; + this.mMinimumPrimeBits = minimumPrimeBits; + } + + public virtual bool Accept(DHParameters dhParameters) + { + return CheckMinimumPrimeBits(dhParameters) && CheckGroup(dhParameters); + } + + public virtual int MinimumPrimeBits + { + get { return mMinimumPrimeBits; } + } + + protected virtual bool AreGroupsEqual(DHParameters a, DHParameters b) + { + return a == b || (AreParametersEqual(a.P, b.P) && AreParametersEqual(a.G, b.G)); + } + + protected virtual bool AreParametersEqual(BigInteger a, BigInteger b) + { + return a == b || a.Equals(b); + } + + protected virtual bool CheckGroup(DHParameters dhParameters) + { + foreach (DHParameters group in mGroups) + { + if (AreGroupsEqual(dhParameters, group)) + { + return true; + } + } + return false; + } + + protected virtual bool CheckMinimumPrimeBits(DHParameters dhParameters) + { + return dhParameters.P.BitLength >= MinimumPrimeBits; + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/tls/DefaultTlsEncryptionCredentials.cs b/BouncyCastle/crypto/src/crypto/tls/DefaultTlsEncryptionCredentials.cs new file mode 100644 index 0000000..5348ee8 --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/tls/DefaultTlsEncryptionCredentials.cs @@ -0,0 +1,52 @@ +using System; +using System.IO; + +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Crypto.Tls +{ + public class DefaultTlsEncryptionCredentials + : AbstractTlsEncryptionCredentials + { + protected readonly TlsContext mContext; + protected readonly Certificate mCertificate; + protected readonly AsymmetricKeyParameter mPrivateKey; + + public DefaultTlsEncryptionCredentials(TlsContext context, Certificate certificate, + AsymmetricKeyParameter privateKey) + { + if (certificate == null) + throw new ArgumentNullException("certificate"); + if (certificate.IsEmpty) + throw new ArgumentException("cannot be empty", "certificate"); + if (privateKey == null) + throw new ArgumentNullException("'privateKey' cannot be null"); + if (!privateKey.IsPrivate) + throw new ArgumentException("must be private", "privateKey"); + + if (privateKey is RsaKeyParameters) + { + } + else + { + throw new ArgumentException("type not supported: " + Platform.GetTypeName(privateKey), "privateKey"); + } + + this.mContext = context; + this.mCertificate = certificate; + this.mPrivateKey = privateKey; + } + + public override Certificate Certificate + { + get { return mCertificate; } + } + + /// + public override byte[] DecryptPreMasterSecret(byte[] encryptedPreMasterSecret) + { + return TlsRsaUtilities.SafeDecryptPreMasterSecret(mContext, (RsaKeyParameters)mPrivateKey, encryptedPreMasterSecret); + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/tls/DefaultTlsServer.cs b/BouncyCastle/crypto/src/crypto/tls/DefaultTlsServer.cs new file mode 100644 index 0000000..90f3576 --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/tls/DefaultTlsServer.cs @@ -0,0 +1,166 @@ +using System; +using System.Collections; +using System.IO; + +using Org.BouncyCastle.Crypto.Agreement; +using Org.BouncyCastle.Crypto.Parameters; + +namespace Org.BouncyCastle.Crypto.Tls +{ + public abstract class DefaultTlsServer + : AbstractTlsServer + { + public DefaultTlsServer() + : base() + { + } + + public DefaultTlsServer(TlsCipherFactory cipherFactory) + : base(cipherFactory) + { + } + + protected virtual TlsSignerCredentials GetDsaSignerCredentials() + { + throw new TlsFatalAlert(AlertDescription.internal_error); + } + + protected virtual TlsSignerCredentials GetECDsaSignerCredentials() + { + throw new TlsFatalAlert(AlertDescription.internal_error); + } + + protected virtual TlsEncryptionCredentials GetRsaEncryptionCredentials() + { + throw new TlsFatalAlert(AlertDescription.internal_error); + } + + protected virtual TlsSignerCredentials GetRsaSignerCredentials() + { + throw new TlsFatalAlert(AlertDescription.internal_error); + } + + protected virtual DHParameters GetDHParameters() + { + return DHStandardGroups.rfc7919_ffdhe2048; + } + + protected override int[] GetCipherSuites() + { + return new int[] + { + CipherSuite.TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384, + CipherSuite.TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, + CipherSuite.TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384, + CipherSuite.TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256, + CipherSuite.TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA, + CipherSuite.TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, + CipherSuite.TLS_DHE_RSA_WITH_AES_256_GCM_SHA384, + CipherSuite.TLS_DHE_RSA_WITH_AES_128_GCM_SHA256, + CipherSuite.TLS_DHE_RSA_WITH_AES_256_CBC_SHA256, + CipherSuite.TLS_DHE_RSA_WITH_AES_128_CBC_SHA256, + CipherSuite.TLS_DHE_RSA_WITH_AES_256_CBC_SHA, + CipherSuite.TLS_DHE_RSA_WITH_AES_128_CBC_SHA, + CipherSuite.TLS_RSA_WITH_AES_256_GCM_SHA384, + CipherSuite.TLS_RSA_WITH_AES_128_GCM_SHA256, + CipherSuite.TLS_RSA_WITH_AES_256_CBC_SHA256, + CipherSuite.TLS_RSA_WITH_AES_128_CBC_SHA256, + CipherSuite.TLS_RSA_WITH_AES_256_CBC_SHA, + CipherSuite.TLS_RSA_WITH_AES_128_CBC_SHA, + }; + } + + public override TlsCredentials GetCredentials() + { + int keyExchangeAlgorithm = TlsUtilities.GetKeyExchangeAlgorithm(mSelectedCipherSuite); + + switch (keyExchangeAlgorithm) + { + case KeyExchangeAlgorithm.DHE_DSS: + return GetDsaSignerCredentials(); + + case KeyExchangeAlgorithm.DH_anon: + case KeyExchangeAlgorithm.ECDH_anon: + return null; + + case KeyExchangeAlgorithm.ECDHE_ECDSA: + return GetECDsaSignerCredentials(); + + case KeyExchangeAlgorithm.DHE_RSA: + case KeyExchangeAlgorithm.ECDHE_RSA: + return GetRsaSignerCredentials(); + + case KeyExchangeAlgorithm.RSA: + return GetRsaEncryptionCredentials(); + + default: + /* Note: internal error here; selected a key exchange we don't implement! */ + throw new TlsFatalAlert(AlertDescription.internal_error); + } + } + + public override TlsKeyExchange GetKeyExchange() + { + int keyExchangeAlgorithm = TlsUtilities.GetKeyExchangeAlgorithm(mSelectedCipherSuite); + + switch (keyExchangeAlgorithm) + { + case KeyExchangeAlgorithm.DH_anon: + case KeyExchangeAlgorithm.DH_DSS: + case KeyExchangeAlgorithm.DH_RSA: + return CreateDHKeyExchange(keyExchangeAlgorithm); + + case KeyExchangeAlgorithm.DHE_DSS: + case KeyExchangeAlgorithm.DHE_RSA: + return CreateDheKeyExchange(keyExchangeAlgorithm); + + case KeyExchangeAlgorithm.ECDH_anon: + case KeyExchangeAlgorithm.ECDH_ECDSA: + case KeyExchangeAlgorithm.ECDH_RSA: + return CreateECDHKeyExchange(keyExchangeAlgorithm); + + case KeyExchangeAlgorithm.ECDHE_ECDSA: + case KeyExchangeAlgorithm.ECDHE_RSA: + return CreateECDheKeyExchange(keyExchangeAlgorithm); + + case KeyExchangeAlgorithm.RSA: + return CreateRsaKeyExchange(); + + default: + /* + * Note: internal error here; the TlsProtocol implementation verifies that the + * server-selected cipher suite was in the list of client-offered cipher suites, so if + * we now can't produce an implementation, we shouldn't have offered it! + */ + throw new TlsFatalAlert(AlertDescription.internal_error); + } + } + + protected virtual TlsKeyExchange CreateDHKeyExchange(int keyExchange) + { + return new TlsDHKeyExchange(keyExchange, mSupportedSignatureAlgorithms, null, GetDHParameters()); + } + + protected virtual TlsKeyExchange CreateDheKeyExchange(int keyExchange) + { + return new TlsDheKeyExchange(keyExchange, mSupportedSignatureAlgorithms, null, GetDHParameters()); + } + + protected virtual TlsKeyExchange CreateECDHKeyExchange(int keyExchange) + { + return new TlsECDHKeyExchange(keyExchange, mSupportedSignatureAlgorithms, mNamedCurves, mClientECPointFormats, + mServerECPointFormats); + } + + protected virtual TlsKeyExchange CreateECDheKeyExchange(int keyExchange) + { + return new TlsECDheKeyExchange(keyExchange, mSupportedSignatureAlgorithms, mNamedCurves, mClientECPointFormats, + mServerECPointFormats); + } + + protected virtual TlsKeyExchange CreateRsaKeyExchange() + { + return new TlsRsaKeyExchange(mSupportedSignatureAlgorithms); + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/tls/DefaultTlsSignerCredentials.cs b/BouncyCastle/crypto/src/crypto/tls/DefaultTlsSignerCredentials.cs new file mode 100644 index 0000000..0ff732a --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/tls/DefaultTlsSignerCredentials.cs @@ -0,0 +1,93 @@ +using System; +using System.IO; + +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Crypto.Tls +{ + public class DefaultTlsSignerCredentials + : AbstractTlsSignerCredentials + { + protected readonly TlsContext mContext; + protected readonly Certificate mCertificate; + protected readonly AsymmetricKeyParameter mPrivateKey; + protected readonly SignatureAndHashAlgorithm mSignatureAndHashAlgorithm; + + protected readonly TlsSigner mSigner; + + public DefaultTlsSignerCredentials(TlsContext context, Certificate certificate, AsymmetricKeyParameter privateKey) + : this(context, certificate, privateKey, null) + { + } + + public DefaultTlsSignerCredentials(TlsContext context, Certificate certificate, AsymmetricKeyParameter privateKey, + SignatureAndHashAlgorithm signatureAndHashAlgorithm) + { + if (certificate == null) + throw new ArgumentNullException("certificate"); + if (certificate.IsEmpty) + throw new ArgumentException("cannot be empty", "clientCertificate"); + if (privateKey == null) + throw new ArgumentNullException("privateKey"); + if (!privateKey.IsPrivate) + throw new ArgumentException("must be private", "privateKey"); + if (TlsUtilities.IsTlsV12(context) && signatureAndHashAlgorithm == null) + throw new ArgumentException("cannot be null for (D)TLS 1.2+", "signatureAndHashAlgorithm"); + + if (privateKey is RsaKeyParameters) + { + mSigner = new TlsRsaSigner(); + } + else if (privateKey is DsaPrivateKeyParameters) + { + mSigner = new TlsDssSigner(); + } + else if (privateKey is ECPrivateKeyParameters) + { + mSigner = new TlsECDsaSigner(); + } + else + { + throw new ArgumentException("type not supported: " + Platform.GetTypeName(privateKey), "privateKey"); + } + + this.mSigner.Init(context); + + this.mContext = context; + this.mCertificate = certificate; + this.mPrivateKey = privateKey; + this.mSignatureAndHashAlgorithm = signatureAndHashAlgorithm; + } + + public override Certificate Certificate + { + get { return mCertificate; } + } + + /// + public override byte[] GenerateCertificateSignature(byte[] hash) + { + try + { + if (TlsUtilities.IsTlsV12(mContext)) + { + return mSigner.GenerateRawSignature(mSignatureAndHashAlgorithm, mPrivateKey, hash); + } + else + { + return mSigner.GenerateRawSignature(mPrivateKey, hash); + } + } + catch (CryptoException e) + { + throw new TlsFatalAlert(AlertDescription.internal_error, e); + } + } + + public override SignatureAndHashAlgorithm SignatureAndHashAlgorithm + { + get { return mSignatureAndHashAlgorithm; } + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/tls/DefaultTlsSrpGroupVerifier.cs b/BouncyCastle/crypto/src/crypto/tls/DefaultTlsSrpGroupVerifier.cs new file mode 100644 index 0000000..cc933bf --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/tls/DefaultTlsSrpGroupVerifier.cs @@ -0,0 +1,70 @@ +using System; +using System.Collections; + +using Org.BouncyCastle.Crypto.Agreement.Srp; +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Math; +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Crypto.Tls +{ + public class DefaultTlsSrpGroupVerifier + : TlsSrpGroupVerifier + { + protected static readonly IList DefaultGroups = Platform.CreateArrayList(); + + static DefaultTlsSrpGroupVerifier() + { + DefaultGroups.Add(Srp6StandardGroups.rfc5054_1024); + DefaultGroups.Add(Srp6StandardGroups.rfc5054_1536); + DefaultGroups.Add(Srp6StandardGroups.rfc5054_2048); + DefaultGroups.Add(Srp6StandardGroups.rfc5054_3072); + DefaultGroups.Add(Srp6StandardGroups.rfc5054_4096); + DefaultGroups.Add(Srp6StandardGroups.rfc5054_6144); + DefaultGroups.Add(Srp6StandardGroups.rfc5054_8192); + } + + // Vector is (SRP6GroupParameters) + protected readonly IList mGroups; + + /** + * Accept only the group parameters specified in RFC 5054 Appendix A. + */ + public DefaultTlsSrpGroupVerifier() + : this(DefaultGroups) + { + } + + /** + * Specify a custom set of acceptable group parameters. + * + * @param groups a {@link Vector} of acceptable {@link SRP6GroupParameters} + */ + public DefaultTlsSrpGroupVerifier(IList groups) + { + this.mGroups = groups; + } + + public virtual bool Accept(Srp6GroupParameters group) + { + foreach (Srp6GroupParameters entry in mGroups) + { + if (AreGroupsEqual(group, entry)) + { + return true; + } + } + return false; + } + + protected virtual bool AreGroupsEqual(Srp6GroupParameters a, Srp6GroupParameters b) + { + return a == b || (AreParametersEqual(a.N, b.N) && AreParametersEqual(a.G, b.G)); + } + + protected virtual bool AreParametersEqual(BigInteger a, BigInteger b) + { + return a == b || a.Equals(b); + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/tls/DeferredHash.cs b/BouncyCastle/crypto/src/crypto/tls/DeferredHash.cs new file mode 100644 index 0000000..f402f26 --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/tls/DeferredHash.cs @@ -0,0 +1,201 @@ +using System; +using System.Collections; + +using Org.BouncyCastle.Security; +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Crypto.Tls +{ + /** + * Buffers input until the hash algorithm is determined. + */ + internal class DeferredHash + : TlsHandshakeHash + { + protected const int BUFFERING_HASH_LIMIT = 4; + + protected TlsContext mContext; + + private DigestInputBuffer mBuf; + private IDictionary mHashes; + private int mPrfHashAlgorithm; + + internal DeferredHash() + { + this.mBuf = new DigestInputBuffer(); + this.mHashes = Platform.CreateHashtable(); + this.mPrfHashAlgorithm = -1; + } + + private DeferredHash(byte prfHashAlgorithm, IDigest prfHash) + { + this.mBuf = null; + this.mHashes = Platform.CreateHashtable(); + this.mPrfHashAlgorithm = prfHashAlgorithm; + mHashes[prfHashAlgorithm] = prfHash; + } + + public virtual void Init(TlsContext context) + { + this.mContext = context; + } + + public virtual TlsHandshakeHash NotifyPrfDetermined() + { + int prfAlgorithm = mContext.SecurityParameters.PrfAlgorithm; + if (prfAlgorithm == PrfAlgorithm.tls_prf_legacy) + { + CombinedHash legacyHash = new CombinedHash(); + legacyHash.Init(mContext); + mBuf.UpdateDigest(legacyHash); + return legacyHash.NotifyPrfDetermined(); + } + + this.mPrfHashAlgorithm = TlsUtilities.GetHashAlgorithmForPrfAlgorithm(prfAlgorithm); + + CheckTrackingHash((byte)mPrfHashAlgorithm); + + return this; + } + + public virtual void TrackHashAlgorithm(byte hashAlgorithm) + { + if (mBuf == null) + throw new InvalidOperationException("Too late to track more hash algorithms"); + + CheckTrackingHash(hashAlgorithm); + } + + public virtual void SealHashAlgorithms() + { + CheckStopBuffering(); + } + + public virtual TlsHandshakeHash StopTracking() + { + byte prfHashAlgorithm = (byte)mPrfHashAlgorithm; + IDigest prfHash = TlsUtilities.CloneHash(prfHashAlgorithm, (IDigest)mHashes[prfHashAlgorithm]); + if (mBuf != null) + { + mBuf.UpdateDigest(prfHash); + } + DeferredHash result = new DeferredHash(prfHashAlgorithm, prfHash); + result.Init(mContext); + return result; + } + + public virtual IDigest ForkPrfHash() + { + CheckStopBuffering(); + + byte prfHashAlgorithm = (byte)mPrfHashAlgorithm; + if (mBuf != null) + { + IDigest prfHash = TlsUtilities.CreateHash(prfHashAlgorithm); + mBuf.UpdateDigest(prfHash); + return prfHash; + } + + return TlsUtilities.CloneHash(prfHashAlgorithm, (IDigest)mHashes[prfHashAlgorithm]); + } + + public virtual byte[] GetFinalHash(byte hashAlgorithm) + { + IDigest d = (IDigest)mHashes[hashAlgorithm]; + if (d == null) + throw new InvalidOperationException("HashAlgorithm." + HashAlgorithm.GetText(hashAlgorithm) + " is not being tracked"); + + d = TlsUtilities.CloneHash(hashAlgorithm, d); + if (mBuf != null) + { + mBuf.UpdateDigest(d); + } + + return DigestUtilities.DoFinal(d); + } + + public virtual string AlgorithmName + { + get { throw new InvalidOperationException("Use Fork() to get a definite IDigest"); } + } + + public virtual int GetByteLength() + { + throw new InvalidOperationException("Use Fork() to get a definite IDigest"); + } + + public virtual int GetDigestSize() + { + throw new InvalidOperationException("Use Fork() to get a definite IDigest"); + } + + public virtual void Update(byte input) + { + if (mBuf != null) + { + mBuf.WriteByte(input); + return; + } + + foreach (IDigest hash in mHashes.Values) + { + hash.Update(input); + } + } + + public virtual void BlockUpdate(byte[] input, int inOff, int len) + { + if (mBuf != null) + { + mBuf.Write(input, inOff, len); + return; + } + + foreach (IDigest hash in mHashes.Values) + { + hash.BlockUpdate(input, inOff, len); + } + } + + public virtual int DoFinal(byte[] output, int outOff) + { + throw new InvalidOperationException("Use Fork() to get a definite IDigest"); + } + + public virtual void Reset() + { + if (mBuf != null) + { + mBuf.SetLength(0); + return; + } + + foreach (IDigest hash in mHashes.Values) + { + hash.Reset(); + } + } + + protected virtual void CheckStopBuffering() + { + if (mBuf != null && mHashes.Count <= BUFFERING_HASH_LIMIT) + { + foreach (IDigest hash in mHashes.Values) + { + mBuf.UpdateDigest(hash); + } + + this.mBuf = null; + } + } + + protected virtual void CheckTrackingHash(byte hashAlgorithm) + { + if (!mHashes.Contains(hashAlgorithm)) + { + IDigest hash = TlsUtilities.CreateHash(hashAlgorithm); + mHashes[hashAlgorithm] = hash; + } + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/tls/DigestInputBuffer.cs b/BouncyCastle/crypto/src/crypto/tls/DigestInputBuffer.cs new file mode 100644 index 0000000..acc6756 --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/tls/DigestInputBuffer.cs @@ -0,0 +1,17 @@ +using System; +using System.IO; + +using Org.BouncyCastle.Crypto.IO; +using Org.BouncyCastle.Utilities.IO; + +namespace Org.BouncyCastle.Crypto.Tls +{ + internal class DigestInputBuffer + : MemoryStream + { + internal void UpdateDigest(IDigest d) + { + Streams.WriteBufTo(this, new DigestSink(d)); + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/tls/DigitallySigned.cs b/BouncyCastle/crypto/src/crypto/tls/DigitallySigned.cs new file mode 100644 index 0000000..8b7344f --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/tls/DigitallySigned.cs @@ -0,0 +1,70 @@ +using System; +using System.IO; + +namespace Org.BouncyCastle.Crypto.Tls +{ + public class DigitallySigned + { + protected readonly SignatureAndHashAlgorithm mAlgorithm; + protected readonly byte[] mSignature; + + public DigitallySigned(SignatureAndHashAlgorithm algorithm, byte[] signature) + { + if (signature == null) + throw new ArgumentNullException("signature"); + + this.mAlgorithm = algorithm; + this.mSignature = signature; + } + + /** + * @return a {@link SignatureAndHashAlgorithm} (or null before TLS 1.2). + */ + public virtual SignatureAndHashAlgorithm Algorithm + { + get { return mAlgorithm; } + } + + public virtual byte[] Signature + { + get { return mSignature; } + } + + /** + * Encode this {@link DigitallySigned} to a {@link Stream}. + * + * @param output + * the {@link Stream} to encode to. + * @throws IOException + */ + public virtual void Encode(Stream output) + { + if (mAlgorithm != null) + { + mAlgorithm.Encode(output); + } + TlsUtilities.WriteOpaque16(mSignature, output); + } + + /** + * Parse a {@link DigitallySigned} from a {@link Stream}. + * + * @param context + * the {@link TlsContext} of the current connection. + * @param input + * the {@link Stream} to parse from. + * @return a {@link DigitallySigned} object. + * @throws IOException + */ + public static DigitallySigned Parse(TlsContext context, Stream input) + { + SignatureAndHashAlgorithm algorithm = null; + if (TlsUtilities.IsTlsV12(context)) + { + algorithm = SignatureAndHashAlgorithm.Parse(input); + } + byte[] signature = TlsUtilities.ReadOpaque16(input); + return new DigitallySigned(algorithm, signature); + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/tls/DtlsClientProtocol.cs b/BouncyCastle/crypto/src/crypto/tls/DtlsClientProtocol.cs new file mode 100644 index 0000000..fe6381d --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/tls/DtlsClientProtocol.cs @@ -0,0 +1,864 @@ +using System; +using System.Collections; +using System.IO; + +using Org.BouncyCastle.Security; +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Crypto.Tls +{ + public class DtlsClientProtocol + : DtlsProtocol + { + public DtlsClientProtocol(SecureRandom secureRandom) + : base(secureRandom) + { + } + + public virtual DtlsTransport Connect(TlsClient client, DatagramTransport transport) + { + if (client == null) + throw new ArgumentNullException("client"); + if (transport == null) + throw new ArgumentNullException("transport"); + + SecurityParameters securityParameters = new SecurityParameters(); + securityParameters.entity = ConnectionEnd.client; + + ClientHandshakeState state = new ClientHandshakeState(); + state.client = client; + state.clientContext = new TlsClientContextImpl(mSecureRandom, securityParameters); + + securityParameters.clientRandom = TlsProtocol.CreateRandomBlock(client.ShouldUseGmtUnixTime(), + state.clientContext.NonceRandomGenerator); + + client.Init(state.clientContext); + + DtlsRecordLayer recordLayer = new DtlsRecordLayer(transport, state.clientContext, client, ContentType.handshake); + client.NotifyCloseHandle(recordLayer); + + TlsSession sessionToResume = state.client.GetSessionToResume(); + if (sessionToResume != null && sessionToResume.IsResumable) + { + SessionParameters sessionParameters = sessionToResume.ExportSessionParameters(); + if (sessionParameters != null && sessionParameters.IsExtendedMasterSecret) + { + state.tlsSession = sessionToResume; + state.sessionParameters = sessionParameters; + } + } + + try + { + return ClientHandshake(state, recordLayer); + } + catch (TlsFatalAlert fatalAlert) + { + AbortClientHandshake(state, recordLayer, fatalAlert.AlertDescription); + throw fatalAlert; + } + catch (IOException e) + { + AbortClientHandshake(state, recordLayer, AlertDescription.internal_error); + throw e; + } + catch (Exception e) + { + AbortClientHandshake(state, recordLayer, AlertDescription.internal_error); + throw new TlsFatalAlert(AlertDescription.internal_error, e); + } + finally + { + securityParameters.Clear(); + } + } + + internal virtual void AbortClientHandshake(ClientHandshakeState state, DtlsRecordLayer recordLayer, byte alertDescription) + { + recordLayer.Fail(alertDescription); + InvalidateSession(state); + } + + internal virtual DtlsTransport ClientHandshake(ClientHandshakeState state, DtlsRecordLayer recordLayer) + { + SecurityParameters securityParameters = state.clientContext.SecurityParameters; + DtlsReliableHandshake handshake = new DtlsReliableHandshake(state.clientContext, recordLayer, + state.client.GetHandshakeTimeoutMillis()); + + byte[] clientHelloBody = GenerateClientHello(state, state.client); + + recordLayer.SetWriteVersion(ProtocolVersion.DTLSv10); + + handshake.SendMessage(HandshakeType.client_hello, clientHelloBody); + + DtlsReliableHandshake.Message serverMessage = handshake.ReceiveMessage(); + + while (serverMessage.Type == HandshakeType.hello_verify_request) + { + ProtocolVersion recordLayerVersion = recordLayer.ReadVersion; + ProtocolVersion client_version = state.clientContext.ClientVersion; + + /* + * RFC 6347 4.2.1 DTLS 1.2 server implementations SHOULD use DTLS version 1.0 regardless of + * the version of TLS that is expected to be negotiated. DTLS 1.2 and 1.0 clients MUST use + * the version solely to indicate packet formatting (which is the same in both DTLS 1.2 and + * 1.0) and not as part of version negotiation. + */ + if (!recordLayerVersion.IsEqualOrEarlierVersionOf(client_version)) + throw new TlsFatalAlert(AlertDescription.illegal_parameter); + + recordLayer.ReadVersion = null; + + byte[] cookie = ProcessHelloVerifyRequest(state, serverMessage.Body); + byte[] patched = PatchClientHelloWithCookie(clientHelloBody, cookie); + + handshake.ResetHandshakeMessagesDigest(); + handshake.SendMessage(HandshakeType.client_hello, patched); + + serverMessage = handshake.ReceiveMessage(); + } + + if (serverMessage.Type == HandshakeType.server_hello) + { + ProtocolVersion recordLayerVersion = recordLayer.ReadVersion; + ReportServerVersion(state, recordLayerVersion); + recordLayer.SetWriteVersion(recordLayerVersion); + + ProcessServerHello(state, serverMessage.Body); + } + else + { + throw new TlsFatalAlert(AlertDescription.unexpected_message); + } + + handshake.NotifyHelloComplete(); + + ApplyMaxFragmentLengthExtension(recordLayer, securityParameters.maxFragmentLength); + + if (state.resumedSession) + { + securityParameters.masterSecret = Arrays.Clone(state.sessionParameters.MasterSecret); + recordLayer.InitPendingEpoch(state.client.GetCipher()); + + // NOTE: Calculated exclusive of the actual Finished message from the server + byte[] resExpectedServerVerifyData = TlsUtilities.CalculateVerifyData(state.clientContext, ExporterLabel.server_finished, + TlsProtocol.GetCurrentPrfHash(state.clientContext, handshake.HandshakeHash, null)); + ProcessFinished(handshake.ReceiveMessageBody(HandshakeType.finished), resExpectedServerVerifyData); + + // NOTE: Calculated exclusive of the Finished message itself + byte[] resClientVerifyData = TlsUtilities.CalculateVerifyData(state.clientContext, ExporterLabel.client_finished, + TlsProtocol.GetCurrentPrfHash(state.clientContext, handshake.HandshakeHash, null)); + handshake.SendMessage(HandshakeType.finished, resClientVerifyData); + + handshake.Finish(); + + state.clientContext.SetResumableSession(state.tlsSession); + + state.client.NotifyHandshakeComplete(); + + return new DtlsTransport(recordLayer); + } + + InvalidateSession(state); + + if (state.selectedSessionID.Length > 0) + { + state.tlsSession = new TlsSessionImpl(state.selectedSessionID, null); + } + + serverMessage = handshake.ReceiveMessage(); + + if (serverMessage.Type == HandshakeType.supplemental_data) + { + ProcessServerSupplementalData(state, serverMessage.Body); + serverMessage = handshake.ReceiveMessage(); + } + else + { + state.client.ProcessServerSupplementalData(null); + } + + state.keyExchange = state.client.GetKeyExchange(); + state.keyExchange.Init(state.clientContext); + + Certificate serverCertificate = null; + + if (serverMessage.Type == HandshakeType.certificate) + { + serverCertificate = ProcessServerCertificate(state, serverMessage.Body); + serverMessage = handshake.ReceiveMessage(); + } + else + { + // Okay, Certificate is optional + state.keyExchange.SkipServerCredentials(); + } + + // TODO[RFC 3546] Check whether empty certificates is possible, allowed, or excludes CertificateStatus + if (serverCertificate == null || serverCertificate.IsEmpty) + { + state.allowCertificateStatus = false; + } + + if (serverMessage.Type == HandshakeType.certificate_status) + { + ProcessCertificateStatus(state, serverMessage.Body); + serverMessage = handshake.ReceiveMessage(); + } + else + { + // Okay, CertificateStatus is optional + } + + if (serverMessage.Type == HandshakeType.server_key_exchange) + { + ProcessServerKeyExchange(state, serverMessage.Body); + serverMessage = handshake.ReceiveMessage(); + } + else + { + // Okay, ServerKeyExchange is optional + state.keyExchange.SkipServerKeyExchange(); + } + + if (serverMessage.Type == HandshakeType.certificate_request) + { + ProcessCertificateRequest(state, serverMessage.Body); + + /* + * TODO Give the client a chance to immediately select the CertificateVerify hash + * algorithm here to avoid tracking the other hash algorithms unnecessarily? + */ + TlsUtilities.TrackHashAlgorithms(handshake.HandshakeHash, + state.certificateRequest.SupportedSignatureAlgorithms); + + serverMessage = handshake.ReceiveMessage(); + } + else + { + // Okay, CertificateRequest is optional + } + + if (serverMessage.Type == HandshakeType.server_hello_done) + { + if (serverMessage.Body.Length != 0) + { + throw new TlsFatalAlert(AlertDescription.decode_error); + } + } + else + { + throw new TlsFatalAlert(AlertDescription.unexpected_message); + } + + handshake.HandshakeHash.SealHashAlgorithms(); + + IList clientSupplementalData = state.client.GetClientSupplementalData(); + if (clientSupplementalData != null) + { + byte[] supplementalDataBody = GenerateSupplementalData(clientSupplementalData); + handshake.SendMessage(HandshakeType.supplemental_data, supplementalDataBody); + } + + if (state.certificateRequest != null) + { + state.clientCredentials = state.authentication.GetClientCredentials(state.certificateRequest); + + /* + * RFC 5246 If no suitable certificate is available, the client MUST send a certificate + * message containing no certificates. + * + * NOTE: In previous RFCs, this was SHOULD instead of MUST. + */ + Certificate clientCertificate = null; + if (state.clientCredentials != null) + { + clientCertificate = state.clientCredentials.Certificate; + } + if (clientCertificate == null) + { + clientCertificate = Certificate.EmptyChain; + } + + byte[] certificateBody = GenerateCertificate(clientCertificate); + handshake.SendMessage(HandshakeType.certificate, certificateBody); + } + + if (state.clientCredentials != null) + { + state.keyExchange.ProcessClientCredentials(state.clientCredentials); + } + else + { + state.keyExchange.SkipClientCredentials(); + } + + byte[] clientKeyExchangeBody = GenerateClientKeyExchange(state); + handshake.SendMessage(HandshakeType.client_key_exchange, clientKeyExchangeBody); + + TlsHandshakeHash prepareFinishHash = handshake.PrepareToFinish(); + securityParameters.sessionHash = TlsProtocol.GetCurrentPrfHash(state.clientContext, prepareFinishHash, null); + + TlsProtocol.EstablishMasterSecret(state.clientContext, state.keyExchange); + recordLayer.InitPendingEpoch(state.client.GetCipher()); + + if (state.clientCredentials != null && state.clientCredentials is TlsSignerCredentials) + { + TlsSignerCredentials signerCredentials = (TlsSignerCredentials)state.clientCredentials; + + /* + * RFC 5246 4.7. digitally-signed element needs SignatureAndHashAlgorithm from TLS 1.2 + */ + SignatureAndHashAlgorithm signatureAndHashAlgorithm = TlsUtilities.GetSignatureAndHashAlgorithm( + state.clientContext, signerCredentials); + + byte[] hash; + if (signatureAndHashAlgorithm == null) + { + hash = securityParameters.SessionHash; + } + else + { + hash = prepareFinishHash.GetFinalHash(signatureAndHashAlgorithm.Hash); + } + + byte[] signature = signerCredentials.GenerateCertificateSignature(hash); + DigitallySigned certificateVerify = new DigitallySigned(signatureAndHashAlgorithm, signature); + byte[] certificateVerifyBody = GenerateCertificateVerify(state, certificateVerify); + handshake.SendMessage(HandshakeType.certificate_verify, certificateVerifyBody); + } + + // NOTE: Calculated exclusive of the Finished message itself + byte[] clientVerifyData = TlsUtilities.CalculateVerifyData(state.clientContext, ExporterLabel.client_finished, + TlsProtocol.GetCurrentPrfHash(state.clientContext, handshake.HandshakeHash, null)); + handshake.SendMessage(HandshakeType.finished, clientVerifyData); + + if (state.expectSessionTicket) + { + serverMessage = handshake.ReceiveMessage(); + if (serverMessage.Type == HandshakeType.session_ticket) + { + ProcessNewSessionTicket(state, serverMessage.Body); + } + else + { + throw new TlsFatalAlert(AlertDescription.unexpected_message); + } + } + + // NOTE: Calculated exclusive of the actual Finished message from the server + byte[] expectedServerVerifyData = TlsUtilities.CalculateVerifyData(state.clientContext, ExporterLabel.server_finished, + TlsProtocol.GetCurrentPrfHash(state.clientContext, handshake.HandshakeHash, null)); + ProcessFinished(handshake.ReceiveMessageBody(HandshakeType.finished), expectedServerVerifyData); + + handshake.Finish(); + + if (state.tlsSession != null) + { + state.sessionParameters = new SessionParameters.Builder() + .SetCipherSuite(securityParameters.CipherSuite) + .SetCompressionAlgorithm(securityParameters.CompressionAlgorithm) + .SetExtendedMasterSecret(securityParameters.IsExtendedMasterSecret) + .SetMasterSecret(securityParameters.MasterSecret) + .SetPeerCertificate(serverCertificate) + .SetPskIdentity(securityParameters.PskIdentity) + .SetSrpIdentity(securityParameters.SrpIdentity) + // TODO Consider filtering extensions that aren't relevant to resumed sessions + .SetServerExtensions(state.serverExtensions) + .Build(); + + state.tlsSession = TlsUtilities.ImportSession(state.tlsSession.SessionID, state.sessionParameters); + + state.clientContext.SetResumableSession(state.tlsSession); + } + + state.client.NotifyHandshakeComplete(); + + return new DtlsTransport(recordLayer); + } + + protected virtual byte[] GenerateCertificateVerify(ClientHandshakeState state, DigitallySigned certificateVerify) + { + MemoryStream buf = new MemoryStream(); + certificateVerify.Encode(buf); + return buf.ToArray(); + } + + protected virtual byte[] GenerateClientHello(ClientHandshakeState state, TlsClient client) + { + ProtocolVersion client_version = client.ClientVersion; + if (!client_version.IsDtls) + throw new TlsFatalAlert(AlertDescription.internal_error); + + TlsClientContextImpl context = state.clientContext; + + context.SetClientVersion(client_version); + + SecurityParameters securityParameters = context.SecurityParameters; + + // Session ID + byte[] session_id = TlsUtilities.EmptyBytes; + if (state.tlsSession != null) + { + session_id = state.tlsSession.SessionID; + if (session_id == null || session_id.Length > 32) + { + session_id = TlsUtilities.EmptyBytes; + } + } + + bool fallback = client.IsFallback; + + state.offeredCipherSuites = client.GetCipherSuites(); + + if (session_id.Length > 0 && state.sessionParameters != null) + { + if (!state.sessionParameters.IsExtendedMasterSecret + || !Arrays.Contains(state.offeredCipherSuites, state.sessionParameters.CipherSuite) + || CompressionMethod.cls_null != state.sessionParameters.CompressionAlgorithm) + { + session_id = TlsUtilities.EmptyBytes; + } + } + + state.clientExtensions = TlsExtensionsUtilities.EnsureExtensionsInitialised(client.GetClientExtensions()); + + TlsExtensionsUtilities.AddExtendedMasterSecretExtension(state.clientExtensions); + + MemoryStream buf = new MemoryStream(); + + TlsUtilities.WriteVersion(client_version, buf); + + buf.Write(securityParameters.ClientRandom, 0, securityParameters.ClientRandom.Length); + + TlsUtilities.WriteOpaque8(session_id, buf); + + // Cookie + TlsUtilities.WriteOpaque8(TlsUtilities.EmptyBytes, buf); + + // Cipher Suites (and SCSV) + { + /* + * RFC 5746 3.4. The client MUST include either an empty "renegotiation_info" extension, + * or the TLS_EMPTY_RENEGOTIATION_INFO_SCSV signaling cipher suite value in the + * ClientHello. Including both is NOT RECOMMENDED. + */ + byte[] renegExtData = TlsUtilities.GetExtensionData(state.clientExtensions, ExtensionType.renegotiation_info); + bool noRenegExt = (null == renegExtData); + + bool noRenegSCSV = !Arrays.Contains(state.offeredCipherSuites, CipherSuite.TLS_EMPTY_RENEGOTIATION_INFO_SCSV); + + if (noRenegExt && noRenegSCSV) + { + // TODO Consider whether to default to a client extension instead + state.offeredCipherSuites = Arrays.Append(state.offeredCipherSuites, CipherSuite.TLS_EMPTY_RENEGOTIATION_INFO_SCSV); + } + + /* + * RFC 7507 4. If a client sends a ClientHello.client_version containing a lower value + * than the latest (highest-valued) version supported by the client, it SHOULD include + * the TLS_FALLBACK_SCSV cipher suite value in ClientHello.cipher_suites [..]. (The + * client SHOULD put TLS_FALLBACK_SCSV after all cipher suites that it actually intends + * to negotiate.) + */ + if (fallback && !Arrays.Contains(state.offeredCipherSuites, CipherSuite.TLS_FALLBACK_SCSV)) + { + state.offeredCipherSuites = Arrays.Append(state.offeredCipherSuites, CipherSuite.TLS_FALLBACK_SCSV); + } + + TlsUtilities.WriteUint16ArrayWithUint16Length(state.offeredCipherSuites, buf); + } + + TlsUtilities.WriteUint8ArrayWithUint8Length(new byte[]{ CompressionMethod.cls_null }, buf); + + TlsProtocol.WriteExtensions(buf, state.clientExtensions); + + return buf.ToArray(); + } + + protected virtual byte[] GenerateClientKeyExchange(ClientHandshakeState state) + { + MemoryStream buf = new MemoryStream(); + state.keyExchange.GenerateClientKeyExchange(buf); + return buf.ToArray(); + } + + protected virtual void InvalidateSession(ClientHandshakeState state) + { + if (state.sessionParameters != null) + { + state.sessionParameters.Clear(); + state.sessionParameters = null; + } + + if (state.tlsSession != null) + { + state.tlsSession.Invalidate(); + state.tlsSession = null; + } + } + + protected virtual void ProcessCertificateRequest(ClientHandshakeState state, byte[] body) + { + if (state.authentication == null) + { + /* + * RFC 2246 7.4.4. It is a fatal handshake_failure alert for an anonymous server to + * request client identification. + */ + throw new TlsFatalAlert(AlertDescription.handshake_failure); + } + + MemoryStream buf = new MemoryStream(body, false); + + state.certificateRequest = CertificateRequest.Parse(state.clientContext, buf); + + TlsProtocol.AssertEmpty(buf); + + state.keyExchange.ValidateCertificateRequest(state.certificateRequest); + } + + protected virtual void ProcessCertificateStatus(ClientHandshakeState state, byte[] body) + { + if (!state.allowCertificateStatus) + { + /* + * RFC 3546 3.6. If a server returns a "CertificateStatus" message, then the + * server MUST have included an extension of type "status_request" with empty + * "extension_data" in the extended server hello.. + */ + throw new TlsFatalAlert(AlertDescription.unexpected_message); + } + + MemoryStream buf = new MemoryStream(body, false); + + state.certificateStatus = CertificateStatus.Parse(buf); + + TlsProtocol.AssertEmpty(buf); + + // TODO[RFC 3546] Figure out how to provide this to the client/authentication. + } + + protected virtual byte[] ProcessHelloVerifyRequest(ClientHandshakeState state, byte[] body) + { + MemoryStream buf = new MemoryStream(body, false); + + ProtocolVersion server_version = TlsUtilities.ReadVersion(buf); + byte[] cookie = TlsUtilities.ReadOpaque8(buf); + + TlsProtocol.AssertEmpty(buf); + + // TODO Seems this behaviour is not yet in line with OpenSSL for DTLS 1.2 + // reportServerVersion(state, server_version); + if (!server_version.IsEqualOrEarlierVersionOf(state.clientContext.ClientVersion)) + throw new TlsFatalAlert(AlertDescription.illegal_parameter); + + /* + * RFC 6347 This specification increases the cookie size limit to 255 bytes for greater + * future flexibility. The limit remains 32 for previous versions of DTLS. + */ + if (!ProtocolVersion.DTLSv12.IsEqualOrEarlierVersionOf(server_version) && cookie.Length > 32) + throw new TlsFatalAlert(AlertDescription.illegal_parameter); + + return cookie; + } + + protected virtual void ProcessNewSessionTicket(ClientHandshakeState state, byte[] body) + { + MemoryStream buf = new MemoryStream(body, false); + + NewSessionTicket newSessionTicket = NewSessionTicket.Parse(buf); + + TlsProtocol.AssertEmpty(buf); + + state.client.NotifyNewSessionTicket(newSessionTicket); + } + + protected virtual Certificate ProcessServerCertificate(ClientHandshakeState state, byte[] body) + { + MemoryStream buf = new MemoryStream(body, false); + + Certificate serverCertificate = Certificate.Parse(buf); + + TlsProtocol.AssertEmpty(buf); + + state.keyExchange.ProcessServerCertificate(serverCertificate); + state.authentication = state.client.GetAuthentication(); + state.authentication.NotifyServerCertificate(serverCertificate); + + return serverCertificate; + } + + protected virtual void ProcessServerHello(ClientHandshakeState state, byte[] body) + { + SecurityParameters securityParameters = state.clientContext.SecurityParameters; + + MemoryStream buf = new MemoryStream(body, false); + + { + ProtocolVersion server_version = TlsUtilities.ReadVersion(buf); + ReportServerVersion(state, server_version); + } + + securityParameters.serverRandom = TlsUtilities.ReadFully(32, buf); + + state.selectedSessionID = TlsUtilities.ReadOpaque8(buf); + if (state.selectedSessionID.Length > 32) + throw new TlsFatalAlert(AlertDescription.illegal_parameter); + state.client.NotifySessionID(state.selectedSessionID); + state.resumedSession = state.selectedSessionID.Length > 0 && state.tlsSession != null + && Arrays.AreEqual(state.selectedSessionID, state.tlsSession.SessionID); + + int selectedCipherSuite = TlsUtilities.ReadUint16(buf); + if (!Arrays.Contains(state.offeredCipherSuites, selectedCipherSuite) + || selectedCipherSuite == CipherSuite.TLS_NULL_WITH_NULL_NULL + || CipherSuite.IsScsv(selectedCipherSuite) + || !TlsUtilities.IsValidCipherSuiteForVersion(selectedCipherSuite, state.clientContext.ServerVersion)) + { + throw new TlsFatalAlert(AlertDescription.illegal_parameter); + } + ValidateSelectedCipherSuite(selectedCipherSuite, AlertDescription.illegal_parameter); + state.client.NotifySelectedCipherSuite(selectedCipherSuite); + + byte selectedCompressionMethod = TlsUtilities.ReadUint8(buf); + if (CompressionMethod.cls_null != selectedCompressionMethod) + throw new TlsFatalAlert(AlertDescription.illegal_parameter); + state.client.NotifySelectedCompressionMethod(selectedCompressionMethod); + + /* + * RFC3546 2.2 The extended server hello message format MAY be sent in place of the server + * hello message when the client has requested extended functionality via the extended + * client hello message specified in Section 2.1. ... Note that the extended server hello + * message is only sent in response to an extended client hello message. This prevents the + * possibility that the extended server hello message could "break" existing TLS 1.0 + * clients. + */ + + /* + * TODO RFC 3546 2.3 If [...] the older session is resumed, then the server MUST ignore + * extensions appearing in the client hello, and send a server hello containing no + * extensions. + */ + + // Integer -> byte[] + state.serverExtensions = TlsProtocol.ReadExtensions(buf); + + /* + * RFC 7627 4. Clients and servers SHOULD NOT accept handshakes that do not use the extended + * master secret [..]. (and see 5.2, 5.3) + */ + securityParameters.extendedMasterSecret = TlsExtensionsUtilities.HasExtendedMasterSecretExtension(state.serverExtensions); + + if (!securityParameters.IsExtendedMasterSecret + && (state.resumedSession || state.client.RequiresExtendedMasterSecret())) + { + throw new TlsFatalAlert(AlertDescription.handshake_failure); + } + + /* + * RFC 3546 2.2 Note that the extended server hello message is only sent in response to an + * extended client hello message. However, see RFC 5746 exception below. We always include + * the SCSV, so an Extended Server Hello is always allowed. + */ + if (state.serverExtensions != null) + { + foreach (int extType in state.serverExtensions.Keys) + { + /* + * RFC 5746 3.6. Note that sending a "renegotiation_info" extension in response to a + * ClientHello containing only the SCSV is an explicit exception to the prohibition + * in RFC 5246, Section 7.4.1.4, on the server sending unsolicited extensions and is + * only allowed because the client is signaling its willingness to receive the + * extension via the TLS_EMPTY_RENEGOTIATION_INFO_SCSV SCSV. + */ + if (extType == ExtensionType.renegotiation_info) + continue; + + /* + * RFC 5246 7.4.1.4 An extension type MUST NOT appear in the ServerHello unless the + * same extension type appeared in the corresponding ClientHello. If a client + * receives an extension type in ServerHello that it did not request in the + * associated ClientHello, it MUST abort the handshake with an unsupported_extension + * fatal alert. + */ + if (null == TlsUtilities.GetExtensionData(state.clientExtensions, extType)) + throw new TlsFatalAlert(AlertDescription.unsupported_extension); + + /* + * RFC 3546 2.3. If [...] the older session is resumed, then the server MUST ignore + * extensions appearing in the client hello, and send a server hello containing no + * extensions[.] + */ + if (state.resumedSession) + { + // TODO[compat-gnutls] GnuTLS test server sends server extensions e.g. ec_point_formats + // TODO[compat-openssl] OpenSSL test server sends server extensions e.g. ec_point_formats + // TODO[compat-polarssl] PolarSSL test server sends server extensions e.g. ec_point_formats + //throw new TlsFatalAlert(AlertDescription.illegal_parameter); + } + } + } + + /* + * RFC 5746 3.4. Client Behavior: Initial Handshake + */ + { + /* + * When a ServerHello is received, the client MUST check if it includes the + * "renegotiation_info" extension: + */ + byte[] renegExtData = TlsUtilities.GetExtensionData(state.serverExtensions, ExtensionType.renegotiation_info); + if (renegExtData != null) + { + /* + * If the extension is present, set the secure_renegotiation flag to TRUE. The + * client MUST then verify that the length of the "renegotiated_connection" + * field is zero, and if it is not, MUST abort the handshake (by sending a fatal + * handshake_failure alert). + */ + state.secure_renegotiation = true; + + if (!Arrays.ConstantTimeAreEqual(renegExtData, TlsProtocol.CreateRenegotiationInfo(TlsUtilities.EmptyBytes))) + throw new TlsFatalAlert(AlertDescription.handshake_failure); + } + } + + // TODO[compat-gnutls] GnuTLS test server fails to send renegotiation_info extension when resuming + state.client.NotifySecureRenegotiation(state.secure_renegotiation); + + IDictionary sessionClientExtensions = state.clientExtensions, sessionServerExtensions = state.serverExtensions; + if (state.resumedSession) + { + if (selectedCipherSuite != state.sessionParameters.CipherSuite + || selectedCompressionMethod != state.sessionParameters.CompressionAlgorithm) + { + throw new TlsFatalAlert(AlertDescription.illegal_parameter); + } + + sessionClientExtensions = null; + sessionServerExtensions = state.sessionParameters.ReadServerExtensions(); + } + + securityParameters.cipherSuite = selectedCipherSuite; + securityParameters.compressionAlgorithm = selectedCompressionMethod; + + if (sessionServerExtensions != null && sessionServerExtensions.Count > 0) + { + { + /* + * RFC 7366 3. If a server receives an encrypt-then-MAC request extension from a client + * and then selects a stream or Authenticated Encryption with Associated Data (AEAD) + * ciphersuite, it MUST NOT send an encrypt-then-MAC response extension back to the + * client. + */ + bool serverSentEncryptThenMAC = TlsExtensionsUtilities.HasEncryptThenMacExtension(sessionServerExtensions); + if (serverSentEncryptThenMAC && !TlsUtilities.IsBlockCipherSuite(securityParameters.CipherSuite)) + throw new TlsFatalAlert(AlertDescription.illegal_parameter); + securityParameters.encryptThenMac = serverSentEncryptThenMAC; + } + + securityParameters.maxFragmentLength = EvaluateMaxFragmentLengthExtension(state.resumedSession, + sessionClientExtensions, sessionServerExtensions, AlertDescription.illegal_parameter); + + securityParameters.truncatedHMac = TlsExtensionsUtilities.HasTruncatedHMacExtension(sessionServerExtensions); + + /* + * TODO It's surprising that there's no provision to allow a 'fresh' CertificateStatus to be + * sent in a session resumption handshake. + */ + state.allowCertificateStatus = !state.resumedSession + && TlsUtilities.HasExpectedEmptyExtensionData(sessionServerExtensions, ExtensionType.status_request, + AlertDescription.illegal_parameter); + + state.expectSessionTicket = !state.resumedSession + && TlsUtilities.HasExpectedEmptyExtensionData(sessionServerExtensions, ExtensionType.session_ticket, + AlertDescription.illegal_parameter); + } + + if (sessionClientExtensions != null) + { + state.client.ProcessServerExtensions(sessionServerExtensions); + } + + securityParameters.prfAlgorithm = TlsProtocol.GetPrfAlgorithm(state.clientContext, + securityParameters.CipherSuite); + + /* + * RFC 5246 7.4.9. Any cipher suite which does not explicitly specify verify_data_length has + * a verify_data_length equal to 12. This includes all existing cipher suites. + */ + securityParameters.verifyDataLength = 12; + } + + protected virtual void ProcessServerKeyExchange(ClientHandshakeState state, byte[] body) + { + MemoryStream buf = new MemoryStream(body, false); + + state.keyExchange.ProcessServerKeyExchange(buf); + + TlsProtocol.AssertEmpty(buf); + } + + protected virtual void ProcessServerSupplementalData(ClientHandshakeState state, byte[] body) + { + MemoryStream buf = new MemoryStream(body, false); + IList serverSupplementalData = TlsProtocol.ReadSupplementalDataMessage(buf); + state.client.ProcessServerSupplementalData(serverSupplementalData); + } + + protected virtual void ReportServerVersion(ClientHandshakeState state, ProtocolVersion server_version) + { + TlsClientContextImpl clientContext = state.clientContext; + ProtocolVersion currentServerVersion = clientContext.ServerVersion; + if (null == currentServerVersion) + { + clientContext.SetServerVersion(server_version); + state.client.NotifyServerVersion(server_version); + } + else if (!currentServerVersion.Equals(server_version)) + { + throw new TlsFatalAlert(AlertDescription.illegal_parameter); + } + } + + protected static byte[] PatchClientHelloWithCookie(byte[] clientHelloBody, byte[] cookie) + { + int sessionIDPos = 34; + int sessionIDLength = TlsUtilities.ReadUint8(clientHelloBody, sessionIDPos); + + int cookieLengthPos = sessionIDPos + 1 + sessionIDLength; + int cookiePos = cookieLengthPos + 1; + + byte[] patched = new byte[clientHelloBody.Length + cookie.Length]; + Array.Copy(clientHelloBody, 0, patched, 0, cookieLengthPos); + TlsUtilities.CheckUint8(cookie.Length); + TlsUtilities.WriteUint8((byte)cookie.Length, patched, cookieLengthPos); + Array.Copy(cookie, 0, patched, cookiePos, cookie.Length); + Array.Copy(clientHelloBody, cookiePos, patched, cookiePos + cookie.Length, clientHelloBody.Length - cookiePos); + + return patched; + } + + protected internal class ClientHandshakeState + { + internal TlsClient client = null; + internal TlsClientContextImpl clientContext = null; + internal TlsSession tlsSession = null; + internal SessionParameters sessionParameters = null; + internal SessionParameters.Builder sessionParametersBuilder = null; + internal int[] offeredCipherSuites = null; + internal IDictionary clientExtensions = null; + internal IDictionary serverExtensions = null; + internal byte[] selectedSessionID = null; + internal bool resumedSession = false; + internal bool secure_renegotiation = false; + internal bool allowCertificateStatus = false; + internal bool expectSessionTicket = false; + internal TlsKeyExchange keyExchange = null; + internal TlsAuthentication authentication = null; + internal CertificateStatus certificateStatus = null; + internal CertificateRequest certificateRequest = null; + internal TlsCredentials clientCredentials = null; + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/tls/DtlsEpoch.cs b/BouncyCastle/crypto/src/crypto/tls/DtlsEpoch.cs new file mode 100644 index 0000000..af14035 --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/tls/DtlsEpoch.cs @@ -0,0 +1,56 @@ +using System; + +namespace Org.BouncyCastle.Crypto.Tls +{ + internal class DtlsEpoch + { + private readonly DtlsReplayWindow mReplayWindow = new DtlsReplayWindow(); + + private readonly int mEpoch; + private readonly TlsCipher mCipher; + + private long mSequenceNumber = 0; + + internal DtlsEpoch(int epoch, TlsCipher cipher) + { + if (epoch < 0) + throw new ArgumentException("must be >= 0", "epoch"); + if (cipher == null) + throw new ArgumentNullException("cipher"); + + this.mEpoch = epoch; + this.mCipher = cipher; + } + + internal long AllocateSequenceNumber() + { + lock (this) + { + if (mSequenceNumber >= (1L << 48)) + throw new TlsFatalAlert(AlertDescription.internal_error); + + return mSequenceNumber++; + } + } + + internal TlsCipher Cipher + { + get { return mCipher; } + } + + internal int Epoch + { + get { return mEpoch; } + } + + internal DtlsReplayWindow ReplayWindow + { + get { return mReplayWindow; } + } + + internal long SequenceNumber + { + get { lock(this) return mSequenceNumber; } + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/tls/DtlsHandshakeRetransmit.cs b/BouncyCastle/crypto/src/crypto/tls/DtlsHandshakeRetransmit.cs new file mode 100644 index 0000000..8bfae78 --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/tls/DtlsHandshakeRetransmit.cs @@ -0,0 +1,11 @@ +using System; +using System.IO; + +namespace Org.BouncyCastle.Crypto.Tls +{ + interface DtlsHandshakeRetransmit + { + /// + void ReceivedHandshakeRecord(int epoch, byte[] buf, int off, int len); + } +} diff --git a/BouncyCastle/crypto/src/crypto/tls/DtlsProtocol.cs b/BouncyCastle/crypto/src/crypto/tls/DtlsProtocol.cs new file mode 100644 index 0000000..e4ebd43 --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/tls/DtlsProtocol.cs @@ -0,0 +1,92 @@ +using System; +using System.Collections; +using System.IO; + +using Org.BouncyCastle.Security; +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Crypto.Tls +{ + public abstract class DtlsProtocol + { + protected readonly SecureRandom mSecureRandom; + + protected DtlsProtocol(SecureRandom secureRandom) + { + if (secureRandom == null) + throw new ArgumentNullException("secureRandom"); + + this.mSecureRandom = secureRandom; + } + + /// + protected virtual void ProcessFinished(byte[] body, byte[] expected_verify_data) + { + MemoryStream buf = new MemoryStream(body, false); + + byte[] verify_data = TlsUtilities.ReadFully(expected_verify_data.Length, buf); + + TlsProtocol.AssertEmpty(buf); + + if (!Arrays.ConstantTimeAreEqual(expected_verify_data, verify_data)) + throw new TlsFatalAlert(AlertDescription.handshake_failure); + } + + /// + internal static void ApplyMaxFragmentLengthExtension(DtlsRecordLayer recordLayer, short maxFragmentLength) + { + if (maxFragmentLength >= 0) + { + if (!MaxFragmentLength.IsValid((byte)maxFragmentLength)) + throw new TlsFatalAlert(AlertDescription.internal_error); + + int plainTextLimit = 1 << (8 + maxFragmentLength); + recordLayer.SetPlaintextLimit(plainTextLimit); + } + } + + /// + protected static short EvaluateMaxFragmentLengthExtension(bool resumedSession, IDictionary clientExtensions, + IDictionary serverExtensions, byte alertDescription) + { + short maxFragmentLength = TlsExtensionsUtilities.GetMaxFragmentLengthExtension(serverExtensions); + if (maxFragmentLength >= 0) + { + if (!MaxFragmentLength.IsValid((byte)maxFragmentLength) + || (!resumedSession && maxFragmentLength != TlsExtensionsUtilities + .GetMaxFragmentLengthExtension(clientExtensions))) + { + throw new TlsFatalAlert(alertDescription); + } + } + return maxFragmentLength; + } + + /// + protected static byte[] GenerateCertificate(Certificate certificate) + { + MemoryStream buf = new MemoryStream(); + certificate.Encode(buf); + return buf.ToArray(); + } + + /// + protected static byte[] GenerateSupplementalData(IList supplementalData) + { + MemoryStream buf = new MemoryStream(); + TlsProtocol.WriteSupplementalData(buf, supplementalData); + return buf.ToArray(); + } + + /// + protected static void ValidateSelectedCipherSuite(int selectedCipherSuite, byte alertDescription) + { + switch (TlsUtilities.GetEncryptionAlgorithm(selectedCipherSuite)) + { + case EncryptionAlgorithm.RC4_40: + case EncryptionAlgorithm.RC4_128: + throw new TlsFatalAlert(alertDescription); + } + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/tls/DtlsReassembler.cs b/BouncyCastle/crypto/src/crypto/tls/DtlsReassembler.cs new file mode 100644 index 0000000..11fe609 --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/tls/DtlsReassembler.cs @@ -0,0 +1,125 @@ +using System; +using System.Collections; + +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Crypto.Tls +{ + class DtlsReassembler + { + private readonly byte mMsgType; + private readonly byte[] mBody; + + private readonly IList mMissing = Platform.CreateArrayList(); + + internal DtlsReassembler(byte msg_type, int length) + { + this.mMsgType = msg_type; + this.mBody = new byte[length]; + this.mMissing.Add(new Range(0, length)); + } + + internal byte MsgType + { + get { return mMsgType; } + } + + internal byte[] GetBodyIfComplete() + { + return mMissing.Count == 0 ? mBody : null; + } + + internal void ContributeFragment(byte msg_type, int length, byte[] buf, int off, int fragment_offset, + int fragment_length) + { + int fragment_end = fragment_offset + fragment_length; + + if (this.mMsgType != msg_type || this.mBody.Length != length || fragment_end > length) + { + return; + } + + if (fragment_length == 0) + { + // NOTE: Empty messages still require an empty fragment to complete it + if (fragment_offset == 0 && mMissing.Count > 0) + { + Range firstRange = (Range)mMissing[0]; + if (firstRange.End == 0) + { + mMissing.RemoveAt(0); + } + } + return; + } + + for (int i = 0; i < mMissing.Count; ++i) + { + Range range = (Range)mMissing[i]; + if (range.Start >= fragment_end) + { + break; + } + if (range.End > fragment_offset) + { + + int copyStart = System.Math.Max(range.Start, fragment_offset); + int copyEnd = System.Math.Min(range.End, fragment_end); + int copyLength = copyEnd - copyStart; + + Array.Copy(buf, off + copyStart - fragment_offset, mBody, copyStart, + copyLength); + + if (copyStart == range.Start) + { + if (copyEnd == range.End) + { + mMissing.RemoveAt(i--); + } + else + { + range.Start = copyEnd; + } + } + else + { + if (copyEnd != range.End) + { + mMissing.Insert(++i, new Range(copyEnd, range.End)); + } + range.End = copyStart; + } + } + } + } + + internal void Reset() + { + this.mMissing.Clear(); + this.mMissing.Add(new Range(0, mBody.Length)); + } + + private class Range + { + private int mStart, mEnd; + + internal Range(int start, int end) + { + this.mStart = start; + this.mEnd = end; + } + + public int Start + { + get { return mStart; } + set { this.mStart = value; } + } + + public int End + { + get { return mEnd; } + set { this.mEnd = value; } + } + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/tls/DtlsRecordLayer.cs b/BouncyCastle/crypto/src/crypto/tls/DtlsRecordLayer.cs new file mode 100644 index 0000000..69870dd --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/tls/DtlsRecordLayer.cs @@ -0,0 +1,585 @@ +using System; +using System.IO; +#if !PORTABLE || DOTNET +using System.Net.Sockets; +#endif + +using Org.BouncyCastle.Utilities.Date; + +namespace Org.BouncyCastle.Crypto.Tls +{ + internal class DtlsRecordLayer + : DatagramTransport + { + private const int RECORD_HEADER_LENGTH = 13; + private const int MAX_FRAGMENT_LENGTH = 1 << 14; + private const long TCP_MSL = 1000L * 60 * 2; + private const long RETRANSMIT_TIMEOUT = TCP_MSL * 2; + + private static void SendDatagram(DatagramTransport sender, byte[] buf, int off, int len) + { + //try + //{ + // sender.Send(buf, off, len); + //} + //catch (InterruptedIOException e) + //{ + // e.bytesTransferred = 0; + // throw e; + //} + + sender.Send(buf, off, len); + } + + private readonly DatagramTransport mTransport; + private readonly TlsContext mContext; + private readonly TlsPeer mPeer; + + private readonly ByteQueue mRecordQueue = new ByteQueue(); + + private volatile bool mClosed = false; + private volatile bool mFailed = false; + private volatile ProtocolVersion mReadVersion = null, mWriteVersion = null; + private volatile bool mInHandshake; + private volatile int mPlaintextLimit; + private DtlsEpoch mCurrentEpoch, mPendingEpoch; + private DtlsEpoch mReadEpoch, mWriteEpoch; + + private DtlsHandshakeRetransmit mRetransmit = null; + private DtlsEpoch mRetransmitEpoch = null; + private Timeout mRetransmitTimeout = null; + + internal DtlsRecordLayer(DatagramTransport transport, TlsContext context, TlsPeer peer, byte contentType) + { + this.mTransport = transport; + this.mContext = context; + this.mPeer = peer; + + this.mInHandshake = true; + + this.mCurrentEpoch = new DtlsEpoch(0, new TlsNullCipher(context)); + this.mPendingEpoch = null; + this.mReadEpoch = mCurrentEpoch; + this.mWriteEpoch = mCurrentEpoch; + + SetPlaintextLimit(MAX_FRAGMENT_LENGTH); + } + + internal bool IsClosed + { + get { return mClosed; } + } + + internal virtual void SetPlaintextLimit(int plaintextLimit) + { + this.mPlaintextLimit = plaintextLimit; + } + + internal virtual int ReadEpoch + { + get { return mReadEpoch.Epoch; } + } + + internal virtual ProtocolVersion ReadVersion + { + get { return mReadVersion; } + set { this.mReadVersion = value; } + } + + internal virtual void SetWriteVersion(ProtocolVersion writeVersion) + { + this.mWriteVersion = writeVersion; + } + + internal virtual void InitPendingEpoch(TlsCipher pendingCipher) + { + if (mPendingEpoch != null) + throw new InvalidOperationException(); + + /* + * TODO "In order to ensure that any given sequence/epoch pair is unique, implementations + * MUST NOT allow the same epoch value to be reused within two times the TCP maximum segment + * lifetime." + */ + + // TODO Check for overflow + this.mPendingEpoch = new DtlsEpoch(mWriteEpoch.Epoch + 1, pendingCipher); + } + + internal virtual void HandshakeSuccessful(DtlsHandshakeRetransmit retransmit) + { + if (mReadEpoch == mCurrentEpoch || mWriteEpoch == mCurrentEpoch) + { + // TODO + throw new InvalidOperationException(); + } + + if (retransmit != null) + { + this.mRetransmit = retransmit; + this.mRetransmitEpoch = mCurrentEpoch; + this.mRetransmitTimeout = new Timeout(RETRANSMIT_TIMEOUT); + } + + this.mInHandshake = false; + this.mCurrentEpoch = mPendingEpoch; + this.mPendingEpoch = null; + } + + internal virtual void ResetWriteEpoch() + { + if (mRetransmitEpoch != null) + { + this.mWriteEpoch = mRetransmitEpoch; + } + else + { + this.mWriteEpoch = mCurrentEpoch; + } + } + + public virtual int GetReceiveLimit() + { + return System.Math.Min(this.mPlaintextLimit, + mReadEpoch.Cipher.GetPlaintextLimit(mTransport.GetReceiveLimit() - RECORD_HEADER_LENGTH)); + } + + public virtual int GetSendLimit() + { + return System.Math.Min(this.mPlaintextLimit, + mWriteEpoch.Cipher.GetPlaintextLimit(mTransport.GetSendLimit() - RECORD_HEADER_LENGTH)); + } + + public virtual int Receive(byte[] buf, int off, int len, int waitMillis) + { + long currentTimeMillis = DateTimeUtilities.CurrentUnixMs(); + + Timeout timeout = Timeout.ForWaitMillis(waitMillis, currentTimeMillis); + byte[] record = null; + + while (waitMillis >= 0) + { + if (mRetransmitTimeout != null && mRetransmitTimeout.RemainingMillis(currentTimeMillis) < 1) + { + mRetransmit = null; + mRetransmitEpoch = null; + mRetransmitTimeout = null; + } + + int receiveLimit = System.Math.Min(len, GetReceiveLimit()) + RECORD_HEADER_LENGTH; + if (record == null || record.Length < receiveLimit) + { + record = new byte[receiveLimit]; + } + + int received = ReceiveRecord(record, 0, receiveLimit, waitMillis); + int processed = ProcessRecord(received, record, buf, off); + if (processed >= 0) + { + return processed; + } + + currentTimeMillis = DateTimeUtilities.CurrentUnixMs(); + waitMillis = Timeout.GetWaitMillis(timeout, currentTimeMillis); + } + + return -1; + } + + /// + public virtual void Send(byte[] buf, int off, int len) + { + byte contentType = ContentType.application_data; + + if (this.mInHandshake || this.mWriteEpoch == this.mRetransmitEpoch) + { + contentType = ContentType.handshake; + + byte handshakeType = TlsUtilities.ReadUint8(buf, off); + if (handshakeType == HandshakeType.finished) + { + DtlsEpoch nextEpoch = null; + if (this.mInHandshake) + { + nextEpoch = mPendingEpoch; + } + else if (this.mWriteEpoch == this.mRetransmitEpoch) + { + nextEpoch = mCurrentEpoch; + } + + if (nextEpoch == null) + { + // TODO + throw new InvalidOperationException(); + } + + // Implicitly send change_cipher_spec and change to pending cipher state + + // TODO Send change_cipher_spec and finished records in single datagram? + byte[] data = new byte[]{ 1 }; + SendRecord(ContentType.change_cipher_spec, data, 0, data.Length); + + mWriteEpoch = nextEpoch; + } + } + + SendRecord(contentType, buf, off, len); + } + + public virtual void Close() + { + if (!mClosed) + { + if (mInHandshake) + { + Warn(AlertDescription.user_canceled, "User canceled handshake"); + } + CloseTransport(); + } + } + + internal virtual void Failed() + { + if (!mClosed) + { + mFailed = true; + + CloseTransport(); + } + } + + internal virtual void Fail(byte alertDescription) + { + if (!mClosed) + { + try + { + RaiseAlert(AlertLevel.fatal, alertDescription, null, null); + } + catch (Exception) + { + // Ignore + } + + mFailed = true; + + CloseTransport(); + } + } + + internal virtual void Warn(byte alertDescription, string message) + { + RaiseAlert(AlertLevel.warning, alertDescription, message, null); + } + + private void CloseTransport() + { + if (!mClosed) + { + /* + * RFC 5246 7.2.1. Unless some other fatal alert has been transmitted, each party is + * required to send a close_notify alert before closing the write side of the + * connection. The other party MUST respond with a close_notify alert of its own and + * close down the connection immediately, discarding any pending writes. + */ + + try + { + if (!mFailed) + { + Warn(AlertDescription.close_notify, null); + } + mTransport.Close(); + } + catch (Exception) + { + // Ignore + } + + mClosed = true; + } + } + + private void RaiseAlert(byte alertLevel, byte alertDescription, string message, Exception cause) + { + mPeer.NotifyAlertRaised(alertLevel, alertDescription, message, cause); + + byte[] error = new byte[2]; + error[0] = (byte)alertLevel; + error[1] = (byte)alertDescription; + + SendRecord(ContentType.alert, error, 0, 2); + } + + private int ReceiveDatagram(byte[] buf, int off, int len, int waitMillis) + { + try + { + return mTransport.Receive(buf, off, len, waitMillis); + } + catch (TlsTimeoutException) + { + return -1; + } +#if !PORTABLE || DOTNET + catch (SocketException e) + { + if (TlsUtilities.IsTimeout(e)) + return -1; + + throw e; + } +#endif + //catch (InterruptedIOException e) + //{ + // e.bytesTransferred = 0; + // throw e; + //} + } + + private int ProcessRecord(int received, byte[] record, byte[] buf, int off) + { + // NOTE: received < 0 (timeout) is covered by this first case + if (received < RECORD_HEADER_LENGTH) + { + return -1; + } + int length = TlsUtilities.ReadUint16(record, 11); + if (received != (length + RECORD_HEADER_LENGTH)) + { + return -1; + } + + byte type = TlsUtilities.ReadUint8(record, 0); + + switch (type) + { + case ContentType.alert: + case ContentType.application_data: + case ContentType.change_cipher_spec: + case ContentType.handshake: + case ContentType.heartbeat: + break; + default: + return -1; + } + + int epoch = TlsUtilities.ReadUint16(record, 3); + + DtlsEpoch recordEpoch = null; + if (epoch == mReadEpoch.Epoch) + { + recordEpoch = mReadEpoch; + } + else if (type == ContentType.handshake && mRetransmitEpoch != null + && epoch == mRetransmitEpoch.Epoch) + { + recordEpoch = mRetransmitEpoch; + } + + if (recordEpoch == null) + { + return -1; + } + + long seq = TlsUtilities.ReadUint48(record, 5); + if (recordEpoch.ReplayWindow.ShouldDiscard(seq)) + { + return -1; + } + + ProtocolVersion version = TlsUtilities.ReadVersion(record, 1); + if (!version.IsDtls) + { + return -1; + } + + if (mReadVersion != null && !mReadVersion.Equals(version)) + { + return -1; + } + + byte[] plaintext = recordEpoch.Cipher.DecodeCiphertext( + GetMacSequenceNumber(recordEpoch.Epoch, seq), type, record, RECORD_HEADER_LENGTH, + received - RECORD_HEADER_LENGTH); + + recordEpoch.ReplayWindow.ReportAuthenticated(seq); + + if (plaintext.Length > this.mPlaintextLimit) + { + return -1; + } + + if (mReadVersion == null) + { + mReadVersion = version; + } + + switch (type) + { + case ContentType.alert: + { + if (plaintext.Length == 2) + { + byte alertLevel = plaintext[0]; + byte alertDescription = plaintext[1]; + + mPeer.NotifyAlertReceived(alertLevel, alertDescription); + + if (alertLevel == AlertLevel.fatal) + { + Failed(); + throw new TlsFatalAlert(alertDescription); + } + + // TODO Can close_notify be a fatal alert? + if (alertDescription == AlertDescription.close_notify) + { + CloseTransport(); + } + } + + return -1; + } + case ContentType.application_data: + { + if (mInHandshake) + { + // TODO Consider buffering application data for new epoch that arrives + // out-of-order with the Finished message + return -1; + } + break; + } + case ContentType.change_cipher_spec: + { + // Implicitly receive change_cipher_spec and change to pending cipher state + + for (int i = 0; i < plaintext.Length; ++i) + { + byte message = TlsUtilities.ReadUint8(plaintext, i); + if (message != ChangeCipherSpec.change_cipher_spec) + { + continue; + } + + if (mPendingEpoch != null) + { + mReadEpoch = mPendingEpoch; + } + } + + return -1; + } + case ContentType.handshake: + { + if (!mInHandshake) + { + if (mRetransmit != null) + { + mRetransmit.ReceivedHandshakeRecord(epoch, plaintext, 0, plaintext.Length); + } + + // TODO Consider support for HelloRequest + return -1; + } + break; + } + case ContentType.heartbeat: + { + // TODO[RFC 6520] + return -1; + } + } + + /* + * NOTE: If we receive any non-handshake data in the new epoch implies the peer has + * received our final flight. + */ + if (!mInHandshake && mRetransmit != null) + { + this.mRetransmit = null; + this.mRetransmitEpoch = null; + this.mRetransmitTimeout = null; + } + + Array.Copy(plaintext, 0, buf, off, plaintext.Length); + return plaintext.Length; + } + + private int ReceiveRecord(byte[] buf, int off, int len, int waitMillis) + { + if (mRecordQueue.Available > 0) + { + int length = 0; + if (mRecordQueue.Available >= RECORD_HEADER_LENGTH) + { + byte[] lengthBytes = new byte[2]; + mRecordQueue.Read(lengthBytes, 0, 2, 11); + length = TlsUtilities.ReadUint16(lengthBytes, 0); + } + + int received = System.Math.Min(mRecordQueue.Available, RECORD_HEADER_LENGTH + length); + mRecordQueue.RemoveData(buf, off, received, 0); + return received; + } + + { + int received = ReceiveDatagram(buf, off, len, waitMillis); + if (received >= RECORD_HEADER_LENGTH) + { + int fragmentLength = TlsUtilities.ReadUint16(buf, off + 11); + int recordLength = RECORD_HEADER_LENGTH + fragmentLength; + if (received > recordLength) + { + mRecordQueue.AddData(buf, off + recordLength, received - recordLength); + received = recordLength; + } + } + return received; + } + } + + private void SendRecord(byte contentType, byte[] buf, int off, int len) + { + // Never send anything until a valid ClientHello has been received + if (mWriteVersion == null) + return; + + if (len > this.mPlaintextLimit) + throw new TlsFatalAlert(AlertDescription.internal_error); + + /* + * RFC 5246 6.2.1 Implementations MUST NOT send zero-length fragments of Handshake, Alert, + * or ChangeCipherSpec content types. + */ + if (len < 1 && contentType != ContentType.application_data) + throw new TlsFatalAlert(AlertDescription.internal_error); + + int recordEpoch = mWriteEpoch.Epoch; + long recordSequenceNumber = mWriteEpoch.AllocateSequenceNumber(); + + byte[] ciphertext = mWriteEpoch.Cipher.EncodePlaintext( + GetMacSequenceNumber(recordEpoch, recordSequenceNumber), contentType, buf, off, len); + + // TODO Check the ciphertext length? + + byte[] record = new byte[ciphertext.Length + RECORD_HEADER_LENGTH]; + TlsUtilities.WriteUint8(contentType, record, 0); + ProtocolVersion version = mWriteVersion; + TlsUtilities.WriteVersion(version, record, 1); + TlsUtilities.WriteUint16(recordEpoch, record, 3); + TlsUtilities.WriteUint48(recordSequenceNumber, record, 5); + TlsUtilities.WriteUint16(ciphertext.Length, record, 11); + Array.Copy(ciphertext, 0, record, RECORD_HEADER_LENGTH, ciphertext.Length); + + SendDatagram(mTransport, record, 0, record.Length); + } + + private static long GetMacSequenceNumber(int epoch, long sequence_number) + { + return ((epoch & 0xFFFFFFFFL) << 48) | sequence_number; + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/tls/DtlsReliableHandshake.cs b/BouncyCastle/crypto/src/crypto/tls/DtlsReliableHandshake.cs new file mode 100644 index 0000000..4fc3513 --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/tls/DtlsReliableHandshake.cs @@ -0,0 +1,449 @@ +using System; +using System.Collections; +using System.IO; + +using Org.BouncyCastle.Utilities; +using Org.BouncyCastle.Utilities.Date; + +namespace Org.BouncyCastle.Crypto.Tls +{ + internal class DtlsReliableHandshake + { + private const int MaxReceiveAhead = 16; + private const int MessageHeaderLength = 12; + + private const int InitialResendMillis = 1000; + private const int MaxResendMillis = 60000; + + private readonly DtlsRecordLayer mRecordLayer; + private readonly Timeout mHandshakeTimeout; + + private TlsHandshakeHash mHandshakeHash; + + private IDictionary mCurrentInboundFlight = Platform.CreateHashtable(); + private IDictionary mPreviousInboundFlight = null; + private IList mOutboundFlight = Platform.CreateArrayList(); + + private int mResendMillis = -1; + private Timeout mResendTimeout = null; + + private int mMessageSeq = 0, mNextReceiveSeq = 0; + + internal DtlsReliableHandshake(TlsContext context, DtlsRecordLayer transport, int timeoutMillis) + { + this.mRecordLayer = transport; + this.mHandshakeTimeout = Timeout.ForWaitMillis(timeoutMillis); + this.mHandshakeHash = new DeferredHash(); + this.mHandshakeHash.Init(context); + } + + internal void NotifyHelloComplete() + { + this.mHandshakeHash = mHandshakeHash.NotifyPrfDetermined(); + } + + internal TlsHandshakeHash HandshakeHash + { + get { return mHandshakeHash; } + } + + internal TlsHandshakeHash PrepareToFinish() + { + TlsHandshakeHash result = mHandshakeHash; + this.mHandshakeHash = mHandshakeHash.StopTracking(); + return result; + } + + internal void SendMessage(byte msg_type, byte[] body) + { + TlsUtilities.CheckUint24(body.Length); + + if (mResendTimeout != null) + { + CheckInboundFlight(); + + mResendMillis = -1; + mResendTimeout = null; + + mOutboundFlight.Clear(); + } + + Message message = new Message(mMessageSeq++, msg_type, body); + + mOutboundFlight.Add(message); + + WriteMessage(message); + UpdateHandshakeMessagesDigest(message); + } + + internal byte[] ReceiveMessageBody(byte msg_type) + { + Message message = ReceiveMessage(); + if (message.Type != msg_type) + throw new TlsFatalAlert(AlertDescription.unexpected_message); + + return message.Body; + } + + internal Message ReceiveMessage() + { + long currentTimeMillis = DateTimeUtilities.CurrentUnixMs(); + + if (mResendTimeout == null) + { + mResendMillis = InitialResendMillis; + mResendTimeout = new Timeout(mResendMillis, currentTimeMillis); + + PrepareInboundFlight(Platform.CreateHashtable()); + } + + byte[] buf = null; + + for (;;) + { + if (mRecordLayer.IsClosed) + throw new TlsFatalAlert(AlertDescription.user_canceled); + + Message pending = GetPendingMessage(); + if (pending != null) + return pending; + + int handshakeMillis = Timeout.GetWaitMillis(mHandshakeTimeout, currentTimeMillis); + if (handshakeMillis < 0) + throw new TlsFatalAlert(AlertDescription.handshake_failure); + + int waitMillis = System.Math.Max(1, Timeout.GetWaitMillis(mResendTimeout, currentTimeMillis)); + if (handshakeMillis > 0) + { + waitMillis = System.Math.Min(waitMillis, handshakeMillis); + } + + int receiveLimit = mRecordLayer.GetReceiveLimit(); + if (buf == null || buf.Length < receiveLimit) + { + buf = new byte[receiveLimit]; + } + + int received = mRecordLayer.Receive(buf, 0, receiveLimit, waitMillis); + if (received < 0) + { + ResendOutboundFlight(); + } + else + { + ProcessRecord(MaxReceiveAhead, mRecordLayer.ReadEpoch, buf, 0, received); + } + + currentTimeMillis = DateTimeUtilities.CurrentUnixMs(); + } + } + + internal void Finish() + { + DtlsHandshakeRetransmit retransmit = null; + if (mResendTimeout != null) + { + CheckInboundFlight(); + } + else + { + PrepareInboundFlight(null); + + if (mPreviousInboundFlight != null) + { + /* + * RFC 6347 4.2.4. In addition, for at least twice the default MSL defined for [TCP], + * when in the FINISHED state, the node that transmits the last flight (the server in an + * ordinary handshake or the client in a resumed handshake) MUST respond to a retransmit + * of the peer's last flight with a retransmit of the last flight. + */ + retransmit = new Retransmit(this); + } + } + + mRecordLayer.HandshakeSuccessful(retransmit); + } + + internal void ResetHandshakeMessagesDigest() + { + mHandshakeHash.Reset(); + } + + private int BackOff(int timeoutMillis) + { + /* + * TODO[DTLS] implementations SHOULD back off handshake packet size during the + * retransmit backoff. + */ + return System.Math.Min(timeoutMillis * 2, MaxResendMillis); + } + + /** + * Check that there are no "extra" messages left in the current inbound flight + */ + private void CheckInboundFlight() + { + foreach (int key in mCurrentInboundFlight.Keys) + { + if (key >= mNextReceiveSeq) + { + // TODO Should this be considered an error? + } + } + } + + private Message GetPendingMessage() + { + DtlsReassembler next = (DtlsReassembler)mCurrentInboundFlight[mNextReceiveSeq]; + if (next != null) + { + byte[] body = next.GetBodyIfComplete(); + if (body != null) + { + mPreviousInboundFlight = null; + return UpdateHandshakeMessagesDigest(new Message(mNextReceiveSeq++, next.MsgType, body)); + } + } + return null; + } + + private void PrepareInboundFlight(IDictionary nextFlight) + { + ResetAll(mCurrentInboundFlight); + mPreviousInboundFlight = mCurrentInboundFlight; + mCurrentInboundFlight = nextFlight; + } + + private void ProcessRecord(int windowSize, int epoch, byte[] buf, int off, int len) + { + bool checkPreviousFlight = false; + + while (len >= MessageHeaderLength) + { + int fragment_length = TlsUtilities.ReadUint24(buf, off + 9); + int message_length = fragment_length + MessageHeaderLength; + if (len < message_length) + { + // NOTE: Truncated message - ignore it + break; + } + + int length = TlsUtilities.ReadUint24(buf, off + 1); + int fragment_offset = TlsUtilities.ReadUint24(buf, off + 6); + if (fragment_offset + fragment_length > length) + { + // NOTE: Malformed fragment - ignore it and the rest of the record + break; + } + + /* + * NOTE: This very simple epoch check will only work until we want to support + * renegotiation (and we're not likely to do that anyway). + */ + byte msg_type = TlsUtilities.ReadUint8(buf, off + 0); + int expectedEpoch = msg_type == HandshakeType.finished ? 1 : 0; + if (epoch != expectedEpoch) + { + break; + } + + int message_seq = TlsUtilities.ReadUint16(buf, off + 4); + if (message_seq >= (mNextReceiveSeq + windowSize)) + { + // NOTE: Too far ahead - ignore + } + else if (message_seq >= mNextReceiveSeq) + { + DtlsReassembler reassembler = (DtlsReassembler)mCurrentInboundFlight[message_seq]; + if (reassembler == null) + { + reassembler = new DtlsReassembler(msg_type, length); + mCurrentInboundFlight[message_seq] = reassembler; + } + + reassembler.ContributeFragment(msg_type, length, buf, off + MessageHeaderLength, fragment_offset, + fragment_length); + } + else if (mPreviousInboundFlight != null) + { + /* + * NOTE: If we receive the previous flight of incoming messages in full again, + * retransmit our last flight + */ + + DtlsReassembler reassembler = (DtlsReassembler)mPreviousInboundFlight[message_seq]; + if (reassembler != null) + { + reassembler.ContributeFragment(msg_type, length, buf, off + MessageHeaderLength, fragment_offset, + fragment_length); + checkPreviousFlight = true; + } + } + + off += message_length; + len -= message_length; + } + + if (checkPreviousFlight && CheckAll(mPreviousInboundFlight)) + { + ResendOutboundFlight(); + ResetAll(mPreviousInboundFlight); + } + } + + private void ResendOutboundFlight() + { + mRecordLayer.ResetWriteEpoch(); + for (int i = 0; i < mOutboundFlight.Count; ++i) + { + WriteMessage((Message)mOutboundFlight[i]); + } + + mResendMillis = BackOff(mResendMillis); + mResendTimeout = new Timeout(mResendMillis); + } + + private Message UpdateHandshakeMessagesDigest(Message message) + { + if (message.Type != HandshakeType.hello_request) + { + byte[] body = message.Body; + byte[] buf = new byte[MessageHeaderLength]; + TlsUtilities.WriteUint8(message.Type, buf, 0); + TlsUtilities.WriteUint24(body.Length, buf, 1); + TlsUtilities.WriteUint16(message.Seq, buf, 4); + TlsUtilities.WriteUint24(0, buf, 6); + TlsUtilities.WriteUint24(body.Length, buf, 9); + mHandshakeHash.BlockUpdate(buf, 0, buf.Length); + mHandshakeHash.BlockUpdate(body, 0, body.Length); + } + return message; + } + + private void WriteMessage(Message message) + { + int sendLimit = mRecordLayer.GetSendLimit(); + int fragmentLimit = sendLimit - MessageHeaderLength; + + // TODO Support a higher minimum fragment size? + if (fragmentLimit < 1) + { + // TODO Should we be throwing an exception here? + throw new TlsFatalAlert(AlertDescription.internal_error); + } + + int length = message.Body.Length; + + // NOTE: Must still send a fragment if body is empty + int fragment_offset = 0; + do + { + int fragment_length = System.Math.Min(length - fragment_offset, fragmentLimit); + WriteHandshakeFragment(message, fragment_offset, fragment_length); + fragment_offset += fragment_length; + } + while (fragment_offset < length); + } + + private void WriteHandshakeFragment(Message message, int fragment_offset, int fragment_length) + { + RecordLayerBuffer fragment = new RecordLayerBuffer(MessageHeaderLength + fragment_length); + TlsUtilities.WriteUint8(message.Type, fragment); + TlsUtilities.WriteUint24(message.Body.Length, fragment); + TlsUtilities.WriteUint16(message.Seq, fragment); + TlsUtilities.WriteUint24(fragment_offset, fragment); + TlsUtilities.WriteUint24(fragment_length, fragment); + fragment.Write(message.Body, fragment_offset, fragment_length); + + fragment.SendToRecordLayer(mRecordLayer); + } + + private static bool CheckAll(IDictionary inboundFlight) + { + foreach (DtlsReassembler r in inboundFlight.Values) + { + if (r.GetBodyIfComplete() == null) + { + return false; + } + } + return true; + } + + private static void ResetAll(IDictionary inboundFlight) + { + foreach (DtlsReassembler r in inboundFlight.Values) + { + r.Reset(); + } + } + + internal class Message + { + private readonly int mMessageSeq; + private readonly byte mMsgType; + private readonly byte[] mBody; + + internal Message(int message_seq, byte msg_type, byte[] body) + { + this.mMessageSeq = message_seq; + this.mMsgType = msg_type; + this.mBody = body; + } + + public int Seq + { + get { return mMessageSeq; } + } + + public byte Type + { + get { return mMsgType; } + } + + public byte[] Body + { + get { return mBody; } + } + } + + internal class RecordLayerBuffer + : MemoryStream + { + internal RecordLayerBuffer(int size) + : base(size) + { + } + + internal void SendToRecordLayer(DtlsRecordLayer recordLayer) + { +#if PORTABLE + byte[] buf = ToArray(); + int bufLen = buf.Length; +#else + byte[] buf = GetBuffer(); + int bufLen = (int)Length; +#endif + + recordLayer.Send(buf, 0, bufLen); + Platform.Dispose(this); + } + } + + internal class Retransmit + : DtlsHandshakeRetransmit + { + private readonly DtlsReliableHandshake mOuter; + + internal Retransmit(DtlsReliableHandshake outer) + { + this.mOuter = outer; + } + + public void ReceivedHandshakeRecord(int epoch, byte[] buf, int off, int len) + { + mOuter.ProcessRecord(0, epoch, buf, off, len); + } + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/tls/DtlsReplayWindow.cs b/BouncyCastle/crypto/src/crypto/tls/DtlsReplayWindow.cs new file mode 100644 index 0000000..ea18e80 --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/tls/DtlsReplayWindow.cs @@ -0,0 +1,85 @@ +using System; + +namespace Org.BouncyCastle.Crypto.Tls +{ + /** + * RFC 4347 4.1.2.5 Anti-replay + *

+ * Support fast rejection of duplicate records by maintaining a sliding receive window + */ + internal class DtlsReplayWindow + { + private const long VALID_SEQ_MASK = 0x0000FFFFFFFFFFFFL; + + private const long WINDOW_SIZE = 64L; + + private long mLatestConfirmedSeq = -1; + private long mBitmap = 0; + + /** + * Check whether a received record with the given sequence number should be rejected as a duplicate. + * + * @param seq the 48-bit DTLSPlainText.sequence_number field of a received record. + * @return true if the record should be discarded without further processing. + */ + internal bool ShouldDiscard(long seq) + { + if ((seq & VALID_SEQ_MASK) != seq) + return true; + + if (seq <= mLatestConfirmedSeq) + { + long diff = mLatestConfirmedSeq - seq; + if (diff >= WINDOW_SIZE) + return true; + if ((mBitmap & (1L << (int)diff)) != 0) + return true; + } + + return false; + } + + /** + * Report that a received record with the given sequence number passed authentication checks. + * + * @param seq the 48-bit DTLSPlainText.sequence_number field of an authenticated record. + */ + internal void ReportAuthenticated(long seq) + { + if ((seq & VALID_SEQ_MASK) != seq) + throw new ArgumentException("out of range", "seq"); + + if (seq <= mLatestConfirmedSeq) + { + long diff = mLatestConfirmedSeq - seq; + if (diff < WINDOW_SIZE) + { + mBitmap |= (1L << (int)diff); + } + } + else + { + long diff = seq - mLatestConfirmedSeq; + if (diff >= WINDOW_SIZE) + { + mBitmap = 1; + } + else + { + mBitmap <<= (int)diff; + mBitmap |= 1; + } + mLatestConfirmedSeq = seq; + } + } + + /** + * When a new epoch begins, sequence numbers begin again at 0 + */ + internal void Reset() + { + mLatestConfirmedSeq = -1; + mBitmap = 0; + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/tls/DtlsServerProtocol.cs b/BouncyCastle/crypto/src/crypto/tls/DtlsServerProtocol.cs new file mode 100644 index 0000000..b4ed751 --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/tls/DtlsServerProtocol.cs @@ -0,0 +1,719 @@ +using System; +using System.Collections; +using System.IO; + +using Org.BouncyCastle.Asn1.X509; +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Security; +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Crypto.Tls +{ + public class DtlsServerProtocol + : DtlsProtocol + { + protected bool mVerifyRequests = true; + + public DtlsServerProtocol(SecureRandom secureRandom) + : base(secureRandom) + { + } + + public virtual bool VerifyRequests + { + get { return mVerifyRequests; } + set { this.mVerifyRequests = value; } + } + + public virtual DtlsTransport Accept(TlsServer server, DatagramTransport transport) + { + if (server == null) + throw new ArgumentNullException("server"); + if (transport == null) + throw new ArgumentNullException("transport"); + + SecurityParameters securityParameters = new SecurityParameters(); + securityParameters.entity = ConnectionEnd.server; + + ServerHandshakeState state = new ServerHandshakeState(); + state.server = server; + state.serverContext = new TlsServerContextImpl(mSecureRandom, securityParameters); + + securityParameters.serverRandom = TlsProtocol.CreateRandomBlock(server.ShouldUseGmtUnixTime(), + state.serverContext.NonceRandomGenerator); + + server.Init(state.serverContext); + + DtlsRecordLayer recordLayer = new DtlsRecordLayer(transport, state.serverContext, server, ContentType.handshake); + server.NotifyCloseHandle(recordLayer); + + // TODO Need to handle sending of HelloVerifyRequest without entering a full connection + + try + { + return ServerHandshake(state, recordLayer); + } + catch (TlsFatalAlert fatalAlert) + { + AbortServerHandshake(state, recordLayer, fatalAlert.AlertDescription); + throw fatalAlert; + } + catch (IOException e) + { + AbortServerHandshake(state, recordLayer, AlertDescription.internal_error); + throw e; + } + catch (Exception e) + { + AbortServerHandshake(state, recordLayer, AlertDescription.internal_error); + throw new TlsFatalAlert(AlertDescription.internal_error, e); + } + finally + { + securityParameters.Clear(); + } + } + + internal virtual void AbortServerHandshake(ServerHandshakeState state, DtlsRecordLayer recordLayer, byte alertDescription) + { + recordLayer.Fail(alertDescription); + InvalidateSession(state); + } + + internal virtual DtlsTransport ServerHandshake(ServerHandshakeState state, DtlsRecordLayer recordLayer) + { + SecurityParameters securityParameters = state.serverContext.SecurityParameters; + DtlsReliableHandshake handshake = new DtlsReliableHandshake(state.serverContext, recordLayer, + state.server.GetHandshakeTimeoutMillis()); + DtlsReliableHandshake.Message clientMessage = handshake.ReceiveMessage(); + + // NOTE: DTLSRecordLayer requires any DTLS version, we don't otherwise constrain this + //ProtocolVersion recordLayerVersion = recordLayer.ReadVersion; + + if (clientMessage.Type == HandshakeType.client_hello) + { + ProcessClientHello(state, clientMessage.Body); + } + else + { + throw new TlsFatalAlert(AlertDescription.unexpected_message); + } + + { + byte[] serverHelloBody = GenerateServerHello(state); + + ApplyMaxFragmentLengthExtension(recordLayer, securityParameters.maxFragmentLength); + + ProtocolVersion recordLayerVersion = state.serverContext.ServerVersion; + recordLayer.ReadVersion = recordLayerVersion; + recordLayer.SetWriteVersion(recordLayerVersion); + + handshake.SendMessage(HandshakeType.server_hello, serverHelloBody); + } + + handshake.NotifyHelloComplete(); + + IList serverSupplementalData = state.server.GetServerSupplementalData(); + if (serverSupplementalData != null) + { + byte[] supplementalDataBody = GenerateSupplementalData(serverSupplementalData); + handshake.SendMessage(HandshakeType.supplemental_data, supplementalDataBody); + } + + state.keyExchange = state.server.GetKeyExchange(); + state.keyExchange.Init(state.serverContext); + + state.serverCredentials = state.server.GetCredentials(); + + Certificate serverCertificate = null; + + if (state.serverCredentials == null) + { + state.keyExchange.SkipServerCredentials(); + } + else + { + state.keyExchange.ProcessServerCredentials(state.serverCredentials); + + serverCertificate = state.serverCredentials.Certificate; + byte[] certificateBody = GenerateCertificate(serverCertificate); + handshake.SendMessage(HandshakeType.certificate, certificateBody); + } + + // TODO[RFC 3546] Check whether empty certificates is possible, allowed, or excludes CertificateStatus + if (serverCertificate == null || serverCertificate.IsEmpty) + { + state.allowCertificateStatus = false; + } + + if (state.allowCertificateStatus) + { + CertificateStatus certificateStatus = state.server.GetCertificateStatus(); + if (certificateStatus != null) + { + byte[] certificateStatusBody = GenerateCertificateStatus(state, certificateStatus); + handshake.SendMessage(HandshakeType.certificate_status, certificateStatusBody); + } + } + + byte[] serverKeyExchange = state.keyExchange.GenerateServerKeyExchange(); + if (serverKeyExchange != null) + { + handshake.SendMessage(HandshakeType.server_key_exchange, serverKeyExchange); + } + + if (state.serverCredentials != null) + { + state.certificateRequest = state.server.GetCertificateRequest(); + if (state.certificateRequest != null) + { + if (TlsUtilities.IsTlsV12(state.serverContext) != (state.certificateRequest.SupportedSignatureAlgorithms != null)) + throw new TlsFatalAlert(AlertDescription.internal_error); + + state.keyExchange.ValidateCertificateRequest(state.certificateRequest); + + byte[] certificateRequestBody = GenerateCertificateRequest(state, state.certificateRequest); + handshake.SendMessage(HandshakeType.certificate_request, certificateRequestBody); + + TlsUtilities.TrackHashAlgorithms(handshake.HandshakeHash, + state.certificateRequest.SupportedSignatureAlgorithms); + } + } + + handshake.SendMessage(HandshakeType.server_hello_done, TlsUtilities.EmptyBytes); + + handshake.HandshakeHash.SealHashAlgorithms(); + + clientMessage = handshake.ReceiveMessage(); + + if (clientMessage.Type == HandshakeType.supplemental_data) + { + ProcessClientSupplementalData(state, clientMessage.Body); + clientMessage = handshake.ReceiveMessage(); + } + else + { + state.server.ProcessClientSupplementalData(null); + } + + if (state.certificateRequest == null) + { + state.keyExchange.SkipClientCredentials(); + } + else + { + if (clientMessage.Type == HandshakeType.certificate) + { + ProcessClientCertificate(state, clientMessage.Body); + clientMessage = handshake.ReceiveMessage(); + } + else + { + if (TlsUtilities.IsTlsV12(state.serverContext)) + { + /* + * RFC 5246 If no suitable certificate is available, the client MUST send a + * certificate message containing no certificates. + * + * NOTE: In previous RFCs, this was SHOULD instead of MUST. + */ + throw new TlsFatalAlert(AlertDescription.unexpected_message); + } + + NotifyClientCertificate(state, Certificate.EmptyChain); + } + } + + if (clientMessage.Type == HandshakeType.client_key_exchange) + { + ProcessClientKeyExchange(state, clientMessage.Body); + } + else + { + throw new TlsFatalAlert(AlertDescription.unexpected_message); + } + + TlsHandshakeHash prepareFinishHash = handshake.PrepareToFinish(); + securityParameters.sessionHash = TlsProtocol.GetCurrentPrfHash(state.serverContext, prepareFinishHash, null); + + TlsProtocol.EstablishMasterSecret(state.serverContext, state.keyExchange); + recordLayer.InitPendingEpoch(state.server.GetCipher()); + + /* + * RFC 5246 7.4.8 This message is only sent following a client certificate that has signing + * capability (i.e., all certificates except those containing fixed Diffie-Hellman + * parameters). + */ + if (ExpectCertificateVerifyMessage(state)) + { + byte[] certificateVerifyBody = handshake.ReceiveMessageBody(HandshakeType.certificate_verify); + ProcessCertificateVerify(state, certificateVerifyBody, prepareFinishHash); + } + + // NOTE: Calculated exclusive of the actual Finished message from the client + byte[] expectedClientVerifyData = TlsUtilities.CalculateVerifyData(state.serverContext, ExporterLabel.client_finished, + TlsProtocol.GetCurrentPrfHash(state.serverContext, handshake.HandshakeHash, null)); + ProcessFinished(handshake.ReceiveMessageBody(HandshakeType.finished), expectedClientVerifyData); + + if (state.expectSessionTicket) + { + NewSessionTicket newSessionTicket = state.server.GetNewSessionTicket(); + byte[] newSessionTicketBody = GenerateNewSessionTicket(state, newSessionTicket); + handshake.SendMessage(HandshakeType.session_ticket, newSessionTicketBody); + } + + // NOTE: Calculated exclusive of the Finished message itself + byte[] serverVerifyData = TlsUtilities.CalculateVerifyData(state.serverContext, ExporterLabel.server_finished, + TlsProtocol.GetCurrentPrfHash(state.serverContext, handshake.HandshakeHash, null)); + handshake.SendMessage(HandshakeType.finished, serverVerifyData); + + handshake.Finish(); + + //{ + // state.sessionParameters = new SessionParameters.Builder() + // .SetCipherSuite(securityParameters.CipherSuite) + // .SetCompressionAlgorithm(securityParameters.CompressionAlgorithm) + // .SetExtendedMasterSecret(securityParameters.IsExtendedMasterSecret) + // .SetMasterSecret(securityParameters.MasterSecret) + // .SetPeerCertificate(state.clientCertificate) + // .SetPskIdentity(securityParameters.PskIdentity) + // .SetSrpIdentity(securityParameters.SrpIdentity) + // // TODO Consider filtering extensions that aren't relevant to resumed sessions + // .SetServerExtensions(state.serverExtensions) + // .Build(); + + // state.tlsSession = TlsUtilities.ImportSession(state.tlsSession.SessionID, state.sessionParameters); + + // state.serverContext.SetResumableSession(state.tlsSession); + //} + + state.server.NotifyHandshakeComplete(); + + return new DtlsTransport(recordLayer); + } + + protected virtual void InvalidateSession(ServerHandshakeState state) + { + if (state.sessionParameters != null) + { + state.sessionParameters.Clear(); + state.sessionParameters = null; + } + + if (state.tlsSession != null) + { + state.tlsSession.Invalidate(); + state.tlsSession = null; + } + } + + protected virtual byte[] GenerateCertificateRequest(ServerHandshakeState state, CertificateRequest certificateRequest) + { + MemoryStream buf = new MemoryStream(); + certificateRequest.Encode(buf); + return buf.ToArray(); + } + + protected virtual byte[] GenerateCertificateStatus(ServerHandshakeState state, CertificateStatus certificateStatus) + { + MemoryStream buf = new MemoryStream(); + certificateStatus.Encode(buf); + return buf.ToArray(); + } + + protected virtual byte[] GenerateNewSessionTicket(ServerHandshakeState state, NewSessionTicket newSessionTicket) + { + MemoryStream buf = new MemoryStream(); + newSessionTicket.Encode(buf); + return buf.ToArray(); + } + + protected virtual byte[] GenerateServerHello(ServerHandshakeState state) + { + SecurityParameters securityParameters = state.serverContext.SecurityParameters; + + MemoryStream buf = new MemoryStream(); + + { + ProtocolVersion server_version = state.server.GetServerVersion(); + if (!server_version.IsEqualOrEarlierVersionOf(state.serverContext.ClientVersion)) + throw new TlsFatalAlert(AlertDescription.internal_error); + + // TODO Read RFCs for guidance on the expected record layer version number + // recordStream.setReadVersion(server_version); + // recordStream.setWriteVersion(server_version); + // recordStream.setRestrictReadVersion(true); + state.serverContext.SetServerVersion(server_version); + + TlsUtilities.WriteVersion(state.serverContext.ServerVersion, buf); + } + + buf.Write(securityParameters.ServerRandom, 0, securityParameters.ServerRandom.Length); + + /* + * The server may return an empty session_id to indicate that the session will not be cached + * and therefore cannot be resumed. + */ + TlsUtilities.WriteOpaque8(TlsUtilities.EmptyBytes, buf); + + int selectedCipherSuite = state.server.GetSelectedCipherSuite(); + if (!Arrays.Contains(state.offeredCipherSuites, selectedCipherSuite) + || selectedCipherSuite == CipherSuite.TLS_NULL_WITH_NULL_NULL + || CipherSuite.IsScsv(selectedCipherSuite) + || !TlsUtilities.IsValidCipherSuiteForVersion(selectedCipherSuite, state.serverContext.ServerVersion)) + { + throw new TlsFatalAlert(AlertDescription.internal_error); + } + ValidateSelectedCipherSuite(selectedCipherSuite, AlertDescription.internal_error); + securityParameters.cipherSuite = selectedCipherSuite; + + byte selectedCompressionMethod = state.server.GetSelectedCompressionMethod(); + if (!Arrays.Contains(state.offeredCompressionMethods, selectedCompressionMethod)) + throw new TlsFatalAlert(AlertDescription.internal_error); + securityParameters.compressionAlgorithm = selectedCompressionMethod; + + TlsUtilities.WriteUint16(selectedCipherSuite, buf); + TlsUtilities.WriteUint8(selectedCompressionMethod, buf); + + state.serverExtensions = TlsExtensionsUtilities.EnsureExtensionsInitialised(state.server.GetServerExtensions()); + + /* + * RFC 5746 3.6. Server Behavior: Initial Handshake + */ + if (state.secure_renegotiation) + { + byte[] renegExtData = TlsUtilities.GetExtensionData(state.serverExtensions, ExtensionType.renegotiation_info); + bool noRenegExt = (null == renegExtData); + + if (noRenegExt) + { + /* + * Note that sending a "renegotiation_info" extension in response to a ClientHello + * containing only the SCSV is an explicit exception to the prohibition in RFC 5246, + * Section 7.4.1.4, on the server sending unsolicited extensions and is only allowed + * because the client is signaling its willingness to receive the extension via the + * TLS_EMPTY_RENEGOTIATION_INFO_SCSV SCSV. + */ + + /* + * If the secure_renegotiation flag is set to TRUE, the server MUST include an empty + * "renegotiation_info" extension in the ServerHello message. + */ + state.serverExtensions[ExtensionType.renegotiation_info] = TlsProtocol.CreateRenegotiationInfo(TlsUtilities.EmptyBytes); + } + } + + if (securityParameters.IsExtendedMasterSecret) + { + TlsExtensionsUtilities.AddExtendedMasterSecretExtension(state.serverExtensions); + } + + /* + * TODO RFC 3546 2.3 If [...] the older session is resumed, then the server MUST ignore + * extensions appearing in the client hello, and send a server hello containing no + * extensions. + */ + + if (state.serverExtensions.Count > 0) + { + securityParameters.encryptThenMac = TlsExtensionsUtilities.HasEncryptThenMacExtension(state.serverExtensions); + + securityParameters.maxFragmentLength = EvaluateMaxFragmentLengthExtension(state.resumedSession, + state.clientExtensions, state.serverExtensions, AlertDescription.internal_error); + + securityParameters.truncatedHMac = TlsExtensionsUtilities.HasTruncatedHMacExtension(state.serverExtensions); + + /* + * TODO It's surprising that there's no provision to allow a 'fresh' CertificateStatus to be sent in + * a session resumption handshake. + */ + state.allowCertificateStatus = !state.resumedSession + && TlsUtilities.HasExpectedEmptyExtensionData(state.serverExtensions, ExtensionType.status_request, + AlertDescription.internal_error); + + state.expectSessionTicket = !state.resumedSession + && TlsUtilities.HasExpectedEmptyExtensionData(state.serverExtensions, ExtensionType.session_ticket, + AlertDescription.internal_error); + + TlsProtocol.WriteExtensions(buf, state.serverExtensions); + } + + securityParameters.prfAlgorithm = TlsProtocol.GetPrfAlgorithm(state.serverContext, + securityParameters.CipherSuite); + + /* + * RFC 5246 7.4.9. Any cipher suite which does not explicitly specify verify_data_length + * has a verify_data_length equal to 12. This includes all existing cipher suites. + */ + securityParameters.verifyDataLength = 12; + + return buf.ToArray(); + } + + protected virtual void NotifyClientCertificate(ServerHandshakeState state, Certificate clientCertificate) + { + if (state.certificateRequest == null) + throw new InvalidOperationException(); + + if (state.clientCertificate != null) + throw new TlsFatalAlert(AlertDescription.unexpected_message); + + state.clientCertificate = clientCertificate; + + if (clientCertificate.IsEmpty) + { + state.keyExchange.SkipClientCredentials(); + } + else + { + + /* + * TODO RFC 5246 7.4.6. If the certificate_authorities list in the certificate request + * message was non-empty, one of the certificates in the certificate chain SHOULD be + * issued by one of the listed CAs. + */ + + state.clientCertificateType = TlsUtilities.GetClientCertificateType(clientCertificate, + state.serverCredentials.Certificate); + + state.keyExchange.ProcessClientCertificate(clientCertificate); + } + + /* + * RFC 5246 7.4.6. If the client does not send any certificates, the server MAY at its + * discretion either continue the handshake without client authentication, or respond with a + * fatal handshake_failure alert. Also, if some aspect of the certificate chain was + * unacceptable (e.g., it was not signed by a known, trusted CA), the server MAY at its + * discretion either continue the handshake (considering the client unauthenticated) or send + * a fatal alert. + */ + state.server.NotifyClientCertificate(clientCertificate); + } + + protected virtual void ProcessClientCertificate(ServerHandshakeState state, byte[] body) + { + MemoryStream buf = new MemoryStream(body, false); + + Certificate clientCertificate = Certificate.Parse(buf); + + TlsProtocol.AssertEmpty(buf); + + NotifyClientCertificate(state, clientCertificate); + } + + protected virtual void ProcessCertificateVerify(ServerHandshakeState state, byte[] body, TlsHandshakeHash prepareFinishHash) + { + if (state.certificateRequest == null) + throw new InvalidOperationException(); + + MemoryStream buf = new MemoryStream(body, false); + + TlsServerContextImpl context = state.serverContext; + DigitallySigned clientCertificateVerify = DigitallySigned.Parse(context, buf); + + TlsProtocol.AssertEmpty(buf); + + // Verify the CertificateVerify message contains a correct signature. + try + { + SignatureAndHashAlgorithm signatureAlgorithm = clientCertificateVerify.Algorithm; + + byte[] hash; + if (TlsUtilities.IsTlsV12(context)) + { + TlsUtilities.VerifySupportedSignatureAlgorithm(state.certificateRequest.SupportedSignatureAlgorithms, signatureAlgorithm); + hash = prepareFinishHash.GetFinalHash(signatureAlgorithm.Hash); + } + else + { + hash = context.SecurityParameters.SessionHash; + } + + X509CertificateStructure x509Cert = state.clientCertificate.GetCertificateAt(0); + SubjectPublicKeyInfo keyInfo = x509Cert.SubjectPublicKeyInfo; + AsymmetricKeyParameter publicKey = PublicKeyFactory.CreateKey(keyInfo); + + TlsSigner tlsSigner = TlsUtilities.CreateTlsSigner((byte)state.clientCertificateType); + tlsSigner.Init(context); + if (!tlsSigner.VerifyRawSignature(signatureAlgorithm, clientCertificateVerify.Signature, publicKey, hash)) + throw new TlsFatalAlert(AlertDescription.decrypt_error); + } + catch (TlsFatalAlert e) + { + throw e; + } + catch (Exception e) + { + throw new TlsFatalAlert(AlertDescription.decrypt_error, e); + } + } + + protected virtual void ProcessClientHello(ServerHandshakeState state, byte[] body) + { + MemoryStream buf = new MemoryStream(body, false); + + // TODO Read RFCs for guidance on the expected record layer version number + ProtocolVersion client_version = TlsUtilities.ReadVersion(buf); + if (!client_version.IsDtls) + throw new TlsFatalAlert(AlertDescription.illegal_parameter); + + /* + * Read the client random + */ + byte[] client_random = TlsUtilities.ReadFully(32, buf); + + byte[] sessionID = TlsUtilities.ReadOpaque8(buf); + if (sessionID.Length > 32) + throw new TlsFatalAlert(AlertDescription.illegal_parameter); + + // TODO RFC 4347 has the cookie length restricted to 32, but not in RFC 6347 + byte[] cookie = TlsUtilities.ReadOpaque8(buf); + + int cipher_suites_length = TlsUtilities.ReadUint16(buf); + if (cipher_suites_length < 2 || (cipher_suites_length & 1) != 0) + { + throw new TlsFatalAlert(AlertDescription.decode_error); + } + + /* + * NOTE: "If the session_id field is not empty (implying a session resumption request) this + * vector must include at least the cipher_suite from that session." + */ + state.offeredCipherSuites = TlsUtilities.ReadUint16Array(cipher_suites_length / 2, buf); + + int compression_methods_length = TlsUtilities.ReadUint8(buf); + if (compression_methods_length < 1) + { + throw new TlsFatalAlert(AlertDescription.illegal_parameter); + } + + state.offeredCompressionMethods = TlsUtilities.ReadUint8Array(compression_methods_length, buf); + + /* + * TODO RFC 3546 2.3 If [...] the older session is resumed, then the server MUST ignore + * extensions appearing in the client hello, and send a server hello containing no + * extensions. + */ + state.clientExtensions = TlsProtocol.ReadExtensions(buf); + + TlsServerContextImpl context = state.serverContext; + SecurityParameters securityParameters = context.SecurityParameters; + + /* + * TODO[resumption] Check RFC 7627 5.4. for required behaviour + */ + + /* + * RFC 7627 4. Clients and servers SHOULD NOT accept handshakes that do not use the extended + * master secret [..]. (and see 5.2, 5.3) + */ + securityParameters.extendedMasterSecret = TlsExtensionsUtilities.HasExtendedMasterSecretExtension(state.clientExtensions); + if (!securityParameters.IsExtendedMasterSecret && state.server.RequiresExtendedMasterSecret()) + { + throw new TlsFatalAlert(AlertDescription.handshake_failure); + } + + context.SetClientVersion(client_version); + + state.server.NotifyClientVersion(client_version); + state.server.NotifyFallback(Arrays.Contains(state.offeredCipherSuites, CipherSuite.TLS_FALLBACK_SCSV)); + + securityParameters.clientRandom = client_random; + + state.server.NotifyOfferedCipherSuites(state.offeredCipherSuites); + state.server.NotifyOfferedCompressionMethods(state.offeredCompressionMethods); + + /* + * RFC 5746 3.6. Server Behavior: Initial Handshake + */ + { + /* + * RFC 5746 3.4. The client MUST include either an empty "renegotiation_info" extension, + * or the TLS_EMPTY_RENEGOTIATION_INFO_SCSV signaling cipher suite value in the + * ClientHello. Including both is NOT RECOMMENDED. + */ + + /* + * When a ClientHello is received, the server MUST check if it includes the + * TLS_EMPTY_RENEGOTIATION_INFO_SCSV SCSV. If it does, set the secure_renegotiation flag + * to TRUE. + */ + if (Arrays.Contains(state.offeredCipherSuites, CipherSuite.TLS_EMPTY_RENEGOTIATION_INFO_SCSV)) + { + state.secure_renegotiation = true; + } + + /* + * The server MUST check if the "renegotiation_info" extension is included in the + * ClientHello. + */ + byte[] renegExtData = TlsUtilities.GetExtensionData(state.clientExtensions, ExtensionType.renegotiation_info); + if (renegExtData != null) + { + /* + * If the extension is present, set secure_renegotiation flag to TRUE. The + * server MUST then verify that the length of the "renegotiated_connection" + * field is zero, and if it is not, MUST abort the handshake. + */ + state.secure_renegotiation = true; + + if (!Arrays.ConstantTimeAreEqual(renegExtData, TlsProtocol.CreateRenegotiationInfo(TlsUtilities.EmptyBytes))) + throw new TlsFatalAlert(AlertDescription.handshake_failure); + } + } + + state.server.NotifySecureRenegotiation(state.secure_renegotiation); + + if (state.clientExtensions != null) + { + // NOTE: Validates the padding extension data, if present + TlsExtensionsUtilities.GetPaddingExtension(state.clientExtensions); + + state.server.ProcessClientExtensions(state.clientExtensions); + } + } + + protected virtual void ProcessClientKeyExchange(ServerHandshakeState state, byte[] body) + { + MemoryStream buf = new MemoryStream(body, false); + + state.keyExchange.ProcessClientKeyExchange(buf); + + TlsProtocol.AssertEmpty(buf); + } + + protected virtual void ProcessClientSupplementalData(ServerHandshakeState state, byte[] body) + { + MemoryStream buf = new MemoryStream(body, false); + IList clientSupplementalData = TlsProtocol.ReadSupplementalDataMessage(buf); + state.server.ProcessClientSupplementalData(clientSupplementalData); + } + + protected virtual bool ExpectCertificateVerifyMessage(ServerHandshakeState state) + { + return state.clientCertificateType >= 0 && TlsUtilities.HasSigningCapability((byte)state.clientCertificateType); + } + + protected internal class ServerHandshakeState + { + internal TlsServer server = null; + internal TlsServerContextImpl serverContext = null; + internal TlsSession tlsSession = null; + internal SessionParameters sessionParameters = null; + internal SessionParameters.Builder sessionParametersBuilder = null; + internal int[] offeredCipherSuites = null; + internal byte[] offeredCompressionMethods = null; + internal IDictionary clientExtensions = null; + internal IDictionary serverExtensions = null; + internal bool resumedSession = false; + internal bool secure_renegotiation = false; + internal bool allowCertificateStatus = false; + internal bool expectSessionTicket = false; + internal TlsKeyExchange keyExchange = null; + internal TlsCredentials serverCredentials = null; + internal CertificateRequest certificateRequest = null; + internal short clientCertificateType = -1; + internal Certificate clientCertificate = null; + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/tls/DtlsTransport.cs b/BouncyCastle/crypto/src/crypto/tls/DtlsTransport.cs new file mode 100644 index 0000000..f2f7165 --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/tls/DtlsTransport.cs @@ -0,0 +1,132 @@ +using System; +using System.IO; +#if !PORTABLE || DOTNET +using System.Net.Sockets; +#endif + +namespace Org.BouncyCastle.Crypto.Tls +{ + public class DtlsTransport + : DatagramTransport + { + private readonly DtlsRecordLayer mRecordLayer; + + internal DtlsTransport(DtlsRecordLayer recordLayer) + { + this.mRecordLayer = recordLayer; + } + + public virtual int GetReceiveLimit() + { + return mRecordLayer.GetReceiveLimit(); + } + + public virtual int GetSendLimit() + { + return mRecordLayer.GetSendLimit(); + } + + public virtual int Receive(byte[] buf, int off, int len, int waitMillis) + { + if (null == buf) + throw new ArgumentNullException("buf"); + if (off < 0 || off >= buf.Length) + throw new ArgumentException("invalid offset: " + off, "off"); + if (len < 0 || len > buf.Length - off) + throw new ArgumentException("invalid length: " + len, "len"); + if (waitMillis < 0) + throw new ArgumentException("cannot be negative", "waitMillis"); + + try + { + return mRecordLayer.Receive(buf, off, len, waitMillis); + } + catch (TlsFatalAlert fatalAlert) + { + mRecordLayer.Fail(fatalAlert.AlertDescription); + throw fatalAlert; + } + catch (TlsTimeoutException e) + { + throw e; + } +#if !PORTABLE || DOTNET + catch (SocketException e) + { + if (TlsUtilities.IsTimeout(e)) + throw e; + + mRecordLayer.Fail(AlertDescription.internal_error); + throw new TlsFatalAlert(AlertDescription.internal_error, e); + } +#endif + //catch (InterruptedIOException e) + //{ + // throw e; + //} + catch (IOException e) + { + mRecordLayer.Fail(AlertDescription.internal_error); + throw e; + } + catch (Exception e) + { + mRecordLayer.Fail(AlertDescription.internal_error); + throw new TlsFatalAlert(AlertDescription.internal_error, e); + } + } + + public virtual void Send(byte[] buf, int off, int len) + { + if (null == buf) + throw new ArgumentNullException("buf"); + if (off < 0 || off >= buf.Length) + throw new ArgumentException("invalid offset: " + off, "off"); + if (len < 0 || len > buf.Length - off) + throw new ArgumentException("invalid length: " + len, "len"); + + try + { + mRecordLayer.Send(buf, off, len); + } + catch (TlsFatalAlert fatalAlert) + { + mRecordLayer.Fail(fatalAlert.AlertDescription); + throw fatalAlert; + } + catch (TlsTimeoutException e) + { + throw e; + } +#if !PORTABLE || DOTNET + catch (SocketException e) + { + if (TlsUtilities.IsTimeout(e)) + throw e; + + mRecordLayer.Fail(AlertDescription.internal_error); + throw new TlsFatalAlert(AlertDescription.internal_error, e); + } +#endif + //catch (InterruptedIOException e) + //{ + // throw e; + //} + catch (IOException e) + { + mRecordLayer.Fail(AlertDescription.internal_error); + throw e; + } + catch (Exception e) + { + mRecordLayer.Fail(AlertDescription.internal_error); + throw new TlsFatalAlert(AlertDescription.internal_error, e); + } + } + + public virtual void Close() + { + mRecordLayer.Close(); + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/tls/ECBasisType.cs b/BouncyCastle/crypto/src/crypto/tls/ECBasisType.cs new file mode 100644 index 0000000..5416e17 --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/tls/ECBasisType.cs @@ -0,0 +1,16 @@ +using System; + +namespace Org.BouncyCastle.Crypto.Tls +{ + ///

RFC 4492 5.4. (Errata ID: 2389) + public abstract class ECBasisType + { + public const byte ec_basis_trinomial = 1; + public const byte ec_basis_pentanomial = 2; + + public static bool IsValid(byte ecBasisType) + { + return ecBasisType >= ec_basis_trinomial && ecBasisType <= ec_basis_pentanomial; + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/tls/ECCurveType.cs b/BouncyCastle/crypto/src/crypto/tls/ECCurveType.cs new file mode 100644 index 0000000..1b352e9 --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/tls/ECCurveType.cs @@ -0,0 +1,29 @@ +namespace Org.BouncyCastle.Crypto.Tls +{ + /// + /// RFC 4492 5.4 + /// + public abstract class ECCurveType + { + /** + * Indicates the elliptic curve domain parameters are conveyed verbosely, and the + * underlying finite field is a prime field. + */ + public const byte explicit_prime = 1; + + /** + * Indicates the elliptic curve domain parameters are conveyed verbosely, and the + * underlying finite field is a characteristic-2 field. + */ + public const byte explicit_char2 = 2; + + /** + * Indicates that a named curve is used. This option SHOULD be used when applicable. + */ + public const byte named_curve = 3; + + /* + * Values 248 through 255 are reserved for private use. + */ + } +} diff --git a/BouncyCastle/crypto/src/crypto/tls/ECPointFormat.cs b/BouncyCastle/crypto/src/crypto/tls/ECPointFormat.cs new file mode 100644 index 0000000..21b0fdd --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/tls/ECPointFormat.cs @@ -0,0 +1,16 @@ +namespace Org.BouncyCastle.Crypto.Tls +{ + /// + /// RFC 4492 5.1.2 + /// + public abstract class ECPointFormat + { + public const byte uncompressed = 0; + public const byte ansiX962_compressed_prime = 1; + public const byte ansiX962_compressed_char2 = 2; + + /* + * reserved (248..255) + */ + } +} diff --git a/BouncyCastle/crypto/src/crypto/tls/EncryptionAlgorithm.cs b/BouncyCastle/crypto/src/crypto/tls/EncryptionAlgorithm.cs new file mode 100644 index 0000000..45eef18 --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/tls/EncryptionAlgorithm.cs @@ -0,0 +1,69 @@ +using System; + +namespace Org.BouncyCastle.Crypto.Tls +{ + /// RFC 2246 + /// + /// Note that the values here are implementation-specific and arbitrary. It is recommended not to + /// depend on the particular values (e.g. serialization). + /// + public abstract class EncryptionAlgorithm + { + public const int NULL = 0; + public const int RC4_40 = 1; + public const int RC4_128 = 2; + public const int RC2_CBC_40 = 3; + public const int IDEA_CBC = 4; + public const int DES40_CBC = 5; + public const int DES_CBC = 6; + public const int cls_3DES_EDE_CBC = 7; + + /* + * RFC 3268 + */ + public const int AES_128_CBC = 8; + public const int AES_256_CBC = 9; + + /* + * RFC 5289 + */ + public const int AES_128_GCM = 10; + public const int AES_256_GCM = 11; + + /* + * RFC 4132 + */ + public const int CAMELLIA_128_CBC = 12; + public const int CAMELLIA_256_CBC = 13; + + /* + * RFC 4162 + */ + public const int SEED_CBC = 14; + + /* + * RFC 6655 + */ + public const int AES_128_CCM = 15; + public const int AES_128_CCM_8 = 16; + public const int AES_256_CCM = 17; + public const int AES_256_CCM_8 = 18; + + /* + * RFC 6367 + */ + public const int CAMELLIA_128_GCM = 19; + public const int CAMELLIA_256_GCM = 20; + + /* + * RFC 7905 + */ + public const int CHACHA20_POLY1305 = 21; + + /* + * draft-zauner-tls-aes-ocb-04 + */ + public const int AES_128_OCB_TAGLEN96 = 103; + public const int AES_256_OCB_TAGLEN96 = 104; + } +} diff --git a/BouncyCastle/crypto/src/crypto/tls/ExporterLabel.cs b/BouncyCastle/crypto/src/crypto/tls/ExporterLabel.cs new file mode 100644 index 0000000..12603f3 --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/tls/ExporterLabel.cs @@ -0,0 +1,37 @@ +using System; + +namespace Org.BouncyCastle.Crypto.Tls +{ + /// RFC 5705 + public abstract class ExporterLabel + { + /* + * RFC 5246 + */ + public const string client_finished = "client finished"; + public const string server_finished = "server finished"; + public const string master_secret = "master secret"; + public const string key_expansion = "key expansion"; + + /* + * RFC 5216 + */ + public const string client_EAP_encryption = "client EAP encryption"; + + /* + * RFC 5281 + */ + public const string ttls_keying_material = "ttls keying material"; + public const string ttls_challenge = "ttls challenge"; + + /* + * RFC 5764 + */ + public const string dtls_srtp = "EXTRACTOR-dtls_srtp"; + + /* + * RFC 7627 + */ + public static readonly string extended_master_secret = "extended master secret"; + } +} diff --git a/BouncyCastle/crypto/src/crypto/tls/ExtensionType.cs b/BouncyCastle/crypto/src/crypto/tls/ExtensionType.cs new file mode 100644 index 0000000..f17210b --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/tls/ExtensionType.cs @@ -0,0 +1,128 @@ +using System; + +namespace Org.BouncyCastle.Crypto.Tls +{ + public abstract class ExtensionType + { + /* + * RFC 2546 2.3. + */ + public const int server_name = 0; + public const int max_fragment_length = 1; + public const int client_certificate_url = 2; + public const int trusted_ca_keys = 3; + public const int truncated_hmac = 4; + public const int status_request = 5; + + /* + * RFC 4681 + */ + public const int user_mapping = 6; + + /* + * RFC 5878 + */ + public const int client_authz = 7; + public const int server_authz = 8; + + /* + * RFC RFC6091 + */ + public const int cert_type = 9; + + /* + * draft-ietf-tls-negotiated-ff-dhe-10 + */ + public const int supported_groups = 10; + + /* + * RFC 4492 5.1. + */ + [Obsolete("Use 'supported_groups' instead")] + public const int elliptic_curves = supported_groups; + public const int ec_point_formats = 11; + + /* + * RFC 5054 2.8.1. + */ + public const int srp = 12; + + /* + * RFC 5246 7.4.1.4. + */ + public const int signature_algorithms = 13; + + /* + * RFC 5764 9. + */ + public const int use_srtp = 14; + + /* + * RFC 6520 6. + */ + public const int heartbeat = 15; + + /* + * RFC 7301 + */ + public const int application_layer_protocol_negotiation = 16; + + /* + * RFC 6961 + */ + public const int status_request_v2 = 17; + + /* + * RFC 6962 + */ + public const int signed_certificate_timestamp = 18; + + /* + * RFC 7250 + */ + public const int client_certificate_type = 19; + public const int server_certificate_type = 20; + + /* + * RFC 7685 + */ + public const int padding = 21; + + /* + * RFC 7366 + */ + public const int encrypt_then_mac = 22; + + /* + * RFC 7627 + */ + public const int extended_master_secret = 23; + + /* + * draft-ietf-tokbind-negotiation-08 + */ + public static readonly int DRAFT_token_binding = 24; + + /* + * RFC 7924 + */ + public const int cached_info = 25; + + /* + * RFC 5077 7. + */ + public const int session_ticket = 35; + + /* + * draft-ietf-tls-negotiated-ff-dhe-01 + * + * WARNING: Placeholder value; the real value is TBA + */ + public static readonly int negotiated_ff_dhe_groups = 101; + + /* + * RFC 5746 3.2. + */ + public const int renegotiation_info = 0xff01; + } +} diff --git a/BouncyCastle/crypto/src/crypto/tls/FiniteFieldDheGroup.cs b/BouncyCastle/crypto/src/crypto/tls/FiniteFieldDheGroup.cs new file mode 100644 index 0000000..4375049 --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/tls/FiniteFieldDheGroup.cs @@ -0,0 +1,21 @@ +using System; + +namespace Org.BouncyCastle.Crypto.Tls +{ + /* + * draft-ietf-tls-negotiated-ff-dhe-01 + */ + public abstract class FiniteFieldDheGroup + { + public const byte ffdhe2432 = 0; + public const byte ffdhe3072 = 1; + public const byte ffdhe4096 = 2; + public const byte ffdhe6144 = 3; + public const byte ffdhe8192 = 4; + + public static bool IsValid(byte group) + { + return group >= ffdhe2432 && group <= ffdhe8192; + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/tls/HandshakeType.cs b/BouncyCastle/crypto/src/crypto/tls/HandshakeType.cs new file mode 100644 index 0000000..e63042a --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/tls/HandshakeType.cs @@ -0,0 +1,40 @@ +namespace Org.BouncyCastle.Crypto.Tls +{ + public abstract class HandshakeType + { + /* + * RFC 2246 7.4 + */ + public const byte hello_request = 0; + public const byte client_hello = 1; + public const byte server_hello = 2; + public const byte certificate = 11; + public const byte server_key_exchange = 12; + public const byte certificate_request = 13; + public const byte server_hello_done = 14; + public const byte certificate_verify = 15; + public const byte client_key_exchange = 16; + public const byte finished = 20; + + /* + * RFC 3546 2.4 + */ + public const byte certificate_url = 21; + public const byte certificate_status = 22; + + /* + * (DTLS) RFC 4347 4.3.2 + */ + public const byte hello_verify_request = 3; + + /* + * RFC 4680 + */ + public const byte supplemental_data = 23; + + /* + * RFC 5077 + */ + public const byte session_ticket = 4; + } +} diff --git a/BouncyCastle/crypto/src/crypto/tls/HashAlgorithm.cs b/BouncyCastle/crypto/src/crypto/tls/HashAlgorithm.cs new file mode 100644 index 0000000..a6b42d4 --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/tls/HashAlgorithm.cs @@ -0,0 +1,65 @@ +using System; + +namespace Org.BouncyCastle.Crypto.Tls +{ + /// RFC 5246 7.4.1.4.1 + public abstract class HashAlgorithm + { + public const byte none = 0; + public const byte md5 = 1; + public const byte sha1 = 2; + public const byte sha224 = 3; + public const byte sha256 = 4; + public const byte sha384 = 5; + public const byte sha512 = 6; + + public static string GetName(byte hashAlgorithm) + { + switch (hashAlgorithm) + { + case none: + return "none"; + case md5: + return "md5"; + case sha1: + return "sha1"; + case sha224: + return "sha224"; + case sha256: + return "sha256"; + case sha384: + return "sha384"; + case sha512: + return "sha512"; + default: + return "UNKNOWN"; + } + } + + public static string GetText(byte hashAlgorithm) + { + return GetName(hashAlgorithm) + "(" + hashAlgorithm + ")"; + } + + public static bool IsPrivate(byte hashAlgorithm) + { + return 224 <= hashAlgorithm && hashAlgorithm <= 255; + } + + public static bool IsRecognized(byte hashAlgorithm) + { + switch (hashAlgorithm) + { + case md5: + case sha1: + case sha224: + case sha256: + case sha384: + case sha512: + return true; + default: + return false; + } + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/tls/HeartbeatExtension.cs b/BouncyCastle/crypto/src/crypto/tls/HeartbeatExtension.cs new file mode 100644 index 0000000..0498372 --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/tls/HeartbeatExtension.cs @@ -0,0 +1,52 @@ +using System; +using System.IO; + +namespace Org.BouncyCastle.Crypto.Tls +{ + public class HeartbeatExtension + { + protected readonly byte mMode; + + public HeartbeatExtension(byte mode) + { + if (!HeartbeatMode.IsValid(mode)) + throw new ArgumentException("not a valid HeartbeatMode value", "mode"); + + this.mMode = mode; + } + + public virtual byte Mode + { + get { return mMode; } + } + + /** + * Encode this {@link HeartbeatExtension} to a {@link Stream}. + * + * @param output + * the {@link Stream} to encode to. + * @throws IOException + */ + public virtual void Encode(Stream output) + { + TlsUtilities.WriteUint8(mMode, output); + } + + /** + * Parse a {@link HeartbeatExtension} from a {@link Stream}. + * + * @param input + * the {@link Stream} to parse from. + * @return a {@link HeartbeatExtension} object. + * @throws IOException + */ + public static HeartbeatExtension Parse(Stream input) + { + byte mode = TlsUtilities.ReadUint8(input); + if (!HeartbeatMode.IsValid(mode)) + throw new TlsFatalAlert(AlertDescription.illegal_parameter); + + return new HeartbeatExtension(mode); + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/tls/HeartbeatMessage.cs b/BouncyCastle/crypto/src/crypto/tls/HeartbeatMessage.cs new file mode 100644 index 0000000..3f22f7e --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/tls/HeartbeatMessage.cs @@ -0,0 +1,109 @@ +using System; +using System.IO; + +using Org.BouncyCastle.Utilities; +using Org.BouncyCastle.Utilities.IO; + +namespace Org.BouncyCastle.Crypto.Tls +{ + public class HeartbeatMessage + { + protected readonly byte mType; + protected readonly byte[] mPayload; + protected readonly int mPaddingLength; + + public HeartbeatMessage(byte type, byte[] payload, int paddingLength) + { + if (!HeartbeatMessageType.IsValid(type)) + throw new ArgumentException("not a valid HeartbeatMessageType value", "type"); + if (payload == null || payload.Length >= (1 << 16)) + throw new ArgumentException("must have length < 2^16", "payload"); + if (paddingLength < 16) + throw new ArgumentException("must be at least 16", "paddingLength"); + + this.mType = type; + this.mPayload = payload; + this.mPaddingLength = paddingLength; + } + + /** + * Encode this {@link HeartbeatMessage} to a {@link Stream}. + * + * @param output + * the {@link Stream} to encode to. + * @throws IOException + */ + public virtual void Encode(TlsContext context, Stream output) + { + TlsUtilities.WriteUint8(mType, output); + + TlsUtilities.CheckUint16(mPayload.Length); + TlsUtilities.WriteUint16(mPayload.Length, output); + output.Write(mPayload, 0, mPayload.Length); + + byte[] padding = new byte[mPaddingLength]; + context.NonceRandomGenerator.NextBytes(padding); + output.Write(padding, 0, padding.Length); + } + + /** + * Parse a {@link HeartbeatMessage} from a {@link Stream}. + * + * @param input + * the {@link Stream} to parse from. + * @return a {@link HeartbeatMessage} object. + * @throws IOException + */ + public static HeartbeatMessage Parse(Stream input) + { + byte type = TlsUtilities.ReadUint8(input); + if (!HeartbeatMessageType.IsValid(type)) + throw new TlsFatalAlert(AlertDescription.illegal_parameter); + + int payload_length = TlsUtilities.ReadUint16(input); + + PayloadBuffer buf = new PayloadBuffer(); + Streams.PipeAll(input, buf); + + byte[] payload = buf.ToTruncatedByteArray(payload_length); + if (payload == null) + { + /* + * RFC 6520 4. If the payload_length of a received HeartbeatMessage is too large, the + * received HeartbeatMessage MUST be discarded silently. + */ + return null; + } + + TlsUtilities.CheckUint16(buf.Length); + int padding_length = (int)buf.Length - payload.Length; + + /* + * RFC 6520 4. The padding of a received HeartbeatMessage message MUST be ignored + */ + return new HeartbeatMessage(type, payload, padding_length); + } + + internal class PayloadBuffer + : MemoryStream + { + internal byte[] ToTruncatedByteArray(int payloadLength) + { + /* + * RFC 6520 4. The padding_length MUST be at least 16. + */ + int minimumCount = payloadLength + 16; + if (Length < minimumCount) + return null; + +#if PORTABLE + byte[] buf = ToArray(); +#else + byte[] buf = GetBuffer(); +#endif + + return Arrays.CopyOf(buf, payloadLength); + } + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/tls/HeartbeatMessageType.cs b/BouncyCastle/crypto/src/crypto/tls/HeartbeatMessageType.cs new file mode 100644 index 0000000..57a4b86 --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/tls/HeartbeatMessageType.cs @@ -0,0 +1,18 @@ +using System; + +namespace Org.BouncyCastle.Crypto.Tls +{ + /* + * RFC 6520 3. + */ + public abstract class HeartbeatMessageType + { + public const byte heartbeat_request = 1; + public const byte heartbeat_response = 2; + + public static bool IsValid(byte heartbeatMessageType) + { + return heartbeatMessageType >= heartbeat_request && heartbeatMessageType <= heartbeat_response; + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/tls/HeartbeatMode.cs b/BouncyCastle/crypto/src/crypto/tls/HeartbeatMode.cs new file mode 100644 index 0000000..f1570a8 --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/tls/HeartbeatMode.cs @@ -0,0 +1,18 @@ +using System; + +namespace Org.BouncyCastle.Crypto.Tls +{ + /* + * RFC 6520 + */ + public abstract class HeartbeatMode + { + public const byte peer_allowed_to_send = 1; + public const byte peer_not_allowed_to_send = 2; + + public static bool IsValid(byte heartbeatMode) + { + return heartbeatMode >= peer_allowed_to_send && heartbeatMode <= peer_not_allowed_to_send; + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/tls/KeyExchangeAlgorithm.cs b/BouncyCastle/crypto/src/crypto/tls/KeyExchangeAlgorithm.cs new file mode 100644 index 0000000..9b1b3ba --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/tls/KeyExchangeAlgorithm.cs @@ -0,0 +1,54 @@ +using System; + +namespace Org.BouncyCastle.Crypto.Tls +{ + /// RFC 2246 + /// + /// Note that the values here are implementation-specific and arbitrary. It is recommended not to + /// depend on the particular values (e.g. serialization). + /// + public abstract class KeyExchangeAlgorithm + { + public const int NULL = 0; + public const int RSA = 1; + public const int RSA_EXPORT = 2; + public const int DHE_DSS = 3; + public const int DHE_DSS_EXPORT = 4; + public const int DHE_RSA = 5; + public const int DHE_RSA_EXPORT = 6; + public const int DH_DSS = 7; + public const int DH_DSS_EXPORT = 8; + public const int DH_RSA = 9; + public const int DH_RSA_EXPORT = 10; + public const int DH_anon = 11; + public const int DH_anon_EXPORT = 12; + + /* + * RFC 4279 + */ + public const int PSK = 13; + public const int DHE_PSK = 14; + public const int RSA_PSK = 15; + + /* + * RFC 4429 + */ + public const int ECDH_ECDSA = 16; + public const int ECDHE_ECDSA = 17; + public const int ECDH_RSA = 18; + public const int ECDHE_RSA = 19; + public const int ECDH_anon = 20; + + /* + * RFC 5054 + */ + public const int SRP = 21; + public const int SRP_DSS = 22; + public const int SRP_RSA = 23; + + /* + * RFC 5489 + */ + public const int ECDHE_PSK = 24; + } +} diff --git a/BouncyCastle/crypto/src/crypto/tls/MacAlgorithm.cs b/BouncyCastle/crypto/src/crypto/tls/MacAlgorithm.cs new file mode 100644 index 0000000..e4aa88d --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/tls/MacAlgorithm.cs @@ -0,0 +1,25 @@ +using System; + +namespace Org.BouncyCastle.Crypto.Tls +{ + /// RFC 2246 + /// + /// Note that the values here are implementation-specific and arbitrary. It is recommended not to + /// depend on the particular values (e.g. serialization). + /// + public abstract class MacAlgorithm + { + public const int cls_null = 0; + public const int md5 = 1; + public const int sha = 2; + + /* + * RFC 5246 + */ + public const int hmac_md5 = md5; + public const int hmac_sha1 = sha; + public const int hmac_sha256 = 3; + public const int hmac_sha384 = 4; + public const int hmac_sha512 = 5; + } +} diff --git a/BouncyCastle/crypto/src/crypto/tls/MaxFragmentLength.cs b/BouncyCastle/crypto/src/crypto/tls/MaxFragmentLength.cs new file mode 100644 index 0000000..5b10b35 --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/tls/MaxFragmentLength.cs @@ -0,0 +1,20 @@ +using System; + +namespace Org.BouncyCastle.Crypto.Tls +{ + public abstract class MaxFragmentLength + { + /* + * RFC 3546 3.2. + */ + public const byte pow2_9 = 1; + public const byte pow2_10 = 2; + public const byte pow2_11 = 3; + public const byte pow2_12 = 4; + + public static bool IsValid(byte maxFragmentLength) + { + return maxFragmentLength >= pow2_9 && maxFragmentLength <= pow2_12; + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/tls/NameType.cs b/BouncyCastle/crypto/src/crypto/tls/NameType.cs new file mode 100644 index 0000000..7821642 --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/tls/NameType.cs @@ -0,0 +1,17 @@ +using System; + +namespace Org.BouncyCastle.Crypto.Tls +{ + public abstract class NameType + { + /* + * RFC 3546 3.1. + */ + public const byte host_name = 0; + + public static bool IsValid(byte nameType) + { + return nameType == host_name; + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/tls/NamedCurve.cs b/BouncyCastle/crypto/src/crypto/tls/NamedCurve.cs new file mode 100644 index 0000000..b8aa0ec --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/tls/NamedCurve.cs @@ -0,0 +1,77 @@ +using System; + +using Org.BouncyCastle.Asn1.Sec; +using Org.BouncyCastle.Asn1.X9; +using Org.BouncyCastle.Crypto.Parameters; + +namespace Org.BouncyCastle.Crypto.Tls +{ + /// + /// RFC 4492 5.1.1 + /// The named curves defined here are those specified in SEC 2 [13]. Note that many of + /// these curves are also recommended in ANSI X9.62 [7] and FIPS 186-2 [11]. Values 0xFE00 + /// through 0xFEFF are reserved for private use. Values 0xFF01 and 0xFF02 indicate that the + /// client supports arbitrary prime and characteristic-2 curves, respectively (the curve + /// parameters must be encoded explicitly in ECParameters). + /// + public abstract class NamedCurve + { + public const int sect163k1 = 1; + public const int sect163r1 = 2; + public const int sect163r2 = 3; + public const int sect193r1 = 4; + public const int sect193r2 = 5; + public const int sect233k1 = 6; + public const int sect233r1 = 7; + public const int sect239k1 = 8; + public const int sect283k1 = 9; + public const int sect283r1 = 10; + public const int sect409k1 = 11; + public const int sect409r1 = 12; + public const int sect571k1 = 13; + public const int sect571r1 = 14; + public const int secp160k1 = 15; + public const int secp160r1 = 16; + public const int secp160r2 = 17; + public const int secp192k1 = 18; + public const int secp192r1 = 19; + public const int secp224k1 = 20; + public const int secp224r1 = 21; + public const int secp256k1 = 22; + public const int secp256r1 = 23; + public const int secp384r1 = 24; + public const int secp521r1 = 25; + + /* + * RFC 7027 + */ + public const int brainpoolP256r1 = 26; + public const int brainpoolP384r1 = 27; + public const int brainpoolP512r1 = 28; + + /* + * reserved (0xFE00..0xFEFF) + */ + + public const int arbitrary_explicit_prime_curves = 0xFF01; + public const int arbitrary_explicit_char2_curves = 0xFF02; + + public static bool IsValid(int namedCurve) + { + return (namedCurve >= sect163k1 && namedCurve <= brainpoolP512r1) + || (namedCurve >= arbitrary_explicit_prime_curves && namedCurve <= arbitrary_explicit_char2_curves); + } + + public static bool RefersToASpecificNamedCurve(int namedCurve) + { + switch (namedCurve) + { + case arbitrary_explicit_prime_curves: + case arbitrary_explicit_char2_curves: + return false; + default: + return true; + } + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/tls/NewSessionTicket.cs b/BouncyCastle/crypto/src/crypto/tls/NewSessionTicket.cs new file mode 100644 index 0000000..a84026b --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/tls/NewSessionTicket.cs @@ -0,0 +1,53 @@ +using System; +using System.IO; + +namespace Org.BouncyCastle.Crypto.Tls +{ + public class NewSessionTicket + { + protected readonly long mTicketLifetimeHint; + protected readonly byte[] mTicket; + + public NewSessionTicket(long ticketLifetimeHint, byte[] ticket) + { + this.mTicketLifetimeHint = ticketLifetimeHint; + this.mTicket = ticket; + } + + public virtual long TicketLifetimeHint + { + get { return mTicketLifetimeHint; } + } + + public virtual byte[] Ticket + { + get { return mTicket; } + } + + /** + * Encode this {@link NewSessionTicket} to a {@link Stream}. + * + * @param output the {@link Stream} to encode to. + * @throws IOException + */ + public virtual void Encode(Stream output) + { + TlsUtilities.WriteUint32(mTicketLifetimeHint, output); + TlsUtilities.WriteOpaque16(mTicket, output); + } + + /** + * Parse a {@link NewSessionTicket} from a {@link Stream}. + * + * @param input the {@link Stream} to parse from. + * @return a {@link NewSessionTicket} object. + * @throws IOException + */ + public static NewSessionTicket Parse(Stream input) + { + long ticketLifetimeHint = TlsUtilities.ReadUint32(input); + byte[] ticket = TlsUtilities.ReadOpaque16(input); + return new NewSessionTicket(ticketLifetimeHint, ticket); + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/tls/OcspStatusRequest.cs b/BouncyCastle/crypto/src/crypto/tls/OcspStatusRequest.cs new file mode 100644 index 0000000..d9203a3 --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/tls/OcspStatusRequest.cs @@ -0,0 +1,131 @@ +using System; +using System.Collections; +using System.IO; + +using Org.BouncyCastle.Asn1; +using Org.BouncyCastle.Asn1.Ocsp; +using Org.BouncyCastle.Asn1.X509; +using Org.BouncyCastle.Utilities; +using Org.BouncyCastle.Utilities.IO; + +namespace Org.BouncyCastle.Crypto.Tls +{ + /** + * RFC 3546 3.6 + */ + public class OcspStatusRequest + { + protected readonly IList mResponderIDList; + protected readonly X509Extensions mRequestExtensions; + + /** + * @param responderIDList + * an {@link IList} of {@link ResponderID}, specifying the list of trusted OCSP + * responders. An empty list has the special meaning that the responders are + * implicitly known to the server - e.g., by prior arrangement. + * @param requestExtensions + * OCSP request extensions. A null value means that there are no extensions. + */ + public OcspStatusRequest(IList responderIDList, X509Extensions requestExtensions) + { + this.mResponderIDList = responderIDList; + this.mRequestExtensions = requestExtensions; + } + + /** + * @return an {@link IList} of {@link ResponderID} + */ + public virtual IList ResponderIDList + { + get { return mResponderIDList; } + } + + /** + * @return OCSP request extensions + */ + public virtual X509Extensions RequestExtensions + { + get { return mRequestExtensions; } + } + + /** + * Encode this {@link OcspStatusRequest} to a {@link Stream}. + * + * @param output + * the {@link Stream} to encode to. + * @throws IOException + */ + public virtual void Encode(Stream output) + { + if (mResponderIDList == null || mResponderIDList.Count < 1) + { + TlsUtilities.WriteUint16(0, output); + } + else + { + MemoryStream buf = new MemoryStream(); + for (int i = 0; i < mResponderIDList.Count; ++i) + { + ResponderID responderID = (ResponderID)mResponderIDList[i]; + byte[] derEncoding = responderID.GetEncoded(Asn1Encodable.Der); + TlsUtilities.WriteOpaque16(derEncoding, buf); + } + TlsUtilities.CheckUint16(buf.Length); + TlsUtilities.WriteUint16((int)buf.Length, output); + Streams.WriteBufTo(buf, output); + } + + if (mRequestExtensions == null) + { + TlsUtilities.WriteUint16(0, output); + } + else + { + byte[] derEncoding = mRequestExtensions.GetEncoded(Asn1Encodable.Der); + TlsUtilities.CheckUint16(derEncoding.Length); + TlsUtilities.WriteUint16(derEncoding.Length, output); + output.Write(derEncoding, 0, derEncoding.Length); + } + } + + /** + * Parse a {@link OcspStatusRequest} from a {@link Stream}. + * + * @param input + * the {@link Stream} to parse from. + * @return an {@link OcspStatusRequest} object. + * @throws IOException + */ + public static OcspStatusRequest Parse(Stream input) + { + IList responderIDList = Platform.CreateArrayList(); + { + int length = TlsUtilities.ReadUint16(input); + if (length > 0) + { + byte[] data = TlsUtilities.ReadFully(length, input); + MemoryStream buf = new MemoryStream(data, false); + do + { + byte[] derEncoding = TlsUtilities.ReadOpaque16(buf); + ResponderID responderID = ResponderID.GetInstance(TlsUtilities.ReadDerObject(derEncoding)); + responderIDList.Add(responderID); + } + while (buf.Position < buf.Length); + } + } + + X509Extensions requestExtensions = null; + { + int length = TlsUtilities.ReadUint16(input); + if (length > 0) + { + byte[] derEncoding = TlsUtilities.ReadFully(length, input); + requestExtensions = X509Extensions.GetInstance(TlsUtilities.ReadDerObject(derEncoding)); + } + } + + return new OcspStatusRequest(responderIDList, requestExtensions); + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/tls/PrfAlgorithm.cs b/BouncyCastle/crypto/src/crypto/tls/PrfAlgorithm.cs new file mode 100644 index 0000000..871241b --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/tls/PrfAlgorithm.cs @@ -0,0 +1,24 @@ +using System; + +namespace Org.BouncyCastle.Crypto.Tls +{ + /// RFC 5246 + /// + /// Note that the values here are implementation-specific and arbitrary. It is recommended not to + /// depend on the particular values (e.g. serialization). + /// + public abstract class PrfAlgorithm + { + /* + * Placeholder to refer to the legacy TLS algorithm + */ + public const int tls_prf_legacy = 0; + + public const int tls_prf_sha256 = 1; + + /* + * Implied by RFC 5288 + */ + public const int tls_prf_sha384 = 2; + } +} diff --git a/BouncyCastle/crypto/src/crypto/tls/ProtocolVersion.cs b/BouncyCastle/crypto/src/crypto/tls/ProtocolVersion.cs new file mode 100644 index 0000000..b0d5518 --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/tls/ProtocolVersion.cs @@ -0,0 +1,159 @@ +using System; +using System.IO; + +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Crypto.Tls +{ + public sealed class ProtocolVersion + { + public static readonly ProtocolVersion SSLv3 = new ProtocolVersion(0x0300, "SSL 3.0"); + public static readonly ProtocolVersion TLSv10 = new ProtocolVersion(0x0301, "TLS 1.0"); + public static readonly ProtocolVersion TLSv11 = new ProtocolVersion(0x0302, "TLS 1.1"); + public static readonly ProtocolVersion TLSv12 = new ProtocolVersion(0x0303, "TLS 1.2"); + public static readonly ProtocolVersion DTLSv10 = new ProtocolVersion(0xFEFF, "DTLS 1.0"); + public static readonly ProtocolVersion DTLSv12 = new ProtocolVersion(0xFEFD, "DTLS 1.2"); + + private readonly int version; + private readonly String name; + + private ProtocolVersion(int v, String name) + { + this.version = v & 0xffff; + this.name = name; + } + + public int FullVersion + { + get { return version; } + } + + public int MajorVersion + { + get { return version >> 8; } + } + + public int MinorVersion + { + get { return version & 0xff; } + } + + public bool IsDtls + { + get { return MajorVersion == 0xFE; } + } + + public bool IsSsl + { + get { return this == SSLv3; } + } + + public bool IsTls + { + get { return MajorVersion == 0x03; } + } + + public ProtocolVersion GetEquivalentTLSVersion() + { + if (!IsDtls) + { + return this; + } + if (this == DTLSv10) + { + return TLSv11; + } + return TLSv12; + } + + public bool IsEqualOrEarlierVersionOf(ProtocolVersion version) + { + if (MajorVersion != version.MajorVersion) + { + return false; + } + int diffMinorVersion = version.MinorVersion - MinorVersion; + return IsDtls ? diffMinorVersion <= 0 : diffMinorVersion >= 0; + } + + public bool IsLaterVersionOf(ProtocolVersion version) + { + if (MajorVersion != version.MajorVersion) + { + return false; + } + int diffMinorVersion = version.MinorVersion - MinorVersion; + return IsDtls ? diffMinorVersion > 0 : diffMinorVersion < 0; + } + + public override bool Equals(object other) + { + return this == other || (other is ProtocolVersion && Equals((ProtocolVersion)other)); + } + + public bool Equals(ProtocolVersion other) + { + return other != null && this.version == other.version; + } + + public override int GetHashCode() + { + return version; + } + + /// + public static ProtocolVersion Get(int major, int minor) + { + switch (major) + { + case 0x03: + { + switch (minor) + { + case 0x00: + return SSLv3; + case 0x01: + return TLSv10; + case 0x02: + return TLSv11; + case 0x03: + return TLSv12; + } + return GetUnknownVersion(major, minor, "TLS"); + } + case 0xFE: + { + switch (minor) + { + case 0xFF: + return DTLSv10; + case 0xFE: + throw new TlsFatalAlert(AlertDescription.illegal_parameter); + case 0xFD: + return DTLSv12; + } + return GetUnknownVersion(major, minor, "DTLS"); + } + default: + { + throw new TlsFatalAlert(AlertDescription.illegal_parameter); + } + } + } + + public override string ToString() + { + return name; + } + + private static ProtocolVersion GetUnknownVersion(int major, int minor, string prefix) + { + TlsUtilities.CheckUint8(major); + TlsUtilities.CheckUint8(minor); + + int v = (major << 8) | minor; + String hex = Platform.ToUpperInvariant(Convert.ToString(0x10000 | v, 16).Substring(1)); + return new ProtocolVersion(v, prefix + " 0x" + hex); + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/tls/PskTlsClient.cs b/BouncyCastle/crypto/src/crypto/tls/PskTlsClient.cs new file mode 100644 index 0000000..d5fa435 --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/tls/PskTlsClient.cs @@ -0,0 +1,75 @@ +using System; +using System.Collections; + +namespace Org.BouncyCastle.Crypto.Tls +{ + public class PskTlsClient + : AbstractTlsClient + { + protected TlsDHVerifier mDHVerifier; + protected TlsPskIdentity mPskIdentity; + + public PskTlsClient(TlsPskIdentity pskIdentity) + : this(new DefaultTlsCipherFactory(), pskIdentity) + { + } + + public PskTlsClient(TlsCipherFactory cipherFactory, TlsPskIdentity pskIdentity) + : this(cipherFactory, new DefaultTlsDHVerifier(), pskIdentity) + { + } + + public PskTlsClient(TlsCipherFactory cipherFactory, TlsDHVerifier dhVerifier, TlsPskIdentity pskIdentity) + : base(cipherFactory) + { + this.mDHVerifier = dhVerifier; + this.mPskIdentity = pskIdentity; + } + + public override int[] GetCipherSuites() + { + return new int[] + { + CipherSuite.TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256, + CipherSuite.TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA, + }; + } + + public override TlsKeyExchange GetKeyExchange() + { + int keyExchangeAlgorithm = TlsUtilities.GetKeyExchangeAlgorithm(mSelectedCipherSuite); + + switch (keyExchangeAlgorithm) + { + case KeyExchangeAlgorithm.DHE_PSK: + case KeyExchangeAlgorithm.ECDHE_PSK: + case KeyExchangeAlgorithm.PSK: + case KeyExchangeAlgorithm.RSA_PSK: + return CreatePskKeyExchange(keyExchangeAlgorithm); + + default: + /* + * Note: internal error here; the TlsProtocol implementation verifies that the + * server-selected cipher suite was in the list of client-offered cipher suites, so if + * we now can't produce an implementation, we shouldn't have offered it! + */ + throw new TlsFatalAlert(AlertDescription.internal_error); + } + } + + public override TlsAuthentication GetAuthentication() + { + /* + * Note: This method is not called unless a server certificate is sent, which may be the + * case e.g. for RSA_PSK key exchange. + */ + throw new TlsFatalAlert(AlertDescription.internal_error); + } + + protected virtual TlsKeyExchange CreatePskKeyExchange(int keyExchange) + { + return new TlsPskKeyExchange(keyExchange, mSupportedSignatureAlgorithms, mPskIdentity, null, mDHVerifier, null, + mNamedCurves, mClientECPointFormats, mServerECPointFormats); + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/tls/PskTlsServer.cs b/BouncyCastle/crypto/src/crypto/tls/PskTlsServer.cs new file mode 100644 index 0000000..a377842 --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/tls/PskTlsServer.cs @@ -0,0 +1,93 @@ +using System; + +using Org.BouncyCastle.Crypto.Agreement; +using Org.BouncyCastle.Crypto.Parameters; + +namespace Org.BouncyCastle.Crypto.Tls +{ + public class PskTlsServer + : AbstractTlsServer + { + protected TlsPskIdentityManager mPskIdentityManager; + + public PskTlsServer(TlsPskIdentityManager pskIdentityManager) + : this(new DefaultTlsCipherFactory(), pskIdentityManager) + { + } + + public PskTlsServer(TlsCipherFactory cipherFactory, TlsPskIdentityManager pskIdentityManager) + : base(cipherFactory) + { + this.mPskIdentityManager = pskIdentityManager; + } + + protected virtual TlsEncryptionCredentials GetRsaEncryptionCredentials() + { + throw new TlsFatalAlert(AlertDescription.internal_error); + } + + protected virtual DHParameters GetDHParameters() + { + return DHStandardGroups.rfc7919_ffdhe2048; + } + + protected override int[] GetCipherSuites() + { + return new int[] + { + CipherSuite.TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256, + CipherSuite.TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA, + CipherSuite.TLS_DHE_PSK_WITH_AES_128_CBC_SHA256, + CipherSuite.TLS_DHE_PSK_WITH_AES_128_CBC_SHA + }; + } + + public override TlsCredentials GetCredentials() + { + int keyExchangeAlgorithm = TlsUtilities.GetKeyExchangeAlgorithm(mSelectedCipherSuite); + + switch (keyExchangeAlgorithm) + { + case KeyExchangeAlgorithm.DHE_PSK: + case KeyExchangeAlgorithm.ECDHE_PSK: + case KeyExchangeAlgorithm.PSK: + return null; + + case KeyExchangeAlgorithm.RSA_PSK: + return GetRsaEncryptionCredentials(); + + default: + /* Note: internal error here; selected a key exchange we don't implement! */ + throw new TlsFatalAlert(AlertDescription.internal_error); + } + } + + public override TlsKeyExchange GetKeyExchange() + { + int keyExchangeAlgorithm = TlsUtilities.GetKeyExchangeAlgorithm(mSelectedCipherSuite); + + switch (keyExchangeAlgorithm) + { + case KeyExchangeAlgorithm.DHE_PSK: + case KeyExchangeAlgorithm.ECDHE_PSK: + case KeyExchangeAlgorithm.PSK: + case KeyExchangeAlgorithm.RSA_PSK: + return CreatePskKeyExchange(keyExchangeAlgorithm); + + default: + /* + * Note: internal error here; the TlsProtocol implementation verifies that the + * server-selected cipher suite was in the list of client-offered cipher suites, so if + * we now can't produce an implementation, we shouldn't have offered it! + */ + throw new TlsFatalAlert(AlertDescription.internal_error); + } + } + + protected virtual TlsKeyExchange CreatePskKeyExchange(int keyExchange) + { + return new TlsPskKeyExchange(keyExchange, mSupportedSignatureAlgorithms, null, mPskIdentityManager, + null, GetDHParameters(), mNamedCurves, mClientECPointFormats, mServerECPointFormats); + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/tls/RecordStream.cs b/BouncyCastle/crypto/src/crypto/tls/RecordStream.cs new file mode 100644 index 0000000..5d556ad --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/tls/RecordStream.cs @@ -0,0 +1,412 @@ +using System; +using System.IO; + +using Org.BouncyCastle.Utilities; +using Org.BouncyCastle.Utilities.IO; + +namespace Org.BouncyCastle.Crypto.Tls +{ + /// An implementation of the TLS 1.0/1.1/1.2 record layer, allowing downgrade to SSLv3. + internal class RecordStream + { + private const int DEFAULT_PLAINTEXT_LIMIT = (1 << 14); + + internal const int TLS_HEADER_SIZE = 5; + internal const int TLS_HEADER_TYPE_OFFSET = 0; + internal const int TLS_HEADER_VERSION_OFFSET = 1; + internal const int TLS_HEADER_LENGTH_OFFSET = 3; + + private TlsProtocol mHandler; + private Stream mInput; + private Stream mOutput; + private TlsCompression mPendingCompression = null, mReadCompression = null, mWriteCompression = null; + private TlsCipher mPendingCipher = null, mReadCipher = null, mWriteCipher = null; + private SequenceNumber mReadSeqNo = new SequenceNumber(), mWriteSeqNo = new SequenceNumber(); + private MemoryStream mBuffer = new MemoryStream(); + + private TlsHandshakeHash mHandshakeHash = null; + private readonly BaseOutputStream mHandshakeHashUpdater; + + private ProtocolVersion mReadVersion = null, mWriteVersion = null; + private bool mRestrictReadVersion = true; + + private int mPlaintextLimit, mCompressedLimit, mCiphertextLimit; + + internal RecordStream(TlsProtocol handler, Stream input, Stream output) + { + this.mHandler = handler; + this.mInput = input; + this.mOutput = output; + this.mReadCompression = new TlsNullCompression(); + this.mWriteCompression = this.mReadCompression; + this.mHandshakeHashUpdater = new HandshakeHashUpdateStream(this); + } + + internal virtual void Init(TlsContext context) + { + this.mReadCipher = new TlsNullCipher(context); + this.mWriteCipher = this.mReadCipher; + this.mHandshakeHash = new DeferredHash(); + this.mHandshakeHash.Init(context); + + SetPlaintextLimit(DEFAULT_PLAINTEXT_LIMIT); + } + + internal virtual int GetPlaintextLimit() + { + return mPlaintextLimit; + } + + internal virtual void SetPlaintextLimit(int plaintextLimit) + { + this.mPlaintextLimit = plaintextLimit; + this.mCompressedLimit = this.mPlaintextLimit + 1024; + this.mCiphertextLimit = this.mCompressedLimit + 1024; + } + + internal virtual ProtocolVersion ReadVersion + { + get { return mReadVersion; } + set { this.mReadVersion = value; } + } + + internal virtual void SetWriteVersion(ProtocolVersion writeVersion) + { + this.mWriteVersion = writeVersion; + } + + /** + * RFC 5246 E.1. "Earlier versions of the TLS specification were not fully clear on what the + * record layer version number (TLSPlaintext.version) should contain when sending ClientHello + * (i.e., before it is known which version of the protocol will be employed). Thus, TLS servers + * compliant with this specification MUST accept any value {03,XX} as the record layer version + * number for ClientHello." + */ + internal virtual void SetRestrictReadVersion(bool enabled) + { + this.mRestrictReadVersion = enabled; + } + + internal virtual void SetPendingConnectionState(TlsCompression tlsCompression, TlsCipher tlsCipher) + { + this.mPendingCompression = tlsCompression; + this.mPendingCipher = tlsCipher; + } + + internal virtual void SentWriteCipherSpec() + { + if (mPendingCompression == null || mPendingCipher == null) + throw new TlsFatalAlert(AlertDescription.handshake_failure); + + this.mWriteCompression = this.mPendingCompression; + this.mWriteCipher = this.mPendingCipher; + this.mWriteSeqNo = new SequenceNumber(); + } + + internal virtual void ReceivedReadCipherSpec() + { + if (mPendingCompression == null || mPendingCipher == null) + throw new TlsFatalAlert(AlertDescription.handshake_failure); + + this.mReadCompression = this.mPendingCompression; + this.mReadCipher = this.mPendingCipher; + this.mReadSeqNo = new SequenceNumber(); + } + + internal virtual void FinaliseHandshake() + { + if (mReadCompression != mPendingCompression || mWriteCompression != mPendingCompression + || mReadCipher != mPendingCipher || mWriteCipher != mPendingCipher) + { + throw new TlsFatalAlert(AlertDescription.handshake_failure); + } + this.mPendingCompression = null; + this.mPendingCipher = null; + } + + internal virtual void CheckRecordHeader(byte[] recordHeader) + { + byte type = TlsUtilities.ReadUint8(recordHeader, TLS_HEADER_TYPE_OFFSET); + + /* + * RFC 5246 6. If a TLS implementation receives an unexpected record type, it MUST send an + * unexpected_message alert. + */ + CheckType(type, AlertDescription.unexpected_message); + + if (!mRestrictReadVersion) + { + int version = TlsUtilities.ReadVersionRaw(recordHeader, TLS_HEADER_VERSION_OFFSET); + if ((version & 0xffffff00) != 0x0300) + throw new TlsFatalAlert(AlertDescription.illegal_parameter); + } + else + { + ProtocolVersion version = TlsUtilities.ReadVersion(recordHeader, TLS_HEADER_VERSION_OFFSET); + if (mReadVersion == null) + { + // Will be set later in 'readRecord' + } + else if (!version.Equals(mReadVersion)) + { + throw new TlsFatalAlert(AlertDescription.illegal_parameter); + } + } + + int length = TlsUtilities.ReadUint16(recordHeader, TLS_HEADER_LENGTH_OFFSET); + + CheckLength(length, mCiphertextLimit, AlertDescription.record_overflow); + } + + internal virtual bool ReadRecord() + { + byte[] recordHeader = TlsUtilities.ReadAllOrNothing(TLS_HEADER_SIZE, mInput); + if (recordHeader == null) + return false; + + byte type = TlsUtilities.ReadUint8(recordHeader, TLS_HEADER_TYPE_OFFSET); + + /* + * RFC 5246 6. If a TLS implementation receives an unexpected record type, it MUST send an + * unexpected_message alert. + */ + CheckType(type, AlertDescription.unexpected_message); + + if (!mRestrictReadVersion) + { + int version = TlsUtilities.ReadVersionRaw(recordHeader, TLS_HEADER_VERSION_OFFSET); + if ((version & 0xffffff00) != 0x0300) + throw new TlsFatalAlert(AlertDescription.illegal_parameter); + } + else + { + ProtocolVersion version = TlsUtilities.ReadVersion(recordHeader, TLS_HEADER_VERSION_OFFSET); + if (mReadVersion == null) + { + mReadVersion = version; + } + else if (!version.Equals(mReadVersion)) + { + throw new TlsFatalAlert(AlertDescription.illegal_parameter); + } + } + + int length = TlsUtilities.ReadUint16(recordHeader, TLS_HEADER_LENGTH_OFFSET); + + CheckLength(length, mCiphertextLimit, AlertDescription.record_overflow); + + byte[] plaintext = DecodeAndVerify(type, mInput, length); + mHandler.ProcessRecord(type, plaintext, 0, plaintext.Length); + return true; + } + + internal virtual byte[] DecodeAndVerify(byte type, Stream input, int len) + { + byte[] buf = TlsUtilities.ReadFully(len, input); + + long seqNo = mReadSeqNo.NextValue(AlertDescription.unexpected_message); + byte[] decoded = mReadCipher.DecodeCiphertext(seqNo, type, buf, 0, buf.Length); + + CheckLength(decoded.Length, mCompressedLimit, AlertDescription.record_overflow); + + /* + * TODO 5246 6.2.2. Implementation note: Decompression functions are responsible for + * ensuring that messages cannot cause internal buffer overflows. + */ + Stream cOut = mReadCompression.Decompress(mBuffer); + if (cOut != mBuffer) + { + cOut.Write(decoded, 0, decoded.Length); + cOut.Flush(); + decoded = GetBufferContents(); + } + + /* + * RFC 5246 6.2.2. If the decompression function encounters a TLSCompressed.fragment that + * would decompress to a length in excess of 2^14 bytes, it should report a fatal + * decompression failure error. + */ + CheckLength(decoded.Length, mPlaintextLimit, AlertDescription.decompression_failure); + + /* + * RFC 5246 6.2.1 Implementations MUST NOT send zero-length fragments of Handshake, Alert, + * or ChangeCipherSpec content types. + */ + if (decoded.Length < 1 && type != ContentType.application_data) + throw new TlsFatalAlert(AlertDescription.illegal_parameter); + + return decoded; + } + + internal virtual void WriteRecord(byte type, byte[] plaintext, int plaintextOffset, int plaintextLength) + { + // Never send anything until a valid ClientHello has been received + if (mWriteVersion == null) + return; + + /* + * RFC 5246 6. Implementations MUST NOT send record types not defined in this document + * unless negotiated by some extension. + */ + CheckType(type, AlertDescription.internal_error); + + /* + * RFC 5246 6.2.1 The length should not exceed 2^14. + */ + CheckLength(plaintextLength, mPlaintextLimit, AlertDescription.internal_error); + + /* + * RFC 5246 6.2.1 Implementations MUST NOT send zero-length fragments of Handshake, Alert, + * or ChangeCipherSpec content types. + */ + if (plaintextLength < 1 && type != ContentType.application_data) + throw new TlsFatalAlert(AlertDescription.internal_error); + + Stream cOut = mWriteCompression.Compress(mBuffer); + + long seqNo = mWriteSeqNo.NextValue(AlertDescription.internal_error); + + byte[] ciphertext; + if (cOut == mBuffer) + { + ciphertext = mWriteCipher.EncodePlaintext(seqNo, type, plaintext, plaintextOffset, plaintextLength); + } + else + { + cOut.Write(plaintext, plaintextOffset, plaintextLength); + cOut.Flush(); + byte[] compressed = GetBufferContents(); + + /* + * RFC 5246 6.2.2. Compression must be lossless and may not increase the content length + * by more than 1024 bytes. + */ + CheckLength(compressed.Length, plaintextLength + 1024, AlertDescription.internal_error); + + ciphertext = mWriteCipher.EncodePlaintext(seqNo, type, compressed, 0, compressed.Length); + } + + /* + * RFC 5246 6.2.3. The length may not exceed 2^14 + 2048. + */ + CheckLength(ciphertext.Length, mCiphertextLimit, AlertDescription.internal_error); + + byte[] record = new byte[ciphertext.Length + TLS_HEADER_SIZE]; + TlsUtilities.WriteUint8(type, record, TLS_HEADER_TYPE_OFFSET); + TlsUtilities.WriteVersion(mWriteVersion, record, TLS_HEADER_VERSION_OFFSET); + TlsUtilities.WriteUint16(ciphertext.Length, record, TLS_HEADER_LENGTH_OFFSET); + Array.Copy(ciphertext, 0, record, TLS_HEADER_SIZE, ciphertext.Length); + mOutput.Write(record, 0, record.Length); + mOutput.Flush(); + } + + internal virtual void NotifyHelloComplete() + { + this.mHandshakeHash = mHandshakeHash.NotifyPrfDetermined(); + } + + internal virtual TlsHandshakeHash HandshakeHash + { + get { return mHandshakeHash; } + } + + internal virtual Stream HandshakeHashUpdater + { + get { return mHandshakeHashUpdater; } + } + + internal virtual TlsHandshakeHash PrepareToFinish() + { + TlsHandshakeHash result = mHandshakeHash; + this.mHandshakeHash = mHandshakeHash.StopTracking(); + return result; + } + + internal virtual void SafeClose() + { + try + { + Platform.Dispose(mInput); + } + catch (IOException) + { + } + + try + { + Platform.Dispose(mOutput); + } + catch (IOException) + { + } + } + + internal virtual void Flush() + { + mOutput.Flush(); + } + + private byte[] GetBufferContents() + { + byte[] contents = mBuffer.ToArray(); + mBuffer.SetLength(0); + return contents; + } + + private static void CheckType(byte type, byte alertDescription) + { + switch (type) + { + case ContentType.application_data: + case ContentType.alert: + case ContentType.change_cipher_spec: + case ContentType.handshake: + //case ContentType.heartbeat: + break; + default: + throw new TlsFatalAlert(alertDescription); + } + } + + private static void CheckLength(int length, int limit, byte alertDescription) + { + if (length > limit) + throw new TlsFatalAlert(alertDescription); + } + + private class HandshakeHashUpdateStream + : BaseOutputStream + { + private readonly RecordStream mOuter; + public HandshakeHashUpdateStream(RecordStream mOuter) + { + this.mOuter = mOuter; + } + + public override void Write(byte[] buf, int off, int len) + { + mOuter.mHandshakeHash.BlockUpdate(buf, off, len); + } + } + + private class SequenceNumber + { + private long value = 0L; + private bool exhausted = false; + + internal long NextValue(byte alertDescription) + { + if (exhausted) + { + throw new TlsFatalAlert(alertDescription); + } + long result = value; + if (++value == 0) + { + exhausted = true; + } + return result; + } + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/tls/SecurityParameters.cs b/BouncyCastle/crypto/src/crypto/tls/SecurityParameters.cs new file mode 100644 index 0000000..f3ec701 --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/tls/SecurityParameters.cs @@ -0,0 +1,108 @@ +using System; + +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Crypto.Tls +{ + public class SecurityParameters + { + internal int entity = -1; + internal int cipherSuite = -1; + internal byte compressionAlgorithm = CompressionMethod.cls_null; + internal int prfAlgorithm = -1; + internal int verifyDataLength = -1; + internal byte[] masterSecret = null; + internal byte[] clientRandom = null; + internal byte[] serverRandom = null; + internal byte[] sessionHash = null; + internal byte[] pskIdentity = null; + internal byte[] srpIdentity = null; + + // TODO Keep these internal, since it's maybe not the ideal place for them + internal short maxFragmentLength = -1; + internal bool truncatedHMac = false; + internal bool encryptThenMac = false; + internal bool extendedMasterSecret = false; + + internal virtual void Clear() + { + if (this.masterSecret != null) + { + Arrays.Fill(this.masterSecret, (byte)0); + this.masterSecret = null; + } + } + + /** + * @return {@link ConnectionEnd} + */ + public virtual int Entity + { + get { return entity; } + } + + /** + * @return {@link CipherSuite} + */ + public virtual int CipherSuite + { + get { return cipherSuite; } + } + + /** + * @return {@link CompressionMethod} + */ + public virtual byte CompressionAlgorithm + { + get { return compressionAlgorithm; } + } + + /** + * @return {@link PRFAlgorithm} + */ + public virtual int PrfAlgorithm + { + get { return prfAlgorithm; } + } + + public virtual int VerifyDataLength + { + get { return verifyDataLength; } + } + + public virtual byte[] MasterSecret + { + get { return masterSecret; } + } + + public virtual byte[] ClientRandom + { + get { return clientRandom; } + } + + public virtual byte[] ServerRandom + { + get { return serverRandom; } + } + + public virtual byte[] SessionHash + { + get { return sessionHash; } + } + + public virtual byte[] PskIdentity + { + get { return pskIdentity; } + } + + public virtual byte[] SrpIdentity + { + get { return srpIdentity; } + } + + public virtual bool IsExtendedMasterSecret + { + get { return extendedMasterSecret; } + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/tls/ServerName.cs b/BouncyCastle/crypto/src/crypto/tls/ServerName.cs new file mode 100644 index 0000000..45d18b7 --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/tls/ServerName.cs @@ -0,0 +1,105 @@ +using System; +using System.IO; + +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Crypto.Tls +{ + public class ServerName + { + protected readonly byte mNameType; + protected readonly object mName; + + public ServerName(byte nameType, object name) + { + if (!IsCorrectType(nameType, name)) + throw new ArgumentException("not an instance of the correct type", "name"); + + this.mNameType = nameType; + this.mName = name; + } + + public virtual byte NameType + { + get { return mNameType; } + } + + public virtual object Name + { + get { return mName; } + } + + public virtual string GetHostName() + { + if (!IsCorrectType(Tls.NameType.host_name, mName)) + throw new InvalidOperationException("'name' is not a HostName string"); + + return (string)mName; + } + + /** + * Encode this {@link ServerName} to a {@link Stream}. + * + * @param output + * the {@link Stream} to encode to. + * @throws IOException + */ + public virtual void Encode(Stream output) + { + TlsUtilities.WriteUint8(mNameType, output); + + switch (mNameType) + { + case Tls.NameType.host_name: + byte[] asciiEncoding = Strings.ToAsciiByteArray((string)mName); + if (asciiEncoding.Length < 1) + throw new TlsFatalAlert(AlertDescription.internal_error); + TlsUtilities.WriteOpaque16(asciiEncoding, output); + break; + default: + throw new TlsFatalAlert(AlertDescription.internal_error); + } + } + + /** + * Parse a {@link ServerName} from a {@link Stream}. + * + * @param input + * the {@link Stream} to parse from. + * @return a {@link ServerName} object. + * @throws IOException + */ + public static ServerName Parse(Stream input) + { + byte name_type = TlsUtilities.ReadUint8(input); + object name; + + switch (name_type) + { + case Tls.NameType.host_name: + { + byte[] asciiEncoding = TlsUtilities.ReadOpaque16(input); + if (asciiEncoding.Length < 1) + throw new TlsFatalAlert(AlertDescription.decode_error); + name = Strings.FromAsciiByteArray(asciiEncoding); + break; + } + default: + throw new TlsFatalAlert(AlertDescription.decode_error); + } + + return new ServerName(name_type, name); + } + + protected static bool IsCorrectType(byte nameType, object name) + { + switch (nameType) + { + case Tls.NameType.host_name: + return name is string; + default: + throw new ArgumentException("unsupported NameType", "nameType"); + } + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/tls/ServerNameList.cs b/BouncyCastle/crypto/src/crypto/tls/ServerNameList.cs new file mode 100644 index 0000000..ed4e593 --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/tls/ServerNameList.cs @@ -0,0 +1,105 @@ +using System; +using System.Collections; +using System.IO; + +using Org.BouncyCastle.Utilities; +using Org.BouncyCastle.Utilities.IO; + +namespace Org.BouncyCastle.Crypto.Tls +{ + public class ServerNameList + { + protected readonly IList mServerNameList; + + /** + * @param serverNameList an {@link IList} of {@link ServerName}. + */ + public ServerNameList(IList serverNameList) + { + if (serverNameList == null) + throw new ArgumentNullException("serverNameList"); + + this.mServerNameList = serverNameList; + } + + /** + * @return an {@link IList} of {@link ServerName}. + */ + public virtual IList ServerNames + { + get { return mServerNameList; } + } + + /** + * Encode this {@link ServerNameList} to a {@link Stream}. + * + * @param output + * the {@link Stream} to encode to. + * @throws IOException + */ + public virtual void Encode(Stream output) + { + MemoryStream buf = new MemoryStream(); + + byte[] nameTypesSeen = TlsUtilities.EmptyBytes; + foreach (ServerName entry in ServerNames) + { + nameTypesSeen = CheckNameType(nameTypesSeen, entry.NameType); + if (nameTypesSeen == null) + throw new TlsFatalAlert(AlertDescription.internal_error); + + entry.Encode(buf); + } + + TlsUtilities.CheckUint16(buf.Length); + TlsUtilities.WriteUint16((int)buf.Length, output); + Streams.WriteBufTo(buf, output); + } + + /** + * Parse a {@link ServerNameList} from a {@link Stream}. + * + * @param input + * the {@link Stream} to parse from. + * @return a {@link ServerNameList} object. + * @throws IOException + */ + public static ServerNameList Parse(Stream input) + { + int length = TlsUtilities.ReadUint16(input); + if (length < 1) + throw new TlsFatalAlert(AlertDescription.decode_error); + + byte[] data = TlsUtilities.ReadFully(length, input); + + MemoryStream buf = new MemoryStream(data, false); + + byte[] nameTypesSeen = TlsUtilities.EmptyBytes; + IList server_name_list = Platform.CreateArrayList(); + while (buf.Position < buf.Length) + { + ServerName entry = ServerName.Parse(buf); + + nameTypesSeen = CheckNameType(nameTypesSeen, entry.NameType); + if (nameTypesSeen == null) + throw new TlsFatalAlert(AlertDescription.illegal_parameter); + + server_name_list.Add(entry); + } + + return new ServerNameList(server_name_list); + } + + private static byte[] CheckNameType(byte[] nameTypesSeen, byte nameType) + { + /* + * RFC 6066 3. The ServerNameList MUST NOT contain more than one name of the same + * name_type. + */ + if (!NameType.IsValid(nameType) || Arrays.Contains(nameTypesSeen, nameType)) + return null; + + return Arrays.Append(nameTypesSeen, nameType); + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/tls/ServerOnlyTlsAuthentication.cs b/BouncyCastle/crypto/src/crypto/tls/ServerOnlyTlsAuthentication.cs new file mode 100644 index 0000000..4858897 --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/tls/ServerOnlyTlsAuthentication.cs @@ -0,0 +1,15 @@ +using System; + +namespace Org.BouncyCastle.Crypto.Tls +{ + public abstract class ServerOnlyTlsAuthentication + : TlsAuthentication + { + public abstract void NotifyServerCertificate(Certificate serverCertificate); + + public TlsCredentials GetClientCredentials(CertificateRequest certificateRequest) + { + return null; + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/tls/ServerSrpParams.cs b/BouncyCastle/crypto/src/crypto/tls/ServerSrpParams.cs new file mode 100644 index 0000000..556ac53 --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/tls/ServerSrpParams.cs @@ -0,0 +1,75 @@ +using System; +using System.IO; + +using Org.BouncyCastle.Math; +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Crypto.Tls +{ + public class ServerSrpParams + { + protected BigInteger m_N, m_g, m_B; + protected byte[] m_s; + + public ServerSrpParams(BigInteger N, BigInteger g, byte[] s, BigInteger B) + { + this.m_N = N; + this.m_g = g; + this.m_s = Arrays.Clone(s); + this.m_B = B; + } + + public virtual BigInteger B + { + get { return m_B; } + } + + public virtual BigInteger G + { + get { return m_g; } + } + + public virtual BigInteger N + { + get { return m_N; } + } + + public virtual byte[] S + { + get { return m_s; } + } + + /** + * Encode this {@link ServerSRPParams} to an {@link OutputStream}. + * + * @param output + * the {@link OutputStream} to encode to. + * @throws IOException + */ + public virtual void Encode(Stream output) + { + TlsSrpUtilities.WriteSrpParameter(m_N, output); + TlsSrpUtilities.WriteSrpParameter(m_g, output); + TlsUtilities.WriteOpaque8(m_s, output); + TlsSrpUtilities.WriteSrpParameter(m_B, output); + } + + /** + * Parse a {@link ServerSRPParams} from an {@link InputStream}. + * + * @param input + * the {@link InputStream} to parse from. + * @return a {@link ServerSRPParams} object. + * @throws IOException + */ + public static ServerSrpParams Parse(Stream input) + { + BigInteger N = TlsSrpUtilities.ReadSrpParameter(input); + BigInteger g = TlsSrpUtilities.ReadSrpParameter(input); + byte[] s = TlsUtilities.ReadOpaque8(input); + BigInteger B = TlsSrpUtilities.ReadSrpParameter(input); + + return new ServerSrpParams(N, g, s, B); + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/tls/SessionParameters.cs b/BouncyCastle/crypto/src/crypto/tls/SessionParameters.cs new file mode 100644 index 0000000..e827172 --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/tls/SessionParameters.cs @@ -0,0 +1,180 @@ +using System; +using System.Collections; +using System.IO; + +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Crypto.Tls +{ + public sealed class SessionParameters + { + public sealed class Builder + { + private int mCipherSuite = -1; + private short mCompressionAlgorithm = -1; + private byte[] mMasterSecret = null; + private Certificate mPeerCertificate = null; + private byte[] mPskIdentity = null; + private byte[] mSrpIdentity = null; + private byte[] mEncodedServerExtensions = null; + private bool mExtendedMasterSecret = false; + + public Builder() + { + } + + public SessionParameters Build() + { + Validate(this.mCipherSuite >= 0, "cipherSuite"); + Validate(this.mCompressionAlgorithm >= 0, "compressionAlgorithm"); + Validate(this.mMasterSecret != null, "masterSecret"); + return new SessionParameters(mCipherSuite, (byte)mCompressionAlgorithm, mMasterSecret, mPeerCertificate, + mPskIdentity, mSrpIdentity, mEncodedServerExtensions, mExtendedMasterSecret); + } + + public Builder SetCipherSuite(int cipherSuite) + { + this.mCipherSuite = cipherSuite; + return this; + } + + public Builder SetCompressionAlgorithm(byte compressionAlgorithm) + { + this.mCompressionAlgorithm = compressionAlgorithm; + return this; + } + + public Builder SetExtendedMasterSecret(bool extendedMasterSecret) + { + this.mExtendedMasterSecret = extendedMasterSecret; + return this; + } + + public Builder SetMasterSecret(byte[] masterSecret) + { + this.mMasterSecret = masterSecret; + return this; + } + + public Builder SetPeerCertificate(Certificate peerCertificate) + { + this.mPeerCertificate = peerCertificate; + return this; + } + + public Builder SetPskIdentity(byte[] pskIdentity) + { + this.mPskIdentity = pskIdentity; + return this; + } + + public Builder SetSrpIdentity(byte[] srpIdentity) + { + this.mSrpIdentity = srpIdentity; + return this; + } + + public Builder SetServerExtensions(IDictionary serverExtensions) + { + if (serverExtensions == null) + { + mEncodedServerExtensions = null; + } + else + { + MemoryStream buf = new MemoryStream(); + TlsProtocol.WriteExtensions(buf, serverExtensions); + mEncodedServerExtensions = buf.ToArray(); + } + return this; + } + + private void Validate(bool condition, string parameter) + { + if (!condition) + throw new InvalidOperationException("Required session parameter '" + parameter + "' not configured"); + } + } + + private int mCipherSuite; + private byte mCompressionAlgorithm; + private byte[] mMasterSecret; + private Certificate mPeerCertificate; + private byte[] mPskIdentity; + private byte[] mSrpIdentity; + private byte[] mEncodedServerExtensions; + private bool mExtendedMasterSecret; + + private SessionParameters(int cipherSuite, byte compressionAlgorithm, byte[] masterSecret, + Certificate peerCertificate, byte[] pskIdentity, byte[] srpIdentity, byte[] encodedServerExtensions, + bool extendedMasterSecret) + { + this.mCipherSuite = cipherSuite; + this.mCompressionAlgorithm = compressionAlgorithm; + this.mMasterSecret = Arrays.Clone(masterSecret); + this.mPeerCertificate = peerCertificate; + this.mPskIdentity = Arrays.Clone(pskIdentity); + this.mSrpIdentity = Arrays.Clone(srpIdentity); + this.mEncodedServerExtensions = encodedServerExtensions; + this.mExtendedMasterSecret = extendedMasterSecret; + } + + public void Clear() + { + if (this.mMasterSecret != null) + { + Arrays.Fill(this.mMasterSecret, (byte)0); + } + } + + public SessionParameters Copy() + { + return new SessionParameters(mCipherSuite, mCompressionAlgorithm, mMasterSecret, mPeerCertificate, + mPskIdentity, mSrpIdentity, mEncodedServerExtensions, mExtendedMasterSecret); + } + + public int CipherSuite + { + get { return mCipherSuite; } + } + + public byte CompressionAlgorithm + { + get { return mCompressionAlgorithm; } + } + + public bool IsExtendedMasterSecret + { + get { return mExtendedMasterSecret; } + } + + public byte[] MasterSecret + { + get { return mMasterSecret; } + } + + public Certificate PeerCertificate + { + get { return mPeerCertificate; } + } + + public byte[] PskIdentity + { + get { return mPskIdentity; } + } + + public byte[] SrpIdentity + { + get { return mSrpIdentity; } + } + + public IDictionary ReadServerExtensions() + { + if (mEncodedServerExtensions == null) + return null; + + MemoryStream buf = new MemoryStream(mEncodedServerExtensions, false); + return TlsProtocol.ReadExtensions(buf); + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/tls/SignatureAlgorithm.cs b/BouncyCastle/crypto/src/crypto/tls/SignatureAlgorithm.cs new file mode 100644 index 0000000..35b9617 --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/tls/SignatureAlgorithm.cs @@ -0,0 +1,15 @@ +using System; + +namespace Org.BouncyCastle.Crypto.Tls +{ + /** + * RFC 5246 7.4.1.4.1 (in RFC 2246, there were no specific values assigned) + */ + public abstract class SignatureAlgorithm + { + public const byte anonymous = 0; + public const byte rsa = 1; + public const byte dsa = 2; + public const byte ecdsa = 3; + } +} diff --git a/BouncyCastle/crypto/src/crypto/tls/SignatureAndHashAlgorithm.cs b/BouncyCastle/crypto/src/crypto/tls/SignatureAndHashAlgorithm.cs new file mode 100644 index 0000000..f74205b --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/tls/SignatureAndHashAlgorithm.cs @@ -0,0 +1,94 @@ +using System; +using System.IO; + +namespace Org.BouncyCastle.Crypto.Tls +{ + /** + * RFC 5246 7.4.1.4.1 + */ + public class SignatureAndHashAlgorithm + { + protected readonly byte mHash; + protected readonly byte mSignature; + + /** + * @param hash {@link HashAlgorithm} + * @param signature {@link SignatureAlgorithm} + */ + public SignatureAndHashAlgorithm(byte hash, byte signature) + { + if (!TlsUtilities.IsValidUint8(hash)) + { + throw new ArgumentException("should be a uint8", "hash"); + } + if (!TlsUtilities.IsValidUint8(signature)) + { + throw new ArgumentException("should be a uint8", "signature"); + } + if (signature == SignatureAlgorithm.anonymous) + { + throw new ArgumentException("MUST NOT be \"anonymous\"", "signature"); + } + + this.mHash = hash; + this.mSignature = signature; + } + + /** + * @return {@link HashAlgorithm} + */ + public virtual byte Hash + { + get { return mHash; } + } + + /** + * @return {@link SignatureAlgorithm} + */ + public virtual byte Signature + { + get { return mSignature; } + } + + public override bool Equals(object obj) + { + if (!(obj is SignatureAndHashAlgorithm)) + { + return false; + } + SignatureAndHashAlgorithm other = (SignatureAndHashAlgorithm)obj; + return other.Hash == Hash && other.Signature == Signature; + } + + public override int GetHashCode() + { + return ((int)Hash << 16) | (int)Signature; + } + + /** + * Encode this {@link SignatureAndHashAlgorithm} to a {@link Stream}. + * + * @param output the {@link Stream} to encode to. + * @throws IOException + */ + public virtual void Encode(Stream output) + { + TlsUtilities.WriteUint8(Hash, output); + TlsUtilities.WriteUint8(Signature, output); + } + + /** + * Parse a {@link SignatureAndHashAlgorithm} from a {@link Stream}. + * + * @param input the {@link Stream} to parse from. + * @return a {@link SignatureAndHashAlgorithm} object. + * @throws IOException + */ + public static SignatureAndHashAlgorithm Parse(Stream input) + { + byte hash = TlsUtilities.ReadUint8(input); + byte signature = TlsUtilities.ReadUint8(input); + return new SignatureAndHashAlgorithm(hash, signature); + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/tls/SignerInputBuffer.cs b/BouncyCastle/crypto/src/crypto/tls/SignerInputBuffer.cs new file mode 100644 index 0000000..7bc6962 --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/tls/SignerInputBuffer.cs @@ -0,0 +1,37 @@ +using System; +using System.IO; + +using Org.BouncyCastle.Utilities.IO; + +namespace Org.BouncyCastle.Crypto.Tls +{ + internal class SignerInputBuffer + : MemoryStream + { + internal void UpdateSigner(ISigner s) + { + Streams.WriteBufTo(this, new SigStream(s)); + } + + private class SigStream + : BaseOutputStream + { + private readonly ISigner s; + + internal SigStream(ISigner s) + { + this.s = s; + } + + public override void WriteByte(byte b) + { + s.Update(b); + } + + public override void Write(byte[] buf, int off, int len) + { + s.BlockUpdate(buf, off, len); + } + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/tls/SimulatedTlsSrpIdentityManager.cs b/BouncyCastle/crypto/src/crypto/tls/SimulatedTlsSrpIdentityManager.cs new file mode 100644 index 0000000..3e9737c --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/tls/SimulatedTlsSrpIdentityManager.cs @@ -0,0 +1,69 @@ +using System; + +using Org.BouncyCastle.Crypto.Agreement.Srp; +using Org.BouncyCastle.Crypto.Macs; +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Math; +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Crypto.Tls +{ + /** + * An implementation of {@link TlsSRPIdentityManager} that simulates the existence of "unknown" identities + * to obscure the fact that there is no verifier for them. + */ + public class SimulatedTlsSrpIdentityManager + : TlsSrpIdentityManager + { + private static readonly byte[] PREFIX_PASSWORD = Strings.ToByteArray("password"); + private static readonly byte[] PREFIX_SALT = Strings.ToByteArray("salt"); + + /** + * Create a {@link SimulatedTlsSRPIdentityManager} that implements the algorithm from RFC 5054 2.5.1.3 + * + * @param group the {@link SRP6GroupParameters} defining the group that SRP is operating in + * @param seedKey the secret "seed key" referred to in RFC 5054 2.5.1.3 + * @return an instance of {@link SimulatedTlsSRPIdentityManager} + */ + public static SimulatedTlsSrpIdentityManager GetRfc5054Default(Srp6GroupParameters group, byte[] seedKey) + { + Srp6VerifierGenerator verifierGenerator = new Srp6VerifierGenerator(); + verifierGenerator.Init(group, TlsUtilities.CreateHash(HashAlgorithm.sha1)); + + HMac mac = new HMac(TlsUtilities.CreateHash(HashAlgorithm.sha1)); + mac.Init(new KeyParameter(seedKey)); + + return new SimulatedTlsSrpIdentityManager(group, verifierGenerator, mac); + } + + protected readonly Srp6GroupParameters mGroup; + protected readonly Srp6VerifierGenerator mVerifierGenerator; + protected readonly IMac mMac; + + public SimulatedTlsSrpIdentityManager(Srp6GroupParameters group, Srp6VerifierGenerator verifierGenerator, IMac mac) + { + this.mGroup = group; + this.mVerifierGenerator = verifierGenerator; + this.mMac = mac; + } + + public virtual TlsSrpLoginParameters GetLoginParameters(byte[] identity) + { + mMac.BlockUpdate(PREFIX_SALT, 0, PREFIX_SALT.Length); + mMac.BlockUpdate(identity, 0, identity.Length); + + byte[] salt = new byte[mMac.GetMacSize()]; + mMac.DoFinal(salt, 0); + + mMac.BlockUpdate(PREFIX_PASSWORD, 0, PREFIX_PASSWORD.Length); + mMac.BlockUpdate(identity, 0, identity.Length); + + byte[] password = new byte[mMac.GetMacSize()]; + mMac.DoFinal(password, 0); + + BigInteger verifier = mVerifierGenerator.GenerateVerifier(salt, identity, password); + + return new TlsSrpLoginParameters(mGroup, verifier, salt); + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/tls/SrpTlsClient.cs b/BouncyCastle/crypto/src/crypto/tls/SrpTlsClient.cs new file mode 100644 index 0000000..df16077 --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/tls/SrpTlsClient.cs @@ -0,0 +1,104 @@ +using System; +using System.Collections; +using System.IO; + +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Crypto.Tls +{ + public class SrpTlsClient + : AbstractTlsClient + { + protected TlsSrpGroupVerifier mGroupVerifier; + + protected byte[] mIdentity; + protected byte[] mPassword; + + public SrpTlsClient(byte[] identity, byte[] password) + : this(new DefaultTlsCipherFactory(), new DefaultTlsSrpGroupVerifier(), identity, password) + { + } + + public SrpTlsClient(TlsCipherFactory cipherFactory, byte[] identity, byte[] password) + : this(cipherFactory, new DefaultTlsSrpGroupVerifier(), identity, password) + { + } + + public SrpTlsClient(TlsCipherFactory cipherFactory, TlsSrpGroupVerifier groupVerifier, + byte[] identity, byte[] password) + : base(cipherFactory) + { + this.mGroupVerifier = groupVerifier; + this.mIdentity = Arrays.Clone(identity); + this.mPassword = Arrays.Clone(password); + } + + protected virtual bool RequireSrpServerExtension + { + // No explicit guidance in RFC 5054; by default an (empty) extension from server is optional + get { return false; } + } + + public override int[] GetCipherSuites() + { + return new int[] + { + CipherSuite.TLS_SRP_SHA_RSA_WITH_AES_128_CBC_SHA + }; + } + + public override IDictionary GetClientExtensions() + { + IDictionary clientExtensions = TlsExtensionsUtilities.EnsureExtensionsInitialised(base.GetClientExtensions()); + TlsSrpUtilities.AddSrpExtension(clientExtensions, this.mIdentity); + return clientExtensions; + } + + public override void ProcessServerExtensions(IDictionary serverExtensions) + { + if (!TlsUtilities.HasExpectedEmptyExtensionData(serverExtensions, ExtensionType.srp, + AlertDescription.illegal_parameter)) + { + if (RequireSrpServerExtension) + throw new TlsFatalAlert(AlertDescription.illegal_parameter); + } + + base.ProcessServerExtensions(serverExtensions); + } + + public override TlsKeyExchange GetKeyExchange() + { + int keyExchangeAlgorithm = TlsUtilities.GetKeyExchangeAlgorithm(mSelectedCipherSuite); + + switch (keyExchangeAlgorithm) + { + case KeyExchangeAlgorithm.SRP: + case KeyExchangeAlgorithm.SRP_DSS: + case KeyExchangeAlgorithm.SRP_RSA: + return CreateSrpKeyExchange(keyExchangeAlgorithm); + + default: + /* + * Note: internal error here; the TlsProtocol implementation verifies that the + * server-selected cipher suite was in the list of client-offered cipher suites, so if + * we now can't produce an implementation, we shouldn't have offered it! + */ + throw new TlsFatalAlert(AlertDescription.internal_error); + } + } + + public override TlsAuthentication GetAuthentication() + { + /* + * Note: This method is not called unless a server certificate is sent, which may be the + * case e.g. for SRP_DSS or SRP_RSA key exchange. + */ + throw new TlsFatalAlert(AlertDescription.internal_error); + } + + protected virtual TlsKeyExchange CreateSrpKeyExchange(int keyExchange) + { + return new TlsSrpKeyExchange(keyExchange, mSupportedSignatureAlgorithms, mGroupVerifier, mIdentity, mPassword); + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/tls/SrpTlsServer.cs b/BouncyCastle/crypto/src/crypto/tls/SrpTlsServer.cs new file mode 100644 index 0000000..f978783 --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/tls/SrpTlsServer.cs @@ -0,0 +1,121 @@ +using System; +using System.Collections; +using System.IO; + +namespace Org.BouncyCastle.Crypto.Tls +{ + public class SrpTlsServer + : AbstractTlsServer + { + protected TlsSrpIdentityManager mSrpIdentityManager; + + protected byte[] mSrpIdentity = null; + protected TlsSrpLoginParameters mLoginParameters = null; + + public SrpTlsServer(TlsSrpIdentityManager srpIdentityManager) + : this(new DefaultTlsCipherFactory(), srpIdentityManager) + { + } + + public SrpTlsServer(TlsCipherFactory cipherFactory, TlsSrpIdentityManager srpIdentityManager) + : base(cipherFactory) + { + this.mSrpIdentityManager = srpIdentityManager; + } + + protected virtual TlsSignerCredentials GetDsaSignerCredentials() + { + throw new TlsFatalAlert(AlertDescription.internal_error); + } + + protected virtual TlsSignerCredentials GetRsaSignerCredentials() + { + throw new TlsFatalAlert(AlertDescription.internal_error); + } + + protected override int[] GetCipherSuites() + { + return new int[] + { + CipherSuite.TLS_SRP_SHA_DSS_WITH_AES_256_CBC_SHA, + CipherSuite.TLS_SRP_SHA_DSS_WITH_AES_128_CBC_SHA, + CipherSuite.TLS_SRP_SHA_RSA_WITH_AES_256_CBC_SHA, + CipherSuite.TLS_SRP_SHA_RSA_WITH_AES_128_CBC_SHA, + CipherSuite.TLS_SRP_SHA_WITH_AES_256_CBC_SHA, + CipherSuite.TLS_SRP_SHA_WITH_AES_128_CBC_SHA + }; + } + + public override void ProcessClientExtensions(IDictionary clientExtensions) + { + base.ProcessClientExtensions(clientExtensions); + + this.mSrpIdentity = TlsSrpUtilities.GetSrpExtension(clientExtensions); + } + + public override int GetSelectedCipherSuite() + { + int cipherSuite = base.GetSelectedCipherSuite(); + + if (TlsSrpUtilities.IsSrpCipherSuite(cipherSuite)) + { + if (mSrpIdentity != null) + { + this.mLoginParameters = mSrpIdentityManager.GetLoginParameters(mSrpIdentity); + } + + if (mLoginParameters == null) + throw new TlsFatalAlert(AlertDescription.unknown_psk_identity); + } + + return cipherSuite; + } + + public override TlsCredentials GetCredentials() + { + int keyExchangeAlgorithm = TlsUtilities.GetKeyExchangeAlgorithm(mSelectedCipherSuite); + + switch (keyExchangeAlgorithm) + { + case KeyExchangeAlgorithm.SRP: + return null; + + case KeyExchangeAlgorithm.SRP_DSS: + return GetDsaSignerCredentials(); + + case KeyExchangeAlgorithm.SRP_RSA: + return GetRsaSignerCredentials(); + + default: + /* Note: internal error here; selected a key exchange we don't implement! */ + throw new TlsFatalAlert(AlertDescription.internal_error); + } + } + + public override TlsKeyExchange GetKeyExchange() + { + int keyExchangeAlgorithm = TlsUtilities.GetKeyExchangeAlgorithm(mSelectedCipherSuite); + + switch (keyExchangeAlgorithm) + { + case KeyExchangeAlgorithm.SRP: + case KeyExchangeAlgorithm.SRP_DSS: + case KeyExchangeAlgorithm.SRP_RSA: + return CreateSrpKeyExchange(keyExchangeAlgorithm); + + default: + /* + * Note: internal error here; the TlsProtocol implementation verifies that the + * server-selected cipher suite was in the list of client-offered cipher suites, so if + * we now can't produce an implementation, we shouldn't have offered it! + */ + throw new TlsFatalAlert(AlertDescription.internal_error); + } + } + + protected virtual TlsKeyExchange CreateSrpKeyExchange(int keyExchange) + { + return new TlsSrpKeyExchange(keyExchange, mSupportedSignatureAlgorithms, mSrpIdentity, mLoginParameters); + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/tls/SrtpProtectionProfile.cs b/BouncyCastle/crypto/src/crypto/tls/SrtpProtectionProfile.cs new file mode 100644 index 0000000..6e9091b --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/tls/SrtpProtectionProfile.cs @@ -0,0 +1,21 @@ +using System; + +namespace Org.BouncyCastle.Crypto.Tls +{ + public abstract class SrtpProtectionProfile + { + /* + * RFC 5764 4.1.2. + */ + public const int SRTP_AES128_CM_HMAC_SHA1_80 = 0x0001; + public const int SRTP_AES128_CM_HMAC_SHA1_32 = 0x0002; + public const int SRTP_NULL_HMAC_SHA1_80 = 0x0005; + public const int SRTP_NULL_HMAC_SHA1_32 = 0x0006; + + /* + * RFC 7714 14.2. + */ + public const int SRTP_AEAD_AES_128_GCM = 0x0007; + public const int SRTP_AEAD_AES_256_GCM = 0x0008; + } +} diff --git a/BouncyCastle/crypto/src/crypto/tls/Ssl3Mac.cs b/BouncyCastle/crypto/src/crypto/tls/Ssl3Mac.cs new file mode 100644 index 0000000..8bdb342 --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/tls/Ssl3Mac.cs @@ -0,0 +1,110 @@ +using System; + +using Org.BouncyCastle.Crypto; +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Crypto.Tls +{ + /** + * HMAC implementation based on original internet draft for HMAC (RFC 2104) + * + * The difference is that padding is concatentated versus XORed with the key + * + * H(K + opad, H(K + ipad, text)) + */ + public class Ssl3Mac + : IMac + { + private const byte IPAD_BYTE = 0x36; + private const byte OPAD_BYTE = 0x5C; + + internal static readonly byte[] IPAD = GenPad(IPAD_BYTE, 48); + internal static readonly byte[] OPAD = GenPad(OPAD_BYTE, 48); + + private readonly IDigest digest; + private readonly int padLength; + + private byte[] secret; + + /** + * Base constructor for one of the standard digest algorithms that the byteLength of + * the algorithm is know for. Behaviour is undefined for digests other than MD5 or SHA1. + * + * @param digest the digest. + */ + public Ssl3Mac(IDigest digest) + { + this.digest = digest; + + if (digest.GetDigestSize() == 20) + { + this.padLength = 40; + } + else + { + this.padLength = 48; + } + } + + public virtual string AlgorithmName + { + get { return digest.AlgorithmName + "/SSL3MAC"; } + } + + public virtual void Init(ICipherParameters parameters) + { + secret = Arrays.Clone(((KeyParameter)parameters).GetKey()); + + Reset(); + } + + public virtual int GetMacSize() + { + return digest.GetDigestSize(); + } + + public virtual void Update(byte input) + { + digest.Update(input); + } + + public virtual void BlockUpdate(byte[] input, int inOff, int len) + { + digest.BlockUpdate(input, inOff, len); + } + + public virtual int DoFinal(byte[] output, int outOff) + { + byte[] tmp = new byte[digest.GetDigestSize()]; + digest.DoFinal(tmp, 0); + + digest.BlockUpdate(secret, 0, secret.Length); + digest.BlockUpdate(OPAD, 0, padLength); + digest.BlockUpdate(tmp, 0, tmp.Length); + + int len = digest.DoFinal(output, outOff); + + Reset(); + + return len; + } + + /** + * Reset the mac generator. + */ + public virtual void Reset() + { + digest.Reset(); + digest.BlockUpdate(secret, 0, secret.Length); + digest.BlockUpdate(IPAD, 0, padLength); + } + + private static byte[] GenPad(byte b, int count) + { + byte[] padding = new byte[count]; + Arrays.Fill(padding, b); + return padding; + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/tls/SupplementalDataEntry.cs b/BouncyCastle/crypto/src/crypto/tls/SupplementalDataEntry.cs new file mode 100644 index 0000000..5adc4fa --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/tls/SupplementalDataEntry.cs @@ -0,0 +1,26 @@ +using System; + +namespace Org.BouncyCastle.Crypto.Tls +{ + public class SupplementalDataEntry + { + protected readonly int mDataType; + protected readonly byte[] mData; + + public SupplementalDataEntry(int dataType, byte[] data) + { + this.mDataType = dataType; + this.mData = data; + } + + public virtual int DataType + { + get { return mDataType; } + } + + public virtual byte[] Data + { + get { return mData; } + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/tls/SupplementalDataType.cs b/BouncyCastle/crypto/src/crypto/tls/SupplementalDataType.cs new file mode 100644 index 0000000..79511c5 --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/tls/SupplementalDataType.cs @@ -0,0 +1,13 @@ +using System; + +namespace Org.BouncyCastle.Crypto.Tls +{ + /// RFC 4680 + public abstract class SupplementalDataType + { + /* + * RFC 4681 + */ + public const int user_mapping_data = 0; + } +} diff --git a/BouncyCastle/crypto/src/crypto/tls/Timeout.cs b/BouncyCastle/crypto/src/crypto/tls/Timeout.cs new file mode 100644 index 0000000..924073c --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/tls/Timeout.cs @@ -0,0 +1,121 @@ +using System; + +using Org.BouncyCastle.Utilities.Date; + +namespace Org.BouncyCastle.Crypto.Tls +{ + internal class Timeout + { + private long durationMillis; + private long startMillis; + + internal Timeout(long durationMillis) + : this(durationMillis, DateTimeUtilities.CurrentUnixMs()) + { + } + + internal Timeout(long durationMillis, long currentTimeMillis) + { + this.durationMillis = System.Math.Max(0, durationMillis); + this.startMillis = System.Math.Max(0, currentTimeMillis); + } + + //internal long RemainingMillis() + //{ + // return RemainingMillis(DateTimeUtilities.CurrentUnixMs()); + //} + + internal long RemainingMillis(long currentTimeMillis) + { + lock (this) + { + // If clock jumped backwards, reset start time + if (startMillis > currentTimeMillis) + { + startMillis = currentTimeMillis; + return durationMillis; + } + + long elapsed = currentTimeMillis - startMillis; + long remaining = durationMillis - elapsed; + + // Once timeout reached, lock it in + if (remaining <= 0) + { + return durationMillis = 0L; + } + + return remaining; + } + } + + //internal static int ConstrainWaitMillis(int waitMillis, Timeout timeout) + //{ + // return ConstrainWaitMillis(waitMillis, timeout, DateTimeUtilities.CurrentUnixMs()); + //} + + internal static int ConstrainWaitMillis(int waitMillis, Timeout timeout, long currentTimeMillis) + { + if (waitMillis < 0) + return -1; + + int timeoutMillis = GetWaitMillis(timeout, currentTimeMillis); + if (timeoutMillis < 0) + return -1; + + if (waitMillis == 0) + return timeoutMillis; + + if (timeoutMillis == 0) + return waitMillis; + + return System.Math.Min(waitMillis, timeoutMillis); + } + + internal static Timeout ForWaitMillis(int waitMillis) + { + return ForWaitMillis(waitMillis, DateTimeUtilities.CurrentUnixMs()); + } + + internal static Timeout ForWaitMillis(int waitMillis, long currentTimeMillis) + { + if (waitMillis < 0) + throw new ArgumentException("cannot be negative", "waitMillis"); + + if (waitMillis > 0) + return new Timeout(waitMillis, currentTimeMillis); + + return null; + } + + //internal static int GetWaitMillis(Timeout timeout) + //{ + // return GetWaitMillis(timeout, DateTimeUtilities.CurrentUnixMs()); + //} + + internal static int GetWaitMillis(Timeout timeout, long currentTimeMillis) + { + if (null == timeout) + return 0; + + long remainingMillis = timeout.RemainingMillis(currentTimeMillis); + if (remainingMillis < 1L) + return -1; + + if (remainingMillis > int.MaxValue) + return int.MaxValue; + + return (int)remainingMillis; + } + + //internal static bool HasExpired(Timeout timeout) + //{ + // return HasExpired(timeout, DateTimeUtilities.CurrentUnixMs()); + //} + + internal static bool HasExpired(Timeout timeout, long currentTimeMillis) + { + return null != timeout && timeout.RemainingMillis(currentTimeMillis) < 1L; + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/tls/TlsAeadCipher.cs b/BouncyCastle/crypto/src/crypto/tls/TlsAeadCipher.cs new file mode 100644 index 0000000..9a65d5e --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/tls/TlsAeadCipher.cs @@ -0,0 +1,252 @@ +using System; +using System.IO; + +using Org.BouncyCastle.Crypto.Modes; +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Crypto.Tls +{ + public class TlsAeadCipher + : TlsCipher + { + // TODO[draft-zauner-tls-aes-ocb-04] Apply data volume limit described in section 8.4 + + public const int NONCE_RFC5288 = 1; + + /* + * draft-zauner-tls-aes-ocb-04 specifies the nonce construction from draft-ietf-tls-chacha20-poly1305-04 + */ + internal const int NONCE_DRAFT_CHACHA20_POLY1305 = 2; + + protected readonly TlsContext context; + protected readonly int macSize; + // TODO SecurityParameters.record_iv_length + protected readonly int record_iv_length; + + protected readonly IAeadBlockCipher encryptCipher; + protected readonly IAeadBlockCipher decryptCipher; + + protected readonly byte[] encryptImplicitNonce, decryptImplicitNonce; + + protected readonly int nonceMode; + + /// + public TlsAeadCipher(TlsContext context, IAeadBlockCipher clientWriteCipher, IAeadBlockCipher serverWriteCipher, + int cipherKeySize, int macSize) + : this(context, clientWriteCipher, serverWriteCipher, cipherKeySize, macSize, NONCE_RFC5288) + { + } + + /// + internal TlsAeadCipher(TlsContext context, IAeadBlockCipher clientWriteCipher, IAeadBlockCipher serverWriteCipher, + int cipherKeySize, int macSize, int nonceMode) + { + if (!TlsUtilities.IsTlsV12(context)) + throw new TlsFatalAlert(AlertDescription.internal_error); + + this.nonceMode = nonceMode; + + // TODO SecurityParameters.fixed_iv_length + int fixed_iv_length; + + switch (nonceMode) + { + case NONCE_RFC5288: + fixed_iv_length = 4; + this.record_iv_length = 8; + break; + case NONCE_DRAFT_CHACHA20_POLY1305: + fixed_iv_length = 12; + this.record_iv_length = 0; + break; + default: + throw new TlsFatalAlert(AlertDescription.internal_error); + } + + this.context = context; + this.macSize = macSize; + + int key_block_size = (2 * cipherKeySize) + (2 * fixed_iv_length); + + byte[] key_block = TlsUtilities.CalculateKeyBlock(context, key_block_size); + + int offset = 0; + + KeyParameter client_write_key = new KeyParameter(key_block, offset, cipherKeySize); + offset += cipherKeySize; + KeyParameter server_write_key = new KeyParameter(key_block, offset, cipherKeySize); + offset += cipherKeySize; + byte[] client_write_IV = Arrays.CopyOfRange(key_block, offset, offset + fixed_iv_length); + offset += fixed_iv_length; + byte[] server_write_IV = Arrays.CopyOfRange(key_block, offset, offset + fixed_iv_length); + offset += fixed_iv_length; + + if (offset != key_block_size) + throw new TlsFatalAlert(AlertDescription.internal_error); + + KeyParameter encryptKey, decryptKey; + if (context.IsServer) + { + this.encryptCipher = serverWriteCipher; + this.decryptCipher = clientWriteCipher; + this.encryptImplicitNonce = server_write_IV; + this.decryptImplicitNonce = client_write_IV; + encryptKey = server_write_key; + decryptKey = client_write_key; + } + else + { + this.encryptCipher = clientWriteCipher; + this.decryptCipher = serverWriteCipher; + this.encryptImplicitNonce = client_write_IV; + this.decryptImplicitNonce = server_write_IV; + encryptKey = client_write_key; + decryptKey = server_write_key; + } + + // NOTE: Ensure dummy nonce is not part of the generated sequence(s) + byte[] dummyNonce = new byte[fixed_iv_length + record_iv_length]; + dummyNonce[0] = (byte)~encryptImplicitNonce[0]; + dummyNonce[1] = (byte)~decryptImplicitNonce[1]; + + this.encryptCipher.Init(true, new AeadParameters(encryptKey, 8 * macSize, dummyNonce)); + this.decryptCipher.Init(false, new AeadParameters(decryptKey, 8 * macSize, dummyNonce)); + } + + public virtual int GetPlaintextLimit(int ciphertextLimit) + { + // TODO We ought to be able to ask the decryptCipher (independently of it's current state!) + return ciphertextLimit - macSize - record_iv_length; + } + + /// + public virtual byte[] EncodePlaintext(long seqNo, byte type, byte[] plaintext, int offset, int len) + { + byte[] nonce = new byte[encryptImplicitNonce.Length + record_iv_length]; + + switch (nonceMode) + { + case NONCE_RFC5288: + Array.Copy(encryptImplicitNonce, 0, nonce, 0, encryptImplicitNonce.Length); + // RFC 5288/6655: The nonce_explicit MAY be the 64-bit sequence number. + TlsUtilities.WriteUint64(seqNo, nonce, encryptImplicitNonce.Length); + break; + case NONCE_DRAFT_CHACHA20_POLY1305: + TlsUtilities.WriteUint64(seqNo, nonce, nonce.Length - 8); + for (int i = 0; i < encryptImplicitNonce.Length; ++i) + { + nonce[i] ^= encryptImplicitNonce[i]; + } + break; + default: + throw new TlsFatalAlert(AlertDescription.internal_error); + } + + int plaintextOffset = offset; + int plaintextLength = len; + int ciphertextLength = encryptCipher.GetOutputSize(plaintextLength); + + byte[] output = new byte[record_iv_length + ciphertextLength]; + if (record_iv_length != 0) + { + Array.Copy(nonce, nonce.Length - record_iv_length, output, 0, record_iv_length); + } + int outputPos = record_iv_length; + + byte[] additionalData = GetAdditionalData(seqNo, type, plaintextLength); + AeadParameters parameters = new AeadParameters(null, 8 * macSize, nonce, additionalData); + + try + { + encryptCipher.Init(true, parameters); + outputPos += encryptCipher.ProcessBytes(plaintext, plaintextOffset, plaintextLength, output, outputPos); + outputPos += encryptCipher.DoFinal(output, outputPos); + } + catch (Exception e) + { + throw new TlsFatalAlert(AlertDescription.internal_error, e); + } + + if (outputPos != output.Length) + { + // NOTE: Existing AEAD cipher implementations all give exact output lengths + throw new TlsFatalAlert(AlertDescription.internal_error); + } + + return output; + } + + /// + public virtual byte[] DecodeCiphertext(long seqNo, byte type, byte[] ciphertext, int offset, int len) + { + if (GetPlaintextLimit(len) < 0) + throw new TlsFatalAlert(AlertDescription.decode_error); + + byte[] nonce = new byte[decryptImplicitNonce.Length + record_iv_length]; + + switch (nonceMode) + { + case NONCE_RFC5288: + Array.Copy(decryptImplicitNonce, 0, nonce, 0, decryptImplicitNonce.Length); + Array.Copy(ciphertext, offset, nonce, nonce.Length - record_iv_length, record_iv_length); + break; + case NONCE_DRAFT_CHACHA20_POLY1305: + TlsUtilities.WriteUint64(seqNo, nonce, nonce.Length - 8); + for (int i = 0; i < decryptImplicitNonce.Length; ++i) + { + nonce[i] ^= decryptImplicitNonce[i]; + } + break; + default: + throw new TlsFatalAlert(AlertDescription.internal_error); + } + + int ciphertextOffset = offset + record_iv_length; + int ciphertextLength = len - record_iv_length; + int plaintextLength = decryptCipher.GetOutputSize(ciphertextLength); + + byte[] output = new byte[plaintextLength]; + int outputPos = 0; + + byte[] additionalData = GetAdditionalData(seqNo, type, plaintextLength); + AeadParameters parameters = new AeadParameters(null, 8 * macSize, nonce, additionalData); + + try + { + decryptCipher.Init(false, parameters); + outputPos += decryptCipher.ProcessBytes(ciphertext, ciphertextOffset, ciphertextLength, output, outputPos); + outputPos += decryptCipher.DoFinal(output, outputPos); + } + catch (Exception e) + { + throw new TlsFatalAlert(AlertDescription.bad_record_mac, e); + } + + if (outputPos != output.Length) + { + // NOTE: Existing AEAD cipher implementations all give exact output lengths + throw new TlsFatalAlert(AlertDescription.internal_error); + } + + return output; + } + + /// + protected virtual byte[] GetAdditionalData(long seqNo, byte type, int len) + { + /* + * additional_data = seq_num + TLSCompressed.type + TLSCompressed.version + + * TLSCompressed.length + */ + + byte[] additional_data = new byte[13]; + TlsUtilities.WriteUint64(seqNo, additional_data, 0); + TlsUtilities.WriteUint8(type, additional_data, 8); + TlsUtilities.WriteVersion(context.ServerVersion, additional_data, 9); + TlsUtilities.WriteUint16(len, additional_data, 11); + + return additional_data; + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/tls/TlsAgreementCredentials.cs b/BouncyCastle/crypto/src/crypto/tls/TlsAgreementCredentials.cs new file mode 100644 index 0000000..7c64072 --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/tls/TlsAgreementCredentials.cs @@ -0,0 +1,12 @@ +using System; +using System.IO; + +namespace Org.BouncyCastle.Crypto.Tls +{ + public interface TlsAgreementCredentials + : TlsCredentials + { + /// + byte[] GenerateAgreement(AsymmetricKeyParameter peerPublicKey); + } +} diff --git a/BouncyCastle/crypto/src/crypto/tls/TlsAuthentication.cs b/BouncyCastle/crypto/src/crypto/tls/TlsAuthentication.cs new file mode 100644 index 0000000..9aea5e4 --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/tls/TlsAuthentication.cs @@ -0,0 +1,31 @@ +using System; +using System.IO; + +namespace Org.BouncyCastle.Crypto.Tls +{ + public interface TlsAuthentication + { + /// + /// Called by the protocol handler to report the server certificate. + /// + /// + /// This method is responsible for certificate verification and validation + /// + /// The server received + /// + void NotifyServerCertificate(Certificate serverCertificate); + + /// + /// Return client credentials in response to server's certificate request + /// + /// + /// A containing server certificate request details + /// + /// + /// A to be used for client authentication + /// (or null for no client authentication) + /// + /// + TlsCredentials GetClientCredentials(CertificateRequest certificateRequest); + } +} diff --git a/BouncyCastle/crypto/src/crypto/tls/TlsBlockCipher.cs b/BouncyCastle/crypto/src/crypto/tls/TlsBlockCipher.cs new file mode 100644 index 0000000..76b476a --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/tls/TlsBlockCipher.cs @@ -0,0 +1,395 @@ +using System; +using System.IO; + +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Security; +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Crypto.Tls +{ + /// + /// A generic TLS 1.0-1.2 / SSLv3 block cipher. This can be used for AES or 3DES for example. + /// + public class TlsBlockCipher + : TlsCipher + { + protected readonly TlsContext context; + protected readonly byte[] randomData; + protected readonly bool useExplicitIV; + protected readonly bool encryptThenMac; + + protected readonly IBlockCipher encryptCipher; + protected readonly IBlockCipher decryptCipher; + + protected readonly TlsMac mWriteMac; + protected readonly TlsMac mReadMac; + + public virtual TlsMac WriteMac + { + get { return mWriteMac; } + } + + public virtual TlsMac ReadMac + { + get { return mReadMac; } + } + + /// + public TlsBlockCipher(TlsContext context, IBlockCipher clientWriteCipher, IBlockCipher serverWriteCipher, + IDigest clientWriteDigest, IDigest serverWriteDigest, int cipherKeySize) + { + this.context = context; + + this.randomData = new byte[256]; + context.NonceRandomGenerator.NextBytes(randomData); + + this.useExplicitIV = TlsUtilities.IsTlsV11(context); + this.encryptThenMac = context.SecurityParameters.encryptThenMac; + + int key_block_size = (2 * cipherKeySize) + clientWriteDigest.GetDigestSize() + + serverWriteDigest.GetDigestSize(); + + // From TLS 1.1 onwards, block ciphers don't need client_write_IV + if (!useExplicitIV) + { + key_block_size += clientWriteCipher.GetBlockSize() + serverWriteCipher.GetBlockSize(); + } + + byte[] key_block = TlsUtilities.CalculateKeyBlock(context, key_block_size); + + int offset = 0; + + TlsMac clientWriteMac = new TlsMac(context, clientWriteDigest, key_block, offset, + clientWriteDigest.GetDigestSize()); + offset += clientWriteDigest.GetDigestSize(); + TlsMac serverWriteMac = new TlsMac(context, serverWriteDigest, key_block, offset, + serverWriteDigest.GetDigestSize()); + offset += serverWriteDigest.GetDigestSize(); + + KeyParameter client_write_key = new KeyParameter(key_block, offset, cipherKeySize); + offset += cipherKeySize; + KeyParameter server_write_key = new KeyParameter(key_block, offset, cipherKeySize); + offset += cipherKeySize; + + byte[] client_write_IV, server_write_IV; + if (useExplicitIV) + { + client_write_IV = new byte[clientWriteCipher.GetBlockSize()]; + server_write_IV = new byte[serverWriteCipher.GetBlockSize()]; + } + else + { + client_write_IV = Arrays.CopyOfRange(key_block, offset, offset + clientWriteCipher.GetBlockSize()); + offset += clientWriteCipher.GetBlockSize(); + server_write_IV = Arrays.CopyOfRange(key_block, offset, offset + serverWriteCipher.GetBlockSize()); + offset += serverWriteCipher.GetBlockSize(); + } + + if (offset != key_block_size) + { + throw new TlsFatalAlert(AlertDescription.internal_error); + } + + ICipherParameters encryptParams, decryptParams; + if (context.IsServer) + { + this.mWriteMac = serverWriteMac; + this.mReadMac = clientWriteMac; + this.encryptCipher = serverWriteCipher; + this.decryptCipher = clientWriteCipher; + encryptParams = new ParametersWithIV(server_write_key, server_write_IV); + decryptParams = new ParametersWithIV(client_write_key, client_write_IV); + } + else + { + this.mWriteMac = clientWriteMac; + this.mReadMac = serverWriteMac; + this.encryptCipher = clientWriteCipher; + this.decryptCipher = serverWriteCipher; + encryptParams = new ParametersWithIV(client_write_key, client_write_IV); + decryptParams = new ParametersWithIV(server_write_key, server_write_IV); + } + + this.encryptCipher.Init(true, encryptParams); + this.decryptCipher.Init(false, decryptParams); + } + + public virtual int GetPlaintextLimit(int ciphertextLimit) + { + int blockSize = encryptCipher.GetBlockSize(); + int macSize = mWriteMac.Size; + + int plaintextLimit = ciphertextLimit; + + // An explicit IV consumes 1 block + if (useExplicitIV) + { + plaintextLimit -= blockSize; + } + + // Leave room for the MAC, and require block-alignment + if (encryptThenMac) + { + plaintextLimit -= macSize; + plaintextLimit -= plaintextLimit % blockSize; + } + else + { + plaintextLimit -= plaintextLimit % blockSize; + plaintextLimit -= macSize; + } + + // Minimum 1 byte of padding + --plaintextLimit; + + return plaintextLimit; + } + + public virtual byte[] EncodePlaintext(long seqNo, byte type, byte[] plaintext, int offset, int len) + { + int blockSize = encryptCipher.GetBlockSize(); + int macSize = mWriteMac.Size; + + ProtocolVersion version = context.ServerVersion; + + int enc_input_length = len; + if (!encryptThenMac) + { + enc_input_length += macSize; + } + + int padding_length = blockSize - 1 - (enc_input_length % blockSize); + + /* + * Don't use variable-length padding with truncated MACs. + * + * See "Tag Size Does Matter: Attacks and Proofs for the TLS Record Protocol", Paterson, + * Ristenpart, Shrimpton. + */ + if (encryptThenMac || !context.SecurityParameters.truncatedHMac) + { + // TODO[DTLS] Consider supporting in DTLS (without exceeding send limit though) + if (!version.IsDtls && !version.IsSsl) + { + // Add a random number of extra blocks worth of padding + int maxExtraPadBlocks = (255 - padding_length) / blockSize; + int actualExtraPadBlocks = ChooseExtraPadBlocks(context.SecureRandom, maxExtraPadBlocks); + padding_length += actualExtraPadBlocks * blockSize; + } + } + + int totalSize = len + macSize + padding_length + 1; + if (useExplicitIV) + { + totalSize += blockSize; + } + + byte[] outBuf = new byte[totalSize]; + int outOff = 0; + + if (useExplicitIV) + { + byte[] explicitIV = new byte[blockSize]; + context.NonceRandomGenerator.NextBytes(explicitIV); + + encryptCipher.Init(true, new ParametersWithIV(null, explicitIV)); + + Array.Copy(explicitIV, 0, outBuf, outOff, blockSize); + outOff += blockSize; + } + + int blocks_start = outOff; + + Array.Copy(plaintext, offset, outBuf, outOff, len); + outOff += len; + + if (!encryptThenMac) + { + byte[] mac = mWriteMac.CalculateMac(seqNo, type, plaintext, offset, len); + Array.Copy(mac, 0, outBuf, outOff, mac.Length); + outOff += mac.Length; + } + + for (int i = 0; i <= padding_length; i++) + { + outBuf[outOff++] = (byte)padding_length; + } + + for (int i = blocks_start; i < outOff; i += blockSize) + { + encryptCipher.ProcessBlock(outBuf, i, outBuf, i); + } + + if (encryptThenMac) + { + byte[] mac = mWriteMac.CalculateMac(seqNo, type, outBuf, 0, outOff); + Array.Copy(mac, 0, outBuf, outOff, mac.Length); + outOff += mac.Length; + } + + // assert outBuf.length == outOff; + + return outBuf; + } + + /// + public virtual byte[] DecodeCiphertext(long seqNo, byte type, byte[] ciphertext, int offset, int len) + { + int blockSize = decryptCipher.GetBlockSize(); + int macSize = mReadMac.Size; + + int minLen = blockSize; + if (encryptThenMac) + { + minLen += macSize; + } + else + { + minLen = System.Math.Max(minLen, macSize + 1); + } + + if (useExplicitIV) + { + minLen += blockSize; + } + + if (len < minLen) + throw new TlsFatalAlert(AlertDescription.decode_error); + + int blocks_length = len; + if (encryptThenMac) + { + blocks_length -= macSize; + } + + if (blocks_length % blockSize != 0) + throw new TlsFatalAlert(AlertDescription.decryption_failed); + + if (encryptThenMac) + { + int end = offset + len; + byte[] receivedMac = Arrays.CopyOfRange(ciphertext, end - macSize, end); + byte[] calculatedMac = mReadMac.CalculateMac(seqNo, type, ciphertext, offset, len - macSize); + + bool badMacEtm = !Arrays.ConstantTimeAreEqual(calculatedMac, receivedMac); + if (badMacEtm) + { + /* + * RFC 7366 3. The MAC SHALL be evaluated before any further processing such as + * decryption is performed, and if the MAC verification fails, then processing SHALL + * terminate immediately. For TLS, a fatal bad_record_mac MUST be generated [2]. For + * DTLS, the record MUST be discarded, and a fatal bad_record_mac MAY be generated + * [4]. This immediate response to a bad MAC eliminates any timing channels that may + * be available through the use of manipulated packet data. + */ + throw new TlsFatalAlert(AlertDescription.bad_record_mac); + } + } + + if (useExplicitIV) + { + decryptCipher.Init(false, new ParametersWithIV(null, ciphertext, offset, blockSize)); + + offset += blockSize; + blocks_length -= blockSize; + } + + for (int i = 0; i < blocks_length; i += blockSize) + { + decryptCipher.ProcessBlock(ciphertext, offset + i, ciphertext, offset + i); + } + + // If there's anything wrong with the padding, this will return zero + int totalPad = CheckPaddingConstantTime(ciphertext, offset, blocks_length, blockSize, encryptThenMac ? 0 : macSize); + bool badMac = (totalPad == 0); + + int dec_output_length = blocks_length - totalPad; + + if (!encryptThenMac) + { + dec_output_length -= macSize; + int macInputLen = dec_output_length; + int macOff = offset + macInputLen; + byte[] receivedMac = Arrays.CopyOfRange(ciphertext, macOff, macOff + macSize); + byte[] calculatedMac = mReadMac.CalculateMacConstantTime(seqNo, type, ciphertext, offset, macInputLen, + blocks_length - macSize, randomData); + + badMac |= !Arrays.ConstantTimeAreEqual(calculatedMac, receivedMac); + } + + if (badMac) + throw new TlsFatalAlert(AlertDescription.bad_record_mac); + + return Arrays.CopyOfRange(ciphertext, offset, offset + dec_output_length); + } + + protected virtual int CheckPaddingConstantTime(byte[] buf, int off, int len, int blockSize, int macSize) + { + int end = off + len; + byte lastByte = buf[end - 1]; + int padlen = lastByte & 0xff; + int totalPad = padlen + 1; + + int dummyIndex = 0; + byte padDiff = 0; + + if ((TlsUtilities.IsSsl(context) && totalPad > blockSize) || (macSize + totalPad > len)) + { + totalPad = 0; + } + else + { + int padPos = end - totalPad; + do + { + padDiff |= (byte)(buf[padPos++] ^ lastByte); + } + while (padPos < end); + + dummyIndex = totalPad; + + if (padDiff != 0) + { + totalPad = 0; + } + } + + // Run some extra dummy checks so the number of checks is always constant + { + byte[] dummyPad = randomData; + while (dummyIndex < 256) + { + padDiff |= (byte)(dummyPad[dummyIndex++] ^ lastByte); + } + // Ensure the above loop is not eliminated + dummyPad[0] ^= padDiff; + } + + return totalPad; + } + + protected virtual int ChooseExtraPadBlocks(SecureRandom r, int max) + { + // return r.NextInt(max + 1); + + int x = r.NextInt(); + int n = LowestBitSet(x); + return System.Math.Min(n, max); + } + + protected virtual int LowestBitSet(int x) + { + if (x == 0) + return 32; + + uint ux = (uint)x; + int n = 0; + while ((ux & 1U) == 0) + { + ++n; + ux >>= 1; + } + return n; + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/tls/TlsCipher.cs b/BouncyCastle/crypto/src/crypto/tls/TlsCipher.cs new file mode 100644 index 0000000..7bd8573 --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/tls/TlsCipher.cs @@ -0,0 +1,16 @@ +using System; +using System.IO; + +namespace Org.BouncyCastle.Crypto.Tls +{ + public interface TlsCipher + { + int GetPlaintextLimit(int ciphertextLimit); + + /// + byte[] EncodePlaintext(long seqNo, byte type, byte[] plaintext, int offset, int len); + + /// + byte[] DecodeCiphertext(long seqNo, byte type, byte[] ciphertext, int offset, int len); + } +} diff --git a/BouncyCastle/crypto/src/crypto/tls/TlsCipherFactory.cs b/BouncyCastle/crypto/src/crypto/tls/TlsCipherFactory.cs new file mode 100644 index 0000000..4e1fe0e --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/tls/TlsCipherFactory.cs @@ -0,0 +1,11 @@ +using System; +using System.IO; + +namespace Org.BouncyCastle.Crypto.Tls +{ + public interface TlsCipherFactory + { + /// + TlsCipher CreateCipher(TlsContext context, int encryptionAlgorithm, int macAlgorithm); + } +} diff --git a/BouncyCastle/crypto/src/crypto/tls/TlsClient.cs b/BouncyCastle/crypto/src/crypto/tls/TlsClient.cs new file mode 100644 index 0000000..73f1690 --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/tls/TlsClient.cs @@ -0,0 +1,148 @@ +using System; +using System.Collections; +using System.IO; + +namespace Org.BouncyCastle.Crypto.Tls +{ + public interface TlsClient + : TlsPeer + { + /// + /// Called at the start of a new TLS session, before any other methods. + /// + /// + /// A + /// + void Init(TlsClientContext context); + + /// Return the session this client wants to resume, if any. + /// Note that the peer's certificate chain for the session (if any) may need to be periodically revalidated. + /// + /// A representing the resumable session to be used for this connection, + /// or null to use a new session. + /// + TlsSession GetSessionToResume(); + + /// + /// Return the to use for the TLSPlaintext.version field prior to + /// receiving the server version. NOTE: This method is not called for DTLS. + /// + /// + /// See RFC 5246 E.1.: "TLS clients that wish to negotiate with older servers MAY send any value + /// {03,XX} as the record layer version number. Typical values would be {03,00}, the lowest + /// version number supported by the client, and the value of ClientHello.client_version. No + /// single value will guarantee interoperability with all old servers, but this is a complex + /// topic beyond the scope of this document." + /// + /// The to use. + ProtocolVersion ClientHelloRecordLayerVersion { get; } + + ProtocolVersion ClientVersion { get; } + + bool IsFallback { get; } + + /// + /// Get the list of cipher suites that this client supports. + /// + /// + /// An array of values, each specifying a supported cipher suite. + /// + int[] GetCipherSuites(); + + /// + /// Get the list of compression methods that this client supports. + /// + /// + /// An array of values, each specifying a supported compression method. + /// + byte[] GetCompressionMethods(); + + /// + /// Get the (optional) table of client extensions to be included in (extended) client hello. + /// + /// + /// A (Int32 -> byte[]). May be null. + /// + /// + IDictionary GetClientExtensions(); + + /// + void NotifyServerVersion(ProtocolVersion selectedVersion); + + /// + /// Notifies the client of the session_id sent in the ServerHello. + /// + /// An array of + void NotifySessionID(byte[] sessionID); + + /// + /// Report the cipher suite that was selected by the server. + /// + /// + /// The protocol handler validates this value against the offered cipher suites + /// + /// + /// + /// A + /// + void NotifySelectedCipherSuite(int selectedCipherSuite); + + /// + /// Report the compression method that was selected by the server. + /// + /// + /// The protocol handler validates this value against the offered compression methods + /// + /// + /// + /// A + /// + void NotifySelectedCompressionMethod(byte selectedCompressionMethod); + + /// + /// Report the extensions from an extended server hello. + /// + /// + /// Will only be called if we returned a non-null result from . + /// + /// + /// A (Int32 -> byte[]) + /// + void ProcessServerExtensions(IDictionary serverExtensions); + + /// A list of + /// + void ProcessServerSupplementalData(IList serverSupplementalData); + + /// + /// Return an implementation of to negotiate the key exchange + /// part of the protocol. + /// + /// + /// A + /// + /// + TlsKeyExchange GetKeyExchange(); + + /// + /// Return an implementation of to handle authentication + /// part of the protocol. + /// + /// + TlsAuthentication GetAuthentication(); + + /// A list of + /// + IList GetClientSupplementalData(); + + /// RFC 5077 3.3. NewSessionTicket Handshake Message + /// + /// This method will be called (only) when a NewSessionTicket handshake message is received. The + /// ticket is opaque to the client and clients MUST NOT examine the ticket under the assumption + /// that it complies with e.g. RFC 5077 4. Recommended Ticket Construction. + /// + /// The ticket + /// + void NotifyNewSessionTicket(NewSessionTicket newSessionTicket); + } +} diff --git a/BouncyCastle/crypto/src/crypto/tls/TlsClientContext.cs b/BouncyCastle/crypto/src/crypto/tls/TlsClientContext.cs new file mode 100644 index 0000000..b077d0a --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/tls/TlsClientContext.cs @@ -0,0 +1,11 @@ +using System; + +using Org.BouncyCastle.Security; + +namespace Org.BouncyCastle.Crypto.Tls +{ + public interface TlsClientContext + : TlsContext + { + } +} diff --git a/BouncyCastle/crypto/src/crypto/tls/TlsClientContextImpl.cs b/BouncyCastle/crypto/src/crypto/tls/TlsClientContextImpl.cs new file mode 100644 index 0000000..674d689 --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/tls/TlsClientContextImpl.cs @@ -0,0 +1,20 @@ +using System; + +using Org.BouncyCastle.Security; + +namespace Org.BouncyCastle.Crypto.Tls +{ + internal class TlsClientContextImpl + : AbstractTlsContext, TlsClientContext + { + internal TlsClientContextImpl(SecureRandom secureRandom, SecurityParameters securityParameters) + : base(secureRandom, securityParameters) + { + } + + public override bool IsServer + { + get { return false; } + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/tls/TlsClientProtocol.cs b/BouncyCastle/crypto/src/crypto/tls/TlsClientProtocol.cs new file mode 100644 index 0000000..1fe5744 --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/tls/TlsClientProtocol.cs @@ -0,0 +1,918 @@ +using System; +using System.Collections; +using System.IO; + +using Org.BouncyCastle.Security; +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Crypto.Tls +{ + public class TlsClientProtocol + : TlsProtocol + { + protected TlsClient mTlsClient = null; + internal TlsClientContextImpl mTlsClientContext = null; + + protected byte[] mSelectedSessionID = null; + + protected TlsKeyExchange mKeyExchange = null; + protected TlsAuthentication mAuthentication = null; + + protected CertificateStatus mCertificateStatus = null; + protected CertificateRequest mCertificateRequest = null; + + /** + * Constructor for blocking mode. + * @param stream The bi-directional stream of data to/from the server + * @param secureRandom Random number generator for various cryptographic functions + */ + public TlsClientProtocol(Stream stream, SecureRandom secureRandom) + : base(stream, secureRandom) + { + } + + /** + * Constructor for blocking mode. + * @param input The stream of data from the server + * @param output The stream of data to the server + * @param secureRandom Random number generator for various cryptographic functions + */ + public TlsClientProtocol(Stream input, Stream output, SecureRandom secureRandom) + : base(input, output, secureRandom) + { + } + + /** + * Constructor for non-blocking mode.
+ *
+ * When data is received, use {@link #offerInput(java.nio.ByteBuffer)} to + * provide the received ciphertext, then use + * {@link #readInput(byte[], int, int)} to read the corresponding cleartext.
+ *
+ * Similarly, when data needs to be sent, use + * {@link #offerOutput(byte[], int, int)} to provide the cleartext, then use + * {@link #readOutput(byte[], int, int)} to get the corresponding + * ciphertext. + * + * @param secureRandom + * Random number generator for various cryptographic functions + */ + public TlsClientProtocol(SecureRandom secureRandom) + : base(secureRandom) + { + } + + /** + * Initiates a TLS handshake in the role of client.
+ *
+ * In blocking mode, this will not return until the handshake is complete. + * In non-blocking mode, use {@link TlsPeer#NotifyHandshakeComplete()} to + * receive a callback when the handshake is complete. + * + * @param tlsClient The {@link TlsClient} to use for the handshake. + * @throws IOException If in blocking mode and handshake was not successful. + */ + public virtual void Connect(TlsClient tlsClient) + { + if (tlsClient == null) + throw new ArgumentNullException("tlsClient"); + if (this.mTlsClient != null) + throw new InvalidOperationException("'Connect' can only be called once"); + + this.mTlsClient = tlsClient; + + this.mSecurityParameters = new SecurityParameters(); + this.mSecurityParameters.entity = ConnectionEnd.client; + + this.mTlsClientContext = new TlsClientContextImpl(mSecureRandom, mSecurityParameters); + + this.mSecurityParameters.clientRandom = CreateRandomBlock(tlsClient.ShouldUseGmtUnixTime(), + mTlsClientContext.NonceRandomGenerator); + + this.mTlsClient.Init(mTlsClientContext); + this.mRecordStream.Init(mTlsClientContext); + + tlsClient.NotifyCloseHandle(this); + + TlsSession sessionToResume = tlsClient.GetSessionToResume(); + if (sessionToResume != null && sessionToResume.IsResumable) + { + SessionParameters sessionParameters = sessionToResume.ExportSessionParameters(); + if (sessionParameters != null && sessionParameters.IsExtendedMasterSecret) + { + this.mTlsSession = sessionToResume; + this.mSessionParameters = sessionParameters; + } + } + + SendClientHelloMessage(); + this.mConnectionState = CS_CLIENT_HELLO; + + BlockForHandshake(); + } + + protected override void CleanupHandshake() + { + base.CleanupHandshake(); + + this.mSelectedSessionID = null; + this.mKeyExchange = null; + this.mAuthentication = null; + this.mCertificateStatus = null; + this.mCertificateRequest = null; + } + + protected override TlsContext Context + { + get { return mTlsClientContext; } + } + + internal override AbstractTlsContext ContextAdmin + { + get { return mTlsClientContext; } + } + + protected override TlsPeer Peer + { + get { return mTlsClient; } + } + + protected override void HandleHandshakeMessage(byte type, MemoryStream buf) + { + if (this.mResumedSession) + { + if (type != HandshakeType.finished || this.mConnectionState != CS_SERVER_HELLO) + throw new TlsFatalAlert(AlertDescription.unexpected_message); + + ProcessFinishedMessage(buf); + this.mConnectionState = CS_SERVER_FINISHED; + + SendChangeCipherSpecMessage(); + SendFinishedMessage(); + this.mConnectionState = CS_CLIENT_FINISHED; + + CompleteHandshake(); + return; + } + + switch (type) + { + case HandshakeType.certificate: + { + switch (this.mConnectionState) + { + case CS_SERVER_HELLO: + case CS_SERVER_SUPPLEMENTAL_DATA: + { + if (this.mConnectionState == CS_SERVER_HELLO) + { + HandleSupplementalData(null); + } + + // Parse the Certificate message and Send to cipher suite + + this.mPeerCertificate = Certificate.Parse(buf); + + AssertEmpty(buf); + + // TODO[RFC 3546] Check whether empty certificates is possible, allowed, or excludes CertificateStatus + if (this.mPeerCertificate == null || this.mPeerCertificate.IsEmpty) + { + this.mAllowCertificateStatus = false; + } + + this.mKeyExchange.ProcessServerCertificate(this.mPeerCertificate); + + this.mAuthentication = mTlsClient.GetAuthentication(); + this.mAuthentication.NotifyServerCertificate(this.mPeerCertificate); + + break; + } + default: + throw new TlsFatalAlert(AlertDescription.unexpected_message); + } + + this.mConnectionState = CS_SERVER_CERTIFICATE; + break; + } + case HandshakeType.certificate_status: + { + switch (this.mConnectionState) + { + case CS_SERVER_CERTIFICATE: + { + if (!this.mAllowCertificateStatus) + { + /* + * RFC 3546 3.6. If a server returns a "CertificateStatus" message, then the + * server MUST have included an extension of type "status_request" with empty + * "extension_data" in the extended server hello.. + */ + throw new TlsFatalAlert(AlertDescription.unexpected_message); + } + + this.mCertificateStatus = CertificateStatus.Parse(buf); + + AssertEmpty(buf); + + // TODO[RFC 3546] Figure out how to provide this to the client/authentication. + + this.mConnectionState = CS_CERTIFICATE_STATUS; + break; + } + default: + throw new TlsFatalAlert(AlertDescription.unexpected_message); + } + break; + } + case HandshakeType.finished: + { + switch (this.mConnectionState) + { + case CS_CLIENT_FINISHED: + case CS_SERVER_SESSION_TICKET: + { + if (this.mConnectionState == CS_CLIENT_FINISHED && this.mExpectSessionTicket) + { + /* + * RFC 5077 3.3. This message MUST be sent if the server included a + * SessionTicket extension in the ServerHello. + */ + throw new TlsFatalAlert(AlertDescription.unexpected_message); + } + + ProcessFinishedMessage(buf); + this.mConnectionState = CS_SERVER_FINISHED; + + CompleteHandshake(); + break; + } + default: + throw new TlsFatalAlert(AlertDescription.unexpected_message); + } + break; + } + case HandshakeType.server_hello: + { + switch (this.mConnectionState) + { + case CS_CLIENT_HELLO: + { + ReceiveServerHelloMessage(buf); + this.mConnectionState = CS_SERVER_HELLO; + + this.mRecordStream.NotifyHelloComplete(); + + ApplyMaxFragmentLengthExtension(); + + if (this.mResumedSession) + { + this.mSecurityParameters.masterSecret = Arrays.Clone(this.mSessionParameters.MasterSecret); + this.mRecordStream.SetPendingConnectionState(Peer.GetCompression(), Peer.GetCipher()); + } + else + { + InvalidateSession(); + + if (this.mSelectedSessionID.Length > 0) + { + this.mTlsSession = new TlsSessionImpl(this.mSelectedSessionID, null); + } + } + + break; + } + default: + throw new TlsFatalAlert(AlertDescription.unexpected_message); + } + break; + } + case HandshakeType.supplemental_data: + { + switch (this.mConnectionState) + { + case CS_SERVER_HELLO: + { + HandleSupplementalData(ReadSupplementalDataMessage(buf)); + break; + } + default: + throw new TlsFatalAlert(AlertDescription.unexpected_message); + } + break; + } + case HandshakeType.server_hello_done: + { + switch (this.mConnectionState) + { + case CS_SERVER_HELLO: + case CS_SERVER_SUPPLEMENTAL_DATA: + case CS_SERVER_CERTIFICATE: + case CS_CERTIFICATE_STATUS: + case CS_SERVER_KEY_EXCHANGE: + case CS_CERTIFICATE_REQUEST: + { + if (mConnectionState < CS_SERVER_SUPPLEMENTAL_DATA) + { + HandleSupplementalData(null); + } + + if (mConnectionState < CS_SERVER_CERTIFICATE) + { + // There was no server certificate message; check it's OK + this.mKeyExchange.SkipServerCredentials(); + this.mAuthentication = null; + } + + if (mConnectionState < CS_SERVER_KEY_EXCHANGE) + { + // There was no server key exchange message; check it's OK + this.mKeyExchange.SkipServerKeyExchange(); + } + + AssertEmpty(buf); + + this.mConnectionState = CS_SERVER_HELLO_DONE; + + this.mRecordStream.HandshakeHash.SealHashAlgorithms(); + + IList clientSupplementalData = mTlsClient.GetClientSupplementalData(); + if (clientSupplementalData != null) + { + SendSupplementalDataMessage(clientSupplementalData); + } + this.mConnectionState = CS_CLIENT_SUPPLEMENTAL_DATA; + + TlsCredentials clientCreds = null; + if (mCertificateRequest == null) + { + this.mKeyExchange.SkipClientCredentials(); + } + else + { + clientCreds = this.mAuthentication.GetClientCredentials(mCertificateRequest); + + if (clientCreds == null) + { + this.mKeyExchange.SkipClientCredentials(); + + /* + * RFC 5246 If no suitable certificate is available, the client MUST Send a + * certificate message containing no certificates. + * + * NOTE: In previous RFCs, this was SHOULD instead of MUST. + */ + SendCertificateMessage(Certificate.EmptyChain); + } + else + { + this.mKeyExchange.ProcessClientCredentials(clientCreds); + + SendCertificateMessage(clientCreds.Certificate); + } + } + + this.mConnectionState = CS_CLIENT_CERTIFICATE; + + /* + * Send the client key exchange message, depending on the key exchange we are using + * in our CipherSuite. + */ + SendClientKeyExchangeMessage(); + this.mConnectionState = CS_CLIENT_KEY_EXCHANGE; + + if (TlsUtilities.IsSsl(Context)) + { + EstablishMasterSecret(Context, mKeyExchange); + } + + TlsHandshakeHash prepareFinishHash = mRecordStream.PrepareToFinish(); + this.mSecurityParameters.sessionHash = GetCurrentPrfHash(Context, prepareFinishHash, null); + + if (!TlsUtilities.IsSsl(Context)) + { + EstablishMasterSecret(Context, mKeyExchange); + } + + mRecordStream.SetPendingConnectionState(Peer.GetCompression(), Peer.GetCipher()); + + if (clientCreds != null && clientCreds is TlsSignerCredentials) + { + TlsSignerCredentials signerCredentials = (TlsSignerCredentials)clientCreds; + + /* + * RFC 5246 4.7. digitally-signed element needs SignatureAndHashAlgorithm from TLS 1.2 + */ + SignatureAndHashAlgorithm signatureAndHashAlgorithm = TlsUtilities.GetSignatureAndHashAlgorithm( + Context, signerCredentials); + + byte[] hash; + if (signatureAndHashAlgorithm == null) + { + hash = mSecurityParameters.SessionHash; + } + else + { + hash = prepareFinishHash.GetFinalHash(signatureAndHashAlgorithm.Hash); + } + + byte[] signature = signerCredentials.GenerateCertificateSignature(hash); + DigitallySigned certificateVerify = new DigitallySigned(signatureAndHashAlgorithm, signature); + SendCertificateVerifyMessage(certificateVerify); + + this.mConnectionState = CS_CERTIFICATE_VERIFY; + } + + SendChangeCipherSpecMessage(); + SendFinishedMessage(); + break; + } + default: + throw new TlsFatalAlert(AlertDescription.unexpected_message); + } + + this.mConnectionState = CS_CLIENT_FINISHED; + break; + } + case HandshakeType.server_key_exchange: + { + switch (this.mConnectionState) + { + case CS_SERVER_HELLO: + case CS_SERVER_SUPPLEMENTAL_DATA: + case CS_SERVER_CERTIFICATE: + case CS_CERTIFICATE_STATUS: + { + if (mConnectionState < CS_SERVER_SUPPLEMENTAL_DATA) + { + HandleSupplementalData(null); + } + + if (mConnectionState < CS_SERVER_CERTIFICATE) + { + // There was no server certificate message; check it's OK + this.mKeyExchange.SkipServerCredentials(); + this.mAuthentication = null; + } + + this.mKeyExchange.ProcessServerKeyExchange(buf); + + AssertEmpty(buf); + break; + } + default: + throw new TlsFatalAlert(AlertDescription.unexpected_message); + } + + this.mConnectionState = CS_SERVER_KEY_EXCHANGE; + break; + } + case HandshakeType.certificate_request: + { + switch (this.mConnectionState) + { + case CS_SERVER_CERTIFICATE: + case CS_CERTIFICATE_STATUS: + case CS_SERVER_KEY_EXCHANGE: + { + if (this.mConnectionState != CS_SERVER_KEY_EXCHANGE) + { + // There was no server key exchange message; check it's OK + this.mKeyExchange.SkipServerKeyExchange(); + } + + if (this.mAuthentication == null) + { + /* + * RFC 2246 7.4.4. It is a fatal handshake_failure alert for an anonymous server + * to request client identification. + */ + throw new TlsFatalAlert(AlertDescription.handshake_failure); + } + + this.mCertificateRequest = CertificateRequest.Parse(Context, buf); + + AssertEmpty(buf); + + this.mKeyExchange.ValidateCertificateRequest(this.mCertificateRequest); + + /* + * TODO Give the client a chance to immediately select the CertificateVerify hash + * algorithm here to avoid tracking the other hash algorithms unnecessarily? + */ + TlsUtilities.TrackHashAlgorithms(this.mRecordStream.HandshakeHash, + this.mCertificateRequest.SupportedSignatureAlgorithms); + + break; + } + default: + throw new TlsFatalAlert(AlertDescription.unexpected_message); + } + + this.mConnectionState = CS_CERTIFICATE_REQUEST; + break; + } + case HandshakeType.session_ticket: + { + switch (this.mConnectionState) + { + case CS_CLIENT_FINISHED: + { + if (!this.mExpectSessionTicket) + { + /* + * RFC 5077 3.3. This message MUST NOT be sent if the server did not include a + * SessionTicket extension in the ServerHello. + */ + throw new TlsFatalAlert(AlertDescription.unexpected_message); + } + + /* + * RFC 5077 3.4. If the client receives a session ticket from the server, then it + * discards any Session ID that was sent in the ServerHello. + */ + InvalidateSession(); + + ReceiveNewSessionTicketMessage(buf); + break; + } + default: + throw new TlsFatalAlert(AlertDescription.unexpected_message); + } + + this.mConnectionState = CS_SERVER_SESSION_TICKET; + break; + } + case HandshakeType.hello_request: + { + AssertEmpty(buf); + + /* + * RFC 2246 7.4.1.1 Hello request This message will be ignored by the client if the + * client is currently negotiating a session. This message may be ignored by the client + * if it does not wish to renegotiate a session, or the client may, if it wishes, + * respond with a no_renegotiation alert. + */ + if (this.mConnectionState == CS_END) + { + RefuseRenegotiation(); + } + break; + } + case HandshakeType.client_hello: + case HandshakeType.client_key_exchange: + case HandshakeType.certificate_verify: + case HandshakeType.hello_verify_request: + default: + throw new TlsFatalAlert(AlertDescription.unexpected_message); + } + } + + protected virtual void HandleSupplementalData(IList serverSupplementalData) + { + this.mTlsClient.ProcessServerSupplementalData(serverSupplementalData); + this.mConnectionState = CS_SERVER_SUPPLEMENTAL_DATA; + + this.mKeyExchange = mTlsClient.GetKeyExchange(); + this.mKeyExchange.Init(Context); + } + + protected virtual void ReceiveNewSessionTicketMessage(MemoryStream buf) + { + NewSessionTicket newSessionTicket = NewSessionTicket.Parse(buf); + + AssertEmpty(buf); + + mTlsClient.NotifyNewSessionTicket(newSessionTicket); + } + + protected virtual void ReceiveServerHelloMessage(MemoryStream buf) + { + { + ProtocolVersion server_version = TlsUtilities.ReadVersion(buf); + if (server_version.IsDtls) + throw new TlsFatalAlert(AlertDescription.illegal_parameter); + + // Check that this matches what the server is Sending in the record layer + if (!server_version.Equals(this.mRecordStream.ReadVersion)) + throw new TlsFatalAlert(AlertDescription.illegal_parameter); + + ProtocolVersion client_version = Context.ClientVersion; + if (!server_version.IsEqualOrEarlierVersionOf(client_version)) + throw new TlsFatalAlert(AlertDescription.illegal_parameter); + + this.mRecordStream.SetWriteVersion(server_version); + ContextAdmin.SetServerVersion(server_version); + this.mTlsClient.NotifyServerVersion(server_version); + } + + /* + * Read the server random + */ + this.mSecurityParameters.serverRandom = TlsUtilities.ReadFully(32, buf); + + this.mSelectedSessionID = TlsUtilities.ReadOpaque8(buf); + if (this.mSelectedSessionID.Length > 32) + throw new TlsFatalAlert(AlertDescription.illegal_parameter); + this.mTlsClient.NotifySessionID(this.mSelectedSessionID); + this.mResumedSession = this.mSelectedSessionID.Length > 0 && this.mTlsSession != null + && Arrays.AreEqual(this.mSelectedSessionID, this.mTlsSession.SessionID); + + /* + * Find out which CipherSuite the server has chosen and check that it was one of the offered + * ones, and is a valid selection for the negotiated version. + */ + int selectedCipherSuite = TlsUtilities.ReadUint16(buf); + if (!Arrays.Contains(this.mOfferedCipherSuites, selectedCipherSuite) + || selectedCipherSuite == CipherSuite.TLS_NULL_WITH_NULL_NULL + || CipherSuite.IsScsv(selectedCipherSuite) + || !TlsUtilities.IsValidCipherSuiteForVersion(selectedCipherSuite, Context.ServerVersion)) + { + throw new TlsFatalAlert(AlertDescription.illegal_parameter); + } + this.mTlsClient.NotifySelectedCipherSuite(selectedCipherSuite); + + /* + * Find out which CompressionMethod the server has chosen and check that it was one of the + * offered ones. + */ + byte selectedCompressionMethod = TlsUtilities.ReadUint8(buf); + if (!Arrays.Contains(this.mOfferedCompressionMethods, selectedCompressionMethod)) + throw new TlsFatalAlert(AlertDescription.illegal_parameter); + this.mTlsClient.NotifySelectedCompressionMethod(selectedCompressionMethod); + + /* + * RFC 3546 2.2 The extended server hello message format MAY be sent in place of the server + * hello message when the client has requested extended functionality via the extended + * client hello message specified in Section 2.1. ... Note that the extended server hello + * message is only sent in response to an extended client hello message. This prevents the + * possibility that the extended server hello message could "break" existing TLS 1.0 + * clients. + */ + this.mServerExtensions = ReadExtensions(buf); + + /* + * RFC 7627 4. Clients and servers SHOULD NOT accept handshakes that do not use the extended + * master secret [..]. (and see 5.2, 5.3) + */ + this.mSecurityParameters.extendedMasterSecret = !TlsUtilities.IsSsl(mTlsClientContext) + && TlsExtensionsUtilities.HasExtendedMasterSecretExtension(mServerExtensions); + + if (!mSecurityParameters.IsExtendedMasterSecret + && (mResumedSession || mTlsClient.RequiresExtendedMasterSecret())) + { + throw new TlsFatalAlert(AlertDescription.handshake_failure); + } + + /* + * RFC 3546 2.2 Note that the extended server hello message is only sent in response to an + * extended client hello message. + * + * However, see RFC 5746 exception below. We always include the SCSV, so an Extended Server + * Hello is always allowed. + */ + if (this.mServerExtensions != null) + { + foreach (int extType in this.mServerExtensions.Keys) + { + /* + * RFC 5746 3.6. Note that Sending a "renegotiation_info" extension in response to a + * ClientHello containing only the SCSV is an explicit exception to the prohibition + * in RFC 5246, Section 7.4.1.4, on the server Sending unsolicited extensions and is + * only allowed because the client is signaling its willingness to receive the + * extension via the TLS_EMPTY_RENEGOTIATION_INFO_SCSV SCSV. + */ + if (extType == ExtensionType.renegotiation_info) + continue; + + /* + * RFC 5246 7.4.1.4 An extension type MUST NOT appear in the ServerHello unless the + * same extension type appeared in the corresponding ClientHello. If a client + * receives an extension type in ServerHello that it did not request in the + * associated ClientHello, it MUST abort the handshake with an unsupported_extension + * fatal alert. + */ + if (null == TlsUtilities.GetExtensionData(this.mClientExtensions, extType)) + throw new TlsFatalAlert(AlertDescription.unsupported_extension); + + /* + * RFC 3546 2.3. If [...] the older session is resumed, then the server MUST ignore + * extensions appearing in the client hello, and Send a server hello containing no + * extensions[.] + */ + if (this.mResumedSession) + { + // TODO[compat-gnutls] GnuTLS test server Sends server extensions e.g. ec_point_formats + // TODO[compat-openssl] OpenSSL test server Sends server extensions e.g. ec_point_formats + // TODO[compat-polarssl] PolarSSL test server Sends server extensions e.g. ec_point_formats + // throw new TlsFatalAlert(AlertDescription.illegal_parameter); + } + } + } + + /* + * RFC 5746 3.4. Client Behavior: Initial Handshake + */ + { + /* + * When a ServerHello is received, the client MUST check if it includes the + * "renegotiation_info" extension: + */ + byte[] renegExtData = TlsUtilities.GetExtensionData(this.mServerExtensions, ExtensionType.renegotiation_info); + if (renegExtData != null) + { + /* + * If the extension is present, set the secure_renegotiation flag to TRUE. The + * client MUST then verify that the length of the "renegotiated_connection" + * field is zero, and if it is not, MUST abort the handshake (by Sending a fatal + * handshake_failure alert). + */ + this.mSecureRenegotiation = true; + + if (!Arrays.ConstantTimeAreEqual(renegExtData, CreateRenegotiationInfo(TlsUtilities.EmptyBytes))) + throw new TlsFatalAlert(AlertDescription.handshake_failure); + } + } + + // TODO[compat-gnutls] GnuTLS test server fails to Send renegotiation_info extension when resuming + this.mTlsClient.NotifySecureRenegotiation(this.mSecureRenegotiation); + + IDictionary sessionClientExtensions = mClientExtensions, sessionServerExtensions = mServerExtensions; + if (this.mResumedSession) + { + if (selectedCipherSuite != this.mSessionParameters.CipherSuite + || selectedCompressionMethod != this.mSessionParameters.CompressionAlgorithm) + { + throw new TlsFatalAlert(AlertDescription.illegal_parameter); + } + + sessionClientExtensions = null; + sessionServerExtensions = this.mSessionParameters.ReadServerExtensions(); + } + + this.mSecurityParameters.cipherSuite = selectedCipherSuite; + this.mSecurityParameters.compressionAlgorithm = selectedCompressionMethod; + + if (sessionServerExtensions != null && sessionServerExtensions.Count > 0) + { + { + /* + * RFC 7366 3. If a server receives an encrypt-then-MAC request extension from a client + * and then selects a stream or Authenticated Encryption with Associated Data (AEAD) + * ciphersuite, it MUST NOT send an encrypt-then-MAC response extension back to the + * client. + */ + bool serverSentEncryptThenMAC = TlsExtensionsUtilities.HasEncryptThenMacExtension(sessionServerExtensions); + if (serverSentEncryptThenMAC && !TlsUtilities.IsBlockCipherSuite(selectedCipherSuite)) + throw new TlsFatalAlert(AlertDescription.illegal_parameter); + + this.mSecurityParameters.encryptThenMac = serverSentEncryptThenMAC; + } + + this.mSecurityParameters.maxFragmentLength = ProcessMaxFragmentLengthExtension(sessionClientExtensions, + sessionServerExtensions, AlertDescription.illegal_parameter); + + this.mSecurityParameters.truncatedHMac = TlsExtensionsUtilities.HasTruncatedHMacExtension(sessionServerExtensions); + + /* + * TODO It's surprising that there's no provision to allow a 'fresh' CertificateStatus to be sent in + * a session resumption handshake. + */ + this.mAllowCertificateStatus = !this.mResumedSession + && TlsUtilities.HasExpectedEmptyExtensionData(sessionServerExtensions, ExtensionType.status_request, + AlertDescription.illegal_parameter); + + this.mExpectSessionTicket = !this.mResumedSession + && TlsUtilities.HasExpectedEmptyExtensionData(sessionServerExtensions, ExtensionType.session_ticket, + AlertDescription.illegal_parameter); + } + + if (sessionClientExtensions != null) + { + this.mTlsClient.ProcessServerExtensions(sessionServerExtensions); + } + + this.mSecurityParameters.prfAlgorithm = GetPrfAlgorithm(Context, this.mSecurityParameters.CipherSuite); + + /* + * RFC 5246 7.4.9. Any cipher suite which does not explicitly specify + * verify_data_length has a verify_data_length equal to 12. This includes all + * existing cipher suites. + */ + this.mSecurityParameters.verifyDataLength = 12; + } + + protected virtual void SendCertificateVerifyMessage(DigitallySigned certificateVerify) + { + HandshakeMessage message = new HandshakeMessage(HandshakeType.certificate_verify); + + certificateVerify.Encode(message); + + message.WriteToRecordStream(this); + } + + protected virtual void SendClientHelloMessage() + { + this.mRecordStream.SetWriteVersion(this.mTlsClient.ClientHelloRecordLayerVersion); + + ProtocolVersion client_version = this.mTlsClient.ClientVersion; + if (client_version.IsDtls) + throw new TlsFatalAlert(AlertDescription.internal_error); + + ContextAdmin.SetClientVersion(client_version); + + /* + * TODO RFC 5077 3.4. When presenting a ticket, the client MAY generate and include a + * Session ID in the TLS ClientHello. + */ + byte[] session_id = TlsUtilities.EmptyBytes; + if (this.mTlsSession != null) + { + session_id = this.mTlsSession.SessionID; + if (session_id == null || session_id.Length > 32) + { + session_id = TlsUtilities.EmptyBytes; + } + } + + bool fallback = this.mTlsClient.IsFallback; + + this.mOfferedCipherSuites = this.mTlsClient.GetCipherSuites(); + + this.mOfferedCompressionMethods = this.mTlsClient.GetCompressionMethods(); + + if (session_id.Length > 0 && this.mSessionParameters != null) + { + if (!mSessionParameters.IsExtendedMasterSecret + || !Arrays.Contains(this.mOfferedCipherSuites, mSessionParameters.CipherSuite) + || !Arrays.Contains(this.mOfferedCompressionMethods, mSessionParameters.CompressionAlgorithm)) + { + session_id = TlsUtilities.EmptyBytes; + } + } + + this.mClientExtensions = TlsExtensionsUtilities.EnsureExtensionsInitialised(this.mTlsClient.GetClientExtensions()); + + if (!client_version.IsSsl) + { + TlsExtensionsUtilities.AddExtendedMasterSecretExtension(this.mClientExtensions); + } + + HandshakeMessage message = new HandshakeMessage(HandshakeType.client_hello); + + TlsUtilities.WriteVersion(client_version, message); + + message.Write(this.mSecurityParameters.ClientRandom); + + TlsUtilities.WriteOpaque8(session_id, message); + + // Cipher Suites (and SCSV) + { + /* + * RFC 5746 3.4. The client MUST include either an empty "renegotiation_info" extension, + * or the TLS_EMPTY_RENEGOTIATION_INFO_SCSV signaling cipher suite value in the + * ClientHello. Including both is NOT RECOMMENDED. + */ + byte[] renegExtData = TlsUtilities.GetExtensionData(mClientExtensions, ExtensionType.renegotiation_info); + bool noRenegExt = (null == renegExtData); + + bool noRenegScsv = !Arrays.Contains(mOfferedCipherSuites, CipherSuite.TLS_EMPTY_RENEGOTIATION_INFO_SCSV); + + if (noRenegExt && noRenegScsv) + { + // TODO Consider whether to default to a client extension instead + this.mOfferedCipherSuites = Arrays.Append(mOfferedCipherSuites, CipherSuite.TLS_EMPTY_RENEGOTIATION_INFO_SCSV); + } + + /* + * RFC 7507 4. If a client sends a ClientHello.client_version containing a lower value + * than the latest (highest-valued) version supported by the client, it SHOULD include + * the TLS_FALLBACK_SCSV cipher suite value in ClientHello.cipher_suites [..]. (The + * client SHOULD put TLS_FALLBACK_SCSV after all cipher suites that it actually intends + * to negotiate.) + */ + if (fallback && !Arrays.Contains(mOfferedCipherSuites, CipherSuite.TLS_FALLBACK_SCSV)) + { + this.mOfferedCipherSuites = Arrays.Append(mOfferedCipherSuites, CipherSuite.TLS_FALLBACK_SCSV); + } + + TlsUtilities.WriteUint16ArrayWithUint16Length(mOfferedCipherSuites, message); + } + + TlsUtilities.WriteUint8ArrayWithUint8Length(mOfferedCompressionMethods, message); + + WriteExtensions(message, mClientExtensions); + + message.WriteToRecordStream(this); + } + + protected virtual void SendClientKeyExchangeMessage() + { + HandshakeMessage message = new HandshakeMessage(HandshakeType.client_key_exchange); + + this.mKeyExchange.GenerateClientKeyExchange(message); + + message.WriteToRecordStream(this); + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/tls/TlsCloseable.cs b/BouncyCastle/crypto/src/crypto/tls/TlsCloseable.cs new file mode 100644 index 0000000..01625d7 --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/tls/TlsCloseable.cs @@ -0,0 +1,11 @@ +using System; +using System.IO; + +namespace Org.BouncyCastle.Crypto.Tls +{ + public interface TlsCloseable + { + /// + void Close(); + } +} diff --git a/BouncyCastle/crypto/src/crypto/tls/TlsCompression.cs b/BouncyCastle/crypto/src/crypto/tls/TlsCompression.cs new file mode 100644 index 0000000..177d64b --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/tls/TlsCompression.cs @@ -0,0 +1,12 @@ +using System; +using System.IO; + +namespace Org.BouncyCastle.Crypto.Tls +{ + public interface TlsCompression + { + Stream Compress(Stream output); + + Stream Decompress(Stream output); + } +} diff --git a/BouncyCastle/crypto/src/crypto/tls/TlsContext.cs b/BouncyCastle/crypto/src/crypto/tls/TlsContext.cs new file mode 100644 index 0000000..d066723 --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/tls/TlsContext.cs @@ -0,0 +1,45 @@ +using System; + +using Org.BouncyCastle.Crypto.Prng; +using Org.BouncyCastle.Security; + +namespace Org.BouncyCastle.Crypto.Tls +{ + public interface TlsContext + { + IRandomGenerator NonceRandomGenerator { get; } + + SecureRandom SecureRandom { get; } + + SecurityParameters SecurityParameters { get; } + + bool IsServer { get; } + + ProtocolVersion ClientVersion { get; } + + ProtocolVersion ServerVersion { get; } + + /** + * Used to get the resumable session, if any, used by this connection. Only available after the + * handshake has successfully completed. + * + * @return A {@link TlsSession} representing the resumable session used by this connection, or + * null if no resumable session available. + * @see TlsPeer#NotifyHandshakeComplete() + */ + TlsSession ResumableSession { get; } + + object UserObject { get; set; } + + /** + * Export keying material according to RFC 5705: "Keying Material Exporters for TLS". + * + * @param asciiLabel indicates which application will use the exported keys. + * @param context_value allows the application using the exporter to mix its own data with the TLS PRF for + * the exporter output. + * @param length the number of bytes to generate + * @return a pseudorandom bit string of 'length' bytes generated from the master_secret. + */ + byte[] ExportKeyingMaterial(string asciiLabel, byte[] context_value, int length); + } +} diff --git a/BouncyCastle/crypto/src/crypto/tls/TlsCredentials.cs b/BouncyCastle/crypto/src/crypto/tls/TlsCredentials.cs new file mode 100644 index 0000000..5c5f1c0 --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/tls/TlsCredentials.cs @@ -0,0 +1,9 @@ +using System; + +namespace Org.BouncyCastle.Crypto.Tls +{ + public interface TlsCredentials + { + Certificate Certificate { get; } + } +} diff --git a/BouncyCastle/crypto/src/crypto/tls/TlsDHKeyExchange.cs b/BouncyCastle/crypto/src/crypto/tls/TlsDHKeyExchange.cs new file mode 100644 index 0000000..63abe27 --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/tls/TlsDHKeyExchange.cs @@ -0,0 +1,249 @@ +using System; +using System.Collections; +using System.IO; + +using Org.BouncyCastle.Asn1.X509; +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Security; + +namespace Org.BouncyCastle.Crypto.Tls +{ + /// (D)TLS DH key exchange. + public class TlsDHKeyExchange + : AbstractTlsKeyExchange + { + protected TlsSigner mTlsSigner; + protected TlsDHVerifier mDHVerifier; + protected DHParameters mDHParameters; + + protected AsymmetricKeyParameter mServerPublicKey; + protected TlsAgreementCredentials mAgreementCredentials; + + protected DHPrivateKeyParameters mDHAgreePrivateKey; + protected DHPublicKeyParameters mDHAgreePublicKey; + + [Obsolete("Use constructor that takes a TlsDHVerifier")] + public TlsDHKeyExchange(int keyExchange, IList supportedSignatureAlgorithms, DHParameters dhParameters) + : this(keyExchange, supportedSignatureAlgorithms, new DefaultTlsDHVerifier(), dhParameters) + { + } + + public TlsDHKeyExchange(int keyExchange, IList supportedSignatureAlgorithms, TlsDHVerifier dhVerifier, DHParameters dhParameters) + : base(keyExchange, supportedSignatureAlgorithms) + { + switch (keyExchange) + { + case KeyExchangeAlgorithm.DH_anon: + case KeyExchangeAlgorithm.DH_RSA: + case KeyExchangeAlgorithm.DH_DSS: + this.mTlsSigner = null; + break; + case KeyExchangeAlgorithm.DHE_RSA: + this.mTlsSigner = new TlsRsaSigner(); + break; + case KeyExchangeAlgorithm.DHE_DSS: + this.mTlsSigner = new TlsDssSigner(); + break; + default: + throw new InvalidOperationException("unsupported key exchange algorithm"); + } + + this.mDHVerifier = dhVerifier; + this.mDHParameters = dhParameters; + } + + public override void Init(TlsContext context) + { + base.Init(context); + + if (this.mTlsSigner != null) + { + this.mTlsSigner.Init(context); + } + } + + public override void SkipServerCredentials() + { + if (mKeyExchange != KeyExchangeAlgorithm.DH_anon) + throw new TlsFatalAlert(AlertDescription.unexpected_message); + } + + public override void ProcessServerCertificate(Certificate serverCertificate) + { + if (mKeyExchange == KeyExchangeAlgorithm.DH_anon) + throw new TlsFatalAlert(AlertDescription.unexpected_message); + if (serverCertificate.IsEmpty) + throw new TlsFatalAlert(AlertDescription.decode_error); + + X509CertificateStructure x509Cert = serverCertificate.GetCertificateAt(0); + + SubjectPublicKeyInfo keyInfo = x509Cert.SubjectPublicKeyInfo; + try + { + this.mServerPublicKey = PublicKeyFactory.CreateKey(keyInfo); + } + catch (Exception e) + { + throw new TlsFatalAlert(AlertDescription.unsupported_certificate, e); + } + + if (mTlsSigner == null) + { + try + { + this.mDHAgreePublicKey = (DHPublicKeyParameters)this.mServerPublicKey; + this.mDHParameters = mDHAgreePublicKey.Parameters; + } + catch (InvalidCastException e) + { + throw new TlsFatalAlert(AlertDescription.certificate_unknown, e); + } + + TlsUtilities.ValidateKeyUsage(x509Cert, KeyUsage.KeyAgreement); + } + else + { + if (!mTlsSigner.IsValidPublicKey(this.mServerPublicKey)) + { + throw new TlsFatalAlert(AlertDescription.certificate_unknown); + } + + TlsUtilities.ValidateKeyUsage(x509Cert, KeyUsage.DigitalSignature); + } + + base.ProcessServerCertificate(serverCertificate); + } + + public override bool RequiresServerKeyExchange + { + get + { + switch (mKeyExchange) + { + case KeyExchangeAlgorithm.DH_anon: + case KeyExchangeAlgorithm.DHE_DSS: + case KeyExchangeAlgorithm.DHE_RSA: + return true; + default: + return false; + } + } + } + + public override byte[] GenerateServerKeyExchange() + { + if (!RequiresServerKeyExchange) + return null; + + // DH_anon is handled here, DHE_* in a subclass + + MemoryStream buf = new MemoryStream(); + this.mDHAgreePrivateKey = TlsDHUtilities.GenerateEphemeralServerKeyExchange(mContext.SecureRandom, + this.mDHParameters, buf); + return buf.ToArray(); + } + + public override void ProcessServerKeyExchange(Stream input) + { + if (!RequiresServerKeyExchange) + throw new TlsFatalAlert(AlertDescription.unexpected_message); + + // DH_anon is handled here, DHE_* in a subclass + + this.mDHParameters = TlsDHUtilities.ReceiveDHParameters(mDHVerifier, input); + this.mDHAgreePublicKey = new DHPublicKeyParameters(TlsDHUtilities.ReadDHParameter(input), mDHParameters); + } + + public override void ValidateCertificateRequest(CertificateRequest certificateRequest) + { + if (mKeyExchange == KeyExchangeAlgorithm.DH_anon) + throw new TlsFatalAlert(AlertDescription.handshake_failure); + + byte[] types = certificateRequest.CertificateTypes; + for (int i = 0; i < types.Length; ++i) + { + switch (types[i]) + { + case ClientCertificateType.rsa_sign: + case ClientCertificateType.dss_sign: + case ClientCertificateType.rsa_fixed_dh: + case ClientCertificateType.dss_fixed_dh: + case ClientCertificateType.ecdsa_sign: + break; + default: + throw new TlsFatalAlert(AlertDescription.illegal_parameter); + } + } + } + + public override void ProcessClientCredentials(TlsCredentials clientCredentials) + { + if (mKeyExchange == KeyExchangeAlgorithm.DH_anon) + throw new TlsFatalAlert(AlertDescription.internal_error); + + if (clientCredentials is TlsAgreementCredentials) + { + // TODO Validate client cert has matching parameters (see 'areCompatibleParameters')? + + this.mAgreementCredentials = (TlsAgreementCredentials)clientCredentials; + } + else if (clientCredentials is TlsSignerCredentials) + { + // OK + } + else + { + throw new TlsFatalAlert(AlertDescription.internal_error); + } + } + + public override void GenerateClientKeyExchange(Stream output) + { + /* + * RFC 2246 7.4.7.2 If the client certificate already contains a suitable Diffie-Hellman + * key, then Yc is implicit and does not need to be sent again. In this case, the Client Key + * Exchange message will be sent, but will be empty. + */ + if (mAgreementCredentials == null) + { + this.mDHAgreePrivateKey = TlsDHUtilities.GenerateEphemeralClientKeyExchange(mContext.SecureRandom, + mDHParameters, output); + } + } + + public override void ProcessClientCertificate(Certificate clientCertificate) + { + if (mKeyExchange == KeyExchangeAlgorithm.DH_anon) + throw new TlsFatalAlert(AlertDescription.unexpected_message); + + // TODO Extract the public key + // TODO If the certificate is 'fixed', take the public key as dhAgreePublicKey + } + + public override void ProcessClientKeyExchange(Stream input) + { + if (mDHAgreePublicKey != null) + { + // For dss_fixed_dh and rsa_fixed_dh, the key arrived in the client certificate + return; + } + + this.mDHAgreePublicKey = new DHPublicKeyParameters(TlsDHUtilities.ReadDHParameter(input), mDHParameters); + } + + public override byte[] GeneratePremasterSecret() + { + if (mAgreementCredentials != null) + { + return mAgreementCredentials.GenerateAgreement(mDHAgreePublicKey); + } + + if (mDHAgreePrivateKey != null) + { + return TlsDHUtilities.CalculateDHBasicAgreement(mDHAgreePublicKey, mDHAgreePrivateKey); + } + + throw new TlsFatalAlert(AlertDescription.internal_error); + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/tls/TlsDHUtilities.cs b/BouncyCastle/crypto/src/crypto/tls/TlsDHUtilities.cs new file mode 100644 index 0000000..fb52133 --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/tls/TlsDHUtilities.cs @@ -0,0 +1,470 @@ +using System; +using System.Collections; +using System.IO; + +using Org.BouncyCastle.Crypto.Agreement; +using Org.BouncyCastle.Crypto.Generators; +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Math; +using Org.BouncyCastle.Security; +using Org.BouncyCastle.Utilities; +using Org.BouncyCastle.Utilities.Encoders; + +namespace Org.BouncyCastle.Crypto.Tls +{ + public abstract class TlsDHUtilities + { + internal static readonly BigInteger Two = BigInteger.Two; + + /* + * TODO[draft-ietf-tls-negotiated-ff-dhe-01] Move these groups to DHStandardGroups once reaches RFC + */ + private static BigInteger FromHex(String hex) + { + return new BigInteger(1, Hex.DecodeStrict(hex)); + } + + private static DHParameters FromSafeP(String hexP) + { + BigInteger p = FromHex(hexP), q = p.ShiftRight(1); + return new DHParameters(p, Two, q); + } + + private static readonly string draft_ffdhe2432_p = + "FFFFFFFFFFFFFFFFADF85458A2BB4A9AAFDC5620273D3CF1" + + "D8B9C583CE2D3695A9E13641146433FBCC939DCE249B3EF9" + + "7D2FE363630C75D8F681B202AEC4617AD3DF1ED5D5FD6561" + + "2433F51F5F066ED0856365553DED1AF3B557135E7F57C935" + + "984F0C70E0E68B77E2A689DAF3EFE8721DF158A136ADE735" + + "30ACCA4F483A797ABC0AB182B324FB61D108A94BB2C8E3FB" + + "B96ADAB760D7F4681D4F42A3DE394DF4AE56EDE76372BB19" + + "0B07A7C8EE0A6D709E02FCE1CDF7E2ECC03404CD28342F61" + + "9172FE9CE98583FF8E4F1232EEF28183C3FE3B1B4C6FAD73" + + "3BB5FCBC2EC22005C58EF1837D1683B2C6F34A26C1B2EFFA" + + "886B4238611FCFDCDE355B3B6519035BBC34F4DEF99C0238" + + "61B46FC9D6E6C9077AD91D2691F7F7EE598CB0FAC186D91C" + + "AEFE13098533C8B3FFFFFFFFFFFFFFFF"; + internal static readonly DHParameters draft_ffdhe2432 = FromSafeP(draft_ffdhe2432_p); + + private static readonly string draft_ffdhe3072_p = + "FFFFFFFFFFFFFFFFADF85458A2BB4A9AAFDC5620273D3CF1" + + "D8B9C583CE2D3695A9E13641146433FBCC939DCE249B3EF9" + + "7D2FE363630C75D8F681B202AEC4617AD3DF1ED5D5FD6561" + + "2433F51F5F066ED0856365553DED1AF3B557135E7F57C935" + + "984F0C70E0E68B77E2A689DAF3EFE8721DF158A136ADE735" + + "30ACCA4F483A797ABC0AB182B324FB61D108A94BB2C8E3FB" + + "B96ADAB760D7F4681D4F42A3DE394DF4AE56EDE76372BB19" + + "0B07A7C8EE0A6D709E02FCE1CDF7E2ECC03404CD28342F61" + + "9172FE9CE98583FF8E4F1232EEF28183C3FE3B1B4C6FAD73" + + "3BB5FCBC2EC22005C58EF1837D1683B2C6F34A26C1B2EFFA" + + "886B4238611FCFDCDE355B3B6519035BBC34F4DEF99C0238" + + "61B46FC9D6E6C9077AD91D2691F7F7EE598CB0FAC186D91C" + + "AEFE130985139270B4130C93BC437944F4FD4452E2D74DD3" + + "64F2E21E71F54BFF5CAE82AB9C9DF69EE86D2BC522363A0D" + + "ABC521979B0DEADA1DBF9A42D5C4484E0ABCD06BFA53DDEF" + + "3C1B20EE3FD59D7C25E41D2B66C62E37FFFFFFFFFFFFFFFF"; + internal static readonly DHParameters draft_ffdhe3072 = FromSafeP(draft_ffdhe3072_p); + + private static readonly string draft_ffdhe4096_p = + "FFFFFFFFFFFFFFFFADF85458A2BB4A9AAFDC5620273D3CF1" + + "D8B9C583CE2D3695A9E13641146433FBCC939DCE249B3EF9" + + "7D2FE363630C75D8F681B202AEC4617AD3DF1ED5D5FD6561" + + "2433F51F5F066ED0856365553DED1AF3B557135E7F57C935" + + "984F0C70E0E68B77E2A689DAF3EFE8721DF158A136ADE735" + + "30ACCA4F483A797ABC0AB182B324FB61D108A94BB2C8E3FB" + + "B96ADAB760D7F4681D4F42A3DE394DF4AE56EDE76372BB19" + + "0B07A7C8EE0A6D709E02FCE1CDF7E2ECC03404CD28342F61" + + "9172FE9CE98583FF8E4F1232EEF28183C3FE3B1B4C6FAD73" + + "3BB5FCBC2EC22005C58EF1837D1683B2C6F34A26C1B2EFFA" + + "886B4238611FCFDCDE355B3B6519035BBC34F4DEF99C0238" + + "61B46FC9D6E6C9077AD91D2691F7F7EE598CB0FAC186D91C" + + "AEFE130985139270B4130C93BC437944F4FD4452E2D74DD3" + + "64F2E21E71F54BFF5CAE82AB9C9DF69EE86D2BC522363A0D" + + "ABC521979B0DEADA1DBF9A42D5C4484E0ABCD06BFA53DDEF" + + "3C1B20EE3FD59D7C25E41D2B669E1EF16E6F52C3164DF4FB" + + "7930E9E4E58857B6AC7D5F42D69F6D187763CF1D55034004" + + "87F55BA57E31CC7A7135C886EFB4318AED6A1E012D9E6832" + + "A907600A918130C46DC778F971AD0038092999A333CB8B7A" + + "1A1DB93D7140003C2A4ECEA9F98D0ACC0A8291CDCEC97DCF" + + "8EC9B55A7F88A46B4DB5A851F44182E1C68A007E5E655F6A" + + "FFFFFFFFFFFFFFFF"; + internal static readonly DHParameters draft_ffdhe4096 = FromSafeP(draft_ffdhe4096_p); + + private static readonly string draft_ffdhe6144_p = + "FFFFFFFFFFFFFFFFADF85458A2BB4A9AAFDC5620273D3CF1" + + "D8B9C583CE2D3695A9E13641146433FBCC939DCE249B3EF9" + + "7D2FE363630C75D8F681B202AEC4617AD3DF1ED5D5FD6561" + + "2433F51F5F066ED0856365553DED1AF3B557135E7F57C935" + + "984F0C70E0E68B77E2A689DAF3EFE8721DF158A136ADE735" + + "30ACCA4F483A797ABC0AB182B324FB61D108A94BB2C8E3FB" + + "B96ADAB760D7F4681D4F42A3DE394DF4AE56EDE76372BB19" + + "0B07A7C8EE0A6D709E02FCE1CDF7E2ECC03404CD28342F61" + + "9172FE9CE98583FF8E4F1232EEF28183C3FE3B1B4C6FAD73" + + "3BB5FCBC2EC22005C58EF1837D1683B2C6F34A26C1B2EFFA" + + "886B4238611FCFDCDE355B3B6519035BBC34F4DEF99C0238" + + "61B46FC9D6E6C9077AD91D2691F7F7EE598CB0FAC186D91C" + + "AEFE130985139270B4130C93BC437944F4FD4452E2D74DD3" + + "64F2E21E71F54BFF5CAE82AB9C9DF69EE86D2BC522363A0D" + + "ABC521979B0DEADA1DBF9A42D5C4484E0ABCD06BFA53DDEF" + + "3C1B20EE3FD59D7C25E41D2B669E1EF16E6F52C3164DF4FB" + + "7930E9E4E58857B6AC7D5F42D69F6D187763CF1D55034004" + + "87F55BA57E31CC7A7135C886EFB4318AED6A1E012D9E6832" + + "A907600A918130C46DC778F971AD0038092999A333CB8B7A" + + "1A1DB93D7140003C2A4ECEA9F98D0ACC0A8291CDCEC97DCF" + + "8EC9B55A7F88A46B4DB5A851F44182E1C68A007E5E0DD902" + + "0BFD64B645036C7A4E677D2C38532A3A23BA4442CAF53EA6" + + "3BB454329B7624C8917BDD64B1C0FD4CB38E8C334C701C3A" + + "CDAD0657FCCFEC719B1F5C3E4E46041F388147FB4CFDB477" + + "A52471F7A9A96910B855322EDB6340D8A00EF092350511E3" + + "0ABEC1FFF9E3A26E7FB29F8C183023C3587E38DA0077D9B4" + + "763E4E4B94B2BBC194C6651E77CAF992EEAAC0232A281BF6" + + "B3A739C1226116820AE8DB5847A67CBEF9C9091B462D538C" + + "D72B03746AE77F5E62292C311562A846505DC82DB854338A" + + "E49F5235C95B91178CCF2DD5CACEF403EC9D1810C6272B04" + + "5B3B71F9DC6B80D63FDD4A8E9ADB1E6962A69526D43161C1" + + "A41D570D7938DAD4A40E329CD0E40E65FFFFFFFFFFFFFFFF"; + internal static readonly DHParameters draft_ffdhe6144 = FromSafeP(draft_ffdhe6144_p); + + private static readonly string draft_ffdhe8192_p = + "FFFFFFFFFFFFFFFFADF85458A2BB4A9AAFDC5620273D3CF1" + + "D8B9C583CE2D3695A9E13641146433FBCC939DCE249B3EF9" + + "7D2FE363630C75D8F681B202AEC4617AD3DF1ED5D5FD6561" + + "2433F51F5F066ED0856365553DED1AF3B557135E7F57C935" + + "984F0C70E0E68B77E2A689DAF3EFE8721DF158A136ADE735" + + "30ACCA4F483A797ABC0AB182B324FB61D108A94BB2C8E3FB" + + "B96ADAB760D7F4681D4F42A3DE394DF4AE56EDE76372BB19" + + "0B07A7C8EE0A6D709E02FCE1CDF7E2ECC03404CD28342F61" + + "9172FE9CE98583FF8E4F1232EEF28183C3FE3B1B4C6FAD73" + + "3BB5FCBC2EC22005C58EF1837D1683B2C6F34A26C1B2EFFA" + + "886B4238611FCFDCDE355B3B6519035BBC34F4DEF99C0238" + + "61B46FC9D6E6C9077AD91D2691F7F7EE598CB0FAC186D91C" + + "AEFE130985139270B4130C93BC437944F4FD4452E2D74DD3" + + "64F2E21E71F54BFF5CAE82AB9C9DF69EE86D2BC522363A0D" + + "ABC521979B0DEADA1DBF9A42D5C4484E0ABCD06BFA53DDEF" + + "3C1B20EE3FD59D7C25E41D2B669E1EF16E6F52C3164DF4FB" + + "7930E9E4E58857B6AC7D5F42D69F6D187763CF1D55034004" + + "87F55BA57E31CC7A7135C886EFB4318AED6A1E012D9E6832" + + "A907600A918130C46DC778F971AD0038092999A333CB8B7A" + + "1A1DB93D7140003C2A4ECEA9F98D0ACC0A8291CDCEC97DCF" + + "8EC9B55A7F88A46B4DB5A851F44182E1C68A007E5E0DD902" + + "0BFD64B645036C7A4E677D2C38532A3A23BA4442CAF53EA6" + + "3BB454329B7624C8917BDD64B1C0FD4CB38E8C334C701C3A" + + "CDAD0657FCCFEC719B1F5C3E4E46041F388147FB4CFDB477" + + "A52471F7A9A96910B855322EDB6340D8A00EF092350511E3" + + "0ABEC1FFF9E3A26E7FB29F8C183023C3587E38DA0077D9B4" + + "763E4E4B94B2BBC194C6651E77CAF992EEAAC0232A281BF6" + + "B3A739C1226116820AE8DB5847A67CBEF9C9091B462D538C" + + "D72B03746AE77F5E62292C311562A846505DC82DB854338A" + + "E49F5235C95B91178CCF2DD5CACEF403EC9D1810C6272B04" + + "5B3B71F9DC6B80D63FDD4A8E9ADB1E6962A69526D43161C1" + + "A41D570D7938DAD4A40E329CCFF46AAA36AD004CF600C838" + + "1E425A31D951AE64FDB23FCEC9509D43687FEB69EDD1CC5E" + + "0B8CC3BDF64B10EF86B63142A3AB8829555B2F747C932665" + + "CB2C0F1CC01BD70229388839D2AF05E454504AC78B758282" + + "2846C0BA35C35F5C59160CC046FD8251541FC68C9C86B022" + + "BB7099876A460E7451A8A93109703FEE1C217E6C3826E52C" + + "51AA691E0E423CFC99E9E31650C1217B624816CDAD9A95F9" + + "D5B8019488D9C0A0A1FE3075A577E23183F81D4A3F2FA457" + + "1EFC8CE0BA8A4FE8B6855DFE72B0A66EDED2FBABFBE58A30" + + "FAFABE1C5D71A87E2F741EF8C1FE86FEA6BBFDE530677F0D" + + "97D11D49F7A8443D0822E506A9F4614E011E2A94838FF88C" + + "D68C8BB7C5C6424CFFFFFFFFFFFFFFFF"; + internal static readonly DHParameters draft_ffdhe8192 = FromSafeP(draft_ffdhe8192_p); + + + public static void AddNegotiatedDheGroupsClientExtension(IDictionary extensions, byte[] dheGroups) + { + extensions[ExtensionType.negotiated_ff_dhe_groups] = CreateNegotiatedDheGroupsClientExtension(dheGroups); + } + + public static void AddNegotiatedDheGroupsServerExtension(IDictionary extensions, byte dheGroup) + { + extensions[ExtensionType.negotiated_ff_dhe_groups] = CreateNegotiatedDheGroupsServerExtension(dheGroup); + } + + public static byte[] GetNegotiatedDheGroupsClientExtension(IDictionary extensions) + { + byte[] extensionData = TlsUtilities.GetExtensionData(extensions, ExtensionType.negotiated_ff_dhe_groups); + return extensionData == null ? null : ReadNegotiatedDheGroupsClientExtension(extensionData); + } + + public static short GetNegotiatedDheGroupsServerExtension(IDictionary extensions) + { + byte[] extensionData = TlsUtilities.GetExtensionData(extensions, ExtensionType.negotiated_ff_dhe_groups); + return extensionData == null ? (short)-1 : (short)ReadNegotiatedDheGroupsServerExtension(extensionData); + } + + public static byte[] CreateNegotiatedDheGroupsClientExtension(byte[] dheGroups) + { + if (dheGroups == null || dheGroups.Length < 1 || dheGroups.Length > 255) + throw new TlsFatalAlert(AlertDescription.internal_error); + + return TlsUtilities.EncodeUint8ArrayWithUint8Length(dheGroups); + } + + public static byte[] CreateNegotiatedDheGroupsServerExtension(byte dheGroup) + { + return TlsUtilities.EncodeUint8(dheGroup); + } + + public static byte[] ReadNegotiatedDheGroupsClientExtension(byte[] extensionData) + { + byte[] dheGroups = TlsUtilities.DecodeUint8ArrayWithUint8Length(extensionData); + if (dheGroups.Length < 1) + throw new TlsFatalAlert(AlertDescription.decode_error); + return dheGroups; + } + + public static byte ReadNegotiatedDheGroupsServerExtension(byte[] extensionData) + { + return TlsUtilities.DecodeUint8(extensionData); + } + + public static DHParameters GetParametersForDHEGroup(short dheGroup) + { + switch (dheGroup) + { + case FiniteFieldDheGroup.ffdhe2432: + return draft_ffdhe2432; + case FiniteFieldDheGroup.ffdhe3072: + return draft_ffdhe3072; + case FiniteFieldDheGroup.ffdhe4096: + return draft_ffdhe4096; + case FiniteFieldDheGroup.ffdhe6144: + return draft_ffdhe6144; + case FiniteFieldDheGroup.ffdhe8192: + return draft_ffdhe8192; + default: + return null; + } + } + + public static bool ContainsDheCipherSuites(int[] cipherSuites) + { + for (int i = 0; i < cipherSuites.Length; ++i) + { + if (IsDheCipherSuite(cipherSuites[i])) + return true; + } + return false; + } + + public static bool IsDheCipherSuite(int cipherSuite) + { + switch (cipherSuite) + { + /* + * RFC 2246 + */ + case CipherSuite.TLS_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA: + case CipherSuite.TLS_DHE_DSS_WITH_DES_CBC_SHA: + case CipherSuite.TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA: + case CipherSuite.TLS_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA: + case CipherSuite.TLS_DHE_RSA_WITH_DES_CBC_SHA: + case CipherSuite.TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA: + + /* + * RFC 3268 + */ + case CipherSuite.TLS_DHE_DSS_WITH_AES_128_CBC_SHA: + case CipherSuite.TLS_DHE_RSA_WITH_AES_128_CBC_SHA: + case CipherSuite.TLS_DHE_DSS_WITH_AES_256_CBC_SHA: + case CipherSuite.TLS_DHE_RSA_WITH_AES_256_CBC_SHA: + + /* + * RFC 5932 + */ + case CipherSuite.TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA: + case CipherSuite.TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA: + case CipherSuite.TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA: + case CipherSuite.TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA: + case CipherSuite.TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA256: + case CipherSuite.TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256: + case CipherSuite.TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA256: + case CipherSuite.TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256: + + /* + * RFC 4162 + */ + case CipherSuite.TLS_DHE_DSS_WITH_SEED_CBC_SHA: + case CipherSuite.TLS_DHE_RSA_WITH_SEED_CBC_SHA: + + /* + * RFC 4279 + */ + case CipherSuite.TLS_DHE_PSK_WITH_RC4_128_SHA: + case CipherSuite.TLS_DHE_PSK_WITH_3DES_EDE_CBC_SHA: + case CipherSuite.TLS_DHE_PSK_WITH_AES_128_CBC_SHA: + case CipherSuite.TLS_DHE_PSK_WITH_AES_256_CBC_SHA: + + /* + * RFC 4785 + */ + case CipherSuite.TLS_DHE_PSK_WITH_NULL_SHA: + + /* + * RFC 5246 + */ + case CipherSuite.TLS_DHE_DSS_WITH_AES_128_CBC_SHA256: + case CipherSuite.TLS_DHE_RSA_WITH_AES_128_CBC_SHA256: + case CipherSuite.TLS_DHE_DSS_WITH_AES_256_CBC_SHA256: + case CipherSuite.TLS_DHE_RSA_WITH_AES_256_CBC_SHA256: + + /* + * RFC 5288 + */ + case CipherSuite.TLS_DHE_RSA_WITH_AES_128_GCM_SHA256: + case CipherSuite.TLS_DHE_RSA_WITH_AES_256_GCM_SHA384: + case CipherSuite.TLS_DHE_DSS_WITH_AES_128_GCM_SHA256: + case CipherSuite.TLS_DHE_DSS_WITH_AES_256_GCM_SHA384: + + /* + * RFC 5487 + */ + case CipherSuite.TLS_DHE_PSK_WITH_AES_128_GCM_SHA256: + case CipherSuite.TLS_DHE_PSK_WITH_AES_256_GCM_SHA384: + case CipherSuite.TLS_DHE_PSK_WITH_AES_128_CBC_SHA256: + case CipherSuite.TLS_DHE_PSK_WITH_AES_256_CBC_SHA384: + case CipherSuite.TLS_DHE_PSK_WITH_NULL_SHA256: + case CipherSuite.TLS_DHE_PSK_WITH_NULL_SHA384: + + /* + * RFC 6367 + */ + case CipherSuite.TLS_DHE_RSA_WITH_CAMELLIA_128_GCM_SHA256: + case CipherSuite.TLS_DHE_RSA_WITH_CAMELLIA_256_GCM_SHA384: + case CipherSuite.TLS_DHE_DSS_WITH_CAMELLIA_128_GCM_SHA256: + case CipherSuite.TLS_DHE_DSS_WITH_CAMELLIA_256_GCM_SHA384: + case CipherSuite.TLS_DHE_PSK_WITH_CAMELLIA_128_GCM_SHA256: + case CipherSuite.TLS_DHE_PSK_WITH_CAMELLIA_256_GCM_SHA384: + case CipherSuite.TLS_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256: + case CipherSuite.TLS_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384: + + /* + * RFC 6655 + */ + case CipherSuite.TLS_DHE_RSA_WITH_AES_128_CCM: + case CipherSuite.TLS_DHE_RSA_WITH_AES_256_CCM: + case CipherSuite.TLS_DHE_RSA_WITH_AES_128_CCM_8: + case CipherSuite.TLS_DHE_RSA_WITH_AES_256_CCM_8: + case CipherSuite.TLS_DHE_PSK_WITH_AES_128_CCM: + case CipherSuite.TLS_DHE_PSK_WITH_AES_256_CCM: + case CipherSuite.TLS_PSK_DHE_WITH_AES_128_CCM_8: + case CipherSuite.TLS_PSK_DHE_WITH_AES_256_CCM_8: + + /* + * draft-ietf-tls-chacha20-poly1305-04 + */ + case CipherSuite.DRAFT_TLS_DHE_PSK_WITH_CHACHA20_POLY1305_SHA256: + case CipherSuite.DRAFT_TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256: + + /* + * DH_anon cipher suites are consider ephemeral DH + */ + case CipherSuite.TLS_DH_anon_WITH_3DES_EDE_CBC_SHA: + case CipherSuite.TLS_DH_anon_WITH_AES_128_CBC_SHA: + case CipherSuite.TLS_DH_anon_WITH_AES_128_CBC_SHA256: + case CipherSuite.TLS_DH_anon_WITH_AES_128_GCM_SHA256: + case CipherSuite.TLS_DH_anon_WITH_AES_256_CBC_SHA: + case CipherSuite.TLS_DH_anon_WITH_AES_256_CBC_SHA256: + case CipherSuite.TLS_DH_anon_WITH_AES_256_GCM_SHA384: + case CipherSuite.TLS_DH_anon_WITH_CAMELLIA_128_CBC_SHA: + case CipherSuite.TLS_DH_anon_WITH_CAMELLIA_128_CBC_SHA256: + case CipherSuite.TLS_DH_anon_WITH_CAMELLIA_128_GCM_SHA256: + case CipherSuite.TLS_DH_anon_WITH_CAMELLIA_256_CBC_SHA: + case CipherSuite.TLS_DH_anon_WITH_CAMELLIA_256_CBC_SHA256: + case CipherSuite.TLS_DH_anon_WITH_CAMELLIA_256_GCM_SHA384: + case CipherSuite.TLS_DH_anon_WITH_RC4_128_MD5: + case CipherSuite.TLS_DH_anon_WITH_SEED_CBC_SHA: + + return true; + + default: + return false; + } + } + + public static bool AreCompatibleParameters(DHParameters a, DHParameters b) + { + return a.P.Equals(b.P) && a.G.Equals(b.G) + && (a.Q == null || b.Q == null || a.Q.Equals(b.Q)); + } + + public static byte[] CalculateDHBasicAgreement(DHPublicKeyParameters publicKey, + DHPrivateKeyParameters privateKey) + { + DHBasicAgreement basicAgreement = new DHBasicAgreement(); + basicAgreement.Init(privateKey); + BigInteger agreementValue = basicAgreement.CalculateAgreement(publicKey); + + /* + * RFC 5246 8.1.2. Leading bytes of Z that contain all zero bits are stripped before it is + * used as the pre_master_secret. + */ + return BigIntegers.AsUnsignedByteArray(agreementValue); + } + + public static AsymmetricCipherKeyPair GenerateDHKeyPair(SecureRandom random, DHParameters dhParams) + { + DHBasicKeyPairGenerator dhGen = new DHBasicKeyPairGenerator(); + dhGen.Init(new DHKeyGenerationParameters(random, dhParams)); + return dhGen.GenerateKeyPair(); + } + + public static DHPrivateKeyParameters GenerateEphemeralClientKeyExchange(SecureRandom random, + DHParameters dhParams, Stream output) + { + AsymmetricCipherKeyPair kp = GenerateDHKeyPair(random, dhParams); + + DHPublicKeyParameters dhPublic = (DHPublicKeyParameters)kp.Public; + WriteDHParameter(dhPublic.Y, output); + + return (DHPrivateKeyParameters)kp.Private; + } + + public static DHPrivateKeyParameters GenerateEphemeralServerKeyExchange(SecureRandom random, + DHParameters dhParams, Stream output) + { + AsymmetricCipherKeyPair kp = GenerateDHKeyPair(random, dhParams); + + DHPublicKeyParameters dhPublic = (DHPublicKeyParameters)kp.Public; + WriteDHParameters(dhParams, output); + WriteDHParameter(dhPublic.Y, output); + + return (DHPrivateKeyParameters)kp.Private; + } + + public static BigInteger ReadDHParameter(Stream input) + { + return new BigInteger(1, TlsUtilities.ReadOpaque16(input)); + } + + public static DHParameters ReadDHParameters(Stream input) + { + BigInteger p = ReadDHParameter(input); + BigInteger g = ReadDHParameter(input); + + return new DHParameters(p, g); + } + + public static DHParameters ReceiveDHParameters(TlsDHVerifier dhVerifier, Stream input) + { + DHParameters dhParameters = ReadDHParameters(input); + if (!dhVerifier.Accept(dhParameters)) + throw new TlsFatalAlert(AlertDescription.insufficient_security); + + return dhParameters; + } + + public static void WriteDHParameter(BigInteger x, Stream output) + { + TlsUtilities.WriteOpaque16(BigIntegers.AsUnsignedByteArray(x), output); + } + + public static void WriteDHParameters(DHParameters dhParameters, Stream output) + { + WriteDHParameter(dhParameters.P, output); + WriteDHParameter(dhParameters.G, output); + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/tls/TlsDHVerifier.cs b/BouncyCastle/crypto/src/crypto/tls/TlsDHVerifier.cs new file mode 100644 index 0000000..867403c --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/tls/TlsDHVerifier.cs @@ -0,0 +1,15 @@ +using System; + +using Org.BouncyCastle.Crypto.Parameters; + +namespace Org.BouncyCastle.Crypto.Tls +{ + /// An interface for verifying that Diffie-Hellman parameters are acceptable. + public interface TlsDHVerifier + { + /// Verify that the given DHParameters are acceptable. + /// The DHParameters to verify. + /// true if (and only if) the specified parameters are acceptable. + bool Accept(DHParameters dhParameters); + } +} diff --git a/BouncyCastle/crypto/src/crypto/tls/TlsDeflateCompression.cs b/BouncyCastle/crypto/src/crypto/tls/TlsDeflateCompression.cs new file mode 100644 index 0000000..9e11529 --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/tls/TlsDeflateCompression.cs @@ -0,0 +1,68 @@ +using System; +using System.IO; + +using Org.BouncyCastle.Utilities.Zlib; + +namespace Org.BouncyCastle.Crypto.Tls +{ + public class TlsDeflateCompression : TlsCompression + { + public const int LEVEL_NONE = JZlib.Z_NO_COMPRESSION; + public const int LEVEL_FASTEST = JZlib.Z_BEST_SPEED; + public const int LEVEL_SMALLEST = JZlib.Z_BEST_COMPRESSION; + public const int LEVEL_DEFAULT = JZlib.Z_DEFAULT_COMPRESSION; + + protected readonly ZStream zIn, zOut; + + public TlsDeflateCompression() + : this(LEVEL_DEFAULT) + { + } + + public TlsDeflateCompression(int level) + { + this.zIn = new ZStream(); + this.zIn.inflateInit(); + + this.zOut = new ZStream(); + this.zOut.deflateInit(level); + } + + public virtual Stream Compress(Stream output) + { + return new DeflateOutputStream(output, zOut, true); + } + + public virtual Stream Decompress(Stream output) + { + return new DeflateOutputStream(output, zIn, false); + } + + protected class DeflateOutputStream : ZOutputStream + { + public DeflateOutputStream(Stream output, ZStream z, bool compress) + : base(output, z) + { + this.compress = compress; + + /* + * See discussion at http://www.bolet.org/~pornin/deflate-flush.html . + */ + this.FlushMode = JZlib.Z_SYNC_FLUSH; + } + + public override void Flush() + { + /* + * TODO The inflateSyncPoint doesn't appear to work the way I hoped at the moment. + * In any case, we may like to accept PARTIAL_FLUSH input, not just SYNC_FLUSH. + * It's not clear how to check this in the Inflater. + */ + //if (!this.compress && (z == null || z.istate == null || z.istate.inflateSyncPoint(z) <= 0)) + //{ + // throw new TlsFatalAlert(AlertDescription.decompression_failure); + //} + } + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/tls/TlsDheKeyExchange.cs b/BouncyCastle/crypto/src/crypto/tls/TlsDheKeyExchange.cs new file mode 100644 index 0000000..5007d7d --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/tls/TlsDheKeyExchange.cs @@ -0,0 +1,97 @@ +using System; +using System.Collections; +using System.IO; + +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Security; +using Org.BouncyCastle.Utilities.IO; + +namespace Org.BouncyCastle.Crypto.Tls +{ + public class TlsDheKeyExchange + : TlsDHKeyExchange + { + protected TlsSignerCredentials mServerCredentials = null; + + [Obsolete("Use constructor that takes a TlsDHVerifier")] + public TlsDheKeyExchange(int keyExchange, IList supportedSignatureAlgorithms, DHParameters dhParameters) + : this(keyExchange, supportedSignatureAlgorithms, new DefaultTlsDHVerifier(), dhParameters) + { + } + + public TlsDheKeyExchange(int keyExchange, IList supportedSignatureAlgorithms, TlsDHVerifier dhVerifier, DHParameters dhParameters) + : base(keyExchange, supportedSignatureAlgorithms, dhVerifier, dhParameters) + { + } + + public override void ProcessServerCredentials(TlsCredentials serverCredentials) + { + if (!(serverCredentials is TlsSignerCredentials)) + throw new TlsFatalAlert(AlertDescription.internal_error); + + ProcessServerCertificate(serverCredentials.Certificate); + + this.mServerCredentials = (TlsSignerCredentials)serverCredentials; + } + + public override byte[] GenerateServerKeyExchange() + { + if (this.mDHParameters == null) + throw new TlsFatalAlert(AlertDescription.internal_error); + + DigestInputBuffer buf = new DigestInputBuffer(); + + this.mDHAgreePrivateKey = TlsDHUtilities.GenerateEphemeralServerKeyExchange(mContext.SecureRandom, + this.mDHParameters, buf); + + /* + * RFC 5246 4.7. digitally-signed element needs SignatureAndHashAlgorithm from TLS 1.2 + */ + SignatureAndHashAlgorithm signatureAndHashAlgorithm = TlsUtilities.GetSignatureAndHashAlgorithm( + mContext, mServerCredentials); + + IDigest d = TlsUtilities.CreateHash(signatureAndHashAlgorithm); + + SecurityParameters securityParameters = mContext.SecurityParameters; + d.BlockUpdate(securityParameters.clientRandom, 0, securityParameters.clientRandom.Length); + d.BlockUpdate(securityParameters.serverRandom, 0, securityParameters.serverRandom.Length); + buf.UpdateDigest(d); + + byte[] hash = DigestUtilities.DoFinal(d); + + byte[] signature = mServerCredentials.GenerateCertificateSignature(hash); + + DigitallySigned signed_params = new DigitallySigned(signatureAndHashAlgorithm, signature); + signed_params.Encode(buf); + + return buf.ToArray(); + } + + public override void ProcessServerKeyExchange(Stream input) + { + SecurityParameters securityParameters = mContext.SecurityParameters; + + SignerInputBuffer buf = new SignerInputBuffer(); + Stream teeIn = new TeeInputStream(input, buf); + + this.mDHParameters = TlsDHUtilities.ReceiveDHParameters(mDHVerifier, teeIn); + this.mDHAgreePublicKey = new DHPublicKeyParameters(TlsDHUtilities.ReadDHParameter(teeIn), mDHParameters); + + DigitallySigned signed_params = ParseSignature(input); + + ISigner signer = InitVerifyer(mTlsSigner, signed_params.Algorithm, securityParameters); + buf.UpdateSigner(signer); + if (!signer.VerifySignature(signed_params.Signature)) + throw new TlsFatalAlert(AlertDescription.decrypt_error); + } + + protected virtual ISigner InitVerifyer(TlsSigner tlsSigner, SignatureAndHashAlgorithm algorithm, + SecurityParameters securityParameters) + { + ISigner signer = tlsSigner.CreateVerifyer(algorithm, this.mServerPublicKey); + signer.BlockUpdate(securityParameters.clientRandom, 0, securityParameters.clientRandom.Length); + signer.BlockUpdate(securityParameters.serverRandom, 0, securityParameters.serverRandom.Length); + return signer; + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/tls/TlsDsaSigner.cs b/BouncyCastle/crypto/src/crypto/tls/TlsDsaSigner.cs new file mode 100644 index 0000000..f0c1e94 --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/tls/TlsDsaSigner.cs @@ -0,0 +1,82 @@ +using System; + +using Org.BouncyCastle.Crypto.Digests; +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Crypto.Signers; +using Org.BouncyCastle.Security; + +namespace Org.BouncyCastle.Crypto.Tls +{ + public abstract class TlsDsaSigner + : AbstractTlsSigner + { + public override byte[] GenerateRawSignature(SignatureAndHashAlgorithm algorithm, + AsymmetricKeyParameter privateKey, byte[] hash) + { + ISigner signer = MakeSigner(algorithm, true, true, + new ParametersWithRandom(privateKey, this.mContext.SecureRandom)); + if (algorithm == null) + { + // Note: Only use the SHA1 part of the (MD5/SHA1) hash + signer.BlockUpdate(hash, 16, 20); + } + else + { + signer.BlockUpdate(hash, 0, hash.Length); + } + return signer.GenerateSignature(); + } + + public override bool VerifyRawSignature(SignatureAndHashAlgorithm algorithm, byte[] sigBytes, + AsymmetricKeyParameter publicKey, byte[] hash) + { + ISigner signer = MakeSigner(algorithm, true, false, publicKey); + if (algorithm == null) + { + // Note: Only use the SHA1 part of the (MD5/SHA1) hash + signer.BlockUpdate(hash, 16, 20); + } + else + { + signer.BlockUpdate(hash, 0, hash.Length); + } + return signer.VerifySignature(sigBytes); + } + + public override ISigner CreateSigner(SignatureAndHashAlgorithm algorithm, AsymmetricKeyParameter privateKey) + { + return MakeSigner(algorithm, false, true, privateKey); + } + + public override ISigner CreateVerifyer(SignatureAndHashAlgorithm algorithm, AsymmetricKeyParameter publicKey) + { + return MakeSigner(algorithm, false, false, publicKey); + } + + protected virtual ICipherParameters MakeInitParameters(bool forSigning, ICipherParameters cp) + { + return cp; + } + + protected virtual ISigner MakeSigner(SignatureAndHashAlgorithm algorithm, bool raw, bool forSigning, + ICipherParameters cp) + { + if ((algorithm != null) != TlsUtilities.IsTlsV12(mContext)) + throw new InvalidOperationException(); + + if (algorithm != null && algorithm.Signature != SignatureAlgorithm) + throw new InvalidOperationException(); + + byte hashAlgorithm = algorithm == null ? HashAlgorithm.sha1 : algorithm.Hash; + IDigest d = raw ? new NullDigest() : TlsUtilities.CreateHash(hashAlgorithm); + + ISigner s = new DsaDigestSigner(CreateDsaImpl(hashAlgorithm), d); + s.Init(forSigning, MakeInitParameters(forSigning, cp)); + return s; + } + + protected abstract byte SignatureAlgorithm { get; } + + protected abstract IDsa CreateDsaImpl(byte hashAlgorithm); + } +} diff --git a/BouncyCastle/crypto/src/crypto/tls/TlsDssSigner.cs b/BouncyCastle/crypto/src/crypto/tls/TlsDssSigner.cs new file mode 100644 index 0000000..707ef38 --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/tls/TlsDssSigner.cs @@ -0,0 +1,26 @@ +using System; + +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Crypto.Signers; + +namespace Org.BouncyCastle.Crypto.Tls +{ + public class TlsDssSigner + : TlsDsaSigner + { + public override bool IsValidPublicKey(AsymmetricKeyParameter publicKey) + { + return publicKey is DsaPublicKeyParameters; + } + + protected override IDsa CreateDsaImpl(byte hashAlgorithm) + { + return new DsaSigner(new HMacDsaKCalculator(TlsUtilities.CreateHash(hashAlgorithm))); + } + + protected override byte SignatureAlgorithm + { + get { return Tls.SignatureAlgorithm.dsa; } + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/tls/TlsECDHKeyExchange.cs b/BouncyCastle/crypto/src/crypto/tls/TlsECDHKeyExchange.cs new file mode 100644 index 0000000..44fd94c --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/tls/TlsECDHKeyExchange.cs @@ -0,0 +1,252 @@ +using System; +using System.Collections; +using System.IO; + +using Org.BouncyCastle.Asn1.X509; +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Security; + +namespace Org.BouncyCastle.Crypto.Tls +{ + /// (D)TLS ECDH key exchange (see RFC 4492). + public class TlsECDHKeyExchange + : AbstractTlsKeyExchange + { + protected TlsSigner mTlsSigner; + protected int[] mNamedCurves; + protected byte[] mClientECPointFormats, mServerECPointFormats; + + protected AsymmetricKeyParameter mServerPublicKey; + protected TlsAgreementCredentials mAgreementCredentials; + + protected ECPrivateKeyParameters mECAgreePrivateKey; + protected ECPublicKeyParameters mECAgreePublicKey; + + public TlsECDHKeyExchange(int keyExchange, IList supportedSignatureAlgorithms, int[] namedCurves, + byte[] clientECPointFormats, byte[] serverECPointFormats) + : base(keyExchange, supportedSignatureAlgorithms) + { + switch (keyExchange) + { + case KeyExchangeAlgorithm.ECDHE_RSA: + this.mTlsSigner = new TlsRsaSigner(); + break; + case KeyExchangeAlgorithm.ECDHE_ECDSA: + this.mTlsSigner = new TlsECDsaSigner(); + break; + case KeyExchangeAlgorithm.ECDH_anon: + case KeyExchangeAlgorithm.ECDH_RSA: + case KeyExchangeAlgorithm.ECDH_ECDSA: + this.mTlsSigner = null; + break; + default: + throw new InvalidOperationException("unsupported key exchange algorithm"); + } + + this.mNamedCurves = namedCurves; + this.mClientECPointFormats = clientECPointFormats; + this.mServerECPointFormats = serverECPointFormats; + } + + public override void Init(TlsContext context) + { + base.Init(context); + + if (this.mTlsSigner != null) + { + this.mTlsSigner.Init(context); + } + } + + public override void SkipServerCredentials() + { + if (mKeyExchange != KeyExchangeAlgorithm.ECDH_anon) + throw new TlsFatalAlert(AlertDescription.unexpected_message); + } + + public override void ProcessServerCertificate(Certificate serverCertificate) + { + if (mKeyExchange == KeyExchangeAlgorithm.ECDH_anon) + throw new TlsFatalAlert(AlertDescription.unexpected_message); + if (serverCertificate.IsEmpty) + throw new TlsFatalAlert(AlertDescription.decode_error); + + X509CertificateStructure x509Cert = serverCertificate.GetCertificateAt(0); + + SubjectPublicKeyInfo keyInfo = x509Cert.SubjectPublicKeyInfo; + try + { + this.mServerPublicKey = PublicKeyFactory.CreateKey(keyInfo); + } + catch (Exception e) + { + throw new TlsFatalAlert(AlertDescription.unsupported_certificate, e); + } + + if (mTlsSigner == null) + { + try + { + this.mECAgreePublicKey = TlsEccUtilities.ValidateECPublicKey((ECPublicKeyParameters) this.mServerPublicKey); + } + catch (InvalidCastException e) + { + throw new TlsFatalAlert(AlertDescription.certificate_unknown, e); + } + + TlsUtilities.ValidateKeyUsage(x509Cert, KeyUsage.KeyAgreement); + } + else + { + if (!mTlsSigner.IsValidPublicKey(this.mServerPublicKey)) + throw new TlsFatalAlert(AlertDescription.certificate_unknown); + + TlsUtilities.ValidateKeyUsage(x509Cert, KeyUsage.DigitalSignature); + } + + base.ProcessServerCertificate(serverCertificate); + } + + public override bool RequiresServerKeyExchange + { + get + { + switch (mKeyExchange) + { + case KeyExchangeAlgorithm.ECDH_anon: + case KeyExchangeAlgorithm.ECDHE_ECDSA: + case KeyExchangeAlgorithm.ECDHE_RSA: + return true; + default: + return false; + } + } + } + + public override byte[] GenerateServerKeyExchange() + { + if (!RequiresServerKeyExchange) + return null; + + // ECDH_anon is handled here, ECDHE_* in a subclass + + MemoryStream buf = new MemoryStream(); + this.mECAgreePrivateKey = TlsEccUtilities.GenerateEphemeralServerKeyExchange(mContext.SecureRandom, mNamedCurves, + mClientECPointFormats, buf); + return buf.ToArray(); + } + + public override void ProcessServerKeyExchange(Stream input) + { + if (!RequiresServerKeyExchange) + throw new TlsFatalAlert(AlertDescription.unexpected_message); + + // ECDH_anon is handled here, ECDHE_* in a subclass + + ECDomainParameters curve_params = TlsEccUtilities.ReadECParameters(mNamedCurves, mClientECPointFormats, input); + + byte[] point = TlsUtilities.ReadOpaque8(input); + + this.mECAgreePublicKey = TlsEccUtilities.ValidateECPublicKey(TlsEccUtilities.DeserializeECPublicKey( + mClientECPointFormats, curve_params, point)); + } + + public override void ValidateCertificateRequest(CertificateRequest certificateRequest) + { + if (mKeyExchange == KeyExchangeAlgorithm.ECDH_anon) + throw new TlsFatalAlert(AlertDescription.handshake_failure); + + /* + * RFC 4492 3. [...] The ECDSA_fixed_ECDH and RSA_fixed_ECDH mechanisms are usable with + * ECDH_ECDSA and ECDH_RSA. Their use with ECDHE_ECDSA and ECDHE_RSA is prohibited because + * the use of a long-term ECDH client key would jeopardize the forward secrecy property of + * these algorithms. + */ + byte[] types = certificateRequest.CertificateTypes; + for (int i = 0; i < types.Length; ++i) + { + switch (types[i]) + { + case ClientCertificateType.rsa_sign: + case ClientCertificateType.dss_sign: + case ClientCertificateType.ecdsa_sign: + case ClientCertificateType.rsa_fixed_ecdh: + case ClientCertificateType.ecdsa_fixed_ecdh: + break; + default: + throw new TlsFatalAlert(AlertDescription.illegal_parameter); + } + } + } + + public override void ProcessClientCredentials(TlsCredentials clientCredentials) + { + if (mKeyExchange == KeyExchangeAlgorithm.ECDH_anon) + throw new TlsFatalAlert(AlertDescription.internal_error); + + if (clientCredentials is TlsAgreementCredentials) + { + // TODO Validate client cert has matching parameters (see 'TlsEccUtilities.AreOnSameCurve')? + + this.mAgreementCredentials = (TlsAgreementCredentials)clientCredentials; + } + else if (clientCredentials is TlsSignerCredentials) + { + // OK + } + else + { + throw new TlsFatalAlert(AlertDescription.internal_error); + } + } + + public override void GenerateClientKeyExchange(Stream output) + { + if (mAgreementCredentials == null) + { + this.mECAgreePrivateKey = TlsEccUtilities.GenerateEphemeralClientKeyExchange(mContext.SecureRandom, + mServerECPointFormats, mECAgreePublicKey.Parameters, output); + } + } + + public override void ProcessClientCertificate(Certificate clientCertificate) + { + if (mKeyExchange == KeyExchangeAlgorithm.ECDH_anon) + throw new TlsFatalAlert(AlertDescription.unexpected_message); + + // TODO Extract the public key + // TODO If the certificate is 'fixed', take the public key as mECAgreeClientPublicKey + } + + public override void ProcessClientKeyExchange(Stream input) + { + if (mECAgreePublicKey != null) + { + // For ecdsa_fixed_ecdh and rsa_fixed_ecdh, the key arrived in the client certificate + return; + } + + byte[] point = TlsUtilities.ReadOpaque8(input); + + ECDomainParameters curve_params = this.mECAgreePrivateKey.Parameters; + + this.mECAgreePublicKey = TlsEccUtilities.ValidateECPublicKey(TlsEccUtilities.DeserializeECPublicKey( + mServerECPointFormats, curve_params, point)); + } + + public override byte[] GeneratePremasterSecret() + { + if (mAgreementCredentials != null) + { + return mAgreementCredentials.GenerateAgreement(mECAgreePublicKey); + } + + if (mECAgreePrivateKey != null) + { + return TlsEccUtilities.CalculateECDHBasicAgreement(mECAgreePublicKey, mECAgreePrivateKey); + } + + throw new TlsFatalAlert(AlertDescription.internal_error); + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/tls/TlsECDheKeyExchange.cs b/BouncyCastle/crypto/src/crypto/tls/TlsECDheKeyExchange.cs new file mode 100644 index 0000000..e0553b3 --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/tls/TlsECDheKeyExchange.cs @@ -0,0 +1,131 @@ +using System; +using System.Collections; +using System.IO; + +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Math.EC; +using Org.BouncyCastle.Security; +using Org.BouncyCastle.Utilities; +using Org.BouncyCastle.Utilities.IO; + +namespace Org.BouncyCastle.Crypto.Tls +{ + /// (D)TLS ECDHE key exchange (see RFC 4492). + public class TlsECDheKeyExchange + : TlsECDHKeyExchange + { + protected TlsSignerCredentials mServerCredentials = null; + + public TlsECDheKeyExchange(int keyExchange, IList supportedSignatureAlgorithms, int[] namedCurves, + byte[] clientECPointFormats, byte[] serverECPointFormats) + : base(keyExchange, supportedSignatureAlgorithms, namedCurves, clientECPointFormats, serverECPointFormats) + { + } + + public override void ProcessServerCredentials(TlsCredentials serverCredentials) + { + if (!(serverCredentials is TlsSignerCredentials)) + throw new TlsFatalAlert(AlertDescription.internal_error); + + ProcessServerCertificate(serverCredentials.Certificate); + + this.mServerCredentials = (TlsSignerCredentials)serverCredentials; + } + + public override byte[] GenerateServerKeyExchange() + { + DigestInputBuffer buf = new DigestInputBuffer(); + + this.mECAgreePrivateKey = TlsEccUtilities.GenerateEphemeralServerKeyExchange(mContext.SecureRandom, mNamedCurves, + mClientECPointFormats, buf); + + /* + * RFC 5246 4.7. digitally-signed element needs SignatureAndHashAlgorithm from TLS 1.2 + */ + SignatureAndHashAlgorithm signatureAndHashAlgorithm = TlsUtilities.GetSignatureAndHashAlgorithm( + mContext, mServerCredentials); + + IDigest d = TlsUtilities.CreateHash(signatureAndHashAlgorithm); + + SecurityParameters securityParameters = mContext.SecurityParameters; + d.BlockUpdate(securityParameters.clientRandom, 0, securityParameters.clientRandom.Length); + d.BlockUpdate(securityParameters.serverRandom, 0, securityParameters.serverRandom.Length); + buf.UpdateDigest(d); + + byte[] hash = DigestUtilities.DoFinal(d); + + byte[] signature = mServerCredentials.GenerateCertificateSignature(hash); + + DigitallySigned signed_params = new DigitallySigned(signatureAndHashAlgorithm, signature); + signed_params.Encode(buf); + + return buf.ToArray(); + } + + public override void ProcessServerKeyExchange(Stream input) + { + SecurityParameters securityParameters = mContext.SecurityParameters; + + SignerInputBuffer buf = new SignerInputBuffer(); + Stream teeIn = new TeeInputStream(input, buf); + + ECDomainParameters curve_params = TlsEccUtilities.ReadECParameters(mNamedCurves, mClientECPointFormats, teeIn); + + byte[] point = TlsUtilities.ReadOpaque8(teeIn); + + DigitallySigned signed_params = ParseSignature(input); + + ISigner signer = InitVerifyer(mTlsSigner, signed_params.Algorithm, securityParameters); + buf.UpdateSigner(signer); + if (!signer.VerifySignature(signed_params.Signature)) + throw new TlsFatalAlert(AlertDescription.decrypt_error); + + this.mECAgreePublicKey = TlsEccUtilities.ValidateECPublicKey(TlsEccUtilities.DeserializeECPublicKey( + mClientECPointFormats, curve_params, point)); + } + + public override void ValidateCertificateRequest(CertificateRequest certificateRequest) + { + /* + * RFC 4492 3. [...] The ECDSA_fixed_ECDH and RSA_fixed_ECDH mechanisms are usable with + * ECDH_ECDSA and ECDH_RSA. Their use with ECDHE_ECDSA and ECDHE_RSA is prohibited because + * the use of a long-term ECDH client key would jeopardize the forward secrecy property of + * these algorithms. + */ + byte[] types = certificateRequest.CertificateTypes; + for (int i = 0; i < types.Length; ++i) + { + switch (types[i]) + { + case ClientCertificateType.rsa_sign: + case ClientCertificateType.dss_sign: + case ClientCertificateType.ecdsa_sign: + break; + default: + throw new TlsFatalAlert(AlertDescription.illegal_parameter); + } + } + } + + public override void ProcessClientCredentials(TlsCredentials clientCredentials) + { + if (clientCredentials is TlsSignerCredentials) + { + // OK + } + else + { + throw new TlsFatalAlert(AlertDescription.internal_error); + } + } + + protected virtual ISigner InitVerifyer(TlsSigner tlsSigner, SignatureAndHashAlgorithm algorithm, + SecurityParameters securityParameters) + { + ISigner signer = tlsSigner.CreateVerifyer(algorithm, this.mServerPublicKey); + signer.BlockUpdate(securityParameters.clientRandom, 0, securityParameters.clientRandom.Length); + signer.BlockUpdate(securityParameters.serverRandom, 0, securityParameters.serverRandom.Length); + return signer; + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/tls/TlsECDsaSigner.cs b/BouncyCastle/crypto/src/crypto/tls/TlsECDsaSigner.cs new file mode 100644 index 0000000..fa9d0b7 --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/tls/TlsECDsaSigner.cs @@ -0,0 +1,26 @@ +using System; + +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Crypto.Signers; + +namespace Org.BouncyCastle.Crypto.Tls +{ + public class TlsECDsaSigner + : TlsDsaSigner + { + public override bool IsValidPublicKey(AsymmetricKeyParameter publicKey) + { + return publicKey is ECPublicKeyParameters; + } + + protected override IDsa CreateDsaImpl(byte hashAlgorithm) + { + return new ECDsaSigner(new HMacDsaKCalculator(TlsUtilities.CreateHash(hashAlgorithm))); + } + + protected override byte SignatureAlgorithm + { + get { return Tls.SignatureAlgorithm.ecdsa; } + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/tls/TlsEccUtilities.cs b/BouncyCastle/crypto/src/crypto/tls/TlsEccUtilities.cs new file mode 100644 index 0000000..ec8752a --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/tls/TlsEccUtilities.cs @@ -0,0 +1,691 @@ +using System; +using System.Collections; +using System.IO; + +using Org.BouncyCastle.Asn1.X9; +using Org.BouncyCastle.Crypto; +using Org.BouncyCastle.Crypto.Agreement; +using Org.BouncyCastle.Crypto.EC; +using Org.BouncyCastle.Crypto.Generators; +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Math; +using Org.BouncyCastle.Math.EC; +using Org.BouncyCastle.Math.Field; +using Org.BouncyCastle.Security; +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Crypto.Tls +{ + public abstract class TlsEccUtilities + { + private static readonly string[] CurveNames = new string[] { "sect163k1", "sect163r1", "sect163r2", "sect193r1", + "sect193r2", "sect233k1", "sect233r1", "sect239k1", "sect283k1", "sect283r1", "sect409k1", "sect409r1", + "sect571k1", "sect571r1", "secp160k1", "secp160r1", "secp160r2", "secp192k1", "secp192r1", "secp224k1", + "secp224r1", "secp256k1", "secp256r1", "secp384r1", "secp521r1", + "brainpoolP256r1", "brainpoolP384r1", "brainpoolP512r1"}; + + public static void AddSupportedEllipticCurvesExtension(IDictionary extensions, int[] namedCurves) + { + extensions[ExtensionType.supported_groups] = CreateSupportedEllipticCurvesExtension(namedCurves); + } + + public static void AddSupportedPointFormatsExtension(IDictionary extensions, byte[] ecPointFormats) + { + extensions[ExtensionType.ec_point_formats] = CreateSupportedPointFormatsExtension(ecPointFormats); + } + + public static int[] GetSupportedEllipticCurvesExtension(IDictionary extensions) + { + byte[] extensionData = TlsUtilities.GetExtensionData(extensions, ExtensionType.supported_groups); + return extensionData == null ? null : ReadSupportedEllipticCurvesExtension(extensionData); + } + + public static byte[] GetSupportedPointFormatsExtension(IDictionary extensions) + { + byte[] extensionData = TlsUtilities.GetExtensionData(extensions, ExtensionType.ec_point_formats); + return extensionData == null ? null : ReadSupportedPointFormatsExtension(extensionData); + } + + public static byte[] CreateSupportedEllipticCurvesExtension(int[] namedCurves) + { + if (namedCurves == null || namedCurves.Length < 1) + throw new TlsFatalAlert(AlertDescription.internal_error); + + return TlsUtilities.EncodeUint16ArrayWithUint16Length(namedCurves); + } + + public static byte[] CreateSupportedPointFormatsExtension(byte[] ecPointFormats) + { + if (ecPointFormats == null || !Arrays.Contains(ecPointFormats, ECPointFormat.uncompressed)) + { + /* + * RFC 4492 5.1. If the Supported Point Formats Extension is indeed sent, it MUST + * contain the value 0 (uncompressed) as one of the items in the list of point formats. + */ + + // NOTE: We add it at the end (lowest preference) + ecPointFormats = Arrays.Append(ecPointFormats, ECPointFormat.uncompressed); + } + + return TlsUtilities.EncodeUint8ArrayWithUint8Length(ecPointFormats); + } + + public static int[] ReadSupportedEllipticCurvesExtension(byte[] extensionData) + { + if (extensionData == null) + throw new ArgumentNullException("extensionData"); + + MemoryStream buf = new MemoryStream(extensionData, false); + + int length = TlsUtilities.ReadUint16(buf); + if (length < 2 || (length & 1) != 0) + throw new TlsFatalAlert(AlertDescription.decode_error); + + int[] namedCurves = TlsUtilities.ReadUint16Array(length / 2, buf); + + TlsProtocol.AssertEmpty(buf); + + return namedCurves; + } + + public static byte[] ReadSupportedPointFormatsExtension(byte[] extensionData) + { + byte[] ecPointFormats = TlsUtilities.DecodeUint8ArrayWithUint8Length(extensionData); + if (!Arrays.Contains(ecPointFormats, ECPointFormat.uncompressed)) + { + /* + * RFC 4492 5.1. If the Supported Point Formats Extension is indeed sent, it MUST + * contain the value 0 (uncompressed) as one of the items in the list of point formats. + */ + throw new TlsFatalAlert(AlertDescription.illegal_parameter); + } + return ecPointFormats; + } + + public static string GetNameOfNamedCurve(int namedCurve) + { + return IsSupportedNamedCurve(namedCurve) ? CurveNames[namedCurve - 1] : null; + } + + public static ECDomainParameters GetParametersForNamedCurve(int namedCurve) + { + string curveName = GetNameOfNamedCurve(namedCurve); + if (curveName == null) + return null; + + // Parameters are lazily created the first time a particular curve is accessed + + X9ECParameters ecP = ECKeyPairGenerator.FindECCurveByName(curveName); + if (ecP == null) + return null; + + // It's a bit inefficient to do this conversion every time + return new ECDomainParameters(ecP.Curve, ecP.G, ecP.N, ecP.H, ecP.GetSeed()); + } + + public static bool HasAnySupportedNamedCurves() + { + return CurveNames.Length > 0; + } + + public static bool ContainsEccCipherSuites(int[] cipherSuites) + { + for (int i = 0; i < cipherSuites.Length; ++i) + { + if (IsEccCipherSuite(cipherSuites[i])) + return true; + } + return false; + } + + public static bool IsEccCipherSuite(int cipherSuite) + { + switch (cipherSuite) + { + /* + * RFC 4492 + */ + case CipherSuite.TLS_ECDH_ECDSA_WITH_NULL_SHA: + case CipherSuite.TLS_ECDH_ECDSA_WITH_RC4_128_SHA: + case CipherSuite.TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA: + case CipherSuite.TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA: + case CipherSuite.TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA: + case CipherSuite.TLS_ECDHE_ECDSA_WITH_NULL_SHA: + case CipherSuite.TLS_ECDHE_ECDSA_WITH_RC4_128_SHA: + case CipherSuite.TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA: + case CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA: + case CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA: + case CipherSuite.TLS_ECDH_RSA_WITH_NULL_SHA: + case CipherSuite.TLS_ECDH_RSA_WITH_RC4_128_SHA: + case CipherSuite.TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA: + case CipherSuite.TLS_ECDH_RSA_WITH_AES_128_CBC_SHA: + case CipherSuite.TLS_ECDH_RSA_WITH_AES_256_CBC_SHA: + case CipherSuite.TLS_ECDHE_RSA_WITH_NULL_SHA: + case CipherSuite.TLS_ECDHE_RSA_WITH_RC4_128_SHA: + case CipherSuite.TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA: + case CipherSuite.TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA: + case CipherSuite.TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA: + case CipherSuite.TLS_ECDH_anon_WITH_NULL_SHA: + case CipherSuite.TLS_ECDH_anon_WITH_RC4_128_SHA: + case CipherSuite.TLS_ECDH_anon_WITH_3DES_EDE_CBC_SHA: + case CipherSuite.TLS_ECDH_anon_WITH_AES_128_CBC_SHA: + case CipherSuite.TLS_ECDH_anon_WITH_AES_256_CBC_SHA: + + /* + * RFC 5289 + */ + case CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256: + case CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384: + case CipherSuite.TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256: + case CipherSuite.TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384: + case CipherSuite.TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256: + case CipherSuite.TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384: + case CipherSuite.TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256: + case CipherSuite.TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384: + case CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256: + case CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384: + case CipherSuite.TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256: + case CipherSuite.TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384: + case CipherSuite.TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256: + case CipherSuite.TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384: + case CipherSuite.TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256: + case CipherSuite.TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384: + + /* + * RFC 5489 + */ + case CipherSuite.TLS_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA: + case CipherSuite.TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA: + case CipherSuite.TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256: + case CipherSuite.TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA: + case CipherSuite.TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384: + case CipherSuite.TLS_ECDHE_PSK_WITH_NULL_SHA: + case CipherSuite.TLS_ECDHE_PSK_WITH_NULL_SHA256: + case CipherSuite.TLS_ECDHE_PSK_WITH_NULL_SHA384: + case CipherSuite.TLS_ECDHE_PSK_WITH_RC4_128_SHA: + + /* + * RFC 6367 + */ + case CipherSuite.TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256: + case CipherSuite.TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384: + case CipherSuite.TLS_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256: + case CipherSuite.TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384: + case CipherSuite.TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256: + case CipherSuite.TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384: + case CipherSuite.TLS_ECDH_RSA_WITH_CAMELLIA_128_CBC_SHA256: + case CipherSuite.TLS_ECDH_RSA_WITH_CAMELLIA_256_CBC_SHA384: + + case CipherSuite.TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_GCM_SHA256: + case CipherSuite.TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_GCM_SHA384: + case CipherSuite.TLS_ECDH_ECDSA_WITH_CAMELLIA_128_GCM_SHA256: + case CipherSuite.TLS_ECDH_ECDSA_WITH_CAMELLIA_256_GCM_SHA384: + case CipherSuite.TLS_ECDHE_RSA_WITH_CAMELLIA_128_GCM_SHA256: + case CipherSuite.TLS_ECDHE_RSA_WITH_CAMELLIA_256_GCM_SHA384: + case CipherSuite.TLS_ECDH_RSA_WITH_CAMELLIA_128_GCM_SHA256: + case CipherSuite.TLS_ECDH_RSA_WITH_CAMELLIA_256_GCM_SHA384: + + case CipherSuite.TLS_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256: + case CipherSuite.TLS_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384: + + /* + * RFC 7251 + */ + case CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_128_CCM: + case CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8: + case CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_256_CCM: + case CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_256_CCM_8: + + /* + * draft-ietf-tls-chacha20-poly1305-04 + */ + case CipherSuite.DRAFT_TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256: + case CipherSuite.DRAFT_TLS_ECDHE_PSK_WITH_CHACHA20_POLY1305_SHA256: + case CipherSuite.DRAFT_TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256: + + return true; + + default: + return false; + } + } + + public static bool AreOnSameCurve(ECDomainParameters a, ECDomainParameters b) + { + return a != null && a.Equals(b); + } + + public static bool IsSupportedNamedCurve(int namedCurve) + { + return (namedCurve > 0 && namedCurve <= CurveNames.Length); + } + + public static bool IsCompressionPreferred(byte[] ecPointFormats, byte compressionFormat) + { + if (ecPointFormats == null) + return false; + + for (int i = 0; i < ecPointFormats.Length; ++i) + { + byte ecPointFormat = ecPointFormats[i]; + if (ecPointFormat == ECPointFormat.uncompressed) + return false; + if (ecPointFormat == compressionFormat) + return true; + } + return false; + } + + public static byte[] SerializeECFieldElement(int fieldSize, BigInteger x) + { + return BigIntegers.AsUnsignedByteArray((fieldSize + 7) / 8, x); + } + + public static byte[] SerializeECPoint(byte[] ecPointFormats, ECPoint point) + { + ECCurve curve = point.Curve; + + /* + * RFC 4492 5.7. ...an elliptic curve point in uncompressed or compressed format. Here, the + * format MUST conform to what the server has requested through a Supported Point Formats + * Extension if this extension was used, and MUST be uncompressed if this extension was not + * used. + */ + bool compressed = false; + if (ECAlgorithms.IsFpCurve(curve)) + { + compressed = IsCompressionPreferred(ecPointFormats, ECPointFormat.ansiX962_compressed_prime); + } + else if (ECAlgorithms.IsF2mCurve(curve)) + { + compressed = IsCompressionPreferred(ecPointFormats, ECPointFormat.ansiX962_compressed_char2); + } + return point.GetEncoded(compressed); + } + + public static byte[] SerializeECPublicKey(byte[] ecPointFormats, ECPublicKeyParameters keyParameters) + { + return SerializeECPoint(ecPointFormats, keyParameters.Q); + } + + public static BigInteger DeserializeECFieldElement(int fieldSize, byte[] encoding) + { + int requiredLength = (fieldSize + 7) / 8; + if (encoding.Length != requiredLength) + throw new TlsFatalAlert(AlertDescription.decode_error); + return new BigInteger(1, encoding); + } + + public static ECPoint DeserializeECPoint(byte[] ecPointFormats, ECCurve curve, byte[] encoding) + { + if (encoding == null || encoding.Length < 1) + throw new TlsFatalAlert(AlertDescription.illegal_parameter); + + byte actualFormat; + switch (encoding[0]) + { + case 0x02: // compressed + case 0x03: // compressed + { + if (ECAlgorithms.IsF2mCurve(curve)) + { + actualFormat = ECPointFormat.ansiX962_compressed_char2; + } + else if (ECAlgorithms.IsFpCurve(curve)) + { + actualFormat = ECPointFormat.ansiX962_compressed_prime; + } + else + { + throw new TlsFatalAlert(AlertDescription.illegal_parameter); + } + break; + } + case 0x04: // uncompressed + { + actualFormat = ECPointFormat.uncompressed; + break; + } + case 0x00: // infinity + case 0x06: // hybrid + case 0x07: // hybrid + default: + throw new TlsFatalAlert(AlertDescription.illegal_parameter); + } + + if (actualFormat != ECPointFormat.uncompressed + && (ecPointFormats == null || !Arrays.Contains(ecPointFormats, actualFormat))) + { + throw new TlsFatalAlert(AlertDescription.illegal_parameter); + } + + return curve.DecodePoint(encoding); + } + + public static ECPublicKeyParameters DeserializeECPublicKey(byte[] ecPointFormats, ECDomainParameters curve_params, + byte[] encoding) + { + try + { + ECPoint Y = DeserializeECPoint(ecPointFormats, curve_params.Curve, encoding); + return new ECPublicKeyParameters(Y, curve_params); + } + catch (Exception e) + { + throw new TlsFatalAlert(AlertDescription.illegal_parameter, e); + } + } + + public static byte[] CalculateECDHBasicAgreement(ECPublicKeyParameters publicKey, ECPrivateKeyParameters privateKey) + { + ECDHBasicAgreement basicAgreement = new ECDHBasicAgreement(); + basicAgreement.Init(privateKey); + BigInteger agreementValue = basicAgreement.CalculateAgreement(publicKey); + + /* + * RFC 4492 5.10. Note that this octet string (Z in IEEE 1363 terminology) as output by + * FE2OSP, the Field Element to Octet String Conversion Primitive, has constant length for + * any given field; leading zeros found in this octet string MUST NOT be truncated. + */ + return BigIntegers.AsUnsignedByteArray(basicAgreement.GetFieldSize(), agreementValue); + } + + public static AsymmetricCipherKeyPair GenerateECKeyPair(SecureRandom random, ECDomainParameters ecParams) + { + ECKeyPairGenerator keyPairGenerator = new ECKeyPairGenerator(); + keyPairGenerator.Init(new ECKeyGenerationParameters(ecParams, random)); + return keyPairGenerator.GenerateKeyPair(); + } + + public static ECPrivateKeyParameters GenerateEphemeralClientKeyExchange(SecureRandom random, byte[] ecPointFormats, + ECDomainParameters ecParams, Stream output) + { + AsymmetricCipherKeyPair kp = GenerateECKeyPair(random, ecParams); + + ECPublicKeyParameters ecPublicKey = (ECPublicKeyParameters)kp.Public; + WriteECPoint(ecPointFormats, ecPublicKey.Q, output); + + return (ECPrivateKeyParameters)kp.Private; + } + + // TODO Refactor around ServerECDHParams before making this public + internal static ECPrivateKeyParameters GenerateEphemeralServerKeyExchange(SecureRandom random, int[] namedCurves, + byte[] ecPointFormats, Stream output) + { + /* First we try to find a supported named curve from the client's list. */ + int namedCurve = -1; + if (namedCurves == null) + { + // TODO Let the peer choose the default named curve + namedCurve = NamedCurve.secp256r1; + } + else + { + for (int i = 0; i < namedCurves.Length; ++i) + { + int entry = namedCurves[i]; + if (NamedCurve.IsValid(entry) && IsSupportedNamedCurve(entry)) + { + namedCurve = entry; + break; + } + } + } + + ECDomainParameters ecParams = null; + if (namedCurve >= 0) + { + ecParams = GetParametersForNamedCurve(namedCurve); + } + else + { + /* If no named curves are suitable, check if the client supports explicit curves. */ + if (Arrays.Contains(namedCurves, NamedCurve.arbitrary_explicit_prime_curves)) + { + ecParams = GetParametersForNamedCurve(NamedCurve.secp256r1); + } + else if (Arrays.Contains(namedCurves, NamedCurve.arbitrary_explicit_char2_curves)) + { + ecParams = GetParametersForNamedCurve(NamedCurve.sect283r1); + } + } + + if (ecParams == null) + { + /* + * NOTE: We shouldn't have negotiated ECDHE key exchange since we apparently can't find + * a suitable curve. + */ + throw new TlsFatalAlert(AlertDescription.internal_error); + } + + if (namedCurve < 0) + { + WriteExplicitECParameters(ecPointFormats, ecParams, output); + } + else + { + WriteNamedECParameters(namedCurve, output); + } + + return GenerateEphemeralClientKeyExchange(random, ecPointFormats, ecParams, output); + } + + public static ECPublicKeyParameters ValidateECPublicKey(ECPublicKeyParameters key) + { + // TODO Check RFC 4492 for validation + return key; + } + + public static int ReadECExponent(int fieldSize, Stream input) + { + BigInteger K = ReadECParameter(input); + if (K.BitLength < 32) + { + int k = K.IntValue; + if (k > 0 && k < fieldSize) + { + return k; + } + } + throw new TlsFatalAlert(AlertDescription.illegal_parameter); + } + + public static BigInteger ReadECFieldElement(int fieldSize, Stream input) + { + return DeserializeECFieldElement(fieldSize, TlsUtilities.ReadOpaque8(input)); + } + + public static BigInteger ReadECParameter(Stream input) + { + // TODO Are leading zeroes okay here? + return new BigInteger(1, TlsUtilities.ReadOpaque8(input)); + } + + public static ECDomainParameters ReadECParameters(int[] namedCurves, byte[] ecPointFormats, Stream input) + { + try + { + byte curveType = TlsUtilities.ReadUint8(input); + + switch (curveType) + { + case ECCurveType.explicit_prime: + { + CheckNamedCurve(namedCurves, NamedCurve.arbitrary_explicit_prime_curves); + + BigInteger prime_p = ReadECParameter(input); + BigInteger a = ReadECFieldElement(prime_p.BitLength, input); + BigInteger b = ReadECFieldElement(prime_p.BitLength, input); + byte[] baseEncoding = TlsUtilities.ReadOpaque8(input); + BigInteger order = ReadECParameter(input); + BigInteger cofactor = ReadECParameter(input); + ECCurve curve = new FpCurve(prime_p, a, b, order, cofactor); + ECPoint basePoint = DeserializeECPoint(ecPointFormats, curve, baseEncoding); + return new ECDomainParameters(curve, basePoint, order, cofactor); + } + case ECCurveType.explicit_char2: + { + CheckNamedCurve(namedCurves, NamedCurve.arbitrary_explicit_char2_curves); + + int m = TlsUtilities.ReadUint16(input); + byte basis = TlsUtilities.ReadUint8(input); + if (!ECBasisType.IsValid(basis)) + throw new TlsFatalAlert(AlertDescription.illegal_parameter); + + int k1 = ReadECExponent(m, input), k2 = -1, k3 = -1; + if (basis == ECBasisType.ec_basis_pentanomial) + { + k2 = ReadECExponent(m, input); + k3 = ReadECExponent(m, input); + } + + BigInteger a = ReadECFieldElement(m, input); + BigInteger b = ReadECFieldElement(m, input); + byte[] baseEncoding = TlsUtilities.ReadOpaque8(input); + BigInteger order = ReadECParameter(input); + BigInteger cofactor = ReadECParameter(input); + + ECCurve curve = (basis == ECBasisType.ec_basis_pentanomial) + ? new F2mCurve(m, k1, k2, k3, a, b, order, cofactor) + : new F2mCurve(m, k1, a, b, order, cofactor); + + ECPoint basePoint = DeserializeECPoint(ecPointFormats, curve, baseEncoding); + + return new ECDomainParameters(curve, basePoint, order, cofactor); + } + case ECCurveType.named_curve: + { + int namedCurve = TlsUtilities.ReadUint16(input); + if (!NamedCurve.RefersToASpecificNamedCurve(namedCurve)) + { + /* + * RFC 4492 5.4. All those values of NamedCurve are allowed that refer to a + * specific curve. Values of NamedCurve that indicate support for a class of + * explicitly defined curves are not allowed here [...]. + */ + throw new TlsFatalAlert(AlertDescription.illegal_parameter); + } + + CheckNamedCurve(namedCurves, namedCurve); + + return GetParametersForNamedCurve(namedCurve); + } + default: + throw new TlsFatalAlert(AlertDescription.illegal_parameter); + } + } + catch (Exception e) + { + throw new TlsFatalAlert(AlertDescription.illegal_parameter, e); + } + } + + private static void CheckNamedCurve(int[] namedCurves, int namedCurve) + { + if (namedCurves != null && !Arrays.Contains(namedCurves, namedCurve)) + { + /* + * RFC 4492 4. [...] servers MUST NOT negotiate the use of an ECC cipher suite + * unless they can complete the handshake while respecting the choice of curves + * and compression techniques specified by the client. + */ + throw new TlsFatalAlert(AlertDescription.illegal_parameter); + } + } + + public static void WriteECExponent(int k, Stream output) + { + BigInteger K = BigInteger.ValueOf(k); + WriteECParameter(K, output); + } + + public static void WriteECFieldElement(ECFieldElement x, Stream output) + { + TlsUtilities.WriteOpaque8(x.GetEncoded(), output); + } + + public static void WriteECFieldElement(int fieldSize, BigInteger x, Stream output) + { + TlsUtilities.WriteOpaque8(SerializeECFieldElement(fieldSize, x), output); + } + + public static void WriteECParameter(BigInteger x, Stream output) + { + TlsUtilities.WriteOpaque8(BigIntegers.AsUnsignedByteArray(x), output); + } + + public static void WriteExplicitECParameters(byte[] ecPointFormats, ECDomainParameters ecParameters, + Stream output) + { + ECCurve curve = ecParameters.Curve; + + if (ECAlgorithms.IsFpCurve(curve)) + { + TlsUtilities.WriteUint8(ECCurveType.explicit_prime, output); + + WriteECParameter(curve.Field.Characteristic, output); + } + else if (ECAlgorithms.IsF2mCurve(curve)) + { + IPolynomialExtensionField field = (IPolynomialExtensionField)curve.Field; + int[] exponents = field.MinimalPolynomial.GetExponentsPresent(); + + TlsUtilities.WriteUint8(ECCurveType.explicit_char2, output); + + int m = exponents[exponents.Length - 1]; + TlsUtilities.CheckUint16(m); + TlsUtilities.WriteUint16(m, output); + + if (exponents.Length == 3) + { + TlsUtilities.WriteUint8(ECBasisType.ec_basis_trinomial, output); + WriteECExponent(exponents[1], output); + } + else if (exponents.Length == 5) + { + TlsUtilities.WriteUint8(ECBasisType.ec_basis_pentanomial, output); + WriteECExponent(exponents[1], output); + WriteECExponent(exponents[2], output); + WriteECExponent(exponents[3], output); + } + else + { + throw new ArgumentException("Only trinomial and pentomial curves are supported"); + } + } + else + { + throw new ArgumentException("'ecParameters' not a known curve type"); + } + + WriteECFieldElement(curve.A, output); + WriteECFieldElement(curve.B, output); + TlsUtilities.WriteOpaque8(SerializeECPoint(ecPointFormats, ecParameters.G), output); + WriteECParameter(ecParameters.N, output); + WriteECParameter(ecParameters.H, output); + } + + public static void WriteECPoint(byte[] ecPointFormats, ECPoint point, Stream output) + { + TlsUtilities.WriteOpaque8(SerializeECPoint(ecPointFormats, point), output); + } + + public static void WriteNamedECParameters(int namedCurve, Stream output) + { + if (!NamedCurve.RefersToASpecificNamedCurve(namedCurve)) + { + /* + * RFC 4492 5.4. All those values of NamedCurve are allowed that refer to a specific + * curve. Values of NamedCurve that indicate support for a class of explicitly defined + * curves are not allowed here [...]. + */ + throw new TlsFatalAlert(AlertDescription.internal_error); + } + + TlsUtilities.WriteUint8(ECCurveType.named_curve, output); + TlsUtilities.CheckUint16(namedCurve); + TlsUtilities.WriteUint16(namedCurve, output); + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/tls/TlsEncryptionCredentials.cs b/BouncyCastle/crypto/src/crypto/tls/TlsEncryptionCredentials.cs new file mode 100644 index 0000000..52f0070 --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/tls/TlsEncryptionCredentials.cs @@ -0,0 +1,12 @@ +using System; +using System.IO; + +namespace Org.BouncyCastle.Crypto.Tls +{ + public interface TlsEncryptionCredentials + : TlsCredentials + { + /// + byte[] DecryptPreMasterSecret(byte[] encryptedPreMasterSecret); + } +} diff --git a/BouncyCastle/crypto/src/crypto/tls/TlsException.cs b/BouncyCastle/crypto/src/crypto/tls/TlsException.cs new file mode 100644 index 0000000..18ca22a --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/tls/TlsException.cs @@ -0,0 +1,24 @@ +using System; +using System.IO; + +namespace Org.BouncyCastle.Crypto.Tls +{ + public class TlsException + : IOException + { + public TlsException() + : base() + { + } + + public TlsException(string message) + : base(message) + { + } + + public TlsException(string message, Exception cause) + : base(message, cause) + { + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/tls/TlsExtensionsUtilities.cs b/BouncyCastle/crypto/src/crypto/tls/TlsExtensionsUtilities.cs new file mode 100644 index 0000000..4b3d9e0 --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/tls/TlsExtensionsUtilities.cs @@ -0,0 +1,368 @@ +using System; +using System.Collections; +using System.IO; + +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Crypto.Tls +{ + public abstract class TlsExtensionsUtilities + { + public static IDictionary EnsureExtensionsInitialised(IDictionary extensions) + { + return extensions == null ? Platform.CreateHashtable() : extensions; + } + + /// + public static void AddClientCertificateTypeExtensionClient(IDictionary extensions, byte[] certificateTypes) + { + extensions[ExtensionType.client_certificate_type] = CreateCertificateTypeExtensionClient(certificateTypes); + } + + /// + public static void AddClientCertificateTypeExtensionServer(IDictionary extensions, byte certificateType) + { + extensions[ExtensionType.client_certificate_type] = CreateCertificateTypeExtensionServer(certificateType); + } + + public static void AddEncryptThenMacExtension(IDictionary extensions) + { + extensions[ExtensionType.encrypt_then_mac] = CreateEncryptThenMacExtension(); + } + + public static void AddExtendedMasterSecretExtension(IDictionary extensions) + { + extensions[ExtensionType.extended_master_secret] = CreateExtendedMasterSecretExtension(); + } + + /// + public static void AddHeartbeatExtension(IDictionary extensions, HeartbeatExtension heartbeatExtension) + { + extensions[ExtensionType.heartbeat] = CreateHeartbeatExtension(heartbeatExtension); + } + + /// + public static void AddMaxFragmentLengthExtension(IDictionary extensions, byte maxFragmentLength) + { + extensions[ExtensionType.max_fragment_length] = CreateMaxFragmentLengthExtension(maxFragmentLength); + } + + /// + public static void AddPaddingExtension(IDictionary extensions, int dataLength) + { + extensions[ExtensionType.padding] = CreatePaddingExtension(dataLength); + } + + /// + public static void AddServerCertificateTypeExtensionClient(IDictionary extensions, byte[] certificateTypes) + { + extensions[ExtensionType.server_certificate_type] = CreateCertificateTypeExtensionClient(certificateTypes); + } + + /// + public static void AddServerCertificateTypeExtensionServer(IDictionary extensions, byte certificateType) + { + extensions[ExtensionType.server_certificate_type] = CreateCertificateTypeExtensionServer(certificateType); + } + + /// + public static void AddServerNameExtension(IDictionary extensions, ServerNameList serverNameList) + { + extensions[ExtensionType.server_name] = CreateServerNameExtension(serverNameList); + } + + /// + public static void AddStatusRequestExtension(IDictionary extensions, CertificateStatusRequest statusRequest) + { + extensions[ExtensionType.status_request] = CreateStatusRequestExtension(statusRequest); + } + + public static void AddTruncatedHMacExtension(IDictionary extensions) + { + extensions[ExtensionType.truncated_hmac] = CreateTruncatedHMacExtension(); + } + + /// + public static byte[] GetClientCertificateTypeExtensionClient(IDictionary extensions) + { + byte[] extensionData = TlsUtilities.GetExtensionData(extensions, ExtensionType.client_certificate_type); + return extensionData == null ? null : ReadCertificateTypeExtensionClient(extensionData); + } + + /// + public static short GetClientCertificateTypeExtensionServer(IDictionary extensions) + { + byte[] extensionData = TlsUtilities.GetExtensionData(extensions, ExtensionType.client_certificate_type); + return extensionData == null ? (short)-1 : (short)ReadCertificateTypeExtensionServer(extensionData); + } + + /// + public static HeartbeatExtension GetHeartbeatExtension(IDictionary extensions) + { + byte[] extensionData = TlsUtilities.GetExtensionData(extensions, ExtensionType.heartbeat); + return extensionData == null ? null : ReadHeartbeatExtension(extensionData); + } + + /// + public static short GetMaxFragmentLengthExtension(IDictionary extensions) + { + byte[] extensionData = TlsUtilities.GetExtensionData(extensions, ExtensionType.max_fragment_length); + return extensionData == null ? (short)-1 : (short)ReadMaxFragmentLengthExtension(extensionData); + } + + /// + public static int GetPaddingExtension(IDictionary extensions) + { + byte[] extensionData = TlsUtilities.GetExtensionData(extensions, ExtensionType.padding); + return extensionData == null ? -1 : ReadPaddingExtension(extensionData); + } + + /// + public static byte[] GetServerCertificateTypeExtensionClient(IDictionary extensions) + { + byte[] extensionData = TlsUtilities.GetExtensionData(extensions, ExtensionType.server_certificate_type); + return extensionData == null ? null : ReadCertificateTypeExtensionClient(extensionData); + } + + /// + public static short GetServerCertificateTypeExtensionServer(IDictionary extensions) + { + byte[] extensionData = TlsUtilities.GetExtensionData(extensions, ExtensionType.server_certificate_type); + return extensionData == null ? (short)-1 : (short)ReadCertificateTypeExtensionServer(extensionData); + } + + /// + public static ServerNameList GetServerNameExtension(IDictionary extensions) + { + byte[] extensionData = TlsUtilities.GetExtensionData(extensions, ExtensionType.server_name); + return extensionData == null ? null : ReadServerNameExtension(extensionData); + } + + /// + public static CertificateStatusRequest GetStatusRequestExtension(IDictionary extensions) + { + byte[] extensionData = TlsUtilities.GetExtensionData(extensions, ExtensionType.status_request); + return extensionData == null ? null : ReadStatusRequestExtension(extensionData); + } + + /// + public static bool HasEncryptThenMacExtension(IDictionary extensions) + { + byte[] extensionData = TlsUtilities.GetExtensionData(extensions, ExtensionType.encrypt_then_mac); + return extensionData == null ? false : ReadEncryptThenMacExtension(extensionData); + } + + /// + public static bool HasExtendedMasterSecretExtension(IDictionary extensions) + { + byte[] extensionData = TlsUtilities.GetExtensionData(extensions, ExtensionType.extended_master_secret); + return extensionData == null ? false : ReadExtendedMasterSecretExtension(extensionData); + } + + /// + public static bool HasTruncatedHMacExtension(IDictionary extensions) + { + byte[] extensionData = TlsUtilities.GetExtensionData(extensions, ExtensionType.truncated_hmac); + return extensionData == null ? false : ReadTruncatedHMacExtension(extensionData); + } + + /// + public static byte[] CreateCertificateTypeExtensionClient(byte[] certificateTypes) + { + if (certificateTypes == null || certificateTypes.Length < 1 || certificateTypes.Length > 255) + throw new TlsFatalAlert(AlertDescription.internal_error); + + return TlsUtilities.EncodeUint8ArrayWithUint8Length(certificateTypes); + } + + /// + public static byte[] CreateCertificateTypeExtensionServer(byte certificateType) + { + return TlsUtilities.EncodeUint8(certificateType); + } + + public static byte[] CreateEmptyExtensionData() + { + return TlsUtilities.EmptyBytes; + } + + public static byte[] CreateEncryptThenMacExtension() + { + return CreateEmptyExtensionData(); + } + + public static byte[] CreateExtendedMasterSecretExtension() + { + return CreateEmptyExtensionData(); + } + + /// + public static byte[] CreateHeartbeatExtension(HeartbeatExtension heartbeatExtension) + { + if (heartbeatExtension == null) + throw new TlsFatalAlert(AlertDescription.internal_error); + + MemoryStream buf = new MemoryStream(); + + heartbeatExtension.Encode(buf); + + return buf.ToArray(); + } + + /// + public static byte[] CreateMaxFragmentLengthExtension(byte maxFragmentLength) + { + return TlsUtilities.EncodeUint8(maxFragmentLength); + } + + /// + public static byte[] CreatePaddingExtension(int dataLength) + { + TlsUtilities.CheckUint16(dataLength); + return new byte[dataLength]; + } + + /// + public static byte[] CreateServerNameExtension(ServerNameList serverNameList) + { + if (serverNameList == null) + throw new TlsFatalAlert(AlertDescription.internal_error); + + MemoryStream buf = new MemoryStream(); + + serverNameList.Encode(buf); + + return buf.ToArray(); + } + + /// + public static byte[] CreateStatusRequestExtension(CertificateStatusRequest statusRequest) + { + if (statusRequest == null) + { + throw new TlsFatalAlert(AlertDescription.internal_error); + } + + MemoryStream buf = new MemoryStream(); + + statusRequest.Encode(buf); + + return buf.ToArray(); + } + + public static byte[] CreateTruncatedHMacExtension() + { + return CreateEmptyExtensionData(); + } + + /// + private static bool ReadEmptyExtensionData(byte[] extensionData) + { + if (extensionData == null) + throw new ArgumentNullException("extensionData"); + + if (extensionData.Length != 0) + throw new TlsFatalAlert(AlertDescription.illegal_parameter); + + return true; + } + + /// + public static byte[] ReadCertificateTypeExtensionClient(byte[] extensionData) + { + byte[] certificateTypes = TlsUtilities.DecodeUint8ArrayWithUint8Length(extensionData); + if (certificateTypes.Length < 1) + throw new TlsFatalAlert(AlertDescription.decode_error); + return certificateTypes; + } + + /// + public static byte ReadCertificateTypeExtensionServer(byte[] extensionData) + { + return TlsUtilities.DecodeUint8(extensionData); + } + + /// + public static bool ReadEncryptThenMacExtension(byte[] extensionData) + { + return ReadEmptyExtensionData(extensionData); + } + + /// + public static bool ReadExtendedMasterSecretExtension(byte[] extensionData) + { + return ReadEmptyExtensionData(extensionData); + } + + /// + public static HeartbeatExtension ReadHeartbeatExtension(byte[] extensionData) + { + if (extensionData == null) + throw new ArgumentNullException("extensionData"); + + MemoryStream buf = new MemoryStream(extensionData, false); + + HeartbeatExtension heartbeatExtension = HeartbeatExtension.Parse(buf); + + TlsProtocol.AssertEmpty(buf); + + return heartbeatExtension; + } + + /// + public static byte ReadMaxFragmentLengthExtension(byte[] extensionData) + { + return TlsUtilities.DecodeUint8(extensionData); + } + + /// + public static int ReadPaddingExtension(byte[] extensionData) + { + if (extensionData == null) + throw new ArgumentNullException("extensionData"); + + for (int i = 0; i < extensionData.Length; ++i) + { + if (extensionData[i] != 0) + throw new TlsFatalAlert(AlertDescription.illegal_parameter); + } + return extensionData.Length; + } + + /// + public static ServerNameList ReadServerNameExtension(byte[] extensionData) + { + if (extensionData == null) + throw new ArgumentNullException("extensionData"); + + MemoryStream buf = new MemoryStream(extensionData, false); + + ServerNameList serverNameList = ServerNameList.Parse(buf); + + TlsProtocol.AssertEmpty(buf); + + return serverNameList; + } + + /// + public static CertificateStatusRequest ReadStatusRequestExtension(byte[] extensionData) + { + if (extensionData == null) + throw new ArgumentNullException("extensionData"); + + MemoryStream buf = new MemoryStream(extensionData, false); + + CertificateStatusRequest statusRequest = CertificateStatusRequest.Parse(buf); + + TlsProtocol.AssertEmpty(buf); + + return statusRequest; + } + + /// + public static bool ReadTruncatedHMacExtension(byte[] extensionData) + { + return ReadEmptyExtensionData(extensionData); + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/tls/TlsFatalAlert.cs b/BouncyCastle/crypto/src/crypto/tls/TlsFatalAlert.cs new file mode 100644 index 0000000..6f18981 --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/tls/TlsFatalAlert.cs @@ -0,0 +1,26 @@ +using System; + +namespace Org.BouncyCastle.Crypto.Tls +{ + public class TlsFatalAlert + : TlsException + { + private readonly byte alertDescription; + + public TlsFatalAlert(byte alertDescription) + : this(alertDescription, null) + { + } + + public TlsFatalAlert(byte alertDescription, Exception alertCause) + : base(Tls.AlertDescription.GetText(alertDescription), alertCause) + { + this.alertDescription = alertDescription; + } + + public virtual byte AlertDescription + { + get { return alertDescription; } + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/tls/TlsFatalAlertReceived.cs b/BouncyCastle/crypto/src/crypto/tls/TlsFatalAlertReceived.cs new file mode 100644 index 0000000..044fc80 --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/tls/TlsFatalAlertReceived.cs @@ -0,0 +1,21 @@ +using System; + +namespace Org.BouncyCastle.Crypto.Tls +{ + public class TlsFatalAlertReceived + : TlsException + { + private readonly byte alertDescription; + + public TlsFatalAlertReceived(byte alertDescription) + : base(Tls.AlertDescription.GetText(alertDescription), null) + { + this.alertDescription = alertDescription; + } + + public virtual byte AlertDescription + { + get { return alertDescription; } + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/tls/TlsHandshakeHash.cs b/BouncyCastle/crypto/src/crypto/tls/TlsHandshakeHash.cs new file mode 100644 index 0000000..7118d97 --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/tls/TlsHandshakeHash.cs @@ -0,0 +1,22 @@ +using System; + +namespace Org.BouncyCastle.Crypto.Tls +{ + public interface TlsHandshakeHash + : IDigest + { + void Init(TlsContext context); + + TlsHandshakeHash NotifyPrfDetermined(); + + void TrackHashAlgorithm(byte hashAlgorithm); + + void SealHashAlgorithms(); + + TlsHandshakeHash StopTracking(); + + IDigest ForkPrfHash(); + + byte[] GetFinalHash(byte hashAlgorithm); + } +} diff --git a/BouncyCastle/crypto/src/crypto/tls/TlsKeyExchange.cs b/BouncyCastle/crypto/src/crypto/tls/TlsKeyExchange.cs new file mode 100644 index 0000000..6731f6f --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/tls/TlsKeyExchange.cs @@ -0,0 +1,54 @@ +using System; +using System.IO; + +namespace Org.BouncyCastle.Crypto.Tls +{ + /// + /// A generic interface for key exchange implementations in (D)TLS. + /// + public interface TlsKeyExchange + { + void Init(TlsContext context); + + /// + void SkipServerCredentials(); + + /// + void ProcessServerCredentials(TlsCredentials serverCredentials); + + /// + void ProcessServerCertificate(Certificate serverCertificate); + + bool RequiresServerKeyExchange { get; } + + /// + byte[] GenerateServerKeyExchange(); + + /// + void SkipServerKeyExchange(); + + /// + void ProcessServerKeyExchange(Stream input); + + /// + void ValidateCertificateRequest(CertificateRequest certificateRequest); + + /// + void SkipClientCredentials(); + + /// + void ProcessClientCredentials(TlsCredentials clientCredentials); + + /// + void ProcessClientCertificate(Certificate clientCertificate); + + /// + void GenerateClientKeyExchange(Stream output); + + /// + void ProcessClientKeyExchange(Stream input); + + /// + byte[] GeneratePremasterSecret(); + } +} diff --git a/BouncyCastle/crypto/src/crypto/tls/TlsMac.cs b/BouncyCastle/crypto/src/crypto/tls/TlsMac.cs new file mode 100644 index 0000000..a80319a --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/tls/TlsMac.cs @@ -0,0 +1,173 @@ +using System; +using System.IO; + +using Org.BouncyCastle.Crypto.Digests; +using Org.BouncyCastle.Crypto.Macs; +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Security; +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Crypto.Tls +{ + /// + /// A generic TLS MAC implementation, acting as an HMAC based on some underlying Digest. + /// + public class TlsMac + { + protected readonly TlsContext context; + protected readonly byte[] secret; + protected readonly IMac mac; + protected readonly int digestBlockSize; + protected readonly int digestOverhead; + protected readonly int macLength; + + /** + * Generate a new instance of an TlsMac. + * + * @param context the TLS client context + * @param digest The digest to use. + * @param key A byte-array where the key for this MAC is located. + * @param keyOff The number of bytes to skip, before the key starts in the buffer. + * @param keyLen The length of the key. + */ + public TlsMac(TlsContext context, IDigest digest, byte[] key, int keyOff, int keyLen) + { + this.context = context; + + KeyParameter keyParameter = new KeyParameter(key, keyOff, keyLen); + + this.secret = Arrays.Clone(keyParameter.GetKey()); + + // TODO This should check the actual algorithm, not rely on the engine type + if (digest is LongDigest) + { + this.digestBlockSize = 128; + this.digestOverhead = 16; + } + else + { + this.digestBlockSize = 64; + this.digestOverhead = 8; + } + + if (TlsUtilities.IsSsl(context)) + { + this.mac = new Ssl3Mac(digest); + + // TODO This should check the actual algorithm, not assume based on the digest size + if (digest.GetDigestSize() == 20) + { + /* + * NOTE: When SHA-1 is used with the SSL 3.0 MAC, the secret + input pad is not + * digest block-aligned. + */ + this.digestOverhead = 4; + } + } + else + { + this.mac = new HMac(digest); + + // NOTE: The input pad for HMAC is always a full digest block + } + + this.mac.Init(keyParameter); + + this.macLength = mac.GetMacSize(); + if (context.SecurityParameters.truncatedHMac) + { + this.macLength = System.Math.Min(this.macLength, 10); + } + } + + /** + * @return the MAC write secret + */ + public virtual byte[] MacSecret + { + get { return this.secret; } + } + + /** + * @return The output length of this MAC. + */ + public virtual int Size + { + get { return macLength; } + } + + /** + * Calculate the MAC for some given data. + * + * @param type The message type of the message. + * @param message A byte-buffer containing the message. + * @param offset The number of bytes to skip, before the message starts. + * @param length The length of the message. + * @return A new byte-buffer containing the MAC value. + */ + public virtual byte[] CalculateMac(long seqNo, byte type, byte[] message, int offset, int length) + { + ProtocolVersion serverVersion = context.ServerVersion; + bool isSsl = serverVersion.IsSsl; + + byte[] macHeader = new byte[isSsl ? 11 : 13]; + TlsUtilities.WriteUint64(seqNo, macHeader, 0); + TlsUtilities.WriteUint8(type, macHeader, 8); + if (!isSsl) + { + TlsUtilities.WriteVersion(serverVersion, macHeader, 9); + } + TlsUtilities.WriteUint16(length, macHeader, macHeader.Length - 2); + + mac.BlockUpdate(macHeader, 0, macHeader.Length); + mac.BlockUpdate(message, offset, length); + + return Truncate(MacUtilities.DoFinal(mac)); + } + + public virtual byte[] CalculateMacConstantTime(long seqNo, byte type, byte[] message, int offset, int length, + int fullLength, byte[] dummyData) + { + /* + * Actual MAC only calculated on 'length' bytes... + */ + byte[] result = CalculateMac(seqNo, type, message, offset, length); + + /* + * ...but ensure a constant number of complete digest blocks are processed (as many as would + * be needed for 'fullLength' bytes of input). + */ + int headerLength = TlsUtilities.IsSsl(context) ? 11 : 13; + + // How many extra full blocks do we need to calculate? + int extra = GetDigestBlockCount(headerLength + fullLength) - GetDigestBlockCount(headerLength + length); + + while (--extra >= 0) + { + mac.BlockUpdate(dummyData, 0, digestBlockSize); + } + + // One more byte in case the implementation is "lazy" about processing blocks + mac.Update(dummyData[0]); + mac.Reset(); + + return result; + } + + protected virtual int GetDigestBlockCount(int inputLength) + { + // NOTE: This calculation assumes a minimum of 1 pad byte + return (inputLength + digestOverhead) / digestBlockSize; + } + + protected virtual byte[] Truncate(byte[] bs) + { + if (bs.Length <= macLength) + { + return bs; + } + + return Arrays.CopyOf(bs, macLength); + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/tls/TlsNoCloseNotifyException.cs b/BouncyCastle/crypto/src/crypto/tls/TlsNoCloseNotifyException.cs new file mode 100644 index 0000000..0bafd82 --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/tls/TlsNoCloseNotifyException.cs @@ -0,0 +1,23 @@ +using System; +using System.IO; + +namespace Org.BouncyCastle.Crypto.Tls +{ + /// + /// This exception will be thrown(only) when the connection is closed by the peer without sending a + /// close_notify warning alert. + /// + /// + /// If this happens, the TLS protocol cannot rule out truncation of the connection data (potentially + /// malicious). It may be possible to check for truncation via some property of a higher level protocol + /// built upon TLS, e.g.the Content-Length header for HTTPS. + /// + public class TlsNoCloseNotifyException + : EndOfStreamException + { + public TlsNoCloseNotifyException() + : base("No close_notify alert received before connection closed") + { + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/tls/TlsNullCipher.cs b/BouncyCastle/crypto/src/crypto/tls/TlsNullCipher.cs new file mode 100644 index 0000000..f30ace2 --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/tls/TlsNullCipher.cs @@ -0,0 +1,118 @@ +using System; +using System.IO; + +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Crypto.Tls +{ + /// + /// A NULL CipherSuite, with optional MAC. + /// + public class TlsNullCipher + : TlsCipher + { + protected readonly TlsContext context; + + protected readonly TlsMac writeMac; + protected readonly TlsMac readMac; + + public TlsNullCipher(TlsContext context) + { + this.context = context; + this.writeMac = null; + this.readMac = null; + } + + /// + public TlsNullCipher(TlsContext context, IDigest clientWriteDigest, IDigest serverWriteDigest) + { + if ((clientWriteDigest == null) != (serverWriteDigest == null)) + throw new TlsFatalAlert(AlertDescription.internal_error); + + this.context = context; + + TlsMac clientWriteMac = null, serverWriteMac = null; + + if (clientWriteDigest != null) + { + int key_block_size = clientWriteDigest.GetDigestSize() + + serverWriteDigest.GetDigestSize(); + byte[] key_block = TlsUtilities.CalculateKeyBlock(context, key_block_size); + + int offset = 0; + + clientWriteMac = new TlsMac(context, clientWriteDigest, key_block, offset, + clientWriteDigest.GetDigestSize()); + offset += clientWriteDigest.GetDigestSize(); + + serverWriteMac = new TlsMac(context, serverWriteDigest, key_block, offset, + serverWriteDigest.GetDigestSize()); + offset += serverWriteDigest.GetDigestSize(); + + if (offset != key_block_size) + { + throw new TlsFatalAlert(AlertDescription.internal_error); + } + } + + if (context.IsServer) + { + writeMac = serverWriteMac; + readMac = clientWriteMac; + } + else + { + writeMac = clientWriteMac; + readMac = serverWriteMac; + } + } + + public virtual int GetPlaintextLimit(int ciphertextLimit) + { + int result = ciphertextLimit; + if (writeMac != null) + { + result -= writeMac.Size; + } + return result; + } + + /// + public virtual byte[] EncodePlaintext(long seqNo, byte type, byte[] plaintext, int offset, int len) + { + if (writeMac == null) + { + return Arrays.CopyOfRange(plaintext, offset, offset + len); + } + + byte[] mac = writeMac.CalculateMac(seqNo, type, plaintext, offset, len); + byte[] ciphertext = new byte[len + mac.Length]; + Array.Copy(plaintext, offset, ciphertext, 0, len); + Array.Copy(mac, 0, ciphertext, len, mac.Length); + return ciphertext; + } + + /// + public virtual byte[] DecodeCiphertext(long seqNo, byte type, byte[] ciphertext, int offset, int len) + { + if (readMac == null) + { + return Arrays.CopyOfRange(ciphertext, offset, offset + len); + } + + int macSize = readMac.Size; + if (len < macSize) + throw new TlsFatalAlert(AlertDescription.decode_error); + + int macInputLen = len - macSize; + + byte[] receivedMac = Arrays.CopyOfRange(ciphertext, offset + macInputLen, offset + len); + byte[] computedMac = readMac.CalculateMac(seqNo, type, ciphertext, offset, macInputLen); + + if (!Arrays.ConstantTimeAreEqual(receivedMac, computedMac)) + throw new TlsFatalAlert(AlertDescription.bad_record_mac); + + return Arrays.CopyOfRange(ciphertext, offset, offset + macInputLen); + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/tls/TlsNullCompression.cs b/BouncyCastle/crypto/src/crypto/tls/TlsNullCompression.cs new file mode 100644 index 0000000..45f8fc7 --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/tls/TlsNullCompression.cs @@ -0,0 +1,19 @@ +using System; +using System.IO; + +namespace Org.BouncyCastle.Crypto.Tls +{ + public class TlsNullCompression + : TlsCompression + { + public virtual Stream Compress(Stream output) + { + return output; + } + + public virtual Stream Decompress(Stream output) + { + return output; + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/tls/TlsPeer.cs b/BouncyCastle/crypto/src/crypto/tls/TlsPeer.cs new file mode 100644 index 0000000..817871b --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/tls/TlsPeer.cs @@ -0,0 +1,91 @@ +using System; +using System.IO; + +namespace Org.BouncyCastle.Crypto.Tls +{ + public interface TlsPeer + { + void NotifyCloseHandle(TlsCloseable closehandle); + + /// + void Cancel(); + + /// + /// Specify the timeout, in milliseconds, to use for the complete handshake process. + /// + /// + /// Negative values are not allowed. A timeout of zero means an infinite timeout (i.e. the + /// handshake will never time out). NOTE: Currently only respected by DTLS protocols. + /// + int GetHandshakeTimeoutMillis(); + + /// + /// This implementation supports RFC 7627 and will always negotiate the extended_master_secret + /// extension where possible. + /// + /// + /// When connecting to a peer that does not offer/accept this extension, it is recommended to + /// abort the handshake. This option is provided for interoperability with legacy peers, + /// although some TLS features will be disabled in that case (see RFC 7627 5.4). + /// + /// + /// true if the handshake should be aborted when the peer does not negotiate the + /// extended_master_secret extension, or false to support legacy interoperability. + /// + bool RequiresExtendedMasterSecret(); + + /// + /// draft-mathewson-no-gmtunixtime-00 2. "If existing users of a TLS implementation may rely on + /// gmt_unix_time containing the current time, we recommend that implementors MAY provide the + /// ability to set gmt_unix_time as an option only, off by default." + /// + /// + /// true if the current time should be used in the gmt_unix_time field of + /// Random, or false if gmt_unix_time should contain a cryptographically + /// random value. + /// + bool ShouldUseGmtUnixTime(); + + /// + /// Report whether the server supports secure renegotiation + /// + /// + /// The protocol handler automatically processes the relevant extensions + /// + /// + /// A , true if the server supports secure renegotiation + /// + /// + void NotifySecureRenegotiation(bool secureRenegotiation); + + /// + /// Return an implementation of to handle record compression. + /// + /// A + /// + TlsCompression GetCompression(); + + /// + /// Return an implementation of to use for encryption/decryption. + /// + /// A + /// + TlsCipher GetCipher(); + + /// This method will be called when an alert is raised by the protocol. + /// + /// + /// A human-readable message explaining what caused this alert. May be null. + /// The Exception that caused this alert to be raised. May be null. + void NotifyAlertRaised(byte alertLevel, byte alertDescription, string message, Exception cause); + + /// This method will be called when an alert is received from the remote peer. + /// + /// + void NotifyAlertReceived(byte alertLevel, byte alertDescription); + + /// Notifies the peer that the handshake has been successfully completed. + /// + void NotifyHandshakeComplete(); + } +} diff --git a/BouncyCastle/crypto/src/crypto/tls/TlsProtocol.cs b/BouncyCastle/crypto/src/crypto/tls/TlsProtocol.cs new file mode 100644 index 0000000..9e5d5c1 --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/tls/TlsProtocol.cs @@ -0,0 +1,1448 @@ +using System; +using System.Collections; +using System.IO; + +using Org.BouncyCastle.Crypto.Prng; +using Org.BouncyCastle.Security; +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Crypto.Tls +{ + public abstract class TlsProtocol + : TlsCloseable + { + /* + * Our Connection states + */ + protected const short CS_START = 0; + protected const short CS_CLIENT_HELLO = 1; + protected const short CS_SERVER_HELLO = 2; + protected const short CS_SERVER_SUPPLEMENTAL_DATA = 3; + protected const short CS_SERVER_CERTIFICATE = 4; + protected const short CS_CERTIFICATE_STATUS = 5; + protected const short CS_SERVER_KEY_EXCHANGE = 6; + protected const short CS_CERTIFICATE_REQUEST = 7; + protected const short CS_SERVER_HELLO_DONE = 8; + protected const short CS_CLIENT_SUPPLEMENTAL_DATA = 9; + protected const short CS_CLIENT_CERTIFICATE = 10; + protected const short CS_CLIENT_KEY_EXCHANGE = 11; + protected const short CS_CERTIFICATE_VERIFY = 12; + protected const short CS_CLIENT_FINISHED = 13; + protected const short CS_SERVER_SESSION_TICKET = 14; + protected const short CS_SERVER_FINISHED = 15; + protected const short CS_END = 16; + + /* + * Different modes to handle the known IV weakness + */ + protected const short ADS_MODE_1_Nsub1 = 0; // 1/n-1 record splitting + protected const short ADS_MODE_0_N = 1; // 0/n record splitting + protected const short ADS_MODE_0_N_FIRSTONLY = 2; // 0/n record splitting on first data fragment only + + /* + * Queues for data from some protocols. + */ + private ByteQueue mApplicationDataQueue = new ByteQueue(0); + private ByteQueue mAlertQueue = new ByteQueue(2); + private ByteQueue mHandshakeQueue = new ByteQueue(0); + // private ByteQueue mHeartbeatQueue = new ByteQueue(); + + /* + * The Record Stream we use + */ + internal RecordStream mRecordStream; + protected SecureRandom mSecureRandom; + + private TlsStream mTlsStream = null; + + private volatile bool mClosed = false; + private volatile bool mFailedWithError = false; + private volatile bool mAppDataReady = false; + private volatile bool mAppDataSplitEnabled = true; + private volatile int mAppDataSplitMode = ADS_MODE_1_Nsub1; + private byte[] mExpectedVerifyData = null; + + protected TlsSession mTlsSession = null; + protected SessionParameters mSessionParameters = null; + protected SecurityParameters mSecurityParameters = null; + protected Certificate mPeerCertificate = null; + + protected int[] mOfferedCipherSuites = null; + protected byte[] mOfferedCompressionMethods = null; + protected IDictionary mClientExtensions = null; + protected IDictionary mServerExtensions = null; + + protected short mConnectionState = CS_START; + protected bool mResumedSession = false; + protected bool mReceivedChangeCipherSpec = false; + protected bool mSecureRenegotiation = false; + protected bool mAllowCertificateStatus = false; + protected bool mExpectSessionTicket = false; + + protected bool mBlocking = true; + protected ByteQueueStream mInputBuffers = null; + protected ByteQueueStream mOutputBuffer = null; + + public TlsProtocol(Stream stream, SecureRandom secureRandom) + : this(stream, stream, secureRandom) + { + } + + public TlsProtocol(Stream input, Stream output, SecureRandom secureRandom) + { + this.mRecordStream = new RecordStream(this, input, output); + this.mSecureRandom = secureRandom; + } + + public TlsProtocol(SecureRandom secureRandom) + { + this.mBlocking = false; + this.mInputBuffers = new ByteQueueStream(); + this.mOutputBuffer = new ByteQueueStream(); + this.mRecordStream = new RecordStream(this, mInputBuffers, mOutputBuffer); + this.mSecureRandom = secureRandom; + } + + protected abstract TlsContext Context { get; } + + internal abstract AbstractTlsContext ContextAdmin { get; } + + protected abstract TlsPeer Peer { get; } + + protected virtual void HandleAlertMessage(byte alertLevel, byte alertDescription) + { + Peer.NotifyAlertReceived(alertLevel, alertDescription); + + if (alertLevel == AlertLevel.warning) + { + HandleAlertWarningMessage(alertDescription); + } + else + { + HandleFailure(); + + throw new TlsFatalAlertReceived(alertDescription); + } + } + + protected virtual void HandleAlertWarningMessage(byte alertDescription) + { + /* + * RFC 5246 7.2.1. The other party MUST respond with a close_notify alert of its own + * and close down the connection immediately, discarding any pending writes. + */ + if (alertDescription == AlertDescription.close_notify) + { + if (!mAppDataReady) + throw new TlsFatalAlert(AlertDescription.handshake_failure); + + HandleClose(false); + } + } + + protected virtual void HandleChangeCipherSpecMessage() + { + } + + protected virtual void HandleClose(bool user_canceled) + { + if (!mClosed) + { + this.mClosed = true; + + if (user_canceled && !mAppDataReady) + { + RaiseAlertWarning(AlertDescription.user_canceled, "User canceled handshake"); + } + + RaiseAlertWarning(AlertDescription.close_notify, "Connection closed"); + + mRecordStream.SafeClose(); + + if (!mAppDataReady) + { + CleanupHandshake(); + } + } + } + + protected virtual void HandleException(byte alertDescription, string message, Exception cause) + { + if (!mClosed) + { + RaiseAlertFatal(alertDescription, message, cause); + + HandleFailure(); + } + } + + protected virtual void HandleFailure() + { + this.mClosed = true; + this.mFailedWithError = true; + + /* + * RFC 2246 7.2.1. The session becomes unresumable if any connection is terminated + * without proper close_notify messages with level equal to warning. + */ + // TODO This isn't quite in the right place. Also, as of TLS 1.1 the above is obsolete. + InvalidateSession(); + + mRecordStream.SafeClose(); + + if (!mAppDataReady) + { + CleanupHandshake(); + } + } + + protected abstract void HandleHandshakeMessage(byte type, MemoryStream buf); + + protected virtual void ApplyMaxFragmentLengthExtension() + { + if (mSecurityParameters.maxFragmentLength >= 0) + { + if (!MaxFragmentLength.IsValid((byte)mSecurityParameters.maxFragmentLength)) + throw new TlsFatalAlert(AlertDescription.internal_error); + + int plainTextLimit = 1 << (8 + mSecurityParameters.maxFragmentLength); + mRecordStream.SetPlaintextLimit(plainTextLimit); + } + } + + protected virtual void CheckReceivedChangeCipherSpec(bool expected) + { + if (expected != mReceivedChangeCipherSpec) + throw new TlsFatalAlert(AlertDescription.unexpected_message); + } + + protected virtual void CleanupHandshake() + { + if (this.mExpectedVerifyData != null) + { + Arrays.Fill(this.mExpectedVerifyData, (byte)0); + this.mExpectedVerifyData = null; + } + + this.mSecurityParameters.Clear(); + this.mPeerCertificate = null; + + this.mOfferedCipherSuites = null; + this.mOfferedCompressionMethods = null; + this.mClientExtensions = null; + this.mServerExtensions = null; + + this.mResumedSession = false; + this.mReceivedChangeCipherSpec = false; + this.mSecureRenegotiation = false; + this.mAllowCertificateStatus = false; + this.mExpectSessionTicket = false; + } + + protected virtual void BlockForHandshake() + { + if (mBlocking) + { + while (this.mConnectionState != CS_END) + { + if (this.mClosed) + { + // NOTE: Any close during the handshake should have raised an exception. + throw new TlsFatalAlert(AlertDescription.internal_error); + } + + SafeReadRecord(); + } + } + } + + protected virtual void CompleteHandshake() + { + try + { + this.mConnectionState = CS_END; + + this.mAlertQueue.Shrink(); + this.mHandshakeQueue.Shrink(); + + this.mRecordStream.FinaliseHandshake(); + + this.mAppDataSplitEnabled = !TlsUtilities.IsTlsV11(Context); + + /* + * If this was an initial handshake, we are now ready to send and receive application data. + */ + if (!mAppDataReady) + { + this.mAppDataReady = true; + + if (mBlocking) + { + this.mTlsStream = new TlsStream(this); + } + } + + if (this.mTlsSession != null) + { + if (this.mSessionParameters == null) + { + this.mSessionParameters = new SessionParameters.Builder() + .SetCipherSuite(this.mSecurityParameters.CipherSuite) + .SetCompressionAlgorithm(this.mSecurityParameters.CompressionAlgorithm) + .SetExtendedMasterSecret(this.mSecurityParameters.IsExtendedMasterSecret) + .SetMasterSecret(this.mSecurityParameters.MasterSecret) + .SetPeerCertificate(this.mPeerCertificate) + .SetPskIdentity(this.mSecurityParameters.PskIdentity) + .SetSrpIdentity(this.mSecurityParameters.SrpIdentity) + // TODO Consider filtering extensions that aren't relevant to resumed sessions + .SetServerExtensions(this.mServerExtensions) + .Build(); + + this.mTlsSession = new TlsSessionImpl(this.mTlsSession.SessionID, this.mSessionParameters); + } + + ContextAdmin.SetResumableSession(this.mTlsSession); + } + + Peer.NotifyHandshakeComplete(); + } + finally + { + CleanupHandshake(); + } + } + + protected internal void ProcessRecord(byte protocol, byte[] buf, int off, int len) + { + /* + * Have a look at the protocol type, and add it to the correct queue. + */ + switch (protocol) + { + case ContentType.alert: + { + mAlertQueue.AddData(buf, off, len); + ProcessAlertQueue(); + break; + } + case ContentType.application_data: + { + if (!mAppDataReady) + throw new TlsFatalAlert(AlertDescription.unexpected_message); + + mApplicationDataQueue.AddData(buf, off, len); + ProcessApplicationDataQueue(); + break; + } + case ContentType.change_cipher_spec: + { + ProcessChangeCipherSpec(buf, off, len); + break; + } + case ContentType.handshake: + { + if (mHandshakeQueue.Available > 0) + { + mHandshakeQueue.AddData(buf, off, len); + ProcessHandshakeQueue(mHandshakeQueue); + } + else + { + ByteQueue tmpQueue = new ByteQueue(buf, off, len); + ProcessHandshakeQueue(tmpQueue); + int remaining = tmpQueue.Available; + if (remaining > 0) + { + mHandshakeQueue.AddData(buf, off + len - remaining, remaining); + } + } + break; + } + //case ContentType.heartbeat: + //{ + // if (!mAppDataReady) + // throw new TlsFatalAlert(AlertDescription.unexpected_message); + + // // TODO[RFC 6520] + // //mHeartbeatQueue.AddData(buf, offset, len); + // //ProcessHeartbeat(); + // break; + //} + default: + // Record type should already have been checked + throw new TlsFatalAlert(AlertDescription.internal_error); + } + } + + private void ProcessHandshakeQueue(ByteQueue queue) + { + while (queue.Available >= 4) + { + /* + * We need the first 4 bytes, they contain type and length of the message. + */ + byte[] beginning = new byte[4]; + queue.Read(beginning, 0, 4, 0); + byte type = TlsUtilities.ReadUint8(beginning, 0); + int length = TlsUtilities.ReadUint24(beginning, 1); + int totalLength = 4 + length; + + /* + * Check if we have enough bytes in the buffer to read the full message. + */ + if (queue.Available < totalLength) + break; + + /* + * RFC 2246 7.4.9. The value handshake_messages includes all handshake messages + * starting at client hello up to, but not including, this finished message. + * [..] Note: [Also,] Hello Request messages are omitted from handshake hashes. + */ + if (HandshakeType.hello_request != type) + { + if (HandshakeType.finished == type) + { + CheckReceivedChangeCipherSpec(true); + + TlsContext ctx = Context; + if (this.mExpectedVerifyData == null + && ctx.SecurityParameters.MasterSecret != null) + { + this.mExpectedVerifyData = CreateVerifyData(!ctx.IsServer); + } + } + else + { + CheckReceivedChangeCipherSpec(mConnectionState == CS_END); + } + + queue.CopyTo(mRecordStream.HandshakeHashUpdater, totalLength); + } + + queue.RemoveData(4); + + MemoryStream buf = queue.ReadFrom(length); + + /* + * Now, parse the message. + */ + HandleHandshakeMessage(type, buf); + } + } + + private void ProcessApplicationDataQueue() + { + /* + * There is nothing we need to do here. + * + * This function could be used for callbacks when application data arrives in the future. + */ + } + + private void ProcessAlertQueue() + { + while (mAlertQueue.Available >= 2) + { + /* + * An alert is always 2 bytes. Read the alert. + */ + byte[] alert = mAlertQueue.RemoveData(2, 0); + byte alertLevel = alert[0]; + byte alertDescription = alert[1]; + + HandleAlertMessage(alertLevel, alertDescription); + } + } + + /** + * This method is called, when a change cipher spec message is received. + * + * @throws IOException If the message has an invalid content or the handshake is not in the correct + * state. + */ + private void ProcessChangeCipherSpec(byte[] buf, int off, int len) + { + for (int i = 0; i < len; ++i) + { + byte message = TlsUtilities.ReadUint8(buf, off + i); + + if (message != ChangeCipherSpec.change_cipher_spec) + throw new TlsFatalAlert(AlertDescription.decode_error); + + if (this.mReceivedChangeCipherSpec + || mAlertQueue.Available > 0 + || mHandshakeQueue.Available > 0) + { + throw new TlsFatalAlert(AlertDescription.unexpected_message); + } + + mRecordStream.ReceivedReadCipherSpec(); + + this.mReceivedChangeCipherSpec = true; + + HandleChangeCipherSpecMessage(); + } + } + + protected internal virtual int ApplicationDataAvailable() + { + return mApplicationDataQueue.Available; + } + + /** + * Read data from the network. The method will return immediately, if there is still some data + * left in the buffer, or block until some application data has been read from the network. + * + * @param buf The buffer where the data will be copied to. + * @param offset The position where the data will be placed in the buffer. + * @param len The maximum number of bytes to read. + * @return The number of bytes read. + * @throws IOException If something goes wrong during reading data. + */ + protected internal virtual int ReadApplicationData(byte[] buf, int offset, int len) + { + if (len < 1) + return 0; + + while (mApplicationDataQueue.Available == 0) + { + if (this.mClosed) + { + if (this.mFailedWithError) + throw new IOException("Cannot read application data on failed TLS connection"); + + if (!mAppDataReady) + throw new InvalidOperationException("Cannot read application data until initial handshake completed."); + + return 0; + } + + SafeReadRecord(); + } + + len = System.Math.Min(len, mApplicationDataQueue.Available); + mApplicationDataQueue.RemoveData(buf, offset, len, 0); + return len; + } + + protected virtual void SafeCheckRecordHeader(byte[] recordHeader) + { + try + { + mRecordStream.CheckRecordHeader(recordHeader); + } + catch (TlsFatalAlert e) + { + HandleException(e.AlertDescription, "Failed to read record", e); + throw e; + } + catch (IOException e) + { + HandleException(AlertDescription.internal_error, "Failed to read record", e); + throw e; + } + catch (Exception e) + { + HandleException(AlertDescription.internal_error, "Failed to read record", e); + throw new TlsFatalAlert(AlertDescription.internal_error, e); + } + } + + protected virtual void SafeReadRecord() + { + try + { + if (mRecordStream.ReadRecord()) + return; + + if (!mAppDataReady) + throw new TlsFatalAlert(AlertDescription.handshake_failure); + } + catch (TlsFatalAlertReceived e) + { + // Connection failure already handled at source + throw e; + } + catch (TlsFatalAlert e) + { + HandleException(e.AlertDescription, "Failed to read record", e); + throw e; + } + catch (IOException e) + { + HandleException(AlertDescription.internal_error, "Failed to read record", e); + throw e; + } + catch (Exception e) + { + HandleException(AlertDescription.internal_error, "Failed to read record", e); + throw new TlsFatalAlert(AlertDescription.internal_error, e); + } + + HandleFailure(); + + throw new TlsNoCloseNotifyException(); + } + + protected virtual void SafeWriteRecord(byte type, byte[] buf, int offset, int len) + { + try + { + mRecordStream.WriteRecord(type, buf, offset, len); + } + catch (TlsFatalAlert e) + { + HandleException(e.AlertDescription, "Failed to write record", e); + throw e; + } + catch (IOException e) + { + HandleException(AlertDescription.internal_error, "Failed to write record", e); + throw e; + } + catch (Exception e) + { + HandleException(AlertDescription.internal_error, "Failed to write record", e); + throw new TlsFatalAlert(AlertDescription.internal_error, e); + } + } + + /** + * Send some application data to the remote system. + *

+ * The method will handle fragmentation internally. + * + * @param buf The buffer with the data. + * @param offset The position in the buffer where the data is placed. + * @param len The length of the data. + * @throws IOException If something goes wrong during sending. + */ + protected internal virtual void WriteData(byte[] buf, int offset, int len) + { + if (this.mClosed) + throw new IOException("Cannot write application data on closed/failed TLS connection"); + + while (len > 0) + { + /* + * RFC 5246 6.2.1. Zero-length fragments of Application data MAY be sent as they are + * potentially useful as a traffic analysis countermeasure. + * + * NOTE: Actually, implementations appear to have settled on 1/n-1 record splitting. + */ + + if (this.mAppDataSplitEnabled) + { + /* + * Protect against known IV attack! + * + * DO NOT REMOVE THIS CODE, EXCEPT YOU KNOW EXACTLY WHAT YOU ARE DOING HERE. + */ + switch (mAppDataSplitMode) + { + case ADS_MODE_0_N: + SafeWriteRecord(ContentType.application_data, TlsUtilities.EmptyBytes, 0, 0); + break; + case ADS_MODE_0_N_FIRSTONLY: + this.mAppDataSplitEnabled = false; + SafeWriteRecord(ContentType.application_data, TlsUtilities.EmptyBytes, 0, 0); + break; + case ADS_MODE_1_Nsub1: + default: + SafeWriteRecord(ContentType.application_data, buf, offset, 1); + ++offset; + --len; + break; + } + } + + if (len > 0) + { + // Fragment data according to the current fragment limit. + int toWrite = System.Math.Min(len, mRecordStream.GetPlaintextLimit()); + SafeWriteRecord(ContentType.application_data, buf, offset, toWrite); + offset += toWrite; + len -= toWrite; + } + } + } + + protected virtual void SetAppDataSplitMode(int appDataSplitMode) + { + if (appDataSplitMode < ADS_MODE_1_Nsub1 || appDataSplitMode > ADS_MODE_0_N_FIRSTONLY) + throw new ArgumentException("Illegal appDataSplitMode mode: " + appDataSplitMode, "appDataSplitMode"); + + this.mAppDataSplitMode = appDataSplitMode; + } + + protected virtual void WriteHandshakeMessage(byte[] buf, int off, int len) + { + if (len < 4) + throw new TlsFatalAlert(AlertDescription.internal_error); + + byte type = TlsUtilities.ReadUint8(buf, off); + if (type != HandshakeType.hello_request) + { + mRecordStream.HandshakeHashUpdater.Write(buf, off, len); + } + + int total = 0; + do + { + // Fragment data according to the current fragment limit. + int toWrite = System.Math.Min(len - total, mRecordStream.GetPlaintextLimit()); + SafeWriteRecord(ContentType.handshake, buf, off + total, toWrite); + total += toWrite; + } + while (total < len); + } + + ///

The secure bidirectional stream for this connection + /// Only allowed in blocking mode. + public virtual Stream Stream + { + get + { + if (!mBlocking) + throw new InvalidOperationException("Cannot use Stream in non-blocking mode! Use OfferInput()/OfferOutput() instead."); + return this.mTlsStream; + } + } + + /** + * Should be called in non-blocking mode when the input data reaches EOF. + */ + public virtual void CloseInput() + { + if (mBlocking) + throw new InvalidOperationException("Cannot use CloseInput() in blocking mode!"); + + if (mClosed) + return; + + if (mInputBuffers.Available > 0) + throw new EndOfStreamException(); + + if (!mAppDataReady) + throw new TlsFatalAlert(AlertDescription.handshake_failure); + + throw new TlsNoCloseNotifyException(); + } + + /** + * Equivalent to OfferInput(input, 0, input.length) + * @see TlsProtocol#OfferInput(byte[], int, int) + * @param input The input buffer to offer + * @throws IOException If an error occurs while decrypting or processing a record + */ + public virtual void OfferInput(byte[] input) + { + OfferInput(input, 0, input.Length); + } + + /** + * Offer input from an arbitrary source. Only allowed in non-blocking mode.
+ *
+ * This method will decrypt and process all records that are fully available. + * If only part of a record is available, the buffer will be retained until the + * remainder of the record is offered.
+ *
+ * If any records containing application data were processed, the decrypted data + * can be obtained using {@link #readInput(byte[], int, int)}. If any records + * containing protocol data were processed, a response may have been generated. + * You should always check to see if there is any available output after calling + * this method by calling {@link #getAvailableOutputBytes()}. + * @param input The input buffer to offer + * @param inputOff The offset within the input buffer that input begins + * @param inputLen The number of bytes of input being offered + * @throws IOException If an error occurs while decrypting or processing a record + */ + public virtual void OfferInput(byte[] input, int inputOff, int inputLen) + { + if (mBlocking) + throw new InvalidOperationException("Cannot use OfferInput() in blocking mode! Use Stream instead."); + if (mClosed) + throw new IOException("Connection is closed, cannot accept any more input"); + + mInputBuffers.Write(input, inputOff, inputLen); + + // loop while there are enough bytes to read the length of the next record + while (mInputBuffers.Available >= RecordStream.TLS_HEADER_SIZE) + { + byte[] recordHeader = new byte[RecordStream.TLS_HEADER_SIZE]; + mInputBuffers.Peek(recordHeader); + + int totalLength = TlsUtilities.ReadUint16(recordHeader, RecordStream.TLS_HEADER_LENGTH_OFFSET) + RecordStream.TLS_HEADER_SIZE; + if (mInputBuffers.Available < totalLength) + { + // not enough bytes to read a whole record + SafeCheckRecordHeader(recordHeader); + break; + } + + SafeReadRecord(); + + if (mClosed) + { + if (mConnectionState != CS_END) + { + // NOTE: Any close during the handshake should have raised an exception. + throw new TlsFatalAlert(AlertDescription.internal_error); + } + break; + } + } + } + + /** + * Gets the amount of received application data. A call to {@link #readInput(byte[], int, int)} + * is guaranteed to be able to return at least this much data.
+ *
+ * Only allowed in non-blocking mode. + * @return The number of bytes of available application data + */ + public virtual int GetAvailableInputBytes() + { + if (mBlocking) + throw new InvalidOperationException("Cannot use GetAvailableInputBytes() in blocking mode! Use ApplicationDataAvailable() instead."); + + return ApplicationDataAvailable(); + } + + /** + * Retrieves received application data. Use {@link #getAvailableInputBytes()} to check + * how much application data is currently available. This method functions similarly to + * {@link InputStream#read(byte[], int, int)}, except that it never blocks. If no data + * is available, nothing will be copied and zero will be returned.
+ *
+ * Only allowed in non-blocking mode. + * @param buffer The buffer to hold the application data + * @param offset The start offset in the buffer at which the data is written + * @param length The maximum number of bytes to read + * @return The total number of bytes copied to the buffer. May be less than the + * length specified if the length was greater than the amount of available data. + */ + public virtual int ReadInput(byte[] buffer, int offset, int length) + { + if (mBlocking) + throw new InvalidOperationException("Cannot use ReadInput() in blocking mode! Use Stream instead."); + + return ReadApplicationData(buffer, offset, System.Math.Min(length, ApplicationDataAvailable())); + } + + /** + * Offer output from an arbitrary source. Only allowed in non-blocking mode.
+ *
+ * After this method returns, the specified section of the buffer will have been + * processed. Use {@link #readOutput(byte[], int, int)} to get the bytes to + * transmit to the other peer.
+ *
+ * This method must not be called until after the handshake is complete! Attempting + * to call it before the handshake is complete will result in an exception. + * @param buffer The buffer containing application data to encrypt + * @param offset The offset at which to begin reading data + * @param length The number of bytes of data to read + * @throws IOException If an error occurs encrypting the data, or the handshake is not complete + */ + public virtual void OfferOutput(byte[] buffer, int offset, int length) + { + if (mBlocking) + throw new InvalidOperationException("Cannot use OfferOutput() in blocking mode! Use Stream instead."); + if (!mAppDataReady) + throw new IOException("Application data cannot be sent until the handshake is complete!"); + + WriteData(buffer, offset, length); + } + + /** + * Gets the amount of encrypted data available to be sent. A call to + * {@link #readOutput(byte[], int, int)} is guaranteed to be able to return at + * least this much data.
+ *
+ * Only allowed in non-blocking mode. + * @return The number of bytes of available encrypted data + */ + public virtual int GetAvailableOutputBytes() + { + if (mBlocking) + throw new InvalidOperationException("Cannot use GetAvailableOutputBytes() in blocking mode! Use Stream instead."); + + return mOutputBuffer.Available; + } + + /** + * Retrieves encrypted data to be sent. Use {@link #getAvailableOutputBytes()} to check + * how much encrypted data is currently available. This method functions similarly to + * {@link InputStream#read(byte[], int, int)}, except that it never blocks. If no data + * is available, nothing will be copied and zero will be returned.
+ *
+ * Only allowed in non-blocking mode. + * @param buffer The buffer to hold the encrypted data + * @param offset The start offset in the buffer at which the data is written + * @param length The maximum number of bytes to read + * @return The total number of bytes copied to the buffer. May be less than the + * length specified if the length was greater than the amount of available data. + */ + public virtual int ReadOutput(byte[] buffer, int offset, int length) + { + if (mBlocking) + throw new InvalidOperationException("Cannot use ReadOutput() in blocking mode! Use Stream instead."); + + return mOutputBuffer.Read(buffer, offset, length); + } + + protected virtual void InvalidateSession() + { + if (this.mSessionParameters != null) + { + this.mSessionParameters.Clear(); + this.mSessionParameters = null; + } + + if (this.mTlsSession != null) + { + this.mTlsSession.Invalidate(); + this.mTlsSession = null; + } + } + + protected virtual void ProcessFinishedMessage(MemoryStream buf) + { + if (mExpectedVerifyData == null) + throw new TlsFatalAlert(AlertDescription.internal_error); + + byte[] verify_data = TlsUtilities.ReadFully(mExpectedVerifyData.Length, buf); + + AssertEmpty(buf); + + /* + * Compare both checksums. + */ + if (!Arrays.ConstantTimeAreEqual(mExpectedVerifyData, verify_data)) + { + /* + * Wrong checksum in the finished message. + */ + throw new TlsFatalAlert(AlertDescription.decrypt_error); + } + } + + protected virtual void RaiseAlertFatal(byte alertDescription, string message, Exception cause) + { + Peer.NotifyAlertRaised(AlertLevel.fatal, alertDescription, message, cause); + + byte[] alert = new byte[]{ AlertLevel.fatal, alertDescription }; + + try + { + mRecordStream.WriteRecord(ContentType.alert, alert, 0, 2); + } + catch (Exception) + { + // We are already processing an exception, so just ignore this + } + } + + protected virtual void RaiseAlertWarning(byte alertDescription, string message) + { + Peer.NotifyAlertRaised(AlertLevel.warning, alertDescription, message, null); + + byte[] alert = new byte[]{ AlertLevel.warning, alertDescription }; + + SafeWriteRecord(ContentType.alert, alert, 0, 2); + } + + protected virtual void SendCertificateMessage(Certificate certificate) + { + if (certificate == null) + { + certificate = Certificate.EmptyChain; + } + + if (certificate.IsEmpty) + { + TlsContext context = Context; + if (!context.IsServer) + { + ProtocolVersion serverVersion = Context.ServerVersion; + if (serverVersion.IsSsl) + { + string errorMessage = serverVersion.ToString() + " client didn't provide credentials"; + RaiseAlertWarning(AlertDescription.no_certificate, errorMessage); + return; + } + } + } + + HandshakeMessage message = new HandshakeMessage(HandshakeType.certificate); + + certificate.Encode(message); + + message.WriteToRecordStream(this); + } + + protected virtual void SendChangeCipherSpecMessage() + { + byte[] message = new byte[]{ 1 }; + SafeWriteRecord(ContentType.change_cipher_spec, message, 0, message.Length); + mRecordStream.SentWriteCipherSpec(); + } + + protected virtual void SendFinishedMessage() + { + byte[] verify_data = CreateVerifyData(Context.IsServer); + + HandshakeMessage message = new HandshakeMessage(HandshakeType.finished, verify_data.Length); + + message.Write(verify_data, 0, verify_data.Length); + + message.WriteToRecordStream(this); + } + + protected virtual void SendSupplementalDataMessage(IList supplementalData) + { + HandshakeMessage message = new HandshakeMessage(HandshakeType.supplemental_data); + + WriteSupplementalData(message, supplementalData); + + message.WriteToRecordStream(this); + } + + protected virtual byte[] CreateVerifyData(bool isServer) + { + TlsContext context = Context; + string asciiLabel = isServer ? ExporterLabel.server_finished : ExporterLabel.client_finished; + byte[] sslSender = isServer ? TlsUtilities.SSL_SERVER : TlsUtilities.SSL_CLIENT; + byte[] hash = GetCurrentPrfHash(context, mRecordStream.HandshakeHash, sslSender); + return TlsUtilities.CalculateVerifyData(context, asciiLabel, hash); + } + + /** + * Closes this connection. + * + * @throws IOException If something goes wrong during closing. + */ + public virtual void Close() + { + HandleClose(true); + } + + protected internal virtual void Flush() + { + mRecordStream.Flush(); + } + + public virtual bool IsClosed + { + get { return mClosed; } + } + + protected virtual short ProcessMaxFragmentLengthExtension(IDictionary clientExtensions, IDictionary serverExtensions, + byte alertDescription) + { + short maxFragmentLength = TlsExtensionsUtilities.GetMaxFragmentLengthExtension(serverExtensions); + if (maxFragmentLength >= 0) + { + if (!MaxFragmentLength.IsValid((byte)maxFragmentLength) + || (!this.mResumedSession && maxFragmentLength != TlsExtensionsUtilities + .GetMaxFragmentLengthExtension(clientExtensions))) + { + throw new TlsFatalAlert(alertDescription); + } + } + return maxFragmentLength; + } + + protected virtual void RefuseRenegotiation() + { + /* + * RFC 5746 4.5 SSLv3 clients that refuse renegotiation SHOULD use a fatal + * handshake_failure alert. + */ + if (TlsUtilities.IsSsl(Context)) + throw new TlsFatalAlert(AlertDescription.handshake_failure); + + RaiseAlertWarning(AlertDescription.no_renegotiation, "Renegotiation not supported"); + } + + /** + * Make sure the InputStream 'buf' now empty. Fail otherwise. + * + * @param buf The InputStream to check. + * @throws IOException If 'buf' is not empty. + */ + protected internal static void AssertEmpty(MemoryStream buf) + { + if (buf.Position < buf.Length) + throw new TlsFatalAlert(AlertDescription.decode_error); + } + + protected internal static byte[] CreateRandomBlock(bool useGmtUnixTime, IRandomGenerator randomGenerator) + { + byte[] result = new byte[32]; + randomGenerator.NextBytes(result); + + if (useGmtUnixTime) + { + TlsUtilities.WriteGmtUnixTime(result, 0); + } + + return result; + } + + protected internal static byte[] CreateRenegotiationInfo(byte[] renegotiated_connection) + { + return TlsUtilities.EncodeOpaque8(renegotiated_connection); + } + + protected internal static void EstablishMasterSecret(TlsContext context, TlsKeyExchange keyExchange) + { + byte[] pre_master_secret = keyExchange.GeneratePremasterSecret(); + + try + { + context.SecurityParameters.masterSecret = TlsUtilities.CalculateMasterSecret(context, pre_master_secret); + } + finally + { + // TODO Is there a way to ensure the data is really overwritten? + /* + * RFC 2246 8.1. The pre_master_secret should be deleted from memory once the + * master_secret has been computed. + */ + if (pre_master_secret != null) + { + Arrays.Fill(pre_master_secret, (byte)0); + } + } + } + + /** + * 'sender' only relevant to SSLv3 + */ + protected internal static byte[] GetCurrentPrfHash(TlsContext context, TlsHandshakeHash handshakeHash, byte[] sslSender) + { + IDigest d = handshakeHash.ForkPrfHash(); + + if (sslSender != null && TlsUtilities.IsSsl(context)) + { + d.BlockUpdate(sslSender, 0, sslSender.Length); + } + + return DigestUtilities.DoFinal(d); + } + + protected internal static IDictionary ReadExtensions(MemoryStream input) + { + if (input.Position >= input.Length) + return null; + + byte[] extBytes = TlsUtilities.ReadOpaque16(input); + + AssertEmpty(input); + + MemoryStream buf = new MemoryStream(extBytes, false); + + // Integer -> byte[] + IDictionary extensions = Platform.CreateHashtable(); + + while (buf.Position < buf.Length) + { + int extension_type = TlsUtilities.ReadUint16(buf); + byte[] extension_data = TlsUtilities.ReadOpaque16(buf); + + /* + * RFC 3546 2.3 There MUST NOT be more than one extension of the same type. + */ + if (extensions.Contains(extension_type)) + throw new TlsFatalAlert(AlertDescription.illegal_parameter); + + extensions.Add(extension_type, extension_data); + } + + return extensions; + } + + protected internal static IList ReadSupplementalDataMessage(MemoryStream input) + { + byte[] supp_data = TlsUtilities.ReadOpaque24(input); + + AssertEmpty(input); + + MemoryStream buf = new MemoryStream(supp_data, false); + + IList supplementalData = Platform.CreateArrayList(); + + while (buf.Position < buf.Length) + { + int supp_data_type = TlsUtilities.ReadUint16(buf); + byte[] data = TlsUtilities.ReadOpaque16(buf); + + supplementalData.Add(new SupplementalDataEntry(supp_data_type, data)); + } + + return supplementalData; + } + + protected internal static void WriteExtensions(Stream output, IDictionary extensions) + { + MemoryStream buf = new MemoryStream(); + + /* + * NOTE: There are reports of servers that don't accept a zero-length extension as the last + * one, so we write out any zero-length ones first as a best-effort workaround. + */ + WriteSelectedExtensions(buf, extensions, true); + WriteSelectedExtensions(buf, extensions, false); + + byte[] extBytes = buf.ToArray(); + + TlsUtilities.WriteOpaque16(extBytes, output); + } + + protected internal static void WriteSelectedExtensions(Stream output, IDictionary extensions, bool selectEmpty) + { + foreach (int extension_type in extensions.Keys) + { + byte[] extension_data = (byte[])extensions[extension_type]; + if (selectEmpty == (extension_data.Length == 0)) + { + TlsUtilities.CheckUint16(extension_type); + TlsUtilities.WriteUint16(extension_type, output); + TlsUtilities.WriteOpaque16(extension_data, output); + } + } + } + + protected internal static void WriteSupplementalData(Stream output, IList supplementalData) + { + MemoryStream buf = new MemoryStream(); + + foreach (SupplementalDataEntry entry in supplementalData) + { + int supp_data_type = entry.DataType; + TlsUtilities.CheckUint16(supp_data_type); + TlsUtilities.WriteUint16(supp_data_type, buf); + TlsUtilities.WriteOpaque16(entry.Data, buf); + } + + byte[] supp_data = buf.ToArray(); + + TlsUtilities.WriteOpaque24(supp_data, output); + } + + protected internal static int GetPrfAlgorithm(TlsContext context, int ciphersuite) + { + bool isTLSv12 = TlsUtilities.IsTlsV12(context); + + switch (ciphersuite) + { + case CipherSuite.TLS_DH_anon_WITH_AES_128_CBC_SHA256: + case CipherSuite.TLS_DH_anon_WITH_AES_128_GCM_SHA256: + case CipherSuite.TLS_DH_anon_WITH_AES_256_CBC_SHA256: + case CipherSuite.TLS_DH_anon_WITH_CAMELLIA_128_CBC_SHA256: + case CipherSuite.TLS_DH_anon_WITH_CAMELLIA_128_GCM_SHA256: + case CipherSuite.TLS_DH_anon_WITH_CAMELLIA_256_CBC_SHA256: + case CipherSuite.TLS_DH_DSS_WITH_AES_128_CBC_SHA256: + case CipherSuite.TLS_DH_DSS_WITH_AES_128_GCM_SHA256: + case CipherSuite.TLS_DH_DSS_WITH_AES_256_CBC_SHA256: + case CipherSuite.TLS_DH_DSS_WITH_CAMELLIA_128_CBC_SHA256: + case CipherSuite.TLS_DH_DSS_WITH_CAMELLIA_128_GCM_SHA256: + case CipherSuite.TLS_DH_DSS_WITH_CAMELLIA_256_CBC_SHA256: + case CipherSuite.TLS_DH_RSA_WITH_AES_128_CBC_SHA256: + case CipherSuite.TLS_DH_RSA_WITH_AES_128_GCM_SHA256: + case CipherSuite.TLS_DH_RSA_WITH_AES_256_CBC_SHA256: + case CipherSuite.TLS_DH_RSA_WITH_CAMELLIA_128_CBC_SHA256: + case CipherSuite.TLS_DH_RSA_WITH_CAMELLIA_128_GCM_SHA256: + case CipherSuite.TLS_DH_RSA_WITH_CAMELLIA_256_CBC_SHA256: + case CipherSuite.TLS_DHE_DSS_WITH_AES_128_CBC_SHA256: + case CipherSuite.TLS_DHE_DSS_WITH_AES_128_GCM_SHA256: + case CipherSuite.TLS_DHE_DSS_WITH_AES_256_CBC_SHA256: + case CipherSuite.TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA256: + case CipherSuite.TLS_DHE_DSS_WITH_CAMELLIA_128_GCM_SHA256: + case CipherSuite.TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA256: + case CipherSuite.TLS_DHE_PSK_WITH_AES_128_CCM: + case CipherSuite.TLS_DHE_PSK_WITH_AES_128_GCM_SHA256: + case CipherSuite.TLS_DHE_PSK_WITH_AES_256_CCM: + case CipherSuite.TLS_DHE_PSK_WITH_CAMELLIA_128_GCM_SHA256: + case CipherSuite.DRAFT_TLS_DHE_PSK_WITH_CHACHA20_POLY1305_SHA256: + case CipherSuite.TLS_DHE_RSA_WITH_AES_128_CBC_SHA256: + case CipherSuite.TLS_DHE_RSA_WITH_AES_128_CCM: + case CipherSuite.TLS_DHE_RSA_WITH_AES_128_CCM_8: + case CipherSuite.TLS_DHE_RSA_WITH_AES_128_GCM_SHA256: + case CipherSuite.TLS_DHE_RSA_WITH_AES_256_CBC_SHA256: + case CipherSuite.TLS_DHE_RSA_WITH_AES_256_CCM: + case CipherSuite.TLS_DHE_RSA_WITH_AES_256_CCM_8: + case CipherSuite.TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256: + case CipherSuite.TLS_DHE_RSA_WITH_CAMELLIA_128_GCM_SHA256: + case CipherSuite.TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256: + case CipherSuite.TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256: + case CipherSuite.TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256: + case CipherSuite.TLS_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256: + case CipherSuite.TLS_ECDH_ECDSA_WITH_CAMELLIA_128_GCM_SHA256: + case CipherSuite.TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256: + case CipherSuite.TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256: + case CipherSuite.TLS_ECDH_RSA_WITH_CAMELLIA_128_CBC_SHA256: + case CipherSuite.TLS_ECDH_RSA_WITH_CAMELLIA_128_GCM_SHA256: + case CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256: + case CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_128_CCM: + case CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8: + case CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256: + case CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_256_CCM: + case CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_256_CCM_8: + case CipherSuite.TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256: + case CipherSuite.TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_GCM_SHA256: + case CipherSuite.DRAFT_TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256: + case CipherSuite.DRAFT_TLS_ECDHE_PSK_WITH_CHACHA20_POLY1305_SHA256: + case CipherSuite.TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256: + case CipherSuite.TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256: + case CipherSuite.TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256: + case CipherSuite.TLS_ECDHE_RSA_WITH_CAMELLIA_128_GCM_SHA256: + case CipherSuite.DRAFT_TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256: + case CipherSuite.TLS_PSK_DHE_WITH_AES_128_CCM_8: + case CipherSuite.TLS_PSK_DHE_WITH_AES_256_CCM_8: + case CipherSuite.TLS_PSK_WITH_AES_128_CCM: + case CipherSuite.TLS_PSK_WITH_AES_128_CCM_8: + case CipherSuite.TLS_PSK_WITH_AES_128_GCM_SHA256: + case CipherSuite.TLS_PSK_WITH_AES_256_CCM: + case CipherSuite.TLS_PSK_WITH_AES_256_CCM_8: + case CipherSuite.TLS_PSK_WITH_CAMELLIA_128_GCM_SHA256: + case CipherSuite.DRAFT_TLS_PSK_WITH_CHACHA20_POLY1305_SHA256: + case CipherSuite.TLS_RSA_PSK_WITH_AES_128_GCM_SHA256: + case CipherSuite.TLS_RSA_PSK_WITH_CAMELLIA_128_GCM_SHA256: + case CipherSuite.DRAFT_TLS_RSA_PSK_WITH_CHACHA20_POLY1305_SHA256: + case CipherSuite.TLS_RSA_WITH_AES_128_CBC_SHA256: + case CipherSuite.TLS_RSA_WITH_AES_128_CCM: + case CipherSuite.TLS_RSA_WITH_AES_128_CCM_8: + case CipherSuite.TLS_RSA_WITH_AES_128_GCM_SHA256: + case CipherSuite.TLS_RSA_WITH_AES_256_CBC_SHA256: + case CipherSuite.TLS_RSA_WITH_AES_256_CCM: + case CipherSuite.TLS_RSA_WITH_AES_256_CCM_8: + case CipherSuite.TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256: + case CipherSuite.TLS_RSA_WITH_CAMELLIA_128_GCM_SHA256: + case CipherSuite.TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256: + case CipherSuite.TLS_RSA_WITH_NULL_SHA256: + { + if (isTLSv12) + { + return PrfAlgorithm.tls_prf_sha256; + } + throw new TlsFatalAlert(AlertDescription.illegal_parameter); + } + + case CipherSuite.TLS_DH_anon_WITH_AES_256_GCM_SHA384: + case CipherSuite.TLS_DH_anon_WITH_CAMELLIA_256_GCM_SHA384: + case CipherSuite.TLS_DH_DSS_WITH_AES_256_GCM_SHA384: + case CipherSuite.TLS_DH_DSS_WITH_CAMELLIA_256_GCM_SHA384: + case CipherSuite.TLS_DH_RSA_WITH_AES_256_GCM_SHA384: + case CipherSuite.TLS_DH_RSA_WITH_CAMELLIA_256_GCM_SHA384: + case CipherSuite.TLS_DHE_DSS_WITH_AES_256_GCM_SHA384: + case CipherSuite.TLS_DHE_DSS_WITH_CAMELLIA_256_GCM_SHA384: + case CipherSuite.TLS_DHE_PSK_WITH_AES_256_GCM_SHA384: + case CipherSuite.TLS_DHE_PSK_WITH_CAMELLIA_256_GCM_SHA384: + case CipherSuite.TLS_DHE_RSA_WITH_AES_256_GCM_SHA384: + case CipherSuite.TLS_DHE_RSA_WITH_CAMELLIA_256_GCM_SHA384: + case CipherSuite.TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384: + case CipherSuite.TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384: + case CipherSuite.TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384: + case CipherSuite.TLS_ECDH_ECDSA_WITH_CAMELLIA_256_GCM_SHA384: + case CipherSuite.TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384: + case CipherSuite.TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384: + case CipherSuite.TLS_ECDH_RSA_WITH_CAMELLIA_256_CBC_SHA384: + case CipherSuite.TLS_ECDH_RSA_WITH_CAMELLIA_256_GCM_SHA384: + case CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384: + case CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384: + case CipherSuite.TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384: + case CipherSuite.TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_GCM_SHA384: + case CipherSuite.TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384: + case CipherSuite.TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384: + case CipherSuite.TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384: + case CipherSuite.TLS_ECDHE_RSA_WITH_CAMELLIA_256_GCM_SHA384: + case CipherSuite.TLS_PSK_WITH_AES_256_GCM_SHA384: + case CipherSuite.TLS_PSK_WITH_CAMELLIA_256_GCM_SHA384: + case CipherSuite.TLS_RSA_PSK_WITH_AES_256_GCM_SHA384: + case CipherSuite.TLS_RSA_PSK_WITH_CAMELLIA_256_GCM_SHA384: + case CipherSuite.TLS_RSA_WITH_AES_256_GCM_SHA384: + case CipherSuite.TLS_RSA_WITH_CAMELLIA_256_GCM_SHA384: + { + if (isTLSv12) + { + return PrfAlgorithm.tls_prf_sha384; + } + throw new TlsFatalAlert(AlertDescription.illegal_parameter); + } + + case CipherSuite.TLS_DHE_PSK_WITH_AES_256_CBC_SHA384: + case CipherSuite.TLS_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384: + case CipherSuite.TLS_DHE_PSK_WITH_NULL_SHA384: + case CipherSuite.TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384: + case CipherSuite.TLS_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384: + case CipherSuite.TLS_ECDHE_PSK_WITH_NULL_SHA384: + case CipherSuite.TLS_PSK_WITH_AES_256_CBC_SHA384: + case CipherSuite.TLS_PSK_WITH_CAMELLIA_256_CBC_SHA384: + case CipherSuite.TLS_PSK_WITH_NULL_SHA384: + case CipherSuite.TLS_RSA_PSK_WITH_AES_256_CBC_SHA384: + case CipherSuite.TLS_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384: + case CipherSuite.TLS_RSA_PSK_WITH_NULL_SHA384: + { + if (isTLSv12) + { + return PrfAlgorithm.tls_prf_sha384; + } + return PrfAlgorithm.tls_prf_legacy; + } + + default: + { + if (isTLSv12) + { + return PrfAlgorithm.tls_prf_sha256; + } + return PrfAlgorithm.tls_prf_legacy; + } + } + } + + internal class HandshakeMessage + : MemoryStream + { + internal HandshakeMessage(byte handshakeType) + : this(handshakeType, 60) + { + } + + internal HandshakeMessage(byte handshakeType, int length) + : base(length + 4) + { + TlsUtilities.WriteUint8(handshakeType, this); + // Reserve space for length + TlsUtilities.WriteUint24(0, this); + } + + internal void Write(byte[] data) + { + Write(data, 0, data.Length); + } + + internal void WriteToRecordStream(TlsProtocol protocol) + { + // Patch actual length back in + long length = Length - 4; + TlsUtilities.CheckUint24(length); + this.Position = 1; + TlsUtilities.WriteUint24((int)length, this); + +#if PORTABLE + byte[] buf = ToArray(); + int bufLen = buf.Length; +#else + byte[] buf = GetBuffer(); + int bufLen = (int)Length; +#endif + + protocol.WriteHandshakeMessage(buf, 0, bufLen); + Platform.Dispose(this); + } + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/tls/TlsProtocolHandler.cs b/BouncyCastle/crypto/src/crypto/tls/TlsProtocolHandler.cs new file mode 100644 index 0000000..6f22346 --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/tls/TlsProtocolHandler.cs @@ -0,0 +1,39 @@ +using System; +using System.Collections; +using System.IO; +using System.Text; + +using Org.BouncyCastle.Asn1; +using Org.BouncyCastle.Asn1.X509; +using Org.BouncyCastle.Crypto.Agreement; +using Org.BouncyCastle.Crypto.Agreement.Srp; +using Org.BouncyCastle.Crypto.Digests; +using Org.BouncyCastle.Crypto.Encodings; +using Org.BouncyCastle.Crypto.Engines; +using Org.BouncyCastle.Crypto.Generators; +using Org.BouncyCastle.Crypto.IO; +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Crypto.Prng; +using Org.BouncyCastle.Math; +using Org.BouncyCastle.Security; +using Org.BouncyCastle.Utilities; +using Org.BouncyCastle.Utilities.Date; + +namespace Org.BouncyCastle.Crypto.Tls +{ + [Obsolete("Use 'TlsClientProtocol' instead")] + public class TlsProtocolHandler + : TlsClientProtocol + { + public TlsProtocolHandler(Stream stream, SecureRandom secureRandom) + : base(stream, stream, secureRandom) + { + } + + /// Both streams can be the same object + public TlsProtocolHandler(Stream input, Stream output, SecureRandom secureRandom) + : base(input, output, secureRandom) + { + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/tls/TlsPskIdentity.cs b/BouncyCastle/crypto/src/crypto/tls/TlsPskIdentity.cs new file mode 100644 index 0000000..119064e --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/tls/TlsPskIdentity.cs @@ -0,0 +1,15 @@ +using System; + +namespace Org.BouncyCastle.Crypto.Tls +{ + public interface TlsPskIdentity + { + void SkipIdentityHint(); + + void NotifyIdentityHint(byte[] psk_identity_hint); + + byte[] GetPskIdentity(); + + byte[] GetPsk(); + } +} diff --git a/BouncyCastle/crypto/src/crypto/tls/TlsPskIdentityManager.cs b/BouncyCastle/crypto/src/crypto/tls/TlsPskIdentityManager.cs new file mode 100644 index 0000000..a72c229 --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/tls/TlsPskIdentityManager.cs @@ -0,0 +1,11 @@ +using System; + +namespace Org.BouncyCastle.Crypto.Tls +{ + public interface TlsPskIdentityManager + { + byte[] GetHint(); + + byte[] GetPsk(byte[] identity); + } +} diff --git a/BouncyCastle/crypto/src/crypto/tls/TlsPskKeyExchange.cs b/BouncyCastle/crypto/src/crypto/tls/TlsPskKeyExchange.cs new file mode 100644 index 0000000..aec7af7 --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/tls/TlsPskKeyExchange.cs @@ -0,0 +1,334 @@ +using System; +using System.Collections; +using System.IO; + +using Org.BouncyCastle.Asn1.X509; +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Security; +using Org.BouncyCastle.Utilities; +using Org.BouncyCastle.Utilities.IO; + +namespace Org.BouncyCastle.Crypto.Tls +{ + /// (D)TLS PSK key exchange (RFC 4279). + public class TlsPskKeyExchange + : AbstractTlsKeyExchange + { + protected TlsPskIdentity mPskIdentity; + protected TlsPskIdentityManager mPskIdentityManager; + + protected TlsDHVerifier mDHVerifier; + protected DHParameters mDHParameters; + protected int[] mNamedCurves; + protected byte[] mClientECPointFormats, mServerECPointFormats; + + protected byte[] mPskIdentityHint = null; + protected byte[] mPsk = null; + + protected DHPrivateKeyParameters mDHAgreePrivateKey = null; + protected DHPublicKeyParameters mDHAgreePublicKey = null; + + protected ECPrivateKeyParameters mECAgreePrivateKey = null; + protected ECPublicKeyParameters mECAgreePublicKey = null; + + protected AsymmetricKeyParameter mServerPublicKey = null; + protected RsaKeyParameters mRsaServerPublicKey = null; + protected TlsEncryptionCredentials mServerCredentials = null; + protected byte[] mPremasterSecret; + + [Obsolete("Use constructor that takes a TlsDHVerifier")] + public TlsPskKeyExchange(int keyExchange, IList supportedSignatureAlgorithms, TlsPskIdentity pskIdentity, + TlsPskIdentityManager pskIdentityManager, DHParameters dhParameters, int[] namedCurves, + byte[] clientECPointFormats, byte[] serverECPointFormats) + : this(keyExchange, supportedSignatureAlgorithms, pskIdentity, pskIdentityManager, new DefaultTlsDHVerifier(), + dhParameters, namedCurves, clientECPointFormats, serverECPointFormats) + { + } + + public TlsPskKeyExchange(int keyExchange, IList supportedSignatureAlgorithms, TlsPskIdentity pskIdentity, + TlsPskIdentityManager pskIdentityManager, TlsDHVerifier dhVerifier, DHParameters dhParameters, int[] namedCurves, + byte[] clientECPointFormats, byte[] serverECPointFormats) + : base(keyExchange, supportedSignatureAlgorithms) + { + switch (keyExchange) + { + case KeyExchangeAlgorithm.DHE_PSK: + case KeyExchangeAlgorithm.ECDHE_PSK: + case KeyExchangeAlgorithm.PSK: + case KeyExchangeAlgorithm.RSA_PSK: + break; + default: + throw new InvalidOperationException("unsupported key exchange algorithm"); + } + + this.mPskIdentity = pskIdentity; + this.mPskIdentityManager = pskIdentityManager; + this.mDHVerifier = dhVerifier; + this.mDHParameters = dhParameters; + this.mNamedCurves = namedCurves; + this.mClientECPointFormats = clientECPointFormats; + this.mServerECPointFormats = serverECPointFormats; + } + + public override void SkipServerCredentials() + { + if (mKeyExchange == KeyExchangeAlgorithm.RSA_PSK) + throw new TlsFatalAlert(AlertDescription.unexpected_message); + } + + public override void ProcessServerCredentials(TlsCredentials serverCredentials) + { + if (!(serverCredentials is TlsEncryptionCredentials)) + throw new TlsFatalAlert(AlertDescription.internal_error); + + ProcessServerCertificate(serverCredentials.Certificate); + + this.mServerCredentials = (TlsEncryptionCredentials)serverCredentials; + } + + public override byte[] GenerateServerKeyExchange() + { + this.mPskIdentityHint = mPskIdentityManager.GetHint(); + + if (this.mPskIdentityHint == null && !RequiresServerKeyExchange) + return null; + + MemoryStream buf = new MemoryStream(); + + if (this.mPskIdentityHint == null) + { + TlsUtilities.WriteOpaque16(TlsUtilities.EmptyBytes, buf); + } + else + { + TlsUtilities.WriteOpaque16(this.mPskIdentityHint, buf); + } + + if (this.mKeyExchange == KeyExchangeAlgorithm.DHE_PSK) + { + if (this.mDHParameters == null) + throw new TlsFatalAlert(AlertDescription.internal_error); + + this.mDHAgreePrivateKey = TlsDHUtilities.GenerateEphemeralServerKeyExchange(mContext.SecureRandom, + this.mDHParameters, buf); + } + else if (this.mKeyExchange == KeyExchangeAlgorithm.ECDHE_PSK) + { + this.mECAgreePrivateKey = TlsEccUtilities.GenerateEphemeralServerKeyExchange(mContext.SecureRandom, + mNamedCurves, mClientECPointFormats, buf); + } + + return buf.ToArray(); + } + + public override void ProcessServerCertificate(Certificate serverCertificate) + { + if (mKeyExchange != KeyExchangeAlgorithm.RSA_PSK) + throw new TlsFatalAlert(AlertDescription.unexpected_message); + if (serverCertificate.IsEmpty) + throw new TlsFatalAlert(AlertDescription.decode_error); + + X509CertificateStructure x509Cert = serverCertificate.GetCertificateAt(0); + + SubjectPublicKeyInfo keyInfo = x509Cert.SubjectPublicKeyInfo; + try + { + this.mServerPublicKey = PublicKeyFactory.CreateKey(keyInfo); + } + catch (Exception e) + { + throw new TlsFatalAlert(AlertDescription.unsupported_certificate, e); + } + + // Sanity check the PublicKeyFactory + if (this.mServerPublicKey.IsPrivate) + throw new TlsFatalAlert(AlertDescription.internal_error); + + this.mRsaServerPublicKey = ValidateRsaPublicKey((RsaKeyParameters)this.mServerPublicKey); + + TlsUtilities.ValidateKeyUsage(x509Cert, KeyUsage.KeyEncipherment); + + base.ProcessServerCertificate(serverCertificate); + } + + public override bool RequiresServerKeyExchange + { + get + { + switch (mKeyExchange) + { + case KeyExchangeAlgorithm.DHE_PSK: + case KeyExchangeAlgorithm.ECDHE_PSK: + return true; + default: + return false; + } + } + } + + public override void ProcessServerKeyExchange(Stream input) + { + this.mPskIdentityHint = TlsUtilities.ReadOpaque16(input); + + if (this.mKeyExchange == KeyExchangeAlgorithm.DHE_PSK) + { + this.mDHParameters = TlsDHUtilities.ReceiveDHParameters(mDHVerifier, input); + this.mDHAgreePublicKey = new DHPublicKeyParameters(TlsDHUtilities.ReadDHParameter(input), mDHParameters); + } + else if (this.mKeyExchange == KeyExchangeAlgorithm.ECDHE_PSK) + { + ECDomainParameters ecParams = TlsEccUtilities.ReadECParameters(mNamedCurves, mClientECPointFormats, input); + + byte[] point = TlsUtilities.ReadOpaque8(input); + + this.mECAgreePublicKey = TlsEccUtilities.ValidateECPublicKey(TlsEccUtilities.DeserializeECPublicKey( + mClientECPointFormats, ecParams, point)); + } + } + + public override void ValidateCertificateRequest(CertificateRequest certificateRequest) + { + throw new TlsFatalAlert(AlertDescription.unexpected_message); + } + + public override void ProcessClientCredentials(TlsCredentials clientCredentials) + { + throw new TlsFatalAlert(AlertDescription.internal_error); + } + + public override void GenerateClientKeyExchange(Stream output) + { + if (mPskIdentityHint == null) + { + mPskIdentity.SkipIdentityHint(); + } + else + { + mPskIdentity.NotifyIdentityHint(mPskIdentityHint); + } + + byte[] psk_identity = mPskIdentity.GetPskIdentity(); + if (psk_identity == null) + throw new TlsFatalAlert(AlertDescription.internal_error); + + this.mPsk = mPskIdentity.GetPsk(); + if (mPsk == null) + throw new TlsFatalAlert(AlertDescription.internal_error); + + TlsUtilities.WriteOpaque16(psk_identity, output); + + mContext.SecurityParameters.pskIdentity = psk_identity; + + if (this.mKeyExchange == KeyExchangeAlgorithm.DHE_PSK) + { + this.mDHAgreePrivateKey = TlsDHUtilities.GenerateEphemeralClientKeyExchange(mContext.SecureRandom, + mDHParameters, output); + } + else if (this.mKeyExchange == KeyExchangeAlgorithm.ECDHE_PSK) + { + this.mECAgreePrivateKey = TlsEccUtilities.GenerateEphemeralClientKeyExchange(mContext.SecureRandom, + mServerECPointFormats, mECAgreePublicKey.Parameters, output); + } + else if (this.mKeyExchange == KeyExchangeAlgorithm.RSA_PSK) + { + this.mPremasterSecret = TlsRsaUtilities.GenerateEncryptedPreMasterSecret(mContext, + this.mRsaServerPublicKey, output); + } + } + + public override void ProcessClientKeyExchange(Stream input) + { + byte[] psk_identity = TlsUtilities.ReadOpaque16(input); + + this.mPsk = mPskIdentityManager.GetPsk(psk_identity); + if (mPsk == null) + throw new TlsFatalAlert(AlertDescription.unknown_psk_identity); + + mContext.SecurityParameters.pskIdentity = psk_identity; + + if (this.mKeyExchange == KeyExchangeAlgorithm.DHE_PSK) + { + this.mDHAgreePublicKey = new DHPublicKeyParameters(TlsDHUtilities.ReadDHParameter(input), mDHParameters); + } + else if (this.mKeyExchange == KeyExchangeAlgorithm.ECDHE_PSK) + { + byte[] point = TlsUtilities.ReadOpaque8(input); + + ECDomainParameters curve_params = this.mECAgreePrivateKey.Parameters; + + this.mECAgreePublicKey = TlsEccUtilities.ValidateECPublicKey(TlsEccUtilities.DeserializeECPublicKey( + mServerECPointFormats, curve_params, point)); + } + else if (this.mKeyExchange == KeyExchangeAlgorithm.RSA_PSK) + { + byte[] encryptedPreMasterSecret; + if (TlsUtilities.IsSsl(mContext)) + { + // TODO Do any SSLv3 clients actually include the length? + encryptedPreMasterSecret = Streams.ReadAll(input); + } + else + { + encryptedPreMasterSecret = TlsUtilities.ReadOpaque16(input); + } + + this.mPremasterSecret = mServerCredentials.DecryptPreMasterSecret(encryptedPreMasterSecret); + } + } + + public override byte[] GeneratePremasterSecret() + { + byte[] other_secret = GenerateOtherSecret(mPsk.Length); + + MemoryStream buf = new MemoryStream(4 + other_secret.Length + mPsk.Length); + TlsUtilities.WriteOpaque16(other_secret, buf); + TlsUtilities.WriteOpaque16(mPsk, buf); + + Arrays.Fill(mPsk, (byte)0); + this.mPsk = null; + + return buf.ToArray(); + } + + protected virtual byte[] GenerateOtherSecret(int pskLength) + { + if (this.mKeyExchange == KeyExchangeAlgorithm.DHE_PSK) + { + if (mDHAgreePrivateKey != null) + { + return TlsDHUtilities.CalculateDHBasicAgreement(mDHAgreePublicKey, mDHAgreePrivateKey); + } + + throw new TlsFatalAlert(AlertDescription.internal_error); + } + + if (this.mKeyExchange == KeyExchangeAlgorithm.ECDHE_PSK) + { + if (mECAgreePrivateKey != null) + { + return TlsEccUtilities.CalculateECDHBasicAgreement(mECAgreePublicKey, mECAgreePrivateKey); + } + + throw new TlsFatalAlert(AlertDescription.internal_error); + } + + if (this.mKeyExchange == KeyExchangeAlgorithm.RSA_PSK) + { + return this.mPremasterSecret; + } + + return new byte[pskLength]; + } + + protected virtual RsaKeyParameters ValidateRsaPublicKey(RsaKeyParameters key) + { + // TODO What is the minimum bit length required? + // key.Modulus.BitLength; + + if (!key.Exponent.IsProbablePrime(2)) + throw new TlsFatalAlert(AlertDescription.illegal_parameter); + + return key; + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/tls/TlsRsaKeyExchange.cs b/BouncyCastle/crypto/src/crypto/tls/TlsRsaKeyExchange.cs new file mode 100644 index 0000000..0e7195f --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/tls/TlsRsaKeyExchange.cs @@ -0,0 +1,140 @@ +using System; +using System.Collections; +using System.IO; + +using Org.BouncyCastle.Asn1; +using Org.BouncyCastle.Asn1.X509; +using Org.BouncyCastle.Crypto.Encodings; +using Org.BouncyCastle.Crypto.Engines; +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Security; +using Org.BouncyCastle.Utilities.IO; + +namespace Org.BouncyCastle.Crypto.Tls +{ + /// (D)TLS and SSLv3 RSA key exchange. + public class TlsRsaKeyExchange + : AbstractTlsKeyExchange + { + protected AsymmetricKeyParameter mServerPublicKey = null; + + protected RsaKeyParameters mRsaServerPublicKey = null; + + protected TlsEncryptionCredentials mServerCredentials = null; + + protected byte[] mPremasterSecret; + + public TlsRsaKeyExchange(IList supportedSignatureAlgorithms) + : base(KeyExchangeAlgorithm.RSA, supportedSignatureAlgorithms) + { + } + + public override void SkipServerCredentials() + { + throw new TlsFatalAlert(AlertDescription.unexpected_message); + } + + public override void ProcessServerCredentials(TlsCredentials serverCredentials) + { + if (!(serverCredentials is TlsEncryptionCredentials)) + throw new TlsFatalAlert(AlertDescription.internal_error); + + ProcessServerCertificate(serverCredentials.Certificate); + + this.mServerCredentials = (TlsEncryptionCredentials)serverCredentials; + } + + public override void ProcessServerCertificate(Certificate serverCertificate) + { + if (serverCertificate.IsEmpty) + throw new TlsFatalAlert(AlertDescription.decode_error); + + X509CertificateStructure x509Cert = serverCertificate.GetCertificateAt(0); + + SubjectPublicKeyInfo keyInfo = x509Cert.SubjectPublicKeyInfo; + try + { + this.mServerPublicKey = PublicKeyFactory.CreateKey(keyInfo); + } + catch (Exception e) + { + throw new TlsFatalAlert(AlertDescription.unsupported_certificate, e); + } + + // Sanity check the PublicKeyFactory + if (this.mServerPublicKey.IsPrivate) + throw new TlsFatalAlert(AlertDescription.internal_error); + + this.mRsaServerPublicKey = ValidateRsaPublicKey((RsaKeyParameters)this.mServerPublicKey); + + TlsUtilities.ValidateKeyUsage(x509Cert, KeyUsage.KeyEncipherment); + + base.ProcessServerCertificate(serverCertificate); + } + + public override void ValidateCertificateRequest(CertificateRequest certificateRequest) + { + byte[] types = certificateRequest.CertificateTypes; + for (int i = 0; i < types.Length; ++i) + { + switch (types[i]) + { + case ClientCertificateType.rsa_sign: + case ClientCertificateType.dss_sign: + case ClientCertificateType.ecdsa_sign: + break; + default: + throw new TlsFatalAlert(AlertDescription.illegal_parameter); + } + } + } + + public override void ProcessClientCredentials(TlsCredentials clientCredentials) + { + if (!(clientCredentials is TlsSignerCredentials)) + throw new TlsFatalAlert(AlertDescription.internal_error); + } + + public override void GenerateClientKeyExchange(Stream output) + { + this.mPremasterSecret = TlsRsaUtilities.GenerateEncryptedPreMasterSecret(mContext, mRsaServerPublicKey, output); + } + + public override void ProcessClientKeyExchange(Stream input) + { + byte[] encryptedPreMasterSecret; + if (TlsUtilities.IsSsl(mContext)) + { + // TODO Do any SSLv3 clients actually include the length? + encryptedPreMasterSecret = Streams.ReadAll(input); + } + else + { + encryptedPreMasterSecret = TlsUtilities.ReadOpaque16(input); + } + + this.mPremasterSecret = mServerCredentials.DecryptPreMasterSecret(encryptedPreMasterSecret); + } + + public override byte[] GeneratePremasterSecret() + { + if (this.mPremasterSecret == null) + throw new TlsFatalAlert(AlertDescription.internal_error); + + byte[] tmp = this.mPremasterSecret; + this.mPremasterSecret = null; + return tmp; + } + + protected virtual RsaKeyParameters ValidateRsaPublicKey(RsaKeyParameters key) + { + // TODO What is the minimum bit length required? + // key.Modulus.BitLength; + + if (!key.Exponent.IsProbablePrime(2)) + throw new TlsFatalAlert(AlertDescription.illegal_parameter); + + return key; + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/tls/TlsRsaSigner.cs b/BouncyCastle/crypto/src/crypto/tls/TlsRsaSigner.cs new file mode 100644 index 0000000..1614f50 --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/tls/TlsRsaSigner.cs @@ -0,0 +1,102 @@ +using System; + +using Org.BouncyCastle.Crypto.Digests; +using Org.BouncyCastle.Crypto.Encodings; +using Org.BouncyCastle.Crypto.Engines; +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Crypto.Signers; +using Org.BouncyCastle.Security; +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Crypto.Tls +{ + public class TlsRsaSigner + : AbstractTlsSigner + { + public override byte[] GenerateRawSignature(SignatureAndHashAlgorithm algorithm, + AsymmetricKeyParameter privateKey, byte[] hash) + { + ISigner signer = MakeSigner(algorithm, true, true, + new ParametersWithRandom(privateKey, this.mContext.SecureRandom)); + signer.BlockUpdate(hash, 0, hash.Length); + return signer.GenerateSignature(); + } + + public override bool VerifyRawSignature(SignatureAndHashAlgorithm algorithm, byte[] sigBytes, + AsymmetricKeyParameter publicKey, byte[] hash) + { + ISigner signer = MakeSigner(algorithm, true, false, publicKey); + signer.BlockUpdate(hash, 0, hash.Length); + return signer.VerifySignature(sigBytes); + } + + public override ISigner CreateSigner(SignatureAndHashAlgorithm algorithm, AsymmetricKeyParameter privateKey) + { + return MakeSigner(algorithm, false, true, new ParametersWithRandom(privateKey, this.mContext.SecureRandom)); + } + + public override ISigner CreateVerifyer(SignatureAndHashAlgorithm algorithm, AsymmetricKeyParameter publicKey) + { + return MakeSigner(algorithm, false, false, publicKey); + } + + public override bool IsValidPublicKey(AsymmetricKeyParameter publicKey) + { + return publicKey is RsaKeyParameters && !publicKey.IsPrivate; + } + + protected virtual ISigner MakeSigner(SignatureAndHashAlgorithm algorithm, bool raw, bool forSigning, + ICipherParameters cp) + { + if ((algorithm != null) != TlsUtilities.IsTlsV12(mContext)) + throw new InvalidOperationException(); + if (algorithm != null && algorithm.Signature != SignatureAlgorithm.rsa) + throw new InvalidOperationException(); + + IDigest d; + if (raw) + { + d = new NullDigest(); + } + else if (algorithm == null) + { + d = new CombinedHash(); + } + else + { + d = TlsUtilities.CreateHash(algorithm.Hash); + } + + ISigner s; + if (algorithm != null) + { + /* + * RFC 5246 4.7. In RSA signing, the opaque vector contains the signature generated + * using the RSASSA-PKCS1-v1_5 signature scheme defined in [PKCS1]. + */ + s = new RsaDigestSigner(d, TlsUtilities.GetOidForHashAlgorithm(algorithm.Hash)); + } + else + { + /* + * RFC 5246 4.7. Note that earlier versions of TLS used a different RSA signature scheme + * that did not include a DigestInfo encoding. + */ + s = new GenericSigner(CreateRsaImpl(), d); + } + s.Init(forSigning, cp); + return s; + } + + protected virtual IAsymmetricBlockCipher CreateRsaImpl() + { + /* + * RFC 5246 7.4.7.1. Implementation note: It is now known that remote timing-based attacks + * on TLS are possible, at least when the client and server are on the same LAN. + * Accordingly, implementations that use static RSA keys MUST use RSA blinding or some other + * anti-timing technique, as described in [TIMING]. + */ + return new Pkcs1Encoding(new RsaBlindedEngine()); + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/tls/TlsRsaUtilities.cs b/BouncyCastle/crypto/src/crypto/tls/TlsRsaUtilities.cs new file mode 100644 index 0000000..0e42c17 --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/tls/TlsRsaUtilities.cs @@ -0,0 +1,132 @@ +using System; +using System.IO; + +using Org.BouncyCastle.Crypto.Encodings; +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Crypto.Engines; +using Org.BouncyCastle.Security; +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Crypto.Tls +{ + public abstract class TlsRsaUtilities + { + /// + public static byte[] GenerateEncryptedPreMasterSecret(TlsContext context, RsaKeyParameters rsaServerPublicKey, + Stream output) + { + /* + * Choose a PremasterSecret and send it encrypted to the server + */ + byte[] premasterSecret = new byte[48]; + context.SecureRandom.NextBytes(premasterSecret); + TlsUtilities.WriteVersion(context.ClientVersion, premasterSecret, 0); + + Pkcs1Encoding encoding = new Pkcs1Encoding(new RsaBlindedEngine()); + encoding.Init(true, new ParametersWithRandom(rsaServerPublicKey, context.SecureRandom)); + + try + { + byte[] encryptedPreMasterSecret = encoding.ProcessBlock(premasterSecret, 0, premasterSecret.Length); + + if (TlsUtilities.IsSsl(context)) + { + // TODO Do any SSLv3 servers actually expect the length? + output.Write(encryptedPreMasterSecret, 0, encryptedPreMasterSecret.Length); + } + else + { + TlsUtilities.WriteOpaque16(encryptedPreMasterSecret, output); + } + } + catch (InvalidCipherTextException e) + { + /* + * This should never happen, only during decryption. + */ + throw new TlsFatalAlert(AlertDescription.internal_error, e); + } + + return premasterSecret; + } + + public static byte[] SafeDecryptPreMasterSecret(TlsContext context, RsaKeyParameters rsaServerPrivateKey, + byte[] encryptedPreMasterSecret) + { + /* + * RFC 5246 7.4.7.1. + */ + ProtocolVersion clientVersion = context.ClientVersion; + + // TODO Provide as configuration option? + bool versionNumberCheckDisabled = false; + + /* + * Generate 48 random bytes we can use as a Pre-Master-Secret, if the + * PKCS1 padding check should fail. + */ + byte[] fallback = new byte[48]; + context.SecureRandom.NextBytes(fallback); + + byte[] M = Arrays.Clone(fallback); + try + { + Pkcs1Encoding encoding = new Pkcs1Encoding(new RsaBlindedEngine(), fallback); + encoding.Init(false, + new ParametersWithRandom(rsaServerPrivateKey, context.SecureRandom)); + + M = encoding.ProcessBlock(encryptedPreMasterSecret, 0, encryptedPreMasterSecret.Length); + } + catch (Exception) + { + /* + * This should never happen since the decryption should never throw an exception + * and return a random value instead. + * + * In any case, a TLS server MUST NOT generate an alert if processing an + * RSA-encrypted premaster secret message fails, or the version number is not as + * expected. Instead, it MUST continue the handshake with a randomly generated + * premaster secret. + */ + } + + /* + * If ClientHello.client_version is TLS 1.1 or higher, server implementations MUST + * check the version number [..]. + */ + if (versionNumberCheckDisabled && clientVersion.IsEqualOrEarlierVersionOf(ProtocolVersion.TLSv10)) + { + /* + * If the version number is TLS 1.0 or earlier, server + * implementations SHOULD check the version number, but MAY have a + * configuration option to disable the check. + * + * So there is nothing to do here. + */ + } + else + { + /* + * OK, we need to compare the version number in the decrypted Pre-Master-Secret with the + * clientVersion received during the handshake. If they don't match, we replace the + * decrypted Pre-Master-Secret with a random one. + */ + int correct = (clientVersion.MajorVersion ^ (M[0] & 0xff)) + | (clientVersion.MinorVersion ^ (M[1] & 0xff)); + correct |= correct >> 1; + correct |= correct >> 2; + correct |= correct >> 4; + int mask = ~((correct & 1) - 1); + + /* + * mask will be all bits set to 0xff if the version number differed. + */ + for (int i = 0; i < 48; i++) + { + M[i] = (byte)((M[i] & (~mask)) | (fallback[i] & mask)); + } + } + return M; + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/tls/TlsServer.cs b/BouncyCastle/crypto/src/crypto/tls/TlsServer.cs new file mode 100644 index 0000000..e791f93 --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/tls/TlsServer.cs @@ -0,0 +1,93 @@ +using System; +using System.Collections; +using System.IO; + +namespace Org.BouncyCastle.Crypto.Tls +{ + public interface TlsServer + : TlsPeer + { + void Init(TlsServerContext context); + + /// + void NotifyClientVersion(ProtocolVersion clientVersion); + + /// + void NotifyFallback(bool isFallback); + + /// + void NotifyOfferedCipherSuites(int[] offeredCipherSuites); + + /// + void NotifyOfferedCompressionMethods(byte[] offeredCompressionMethods); + + /// A (Int32 -> byte[]). Will never be null. + /// + void ProcessClientExtensions(IDictionary clientExtensions); + + /// + ProtocolVersion GetServerVersion(); + + /// + int GetSelectedCipherSuite(); + + /// + byte GetSelectedCompressionMethod(); + + /// + /// Get the (optional) table of server extensions to be included in (extended) server hello. + /// + /// + /// A (Int32 -> byte[]). May be null. + /// + /// + IDictionary GetServerExtensions(); + + /// + /// A (). May be null. + /// + /// + IList GetServerSupplementalData(); + + /// + TlsCredentials GetCredentials(); + + /// + /// This method will be called (only) if the server included an extension of type + /// "status_request" with empty "extension_data" in the extended server hello. See RFC 3546 + /// 3.6. Certificate Status Request. If a non-null is returned, it + /// is sent to the client as a handshake message of type "certificate_status". + /// + /// A to be sent to the client (or null for none). + /// + CertificateStatus GetCertificateStatus(); + + /// + TlsKeyExchange GetKeyExchange(); + + /// + CertificateRequest GetCertificateRequest(); + + /// () + /// + void ProcessClientSupplementalData(IList clientSupplementalData); + + /// + /// Called by the protocol handler to report the client certificate, only if GetCertificateRequest + /// returned non-null. + /// + /// Note: this method is responsible for certificate verification and validation. + /// the effective client certificate (may be an empty chain). + /// + void NotifyClientCertificate(Certificate clientCertificate); + + /// RFC 5077 3.3. NewSessionTicket Handshake Message. + /// + /// This method will be called (only) if a NewSessionTicket extension was sent by the server. See + /// RFC 5077 4. Recommended Ticket Construction for recommended format and protection. + /// + /// The ticket) + /// + NewSessionTicket GetNewSessionTicket(); + } +} diff --git a/BouncyCastle/crypto/src/crypto/tls/TlsServerContext.cs b/BouncyCastle/crypto/src/crypto/tls/TlsServerContext.cs new file mode 100644 index 0000000..4021571 --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/tls/TlsServerContext.cs @@ -0,0 +1,11 @@ +using System; + +using Org.BouncyCastle.Security; + +namespace Org.BouncyCastle.Crypto.Tls +{ + public interface TlsServerContext + : TlsContext + { + } +} diff --git a/BouncyCastle/crypto/src/crypto/tls/TlsServerContextImpl.cs b/BouncyCastle/crypto/src/crypto/tls/TlsServerContextImpl.cs new file mode 100644 index 0000000..d56566f --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/tls/TlsServerContextImpl.cs @@ -0,0 +1,20 @@ +using System; + +using Org.BouncyCastle.Security; + +namespace Org.BouncyCastle.Crypto.Tls +{ + internal class TlsServerContextImpl + : AbstractTlsContext, TlsServerContext + { + internal TlsServerContextImpl(SecureRandom secureRandom, SecurityParameters securityParameters) + : base(secureRandom, securityParameters) + { + } + + public override bool IsServer + { + get { return true; } + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/tls/TlsServerProtocol.cs b/BouncyCastle/crypto/src/crypto/tls/TlsServerProtocol.cs new file mode 100644 index 0000000..85b450c --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/tls/TlsServerProtocol.cs @@ -0,0 +1,832 @@ +using System; +using System.Collections; +using System.IO; + +using Org.BouncyCastle.Asn1.X509; +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Security; +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Crypto.Tls +{ + public class TlsServerProtocol + : TlsProtocol + { + protected TlsServer mTlsServer = null; + internal TlsServerContextImpl mTlsServerContext = null; + + protected TlsKeyExchange mKeyExchange = null; + protected TlsCredentials mServerCredentials = null; + protected CertificateRequest mCertificateRequest = null; + + protected short mClientCertificateType = -1; + protected TlsHandshakeHash mPrepareFinishHash = null; + + /** + * Constructor for blocking mode. + * @param stream The bi-directional stream of data to/from the client + * @param output The stream of data to the client + * @param secureRandom Random number generator for various cryptographic functions + */ + public TlsServerProtocol(Stream stream, SecureRandom secureRandom) + : base(stream, secureRandom) + { + } + + /** + * Constructor for blocking mode. + * @param input The stream of data from the client + * @param output The stream of data to the client + * @param secureRandom Random number generator for various cryptographic functions + */ + public TlsServerProtocol(Stream input, Stream output, SecureRandom secureRandom) + : base(input, output, secureRandom) + { + } + + /** + * Constructor for non-blocking mode.
+ *
+ * When data is received, use {@link #offerInput(java.nio.ByteBuffer)} to + * provide the received ciphertext, then use + * {@link #readInput(byte[], int, int)} to read the corresponding cleartext.
+ *
+ * Similarly, when data needs to be sent, use + * {@link #offerOutput(byte[], int, int)} to provide the cleartext, then use + * {@link #readOutput(byte[], int, int)} to get the corresponding + * ciphertext. + * + * @param secureRandom + * Random number generator for various cryptographic functions + */ + public TlsServerProtocol(SecureRandom secureRandom) + : base(secureRandom) + { + } + + /** + * Receives a TLS handshake in the role of server.
+ *
+ * In blocking mode, this will not return until the handshake is complete. + * In non-blocking mode, use {@link TlsPeer#notifyHandshakeComplete()} to + * receive a callback when the handshake is complete. + * + * @param tlsServer + * @throws IOException If in blocking mode and handshake was not successful. + */ + public virtual void Accept(TlsServer tlsServer) + { + if (tlsServer == null) + throw new ArgumentNullException("tlsServer"); + if (this.mTlsServer != null) + throw new InvalidOperationException("'Accept' can only be called once"); + + this.mTlsServer = tlsServer; + + this.mSecurityParameters = new SecurityParameters(); + this.mSecurityParameters.entity = ConnectionEnd.server; + + this.mTlsServerContext = new TlsServerContextImpl(mSecureRandom, mSecurityParameters); + + this.mSecurityParameters.serverRandom = CreateRandomBlock(tlsServer.ShouldUseGmtUnixTime(), + mTlsServerContext.NonceRandomGenerator); + + this.mTlsServer.Init(mTlsServerContext); + this.mRecordStream.Init(mTlsServerContext); + + tlsServer.NotifyCloseHandle(this); + + this.mRecordStream.SetRestrictReadVersion(false); + + BlockForHandshake(); + } + + protected override void CleanupHandshake() + { + base.CleanupHandshake(); + + this.mKeyExchange = null; + this.mServerCredentials = null; + this.mCertificateRequest = null; + this.mPrepareFinishHash = null; + } + + protected override TlsContext Context + { + get { return mTlsServerContext; } + } + + internal override AbstractTlsContext ContextAdmin + { + get { return mTlsServerContext; } + } + + protected override TlsPeer Peer + { + get { return mTlsServer; } + } + + protected override void HandleHandshakeMessage(byte type, MemoryStream buf) + { + switch (type) + { + case HandshakeType.client_hello: + { + switch (this.mConnectionState) + { + case CS_START: + { + ReceiveClientHelloMessage(buf); + this.mConnectionState = CS_CLIENT_HELLO; + + SendServerHelloMessage(); + this.mConnectionState = CS_SERVER_HELLO; + + mRecordStream.NotifyHelloComplete(); + + IList serverSupplementalData = mTlsServer.GetServerSupplementalData(); + if (serverSupplementalData != null) + { + SendSupplementalDataMessage(serverSupplementalData); + } + this.mConnectionState = CS_SERVER_SUPPLEMENTAL_DATA; + + this.mKeyExchange = mTlsServer.GetKeyExchange(); + this.mKeyExchange.Init(Context); + + this.mServerCredentials = mTlsServer.GetCredentials(); + + Certificate serverCertificate = null; + + if (this.mServerCredentials == null) + { + this.mKeyExchange.SkipServerCredentials(); + } + else + { + this.mKeyExchange.ProcessServerCredentials(this.mServerCredentials); + + serverCertificate = this.mServerCredentials.Certificate; + SendCertificateMessage(serverCertificate); + } + this.mConnectionState = CS_SERVER_CERTIFICATE; + + // TODO[RFC 3546] Check whether empty certificates is possible, allowed, or excludes CertificateStatus + if (serverCertificate == null || serverCertificate.IsEmpty) + { + this.mAllowCertificateStatus = false; + } + + if (this.mAllowCertificateStatus) + { + CertificateStatus certificateStatus = mTlsServer.GetCertificateStatus(); + if (certificateStatus != null) + { + SendCertificateStatusMessage(certificateStatus); + } + } + + this.mConnectionState = CS_CERTIFICATE_STATUS; + + byte[] serverKeyExchange = this.mKeyExchange.GenerateServerKeyExchange(); + if (serverKeyExchange != null) + { + SendServerKeyExchangeMessage(serverKeyExchange); + } + this.mConnectionState = CS_SERVER_KEY_EXCHANGE; + + if (this.mServerCredentials != null) + { + this.mCertificateRequest = mTlsServer.GetCertificateRequest(); + if (this.mCertificateRequest != null) + { + if (TlsUtilities.IsTlsV12(Context) != (mCertificateRequest.SupportedSignatureAlgorithms != null)) + throw new TlsFatalAlert(AlertDescription.internal_error); + + this.mKeyExchange.ValidateCertificateRequest(mCertificateRequest); + + SendCertificateRequestMessage(mCertificateRequest); + + TlsUtilities.TrackHashAlgorithms(this.mRecordStream.HandshakeHash, + this.mCertificateRequest.SupportedSignatureAlgorithms); + } + } + this.mConnectionState = CS_CERTIFICATE_REQUEST; + + SendServerHelloDoneMessage(); + this.mConnectionState = CS_SERVER_HELLO_DONE; + + this.mRecordStream.HandshakeHash.SealHashAlgorithms(); + + break; + } + case CS_END: + { + RefuseRenegotiation(); + break; + } + default: + throw new TlsFatalAlert(AlertDescription.unexpected_message); + } + break; + } + case HandshakeType.supplemental_data: + { + switch (this.mConnectionState) + { + case CS_SERVER_HELLO_DONE: + { + mTlsServer.ProcessClientSupplementalData(ReadSupplementalDataMessage(buf)); + this.mConnectionState = CS_CLIENT_SUPPLEMENTAL_DATA; + break; + } + default: + throw new TlsFatalAlert(AlertDescription.unexpected_message); + } + break; + } + case HandshakeType.certificate: + { + switch (this.mConnectionState) + { + case CS_SERVER_HELLO_DONE: + case CS_CLIENT_SUPPLEMENTAL_DATA: + { + if (mConnectionState < CS_CLIENT_SUPPLEMENTAL_DATA) + { + mTlsServer.ProcessClientSupplementalData(null); + } + + if (this.mCertificateRequest == null) + throw new TlsFatalAlert(AlertDescription.unexpected_message); + + ReceiveCertificateMessage(buf); + this.mConnectionState = CS_CLIENT_CERTIFICATE; + break; + } + default: + throw new TlsFatalAlert(AlertDescription.unexpected_message); + } + break; + } + case HandshakeType.client_key_exchange: + { + switch (this.mConnectionState) + { + case CS_SERVER_HELLO_DONE: + case CS_CLIENT_SUPPLEMENTAL_DATA: + case CS_CLIENT_CERTIFICATE: + { + if (mConnectionState < CS_CLIENT_SUPPLEMENTAL_DATA) + { + mTlsServer.ProcessClientSupplementalData(null); + } + + if (mConnectionState < CS_CLIENT_CERTIFICATE) + { + if (this.mCertificateRequest == null) + { + this.mKeyExchange.SkipClientCredentials(); + } + else + { + if (TlsUtilities.IsTlsV12(Context)) + { + /* + * RFC 5246 If no suitable certificate is available, the client MUST Send a + * certificate message containing no certificates. + * + * NOTE: In previous RFCs, this was SHOULD instead of MUST. + */ + throw new TlsFatalAlert(AlertDescription.unexpected_message); + } + else if (TlsUtilities.IsSsl(Context)) + { + if (this.mPeerCertificate == null) + throw new TlsFatalAlert(AlertDescription.unexpected_message); + } + else + { + NotifyClientCertificate(Certificate.EmptyChain); + } + } + } + + ReceiveClientKeyExchangeMessage(buf); + this.mConnectionState = CS_CLIENT_KEY_EXCHANGE; + break; + } + default: + throw new TlsFatalAlert(AlertDescription.unexpected_message); + } + break; + } + case HandshakeType.certificate_verify: + { + switch (this.mConnectionState) + { + case CS_CLIENT_KEY_EXCHANGE: + { + /* + * RFC 5246 7.4.8 This message is only sent following a client certificate that has + * signing capability (i.e., all certificates except those containing fixed + * Diffie-Hellman parameters). + */ + if (!ExpectCertificateVerifyMessage()) + throw new TlsFatalAlert(AlertDescription.unexpected_message); + + ReceiveCertificateVerifyMessage(buf); + this.mConnectionState = CS_CERTIFICATE_VERIFY; + + break; + } + default: + throw new TlsFatalAlert(AlertDescription.unexpected_message); + } + break; + } + case HandshakeType.finished: + { + switch (this.mConnectionState) + { + case CS_CLIENT_KEY_EXCHANGE: + case CS_CERTIFICATE_VERIFY: + { + if (mConnectionState < CS_CERTIFICATE_VERIFY && ExpectCertificateVerifyMessage()) + throw new TlsFatalAlert(AlertDescription.unexpected_message); + + ProcessFinishedMessage(buf); + this.mConnectionState = CS_CLIENT_FINISHED; + + if (this.mExpectSessionTicket) + { + SendNewSessionTicketMessage(mTlsServer.GetNewSessionTicket()); + } + this.mConnectionState = CS_SERVER_SESSION_TICKET; + + SendChangeCipherSpecMessage(); + SendFinishedMessage(); + this.mConnectionState = CS_SERVER_FINISHED; + + CompleteHandshake(); + break; + } + default: + throw new TlsFatalAlert(AlertDescription.unexpected_message); + } + break; + } + case HandshakeType.hello_request: + case HandshakeType.hello_verify_request: + case HandshakeType.server_hello: + case HandshakeType.server_key_exchange: + case HandshakeType.certificate_request: + case HandshakeType.server_hello_done: + case HandshakeType.session_ticket: + default: + throw new TlsFatalAlert(AlertDescription.unexpected_message); + } + } + + protected override void HandleAlertWarningMessage(byte alertDescription) + { + /* + * SSL 3.0 If the server has sent a certificate request Message, the client must send + * either the certificate message or a no_certificate alert. + */ + if (AlertDescription.no_certificate == alertDescription && null != mCertificateRequest + && TlsUtilities.IsSsl(mTlsServerContext)) + { + switch (mConnectionState) + { + case CS_SERVER_HELLO_DONE: + case CS_CLIENT_SUPPLEMENTAL_DATA: + { + if (mConnectionState < CS_CLIENT_SUPPLEMENTAL_DATA) + { + mTlsServer.ProcessClientSupplementalData(null); + } + + NotifyClientCertificate(Certificate.EmptyChain); + this.mConnectionState = CS_CLIENT_CERTIFICATE; + return; + } + } + } + + base.HandleAlertWarningMessage(alertDescription); + } + + protected virtual void NotifyClientCertificate(Certificate clientCertificate) + { + if (mCertificateRequest == null) + throw new InvalidOperationException(); + if (mPeerCertificate != null) + throw new TlsFatalAlert(AlertDescription.unexpected_message); + + this.mPeerCertificate = clientCertificate; + + if (clientCertificate.IsEmpty) + { + this.mKeyExchange.SkipClientCredentials(); + } + else + { + + /* + * TODO RFC 5246 7.4.6. If the certificate_authorities list in the certificate request + * message was non-empty, one of the certificates in the certificate chain SHOULD be + * issued by one of the listed CAs. + */ + + this.mClientCertificateType = TlsUtilities.GetClientCertificateType(clientCertificate, + this.mServerCredentials.Certificate); + + this.mKeyExchange.ProcessClientCertificate(clientCertificate); + } + + /* + * RFC 5246 7.4.6. If the client does not Send any certificates, the server MAY at its + * discretion either continue the handshake without client authentication, or respond with a + * fatal handshake_failure alert. Also, if some aspect of the certificate chain was + * unacceptable (e.g., it was not signed by a known, trusted CA), the server MAY at its + * discretion either continue the handshake (considering the client unauthenticated) or Send + * a fatal alert. + */ + this.mTlsServer.NotifyClientCertificate(clientCertificate); + } + + protected virtual void ReceiveCertificateMessage(MemoryStream buf) + { + Certificate clientCertificate = Certificate.Parse(buf); + + AssertEmpty(buf); + + NotifyClientCertificate(clientCertificate); + } + + protected virtual void ReceiveCertificateVerifyMessage(MemoryStream buf) + { + if (mCertificateRequest == null) + throw new InvalidOperationException(); + + DigitallySigned clientCertificateVerify = DigitallySigned.Parse(Context, buf); + + AssertEmpty(buf); + + // Verify the CertificateVerify message contains a correct signature. + try + { + SignatureAndHashAlgorithm signatureAlgorithm = clientCertificateVerify.Algorithm; + + byte[] hash; + if (TlsUtilities.IsTlsV12(Context)) + { + TlsUtilities.VerifySupportedSignatureAlgorithm(mCertificateRequest.SupportedSignatureAlgorithms, signatureAlgorithm); + hash = mPrepareFinishHash.GetFinalHash(signatureAlgorithm.Hash); + } + else + { + hash = mSecurityParameters.SessionHash; + } + + X509CertificateStructure x509Cert = mPeerCertificate.GetCertificateAt(0); + SubjectPublicKeyInfo keyInfo = x509Cert.SubjectPublicKeyInfo; + AsymmetricKeyParameter publicKey = PublicKeyFactory.CreateKey(keyInfo); + + TlsSigner tlsSigner = TlsUtilities.CreateTlsSigner((byte)mClientCertificateType); + tlsSigner.Init(Context); + if (!tlsSigner.VerifyRawSignature(signatureAlgorithm, clientCertificateVerify.Signature, publicKey, hash)) + throw new TlsFatalAlert(AlertDescription.decrypt_error); + } + catch (TlsFatalAlert e) + { + throw e; + } + catch (Exception e) + { + throw new TlsFatalAlert(AlertDescription.decrypt_error, e); + } + } + + protected virtual void ReceiveClientHelloMessage(MemoryStream buf) + { + ProtocolVersion client_version = TlsUtilities.ReadVersion(buf); + mRecordStream.SetWriteVersion(client_version); + + if (client_version.IsDtls) + throw new TlsFatalAlert(AlertDescription.illegal_parameter); + + byte[] client_random = TlsUtilities.ReadFully(32, buf); + + /* + * TODO RFC 5077 3.4. If a ticket is presented by the client, the server MUST NOT attempt to + * use the Session ID in the ClientHello for stateful session resumption. + */ + byte[] sessionID = TlsUtilities.ReadOpaque8(buf); + if (sessionID.Length > 32) + throw new TlsFatalAlert(AlertDescription.illegal_parameter); + + /* + * TODO RFC 5246 7.4.1.2. If the session_id field is not empty (implying a session + * resumption request), this vector MUST include at least the cipher_suite from that + * session. + */ + int cipher_suites_length = TlsUtilities.ReadUint16(buf); + if (cipher_suites_length < 2 || (cipher_suites_length & 1) != 0) + throw new TlsFatalAlert(AlertDescription.decode_error); + + this.mOfferedCipherSuites = TlsUtilities.ReadUint16Array(cipher_suites_length / 2, buf); + + /* + * TODO RFC 5246 7.4.1.2. If the session_id field is not empty (implying a session + * resumption request), it MUST include the compression_method from that session. + */ + int compression_methods_length = TlsUtilities.ReadUint8(buf); + if (compression_methods_length < 1) + throw new TlsFatalAlert(AlertDescription.illegal_parameter); + + this.mOfferedCompressionMethods = TlsUtilities.ReadUint8Array(compression_methods_length, buf); + + /* + * TODO RFC 3546 2.3 If [...] the older session is resumed, then the server MUST ignore + * extensions appearing in the client hello, and Send a server hello containing no + * extensions. + */ + this.mClientExtensions = ReadExtensions(buf); + + /* + * TODO[resumption] Check RFC 7627 5.4. for required behaviour + */ + + /* + * RFC 7627 4. Clients and servers SHOULD NOT accept handshakes that do not use the extended + * master secret [..]. (and see 5.2, 5.3) + */ + this.mSecurityParameters.extendedMasterSecret = TlsExtensionsUtilities.HasExtendedMasterSecretExtension(mClientExtensions); + if (!mSecurityParameters.IsExtendedMasterSecret && mTlsServer.RequiresExtendedMasterSecret()) + { + throw new TlsFatalAlert(AlertDescription.handshake_failure); + } + + ContextAdmin.SetClientVersion(client_version); + + mTlsServer.NotifyClientVersion(client_version); + mTlsServer.NotifyFallback(Arrays.Contains(mOfferedCipherSuites, CipherSuite.TLS_FALLBACK_SCSV)); + + mSecurityParameters.clientRandom = client_random; + + mTlsServer.NotifyOfferedCipherSuites(mOfferedCipherSuites); + mTlsServer.NotifyOfferedCompressionMethods(mOfferedCompressionMethods); + + /* + * RFC 5746 3.6. Server Behavior: Initial Handshake + */ + { + /* + * RFC 5746 3.4. The client MUST include either an empty "renegotiation_info" extension, + * or the TLS_EMPTY_RENEGOTIATION_INFO_SCSV signaling cipher suite value in the + * ClientHello. Including both is NOT RECOMMENDED. + */ + + /* + * When a ClientHello is received, the server MUST check if it includes the + * TLS_EMPTY_RENEGOTIATION_INFO_SCSV SCSV. If it does, set the secure_renegotiation flag + * to TRUE. + */ + if (Arrays.Contains(mOfferedCipherSuites, CipherSuite.TLS_EMPTY_RENEGOTIATION_INFO_SCSV)) + { + this.mSecureRenegotiation = true; + } + + /* + * The server MUST check if the "renegotiation_info" extension is included in the + * ClientHello. + */ + byte[] renegExtData = TlsUtilities.GetExtensionData(mClientExtensions, ExtensionType.renegotiation_info); + if (renegExtData != null) + { + /* + * If the extension is present, set secure_renegotiation flag to TRUE. The + * server MUST then verify that the length of the "renegotiated_connection" + * field is zero, and if it is not, MUST abort the handshake. + */ + this.mSecureRenegotiation = true; + + if (!Arrays.ConstantTimeAreEqual(renegExtData, CreateRenegotiationInfo(TlsUtilities.EmptyBytes))) + throw new TlsFatalAlert(AlertDescription.handshake_failure); + } + } + + mTlsServer.NotifySecureRenegotiation(this.mSecureRenegotiation); + + if (mClientExtensions != null) + { + // NOTE: Validates the padding extension data, if present + TlsExtensionsUtilities.GetPaddingExtension(mClientExtensions); + + mTlsServer.ProcessClientExtensions(mClientExtensions); + } + } + + protected virtual void ReceiveClientKeyExchangeMessage(MemoryStream buf) + { + mKeyExchange.ProcessClientKeyExchange(buf); + + AssertEmpty(buf); + + if (TlsUtilities.IsSsl(Context)) + { + EstablishMasterSecret(Context, mKeyExchange); + } + + this.mPrepareFinishHash = mRecordStream.PrepareToFinish(); + this.mSecurityParameters.sessionHash = GetCurrentPrfHash(Context, mPrepareFinishHash, null); + + if (!TlsUtilities.IsSsl(Context)) + { + EstablishMasterSecret(Context, mKeyExchange); + } + + mRecordStream.SetPendingConnectionState(Peer.GetCompression(), Peer.GetCipher()); + } + + protected virtual void SendCertificateRequestMessage(CertificateRequest certificateRequest) + { + HandshakeMessage message = new HandshakeMessage(HandshakeType.certificate_request); + + certificateRequest.Encode(message); + + message.WriteToRecordStream(this); + } + + protected virtual void SendCertificateStatusMessage(CertificateStatus certificateStatus) + { + HandshakeMessage message = new HandshakeMessage(HandshakeType.certificate_status); + + certificateStatus.Encode(message); + + message.WriteToRecordStream(this); + } + + protected virtual void SendNewSessionTicketMessage(NewSessionTicket newSessionTicket) + { + if (newSessionTicket == null) + throw new TlsFatalAlert(AlertDescription.internal_error); + + HandshakeMessage message = new HandshakeMessage(HandshakeType.session_ticket); + + newSessionTicket.Encode(message); + + message.WriteToRecordStream(this); + } + + protected virtual void SendServerHelloMessage() + { + HandshakeMessage message = new HandshakeMessage(HandshakeType.server_hello); + + { + ProtocolVersion server_version = mTlsServer.GetServerVersion(); + if (!server_version.IsEqualOrEarlierVersionOf(Context.ClientVersion)) + throw new TlsFatalAlert(AlertDescription.internal_error); + + mRecordStream.ReadVersion = server_version; + mRecordStream.SetWriteVersion(server_version); + mRecordStream.SetRestrictReadVersion(true); + ContextAdmin.SetServerVersion(server_version); + + TlsUtilities.WriteVersion(server_version, message); + } + + message.Write(this.mSecurityParameters.serverRandom); + + /* + * The server may return an empty session_id to indicate that the session will not be cached + * and therefore cannot be resumed. + */ + TlsUtilities.WriteOpaque8(TlsUtilities.EmptyBytes, message); + + int selectedCipherSuite = mTlsServer.GetSelectedCipherSuite(); + if (!Arrays.Contains(mOfferedCipherSuites, selectedCipherSuite) + || selectedCipherSuite == CipherSuite.TLS_NULL_WITH_NULL_NULL + || CipherSuite.IsScsv(selectedCipherSuite) + || !TlsUtilities.IsValidCipherSuiteForVersion(selectedCipherSuite, Context.ServerVersion)) + { + throw new TlsFatalAlert(AlertDescription.internal_error); + } + mSecurityParameters.cipherSuite = selectedCipherSuite; + + byte selectedCompressionMethod = mTlsServer.GetSelectedCompressionMethod(); + if (!Arrays.Contains(mOfferedCompressionMethods, selectedCompressionMethod)) + { + throw new TlsFatalAlert(AlertDescription.internal_error); + } + mSecurityParameters.compressionAlgorithm = selectedCompressionMethod; + + TlsUtilities.WriteUint16(selectedCipherSuite, message); + TlsUtilities.WriteUint8(selectedCompressionMethod, message); + + this.mServerExtensions = TlsExtensionsUtilities.EnsureExtensionsInitialised(mTlsServer.GetServerExtensions()); + + /* + * RFC 5746 3.6. Server Behavior: Initial Handshake + */ + if (this.mSecureRenegotiation) + { + byte[] renegExtData = TlsUtilities.GetExtensionData(this.mServerExtensions, ExtensionType.renegotiation_info); + bool noRenegExt = (null == renegExtData); + + if (noRenegExt) + { + /* + * Note that Sending a "renegotiation_info" extension in response to a ClientHello + * containing only the SCSV is an explicit exception to the prohibition in RFC 5246, + * Section 7.4.1.4, on the server Sending unsolicited extensions and is only allowed + * because the client is signaling its willingness to receive the extension via the + * TLS_EMPTY_RENEGOTIATION_INFO_SCSV SCSV. + */ + + /* + * If the secure_renegotiation flag is set to TRUE, the server MUST include an empty + * "renegotiation_info" extension in the ServerHello message. + */ + this.mServerExtensions[ExtensionType.renegotiation_info] = CreateRenegotiationInfo(TlsUtilities.EmptyBytes); + } + } + + if (TlsUtilities.IsSsl(mTlsServerContext)) + { + mSecurityParameters.extendedMasterSecret = false; + } + else if (mSecurityParameters.IsExtendedMasterSecret) + { + TlsExtensionsUtilities.AddExtendedMasterSecretExtension(mServerExtensions); + } + + /* + * TODO RFC 3546 2.3 If [...] the older session is resumed, then the server MUST ignore + * extensions appearing in the client hello, and Send a server hello containing no + * extensions. + */ + + if (this.mServerExtensions.Count > 0) + { + this.mSecurityParameters.encryptThenMac = TlsExtensionsUtilities.HasEncryptThenMacExtension(mServerExtensions); + + this.mSecurityParameters.maxFragmentLength = ProcessMaxFragmentLengthExtension(mClientExtensions, + mServerExtensions, AlertDescription.internal_error); + + this.mSecurityParameters.truncatedHMac = TlsExtensionsUtilities.HasTruncatedHMacExtension(mServerExtensions); + + /* + * TODO It's surprising that there's no provision to allow a 'fresh' CertificateStatus to be sent in + * a session resumption handshake. + */ + this.mAllowCertificateStatus = !mResumedSession + && TlsUtilities.HasExpectedEmptyExtensionData(mServerExtensions, ExtensionType.status_request, + AlertDescription.internal_error); + + this.mExpectSessionTicket = !mResumedSession + && TlsUtilities.HasExpectedEmptyExtensionData(mServerExtensions, ExtensionType.session_ticket, + AlertDescription.internal_error); + + WriteExtensions(message, this.mServerExtensions); + } + + mSecurityParameters.prfAlgorithm = GetPrfAlgorithm(Context, mSecurityParameters.CipherSuite); + + /* + * RFC 5246 7.4.9. Any cipher suite which does not explicitly specify verify_data_length has + * a verify_data_length equal to 12. This includes all existing cipher suites. + */ + mSecurityParameters.verifyDataLength = 12; + + ApplyMaxFragmentLengthExtension(); + + message.WriteToRecordStream(this); + } + + protected virtual void SendServerHelloDoneMessage() + { + byte[] message = new byte[4]; + TlsUtilities.WriteUint8(HandshakeType.server_hello_done, message, 0); + TlsUtilities.WriteUint24(0, message, 1); + + WriteHandshakeMessage(message, 0, message.Length); + } + + protected virtual void SendServerKeyExchangeMessage(byte[] serverKeyExchange) + { + HandshakeMessage message = new HandshakeMessage(HandshakeType.server_key_exchange, serverKeyExchange.Length); + + message.Write(serverKeyExchange); + + message.WriteToRecordStream(this); + } + + protected virtual bool ExpectCertificateVerifyMessage() + { + return mClientCertificateType >= 0 && TlsUtilities.HasSigningCapability((byte)mClientCertificateType); + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/tls/TlsSession.cs b/BouncyCastle/crypto/src/crypto/tls/TlsSession.cs new file mode 100644 index 0000000..6c22991 --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/tls/TlsSession.cs @@ -0,0 +1,15 @@ +using System; + +namespace Org.BouncyCastle.Crypto.Tls +{ + public interface TlsSession + { + SessionParameters ExportSessionParameters(); + + byte[] SessionID { get; } + + void Invalidate(); + + bool IsResumable { get; } + } +} diff --git a/BouncyCastle/crypto/src/crypto/tls/TlsSessionImpl.cs b/BouncyCastle/crypto/src/crypto/tls/TlsSessionImpl.cs new file mode 100644 index 0000000..4f0ff81 --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/tls/TlsSessionImpl.cs @@ -0,0 +1,51 @@ +using System; + +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Crypto.Tls +{ + internal class TlsSessionImpl + : TlsSession + { + internal readonly byte[] mSessionID; + internal readonly SessionParameters mSessionParameters; + internal bool mResumable; + + internal TlsSessionImpl(byte[] sessionID, SessionParameters sessionParameters) + { + if (sessionID == null) + throw new ArgumentNullException("sessionID"); + if (sessionID.Length > 32) + throw new ArgumentException("cannot be longer than 32 bytes", "sessionID"); + + this.mSessionID = Arrays.Clone(sessionID); + this.mSessionParameters = sessionParameters; + this.mResumable = sessionID.Length > 0 + && null != sessionParameters + && sessionParameters.IsExtendedMasterSecret; + } + + public virtual SessionParameters ExportSessionParameters() + { + lock (this) + { + return this.mSessionParameters == null ? null : this.mSessionParameters.Copy(); + } + } + + public virtual byte[] SessionID + { + get { lock (this) return mSessionID; } + } + + public virtual void Invalidate() + { + lock (this) this.mResumable = false; + } + + public virtual bool IsResumable + { + get { lock (this) return mResumable; } + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/tls/TlsSigner.cs b/BouncyCastle/crypto/src/crypto/tls/TlsSigner.cs new file mode 100644 index 0000000..ffdd4c9 --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/tls/TlsSigner.cs @@ -0,0 +1,29 @@ +using System; + +namespace Org.BouncyCastle.Crypto.Tls +{ + public interface TlsSigner + { + void Init(TlsContext context); + + byte[] GenerateRawSignature(AsymmetricKeyParameter privateKey, byte[] md5AndSha1); + + byte[] GenerateRawSignature(SignatureAndHashAlgorithm algorithm, + AsymmetricKeyParameter privateKey, byte[] hash); + + bool VerifyRawSignature(byte[] sigBytes, AsymmetricKeyParameter publicKey, byte[] md5AndSha1); + + bool VerifyRawSignature(SignatureAndHashAlgorithm algorithm, byte[] sigBytes, + AsymmetricKeyParameter publicKey, byte[] hash); + + ISigner CreateSigner(AsymmetricKeyParameter privateKey); + + ISigner CreateSigner(SignatureAndHashAlgorithm algorithm, AsymmetricKeyParameter privateKey); + + ISigner CreateVerifyer(AsymmetricKeyParameter publicKey); + + ISigner CreateVerifyer(SignatureAndHashAlgorithm algorithm, AsymmetricKeyParameter publicKey); + + bool IsValidPublicKey(AsymmetricKeyParameter publicKey); + } +} diff --git a/BouncyCastle/crypto/src/crypto/tls/TlsSignerCredentials.cs b/BouncyCastle/crypto/src/crypto/tls/TlsSignerCredentials.cs new file mode 100644 index 0000000..92ed7cc --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/tls/TlsSignerCredentials.cs @@ -0,0 +1,14 @@ +using System; +using System.IO; + +namespace Org.BouncyCastle.Crypto.Tls +{ + public interface TlsSignerCredentials + : TlsCredentials + { + /// + byte[] GenerateCertificateSignature(byte[] hash); + + SignatureAndHashAlgorithm SignatureAndHashAlgorithm { get; } + } +} diff --git a/BouncyCastle/crypto/src/crypto/tls/TlsSrpGroupVerifier.cs b/BouncyCastle/crypto/src/crypto/tls/TlsSrpGroupVerifier.cs new file mode 100644 index 0000000..185f2f5 --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/tls/TlsSrpGroupVerifier.cs @@ -0,0 +1,17 @@ +using System; + +using Org.BouncyCastle.Crypto.Parameters; + +namespace Org.BouncyCastle.Crypto.Tls +{ + public interface TlsSrpGroupVerifier + { + /** + * Check whether the given SRP group parameters are acceptable for use. + * + * @param group the {@link SRP6GroupParameters} to check + * @return true if (and only if) the specified group parameters are acceptable + */ + bool Accept(Srp6GroupParameters group); + } +} diff --git a/BouncyCastle/crypto/src/crypto/tls/TlsSrpIdentityManager.cs b/BouncyCastle/crypto/src/crypto/tls/TlsSrpIdentityManager.cs new file mode 100644 index 0000000..080a0dc --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/tls/TlsSrpIdentityManager.cs @@ -0,0 +1,21 @@ +using System; + +namespace Org.BouncyCastle.Crypto.Tls +{ + public interface TlsSrpIdentityManager + { + /** + * Lookup the {@link TlsSRPLoginParameters} corresponding to the specified identity. + * + * NOTE: To avoid "identity probing", unknown identities SHOULD be handled as recommended in RFC + * 5054 2.5.1.3. {@link SimulatedTlsSRPIdentityManager} is provided for this purpose. + * + * @param identity + * the SRP identity sent by the connecting client + * @return the {@link TlsSRPLoginParameters} for the specified identity, or else 'simulated' + * parameters if the identity is not recognized. A null value is also allowed, but not + * recommended. + */ + TlsSrpLoginParameters GetLoginParameters(byte[] identity); + } +} diff --git a/BouncyCastle/crypto/src/crypto/tls/TlsSrpKeyExchange.cs b/BouncyCastle/crypto/src/crypto/tls/TlsSrpKeyExchange.cs new file mode 100644 index 0000000..691c881 --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/tls/TlsSrpKeyExchange.cs @@ -0,0 +1,285 @@ +using System; +using System.Collections; +using System.IO; + +using Org.BouncyCastle.Asn1.X509; +using Org.BouncyCastle.Crypto.Agreement.Srp; +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Math; +using Org.BouncyCastle.Security; +using Org.BouncyCastle.Utilities; +using Org.BouncyCastle.Utilities.IO; + +namespace Org.BouncyCastle.Crypto.Tls +{ + /// (D)TLS SRP key exchange (RFC 5054). + public class TlsSrpKeyExchange + : AbstractTlsKeyExchange + { + protected static TlsSigner CreateSigner(int keyExchange) + { + switch (keyExchange) + { + case KeyExchangeAlgorithm.SRP: + return null; + case KeyExchangeAlgorithm.SRP_RSA: + return new TlsRsaSigner(); + case KeyExchangeAlgorithm.SRP_DSS: + return new TlsDssSigner(); + default: + throw new ArgumentException("unsupported key exchange algorithm"); + } + } + + protected TlsSigner mTlsSigner; + protected TlsSrpGroupVerifier mGroupVerifier; + protected byte[] mIdentity; + protected byte[] mPassword; + + protected AsymmetricKeyParameter mServerPublicKey = null; + + protected Srp6GroupParameters mSrpGroup = null; + protected Srp6Client mSrpClient = null; + protected Srp6Server mSrpServer = null; + protected BigInteger mSrpPeerCredentials = null; + protected BigInteger mSrpVerifier = null; + protected byte[] mSrpSalt = null; + + protected TlsSignerCredentials mServerCredentials = null; + + [Obsolete("Use constructor taking an explicit 'groupVerifier' argument")] + public TlsSrpKeyExchange(int keyExchange, IList supportedSignatureAlgorithms, byte[] identity, byte[] password) + : this(keyExchange, supportedSignatureAlgorithms, new DefaultTlsSrpGroupVerifier(), identity, password) + { + } + + public TlsSrpKeyExchange(int keyExchange, IList supportedSignatureAlgorithms, TlsSrpGroupVerifier groupVerifier, + byte[] identity, byte[] password) + : base(keyExchange, supportedSignatureAlgorithms) + { + this.mTlsSigner = CreateSigner(keyExchange); + this.mGroupVerifier = groupVerifier; + this.mIdentity = identity; + this.mPassword = password; + this.mSrpClient = new Srp6Client(); + } + + public TlsSrpKeyExchange(int keyExchange, IList supportedSignatureAlgorithms, byte[] identity, + TlsSrpLoginParameters loginParameters) + : base(keyExchange, supportedSignatureAlgorithms) + { + this.mTlsSigner = CreateSigner(keyExchange); + this.mIdentity = identity; + this.mSrpServer = new Srp6Server(); + this.mSrpGroup = loginParameters.Group; + this.mSrpVerifier = loginParameters.Verifier; + this.mSrpSalt = loginParameters.Salt; + } + + public override void Init(TlsContext context) + { + base.Init(context); + + if (this.mTlsSigner != null) + { + this.mTlsSigner.Init(context); + } + } + + public override void SkipServerCredentials() + { + if (mTlsSigner != null) + throw new TlsFatalAlert(AlertDescription.unexpected_message); + } + + public override void ProcessServerCertificate(Certificate serverCertificate) + { + if (mTlsSigner == null) + throw new TlsFatalAlert(AlertDescription.unexpected_message); + if (serverCertificate.IsEmpty) + throw new TlsFatalAlert(AlertDescription.decode_error); + + X509CertificateStructure x509Cert = serverCertificate.GetCertificateAt(0); + + SubjectPublicKeyInfo keyInfo = x509Cert.SubjectPublicKeyInfo; + try + { + this.mServerPublicKey = PublicKeyFactory.CreateKey(keyInfo); + } + catch (Exception e) + { + throw new TlsFatalAlert(AlertDescription.unsupported_certificate, e); + } + + if (!mTlsSigner.IsValidPublicKey(this.mServerPublicKey)) + throw new TlsFatalAlert(AlertDescription.certificate_unknown); + + TlsUtilities.ValidateKeyUsage(x509Cert, KeyUsage.DigitalSignature); + + base.ProcessServerCertificate(serverCertificate); + } + + public override void ProcessServerCredentials(TlsCredentials serverCredentials) + { + if ((mKeyExchange == KeyExchangeAlgorithm.SRP) || !(serverCredentials is TlsSignerCredentials)) + throw new TlsFatalAlert(AlertDescription.internal_error); + + ProcessServerCertificate(serverCredentials.Certificate); + + this.mServerCredentials = (TlsSignerCredentials)serverCredentials; + } + + public override bool RequiresServerKeyExchange + { + get { return true; } + } + + public override byte[] GenerateServerKeyExchange() + { + mSrpServer.Init(mSrpGroup, mSrpVerifier, TlsUtilities.CreateHash(HashAlgorithm.sha1), mContext.SecureRandom); + BigInteger B = mSrpServer.GenerateServerCredentials(); + + ServerSrpParams srpParams = new ServerSrpParams(mSrpGroup.N, mSrpGroup.G, mSrpSalt, B); + + DigestInputBuffer buf = new DigestInputBuffer(); + + srpParams.Encode(buf); + + if (mServerCredentials != null) + { + /* + * RFC 5246 4.7. digitally-signed element needs SignatureAndHashAlgorithm from TLS 1.2 + */ + SignatureAndHashAlgorithm signatureAndHashAlgorithm = TlsUtilities.GetSignatureAndHashAlgorithm( + mContext, mServerCredentials); + + IDigest d = TlsUtilities.CreateHash(signatureAndHashAlgorithm); + + SecurityParameters securityParameters = mContext.SecurityParameters; + d.BlockUpdate(securityParameters.clientRandom, 0, securityParameters.clientRandom.Length); + d.BlockUpdate(securityParameters.serverRandom, 0, securityParameters.serverRandom.Length); + buf.UpdateDigest(d); + + byte[] hash = new byte[d.GetDigestSize()]; + d.DoFinal(hash, 0); + + byte[] signature = mServerCredentials.GenerateCertificateSignature(hash); + + DigitallySigned signed_params = new DigitallySigned(signatureAndHashAlgorithm, signature); + signed_params.Encode(buf); + } + + return buf.ToArray(); + } + + public override void ProcessServerKeyExchange(Stream input) + { + SecurityParameters securityParameters = mContext.SecurityParameters; + + SignerInputBuffer buf = null; + Stream teeIn = input; + + if (mTlsSigner != null) + { + buf = new SignerInputBuffer(); + teeIn = new TeeInputStream(input, buf); + } + + ServerSrpParams srpParams = ServerSrpParams.Parse(teeIn); + + if (buf != null) + { + DigitallySigned signed_params = ParseSignature(input); + + ISigner signer = InitVerifyer(mTlsSigner, signed_params.Algorithm, securityParameters); + buf.UpdateSigner(signer); + if (!signer.VerifySignature(signed_params.Signature)) + throw new TlsFatalAlert(AlertDescription.decrypt_error); + } + + this.mSrpGroup = new Srp6GroupParameters(srpParams.N, srpParams.G); + + if (!mGroupVerifier.Accept(mSrpGroup)) + throw new TlsFatalAlert(AlertDescription.insufficient_security); + + this.mSrpSalt = srpParams.S; + + /* + * RFC 5054 2.5.3: The client MUST abort the handshake with an "illegal_parameter" alert if + * B % N = 0. + */ + try + { + this.mSrpPeerCredentials = Srp6Utilities.ValidatePublicValue(mSrpGroup.N, srpParams.B); + } + catch (CryptoException e) + { + throw new TlsFatalAlert(AlertDescription.illegal_parameter, e); + } + + this.mSrpClient.Init(mSrpGroup, TlsUtilities.CreateHash(HashAlgorithm.sha1), mContext.SecureRandom); + } + + public override void ValidateCertificateRequest(CertificateRequest certificateRequest) + { + throw new TlsFatalAlert(AlertDescription.unexpected_message); + } + + public override void ProcessClientCredentials(TlsCredentials clientCredentials) + { + throw new TlsFatalAlert(AlertDescription.internal_error); + } + + public override void GenerateClientKeyExchange(Stream output) + { + BigInteger A = mSrpClient.GenerateClientCredentials(mSrpSalt, mIdentity, mPassword); + TlsSrpUtilities.WriteSrpParameter(A, output); + + mContext.SecurityParameters.srpIdentity = Arrays.Clone(mIdentity); + } + + public override void ProcessClientKeyExchange(Stream input) + { + /* + * RFC 5054 2.5.4: The server MUST abort the handshake with an "illegal_parameter" alert if + * A % N = 0. + */ + try + { + this.mSrpPeerCredentials = Srp6Utilities.ValidatePublicValue(mSrpGroup.N, TlsSrpUtilities.ReadSrpParameter(input)); + } + catch (CryptoException e) + { + throw new TlsFatalAlert(AlertDescription.illegal_parameter, e); + } + + mContext.SecurityParameters.srpIdentity = Arrays.Clone(mIdentity); + } + + public override byte[] GeneratePremasterSecret() + { + try + { + BigInteger S = mSrpServer != null + ? mSrpServer.CalculateSecret(mSrpPeerCredentials) + : mSrpClient.CalculateSecret(mSrpPeerCredentials); + + // TODO Check if this needs to be a fixed size + return BigIntegers.AsUnsignedByteArray(S); + } + catch (CryptoException e) + { + throw new TlsFatalAlert(AlertDescription.illegal_parameter, e); + } + } + + protected virtual ISigner InitVerifyer(TlsSigner tlsSigner, SignatureAndHashAlgorithm algorithm, + SecurityParameters securityParameters) + { + ISigner signer = tlsSigner.CreateVerifyer(algorithm, this.mServerPublicKey); + signer.BlockUpdate(securityParameters.clientRandom, 0, securityParameters.clientRandom.Length); + signer.BlockUpdate(securityParameters.serverRandom, 0, securityParameters.serverRandom.Length); + return signer; + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/tls/TlsSrpLoginParameters.cs b/BouncyCastle/crypto/src/crypto/tls/TlsSrpLoginParameters.cs new file mode 100644 index 0000000..5ae4641 --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/tls/TlsSrpLoginParameters.cs @@ -0,0 +1,36 @@ +using System; + +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Math; + +namespace Org.BouncyCastle.Crypto.Tls +{ + public class TlsSrpLoginParameters + { + protected readonly Srp6GroupParameters mGroup; + protected readonly BigInteger mVerifier; + protected readonly byte[] mSalt; + + public TlsSrpLoginParameters(Srp6GroupParameters group, BigInteger verifier, byte[] salt) + { + this.mGroup = group; + this.mVerifier = verifier; + this.mSalt = salt; + } + + public virtual Srp6GroupParameters Group + { + get { return mGroup; } + } + + public virtual byte[] Salt + { + get { return mSalt; } + } + + public virtual BigInteger Verifier + { + get { return mVerifier; } + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/tls/TlsSrpUtilities.cs b/BouncyCastle/crypto/src/crypto/tls/TlsSrpUtilities.cs new file mode 100644 index 0000000..873189d --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/tls/TlsSrpUtilities.cs @@ -0,0 +1,74 @@ +using System; +using System.Collections; +using System.IO; + +using Org.BouncyCastle.Math; +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Crypto.Tls +{ + public abstract class TlsSrpUtilities + { + public static void AddSrpExtension(IDictionary extensions, byte[] identity) + { + extensions[ExtensionType.srp] = CreateSrpExtension(identity); + } + + public static byte[] GetSrpExtension(IDictionary extensions) + { + byte[] extensionData = TlsUtilities.GetExtensionData(extensions, ExtensionType.srp); + return extensionData == null ? null : ReadSrpExtension(extensionData); + } + + public static byte[] CreateSrpExtension(byte[] identity) + { + if (identity == null) + throw new TlsFatalAlert(AlertDescription.internal_error); + + return TlsUtilities.EncodeOpaque8(identity); + } + + public static byte[] ReadSrpExtension(byte[] extensionData) + { + if (extensionData == null) + throw new ArgumentNullException("extensionData"); + + MemoryStream buf = new MemoryStream(extensionData, false); + byte[] identity = TlsUtilities.ReadOpaque8(buf); + + TlsProtocol.AssertEmpty(buf); + + return identity; + } + + public static BigInteger ReadSrpParameter(Stream input) + { + return new BigInteger(1, TlsUtilities.ReadOpaque16(input)); + } + + public static void WriteSrpParameter(BigInteger x, Stream output) + { + TlsUtilities.WriteOpaque16(BigIntegers.AsUnsignedByteArray(x), output); + } + + public static bool IsSrpCipherSuite(int cipherSuite) + { + switch (cipherSuite) + { + case CipherSuite.TLS_SRP_SHA_DSS_WITH_3DES_EDE_CBC_SHA: + case CipherSuite.TLS_SRP_SHA_DSS_WITH_AES_128_CBC_SHA: + case CipherSuite.TLS_SRP_SHA_DSS_WITH_AES_256_CBC_SHA: + case CipherSuite.TLS_SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHA: + case CipherSuite.TLS_SRP_SHA_RSA_WITH_AES_128_CBC_SHA: + case CipherSuite.TLS_SRP_SHA_RSA_WITH_AES_256_CBC_SHA: + case CipherSuite.TLS_SRP_SHA_WITH_3DES_EDE_CBC_SHA: + case CipherSuite.TLS_SRP_SHA_WITH_AES_128_CBC_SHA: + case CipherSuite.TLS_SRP_SHA_WITH_AES_256_CBC_SHA: + return true; + + default: + return false; + } + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/tls/TlsSrtpUtilities.cs b/BouncyCastle/crypto/src/crypto/tls/TlsSrtpUtilities.cs new file mode 100644 index 0000000..626c0e3 --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/tls/TlsSrtpUtilities.cs @@ -0,0 +1,62 @@ +using System; +using System.Collections; +using System.IO; + +namespace Org.BouncyCastle.Crypto.Tls +{ + /** + * RFC 5764 DTLS Extension to Establish Keys for SRTP. + */ + public abstract class TlsSRTPUtils + { + public static void AddUseSrtpExtension(IDictionary extensions, UseSrtpData useSRTPData) + { + extensions[ExtensionType.use_srtp] = CreateUseSrtpExtension(useSRTPData); + } + + public static UseSrtpData GetUseSrtpExtension(IDictionary extensions) + { + byte[] extensionData = TlsUtilities.GetExtensionData(extensions, ExtensionType.use_srtp); + return extensionData == null ? null : ReadUseSrtpExtension(extensionData); + } + + public static byte[] CreateUseSrtpExtension(UseSrtpData useSrtpData) + { + if (useSrtpData == null) + throw new ArgumentNullException("useSrtpData"); + + MemoryStream buf = new MemoryStream(); + + // SRTPProtectionProfiles + TlsUtilities.WriteUint16ArrayWithUint16Length(useSrtpData.ProtectionProfiles, buf); + + // srtp_mki + TlsUtilities.WriteOpaque8(useSrtpData.Mki, buf); + + return buf.ToArray(); + } + + public static UseSrtpData ReadUseSrtpExtension(byte[] extensionData) + { + if (extensionData == null) + throw new ArgumentNullException("extensionData"); + + MemoryStream buf = new MemoryStream(extensionData, true); + + // SRTPProtectionProfiles + int length = TlsUtilities.ReadUint16(buf); + if (length < 2 || (length & 1) != 0) + { + throw new TlsFatalAlert(AlertDescription.decode_error); + } + int[] protectionProfiles = TlsUtilities.ReadUint16Array(length / 2, buf); + + // srtp_mki + byte[] mki = TlsUtilities.ReadOpaque8(buf); + + TlsProtocol.AssertEmpty(buf); + + return new UseSrtpData(protectionProfiles, mki); + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/tls/TlsStream.cs b/BouncyCastle/crypto/src/crypto/tls/TlsStream.cs new file mode 100644 index 0000000..bfd80ed --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/tls/TlsStream.cs @@ -0,0 +1,97 @@ +using System; +using System.IO; + +namespace Org.BouncyCastle.Crypto.Tls +{ + internal class TlsStream + : Stream + { + private readonly TlsProtocol handler; + + internal TlsStream(TlsProtocol handler) + { + this.handler = handler; + } + + public override bool CanRead + { + get { return !handler.IsClosed; } + } + + public override bool CanSeek + { + get { return false; } + } + + public override bool CanWrite + { + get { return !handler.IsClosed; } + } + +#if PORTABLE + protected override void Dispose(bool disposing) + { + if (disposing) + { + handler.Close(); + } + base.Dispose(disposing); + } +#else + public override void Close() + { + handler.Close(); + base.Close(); + } +#endif + + public override void Flush() + { + handler.Flush(); + } + + public override long Length + { + get { throw new NotSupportedException(); } + } + + public override long Position + { + get { throw new NotSupportedException(); } + set { throw new NotSupportedException(); } + } + + public override int Read(byte[] buf, int off, int len) + { + return this.handler.ReadApplicationData(buf, off, len); + } + + public override int ReadByte() + { + byte[] buf = new byte[1]; + if (this.Read(buf, 0, 1) <= 0) + return -1; + return buf[0]; + } + + public override long Seek(long offset, SeekOrigin origin) + { + throw new NotSupportedException(); + } + + public override void SetLength(long value) + { + throw new NotSupportedException(); + } + + public override void Write(byte[] buf, int off, int len) + { + this.handler.WriteData(buf, off, len); + } + + public override void WriteByte(byte b) + { + this.handler.WriteData(new byte[] { b }, 0, 1); + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/tls/TlsStreamCipher.cs b/BouncyCastle/crypto/src/crypto/tls/TlsStreamCipher.cs new file mode 100644 index 0000000..555442e --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/tls/TlsStreamCipher.cs @@ -0,0 +1,152 @@ +using System; +using System.IO; + +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Crypto.Tls; +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Crypto.Tls +{ + public class TlsStreamCipher + : TlsCipher + { + protected readonly TlsContext context; + + protected readonly IStreamCipher encryptCipher; + protected readonly IStreamCipher decryptCipher; + + protected readonly TlsMac writeMac; + protected readonly TlsMac readMac; + + protected readonly bool usesNonce; + + /// + public TlsStreamCipher(TlsContext context, IStreamCipher clientWriteCipher, + IStreamCipher serverWriteCipher, IDigest clientWriteDigest, IDigest serverWriteDigest, + int cipherKeySize, bool usesNonce) + { + bool isServer = context.IsServer; + + this.context = context; + this.usesNonce = usesNonce; + + this.encryptCipher = clientWriteCipher; + this.decryptCipher = serverWriteCipher; + + int key_block_size = (2 * cipherKeySize) + clientWriteDigest.GetDigestSize() + + serverWriteDigest.GetDigestSize(); + + byte[] key_block = TlsUtilities.CalculateKeyBlock(context, key_block_size); + + int offset = 0; + + // Init MACs + TlsMac clientWriteMac = new TlsMac(context, clientWriteDigest, key_block, offset, + clientWriteDigest.GetDigestSize()); + offset += clientWriteDigest.GetDigestSize(); + TlsMac serverWriteMac = new TlsMac(context, serverWriteDigest, key_block, offset, + serverWriteDigest.GetDigestSize()); + offset += serverWriteDigest.GetDigestSize(); + + // Build keys + KeyParameter clientWriteKey = new KeyParameter(key_block, offset, cipherKeySize); + offset += cipherKeySize; + KeyParameter serverWriteKey = new KeyParameter(key_block, offset, cipherKeySize); + offset += cipherKeySize; + + if (offset != key_block_size) + { + throw new TlsFatalAlert(AlertDescription.internal_error); + } + + ICipherParameters encryptParams, decryptParams; + if (isServer) + { + this.writeMac = serverWriteMac; + this.readMac = clientWriteMac; + this.encryptCipher = serverWriteCipher; + this.decryptCipher = clientWriteCipher; + encryptParams = serverWriteKey; + decryptParams = clientWriteKey; + } + else + { + this.writeMac = clientWriteMac; + this.readMac = serverWriteMac; + this.encryptCipher = clientWriteCipher; + this.decryptCipher = serverWriteCipher; + encryptParams = clientWriteKey; + decryptParams = serverWriteKey; + } + + if (usesNonce) + { + byte[] dummyNonce = new byte[8]; + encryptParams = new ParametersWithIV(encryptParams, dummyNonce); + decryptParams = new ParametersWithIV(decryptParams, dummyNonce); + } + + this.encryptCipher.Init(true, encryptParams); + this.decryptCipher.Init(false, decryptParams); + } + + public virtual int GetPlaintextLimit(int ciphertextLimit) + { + return ciphertextLimit - writeMac.Size; + } + + public virtual byte[] EncodePlaintext(long seqNo, byte type, byte[] plaintext, int offset, int len) + { + if (usesNonce) + { + UpdateIV(encryptCipher, true, seqNo); + } + + byte[] outBuf = new byte[len + writeMac.Size]; + + encryptCipher.ProcessBytes(plaintext, offset, len, outBuf, 0); + + byte[] mac = writeMac.CalculateMac(seqNo, type, plaintext, offset, len); + encryptCipher.ProcessBytes(mac, 0, mac.Length, outBuf, len); + + return outBuf; + } + + /// + public virtual byte[] DecodeCiphertext(long seqNo, byte type, byte[] ciphertext, int offset, int len) + { + if (usesNonce) + { + UpdateIV(decryptCipher, false, seqNo); + } + + int macSize = readMac.Size; + if (len < macSize) + throw new TlsFatalAlert(AlertDescription.decode_error); + + int plaintextLength = len - macSize; + + byte[] deciphered = new byte[len]; + decryptCipher.ProcessBytes(ciphertext, offset, len, deciphered, 0); + CheckMac(seqNo, type, deciphered, plaintextLength, len, deciphered, 0, plaintextLength); + return Arrays.CopyOfRange(deciphered, 0, plaintextLength); + } + + /// + protected virtual void CheckMac(long seqNo, byte type, byte[] recBuf, int recStart, int recEnd, byte[] calcBuf, int calcOff, int calcLen) + { + byte[] receivedMac = Arrays.CopyOfRange(recBuf, recStart, recEnd); + byte[] computedMac = readMac.CalculateMac(seqNo, type, calcBuf, calcOff, calcLen); + + if (!Arrays.ConstantTimeAreEqual(receivedMac, computedMac)) + throw new TlsFatalAlert(AlertDescription.bad_record_mac); + } + + protected virtual void UpdateIV(IStreamCipher cipher, bool forEncryption, long seqNo) + { + byte[] nonce = new byte[8]; + TlsUtilities.WriteUint64(seqNo, nonce, 0); + cipher.Init(forEncryption, new ParametersWithIV(null, nonce)); + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/tls/TlsTimeoutException.cs b/BouncyCastle/crypto/src/crypto/tls/TlsTimeoutException.cs new file mode 100644 index 0000000..71931e4 --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/tls/TlsTimeoutException.cs @@ -0,0 +1,23 @@ +using System; + +namespace Org.BouncyCastle.Crypto.Tls +{ + public class TlsTimeoutException + : TlsException + { + public TlsTimeoutException() + : base() + { + } + + public TlsTimeoutException(string message) + : base(message) + { + } + + public TlsTimeoutException(string message, Exception cause) + : base(message, cause) + { + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/tls/TlsUtilities.cs b/BouncyCastle/crypto/src/crypto/tls/TlsUtilities.cs new file mode 100644 index 0000000..2fb631e --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/tls/TlsUtilities.cs @@ -0,0 +1,2362 @@ +using System; +using System.Collections; +#if !PORTABLE || DOTNET +using System.Net.Sockets; +#endif +using System.IO; + +using Org.BouncyCastle.Asn1; +using Org.BouncyCastle.Asn1.Nist; +using Org.BouncyCastle.Asn1.Pkcs; +using Org.BouncyCastle.Asn1.X509; +using Org.BouncyCastle.Crypto.Digests; +using Org.BouncyCastle.Crypto.Macs; +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Security; +using Org.BouncyCastle.Utilities; +using Org.BouncyCastle.Utilities.Date; +using Org.BouncyCastle.Utilities.IO; + +namespace Org.BouncyCastle.Crypto.Tls +{ + /// Some helper functions for MicroTLS. + public abstract class TlsUtilities + { + public static readonly byte[] EmptyBytes = new byte[0]; + public static readonly short[] EmptyShorts = new short[0]; + public static readonly int[] EmptyInts = new int[0]; + public static readonly long[] EmptyLongs = new long[0]; + + public static void CheckUint8(int i) + { + if (!IsValidUint8(i)) + throw new TlsFatalAlert(AlertDescription.internal_error); + } + + public static void CheckUint8(long i) + { + if (!IsValidUint8(i)) + throw new TlsFatalAlert(AlertDescription.internal_error); + } + + public static void CheckUint16(int i) + { + if (!IsValidUint16(i)) + throw new TlsFatalAlert(AlertDescription.internal_error); + } + + public static void CheckUint16(long i) + { + if (!IsValidUint16(i)) + throw new TlsFatalAlert(AlertDescription.internal_error); + } + + public static void CheckUint24(int i) + { + if (!IsValidUint24(i)) + throw new TlsFatalAlert(AlertDescription.internal_error); + } + + public static void CheckUint24(long i) + { + if (!IsValidUint24(i)) + throw new TlsFatalAlert(AlertDescription.internal_error); + } + + public static void CheckUint32(long i) + { + if (!IsValidUint32(i)) + throw new TlsFatalAlert(AlertDescription.internal_error); + } + + public static void CheckUint48(long i) + { + if (!IsValidUint48(i)) + throw new TlsFatalAlert(AlertDescription.internal_error); + } + + public static void CheckUint64(long i) + { + if (!IsValidUint64(i)) + throw new TlsFatalAlert(AlertDescription.internal_error); + } + + public static bool IsValidUint8(int i) + { + return (i & 0xFF) == i; + } + + public static bool IsValidUint8(long i) + { + return (i & 0xFFL) == i; + } + + public static bool IsValidUint16(int i) + { + return (i & 0xFFFF) == i; + } + + public static bool IsValidUint16(long i) + { + return (i & 0xFFFFL) == i; + } + + public static bool IsValidUint24(int i) + { + return (i & 0xFFFFFF) == i; + } + + public static bool IsValidUint24(long i) + { + return (i & 0xFFFFFFL) == i; + } + + public static bool IsValidUint32(long i) + { + return (i & 0xFFFFFFFFL) == i; + } + + public static bool IsValidUint48(long i) + { + return (i & 0xFFFFFFFFFFFFL) == i; + } + + public static bool IsValidUint64(long i) + { + return true; + } + + public static bool IsSsl(TlsContext context) + { + return context.ServerVersion.IsSsl; + } + + public static bool IsTlsV11(ProtocolVersion version) + { + return ProtocolVersion.TLSv11.IsEqualOrEarlierVersionOf(version.GetEquivalentTLSVersion()); + } + + public static bool IsTlsV11(TlsContext context) + { + return IsTlsV11(context.ServerVersion); + } + + public static bool IsTlsV12(ProtocolVersion version) + { + return ProtocolVersion.TLSv12.IsEqualOrEarlierVersionOf(version.GetEquivalentTLSVersion()); + } + + public static bool IsTlsV12(TlsContext context) + { + return IsTlsV12(context.ServerVersion); + } + + public static void WriteUint8(byte i, Stream output) + { + output.WriteByte(i); + } + + public static void WriteUint8(byte i, byte[] buf, int offset) + { + buf[offset] = i; + } + + public static void WriteUint16(int i, Stream output) + { + output.WriteByte((byte)(i >> 8)); + output.WriteByte((byte)i); + } + + public static void WriteUint16(int i, byte[] buf, int offset) + { + buf[offset] = (byte)(i >> 8); + buf[offset + 1] = (byte)i; + } + + public static void WriteUint24(int i, Stream output) + { + output.WriteByte((byte)(i >> 16)); + output.WriteByte((byte)(i >> 8)); + output.WriteByte((byte)i); + } + + public static void WriteUint24(int i, byte[] buf, int offset) + { + buf[offset] = (byte)(i >> 16); + buf[offset + 1] = (byte)(i >> 8); + buf[offset + 2] = (byte)i; + } + + public static void WriteUint32(long i, Stream output) + { + output.WriteByte((byte)(i >> 24)); + output.WriteByte((byte)(i >> 16)); + output.WriteByte((byte)(i >> 8)); + output.WriteByte((byte)i); + } + + public static void WriteUint32(long i, byte[] buf, int offset) + { + buf[offset] = (byte)(i >> 24); + buf[offset + 1] = (byte)(i >> 16); + buf[offset + 2] = (byte)(i >> 8); + buf[offset + 3] = (byte)i; + } + + public static void WriteUint48(long i, Stream output) + { + output.WriteByte((byte)(i >> 40)); + output.WriteByte((byte)(i >> 32)); + output.WriteByte((byte)(i >> 24)); + output.WriteByte((byte)(i >> 16)); + output.WriteByte((byte)(i >> 8)); + output.WriteByte((byte)i); + } + + public static void WriteUint48(long i, byte[] buf, int offset) + { + buf[offset] = (byte)(i >> 40); + buf[offset + 1] = (byte)(i >> 32); + buf[offset + 2] = (byte)(i >> 24); + buf[offset + 3] = (byte)(i >> 16); + buf[offset + 4] = (byte)(i >> 8); + buf[offset + 5] = (byte)i; + } + + public static void WriteUint64(long i, Stream output) + { + output.WriteByte((byte)(i >> 56)); + output.WriteByte((byte)(i >> 48)); + output.WriteByte((byte)(i >> 40)); + output.WriteByte((byte)(i >> 32)); + output.WriteByte((byte)(i >> 24)); + output.WriteByte((byte)(i >> 16)); + output.WriteByte((byte)(i >> 8)); + output.WriteByte((byte)i); + } + + public static void WriteUint64(long i, byte[] buf, int offset) + { + buf[offset] = (byte)(i >> 56); + buf[offset + 1] = (byte)(i >> 48); + buf[offset + 2] = (byte)(i >> 40); + buf[offset + 3] = (byte)(i >> 32); + buf[offset + 4] = (byte)(i >> 24); + buf[offset + 5] = (byte)(i >> 16); + buf[offset + 6] = (byte)(i >> 8); + buf[offset + 7] = (byte)i; + } + + public static void WriteOpaque8(byte[] buf, Stream output) + { + WriteUint8((byte)buf.Length, output); + output.Write(buf, 0, buf.Length); + } + + public static void WriteOpaque16(byte[] buf, Stream output) + { + WriteUint16(buf.Length, output); + output.Write(buf, 0, buf.Length); + } + + public static void WriteOpaque24(byte[] buf, Stream output) + { + WriteUint24(buf.Length, output); + output.Write(buf, 0, buf.Length); + } + + public static void WriteUint8Array(byte[] uints, Stream output) + { + output.Write(uints, 0, uints.Length); + } + + public static void WriteUint8Array(byte[] uints, byte[] buf, int offset) + { + for (int i = 0; i < uints.Length; ++i) + { + WriteUint8(uints[i], buf, offset); + ++offset; + } + } + + public static void WriteUint8ArrayWithUint8Length(byte[] uints, Stream output) + { + CheckUint8(uints.Length); + WriteUint8((byte)uints.Length, output); + WriteUint8Array(uints, output); + } + + public static void WriteUint8ArrayWithUint8Length(byte[] uints, byte[] buf, int offset) + { + CheckUint8(uints.Length); + WriteUint8((byte)uints.Length, buf, offset); + WriteUint8Array(uints, buf, offset + 1); + } + + public static void WriteUint16Array(int[] uints, Stream output) + { + for (int i = 0; i < uints.Length; ++i) + { + WriteUint16(uints[i], output); + } + } + + public static void WriteUint16Array(int[] uints, byte[] buf, int offset) + { + for (int i = 0; i < uints.Length; ++i) + { + WriteUint16(uints[i], buf, offset); + offset += 2; + } + } + + public static void WriteUint16ArrayWithUint16Length(int[] uints, Stream output) + { + int length = 2 * uints.Length; + CheckUint16(length); + WriteUint16(length, output); + WriteUint16Array(uints, output); + } + + public static void WriteUint16ArrayWithUint16Length(int[] uints, byte[] buf, int offset) + { + int length = 2 * uints.Length; + CheckUint16(length); + WriteUint16(length, buf, offset); + WriteUint16Array(uints, buf, offset + 2); + } + + public static byte DecodeUint8(byte[] buf) + { + if (buf == null) + throw new ArgumentNullException("buf"); + if (buf.Length != 1) + throw new TlsFatalAlert(AlertDescription.decode_error); + return ReadUint8(buf, 0); + } + + public static byte[] DecodeUint8ArrayWithUint8Length(byte[] buf) + { + if (buf == null) + throw new ArgumentNullException("buf"); + + int count = ReadUint8(buf, 0); + if (buf.Length != (count + 1)) + throw new TlsFatalAlert(AlertDescription.decode_error); + + byte[] uints = new byte[count]; + for (int i = 0; i < count; ++i) + { + uints[i] = ReadUint8(buf, i + 1); + } + return uints; + } + + public static byte[] EncodeOpaque8(byte[] buf) + { + CheckUint8(buf.Length); + return Arrays.Prepend(buf, (byte)buf.Length); + } + + public static byte[] EncodeUint8(byte val) + { + CheckUint8(val); + + byte[] extensionData = new byte[1]; + WriteUint8(val, extensionData, 0); + return extensionData; + } + + public static byte[] EncodeUint8ArrayWithUint8Length(byte[] uints) + { + byte[] result = new byte[1 + uints.Length]; + WriteUint8ArrayWithUint8Length(uints, result, 0); + return result; + } + + public static byte[] EncodeUint16ArrayWithUint16Length(int[] uints) + { + int length = 2 * uints.Length; + byte[] result = new byte[2 + length]; + WriteUint16ArrayWithUint16Length(uints, result, 0); + return result; + } + + public static byte ReadUint8(Stream input) + { + int i = input.ReadByte(); + if (i < 0) + throw new EndOfStreamException(); + return (byte)i; + } + + public static byte ReadUint8(byte[] buf, int offset) + { + return buf[offset]; + } + + public static int ReadUint16(Stream input) + { + int i1 = input.ReadByte(); + int i2 = input.ReadByte(); + if (i2 < 0) + throw new EndOfStreamException(); + return (i1 << 8) | i2; + } + + public static int ReadUint16(byte[] buf, int offset) + { + uint n = (uint)buf[offset] << 8; + n |= (uint)buf[++offset]; + return (int)n; + } + + public static int ReadUint24(Stream input) + { + int i1 = input.ReadByte(); + int i2 = input.ReadByte(); + int i3 = input.ReadByte(); + if (i3 < 0) + throw new EndOfStreamException(); + return (i1 << 16) | (i2 << 8) | i3; + } + + public static int ReadUint24(byte[] buf, int offset) + { + uint n = (uint)buf[offset] << 16; + n |= (uint)buf[++offset] << 8; + n |= (uint)buf[++offset]; + return (int)n; + } + + public static long ReadUint32(Stream input) + { + int i1 = input.ReadByte(); + int i2 = input.ReadByte(); + int i3 = input.ReadByte(); + int i4 = input.ReadByte(); + if (i4 < 0) + throw new EndOfStreamException(); + return (long)(uint)((i1 << 24) | (i2 << 16) | (i3 << 8) | i4); + } + + public static long ReadUint32(byte[] buf, int offset) + { + uint n = (uint)buf[offset] << 24; + n |= (uint)buf[++offset] << 16; + n |= (uint)buf[++offset] << 8; + n |= (uint)buf[++offset]; + return (long)n; + } + + public static long ReadUint48(Stream input) + { + int hi = ReadUint24(input); + int lo = ReadUint24(input); + return ((long)(hi & 0xffffffffL) << 24) | (long)(lo & 0xffffffffL); + } + + public static long ReadUint48(byte[] buf, int offset) + { + int hi = ReadUint24(buf, offset); + int lo = ReadUint24(buf, offset + 3); + return ((long)(hi & 0xffffffffL) << 24) | (long)(lo & 0xffffffffL); + } + + public static byte[] ReadAllOrNothing(int length, Stream input) + { + if (length < 1) + return EmptyBytes; + byte[] buf = new byte[length]; + int read = Streams.ReadFully(input, buf); + if (read == 0) + return null; + if (read != length) + throw new EndOfStreamException(); + return buf; + } + + public static byte[] ReadFully(int length, Stream input) + { + if (length < 1) + return EmptyBytes; + byte[] buf = new byte[length]; + if (length != Streams.ReadFully(input, buf)) + throw new EndOfStreamException(); + return buf; + } + + public static void ReadFully(byte[] buf, Stream input) + { + if (Streams.ReadFully(input, buf, 0, buf.Length) < buf.Length) + throw new EndOfStreamException(); + } + + public static byte[] ReadOpaque8(Stream input) + { + byte length = ReadUint8(input); + byte[] bytes = new byte[length]; + ReadFully(bytes, input); + return bytes; + } + + public static byte[] ReadOpaque16(Stream input) + { + int length = ReadUint16(input); + byte[] bytes = new byte[length]; + ReadFully(bytes, input); + return bytes; + } + + public static byte[] ReadOpaque24(Stream input) + { + int length = ReadUint24(input); + return ReadFully(length, input); + } + + public static byte[] ReadUint8Array(int count, Stream input) + { + byte[] uints = new byte[count]; + for (int i = 0; i < count; ++i) + { + uints[i] = ReadUint8(input); + } + return uints; + } + + public static int[] ReadUint16Array(int count, Stream input) + { + int[] uints = new int[count]; + for (int i = 0; i < count; ++i) + { + uints[i] = ReadUint16(input); + } + return uints; + } + + public static ProtocolVersion ReadVersion(byte[] buf, int offset) + { + return ProtocolVersion.Get(buf[offset], buf[offset + 1]); + } + + public static ProtocolVersion ReadVersion(Stream input) + { + int i1 = input.ReadByte(); + int i2 = input.ReadByte(); + if (i2 < 0) + throw new EndOfStreamException(); + return ProtocolVersion.Get(i1, i2); + } + + public static int ReadVersionRaw(byte[] buf, int offset) + { + return (buf[offset] << 8) | buf[offset + 1]; + } + + public static int ReadVersionRaw(Stream input) + { + int i1 = input.ReadByte(); + int i2 = input.ReadByte(); + if (i2 < 0) + throw new EndOfStreamException(); + return (i1 << 8) | i2; + } + + public static Asn1Object ReadAsn1Object(byte[] encoding) + { + MemoryStream input = new MemoryStream(encoding, false); + Asn1InputStream asn1 = new Asn1InputStream(input, encoding.Length); + Asn1Object result = asn1.ReadObject(); + if (null == result) + throw new TlsFatalAlert(AlertDescription.decode_error); + if (input.Position != input.Length) + throw new TlsFatalAlert(AlertDescription.decode_error); + return result; + } + + public static Asn1Object ReadDerObject(byte[] encoding) + { + /* + * NOTE: The current ASN.1 parsing code can't enforce DER-only parsing, but since DER is + * canonical, we can check it by re-encoding the result and comparing to the original. + */ + Asn1Object result = ReadAsn1Object(encoding); + byte[] check = result.GetEncoded(Asn1Encodable.Der); + if (!Arrays.AreEqual(check, encoding)) + throw new TlsFatalAlert(AlertDescription.decode_error); + return result; + } + + public static void WriteGmtUnixTime(byte[] buf, int offset) + { + int t = (int)(DateTimeUtilities.CurrentUnixMs() / 1000L); + buf[offset] = (byte)(t >> 24); + buf[offset + 1] = (byte)(t >> 16); + buf[offset + 2] = (byte)(t >> 8); + buf[offset + 3] = (byte)t; + } + + public static void WriteVersion(ProtocolVersion version, Stream output) + { + output.WriteByte((byte)version.MajorVersion); + output.WriteByte((byte)version.MinorVersion); + } + + public static void WriteVersion(ProtocolVersion version, byte[] buf, int offset) + { + buf[offset] = (byte)version.MajorVersion; + buf[offset + 1] = (byte)version.MinorVersion; + } + + public static IList GetAllSignatureAlgorithms() + { + IList v = Platform.CreateArrayList(4); + v.Add(SignatureAlgorithm.anonymous); + v.Add(SignatureAlgorithm.rsa); + v.Add(SignatureAlgorithm.dsa); + v.Add(SignatureAlgorithm.ecdsa); + return v; + } + + public static IList GetDefaultDssSignatureAlgorithms() + { + return VectorOfOne(new SignatureAndHashAlgorithm(HashAlgorithm.sha1, SignatureAlgorithm.dsa)); + } + + public static IList GetDefaultECDsaSignatureAlgorithms() + { + return VectorOfOne(new SignatureAndHashAlgorithm(HashAlgorithm.sha1, SignatureAlgorithm.ecdsa)); + } + + public static IList GetDefaultRsaSignatureAlgorithms() + { + return VectorOfOne(new SignatureAndHashAlgorithm(HashAlgorithm.sha1, SignatureAlgorithm.rsa)); + } + + public static byte[] GetExtensionData(IDictionary extensions, int extensionType) + { + return extensions == null ? null : (byte[])extensions[extensionType]; + } + + public static IList GetDefaultSupportedSignatureAlgorithms() + { + byte[] hashAlgorithms = new byte[]{ HashAlgorithm.sha1, HashAlgorithm.sha224, HashAlgorithm.sha256, + HashAlgorithm.sha384, HashAlgorithm.sha512 }; + byte[] signatureAlgorithms = new byte[]{ SignatureAlgorithm.rsa, SignatureAlgorithm.dsa, + SignatureAlgorithm.ecdsa }; + + IList result = Platform.CreateArrayList(); + for (int i = 0; i < signatureAlgorithms.Length; ++i) + { + for (int j = 0; j < hashAlgorithms.Length; ++j) + { + result.Add(new SignatureAndHashAlgorithm(hashAlgorithms[j], signatureAlgorithms[i])); + } + } + return result; + } + + public static SignatureAndHashAlgorithm GetSignatureAndHashAlgorithm(TlsContext context, + TlsSignerCredentials signerCredentials) + { + SignatureAndHashAlgorithm signatureAndHashAlgorithm = null; + if (IsTlsV12(context)) + { + signatureAndHashAlgorithm = signerCredentials.SignatureAndHashAlgorithm; + if (signatureAndHashAlgorithm == null) + throw new TlsFatalAlert(AlertDescription.internal_error); + } + return signatureAndHashAlgorithm; + } + + public static bool HasExpectedEmptyExtensionData(IDictionary extensions, int extensionType, + byte alertDescription) + { + byte[] extension_data = GetExtensionData(extensions, extensionType); + if (extension_data == null) + return false; + if (extension_data.Length != 0) + throw new TlsFatalAlert(alertDescription); + return true; + } + + public static TlsSession ImportSession(byte[] sessionID, SessionParameters sessionParameters) + { + return new TlsSessionImpl(sessionID, sessionParameters); + } + + public static bool IsSignatureAlgorithmsExtensionAllowed(ProtocolVersion clientVersion) + { + return ProtocolVersion.TLSv12.IsEqualOrEarlierVersionOf(clientVersion.GetEquivalentTLSVersion()); + } + + /** + * Add a 'signature_algorithms' extension to existing extensions. + * + * @param extensions A {@link Hashtable} to add the extension to. + * @param supportedSignatureAlgorithms {@link Vector} containing at least 1 {@link SignatureAndHashAlgorithm}. + * @throws IOException + */ + public static void AddSignatureAlgorithmsExtension(IDictionary extensions, IList supportedSignatureAlgorithms) + { + extensions[ExtensionType.signature_algorithms] = CreateSignatureAlgorithmsExtension(supportedSignatureAlgorithms); + } + + /** + * Get a 'signature_algorithms' extension from extensions. + * + * @param extensions A {@link Hashtable} to get the extension from, if it is present. + * @return A {@link Vector} containing at least 1 {@link SignatureAndHashAlgorithm}, or null. + * @throws IOException + */ + public static IList GetSignatureAlgorithmsExtension(IDictionary extensions) + { + byte[] extensionData = GetExtensionData(extensions, ExtensionType.signature_algorithms); + return extensionData == null ? null : ReadSignatureAlgorithmsExtension(extensionData); + } + + /** + * Create a 'signature_algorithms' extension value. + * + * @param supportedSignatureAlgorithms A {@link Vector} containing at least 1 {@link SignatureAndHashAlgorithm}. + * @return A byte array suitable for use as an extension value. + * @throws IOException + */ + public static byte[] CreateSignatureAlgorithmsExtension(IList supportedSignatureAlgorithms) + { + MemoryStream buf = new MemoryStream(); + + // supported_signature_algorithms + EncodeSupportedSignatureAlgorithms(supportedSignatureAlgorithms, false, buf); + + return buf.ToArray(); + } + + /** + * Read 'signature_algorithms' extension data. + * + * @param extensionData The extension data. + * @return A {@link Vector} containing at least 1 {@link SignatureAndHashAlgorithm}. + * @throws IOException + */ + public static IList ReadSignatureAlgorithmsExtension(byte[] extensionData) + { + if (extensionData == null) + throw new ArgumentNullException("extensionData"); + + MemoryStream buf = new MemoryStream(extensionData, false); + + // supported_signature_algorithms + IList supported_signature_algorithms = ParseSupportedSignatureAlgorithms(false, buf); + + TlsProtocol.AssertEmpty(buf); + + return supported_signature_algorithms; + } + + public static void EncodeSupportedSignatureAlgorithms(IList supportedSignatureAlgorithms, bool allowAnonymous, + Stream output) + { + if (supportedSignatureAlgorithms == null) + throw new ArgumentNullException("supportedSignatureAlgorithms"); + if (supportedSignatureAlgorithms.Count < 1 || supportedSignatureAlgorithms.Count >= (1 << 15)) + throw new ArgumentException("must have length from 1 to (2^15 - 1)", "supportedSignatureAlgorithms"); + + // supported_signature_algorithms + int length = 2 * supportedSignatureAlgorithms.Count; + CheckUint16(length); + WriteUint16(length, output); + + foreach (SignatureAndHashAlgorithm entry in supportedSignatureAlgorithms) + { + if (!allowAnonymous && entry.Signature == SignatureAlgorithm.anonymous) + { + /* + * RFC 5246 7.4.1.4.1 The "anonymous" value is meaningless in this context but used + * in Section 7.4.3. It MUST NOT appear in this extension. + */ + throw new ArgumentException( + "SignatureAlgorithm.anonymous MUST NOT appear in the signature_algorithms extension"); + } + entry.Encode(output); + } + } + + public static IList ParseSupportedSignatureAlgorithms(bool allowAnonymous, Stream input) + { + // supported_signature_algorithms + int length = ReadUint16(input); + if (length < 2 || (length & 1) != 0) + throw new TlsFatalAlert(AlertDescription.decode_error); + int count = length / 2; + IList supportedSignatureAlgorithms = Platform.CreateArrayList(count); + for (int i = 0; i < count; ++i) + { + SignatureAndHashAlgorithm entry = SignatureAndHashAlgorithm.Parse(input); + if (!allowAnonymous && entry.Signature == SignatureAlgorithm.anonymous) + { + /* + * RFC 5246 7.4.1.4.1 The "anonymous" value is meaningless in this context but used + * in Section 7.4.3. It MUST NOT appear in this extension. + */ + throw new TlsFatalAlert(AlertDescription.illegal_parameter); + } + supportedSignatureAlgorithms.Add(entry); + } + return supportedSignatureAlgorithms; + } + + public static void VerifySupportedSignatureAlgorithm(IList supportedSignatureAlgorithms, SignatureAndHashAlgorithm signatureAlgorithm) + { + if (supportedSignatureAlgorithms == null) + throw new ArgumentNullException("supportedSignatureAlgorithms"); + if (supportedSignatureAlgorithms.Count < 1 || supportedSignatureAlgorithms.Count >= (1 << 15)) + throw new ArgumentException("must have length from 1 to (2^15 - 1)", "supportedSignatureAlgorithms"); + if (signatureAlgorithm == null) + throw new ArgumentNullException("signatureAlgorithm"); + + if (signatureAlgorithm.Signature != SignatureAlgorithm.anonymous) + { + foreach (SignatureAndHashAlgorithm entry in supportedSignatureAlgorithms) + { + if (entry.Hash == signatureAlgorithm.Hash && entry.Signature == signatureAlgorithm.Signature) + return; + } + } + + throw new TlsFatalAlert(AlertDescription.illegal_parameter); + } + + public static byte[] PRF(TlsContext context, byte[] secret, string asciiLabel, byte[] seed, int size) + { + ProtocolVersion version = context.ServerVersion; + + if (version.IsSsl) + throw new InvalidOperationException("No PRF available for SSLv3 session"); + + byte[] label = Strings.ToByteArray(asciiLabel); + byte[] labelSeed = Concat(label, seed); + + int prfAlgorithm = context.SecurityParameters.PrfAlgorithm; + + if (prfAlgorithm == PrfAlgorithm.tls_prf_legacy) + return PRF_legacy(secret, label, labelSeed, size); + + IDigest prfDigest = CreatePrfHash(prfAlgorithm); + byte[] buf = new byte[size]; + HMacHash(prfDigest, secret, labelSeed, buf); + return buf; + } + + public static byte[] PRF_legacy(byte[] secret, string asciiLabel, byte[] seed, int size) + { + byte[] label = Strings.ToByteArray(asciiLabel); + byte[] labelSeed = Concat(label, seed); + + return PRF_legacy(secret, label, labelSeed, size); + } + + internal static byte[] PRF_legacy(byte[] secret, byte[] label, byte[] labelSeed, int size) + { + int s_half = (secret.Length + 1) / 2; + byte[] s1 = new byte[s_half]; + byte[] s2 = new byte[s_half]; + Array.Copy(secret, 0, s1, 0, s_half); + Array.Copy(secret, secret.Length - s_half, s2, 0, s_half); + + byte[] b1 = new byte[size]; + byte[] b2 = new byte[size]; + HMacHash(CreateHash(HashAlgorithm.md5), s1, labelSeed, b1); + HMacHash(CreateHash(HashAlgorithm.sha1), s2, labelSeed, b2); + for (int i = 0; i < size; i++) + { + b1[i] ^= b2[i]; + } + return b1; + } + + internal static byte[] Concat(byte[] a, byte[] b) + { + byte[] c = new byte[a.Length + b.Length]; + Array.Copy(a, 0, c, 0, a.Length); + Array.Copy(b, 0, c, a.Length, b.Length); + return c; + } + + internal static void HMacHash(IDigest digest, byte[] secret, byte[] seed, byte[] output) + { + HMac mac = new HMac(digest); + mac.Init(new KeyParameter(secret)); + byte[] a = seed; + int size = digest.GetDigestSize(); + int iterations = (output.Length + size - 1) / size; + byte[] buf = new byte[mac.GetMacSize()]; + byte[] buf2 = new byte[mac.GetMacSize()]; + for (int i = 0; i < iterations; i++) + { + mac.BlockUpdate(a, 0, a.Length); + mac.DoFinal(buf, 0); + a = buf; + mac.BlockUpdate(a, 0, a.Length); + mac.BlockUpdate(seed, 0, seed.Length); + mac.DoFinal(buf2, 0); + Array.Copy(buf2, 0, output, (size * i), System.Math.Min(size, output.Length - (size * i))); + } + } + + internal static void ValidateKeyUsage(X509CertificateStructure c, int keyUsageBits) + { + X509Extensions exts = c.TbsCertificate.Extensions; + if (exts != null) + { + X509Extension ext = exts.GetExtension(X509Extensions.KeyUsage); + if (ext != null) + { + DerBitString ku = KeyUsage.GetInstance(ext); + int bits = ku.GetBytes()[0]; + if ((bits & keyUsageBits) != keyUsageBits) + throw new TlsFatalAlert(AlertDescription.certificate_unknown); + } + } + } + + internal static byte[] CalculateKeyBlock(TlsContext context, int size) + { + SecurityParameters securityParameters = context.SecurityParameters; + byte[] master_secret = securityParameters.MasterSecret; + byte[] seed = Concat(securityParameters.ServerRandom, securityParameters.ClientRandom); + + if (IsSsl(context)) + return CalculateKeyBlock_Ssl(master_secret, seed, size); + + return PRF(context, master_secret, ExporterLabel.key_expansion, seed, size); + } + + internal static byte[] CalculateKeyBlock_Ssl(byte[] master_secret, byte[] random, int size) + { + IDigest md5 = CreateHash(HashAlgorithm.md5); + IDigest sha1 = CreateHash(HashAlgorithm.sha1); + int md5Size = md5.GetDigestSize(); + byte[] shatmp = new byte[sha1.GetDigestSize()]; + byte[] tmp = new byte[size + md5Size]; + + int i = 0, pos = 0; + while (pos < size) + { + byte[] ssl3Const = SSL3_CONST[i]; + + sha1.BlockUpdate(ssl3Const, 0, ssl3Const.Length); + sha1.BlockUpdate(master_secret, 0, master_secret.Length); + sha1.BlockUpdate(random, 0, random.Length); + sha1.DoFinal(shatmp, 0); + + md5.BlockUpdate(master_secret, 0, master_secret.Length); + md5.BlockUpdate(shatmp, 0, shatmp.Length); + md5.DoFinal(tmp, pos); + + pos += md5Size; + ++i; + } + + return Arrays.CopyOfRange(tmp, 0, size); + } + + internal static byte[] CalculateMasterSecret(TlsContext context, byte[] pre_master_secret) + { + SecurityParameters securityParameters = context.SecurityParameters; + + byte[] seed = securityParameters.IsExtendedMasterSecret + ? securityParameters.SessionHash + : Concat(securityParameters.ClientRandom, securityParameters.ServerRandom); + + if (IsSsl(context)) + return CalculateMasterSecret_Ssl(pre_master_secret, seed); + + string asciiLabel = securityParameters.IsExtendedMasterSecret + ? ExporterLabel.extended_master_secret + : ExporterLabel.master_secret; + + return PRF(context, pre_master_secret, asciiLabel, seed, 48); + } + + internal static byte[] CalculateMasterSecret_Ssl(byte[] pre_master_secret, byte[] random) + { + IDigest md5 = CreateHash(HashAlgorithm.md5); + IDigest sha1 = CreateHash(HashAlgorithm.sha1); + int md5Size = md5.GetDigestSize(); + byte[] shatmp = new byte[sha1.GetDigestSize()]; + + byte[] rval = new byte[md5Size * 3]; + int pos = 0; + + for (int i = 0; i < 3; ++i) + { + byte[] ssl3Const = SSL3_CONST[i]; + + sha1.BlockUpdate(ssl3Const, 0, ssl3Const.Length); + sha1.BlockUpdate(pre_master_secret, 0, pre_master_secret.Length); + sha1.BlockUpdate(random, 0, random.Length); + sha1.DoFinal(shatmp, 0); + + md5.BlockUpdate(pre_master_secret, 0, pre_master_secret.Length); + md5.BlockUpdate(shatmp, 0, shatmp.Length); + md5.DoFinal(rval, pos); + + pos += md5Size; + } + + return rval; + } + + internal static byte[] CalculateVerifyData(TlsContext context, string asciiLabel, byte[] handshakeHash) + { + if (IsSsl(context)) + return handshakeHash; + + SecurityParameters securityParameters = context.SecurityParameters; + byte[] master_secret = securityParameters.MasterSecret; + int verify_data_length = securityParameters.VerifyDataLength; + + return PRF(context, master_secret, asciiLabel, handshakeHash, verify_data_length); + } + + public static IDigest CreateHash(byte hashAlgorithm) + { + switch (hashAlgorithm) + { + case HashAlgorithm.md5: + return new MD5Digest(); + case HashAlgorithm.sha1: + return new Sha1Digest(); + case HashAlgorithm.sha224: + return new Sha224Digest(); + case HashAlgorithm.sha256: + return new Sha256Digest(); + case HashAlgorithm.sha384: + return new Sha384Digest(); + case HashAlgorithm.sha512: + return new Sha512Digest(); + default: + throw new ArgumentException("unknown HashAlgorithm", "hashAlgorithm"); + } + } + + public static IDigest CreateHash(SignatureAndHashAlgorithm signatureAndHashAlgorithm) + { + return signatureAndHashAlgorithm == null + ? new CombinedHash() + : CreateHash(signatureAndHashAlgorithm.Hash); + } + + public static IDigest CloneHash(byte hashAlgorithm, IDigest hash) + { + switch (hashAlgorithm) + { + case HashAlgorithm.md5: + return new MD5Digest((MD5Digest)hash); + case HashAlgorithm.sha1: + return new Sha1Digest((Sha1Digest)hash); + case HashAlgorithm.sha224: + return new Sha224Digest((Sha224Digest)hash); + case HashAlgorithm.sha256: + return new Sha256Digest((Sha256Digest)hash); + case HashAlgorithm.sha384: + return new Sha384Digest((Sha384Digest)hash); + case HashAlgorithm.sha512: + return new Sha512Digest((Sha512Digest)hash); + default: + throw new ArgumentException("unknown HashAlgorithm", "hashAlgorithm"); + } + } + + public static IDigest CreatePrfHash(int prfAlgorithm) + { + switch (prfAlgorithm) + { + case PrfAlgorithm.tls_prf_legacy: + return new CombinedHash(); + default: + return CreateHash(GetHashAlgorithmForPrfAlgorithm(prfAlgorithm)); + } + } + + public static IDigest ClonePrfHash(int prfAlgorithm, IDigest hash) + { + switch (prfAlgorithm) + { + case PrfAlgorithm.tls_prf_legacy: + return new CombinedHash((CombinedHash)hash); + default: + return CloneHash(GetHashAlgorithmForPrfAlgorithm(prfAlgorithm), hash); + } + } + + public static byte GetHashAlgorithmForPrfAlgorithm(int prfAlgorithm) + { + switch (prfAlgorithm) + { + case PrfAlgorithm.tls_prf_legacy: + throw new ArgumentException("legacy PRF not a valid algorithm", "prfAlgorithm"); + case PrfAlgorithm.tls_prf_sha256: + return HashAlgorithm.sha256; + case PrfAlgorithm.tls_prf_sha384: + return HashAlgorithm.sha384; + default: + throw new ArgumentException("unknown PrfAlgorithm", "prfAlgorithm"); + } + } + + public static DerObjectIdentifier GetOidForHashAlgorithm(byte hashAlgorithm) + { + switch (hashAlgorithm) + { + case HashAlgorithm.md5: + return PkcsObjectIdentifiers.MD5; + case HashAlgorithm.sha1: + return X509ObjectIdentifiers.IdSha1; + case HashAlgorithm.sha224: + return NistObjectIdentifiers.IdSha224; + case HashAlgorithm.sha256: + return NistObjectIdentifiers.IdSha256; + case HashAlgorithm.sha384: + return NistObjectIdentifiers.IdSha384; + case HashAlgorithm.sha512: + return NistObjectIdentifiers.IdSha512; + default: + throw new ArgumentException("unknown HashAlgorithm", "hashAlgorithm"); + } + } + + internal static short GetClientCertificateType(Certificate clientCertificate, Certificate serverCertificate) + { + if (clientCertificate.IsEmpty) + return -1; + + X509CertificateStructure x509Cert = clientCertificate.GetCertificateAt(0); + SubjectPublicKeyInfo keyInfo = x509Cert.SubjectPublicKeyInfo; + try + { + AsymmetricKeyParameter publicKey = PublicKeyFactory.CreateKey(keyInfo); + if (publicKey.IsPrivate) + throw new TlsFatalAlert(AlertDescription.internal_error); + + /* + * TODO RFC 5246 7.4.6. The certificates MUST be signed using an acceptable hash/ + * signature algorithm pair, as described in Section 7.4.4. Note that this relaxes the + * constraints on certificate-signing algorithms found in prior versions of TLS. + */ + + /* + * RFC 5246 7.4.6. Client Certificate + */ + + /* + * RSA public key; the certificate MUST allow the key to be used for signing with the + * signature scheme and hash algorithm that will be employed in the certificate verify + * message. + */ + if (publicKey is RsaKeyParameters) + { + ValidateKeyUsage(x509Cert, KeyUsage.DigitalSignature); + return ClientCertificateType.rsa_sign; + } + + /* + * DSA public key; the certificate MUST allow the key to be used for signing with the + * hash algorithm that will be employed in the certificate verify message. + */ + if (publicKey is DsaPublicKeyParameters) + { + ValidateKeyUsage(x509Cert, KeyUsage.DigitalSignature); + return ClientCertificateType.dss_sign; + } + + /* + * ECDSA-capable public key; the certificate MUST allow the key to be used for signing + * with the hash algorithm that will be employed in the certificate verify message; the + * public key MUST use a curve and point format supported by the server. + */ + if (publicKey is ECPublicKeyParameters) + { + ValidateKeyUsage(x509Cert, KeyUsage.DigitalSignature); + // TODO Check the curve and point format + return ClientCertificateType.ecdsa_sign; + } + + // TODO Add support for ClientCertificateType.*_fixed_* + + throw new TlsFatalAlert(AlertDescription.unsupported_certificate); + } + catch (Exception e) + { + throw new TlsFatalAlert(AlertDescription.unsupported_certificate, e); + } + } + + internal static void TrackHashAlgorithms(TlsHandshakeHash handshakeHash, IList supportedSignatureAlgorithms) + { + if (supportedSignatureAlgorithms != null) + { + foreach (SignatureAndHashAlgorithm signatureAndHashAlgorithm in supportedSignatureAlgorithms) + { + byte hashAlgorithm = signatureAndHashAlgorithm.Hash; + + if (HashAlgorithm.IsRecognized(hashAlgorithm)) + { + handshakeHash.TrackHashAlgorithm(hashAlgorithm); + } + else //if (HashAlgorithm.IsPrivate(hashAlgorithm)) + { + // TODO Support values in the "Reserved for Private Use" range + } + } + } + } + + public static bool HasSigningCapability(byte clientCertificateType) + { + switch (clientCertificateType) + { + case ClientCertificateType.dss_sign: + case ClientCertificateType.ecdsa_sign: + case ClientCertificateType.rsa_sign: + return true; + default: + return false; + } + } + + public static TlsSigner CreateTlsSigner(byte clientCertificateType) + { + switch (clientCertificateType) + { + case ClientCertificateType.dss_sign: + return new TlsDssSigner(); + case ClientCertificateType.ecdsa_sign: + return new TlsECDsaSigner(); + case ClientCertificateType.rsa_sign: + return new TlsRsaSigner(); + default: + throw new ArgumentException("not a type with signing capability", "clientCertificateType"); + } + } + + internal static readonly byte[] SSL_CLIENT = {0x43, 0x4C, 0x4E, 0x54}; + internal static readonly byte[] SSL_SERVER = {0x53, 0x52, 0x56, 0x52}; + + // SSL3 magic mix constants ("A", "BB", "CCC", ...) + internal static readonly byte[][] SSL3_CONST = GenSsl3Const(); + + private static byte[][] GenSsl3Const() + { + int n = 10; + byte[][] arr = new byte[n][]; + for (int i = 0; i < n; i++) + { + byte[] b = new byte[i + 1]; + Arrays.Fill(b, (byte)('A' + i)); + arr[i] = b; + } + return arr; + } + + private static IList VectorOfOne(object obj) + { + IList v = Platform.CreateArrayList(1); + v.Add(obj); + return v; + } + + public static int GetCipherType(int ciphersuite) + { + switch (GetEncryptionAlgorithm(ciphersuite)) + { + case EncryptionAlgorithm.AES_128_CCM: + case EncryptionAlgorithm.AES_128_CCM_8: + case EncryptionAlgorithm.AES_128_GCM: + case EncryptionAlgorithm.AES_128_OCB_TAGLEN96: + case EncryptionAlgorithm.AES_256_CCM: + case EncryptionAlgorithm.AES_256_CCM_8: + case EncryptionAlgorithm.AES_256_GCM: + case EncryptionAlgorithm.AES_256_OCB_TAGLEN96: + case EncryptionAlgorithm.CAMELLIA_128_GCM: + case EncryptionAlgorithm.CAMELLIA_256_GCM: + case EncryptionAlgorithm.CHACHA20_POLY1305: + return CipherType.aead; + + case EncryptionAlgorithm.RC2_CBC_40: + case EncryptionAlgorithm.IDEA_CBC: + case EncryptionAlgorithm.DES40_CBC: + case EncryptionAlgorithm.DES_CBC: + case EncryptionAlgorithm.cls_3DES_EDE_CBC: + case EncryptionAlgorithm.AES_128_CBC: + case EncryptionAlgorithm.AES_256_CBC: + case EncryptionAlgorithm.CAMELLIA_128_CBC: + case EncryptionAlgorithm.CAMELLIA_256_CBC: + case EncryptionAlgorithm.SEED_CBC: + return CipherType.block; + + case EncryptionAlgorithm.NULL: + case EncryptionAlgorithm.RC4_40: + case EncryptionAlgorithm.RC4_128: + return CipherType.stream; + + default: + throw new TlsFatalAlert(AlertDescription.internal_error); + } + } + + public static int GetEncryptionAlgorithm(int ciphersuite) + { + switch (ciphersuite) + { + case CipherSuite.TLS_DH_anon_WITH_3DES_EDE_CBC_SHA: + case CipherSuite.TLS_DH_DSS_WITH_3DES_EDE_CBC_SHA: + case CipherSuite.TLS_DH_RSA_WITH_3DES_EDE_CBC_SHA: + case CipherSuite.TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA: + case CipherSuite.TLS_DHE_PSK_WITH_3DES_EDE_CBC_SHA: + case CipherSuite.TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA: + case CipherSuite.TLS_ECDH_anon_WITH_3DES_EDE_CBC_SHA: + case CipherSuite.TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA: + case CipherSuite.TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA: + case CipherSuite.TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA: + case CipherSuite.TLS_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA: + case CipherSuite.TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA: + case CipherSuite.TLS_PSK_WITH_3DES_EDE_CBC_SHA: + case CipherSuite.TLS_RSA_PSK_WITH_3DES_EDE_CBC_SHA: + case CipherSuite.TLS_RSA_WITH_3DES_EDE_CBC_SHA: + case CipherSuite.TLS_SRP_SHA_DSS_WITH_3DES_EDE_CBC_SHA: + case CipherSuite.TLS_SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHA: + case CipherSuite.TLS_SRP_SHA_WITH_3DES_EDE_CBC_SHA: + return EncryptionAlgorithm.cls_3DES_EDE_CBC; + + case CipherSuite.TLS_DH_anon_WITH_AES_128_CBC_SHA: + case CipherSuite.TLS_DH_anon_WITH_AES_128_CBC_SHA256: + case CipherSuite.TLS_DH_DSS_WITH_AES_128_CBC_SHA: + case CipherSuite.TLS_DH_DSS_WITH_AES_128_CBC_SHA256: + case CipherSuite.TLS_DH_RSA_WITH_AES_128_CBC_SHA: + case CipherSuite.TLS_DH_RSA_WITH_AES_128_CBC_SHA256: + case CipherSuite.TLS_DHE_DSS_WITH_AES_128_CBC_SHA: + case CipherSuite.TLS_DHE_DSS_WITH_AES_128_CBC_SHA256: + case CipherSuite.TLS_DHE_PSK_WITH_AES_128_CBC_SHA: + case CipherSuite.TLS_DHE_PSK_WITH_AES_128_CBC_SHA256: + case CipherSuite.TLS_DHE_RSA_WITH_AES_128_CBC_SHA: + case CipherSuite.TLS_DHE_RSA_WITH_AES_128_CBC_SHA256: + case CipherSuite.TLS_ECDH_anon_WITH_AES_128_CBC_SHA: + case CipherSuite.TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA: + case CipherSuite.TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256: + case CipherSuite.TLS_ECDH_RSA_WITH_AES_128_CBC_SHA: + case CipherSuite.TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256: + case CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA: + case CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256: + case CipherSuite.TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA: + case CipherSuite.TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256: + case CipherSuite.TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA: + case CipherSuite.TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256: + case CipherSuite.TLS_PSK_WITH_AES_128_CBC_SHA: + case CipherSuite.TLS_PSK_WITH_AES_128_CBC_SHA256: + case CipherSuite.TLS_RSA_PSK_WITH_AES_128_CBC_SHA: + case CipherSuite.TLS_RSA_PSK_WITH_AES_128_CBC_SHA256: + case CipherSuite.TLS_RSA_WITH_AES_128_CBC_SHA: + case CipherSuite.TLS_RSA_WITH_AES_128_CBC_SHA256: + case CipherSuite.TLS_SRP_SHA_DSS_WITH_AES_128_CBC_SHA: + case CipherSuite.TLS_SRP_SHA_RSA_WITH_AES_128_CBC_SHA: + case CipherSuite.TLS_SRP_SHA_WITH_AES_128_CBC_SHA: + return EncryptionAlgorithm.AES_128_CBC; + + case CipherSuite.TLS_DHE_PSK_WITH_AES_128_CCM: + case CipherSuite.TLS_DHE_RSA_WITH_AES_128_CCM: + case CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_128_CCM: + case CipherSuite.TLS_PSK_WITH_AES_128_CCM: + case CipherSuite.TLS_RSA_WITH_AES_128_CCM: + return EncryptionAlgorithm.AES_128_CCM; + + case CipherSuite.TLS_DHE_RSA_WITH_AES_128_CCM_8: + case CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8: + case CipherSuite.TLS_PSK_DHE_WITH_AES_128_CCM_8: + case CipherSuite.TLS_PSK_WITH_AES_128_CCM_8: + case CipherSuite.TLS_RSA_WITH_AES_128_CCM_8: + return EncryptionAlgorithm.AES_128_CCM_8; + + case CipherSuite.TLS_DH_anon_WITH_AES_128_GCM_SHA256: + case CipherSuite.TLS_DH_DSS_WITH_AES_128_GCM_SHA256: + case CipherSuite.TLS_DH_RSA_WITH_AES_128_GCM_SHA256: + case CipherSuite.TLS_DHE_DSS_WITH_AES_128_GCM_SHA256: + case CipherSuite.TLS_DHE_PSK_WITH_AES_128_GCM_SHA256: + case CipherSuite.TLS_DHE_RSA_WITH_AES_128_GCM_SHA256: + case CipherSuite.TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256: + case CipherSuite.TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256: + case CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256: + case CipherSuite.TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256: + case CipherSuite.TLS_PSK_WITH_AES_128_GCM_SHA256: + case CipherSuite.TLS_RSA_PSK_WITH_AES_128_GCM_SHA256: + case CipherSuite.TLS_RSA_WITH_AES_128_GCM_SHA256: + return EncryptionAlgorithm.AES_128_GCM; + + case CipherSuite.TLS_DH_anon_WITH_AES_256_CBC_SHA: + case CipherSuite.TLS_DH_anon_WITH_AES_256_CBC_SHA256: + case CipherSuite.TLS_DH_DSS_WITH_AES_256_CBC_SHA: + case CipherSuite.TLS_DH_DSS_WITH_AES_256_CBC_SHA256: + case CipherSuite.TLS_DH_RSA_WITH_AES_256_CBC_SHA: + case CipherSuite.TLS_DH_RSA_WITH_AES_256_CBC_SHA256: + case CipherSuite.TLS_DHE_DSS_WITH_AES_256_CBC_SHA: + case CipherSuite.TLS_DHE_DSS_WITH_AES_256_CBC_SHA256: + case CipherSuite.TLS_DHE_PSK_WITH_AES_256_CBC_SHA: + case CipherSuite.TLS_DHE_PSK_WITH_AES_256_CBC_SHA384: + case CipherSuite.TLS_DHE_RSA_WITH_AES_256_CBC_SHA: + case CipherSuite.TLS_DHE_RSA_WITH_AES_256_CBC_SHA256: + case CipherSuite.TLS_ECDH_anon_WITH_AES_256_CBC_SHA: + case CipherSuite.TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA: + case CipherSuite.TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384: + case CipherSuite.TLS_ECDH_RSA_WITH_AES_256_CBC_SHA: + case CipherSuite.TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384: + case CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA: + case CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384: + case CipherSuite.TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA: + case CipherSuite.TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384: + case CipherSuite.TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA: + case CipherSuite.TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384: + case CipherSuite.TLS_PSK_WITH_AES_256_CBC_SHA: + case CipherSuite.TLS_PSK_WITH_AES_256_CBC_SHA384: + case CipherSuite.TLS_RSA_PSK_WITH_AES_256_CBC_SHA: + case CipherSuite.TLS_RSA_PSK_WITH_AES_256_CBC_SHA384: + case CipherSuite.TLS_RSA_WITH_AES_256_CBC_SHA: + case CipherSuite.TLS_RSA_WITH_AES_256_CBC_SHA256: + case CipherSuite.TLS_SRP_SHA_DSS_WITH_AES_256_CBC_SHA: + case CipherSuite.TLS_SRP_SHA_RSA_WITH_AES_256_CBC_SHA: + case CipherSuite.TLS_SRP_SHA_WITH_AES_256_CBC_SHA: + return EncryptionAlgorithm.AES_256_CBC; + + case CipherSuite.TLS_DHE_PSK_WITH_AES_256_CCM: + case CipherSuite.TLS_DHE_RSA_WITH_AES_256_CCM: + case CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_256_CCM: + case CipherSuite.TLS_PSK_WITH_AES_256_CCM: + case CipherSuite.TLS_RSA_WITH_AES_256_CCM: + return EncryptionAlgorithm.AES_256_CCM; + + case CipherSuite.TLS_DHE_RSA_WITH_AES_256_CCM_8: + case CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_256_CCM_8: + case CipherSuite.TLS_PSK_DHE_WITH_AES_256_CCM_8: + case CipherSuite.TLS_PSK_WITH_AES_256_CCM_8: + case CipherSuite.TLS_RSA_WITH_AES_256_CCM_8: + return EncryptionAlgorithm.AES_256_CCM_8; + + case CipherSuite.TLS_DH_anon_WITH_AES_256_GCM_SHA384: + case CipherSuite.TLS_DH_DSS_WITH_AES_256_GCM_SHA384: + case CipherSuite.TLS_DH_RSA_WITH_AES_256_GCM_SHA384: + case CipherSuite.TLS_DHE_DSS_WITH_AES_256_GCM_SHA384: + case CipherSuite.TLS_DHE_PSK_WITH_AES_256_GCM_SHA384: + case CipherSuite.TLS_DHE_RSA_WITH_AES_256_GCM_SHA384: + case CipherSuite.TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384: + case CipherSuite.TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384: + case CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384: + case CipherSuite.TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384: + case CipherSuite.TLS_PSK_WITH_AES_256_GCM_SHA384: + case CipherSuite.TLS_RSA_PSK_WITH_AES_256_GCM_SHA384: + case CipherSuite.TLS_RSA_WITH_AES_256_GCM_SHA384: + return EncryptionAlgorithm.AES_256_GCM; + + case CipherSuite.TLS_DH_anon_WITH_CAMELLIA_128_CBC_SHA: + case CipherSuite.TLS_DH_anon_WITH_CAMELLIA_128_CBC_SHA256: + case CipherSuite.TLS_DH_DSS_WITH_CAMELLIA_128_CBC_SHA: + case CipherSuite.TLS_DH_DSS_WITH_CAMELLIA_128_CBC_SHA256: + case CipherSuite.TLS_DH_RSA_WITH_CAMELLIA_128_CBC_SHA: + case CipherSuite.TLS_DH_RSA_WITH_CAMELLIA_128_CBC_SHA256: + case CipherSuite.TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA: + case CipherSuite.TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA256: + case CipherSuite.TLS_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256: + case CipherSuite.TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA: + case CipherSuite.TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256: + case CipherSuite.TLS_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256: + case CipherSuite.TLS_ECDH_RSA_WITH_CAMELLIA_128_CBC_SHA256: + case CipherSuite.TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256: + case CipherSuite.TLS_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256: + case CipherSuite.TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256: + case CipherSuite.TLS_PSK_WITH_CAMELLIA_128_CBC_SHA256: + case CipherSuite.TLS_RSA_WITH_CAMELLIA_128_CBC_SHA: + case CipherSuite.TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256: + case CipherSuite.TLS_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256: + return EncryptionAlgorithm.CAMELLIA_128_CBC; + + case CipherSuite.TLS_DH_anon_WITH_CAMELLIA_128_GCM_SHA256: + case CipherSuite.TLS_DH_DSS_WITH_CAMELLIA_128_GCM_SHA256: + case CipherSuite.TLS_DH_RSA_WITH_CAMELLIA_128_GCM_SHA256: + case CipherSuite.TLS_DHE_DSS_WITH_CAMELLIA_128_GCM_SHA256: + case CipherSuite.TLS_DHE_PSK_WITH_CAMELLIA_128_GCM_SHA256: + case CipherSuite.TLS_DHE_RSA_WITH_CAMELLIA_128_GCM_SHA256: + case CipherSuite.TLS_ECDH_ECDSA_WITH_CAMELLIA_128_GCM_SHA256: + case CipherSuite.TLS_ECDH_RSA_WITH_CAMELLIA_128_GCM_SHA256: + case CipherSuite.TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_GCM_SHA256: + case CipherSuite.TLS_ECDHE_RSA_WITH_CAMELLIA_128_GCM_SHA256: + case CipherSuite.TLS_PSK_WITH_CAMELLIA_128_GCM_SHA256: + case CipherSuite.TLS_RSA_PSK_WITH_CAMELLIA_128_GCM_SHA256: + case CipherSuite.TLS_RSA_WITH_CAMELLIA_128_GCM_SHA256: + return EncryptionAlgorithm.CAMELLIA_128_GCM; + + case CipherSuite.TLS_DH_anon_WITH_CAMELLIA_256_CBC_SHA: + case CipherSuite.TLS_DH_anon_WITH_CAMELLIA_256_CBC_SHA256: + case CipherSuite.TLS_DH_DSS_WITH_CAMELLIA_256_CBC_SHA: + case CipherSuite.TLS_DH_DSS_WITH_CAMELLIA_256_CBC_SHA256: + case CipherSuite.TLS_DH_RSA_WITH_CAMELLIA_256_CBC_SHA: + case CipherSuite.TLS_DH_RSA_WITH_CAMELLIA_256_CBC_SHA256: + case CipherSuite.TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA: + case CipherSuite.TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA256: + case CipherSuite.TLS_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384: + case CipherSuite.TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA: + case CipherSuite.TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256: + case CipherSuite.TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384: + case CipherSuite.TLS_ECDH_RSA_WITH_CAMELLIA_256_CBC_SHA384: + case CipherSuite.TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384: + case CipherSuite.TLS_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384: + case CipherSuite.TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384: + case CipherSuite.TLS_PSK_WITH_CAMELLIA_256_CBC_SHA384: + case CipherSuite.TLS_RSA_WITH_CAMELLIA_256_CBC_SHA: + case CipherSuite.TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256: + case CipherSuite.TLS_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384: + return EncryptionAlgorithm.CAMELLIA_256_CBC; + + case CipherSuite.TLS_DH_anon_WITH_CAMELLIA_256_GCM_SHA384: + case CipherSuite.TLS_DH_DSS_WITH_CAMELLIA_256_GCM_SHA384: + case CipherSuite.TLS_DH_RSA_WITH_CAMELLIA_256_GCM_SHA384: + case CipherSuite.TLS_DHE_DSS_WITH_CAMELLIA_256_GCM_SHA384: + case CipherSuite.TLS_DHE_PSK_WITH_CAMELLIA_256_GCM_SHA384: + case CipherSuite.TLS_DHE_RSA_WITH_CAMELLIA_256_GCM_SHA384: + case CipherSuite.TLS_ECDH_ECDSA_WITH_CAMELLIA_256_GCM_SHA384: + case CipherSuite.TLS_ECDH_RSA_WITH_CAMELLIA_256_GCM_SHA384: + case CipherSuite.TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_GCM_SHA384: + case CipherSuite.TLS_ECDHE_RSA_WITH_CAMELLIA_256_GCM_SHA384: + case CipherSuite.TLS_PSK_WITH_CAMELLIA_256_GCM_SHA384: + case CipherSuite.TLS_RSA_PSK_WITH_CAMELLIA_256_GCM_SHA384: + case CipherSuite.TLS_RSA_WITH_CAMELLIA_256_GCM_SHA384: + return EncryptionAlgorithm.CAMELLIA_256_GCM; + + case CipherSuite.DRAFT_TLS_DHE_PSK_WITH_CHACHA20_POLY1305_SHA256: + case CipherSuite.DRAFT_TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256: + case CipherSuite.DRAFT_TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256: + case CipherSuite.DRAFT_TLS_ECDHE_PSK_WITH_CHACHA20_POLY1305_SHA256: + case CipherSuite.DRAFT_TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256: + case CipherSuite.DRAFT_TLS_PSK_WITH_CHACHA20_POLY1305_SHA256: + case CipherSuite.DRAFT_TLS_RSA_PSK_WITH_CHACHA20_POLY1305_SHA256: + return EncryptionAlgorithm.CHACHA20_POLY1305; + + case CipherSuite.TLS_RSA_WITH_NULL_MD5: + return EncryptionAlgorithm.NULL; + + case CipherSuite.TLS_DHE_PSK_WITH_NULL_SHA: + case CipherSuite.TLS_ECDH_anon_WITH_NULL_SHA: + case CipherSuite.TLS_ECDH_ECDSA_WITH_NULL_SHA: + case CipherSuite.TLS_ECDH_RSA_WITH_NULL_SHA: + case CipherSuite.TLS_ECDHE_ECDSA_WITH_NULL_SHA: + case CipherSuite.TLS_ECDHE_PSK_WITH_NULL_SHA: + case CipherSuite.TLS_ECDHE_RSA_WITH_NULL_SHA: + case CipherSuite.TLS_PSK_WITH_NULL_SHA: + case CipherSuite.TLS_RSA_PSK_WITH_NULL_SHA: + case CipherSuite.TLS_RSA_WITH_NULL_SHA: + return EncryptionAlgorithm.NULL; + + case CipherSuite.TLS_DHE_PSK_WITH_NULL_SHA256: + case CipherSuite.TLS_ECDHE_PSK_WITH_NULL_SHA256: + case CipherSuite.TLS_PSK_WITH_NULL_SHA256: + case CipherSuite.TLS_RSA_PSK_WITH_NULL_SHA256: + case CipherSuite.TLS_RSA_WITH_NULL_SHA256: + return EncryptionAlgorithm.NULL; + + case CipherSuite.TLS_DHE_PSK_WITH_NULL_SHA384: + case CipherSuite.TLS_ECDHE_PSK_WITH_NULL_SHA384: + case CipherSuite.TLS_PSK_WITH_NULL_SHA384: + case CipherSuite.TLS_RSA_PSK_WITH_NULL_SHA384: + return EncryptionAlgorithm.NULL; + + case CipherSuite.TLS_DH_anon_WITH_RC4_128_MD5: + case CipherSuite.TLS_RSA_WITH_RC4_128_MD5: + return EncryptionAlgorithm.RC4_128; + + case CipherSuite.TLS_DHE_PSK_WITH_RC4_128_SHA: + case CipherSuite.TLS_ECDH_anon_WITH_RC4_128_SHA: + case CipherSuite.TLS_ECDH_ECDSA_WITH_RC4_128_SHA: + case CipherSuite.TLS_ECDH_RSA_WITH_RC4_128_SHA: + case CipherSuite.TLS_ECDHE_ECDSA_WITH_RC4_128_SHA: + case CipherSuite.TLS_ECDHE_PSK_WITH_RC4_128_SHA: + case CipherSuite.TLS_ECDHE_RSA_WITH_RC4_128_SHA: + case CipherSuite.TLS_PSK_WITH_RC4_128_SHA: + case CipherSuite.TLS_RSA_WITH_RC4_128_SHA: + case CipherSuite.TLS_RSA_PSK_WITH_RC4_128_SHA: + return EncryptionAlgorithm.RC4_128; + + case CipherSuite.TLS_DH_anon_WITH_SEED_CBC_SHA: + case CipherSuite.TLS_DH_DSS_WITH_SEED_CBC_SHA: + case CipherSuite.TLS_DH_RSA_WITH_SEED_CBC_SHA: + case CipherSuite.TLS_DHE_DSS_WITH_SEED_CBC_SHA: + case CipherSuite.TLS_DHE_RSA_WITH_SEED_CBC_SHA: + case CipherSuite.TLS_RSA_WITH_SEED_CBC_SHA: + return EncryptionAlgorithm.SEED_CBC; + + default: + throw new TlsFatalAlert(AlertDescription.internal_error); + } + } + + public static int GetKeyExchangeAlgorithm(int ciphersuite) + { + switch (ciphersuite) + { + case CipherSuite.TLS_DH_anon_WITH_3DES_EDE_CBC_SHA: + case CipherSuite.TLS_DH_anon_WITH_AES_128_CBC_SHA: + case CipherSuite.TLS_DH_anon_WITH_AES_128_CBC_SHA256: + case CipherSuite.TLS_DH_anon_WITH_AES_128_GCM_SHA256: + case CipherSuite.TLS_DH_anon_WITH_AES_256_CBC_SHA: + case CipherSuite.TLS_DH_anon_WITH_AES_256_CBC_SHA256: + case CipherSuite.TLS_DH_anon_WITH_AES_256_GCM_SHA384: + case CipherSuite.TLS_DH_anon_WITH_CAMELLIA_128_CBC_SHA: + case CipherSuite.TLS_DH_anon_WITH_CAMELLIA_128_CBC_SHA256: + case CipherSuite.TLS_DH_anon_WITH_CAMELLIA_128_GCM_SHA256: + case CipherSuite.TLS_DH_anon_WITH_CAMELLIA_256_CBC_SHA: + case CipherSuite.TLS_DH_anon_WITH_CAMELLIA_256_CBC_SHA256: + case CipherSuite.TLS_DH_anon_WITH_CAMELLIA_256_GCM_SHA384: + case CipherSuite.TLS_DH_anon_WITH_RC4_128_MD5: + case CipherSuite.TLS_DH_anon_WITH_SEED_CBC_SHA: + return KeyExchangeAlgorithm.DH_anon; + + case CipherSuite.TLS_DH_DSS_WITH_3DES_EDE_CBC_SHA: + case CipherSuite.TLS_DH_DSS_WITH_AES_128_CBC_SHA: + case CipherSuite.TLS_DH_DSS_WITH_AES_128_CBC_SHA256: + case CipherSuite.TLS_DH_DSS_WITH_AES_128_GCM_SHA256: + case CipherSuite.TLS_DH_DSS_WITH_AES_256_CBC_SHA: + case CipherSuite.TLS_DH_DSS_WITH_AES_256_CBC_SHA256: + case CipherSuite.TLS_DH_DSS_WITH_AES_256_GCM_SHA384: + case CipherSuite.TLS_DH_DSS_WITH_CAMELLIA_128_CBC_SHA: + case CipherSuite.TLS_DH_DSS_WITH_CAMELLIA_128_CBC_SHA256: + case CipherSuite.TLS_DH_DSS_WITH_CAMELLIA_128_GCM_SHA256: + case CipherSuite.TLS_DH_DSS_WITH_CAMELLIA_256_CBC_SHA: + case CipherSuite.TLS_DH_DSS_WITH_CAMELLIA_256_CBC_SHA256: + case CipherSuite.TLS_DH_DSS_WITH_CAMELLIA_256_GCM_SHA384: + case CipherSuite.TLS_DH_DSS_WITH_SEED_CBC_SHA: + return KeyExchangeAlgorithm.DH_DSS; + + case CipherSuite.TLS_DH_RSA_WITH_3DES_EDE_CBC_SHA: + case CipherSuite.TLS_DH_RSA_WITH_AES_128_CBC_SHA: + case CipherSuite.TLS_DH_RSA_WITH_AES_128_CBC_SHA256: + case CipherSuite.TLS_DH_RSA_WITH_AES_128_GCM_SHA256: + case CipherSuite.TLS_DH_RSA_WITH_AES_256_CBC_SHA: + case CipherSuite.TLS_DH_RSA_WITH_AES_256_CBC_SHA256: + case CipherSuite.TLS_DH_RSA_WITH_AES_256_GCM_SHA384: + case CipherSuite.TLS_DH_RSA_WITH_CAMELLIA_128_CBC_SHA: + case CipherSuite.TLS_DH_RSA_WITH_CAMELLIA_128_CBC_SHA256: + case CipherSuite.TLS_DH_RSA_WITH_CAMELLIA_128_GCM_SHA256: + case CipherSuite.TLS_DH_RSA_WITH_CAMELLIA_256_CBC_SHA: + case CipherSuite.TLS_DH_RSA_WITH_CAMELLIA_256_CBC_SHA256: + case CipherSuite.TLS_DH_RSA_WITH_CAMELLIA_256_GCM_SHA384: + case CipherSuite.TLS_DH_RSA_WITH_SEED_CBC_SHA: + return KeyExchangeAlgorithm.DH_RSA; + + case CipherSuite.TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA: + case CipherSuite.TLS_DHE_DSS_WITH_AES_128_CBC_SHA: + case CipherSuite.TLS_DHE_DSS_WITH_AES_128_CBC_SHA256: + case CipherSuite.TLS_DHE_DSS_WITH_AES_128_GCM_SHA256: + case CipherSuite.TLS_DHE_DSS_WITH_AES_256_CBC_SHA: + case CipherSuite.TLS_DHE_DSS_WITH_AES_256_CBC_SHA256: + case CipherSuite.TLS_DHE_DSS_WITH_AES_256_GCM_SHA384: + case CipherSuite.TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA: + case CipherSuite.TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA256: + case CipherSuite.TLS_DHE_DSS_WITH_CAMELLIA_128_GCM_SHA256: + case CipherSuite.TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA: + case CipherSuite.TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA256: + case CipherSuite.TLS_DHE_DSS_WITH_CAMELLIA_256_GCM_SHA384: + case CipherSuite.TLS_DHE_DSS_WITH_SEED_CBC_SHA: + return KeyExchangeAlgorithm.DHE_DSS; + + case CipherSuite.TLS_DHE_PSK_WITH_3DES_EDE_CBC_SHA: + case CipherSuite.TLS_DHE_PSK_WITH_AES_128_CBC_SHA: + case CipherSuite.TLS_DHE_PSK_WITH_AES_128_CBC_SHA256: + case CipherSuite.TLS_DHE_PSK_WITH_AES_128_CCM: + case CipherSuite.TLS_DHE_PSK_WITH_AES_128_GCM_SHA256: + case CipherSuite.TLS_DHE_PSK_WITH_AES_256_CBC_SHA: + case CipherSuite.TLS_DHE_PSK_WITH_AES_256_CBC_SHA384: + case CipherSuite.TLS_DHE_PSK_WITH_AES_256_CCM: + case CipherSuite.TLS_DHE_PSK_WITH_AES_256_GCM_SHA384: + case CipherSuite.TLS_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256: + case CipherSuite.TLS_DHE_PSK_WITH_CAMELLIA_128_GCM_SHA256: + case CipherSuite.TLS_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384: + case CipherSuite.TLS_DHE_PSK_WITH_CAMELLIA_256_GCM_SHA384: + case CipherSuite.DRAFT_TLS_DHE_PSK_WITH_CHACHA20_POLY1305_SHA256: + case CipherSuite.TLS_DHE_PSK_WITH_NULL_SHA: + case CipherSuite.TLS_DHE_PSK_WITH_NULL_SHA256: + case CipherSuite.TLS_DHE_PSK_WITH_NULL_SHA384: + case CipherSuite.TLS_DHE_PSK_WITH_RC4_128_SHA: + case CipherSuite.TLS_PSK_DHE_WITH_AES_128_CCM_8: + case CipherSuite.TLS_PSK_DHE_WITH_AES_256_CCM_8: + return KeyExchangeAlgorithm.DHE_PSK; + + case CipherSuite.TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA: + case CipherSuite.TLS_DHE_RSA_WITH_AES_128_CBC_SHA: + case CipherSuite.TLS_DHE_RSA_WITH_AES_128_CBC_SHA256: + case CipherSuite.TLS_DHE_RSA_WITH_AES_128_CCM: + case CipherSuite.TLS_DHE_RSA_WITH_AES_128_CCM_8: + case CipherSuite.TLS_DHE_RSA_WITH_AES_128_GCM_SHA256: + case CipherSuite.TLS_DHE_RSA_WITH_AES_256_CBC_SHA: + case CipherSuite.TLS_DHE_RSA_WITH_AES_256_CBC_SHA256: + case CipherSuite.TLS_DHE_RSA_WITH_AES_256_CCM: + case CipherSuite.TLS_DHE_RSA_WITH_AES_256_CCM_8: + case CipherSuite.TLS_DHE_RSA_WITH_AES_256_GCM_SHA384: + case CipherSuite.TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA: + case CipherSuite.TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256: + case CipherSuite.TLS_DHE_RSA_WITH_CAMELLIA_128_GCM_SHA256: + case CipherSuite.TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA: + case CipherSuite.TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256: + case CipherSuite.TLS_DHE_RSA_WITH_CAMELLIA_256_GCM_SHA384: + case CipherSuite.DRAFT_TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256: + case CipherSuite.TLS_DHE_RSA_WITH_SEED_CBC_SHA: + return KeyExchangeAlgorithm.DHE_RSA; + + case CipherSuite.TLS_ECDH_anon_WITH_3DES_EDE_CBC_SHA: + case CipherSuite.TLS_ECDH_anon_WITH_AES_128_CBC_SHA: + case CipherSuite.TLS_ECDH_anon_WITH_AES_256_CBC_SHA: + case CipherSuite.TLS_ECDH_anon_WITH_NULL_SHA: + case CipherSuite.TLS_ECDH_anon_WITH_RC4_128_SHA: + return KeyExchangeAlgorithm.ECDH_anon; + + case CipherSuite.TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA: + case CipherSuite.TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA: + case CipherSuite.TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256: + case CipherSuite.TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256: + case CipherSuite.TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA: + case CipherSuite.TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384: + case CipherSuite.TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384: + case CipherSuite.TLS_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256: + case CipherSuite.TLS_ECDH_ECDSA_WITH_CAMELLIA_128_GCM_SHA256: + case CipherSuite.TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384: + case CipherSuite.TLS_ECDH_ECDSA_WITH_CAMELLIA_256_GCM_SHA384: + case CipherSuite.TLS_ECDH_ECDSA_WITH_NULL_SHA: + case CipherSuite.TLS_ECDH_ECDSA_WITH_RC4_128_SHA: + return KeyExchangeAlgorithm.ECDH_ECDSA; + + case CipherSuite.TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA: + case CipherSuite.TLS_ECDH_RSA_WITH_AES_128_CBC_SHA: + case CipherSuite.TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256: + case CipherSuite.TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256: + case CipherSuite.TLS_ECDH_RSA_WITH_AES_256_CBC_SHA: + case CipherSuite.TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384: + case CipherSuite.TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384: + case CipherSuite.TLS_ECDH_RSA_WITH_CAMELLIA_128_CBC_SHA256: + case CipherSuite.TLS_ECDH_RSA_WITH_CAMELLIA_128_GCM_SHA256: + case CipherSuite.TLS_ECDH_RSA_WITH_CAMELLIA_256_CBC_SHA384: + case CipherSuite.TLS_ECDH_RSA_WITH_CAMELLIA_256_GCM_SHA384: + case CipherSuite.TLS_ECDH_RSA_WITH_NULL_SHA: + case CipherSuite.TLS_ECDH_RSA_WITH_RC4_128_SHA: + return KeyExchangeAlgorithm.ECDH_RSA; + + case CipherSuite.TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA: + case CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA: + case CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256: + case CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_128_CCM: + case CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8: + case CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256: + case CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA: + case CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384: + case CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_256_CCM: + case CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_256_CCM_8: + case CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384: + case CipherSuite.TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256: + case CipherSuite.TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_GCM_SHA256: + case CipherSuite.TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384: + case CipherSuite.TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_GCM_SHA384: + case CipherSuite.DRAFT_TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256: + case CipherSuite.TLS_ECDHE_ECDSA_WITH_NULL_SHA: + case CipherSuite.TLS_ECDHE_ECDSA_WITH_RC4_128_SHA: + return KeyExchangeAlgorithm.ECDHE_ECDSA; + + case CipherSuite.TLS_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA: + case CipherSuite.TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA: + case CipherSuite.TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256: + case CipherSuite.TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA: + case CipherSuite.TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384: + case CipherSuite.TLS_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256: + case CipherSuite.TLS_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384: + case CipherSuite.DRAFT_TLS_ECDHE_PSK_WITH_CHACHA20_POLY1305_SHA256: + case CipherSuite.TLS_ECDHE_PSK_WITH_NULL_SHA: + case CipherSuite.TLS_ECDHE_PSK_WITH_NULL_SHA256: + case CipherSuite.TLS_ECDHE_PSK_WITH_NULL_SHA384: + case CipherSuite.TLS_ECDHE_PSK_WITH_RC4_128_SHA: + return KeyExchangeAlgorithm.ECDHE_PSK; + + case CipherSuite.TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA: + case CipherSuite.TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA: + case CipherSuite.TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256: + case CipherSuite.TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256: + case CipherSuite.TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA: + case CipherSuite.TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384: + case CipherSuite.TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384: + case CipherSuite.TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256: + case CipherSuite.TLS_ECDHE_RSA_WITH_CAMELLIA_128_GCM_SHA256: + case CipherSuite.TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384: + case CipherSuite.TLS_ECDHE_RSA_WITH_CAMELLIA_256_GCM_SHA384: + case CipherSuite.DRAFT_TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256: + case CipherSuite.TLS_ECDHE_RSA_WITH_NULL_SHA: + case CipherSuite.TLS_ECDHE_RSA_WITH_RC4_128_SHA: + return KeyExchangeAlgorithm.ECDHE_RSA; + + case CipherSuite.TLS_PSK_WITH_3DES_EDE_CBC_SHA: + case CipherSuite.TLS_PSK_WITH_AES_128_CBC_SHA: + case CipherSuite.TLS_PSK_WITH_AES_128_CBC_SHA256: + case CipherSuite.TLS_PSK_WITH_AES_128_CCM: + case CipherSuite.TLS_PSK_WITH_AES_128_CCM_8: + case CipherSuite.TLS_PSK_WITH_AES_128_GCM_SHA256: + case CipherSuite.TLS_PSK_WITH_AES_256_CBC_SHA: + case CipherSuite.TLS_PSK_WITH_AES_256_CBC_SHA384: + case CipherSuite.TLS_PSK_WITH_AES_256_CCM: + case CipherSuite.TLS_PSK_WITH_AES_256_CCM_8: + case CipherSuite.TLS_PSK_WITH_AES_256_GCM_SHA384: + case CipherSuite.TLS_PSK_WITH_CAMELLIA_128_CBC_SHA256: + case CipherSuite.TLS_PSK_WITH_CAMELLIA_128_GCM_SHA256: + case CipherSuite.TLS_PSK_WITH_CAMELLIA_256_CBC_SHA384: + case CipherSuite.TLS_PSK_WITH_CAMELLIA_256_GCM_SHA384: + case CipherSuite.DRAFT_TLS_PSK_WITH_CHACHA20_POLY1305_SHA256: + case CipherSuite.TLS_PSK_WITH_NULL_SHA: + case CipherSuite.TLS_PSK_WITH_NULL_SHA256: + case CipherSuite.TLS_PSK_WITH_NULL_SHA384: + case CipherSuite.TLS_PSK_WITH_RC4_128_SHA: + return KeyExchangeAlgorithm.PSK; + + case CipherSuite.TLS_RSA_WITH_3DES_EDE_CBC_SHA: + case CipherSuite.TLS_RSA_WITH_AES_128_CBC_SHA: + case CipherSuite.TLS_RSA_WITH_AES_128_CBC_SHA256: + case CipherSuite.TLS_RSA_WITH_AES_128_CCM: + case CipherSuite.TLS_RSA_WITH_AES_128_CCM_8: + case CipherSuite.TLS_RSA_WITH_AES_128_GCM_SHA256: + case CipherSuite.TLS_RSA_WITH_AES_256_CBC_SHA: + case CipherSuite.TLS_RSA_WITH_AES_256_CBC_SHA256: + case CipherSuite.TLS_RSA_WITH_AES_256_CCM: + case CipherSuite.TLS_RSA_WITH_AES_256_CCM_8: + case CipherSuite.TLS_RSA_WITH_AES_256_GCM_SHA384: + case CipherSuite.TLS_RSA_WITH_CAMELLIA_128_CBC_SHA: + case CipherSuite.TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256: + case CipherSuite.TLS_RSA_WITH_CAMELLIA_128_GCM_SHA256: + case CipherSuite.TLS_RSA_WITH_CAMELLIA_256_CBC_SHA: + case CipherSuite.TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256: + case CipherSuite.TLS_RSA_WITH_CAMELLIA_256_GCM_SHA384: + case CipherSuite.DRAFT_TLS_RSA_PSK_WITH_CHACHA20_POLY1305_SHA256: + case CipherSuite.TLS_RSA_WITH_NULL_MD5: + case CipherSuite.TLS_RSA_WITH_NULL_SHA: + case CipherSuite.TLS_RSA_WITH_NULL_SHA256: + case CipherSuite.TLS_RSA_WITH_RC4_128_MD5: + case CipherSuite.TLS_RSA_WITH_RC4_128_SHA: + case CipherSuite.TLS_RSA_WITH_SEED_CBC_SHA: + return KeyExchangeAlgorithm.RSA; + + case CipherSuite.TLS_RSA_PSK_WITH_3DES_EDE_CBC_SHA: + case CipherSuite.TLS_RSA_PSK_WITH_AES_128_CBC_SHA: + case CipherSuite.TLS_RSA_PSK_WITH_AES_128_CBC_SHA256: + case CipherSuite.TLS_RSA_PSK_WITH_AES_128_GCM_SHA256: + case CipherSuite.TLS_RSA_PSK_WITH_AES_256_CBC_SHA: + case CipherSuite.TLS_RSA_PSK_WITH_AES_256_CBC_SHA384: + case CipherSuite.TLS_RSA_PSK_WITH_AES_256_GCM_SHA384: + case CipherSuite.TLS_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256: + case CipherSuite.TLS_RSA_PSK_WITH_CAMELLIA_128_GCM_SHA256: + case CipherSuite.TLS_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384: + case CipherSuite.TLS_RSA_PSK_WITH_CAMELLIA_256_GCM_SHA384: + case CipherSuite.TLS_RSA_PSK_WITH_NULL_SHA: + case CipherSuite.TLS_RSA_PSK_WITH_NULL_SHA256: + case CipherSuite.TLS_RSA_PSK_WITH_NULL_SHA384: + case CipherSuite.TLS_RSA_PSK_WITH_RC4_128_SHA: + return KeyExchangeAlgorithm.RSA_PSK; + + case CipherSuite.TLS_SRP_SHA_WITH_3DES_EDE_CBC_SHA: + case CipherSuite.TLS_SRP_SHA_WITH_AES_128_CBC_SHA: + case CipherSuite.TLS_SRP_SHA_WITH_AES_256_CBC_SHA: + return KeyExchangeAlgorithm.SRP; + + case CipherSuite.TLS_SRP_SHA_DSS_WITH_3DES_EDE_CBC_SHA: + case CipherSuite.TLS_SRP_SHA_DSS_WITH_AES_128_CBC_SHA: + case CipherSuite.TLS_SRP_SHA_DSS_WITH_AES_256_CBC_SHA: + return KeyExchangeAlgorithm.SRP_DSS; + + case CipherSuite.TLS_SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHA: + case CipherSuite.TLS_SRP_SHA_RSA_WITH_AES_128_CBC_SHA: + case CipherSuite.TLS_SRP_SHA_RSA_WITH_AES_256_CBC_SHA: + return KeyExchangeAlgorithm.SRP_RSA; + + default: + throw new TlsFatalAlert(AlertDescription.internal_error); + } + } + + public static int GetMacAlgorithm(int ciphersuite) + { + switch (ciphersuite) + { + case CipherSuite.TLS_DH_anon_WITH_AES_128_GCM_SHA256: + case CipherSuite.TLS_DH_anon_WITH_AES_256_GCM_SHA384: + case CipherSuite.TLS_DH_anon_WITH_CAMELLIA_128_GCM_SHA256: + case CipherSuite.TLS_DH_anon_WITH_CAMELLIA_256_GCM_SHA384: + case CipherSuite.TLS_DH_DSS_WITH_AES_128_GCM_SHA256: + case CipherSuite.TLS_DH_DSS_WITH_AES_256_GCM_SHA384: + case CipherSuite.TLS_DH_DSS_WITH_CAMELLIA_128_GCM_SHA256: + case CipherSuite.TLS_DH_DSS_WITH_CAMELLIA_256_GCM_SHA384: + case CipherSuite.TLS_DH_RSA_WITH_AES_128_GCM_SHA256: + case CipherSuite.TLS_DH_RSA_WITH_AES_256_GCM_SHA384: + case CipherSuite.TLS_DH_RSA_WITH_CAMELLIA_128_GCM_SHA256: + case CipherSuite.TLS_DH_RSA_WITH_CAMELLIA_256_GCM_SHA384: + case CipherSuite.TLS_DHE_DSS_WITH_AES_128_GCM_SHA256: + case CipherSuite.TLS_DHE_DSS_WITH_AES_256_GCM_SHA384: + case CipherSuite.TLS_DHE_DSS_WITH_CAMELLIA_128_GCM_SHA256: + case CipherSuite.TLS_DHE_DSS_WITH_CAMELLIA_256_GCM_SHA384: + case CipherSuite.TLS_DHE_PSK_WITH_AES_128_CCM: + case CipherSuite.TLS_DHE_PSK_WITH_AES_128_GCM_SHA256: + case CipherSuite.TLS_DHE_PSK_WITH_AES_256_CCM: + case CipherSuite.TLS_DHE_PSK_WITH_AES_256_GCM_SHA384: + case CipherSuite.TLS_DHE_PSK_WITH_CAMELLIA_128_GCM_SHA256: + case CipherSuite.TLS_DHE_PSK_WITH_CAMELLIA_256_GCM_SHA384: + case CipherSuite.DRAFT_TLS_DHE_PSK_WITH_CHACHA20_POLY1305_SHA256: + case CipherSuite.TLS_DHE_RSA_WITH_AES_128_CCM: + case CipherSuite.TLS_DHE_RSA_WITH_AES_128_CCM_8: + case CipherSuite.TLS_DHE_RSA_WITH_AES_128_GCM_SHA256: + case CipherSuite.TLS_DHE_RSA_WITH_AES_256_CCM: + case CipherSuite.TLS_DHE_RSA_WITH_AES_256_CCM_8: + case CipherSuite.TLS_DHE_RSA_WITH_AES_256_GCM_SHA384: + case CipherSuite.TLS_DHE_RSA_WITH_CAMELLIA_128_GCM_SHA256: + case CipherSuite.TLS_DHE_RSA_WITH_CAMELLIA_256_GCM_SHA384: + case CipherSuite.DRAFT_TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256: + case CipherSuite.TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256: + case CipherSuite.TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384: + case CipherSuite.TLS_ECDH_ECDSA_WITH_CAMELLIA_128_GCM_SHA256: + case CipherSuite.TLS_ECDH_ECDSA_WITH_CAMELLIA_256_GCM_SHA384: + case CipherSuite.TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256: + case CipherSuite.TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384: + case CipherSuite.TLS_ECDH_RSA_WITH_CAMELLIA_128_GCM_SHA256: + case CipherSuite.TLS_ECDH_RSA_WITH_CAMELLIA_256_GCM_SHA384: + case CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_128_CCM: + case CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8: + case CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256: + case CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_256_CCM: + case CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_256_CCM_8: + case CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384: + case CipherSuite.TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_GCM_SHA256: + case CipherSuite.TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_GCM_SHA384: + case CipherSuite.DRAFT_TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256: + case CipherSuite.DRAFT_TLS_ECDHE_PSK_WITH_CHACHA20_POLY1305_SHA256: + case CipherSuite.TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256: + case CipherSuite.TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384: + case CipherSuite.TLS_ECDHE_RSA_WITH_CAMELLIA_128_GCM_SHA256: + case CipherSuite.TLS_ECDHE_RSA_WITH_CAMELLIA_256_GCM_SHA384: + case CipherSuite.DRAFT_TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256: + case CipherSuite.TLS_PSK_DHE_WITH_AES_128_CCM_8: + case CipherSuite.TLS_PSK_DHE_WITH_AES_256_CCM_8: + case CipherSuite.TLS_PSK_WITH_AES_128_CCM: + case CipherSuite.TLS_PSK_WITH_AES_128_CCM_8: + case CipherSuite.TLS_PSK_WITH_AES_128_GCM_SHA256: + case CipherSuite.TLS_PSK_WITH_AES_256_CCM: + case CipherSuite.TLS_PSK_WITH_AES_256_CCM_8: + case CipherSuite.TLS_PSK_WITH_AES_256_GCM_SHA384: + case CipherSuite.TLS_PSK_WITH_CAMELLIA_128_GCM_SHA256: + case CipherSuite.TLS_PSK_WITH_CAMELLIA_256_GCM_SHA384: + case CipherSuite.DRAFT_TLS_PSK_WITH_CHACHA20_POLY1305_SHA256: + case CipherSuite.TLS_RSA_PSK_WITH_AES_128_GCM_SHA256: + case CipherSuite.TLS_RSA_PSK_WITH_AES_256_GCM_SHA384: + case CipherSuite.TLS_RSA_PSK_WITH_CAMELLIA_128_GCM_SHA256: + case CipherSuite.TLS_RSA_PSK_WITH_CAMELLIA_256_GCM_SHA384: + case CipherSuite.DRAFT_TLS_RSA_PSK_WITH_CHACHA20_POLY1305_SHA256: + case CipherSuite.TLS_RSA_WITH_AES_128_CCM: + case CipherSuite.TLS_RSA_WITH_AES_128_CCM_8: + case CipherSuite.TLS_RSA_WITH_AES_128_GCM_SHA256: + case CipherSuite.TLS_RSA_WITH_AES_256_CCM: + case CipherSuite.TLS_RSA_WITH_AES_256_CCM_8: + case CipherSuite.TLS_RSA_WITH_AES_256_GCM_SHA384: + case CipherSuite.TLS_RSA_WITH_CAMELLIA_128_GCM_SHA256: + case CipherSuite.TLS_RSA_WITH_CAMELLIA_256_GCM_SHA384: + return MacAlgorithm.cls_null; + + case CipherSuite.TLS_DH_anon_WITH_RC4_128_MD5: + case CipherSuite.TLS_RSA_WITH_NULL_MD5: + case CipherSuite.TLS_RSA_WITH_RC4_128_MD5: + return MacAlgorithm.hmac_md5; + + case CipherSuite.TLS_DH_anon_WITH_3DES_EDE_CBC_SHA: + case CipherSuite.TLS_DH_anon_WITH_AES_128_CBC_SHA: + case CipherSuite.TLS_DH_anon_WITH_AES_256_CBC_SHA: + case CipherSuite.TLS_DH_anon_WITH_CAMELLIA_128_CBC_SHA: + case CipherSuite.TLS_DH_anon_WITH_CAMELLIA_256_CBC_SHA: + case CipherSuite.TLS_DH_anon_WITH_SEED_CBC_SHA: + case CipherSuite.TLS_DH_DSS_WITH_3DES_EDE_CBC_SHA: + case CipherSuite.TLS_DH_DSS_WITH_AES_128_CBC_SHA: + case CipherSuite.TLS_DH_DSS_WITH_AES_256_CBC_SHA: + case CipherSuite.TLS_DH_DSS_WITH_CAMELLIA_128_CBC_SHA: + case CipherSuite.TLS_DH_DSS_WITH_CAMELLIA_256_CBC_SHA: + case CipherSuite.TLS_DH_DSS_WITH_SEED_CBC_SHA: + case CipherSuite.TLS_DH_RSA_WITH_3DES_EDE_CBC_SHA: + case CipherSuite.TLS_DH_RSA_WITH_AES_128_CBC_SHA: + case CipherSuite.TLS_DH_RSA_WITH_AES_256_CBC_SHA: + case CipherSuite.TLS_DH_RSA_WITH_CAMELLIA_128_CBC_SHA: + case CipherSuite.TLS_DH_RSA_WITH_CAMELLIA_256_CBC_SHA: + case CipherSuite.TLS_DH_RSA_WITH_SEED_CBC_SHA: + case CipherSuite.TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA: + case CipherSuite.TLS_DHE_DSS_WITH_AES_128_CBC_SHA: + case CipherSuite.TLS_DHE_DSS_WITH_AES_256_CBC_SHA: + case CipherSuite.TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA: + case CipherSuite.TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA: + case CipherSuite.TLS_DHE_DSS_WITH_SEED_CBC_SHA: + case CipherSuite.TLS_DHE_PSK_WITH_3DES_EDE_CBC_SHA: + case CipherSuite.TLS_DHE_PSK_WITH_AES_128_CBC_SHA: + case CipherSuite.TLS_DHE_PSK_WITH_AES_256_CBC_SHA: + case CipherSuite.TLS_DHE_PSK_WITH_NULL_SHA: + case CipherSuite.TLS_DHE_PSK_WITH_RC4_128_SHA: + case CipherSuite.TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA: + case CipherSuite.TLS_DHE_RSA_WITH_AES_128_CBC_SHA: + case CipherSuite.TLS_DHE_RSA_WITH_AES_256_CBC_SHA: + case CipherSuite.TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA: + case CipherSuite.TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA: + case CipherSuite.TLS_DHE_RSA_WITH_SEED_CBC_SHA: + case CipherSuite.TLS_ECDH_anon_WITH_3DES_EDE_CBC_SHA: + case CipherSuite.TLS_ECDH_anon_WITH_AES_128_CBC_SHA: + case CipherSuite.TLS_ECDH_anon_WITH_AES_256_CBC_SHA: + case CipherSuite.TLS_ECDH_anon_WITH_NULL_SHA: + case CipherSuite.TLS_ECDH_anon_WITH_RC4_128_SHA: + case CipherSuite.TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA: + case CipherSuite.TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA: + case CipherSuite.TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA: + case CipherSuite.TLS_ECDH_ECDSA_WITH_NULL_SHA: + case CipherSuite.TLS_ECDH_ECDSA_WITH_RC4_128_SHA: + case CipherSuite.TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA: + case CipherSuite.TLS_ECDH_RSA_WITH_AES_128_CBC_SHA: + case CipherSuite.TLS_ECDH_RSA_WITH_AES_256_CBC_SHA: + case CipherSuite.TLS_ECDH_RSA_WITH_NULL_SHA: + case CipherSuite.TLS_ECDH_RSA_WITH_RC4_128_SHA: + case CipherSuite.TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA: + case CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA: + case CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA: + case CipherSuite.TLS_ECDHE_ECDSA_WITH_NULL_SHA: + case CipherSuite.TLS_ECDHE_ECDSA_WITH_RC4_128_SHA: + case CipherSuite.TLS_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA: + case CipherSuite.TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA: + case CipherSuite.TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA: + case CipherSuite.TLS_ECDHE_PSK_WITH_NULL_SHA: + case CipherSuite.TLS_ECDHE_PSK_WITH_RC4_128_SHA: + case CipherSuite.TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA: + case CipherSuite.TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA: + case CipherSuite.TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA: + case CipherSuite.TLS_ECDHE_RSA_WITH_NULL_SHA: + case CipherSuite.TLS_ECDHE_RSA_WITH_RC4_128_SHA: + case CipherSuite.TLS_RSA_PSK_WITH_3DES_EDE_CBC_SHA: + case CipherSuite.TLS_RSA_PSK_WITH_AES_128_CBC_SHA: + case CipherSuite.TLS_RSA_PSK_WITH_AES_256_CBC_SHA: + case CipherSuite.TLS_PSK_WITH_3DES_EDE_CBC_SHA: + case CipherSuite.TLS_PSK_WITH_AES_128_CBC_SHA: + case CipherSuite.TLS_PSK_WITH_AES_256_CBC_SHA: + case CipherSuite.TLS_PSK_WITH_NULL_SHA: + case CipherSuite.TLS_PSK_WITH_RC4_128_SHA: + case CipherSuite.TLS_RSA_PSK_WITH_NULL_SHA: + case CipherSuite.TLS_RSA_PSK_WITH_RC4_128_SHA: + case CipherSuite.TLS_RSA_WITH_3DES_EDE_CBC_SHA: + case CipherSuite.TLS_RSA_WITH_AES_128_CBC_SHA: + case CipherSuite.TLS_RSA_WITH_AES_256_CBC_SHA: + case CipherSuite.TLS_RSA_WITH_CAMELLIA_128_CBC_SHA: + case CipherSuite.TLS_RSA_WITH_CAMELLIA_256_CBC_SHA: + case CipherSuite.TLS_RSA_WITH_NULL_SHA: + case CipherSuite.TLS_RSA_WITH_RC4_128_SHA: + case CipherSuite.TLS_RSA_WITH_SEED_CBC_SHA: + case CipherSuite.TLS_SRP_SHA_DSS_WITH_3DES_EDE_CBC_SHA: + case CipherSuite.TLS_SRP_SHA_DSS_WITH_AES_128_CBC_SHA: + case CipherSuite.TLS_SRP_SHA_DSS_WITH_AES_256_CBC_SHA: + case CipherSuite.TLS_SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHA: + case CipherSuite.TLS_SRP_SHA_RSA_WITH_AES_128_CBC_SHA: + case CipherSuite.TLS_SRP_SHA_RSA_WITH_AES_256_CBC_SHA: + case CipherSuite.TLS_SRP_SHA_WITH_3DES_EDE_CBC_SHA: + case CipherSuite.TLS_SRP_SHA_WITH_AES_128_CBC_SHA: + case CipherSuite.TLS_SRP_SHA_WITH_AES_256_CBC_SHA: + return MacAlgorithm.hmac_sha1; + + case CipherSuite.TLS_DH_anon_WITH_AES_128_CBC_SHA256: + case CipherSuite.TLS_DH_anon_WITH_AES_256_CBC_SHA256: + case CipherSuite.TLS_DH_anon_WITH_CAMELLIA_128_CBC_SHA256: + case CipherSuite.TLS_DH_anon_WITH_CAMELLIA_256_CBC_SHA256: + case CipherSuite.TLS_DH_DSS_WITH_AES_128_CBC_SHA256: + case CipherSuite.TLS_DH_DSS_WITH_AES_256_CBC_SHA256: + case CipherSuite.TLS_DH_DSS_WITH_CAMELLIA_128_CBC_SHA256: + case CipherSuite.TLS_DH_DSS_WITH_CAMELLIA_256_CBC_SHA256: + case CipherSuite.TLS_DH_RSA_WITH_AES_128_CBC_SHA256: + case CipherSuite.TLS_DH_RSA_WITH_AES_256_CBC_SHA256: + case CipherSuite.TLS_DH_RSA_WITH_CAMELLIA_128_CBC_SHA256: + case CipherSuite.TLS_DH_RSA_WITH_CAMELLIA_256_CBC_SHA256: + case CipherSuite.TLS_DHE_DSS_WITH_AES_128_CBC_SHA256: + case CipherSuite.TLS_DHE_DSS_WITH_AES_256_CBC_SHA256: + case CipherSuite.TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA256: + case CipherSuite.TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA256: + case CipherSuite.TLS_DHE_PSK_WITH_AES_128_CBC_SHA256: + case CipherSuite.TLS_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256: + case CipherSuite.TLS_DHE_PSK_WITH_NULL_SHA256: + case CipherSuite.TLS_DHE_RSA_WITH_AES_128_CBC_SHA256: + case CipherSuite.TLS_DHE_RSA_WITH_AES_256_CBC_SHA256: + case CipherSuite.TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256: + case CipherSuite.TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256: + case CipherSuite.TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256: + case CipherSuite.TLS_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256: + case CipherSuite.TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256: + case CipherSuite.TLS_ECDH_RSA_WITH_CAMELLIA_128_CBC_SHA256: + case CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256: + case CipherSuite.TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256: + case CipherSuite.TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256: + case CipherSuite.TLS_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256: + case CipherSuite.TLS_ECDHE_PSK_WITH_NULL_SHA256: + case CipherSuite.TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256: + case CipherSuite.TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256: + case CipherSuite.TLS_PSK_WITH_AES_128_CBC_SHA256: + case CipherSuite.TLS_PSK_WITH_CAMELLIA_128_CBC_SHA256: + case CipherSuite.TLS_PSK_WITH_NULL_SHA256: + case CipherSuite.TLS_RSA_PSK_WITH_AES_128_CBC_SHA256: + case CipherSuite.TLS_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256: + case CipherSuite.TLS_RSA_PSK_WITH_NULL_SHA256: + case CipherSuite.TLS_RSA_WITH_AES_128_CBC_SHA256: + case CipherSuite.TLS_RSA_WITH_AES_256_CBC_SHA256: + case CipherSuite.TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256: + case CipherSuite.TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256: + case CipherSuite.TLS_RSA_WITH_NULL_SHA256: + return MacAlgorithm.hmac_sha256; + + case CipherSuite.TLS_DHE_PSK_WITH_AES_256_CBC_SHA384: + case CipherSuite.TLS_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384: + case CipherSuite.TLS_DHE_PSK_WITH_NULL_SHA384: + case CipherSuite.TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384: + case CipherSuite.TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384: + case CipherSuite.TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384: + case CipherSuite.TLS_ECDH_RSA_WITH_CAMELLIA_256_CBC_SHA384: + case CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384: + case CipherSuite.TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384: + case CipherSuite.TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384: + case CipherSuite.TLS_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384: + case CipherSuite.TLS_ECDHE_PSK_WITH_NULL_SHA384: + case CipherSuite.TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384: + case CipherSuite.TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384: + case CipherSuite.TLS_PSK_WITH_AES_256_CBC_SHA384: + case CipherSuite.TLS_PSK_WITH_CAMELLIA_256_CBC_SHA384: + case CipherSuite.TLS_PSK_WITH_NULL_SHA384: + case CipherSuite.TLS_RSA_PSK_WITH_AES_256_CBC_SHA384: + case CipherSuite.TLS_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384: + case CipherSuite.TLS_RSA_PSK_WITH_NULL_SHA384: + return MacAlgorithm.hmac_sha384; + + default: + throw new TlsFatalAlert(AlertDescription.internal_error); + } + } + + public static ProtocolVersion GetMinimumVersion(int ciphersuite) + { + switch (ciphersuite) + { + case CipherSuite.TLS_DH_anon_WITH_AES_128_CBC_SHA256: + case CipherSuite.TLS_DH_anon_WITH_AES_128_GCM_SHA256: + case CipherSuite.TLS_DH_anon_WITH_AES_256_CBC_SHA256: + case CipherSuite.TLS_DH_anon_WITH_AES_256_GCM_SHA384: + case CipherSuite.TLS_DH_anon_WITH_CAMELLIA_128_CBC_SHA256: + case CipherSuite.TLS_DH_anon_WITH_CAMELLIA_128_GCM_SHA256: + case CipherSuite.TLS_DH_anon_WITH_CAMELLIA_256_CBC_SHA256: + case CipherSuite.TLS_DH_anon_WITH_CAMELLIA_256_GCM_SHA384: + case CipherSuite.TLS_DH_DSS_WITH_AES_128_CBC_SHA256: + case CipherSuite.TLS_DH_DSS_WITH_AES_128_GCM_SHA256: + case CipherSuite.TLS_DH_DSS_WITH_AES_256_CBC_SHA256: + case CipherSuite.TLS_DH_DSS_WITH_AES_256_GCM_SHA384: + case CipherSuite.TLS_DH_DSS_WITH_CAMELLIA_128_CBC_SHA256: + case CipherSuite.TLS_DH_DSS_WITH_CAMELLIA_128_GCM_SHA256: + case CipherSuite.TLS_DH_DSS_WITH_CAMELLIA_256_CBC_SHA256: + case CipherSuite.TLS_DH_DSS_WITH_CAMELLIA_256_GCM_SHA384: + case CipherSuite.TLS_DH_RSA_WITH_AES_128_CBC_SHA256: + case CipherSuite.TLS_DH_RSA_WITH_AES_128_GCM_SHA256: + case CipherSuite.TLS_DH_RSA_WITH_AES_256_CBC_SHA256: + case CipherSuite.TLS_DH_RSA_WITH_AES_256_GCM_SHA384: + case CipherSuite.TLS_DH_RSA_WITH_CAMELLIA_128_CBC_SHA256: + case CipherSuite.TLS_DH_RSA_WITH_CAMELLIA_128_GCM_SHA256: + case CipherSuite.TLS_DH_RSA_WITH_CAMELLIA_256_CBC_SHA256: + case CipherSuite.TLS_DH_RSA_WITH_CAMELLIA_256_GCM_SHA384: + case CipherSuite.TLS_DHE_DSS_WITH_AES_128_CBC_SHA256: + case CipherSuite.TLS_DHE_DSS_WITH_AES_128_GCM_SHA256: + case CipherSuite.TLS_DHE_DSS_WITH_AES_256_CBC_SHA256: + case CipherSuite.TLS_DHE_DSS_WITH_AES_256_GCM_SHA384: + case CipherSuite.TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA256: + case CipherSuite.TLS_DHE_DSS_WITH_CAMELLIA_128_GCM_SHA256: + case CipherSuite.TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA256: + case CipherSuite.TLS_DHE_DSS_WITH_CAMELLIA_256_GCM_SHA384: + case CipherSuite.TLS_DHE_PSK_WITH_AES_128_CCM: + case CipherSuite.TLS_DHE_PSK_WITH_AES_128_GCM_SHA256: + case CipherSuite.TLS_DHE_PSK_WITH_AES_256_CCM: + case CipherSuite.TLS_DHE_PSK_WITH_AES_256_GCM_SHA384: + case CipherSuite.TLS_DHE_PSK_WITH_CAMELLIA_128_GCM_SHA256: + case CipherSuite.TLS_DHE_PSK_WITH_CAMELLIA_256_GCM_SHA384: + case CipherSuite.DRAFT_TLS_DHE_PSK_WITH_CHACHA20_POLY1305_SHA256: + case CipherSuite.TLS_DHE_RSA_WITH_AES_128_CBC_SHA256: + case CipherSuite.TLS_DHE_RSA_WITH_AES_128_CCM: + case CipherSuite.TLS_DHE_RSA_WITH_AES_128_CCM_8: + case CipherSuite.TLS_DHE_RSA_WITH_AES_128_GCM_SHA256: + case CipherSuite.TLS_DHE_RSA_WITH_AES_256_CBC_SHA256: + case CipherSuite.TLS_DHE_RSA_WITH_AES_256_CCM: + case CipherSuite.TLS_DHE_RSA_WITH_AES_256_CCM_8: + case CipherSuite.TLS_DHE_RSA_WITH_AES_256_GCM_SHA384: + case CipherSuite.TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256: + case CipherSuite.TLS_DHE_RSA_WITH_CAMELLIA_128_GCM_SHA256: + case CipherSuite.TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256: + case CipherSuite.TLS_DHE_RSA_WITH_CAMELLIA_256_GCM_SHA384: + case CipherSuite.DRAFT_TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256: + case CipherSuite.TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256: + case CipherSuite.TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256: + case CipherSuite.TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384: + case CipherSuite.TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384: + case CipherSuite.TLS_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256: + case CipherSuite.TLS_ECDH_ECDSA_WITH_CAMELLIA_128_GCM_SHA256: + case CipherSuite.TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384: + case CipherSuite.TLS_ECDH_ECDSA_WITH_CAMELLIA_256_GCM_SHA384: + case CipherSuite.TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256: + case CipherSuite.TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256: + case CipherSuite.TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384: + case CipherSuite.TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384: + case CipherSuite.TLS_ECDH_RSA_WITH_CAMELLIA_128_CBC_SHA256: + case CipherSuite.TLS_ECDH_RSA_WITH_CAMELLIA_128_GCM_SHA256: + case CipherSuite.TLS_ECDH_RSA_WITH_CAMELLIA_256_CBC_SHA384: + case CipherSuite.TLS_ECDH_RSA_WITH_CAMELLIA_256_GCM_SHA384: + case CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256: + case CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_128_CCM: + case CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8: + case CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256: + case CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384: + case CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_256_CCM: + case CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_256_CCM_8: + case CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384: + case CipherSuite.TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256: + case CipherSuite.TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_GCM_SHA256: + case CipherSuite.TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384: + case CipherSuite.TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_GCM_SHA384: + case CipherSuite.DRAFT_TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256: + case CipherSuite.DRAFT_TLS_ECDHE_PSK_WITH_CHACHA20_POLY1305_SHA256: + case CipherSuite.TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256: + case CipherSuite.TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256: + case CipherSuite.TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384: + case CipherSuite.TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384: + case CipherSuite.TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256: + case CipherSuite.TLS_ECDHE_RSA_WITH_CAMELLIA_128_GCM_SHA256: + case CipherSuite.TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384: + case CipherSuite.TLS_ECDHE_RSA_WITH_CAMELLIA_256_GCM_SHA384: + case CipherSuite.DRAFT_TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256: + case CipherSuite.TLS_PSK_DHE_WITH_AES_128_CCM_8: + case CipherSuite.TLS_PSK_DHE_WITH_AES_256_CCM_8: + case CipherSuite.TLS_PSK_WITH_AES_128_CCM: + case CipherSuite.TLS_PSK_WITH_AES_128_CCM_8: + case CipherSuite.TLS_PSK_WITH_AES_128_GCM_SHA256: + case CipherSuite.TLS_PSK_WITH_AES_256_CCM: + case CipherSuite.TLS_PSK_WITH_AES_256_CCM_8: + case CipherSuite.TLS_PSK_WITH_AES_256_GCM_SHA384: + case CipherSuite.TLS_PSK_WITH_CAMELLIA_128_GCM_SHA256: + case CipherSuite.TLS_PSK_WITH_CAMELLIA_256_GCM_SHA384: + case CipherSuite.DRAFT_TLS_PSK_WITH_CHACHA20_POLY1305_SHA256: + case CipherSuite.TLS_RSA_PSK_WITH_AES_128_GCM_SHA256: + case CipherSuite.TLS_RSA_PSK_WITH_AES_256_GCM_SHA384: + case CipherSuite.TLS_RSA_PSK_WITH_CAMELLIA_128_GCM_SHA256: + case CipherSuite.TLS_RSA_PSK_WITH_CAMELLIA_256_GCM_SHA384: + case CipherSuite.DRAFT_TLS_RSA_PSK_WITH_CHACHA20_POLY1305_SHA256: + case CipherSuite.TLS_RSA_WITH_AES_128_CBC_SHA256: + case CipherSuite.TLS_RSA_WITH_AES_128_CCM: + case CipherSuite.TLS_RSA_WITH_AES_128_CCM_8: + case CipherSuite.TLS_RSA_WITH_AES_128_GCM_SHA256: + case CipherSuite.TLS_RSA_WITH_AES_256_CBC_SHA256: + case CipherSuite.TLS_RSA_WITH_AES_256_CCM: + case CipherSuite.TLS_RSA_WITH_AES_256_CCM_8: + case CipherSuite.TLS_RSA_WITH_AES_256_GCM_SHA384: + case CipherSuite.TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256: + case CipherSuite.TLS_RSA_WITH_CAMELLIA_128_GCM_SHA256: + case CipherSuite.TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256: + case CipherSuite.TLS_RSA_WITH_CAMELLIA_256_GCM_SHA384: + case CipherSuite.TLS_RSA_WITH_NULL_SHA256: + return ProtocolVersion.TLSv12; + + default: + return ProtocolVersion.SSLv3; + } + } + + public static bool IsAeadCipherSuite(int ciphersuite) + { + return CipherType.aead == GetCipherType(ciphersuite); + } + + public static bool IsBlockCipherSuite(int ciphersuite) + { + return CipherType.block == GetCipherType(ciphersuite); + } + + public static bool IsStreamCipherSuite(int ciphersuite) + { + return CipherType.stream == GetCipherType(ciphersuite); + } + + public static bool IsValidCipherSuiteForSignatureAlgorithms(int cipherSuite, IList sigAlgs) + { + int keyExchangeAlgorithm; + try + { + keyExchangeAlgorithm = GetKeyExchangeAlgorithm(cipherSuite); + } + catch (IOException) + { + return true; + } + + switch (keyExchangeAlgorithm) + { + case KeyExchangeAlgorithm.DH_anon: + case KeyExchangeAlgorithm.DH_anon_EXPORT: + case KeyExchangeAlgorithm.ECDH_anon: + return sigAlgs.Contains(SignatureAlgorithm.anonymous); + + case KeyExchangeAlgorithm.DHE_RSA: + case KeyExchangeAlgorithm.DHE_RSA_EXPORT: + case KeyExchangeAlgorithm.ECDHE_RSA: + case KeyExchangeAlgorithm.SRP_RSA: + return sigAlgs.Contains(SignatureAlgorithm.rsa); + + case KeyExchangeAlgorithm.DHE_DSS: + case KeyExchangeAlgorithm.DHE_DSS_EXPORT: + case KeyExchangeAlgorithm.SRP_DSS: + return sigAlgs.Contains(SignatureAlgorithm.dsa); + + case KeyExchangeAlgorithm.ECDHE_ECDSA: + return sigAlgs.Contains(SignatureAlgorithm.ecdsa); + + default: + return true; + } + } + + public static bool IsValidCipherSuiteForVersion(int cipherSuite, ProtocolVersion serverVersion) + { + return GetMinimumVersion(cipherSuite).IsEqualOrEarlierVersionOf(serverVersion.GetEquivalentTLSVersion()); + } + + public static IList GetUsableSignatureAlgorithms(IList sigHashAlgs) + { + if (sigHashAlgs == null) + return GetAllSignatureAlgorithms(); + + IList v = Platform.CreateArrayList(4); + v.Add(SignatureAlgorithm.anonymous); + foreach (SignatureAndHashAlgorithm sigHashAlg in sigHashAlgs) + { + //if (sigHashAlg.Hash >= MINIMUM_HASH_STRICT) + { + byte sigAlg = sigHashAlg.Signature; + if (!v.Contains(sigAlg)) + { + v.Add(sigAlg); + } + } + } + return v; + } + +#if !PORTABLE || DOTNET + public static bool IsTimeout(SocketException e) + { +#if NET_1_1 + return 10060 == e.ErrorCode; +#else + return SocketError.TimedOut == e.SocketErrorCode; +#endif + } +#endif + } +} diff --git a/BouncyCastle/crypto/src/crypto/tls/UrlAndHash.cs b/BouncyCastle/crypto/src/crypto/tls/UrlAndHash.cs new file mode 100644 index 0000000..9ffd2cb --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/tls/UrlAndHash.cs @@ -0,0 +1,94 @@ +using System; +using System.IO; + +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Crypto.Tls +{ + /** + * RFC 6066 5. + */ + public class UrlAndHash + { + protected readonly string mUrl; + protected readonly byte[] mSha1Hash; + + public UrlAndHash(string url, byte[] sha1Hash) + { + if (url == null || url.Length < 1 || url.Length >= (1 << 16)) + throw new ArgumentException("must have length from 1 to (2^16 - 1)", "url"); + if (sha1Hash != null && sha1Hash.Length != 20) + throw new ArgumentException("must have length == 20, if present", "sha1Hash"); + + this.mUrl = url; + this.mSha1Hash = sha1Hash; + } + + public virtual string Url + { + get { return mUrl; } + } + + public virtual byte[] Sha1Hash + { + get { return mSha1Hash; } + } + + /** + * Encode this {@link UrlAndHash} to a {@link Stream}. + * + * @param output the {@link Stream} to encode to. + * @throws IOException + */ + public virtual void Encode(Stream output) + { + byte[] urlEncoding = Strings.ToByteArray(this.mUrl); + TlsUtilities.WriteOpaque16(urlEncoding, output); + + if (this.mSha1Hash == null) + { + TlsUtilities.WriteUint8(0, output); + } + else + { + TlsUtilities.WriteUint8(1, output); + output.Write(this.mSha1Hash, 0, this.mSha1Hash.Length); + } + } + + /** + * Parse a {@link UrlAndHash} from a {@link Stream}. + * + * @param context + * the {@link TlsContext} of the current connection. + * @param input + * the {@link Stream} to parse from. + * @return a {@link UrlAndHash} object. + * @throws IOException + */ + public static UrlAndHash Parse(TlsContext context, Stream input) + { + byte[] urlEncoding = TlsUtilities.ReadOpaque16(input); + if (urlEncoding.Length < 1) + throw new TlsFatalAlert(AlertDescription.illegal_parameter); + string url = Strings.FromByteArray(urlEncoding); + + byte[] sha1Hash = null; + byte padding = TlsUtilities.ReadUint8(input); + switch (padding) + { + case 0: + if (TlsUtilities.IsTlsV12(context)) + throw new TlsFatalAlert(AlertDescription.illegal_parameter); + break; + case 1: + sha1Hash = TlsUtilities.ReadFully(20, input); + break; + default: + throw new TlsFatalAlert(AlertDescription.illegal_parameter); + } + + return new UrlAndHash(url, sha1Hash); + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/tls/UseSrtpData.cs b/BouncyCastle/crypto/src/crypto/tls/UseSrtpData.cs new file mode 100644 index 0000000..fe8f8ac --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/tls/UseSrtpData.cs @@ -0,0 +1,56 @@ +using System; +using System.Collections; +using System.IO; + +namespace Org.BouncyCastle.Crypto.Tls +{ + /** + * RFC 5764 4.1.1 + */ + public class UseSrtpData + { + protected readonly int[] mProtectionProfiles; + protected readonly byte[] mMki; + + /** + * @param protectionProfiles see {@link SrtpProtectionProfile} for valid constants. + * @param mki valid lengths from 0 to 255. + */ + public UseSrtpData(int[] protectionProfiles, byte[] mki) + { + if (protectionProfiles == null || protectionProfiles.Length < 1 + || protectionProfiles.Length >= (1 << 15)) + { + throw new ArgumentException("must have length from 1 to (2^15 - 1)", "protectionProfiles"); + } + + if (mki == null) + { + mki = TlsUtilities.EmptyBytes; + } + else if (mki.Length > 255) + { + throw new ArgumentException("cannot be longer than 255 bytes", "mki"); + } + + this.mProtectionProfiles = protectionProfiles; + this.mMki = mki; + } + + /** + * @return see {@link SrtpProtectionProfile} for valid constants. + */ + public virtual int[] ProtectionProfiles + { + get { return mProtectionProfiles; } + } + + /** + * @return valid lengths from 0 to 255. + */ + public virtual byte[] Mki + { + get { return mMki; } + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/tls/UserMappingType.cs b/BouncyCastle/crypto/src/crypto/tls/UserMappingType.cs new file mode 100644 index 0000000..6cff517 --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/tls/UserMappingType.cs @@ -0,0 +1,13 @@ +using System; + +namespace Org.BouncyCastle.Crypto.Tls +{ + /// RFC 4681 + public abstract class UserMappingType + { + /* + * RFC 4681 + */ + public const byte upn_domain_hint = 64; + } +} diff --git a/BouncyCastle/crypto/src/crypto/util/AlgorithmIdentifierFactory.cs b/BouncyCastle/crypto/src/crypto/util/AlgorithmIdentifierFactory.cs new file mode 100644 index 0000000..ad4d31e --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/util/AlgorithmIdentifierFactory.cs @@ -0,0 +1,106 @@ +using System; + +using Org.BouncyCastle.Asn1; +using Org.BouncyCastle.Asn1.Kisa; +using Org.BouncyCastle.Asn1.Misc; +using Org.BouncyCastle.Asn1.Nist; +using Org.BouncyCastle.Asn1.Ntt; +using Org.BouncyCastle.Asn1.Oiw; +using Org.BouncyCastle.Asn1.Pkcs; +using Org.BouncyCastle.Asn1.X509; +using Org.BouncyCastle.Security; + +namespace Org.BouncyCastle.Crypto.Utilities +{ + public class AlgorithmIdentifierFactory + { + public static readonly DerObjectIdentifier IDEA_CBC = new DerObjectIdentifier("1.3.6.1.4.1.188.7.1.1.2"); + public static readonly DerObjectIdentifier CAST5_CBC = new DerObjectIdentifier("1.2.840.113533.7.66.10"); + + private static readonly short[] rc2Table = { + 0xbd, 0x56, 0xea, 0xf2, 0xa2, 0xf1, 0xac, 0x2a, 0xb0, 0x93, 0xd1, 0x9c, 0x1b, 0x33, 0xfd, 0xd0, + 0x30, 0x04, 0xb6, 0xdc, 0x7d, 0xdf, 0x32, 0x4b, 0xf7, 0xcb, 0x45, 0x9b, 0x31, 0xbb, 0x21, 0x5a, + 0x41, 0x9f, 0xe1, 0xd9, 0x4a, 0x4d, 0x9e, 0xda, 0xa0, 0x68, 0x2c, 0xc3, 0x27, 0x5f, 0x80, 0x36, + 0x3e, 0xee, 0xfb, 0x95, 0x1a, 0xfe, 0xce, 0xa8, 0x34, 0xa9, 0x13, 0xf0, 0xa6, 0x3f, 0xd8, 0x0c, + 0x78, 0x24, 0xaf, 0x23, 0x52, 0xc1, 0x67, 0x17, 0xf5, 0x66, 0x90, 0xe7, 0xe8, 0x07, 0xb8, 0x60, + 0x48, 0xe6, 0x1e, 0x53, 0xf3, 0x92, 0xa4, 0x72, 0x8c, 0x08, 0x15, 0x6e, 0x86, 0x00, 0x84, 0xfa, + 0xf4, 0x7f, 0x8a, 0x42, 0x19, 0xf6, 0xdb, 0xcd, 0x14, 0x8d, 0x50, 0x12, 0xba, 0x3c, 0x06, 0x4e, + 0xec, 0xb3, 0x35, 0x11, 0xa1, 0x88, 0x8e, 0x2b, 0x94, 0x99, 0xb7, 0x71, 0x74, 0xd3, 0xe4, 0xbf, + 0x3a, 0xde, 0x96, 0x0e, 0xbc, 0x0a, 0xed, 0x77, 0xfc, 0x37, 0x6b, 0x03, 0x79, 0x89, 0x62, 0xc6, + 0xd7, 0xc0, 0xd2, 0x7c, 0x6a, 0x8b, 0x22, 0xa3, 0x5b, 0x05, 0x5d, 0x02, 0x75, 0xd5, 0x61, 0xe3, + 0x18, 0x8f, 0x55, 0x51, 0xad, 0x1f, 0x0b, 0x5e, 0x85, 0xe5, 0xc2, 0x57, 0x63, 0xca, 0x3d, 0x6c, + 0xb4, 0xc5, 0xcc, 0x70, 0xb2, 0x91, 0x59, 0x0d, 0x47, 0x20, 0xc8, 0x4f, 0x58, 0xe0, 0x01, 0xe2, + 0x16, 0x38, 0xc4, 0x6f, 0x3b, 0x0f, 0x65, 0x46, 0xbe, 0x7e, 0x2d, 0x7b, 0x82, 0xf9, 0x40, 0xb5, + 0x1d, 0x73, 0xf8, 0xeb, 0x26, 0xc7, 0x87, 0x97, 0x25, 0x54, 0xb1, 0x28, 0xaa, 0x98, 0x9d, 0xa5, + 0x64, 0x6d, 0x7a, 0xd4, 0x10, 0x81, 0x44, 0xef, 0x49, 0xd6, 0xae, 0x2e, 0xdd, 0x76, 0x5c, 0x2f, + 0xa7, 0x1c, 0xc9, 0x09, 0x69, 0x9a, 0x83, 0xcf, 0x29, 0x39, 0xb9, 0xe9, 0x4c, 0xff, 0x43, 0xab + }; + + + /** + * Create an AlgorithmIdentifier for the passed in encryption algorithm. + * + * @param encryptionOID OID for the encryption algorithm + * @param keySize key size in bits (-1 if unknown) + * @param random SecureRandom to use for parameter generation. + * @return a full AlgorithmIdentifier including parameters + * @throws IllegalArgumentException if encryptionOID cannot be matched + */ + public static AlgorithmIdentifier GenerateEncryptionAlgID(DerObjectIdentifier encryptionOID, int keySize, SecureRandom random) + + { + if (encryptionOID.Equals(NistObjectIdentifiers.IdAes128Cbc) + || encryptionOID.Equals(NistObjectIdentifiers.IdAes192Cbc) + || encryptionOID.Equals(NistObjectIdentifiers.IdAes256Cbc) + || encryptionOID.Equals(NttObjectIdentifiers.IdCamellia128Cbc) + || encryptionOID.Equals(NttObjectIdentifiers.IdCamellia192Cbc) + || encryptionOID.Equals(NttObjectIdentifiers.IdCamellia256Cbc) + || encryptionOID.Equals(KisaObjectIdentifiers.IdSeedCbc)) + { + byte[] iv = new byte[16]; + + random.NextBytes(iv); + + return new AlgorithmIdentifier(encryptionOID, new DerOctetString(iv)); + } + else if (encryptionOID.Equals(PkcsObjectIdentifiers.DesEde3Cbc) + || encryptionOID.Equals(IDEA_CBC) + || encryptionOID.Equals(OiwObjectIdentifiers.DesCbc)) + { + byte[] iv = new byte[8]; + + random.NextBytes(iv); + + return new AlgorithmIdentifier(encryptionOID, new DerOctetString(iv)); + } + else if (encryptionOID.Equals(CAST5_CBC)) + { + byte[] iv = new byte[8]; + + random.NextBytes(iv); + + Cast5CbcParameters cbcParams = new Cast5CbcParameters(iv, keySize); + + return new AlgorithmIdentifier(encryptionOID, cbcParams); + } + else if (encryptionOID.Equals(PkcsObjectIdentifiers.rc4)) + { + return new AlgorithmIdentifier(encryptionOID, DerNull.Instance); + } + else if (encryptionOID.Equals(PkcsObjectIdentifiers.RC2Cbc)) + { + byte[] iv = new byte[8]; + + random.NextBytes(iv); + + RC2CbcParameter cbcParams = new RC2CbcParameter(rc2Table[128], iv); + + return new AlgorithmIdentifier(encryptionOID, cbcParams); + } + else + { + throw new InvalidOperationException("unable to match algorithm"); + } + } + } +} \ No newline at end of file diff --git a/BouncyCastle/crypto/src/crypto/util/BasicAlphabetMapper.cs b/BouncyCastle/crypto/src/crypto/util/BasicAlphabetMapper.cs new file mode 100644 index 0000000..b60733f --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/util/BasicAlphabetMapper.cs @@ -0,0 +1,106 @@ +using System; +using System.Collections; + +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Crypto.Utilities +{ + /** + * A basic alphabet mapper that just creates a mapper based on the + * passed in array of characters. + */ + public class BasicAlphabetMapper + : IAlphabetMapper + { + private readonly IDictionary indexMap = Platform.CreateHashtable(); + private readonly IDictionary charMap = Platform.CreateHashtable(); + + /** + * Base constructor. + * + * @param alphabet a string of characters making up the alphabet. + */ + public BasicAlphabetMapper(string alphabet) : + this(alphabet.ToCharArray()) + { + } + + /** + * Base constructor. + * + * @param alphabet an array of characters making up the alphabet. + */ + public BasicAlphabetMapper(char[] alphabet) + { + for (int i = 0; i != alphabet.Length; i++) + { + if (indexMap.Contains(alphabet[i])) + { + throw new ArgumentException("duplicate key detected in alphabet: " + alphabet[i]); + } + indexMap.Add(alphabet[i], i); + charMap.Add(i, alphabet[i]); + } + } + + public int Radix + { + get { return indexMap.Count; } + } + + public byte[] ConvertToIndexes(char[] input) + { + byte[] outBuf; + + if (indexMap.Count <= 256) + { + outBuf = new byte[input.Length]; + for (int i = 0; i != input.Length; i++) + { + outBuf[i] = (byte)(int)indexMap[input[i]]; + } + } + else + { + outBuf = new byte[input.Length * 2]; + for (int i = 0; i != input.Length; i++) + { + int idx = (int)indexMap[input[i]]; + outBuf[i * 2] = (byte)((idx >> 8) & 0xff); + outBuf[i * 2 + 1] = (byte)(idx & 0xff); + } + } + + return outBuf; + } + + public char[] ConvertToChars(byte[] input) + { + char[] outBuf; + + if (charMap.Count <= 256) + { + outBuf = new char[input.Length]; + for (int i = 0; i != input.Length; i++) + { + outBuf[i] = (char)charMap[input[i] & 0xff]; + } + } + else + { + if ((input.Length & 0x1) != 0) + { + throw new ArgumentException("two byte radix and input string odd.Length"); + } + + outBuf = new char[input.Length / 2]; + for (int i = 0; i != input.Length; i += 2) + { + outBuf[i / 2] = (char)charMap[((input[i] << 8) & 0xff00) | (input[i + 1] & 0xff)]; + } + } + + return outBuf; + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/util/CipherFactory.cs b/BouncyCastle/crypto/src/crypto/util/CipherFactory.cs new file mode 100644 index 0000000..f599826 --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/util/CipherFactory.cs @@ -0,0 +1,145 @@ +using System; + +using Org.BouncyCastle.Asn1; +using Org.BouncyCastle.Asn1.Kisa; +using Org.BouncyCastle.Asn1.Misc; +using Org.BouncyCastle.Asn1.Nist; +using Org.BouncyCastle.Asn1.Ntt; +using Org.BouncyCastle.Asn1.Oiw; +using Org.BouncyCastle.Asn1.Pkcs; +using Org.BouncyCastle.Asn1.X509; +using Org.BouncyCastle.Crypto.Engines; +using Org.BouncyCastle.Crypto.Modes; +using Org.BouncyCastle.Crypto.Paddings; +using Org.BouncyCastle.Crypto.Parameters; + +namespace Org.BouncyCastle.Crypto.Utilities +{ + public class CipherFactory + { + private CipherFactory() + { + } + + private static readonly short[] rc2Ekb = + { + 0x5d, 0xbe, 0x9b, 0x8b, 0x11, 0x99, 0x6e, 0x4d, 0x59, 0xf3, 0x85, 0xa6, 0x3f, 0xb7, 0x83, 0xc5, + 0xe4, 0x73, 0x6b, 0x3a, 0x68, 0x5a, 0xc0, 0x47, 0xa0, 0x64, 0x34, 0x0c, 0xf1, 0xd0, 0x52, 0xa5, + 0xb9, 0x1e, 0x96, 0x43, 0x41, 0xd8, 0xd4, 0x2c, 0xdb, 0xf8, 0x07, 0x77, 0x2a, 0xca, 0xeb, 0xef, + 0x10, 0x1c, 0x16, 0x0d, 0x38, 0x72, 0x2f, 0x89, 0xc1, 0xf9, 0x80, 0xc4, 0x6d, 0xae, 0x30, 0x3d, + 0xce, 0x20, 0x63, 0xfe, 0xe6, 0x1a, 0xc7, 0xb8, 0x50, 0xe8, 0x24, 0x17, 0xfc, 0x25, 0x6f, 0xbb, + 0x6a, 0xa3, 0x44, 0x53, 0xd9, 0xa2, 0x01, 0xab, 0xbc, 0xb6, 0x1f, 0x98, 0xee, 0x9a, 0xa7, 0x2d, + 0x4f, 0x9e, 0x8e, 0xac, 0xe0, 0xc6, 0x49, 0x46, 0x29, 0xf4, 0x94, 0x8a, 0xaf, 0xe1, 0x5b, 0xc3, + 0xb3, 0x7b, 0x57, 0xd1, 0x7c, 0x9c, 0xed, 0x87, 0x40, 0x8c, 0xe2, 0xcb, 0x93, 0x14, 0xc9, 0x61, + 0x2e, 0xe5, 0xcc, 0xf6, 0x5e, 0xa8, 0x5c, 0xd6, 0x75, 0x8d, 0x62, 0x95, 0x58, 0x69, 0x76, 0xa1, + 0x4a, 0xb5, 0x55, 0x09, 0x78, 0x33, 0x82, 0xd7, 0xdd, 0x79, 0xf5, 0x1b, 0x0b, 0xde, 0x26, 0x21, + 0x28, 0x74, 0x04, 0x97, 0x56, 0xdf, 0x3c, 0xf0, 0x37, 0x39, 0xdc, 0xff, 0x06, 0xa4, 0xea, 0x42, + 0x08, 0xda, 0xb4, 0x71, 0xb0, 0xcf, 0x12, 0x7a, 0x4e, 0xfa, 0x6c, 0x1d, 0x84, 0x00, 0xc8, 0x7f, + 0x91, 0x45, 0xaa, 0x2b, 0xc2, 0xb1, 0x8f, 0xd5, 0xba, 0xf2, 0xad, 0x19, 0xb2, 0x67, 0x36, 0xf7, + 0x0f, 0x0a, 0x92, 0x7d, 0xe3, 0x9d, 0xe9, 0x90, 0x3e, 0x23, 0x27, 0x66, 0x13, 0xec, 0x81, 0x15, + 0xbd, 0x22, 0xbf, 0x9f, 0x7e, 0xa9, 0x51, 0x4b, 0x4c, 0xfb, 0x02, 0xd3, 0x70, 0x86, 0x31, 0xe7, + 0x3b, 0x05, 0x03, 0x54, 0x60, 0x48, 0x65, 0x18, 0xd2, 0xcd, 0x5f, 0x32, 0x88, 0x0e, 0x35, 0xfd + }; + + public static object CreateContentCipher(bool forEncryption, ICipherParameters encKey, + AlgorithmIdentifier encryptionAlgID) + { + DerObjectIdentifier encAlg = encryptionAlgID.Algorithm; + + if (encAlg.Equals(PkcsObjectIdentifiers.rc4)) + { + IStreamCipher cipher = new RC4Engine(); + cipher.Init(forEncryption, encKey); + return cipher; + } + else + { + BufferedBlockCipher cipher = CreateCipher(encryptionAlgID.Algorithm); + Asn1Object sParams = encryptionAlgID.Parameters.ToAsn1Object(); + + if (sParams != null && !(sParams is DerNull)) + { + if (encAlg.Equals(PkcsObjectIdentifiers.DesEde3Cbc) + || encAlg.Equals(AlgorithmIdentifierFactory.IDEA_CBC) + || encAlg.Equals(NistObjectIdentifiers.IdAes128Cbc) + || encAlg.Equals(NistObjectIdentifiers.IdAes192Cbc) + || encAlg.Equals(NistObjectIdentifiers.IdAes256Cbc) + || encAlg.Equals(NttObjectIdentifiers.IdCamellia128Cbc) + || encAlg.Equals(NttObjectIdentifiers.IdCamellia192Cbc) + || encAlg.Equals(NttObjectIdentifiers.IdCamellia256Cbc) + || encAlg.Equals(KisaObjectIdentifiers.IdSeedCbc) + || encAlg.Equals(OiwObjectIdentifiers.DesCbc)) + { + cipher.Init(forEncryption, new ParametersWithIV(encKey, + Asn1OctetString.GetInstance(sParams).GetOctets())); + } + else if (encAlg.Equals(AlgorithmIdentifierFactory.CAST5_CBC)) + { + Cast5CbcParameters cbcParams = Cast5CbcParameters.GetInstance(sParams); + + cipher.Init(forEncryption, new ParametersWithIV(encKey, cbcParams.GetIV())); + } + else if (encAlg.Equals(PkcsObjectIdentifiers.RC2Cbc)) + { + RC2CbcParameter cbcParams = RC2CbcParameter.GetInstance(sParams); + + cipher.Init(forEncryption, new ParametersWithIV(new RC2Parameters(((KeyParameter)encKey).GetKey(), rc2Ekb[cbcParams.RC2ParameterVersion.IntValue]), cbcParams.GetIV())); + } + else + { + throw new InvalidOperationException("cannot match parameters"); + } + } + else + { + if (encAlg.Equals(PkcsObjectIdentifiers.DesEde3Cbc) + || encAlg.Equals(AlgorithmIdentifierFactory.IDEA_CBC) + || encAlg.Equals(AlgorithmIdentifierFactory.CAST5_CBC)) + { + cipher.Init(forEncryption, new ParametersWithIV(encKey, new byte[8])); + } + else + { + cipher.Init(forEncryption, encKey); + } + } + + return cipher; + } + } + + private static BufferedBlockCipher CreateCipher(DerObjectIdentifier algorithm) + { + IBlockCipher cipher; + + if (NistObjectIdentifiers.IdAes128Cbc.Equals(algorithm) + || NistObjectIdentifiers.IdAes192Cbc.Equals(algorithm) + || NistObjectIdentifiers.IdAes256Cbc.Equals(algorithm)) + { + cipher = new CbcBlockCipher(new AesEngine()); + } + else if (PkcsObjectIdentifiers.DesEde3Cbc.Equals(algorithm)) + { + cipher = new CbcBlockCipher(new DesEdeEngine()); + } + else if (OiwObjectIdentifiers.DesCbc.Equals(algorithm)) + { + cipher = new CbcBlockCipher(new DesEngine()); + } + else if (PkcsObjectIdentifiers.RC2Cbc.Equals(algorithm)) + { + cipher = new CbcBlockCipher(new RC2Engine()); + } + else if (MiscObjectIdentifiers.cast5CBC.Equals(algorithm)) + { + cipher = new CbcBlockCipher(new Cast5Engine()); + } + else + { + throw new InvalidOperationException("cannot recognise cipher: " + algorithm); + } + + return new PaddedBufferedBlockCipher(cipher, new Pkcs7Padding()); + } + } +} diff --git a/BouncyCastle/crypto/src/crypto/util/CipherKeyGeneratorFactory.cs b/BouncyCastle/crypto/src/crypto/util/CipherKeyGeneratorFactory.cs new file mode 100644 index 0000000..efaad13 --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/util/CipherKeyGeneratorFactory.cs @@ -0,0 +1,95 @@ +using System; + +using Org.BouncyCastle.Asn1; +using Org.BouncyCastle.Asn1.Kisa; +using Org.BouncyCastle.Asn1.Nist; +using Org.BouncyCastle.Asn1.Ntt; +using Org.BouncyCastle.Asn1.Oiw; +using Org.BouncyCastle.Asn1.Pkcs; +using Org.BouncyCastle.Crypto.Generators; +using Org.BouncyCastle.Security; + +namespace Org.BouncyCastle.Crypto.Utilities +{ + public class CipherKeyGeneratorFactory + { + private CipherKeyGeneratorFactory() + { + } + + /** + * Create a key generator for the passed in Object Identifier. + * + * @param algorithm the Object Identifier indicating the algorithn the generator is for. + * @param random a source of random to initialise the generator with. + * @return an initialised CipherKeyGenerator. + * @throws IllegalArgumentException if the algorithm cannot be identified. + */ + public static CipherKeyGenerator CreateKeyGenerator(DerObjectIdentifier algorithm, SecureRandom random) + { + if (NistObjectIdentifiers.IdAes128Cbc.Equals(algorithm)) + { + return CreateCipherKeyGenerator(random, 128); + } + else if (NistObjectIdentifiers.IdAes192Cbc.Equals(algorithm)) + { + return CreateCipherKeyGenerator(random, 192); + } + else if (NistObjectIdentifiers.IdAes256Cbc.Equals(algorithm)) + { + return CreateCipherKeyGenerator(random, 256); + } + else if (PkcsObjectIdentifiers.DesEde3Cbc.Equals(algorithm)) + { + DesEdeKeyGenerator keyGen = new DesEdeKeyGenerator(); + keyGen.Init(new KeyGenerationParameters(random, 192)); + return keyGen; + } + else if (NttObjectIdentifiers.IdCamellia128Cbc.Equals(algorithm)) + { + return CreateCipherKeyGenerator(random, 128); + } + else if (NttObjectIdentifiers.IdCamellia192Cbc.Equals(algorithm)) + { + return CreateCipherKeyGenerator(random, 192); + } + else if (NttObjectIdentifiers.IdCamellia256Cbc.Equals(algorithm)) + { + return CreateCipherKeyGenerator(random, 256); + } + else if (KisaObjectIdentifiers.IdSeedCbc.Equals(algorithm)) + { + return CreateCipherKeyGenerator(random, 128); + } + else if (AlgorithmIdentifierFactory.CAST5_CBC.Equals(algorithm)) + { + return CreateCipherKeyGenerator(random, 128); + } + else if (OiwObjectIdentifiers.DesCbc.Equals(algorithm)) + { + DesKeyGenerator keyGen = new DesKeyGenerator(); + keyGen.Init(new KeyGenerationParameters(random, 64)); + return keyGen; + } + else if (PkcsObjectIdentifiers.rc4.Equals(algorithm)) + { + return CreateCipherKeyGenerator(random, 128); + } + else if (PkcsObjectIdentifiers.RC2Cbc.Equals(algorithm)) + { + return CreateCipherKeyGenerator(random, 128); + } + else + { + throw new InvalidOperationException("cannot recognise cipher: " + algorithm); + } + } + + private static CipherKeyGenerator CreateCipherKeyGenerator(SecureRandom random, int keySize) + { + CipherKeyGenerator keyGen = new CipherKeyGenerator(); + keyGen.Init(new KeyGenerationParameters(random, keySize)); + return keyGen; + } + } +} \ No newline at end of file diff --git a/BouncyCastle/crypto/src/crypto/util/Pack.cs b/BouncyCastle/crypto/src/crypto/util/Pack.cs new file mode 100644 index 0000000..8ba738d --- /dev/null +++ b/BouncyCastle/crypto/src/crypto/util/Pack.cs @@ -0,0 +1,436 @@ +using System; + +namespace Org.BouncyCastle.Crypto.Utilities +{ + internal sealed class Pack + { + private Pack() + { + } + + internal static void UInt16_To_BE(ushort n, byte[] bs) + { + bs[0] = (byte)(n >> 8); + bs[1] = (byte)(n); + } + + internal static void UInt16_To_BE(ushort n, byte[] bs, int off) + { + bs[off] = (byte)(n >> 8); + bs[off + 1] = (byte)(n); + } + + internal static void UInt16_To_BE(ushort[] ns, byte[] bs, int off) + { + for (int i = 0; i < ns.Length; ++i) + { + UInt16_To_BE(ns[i], bs, off); + off += 2; + } + } + + internal static void UInt16_To_BE(ushort[] ns, int nsOff, int nsLen, byte[] bs, int bsOff) + { + for (int i = 0; i < nsLen; ++i) + { + UInt16_To_BE(ns[nsOff + i], bs, bsOff); + bsOff += 2; + } + } + + internal static byte[] UInt16_To_BE(ushort n) + { + byte[] bs = new byte[2]; + UInt16_To_BE(n, bs, 0); + return bs; + } + + internal static byte[] UInt16_To_BE(ushort[] ns) + { + return UInt16_To_BE(ns, 0, ns.Length); + } + + internal static byte[] UInt16_To_BE(ushort[] ns, int nsOff, int nsLen) + { + byte[] bs = new byte[2 * nsLen]; + UInt16_To_BE(ns, nsOff, nsLen, bs, 0); + return bs; + } + + internal static ushort BE_To_UInt16(byte[] bs, int off) + { + uint n = (uint)bs[off] << 8 + | (uint)bs[off + 1]; + return (ushort)n; + } + + internal static void BE_To_UInt16(byte[] bs, int bsOff, ushort[] ns, int nsOff) + { + ns[nsOff] = BE_To_UInt16(bs, bsOff); + } + + internal static ushort[] BE_To_UInt16(byte[] bs) + { + return BE_To_UInt16(bs, 0, bs.Length); + } + + internal static ushort[] BE_To_UInt16(byte[] bs, int off, int len) + { + if ((len & 1) != 0) + throw new ArgumentException("must be a multiple of 2", "len"); + + ushort[] ns = new ushort[len / 2]; + for (int i = 0; i < len; i += 2) + { + BE_To_UInt16(bs, off + i, ns, i >> 1); + } + return ns; + } + + internal static void UInt32_To_BE(uint n, byte[] bs) + { + bs[0] = (byte)(n >> 24); + bs[1] = (byte)(n >> 16); + bs[2] = (byte)(n >> 8); + bs[3] = (byte)(n); + } + + internal static void UInt32_To_BE(uint n, byte[] bs, int off) + { + bs[off] = (byte)(n >> 24); + bs[off + 1] = (byte)(n >> 16); + bs[off + 2] = (byte)(n >> 8); + bs[off + 3] = (byte)(n); + } + + internal static void UInt32_To_BE(uint[] ns, byte[] bs, int off) + { + for (int i = 0; i < ns.Length; ++i) + { + UInt32_To_BE(ns[i], bs, off); + off += 4; + } + } + + internal static void UInt32_To_BE(uint[] ns, int nsOff, int nsLen, byte[] bs, int bsOff) + { + for (int i = 0; i < nsLen; ++i) + { + UInt32_To_BE(ns[nsOff + i], bs, bsOff); + bsOff += 4; + } + } + + internal static byte[] UInt32_To_BE(uint n) + { + byte[] bs = new byte[4]; + UInt32_To_BE(n, bs, 0); + return bs; + } + + internal static byte[] UInt32_To_BE(uint[] ns) + { + byte[] bs = new byte[4 * ns.Length]; + UInt32_To_BE(ns, bs, 0); + return bs; + } + + internal static uint BE_To_UInt32(byte[] bs) + { + return (uint)bs[0] << 24 + | (uint)bs[1] << 16 + | (uint)bs[2] << 8 + | (uint)bs[3]; + } + + internal static uint BE_To_UInt32(byte[] bs, int off) + { + return (uint)bs[off] << 24 + | (uint)bs[off + 1] << 16 + | (uint)bs[off + 2] << 8 + | (uint)bs[off + 3]; + } + + internal static void BE_To_UInt32(byte[] bs, int off, uint[] ns) + { + for (int i = 0; i < ns.Length; ++i) + { + ns[i] = BE_To_UInt32(bs, off); + off += 4; + } + } + + internal static void BE_To_UInt32(byte[] bs, int bsOff, uint[] ns, int nsOff, int nsLen) + { + for (int i = 0; i < nsLen; ++i) + { + ns[nsOff + i] = BE_To_UInt32(bs, bsOff); + bsOff += 4; + } + } + + internal static byte[] UInt64_To_BE(ulong n) + { + byte[] bs = new byte[8]; + UInt64_To_BE(n, bs, 0); + return bs; + } + + internal static void UInt64_To_BE(ulong n, byte[] bs) + { + UInt32_To_BE((uint)(n >> 32), bs); + UInt32_To_BE((uint)(n), bs, 4); + } + + internal static void UInt64_To_BE(ulong n, byte[] bs, int off) + { + UInt32_To_BE((uint)(n >> 32), bs, off); + UInt32_To_BE((uint)(n), bs, off + 4); + } + + internal static byte[] UInt64_To_BE(ulong[] ns) + { + byte[] bs = new byte[8 * ns.Length]; + UInt64_To_BE(ns, bs, 0); + return bs; + } + + internal static void UInt64_To_BE(ulong[] ns, byte[] bs, int off) + { + for (int i = 0; i < ns.Length; ++i) + { + UInt64_To_BE(ns[i], bs, off); + off += 8; + } + } + + internal static void UInt64_To_BE(ulong[] ns, int nsOff, int nsLen, byte[] bs, int bsOff) + { + for (int i = 0; i < nsLen; ++i) + { + UInt64_To_BE(ns[nsOff + i], bs, bsOff); + bsOff += 8; + } + } + + internal static ulong BE_To_UInt64(byte[] bs, int off) + { + uint hi = BE_To_UInt32(bs, off); + uint lo = BE_To_UInt32(bs, off + 4); + return ((ulong)hi << 32) | (ulong)lo; + } + + internal static void BE_To_UInt64(byte[] bs, int off, ulong[] ns) + { + for (int i = 0; i < ns.Length; ++i) + { + ns[i] = BE_To_UInt64(bs, off); + off += 8; + } + } + + internal static void BE_To_UInt64(byte[] bs, int bsOff, ulong[] ns, int nsOff, int nsLen) + { + for (int i = 0; i < nsLen; ++i) + { + ns[nsOff + i] = BE_To_UInt64(bs, bsOff); + bsOff += 8; + } + } + + internal static void UInt16_To_LE(ushort n, byte[] bs) + { + bs[0] = (byte)(n); + bs[1] = (byte)(n >> 8); + } + + internal static void UInt16_To_LE(ushort n, byte[] bs, int off) + { + bs[off] = (byte)(n); + bs[off + 1] = (byte)(n >> 8); + } + + internal static ushort LE_To_UInt16(byte[] bs) + { + uint n = (uint)bs[0] + | (uint)bs[1] << 8; + return (ushort)n; + } + + internal static ushort LE_To_UInt16(byte[] bs, int off) + { + uint n = (uint)bs[off] + | (uint)bs[off + 1] << 8; + return (ushort)n; + } + + internal static byte[] UInt32_To_LE(uint n) + { + byte[] bs = new byte[4]; + UInt32_To_LE(n, bs, 0); + return bs; + } + + internal static void UInt32_To_LE(uint n, byte[] bs) + { + bs[0] = (byte)(n); + bs[1] = (byte)(n >> 8); + bs[2] = (byte)(n >> 16); + bs[3] = (byte)(n >> 24); + } + + internal static void UInt32_To_LE(uint n, byte[] bs, int off) + { + bs[off] = (byte)(n); + bs[off + 1] = (byte)(n >> 8); + bs[off + 2] = (byte)(n >> 16); + bs[off + 3] = (byte)(n >> 24); + } + + internal static byte[] UInt32_To_LE(uint[] ns) + { + byte[] bs = new byte[4 * ns.Length]; + UInt32_To_LE(ns, bs, 0); + return bs; + } + + internal static void UInt32_To_LE(uint[] ns, byte[] bs, int off) + { + for (int i = 0; i < ns.Length; ++i) + { + UInt32_To_LE(ns[i], bs, off); + off += 4; + } + } + + internal static void UInt32_To_LE(uint[] ns, int nsOff, int nsLen, byte[] bs, int bsOff) + { + for (int i = 0; i < nsLen; ++i) + { + UInt32_To_LE(ns[nsOff + i], bs, bsOff); + bsOff += 4; + } + } + + internal static uint LE_To_UInt32(byte[] bs) + { + return (uint)bs[0] + | (uint)bs[1] << 8 + | (uint)bs[2] << 16 + | (uint)bs[3] << 24; + } + + internal static uint LE_To_UInt32(byte[] bs, int off) + { + return (uint)bs[off] + | (uint)bs[off + 1] << 8 + | (uint)bs[off + 2] << 16 + | (uint)bs[off + 3] << 24; + } + + internal static void LE_To_UInt32(byte[] bs, int off, uint[] ns) + { + for (int i = 0; i < ns.Length; ++i) + { + ns[i] = LE_To_UInt32(bs, off); + off += 4; + } + } + + internal static void LE_To_UInt32(byte[] bs, int bOff, uint[] ns, int nOff, int count) + { + for (int i = 0; i < count; ++i) + { + ns[nOff + i] = LE_To_UInt32(bs, bOff); + bOff += 4; + } + } + + internal static uint[] LE_To_UInt32(byte[] bs, int off, int count) + { + uint[] ns = new uint[count]; + for (int i = 0; i < ns.Length; ++i) + { + ns[i] = LE_To_UInt32(bs, off); + off += 4; + } + return ns; + } + + internal static byte[] UInt64_To_LE(ulong n) + { + byte[] bs = new byte[8]; + UInt64_To_LE(n, bs, 0); + return bs; + } + + internal static void UInt64_To_LE(ulong n, byte[] bs) + { + UInt32_To_LE((uint)(n), bs); + UInt32_To_LE((uint)(n >> 32), bs, 4); + } + + internal static void UInt64_To_LE(ulong n, byte[] bs, int off) + { + UInt32_To_LE((uint)(n), bs, off); + UInt32_To_LE((uint)(n >> 32), bs, off + 4); + } + + internal static byte[] UInt64_To_LE(ulong[] ns) + { + byte[] bs = new byte[8 * ns.Length]; + UInt64_To_LE(ns, bs, 0); + return bs; + } + + internal static void UInt64_To_LE(ulong[] ns, byte[] bs, int off) + { + for (int i = 0; i < ns.Length; ++i) + { + UInt64_To_LE(ns[i], bs, off); + off += 8; + } + } + + internal static void UInt64_To_LE(ulong[] ns, int nsOff, int nsLen, byte[] bs, int bsOff) + { + for (int i = 0; i < nsLen; ++i) + { + UInt64_To_LE(ns[nsOff + i], bs, bsOff); + bsOff += 8; + } + } + + internal static ulong LE_To_UInt64(byte[] bs) + { + uint lo = LE_To_UInt32(bs); + uint hi = LE_To_UInt32(bs, 4); + return ((ulong)hi << 32) | (ulong)lo; + } + + internal static ulong LE_To_UInt64(byte[] bs, int off) + { + uint lo = LE_To_UInt32(bs, off); + uint hi = LE_To_UInt32(bs, off + 4); + return ((ulong)hi << 32) | (ulong)lo; + } + + internal static void LE_To_UInt64(byte[] bs, int off, ulong[] ns) + { + for (int i = 0; i < ns.Length; ++i) + { + ns[i] = LE_To_UInt64(bs, off); + off += 8; + } + } + + internal static void LE_To_UInt64(byte[] bs, int bsOff, ulong[] ns, int nsOff, int nsLen) + { + for (int i = 0; i < nsLen; ++i) + { + ns[nsOff + i] = LE_To_UInt64(bs, bsOff); + bsOff += 8; + } + } + } +} diff --git a/BouncyCastle/crypto/src/math/BigInteger.cs b/BouncyCastle/crypto/src/math/BigInteger.cs new file mode 100644 index 0000000..3badb6d --- /dev/null +++ b/BouncyCastle/crypto/src/math/BigInteger.cs @@ -0,0 +1,3624 @@ +using System; +using System.Collections; +using System.Diagnostics; +using System.Globalization; +using System.Text; + +using Org.BouncyCastle.Security; +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Math +{ +#if !(NETCF_1_0 || NETCF_2_0 || SILVERLIGHT || PORTABLE) + [Serializable] +#endif + public class BigInteger + { + // The first few odd primes + /* + 3 5 7 11 13 17 19 23 29 + 31 37 41 43 47 53 59 61 67 71 + 73 79 83 89 97 101 103 107 109 113 + 127 131 137 139 149 151 157 163 167 173 + 179 181 191 193 197 199 211 223 227 229 + 233 239 241 251 257 263 269 271 277 281 + 283 293 307 311 313 317 331 337 347 349 + 353 359 367 373 379 383 389 397 401 409 + 419 421 431 433 439 443 449 457 461 463 + 467 479 487 491 499 503 509 521 523 541 + 547 557 563 569 571 577 587 593 599 601 + 607 613 617 619 631 641 643 647 653 659 + 661 673 677 683 691 701 709 719 727 733 + 739 743 751 757 761 769 773 787 797 809 + 811 821 823 827 829 839 853 857 859 863 + 877 881 883 887 907 911 919 929 937 941 + 947 953 967 971 977 983 991 997 1009 + 1013 1019 1021 1031 1033 1039 1049 1051 + 1061 1063 1069 1087 1091 1093 1097 1103 + 1109 1117 1123 1129 1151 1153 1163 1171 + 1181 1187 1193 1201 1213 1217 1223 1229 + 1231 1237 1249 1259 1277 1279 1283 1289 + */ + + // Each list has a product < 2^31 + internal static readonly int[][] primeLists = new int[][] + { + new int[]{ 3, 5, 7, 11, 13, 17, 19, 23 }, + new int[]{ 29, 31, 37, 41, 43 }, + new int[]{ 47, 53, 59, 61, 67 }, + new int[]{ 71, 73, 79, 83 }, + new int[]{ 89, 97, 101, 103 }, + + new int[]{ 107, 109, 113, 127 }, + new int[]{ 131, 137, 139, 149 }, + new int[]{ 151, 157, 163, 167 }, + new int[]{ 173, 179, 181, 191 }, + new int[]{ 193, 197, 199, 211 }, + + new int[]{ 223, 227, 229 }, + new int[]{ 233, 239, 241 }, + new int[]{ 251, 257, 263 }, + new int[]{ 269, 271, 277 }, + new int[]{ 281, 283, 293 }, + + new int[]{ 307, 311, 313 }, + new int[]{ 317, 331, 337 }, + new int[]{ 347, 349, 353 }, + new int[]{ 359, 367, 373 }, + new int[]{ 379, 383, 389 }, + + new int[]{ 397, 401, 409 }, + new int[]{ 419, 421, 431 }, + new int[]{ 433, 439, 443 }, + new int[]{ 449, 457, 461 }, + new int[]{ 463, 467, 479 }, + + new int[]{ 487, 491, 499 }, + new int[]{ 503, 509, 521 }, + new int[]{ 523, 541, 547 }, + new int[]{ 557, 563, 569 }, + new int[]{ 571, 577, 587 }, + + new int[]{ 593, 599, 601 }, + new int[]{ 607, 613, 617 }, + new int[]{ 619, 631, 641 }, + new int[]{ 643, 647, 653 }, + new int[]{ 659, 661, 673 }, + + new int[]{ 677, 683, 691 }, + new int[]{ 701, 709, 719 }, + new int[]{ 727, 733, 739 }, + new int[]{ 743, 751, 757 }, + new int[]{ 761, 769, 773 }, + + new int[]{ 787, 797, 809 }, + new int[]{ 811, 821, 823 }, + new int[]{ 827, 829, 839 }, + new int[]{ 853, 857, 859 }, + new int[]{ 863, 877, 881 }, + + new int[]{ 883, 887, 907 }, + new int[]{ 911, 919, 929 }, + new int[]{ 937, 941, 947 }, + new int[]{ 953, 967, 971 }, + new int[]{ 977, 983, 991 }, + + new int[]{ 997, 1009, 1013 }, + new int[]{ 1019, 1021, 1031 }, + new int[]{ 1033, 1039, 1049 }, + new int[]{ 1051, 1061, 1063 }, + new int[]{ 1069, 1087, 1091 }, + + new int[]{ 1093, 1097, 1103 }, + new int[]{ 1109, 1117, 1123 }, + new int[]{ 1129, 1151, 1153 }, + new int[]{ 1163, 1171, 1181 }, + new int[]{ 1187, 1193, 1201 }, + + new int[]{ 1213, 1217, 1223 }, + new int[]{ 1229, 1231, 1237 }, + new int[]{ 1249, 1259, 1277 }, + new int[]{ 1279, 1283, 1289 }, + }; + + internal static readonly int[] primeProducts; + + private const long IMASK = 0xFFFFFFFFL; + private const ulong UIMASK = 0xFFFFFFFFUL; + + private static readonly int[] ZeroMagnitude = new int[0]; + private static readonly byte[] ZeroEncoding = new byte[0]; + + private static readonly BigInteger[] SMALL_CONSTANTS = new BigInteger[17]; + public static readonly BigInteger Zero; + public static readonly BigInteger One; + public static readonly BigInteger Two; + public static readonly BigInteger Three; + public static readonly BigInteger Four; + public static readonly BigInteger Ten; + + //private readonly static byte[] BitCountTable = + //{ + // 0, 1, 1, 2, 1, 2, 2, 3, 1, 2, 2, 3, 2, 3, 3, 4, + // 1, 2, 2, 3, 2, 3, 3, 4, 2, 3, 3, 4, 3, 4, 4, 5, + // 1, 2, 2, 3, 2, 3, 3, 4, 2, 3, 3, 4, 3, 4, 4, 5, + // 2, 3, 3, 4, 3, 4, 4, 5, 3, 4, 4, 5, 4, 5, 5, 6, + // 1, 2, 2, 3, 2, 3, 3, 4, 2, 3, 3, 4, 3, 4, 4, 5, + // 2, 3, 3, 4, 3, 4, 4, 5, 3, 4, 4, 5, 4, 5, 5, 6, + // 2, 3, 3, 4, 3, 4, 4, 5, 3, 4, 4, 5, 4, 5, 5, 6, + // 3, 4, 4, 5, 4, 5, 5, 6, 4, 5, 5, 6, 5, 6, 6, 7, + // 1, 2, 2, 3, 2, 3, 3, 4, 2, 3, 3, 4, 3, 4, 4, 5, + // 2, 3, 3, 4, 3, 4, 4, 5, 3, 4, 4, 5, 4, 5, 5, 6, + // 2, 3, 3, 4, 3, 4, 4, 5, 3, 4, 4, 5, 4, 5, 5, 6, + // 3, 4, 4, 5, 4, 5, 5, 6, 4, 5, 5, 6, 5, 6, 6, 7, + // 2, 3, 3, 4, 3, 4, 4, 5, 3, 4, 4, 5, 4, 5, 5, 6, + // 3, 4, 4, 5, 4, 5, 5, 6, 4, 5, 5, 6, 5, 6, 6, 7, + // 3, 4, 4, 5, 4, 5, 5, 6, 4, 5, 5, 6, 5, 6, 6, 7, + // 4, 5, 5, 6, 5, 6, 6, 7, 5, 6, 6, 7, 6, 7, 7, 8 + //}; + + private readonly static byte[] BitLengthTable = + { + 0, 1, 2, 2, 3, 3, 3, 3, 4, 4, 4, 4, 4, 4, 4, 4, + 5, 5, 5, 5, 5, 5, 5, 5, 5, 5, 5, 5, 5, 5, 5, 5, + 6, 6, 6, 6, 6, 6, 6, 6, 6, 6, 6, 6, 6, 6, 6, 6, + 6, 6, 6, 6, 6, 6, 6, 6, 6, 6, 6, 6, 6, 6, 6, 6, + 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, + 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, + 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, + 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, + 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, + 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, + 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, + 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, + 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, + 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, + 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, + 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8 + }; + + // TODO Parse radix-2 64 bits at a time and radix-8 63 bits at a time + private const int chunk2 = 1, chunk8 = 1, chunk10 = 19, chunk16 = 16; + private static readonly BigInteger radix2, radix2E, radix8, radix8E, radix10, radix10E, radix16, radix16E; + + private static readonly SecureRandom RandomSource = new SecureRandom(); + + /* + * These are the threshold bit-lengths (of an exponent) where we increase the window size. + * They are calculated according to the expected savings in multiplications. + * Some squares will also be saved on average, but we offset these against the extra storage costs. + */ + private static readonly int[] ExpWindowThresholds = { 7, 25, 81, 241, 673, 1793, 4609, Int32.MaxValue }; + + private const int BitsPerByte = 8; + private const int BitsPerInt = 32; + private const int BytesPerInt = 4; + + static BigInteger() + { + Zero = new BigInteger(0, ZeroMagnitude, false); + Zero.nBits = 0; Zero.nBitLength = 0; + + SMALL_CONSTANTS[0] = Zero; + for (uint i = 1; i < SMALL_CONSTANTS.Length; ++i) + { + SMALL_CONSTANTS[i] = CreateUValueOf(i); + } + + One = SMALL_CONSTANTS[1]; + Two = SMALL_CONSTANTS[2]; + Three = SMALL_CONSTANTS[3]; + Four = SMALL_CONSTANTS[4]; + Ten = SMALL_CONSTANTS[10]; + + radix2 = ValueOf(2); + radix2E = radix2.Pow(chunk2); + + radix8 = ValueOf(8); + radix8E = radix8.Pow(chunk8); + + radix10 = ValueOf(10); + radix10E = radix10.Pow(chunk10); + + radix16 = ValueOf(16); + radix16E = radix16.Pow(chunk16); + + primeProducts = new int[primeLists.Length]; + + for (int i = 0; i < primeLists.Length; ++i) + { + int[] primeList = primeLists[i]; + int product = primeList[0]; + for (int j = 1; j < primeList.Length; ++j) + { + product *= primeList[j]; + } + primeProducts[i] = product; + } + } + + private int[] magnitude; // array of ints with [0] being the most significant + private int sign; // -1 means -ve; +1 means +ve; 0 means 0; + private int nBits = -1; // cache BitCount() value + private int nBitLength = -1; // cache BitLength() value + private int mQuote = 0; // -m^(-1) mod b, b = 2^32 (see Montgomery mult.), 0 when uninitialised + + private static int GetByteLength( + int nBits) + { + return (nBits + BitsPerByte - 1) / BitsPerByte; + } + + public static BigInteger Arbitrary(int sizeInBits) + { + return new BigInteger(sizeInBits, RandomSource); + } + + private BigInteger( + int signum, + int[] mag, + bool checkMag) + { + if (checkMag) + { + int i = 0; + while (i < mag.Length && mag[i] == 0) + { + ++i; + } + + if (i == mag.Length) + { + this.sign = 0; + this.magnitude = ZeroMagnitude; + } + else + { + this.sign = signum; + + if (i == 0) + { + this.magnitude = mag; + } + else + { + // strip leading 0 words + this.magnitude = new int[mag.Length - i]; + Array.Copy(mag, i, this.magnitude, 0, this.magnitude.Length); + } + } + } + else + { + this.sign = signum; + this.magnitude = mag; + } + } + + public BigInteger( + string value) + : this(value, 10) + { + } + + public BigInteger( + string str, + int radix) + { + if (str.Length == 0) + throw new FormatException("Zero length BigInteger"); + + NumberStyles style; + int chunk; + BigInteger r; + BigInteger rE; + + switch (radix) + { + case 2: + // Is there anyway to restrict to binary digits? + style = NumberStyles.Integer; + chunk = chunk2; + r = radix2; + rE = radix2E; + break; + case 8: + // Is there anyway to restrict to octal digits? + style = NumberStyles.Integer; + chunk = chunk8; + r = radix8; + rE = radix8E; + break; + case 10: + // This style seems to handle spaces and minus sign already (our processing redundant?) + style = NumberStyles.Integer; + chunk = chunk10; + r = radix10; + rE = radix10E; + break; + case 16: + // TODO Should this be HexNumber? + style = NumberStyles.AllowHexSpecifier; + chunk = chunk16; + r = radix16; + rE = radix16E; + break; + default: + throw new FormatException("Only bases 2, 8, 10, or 16 allowed"); + } + + + int index = 0; + sign = 1; + + if (str[0] == '-') + { + if (str.Length == 1) + throw new FormatException("Zero length BigInteger"); + + sign = -1; + index = 1; + } + + // strip leading zeros from the string str + while (index < str.Length && Int32.Parse(str[index].ToString(), style) == 0) + { + index++; + } + + if (index >= str.Length) + { + // zero value - we're done + sign = 0; + magnitude = ZeroMagnitude; + return; + } + + ////// + // could we work out the max number of ints required to store + // str.Length digits in the given base, then allocate that + // storage in one hit?, then Generate the magnitude in one hit too? + ////// + + BigInteger b = Zero; + + + int next = index + chunk; + + if (next <= str.Length) + { + do + { + string s = str.Substring(index, chunk); + ulong i = ulong.Parse(s, style); + BigInteger bi = CreateUValueOf(i); + + switch (radix) + { + case 2: + // TODO Need this because we are parsing in radix 10 above + if (i >= 2) + throw new FormatException("Bad character in radix 2 string: " + s); + + // TODO Parse 64 bits at a time + b = b.ShiftLeft(1); + break; + case 8: + // TODO Need this because we are parsing in radix 10 above + if (i >= 8) + throw new FormatException("Bad character in radix 8 string: " + s); + + // TODO Parse 63 bits at a time + b = b.ShiftLeft(3); + break; + case 16: + b = b.ShiftLeft(64); + break; + default: + b = b.Multiply(rE); + break; + } + + b = b.Add(bi); + + index = next; + next += chunk; + } + while (next <= str.Length); + } + + if (index < str.Length) + { + string s = str.Substring(index); + ulong i = ulong.Parse(s, style); + BigInteger bi = CreateUValueOf(i); + + if (b.sign > 0) + { + if (radix == 2) + { + // NB: Can't reach here since we are parsing one char at a time + Debug.Assert(false); + + // TODO Parse all bits at once +// b = b.ShiftLeft(s.Length); + } + else if (radix == 8) + { + // NB: Can't reach here since we are parsing one char at a time + Debug.Assert(false); + + // TODO Parse all bits at once +// b = b.ShiftLeft(s.Length * 3); + } + else if (radix == 16) + { + b = b.ShiftLeft(s.Length << 2); + } + else + { + b = b.Multiply(r.Pow(s.Length)); + } + + b = b.Add(bi); + } + else + { + b = bi; + } + } + + // Note: This is the previous (slower) algorithm +// while (index < value.Length) +// { +// char c = value[index]; +// string s = c.ToString(); +// int i = Int32.Parse(s, style); +// +// b = b.Multiply(r).Add(ValueOf(i)); +// index++; +// } + + magnitude = b.magnitude; + } + + public BigInteger( + byte[] bytes) + : this(bytes, 0, bytes.Length) + { + } + + public BigInteger( + byte[] bytes, + int offset, + int length) + { + if (length == 0) + throw new FormatException("Zero length BigInteger"); + + // TODO Move this processing into MakeMagnitude (provide sign argument) + if ((sbyte)bytes[offset] < 0) + { + this.sign = -1; + + int end = offset + length; + + int iBval; + // strip leading sign bytes + for (iBval = offset; iBval < end && ((sbyte)bytes[iBval] == -1); iBval++) + { + } + + if (iBval >= end) + { + this.magnitude = One.magnitude; + } + else + { + int numBytes = end - iBval; + byte[] inverse = new byte[numBytes]; + + int index = 0; + while (index < numBytes) + { + inverse[index++] = (byte)~bytes[iBval++]; + } + + Debug.Assert(iBval == end); + + while (inverse[--index] == byte.MaxValue) + { + inverse[index] = byte.MinValue; + } + + inverse[index]++; + + this.magnitude = MakeMagnitude(inverse, 0, inverse.Length); + } + } + else + { + // strip leading zero bytes and return magnitude bytes + this.magnitude = MakeMagnitude(bytes, offset, length); + this.sign = this.magnitude.Length > 0 ? 1 : 0; + } + } + + private static int[] MakeMagnitude( + byte[] bytes, + int offset, + int length) + { + int end = offset + length; + + // strip leading zeros + int firstSignificant; + for (firstSignificant = offset; firstSignificant < end + && bytes[firstSignificant] == 0; firstSignificant++) + { + } + + if (firstSignificant >= end) + { + return ZeroMagnitude; + } + + int nInts = (end - firstSignificant + 3) / BytesPerInt; + int bCount = (end - firstSignificant) % BytesPerInt; + if (bCount == 0) + { + bCount = BytesPerInt; + } + + if (nInts < 1) + { + return ZeroMagnitude; + } + + int[] mag = new int[nInts]; + + int v = 0; + int magnitudeIndex = 0; + for (int i = firstSignificant; i < end; ++i) + { + v <<= 8; + v |= bytes[i] & 0xff; + bCount--; + if (bCount <= 0) + { + mag[magnitudeIndex] = v; + magnitudeIndex++; + bCount = BytesPerInt; + v = 0; + } + } + + if (magnitudeIndex < mag.Length) + { + mag[magnitudeIndex] = v; + } + + return mag; + } + + public BigInteger( + int sign, + byte[] bytes) + : this(sign, bytes, 0, bytes.Length) + { + } + + public BigInteger( + int sign, + byte[] bytes, + int offset, + int length) + { + if (sign < -1 || sign > 1) + throw new FormatException("Invalid sign value"); + + if (sign == 0) + { + this.sign = 0; + this.magnitude = ZeroMagnitude; + } + else + { + // copy bytes + this.magnitude = MakeMagnitude(bytes, offset, length); + this.sign = this.magnitude.Length < 1 ? 0 : sign; + } + } + + public BigInteger( + int sizeInBits, + Random random) + { + if (sizeInBits < 0) + throw new ArgumentException("sizeInBits must be non-negative"); + + this.nBits = -1; + this.nBitLength = -1; + + if (sizeInBits == 0) + { + this.sign = 0; + this.magnitude = ZeroMagnitude; + return; + } + + int nBytes = GetByteLength(sizeInBits); + byte[] b = new byte[nBytes]; + random.NextBytes(b); + + // strip off any excess bits in the MSB + int xBits = BitsPerByte * nBytes - sizeInBits; + b[0] &= (byte)(255U >> xBits); + + this.magnitude = MakeMagnitude(b, 0, b.Length); + this.sign = this.magnitude.Length < 1 ? 0 : 1; + } + + public BigInteger( + int bitLength, + int certainty, + Random random) + { + if (bitLength < 2) + throw new ArithmeticException("bitLength < 2"); + + this.sign = 1; + this.nBitLength = bitLength; + + if (bitLength == 2) + { + this.magnitude = random.Next(2) == 0 + ? Two.magnitude + : Three.magnitude; + return; + } + + int nBytes = GetByteLength(bitLength); + byte[] b = new byte[nBytes]; + + int xBits = BitsPerByte * nBytes - bitLength; + byte mask = (byte)(255U >> xBits); + byte lead = (byte)(1 << (7 - xBits)); + + for (;;) + { + random.NextBytes(b); + + // strip off any excess bits in the MSB + b[0] &= mask; + + // ensure the leading bit is 1 (to meet the strength requirement) + b[0] |= lead; + + // ensure the trailing bit is 1 (i.e. must be odd) + b[nBytes - 1] |= 1; + + this.magnitude = MakeMagnitude(b, 0, b.Length); + this.nBits = -1; + this.mQuote = 0; + + if (certainty < 1) + break; + + if (CheckProbablePrime(certainty, random, true)) + break; + + for (int j = 1; j < (magnitude.Length - 1); ++j) + { + this.magnitude[j] ^= random.Next(); + + if (CheckProbablePrime(certainty, random, true)) + return; + } + } + } + + public BigInteger Abs() + { + return sign >= 0 ? this : Negate(); + } + + /** + * return a = a + b - b preserved. + */ + private static int[] AddMagnitudes( + int[] a, + int[] b) + { + int tI = a.Length - 1; + int vI = b.Length - 1; + long m = 0; + + while (vI >= 0) + { + m += ((long)(uint)a[tI] + (long)(uint)b[vI--]); + a[tI--] = (int)m; + m = (long)((ulong)m >> 32); + } + + if (m != 0) + { + while (tI >= 0 && ++a[tI--] == 0) + { + } + } + + return a; + } + + public BigInteger Add( + BigInteger value) + { + if (this.sign == 0) + return value; + + if (this.sign != value.sign) + { + if (value.sign == 0) + return this; + + if (value.sign < 0) + return Subtract(value.Negate()); + + return value.Subtract(Negate()); + } + + return AddToMagnitude(value.magnitude); + } + + private BigInteger AddToMagnitude( + int[] magToAdd) + { + int[] big, small; + if (this.magnitude.Length < magToAdd.Length) + { + big = magToAdd; + small = this.magnitude; + } + else + { + big = this.magnitude; + small = magToAdd; + } + + // Conservatively avoid over-allocation when no overflow possible + uint limit = uint.MaxValue; + if (big.Length == small.Length) + limit -= (uint) small[0]; + + bool possibleOverflow = (uint) big[0] >= limit; + + int[] bigCopy; + if (possibleOverflow) + { + bigCopy = new int[big.Length + 1]; + big.CopyTo(bigCopy, 1); + } + else + { + bigCopy = (int[]) big.Clone(); + } + + bigCopy = AddMagnitudes(bigCopy, small); + + return new BigInteger(this.sign, bigCopy, possibleOverflow); + } + + public BigInteger And( + BigInteger value) + { + if (this.sign == 0 || value.sign == 0) + { + return Zero; + } + + int[] aMag = this.sign > 0 + ? this.magnitude + : Add(One).magnitude; + + int[] bMag = value.sign > 0 + ? value.magnitude + : value.Add(One).magnitude; + + bool resultNeg = sign < 0 && value.sign < 0; + int resultLength = System.Math.Max(aMag.Length, bMag.Length); + int[] resultMag = new int[resultLength]; + + int aStart = resultMag.Length - aMag.Length; + int bStart = resultMag.Length - bMag.Length; + + for (int i = 0; i < resultMag.Length; ++i) + { + int aWord = i >= aStart ? aMag[i - aStart] : 0; + int bWord = i >= bStart ? bMag[i - bStart] : 0; + + if (this.sign < 0) + { + aWord = ~aWord; + } + + if (value.sign < 0) + { + bWord = ~bWord; + } + + resultMag[i] = aWord & bWord; + + if (resultNeg) + { + resultMag[i] = ~resultMag[i]; + } + } + + BigInteger result = new BigInteger(1, resultMag, true); + + // TODO Optimise this case + if (resultNeg) + { + result = result.Not(); + } + + return result; + } + + public BigInteger AndNot( + BigInteger val) + { + return And(val.Not()); + } + + public int BitCount + { + get + { + if (nBits == -1) + { + if (sign < 0) + { + // TODO Optimise this case + nBits = Not().BitCount; + } + else + { + int sum = 0; + for (int i = 0; i < magnitude.Length; ++i) + { + sum += BitCnt(magnitude[i]); + } + nBits = sum; + } + } + + return nBits; + } + } + + public static int BitCnt(int i) + { + uint u = (uint)i; + u = u - ((u >> 1) & 0x55555555); + u = (u & 0x33333333) + ((u >> 2) & 0x33333333); + u = (u + (u >> 4)) & 0x0f0f0f0f; + u += (u >> 8); + u += (u >> 16); + u &= 0x3f; + return (int)u; + } + + private static int CalcBitLength(int sign, int indx, int[] mag) + { + for (;;) + { + if (indx >= mag.Length) + return 0; + + if (mag[indx] != 0) + break; + + ++indx; + } + + // bit length for everything after the first int + int bitLength = 32 * ((mag.Length - indx) - 1); + + // and determine bitlength of first int + int firstMag = mag[indx]; + bitLength += BitLen(firstMag); + + // Check for negative powers of two + if (sign < 0 && ((firstMag & -firstMag) == firstMag)) + { + do + { + if (++indx >= mag.Length) + { + --bitLength; + break; + } + } + while (mag[indx] == 0); + } + + return bitLength; + } + + public int BitLength + { + get + { + if (nBitLength == -1) + { + nBitLength = sign == 0 + ? 0 + : CalcBitLength(sign, 0, magnitude); + } + + return nBitLength; + } + } + + // + // BitLen(value) is the number of bits in value. + // + internal static int BitLen(int w) + { + uint v = (uint)w; + uint t = v >> 24; + if (t != 0) + return 24 + BitLengthTable[t]; + t = v >> 16; + if (t != 0) + return 16 + BitLengthTable[t]; + t = v >> 8; + if (t != 0) + return 8 + BitLengthTable[t]; + return BitLengthTable[v]; + } + + private bool QuickPow2Check() + { + return sign > 0 && nBits == 1; + } + + public int CompareTo( + object obj) + { + return CompareTo((BigInteger)obj); + } + + /** + * unsigned comparison on two arrays - note the arrays may + * start with leading zeros. + */ + private static int CompareTo( + int xIndx, + int[] x, + int yIndx, + int[] y) + { + while (xIndx != x.Length && x[xIndx] == 0) + { + xIndx++; + } + + while (yIndx != y.Length && y[yIndx] == 0) + { + yIndx++; + } + + return CompareNoLeadingZeroes(xIndx, x, yIndx, y); + } + + private static int CompareNoLeadingZeroes( + int xIndx, + int[] x, + int yIndx, + int[] y) + { + int diff = (x.Length - y.Length) - (xIndx - yIndx); + + if (diff != 0) + { + return diff < 0 ? -1 : 1; + } + + // lengths of magnitudes the same, test the magnitude values + + while (xIndx < x.Length) + { + uint v1 = (uint)x[xIndx++]; + uint v2 = (uint)y[yIndx++]; + + if (v1 != v2) + return v1 < v2 ? -1 : 1; + } + + return 0; + } + + public int CompareTo( + BigInteger value) + { + return sign < value.sign ? -1 + : sign > value.sign ? 1 + : sign == 0 ? 0 + : sign * CompareNoLeadingZeroes(0, magnitude, 0, value.magnitude); + } + + /** + * return z = x / y - done in place (z value preserved, x contains the + * remainder) + */ + private int[] Divide( + int[] x, + int[] y) + { + int xStart = 0; + while (xStart < x.Length && x[xStart] == 0) + { + ++xStart; + } + + int yStart = 0; + while (yStart < y.Length && y[yStart] == 0) + { + ++yStart; + } + + Debug.Assert(yStart < y.Length); + + int xyCmp = CompareNoLeadingZeroes(xStart, x, yStart, y); + int[] count; + + if (xyCmp > 0) + { + int yBitLength = CalcBitLength(1, yStart, y); + int xBitLength = CalcBitLength(1, xStart, x); + int shift = xBitLength - yBitLength; + + int[] iCount; + int iCountStart = 0; + + int[] c; + int cStart = 0; + int cBitLength = yBitLength; + if (shift > 0) + { +// iCount = ShiftLeft(One.magnitude, shift); + iCount = new int[(shift >> 5) + 1]; + iCount[0] = 1 << (shift % 32); + + c = ShiftLeft(y, shift); + cBitLength += shift; + } + else + { + iCount = new int[] { 1 }; + + int len = y.Length - yStart; + c = new int[len]; + Array.Copy(y, yStart, c, 0, len); + } + + count = new int[iCount.Length]; + + for (;;) + { + if (cBitLength < xBitLength + || CompareNoLeadingZeroes(xStart, x, cStart, c) >= 0) + { + Subtract(xStart, x, cStart, c); + AddMagnitudes(count, iCount); + + while (x[xStart] == 0) + { + if (++xStart == x.Length) + return count; + } + + //xBitLength = CalcBitLength(xStart, x); + xBitLength = 32 * (x.Length - xStart - 1) + BitLen(x[xStart]); + + if (xBitLength <= yBitLength) + { + if (xBitLength < yBitLength) + return count; + + xyCmp = CompareNoLeadingZeroes(xStart, x, yStart, y); + + if (xyCmp <= 0) + break; + } + } + + shift = cBitLength - xBitLength; + + // NB: The case where c[cStart] is 1-bit is harmless + if (shift == 1) + { + uint firstC = (uint) c[cStart] >> 1; + uint firstX = (uint) x[xStart]; + if (firstC > firstX) + ++shift; + } + + if (shift < 2) + { + ShiftRightOneInPlace(cStart, c); + --cBitLength; + ShiftRightOneInPlace(iCountStart, iCount); + } + else + { + ShiftRightInPlace(cStart, c, shift); + cBitLength -= shift; + ShiftRightInPlace(iCountStart, iCount, shift); + } + + //cStart = c.Length - ((cBitLength + 31) / 32); + while (c[cStart] == 0) + { + ++cStart; + } + + while (iCount[iCountStart] == 0) + { + ++iCountStart; + } + } + } + else + { + count = new int[1]; + } + + if (xyCmp == 0) + { + AddMagnitudes(count, One.magnitude); + Array.Clear(x, xStart, x.Length - xStart); + } + + return count; + } + + public BigInteger Divide( + BigInteger val) + { + if (val.sign == 0) + throw new ArithmeticException("Division by zero error"); + + if (sign == 0) + return Zero; + + if (val.QuickPow2Check()) // val is power of two + { + BigInteger result = this.Abs().ShiftRight(val.Abs().BitLength - 1); + return val.sign == this.sign ? result : result.Negate(); + } + + int[] mag = (int[]) this.magnitude.Clone(); + + return new BigInteger(this.sign * val.sign, Divide(mag, val.magnitude), true); + } + + public BigInteger[] DivideAndRemainder( + BigInteger val) + { + if (val.sign == 0) + throw new ArithmeticException("Division by zero error"); + + BigInteger[] biggies = new BigInteger[2]; + + if (sign == 0) + { + biggies[0] = Zero; + biggies[1] = Zero; + } + else if (val.QuickPow2Check()) // val is power of two + { + int e = val.Abs().BitLength - 1; + BigInteger quotient = this.Abs().ShiftRight(e); + int[] remainder = this.LastNBits(e); + + biggies[0] = val.sign == this.sign ? quotient : quotient.Negate(); + biggies[1] = new BigInteger(this.sign, remainder, true); + } + else + { + int[] remainder = (int[]) this.magnitude.Clone(); + int[] quotient = Divide(remainder, val.magnitude); + + biggies[0] = new BigInteger(this.sign * val.sign, quotient, true); + biggies[1] = new BigInteger(this.sign, remainder, true); + } + + return biggies; + } + + public override bool Equals( + object obj) + { + if (obj == this) + return true; + + BigInteger biggie = obj as BigInteger; + if (biggie == null) + return false; + + return sign == biggie.sign && IsEqualMagnitude(biggie); + } + + private bool IsEqualMagnitude(BigInteger x) + { + int[] xMag = x.magnitude; + if (magnitude.Length != x.magnitude.Length) + return false; + for (int i = 0; i < magnitude.Length; i++) + { + if (magnitude[i] != x.magnitude[i]) + return false; + } + return true; + } + + public BigInteger Gcd( + BigInteger value) + { + if (value.sign == 0) + return Abs(); + + if (sign == 0) + return value.Abs(); + + BigInteger r; + BigInteger u = this; + BigInteger v = value; + + while (v.sign != 0) + { + r = u.Mod(v); + u = v; + v = r; + } + + return u; + } + + public override int GetHashCode() + { + int hc = magnitude.Length; + if (magnitude.Length > 0) + { + hc ^= magnitude[0]; + + if (magnitude.Length > 1) + { + hc ^= magnitude[magnitude.Length - 1]; + } + } + + return sign < 0 ? ~hc : hc; + } + + // TODO Make public? + private BigInteger Inc() + { + if (this.sign == 0) + return One; + + if (this.sign < 0) + return new BigInteger(-1, doSubBigLil(this.magnitude, One.magnitude), true); + + return AddToMagnitude(One.magnitude); + } + + public int IntValue + { + get + { + if (sign == 0) + return 0; + + int n = magnitude.Length; + + int v = magnitude[n - 1]; + + return sign < 0 ? -v : v; + } + } + + public int IntValueExact + { + get + { + if (BitLength > 31) + throw new ArithmeticException("BigInteger out of int range"); + + return IntValue; + } + } + + /** + * return whether or not a BigInteger is probably prime with a + * probability of 1 - (1/2)**certainty. + *

From Knuth Vol 2, pg 395.

+ */ + public bool IsProbablePrime(int certainty) + { + return IsProbablePrime(certainty, false); + } + + internal bool IsProbablePrime(int certainty, bool randomlySelected) + { + if (certainty <= 0) + return true; + + BigInteger n = Abs(); + + if (!n.TestBit(0)) + return n.Equals(Two); + + if (n.Equals(One)) + return false; + + return n.CheckProbablePrime(certainty, RandomSource, randomlySelected); + } + + private bool CheckProbablePrime(int certainty, Random random, bool randomlySelected) + { + Debug.Assert(certainty > 0); + Debug.Assert(CompareTo(Two) > 0); + Debug.Assert(TestBit(0)); + + + // Try to reduce the penalty for really small numbers + int numLists = System.Math.Min(BitLength - 1, primeLists.Length); + + for (int i = 0; i < numLists; ++i) + { + int test = Remainder(primeProducts[i]); + + int[] primeList = primeLists[i]; + for (int j = 0; j < primeList.Length; ++j) + { + int prime = primeList[j]; + int qRem = test % prime; + if (qRem == 0) + { + // We may find small numbers in the list + return BitLength < 16 && IntValue == prime; + } + } + } + + + // TODO Special case for < 10^16 (RabinMiller fixed list) +// if (BitLength < 30) +// { +// RabinMiller against 2, 3, 5, 7, 11, 13, 23 is sufficient +// } + + + // TODO Is it worth trying to create a hybrid of these two? + return RabinMillerTest(certainty, random, randomlySelected); +// return SolovayStrassenTest(certainty, random); + +// bool rbTest = RabinMillerTest(certainty, random); +// bool ssTest = SolovayStrassenTest(certainty, random); +// +// Debug.Assert(rbTest == ssTest); +// +// return rbTest; + } + + public bool RabinMillerTest(int certainty, Random random) + { + return RabinMillerTest(certainty, random, false); + } + + internal bool RabinMillerTest(int certainty, Random random, bool randomlySelected) + { + int bits = BitLength; + + Debug.Assert(certainty > 0); + Debug.Assert(bits > 2); + Debug.Assert(TestBit(0)); + + int iterations = ((certainty - 1) / 2) + 1; + if (randomlySelected) + { + int itersFor100Cert = bits >= 1024 ? 4 + : bits >= 512 ? 8 + : bits >= 256 ? 16 + : 50; + + if (certainty < 100) + { + iterations = System.Math.Min(itersFor100Cert, iterations); + } + else + { + iterations -= 50; + iterations += itersFor100Cert; + } + } + + // let n = 1 + d . 2^s + BigInteger n = this; + int s = n.GetLowestSetBitMaskFirst(-1 << 1); + Debug.Assert(s >= 1); + BigInteger r = n.ShiftRight(s); + + // NOTE: Avoid conversion to/from Montgomery form and check for R/-R as result instead + + BigInteger montRadix = One.ShiftLeft(32 * n.magnitude.Length).Remainder(n); + BigInteger minusMontRadix = n.Subtract(montRadix); + + do + { + BigInteger a; + do + { + a = new BigInteger(n.BitLength, random); + } + while (a.sign == 0 || a.CompareTo(n) >= 0 + || a.IsEqualMagnitude(montRadix) || a.IsEqualMagnitude(minusMontRadix)); + + BigInteger y = ModPowMonty(a, r, n, false); + + if (!y.Equals(montRadix)) + { + int j = 0; + while (!y.Equals(minusMontRadix)) + { + if (++j == s) + return false; + + y = ModPowMonty(y, Two, n, false); + + if (y.Equals(montRadix)) + return false; + } + } + } + while (--iterations > 0); + + return true; + } + +// private bool SolovayStrassenTest( +// int certainty, +// Random random) +// { +// Debug.Assert(certainty > 0); +// Debug.Assert(CompareTo(Two) > 0); +// Debug.Assert(TestBit(0)); +// +// BigInteger n = this; +// BigInteger nMinusOne = n.Subtract(One); +// BigInteger e = nMinusOne.ShiftRight(1); +// +// do +// { +// BigInteger a; +// do +// { +// a = new BigInteger(nBitLength, random); +// } +// // NB: Spec says 0 < x < n, but 1 is trivial +// while (a.CompareTo(One) <= 0 || a.CompareTo(n) >= 0); +// +// +// // TODO Check this is redundant given the way Jacobi() works? +//// if (!a.Gcd(n).Equals(One)) +//// return false; +// +// int x = Jacobi(a, n); +// +// if (x == 0) +// return false; +// +// BigInteger check = a.ModPow(e, n); +// +// if (x == 1 && !check.Equals(One)) +// return false; +// +// if (x == -1 && !check.Equals(nMinusOne)) +// return false; +// +// --certainty; +// } +// while (certainty > 0); +// +// return true; +// } +// +// private static int Jacobi( +// BigInteger a, +// BigInteger b) +// { +// Debug.Assert(a.sign >= 0); +// Debug.Assert(b.sign > 0); +// Debug.Assert(b.TestBit(0)); +// Debug.Assert(a.CompareTo(b) < 0); +// +// int totalS = 1; +// for (;;) +// { +// if (a.sign == 0) +// return 0; +// +// if (a.Equals(One)) +// break; +// +// int e = a.GetLowestSetBit(); +// +// int bLsw = b.magnitude[b.magnitude.Length - 1]; +// if ((e & 1) != 0 && ((bLsw & 7) == 3 || (bLsw & 7) == 5)) +// totalS = -totalS; +// +// // TODO Confirm this is faster than later a1.Equals(One) test +// if (a.BitLength == e + 1) +// break; +// BigInteger a1 = a.ShiftRight(e); +//// if (a1.Equals(One)) +//// break; +// +// int a1Lsw = a1.magnitude[a1.magnitude.Length - 1]; +// if ((bLsw & 3) == 3 && (a1Lsw & 3) == 3) +// totalS = -totalS; +// +//// a = b.Mod(a1); +// a = b.Remainder(a1); +// b = a1; +// } +// return totalS; +// } + + public long LongValue + { + get + { + if (sign == 0) + return 0; + + int n = magnitude.Length; + + long v = magnitude[n - 1] & IMASK; + if (n > 1) + { + v |= (magnitude[n - 2] & IMASK) << 32; + } + + return sign < 0 ? -v : v; + } + } + + public long LongValueExact + { + get + { + if (BitLength > 63) + throw new ArithmeticException("BigInteger out of long range"); + + return LongValue; + } + } + + public BigInteger Max( + BigInteger value) + { + return CompareTo(value) > 0 ? this : value; + } + + public BigInteger Min( + BigInteger value) + { + return CompareTo(value) < 0 ? this : value; + } + + public BigInteger Mod( + BigInteger m) + { + if (m.sign < 1) + throw new ArithmeticException("Modulus must be positive"); + + BigInteger biggie = Remainder(m); + + return (biggie.sign >= 0 ? biggie : biggie.Add(m)); + } + + public BigInteger ModInverse( + BigInteger m) + { + if (m.sign < 1) + throw new ArithmeticException("Modulus must be positive"); + + // TODO Too slow at the moment +// // "Fast Key Exchange with Elliptic Curve Systems" R.Schoeppel +// if (m.TestBit(0)) +// { +// //The Almost Inverse Algorithm +// int k = 0; +// BigInteger B = One, C = Zero, F = this, G = m, tmp; +// +// for (;;) +// { +// // While F is even, do F=F/u, C=C*u, k=k+1. +// int zeroes = F.GetLowestSetBit(); +// if (zeroes > 0) +// { +// F = F.ShiftRight(zeroes); +// C = C.ShiftLeft(zeroes); +// k += zeroes; +// } +// +// // If F = 1, then return B,k. +// if (F.Equals(One)) +// { +// BigInteger half = m.Add(One).ShiftRight(1); +// BigInteger halfK = half.ModPow(BigInteger.ValueOf(k), m); +// return B.Multiply(halfK).Mod(m); +// } +// +// if (F.CompareTo(G) < 0) +// { +// tmp = G; G = F; F = tmp; +// tmp = B; B = C; C = tmp; +// } +// +// F = F.Add(G); +// B = B.Add(C); +// } +// } + + if (m.QuickPow2Check()) + { + return ModInversePow2(m); + } + + BigInteger d = this.Remainder(m); + BigInteger x; + BigInteger gcd = ExtEuclid(d, m, out x); + + if (!gcd.Equals(One)) + throw new ArithmeticException("Numbers not relatively prime."); + + if (x.sign < 0) + { + x = x.Add(m); + } + + return x; + } + + private BigInteger ModInversePow2(BigInteger m) + { + Debug.Assert(m.SignValue > 0); + Debug.Assert(m.BitCount == 1); + + if (!TestBit(0)) + { + throw new ArithmeticException("Numbers not relatively prime."); + } + + int pow = m.BitLength - 1; + + long inv64 = ModInverse64(LongValue); + if (pow < 64) + { + inv64 &= ((1L << pow) - 1); + } + + BigInteger x = BigInteger.ValueOf(inv64); + + if (pow > 64) + { + BigInteger d = this.Remainder(m); + int bitsCorrect = 64; + + do + { + BigInteger t = x.Multiply(d).Remainder(m); + x = x.Multiply(Two.Subtract(t)).Remainder(m); + bitsCorrect <<= 1; + } + while (bitsCorrect < pow); + } + + if (x.sign < 0) + { + x = x.Add(m); + } + + return x; + } + + private static int ModInverse32(int d) + { + // Newton's method with initial estimate "correct to 4 bits" + Debug.Assert((d & 1) != 0); + int x = d + (((d + 1) & 4) << 1); // d.x == 1 mod 2**4 + Debug.Assert(((d * x) & 15) == 1); + x *= 2 - d * x; // d.x == 1 mod 2**8 + x *= 2 - d * x; // d.x == 1 mod 2**16 + x *= 2 - d * x; // d.x == 1 mod 2**32 + Debug.Assert(d * x == 1); + return x; + } + + private static long ModInverse64(long d) + { + // Newton's method with initial estimate "correct to 4 bits" + Debug.Assert((d & 1L) != 0); + long x = d + (((d + 1L) & 4L) << 1); // d.x == 1 mod 2**4 + Debug.Assert(((d * x) & 15L) == 1L); + x *= 2 - d * x; // d.x == 1 mod 2**8 + x *= 2 - d * x; // d.x == 1 mod 2**16 + x *= 2 - d * x; // d.x == 1 mod 2**32 + x *= 2 - d * x; // d.x == 1 mod 2**64 + Debug.Assert(d * x == 1L); + return x; + } + + /** + * Calculate the numbers u1, u2, and u3 such that: + * + * u1 * a + u2 * b = u3 + * + * where u3 is the greatest common divider of a and b. + * a and b using the extended Euclid algorithm (refer p. 323 + * of The Art of Computer Programming vol 2, 2nd ed). + * This also seems to have the side effect of calculating + * some form of multiplicative inverse. + * + * @param a First number to calculate gcd for + * @param b Second number to calculate gcd for + * @param u1Out the return object for the u1 value + * @return The greatest common divisor of a and b + */ + private static BigInteger ExtEuclid(BigInteger a, BigInteger b, out BigInteger u1Out) + { + BigInteger u1 = One, v1 = Zero; + BigInteger u3 = a, v3 = b; + + if (v3.sign > 0) + { + for (;;) + { + BigInteger[] q = u3.DivideAndRemainder(v3); + u3 = v3; + v3 = q[1]; + + BigInteger oldU1 = u1; + u1 = v1; + + if (v3.sign <= 0) + break; + + v1 = oldU1.Subtract(v1.Multiply(q[0])); + } + } + + u1Out = u1; + + return u3; + } + + private static void ZeroOut( + int[] x) + { + Array.Clear(x, 0, x.Length); + } + + public BigInteger ModPow(BigInteger e, BigInteger m) + { + if (m.sign < 1) + throw new ArithmeticException("Modulus must be positive"); + + if (m.Equals(One)) + return Zero; + + if (e.sign == 0) + return One; + + if (sign == 0) + return Zero; + + bool negExp = e.sign < 0; + if (negExp) + e = e.Negate(); + + BigInteger result = this.Mod(m); + if (!e.Equals(One)) + { + if ((m.magnitude[m.magnitude.Length - 1] & 1) == 0) + { + result = ModPowBarrett(result, e, m); + } + else + { + result = ModPowMonty(result, e, m, true); + } + } + + if (negExp) + result = result.ModInverse(m); + + return result; + } + + private static BigInteger ModPowBarrett(BigInteger b, BigInteger e, BigInteger m) + { + int k = m.magnitude.Length; + BigInteger mr = One.ShiftLeft((k + 1) << 5); + BigInteger yu = One.ShiftLeft(k << 6).Divide(m); + + // Sliding window from MSW to LSW + int extraBits = 0, expLength = e.BitLength; + while (expLength > ExpWindowThresholds[extraBits]) + { + ++extraBits; + } + + int numPowers = 1 << extraBits; + BigInteger[] oddPowers = new BigInteger[numPowers]; + oddPowers[0] = b; + + BigInteger b2 = ReduceBarrett(b.Square(), m, mr, yu); + + for (int i = 1; i < numPowers; ++i) + { + oddPowers[i] = ReduceBarrett(oddPowers[i - 1].Multiply(b2), m, mr, yu); + } + + int[] windowList = GetWindowList(e.magnitude, extraBits); + Debug.Assert(windowList.Length > 0); + + int window = windowList[0]; + int mult = window & 0xFF, lastZeroes = window >> 8; + + BigInteger y; + if (mult == 1) + { + y = b2; + --lastZeroes; + } + else + { + y = oddPowers[mult >> 1]; + } + + int windowPos = 1; + while ((window = windowList[windowPos++]) != -1) + { + mult = window & 0xFF; + + int bits = lastZeroes + BitLengthTable[mult]; + for (int j = 0; j < bits; ++j) + { + y = ReduceBarrett(y.Square(), m, mr, yu); + } + + y = ReduceBarrett(y.Multiply(oddPowers[mult >> 1]), m, mr, yu); + + lastZeroes = window >> 8; + } + + for (int i = 0; i < lastZeroes; ++i) + { + y = ReduceBarrett(y.Square(), m, mr, yu); + } + + return y; + } + + private static BigInteger ReduceBarrett(BigInteger x, BigInteger m, BigInteger mr, BigInteger yu) + { + int xLen = x.BitLength, mLen = m.BitLength; + if (xLen < mLen) + return x; + + if (xLen - mLen > 1) + { + int k = m.magnitude.Length; + + BigInteger q1 = x.DivideWords(k - 1); + BigInteger q2 = q1.Multiply(yu); // TODO Only need partial multiplication here + BigInteger q3 = q2.DivideWords(k + 1); + + BigInteger r1 = x.RemainderWords(k + 1); + BigInteger r2 = q3.Multiply(m); // TODO Only need partial multiplication here + BigInteger r3 = r2.RemainderWords(k + 1); + + x = r1.Subtract(r3); + if (x.sign < 0) + { + x = x.Add(mr); + } + } + + while (x.CompareTo(m) >= 0) + { + x = x.Subtract(m); + } + + return x; + } + + private static BigInteger ModPowMonty(BigInteger b, BigInteger e, BigInteger m, bool convert) + { + int n = m.magnitude.Length; + int powR = 32 * n; + bool smallMontyModulus = m.BitLength + 2 <= powR; + uint mDash = (uint)m.GetMQuote(); + + // tmp = this * R mod m + if (convert) + { + b = b.ShiftLeft(powR).Remainder(m); + } + + int[] yAccum = new int[n + 1]; + + int[] zVal = b.magnitude; + Debug.Assert(zVal.Length <= n); + if (zVal.Length < n) + { + int[] tmp = new int[n]; + zVal.CopyTo(tmp, n - zVal.Length); + zVal = tmp; + } + + // Sliding window from MSW to LSW + + int extraBits = 0; + + // Filter the common case of small RSA exponents with few bits set + if (e.magnitude.Length > 1 || e.BitCount > 2) + { + int expLength = e.BitLength; + while (expLength > ExpWindowThresholds[extraBits]) + { + ++extraBits; + } + } + + int numPowers = 1 << extraBits; + int[][] oddPowers = new int[numPowers][]; + oddPowers[0] = zVal; + + int[] zSquared = Arrays.Clone(zVal); + SquareMonty(yAccum, zSquared, m.magnitude, mDash, smallMontyModulus); + + for (int i = 1; i < numPowers; ++i) + { + oddPowers[i] = Arrays.Clone(oddPowers[i - 1]); + MultiplyMonty(yAccum, oddPowers[i], zSquared, m.magnitude, mDash, smallMontyModulus); + } + + int[] windowList = GetWindowList(e.magnitude, extraBits); + Debug.Assert(windowList.Length > 1); + + int window = windowList[0]; + int mult = window & 0xFF, lastZeroes = window >> 8; + + int[] yVal; + if (mult == 1) + { + yVal = zSquared; + --lastZeroes; + } + else + { + yVal = Arrays.Clone(oddPowers[mult >> 1]); + } + + int windowPos = 1; + while ((window = windowList[windowPos++]) != -1) + { + mult = window & 0xFF; + + int bits = lastZeroes + BitLengthTable[mult]; + for (int j = 0; j < bits; ++j) + { + SquareMonty(yAccum, yVal, m.magnitude, mDash, smallMontyModulus); + } + + MultiplyMonty(yAccum, yVal, oddPowers[mult >> 1], m.magnitude, mDash, smallMontyModulus); + + lastZeroes = window >> 8; + } + + for (int i = 0; i < lastZeroes; ++i) + { + SquareMonty(yAccum, yVal, m.magnitude, mDash, smallMontyModulus); + } + + if (convert) + { + // Return y * R^(-1) mod m + MontgomeryReduce(yVal, m.magnitude, mDash); + } + else if (smallMontyModulus && CompareTo(0, yVal, 0, m.magnitude) >= 0) + { + Subtract(0, yVal, 0, m.magnitude); + } + + return new BigInteger(1, yVal, true); + } + + private static int[] GetWindowList(int[] mag, int extraBits) + { + int v = mag[0]; + Debug.Assert(v != 0); + + int leadingBits = BitLen(v); + + int resultSize = (((mag.Length - 1) << 5) + leadingBits) / (1 + extraBits) + 2; + int[] result = new int[resultSize]; + int resultPos = 0; + + int bitPos = 33 - leadingBits; + v <<= bitPos; + + int mult = 1, multLimit = 1 << extraBits; + int zeroes = 0; + + int i = 0; + for (; ; ) + { + for (; bitPos < 32; ++bitPos) + { + if (mult < multLimit) + { + mult = (mult << 1) | (int)((uint)v >> 31); + } + else if (v < 0) + { + result[resultPos++] = CreateWindowEntry(mult, zeroes); + mult = 1; + zeroes = 0; + } + else + { + ++zeroes; + } + + v <<= 1; + } + + if (++i == mag.Length) + { + result[resultPos++] = CreateWindowEntry(mult, zeroes); + break; + } + + v = mag[i]; + bitPos = 0; + } + + result[resultPos] = -1; + return result; + } + + private static int CreateWindowEntry(int mult, int zeroes) + { + while ((mult & 1) == 0) + { + mult >>= 1; + ++zeroes; + } + + return mult | (zeroes << 8); + } + + /** + * return w with w = x * x - w is assumed to have enough space. + */ + private static int[] Square( + int[] w, + int[] x) + { + // Note: this method allows w to be only (2 * x.Length - 1) words if result will fit +// if (w.Length != 2 * x.Length) +// throw new ArgumentException("no I don't think so..."); + + ulong c; + + int wBase = w.Length - 1; + + for (int i = x.Length - 1; i > 0; --i) + { + ulong v = (uint)x[i]; + + c = v * v + (uint)w[wBase]; + w[wBase] = (int)c; + c >>= 32; + + for (int j = i - 1; j >= 0; --j) + { + ulong prod = v * (uint)x[j]; + + c += ((uint)w[--wBase] & UIMASK) + ((uint)prod << 1); + w[wBase] = (int)c; + c = (c >> 32) + (prod >> 31); + } + + c += (uint)w[--wBase]; + w[wBase] = (int)c; + + if (--wBase >= 0) + { + w[wBase] = (int)(c >> 32); + } + else + { + Debug.Assert((c >> 32) == 0); + } + + wBase += i; + } + + c = (uint)x[0]; + + c = c * c + (uint)w[wBase]; + w[wBase] = (int)c; + + if (--wBase >= 0) + { + w[wBase] += (int)(c >> 32); + } + else + { + Debug.Assert((c >> 32) == 0); + } + + return w; + } + + /** + * return x with x = y * z - x is assumed to have enough space. + */ + private static int[] Multiply(int[] x, int[] y, int[] z) + { + int i = z.Length; + + if (i < 1) + return x; + + int xBase = x.Length - y.Length; + + do + { + long a = z[--i] & IMASK; + long val = 0; + + if (a != 0) + { + for (int j = y.Length - 1; j >= 0; j--) + { + val += a * (y[j] & IMASK) + (x[xBase + j] & IMASK); + + x[xBase + j] = (int)val; + + val = (long)((ulong)val >> 32); + } + } + + --xBase; + + if (xBase >= 0) + { + x[xBase] = (int)val; + } + else + { + Debug.Assert(val == 0); + } + } + while (i > 0); + + return x; + } + + /** + * Calculate mQuote = -m^(-1) mod b with b = 2^32 (32 = word size) + */ + private int GetMQuote() + { + if (mQuote != 0) + { + return mQuote; // already calculated + } + + Debug.Assert(this.sign > 0); + + int d = -magnitude[magnitude.Length - 1]; + + Debug.Assert((d & 1) != 0); + + return mQuote = ModInverse32(d); + } + + private static void MontgomeryReduce(int[] x, int[] m, uint mDash) // mDash = -m^(-1) mod b + { + // NOTE: Not a general purpose reduction (which would allow x up to twice the bitlength of m) + Debug.Assert(x.Length == m.Length); + + int n = m.Length; + + for (int i = n - 1; i >= 0; --i) + { + uint x0 = (uint)x[n - 1]; + ulong t = x0 * mDash; + + ulong carry = t * (uint)m[n - 1] + x0; + Debug.Assert((uint)carry == 0); + carry >>= 32; + + for (int j = n - 2; j >= 0; --j) + { + carry += t * (uint)m[j] + (uint)x[j]; + x[j + 1] = (int)carry; + carry >>= 32; + } + + x[0] = (int)carry; + Debug.Assert(carry >> 32 == 0); + } + + if (CompareTo(0, x, 0, m) >= 0) + { + Subtract(0, x, 0, m); + } + } + + /** + * Montgomery multiplication: a = x * y * R^(-1) mod m + *
+ * Based algorithm 14.36 of Handbook of Applied Cryptography. + *
+ *
  • m, x, y should have length n
    • + *
  • a should have length (n + 1)
    • + *
  • b = 2^32, R = b^n
    • + *
    + * The result is put in x + *
    + * NOTE: the indices of x, y, m, a different in HAC and in Java + */ + private static void MultiplyMonty(int[] a, int[] x, int[] y, int[] m, uint mDash, bool smallMontyModulus) + // mDash = -m^(-1) mod b + { + int n = m.Length; + + if (n == 1) + { + x[0] = (int)MultiplyMontyNIsOne((uint)x[0], (uint)y[0], (uint)m[0], mDash); + return; + } + + uint y0 = (uint)y[n - 1]; + int aMax; + + { + ulong xi = (uint)x[n - 1]; + + ulong carry = xi * y0; + ulong t = (uint)carry * mDash; + + ulong prod2 = t * (uint)m[n - 1]; + carry += (uint)prod2; + Debug.Assert((uint)carry == 0); + carry = (carry >> 32) + (prod2 >> 32); + + for (int j = n - 2; j >= 0; --j) + { + ulong prod1 = xi * (uint)y[j]; + prod2 = t * (uint)m[j]; + + carry += (prod1 & UIMASK) + (uint)prod2; + a[j + 2] = (int)carry; + carry = (carry >> 32) + (prod1 >> 32) + (prod2 >> 32); + } + + a[1] = (int)carry; + aMax = (int)(carry >> 32); + } + + for (int i = n - 2; i >= 0; --i) + { + uint a0 = (uint)a[n]; + ulong xi = (uint)x[i]; + + ulong prod1 = xi * y0; + ulong carry = (prod1 & UIMASK) + a0; + ulong t = (uint)carry * mDash; + + ulong prod2 = t * (uint)m[n - 1]; + carry += (uint)prod2; + Debug.Assert((uint)carry == 0); + carry = (carry >> 32) + (prod1 >> 32) + (prod2 >> 32); + + for (int j = n - 2; j >= 0; --j) + { + prod1 = xi * (uint)y[j]; + prod2 = t * (uint)m[j]; + + carry += (prod1 & UIMASK) + (uint)prod2 + (uint)a[j + 1]; + a[j + 2] = (int)carry; + carry = (carry >> 32) + (prod1 >> 32) + (prod2 >> 32); + } + + carry += (uint)aMax; + a[1] = (int)carry; + aMax = (int)(carry >> 32); + } + + a[0] = aMax; + + if (!smallMontyModulus && CompareTo(0, a, 0, m) >= 0) + { + Subtract(0, a, 0, m); + } + + Array.Copy(a, 1, x, 0, n); + } + + private static void SquareMonty(int[] a, int[] x, int[] m, uint mDash, bool smallMontyModulus) + // mDash = -m^(-1) mod b + { + int n = m.Length; + + if (n == 1) + { + uint xVal = (uint)x[0]; + x[0] = (int)MultiplyMontyNIsOne(xVal, xVal, (uint)m[0], mDash); + return; + } + + ulong x0 = (uint)x[n - 1]; + int aMax; + + { + ulong carry = x0 * x0; + ulong t = (uint)carry * mDash; + + ulong prod2 = t * (uint)m[n - 1]; + carry += (uint)prod2; + Debug.Assert((uint)carry == 0); + carry = (carry >> 32) + (prod2 >> 32); + + for (int j = n - 2; j >= 0; --j) + { + ulong prod1 = x0 * (uint)x[j]; + prod2 = t * (uint)m[j]; + + carry += (prod2 & UIMASK) + ((uint)prod1 << 1); + a[j + 2] = (int)carry; + carry = (carry >> 32) + (prod1 >> 31) + (prod2 >> 32); + } + + a[1] = (int)carry; + aMax = (int)(carry >> 32); + } + + for (int i = n - 2; i >= 0; --i) + { + uint a0 = (uint)a[n]; + ulong t = a0 * mDash; + + ulong carry = t * (uint)m[n - 1] + a0; + Debug.Assert((uint)carry == 0); + carry >>= 32; + + for (int j = n - 2; j > i; --j) + { + carry += t * (uint)m[j] + (uint)a[j + 1]; + a[j + 2] = (int)carry; + carry >>= 32; + } + + ulong xi = (uint)x[i]; + + { + ulong prod1 = xi * xi; + ulong prod2 = t * (uint)m[i]; + + carry += (prod1 & UIMASK) + (uint)prod2 + (uint)a[i + 1]; + a[i + 2] = (int)carry; + carry = (carry >> 32) + (prod1 >> 32) + (prod2 >> 32); + } + + for (int j = i - 1; j >= 0; --j) + { + ulong prod1 = xi * (uint)x[j]; + ulong prod2 = t * (uint)m[j]; + + carry += (prod2 & UIMASK) + ((uint)prod1 << 1) + (uint)a[j + 1]; + a[j + 2] = (int)carry; + carry = (carry >> 32) + (prod1 >> 31) + (prod2 >> 32); + } + + carry += (uint)aMax; + a[1] = (int)carry; + aMax = (int)(carry >> 32); + } + + a[0] = aMax; + + if (!smallMontyModulus && CompareTo(0, a, 0, m) >= 0) + { + Subtract(0, a, 0, m); + } + + Array.Copy(a, 1, x, 0, n); + } + + private static uint MultiplyMontyNIsOne(uint x, uint y, uint m, uint mDash) + { + ulong carry = (ulong)x * y; + uint t = (uint)carry * mDash; + ulong um = m; + ulong prod2 = um * t; + carry += (uint)prod2; + Debug.Assert((uint)carry == 0); + carry = (carry >> 32) + (prod2 >> 32); + if (carry > um) + { + carry -= um; + } + Debug.Assert(carry < um); + return (uint)carry; + } + + public BigInteger Multiply( + BigInteger val) + { + if (val == this) + return Square(); + + if ((sign & val.sign) == 0) + return Zero; + + if (val.QuickPow2Check()) // val is power of two + { + BigInteger result = this.ShiftLeft(val.Abs().BitLength - 1); + return val.sign > 0 ? result : result.Negate(); + } + + if (this.QuickPow2Check()) // this is power of two + { + BigInteger result = val.ShiftLeft(this.Abs().BitLength - 1); + return this.sign > 0 ? result : result.Negate(); + } + + int resLength = magnitude.Length + val.magnitude.Length; + int[] res = new int[resLength]; + + Multiply(res, this.magnitude, val.magnitude); + + int resSign = sign ^ val.sign ^ 1; + return new BigInteger(resSign, res, true); + } + + public BigInteger Square() + { + if (sign == 0) + return Zero; + if (this.QuickPow2Check()) + return ShiftLeft(Abs().BitLength - 1); + int resLength = magnitude.Length << 1; + if ((uint)magnitude[0] >> 16 == 0) + --resLength; + int[] res = new int[resLength]; + Square(res, magnitude); + return new BigInteger(1, res, false); + } + + public BigInteger Negate() + { + if (sign == 0) + return this; + + return new BigInteger(-sign, magnitude, false); + } + + public BigInteger NextProbablePrime() + { + if (sign < 0) + throw new ArithmeticException("Cannot be called on value < 0"); + + if (CompareTo(Two) < 0) + return Two; + + BigInteger n = Inc().SetBit(0); + + while (!n.CheckProbablePrime(100, RandomSource, false)) + { + n = n.Add(Two); + } + + return n; + } + + public BigInteger Not() + { + return Inc().Negate(); + } + + public BigInteger Pow(int exp) + { + if (exp <= 0) + { + if (exp < 0) + throw new ArithmeticException("Negative exponent"); + + return One; + } + + if (sign == 0) + { + return this; + } + + if (QuickPow2Check()) + { + long powOf2 = (long)exp * (BitLength - 1); + if (powOf2 > Int32.MaxValue) + { + throw new ArithmeticException("Result too large"); + } + return One.ShiftLeft((int)powOf2); + } + + BigInteger y = One; + BigInteger z = this; + + for (;;) + { + if ((exp & 0x1) == 1) + { + y = y.Multiply(z); + } + exp >>= 1; + if (exp == 0) break; + z = z.Multiply(z); + } + + return y; + } + + public static BigInteger ProbablePrime( + int bitLength, + Random random) + { + return new BigInteger(bitLength, 100, random); + } + + private int Remainder( + int m) + { + Debug.Assert(m > 0); + + long acc = 0; + for (int pos = 0; pos < magnitude.Length; ++pos) + { + long posVal = (uint) magnitude[pos]; + acc = (acc << 32 | posVal) % m; + } + + return (int) acc; + } + + /** + * return x = x % y - done in place (y value preserved) + */ + private static int[] Remainder( + int[] x, + int[] y) + { + int xStart = 0; + while (xStart < x.Length && x[xStart] == 0) + { + ++xStart; + } + + int yStart = 0; + while (yStart < y.Length && y[yStart] == 0) + { + ++yStart; + } + + Debug.Assert(yStart < y.Length); + + int xyCmp = CompareNoLeadingZeroes(xStart, x, yStart, y); + + if (xyCmp > 0) + { + int yBitLength = CalcBitLength(1, yStart, y); + int xBitLength = CalcBitLength(1, xStart, x); + int shift = xBitLength - yBitLength; + + int[] c; + int cStart = 0; + int cBitLength = yBitLength; + if (shift > 0) + { + c = ShiftLeft(y, shift); + cBitLength += shift; + Debug.Assert(c[0] != 0); + } + else + { + int len = y.Length - yStart; + c = new int[len]; + Array.Copy(y, yStart, c, 0, len); + } + + for (;;) + { + if (cBitLength < xBitLength + || CompareNoLeadingZeroes(xStart, x, cStart, c) >= 0) + { + Subtract(xStart, x, cStart, c); + + while (x[xStart] == 0) + { + if (++xStart == x.Length) + return x; + } + + //xBitLength = CalcBitLength(xStart, x); + xBitLength = 32 * (x.Length - xStart - 1) + BitLen(x[xStart]); + + if (xBitLength <= yBitLength) + { + if (xBitLength < yBitLength) + return x; + + xyCmp = CompareNoLeadingZeroes(xStart, x, yStart, y); + + if (xyCmp <= 0) + break; + } + } + + shift = cBitLength - xBitLength; + + // NB: The case where c[cStart] is 1-bit is harmless + if (shift == 1) + { + uint firstC = (uint) c[cStart] >> 1; + uint firstX = (uint) x[xStart]; + if (firstC > firstX) + ++shift; + } + + if (shift < 2) + { + ShiftRightOneInPlace(cStart, c); + --cBitLength; + } + else + { + ShiftRightInPlace(cStart, c, shift); + cBitLength -= shift; + } + + //cStart = c.Length - ((cBitLength + 31) / 32); + while (c[cStart] == 0) + { + ++cStart; + } + } + } + + if (xyCmp == 0) + { + Array.Clear(x, xStart, x.Length - xStart); + } + + return x; + } + + public BigInteger Remainder( + BigInteger n) + { + if (n.sign == 0) + throw new ArithmeticException("Division by zero error"); + + if (this.sign == 0) + return Zero; + + // For small values, use fast remainder method + if (n.magnitude.Length == 1) + { + int val = n.magnitude[0]; + + if (val > 0) + { + if (val == 1) + return Zero; + + // TODO Make this func work on uint, and handle val == 1? + int rem = Remainder(val); + + return rem == 0 + ? Zero + : new BigInteger(sign, new int[]{ rem }, false); + } + } + + if (CompareNoLeadingZeroes(0, magnitude, 0, n.magnitude) < 0) + return this; + + int[] result; + if (n.QuickPow2Check()) // n is power of two + { + // TODO Move before small values branch above? + result = LastNBits(n.Abs().BitLength - 1); + } + else + { + result = (int[]) this.magnitude.Clone(); + result = Remainder(result, n.magnitude); + } + + return new BigInteger(sign, result, true); + } + + private int[] LastNBits( + int n) + { + if (n < 1) + return ZeroMagnitude; + + int numWords = (n + BitsPerInt - 1) / BitsPerInt; + numWords = System.Math.Min(numWords, this.magnitude.Length); + int[] result = new int[numWords]; + + Array.Copy(this.magnitude, this.magnitude.Length - numWords, result, 0, numWords); + + int excessBits = (numWords << 5) - n; + if (excessBits > 0) + { + result[0] &= (int)(UInt32.MaxValue >> excessBits); + } + + return result; + } + + private BigInteger DivideWords(int w) + { + Debug.Assert(w >= 0); + int n = magnitude.Length; + if (w >= n) + return Zero; + int[] mag = new int[n - w]; + Array.Copy(magnitude, 0, mag, 0, n - w); + return new BigInteger(sign, mag, false); + } + + private BigInteger RemainderWords(int w) + { + Debug.Assert(w >= 0); + int n = magnitude.Length; + if (w >= n) + return this; + int[] mag = new int[w]; + Array.Copy(magnitude, n - w, mag, 0, w); + return new BigInteger(sign, mag, false); + } + + /** + * do a left shift - this returns a new array. + */ + private static int[] ShiftLeft( + int[] mag, + int n) + { + int nInts = (int)((uint)n >> 5); + int nBits = n & 0x1f; + int magLen = mag.Length; + int[] newMag; + + if (nBits == 0) + { + newMag = new int[magLen + nInts]; + mag.CopyTo(newMag, 0); + } + else + { + int i = 0; + int nBits2 = 32 - nBits; + int highBits = (int)((uint)mag[0] >> nBits2); + + if (highBits != 0) + { + newMag = new int[magLen + nInts + 1]; + newMag[i++] = highBits; + } + else + { + newMag = new int[magLen + nInts]; + } + + int m = mag[0]; + for (int j = 0; j < magLen - 1; j++) + { + int next = mag[j + 1]; + + newMag[i++] = (m << nBits) | (int)((uint)next >> nBits2); + m = next; + } + + newMag[i] = mag[magLen - 1] << nBits; + } + + return newMag; + } + + private static int ShiftLeftOneInPlace(int[] x, int carry) + { + Debug.Assert(carry == 0 || carry == 1); + int pos = x.Length; + while (--pos >= 0) + { + uint val = (uint)x[pos]; + x[pos] = (int)(val << 1) | carry; + carry = (int)(val >> 31); + } + return carry; + } + + public BigInteger ShiftLeft( + int n) + { + if (sign == 0 || magnitude.Length == 0) + return Zero; + + if (n == 0) + return this; + + if (n < 0) + return ShiftRight(-n); + + BigInteger result = new BigInteger(sign, ShiftLeft(magnitude, n), true); + + if (this.nBits != -1) + { + result.nBits = sign > 0 + ? this.nBits + : this.nBits + n; + } + + if (this.nBitLength != -1) + { + result.nBitLength = this.nBitLength + n; + } + + return result; + } + + /** + * do a right shift - this does it in place. + */ + private static void ShiftRightInPlace( + int start, + int[] mag, + int n) + { + int nInts = (int)((uint)n >> 5) + start; + int nBits = n & 0x1f; + int magEnd = mag.Length - 1; + + if (nInts != start) + { + int delta = (nInts - start); + + for (int i = magEnd; i >= nInts; i--) + { + mag[i] = mag[i - delta]; + } + for (int i = nInts - 1; i >= start; i--) + { + mag[i] = 0; + } + } + + if (nBits != 0) + { + int nBits2 = 32 - nBits; + int m = mag[magEnd]; + + for (int i = magEnd; i > nInts; --i) + { + int next = mag[i - 1]; + + mag[i] = (int)((uint)m >> nBits) | (next << nBits2); + m = next; + } + + mag[nInts] = (int)((uint)mag[nInts] >> nBits); + } + } + + /** + * do a right shift by one - this does it in place. + */ + private static void ShiftRightOneInPlace( + int start, + int[] mag) + { + int i = mag.Length; + int m = mag[i - 1]; + + while (--i > start) + { + int next = mag[i - 1]; + mag[i] = ((int)((uint)m >> 1)) | (next << 31); + m = next; + } + + mag[start] = (int)((uint)mag[start] >> 1); + } + + public BigInteger ShiftRight( + int n) + { + if (n == 0) + return this; + + if (n < 0) + return ShiftLeft(-n); + + if (n >= BitLength) + return (this.sign < 0 ? One.Negate() : Zero); + +// int[] res = (int[]) this.magnitude.Clone(); +// +// ShiftRightInPlace(0, res, n); +// +// return new BigInteger(this.sign, res, true); + + int resultLength = (BitLength - n + 31) >> 5; + int[] res = new int[resultLength]; + + int numInts = n >> 5; + int numBits = n & 31; + + if (numBits == 0) + { + Array.Copy(this.magnitude, 0, res, 0, res.Length); + } + else + { + int numBits2 = 32 - numBits; + + int magPos = this.magnitude.Length - 1 - numInts; + for (int i = resultLength - 1; i >= 0; --i) + { + res[i] = (int)((uint) this.magnitude[magPos--] >> numBits); + + if (magPos >= 0) + { + res[i] |= this.magnitude[magPos] << numBits2; + } + } + } + + Debug.Assert(res[0] != 0); + + return new BigInteger(this.sign, res, false); + } + + public int SignValue + { + get { return sign; } + } + + /** + * returns x = x - y - we assume x is >= y + */ + private static int[] Subtract( + int xStart, + int[] x, + int yStart, + int[] y) + { + Debug.Assert(yStart < y.Length); + Debug.Assert(x.Length - xStart >= y.Length - yStart); + + int iT = x.Length; + int iV = y.Length; + long m; + int borrow = 0; + + do + { + m = (x[--iT] & IMASK) - (y[--iV] & IMASK) + borrow; + x[iT] = (int) m; + +// borrow = (m < 0) ? -1 : 0; + borrow = (int)(m >> 63); + } + while (iV > yStart); + + if (borrow != 0) + { + while (--x[--iT] == -1) + { + } + } + + return x; + } + + public BigInteger Subtract( + BigInteger n) + { + if (n.sign == 0) + return this; + + if (this.sign == 0) + return n.Negate(); + + if (this.sign != n.sign) + return Add(n.Negate()); + + int compare = CompareNoLeadingZeroes(0, magnitude, 0, n.magnitude); + if (compare == 0) + return Zero; + + BigInteger bigun, lilun; + if (compare < 0) + { + bigun = n; + lilun = this; + } + else + { + bigun = this; + lilun = n; + } + + return new BigInteger(this.sign * compare, doSubBigLil(bigun.magnitude, lilun.magnitude), true); + } + + private static int[] doSubBigLil( + int[] bigMag, + int[] lilMag) + { + int[] res = (int[]) bigMag.Clone(); + + return Subtract(0, res, 0, lilMag); + } + + public byte[] ToByteArray() + { + return ToByteArray(false); + } + + public byte[] ToByteArrayUnsigned() + { + return ToByteArray(true); + } + + private byte[] ToByteArray( + bool unsigned) + { + if (sign == 0) + return unsigned ? ZeroEncoding : new byte[1]; + + int nBits = (unsigned && sign > 0) + ? BitLength + : BitLength + 1; + + int nBytes = GetByteLength(nBits); + byte[] bytes = new byte[nBytes]; + + int magIndex = magnitude.Length; + int bytesIndex = bytes.Length; + + if (sign > 0) + { + while (magIndex > 1) + { + uint mag = (uint) magnitude[--magIndex]; + bytes[--bytesIndex] = (byte) mag; + bytes[--bytesIndex] = (byte)(mag >> 8); + bytes[--bytesIndex] = (byte)(mag >> 16); + bytes[--bytesIndex] = (byte)(mag >> 24); + } + + uint lastMag = (uint) magnitude[0]; + while (lastMag > byte.MaxValue) + { + bytes[--bytesIndex] = (byte) lastMag; + lastMag >>= 8; + } + + bytes[--bytesIndex] = (byte) lastMag; + } + else // sign < 0 + { + bool carry = true; + + while (magIndex > 1) + { + uint mag = ~((uint) magnitude[--magIndex]); + + if (carry) + { + carry = (++mag == uint.MinValue); + } + + bytes[--bytesIndex] = (byte) mag; + bytes[--bytesIndex] = (byte)(mag >> 8); + bytes[--bytesIndex] = (byte)(mag >> 16); + bytes[--bytesIndex] = (byte)(mag >> 24); + } + + uint lastMag = (uint) magnitude[0]; + + if (carry) + { + // Never wraps because magnitude[0] != 0 + --lastMag; + } + + while (lastMag > byte.MaxValue) + { + bytes[--bytesIndex] = (byte) ~lastMag; + lastMag >>= 8; + } + + bytes[--bytesIndex] = (byte) ~lastMag; + + if (bytesIndex > 0) + { + bytes[--bytesIndex] = byte.MaxValue; + } + } + + return bytes; + } + + public override string ToString() + { + return ToString(10); + } + + public string ToString(int radix) + { + // TODO Make this method work for other radices (ideally 2 <= radix <= 36 as in Java) + + switch (radix) + { + case 2: + case 8: + case 10: + case 16: + break; + default: + throw new FormatException("Only bases 2, 8, 10, 16 are allowed"); + } + + // NB: Can only happen to internally managed instances + if (magnitude == null) + return "null"; + + if (sign == 0) + return "0"; + + + // NOTE: This *should* be unnecessary, since the magnitude *should* never have leading zero digits + int firstNonZero = 0; + while (firstNonZero < magnitude.Length) + { + if (magnitude[firstNonZero] != 0) + { + break; + } + ++firstNonZero; + } + + if (firstNonZero == magnitude.Length) + { + return "0"; + } + + + StringBuilder sb = new StringBuilder(); + if (sign == -1) + { + sb.Append('-'); + } + + switch (radix) + { + case 2: + { + int pos = firstNonZero; + sb.Append(Convert.ToString(magnitude[pos], 2)); + while (++pos < magnitude.Length) + { + AppendZeroExtendedString(sb, Convert.ToString(magnitude[pos], 2), 32); + } + break; + } + case 8: + { + int mask = (1 << 30) - 1; + BigInteger u = this.Abs(); + int bits = u.BitLength; + IList S = Platform.CreateArrayList(); + while (bits > 30) + { + S.Add(Convert.ToString(u.IntValue & mask, 8)); + u = u.ShiftRight(30); + bits -= 30; + } + sb.Append(Convert.ToString(u.IntValue, 8)); + for (int i = S.Count - 1; i >= 0; --i) + { + AppendZeroExtendedString(sb, (string)S[i], 10); + } + break; + } + case 16: + { + int pos = firstNonZero; + sb.Append(Convert.ToString(magnitude[pos], 16)); + while (++pos < magnitude.Length) + { + AppendZeroExtendedString(sb, Convert.ToString(magnitude[pos], 16), 8); + } + break; + } + // TODO This could work for other radices if there is an alternative to Convert.ToString method + //default: + case 10: + { + BigInteger q = this.Abs(); + if (q.BitLength < 64) + { + sb.Append(Convert.ToString(q.LongValue, radix)); + break; + } + + // TODO Could cache the moduli for each radix (soft reference?) + IList moduli = Platform.CreateArrayList(); + BigInteger R = BigInteger.ValueOf(radix); + while (R.CompareTo(q) <= 0) + { + moduli.Add(R); + R = R.Square(); + } + + int scale = moduli.Count; + sb.EnsureCapacity(sb.Length + (1 << scale)); + + ToString(sb, radix, moduli, scale, q); + + break; + } + } + + return sb.ToString(); + } + + private static void ToString(StringBuilder sb, int radix, IList moduli, int scale, BigInteger pos) + { + if (pos.BitLength < 64) + { + string s = Convert.ToString(pos.LongValue, radix); + if (sb.Length > 1 || (sb.Length == 1 && sb[0] != '-')) + { + AppendZeroExtendedString(sb, s, 1 << scale); + } + else if (pos.SignValue != 0) + { + sb.Append(s); + } + return; + } + + BigInteger[] qr = pos.DivideAndRemainder((BigInteger)moduli[--scale]); + + ToString(sb, radix, moduli, scale, qr[0]); + ToString(sb, radix, moduli, scale, qr[1]); + } + + private static void AppendZeroExtendedString(StringBuilder sb, string s, int minLength) + { + for (int len = s.Length; len < minLength; ++len) + { + sb.Append('0'); + } + sb.Append(s); + } + + private static BigInteger CreateUValueOf( + ulong value) + { + int msw = (int)(value >> 32); + int lsw = (int)value; + + if (msw != 0) + return new BigInteger(1, new int[] { msw, lsw }, false); + + if (lsw != 0) + { + BigInteger n = new BigInteger(1, new int[] { lsw }, false); + // Check for a power of two + if ((lsw & -lsw) == lsw) + { + n.nBits = 1; + } + return n; + } + + return Zero; + } + + private static BigInteger CreateValueOf( + long value) + { + if (value < 0) + { + if (value == long.MinValue) + return CreateValueOf(~value).Not(); + + return CreateValueOf(-value).Negate(); + } + + return CreateUValueOf((ulong)value); + } + + public static BigInteger ValueOf( + long value) + { + if (value >= 0 && value < SMALL_CONSTANTS.Length) + { + return SMALL_CONSTANTS[value]; + } + + return CreateValueOf(value); + } + + public int GetLowestSetBit() + { + if (this.sign == 0) + return -1; + + return GetLowestSetBitMaskFirst(-1); + } + + private int GetLowestSetBitMaskFirst(int firstWordMask) + { + int w = magnitude.Length, offset = 0; + + uint word = (uint)(magnitude[--w] & firstWordMask); + Debug.Assert(magnitude[0] != 0); + + while (word == 0) + { + word = (uint)magnitude[--w]; + offset += 32; + } + + while ((word & 0xFF) == 0) + { + word >>= 8; + offset += 8; + } + + while ((word & 1) == 0) + { + word >>= 1; + ++offset; + } + + return offset; + } + + public bool TestBit( + int n) + { + if (n < 0) + throw new ArithmeticException("Bit position must not be negative"); + + if (sign < 0) + return !Not().TestBit(n); + + int wordNum = n / 32; + if (wordNum >= magnitude.Length) + return false; + + int word = magnitude[magnitude.Length - 1 - wordNum]; + return ((word >> (n % 32)) & 1) > 0; + } + + public BigInteger Or( + BigInteger value) + { + if (this.sign == 0) + return value; + + if (value.sign == 0) + return this; + + int[] aMag = this.sign > 0 + ? this.magnitude + : Add(One).magnitude; + + int[] bMag = value.sign > 0 + ? value.magnitude + : value.Add(One).magnitude; + + bool resultNeg = sign < 0 || value.sign < 0; + int resultLength = System.Math.Max(aMag.Length, bMag.Length); + int[] resultMag = new int[resultLength]; + + int aStart = resultMag.Length - aMag.Length; + int bStart = resultMag.Length - bMag.Length; + + for (int i = 0; i < resultMag.Length; ++i) + { + int aWord = i >= aStart ? aMag[i - aStart] : 0; + int bWord = i >= bStart ? bMag[i - bStart] : 0; + + if (this.sign < 0) + { + aWord = ~aWord; + } + + if (value.sign < 0) + { + bWord = ~bWord; + } + + resultMag[i] = aWord | bWord; + + if (resultNeg) + { + resultMag[i] = ~resultMag[i]; + } + } + + BigInteger result = new BigInteger(1, resultMag, true); + + // TODO Optimise this case + if (resultNeg) + { + result = result.Not(); + } + + return result; + } + + public BigInteger Xor( + BigInteger value) + { + if (this.sign == 0) + return value; + + if (value.sign == 0) + return this; + + int[] aMag = this.sign > 0 + ? this.magnitude + : Add(One).magnitude; + + int[] bMag = value.sign > 0 + ? value.magnitude + : value.Add(One).magnitude; + + // TODO Can just replace with sign != value.sign? + bool resultNeg = (sign < 0 && value.sign >= 0) || (sign >= 0 && value.sign < 0); + int resultLength = System.Math.Max(aMag.Length, bMag.Length); + int[] resultMag = new int[resultLength]; + + int aStart = resultMag.Length - aMag.Length; + int bStart = resultMag.Length - bMag.Length; + + for (int i = 0; i < resultMag.Length; ++i) + { + int aWord = i >= aStart ? aMag[i - aStart] : 0; + int bWord = i >= bStart ? bMag[i - bStart] : 0; + + if (this.sign < 0) + { + aWord = ~aWord; + } + + if (value.sign < 0) + { + bWord = ~bWord; + } + + resultMag[i] = aWord ^ bWord; + + if (resultNeg) + { + resultMag[i] = ~resultMag[i]; + } + } + + BigInteger result = new BigInteger(1, resultMag, true); + + // TODO Optimise this case + if (resultNeg) + { + result = result.Not(); + } + + return result; + } + + public BigInteger SetBit( + int n) + { + if (n < 0) + throw new ArithmeticException("Bit address less than zero"); + + if (TestBit(n)) + return this; + + // TODO Handle negative values and zero + if (sign > 0 && n < (BitLength - 1)) + return FlipExistingBit(n); + + return Or(One.ShiftLeft(n)); + } + + public BigInteger ClearBit( + int n) + { + if (n < 0) + throw new ArithmeticException("Bit address less than zero"); + + if (!TestBit(n)) + return this; + + // TODO Handle negative values + if (sign > 0 && n < (BitLength - 1)) + return FlipExistingBit(n); + + return AndNot(One.ShiftLeft(n)); + } + + public BigInteger FlipBit( + int n) + { + if (n < 0) + throw new ArithmeticException("Bit address less than zero"); + + // TODO Handle negative values and zero + if (sign > 0 && n < (BitLength - 1)) + return FlipExistingBit(n); + + return Xor(One.ShiftLeft(n)); + } + + private BigInteger FlipExistingBit( + int n) + { + Debug.Assert(sign > 0); + Debug.Assert(n >= 0); + Debug.Assert(n < BitLength - 1); + + int[] mag = (int[]) this.magnitude.Clone(); + mag[mag.Length - 1 - (n >> 5)] ^= (1 << (n & 31)); // Flip bit + //mag[mag.Length - 1 - (n / 32)] ^= (1 << (n % 32)); + return new BigInteger(this.sign, mag, false); + } + } +} diff --git a/BouncyCastle/crypto/src/math/Primes.cs b/BouncyCastle/crypto/src/math/Primes.cs new file mode 100644 index 0000000..fb279f1 --- /dev/null +++ b/BouncyCastle/crypto/src/math/Primes.cs @@ -0,0 +1,629 @@ +using System; + +using Org.BouncyCastle.Crypto; +using Org.BouncyCastle.Security; +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Math +{ + /** + * Utility methods for generating primes and testing for primality. + */ + public abstract class Primes + { + public static readonly int SmallFactorLimit = 211; + + private static readonly BigInteger One = BigInteger.One; + private static readonly BigInteger Two = BigInteger.Two; + private static readonly BigInteger Three = BigInteger.Three; + + /** + * Used to return the output from the + * {@linkplain Primes#enhancedMRProbablePrimeTest(BigInteger, SecureRandom, int) Enhanced + * Miller-Rabin Probabilistic Primality Test} + */ + public class MROutput + { + internal static MROutput ProbablyPrime() + { + return new MROutput(false, null); + } + + internal static MROutput ProvablyCompositeWithFactor(BigInteger factor) + { + return new MROutput(true, factor); + } + + internal static MROutput ProvablyCompositeNotPrimePower() + { + return new MROutput(true, null); + } + + private readonly bool mProvablyComposite; + private readonly BigInteger mFactor; + + private MROutput(bool provablyComposite, BigInteger factor) + { + this.mProvablyComposite = provablyComposite; + this.mFactor = factor; + } + + public BigInteger Factor + { + get { return mFactor; } + } + + public bool IsProvablyComposite + { + get { return mProvablyComposite; } + } + + public bool IsNotPrimePower + { + get { return mProvablyComposite && mFactor == null; } + } + } + + /** + * Used to return the output from the {@linkplain Primes#generateSTRandomPrime(Digest, int, byte[]) Shawe-Taylor Random_Prime Routine} + */ + public class STOutput + { + private readonly BigInteger mPrime; + private readonly byte[] mPrimeSeed; + private readonly int mPrimeGenCounter; + + internal STOutput(BigInteger prime, byte[] primeSeed, int primeGenCounter) + { + this.mPrime = prime; + this.mPrimeSeed = primeSeed; + this.mPrimeGenCounter = primeGenCounter; + } + + public BigInteger Prime + { + get { return mPrime; } + } + + public byte[] PrimeSeed + { + get { return mPrimeSeed; } + } + + public int PrimeGenCounter + { + get { return mPrimeGenCounter; } + } + } + + /** + * FIPS 186-4 C.6 Shawe-Taylor Random_Prime Routine + * + * Construct a provable prime number using a hash function. + * + * @param hash + * the {@link Digest} instance to use (as "Hash()"). Cannot be null. + * @param length + * the length (in bits) of the prime to be generated. Must be at least 2. + * @param inputSeed + * the seed to be used for the generation of the requested prime. Cannot be null or + * empty. + * @return an {@link STOutput} instance containing the requested prime. + */ + public static STOutput GenerateSTRandomPrime(IDigest hash, int length, byte[] inputSeed) + { + if (hash == null) + throw new ArgumentNullException("hash"); + if (length < 2) + throw new ArgumentException("must be >= 2", "length"); + if (inputSeed == null) + throw new ArgumentNullException("inputSeed"); + if (inputSeed.Length == 0) + throw new ArgumentException("cannot be empty", "inputSeed"); + + return ImplSTRandomPrime(hash, length, Arrays.Clone(inputSeed)); + } + + /** + * FIPS 186-4 C.3.2 Enhanced Miller-Rabin Probabilistic Primality Test + * + * Run several iterations of the Miller-Rabin algorithm with randomly-chosen bases. This is an + * alternative to {@link #isMRProbablePrime(BigInteger, SecureRandom, int)} that provides more + * information about a composite candidate, which may be useful when generating or validating + * RSA moduli. + * + * @param candidate + * the {@link BigInteger} instance to test for primality. + * @param random + * the source of randomness to use to choose bases. + * @param iterations + * the number of randomly-chosen bases to perform the test for. + * @return an {@link MROutput} instance that can be further queried for details. + */ + public static MROutput EnhancedMRProbablePrimeTest(BigInteger candidate, SecureRandom random, int iterations) + { + CheckCandidate(candidate, "candidate"); + + if (random == null) + throw new ArgumentNullException("random"); + if (iterations < 1) + throw new ArgumentException("must be > 0", "iterations"); + + if (candidate.BitLength == 2) + return MROutput.ProbablyPrime(); + + if (!candidate.TestBit(0)) + return MROutput.ProvablyCompositeWithFactor(Two); + + BigInteger w = candidate; + BigInteger wSubOne = candidate.Subtract(One); + BigInteger wSubTwo = candidate.Subtract(Two); + + int a = wSubOne.GetLowestSetBit(); + BigInteger m = wSubOne.ShiftRight(a); + + for (int i = 0; i < iterations; ++i) + { + BigInteger b = BigIntegers.CreateRandomInRange(Two, wSubTwo, random); + BigInteger g = b.Gcd(w); + + if (g.CompareTo(One) > 0) + return MROutput.ProvablyCompositeWithFactor(g); + + BigInteger z = b.ModPow(m, w); + + if (z.Equals(One) || z.Equals(wSubOne)) + continue; + + bool primeToBase = false; + + BigInteger x = z; + for (int j = 1; j < a; ++j) + { + z = z.ModPow(Two, w); + + if (z.Equals(wSubOne)) + { + primeToBase = true; + break; + } + + if (z.Equals(One)) + break; + + x = z; + } + + if (!primeToBase) + { + if (!z.Equals(One)) + { + x = z; + z = z.ModPow(Two, w); + + if (!z.Equals(One)) + { + x = z; + } + } + + g = x.Subtract(One).Gcd(w); + + if (g.CompareTo(One) > 0) + return MROutput.ProvablyCompositeWithFactor(g); + + return MROutput.ProvablyCompositeNotPrimePower(); + } + } + + return MROutput.ProbablyPrime(); + } + + /** + * A fast check for small divisors, up to some implementation-specific limit. + * + * @param candidate + * the {@link BigInteger} instance to test for division by small factors. + * + * @return true if the candidate is found to have any small factors, + * false otherwise. + */ + public static bool HasAnySmallFactors(BigInteger candidate) + { + CheckCandidate(candidate, "candidate"); + + return ImplHasAnySmallFactors(candidate); + } + + /** + * FIPS 186-4 C.3.1 Miller-Rabin Probabilistic Primality Test + * + * Run several iterations of the Miller-Rabin algorithm with randomly-chosen bases. + * + * @param candidate + * the {@link BigInteger} instance to test for primality. + * @param random + * the source of randomness to use to choose bases. + * @param iterations + * the number of randomly-chosen bases to perform the test for. + * @return false if any witness to compositeness is found amongst the chosen bases + * (so candidate is definitely NOT prime), or else true + * (indicating primality with some probability dependent on the number of iterations + * that were performed). + */ + public static bool IsMRProbablePrime(BigInteger candidate, SecureRandom random, int iterations) + { + CheckCandidate(candidate, "candidate"); + + if (random == null) + throw new ArgumentException("cannot be null", "random"); + if (iterations < 1) + throw new ArgumentException("must be > 0", "iterations"); + + if (candidate.BitLength == 2) + return true; + if (!candidate.TestBit(0)) + return false; + + BigInteger w = candidate; + BigInteger wSubOne = candidate.Subtract(One); + BigInteger wSubTwo = candidate.Subtract(Two); + + int a = wSubOne.GetLowestSetBit(); + BigInteger m = wSubOne.ShiftRight(a); + + for (int i = 0; i < iterations; ++i) + { + BigInteger b = BigIntegers.CreateRandomInRange(Two, wSubTwo, random); + + if (!ImplMRProbablePrimeToBase(w, wSubOne, m, a, b)) + return false; + } + + return true; + } + + /** + * FIPS 186-4 C.3.1 Miller-Rabin Probabilistic Primality Test (to a fixed base). + * + * Run a single iteration of the Miller-Rabin algorithm against the specified base. + * + * @param candidate + * the {@link BigInteger} instance to test for primality. + * @param baseValue + * the base value to use for this iteration. + * @return false if the specified base is a witness to compositeness (so + * candidate is definitely NOT prime), or else true. + */ + public static bool IsMRProbablePrimeToBase(BigInteger candidate, BigInteger baseValue) + { + CheckCandidate(candidate, "candidate"); + CheckCandidate(baseValue, "baseValue"); + + if (baseValue.CompareTo(candidate.Subtract(One)) >= 0) + throw new ArgumentException("must be < ('candidate' - 1)", "baseValue"); + + if (candidate.BitLength == 2) + return true; + + BigInteger w = candidate; + BigInteger wSubOne = candidate.Subtract(One); + + int a = wSubOne.GetLowestSetBit(); + BigInteger m = wSubOne.ShiftRight(a); + + return ImplMRProbablePrimeToBase(w, wSubOne, m, a, baseValue); + } + + private static void CheckCandidate(BigInteger n, string name) + { + if (n == null || n.SignValue < 1 || n.BitLength < 2) + throw new ArgumentException("must be non-null and >= 2", name); + } + + private static bool ImplHasAnySmallFactors(BigInteger x) + { + /* + * Bundle trial divisors into ~32-bit moduli then use fast tests on the ~32-bit remainders. + */ + int m = 2 * 3 * 5 * 7 * 11 * 13 * 17 * 19 * 23; + int r = x.Mod(BigInteger.ValueOf(m)).IntValue; + if ((r % 2) == 0 || (r % 3) == 0 || (r % 5) == 0 || (r % 7) == 0 || (r % 11) == 0 || (r % 13) == 0 + || (r % 17) == 0 || (r % 19) == 0 || (r % 23) == 0) + { + return true; + } + + m = 29 * 31 * 37 * 41 * 43; + r = x.Mod(BigInteger.ValueOf(m)).IntValue; + if ((r % 29) == 0 || (r % 31) == 0 || (r % 37) == 0 || (r % 41) == 0 || (r % 43) == 0) + { + return true; + } + + m = 47 * 53 * 59 * 61 * 67; + r = x.Mod(BigInteger.ValueOf(m)).IntValue; + if ((r % 47) == 0 || (r % 53) == 0 || (r % 59) == 0 || (r % 61) == 0 || (r % 67) == 0) + { + return true; + } + + m = 71 * 73 * 79 * 83; + r = x.Mod(BigInteger.ValueOf(m)).IntValue; + if ((r % 71) == 0 || (r % 73) == 0 || (r % 79) == 0 || (r % 83) == 0) + { + return true; + } + + m = 89 * 97 * 101 * 103; + r = x.Mod(BigInteger.ValueOf(m)).IntValue; + if ((r % 89) == 0 || (r % 97) == 0 || (r % 101) == 0 || (r % 103) == 0) + { + return true; + } + + m = 107 * 109 * 113 * 127; + r = x.Mod(BigInteger.ValueOf(m)).IntValue; + if ((r % 107) == 0 || (r % 109) == 0 || (r % 113) == 0 || (r % 127) == 0) + { + return true; + } + + m = 131 * 137 * 139 * 149; + r = x.Mod(BigInteger.ValueOf(m)).IntValue; + if ((r % 131) == 0 || (r % 137) == 0 || (r % 139) == 0 || (r % 149) == 0) + { + return true; + } + + m = 151 * 157 * 163 * 167; + r = x.Mod(BigInteger.ValueOf(m)).IntValue; + if ((r % 151) == 0 || (r % 157) == 0 || (r % 163) == 0 || (r % 167) == 0) + { + return true; + } + + m = 173 * 179 * 181 * 191; + r = x.Mod(BigInteger.ValueOf(m)).IntValue; + if ((r % 173) == 0 || (r % 179) == 0 || (r % 181) == 0 || (r % 191) == 0) + { + return true; + } + + m = 193 * 197 * 199 * 211; + r = x.Mod(BigInteger.ValueOf(m)).IntValue; + if ((r % 193) == 0 || (r % 197) == 0 || (r % 199) == 0 || (r % 211) == 0) + { + return true; + } + + /* + * NOTE: Unit tests depend on SMALL_FACTOR_LIMIT matching the + * highest small factor tested here. + */ + return false; + } + + private static bool ImplMRProbablePrimeToBase(BigInteger w, BigInteger wSubOne, BigInteger m, int a, BigInteger b) + { + BigInteger z = b.ModPow(m, w); + + if (z.Equals(One) || z.Equals(wSubOne)) + return true; + + bool result = false; + + for (int j = 1; j < a; ++j) + { + z = z.ModPow(Two, w); + + if (z.Equals(wSubOne)) + { + result = true; + break; + } + + if (z.Equals(One)) + return false; + } + + return result; + } + + private static STOutput ImplSTRandomPrime(IDigest d, int length, byte[] primeSeed) + { + int dLen = d.GetDigestSize(); + + if (length < 33) + { + int primeGenCounter = 0; + + byte[] c0 = new byte[dLen]; + byte[] c1 = new byte[dLen]; + + for (;;) + { + Hash(d, primeSeed, c0, 0); + Inc(primeSeed, 1); + + Hash(d, primeSeed, c1, 0); + Inc(primeSeed, 1); + + uint c = Extract32(c0) ^ Extract32(c1); + c &= (uint.MaxValue >> (32 - length)); + c |= (1U << (length - 1)) | 1U; + + ++primeGenCounter; + + if (IsPrime32(c)) + { + return new STOutput(BigInteger.ValueOf((long)c), primeSeed, primeGenCounter); + } + + if (primeGenCounter > (4 * length)) + { + throw new InvalidOperationException("Too many iterations in Shawe-Taylor Random_Prime Routine"); + } + } + } + + STOutput rec = ImplSTRandomPrime(d, (length + 3)/2, primeSeed); + + { + BigInteger c0 = rec.Prime; + primeSeed = rec.PrimeSeed; + int primeGenCounter = rec.PrimeGenCounter; + + int outlen = 8 * dLen; + int iterations = (length - 1)/outlen; + + int oldCounter = primeGenCounter; + + BigInteger x = HashGen(d, primeSeed, iterations + 1); + x = x.Mod(One.ShiftLeft(length - 1)).SetBit(length - 1); + + BigInteger c0x2 = c0.ShiftLeft(1); + BigInteger tx2 = x.Subtract(One).Divide(c0x2).Add(One).ShiftLeft(1); + int dt = 0; + + BigInteger c = tx2.Multiply(c0).Add(One); + + /* + * TODO Since the candidate primes are generated by constant steps ('c0x2'), + * sieving could be used here in place of the 'HasAnySmallFactors' approach. + */ + for (;;) + { + if (c.BitLength > length) + { + tx2 = One.ShiftLeft(length - 1).Subtract(One).Divide(c0x2).Add(One).ShiftLeft(1); + c = tx2.Multiply(c0).Add(One); + } + + ++primeGenCounter; + + /* + * This is an optimization of the original algorithm, using trial division to screen out + * many non-primes quickly. + * + * NOTE: 'primeSeed' is still incremented as if we performed the full check! + */ + if (!ImplHasAnySmallFactors(c)) + { + BigInteger a = HashGen(d, primeSeed, iterations + 1); + a = a.Mod(c.Subtract(Three)).Add(Two); + + tx2 = tx2.Add(BigInteger.ValueOf(dt)); + dt = 0; + + BigInteger z = a.ModPow(tx2, c); + + if (c.Gcd(z.Subtract(One)).Equals(One) && z.ModPow(c0, c).Equals(One)) + { + return new STOutput(c, primeSeed, primeGenCounter); + } + } + else + { + Inc(primeSeed, iterations + 1); + } + + if (primeGenCounter >= ((4 * length) + oldCounter)) + { + throw new InvalidOperationException("Too many iterations in Shawe-Taylor Random_Prime Routine"); + } + + dt += 2; + c = c.Add(c0x2); + } + } + } + + private static uint Extract32(byte[] bs) + { + uint result = 0; + + int count = System.Math.Min(4, bs.Length); + for (int i = 0; i < count; ++i) + { + uint b = bs[bs.Length - (i + 1)]; + result |= (b << (8 * i)); + } + + return result; + } + + private static void Hash(IDigest d, byte[] input, byte[] output, int outPos) + { + d.BlockUpdate(input, 0, input.Length); + d.DoFinal(output, outPos); + } + + private static BigInteger HashGen(IDigest d, byte[] seed, int count) + { + int dLen = d.GetDigestSize(); + int pos = count * dLen; + byte[] buf = new byte[pos]; + for (int i = 0; i < count; ++i) + { + pos -= dLen; + Hash(d, seed, buf, pos); + Inc(seed, 1); + } + return new BigInteger(1, buf); + } + + private static void Inc(byte[] seed, int c) + { + int pos = seed.Length; + while (c > 0 && --pos >= 0) + { + c += seed[pos]; + seed[pos] = (byte)c; + c >>= 8; + } + } + + private static bool IsPrime32(uint x) + { + /* + * Use wheel factorization with 2, 3, 5 to select trial divisors. + */ + + if (x <= 5) + { + return x == 2 || x == 3 || x == 5; + } + + if ((x & 1) == 0 || (x % 3) == 0 || (x % 5) == 0) + { + return false; + } + + uint[] ds = new uint[]{ 1, 7, 11, 13, 17, 19, 23, 29 }; + uint b = 0; + for (int pos = 1; ; pos = 0) + { + /* + * Trial division by wheel-selected divisors + */ + while (pos < ds.Length) + { + uint d = b + ds[pos]; + if (x % d == 0) + { + return x < 30; + } + ++pos; + } + + b += 30; + + if ((b >> 16 != 0) || (b * b >= x)) + { + return true; + } + } + } + } +} diff --git a/BouncyCastle/crypto/src/math/ec/AbstractECLookupTable.cs b/BouncyCastle/crypto/src/math/ec/AbstractECLookupTable.cs new file mode 100644 index 0000000..fbd272d --- /dev/null +++ b/BouncyCastle/crypto/src/math/ec/AbstractECLookupTable.cs @@ -0,0 +1,16 @@ +using System; + +namespace Org.BouncyCastle.Math.EC +{ + public abstract class AbstractECLookupTable + : ECLookupTable + { + public abstract ECPoint Lookup(int index); + public abstract int Size { get; } + + public virtual ECPoint LookupVar(int index) + { + return Lookup(index); + } + } +} diff --git a/BouncyCastle/crypto/src/math/ec/ECAlgorithms.cs b/BouncyCastle/crypto/src/math/ec/ECAlgorithms.cs new file mode 100644 index 0000000..64e68fc --- /dev/null +++ b/BouncyCastle/crypto/src/math/ec/ECAlgorithms.cs @@ -0,0 +1,601 @@ +using System; + +using Org.BouncyCastle.Math.EC.Endo; +using Org.BouncyCastle.Math.EC.Multiplier; +using Org.BouncyCastle.Math.Field; +using Org.BouncyCastle.Math.Raw; + +namespace Org.BouncyCastle.Math.EC +{ + public class ECAlgorithms + { + public static bool IsF2mCurve(ECCurve c) + { + return IsF2mField(c.Field); + } + + public static bool IsF2mField(IFiniteField field) + { + return field.Dimension > 1 && field.Characteristic.Equals(BigInteger.Two) + && field is IPolynomialExtensionField; + } + + public static bool IsFpCurve(ECCurve c) + { + return IsFpField(c.Field); + } + + public static bool IsFpField(IFiniteField field) + { + return field.Dimension == 1; + } + + public static ECPoint SumOfMultiplies(ECPoint[] ps, BigInteger[] ks) + { + if (ps == null || ks == null || ps.Length != ks.Length || ps.Length < 1) + throw new ArgumentException("point and scalar arrays should be non-null, and of equal, non-zero, length"); + + int count = ps.Length; + switch (count) + { + case 1: + return ps[0].Multiply(ks[0]); + case 2: + return SumOfTwoMultiplies(ps[0], ks[0], ps[1], ks[1]); + default: + break; + } + + ECPoint p = ps[0]; + ECCurve c = p.Curve; + + ECPoint[] imported = new ECPoint[count]; + imported[0] = p; + for (int i = 1; i < count; ++i) + { + imported[i] = ImportPoint(c, ps[i]); + } + + GlvEndomorphism glvEndomorphism = c.GetEndomorphism() as GlvEndomorphism; + if (glvEndomorphism != null) + { + return ImplCheckResult(ImplSumOfMultipliesGlv(imported, ks, glvEndomorphism)); + } + + return ImplCheckResult(ImplSumOfMultiplies(imported, ks)); + } + + public static ECPoint SumOfTwoMultiplies(ECPoint P, BigInteger a, ECPoint Q, BigInteger b) + { + ECCurve cp = P.Curve; + Q = ImportPoint(cp, Q); + + // Point multiplication for Koblitz curves (using WTNAF) beats Shamir's trick + { + AbstractF2mCurve f2mCurve = cp as AbstractF2mCurve; + if (f2mCurve != null && f2mCurve.IsKoblitz) + { + return ImplCheckResult(P.Multiply(a).Add(Q.Multiply(b))); + } + } + + GlvEndomorphism glvEndomorphism = cp.GetEndomorphism() as GlvEndomorphism; + if (glvEndomorphism != null) + { + return ImplCheckResult( + ImplSumOfMultipliesGlv(new ECPoint[] { P, Q }, new BigInteger[] { a, b }, glvEndomorphism)); + } + + return ImplCheckResult(ImplShamirsTrickWNaf(P, a, Q, b)); + } + + /* + * "Shamir's Trick", originally due to E. G. Straus + * (Addition chains of vectors. American Mathematical Monthly, + * 71(7):806-808, Aug./Sept. 1964) + * + * Input: The points P, Q, scalar k = (km?, ... , k1, k0) + * and scalar l = (lm?, ... , l1, l0). + * Output: R = k * P + l * Q. + * 1: Z <- P + Q + * 2: R <- O + * 3: for i from m-1 down to 0 do + * 4: R <- R + R {point doubling} + * 5: if (ki = 1) and (li = 0) then R <- R + P end if + * 6: if (ki = 0) and (li = 1) then R <- R + Q end if + * 7: if (ki = 1) and (li = 1) then R <- R + Z end if + * 8: end for + * 9: return R + */ + public static ECPoint ShamirsTrick(ECPoint P, BigInteger k, ECPoint Q, BigInteger l) + { + ECCurve cp = P.Curve; + Q = ImportPoint(cp, Q); + + return ImplCheckResult(ImplShamirsTrickJsf(P, k, Q, l)); + } + + public static ECPoint ImportPoint(ECCurve c, ECPoint p) + { + ECCurve cp = p.Curve; + if (!c.Equals(cp)) + throw new ArgumentException("Point must be on the same curve"); + + return c.ImportPoint(p); + } + + public static void MontgomeryTrick(ECFieldElement[] zs, int off, int len) + { + MontgomeryTrick(zs, off, len, null); + } + + public static void MontgomeryTrick(ECFieldElement[] zs, int off, int len, ECFieldElement scale) + { + /* + * Uses the "Montgomery Trick" to invert many field elements, with only a single actual + * field inversion. See e.g. the paper: + * "Fast Multi-scalar Multiplication Methods on Elliptic Curves with Precomputation Strategy Using Montgomery Trick" + * by Katsuyuki Okeya, Kouichi Sakurai. + */ + + ECFieldElement[] c = new ECFieldElement[len]; + c[0] = zs[off]; + + int i = 0; + while (++i < len) + { + c[i] = c[i - 1].Multiply(zs[off + i]); + } + + --i; + + if (scale != null) + { + c[i] = c[i].Multiply(scale); + } + + ECFieldElement u = c[i].Invert(); + + while (i > 0) + { + int j = off + i--; + ECFieldElement tmp = zs[j]; + zs[j] = c[i].Multiply(u); + u = u.Multiply(tmp); + } + + zs[off] = u; + } + + /** + * Simple shift-and-add multiplication. Serves as reference implementation to verify (possibly + * faster) implementations, and for very small scalars. CAUTION: This implementation is NOT + * constant-time in any way. It is only intended to be used for diagnostics. + * + * @param p + * The point to multiply. + * @param k + * The multiplier. + * @return The result of the point multiplication kP. + */ + public static ECPoint ReferenceMultiply(ECPoint p, BigInteger k) + { + BigInteger x = k.Abs(); + ECPoint q = p.Curve.Infinity; + int t = x.BitLength; + if (t > 0) + { + if (x.TestBit(0)) + { + q = p; + } + for (int i = 1; i < t; i++) + { + p = p.Twice(); + if (x.TestBit(i)) + { + q = q.Add(p); + } + } + } + return k.SignValue < 0 ? q.Negate() : q; + } + + public static ECPoint ValidatePoint(ECPoint p) + { + if (!p.IsValid()) + throw new InvalidOperationException("Invalid point"); + + return p; + } + + public static ECPoint CleanPoint(ECCurve c, ECPoint p) + { + ECCurve cp = p.Curve; + if (!c.Equals(cp)) + throw new ArgumentException("Point must be on the same curve", "p"); + + return c.DecodePoint(p.GetEncoded(false)); + } + + internal static ECPoint ImplCheckResult(ECPoint p) + { + if (!p.IsValidPartial()) + throw new InvalidOperationException("Invalid result"); + + return p; + } + + internal static ECPoint ImplShamirsTrickJsf(ECPoint P, BigInteger k, ECPoint Q, BigInteger l) + { + ECCurve curve = P.Curve; + ECPoint infinity = curve.Infinity; + + // TODO conjugate co-Z addition (ZADDC) can return both of these + ECPoint PaddQ = P.Add(Q); + ECPoint PsubQ = P.Subtract(Q); + + ECPoint[] points = new ECPoint[] { Q, PsubQ, P, PaddQ }; + curve.NormalizeAll(points); + + ECPoint[] table = new ECPoint[] { + points[3].Negate(), points[2].Negate(), points[1].Negate(), + points[0].Negate(), infinity, points[0], + points[1], points[2], points[3] }; + + byte[] jsf = WNafUtilities.GenerateJsf(k, l); + + ECPoint R = infinity; + + int i = jsf.Length; + while (--i >= 0) + { + int jsfi = jsf[i]; + + // NOTE: The shifting ensures the sign is extended correctly + int kDigit = ((jsfi << 24) >> 28), lDigit = ((jsfi << 28) >> 28); + + int index = 4 + (kDigit * 3) + lDigit; + R = R.TwicePlus(table[index]); + } + + return R; + } + + internal static ECPoint ImplShamirsTrickWNaf(ECPoint P, BigInteger k, + ECPoint Q, BigInteger l) + { + bool negK = k.SignValue < 0, negL = l.SignValue < 0; + + BigInteger kAbs = k.Abs(), lAbs = l.Abs(); + + int minWidthP = WNafUtilities.GetWindowSize(kAbs.BitLength, 8); + int minWidthQ = WNafUtilities.GetWindowSize(lAbs.BitLength, 8); + + WNafPreCompInfo infoP = WNafUtilities.Precompute(P, minWidthP, true); + WNafPreCompInfo infoQ = WNafUtilities.Precompute(Q, minWidthQ, true); + + // When P, Q are 'promoted' (i.e. reused several times), switch to fixed-point algorithm + { + ECCurve c = P.Curve; + int combSize = FixedPointUtilities.GetCombSize(c); + if (!negK && !negL + && k.BitLength <= combSize && l.BitLength <= combSize + && infoP.IsPromoted && infoQ.IsPromoted) + { + return ImplShamirsTrickFixedPoint(P, k, Q, l); + } + } + + int widthP = System.Math.Min(8, infoP.Width); + int widthQ = System.Math.Min(8, infoQ.Width); + + ECPoint[] preCompP = negK ? infoP.PreCompNeg : infoP.PreComp; + ECPoint[] preCompQ = negL ? infoQ.PreCompNeg : infoQ.PreComp; + ECPoint[] preCompNegP = negK ? infoP.PreComp : infoP.PreCompNeg; + ECPoint[] preCompNegQ = negL ? infoQ.PreComp : infoQ.PreCompNeg; + + byte[] wnafP = WNafUtilities.GenerateWindowNaf(widthP, kAbs); + byte[] wnafQ = WNafUtilities.GenerateWindowNaf(widthQ, lAbs); + + return ImplShamirsTrickWNaf(preCompP, preCompNegP, wnafP, preCompQ, preCompNegQ, wnafQ); + } + + internal static ECPoint ImplShamirsTrickWNaf(ECEndomorphism endomorphism, ECPoint P, BigInteger k, BigInteger l) + { + bool negK = k.SignValue < 0, negL = l.SignValue < 0; + + k = k.Abs(); + l = l.Abs(); + + int minWidth = WNafUtilities.GetWindowSize(System.Math.Max(k.BitLength, l.BitLength), 8); + + WNafPreCompInfo infoP = WNafUtilities.Precompute(P, minWidth, true); + ECPoint Q = EndoUtilities.MapPoint(endomorphism, P); + WNafPreCompInfo infoQ = WNafUtilities.PrecomputeWithPointMap(Q, endomorphism.PointMap, infoP, true); + + int widthP = System.Math.Min(8, infoP.Width); + int widthQ = System.Math.Min(8, infoQ.Width); + + ECPoint[] preCompP = negK ? infoP.PreCompNeg : infoP.PreComp; + ECPoint[] preCompQ = negL ? infoQ.PreCompNeg : infoQ.PreComp; + ECPoint[] preCompNegP = negK ? infoP.PreComp : infoP.PreCompNeg; + ECPoint[] preCompNegQ = negL ? infoQ.PreComp : infoQ.PreCompNeg; + + byte[] wnafP = WNafUtilities.GenerateWindowNaf(widthP, k); + byte[] wnafQ = WNafUtilities.GenerateWindowNaf(widthQ, l); + + return ImplShamirsTrickWNaf(preCompP, preCompNegP, wnafP, preCompQ, preCompNegQ, wnafQ); + } + + private static ECPoint ImplShamirsTrickWNaf(ECPoint[] preCompP, ECPoint[] preCompNegP, byte[] wnafP, + ECPoint[] preCompQ, ECPoint[] preCompNegQ, byte[] wnafQ) + { + int len = System.Math.Max(wnafP.Length, wnafQ.Length); + + ECCurve curve = preCompP[0].Curve; + ECPoint infinity = curve.Infinity; + + ECPoint R = infinity; + int zeroes = 0; + + for (int i = len - 1; i >= 0; --i) + { + int wiP = i < wnafP.Length ? (int)(sbyte)wnafP[i] : 0; + int wiQ = i < wnafQ.Length ? (int)(sbyte)wnafQ[i] : 0; + + if ((wiP | wiQ) == 0) + { + ++zeroes; + continue; + } + + ECPoint r = infinity; + if (wiP != 0) + { + int nP = System.Math.Abs(wiP); + ECPoint[] tableP = wiP < 0 ? preCompNegP : preCompP; + r = r.Add(tableP[nP >> 1]); + } + if (wiQ != 0) + { + int nQ = System.Math.Abs(wiQ); + ECPoint[] tableQ = wiQ < 0 ? preCompNegQ : preCompQ; + r = r.Add(tableQ[nQ >> 1]); + } + + if (zeroes > 0) + { + R = R.TimesPow2(zeroes); + zeroes = 0; + } + + R = R.TwicePlus(r); + } + + if (zeroes > 0) + { + R = R.TimesPow2(zeroes); + } + + return R; + } + + internal static ECPoint ImplSumOfMultiplies(ECPoint[] ps, BigInteger[] ks) + { + int count = ps.Length; + bool[] negs = new bool[count]; + WNafPreCompInfo[] infos = new WNafPreCompInfo[count]; + byte[][] wnafs = new byte[count][]; + + for (int i = 0; i < count; ++i) + { + BigInteger ki = ks[i]; negs[i] = ki.SignValue < 0; ki = ki.Abs(); + + int minWidth = WNafUtilities.GetWindowSize(ki.BitLength, 8); + WNafPreCompInfo info = WNafUtilities.Precompute(ps[i], minWidth, true); + + int width = System.Math.Min(8, info.Width); + + infos[i] = info; + wnafs[i] = WNafUtilities.GenerateWindowNaf(width, ki); + } + + return ImplSumOfMultiplies(negs, infos, wnafs); + } + + internal static ECPoint ImplSumOfMultipliesGlv(ECPoint[] ps, BigInteger[] ks, GlvEndomorphism glvEndomorphism) + { + BigInteger n = ps[0].Curve.Order; + + int len = ps.Length; + + BigInteger[] abs = new BigInteger[len << 1]; + for (int i = 0, j = 0; i < len; ++i) + { + BigInteger[] ab = glvEndomorphism.DecomposeScalar(ks[i].Mod(n)); + abs[j++] = ab[0]; + abs[j++] = ab[1]; + } + + if (glvEndomorphism.HasEfficientPointMap) + { + return ImplSumOfMultiplies(glvEndomorphism, ps, abs); + } + + ECPoint[] pqs = new ECPoint[len << 1]; + for (int i = 0, j = 0; i < len; ++i) + { + ECPoint p = ps[i]; + ECPoint q = EndoUtilities.MapPoint(glvEndomorphism, p); + pqs[j++] = p; + pqs[j++] = q; + } + + return ImplSumOfMultiplies(pqs, abs); + } + + internal static ECPoint ImplSumOfMultiplies(ECEndomorphism endomorphism, ECPoint[] ps, BigInteger[] ks) + { + int halfCount = ps.Length, fullCount = halfCount << 1; + + bool[] negs = new bool[fullCount]; + WNafPreCompInfo[] infos = new WNafPreCompInfo[fullCount]; + byte[][] wnafs = new byte[fullCount][]; + + ECPointMap pointMap = endomorphism.PointMap; + + for (int i = 0; i < halfCount; ++i) + { + int j0 = i << 1, j1 = j0 + 1; + + BigInteger kj0 = ks[j0]; negs[j0] = kj0.SignValue < 0; kj0 = kj0.Abs(); + BigInteger kj1 = ks[j1]; negs[j1] = kj1.SignValue < 0; kj1 = kj1.Abs(); + + int minWidth = WNafUtilities.GetWindowSize(System.Math.Max(kj0.BitLength, kj1.BitLength), 8); + + ECPoint P = ps[i]; + WNafPreCompInfo infoP = WNafUtilities.Precompute(P, minWidth, true); + ECPoint Q = EndoUtilities.MapPoint(endomorphism, P); + WNafPreCompInfo infoQ = WNafUtilities.PrecomputeWithPointMap(Q, pointMap, infoP, true); + + int widthP = System.Math.Min(8, infoP.Width); + int widthQ = System.Math.Min(8, infoQ.Width); + + infos[j0] = infoP; + infos[j1] = infoQ; + wnafs[j0] = WNafUtilities.GenerateWindowNaf(widthP, kj0); + wnafs[j1] = WNafUtilities.GenerateWindowNaf(widthQ, kj1); + } + + return ImplSumOfMultiplies(negs, infos, wnafs); + } + + private static ECPoint ImplSumOfMultiplies(bool[] negs, WNafPreCompInfo[] infos, byte[][] wnafs) + { + int len = 0, count = wnafs.Length; + for (int i = 0; i < count; ++i) + { + len = System.Math.Max(len, wnafs[i].Length); + } + + ECCurve curve = infos[0].PreComp[0].Curve; + ECPoint infinity = curve.Infinity; + + ECPoint R = infinity; + int zeroes = 0; + + for (int i = len - 1; i >= 0; --i) + { + ECPoint r = infinity; + + for (int j = 0; j < count; ++j) + { + byte[] wnaf = wnafs[j]; + int wi = i < wnaf.Length ? (int)(sbyte)wnaf[i] : 0; + if (wi != 0) + { + int n = System.Math.Abs(wi); + WNafPreCompInfo info = infos[j]; + ECPoint[] table = (wi < 0 == negs[j]) ? info.PreComp : info.PreCompNeg; + r = r.Add(table[n >> 1]); + } + } + + if (r == infinity) + { + ++zeroes; + continue; + } + + if (zeroes > 0) + { + R = R.TimesPow2(zeroes); + zeroes = 0; + } + + R = R.TwicePlus(r); + } + + if (zeroes > 0) + { + R = R.TimesPow2(zeroes); + } + + return R; + } + + private static ECPoint ImplShamirsTrickFixedPoint(ECPoint p, BigInteger k, ECPoint q, BigInteger l) + { + ECCurve c = p.Curve; + int combSize = FixedPointUtilities.GetCombSize(c); + + if (k.BitLength > combSize || l.BitLength > combSize) + { + /* + * TODO The comb works best when the scalars are less than the (possibly unknown) order. + * Still, if we want to handle larger scalars, we could allow customization of the comb + * size, or alternatively we could deal with the 'extra' bits either by running the comb + * multiple times as necessary, or by using an alternative multiplier as prelude. + */ + throw new InvalidOperationException("fixed-point comb doesn't support scalars larger than the curve order"); + } + + FixedPointPreCompInfo infoP = FixedPointUtilities.Precompute(p); + FixedPointPreCompInfo infoQ = FixedPointUtilities.Precompute(q); + + ECLookupTable lookupTableP = infoP.LookupTable; + ECLookupTable lookupTableQ = infoQ.LookupTable; + + int widthP = infoP.Width; + int widthQ = infoQ.Width; + + // TODO This shouldn't normally happen, but a better "solution" is desirable anyway + if (widthP != widthQ) + { + FixedPointCombMultiplier m = new FixedPointCombMultiplier(); + ECPoint r1 = m.Multiply(p, k); + ECPoint r2 = m.Multiply(q, l); + return r1.Add(r2); + } + + int width = widthP; + + int d = (combSize + width - 1) / width; + + ECPoint R = c.Infinity; + + int fullComb = d * width; + uint[] K = Nat.FromBigInteger(fullComb, k); + uint[] L = Nat.FromBigInteger(fullComb, l); + + int top = fullComb - 1; + for (int i = 0; i < d; ++i) + { + uint secretIndexK = 0, secretIndexL = 0; + + for (int j = top - i; j >= 0; j -= d) + { + uint secretBitK = K[j >> 5] >> (j & 0x1F); + secretIndexK ^= secretBitK >> 1; + secretIndexK <<= 1; + secretIndexK ^= secretBitK; + + uint secretBitL = L[j >> 5] >> (j & 0x1F); + secretIndexL ^= secretBitL >> 1; + secretIndexL <<= 1; + secretIndexL ^= secretBitL; + } + + ECPoint addP = lookupTableP.LookupVar((int)secretIndexK); + ECPoint addQ = lookupTableQ.LookupVar((int)secretIndexL); + + ECPoint T = addP.Add(addQ); + + R = R.TwicePlus(T); + } + + return R.Add(infoP.Offset).Add(infoQ.Offset); + } + } +} diff --git a/BouncyCastle/crypto/src/math/ec/ECCurve.cs b/BouncyCastle/crypto/src/math/ec/ECCurve.cs new file mode 100644 index 0000000..3861dc4 --- /dev/null +++ b/BouncyCastle/crypto/src/math/ec/ECCurve.cs @@ -0,0 +1,1501 @@ +using System; +using System.Collections; + +using Org.BouncyCastle.Math.EC.Abc; +using Org.BouncyCastle.Math.EC.Endo; +using Org.BouncyCastle.Math.EC.Multiplier; +using Org.BouncyCastle.Math.Field; +using Org.BouncyCastle.Security; +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Math.EC +{ + /// Base class for an elliptic curve. + public abstract class ECCurve + { + public const int COORD_AFFINE = 0; + public const int COORD_HOMOGENEOUS = 1; + public const int COORD_JACOBIAN = 2; + public const int COORD_JACOBIAN_CHUDNOVSKY = 3; + public const int COORD_JACOBIAN_MODIFIED = 4; + public const int COORD_LAMBDA_AFFINE = 5; + public const int COORD_LAMBDA_PROJECTIVE = 6; + public const int COORD_SKEWED = 7; + + public static int[] GetAllCoordinateSystems() + { + return new int[]{ COORD_AFFINE, COORD_HOMOGENEOUS, COORD_JACOBIAN, COORD_JACOBIAN_CHUDNOVSKY, + COORD_JACOBIAN_MODIFIED, COORD_LAMBDA_AFFINE, COORD_LAMBDA_PROJECTIVE, COORD_SKEWED }; + } + + public class Config + { + protected ECCurve outer; + protected int coord; + protected ECEndomorphism endomorphism; + protected ECMultiplier multiplier; + + internal Config(ECCurve outer, int coord, ECEndomorphism endomorphism, ECMultiplier multiplier) + { + this.outer = outer; + this.coord = coord; + this.endomorphism = endomorphism; + this.multiplier = multiplier; + } + + public Config SetCoordinateSystem(int coord) + { + this.coord = coord; + return this; + } + + public Config SetEndomorphism(ECEndomorphism endomorphism) + { + this.endomorphism = endomorphism; + return this; + } + + public Config SetMultiplier(ECMultiplier multiplier) + { + this.multiplier = multiplier; + return this; + } + + public ECCurve Create() + { + if (!outer.SupportsCoordinateSystem(coord)) + { + throw new InvalidOperationException("unsupported coordinate system"); + } + + ECCurve c = outer.CloneCurve(); + if (c == outer) + { + throw new InvalidOperationException("implementation returned current curve"); + } + + c.m_coord = coord; + c.m_endomorphism = endomorphism; + c.m_multiplier = multiplier; + + return c; + } + } + + protected readonly IFiniteField m_field; + protected ECFieldElement m_a, m_b; + protected BigInteger m_order, m_cofactor; + + protected int m_coord = COORD_AFFINE; + protected ECEndomorphism m_endomorphism = null; + protected ECMultiplier m_multiplier = null; + + protected ECCurve(IFiniteField field) + { + this.m_field = field; + } + + public abstract int FieldSize { get; } + public abstract ECFieldElement FromBigInteger(BigInteger x); + public abstract bool IsValidFieldElement(BigInteger x); + + public abstract ECFieldElement RandomFieldElement(SecureRandom r); + + public abstract ECFieldElement RandomFieldElementMult(SecureRandom r); + + public virtual Config Configure() + { + return new Config(this, this.m_coord, this.m_endomorphism, this.m_multiplier); + } + + public virtual ECPoint ValidatePoint(BigInteger x, BigInteger y) + { + ECPoint p = CreatePoint(x, y); + if (!p.IsValid()) + { + throw new ArgumentException("Invalid point coordinates"); + } + return p; + } + + [Obsolete("Per-point compression property will be removed")] + public virtual ECPoint ValidatePoint(BigInteger x, BigInteger y, bool withCompression) + { + ECPoint p = CreatePoint(x, y, withCompression); + if (!p.IsValid()) + { + throw new ArgumentException("Invalid point coordinates"); + } + return p; + } + + public virtual ECPoint CreatePoint(BigInteger x, BigInteger y) + { + return CreatePoint(x, y, false); + } + + [Obsolete("Per-point compression property will be removed")] + public virtual ECPoint CreatePoint(BigInteger x, BigInteger y, bool withCompression) + { + return CreateRawPoint(FromBigInteger(x), FromBigInteger(y), withCompression); + } + + protected abstract ECCurve CloneCurve(); + + protected internal abstract ECPoint CreateRawPoint(ECFieldElement x, ECFieldElement y, bool withCompression); + + protected internal abstract ECPoint CreateRawPoint(ECFieldElement x, ECFieldElement y, ECFieldElement[] zs, bool withCompression); + + protected virtual ECMultiplier CreateDefaultMultiplier() + { + GlvEndomorphism glvEndomorphism = m_endomorphism as GlvEndomorphism; + if (glvEndomorphism != null) + { + return new GlvMultiplier(this, glvEndomorphism); + } + + return new WNafL2RMultiplier(); + } + + public virtual bool SupportsCoordinateSystem(int coord) + { + return coord == COORD_AFFINE; + } + + public virtual PreCompInfo GetPreCompInfo(ECPoint point, string name) + { + CheckPoint(point); + + IDictionary table; + lock (point) + { + table = point.m_preCompTable; + } + + if (null == table) + return null; + + lock (table) + { + return (PreCompInfo)table[name]; + } + } + + /** + * Compute a PreCompInfo for a point on this curve, under a given name. Used by + * ECMultipliers to save the precomputation for this ECPoint for use + * by subsequent multiplication. + * + * @param point + * The ECPoint to store precomputations for. + * @param name + * A String used to index precomputations of different types. + * @param callback + * Called to calculate the PreCompInfo. + */ + public virtual PreCompInfo Precompute(ECPoint point, string name, IPreCompCallback callback) + { + CheckPoint(point); + + IDictionary table; + lock (point) + { + table = point.m_preCompTable; + if (null == table) + { + point.m_preCompTable = table = Platform.CreateHashtable(4); + } + } + + lock (table) + { + PreCompInfo existing = (PreCompInfo)table[name]; + PreCompInfo result = callback.Precompute(existing); + + if (result != existing) + { + table[name] = result; + } + + return result; + } + } + + public virtual ECPoint ImportPoint(ECPoint p) + { + if (this == p.Curve) + { + return p; + } + if (p.IsInfinity) + { + return Infinity; + } + + // TODO Default behaviour could be improved if the two curves have the same coordinate system by copying any Z coordinates. + p = p.Normalize(); + + return CreatePoint(p.XCoord.ToBigInteger(), p.YCoord.ToBigInteger(), p.IsCompressed); + } + + /** + * Normalization ensures that any projective coordinate is 1, and therefore that the x, y + * coordinates reflect those of the equivalent point in an affine coordinate system. Where more + * than one point is to be normalized, this method will generally be more efficient than + * normalizing each point separately. + * + * @param points + * An array of points that will be updated in place with their normalized versions, + * where necessary + */ + public virtual void NormalizeAll(ECPoint[] points) + { + NormalizeAll(points, 0, points.Length, null); + } + + /** + * Normalization ensures that any projective coordinate is 1, and therefore that the x, y + * coordinates reflect those of the equivalent point in an affine coordinate system. Where more + * than one point is to be normalized, this method will generally be more efficient than + * normalizing each point separately. An (optional) z-scaling factor can be applied; effectively + * each z coordinate is scaled by this value prior to normalization (but only one + * actual multiplication is needed). + * + * @param points + * An array of points that will be updated in place with their normalized versions, + * where necessary + * @param off + * The start of the range of points to normalize + * @param len + * The length of the range of points to normalize + * @param iso + * The (optional) z-scaling factor - can be null + */ + public virtual void NormalizeAll(ECPoint[] points, int off, int len, ECFieldElement iso) + { + CheckPoints(points, off, len); + + switch (this.CoordinateSystem) + { + case ECCurve.COORD_AFFINE: + case ECCurve.COORD_LAMBDA_AFFINE: + { + if (iso != null) + throw new ArgumentException("not valid for affine coordinates", "iso"); + + return; + } + } + + /* + * Figure out which of the points actually need to be normalized + */ + ECFieldElement[] zs = new ECFieldElement[len]; + int[] indices = new int[len]; + int count = 0; + for (int i = 0; i < len; ++i) + { + ECPoint p = points[off + i]; + if (null != p && (iso != null || !p.IsNormalized())) + { + zs[count] = p.GetZCoord(0); + indices[count++] = off + i; + } + } + + if (count == 0) + { + return; + } + + ECAlgorithms.MontgomeryTrick(zs, 0, count, iso); + + for (int j = 0; j < count; ++j) + { + int index = indices[j]; + points[index] = points[index].Normalize(zs[j]); + } + } + + public abstract ECPoint Infinity { get; } + + public virtual IFiniteField Field + { + get { return m_field; } + } + + public virtual ECFieldElement A + { + get { return m_a; } + } + + public virtual ECFieldElement B + { + get { return m_b; } + } + + public virtual BigInteger Order + { + get { return m_order; } + } + + public virtual BigInteger Cofactor + { + get { return m_cofactor; } + } + + public virtual int CoordinateSystem + { + get { return m_coord; } + } + + /** + * Create a cache-safe lookup table for the specified sequence of points. All the points MUST + * belong to this ECCurve instance, and MUST already be normalized. + */ + public virtual ECLookupTable CreateCacheSafeLookupTable(ECPoint[] points, int off, int len) + { + int FE_BYTES = (FieldSize + 7) / 8; + byte[] table = new byte[len * FE_BYTES * 2]; + { + int pos = 0; + for (int i = 0; i < len; ++i) + { + ECPoint p = points[off + i]; + byte[] px = p.RawXCoord.ToBigInteger().ToByteArray(); + byte[] py = p.RawYCoord.ToBigInteger().ToByteArray(); + + int pxStart = px.Length > FE_BYTES ? 1 : 0, pxLen = px.Length - pxStart; + int pyStart = py.Length > FE_BYTES ? 1 : 0, pyLen = py.Length - pyStart; + + Array.Copy(px, pxStart, table, pos + FE_BYTES - pxLen, pxLen); pos += FE_BYTES; + Array.Copy(py, pyStart, table, pos + FE_BYTES - pyLen, pyLen); pos += FE_BYTES; + } + } + + return new DefaultLookupTable(this, table, len); + } + + protected virtual void CheckPoint(ECPoint point) + { + if (null == point || (this != point.Curve)) + throw new ArgumentException("must be non-null and on this curve", "point"); + } + + protected virtual void CheckPoints(ECPoint[] points) + { + CheckPoints(points, 0, points.Length); + } + + protected virtual void CheckPoints(ECPoint[] points, int off, int len) + { + if (points == null) + throw new ArgumentNullException("points"); + if (off < 0 || len < 0 || (off > (points.Length - len))) + throw new ArgumentException("invalid range specified", "points"); + + for (int i = 0; i < len; ++i) + { + ECPoint point = points[off + i]; + if (null != point && this != point.Curve) + throw new ArgumentException("entries must be null or on this curve", "points"); + } + } + + public virtual bool Equals(ECCurve other) + { + if (this == other) + return true; + if (null == other) + return false; + return Field.Equals(other.Field) + && A.ToBigInteger().Equals(other.A.ToBigInteger()) + && B.ToBigInteger().Equals(other.B.ToBigInteger()); + } + + public override bool Equals(object obj) + { + return Equals(obj as ECCurve); + } + + public override int GetHashCode() + { + return Field.GetHashCode() + ^ Integers.RotateLeft(A.ToBigInteger().GetHashCode(), 8) + ^ Integers.RotateLeft(B.ToBigInteger().GetHashCode(), 16); + } + + protected abstract ECPoint DecompressPoint(int yTilde, BigInteger X1); + + public virtual ECEndomorphism GetEndomorphism() + { + return m_endomorphism; + } + + /** + * Sets the default ECMultiplier, unless already set. + * + * We avoid locking for performance reasons, so there is no uniqueness guarantee. + */ + public virtual ECMultiplier GetMultiplier() + { + if (this.m_multiplier == null) + { + this.m_multiplier = CreateDefaultMultiplier(); + } + return this.m_multiplier; + } + + /** + * Decode a point on this curve from its ASN.1 encoding. The different + * encodings are taken account of, including point compression for + * Fp (X9.62 s 4.2.1 pg 17). + * @return The decoded point. + */ + public virtual ECPoint DecodePoint(byte[] encoded) + { + ECPoint p = null; + int expectedLength = (FieldSize + 7) / 8; + + byte type = encoded[0]; + switch (type) + { + case 0x00: // infinity + { + if (encoded.Length != 1) + throw new ArgumentException("Incorrect length for infinity encoding", "encoded"); + + p = Infinity; + break; + } + + case 0x02: // compressed + case 0x03: // compressed + { + if (encoded.Length != (expectedLength + 1)) + throw new ArgumentException("Incorrect length for compressed encoding", "encoded"); + + int yTilde = type & 1; + BigInteger X = new BigInteger(1, encoded, 1, expectedLength); + + p = DecompressPoint(yTilde, X); + if (!p.ImplIsValid(true, true)) + throw new ArgumentException("Invalid point"); + + break; + } + + case 0x04: // uncompressed + { + if (encoded.Length != (2 * expectedLength + 1)) + throw new ArgumentException("Incorrect length for uncompressed encoding", "encoded"); + + BigInteger X = new BigInteger(1, encoded, 1, expectedLength); + BigInteger Y = new BigInteger(1, encoded, 1 + expectedLength, expectedLength); + + p = ValidatePoint(X, Y); + break; + } + + case 0x06: // hybrid + case 0x07: // hybrid + { + if (encoded.Length != (2 * expectedLength + 1)) + throw new ArgumentException("Incorrect length for hybrid encoding", "encoded"); + + BigInteger X = new BigInteger(1, encoded, 1, expectedLength); + BigInteger Y = new BigInteger(1, encoded, 1 + expectedLength, expectedLength); + + if (Y.TestBit(0) != (type == 0x07)) + throw new ArgumentException("Inconsistent Y coordinate in hybrid encoding", "encoded"); + + p = ValidatePoint(X, Y); + break; + } + + default: + throw new FormatException("Invalid point encoding " + type); + } + + if (type != 0x00 && p.IsInfinity) + throw new ArgumentException("Invalid infinity encoding", "encoded"); + + return p; + } + + private class DefaultLookupTable + : AbstractECLookupTable + { + private readonly ECCurve m_outer; + private readonly byte[] m_table; + private readonly int m_size; + + internal DefaultLookupTable(ECCurve outer, byte[] table, int size) + { + this.m_outer = outer; + this.m_table = table; + this.m_size = size; + } + + public override int Size + { + get { return m_size; } + } + + public override ECPoint Lookup(int index) + { + int FE_BYTES = (m_outer.FieldSize + 7) / 8; + byte[] x = new byte[FE_BYTES], y = new byte[FE_BYTES]; + int pos = 0; + + for (int i = 0; i < m_size; ++i) + { + byte MASK = (byte)(((i ^ index) - 1) >> 31); + + for (int j = 0; j < FE_BYTES; ++j) + { + x[j] ^= (byte)(m_table[pos + j] & MASK); + y[j] ^= (byte)(m_table[pos + FE_BYTES + j] & MASK); + } + + pos += (FE_BYTES * 2); + } + + return CreatePoint(x, y); + } + + public override ECPoint LookupVar(int index) + { + int FE_BYTES = (m_outer.FieldSize + 7) / 8; + byte[] x = new byte[FE_BYTES], y = new byte[FE_BYTES]; + int pos = index * FE_BYTES * 2; + + for (int j = 0; j < FE_BYTES; ++j) + { + x[j] = m_table[pos + j]; + y[j] = m_table[pos + FE_BYTES + j]; + } + + return CreatePoint(x, y); + } + + private ECPoint CreatePoint(byte[] x, byte[] y) + { + ECFieldElement X = m_outer.FromBigInteger(new BigInteger(1, x)); + ECFieldElement Y = m_outer.FromBigInteger(new BigInteger(1, y)); + return m_outer.CreateRawPoint(X, Y, false); + } + } + } + + public abstract class AbstractFpCurve + : ECCurve + { + protected AbstractFpCurve(BigInteger q) + : base(FiniteFields.GetPrimeField(q)) + { + } + + public override bool IsValidFieldElement(BigInteger x) + { + return x != null && x.SignValue >= 0 && x.CompareTo(Field.Characteristic) < 0; + } + + public override ECFieldElement RandomFieldElement(SecureRandom r) + { + /* + * NOTE: BigInteger comparisons in the rejection sampling are not constant-time, so we + * use the product of two independent elements to mitigate side-channels. + */ + BigInteger p = Field.Characteristic; + ECFieldElement fe1 = FromBigInteger(ImplRandomFieldElement(r, p)); + ECFieldElement fe2 = FromBigInteger(ImplRandomFieldElement(r, p)); + return fe1.Multiply(fe2); + } + + public override ECFieldElement RandomFieldElementMult(SecureRandom r) + { + /* + * NOTE: BigInteger comparisons in the rejection sampling are not constant-time, so we + * use the product of two independent elements to mitigate side-channels. + */ + BigInteger p = Field.Characteristic; + ECFieldElement fe1 = FromBigInteger(ImplRandomFieldElementMult(r, p)); + ECFieldElement fe2 = FromBigInteger(ImplRandomFieldElementMult(r, p)); + return fe1.Multiply(fe2); + } + + protected override ECPoint DecompressPoint(int yTilde, BigInteger X1) + { + ECFieldElement x = FromBigInteger(X1); + ECFieldElement rhs = x.Square().Add(A).Multiply(x).Add(B); + ECFieldElement y = rhs.Sqrt(); + + /* + * If y is not a square, then we haven't got a point on the curve + */ + if (y == null) + throw new ArgumentException("Invalid point compression"); + + if (y.TestBitZero() != (yTilde == 1)) + { + // Use the other root + y = y.Negate(); + } + + return CreateRawPoint(x, y, true); + } + + private static BigInteger ImplRandomFieldElement(SecureRandom r, BigInteger p) + { + BigInteger x; + do + { + x = BigIntegers.CreateRandomBigInteger(p.BitLength, r); + } + while (x.CompareTo(p) >= 0); + return x; + } + + private static BigInteger ImplRandomFieldElementMult(SecureRandom r, BigInteger p) + { + BigInteger x; + do + { + x = BigIntegers.CreateRandomBigInteger(p.BitLength, r); + } + while (x.SignValue <= 0 || x.CompareTo(p) >= 0); + return x; + } + } + + /** + * Elliptic curve over Fp + */ + public class FpCurve + : AbstractFpCurve + { + private const int FP_DEFAULT_COORDS = COORD_JACOBIAN_MODIFIED; + + private static readonly IDictionary knownQs = Platform.CreateHashtable(); + private static readonly SecureRandom random = new SecureRandom(); + + protected readonly BigInteger m_q, m_r; + protected readonly FpPoint m_infinity; + + [Obsolete("Use constructor taking order/cofactor")] + public FpCurve(BigInteger q, BigInteger a, BigInteger b) + : this(q, a, b, null, null) + { + } + + public FpCurve(BigInteger q, BigInteger a, BigInteger b, BigInteger order, BigInteger cofactor) + : this(q, a, b, order, cofactor, false) + { + } + + internal FpCurve(BigInteger q, BigInteger a, BigInteger b, BigInteger order, BigInteger cofactor, bool isInternal) + : base(q) + { + if (isInternal) + { + this.m_q = q; + if (!knownQs.Contains(q)) + { + knownQs.Add(q, q); + } + } + else if (knownQs.Contains(q)) + { + this.m_q = q; + } + else + { + int maxBitLength = AsInteger("Org.BouncyCastle.EC.Fp_MaxSize", 1042); // 2 * 521 + int certainty = AsInteger("Org.BouncyCastle.EC.Fp_Certainty", 100); + + int qBitLength = q.BitLength; + if (maxBitLength < qBitLength) + { + throw new ArgumentException("Fp q value out of range"); + } + + if (Primes.HasAnySmallFactors(q) || !Primes.IsMRProbablePrime( + q, random, GetNumberOfIterations(qBitLength, certainty))) + { + throw new ArgumentException("Fp q value not prime"); + } + + this.m_q = q; + } + + this.m_r = FpFieldElement.CalculateResidue(q); + this.m_infinity = new FpPoint(this, null, null, false); + + this.m_a = FromBigInteger(a); + this.m_b = FromBigInteger(b); + this.m_order = order; + this.m_cofactor = cofactor; + this.m_coord = FP_DEFAULT_COORDS; + } + + [Obsolete("Use constructor taking order/cofactor")] + protected FpCurve(BigInteger q, BigInteger r, ECFieldElement a, ECFieldElement b) + : this(q, r, a, b, null, null) + { + } + + protected FpCurve(BigInteger q, BigInteger r, ECFieldElement a, ECFieldElement b, BigInteger order, BigInteger cofactor) + : base(q) + { + this.m_q = q; + this.m_r = r; + this.m_infinity = new FpPoint(this, null, null, false); + + this.m_a = a; + this.m_b = b; + this.m_order = order; + this.m_cofactor = cofactor; + this.m_coord = FP_DEFAULT_COORDS; + } + + protected override ECCurve CloneCurve() + { + return new FpCurve(m_q, m_r, m_a, m_b, m_order, m_cofactor); + } + + public override bool SupportsCoordinateSystem(int coord) + { + switch (coord) + { + case COORD_AFFINE: + case COORD_HOMOGENEOUS: + case COORD_JACOBIAN: + case COORD_JACOBIAN_MODIFIED: + return true; + default: + return false; + } + } + + public virtual BigInteger Q + { + get { return m_q; } + } + + public override ECPoint Infinity + { + get { return m_infinity; } + } + + public override int FieldSize + { + get { return m_q.BitLength; } + } + + public override ECFieldElement FromBigInteger(BigInteger x) + { + return new FpFieldElement(this.m_q, this.m_r, x); + } + + protected internal override ECPoint CreateRawPoint(ECFieldElement x, ECFieldElement y, bool withCompression) + { + return new FpPoint(this, x, y, withCompression); + } + + protected internal override ECPoint CreateRawPoint(ECFieldElement x, ECFieldElement y, ECFieldElement[] zs, bool withCompression) + { + return new FpPoint(this, x, y, zs, withCompression); + } + + public override ECPoint ImportPoint(ECPoint p) + { + if (this != p.Curve && this.CoordinateSystem == COORD_JACOBIAN && !p.IsInfinity) + { + switch (p.Curve.CoordinateSystem) + { + case COORD_JACOBIAN: + case COORD_JACOBIAN_CHUDNOVSKY: + case COORD_JACOBIAN_MODIFIED: + return new FpPoint(this, + FromBigInteger(p.RawXCoord.ToBigInteger()), + FromBigInteger(p.RawYCoord.ToBigInteger()), + new ECFieldElement[] { FromBigInteger(p.GetZCoord(0).ToBigInteger()) }, + p.IsCompressed); + default: + break; + } + } + + return base.ImportPoint(p); + } + + private int GetNumberOfIterations(int bits, int certainty) + { + /* + * NOTE: We enforce a minimum 'certainty' of 100 for bits >= 1024 (else 80). Where the + * certainty is higher than the FIPS 186-4 tables (C.2/C.3) cater to, extra iterations + * are added at the "worst case rate" for the excess. + */ + if (bits >= 1536) + { + return certainty <= 100 ? 3 + : certainty <= 128 ? 4 + : 4 + (certainty - 128 + 1) / 2; + } + else if (bits >= 1024) + { + return certainty <= 100 ? 4 + : certainty <= 112 ? 5 + : 5 + (certainty - 112 + 1) / 2; + } + else if (bits >= 512) + { + return certainty <= 80 ? 5 + : certainty <= 100 ? 7 + : 7 + (certainty - 100 + 1) / 2; + } + else + { + return certainty <= 80 ? 40 + : 40 + (certainty - 80 + 1) / 2; + } + } + + int AsInteger(string envVariable, int defaultValue) + { + String v = Platform.GetEnvironmentVariable(envVariable); + + if (v == null) + { + return defaultValue; + } + + return Int32.Parse(v); + } + } + + public abstract class AbstractF2mCurve + : ECCurve + { + public static BigInteger Inverse(int m, int[] ks, BigInteger x) + { + return new LongArray(x).ModInverse(m, ks).ToBigInteger(); + } + + /** + * The auxiliary values s0 and + * s1 used for partial modular reduction for + * Koblitz curves. + */ + private BigInteger[] si = null; + + private static IFiniteField BuildField(int m, int k1, int k2, int k3) + { + if (k1 == 0) + { + throw new ArgumentException("k1 must be > 0"); + } + + if (k2 == 0) + { + if (k3 != 0) + { + throw new ArgumentException("k3 must be 0 if k2 == 0"); + } + + return FiniteFields.GetBinaryExtensionField(new int[]{ 0, k1, m }); + } + + if (k2 <= k1) + { + throw new ArgumentException("k2 must be > k1"); + } + + if (k3 <= k2) + { + throw new ArgumentException("k3 must be > k2"); + } + + return FiniteFields.GetBinaryExtensionField(new int[]{ 0, k1, k2, k3, m }); + } + + protected AbstractF2mCurve(int m, int k1, int k2, int k3) + : base(BuildField(m, k1, k2, k3)) + { + } + + [Obsolete("Per-point compression property will be removed")] + public override ECPoint CreatePoint(BigInteger x, BigInteger y, bool withCompression) + { + ECFieldElement X = FromBigInteger(x), Y = FromBigInteger(y); + + switch (this.CoordinateSystem) + { + case COORD_LAMBDA_AFFINE: + case COORD_LAMBDA_PROJECTIVE: + { + if (X.IsZero) + { + if (!Y.Square().Equals(B)) + throw new ArgumentException(); + } + else + { + // Y becomes Lambda (X + Y/X) here + Y = Y.Divide(X).Add(X); + } + break; + } + default: + { + break; + } + } + + return CreateRawPoint(X, Y, withCompression); + } + + public override bool IsValidFieldElement(BigInteger x) + { + return x != null && x.SignValue >= 0 && x.BitLength <= FieldSize; + } + + public override ECFieldElement RandomFieldElement(SecureRandom r) + { + int m = FieldSize; + return FromBigInteger(BigIntegers.CreateRandomBigInteger(m, r)); + } + + public override ECFieldElement RandomFieldElementMult(SecureRandom r) + { + /* + * NOTE: BigInteger comparisons in the rejection sampling are not constant-time, so we + * use the product of two independent elements to mitigate side-channels. + */ + int m = FieldSize; + ECFieldElement fe1 = FromBigInteger(ImplRandomFieldElementMult(r, m)); + ECFieldElement fe2 = FromBigInteger(ImplRandomFieldElementMult(r, m)); + return fe1.Multiply(fe2); + } + + protected override ECPoint DecompressPoint(int yTilde, BigInteger X1) + { + ECFieldElement xp = FromBigInteger(X1), yp = null; + if (xp.IsZero) + { + yp = B.Sqrt(); + } + else + { + ECFieldElement beta = xp.Square().Invert().Multiply(B).Add(A).Add(xp); + ECFieldElement z = SolveQuadraticEquation(beta); + + if (z != null) + { + if (z.TestBitZero() != (yTilde == 1)) + { + z = z.AddOne(); + } + + switch (this.CoordinateSystem) + { + case COORD_LAMBDA_AFFINE: + case COORD_LAMBDA_PROJECTIVE: + { + yp = z.Add(xp); + break; + } + default: + { + yp = z.Multiply(xp); + break; + } + } + } + } + + if (yp == null) + throw new ArgumentException("Invalid point compression"); + + return CreateRawPoint(xp, yp, true); + } + + /** + * Solves a quadratic equation z2 + z = beta(X9.62 + * D.1.6) The other solution is z + 1. + * + * @param beta + * The value to solve the quadratic equation for. + * @return the solution for z2 + z = beta or + * null if no solution exists. + */ + internal ECFieldElement SolveQuadraticEquation(ECFieldElement beta) + { + AbstractF2mFieldElement betaF2m = (AbstractF2mFieldElement)beta; + + bool fastTrace = betaF2m.HasFastTrace; + if (fastTrace && 0 != betaF2m.Trace()) + return null; + + int m = FieldSize; + + // For odd m, use the half-trace + if (0 != (m & 1)) + { + ECFieldElement r = betaF2m.HalfTrace(); + if (fastTrace || r.Square().Add(r).Add(beta).IsZero) + return r; + + return null; + } + + if (beta.IsZero) + return beta; + + ECFieldElement gamma, z, zeroElement = FromBigInteger(BigInteger.Zero); + + do + { + ECFieldElement t = FromBigInteger(BigInteger.Arbitrary(m)); + z = zeroElement; + ECFieldElement w = beta; + for (int i = 1; i < m; i++) + { + ECFieldElement w2 = w.Square(); + z = z.Square().Add(w2.Multiply(t)); + w = w2.Add(beta); + } + if (!w.IsZero) + { + return null; + } + gamma = z.Square().Add(z); + } + while (gamma.IsZero); + + return z; + } + + /** + * @return the auxiliary values s0 and + * s1 used for partial modular reduction for + * Koblitz curves. + */ + internal virtual BigInteger[] GetSi() + { + if (si == null) + { + lock (this) + { + if (si == null) + { + si = Tnaf.GetSi(this); + } + } + } + return si; + } + + /** + * Returns true if this is a Koblitz curve (ABC curve). + * @return true if this is a Koblitz curve (ABC curve), false otherwise + */ + public virtual bool IsKoblitz + { + get + { + return m_order != null && m_cofactor != null && m_b.IsOne && (m_a.IsZero || m_a.IsOne); + } + } + + private static BigInteger ImplRandomFieldElementMult(SecureRandom r, int m) + { + BigInteger x; + do + { + x = BigIntegers.CreateRandomBigInteger(m, r); + } + while (x.SignValue <= 0); + return x; + } + } + + /** + * Elliptic curves over F2m. The Weierstrass equation is given by + * y2 + xy = x3 + ax2 + b. + */ + public class F2mCurve + : AbstractF2mCurve + { + private const int F2M_DEFAULT_COORDS = COORD_LAMBDA_PROJECTIVE; + + /** + * The exponent m of F2m. + */ + private readonly int m; + + /** + * TPB: The integer k where xm + + * xk + 1 represents the reduction polynomial + * f(z).
    + * PPB: The integer k1 where xm + + * xk3 + xk2 + xk1 + 1 + * represents the reduction polynomial f(z).
    + */ + private readonly int k1; + + /** + * TPB: Always set to 0
    + * PPB: The integer k2 where xm + + * xk3 + xk2 + xk1 + 1 + * represents the reduction polynomial f(z).
    + */ + private readonly int k2; + + /** + * TPB: Always set to 0
    + * PPB: The integer k3 where xm + + * xk3 + xk2 + xk1 + 1 + * represents the reduction polynomial f(z).
    + */ + private readonly int k3; + + /** + * The point at infinity on this curve. + */ + protected readonly F2mPoint m_infinity; + + /** + * Constructor for Trinomial Polynomial Basis (TPB). + * @param m The exponent m of + * F2m. + * @param k The integer k where xm + + * xk + 1 represents the reduction + * polynomial f(z). + * @param a The coefficient a in the Weierstrass equation + * for non-supersingular elliptic curves over + * F2m. + * @param b The coefficient b in the Weierstrass equation + * for non-supersingular elliptic curves over + * F2m. + */ + [Obsolete("Use constructor taking order/cofactor")] + public F2mCurve( + int m, + int k, + BigInteger a, + BigInteger b) + : this(m, k, 0, 0, a, b, null, null) + { + } + + /** + * Constructor for Trinomial Polynomial Basis (TPB). + * @param m The exponent m of + * F2m. + * @param k The integer k where xm + + * xk + 1 represents the reduction + * polynomial f(z). + * @param a The coefficient a in the Weierstrass equation + * for non-supersingular elliptic curves over + * F2m. + * @param b The coefficient b in the Weierstrass equation + * for non-supersingular elliptic curves over + * F2m. + * @param order The order of the main subgroup of the elliptic curve. + * @param cofactor The cofactor of the elliptic curve, i.e. + * #Ea(F2m) = h * n. + */ + public F2mCurve( + int m, + int k, + BigInteger a, + BigInteger b, + BigInteger order, + BigInteger cofactor) + : this(m, k, 0, 0, a, b, order, cofactor) + { + } + + /** + * Constructor for Pentanomial Polynomial Basis (PPB). + * @param m The exponent m of + * F2m. + * @param k1 The integer k1 where xm + + * xk3 + xk2 + xk1 + 1 + * represents the reduction polynomial f(z). + * @param k2 The integer k2 where xm + + * xk3 + xk2 + xk1 + 1 + * represents the reduction polynomial f(z). + * @param k3 The integer k3 where xm + + * xk3 + xk2 + xk1 + 1 + * represents the reduction polynomial f(z). + * @param a The coefficient a in the Weierstrass equation + * for non-supersingular elliptic curves over + * F2m. + * @param b The coefficient b in the Weierstrass equation + * for non-supersingular elliptic curves over + * F2m. + */ + [Obsolete("Use constructor taking order/cofactor")] + public F2mCurve( + int m, + int k1, + int k2, + int k3, + BigInteger a, + BigInteger b) + : this(m, k1, k2, k3, a, b, null, null) + { + } + + /** + * Constructor for Pentanomial Polynomial Basis (PPB). + * @param m The exponent m of + * F2m. + * @param k1 The integer k1 where xm + + * xk3 + xk2 + xk1 + 1 + * represents the reduction polynomial f(z). + * @param k2 The integer k2 where xm + + * xk3 + xk2 + xk1 + 1 + * represents the reduction polynomial f(z). + * @param k3 The integer k3 where xm + + * xk3 + xk2 + xk1 + 1 + * represents the reduction polynomial f(z). + * @param a The coefficient a in the Weierstrass equation + * for non-supersingular elliptic curves over + * F2m. + * @param b The coefficient b in the Weierstrass equation + * for non-supersingular elliptic curves over + * F2m. + * @param order The order of the main subgroup of the elliptic curve. + * @param cofactor The cofactor of the elliptic curve, i.e. + * #Ea(F2m) = h * n. + */ + public F2mCurve( + int m, + int k1, + int k2, + int k3, + BigInteger a, + BigInteger b, + BigInteger order, + BigInteger cofactor) + : base(m, k1, k2, k3) + { + this.m = m; + this.k1 = k1; + this.k2 = k2; + this.k3 = k3; + this.m_order = order; + this.m_cofactor = cofactor; + this.m_infinity = new F2mPoint(this, null, null, false); + + if (k1 == 0) + throw new ArgumentException("k1 must be > 0"); + + if (k2 == 0) + { + if (k3 != 0) + throw new ArgumentException("k3 must be 0 if k2 == 0"); + } + else + { + if (k2 <= k1) + throw new ArgumentException("k2 must be > k1"); + + if (k3 <= k2) + throw new ArgumentException("k3 must be > k2"); + } + + this.m_a = FromBigInteger(a); + this.m_b = FromBigInteger(b); + this.m_coord = F2M_DEFAULT_COORDS; + } + + protected F2mCurve(int m, int k1, int k2, int k3, ECFieldElement a, ECFieldElement b, BigInteger order, BigInteger cofactor) + : base(m, k1, k2, k3) + { + this.m = m; + this.k1 = k1; + this.k2 = k2; + this.k3 = k3; + this.m_order = order; + this.m_cofactor = cofactor; + + this.m_infinity = new F2mPoint(this, null, null, false); + this.m_a = a; + this.m_b = b; + this.m_coord = F2M_DEFAULT_COORDS; + } + + protected override ECCurve CloneCurve() + { + return new F2mCurve(m, k1, k2, k3, m_a, m_b, m_order, m_cofactor); + } + + public override bool SupportsCoordinateSystem(int coord) + { + switch (coord) + { + case COORD_AFFINE: + case COORD_HOMOGENEOUS: + case COORD_LAMBDA_PROJECTIVE: + return true; + default: + return false; + } + } + + protected override ECMultiplier CreateDefaultMultiplier() + { + if (IsKoblitz) + { + return new WTauNafMultiplier(); + } + + return base.CreateDefaultMultiplier(); + } + + public override int FieldSize + { + get { return m; } + } + + public override ECFieldElement FromBigInteger(BigInteger x) + { + return new F2mFieldElement(this.m, this.k1, this.k2, this.k3, x); + } + + protected internal override ECPoint CreateRawPoint(ECFieldElement x, ECFieldElement y, bool withCompression) + { + return new F2mPoint(this, x, y, withCompression); + } + + protected internal override ECPoint CreateRawPoint(ECFieldElement x, ECFieldElement y, ECFieldElement[] zs, bool withCompression) + { + return new F2mPoint(this, x, y, zs, withCompression); + } + + public override ECPoint Infinity + { + get { return m_infinity; } + } + + public int M + { + get { return m; } + } + + /** + * Return true if curve uses a Trinomial basis. + * + * @return true if curve Trinomial, false otherwise. + */ + public bool IsTrinomial() + { + return k2 == 0 && k3 == 0; + } + + public int K1 + { + get { return k1; } + } + + public int K2 + { + get { return k2; } + } + + public int K3 + { + get { return k3; } + } + + public override ECLookupTable CreateCacheSafeLookupTable(ECPoint[] points, int off, int len) + { + int FE_LONGS = (m + 63) / 64; + + long[] table = new long[len * FE_LONGS * 2]; + { + int pos = 0; + for (int i = 0; i < len; ++i) + { + ECPoint p = points[off + i]; + ((F2mFieldElement)p.RawXCoord).x.CopyTo(table, pos); pos += FE_LONGS; + ((F2mFieldElement)p.RawYCoord).x.CopyTo(table, pos); pos += FE_LONGS; + } + } + + return new DefaultF2mLookupTable(this, table, len); + } + + private class DefaultF2mLookupTable + : AbstractECLookupTable + { + private readonly F2mCurve m_outer; + private readonly long[] m_table; + private readonly int m_size; + + internal DefaultF2mLookupTable(F2mCurve outer, long[] table, int size) + { + this.m_outer = outer; + this.m_table = table; + this.m_size = size; + } + + public override int Size + { + get { return m_size; } + } + + public override ECPoint Lookup(int index) + { + int FE_LONGS = (m_outer.m + 63) / 64; + long[] x = new long[FE_LONGS], y = new long[FE_LONGS]; + int pos = 0; + + for (int i = 0; i < m_size; ++i) + { + long MASK =((i ^ index) - 1) >> 31; + + for (int j = 0; j < FE_LONGS; ++j) + { + x[j] ^= m_table[pos + j] & MASK; + y[j] ^= m_table[pos + FE_LONGS + j] & MASK; + } + + pos += (FE_LONGS * 2); + } + + return CreatePoint(x, y); + } + + public override ECPoint LookupVar(int index) + { + int FE_LONGS = (m_outer.m + 63) / 64; + long[] x = new long[FE_LONGS], y = new long[FE_LONGS]; + int pos = index * FE_LONGS * 2; + + for (int j = 0; j < FE_LONGS; ++j) + { + x[j] = m_table[pos + j]; + y[j] = m_table[pos + FE_LONGS + j]; + } + + return CreatePoint(x, y); + } + + private ECPoint CreatePoint(long[] x, long[] y) + { + int m = m_outer.m; + int[] ks = m_outer.IsTrinomial() ? new int[] { m_outer.k1 } : new int[] { m_outer.k1, m_outer.k2, m_outer.k3 }; + + ECFieldElement X = new F2mFieldElement(m, ks, new LongArray(x)); + ECFieldElement Y = new F2mFieldElement(m, ks, new LongArray(y)); + return m_outer.CreateRawPoint(X, Y, false); + } + } + } +} diff --git a/BouncyCastle/crypto/src/math/ec/ECFieldElement.cs b/BouncyCastle/crypto/src/math/ec/ECFieldElement.cs new file mode 100644 index 0000000..ed530b6 --- /dev/null +++ b/BouncyCastle/crypto/src/math/ec/ECFieldElement.cs @@ -0,0 +1,998 @@ +using System; +using System.Diagnostics; + +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Math.EC +{ + public abstract class ECFieldElement + { + public abstract BigInteger ToBigInteger(); + public abstract string FieldName { get; } + public abstract int FieldSize { get; } + public abstract ECFieldElement Add(ECFieldElement b); + public abstract ECFieldElement AddOne(); + public abstract ECFieldElement Subtract(ECFieldElement b); + public abstract ECFieldElement Multiply(ECFieldElement b); + public abstract ECFieldElement Divide(ECFieldElement b); + public abstract ECFieldElement Negate(); + public abstract ECFieldElement Square(); + public abstract ECFieldElement Invert(); + public abstract ECFieldElement Sqrt(); + + public virtual int BitLength + { + get { return ToBigInteger().BitLength; } + } + + public virtual bool IsOne + { + get { return BitLength == 1; } + } + + public virtual bool IsZero + { + get { return 0 == ToBigInteger().SignValue; } + } + + public virtual ECFieldElement MultiplyMinusProduct(ECFieldElement b, ECFieldElement x, ECFieldElement y) + { + return Multiply(b).Subtract(x.Multiply(y)); + } + + public virtual ECFieldElement MultiplyPlusProduct(ECFieldElement b, ECFieldElement x, ECFieldElement y) + { + return Multiply(b).Add(x.Multiply(y)); + } + + public virtual ECFieldElement SquareMinusProduct(ECFieldElement x, ECFieldElement y) + { + return Square().Subtract(x.Multiply(y)); + } + + public virtual ECFieldElement SquarePlusProduct(ECFieldElement x, ECFieldElement y) + { + return Square().Add(x.Multiply(y)); + } + + public virtual ECFieldElement SquarePow(int pow) + { + ECFieldElement r = this; + for (int i = 0; i < pow; ++i) + { + r = r.Square(); + } + return r; + } + + public virtual bool TestBitZero() + { + return ToBigInteger().TestBit(0); + } + + public override bool Equals(object obj) + { + return Equals(obj as ECFieldElement); + } + + public virtual bool Equals(ECFieldElement other) + { + if (this == other) + return true; + if (null == other) + return false; + return ToBigInteger().Equals(other.ToBigInteger()); + } + + public override int GetHashCode() + { + return ToBigInteger().GetHashCode(); + } + + public override string ToString() + { + return this.ToBigInteger().ToString(16); + } + + public virtual byte[] GetEncoded() + { + return BigIntegers.AsUnsignedByteArray((FieldSize + 7) / 8, ToBigInteger()); + } + } + + public abstract class AbstractFpFieldElement + : ECFieldElement + { + } + + public class FpFieldElement + : AbstractFpFieldElement + { + private readonly BigInteger q, r, x; + + internal static BigInteger CalculateResidue(BigInteger p) + { + int bitLength = p.BitLength; + if (bitLength >= 96) + { + BigInteger firstWord = p.ShiftRight(bitLength - 64); + if (firstWord.LongValue == -1L) + { + return BigInteger.One.ShiftLeft(bitLength).Subtract(p); + } + if ((bitLength & 7) == 0) + { + return BigInteger.One.ShiftLeft(bitLength << 1).Divide(p).Negate(); + } + } + return null; + } + + [Obsolete("Use ECCurve.FromBigInteger to construct field elements")] + public FpFieldElement(BigInteger q, BigInteger x) + : this(q, CalculateResidue(q), x) + { + } + + internal FpFieldElement(BigInteger q, BigInteger r, BigInteger x) + { + if (x == null || x.SignValue < 0 || x.CompareTo(q) >= 0) + throw new ArgumentException("value invalid in Fp field element", "x"); + + this.q = q; + this.r = r; + this.x = x; + } + + public override BigInteger ToBigInteger() + { + return x; + } + + /** + * return the field name for this field. + * + * @return the string "Fp". + */ + public override string FieldName + { + get { return "Fp"; } + } + + public override int FieldSize + { + get { return q.BitLength; } + } + + public BigInteger Q + { + get { return q; } + } + + public override ECFieldElement Add( + ECFieldElement b) + { + return new FpFieldElement(q, r, ModAdd(x, b.ToBigInteger())); + } + + public override ECFieldElement AddOne() + { + BigInteger x2 = x.Add(BigInteger.One); + if (x2.CompareTo(q) == 0) + { + x2 = BigInteger.Zero; + } + return new FpFieldElement(q, r, x2); + } + + public override ECFieldElement Subtract( + ECFieldElement b) + { + return new FpFieldElement(q, r, ModSubtract(x, b.ToBigInteger())); + } + + public override ECFieldElement Multiply( + ECFieldElement b) + { + return new FpFieldElement(q, r, ModMult(x, b.ToBigInteger())); + } + + public override ECFieldElement MultiplyMinusProduct(ECFieldElement b, ECFieldElement x, ECFieldElement y) + { + BigInteger ax = this.x, bx = b.ToBigInteger(), xx = x.ToBigInteger(), yx = y.ToBigInteger(); + BigInteger ab = ax.Multiply(bx); + BigInteger xy = xx.Multiply(yx); + return new FpFieldElement(q, r, ModReduce(ab.Subtract(xy))); + } + + public override ECFieldElement MultiplyPlusProduct(ECFieldElement b, ECFieldElement x, ECFieldElement y) + { + BigInteger ax = this.x, bx = b.ToBigInteger(), xx = x.ToBigInteger(), yx = y.ToBigInteger(); + BigInteger ab = ax.Multiply(bx); + BigInteger xy = xx.Multiply(yx); + BigInteger sum = ab.Add(xy); + if (r != null && r.SignValue < 0 && sum.BitLength > (q.BitLength << 1)) + { + sum = sum.Subtract(q.ShiftLeft(q.BitLength)); + } + return new FpFieldElement(q, r, ModReduce(sum)); + } + + public override ECFieldElement Divide( + ECFieldElement b) + { + return new FpFieldElement(q, r, ModMult(x, ModInverse(b.ToBigInteger()))); + } + + public override ECFieldElement Negate() + { + return x.SignValue == 0 ? this : new FpFieldElement(q, r, q.Subtract(x)); + } + + public override ECFieldElement Square() + { + return new FpFieldElement(q, r, ModMult(x, x)); + } + + public override ECFieldElement SquareMinusProduct(ECFieldElement x, ECFieldElement y) + { + BigInteger ax = this.x, xx = x.ToBigInteger(), yx = y.ToBigInteger(); + BigInteger aa = ax.Multiply(ax); + BigInteger xy = xx.Multiply(yx); + return new FpFieldElement(q, r, ModReduce(aa.Subtract(xy))); + } + + public override ECFieldElement SquarePlusProduct(ECFieldElement x, ECFieldElement y) + { + BigInteger ax = this.x, xx = x.ToBigInteger(), yx = y.ToBigInteger(); + BigInteger aa = ax.Multiply(ax); + BigInteger xy = xx.Multiply(yx); + BigInteger sum = aa.Add(xy); + if (r != null && r.SignValue < 0 && sum.BitLength > (q.BitLength << 1)) + { + sum = sum.Subtract(q.ShiftLeft(q.BitLength)); + } + return new FpFieldElement(q, r, ModReduce(sum)); + } + + public override ECFieldElement Invert() + { + // TODO Modular inversion can be faster for a (Generalized) Mersenne Prime. + return new FpFieldElement(q, r, ModInverse(x)); + } + + /** + * return a sqrt root - the routine verifies that the calculation + * returns the right value - if none exists it returns null. + */ + public override ECFieldElement Sqrt() + { + if (IsZero || IsOne) + return this; + + if (!q.TestBit(0)) + throw Platform.CreateNotImplementedException("even value of q"); + + if (q.TestBit(1)) // q == 4m + 3 + { + BigInteger e = q.ShiftRight(2).Add(BigInteger.One); + return CheckSqrt(new FpFieldElement(q, r, x.ModPow(e, q))); + } + + if (q.TestBit(2)) // q == 8m + 5 + { + BigInteger t1 = x.ModPow(q.ShiftRight(3), q); + BigInteger t2 = ModMult(t1, x); + BigInteger t3 = ModMult(t2, t1); + + if (t3.Equals(BigInteger.One)) + { + return CheckSqrt(new FpFieldElement(q, r, t2)); + } + + // TODO This is constant and could be precomputed + BigInteger t4 = BigInteger.Two.ModPow(q.ShiftRight(2), q); + + BigInteger y = ModMult(t2, t4); + + return CheckSqrt(new FpFieldElement(q, r, y)); + } + + // q == 8m + 1 + + BigInteger legendreExponent = q.ShiftRight(1); + if (!(x.ModPow(legendreExponent, q).Equals(BigInteger.One))) + return null; + + BigInteger X = this.x; + BigInteger fourX = ModDouble(ModDouble(X)); ; + + BigInteger k = legendreExponent.Add(BigInteger.One), qMinusOne = q.Subtract(BigInteger.One); + + BigInteger U, V; + do + { + BigInteger P; + do + { + P = BigInteger.Arbitrary(q.BitLength); + } + while (P.CompareTo(q) >= 0 + || !ModReduce(P.Multiply(P).Subtract(fourX)).ModPow(legendreExponent, q).Equals(qMinusOne)); + + BigInteger[] result = LucasSequence(P, X, k); + U = result[0]; + V = result[1]; + + if (ModMult(V, V).Equals(fourX)) + { + return new FpFieldElement(q, r, ModHalfAbs(V)); + } + } + while (U.Equals(BigInteger.One) || U.Equals(qMinusOne)); + + return null; + } + + private ECFieldElement CheckSqrt(ECFieldElement z) + { + return z.Square().Equals(this) ? z : null; + } + + private BigInteger[] LucasSequence( + BigInteger P, + BigInteger Q, + BigInteger k) + { + // TODO Research and apply "common-multiplicand multiplication here" + + int n = k.BitLength; + int s = k.GetLowestSetBit(); + + Debug.Assert(k.TestBit(s)); + + BigInteger Uh = BigInteger.One; + BigInteger Vl = BigInteger.Two; + BigInteger Vh = P; + BigInteger Ql = BigInteger.One; + BigInteger Qh = BigInteger.One; + + for (int j = n - 1; j >= s + 1; --j) + { + Ql = ModMult(Ql, Qh); + + if (k.TestBit(j)) + { + Qh = ModMult(Ql, Q); + Uh = ModMult(Uh, Vh); + Vl = ModReduce(Vh.Multiply(Vl).Subtract(P.Multiply(Ql))); + Vh = ModReduce(Vh.Multiply(Vh).Subtract(Qh.ShiftLeft(1))); + } + else + { + Qh = Ql; + Uh = ModReduce(Uh.Multiply(Vl).Subtract(Ql)); + Vh = ModReduce(Vh.Multiply(Vl).Subtract(P.Multiply(Ql))); + Vl = ModReduce(Vl.Multiply(Vl).Subtract(Ql.ShiftLeft(1))); + } + } + + Ql = ModMult(Ql, Qh); + Qh = ModMult(Ql, Q); + Uh = ModReduce(Uh.Multiply(Vl).Subtract(Ql)); + Vl = ModReduce(Vh.Multiply(Vl).Subtract(P.Multiply(Ql))); + Ql = ModMult(Ql, Qh); + + for (int j = 1; j <= s; ++j) + { + Uh = ModMult(Uh, Vl); + Vl = ModReduce(Vl.Multiply(Vl).Subtract(Ql.ShiftLeft(1))); + Ql = ModMult(Ql, Ql); + } + + return new BigInteger[] { Uh, Vl }; + } + + protected virtual BigInteger ModAdd(BigInteger x1, BigInteger x2) + { + BigInteger x3 = x1.Add(x2); + if (x3.CompareTo(q) >= 0) + { + x3 = x3.Subtract(q); + } + return x3; + } + + protected virtual BigInteger ModDouble(BigInteger x) + { + BigInteger _2x = x.ShiftLeft(1); + if (_2x.CompareTo(q) >= 0) + { + _2x = _2x.Subtract(q); + } + return _2x; + } + + protected virtual BigInteger ModHalf(BigInteger x) + { + if (x.TestBit(0)) + { + x = q.Add(x); + } + return x.ShiftRight(1); + } + + protected virtual BigInteger ModHalfAbs(BigInteger x) + { + if (x.TestBit(0)) + { + x = q.Subtract(x); + } + return x.ShiftRight(1); + } + + protected virtual BigInteger ModInverse(BigInteger x) + { + return BigIntegers.ModOddInverse(q, x); + } + + protected virtual BigInteger ModMult(BigInteger x1, BigInteger x2) + { + return ModReduce(x1.Multiply(x2)); + } + + protected virtual BigInteger ModReduce(BigInteger x) + { + if (r == null) + { + x = x.Mod(q); + } + else + { + bool negative = x.SignValue < 0; + if (negative) + { + x = x.Abs(); + } + int qLen = q.BitLength; + if (r.SignValue > 0) + { + BigInteger qMod = BigInteger.One.ShiftLeft(qLen); + bool rIsOne = r.Equals(BigInteger.One); + while (x.BitLength > (qLen + 1)) + { + BigInteger u = x.ShiftRight(qLen); + BigInteger v = x.Remainder(qMod); + if (!rIsOne) + { + u = u.Multiply(r); + } + x = u.Add(v); + } + } + else + { + int d = ((qLen - 1) & 31) + 1; + BigInteger mu = r.Negate(); + BigInteger u = mu.Multiply(x.ShiftRight(qLen - d)); + BigInteger quot = u.ShiftRight(qLen + d); + BigInteger v = quot.Multiply(q); + BigInteger bk1 = BigInteger.One.ShiftLeft(qLen + d); + v = v.Remainder(bk1); + x = x.Remainder(bk1); + x = x.Subtract(v); + if (x.SignValue < 0) + { + x = x.Add(bk1); + } + } + while (x.CompareTo(q) >= 0) + { + x = x.Subtract(q); + } + if (negative && x.SignValue != 0) + { + x = q.Subtract(x); + } + } + return x; + } + + protected virtual BigInteger ModSubtract(BigInteger x1, BigInteger x2) + { + BigInteger x3 = x1.Subtract(x2); + if (x3.SignValue < 0) + { + x3 = x3.Add(q); + } + return x3; + } + + public override bool Equals( + object obj) + { + if (obj == this) + return true; + + FpFieldElement other = obj as FpFieldElement; + + if (other == null) + return false; + + return Equals(other); + } + + public virtual bool Equals( + FpFieldElement other) + { + return q.Equals(other.q) && base.Equals(other); + } + + public override int GetHashCode() + { + return q.GetHashCode() ^ base.GetHashCode(); + } + } + + public abstract class AbstractF2mFieldElement + : ECFieldElement + { + public virtual ECFieldElement HalfTrace() + { + int m = FieldSize; + if ((m & 1) == 0) + throw new InvalidOperationException("Half-trace only defined for odd m"); + + //ECFieldElement ht = this; + //for (int i = 1; i < m; i += 2) + //{ + // ht = ht.SquarePow(2).Add(this); + //} + + int n = (m + 1) >> 1; + int k = 31 - Integers.NumberOfLeadingZeros(n); + int nk = 1; + + ECFieldElement ht = this; + while (k > 0) + { + ht = ht.SquarePow(nk << 1).Add(ht); + nk = n >> --k; + if (0 != (nk & 1)) + { + ht = ht.SquarePow(2).Add(this); + } + } + + return ht; + } + + public virtual bool HasFastTrace + { + get { return false; } + } + + public virtual int Trace() + { + int m = FieldSize; + + //ECFieldElement tr = this; + //for (int i = 1; i < m; ++i) + //{ + // tr = tr.Square().Add(this); + //} + + int k = 31 - Integers.NumberOfLeadingZeros(m); + int mk = 1; + + ECFieldElement tr = this; + while (k > 0) + { + tr = tr.SquarePow(mk).Add(tr); + mk = m >> --k; + if (0 != (mk & 1)) + { + tr = tr.Square().Add(this); + } + } + + if (tr.IsZero) + return 0; + if (tr.IsOne) + return 1; + throw new InvalidOperationException("Internal error in trace calculation"); + } + } + + /** + * Class representing the Elements of the finite field + * F2m in polynomial basis (PB) + * representation. Both trinomial (Tpb) and pentanomial (Ppb) polynomial + * basis representations are supported. Gaussian normal basis (GNB) + * representation is not supported. + */ + public class F2mFieldElement + : AbstractF2mFieldElement + { + /** + * Indicates gaussian normal basis representation (GNB). Number chosen + * according to X9.62. GNB is not implemented at present. + */ + public const int Gnb = 1; + + /** + * Indicates trinomial basis representation (Tpb). Number chosen + * according to X9.62. + */ + public const int Tpb = 2; + + /** + * Indicates pentanomial basis representation (Ppb). Number chosen + * according to X9.62. + */ + public const int Ppb = 3; + + /** + * Tpb or Ppb. + */ + private int representation; + + /** + * The exponent m of F2m. + */ + private int m; + + private int[] ks; + + /** + * The LongArray holding the bits. + */ + internal LongArray x; + + /** + * Constructor for Ppb. + * @param m The exponent m of + * F2m. + * @param k1 The integer k1 where xm + + * xk3 + xk2 + xk1 + 1 + * represents the reduction polynomial f(z). + * @param k2 The integer k2 where xm + + * xk3 + xk2 + xk1 + 1 + * represents the reduction polynomial f(z). + * @param k3 The integer k3 where xm + + * xk3 + xk2 + xk1 + 1 + * represents the reduction polynomial f(z). + * @param x The BigInteger representing the value of the field element. + */ + [Obsolete("Use ECCurve.FromBigInteger to construct field elements")] + public F2mFieldElement( + int m, + int k1, + int k2, + int k3, + BigInteger x) + { + if (x == null || x.SignValue < 0 || x.BitLength > m) + throw new ArgumentException("value invalid in F2m field element", "x"); + + if ((k2 == 0) && (k3 == 0)) + { + this.representation = Tpb; + this.ks = new int[] { k1 }; + } + else + { + if (k2 >= k3) + throw new ArgumentException("k2 must be smaller than k3"); + if (k2 <= 0) + throw new ArgumentException("k2 must be larger than 0"); + + this.representation = Ppb; + this.ks = new int[] { k1, k2, k3 }; + } + + this.m = m; + this.x = new LongArray(x); + } + + /** + * Constructor for Tpb. + * @param m The exponent m of + * F2m. + * @param k The integer k where xm + + * xk + 1 represents the reduction + * polynomial f(z). + * @param x The BigInteger representing the value of the field element. + */ + [Obsolete("Use ECCurve.FromBigInteger to construct field elements")] + public F2mFieldElement( + int m, + int k, + BigInteger x) + : this(m, k, 0, 0, x) + { + // Set k1 to k, and set k2 and k3 to 0 + } + + internal F2mFieldElement(int m, int[] ks, LongArray x) + { + this.m = m; + this.representation = (ks.Length == 1) ? Tpb : Ppb; + this.ks = ks; + this.x = x; + } + + public override int BitLength + { + get { return x.Degree(); } + } + + public override bool IsOne + { + get { return x.IsOne(); } + } + + public override bool IsZero + { + get { return x.IsZero(); } + } + + public override bool TestBitZero() + { + return x.TestBitZero(); + } + + public override BigInteger ToBigInteger() + { + return x.ToBigInteger(); + } + + public override string FieldName + { + get { return "F2m"; } + } + + public override int FieldSize + { + get { return m; } + } + + /** + * Checks, if the ECFieldElements a and b + * are elements of the same field F2m + * (having the same representation). + * @param a field element. + * @param b field element to be compared. + * @throws ArgumentException if a and b + * are not elements of the same field + * F2m (having the same + * representation). + */ + public static void CheckFieldElements( + ECFieldElement a, + ECFieldElement b) + { + if (!(a is F2mFieldElement) || !(b is F2mFieldElement)) + { + throw new ArgumentException("Field elements are not " + + "both instances of F2mFieldElement"); + } + + F2mFieldElement aF2m = (F2mFieldElement)a; + F2mFieldElement bF2m = (F2mFieldElement)b; + + if (aF2m.representation != bF2m.representation) + { + // Should never occur + throw new ArgumentException("One of the F2m field elements has incorrect representation"); + } + + if ((aF2m.m != bF2m.m) || !Arrays.AreEqual(aF2m.ks, bF2m.ks)) + { + throw new ArgumentException("Field elements are not elements of the same field F2m"); + } + } + + public override ECFieldElement Add( + ECFieldElement b) + { + // No check performed here for performance reasons. Instead the + // elements involved are checked in ECPoint.F2m + // checkFieldElements(this, b); + LongArray iarrClone = this.x.Copy(); + F2mFieldElement bF2m = (F2mFieldElement)b; + iarrClone.AddShiftedByWords(bF2m.x, 0); + return new F2mFieldElement(m, ks, iarrClone); + } + + public override ECFieldElement AddOne() + { + return new F2mFieldElement(m, ks, x.AddOne()); + } + + public override ECFieldElement Subtract( + ECFieldElement b) + { + // Addition and subtraction are the same in F2m + return Add(b); + } + + public override ECFieldElement Multiply( + ECFieldElement b) + { + // Right-to-left comb multiplication in the LongArray + // Input: Binary polynomials a(z) and b(z) of degree at most m-1 + // Output: c(z) = a(z) * b(z) mod f(z) + + // No check performed here for performance reasons. Instead the + // elements involved are checked in ECPoint.F2m + // checkFieldElements(this, b); + return new F2mFieldElement(m, ks, x.ModMultiply(((F2mFieldElement)b).x, m, ks)); + } + + public override ECFieldElement MultiplyMinusProduct(ECFieldElement b, ECFieldElement x, ECFieldElement y) + { + return MultiplyPlusProduct(b, x, y); + } + + public override ECFieldElement MultiplyPlusProduct(ECFieldElement b, ECFieldElement x, ECFieldElement y) + { + LongArray ax = this.x, bx = ((F2mFieldElement)b).x, xx = ((F2mFieldElement)x).x, yx = ((F2mFieldElement)y).x; + + LongArray ab = ax.Multiply(bx, m, ks); + LongArray xy = xx.Multiply(yx, m, ks); + + if (ab == ax || ab == bx) + { + ab = (LongArray)ab.Copy(); + } + + ab.AddShiftedByWords(xy, 0); + ab.Reduce(m, ks); + + return new F2mFieldElement(m, ks, ab); + } + + public override ECFieldElement Divide( + ECFieldElement b) + { + // There may be more efficient implementations + ECFieldElement bInv = b.Invert(); + return Multiply(bInv); + } + + public override ECFieldElement Negate() + { + // -x == x holds for all x in F2m + return this; + } + + public override ECFieldElement Square() + { + return new F2mFieldElement(m, ks, x.ModSquare(m, ks)); + } + + public override ECFieldElement SquareMinusProduct(ECFieldElement x, ECFieldElement y) + { + return SquarePlusProduct(x, y); + } + + public override ECFieldElement SquarePlusProduct(ECFieldElement x, ECFieldElement y) + { + LongArray ax = this.x, xx = ((F2mFieldElement)x).x, yx = ((F2mFieldElement)y).x; + + LongArray aa = ax.Square(m, ks); + LongArray xy = xx.Multiply(yx, m, ks); + + if (aa == ax) + { + aa = (LongArray)aa.Copy(); + } + + aa.AddShiftedByWords(xy, 0); + aa.Reduce(m, ks); + + return new F2mFieldElement(m, ks, aa); + } + + public override ECFieldElement SquarePow(int pow) + { + return pow < 1 ? this : new F2mFieldElement(m, ks, x.ModSquareN(pow, m, ks)); + } + + public override ECFieldElement Invert() + { + return new F2mFieldElement(this.m, this.ks, this.x.ModInverse(m, ks)); + } + + public override ECFieldElement Sqrt() + { + return (x.IsZero() || x.IsOne()) ? this : SquarePow(m - 1); + } + + /** + * @return the representation of the field + * F2m, either of + * {@link F2mFieldElement.Tpb} (trinomial + * basis representation) or + * {@link F2mFieldElement.Ppb} (pentanomial + * basis representation). + */ + public int Representation + { + get { return this.representation; } + } + + /** + * @return the degree m of the reduction polynomial + * f(z). + */ + public int M + { + get { return this.m; } + } + + /** + * @return Tpb: The integer k where xm + + * xk + 1 represents the reduction polynomial + * f(z).
    + * Ppb: The integer k1 where xm + + * xk3 + xk2 + xk1 + 1 + * represents the reduction polynomial f(z).
    + */ + public int K1 + { + get { return this.ks[0]; } + } + + /** + * @return Tpb: Always returns 0
    + * Ppb: The integer k2 where xm + + * xk3 + xk2 + xk1 + 1 + * represents the reduction polynomial f(z).
    + */ + public int K2 + { + get { return this.ks.Length >= 2 ? this.ks[1] : 0; } + } + + /** + * @return Tpb: Always set to 0
    + * Ppb: The integer k3 where xm + + * xk3 + xk2 + xk1 + 1 + * represents the reduction polynomial f(z).
    + */ + public int K3 + { + get { return this.ks.Length >= 3 ? this.ks[2] : 0; } + } + + public override bool Equals( + object obj) + { + if (obj == this) + return true; + + F2mFieldElement other = obj as F2mFieldElement; + + if (other == null) + return false; + + return Equals(other); + } + + public virtual bool Equals( + F2mFieldElement other) + { + return ((this.m == other.m) + && (this.representation == other.representation) + && Arrays.AreEqual(this.ks, other.ks) + && (this.x.Equals(other.x))); + } + + public override int GetHashCode() + { + return x.GetHashCode() ^ m ^ Arrays.GetHashCode(ks); + } + } +} diff --git a/BouncyCastle/crypto/src/math/ec/ECLookupTable.cs b/BouncyCastle/crypto/src/math/ec/ECLookupTable.cs new file mode 100644 index 0000000..c14087d --- /dev/null +++ b/BouncyCastle/crypto/src/math/ec/ECLookupTable.cs @@ -0,0 +1,11 @@ +using System; + +namespace Org.BouncyCastle.Math.EC +{ + public interface ECLookupTable + { + int Size { get; } + ECPoint Lookup(int index); + ECPoint LookupVar(int index); + } +} diff --git a/BouncyCastle/crypto/src/math/ec/ECPoint.cs b/BouncyCastle/crypto/src/math/ec/ECPoint.cs new file mode 100644 index 0000000..efec49c --- /dev/null +++ b/BouncyCastle/crypto/src/math/ec/ECPoint.cs @@ -0,0 +1,2178 @@ +using System; +using System.Collections; +using System.Text; + +using Org.BouncyCastle.Math.EC.Multiplier; +using Org.BouncyCastle.Security; + +namespace Org.BouncyCastle.Math.EC +{ + /** + * base class for points on elliptic curves. + */ + public abstract class ECPoint + { + private static readonly SecureRandom Random = new SecureRandom(); + + protected static ECFieldElement[] EMPTY_ZS = new ECFieldElement[0]; + + protected static ECFieldElement[] GetInitialZCoords(ECCurve curve) + { + // Cope with null curve, most commonly used by implicitlyCa + int coord = null == curve ? ECCurve.COORD_AFFINE : curve.CoordinateSystem; + + switch (coord) + { + case ECCurve.COORD_AFFINE: + case ECCurve.COORD_LAMBDA_AFFINE: + return EMPTY_ZS; + default: + break; + } + + ECFieldElement one = curve.FromBigInteger(BigInteger.One); + + switch (coord) + { + case ECCurve.COORD_HOMOGENEOUS: + case ECCurve.COORD_JACOBIAN: + case ECCurve.COORD_LAMBDA_PROJECTIVE: + return new ECFieldElement[] { one }; + case ECCurve.COORD_JACOBIAN_CHUDNOVSKY: + return new ECFieldElement[] { one, one, one }; + case ECCurve.COORD_JACOBIAN_MODIFIED: + return new ECFieldElement[] { one, curve.A }; + default: + throw new ArgumentException("unknown coordinate system"); + } + } + + protected internal readonly ECCurve m_curve; + protected internal readonly ECFieldElement m_x, m_y; + protected internal readonly ECFieldElement[] m_zs; + protected internal readonly bool m_withCompression; + + // Dictionary is (string -> PreCompInfo) + protected internal IDictionary m_preCompTable = null; + + protected ECPoint(ECCurve curve, ECFieldElement x, ECFieldElement y, bool withCompression) + : this(curve, x, y, GetInitialZCoords(curve), withCompression) + { + } + + internal ECPoint(ECCurve curve, ECFieldElement x, ECFieldElement y, ECFieldElement[] zs, bool withCompression) + { + this.m_curve = curve; + this.m_x = x; + this.m_y = y; + this.m_zs = zs; + this.m_withCompression = withCompression; + } + + protected abstract bool SatisfiesCurveEquation(); + + protected virtual bool SatisfiesOrder() + { + if (BigInteger.One.Equals(Curve.Cofactor)) + return true; + + BigInteger n = Curve.Order; + + // TODO Require order to be available for all curves + + return n == null || ECAlgorithms.ReferenceMultiply(this, n).IsInfinity; + } + + public ECPoint GetDetachedPoint() + { + return Normalize().Detach(); + } + + public virtual ECCurve Curve + { + get { return m_curve; } + } + + protected abstract ECPoint Detach(); + + protected virtual int CurveCoordinateSystem + { + get + { + // Cope with null curve, most commonly used by implicitlyCa + return null == m_curve ? ECCurve.COORD_AFFINE : m_curve.CoordinateSystem; + } + } + + /** + * Returns the affine x-coordinate after checking that this point is normalized. + * + * @return The affine x-coordinate of this point + * @throws IllegalStateException if the point is not normalized + */ + public virtual ECFieldElement AffineXCoord + { + get + { + CheckNormalized(); + return XCoord; + } + } + + /** + * Returns the affine y-coordinate after checking that this point is normalized + * + * @return The affine y-coordinate of this point + * @throws IllegalStateException if the point is not normalized + */ + public virtual ECFieldElement AffineYCoord + { + get + { + CheckNormalized(); + return YCoord; + } + } + + /** + * Returns the x-coordinate. + * + * Caution: depending on the curve's coordinate system, this may not be the same value as in an + * affine coordinate system; use Normalize() to get a point where the coordinates have their + * affine values, or use AffineXCoord if you expect the point to already have been normalized. + * + * @return the x-coordinate of this point + */ + public virtual ECFieldElement XCoord + { + get { return m_x; } + } + + /** + * Returns the y-coordinate. + * + * Caution: depending on the curve's coordinate system, this may not be the same value as in an + * affine coordinate system; use Normalize() to get a point where the coordinates have their + * affine values, or use AffineYCoord if you expect the point to already have been normalized. + * + * @return the y-coordinate of this point + */ + public virtual ECFieldElement YCoord + { + get { return m_y; } + } + + public virtual ECFieldElement GetZCoord(int index) + { + return (index < 0 || index >= m_zs.Length) ? null : m_zs[index]; + } + + public virtual ECFieldElement[] GetZCoords() + { + int zsLen = m_zs.Length; + if (zsLen == 0) + { + return m_zs; + } + ECFieldElement[] copy = new ECFieldElement[zsLen]; + Array.Copy(m_zs, 0, copy, 0, zsLen); + return copy; + } + + protected internal ECFieldElement RawXCoord + { + get { return m_x; } + } + + protected internal ECFieldElement RawYCoord + { + get { return m_y; } + } + + protected internal ECFieldElement[] RawZCoords + { + get { return m_zs; } + } + + protected virtual void CheckNormalized() + { + if (!IsNormalized()) + throw new InvalidOperationException("point not in normal form"); + } + + public virtual bool IsNormalized() + { + int coord = this.CurveCoordinateSystem; + + return coord == ECCurve.COORD_AFFINE + || coord == ECCurve.COORD_LAMBDA_AFFINE + || IsInfinity + || RawZCoords[0].IsOne; + } + + /** + * Normalization ensures that any projective coordinate is 1, and therefore that the x, y + * coordinates reflect those of the equivalent point in an affine coordinate system. + * + * @return a new ECPoint instance representing the same point, but with normalized coordinates + */ + public virtual ECPoint Normalize() + { + if (this.IsInfinity) + { + return this; + } + + switch (this.CurveCoordinateSystem) + { + case ECCurve.COORD_AFFINE: + case ECCurve.COORD_LAMBDA_AFFINE: + { + return this; + } + default: + { + ECFieldElement z = RawZCoords[0]; + if (z.IsOne) + return this; + + if (null == m_curve) + throw new InvalidOperationException("Detached points must be in affine coordinates"); + + /* + * Use blinding to avoid the side-channel leak identified and analyzed in the paper + * "Yet another GCD based inversion side-channel affecting ECC implementations" by Nir + * Drucker and Shay Gueron. + * + * To blind the calculation of z^-1, choose a multiplicative (i.e. non-zero) field + * element 'b' uniformly at random, then calculate the result instead as (z * b)^-1 * b. + * Any side-channel in the implementation of 'inverse' now only leaks information about + * the value (z * b), and no longer reveals information about 'z' itself. + */ + // TODO Add CryptoServicesRegistrar class and use here + //SecureRandom r = CryptoServicesRegistrar.GetSecureRandom(); + SecureRandom r = Random; + ECFieldElement b = m_curve.RandomFieldElementMult(r); + ECFieldElement zInv = z.Multiply(b).Invert().Multiply(b); + return Normalize(zInv); + } + } + } + + internal virtual ECPoint Normalize(ECFieldElement zInv) + { + switch (this.CurveCoordinateSystem) + { + case ECCurve.COORD_HOMOGENEOUS: + case ECCurve.COORD_LAMBDA_PROJECTIVE: + { + return CreateScaledPoint(zInv, zInv); + } + case ECCurve.COORD_JACOBIAN: + case ECCurve.COORD_JACOBIAN_CHUDNOVSKY: + case ECCurve.COORD_JACOBIAN_MODIFIED: + { + ECFieldElement zInv2 = zInv.Square(), zInv3 = zInv2.Multiply(zInv); + return CreateScaledPoint(zInv2, zInv3); + } + default: + { + throw new InvalidOperationException("not a projective coordinate system"); + } + } + } + + protected virtual ECPoint CreateScaledPoint(ECFieldElement sx, ECFieldElement sy) + { + return Curve.CreateRawPoint(RawXCoord.Multiply(sx), RawYCoord.Multiply(sy), IsCompressed); + } + + public bool IsInfinity + { + get { return m_x == null && m_y == null; } + } + + public bool IsCompressed + { + get { return m_withCompression; } + } + + public bool IsValid() + { + return ImplIsValid(false, true); + } + + internal bool IsValidPartial() + { + return ImplIsValid(false, false); + } + + internal bool ImplIsValid(bool decompressed, bool checkOrder) + { + if (IsInfinity) + return true; + + ValidityCallback callback = new ValidityCallback(this, decompressed, checkOrder); + ValidityPreCompInfo validity = (ValidityPreCompInfo)Curve.Precompute(this, ValidityPreCompInfo.PRECOMP_NAME, callback); + return !validity.HasFailed(); + } + + public virtual ECPoint ScaleX(ECFieldElement scale) + { + return IsInfinity + ? this + : Curve.CreateRawPoint(RawXCoord.Multiply(scale), RawYCoord, RawZCoords, IsCompressed); + } + + public virtual ECPoint ScaleXNegateY(ECFieldElement scale) + { + return IsInfinity + ? this + : Curve.CreateRawPoint(RawXCoord.Multiply(scale), RawYCoord.Negate(), RawZCoords, IsCompressed); + } + + public virtual ECPoint ScaleY(ECFieldElement scale) + { + return IsInfinity + ? this + : Curve.CreateRawPoint(RawXCoord, RawYCoord.Multiply(scale), RawZCoords, IsCompressed); + } + + public virtual ECPoint ScaleYNegateX(ECFieldElement scale) + { + return IsInfinity + ? this + : Curve.CreateRawPoint(RawXCoord.Negate(), RawYCoord.Multiply(scale), RawZCoords, IsCompressed); + } + + public override bool Equals(object obj) + { + return Equals(obj as ECPoint); + } + + public virtual bool Equals(ECPoint other) + { + if (this == other) + return true; + if (null == other) + return false; + + ECCurve c1 = this.Curve, c2 = other.Curve; + bool n1 = (null == c1), n2 = (null == c2); + bool i1 = IsInfinity, i2 = other.IsInfinity; + + if (i1 || i2) + { + return (i1 && i2) && (n1 || n2 || c1.Equals(c2)); + } + + ECPoint p1 = this, p2 = other; + if (n1 && n2) + { + // Points with null curve are in affine form, so already normalized + } + else if (n1) + { + p2 = p2.Normalize(); + } + else if (n2) + { + p1 = p1.Normalize(); + } + else if (!c1.Equals(c2)) + { + return false; + } + else + { + // TODO Consider just requiring already normalized, to avoid silent performance degradation + + ECPoint[] points = new ECPoint[] { this, c1.ImportPoint(p2) }; + + // TODO This is a little strong, really only requires coZNormalizeAll to get Zs equal + c1.NormalizeAll(points); + + p1 = points[0]; + p2 = points[1]; + } + + return p1.XCoord.Equals(p2.XCoord) && p1.YCoord.Equals(p2.YCoord); + } + + public override int GetHashCode() + { + ECCurve c = this.Curve; + int hc = (null == c) ? 0 : ~c.GetHashCode(); + + if (!this.IsInfinity) + { + // TODO Consider just requiring already normalized, to avoid silent performance degradation + + ECPoint p = Normalize(); + + hc ^= p.XCoord.GetHashCode() * 17; + hc ^= p.YCoord.GetHashCode() * 257; + } + + return hc; + } + + public override string ToString() + { + if (this.IsInfinity) + { + return "INF"; + } + + StringBuilder sb = new StringBuilder(); + sb.Append('('); + sb.Append(RawXCoord); + sb.Append(','); + sb.Append(RawYCoord); + for (int i = 0; i < m_zs.Length; ++i) + { + sb.Append(','); + sb.Append(m_zs[i]); + } + sb.Append(')'); + return sb.ToString(); + } + + public virtual byte[] GetEncoded() + { + return GetEncoded(m_withCompression); + } + + public abstract byte[] GetEncoded(bool compressed); + + protected internal abstract bool CompressionYTilde { get; } + + public abstract ECPoint Add(ECPoint b); + public abstract ECPoint Subtract(ECPoint b); + public abstract ECPoint Negate(); + + public virtual ECPoint TimesPow2(int e) + { + if (e < 0) + throw new ArgumentException("cannot be negative", "e"); + + ECPoint p = this; + while (--e >= 0) + { + p = p.Twice(); + } + return p; + } + + public abstract ECPoint Twice(); + public abstract ECPoint Multiply(BigInteger b); + + public virtual ECPoint TwicePlus(ECPoint b) + { + return Twice().Add(b); + } + + public virtual ECPoint ThreeTimes() + { + return TwicePlus(this); + } + + private class ValidityCallback + : IPreCompCallback + { + private readonly ECPoint m_outer; + private readonly bool m_decompressed, m_checkOrder; + + internal ValidityCallback(ECPoint outer, bool decompressed, bool checkOrder) + { + this.m_outer = outer; + this.m_decompressed = decompressed; + this.m_checkOrder = checkOrder; + } + + public PreCompInfo Precompute(PreCompInfo existing) + { + ValidityPreCompInfo info = existing as ValidityPreCompInfo; + if (info == null) + { + info = new ValidityPreCompInfo(); + } + + if (info.HasFailed()) + return info; + + if (!info.HasCurveEquationPassed()) + { + if (!m_decompressed && !m_outer.SatisfiesCurveEquation()) + { + info.ReportFailed(); + return info; + } + info.ReportCurveEquationPassed(); + } + if (m_checkOrder && !info.HasOrderPassed()) + { + if (!m_outer.SatisfiesOrder()) + { + info.ReportFailed(); + return info; + } + info.ReportOrderPassed(); + } + return info; + } + } + } + + public abstract class ECPointBase + : ECPoint + { + protected internal ECPointBase( + ECCurve curve, + ECFieldElement x, + ECFieldElement y, + bool withCompression) + : base(curve, x, y, withCompression) + { + } + + protected internal ECPointBase(ECCurve curve, ECFieldElement x, ECFieldElement y, ECFieldElement[] zs, bool withCompression) + : base(curve, x, y, zs, withCompression) + { + } + + /** + * return the field element encoded with point compression. (S 4.3.6) + */ + public override byte[] GetEncoded(bool compressed) + { + if (this.IsInfinity) + { + return new byte[1]; + } + + ECPoint normed = Normalize(); + + byte[] X = normed.XCoord.GetEncoded(); + + if (compressed) + { + byte[] PO = new byte[X.Length + 1]; + PO[0] = (byte)(normed.CompressionYTilde ? 0x03 : 0x02); + Array.Copy(X, 0, PO, 1, X.Length); + return PO; + } + + byte[] Y = normed.YCoord.GetEncoded(); + + { + byte[] PO = new byte[X.Length + Y.Length + 1]; + PO[0] = 0x04; + Array.Copy(X, 0, PO, 1, X.Length); + Array.Copy(Y, 0, PO, X.Length + 1, Y.Length); + return PO; + } + } + + /** + * Multiplies this ECPoint by the given number. + * @param k The multiplicator. + * @return k * this. + */ + public override ECPoint Multiply(BigInteger k) + { + return this.Curve.GetMultiplier().Multiply(this, k); + } + } + + public abstract class AbstractFpPoint + : ECPointBase + { + protected AbstractFpPoint(ECCurve curve, ECFieldElement x, ECFieldElement y, bool withCompression) + : base(curve, x, y, withCompression) + { + } + + protected AbstractFpPoint(ECCurve curve, ECFieldElement x, ECFieldElement y, ECFieldElement[] zs, bool withCompression) + : base(curve, x, y, zs, withCompression) + { + } + + protected internal override bool CompressionYTilde + { + get { return this.AffineYCoord.TestBitZero(); } + } + + protected override bool SatisfiesCurveEquation() + { + ECFieldElement X = this.RawXCoord, Y = this.RawYCoord, A = Curve.A, B = Curve.B; + ECFieldElement lhs = Y.Square(); + + switch (CurveCoordinateSystem) + { + case ECCurve.COORD_AFFINE: + break; + case ECCurve.COORD_HOMOGENEOUS: + { + ECFieldElement Z = this.RawZCoords[0]; + if (!Z.IsOne) + { + ECFieldElement Z2 = Z.Square(), Z3 = Z.Multiply(Z2); + lhs = lhs.Multiply(Z); + A = A.Multiply(Z2); + B = B.Multiply(Z3); + } + break; + } + case ECCurve.COORD_JACOBIAN: + case ECCurve.COORD_JACOBIAN_CHUDNOVSKY: + case ECCurve.COORD_JACOBIAN_MODIFIED: + { + ECFieldElement Z = this.RawZCoords[0]; + if (!Z.IsOne) + { + ECFieldElement Z2 = Z.Square(), Z4 = Z2.Square(), Z6 = Z2.Multiply(Z4); + A = A.Multiply(Z4); + B = B.Multiply(Z6); + } + break; + } + default: + throw new InvalidOperationException("unsupported coordinate system"); + } + + ECFieldElement rhs = X.Square().Add(A).Multiply(X).Add(B); + return lhs.Equals(rhs); + } + + public override ECPoint Subtract(ECPoint b) + { + if (b.IsInfinity) + return this; + + // Add -b + return Add(b.Negate()); + } + } + + /** + * Elliptic curve points over Fp + */ + public class FpPoint + : AbstractFpPoint + { + /** + * Create a point which encodes without point compression. + * + * @param curve the curve to use + * @param x affine x co-ordinate + * @param y affine y co-ordinate + */ + [Obsolete("Use ECCurve.CreatePoint to construct points")] + public FpPoint(ECCurve curve, ECFieldElement x, ECFieldElement y) + : this(curve, x, y, false) + { + } + + /** + * Create a point that encodes with or without point compression. + * + * @param curve the curve to use + * @param x affine x co-ordinate + * @param y affine y co-ordinate + * @param withCompression if true encode with point compression + */ + [Obsolete("Per-point compression property will be removed, see GetEncoded(bool)")] + public FpPoint(ECCurve curve, ECFieldElement x, ECFieldElement y, bool withCompression) + : base(curve, x, y, withCompression) + { + if ((x == null) != (y == null)) + throw new ArgumentException("Exactly one of the field elements is null"); + } + + internal FpPoint(ECCurve curve, ECFieldElement x, ECFieldElement y, ECFieldElement[] zs, bool withCompression) + : base(curve, x, y, zs, withCompression) + { + } + + protected override ECPoint Detach() + { + return new FpPoint(null, AffineXCoord, AffineYCoord, false); + } + + public override ECFieldElement GetZCoord(int index) + { + if (index == 1 && ECCurve.COORD_JACOBIAN_MODIFIED == this.CurveCoordinateSystem) + { + return GetJacobianModifiedW(); + } + + return base.GetZCoord(index); + } + + // B.3 pg 62 + public override ECPoint Add(ECPoint b) + { + if (this.IsInfinity) + return b; + if (b.IsInfinity) + return this; + if (this == b) + return Twice(); + + ECCurve curve = this.Curve; + int coord = curve.CoordinateSystem; + + ECFieldElement X1 = this.RawXCoord, Y1 = this.RawYCoord; + ECFieldElement X2 = b.RawXCoord, Y2 = b.RawYCoord; + + switch (coord) + { + case ECCurve.COORD_AFFINE: + { + ECFieldElement dx = X2.Subtract(X1), dy = Y2.Subtract(Y1); + + if (dx.IsZero) + { + if (dy.IsZero) + { + // this == b, i.e. this must be doubled + return Twice(); + } + + // this == -b, i.e. the result is the point at infinity + return Curve.Infinity; + } + + ECFieldElement gamma = dy.Divide(dx); + ECFieldElement X3 = gamma.Square().Subtract(X1).Subtract(X2); + ECFieldElement Y3 = gamma.Multiply(X1.Subtract(X3)).Subtract(Y1); + + return new FpPoint(Curve, X3, Y3, IsCompressed); + } + + case ECCurve.COORD_HOMOGENEOUS: + { + ECFieldElement Z1 = this.RawZCoords[0]; + ECFieldElement Z2 = b.RawZCoords[0]; + + bool Z1IsOne = Z1.IsOne; + bool Z2IsOne = Z2.IsOne; + + ECFieldElement u1 = Z1IsOne ? Y2 : Y2.Multiply(Z1); + ECFieldElement u2 = Z2IsOne ? Y1 : Y1.Multiply(Z2); + ECFieldElement u = u1.Subtract(u2); + ECFieldElement v1 = Z1IsOne ? X2 : X2.Multiply(Z1); + ECFieldElement v2 = Z2IsOne ? X1 : X1.Multiply(Z2); + ECFieldElement v = v1.Subtract(v2); + + // Check if b == this or b == -this + if (v.IsZero) + { + if (u.IsZero) + { + // this == b, i.e. this must be doubled + return this.Twice(); + } + + // this == -b, i.e. the result is the point at infinity + return curve.Infinity; + } + + // TODO Optimize for when w == 1 + ECFieldElement w = Z1IsOne ? Z2 : Z2IsOne ? Z1 : Z1.Multiply(Z2); + ECFieldElement vSquared = v.Square(); + ECFieldElement vCubed = vSquared.Multiply(v); + ECFieldElement vSquaredV2 = vSquared.Multiply(v2); + ECFieldElement A = u.Square().Multiply(w).Subtract(vCubed).Subtract(Two(vSquaredV2)); + + ECFieldElement X3 = v.Multiply(A); + ECFieldElement Y3 = vSquaredV2.Subtract(A).MultiplyMinusProduct(u, u2, vCubed); + ECFieldElement Z3 = vCubed.Multiply(w); + + return new FpPoint(curve, X3, Y3, new ECFieldElement[] { Z3 }, IsCompressed); + } + + case ECCurve.COORD_JACOBIAN: + case ECCurve.COORD_JACOBIAN_MODIFIED: + { + ECFieldElement Z1 = this.RawZCoords[0]; + ECFieldElement Z2 = b.RawZCoords[0]; + + bool Z1IsOne = Z1.IsOne; + + ECFieldElement X3, Y3, Z3, Z3Squared = null; + + if (!Z1IsOne && Z1.Equals(Z2)) + { + // TODO Make this available as public method coZAdd? + + ECFieldElement dx = X1.Subtract(X2), dy = Y1.Subtract(Y2); + if (dx.IsZero) + { + if (dy.IsZero) + { + return Twice(); + } + return curve.Infinity; + } + + ECFieldElement C = dx.Square(); + ECFieldElement W1 = X1.Multiply(C), W2 = X2.Multiply(C); + ECFieldElement A1 = W1.Subtract(W2).Multiply(Y1); + + X3 = dy.Square().Subtract(W1).Subtract(W2); + Y3 = W1.Subtract(X3).Multiply(dy).Subtract(A1); + Z3 = dx; + + if (Z1IsOne) + { + Z3Squared = C; + } + else + { + Z3 = Z3.Multiply(Z1); + } + } + else + { + ECFieldElement Z1Squared, U2, S2; + if (Z1IsOne) + { + Z1Squared = Z1; U2 = X2; S2 = Y2; + } + else + { + Z1Squared = Z1.Square(); + U2 = Z1Squared.Multiply(X2); + ECFieldElement Z1Cubed = Z1Squared.Multiply(Z1); + S2 = Z1Cubed.Multiply(Y2); + } + + bool Z2IsOne = Z2.IsOne; + ECFieldElement Z2Squared, U1, S1; + if (Z2IsOne) + { + Z2Squared = Z2; U1 = X1; S1 = Y1; + } + else + { + Z2Squared = Z2.Square(); + U1 = Z2Squared.Multiply(X1); + ECFieldElement Z2Cubed = Z2Squared.Multiply(Z2); + S1 = Z2Cubed.Multiply(Y1); + } + + ECFieldElement H = U1.Subtract(U2); + ECFieldElement R = S1.Subtract(S2); + + // Check if b == this or b == -this + if (H.IsZero) + { + if (R.IsZero) + { + // this == b, i.e. this must be doubled + return this.Twice(); + } + + // this == -b, i.e. the result is the point at infinity + return curve.Infinity; + } + + ECFieldElement HSquared = H.Square(); + ECFieldElement G = HSquared.Multiply(H); + ECFieldElement V = HSquared.Multiply(U1); + + X3 = R.Square().Add(G).Subtract(Two(V)); + Y3 = V.Subtract(X3).MultiplyMinusProduct(R, G, S1); + + Z3 = H; + if (!Z1IsOne) + { + Z3 = Z3.Multiply(Z1); + } + if (!Z2IsOne) + { + Z3 = Z3.Multiply(Z2); + } + + // Alternative calculation of Z3 using fast square + //X3 = four(X3); + //Y3 = eight(Y3); + //Z3 = doubleProductFromSquares(Z1, Z2, Z1Squared, Z2Squared).Multiply(H); + + if (Z3 == H) + { + Z3Squared = HSquared; + } + } + + ECFieldElement[] zs; + if (coord == ECCurve.COORD_JACOBIAN_MODIFIED) + { + // TODO If the result will only be used in a subsequent addition, we don't need W3 + ECFieldElement W3 = CalculateJacobianModifiedW(Z3, Z3Squared); + + zs = new ECFieldElement[] { Z3, W3 }; + } + else + { + zs = new ECFieldElement[] { Z3 }; + } + + return new FpPoint(curve, X3, Y3, zs, IsCompressed); + } + + default: + { + throw new InvalidOperationException("unsupported coordinate system"); + } + } + } + + // B.3 pg 62 + public override ECPoint Twice() + { + if (this.IsInfinity) + return this; + + ECCurve curve = this.Curve; + + ECFieldElement Y1 = this.RawYCoord; + if (Y1.IsZero) + return curve.Infinity; + + int coord = curve.CoordinateSystem; + + ECFieldElement X1 = this.RawXCoord; + + switch (coord) + { + case ECCurve.COORD_AFFINE: + { + ECFieldElement X1Squared = X1.Square(); + ECFieldElement gamma = Three(X1Squared).Add(this.Curve.A).Divide(Two(Y1)); + ECFieldElement X3 = gamma.Square().Subtract(Two(X1)); + ECFieldElement Y3 = gamma.Multiply(X1.Subtract(X3)).Subtract(Y1); + + return new FpPoint(Curve, X3, Y3, IsCompressed); + } + + case ECCurve.COORD_HOMOGENEOUS: + { + ECFieldElement Z1 = this.RawZCoords[0]; + + bool Z1IsOne = Z1.IsOne; + + // TODO Optimize for small negative a4 and -3 + ECFieldElement w = curve.A; + if (!w.IsZero && !Z1IsOne) + { + w = w.Multiply(Z1.Square()); + } + w = w.Add(Three(X1.Square())); + + ECFieldElement s = Z1IsOne ? Y1 : Y1.Multiply(Z1); + ECFieldElement t = Z1IsOne ? Y1.Square() : s.Multiply(Y1); + ECFieldElement B = X1.Multiply(t); + ECFieldElement _4B = Four(B); + ECFieldElement h = w.Square().Subtract(Two(_4B)); + + ECFieldElement _2s = Two(s); + ECFieldElement X3 = h.Multiply(_2s); + ECFieldElement _2t = Two(t); + ECFieldElement Y3 = _4B.Subtract(h).Multiply(w).Subtract(Two(_2t.Square())); + ECFieldElement _4sSquared = Z1IsOne ? Two(_2t) : _2s.Square(); + ECFieldElement Z3 = Two(_4sSquared).Multiply(s); + + return new FpPoint(curve, X3, Y3, new ECFieldElement[] { Z3 }, IsCompressed); + } + + case ECCurve.COORD_JACOBIAN: + { + ECFieldElement Z1 = this.RawZCoords[0]; + + bool Z1IsOne = Z1.IsOne; + + ECFieldElement Y1Squared = Y1.Square(); + ECFieldElement T = Y1Squared.Square(); + + ECFieldElement a4 = curve.A; + ECFieldElement a4Neg = a4.Negate(); + + ECFieldElement M, S; + if (a4Neg.ToBigInteger().Equals(BigInteger.ValueOf(3))) + { + ECFieldElement Z1Squared = Z1IsOne ? Z1 : Z1.Square(); + M = Three(X1.Add(Z1Squared).Multiply(X1.Subtract(Z1Squared))); + S = Four(Y1Squared.Multiply(X1)); + } + else + { + ECFieldElement X1Squared = X1.Square(); + M = Three(X1Squared); + if (Z1IsOne) + { + M = M.Add(a4); + } + else if (!a4.IsZero) + { + ECFieldElement Z1Squared = Z1IsOne ? Z1 : Z1.Square(); + ECFieldElement Z1Pow4 = Z1Squared.Square(); + if (a4Neg.BitLength < a4.BitLength) + { + M = M.Subtract(Z1Pow4.Multiply(a4Neg)); + } + else + { + M = M.Add(Z1Pow4.Multiply(a4)); + } + } + //S = two(doubleProductFromSquares(X1, Y1Squared, X1Squared, T)); + S = Four(X1.Multiply(Y1Squared)); + } + + ECFieldElement X3 = M.Square().Subtract(Two(S)); + ECFieldElement Y3 = S.Subtract(X3).Multiply(M).Subtract(Eight(T)); + + ECFieldElement Z3 = Two(Y1); + if (!Z1IsOne) + { + Z3 = Z3.Multiply(Z1); + } + + // Alternative calculation of Z3 using fast square + //ECFieldElement Z3 = doubleProductFromSquares(Y1, Z1, Y1Squared, Z1Squared); + + return new FpPoint(curve, X3, Y3, new ECFieldElement[] { Z3 }, IsCompressed); + } + + case ECCurve.COORD_JACOBIAN_MODIFIED: + { + return TwiceJacobianModified(true); + } + + default: + { + throw new InvalidOperationException("unsupported coordinate system"); + } + } + } + + public override ECPoint TwicePlus(ECPoint b) + { + if (this == b) + return ThreeTimes(); + if (this.IsInfinity) + return b; + if (b.IsInfinity) + return Twice(); + + ECFieldElement Y1 = this.RawYCoord; + if (Y1.IsZero) + return b; + + ECCurve curve = this.Curve; + int coord = curve.CoordinateSystem; + + switch (coord) + { + case ECCurve.COORD_AFFINE: + { + ECFieldElement X1 = this.RawXCoord; + ECFieldElement X2 = b.RawXCoord, Y2 = b.RawYCoord; + + ECFieldElement dx = X2.Subtract(X1), dy = Y2.Subtract(Y1); + + if (dx.IsZero) + { + if (dy.IsZero) + { + // this == b i.e. the result is 3P + return ThreeTimes(); + } + + // this == -b, i.e. the result is P + return this; + } + + /* + * Optimized calculation of 2P + Q, as described in "Trading Inversions for + * Multiplications in Elliptic Curve Cryptography", by Ciet, Joye, Lauter, Montgomery. + */ + + ECFieldElement X = dx.Square(), Y = dy.Square(); + ECFieldElement d = X.Multiply(Two(X1).Add(X2)).Subtract(Y); + if (d.IsZero) + { + return Curve.Infinity; + } + + ECFieldElement D = d.Multiply(dx); + ECFieldElement I = D.Invert(); + ECFieldElement L1 = d.Multiply(I).Multiply(dy); + ECFieldElement L2 = Two(Y1).Multiply(X).Multiply(dx).Multiply(I).Subtract(L1); + ECFieldElement X4 = (L2.Subtract(L1)).Multiply(L1.Add(L2)).Add(X2); + ECFieldElement Y4 = (X1.Subtract(X4)).Multiply(L2).Subtract(Y1); + + return new FpPoint(Curve, X4, Y4, IsCompressed); + } + case ECCurve.COORD_JACOBIAN_MODIFIED: + { + return TwiceJacobianModified(false).Add(b); + } + default: + { + return Twice().Add(b); + } + } + } + + public override ECPoint ThreeTimes() + { + if (this.IsInfinity) + return this; + + ECFieldElement Y1 = this.RawYCoord; + if (Y1.IsZero) + return this; + + ECCurve curve = this.Curve; + int coord = curve.CoordinateSystem; + + switch (coord) + { + case ECCurve.COORD_AFFINE: + { + ECFieldElement X1 = this.RawXCoord; + + ECFieldElement _2Y1 = Two(Y1); + ECFieldElement X = _2Y1.Square(); + ECFieldElement Z = Three(X1.Square()).Add(Curve.A); + ECFieldElement Y = Z.Square(); + + ECFieldElement d = Three(X1).Multiply(X).Subtract(Y); + if (d.IsZero) + { + return Curve.Infinity; + } + + ECFieldElement D = d.Multiply(_2Y1); + ECFieldElement I = D.Invert(); + ECFieldElement L1 = d.Multiply(I).Multiply(Z); + ECFieldElement L2 = X.Square().Multiply(I).Subtract(L1); + + ECFieldElement X4 = (L2.Subtract(L1)).Multiply(L1.Add(L2)).Add(X1); + ECFieldElement Y4 = (X1.Subtract(X4)).Multiply(L2).Subtract(Y1); + return new FpPoint(Curve, X4, Y4, IsCompressed); + } + case ECCurve.COORD_JACOBIAN_MODIFIED: + { + return TwiceJacobianModified(false).Add(this); + } + default: + { + // NOTE: Be careful about recursions between TwicePlus and ThreeTimes + return Twice().Add(this); + } + } + } + + public override ECPoint TimesPow2(int e) + { + if (e < 0) + throw new ArgumentException("cannot be negative", "e"); + if (e == 0 || this.IsInfinity) + return this; + if (e == 1) + return Twice(); + + ECCurve curve = this.Curve; + + ECFieldElement Y1 = this.RawYCoord; + if (Y1.IsZero) + return curve.Infinity; + + int coord = curve.CoordinateSystem; + + ECFieldElement W1 = curve.A; + ECFieldElement X1 = this.RawXCoord; + ECFieldElement Z1 = this.RawZCoords.Length < 1 ? curve.FromBigInteger(BigInteger.One) : this.RawZCoords[0]; + + if (!Z1.IsOne) + { + switch (coord) + { + case ECCurve.COORD_HOMOGENEOUS: + ECFieldElement Z1Sq = Z1.Square(); + X1 = X1.Multiply(Z1); + Y1 = Y1.Multiply(Z1Sq); + W1 = CalculateJacobianModifiedW(Z1, Z1Sq); + break; + case ECCurve.COORD_JACOBIAN: + W1 = CalculateJacobianModifiedW(Z1, null); + break; + case ECCurve.COORD_JACOBIAN_MODIFIED: + W1 = GetJacobianModifiedW(); + break; + } + } + + for (int i = 0; i < e; ++i) + { + if (Y1.IsZero) + return curve.Infinity; + + ECFieldElement X1Squared = X1.Square(); + ECFieldElement M = Three(X1Squared); + ECFieldElement _2Y1 = Two(Y1); + ECFieldElement _2Y1Squared = _2Y1.Multiply(Y1); + ECFieldElement S = Two(X1.Multiply(_2Y1Squared)); + ECFieldElement _4T = _2Y1Squared.Square(); + ECFieldElement _8T = Two(_4T); + + if (!W1.IsZero) + { + M = M.Add(W1); + W1 = Two(_8T.Multiply(W1)); + } + + X1 = M.Square().Subtract(Two(S)); + Y1 = M.Multiply(S.Subtract(X1)).Subtract(_8T); + Z1 = Z1.IsOne ? _2Y1 : _2Y1.Multiply(Z1); + } + + switch (coord) + { + case ECCurve.COORD_AFFINE: + ECFieldElement zInv = Z1.Invert(), zInv2 = zInv.Square(), zInv3 = zInv2.Multiply(zInv); + return new FpPoint(curve, X1.Multiply(zInv2), Y1.Multiply(zInv3), IsCompressed); + case ECCurve.COORD_HOMOGENEOUS: + X1 = X1.Multiply(Z1); + Z1 = Z1.Multiply(Z1.Square()); + return new FpPoint(curve, X1, Y1, new ECFieldElement[] { Z1 }, IsCompressed); + case ECCurve.COORD_JACOBIAN: + return new FpPoint(curve, X1, Y1, new ECFieldElement[] { Z1 }, IsCompressed); + case ECCurve.COORD_JACOBIAN_MODIFIED: + return new FpPoint(curve, X1, Y1, new ECFieldElement[] { Z1, W1 }, IsCompressed); + default: + throw new InvalidOperationException("unsupported coordinate system"); + } + } + + protected virtual ECFieldElement Two(ECFieldElement x) + { + return x.Add(x); + } + + protected virtual ECFieldElement Three(ECFieldElement x) + { + return Two(x).Add(x); + } + + protected virtual ECFieldElement Four(ECFieldElement x) + { + return Two(Two(x)); + } + + protected virtual ECFieldElement Eight(ECFieldElement x) + { + return Four(Two(x)); + } + + protected virtual ECFieldElement DoubleProductFromSquares(ECFieldElement a, ECFieldElement b, + ECFieldElement aSquared, ECFieldElement bSquared) + { + /* + * NOTE: If squaring in the field is faster than multiplication, then this is a quicker + * way to calculate 2.A.B, if A^2 and B^2 are already known. + */ + return a.Add(b).Square().Subtract(aSquared).Subtract(bSquared); + } + + public override ECPoint Negate() + { + if (IsInfinity) + return this; + + ECCurve curve = Curve; + int coord = curve.CoordinateSystem; + + if (ECCurve.COORD_AFFINE != coord) + { + return new FpPoint(curve, RawXCoord, RawYCoord.Negate(), RawZCoords, IsCompressed); + } + + return new FpPoint(curve, RawXCoord, RawYCoord.Negate(), IsCompressed); + } + + protected virtual ECFieldElement CalculateJacobianModifiedW(ECFieldElement Z, ECFieldElement ZSquared) + { + ECFieldElement a4 = this.Curve.A; + if (a4.IsZero || Z.IsOne) + return a4; + + if (ZSquared == null) + { + ZSquared = Z.Square(); + } + + ECFieldElement W = ZSquared.Square(); + ECFieldElement a4Neg = a4.Negate(); + if (a4Neg.BitLength < a4.BitLength) + { + W = W.Multiply(a4Neg).Negate(); + } + else + { + W = W.Multiply(a4); + } + return W; + } + + protected virtual ECFieldElement GetJacobianModifiedW() + { + ECFieldElement[] ZZ = this.RawZCoords; + ECFieldElement W = ZZ[1]; + if (W == null) + { + // NOTE: Rarely, TwicePlus will result in the need for a lazy W1 calculation here + ZZ[1] = W = CalculateJacobianModifiedW(ZZ[0], null); + } + return W; + } + + protected virtual FpPoint TwiceJacobianModified(bool calculateW) + { + ECFieldElement X1 = this.RawXCoord, Y1 = this.RawYCoord, Z1 = this.RawZCoords[0], W1 = GetJacobianModifiedW(); + + ECFieldElement X1Squared = X1.Square(); + ECFieldElement M = Three(X1Squared).Add(W1); + ECFieldElement _2Y1 = Two(Y1); + ECFieldElement _2Y1Squared = _2Y1.Multiply(Y1); + ECFieldElement S = Two(X1.Multiply(_2Y1Squared)); + ECFieldElement X3 = M.Square().Subtract(Two(S)); + ECFieldElement _4T = _2Y1Squared.Square(); + ECFieldElement _8T = Two(_4T); + ECFieldElement Y3 = M.Multiply(S.Subtract(X3)).Subtract(_8T); + ECFieldElement W3 = calculateW ? Two(_8T.Multiply(W1)) : null; + ECFieldElement Z3 = Z1.IsOne ? _2Y1 : _2Y1.Multiply(Z1); + + return new FpPoint(this.Curve, X3, Y3, new ECFieldElement[] { Z3, W3 }, IsCompressed); + } + } + + public abstract class AbstractF2mPoint + : ECPointBase + { + protected AbstractF2mPoint(ECCurve curve, ECFieldElement x, ECFieldElement y, bool withCompression) + : base(curve, x, y, withCompression) + { + } + + protected AbstractF2mPoint(ECCurve curve, ECFieldElement x, ECFieldElement y, ECFieldElement[] zs, bool withCompression) + : base(curve, x, y, zs, withCompression) + { + } + + protected override bool SatisfiesCurveEquation() + { + ECCurve curve = Curve; + ECFieldElement X = this.RawXCoord, Y = this.RawYCoord, A = curve.A, B = curve.B; + ECFieldElement lhs, rhs; + + int coord = curve.CoordinateSystem; + if (coord == ECCurve.COORD_LAMBDA_PROJECTIVE) + { + ECFieldElement Z = this.RawZCoords[0]; + bool ZIsOne = Z.IsOne; + + if (X.IsZero) + { + // NOTE: For x == 0, we expect the affine-y instead of the lambda-y + lhs = Y.Square(); + rhs = B; + if (!ZIsOne) + { + ECFieldElement Z2 = Z.Square(); + rhs = rhs.Multiply(Z2); + } + } + else + { + ECFieldElement L = Y, X2 = X.Square(); + if (ZIsOne) + { + lhs = L.Square().Add(L).Add(A); + rhs = X2.Square().Add(B); + } + else + { + ECFieldElement Z2 = Z.Square(), Z4 = Z2.Square(); + lhs = L.Add(Z).MultiplyPlusProduct(L, A, Z2); + // TODO If sqrt(b) is precomputed this can be simplified to a single square + rhs = X2.SquarePlusProduct(B, Z4); + } + lhs = lhs.Multiply(X2); + } + } + else + { + lhs = Y.Add(X).Multiply(Y); + + switch (coord) + { + case ECCurve.COORD_AFFINE: + break; + case ECCurve.COORD_HOMOGENEOUS: + { + ECFieldElement Z = this.RawZCoords[0]; + if (!Z.IsOne) + { + ECFieldElement Z2 = Z.Square(), Z3 = Z.Multiply(Z2); + lhs = lhs.Multiply(Z); + A = A.Multiply(Z); + B = B.Multiply(Z3); + } + break; + } + default: + throw new InvalidOperationException("unsupported coordinate system"); + } + + rhs = X.Add(A).Multiply(X.Square()).Add(B); + } + + return lhs.Equals(rhs); + } + + protected override bool SatisfiesOrder() + { + ECCurve curve = Curve; + BigInteger cofactor = curve.Cofactor; + if (BigInteger.Two.Equals(cofactor)) + { + /* + * Check that 0 == Tr(X + A); then there exists a solution to L^2 + L = X + A, and + * so a halving is possible, so this point is the double of another. + * + * Note: Tr(A) == 1 for cofactor 2 curves. + */ + ECPoint N = this.Normalize(); + ECFieldElement X = N.AffineXCoord; + return 0 != ((AbstractF2mFieldElement)X).Trace(); + } + if (BigInteger.ValueOf(4).Equals(cofactor)) + { + /* + * Solve L^2 + L = X + A to find the half of this point, if it exists (fail if not). + * + * Note: Tr(A) == 0 for cofactor 4 curves. + */ + ECPoint N = this.Normalize(); + ECFieldElement X = N.AffineXCoord; + ECFieldElement L = ((AbstractF2mCurve)curve).SolveQuadraticEquation(X.Add(curve.A)); + if (null == L) + return false; + + /* + * A solution exists, therefore 0 == Tr(X + A) == Tr(X). + */ + ECFieldElement Y = N.AffineYCoord; + ECFieldElement T = X.Multiply(L).Add(Y); + + /* + * Either T or (T + X) is the square of a half-point's x coordinate (hx). In either + * case, the half-point can be halved again when 0 == Tr(hx + A). + * + * Note: Tr(hx + A) == Tr(hx) == Tr(hx^2) == Tr(T) == Tr(T + X) + * + * Check that 0 == Tr(T); then there exists a solution to L^2 + L = hx + A, and so a + * second halving is possible and this point is four times some other. + */ + return 0 == ((AbstractF2mFieldElement)T).Trace(); + } + + return base.SatisfiesOrder(); + } + + public override ECPoint ScaleX(ECFieldElement scale) + { + if (this.IsInfinity) + return this; + + switch (CurveCoordinateSystem) + { + case ECCurve.COORD_LAMBDA_AFFINE: + { + // Y is actually Lambda (X + Y/X) here + ECFieldElement X = RawXCoord, L = RawYCoord; + + ECFieldElement X2 = X.Multiply(scale); + ECFieldElement L2 = L.Add(X).Divide(scale).Add(X2); + + return Curve.CreateRawPoint(X, L2, RawZCoords, IsCompressed); + } + case ECCurve.COORD_LAMBDA_PROJECTIVE: + { + // Y is actually Lambda (X + Y/X) here + ECFieldElement X = RawXCoord, L = RawYCoord, Z = RawZCoords[0]; + + // We scale the Z coordinate also, to avoid an inversion + ECFieldElement X2 = X.Multiply(scale.Square()); + ECFieldElement L2 = L.Add(X).Add(X2); + ECFieldElement Z2 = Z.Multiply(scale); + + return Curve.CreateRawPoint(X, L2, new ECFieldElement[] { Z2 }, IsCompressed); + } + default: + { + return base.ScaleX(scale); + } + } + } + + public override ECPoint ScaleXNegateY(ECFieldElement scale) + { + return ScaleX(scale); + } + + public override ECPoint ScaleY(ECFieldElement scale) + { + if (this.IsInfinity) + return this; + + switch (CurveCoordinateSystem) + { + case ECCurve.COORD_LAMBDA_AFFINE: + case ECCurve.COORD_LAMBDA_PROJECTIVE: + { + ECFieldElement X = RawXCoord, L = RawYCoord; + + // Y is actually Lambda (X + Y/X) here + ECFieldElement L2 = L.Add(X).Multiply(scale).Add(X); + + return Curve.CreateRawPoint(X, L2, RawZCoords, IsCompressed); + } + default: + { + return base.ScaleY(scale); + } + } + } + + public override ECPoint ScaleYNegateX(ECFieldElement scale) + { + return ScaleY(scale); + } + + public override ECPoint Subtract(ECPoint b) + { + if (b.IsInfinity) + return this; + + // Add -b + return Add(b.Negate()); + } + + public virtual AbstractF2mPoint Tau() + { + if (this.IsInfinity) + return this; + + ECCurve curve = this.Curve; + int coord = curve.CoordinateSystem; + + ECFieldElement X1 = this.RawXCoord; + + switch (coord) + { + case ECCurve.COORD_AFFINE: + case ECCurve.COORD_LAMBDA_AFFINE: + { + ECFieldElement Y1 = this.RawYCoord; + return (AbstractF2mPoint)curve.CreateRawPoint(X1.Square(), Y1.Square(), IsCompressed); + } + case ECCurve.COORD_HOMOGENEOUS: + case ECCurve.COORD_LAMBDA_PROJECTIVE: + { + ECFieldElement Y1 = this.RawYCoord, Z1 = this.RawZCoords[0]; + return (AbstractF2mPoint)curve.CreateRawPoint(X1.Square(), Y1.Square(), + new ECFieldElement[] { Z1.Square() }, IsCompressed); + } + default: + { + throw new InvalidOperationException("unsupported coordinate system"); + } + } + } + + public virtual AbstractF2mPoint TauPow(int pow) + { + if (this.IsInfinity) + return this; + + ECCurve curve = this.Curve; + int coord = curve.CoordinateSystem; + + ECFieldElement X1 = this.RawXCoord; + + switch (coord) + { + case ECCurve.COORD_AFFINE: + case ECCurve.COORD_LAMBDA_AFFINE: + { + ECFieldElement Y1 = this.RawYCoord; + return (AbstractF2mPoint)curve.CreateRawPoint(X1.SquarePow(pow), Y1.SquarePow(pow), IsCompressed); + } + case ECCurve.COORD_HOMOGENEOUS: + case ECCurve.COORD_LAMBDA_PROJECTIVE: + { + ECFieldElement Y1 = this.RawYCoord, Z1 = this.RawZCoords[0]; + return (AbstractF2mPoint)curve.CreateRawPoint(X1.SquarePow(pow), Y1.SquarePow(pow), + new ECFieldElement[] { Z1.SquarePow(pow) }, IsCompressed); + } + default: + { + throw new InvalidOperationException("unsupported coordinate system"); + } + } + } + } + + /** + * Elliptic curve points over F2m + */ + public class F2mPoint + : AbstractF2mPoint + { + /** + * @param curve base curve + * @param x x point + * @param y y point + */ + [Obsolete("Use ECCurve.CreatePoint to construct points")] + public F2mPoint( + ECCurve curve, + ECFieldElement x, + ECFieldElement y) + : this(curve, x, y, false) + { + } + + /** + * @param curve base curve + * @param x x point + * @param y y point + * @param withCompression true if encode with point compression. + */ + [Obsolete("Per-point compression property will be removed, see GetEncoded(bool)")] + public F2mPoint( + ECCurve curve, + ECFieldElement x, + ECFieldElement y, + bool withCompression) + : base(curve, x, y, withCompression) + { + if ((x == null) != (y == null)) + { + throw new ArgumentException("Exactly one of the field elements is null"); + } + + if (x != null) + { + // Check if x and y are elements of the same field + F2mFieldElement.CheckFieldElements(x, y); + + // Check if x and a are elements of the same field + if (curve != null) + { + F2mFieldElement.CheckFieldElements(x, curve.A); + } + } + } + + internal F2mPoint(ECCurve curve, ECFieldElement x, ECFieldElement y, ECFieldElement[] zs, bool withCompression) + : base(curve, x, y, zs, withCompression) + { + } + + protected override ECPoint Detach() + { + return new F2mPoint(null, AffineXCoord, AffineYCoord, false); + } + + public override ECFieldElement YCoord + { + get + { + int coord = this.CurveCoordinateSystem; + + switch (coord) + { + case ECCurve.COORD_LAMBDA_AFFINE: + case ECCurve.COORD_LAMBDA_PROJECTIVE: + { + ECFieldElement X = RawXCoord, L = RawYCoord; + + if (this.IsInfinity || X.IsZero) + return L; + + // Y is actually Lambda (X + Y/X) here; convert to affine value on the fly + ECFieldElement Y = L.Add(X).Multiply(X); + if (ECCurve.COORD_LAMBDA_PROJECTIVE == coord) + { + ECFieldElement Z = RawZCoords[0]; + if (!Z.IsOne) + { + Y = Y.Divide(Z); + } + } + return Y; + } + default: + { + return RawYCoord; + } + } + } + } + + protected internal override bool CompressionYTilde + { + get + { + ECFieldElement X = this.RawXCoord; + if (X.IsZero) + { + return false; + } + + ECFieldElement Y = this.RawYCoord; + + switch (this.CurveCoordinateSystem) + { + case ECCurve.COORD_LAMBDA_AFFINE: + case ECCurve.COORD_LAMBDA_PROJECTIVE: + { + // Y is actually Lambda (X + Y/X) here + return Y.TestBitZero() != X.TestBitZero(); + } + default: + { + return Y.Divide(X).TestBitZero(); + } + } + } + } + + public override ECPoint Add(ECPoint b) + { + if (this.IsInfinity) + return b; + if (b.IsInfinity) + return this; + + ECCurve curve = this.Curve; + int coord = curve.CoordinateSystem; + + ECFieldElement X1 = this.RawXCoord; + ECFieldElement X2 = b.RawXCoord; + + switch (coord) + { + case ECCurve.COORD_AFFINE: + { + ECFieldElement Y1 = this.RawYCoord; + ECFieldElement Y2 = b.RawYCoord; + + ECFieldElement dx = X1.Add(X2), dy = Y1.Add(Y2); + if (dx.IsZero) + { + if (dy.IsZero) + { + return Twice(); + } + + return curve.Infinity; + } + + ECFieldElement L = dy.Divide(dx); + + ECFieldElement X3 = L.Square().Add(L).Add(dx).Add(curve.A); + ECFieldElement Y3 = L.Multiply(X1.Add(X3)).Add(X3).Add(Y1); + + return new F2mPoint(curve, X3, Y3, IsCompressed); + } + case ECCurve.COORD_HOMOGENEOUS: + { + ECFieldElement Y1 = this.RawYCoord, Z1 = this.RawZCoords[0]; + ECFieldElement Y2 = b.RawYCoord, Z2 = b.RawZCoords[0]; + + bool Z1IsOne = Z1.IsOne; + ECFieldElement U1 = Y2, V1 = X2; + if (!Z1IsOne) + { + U1 = U1.Multiply(Z1); + V1 = V1.Multiply(Z1); + } + + bool Z2IsOne = Z2.IsOne; + ECFieldElement U2 = Y1, V2 = X1; + if (!Z2IsOne) + { + U2 = U2.Multiply(Z2); + V2 = V2.Multiply(Z2); + } + + ECFieldElement U = U1.Add(U2); + ECFieldElement V = V1.Add(V2); + + if (V.IsZero) + { + if (U.IsZero) + { + return Twice(); + } + + return curve.Infinity; + } + + ECFieldElement VSq = V.Square(); + ECFieldElement VCu = VSq.Multiply(V); + ECFieldElement W = Z1IsOne ? Z2 : Z2IsOne ? Z1 : Z1.Multiply(Z2); + ECFieldElement uv = U.Add(V); + ECFieldElement A = uv.MultiplyPlusProduct(U, VSq, curve.A).Multiply(W).Add(VCu); + + ECFieldElement X3 = V.Multiply(A); + ECFieldElement VSqZ2 = Z2IsOne ? VSq : VSq.Multiply(Z2); + ECFieldElement Y3 = U.MultiplyPlusProduct(X1, V, Y1).MultiplyPlusProduct(VSqZ2, uv, A); + ECFieldElement Z3 = VCu.Multiply(W); + + return new F2mPoint(curve, X3, Y3, new ECFieldElement[] { Z3 }, IsCompressed); + } + case ECCurve.COORD_LAMBDA_PROJECTIVE: + { + if (X1.IsZero) + { + if (X2.IsZero) + return curve.Infinity; + + return b.Add(this); + } + + ECFieldElement L1 = this.RawYCoord, Z1 = this.RawZCoords[0]; + ECFieldElement L2 = b.RawYCoord, Z2 = b.RawZCoords[0]; + + bool Z1IsOne = Z1.IsOne; + ECFieldElement U2 = X2, S2 = L2; + if (!Z1IsOne) + { + U2 = U2.Multiply(Z1); + S2 = S2.Multiply(Z1); + } + + bool Z2IsOne = Z2.IsOne; + ECFieldElement U1 = X1, S1 = L1; + if (!Z2IsOne) + { + U1 = U1.Multiply(Z2); + S1 = S1.Multiply(Z2); + } + + ECFieldElement A = S1.Add(S2); + ECFieldElement B = U1.Add(U2); + + if (B.IsZero) + { + if (A.IsZero) + { + return Twice(); + } + + return curve.Infinity; + } + + ECFieldElement X3, L3, Z3; + if (X2.IsZero) + { + // TODO This can probably be optimized quite a bit + ECPoint p = this.Normalize(); + X1 = p.RawXCoord; + ECFieldElement Y1 = p.YCoord; + + ECFieldElement Y2 = L2; + ECFieldElement L = Y1.Add(Y2).Divide(X1); + + X3 = L.Square().Add(L).Add(X1).Add(curve.A); + if (X3.IsZero) + { + return new F2mPoint(curve, X3, curve.B.Sqrt(), IsCompressed); + } + + ECFieldElement Y3 = L.Multiply(X1.Add(X3)).Add(X3).Add(Y1); + L3 = Y3.Divide(X3).Add(X3); + Z3 = curve.FromBigInteger(BigInteger.One); + } + else + { + B = B.Square(); + + ECFieldElement AU1 = A.Multiply(U1); + ECFieldElement AU2 = A.Multiply(U2); + + X3 = AU1.Multiply(AU2); + if (X3.IsZero) + { + return new F2mPoint(curve, X3, curve.B.Sqrt(), IsCompressed); + } + + ECFieldElement ABZ2 = A.Multiply(B); + if (!Z2IsOne) + { + ABZ2 = ABZ2.Multiply(Z2); + } + + L3 = AU2.Add(B).SquarePlusProduct(ABZ2, L1.Add(Z1)); + + Z3 = ABZ2; + if (!Z1IsOne) + { + Z3 = Z3.Multiply(Z1); + } + } + + return new F2mPoint(curve, X3, L3, new ECFieldElement[] { Z3 }, IsCompressed); + } + default: + { + throw new InvalidOperationException("unsupported coordinate system"); + } + } + } + + /* (non-Javadoc) + * @see Org.BouncyCastle.Math.EC.ECPoint#twice() + */ + public override ECPoint Twice() + { + if (this.IsInfinity) + return this; + + ECCurve curve = this.Curve; + + ECFieldElement X1 = this.RawXCoord; + if (X1.IsZero) + { + // A point with X == 0 is its own additive inverse + return curve.Infinity; + } + + int coord = curve.CoordinateSystem; + + switch (coord) + { + case ECCurve.COORD_AFFINE: + { + ECFieldElement Y1 = this.RawYCoord; + + ECFieldElement L1 = Y1.Divide(X1).Add(X1); + + ECFieldElement X3 = L1.Square().Add(L1).Add(curve.A); + ECFieldElement Y3 = X1.SquarePlusProduct(X3, L1.AddOne()); + + return new F2mPoint(curve, X3, Y3, IsCompressed); + } + case ECCurve.COORD_HOMOGENEOUS: + { + ECFieldElement Y1 = this.RawYCoord, Z1 = this.RawZCoords[0]; + + bool Z1IsOne = Z1.IsOne; + ECFieldElement X1Z1 = Z1IsOne ? X1 : X1.Multiply(Z1); + ECFieldElement Y1Z1 = Z1IsOne ? Y1 : Y1.Multiply(Z1); + + ECFieldElement X1Sq = X1.Square(); + ECFieldElement S = X1Sq.Add(Y1Z1); + ECFieldElement V = X1Z1; + ECFieldElement vSquared = V.Square(); + ECFieldElement sv = S.Add(V); + ECFieldElement h = sv.MultiplyPlusProduct(S, vSquared, curve.A); + + ECFieldElement X3 = V.Multiply(h); + ECFieldElement Y3 = X1Sq.Square().MultiplyPlusProduct(V, h, sv); + ECFieldElement Z3 = V.Multiply(vSquared); + + return new F2mPoint(curve, X3, Y3, new ECFieldElement[] { Z3 }, IsCompressed); + } + case ECCurve.COORD_LAMBDA_PROJECTIVE: + { + ECFieldElement L1 = this.RawYCoord, Z1 = this.RawZCoords[0]; + + bool Z1IsOne = Z1.IsOne; + ECFieldElement L1Z1 = Z1IsOne ? L1 : L1.Multiply(Z1); + ECFieldElement Z1Sq = Z1IsOne ? Z1 : Z1.Square(); + ECFieldElement a = curve.A; + ECFieldElement aZ1Sq = Z1IsOne ? a : a.Multiply(Z1Sq); + ECFieldElement T = L1.Square().Add(L1Z1).Add(aZ1Sq); + if (T.IsZero) + { + return new F2mPoint(curve, T, curve.B.Sqrt(), IsCompressed); + } + + ECFieldElement X3 = T.Square(); + ECFieldElement Z3 = Z1IsOne ? T : T.Multiply(Z1Sq); + + ECFieldElement b = curve.B; + ECFieldElement L3; + if (b.BitLength < (curve.FieldSize >> 1)) + { + ECFieldElement t1 = L1.Add(X1).Square(); + ECFieldElement t2; + if (b.IsOne) + { + t2 = aZ1Sq.Add(Z1Sq).Square(); + } + else + { + // TODO Can be calculated with one square if we pre-compute sqrt(b) + t2 = aZ1Sq.SquarePlusProduct(b, Z1Sq.Square()); + } + L3 = t1.Add(T).Add(Z1Sq).Multiply(t1).Add(t2).Add(X3); + if (a.IsZero) + { + L3 = L3.Add(Z3); + } + else if (!a.IsOne) + { + L3 = L3.Add(a.AddOne().Multiply(Z3)); + } + } + else + { + ECFieldElement X1Z1 = Z1IsOne ? X1 : X1.Multiply(Z1); + L3 = X1Z1.SquarePlusProduct(T, L1Z1).Add(X3).Add(Z3); + } + + return new F2mPoint(curve, X3, L3, new ECFieldElement[] { Z3 }, IsCompressed); + } + default: + { + throw new InvalidOperationException("unsupported coordinate system"); + } + } + } + + public override ECPoint TwicePlus(ECPoint b) + { + if (this.IsInfinity) + return b; + if (b.IsInfinity) + return Twice(); + + ECCurve curve = this.Curve; + + ECFieldElement X1 = this.RawXCoord; + if (X1.IsZero) + { + // A point with X == 0 is its own additive inverse + return b; + } + + int coord = curve.CoordinateSystem; + + switch (coord) + { + case ECCurve.COORD_LAMBDA_PROJECTIVE: + { + // NOTE: twicePlus() only optimized for lambda-affine argument + ECFieldElement X2 = b.RawXCoord, Z2 = b.RawZCoords[0]; + if (X2.IsZero || !Z2.IsOne) + { + return Twice().Add(b); + } + + ECFieldElement L1 = this.RawYCoord, Z1 = this.RawZCoords[0]; + ECFieldElement L2 = b.RawYCoord; + + ECFieldElement X1Sq = X1.Square(); + ECFieldElement L1Sq = L1.Square(); + ECFieldElement Z1Sq = Z1.Square(); + ECFieldElement L1Z1 = L1.Multiply(Z1); + + ECFieldElement T = curve.A.Multiply(Z1Sq).Add(L1Sq).Add(L1Z1); + ECFieldElement L2plus1 = L2.AddOne(); + ECFieldElement A = curve.A.Add(L2plus1).Multiply(Z1Sq).Add(L1Sq).MultiplyPlusProduct(T, X1Sq, Z1Sq); + ECFieldElement X2Z1Sq = X2.Multiply(Z1Sq); + ECFieldElement B = X2Z1Sq.Add(T).Square(); + + if (B.IsZero) + { + if (A.IsZero) + { + return b.Twice(); + } + + return curve.Infinity; + } + + if (A.IsZero) + { + return new F2mPoint(curve, A, curve.B.Sqrt(), IsCompressed); + } + + ECFieldElement X3 = A.Square().Multiply(X2Z1Sq); + ECFieldElement Z3 = A.Multiply(B).Multiply(Z1Sq); + ECFieldElement L3 = A.Add(B).Square().MultiplyPlusProduct(T, L2plus1, Z3); + + return new F2mPoint(curve, X3, L3, new ECFieldElement[] { Z3 }, IsCompressed); + } + default: + { + return Twice().Add(b); + } + } + } + + public override ECPoint Negate() + { + if (this.IsInfinity) + return this; + + ECFieldElement X = this.RawXCoord; + if (X.IsZero) + return this; + + ECCurve curve = this.Curve; + int coord = curve.CoordinateSystem; + + switch (coord) + { + case ECCurve.COORD_AFFINE: + { + ECFieldElement Y = this.RawYCoord; + return new F2mPoint(curve, X, Y.Add(X), IsCompressed); + } + case ECCurve.COORD_HOMOGENEOUS: + { + ECFieldElement Y = this.RawYCoord, Z = this.RawZCoords[0]; + return new F2mPoint(curve, X, Y.Add(X), new ECFieldElement[] { Z }, IsCompressed); + } + case ECCurve.COORD_LAMBDA_AFFINE: + { + ECFieldElement L = this.RawYCoord; + return new F2mPoint(curve, X, L.AddOne(), IsCompressed); + } + case ECCurve.COORD_LAMBDA_PROJECTIVE: + { + // L is actually Lambda (X + Y/X) here + ECFieldElement L = this.RawYCoord, Z = this.RawZCoords[0]; + return new F2mPoint(curve, X, L.Add(Z), new ECFieldElement[] { Z }, IsCompressed); + } + default: + { + throw new InvalidOperationException("unsupported coordinate system"); + } + } + } + } +} diff --git a/BouncyCastle/crypto/src/math/ec/ECPointMap.cs b/BouncyCastle/crypto/src/math/ec/ECPointMap.cs new file mode 100644 index 0000000..e78c800 --- /dev/null +++ b/BouncyCastle/crypto/src/math/ec/ECPointMap.cs @@ -0,0 +1,9 @@ +using System; + +namespace Org.BouncyCastle.Math.EC +{ + public interface ECPointMap + { + ECPoint Map(ECPoint p); + } +} diff --git a/BouncyCastle/crypto/src/math/ec/LongArray.cs b/BouncyCastle/crypto/src/math/ec/LongArray.cs new file mode 100644 index 0000000..a6b834f --- /dev/null +++ b/BouncyCastle/crypto/src/math/ec/LongArray.cs @@ -0,0 +1,2206 @@ +using System; +using System.Text; + +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Math.EC +{ + internal class LongArray + { + //private static long DEInterleave_MASK = 0x5555555555555555L; + + /* + * This expands 8 bit indices into 16 bit contents (high bit 14), by inserting 0s between bits. + * In a binary field, this operation is the same as squaring an 8 bit number. + */ + private static readonly ushort[] INTERLEAVE2_TABLE = new ushort[] + { + 0x0000, 0x0001, 0x0004, 0x0005, 0x0010, 0x0011, 0x0014, 0x0015, + 0x0040, 0x0041, 0x0044, 0x0045, 0x0050, 0x0051, 0x0054, 0x0055, + 0x0100, 0x0101, 0x0104, 0x0105, 0x0110, 0x0111, 0x0114, 0x0115, + 0x0140, 0x0141, 0x0144, 0x0145, 0x0150, 0x0151, 0x0154, 0x0155, + 0x0400, 0x0401, 0x0404, 0x0405, 0x0410, 0x0411, 0x0414, 0x0415, + 0x0440, 0x0441, 0x0444, 0x0445, 0x0450, 0x0451, 0x0454, 0x0455, + 0x0500, 0x0501, 0x0504, 0x0505, 0x0510, 0x0511, 0x0514, 0x0515, + 0x0540, 0x0541, 0x0544, 0x0545, 0x0550, 0x0551, 0x0554, 0x0555, + 0x1000, 0x1001, 0x1004, 0x1005, 0x1010, 0x1011, 0x1014, 0x1015, + 0x1040, 0x1041, 0x1044, 0x1045, 0x1050, 0x1051, 0x1054, 0x1055, + 0x1100, 0x1101, 0x1104, 0x1105, 0x1110, 0x1111, 0x1114, 0x1115, + 0x1140, 0x1141, 0x1144, 0x1145, 0x1150, 0x1151, 0x1154, 0x1155, + 0x1400, 0x1401, 0x1404, 0x1405, 0x1410, 0x1411, 0x1414, 0x1415, + 0x1440, 0x1441, 0x1444, 0x1445, 0x1450, 0x1451, 0x1454, 0x1455, + 0x1500, 0x1501, 0x1504, 0x1505, 0x1510, 0x1511, 0x1514, 0x1515, + 0x1540, 0x1541, 0x1544, 0x1545, 0x1550, 0x1551, 0x1554, 0x1555, + 0x4000, 0x4001, 0x4004, 0x4005, 0x4010, 0x4011, 0x4014, 0x4015, + 0x4040, 0x4041, 0x4044, 0x4045, 0x4050, 0x4051, 0x4054, 0x4055, + 0x4100, 0x4101, 0x4104, 0x4105, 0x4110, 0x4111, 0x4114, 0x4115, + 0x4140, 0x4141, 0x4144, 0x4145, 0x4150, 0x4151, 0x4154, 0x4155, + 0x4400, 0x4401, 0x4404, 0x4405, 0x4410, 0x4411, 0x4414, 0x4415, + 0x4440, 0x4441, 0x4444, 0x4445, 0x4450, 0x4451, 0x4454, 0x4455, + 0x4500, 0x4501, 0x4504, 0x4505, 0x4510, 0x4511, 0x4514, 0x4515, + 0x4540, 0x4541, 0x4544, 0x4545, 0x4550, 0x4551, 0x4554, 0x4555, + 0x5000, 0x5001, 0x5004, 0x5005, 0x5010, 0x5011, 0x5014, 0x5015, + 0x5040, 0x5041, 0x5044, 0x5045, 0x5050, 0x5051, 0x5054, 0x5055, + 0x5100, 0x5101, 0x5104, 0x5105, 0x5110, 0x5111, 0x5114, 0x5115, + 0x5140, 0x5141, 0x5144, 0x5145, 0x5150, 0x5151, 0x5154, 0x5155, + 0x5400, 0x5401, 0x5404, 0x5405, 0x5410, 0x5411, 0x5414, 0x5415, + 0x5440, 0x5441, 0x5444, 0x5445, 0x5450, 0x5451, 0x5454, 0x5455, + 0x5500, 0x5501, 0x5504, 0x5505, 0x5510, 0x5511, 0x5514, 0x5515, + 0x5540, 0x5541, 0x5544, 0x5545, 0x5550, 0x5551, 0x5554, 0x5555 + }; + + /* + * This expands 7 bit indices into 21 bit contents (high bit 18), by inserting 0s between bits. + */ + private static readonly int[] INTERLEAVE3_TABLE = new int[] + { + 0x00000, 0x00001, 0x00008, 0x00009, 0x00040, 0x00041, 0x00048, 0x00049, + 0x00200, 0x00201, 0x00208, 0x00209, 0x00240, 0x00241, 0x00248, 0x00249, + 0x01000, 0x01001, 0x01008, 0x01009, 0x01040, 0x01041, 0x01048, 0x01049, + 0x01200, 0x01201, 0x01208, 0x01209, 0x01240, 0x01241, 0x01248, 0x01249, + 0x08000, 0x08001, 0x08008, 0x08009, 0x08040, 0x08041, 0x08048, 0x08049, + 0x08200, 0x08201, 0x08208, 0x08209, 0x08240, 0x08241, 0x08248, 0x08249, + 0x09000, 0x09001, 0x09008, 0x09009, 0x09040, 0x09041, 0x09048, 0x09049, + 0x09200, 0x09201, 0x09208, 0x09209, 0x09240, 0x09241, 0x09248, 0x09249, + 0x40000, 0x40001, 0x40008, 0x40009, 0x40040, 0x40041, 0x40048, 0x40049, + 0x40200, 0x40201, 0x40208, 0x40209, 0x40240, 0x40241, 0x40248, 0x40249, + 0x41000, 0x41001, 0x41008, 0x41009, 0x41040, 0x41041, 0x41048, 0x41049, + 0x41200, 0x41201, 0x41208, 0x41209, 0x41240, 0x41241, 0x41248, 0x41249, + 0x48000, 0x48001, 0x48008, 0x48009, 0x48040, 0x48041, 0x48048, 0x48049, + 0x48200, 0x48201, 0x48208, 0x48209, 0x48240, 0x48241, 0x48248, 0x48249, + 0x49000, 0x49001, 0x49008, 0x49009, 0x49040, 0x49041, 0x49048, 0x49049, + 0x49200, 0x49201, 0x49208, 0x49209, 0x49240, 0x49241, 0x49248, 0x49249 + }; + + /* + * This expands 8 bit indices into 32 bit contents (high bit 28), by inserting 0s between bits. + */ + private static readonly int[] INTERLEAVE4_TABLE = new int[] + { + 0x00000000, 0x00000001, 0x00000010, 0x00000011, 0x00000100, 0x00000101, 0x00000110, 0x00000111, + 0x00001000, 0x00001001, 0x00001010, 0x00001011, 0x00001100, 0x00001101, 0x00001110, 0x00001111, + 0x00010000, 0x00010001, 0x00010010, 0x00010011, 0x00010100, 0x00010101, 0x00010110, 0x00010111, + 0x00011000, 0x00011001, 0x00011010, 0x00011011, 0x00011100, 0x00011101, 0x00011110, 0x00011111, + 0x00100000, 0x00100001, 0x00100010, 0x00100011, 0x00100100, 0x00100101, 0x00100110, 0x00100111, + 0x00101000, 0x00101001, 0x00101010, 0x00101011, 0x00101100, 0x00101101, 0x00101110, 0x00101111, + 0x00110000, 0x00110001, 0x00110010, 0x00110011, 0x00110100, 0x00110101, 0x00110110, 0x00110111, + 0x00111000, 0x00111001, 0x00111010, 0x00111011, 0x00111100, 0x00111101, 0x00111110, 0x00111111, + 0x01000000, 0x01000001, 0x01000010, 0x01000011, 0x01000100, 0x01000101, 0x01000110, 0x01000111, + 0x01001000, 0x01001001, 0x01001010, 0x01001011, 0x01001100, 0x01001101, 0x01001110, 0x01001111, + 0x01010000, 0x01010001, 0x01010010, 0x01010011, 0x01010100, 0x01010101, 0x01010110, 0x01010111, + 0x01011000, 0x01011001, 0x01011010, 0x01011011, 0x01011100, 0x01011101, 0x01011110, 0x01011111, + 0x01100000, 0x01100001, 0x01100010, 0x01100011, 0x01100100, 0x01100101, 0x01100110, 0x01100111, + 0x01101000, 0x01101001, 0x01101010, 0x01101011, 0x01101100, 0x01101101, 0x01101110, 0x01101111, + 0x01110000, 0x01110001, 0x01110010, 0x01110011, 0x01110100, 0x01110101, 0x01110110, 0x01110111, + 0x01111000, 0x01111001, 0x01111010, 0x01111011, 0x01111100, 0x01111101, 0x01111110, 0x01111111, + 0x10000000, 0x10000001, 0x10000010, 0x10000011, 0x10000100, 0x10000101, 0x10000110, 0x10000111, + 0x10001000, 0x10001001, 0x10001010, 0x10001011, 0x10001100, 0x10001101, 0x10001110, 0x10001111, + 0x10010000, 0x10010001, 0x10010010, 0x10010011, 0x10010100, 0x10010101, 0x10010110, 0x10010111, + 0x10011000, 0x10011001, 0x10011010, 0x10011011, 0x10011100, 0x10011101, 0x10011110, 0x10011111, + 0x10100000, 0x10100001, 0x10100010, 0x10100011, 0x10100100, 0x10100101, 0x10100110, 0x10100111, + 0x10101000, 0x10101001, 0x10101010, 0x10101011, 0x10101100, 0x10101101, 0x10101110, 0x10101111, + 0x10110000, 0x10110001, 0x10110010, 0x10110011, 0x10110100, 0x10110101, 0x10110110, 0x10110111, + 0x10111000, 0x10111001, 0x10111010, 0x10111011, 0x10111100, 0x10111101, 0x10111110, 0x10111111, + 0x11000000, 0x11000001, 0x11000010, 0x11000011, 0x11000100, 0x11000101, 0x11000110, 0x11000111, + 0x11001000, 0x11001001, 0x11001010, 0x11001011, 0x11001100, 0x11001101, 0x11001110, 0x11001111, + 0x11010000, 0x11010001, 0x11010010, 0x11010011, 0x11010100, 0x11010101, 0x11010110, 0x11010111, + 0x11011000, 0x11011001, 0x11011010, 0x11011011, 0x11011100, 0x11011101, 0x11011110, 0x11011111, + 0x11100000, 0x11100001, 0x11100010, 0x11100011, 0x11100100, 0x11100101, 0x11100110, 0x11100111, + 0x11101000, 0x11101001, 0x11101010, 0x11101011, 0x11101100, 0x11101101, 0x11101110, 0x11101111, + 0x11110000, 0x11110001, 0x11110010, 0x11110011, 0x11110100, 0x11110101, 0x11110110, 0x11110111, + 0x11111000, 0x11111001, 0x11111010, 0x11111011, 0x11111100, 0x11111101, 0x11111110, 0x11111111 + }; + + /* + * This expands 7 bit indices into 35 bit contents (high bit 30), by inserting 0s between bits. + */ + private static readonly int[] INTERLEAVE5_TABLE = new int[] { + 0x00000000, 0x00000001, 0x00000020, 0x00000021, 0x00000400, 0x00000401, 0x00000420, 0x00000421, + 0x00008000, 0x00008001, 0x00008020, 0x00008021, 0x00008400, 0x00008401, 0x00008420, 0x00008421, + 0x00100000, 0x00100001, 0x00100020, 0x00100021, 0x00100400, 0x00100401, 0x00100420, 0x00100421, + 0x00108000, 0x00108001, 0x00108020, 0x00108021, 0x00108400, 0x00108401, 0x00108420, 0x00108421, + 0x02000000, 0x02000001, 0x02000020, 0x02000021, 0x02000400, 0x02000401, 0x02000420, 0x02000421, + 0x02008000, 0x02008001, 0x02008020, 0x02008021, 0x02008400, 0x02008401, 0x02008420, 0x02008421, + 0x02100000, 0x02100001, 0x02100020, 0x02100021, 0x02100400, 0x02100401, 0x02100420, 0x02100421, + 0x02108000, 0x02108001, 0x02108020, 0x02108021, 0x02108400, 0x02108401, 0x02108420, 0x02108421, + 0x40000000, 0x40000001, 0x40000020, 0x40000021, 0x40000400, 0x40000401, 0x40000420, 0x40000421, + 0x40008000, 0x40008001, 0x40008020, 0x40008021, 0x40008400, 0x40008401, 0x40008420, 0x40008421, + 0x40100000, 0x40100001, 0x40100020, 0x40100021, 0x40100400, 0x40100401, 0x40100420, 0x40100421, + 0x40108000, 0x40108001, 0x40108020, 0x40108021, 0x40108400, 0x40108401, 0x40108420, 0x40108421, + 0x42000000, 0x42000001, 0x42000020, 0x42000021, 0x42000400, 0x42000401, 0x42000420, 0x42000421, + 0x42008000, 0x42008001, 0x42008020, 0x42008021, 0x42008400, 0x42008401, 0x42008420, 0x42008421, + 0x42100000, 0x42100001, 0x42100020, 0x42100021, 0x42100400, 0x42100401, 0x42100420, 0x42100421, + 0x42108000, 0x42108001, 0x42108020, 0x42108021, 0x42108400, 0x42108401, 0x42108420, 0x42108421 + }; + + /* + * This expands 9 bit indices into 63 bit (long) contents (high bit 56), by inserting 0s between bits. + */ + private static readonly long[] INTERLEAVE7_TABLE = new long[] + { + 0x0000000000000000L, 0x0000000000000001L, 0x0000000000000080L, 0x0000000000000081L, + 0x0000000000004000L, 0x0000000000004001L, 0x0000000000004080L, 0x0000000000004081L, + 0x0000000000200000L, 0x0000000000200001L, 0x0000000000200080L, 0x0000000000200081L, + 0x0000000000204000L, 0x0000000000204001L, 0x0000000000204080L, 0x0000000000204081L, + 0x0000000010000000L, 0x0000000010000001L, 0x0000000010000080L, 0x0000000010000081L, + 0x0000000010004000L, 0x0000000010004001L, 0x0000000010004080L, 0x0000000010004081L, + 0x0000000010200000L, 0x0000000010200001L, 0x0000000010200080L, 0x0000000010200081L, + 0x0000000010204000L, 0x0000000010204001L, 0x0000000010204080L, 0x0000000010204081L, + 0x0000000800000000L, 0x0000000800000001L, 0x0000000800000080L, 0x0000000800000081L, + 0x0000000800004000L, 0x0000000800004001L, 0x0000000800004080L, 0x0000000800004081L, + 0x0000000800200000L, 0x0000000800200001L, 0x0000000800200080L, 0x0000000800200081L, + 0x0000000800204000L, 0x0000000800204001L, 0x0000000800204080L, 0x0000000800204081L, + 0x0000000810000000L, 0x0000000810000001L, 0x0000000810000080L, 0x0000000810000081L, + 0x0000000810004000L, 0x0000000810004001L, 0x0000000810004080L, 0x0000000810004081L, + 0x0000000810200000L, 0x0000000810200001L, 0x0000000810200080L, 0x0000000810200081L, + 0x0000000810204000L, 0x0000000810204001L, 0x0000000810204080L, 0x0000000810204081L, + 0x0000040000000000L, 0x0000040000000001L, 0x0000040000000080L, 0x0000040000000081L, + 0x0000040000004000L, 0x0000040000004001L, 0x0000040000004080L, 0x0000040000004081L, + 0x0000040000200000L, 0x0000040000200001L, 0x0000040000200080L, 0x0000040000200081L, + 0x0000040000204000L, 0x0000040000204001L, 0x0000040000204080L, 0x0000040000204081L, + 0x0000040010000000L, 0x0000040010000001L, 0x0000040010000080L, 0x0000040010000081L, + 0x0000040010004000L, 0x0000040010004001L, 0x0000040010004080L, 0x0000040010004081L, + 0x0000040010200000L, 0x0000040010200001L, 0x0000040010200080L, 0x0000040010200081L, + 0x0000040010204000L, 0x0000040010204001L, 0x0000040010204080L, 0x0000040010204081L, + 0x0000040800000000L, 0x0000040800000001L, 0x0000040800000080L, 0x0000040800000081L, + 0x0000040800004000L, 0x0000040800004001L, 0x0000040800004080L, 0x0000040800004081L, + 0x0000040800200000L, 0x0000040800200001L, 0x0000040800200080L, 0x0000040800200081L, + 0x0000040800204000L, 0x0000040800204001L, 0x0000040800204080L, 0x0000040800204081L, + 0x0000040810000000L, 0x0000040810000001L, 0x0000040810000080L, 0x0000040810000081L, + 0x0000040810004000L, 0x0000040810004001L, 0x0000040810004080L, 0x0000040810004081L, + 0x0000040810200000L, 0x0000040810200001L, 0x0000040810200080L, 0x0000040810200081L, + 0x0000040810204000L, 0x0000040810204001L, 0x0000040810204080L, 0x0000040810204081L, + 0x0002000000000000L, 0x0002000000000001L, 0x0002000000000080L, 0x0002000000000081L, + 0x0002000000004000L, 0x0002000000004001L, 0x0002000000004080L, 0x0002000000004081L, + 0x0002000000200000L, 0x0002000000200001L, 0x0002000000200080L, 0x0002000000200081L, + 0x0002000000204000L, 0x0002000000204001L, 0x0002000000204080L, 0x0002000000204081L, + 0x0002000010000000L, 0x0002000010000001L, 0x0002000010000080L, 0x0002000010000081L, + 0x0002000010004000L, 0x0002000010004001L, 0x0002000010004080L, 0x0002000010004081L, + 0x0002000010200000L, 0x0002000010200001L, 0x0002000010200080L, 0x0002000010200081L, + 0x0002000010204000L, 0x0002000010204001L, 0x0002000010204080L, 0x0002000010204081L, + 0x0002000800000000L, 0x0002000800000001L, 0x0002000800000080L, 0x0002000800000081L, + 0x0002000800004000L, 0x0002000800004001L, 0x0002000800004080L, 0x0002000800004081L, + 0x0002000800200000L, 0x0002000800200001L, 0x0002000800200080L, 0x0002000800200081L, + 0x0002000800204000L, 0x0002000800204001L, 0x0002000800204080L, 0x0002000800204081L, + 0x0002000810000000L, 0x0002000810000001L, 0x0002000810000080L, 0x0002000810000081L, + 0x0002000810004000L, 0x0002000810004001L, 0x0002000810004080L, 0x0002000810004081L, + 0x0002000810200000L, 0x0002000810200001L, 0x0002000810200080L, 0x0002000810200081L, + 0x0002000810204000L, 0x0002000810204001L, 0x0002000810204080L, 0x0002000810204081L, + 0x0002040000000000L, 0x0002040000000001L, 0x0002040000000080L, 0x0002040000000081L, + 0x0002040000004000L, 0x0002040000004001L, 0x0002040000004080L, 0x0002040000004081L, + 0x0002040000200000L, 0x0002040000200001L, 0x0002040000200080L, 0x0002040000200081L, + 0x0002040000204000L, 0x0002040000204001L, 0x0002040000204080L, 0x0002040000204081L, + 0x0002040010000000L, 0x0002040010000001L, 0x0002040010000080L, 0x0002040010000081L, + 0x0002040010004000L, 0x0002040010004001L, 0x0002040010004080L, 0x0002040010004081L, + 0x0002040010200000L, 0x0002040010200001L, 0x0002040010200080L, 0x0002040010200081L, + 0x0002040010204000L, 0x0002040010204001L, 0x0002040010204080L, 0x0002040010204081L, + 0x0002040800000000L, 0x0002040800000001L, 0x0002040800000080L, 0x0002040800000081L, + 0x0002040800004000L, 0x0002040800004001L, 0x0002040800004080L, 0x0002040800004081L, + 0x0002040800200000L, 0x0002040800200001L, 0x0002040800200080L, 0x0002040800200081L, + 0x0002040800204000L, 0x0002040800204001L, 0x0002040800204080L, 0x0002040800204081L, + 0x0002040810000000L, 0x0002040810000001L, 0x0002040810000080L, 0x0002040810000081L, + 0x0002040810004000L, 0x0002040810004001L, 0x0002040810004080L, 0x0002040810004081L, + 0x0002040810200000L, 0x0002040810200001L, 0x0002040810200080L, 0x0002040810200081L, + 0x0002040810204000L, 0x0002040810204001L, 0x0002040810204080L, 0x0002040810204081L, + 0x0100000000000000L, 0x0100000000000001L, 0x0100000000000080L, 0x0100000000000081L, + 0x0100000000004000L, 0x0100000000004001L, 0x0100000000004080L, 0x0100000000004081L, + 0x0100000000200000L, 0x0100000000200001L, 0x0100000000200080L, 0x0100000000200081L, + 0x0100000000204000L, 0x0100000000204001L, 0x0100000000204080L, 0x0100000000204081L, + 0x0100000010000000L, 0x0100000010000001L, 0x0100000010000080L, 0x0100000010000081L, + 0x0100000010004000L, 0x0100000010004001L, 0x0100000010004080L, 0x0100000010004081L, + 0x0100000010200000L, 0x0100000010200001L, 0x0100000010200080L, 0x0100000010200081L, + 0x0100000010204000L, 0x0100000010204001L, 0x0100000010204080L, 0x0100000010204081L, + 0x0100000800000000L, 0x0100000800000001L, 0x0100000800000080L, 0x0100000800000081L, + 0x0100000800004000L, 0x0100000800004001L, 0x0100000800004080L, 0x0100000800004081L, + 0x0100000800200000L, 0x0100000800200001L, 0x0100000800200080L, 0x0100000800200081L, + 0x0100000800204000L, 0x0100000800204001L, 0x0100000800204080L, 0x0100000800204081L, + 0x0100000810000000L, 0x0100000810000001L, 0x0100000810000080L, 0x0100000810000081L, + 0x0100000810004000L, 0x0100000810004001L, 0x0100000810004080L, 0x0100000810004081L, + 0x0100000810200000L, 0x0100000810200001L, 0x0100000810200080L, 0x0100000810200081L, + 0x0100000810204000L, 0x0100000810204001L, 0x0100000810204080L, 0x0100000810204081L, + 0x0100040000000000L, 0x0100040000000001L, 0x0100040000000080L, 0x0100040000000081L, + 0x0100040000004000L, 0x0100040000004001L, 0x0100040000004080L, 0x0100040000004081L, + 0x0100040000200000L, 0x0100040000200001L, 0x0100040000200080L, 0x0100040000200081L, + 0x0100040000204000L, 0x0100040000204001L, 0x0100040000204080L, 0x0100040000204081L, + 0x0100040010000000L, 0x0100040010000001L, 0x0100040010000080L, 0x0100040010000081L, + 0x0100040010004000L, 0x0100040010004001L, 0x0100040010004080L, 0x0100040010004081L, + 0x0100040010200000L, 0x0100040010200001L, 0x0100040010200080L, 0x0100040010200081L, + 0x0100040010204000L, 0x0100040010204001L, 0x0100040010204080L, 0x0100040010204081L, + 0x0100040800000000L, 0x0100040800000001L, 0x0100040800000080L, 0x0100040800000081L, + 0x0100040800004000L, 0x0100040800004001L, 0x0100040800004080L, 0x0100040800004081L, + 0x0100040800200000L, 0x0100040800200001L, 0x0100040800200080L, 0x0100040800200081L, + 0x0100040800204000L, 0x0100040800204001L, 0x0100040800204080L, 0x0100040800204081L, + 0x0100040810000000L, 0x0100040810000001L, 0x0100040810000080L, 0x0100040810000081L, + 0x0100040810004000L, 0x0100040810004001L, 0x0100040810004080L, 0x0100040810004081L, + 0x0100040810200000L, 0x0100040810200001L, 0x0100040810200080L, 0x0100040810200081L, + 0x0100040810204000L, 0x0100040810204001L, 0x0100040810204080L, 0x0100040810204081L, + 0x0102000000000000L, 0x0102000000000001L, 0x0102000000000080L, 0x0102000000000081L, + 0x0102000000004000L, 0x0102000000004001L, 0x0102000000004080L, 0x0102000000004081L, + 0x0102000000200000L, 0x0102000000200001L, 0x0102000000200080L, 0x0102000000200081L, + 0x0102000000204000L, 0x0102000000204001L, 0x0102000000204080L, 0x0102000000204081L, + 0x0102000010000000L, 0x0102000010000001L, 0x0102000010000080L, 0x0102000010000081L, + 0x0102000010004000L, 0x0102000010004001L, 0x0102000010004080L, 0x0102000010004081L, + 0x0102000010200000L, 0x0102000010200001L, 0x0102000010200080L, 0x0102000010200081L, + 0x0102000010204000L, 0x0102000010204001L, 0x0102000010204080L, 0x0102000010204081L, + 0x0102000800000000L, 0x0102000800000001L, 0x0102000800000080L, 0x0102000800000081L, + 0x0102000800004000L, 0x0102000800004001L, 0x0102000800004080L, 0x0102000800004081L, + 0x0102000800200000L, 0x0102000800200001L, 0x0102000800200080L, 0x0102000800200081L, + 0x0102000800204000L, 0x0102000800204001L, 0x0102000800204080L, 0x0102000800204081L, + 0x0102000810000000L, 0x0102000810000001L, 0x0102000810000080L, 0x0102000810000081L, + 0x0102000810004000L, 0x0102000810004001L, 0x0102000810004080L, 0x0102000810004081L, + 0x0102000810200000L, 0x0102000810200001L, 0x0102000810200080L, 0x0102000810200081L, + 0x0102000810204000L, 0x0102000810204001L, 0x0102000810204080L, 0x0102000810204081L, + 0x0102040000000000L, 0x0102040000000001L, 0x0102040000000080L, 0x0102040000000081L, + 0x0102040000004000L, 0x0102040000004001L, 0x0102040000004080L, 0x0102040000004081L, + 0x0102040000200000L, 0x0102040000200001L, 0x0102040000200080L, 0x0102040000200081L, + 0x0102040000204000L, 0x0102040000204001L, 0x0102040000204080L, 0x0102040000204081L, + 0x0102040010000000L, 0x0102040010000001L, 0x0102040010000080L, 0x0102040010000081L, + 0x0102040010004000L, 0x0102040010004001L, 0x0102040010004080L, 0x0102040010004081L, + 0x0102040010200000L, 0x0102040010200001L, 0x0102040010200080L, 0x0102040010200081L, + 0x0102040010204000L, 0x0102040010204001L, 0x0102040010204080L, 0x0102040010204081L, + 0x0102040800000000L, 0x0102040800000001L, 0x0102040800000080L, 0x0102040800000081L, + 0x0102040800004000L, 0x0102040800004001L, 0x0102040800004080L, 0x0102040800004081L, + 0x0102040800200000L, 0x0102040800200001L, 0x0102040800200080L, 0x0102040800200081L, + 0x0102040800204000L, 0x0102040800204001L, 0x0102040800204080L, 0x0102040800204081L, + 0x0102040810000000L, 0x0102040810000001L, 0x0102040810000080L, 0x0102040810000081L, + 0x0102040810004000L, 0x0102040810004001L, 0x0102040810004080L, 0x0102040810004081L, + 0x0102040810200000L, 0x0102040810200001L, 0x0102040810200080L, 0x0102040810200081L, + 0x0102040810204000L, 0x0102040810204001L, 0x0102040810204080L, 0x0102040810204081L + }; + + // For toString(); must have length 64 + private const string ZEROES = "0000000000000000000000000000000000000000000000000000000000000000"; + + internal static readonly byte[] BitLengths = + { + 0, 1, 2, 2, 3, 3, 3, 3, 4, 4, 4, 4, 4, 4, 4, 4, + 5, 5, 5, 5, 5, 5, 5, 5, 5, 5, 5, 5, 5, 5, 5, 5, + 6, 6, 6, 6, 6, 6, 6, 6, 6, 6, 6, 6, 6, 6, 6, 6, + 6, 6, 6, 6, 6, 6, 6, 6, 6, 6, 6, 6, 6, 6, 6, 6, + 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, + 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, + 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, + 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, + 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, + 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, + 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, + 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, + 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, + 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, + 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, + 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8 + }; + + // TODO make m fixed for the LongArray, and hence compute T once and for all + + private long[] m_ints; + + public LongArray(int intLen) + { + m_ints = new long[intLen]; + } + + public LongArray(long[] ints) + { + m_ints = ints; + } + + public LongArray(long[] ints, int off, int len) + { + if (off == 0 && len == ints.Length) + { + m_ints = ints; + } + else + { + m_ints = new long[len]; + Array.Copy(ints, off, m_ints, 0, len); + } + } + + public LongArray(BigInteger bigInt) + { + if (bigInt == null || bigInt.SignValue < 0) + { + throw new ArgumentException("invalid F2m field value", "bigInt"); + } + + if (bigInt.SignValue == 0) + { + m_ints = new long[] { 0L }; + return; + } + + byte[] barr = bigInt.ToByteArray(); + int barrLen = barr.Length; + int barrStart = 0; + if (barr[0] == 0) + { + // First byte is 0 to enforce highest (=sign) bit is zero. + // In this case ignore barr[0]. + barrLen--; + barrStart = 1; + } + int intLen = (barrLen + 7) / 8; + m_ints = new long[intLen]; + + int iarrJ = intLen - 1; + int rem = barrLen % 8 + barrStart; + long temp = 0; + int barrI = barrStart; + if (barrStart < rem) + { + for (; barrI < rem; barrI++) + { + temp <<= 8; + uint barrBarrI = barr[barrI]; + temp |= barrBarrI; + } + m_ints[iarrJ--] = temp; + } + + for (; iarrJ >= 0; iarrJ--) + { + temp = 0; + for (int i = 0; i < 8; i++) + { + temp <<= 8; + uint barrBarrI = barr[barrI++]; + temp |= barrBarrI; + } + m_ints[iarrJ] = temp; + } + } + + internal void CopyTo(long[] z, int zOff) + { + Array.Copy(m_ints, 0, z, zOff, m_ints.Length); + } + + public bool IsOne() + { + long[] a = m_ints; + if (a[0] != 1L) + { + return false; + } + for (int i = 1; i < a.Length; ++i) + { + if (a[i] != 0L) + { + return false; + } + } + return true; + } + + public bool IsZero() + { + long[] a = m_ints; + for (int i = 0; i < a.Length; ++i) + { + if (a[i] != 0L) + { + return false; + } + } + return true; + } + + public int GetUsedLength() + { + return GetUsedLengthFrom(m_ints.Length); + } + + public int GetUsedLengthFrom(int from) + { + long[] a = m_ints; + from = System.Math.Min(from, a.Length); + + if (from < 1) + { + return 0; + } + + // Check if first element will act as sentinel + if (a[0] != 0) + { + while (a[--from] == 0) + { + } + return from + 1; + } + + do + { + if (a[--from] != 0) + { + return from + 1; + } + } + while (from > 0); + + return 0; + } + + public int Degree() + { + int i = m_ints.Length; + long w; + do + { + if (i == 0) + { + return 0; + } + w = m_ints[--i]; + } + while (w == 0); + + return (i << 6) + BitLength(w); + } + + private int DegreeFrom(int limit) + { + int i = (int)(((uint)limit + 62) >> 6); + long w; + do + { + if (i == 0) + { + return 0; + } + w = m_ints[--i]; + } + while (w == 0); + + return (i << 6) + BitLength(w); + } + + // private int lowestCoefficient() + // { + // for (int i = 0; i < m_ints.Length; ++i) + // { + // long mi = m_ints[i]; + // if (mi != 0) + // { + // int j = 0; + // while ((mi & 0xFFL) == 0) + // { + // j += 8; + // mi >>>= 8; + // } + // while ((mi & 1L) == 0) + // { + // ++j; + // mi >>>= 1; + // } + // return (i << 6) + j; + // } + // } + // return -1; + // } + + private static int BitLength(long w) + { + int u = (int)((ulong)w >> 32), b; + if (u == 0) + { + u = (int)w; + b = 0; + } + else + { + b = 32; + } + + int t = (int)((uint)u >> 16), k; + if (t == 0) + { + t = (int)((uint)u >> 8); + k = (t == 0) ? BitLengths[u] : 8 + BitLengths[t]; + } + else + { + int v = (int)((uint)t >> 8); + k = (v == 0) ? 16 + BitLengths[t] : 24 + BitLengths[v]; + } + + return b + k; + } + + private long[] ResizedInts(int newLen) + { + long[] newInts = new long[newLen]; + Array.Copy(m_ints, 0, newInts, 0, System.Math.Min(m_ints.Length, newLen)); + return newInts; + } + + public BigInteger ToBigInteger() + { + int usedLen = GetUsedLength(); + if (usedLen == 0) + { + return BigInteger.Zero; + } + + long highestInt = m_ints[usedLen - 1]; + byte[] temp = new byte[8]; + int barrI = 0; + bool trailingZeroBytesDone = false; + for (int j = 7; j >= 0; j--) + { + byte thisByte = (byte)((ulong)highestInt >> (8 * j)); + if (trailingZeroBytesDone || (thisByte != 0)) + { + trailingZeroBytesDone = true; + temp[barrI++] = thisByte; + } + } + + int barrLen = 8 * (usedLen - 1) + barrI; + byte[] barr = new byte[barrLen]; + for (int j = 0; j < barrI; j++) + { + barr[j] = temp[j]; + } + // Highest value int is done now + + for (int iarrJ = usedLen - 2; iarrJ >= 0; iarrJ--) + { + long mi = m_ints[iarrJ]; + for (int j = 7; j >= 0; j--) + { + barr[barrI++] = (byte)((ulong)mi >> (8 * j)); + } + } + return new BigInteger(1, barr); + } + + // private static long shiftUp(long[] x, int xOff, int count) + // { + // long prev = 0; + // for (int i = 0; i < count; ++i) + // { + // long next = x[xOff + i]; + // x[xOff + i] = (next << 1) | prev; + // prev = next >>> 63; + // } + // return prev; + // } + + private static long ShiftUp(long[] x, int xOff, int count, int shift) + { + int shiftInv = 64 - shift; + long prev = 0; + for (int i = 0; i < count; ++i) + { + long next = x[xOff + i]; + x[xOff + i] = (next << shift) | prev; + prev = (long)((ulong)next >> shiftInv); + } + return prev; + } + + private static long ShiftUp(long[] x, int xOff, long[] z, int zOff, int count, int shift) + { + int shiftInv = 64 - shift; + long prev = 0; + for (int i = 0; i < count; ++i) + { + long next = x[xOff + i]; + z[zOff + i] = (next << shift) | prev; + prev = (long)((ulong)next >> shiftInv); + } + return prev; + } + + public LongArray AddOne() + { + if (m_ints.Length == 0) + { + return new LongArray(new long[]{ 1L }); + } + + int resultLen = System.Math.Max(1, GetUsedLength()); + long[] ints = ResizedInts(resultLen); + ints[0] ^= 1L; + return new LongArray(ints); + } + + // private void addShiftedByBits(LongArray other, int bits) + // { + // int words = bits >>> 6; + // int shift = bits & 0x3F; + // + // if (shift == 0) + // { + // addShiftedByWords(other, words); + // return; + // } + // + // int otherUsedLen = other.GetUsedLength(); + // if (otherUsedLen == 0) + // { + // return; + // } + // + // int minLen = otherUsedLen + words + 1; + // if (minLen > m_ints.Length) + // { + // m_ints = resizedInts(minLen); + // } + // + // long carry = addShiftedByBits(m_ints, words, other.m_ints, 0, otherUsedLen, shift); + // m_ints[otherUsedLen + words] ^= carry; + // } + + private void AddShiftedByBitsSafe(LongArray other, int otherDegree, int bits) + { + int otherLen = (int)((uint)(otherDegree + 63) >> 6); + + int words = (int)((uint)bits >> 6); + int shift = bits & 0x3F; + + if (shift == 0) + { + Add(m_ints, words, other.m_ints, 0, otherLen); + return; + } + + long carry = AddShiftedUp(m_ints, words, other.m_ints, 0, otherLen, shift); + if (carry != 0L) + { + m_ints[otherLen + words] ^= carry; + } + } + + private static long AddShiftedUp(long[] x, int xOff, long[] y, int yOff, int count, int shift) + { + int shiftInv = 64 - shift; + long prev = 0; + for (int i = 0; i < count; ++i) + { + long next = y[yOff + i]; + x[xOff + i] ^= (next << shift) | prev; + prev = (long)((ulong)next >> shiftInv); + } + return prev; + } + + private static long AddShiftedDown(long[] x, int xOff, long[] y, int yOff, int count, int shift) + { + int shiftInv = 64 - shift; + long prev = 0; + int i = count; + while (--i >= 0) + { + long next = y[yOff + i]; + x[xOff + i] ^= (long)((ulong)next >> shift) | prev; + prev = next << shiftInv; + } + return prev; + } + + public void AddShiftedByWords(LongArray other, int words) + { + int otherUsedLen = other.GetUsedLength(); + if (otherUsedLen == 0) + { + return; + } + + int minLen = otherUsedLen + words; + if (minLen > m_ints.Length) + { + m_ints = ResizedInts(minLen); + } + + Add(m_ints, words, other.m_ints, 0, otherUsedLen); + } + + private static void Add(long[] x, int xOff, long[] y, int yOff, int count) + { + for (int i = 0; i < count; ++i) + { + x[xOff + i] ^= y[yOff + i]; + } + } + + private static void Add(long[] x, int xOff, long[] y, int yOff, long[] z, int zOff, int count) + { + for (int i = 0; i < count; ++i) + { + z[zOff + i] = x[xOff + i] ^ y[yOff + i]; + } + } + + private static void AddBoth(long[] x, int xOff, long[] y1, int y1Off, long[] y2, int y2Off, int count) + { + for (int i = 0; i < count; ++i) + { + x[xOff + i] ^= y1[y1Off + i] ^ y2[y2Off + i]; + } + } + + private static void Distribute(long[] x, int src, int dst1, int dst2, int count) + { + for (int i = 0; i < count; ++i) + { + long v = x[src + i]; + x[dst1 + i] ^= v; + x[dst2 + i] ^= v; + } + } + + public int Length + { + get { return m_ints.Length; } + } + + private static void FlipWord(long[] buf, int off, int bit, long word) + { + int n = off + (int)((uint)bit >> 6); + int shift = bit & 0x3F; + if (shift == 0) + { + buf[n] ^= word; + } + else + { + buf[n] ^= word << shift; + word = (long)((ulong)word >> (64 - shift)); + if (word != 0) + { + buf[++n] ^= word; + } + } + } + + // private static long getWord(long[] buf, int off, int len, int bit) + // { + // int n = off + (bit >>> 6); + // int shift = bit & 0x3F; + // if (shift == 0) + // { + // return buf[n]; + // } + // long result = buf[n] >>> shift; + // if (++n < len) + // { + // result |= buf[n] << (64 - shift); + // } + // return result; + // } + + public bool TestBitZero() + { + return m_ints.Length > 0 && (m_ints[0] & 1L) != 0; + } + + private static bool TestBit(long[] buf, int off, int n) + { + // theInt = n / 64 + int theInt = (int)((uint)n >> 6); + // theBit = n % 64 + int theBit = n & 0x3F; + long tester = 1L << theBit; + return (buf[off + theInt] & tester) != 0; + } + + private static void FlipBit(long[] buf, int off, int n) + { + // theInt = n / 64 + int theInt = (int)((uint)n >> 6); + // theBit = n % 64 + int theBit = n & 0x3F; + long flipper = 1L << theBit; + buf[off + theInt] ^= flipper; + } + + // private static void SetBit(long[] buf, int off, int n) + // { + // // theInt = n / 64 + // int theInt = n >>> 6; + // // theBit = n % 64 + // int theBit = n & 0x3F; + // long setter = 1L << theBit; + // buf[off + theInt] |= setter; + // } + // + // private static void ClearBit(long[] buf, int off, int n) + // { + // // theInt = n / 64 + // int theInt = n >>> 6; + // // theBit = n % 64 + // int theBit = n & 0x3F; + // long setter = 1L << theBit; + // buf[off + theInt] &= ~setter; + // } + + private static void MultiplyWord(long a, long[] b, int bLen, long[] c, int cOff) + { + if ((a & 1L) != 0L) + { + Add(c, cOff, b, 0, bLen); + } + int k = 1; + while ((a = (long)((ulong)a >> 1)) != 0L) + { + if ((a & 1L) != 0L) + { + long carry = AddShiftedUp(c, cOff, b, 0, bLen, k); + if (carry != 0L) + { + c[cOff + bLen] ^= carry; + } + } + ++k; + } + } + + public LongArray ModMultiplyLD(LongArray other, int m, int[] ks) + { + /* + * Find out the degree of each argument and handle the zero cases + */ + int aDeg = Degree(); + if (aDeg == 0) + { + return this; + } + int bDeg = other.Degree(); + if (bDeg == 0) + { + return other; + } + + /* + * Swap if necessary so that A is the smaller argument + */ + LongArray A = this, B = other; + if (aDeg > bDeg) + { + A = other; B = this; + int tmp = aDeg; aDeg = bDeg; bDeg = tmp; + } + + /* + * Establish the word lengths of the arguments and result + */ + int aLen = (int)((uint)(aDeg + 63) >> 6); + int bLen = (int)((uint)(bDeg + 63) >> 6); + int cLen = (int)((uint)(aDeg + bDeg + 62) >> 6); + + if (aLen == 1) + { + long a0 = A.m_ints[0]; + if (a0 == 1L) + { + return B; + } + + /* + * Fast path for small A, with performance dependent only on the number of set bits + */ + long[] c0 = new long[cLen]; + MultiplyWord(a0, B.m_ints, bLen, c0, 0); + + /* + * Reduce the raw answer against the reduction coefficients + */ + return ReduceResult(c0, 0, cLen, m, ks); + } + + /* + * Determine if B will get bigger during shifting + */ + int bMax = (int)((uint)(bDeg + 7 + 63) >> 6); + + /* + * Lookup table for the offset of each B in the tables + */ + int[] ti = new int[16]; + + /* + * Precompute table of all 4-bit products of B + */ + long[] T0 = new long[bMax << 4]; + int tOff = bMax; + ti[1] = tOff; + Array.Copy(B.m_ints, 0, T0, tOff, bLen); + for (int i = 2; i < 16; ++i) + { + ti[i] = (tOff += bMax); + if ((i & 1) == 0) + { + ShiftUp(T0, (int)((uint)tOff >> 1), T0, tOff, bMax, 1); + } + else + { + Add(T0, bMax, T0, tOff - bMax, T0, tOff, bMax); + } + } + + /* + * Second table with all 4-bit products of B shifted 4 bits + */ + long[] T1 = new long[T0.Length]; + ShiftUp(T0, 0, T1, 0, T0.Length, 4); + // shiftUp(T0, bMax, T1, bMax, tOff, 4); + + long[] a = A.m_ints; + long[] c = new long[cLen]; + + int MASK = 0xF; + + /* + * Lopez-Dahab algorithm + */ + + for (int k = 56; k >= 0; k -= 8) + { + for (int j = 1; j < aLen; j += 2) + { + int aVal = (int)((ulong)a[j] >> k); + int u = aVal & MASK; + int v = (int)((uint)aVal >> 4) & MASK; + AddBoth(c, j - 1, T0, ti[u], T1, ti[v], bMax); + } + ShiftUp(c, 0, cLen, 8); + } + + for (int k = 56; k >= 0; k -= 8) + { + for (int j = 0; j < aLen; j += 2) + { + int aVal = (int)((ulong)a[j] >> k); + int u = aVal & MASK; + int v = (int)((uint)aVal >> 4) & MASK; + AddBoth(c, j, T0, ti[u], T1, ti[v], bMax); + } + if (k > 0) + { + ShiftUp(c, 0, cLen, 8); + } + } + + /* + * Finally the raw answer is collected, reduce it against the reduction coefficients + */ + return ReduceResult(c, 0, cLen, m, ks); + } + + public LongArray ModMultiply(LongArray other, int m, int[] ks) + { + /* + * Find out the degree of each argument and handle the zero cases + */ + int aDeg = Degree(); + if (aDeg == 0) + { + return this; + } + int bDeg = other.Degree(); + if (bDeg == 0) + { + return other; + } + + /* + * Swap if necessary so that A is the smaller argument + */ + LongArray A = this, B = other; + if (aDeg > bDeg) + { + A = other; B = this; + int tmp = aDeg; aDeg = bDeg; bDeg = tmp; + } + + /* + * Establish the word lengths of the arguments and result + */ + int aLen = (int)((uint)(aDeg + 63) >> 6); + int bLen = (int)((uint)(bDeg + 63) >> 6); + int cLen = (int)((uint)(aDeg + bDeg + 62) >> 6); + + if (aLen == 1) + { + long a0 = A.m_ints[0]; + if (a0 == 1L) + { + return B; + } + + /* + * Fast path for small A, with performance dependent only on the number of set bits + */ + long[] c0 = new long[cLen]; + MultiplyWord(a0, B.m_ints, bLen, c0, 0); + + /* + * Reduce the raw answer against the reduction coefficients + */ + return ReduceResult(c0, 0, cLen, m, ks); + } + + /* + * Determine if B will get bigger during shifting + */ + int bMax = (int)((uint)(bDeg + 7 + 63) >> 6); + + /* + * Lookup table for the offset of each B in the tables + */ + int[] ti = new int[16]; + + /* + * Precompute table of all 4-bit products of B + */ + long[] T0 = new long[bMax << 4]; + int tOff = bMax; + ti[1] = tOff; + Array.Copy(B.m_ints, 0, T0, tOff, bLen); + for (int i = 2; i < 16; ++i) + { + ti[i] = (tOff += bMax); + if ((i & 1) == 0) + { + ShiftUp(T0, (int)((uint)tOff >> 1), T0, tOff, bMax, 1); + } + else + { + Add(T0, bMax, T0, tOff - bMax, T0, tOff, bMax); + } + } + + /* + * Second table with all 4-bit products of B shifted 4 bits + */ + long[] T1 = new long[T0.Length]; + ShiftUp(T0, 0, T1, 0, T0.Length, 4); + // ShiftUp(T0, bMax, T1, bMax, tOff, 4); + + long[] a = A.m_ints; + long[] c = new long[cLen << 3]; + + int MASK = 0xF; + + /* + * Lopez-Dahab (Modified) algorithm + */ + + for (int aPos = 0; aPos < aLen; ++aPos) + { + long aVal = a[aPos]; + int cOff = aPos; + for (;;) + { + int u = (int)aVal & MASK; + aVal = (long)((ulong)aVal >> 4); + int v = (int)aVal & MASK; + AddBoth(c, cOff, T0, ti[u], T1, ti[v], bMax); + aVal = (long)((ulong)aVal >> 4); + if (aVal == 0L) + { + break; + } + cOff += cLen; + } + } + + { + int cOff = c.Length; + while ((cOff -= cLen) != 0) + { + AddShiftedUp(c, cOff - cLen, c, cOff, cLen, 8); + } + } + + /* + * Finally the raw answer is collected, reduce it against the reduction coefficients + */ + return ReduceResult(c, 0, cLen, m, ks); + } + + public LongArray ModMultiplyAlt(LongArray other, int m, int[] ks) + { + /* + * Find out the degree of each argument and handle the zero cases + */ + int aDeg = Degree(); + if (aDeg == 0) + { + return this; + } + int bDeg = other.Degree(); + if (bDeg == 0) + { + return other; + } + + /* + * Swap if necessary so that A is the smaller argument + */ + LongArray A = this, B = other; + if (aDeg > bDeg) + { + A = other; B = this; + int tmp = aDeg; aDeg = bDeg; bDeg = tmp; + } + + /* + * Establish the word lengths of the arguments and result + */ + int aLen = (int)((uint)(aDeg + 63) >> 6); + int bLen = (int)((uint)(bDeg + 63) >> 6); + int cLen = (int)((uint)(aDeg + bDeg + 62) >> 6); + + if (aLen == 1) + { + long a0 = A.m_ints[0]; + if (a0 == 1L) + { + return B; + } + + /* + * Fast path for small A, with performance dependent only on the number of set bits + */ + long[] c0 = new long[cLen]; + MultiplyWord(a0, B.m_ints, bLen, c0, 0); + + /* + * Reduce the raw answer against the reduction coefficients + */ + return ReduceResult(c0, 0, cLen, m, ks); + } + + // NOTE: This works, but is slower than width 4 processing + // if (aLen == 2) + // { + // /* + // * Use common-multiplicand optimization to save ~1/4 of the adds + // */ + // long a1 = A.m_ints[0], a2 = A.m_ints[1]; + // long aa = a1 & a2; a1 ^= aa; a2 ^= aa; + // + // long[] b = B.m_ints; + // long[] c = new long[cLen]; + // multiplyWord(aa, b, bLen, c, 1); + // add(c, 0, c, 1, cLen - 1); + // multiplyWord(a1, b, bLen, c, 0); + // multiplyWord(a2, b, bLen, c, 1); + // + // /* + // * Reduce the raw answer against the reduction coefficients + // */ + // return ReduceResult(c, 0, cLen, m, ks); + // } + + /* + * Determine the parameters of the Interleaved window algorithm: the 'width' in bits to + * process together, the number of evaluation 'positions' implied by that width, and the + * 'top' position at which the regular window algorithm stops. + */ + int width, positions, top, banks; + + // NOTE: width 4 is the fastest over the entire range of sizes used in current crypto + // width = 1; positions = 64; top = 64; banks = 4; + // width = 2; positions = 32; top = 64; banks = 4; + // width = 3; positions = 21; top = 63; banks = 3; + width = 4; positions = 16; top = 64; banks = 8; + // width = 5; positions = 13; top = 65; banks = 7; + // width = 7; positions = 9; top = 63; banks = 9; + // width = 8; positions = 8; top = 64; banks = 8; + + /* + * Determine if B will get bigger during shifting + */ + int shifts = top < 64 ? positions : positions - 1; + int bMax = (int)((uint)(bDeg + shifts + 63) >> 6); + + int bTotal = bMax * banks, stride = width * banks; + + /* + * Create a single temporary buffer, with an offset table to find the positions of things in it + */ + int[] ci = new int[1 << width]; + int cTotal = aLen; + { + ci[0] = cTotal; + cTotal += bTotal; + ci[1] = cTotal; + for (int i = 2; i < ci.Length; ++i) + { + cTotal += cLen; + ci[i] = cTotal; + } + cTotal += cLen; + } + // NOTE: Provide a safe dump for "high zeroes" since we are adding 'bMax' and not 'bLen' + ++cTotal; + + long[] c = new long[cTotal]; + + // Prepare A in Interleaved form, according to the chosen width + Interleave(A.m_ints, 0, c, 0, aLen, width); + + // Make a working copy of B, since we will be shifting it + { + int bOff = aLen; + Array.Copy(B.m_ints, 0, c, bOff, bLen); + for (int bank = 1; bank < banks; ++bank) + { + ShiftUp(c, aLen, c, bOff += bMax, bMax, bank); + } + } + + /* + * The main loop analyzes the Interleaved windows in A, and for each non-zero window + * a single word-array XOR is performed to a carefully selected slice of 'c'. The loop is + * breadth-first, checking the lowest window in each word, then looping again for the + * next higher window position. + */ + int MASK = (1 << width) - 1; + + int k = 0; + for (;;) + { + int aPos = 0; + do + { + long aVal = (long)((ulong)c[aPos] >> k); + int bank = 0, bOff = aLen; + for (;;) + { + int index = (int)(aVal) & MASK; + if (index != 0) + { + /* + * Add to a 'c' buffer based on the bit-pattern of 'index'. Since A is in + * Interleaved form, the bits represent the current B shifted by 0, 'positions', + * 'positions' * 2, ..., 'positions' * ('width' - 1) + */ + Add(c, aPos + ci[index], c, bOff, bMax); + } + if (++bank == banks) + { + break; + } + bOff += bMax; + aVal = (long)((ulong)aVal >> width); + } + } + while (++aPos < aLen); + + if ((k += stride) >= top) + { + if (k >= 64) + { + break; + } + + /* + * Adjustment for window setups with top == 63, the final bit (if any) is processed + * as the top-bit of a window + */ + k = 64 - width; + MASK &= MASK << (top - k); + } + + /* + * After each position has been checked for all words of A, B is shifted up 1 place + */ + ShiftUp(c, aLen, bTotal, banks); + } + + int ciPos = ci.Length; + while (--ciPos > 1) + { + if ((ciPos & 1L) == 0L) + { + /* + * For even numbers, shift contents and add to the half-position + */ + AddShiftedUp(c, ci[(uint)ciPos >> 1], c, ci[ciPos], cLen, positions); + } + else + { + /* + * For odd numbers, 'distribute' contents to the result and the next-lowest position + */ + Distribute(c, ci[ciPos], ci[ciPos - 1], ci[1], cLen); + } + } + + /* + * Finally the raw answer is collected, reduce it against the reduction coefficients + */ + return ReduceResult(c, ci[1], cLen, m, ks); + } + + public LongArray ModReduce(int m, int[] ks) + { + long[] buf = Arrays.Clone(m_ints); + int rLen = ReduceInPlace(buf, 0, buf.Length, m, ks); + return new LongArray(buf, 0, rLen); + } + + public LongArray Multiply(LongArray other, int m, int[] ks) + { + /* + * Find out the degree of each argument and handle the zero cases + */ + int aDeg = Degree(); + if (aDeg == 0) + { + return this; + } + int bDeg = other.Degree(); + if (bDeg == 0) + { + return other; + } + + /* + * Swap if necessary so that A is the smaller argument + */ + LongArray A = this, B = other; + if (aDeg > bDeg) + { + A = other; B = this; + int tmp = aDeg; aDeg = bDeg; bDeg = tmp; + } + + /* + * Establish the word lengths of the arguments and result + */ + int aLen = (int)((uint)(aDeg + 63) >> 6); + int bLen = (int)((uint)(bDeg + 63) >> 6); + int cLen = (int)((uint)(aDeg + bDeg + 62) >> 6); + + if (aLen == 1) + { + long a0 = A.m_ints[0]; + if (a0 == 1L) + { + return B; + } + + /* + * Fast path for small A, with performance dependent only on the number of set bits + */ + long[] c0 = new long[cLen]; + MultiplyWord(a0, B.m_ints, bLen, c0, 0); + + /* + * Reduce the raw answer against the reduction coefficients + */ + //return ReduceResult(c0, 0, cLen, m, ks); + return new LongArray(c0, 0, cLen); + } + + /* + * Determine if B will get bigger during shifting + */ + int bMax = (int)((uint)(bDeg + 7 + 63) >> 6); + + /* + * Lookup table for the offset of each B in the tables + */ + int[] ti = new int[16]; + + /* + * Precompute table of all 4-bit products of B + */ + long[] T0 = new long[bMax << 4]; + int tOff = bMax; + ti[1] = tOff; + Array.Copy(B.m_ints, 0, T0, tOff, bLen); + for (int i = 2; i < 16; ++i) + { + ti[i] = (tOff += bMax); + if ((i & 1) == 0) + { + ShiftUp(T0, (int)((uint)tOff >> 1), T0, tOff, bMax, 1); + } + else + { + Add(T0, bMax, T0, tOff - bMax, T0, tOff, bMax); + } + } + + /* + * Second table with all 4-bit products of B shifted 4 bits + */ + long[] T1 = new long[T0.Length]; + ShiftUp(T0, 0, T1, 0, T0.Length, 4); + // ShiftUp(T0, bMax, T1, bMax, tOff, 4); + + long[] a = A.m_ints; + long[] c = new long[cLen << 3]; + + int MASK = 0xF; + + /* + * Lopez-Dahab (Modified) algorithm + */ + + for (int aPos = 0; aPos < aLen; ++aPos) + { + long aVal = a[aPos]; + int cOff = aPos; + for (; ; ) + { + int u = (int)aVal & MASK; + aVal = (long)((ulong)aVal >> 4); + int v = (int)aVal & MASK; + AddBoth(c, cOff, T0, ti[u], T1, ti[v], bMax); + aVal = (long)((ulong)aVal >> 4); + if (aVal == 0L) + { + break; + } + cOff += cLen; + } + } + + { + int cOff = c.Length; + while ((cOff -= cLen) != 0) + { + AddShiftedUp(c, cOff - cLen, c, cOff, cLen, 8); + } + } + + /* + * Finally the raw answer is collected, reduce it against the reduction coefficients + */ + //return ReduceResult(c, 0, cLen, m, ks); + return new LongArray(c, 0, cLen); + } + + public void Reduce(int m, int[] ks) + { + long[] buf = m_ints; + int rLen = ReduceInPlace(buf, 0, buf.Length, m, ks); + if (rLen < buf.Length) + { + m_ints = new long[rLen]; + Array.Copy(buf, 0, m_ints, 0, rLen); + } + } + + private static LongArray ReduceResult(long[] buf, int off, int len, int m, int[] ks) + { + int rLen = ReduceInPlace(buf, off, len, m, ks); + return new LongArray(buf, off, rLen); + } + + // private static void deInterleave(long[] x, int xOff, long[] z, int zOff, int count, int rounds) + // { + // for (int i = 0; i < count; ++i) + // { + // z[zOff + i] = deInterleave(x[zOff + i], rounds); + // } + // } + // + // private static long deInterleave(long x, int rounds) + // { + // while (--rounds >= 0) + // { + // x = deInterleave32(x & DEInterleave_MASK) | (deInterleave32((x >>> 1) & DEInterleave_MASK) << 32); + // } + // return x; + // } + // + // private static long deInterleave32(long x) + // { + // x = (x | (x >>> 1)) & 0x3333333333333333L; + // x = (x | (x >>> 2)) & 0x0F0F0F0F0F0F0F0FL; + // x = (x | (x >>> 4)) & 0x00FF00FF00FF00FFL; + // x = (x | (x >>> 8)) & 0x0000FFFF0000FFFFL; + // x = (x | (x >>> 16)) & 0x00000000FFFFFFFFL; + // return x; + // } + + private static int ReduceInPlace(long[] buf, int off, int len, int m, int[] ks) + { + int mLen = (m + 63) >> 6; + if (len < mLen) + { + return len; + } + + int numBits = System.Math.Min(len << 6, (m << 1) - 1); // TODO use actual degree? + int excessBits = (len << 6) - numBits; + while (excessBits >= 64) + { + --len; + excessBits -= 64; + } + + int kLen = ks.Length, kMax = ks[kLen - 1], kNext = kLen > 1 ? ks[kLen - 2] : 0; + int wordWiseLimit = System.Math.Max(m, kMax + 64); + int vectorableWords = (excessBits + System.Math.Min(numBits - wordWiseLimit, m - kNext)) >> 6; + if (vectorableWords > 1) + { + int vectorWiseWords = len - vectorableWords; + ReduceVectorWise(buf, off, len, vectorWiseWords, m, ks); + while (len > vectorWiseWords) + { + buf[off + --len] = 0L; + } + numBits = vectorWiseWords << 6; + } + + if (numBits > wordWiseLimit) + { + ReduceWordWise(buf, off, len, wordWiseLimit, m, ks); + numBits = wordWiseLimit; + } + + if (numBits > m) + { + ReduceBitWise(buf, off, numBits, m, ks); + } + + return mLen; + } + + private static void ReduceBitWise(long[] buf, int off, int BitLength, int m, int[] ks) + { + while (--BitLength >= m) + { + if (TestBit(buf, off, BitLength)) + { + ReduceBit(buf, off, BitLength, m, ks); + } + } + } + + private static void ReduceBit(long[] buf, int off, int bit, int m, int[] ks) + { + FlipBit(buf, off, bit); + int n = bit - m; + int j = ks.Length; + while (--j >= 0) + { + FlipBit(buf, off, ks[j] + n); + } + FlipBit(buf, off, n); + } + + private static void ReduceWordWise(long[] buf, int off, int len, int toBit, int m, int[] ks) + { + int toPos = (int)((uint)toBit >> 6); + + while (--len > toPos) + { + long word = buf[off + len]; + if (word != 0) + { + buf[off + len] = 0; + ReduceWord(buf, off, (len << 6), word, m, ks); + } + } + + { + int partial = toBit & 0x3F; + long word = (long)((ulong)buf[off + toPos] >> partial); + if (word != 0) + { + buf[off + toPos] ^= word << partial; + ReduceWord(buf, off, toBit, word, m, ks); + } + } + } + + private static void ReduceWord(long[] buf, int off, int bit, long word, int m, int[] ks) + { + int offset = bit - m; + int j = ks.Length; + while (--j >= 0) + { + FlipWord(buf, off, offset + ks[j], word); + } + FlipWord(buf, off, offset, word); + } + + private static void ReduceVectorWise(long[] buf, int off, int len, int words, int m, int[] ks) + { + /* + * NOTE: It's important we go from highest coefficient to lowest, because for the highest + * one (only) we allow the ranges to partially overlap, and therefore any changes must take + * effect for the subsequent lower coefficients. + */ + int baseBit = (words << 6) - m; + int j = ks.Length; + while (--j >= 0) + { + FlipVector(buf, off, buf, off + words, len - words, baseBit + ks[j]); + } + FlipVector(buf, off, buf, off + words, len - words, baseBit); + } + + private static void FlipVector(long[] x, int xOff, long[] y, int yOff, int yLen, int bits) + { + xOff += (int)((uint)bits >> 6); + bits &= 0x3F; + + if (bits == 0) + { + Add(x, xOff, y, yOff, yLen); + } + else + { + long carry = AddShiftedDown(x, xOff + 1, y, yOff, yLen, 64 - bits); + x[xOff] ^= carry; + } + } + + public LongArray ModSquare(int m, int[] ks) + { + int len = GetUsedLength(); + if (len == 0) + { + return this; + } + + int _2len = len << 1; + long[] r = new long[_2len]; + + int pos = 0; + while (pos < _2len) + { + long mi = m_ints[(uint)pos >> 1]; + r[pos++] = Interleave2_32to64((int)mi); + r[pos++] = Interleave2_32to64((int)((ulong)mi >> 32)); + } + + return new LongArray(r, 0, ReduceInPlace(r, 0, r.Length, m, ks)); + } + + public LongArray ModSquareN(int n, int m, int[] ks) + { + int len = GetUsedLength(); + if (len == 0) + { + return this; + } + + int mLen = (m + 63) >> 6; + long[] r = new long[mLen << 1]; + Array.Copy(m_ints, 0, r, 0, len); + + while (--n >= 0) + { + SquareInPlace(r, len, m, ks); + len = ReduceInPlace(r, 0, r.Length, m, ks); + } + + return new LongArray(r, 0, len); + } + + public LongArray Square(int m, int[] ks) + { + int len = GetUsedLength(); + if (len == 0) + { + return this; + } + + int _2len = len << 1; + long[] r = new long[_2len]; + + int pos = 0; + while (pos < _2len) + { + long mi = m_ints[(uint)pos >> 1]; + r[pos++] = Interleave2_32to64((int)mi); + r[pos++] = Interleave2_32to64((int)((ulong)mi >> 32)); + } + + return new LongArray(r, 0, r.Length); + } + + private static void SquareInPlace(long[] x, int xLen, int m, int[] ks) + { + int pos = xLen << 1; + while (--xLen >= 0) + { + long xVal = x[xLen]; + x[--pos] = Interleave2_32to64((int)((ulong)xVal >> 32)); + x[--pos] = Interleave2_32to64((int)xVal); + } + } + + private static void Interleave(long[] x, int xOff, long[] z, int zOff, int count, int width) + { + switch (width) + { + case 3: + Interleave3(x, xOff, z, zOff, count); + break; + case 5: + Interleave5(x, xOff, z, zOff, count); + break; + case 7: + Interleave7(x, xOff, z, zOff, count); + break; + default: + Interleave2_n(x, xOff, z, zOff, count, BitLengths[width] - 1); + break; + } + } + + private static void Interleave3(long[] x, int xOff, long[] z, int zOff, int count) + { + for (int i = 0; i < count; ++i) + { + z[zOff + i] = Interleave3(x[xOff + i]); + } + } + + private static long Interleave3(long x) + { + long z = x & (1L << 63); + return z + | Interleave3_21to63((int)x & 0x1FFFFF) + | Interleave3_21to63((int)((ulong)x >> 21) & 0x1FFFFF) << 1 + | Interleave3_21to63((int)((ulong)x >> 42) & 0x1FFFFF) << 2; + + // int zPos = 0, wPos = 0, xPos = 0; + // for (;;) + // { + // z |= ((x >>> xPos) & 1L) << zPos; + // if (++zPos == 63) + // { + // String sz2 = Long.toBinaryString(z); + // return z; + // } + // if ((xPos += 21) >= 63) + // { + // xPos = ++wPos; + // } + // } + } + + private static long Interleave3_21to63(int x) + { + int r00 = INTERLEAVE3_TABLE[x & 0x7F]; + int r21 = INTERLEAVE3_TABLE[((uint)x >> 7) & 0x7F]; + int r42 = INTERLEAVE3_TABLE[(uint)x >> 14]; + return (r42 & 0xFFFFFFFFL) << 42 | (r21 & 0xFFFFFFFFL) << 21 | (r00 & 0xFFFFFFFFL); + } + + private static void Interleave5(long[] x, int xOff, long[] z, int zOff, int count) + { + for (int i = 0; i < count; ++i) + { + z[zOff + i] = Interleave5(x[xOff + i]); + } + } + + private static long Interleave5(long x) + { + return Interleave3_13to65((int)x & 0x1FFF) + | Interleave3_13to65((int)((ulong)x >> 13) & 0x1FFF) << 1 + | Interleave3_13to65((int)((ulong)x >> 26) & 0x1FFF) << 2 + | Interleave3_13to65((int)((ulong)x >> 39) & 0x1FFF) << 3 + | Interleave3_13to65((int)((ulong)x >> 52) & 0x1FFF) << 4; + + // long z = 0; + // int zPos = 0, wPos = 0, xPos = 0; + // for (;;) + // { + // z |= ((x >>> xPos) & 1L) << zPos; + // if (++zPos == 64) + // { + // return z; + // } + // if ((xPos += 13) >= 64) + // { + // xPos = ++wPos; + // } + // } + } + + private static long Interleave3_13to65(int x) + { + int r00 = INTERLEAVE5_TABLE[x & 0x7F]; + int r35 = INTERLEAVE5_TABLE[(uint)x >> 7]; + return (r35 & 0xFFFFFFFFL) << 35 | (r00 & 0xFFFFFFFFL); + } + + private static void Interleave7(long[] x, int xOff, long[] z, int zOff, int count) + { + for (int i = 0; i < count; ++i) + { + z[zOff + i] = Interleave7(x[xOff + i]); + } + } + + private static long Interleave7(long x) + { + long z = x & (1L << 63); + return z + | INTERLEAVE7_TABLE[(int)x & 0x1FF] + | INTERLEAVE7_TABLE[(int)((ulong)x >> 9) & 0x1FF] << 1 + | INTERLEAVE7_TABLE[(int)((ulong)x >> 18) & 0x1FF] << 2 + | INTERLEAVE7_TABLE[(int)((ulong)x >> 27) & 0x1FF] << 3 + | INTERLEAVE7_TABLE[(int)((ulong)x >> 36) & 0x1FF] << 4 + | INTERLEAVE7_TABLE[(int)((ulong)x >> 45) & 0x1FF] << 5 + | INTERLEAVE7_TABLE[(int)((ulong)x >> 54) & 0x1FF] << 6; + + // int zPos = 0, wPos = 0, xPos = 0; + // for (;;) + // { + // z |= ((x >>> xPos) & 1L) << zPos; + // if (++zPos == 63) + // { + // return z; + // } + // if ((xPos += 9) >= 63) + // { + // xPos = ++wPos; + // } + // } + } + + private static void Interleave2_n(long[] x, int xOff, long[] z, int zOff, int count, int rounds) + { + for (int i = 0; i < count; ++i) + { + z[zOff + i] = Interleave2_n(x[xOff + i], rounds); + } + } + + private static long Interleave2_n(long x, int rounds) + { + while (rounds > 1) + { + rounds -= 2; + x = Interleave4_16to64((int)x & 0xFFFF) + | Interleave4_16to64((int)((ulong)x >> 16) & 0xFFFF) << 1 + | Interleave4_16to64((int)((ulong)x >> 32) & 0xFFFF) << 2 + | Interleave4_16to64((int)((ulong)x >> 48) & 0xFFFF) << 3; + } + if (rounds > 0) + { + x = Interleave2_32to64((int)x) | Interleave2_32to64((int)((ulong)x >> 32)) << 1; + } + return x; + } + + private static long Interleave4_16to64(int x) + { + int r00 = INTERLEAVE4_TABLE[x & 0xFF]; + int r32 = INTERLEAVE4_TABLE[(uint)x >> 8]; + return (r32 & 0xFFFFFFFFL) << 32 | (r00 & 0xFFFFFFFFL); + } + + private static long Interleave2_32to64(int x) + { + int r00 = INTERLEAVE2_TABLE[x & 0xFF] | INTERLEAVE2_TABLE[((uint)x >> 8) & 0xFF] << 16; + int r32 = INTERLEAVE2_TABLE[((uint)x >> 16) & 0xFF] | INTERLEAVE2_TABLE[(uint)x >> 24] << 16; + return (r32 & 0xFFFFFFFFL) << 32 | (r00 & 0xFFFFFFFFL); + } + + // private static LongArray ExpItohTsujii2(LongArray B, int n, int m, int[] ks) + // { + // LongArray t1 = B, t3 = new LongArray(new long[]{ 1L }); + // int scale = 1; + // + // int numTerms = n; + // while (numTerms > 1) + // { + // if ((numTerms & 1) != 0) + // { + // t3 = t3.ModMultiply(t1, m, ks); + // t1 = t1.modSquareN(scale, m, ks); + // } + // + // LongArray t2 = t1.modSquareN(scale, m, ks); + // t1 = t1.ModMultiply(t2, m, ks); + // numTerms >>>= 1; scale <<= 1; + // } + // + // return t3.ModMultiply(t1, m, ks); + // } + // + // private static LongArray ExpItohTsujii23(LongArray B, int n, int m, int[] ks) + // { + // LongArray t1 = B, t3 = new LongArray(new long[]{ 1L }); + // int scale = 1; + // + // int numTerms = n; + // while (numTerms > 1) + // { + // bool m03 = numTerms % 3 == 0; + // bool m14 = !m03 && (numTerms & 1) != 0; + // + // if (m14) + // { + // t3 = t3.ModMultiply(t1, m, ks); + // t1 = t1.modSquareN(scale, m, ks); + // } + // + // LongArray t2 = t1.modSquareN(scale, m, ks); + // t1 = t1.ModMultiply(t2, m, ks); + // + // if (m03) + // { + // t2 = t2.modSquareN(scale, m, ks); + // t1 = t1.ModMultiply(t2, m, ks); + // numTerms /= 3; scale *= 3; + // } + // else + // { + // numTerms >>>= 1; scale <<= 1; + // } + // } + // + // return t3.ModMultiply(t1, m, ks); + // } + // + // private static LongArray ExpItohTsujii235(LongArray B, int n, int m, int[] ks) + // { + // LongArray t1 = B, t4 = new LongArray(new long[]{ 1L }); + // int scale = 1; + // + // int numTerms = n; + // while (numTerms > 1) + // { + // if (numTerms % 5 == 0) + // { + //// t1 = ExpItohTsujii23(t1, 5, m, ks); + // + // LongArray t3 = t1; + // t1 = t1.modSquareN(scale, m, ks); + // + // LongArray t2 = t1.modSquareN(scale, m, ks); + // t1 = t1.ModMultiply(t2, m, ks); + // t2 = t1.modSquareN(scale << 1, m, ks); + // t1 = t1.ModMultiply(t2, m, ks); + // + // t1 = t1.ModMultiply(t3, m, ks); + // + // numTerms /= 5; scale *= 5; + // continue; + // } + // + // bool m03 = numTerms % 3 == 0; + // bool m14 = !m03 && (numTerms & 1) != 0; + // + // if (m14) + // { + // t4 = t4.ModMultiply(t1, m, ks); + // t1 = t1.modSquareN(scale, m, ks); + // } + // + // LongArray t2 = t1.modSquareN(scale, m, ks); + // t1 = t1.ModMultiply(t2, m, ks); + // + // if (m03) + // { + // t2 = t2.modSquareN(scale, m, ks); + // t1 = t1.ModMultiply(t2, m, ks); + // numTerms /= 3; scale *= 3; + // } + // else + // { + // numTerms >>>= 1; scale <<= 1; + // } + // } + // + // return t4.ModMultiply(t1, m, ks); + // } + + public LongArray ModInverse(int m, int[] ks) + { + /* + * Fermat's Little Theorem + */ + // LongArray A = this; + // LongArray B = A.modSquare(m, ks); + // LongArray R0 = B, R1 = B; + // for (int i = 2; i < m; ++i) + // { + // R1 = R1.modSquare(m, ks); + // R0 = R0.ModMultiply(R1, m, ks); + // } + // + // return R0; + + /* + * Itoh-Tsujii + */ + // LongArray B = modSquare(m, ks); + // switch (m) + // { + // case 409: + // return ExpItohTsujii23(B, m - 1, m, ks); + // case 571: + // return ExpItohTsujii235(B, m - 1, m, ks); + // case 163: + // case 233: + // case 283: + // default: + // return ExpItohTsujii2(B, m - 1, m, ks); + // } + + /* + * Inversion in F2m using the extended Euclidean algorithm + * + * Input: A nonzero polynomial a(z) of degree at most m-1 + * Output: a(z)^(-1) mod f(z) + */ + int uzDegree = Degree(); + if (uzDegree == 0) + { + throw new InvalidOperationException(); + } + if (uzDegree == 1) + { + return this; + } + + // u(z) := a(z) + LongArray uz = (LongArray)Copy(); + + int t = (m + 63) >> 6; + + // v(z) := f(z) + LongArray vz = new LongArray(t); + ReduceBit(vz.m_ints, 0, m, m, ks); + + // g1(z) := 1, g2(z) := 0 + LongArray g1z = new LongArray(t); + g1z.m_ints[0] = 1L; + LongArray g2z = new LongArray(t); + + int[] uvDeg = new int[]{ uzDegree, m + 1 }; + LongArray[] uv = new LongArray[]{ uz, vz }; + + int[] ggDeg = new int[]{ 1, 0 }; + LongArray[] gg = new LongArray[]{ g1z, g2z }; + + int b = 1; + int duv1 = uvDeg[b]; + int dgg1 = ggDeg[b]; + int j = duv1 - uvDeg[1 - b]; + + for (;;) + { + if (j < 0) + { + j = -j; + uvDeg[b] = duv1; + ggDeg[b] = dgg1; + b = 1 - b; + duv1 = uvDeg[b]; + dgg1 = ggDeg[b]; + } + + uv[b].AddShiftedByBitsSafe(uv[1 - b], uvDeg[1 - b], j); + + int duv2 = uv[b].DegreeFrom(duv1); + if (duv2 == 0) + { + return gg[1 - b]; + } + + { + int dgg2 = ggDeg[1 - b]; + gg[b].AddShiftedByBitsSafe(gg[1 - b], dgg2, j); + dgg2 += j; + + if (dgg2 > dgg1) + { + dgg1 = dgg2; + } + else if (dgg2 == dgg1) + { + dgg1 = gg[b].DegreeFrom(dgg1); + } + } + + j += (duv2 - duv1); + duv1 = duv2; + } + } + + public override bool Equals(object obj) + { + return Equals(obj as LongArray); + } + + public virtual bool Equals(LongArray other) + { + if (this == other) + return true; + if (null == other) + return false; + int usedLen = GetUsedLength(); + if (other.GetUsedLength() != usedLen) + { + return false; + } + for (int i = 0; i < usedLen; i++) + { + if (m_ints[i] != other.m_ints[i]) + { + return false; + } + } + return true; + } + + public override int GetHashCode() + { + int usedLen = GetUsedLength(); + int hash = 1; + for (int i = 0; i < usedLen; i++) + { + long mi = m_ints[i]; + hash *= 31; + hash ^= (int)mi; + hash *= 31; + hash ^= (int)((ulong)mi >> 32); + } + return hash; + } + + public LongArray Copy() + { + return new LongArray(Arrays.Clone(m_ints)); + } + + public override string ToString() + { + int i = GetUsedLength(); + if (i == 0) + { + return "0"; + } + + StringBuilder sb = new StringBuilder(Convert.ToString(m_ints[--i], 2)); + while (--i >= 0) + { + string s = Convert.ToString(m_ints[i], 2); + + // Add leading zeroes, except for highest significant word + int len = s.Length; + if (len < 64) + { + sb.Append(ZEROES.Substring(len)); + } + + sb.Append(s); + } + return sb.ToString(); + } + } +} diff --git a/BouncyCastle/crypto/src/math/ec/ScaleXNegateYPointMap.cs b/BouncyCastle/crypto/src/math/ec/ScaleXNegateYPointMap.cs new file mode 100644 index 0000000..b0466a6 --- /dev/null +++ b/BouncyCastle/crypto/src/math/ec/ScaleXNegateYPointMap.cs @@ -0,0 +1,20 @@ +using System; + +namespace Org.BouncyCastle.Math.EC +{ + public class ScaleXNegateYPointMap + : ECPointMap + { + protected readonly ECFieldElement scale; + + public ScaleXNegateYPointMap(ECFieldElement scale) + { + this.scale = scale; + } + + public virtual ECPoint Map(ECPoint p) + { + return p.ScaleXNegateY(scale); + } + } +} diff --git a/BouncyCastle/crypto/src/math/ec/ScaleXPointMap.cs b/BouncyCastle/crypto/src/math/ec/ScaleXPointMap.cs new file mode 100644 index 0000000..f8a363b --- /dev/null +++ b/BouncyCastle/crypto/src/math/ec/ScaleXPointMap.cs @@ -0,0 +1,20 @@ +using System; + +namespace Org.BouncyCastle.Math.EC +{ + public class ScaleXPointMap + : ECPointMap + { + protected readonly ECFieldElement scale; + + public ScaleXPointMap(ECFieldElement scale) + { + this.scale = scale; + } + + public virtual ECPoint Map(ECPoint p) + { + return p.ScaleX(scale); + } + } +} diff --git a/BouncyCastle/crypto/src/math/ec/ScaleYNegateXPointMap.cs b/BouncyCastle/crypto/src/math/ec/ScaleYNegateXPointMap.cs new file mode 100644 index 0000000..6a7fed1 --- /dev/null +++ b/BouncyCastle/crypto/src/math/ec/ScaleYNegateXPointMap.cs @@ -0,0 +1,20 @@ +using System; + +namespace Org.BouncyCastle.Math.EC +{ + public class ScaleYNegateXPointMap + : ECPointMap + { + protected readonly ECFieldElement scale; + + public ScaleYNegateXPointMap(ECFieldElement scale) + { + this.scale = scale; + } + + public virtual ECPoint Map(ECPoint p) + { + return p.ScaleYNegateX(scale); + } + } +} diff --git a/BouncyCastle/crypto/src/math/ec/ScaleYPointMap.cs b/BouncyCastle/crypto/src/math/ec/ScaleYPointMap.cs new file mode 100644 index 0000000..1c4795b --- /dev/null +++ b/BouncyCastle/crypto/src/math/ec/ScaleYPointMap.cs @@ -0,0 +1,20 @@ +using System; + +namespace Org.BouncyCastle.Math.EC +{ + public class ScaleYPointMap + : ECPointMap + { + protected readonly ECFieldElement scale; + + public ScaleYPointMap(ECFieldElement scale) + { + this.scale = scale; + } + + public virtual ECPoint Map(ECPoint p) + { + return p.ScaleY(scale); + } + } +} diff --git a/BouncyCastle/crypto/src/math/ec/SimpleLookupTable.cs b/BouncyCastle/crypto/src/math/ec/SimpleLookupTable.cs new file mode 100644 index 0000000..ed300ba --- /dev/null +++ b/BouncyCastle/crypto/src/math/ec/SimpleLookupTable.cs @@ -0,0 +1,40 @@ +using System; + +namespace Org.BouncyCastle.Math.EC +{ + public class SimpleLookupTable + : AbstractECLookupTable + { + private static ECPoint[] Copy(ECPoint[] points, int off, int len) + { + ECPoint[] result = new ECPoint[len]; + for (int i = 0; i < len; ++i) + { + result[i] = points[off + i]; + } + return result; + } + + private readonly ECPoint[] points; + + public SimpleLookupTable(ECPoint[] points, int off, int len) + { + this.points = Copy(points, off, len); + } + + public override int Size + { + get { return points.Length; } + } + + public override ECPoint Lookup(int index) + { + throw new NotSupportedException("Constant-time lookup not supported"); + } + + public override ECPoint LookupVar(int index) + { + return points[index]; + } + } +} diff --git a/BouncyCastle/crypto/src/math/ec/abc/SimpleBigDecimal.cs b/BouncyCastle/crypto/src/math/ec/abc/SimpleBigDecimal.cs new file mode 100644 index 0000000..d5664db --- /dev/null +++ b/BouncyCastle/crypto/src/math/ec/abc/SimpleBigDecimal.cs @@ -0,0 +1,241 @@ +using System; +using System.Text; + +namespace Org.BouncyCastle.Math.EC.Abc +{ + /** + * Class representing a simple version of a big decimal. A + * SimpleBigDecimal is basically a + * {@link java.math.BigInteger BigInteger} with a few digits on the right of + * the decimal point. The number of (binary) digits on the right of the decimal + * point is called the scale of the SimpleBigDecimal. + * Unlike in {@link java.math.BigDecimal BigDecimal}, the scale is not adjusted + * automatically, but must be set manually. All SimpleBigDecimals + * taking part in the same arithmetic operation must have equal scale. The + * result of a multiplication of two SimpleBigDecimals returns a + * SimpleBigDecimal with double scale. + */ + internal class SimpleBigDecimal + // : Number + { + // private static final long serialVersionUID = 1L; + + private readonly BigInteger bigInt; + private readonly int scale; + + /** + * Returns a SimpleBigDecimal representing the same numerical + * value as value. + * @param value The value of the SimpleBigDecimal to be + * created. + * @param scale The scale of the SimpleBigDecimal to be + * created. + * @return The such created SimpleBigDecimal. + */ + public static SimpleBigDecimal GetInstance(BigInteger val, int scale) + { + return new SimpleBigDecimal(val.ShiftLeft(scale), scale); + } + + /** + * Constructor for SimpleBigDecimal. The value of the + * constructed SimpleBigDecimal Equals bigInt / + * 2scale. + * @param bigInt The bigInt value parameter. + * @param scale The scale of the constructed SimpleBigDecimal. + */ + public SimpleBigDecimal(BigInteger bigInt, int scale) + { + if (scale < 0) + throw new ArgumentException("scale may not be negative"); + + this.bigInt = bigInt; + this.scale = scale; + } + + private SimpleBigDecimal(SimpleBigDecimal limBigDec) + { + bigInt = limBigDec.bigInt; + scale = limBigDec.scale; + } + + private void CheckScale(SimpleBigDecimal b) + { + if (scale != b.scale) + throw new ArgumentException("Only SimpleBigDecimal of same scale allowed in arithmetic operations"); + } + + public SimpleBigDecimal AdjustScale(int newScale) + { + if (newScale < 0) + throw new ArgumentException("scale may not be negative"); + + if (newScale == scale) + return this; + + return new SimpleBigDecimal(bigInt.ShiftLeft(newScale - scale), newScale); + } + + public SimpleBigDecimal Add(SimpleBigDecimal b) + { + CheckScale(b); + return new SimpleBigDecimal(bigInt.Add(b.bigInt), scale); + } + + public SimpleBigDecimal Add(BigInteger b) + { + return new SimpleBigDecimal(bigInt.Add(b.ShiftLeft(scale)), scale); + } + + public SimpleBigDecimal Negate() + { + return new SimpleBigDecimal(bigInt.Negate(), scale); + } + + public SimpleBigDecimal Subtract(SimpleBigDecimal b) + { + return Add(b.Negate()); + } + + public SimpleBigDecimal Subtract(BigInteger b) + { + return new SimpleBigDecimal(bigInt.Subtract(b.ShiftLeft(scale)), scale); + } + + public SimpleBigDecimal Multiply(SimpleBigDecimal b) + { + CheckScale(b); + return new SimpleBigDecimal(bigInt.Multiply(b.bigInt), scale + scale); + } + + public SimpleBigDecimal Multiply(BigInteger b) + { + return new SimpleBigDecimal(bigInt.Multiply(b), scale); + } + + public SimpleBigDecimal Divide(SimpleBigDecimal b) + { + CheckScale(b); + BigInteger dividend = bigInt.ShiftLeft(scale); + return new SimpleBigDecimal(dividend.Divide(b.bigInt), scale); + } + + public SimpleBigDecimal Divide(BigInteger b) + { + return new SimpleBigDecimal(bigInt.Divide(b), scale); + } + + public SimpleBigDecimal ShiftLeft(int n) + { + return new SimpleBigDecimal(bigInt.ShiftLeft(n), scale); + } + + public int CompareTo(SimpleBigDecimal val) + { + CheckScale(val); + return bigInt.CompareTo(val.bigInt); + } + + public int CompareTo(BigInteger val) + { + return bigInt.CompareTo(val.ShiftLeft(scale)); + } + + public BigInteger Floor() + { + return bigInt.ShiftRight(scale); + } + + public BigInteger Round() + { + SimpleBigDecimal oneHalf = new SimpleBigDecimal(BigInteger.One, 1); + return Add(oneHalf.AdjustScale(scale)).Floor(); + } + + public int IntValue + { + get { return Floor().IntValue; } + } + + public long LongValue + { + get { return Floor().LongValue; } + } + +// public double doubleValue() +// { +// return new Double(ToString()).doubleValue(); +// } +// +// public float floatValue() +// { +// return new Float(ToString()).floatValue(); +// } + + public int Scale + { + get { return scale; } + } + + public override string ToString() + { + if (scale == 0) + return bigInt.ToString(); + + BigInteger floorBigInt = Floor(); + + BigInteger fract = bigInt.Subtract(floorBigInt.ShiftLeft(scale)); + if (bigInt.SignValue < 0) + { + fract = BigInteger.One.ShiftLeft(scale).Subtract(fract); + } + + if ((floorBigInt.SignValue == -1) && (!(fract.Equals(BigInteger.Zero)))) + { + floorBigInt = floorBigInt.Add(BigInteger.One); + } + string leftOfPoint = floorBigInt.ToString(); + + char[] fractCharArr = new char[scale]; + string fractStr = fract.ToString(2); + int fractLen = fractStr.Length; + int zeroes = scale - fractLen; + for (int i = 0; i < zeroes; i++) + { + fractCharArr[i] = '0'; + } + for (int j = 0; j < fractLen; j++) + { + fractCharArr[zeroes + j] = fractStr[j]; + } + string rightOfPoint = new string(fractCharArr); + + StringBuilder sb = new StringBuilder(leftOfPoint); + sb.Append("."); + sb.Append(rightOfPoint); + + return sb.ToString(); + } + + public override bool Equals( + object obj) + { + if (this == obj) + return true; + + SimpleBigDecimal other = obj as SimpleBigDecimal; + + if (other == null) + return false; + + return bigInt.Equals(other.bigInt) + && scale == other.scale; + } + + public override int GetHashCode() + { + return bigInt.GetHashCode() ^ scale; + } + + } +} diff --git a/BouncyCastle/crypto/src/math/ec/abc/Tnaf.cs b/BouncyCastle/crypto/src/math/ec/abc/Tnaf.cs new file mode 100644 index 0000000..b6e792a --- /dev/null +++ b/BouncyCastle/crypto/src/math/ec/abc/Tnaf.cs @@ -0,0 +1,845 @@ +using System; + +namespace Org.BouncyCastle.Math.EC.Abc +{ + /** + * Class holding methods for point multiplication based on the window + * τ-adic nonadjacent form (WTNAF). The algorithms are based on the + * paper "Improved Algorithms for Arithmetic on Anomalous Binary Curves" + * by Jerome A. Solinas. The paper first appeared in the Proceedings of + * Crypto 1997. + */ + internal class Tnaf + { + private static readonly BigInteger MinusOne = BigInteger.One.Negate(); + private static readonly BigInteger MinusTwo = BigInteger.Two.Negate(); + private static readonly BigInteger MinusThree = BigInteger.Three.Negate(); + private static readonly BigInteger Four = BigInteger.ValueOf(4); + + /** + * The window width of WTNAF. The standard value of 4 is slightly less + * than optimal for running time, but keeps space requirements for + * precomputation low. For typical curves, a value of 5 or 6 results in + * a better running time. When changing this value, the + * αu's must be computed differently, see + * e.g. "Guide to Elliptic Curve Cryptography", Darrel Hankerson, + * Alfred Menezes, Scott Vanstone, Springer-Verlag New York Inc., 2004, + * p. 121-122 + */ + public const sbyte Width = 4; + + /** + * 24 + */ + public const sbyte Pow2Width = 16; + + /** + * The αu's for a=0 as an array + * of ZTauElements. + */ + public static readonly ZTauElement[] Alpha0 = + { + null, + new ZTauElement(BigInteger.One, BigInteger.Zero), null, + new ZTauElement(MinusThree, MinusOne), null, + new ZTauElement(MinusOne, MinusOne), null, + new ZTauElement(BigInteger.One, MinusOne), null + }; + + /** + * The αu's for a=0 as an array + * of TNAFs. + */ + public static readonly sbyte[][] Alpha0Tnaf = + { + null, new sbyte[]{1}, null, new sbyte[]{-1, 0, 1}, null, new sbyte[]{1, 0, 1}, null, new sbyte[]{-1, 0, 0, 1} + }; + + /** + * The αu's for a=1 as an array + * of ZTauElements. + */ + public static readonly ZTauElement[] Alpha1 = + { + null, + new ZTauElement(BigInteger.One, BigInteger.Zero), null, + new ZTauElement(MinusThree, BigInteger.One), null, + new ZTauElement(MinusOne, BigInteger.One), null, + new ZTauElement(BigInteger.One, BigInteger.One), null + }; + + /** + * The αu's for a=1 as an array + * of TNAFs. + */ + public static readonly sbyte[][] Alpha1Tnaf = + { + null, new sbyte[]{1}, null, new sbyte[]{-1, 0, 1}, null, new sbyte[]{1, 0, 1}, null, new sbyte[]{-1, 0, 0, -1} + }; + + /** + * Computes the norm of an element λ of + * Z[τ]. + * @param mu The parameter μ of the elliptic curve. + * @param lambda The element λ of + * Z[τ]. + * @return The norm of λ. + */ + public static BigInteger Norm(sbyte mu, ZTauElement lambda) + { + BigInteger norm; + + // s1 = u^2 + BigInteger s1 = lambda.u.Multiply(lambda.u); + + // s2 = u * v + BigInteger s2 = lambda.u.Multiply(lambda.v); + + // s3 = 2 * v^2 + BigInteger s3 = lambda.v.Multiply(lambda.v).ShiftLeft(1); + + if (mu == 1) + { + norm = s1.Add(s2).Add(s3); + } + else if (mu == -1) + { + norm = s1.Subtract(s2).Add(s3); + } + else + { + throw new ArgumentException("mu must be 1 or -1"); + } + + return norm; + } + + /** + * Computes the norm of an element λ of + * R[τ], where λ = u + vτ + * and u and u are real numbers (elements of + * R). + * @param mu The parameter μ of the elliptic curve. + * @param u The real part of the element λ of + * R[τ]. + * @param v The τ-adic part of the element + * λ of R[τ]. + * @return The norm of λ. + */ + public static SimpleBigDecimal Norm(sbyte mu, SimpleBigDecimal u, SimpleBigDecimal v) + { + SimpleBigDecimal norm; + + // s1 = u^2 + SimpleBigDecimal s1 = u.Multiply(u); + + // s2 = u * v + SimpleBigDecimal s2 = u.Multiply(v); + + // s3 = 2 * v^2 + SimpleBigDecimal s3 = v.Multiply(v).ShiftLeft(1); + + if (mu == 1) + { + norm = s1.Add(s2).Add(s3); + } + else if (mu == -1) + { + norm = s1.Subtract(s2).Add(s3); + } + else + { + throw new ArgumentException("mu must be 1 or -1"); + } + + return norm; + } + + /** + * Rounds an element λ of R[τ] + * to an element of Z[τ], such that their difference + * has minimal norm. λ is given as + * λ = λ0 + λ1τ. + * @param lambda0 The component λ0. + * @param lambda1 The component λ1. + * @param mu The parameter μ of the elliptic curve. Must + * equal 1 or -1. + * @return The rounded element of Z[τ]. + * @throws ArgumentException if lambda0 and + * lambda1 do not have same scale. + */ + public static ZTauElement Round(SimpleBigDecimal lambda0, + SimpleBigDecimal lambda1, sbyte mu) + { + int scale = lambda0.Scale; + if (lambda1.Scale != scale) + throw new ArgumentException("lambda0 and lambda1 do not have same scale"); + + if (!((mu == 1) || (mu == -1))) + throw new ArgumentException("mu must be 1 or -1"); + + BigInteger f0 = lambda0.Round(); + BigInteger f1 = lambda1.Round(); + + SimpleBigDecimal eta0 = lambda0.Subtract(f0); + SimpleBigDecimal eta1 = lambda1.Subtract(f1); + + // eta = 2*eta0 + mu*eta1 + SimpleBigDecimal eta = eta0.Add(eta0); + if (mu == 1) + { + eta = eta.Add(eta1); + } + else + { + // mu == -1 + eta = eta.Subtract(eta1); + } + + // check1 = eta0 - 3*mu*eta1 + // check2 = eta0 + 4*mu*eta1 + SimpleBigDecimal threeEta1 = eta1.Add(eta1).Add(eta1); + SimpleBigDecimal fourEta1 = threeEta1.Add(eta1); + SimpleBigDecimal check1; + SimpleBigDecimal check2; + if (mu == 1) + { + check1 = eta0.Subtract(threeEta1); + check2 = eta0.Add(fourEta1); + } + else + { + // mu == -1 + check1 = eta0.Add(threeEta1); + check2 = eta0.Subtract(fourEta1); + } + + sbyte h0 = 0; + sbyte h1 = 0; + + // if eta >= 1 + if (eta.CompareTo(BigInteger.One) >= 0) + { + if (check1.CompareTo(MinusOne) < 0) + { + h1 = mu; + } + else + { + h0 = 1; + } + } + else + { + // eta < 1 + if (check2.CompareTo(BigInteger.Two) >= 0) + { + h1 = mu; + } + } + + // if eta < -1 + if (eta.CompareTo(MinusOne) < 0) + { + if (check1.CompareTo(BigInteger.One) >= 0) + { + h1 = (sbyte)-mu; + } + else + { + h0 = -1; + } + } + else + { + // eta >= -1 + if (check2.CompareTo(MinusTwo) < 0) + { + h1 = (sbyte)-mu; + } + } + + BigInteger q0 = f0.Add(BigInteger.ValueOf(h0)); + BigInteger q1 = f1.Add(BigInteger.ValueOf(h1)); + return new ZTauElement(q0, q1); + } + + /** + * Approximate division by n. For an integer + * k, the value λ = s k / n is + * computed to c bits of accuracy. + * @param k The parameter k. + * @param s The curve parameter s0 or + * s1. + * @param vm The Lucas Sequence element Vm. + * @param a The parameter a of the elliptic curve. + * @param m The bit length of the finite field + * Fm. + * @param c The number of bits of accuracy, i.e. the scale of the returned + * SimpleBigDecimal. + * @return The value λ = s k / n computed to + * c bits of accuracy. + */ + public static SimpleBigDecimal ApproximateDivisionByN(BigInteger k, + BigInteger s, BigInteger vm, sbyte a, int m, int c) + { + int _k = (m + 5)/2 + c; + BigInteger ns = k.ShiftRight(m - _k - 2 + a); + + BigInteger gs = s.Multiply(ns); + + BigInteger hs = gs.ShiftRight(m); + + BigInteger js = vm.Multiply(hs); + + BigInteger gsPlusJs = gs.Add(js); + BigInteger ls = gsPlusJs.ShiftRight(_k-c); + if (gsPlusJs.TestBit(_k-c-1)) + { + // round up + ls = ls.Add(BigInteger.One); + } + + return new SimpleBigDecimal(ls, c); + } + + /** + * Computes the τ-adic NAF (non-adjacent form) of an + * element λ of Z[τ]. + * @param mu The parameter μ of the elliptic curve. + * @param lambda The element λ of + * Z[τ]. + * @return The τ-adic NAF of λ. + */ + public static sbyte[] TauAdicNaf(sbyte mu, ZTauElement lambda) + { + if (!((mu == 1) || (mu == -1))) + throw new ArgumentException("mu must be 1 or -1"); + + BigInteger norm = Norm(mu, lambda); + + // Ceiling of log2 of the norm + int log2Norm = norm.BitLength; + + // If length(TNAF) > 30, then length(TNAF) < log2Norm + 3.52 + int maxLength = log2Norm > 30 ? log2Norm + 4 : 34; + + // The array holding the TNAF + sbyte[] u = new sbyte[maxLength]; + int i = 0; + + // The actual length of the TNAF + int length = 0; + + BigInteger r0 = lambda.u; + BigInteger r1 = lambda.v; + + while(!((r0.Equals(BigInteger.Zero)) && (r1.Equals(BigInteger.Zero)))) + { + // If r0 is odd + if (r0.TestBit(0)) + { + u[i] = (sbyte) BigInteger.Two.Subtract((r0.Subtract(r1.ShiftLeft(1))).Mod(Four)).IntValue; + + // r0 = r0 - u[i] + if (u[i] == 1) + { + r0 = r0.ClearBit(0); + } + else + { + // u[i] == -1 + r0 = r0.Add(BigInteger.One); + } + length = i; + } + else + { + u[i] = 0; + } + + BigInteger t = r0; + BigInteger s = r0.ShiftRight(1); + if (mu == 1) + { + r0 = r1.Add(s); + } + else + { + // mu == -1 + r0 = r1.Subtract(s); + } + + r1 = t.ShiftRight(1).Negate(); + i++; + } + + length++; + + // Reduce the TNAF array to its actual length + sbyte[] tnaf = new sbyte[length]; + Array.Copy(u, 0, tnaf, 0, length); + return tnaf; + } + + /** + * Applies the operation τ() to an + * AbstractF2mPoint. + * @param p The AbstractF2mPoint to which τ() is applied. + * @return τ(p) + */ + public static AbstractF2mPoint Tau(AbstractF2mPoint p) + { + return p.Tau(); + } + + /** + * Returns the parameter μ of the elliptic curve. + * @param curve The elliptic curve from which to obtain μ. + * The curve must be a Koblitz curve, i.e. a Equals + * 0 or 1 and b Equals + * 1. + * @return μ of the elliptic curve. + * @throws ArgumentException if the given ECCurve is not a Koblitz + * curve. + */ + public static sbyte GetMu(AbstractF2mCurve curve) + { + BigInteger a = curve.A.ToBigInteger(); + + sbyte mu; + if (a.SignValue == 0) + { + mu = -1; + } + else if (a.Equals(BigInteger.One)) + { + mu = 1; + } + else + { + throw new ArgumentException("No Koblitz curve (ABC), TNAF multiplication not possible"); + } + return mu; + } + + public static sbyte GetMu(ECFieldElement curveA) + { + return (sbyte)(curveA.IsZero ? -1 : 1); + } + + public static sbyte GetMu(int curveA) + { + return (sbyte)(curveA == 0 ? -1 : 1); + } + + /** + * Calculates the Lucas Sequence elements Uk-1 and + * Uk or Vk-1 and + * Vk. + * @param mu The parameter μ of the elliptic curve. + * @param k The index of the second element of the Lucas Sequence to be + * returned. + * @param doV If set to true, computes Vk-1 and + * Vk, otherwise Uk-1 and + * Uk. + * @return An array with 2 elements, containing Uk-1 + * and Uk or Vk-1 + * and Vk. + */ + public static BigInteger[] GetLucas(sbyte mu, int k, bool doV) + { + if (!(mu == 1 || mu == -1)) + throw new ArgumentException("mu must be 1 or -1"); + + BigInteger u0; + BigInteger u1; + BigInteger u2; + + if (doV) + { + u0 = BigInteger.Two; + u1 = BigInteger.ValueOf(mu); + } + else + { + u0 = BigInteger.Zero; + u1 = BigInteger.One; + } + + for (int i = 1; i < k; i++) + { + // u2 = mu*u1 - 2*u0; + BigInteger s = null; + if (mu == 1) + { + s = u1; + } + else + { + // mu == -1 + s = u1.Negate(); + } + + u2 = s.Subtract(u0.ShiftLeft(1)); + u0 = u1; + u1 = u2; + // System.out.println(i + ": " + u2); + // System.out.println(); + } + + BigInteger[] retVal = {u0, u1}; + return retVal; + } + + /** + * Computes the auxiliary value tw. If the width is + * 4, then for mu = 1, tw = 6 and for + * mu = -1, tw = 10 + * @param mu The parameter μ of the elliptic curve. + * @param w The window width of the WTNAF. + * @return the auxiliary value tw + */ + public static BigInteger GetTw(sbyte mu, int w) + { + if (w == 4) + { + if (mu == 1) + { + return BigInteger.ValueOf(6); + } + else + { + // mu == -1 + return BigInteger.ValueOf(10); + } + } + else + { + // For w <> 4, the values must be computed + BigInteger[] us = GetLucas(mu, w, false); + BigInteger twoToW = BigInteger.Zero.SetBit(w); + BigInteger u1invert = us[1].ModInverse(twoToW); + BigInteger tw; + tw = BigInteger.Two.Multiply(us[0]).Multiply(u1invert).Mod(twoToW); + //System.out.println("mu = " + mu); + //System.out.println("tw = " + tw); + return tw; + } + } + + /** + * Computes the auxiliary values s0 and + * s1 used for partial modular reduction. + * @param curve The elliptic curve for which to compute + * s0 and s1. + * @throws ArgumentException if curve is not a + * Koblitz curve (Anomalous Binary Curve, ABC). + */ + public static BigInteger[] GetSi(AbstractF2mCurve curve) + { + if (!curve.IsKoblitz) + throw new ArgumentException("si is defined for Koblitz curves only"); + + int m = curve.FieldSize; + int a = curve.A.ToBigInteger().IntValue; + sbyte mu = GetMu(a); + int shifts = GetShiftsForCofactor(curve.Cofactor); + int index = m + 3 - a; + BigInteger[] ui = GetLucas(mu, index, false); + + if (mu == 1) + { + ui[0] = ui[0].Negate(); + ui[1] = ui[1].Negate(); + } + + BigInteger dividend0 = BigInteger.One.Add(ui[1]).ShiftRight(shifts); + BigInteger dividend1 = BigInteger.One.Add(ui[0]).ShiftRight(shifts).Negate(); + + return new BigInteger[] { dividend0, dividend1 }; + } + + public static BigInteger[] GetSi(int fieldSize, int curveA, BigInteger cofactor) + { + sbyte mu = GetMu(curveA); + int shifts = GetShiftsForCofactor(cofactor); + int index = fieldSize + 3 - curveA; + BigInteger[] ui = GetLucas(mu, index, false); + if (mu == 1) + { + ui[0] = ui[0].Negate(); + ui[1] = ui[1].Negate(); + } + + BigInteger dividend0 = BigInteger.One.Add(ui[1]).ShiftRight(shifts); + BigInteger dividend1 = BigInteger.One.Add(ui[0]).ShiftRight(shifts).Negate(); + + return new BigInteger[] { dividend0, dividend1 }; + } + + protected static int GetShiftsForCofactor(BigInteger h) + { + if (h != null && h.BitLength < 4) + { + int hi = h.IntValue; + if (hi == 2) + return 1; + if (hi == 4) + return 2; + } + + throw new ArgumentException("h (Cofactor) must be 2 or 4"); + } + + /** + * Partial modular reduction modulo + * m - 1)/(τ - 1). + * @param k The integer to be reduced. + * @param m The bitlength of the underlying finite field. + * @param a The parameter a of the elliptic curve. + * @param s The auxiliary values s0 and + * s1. + * @param mu The parameter μ of the elliptic curve. + * @param c The precision (number of bits of accuracy) of the partial + * modular reduction. + * @return ρ := k partmod (τm - 1)/(τ - 1) + */ + public static ZTauElement PartModReduction(BigInteger k, int m, sbyte a, + BigInteger[] s, sbyte mu, sbyte c) + { + // d0 = s[0] + mu*s[1]; mu is either 1 or -1 + BigInteger d0; + if (mu == 1) + { + d0 = s[0].Add(s[1]); + } + else + { + d0 = s[0].Subtract(s[1]); + } + + BigInteger[] v = GetLucas(mu, m, true); + BigInteger vm = v[1]; + + SimpleBigDecimal lambda0 = ApproximateDivisionByN( + k, s[0], vm, a, m, c); + + SimpleBigDecimal lambda1 = ApproximateDivisionByN( + k, s[1], vm, a, m, c); + + ZTauElement q = Round(lambda0, lambda1, mu); + + // r0 = n - d0*q0 - 2*s1*q1 + BigInteger r0 = k.Subtract(d0.Multiply(q.u)).Subtract( + BigInteger.ValueOf(2).Multiply(s[1]).Multiply(q.v)); + + // r1 = s1*q0 - s0*q1 + BigInteger r1 = s[1].Multiply(q.u).Subtract(s[0].Multiply(q.v)); + + return new ZTauElement(r0, r1); + } + + /** + * Multiplies a {@link org.bouncycastle.math.ec.AbstractF2mPoint AbstractF2mPoint} + * by a BigInteger using the reduced τ-adic + * NAF (RTNAF) method. + * @param p The AbstractF2mPoint to Multiply. + * @param k The BigInteger by which to Multiply p. + * @return k * p + */ + public static AbstractF2mPoint MultiplyRTnaf(AbstractF2mPoint p, BigInteger k) + { + AbstractF2mCurve curve = (AbstractF2mCurve)p.Curve; + int m = curve.FieldSize; + int a = curve.A.ToBigInteger().IntValue; + sbyte mu = GetMu(a); + BigInteger[] s = curve.GetSi(); + ZTauElement rho = PartModReduction(k, m, (sbyte)a, s, mu, (sbyte)10); + + return MultiplyTnaf(p, rho); + } + + /** + * Multiplies a {@link org.bouncycastle.math.ec.AbstractF2mPoint AbstractF2mPoint} + * by an element λ of Z[τ] + * using the τ-adic NAF (TNAF) method. + * @param p The AbstractF2mPoint to Multiply. + * @param lambda The element λ of + * Z[τ]. + * @return λ * p + */ + public static AbstractF2mPoint MultiplyTnaf(AbstractF2mPoint p, ZTauElement lambda) + { + AbstractF2mCurve curve = (AbstractF2mCurve)p.Curve; + sbyte mu = GetMu(curve.A); + sbyte[] u = TauAdicNaf(mu, lambda); + + AbstractF2mPoint q = MultiplyFromTnaf(p, u); + + return q; + } + + /** + * Multiplies a {@link org.bouncycastle.math.ec.AbstractF2mPoint AbstractF2mPoint} + * by an element λ of Z[τ] + * using the τ-adic NAF (TNAF) method, given the TNAF + * of λ. + * @param p The AbstractF2mPoint to Multiply. + * @param u The the TNAF of λ.. + * @return λ * p + */ + public static AbstractF2mPoint MultiplyFromTnaf(AbstractF2mPoint p, sbyte[] u) + { + ECCurve curve = p.Curve; + AbstractF2mPoint q = (AbstractF2mPoint)curve.Infinity; + AbstractF2mPoint pNeg = (AbstractF2mPoint)p.Negate(); + int tauCount = 0; + for (int i = u.Length - 1; i >= 0; i--) + { + ++tauCount; + sbyte ui = u[i]; + if (ui != 0) + { + q = q.TauPow(tauCount); + tauCount = 0; + + ECPoint x = ui > 0 ? p : pNeg; + q = (AbstractF2mPoint)q.Add(x); + } + } + if (tauCount > 0) + { + q = q.TauPow(tauCount); + } + return q; + } + + /** + * Computes the [τ]-adic window NAF of an element + * λ of Z[τ]. + * @param mu The parameter μ of the elliptic curve. + * @param lambda The element λ of + * Z[τ] of which to compute the + * [τ]-adic NAF. + * @param width The window width of the resulting WNAF. + * @param pow2w 2width. + * @param tw The auxiliary value tw. + * @param alpha The αu's for the window width. + * @return The [τ]-adic window NAF of + * λ. + */ + public static sbyte[] TauAdicWNaf(sbyte mu, ZTauElement lambda, + sbyte width, BigInteger pow2w, BigInteger tw, ZTauElement[] alpha) + { + if (!((mu == 1) || (mu == -1))) + throw new ArgumentException("mu must be 1 or -1"); + + BigInteger norm = Norm(mu, lambda); + + // Ceiling of log2 of the norm + int log2Norm = norm.BitLength; + + // If length(TNAF) > 30, then length(TNAF) < log2Norm + 3.52 + int maxLength = log2Norm > 30 ? log2Norm + 4 + width : 34 + width; + + // The array holding the TNAF + sbyte[] u = new sbyte[maxLength]; + + // 2^(width - 1) + BigInteger pow2wMin1 = pow2w.ShiftRight(1); + + // Split lambda into two BigIntegers to simplify calculations + BigInteger r0 = lambda.u; + BigInteger r1 = lambda.v; + int i = 0; + + // while lambda <> (0, 0) + while (!((r0.Equals(BigInteger.Zero))&&(r1.Equals(BigInteger.Zero)))) + { + // if r0 is odd + if (r0.TestBit(0)) + { + // uUnMod = r0 + r1*tw Mod 2^width + BigInteger uUnMod + = r0.Add(r1.Multiply(tw)).Mod(pow2w); + + sbyte uLocal; + // if uUnMod >= 2^(width - 1) + if (uUnMod.CompareTo(pow2wMin1) >= 0) + { + uLocal = (sbyte) uUnMod.Subtract(pow2w).IntValue; + } + else + { + uLocal = (sbyte) uUnMod.IntValue; + } + // uLocal is now in [-2^(width-1), 2^(width-1)-1] + + u[i] = uLocal; + bool s = true; + if (uLocal < 0) + { + s = false; + uLocal = (sbyte)-uLocal; + } + // uLocal is now >= 0 + + if (s) + { + r0 = r0.Subtract(alpha[uLocal].u); + r1 = r1.Subtract(alpha[uLocal].v); + } + else + { + r0 = r0.Add(alpha[uLocal].u); + r1 = r1.Add(alpha[uLocal].v); + } + } + else + { + u[i] = 0; + } + + BigInteger t = r0; + + if (mu == 1) + { + r0 = r1.Add(r0.ShiftRight(1)); + } + else + { + // mu == -1 + r0 = r1.Subtract(r0.ShiftRight(1)); + } + r1 = t.ShiftRight(1).Negate(); + i++; + } + return u; + } + + /** + * Does the precomputation for WTNAF multiplication. + * @param p The ECPoint for which to do the precomputation. + * @param a The parameter a of the elliptic curve. + * @return The precomputation array for p. + */ + public static AbstractF2mPoint[] GetPreComp(AbstractF2mPoint p, sbyte a) + { + sbyte[][] alphaTnaf = (a == 0) ? Tnaf.Alpha0Tnaf : Tnaf.Alpha1Tnaf; + + AbstractF2mPoint[] pu = new AbstractF2mPoint[(uint)(alphaTnaf.Length + 1) >> 1]; + pu[0] = p; + + uint precompLen = (uint)alphaTnaf.Length; + for (uint i = 3; i < precompLen; i += 2) + { + pu[i >> 1] = Tnaf.MultiplyFromTnaf(p, alphaTnaf[i]); + } + + p.Curve.NormalizeAll(pu); + + return pu; + } + } +} diff --git a/BouncyCastle/crypto/src/math/ec/abc/ZTauElement.cs b/BouncyCastle/crypto/src/math/ec/abc/ZTauElement.cs new file mode 100644 index 0000000..4fcbf1b --- /dev/null +++ b/BouncyCastle/crypto/src/math/ec/abc/ZTauElement.cs @@ -0,0 +1,36 @@ +namespace Org.BouncyCastle.Math.EC.Abc +{ + /** + * Class representing an element of Z[τ]. Let + * λ be an element of Z[τ]. Then + * λ is given as λ = u + vτ. The + * components u and v may be used directly, there + * are no accessor methods. + * Immutable class. + */ + internal class ZTauElement + { + /** + * The "real" part of λ. + */ + public readonly BigInteger u; + + /** + * The "τ-adic" part of λ. + */ + public readonly BigInteger v; + + /** + * Constructor for an element λ of + * Z[τ]. + * @param u The "real" part of λ. + * @param v The "τ-adic" part of + * λ. + */ + public ZTauElement(BigInteger u, BigInteger v) + { + this.u = u; + this.v = v; + } + } +} diff --git a/BouncyCastle/crypto/src/math/ec/custom/djb/Curve25519.cs b/BouncyCastle/crypto/src/math/ec/custom/djb/Curve25519.cs new file mode 100644 index 0000000..2566af0 --- /dev/null +++ b/BouncyCastle/crypto/src/math/ec/custom/djb/Curve25519.cs @@ -0,0 +1,171 @@ +using System; + +using Org.BouncyCastle.Math.Raw; +using Org.BouncyCastle.Security; +using Org.BouncyCastle.Utilities.Encoders; + +namespace Org.BouncyCastle.Math.EC.Custom.Djb +{ + internal class Curve25519 + : AbstractFpCurve + { + public static readonly BigInteger q = Curve25519FieldElement.Q; + + private static readonly BigInteger C_a = new BigInteger(1, Hex.DecodeStrict("2AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA984914A144")); + private static readonly BigInteger C_b = new BigInteger(1, Hex.DecodeStrict("7B425ED097B425ED097B425ED097B425ED097B425ED097B4260B5E9C7710C864")); + + private const int CURVE25519_DEFAULT_COORDS = COORD_JACOBIAN_MODIFIED; + private const int CURVE25519_FE_INTS = 8; + private static readonly ECFieldElement[] CURVE25519_AFFINE_ZS = new ECFieldElement[] { + new Curve25519FieldElement(BigInteger.One), new Curve25519FieldElement(C_a) }; + protected readonly Curve25519Point m_infinity; + + public Curve25519() + : base(q) + { + this.m_infinity = new Curve25519Point(this, null, null); + + this.m_a = FromBigInteger(C_a); + this.m_b = FromBigInteger(C_b); + this.m_order = new BigInteger(1, Hex.DecodeStrict("1000000000000000000000000000000014DEF9DEA2F79CD65812631A5CF5D3ED")); + this.m_cofactor = BigInteger.ValueOf(8); + this.m_coord = CURVE25519_DEFAULT_COORDS; + } + + protected override ECCurve CloneCurve() + { + return new Curve25519(); + } + + public override bool SupportsCoordinateSystem(int coord) + { + switch (coord) + { + case COORD_JACOBIAN_MODIFIED: + return true; + default: + return false; + } + } + + public virtual BigInteger Q + { + get { return q; } + } + + public override ECPoint Infinity + { + get { return m_infinity; } + } + + public override int FieldSize + { + get { return q.BitLength; } + } + + public override ECFieldElement FromBigInteger(BigInteger x) + { + return new Curve25519FieldElement(x); + } + + protected internal override ECPoint CreateRawPoint(ECFieldElement x, ECFieldElement y, bool withCompression) + { + return new Curve25519Point(this, x, y, withCompression); + } + + protected internal override ECPoint CreateRawPoint(ECFieldElement x, ECFieldElement y, ECFieldElement[] zs, bool withCompression) + { + return new Curve25519Point(this, x, y, zs, withCompression); + } + + public override ECLookupTable CreateCacheSafeLookupTable(ECPoint[] points, int off, int len) + { + uint[] table = new uint[len * CURVE25519_FE_INTS * 2]; + { + int pos = 0; + for (int i = 0; i < len; ++i) + { + ECPoint p = points[off + i]; + Nat256.Copy(((Curve25519FieldElement)p.RawXCoord).x, 0, table, pos); pos += CURVE25519_FE_INTS; + Nat256.Copy(((Curve25519FieldElement)p.RawYCoord).x, 0, table, pos); pos += CURVE25519_FE_INTS; + } + } + + return new Curve25519LookupTable(this, table, len); + } + + public override ECFieldElement RandomFieldElement(SecureRandom r) + { + uint[] x = Nat256.Create(); + Curve25519Field.Random(r, x); + return new Curve25519FieldElement(x); + } + + public override ECFieldElement RandomFieldElementMult(SecureRandom r) + { + uint[] x = Nat256.Create(); + Curve25519Field.RandomMult(r, x); + return new Curve25519FieldElement(x); + } + + private class Curve25519LookupTable + : AbstractECLookupTable + { + private readonly Curve25519 m_outer; + private readonly uint[] m_table; + private readonly int m_size; + + internal Curve25519LookupTable(Curve25519 outer, uint[] table, int size) + { + this.m_outer = outer; + this.m_table = table; + this.m_size = size; + } + + public override int Size + { + get { return m_size; } + } + + public override ECPoint Lookup(int index) + { + uint[] x = Nat256.Create(), y = Nat256.Create(); + int pos = 0; + + for (int i = 0; i < m_size; ++i) + { + uint MASK = (uint)(((i ^ index) - 1) >> 31); + + for (int j = 0; j < CURVE25519_FE_INTS; ++j) + { + x[j] ^= m_table[pos + j] & MASK; + y[j] ^= m_table[pos + CURVE25519_FE_INTS + j] & MASK; + } + + pos += (CURVE25519_FE_INTS * 2); + } + + return CreatePoint(x, y); + } + + public override ECPoint LookupVar(int index) + { + uint[] x = Nat256.Create(), y = Nat256.Create(); + int pos = index * CURVE25519_FE_INTS * 2; + + for (int j = 0; j < CURVE25519_FE_INTS; ++j) + { + x[j] = m_table[pos + j]; + y[j] = m_table[pos + CURVE25519_FE_INTS + j]; + } + + return CreatePoint(x, y); + } + + private ECPoint CreatePoint(uint[] x, uint[] y) + { + return m_outer.CreateRawPoint(new Curve25519FieldElement(x), new Curve25519FieldElement(y), CURVE25519_AFFINE_ZS, false); + } + } + } +} diff --git a/BouncyCastle/crypto/src/math/ec/custom/djb/Curve25519Field.cs b/BouncyCastle/crypto/src/math/ec/custom/djb/Curve25519Field.cs new file mode 100644 index 0000000..3141624 --- /dev/null +++ b/BouncyCastle/crypto/src/math/ec/custom/djb/Curve25519Field.cs @@ -0,0 +1,292 @@ +using System; +using System.Diagnostics; + +using Org.BouncyCastle.Crypto.Utilities; +using Org.BouncyCastle.Math.Raw; +using Org.BouncyCastle.Security; + +namespace Org.BouncyCastle.Math.EC.Custom.Djb +{ + internal class Curve25519Field + { + // 2^255 - 19 + internal static readonly uint[] P = new uint[]{ 0xFFFFFFED, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, + 0xFFFFFFFF, 0xFFFFFFFF, 0x7FFFFFFF }; + private const uint P7 = 0x7FFFFFFF; + private static readonly uint[] PExt = new uint[]{ 0x00000169, 0x00000000, 0x00000000, 0x00000000, 0x00000000, + 0x00000000, 0x00000000, 0x00000000, 0xFFFFFFED, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, + 0xFFFFFFFF, 0x3FFFFFFF }; + private const uint PInv = 0x13; + + public static void Add(uint[] x, uint[] y, uint[] z) + { + Nat256.Add(x, y, z); + if (Nat256.Gte(z, P)) + { + SubPFrom(z); + } + } + + public static void AddExt(uint[] xx, uint[] yy, uint[] zz) + { + Nat.Add(16, xx, yy, zz); + if (Nat.Gte(16, zz, PExt)) + { + SubPExtFrom(zz); + } + } + + public static void AddOne(uint[] x, uint[] z) + { + Nat.Inc(8, x, z); + if (Nat256.Gte(z, P)) + { + SubPFrom(z); + } + } + + public static uint[] FromBigInteger(BigInteger x) + { + uint[] z = Nat.FromBigInteger(256, x); + while (Nat256.Gte(z, P)) + { + Nat256.SubFrom(P, z); + } + return z; + } + + public static void Half(uint[] x, uint[] z) + { + if ((x[0] & 1) == 0) + { + Nat.ShiftDownBit(8, x, 0, z); + } + else + { + Nat256.Add(x, P, z); + Nat.ShiftDownBit(8, z, 0); + } + } + + public static void Inv(uint[] x, uint[] z) + { + Mod.CheckedModOddInverse(P, x, z); + } + + public static int IsZero(uint[] x) + { + uint d = 0; + for (int i = 0; i < 8; ++i) + { + d |= x[i]; + } + d = (d >> 1) | (d & 1); + return ((int)d - 1) >> 31; + } + + public static void Multiply(uint[] x, uint[] y, uint[] z) + { + uint[] tt = Nat256.CreateExt(); + Nat256.Mul(x, y, tt); + Reduce(tt, z); + } + + public static void MultiplyAddToExt(uint[] x, uint[] y, uint[] zz) + { + Nat256.MulAddTo(x, y, zz); + if (Nat.Gte(16, zz, PExt)) + { + SubPExtFrom(zz); + } + } + + public static void Negate(uint[] x, uint[] z) + { + if (0 != IsZero(x)) + { + Nat256.Sub(P, P, z); + } + else + { + Nat256.Sub(P, x, z); + } + } + + public static void Random(SecureRandom r, uint[] z) + { + byte[] bb = new byte[8 * 4]; + do + { + r.NextBytes(bb); + Pack.LE_To_UInt32(bb, 0, z, 0, 8); + z[7] &= P7; + } + while (0 == Nat.LessThan(8, z, P)); + } + + public static void RandomMult(SecureRandom r, uint[] z) + { + do + { + Random(r, z); + } + while (0 != IsZero(z)); + } + + public static void Reduce(uint[] xx, uint[] z) + { + Debug.Assert(xx[15] >> 30 == 0); + + uint xx07 = xx[7]; + Nat.ShiftUpBit(8, xx, 8, xx07, z, 0); + uint c = Nat256.MulByWordAddTo(PInv, xx, z) << 1; + uint z7 = z[7]; + c += (z7 >> 31) - (xx07 >> 31); + z7 &= P7; + z7 += Nat.AddWordTo(7, c * PInv, z); + z[7] = z7; + if (z7 >= P7 && Nat256.Gte(z, P)) + { + SubPFrom(z); + } + } + + public static void Reduce27(uint x, uint[] z) + { + Debug.Assert(x >> 26 == 0); + + uint z7 = z[7]; + uint c = (x << 1 | z7 >> 31); + z7 &= P7; + z7 += Nat.AddWordTo(7, c * PInv, z); + z[7] = z7; + if (z7 >= P7 && Nat256.Gte(z, P)) + { + SubPFrom(z); + } + } + + public static void Square(uint[] x, uint[] z) + { + uint[] tt = Nat256.CreateExt(); + Nat256.Square(x, tt); + Reduce(tt, z); + } + + public static void SquareN(uint[] x, int n, uint[] z) + { + Debug.Assert(n > 0); + + uint[] tt = Nat256.CreateExt(); + Nat256.Square(x, tt); + Reduce(tt, z); + + while (--n > 0) + { + Nat256.Square(z, tt); + Reduce(tt, z); + } + } + + public static void Subtract(uint[] x, uint[] y, uint[] z) + { + int c = Nat256.Sub(x, y, z); + if (c != 0) + { + AddPTo(z); + } + } + + public static void SubtractExt(uint[] xx, uint[] yy, uint[] zz) + { + int c = Nat.Sub(16, xx, yy, zz); + if (c != 0) + { + AddPExtTo(zz); + } + } + + public static void Twice(uint[] x, uint[] z) + { + Nat.ShiftUpBit(8, x, 0, z); + if (Nat256.Gte(z, P)) + { + SubPFrom(z); + } + } + + private static uint AddPTo(uint[] z) + { + long c = (long)z[0] - PInv; + z[0] = (uint)c; + c >>= 32; + if (c != 0) + { + c = Nat.DecAt(7, z, 1); + } + c += (long)z[7] + (P7 + 1); + z[7] = (uint)c; + c >>= 32; + return (uint)c; + } + + private static uint AddPExtTo(uint[] zz) + { + long c = (long)zz[0] + PExt[0]; + zz[0] = (uint)c; + c >>= 32; + if (c != 0) + { + c = Nat.IncAt(8, zz, 1); + } + c += (long)zz[8] - PInv; + zz[8] = (uint)c; + c >>= 32; + if (c != 0) + { + c = Nat.DecAt(15, zz, 9); + } + c += (long)zz[15] + (PExt[15] + 1); + zz[15] = (uint)c; + c >>= 32; + return (uint)c; + } + + private static int SubPFrom(uint[] z) + { + long c = (long)z[0] + PInv; + z[0] = (uint)c; + c >>= 32; + if (c != 0) + { + c = Nat.IncAt(7, z, 1); + } + c += (long)z[7] - (P7 + 1); + z[7] = (uint)c; + c >>= 32; + return (int)c; + } + + private static int SubPExtFrom(uint[] zz) + { + long c = (long)zz[0] - PExt[0]; + zz[0] = (uint)c; + c >>= 32; + if (c != 0) + { + c = Nat.DecAt(8, zz, 1); + } + c += (long)zz[8] + PInv; + zz[8] = (uint)c; + c >>= 32; + if (c != 0) + { + c = Nat.IncAt(15, zz, 9); + } + c += (long)zz[15] - (PExt[15] + 1); + zz[15] = (uint)c; + c >>= 32; + return (int)c; + } + } +} diff --git a/BouncyCastle/crypto/src/math/ec/custom/djb/Curve25519FieldElement.cs b/BouncyCastle/crypto/src/math/ec/custom/djb/Curve25519FieldElement.cs new file mode 100644 index 0000000..a550984 --- /dev/null +++ b/BouncyCastle/crypto/src/math/ec/custom/djb/Curve25519FieldElement.cs @@ -0,0 +1,233 @@ +using System; + +using Org.BouncyCastle.Math.Raw; +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Math.EC.Custom.Djb +{ + internal class Curve25519FieldElement + : AbstractFpFieldElement + { + public static readonly BigInteger Q = Nat256.ToBigInteger(Curve25519Field.P); + + // Calculated as ECConstants.TWO.modPow(Q.shiftRight(2), Q) + private static readonly uint[] PRECOMP_POW2 = new uint[]{ 0x4a0ea0b0, 0xc4ee1b27, 0xad2fe478, 0x2f431806, + 0x3dfbd7a7, 0x2b4d0099, 0x4fc1df0b, 0x2b832480 }; + + protected internal readonly uint[] x; + + public Curve25519FieldElement(BigInteger x) + { + if (x == null || x.SignValue < 0 || x.CompareTo(Q) >= 0) + throw new ArgumentException("value invalid for Curve25519FieldElement", "x"); + + this.x = Curve25519Field.FromBigInteger(x); + } + + public Curve25519FieldElement() + { + this.x = Nat256.Create(); + } + + protected internal Curve25519FieldElement(uint[] x) + { + this.x = x; + } + + public override bool IsZero + { + get { return Nat256.IsZero(x); } + } + + public override bool IsOne + { + get { return Nat256.IsOne(x); } + } + + public override bool TestBitZero() + { + return Nat256.GetBit(x, 0) == 1; + } + + public override BigInteger ToBigInteger() + { + return Nat256.ToBigInteger(x); + } + + public override string FieldName + { + get { return "Curve25519Field"; } + } + + public override int FieldSize + { + get { return Q.BitLength; } + } + + public override ECFieldElement Add(ECFieldElement b) + { + uint[] z = Nat256.Create(); + Curve25519Field.Add(x, ((Curve25519FieldElement)b).x, z); + return new Curve25519FieldElement(z); + } + + public override ECFieldElement AddOne() + { + uint[] z = Nat256.Create(); + Curve25519Field.AddOne(x, z); + return new Curve25519FieldElement(z); + } + + public override ECFieldElement Subtract(ECFieldElement b) + { + uint[] z = Nat256.Create(); + Curve25519Field.Subtract(x, ((Curve25519FieldElement)b).x, z); + return new Curve25519FieldElement(z); + } + + public override ECFieldElement Multiply(ECFieldElement b) + { + uint[] z = Nat256.Create(); + Curve25519Field.Multiply(x, ((Curve25519FieldElement)b).x, z); + return new Curve25519FieldElement(z); + } + + public override ECFieldElement Divide(ECFieldElement b) + { + //return Multiply(b.Invert()); + uint[] z = Nat256.Create(); + Curve25519Field.Inv(((Curve25519FieldElement)b).x, z); + Curve25519Field.Multiply(z, x, z); + return new Curve25519FieldElement(z); + } + + public override ECFieldElement Negate() + { + uint[] z = Nat256.Create(); + Curve25519Field.Negate(x, z); + return new Curve25519FieldElement(z); + } + + public override ECFieldElement Square() + { + uint[] z = Nat256.Create(); + Curve25519Field.Square(x, z); + return new Curve25519FieldElement(z); + } + + public override ECFieldElement Invert() + { + //return new Curve25519FieldElement(ToBigInteger().ModInverse(Q)); + uint[] z = Nat256.Create(); + Curve25519Field.Inv(x, z); + return new Curve25519FieldElement(z); + } + + /** + * return a sqrt root - the routine verifies that the calculation returns the right value - if + * none exists it returns null. + */ + public override ECFieldElement Sqrt() + { + /* + * Q == 8m + 5, so we use Pocklington's method for this case. + * + * First, raise this element to the exponent 2^252 - 2^1 (i.e. m + 1) + * + * Breaking up the exponent's binary representation into "repunits", we get: + * { 251 1s } { 1 0s } + * + * Therefore we need an addition chain containing 251 (the lengths of the repunits) + * We use: 1, 2, 3, 4, 7, 11, 15, 30, 60, 120, 131, [251] + */ + + uint[] x1 = this.x; + if (Nat256.IsZero(x1) || Nat256.IsOne(x1)) + return this; + + uint[] x2 = Nat256.Create(); + Curve25519Field.Square(x1, x2); + Curve25519Field.Multiply(x2, x1, x2); + uint[] x3 = x2; + Curve25519Field.Square(x2, x3); + Curve25519Field.Multiply(x3, x1, x3); + uint[] x4 = Nat256.Create(); + Curve25519Field.Square(x3, x4); + Curve25519Field.Multiply(x4, x1, x4); + uint[] x7 = Nat256.Create(); + Curve25519Field.SquareN(x4, 3, x7); + Curve25519Field.Multiply(x7, x3, x7); + uint[] x11 = x3; + Curve25519Field.SquareN(x7, 4, x11); + Curve25519Field.Multiply(x11, x4, x11); + uint[] x15 = x7; + Curve25519Field.SquareN(x11, 4, x15); + Curve25519Field.Multiply(x15, x4, x15); + uint[] x30 = x4; + Curve25519Field.SquareN(x15, 15, x30); + Curve25519Field.Multiply(x30, x15, x30); + uint[] x60 = x15; + Curve25519Field.SquareN(x30, 30, x60); + Curve25519Field.Multiply(x60, x30, x60); + uint[] x120 = x30; + Curve25519Field.SquareN(x60, 60, x120); + Curve25519Field.Multiply(x120, x60, x120); + uint[] x131 = x60; + Curve25519Field.SquareN(x120, 11, x131); + Curve25519Field.Multiply(x131, x11, x131); + uint[] x251 = x11; + Curve25519Field.SquareN(x131, 120, x251); + Curve25519Field.Multiply(x251, x120, x251); + + uint[] t1 = x251; + Curve25519Field.Square(t1, t1); + + uint[] t2 = x120; + Curve25519Field.Square(t1, t2); + + if (Nat256.Eq(x1, t2)) + { + return new Curve25519FieldElement(t1); + } + + /* + * If the first guess is incorrect, we multiply by a precomputed power of 2 to get the second guess, + * which is ((4x)^(m + 1))/2 mod Q + */ + Curve25519Field.Multiply(t1, PRECOMP_POW2, t1); + + Curve25519Field.Square(t1, t2); + + if (Nat256.Eq(x1, t2)) + { + return new Curve25519FieldElement(t1); + } + + return null; + } + + public override bool Equals(object obj) + { + return Equals(obj as Curve25519FieldElement); + } + + public override bool Equals(ECFieldElement other) + { + return Equals(other as Curve25519FieldElement); + } + + public virtual bool Equals(Curve25519FieldElement other) + { + if (this == other) + return true; + if (null == other) + return false; + return Nat256.Eq(x, other.x); + } + + public override int GetHashCode() + { + return Q.GetHashCode() ^ Arrays.GetHashCode(x, 0, 8); + } + } +} diff --git a/BouncyCastle/crypto/src/math/ec/custom/djb/Curve25519Point.cs b/BouncyCastle/crypto/src/math/ec/custom/djb/Curve25519Point.cs new file mode 100644 index 0000000..eb8fc12 --- /dev/null +++ b/BouncyCastle/crypto/src/math/ec/custom/djb/Curve25519Point.cs @@ -0,0 +1,313 @@ +using System; + +using Org.BouncyCastle.Math.Raw; + +namespace Org.BouncyCastle.Math.EC.Custom.Djb +{ + internal class Curve25519Point + : AbstractFpPoint + { + /** + * Create a point which encodes with point compression. + * + * @param curve the curve to use + * @param x affine x co-ordinate + * @param y affine y co-ordinate + * + * @deprecated Use ECCurve.CreatePoint to construct points + */ + public Curve25519Point(ECCurve curve, ECFieldElement x, ECFieldElement y) + : this(curve, x, y, false) + { + } + + /** + * Create a point that encodes with or without point compresion. + * + * @param curve the curve to use + * @param x affine x co-ordinate + * @param y affine y co-ordinate + * @param withCompression if true encode with point compression + * + * @deprecated per-point compression property will be removed, refer {@link #getEncoded(bool)} + */ + public Curve25519Point(ECCurve curve, ECFieldElement x, ECFieldElement y, bool withCompression) + : base(curve, x, y, withCompression) + { + if ((x == null) != (y == null)) + throw new ArgumentException("Exactly one of the field elements is null"); + } + + internal Curve25519Point(ECCurve curve, ECFieldElement x, ECFieldElement y, ECFieldElement[] zs, bool withCompression) + : base(curve, x, y, zs, withCompression) + { + } + + protected override ECPoint Detach() + { + return new Curve25519Point(null, AffineXCoord, AffineYCoord); + } + + public override ECFieldElement GetZCoord(int index) + { + if (index == 1) + { + return GetJacobianModifiedW(); + } + + return base.GetZCoord(index); + } + + public override ECPoint Add(ECPoint b) + { + if (this.IsInfinity) + return b; + if (b.IsInfinity) + return this; + if (this == b) + return Twice(); + + ECCurve curve = this.Curve; + + Curve25519FieldElement X1 = (Curve25519FieldElement)this.RawXCoord, Y1 = (Curve25519FieldElement)this.RawYCoord, + Z1 = (Curve25519FieldElement)this.RawZCoords[0]; + Curve25519FieldElement X2 = (Curve25519FieldElement)b.RawXCoord, Y2 = (Curve25519FieldElement)b.RawYCoord, + Z2 = (Curve25519FieldElement)b.RawZCoords[0]; + + uint c; + uint[] tt1 = Nat256.CreateExt(); + uint[] t2 = Nat256.Create(); + uint[] t3 = Nat256.Create(); + uint[] t4 = Nat256.Create(); + + bool Z1IsOne = Z1.IsOne; + uint[] U2, S2; + if (Z1IsOne) + { + U2 = X2.x; + S2 = Y2.x; + } + else + { + S2 = t3; + Curve25519Field.Square(Z1.x, S2); + + U2 = t2; + Curve25519Field.Multiply(S2, X2.x, U2); + + Curve25519Field.Multiply(S2, Z1.x, S2); + Curve25519Field.Multiply(S2, Y2.x, S2); + } + + bool Z2IsOne = Z2.IsOne; + uint[] U1, S1; + if (Z2IsOne) + { + U1 = X1.x; + S1 = Y1.x; + } + else + { + S1 = t4; + Curve25519Field.Square(Z2.x, S1); + + U1 = tt1; + Curve25519Field.Multiply(S1, X1.x, U1); + + Curve25519Field.Multiply(S1, Z2.x, S1); + Curve25519Field.Multiply(S1, Y1.x, S1); + } + + uint[] H = Nat256.Create(); + Curve25519Field.Subtract(U1, U2, H); + + uint[] R = t2; + Curve25519Field.Subtract(S1, S2, R); + + // Check if b == this or b == -this + if (Nat256.IsZero(H)) + { + if (Nat256.IsZero(R)) + { + // this == b, i.e. this must be doubled + return this.Twice(); + } + + // this == -b, i.e. the result is the point at infinity + return curve.Infinity; + } + + uint[] HSquared = Nat256.Create(); + Curve25519Field.Square(H, HSquared); + + uint[] G = Nat256.Create(); + Curve25519Field.Multiply(HSquared, H, G); + + uint[] V = t3; + Curve25519Field.Multiply(HSquared, U1, V); + + Curve25519Field.Negate(G, G); + Nat256.Mul(S1, G, tt1); + + c = Nat256.AddBothTo(V, V, G); + Curve25519Field.Reduce27(c, G); + + Curve25519FieldElement X3 = new Curve25519FieldElement(t4); + Curve25519Field.Square(R, X3.x); + Curve25519Field.Subtract(X3.x, G, X3.x); + + Curve25519FieldElement Y3 = new Curve25519FieldElement(G); + Curve25519Field.Subtract(V, X3.x, Y3.x); + Curve25519Field.MultiplyAddToExt(Y3.x, R, tt1); + Curve25519Field.Reduce(tt1, Y3.x); + + Curve25519FieldElement Z3 = new Curve25519FieldElement(H); + if (!Z1IsOne) + { + Curve25519Field.Multiply(Z3.x, Z1.x, Z3.x); + } + if (!Z2IsOne) + { + Curve25519Field.Multiply(Z3.x, Z2.x, Z3.x); + } + + uint[] Z3Squared = (Z1IsOne && Z2IsOne) ? HSquared : null; + + // TODO If the result will only be used in a subsequent addition, we don't need W3 + Curve25519FieldElement W3 = CalculateJacobianModifiedW((Curve25519FieldElement)Z3, Z3Squared); + + ECFieldElement[] zs = new ECFieldElement[] { Z3, W3 }; + + return new Curve25519Point(curve, X3, Y3, zs, IsCompressed); + } + + public override ECPoint Twice() + { + if (this.IsInfinity) + return this; + + ECCurve curve = this.Curve; + + ECFieldElement Y1 = this.RawYCoord; + if (Y1.IsZero) + return curve.Infinity; + + return TwiceJacobianModified(true); + } + + public override ECPoint TwicePlus(ECPoint b) + { + if (this == b) + return ThreeTimes(); + if (this.IsInfinity) + return b; + if (b.IsInfinity) + return Twice(); + + ECFieldElement Y1 = this.RawYCoord; + if (Y1.IsZero) + return b; + + return TwiceJacobianModified(false).Add(b); + } + + public override ECPoint ThreeTimes() + { + if (this.IsInfinity || this.RawYCoord.IsZero) + return this; + + return TwiceJacobianModified(false).Add(this); + } + + public override ECPoint Negate() + { + if (IsInfinity) + return this; + + return new Curve25519Point(Curve, RawXCoord, RawYCoord.Negate(), RawZCoords, IsCompressed); + } + + protected virtual Curve25519FieldElement CalculateJacobianModifiedW(Curve25519FieldElement Z, uint[] ZSquared) + { + Curve25519FieldElement a4 = (Curve25519FieldElement)this.Curve.A; + if (Z.IsOne) + return a4; + + Curve25519FieldElement W = new Curve25519FieldElement(); + if (ZSquared == null) + { + ZSquared = W.x; + Curve25519Field.Square(Z.x, ZSquared); + } + Curve25519Field.Square(ZSquared, W.x); + Curve25519Field.Multiply(W.x, a4.x, W.x); + return W; + } + + protected virtual Curve25519FieldElement GetJacobianModifiedW() + { + ECFieldElement[] ZZ = this.RawZCoords; + Curve25519FieldElement W = (Curve25519FieldElement)ZZ[1]; + if (W == null) + { + // NOTE: Rarely, TwicePlus will result in the need for a lazy W1 calculation here + ZZ[1] = W = CalculateJacobianModifiedW((Curve25519FieldElement)ZZ[0], null); + } + return W; + } + + protected virtual Curve25519Point TwiceJacobianModified(bool calculateW) + { + Curve25519FieldElement X1 = (Curve25519FieldElement)this.RawXCoord, Y1 = (Curve25519FieldElement)this.RawYCoord, + Z1 = (Curve25519FieldElement)this.RawZCoords[0], W1 = GetJacobianModifiedW(); + + uint c; + + uint[] M = Nat256.Create(); + Curve25519Field.Square(X1.x, M); + c = Nat256.AddBothTo(M, M, M); + c += Nat256.AddTo(W1.x, M); + Curve25519Field.Reduce27(c, M); + + uint[] _2Y1 = Nat256.Create(); + Curve25519Field.Twice(Y1.x, _2Y1); + + uint[] _2Y1Squared = Nat256.Create(); + Curve25519Field.Multiply(_2Y1, Y1.x, _2Y1Squared); + + uint[] S = Nat256.Create(); + Curve25519Field.Multiply(_2Y1Squared, X1.x, S); + Curve25519Field.Twice(S, S); + + uint[] _8T = Nat256.Create(); + Curve25519Field.Square(_2Y1Squared, _8T); + Curve25519Field.Twice(_8T, _8T); + + Curve25519FieldElement X3 = new Curve25519FieldElement(_2Y1Squared); + Curve25519Field.Square(M, X3.x); + Curve25519Field.Subtract(X3.x, S, X3.x); + Curve25519Field.Subtract(X3.x, S, X3.x); + + Curve25519FieldElement Y3 = new Curve25519FieldElement(S); + Curve25519Field.Subtract(S, X3.x, Y3.x); + Curve25519Field.Multiply(Y3.x, M, Y3.x); + Curve25519Field.Subtract(Y3.x, _8T, Y3.x); + + Curve25519FieldElement Z3 = new Curve25519FieldElement(_2Y1); + if (!Nat256.IsOne(Z1.x)) + { + Curve25519Field.Multiply(Z3.x, Z1.x, Z3.x); + } + + Curve25519FieldElement W3 = null; + if (calculateW) + { + W3 = new Curve25519FieldElement(_8T); + Curve25519Field.Multiply(W3.x, W1.x, W3.x); + Curve25519Field.Twice(W3.x, W3.x); + } + + return new Curve25519Point(this.Curve, X3, Y3, new ECFieldElement[] { Z3, W3 }, IsCompressed); + } + } +} diff --git a/BouncyCastle/crypto/src/math/ec/custom/gm/SM2P256V1Curve.cs b/BouncyCastle/crypto/src/math/ec/custom/gm/SM2P256V1Curve.cs new file mode 100644 index 0000000..805245c --- /dev/null +++ b/BouncyCastle/crypto/src/math/ec/custom/gm/SM2P256V1Curve.cs @@ -0,0 +1,170 @@ +using System; + +using Org.BouncyCastle.Math.Raw; +using Org.BouncyCastle.Security; +using Org.BouncyCastle.Utilities.Encoders; + +namespace Org.BouncyCastle.Math.EC.Custom.GM +{ + internal class SM2P256V1Curve + : AbstractFpCurve + { + public static readonly BigInteger q = SM2P256V1FieldElement.Q; + + private const int SM2P256V1_DEFAULT_COORDS = COORD_JACOBIAN; + private const int SM2P256V1_FE_INTS = 8; + private static readonly ECFieldElement[] SM2P256V1_AFFINE_ZS = new ECFieldElement[] { new SM2P256V1FieldElement(BigInteger.One) }; + + protected readonly SM2P256V1Point m_infinity; + + public SM2P256V1Curve() + : base(q) + { + this.m_infinity = new SM2P256V1Point(this, null, null); + + this.m_a = FromBigInteger(new BigInteger(1, + Hex.DecodeStrict("FFFFFFFEFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF00000000FFFFFFFFFFFFFFFC"))); + this.m_b = FromBigInteger(new BigInteger(1, + Hex.DecodeStrict("28E9FA9E9D9F5E344D5A9E4BCF6509A7F39789F515AB8F92DDBCBD414D940E93"))); + this.m_order = new BigInteger(1, Hex.DecodeStrict("FFFFFFFEFFFFFFFFFFFFFFFFFFFFFFFF7203DF6B21C6052B53BBF40939D54123")); + this.m_cofactor = BigInteger.One; + this.m_coord = SM2P256V1_DEFAULT_COORDS; + } + + protected override ECCurve CloneCurve() + { + return new SM2P256V1Curve(); + } + + public override bool SupportsCoordinateSystem(int coord) + { + switch (coord) + { + case COORD_JACOBIAN: + return true; + default: + return false; + } + } + + public virtual BigInteger Q + { + get { return q; } + } + + public override ECPoint Infinity + { + get { return m_infinity; } + } + + public override int FieldSize + { + get { return q.BitLength; } + } + + public override ECFieldElement FromBigInteger(BigInteger x) + { + return new SM2P256V1FieldElement(x); + } + + protected internal override ECPoint CreateRawPoint(ECFieldElement x, ECFieldElement y, bool withCompression) + { + return new SM2P256V1Point(this, x, y, withCompression); + } + + protected internal override ECPoint CreateRawPoint(ECFieldElement x, ECFieldElement y, ECFieldElement[] zs, bool withCompression) + { + return new SM2P256V1Point(this, x, y, zs, withCompression); + } + + public override ECLookupTable CreateCacheSafeLookupTable(ECPoint[] points, int off, int len) + { + uint[] table = new uint[len * SM2P256V1_FE_INTS * 2]; + { + int pos = 0; + for (int i = 0; i < len; ++i) + { + ECPoint p = points[off + i]; + Nat256.Copy(((SM2P256V1FieldElement)p.RawXCoord).x, 0, table, pos); pos += SM2P256V1_FE_INTS; + Nat256.Copy(((SM2P256V1FieldElement)p.RawYCoord).x, 0, table, pos); pos += SM2P256V1_FE_INTS; + } + } + + return new SM2P256V1LookupTable(this, table, len); + } + + public override ECFieldElement RandomFieldElement(SecureRandom r) + { + uint[] x = Nat256.Create(); + SM2P256V1Field.Random(r, x); + return new SM2P256V1FieldElement(x); + } + + public override ECFieldElement RandomFieldElementMult(SecureRandom r) + { + uint[] x = Nat256.Create(); + SM2P256V1Field.RandomMult(r, x); + return new SM2P256V1FieldElement(x); + } + + private class SM2P256V1LookupTable + : AbstractECLookupTable + { + private readonly SM2P256V1Curve m_outer; + private readonly uint[] m_table; + private readonly int m_size; + + internal SM2P256V1LookupTable(SM2P256V1Curve outer, uint[] table, int size) + { + this.m_outer = outer; + this.m_table = table; + this.m_size = size; + } + + public override int Size + { + get { return m_size; } + } + + public override ECPoint Lookup(int index) + { + uint[] x = Nat256.Create(), y = Nat256.Create(); + int pos = 0; + + for (int i = 0; i < m_size; ++i) + { + uint MASK = (uint)(((i ^ index) - 1) >> 31); + + for (int j = 0; j < SM2P256V1_FE_INTS; ++j) + { + x[j] ^= m_table[pos + j] & MASK; + y[j] ^= m_table[pos + SM2P256V1_FE_INTS + j] & MASK; + } + + pos += (SM2P256V1_FE_INTS * 2); + } + + return CreatePoint(x, y); + } + + public override ECPoint LookupVar(int index) + { + uint[] x = Nat256.Create(), y = Nat256.Create(); + int pos = index * SM2P256V1_FE_INTS * 2; + + for (int j = 0; j < SM2P256V1_FE_INTS; ++j) + { + x[j] = m_table[pos + j]; + y[j] = m_table[pos + SM2P256V1_FE_INTS + j]; + } + + return CreatePoint(x, y); + } + + private ECPoint CreatePoint(uint[] x, uint[] y) + { + return m_outer.CreateRawPoint(new SM2P256V1FieldElement(x), new SM2P256V1FieldElement(y), SM2P256V1_AFFINE_ZS, false); + } + } + } +} diff --git a/BouncyCastle/crypto/src/math/ec/custom/gm/SM2P256V1Field.cs b/BouncyCastle/crypto/src/math/ec/custom/gm/SM2P256V1Field.cs new file mode 100644 index 0000000..6fbe849 --- /dev/null +++ b/BouncyCastle/crypto/src/math/ec/custom/gm/SM2P256V1Field.cs @@ -0,0 +1,345 @@ +using System; +using System.Diagnostics; + +using Org.BouncyCastle.Crypto.Utilities; +using Org.BouncyCastle.Math.Raw; +using Org.BouncyCastle.Security; + +namespace Org.BouncyCastle.Math.EC.Custom.GM +{ + internal class SM2P256V1Field + { + // 2^256 - 2^224 - 2^96 + 2^64 - 1 + internal static readonly uint[] P = new uint[]{ 0xFFFFFFFF, 0xFFFFFFFF, 0x00000000, 0xFFFFFFFF, 0xFFFFFFFF, + 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFE }; + private static readonly uint[] PExt = new uint[]{ 00000001, 0x00000000, 0xFFFFFFFE, 0x00000001, 0x00000001, + 0xFFFFFFFE, 0x00000000, 0x00000002, 0xFFFFFFFE, 0xFFFFFFFD, 0x00000003, 0xFFFFFFFE, 0xFFFFFFFF, 0xFFFFFFFF, + 0x00000000, 0xFFFFFFFE }; + private const uint P7 = 0xFFFFFFFE; + private const uint PExt15 = 0xFFFFFFFE; + + public static void Add(uint[] x, uint[] y, uint[] z) + { + uint c = Nat256.Add(x, y, z); + if (c != 0 || (z[7] >= P7 && Nat256.Gte(z, P))) + { + AddPInvTo(z); + } + } + + public static void AddExt(uint[] xx, uint[] yy, uint[] zz) + { + uint c = Nat.Add(16, xx, yy, zz); + if (c != 0 || (zz[15] >= PExt15 && Nat.Gte(16, zz, PExt))) + { + Nat.SubFrom(16, PExt, zz); + } + } + + public static void AddOne(uint[] x, uint[] z) + { + uint c = Nat.Inc(8, x, z); + if (c != 0 || (z[7] >= P7 && Nat256.Gte(z, P))) + { + AddPInvTo(z); + } + } + + public static uint[] FromBigInteger(BigInteger x) + { + uint[] z = Nat.FromBigInteger(256, x); + if (z[7] >= P7 && Nat256.Gte(z, P)) + { + Nat256.SubFrom(P, z); + } + return z; + } + + public static void Inv(uint[] x, uint[] z) + { + Mod.CheckedModOddInverse(P, x, z); + } + + public static void Half(uint[] x, uint[] z) + { + if ((x[0] & 1) == 0) + { + Nat.ShiftDownBit(8, x, 0, z); + } + else + { + uint c = Nat256.Add(x, P, z); + Nat.ShiftDownBit(8, z, c); + } + } + + public static int IsZero(uint[] x) + { + uint d = 0; + for (int i = 0; i < 8; ++i) + { + d |= x[i]; + } + d = (d >> 1) | (d & 1); + return ((int)d - 1) >> 31; + } + + public static void Multiply(uint[] x, uint[] y, uint[] z) + { + uint[] tt = Nat256.CreateExt(); + Nat256.Mul(x, y, tt); + Reduce(tt, z); + } + + public static void MultiplyAddToExt(uint[] x, uint[] y, uint[] zz) + { + uint c = Nat256.MulAddTo(x, y, zz); + if (c != 0 || (zz[15] >= PExt15 && Nat.Gte(16, zz, PExt))) + { + Nat.SubFrom(16, PExt, zz); + } + } + + public static void Negate(uint[] x, uint[] z) + { + if (0 != IsZero(x)) + { + Nat256.Sub(P, P, z); + } + else + { + Nat256.Sub(P, x, z); + } + } + + public static void Random(SecureRandom r, uint[] z) + { + byte[] bb = new byte[8 * 4]; + do + { + r.NextBytes(bb); + Pack.LE_To_UInt32(bb, 0, z, 0, 8); + } + while (0 == Nat.LessThan(8, z, P)); + } + + public static void RandomMult(SecureRandom r, uint[] z) + { + do + { + Random(r, z); + } + while (0 != IsZero(z)); + } + + public static void Reduce(uint[] xx, uint[] z) + { + long xx08 = xx[8], xx09 = xx[9], xx10 = xx[10], xx11 = xx[11]; + long xx12 = xx[12], xx13 = xx[13], xx14 = xx[14], xx15 = xx[15]; + + long t0 = xx08 + xx09; + long t1 = xx10 + xx11; + long t2 = xx12 + xx15; + long t3 = xx13 + xx14; + long t4 = t3 + (xx15 << 1); + + long ts = t0 + t3; + long tt = t1 + t2 + ts; + + long cc = 0; + cc += (long)xx[0] + tt + xx13 + xx14 + xx15; + z[0] = (uint)cc; + cc >>= 32; + cc += (long)xx[1] + tt - xx08 + xx14 + xx15; + z[1] = (uint)cc; + cc >>= 32; + cc += (long)xx[2] - ts; + z[2] = (uint)cc; + cc >>= 32; + cc += (long)xx[3] + tt - xx09 - xx10 + xx13; + z[3] = (uint)cc; + cc >>= 32; + cc += (long)xx[4] + tt - t1 - xx08 + xx14; + z[4] = (uint)cc; + cc >>= 32; + cc += (long)xx[5] + t4 + xx10; + z[5] = (uint)cc; + cc >>= 32; + cc += (long)xx[6] + xx11 + xx14 + xx15; + z[6] = (uint)cc; + cc >>= 32; + cc += (long)xx[7] + tt + t4 + xx12; + z[7] = (uint)cc; + cc >>= 32; + + Debug.Assert(cc >= 0); + + Reduce32((uint)cc, z); + } + + public static void Reduce32(uint x, uint[] z) + { + long cc = 0; + + if (x != 0) + { + long xx08 = x; + + cc += (long)z[0] + xx08; + z[0] = (uint)cc; + cc >>= 32; + if (cc != 0) + { + cc += (long)z[1]; + z[1] = (uint)cc; + cc >>= 32; + } + cc += (long)z[2] - xx08; + z[2] = (uint)cc; + cc >>= 32; + cc += (long)z[3] + xx08; + z[3] = (uint)cc; + cc >>= 32; + if (cc != 0) + { + cc += (long)z[4]; + z[4] = (uint)cc; + cc >>= 32; + cc += (long)z[5]; + z[5] = (uint)cc; + cc >>= 32; + cc += (long)z[6]; + z[6] = (uint)cc; + cc >>= 32; + } + cc += (long)z[7] + xx08; + z[7] = (uint)cc; + cc >>= 32; + + Debug.Assert(cc == 0 || cc == 1); + } + + if (cc != 0 || (z[7] >= P7 && Nat256.Gte(z, P))) + { + AddPInvTo(z); + } + } + + public static void Square(uint[] x, uint[] z) + { + uint[] tt = Nat256.CreateExt(); + Nat256.Square(x, tt); + Reduce(tt, z); + } + + public static void SquareN(uint[] x, int n, uint[] z) + { + Debug.Assert(n > 0); + + uint[] tt = Nat256.CreateExt(); + Nat256.Square(x, tt); + Reduce(tt, z); + + while (--n > 0) + { + Nat256.Square(z, tt); + Reduce(tt, z); + } + } + + public static void Subtract(uint[] x, uint[] y, uint[] z) + { + int c = Nat256.Sub(x, y, z); + if (c != 0) + { + SubPInvFrom(z); + } + } + + public static void SubtractExt(uint[] xx, uint[] yy, uint[] zz) + { + int c = Nat.Sub(16, xx, yy, zz); + if (c != 0) + { + Nat.AddTo(16, PExt, zz); + } + } + + public static void Twice(uint[] x, uint[] z) + { + uint c = Nat.ShiftUpBit(8, x, 0, z); + if (c != 0 || (z[7] >= P7 && Nat256.Gte(z, P))) + { + AddPInvTo(z); + } + } + + private static void AddPInvTo(uint[] z) + { + long c = (long)z[0] + 1; + z[0] = (uint)c; + c >>= 32; + if (c != 0) + { + c += (long)z[1]; + z[1] = (uint)c; + c >>= 32; + } + c += (long)z[2] - 1; + z[2] = (uint)c; + c >>= 32; + c += (long)z[3] + 1; + z[3] = (uint)c; + c >>= 32; + if (c != 0) + { + c += (long)z[4]; + z[4] = (uint)c; + c >>= 32; + c += (long)z[5]; + z[5] = (uint)c; + c >>= 32; + c += (long)z[6]; + z[6] = (uint)c; + c >>= 32; + } + c += (long)z[7] + 1; + z[7] = (uint)c; + //c >>= 32; + } + + private static void SubPInvFrom(uint[] z) + { + long c = (long)z[0] - 1; + z[0] = (uint)c; + c >>= 32; + if (c != 0) + { + c += (long)z[1]; + z[1] = (uint)c; + c >>= 32; + } + c += (long)z[2] + 1; + z[2] = (uint)c; + c >>= 32; + c += (long)z[3] - 1; + z[3] = (uint)c; + c >>= 32; + if (c != 0) + { + c += (long)z[4]; + z[4] = (uint)c; + c >>= 32; + c += (long)z[5]; + z[5] = (uint)c; + c >>= 32; + c += (long)z[6]; + z[6] = (uint)c; + c >>= 32; + } + c += (long)z[7] - 1; + z[7] = (uint)c; + //c >>= 32; + } + } +} diff --git a/BouncyCastle/crypto/src/math/ec/custom/gm/SM2P256V1FieldElement.cs b/BouncyCastle/crypto/src/math/ec/custom/gm/SM2P256V1FieldElement.cs new file mode 100644 index 0000000..25cb249 --- /dev/null +++ b/BouncyCastle/crypto/src/math/ec/custom/gm/SM2P256V1FieldElement.cs @@ -0,0 +1,213 @@ +using System; + +using Org.BouncyCastle.Math.Raw; +using Org.BouncyCastle.Utilities; +using Org.BouncyCastle.Utilities.Encoders; + +namespace Org.BouncyCastle.Math.EC.Custom.GM +{ + internal class SM2P256V1FieldElement + : AbstractFpFieldElement + { + public static readonly BigInteger Q = new BigInteger(1, + Hex.DecodeStrict("FFFFFFFEFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF00000000FFFFFFFFFFFFFFFF")); + + protected internal readonly uint[] x; + + public SM2P256V1FieldElement(BigInteger x) + { + if (x == null || x.SignValue < 0 || x.CompareTo(Q) >= 0) + throw new ArgumentException("value invalid for SM2P256V1FieldElement", "x"); + + this.x = SM2P256V1Field.FromBigInteger(x); + } + + public SM2P256V1FieldElement() + { + this.x = Nat256.Create(); + } + + protected internal SM2P256V1FieldElement(uint[] x) + { + this.x = x; + } + + public override bool IsZero + { + get { return Nat256.IsZero(x); } + } + + public override bool IsOne + { + get { return Nat256.IsOne(x); } + } + + public override bool TestBitZero() + { + return Nat256.GetBit(x, 0) == 1; + } + + public override BigInteger ToBigInteger() + { + return Nat256.ToBigInteger(x); + } + + public override string FieldName + { + get { return "SM2P256V1Field"; } + } + + public override int FieldSize + { + get { return Q.BitLength; } + } + + public override ECFieldElement Add(ECFieldElement b) + { + uint[] z = Nat256.Create(); + SM2P256V1Field.Add(x, ((SM2P256V1FieldElement)b).x, z); + return new SM2P256V1FieldElement(z); + } + + public override ECFieldElement AddOne() + { + uint[] z = Nat256.Create(); + SM2P256V1Field.AddOne(x, z); + return new SM2P256V1FieldElement(z); + } + + public override ECFieldElement Subtract(ECFieldElement b) + { + uint[] z = Nat256.Create(); + SM2P256V1Field.Subtract(x, ((SM2P256V1FieldElement)b).x, z); + return new SM2P256V1FieldElement(z); + } + + public override ECFieldElement Multiply(ECFieldElement b) + { + uint[] z = Nat256.Create(); + SM2P256V1Field.Multiply(x, ((SM2P256V1FieldElement)b).x, z); + return new SM2P256V1FieldElement(z); + } + + public override ECFieldElement Divide(ECFieldElement b) + { + //return Multiply(b.Invert()); + uint[] z = Nat256.Create(); + SM2P256V1Field.Inv(((SM2P256V1FieldElement)b).x, z); + SM2P256V1Field.Multiply(z, x, z); + return new SM2P256V1FieldElement(z); + } + + public override ECFieldElement Negate() + { + uint[] z = Nat256.Create(); + SM2P256V1Field.Negate(x, z); + return new SM2P256V1FieldElement(z); + } + + public override ECFieldElement Square() + { + uint[] z = Nat256.Create(); + SM2P256V1Field.Square(x, z); + return new SM2P256V1FieldElement(z); + } + + public override ECFieldElement Invert() + { + //return new SM2P256V1FieldElement(ToBigInteger().ModInverse(Q)); + uint[] z = Nat256.Create(); + SM2P256V1Field.Inv(x, z); + return new SM2P256V1FieldElement(z); + } + + /** + * return a sqrt root - the routine verifies that the calculation returns the right value - if + * none exists it returns null. + */ + public override ECFieldElement Sqrt() + { + /* + * Raise this element to the exponent 2^254 - 2^222 - 2^94 + 2^62 + * + * Breaking up the exponent's binary representation into "repunits", we get: + * { 31 1s } { 1 0s } { 128 1s } { 31 0s } { 1 1s } { 62 0s } + * + * We use an addition chain for the beginning: [1], 2, 3, 6, 12, [24], 30, [31] + */ + + uint[] x1 = this.x; + if (Nat256.IsZero(x1) || Nat256.IsOne(x1)) + { + return this; + } + + uint[] x2 = Nat256.Create(); + SM2P256V1Field.Square(x1, x2); + SM2P256V1Field.Multiply(x2, x1, x2); + uint[] x4 = Nat256.Create(); + SM2P256V1Field.SquareN(x2, 2, x4); + SM2P256V1Field.Multiply(x4, x2, x4); + uint[] x6 = Nat256.Create(); + SM2P256V1Field.SquareN(x4, 2, x6); + SM2P256V1Field.Multiply(x6, x2, x6); + uint[] x12 = x2; + SM2P256V1Field.SquareN(x6, 6, x12); + SM2P256V1Field.Multiply(x12, x6, x12); + uint[] x24 = Nat256.Create(); + SM2P256V1Field.SquareN(x12, 12, x24); + SM2P256V1Field.Multiply(x24, x12, x24); + uint[] x30 = x12; + SM2P256V1Field.SquareN(x24, 6, x30); + SM2P256V1Field.Multiply(x30, x6, x30); + uint[] x31 = x6; + SM2P256V1Field.Square(x30, x31); + SM2P256V1Field.Multiply(x31, x1, x31); + + uint[] t1 = x24; + SM2P256V1Field.SquareN(x31, 31, t1); + + uint[] x62 = x30; + SM2P256V1Field.Multiply(t1, x31, x62); + + SM2P256V1Field.SquareN(t1, 32, t1); + SM2P256V1Field.Multiply(t1, x62, t1); + SM2P256V1Field.SquareN(t1, 62, t1); + SM2P256V1Field.Multiply(t1, x62, t1); + SM2P256V1Field.SquareN(t1, 4, t1); + SM2P256V1Field.Multiply(t1, x4, t1); + SM2P256V1Field.SquareN(t1, 32, t1); + SM2P256V1Field.Multiply(t1, x1, t1); + SM2P256V1Field.SquareN(t1, 62, t1); + + uint[] t2 = x4; + SM2P256V1Field.Square(t1, t2); + + return Nat256.Eq(x1, t2) ? new SM2P256V1FieldElement(t1) : null; + } + + public override bool Equals(object obj) + { + return Equals(obj as SM2P256V1FieldElement); + } + + public override bool Equals(ECFieldElement other) + { + return Equals(other as SM2P256V1FieldElement); + } + + public virtual bool Equals(SM2P256V1FieldElement other) + { + if (this == other) + return true; + if (null == other) + return false; + return Nat256.Eq(x, other.x); + } + + public override int GetHashCode() + { + return Q.GetHashCode() ^ Arrays.GetHashCode(x, 0, 8); + } + } +} diff --git a/BouncyCastle/crypto/src/math/ec/custom/gm/SM2P256V1Point.cs b/BouncyCastle/crypto/src/math/ec/custom/gm/SM2P256V1Point.cs new file mode 100644 index 0000000..916c906 --- /dev/null +++ b/BouncyCastle/crypto/src/math/ec/custom/gm/SM2P256V1Point.cs @@ -0,0 +1,279 @@ +using System; + +using Org.BouncyCastle.Math.Raw; + +namespace Org.BouncyCastle.Math.EC.Custom.GM +{ + internal class SM2P256V1Point + : AbstractFpPoint + { + /** + * Create a point which encodes with point compression. + * + * @param curve + * the curve to use + * @param x + * affine x co-ordinate + * @param y + * affine y co-ordinate + * + * @deprecated Use ECCurve.createPoint to construct points + */ + public SM2P256V1Point(ECCurve curve, ECFieldElement x, ECFieldElement y) + : this(curve, x, y, false) + { + } + + /** + * Create a point that encodes with or without point compresion. + * + * @param curve + * the curve to use + * @param x + * affine x co-ordinate + * @param y + * affine y co-ordinate + * @param withCompression + * if true encode with point compression + * + * @deprecated per-point compression property will be removed, refer + * {@link #getEncoded(bool)} + */ + public SM2P256V1Point(ECCurve curve, ECFieldElement x, ECFieldElement y, bool withCompression) + : base(curve, x, y, withCompression) + { + if ((x == null) != (y == null)) + throw new ArgumentException("Exactly one of the field elements is null"); + } + + internal SM2P256V1Point(ECCurve curve, ECFieldElement x, ECFieldElement y, ECFieldElement[] zs, bool withCompression) + : base(curve, x, y, zs, withCompression) + { + } + + protected override ECPoint Detach() + { + return new SM2P256V1Point(null, AffineXCoord, AffineYCoord); + } + + public override ECPoint Add(ECPoint b) + { + if (this.IsInfinity) + return b; + if (b.IsInfinity) + return this; + if (this == b) + return Twice(); + + ECCurve curve = this.Curve; + + SM2P256V1FieldElement X1 = (SM2P256V1FieldElement)this.RawXCoord, Y1 = (SM2P256V1FieldElement)this.RawYCoord; + SM2P256V1FieldElement X2 = (SM2P256V1FieldElement)b.RawXCoord, Y2 = (SM2P256V1FieldElement)b.RawYCoord; + + SM2P256V1FieldElement Z1 = (SM2P256V1FieldElement)this.RawZCoords[0]; + SM2P256V1FieldElement Z2 = (SM2P256V1FieldElement)b.RawZCoords[0]; + + uint c; + uint[] tt1 = Nat256.CreateExt(); + uint[] t2 = Nat256.Create(); + uint[] t3 = Nat256.Create(); + uint[] t4 = Nat256.Create(); + + bool Z1IsOne = Z1.IsOne; + uint[] U2, S2; + if (Z1IsOne) + { + U2 = X2.x; + S2 = Y2.x; + } + else + { + S2 = t3; + SM2P256V1Field.Square(Z1.x, S2); + + U2 = t2; + SM2P256V1Field.Multiply(S2, X2.x, U2); + + SM2P256V1Field.Multiply(S2, Z1.x, S2); + SM2P256V1Field.Multiply(S2, Y2.x, S2); + } + + bool Z2IsOne = Z2.IsOne; + uint[] U1, S1; + if (Z2IsOne) + { + U1 = X1.x; + S1 = Y1.x; + } + else + { + S1 = t4; + SM2P256V1Field.Square(Z2.x, S1); + + U1 = tt1; + SM2P256V1Field.Multiply(S1, X1.x, U1); + + SM2P256V1Field.Multiply(S1, Z2.x, S1); + SM2P256V1Field.Multiply(S1, Y1.x, S1); + } + + uint[] H = Nat256.Create(); + SM2P256V1Field.Subtract(U1, U2, H); + + uint[] R = t2; + SM2P256V1Field.Subtract(S1, S2, R); + + // Check if b == this or b == -this + if (Nat256.IsZero(H)) + { + if (Nat256.IsZero(R)) + { + // this == b, i.e. this must be doubled + return this.Twice(); + } + + // this == -b, i.e. the result is the point at infinity + return curve.Infinity; + } + + uint[] HSquared = t3; + SM2P256V1Field.Square(H, HSquared); + + uint[] G = Nat256.Create(); + SM2P256V1Field.Multiply(HSquared, H, G); + + uint[] V = t3; + SM2P256V1Field.Multiply(HSquared, U1, V); + + SM2P256V1Field.Negate(G, G); + Nat256.Mul(S1, G, tt1); + + c = Nat256.AddBothTo(V, V, G); + SM2P256V1Field.Reduce32(c, G); + + SM2P256V1FieldElement X3 = new SM2P256V1FieldElement(t4); + SM2P256V1Field.Square(R, X3.x); + SM2P256V1Field.Subtract(X3.x, G, X3.x); + + SM2P256V1FieldElement Y3 = new SM2P256V1FieldElement(G); + SM2P256V1Field.Subtract(V, X3.x, Y3.x); + SM2P256V1Field.MultiplyAddToExt(Y3.x, R, tt1); + SM2P256V1Field.Reduce(tt1, Y3.x); + + SM2P256V1FieldElement Z3 = new SM2P256V1FieldElement(H); + if (!Z1IsOne) + { + SM2P256V1Field.Multiply(Z3.x, Z1.x, Z3.x); + } + if (!Z2IsOne) + { + SM2P256V1Field.Multiply(Z3.x, Z2.x, Z3.x); + } + + ECFieldElement[] zs = new ECFieldElement[]{ Z3 }; + + return new SM2P256V1Point(curve, X3, Y3, zs, IsCompressed); + } + + public override ECPoint Twice() + { + if (this.IsInfinity) + return this; + + ECCurve curve = this.Curve; + + SM2P256V1FieldElement Y1 = (SM2P256V1FieldElement)this.RawYCoord; + if (Y1.IsZero) + return curve.Infinity; + + SM2P256V1FieldElement X1 = (SM2P256V1FieldElement)this.RawXCoord, Z1 = (SM2P256V1FieldElement)this.RawZCoords[0]; + + uint c; + uint[] t1 = Nat256.Create(); + uint[] t2 = Nat256.Create(); + + uint[] Y1Squared = Nat256.Create(); + SM2P256V1Field.Square(Y1.x, Y1Squared); + + uint[] T = Nat256.Create(); + SM2P256V1Field.Square(Y1Squared, T); + + bool Z1IsOne = Z1.IsOne; + + uint[] Z1Squared = Z1.x; + if (!Z1IsOne) + { + Z1Squared = t2; + SM2P256V1Field.Square(Z1.x, Z1Squared); + } + + SM2P256V1Field.Subtract(X1.x, Z1Squared, t1); + + uint[] M = t2; + SM2P256V1Field.Add(X1.x, Z1Squared, M); + SM2P256V1Field.Multiply(M, t1, M); + c = Nat256.AddBothTo(M, M, M); + SM2P256V1Field.Reduce32(c, M); + + uint[] S = Y1Squared; + SM2P256V1Field.Multiply(Y1Squared, X1.x, S); + c = Nat.ShiftUpBits(8, S, 2, 0); + SM2P256V1Field.Reduce32(c, S); + + c = Nat.ShiftUpBits(8, T, 3, 0, t1); + SM2P256V1Field.Reduce32(c, t1); + + SM2P256V1FieldElement X3 = new SM2P256V1FieldElement(T); + SM2P256V1Field.Square(M, X3.x); + SM2P256V1Field.Subtract(X3.x, S, X3.x); + SM2P256V1Field.Subtract(X3.x, S, X3.x); + + SM2P256V1FieldElement Y3 = new SM2P256V1FieldElement(S); + SM2P256V1Field.Subtract(S, X3.x, Y3.x); + SM2P256V1Field.Multiply(Y3.x, M, Y3.x); + SM2P256V1Field.Subtract(Y3.x, t1, Y3.x); + + SM2P256V1FieldElement Z3 = new SM2P256V1FieldElement(M); + SM2P256V1Field.Twice(Y1.x, Z3.x); + if (!Z1IsOne) + { + SM2P256V1Field.Multiply(Z3.x, Z1.x, Z3.x); + } + + return new SM2P256V1Point(curve, X3, Y3, new ECFieldElement[]{ Z3 }, IsCompressed); + } + + public override ECPoint TwicePlus(ECPoint b) + { + if (this == b) + return ThreeTimes(); + if (this.IsInfinity) + return b; + if (b.IsInfinity) + return Twice(); + + ECFieldElement Y1 = this.RawYCoord; + if (Y1.IsZero) + return b; + + return Twice().Add(b); + } + + public override ECPoint ThreeTimes() + { + if (this.IsInfinity || this.RawYCoord.IsZero) + return this; + + // NOTE: Be careful about recursions between TwicePlus and ThreeTimes + return Twice().Add(this); + } + + public override ECPoint Negate() + { + if (IsInfinity) + return this; + + return new SM2P256V1Point(Curve, RawXCoord, RawYCoord.Negate(), RawZCoords, IsCompressed); + } + } +} diff --git a/BouncyCastle/crypto/src/math/ec/custom/sec/SecP128R1Curve.cs b/BouncyCastle/crypto/src/math/ec/custom/sec/SecP128R1Curve.cs new file mode 100644 index 0000000..b4a150c --- /dev/null +++ b/BouncyCastle/crypto/src/math/ec/custom/sec/SecP128R1Curve.cs @@ -0,0 +1,171 @@ +using System; + +using Org.BouncyCastle.Math.Raw; +using Org.BouncyCastle.Security; +using Org.BouncyCastle.Utilities.Encoders; + +namespace Org.BouncyCastle.Math.EC.Custom.Sec +{ + internal class SecP128R1Curve + : AbstractFpCurve + { + public static readonly BigInteger q = SecP128R1FieldElement.Q; + + private const int SECP128R1_DEFAULT_COORDS = COORD_JACOBIAN; + private const int SECP128R1_FE_INTS = 4; + private static readonly ECFieldElement[] SECP128R1_AFFINE_ZS = new ECFieldElement[] { new SecP128R1FieldElement(BigInteger.One) }; + + protected readonly SecP128R1Point m_infinity; + + public SecP128R1Curve() + : base(q) + { + this.m_infinity = new SecP128R1Point(this, null, null); + + this.m_a = FromBigInteger(new BigInteger(1, + Hex.DecodeStrict("FFFFFFFDFFFFFFFFFFFFFFFFFFFFFFFC"))); + this.m_b = FromBigInteger(new BigInteger(1, + Hex.DecodeStrict("E87579C11079F43DD824993C2CEE5ED3"))); + this.m_order = new BigInteger(1, Hex.DecodeStrict("FFFFFFFE0000000075A30D1B9038A115")); + this.m_cofactor = BigInteger.One; + + this.m_coord = SECP128R1_DEFAULT_COORDS; + } + + protected override ECCurve CloneCurve() + { + return new SecP128R1Curve(); + } + + public override bool SupportsCoordinateSystem(int coord) + { + switch (coord) + { + case COORD_JACOBIAN: + return true; + default: + return false; + } + } + + public virtual BigInteger Q + { + get { return q; } + } + + public override ECPoint Infinity + { + get { return m_infinity; } + } + + public override int FieldSize + { + get { return q.BitLength; } + } + + public override ECFieldElement FromBigInteger(BigInteger x) + { + return new SecP128R1FieldElement(x); + } + + protected internal override ECPoint CreateRawPoint(ECFieldElement x, ECFieldElement y, bool withCompression) + { + return new SecP128R1Point(this, x, y, withCompression); + } + + protected internal override ECPoint CreateRawPoint(ECFieldElement x, ECFieldElement y, ECFieldElement[] zs, bool withCompression) + { + return new SecP128R1Point(this, x, y, zs, withCompression); + } + + public override ECLookupTable CreateCacheSafeLookupTable(ECPoint[] points, int off, int len) + { + uint[] table = new uint[len * SECP128R1_FE_INTS * 2]; + { + int pos = 0; + for (int i = 0; i < len; ++i) + { + ECPoint p = points[off + i]; + Nat128.Copy(((SecP128R1FieldElement)p.RawXCoord).x, 0, table, pos); pos += SECP128R1_FE_INTS; + Nat128.Copy(((SecP128R1FieldElement)p.RawYCoord).x, 0, table, pos); pos += SECP128R1_FE_INTS; + } + } + + return new SecP128R1LookupTable(this, table, len); + } + + public override ECFieldElement RandomFieldElement(SecureRandom r) + { + uint[] x = Nat128.Create(); + SecP128R1Field.Random(r, x); + return new SecP128R1FieldElement(x); + } + + public override ECFieldElement RandomFieldElementMult(SecureRandom r) + { + uint[] x = Nat128.Create(); + SecP128R1Field.RandomMult(r, x); + return new SecP128R1FieldElement(x); + } + + private class SecP128R1LookupTable + : AbstractECLookupTable + { + private readonly SecP128R1Curve m_outer; + private readonly uint[] m_table; + private readonly int m_size; + + internal SecP128R1LookupTable(SecP128R1Curve outer, uint[] table, int size) + { + this.m_outer = outer; + this.m_table = table; + this.m_size = size; + } + + public override int Size + { + get { return m_size; } + } + + public override ECPoint Lookup(int index) + { + uint[] x = Nat128.Create(), y = Nat128.Create(); + int pos = 0; + + for (int i = 0; i < m_size; ++i) + { + uint MASK = (uint)(((i ^ index) - 1) >> 31); + + for (int j = 0; j < SECP128R1_FE_INTS; ++j) + { + x[j] ^= m_table[pos + j] & MASK; + y[j] ^= m_table[pos + SECP128R1_FE_INTS + j] & MASK; + } + + pos += (SECP128R1_FE_INTS * 2); + } + + return CreatePoint(x, y); + } + + public override ECPoint LookupVar(int index) + { + uint[] x = Nat128.Create(), y = Nat128.Create(); + int pos = index * SECP128R1_FE_INTS * 2; + + for (int j = 0; j < SECP128R1_FE_INTS; ++j) + { + x[j] = m_table[pos + j]; + y[j] = m_table[pos + SECP128R1_FE_INTS + j]; + } + + return CreatePoint(x, y); + } + + private ECPoint CreatePoint(uint[] x, uint[] y) + { + return m_outer.CreateRawPoint(new SecP128R1FieldElement(x), new SecP128R1FieldElement(y), SECP128R1_AFFINE_ZS, false); + } + } + } +} diff --git a/BouncyCastle/crypto/src/math/ec/custom/sec/SecP128R1Field.cs b/BouncyCastle/crypto/src/math/ec/custom/sec/SecP128R1Field.cs new file mode 100644 index 0000000..838f4df --- /dev/null +++ b/BouncyCastle/crypto/src/math/ec/custom/sec/SecP128R1Field.cs @@ -0,0 +1,261 @@ +using System; +using System.Diagnostics; + +using Org.BouncyCastle.Crypto.Utilities; +using Org.BouncyCastle.Math.Raw; +using Org.BouncyCastle.Security; + +namespace Org.BouncyCastle.Math.EC.Custom.Sec +{ + internal class SecP128R1Field + { + // 2^128 - 2^97 - 1 + internal static readonly uint[] P = new uint[]{ 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFD }; + private static readonly uint[] PExt = new uint[]{ 0x00000001, 0x00000000, 0x00000000, 0x00000004, 0xFFFFFFFE, + 0xFFFFFFFF, 0x00000003, 0xFFFFFFFC }; + private static readonly uint[] PExtInv = new uint[]{ 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFB, + 0x00000001, 0x00000000, 0xFFFFFFFC, 0x00000003 }; + private const uint P3 = 0xFFFFFFFD; + private const uint PExt7 = 0xFFFFFFFC; + + public static void Add(uint[] x, uint[] y, uint[] z) + { + uint c = Nat128.Add(x, y, z); + if (c != 0 || (z[3] >= P3 && Nat128.Gte(z, P))) + { + AddPInvTo(z); + } + } + + public static void AddExt(uint[] xx, uint[] yy, uint[] zz) + { + uint c = Nat256.Add(xx, yy, zz); + if (c != 0 || (zz[7] >= PExt7 && Nat256.Gte(zz, PExt))) + { + Nat.AddTo(PExtInv.Length, PExtInv, zz); + } + } + + public static void AddOne(uint[] x, uint[] z) + { + uint c = Nat.Inc(4, x, z); + if (c != 0 || (z[3] >= P3 && Nat128.Gte(z, P))) + { + AddPInvTo(z); + } + } + + public static uint[] FromBigInteger(BigInteger x) + { + uint[] z = Nat.FromBigInteger(128, x); + if (z[3] >= P3 && Nat128.Gte(z, P)) + { + Nat128.SubFrom(P, z); + } + return z; + } + + public static void Half(uint[] x, uint[] z) + { + if ((x[0] & 1) == 0) + { + Nat.ShiftDownBit(4, x, 0, z); + } + else + { + uint c = Nat128.Add(x, P, z); + Nat.ShiftDownBit(4, z, c); + } + } + + public static void Inv(uint[] x, uint[] z) + { + Mod.CheckedModOddInverse(P, x, z); + } + + public static int IsZero(uint[] x) + { + uint d = 0; + for (int i = 0; i < 4; ++i) + { + d |= x[i]; + } + d = (d >> 1) | (d & 1); + return ((int)d - 1) >> 31; + } + + public static void Multiply(uint[] x, uint[] y, uint[] z) + { + uint[] tt = Nat128.CreateExt(); + Nat128.Mul(x, y, tt); + Reduce(tt, z); + } + + public static void MultiplyAddToExt(uint[] x, uint[] y, uint[] zz) + { + uint c = Nat128.MulAddTo(x, y, zz); + if (c != 0 || (zz[7] >= PExt7 && Nat256.Gte(zz, PExt))) + { + Nat.AddTo(PExtInv.Length, PExtInv, zz); + } + } + + public static void Negate(uint[] x, uint[] z) + { + if (0 != IsZero(x)) + { + Nat128.Sub(P, P, z); + } + else + { + Nat128.Sub(P, x, z); + } + } + + public static void Random(SecureRandom r, uint[] z) + { + byte[] bb = new byte[4 * 4]; + do + { + r.NextBytes(bb); + Pack.LE_To_UInt32(bb, 0, z, 0, 4); + } + while (0 == Nat.LessThan(4, z, P)); + } + + public static void RandomMult(SecureRandom r, uint[] z) + { + do + { + Random(r, z); + } + while (0 != IsZero(z)); + } + + public static void Reduce(uint[] xx, uint[] z) + { + ulong x0 = xx[0], x1 = xx[1], x2 = xx[2], x3 = xx[3]; + ulong x4 = xx[4], x5 = xx[5], x6 = xx[6], x7 = xx[7]; + + x3 += x7; x6 += (x7 << 1); + x2 += x6; x5 += (x6 << 1); + x1 += x5; x4 += (x5 << 1); + x0 += x4; x3 += (x4 << 1); + + z[0] = (uint)x0; x1 += (x0 >> 32); + z[1] = (uint)x1; x2 += (x1 >> 32); + z[2] = (uint)x2; x3 += (x2 >> 32); + z[3] = (uint)x3; + + Reduce32((uint)(x3 >> 32), z); + } + + public static void Reduce32(uint x, uint[] z) + { + while (x != 0) + { + ulong c, x4 = x; + + c = (ulong)z[0] + x4; + z[0] = (uint)c; c >>= 32; + if (c != 0) + { + c += (ulong)z[1]; + z[1] = (uint)c; c >>= 32; + c += (ulong)z[2]; + z[2] = (uint)c; c >>= 32; + } + c += (ulong)z[3] + (x4 << 1); + z[3] = (uint)c; c >>= 32; + + Debug.Assert(c >= 0 && c <= 2); + + x = (uint)c; + } + + if (z[3] >= P3 && Nat128.Gte(z, P)) + { + AddPInvTo(z); + } + } + + public static void Square(uint[] x, uint[] z) + { + uint[] tt = Nat128.CreateExt(); + Nat128.Square(x, tt); + Reduce(tt, z); + } + + public static void SquareN(uint[] x, int n, uint[] z) + { + Debug.Assert(n > 0); + + uint[] tt = Nat128.CreateExt(); + Nat128.Square(x, tt); + Reduce(tt, z); + + while (--n > 0) + { + Nat128.Square(z, tt); + Reduce(tt, z); + } + } + + public static void Subtract(uint[] x, uint[] y, uint[] z) + { + int c = Nat128.Sub(x, y, z); + if (c != 0) + { + SubPInvFrom(z); + } + } + + public static void SubtractExt(uint[] xx, uint[] yy, uint[] zz) + { + int c = Nat.Sub(10, xx, yy, zz); + if (c != 0) + { + Nat.SubFrom(PExtInv.Length, PExtInv, zz); + } + } + + public static void Twice(uint[] x, uint[] z) + { + uint c = Nat.ShiftUpBit(4, x, 0, z); + if (c != 0 || (z[3] >= P3 && Nat128.Gte(z, P))) + { + AddPInvTo(z); + } + } + + private static void AddPInvTo(uint[] z) + { + long c = (long)z[0] + 1; + z[0] = (uint)c; c >>= 32; + if (c != 0) + { + c += (long)z[1]; + z[1] = (uint)c; c >>= 32; + c += (long)z[2]; + z[2] = (uint)c; c >>= 32; + } + c += (long)z[3] + 2; + z[3] = (uint)c; + } + + private static void SubPInvFrom(uint[] z) + { + long c = (long)z[0] - 1; + z[0] = (uint)c; c >>= 32; + if (c != 0) + { + c += (long)z[1]; + z[1] = (uint)c; c >>= 32; + c += (long)z[2]; + z[2] = (uint)c; c >>= 32; + } + c += (long)z[3] - 2; + z[3] = (uint)c; + } + } +} diff --git a/BouncyCastle/crypto/src/math/ec/custom/sec/SecP128R1FieldElement.cs b/BouncyCastle/crypto/src/math/ec/custom/sec/SecP128R1FieldElement.cs new file mode 100644 index 0000000..e9235c2 --- /dev/null +++ b/BouncyCastle/crypto/src/math/ec/custom/sec/SecP128R1FieldElement.cs @@ -0,0 +1,200 @@ +using System; + +using Org.BouncyCastle.Math.Raw; +using Org.BouncyCastle.Utilities; +using Org.BouncyCastle.Utilities.Encoders; + +namespace Org.BouncyCastle.Math.EC.Custom.Sec +{ + internal class SecP128R1FieldElement + : AbstractFpFieldElement + { + public static readonly BigInteger Q = new BigInteger(1, + Hex.DecodeStrict("FFFFFFFDFFFFFFFFFFFFFFFFFFFFFFFF")); + + protected internal readonly uint[] x; + + public SecP128R1FieldElement(BigInteger x) + { + if (x == null || x.SignValue < 0 || x.CompareTo(Q) >= 0) + throw new ArgumentException("value invalid for SecP128R1FieldElement", "x"); + + this.x = SecP128R1Field.FromBigInteger(x); + } + + public SecP128R1FieldElement() + { + this.x = Nat128.Create(); + } + + protected internal SecP128R1FieldElement(uint[] x) + { + this.x = x; + } + + public override bool IsZero + { + get { return Nat128.IsZero(x); } + } + + public override bool IsOne + { + get { return Nat128.IsOne(x); } + } + + public override bool TestBitZero() + { + return Nat128.GetBit(x, 0) == 1; + } + + public override BigInteger ToBigInteger() + { + return Nat128.ToBigInteger(x); + } + + public override string FieldName + { + get { return "SecP128R1Field"; } + } + + public override int FieldSize + { + get { return Q.BitLength; } + } + + public override ECFieldElement Add(ECFieldElement b) + { + uint[] z = Nat128.Create(); + SecP128R1Field.Add(x, ((SecP128R1FieldElement)b).x, z); + return new SecP128R1FieldElement(z); + } + + public override ECFieldElement AddOne() + { + uint[] z = Nat128.Create(); + SecP128R1Field.AddOne(x, z); + return new SecP128R1FieldElement(z); + } + + public override ECFieldElement Subtract(ECFieldElement b) + { + uint[] z = Nat128.Create(); + SecP128R1Field.Subtract(x, ((SecP128R1FieldElement)b).x, z); + return new SecP128R1FieldElement(z); + } + + public override ECFieldElement Multiply(ECFieldElement b) + { + uint[] z = Nat128.Create(); + SecP128R1Field.Multiply(x, ((SecP128R1FieldElement)b).x, z); + return new SecP128R1FieldElement(z); + } + + public override ECFieldElement Divide(ECFieldElement b) + { + // return multiply(b.invert()); + uint[] z = Nat128.Create(); + SecP128R1Field.Inv(((SecP128R1FieldElement)b).x, z); + SecP128R1Field.Multiply(z, x, z); + return new SecP128R1FieldElement(z); + } + + public override ECFieldElement Negate() + { + uint[] z = Nat128.Create(); + SecP128R1Field.Negate(x, z); + return new SecP128R1FieldElement(z); + } + + public override ECFieldElement Square() + { + uint[] z = Nat128.Create(); + SecP128R1Field.Square(x, z); + return new SecP128R1FieldElement(z); + } + + public override ECFieldElement Invert() + { + // return new SecP128R1FieldElement(toBigInteger().modInverse(Q)); + uint[] z = Nat128.Create(); + SecP128R1Field.Inv(x, z); + return new SecP128R1FieldElement(z); + } + + // D.1.4 91 + /** + * return a sqrt root - the routine verifies that the calculation returns the right value - if + * none exists it returns null. + */ + public override ECFieldElement Sqrt() + { + /* + * Raise this element to the exponent 2^126 - 2^95 + * + * Breaking up the exponent's binary representation into "repunits", we get: + * { 31 1s } { 95 0s } + * + * Therefore we need an addition chain containing 31 (the length of the repunit) We use: + * 1, 2, 4, 8, 10, 20, 30, [31] + */ + + uint[] x1 = this.x; + if (Nat128.IsZero(x1) || Nat128.IsOne(x1)) + return this; + + uint[] x2 = Nat128.Create(); + SecP128R1Field.Square(x1, x2); + SecP128R1Field.Multiply(x2, x1, x2); + uint[] x4 = Nat128.Create(); + SecP128R1Field.SquareN(x2, 2, x4); + SecP128R1Field.Multiply(x4, x2, x4); + uint[] x8 = Nat128.Create(); + SecP128R1Field.SquareN(x4, 4, x8); + SecP128R1Field.Multiply(x8, x4, x8); + uint[] x10 = x4; + SecP128R1Field.SquareN(x8, 2, x10); + SecP128R1Field.Multiply(x10, x2, x10); + uint[] x20 = x2; + SecP128R1Field.SquareN(x10, 10, x20); + SecP128R1Field.Multiply(x20, x10, x20); + uint[] x30 = x8; + SecP128R1Field.SquareN(x20, 10, x30); + SecP128R1Field.Multiply(x30, x10, x30); + uint[] x31 = x10; + SecP128R1Field.Square(x30, x31); + SecP128R1Field.Multiply(x31, x1, x31); + + uint[] t1 = x31; + SecP128R1Field.SquareN(t1, 95, t1); + + uint[] t2 = x30; + SecP128R1Field.Square(t1, t2); + + return Nat128.Eq(x1, t2) ? new SecP128R1FieldElement(t1) : null; + } + + public override bool Equals(object obj) + { + return Equals(obj as SecP128R1FieldElement); + } + + public override bool Equals(ECFieldElement other) + { + return Equals(other as SecP128R1FieldElement); + } + + public virtual bool Equals(SecP128R1FieldElement other) + { + if (this == other) + return true; + if (null == other) + return false; + return Nat128.Eq(x, other.x); + } + + public override int GetHashCode() + { + return Q.GetHashCode() ^ Arrays.GetHashCode(x, 0, 4); + } + } +} diff --git a/BouncyCastle/crypto/src/math/ec/custom/sec/SecP128R1Point.cs b/BouncyCastle/crypto/src/math/ec/custom/sec/SecP128R1Point.cs new file mode 100644 index 0000000..ae76d3c --- /dev/null +++ b/BouncyCastle/crypto/src/math/ec/custom/sec/SecP128R1Point.cs @@ -0,0 +1,279 @@ +using System; + +using Org.BouncyCastle.Math.Raw; + +namespace Org.BouncyCastle.Math.EC.Custom.Sec +{ + internal class SecP128R1Point + : AbstractFpPoint + { + /** + * Create a point which encodes with point compression. + * + * @param curve + * the curve to use + * @param x + * affine x co-ordinate + * @param y + * affine y co-ordinate + * + * @deprecated Use ECCurve.createPoint to construct points + */ + public SecP128R1Point(ECCurve curve, ECFieldElement x, ECFieldElement y) + : this(curve, x, y, false) + { + } + + /** + * Create a point that encodes with or without point compresion. + * + * @param curve + * the curve to use + * @param x + * affine x co-ordinate + * @param y + * affine y co-ordinate + * @param withCompression + * if true encode with point compression + * + * @deprecated per-point compression property will be removed, refer + * {@link #getEncoded(boolean)} + */ + public SecP128R1Point(ECCurve curve, ECFieldElement x, ECFieldElement y, bool withCompression) + : base(curve, x, y, withCompression) + { + if ((x == null) != (y == null)) + throw new ArgumentException("Exactly one of the field elements is null"); + } + + internal SecP128R1Point(ECCurve curve, ECFieldElement x, ECFieldElement y, ECFieldElement[] zs, bool withCompression) + : base(curve, x, y, zs, withCompression) + { + } + + protected override ECPoint Detach() + { + return new SecP128R1Point(null, AffineXCoord, AffineYCoord); + } + + public override ECPoint Add(ECPoint b) + { + if (this.IsInfinity) + return b; + if (b.IsInfinity) + return this; + if (this == b) + return Twice(); + + ECCurve curve = this.Curve; + + SecP128R1FieldElement X1 = (SecP128R1FieldElement)this.RawXCoord, Y1 = (SecP128R1FieldElement)this.RawYCoord; + SecP128R1FieldElement X2 = (SecP128R1FieldElement)b.RawXCoord, Y2 = (SecP128R1FieldElement)b.RawYCoord; + + SecP128R1FieldElement Z1 = (SecP128R1FieldElement)this.RawZCoords[0]; + SecP128R1FieldElement Z2 = (SecP128R1FieldElement)b.RawZCoords[0]; + + uint c; + uint[] tt1 = Nat128.CreateExt(); + uint[] t2 = Nat128.Create(); + uint[] t3 = Nat128.Create(); + uint[] t4 = Nat128.Create(); + + bool Z1IsOne = Z1.IsOne; + uint[] U2, S2; + if (Z1IsOne) + { + U2 = X2.x; + S2 = Y2.x; + } + else + { + S2 = t3; + SecP128R1Field.Square(Z1.x, S2); + + U2 = t2; + SecP128R1Field.Multiply(S2, X2.x, U2); + + SecP128R1Field.Multiply(S2, Z1.x, S2); + SecP128R1Field.Multiply(S2, Y2.x, S2); + } + + bool Z2IsOne = Z2.IsOne; + uint[] U1, S1; + if (Z2IsOne) + { + U1 = X1.x; + S1 = Y1.x; + } + else + { + S1 = t4; + SecP128R1Field.Square(Z2.x, S1); + + U1 = tt1; + SecP128R1Field.Multiply(S1, X1.x, U1); + + SecP128R1Field.Multiply(S1, Z2.x, S1); + SecP128R1Field.Multiply(S1, Y1.x, S1); + } + + uint[] H = Nat128.Create(); + SecP128R1Field.Subtract(U1, U2, H); + + uint[] R = t2; + SecP128R1Field.Subtract(S1, S2, R); + + // Check if b == this or b == -this + if (Nat128.IsZero(H)) + { + if (Nat128.IsZero(R)) + { + // this == b, i.e. this must be doubled + return this.Twice(); + } + + // this == -b, i.e. the result is the point at infinity + return curve.Infinity; + } + + uint[] HSquared = t3; + SecP128R1Field.Square(H, HSquared); + + uint[] G = Nat128.Create(); + SecP128R1Field.Multiply(HSquared, H, G); + + uint[] V = t3; + SecP128R1Field.Multiply(HSquared, U1, V); + + SecP128R1Field.Negate(G, G); + Nat128.Mul(S1, G, tt1); + + c = Nat128.AddBothTo(V, V, G); + SecP128R1Field.Reduce32(c, G); + + SecP128R1FieldElement X3 = new SecP128R1FieldElement(t4); + SecP128R1Field.Square(R, X3.x); + SecP128R1Field.Subtract(X3.x, G, X3.x); + + SecP128R1FieldElement Y3 = new SecP128R1FieldElement(G); + SecP128R1Field.Subtract(V, X3.x, Y3.x); + SecP128R1Field.MultiplyAddToExt(Y3.x, R, tt1); + SecP128R1Field.Reduce(tt1, Y3.x); + + SecP128R1FieldElement Z3 = new SecP128R1FieldElement(H); + if (!Z1IsOne) + { + SecP128R1Field.Multiply(Z3.x, Z1.x, Z3.x); + } + if (!Z2IsOne) + { + SecP128R1Field.Multiply(Z3.x, Z2.x, Z3.x); + } + + ECFieldElement[] zs = new ECFieldElement[]{ Z3 }; + + return new SecP128R1Point(curve, X3, Y3, zs, IsCompressed); + } + + public override ECPoint Twice() + { + if (this.IsInfinity) + return this; + + ECCurve curve = this.Curve; + + SecP128R1FieldElement Y1 = (SecP128R1FieldElement)this.RawYCoord; + if (Y1.IsZero) + return curve.Infinity; + + SecP128R1FieldElement X1 = (SecP128R1FieldElement)this.RawXCoord, Z1 = (SecP128R1FieldElement)this.RawZCoords[0]; + + uint c; + uint[] t1 = Nat128.Create(); + uint[] t2 = Nat128.Create(); + + uint[] Y1Squared = Nat128.Create(); + SecP128R1Field.Square(Y1.x, Y1Squared); + + uint[] T = Nat128.Create(); + SecP128R1Field.Square(Y1Squared, T); + + bool Z1IsOne = Z1.IsOne; + + uint[] Z1Squared = Z1.x; + if (!Z1IsOne) + { + Z1Squared = t2; + SecP128R1Field.Square(Z1.x, Z1Squared); + } + + SecP128R1Field.Subtract(X1.x, Z1Squared, t1); + + uint[] M = t2; + SecP128R1Field.Add(X1.x, Z1Squared, M); + SecP128R1Field.Multiply(M, t1, M); + c = Nat128.AddBothTo(M, M, M); + SecP128R1Field.Reduce32(c, M); + + uint[] S = Y1Squared; + SecP128R1Field.Multiply(Y1Squared, X1.x, S); + c = Nat.ShiftUpBits(4, S, 2, 0); + SecP128R1Field.Reduce32(c, S); + + c = Nat.ShiftUpBits(4, T, 3, 0, t1); + SecP128R1Field.Reduce32(c, t1); + + SecP128R1FieldElement X3 = new SecP128R1FieldElement(T); + SecP128R1Field.Square(M, X3.x); + SecP128R1Field.Subtract(X3.x, S, X3.x); + SecP128R1Field.Subtract(X3.x, S, X3.x); + + SecP128R1FieldElement Y3 = new SecP128R1FieldElement(S); + SecP128R1Field.Subtract(S, X3.x, Y3.x); + SecP128R1Field.Multiply(Y3.x, M, Y3.x); + SecP128R1Field.Subtract(Y3.x, t1, Y3.x); + + SecP128R1FieldElement Z3 = new SecP128R1FieldElement(M); + SecP128R1Field.Twice(Y1.x, Z3.x); + if (!Z1IsOne) + { + SecP128R1Field.Multiply(Z3.x, Z1.x, Z3.x); + } + + return new SecP128R1Point(curve, X3, Y3, new ECFieldElement[]{ Z3 }, IsCompressed); + } + + public override ECPoint TwicePlus(ECPoint b) + { + if (this == b) + return ThreeTimes(); + if (this.IsInfinity) + return b; + if (b.IsInfinity) + return Twice(); + + ECFieldElement Y1 = this.RawYCoord; + if (Y1.IsZero) + return b; + + return Twice().Add(b); + } + + public override ECPoint ThreeTimes() + { + if (this.IsInfinity || this.RawYCoord.IsZero) + return this; + + // NOTE: Be careful about recursions between twicePlus and threeTimes + return Twice().Add(this); + } + + public override ECPoint Negate() + { + if (IsInfinity) + return this; + + return new SecP128R1Point(Curve, RawXCoord, RawYCoord.Negate(), RawZCoords, IsCompressed); + } + } +} diff --git a/BouncyCastle/crypto/src/math/ec/custom/sec/SecP160K1Curve.cs b/BouncyCastle/crypto/src/math/ec/custom/sec/SecP160K1Curve.cs new file mode 100644 index 0000000..c2c78e4 --- /dev/null +++ b/BouncyCastle/crypto/src/math/ec/custom/sec/SecP160K1Curve.cs @@ -0,0 +1,168 @@ +using System; + +using Org.BouncyCastle.Math.Raw; +using Org.BouncyCastle.Security; +using Org.BouncyCastle.Utilities.Encoders; + +namespace Org.BouncyCastle.Math.EC.Custom.Sec +{ + internal class SecP160K1Curve + : AbstractFpCurve + { + public static readonly BigInteger q = SecP160R2FieldElement.Q; + + private const int SECP160K1_DEFAULT_COORDS = COORD_JACOBIAN; + private const int SECP160K1_FE_INTS = 5; + private static readonly ECFieldElement[] SECP160K1_AFFINE_ZS = new ECFieldElement[] { new SecP160R2FieldElement(BigInteger.One) }; + + protected readonly SecP160K1Point m_infinity; + + public SecP160K1Curve() + : base(q) + { + this.m_infinity = new SecP160K1Point(this, null, null); + + this.m_a = FromBigInteger(BigInteger.Zero); + this.m_b = FromBigInteger(BigInteger.ValueOf(7)); + this.m_order = new BigInteger(1, Hex.DecodeStrict("0100000000000000000001B8FA16DFAB9ACA16B6B3")); + this.m_cofactor = BigInteger.One; + this.m_coord = SECP160K1_DEFAULT_COORDS; + } + + protected override ECCurve CloneCurve() + { + return new SecP160K1Curve(); + } + + public override bool SupportsCoordinateSystem(int coord) + { + switch (coord) + { + case COORD_JACOBIAN: + return true; + default: + return false; + } + } + + public virtual BigInteger Q + { + get { return q; } + } + + public override ECPoint Infinity + { + get { return m_infinity; } + } + + public override int FieldSize + { + get { return q.BitLength; } + } + + public override ECFieldElement FromBigInteger(BigInteger x) + { + return new SecP160R2FieldElement(x); + } + + protected internal override ECPoint CreateRawPoint(ECFieldElement x, ECFieldElement y, bool withCompression) + { + return new SecP160K1Point(this, x, y, withCompression); + } + + protected internal override ECPoint CreateRawPoint(ECFieldElement x, ECFieldElement y, ECFieldElement[] zs, bool withCompression) + { + return new SecP160K1Point(this, x, y, zs, withCompression); + } + + public override ECLookupTable CreateCacheSafeLookupTable(ECPoint[] points, int off, int len) + { + uint[] table = new uint[len * SECP160K1_FE_INTS * 2]; + { + int pos = 0; + for (int i = 0; i < len; ++i) + { + ECPoint p = points[off + i]; + Nat160.Copy(((SecP160R2FieldElement)p.RawXCoord).x, 0, table, pos); pos += SECP160K1_FE_INTS; + Nat160.Copy(((SecP160R2FieldElement)p.RawYCoord).x, 0, table, pos); pos += SECP160K1_FE_INTS; + } + } + + return new SecP160K1LookupTable(this, table, len); + } + + public override ECFieldElement RandomFieldElement(SecureRandom r) + { + uint[] x = Nat160.Create(); + SecP160R2Field.Random(r, x); + return new SecP160R2FieldElement(x); + } + + public override ECFieldElement RandomFieldElementMult(SecureRandom r) + { + uint[] x = Nat160.Create(); + SecP160R2Field.RandomMult(r, x); + return new SecP160R2FieldElement(x); + } + + private class SecP160K1LookupTable + : AbstractECLookupTable + { + private readonly SecP160K1Curve m_outer; + private readonly uint[] m_table; + private readonly int m_size; + + internal SecP160K1LookupTable(SecP160K1Curve outer, uint[] table, int size) + { + this.m_outer = outer; + this.m_table = table; + this.m_size = size; + } + + public override int Size + { + get { return m_size; } + } + + public override ECPoint Lookup(int index) + { + uint[] x = Nat256.Create(), y = Nat256.Create(); + int pos = 0; + + for (int i = 0; i < m_size; ++i) + { + uint MASK = (uint)(((i ^ index) - 1) >> 31); + + for (int j = 0; j < SECP160K1_FE_INTS; ++j) + { + x[j] ^= m_table[pos + j] & MASK; + y[j] ^= m_table[pos + SECP160K1_FE_INTS + j] & MASK; + } + + pos += (SECP160K1_FE_INTS * 2); + } + + return CreatePoint(x, y); + } + + public override ECPoint LookupVar(int index) + { + uint[] x = Nat256.Create(), y = Nat256.Create(); + int pos = index * SECP160K1_FE_INTS * 2; + + for (int j = 0; j < SECP160K1_FE_INTS; ++j) + { + x[j] = m_table[pos + j]; + y[j] = m_table[pos + SECP160K1_FE_INTS + j]; + } + + return CreatePoint(x, y); + } + + private ECPoint CreatePoint(uint[] x, uint[] y) + { + return m_outer.CreateRawPoint(new SecP160R2FieldElement(x), new SecP160R2FieldElement(y), SECP160K1_AFFINE_ZS, false); + } + } + } +} diff --git a/BouncyCastle/crypto/src/math/ec/custom/sec/SecP160K1Point.cs b/BouncyCastle/crypto/src/math/ec/custom/sec/SecP160K1Point.cs new file mode 100644 index 0000000..1bcbadb --- /dev/null +++ b/BouncyCastle/crypto/src/math/ec/custom/sec/SecP160K1Point.cs @@ -0,0 +1,269 @@ +using System; + +using Org.BouncyCastle.Math.Raw; + +namespace Org.BouncyCastle.Math.EC.Custom.Sec +{ + internal class SecP160K1Point + : AbstractFpPoint + { + /** + * Create a point which encodes with point compression. + * + * @param curve + * the curve to use + * @param x + * affine x co-ordinate + * @param y + * affine y co-ordinate + * + * @deprecated Use ECCurve.CreatePoint to construct points + */ + public SecP160K1Point(ECCurve curve, ECFieldElement x, ECFieldElement y) + : this(curve, x, y, false) + { + } + + /** + * Create a point that encodes with or without point compresion. + * + * @param curve + * the curve to use + * @param x + * affine x co-ordinate + * @param y + * affine y co-ordinate + * @param withCompression + * if true encode with point compression + * + * @deprecated per-point compression property will be removed, refer + * {@link #getEncoded(bool)} + */ + public SecP160K1Point(ECCurve curve, ECFieldElement x, ECFieldElement y, bool withCompression) + : base(curve, x, y, withCompression) + { + if ((x == null) != (y == null)) + throw new ArgumentException("Exactly one of the field elements is null"); + } + + internal SecP160K1Point(ECCurve curve, ECFieldElement x, ECFieldElement y, ECFieldElement[] zs, + bool withCompression) + : base(curve, x, y, zs, withCompression) + { + } + + protected override ECPoint Detach() + { + return new SecP160K1Point(null, AffineXCoord, AffineYCoord); + } + + // B.3 pg 62 + public override ECPoint Add(ECPoint b) + { + if (this.IsInfinity) + return b; + if (b.IsInfinity) + return this; + if (this == b) + return Twice(); + + ECCurve curve = this.Curve; + + SecP160R2FieldElement X1 = (SecP160R2FieldElement)this.RawXCoord, Y1 = (SecP160R2FieldElement)this.RawYCoord; + SecP160R2FieldElement X2 = (SecP160R2FieldElement)b.RawXCoord, Y2 = (SecP160R2FieldElement)b.RawYCoord; + + SecP160R2FieldElement Z1 = (SecP160R2FieldElement)this.RawZCoords[0]; + SecP160R2FieldElement Z2 = (SecP160R2FieldElement)b.RawZCoords[0]; + + uint c; + uint[] tt1 = Nat160.CreateExt(); + uint[] t2 = Nat160.Create(); + uint[] t3 = Nat160.Create(); + uint[] t4 = Nat160.Create(); + + bool Z1IsOne = Z1.IsOne; + uint[] U2, S2; + if (Z1IsOne) + { + U2 = X2.x; + S2 = Y2.x; + } + else + { + S2 = t3; + SecP160R2Field.Square(Z1.x, S2); + + U2 = t2; + SecP160R2Field.Multiply(S2, X2.x, U2); + + SecP160R2Field.Multiply(S2, Z1.x, S2); + SecP160R2Field.Multiply(S2, Y2.x, S2); + } + + bool Z2IsOne = Z2.IsOne; + uint[] U1, S1; + if (Z2IsOne) + { + U1 = X1.x; + S1 = Y1.x; + } + else + { + S1 = t4; + SecP160R2Field.Square(Z2.x, S1); + + U1 = tt1; + SecP160R2Field.Multiply(S1, X1.x, U1); + + SecP160R2Field.Multiply(S1, Z2.x, S1); + SecP160R2Field.Multiply(S1, Y1.x, S1); + } + + uint[] H = Nat160.Create(); + SecP160R2Field.Subtract(U1, U2, H); + + uint[] R = t2; + SecP160R2Field.Subtract(S1, S2, R); + + // Check if b == this or b == -this + if (Nat160.IsZero(H)) + { + if (Nat160.IsZero(R)) + { + // this == b, i.e. this must be doubled + return this.Twice(); + } + + // this == -b, i.e. the result is the point at infinity + return curve.Infinity; + } + + uint[] HSquared = t3; + SecP160R2Field.Square(H, HSquared); + + uint[] G = Nat160.Create(); + SecP160R2Field.Multiply(HSquared, H, G); + + uint[] V = t3; + SecP160R2Field.Multiply(HSquared, U1, V); + + SecP160R2Field.Negate(G, G); + Nat160.Mul(S1, G, tt1); + + c = Nat160.AddBothTo(V, V, G); + SecP160R2Field.Reduce32(c, G); + + SecP160R2FieldElement X3 = new SecP160R2FieldElement(t4); + SecP160R2Field.Square(R, X3.x); + SecP160R2Field.Subtract(X3.x, G, X3.x); + + SecP160R2FieldElement Y3 = new SecP160R2FieldElement(G); + SecP160R2Field.Subtract(V, X3.x, Y3.x); + SecP160R2Field.MultiplyAddToExt(Y3.x, R, tt1); + SecP160R2Field.Reduce(tt1, Y3.x); + + SecP160R2FieldElement Z3 = new SecP160R2FieldElement(H); + if (!Z1IsOne) + { + SecP160R2Field.Multiply(Z3.x, Z1.x, Z3.x); + } + if (!Z2IsOne) + { + SecP160R2Field.Multiply(Z3.x, Z2.x, Z3.x); + } + + ECFieldElement[] zs = new ECFieldElement[] { Z3 }; + + return new SecP160K1Point(curve, X3, Y3, zs, IsCompressed); + } + + // B.3 pg 62 + public override ECPoint Twice() + { + if (this.IsInfinity) + return this; + + ECCurve curve = this.Curve; + + SecP160R2FieldElement Y1 = (SecP160R2FieldElement)this.RawYCoord; + if (Y1.IsZero) + return curve.Infinity; + + SecP160R2FieldElement X1 = (SecP160R2FieldElement)this.RawXCoord, Z1 = (SecP160R2FieldElement)this.RawZCoords[0]; + + uint c; + + uint[] Y1Squared = Nat160.Create(); + SecP160R2Field.Square(Y1.x, Y1Squared); + + uint[] T = Nat160.Create(); + SecP160R2Field.Square(Y1Squared, T); + + uint[] M = Nat160.Create(); + SecP160R2Field.Square(X1.x, M); + c = Nat160.AddBothTo(M, M, M); + SecP160R2Field.Reduce32(c, M); + + uint[] S = Y1Squared; + SecP160R2Field.Multiply(Y1Squared, X1.x, S); + c = Nat.ShiftUpBits(5, S, 2, 0); + SecP160R2Field.Reduce32(c, S); + + uint[] t1 = Nat160.Create(); + c = Nat.ShiftUpBits(5, T, 3, 0, t1); + SecP160R2Field.Reduce32(c, t1); + + SecP160R2FieldElement X3 = new SecP160R2FieldElement(T); + SecP160R2Field.Square(M, X3.x); + SecP160R2Field.Subtract(X3.x, S, X3.x); + SecP160R2Field.Subtract(X3.x, S, X3.x); + + SecP160R2FieldElement Y3 = new SecP160R2FieldElement(S); + SecP160R2Field.Subtract(S, X3.x, Y3.x); + SecP160R2Field.Multiply(Y3.x, M, Y3.x); + SecP160R2Field.Subtract(Y3.x, t1, Y3.x); + + SecP160R2FieldElement Z3 = new SecP160R2FieldElement(M); + SecP160R2Field.Twice(Y1.x, Z3.x); + if (!Z1.IsOne) + { + SecP160R2Field.Multiply(Z3.x, Z1.x, Z3.x); + } + + return new SecP160K1Point(curve, X3, Y3, new ECFieldElement[] { Z3 }, IsCompressed); + } + + public override ECPoint TwicePlus(ECPoint b) + { + if (this == b) + return ThreeTimes(); + if (this.IsInfinity) + return b; + if (b.IsInfinity) + return Twice(); + + ECFieldElement Y1 = this.RawYCoord; + if (Y1.IsZero) + return b; + + return Twice().Add(b); + } + + public override ECPoint ThreeTimes() + { + if (this.IsInfinity || this.RawYCoord.IsZero) + return this; + + // NOTE: Be careful about recursions between TwicePlus and threeTimes + return Twice().Add(this); + } + + public override ECPoint Negate() + { + if (IsInfinity) + return this; + + return new SecP160K1Point(Curve, this.RawXCoord, this.RawYCoord.Negate(), this.RawZCoords, IsCompressed); + } + } +} diff --git a/BouncyCastle/crypto/src/math/ec/custom/sec/SecP160R1Curve.cs b/BouncyCastle/crypto/src/math/ec/custom/sec/SecP160R1Curve.cs new file mode 100644 index 0000000..8ae519a --- /dev/null +++ b/BouncyCastle/crypto/src/math/ec/custom/sec/SecP160R1Curve.cs @@ -0,0 +1,171 @@ +using System; + +using Org.BouncyCastle.Math.Raw; +using Org.BouncyCastle.Security; +using Org.BouncyCastle.Utilities.Encoders; + +namespace Org.BouncyCastle.Math.EC.Custom.Sec +{ + internal class SecP160R1Curve + : AbstractFpCurve + { + public static readonly BigInteger q = SecP160R1FieldElement.Q; + + private const int SECP160R1_DEFAULT_COORDS = COORD_JACOBIAN; + private const int SECP160R1_FE_INTS = 5; + private static readonly ECFieldElement[] SECP160R1_AFFINE_ZS = new ECFieldElement[] { new SecP160R1FieldElement(BigInteger.One) }; + + protected readonly SecP160R1Point m_infinity; + + public SecP160R1Curve() + : base(q) + { + this.m_infinity = new SecP160R1Point(this, null, null); + + this.m_a = FromBigInteger(new BigInteger(1, + Hex.DecodeStrict("FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF7FFFFFFC"))); + this.m_b = FromBigInteger(new BigInteger(1, + Hex.DecodeStrict("1C97BEFC54BD7A8B65ACF89F81D4D4ADC565FA45"))); + this.m_order = new BigInteger(1, Hex.DecodeStrict("0100000000000000000001F4C8F927AED3CA752257")); + this.m_cofactor = BigInteger.One; + + this.m_coord = SECP160R1_DEFAULT_COORDS; + } + + protected override ECCurve CloneCurve() + { + return new SecP160R1Curve(); + } + + public override bool SupportsCoordinateSystem(int coord) + { + switch (coord) + { + case COORD_JACOBIAN: + return true; + default: + return false; + } + } + + public virtual BigInteger Q + { + get { return q; } + } + + public override ECPoint Infinity + { + get { return m_infinity; } + } + + public override int FieldSize + { + get { return q.BitLength; } + } + + public override ECFieldElement FromBigInteger(BigInteger x) + { + return new SecP160R1FieldElement(x); + } + + protected internal override ECPoint CreateRawPoint(ECFieldElement x, ECFieldElement y, bool withCompression) + { + return new SecP160R1Point(this, x, y, withCompression); + } + + protected internal override ECPoint CreateRawPoint(ECFieldElement x, ECFieldElement y, ECFieldElement[] zs, bool withCompression) + { + return new SecP160R1Point(this, x, y, zs, withCompression); + } + + public override ECLookupTable CreateCacheSafeLookupTable(ECPoint[] points, int off, int len) + { + uint[] table = new uint[len * SECP160R1_FE_INTS * 2]; + { + int pos = 0; + for (int i = 0; i < len; ++i) + { + ECPoint p = points[off + i]; + Nat160.Copy(((SecP160R1FieldElement)p.RawXCoord).x, 0, table, pos); pos += SECP160R1_FE_INTS; + Nat160.Copy(((SecP160R1FieldElement)p.RawYCoord).x, 0, table, pos); pos += SECP160R1_FE_INTS; + } + } + + return new SecP160R1LookupTable(this, table, len); + } + + public override ECFieldElement RandomFieldElement(SecureRandom r) + { + uint[] x = Nat160.Create(); + SecP160R1Field.Random(r, x); + return new SecP160R1FieldElement(x); + } + + public override ECFieldElement RandomFieldElementMult(SecureRandom r) + { + uint[] x = Nat160.Create(); + SecP160R1Field.RandomMult(r, x); + return new SecP160R1FieldElement(x); + } + + private class SecP160R1LookupTable + : AbstractECLookupTable + { + private readonly SecP160R1Curve m_outer; + private readonly uint[] m_table; + private readonly int m_size; + + internal SecP160R1LookupTable(SecP160R1Curve outer, uint[] table, int size) + { + this.m_outer = outer; + this.m_table = table; + this.m_size = size; + } + + public override int Size + { + get { return m_size; } + } + + public override ECPoint Lookup(int index) + { + uint[] x = Nat160.Create(), y = Nat160.Create(); + int pos = 0; + + for (int i = 0; i < m_size; ++i) + { + uint MASK = (uint)(((i ^ index) - 1) >> 31); + + for (int j = 0; j < SECP160R1_FE_INTS; ++j) + { + x[j] ^= m_table[pos + j] & MASK; + y[j] ^= m_table[pos + SECP160R1_FE_INTS + j] & MASK; + } + + pos += (SECP160R1_FE_INTS * 2); + } + + return CreatePoint(x, y); + } + + public override ECPoint LookupVar(int index) + { + uint[] x = Nat160.Create(), y = Nat160.Create(); + int pos = index * SECP160R1_FE_INTS * 2; + + for (int j = 0; j < SECP160R1_FE_INTS; ++j) + { + x[j] = m_table[pos + j]; + y[j] = m_table[pos + SECP160R1_FE_INTS + j]; + } + + return CreatePoint(x, y); + } + + private ECPoint CreatePoint(uint[] x, uint[] y) + { + return m_outer.CreateRawPoint(new SecP160R1FieldElement(x), new SecP160R1FieldElement(y), SECP160R1_AFFINE_ZS, false); + } + } + } +} diff --git a/BouncyCastle/crypto/src/math/ec/custom/sec/SecP160R1Field.cs b/BouncyCastle/crypto/src/math/ec/custom/sec/SecP160R1Field.cs new file mode 100644 index 0000000..f4b1e2a --- /dev/null +++ b/BouncyCastle/crypto/src/math/ec/custom/sec/SecP160R1Field.cs @@ -0,0 +1,224 @@ +using System; +using System.Diagnostics; + +using Org.BouncyCastle.Crypto.Utilities; +using Org.BouncyCastle.Math.Raw; +using Org.BouncyCastle.Security; + +namespace Org.BouncyCastle.Math.EC.Custom.Sec +{ + internal class SecP160R1Field + { + // 2^160 - 2^31 - 1 + internal static readonly uint[] P = new uint[]{ 0x7FFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF }; + private static readonly uint[] PExt = new uint[]{ 0x00000001, 0x40000001, 0x00000000, 0x00000000, 0x00000000, + 0xFFFFFFFE, 0xFFFFFFFE, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF }; + private static readonly uint[] PExtInv = new uint[]{ 0xFFFFFFFF, 0xBFFFFFFE, 0xFFFFFFFF, 0xFFFFFFFF, + 0xFFFFFFFF, 0x00000001, 0x00000001 }; + private const uint P4 = 0xFFFFFFFF; + private const uint PExt9 = 0xFFFFFFFF; + private const uint PInv = 0x80000001; + + public static void Add(uint[] x, uint[] y, uint[] z) + { + uint c = Nat160.Add(x, y, z); + if (c != 0 || (z[4] == P4 && Nat160.Gte(z, P))) + { + Nat.AddWordTo(5, PInv, z); + } + } + + public static void AddExt(uint[] xx, uint[] yy, uint[] zz) + { + uint c = Nat.Add(10, xx, yy, zz); + if (c != 0 || (zz[9] == PExt9 && Nat.Gte(10, zz, PExt))) + { + if (Nat.AddTo(PExtInv.Length, PExtInv, zz) != 0) + { + Nat.IncAt(10, zz, PExtInv.Length); + } + } + } + + public static void AddOne(uint[] x, uint[] z) + { + uint c = Nat.Inc(5, x, z); + if (c != 0 || (z[4] == P4 && Nat160.Gte(z, P))) + { + Nat.AddWordTo(5, PInv, z); + } + } + + public static uint[] FromBigInteger(BigInteger x) + { + uint[] z = Nat.FromBigInteger(160, x); + if (z[4] == P4 && Nat160.Gte(z, P)) + { + Nat160.SubFrom(P, z); + } + return z; + } + + public static void Half(uint[] x, uint[] z) + { + if ((x[0] & 1) == 0) + { + Nat.ShiftDownBit(5, x, 0, z); + } + else + { + uint c = Nat160.Add(x, P, z); + Nat.ShiftDownBit(5, z, c); + } + } + + public static void Inv(uint[] x, uint[] z) + { + Mod.CheckedModOddInverse(P, x, z); + } + + public static int IsZero(uint[] x) + { + uint d = 0; + for (int i = 0; i < 5; ++i) + { + d |= x[i]; + } + d = (d >> 1) | (d & 1); + return ((int)d - 1) >> 31; + } + + public static void Multiply(uint[] x, uint[] y, uint[] z) + { + uint[] tt = Nat160.CreateExt(); + Nat160.Mul(x, y, tt); + Reduce(tt, z); + } + + public static void MultiplyAddToExt(uint[] x, uint[] y, uint[] zz) + { + uint c = Nat160.MulAddTo(x, y, zz); + if (c != 0 || (zz[9] == PExt9 && Nat.Gte(10, zz, PExt))) + { + if (Nat.AddTo(PExtInv.Length, PExtInv, zz) != 0) + { + Nat.IncAt(10, zz, PExtInv.Length); + } + } + } + + public static void Negate(uint[] x, uint[] z) + { + if (0 != IsZero(x)) + { + Nat160.Sub(P, P, z); + } + else + { + Nat160.Sub(P, x, z); + } + } + + public static void Random(SecureRandom r, uint[] z) + { + byte[] bb = new byte[5 * 4]; + do + { + r.NextBytes(bb); + Pack.LE_To_UInt32(bb, 0, z, 0, 5); + } + while (0 == Nat.LessThan(5, z, P)); + } + + public static void RandomMult(SecureRandom r, uint[] z) + { + do + { + Random(r, z); + } + while (0 != IsZero(z)); + } + + public static void Reduce(uint[] xx, uint[] z) + { + ulong x5 = xx[5], x6 = xx[6], x7 = xx[7], x8 = xx[8], x9 = xx[9]; + + ulong c = 0; + c += (ulong)xx[0] + x5 + (x5 << 31); + z[0] = (uint)c; c >>= 32; + c += (ulong)xx[1] + x6 + (x6 << 31); + z[1] = (uint)c; c >>= 32; + c += (ulong)xx[2] + x7 + (x7 << 31); + z[2] = (uint)c; c >>= 32; + c += (ulong)xx[3] + x8 + (x8 << 31); + z[3] = (uint)c; c >>= 32; + c += (ulong)xx[4] + x9 + (x9 << 31); + z[4] = (uint)c; c >>= 32; + + Debug.Assert(c >> 32 == 0); + + Reduce32((uint)c, z); + } + + public static void Reduce32(uint x, uint[] z) + { + if ((x != 0 && Nat160.MulWordsAdd(PInv, x, z, 0) != 0) + || (z[4] == P4 && Nat160.Gte(z, P))) + { + Nat.AddWordTo(5, PInv, z); + } + } + + public static void Square(uint[] x, uint[] z) + { + uint[] tt = Nat160.CreateExt(); + Nat160.Square(x, tt); + Reduce(tt, z); + } + + public static void SquareN(uint[] x, int n, uint[] z) + { + Debug.Assert(n > 0); + + uint[] tt = Nat160.CreateExt(); + Nat160.Square(x, tt); + Reduce(tt, z); + + while (--n > 0) + { + Nat160.Square(z, tt); + Reduce(tt, z); + } + } + + public static void Subtract(uint[] x, uint[] y, uint[] z) + { + int c = Nat160.Sub(x, y, z); + if (c != 0) + { + Nat.SubWordFrom(5, PInv, z); + } + } + + public static void SubtractExt(uint[] xx, uint[] yy, uint[] zz) + { + int c = Nat.Sub(10, xx, yy, zz); + if (c != 0) + { + if (Nat.SubFrom(PExtInv.Length, PExtInv, zz) != 0) + { + Nat.DecAt(10, zz, PExtInv.Length); + } + } + } + + public static void Twice(uint[] x, uint[] z) + { + uint c = Nat.ShiftUpBit(5, x, 0, z); + if (c != 0 || (z[4] == P4 && Nat160.Gte(z, P))) + { + Nat.AddWordTo(5, PInv, z); + } + } + } +} diff --git a/BouncyCastle/crypto/src/math/ec/custom/sec/SecP160R1FieldElement.cs b/BouncyCastle/crypto/src/math/ec/custom/sec/SecP160R1FieldElement.cs new file mode 100644 index 0000000..4876faf --- /dev/null +++ b/BouncyCastle/crypto/src/math/ec/custom/sec/SecP160R1FieldElement.cs @@ -0,0 +1,205 @@ +using System; + +using Org.BouncyCastle.Math.Raw; +using Org.BouncyCastle.Utilities; +using Org.BouncyCastle.Utilities.Encoders; + +namespace Org.BouncyCastle.Math.EC.Custom.Sec +{ + internal class SecP160R1FieldElement + : AbstractFpFieldElement + { + public static readonly BigInteger Q = new BigInteger(1, + Hex.DecodeStrict("FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF7FFFFFFF")); + + protected internal readonly uint[] x; + + public SecP160R1FieldElement(BigInteger x) + { + if (x == null || x.SignValue < 0 || x.CompareTo(Q) >= 0) + throw new ArgumentException("value invalid for SecP160R1FieldElement", "x"); + + this.x = SecP160R1Field.FromBigInteger(x); + } + + public SecP160R1FieldElement() + { + this.x = Nat160.Create(); + } + + protected internal SecP160R1FieldElement(uint[] x) + { + this.x = x; + } + + public override bool IsZero + { + get { return Nat160.IsZero(x); } + } + + public override bool IsOne + { + get { return Nat160.IsOne(x); } + } + + public override bool TestBitZero() + { + return Nat160.GetBit(x, 0) == 1; + } + + public override BigInteger ToBigInteger() + { + return Nat160.ToBigInteger(x); + } + + public override string FieldName + { + get { return "SecP160R1Field"; } + } + + public override int FieldSize + { + get { return Q.BitLength; } + } + + public override ECFieldElement Add(ECFieldElement b) + { + uint[] z = Nat160.Create(); + SecP160R1Field.Add(x, ((SecP160R1FieldElement)b).x, z); + return new SecP160R1FieldElement(z); + } + + public override ECFieldElement AddOne() + { + uint[] z = Nat160.Create(); + SecP160R1Field.AddOne(x, z); + return new SecP160R1FieldElement(z); + } + + public override ECFieldElement Subtract(ECFieldElement b) + { + uint[] z = Nat160.Create(); + SecP160R1Field.Subtract(x, ((SecP160R1FieldElement)b).x, z); + return new SecP160R1FieldElement(z); + } + + public override ECFieldElement Multiply(ECFieldElement b) + { + uint[] z = Nat160.Create(); + SecP160R1Field.Multiply(x, ((SecP160R1FieldElement)b).x, z); + return new SecP160R1FieldElement(z); + } + + public override ECFieldElement Divide(ECFieldElement b) + { + // return multiply(b.invert()); + uint[] z = Nat160.Create(); + SecP160R1Field.Inv(((SecP160R1FieldElement)b).x, z); + SecP160R1Field.Multiply(z, x, z); + return new SecP160R1FieldElement(z); + } + + public override ECFieldElement Negate() + { + uint[] z = Nat160.Create(); + SecP160R1Field.Negate(x, z); + return new SecP160R1FieldElement(z); + } + + public override ECFieldElement Square() + { + uint[] z = Nat160.Create(); + SecP160R1Field.Square(x, z); + return new SecP160R1FieldElement(z); + } + + public override ECFieldElement Invert() + { + // return new SecP160R1FieldElement(ToBigInteger().modInverse(Q)); + uint[] z = Nat160.Create(); + SecP160R1Field.Inv(x, z); + return new SecP160R1FieldElement(z); + } + + // D.1.4 91 + /** + * return a sqrt root - the routine verifies that the calculation returns the right value - if + * none exists it returns null. + */ + public override ECFieldElement Sqrt() + { + /* + * Raise this element to the exponent 2^158 - 2^29 + * + * Breaking up the exponent's binary representation into "repunits", we get: + * { 129 1s } { 29 0s } + * + * Therefore we need an addition chain containing 129 (the length of the repunit) We use: + * 1, 2, 4, 8, 16, 32, 64, 128, [129] + */ + + uint[] x1 = this.x; + if (Nat160.IsZero(x1) || Nat160.IsOne(x1)) + { + return this; + } + + uint[] x2 = Nat160.Create(); + SecP160R1Field.Square(x1, x2); + SecP160R1Field.Multiply(x2, x1, x2); + uint[] x4 = Nat160.Create(); + SecP160R1Field.SquareN(x2, 2, x4); + SecP160R1Field.Multiply(x4, x2, x4); + uint[] x8 = x2; + SecP160R1Field.SquareN(x4, 4, x8); + SecP160R1Field.Multiply(x8, x4, x8); + uint[] x16 = x4; + SecP160R1Field.SquareN(x8, 8, x16); + SecP160R1Field.Multiply(x16, x8, x16); + uint[] x32 = x8; + SecP160R1Field.SquareN(x16, 16, x32); + SecP160R1Field.Multiply(x32, x16, x32); + uint[] x64 = x16; + SecP160R1Field.SquareN(x32, 32, x64); + SecP160R1Field.Multiply(x64, x32, x64); + uint[] x128 = x32; + SecP160R1Field.SquareN(x64, 64, x128); + SecP160R1Field.Multiply(x128, x64, x128); + uint[] x129 = x64; + SecP160R1Field.Square(x128, x129); + SecP160R1Field.Multiply(x129, x1, x129); + + uint[] t1 = x129; + SecP160R1Field.SquareN(t1, 29, t1); + + uint[] t2 = x128; + SecP160R1Field.Square(t1, t2); + + return Nat160.Eq(x1, t2) ? new SecP160R1FieldElement(t1) : null; + } + + public override bool Equals(object obj) + { + return Equals(obj as SecP160R1FieldElement); + } + + public override bool Equals(ECFieldElement other) + { + return Equals(other as SecP160R1FieldElement); + } + + public virtual bool Equals(SecP160R1FieldElement other) + { + if (this == other) + return true; + if (null == other) + return false; + return Nat160.Eq(x, other.x); + } + + public override int GetHashCode() + { + return Q.GetHashCode() ^ Arrays.GetHashCode(x, 0, 5); + } + } +} diff --git a/BouncyCastle/crypto/src/math/ec/custom/sec/SecP160R1Point.cs b/BouncyCastle/crypto/src/math/ec/custom/sec/SecP160R1Point.cs new file mode 100644 index 0000000..f9f065d --- /dev/null +++ b/BouncyCastle/crypto/src/math/ec/custom/sec/SecP160R1Point.cs @@ -0,0 +1,279 @@ +using System; + +using Org.BouncyCastle.Math.Raw; + +namespace Org.BouncyCastle.Math.EC.Custom.Sec +{ + internal class SecP160R1Point + : AbstractFpPoint + { + /** + * Create a point which encodes with point compression. + * + * @param curve + * the curve to use + * @param x + * affine x co-ordinate + * @param y + * affine y co-ordinate + * + * @deprecated Use ECCurve.CreatePoint to construct points + */ + public SecP160R1Point(ECCurve curve, ECFieldElement x, ECFieldElement y) + : this(curve, x, y, false) + { + } + + /** + * Create a point that encodes with or without point compresion. + * + * @param curve + * the curve to use + * @param x + * affine x co-ordinate + * @param y + * affine y co-ordinate + * @param withCompression + * if true encode with point compression + * + * @deprecated per-point compression property will be removed, refer + * {@link #getEncoded(bool)} + */ + public SecP160R1Point(ECCurve curve, ECFieldElement x, ECFieldElement y, bool withCompression) + : base(curve, x, y, withCompression) + { + if ((x == null) != (y == null)) + throw new ArgumentException("Exactly one of the field elements is null"); + } + + internal SecP160R1Point(ECCurve curve, ECFieldElement x, ECFieldElement y, ECFieldElement[] zs, bool withCompression) + : base(curve, x, y, zs, withCompression) + { + } + + protected override ECPoint Detach() + { + return new SecP160R1Point(null, AffineXCoord, AffineYCoord); + } + + public override ECPoint Add(ECPoint b) + { + if (this.IsInfinity) + return b; + if (b.IsInfinity) + return this; + if (this == b) + return Twice(); + + ECCurve curve = this.Curve; + + SecP160R1FieldElement X1 = (SecP160R1FieldElement)this.RawXCoord, Y1 = (SecP160R1FieldElement)this.RawYCoord; + SecP160R1FieldElement X2 = (SecP160R1FieldElement)b.RawXCoord, Y2 = (SecP160R1FieldElement)b.RawYCoord; + + SecP160R1FieldElement Z1 = (SecP160R1FieldElement)this.RawZCoords[0]; + SecP160R1FieldElement Z2 = (SecP160R1FieldElement)b.RawZCoords[0]; + + uint c; + uint[] tt1 = Nat160.CreateExt(); + uint[] t2 = Nat160.Create(); + uint[] t3 = Nat160.Create(); + uint[] t4 = Nat160.Create(); + + bool Z1IsOne = Z1.IsOne; + uint[] U2, S2; + if (Z1IsOne) + { + U2 = X2.x; + S2 = Y2.x; + } + else + { + S2 = t3; + SecP160R1Field.Square(Z1.x, S2); + + U2 = t2; + SecP160R1Field.Multiply(S2, X2.x, U2); + + SecP160R1Field.Multiply(S2, Z1.x, S2); + SecP160R1Field.Multiply(S2, Y2.x, S2); + } + + bool Z2IsOne = Z2.IsOne; + uint[] U1, S1; + if (Z2IsOne) + { + U1 = X1.x; + S1 = Y1.x; + } + else + { + S1 = t4; + SecP160R1Field.Square(Z2.x, S1); + + U1 = tt1; + SecP160R1Field.Multiply(S1, X1.x, U1); + + SecP160R1Field.Multiply(S1, Z2.x, S1); + SecP160R1Field.Multiply(S1, Y1.x, S1); + } + + uint[] H = Nat160.Create(); + SecP160R1Field.Subtract(U1, U2, H); + + uint[] R = t2; + SecP160R1Field.Subtract(S1, S2, R); + + // Check if b == this or b == -this + if (Nat160.IsZero(H)) + { + if (Nat160.IsZero(R)) + { + // this == b, i.e. this must be doubled + return this.Twice(); + } + + // this == -b, i.e. the result is the point at infinity + return curve.Infinity; + } + + uint[] HSquared = t3; + SecP160R1Field.Square(H, HSquared); + + uint[] G = Nat160.Create(); + SecP160R1Field.Multiply(HSquared, H, G); + + uint[] V = t3; + SecP160R1Field.Multiply(HSquared, U1, V); + + SecP160R1Field.Negate(G, G); + Nat160.Mul(S1, G, tt1); + + c = Nat160.AddBothTo(V, V, G); + SecP160R1Field.Reduce32(c, G); + + SecP160R1FieldElement X3 = new SecP160R1FieldElement(t4); + SecP160R1Field.Square(R, X3.x); + SecP160R1Field.Subtract(X3.x, G, X3.x); + + SecP160R1FieldElement Y3 = new SecP160R1FieldElement(G); + SecP160R1Field.Subtract(V, X3.x, Y3.x); + SecP160R1Field.MultiplyAddToExt(Y3.x, R, tt1); + SecP160R1Field.Reduce(tt1, Y3.x); + + SecP160R1FieldElement Z3 = new SecP160R1FieldElement(H); + if (!Z1IsOne) + { + SecP160R1Field.Multiply(Z3.x, Z1.x, Z3.x); + } + if (!Z2IsOne) + { + SecP160R1Field.Multiply(Z3.x, Z2.x, Z3.x); + } + + ECFieldElement[] zs = new ECFieldElement[]{ Z3 }; + + return new SecP160R1Point(curve, X3, Y3, zs, IsCompressed); + } + + public override ECPoint Twice() + { + if (this.IsInfinity) + return this; + + ECCurve curve = this.Curve; + + SecP160R1FieldElement Y1 = (SecP160R1FieldElement)this.RawYCoord; + if (Y1.IsZero) + return curve.Infinity; + + SecP160R1FieldElement X1 = (SecP160R1FieldElement)this.RawXCoord, Z1 = (SecP160R1FieldElement)this.RawZCoords[0]; + + uint c; + uint[] t1 = Nat160.Create(); + uint[] t2 = Nat160.Create(); + + uint[] Y1Squared = Nat160.Create(); + SecP160R1Field.Square(Y1.x, Y1Squared); + + uint[] T = Nat160.Create(); + SecP160R1Field.Square(Y1Squared, T); + + bool Z1IsOne = Z1.IsOne; + + uint[] Z1Squared = Z1.x; + if (!Z1IsOne) + { + Z1Squared = t2; + SecP160R1Field.Square(Z1.x, Z1Squared); + } + + SecP160R1Field.Subtract(X1.x, Z1Squared, t1); + + uint[] M = t2; + SecP160R1Field.Add(X1.x, Z1Squared, M); + SecP160R1Field.Multiply(M, t1, M); + c = Nat160.AddBothTo(M, M, M); + SecP160R1Field.Reduce32(c, M); + + uint[] S = Y1Squared; + SecP160R1Field.Multiply(Y1Squared, X1.x, S); + c = Nat.ShiftUpBits(5, S, 2, 0); + SecP160R1Field.Reduce32(c, S); + + c = Nat.ShiftUpBits(5, T, 3, 0, t1); + SecP160R1Field.Reduce32(c, t1); + + SecP160R1FieldElement X3 = new SecP160R1FieldElement(T); + SecP160R1Field.Square(M, X3.x); + SecP160R1Field.Subtract(X3.x, S, X3.x); + SecP160R1Field.Subtract(X3.x, S, X3.x); + + SecP160R1FieldElement Y3 = new SecP160R1FieldElement(S); + SecP160R1Field.Subtract(S, X3.x, Y3.x); + SecP160R1Field.Multiply(Y3.x, M, Y3.x); + SecP160R1Field.Subtract(Y3.x, t1, Y3.x); + + SecP160R1FieldElement Z3 = new SecP160R1FieldElement(M); + SecP160R1Field.Twice(Y1.x, Z3.x); + if (!Z1IsOne) + { + SecP160R1Field.Multiply(Z3.x, Z1.x, Z3.x); + } + + return new SecP160R1Point(curve, X3, Y3, new ECFieldElement[]{ Z3 }, IsCompressed); + } + + public override ECPoint TwicePlus(ECPoint b) + { + if (this == b) + return ThreeTimes(); + if (this.IsInfinity) + return b; + if (b.IsInfinity) + return Twice(); + + ECFieldElement Y1 = this.RawYCoord; + if (Y1.IsZero) + return b; + + return Twice().Add(b); + } + + public override ECPoint ThreeTimes() + { + if (this.IsInfinity || this.RawYCoord.IsZero) + return this; + + // NOTE: Be careful about recursions between TwicePlus and ThreeTimes + return Twice().Add(this); + } + + public override ECPoint Negate() + { + if (IsInfinity) + return this; + + return new SecP160R1Point(Curve, RawXCoord, RawYCoord.Negate(), RawZCoords, IsCompressed); + } + } +} diff --git a/BouncyCastle/crypto/src/math/ec/custom/sec/SecP160R2Curve.cs b/BouncyCastle/crypto/src/math/ec/custom/sec/SecP160R2Curve.cs new file mode 100644 index 0000000..49c3fa3 --- /dev/null +++ b/BouncyCastle/crypto/src/math/ec/custom/sec/SecP160R2Curve.cs @@ -0,0 +1,171 @@ +using System; + +using Org.BouncyCastle.Math.Raw; +using Org.BouncyCastle.Security; +using Org.BouncyCastle.Utilities.Encoders; + +namespace Org.BouncyCastle.Math.EC.Custom.Sec +{ + internal class SecP160R2Curve + : AbstractFpCurve + { + public static readonly BigInteger q = SecP160R2FieldElement.Q; + + private const int SECP160R2_DEFAULT_COORDS = COORD_JACOBIAN; + private const int SECP160R2_FE_INTS = 5; + private static readonly ECFieldElement[] SECP160R2_AFFINE_ZS = new ECFieldElement[] { new SecP160R2FieldElement(BigInteger.One) }; + + protected readonly SecP160R2Point m_infinity; + + public SecP160R2Curve() + : base(q) + { + this.m_infinity = new SecP160R2Point(this, null, null); + + this.m_a = FromBigInteger(new BigInteger(1, + Hex.DecodeStrict("FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFAC70"))); + this.m_b = FromBigInteger(new BigInteger(1, + Hex.DecodeStrict("B4E134D3FB59EB8BAB57274904664D5AF50388BA"))); + this.m_order = new BigInteger(1, Hex.DecodeStrict("0100000000000000000000351EE786A818F3A1A16B")); + this.m_cofactor = BigInteger.One; + + this.m_coord = SECP160R2_DEFAULT_COORDS; + } + + protected override ECCurve CloneCurve() + { + return new SecP160R2Curve(); + } + + public override bool SupportsCoordinateSystem(int coord) + { + switch (coord) + { + case COORD_JACOBIAN: + return true; + default: + return false; + } + } + + public virtual BigInteger Q + { + get { return q; } + } + + public override ECPoint Infinity + { + get { return m_infinity; } + } + + public override int FieldSize + { + get { return q.BitLength; } + } + + public override ECFieldElement FromBigInteger(BigInteger x) + { + return new SecP160R2FieldElement(x); + } + + protected internal override ECPoint CreateRawPoint(ECFieldElement x, ECFieldElement y, bool withCompression) + { + return new SecP160R2Point(this, x, y, withCompression); + } + + protected internal override ECPoint CreateRawPoint(ECFieldElement x, ECFieldElement y, ECFieldElement[] zs, bool withCompression) + { + return new SecP160R2Point(this, x, y, zs, withCompression); + } + + public override ECLookupTable CreateCacheSafeLookupTable(ECPoint[] points, int off, int len) + { + uint[] table = new uint[len * SECP160R2_FE_INTS * 2]; + { + int pos = 0; + for (int i = 0; i < len; ++i) + { + ECPoint p = points[off + i]; + Nat160.Copy(((SecP160R2FieldElement)p.RawXCoord).x, 0, table, pos); pos += SECP160R2_FE_INTS; + Nat160.Copy(((SecP160R2FieldElement)p.RawYCoord).x, 0, table, pos); pos += SECP160R2_FE_INTS; + } + } + + return new SecP160R2LookupTable(this, table, len); + } + + public override ECFieldElement RandomFieldElement(SecureRandom r) + { + uint[] x = Nat160.Create(); + SecP160R2Field.Random(r, x); + return new SecP160R2FieldElement(x); + } + + public override ECFieldElement RandomFieldElementMult(SecureRandom r) + { + uint[] x = Nat160.Create(); + SecP160R2Field.RandomMult(r, x); + return new SecP160R2FieldElement(x); + } + + private class SecP160R2LookupTable + : AbstractECLookupTable + { + private readonly SecP160R2Curve m_outer; + private readonly uint[] m_table; + private readonly int m_size; + + internal SecP160R2LookupTable(SecP160R2Curve outer, uint[] table, int size) + { + this.m_outer = outer; + this.m_table = table; + this.m_size = size; + } + + public override int Size + { + get { return m_size; } + } + + public override ECPoint Lookup(int index) + { + uint[] x = Nat160.Create(), y = Nat160.Create(); + int pos = 0; + + for (int i = 0; i < m_size; ++i) + { + uint MASK = (uint)(((i ^ index) - 1) >> 31); + + for (int j = 0; j < SECP160R2_FE_INTS; ++j) + { + x[j] ^= m_table[pos + j] & MASK; + y[j] ^= m_table[pos + SECP160R2_FE_INTS + j] & MASK; + } + + pos += (SECP160R2_FE_INTS * 2); + } + + return CreatePoint(x, y); + } + + public override ECPoint LookupVar(int index) + { + uint[] x = Nat160.Create(), y = Nat160.Create(); + int pos = index * SECP160R2_FE_INTS * 2; + + for (int j = 0; j < SECP160R2_FE_INTS; ++j) + { + x[j] = m_table[pos + j]; + y[j] = m_table[pos + SECP160R2_FE_INTS + j]; + } + + return CreatePoint(x, y); + } + + private ECPoint CreatePoint(uint[] x, uint[] y) + { + return m_outer.CreateRawPoint(new SecP160R2FieldElement(x), new SecP160R2FieldElement(y), SECP160R2_AFFINE_ZS, false); + } + } + } +} diff --git a/BouncyCastle/crypto/src/math/ec/custom/sec/SecP160R2Field.cs b/BouncyCastle/crypto/src/math/ec/custom/sec/SecP160R2Field.cs new file mode 100644 index 0000000..9ad5943 --- /dev/null +++ b/BouncyCastle/crypto/src/math/ec/custom/sec/SecP160R2Field.cs @@ -0,0 +1,216 @@ +using System; +using System.Diagnostics; + +using Org.BouncyCastle.Crypto.Utilities; +using Org.BouncyCastle.Math.Raw; +using Org.BouncyCastle.Security; + +namespace Org.BouncyCastle.Math.EC.Custom.Sec +{ + internal class SecP160R2Field + { + // 2^160 - 2^32 - 2^14 - 2^12 - 2^9 - 2^8 - 2^7 - 2^3 - 2^2 - 1 + internal static readonly uint[] P = new uint[]{ 0xFFFFAC73, 0xFFFFFFFE, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF }; + private static readonly uint[] PExt = new uint[]{ 0x1B44BBA9, 0x0000A71A, 0x00000001, 0x00000000, 0x00000000, + 0xFFFF58E6, 0xFFFFFFFD, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF }; + private static readonly uint[] PExtInv = new uint[]{ 0xE4BB4457, 0xFFFF58E5, 0xFFFFFFFE, 0xFFFFFFFF, + 0xFFFFFFFF, 0x0000A719, 0x00000002 }; + private const uint P4 = 0xFFFFFFFF; + private const uint PExt9 = 0xFFFFFFFF; + private const uint PInv33 = 0x538D; + + public static void Add(uint[] x, uint[] y, uint[] z) + { + uint c = Nat160.Add(x, y, z); + if (c != 0 || (z[4] == P4 && Nat160.Gte(z, P))) + { + Nat.Add33To(5, PInv33, z); + } + } + + public static void AddExt(uint[] xx, uint[] yy, uint[] zz) + { + uint c = Nat.Add(10, xx, yy, zz); + if (c != 0 || (zz[9] == PExt9 && Nat.Gte(10, zz, PExt))) + { + if (Nat.AddTo(PExtInv.Length, PExtInv, zz) != 0) + { + Nat.IncAt(10, zz, PExtInv.Length); + } + } + } + + public static void AddOne(uint[] x, uint[] z) + { + uint c = Nat.Inc(5, x, z); + if (c != 0 || (z[4] == P4 && Nat160.Gte(z, P))) + { + Nat.Add33To(5, PInv33, z); + } + } + + public static uint[] FromBigInteger(BigInteger x) + { + uint[] z = Nat.FromBigInteger(160, x); + if (z[4] == P4 && Nat160.Gte(z, P)) + { + Nat160.SubFrom(P, z); + } + return z; + } + + public static void Half(uint[] x, uint[] z) + { + if ((x[0] & 1) == 0) + { + Nat.ShiftDownBit(5, x, 0, z); + } + else + { + uint c = Nat160.Add(x, P, z); + Nat.ShiftDownBit(5, z, c); + } + } + + public static void Inv(uint[] x, uint[] z) + { + Mod.CheckedModOddInverse(P, x, z); + } + + public static int IsZero(uint[] x) + { + uint d = 0; + for (int i = 0; i < 5; ++i) + { + d |= x[i]; + } + d = (d >> 1) | (d & 1); + return ((int)d - 1) >> 31; + } + + public static void Multiply(uint[] x, uint[] y, uint[] z) + { + uint[] tt = Nat160.CreateExt(); + Nat160.Mul(x, y, tt); + Reduce(tt, z); + } + + public static void MultiplyAddToExt(uint[] x, uint[] y, uint[] zz) + { + uint c = Nat160.MulAddTo(x, y, zz); + if (c != 0 || (zz[9] == PExt9 && Nat.Gte(10, zz, PExt))) + { + if (Nat.AddTo(PExtInv.Length, PExtInv, zz) != 0) + { + Nat.IncAt(10, zz, PExtInv.Length); + } + } + } + + public static void Negate(uint[] x, uint[] z) + { + if (0 != IsZero(x)) + { + Nat160.Sub(P, P, z); + } + else + { + Nat160.Sub(P, x, z); + } + } + + public static void Random(SecureRandom r, uint[] z) + { + byte[] bb = new byte[5 * 4]; + do + { + r.NextBytes(bb); + Pack.LE_To_UInt32(bb, 0, z, 0, 5); + } + while (0 == Nat.LessThan(5, z, P)); + } + + public static void RandomMult(SecureRandom r, uint[] z) + { + do + { + Random(r, z); + } + while (0 != IsZero(z)); + } + + public static void Reduce(uint[] xx, uint[] z) + { + ulong cc = Nat160.Mul33Add(PInv33, xx, 5, xx, 0, z, 0); + uint c = Nat160.Mul33DWordAdd(PInv33, cc, z, 0); + + Debug.Assert(c == 0 || c == 1); + + if (c != 0 || (z[4] == P4 && Nat160.Gte(z, P))) + { + Nat.Add33To(5, PInv33, z); + } + } + + public static void Reduce32(uint x, uint[] z) + { + if ((x != 0 && Nat160.Mul33WordAdd(PInv33, x, z, 0) != 0) + || (z[4] == P4 && Nat160.Gte(z, P))) + { + Nat.Add33To(5, PInv33, z); + } + } + + public static void Square(uint[] x, uint[] z) + { + uint[] tt = Nat160.CreateExt(); + Nat160.Square(x, tt); + Reduce(tt, z); + } + + public static void SquareN(uint[] x, int n, uint[] z) + { + Debug.Assert(n > 0); + + uint[] tt = Nat160.CreateExt(); + Nat160.Square(x, tt); + Reduce(tt, z); + + while (--n > 0) + { + Nat160.Square(z, tt); + Reduce(tt, z); + } + } + + public static void Subtract(uint[] x, uint[] y, uint[] z) + { + int c = Nat160.Sub(x, y, z); + if (c != 0) + { + Nat.Sub33From(5, PInv33, z); + } + } + + public static void SubtractExt(uint[] xx, uint[] yy, uint[] zz) + { + int c = Nat.Sub(10, xx, yy, zz); + if (c != 0) + { + if (Nat.SubFrom(PExtInv.Length, PExtInv, zz) != 0) + { + Nat.DecAt(10, zz, PExtInv.Length); + } + } + } + + public static void Twice(uint[] x, uint[] z) + { + uint c = Nat.ShiftUpBit(5, x, 0, z); + if (c != 0 || (z[4] == P4 && Nat160.Gte(z, P))) + { + Nat.Add33To(5, PInv33, z); + } + } + } +} diff --git a/BouncyCastle/crypto/src/math/ec/custom/sec/SecP160R2FieldElement.cs b/BouncyCastle/crypto/src/math/ec/custom/sec/SecP160R2FieldElement.cs new file mode 100644 index 0000000..795fe3b --- /dev/null +++ b/BouncyCastle/crypto/src/math/ec/custom/sec/SecP160R2FieldElement.cs @@ -0,0 +1,220 @@ +using System; + +using Org.BouncyCastle.Math.Raw; +using Org.BouncyCastle.Utilities; +using Org.BouncyCastle.Utilities.Encoders; + +namespace Org.BouncyCastle.Math.EC.Custom.Sec +{ + internal class SecP160R2FieldElement + : AbstractFpFieldElement + { + public static readonly BigInteger Q = new BigInteger(1, + Hex.DecodeStrict("FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFAC73")); + + protected internal readonly uint[] x; + + public SecP160R2FieldElement(BigInteger x) + { + if (x == null || x.SignValue < 0 || x.CompareTo(Q) >= 0) + throw new ArgumentException("value invalid for SecP160R2FieldElement", "x"); + + this.x = SecP160R2Field.FromBigInteger(x); + } + + public SecP160R2FieldElement() + { + this.x = Nat160.Create(); + } + + protected internal SecP160R2FieldElement(uint[] x) + { + this.x = x; + } + + public override bool IsZero + { + get { return Nat160.IsZero(x); } + } + + public override bool IsOne + { + get { return Nat160.IsOne(x); } + } + + public override bool TestBitZero() + { + return Nat160.GetBit(x, 0) == 1; + } + + public override BigInteger ToBigInteger() + { + return Nat160.ToBigInteger(x); + } + + public override string FieldName + { + get { return "SecP160R2Field"; } + } + + public override int FieldSize + { + get { return Q.BitLength; } + } + + public override ECFieldElement Add(ECFieldElement b) + { + uint[] z = Nat160.Create(); + SecP160R2Field.Add(x, ((SecP160R2FieldElement)b).x, z); + return new SecP160R2FieldElement(z); + } + + public override ECFieldElement AddOne() + { + uint[] z = Nat160.Create(); + SecP160R2Field.AddOne(x, z); + return new SecP160R2FieldElement(z); + } + + public override ECFieldElement Subtract(ECFieldElement b) + { + uint[] z = Nat160.Create(); + SecP160R2Field.Subtract(x, ((SecP160R2FieldElement)b).x, z); + return new SecP160R2FieldElement(z); + } + + public override ECFieldElement Multiply(ECFieldElement b) + { + uint[] z = Nat160.Create(); + SecP160R2Field.Multiply(x, ((SecP160R2FieldElement)b).x, z); + return new SecP160R2FieldElement(z); + } + + public override ECFieldElement Divide(ECFieldElement b) + { + // return Multiply(b.invert()); + uint[] z = Nat160.Create(); + SecP160R2Field.Inv(((SecP160R2FieldElement)b).x, z); + SecP160R2Field.Multiply(z, x, z); + return new SecP160R2FieldElement(z); + } + + public override ECFieldElement Negate() + { + uint[] z = Nat160.Create(); + SecP160R2Field.Negate(x, z); + return new SecP160R2FieldElement(z); + } + + public override ECFieldElement Square() + { + uint[] z = Nat160.Create(); + SecP160R2Field.Square(x, z); + return new SecP160R2FieldElement(z); + } + + public override ECFieldElement Invert() + { + // return new SecP160R2FieldElement(ToBigInteger().modInverse(Q)); + uint[] z = Nat160.Create(); + SecP160R2Field.Inv(x, z); + return new SecP160R2FieldElement(z); + } + + // D.1.4 91 + /** + * return a sqrt root - the routine verifies that the calculation returns the right value - if + * none exists it returns null. + */ + public override ECFieldElement Sqrt() + { + /* + * Raise this element to the exponent 2^158 - 2^30 - 2^12 - 2^10 - 2^7 - 2^6 - 2^5 - 2^1 - 2^0 + * + * Breaking up the exponent's binary representation into "repunits", we get: { 127 1s } { 1 + * 0s } { 17 1s } { 1 0s } { 1 1s } { 1 0s } { 2 1s } { 3 0s } { 3 1s } { 1 0s } { 1 1s } + * + * Therefore we need an Addition chain containing 1, 2, 3, 17, 127 (the lengths of the repunits) + * We use: [1], [2], [3], 4, 7, 14, [17], 31, 62, 124, [127] + */ + + uint[] x1 = this.x; + if (Nat160.IsZero(x1) || Nat160.IsOne(x1)) + { + return this; + } + + uint[] x2 = Nat160.Create(); + SecP160R2Field.Square(x1, x2); + SecP160R2Field.Multiply(x2, x1, x2); + uint[] x3 = Nat160.Create(); + SecP160R2Field.Square(x2, x3); + SecP160R2Field.Multiply(x3, x1, x3); + uint[] x4 = Nat160.Create(); + SecP160R2Field.Square(x3, x4); + SecP160R2Field.Multiply(x4, x1, x4); + uint[] x7 = Nat160.Create(); + SecP160R2Field.SquareN(x4, 3, x7); + SecP160R2Field.Multiply(x7, x3, x7); + uint[] x14 = x4; + SecP160R2Field.SquareN(x7, 7, x14); + SecP160R2Field.Multiply(x14, x7, x14); + uint[] x17 = x7; + SecP160R2Field.SquareN(x14, 3, x17); + SecP160R2Field.Multiply(x17, x3, x17); + uint[] x31 = Nat160.Create(); + SecP160R2Field.SquareN(x17, 14, x31); + SecP160R2Field.Multiply(x31, x14, x31); + uint[] x62 = x14; + SecP160R2Field.SquareN(x31, 31, x62); + SecP160R2Field.Multiply(x62, x31, x62); + uint[] x124 = x31; + SecP160R2Field.SquareN(x62, 62, x124); + SecP160R2Field.Multiply(x124, x62, x124); + uint[] x127 = x62; + SecP160R2Field.SquareN(x124, 3, x127); + SecP160R2Field.Multiply(x127, x3, x127); + + uint[] t1 = x127; + SecP160R2Field.SquareN(t1, 18, t1); + SecP160R2Field.Multiply(t1, x17, t1); + SecP160R2Field.SquareN(t1, 2, t1); + SecP160R2Field.Multiply(t1, x1, t1); + SecP160R2Field.SquareN(t1, 3, t1); + SecP160R2Field.Multiply(t1, x2, t1); + SecP160R2Field.SquareN(t1, 6, t1); + SecP160R2Field.Multiply(t1, x3, t1); + SecP160R2Field.SquareN(t1, 2, t1); + SecP160R2Field.Multiply(t1, x1, t1); + + uint[] t2 = x2; + SecP160R2Field.Square(t1, t2); + + return Nat160.Eq(x1, t2) ? new SecP160R2FieldElement(t1) : null; + } + + public override bool Equals(object obj) + { + return Equals(obj as SecP160R2FieldElement); + } + + public override bool Equals(ECFieldElement other) + { + return Equals(other as SecP160R2FieldElement); + } + + public virtual bool Equals(SecP160R2FieldElement other) + { + if (this == other) + return true; + if (null == other) + return false; + return Nat160.Eq(x, other.x); + } + + public override int GetHashCode() + { + return Q.GetHashCode() ^ Arrays.GetHashCode(x, 0, 5); + } + } +} diff --git a/BouncyCastle/crypto/src/math/ec/custom/sec/SecP160R2Point.cs b/BouncyCastle/crypto/src/math/ec/custom/sec/SecP160R2Point.cs new file mode 100644 index 0000000..343cf8c --- /dev/null +++ b/BouncyCastle/crypto/src/math/ec/custom/sec/SecP160R2Point.cs @@ -0,0 +1,279 @@ +using System; + +using Org.BouncyCastle.Math.Raw; + +namespace Org.BouncyCastle.Math.EC.Custom.Sec +{ + internal class SecP160R2Point + : AbstractFpPoint + { + /** + * Create a point which encodes with point compression. + * + * @param curve + * the curve to use + * @param x + * affine x co-ordinate + * @param y + * affine y co-ordinate + * + * @deprecated Use ECCurve.CreatePoint to construct points + */ + public SecP160R2Point(ECCurve curve, ECFieldElement x, ECFieldElement y) + : this(curve, x, y, false) + { + } + + /** + * Create a point that encodes with or without point compresion. + * + * @param curve + * the curve to use + * @param x + * affine x co-ordinate + * @param y + * affine y co-ordinate + * @param withCompression + * if true encode with point compression + * + * @deprecated per-point compression property will be removed, refer + * {@link #getEncoded(bool)} + */ + public SecP160R2Point(ECCurve curve, ECFieldElement x, ECFieldElement y, bool withCompression) + : base(curve, x, y, withCompression) + { + if ((x == null) != (y == null)) + throw new ArgumentException("Exactly one of the field elements is null"); + } + + internal SecP160R2Point(ECCurve curve, ECFieldElement x, ECFieldElement y, ECFieldElement[] zs, bool withCompression) + : base(curve, x, y, zs, withCompression) + { + } + + protected override ECPoint Detach() + { + return new SecP160R2Point(null, AffineXCoord, AffineYCoord); + } + + public override ECPoint Add(ECPoint b) + { + if (this.IsInfinity) + return b; + if (b.IsInfinity) + return this; + if (this == b) + return Twice(); + + ECCurve curve = this.Curve; + + SecP160R2FieldElement X1 = (SecP160R2FieldElement)this.RawXCoord, Y1 = (SecP160R2FieldElement)this.RawYCoord; + SecP160R2FieldElement X2 = (SecP160R2FieldElement)b.RawXCoord, Y2 = (SecP160R2FieldElement)b.RawYCoord; + + SecP160R2FieldElement Z1 = (SecP160R2FieldElement)this.RawZCoords[0]; + SecP160R2FieldElement Z2 = (SecP160R2FieldElement)b.RawZCoords[0]; + + uint c; + uint[] tt1 = Nat160.CreateExt(); + uint[] t2 = Nat160.Create(); + uint[] t3 = Nat160.Create(); + uint[] t4 = Nat160.Create(); + + bool Z1IsOne = Z1.IsOne; + uint[] U2, S2; + if (Z1IsOne) + { + U2 = X2.x; + S2 = Y2.x; + } + else + { + S2 = t3; + SecP160R2Field.Square(Z1.x, S2); + + U2 = t2; + SecP160R2Field.Multiply(S2, X2.x, U2); + + SecP160R2Field.Multiply(S2, Z1.x, S2); + SecP160R2Field.Multiply(S2, Y2.x, S2); + } + + bool Z2IsOne = Z2.IsOne; + uint[] U1, S1; + if (Z2IsOne) + { + U1 = X1.x; + S1 = Y1.x; + } + else + { + S1 = t4; + SecP160R2Field.Square(Z2.x, S1); + + U1 = tt1; + SecP160R2Field.Multiply(S1, X1.x, U1); + + SecP160R2Field.Multiply(S1, Z2.x, S1); + SecP160R2Field.Multiply(S1, Y1.x, S1); + } + + uint[] H = Nat160.Create(); + SecP160R2Field.Subtract(U1, U2, H); + + uint[] R = t2; + SecP160R2Field.Subtract(S1, S2, R); + + // Check if b == this or b == -this + if (Nat160.IsZero(H)) + { + if (Nat160.IsZero(R)) + { + // this == b, i.e. this must be doubled + return this.Twice(); + } + + // this == -b, i.e. the result is the point at infinity + return curve.Infinity; + } + + uint[] HSquared = t3; + SecP160R2Field.Square(H, HSquared); + + uint[] G = Nat160.Create(); + SecP160R2Field.Multiply(HSquared, H, G); + + uint[] V = t3; + SecP160R2Field.Multiply(HSquared, U1, V); + + SecP160R2Field.Negate(G, G); + Nat160.Mul(S1, G, tt1); + + c = Nat160.AddBothTo(V, V, G); + SecP160R2Field.Reduce32(c, G); + + SecP160R2FieldElement X3 = new SecP160R2FieldElement(t4); + SecP160R2Field.Square(R, X3.x); + SecP160R2Field.Subtract(X3.x, G, X3.x); + + SecP160R2FieldElement Y3 = new SecP160R2FieldElement(G); + SecP160R2Field.Subtract(V, X3.x, Y3.x); + SecP160R2Field.MultiplyAddToExt(Y3.x, R, tt1); + SecP160R2Field.Reduce(tt1, Y3.x); + + SecP160R2FieldElement Z3 = new SecP160R2FieldElement(H); + if (!Z1IsOne) + { + SecP160R2Field.Multiply(Z3.x, Z1.x, Z3.x); + } + if (!Z2IsOne) + { + SecP160R2Field.Multiply(Z3.x, Z2.x, Z3.x); + } + + ECFieldElement[] zs = new ECFieldElement[]{ Z3 }; + + return new SecP160R2Point(curve, X3, Y3, zs, IsCompressed); + } + + public override ECPoint Twice() + { + if (this.IsInfinity) + return this; + + ECCurve curve = this.Curve; + + SecP160R2FieldElement Y1 = (SecP160R2FieldElement)this.RawYCoord; + if (Y1.IsZero) + return curve.Infinity; + + SecP160R2FieldElement X1 = (SecP160R2FieldElement)this.RawXCoord, Z1 = (SecP160R2FieldElement)this.RawZCoords[0]; + + uint c; + uint[] t1 = Nat160.Create(); + uint[] t2 = Nat160.Create(); + + uint[] Y1Squared = Nat160.Create(); + SecP160R2Field.Square(Y1.x, Y1Squared); + + uint[] T = Nat160.Create(); + SecP160R2Field.Square(Y1Squared, T); + + bool Z1IsOne = Z1.IsOne; + + uint[] Z1Squared = Z1.x; + if (!Z1IsOne) + { + Z1Squared = t2; + SecP160R2Field.Square(Z1.x, Z1Squared); + } + + SecP160R2Field.Subtract(X1.x, Z1Squared, t1); + + uint[] M = t2; + SecP160R2Field.Add(X1.x, Z1Squared, M); + SecP160R2Field.Multiply(M, t1, M); + c = Nat160.AddBothTo(M, M, M); + SecP160R2Field.Reduce32(c, M); + + uint[] S = Y1Squared; + SecP160R2Field.Multiply(Y1Squared, X1.x, S); + c = Nat.ShiftUpBits(5, S, 2, 0); + SecP160R2Field.Reduce32(c, S); + + c = Nat.ShiftUpBits(5, T, 3, 0, t1); + SecP160R2Field.Reduce32(c, t1); + + SecP160R2FieldElement X3 = new SecP160R2FieldElement(T); + SecP160R2Field.Square(M, X3.x); + SecP160R2Field.Subtract(X3.x, S, X3.x); + SecP160R2Field.Subtract(X3.x, S, X3.x); + + SecP160R2FieldElement Y3 = new SecP160R2FieldElement(S); + SecP160R2Field.Subtract(S, X3.x, Y3.x); + SecP160R2Field.Multiply(Y3.x, M, Y3.x); + SecP160R2Field.Subtract(Y3.x, t1, Y3.x); + + SecP160R2FieldElement Z3 = new SecP160R2FieldElement(M); + SecP160R2Field.Twice(Y1.x, Z3.x); + if (!Z1IsOne) + { + SecP160R2Field.Multiply(Z3.x, Z1.x, Z3.x); + } + + return new SecP160R2Point(curve, X3, Y3, new ECFieldElement[]{ Z3 }, IsCompressed); + } + + public override ECPoint TwicePlus(ECPoint b) + { + if (this == b) + return ThreeTimes(); + if (this.IsInfinity) + return b; + if (b.IsInfinity) + return Twice(); + + ECFieldElement Y1 = this.RawYCoord; + if (Y1.IsZero) + return b; + + return Twice().Add(b); + } + + public override ECPoint ThreeTimes() + { + if (this.IsInfinity || this.RawYCoord.IsZero) + return this; + + // NOTE: Be careful about recursions between TwicePlus and ThreeTimes + return Twice().Add(this); + } + + public override ECPoint Negate() + { + if (IsInfinity) + return this; + + return new SecP160R2Point(Curve, this.RawXCoord, this.RawYCoord.Negate(), this.RawZCoords, IsCompressed); + } + } +} diff --git a/BouncyCastle/crypto/src/math/ec/custom/sec/SecP192K1Curve.cs b/BouncyCastle/crypto/src/math/ec/custom/sec/SecP192K1Curve.cs new file mode 100644 index 0000000..b9fb08e --- /dev/null +++ b/BouncyCastle/crypto/src/math/ec/custom/sec/SecP192K1Curve.cs @@ -0,0 +1,168 @@ +using System; + +using Org.BouncyCastle.Math.Raw; +using Org.BouncyCastle.Security; +using Org.BouncyCastle.Utilities.Encoders; + +namespace Org.BouncyCastle.Math.EC.Custom.Sec +{ + internal class SecP192K1Curve + : AbstractFpCurve + { + public static readonly BigInteger q = SecP192K1FieldElement.Q; + + private const int SECP192K1_DEFAULT_COORDS = COORD_JACOBIAN; + private const int SECP192K1_FE_INTS = 6; + private static readonly ECFieldElement[] SECP192K1_AFFINE_ZS = new ECFieldElement[] { new SecP192K1FieldElement(BigInteger.One) }; + + protected readonly SecP192K1Point m_infinity; + + public SecP192K1Curve() + : base(q) + { + this.m_infinity = new SecP192K1Point(this, null, null); + + this.m_a = FromBigInteger(BigInteger.Zero); + this.m_b = FromBigInteger(BigInteger.ValueOf(3)); + this.m_order = new BigInteger(1, Hex.DecodeStrict("FFFFFFFFFFFFFFFFFFFFFFFE26F2FC170F69466A74DEFD8D")); + this.m_cofactor = BigInteger.One; + this.m_coord = SECP192K1_DEFAULT_COORDS; + } + + protected override ECCurve CloneCurve() + { + return new SecP192K1Curve(); + } + + public override bool SupportsCoordinateSystem(int coord) + { + switch (coord) + { + case COORD_JACOBIAN: + return true; + default: + return false; + } + } + + public virtual BigInteger Q + { + get { return q; } + } + + public override ECPoint Infinity + { + get { return m_infinity; } + } + + public override int FieldSize + { + get { return q.BitLength; } + } + + public override ECFieldElement FromBigInteger(BigInteger x) + { + return new SecP192K1FieldElement(x); + } + + protected internal override ECPoint CreateRawPoint(ECFieldElement x, ECFieldElement y, bool withCompression) + { + return new SecP192K1Point(this, x, y, withCompression); + } + + protected internal override ECPoint CreateRawPoint(ECFieldElement x, ECFieldElement y, ECFieldElement[] zs, bool withCompression) + { + return new SecP192K1Point(this, x, y, zs, withCompression); + } + + public override ECLookupTable CreateCacheSafeLookupTable(ECPoint[] points, int off, int len) + { + uint[] table = new uint[len * SECP192K1_FE_INTS * 2]; + { + int pos = 0; + for (int i = 0; i < len; ++i) + { + ECPoint p = points[off + i]; + Nat192.Copy(((SecP192K1FieldElement)p.RawXCoord).x, 0, table, pos); pos += SECP192K1_FE_INTS; + Nat192.Copy(((SecP192K1FieldElement)p.RawYCoord).x, 0, table, pos); pos += SECP192K1_FE_INTS; + } + } + + return new SecP192K1LookupTable(this, table, len); + } + + public override ECFieldElement RandomFieldElement(SecureRandom r) + { + uint[] x = Nat192.Create(); + SecP192K1Field.Random(r, x); + return new SecP192K1FieldElement(x); + } + + public override ECFieldElement RandomFieldElementMult(SecureRandom r) + { + uint[] x = Nat192.Create(); + SecP192K1Field.RandomMult(r, x); + return new SecP192K1FieldElement(x); + } + + private class SecP192K1LookupTable + : AbstractECLookupTable + { + private readonly SecP192K1Curve m_outer; + private readonly uint[] m_table; + private readonly int m_size; + + internal SecP192K1LookupTable(SecP192K1Curve outer, uint[] table, int size) + { + this.m_outer = outer; + this.m_table = table; + this.m_size = size; + } + + public override int Size + { + get { return m_size; } + } + + public override ECPoint Lookup(int index) + { + uint[] x = Nat192.Create(), y = Nat192.Create(); + int pos = 0; + + for (int i = 0; i < m_size; ++i) + { + uint MASK = (uint)(((i ^ index) - 1) >> 31); + + for (int j = 0; j < SECP192K1_FE_INTS; ++j) + { + x[j] ^= m_table[pos + j] & MASK; + y[j] ^= m_table[pos + SECP192K1_FE_INTS + j] & MASK; + } + + pos += (SECP192K1_FE_INTS * 2); + } + + return CreatePoint(x, y); + } + + public override ECPoint LookupVar(int index) + { + uint[] x = Nat192.Create(), y = Nat192.Create(); + int pos = index * SECP192K1_FE_INTS * 2; + + for (int j = 0; j < SECP192K1_FE_INTS; ++j) + { + x[j] = m_table[pos + j]; + y[j] = m_table[pos + SECP192K1_FE_INTS + j]; + } + + return CreatePoint(x, y); + } + + private ECPoint CreatePoint(uint[] x, uint[] y) + { + return m_outer.CreateRawPoint(new SecP192K1FieldElement(x), new SecP192K1FieldElement(y), SECP192K1_AFFINE_ZS, false); + } + } + } +} diff --git a/BouncyCastle/crypto/src/math/ec/custom/sec/SecP192K1Field.cs b/BouncyCastle/crypto/src/math/ec/custom/sec/SecP192K1Field.cs new file mode 100644 index 0000000..46b7c4e --- /dev/null +++ b/BouncyCastle/crypto/src/math/ec/custom/sec/SecP192K1Field.cs @@ -0,0 +1,217 @@ +using System; +using System.Diagnostics; + +using Org.BouncyCastle.Crypto.Utilities; +using Org.BouncyCastle.Math.Raw; +using Org.BouncyCastle.Security; + +namespace Org.BouncyCastle.Math.EC.Custom.Sec +{ + internal class SecP192K1Field + { + // 2^192 - 2^32 - 2^12 - 2^8 - 2^7 - 2^6 - 2^3 - 1 + internal static readonly uint[] P = new uint[]{ 0xFFFFEE37, 0xFFFFFFFE, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, + 0xFFFFFFFF }; + private static readonly uint[] PExt = new uint[]{ 0x013C4FD1, 0x00002392, 0x00000001, 0x00000000, 0x00000000, + 0x00000000, 0xFFFFDC6E, 0xFFFFFFFD, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF }; + private static readonly uint[] PExtInv = new uint[]{ 0xFEC3B02F, 0xFFFFDC6D, 0xFFFFFFFE, 0xFFFFFFFF, + 0xFFFFFFFF, 0xFFFFFFFF, 0x00002391, 0x00000002 }; + private const uint P5 = 0xFFFFFFFF; + private const uint PExt11 = 0xFFFFFFFF; + private const uint PInv33 = 0x11C9; + + public static void Add(uint[] x, uint[] y, uint[] z) + { + uint c = Nat192.Add(x, y, z); + if (c != 0 || (z[5] == P5 && Nat192.Gte(z, P))) + { + Nat.Add33To(6, PInv33, z); + } + } + + public static void AddExt(uint[] xx, uint[] yy, uint[] zz) + { + uint c = Nat.Add(12, xx, yy, zz); + if (c != 0 || (zz[11] == PExt11 && Nat.Gte(12, zz, PExt))) + { + if (Nat.AddTo(PExtInv.Length, PExtInv, zz) != 0) + { + Nat.IncAt(12, zz, PExtInv.Length); + } + } + } + + public static void AddOne(uint[] x, uint[] z) + { + uint c = Nat.Inc(6, x, z); + if (c != 0 || (z[5] == P5 && Nat192.Gte(z, P))) + { + Nat.Add33To(6, PInv33, z); + } + } + + public static uint[] FromBigInteger(BigInteger x) + { + uint[] z = Nat.FromBigInteger(192, x); + if (z[5] == P5 && Nat192.Gte(z, P)) + { + Nat192.SubFrom(P, z); + } + return z; + } + + public static void Half(uint[] x, uint[] z) + { + if ((x[0] & 1) == 0) + { + Nat.ShiftDownBit(6, x, 0, z); + } + else + { + uint c = Nat192.Add(x, P, z); + Nat.ShiftDownBit(6, z, c); + } + } + + public static void Inv(uint[] x, uint[] z) + { + Mod.CheckedModOddInverse(P, x, z); + } + + public static int IsZero(uint[] x) + { + uint d = 0; + for (int i = 0; i < 6; ++i) + { + d |= x[i]; + } + d = (d >> 1) | (d & 1); + return ((int)d - 1) >> 31; + } + + public static void Multiply(uint[] x, uint[] y, uint[] z) + { + uint[] tt = Nat192.CreateExt(); + Nat192.Mul(x, y, tt); + Reduce(tt, z); + } + + public static void MultiplyAddToExt(uint[] x, uint[] y, uint[] zz) + { + uint c = Nat192.MulAddTo(x, y, zz); + if (c != 0 || (zz[11] == PExt11 && Nat.Gte(12, zz, PExt))) + { + if (Nat.AddTo(PExtInv.Length, PExtInv, zz) != 0) + { + Nat.IncAt(12, zz, PExtInv.Length); + } + } + } + + public static void Negate(uint[] x, uint[] z) + { + if (0 != IsZero(x)) + { + Nat192.Sub(P, P, z); + } + else + { + Nat192.Sub(P, x, z); + } + } + + public static void Random(SecureRandom r, uint[] z) + { + byte[] bb = new byte[6 * 4]; + do + { + r.NextBytes(bb); + Pack.LE_To_UInt32(bb, 0, z, 0, 6); + } + while (0 == Nat.LessThan(6, z, P)); + } + + public static void RandomMult(SecureRandom r, uint[] z) + { + do + { + Random(r, z); + } + while (0 != IsZero(z)); + } + + public static void Reduce(uint[] xx, uint[] z) + { + ulong cc = Nat192.Mul33Add(PInv33, xx, 6, xx, 0, z, 0); + uint c = Nat192.Mul33DWordAdd(PInv33, cc, z, 0); + + Debug.Assert(c == 0 || c == 1); + + if (c != 0 || (z[5] == P5 && Nat192.Gte(z, P))) + { + Nat.Add33To(6, PInv33, z); + } + } + + public static void Reduce32(uint x, uint[] z) + { + if ((x != 0 && Nat192.Mul33WordAdd(PInv33, x, z, 0) != 0) + || (z[5] == P5 && Nat192.Gte(z, P))) + { + Nat.Add33To(6, PInv33, z); + } + } + + public static void Square(uint[] x, uint[] z) + { + uint[] tt = Nat192.CreateExt(); + Nat192.Square(x, tt); + Reduce(tt, z); + } + + public static void SquareN(uint[] x, int n, uint[] z) + { + Debug.Assert(n > 0); + + uint[] tt = Nat192.CreateExt(); + Nat192.Square(x, tt); + Reduce(tt, z); + + while (--n > 0) + { + Nat192.Square(z, tt); + Reduce(tt, z); + } + } + + public static void Subtract(uint[] x, uint[] y, uint[] z) + { + int c = Nat192.Sub(x, y, z); + if (c != 0) + { + Nat.Sub33From(6, PInv33, z); + } + } + + public static void SubtractExt(uint[] xx, uint[] yy, uint[] zz) + { + int c = Nat.Sub(12, xx, yy, zz); + if (c != 0) + { + if (Nat.SubFrom(PExtInv.Length, PExtInv, zz) != 0) + { + Nat.DecAt(12, zz, PExtInv.Length); + } + } + } + + public static void Twice(uint[] x, uint[] z) + { + uint c = Nat.ShiftUpBit(6, x, 0, z); + if (c != 0 || (z[5] == P5 && Nat192.Gte(z, P))) + { + Nat.Add33To(6, PInv33, z); + } + } + } +} diff --git a/BouncyCastle/crypto/src/math/ec/custom/sec/SecP192K1FieldElement.cs b/BouncyCastle/crypto/src/math/ec/custom/sec/SecP192K1FieldElement.cs new file mode 100644 index 0000000..c933ffc --- /dev/null +++ b/BouncyCastle/crypto/src/math/ec/custom/sec/SecP192K1FieldElement.cs @@ -0,0 +1,215 @@ +using System; +using System.Diagnostics; + +using Org.BouncyCastle.Math.Raw; +using Org.BouncyCastle.Utilities; +using Org.BouncyCastle.Utilities.Encoders; + +namespace Org.BouncyCastle.Math.EC.Custom.Sec +{ + internal class SecP192K1FieldElement + : AbstractFpFieldElement + { + public static readonly BigInteger Q = new BigInteger(1, + Hex.DecodeStrict("FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFEE37")); + + protected internal readonly uint[] x; + + public SecP192K1FieldElement(BigInteger x) + { + if (x == null || x.SignValue < 0 || x.CompareTo(Q) >= 0) + throw new ArgumentException("value invalid for SecP192K1FieldElement", "x"); + + this.x = SecP192K1Field.FromBigInteger(x); + } + + public SecP192K1FieldElement() + { + this.x = Nat192.Create(); + } + + protected internal SecP192K1FieldElement(uint[] x) + { + this.x = x; + } + + public override bool IsZero + { + get { return Nat192.IsZero(x); } + } + + public override bool IsOne + { + get { return Nat192.IsOne(x); } + } + + public override bool TestBitZero() + { + return Nat192.GetBit(x, 0) == 1; + } + + public override BigInteger ToBigInteger() + { + return Nat192.ToBigInteger(x); + } + + public override string FieldName + { + get { return "SecP192K1Field"; } + } + + public override int FieldSize + { + get { return Q.BitLength; } + } + + public override ECFieldElement Add(ECFieldElement b) + { + uint[] z = Nat192.Create(); + SecP192K1Field.Add(x, ((SecP192K1FieldElement)b).x, z); + return new SecP192K1FieldElement(z); + } + + public override ECFieldElement AddOne() + { + uint[] z = Nat192.Create(); + SecP192K1Field.AddOne(x, z); + return new SecP192K1FieldElement(z); + } + + public override ECFieldElement Subtract(ECFieldElement b) + { + uint[] z = Nat192.Create(); + SecP192K1Field.Subtract(x, ((SecP192K1FieldElement)b).x, z); + return new SecP192K1FieldElement(z); + } + + public override ECFieldElement Multiply(ECFieldElement b) + { + uint[] z = Nat192.Create(); + SecP192K1Field.Multiply(x, ((SecP192K1FieldElement)b).x, z); + return new SecP192K1FieldElement(z); + } + + public override ECFieldElement Divide(ECFieldElement b) + { + //return Multiply(b.Invert()); + uint[] z = Nat192.Create(); + SecP192K1Field.Inv(((SecP192K1FieldElement)b).x, z); + SecP192K1Field.Multiply(z, x, z); + return new SecP192K1FieldElement(z); + } + + public override ECFieldElement Negate() + { + uint[] z = Nat192.Create(); + SecP192K1Field.Negate(x, z); + return new SecP192K1FieldElement(z); + } + + public override ECFieldElement Square() + { + uint[] z = Nat192.Create(); + SecP192K1Field.Square(x, z); + return new SecP192K1FieldElement(z); + } + + public override ECFieldElement Invert() + { + //return new SecP192K1FieldElement(ToBigInteger().ModInverse(Q)); + uint[] z = Nat192.Create(); + SecP192K1Field.Inv(x, z); + return new SecP192K1FieldElement(z); + } + + /** + * return a sqrt root - the routine verifies that the calculation returns the right value - if + * none exists it returns null. + */ + public override ECFieldElement Sqrt() + { + /* + * Raise this element to the exponent 2^190 - 2^30 - 2^10 - 2^6 - 2^5 - 2^4 - 2^1 + * + * Breaking up the exponent's binary representation into "repunits", we get: + * { 159 1s } { 1 0s } { 19 1s } { 1 0s } { 3 1s } { 3 0s } { 3 1s } { 1 0s } + * + * Therefore we need an addition chain containing 3, 19, 159 (the lengths of the repunits) + * We use: 1, 2, [3], 6, 8, 16, [19], 35, 70, 140, [159] + */ + + uint[] x1 = this.x; + if (Nat192.IsZero(x1) || Nat192.IsOne(x1)) + return this; + + uint[] x2 = Nat192.Create(); + SecP192K1Field.Square(x1, x2); + SecP192K1Field.Multiply(x2, x1, x2); + uint[] x3 = Nat192.Create(); + SecP192K1Field.Square(x2, x3); + SecP192K1Field.Multiply(x3, x1, x3); + uint[] x6 = Nat192.Create(); + SecP192K1Field.SquareN(x3, 3, x6); + SecP192K1Field.Multiply(x6, x3, x6); + uint[] x8 = x6; + SecP192K1Field.SquareN(x6, 2, x8); + SecP192K1Field.Multiply(x8, x2, x8); + uint[] x16 = x2; + SecP192K1Field.SquareN(x8, 8, x16); + SecP192K1Field.Multiply(x16, x8, x16); + uint[] x19 = x8; + SecP192K1Field.SquareN(x16, 3, x19); + SecP192K1Field.Multiply(x19, x3, x19); + uint[] x35 = Nat192.Create(); + SecP192K1Field.SquareN(x19, 16, x35); + SecP192K1Field.Multiply(x35, x16, x35); + uint[] x70 = x16; + SecP192K1Field.SquareN(x35, 35, x70); + SecP192K1Field.Multiply(x70, x35, x70); + uint[] x140 = x35; + SecP192K1Field.SquareN(x70, 70, x140); + SecP192K1Field.Multiply(x140, x70, x140); + uint[] x159 = x70; + SecP192K1Field.SquareN(x140, 19, x159); + SecP192K1Field.Multiply(x159, x19, x159); + + uint[] t1 = x159; + SecP192K1Field.SquareN(t1, 20, t1); + SecP192K1Field.Multiply(t1, x19, t1); + SecP192K1Field.SquareN(t1, 4, t1); + SecP192K1Field.Multiply(t1, x3, t1); + SecP192K1Field.SquareN(t1, 6, t1); + SecP192K1Field.Multiply(t1, x3, t1); + SecP192K1Field.Square(t1, t1); + + uint[] t2 = x3; + SecP192K1Field.Square(t1, t2); + + return Nat192.Eq(x1, t2) ? new SecP192K1FieldElement(t1) : null; + } + + public override bool Equals(object obj) + { + return Equals(obj as SecP192K1FieldElement); + } + + public override bool Equals(ECFieldElement other) + { + return Equals(other as SecP192K1FieldElement); + } + + public virtual bool Equals(SecP192K1FieldElement other) + { + if (this == other) + return true; + if (null == other) + return false; + return Nat192.Eq(x, other.x); + } + + public override int GetHashCode() + { + return Q.GetHashCode() ^ Arrays.GetHashCode(x, 0, 6); + } + } +} diff --git a/BouncyCastle/crypto/src/math/ec/custom/sec/SecP192K1Point.cs b/BouncyCastle/crypto/src/math/ec/custom/sec/SecP192K1Point.cs new file mode 100644 index 0000000..58eb091 --- /dev/null +++ b/BouncyCastle/crypto/src/math/ec/custom/sec/SecP192K1Point.cs @@ -0,0 +1,267 @@ +using System; + +using Org.BouncyCastle.Math.Raw; + +namespace Org.BouncyCastle.Math.EC.Custom.Sec +{ + internal class SecP192K1Point + : AbstractFpPoint + { + /** + * Create a point which encodes with point compression. + * + * @param curve + * the curve to use + * @param x + * affine x co-ordinate + * @param y + * affine y co-ordinate + * + * @deprecated Use ECCurve.createPoint to construct points + */ + public SecP192K1Point(ECCurve curve, ECFieldElement x, ECFieldElement y) + : this(curve, x, y, false) + { + } + + /** + * Create a point that encodes with or without point compresion. + * + * @param curve + * the curve to use + * @param x + * affine x co-ordinate + * @param y + * affine y co-ordinate + * @param withCompression + * if true encode with point compression + * + * @deprecated per-point compression property will be removed, refer + * {@link #getEncoded(bool)} + */ + public SecP192K1Point(ECCurve curve, ECFieldElement x, ECFieldElement y, bool withCompression) + : base(curve, x, y, withCompression) + { + if ((x == null) != (y == null)) + throw new ArgumentException("Exactly one of the field elements is null"); + } + + internal SecP192K1Point(ECCurve curve, ECFieldElement x, ECFieldElement y, ECFieldElement[] zs, + bool withCompression) + : base(curve, x, y, zs, withCompression) + { + } + + protected override ECPoint Detach() + { + return new SecP192K1Point(null, AffineXCoord, AffineYCoord); + } + + public override ECPoint Add(ECPoint b) + { + if (this.IsInfinity) + return b; + if (b.IsInfinity) + return this; + if (this == b) + return Twice(); + + ECCurve curve = this.Curve; + + SecP192K1FieldElement X1 = (SecP192K1FieldElement)this.RawXCoord, Y1 = (SecP192K1FieldElement)this.RawYCoord; + SecP192K1FieldElement X2 = (SecP192K1FieldElement)b.RawXCoord, Y2 = (SecP192K1FieldElement)b.RawYCoord; + + SecP192K1FieldElement Z1 = (SecP192K1FieldElement)this.RawZCoords[0]; + SecP192K1FieldElement Z2 = (SecP192K1FieldElement)b.RawZCoords[0]; + + uint c; + uint[] tt1 = Nat192.CreateExt(); + uint[] t2 = Nat192.Create(); + uint[] t3 = Nat192.Create(); + uint[] t4 = Nat192.Create(); + + bool Z1IsOne = Z1.IsOne; + uint[] U2, S2; + if (Z1IsOne) + { + U2 = X2.x; + S2 = Y2.x; + } + else + { + S2 = t3; + SecP192K1Field.Square(Z1.x, S2); + + U2 = t2; + SecP192K1Field.Multiply(S2, X2.x, U2); + + SecP192K1Field.Multiply(S2, Z1.x, S2); + SecP192K1Field.Multiply(S2, Y2.x, S2); + } + + bool Z2IsOne = Z2.IsOne; + uint[] U1, S1; + if (Z2IsOne) + { + U1 = X1.x; + S1 = Y1.x; + } + else + { + S1 = t4; + SecP192K1Field.Square(Z2.x, S1); + + U1 = tt1; + SecP192K1Field.Multiply(S1, X1.x, U1); + + SecP192K1Field.Multiply(S1, Z2.x, S1); + SecP192K1Field.Multiply(S1, Y1.x, S1); + } + + uint[] H = Nat192.Create(); + SecP192K1Field.Subtract(U1, U2, H); + + uint[] R = t2; + SecP192K1Field.Subtract(S1, S2, R); + + // Check if b == this or b == -this + if (Nat192.IsZero(H)) + { + if (Nat192.IsZero(R)) + { + // this == b, i.e. this must be doubled + return this.Twice(); + } + + // this == -b, i.e. the result is the point at infinity + return curve.Infinity; + } + + uint[] HSquared = t3; + SecP192K1Field.Square(H, HSquared); + + uint[] G = Nat192.Create(); + SecP192K1Field.Multiply(HSquared, H, G); + + uint[] V = t3; + SecP192K1Field.Multiply(HSquared, U1, V); + + SecP192K1Field.Negate(G, G); + Nat192.Mul(S1, G, tt1); + + c = Nat192.AddBothTo(V, V, G); + SecP192K1Field.Reduce32(c, G); + + SecP192K1FieldElement X3 = new SecP192K1FieldElement(t4); + SecP192K1Field.Square(R, X3.x); + SecP192K1Field.Subtract(X3.x, G, X3.x); + + SecP192K1FieldElement Y3 = new SecP192K1FieldElement(G); + SecP192K1Field.Subtract(V, X3.x, Y3.x); + SecP192K1Field.MultiplyAddToExt(Y3.x, R, tt1); + SecP192K1Field.Reduce(tt1, Y3.x); + + SecP192K1FieldElement Z3 = new SecP192K1FieldElement(H); + if (!Z1IsOne) + { + SecP192K1Field.Multiply(Z3.x, Z1.x, Z3.x); + } + if (!Z2IsOne) + { + SecP192K1Field.Multiply(Z3.x, Z2.x, Z3.x); + } + + ECFieldElement[] zs = new ECFieldElement[] { Z3 }; + + return new SecP192K1Point(curve, X3, Y3, zs, IsCompressed); + } + + public override ECPoint Twice() + { + if (this.IsInfinity) + return this; + + ECCurve curve = this.Curve; + + SecP192K1FieldElement Y1 = (SecP192K1FieldElement)this.RawYCoord; + if (Y1.IsZero) + return curve.Infinity; + + SecP192K1FieldElement X1 = (SecP192K1FieldElement)this.RawXCoord, Z1 = (SecP192K1FieldElement)this.RawZCoords[0]; + + uint c; + + uint[] Y1Squared = Nat192.Create(); + SecP192K1Field.Square(Y1.x, Y1Squared); + + uint[] T = Nat192.Create(); + SecP192K1Field.Square(Y1Squared, T); + + uint[] M = Nat192.Create(); + SecP192K1Field.Square(X1.x, M); + c = Nat192.AddBothTo(M, M, M); + SecP192K1Field.Reduce32(c, M); + + uint[] S = Y1Squared; + SecP192K1Field.Multiply(Y1Squared, X1.x, S); + c = Nat.ShiftUpBits(6, S, 2, 0); + SecP192K1Field.Reduce32(c, S); + + uint[] t1 = Nat192.Create(); + c = Nat.ShiftUpBits(6, T, 3, 0, t1); + SecP192K1Field.Reduce32(c, t1); + + SecP192K1FieldElement X3 = new SecP192K1FieldElement(T); + SecP192K1Field.Square(M, X3.x); + SecP192K1Field.Subtract(X3.x, S, X3.x); + SecP192K1Field.Subtract(X3.x, S, X3.x); + + SecP192K1FieldElement Y3 = new SecP192K1FieldElement(S); + SecP192K1Field.Subtract(S, X3.x, Y3.x); + SecP192K1Field.Multiply(Y3.x, M, Y3.x); + SecP192K1Field.Subtract(Y3.x, t1, Y3.x); + + SecP192K1FieldElement Z3 = new SecP192K1FieldElement(M); + SecP192K1Field.Twice(Y1.x, Z3.x); + if (!Z1.IsOne) + { + SecP192K1Field.Multiply(Z3.x, Z1.x, Z3.x); + } + + return new SecP192K1Point(curve, X3, Y3, new ECFieldElement[] { Z3 }, IsCompressed); + } + + public override ECPoint TwicePlus(ECPoint b) + { + if (this == b) + return ThreeTimes(); + if (this.IsInfinity) + return b; + if (b.IsInfinity) + return Twice(); + + ECFieldElement Y1 = this.RawYCoord; + if (Y1.IsZero) + return b; + + return Twice().Add(b); + } + + public override ECPoint ThreeTimes() + { + if (this.IsInfinity || this.RawYCoord.IsZero) + return this; + + // NOTE: Be careful about recursions between TwicePlus and ThreeTimes + return Twice().Add(this); + } + + public override ECPoint Negate() + { + if (IsInfinity) + return this; + + return new SecP192K1Point(Curve, RawXCoord, RawYCoord.Negate(), RawZCoords, IsCompressed); + } + } +} diff --git a/BouncyCastle/crypto/src/math/ec/custom/sec/SecP192R1Curve.cs b/BouncyCastle/crypto/src/math/ec/custom/sec/SecP192R1Curve.cs new file mode 100644 index 0000000..4657685 --- /dev/null +++ b/BouncyCastle/crypto/src/math/ec/custom/sec/SecP192R1Curve.cs @@ -0,0 +1,171 @@ +using System; + +using Org.BouncyCastle.Math.Raw; +using Org.BouncyCastle.Security; +using Org.BouncyCastle.Utilities.Encoders; + +namespace Org.BouncyCastle.Math.EC.Custom.Sec +{ + internal class SecP192R1Curve + : AbstractFpCurve + { + public static readonly BigInteger q = SecP192R1FieldElement.Q; + + private const int SECP192R1_DEFAULT_COORDS = COORD_JACOBIAN; + private const int SECP192R1_FE_INTS = 6; + private static readonly ECFieldElement[] SECP192R1_AFFINE_ZS = new ECFieldElement[] { new SecP192R1FieldElement(BigInteger.One) }; + + protected readonly SecP192R1Point m_infinity; + + public SecP192R1Curve() + : base(q) + { + this.m_infinity = new SecP192R1Point(this, null, null); + + this.m_a = FromBigInteger(new BigInteger(1, + Hex.DecodeStrict("FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFFFFFFFFFFFC"))); + this.m_b = FromBigInteger(new BigInteger(1, + Hex.DecodeStrict("64210519E59C80E70FA7E9AB72243049FEB8DEECC146B9B1"))); + this.m_order = new BigInteger(1, Hex.DecodeStrict("FFFFFFFFFFFFFFFFFFFFFFFF99DEF836146BC9B1B4D22831")); + this.m_cofactor = BigInteger.One; + + this.m_coord = SECP192R1_DEFAULT_COORDS; + } + + protected override ECCurve CloneCurve() + { + return new SecP192R1Curve(); + } + + public override bool SupportsCoordinateSystem(int coord) + { + switch (coord) + { + case COORD_JACOBIAN: + return true; + default: + return false; + } + } + + public virtual BigInteger Q + { + get { return q; } + } + + public override ECPoint Infinity + { + get { return m_infinity; } + } + + public override int FieldSize + { + get { return q.BitLength; } + } + + public override ECFieldElement FromBigInteger(BigInteger x) + { + return new SecP192R1FieldElement(x); + } + + protected internal override ECPoint CreateRawPoint(ECFieldElement x, ECFieldElement y, bool withCompression) + { + return new SecP192R1Point(this, x, y, withCompression); + } + + protected internal override ECPoint CreateRawPoint(ECFieldElement x, ECFieldElement y, ECFieldElement[] zs, bool withCompression) + { + return new SecP192R1Point(this, x, y, zs, withCompression); + } + + public override ECLookupTable CreateCacheSafeLookupTable(ECPoint[] points, int off, int len) + { + uint[] table = new uint[len * SECP192R1_FE_INTS * 2]; + { + int pos = 0; + for (int i = 0; i < len; ++i) + { + ECPoint p = points[off + i]; + Nat192.Copy(((SecP192R1FieldElement)p.RawXCoord).x, 0, table, pos); pos += SECP192R1_FE_INTS; + Nat192.Copy(((SecP192R1FieldElement)p.RawYCoord).x, 0, table, pos); pos += SECP192R1_FE_INTS; + } + } + + return new SecP192R1LookupTable(this, table, len); + } + + public override ECFieldElement RandomFieldElement(SecureRandom r) + { + uint[] x = Nat192.Create(); + SecP192R1Field.Random(r, x); + return new SecP192R1FieldElement(x); + } + + public override ECFieldElement RandomFieldElementMult(SecureRandom r) + { + uint[] x = Nat192.Create(); + SecP192R1Field.RandomMult(r, x); + return new SecP192R1FieldElement(x); + } + + private class SecP192R1LookupTable + : AbstractECLookupTable + { + private readonly SecP192R1Curve m_outer; + private readonly uint[] m_table; + private readonly int m_size; + + internal SecP192R1LookupTable(SecP192R1Curve outer, uint[] table, int size) + { + this.m_outer = outer; + this.m_table = table; + this.m_size = size; + } + + public override int Size + { + get { return m_size; } + } + + public override ECPoint Lookup(int index) + { + uint[] x = Nat192.Create(), y = Nat192.Create(); + int pos = 0; + + for (int i = 0; i < m_size; ++i) + { + uint MASK = (uint)(((i ^ index) - 1) >> 31); + + for (int j = 0; j < SECP192R1_FE_INTS; ++j) + { + x[j] ^= m_table[pos + j] & MASK; + y[j] ^= m_table[pos + SECP192R1_FE_INTS + j] & MASK; + } + + pos += (SECP192R1_FE_INTS * 2); + } + + return CreatePoint(x, y); + } + + public override ECPoint LookupVar(int index) + { + uint[] x = Nat192.Create(), y = Nat192.Create(); + int pos = index * SECP192R1_FE_INTS * 2; + + for (int j = 0; j < SECP192R1_FE_INTS; ++j) + { + x[j] = m_table[pos + j]; + y[j] = m_table[pos + SECP192R1_FE_INTS + j]; + } + + return CreatePoint(x, y); + } + + private ECPoint CreatePoint(uint[] x, uint[] y) + { + return m_outer.CreateRawPoint(new SecP192R1FieldElement(x), new SecP192R1FieldElement(y), SECP192R1_AFFINE_ZS, false); + } + } + } +} diff --git a/BouncyCastle/crypto/src/math/ec/custom/sec/SecP192R1Field.cs b/BouncyCastle/crypto/src/math/ec/custom/sec/SecP192R1Field.cs new file mode 100644 index 0000000..10e2046 --- /dev/null +++ b/BouncyCastle/crypto/src/math/ec/custom/sec/SecP192R1Field.cs @@ -0,0 +1,322 @@ +using System; +using System.Diagnostics; + +using Org.BouncyCastle.Crypto.Utilities; +using Org.BouncyCastle.Math.Raw; +using Org.BouncyCastle.Security; + +namespace Org.BouncyCastle.Math.EC.Custom.Sec +{ + internal class SecP192R1Field + { + // 2^192 - 2^64 - 1 + internal static readonly uint[] P = new uint[]{ 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFE, 0xFFFFFFFF, 0xFFFFFFFF, + 0xFFFFFFFF }; + private static readonly uint[] PExt = new uint[]{ 0x00000001, 0x00000000, 0x00000002, 0x00000000, 0x00000001, + 0x00000000, 0xFFFFFFFE, 0xFFFFFFFF, 0xFFFFFFFD, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF }; + private static readonly uint[] PExtInv = new uint[]{ 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFD, 0xFFFFFFFF, + 0xFFFFFFFE, 0xFFFFFFFF, 0x00000001, 0x00000000, 0x00000002 }; + private const uint P5 = 0xFFFFFFFF; + private const uint PExt11 = 0xFFFFFFFF; + + public static void Add(uint[] x, uint[] y, uint[] z) + { + uint c = Nat192.Add(x, y, z); + if (c != 0 || (z[5] == P5 && Nat192.Gte(z, P))) + { + AddPInvTo(z); + } + } + + public static void AddExt(uint[] xx, uint[] yy, uint[] zz) + { + uint c = Nat.Add(12, xx, yy, zz); + if (c != 0 || (zz[11] == PExt11 && Nat.Gte(12, zz, PExt))) + { + if (Nat.AddTo(PExtInv.Length, PExtInv, zz) != 0) + { + Nat.IncAt(12, zz, PExtInv.Length); + } + } + } + + public static void AddOne(uint[] x, uint[] z) + { + uint c = Nat.Inc(6, x, z); + if (c != 0 || (z[5] == P5 && Nat192.Gte(z, P))) + { + AddPInvTo(z); + } + } + + public static uint[] FromBigInteger(BigInteger x) + { + uint[] z = Nat.FromBigInteger(192, x); + if (z[5] == P5 && Nat192.Gte(z, P)) + { + Nat192.SubFrom(P, z); + } + return z; + } + + public static void Half(uint[] x, uint[] z) + { + if ((x[0] & 1) == 0) + { + Nat.ShiftDownBit(6, x, 0, z); + } + else + { + uint c = Nat192.Add(x, P, z); + Nat.ShiftDownBit(6, z, c); + } + } + + public static void Inv(uint[] x, uint[] z) + { + Mod.CheckedModOddInverse(P, x, z); + } + + public static int IsZero(uint[] x) + { + uint d = 0; + for (int i = 0; i < 6; ++i) + { + d |= x[i]; + } + d = (d >> 1) | (d & 1); + return ((int)d - 1) >> 31; + } + + public static void Multiply(uint[] x, uint[] y, uint[] z) + { + uint[] tt = Nat192.CreateExt(); + Nat192.Mul(x, y, tt); + Reduce(tt, z); + } + + public static void MultiplyAddToExt(uint[] x, uint[] y, uint[] zz) + { + uint c = Nat192.MulAddTo(x, y, zz); + if (c != 0 || (zz[11] == PExt11 && Nat.Gte(12, zz, PExt))) + { + if (Nat.AddTo(PExtInv.Length, PExtInv, zz) != 0) + { + Nat.IncAt(12, zz, PExtInv.Length); + } + } + } + + public static void Negate(uint[] x, uint[] z) + { + if (0 != IsZero(x)) + { + Nat192.Sub(P, P, z); + } + else + { + Nat192.Sub(P, x, z); + } + } + + public static void Random(SecureRandom r, uint[] z) + { + byte[] bb = new byte[6 * 4]; + do + { + r.NextBytes(bb); + Pack.LE_To_UInt32(bb, 0, z, 0, 6); + } + while (0 == Nat.LessThan(6, z, P)); + } + + public static void RandomMult(SecureRandom r, uint[] z) + { + do + { + Random(r, z); + } + while (0 != IsZero(z)); + } + + public static void Reduce(uint[] xx, uint[] z) + { + ulong xx06 = xx[6], xx07 = xx[7], xx08 = xx[8]; + ulong xx09 = xx[9], xx10 = xx[10], xx11 = xx[11]; + + ulong t0 = xx06 + xx10; + ulong t1 = xx07 + xx11; + + ulong cc = 0; + cc += (ulong)xx[0] + t0; + uint z0 = (uint)cc; + cc >>= 32; + cc += (ulong)xx[1] + t1; + z[1] = (uint)cc; + cc >>= 32; + + t0 += xx08; + t1 += xx09; + + cc += (ulong)xx[2] + t0; + ulong z2 = (uint)cc; + cc >>= 32; + cc += (ulong)xx[3] + t1; + z[3] = (uint)cc; + cc >>= 32; + + t0 -= xx06; + t1 -= xx07; + + cc += (ulong)xx[4] + t0; + z[4] = (uint)cc; + cc >>= 32; + cc += (ulong)xx[5] + t1; + z[5] = (uint)cc; + cc >>= 32; + + z2 += cc; + + cc += z0; + z[0] = (uint)cc; + cc >>= 32; + if (cc != 0) + { + cc += z[1]; + z[1] = (uint)cc; + z2 += cc >> 32; + } + z[2] = (uint)z2; + cc = z2 >> 32; + + Debug.Assert(cc == 0 || cc == 1); + + if ((cc != 0 && Nat.IncAt(6, z, 3) != 0) + || (z[5] == P5 && Nat192.Gte(z, P))) + { + AddPInvTo(z); + } + } + + public static void Reduce32(uint x, uint[] z) + { + ulong cc = 0; + + if (x != 0) + { + cc += (ulong)z[0] + x; + z[0] = (uint)cc; + cc >>= 32; + if (cc != 0) + { + cc += (ulong)z[1]; + z[1] = (uint)cc; + cc >>= 32; + } + cc += (ulong)z[2] + x; + z[2] = (uint)cc; + cc >>= 32; + + Debug.Assert(cc == 0 || cc == 1); + } + + if ((cc != 0 && Nat.IncAt(6, z, 3) != 0) + || (z[5] == P5 && Nat192.Gte(z, P))) + { + AddPInvTo(z); + } + } + + public static void Square(uint[] x, uint[] z) + { + uint[] tt = Nat192.CreateExt(); + Nat192.Square(x, tt); + Reduce(tt, z); + } + + public static void SquareN(uint[] x, int n, uint[] z) + { + Debug.Assert(n > 0); + + uint[] tt = Nat192.CreateExt(); + Nat192.Square(x, tt); + Reduce(tt, z); + + while (--n > 0) + { + Nat192.Square(z, tt); + Reduce(tt, z); + } + } + + public static void Subtract(uint[] x, uint[] y, uint[] z) + { + int c = Nat192.Sub(x, y, z); + if (c != 0) + { + SubPInvFrom(z); + } + } + + public static void SubtractExt(uint[] xx, uint[] yy, uint[] zz) + { + int c = Nat.Sub(12, xx, yy, zz); + if (c != 0) + { + if (Nat.SubFrom(PExtInv.Length, PExtInv, zz) != 0) + { + Nat.DecAt(12, zz, PExtInv.Length); + } + } + } + + public static void Twice(uint[] x, uint[] z) + { + uint c = Nat.ShiftUpBit(6, x, 0, z); + if (c != 0 || (z[5] == P5 && Nat192.Gte(z, P))) + { + AddPInvTo(z); + } + } + + private static void AddPInvTo(uint[] z) + { + long c = (long)z[0] + 1; + z[0] = (uint)c; + c >>= 32; + if (c != 0) + { + c += (long)z[1]; + z[1] = (uint)c; + c >>= 32; + } + c += (long)z[2] + 1; + z[2] = (uint)c; + c >>= 32; + if (c != 0) + { + Nat.IncAt(6, z, 3); + } + } + + private static void SubPInvFrom(uint[] z) + { + long c = (long)z[0] - 1; + z[0] = (uint)c; + c >>= 32; + if (c != 0) + { + c += (long)z[1]; + z[1] = (uint)c; + c >>= 32; + } + c += (long)z[2] - 1; + z[2] = (uint)c; + c >>= 32; + if (c != 0) + { + Nat.DecAt(6, z, 3); + } + } + } +} diff --git a/BouncyCastle/crypto/src/math/ec/custom/sec/SecP192R1FieldElement.cs b/BouncyCastle/crypto/src/math/ec/custom/sec/SecP192R1FieldElement.cs new file mode 100644 index 0000000..e61c225 --- /dev/null +++ b/BouncyCastle/crypto/src/math/ec/custom/sec/SecP192R1FieldElement.cs @@ -0,0 +1,190 @@ +using System; + +using Org.BouncyCastle.Math.Raw; +using Org.BouncyCastle.Utilities; +using Org.BouncyCastle.Utilities.Encoders; + +namespace Org.BouncyCastle.Math.EC.Custom.Sec +{ + internal class SecP192R1FieldElement + : AbstractFpFieldElement + { + public static readonly BigInteger Q = new BigInteger(1, + Hex.DecodeStrict("FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFFFFFFFFFFFF")); + + protected internal readonly uint[] x; + + public SecP192R1FieldElement(BigInteger x) + { + if (x == null || x.SignValue < 0 || x.CompareTo(Q) >= 0) + throw new ArgumentException("value invalid for SecP192R1FieldElement", "x"); + + this.x = SecP192R1Field.FromBigInteger(x); + } + + public SecP192R1FieldElement() + { + this.x = Nat192.Create(); + } + + protected internal SecP192R1FieldElement(uint[] x) + { + this.x = x; + } + + public override bool IsZero + { + get { return Nat192.IsZero(x); } + } + + public override bool IsOne + { + get { return Nat192.IsOne(x); } + } + + public override bool TestBitZero() + { + return Nat192.GetBit(x, 0) == 1; + } + + public override BigInteger ToBigInteger() + { + return Nat192.ToBigInteger(x); + } + + public override string FieldName + { + get { return "SecP192R1Field"; } + } + + public override int FieldSize + { + get { return Q.BitLength; } + } + + public override ECFieldElement Add(ECFieldElement b) + { + uint[] z = Nat192.Create(); + SecP192R1Field.Add(x, ((SecP192R1FieldElement)b).x, z); + return new SecP192R1FieldElement(z); + } + + public override ECFieldElement AddOne() + { + uint[] z = Nat192.Create(); + SecP192R1Field.AddOne(x, z); + return new SecP192R1FieldElement(z); + } + + public override ECFieldElement Subtract(ECFieldElement b) + { + uint[] z = Nat192.Create(); + SecP192R1Field.Subtract(x, ((SecP192R1FieldElement)b).x, z); + return new SecP192R1FieldElement(z); + } + + public override ECFieldElement Multiply(ECFieldElement b) + { + uint[] z = Nat192.Create(); + SecP192R1Field.Multiply(x, ((SecP192R1FieldElement)b).x, z); + return new SecP192R1FieldElement(z); + } + + public override ECFieldElement Divide(ECFieldElement b) + { + //return Multiply(b.Invert()); + uint[] z = Nat192.Create(); + SecP192R1Field.Inv(((SecP192R1FieldElement)b).x, z); + SecP192R1Field.Multiply(z, x, z); + return new SecP192R1FieldElement(z); + } + + public override ECFieldElement Negate() + { + uint[] z = Nat192.Create(); + SecP192R1Field.Negate(x, z); + return new SecP192R1FieldElement(z); + } + + public override ECFieldElement Square() + { + uint[] z = Nat192.Create(); + SecP192R1Field.Square(x, z); + return new SecP192R1FieldElement(z); + } + + public override ECFieldElement Invert() + { + //return new SecP192R1FieldElement(ToBigInteger().ModInverse(Q)); + uint[] z = Nat192.Create(); + SecP192R1Field.Inv(x, z); + return new SecP192R1FieldElement(z); + } + + /** + * return a sqrt root - the routine verifies that the calculation returns the right value - if + * none exists it returns null. + */ + public override ECFieldElement Sqrt() + { + // Raise this element to the exponent 2^190 - 2^62 + + uint[] x1 = this.x; + if (Nat192.IsZero(x1) || Nat192.IsOne(x1)) + return this; + + uint[] t1 = Nat192.Create(); + uint[] t2 = Nat192.Create(); + + SecP192R1Field.Square(x1, t1); + SecP192R1Field.Multiply(t1, x1, t1); + + SecP192R1Field.SquareN(t1, 2, t2); + SecP192R1Field.Multiply(t2, t1, t2); + + SecP192R1Field.SquareN(t2, 4, t1); + SecP192R1Field.Multiply(t1, t2, t1); + + SecP192R1Field.SquareN(t1, 8, t2); + SecP192R1Field.Multiply(t2, t1, t2); + + SecP192R1Field.SquareN(t2, 16, t1); + SecP192R1Field.Multiply(t1, t2, t1); + + SecP192R1Field.SquareN(t1, 32, t2); + SecP192R1Field.Multiply(t2, t1, t2); + + SecP192R1Field.SquareN(t2, 64, t1); + SecP192R1Field.Multiply(t1, t2, t1); + + SecP192R1Field.SquareN(t1, 62, t1); + SecP192R1Field.Square(t1, t2); + + return Nat192.Eq(x1, t2) ? new SecP192R1FieldElement(t1) : null; + } + + public override bool Equals(object obj) + { + return Equals(obj as SecP192R1FieldElement); + } + + public override bool Equals(ECFieldElement other) + { + return Equals(other as SecP192R1FieldElement); + } + + public virtual bool Equals(SecP192R1FieldElement other) + { + if (this == other) + return true; + if (null == other) + return false; + return Nat192.Eq(x, other.x); + } + + public override int GetHashCode() + { + return Q.GetHashCode() ^ Arrays.GetHashCode(x, 0, 6); + } + } +} diff --git a/BouncyCastle/crypto/src/math/ec/custom/sec/SecP192R1Point.cs b/BouncyCastle/crypto/src/math/ec/custom/sec/SecP192R1Point.cs new file mode 100644 index 0000000..3b53e34 --- /dev/null +++ b/BouncyCastle/crypto/src/math/ec/custom/sec/SecP192R1Point.cs @@ -0,0 +1,279 @@ +using System; + +using Org.BouncyCastle.Math.Raw; + +namespace Org.BouncyCastle.Math.EC.Custom.Sec +{ + internal class SecP192R1Point + : AbstractFpPoint + { + /** + * Create a point which encodes with point compression. + * + * @param curve + * the curve to use + * @param x + * affine x co-ordinate + * @param y + * affine y co-ordinate + * + * @deprecated Use ECCurve.createPoint to construct points + */ + public SecP192R1Point(ECCurve curve, ECFieldElement x, ECFieldElement y) + : this(curve, x, y, false) + { + } + + /** + * Create a point that encodes with or without point compresion. + * + * @param curve + * the curve to use + * @param x + * affine x co-ordinate + * @param y + * affine y co-ordinate + * @param withCompression + * if true encode with point compression + * + * @deprecated per-point compression property will be removed, refer + * {@link #getEncoded(bool)} + */ + public SecP192R1Point(ECCurve curve, ECFieldElement x, ECFieldElement y, bool withCompression) + : base(curve, x, y, withCompression) + { + if ((x == null) != (y == null)) + throw new ArgumentException("Exactly one of the field elements is null"); + } + + internal SecP192R1Point(ECCurve curve, ECFieldElement x, ECFieldElement y, ECFieldElement[] zs, bool withCompression) + : base(curve, x, y, zs, withCompression) + { + } + + protected override ECPoint Detach() + { + return new SecP192R1Point(null, AffineXCoord, AffineYCoord); + } + + public override ECPoint Add(ECPoint b) + { + if (this.IsInfinity) + return b; + if (b.IsInfinity) + return this; + if (this == b) + return Twice(); + + ECCurve curve = this.Curve; + + SecP192R1FieldElement X1 = (SecP192R1FieldElement)this.RawXCoord, Y1 = (SecP192R1FieldElement)this.RawYCoord; + SecP192R1FieldElement X2 = (SecP192R1FieldElement)b.RawXCoord, Y2 = (SecP192R1FieldElement)b.RawYCoord; + + SecP192R1FieldElement Z1 = (SecP192R1FieldElement)this.RawZCoords[0]; + SecP192R1FieldElement Z2 = (SecP192R1FieldElement)b.RawZCoords[0]; + + uint c; + uint[] tt1 = Nat192.CreateExt(); + uint[] t2 = Nat192.Create(); + uint[] t3 = Nat192.Create(); + uint[] t4 = Nat192.Create(); + + bool Z1IsOne = Z1.IsOne; + uint[] U2, S2; + if (Z1IsOne) + { + U2 = X2.x; + S2 = Y2.x; + } + else + { + S2 = t3; + SecP192R1Field.Square(Z1.x, S2); + + U2 = t2; + SecP192R1Field.Multiply(S2, X2.x, U2); + + SecP192R1Field.Multiply(S2, Z1.x, S2); + SecP192R1Field.Multiply(S2, Y2.x, S2); + } + + bool Z2IsOne = Z2.IsOne; + uint[] U1, S1; + if (Z2IsOne) + { + U1 = X1.x; + S1 = Y1.x; + } + else + { + S1 = t4; + SecP192R1Field.Square(Z2.x, S1); + + U1 = tt1; + SecP192R1Field.Multiply(S1, X1.x, U1); + + SecP192R1Field.Multiply(S1, Z2.x, S1); + SecP192R1Field.Multiply(S1, Y1.x, S1); + } + + uint[] H = Nat192.Create(); + SecP192R1Field.Subtract(U1, U2, H); + + uint[] R = t2; + SecP192R1Field.Subtract(S1, S2, R); + + // Check if b == this or b == -this + if (Nat192.IsZero(H)) + { + if (Nat192.IsZero(R)) + { + // this == b, i.e. this must be doubled + return this.Twice(); + } + + // this == -b, i.e. the result is the point at infinity + return curve.Infinity; + } + + uint[] HSquared = t3; + SecP192R1Field.Square(H, HSquared); + + uint[] G = Nat192.Create(); + SecP192R1Field.Multiply(HSquared, H, G); + + uint[] V = t3; + SecP192R1Field.Multiply(HSquared, U1, V); + + SecP192R1Field.Negate(G, G); + Nat192.Mul(S1, G, tt1); + + c = Nat192.AddBothTo(V, V, G); + SecP192R1Field.Reduce32(c, G); + + SecP192R1FieldElement X3 = new SecP192R1FieldElement(t4); + SecP192R1Field.Square(R, X3.x); + SecP192R1Field.Subtract(X3.x, G, X3.x); + + SecP192R1FieldElement Y3 = new SecP192R1FieldElement(G); + SecP192R1Field.Subtract(V, X3.x, Y3.x); + SecP192R1Field.MultiplyAddToExt(Y3.x, R, tt1); + SecP192R1Field.Reduce(tt1, Y3.x); + + SecP192R1FieldElement Z3 = new SecP192R1FieldElement(H); + if (!Z1IsOne) + { + SecP192R1Field.Multiply(Z3.x, Z1.x, Z3.x); + } + if (!Z2IsOne) + { + SecP192R1Field.Multiply(Z3.x, Z2.x, Z3.x); + } + + ECFieldElement[] zs = new ECFieldElement[] { Z3 }; + + return new SecP192R1Point(curve, X3, Y3, zs, IsCompressed); + } + + public override ECPoint Twice() + { + if (this.IsInfinity) + return this; + + ECCurve curve = this.Curve; + + SecP192R1FieldElement Y1 = (SecP192R1FieldElement)this.RawYCoord; + if (Y1.IsZero) + return curve.Infinity; + + SecP192R1FieldElement X1 = (SecP192R1FieldElement)this.RawXCoord, Z1 = (SecP192R1FieldElement)this.RawZCoords[0]; + + uint c; + uint[] t1 = Nat192.Create(); + uint[] t2 = Nat192.Create(); + + uint[] Y1Squared = Nat192.Create(); + SecP192R1Field.Square(Y1.x, Y1Squared); + + uint[] T = Nat192.Create(); + SecP192R1Field.Square(Y1Squared, T); + + bool Z1IsOne = Z1.IsOne; + + uint[] Z1Squared = Z1.x; + if (!Z1IsOne) + { + Z1Squared = t2; + SecP192R1Field.Square(Z1.x, Z1Squared); + } + + SecP192R1Field.Subtract(X1.x, Z1Squared, t1); + + uint[] M = t2; + SecP192R1Field.Add(X1.x, Z1Squared, M); + SecP192R1Field.Multiply(M, t1, M); + c = Nat192.AddBothTo(M, M, M); + SecP192R1Field.Reduce32(c, M); + + uint[] S = Y1Squared; + SecP192R1Field.Multiply(Y1Squared, X1.x, S); + c = Nat.ShiftUpBits(6, S, 2, 0); + SecP192R1Field.Reduce32(c, S); + + c = Nat.ShiftUpBits(6, T, 3, 0, t1); + SecP192R1Field.Reduce32(c, t1); + + SecP192R1FieldElement X3 = new SecP192R1FieldElement(T); + SecP192R1Field.Square(M, X3.x); + SecP192R1Field.Subtract(X3.x, S, X3.x); + SecP192R1Field.Subtract(X3.x, S, X3.x); + + SecP192R1FieldElement Y3 = new SecP192R1FieldElement(S); + SecP192R1Field.Subtract(S, X3.x, Y3.x); + SecP192R1Field.Multiply(Y3.x, M, Y3.x); + SecP192R1Field.Subtract(Y3.x, t1, Y3.x); + + SecP192R1FieldElement Z3 = new SecP192R1FieldElement(M); + SecP192R1Field.Twice(Y1.x, Z3.x); + if (!Z1IsOne) + { + SecP192R1Field.Multiply(Z3.x, Z1.x, Z3.x); + } + + return new SecP192R1Point(curve, X3, Y3, new ECFieldElement[] { Z3 }, IsCompressed); + } + + public override ECPoint TwicePlus(ECPoint b) + { + if (this == b) + return ThreeTimes(); + if (this.IsInfinity) + return b; + if (b.IsInfinity) + return Twice(); + + ECFieldElement Y1 = this.RawYCoord; + if (Y1.IsZero) + return b; + + return Twice().Add(b); + } + + public override ECPoint ThreeTimes() + { + if (this.IsInfinity || this.RawYCoord.IsZero) + return this; + + // NOTE: Be careful about recursions between TwicePlus and ThreeTimes + return Twice().Add(this); + } + + public override ECPoint Negate() + { + if (IsInfinity) + return this; + + return new SecP192R1Point(Curve, RawXCoord, RawYCoord.Negate(), RawZCoords, IsCompressed); + } + } +} diff --git a/BouncyCastle/crypto/src/math/ec/custom/sec/SecP224K1Curve.cs b/BouncyCastle/crypto/src/math/ec/custom/sec/SecP224K1Curve.cs new file mode 100644 index 0000000..dc5cd6c --- /dev/null +++ b/BouncyCastle/crypto/src/math/ec/custom/sec/SecP224K1Curve.cs @@ -0,0 +1,168 @@ +using System; + +using Org.BouncyCastle.Math.Raw; +using Org.BouncyCastle.Security; +using Org.BouncyCastle.Utilities.Encoders; + +namespace Org.BouncyCastle.Math.EC.Custom.Sec +{ + internal class SecP224K1Curve + : AbstractFpCurve + { + public static readonly BigInteger q = SecP224K1FieldElement.Q; + + private const int SECP224K1_DEFAULT_COORDS = COORD_JACOBIAN; + private const int SECP224K1_FE_INTS = 7; + private static readonly ECFieldElement[] SECP224K1_AFFINE_ZS = new ECFieldElement[] { new SecP224K1FieldElement(BigInteger.One) }; + + protected readonly SecP224K1Point m_infinity; + + public SecP224K1Curve() + : base(q) + { + this.m_infinity = new SecP224K1Point(this, null, null); + + this.m_a = FromBigInteger(BigInteger.Zero); + this.m_b = FromBigInteger(BigInteger.ValueOf(5)); + this.m_order = new BigInteger(1, Hex.DecodeStrict("010000000000000000000000000001DCE8D2EC6184CAF0A971769FB1F7")); + this.m_cofactor = BigInteger.One; + this.m_coord = SECP224K1_DEFAULT_COORDS; + } + + protected override ECCurve CloneCurve() + { + return new SecP224K1Curve(); + } + + public override bool SupportsCoordinateSystem(int coord) + { + switch (coord) + { + case COORD_JACOBIAN: + return true; + default: + return false; + } + } + + public virtual BigInteger Q + { + get { return q; } + } + + public override ECPoint Infinity + { + get { return m_infinity; } + } + + public override int FieldSize + { + get { return q.BitLength; } + } + + public override ECFieldElement FromBigInteger(BigInteger x) + { + return new SecP224K1FieldElement(x); + } + + protected internal override ECPoint CreateRawPoint(ECFieldElement x, ECFieldElement y, bool withCompression) + { + return new SecP224K1Point(this, x, y, withCompression); + } + + protected internal override ECPoint CreateRawPoint(ECFieldElement x, ECFieldElement y, ECFieldElement[] zs, bool withCompression) + { + return new SecP224K1Point(this, x, y, zs, withCompression); + } + + public override ECLookupTable CreateCacheSafeLookupTable(ECPoint[] points, int off, int len) + { + uint[] table = new uint[len * SECP224K1_FE_INTS * 2]; + { + int pos = 0; + for (int i = 0; i < len; ++i) + { + ECPoint p = points[off + i]; + Nat224.Copy(((SecP224K1FieldElement)p.RawXCoord).x, 0, table, pos); pos += SECP224K1_FE_INTS; + Nat224.Copy(((SecP224K1FieldElement)p.RawYCoord).x, 0, table, pos); pos += SECP224K1_FE_INTS; + } + } + + return new SecP224K1LookupTable(this, table, len); + } + + public override ECFieldElement RandomFieldElement(SecureRandom r) + { + uint[] x = Nat224.Create(); + SecP224K1Field.Random(r, x); + return new SecP224K1FieldElement(x); + } + + public override ECFieldElement RandomFieldElementMult(SecureRandom r) + { + uint[] x = Nat224.Create(); + SecP224K1Field.RandomMult(r, x); + return new SecP224K1FieldElement(x); + } + + private class SecP224K1LookupTable + : AbstractECLookupTable + { + private readonly SecP224K1Curve m_outer; + private readonly uint[] m_table; + private readonly int m_size; + + internal SecP224K1LookupTable(SecP224K1Curve outer, uint[] table, int size) + { + this.m_outer = outer; + this.m_table = table; + this.m_size = size; + } + + public override int Size + { + get { return m_size; } + } + + public override ECPoint Lookup(int index) + { + uint[] x = Nat224.Create(), y = Nat224.Create(); + int pos = 0; + + for (int i = 0; i < m_size; ++i) + { + uint MASK = (uint)(((i ^ index) - 1) >> 31); + + for (int j = 0; j < SECP224K1_FE_INTS; ++j) + { + x[j] ^= m_table[pos + j] & MASK; + y[j] ^= m_table[pos + SECP224K1_FE_INTS + j] & MASK; + } + + pos += (SECP224K1_FE_INTS * 2); + } + + return CreatePoint(x, y); + } + + public override ECPoint LookupVar(int index) + { + uint[] x = Nat224.Create(), y = Nat224.Create(); + int pos = index * SECP224K1_FE_INTS * 2; + + for (int j = 0; j < SECP224K1_FE_INTS; ++j) + { + x[j] = m_table[pos + j]; + y[j] = m_table[pos + SECP224K1_FE_INTS + j]; + } + + return CreatePoint(x, y); + } + + private ECPoint CreatePoint(uint[] x, uint[] y) + { + return m_outer.CreateRawPoint(new SecP224K1FieldElement(x), new SecP224K1FieldElement(y), SECP224K1_AFFINE_ZS, false); + } + } + } +} diff --git a/BouncyCastle/crypto/src/math/ec/custom/sec/SecP224K1Field.cs b/BouncyCastle/crypto/src/math/ec/custom/sec/SecP224K1Field.cs new file mode 100644 index 0000000..36e5364 --- /dev/null +++ b/BouncyCastle/crypto/src/math/ec/custom/sec/SecP224K1Field.cs @@ -0,0 +1,218 @@ +using System; +using System.Diagnostics; + +using Org.BouncyCastle.Crypto.Utilities; +using Org.BouncyCastle.Math.Raw; +using Org.BouncyCastle.Security; + +namespace Org.BouncyCastle.Math.EC.Custom.Sec +{ + internal class SecP224K1Field + { + // 2^224 - 2^32 - 2^12 - 2^11 - 2^9 - 2^7 - 2^4 - 2 - 1 + internal static readonly uint[] P = new uint[]{ 0xFFFFE56D, 0xFFFFFFFE, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, + 0xFFFFFFFF, 0xFFFFFFFF }; + private static readonly uint[] PExt = new uint[]{ 0x02C23069, 0x00003526, 0x00000001, 0x00000000, 0x00000000, + 0x00000000, 0x00000000, 0xFFFFCADA, 0xFFFFFFFD, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF + }; + private static readonly uint[] PExtInv = new uint[]{ 0xFD3DCF97, 0xFFFFCAD9, 0xFFFFFFFE, 0xFFFFFFFF, + 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0x00003525, 0x00000002 }; + private const uint P6 = 0xFFFFFFFF; + private const uint PExt13 = 0xFFFFFFFF; + private const uint PInv33 = 0x1A93; + + public static void Add(uint[] x, uint[] y, uint[] z) + { + uint c = Nat224.Add(x, y, z); + if (c != 0 || (z[6] == P6 && Nat224.Gte(z, P))) + { + Nat.Add33To(7, PInv33, z); + } + } + + public static void AddExt(uint[] xx, uint[] yy, uint[] zz) + { + uint c = Nat.Add(14, xx, yy, zz); + if (c != 0 || (zz[13] == PExt13 && Nat.Gte(14, zz, PExt))) + { + if (Nat.AddTo(PExtInv.Length, PExtInv, zz) != 0) + { + Nat.IncAt(14, zz, PExtInv.Length); + } + } + } + + public static void AddOne(uint[] x, uint[] z) + { + uint c = Nat.Inc(7, x, z); + if (c != 0 || (z[6] == P6 && Nat224.Gte(z, P))) + { + Nat.Add33To(7, PInv33, z); + } + } + + public static uint[] FromBigInteger(BigInteger x) + { + uint[] z = Nat.FromBigInteger(224, x); + if (z[6] == P6 && Nat224.Gte(z, P)) + { + Nat224.SubFrom(P, z); + } + return z; + } + + public static void Half(uint[] x, uint[] z) + { + if ((x[0] & 1) == 0) + { + Nat.ShiftDownBit(7, x, 0, z); + } + else + { + uint c = Nat224.Add(x, P, z); + Nat.ShiftDownBit(7, z, c); + } + } + + public static void Inv(uint[] x, uint[] z) + { + Mod.CheckedModOddInverse(P, x, z); + } + + public static int IsZero(uint[] x) + { + uint d = 0; + for (int i = 0; i < 7; ++i) + { + d |= x[i]; + } + d = (d >> 1) | (d & 1); + return ((int)d - 1) >> 31; + } + + public static void Multiply(uint[] x, uint[] y, uint[] z) + { + uint[] tt = Nat224.CreateExt(); + Nat224.Mul(x, y, tt); + Reduce(tt, z); + } + + public static void MultiplyAddToExt(uint[] x, uint[] y, uint[] zz) + { + uint c = Nat224.MulAddTo(x, y, zz); + if (c != 0 || (zz[13] == PExt13 && Nat.Gte(14, zz, PExt))) + { + if (Nat.AddTo(PExtInv.Length, PExtInv, zz) != 0) + { + Nat.IncAt(14, zz, PExtInv.Length); + } + } + } + + public static void Negate(uint[] x, uint[] z) + { + if (0 != IsZero(x)) + { + Nat224.Sub(P, P, z); + } + else + { + Nat224.Sub(P, x, z); + } + } + + public static void Random(SecureRandom r, uint[] z) + { + byte[] bb = new byte[7 * 4]; + do + { + r.NextBytes(bb); + Pack.LE_To_UInt32(bb, 0, z, 0, 7); + } + while (0 == Nat.LessThan(7, z, P)); + } + + public static void RandomMult(SecureRandom r, uint[] z) + { + do + { + Random(r, z); + } + while (0 != IsZero(z)); + } + + public static void Reduce(uint[] xx, uint[] z) + { + ulong cc = Nat224.Mul33Add(PInv33, xx, 7, xx, 0, z, 0); + uint c = Nat224.Mul33DWordAdd(PInv33, cc, z, 0); + + Debug.Assert(c == 0 || c == 1); + + if (c != 0 || (z[6] == P6 && Nat224.Gte(z, P))) + { + Nat.Add33To(7, PInv33, z); + } + } + + public static void Reduce32(uint x, uint[] z) + { + if ((x != 0 && Nat224.Mul33WordAdd(PInv33, x, z, 0) != 0) + || (z[6] == P6 && Nat224.Gte(z, P))) + { + Nat.Add33To(7, PInv33, z); + } + } + + public static void Square(uint[] x, uint[] z) + { + uint[] tt = Nat224.CreateExt(); + Nat224.Square(x, tt); + Reduce(tt, z); + } + + public static void SquareN(uint[] x, int n, uint[] z) + { + Debug.Assert(n > 0); + + uint[] tt = Nat224.CreateExt(); + Nat224.Square(x, tt); + Reduce(tt, z); + + while (--n > 0) + { + Nat224.Square(z, tt); + Reduce(tt, z); + } + } + + public static void Subtract(uint[] x, uint[] y, uint[] z) + { + int c = Nat224.Sub(x, y, z); + if (c != 0) + { + Nat.Sub33From(7, PInv33, z); + } + } + + public static void SubtractExt(uint[] xx, uint[] yy, uint[] zz) + { + int c = Nat.Sub(14, xx, yy, zz); + if (c != 0) + { + if (Nat.SubFrom(PExtInv.Length, PExtInv, zz) != 0) + { + Nat.DecAt(14, zz, PExtInv.Length); + } + } + } + + public static void Twice(uint[] x, uint[] z) + { + uint c = Nat.ShiftUpBit(7, x, 0, z); + if (c != 0 || (z[6] == P6 && Nat224.Gte(z, P))) + { + Nat.Add33To(7, PInv33, z); + } + } + } +} diff --git a/BouncyCastle/crypto/src/math/ec/custom/sec/SecP224K1FieldElement.cs b/BouncyCastle/crypto/src/math/ec/custom/sec/SecP224K1FieldElement.cs new file mode 100644 index 0000000..eb74041 --- /dev/null +++ b/BouncyCastle/crypto/src/math/ec/custom/sec/SecP224K1FieldElement.cs @@ -0,0 +1,244 @@ +using System; +using System.Diagnostics; + +using Org.BouncyCastle.Math.Raw; +using Org.BouncyCastle.Utilities; +using Org.BouncyCastle.Utilities.Encoders; + +namespace Org.BouncyCastle.Math.EC.Custom.Sec +{ + internal class SecP224K1FieldElement + : AbstractFpFieldElement + { + public static readonly BigInteger Q = new BigInteger(1, + Hex.DecodeStrict("FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFE56D")); + + // Calculated as BigInteger.Two.ModPow(Q.ShiftRight(2), Q) + private static readonly uint[] PRECOMP_POW2 = new uint[]{ 0x33bfd202, 0xdcfad133, 0x2287624a, 0xc3811ba8, + 0xa85558fc, 0x1eaef5d7, 0x8edf154c }; + + protected internal readonly uint[] x; + + public SecP224K1FieldElement(BigInteger x) + { + if (x == null || x.SignValue < 0 || x.CompareTo(Q) >= 0) + throw new ArgumentException("value invalid for SecP224K1FieldElement", "x"); + + this.x = SecP224K1Field.FromBigInteger(x); + } + + public SecP224K1FieldElement() + { + this.x = Nat224.Create(); + } + + protected internal SecP224K1FieldElement(uint[] x) + { + this.x = x; + } + + public override bool IsZero + { + get { return Nat224.IsZero(x); } + } + + public override bool IsOne + { + get { return Nat224.IsOne(x); } + } + + public override bool TestBitZero() + { + return Nat224.GetBit(x, 0) == 1; + } + + public override BigInteger ToBigInteger() + { + return Nat224.ToBigInteger(x); + } + + public override string FieldName + { + get { return "SecP224K1Field"; } + } + + public override int FieldSize + { + get { return Q.BitLength; } + } + + public override ECFieldElement Add(ECFieldElement b) + { + uint[] z = Nat224.Create(); + SecP224K1Field.Add(x, ((SecP224K1FieldElement)b).x, z); + return new SecP224K1FieldElement(z); + } + + public override ECFieldElement AddOne() + { + uint[] z = Nat224.Create(); + SecP224K1Field.AddOne(x, z); + return new SecP224K1FieldElement(z); + } + + public override ECFieldElement Subtract(ECFieldElement b) + { + uint[] z = Nat224.Create(); + SecP224K1Field.Subtract(x, ((SecP224K1FieldElement)b).x, z); + return new SecP224K1FieldElement(z); + } + + public override ECFieldElement Multiply(ECFieldElement b) + { + uint[] z = Nat224.Create(); + SecP224K1Field.Multiply(x, ((SecP224K1FieldElement)b).x, z); + return new SecP224K1FieldElement(z); + } + + public override ECFieldElement Divide(ECFieldElement b) + { + //return Multiply(b.Invert()); + uint[] z = Nat224.Create(); + SecP224K1Field.Inv(((SecP224K1FieldElement)b).x, z); + SecP224K1Field.Multiply(z, x, z); + return new SecP224K1FieldElement(z); + } + + public override ECFieldElement Negate() + { + uint[] z = Nat224.Create(); + SecP224K1Field.Negate(x, z); + return new SecP224K1FieldElement(z); + } + + public override ECFieldElement Square() + { + uint[] z = Nat224.Create(); + SecP224K1Field.Square(x, z); + return new SecP224K1FieldElement(z); + } + + public override ECFieldElement Invert() + { + //return new SecP224K1FieldElement(ToBigInteger().ModInverse(Q)); + uint[] z = Nat224.Create(); + SecP224K1Field.Inv(x, z); + return new SecP224K1FieldElement(z); + } + + /** + * return a sqrt root - the routine verifies that the calculation returns the right value - if + * none exists it returns null. + */ + public override ECFieldElement Sqrt() + { + /* + * Q == 8m + 5, so we use Pocklington's method for this case. + * + * First, raise this element to the exponent 2^221 - 2^29 - 2^9 - 2^8 - 2^6 - 2^4 - 2^1 (i.e. m + 1) + * + * Breaking up the exponent's binary representation into "repunits", we get: + * { 191 1s } { 1 0s } { 19 1s } { 2 0s } { 1 1s } { 1 0s } { 1 1s } { 1 0s } { 3 1s } { 1 0s } + * + * Therefore we need an addition chain containing 1, 3, 19, 191 (the lengths of the repunits) + * We use: [1], 2, [3], 4, 8, 11, [19], 23, 42, 84, 107, [191] + */ + + uint[] x1 = this.x; + if (Nat224.IsZero(x1) || Nat224.IsOne(x1)) + return this; + + uint[] x2 = Nat224.Create(); + SecP224K1Field.Square(x1, x2); + SecP224K1Field.Multiply(x2, x1, x2); + uint[] x3 = x2; + SecP224K1Field.Square(x2, x3); + SecP224K1Field.Multiply(x3, x1, x3); + uint[] x4 = Nat224.Create(); + SecP224K1Field.Square(x3, x4); + SecP224K1Field.Multiply(x4, x1, x4); + uint[] x8 = Nat224.Create(); + SecP224K1Field.SquareN(x4, 4, x8); + SecP224K1Field.Multiply(x8, x4, x8); + uint[] x11 = Nat224.Create(); + SecP224K1Field.SquareN(x8, 3, x11); + SecP224K1Field.Multiply(x11, x3, x11); + uint[] x19 = x11; + SecP224K1Field.SquareN(x11, 8, x19); + SecP224K1Field.Multiply(x19, x8, x19); + uint[] x23 = x8; + SecP224K1Field.SquareN(x19, 4, x23); + SecP224K1Field.Multiply(x23, x4, x23); + uint[] x42 = x4; + SecP224K1Field.SquareN(x23, 19, x42); + SecP224K1Field.Multiply(x42, x19, x42); + uint[] x84 = Nat224.Create(); + SecP224K1Field.SquareN(x42, 42, x84); + SecP224K1Field.Multiply(x84, x42, x84); + uint[] x107 = x42; + SecP224K1Field.SquareN(x84, 23, x107); + SecP224K1Field.Multiply(x107, x23, x107); + uint[] x191 = x23; + SecP224K1Field.SquareN(x107, 84, x191); + SecP224K1Field.Multiply(x191, x84, x191); + + uint[] t1 = x191; + SecP224K1Field.SquareN(t1, 20, t1); + SecP224K1Field.Multiply(t1, x19, t1); + SecP224K1Field.SquareN(t1, 3, t1); + SecP224K1Field.Multiply(t1, x1, t1); + SecP224K1Field.SquareN(t1, 2, t1); + SecP224K1Field.Multiply(t1, x1, t1); + SecP224K1Field.SquareN(t1, 4, t1); + SecP224K1Field.Multiply(t1, x3, t1); + SecP224K1Field.Square(t1, t1); + + uint[] t2 = x84; + SecP224K1Field.Square(t1, t2); + + if (Nat224.Eq(x1, t2)) + { + return new SecP224K1FieldElement(t1); + } + + /* + * If the first guess is incorrect, we multiply by a precomputed power of 2 to get the second guess, + * which is ((4x)^(m + 1))/2 mod Q + */ + SecP224K1Field.Multiply(t1, PRECOMP_POW2, t1); + + SecP224K1Field.Square(t1, t2); + + if (Nat224.Eq(x1, t2)) + { + return new SecP224K1FieldElement(t1); + } + + return null; + } + + public override bool Equals(object obj) + { + return Equals(obj as SecP224K1FieldElement); + } + + public override bool Equals(ECFieldElement other) + { + return Equals(other as SecP224K1FieldElement); + } + + public virtual bool Equals(SecP224K1FieldElement other) + { + if (this == other) + return true; + if (null == other) + return false; + return Nat224.Eq(x, other.x); + } + + public override int GetHashCode() + { + return Q.GetHashCode() ^ Arrays.GetHashCode(x, 0, 7); + } + } +} diff --git a/BouncyCastle/crypto/src/math/ec/custom/sec/SecP224K1Point.cs b/BouncyCastle/crypto/src/math/ec/custom/sec/SecP224K1Point.cs new file mode 100644 index 0000000..98cb292 --- /dev/null +++ b/BouncyCastle/crypto/src/math/ec/custom/sec/SecP224K1Point.cs @@ -0,0 +1,267 @@ +using System; + +using Org.BouncyCastle.Math.Raw; + +namespace Org.BouncyCastle.Math.EC.Custom.Sec +{ + internal class SecP224K1Point + : AbstractFpPoint + { + /** + * Create a point which encodes with point compression. + * + * @param curve + * the curve to use + * @param x + * affine x co-ordinate + * @param y + * affine y co-ordinate + * + * @deprecated Use ECCurve.createPoint to construct points + */ + public SecP224K1Point(ECCurve curve, ECFieldElement x, ECFieldElement y) + : this(curve, x, y, false) + { + } + + /** + * Create a point that encodes with or without point compresion. + * + * @param curve + * the curve to use + * @param x + * affine x co-ordinate + * @param y + * affine y co-ordinate + * @param withCompression + * if true encode with point compression + * + * @deprecated per-point compression property will be removed, refer + * {@link #getEncoded(bool)} + */ + public SecP224K1Point(ECCurve curve, ECFieldElement x, ECFieldElement y, bool withCompression) + : base(curve, x, y, withCompression) + { + if ((x == null) != (y == null)) + throw new ArgumentException("Exactly one of the field elements is null"); + } + + internal SecP224K1Point(ECCurve curve, ECFieldElement x, ECFieldElement y, ECFieldElement[] zs, + bool withCompression) + : base(curve, x, y, zs, withCompression) + { + } + + protected override ECPoint Detach() + { + return new SecP224K1Point(null, AffineXCoord, AffineYCoord); + } + + public override ECPoint Add(ECPoint b) + { + if (this.IsInfinity) + return b; + if (b.IsInfinity) + return this; + if (this == b) + return Twice(); + + ECCurve curve = this.Curve; + + SecP224K1FieldElement X1 = (SecP224K1FieldElement)this.RawXCoord, Y1 = (SecP224K1FieldElement)this.RawYCoord; + SecP224K1FieldElement X2 = (SecP224K1FieldElement)b.RawXCoord, Y2 = (SecP224K1FieldElement)b.RawYCoord; + + SecP224K1FieldElement Z1 = (SecP224K1FieldElement)this.RawZCoords[0]; + SecP224K1FieldElement Z2 = (SecP224K1FieldElement)b.RawZCoords[0]; + + uint c; + uint[] tt1 = Nat224.CreateExt(); + uint[] t2 = Nat224.Create(); + uint[] t3 = Nat224.Create(); + uint[] t4 = Nat224.Create(); + + bool Z1IsOne = Z1.IsOne; + uint[] U2, S2; + if (Z1IsOne) + { + U2 = X2.x; + S2 = Y2.x; + } + else + { + S2 = t3; + SecP224K1Field.Square(Z1.x, S2); + + U2 = t2; + SecP224K1Field.Multiply(S2, X2.x, U2); + + SecP224K1Field.Multiply(S2, Z1.x, S2); + SecP224K1Field.Multiply(S2, Y2.x, S2); + } + + bool Z2IsOne = Z2.IsOne; + uint[] U1, S1; + if (Z2IsOne) + { + U1 = X1.x; + S1 = Y1.x; + } + else + { + S1 = t4; + SecP224K1Field.Square(Z2.x, S1); + + U1 = tt1; + SecP224K1Field.Multiply(S1, X1.x, U1); + + SecP224K1Field.Multiply(S1, Z2.x, S1); + SecP224K1Field.Multiply(S1, Y1.x, S1); + } + + uint[] H = Nat224.Create(); + SecP224K1Field.Subtract(U1, U2, H); + + uint[] R = t2; + SecP224K1Field.Subtract(S1, S2, R); + + // Check if b == this or b == -this + if (Nat224.IsZero(H)) + { + if (Nat224.IsZero(R)) + { + // this == b, i.e. this must be doubled + return this.Twice(); + } + + // this == -b, i.e. the result is the point at infinity + return curve.Infinity; + } + + uint[] HSquared = t3; + SecP224K1Field.Square(H, HSquared); + + uint[] G = Nat224.Create(); + SecP224K1Field.Multiply(HSquared, H, G); + + uint[] V = t3; + SecP224K1Field.Multiply(HSquared, U1, V); + + SecP224K1Field.Negate(G, G); + Nat224.Mul(S1, G, tt1); + + c = Nat224.AddBothTo(V, V, G); + SecP224K1Field.Reduce32(c, G); + + SecP224K1FieldElement X3 = new SecP224K1FieldElement(t4); + SecP224K1Field.Square(R, X3.x); + SecP224K1Field.Subtract(X3.x, G, X3.x); + + SecP224K1FieldElement Y3 = new SecP224K1FieldElement(G); + SecP224K1Field.Subtract(V, X3.x, Y3.x); + SecP224K1Field.MultiplyAddToExt(Y3.x, R, tt1); + SecP224K1Field.Reduce(tt1, Y3.x); + + SecP224K1FieldElement Z3 = new SecP224K1FieldElement(H); + if (!Z1IsOne) + { + SecP224K1Field.Multiply(Z3.x, Z1.x, Z3.x); + } + if (!Z2IsOne) + { + SecP224K1Field.Multiply(Z3.x, Z2.x, Z3.x); + } + + ECFieldElement[] zs = new ECFieldElement[] { Z3 }; + + return new SecP224K1Point(curve, X3, Y3, zs, IsCompressed); + } + + public override ECPoint Twice() + { + if (this.IsInfinity) + return this; + + ECCurve curve = this.Curve; + + SecP224K1FieldElement Y1 = (SecP224K1FieldElement)this.RawYCoord; + if (Y1.IsZero) + return curve.Infinity; + + SecP224K1FieldElement X1 = (SecP224K1FieldElement)this.RawXCoord, Z1 = (SecP224K1FieldElement)this.RawZCoords[0]; + + uint c; + + uint[] Y1Squared = Nat224.Create(); + SecP224K1Field.Square(Y1.x, Y1Squared); + + uint[] T = Nat224.Create(); + SecP224K1Field.Square(Y1Squared, T); + + uint[] M = Nat224.Create(); + SecP224K1Field.Square(X1.x, M); + c = Nat224.AddBothTo(M, M, M); + SecP224K1Field.Reduce32(c, M); + + uint[] S = Y1Squared; + SecP224K1Field.Multiply(Y1Squared, X1.x, S); + c = Nat.ShiftUpBits(7, S, 2, 0); + SecP224K1Field.Reduce32(c, S); + + uint[] t1 = Nat224.Create(); + c = Nat.ShiftUpBits(7, T, 3, 0, t1); + SecP224K1Field.Reduce32(c, t1); + + SecP224K1FieldElement X3 = new SecP224K1FieldElement(T); + SecP224K1Field.Square(M, X3.x); + SecP224K1Field.Subtract(X3.x, S, X3.x); + SecP224K1Field.Subtract(X3.x, S, X3.x); + + SecP224K1FieldElement Y3 = new SecP224K1FieldElement(S); + SecP224K1Field.Subtract(S, X3.x, Y3.x); + SecP224K1Field.Multiply(Y3.x, M, Y3.x); + SecP224K1Field.Subtract(Y3.x, t1, Y3.x); + + SecP224K1FieldElement Z3 = new SecP224K1FieldElement(M); + SecP224K1Field.Twice(Y1.x, Z3.x); + if (!Z1.IsOne) + { + SecP224K1Field.Multiply(Z3.x, Z1.x, Z3.x); + } + + return new SecP224K1Point(curve, X3, Y3, new ECFieldElement[] { Z3 }, IsCompressed); + } + + public override ECPoint TwicePlus(ECPoint b) + { + if (this == b) + return ThreeTimes(); + if (this.IsInfinity) + return b; + if (b.IsInfinity) + return Twice(); + + ECFieldElement Y1 = this.RawYCoord; + if (Y1.IsZero) + return b; + + return Twice().Add(b); + } + + public override ECPoint ThreeTimes() + { + if (this.IsInfinity || this.RawYCoord.IsZero) + return this; + + // NOTE: Be careful about recursions between TwicePlus and ThreeTimes + return Twice().Add(this); + } + + public override ECPoint Negate() + { + if (IsInfinity) + return this; + + return new SecP224K1Point(Curve, RawXCoord, RawYCoord.Negate(), RawZCoords, IsCompressed); + } + } +} diff --git a/BouncyCastle/crypto/src/math/ec/custom/sec/SecP224R1Curve.cs b/BouncyCastle/crypto/src/math/ec/custom/sec/SecP224R1Curve.cs new file mode 100644 index 0000000..8e79316 --- /dev/null +++ b/BouncyCastle/crypto/src/math/ec/custom/sec/SecP224R1Curve.cs @@ -0,0 +1,171 @@ +using System; + +using Org.BouncyCastle.Math.Raw; +using Org.BouncyCastle.Security; +using Org.BouncyCastle.Utilities.Encoders; + +namespace Org.BouncyCastle.Math.EC.Custom.Sec +{ + internal class SecP224R1Curve + : AbstractFpCurve + { + public static readonly BigInteger q = SecP224R1FieldElement.Q; + + private const int SECP224R1_DEFAULT_COORDS = COORD_JACOBIAN; + private const int SECP224R1_FE_INTS = 7; + private static readonly ECFieldElement[] SECP224R1_AFFINE_ZS = new ECFieldElement[] { new SecP224R1FieldElement(BigInteger.One) }; + + protected readonly SecP224R1Point m_infinity; + + public SecP224R1Curve() + : base(q) + { + this.m_infinity = new SecP224R1Point(this, null, null); + + this.m_a = FromBigInteger(new BigInteger(1, + Hex.DecodeStrict("FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFFFFFFFFFFFFFFFFFFFE"))); + this.m_b = FromBigInteger(new BigInteger(1, + Hex.DecodeStrict("B4050A850C04B3ABF54132565044B0B7D7BFD8BA270B39432355FFB4"))); + this.m_order = new BigInteger(1, Hex.DecodeStrict("FFFFFFFFFFFFFFFFFFFFFFFFFFFF16A2E0B8F03E13DD29455C5C2A3D")); + this.m_cofactor = BigInteger.One; + + this.m_coord = SECP224R1_DEFAULT_COORDS; + } + + protected override ECCurve CloneCurve() + { + return new SecP224R1Curve(); + } + + public override bool SupportsCoordinateSystem(int coord) + { + switch (coord) + { + case COORD_JACOBIAN: + return true; + default: + return false; + } + } + + public virtual BigInteger Q + { + get { return q; } + } + + public override ECPoint Infinity + { + get { return m_infinity; } + } + + public override int FieldSize + { + get { return q.BitLength; } + } + + public override ECFieldElement FromBigInteger(BigInteger x) + { + return new SecP224R1FieldElement(x); + } + + protected internal override ECPoint CreateRawPoint(ECFieldElement x, ECFieldElement y, bool withCompression) + { + return new SecP224R1Point(this, x, y, withCompression); + } + + protected internal override ECPoint CreateRawPoint(ECFieldElement x, ECFieldElement y, ECFieldElement[] zs, bool withCompression) + { + return new SecP224R1Point(this, x, y, zs, withCompression); + } + + public override ECLookupTable CreateCacheSafeLookupTable(ECPoint[] points, int off, int len) + { + uint[] table = new uint[len * SECP224R1_FE_INTS * 2]; + { + int pos = 0; + for (int i = 0; i < len; ++i) + { + ECPoint p = points[off + i]; + Nat224.Copy(((SecP224R1FieldElement)p.RawXCoord).x, 0, table, pos); pos += SECP224R1_FE_INTS; + Nat224.Copy(((SecP224R1FieldElement)p.RawYCoord).x, 0, table, pos); pos += SECP224R1_FE_INTS; + } + } + + return new SecP224R1LookupTable(this, table, len); + } + + public override ECFieldElement RandomFieldElement(SecureRandom r) + { + uint[] x = Nat224.Create(); + SecP224R1Field.Random(r, x); + return new SecP224R1FieldElement(x); + } + + public override ECFieldElement RandomFieldElementMult(SecureRandom r) + { + uint[] x = Nat224.Create(); + SecP224R1Field.RandomMult(r, x); + return new SecP224R1FieldElement(x); + } + + private class SecP224R1LookupTable + : AbstractECLookupTable + { + private readonly SecP224R1Curve m_outer; + private readonly uint[] m_table; + private readonly int m_size; + + internal SecP224R1LookupTable(SecP224R1Curve outer, uint[] table, int size) + { + this.m_outer = outer; + this.m_table = table; + this.m_size = size; + } + + public override int Size + { + get { return m_size; } + } + + public override ECPoint Lookup(int index) + { + uint[] x = Nat224.Create(), y = Nat224.Create(); + int pos = 0; + + for (int i = 0; i < m_size; ++i) + { + uint MASK = (uint)(((i ^ index) - 1) >> 31); + + for (int j = 0; j < SECP224R1_FE_INTS; ++j) + { + x[j] ^= m_table[pos + j] & MASK; + y[j] ^= m_table[pos + SECP224R1_FE_INTS + j] & MASK; + } + + pos += (SECP224R1_FE_INTS * 2); + } + + return CreatePoint(x, y); + } + + public override ECPoint LookupVar(int index) + { + uint[] x = Nat224.Create(), y = Nat224.Create(); + int pos = index * SECP224R1_FE_INTS * 2; + + for (int j = 0; j < SECP224R1_FE_INTS; ++j) + { + x[j] = m_table[pos + j]; + y[j] = m_table[pos + SECP224R1_FE_INTS + j]; + } + + return CreatePoint(x, y); + } + + private ECPoint CreatePoint(uint[] x, uint[] y) + { + return m_outer.CreateRawPoint(new SecP224R1FieldElement(x), new SecP224R1FieldElement(y), SECP224R1_AFFINE_ZS, false); + } + } + } +} diff --git a/BouncyCastle/crypto/src/math/ec/custom/sec/SecP224R1Field.cs b/BouncyCastle/crypto/src/math/ec/custom/sec/SecP224R1Field.cs new file mode 100644 index 0000000..242f8f3 --- /dev/null +++ b/BouncyCastle/crypto/src/math/ec/custom/sec/SecP224R1Field.cs @@ -0,0 +1,337 @@ +using System; +using System.Diagnostics; + +using Org.BouncyCastle.Crypto.Utilities; +using Org.BouncyCastle.Math.Raw; +using Org.BouncyCastle.Security; + +namespace Org.BouncyCastle.Math.EC.Custom.Sec +{ + internal class SecP224R1Field + { + // 2^224 - 2^96 + 1 + internal static readonly uint[] P = new uint[]{ 0x00000001, 0x00000000, 0x00000000, 0xFFFFFFFF, 0xFFFFFFFF, + 0xFFFFFFFF, 0xFFFFFFFF }; + private static readonly uint[] PExt = new uint[]{ 0x00000001, 0x00000000, 0x00000000, 0xFFFFFFFE, 0xFFFFFFFF, + 0xFFFFFFFF, 0x00000000, 0x00000002, 0x00000000, 0x00000000, 0xFFFFFFFE, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF + }; + private static readonly uint[] PExtInv = new uint[]{ 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0x00000001, + 0x00000000, 0x00000000, 0xFFFFFFFF, 0xFFFFFFFD, 0xFFFFFFFF, 0xFFFFFFFF, 0x00000001 }; + private const uint P6 = 0xFFFFFFFF; + private const uint PExt13 = 0xFFFFFFFF; + + public static void Add(uint[] x, uint[] y, uint[] z) + { + uint c = Nat224.Add(x, y, z); + if (c != 0 || (z[6] == P6 && Nat224.Gte(z, P))) + { + AddPInvTo(z); + } + } + + public static void AddExt(uint[] xx, uint[] yy, uint[] zz) + { + uint c = Nat.Add(14, xx, yy, zz); + if (c != 0 || (zz[13] == PExt13 && Nat.Gte(14, zz, PExt))) + { + if (Nat.AddTo(PExtInv.Length, PExtInv, zz) != 0) + { + Nat.IncAt(14, zz, PExtInv.Length); + } + } + } + + public static void AddOne(uint[] x, uint[] z) + { + uint c = Nat.Inc(7, x, z); + if (c != 0 || (z[6] == P6 && Nat224.Gte(z, P))) + { + AddPInvTo(z); + } + } + + public static uint[] FromBigInteger(BigInteger x) + { + uint[] z = Nat.FromBigInteger(224, x); + if (z[6] == P6 && Nat224.Gte(z, P)) + { + Nat224.SubFrom(P, z); + } + return z; + } + + public static void Half(uint[] x, uint[] z) + { + if ((x[0] & 1) == 0) + { + Nat.ShiftDownBit(7, x, 0, z); + } + else + { + uint c = Nat224.Add(x, P, z); + Nat.ShiftDownBit(7, z, c); + } + } + + public static void Inv(uint[] x, uint[] z) + { + Mod.CheckedModOddInverse(P, x, z); + } + + public static int IsZero(uint[] x) + { + uint d = 0; + for (int i = 0; i < 7; ++i) + { + d |= x[i]; + } + d = (d >> 1) | (d & 1); + return ((int)d - 1) >> 31; + } + + public static void Multiply(uint[] x, uint[] y, uint[] z) + { + uint[] tt = Nat224.CreateExt(); + Nat224.Mul(x, y, tt); + Reduce(tt, z); + } + + public static void MultiplyAddToExt(uint[] x, uint[] y, uint[] zz) + { + uint c = Nat224.MulAddTo(x, y, zz); + if (c != 0 || (zz[13] == PExt13 && Nat.Gte(14, zz, PExt))) + { + if (Nat.AddTo(PExtInv.Length, PExtInv, zz) != 0) + { + Nat.IncAt(14, zz, PExtInv.Length); + } + } + } + + public static void Negate(uint[] x, uint[] z) + { + if (0 != IsZero(x)) + { + Nat224.Sub(P, P, z); + } + else + { + Nat224.Sub(P, x, z); + } + } + + public static void Random(SecureRandom r, uint[] z) + { + byte[] bb = new byte[7 * 4]; + do + { + r.NextBytes(bb); + Pack.LE_To_UInt32(bb, 0, z, 0, 7); + } + while (0 == Nat.LessThan(7, z, P)); + } + + public static void RandomMult(SecureRandom r, uint[] z) + { + do + { + Random(r, z); + } + while (0 != IsZero(z)); + } + + public static void Reduce(uint[] xx, uint[] z) + { + long xx10 = xx[10], xx11 = xx[11], xx12 = xx[12], xx13 = xx[13]; + + const long n = 1; + + long t0 = (long)xx[7] + xx11 - n; + long t1 = (long)xx[8] + xx12; + long t2 = (long)xx[9] + xx13; + + long cc = 0; + cc += (long)xx[0] - t0; + long z0 = (uint)cc; + cc >>= 32; + cc += (long)xx[1] - t1; + z[1] = (uint)cc; + cc >>= 32; + cc += (long)xx[2] - t2; + z[2] = (uint)cc; + cc >>= 32; + cc += (long)xx[3] + t0 - xx10; + long z3 = (uint)cc; + cc >>= 32; + cc += (long)xx[4] + t1 - xx11; + z[4] = (uint)cc; + cc >>= 32; + cc += (long)xx[5] + t2 - xx12; + z[5] = (uint)cc; + cc >>= 32; + cc += (long)xx[6] + xx10 - xx13; + z[6] = (uint)cc; + cc >>= 32; + cc += n; + + Debug.Assert(cc >= 0); + + z3 += cc; + + z0 -= cc; + z[0] = (uint)z0; + cc = z0 >> 32; + if (cc != 0) + { + cc += (long)z[1]; + z[1] = (uint)cc; + cc >>= 32; + cc += (long)z[2]; + z[2] = (uint)cc; + z3 += cc >> 32; + } + z[3] = (uint)z3; + cc = z3 >> 32; + + Debug.Assert(cc == 0 || cc == 1); + + if ((cc != 0 && Nat.IncAt(7, z, 4) != 0) + || (z[6] == P6 && Nat224.Gte(z, P))) + { + AddPInvTo(z); + } + } + + public static void Reduce32(uint x, uint[] z) + { + long cc = 0; + + if (x != 0) + { + long xx07 = x; + + cc += (long)z[0] - xx07; + z[0] = (uint)cc; + cc >>= 32; + if (cc != 0) + { + cc += (long)z[1]; + z[1] = (uint)cc; + cc >>= 32; + cc += (long)z[2]; + z[2] = (uint)cc; + cc >>= 32; + } + cc += (long)z[3] + xx07; + z[3] = (uint)cc; + cc >>= 32; + + Debug.Assert(cc == 0 || cc == 1); + } + + if ((cc != 0 && Nat.IncAt(7, z, 4) != 0) + || (z[6] == P6 && Nat224.Gte(z, P))) + { + AddPInvTo(z); + } + } + + public static void Square(uint[] x, uint[] z) + { + uint[] tt = Nat224.CreateExt(); + Nat224.Square(x, tt); + Reduce(tt, z); + } + + public static void SquareN(uint[] x, int n, uint[] z) + { + Debug.Assert(n > 0); + + uint[] tt = Nat224.CreateExt(); + Nat224.Square(x, tt); + Reduce(tt, z); + + while (--n > 0) + { + Nat224.Square(z, tt); + Reduce(tt, z); + } + } + + public static void Subtract(uint[] x, uint[] y, uint[] z) + { + int c = Nat224.Sub(x, y, z); + if (c != 0) + { + SubPInvFrom(z); + } + } + + public static void SubtractExt(uint[] xx, uint[] yy, uint[] zz) + { + int c = Nat.Sub(14, xx, yy, zz); + if (c != 0) + { + if (Nat.SubFrom(PExtInv.Length, PExtInv, zz) != 0) + { + Nat.DecAt(14, zz, PExtInv.Length); + } + } + } + + public static void Twice(uint[] x, uint[] z) + { + uint c = Nat.ShiftUpBit(7, x, 0, z); + if (c != 0 || (z[6] == P6 && Nat224.Gte(z, P))) + { + AddPInvTo(z); + } + } + + private static void AddPInvTo(uint[] z) + { + long c = (long)z[0] - 1; + z[0] = (uint)c; + c >>= 32; + if (c != 0) + { + c += (long)z[1]; + z[1] = (uint)c; + c >>= 32; + c += (long)z[2]; + z[2] = (uint)c; + c >>= 32; + } + c += (long)z[3] + 1; + z[3] = (uint)c; + c >>= 32; + if (c != 0) + { + Nat.IncAt(7, z, 4); + } + } + + private static void SubPInvFrom(uint[] z) + { + long c = (long)z[0] + 1; + z[0] = (uint)c; + c >>= 32; + if (c != 0) + { + c += (long)z[1]; + z[1] = (uint)c; + c >>= 32; + c += (long)z[2]; + z[2] = (uint)c; + c >>= 32; + } + c += (long)z[3] - 1; + z[3] = (uint)c; + c >>= 32; + if (c != 0) + { + Nat.DecAt(7, z, 4); + } + } + } +} diff --git a/BouncyCastle/crypto/src/math/ec/custom/sec/SecP224R1FieldElement.cs b/BouncyCastle/crypto/src/math/ec/custom/sec/SecP224R1FieldElement.cs new file mode 100644 index 0000000..bb60eda --- /dev/null +++ b/BouncyCastle/crypto/src/math/ec/custom/sec/SecP224R1FieldElement.cs @@ -0,0 +1,271 @@ +using System; + +using Org.BouncyCastle.Math.Raw; +using Org.BouncyCastle.Utilities; +using Org.BouncyCastle.Utilities.Encoders; + +namespace Org.BouncyCastle.Math.EC.Custom.Sec +{ + internal class SecP224R1FieldElement + : AbstractFpFieldElement + { + public static readonly BigInteger Q = new BigInteger(1, + Hex.DecodeStrict("FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF000000000000000000000001")); + + protected internal readonly uint[] x; + + public SecP224R1FieldElement(BigInteger x) + { + if (x == null || x.SignValue < 0 || x.CompareTo(Q) >= 0) + throw new ArgumentException("value invalid for SecP224R1FieldElement", "x"); + + this.x = SecP224R1Field.FromBigInteger(x); + } + + public SecP224R1FieldElement() + { + this.x = Nat224.Create(); + } + + protected internal SecP224R1FieldElement(uint[] x) + { + this.x = x; + } + + public override bool IsZero + { + get { return Nat224.IsZero(x); } + } + + public override bool IsOne + { + get { return Nat224.IsOne(x); } + } + + public override bool TestBitZero() + { + return Nat224.GetBit(x, 0) == 1; + } + + public override BigInteger ToBigInteger() + { + return Nat224.ToBigInteger(x); + } + + public override string FieldName + { + get { return "SecP224R1Field"; } + } + + public override int FieldSize + { + get { return Q.BitLength; } + } + + public override ECFieldElement Add(ECFieldElement b) + { + uint[] z = Nat224.Create(); + SecP224R1Field.Add(x, ((SecP224R1FieldElement)b).x, z); + return new SecP224R1FieldElement(z); + } + + public override ECFieldElement AddOne() + { + uint[] z = Nat224.Create(); + SecP224R1Field.AddOne(x, z); + return new SecP224R1FieldElement(z); + } + + public override ECFieldElement Subtract(ECFieldElement b) + { + uint[] z = Nat224.Create(); + SecP224R1Field.Subtract(x, ((SecP224R1FieldElement)b).x, z); + return new SecP224R1FieldElement(z); + } + + public override ECFieldElement Multiply(ECFieldElement b) + { + uint[] z = Nat224.Create(); + SecP224R1Field.Multiply(x, ((SecP224R1FieldElement)b).x, z); + return new SecP224R1FieldElement(z); + } + + public override ECFieldElement Divide(ECFieldElement b) + { + //return Multiply(b.Invert()); + uint[] z = Nat224.Create(); + SecP224R1Field.Inv(((SecP224R1FieldElement)b).x, z); + SecP224R1Field.Multiply(z, x, z); + return new SecP224R1FieldElement(z); + } + + public override ECFieldElement Negate() + { + uint[] z = Nat224.Create(); + SecP224R1Field.Negate(x, z); + return new SecP224R1FieldElement(z); + } + + public override ECFieldElement Square() + { + uint[] z = Nat224.Create(); + SecP224R1Field.Square(x, z); + return new SecP224R1FieldElement(z); + } + + public override ECFieldElement Invert() + { + //return new SecP224R1FieldElement(ToBigInteger().ModInverse(Q)); + uint[] z = Nat224.Create(); + SecP224R1Field.Inv(x, z); + return new SecP224R1FieldElement(z); + } + + /** + * return a sqrt root - the routine verifies that the calculation returns the right value - if + * none exists it returns null. + */ + public override ECFieldElement Sqrt() + { + uint[] c = this.x; + if (Nat224.IsZero(c) || Nat224.IsOne(c)) + return this; + + uint[] nc = Nat224.Create(); + SecP224R1Field.Negate(c, nc); + + uint[] r = Mod.Random(SecP224R1Field.P); + uint[] t = Nat224.Create(); + + if (!IsSquare(c)) + return null; + + while (!TrySqrt(nc, r, t)) + { + SecP224R1Field.AddOne(r, r); + } + + SecP224R1Field.Square(t, r); + + return Nat224.Eq(c, r) ? new SecP224R1FieldElement(t) : null; + } + + public override bool Equals(object obj) + { + return Equals(obj as SecP224R1FieldElement); + } + + public override bool Equals(ECFieldElement other) + { + return Equals(other as SecP224R1FieldElement); + } + + public virtual bool Equals(SecP224R1FieldElement other) + { + if (this == other) + return true; + if (null == other) + return false; + return Nat224.Eq(x, other.x); + } + + public override int GetHashCode() + { + return Q.GetHashCode() ^ Arrays.GetHashCode(x, 0, 7); + } + + private static bool IsSquare(uint[] x) + { + uint[] t1 = Nat224.Create(); + uint[] t2 = Nat224.Create(); + Nat224.Copy(x, t1); + + for (int i = 0; i < 7; ++i) + { + Nat224.Copy(t1, t2); + SecP224R1Field.SquareN(t1, 1 << i, t1); + SecP224R1Field.Multiply(t1, t2, t1); + } + + SecP224R1Field.SquareN(t1, 95, t1); + return Nat224.IsOne(t1); + } + + private static void RM(uint[] nc, uint[] d0, uint[] e0, uint[] d1, uint[] e1, uint[] f1, uint[] t) + { + SecP224R1Field.Multiply(e1, e0, t); + SecP224R1Field.Multiply(t, nc, t); + SecP224R1Field.Multiply(d1, d0, f1); + SecP224R1Field.Add(f1, t, f1); + SecP224R1Field.Multiply(d1, e0, t); + Nat224.Copy(f1, d1); + SecP224R1Field.Multiply(e1, d0, e1); + SecP224R1Field.Add(e1, t, e1); + SecP224R1Field.Square(e1, f1); + SecP224R1Field.Multiply(f1, nc, f1); + } + + private static void RP(uint[] nc, uint[] d1, uint[] e1, uint[] f1, uint[] t) + { + Nat224.Copy(nc, f1); + + uint[] d0 = Nat224.Create(); + uint[] e0 = Nat224.Create(); + + for (int i = 0; i < 7; ++i) + { + Nat224.Copy(d1, d0); + Nat224.Copy(e1, e0); + + int j = 1 << i; + while (--j >= 0) + { + RS(d1, e1, f1, t); + } + + RM(nc, d0, e0, d1, e1, f1, t); + } + } + + private static void RS(uint[] d, uint[] e, uint[] f, uint[] t) + { + SecP224R1Field.Multiply(e, d, e); + SecP224R1Field.Twice(e, e); + SecP224R1Field.Square(d, t); + SecP224R1Field.Add(f, t, d); + SecP224R1Field.Multiply(f, t, f); + uint c = Nat.ShiftUpBits(7, f, 2, 0); + SecP224R1Field.Reduce32(c, f); + } + + private static bool TrySqrt(uint[] nc, uint[] r, uint[] t) + { + uint[] d1 = Nat224.Create(); + Nat224.Copy(r, d1); + uint[] e1 = Nat224.Create(); + e1[0] = 1; + uint[] f1 = Nat224.Create(); + RP(nc, d1, e1, f1, t); + + uint[] d0 = Nat224.Create(); + uint[] e0 = Nat224.Create(); + + for (int k = 1; k < 96; ++k) + { + Nat224.Copy(d1, d0); + Nat224.Copy(e1, e0); + + RS(d1, e1, f1, t); + + if (Nat224.IsZero(d1)) + { + SecP224R1Field.Inv(e0, t); + SecP224R1Field.Multiply(t, d0, t); + return true; + } + } + + return false; + } + } +} diff --git a/BouncyCastle/crypto/src/math/ec/custom/sec/SecP224R1Point.cs b/BouncyCastle/crypto/src/math/ec/custom/sec/SecP224R1Point.cs new file mode 100644 index 0000000..73c4f19 --- /dev/null +++ b/BouncyCastle/crypto/src/math/ec/custom/sec/SecP224R1Point.cs @@ -0,0 +1,279 @@ +using System; + +using Org.BouncyCastle.Math.Raw; + +namespace Org.BouncyCastle.Math.EC.Custom.Sec +{ + internal class SecP224R1Point + : AbstractFpPoint + { + /** + * Create a point which encodes with point compression. + * + * @param curve + * the curve to use + * @param x + * affine x co-ordinate + * @param y + * affine y co-ordinate + * + * @deprecated Use ECCurve.createPoint to construct points + */ + public SecP224R1Point(ECCurve curve, ECFieldElement x, ECFieldElement y) + : this(curve, x, y, false) + { + } + + /** + * Create a point that encodes with or without point compresion. + * + * @param curve + * the curve to use + * @param x + * affine x co-ordinate + * @param y + * affine y co-ordinate + * @param withCompression + * if true encode with point compression + * + * @deprecated per-point compression property will be removed, refer + * {@link #getEncoded(bool)} + */ + public SecP224R1Point(ECCurve curve, ECFieldElement x, ECFieldElement y, bool withCompression) + : base(curve, x, y, withCompression) + { + if ((x == null) != (y == null)) + throw new ArgumentException("Exactly one of the field elements is null"); + } + + internal SecP224R1Point(ECCurve curve, ECFieldElement x, ECFieldElement y, ECFieldElement[] zs, bool withCompression) + : base(curve, x, y, zs, withCompression) + { + } + + protected override ECPoint Detach() + { + return new SecP224R1Point(null, AffineXCoord, AffineYCoord); + } + + public override ECPoint Add(ECPoint b) + { + if (this.IsInfinity) + return b; + if (b.IsInfinity) + return this; + if (this == b) + return Twice(); + + ECCurve curve = this.Curve; + + SecP224R1FieldElement X1 = (SecP224R1FieldElement)this.RawXCoord, Y1 = (SecP224R1FieldElement)this.RawYCoord; + SecP224R1FieldElement X2 = (SecP224R1FieldElement)b.RawXCoord, Y2 = (SecP224R1FieldElement)b.RawYCoord; + + SecP224R1FieldElement Z1 = (SecP224R1FieldElement)this.RawZCoords[0]; + SecP224R1FieldElement Z2 = (SecP224R1FieldElement)b.RawZCoords[0]; + + uint c; + uint[] tt1 = Nat224.CreateExt(); + uint[] t2 = Nat224.Create(); + uint[] t3 = Nat224.Create(); + uint[] t4 = Nat224.Create(); + + bool Z1IsOne = Z1.IsOne; + uint[] U2, S2; + if (Z1IsOne) + { + U2 = X2.x; + S2 = Y2.x; + } + else + { + S2 = t3; + SecP224R1Field.Square(Z1.x, S2); + + U2 = t2; + SecP224R1Field.Multiply(S2, X2.x, U2); + + SecP224R1Field.Multiply(S2, Z1.x, S2); + SecP224R1Field.Multiply(S2, Y2.x, S2); + } + + bool Z2IsOne = Z2.IsOne; + uint[] U1, S1; + if (Z2IsOne) + { + U1 = X1.x; + S1 = Y1.x; + } + else + { + S1 = t4; + SecP224R1Field.Square(Z2.x, S1); + + U1 = tt1; + SecP224R1Field.Multiply(S1, X1.x, U1); + + SecP224R1Field.Multiply(S1, Z2.x, S1); + SecP224R1Field.Multiply(S1, Y1.x, S1); + } + + uint[] H = Nat224.Create(); + SecP224R1Field.Subtract(U1, U2, H); + + uint[] R = t2; + SecP224R1Field.Subtract(S1, S2, R); + + // Check if b == this or b == -this + if (Nat224.IsZero(H)) + { + if (Nat224.IsZero(R)) + { + // this == b, i.e. this must be doubled + return this.Twice(); + } + + // this == -b, i.e. the result is the point at infinity + return curve.Infinity; + } + + uint[] HSquared = t3; + SecP224R1Field.Square(H, HSquared); + + uint[] G = Nat224.Create(); + SecP224R1Field.Multiply(HSquared, H, G); + + uint[] V = t3; + SecP224R1Field.Multiply(HSquared, U1, V); + + SecP224R1Field.Negate(G, G); + Nat224.Mul(S1, G, tt1); + + c = Nat224.AddBothTo(V, V, G); + SecP224R1Field.Reduce32(c, G); + + SecP224R1FieldElement X3 = new SecP224R1FieldElement(t4); + SecP224R1Field.Square(R, X3.x); + SecP224R1Field.Subtract(X3.x, G, X3.x); + + SecP224R1FieldElement Y3 = new SecP224R1FieldElement(G); + SecP224R1Field.Subtract(V, X3.x, Y3.x); + SecP224R1Field.MultiplyAddToExt(Y3.x, R, tt1); + SecP224R1Field.Reduce(tt1, Y3.x); + + SecP224R1FieldElement Z3 = new SecP224R1FieldElement(H); + if (!Z1IsOne) + { + SecP224R1Field.Multiply(Z3.x, Z1.x, Z3.x); + } + if (!Z2IsOne) + { + SecP224R1Field.Multiply(Z3.x, Z2.x, Z3.x); + } + + ECFieldElement[] zs = new ECFieldElement[] { Z3 }; + + return new SecP224R1Point(curve, X3, Y3, zs, IsCompressed); + } + + public override ECPoint Twice() + { + if (this.IsInfinity) + return this; + + ECCurve curve = this.Curve; + + SecP224R1FieldElement Y1 = (SecP224R1FieldElement)this.RawYCoord; + if (Y1.IsZero) + return curve.Infinity; + + SecP224R1FieldElement X1 = (SecP224R1FieldElement)this.RawXCoord, Z1 = (SecP224R1FieldElement)this.RawZCoords[0]; + + uint c; + uint[] t1 = Nat224.Create(); + uint[] t2 = Nat224.Create(); + + uint[] Y1Squared = Nat224.Create(); + SecP224R1Field.Square(Y1.x, Y1Squared); + + uint[] T = Nat224.Create(); + SecP224R1Field.Square(Y1Squared, T); + + bool Z1IsOne = Z1.IsOne; + + uint[] Z1Squared = Z1.x; + if (!Z1IsOne) + { + Z1Squared = t2; + SecP224R1Field.Square(Z1.x, Z1Squared); + } + + SecP224R1Field.Subtract(X1.x, Z1Squared, t1); + + uint[] M = t2; + SecP224R1Field.Add(X1.x, Z1Squared, M); + SecP224R1Field.Multiply(M, t1, M); + c = Nat224.AddBothTo(M, M, M); + SecP224R1Field.Reduce32(c, M); + + uint[] S = Y1Squared; + SecP224R1Field.Multiply(Y1Squared, X1.x, S); + c = Nat.ShiftUpBits(7, S, 2, 0); + SecP224R1Field.Reduce32(c, S); + + c = Nat.ShiftUpBits(7, T, 3, 0, t1); + SecP224R1Field.Reduce32(c, t1); + + SecP224R1FieldElement X3 = new SecP224R1FieldElement(T); + SecP224R1Field.Square(M, X3.x); + SecP224R1Field.Subtract(X3.x, S, X3.x); + SecP224R1Field.Subtract(X3.x, S, X3.x); + + SecP224R1FieldElement Y3 = new SecP224R1FieldElement(S); + SecP224R1Field.Subtract(S, X3.x, Y3.x); + SecP224R1Field.Multiply(Y3.x, M, Y3.x); + SecP224R1Field.Subtract(Y3.x, t1, Y3.x); + + SecP224R1FieldElement Z3 = new SecP224R1FieldElement(M); + SecP224R1Field.Twice(Y1.x, Z3.x); + if (!Z1IsOne) + { + SecP224R1Field.Multiply(Z3.x, Z1.x, Z3.x); + } + + return new SecP224R1Point(curve, X3, Y3, new ECFieldElement[] { Z3 }, IsCompressed); + } + + public override ECPoint TwicePlus(ECPoint b) + { + if (this == b) + return ThreeTimes(); + if (this.IsInfinity) + return b; + if (b.IsInfinity) + return Twice(); + + ECFieldElement Y1 = this.RawYCoord; + if (Y1.IsZero) + return b; + + return Twice().Add(b); + } + + public override ECPoint ThreeTimes() + { + if (this.IsInfinity || this.RawYCoord.IsZero) + return this; + + // NOTE: Be careful about recursions between TwicePlus and ThreeTimes + return Twice().Add(this); + } + + public override ECPoint Negate() + { + if (IsInfinity) + return this; + + return new SecP224R1Point(Curve, RawXCoord, RawYCoord.Negate(), RawZCoords, IsCompressed); + } + } +} diff --git a/BouncyCastle/crypto/src/math/ec/custom/sec/SecP256K1Curve.cs b/BouncyCastle/crypto/src/math/ec/custom/sec/SecP256K1Curve.cs new file mode 100644 index 0000000..123305c --- /dev/null +++ b/BouncyCastle/crypto/src/math/ec/custom/sec/SecP256K1Curve.cs @@ -0,0 +1,168 @@ +using System; + +using Org.BouncyCastle.Math.Raw; +using Org.BouncyCastle.Security; +using Org.BouncyCastle.Utilities.Encoders; + +namespace Org.BouncyCastle.Math.EC.Custom.Sec +{ + internal class SecP256K1Curve + : AbstractFpCurve + { + public static readonly BigInteger q = SecP256K1FieldElement.Q; + + private const int SECP256K1_DEFAULT_COORDS = COORD_JACOBIAN; + private const int SECP256K1_FE_INTS = 8; + private static readonly ECFieldElement[] SECP256K1_AFFINE_ZS = new ECFieldElement[] { new SecP256K1FieldElement(BigInteger.One) }; + + protected readonly SecP256K1Point m_infinity; + + public SecP256K1Curve() + : base(q) + { + this.m_infinity = new SecP256K1Point(this, null, null); + + this.m_a = FromBigInteger(BigInteger.Zero); + this.m_b = FromBigInteger(BigInteger.ValueOf(7)); + this.m_order = new BigInteger(1, Hex.DecodeStrict("FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEBAAEDCE6AF48A03BBFD25E8CD0364141")); + this.m_cofactor = BigInteger.One; + this.m_coord = SECP256K1_DEFAULT_COORDS; + } + + protected override ECCurve CloneCurve() + { + return new SecP256K1Curve(); + } + + public override bool SupportsCoordinateSystem(int coord) + { + switch (coord) + { + case COORD_JACOBIAN: + return true; + default: + return false; + } + } + + public virtual BigInteger Q + { + get { return q; } + } + + public override ECPoint Infinity + { + get { return m_infinity; } + } + + public override int FieldSize + { + get { return q.BitLength; } + } + + public override ECFieldElement FromBigInteger(BigInteger x) + { + return new SecP256K1FieldElement(x); + } + + protected internal override ECPoint CreateRawPoint(ECFieldElement x, ECFieldElement y, bool withCompression) + { + return new SecP256K1Point(this, x, y, withCompression); + } + + protected internal override ECPoint CreateRawPoint(ECFieldElement x, ECFieldElement y, ECFieldElement[] zs, bool withCompression) + { + return new SecP256K1Point(this, x, y, zs, withCompression); + } + + public override ECLookupTable CreateCacheSafeLookupTable(ECPoint[] points, int off, int len) + { + uint[] table = new uint[len * SECP256K1_FE_INTS * 2]; + { + int pos = 0; + for (int i = 0; i < len; ++i) + { + ECPoint p = points[off + i]; + Nat256.Copy(((SecP256K1FieldElement)p.RawXCoord).x, 0, table, pos); pos += SECP256K1_FE_INTS; + Nat256.Copy(((SecP256K1FieldElement)p.RawYCoord).x, 0, table, pos); pos += SECP256K1_FE_INTS; + } + } + + return new SecP256K1LookupTable(this, table, len); + } + + public override ECFieldElement RandomFieldElement(SecureRandom r) + { + uint[] x = Nat256.Create(); + SecP256K1Field.Random(r, x); + return new SecP256K1FieldElement(x); + } + + public override ECFieldElement RandomFieldElementMult(SecureRandom r) + { + uint[] x = Nat256.Create(); + SecP256K1Field.RandomMult(r, x); + return new SecP256K1FieldElement(x); + } + + private class SecP256K1LookupTable + : AbstractECLookupTable + { + private readonly SecP256K1Curve m_outer; + private readonly uint[] m_table; + private readonly int m_size; + + internal SecP256K1LookupTable(SecP256K1Curve outer, uint[] table, int size) + { + this.m_outer = outer; + this.m_table = table; + this.m_size = size; + } + + public override int Size + { + get { return m_size; } + } + + public override ECPoint Lookup(int index) + { + uint[] x = Nat256.Create(), y = Nat256.Create(); + int pos = 0; + + for (int i = 0; i < m_size; ++i) + { + uint MASK = (uint)(((i ^ index) - 1) >> 31); + + for (int j = 0; j < SECP256K1_FE_INTS; ++j) + { + x[j] ^= m_table[pos + j] & MASK; + y[j] ^= m_table[pos + SECP256K1_FE_INTS + j] & MASK; + } + + pos += (SECP256K1_FE_INTS * 2); + } + + return CreatePoint(x, y); + } + + public override ECPoint LookupVar(int index) + { + uint[] x = Nat256.Create(), y = Nat256.Create(); + int pos = index * SECP256K1_FE_INTS * 2; + + for (int j = 0; j < SECP256K1_FE_INTS; ++j) + { + x[j] = m_table[pos + j]; + y[j] = m_table[pos + SECP256K1_FE_INTS + j]; + } + + return CreatePoint(x, y); + } + + private ECPoint CreatePoint(uint[] x, uint[] y) + { + return m_outer.CreateRawPoint(new SecP256K1FieldElement(x), new SecP256K1FieldElement(y), SECP256K1_AFFINE_ZS, false); + } + } + } +} diff --git a/BouncyCastle/crypto/src/math/ec/custom/sec/SecP256K1Field.cs b/BouncyCastle/crypto/src/math/ec/custom/sec/SecP256K1Field.cs new file mode 100644 index 0000000..a065ee7 --- /dev/null +++ b/BouncyCastle/crypto/src/math/ec/custom/sec/SecP256K1Field.cs @@ -0,0 +1,244 @@ +using System; +using System.Diagnostics; + +using Org.BouncyCastle.Crypto.Utilities; +using Org.BouncyCastle.Math.Raw; +using Org.BouncyCastle.Security; + +namespace Org.BouncyCastle.Math.EC.Custom.Sec +{ + internal class SecP256K1Field + { + // 2^256 - 2^32 - 2^9 - 2^8 - 2^7 - 2^6 - 2^4 - 1 + internal static readonly uint[] P = new uint[]{ 0xFFFFFC2F, 0xFFFFFFFE, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, + 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF }; + private static readonly uint[] PExt = new uint[]{ 0x000E90A1, 0x000007A2, 0x00000001, 0x00000000, 0x00000000, + 0x00000000, 0x00000000, 0x00000000, 0xFFFFF85E, 0xFFFFFFFD, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, + 0xFFFFFFFF, 0xFFFFFFFF }; + private static readonly uint[] PExtInv = new uint[]{ 0xFFF16F5F, 0xFFFFF85D, 0xFFFFFFFE, 0xFFFFFFFF, + 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0x000007A1, 0x00000002 }; + private const uint P7 = 0xFFFFFFFF; + private const uint PExt15 = 0xFFFFFFFF; + private const uint PInv33 = 0x3D1; + + public static void Add(uint[] x, uint[] y, uint[] z) + { + uint c = Nat256.Add(x, y, z); + if (c != 0 || (z[7] == P7 && Nat256.Gte(z, P))) + { + Nat.Add33To(8, PInv33, z); + } + } + + public static void AddExt(uint[] xx, uint[] yy, uint[] zz) + { + uint c = Nat.Add(16, xx, yy, zz); + if (c != 0 || (zz[15] == PExt15 && Nat.Gte(16, zz, PExt))) + { + if (Nat.AddTo(PExtInv.Length, PExtInv, zz) != 0) + { + Nat.IncAt(16, zz, PExtInv.Length); + } + } + } + + public static void AddOne(uint[] x, uint[] z) + { + uint c = Nat.Inc(8, x, z); + if (c != 0 || (z[7] == P7 && Nat256.Gte(z, P))) + { + Nat.Add33To(8, PInv33, z); + } + } + + public static uint[] FromBigInteger(BigInteger x) + { + uint[] z = Nat.FromBigInteger(256, x); + if (z[7] == P7 && Nat256.Gte(z, P)) + { + Nat256.SubFrom(P, z); + } + return z; + } + + public static void Half(uint[] x, uint[] z) + { + if ((x[0] & 1) == 0) + { + Nat.ShiftDownBit(8, x, 0, z); + } + else + { + uint c = Nat256.Add(x, P, z); + Nat.ShiftDownBit(8, z, c); + } + } + + public static void Inv(uint[] x, uint[] z) + { + Mod.CheckedModOddInverse(P, x, z); + } + + public static int IsZero(uint[] x) + { + uint d = 0; + for (int i = 0; i < 8; ++i) + { + d |= x[i]; + } + d = (d >> 1) | (d & 1); + return ((int)d - 1) >> 31; + } + + public static void Multiply(uint[] x, uint[] y, uint[] z) + { + uint[] tt = Nat256.CreateExt(); + Nat256.Mul(x, y, tt); + Reduce(tt, z); + } + + public static void Multiply(uint[] x, uint[] y, uint[] z, uint[] tt) + { + Nat256.Mul(x, y, tt); + Reduce(tt, z); + } + + public static void MultiplyAddToExt(uint[] x, uint[] y, uint[] zz) + { + uint c = Nat256.MulAddTo(x, y, zz); + if (c != 0 || (zz[15] == PExt15 && Nat.Gte(16, zz, PExt))) + { + if (Nat.AddTo(PExtInv.Length, PExtInv, zz) != 0) + { + Nat.IncAt(16, zz, PExtInv.Length); + } + } + } + + public static void Negate(uint[] x, uint[] z) + { + if (0 != IsZero(x)) + { + Nat256.Sub(P, P, z); + } + else + { + Nat256.Sub(P, x, z); + } + } + + public static void Random(SecureRandom r, uint[] z) + { + byte[] bb = new byte[8 * 4]; + do + { + r.NextBytes(bb); + Pack.LE_To_UInt32(bb, 0, z, 0, 8); + } + while (0 == Nat.LessThan(8, z, P)); + } + + public static void RandomMult(SecureRandom r, uint[] z) + { + do + { + Random(r, z); + } + while (0 != IsZero(z)); + } + + public static void Reduce(uint[] xx, uint[] z) + { + ulong cc = Nat256.Mul33Add(PInv33, xx, 8, xx, 0, z, 0); + uint c = Nat256.Mul33DWordAdd(PInv33, cc, z, 0); + + Debug.Assert(c == 0 || c == 1); + + if (c != 0 || (z[7] == P7 && Nat256.Gte(z, P))) + { + Nat.Add33To(8, PInv33, z); + } + } + + public static void Reduce32(uint x, uint[] z) + { + if ((x != 0 && Nat256.Mul33WordAdd(PInv33, x, z, 0) != 0) + || (z[7] == P7 && Nat256.Gte(z, P))) + { + Nat.Add33To(8, PInv33, z); + } + } + + public static void Square(uint[] x, uint[] z) + { + uint[] tt = Nat256.CreateExt(); + Nat256.Square(x, tt); + Reduce(tt, z); + } + + public static void Square(uint[] x, uint[] z, uint[] tt) + { + Nat256.Square(x, tt); + Reduce(tt, z); + } + + public static void SquareN(uint[] x, int n, uint[] z) + { + Debug.Assert(n > 0); + + uint[] tt = Nat256.CreateExt(); + Nat256.Square(x, tt); + Reduce(tt, z); + + while (--n > 0) + { + Nat256.Square(z, tt); + Reduce(tt, z); + } + } + + public static void SquareN(uint[] x, int n, uint[] z, uint[] tt) + { + Debug.Assert(n > 0); + + Nat256.Square(x, tt); + Reduce(tt, z); + + while (--n > 0) + { + Nat256.Square(z, tt); + Reduce(tt, z); + } + } + + public static void Subtract(uint[] x, uint[] y, uint[] z) + { + int c = Nat256.Sub(x, y, z); + if (c != 0) + { + Nat.Sub33From(8, PInv33, z); + } + } + + public static void SubtractExt(uint[] xx, uint[] yy, uint[] zz) + { + int c = Nat.Sub(16, xx, yy, zz); + if (c != 0) + { + if (Nat.SubFrom(PExtInv.Length, PExtInv, zz) != 0) + { + Nat.DecAt(16, zz, PExtInv.Length); + } + } + } + + public static void Twice(uint[] x, uint[] z) + { + uint c = Nat.ShiftUpBit(8, x, 0, z); + if (c != 0 || (z[7] == P7 && Nat256.Gte(z, P))) + { + Nat.Add33To(8, PInv33, z); + } + } + } +} diff --git a/BouncyCastle/crypto/src/math/ec/custom/sec/SecP256K1FieldElement.cs b/BouncyCastle/crypto/src/math/ec/custom/sec/SecP256K1FieldElement.cs new file mode 100644 index 0000000..2bb83d5 --- /dev/null +++ b/BouncyCastle/crypto/src/math/ec/custom/sec/SecP256K1FieldElement.cs @@ -0,0 +1,217 @@ +using System; + +using Org.BouncyCastle.Math.Raw; +using Org.BouncyCastle.Utilities; +using Org.BouncyCastle.Utilities.Encoders; + +namespace Org.BouncyCastle.Math.EC.Custom.Sec +{ + internal class SecP256K1FieldElement + : AbstractFpFieldElement + { + public static readonly BigInteger Q = new BigInteger(1, + Hex.DecodeStrict("FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFC2F")); + + protected internal readonly uint[] x; + + public SecP256K1FieldElement(BigInteger x) + { + if (x == null || x.SignValue < 0 || x.CompareTo(Q) >= 0) + throw new ArgumentException("value invalid for SecP256K1FieldElement", "x"); + + this.x = SecP256K1Field.FromBigInteger(x); + } + + public SecP256K1FieldElement() + { + this.x = Nat256.Create(); + } + + protected internal SecP256K1FieldElement(uint[] x) + { + this.x = x; + } + + public override bool IsZero + { + get { return Nat256.IsZero(x); } + } + + public override bool IsOne + { + get { return Nat256.IsOne(x); } + } + + public override bool TestBitZero() + { + return Nat256.GetBit(x, 0) == 1; + } + + public override BigInteger ToBigInteger() + { + return Nat256.ToBigInteger(x); + } + + public override string FieldName + { + get { return "SecP256K1Field"; } + } + + public override int FieldSize + { + get { return Q.BitLength; } + } + + public override ECFieldElement Add(ECFieldElement b) + { + uint[] z = Nat256.Create(); + SecP256K1Field.Add(x, ((SecP256K1FieldElement)b).x, z); + return new SecP256K1FieldElement(z); + } + + public override ECFieldElement AddOne() + { + uint[] z = Nat256.Create(); + SecP256K1Field.AddOne(x, z); + return new SecP256K1FieldElement(z); + } + + public override ECFieldElement Subtract(ECFieldElement b) + { + uint[] z = Nat256.Create(); + SecP256K1Field.Subtract(x, ((SecP256K1FieldElement)b).x, z); + return new SecP256K1FieldElement(z); + } + + public override ECFieldElement Multiply(ECFieldElement b) + { + uint[] z = Nat256.Create(); + SecP256K1Field.Multiply(x, ((SecP256K1FieldElement)b).x, z); + return new SecP256K1FieldElement(z); + } + + public override ECFieldElement Divide(ECFieldElement b) + { + //return Multiply(b.Invert()); + uint[] z = Nat256.Create(); + SecP256K1Field.Inv(((SecP256K1FieldElement)b).x, z); + SecP256K1Field.Multiply(z, x, z); + return new SecP256K1FieldElement(z); + } + + public override ECFieldElement Negate() + { + uint[] z = Nat256.Create(); + SecP256K1Field.Negate(x, z); + return new SecP256K1FieldElement(z); + } + + public override ECFieldElement Square() + { + uint[] z = Nat256.Create(); + SecP256K1Field.Square(x, z); + return new SecP256K1FieldElement(z); + } + + public override ECFieldElement Invert() + { + //return new SecP256K1FieldElement(ToBigInteger().ModInverse(Q)); + uint[] z = Nat256.Create(); + SecP256K1Field.Inv(x, z); + return new SecP256K1FieldElement(z); + } + + /** + * return a sqrt root - the routine verifies that the calculation returns the right value - if + * none exists it returns null. + */ + public override ECFieldElement Sqrt() + { + /* + * Raise this element to the exponent 2^254 - 2^30 - 2^7 - 2^6 - 2^5 - 2^4 - 2^2 + * + * Breaking up the exponent's binary representation into "repunits", we get: + * { 223 1s } { 1 0s } { 22 1s } { 4 0s } { 2 1s } { 2 0s} + * + * Therefore we need an addition chain containing 2, 22, 223 (the lengths of the repunits) + * We use: 1, [2], 3, 6, 9, 11, [22], 44, 88, 176, 220, [223] + */ + + uint[] x1 = this.x; + if (Nat256.IsZero(x1) || Nat256.IsOne(x1)) + return this; + + uint[] tt0 = Nat256.CreateExt(); + + uint[] x2 = Nat256.Create(); + SecP256K1Field.Square(x1, x2, tt0); + SecP256K1Field.Multiply(x2, x1, x2, tt0); + uint[] x3 = Nat256.Create(); + SecP256K1Field.Square(x2, x3, tt0); + SecP256K1Field.Multiply(x3, x1, x3, tt0); + uint[] x6 = Nat256.Create(); + SecP256K1Field.SquareN(x3, 3, x6, tt0); + SecP256K1Field.Multiply(x6, x3, x6, tt0); + uint[] x9 = x6; + SecP256K1Field.SquareN(x6, 3, x9, tt0); + SecP256K1Field.Multiply(x9, x3, x9, tt0); + uint[] x11 = x9; + SecP256K1Field.SquareN(x9, 2, x11, tt0); + SecP256K1Field.Multiply(x11, x2, x11, tt0); + uint[] x22 = Nat256.Create(); + SecP256K1Field.SquareN(x11, 11, x22, tt0); + SecP256K1Field.Multiply(x22, x11, x22, tt0); + uint[] x44 = x11; + SecP256K1Field.SquareN(x22, 22, x44, tt0); + SecP256K1Field.Multiply(x44, x22, x44, tt0); + uint[] x88 = Nat256.Create(); + SecP256K1Field.SquareN(x44, 44, x88, tt0); + SecP256K1Field.Multiply(x88, x44, x88, tt0); + uint[] x176 = Nat256.Create(); + SecP256K1Field.SquareN(x88, 88, x176, tt0); + SecP256K1Field.Multiply(x176, x88, x176, tt0); + uint[] x220 = x88; + SecP256K1Field.SquareN(x176, 44, x220, tt0); + SecP256K1Field.Multiply(x220, x44, x220, tt0); + uint[] x223 = x44; + SecP256K1Field.SquareN(x220, 3, x223, tt0); + SecP256K1Field.Multiply(x223, x3, x223, tt0); + + uint[] t1 = x223; + SecP256K1Field.SquareN(t1, 23, t1, tt0); + SecP256K1Field.Multiply(t1, x22, t1, tt0); + SecP256K1Field.SquareN(t1, 6, t1, tt0); + SecP256K1Field.Multiply(t1, x2, t1, tt0); + SecP256K1Field.SquareN(t1, 2, t1, tt0); + + uint[] t2 = x2; + SecP256K1Field.Square(t1, t2, tt0); + + return Nat256.Eq(x1, t2) ? new SecP256K1FieldElement(t1) : null; + } + + public override bool Equals(object obj) + { + return Equals(obj as SecP256K1FieldElement); + } + + public override bool Equals(ECFieldElement other) + { + return Equals(other as SecP256K1FieldElement); + } + + public virtual bool Equals(SecP256K1FieldElement other) + { + if (this == other) + return true; + if (null == other) + return false; + return Nat256.Eq(x, other.x); + } + + public override int GetHashCode() + { + return Q.GetHashCode() ^ Arrays.GetHashCode(x, 0, 8); + } + } +} diff --git a/BouncyCastle/crypto/src/math/ec/custom/sec/SecP256K1Point.cs b/BouncyCastle/crypto/src/math/ec/custom/sec/SecP256K1Point.cs new file mode 100644 index 0000000..689be01 --- /dev/null +++ b/BouncyCastle/crypto/src/math/ec/custom/sec/SecP256K1Point.cs @@ -0,0 +1,269 @@ +using System; + +using Org.BouncyCastle.Math.Raw; + +namespace Org.BouncyCastle.Math.EC.Custom.Sec +{ + internal class SecP256K1Point + : AbstractFpPoint + { + /** + * Create a point which encodes with point compression. + * + * @param curve + * the curve to use + * @param x + * affine x co-ordinate + * @param y + * affine y co-ordinate + * + * @deprecated Use ECCurve.createPoint to construct points + */ + public SecP256K1Point(ECCurve curve, ECFieldElement x, ECFieldElement y) + : this(curve, x, y, false) + { + } + + /** + * Create a point that encodes with or without point compresion. + * + * @param curve + * the curve to use + * @param x + * affine x co-ordinate + * @param y + * affine y co-ordinate + * @param withCompression + * if true encode with point compression + * + * @deprecated per-point compression property will be removed, refer + * {@link #getEncoded(bool)} + */ + public SecP256K1Point(ECCurve curve, ECFieldElement x, ECFieldElement y, bool withCompression) + : base(curve, x, y, withCompression) + { + if ((x == null) != (y == null)) + throw new ArgumentException("Exactly one of the field elements is null"); + } + + internal SecP256K1Point(ECCurve curve, ECFieldElement x, ECFieldElement y, ECFieldElement[] zs, + bool withCompression) + : base(curve, x, y, zs, withCompression) + { + } + + protected override ECPoint Detach() + { + return new SecP256K1Point(null, AffineXCoord, AffineYCoord); + } + + public override ECPoint Add(ECPoint b) + { + if (this.IsInfinity) + return b; + if (b.IsInfinity) + return this; + if (this == b) + return Twice(); + + ECCurve curve = this.Curve; + + SecP256K1FieldElement X1 = (SecP256K1FieldElement)this.RawXCoord, Y1 = (SecP256K1FieldElement)this.RawYCoord; + SecP256K1FieldElement X2 = (SecP256K1FieldElement)b.RawXCoord, Y2 = (SecP256K1FieldElement)b.RawYCoord; + + SecP256K1FieldElement Z1 = (SecP256K1FieldElement)this.RawZCoords[0]; + SecP256K1FieldElement Z2 = (SecP256K1FieldElement)b.RawZCoords[0]; + + uint c; + uint[] tt0 = Nat256.CreateExt(); + uint[] tt1 = Nat256.CreateExt(); + uint[] t2 = Nat256.Create(); + uint[] t3 = Nat256.Create(); + uint[] t4 = Nat256.Create(); + + bool Z1IsOne = Z1.IsOne; + uint[] U2, S2; + if (Z1IsOne) + { + U2 = X2.x; + S2 = Y2.x; + } + else + { + S2 = t3; + SecP256K1Field.Square(Z1.x, S2, tt0); + + U2 = t2; + SecP256K1Field.Multiply(S2, X2.x, U2, tt0); + + SecP256K1Field.Multiply(S2, Z1.x, S2, tt0); + SecP256K1Field.Multiply(S2, Y2.x, S2, tt0); + } + + bool Z2IsOne = Z2.IsOne; + uint[] U1, S1; + if (Z2IsOne) + { + U1 = X1.x; + S1 = Y1.x; + } + else + { + S1 = t4; + SecP256K1Field.Square(Z2.x, S1, tt0); + + U1 = tt1; + SecP256K1Field.Multiply(S1, X1.x, U1, tt0); + + SecP256K1Field.Multiply(S1, Z2.x, S1, tt0); + SecP256K1Field.Multiply(S1, Y1.x, S1, tt0); + } + + uint[] H = Nat256.Create(); + SecP256K1Field.Subtract(U1, U2, H); + + uint[] R = t2; + SecP256K1Field.Subtract(S1, S2, R); + + // Check if b == this or b == -this + if (Nat256.IsZero(H)) + { + if (Nat256.IsZero(R)) + { + // this == b, i.e. this must be doubled + return this.Twice(); + } + + // this == -b, i.e. the result is the point at infinity + return curve.Infinity; + } + + uint[] HSquared = t3; + SecP256K1Field.Square(H, HSquared, tt0); + + uint[] G = Nat256.Create(); + SecP256K1Field.Multiply(HSquared, H, G, tt0); + + uint[] V = t3; + SecP256K1Field.Multiply(HSquared, U1, V, tt0); + + SecP256K1Field.Negate(G, G); + Nat256.Mul(S1, G, tt1); + + c = Nat256.AddBothTo(V, V, G); + SecP256K1Field.Reduce32(c, G); + + SecP256K1FieldElement X3 = new SecP256K1FieldElement(t4); + SecP256K1Field.Square(R, X3.x, tt0); + SecP256K1Field.Subtract(X3.x, G, X3.x); + + SecP256K1FieldElement Y3 = new SecP256K1FieldElement(G); + SecP256K1Field.Subtract(V, X3.x, Y3.x); + SecP256K1Field.MultiplyAddToExt(Y3.x, R, tt1); + SecP256K1Field.Reduce(tt1, Y3.x); + + SecP256K1FieldElement Z3 = new SecP256K1FieldElement(H); + if (!Z1IsOne) + { + SecP256K1Field.Multiply(Z3.x, Z1.x, Z3.x, tt0); + } + if (!Z2IsOne) + { + SecP256K1Field.Multiply(Z3.x, Z2.x, Z3.x, tt0); + } + + ECFieldElement[] zs = new ECFieldElement[] { Z3 }; + + return new SecP256K1Point(curve, X3, Y3, zs, IsCompressed); + } + + public override ECPoint Twice() + { + if (this.IsInfinity) + return this; + + ECCurve curve = this.Curve; + + SecP256K1FieldElement Y1 = (SecP256K1FieldElement)this.RawYCoord; + if (Y1.IsZero) + return curve.Infinity; + + SecP256K1FieldElement X1 = (SecP256K1FieldElement)this.RawXCoord, Z1 = (SecP256K1FieldElement)this.RawZCoords[0]; + + uint c; + uint[] tt0 = Nat256.CreateExt(); + + uint[] Y1Squared = Nat256.Create(); + SecP256K1Field.Square(Y1.x, Y1Squared, tt0); + + uint[] T = Nat256.Create(); + SecP256K1Field.Square(Y1Squared, T, tt0); + + uint[] M = Nat256.Create(); + SecP256K1Field.Square(X1.x, M, tt0); + c = Nat256.AddBothTo(M, M, M); + SecP256K1Field.Reduce32(c, M); + + uint[] S = Y1Squared; + SecP256K1Field.Multiply(Y1Squared, X1.x, S, tt0); + c = Nat.ShiftUpBits(8, S, 2, 0); + SecP256K1Field.Reduce32(c, S); + + uint[] t1 = Nat256.Create(); + c = Nat.ShiftUpBits(8, T, 3, 0, t1); + SecP256K1Field.Reduce32(c, t1); + + SecP256K1FieldElement X3 = new SecP256K1FieldElement(T); + SecP256K1Field.Square(M, X3.x, tt0); + SecP256K1Field.Subtract(X3.x, S, X3.x); + SecP256K1Field.Subtract(X3.x, S, X3.x); + + SecP256K1FieldElement Y3 = new SecP256K1FieldElement(S); + SecP256K1Field.Subtract(S, X3.x, Y3.x); + SecP256K1Field.Multiply(Y3.x, M, Y3.x, tt0); + SecP256K1Field.Subtract(Y3.x, t1, Y3.x); + + SecP256K1FieldElement Z3 = new SecP256K1FieldElement(M); + SecP256K1Field.Twice(Y1.x, Z3.x); + if (!Z1.IsOne) + { + SecP256K1Field.Multiply(Z3.x, Z1.x, Z3.x, tt0); + } + + return new SecP256K1Point(curve, X3, Y3, new ECFieldElement[] { Z3 }, IsCompressed); + } + + public override ECPoint TwicePlus(ECPoint b) + { + if (this == b) + return ThreeTimes(); + if (this.IsInfinity) + return b; + if (b.IsInfinity) + return Twice(); + + ECFieldElement Y1 = this.RawYCoord; + if (Y1.IsZero) + return b; + + return Twice().Add(b); + } + + public override ECPoint ThreeTimes() + { + if (this.IsInfinity || this.RawYCoord.IsZero) + return this; + + // NOTE: Be careful about recursions between TwicePlus and ThreeTimes + return Twice().Add(this); + } + + public override ECPoint Negate() + { + if (IsInfinity) + return this; + + return new SecP256K1Point(Curve, RawXCoord, RawYCoord.Negate(), RawZCoords, IsCompressed); + } + } +} diff --git a/BouncyCastle/crypto/src/math/ec/custom/sec/SecP256R1Curve.cs b/BouncyCastle/crypto/src/math/ec/custom/sec/SecP256R1Curve.cs new file mode 100644 index 0000000..b90f5d0 --- /dev/null +++ b/BouncyCastle/crypto/src/math/ec/custom/sec/SecP256R1Curve.cs @@ -0,0 +1,170 @@ +using System; + +using Org.BouncyCastle.Math.Raw; +using Org.BouncyCastle.Security; +using Org.BouncyCastle.Utilities.Encoders; + +namespace Org.BouncyCastle.Math.EC.Custom.Sec +{ + internal class SecP256R1Curve + : AbstractFpCurve + { + public static readonly BigInteger q = SecP256R1FieldElement.Q; + + private const int SECP256R1_DEFAULT_COORDS = COORD_JACOBIAN; + private const int SECP256R1_FE_INTS = 8; + private static readonly ECFieldElement[] SECP256R1_AFFINE_ZS = new ECFieldElement[] { new SecP256R1FieldElement(BigInteger.One) }; + + protected readonly SecP256R1Point m_infinity; + + public SecP256R1Curve() + : base(q) + { + this.m_infinity = new SecP256R1Point(this, null, null); + + this.m_a = FromBigInteger(new BigInteger(1, + Hex.DecodeStrict("FFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFC"))); + this.m_b = FromBigInteger(new BigInteger(1, + Hex.DecodeStrict("5AC635D8AA3A93E7B3EBBD55769886BC651D06B0CC53B0F63BCE3C3E27D2604B"))); + this.m_order = new BigInteger(1, Hex.DecodeStrict("FFFFFFFF00000000FFFFFFFFFFFFFFFFBCE6FAADA7179E84F3B9CAC2FC632551")); + this.m_cofactor = BigInteger.One; + this.m_coord = SECP256R1_DEFAULT_COORDS; + } + + protected override ECCurve CloneCurve() + { + return new SecP256R1Curve(); + } + + public override bool SupportsCoordinateSystem(int coord) + { + switch (coord) + { + case COORD_JACOBIAN: + return true; + default: + return false; + } + } + + public virtual BigInteger Q + { + get { return q; } + } + + public override ECPoint Infinity + { + get { return m_infinity; } + } + + public override int FieldSize + { + get { return q.BitLength; } + } + + public override ECFieldElement FromBigInteger(BigInteger x) + { + return new SecP256R1FieldElement(x); + } + + protected internal override ECPoint CreateRawPoint(ECFieldElement x, ECFieldElement y, bool withCompression) + { + return new SecP256R1Point(this, x, y, withCompression); + } + + protected internal override ECPoint CreateRawPoint(ECFieldElement x, ECFieldElement y, ECFieldElement[] zs, bool withCompression) + { + return new SecP256R1Point(this, x, y, zs, withCompression); + } + + public override ECLookupTable CreateCacheSafeLookupTable(ECPoint[] points, int off, int len) + { + uint[] table = new uint[len * SECP256R1_FE_INTS * 2]; + { + int pos = 0; + for (int i = 0; i < len; ++i) + { + ECPoint p = points[off + i]; + Nat256.Copy(((SecP256R1FieldElement)p.RawXCoord).x, 0, table, pos); pos += SECP256R1_FE_INTS; + Nat256.Copy(((SecP256R1FieldElement)p.RawYCoord).x, 0, table, pos); pos += SECP256R1_FE_INTS; + } + } + + return new SecP256R1LookupTable(this, table, len); + } + + public override ECFieldElement RandomFieldElement(SecureRandom r) + { + uint[] x = Nat256.Create(); + SecP256R1Field.Random(r, x); + return new SecP256R1FieldElement(x); + } + + public override ECFieldElement RandomFieldElementMult(SecureRandom r) + { + uint[] x = Nat256.Create(); + SecP256R1Field.RandomMult(r, x); + return new SecP256R1FieldElement(x); + } + + private class SecP256R1LookupTable + : AbstractECLookupTable + { + private readonly SecP256R1Curve m_outer; + private readonly uint[] m_table; + private readonly int m_size; + + internal SecP256R1LookupTable(SecP256R1Curve outer, uint[] table, int size) + { + this.m_outer = outer; + this.m_table = table; + this.m_size = size; + } + + public override int Size + { + get { return m_size; } + } + + public override ECPoint Lookup(int index) + { + uint[] x = Nat256.Create(), y = Nat256.Create(); + int pos = 0; + + for (int i = 0; i < m_size; ++i) + { + uint MASK = (uint)(((i ^ index) - 1) >> 31); + + for (int j = 0; j < SECP256R1_FE_INTS; ++j) + { + x[j] ^= m_table[pos + j] & MASK; + y[j] ^= m_table[pos + SECP256R1_FE_INTS + j] & MASK; + } + + pos += (SECP256R1_FE_INTS * 2); + } + + return CreatePoint(x, y); + } + + public override ECPoint LookupVar(int index) + { + uint[] x = Nat256.Create(), y = Nat256.Create(); + int pos = index * SECP256R1_FE_INTS * 2; + + for (int j = 0; j < SECP256R1_FE_INTS; ++j) + { + x[j] = m_table[pos + j]; + y[j] = m_table[pos + SECP256R1_FE_INTS + j]; + } + + return CreatePoint(x, y); + } + + private ECPoint CreatePoint(uint[] x, uint[] y) + { + return m_outer.CreateRawPoint(new SecP256R1FieldElement(x), new SecP256R1FieldElement(y), SECP256R1_AFFINE_ZS, false); + } + } + } +} diff --git a/BouncyCastle/crypto/src/math/ec/custom/sec/SecP256R1Field.cs b/BouncyCastle/crypto/src/math/ec/custom/sec/SecP256R1Field.cs new file mode 100644 index 0000000..10465dc --- /dev/null +++ b/BouncyCastle/crypto/src/math/ec/custom/sec/SecP256R1Field.cs @@ -0,0 +1,376 @@ +using System; +using System.Diagnostics; + +using Org.BouncyCastle.Crypto.Utilities; +using Org.BouncyCastle.Math.Raw; +using Org.BouncyCastle.Security; + +namespace Org.BouncyCastle.Math.EC.Custom.Sec +{ + internal class SecP256R1Field + { + // 2^256 - 2^224 + 2^192 + 2^96 - 1 + internal static readonly uint[] P = new uint[]{ 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0x00000000, 0x00000000, + 0x00000000, 0x00000001, 0xFFFFFFFF }; + private static readonly uint[] PExt = new uint[]{ 0x00000001, 0x00000000, 0x00000000, 0xFFFFFFFE, 0xFFFFFFFF, + 0xFFFFFFFF, 0xFFFFFFFE, 0x00000001, 0xFFFFFFFE, 0x00000001, 0xFFFFFFFE, 0x00000001, 0x00000001, 0xFFFFFFFE, + 0x00000002, 0xFFFFFFFE }; + private const uint P7 = 0xFFFFFFFF; + private const uint PExt15 = 0xFFFFFFFE; + + public static void Add(uint[] x, uint[] y, uint[] z) + { + uint c = Nat256.Add(x, y, z); + if (c != 0 || (z[7] == P7 && Nat256.Gte(z, P))) + { + AddPInvTo(z); + } + } + + public static void AddExt(uint[] xx, uint[] yy, uint[] zz) + { + uint c = Nat.Add(16, xx, yy, zz); + if (c != 0 || (zz[15] >= PExt15 && Nat.Gte(16, zz, PExt))) + { + Nat.SubFrom(16, PExt, zz); + } + } + + public static void AddOne(uint[] x, uint[] z) + { + uint c = Nat.Inc(8, x, z); + if (c != 0 || (z[7] == P7 && Nat256.Gte(z, P))) + { + AddPInvTo(z); + } + } + + public static uint[] FromBigInteger(BigInteger x) + { + uint[] z = Nat.FromBigInteger(256, x); + if (z[7] == P7 && Nat256.Gte(z, P)) + { + Nat256.SubFrom(P, z); + } + return z; + } + + public static void Half(uint[] x, uint[] z) + { + if ((x[0] & 1) == 0) + { + Nat.ShiftDownBit(8, x, 0, z); + } + else + { + uint c = Nat256.Add(x, P, z); + Nat.ShiftDownBit(8, z, c); + } + } + + public static void Inv(uint[] x, uint[] z) + { + Mod.CheckedModOddInverse(P, x, z); + } + + public static int IsZero(uint[] x) + { + uint d = 0; + for (int i = 0; i < 8; ++i) + { + d |= x[i]; + } + d = (d >> 1) | (d & 1); + return ((int)d - 1) >> 31; + } + + public static void Multiply(uint[] x, uint[] y, uint[] z) + { + uint[] tt = Nat256.CreateExt(); + Nat256.Mul(x, y, tt); + Reduce(tt, z); + } + + public static void Multiply(uint[] x, uint[] y, uint[] z, uint[] tt) + { + Nat256.Mul(x, y, tt); + Reduce(tt, z); + } + + public static void MultiplyAddToExt(uint[] x, uint[] y, uint[] zz) + { + uint c = Nat256.MulAddTo(x, y, zz); + if (c != 0 || (zz[15] >= PExt15 && Nat.Gte(16, zz, PExt))) + { + Nat.SubFrom(16, PExt, zz); + } + } + + public static void Negate(uint[] x, uint[] z) + { + if (0 != IsZero(x)) + { + Nat256.Sub(P, P, z); + } + else + { + Nat256.Sub(P, x, z); + } + } + + public static void Random(SecureRandom r, uint[] z) + { + byte[] bb = new byte[8 * 4]; + do + { + r.NextBytes(bb); + Pack.LE_To_UInt32(bb, 0, z, 0, 8); + } + while (0 == Nat.LessThan(8, z, P)); + } + + public static void RandomMult(SecureRandom r, uint[] z) + { + do + { + Random(r, z); + } + while (0 != IsZero(z)); + } + + public static void Reduce(uint[] xx, uint[] z) + { + long xx08 = xx[8], xx09 = xx[9], xx10 = xx[10], xx11 = xx[11]; + long xx12 = xx[12], xx13 = xx[13], xx14 = xx[14], xx15 = xx[15]; + + const long n = 6; + + xx08 -= n; + + long t0 = xx08 + xx09; + long t1 = xx09 + xx10; + long t2 = xx10 + xx11 - xx15; + long t3 = xx11 + xx12; + long t4 = xx12 + xx13; + long t5 = xx13 + xx14; + long t6 = xx14 + xx15; + long t7 = t5 - t0; + + long cc = 0; + cc += (long)xx[0] - t3 - t7; + z[0] = (uint)cc; + cc >>= 32; + cc += (long)xx[1] + t1 - t4 - t6; + z[1] = (uint)cc; + cc >>= 32; + cc += (long)xx[2] + t2 - t5; + z[2] = (uint)cc; + cc >>= 32; + cc += (long)xx[3] + (t3 << 1) + t7 - t6; + z[3] = (uint)cc; + cc >>= 32; + cc += (long)xx[4] + (t4 << 1) + xx14 - t1; + z[4] = (uint)cc; + cc >>= 32; + cc += (long)xx[5] + (t5 << 1) - t2; + z[5] = (uint)cc; + cc >>= 32; + cc += (long)xx[6] + (t6 << 1) + t7; + z[6] = (uint)cc; + cc >>= 32; + cc += (long)xx[7] + (xx15 << 1) + xx08 - t2 - t4; + z[7] = (uint)cc; + cc >>= 32; + cc += n; + + Debug.Assert(cc >= 0); + + Reduce32((uint)cc, z); + } + + public static void Reduce32(uint x, uint[] z) + { + long cc = 0; + + if (x != 0) + { + long xx08 = x; + + cc += (long)z[0] + xx08; + z[0] = (uint)cc; + cc >>= 32; + if (cc != 0) + { + cc += (long)z[1]; + z[1] = (uint)cc; + cc >>= 32; + cc += (long)z[2]; + z[2] = (uint)cc; + cc >>= 32; + } + cc += (long)z[3] - xx08; + z[3] = (uint)cc; + cc >>= 32; + if (cc != 0) + { + cc += (long)z[4]; + z[4] = (uint)cc; + cc >>= 32; + cc += (long)z[5]; + z[5] = (uint)cc; + cc >>= 32; + } + cc += (long)z[6] - xx08; + z[6] = (uint)cc; + cc >>= 32; + cc += (long)z[7] + xx08; + z[7] = (uint)cc; + cc >>= 32; + + Debug.Assert(cc == 0 || cc == 1); + } + + if (cc != 0 || (z[7] == P7 && Nat256.Gte(z, P))) + { + AddPInvTo(z); + } + } + + public static void Square(uint[] x, uint[] z) + { + uint[] tt = Nat256.CreateExt(); + Nat256.Square(x, tt); + Reduce(tt, z); + } + + public static void Square(uint[] x, uint[] z, uint[] tt) + { + Nat256.Square(x, tt); + Reduce(tt, z); + } + + public static void SquareN(uint[] x, int n, uint[] z) + { + Debug.Assert(n > 0); + + uint[] tt = Nat256.CreateExt(); + Nat256.Square(x, tt); + Reduce(tt, z); + + while (--n > 0) + { + Nat256.Square(z, tt); + Reduce(tt, z); + } + } + + public static void SquareN(uint[] x, int n, uint[] z, uint[] tt) + { + Debug.Assert(n > 0); + + Nat256.Square(x, tt); + Reduce(tt, z); + + while (--n > 0) + { + Nat256.Square(z, tt); + Reduce(tt, z); + } + } + + public static void Subtract(uint[] x, uint[] y, uint[] z) + { + int c = Nat256.Sub(x, y, z); + if (c != 0) + { + SubPInvFrom(z); + } + } + + public static void SubtractExt(uint[] xx, uint[] yy, uint[] zz) + { + int c = Nat.Sub(16, xx, yy, zz); + if (c != 0) + { + Nat.AddTo(16, PExt, zz); + } + } + + public static void Twice(uint[] x, uint[] z) + { + uint c = Nat.ShiftUpBit(8, x, 0, z); + if (c != 0 || (z[7] == P7 && Nat256.Gte(z, P))) + { + AddPInvTo(z); + } + } + + private static void AddPInvTo(uint[] z) + { + long c = (long)z[0] + 1; + z[0] = (uint)c; + c >>= 32; + if (c != 0) + { + c += (long)z[1]; + z[1] = (uint)c; + c >>= 32; + c += (long)z[2]; + z[2] = (uint)c; + c >>= 32; + } + c += (long)z[3] - 1; + z[3] = (uint)c; + c >>= 32; + if (c != 0) + { + c += (long)z[4]; + z[4] = (uint)c; + c >>= 32; + c += (long)z[5]; + z[5] = (uint)c; + c >>= 32; + } + c += (long)z[6] - 1; + z[6] = (uint)c; + c >>= 32; + c += (long)z[7] + 1; + z[7] = (uint)c; + //c >>= 32; + } + + private static void SubPInvFrom(uint[] z) + { + long c = (long)z[0] - 1; + z[0] = (uint)c; + c >>= 32; + if (c != 0) + { + c += (long)z[1]; + z[1] = (uint)c; + c >>= 32; + c += (long)z[2]; + z[2] = (uint)c; + c >>= 32; + } + c += (long)z[3] + 1; + z[3] = (uint)c; + c >>= 32; + if (c != 0) + { + c += (long)z[4]; + z[4] = (uint)c; + c >>= 32; + c += (long)z[5]; + z[5] = (uint)c; + c >>= 32; + } + c += (long)z[6] + 1; + z[6] = (uint)c; + c >>= 32; + c += (long)z[7] - 1; + z[7] = (uint)c; + //c >>= 32; + } + } +} diff --git a/BouncyCastle/crypto/src/math/ec/custom/sec/SecP256R1FieldElement.cs b/BouncyCastle/crypto/src/math/ec/custom/sec/SecP256R1FieldElement.cs new file mode 100644 index 0000000..928461e --- /dev/null +++ b/BouncyCastle/crypto/src/math/ec/custom/sec/SecP256R1FieldElement.cs @@ -0,0 +1,191 @@ +using System; + +using Org.BouncyCastle.Math.Raw; +using Org.BouncyCastle.Utilities; +using Org.BouncyCastle.Utilities.Encoders; + +namespace Org.BouncyCastle.Math.EC.Custom.Sec +{ + internal class SecP256R1FieldElement + : AbstractFpFieldElement + { + public static readonly BigInteger Q = new BigInteger(1, + Hex.DecodeStrict("FFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF")); + + protected internal readonly uint[] x; + + public SecP256R1FieldElement(BigInteger x) + { + if (x == null || x.SignValue < 0 || x.CompareTo(Q) >= 0) + throw new ArgumentException("value invalid for SecP256R1FieldElement", "x"); + + this.x = SecP256R1Field.FromBigInteger(x); + } + + public SecP256R1FieldElement() + { + this.x = Nat256.Create(); + } + + protected internal SecP256R1FieldElement(uint[] x) + { + this.x = x; + } + + public override bool IsZero + { + get { return Nat256.IsZero(x); } + } + + public override bool IsOne + { + get { return Nat256.IsOne(x); } + } + + public override bool TestBitZero() + { + return Nat256.GetBit(x, 0) == 1; + } + + public override BigInteger ToBigInteger() + { + return Nat256.ToBigInteger(x); + } + + public override string FieldName + { + get { return "SecP256R1Field"; } + } + + public override int FieldSize + { + get { return Q.BitLength; } + } + + public override ECFieldElement Add(ECFieldElement b) + { + uint[] z = Nat256.Create(); + SecP256R1Field.Add(x, ((SecP256R1FieldElement)b).x, z); + return new SecP256R1FieldElement(z); + } + + public override ECFieldElement AddOne() + { + uint[] z = Nat256.Create(); + SecP256R1Field.AddOne(x, z); + return new SecP256R1FieldElement(z); + } + + public override ECFieldElement Subtract(ECFieldElement b) + { + uint[] z = Nat256.Create(); + SecP256R1Field.Subtract(x, ((SecP256R1FieldElement)b).x, z); + return new SecP256R1FieldElement(z); + } + + public override ECFieldElement Multiply(ECFieldElement b) + { + uint[] z = Nat256.Create(); + SecP256R1Field.Multiply(x, ((SecP256R1FieldElement)b).x, z); + return new SecP256R1FieldElement(z); + } + + public override ECFieldElement Divide(ECFieldElement b) + { + //return Multiply(b.Invert()); + uint[] z = Nat256.Create(); + SecP256R1Field.Inv(((SecP256R1FieldElement)b).x, z); + SecP256R1Field.Multiply(z, x, z); + return new SecP256R1FieldElement(z); + } + + public override ECFieldElement Negate() + { + uint[] z = Nat256.Create(); + SecP256R1Field.Negate(x, z); + return new SecP256R1FieldElement(z); + } + + public override ECFieldElement Square() + { + uint[] z = Nat256.Create(); + SecP256R1Field.Square(x, z); + return new SecP256R1FieldElement(z); + } + + public override ECFieldElement Invert() + { + //return new SecP256R1FieldElement(ToBigInteger().ModInverse(Q)); + uint[] z = Nat256.Create(); + SecP256R1Field.Inv(x, z); + return new SecP256R1FieldElement(z); + } + + /** + * return a sqrt root - the routine verifies that the calculation returns the right value - if + * none exists it returns null. + */ + public override ECFieldElement Sqrt() + { + // Raise this element to the exponent 2^254 - 2^222 + 2^190 + 2^94 + + uint[] x1 = this.x; + if (Nat256.IsZero(x1) || Nat256.IsOne(x1)) + return this; + + uint[] tt0 = Nat256.CreateExt(); + uint[] t1 = Nat256.Create(); + uint[] t2 = Nat256.Create(); + + SecP256R1Field.Square(x1, t1, tt0); + SecP256R1Field.Multiply(t1, x1, t1, tt0); + + SecP256R1Field.SquareN(t1, 2, t2, tt0); + SecP256R1Field.Multiply(t2, t1, t2, tt0); + + SecP256R1Field.SquareN(t2, 4, t1, tt0); + SecP256R1Field.Multiply(t1, t2, t1, tt0); + + SecP256R1Field.SquareN(t1, 8, t2, tt0); + SecP256R1Field.Multiply(t2, t1, t2, tt0); + + SecP256R1Field.SquareN(t2, 16, t1, tt0); + SecP256R1Field.Multiply(t1, t2, t1, tt0); + + SecP256R1Field.SquareN(t1, 32, t1, tt0); + SecP256R1Field.Multiply(t1, x1, t1, tt0); + + SecP256R1Field.SquareN(t1, 96, t1, tt0); + SecP256R1Field.Multiply(t1, x1, t1, tt0); + + SecP256R1Field.SquareN(t1, 94, t1, tt0); + SecP256R1Field.Multiply(t1, t1, t2, tt0); + + return Nat256.Eq(x1, t2) ? new SecP256R1FieldElement(t1) : null; + } + + public override bool Equals(object obj) + { + return Equals(obj as SecP256R1FieldElement); + } + + public override bool Equals(ECFieldElement other) + { + return Equals(other as SecP256R1FieldElement); + } + + public virtual bool Equals(SecP256R1FieldElement other) + { + if (this == other) + return true; + if (null == other) + return false; + return Nat256.Eq(x, other.x); + } + + public override int GetHashCode() + { + return Q.GetHashCode() ^ Arrays.GetHashCode(x, 0, 8); + } + } +} diff --git a/BouncyCastle/crypto/src/math/ec/custom/sec/SecP256R1Point.cs b/BouncyCastle/crypto/src/math/ec/custom/sec/SecP256R1Point.cs new file mode 100644 index 0000000..d487aad --- /dev/null +++ b/BouncyCastle/crypto/src/math/ec/custom/sec/SecP256R1Point.cs @@ -0,0 +1,281 @@ +using System; + +using Org.BouncyCastle.Math.Raw; + +namespace Org.BouncyCastle.Math.EC.Custom.Sec +{ + internal class SecP256R1Point + : AbstractFpPoint + { + /** + * Create a point which encodes with point compression. + * + * @param curve + * the curve to use + * @param x + * affine x co-ordinate + * @param y + * affine y co-ordinate + * + * @deprecated Use ECCurve.createPoint to construct points + */ + public SecP256R1Point(ECCurve curve, ECFieldElement x, ECFieldElement y) + : this(curve, x, y, false) + { + } + + /** + * Create a point that encodes with or without point compresion. + * + * @param curve + * the curve to use + * @param x + * affine x co-ordinate + * @param y + * affine y co-ordinate + * @param withCompression + * if true encode with point compression + * + * @deprecated per-point compression property will be removed, refer + * {@link #getEncoded(bool)} + */ + public SecP256R1Point(ECCurve curve, ECFieldElement x, ECFieldElement y, bool withCompression) + : base(curve, x, y, withCompression) + { + if ((x == null) != (y == null)) + throw new ArgumentException("Exactly one of the field elements is null"); + } + + internal SecP256R1Point(ECCurve curve, ECFieldElement x, ECFieldElement y, ECFieldElement[] zs, bool withCompression) + : base(curve, x, y, zs, withCompression) + { + } + + protected override ECPoint Detach() + { + return new SecP256R1Point(null, AffineXCoord, AffineYCoord); + } + + public override ECPoint Add(ECPoint b) + { + if (this.IsInfinity) + return b; + if (b.IsInfinity) + return this; + if (this == b) + return Twice(); + + ECCurve curve = this.Curve; + + SecP256R1FieldElement X1 = (SecP256R1FieldElement)this.RawXCoord, Y1 = (SecP256R1FieldElement)this.RawYCoord; + SecP256R1FieldElement X2 = (SecP256R1FieldElement)b.RawXCoord, Y2 = (SecP256R1FieldElement)b.RawYCoord; + + SecP256R1FieldElement Z1 = (SecP256R1FieldElement)this.RawZCoords[0]; + SecP256R1FieldElement Z2 = (SecP256R1FieldElement)b.RawZCoords[0]; + + uint c; + uint[] tt0 = Nat256.CreateExt(); + uint[] tt1 = Nat256.CreateExt(); + uint[] t2 = Nat256.Create(); + uint[] t3 = Nat256.Create(); + uint[] t4 = Nat256.Create(); + + bool Z1IsOne = Z1.IsOne; + uint[] U2, S2; + if (Z1IsOne) + { + U2 = X2.x; + S2 = Y2.x; + } + else + { + S2 = t3; + SecP256R1Field.Square(Z1.x, S2, tt0); + + U2 = t2; + SecP256R1Field.Multiply(S2, X2.x, U2, tt0); + + SecP256R1Field.Multiply(S2, Z1.x, S2, tt0); + SecP256R1Field.Multiply(S2, Y2.x, S2, tt0); + } + + bool Z2IsOne = Z2.IsOne; + uint[] U1, S1; + if (Z2IsOne) + { + U1 = X1.x; + S1 = Y1.x; + } + else + { + S1 = t4; + SecP256R1Field.Square(Z2.x, S1, tt0); + + U1 = tt1; + SecP256R1Field.Multiply(S1, X1.x, U1, tt0); + + SecP256R1Field.Multiply(S1, Z2.x, S1, tt0); + SecP256R1Field.Multiply(S1, Y1.x, S1, tt0); + } + + uint[] H = Nat256.Create(); + SecP256R1Field.Subtract(U1, U2, H); + + uint[] R = t2; + SecP256R1Field.Subtract(S1, S2, R); + + // Check if b == this or b == -this + if (Nat256.IsZero(H)) + { + if (Nat256.IsZero(R)) + { + // this == b, i.e. this must be doubled + return this.Twice(); + } + + // this == -b, i.e. the result is the point at infinity + return curve.Infinity; + } + + uint[] HSquared = t3; + SecP256R1Field.Square(H, HSquared, tt0); + + uint[] G = Nat256.Create(); + SecP256R1Field.Multiply(HSquared, H, G, tt0); + + uint[] V = t3; + SecP256R1Field.Multiply(HSquared, U1, V, tt0); + + SecP256R1Field.Negate(G, G); + Nat256.Mul(S1, G, tt1); + + c = Nat256.AddBothTo(V, V, G); + SecP256R1Field.Reduce32(c, G); + + SecP256R1FieldElement X3 = new SecP256R1FieldElement(t4); + SecP256R1Field.Square(R, X3.x, tt0); + SecP256R1Field.Subtract(X3.x, G, X3.x); + + SecP256R1FieldElement Y3 = new SecP256R1FieldElement(G); + SecP256R1Field.Subtract(V, X3.x, Y3.x); + SecP256R1Field.MultiplyAddToExt(Y3.x, R, tt1); + SecP256R1Field.Reduce(tt1, Y3.x); + + SecP256R1FieldElement Z3 = new SecP256R1FieldElement(H); + if (!Z1IsOne) + { + SecP256R1Field.Multiply(Z3.x, Z1.x, Z3.x, tt0); + } + if (!Z2IsOne) + { + SecP256R1Field.Multiply(Z3.x, Z2.x, Z3.x, tt0); + } + + ECFieldElement[] zs = new ECFieldElement[]{ Z3 }; + + return new SecP256R1Point(curve, X3, Y3, zs, IsCompressed); + } + + public override ECPoint Twice() + { + if (this.IsInfinity) + return this; + + ECCurve curve = this.Curve; + + SecP256R1FieldElement Y1 = (SecP256R1FieldElement)this.RawYCoord; + if (Y1.IsZero) + return curve.Infinity; + + SecP256R1FieldElement X1 = (SecP256R1FieldElement)this.RawXCoord, Z1 = (SecP256R1FieldElement)this.RawZCoords[0]; + + uint c; + uint[] tt0 = Nat256.CreateExt(); + uint[] t1 = Nat256.Create(); + uint[] t2 = Nat256.Create(); + + uint[] Y1Squared = Nat256.Create(); + SecP256R1Field.Square(Y1.x, Y1Squared, tt0); + + uint[] T = Nat256.Create(); + SecP256R1Field.Square(Y1Squared, T, tt0); + + bool Z1IsOne = Z1.IsOne; + + uint[] Z1Squared = Z1.x; + if (!Z1IsOne) + { + Z1Squared = t2; + SecP256R1Field.Square(Z1.x, Z1Squared, tt0); + } + + SecP256R1Field.Subtract(X1.x, Z1Squared, t1); + + uint[] M = t2; + SecP256R1Field.Add(X1.x, Z1Squared, M); + SecP256R1Field.Multiply(M, t1, M, tt0); + c = Nat256.AddBothTo(M, M, M); + SecP256R1Field.Reduce32(c, M); + + uint[] S = Y1Squared; + SecP256R1Field.Multiply(Y1Squared, X1.x, S, tt0); + c = Nat.ShiftUpBits(8, S, 2, 0); + SecP256R1Field.Reduce32(c, S); + + c = Nat.ShiftUpBits(8, T, 3, 0, t1); + SecP256R1Field.Reduce32(c, t1); + + SecP256R1FieldElement X3 = new SecP256R1FieldElement(T); + SecP256R1Field.Square(M, X3.x, tt0); + SecP256R1Field.Subtract(X3.x, S, X3.x); + SecP256R1Field.Subtract(X3.x, S, X3.x); + + SecP256R1FieldElement Y3 = new SecP256R1FieldElement(S); + SecP256R1Field.Subtract(S, X3.x, Y3.x); + SecP256R1Field.Multiply(Y3.x, M, Y3.x, tt0); + SecP256R1Field.Subtract(Y3.x, t1, Y3.x); + + SecP256R1FieldElement Z3 = new SecP256R1FieldElement(M); + SecP256R1Field.Twice(Y1.x, Z3.x); + if (!Z1IsOne) + { + SecP256R1Field.Multiply(Z3.x, Z1.x, Z3.x, tt0); + } + + return new SecP256R1Point(curve, X3, Y3, new ECFieldElement[]{ Z3 }, IsCompressed); + } + + public override ECPoint TwicePlus(ECPoint b) + { + if (this == b) + return ThreeTimes(); + if (this.IsInfinity) + return b; + if (b.IsInfinity) + return Twice(); + + ECFieldElement Y1 = this.RawYCoord; + if (Y1.IsZero) + return b; + + return Twice().Add(b); + } + + public override ECPoint ThreeTimes() + { + if (this.IsInfinity || this.RawYCoord.IsZero) + return this; + + // NOTE: Be careful about recursions between TwicePlus and ThreeTimes + return Twice().Add(this); + } + + public override ECPoint Negate() + { + if (IsInfinity) + return this; + + return new SecP256R1Point(Curve, RawXCoord, RawYCoord.Negate(), RawZCoords, IsCompressed); + } + } +} diff --git a/BouncyCastle/crypto/src/math/ec/custom/sec/SecP384R1Curve.cs b/BouncyCastle/crypto/src/math/ec/custom/sec/SecP384R1Curve.cs new file mode 100644 index 0000000..b57788e --- /dev/null +++ b/BouncyCastle/crypto/src/math/ec/custom/sec/SecP384R1Curve.cs @@ -0,0 +1,170 @@ +using System; + +using Org.BouncyCastle.Math.Raw; +using Org.BouncyCastle.Security; +using Org.BouncyCastle.Utilities.Encoders; + +namespace Org.BouncyCastle.Math.EC.Custom.Sec +{ + internal class SecP384R1Curve + : AbstractFpCurve + { + public static readonly BigInteger q = SecP384R1FieldElement.Q; + + private const int SECP384R1_DEFAULT_COORDS = COORD_JACOBIAN; + private const int SECP384R1_FE_INTS = 12; + private static readonly ECFieldElement[] SECP384R1_AFFINE_ZS = new ECFieldElement[] { new SecP384R1FieldElement(BigInteger.One) }; + + protected readonly SecP384R1Point m_infinity; + + public SecP384R1Curve() + : base(q) + { + this.m_infinity = new SecP384R1Point(this, null, null); + + this.m_a = FromBigInteger(new BigInteger(1, + Hex.DecodeStrict("FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFFFF0000000000000000FFFFFFFC"))); + this.m_b = FromBigInteger(new BigInteger(1, + Hex.DecodeStrict("B3312FA7E23EE7E4988E056BE3F82D19181D9C6EFE8141120314088F5013875AC656398D8A2ED19D2A85C8EDD3EC2AEF"))); + this.m_order = new BigInteger(1, Hex.DecodeStrict("FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFC7634D81F4372DDF581A0DB248B0A77AECEC196ACCC52973")); + this.m_cofactor = BigInteger.One; + this.m_coord = SECP384R1_DEFAULT_COORDS; + } + + protected override ECCurve CloneCurve() + { + return new SecP384R1Curve(); + } + + public override bool SupportsCoordinateSystem(int coord) + { + switch (coord) + { + case COORD_JACOBIAN: + return true; + default: + return false; + } + } + + public virtual BigInteger Q + { + get { return q; } + } + + public override ECPoint Infinity + { + get { return m_infinity; } + } + + public override int FieldSize + { + get { return q.BitLength; } + } + + public override ECFieldElement FromBigInteger(BigInteger x) + { + return new SecP384R1FieldElement(x); + } + + protected internal override ECPoint CreateRawPoint(ECFieldElement x, ECFieldElement y, bool withCompression) + { + return new SecP384R1Point(this, x, y, withCompression); + } + + protected internal override ECPoint CreateRawPoint(ECFieldElement x, ECFieldElement y, ECFieldElement[] zs, bool withCompression) + { + return new SecP384R1Point(this, x, y, zs, withCompression); + } + + public override ECLookupTable CreateCacheSafeLookupTable(ECPoint[] points, int off, int len) + { + uint[] table = new uint[len * SECP384R1_FE_INTS * 2]; + { + int pos = 0; + for (int i = 0; i < len; ++i) + { + ECPoint p = points[off + i]; + Nat.Copy(SECP384R1_FE_INTS, ((SecP384R1FieldElement)p.RawXCoord).x, 0, table, pos); pos += SECP384R1_FE_INTS; + Nat.Copy(SECP384R1_FE_INTS, ((SecP384R1FieldElement)p.RawYCoord).x, 0, table, pos); pos += SECP384R1_FE_INTS; + } + } + + return new SecP384R1LookupTable(this, table, len); + } + + public override ECFieldElement RandomFieldElement(SecureRandom r) + { + uint[] x = Nat.Create(12); + SecP384R1Field.Random(r, x); + return new SecP384R1FieldElement(x); + } + + public override ECFieldElement RandomFieldElementMult(SecureRandom r) + { + uint[] x = Nat.Create(12); + SecP384R1Field.RandomMult(r, x); + return new SecP384R1FieldElement(x); + } + + private class SecP384R1LookupTable + : AbstractECLookupTable + { + private readonly SecP384R1Curve m_outer; + private readonly uint[] m_table; + private readonly int m_size; + + internal SecP384R1LookupTable(SecP384R1Curve outer, uint[] table, int size) + { + this.m_outer = outer; + this.m_table = table; + this.m_size = size; + } + + public override int Size + { + get { return m_size; } + } + + public override ECPoint Lookup(int index) + { + uint[] x = Nat.Create(SECP384R1_FE_INTS), y = Nat.Create(SECP384R1_FE_INTS); + int pos = 0; + + for (int i = 0; i < m_size; ++i) + { + uint MASK = (uint)(((i ^ index) - 1) >> 31); + + for (int j = 0; j < SECP384R1_FE_INTS; ++j) + { + x[j] ^= m_table[pos + j] & MASK; + y[j] ^= m_table[pos + SECP384R1_FE_INTS + j] & MASK; + } + + pos += (SECP384R1_FE_INTS * 2); + } + + return CreatePoint(x, y); + } + + public override ECPoint LookupVar(int index) + { + uint[] x = Nat.Create(SECP384R1_FE_INTS), y = Nat.Create(SECP384R1_FE_INTS); + int pos = index * SECP384R1_FE_INTS * 2; + + for (int j = 0; j < SECP384R1_FE_INTS; ++j) + { + x[j] = m_table[pos + j]; + y[j] = m_table[pos + SECP384R1_FE_INTS + j]; + } + + return CreatePoint(x, y); + } + + private ECPoint CreatePoint(uint[] x, uint[] y) + { + return m_outer.CreateRawPoint(new SecP384R1FieldElement(x), new SecP384R1FieldElement(y), SECP384R1_AFFINE_ZS, false); + } + } + } +} diff --git a/BouncyCastle/crypto/src/math/ec/custom/sec/SecP384R1Field.cs b/BouncyCastle/crypto/src/math/ec/custom/sec/SecP384R1Field.cs new file mode 100644 index 0000000..16b60af --- /dev/null +++ b/BouncyCastle/crypto/src/math/ec/custom/sec/SecP384R1Field.cs @@ -0,0 +1,360 @@ +using System; +using System.Diagnostics; + +using Org.BouncyCastle.Crypto.Utilities; +using Org.BouncyCastle.Math.Raw; +using Org.BouncyCastle.Security; + +namespace Org.BouncyCastle.Math.EC.Custom.Sec +{ + internal class SecP384R1Field + { + // 2^384 - 2^128 - 2^96 + 2^32 - 1 + internal static readonly uint[] P = new uint[]{ 0xFFFFFFFF, 0x00000000, 0x00000000, 0xFFFFFFFF, 0xFFFFFFFE, + 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF }; + private static readonly uint[] PExt = new uint[]{ 0x00000001, 0xFFFFFFFE, 0x00000000, 0x00000002, 0x00000000, + 0xFFFFFFFE, 0x00000000, 0x00000002, 0x00000001, 0x00000000, 0x00000000, 0x00000000, 0xFFFFFFFE, 0x00000001, + 0x00000000, 0xFFFFFFFE, 0xFFFFFFFD, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, + 0xFFFFFFFF }; + private static readonly uint[] PExtInv = new uint[]{ 0xFFFFFFFF, 0x00000001, 0xFFFFFFFF, 0xFFFFFFFD, + 0xFFFFFFFF, 0x00000001, 0xFFFFFFFF, 0xFFFFFFFD, 0xFFFFFFFE, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0x00000001, + 0xFFFFFFFE, 0xFFFFFFFF, 0x00000001, 0x00000002 }; + private const uint P11 = 0xFFFFFFFF; + private const uint PExt23 = 0xFFFFFFFF; + + public static void Add(uint[] x, uint[] y, uint[] z) + { + uint c = Nat.Add(12, x, y, z); + if (c != 0 || (z[11] == P11 && Nat.Gte(12, z, P))) + { + AddPInvTo(z); + } + } + + public static void AddExt(uint[] xx, uint[] yy, uint[] zz) + { + uint c = Nat.Add(24, xx, yy, zz); + if (c != 0 || (zz[23] == PExt23 && Nat.Gte(24, zz, PExt))) + { + if (Nat.AddTo(PExtInv.Length, PExtInv, zz) != 0) + { + Nat.IncAt(24, zz, PExtInv.Length); + } + } + } + + public static void AddOne(uint[] x, uint[] z) + { + uint c = Nat.Inc(12, x, z); + if (c != 0 || (z[11] == P11 && Nat.Gte(12, z, P))) + { + AddPInvTo(z); + } + } + + public static uint[] FromBigInteger(BigInteger x) + { + uint[] z = Nat.FromBigInteger(384, x); + if (z[11] == P11 && Nat.Gte(12, z, P)) + { + Nat.SubFrom(12, P, z); + } + return z; + } + + public static void Half(uint[] x, uint[] z) + { + if ((x[0] & 1) == 0) + { + Nat.ShiftDownBit(12, x, 0, z); + } + else + { + uint c = Nat.Add(12, x, P, z); + Nat.ShiftDownBit(12, z, c); + } + } + + public static void Inv(uint[] x, uint[] z) + { + Mod.CheckedModOddInverse(P, x, z); + } + + public static int IsZero(uint[] x) + { + uint d = 0; + for (int i = 0; i < 12; ++i) + { + d |= x[i]; + } + d = (d >> 1) | (d & 1); + return ((int)d - 1) >> 31; + } + + public static void Multiply(uint[] x, uint[] y, uint[] z) + { + uint[] tt = Nat.Create(24); + Nat384.Mul(x, y, tt); + Reduce(tt, z); + } + + public static void Multiply(uint[] x, uint[] y, uint[] z, uint[] tt) + { + Nat384.Mul(x, y, tt); + Reduce(tt, z); + } + + public static void Negate(uint[] x, uint[] z) + { + if (0 != IsZero(x)) + { + Nat.Sub(12, P, P, z); + } + else + { + Nat.Sub(12, P, x, z); + } + } + + public static void Random(SecureRandom r, uint[] z) + { + byte[] bb = new byte[12 * 4]; + do + { + r.NextBytes(bb); + Pack.LE_To_UInt32(bb, 0, z, 0, 12); + } + while (0 == Nat.LessThan(12, z, P)); + } + + public static void RandomMult(SecureRandom r, uint[] z) + { + do + { + Random(r, z); + } + while (0 != IsZero(z)); + } + + public static void Reduce(uint[] xx, uint[] z) + { + long xx16 = xx[16], xx17 = xx[17], xx18 = xx[18], xx19 = xx[19]; + long xx20 = xx[20], xx21 = xx[21], xx22 = xx[22], xx23 = xx[23]; + + const long n = 1; + + long t0 = (long)xx[12] + xx20 - n; + long t1 = (long)xx[13] + xx22; + long t2 = (long)xx[14] + xx22 + xx23; + long t3 = (long)xx[15] + xx23; + long t4 = xx17 + xx21; + long t5 = xx21 - xx23; + long t6 = xx22 - xx23; + long t7 = t0 + t5; + + long cc = 0; + cc += (long)xx[0] + t7; + z[0] = (uint)cc; + cc >>= 32; + cc += (long)xx[1] + xx23 - t0 + t1; + z[1] = (uint)cc; + cc >>= 32; + cc += (long)xx[2] - xx21 - t1 + t2; + z[2] = (uint)cc; + cc >>= 32; + cc += (long)xx[3] - t2 + t3 + t7; + z[3] = (uint)cc; + cc >>= 32; + cc += (long)xx[4] + xx16 + xx21 + t1 - t3 + t7; + z[4] = (uint)cc; + cc >>= 32; + cc += (long)xx[5] - xx16 + t1 + t2 + t4; + z[5] = (uint)cc; + cc >>= 32; + cc += (long)xx[6] + xx18 - xx17 + t2 + t3; + z[6] = (uint)cc; + cc >>= 32; + cc += (long)xx[7] + xx16 + xx19 - xx18 + t3; + z[7] = (uint)cc; + cc >>= 32; + cc += (long)xx[8] + xx16 + xx17 + xx20 - xx19; + z[8] = (uint)cc; + cc >>= 32; + cc += (long)xx[9] + xx18 - xx20 + t4; + z[9] = (uint)cc; + cc >>= 32; + cc += (long)xx[10] + xx18 + xx19 - t5 + t6; + z[10] = (uint)cc; + cc >>= 32; + cc += (long)xx[11] + xx19 + xx20 - t6; + z[11] = (uint)cc; + cc >>= 32; + cc += n; + + Debug.Assert(cc >= 0); + + Reduce32((uint)cc, z); + } + + public static void Reduce32(uint x, uint[] z) + { + long cc = 0; + + if (x != 0) + { + long xx12 = x; + + cc += (long)z[0] + xx12; + z[0] = (uint)cc; + cc >>= 32; + cc += (long)z[1] - xx12; + z[1] = (uint)cc; + cc >>= 32; + if (cc != 0) + { + cc += (long)z[2]; + z[2] = (uint)cc; + cc >>= 32; + } + cc += (long)z[3] + xx12; + z[3] = (uint)cc; + cc >>= 32; + cc += (long)z[4] + xx12; + z[4] = (uint)cc; + cc >>= 32; + + Debug.Assert(cc == 0 || cc == 1); + } + + if ((cc != 0 && Nat.IncAt(12, z, 5) != 0) + || (z[11] == P11 && Nat.Gte(12, z, P))) + { + AddPInvTo(z); + } + } + + public static void Square(uint[] x, uint[] z) + { + uint[] tt = Nat.Create(24); + Nat384.Square(x, tt); + Reduce(tt, z); + } + + public static void Square(uint[] x, uint[] z, uint[] tt) + { + Nat384.Square(x, tt); + Reduce(tt, z); + } + + public static void SquareN(uint[] x, int n, uint[] z) + { + Debug.Assert(n > 0); + + uint[] tt = Nat.Create(24); + Nat384.Square(x, tt); + Reduce(tt, z); + + while (--n > 0) + { + Nat384.Square(z, tt); + Reduce(tt, z); + } + } + + public static void SquareN(uint[] x, int n, uint[] z, uint[] tt) + { + Debug.Assert(n > 0); + + Nat384.Square(x, tt); + Reduce(tt, z); + + while (--n > 0) + { + Nat384.Square(z, tt); + Reduce(tt, z); + } + } + + public static void Subtract(uint[] x, uint[] y, uint[] z) + { + int c = Nat.Sub(12, x, y, z); + if (c != 0) + { + SubPInvFrom(z); + } + } + + public static void SubtractExt(uint[] xx, uint[] yy, uint[] zz) + { + int c = Nat.Sub(24, xx, yy, zz); + if (c != 0) + { + if (Nat.SubFrom(PExtInv.Length, PExtInv, zz) != 0) + { + Nat.DecAt(24, zz, PExtInv.Length); + } + } + } + + public static void Twice(uint[] x, uint[] z) + { + uint c = Nat.ShiftUpBit(12, x, 0, z); + if (c != 0 || (z[11] == P11 && Nat.Gte(12, z, P))) + { + AddPInvTo(z); + } + } + + private static void AddPInvTo(uint[] z) + { + long c = (long)z[0] + 1; + z[0] = (uint)c; + c >>= 32; + c += (long)z[1] - 1; + z[1] = (uint)c; + c >>= 32; + if (c != 0) + { + c += (long)z[2]; + z[2] = (uint)c; + c >>= 32; + } + c += (long)z[3] + 1; + z[3] = (uint)c; + c >>= 32; + c += (long)z[4] + 1; + z[4] = (uint)c; + c >>= 32; + if (c != 0) + { + Nat.IncAt(12, z, 5); + } + } + + private static void SubPInvFrom(uint[] z) + { + long c = (long)z[0] - 1; + z[0] = (uint)c; + c >>= 32; + c += (long)z[1] + 1; + z[1] = (uint)c; + c >>= 32; + if (c != 0) + { + c += (long)z[2]; + z[2] = (uint)c; + c >>= 32; + } + c += (long)z[3] - 1; + z[3] = (uint)c; + c >>= 32; + c += (long)z[4] - 1; + z[4] = (uint)c; + c >>= 32; + if (c != 0) + { + Nat.DecAt(12, z, 5); + } + } + } +} diff --git a/BouncyCastle/crypto/src/math/ec/custom/sec/SecP384R1FieldElement.cs b/BouncyCastle/crypto/src/math/ec/custom/sec/SecP384R1FieldElement.cs new file mode 100644 index 0000000..d190c4a --- /dev/null +++ b/BouncyCastle/crypto/src/math/ec/custom/sec/SecP384R1FieldElement.cs @@ -0,0 +1,213 @@ +using System; + +using Org.BouncyCastle.Math.Raw; +using Org.BouncyCastle.Utilities; +using Org.BouncyCastle.Utilities.Encoders; + +namespace Org.BouncyCastle.Math.EC.Custom.Sec +{ + internal class SecP384R1FieldElement + : AbstractFpFieldElement + { + public static readonly BigInteger Q = new BigInteger(1, + Hex.DecodeStrict("FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFFFF0000000000000000FFFFFFFF")); + + protected internal readonly uint[] x; + + public SecP384R1FieldElement(BigInteger x) + { + if (x == null || x.SignValue < 0 || x.CompareTo(Q) >= 0) + throw new ArgumentException("value invalid for SecP384R1FieldElement", "x"); + + this.x = SecP384R1Field.FromBigInteger(x); + } + + public SecP384R1FieldElement() + { + this.x = Nat.Create(12); + } + + protected internal SecP384R1FieldElement(uint[] x) + { + this.x = x; + } + + public override bool IsZero + { + get { return Nat.IsZero(12, x); } + } + + public override bool IsOne + { + get { return Nat.IsOne(12, x); } + } + + public override bool TestBitZero() + { + return Nat.GetBit(x, 0) == 1; + } + + public override BigInteger ToBigInteger() + { + return Nat.ToBigInteger(12, x); + } + + public override string FieldName + { + get { return "SecP384R1Field"; } + } + + public override int FieldSize + { + get { return Q.BitLength; } + } + + public override ECFieldElement Add(ECFieldElement b) + { + uint[] z = Nat.Create(12); + SecP384R1Field.Add(x, ((SecP384R1FieldElement)b).x, z); + return new SecP384R1FieldElement(z); + } + + public override ECFieldElement AddOne() + { + uint[] z = Nat.Create(12); + SecP384R1Field.AddOne(x, z); + return new SecP384R1FieldElement(z); + } + + public override ECFieldElement Subtract(ECFieldElement b) + { + uint[] z = Nat.Create(12); + SecP384R1Field.Subtract(x, ((SecP384R1FieldElement)b).x, z); + return new SecP384R1FieldElement(z); + } + + public override ECFieldElement Multiply(ECFieldElement b) + { + uint[] z = Nat.Create(12); + SecP384R1Field.Multiply(x, ((SecP384R1FieldElement)b).x, z); + return new SecP384R1FieldElement(z); + } + + public override ECFieldElement Divide(ECFieldElement b) + { + //return Multiply(b.Invert()); + uint[] z = Nat.Create(12); + SecP384R1Field.Inv(((SecP384R1FieldElement)b).x, z); + SecP384R1Field.Multiply(z, x, z); + return new SecP384R1FieldElement(z); + } + + public override ECFieldElement Negate() + { + uint[] z = Nat.Create(12); + SecP384R1Field.Negate(x, z); + return new SecP384R1FieldElement(z); + } + + public override ECFieldElement Square() + { + uint[] z = Nat.Create(12); + SecP384R1Field.Square(x, z); + return new SecP384R1FieldElement(z); + } + + public override ECFieldElement Invert() + { + //return new SecP384R1FieldElement(ToBigInteger().ModInverse(Q)); + uint[] z = Nat.Create(12); + SecP384R1Field.Inv(x, z); + return new SecP384R1FieldElement(z); + } + + /** + * return a sqrt root - the routine verifies that the calculation returns the right value - if + * none exists it returns null. + */ + public override ECFieldElement Sqrt() + { + // Raise this element to the exponent 2^382 - 2^126 - 2^94 + 2^30 + + uint[] x1 = this.x; + if (Nat.IsZero(12, x1) || Nat.IsOne(12, x1)) + return this; + + uint[] tt0 = Nat.Create(24); + uint[] t1 = Nat.Create(12); + uint[] t2 = Nat.Create(12); + uint[] t3 = Nat.Create(12); + uint[] t4 = Nat.Create(12); + + SecP384R1Field.Square(x1, t1, tt0); + SecP384R1Field.Multiply(t1, x1, t1, tt0); + + SecP384R1Field.SquareN(t1, 2, t2, tt0); + SecP384R1Field.Multiply(t2, t1, t2, tt0); + + SecP384R1Field.Square(t2, t2, tt0); + SecP384R1Field.Multiply(t2, x1, t2, tt0); + + SecP384R1Field.SquareN(t2, 5, t3, tt0); + SecP384R1Field.Multiply(t3, t2, t3, tt0); + + SecP384R1Field.SquareN(t3, 5, t4, tt0); + SecP384R1Field.Multiply(t4, t2, t4, tt0); + + SecP384R1Field.SquareN(t4, 15, t2, tt0); + SecP384R1Field.Multiply(t2, t4, t2, tt0); + + SecP384R1Field.SquareN(t2, 2, t3, tt0); + SecP384R1Field.Multiply(t1, t3, t1, tt0); + + SecP384R1Field.SquareN(t3, 28, t3, tt0); + SecP384R1Field.Multiply(t2, t3, t2, tt0); + + SecP384R1Field.SquareN(t2, 60, t3, tt0); + SecP384R1Field.Multiply(t3, t2, t3, tt0); + + uint[] r = t2; + + SecP384R1Field.SquareN(t3, 120, r, tt0); + SecP384R1Field.Multiply(r, t3, r, tt0); + + SecP384R1Field.SquareN(r, 15, r, tt0); + SecP384R1Field.Multiply(r, t4, r, tt0); + + SecP384R1Field.SquareN(r, 33, r, tt0); + SecP384R1Field.Multiply(r, t1, r, tt0); + + SecP384R1Field.SquareN(r, 64, r, tt0); + SecP384R1Field.Multiply(r, x1, r, tt0); + + SecP384R1Field.SquareN(r, 30, t1, tt0); + SecP384R1Field.Square(t1, t2, tt0); + + return Nat.Eq(12, x1, t2) ? new SecP384R1FieldElement(t1) : null; + } + + public override bool Equals(object obj) + { + return Equals(obj as SecP384R1FieldElement); + } + + public override bool Equals(ECFieldElement other) + { + return Equals(other as SecP384R1FieldElement); + } + + public virtual bool Equals(SecP384R1FieldElement other) + { + if (this == other) + return true; + if (null == other) + return false; + return Nat.Eq(12, x, other.x); + } + + public override int GetHashCode() + { + return Q.GetHashCode() ^ Arrays.GetHashCode(x, 0, 12); + } + } +} diff --git a/BouncyCastle/crypto/src/math/ec/custom/sec/SecP384R1Point.cs b/BouncyCastle/crypto/src/math/ec/custom/sec/SecP384R1Point.cs new file mode 100644 index 0000000..c2c364b --- /dev/null +++ b/BouncyCastle/crypto/src/math/ec/custom/sec/SecP384R1Point.cs @@ -0,0 +1,282 @@ +using System; + +using Org.BouncyCastle.Math.Raw; + +namespace Org.BouncyCastle.Math.EC.Custom.Sec +{ + internal class SecP384R1Point + : AbstractFpPoint + { + /** + * Create a point which encodes with point compression. + * + * @param curve + * the curve to use + * @param x + * affine x co-ordinate + * @param y + * affine y co-ordinate + * + * @deprecated Use ECCurve.createPoint to construct points + */ + public SecP384R1Point(ECCurve curve, ECFieldElement x, ECFieldElement y) + : this(curve, x, y, false) + { + } + + /** + * Create a point that encodes with or without point compresion. + * + * @param curve + * the curve to use + * @param x + * affine x co-ordinate + * @param y + * affine y co-ordinate + * @param withCompression + * if true encode with point compression + * + * @deprecated per-point compression property will be removed, refer + * {@link #getEncoded(bool)} + */ + public SecP384R1Point(ECCurve curve, ECFieldElement x, ECFieldElement y, bool withCompression) + : base(curve, x, y, withCompression) + { + if ((x == null) != (y == null)) + throw new ArgumentException("Exactly one of the field elements is null"); + } + + internal SecP384R1Point(ECCurve curve, ECFieldElement x, ECFieldElement y, ECFieldElement[] zs, bool withCompression) + : base(curve, x, y, zs, withCompression) + { + } + + protected override ECPoint Detach() + { + return new SecP384R1Point(null, AffineXCoord, AffineYCoord); + } + + public override ECPoint Add(ECPoint b) + { + if (this.IsInfinity) + return b; + if (b.IsInfinity) + return this; + if (this == b) + return Twice(); + + ECCurve curve = this.Curve; + + SecP384R1FieldElement X1 = (SecP384R1FieldElement)this.RawXCoord, Y1 = (SecP384R1FieldElement)this.RawYCoord; + SecP384R1FieldElement X2 = (SecP384R1FieldElement)b.RawXCoord, Y2 = (SecP384R1FieldElement)b.RawYCoord; + + SecP384R1FieldElement Z1 = (SecP384R1FieldElement)this.RawZCoords[0]; + SecP384R1FieldElement Z2 = (SecP384R1FieldElement)b.RawZCoords[0]; + + uint c; + uint[] tt0 = Nat.Create(24); + uint[] tt1 = Nat.Create(24); + uint[] tt2 = Nat.Create(24); + uint[] t3 = Nat.Create(12); + uint[] t4 = Nat.Create(12); + + bool Z1IsOne = Z1.IsOne; + uint[] U2, S2; + if (Z1IsOne) + { + U2 = X2.x; + S2 = Y2.x; + } + else + { + S2 = t3; + SecP384R1Field.Square(Z1.x, S2, tt0); + + U2 = tt2; + SecP384R1Field.Multiply(S2, X2.x, U2, tt0); + + SecP384R1Field.Multiply(S2, Z1.x, S2, tt0); + SecP384R1Field.Multiply(S2, Y2.x, S2, tt0); + } + + bool Z2IsOne = Z2.IsOne; + uint[] U1, S1; + if (Z2IsOne) + { + U1 = X1.x; + S1 = Y1.x; + } + else + { + S1 = t4; + SecP384R1Field.Square(Z2.x, S1, tt0); + + U1 = tt1; + SecP384R1Field.Multiply(S1, X1.x, U1, tt0); + + SecP384R1Field.Multiply(S1, Z2.x, S1, tt0); + SecP384R1Field.Multiply(S1, Y1.x, S1, tt0); + } + + uint[] H = Nat.Create(12); + SecP384R1Field.Subtract(U1, U2, H); + + uint[] R = Nat.Create(12); + SecP384R1Field.Subtract(S1, S2, R); + + // Check if b == this or b == -this + if (Nat.IsZero(12, H)) + { + if (Nat.IsZero(12, R)) + { + // this == b, i.e. this must be doubled + return this.Twice(); + } + + // this == -b, i.e. the result is the point at infinity + return curve.Infinity; + } + + uint[] HSquared = t3; + SecP384R1Field.Square(H, HSquared, tt0); + + uint[] G = Nat.Create(12); + SecP384R1Field.Multiply(HSquared, H, G, tt0); + + uint[] V = t3; + SecP384R1Field.Multiply(HSquared, U1, V, tt0); + + SecP384R1Field.Negate(G, G); + Nat384.Mul(S1, G, tt1); + + c = Nat.AddBothTo(12, V, V, G); + SecP384R1Field.Reduce32(c, G); + + SecP384R1FieldElement X3 = new SecP384R1FieldElement(t4); + SecP384R1Field.Square(R, X3.x, tt0); + SecP384R1Field.Subtract(X3.x, G, X3.x); + + SecP384R1FieldElement Y3 = new SecP384R1FieldElement(G); + SecP384R1Field.Subtract(V, X3.x, Y3.x); + Nat384.Mul(Y3.x, R, tt2); + SecP384R1Field.AddExt(tt1, tt2, tt1); + SecP384R1Field.Reduce(tt1, Y3.x); + + SecP384R1FieldElement Z3 = new SecP384R1FieldElement(H); + if (!Z1IsOne) + { + SecP384R1Field.Multiply(Z3.x, Z1.x, Z3.x, tt0); + } + if (!Z2IsOne) + { + SecP384R1Field.Multiply(Z3.x, Z2.x, Z3.x, tt0); + } + + ECFieldElement[] zs = new ECFieldElement[] { Z3 }; + + return new SecP384R1Point(curve, X3, Y3, zs, IsCompressed); + } + + public override ECPoint Twice() + { + if (this.IsInfinity) + return this; + + ECCurve curve = this.Curve; + + SecP384R1FieldElement Y1 = (SecP384R1FieldElement)this.RawYCoord; + if (Y1.IsZero) + return curve.Infinity; + + SecP384R1FieldElement X1 = (SecP384R1FieldElement)this.RawXCoord, Z1 = (SecP384R1FieldElement)this.RawZCoords[0]; + + uint c; + uint[] tt0 = Nat.Create(24); + uint[] t1 = Nat.Create(12); + uint[] t2 = Nat.Create(12); + + uint[] Y1Squared = Nat.Create(12); + SecP384R1Field.Square(Y1.x, Y1Squared, tt0); + + uint[] T = Nat.Create(12); + SecP384R1Field.Square(Y1Squared, T, tt0); + + bool Z1IsOne = Z1.IsOne; + + uint[] Z1Squared = Z1.x; + if (!Z1IsOne) + { + Z1Squared = t2; + SecP384R1Field.Square(Z1.x, Z1Squared, tt0); + } + + SecP384R1Field.Subtract(X1.x, Z1Squared, t1); + + uint[] M = t2; + SecP384R1Field.Add(X1.x, Z1Squared, M); + SecP384R1Field.Multiply(M, t1, M, tt0); + c = Nat.AddBothTo(12, M, M, M); + SecP384R1Field.Reduce32(c, M); + + uint[] S = Y1Squared; + SecP384R1Field.Multiply(Y1Squared, X1.x, S, tt0); + c = Nat.ShiftUpBits(12, S, 2, 0); + SecP384R1Field.Reduce32(c, S); + + c = Nat.ShiftUpBits(12, T, 3, 0, t1); + SecP384R1Field.Reduce32(c, t1); + + SecP384R1FieldElement X3 = new SecP384R1FieldElement(T); + SecP384R1Field.Square(M, X3.x, tt0); + SecP384R1Field.Subtract(X3.x, S, X3.x); + SecP384R1Field.Subtract(X3.x, S, X3.x); + + SecP384R1FieldElement Y3 = new SecP384R1FieldElement(S); + SecP384R1Field.Subtract(S, X3.x, Y3.x); + SecP384R1Field.Multiply(Y3.x, M, Y3.x, tt0); + SecP384R1Field.Subtract(Y3.x, t1, Y3.x); + + SecP384R1FieldElement Z3 = new SecP384R1FieldElement(M); + SecP384R1Field.Twice(Y1.x, Z3.x); + if (!Z1IsOne) + { + SecP384R1Field.Multiply(Z3.x, Z1.x, Z3.x, tt0); + } + + return new SecP384R1Point(curve, X3, Y3, new ECFieldElement[] { Z3 }, IsCompressed); + } + + public override ECPoint TwicePlus(ECPoint b) + { + if (this == b) + return ThreeTimes(); + if (this.IsInfinity) + return b; + if (b.IsInfinity) + return Twice(); + + ECFieldElement Y1 = this.RawYCoord; + if (Y1.IsZero) + return b; + + return Twice().Add(b); + } + + public override ECPoint ThreeTimes() + { + if (this.IsInfinity || this.RawYCoord.IsZero) + return this; + + // NOTE: Be careful about recursions between TwicePlus and ThreeTimes + return Twice().Add(this); + } + + public override ECPoint Negate() + { + if (IsInfinity) + return this; + + return new SecP384R1Point(Curve, RawXCoord, RawYCoord.Negate(), RawZCoords, IsCompressed); + } + } +} diff --git a/BouncyCastle/crypto/src/math/ec/custom/sec/SecP521R1Curve.cs b/BouncyCastle/crypto/src/math/ec/custom/sec/SecP521R1Curve.cs new file mode 100644 index 0000000..143176b --- /dev/null +++ b/BouncyCastle/crypto/src/math/ec/custom/sec/SecP521R1Curve.cs @@ -0,0 +1,170 @@ +using System; + +using Org.BouncyCastle.Math.Raw; +using Org.BouncyCastle.Security; +using Org.BouncyCastle.Utilities.Encoders; + +namespace Org.BouncyCastle.Math.EC.Custom.Sec +{ + internal class SecP521R1Curve + : AbstractFpCurve + { + public static readonly BigInteger q = SecP521R1FieldElement.Q; + + private const int SECP521R1_DEFAULT_COORDS = COORD_JACOBIAN; + private const int SECP521R1_FE_INTS = 17; + private static readonly ECFieldElement[] SECP521R1_AFFINE_ZS = new ECFieldElement[] { new SecP521R1FieldElement(BigInteger.One) }; + + protected readonly SecP521R1Point m_infinity; + + public SecP521R1Curve() + : base(q) + { + this.m_infinity = new SecP521R1Point(this, null, null); + + this.m_a = FromBigInteger(new BigInteger(1, + Hex.DecodeStrict("01FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFC"))); + this.m_b = FromBigInteger(new BigInteger(1, + Hex.DecodeStrict("0051953EB9618E1C9A1F929A21A0B68540EEA2DA725B99B315F3B8B489918EF109E156193951EC7E937B1652C0BD3BB1BF073573DF883D2C34F1EF451FD46B503F00"))); + this.m_order = new BigInteger(1, Hex.DecodeStrict("01FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFA51868783BF2F966B7FCC0148F709A5D03BB5C9B8899C47AEBB6FB71E91386409")); + this.m_cofactor = BigInteger.One; + this.m_coord = SECP521R1_DEFAULT_COORDS; + } + + protected override ECCurve CloneCurve() + { + return new SecP521R1Curve(); + } + + public override bool SupportsCoordinateSystem(int coord) + { + switch (coord) + { + case COORD_JACOBIAN: + return true; + default: + return false; + } + } + + public virtual BigInteger Q + { + get { return q; } + } + + public override ECPoint Infinity + { + get { return m_infinity; } + } + + public override int FieldSize + { + get { return q.BitLength; } + } + + public override ECFieldElement FromBigInteger(BigInteger x) + { + return new SecP521R1FieldElement(x); + } + + protected internal override ECPoint CreateRawPoint(ECFieldElement x, ECFieldElement y, bool withCompression) + { + return new SecP521R1Point(this, x, y, withCompression); + } + + protected internal override ECPoint CreateRawPoint(ECFieldElement x, ECFieldElement y, ECFieldElement[] zs, bool withCompression) + { + return new SecP521R1Point(this, x, y, zs, withCompression); + } + + public override ECLookupTable CreateCacheSafeLookupTable(ECPoint[] points, int off, int len) + { + uint[] table = new uint[len * SECP521R1_FE_INTS * 2]; + { + int pos = 0; + for (int i = 0; i < len; ++i) + { + ECPoint p = points[off + i]; + Nat.Copy(SECP521R1_FE_INTS, ((SecP521R1FieldElement)p.RawXCoord).x, 0, table, pos); pos += SECP521R1_FE_INTS; + Nat.Copy(SECP521R1_FE_INTS, ((SecP521R1FieldElement)p.RawYCoord).x, 0, table, pos); pos += SECP521R1_FE_INTS; + } + } + + return new SecP521R1LookupTable(this, table, len); + } + + public override ECFieldElement RandomFieldElement(SecureRandom r) + { + uint[] x = Nat.Create(17); + SecP521R1Field.Random(r, x); + return new SecP521R1FieldElement(x); + } + + public override ECFieldElement RandomFieldElementMult(SecureRandom r) + { + uint[] x = Nat.Create(17); + SecP521R1Field.RandomMult(r, x); + return new SecP521R1FieldElement(x); + } + + private class SecP521R1LookupTable + : AbstractECLookupTable + { + private readonly SecP521R1Curve m_outer; + private readonly uint[] m_table; + private readonly int m_size; + + internal SecP521R1LookupTable(SecP521R1Curve outer, uint[] table, int size) + { + this.m_outer = outer; + this.m_table = table; + this.m_size = size; + } + + public override int Size + { + get { return m_size; } + } + + public override ECPoint Lookup(int index) + { + uint[] x = Nat.Create(SECP521R1_FE_INTS), y = Nat.Create(SECP521R1_FE_INTS); + int pos = 0; + + for (int i = 0; i < m_size; ++i) + { + uint MASK = (uint)(((i ^ index) - 1) >> 31); + + for (int j = 0; j < SECP521R1_FE_INTS; ++j) + { + x[j] ^= m_table[pos + j] & MASK; + y[j] ^= m_table[pos + SECP521R1_FE_INTS + j] & MASK; + } + + pos += (SECP521R1_FE_INTS * 2); + } + + return CreatePoint(x, y); + } + + public override ECPoint LookupVar(int index) + { + uint[] x = Nat.Create(SECP521R1_FE_INTS), y = Nat.Create(SECP521R1_FE_INTS); + int pos = index * SECP521R1_FE_INTS * 2; + + for (int j = 0; j < SECP521R1_FE_INTS; ++j) + { + x[j] = m_table[pos + j]; + y[j] = m_table[pos + SECP521R1_FE_INTS + j]; + } + + return CreatePoint(x, y); + } + + private ECPoint CreatePoint(uint[] x, uint[] y) + { + return m_outer.CreateRawPoint(new SecP521R1FieldElement(x), new SecP521R1FieldElement(y), SECP521R1_AFFINE_ZS, false); + } + } + } +} diff --git a/BouncyCastle/crypto/src/math/ec/custom/sec/SecP521R1Field.cs b/BouncyCastle/crypto/src/math/ec/custom/sec/SecP521R1Field.cs new file mode 100644 index 0000000..293c7ab --- /dev/null +++ b/BouncyCastle/crypto/src/math/ec/custom/sec/SecP521R1Field.cs @@ -0,0 +1,222 @@ +using System; +using System.Diagnostics; + +using Org.BouncyCastle.Crypto.Utilities; +using Org.BouncyCastle.Math.Raw; +using Org.BouncyCastle.Security; + +namespace Org.BouncyCastle.Math.EC.Custom.Sec +{ + internal class SecP521R1Field + { + // 2^521 - 1 + internal static readonly uint[] P = new uint[]{ 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, + 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, + 0xFFFFFFFF, 0xFFFFFFFF, 0x1FF }; + private const uint P16 = 0x1FFU; + + public static void Add(uint[] x, uint[] y, uint[] z) + { + uint c = Nat.Add(16, x, y, z) + x[16] + y[16]; + if (c > P16 || (c == P16 && Nat.Eq(16, z, P))) + { + c += Nat.Inc(16, z); + c &= P16; + } + z[16] = c; + } + + public static void AddOne(uint[] x, uint[] z) + { + uint c = Nat.Inc(16, x, z) + x[16]; + if (c > P16 || (c == P16 && Nat.Eq(16, z, P))) + { + c += Nat.Inc(16, z); + c &= P16; + } + z[16] = c; + } + + public static uint[] FromBigInteger(BigInteger x) + { + uint[] z = Nat.FromBigInteger(521, x); + if (Nat.Eq(17, z, P)) + { + Nat.Zero(17, z); + } + return z; + } + + public static void Half(uint[] x, uint[] z) + { + uint x16 = x[16]; + uint c = Nat.ShiftDownBit(16, x, x16, z); + z[16] = (x16 >> 1) | (c >> 23); + } + + public static void Inv(uint[] x, uint[] z) + { + Mod.CheckedModOddInverse(P, x, z); + } + + public static int IsZero(uint[] x) + { + uint d = 0; + for (int i = 0; i < 17; ++i) + { + d |= x[i]; + } + d = (d >> 1) | (d & 1); + return ((int)d - 1) >> 31; + } + + public static void Multiply(uint[] x, uint[] y, uint[] z) + { + uint[] tt = Nat.Create(33); + ImplMultiply(x, y, tt); + Reduce(tt, z); + } + + public static void Multiply(uint[] x, uint[] y, uint[] z, uint[] tt) + { + ImplMultiply(x, y, tt); + Reduce(tt, z); + } + + public static void Negate(uint[] x, uint[] z) + { + if (0 != IsZero(x)) + { + Nat.Sub(17, P, P, z); + } + else + { + Nat.Sub(17, P, x, z); + } + } + + public static void Random(SecureRandom r, uint[] z) + { + byte[] bb = new byte[17 * 4]; + do + { + r.NextBytes(bb); + Pack.LE_To_UInt32(bb, 0, z, 0, 17); + z[16] &= P16; + } + while (0 == Nat.LessThan(17, z, P)); + } + + public static void RandomMult(SecureRandom r, uint[] z) + { + do + { + Random(r, z); + } + while (0 != IsZero(z)); + } + + public static void Reduce(uint[] xx, uint[] z) + { + Debug.Assert(xx[32] >> 18 == 0); + uint xx32 = xx[32]; + uint c = Nat.ShiftDownBits(16, xx, 16, 9, xx32, z, 0) >> 23; + c += xx32 >> 9; + c += Nat.AddTo(16, xx, z); + if (c > P16 || (c == P16 && Nat.Eq(16, z, P))) + { + c += Nat.Inc(16, z); + c &= P16; + } + z[16] = c; + } + + public static void Reduce23(uint[] z) + { + uint z16 = z[16]; + uint c = Nat.AddWordTo(16, z16 >> 9, z) + (z16 & P16); + if (c > P16 || (c == P16 && Nat.Eq(16, z, P))) + { + c += Nat.Inc(16, z); + c &= P16; + } + z[16] = c; + } + + public static void Square(uint[] x, uint[] z) + { + uint[] tt = Nat.Create(33); + ImplSquare(x, tt); + Reduce(tt, z); + } + + public static void Square(uint[] x, uint[] z, uint[] tt) + { + ImplSquare(x, tt); + Reduce(tt, z); + } + + public static void SquareN(uint[] x, int n, uint[] z) + { + Debug.Assert(n > 0); + + uint[] tt = Nat.Create(33); + ImplSquare(x, tt); + Reduce(tt, z); + + while (--n > 0) + { + ImplSquare(z, tt); + Reduce(tt, z); + } + } + + public static void SquareN(uint[] x, int n, uint[] z, uint[] tt) + { + Debug.Assert(n > 0); + + ImplSquare(x, tt); + Reduce(tt, z); + + while (--n > 0) + { + ImplSquare(z, tt); + Reduce(tt, z); + } + } + + public static void Subtract(uint[] x, uint[] y, uint[] z) + { + int c = Nat.Sub(16, x, y, z) + (int)(x[16] - y[16]); + if (c < 0) + { + c += Nat.Dec(16, z); + c &= (int)P16; + } + z[16] = (uint)c; + } + + public static void Twice(uint[] x, uint[] z) + { + uint x16 = x[16]; + uint c = Nat.ShiftUpBit(16, x, x16 << 23, z) | (x16 << 1); + z[16] = c & P16; + } + + protected static void ImplMultiply(uint[] x, uint[] y, uint[] zz) + { + Nat512.Mul(x, y, zz); + + uint x16 = x[16], y16 = y[16]; + zz[32] = Nat.Mul31BothAdd(16, x16, y, y16, x, zz, 16) + (x16 * y16); + } + + protected static void ImplSquare(uint[] x, uint[] zz) + { + Nat512.Square(x, zz); + + uint x16 = x[16]; + zz[32] = Nat.MulWordAddTo(16, x16 << 1, x, 0, zz, 16) + (x16 * x16); + } + } +} diff --git a/BouncyCastle/crypto/src/math/ec/custom/sec/SecP521R1FieldElement.cs b/BouncyCastle/crypto/src/math/ec/custom/sec/SecP521R1FieldElement.cs new file mode 100644 index 0000000..4093525 --- /dev/null +++ b/BouncyCastle/crypto/src/math/ec/custom/sec/SecP521R1FieldElement.cs @@ -0,0 +1,170 @@ +using System; + +using Org.BouncyCastle.Math.Raw; +using Org.BouncyCastle.Utilities; +using Org.BouncyCastle.Utilities.Encoders; + +namespace Org.BouncyCastle.Math.EC.Custom.Sec +{ + internal class SecP521R1FieldElement + : AbstractFpFieldElement + { + public static readonly BigInteger Q = new BigInteger(1, + Hex.DecodeStrict("01FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF")); + + protected internal readonly uint[] x; + + public SecP521R1FieldElement(BigInteger x) + { + if (x == null || x.SignValue < 0 || x.CompareTo(Q) >= 0) + throw new ArgumentException("value invalid for SecP521R1FieldElement", "x"); + + this.x = SecP521R1Field.FromBigInteger(x); + } + + public SecP521R1FieldElement() + { + this.x = Nat.Create(17); + } + + protected internal SecP521R1FieldElement(uint[] x) + { + this.x = x; + } + + public override bool IsZero + { + get { return Nat.IsZero(17, x); } + } + + public override bool IsOne + { + get { return Nat.IsOne(17, x); } + } + + public override bool TestBitZero() + { + return Nat.GetBit(x, 0) == 1; + } + + public override BigInteger ToBigInteger() + { + return Nat.ToBigInteger(17, x); + } + + public override string FieldName + { + get { return "SecP521R1Field"; } + } + + public override int FieldSize + { + get { return Q.BitLength; } + } + + public override ECFieldElement Add(ECFieldElement b) + { + uint[] z = Nat.Create(17); + SecP521R1Field.Add(x, ((SecP521R1FieldElement)b).x, z); + return new SecP521R1FieldElement(z); + } + + public override ECFieldElement AddOne() + { + uint[] z = Nat.Create(17); + SecP521R1Field.AddOne(x, z); + return new SecP521R1FieldElement(z); + } + + public override ECFieldElement Subtract(ECFieldElement b) + { + uint[] z = Nat.Create(17); + SecP521R1Field.Subtract(x, ((SecP521R1FieldElement)b).x, z); + return new SecP521R1FieldElement(z); + } + + public override ECFieldElement Multiply(ECFieldElement b) + { + uint[] z = Nat.Create(17); + SecP521R1Field.Multiply(x, ((SecP521R1FieldElement)b).x, z); + return new SecP521R1FieldElement(z); + } + + public override ECFieldElement Divide(ECFieldElement b) + { + //return Multiply(b.Invert()); + uint[] z = Nat.Create(17); + SecP521R1Field.Inv(((SecP521R1FieldElement)b).x, z); + SecP521R1Field.Multiply(z, x, z); + return new SecP521R1FieldElement(z); + } + + public override ECFieldElement Negate() + { + uint[] z = Nat.Create(17); + SecP521R1Field.Negate(x, z); + return new SecP521R1FieldElement(z); + } + + public override ECFieldElement Square() + { + uint[] z = Nat.Create(17); + SecP521R1Field.Square(x, z); + return new SecP521R1FieldElement(z); + } + + public override ECFieldElement Invert() + { + //return new SecP521R1FieldElement(ToBigInteger().ModInverse(Q)); + uint[] z = Nat.Create(17); + SecP521R1Field.Inv(x, z); + return new SecP521R1FieldElement(z); + } + + /** + * return a sqrt root - the routine verifies that the calculation returns the right value - if + * none exists it returns null. + */ + public override ECFieldElement Sqrt() + { + // Raise this element to the exponent 2^519 + + uint[] x1 = this.x; + if (Nat.IsZero(17, x1) || Nat.IsOne(17, x1)) + return this; + + uint[] tt0 = Nat.Create(33); + uint[] t1 = Nat.Create(17); + uint[] t2 = Nat.Create(17); + + SecP521R1Field.SquareN(x1, 519, t1, tt0); + SecP521R1Field.Square(t1, t2, tt0); + + return Nat.Eq(17, x1, t2) ? new SecP521R1FieldElement(t1) : null; + } + + public override bool Equals(object obj) + { + return Equals(obj as SecP521R1FieldElement); + } + + public override bool Equals(ECFieldElement other) + { + return Equals(other as SecP521R1FieldElement); + } + + public virtual bool Equals(SecP521R1FieldElement other) + { + if (this == other) + return true; + if (null == other) + return false; + return Nat.Eq(17, x, other.x); + } + + public override int GetHashCode() + { + return Q.GetHashCode() ^ Arrays.GetHashCode(x, 0, 17); + } + } +} diff --git a/BouncyCastle/crypto/src/math/ec/custom/sec/SecP521R1Point.cs b/BouncyCastle/crypto/src/math/ec/custom/sec/SecP521R1Point.cs new file mode 100644 index 0000000..7fc1927 --- /dev/null +++ b/BouncyCastle/crypto/src/math/ec/custom/sec/SecP521R1Point.cs @@ -0,0 +1,277 @@ +using System; + +using Org.BouncyCastle.Math.Raw; + +namespace Org.BouncyCastle.Math.EC.Custom.Sec +{ + internal class SecP521R1Point + : AbstractFpPoint + { + /** + * Create a point which encodes with point compression. + * + * @param curve + * the curve to use + * @param x + * affine x co-ordinate + * @param y + * affine y co-ordinate + * + * @deprecated Use ECCurve.createPoint to construct points + */ + public SecP521R1Point(ECCurve curve, ECFieldElement x, ECFieldElement y) + : this(curve, x, y, false) + { + } + + /** + * Create a point that encodes with or without point compresion. + * + * @param curve + * the curve to use + * @param x + * affine x co-ordinate + * @param y + * affine y co-ordinate + * @param withCompression + * if true encode with point compression + * + * @deprecated per-point compression property will be removed, refer + * {@link #getEncoded(bool)} + */ + public SecP521R1Point(ECCurve curve, ECFieldElement x, ECFieldElement y, bool withCompression) + : base(curve, x, y, withCompression) + { + if ((x == null) != (y == null)) + throw new ArgumentException("Exactly one of the field elements is null"); + } + + internal SecP521R1Point(ECCurve curve, ECFieldElement x, ECFieldElement y, ECFieldElement[] zs, bool withCompression) + : base(curve, x, y, zs, withCompression) + { + } + + protected override ECPoint Detach() + { + return new SecP521R1Point(null, AffineXCoord, AffineYCoord); + } + + public override ECPoint Add(ECPoint b) + { + if (this.IsInfinity) + return b; + if (b.IsInfinity) + return this; + if (this == b) + return Twice(); + + ECCurve curve = this.Curve; + + SecP521R1FieldElement X1 = (SecP521R1FieldElement)this.RawXCoord, Y1 = (SecP521R1FieldElement)this.RawYCoord; + SecP521R1FieldElement X2 = (SecP521R1FieldElement)b.RawXCoord, Y2 = (SecP521R1FieldElement)b.RawYCoord; + + SecP521R1FieldElement Z1 = (SecP521R1FieldElement)this.RawZCoords[0]; + SecP521R1FieldElement Z2 = (SecP521R1FieldElement)b.RawZCoords[0]; + + uint[] tt0 = Nat.Create(33); + uint[] t1 = Nat.Create(17); + uint[] t2 = Nat.Create(17); + uint[] t3 = Nat.Create(17); + uint[] t4 = Nat.Create(17); + + bool Z1IsOne = Z1.IsOne; + uint[] U2, S2; + if (Z1IsOne) + { + U2 = X2.x; + S2 = Y2.x; + } + else + { + S2 = t3; + SecP521R1Field.Square(Z1.x, S2, tt0); + + U2 = t2; + SecP521R1Field.Multiply(S2, X2.x, U2, tt0); + + SecP521R1Field.Multiply(S2, Z1.x, S2, tt0); + SecP521R1Field.Multiply(S2, Y2.x, S2, tt0); + } + + bool Z2IsOne = Z2.IsOne; + uint[] U1, S1; + if (Z2IsOne) + { + U1 = X1.x; + S1 = Y1.x; + } + else + { + S1 = t4; + SecP521R1Field.Square(Z2.x, S1, tt0); + + U1 = t1; + SecP521R1Field.Multiply(S1, X1.x, U1, tt0); + + SecP521R1Field.Multiply(S1, Z2.x, S1, tt0); + SecP521R1Field.Multiply(S1, Y1.x, S1, tt0); + } + + uint[] H = Nat.Create(17); + SecP521R1Field.Subtract(U1, U2, H); + + uint[] R = t2; + SecP521R1Field.Subtract(S1, S2, R); + + // Check if b == this or b == -this + if (Nat.IsZero(17, H)) + { + if (Nat.IsZero(17, R)) + { + // this == b, i.e. this must be doubled + return this.Twice(); + } + + // this == -b, i.e. the result is the point at infinity + return curve.Infinity; + } + + uint[] HSquared = t3; + SecP521R1Field.Square(H, HSquared, tt0); + + uint[] G = Nat.Create(17); + SecP521R1Field.Multiply(HSquared, H, G, tt0); + + uint[] V = t3; + SecP521R1Field.Multiply(HSquared, U1, V, tt0); + + SecP521R1Field.Multiply(S1, G, t1, tt0); + + SecP521R1FieldElement X3 = new SecP521R1FieldElement(t4); + SecP521R1Field.Square(R, X3.x, tt0); + SecP521R1Field.Add(X3.x, G, X3.x); + SecP521R1Field.Subtract(X3.x, V, X3.x); + SecP521R1Field.Subtract(X3.x, V, X3.x); + + SecP521R1FieldElement Y3 = new SecP521R1FieldElement(G); + SecP521R1Field.Subtract(V, X3.x, Y3.x); + SecP521R1Field.Multiply(Y3.x, R, t2, tt0); + SecP521R1Field.Subtract(t2, t1, Y3.x); + + SecP521R1FieldElement Z3 = new SecP521R1FieldElement(H); + if (!Z1IsOne) + { + SecP521R1Field.Multiply(Z3.x, Z1.x, Z3.x, tt0); + } + if (!Z2IsOne) + { + SecP521R1Field.Multiply(Z3.x, Z2.x, Z3.x, tt0); + } + + ECFieldElement[] zs = new ECFieldElement[] { Z3 }; + + return new SecP521R1Point(curve, X3, Y3, zs, IsCompressed); + } + + public override ECPoint Twice() + { + if (this.IsInfinity) + return this; + + ECCurve curve = this.Curve; + + SecP521R1FieldElement Y1 = (SecP521R1FieldElement)this.RawYCoord; + if (Y1.IsZero) + return curve.Infinity; + + SecP521R1FieldElement X1 = (SecP521R1FieldElement)this.RawXCoord, Z1 = (SecP521R1FieldElement)this.RawZCoords[0]; + + uint[] tt0 = Nat.Create(33); + uint[] t1 = Nat.Create(17); + uint[] t2 = Nat.Create(17); + + uint[] Y1Squared = Nat.Create(17); + SecP521R1Field.Square(Y1.x, Y1Squared, tt0); + + uint[] T = Nat.Create(17); + SecP521R1Field.Square(Y1Squared, T, tt0); + + bool Z1IsOne = Z1.IsOne; + + uint[] Z1Squared = Z1.x; + if (!Z1IsOne) + { + Z1Squared = t2; + SecP521R1Field.Square(Z1.x, Z1Squared, tt0); + } + + SecP521R1Field.Subtract(X1.x, Z1Squared, t1); + + uint[] M = t2; + SecP521R1Field.Add(X1.x, Z1Squared, M); + SecP521R1Field.Multiply(M, t1, M, tt0); + Nat.AddBothTo(17, M, M, M); + SecP521R1Field.Reduce23(M); + + uint[] S = Y1Squared; + SecP521R1Field.Multiply(Y1Squared, X1.x, S, tt0); + Nat.ShiftUpBits(17, S, 2, 0); + SecP521R1Field.Reduce23(S); + + Nat.ShiftUpBits(17, T, 3, 0, t1); + SecP521R1Field.Reduce23(t1); + + SecP521R1FieldElement X3 = new SecP521R1FieldElement(T); + SecP521R1Field.Square(M, X3.x, tt0); + SecP521R1Field.Subtract(X3.x, S, X3.x); + SecP521R1Field.Subtract(X3.x, S, X3.x); + + SecP521R1FieldElement Y3 = new SecP521R1FieldElement(S); + SecP521R1Field.Subtract(S, X3.x, Y3.x); + SecP521R1Field.Multiply(Y3.x, M, Y3.x, tt0); + SecP521R1Field.Subtract(Y3.x, t1, Y3.x); + + SecP521R1FieldElement Z3 = new SecP521R1FieldElement(M); + SecP521R1Field.Twice(Y1.x, Z3.x); + if (!Z1IsOne) + { + SecP521R1Field.Multiply(Z3.x, Z1.x, Z3.x, tt0); + } + + return new SecP521R1Point(curve, X3, Y3, new ECFieldElement[] { Z3 }, IsCompressed); + } + + public override ECPoint TwicePlus(ECPoint b) + { + if (this == b) + return ThreeTimes(); + if (this.IsInfinity) + return b; + if (b.IsInfinity) + return Twice(); + + ECFieldElement Y1 = this.RawYCoord; + if (Y1.IsZero) + return b; + + return Twice().Add(b); + } + + public override ECPoint ThreeTimes() + { + if (this.IsInfinity || this.RawYCoord.IsZero) + return this; + + // NOTE: Be careful about recursions between TwicePlus and ThreeTimes + return Twice().Add(this); + } + + public override ECPoint Negate() + { + if (IsInfinity) + return this; + + return new SecP521R1Point(Curve, RawXCoord, RawYCoord.Negate(), RawZCoords, IsCompressed); + } + } +} diff --git a/BouncyCastle/crypto/src/math/ec/custom/sec/SecT113Field.cs b/BouncyCastle/crypto/src/math/ec/custom/sec/SecT113Field.cs new file mode 100644 index 0000000..56738a2 --- /dev/null +++ b/BouncyCastle/crypto/src/math/ec/custom/sec/SecT113Field.cs @@ -0,0 +1,243 @@ +using System; +using System.Diagnostics; + +using Org.BouncyCastle.Math.Raw; + +namespace Org.BouncyCastle.Math.EC.Custom.Sec +{ + internal class SecT113Field + { + private const ulong M49 = ulong.MaxValue >> 15; + private const ulong M57 = ulong.MaxValue >> 7; + + public static void Add(ulong[] x, ulong[] y, ulong[] z) + { + z[0] = x[0] ^ y[0]; + z[1] = x[1] ^ y[1]; + } + + public static void AddExt(ulong[] xx, ulong[] yy, ulong[] zz) + { + zz[0] = xx[0] ^ yy[0]; + zz[1] = xx[1] ^ yy[1]; + zz[2] = xx[2] ^ yy[2]; + zz[3] = xx[3] ^ yy[3]; + } + + public static void AddOne(ulong[] x, ulong[] z) + { + z[0] = x[0] ^ 1UL; + z[1] = x[1]; + } + + private static void AddTo(ulong[] x, ulong[] z) + { + z[0] ^= x[0]; + z[1] ^= x[1]; + } + + public static ulong[] FromBigInteger(BigInteger x) + { + return Nat.FromBigInteger64(113, x); + } + + public static void HalfTrace(ulong[] x, ulong[] z) + { + ulong[] tt = Nat128.CreateExt64(); + + Nat128.Copy64(x, z); + for (int i = 1; i < 113; i += 2) + { + ImplSquare(z, tt); + Reduce(tt, z); + ImplSquare(z, tt); + Reduce(tt, z); + AddTo(x, z); + } + } + + public static void Invert(ulong[] x, ulong[] z) + { + if (Nat128.IsZero64(x)) + throw new InvalidOperationException(); + + // Itoh-Tsujii inversion + + ulong[] t0 = Nat128.Create64(); + ulong[] t1 = Nat128.Create64(); + + Square(x, t0); + Multiply(t0, x, t0); + Square(t0, t0); + Multiply(t0, x, t0); + SquareN(t0, 3, t1); + Multiply(t1, t0, t1); + Square(t1, t1); + Multiply(t1, x, t1); + SquareN(t1, 7, t0); + Multiply(t0, t1, t0); + SquareN(t0, 14, t1); + Multiply(t1, t0, t1); + SquareN(t1, 28, t0); + Multiply(t0, t1, t0); + SquareN(t0, 56, t1); + Multiply(t1, t0, t1); + Square(t1, z); + } + + public static void Multiply(ulong[] x, ulong[] y, ulong[] z) + { + ulong[] tt = new ulong[8]; + ImplMultiply(x, y, tt); + Reduce(tt, z); + } + + public static void MultiplyAddToExt(ulong[] x, ulong[] y, ulong[] zz) + { + ulong[] tt = new ulong[8]; + ImplMultiply(x, y, tt); + AddExt(zz, tt, zz); + } + + public static void Reduce(ulong[] xx, ulong[] z) + { + ulong x0 = xx[0], x1 = xx[1], x2 = xx[2], x3 = xx[3]; + + x1 ^= (x3 << 15) ^ (x3 << 24); + x2 ^= (x3 >> 49) ^ (x3 >> 40); + + x0 ^= (x2 << 15) ^ (x2 << 24); + x1 ^= (x2 >> 49) ^ (x2 >> 40); + + ulong t = x1 >> 49; + z[0] = x0 ^ t ^ (t << 9); + z[1] = x1 & M49; + } + + public static void Reduce15(ulong[] z, int zOff) + { + ulong z1 = z[zOff + 1], t = z1 >> 49; + z[zOff ] ^= t ^ (t << 9); + z[zOff + 1] = z1 & M49; + } + + public static void Sqrt(ulong[] x, ulong[] z) + { + ulong u0 = Interleave.Unshuffle(x[0]), u1 = Interleave.Unshuffle(x[1]); + ulong e0 = (u0 & 0x00000000FFFFFFFFUL) | (u1 << 32); + ulong c0 = (u0 >> 32) | (u1 & 0xFFFFFFFF00000000UL); + + z[0] = e0 ^ (c0 << 57) ^ (c0 << 5); + z[1] = (c0 >> 7) ^ (c0 >> 59); + } + + public static void Square(ulong[] x, ulong[] z) + { + ulong[] tt = Nat128.CreateExt64(); + ImplSquare(x, tt); + Reduce(tt, z); + } + + public static void SquareAddToExt(ulong[] x, ulong[] zz) + { + ulong[] tt = Nat128.CreateExt64(); + ImplSquare(x, tt); + AddExt(zz, tt, zz); + } + + public static void SquareN(ulong[] x, int n, ulong[] z) + { + Debug.Assert(n > 0); + + ulong[] tt = Nat128.CreateExt64(); + ImplSquare(x, tt); + Reduce(tt, z); + + while (--n > 0) + { + ImplSquare(z, tt); + Reduce(tt, z); + } + } + + public static uint Trace(ulong[] x) + { + // Non-zero-trace bits: 0 + return (uint)(x[0]) & 1U; + } + + protected static void ImplMultiply(ulong[] x, ulong[] y, ulong[] zz) + { + /* + * "Three-way recursion" as described in "Batch binary Edwards", Daniel J. Bernstein. + */ + + ulong f0 = x[0], f1 = x[1]; + f1 = ((f0 >> 57) ^ (f1 << 7)) & M57; + f0 &= M57; + + ulong g0 = y[0], g1 = y[1]; + g1 = ((g0 >> 57) ^ (g1 << 7)) & M57; + g0 &= M57; + + ulong[] u = zz; + ulong[] H = new ulong[6]; + + ImplMulw(u, f0, g0, H, 0); // H(0) 57/56 bits + ImplMulw(u, f1, g1, H, 2); // H(INF) 57/54 bits + ImplMulw(u, f0 ^ f1, g0 ^ g1, H, 4); // H(1) 57/56 bits + + ulong r = H[1] ^ H[2]; + ulong z0 = H[0], + z3 = H[3], + z1 = H[4] ^ z0 ^ r, + z2 = H[5] ^ z3 ^ r; + + zz[0] = z0 ^ (z1 << 57); + zz[1] = (z1 >> 7) ^ (z2 << 50); + zz[2] = (z2 >> 14) ^ (z3 << 43); + zz[3] = (z3 >> 21); + } + + protected static void ImplMulw(ulong[] u, ulong x, ulong y, ulong[] z, int zOff) + { + Debug.Assert(x >> 57 == 0); + Debug.Assert(y >> 57 == 0); + + //u[0] = 0; + u[1] = y; + u[2] = u[1] << 1; + u[3] = u[2] ^ y; + u[4] = u[2] << 1; + u[5] = u[4] ^ y; + u[6] = u[3] << 1; + u[7] = u[6] ^ y; + + uint j = (uint)x; + ulong g, h = 0, l = u[j & 7]; + int k = 48; + do + { + j = (uint)(x >> k); + g = u[j & 7] + ^ u[(j >> 3) & 7] << 3 + ^ u[(j >> 6) & 7] << 6; + l ^= (g << k); + h ^= (g >> -k); + } + while ((k -= 9) > 0); + + h ^= ((x & 0x0100804020100800UL) & (ulong)(((long)y << 7) >> 63)) >> 8; + + Debug.Assert(h >> 49 == 0); + + z[zOff ] = l & M57; + z[zOff + 1] = (l >> 57) ^ (h << 7); + } + + protected static void ImplSquare(ulong[] x, ulong[] zz) + { + Interleave.Expand64To128(x, 0, 2, zz, 0); + } + } +} diff --git a/BouncyCastle/crypto/src/math/ec/custom/sec/SecT113FieldElement.cs b/BouncyCastle/crypto/src/math/ec/custom/sec/SecT113FieldElement.cs new file mode 100644 index 0000000..63de2b8 --- /dev/null +++ b/BouncyCastle/crypto/src/math/ec/custom/sec/SecT113FieldElement.cs @@ -0,0 +1,233 @@ +using System; + +using Org.BouncyCastle.Math.Raw; +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Math.EC.Custom.Sec +{ + internal class SecT113FieldElement + : AbstractF2mFieldElement + { + protected internal readonly ulong[] x; + + public SecT113FieldElement(BigInteger x) + { + if (x == null || x.SignValue < 0 || x.BitLength > 113) + throw new ArgumentException("value invalid for SecT113FieldElement", "x"); + + this.x = SecT113Field.FromBigInteger(x); + } + + public SecT113FieldElement() + { + this.x = Nat128.Create64(); + } + + protected internal SecT113FieldElement(ulong[] x) + { + this.x = x; + } + + public override bool IsOne + { + get { return Nat128.IsOne64(x); } + } + + public override bool IsZero + { + get { return Nat128.IsZero64(x); } + } + + public override bool TestBitZero() + { + return (x[0] & 1L) != 0L; + } + + public override BigInteger ToBigInteger() + { + return Nat128.ToBigInteger64(x); + } + + public override string FieldName + { + get { return "SecT113Field"; } + } + + public override int FieldSize + { + get { return 113; } + } + + public override ECFieldElement Add(ECFieldElement b) + { + ulong[] z = Nat128.Create64(); + SecT113Field.Add(x, ((SecT113FieldElement)b).x, z); + return new SecT113FieldElement(z); + } + + public override ECFieldElement AddOne() + { + ulong[] z = Nat128.Create64(); + SecT113Field.AddOne(x, z); + return new SecT113FieldElement(z); + } + + public override ECFieldElement Subtract(ECFieldElement b) + { + // Addition and Subtraction are the same in F2m + return Add(b); + } + + public override ECFieldElement Multiply(ECFieldElement b) + { + ulong[] z = Nat128.Create64(); + SecT113Field.Multiply(x, ((SecT113FieldElement)b).x, z); + return new SecT113FieldElement(z); + } + + public override ECFieldElement MultiplyMinusProduct(ECFieldElement b, ECFieldElement x, ECFieldElement y) + { + return MultiplyPlusProduct(b, x, y); + } + + public override ECFieldElement MultiplyPlusProduct(ECFieldElement b, ECFieldElement x, ECFieldElement y) + { + ulong[] ax = this.x, bx = ((SecT113FieldElement)b).x; + ulong[] xx = ((SecT113FieldElement)x).x, yx = ((SecT113FieldElement)y).x; + + ulong[] tt = Nat128.CreateExt64(); + SecT113Field.MultiplyAddToExt(ax, bx, tt); + SecT113Field.MultiplyAddToExt(xx, yx, tt); + + ulong[] z = Nat128.Create64(); + SecT113Field.Reduce(tt, z); + return new SecT113FieldElement(z); + } + + public override ECFieldElement Divide(ECFieldElement b) + { + return Multiply(b.Invert()); + } + + public override ECFieldElement Negate() + { + return this; + } + + public override ECFieldElement Square() + { + ulong[] z = Nat128.Create64(); + SecT113Field.Square(x, z); + return new SecT113FieldElement(z); + } + + public override ECFieldElement SquareMinusProduct(ECFieldElement x, ECFieldElement y) + { + return SquarePlusProduct(x, y); + } + + public override ECFieldElement SquarePlusProduct(ECFieldElement x, ECFieldElement y) + { + ulong[] ax = this.x; + ulong[] xx = ((SecT113FieldElement)x).x, yx = ((SecT113FieldElement)y).x; + + ulong[] tt = Nat128.CreateExt64(); + SecT113Field.SquareAddToExt(ax, tt); + SecT113Field.MultiplyAddToExt(xx, yx, tt); + + ulong[] z = Nat128.Create64(); + SecT113Field.Reduce(tt, z); + return new SecT113FieldElement(z); + } + + public override ECFieldElement SquarePow(int pow) + { + if (pow < 1) + return this; + + ulong[] z = Nat128.Create64(); + SecT113Field.SquareN(x, pow, z); + return new SecT113FieldElement(z); + } + + public override ECFieldElement HalfTrace() + { + ulong[] z = Nat128.Create64(); + SecT113Field.HalfTrace(x, z); + return new SecT113FieldElement(z); + } + + public override bool HasFastTrace + { + get { return true; } + } + + public override int Trace() + { + return (int)SecT113Field.Trace(x); + } + + public override ECFieldElement Invert() + { + ulong[] z = Nat128.Create64(); + SecT113Field.Invert(x, z); + return new SecT113FieldElement(z); + } + + public override ECFieldElement Sqrt() + { + ulong[] z = Nat128.Create64(); + SecT113Field.Sqrt(x, z); + return new SecT113FieldElement(z); + } + + public virtual int Representation + { + get { return F2mFieldElement.Tpb; } + } + + public virtual int M + { + get { return 113; } + } + + public virtual int K1 + { + get { return 9; } + } + + public virtual int K2 + { + get { return 0; } + } + + public virtual int K3 + { + get { return 0; } + } + + public override bool Equals(object obj) + { + return Equals(obj as SecT113FieldElement); + } + + public override bool Equals(ECFieldElement other) + { + return Equals(other as SecT113FieldElement); + } + + public virtual bool Equals(SecT113FieldElement other) + { + if (this == other) + return true; + if (null == other) + return false; + return Nat128.Eq64(x, other.x); + } + + public override int GetHashCode() + { + return 113009 ^ Arrays.GetHashCode(x, 0, 2); + } + } +} diff --git a/BouncyCastle/crypto/src/math/ec/custom/sec/SecT113R1Curve.cs b/BouncyCastle/crypto/src/math/ec/custom/sec/SecT113R1Curve.cs new file mode 100644 index 0000000..492b1d8 --- /dev/null +++ b/BouncyCastle/crypto/src/math/ec/custom/sec/SecT113R1Curve.cs @@ -0,0 +1,177 @@ +using System; + +using Org.BouncyCastle.Math.Raw; +using Org.BouncyCastle.Utilities.Encoders; + +namespace Org.BouncyCastle.Math.EC.Custom.Sec +{ + internal class SecT113R1Curve + : AbstractF2mCurve + { + private const int SECT113R1_DEFAULT_COORDS = COORD_LAMBDA_PROJECTIVE; + private const int SECT113R1_FE_LONGS = 2; + private static readonly ECFieldElement[] SECT113R1_AFFINE_ZS = new ECFieldElement[] { new SecT113FieldElement(BigInteger.One) }; + + protected readonly SecT113R1Point m_infinity; + + public SecT113R1Curve() + : base(113, 9, 0, 0) + { + this.m_infinity = new SecT113R1Point(this, null, null); + + this.m_a = FromBigInteger(new BigInteger(1, Hex.DecodeStrict("003088250CA6E7C7FE649CE85820F7"))); + this.m_b = FromBigInteger(new BigInteger(1, Hex.DecodeStrict("00E8BEE4D3E2260744188BE0E9C723"))); + this.m_order = new BigInteger(1, Hex.DecodeStrict("0100000000000000D9CCEC8A39E56F")); + this.m_cofactor = BigInteger.Two; + + this.m_coord = SECT113R1_DEFAULT_COORDS; + } + + protected override ECCurve CloneCurve() + { + return new SecT113R1Curve(); + } + + public override bool SupportsCoordinateSystem(int coord) + { + switch (coord) + { + case COORD_LAMBDA_PROJECTIVE: + return true; + default: + return false; + } + } + + public override ECPoint Infinity + { + get { return m_infinity; } + } + + public override int FieldSize + { + get { return 113; } + } + + public override ECFieldElement FromBigInteger(BigInteger x) + { + return new SecT113FieldElement(x); + } + + protected internal override ECPoint CreateRawPoint(ECFieldElement x, ECFieldElement y, bool withCompression) + { + return new SecT113R1Point(this, x, y, withCompression); + } + + protected internal override ECPoint CreateRawPoint(ECFieldElement x, ECFieldElement y, ECFieldElement[] zs, bool withCompression) + { + return new SecT113R1Point(this, x, y, zs, withCompression); + } + + public override bool IsKoblitz + { + get { return false; } + } + + public virtual int M + { + get { return 113; } + } + + public virtual bool IsTrinomial + { + get { return true; } + } + + public virtual int K1 + { + get { return 9; } + } + + public virtual int K2 + { + get { return 0; } + } + + public virtual int K3 + { + get { return 0; } + } + + public override ECLookupTable CreateCacheSafeLookupTable(ECPoint[] points, int off, int len) + { + ulong[] table = new ulong[len * SECT113R1_FE_LONGS * 2]; + { + int pos = 0; + for (int i = 0; i < len; ++i) + { + ECPoint p = points[off + i]; + Nat128.Copy64(((SecT113FieldElement)p.RawXCoord).x, 0, table, pos); pos += SECT113R1_FE_LONGS; + Nat128.Copy64(((SecT113FieldElement)p.RawYCoord).x, 0, table, pos); pos += SECT113R1_FE_LONGS; + } + } + + return new SecT113R1LookupTable(this, table, len); + } + + private class SecT113R1LookupTable + : AbstractECLookupTable + { + private readonly SecT113R1Curve m_outer; + private readonly ulong[] m_table; + private readonly int m_size; + + internal SecT113R1LookupTable(SecT113R1Curve outer, ulong[] table, int size) + { + this.m_outer = outer; + this.m_table = table; + this.m_size = size; + } + + public override int Size + { + get { return m_size; } + } + + public override ECPoint Lookup(int index) + { + ulong[] x = Nat128.Create64(), y = Nat128.Create64(); + int pos = 0; + + for (int i = 0; i < m_size; ++i) + { + ulong MASK = (ulong)(long)(((i ^ index) - 1) >> 31); + + for (int j = 0; j < SECT113R1_FE_LONGS; ++j) + { + x[j] ^= m_table[pos + j] & MASK; + y[j] ^= m_table[pos + SECT113R1_FE_LONGS + j] & MASK; + } + + pos += (SECT113R1_FE_LONGS * 2); + } + + return CreatePoint(x, y); + } + + public override ECPoint LookupVar(int index) + { + ulong[] x = Nat128.Create64(), y = Nat128.Create64(); + int pos = index * SECT113R1_FE_LONGS * 2; + + for (int j = 0; j < SECT113R1_FE_LONGS; ++j) + { + x[j] = m_table[pos + j]; + y[j] = m_table[pos + SECT113R1_FE_LONGS + j]; + } + + return CreatePoint(x, y); + } + + private ECPoint CreatePoint(ulong[] x, ulong[] y) + { + return m_outer.CreateRawPoint(new SecT113FieldElement(x), new SecT113FieldElement(y), SECT113R1_AFFINE_ZS, false); + } + } + } +} diff --git a/BouncyCastle/crypto/src/math/ec/custom/sec/SecT113R1Point.cs b/BouncyCastle/crypto/src/math/ec/custom/sec/SecT113R1Point.cs new file mode 100644 index 0000000..db085d0 --- /dev/null +++ b/BouncyCastle/crypto/src/math/ec/custom/sec/SecT113R1Point.cs @@ -0,0 +1,281 @@ +using System; + +namespace Org.BouncyCastle.Math.EC.Custom.Sec +{ + internal class SecT113R1Point + : AbstractF2mPoint + { + /** + * @deprecated Use ECCurve.createPoint to construct points + */ + public SecT113R1Point(ECCurve curve, ECFieldElement x, ECFieldElement y) + : this(curve, x, y, false) + { + } + + /** + * @deprecated per-point compression property will be removed, refer {@link #getEncoded(bool)} + */ + public SecT113R1Point(ECCurve curve, ECFieldElement x, ECFieldElement y, bool withCompression) + : base(curve, x, y, withCompression) + { + if ((x == null) != (y == null)) + throw new ArgumentException("Exactly one of the field elements is null"); + } + + internal SecT113R1Point(ECCurve curve, ECFieldElement x, ECFieldElement y, ECFieldElement[] zs, bool withCompression) + : base(curve, x, y, zs, withCompression) + { + } + + protected override ECPoint Detach() + { + return new SecT113R1Point(null, AffineXCoord, AffineYCoord); + } + + public override ECFieldElement YCoord + { + get + { + ECFieldElement X = RawXCoord, L = RawYCoord; + + if (this.IsInfinity || X.IsZero) + return L; + + // Y is actually Lambda (X + Y/X) here; convert to affine value on the fly + ECFieldElement Y = L.Add(X).Multiply(X); + + ECFieldElement Z = RawZCoords[0]; + if (!Z.IsOne) + { + Y = Y.Divide(Z); + } + + return Y; + } + } + + protected internal override bool CompressionYTilde + { + get + { + ECFieldElement X = this.RawXCoord; + if (X.IsZero) + return false; + + ECFieldElement Y = this.RawYCoord; + + // Y is actually Lambda (X + Y/X) here + return Y.TestBitZero() != X.TestBitZero(); + } + } + + public override ECPoint Add(ECPoint b) + { + if (this.IsInfinity) + return b; + if (b.IsInfinity) + return this; + + ECCurve curve = this.Curve; + + ECFieldElement X1 = this.RawXCoord; + ECFieldElement X2 = b.RawXCoord; + + if (X1.IsZero) + { + if (X2.IsZero) + return curve.Infinity; + + return b.Add(this); + } + + ECFieldElement L1 = this.RawYCoord, Z1 = this.RawZCoords[0]; + ECFieldElement L2 = b.RawYCoord, Z2 = b.RawZCoords[0]; + + bool Z1IsOne = Z1.IsOne; + ECFieldElement U2 = X2, S2 = L2; + if (!Z1IsOne) + { + U2 = U2.Multiply(Z1); + S2 = S2.Multiply(Z1); + } + + bool Z2IsOne = Z2.IsOne; + ECFieldElement U1 = X1, S1 = L1; + if (!Z2IsOne) + { + U1 = U1.Multiply(Z2); + S1 = S1.Multiply(Z2); + } + + ECFieldElement A = S1.Add(S2); + ECFieldElement B = U1.Add(U2); + + if (B.IsZero) + { + if (A.IsZero) + return Twice(); + + return curve.Infinity; + } + + ECFieldElement X3, L3, Z3; + if (X2.IsZero) + { + // TODO This can probably be optimized quite a bit + ECPoint p = this.Normalize(); + X1 = p.XCoord; + ECFieldElement Y1 = p.YCoord; + + ECFieldElement Y2 = L2; + ECFieldElement L = Y1.Add(Y2).Divide(X1); + + X3 = L.Square().Add(L).Add(X1).Add(curve.A); + if (X3.IsZero) + { + return new SecT113R1Point(curve, X3, curve.B.Sqrt(), IsCompressed); + } + + ECFieldElement Y3 = L.Multiply(X1.Add(X3)).Add(X3).Add(Y1); + L3 = Y3.Divide(X3).Add(X3); + Z3 = curve.FromBigInteger(BigInteger.One); + } + else + { + B = B.Square(); + + ECFieldElement AU1 = A.Multiply(U1); + ECFieldElement AU2 = A.Multiply(U2); + + X3 = AU1.Multiply(AU2); + if (X3.IsZero) + { + return new SecT113R1Point(curve, X3, curve.B.Sqrt(), IsCompressed); + } + + ECFieldElement ABZ2 = A.Multiply(B); + if (!Z2IsOne) + { + ABZ2 = ABZ2.Multiply(Z2); + } + + L3 = AU2.Add(B).SquarePlusProduct(ABZ2, L1.Add(Z1)); + + Z3 = ABZ2; + if (!Z1IsOne) + { + Z3 = Z3.Multiply(Z1); + } + } + + return new SecT113R1Point(curve, X3, L3, new ECFieldElement[]{ Z3 }, IsCompressed); + } + + public override ECPoint Twice() + { + if (this.IsInfinity) + return this; + + ECCurve curve = this.Curve; + + ECFieldElement X1 = this.RawXCoord; + if (X1.IsZero) + { + // A point with X == 0 is its own additive inverse + return curve.Infinity; + } + + ECFieldElement L1 = this.RawYCoord, Z1 = this.RawZCoords[0]; + + bool Z1IsOne = Z1.IsOne; + ECFieldElement L1Z1 = Z1IsOne ? L1 : L1.Multiply(Z1); + ECFieldElement Z1Sq = Z1IsOne ? Z1 : Z1.Square(); + ECFieldElement a = curve.A; + ECFieldElement aZ1Sq = Z1IsOne ? a : a.Multiply(Z1Sq); + ECFieldElement T = L1.Square().Add(L1Z1).Add(aZ1Sq); + if (T.IsZero) + { + return new SecT113R1Point(curve, T, curve.B.Sqrt(), IsCompressed); + } + + ECFieldElement X3 = T.Square(); + ECFieldElement Z3 = Z1IsOne ? T : T.Multiply(Z1Sq); + + ECFieldElement X1Z1 = Z1IsOne ? X1 : X1.Multiply(Z1); + ECFieldElement L3 = X1Z1.SquarePlusProduct(T, L1Z1).Add(X3).Add(Z3); + + return new SecT113R1Point(curve, X3, L3, new ECFieldElement[]{ Z3 }, IsCompressed); + } + + public override ECPoint TwicePlus(ECPoint b) + { + if (this.IsInfinity) + return b; + if (b.IsInfinity) + return Twice(); + + ECCurve curve = this.Curve; + + ECFieldElement X1 = this.RawXCoord; + if (X1.IsZero) + { + // A point with X == 0 is its own additive inverse + return b; + } + + ECFieldElement X2 = b.RawXCoord, Z2 = b.RawZCoords[0]; + if (X2.IsZero || !Z2.IsOne) + { + return Twice().Add(b); + } + + ECFieldElement L1 = this.RawYCoord, Z1 = this.RawZCoords[0]; + ECFieldElement L2 = b.RawYCoord; + + ECFieldElement X1Sq = X1.Square(); + ECFieldElement L1Sq = L1.Square(); + ECFieldElement Z1Sq = Z1.Square(); + ECFieldElement L1Z1 = L1.Multiply(Z1); + + ECFieldElement T = curve.A.Multiply(Z1Sq).Add(L1Sq).Add(L1Z1); + ECFieldElement L2plus1 = L2.AddOne(); + ECFieldElement A = curve.A.Add(L2plus1).Multiply(Z1Sq).Add(L1Sq).MultiplyPlusProduct(T, X1Sq, Z1Sq); + ECFieldElement X2Z1Sq = X2.Multiply(Z1Sq); + ECFieldElement B = X2Z1Sq.Add(T).Square(); + + if (B.IsZero) + { + if (A.IsZero) + return b.Twice(); + + return curve.Infinity; + } + + if (A.IsZero) + { + return new SecT113R1Point(curve, A, curve.B.Sqrt(), IsCompressed); + } + + ECFieldElement X3 = A.Square().Multiply(X2Z1Sq); + ECFieldElement Z3 = A.Multiply(B).Multiply(Z1Sq); + ECFieldElement L3 = A.Add(B).Square().MultiplyPlusProduct(T, L2plus1, Z3); + + return new SecT113R1Point(curve, X3, L3, new ECFieldElement[]{ Z3 }, IsCompressed); + } + + public override ECPoint Negate() + { + if (IsInfinity) + return this; + + ECFieldElement X = this.RawXCoord; + if (X.IsZero) + return this; + + // L is actually Lambda (X + Y/X) here + ECFieldElement L = this.RawYCoord, Z = this.RawZCoords[0]; + return new SecT113R1Point(Curve, X, L.Add(Z), new ECFieldElement[]{ Z }, IsCompressed); + } + } +} diff --git a/BouncyCastle/crypto/src/math/ec/custom/sec/SecT113R2Curve.cs b/BouncyCastle/crypto/src/math/ec/custom/sec/SecT113R2Curve.cs new file mode 100644 index 0000000..d0fad0f --- /dev/null +++ b/BouncyCastle/crypto/src/math/ec/custom/sec/SecT113R2Curve.cs @@ -0,0 +1,177 @@ +using System; + +using Org.BouncyCastle.Math.Raw; +using Org.BouncyCastle.Utilities.Encoders; + +namespace Org.BouncyCastle.Math.EC.Custom.Sec +{ + internal class SecT113R2Curve + : AbstractF2mCurve + { + private const int SECT113R2_DEFAULT_COORDS = COORD_LAMBDA_PROJECTIVE; + private const int SECT113R2_FE_LONGS = 2; + private static readonly ECFieldElement[] SECT113R2_AFFINE_ZS = new ECFieldElement[] { new SecT113FieldElement(BigInteger.One) }; + + protected readonly SecT113R2Point m_infinity; + + public SecT113R2Curve() + : base(113, 9, 0, 0) + { + this.m_infinity = new SecT113R2Point(this, null, null); + + this.m_a = FromBigInteger(new BigInteger(1, Hex.DecodeStrict("00689918DBEC7E5A0DD6DFC0AA55C7"))); + this.m_b = FromBigInteger(new BigInteger(1, Hex.DecodeStrict("0095E9A9EC9B297BD4BF36E059184F"))); + this.m_order = new BigInteger(1, Hex.DecodeStrict("010000000000000108789B2496AF93")); + this.m_cofactor = BigInteger.Two; + + this.m_coord = SECT113R2_DEFAULT_COORDS; + } + + protected override ECCurve CloneCurve() + { + return new SecT113R2Curve(); + } + + public override bool SupportsCoordinateSystem(int coord) + { + switch (coord) + { + case COORD_LAMBDA_PROJECTIVE: + return true; + default: + return false; + } + } + + public override ECPoint Infinity + { + get { return m_infinity; } + } + + public override int FieldSize + { + get { return 113; } + } + + public override ECFieldElement FromBigInteger(BigInteger x) + { + return new SecT113FieldElement(x); + } + + protected internal override ECPoint CreateRawPoint(ECFieldElement x, ECFieldElement y, bool withCompression) + { + return new SecT113R2Point(this, x, y, withCompression); + } + + protected internal override ECPoint CreateRawPoint(ECFieldElement x, ECFieldElement y, ECFieldElement[] zs, bool withCompression) + { + return new SecT113R2Point(this, x, y, zs, withCompression); + } + + public override bool IsKoblitz + { + get { return false; } + } + + public virtual int M + { + get { return 113; } + } + + public virtual bool IsTrinomial + { + get { return true; } + } + + public virtual int K1 + { + get { return 9; } + } + + public virtual int K2 + { + get { return 0; } + } + + public virtual int K3 + { + get { return 0; } + } + + public override ECLookupTable CreateCacheSafeLookupTable(ECPoint[] points, int off, int len) + { + ulong[] table = new ulong[len * SECT113R2_FE_LONGS * 2]; + { + int pos = 0; + for (int i = 0; i < len; ++i) + { + ECPoint p = points[off + i]; + Nat128.Copy64(((SecT113FieldElement)p.RawXCoord).x, 0, table, pos); pos += SECT113R2_FE_LONGS; + Nat128.Copy64(((SecT113FieldElement)p.RawYCoord).x, 0, table, pos); pos += SECT113R2_FE_LONGS; + } + } + + return new SecT113R2LookupTable(this, table, len); + } + + private class SecT113R2LookupTable + : AbstractECLookupTable + { + private readonly SecT113R2Curve m_outer; + private readonly ulong[] m_table; + private readonly int m_size; + + internal SecT113R2LookupTable(SecT113R2Curve outer, ulong[] table, int size) + { + this.m_outer = outer; + this.m_table = table; + this.m_size = size; + } + + public override int Size + { + get { return m_size; } + } + + public override ECPoint Lookup(int index) + { + ulong[] x = Nat128.Create64(), y = Nat128.Create64(); + int pos = 0; + + for (int i = 0; i < m_size; ++i) + { + ulong MASK = (ulong)(long)(((i ^ index) - 1) >> 31); + + for (int j = 0; j < SECT113R2_FE_LONGS; ++j) + { + x[j] ^= m_table[pos + j] & MASK; + y[j] ^= m_table[pos + SECT113R2_FE_LONGS + j] & MASK; + } + + pos += (SECT113R2_FE_LONGS * 2); + } + + return CreatePoint(x, y); + } + + public override ECPoint LookupVar(int index) + { + ulong[] x = Nat128.Create64(), y = Nat128.Create64(); + int pos = index * SECT113R2_FE_LONGS * 2; + + for (int j = 0; j < SECT113R2_FE_LONGS; ++j) + { + x[j] = m_table[pos + j]; + y[j] = m_table[pos + SECT113R2_FE_LONGS + j]; + } + + return CreatePoint(x, y); + } + + private ECPoint CreatePoint(ulong[] x, ulong[] y) + { + return m_outer.CreateRawPoint(new SecT113FieldElement(x), new SecT113FieldElement(y), SECT113R2_AFFINE_ZS, false); + } + } + } +} diff --git a/BouncyCastle/crypto/src/math/ec/custom/sec/SecT113R2Point.cs b/BouncyCastle/crypto/src/math/ec/custom/sec/SecT113R2Point.cs new file mode 100644 index 0000000..45fae2d --- /dev/null +++ b/BouncyCastle/crypto/src/math/ec/custom/sec/SecT113R2Point.cs @@ -0,0 +1,291 @@ +using System; + +namespace Org.BouncyCastle.Math.EC.Custom.Sec +{ + internal class SecT113R2Point + : AbstractF2mPoint + { + /** + * @deprecated Use ECCurve.createPoint to construct points + */ + public SecT113R2Point(ECCurve curve, ECFieldElement x, ECFieldElement y) + : this(curve, x, y, false) + { + } + + /** + * @deprecated per-point compression property will be removed, refer {@link #getEncoded(bool)} + */ + public SecT113R2Point(ECCurve curve, ECFieldElement x, ECFieldElement y, bool withCompression) + : base(curve, x, y, withCompression) + { + if ((x == null) != (y == null)) + throw new ArgumentException("Exactly one of the field elements is null"); + } + + internal SecT113R2Point(ECCurve curve, ECFieldElement x, ECFieldElement y, ECFieldElement[] zs, bool withCompression) + : base(curve, x, y, zs, withCompression) + { + } + + protected override ECPoint Detach() + { + return new SecT113R2Point(null, AffineXCoord, AffineYCoord); + } + + public override ECFieldElement YCoord + { + get + { + ECFieldElement X = RawXCoord, L = RawYCoord; + + if (this.IsInfinity || X.IsZero) + return L; + + // Y is actually Lambda (X + Y/X) here; convert to affine value on the fly + ECFieldElement Y = L.Add(X).Multiply(X); + + ECFieldElement Z = RawZCoords[0]; + if (!Z.IsOne) + { + Y = Y.Divide(Z); + } + + return Y; + } + } + + protected internal override bool CompressionYTilde + { + get + { + ECFieldElement X = this.RawXCoord; + if (X.IsZero) + return false; + + ECFieldElement Y = this.RawYCoord; + + // Y is actually Lambda (X + Y/X) here + return Y.TestBitZero() != X.TestBitZero(); + } + } + + public override ECPoint Add(ECPoint b) + { + if (this.IsInfinity) + { + return b; + } + if (b.IsInfinity) + { + return this; + } + + ECCurve curve = this.Curve; + + ECFieldElement X1 = this.RawXCoord; + ECFieldElement X2 = b.RawXCoord; + + if (X1.IsZero) + { + if (X2.IsZero) + return curve.Infinity; + + return b.Add(this); + } + + ECFieldElement L1 = this.RawYCoord, Z1 = this.RawZCoords[0]; + ECFieldElement L2 = b.RawYCoord, Z2 = b.RawZCoords[0]; + + bool Z1IsOne = Z1.IsOne; + ECFieldElement U2 = X2, S2 = L2; + if (!Z1IsOne) + { + U2 = U2.Multiply(Z1); + S2 = S2.Multiply(Z1); + } + + bool Z2IsOne = Z2.IsOne; + ECFieldElement U1 = X1, S1 = L1; + if (!Z2IsOne) + { + U1 = U1.Multiply(Z2); + S1 = S1.Multiply(Z2); + } + + ECFieldElement A = S1.Add(S2); + ECFieldElement B = U1.Add(U2); + + if (B.IsZero) + { + if (A.IsZero) + return Twice(); + + return curve.Infinity; + } + + ECFieldElement X3, L3, Z3; + if (X2.IsZero) + { + // TODO This can probably be optimized quite a bit + ECPoint p = this.Normalize(); + X1 = p.XCoord; + ECFieldElement Y1 = p.YCoord; + + ECFieldElement Y2 = L2; + ECFieldElement L = Y1.Add(Y2).Divide(X1); + + X3 = L.Square().Add(L).Add(X1).Add(curve.A); + if (X3.IsZero) + { + return new SecT113R2Point(curve, X3, curve.B.Sqrt(), IsCompressed); + } + + ECFieldElement Y3 = L.Multiply(X1.Add(X3)).Add(X3).Add(Y1); + L3 = Y3.Divide(X3).Add(X3); + Z3 = curve.FromBigInteger(BigInteger.One); + } + else + { + B = B.Square(); + + ECFieldElement AU1 = A.Multiply(U1); + ECFieldElement AU2 = A.Multiply(U2); + + X3 = AU1.Multiply(AU2); + if (X3.IsZero) + { + return new SecT113R2Point(curve, X3, curve.B.Sqrt(), IsCompressed); + } + + ECFieldElement ABZ2 = A.Multiply(B); + if (!Z2IsOne) + { + ABZ2 = ABZ2.Multiply(Z2); + } + + L3 = AU2.Add(B).SquarePlusProduct(ABZ2, L1.Add(Z1)); + + Z3 = ABZ2; + if (!Z1IsOne) + { + Z3 = Z3.Multiply(Z1); + } + } + + return new SecT113R2Point(curve, X3, L3, new ECFieldElement[]{ Z3 }, IsCompressed); + } + + public override ECPoint Twice() + { + if (this.IsInfinity) + { + return this; + } + + ECCurve curve = this.Curve; + + ECFieldElement X1 = this.RawXCoord; + if (X1.IsZero) + { + // A point with X == 0 is its own additive inverse + return curve.Infinity; + } + + ECFieldElement L1 = this.RawYCoord, Z1 = this.RawZCoords[0]; + + bool Z1IsOne = Z1.IsOne; + ECFieldElement L1Z1 = Z1IsOne ? L1 : L1.Multiply(Z1); + ECFieldElement Z1Sq = Z1IsOne ? Z1 : Z1.Square(); + ECFieldElement a = curve.A; + ECFieldElement aZ1Sq = Z1IsOne ? a : a.Multiply(Z1Sq); + ECFieldElement T = L1.Square().Add(L1Z1).Add(aZ1Sq); + if (T.IsZero) + { + return new SecT113R2Point(curve, T, curve.B.Sqrt(), IsCompressed); + } + + ECFieldElement X3 = T.Square(); + ECFieldElement Z3 = Z1IsOne ? T : T.Multiply(Z1Sq); + + ECFieldElement X1Z1 = Z1IsOne ? X1 : X1.Multiply(Z1); + ECFieldElement L3 = X1Z1.SquarePlusProduct(T, L1Z1).Add(X3).Add(Z3); + + return new SecT113R2Point(curve, X3, L3, new ECFieldElement[]{ Z3 }, IsCompressed); + } + + public override ECPoint TwicePlus(ECPoint b) + { + if (this.IsInfinity) + { + return b; + } + if (b.IsInfinity) + { + return Twice(); + } + + ECCurve curve = this.Curve; + + ECFieldElement X1 = this.RawXCoord; + if (X1.IsZero) + { + // A point with X == 0 is its own additive inverse + return b; + } + + ECFieldElement X2 = b.RawXCoord, Z2 = b.RawZCoords[0]; + if (X2.IsZero || !Z2.IsOne) + { + return Twice().Add(b); + } + + ECFieldElement L1 = this.RawYCoord, Z1 = this.RawZCoords[0]; + ECFieldElement L2 = b.RawYCoord; + + ECFieldElement X1Sq = X1.Square(); + ECFieldElement L1Sq = L1.Square(); + ECFieldElement Z1Sq = Z1.Square(); + ECFieldElement L1Z1 = L1.Multiply(Z1); + + ECFieldElement T = curve.A.Multiply(Z1Sq).Add(L1Sq).Add(L1Z1); + ECFieldElement L2plus1 = L2.AddOne(); + ECFieldElement A = curve.A.Add(L2plus1).Multiply(Z1Sq).Add(L1Sq).MultiplyPlusProduct(T, X1Sq, Z1Sq); + ECFieldElement X2Z1Sq = X2.Multiply(Z1Sq); + ECFieldElement B = X2Z1Sq.Add(T).Square(); + + if (B.IsZero) + { + if (A.IsZero) + return b.Twice(); + + return curve.Infinity; + } + + if (A.IsZero) + { + return new SecT113R2Point(curve, A, curve.B.Sqrt(), IsCompressed); + } + + ECFieldElement X3 = A.Square().Multiply(X2Z1Sq); + ECFieldElement Z3 = A.Multiply(B).Multiply(Z1Sq); + ECFieldElement L3 = A.Add(B).Square().MultiplyPlusProduct(T, L2plus1, Z3); + + return new SecT113R2Point(curve, X3, L3, new ECFieldElement[]{ Z3 }, IsCompressed); + } + + public override ECPoint Negate() + { + if (IsInfinity) + return this; + + ECFieldElement X = this.RawXCoord; + if (X.IsZero) + return this; + + // L is actually Lambda (X + Y/X) here + ECFieldElement L = this.RawYCoord, Z = this.RawZCoords[0]; + return new SecT113R2Point(Curve, X, L.Add(Z), new ECFieldElement[]{ Z }, IsCompressed); + } + } +} diff --git a/BouncyCastle/crypto/src/math/ec/custom/sec/SecT131Field.cs b/BouncyCastle/crypto/src/math/ec/custom/sec/SecT131Field.cs new file mode 100644 index 0000000..adf4f04 --- /dev/null +++ b/BouncyCastle/crypto/src/math/ec/custom/sec/SecT131Field.cs @@ -0,0 +1,351 @@ +using System; +using System.Diagnostics; + +using Org.BouncyCastle.Math.Raw; + +namespace Org.BouncyCastle.Math.EC.Custom.Sec +{ + internal class SecT131Field + { + private const ulong M03 = ulong.MaxValue >> 61; + private const ulong M44 = ulong.MaxValue >> 20; + + private static readonly ulong[] ROOT_Z = new ulong[]{ 0x26BC4D789AF13523UL, 0x26BC4D789AF135E2UL, 0x6UL }; + + public static void Add(ulong[] x, ulong[] y, ulong[] z) + { + z[0] = x[0] ^ y[0]; + z[1] = x[1] ^ y[1]; + z[2] = x[2] ^ y[2]; + } + + public static void AddExt(ulong[] xx, ulong[] yy, ulong[] zz) + { + zz[0] = xx[0] ^ yy[0]; + zz[1] = xx[1] ^ yy[1]; + zz[2] = xx[2] ^ yy[2]; + zz[3] = xx[3] ^ yy[3]; + zz[4] = xx[4] ^ yy[4]; + } + + public static void AddOne(ulong[] x, ulong[] z) + { + z[0] = x[0] ^ 1UL; + z[1] = x[1]; + z[2] = x[2]; + } + + private static void AddTo(ulong[] x, ulong[] z) + { + z[0] ^= x[0]; + z[1] ^= x[1]; + z[2] ^= x[2]; + } + + public static ulong[] FromBigInteger(BigInteger x) + { + return Nat.FromBigInteger64(131, x); + } + + public static void HalfTrace(ulong[] x, ulong[] z) + { + ulong[] tt = Nat.Create64(5); + + Nat192.Copy64(x, z); + for (int i = 1; i < 131; i += 2) + { + ImplSquare(z, tt); + Reduce(tt, z); + ImplSquare(z, tt); + Reduce(tt, z); + AddTo(x, z); + } + } + + public static void Invert(ulong[] x, ulong[] z) + { + if (Nat192.IsZero64(x)) + throw new InvalidOperationException(); + + // Itoh-Tsujii inversion + + ulong[] t0 = Nat192.Create64(); + ulong[] t1 = Nat192.Create64(); + + Square(x, t0); + Multiply(t0, x, t0); + SquareN(t0, 2, t1); + Multiply(t1, t0, t1); + SquareN(t1, 4, t0); + Multiply(t0, t1, t0); + SquareN(t0, 8, t1); + Multiply(t1, t0, t1); + SquareN(t1, 16, t0); + Multiply(t0, t1, t0); + SquareN(t0, 32, t1); + Multiply(t1, t0, t1); + Square(t1, t1); + Multiply(t1, x, t1); + SquareN(t1, 65, t0); + Multiply(t0, t1, t0); + Square(t0, z); + } + + public static void Multiply(ulong[] x, ulong[] y, ulong[] z) + { + ulong[] tt = new ulong[8]; + ImplMultiply(x, y, tt); + Reduce(tt, z); + } + + public static void MultiplyAddToExt(ulong[] x, ulong[] y, ulong[] zz) + { + ulong[] tt = new ulong[8]; + ImplMultiply(x, y, tt); + AddExt(zz, tt, zz); + } + + public static void Reduce(ulong[] xx, ulong[] z) + { + ulong x0 = xx[0], x1 = xx[1], x2 = xx[2], x3 = xx[3], x4 = xx[4]; + + x1 ^= (x4 << 61) ^ (x4 << 63); + x2 ^= (x4 >> 3) ^ (x4 >> 1) ^ x4 ^ (x4 << 5); + x3 ^= (x4 >> 59); + + x0 ^= (x3 << 61) ^ (x3 << 63); + x1 ^= (x3 >> 3) ^ (x3 >> 1) ^ x3 ^ (x3 << 5); + x2 ^= (x3 >> 59); + + ulong t = x2 >> 3; + z[0] = x0 ^ t ^ (t << 2) ^ (t << 3) ^ (t << 8); + z[1] = x1 ^ (t >> 56); + z[2] = x2 & M03; + } + + public static void Reduce61(ulong[] z, int zOff) + { + ulong z2 = z[zOff + 2], t = z2 >> 3; + z[zOff ] ^= t ^ (t << 2) ^ (t << 3) ^ (t << 8); + z[zOff + 1] ^= (t >> 56); + z[zOff + 2] = z2 & M03; + } + + public static void Sqrt(ulong[] x, ulong[] z) + { + ulong[] odd = Nat192.Create64(); + + ulong u0, u1; + u0 = Interleave.Unshuffle(x[0]); u1 = Interleave.Unshuffle(x[1]); + ulong e0 = (u0 & 0x00000000FFFFFFFFUL) | (u1 << 32); + odd[0] = (u0 >> 32) | (u1 & 0xFFFFFFFF00000000UL); + + u0 = Interleave.Unshuffle(x[2]); + ulong e1 = (u0 & 0x00000000FFFFFFFFUL); + odd[1] = (u0 >> 32); + + Multiply(odd, ROOT_Z, z); + + z[0] ^= e0; + z[1] ^= e1; + } + + public static void Square(ulong[] x, ulong[] z) + { + ulong[] tt = Nat.Create64(5); + ImplSquare(x, tt); + Reduce(tt, z); + } + + public static void SquareAddToExt(ulong[] x, ulong[] zz) + { + ulong[] tt = Nat.Create64(5); + ImplSquare(x, tt); + AddExt(zz, tt, zz); + } + + public static void SquareN(ulong[] x, int n, ulong[] z) + { + Debug.Assert(n > 0); + + ulong[] tt = Nat.Create64(5); + ImplSquare(x, tt); + Reduce(tt, z); + + while (--n > 0) + { + ImplSquare(z, tt); + Reduce(tt, z); + } + } + + public static uint Trace(ulong[] x) + { + // Non-zero-trace bits: 0, 123, 129 + return (uint)(x[0] ^ (x[1] >> 59) ^ (x[2] >> 1)) & 1U; + } + + protected static void ImplCompactExt(ulong[] zz) + { + ulong z0 = zz[0], z1 = zz[1], z2 = zz[2], z3 = zz[3], z4 = zz[4], z5 = zz[5]; + zz[0] = z0 ^ (z1 << 44); + zz[1] = (z1 >> 20) ^ (z2 << 24); + zz[2] = (z2 >> 40) ^ (z3 << 4) + ^ (z4 << 48); + zz[3] = (z3 >> 60) ^ (z5 << 28) + ^ (z4 >> 16); + zz[4] = (z5 >> 36); + zz[5] = 0; + } + + protected static void ImplMultiply(ulong[] x, ulong[] y, ulong[] zz) + { + /* + * "Five-way recursion" as described in "Batch binary Edwards", Daniel J. Bernstein. + */ + + ulong f0 = x[0], f1 = x[1], f2 = x[2]; + f2 = ((f1 >> 24) ^ (f2 << 40)) & M44; + f1 = ((f0 >> 44) ^ (f1 << 20)) & M44; + f0 &= M44; + + ulong g0 = y[0], g1 = y[1], g2 = y[2]; + g2 = ((g1 >> 24) ^ (g2 << 40)) & M44; + g1 = ((g0 >> 44) ^ (g1 << 20)) & M44; + g0 &= M44; + + ulong[] u = zz; + ulong[] H = new ulong[10]; + + ImplMulw(u, f0, g0, H, 0); // H(0) 44/43 bits + ImplMulw(u, f2, g2, H, 2); // H(INF) 44/41 bits + + ulong t0 = f0 ^ f1 ^ f2; + ulong t1 = g0 ^ g1 ^ g2; + + ImplMulw(u, t0, t1, H, 4); // H(1) 44/43 bits + + ulong t2 = (f1 << 1) ^ (f2 << 2); + ulong t3 = (g1 << 1) ^ (g2 << 2); + + ImplMulw(u, f0 ^ t2, g0 ^ t3, H, 6); // H(t) 44/45 bits + ImplMulw(u, t0 ^ t2, t1 ^ t3, H, 8); // H(t + 1) 44/45 bits + + ulong t4 = H[6] ^ H[8]; + ulong t5 = H[7] ^ H[9]; + + Debug.Assert(t5 >> 44 == 0); + + // Calculate V + ulong v0 = (t4 << 1) ^ H[6]; + ulong v1 = t4 ^ (t5 << 1) ^ H[7]; + ulong v2 = t5; + + // Calculate U + ulong u0 = H[0]; + ulong u1 = H[1] ^ H[0] ^ H[4]; + ulong u2 = H[1] ^ H[5]; + + // Calculate W + ulong w0 = u0 ^ v0 ^ (H[2] << 4) ^ (H[2] << 1); + ulong w1 = u1 ^ v1 ^ (H[3] << 4) ^ (H[3] << 1); + ulong w2 = u2 ^ v2; + + // Propagate carries + w1 ^= (w0 >> 44); w0 &= M44; + w2 ^= (w1 >> 44); w1 &= M44; + + Debug.Assert((w0 & 1UL) == 0); + + // Divide W by t + + w0 = (w0 >> 1) ^ ((w1 & 1UL) << 43); + w1 = (w1 >> 1) ^ ((w2 & 1UL) << 43); + w2 = (w2 >> 1); + + // Divide W by (t + 1) + + w0 ^= (w0 << 1); + w0 ^= (w0 << 2); + w0 ^= (w0 << 4); + w0 ^= (w0 << 8); + w0 ^= (w0 << 16); + w0 ^= (w0 << 32); + + w0 &= M44; w1 ^= (w0 >> 43); + + w1 ^= (w1 << 1); + w1 ^= (w1 << 2); + w1 ^= (w1 << 4); + w1 ^= (w1 << 8); + w1 ^= (w1 << 16); + w1 ^= (w1 << 32); + + w1 &= M44; w2 ^= (w1 >> 43); + + w2 ^= (w2 << 1); + w2 ^= (w2 << 2); + w2 ^= (w2 << 4); + w2 ^= (w2 << 8); + w2 ^= (w2 << 16); + w2 ^= (w2 << 32); + + Debug.Assert(w2 >> 42 == 0); + + zz[0] = u0; + zz[1] = u1 ^ w0 ^ H[2]; + zz[2] = u2 ^ w1 ^ w0 ^ H[3]; + zz[3] = w2 ^ w1; + zz[4] = w2 ^ H[2]; + zz[5] = H[3]; + + ImplCompactExt(zz); + } + + protected static void ImplMulw(ulong[] u, ulong x, ulong y, ulong[] z, int zOff) + { + Debug.Assert(x >> 45 == 0); + Debug.Assert(y >> 45 == 0); + + //u[0] = 0; + u[1] = y; + u[2] = u[1] << 1; + u[3] = u[2] ^ y; + u[4] = u[2] << 1; + u[5] = u[4] ^ y; + u[6] = u[3] << 1; + u[7] = u[6] ^ y; + + uint j = (uint)x; + ulong g, h = 0, l = u[j & 7] + ^ u[(j >> 3) & 7] << 3 + ^ u[(j >> 6) & 7] << 6 + ^ u[(j >> 9) & 7] << 9 + ^ u[(j >> 12) & 7] << 12; + int k = 30; + do + { + j = (uint)(x >> k); + g = u[j & 7] + ^ u[(j >> 3) & 7] << 3 + ^ u[(j >> 6) & 7] << 6 + ^ u[(j >> 9) & 7] << 9 + ^ u[(j >> 12) & 7] << 12; + l ^= (g << k); + h ^= (g >> -k); + } + while ((k -= 15) > 0); + + Debug.Assert(h >> 25 == 0); + + z[zOff ] = l & M44; + z[zOff + 1] = (l >> 44) ^ (h << 20); + } + + protected static void ImplSquare(ulong[] x, ulong[] zz) + { + Interleave.Expand64To128(x, 0, 2, zz, 0); + zz[4] = Interleave.Expand8to16((uint)x[2]); + } + } +} diff --git a/BouncyCastle/crypto/src/math/ec/custom/sec/SecT131FieldElement.cs b/BouncyCastle/crypto/src/math/ec/custom/sec/SecT131FieldElement.cs new file mode 100644 index 0000000..4884e71 --- /dev/null +++ b/BouncyCastle/crypto/src/math/ec/custom/sec/SecT131FieldElement.cs @@ -0,0 +1,233 @@ +using System; + +using Org.BouncyCastle.Math.Raw; +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Math.EC.Custom.Sec +{ + internal class SecT131FieldElement + : AbstractF2mFieldElement + { + protected internal readonly ulong[] x; + + public SecT131FieldElement(BigInteger x) + { + if (x == null || x.SignValue < 0 || x.BitLength > 131) + throw new ArgumentException("value invalid for SecT131FieldElement", "x"); + + this.x = SecT131Field.FromBigInteger(x); + } + + public SecT131FieldElement() + { + this.x = Nat192.Create64(); + } + + protected internal SecT131FieldElement(ulong[] x) + { + this.x = x; + } + + public override bool IsOne + { + get { return Nat192.IsOne64(x); } + } + + public override bool IsZero + { + get { return Nat192.IsZero64(x); } + } + + public override bool TestBitZero() + { + return (x[0] & 1UL) != 0UL; + } + + public override BigInteger ToBigInteger() + { + return Nat192.ToBigInteger64(x); + } + + public override string FieldName + { + get { return "SecT131Field"; } + } + + public override int FieldSize + { + get { return 131; } + } + + public override ECFieldElement Add(ECFieldElement b) + { + ulong[] z = Nat192.Create64(); + SecT131Field.Add(x, ((SecT131FieldElement)b).x, z); + return new SecT131FieldElement(z); + } + + public override ECFieldElement AddOne() + { + ulong[] z = Nat192.Create64(); + SecT131Field.AddOne(x, z); + return new SecT131FieldElement(z); + } + + public override ECFieldElement Subtract(ECFieldElement b) + { + // Addition and Subtraction are the same in F2m + return Add(b); + } + + public override ECFieldElement Multiply(ECFieldElement b) + { + ulong[] z = Nat192.Create64(); + SecT131Field.Multiply(x, ((SecT131FieldElement)b).x, z); + return new SecT131FieldElement(z); + } + + public override ECFieldElement MultiplyMinusProduct(ECFieldElement b, ECFieldElement x, ECFieldElement y) + { + return MultiplyPlusProduct(b, x, y); + } + + public override ECFieldElement MultiplyPlusProduct(ECFieldElement b, ECFieldElement x, ECFieldElement y) + { + ulong[] ax = this.x, bx = ((SecT131FieldElement)b).x; + ulong[] xx = ((SecT131FieldElement)x).x, yx = ((SecT131FieldElement)y).x; + + ulong[] tt = Nat.Create64(5); + SecT131Field.MultiplyAddToExt(ax, bx, tt); + SecT131Field.MultiplyAddToExt(xx, yx, tt); + + ulong[] z = Nat192.Create64(); + SecT131Field.Reduce(tt, z); + return new SecT131FieldElement(z); + } + + public override ECFieldElement Divide(ECFieldElement b) + { + return Multiply(b.Invert()); + } + + public override ECFieldElement Negate() + { + return this; + } + + public override ECFieldElement Square() + { + ulong[] z = Nat192.Create64(); + SecT131Field.Square(x, z); + return new SecT131FieldElement(z); + } + + public override ECFieldElement SquareMinusProduct(ECFieldElement x, ECFieldElement y) + { + return SquarePlusProduct(x, y); + } + + public override ECFieldElement SquarePlusProduct(ECFieldElement x, ECFieldElement y) + { + ulong[] ax = this.x; + ulong[] xx = ((SecT131FieldElement)x).x, yx = ((SecT131FieldElement)y).x; + + ulong[] tt = Nat.Create64(5); + SecT131Field.SquareAddToExt(ax, tt); + SecT131Field.MultiplyAddToExt(xx, yx, tt); + + ulong[] z = Nat192.Create64(); + SecT131Field.Reduce(tt, z); + return new SecT131FieldElement(z); + } + + public override ECFieldElement SquarePow(int pow) + { + if (pow < 1) + return this; + + ulong[] z = Nat192.Create64(); + SecT131Field.SquareN(x, pow, z); + return new SecT131FieldElement(z); + } + + public override ECFieldElement HalfTrace() + { + ulong[] z = Nat192.Create64(); + SecT131Field.HalfTrace(x, z); + return new SecT131FieldElement(z); + } + + public override bool HasFastTrace + { + get { return true; } + } + + public override int Trace() + { + return (int)SecT131Field.Trace(x); + } + + public override ECFieldElement Invert() + { + ulong[] z = Nat192.Create64(); + SecT131Field.Invert(x, z); + return new SecT131FieldElement(z); + } + + public override ECFieldElement Sqrt() + { + ulong[] z = Nat192.Create64(); + SecT131Field.Sqrt(x, z); + return new SecT131FieldElement(z); + } + + public virtual int Representation + { + get { return F2mFieldElement.Ppb; } + } + + public virtual int M + { + get { return 131; } + } + + public virtual int K1 + { + get { return 2; } + } + + public virtual int K2 + { + get { return 3; } + } + + public virtual int K3 + { + get { return 8; } + } + + public override bool Equals(object obj) + { + return Equals(obj as SecT131FieldElement); + } + + public override bool Equals(ECFieldElement other) + { + return Equals(other as SecT131FieldElement); + } + + public virtual bool Equals(SecT131FieldElement other) + { + if (this == other) + return true; + if (null == other) + return false; + return Nat192.Eq64(x, other.x); + } + + public override int GetHashCode() + { + return 131832 ^ Arrays.GetHashCode(x, 0, 3); + } + } +} diff --git a/BouncyCastle/crypto/src/math/ec/custom/sec/SecT131R1Curve.cs b/BouncyCastle/crypto/src/math/ec/custom/sec/SecT131R1Curve.cs new file mode 100644 index 0000000..2b26369 --- /dev/null +++ b/BouncyCastle/crypto/src/math/ec/custom/sec/SecT131R1Curve.cs @@ -0,0 +1,177 @@ +using System; + +using Org.BouncyCastle.Math.Raw; +using Org.BouncyCastle.Utilities.Encoders; + +namespace Org.BouncyCastle.Math.EC.Custom.Sec +{ + internal class SecT131R1Curve + : AbstractF2mCurve + { + private const int SECT131R1_DEFAULT_COORDS = COORD_LAMBDA_PROJECTIVE; + private const int SECT131R1_FE_LONGS = 3; + private static readonly ECFieldElement[] SECT131R1_AFFINE_ZS = new ECFieldElement[] { new SecT131FieldElement(BigInteger.One) }; + + protected readonly SecT131R1Point m_infinity; + + public SecT131R1Curve() + : base(131, 2, 3, 8) + { + this.m_infinity = new SecT131R1Point(this, null, null); + + this.m_a = FromBigInteger(new BigInteger(1, Hex.DecodeStrict("07A11B09A76B562144418FF3FF8C2570B8"))); + this.m_b = FromBigInteger(new BigInteger(1, Hex.DecodeStrict("0217C05610884B63B9C6C7291678F9D341"))); + this.m_order = new BigInteger(1, Hex.DecodeStrict("0400000000000000023123953A9464B54D")); + this.m_cofactor = BigInteger.Two; + + this.m_coord = SECT131R1_DEFAULT_COORDS; + } + + protected override ECCurve CloneCurve() + { + return new SecT131R1Curve(); + } + + public override bool SupportsCoordinateSystem(int coord) + { + switch (coord) + { + case COORD_LAMBDA_PROJECTIVE: + return true; + default: + return false; + } + } + + public override ECPoint Infinity + { + get { return m_infinity; } + } + + public override int FieldSize + { + get { return 131; } + } + + public override ECFieldElement FromBigInteger(BigInteger x) + { + return new SecT131FieldElement(x); + } + + protected internal override ECPoint CreateRawPoint(ECFieldElement x, ECFieldElement y, bool withCompression) + { + return new SecT131R1Point(this, x, y, withCompression); + } + + protected internal override ECPoint CreateRawPoint(ECFieldElement x, ECFieldElement y, ECFieldElement[] zs, bool withCompression) + { + return new SecT131R1Point(this, x, y, zs, withCompression); + } + + public override bool IsKoblitz + { + get { return false; } + } + + public virtual int M + { + get { return 131; } + } + + public virtual bool IsTrinomial + { + get { return false; } + } + + public virtual int K1 + { + get { return 2; } + } + + public virtual int K2 + { + get { return 3; } + } + + public virtual int K3 + { + get { return 8; } + } + + public override ECLookupTable CreateCacheSafeLookupTable(ECPoint[] points, int off, int len) + { + ulong[] table = new ulong[len * SECT131R1_FE_LONGS * 2]; + { + int pos = 0; + for (int i = 0; i < len; ++i) + { + ECPoint p = points[off + i]; + Nat192.Copy64(((SecT131FieldElement)p.RawXCoord).x, 0, table, pos); pos += SECT131R1_FE_LONGS; + Nat192.Copy64(((SecT131FieldElement)p.RawYCoord).x, 0, table, pos); pos += SECT131R1_FE_LONGS; + } + } + + return new SecT131R1LookupTable(this, table, len); + } + + private class SecT131R1LookupTable + : AbstractECLookupTable + { + private readonly SecT131R1Curve m_outer; + private readonly ulong[] m_table; + private readonly int m_size; + + internal SecT131R1LookupTable(SecT131R1Curve outer, ulong[] table, int size) + { + this.m_outer = outer; + this.m_table = table; + this.m_size = size; + } + + public override int Size + { + get { return m_size; } + } + + public override ECPoint Lookup(int index) + { + ulong[] x = Nat192.Create64(), y = Nat192.Create64(); + int pos = 0; + + for (int i = 0; i < m_size; ++i) + { + ulong MASK = (ulong)(long)(((i ^ index) - 1) >> 31); + + for (int j = 0; j < SECT131R1_FE_LONGS; ++j) + { + x[j] ^= m_table[pos + j] & MASK; + y[j] ^= m_table[pos + SECT131R1_FE_LONGS + j] & MASK; + } + + pos += (SECT131R1_FE_LONGS * 2); + } + + return CreatePoint(x, y); + } + + public override ECPoint LookupVar(int index) + { + ulong[] x = Nat192.Create64(), y = Nat192.Create64(); + int pos = index * SECT131R1_FE_LONGS * 2; + + for (int j = 0; j < SECT131R1_FE_LONGS; ++j) + { + x[j] = m_table[pos + j]; + y[j] = m_table[pos + SECT131R1_FE_LONGS + j]; + } + + return CreatePoint(x, y); + } + + private ECPoint CreatePoint(ulong[] x, ulong[] y) + { + return m_outer.CreateRawPoint(new SecT131FieldElement(x), new SecT131FieldElement(y), SECT131R1_AFFINE_ZS, false); + } + } + } +} diff --git a/BouncyCastle/crypto/src/math/ec/custom/sec/SecT131R1Point.cs b/BouncyCastle/crypto/src/math/ec/custom/sec/SecT131R1Point.cs new file mode 100644 index 0000000..7aba4f2 --- /dev/null +++ b/BouncyCastle/crypto/src/math/ec/custom/sec/SecT131R1Point.cs @@ -0,0 +1,287 @@ +using System; + +namespace Org.BouncyCastle.Math.EC.Custom.Sec +{ + internal class SecT131R1Point + : AbstractF2mPoint + { + /** + * @deprecated Use ECCurve.createPoint to construct points + */ + public SecT131R1Point(ECCurve curve, ECFieldElement x, ECFieldElement y) + : this(curve, x, y, false) + { + } + + /** + * @deprecated per-point compression property will be removed, refer {@link #getEncoded(bool)} + */ + public SecT131R1Point(ECCurve curve, ECFieldElement x, ECFieldElement y, bool withCompression) + : base(curve, x, y, withCompression) + { + if ((x == null) != (y == null)) + throw new ArgumentException("Exactly one of the field elements is null"); + } + + internal SecT131R1Point(ECCurve curve, ECFieldElement x, ECFieldElement y, ECFieldElement[] zs, bool withCompression) + : base(curve, x, y, zs, withCompression) + { + } + + protected override ECPoint Detach() + { + return new SecT131R1Point(null, AffineXCoord, AffineYCoord); + } + + public override ECFieldElement YCoord + { + get + { + ECFieldElement X = RawXCoord, L = RawYCoord; + + if (this.IsInfinity || X.IsZero) + return L; + + // Y is actually Lambda (X + Y/X) here; convert to affine value on the fly + ECFieldElement Y = L.Add(X).Multiply(X); + + ECFieldElement Z = RawZCoords[0]; + if (!Z.IsOne) + { + Y = Y.Divide(Z); + } + + return Y; + } + } + + protected internal override bool CompressionYTilde + { + get + { + ECFieldElement X = this.RawXCoord; + if (X.IsZero) + return false; + + ECFieldElement Y = this.RawYCoord; + + // Y is actually Lambda (X + Y/X) here + return Y.TestBitZero() != X.TestBitZero(); + } + } + + public override ECPoint Add(ECPoint b) + { + if (this.IsInfinity) + return b; + if (b.IsInfinity) + return this; + + ECCurve curve = this.Curve; + + ECFieldElement X1 = this.RawXCoord; + ECFieldElement X2 = b.RawXCoord; + + if (X1.IsZero) + { + if (X2.IsZero) + return curve.Infinity; + + return b.Add(this); + } + + ECFieldElement L1 = this.RawYCoord, Z1 = this.RawZCoords[0]; + ECFieldElement L2 = b.RawYCoord, Z2 = b.RawZCoords[0]; + + bool Z1IsOne = Z1.IsOne; + ECFieldElement U2 = X2, S2 = L2; + if (!Z1IsOne) + { + U2 = U2.Multiply(Z1); + S2 = S2.Multiply(Z1); + } + + bool Z2IsOne = Z2.IsOne; + ECFieldElement U1 = X1, S1 = L1; + if (!Z2IsOne) + { + U1 = U1.Multiply(Z2); + S1 = S1.Multiply(Z2); + } + + ECFieldElement A = S1.Add(S2); + ECFieldElement B = U1.Add(U2); + + if (B.IsZero) + { + if (A.IsZero) + return Twice(); + + return curve.Infinity; + } + + ECFieldElement X3, L3, Z3; + if (X2.IsZero) + { + // TODO This can probably be optimized quite a bit + ECPoint p = this.Normalize(); + X1 = p.XCoord; + ECFieldElement Y1 = p.YCoord; + + ECFieldElement Y2 = L2; + ECFieldElement L = Y1.Add(Y2).Divide(X1); + + X3 = L.Square().Add(L).Add(X1).Add(curve.A); + if (X3.IsZero) + { + return new SecT131R1Point(curve, X3, curve.B.Sqrt(), IsCompressed); + } + + ECFieldElement Y3 = L.Multiply(X1.Add(X3)).Add(X3).Add(Y1); + L3 = Y3.Divide(X3).Add(X3); + Z3 = curve.FromBigInteger(BigInteger.One); + } + else + { + B = B.Square(); + + ECFieldElement AU1 = A.Multiply(U1); + ECFieldElement AU2 = A.Multiply(U2); + + X3 = AU1.Multiply(AU2); + if (X3.IsZero) + { + return new SecT131R1Point(curve, X3, curve.B.Sqrt(), IsCompressed); + } + + ECFieldElement ABZ2 = A.Multiply(B); + if (!Z2IsOne) + { + ABZ2 = ABZ2.Multiply(Z2); + } + + L3 = AU2.Add(B).SquarePlusProduct(ABZ2, L1.Add(Z1)); + + Z3 = ABZ2; + if (!Z1IsOne) + { + Z3 = Z3.Multiply(Z1); + } + } + + return new SecT131R1Point(curve, X3, L3, new ECFieldElement[] { Z3 }, IsCompressed); + } + + public override ECPoint Twice() + { + if (this.IsInfinity) + { + return this; + } + + ECCurve curve = this.Curve; + + ECFieldElement X1 = this.RawXCoord; + if (X1.IsZero) + { + // A point with X == 0 is its own additive inverse + return curve.Infinity; + } + + ECFieldElement L1 = this.RawYCoord, Z1 = this.RawZCoords[0]; + + bool Z1IsOne = Z1.IsOne; + ECFieldElement L1Z1 = Z1IsOne ? L1 : L1.Multiply(Z1); + ECFieldElement Z1Sq = Z1IsOne ? Z1 : Z1.Square(); + ECFieldElement a = curve.A; + ECFieldElement aZ1Sq = Z1IsOne ? a : a.Multiply(Z1Sq); + ECFieldElement T = L1.Square().Add(L1Z1).Add(aZ1Sq); + if (T.IsZero) + { + return new SecT131R1Point(curve, T, curve.B.Sqrt(), IsCompressed); + } + + ECFieldElement X3 = T.Square(); + ECFieldElement Z3 = Z1IsOne ? T : T.Multiply(Z1Sq); + + ECFieldElement X1Z1 = Z1IsOne ? X1 : X1.Multiply(Z1); + ECFieldElement L3 = X1Z1.SquarePlusProduct(T, L1Z1).Add(X3).Add(Z3); + + return new SecT131R1Point(curve, X3, L3, new ECFieldElement[] { Z3 }, IsCompressed); + } + + public override ECPoint TwicePlus(ECPoint b) + { + if (this.IsInfinity) + { + return b; + } + if (b.IsInfinity) + { + return Twice(); + } + + ECCurve curve = this.Curve; + + ECFieldElement X1 = this.RawXCoord; + if (X1.IsZero) + { + // A point with X == 0 is its own additive inverse + return b; + } + + ECFieldElement X2 = b.RawXCoord, Z2 = b.RawZCoords[0]; + if (X2.IsZero || !Z2.IsOne) + { + return Twice().Add(b); + } + + ECFieldElement L1 = this.RawYCoord, Z1 = this.RawZCoords[0]; + ECFieldElement L2 = b.RawYCoord; + + ECFieldElement X1Sq = X1.Square(); + ECFieldElement L1Sq = L1.Square(); + ECFieldElement Z1Sq = Z1.Square(); + ECFieldElement L1Z1 = L1.Multiply(Z1); + + ECFieldElement T = curve.A.Multiply(Z1Sq).Add(L1Sq).Add(L1Z1); + ECFieldElement L2plus1 = L2.AddOne(); + ECFieldElement A = curve.A.Add(L2plus1).Multiply(Z1Sq).Add(L1Sq).MultiplyPlusProduct(T, X1Sq, Z1Sq); + ECFieldElement X2Z1Sq = X2.Multiply(Z1Sq); + ECFieldElement B = X2Z1Sq.Add(T).Square(); + + if (B.IsZero) + { + if (A.IsZero) + return b.Twice(); + + return curve.Infinity; + } + + if (A.IsZero) + { + return new SecT131R1Point(curve, A, curve.B.Sqrt(), IsCompressed); + } + + ECFieldElement X3 = A.Square().Multiply(X2Z1Sq); + ECFieldElement Z3 = A.Multiply(B).Multiply(Z1Sq); + ECFieldElement L3 = A.Add(B).Square().MultiplyPlusProduct(T, L2plus1, Z3); + + return new SecT131R1Point(curve, X3, L3, new ECFieldElement[] { Z3 }, IsCompressed); + } + + public override ECPoint Negate() + { + if (IsInfinity) + return this; + + ECFieldElement X = this.RawXCoord; + if (X.IsZero) + return this; + + // L is actually Lambda (X + Y/X) here + ECFieldElement L = this.RawYCoord, Z = this.RawZCoords[0]; + return new SecT131R1Point(Curve, X, L.Add(Z), new ECFieldElement[] { Z }, IsCompressed); + } + } +} diff --git a/BouncyCastle/crypto/src/math/ec/custom/sec/SecT131R2Curve.cs b/BouncyCastle/crypto/src/math/ec/custom/sec/SecT131R2Curve.cs new file mode 100644 index 0000000..123362f --- /dev/null +++ b/BouncyCastle/crypto/src/math/ec/custom/sec/SecT131R2Curve.cs @@ -0,0 +1,177 @@ +using System; + +using Org.BouncyCastle.Math.Raw; +using Org.BouncyCastle.Utilities.Encoders; + +namespace Org.BouncyCastle.Math.EC.Custom.Sec +{ + internal class SecT131R2Curve + : AbstractF2mCurve + { + private const int SECT131R2_DEFAULT_COORDS = COORD_LAMBDA_PROJECTIVE; + private const int SECT131R2_FE_LONGS = 3; + private static readonly ECFieldElement[] SECT131R2_AFFINE_ZS = new ECFieldElement[] { new SecT131FieldElement(BigInteger.One) }; + + protected readonly SecT131R2Point m_infinity; + + public SecT131R2Curve() + : base(131, 2, 3, 8) + { + this.m_infinity = new SecT131R2Point(this, null, null); + + this.m_a = FromBigInteger(new BigInteger(1, Hex.DecodeStrict("03E5A88919D7CAFCBF415F07C2176573B2"))); + this.m_b = FromBigInteger(new BigInteger(1, Hex.DecodeStrict("04B8266A46C55657AC734CE38F018F2192"))); + this.m_order = new BigInteger(1, Hex.DecodeStrict("0400000000000000016954A233049BA98F")); + this.m_cofactor = BigInteger.Two; + + this.m_coord = SECT131R2_DEFAULT_COORDS; + } + + protected override ECCurve CloneCurve() + { + return new SecT131R2Curve(); + } + + public override bool SupportsCoordinateSystem(int coord) + { + switch (coord) + { + case COORD_LAMBDA_PROJECTIVE: + return true; + default: + return false; + } + } + + public override int FieldSize + { + get { return 131; } + } + + public override ECFieldElement FromBigInteger(BigInteger x) + { + return new SecT131FieldElement(x); + } + + protected internal override ECPoint CreateRawPoint(ECFieldElement x, ECFieldElement y, bool withCompression) + { + return new SecT131R2Point(this, x, y, withCompression); + } + + protected internal override ECPoint CreateRawPoint(ECFieldElement x, ECFieldElement y, ECFieldElement[] zs, bool withCompression) + { + return new SecT131R2Point(this, x, y, zs, withCompression); + } + + public override ECPoint Infinity + { + get { return m_infinity; } + } + + public override bool IsKoblitz + { + get { return false; } + } + + public virtual int M + { + get { return 131; } + } + + public virtual bool IsTrinomial + { + get { return false; } + } + + public virtual int K1 + { + get { return 2; } + } + + public virtual int K2 + { + get { return 3; } + } + + public virtual int K3 + { + get { return 8; } + } + + public override ECLookupTable CreateCacheSafeLookupTable(ECPoint[] points, int off, int len) + { + ulong[] table = new ulong[len * SECT131R2_FE_LONGS * 2]; + { + int pos = 0; + for (int i = 0; i < len; ++i) + { + ECPoint p = points[off + i]; + Nat192.Copy64(((SecT131FieldElement)p.RawXCoord).x, 0, table, pos); pos += SECT131R2_FE_LONGS; + Nat192.Copy64(((SecT131FieldElement)p.RawYCoord).x, 0, table, pos); pos += SECT131R2_FE_LONGS; + } + } + + return new SecT131R2LookupTable(this, table, len); + } + + private class SecT131R2LookupTable + : AbstractECLookupTable + { + private readonly SecT131R2Curve m_outer; + private readonly ulong[] m_table; + private readonly int m_size; + + internal SecT131R2LookupTable(SecT131R2Curve outer, ulong[] table, int size) + { + this.m_outer = outer; + this.m_table = table; + this.m_size = size; + } + + public override int Size + { + get { return m_size; } + } + + public override ECPoint Lookup(int index) + { + ulong[] x = Nat192.Create64(), y = Nat192.Create64(); + int pos = 0; + + for (int i = 0; i < m_size; ++i) + { + ulong MASK = (ulong)(long)(((i ^ index) - 1) >> 31); + + for (int j = 0; j < SECT131R2_FE_LONGS; ++j) + { + x[j] ^= m_table[pos + j] & MASK; + y[j] ^= m_table[pos + SECT131R2_FE_LONGS + j] & MASK; + } + + pos += (SECT131R2_FE_LONGS * 2); + } + + return CreatePoint(x, y); + } + + public override ECPoint LookupVar(int index) + { + ulong[] x = Nat192.Create64(), y = Nat192.Create64(); + int pos = index * SECT131R2_FE_LONGS * 2; + + for (int j = 0; j < SECT131R2_FE_LONGS; ++j) + { + x[j] = m_table[pos + j]; + y[j] = m_table[pos + SECT131R2_FE_LONGS + j]; + } + + return CreatePoint(x, y); + } + + private ECPoint CreatePoint(ulong[] x, ulong[] y) + { + return m_outer.CreateRawPoint(new SecT131FieldElement(x), new SecT131FieldElement(y), SECT131R2_AFFINE_ZS, false); + } + } + } +} diff --git a/BouncyCastle/crypto/src/math/ec/custom/sec/SecT131R2Point.cs b/BouncyCastle/crypto/src/math/ec/custom/sec/SecT131R2Point.cs new file mode 100644 index 0000000..5d06049 --- /dev/null +++ b/BouncyCastle/crypto/src/math/ec/custom/sec/SecT131R2Point.cs @@ -0,0 +1,283 @@ +using System; + +namespace Org.BouncyCastle.Math.EC.Custom.Sec +{ + internal class SecT131R2Point + : AbstractF2mPoint + { + /** + * @deprecated Use ECCurve.createPoint to construct points + */ + public SecT131R2Point(ECCurve curve, ECFieldElement x, ECFieldElement y) + : this(curve, x, y, false) + { + } + + /** + * @deprecated per-point compression property will be removed, refer {@link #getEncoded(bool)} + */ + public SecT131R2Point(ECCurve curve, ECFieldElement x, ECFieldElement y, bool withCompression) + : base(curve, x, y, withCompression) + { + if ((x == null) != (y == null)) + throw new ArgumentException("Exactly one of the field elements is null"); + } + + internal SecT131R2Point(ECCurve curve, ECFieldElement x, ECFieldElement y, ECFieldElement[] zs, bool withCompression) + : base(curve, x, y, zs, withCompression) + { + } + + protected override ECPoint Detach() + { + return new SecT131R2Point(null, AffineXCoord, AffineYCoord); + } + + public override ECFieldElement YCoord + { + get + { + ECFieldElement X = RawXCoord, L = RawYCoord; + + if (this.IsInfinity || X.IsZero) + return L; + + // Y is actually Lambda (X + Y/X) here; convert to affine value on the fly + ECFieldElement Y = L.Add(X).Multiply(X); + + ECFieldElement Z = RawZCoords[0]; + if (!Z.IsOne) + { + Y = Y.Divide(Z); + } + + return Y; + } + } + + protected internal override bool CompressionYTilde + { + get + { + ECFieldElement X = this.RawXCoord; + if (X.IsZero) + return false; + + ECFieldElement Y = this.RawYCoord; + + // Y is actually Lambda (X + Y/X) here + return Y.TestBitZero() != X.TestBitZero(); + } + } + + public override ECPoint Add(ECPoint b) + { + if (this.IsInfinity) + return b; + if (b.IsInfinity) + return this; + + ECCurve curve = this.Curve; + + ECFieldElement X1 = this.RawXCoord; + ECFieldElement X2 = b.RawXCoord; + + if (X1.IsZero) + { + if (X2.IsZero) + return curve.Infinity; + + return b.Add(this); + } + + ECFieldElement L1 = this.RawYCoord, Z1 = this.RawZCoords[0]; + ECFieldElement L2 = b.RawYCoord, Z2 = b.RawZCoords[0]; + + bool Z1IsOne = Z1.IsOne; + ECFieldElement U2 = X2, S2 = L2; + if (!Z1IsOne) + { + U2 = U2.Multiply(Z1); + S2 = S2.Multiply(Z1); + } + + bool Z2IsOne = Z2.IsOne; + ECFieldElement U1 = X1, S1 = L1; + if (!Z2IsOne) + { + U1 = U1.Multiply(Z2); + S1 = S1.Multiply(Z2); + } + + ECFieldElement A = S1.Add(S2); + ECFieldElement B = U1.Add(U2); + + if (B.IsZero) + { + if (A.IsZero) + return Twice(); + + return curve.Infinity; + } + + ECFieldElement X3, L3, Z3; + if (X2.IsZero) + { + // TODO This can probably be optimized quite a bit + ECPoint p = this.Normalize(); + X1 = p.XCoord; + ECFieldElement Y1 = p.YCoord; + + ECFieldElement Y2 = L2; + ECFieldElement L = Y1.Add(Y2).Divide(X1); + + X3 = L.Square().Add(L).Add(X1).Add(curve.A); + if (X3.IsZero) + { + return new SecT131R2Point(curve, X3, curve.B.Sqrt(), IsCompressed); + } + + ECFieldElement Y3 = L.Multiply(X1.Add(X3)).Add(X3).Add(Y1); + L3 = Y3.Divide(X3).Add(X3); + Z3 = curve.FromBigInteger(BigInteger.One); + } + else + { + B = B.Square(); + + ECFieldElement AU1 = A.Multiply(U1); + ECFieldElement AU2 = A.Multiply(U2); + + X3 = AU1.Multiply(AU2); + if (X3.IsZero) + { + return new SecT131R2Point(curve, X3, curve.B.Sqrt(), IsCompressed); + } + + ECFieldElement ABZ2 = A.Multiply(B); + if (!Z2IsOne) + { + ABZ2 = ABZ2.Multiply(Z2); + } + + L3 = AU2.Add(B).SquarePlusProduct(ABZ2, L1.Add(Z1)); + + Z3 = ABZ2; + if (!Z1IsOne) + { + Z3 = Z3.Multiply(Z1); + } + } + + return new SecT131R2Point(curve, X3, L3, new ECFieldElement[] { Z3 }, IsCompressed); + } + + public override ECPoint Twice() + { + if (this.IsInfinity) + { + return this; + } + + ECCurve curve = this.Curve; + + ECFieldElement X1 = this.RawXCoord; + if (X1.IsZero) + { + // A point with X == 0 is its own additive inverse + return curve.Infinity; + } + + ECFieldElement L1 = this.RawYCoord, Z1 = this.RawZCoords[0]; + + bool Z1IsOne = Z1.IsOne; + ECFieldElement L1Z1 = Z1IsOne ? L1 : L1.Multiply(Z1); + ECFieldElement Z1Sq = Z1IsOne ? Z1 : Z1.Square(); + ECFieldElement a = curve.A; + ECFieldElement aZ1Sq = Z1IsOne ? a : a.Multiply(Z1Sq); + ECFieldElement T = L1.Square().Add(L1Z1).Add(aZ1Sq); + if (T.IsZero) + { + return new SecT131R2Point(curve, T, curve.B.Sqrt(), IsCompressed); + } + + ECFieldElement X3 = T.Square(); + ECFieldElement Z3 = Z1IsOne ? T : T.Multiply(Z1Sq); + + ECFieldElement X1Z1 = Z1IsOne ? X1 : X1.Multiply(Z1); + ECFieldElement L3 = X1Z1.SquarePlusProduct(T, L1Z1).Add(X3).Add(Z3); + + return new SecT131R2Point(curve, X3, L3, new ECFieldElement[] { Z3 }, IsCompressed); + } + + public override ECPoint TwicePlus(ECPoint b) + { + if (this.IsInfinity) + return b; + if (b.IsInfinity) + return Twice(); + + ECCurve curve = this.Curve; + + ECFieldElement X1 = this.RawXCoord; + if (X1.IsZero) + { + // A point with X == 0 is its own additive inverse + return b; + } + + ECFieldElement X2 = b.RawXCoord, Z2 = b.RawZCoords[0]; + if (X2.IsZero || !Z2.IsOne) + { + return Twice().Add(b); + } + + ECFieldElement L1 = this.RawYCoord, Z1 = this.RawZCoords[0]; + ECFieldElement L2 = b.RawYCoord; + + ECFieldElement X1Sq = X1.Square(); + ECFieldElement L1Sq = L1.Square(); + ECFieldElement Z1Sq = Z1.Square(); + ECFieldElement L1Z1 = L1.Multiply(Z1); + + ECFieldElement T = curve.A.Multiply(Z1Sq).Add(L1Sq).Add(L1Z1); + ECFieldElement L2plus1 = L2.AddOne(); + ECFieldElement A = curve.A.Add(L2plus1).Multiply(Z1Sq).Add(L1Sq).MultiplyPlusProduct(T, X1Sq, Z1Sq); + ECFieldElement X2Z1Sq = X2.Multiply(Z1Sq); + ECFieldElement B = X2Z1Sq.Add(T).Square(); + + if (B.IsZero) + { + if (A.IsZero) + return b.Twice(); + + return curve.Infinity; + } + + if (A.IsZero) + { + return new SecT131R2Point(curve, A, curve.B.Sqrt(), IsCompressed); + } + + ECFieldElement X3 = A.Square().Multiply(X2Z1Sq); + ECFieldElement Z3 = A.Multiply(B).Multiply(Z1Sq); + ECFieldElement L3 = A.Add(B).Square().MultiplyPlusProduct(T, L2plus1, Z3); + + return new SecT131R2Point(curve, X3, L3, new ECFieldElement[] { Z3 }, IsCompressed); + } + + public override ECPoint Negate() + { + if (IsInfinity) + return this; + + ECFieldElement X = this.RawXCoord; + if (X.IsZero) + return this; + + // L is actually Lambda (X + Y/X) here + ECFieldElement L = this.RawYCoord, Z = this.RawZCoords[0]; + return new SecT131R2Point(Curve, X, L.Add(Z), new ECFieldElement[] { Z }, IsCompressed); + } + } +} diff --git a/BouncyCastle/crypto/src/math/ec/custom/sec/SecT163Field.cs b/BouncyCastle/crypto/src/math/ec/custom/sec/SecT163Field.cs new file mode 100644 index 0000000..79079ac --- /dev/null +++ b/BouncyCastle/crypto/src/math/ec/custom/sec/SecT163Field.cs @@ -0,0 +1,355 @@ +using System; +using System.Diagnostics; + +using Org.BouncyCastle.Math.Raw; + +namespace Org.BouncyCastle.Math.EC.Custom.Sec +{ + internal class SecT163Field + { + private const ulong M35 = ulong.MaxValue >> 29; + private const ulong M55 = ulong.MaxValue >> 9; + + private static readonly ulong[] ROOT_Z = new ulong[]{ 0xB6DB6DB6DB6DB6B0UL, 0x492492492492DB6DUL, 0x492492492UL }; + + public static void Add(ulong[] x, ulong[] y, ulong[] z) + { + z[0] = x[0] ^ y[0]; + z[1] = x[1] ^ y[1]; + z[2] = x[2] ^ y[2]; + } + + public static void AddExt(ulong[] xx, ulong[] yy, ulong[] zz) + { + zz[0] = xx[0] ^ yy[0]; + zz[1] = xx[1] ^ yy[1]; + zz[2] = xx[2] ^ yy[2]; + zz[3] = xx[3] ^ yy[3]; + zz[4] = xx[4] ^ yy[4]; + zz[5] = xx[5] ^ yy[5]; + } + + public static void AddOne(ulong[] x, ulong[] z) + { + z[0] = x[0] ^ 1UL; + z[1] = x[1]; + z[2] = x[2]; + } + + private static void AddTo(ulong[] x, ulong[] z) + { + z[0] ^= x[0]; + z[1] ^= x[1]; + z[2] ^= x[2]; + } + + public static ulong[] FromBigInteger(BigInteger x) + { + return Nat.FromBigInteger64(163, x); + } + + public static void HalfTrace(ulong[] x, ulong[] z) + { + ulong[] tt = Nat192.CreateExt64(); + + Nat192.Copy64(x, z); + for (int i = 1; i < 163; i += 2) + { + ImplSquare(z, tt); + Reduce(tt, z); + ImplSquare(z, tt); + Reduce(tt, z); + AddTo(x, z); + } + } + + public static void Invert(ulong[] x, ulong[] z) + { + if (Nat192.IsZero64(x)) + throw new InvalidOperationException(); + + // Itoh-Tsujii inversion with bases { 2, 3 } + + ulong[] t0 = Nat192.Create64(); + ulong[] t1 = Nat192.Create64(); + + Square(x, t0); + + // 3 | 162 + SquareN(t0, 1, t1); + Multiply(t0, t1, t0); + SquareN(t1, 1, t1); + Multiply(t0, t1, t0); + + // 3 | 54 + SquareN(t0, 3, t1); + Multiply(t0, t1, t0); + SquareN(t1, 3, t1); + Multiply(t0, t1, t0); + + // 3 | 18 + SquareN(t0, 9, t1); + Multiply(t0, t1, t0); + SquareN(t1, 9, t1); + Multiply(t0, t1, t0); + + // 3 | 6 + SquareN(t0, 27, t1); + Multiply(t0, t1, t0); + SquareN(t1, 27, t1); + Multiply(t0, t1, t0); + + // 2 | 2 + SquareN(t0, 81, t1); + Multiply(t0, t1, z); + } + + public static void Multiply(ulong[] x, ulong[] y, ulong[] z) + { + ulong[] tt = new ulong[8]; + ImplMultiply(x, y, tt); + Reduce(tt, z); + } + + public static void MultiplyAddToExt(ulong[] x, ulong[] y, ulong[] zz) + { + ulong[] tt = new ulong[8]; + ImplMultiply(x, y, tt); + AddExt(zz, tt, zz); + } + + public static void Reduce(ulong[] xx, ulong[] z) + { + ulong x0 = xx[0], x1 = xx[1], x2 = xx[2], x3 = xx[3], x4 = xx[4], x5 = xx[5]; + + x2 ^= (x5 << 29) ^ (x5 << 32) ^ (x5 << 35) ^ (x5 << 36); + x3 ^= (x5 >> 35) ^ (x5 >> 32) ^ (x5 >> 29) ^ (x5 >> 28); + + x1 ^= (x4 << 29) ^ (x4 << 32) ^ (x4 << 35) ^ (x4 << 36); + x2 ^= (x4 >> 35) ^ (x4 >> 32) ^ (x4 >> 29) ^ (x4 >> 28); + + x0 ^= (x3 << 29) ^ (x3 << 32) ^ (x3 << 35) ^ (x3 << 36); + x1 ^= (x3 >> 35) ^ (x3 >> 32) ^ (x3 >> 29) ^ (x3 >> 28); + + ulong t = x2 >> 35; + z[0] = x0 ^ t ^ (t << 3) ^ (t << 6) ^ (t << 7); + z[1] = x1; + z[2] = x2 & M35; + } + + public static void Reduce29(ulong[] z, int zOff) + { + ulong z2 = z[zOff + 2], t = z2 >> 35; + z[zOff ] ^= t ^ (t << 3) ^ (t << 6) ^ (t << 7); + z[zOff + 2] = z2 & M35; + } + + public static void Sqrt(ulong[] x, ulong[] z) + { + ulong[] odd = Nat192.Create64(); + + ulong u0, u1; + u0 = Interleave.Unshuffle(x[0]); u1 = Interleave.Unshuffle(x[1]); + ulong e0 = (u0 & 0x00000000FFFFFFFFUL) | (u1 << 32); + odd[0] = (u0 >> 32) | (u1 & 0xFFFFFFFF00000000UL); + + u0 = Interleave.Unshuffle(x[2]); + ulong e1 = (u0 & 0x00000000FFFFFFFFUL); + odd[1] = (u0 >> 32); + + Multiply(odd, ROOT_Z, z); + + z[0] ^= e0; + z[1] ^= e1; + } + + public static void Square(ulong[] x, ulong[] z) + { + ulong[] tt = Nat192.CreateExt64(); + ImplSquare(x, tt); + Reduce(tt, z); + } + + public static void SquareAddToExt(ulong[] x, ulong[] zz) + { + ulong[] tt = Nat192.CreateExt64(); + ImplSquare(x, tt); + AddExt(zz, tt, zz); + } + + public static void SquareN(ulong[] x, int n, ulong[] z) + { + Debug.Assert(n > 0); + + ulong[] tt = Nat192.CreateExt64(); + ImplSquare(x, tt); + Reduce(tt, z); + + while (--n > 0) + { + ImplSquare(z, tt); + Reduce(tt, z); + } + } + + public static uint Trace(ulong[] x) + { + // Non-zero-trace bits: 0, 157 + return (uint)(x[0] ^ (x[2] >> 29)) & 1U; + } + + protected static void ImplCompactExt(ulong[] zz) + { + ulong z0 = zz[0], z1 = zz[1], z2 = zz[2], z3 = zz[3], z4 = zz[4], z5 = zz[5]; + zz[0] = z0 ^ (z1 << 55); + zz[1] = (z1 >> 9) ^ (z2 << 46); + zz[2] = (z2 >> 18) ^ (z3 << 37); + zz[3] = (z3 >> 27) ^ (z4 << 28); + zz[4] = (z4 >> 36) ^ (z5 << 19); + zz[5] = (z5 >> 45); + } + + protected static void ImplMultiply(ulong[] x, ulong[] y, ulong[] zz) + { + /* + * "Five-way recursion" as described in "Batch binary Edwards", Daniel J. Bernstein. + */ + + ulong f0 = x[0], f1 = x[1], f2 = x[2]; + f2 = ((f1 >> 46) ^ (f2 << 18)); + f1 = ((f0 >> 55) ^ (f1 << 9)) & M55; + f0 &= M55; + + ulong g0 = y[0], g1 = y[1], g2 = y[2]; + g2 = ((g1 >> 46) ^ (g2 << 18)); + g1 = ((g0 >> 55) ^ (g1 << 9)) & M55; + g0 &= M55; + + ulong[] u = zz; + ulong[] H = new ulong[10]; + + ImplMulw(u, f0, g0, H, 0); // H(0) 55/54 bits + ImplMulw(u, f2, g2, H, 2); // H(INF) 55/50 bits + + ulong t0 = f0 ^ f1 ^ f2; + ulong t1 = g0 ^ g1 ^ g2; + + ImplMulw(u, t0, t1, H, 4); // H(1) 55/54 bits + + ulong t2 = (f1 << 1) ^ (f2 << 2); + ulong t3 = (g1 << 1) ^ (g2 << 2); + + ImplMulw(u, f0 ^ t2, g0 ^ t3, H, 6); // H(t) 55/56 bits + ImplMulw(u, t0 ^ t2, t1 ^ t3, H, 8); // H(t + 1) 55/56 bits + + ulong t4 = H[6] ^ H[8]; + ulong t5 = H[7] ^ H[9]; + + Debug.Assert(t5 >> 55 == 0); + + // Calculate V + ulong v0 = (t4 << 1) ^ H[6]; + ulong v1 = t4 ^ (t5 << 1) ^ H[7]; + ulong v2 = t5; + + // Calculate U + ulong u0 = H[0]; + ulong u1 = H[1] ^ H[0] ^ H[4]; + ulong u2 = H[1] ^ H[5]; + + // Calculate W + ulong w0 = u0 ^ v0 ^ (H[2] << 4) ^ (H[2] << 1); + ulong w1 = u1 ^ v1 ^ (H[3] << 4) ^ (H[3] << 1); + ulong w2 = u2 ^ v2; + + // Propagate carries + w1 ^= (w0 >> 55); w0 &= M55; + w2 ^= (w1 >> 55); w1 &= M55; + + Debug.Assert((w0 & 1UL) == 0UL); + + // Divide W by t + + w0 = (w0 >> 1) ^ ((w1 & 1UL) << 54); + w1 = (w1 >> 1) ^ ((w2 & 1UL) << 54); + w2 = (w2 >> 1); + + // Divide W by (t + 1) + + w0 ^= (w0 << 1); + w0 ^= (w0 << 2); + w0 ^= (w0 << 4); + w0 ^= (w0 << 8); + w0 ^= (w0 << 16); + w0 ^= (w0 << 32); + + w0 &= M55; w1 ^= (w0 >> 54); + + w1 ^= (w1 << 1); + w1 ^= (w1 << 2); + w1 ^= (w1 << 4); + w1 ^= (w1 << 8); + w1 ^= (w1 << 16); + w1 ^= (w1 << 32); + + w1 &= M55; w2 ^= (w1 >> 54); + + w2 ^= (w2 << 1); + w2 ^= (w2 << 2); + w2 ^= (w2 << 4); + w2 ^= (w2 << 8); + w2 ^= (w2 << 16); + w2 ^= (w2 << 32); + + Debug.Assert(w2 >> 52 == 0); + + zz[0] = u0; + zz[1] = u1 ^ w0 ^ H[2]; + zz[2] = u2 ^ w1 ^ w0 ^ H[3]; + zz[3] = w2 ^ w1; + zz[4] = w2 ^ H[2]; + zz[5] = H[3]; + + ImplCompactExt(zz); + } + + protected static void ImplMulw(ulong[] u, ulong x, ulong y, ulong[] z, int zOff) + { + Debug.Assert(x >> 56 == 0); + Debug.Assert(y >> 56 == 0); + + //u[0] = 0; + u[1] = y; + u[2] = u[1] << 1; + u[3] = u[2] ^ y; + u[4] = u[2] << 1; + u[5] = u[4] ^ y; + u[6] = u[3] << 1; + u[7] = u[6] ^ y; + + uint j = (uint)x; + ulong g, h = 0, l = u[j & 3]; + int k = 47; + do + { + j = (uint)(x >> k); + g = u[j & 7] + ^ u[(j >> 3) & 7] << 3 + ^ u[(j >> 6) & 7] << 6; + l ^= (g << k); + h ^= (g >> -k); + } + while ((k -= 9) > 0); + + Debug.Assert(h >> 47 == 0); + + z[zOff ] = l & M55; + z[zOff + 1] = (l >> 55) ^ (h << 9); + } + + protected static void ImplSquare(ulong[] x, ulong[] zz) + { + Interleave.Expand64To128(x, 0, 3, zz, 0); + } + } +} diff --git a/BouncyCastle/crypto/src/math/ec/custom/sec/SecT163FieldElement.cs b/BouncyCastle/crypto/src/math/ec/custom/sec/SecT163FieldElement.cs new file mode 100644 index 0000000..214a563 --- /dev/null +++ b/BouncyCastle/crypto/src/math/ec/custom/sec/SecT163FieldElement.cs @@ -0,0 +1,233 @@ +using System; + +using Org.BouncyCastle.Math.Raw; +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Math.EC.Custom.Sec +{ + internal class SecT163FieldElement + : AbstractF2mFieldElement + { + protected internal readonly ulong[] x; + + public SecT163FieldElement(BigInteger x) + { + if (x == null || x.SignValue < 0 || x.BitLength > 163) + throw new ArgumentException("value invalid for SecT163FieldElement", "x"); + + this.x = SecT163Field.FromBigInteger(x); + } + + public SecT163FieldElement() + { + this.x = Nat192.Create64(); + } + + protected internal SecT163FieldElement(ulong[] x) + { + this.x = x; + } + + public override bool IsOne + { + get { return Nat192.IsOne64(x); } + } + + public override bool IsZero + { + get { return Nat192.IsZero64(x); } + } + + public override bool TestBitZero() + { + return (x[0] & 1L) != 0L; + } + + public override BigInteger ToBigInteger() + { + return Nat192.ToBigInteger64(x); + } + + public override string FieldName + { + get { return "SecT163Field"; } + } + + public override int FieldSize + { + get { return 163; } + } + + public override ECFieldElement Add(ECFieldElement b) + { + ulong[] z = Nat192.Create64(); + SecT163Field.Add(x, ((SecT163FieldElement)b).x, z); + return new SecT163FieldElement(z); + } + + public override ECFieldElement AddOne() + { + ulong[] z = Nat192.Create64(); + SecT163Field.AddOne(x, z); + return new SecT163FieldElement(z); + } + + public override ECFieldElement Subtract(ECFieldElement b) + { + // Addition and subtraction are the same in F2m + return Add(b); + } + + public override ECFieldElement Multiply(ECFieldElement b) + { + ulong[] z = Nat192.Create64(); + SecT163Field.Multiply(x, ((SecT163FieldElement)b).x, z); + return new SecT163FieldElement(z); + } + + public override ECFieldElement MultiplyMinusProduct(ECFieldElement b, ECFieldElement x, ECFieldElement y) + { + return MultiplyPlusProduct(b, x, y); + } + + public override ECFieldElement MultiplyPlusProduct(ECFieldElement b, ECFieldElement x, ECFieldElement y) + { + ulong[] ax = this.x, bx = ((SecT163FieldElement)b).x; + ulong[] xx = ((SecT163FieldElement)x).x, yx = ((SecT163FieldElement)y).x; + + ulong[] tt = Nat192.CreateExt64(); + SecT163Field.MultiplyAddToExt(ax, bx, tt); + SecT163Field.MultiplyAddToExt(xx, yx, tt); + + ulong[] z = Nat192.Create64(); + SecT163Field.Reduce(tt, z); + return new SecT163FieldElement(z); + } + + public override ECFieldElement Divide(ECFieldElement b) + { + return Multiply(b.Invert()); + } + + public override ECFieldElement Negate() + { + return this; + } + + public override ECFieldElement Square() + { + ulong[] z = Nat192.Create64(); + SecT163Field.Square(x, z); + return new SecT163FieldElement(z); + } + + public override ECFieldElement SquareMinusProduct(ECFieldElement x, ECFieldElement y) + { + return SquarePlusProduct(x, y); + } + + public override ECFieldElement SquarePlusProduct(ECFieldElement x, ECFieldElement y) + { + ulong[] ax = this.x; + ulong[] xx = ((SecT163FieldElement)x).x, yx = ((SecT163FieldElement)y).x; + + ulong[] tt = Nat192.CreateExt64(); + SecT163Field.SquareAddToExt(ax, tt); + SecT163Field.MultiplyAddToExt(xx, yx, tt); + + ulong[] z = Nat192.Create64(); + SecT163Field.Reduce(tt, z); + return new SecT163FieldElement(z); + } + + public override ECFieldElement SquarePow(int pow) + { + if (pow < 1) + return this; + + ulong[] z = Nat192.Create64(); + SecT163Field.SquareN(x, pow, z); + return new SecT163FieldElement(z); + } + + public override ECFieldElement HalfTrace() + { + ulong[] z = Nat192.Create64(); + SecT163Field.HalfTrace(x, z); + return new SecT163FieldElement(z); + } + + public override bool HasFastTrace + { + get { return true; } + } + + public override int Trace() + { + return (int)SecT163Field.Trace(x); + } + + public override ECFieldElement Invert() + { + ulong[] z = Nat192.Create64(); + SecT163Field.Invert(x, z); + return new SecT163FieldElement(z); + } + + public override ECFieldElement Sqrt() + { + ulong[] z = Nat192.Create64(); + SecT163Field.Sqrt(x, z); + return new SecT163FieldElement(z); + } + + public virtual int Representation + { + get { return F2mFieldElement.Ppb; } + } + + public virtual int M + { + get { return 163; } + } + + public virtual int K1 + { + get { return 3; } + } + + public virtual int K2 + { + get { return 6; } + } + + public virtual int K3 + { + get { return 7; } + } + + public override bool Equals(object obj) + { + return Equals(obj as SecT163FieldElement); + } + + public override bool Equals(ECFieldElement other) + { + return Equals(other as SecT163FieldElement); + } + + public virtual bool Equals(SecT163FieldElement other) + { + if (this == other) + return true; + if (null == other) + return false; + return Nat192.Eq64(x, other.x); + } + + public override int GetHashCode() + { + return 163763 ^ Arrays.GetHashCode(x, 0, 3); + } + } +} diff --git a/BouncyCastle/crypto/src/math/ec/custom/sec/SecT163K1Curve.cs b/BouncyCastle/crypto/src/math/ec/custom/sec/SecT163K1Curve.cs new file mode 100644 index 0000000..31c63a8 --- /dev/null +++ b/BouncyCastle/crypto/src/math/ec/custom/sec/SecT163K1Curve.cs @@ -0,0 +1,183 @@ +using System; + +using Org.BouncyCastle.Math.EC.Multiplier; +using Org.BouncyCastle.Math.Raw; +using Org.BouncyCastle.Utilities.Encoders; + +namespace Org.BouncyCastle.Math.EC.Custom.Sec +{ + internal class SecT163K1Curve + : AbstractF2mCurve + { + private const int SECT163K1_DEFAULT_COORDS = COORD_LAMBDA_PROJECTIVE; + private const int SECT163K1_FE_LONGS = 3; + private static readonly ECFieldElement[] SECT163K1_AFFINE_ZS = new ECFieldElement[] { new SecT163FieldElement(BigInteger.One) }; + + protected readonly SecT163K1Point m_infinity; + + public SecT163K1Curve() + : base(163, 3, 6, 7) + { + this.m_infinity = new SecT163K1Point(this, null, null); + + this.m_a = FromBigInteger(BigInteger.One); + this.m_b = this.m_a; + this.m_order = new BigInteger(1, Hex.DecodeStrict("04000000000000000000020108A2E0CC0D99F8A5EF")); + this.m_cofactor = BigInteger.Two; + + this.m_coord = SECT163K1_DEFAULT_COORDS; + } + + protected override ECCurve CloneCurve() + { + return new SecT163K1Curve(); + } + + public override bool SupportsCoordinateSystem(int coord) + { + switch (coord) + { + case COORD_LAMBDA_PROJECTIVE: + return true; + default: + return false; + } + } + + protected override ECMultiplier CreateDefaultMultiplier() + { + return new WTauNafMultiplier(); + } + + public override ECPoint Infinity + { + get { return m_infinity; } + } + + public override int FieldSize + { + get { return 163; } + } + + public override ECFieldElement FromBigInteger(BigInteger x) + { + return new SecT163FieldElement(x); + } + + protected internal override ECPoint CreateRawPoint(ECFieldElement x, ECFieldElement y, bool withCompression) + { + return new SecT163K1Point(this, x, y, withCompression); + } + + protected internal override ECPoint CreateRawPoint(ECFieldElement x, ECFieldElement y, ECFieldElement[] zs, bool withCompression) + { + return new SecT163K1Point(this, x, y, zs, withCompression); + } + + public override bool IsKoblitz + { + get { return true; } + } + + public virtual int M + { + get { return 163; } + } + + public virtual bool IsTrinomial + { + get { return false; } + } + + public virtual int K1 + { + get { return 3; } + } + + public virtual int K2 + { + get { return 6; } + } + + public virtual int K3 + { + get { return 7; } + } + + public override ECLookupTable CreateCacheSafeLookupTable(ECPoint[] points, int off, int len) + { + ulong[] table = new ulong[len * SECT163K1_FE_LONGS * 2]; + { + int pos = 0; + for (int i = 0; i < len; ++i) + { + ECPoint p = points[off + i]; + Nat192.Copy64(((SecT163FieldElement)p.RawXCoord).x, 0, table, pos); pos += SECT163K1_FE_LONGS; + Nat192.Copy64(((SecT163FieldElement)p.RawYCoord).x, 0, table, pos); pos += SECT163K1_FE_LONGS; + } + } + + return new SecT163K1LookupTable(this, table, len); + } + + private class SecT163K1LookupTable + : AbstractECLookupTable + { + private readonly SecT163K1Curve m_outer; + private readonly ulong[] m_table; + private readonly int m_size; + + internal SecT163K1LookupTable(SecT163K1Curve outer, ulong[] table, int size) + { + this.m_outer = outer; + this.m_table = table; + this.m_size = size; + } + + public override int Size + { + get { return m_size; } + } + + public override ECPoint Lookup(int index) + { + ulong[] x = Nat192.Create64(), y = Nat192.Create64(); + int pos = 0; + + for (int i = 0; i < m_size; ++i) + { + ulong MASK = (ulong)(long)(((i ^ index) - 1) >> 31); + + for (int j = 0; j < SECT163K1_FE_LONGS; ++j) + { + x[j] ^= m_table[pos + j] & MASK; + y[j] ^= m_table[pos + SECT163K1_FE_LONGS + j] & MASK; + } + + pos += (SECT163K1_FE_LONGS * 2); + } + + return CreatePoint(x, y); + } + + public override ECPoint LookupVar(int index) + { + ulong[] x = Nat192.Create64(), y = Nat192.Create64(); + int pos = index * SECT163K1_FE_LONGS * 2; + + for (int j = 0; j < SECT163K1_FE_LONGS; ++j) + { + x[j] = m_table[pos + j]; + y[j] = m_table[pos + SECT163K1_FE_LONGS + j]; + } + + return CreatePoint(x, y); + } + + private ECPoint CreatePoint(ulong[] x, ulong[] y) + { + return m_outer.CreateRawPoint(new SecT163FieldElement(x), new SecT163FieldElement(y), SECT163K1_AFFINE_ZS, false); + } + } + } +} diff --git a/BouncyCastle/crypto/src/math/ec/custom/sec/SecT163K1Point.cs b/BouncyCastle/crypto/src/math/ec/custom/sec/SecT163K1Point.cs new file mode 100644 index 0000000..66e657c --- /dev/null +++ b/BouncyCastle/crypto/src/math/ec/custom/sec/SecT163K1Point.cs @@ -0,0 +1,281 @@ +using System; + +namespace Org.BouncyCastle.Math.EC.Custom.Sec +{ + internal class SecT163K1Point + : AbstractF2mPoint + { + /** + * @deprecated Use ECCurve.createPoint to construct points + */ + public SecT163K1Point(ECCurve curve, ECFieldElement x, ECFieldElement y) + : this(curve, x, y, false) + { + } + + /** + * @deprecated per-point compression property will be removed, refer {@link #getEncoded(bool)} + */ + public SecT163K1Point(ECCurve curve, ECFieldElement x, ECFieldElement y, bool withCompression) + : base(curve, x, y, withCompression) + { + if ((x == null) != (y == null)) + throw new ArgumentException("Exactly one of the field elements is null"); + } + + internal SecT163K1Point(ECCurve curve, ECFieldElement x, ECFieldElement y, ECFieldElement[] zs, bool withCompression) + : base(curve, x, y, zs, withCompression) + { + } + + protected override ECPoint Detach() + { + return new SecT163K1Point(null, this.AffineXCoord, this.AffineYCoord); + } + + public override ECFieldElement YCoord + { + get + { + ECFieldElement X = RawXCoord, L = RawYCoord; + + if (this.IsInfinity || X.IsZero) + return L; + + // Y is actually Lambda (X + Y/X) here; convert to affine value on the fly + ECFieldElement Y = L.Add(X).Multiply(X); + + ECFieldElement Z = RawZCoords[0]; + if (!Z.IsOne) + { + Y = Y.Divide(Z); + } + + return Y; + } + } + + protected internal override bool CompressionYTilde + { + get + { + ECFieldElement X = this.RawXCoord; + if (X.IsZero) + return false; + + ECFieldElement Y = this.RawYCoord; + + // Y is actually Lambda (X + Y/X) here + return Y.TestBitZero() != X.TestBitZero(); + } + } + + public override ECPoint Add(ECPoint b) + { + if (this.IsInfinity) + return b; + if (b.IsInfinity) + return this; + + ECCurve curve = this.Curve; + + ECFieldElement X1 = this.RawXCoord; + ECFieldElement X2 = b.RawXCoord; + + if (X1.IsZero) + { + if (X2.IsZero) + return curve.Infinity; + + return b.Add(this); + } + + ECFieldElement L1 = this.RawYCoord, Z1 = this.RawZCoords[0]; + ECFieldElement L2 = b.RawYCoord, Z2 = b.RawZCoords[0]; + + bool Z1IsOne = Z1.IsOne; + ECFieldElement U2 = X2, S2 = L2; + if (!Z1IsOne) + { + U2 = U2.Multiply(Z1); + S2 = S2.Multiply(Z1); + } + + bool Z2IsOne = Z2.IsOne; + ECFieldElement U1 = X1, S1 = L1; + if (!Z2IsOne) + { + U1 = U1.Multiply(Z2); + S1 = S1.Multiply(Z2); + } + + ECFieldElement A = S1.Add(S2); + ECFieldElement B = U1.Add(U2); + + if (B.IsZero) + { + if (A.IsZero) + return Twice(); + + return curve.Infinity; + } + + ECFieldElement X3, L3, Z3; + if (X2.IsZero) + { + // TODO This can probably be optimized quite a bit + ECPoint p = this.Normalize(); + X1 = p.XCoord; + ECFieldElement Y1 = p.YCoord; + + ECFieldElement Y2 = L2; + ECFieldElement L = Y1.Add(Y2).Divide(X1); + + X3 = L.Square().Add(L).Add(X1).AddOne(); + if (X3.IsZero) + { + return new SecT163K1Point(curve, X3, curve.B, IsCompressed); + } + + ECFieldElement Y3 = L.Multiply(X1.Add(X3)).Add(X3).Add(Y1); + L3 = Y3.Divide(X3).Add(X3); + Z3 = curve.FromBigInteger(BigInteger.One); + } + else + { + B = B.Square(); + + ECFieldElement AU1 = A.Multiply(U1); + ECFieldElement AU2 = A.Multiply(U2); + + X3 = AU1.Multiply(AU2); + if (X3.IsZero) + { + return new SecT163K1Point(curve, X3, curve.B, IsCompressed); + } + + ECFieldElement ABZ2 = A.Multiply(B); + if (!Z2IsOne) + { + ABZ2 = ABZ2.Multiply(Z2); + } + + L3 = AU2.Add(B).SquarePlusProduct(ABZ2, L1.Add(Z1)); + + Z3 = ABZ2; + if (!Z1IsOne) + { + Z3 = Z3.Multiply(Z1); + } + } + + return new SecT163K1Point(curve, X3, L3, new ECFieldElement[] { Z3 }, IsCompressed); + } + + public override ECPoint Twice() + { + if (this.IsInfinity) + { + return this; + } + + ECCurve curve = this.Curve; + + ECFieldElement X1 = this.RawXCoord; + if (X1.IsZero) + { + // A point with X == 0 is its own additive inverse + return curve.Infinity; + } + + ECFieldElement L1 = this.RawYCoord, Z1 = this.RawZCoords[0]; + + bool Z1IsOne = Z1.IsOne; + ECFieldElement L1Z1 = Z1IsOne ? L1 : L1.Multiply(Z1); + ECFieldElement Z1Sq = Z1IsOne ? Z1 : Z1.Square(); + ECFieldElement T = L1.Square().Add(L1Z1).Add(Z1Sq); + if (T.IsZero) + { + return new SecT163K1Point(curve, T, curve.B, IsCompressed); + } + + ECFieldElement X3 = T.Square(); + ECFieldElement Z3 = Z1IsOne ? T : T.Multiply(Z1Sq); + + ECFieldElement t1 = L1.Add(X1).Square(); + ECFieldElement L3 = t1.Add(T).Add(Z1Sq).Multiply(t1).Add(X3); + + return new SecT163K1Point(curve, X3, L3, new ECFieldElement[] { Z3 }, IsCompressed); + } + + public override ECPoint TwicePlus(ECPoint b) + { + if (this.IsInfinity) + return b; + if (b.IsInfinity) + return Twice(); + + ECCurve curve = this.Curve; + + ECFieldElement X1 = this.RawXCoord; + if (X1.IsZero) + { + // A point with X == 0 is its own additive inverse + return b; + } + + // NOTE: TwicePlus() only optimized for lambda-affine argument + ECFieldElement X2 = b.RawXCoord, Z2 = b.RawZCoords[0]; + if (X2.IsZero || !Z2.IsOne) + { + return Twice().Add(b); + } + + ECFieldElement L1 = this.RawYCoord, Z1 = this.RawZCoords[0]; + ECFieldElement L2 = b.RawYCoord; + + ECFieldElement X1Sq = X1.Square(); + ECFieldElement L1Sq = L1.Square(); + ECFieldElement Z1Sq = Z1.Square(); + ECFieldElement L1Z1 = L1.Multiply(Z1); + + ECFieldElement T = Z1Sq.Add(L1Sq).Add(L1Z1); + ECFieldElement A = L2.Multiply(Z1Sq).Add(L1Sq).MultiplyPlusProduct(T, X1Sq, Z1Sq); + ECFieldElement X2Z1Sq = X2.Multiply(Z1Sq); + ECFieldElement B = X2Z1Sq.Add(T).Square(); + + if (B.IsZero) + { + if (A.IsZero) + return b.Twice(); + + return curve.Infinity; + } + + if (A.IsZero) + { + return new SecT163K1Point(curve, A, curve.B, IsCompressed); + } + + ECFieldElement X3 = A.Square().Multiply(X2Z1Sq); + ECFieldElement Z3 = A.Multiply(B).Multiply(Z1Sq); + ECFieldElement L3 = A.Add(B).Square().MultiplyPlusProduct(T, L2.AddOne(), Z3); + + return new SecT163K1Point(curve, X3, L3, new ECFieldElement[] { Z3 }, IsCompressed); + } + + public override ECPoint Negate() + { + if (this.IsInfinity) + return this; + + ECFieldElement X = this.RawXCoord; + if (X.IsZero) + return this; + + // L is actually Lambda (X + Y/X) here + ECFieldElement L = this.RawYCoord, Z = this.RawZCoords[0]; + return new SecT163K1Point(Curve, X, L.Add(Z), new ECFieldElement[] { Z }, IsCompressed); + } + } +} diff --git a/BouncyCastle/crypto/src/math/ec/custom/sec/SecT163R1Curve.cs b/BouncyCastle/crypto/src/math/ec/custom/sec/SecT163R1Curve.cs new file mode 100644 index 0000000..61c452e --- /dev/null +++ b/BouncyCastle/crypto/src/math/ec/custom/sec/SecT163R1Curve.cs @@ -0,0 +1,177 @@ +using System; + +using Org.BouncyCastle.Math.Raw; +using Org.BouncyCastle.Utilities.Encoders; + +namespace Org.BouncyCastle.Math.EC.Custom.Sec +{ + internal class SecT163R1Curve + : AbstractF2mCurve + { + private const int SECT163R1_DEFAULT_COORDS = COORD_LAMBDA_PROJECTIVE; + private const int SECT163R1_FE_LONGS = 3; + private static readonly ECFieldElement[] SECT163R1_AFFINE_ZS = new ECFieldElement[] { new SecT163FieldElement(BigInteger.One) }; + + protected readonly SecT163R1Point m_infinity; + + public SecT163R1Curve() + : base(163, 3, 6, 7) + { + this.m_infinity = new SecT163R1Point(this, null, null); + + this.m_a = FromBigInteger(new BigInteger(1, Hex.DecodeStrict("07B6882CAAEFA84F9554FF8428BD88E246D2782AE2"))); + this.m_b = FromBigInteger(new BigInteger(1, Hex.DecodeStrict("0713612DCDDCB40AAB946BDA29CA91F73AF958AFD9"))); + this.m_order = new BigInteger(1, Hex.DecodeStrict("03FFFFFFFFFFFFFFFFFFFF48AAB689C29CA710279B")); + this.m_cofactor = BigInteger.Two; + + this.m_coord = SECT163R1_DEFAULT_COORDS; + } + + protected override ECCurve CloneCurve() + { + return new SecT163R1Curve(); + } + + public override bool SupportsCoordinateSystem(int coord) + { + switch (coord) + { + case COORD_LAMBDA_PROJECTIVE: + return true; + default: + return false; + } + } + + public override ECPoint Infinity + { + get { return m_infinity; } + } + + public override int FieldSize + { + get { return 163; } + } + + public override ECFieldElement FromBigInteger(BigInteger x) + { + return new SecT163FieldElement(x); + } + + protected internal override ECPoint CreateRawPoint(ECFieldElement x, ECFieldElement y, bool withCompression) + { + return new SecT163R1Point(this, x, y, withCompression); + } + + protected internal override ECPoint CreateRawPoint(ECFieldElement x, ECFieldElement y, ECFieldElement[] zs, bool withCompression) + { + return new SecT163R1Point(this, x, y, zs, withCompression); + } + + public override bool IsKoblitz + { + get { return false; } + } + + public virtual int M + { + get { return 163; } + } + + public virtual bool IsTrinomial + { + get { return false; } + } + + public virtual int K1 + { + get { return 3; } + } + + public virtual int K2 + { + get { return 6; } + } + + public virtual int K3 + { + get { return 7; } + } + + public override ECLookupTable CreateCacheSafeLookupTable(ECPoint[] points, int off, int len) + { + ulong[] table = new ulong[len * SECT163R1_FE_LONGS * 2]; + { + int pos = 0; + for (int i = 0; i < len; ++i) + { + ECPoint p = points[off + i]; + Nat192.Copy64(((SecT163FieldElement)p.RawXCoord).x, 0, table, pos); pos += SECT163R1_FE_LONGS; + Nat192.Copy64(((SecT163FieldElement)p.RawYCoord).x, 0, table, pos); pos += SECT163R1_FE_LONGS; + } + } + + return new SecT163R1LookupTable(this, table, len); + } + + private class SecT163R1LookupTable + : AbstractECLookupTable + { + private readonly SecT163R1Curve m_outer; + private readonly ulong[] m_table; + private readonly int m_size; + + internal SecT163R1LookupTable(SecT163R1Curve outer, ulong[] table, int size) + { + this.m_outer = outer; + this.m_table = table; + this.m_size = size; + } + + public override int Size + { + get { return m_size; } + } + + public override ECPoint Lookup(int index) + { + ulong[] x = Nat192.Create64(), y = Nat192.Create64(); + int pos = 0; + + for (int i = 0; i < m_size; ++i) + { + ulong MASK = (ulong)(long)(((i ^ index) - 1) >> 31); + + for (int j = 0; j < SECT163R1_FE_LONGS; ++j) + { + x[j] ^= m_table[pos + j] & MASK; + y[j] ^= m_table[pos + SECT163R1_FE_LONGS + j] & MASK; + } + + pos += (SECT163R1_FE_LONGS * 2); + } + + return CreatePoint(x, y); + } + + public override ECPoint LookupVar(int index) + { + ulong[] x = Nat192.Create64(), y = Nat192.Create64(); + int pos = index * SECT163R1_FE_LONGS * 2; + + for (int j = 0; j < SECT163R1_FE_LONGS; ++j) + { + x[j] = m_table[pos + j]; + y[j] = m_table[pos + SECT163R1_FE_LONGS + j]; + } + + return CreatePoint(x, y); + } + + private ECPoint CreatePoint(ulong[] x, ulong[] y) + { + return m_outer.CreateRawPoint(new SecT163FieldElement(x), new SecT163FieldElement(y), SECT163R1_AFFINE_ZS, false); + } + } + } +} diff --git a/BouncyCastle/crypto/src/math/ec/custom/sec/SecT163R1Point.cs b/BouncyCastle/crypto/src/math/ec/custom/sec/SecT163R1Point.cs new file mode 100644 index 0000000..bab1f35 --- /dev/null +++ b/BouncyCastle/crypto/src/math/ec/custom/sec/SecT163R1Point.cs @@ -0,0 +1,283 @@ +using System; + +namespace Org.BouncyCastle.Math.EC.Custom.Sec +{ + internal class SecT163R1Point + : AbstractF2mPoint + { + /** + * @deprecated Use ECCurve.createPoint to construct points + */ + public SecT163R1Point(ECCurve curve, ECFieldElement x, ECFieldElement y) + : this(curve, x, y, false) + { + } + + /** + * @deprecated per-point compression property will be removed, refer {@link #getEncoded(bool)} + */ + public SecT163R1Point(ECCurve curve, ECFieldElement x, ECFieldElement y, bool withCompression) + : base(curve, x, y, withCompression) + { + if ((x == null) != (y == null)) + throw new ArgumentException("Exactly one of the field elements is null"); + } + + internal SecT163R1Point(ECCurve curve, ECFieldElement x, ECFieldElement y, ECFieldElement[] zs, bool withCompression) + : base(curve, x, y, zs, withCompression) + { + } + + protected override ECPoint Detach() + { + return new SecT163R1Point(null, AffineXCoord, AffineYCoord); + } + + public override ECFieldElement YCoord + { + get + { + ECFieldElement X = RawXCoord, L = RawYCoord; + + if (this.IsInfinity || X.IsZero) + return L; + + // Y is actually Lambda (X + Y/X) here; convert to affine value on the fly + ECFieldElement Y = L.Add(X).Multiply(X); + + ECFieldElement Z = RawZCoords[0]; + if (!Z.IsOne) + { + Y = Y.Divide(Z); + } + + return Y; + } + } + + protected internal override bool CompressionYTilde + { + get + { + ECFieldElement X = this.RawXCoord; + if (X.IsZero) + return false; + + ECFieldElement Y = this.RawYCoord; + + // Y is actually Lambda (X + Y/X) here + return Y.TestBitZero() != X.TestBitZero(); + } + } + + public override ECPoint Add(ECPoint b) + { + if (this.IsInfinity) + return b; + if (b.IsInfinity) + return this; + + ECCurve curve = this.Curve; + + ECFieldElement X1 = this.RawXCoord; + ECFieldElement X2 = b.RawXCoord; + + if (X1.IsZero) + { + if (X2.IsZero) + return curve.Infinity; + + return b.Add(this); + } + + ECFieldElement L1 = this.RawYCoord, Z1 = this.RawZCoords[0]; + ECFieldElement L2 = b.RawYCoord, Z2 = b.RawZCoords[0]; + + bool Z1IsOne = Z1.IsOne; + ECFieldElement U2 = X2, S2 = L2; + if (!Z1IsOne) + { + U2 = U2.Multiply(Z1); + S2 = S2.Multiply(Z1); + } + + bool Z2IsOne = Z2.IsOne; + ECFieldElement U1 = X1, S1 = L1; + if (!Z2IsOne) + { + U1 = U1.Multiply(Z2); + S1 = S1.Multiply(Z2); + } + + ECFieldElement A = S1.Add(S2); + ECFieldElement B = U1.Add(U2); + + if (B.IsZero) + { + if (A.IsZero) + return Twice(); + + return curve.Infinity; + } + + ECFieldElement X3, L3, Z3; + if (X2.IsZero) + { + // TODO This can probably be optimized quite a bit + ECPoint p = this.Normalize(); + X1 = p.XCoord; + ECFieldElement Y1 = p.YCoord; + + ECFieldElement Y2 = L2; + ECFieldElement L = Y1.Add(Y2).Divide(X1); + + X3 = L.Square().Add(L).Add(X1).Add(curve.A); + if (X3.IsZero) + { + return new SecT163R1Point(curve, X3, curve.B.Sqrt(), IsCompressed); + } + + ECFieldElement Y3 = L.Multiply(X1.Add(X3)).Add(X3).Add(Y1); + L3 = Y3.Divide(X3).Add(X3); + Z3 = curve.FromBigInteger(BigInteger.One); + } + else + { + B = B.Square(); + + ECFieldElement AU1 = A.Multiply(U1); + ECFieldElement AU2 = A.Multiply(U2); + + X3 = AU1.Multiply(AU2); + if (X3.IsZero) + { + return new SecT163R1Point(curve, X3, curve.B.Sqrt(), IsCompressed); + } + + ECFieldElement ABZ2 = A.Multiply(B); + if (!Z2IsOne) + { + ABZ2 = ABZ2.Multiply(Z2); + } + + L3 = AU2.Add(B).SquarePlusProduct(ABZ2, L1.Add(Z1)); + + Z3 = ABZ2; + if (!Z1IsOne) + { + Z3 = Z3.Multiply(Z1); + } + } + + return new SecT163R1Point(curve, X3, L3, new ECFieldElement[] { Z3 }, IsCompressed); + } + + public override ECPoint Twice() + { + if (this.IsInfinity) + { + return this; + } + + ECCurve curve = this.Curve; + + ECFieldElement X1 = this.RawXCoord; + if (X1.IsZero) + { + // A point with X == 0 is its own additive inverse + return curve.Infinity; + } + + ECFieldElement L1 = this.RawYCoord, Z1 = this.RawZCoords[0]; + + bool Z1IsOne = Z1.IsOne; + ECFieldElement L1Z1 = Z1IsOne ? L1 : L1.Multiply(Z1); + ECFieldElement Z1Sq = Z1IsOne ? Z1 : Z1.Square(); + ECFieldElement a = curve.A; + ECFieldElement aZ1Sq = Z1IsOne ? a : a.Multiply(Z1Sq); + ECFieldElement T = L1.Square().Add(L1Z1).Add(aZ1Sq); + if (T.IsZero) + { + return new SecT163R1Point(curve, T, curve.B.Sqrt(), IsCompressed); + } + + ECFieldElement X3 = T.Square(); + ECFieldElement Z3 = Z1IsOne ? T : T.Multiply(Z1Sq); + + ECFieldElement X1Z1 = Z1IsOne ? X1 : X1.Multiply(Z1); + ECFieldElement L3 = X1Z1.SquarePlusProduct(T, L1Z1).Add(X3).Add(Z3); + + return new SecT163R1Point(curve, X3, L3, new ECFieldElement[] { Z3 }, IsCompressed); + } + + public override ECPoint TwicePlus(ECPoint b) + { + if (this.IsInfinity) + return b; + if (b.IsInfinity) + return Twice(); + + ECCurve curve = this.Curve; + + ECFieldElement X1 = this.RawXCoord; + if (X1.IsZero) + { + // A point with X == 0 is its own additive inverse + return b; + } + + ECFieldElement X2 = b.RawXCoord, Z2 = b.RawZCoords[0]; + if (X2.IsZero || !Z2.IsOne) + { + return Twice().Add(b); + } + + ECFieldElement L1 = this.RawYCoord, Z1 = this.RawZCoords[0]; + ECFieldElement L2 = b.RawYCoord; + + ECFieldElement X1Sq = X1.Square(); + ECFieldElement L1Sq = L1.Square(); + ECFieldElement Z1Sq = Z1.Square(); + ECFieldElement L1Z1 = L1.Multiply(Z1); + + ECFieldElement T = curve.A.Multiply(Z1Sq).Add(L1Sq).Add(L1Z1); + ECFieldElement L2plus1 = L2.AddOne(); + ECFieldElement A = curve.A.Add(L2plus1).Multiply(Z1Sq).Add(L1Sq).MultiplyPlusProduct(T, X1Sq, Z1Sq); + ECFieldElement X2Z1Sq = X2.Multiply(Z1Sq); + ECFieldElement B = X2Z1Sq.Add(T).Square(); + + if (B.IsZero) + { + if (A.IsZero) + return b.Twice(); + + return curve.Infinity; + } + + if (A.IsZero) + { + return new SecT163R1Point(curve, A, curve.B.Sqrt(), IsCompressed); + } + + ECFieldElement X3 = A.Square().Multiply(X2Z1Sq); + ECFieldElement Z3 = A.Multiply(B).Multiply(Z1Sq); + ECFieldElement L3 = A.Add(B).Square().MultiplyPlusProduct(T, L2plus1, Z3); + + return new SecT163R1Point(curve, X3, L3, new ECFieldElement[] { Z3 }, IsCompressed); + } + + public override ECPoint Negate() + { + if (this.IsInfinity) + return this; + + ECFieldElement X = this.RawXCoord; + if (X.IsZero) + return this; + + // L is actually Lambda (X + Y/X) here + ECFieldElement L = this.RawYCoord, Z = this.RawZCoords[0]; + return new SecT163R1Point(Curve, X, L.Add(Z), new ECFieldElement[] { Z }, IsCompressed); + } + } +} diff --git a/BouncyCastle/crypto/src/math/ec/custom/sec/SecT163R2Curve.cs b/BouncyCastle/crypto/src/math/ec/custom/sec/SecT163R2Curve.cs new file mode 100644 index 0000000..c610b57 --- /dev/null +++ b/BouncyCastle/crypto/src/math/ec/custom/sec/SecT163R2Curve.cs @@ -0,0 +1,177 @@ +using System; + +using Org.BouncyCastle.Math.Raw; +using Org.BouncyCastle.Utilities.Encoders; + +namespace Org.BouncyCastle.Math.EC.Custom.Sec +{ + internal class SecT163R2Curve + : AbstractF2mCurve + { + private const int SECT163R2_DEFAULT_COORDS = COORD_LAMBDA_PROJECTIVE; + private const int SECT163R2_FE_LONGS = 3; + private static readonly ECFieldElement[] SECT163R2_AFFINE_ZS = new ECFieldElement[] { new SecT163FieldElement(BigInteger.One) }; + + protected readonly SecT163R2Point m_infinity; + + public SecT163R2Curve() + : base(163, 3, 6, 7) + { + this.m_infinity = new SecT163R2Point(this, null, null); + + this.m_a = FromBigInteger(BigInteger.One); + this.m_b = FromBigInteger(new BigInteger(1, Hex.DecodeStrict("020A601907B8C953CA1481EB10512F78744A3205FD"))); + this.m_order = new BigInteger(1, Hex.DecodeStrict("040000000000000000000292FE77E70C12A4234C33")); + this.m_cofactor = BigInteger.Two; + + this.m_coord = SECT163R2_DEFAULT_COORDS; + } + + protected override ECCurve CloneCurve() + { + return new SecT163R2Curve(); + } + + public override bool SupportsCoordinateSystem(int coord) + { + switch (coord) + { + case COORD_LAMBDA_PROJECTIVE: + return true; + default: + return false; + } + } + + public override ECPoint Infinity + { + get { return m_infinity; } + } + + public override int FieldSize + { + get { return 163; } + } + + public override ECFieldElement FromBigInteger(BigInteger x) + { + return new SecT163FieldElement(x); + } + + protected internal override ECPoint CreateRawPoint(ECFieldElement x, ECFieldElement y, bool withCompression) + { + return new SecT163R2Point(this, x, y, withCompression); + } + + protected internal override ECPoint CreateRawPoint(ECFieldElement x, ECFieldElement y, ECFieldElement[] zs, bool withCompression) + { + return new SecT163R2Point(this, x, y, zs, withCompression); + } + + public override bool IsKoblitz + { + get { return false; } + } + + public virtual int M + { + get { return 163; } + } + + public virtual bool IsTrinomial + { + get { return false; } + } + + public virtual int K1 + { + get { return 3; } + } + + public virtual int K2 + { + get { return 6; } + } + + public virtual int K3 + { + get { return 7; } + } + + public override ECLookupTable CreateCacheSafeLookupTable(ECPoint[] points, int off, int len) + { + ulong[] table = new ulong[len * SECT163R2_FE_LONGS * 2]; + { + int pos = 0; + for (int i = 0; i < len; ++i) + { + ECPoint p = points[off + i]; + Nat192.Copy64(((SecT163FieldElement)p.RawXCoord).x, 0, table, pos); pos += SECT163R2_FE_LONGS; + Nat192.Copy64(((SecT163FieldElement)p.RawYCoord).x, 0, table, pos); pos += SECT163R2_FE_LONGS; + } + } + + return new SecT163R2LookupTable(this, table, len); + } + + private class SecT163R2LookupTable + : AbstractECLookupTable + { + private readonly SecT163R2Curve m_outer; + private readonly ulong[] m_table; + private readonly int m_size; + + internal SecT163R2LookupTable(SecT163R2Curve outer, ulong[] table, int size) + { + this.m_outer = outer; + this.m_table = table; + this.m_size = size; + } + + public override int Size + { + get { return m_size; } + } + + public override ECPoint Lookup(int index) + { + ulong[] x = Nat192.Create64(), y = Nat192.Create64(); + int pos = 0; + + for (int i = 0; i < m_size; ++i) + { + ulong MASK = (ulong)(long)(((i ^ index) - 1) >> 31); + + for (int j = 0; j < SECT163R2_FE_LONGS; ++j) + { + x[j] ^= m_table[pos + j] & MASK; + y[j] ^= m_table[pos + SECT163R2_FE_LONGS + j] & MASK; + } + + pos += (SECT163R2_FE_LONGS * 2); + } + + return CreatePoint(x, y); + } + + public override ECPoint LookupVar(int index) + { + ulong[] x = Nat192.Create64(), y = Nat192.Create64(); + int pos = index * SECT163R2_FE_LONGS * 2; + + for (int j = 0; j < SECT163R2_FE_LONGS; ++j) + { + x[j] = m_table[pos + j]; + y[j] = m_table[pos + SECT163R2_FE_LONGS + j]; + } + + return CreatePoint(x, y); + } + + private ECPoint CreatePoint(ulong[] x, ulong[] y) + { + return m_outer.CreateRawPoint(new SecT163FieldElement(x), new SecT163FieldElement(y), SECT163R2_AFFINE_ZS, false); + } + } + } +} diff --git a/BouncyCastle/crypto/src/math/ec/custom/sec/SecT163R2Point.cs b/BouncyCastle/crypto/src/math/ec/custom/sec/SecT163R2Point.cs new file mode 100644 index 0000000..a207e6f --- /dev/null +++ b/BouncyCastle/crypto/src/math/ec/custom/sec/SecT163R2Point.cs @@ -0,0 +1,286 @@ +using System; + +namespace Org.BouncyCastle.Math.EC.Custom.Sec +{ + internal class SecT163R2Point + : AbstractF2mPoint + { + /** + * @deprecated Use ECCurve.createPoint to construct points + */ + public SecT163R2Point(ECCurve curve, ECFieldElement x, ECFieldElement y) + : this(curve, x, y, false) + { + } + + /** + * @deprecated per-point compression property will be removed, refer {@link #getEncoded(bool)} + */ + public SecT163R2Point(ECCurve curve, ECFieldElement x, ECFieldElement y, bool withCompression) + : base(curve, x, y, withCompression) + { + if ((x == null) != (y == null)) + throw new ArgumentException("Exactly one of the field elements is null"); + } + + internal SecT163R2Point(ECCurve curve, ECFieldElement x, ECFieldElement y, ECFieldElement[] zs, bool withCompression) + : base(curve, x, y, zs, withCompression) + { + } + + protected override ECPoint Detach() + { + return new SecT163R2Point(null, AffineXCoord, AffineYCoord); + } + + public override ECFieldElement YCoord + { + get + { + ECFieldElement X = RawXCoord, L = RawYCoord; + + if (this.IsInfinity || X.IsZero) + return L; + + // Y is actually Lambda (X + Y/X) here; convert to affine value on the fly + ECFieldElement Y = L.Add(X).Multiply(X); + + ECFieldElement Z = RawZCoords[0]; + if (!Z.IsOne) + { + Y = Y.Divide(Z); + } + + return Y; + } + } + + protected internal override bool CompressionYTilde + { + get + { + ECFieldElement X = this.RawXCoord; + if (X.IsZero) + return false; + + ECFieldElement Y = this.RawYCoord; + + // Y is actually Lambda (X + Y/X) here + return Y.TestBitZero() != X.TestBitZero(); + } + } + + public override ECPoint Add(ECPoint b) + { + if (this.IsInfinity) + return b; + if (b.IsInfinity) + return this; + + ECCurve curve = this.Curve; + + ECFieldElement X1 = this.RawXCoord; + ECFieldElement X2 = b.RawXCoord; + + if (X1.IsZero) + { + if (X2.IsZero) + return curve.Infinity; + + return b.Add(this); + } + + ECFieldElement L1 = this.RawYCoord, Z1 = this.RawZCoords[0]; + ECFieldElement L2 = b.RawYCoord, Z2 = b.RawZCoords[0]; + + bool Z1IsOne = Z1.IsOne; + ECFieldElement U2 = X2, S2 = L2; + if (!Z1IsOne) + { + U2 = U2.Multiply(Z1); + S2 = S2.Multiply(Z1); + } + + bool Z2IsOne = Z2.IsOne; + ECFieldElement U1 = X1, S1 = L1; + if (!Z2IsOne) + { + U1 = U1.Multiply(Z2); + S1 = S1.Multiply(Z2); + } + + ECFieldElement A = S1.Add(S2); + ECFieldElement B = U1.Add(U2); + + if (B.IsZero) + { + if (A.IsZero) + { + return Twice(); + } + + return curve.Infinity; + } + + ECFieldElement X3, L3, Z3; + if (X2.IsZero) + { + // TODO This can probably be optimized quite a bit + ECPoint p = this.Normalize(); + X1 = p.XCoord; + ECFieldElement Y1 = p.YCoord; + + ECFieldElement Y2 = L2; + ECFieldElement L = Y1.Add(Y2).Divide(X1); + + X3 = L.Square().Add(L).Add(X1).AddOne(); + if (X3.IsZero) + { + return new SecT163R2Point(curve, X3, curve.B.Sqrt(), IsCompressed); + } + + ECFieldElement Y3 = L.Multiply(X1.Add(X3)).Add(X3).Add(Y1); + L3 = Y3.Divide(X3).Add(X3); + Z3 = curve.FromBigInteger(BigInteger.One); + } + else + { + B = B.Square(); + + ECFieldElement AU1 = A.Multiply(U1); + ECFieldElement AU2 = A.Multiply(U2); + + X3 = AU1.Multiply(AU2); + if (X3.IsZero) + { + return new SecT163R2Point(curve, X3, curve.B.Sqrt(), IsCompressed); + } + + ECFieldElement ABZ2 = A.Multiply(B); + if (!Z2IsOne) + { + ABZ2 = ABZ2.Multiply(Z2); + } + + L3 = AU2.Add(B).SquarePlusProduct(ABZ2, L1.Add(Z1)); + + Z3 = ABZ2; + if (!Z1IsOne) + { + Z3 = Z3.Multiply(Z1); + } + } + + return new SecT163R2Point(curve, X3, L3, new ECFieldElement[] { Z3 }, IsCompressed); + } + + public override ECPoint Twice() + { + if (this.IsInfinity) + { + return this; + } + + ECCurve curve = this.Curve; + + ECFieldElement X1 = this.RawXCoord; + if (X1.IsZero) + { + // A point with X == 0 is its own additive inverse + return curve.Infinity; + } + + ECFieldElement L1 = this.RawYCoord, Z1 = this.RawZCoords[0]; + + bool Z1IsOne = Z1.IsOne; + ECFieldElement L1Z1 = Z1IsOne ? L1 : L1.Multiply(Z1); + ECFieldElement Z1Sq = Z1IsOne ? Z1 : Z1.Square(); + ECFieldElement T = L1.Square().Add(L1Z1).Add(Z1Sq); + if (T.IsZero) + { + return new SecT163R2Point(curve, T, curve.B.Sqrt(), IsCompressed); + } + + ECFieldElement X3 = T.Square(); + ECFieldElement Z3 = Z1IsOne ? T : T.Multiply(Z1Sq); + + ECFieldElement X1Z1 = Z1IsOne ? X1 : X1.Multiply(Z1); + ECFieldElement L3 = X1Z1.SquarePlusProduct(T, L1Z1).Add(X3).Add(Z3); + + return new SecT163R2Point(curve, X3, L3, new ECFieldElement[] { Z3 }, IsCompressed); + } + + public override ECPoint TwicePlus(ECPoint b) + { + if (this.IsInfinity) + { + return b; + } + if (b.IsInfinity) + { + return Twice(); + } + + ECCurve curve = this.Curve; + + ECFieldElement X1 = this.RawXCoord; + if (X1.IsZero) + { + // A point with X == 0 is its own additive inverse + return b; + } + + ECFieldElement X2 = b.RawXCoord, Z2 = b.RawZCoords[0]; + if (X2.IsZero || !Z2.IsOne) + { + return Twice().Add(b); + } + + ECFieldElement L1 = this.RawYCoord, Z1 = this.RawZCoords[0]; + ECFieldElement L2 = b.RawYCoord; + + ECFieldElement X1Sq = X1.Square(); + ECFieldElement L1Sq = L1.Square(); + ECFieldElement Z1Sq = Z1.Square(); + ECFieldElement L1Z1 = L1.Multiply(Z1); + + ECFieldElement T = Z1Sq.Add(L1Sq).Add(L1Z1); + ECFieldElement A = L2.Multiply(Z1Sq).Add(L1Sq).MultiplyPlusProduct(T, X1Sq, Z1Sq); + ECFieldElement X2Z1Sq = X2.Multiply(Z1Sq); + ECFieldElement B = X2Z1Sq.Add(T).Square(); + + if (B.IsZero) + { + if (A.IsZero) + return b.Twice(); + + return curve.Infinity; + } + + if (A.IsZero) + { + return new SecT163R2Point(curve, A, curve.B.Sqrt(), IsCompressed); + } + + ECFieldElement X3 = A.Square().Multiply(X2Z1Sq); + ECFieldElement Z3 = A.Multiply(B).Multiply(Z1Sq); + ECFieldElement L3 = A.Add(B).Square().MultiplyPlusProduct(T, L2.AddOne(), Z3); + + return new SecT163R2Point(curve, X3, L3, new ECFieldElement[] { Z3 }, IsCompressed); + } + + public override ECPoint Negate() + { + if (this.IsInfinity) + return this; + + ECFieldElement X = this.RawXCoord; + if (X.IsZero) + return this; + + // L is actually Lambda (X + Y/X) here + ECFieldElement L = this.RawYCoord, Z = this.RawZCoords[0]; + return new SecT163R2Point(Curve, X, L.Add(Z), new ECFieldElement[] { Z }, IsCompressed); + } + } +} diff --git a/BouncyCastle/crypto/src/math/ec/custom/sec/SecT193Field.cs b/BouncyCastle/crypto/src/math/ec/custom/sec/SecT193Field.cs new file mode 100644 index 0000000..1a4739b --- /dev/null +++ b/BouncyCastle/crypto/src/math/ec/custom/sec/SecT193Field.cs @@ -0,0 +1,325 @@ +using System; +using System.Diagnostics; + +using Org.BouncyCastle.Math.Raw; + +namespace Org.BouncyCastle.Math.EC.Custom.Sec +{ + internal class SecT193Field + { + private const ulong M01 = 1UL; + private const ulong M49 = ulong.MaxValue >> 15; + + public static void Add(ulong[] x, ulong[] y, ulong[] z) + { + z[0] = x[0] ^ y[0]; + z[1] = x[1] ^ y[1]; + z[2] = x[2] ^ y[2]; + z[3] = x[3] ^ y[3]; + } + + public static void AddExt(ulong[] xx, ulong[] yy, ulong[] zz) + { + zz[0] = xx[0] ^ yy[0]; + zz[1] = xx[1] ^ yy[1]; + zz[2] = xx[2] ^ yy[2]; + zz[3] = xx[3] ^ yy[3]; + zz[4] = xx[4] ^ yy[4]; + zz[5] = xx[5] ^ yy[5]; + zz[6] = xx[6] ^ yy[6]; + } + + public static void AddOne(ulong[] x, ulong[] z) + { + z[0] = x[0] ^ 1UL; + z[1] = x[1]; + z[2] = x[2]; + z[3] = x[3]; + } + + private static void AddTo(ulong[] x, ulong[] z) + { + z[0] ^= x[0]; + z[1] ^= x[1]; + z[2] ^= x[2]; + z[3] ^= x[3]; + } + + public static ulong[] FromBigInteger(BigInteger x) + { + return Nat.FromBigInteger64(193, x); + } + + public static void HalfTrace(ulong[] x, ulong[] z) + { + ulong[] tt = Nat256.CreateExt64(); + + Nat256.Copy64(x, z); + for (int i = 1; i < 193; i += 2) + { + ImplSquare(z, tt); + Reduce(tt, z); + ImplSquare(z, tt); + Reduce(tt, z); + AddTo(x, z); + } + } + + public static void Invert(ulong[] x, ulong[] z) + { + if (Nat256.IsZero64(x)) + throw new InvalidOperationException(); + + // Itoh-Tsujii inversion with bases { 2, 3 } + + ulong[] t0 = Nat256.Create64(); + ulong[] t1 = Nat256.Create64(); + + Square(x, t0); + + // 3 | 192 + SquareN(t0, 1, t1); + Multiply(t0, t1, t0); + SquareN(t1, 1, t1); + Multiply(t0, t1, t0); + + // 2 | 64 + SquareN(t0, 3, t1); + Multiply(t0, t1, t0); + + // 2 | 32 + SquareN(t0, 6, t1); + Multiply(t0, t1, t0); + + // 2 | 16 + SquareN(t0, 12, t1); + Multiply(t0, t1, t0); + + // 2 | 8 + SquareN(t0, 24, t1); + Multiply(t0, t1, t0); + + // 2 | 4 + SquareN(t0, 48, t1); + Multiply(t0, t1, t0); + + // 2 | 2 + SquareN(t0, 96, t1); + Multiply(t0, t1, z); + } + + public static void Multiply(ulong[] x, ulong[] y, ulong[] z) + { + ulong[] tt = Nat256.CreateExt64(); + ImplMultiply(x, y, tt); + Reduce(tt, z); + } + + public static void MultiplyAddToExt(ulong[] x, ulong[] y, ulong[] zz) + { + ulong[] tt = Nat256.CreateExt64(); + ImplMultiply(x, y, tt); + AddExt(zz, tt, zz); + } + + public static void Reduce(ulong[] xx, ulong[] z) + { + ulong x0 = xx[0], x1 = xx[1], x2 = xx[2], x3 = xx[3], x4 = xx[4], x5 = xx[5], x6 = xx[6]; + + x2 ^= (x6 << 63); + x3 ^= (x6 >> 1) ^ (x6 << 14); + x4 ^= (x6 >> 50); + + x1 ^= (x5 << 63); + x2 ^= (x5 >> 1) ^ (x5 << 14); + x3 ^= (x5 >> 50); + + x0 ^= (x4 << 63); + x1 ^= (x4 >> 1) ^ (x4 << 14); + x2 ^= (x4 >> 50); + + ulong t = x3 >> 1; + z[0] = x0 ^ t ^ (t << 15); + z[1] = x1 ^ (t >> 49); + z[2] = x2; + z[3] = x3 & M01; + } + + public static void Reduce63(ulong[] z, int zOff) + { + ulong z3 = z[zOff + 3], t = z3 >> 1; + z[zOff ] ^= t ^ (t << 15); + z[zOff + 1] ^= (t >> 49); + z[zOff + 3] = z3 & M01; + } + + public static void Sqrt(ulong[] x, ulong[] z) + { + ulong u0, u1; + u0 = Interleave.Unshuffle(x[0]); u1 = Interleave.Unshuffle(x[1]); + ulong e0 = (u0 & 0x00000000FFFFFFFFUL) | (u1 << 32); + ulong c0 = (u0 >> 32) | (u1 & 0xFFFFFFFF00000000UL); + + u0 = Interleave.Unshuffle(x[2]); + ulong e1 = (u0 & 0x00000000FFFFFFFFUL) ^ (x[3] << 32); + ulong c1 = (u0 >> 32); + + z[0] = e0 ^ (c0 << 8); + z[1] = e1 ^ (c1 << 8) ^ (c0 >> 56) ^ (c0 << 33); + z[2] = (c1 >> 56) ^ (c1 << 33) ^ (c0 >> 31); + z[3] = (c1 >> 31); + } + + public static void Square(ulong[] x, ulong[] z) + { + ulong[] tt = Nat256.CreateExt64(); + ImplSquare(x, tt); + Reduce(tt, z); + } + + public static void SquareAddToExt(ulong[] x, ulong[] zz) + { + ulong[] tt = Nat256.CreateExt64(); + ImplSquare(x, tt); + AddExt(zz, tt, zz); + } + + public static void SquareN(ulong[] x, int n, ulong[] z) + { + Debug.Assert(n > 0); + + ulong[] tt = Nat256.CreateExt64(); + ImplSquare(x, tt); + Reduce(tt, z); + + while (--n > 0) + { + ImplSquare(z, tt); + Reduce(tt, z); + } + } + + public static uint Trace(ulong[] x) + { + // Non-zero-trace bits: 0 + return (uint)(x[0]) & 1U; + } + + protected static void ImplCompactExt(ulong[] zz) + { + ulong z0 = zz[0], z1 = zz[1], z2 = zz[2], z3 = zz[3], z4 = zz[4], z5 = zz[5], z6 = zz[6], z7 = zz[7]; + zz[0] = z0 ^ (z1 << 49); + zz[1] = (z1 >> 15) ^ (z2 << 34); + zz[2] = (z2 >> 30) ^ (z3 << 19); + zz[3] = (z3 >> 45) ^ (z4 << 4) + ^ (z5 << 53); + zz[4] = (z4 >> 60) ^ (z6 << 38) + ^ (z5 >> 11); + zz[5] = (z6 >> 26) ^ (z7 << 23); + zz[6] = (z7 >> 41); + zz[7] = 0; + } + + protected static void ImplExpand(ulong[] x, ulong[] z) + { + ulong x0 = x[0], x1 = x[1], x2 = x[2], x3 = x[3]; + z[0] = x0 & M49; + z[1] = ((x0 >> 49) ^ (x1 << 15)) & M49; + z[2] = ((x1 >> 34) ^ (x2 << 30)) & M49; + z[3] = ((x2 >> 19) ^ (x3 << 45)); + } + + protected static void ImplMultiply(ulong[] x, ulong[] y, ulong[] zz) + { + /* + * "Two-level seven-way recursion" as described in "Batch binary Edwards", Daniel J. Bernstein. + */ + + ulong[] f = new ulong[4], g = new ulong[4]; + ImplExpand(x, f); + ImplExpand(y, g); + + ulong[] u = new ulong[8]; + + ImplMulwAcc(u, f[0], g[0], zz, 0); + ImplMulwAcc(u, f[1], g[1], zz, 1); + ImplMulwAcc(u, f[2], g[2], zz, 2); + ImplMulwAcc(u, f[3], g[3], zz, 3); + + // U *= (1 - t^n) + for (int i = 5; i > 0; --i) + { + zz[i] ^= zz[i - 1]; + } + + ImplMulwAcc(u, f[0] ^ f[1], g[0] ^ g[1], zz, 1); + ImplMulwAcc(u, f[2] ^ f[3], g[2] ^ g[3], zz, 3); + + // V *= (1 - t^2n) + for (int i = 7; i > 1; --i) + { + zz[i] ^= zz[i - 2]; + } + + // Double-length recursion + { + ulong c0 = f[0] ^ f[2], c1 = f[1] ^ f[3]; + ulong d0 = g[0] ^ g[2], d1 = g[1] ^ g[3]; + ImplMulwAcc(u, c0 ^ c1, d0 ^ d1, zz, 3); + ulong[] t = new ulong[3]; + ImplMulwAcc(u, c0, d0, t, 0); + ImplMulwAcc(u, c1, d1, t, 1); + ulong t0 = t[0], t1 = t[1], t2 = t[2]; + zz[2] ^= t0; + zz[3] ^= t0 ^ t1; + zz[4] ^= t2 ^ t1; + zz[5] ^= t2; + } + + ImplCompactExt(zz); + } + + protected static void ImplMulwAcc(ulong[] u, ulong x, ulong y, ulong[] z, int zOff) + { + Debug.Assert(x >> 49 == 0); + Debug.Assert(y >> 49 == 0); + + //u[0] = 0; + u[1] = y; + u[2] = u[1] << 1; + u[3] = u[2] ^ y; + u[4] = u[2] << 1; + u[5] = u[4] ^ y; + u[6] = u[3] << 1; + u[7] = u[6] ^ y; + + uint j = (uint)x; + ulong g, h = 0, l = u[j & 7] + ^ (u[(j >> 3) & 7] << 3); + int k = 36; + do + { + j = (uint)(x >> k); + g = u[j & 7] + ^ u[(j >> 3) & 7] << 3 + ^ u[(j >> 6) & 7] << 6 + ^ u[(j >> 9) & 7] << 9 + ^ u[(j >> 12) & 7] << 12; + l ^= (g << k); + h ^= (g >> -k); + } + while ((k -= 15) > 0); + + Debug.Assert(h >> 33 == 0); + + z[zOff ] ^= l & M49; + z[zOff + 1] ^= (l >> 49) ^ (h << 15); + } + + protected static void ImplSquare(ulong[] x, ulong[] zz) + { + Interleave.Expand64To128(x, 0, 3, zz, 0); + zz[6] = (x[3] & M01); + } + } +} diff --git a/BouncyCastle/crypto/src/math/ec/custom/sec/SecT193FieldElement.cs b/BouncyCastle/crypto/src/math/ec/custom/sec/SecT193FieldElement.cs new file mode 100644 index 0000000..3a3ed09 --- /dev/null +++ b/BouncyCastle/crypto/src/math/ec/custom/sec/SecT193FieldElement.cs @@ -0,0 +1,233 @@ +using System; + +using Org.BouncyCastle.Math.Raw; +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Math.EC.Custom.Sec +{ + internal class SecT193FieldElement + : AbstractF2mFieldElement + { + protected internal readonly ulong[] x; + + public SecT193FieldElement(BigInteger x) + { + if (x == null || x.SignValue < 0 || x.BitLength > 193) + throw new ArgumentException("value invalid for SecT193FieldElement", "x"); + + this.x = SecT193Field.FromBigInteger(x); + } + + public SecT193FieldElement() + { + this.x = Nat256.Create64(); + } + + protected internal SecT193FieldElement(ulong[] x) + { + this.x = x; + } + + public override bool IsOne + { + get { return Nat256.IsOne64(x); } + } + + public override bool IsZero + { + get { return Nat256.IsZero64(x); } + } + + public override bool TestBitZero() + { + return (x[0] & 1UL) != 0UL; + } + + public override BigInteger ToBigInteger() + { + return Nat256.ToBigInteger64(x); + } + + public override string FieldName + { + get { return "SecT193Field"; } + } + + public override int FieldSize + { + get { return 193; } + } + + public override ECFieldElement Add(ECFieldElement b) + { + ulong[] z = Nat256.Create64(); + SecT193Field.Add(x, ((SecT193FieldElement)b).x, z); + return new SecT193FieldElement(z); + } + + public override ECFieldElement AddOne() + { + ulong[] z = Nat256.Create64(); + SecT193Field.AddOne(x, z); + return new SecT193FieldElement(z); + } + + public override ECFieldElement Subtract(ECFieldElement b) + { + // Addition and Subtraction are the same in F2m + return Add(b); + } + + public override ECFieldElement Multiply(ECFieldElement b) + { + ulong[] z = Nat256.Create64(); + SecT193Field.Multiply(x, ((SecT193FieldElement)b).x, z); + return new SecT193FieldElement(z); + } + + public override ECFieldElement MultiplyMinusProduct(ECFieldElement b, ECFieldElement x, ECFieldElement y) + { + return MultiplyPlusProduct(b, x, y); + } + + public override ECFieldElement MultiplyPlusProduct(ECFieldElement b, ECFieldElement x, ECFieldElement y) + { + ulong[] ax = this.x, bx = ((SecT193FieldElement)b).x; + ulong[] xx = ((SecT193FieldElement)x).x, yx = ((SecT193FieldElement)y).x; + + ulong[] tt = Nat256.CreateExt64(); + SecT193Field.MultiplyAddToExt(ax, bx, tt); + SecT193Field.MultiplyAddToExt(xx, yx, tt); + + ulong[] z = Nat256.Create64(); + SecT193Field.Reduce(tt, z); + return new SecT193FieldElement(z); + } + + public override ECFieldElement Divide(ECFieldElement b) + { + return Multiply(b.Invert()); + } + + public override ECFieldElement Negate() + { + return this; + } + + public override ECFieldElement Square() + { + ulong[] z = Nat256.Create64(); + SecT193Field.Square(x, z); + return new SecT193FieldElement(z); + } + + public override ECFieldElement SquareMinusProduct(ECFieldElement x, ECFieldElement y) + { + return SquarePlusProduct(x, y); + } + + public override ECFieldElement SquarePlusProduct(ECFieldElement x, ECFieldElement y) + { + ulong[] ax = this.x; + ulong[] xx = ((SecT193FieldElement)x).x, yx = ((SecT193FieldElement)y).x; + + ulong[] tt = Nat256.CreateExt64(); + SecT193Field.SquareAddToExt(ax, tt); + SecT193Field.MultiplyAddToExt(xx, yx, tt); + + ulong[] z = Nat256.Create64(); + SecT193Field.Reduce(tt, z); + return new SecT193FieldElement(z); + } + + public override ECFieldElement SquarePow(int pow) + { + if (pow < 1) + return this; + + ulong[] z = Nat256.Create64(); + SecT193Field.SquareN(x, pow, z); + return new SecT193FieldElement(z); + } + + public override ECFieldElement HalfTrace() + { + ulong[] z = Nat256.Create64(); + SecT193Field.HalfTrace(x, z); + return new SecT193FieldElement(z); + } + + public override bool HasFastTrace + { + get { return true; } + } + + public override int Trace() + { + return (int)SecT193Field.Trace(x); + } + + public override ECFieldElement Invert() + { + ulong[] z = Nat256.Create64(); + SecT193Field.Invert(x, z); + return new SecT193FieldElement(z); + } + + public override ECFieldElement Sqrt() + { + ulong[] z = Nat256.Create64(); + SecT193Field.Sqrt(x, z); + return new SecT193FieldElement(z); + } + + public virtual int Representation + { + get { return F2mFieldElement.Tpb; } + } + + public virtual int M + { + get { return 193; } + } + + public virtual int K1 + { + get { return 15; } + } + + public virtual int K2 + { + get { return 0; } + } + + public virtual int K3 + { + get { return 0; } + } + + public override bool Equals(object obj) + { + return Equals(obj as SecT193FieldElement); + } + + public override bool Equals(ECFieldElement other) + { + return Equals(other as SecT193FieldElement); + } + + public virtual bool Equals(SecT193FieldElement other) + { + if (this == other) + return true; + if (null == other) + return false; + return Nat256.Eq64(x, other.x); + } + + public override int GetHashCode() + { + return 1930015 ^ Arrays.GetHashCode(x, 0, 4); + } + } +} diff --git a/BouncyCastle/crypto/src/math/ec/custom/sec/SecT193R1Curve.cs b/BouncyCastle/crypto/src/math/ec/custom/sec/SecT193R1Curve.cs new file mode 100644 index 0000000..32bc434 --- /dev/null +++ b/BouncyCastle/crypto/src/math/ec/custom/sec/SecT193R1Curve.cs @@ -0,0 +1,177 @@ +using System; + +using Org.BouncyCastle.Math.Raw; +using Org.BouncyCastle.Utilities.Encoders; + +namespace Org.BouncyCastle.Math.EC.Custom.Sec +{ + internal class SecT193R1Curve + : AbstractF2mCurve + { + private const int SECT193R1_DEFAULT_COORDS = COORD_LAMBDA_PROJECTIVE; + private const int SECT193R1_FE_LONGS = 4; + private static readonly ECFieldElement[] SECT193R1_AFFINE_ZS = new ECFieldElement[] { new SecT193FieldElement(BigInteger.One) }; + + protected readonly SecT193R1Point m_infinity; + + public SecT193R1Curve() + : base(193, 15, 0, 0) + { + this.m_infinity = new SecT193R1Point(this, null, null); + + this.m_a = FromBigInteger(new BigInteger(1, Hex.DecodeStrict("0017858FEB7A98975169E171F77B4087DE098AC8A911DF7B01"))); + this.m_b = FromBigInteger(new BigInteger(1, Hex.DecodeStrict("00FDFB49BFE6C3A89FACADAA7A1E5BBC7CC1C2E5D831478814"))); + this.m_order = new BigInteger(1, Hex.DecodeStrict("01000000000000000000000000C7F34A778F443ACC920EBA49")); + this.m_cofactor = BigInteger.Two; + + this.m_coord = SECT193R1_DEFAULT_COORDS; + } + + protected override ECCurve CloneCurve() + { + return new SecT193R1Curve(); + } + + public override bool SupportsCoordinateSystem(int coord) + { + switch (coord) + { + case COORD_LAMBDA_PROJECTIVE: + return true; + default: + return false; + } + } + + public override ECPoint Infinity + { + get { return m_infinity; } + } + + public override int FieldSize + { + get { return 193; } + } + + public override ECFieldElement FromBigInteger(BigInteger x) + { + return new SecT193FieldElement(x); + } + + protected internal override ECPoint CreateRawPoint(ECFieldElement x, ECFieldElement y, bool withCompression) + { + return new SecT193R1Point(this, x, y, withCompression); + } + + protected internal override ECPoint CreateRawPoint(ECFieldElement x, ECFieldElement y, ECFieldElement[] zs, bool withCompression) + { + return new SecT193R1Point(this, x, y, zs, withCompression); + } + + public override bool IsKoblitz + { + get { return false; } + } + + public virtual int M + { + get { return 193; } + } + + public virtual bool IsTrinomial + { + get { return true; } + } + + public virtual int K1 + { + get { return 15; } + } + + public virtual int K2 + { + get { return 0; } + } + + public virtual int K3 + { + get { return 0; } + } + + public override ECLookupTable CreateCacheSafeLookupTable(ECPoint[] points, int off, int len) + { + ulong[] table = new ulong[len * SECT193R1_FE_LONGS * 2]; + { + int pos = 0; + for (int i = 0; i < len; ++i) + { + ECPoint p = points[off + i]; + Nat256.Copy64(((SecT193FieldElement)p.RawXCoord).x, 0, table, pos); pos += SECT193R1_FE_LONGS; + Nat256.Copy64(((SecT193FieldElement)p.RawYCoord).x, 0, table, pos); pos += SECT193R1_FE_LONGS; + } + } + + return new SecT193R1LookupTable(this, table, len); + } + + private class SecT193R1LookupTable + : AbstractECLookupTable + { + private readonly SecT193R1Curve m_outer; + private readonly ulong[] m_table; + private readonly int m_size; + + internal SecT193R1LookupTable(SecT193R1Curve outer, ulong[] table, int size) + { + this.m_outer = outer; + this.m_table = table; + this.m_size = size; + } + + public override int Size + { + get { return m_size; } + } + + public override ECPoint Lookup(int index) + { + ulong[] x = Nat256.Create64(), y = Nat256.Create64(); + int pos = 0; + + for (int i = 0; i < m_size; ++i) + { + ulong MASK = (ulong)(long)(((i ^ index) - 1) >> 31); + + for (int j = 0; j < SECT193R1_FE_LONGS; ++j) + { + x[j] ^= m_table[pos + j] & MASK; + y[j] ^= m_table[pos + SECT193R1_FE_LONGS + j] & MASK; + } + + pos += (SECT193R1_FE_LONGS * 2); + } + + return CreatePoint(x, y); + } + + public override ECPoint LookupVar(int index) + { + ulong[] x = Nat256.Create64(), y = Nat256.Create64(); + int pos = index * SECT193R1_FE_LONGS * 2; + + for (int j = 0; j < SECT193R1_FE_LONGS; ++j) + { + x[j] = m_table[pos + j]; + y[j] = m_table[pos + SECT193R1_FE_LONGS + j]; + } + + return CreatePoint(x, y); + } + + private ECPoint CreatePoint(ulong[] x, ulong[] y) + { + return m_outer.CreateRawPoint(new SecT193FieldElement(x), new SecT193FieldElement(y), SECT193R1_AFFINE_ZS, false); + } + } + } +} diff --git a/BouncyCastle/crypto/src/math/ec/custom/sec/SecT193R1Point.cs b/BouncyCastle/crypto/src/math/ec/custom/sec/SecT193R1Point.cs new file mode 100644 index 0000000..9dbdd14 --- /dev/null +++ b/BouncyCastle/crypto/src/math/ec/custom/sec/SecT193R1Point.cs @@ -0,0 +1,283 @@ +using System; + +namespace Org.BouncyCastle.Math.EC.Custom.Sec +{ + internal class SecT193R1Point + : AbstractF2mPoint + { + /** + * @deprecated Use ECCurve.createPoint to construct points + */ + public SecT193R1Point(ECCurve curve, ECFieldElement x, ECFieldElement y) + : this(curve, x, y, false) + { + } + + /** + * @deprecated per-point compression property will be removed, refer {@link #getEncoded(bool)} + */ + public SecT193R1Point(ECCurve curve, ECFieldElement x, ECFieldElement y, bool withCompression) + : base(curve, x, y, withCompression) + { + if ((x == null) != (y == null)) + throw new ArgumentException("Exactly one of the field elements is null"); + } + + internal SecT193R1Point(ECCurve curve, ECFieldElement x, ECFieldElement y, ECFieldElement[] zs, bool withCompression) + : base(curve, x, y, zs, withCompression) + { + } + + protected override ECPoint Detach() + { + return new SecT193R1Point(null, AffineXCoord, AffineYCoord); + } + + public override ECFieldElement YCoord + { + get + { + ECFieldElement X = RawXCoord, L = RawYCoord; + + if (this.IsInfinity || X.IsZero) + return L; + + // Y is actually Lambda (X + Y/X) here; convert to affine value on the fly + ECFieldElement Y = L.Add(X).Multiply(X); + + ECFieldElement Z = RawZCoords[0]; + if (!Z.IsOne) + { + Y = Y.Divide(Z); + } + + return Y; + } + } + + protected internal override bool CompressionYTilde + { + get + { + ECFieldElement X = this.RawXCoord; + if (X.IsZero) + return false; + + ECFieldElement Y = this.RawYCoord; + + // Y is actually Lambda (X + Y/X) here + return Y.TestBitZero() != X.TestBitZero(); + } + } + + public override ECPoint Add(ECPoint b) + { + if (this.IsInfinity) + return b; + if (b.IsInfinity) + return this; + + ECCurve curve = this.Curve; + + ECFieldElement X1 = this.RawXCoord; + ECFieldElement X2 = b.RawXCoord; + + if (X1.IsZero) + { + if (X2.IsZero) + return curve.Infinity; + + return b.Add(this); + } + + ECFieldElement L1 = this.RawYCoord, Z1 = this.RawZCoords[0]; + ECFieldElement L2 = b.RawYCoord, Z2 = b.RawZCoords[0]; + + bool Z1IsOne = Z1.IsOne; + ECFieldElement U2 = X2, S2 = L2; + if (!Z1IsOne) + { + U2 = U2.Multiply(Z1); + S2 = S2.Multiply(Z1); + } + + bool Z2IsOne = Z2.IsOne; + ECFieldElement U1 = X1, S1 = L1; + if (!Z2IsOne) + { + U1 = U1.Multiply(Z2); + S1 = S1.Multiply(Z2); + } + + ECFieldElement A = S1.Add(S2); + ECFieldElement B = U1.Add(U2); + + if (B.IsZero) + { + if (A.IsZero) + return Twice(); + + return curve.Infinity; + } + + ECFieldElement X3, L3, Z3; + if (X2.IsZero) + { + // TODO This can probably be optimized quite a bit + ECPoint p = this.Normalize(); + X1 = p.XCoord; + ECFieldElement Y1 = p.YCoord; + + ECFieldElement Y2 = L2; + ECFieldElement L = Y1.Add(Y2).Divide(X1); + + X3 = L.Square().Add(L).Add(X1).Add(curve.A); + if (X3.IsZero) + { + return new SecT193R1Point(curve, X3, curve.B.Sqrt(), IsCompressed); + } + + ECFieldElement Y3 = L.Multiply(X1.Add(X3)).Add(X3).Add(Y1); + L3 = Y3.Divide(X3).Add(X3); + Z3 = curve.FromBigInteger(BigInteger.One); + } + else + { + B = B.Square(); + + ECFieldElement AU1 = A.Multiply(U1); + ECFieldElement AU2 = A.Multiply(U2); + + X3 = AU1.Multiply(AU2); + if (X3.IsZero) + { + return new SecT193R1Point(curve, X3, curve.B.Sqrt(), IsCompressed); + } + + ECFieldElement ABZ2 = A.Multiply(B); + if (!Z2IsOne) + { + ABZ2 = ABZ2.Multiply(Z2); + } + + L3 = AU2.Add(B).SquarePlusProduct(ABZ2, L1.Add(Z1)); + + Z3 = ABZ2; + if (!Z1IsOne) + { + Z3 = Z3.Multiply(Z1); + } + } + + return new SecT193R1Point(curve, X3, L3, new ECFieldElement[] { Z3 }, IsCompressed); + } + + public override ECPoint Twice() + { + if (this.IsInfinity) + { + return this; + } + + ECCurve curve = this.Curve; + + ECFieldElement X1 = this.RawXCoord; + if (X1.IsZero) + { + // A point with X == 0 is its own additive inverse + return curve.Infinity; + } + + ECFieldElement L1 = this.RawYCoord, Z1 = this.RawZCoords[0]; + + bool Z1IsOne = Z1.IsOne; + ECFieldElement L1Z1 = Z1IsOne ? L1 : L1.Multiply(Z1); + ECFieldElement Z1Sq = Z1IsOne ? Z1 : Z1.Square(); + ECFieldElement a = curve.A; + ECFieldElement aZ1Sq = Z1IsOne ? a : a.Multiply(Z1Sq); + ECFieldElement T = L1.Square().Add(L1Z1).Add(aZ1Sq); + if (T.IsZero) + { + return new SecT193R1Point(curve, T, curve.B.Sqrt(), IsCompressed); + } + + ECFieldElement X3 = T.Square(); + ECFieldElement Z3 = Z1IsOne ? T : T.Multiply(Z1Sq); + + ECFieldElement X1Z1 = Z1IsOne ? X1 : X1.Multiply(Z1); + ECFieldElement L3 = X1Z1.SquarePlusProduct(T, L1Z1).Add(X3).Add(Z3); + + return new SecT193R1Point(curve, X3, L3, new ECFieldElement[] { Z3 }, IsCompressed); + } + + public override ECPoint TwicePlus(ECPoint b) + { + if (this.IsInfinity) + return b; + if (b.IsInfinity) + return Twice(); + + ECCurve curve = this.Curve; + + ECFieldElement X1 = this.RawXCoord; + if (X1.IsZero) + { + // A point with X == 0 is its own additive inverse + return b; + } + + ECFieldElement X2 = b.RawXCoord, Z2 = b.RawZCoords[0]; + if (X2.IsZero || !Z2.IsOne) + { + return Twice().Add(b); + } + + ECFieldElement L1 = this.RawYCoord, Z1 = this.RawZCoords[0]; + ECFieldElement L2 = b.RawYCoord; + + ECFieldElement X1Sq = X1.Square(); + ECFieldElement L1Sq = L1.Square(); + ECFieldElement Z1Sq = Z1.Square(); + ECFieldElement L1Z1 = L1.Multiply(Z1); + + ECFieldElement T = curve.A.Multiply(Z1Sq).Add(L1Sq).Add(L1Z1); + ECFieldElement L2plus1 = L2.AddOne(); + ECFieldElement A = curve.A.Add(L2plus1).Multiply(Z1Sq).Add(L1Sq).MultiplyPlusProduct(T, X1Sq, Z1Sq); + ECFieldElement X2Z1Sq = X2.Multiply(Z1Sq); + ECFieldElement B = X2Z1Sq.Add(T).Square(); + + if (B.IsZero) + { + if (A.IsZero) + return b.Twice(); + + return curve.Infinity; + } + + if (A.IsZero) + { + return new SecT193R1Point(curve, A, curve.B.Sqrt(), IsCompressed); + } + + ECFieldElement X3 = A.Square().Multiply(X2Z1Sq); + ECFieldElement Z3 = A.Multiply(B).Multiply(Z1Sq); + ECFieldElement L3 = A.Add(B).Square().MultiplyPlusProduct(T, L2plus1, Z3); + + return new SecT193R1Point(curve, X3, L3, new ECFieldElement[] { Z3 }, IsCompressed); + } + + public override ECPoint Negate() + { + if (this.IsInfinity) + return this; + + ECFieldElement X = this.RawXCoord; + if (X.IsZero) + return this; + + // L is actually Lambda (X + Y/X) here + ECFieldElement L = this.RawYCoord, Z = this.RawZCoords[0]; + return new SecT193R1Point(Curve, X, L.Add(Z), new ECFieldElement[] { Z }, IsCompressed); + } + } +} diff --git a/BouncyCastle/crypto/src/math/ec/custom/sec/SecT193R2Curve.cs b/BouncyCastle/crypto/src/math/ec/custom/sec/SecT193R2Curve.cs new file mode 100644 index 0000000..7f53571 --- /dev/null +++ b/BouncyCastle/crypto/src/math/ec/custom/sec/SecT193R2Curve.cs @@ -0,0 +1,177 @@ +using System; + +using Org.BouncyCastle.Math.Raw; +using Org.BouncyCastle.Utilities.Encoders; + +namespace Org.BouncyCastle.Math.EC.Custom.Sec +{ + internal class SecT193R2Curve + : AbstractF2mCurve + { + private const int SECT193R2_DEFAULT_COORDS = COORD_LAMBDA_PROJECTIVE; + private const int SECT193R2_FE_LONGS = 4; + private static readonly ECFieldElement[] SECT193R2_AFFINE_ZS = new ECFieldElement[] { new SecT193FieldElement(BigInteger.One) }; + + protected readonly SecT193R2Point m_infinity; + + public SecT193R2Curve() + : base(193, 15, 0, 0) + { + this.m_infinity = new SecT193R2Point(this, null, null); + + this.m_a = FromBigInteger(new BigInteger(1, Hex.DecodeStrict("0163F35A5137C2CE3EA6ED8667190B0BC43ECD69977702709B"))); + this.m_b = FromBigInteger(new BigInteger(1, Hex.DecodeStrict("00C9BB9E8927D4D64C377E2AB2856A5B16E3EFB7F61D4316AE"))); + this.m_order = new BigInteger(1, Hex.DecodeStrict("010000000000000000000000015AAB561B005413CCD4EE99D5")); + this.m_cofactor = BigInteger.Two; + + this.m_coord = SECT193R2_DEFAULT_COORDS; + } + + protected override ECCurve CloneCurve() + { + return new SecT193R2Curve(); + } + + public override bool SupportsCoordinateSystem(int coord) + { + switch (coord) + { + case COORD_LAMBDA_PROJECTIVE: + return true; + default: + return false; + } + } + + public override ECPoint Infinity + { + get { return m_infinity; } + } + + public override int FieldSize + { + get { return 193; } + } + + public override ECFieldElement FromBigInteger(BigInteger x) + { + return new SecT193FieldElement(x); + } + + protected internal override ECPoint CreateRawPoint(ECFieldElement x, ECFieldElement y, bool withCompression) + { + return new SecT193R2Point(this, x, y, withCompression); + } + + protected internal override ECPoint CreateRawPoint(ECFieldElement x, ECFieldElement y, ECFieldElement[] zs, bool withCompression) + { + return new SecT193R2Point(this, x, y, zs, withCompression); + } + + public override bool IsKoblitz + { + get { return false; } + } + + public virtual int M + { + get { return 193; } + } + + public virtual bool IsTrinomial + { + get { return true; } + } + + public virtual int K1 + { + get { return 15; } + } + + public virtual int K2 + { + get { return 0; } + } + + public virtual int K3 + { + get { return 0; } + } + + public override ECLookupTable CreateCacheSafeLookupTable(ECPoint[] points, int off, int len) + { + ulong[] table = new ulong[len * SECT193R2_FE_LONGS * 2]; + { + int pos = 0; + for (int i = 0; i < len; ++i) + { + ECPoint p = points[off + i]; + Nat256.Copy64(((SecT193FieldElement)p.RawXCoord).x, 0, table, pos); pos += SECT193R2_FE_LONGS; + Nat256.Copy64(((SecT193FieldElement)p.RawYCoord).x, 0, table, pos); pos += SECT193R2_FE_LONGS; + } + } + + return new SecT193R2LookupTable(this, table, len); + } + + private class SecT193R2LookupTable + : AbstractECLookupTable + { + private readonly SecT193R2Curve m_outer; + private readonly ulong[] m_table; + private readonly int m_size; + + internal SecT193R2LookupTable(SecT193R2Curve outer, ulong[] table, int size) + { + this.m_outer = outer; + this.m_table = table; + this.m_size = size; + } + + public override int Size + { + get { return m_size; } + } + + public override ECPoint Lookup(int index) + { + ulong[] x = Nat256.Create64(), y = Nat256.Create64(); + int pos = 0; + + for (int i = 0; i < m_size; ++i) + { + ulong MASK = (ulong)(long)(((i ^ index) - 1) >> 31); + + for (int j = 0; j < SECT193R2_FE_LONGS; ++j) + { + x[j] ^= m_table[pos + j] & MASK; + y[j] ^= m_table[pos + SECT193R2_FE_LONGS + j] & MASK; + } + + pos += (SECT193R2_FE_LONGS * 2); + } + + return CreatePoint(x, y); + } + + public override ECPoint LookupVar(int index) + { + ulong[] x = Nat256.Create64(), y = Nat256.Create64(); + int pos = index * SECT193R2_FE_LONGS * 2; + + for (int j = 0; j < SECT193R2_FE_LONGS; ++j) + { + x[j] = m_table[pos + j]; + y[j] = m_table[pos + SECT193R2_FE_LONGS + j]; + } + + return CreatePoint(x, y); + } + + private ECPoint CreatePoint(ulong[] x, ulong[] y) + { + return m_outer.CreateRawPoint(new SecT193FieldElement(x), new SecT193FieldElement(y), SECT193R2_AFFINE_ZS, false); + } + } + } +} diff --git a/BouncyCastle/crypto/src/math/ec/custom/sec/SecT193R2Point.cs b/BouncyCastle/crypto/src/math/ec/custom/sec/SecT193R2Point.cs new file mode 100644 index 0000000..b75a7ce --- /dev/null +++ b/BouncyCastle/crypto/src/math/ec/custom/sec/SecT193R2Point.cs @@ -0,0 +1,283 @@ +using System; + +namespace Org.BouncyCastle.Math.EC.Custom.Sec +{ + internal class SecT193R2Point + : AbstractF2mPoint + { + /** + * @deprecated Use ECCurve.createPoint to construct points + */ + public SecT193R2Point(ECCurve curve, ECFieldElement x, ECFieldElement y) + : this(curve, x, y, false) + { + } + + /** + * @deprecated per-point compression property will be removed, refer {@link #getEncoded(bool)} + */ + public SecT193R2Point(ECCurve curve, ECFieldElement x, ECFieldElement y, bool withCompression) + : base(curve, x, y, withCompression) + { + if ((x == null) != (y == null)) + throw new ArgumentException("Exactly one of the field elements is null"); + } + + internal SecT193R2Point(ECCurve curve, ECFieldElement x, ECFieldElement y, ECFieldElement[] zs, bool withCompression) + : base(curve, x, y, zs, withCompression) + { + } + + protected override ECPoint Detach() + { + return new SecT193R2Point(null, AffineXCoord, AffineYCoord); + } + + public override ECFieldElement YCoord + { + get + { + ECFieldElement X = RawXCoord, L = RawYCoord; + + if (this.IsInfinity || X.IsZero) + return L; + + // Y is actually Lambda (X + Y/X) here; convert to affine value on the fly + ECFieldElement Y = L.Add(X).Multiply(X); + + ECFieldElement Z = RawZCoords[0]; + if (!Z.IsOne) + { + Y = Y.Divide(Z); + } + + return Y; + } + } + + protected internal override bool CompressionYTilde + { + get + { + ECFieldElement X = this.RawXCoord; + if (X.IsZero) + return false; + + ECFieldElement Y = this.RawYCoord; + + // Y is actually Lambda (X + Y/X) here + return Y.TestBitZero() != X.TestBitZero(); + } + } + + public override ECPoint Add(ECPoint b) + { + if (this.IsInfinity) + return b; + if (b.IsInfinity) + return this; + + ECCurve curve = this.Curve; + + ECFieldElement X1 = this.RawXCoord; + ECFieldElement X2 = b.RawXCoord; + + if (X1.IsZero) + { + if (X2.IsZero) + return curve.Infinity; + + return b.Add(this); + } + + ECFieldElement L1 = this.RawYCoord, Z1 = this.RawZCoords[0]; + ECFieldElement L2 = b.RawYCoord, Z2 = b.RawZCoords[0]; + + bool Z1IsOne = Z1.IsOne; + ECFieldElement U2 = X2, S2 = L2; + if (!Z1IsOne) + { + U2 = U2.Multiply(Z1); + S2 = S2.Multiply(Z1); + } + + bool Z2IsOne = Z2.IsOne; + ECFieldElement U1 = X1, S1 = L1; + if (!Z2IsOne) + { + U1 = U1.Multiply(Z2); + S1 = S1.Multiply(Z2); + } + + ECFieldElement A = S1.Add(S2); + ECFieldElement B = U1.Add(U2); + + if (B.IsZero) + { + if (A.IsZero) + return Twice(); + + return curve.Infinity; + } + + ECFieldElement X3, L3, Z3; + if (X2.IsZero) + { + // TODO This can probably be optimized quite a bit + ECPoint p = this.Normalize(); + X1 = p.XCoord; + ECFieldElement Y1 = p.YCoord; + + ECFieldElement Y2 = L2; + ECFieldElement L = Y1.Add(Y2).Divide(X1); + + X3 = L.Square().Add(L).Add(X1).Add(curve.A); + if (X3.IsZero) + { + return new SecT193R2Point(curve, X3, curve.B.Sqrt(), IsCompressed); + } + + ECFieldElement Y3 = L.Multiply(X1.Add(X3)).Add(X3).Add(Y1); + L3 = Y3.Divide(X3).Add(X3); + Z3 = curve.FromBigInteger(BigInteger.One); + } + else + { + B = B.Square(); + + ECFieldElement AU1 = A.Multiply(U1); + ECFieldElement AU2 = A.Multiply(U2); + + X3 = AU1.Multiply(AU2); + if (X3.IsZero) + { + return new SecT193R2Point(curve, X3, curve.B.Sqrt(), IsCompressed); + } + + ECFieldElement ABZ2 = A.Multiply(B); + if (!Z2IsOne) + { + ABZ2 = ABZ2.Multiply(Z2); + } + + L3 = AU2.Add(B).SquarePlusProduct(ABZ2, L1.Add(Z1)); + + Z3 = ABZ2; + if (!Z1IsOne) + { + Z3 = Z3.Multiply(Z1); + } + } + + return new SecT193R2Point(curve, X3, L3, new ECFieldElement[] { Z3 }, IsCompressed); + } + + public override ECPoint Twice() + { + if (this.IsInfinity) + { + return this; + } + + ECCurve curve = this.Curve; + + ECFieldElement X1 = this.RawXCoord; + if (X1.IsZero) + { + // A point with X == 0 is its own additive inverse + return curve.Infinity; + } + + ECFieldElement L1 = this.RawYCoord, Z1 = this.RawZCoords[0]; + + bool Z1IsOne = Z1.IsOne; + ECFieldElement L1Z1 = Z1IsOne ? L1 : L1.Multiply(Z1); + ECFieldElement Z1Sq = Z1IsOne ? Z1 : Z1.Square(); + ECFieldElement a = curve.A; + ECFieldElement aZ1Sq = Z1IsOne ? a : a.Multiply(Z1Sq); + ECFieldElement T = L1.Square().Add(L1Z1).Add(aZ1Sq); + if (T.IsZero) + { + return new SecT193R2Point(curve, T, curve.B.Sqrt(), IsCompressed); + } + + ECFieldElement X3 = T.Square(); + ECFieldElement Z3 = Z1IsOne ? T : T.Multiply(Z1Sq); + + ECFieldElement X1Z1 = Z1IsOne ? X1 : X1.Multiply(Z1); + ECFieldElement L3 = X1Z1.SquarePlusProduct(T, L1Z1).Add(X3).Add(Z3); + + return new SecT193R2Point(curve, X3, L3, new ECFieldElement[] { Z3 }, IsCompressed); + } + + public override ECPoint TwicePlus(ECPoint b) + { + if (this.IsInfinity) + return b; + if (b.IsInfinity) + return Twice(); + + ECCurve curve = this.Curve; + + ECFieldElement X1 = this.RawXCoord; + if (X1.IsZero) + { + // A point with X == 0 is its own additive inverse + return b; + } + + ECFieldElement X2 = b.RawXCoord, Z2 = b.RawZCoords[0]; + if (X2.IsZero || !Z2.IsOne) + { + return Twice().Add(b); + } + + ECFieldElement L1 = this.RawYCoord, Z1 = this.RawZCoords[0]; + ECFieldElement L2 = b.RawYCoord; + + ECFieldElement X1Sq = X1.Square(); + ECFieldElement L1Sq = L1.Square(); + ECFieldElement Z1Sq = Z1.Square(); + ECFieldElement L1Z1 = L1.Multiply(Z1); + + ECFieldElement T = curve.A.Multiply(Z1Sq).Add(L1Sq).Add(L1Z1); + ECFieldElement L2plus1 = L2.AddOne(); + ECFieldElement A = curve.A.Add(L2plus1).Multiply(Z1Sq).Add(L1Sq).MultiplyPlusProduct(T, X1Sq, Z1Sq); + ECFieldElement X2Z1Sq = X2.Multiply(Z1Sq); + ECFieldElement B = X2Z1Sq.Add(T).Square(); + + if (B.IsZero) + { + if (A.IsZero) + return b.Twice(); + + return curve.Infinity; + } + + if (A.IsZero) + { + return new SecT193R2Point(curve, A, curve.B.Sqrt(), IsCompressed); + } + + ECFieldElement X3 = A.Square().Multiply(X2Z1Sq); + ECFieldElement Z3 = A.Multiply(B).Multiply(Z1Sq); + ECFieldElement L3 = A.Add(B).Square().MultiplyPlusProduct(T, L2plus1, Z3); + + return new SecT193R2Point(curve, X3, L3, new ECFieldElement[] { Z3 }, IsCompressed); + } + + public override ECPoint Negate() + { + if (this.IsInfinity) + return this; + + ECFieldElement X = this.RawXCoord; + if (X.IsZero) + return this; + + // L is actually Lambda (X + Y/X) here + ECFieldElement L = this.RawYCoord, Z = this.RawZCoords[0]; + return new SecT193R2Point(Curve, X, L.Add(Z), new ECFieldElement[] { Z }, IsCompressed); + } + } +} diff --git a/BouncyCastle/crypto/src/math/ec/custom/sec/SecT233Field.cs b/BouncyCastle/crypto/src/math/ec/custom/sec/SecT233Field.cs new file mode 100644 index 0000000..1ebac2e --- /dev/null +++ b/BouncyCastle/crypto/src/math/ec/custom/sec/SecT233Field.cs @@ -0,0 +1,333 @@ +using System; +using System.Diagnostics; + +using Org.BouncyCastle.Math.Raw; + +namespace Org.BouncyCastle.Math.EC.Custom.Sec +{ + internal class SecT233Field + { + private const ulong M41 = ulong.MaxValue >> 23; + private const ulong M59 = ulong.MaxValue >> 5; + + public static void Add(ulong[] x, ulong[] y, ulong[] z) + { + z[0] = x[0] ^ y[0]; + z[1] = x[1] ^ y[1]; + z[2] = x[2] ^ y[2]; + z[3] = x[3] ^ y[3]; + } + + public static void AddExt(ulong[] xx, ulong[] yy, ulong[] zz) + { + zz[0] = xx[0] ^ yy[0]; + zz[1] = xx[1] ^ yy[1]; + zz[2] = xx[2] ^ yy[2]; + zz[3] = xx[3] ^ yy[3]; + zz[4] = xx[4] ^ yy[4]; + zz[5] = xx[5] ^ yy[5]; + zz[6] = xx[6] ^ yy[6]; + zz[7] = xx[7] ^ yy[7]; + } + + public static void AddOne(ulong[] x, ulong[] z) + { + z[0] = x[0] ^ 1UL; + z[1] = x[1]; + z[2] = x[2]; + z[3] = x[3]; + } + + private static void AddTo(ulong[] x, ulong[] z) + { + z[0] ^= x[0]; + z[1] ^= x[1]; + z[2] ^= x[2]; + z[3] ^= x[3]; + } + + public static ulong[] FromBigInteger(BigInteger x) + { + return Nat.FromBigInteger64(233, x); + } + + public static void HalfTrace(ulong[] x, ulong[] z) + { + ulong[] tt = Nat256.CreateExt64(); + + Nat256.Copy64(x, z); + for (int i = 1; i < 233; i += 2) + { + ImplSquare(z, tt); + Reduce(tt, z); + ImplSquare(z, tt); + Reduce(tt, z); + AddTo(x, z); + } + } + + public static void Invert(ulong[] x, ulong[] z) + { + if (Nat256.IsZero64(x)) + throw new InvalidOperationException(); + + // Itoh-Tsujii inversion + + ulong[] t0 = Nat256.Create64(); + ulong[] t1 = Nat256.Create64(); + + Square(x, t0); + Multiply(t0, x, t0); + Square(t0, t0); + Multiply(t0, x, t0); + SquareN(t0, 3, t1); + Multiply(t1, t0, t1); + Square(t1, t1); + Multiply(t1, x, t1); + SquareN(t1, 7, t0); + Multiply(t0, t1, t0); + SquareN(t0, 14, t1); + Multiply(t1, t0, t1); + Square(t1, t1); + Multiply(t1, x, t1); + SquareN(t1, 29, t0); + Multiply(t0, t1, t0); + SquareN(t0, 58, t1); + Multiply(t1, t0, t1); + SquareN(t1, 116, t0); + Multiply(t0, t1, t0); + Square(t0, z); + } + + public static void Multiply(ulong[] x, ulong[] y, ulong[] z) + { + ulong[] tt = Nat256.CreateExt64(); + ImplMultiply(x, y, tt); + Reduce(tt, z); + } + + public static void MultiplyAddToExt(ulong[] x, ulong[] y, ulong[] zz) + { + ulong[] tt = Nat256.CreateExt64(); + ImplMultiply(x, y, tt); + AddExt(zz, tt, zz); + } + + public static void Reduce(ulong[] xx, ulong[] z) + { + ulong x0 = xx[0], x1 = xx[1], x2 = xx[2], x3 = xx[3]; + ulong x4 = xx[4], x5 = xx[5], x6 = xx[6], x7 = xx[7]; + + x3 ^= (x7 << 23); + x4 ^= (x7 >> 41) ^ (x7 << 33); + x5 ^= (x7 >> 31); + + x2 ^= (x6 << 23); + x3 ^= (x6 >> 41) ^ (x6 << 33); + x4 ^= (x6 >> 31); + + x1 ^= (x5 << 23); + x2 ^= (x5 >> 41) ^ (x5 << 33); + x3 ^= (x5 >> 31); + + x0 ^= (x4 << 23); + x1 ^= (x4 >> 41) ^ (x4 << 33); + x2 ^= (x4 >> 31); + + ulong t = x3 >> 41; + z[0] = x0 ^ t; + z[1] = x1 ^ (t << 10); + z[2] = x2; + z[3] = x3 & M41; + } + + public static void Reduce23(ulong[] z, int zOff) + { + ulong z3 = z[zOff + 3], t = z3 >> 41; + z[zOff ] ^= t; + z[zOff + 1] ^= (t << 10); + z[zOff + 3] = z3 & M41; + } + + public static void Sqrt(ulong[] x, ulong[] z) + { + ulong u0, u1; + u0 = Interleave.Unshuffle(x[0]); u1 = Interleave.Unshuffle(x[1]); + ulong e0 = (u0 & 0x00000000FFFFFFFFUL) | (u1 << 32); + ulong c0 = (u0 >> 32) | (u1 & 0xFFFFFFFF00000000UL); + + u0 = Interleave.Unshuffle(x[2]); u1 = Interleave.Unshuffle(x[3]); + ulong e1 = (u0 & 0x00000000FFFFFFFFUL) | (u1 << 32); + ulong c1 = (u0 >> 32) | (u1 & 0xFFFFFFFF00000000UL); + + ulong c2; + c2 = (c1 >> 27); + c1 ^= (c0 >> 27) | (c1 << 37); + c0 ^= (c0 << 37); + + ulong[] tt = Nat256.CreateExt64(); + + int[] shifts = { 32, 117, 191 }; + for (int i = 0; i < shifts.Length; ++i) + { + int w = shifts[i] >> 6, s = shifts[i] & 63; + Debug.Assert(s != 0); + tt[w ] ^= (c0 << s); + tt[w + 1] ^= (c1 << s) | (c0 >> -s); + tt[w + 2] ^= (c2 << s) | (c1 >> -s); + tt[w + 3] ^= (c2 >> -s); + } + + Reduce(tt, z); + + z[0] ^= e0; + z[1] ^= e1; + } + + public static void Square(ulong[] x, ulong[] z) + { + ulong[] tt = Nat256.CreateExt64(); + ImplSquare(x, tt); + Reduce(tt, z); + } + + public static void SquareAddToExt(ulong[] x, ulong[] zz) + { + ulong[] tt = Nat256.CreateExt64(); + ImplSquare(x, tt); + AddExt(zz, tt, zz); + } + + public static void SquareN(ulong[] x, int n, ulong[] z) + { + Debug.Assert(n > 0); + + ulong[] tt = Nat256.CreateExt64(); + ImplSquare(x, tt); + Reduce(tt, z); + + while (--n > 0) + { + ImplSquare(z, tt); + Reduce(tt, z); + } + } + + public static uint Trace(ulong[] x) + { + // Non-zero-trace bits: 0, 159 + return (uint)(x[0] ^ (x[2] >> 31)) & 1U; + } + + protected static void ImplCompactExt(ulong[] zz) + { + ulong z0 = zz[0], z1 = zz[1], z2 = zz[2], z3 = zz[3], z4 = zz[4], z5 = zz[5], z6 = zz[6], z7 = zz[7]; + zz[0] = z0 ^ (z1 << 59); + zz[1] = (z1 >> 5) ^ (z2 << 54); + zz[2] = (z2 >> 10) ^ (z3 << 49); + zz[3] = (z3 >> 15) ^ (z4 << 44); + zz[4] = (z4 >> 20) ^ (z5 << 39); + zz[5] = (z5 >> 25) ^ (z6 << 34); + zz[6] = (z6 >> 30) ^ (z7 << 29); + zz[7] = (z7 >> 35); + } + + protected static void ImplExpand(ulong[] x, ulong[] z) + { + ulong x0 = x[0], x1 = x[1], x2 = x[2], x3 = x[3]; + z[0] = x0 & M59; + z[1] = ((x0 >> 59) ^ (x1 << 5)) & M59; + z[2] = ((x1 >> 54) ^ (x2 << 10)) & M59; + z[3] = ((x2 >> 49) ^ (x3 << 15)); + } + + protected static void ImplMultiply(ulong[] x, ulong[] y, ulong[] zz) + { + /* + * "Two-level seven-way recursion" as described in "Batch binary Edwards", Daniel J. Bernstein. + */ + + ulong[] f = new ulong[4], g = new ulong[4]; + ImplExpand(x, f); + ImplExpand(y, g); + + ulong[] u = new ulong[8]; + + ImplMulwAcc(u, f[0], g[0], zz, 0); + ImplMulwAcc(u, f[1], g[1], zz, 1); + ImplMulwAcc(u, f[2], g[2], zz, 2); + ImplMulwAcc(u, f[3], g[3], zz, 3); + + // U *= (1 - t^n) + for (int i = 5; i > 0; --i) + { + zz[i] ^= zz[i - 1]; + } + + ImplMulwAcc(u, f[0] ^ f[1], g[0] ^ g[1], zz, 1); + ImplMulwAcc(u, f[2] ^ f[3], g[2] ^ g[3], zz, 3); + + // V *= (1 - t^2n) + for (int i = 7; i > 1; --i) + { + zz[i] ^= zz[i - 2]; + } + + // Double-length recursion + { + ulong c0 = f[0] ^ f[2], c1 = f[1] ^ f[3]; + ulong d0 = g[0] ^ g[2], d1 = g[1] ^ g[3]; + ImplMulwAcc(u, c0 ^ c1, d0 ^ d1, zz, 3); + ulong[] t = new ulong[3]; + ImplMulwAcc(u, c0, d0, t, 0); + ImplMulwAcc(u, c1, d1, t, 1); + ulong t0 = t[0], t1 = t[1], t2 = t[2]; + zz[2] ^= t0; + zz[3] ^= t0 ^ t1; + zz[4] ^= t2 ^ t1; + zz[5] ^= t2; + } + + ImplCompactExt(zz); + } + + protected static void ImplMulwAcc(ulong[] u, ulong x, ulong y, ulong[] z, int zOff) + { + Debug.Assert(x >> 59 == 0); + Debug.Assert(y >> 59 == 0); + + //u[0] = 0; + u[1] = y; + u[2] = u[1] << 1; + u[3] = u[2] ^ y; + u[4] = u[2] << 1; + u[5] = u[4] ^ y; + u[6] = u[3] << 1; + u[7] = u[6] ^ y; + + uint j = (uint)x; + ulong g, h = 0, l = u[j & 7] + ^ (u[(j >> 3) & 7] << 3); + int k = 54; + do + { + j = (uint)(x >> k); + g = u[j & 7] + ^ u[(j >> 3) & 7] << 3; + l ^= (g << k); + h ^= (g >> -k); + } + while ((k -= 6) > 0); + + Debug.Assert(h >> 53 == 0); + + z[zOff ] ^= l & M59; + z[zOff + 1] ^= (l >> 59) ^ (h << 5); + } + + protected static void ImplSquare(ulong[] x, ulong[] zz) + { + Interleave.Expand64To128(x, 0, 4, zz, 0); + } + } +} diff --git a/BouncyCastle/crypto/src/math/ec/custom/sec/SecT233FieldElement.cs b/BouncyCastle/crypto/src/math/ec/custom/sec/SecT233FieldElement.cs new file mode 100644 index 0000000..8aff8c8 --- /dev/null +++ b/BouncyCastle/crypto/src/math/ec/custom/sec/SecT233FieldElement.cs @@ -0,0 +1,233 @@ +using System; + +using Org.BouncyCastle.Math.Raw; +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Math.EC.Custom.Sec +{ + internal class SecT233FieldElement + : AbstractF2mFieldElement + { + protected internal readonly ulong[] x; + + public SecT233FieldElement(BigInteger x) + { + if (x == null || x.SignValue < 0 || x.BitLength > 233) + throw new ArgumentException("value invalid for SecT233FieldElement", "x"); + + this.x = SecT233Field.FromBigInteger(x); + } + + public SecT233FieldElement() + { + this.x = Nat256.Create64(); + } + + protected internal SecT233FieldElement(ulong[] x) + { + this.x = x; + } + + public override bool IsOne + { + get { return Nat256.IsOne64(x); } + } + + public override bool IsZero + { + get { return Nat256.IsZero64(x); } + } + + public override bool TestBitZero() + { + return (x[0] & 1UL) != 0UL; + } + + public override BigInteger ToBigInteger() + { + return Nat256.ToBigInteger64(x); + } + + public override string FieldName + { + get { return "SecT233Field"; } + } + + public override int FieldSize + { + get { return 233; } + } + + public override ECFieldElement Add(ECFieldElement b) + { + ulong[] z = Nat256.Create64(); + SecT233Field.Add(x, ((SecT233FieldElement)b).x, z); + return new SecT233FieldElement(z); + } + + public override ECFieldElement AddOne() + { + ulong[] z = Nat256.Create64(); + SecT233Field.AddOne(x, z); + return new SecT233FieldElement(z); + } + + public override ECFieldElement Subtract(ECFieldElement b) + { + // Addition and Subtraction are the same in F2m + return Add(b); + } + + public override ECFieldElement Multiply(ECFieldElement b) + { + ulong[] z = Nat256.Create64(); + SecT233Field.Multiply(x, ((SecT233FieldElement)b).x, z); + return new SecT233FieldElement(z); + } + + public override ECFieldElement MultiplyMinusProduct(ECFieldElement b, ECFieldElement x, ECFieldElement y) + { + return MultiplyPlusProduct(b, x, y); + } + + public override ECFieldElement MultiplyPlusProduct(ECFieldElement b, ECFieldElement x, ECFieldElement y) + { + ulong[] ax = this.x, bx = ((SecT233FieldElement)b).x; + ulong[] xx = ((SecT233FieldElement)x).x, yx = ((SecT233FieldElement)y).x; + + ulong[] tt = Nat256.CreateExt64(); + SecT233Field.MultiplyAddToExt(ax, bx, tt); + SecT233Field.MultiplyAddToExt(xx, yx, tt); + + ulong[] z = Nat256.Create64(); + SecT233Field.Reduce(tt, z); + return new SecT233FieldElement(z); + } + + public override ECFieldElement Divide(ECFieldElement b) + { + return Multiply(b.Invert()); + } + + public override ECFieldElement Negate() + { + return this; + } + + public override ECFieldElement Square() + { + ulong[] z = Nat256.Create64(); + SecT233Field.Square(x, z); + return new SecT233FieldElement(z); + } + + public override ECFieldElement SquareMinusProduct(ECFieldElement x, ECFieldElement y) + { + return SquarePlusProduct(x, y); + } + + public override ECFieldElement SquarePlusProduct(ECFieldElement x, ECFieldElement y) + { + ulong[] ax = this.x; + ulong[] xx = ((SecT233FieldElement)x).x, yx = ((SecT233FieldElement)y).x; + + ulong[] tt = Nat256.CreateExt64(); + SecT233Field.SquareAddToExt(ax, tt); + SecT233Field.MultiplyAddToExt(xx, yx, tt); + + ulong[] z = Nat256.Create64(); + SecT233Field.Reduce(tt, z); + return new SecT233FieldElement(z); + } + + public override ECFieldElement SquarePow(int pow) + { + if (pow < 1) + return this; + + ulong[] z = Nat256.Create64(); + SecT233Field.SquareN(x, pow, z); + return new SecT233FieldElement(z); + } + + public override ECFieldElement HalfTrace() + { + ulong[] z = Nat256.Create64(); + SecT233Field.HalfTrace(x, z); + return new SecT233FieldElement(z); + } + + public override bool HasFastTrace + { + get { return true; } + } + + public override int Trace() + { + return (int)SecT233Field.Trace(x); + } + + public override ECFieldElement Invert() + { + ulong[] z = Nat256.Create64(); + SecT233Field.Invert(x, z); + return new SecT233FieldElement(z); + } + + public override ECFieldElement Sqrt() + { + ulong[] z = Nat256.Create64(); + SecT233Field.Sqrt(x, z); + return new SecT233FieldElement(z); + } + + public virtual int Representation + { + get { return F2mFieldElement.Tpb; } + } + + public virtual int M + { + get { return 233; } + } + + public virtual int K1 + { + get { return 74; } + } + + public virtual int K2 + { + get { return 0; } + } + + public virtual int K3 + { + get { return 0; } + } + + public override bool Equals(object obj) + { + return Equals(obj as SecT233FieldElement); + } + + public override bool Equals(ECFieldElement other) + { + return Equals(other as SecT233FieldElement); + } + + public virtual bool Equals(SecT233FieldElement other) + { + if (this == other) + return true; + if (null == other) + return false; + return Nat256.Eq64(x, other.x); + } + + public override int GetHashCode() + { + return 2330074 ^ Arrays.GetHashCode(x, 0, 4); + } + } +} diff --git a/BouncyCastle/crypto/src/math/ec/custom/sec/SecT233K1Curve.cs b/BouncyCastle/crypto/src/math/ec/custom/sec/SecT233K1Curve.cs new file mode 100644 index 0000000..7a3f55f --- /dev/null +++ b/BouncyCastle/crypto/src/math/ec/custom/sec/SecT233K1Curve.cs @@ -0,0 +1,183 @@ +using System; + +using Org.BouncyCastle.Math.EC.Multiplier; +using Org.BouncyCastle.Math.Raw; +using Org.BouncyCastle.Utilities.Encoders; + +namespace Org.BouncyCastle.Math.EC.Custom.Sec +{ + internal class SecT233K1Curve + : AbstractF2mCurve + { + private const int SECT233K1_DEFAULT_COORDS = COORD_LAMBDA_PROJECTIVE; + private const int SECT233K1_FE_LONGS = 4; + private static readonly ECFieldElement[] SECT233K1_AFFINE_ZS = new ECFieldElement[] { new SecT233FieldElement(BigInteger.One) }; + + protected readonly SecT233K1Point m_infinity; + + public SecT233K1Curve() + : base(233, 74, 0, 0) + { + this.m_infinity = new SecT233K1Point(this, null, null); + + this.m_a = FromBigInteger(BigInteger.Zero); + this.m_b = FromBigInteger(BigInteger.One); + this.m_order = new BigInteger(1, Hex.DecodeStrict("8000000000000000000000000000069D5BB915BCD46EFB1AD5F173ABDF")); + this.m_cofactor = BigInteger.ValueOf(4); + + this.m_coord = SECT233K1_DEFAULT_COORDS; + } + + protected override ECCurve CloneCurve() + { + return new SecT233K1Curve(); + } + + public override bool SupportsCoordinateSystem(int coord) + { + switch (coord) + { + case COORD_LAMBDA_PROJECTIVE: + return true; + default: + return false; + } + } + + protected override ECMultiplier CreateDefaultMultiplier() + { + return new WTauNafMultiplier(); + } + + public override int FieldSize + { + get { return 233; } + } + + public override ECFieldElement FromBigInteger(BigInteger x) + { + return new SecT233FieldElement(x); + } + + protected internal override ECPoint CreateRawPoint(ECFieldElement x, ECFieldElement y, bool withCompression) + { + return new SecT233K1Point(this, x, y, withCompression); + } + + protected internal override ECPoint CreateRawPoint(ECFieldElement x, ECFieldElement y, ECFieldElement[] zs, bool withCompression) + { + return new SecT233K1Point(this, x, y, zs, withCompression); + } + + public override ECPoint Infinity + { + get { return m_infinity; } + } + + public override bool IsKoblitz + { + get { return true; } + } + + public virtual int M + { + get { return 233; } + } + + public virtual bool IsTrinomial + { + get { return true; } + } + + public virtual int K1 + { + get { return 74; } + } + + public virtual int K2 + { + get { return 0; } + } + + public virtual int K3 + { + get { return 0; } + } + + public override ECLookupTable CreateCacheSafeLookupTable(ECPoint[] points, int off, int len) + { + ulong[] table = new ulong[len * SECT233K1_FE_LONGS * 2]; + { + int pos = 0; + for (int i = 0; i < len; ++i) + { + ECPoint p = points[off + i]; + Nat256.Copy64(((SecT233FieldElement)p.RawXCoord).x, 0, table, pos); pos += SECT233K1_FE_LONGS; + Nat256.Copy64(((SecT233FieldElement)p.RawYCoord).x, 0, table, pos); pos += SECT233K1_FE_LONGS; + } + } + + return new SecT233K1LookupTable(this, table, len); + } + + private class SecT233K1LookupTable + : AbstractECLookupTable + { + private readonly SecT233K1Curve m_outer; + private readonly ulong[] m_table; + private readonly int m_size; + + internal SecT233K1LookupTable(SecT233K1Curve outer, ulong[] table, int size) + { + this.m_outer = outer; + this.m_table = table; + this.m_size = size; + } + + public override int Size + { + get { return m_size; } + } + + public override ECPoint Lookup(int index) + { + ulong[] x = Nat256.Create64(), y = Nat256.Create64(); + int pos = 0; + + for (int i = 0; i < m_size; ++i) + { + ulong MASK = (ulong)(long)(((i ^ index) - 1) >> 31); + + for (int j = 0; j < SECT233K1_FE_LONGS; ++j) + { + x[j] ^= m_table[pos + j] & MASK; + y[j] ^= m_table[pos + SECT233K1_FE_LONGS + j] & MASK; + } + + pos += (SECT233K1_FE_LONGS * 2); + } + + return CreatePoint(x, y); + } + + public override ECPoint LookupVar(int index) + { + ulong[] x = Nat256.Create64(), y = Nat256.Create64(); + int pos = index * SECT233K1_FE_LONGS * 2; + + for (int j = 0; j < SECT233K1_FE_LONGS; ++j) + { + x[j] = m_table[pos + j]; + y[j] = m_table[pos + SECT233K1_FE_LONGS + j]; + } + + return CreatePoint(x, y); + } + + private ECPoint CreatePoint(ulong[] x, ulong[] y) + { + return m_outer.CreateRawPoint(new SecT233FieldElement(x), new SecT233FieldElement(y), SECT233K1_AFFINE_ZS, false); + } + } + } +} diff --git a/BouncyCastle/crypto/src/math/ec/custom/sec/SecT233K1Point.cs b/BouncyCastle/crypto/src/math/ec/custom/sec/SecT233K1Point.cs new file mode 100644 index 0000000..ffb8655 --- /dev/null +++ b/BouncyCastle/crypto/src/math/ec/custom/sec/SecT233K1Point.cs @@ -0,0 +1,295 @@ +using System; + +namespace Org.BouncyCastle.Math.EC.Custom.Sec +{ + internal class SecT233K1Point + : AbstractF2mPoint + { + /** + * @deprecated Use ECCurve.createPoint to construct points + */ + public SecT233K1Point(ECCurve curve, ECFieldElement x, ECFieldElement y) + : this(curve, x, y, false) + { + } + + /** + * @deprecated per-point compression property will be removed, refer {@link #getEncoded(bool)} + */ + public SecT233K1Point(ECCurve curve, ECFieldElement x, ECFieldElement y, bool withCompression) + : base(curve, x, y, withCompression) + { + if ((x == null) != (y == null)) + throw new ArgumentException("Exactly one of the field elements is null"); + } + + internal SecT233K1Point(ECCurve curve, ECFieldElement x, ECFieldElement y, ECFieldElement[] zs, bool withCompression) + : base(curve, x, y, zs, withCompression) + { + } + + protected override ECPoint Detach() + { + return new SecT233K1Point(null, this.AffineXCoord, this.AffineYCoord); // earlier JDK + } + + public override ECFieldElement YCoord + { + get + { + ECFieldElement X = RawXCoord, L = RawYCoord; + + if (this.IsInfinity || X.IsZero) + return L; + + // Y is actually Lambda (X + Y/X) here; convert to affine value on the fly + ECFieldElement Y = L.Add(X).Multiply(X); + + ECFieldElement Z = RawZCoords[0]; + if (!Z.IsOne) + { + Y = Y.Divide(Z); + } + + return Y; + } + } + + protected internal override bool CompressionYTilde + { + get + { + ECFieldElement X = this.RawXCoord; + if (X.IsZero) + return false; + + ECFieldElement Y = this.RawYCoord; + + // Y is actually Lambda (X + Y/X) here + return Y.TestBitZero() != X.TestBitZero(); + } + } + + public override ECPoint Add(ECPoint b) + { + if (this.IsInfinity) + return b; + if (b.IsInfinity) + return this; + + ECCurve curve = this.Curve; + + ECFieldElement X1 = this.RawXCoord; + ECFieldElement X2 = b.RawXCoord; + + if (X1.IsZero) + { + if (X2.IsZero) + { + return curve.Infinity; + } + + return b.Add(this); + } + + ECFieldElement L1 = this.RawYCoord, Z1 = this.RawZCoords[0]; + ECFieldElement L2 = b.RawYCoord, Z2 = b.RawZCoords[0]; + + bool Z1IsOne = Z1.IsOne; + ECFieldElement U2 = X2, S2 = L2; + if (!Z1IsOne) + { + U2 = U2.Multiply(Z1); + S2 = S2.Multiply(Z1); + } + + bool Z2IsOne = Z2.IsOne; + ECFieldElement U1 = X1, S1 = L1; + if (!Z2IsOne) + { + U1 = U1.Multiply(Z2); + S1 = S1.Multiply(Z2); + } + + ECFieldElement A = S1.Add(S2); + ECFieldElement B = U1.Add(U2); + + if (B.IsZero) + { + if (A.IsZero) + return Twice(); + + return curve.Infinity; + } + + ECFieldElement X3, L3, Z3; + if (X2.IsZero) + { + // TODO This can probably be optimized quite a bit + ECPoint p = this.Normalize(); + X1 = p.XCoord; + ECFieldElement Y1 = p.YCoord; + + ECFieldElement Y2 = L2; + ECFieldElement L = Y1.Add(Y2).Divide(X1); + + X3 = L.Square().Add(L).Add(X1); + if (X3.IsZero) + { + return new SecT233K1Point(curve, X3, curve.B, IsCompressed); + } + + ECFieldElement Y3 = L.Multiply(X1.Add(X3)).Add(X3).Add(Y1); + L3 = Y3.Divide(X3).Add(X3); + Z3 = curve.FromBigInteger(BigInteger.One); + } + else + { + B = B.Square(); + + ECFieldElement AU1 = A.Multiply(U1); + ECFieldElement AU2 = A.Multiply(U2); + + X3 = AU1.Multiply(AU2); + if (X3.IsZero) + { + return new SecT233K1Point(curve, X3, curve.B, IsCompressed); + } + + ECFieldElement ABZ2 = A.Multiply(B); + if (!Z2IsOne) + { + ABZ2 = ABZ2.Multiply(Z2); + } + + L3 = AU2.Add(B).SquarePlusProduct(ABZ2, L1.Add(Z1)); + + Z3 = ABZ2; + if (!Z1IsOne) + { + Z3 = Z3.Multiply(Z1); + } + } + + return new SecT233K1Point(curve, X3, L3, new ECFieldElement[] { Z3 }, IsCompressed); + } + + public override ECPoint Twice() + { + if (this.IsInfinity) + { + return this; + } + + ECCurve curve = this.Curve; + + ECFieldElement X1 = this.RawXCoord; + if (X1.IsZero) + { + // A point with X == 0 is its own additive inverse + return curve.Infinity; + } + + ECFieldElement L1 = this.RawYCoord, Z1 = this.RawZCoords[0]; + + bool Z1IsOne = Z1.IsOne; + ECFieldElement Z1Sq = Z1IsOne ? Z1 : Z1.Square(); + ECFieldElement T; + if (Z1IsOne) + { + T = L1.Square().Add(L1); + } + else + { + T = L1.Add(Z1).Multiply(L1); + } + + if (T.IsZero) + { + return new SecT233K1Point(curve, T, curve.B, IsCompressed); + } + + ECFieldElement X3 = T.Square(); + ECFieldElement Z3 = Z1IsOne ? T : T.Multiply(Z1Sq); + + ECFieldElement t1 = L1.Add(X1).Square(); + ECFieldElement t2 = Z1IsOne ? Z1 : Z1Sq.Square(); + ECFieldElement L3 = t1.Add(T).Add(Z1Sq).Multiply(t1).Add(t2).Add(X3).Add(Z3); + + return new SecT233K1Point(curve, X3, L3, new ECFieldElement[] { Z3 }, IsCompressed); + } + + public override ECPoint TwicePlus(ECPoint b) + { + if (this.IsInfinity) + return b; + if (b.IsInfinity) + return Twice(); + + ECCurve curve = this.Curve; + + ECFieldElement X1 = this.RawXCoord; + if (X1.IsZero) + { + // A point with X == 0 is its own additive inverse + return b; + } + + // NOTE: TwicePlus() only optimized for lambda-affine argument + ECFieldElement X2 = b.RawXCoord, Z2 = b.RawZCoords[0]; + if (X2.IsZero || !Z2.IsOne) + { + return Twice().Add(b); + } + + ECFieldElement L1 = this.RawYCoord, Z1 = this.RawZCoords[0]; + ECFieldElement L2 = b.RawYCoord; + + ECFieldElement X1Sq = X1.Square(); + ECFieldElement L1Sq = L1.Square(); + ECFieldElement Z1Sq = Z1.Square(); + ECFieldElement L1Z1 = L1.Multiply(Z1); + + ECFieldElement T = L1Sq.Add(L1Z1); + ECFieldElement L2plus1 = L2.AddOne(); + ECFieldElement A = L2plus1.Multiply(Z1Sq).Add(L1Sq).MultiplyPlusProduct(T, X1Sq, Z1Sq); + ECFieldElement X2Z1Sq = X2.Multiply(Z1Sq); + ECFieldElement B = X2Z1Sq.Add(T).Square(); + + if (B.IsZero) + { + if (A.IsZero) + { + return b.Twice(); + } + + return curve.Infinity; + } + + if (A.IsZero) + { + return new SecT233K1Point(curve, A, curve.B, IsCompressed); + } + + ECFieldElement X3 = A.Square().Multiply(X2Z1Sq); + ECFieldElement Z3 = A.Multiply(B).Multiply(Z1Sq); + ECFieldElement L3 = A.Add(B).Square().MultiplyPlusProduct(T, L2plus1, Z3); + + return new SecT233K1Point(curve, X3, L3, new ECFieldElement[] { Z3 }, IsCompressed); + } + + public override ECPoint Negate() + { + if (this.IsInfinity) + return this; + + ECFieldElement X = this.RawXCoord; + if (X.IsZero) + return this; + + // L is actually Lambda (X + Y/X) here + ECFieldElement L = this.RawYCoord, Z = this.RawZCoords[0]; + return new SecT233K1Point(Curve, X, L.Add(Z), new ECFieldElement[] { Z }, IsCompressed); + } + } +} diff --git a/BouncyCastle/crypto/src/math/ec/custom/sec/SecT233R1Curve.cs b/BouncyCastle/crypto/src/math/ec/custom/sec/SecT233R1Curve.cs new file mode 100644 index 0000000..7b7e593 --- /dev/null +++ b/BouncyCastle/crypto/src/math/ec/custom/sec/SecT233R1Curve.cs @@ -0,0 +1,177 @@ +using System; + +using Org.BouncyCastle.Math.Raw; +using Org.BouncyCastle.Utilities.Encoders; + +namespace Org.BouncyCastle.Math.EC.Custom.Sec +{ + internal class SecT233R1Curve + : AbstractF2mCurve + { + private const int SECT233R1_DEFAULT_COORDS = COORD_LAMBDA_PROJECTIVE; + private const int SECT233R1_FE_LONGS = 4; + private static readonly ECFieldElement[] SECT233R1_AFFINE_ZS = new ECFieldElement[] { new SecT233FieldElement(BigInteger.One) }; + + protected readonly SecT233R1Point m_infinity; + + public SecT233R1Curve() + : base(233, 74, 0, 0) + { + this.m_infinity = new SecT233R1Point(this, null, null); + + this.m_a = FromBigInteger(BigInteger.One); + this.m_b = FromBigInteger(new BigInteger(1, Hex.DecodeStrict("0066647EDE6C332C7F8C0923BB58213B333B20E9CE4281FE115F7D8F90AD"))); + this.m_order = new BigInteger(1, Hex.DecodeStrict("01000000000000000000000000000013E974E72F8A6922031D2603CFE0D7")); + this.m_cofactor = BigInteger.Two; + + this.m_coord = SECT233R1_DEFAULT_COORDS; + } + + protected override ECCurve CloneCurve() + { + return new SecT233R1Curve(); + } + + public override bool SupportsCoordinateSystem(int coord) + { + switch (coord) + { + case COORD_LAMBDA_PROJECTIVE: + return true; + default: + return false; + } + } + + public override ECPoint Infinity + { + get { return m_infinity; } + } + + public override int FieldSize + { + get { return 233; } + } + + public override ECFieldElement FromBigInteger(BigInteger x) + { + return new SecT233FieldElement(x); + } + + protected internal override ECPoint CreateRawPoint(ECFieldElement x, ECFieldElement y, bool withCompression) + { + return new SecT233R1Point(this, x, y, withCompression); + } + + protected internal override ECPoint CreateRawPoint(ECFieldElement x, ECFieldElement y, ECFieldElement[] zs, bool withCompression) + { + return new SecT233R1Point(this, x, y, zs, withCompression); + } + + public override bool IsKoblitz + { + get { return false; } + } + + public virtual int M + { + get { return 233; } + } + + public virtual bool IsTrinomial + { + get { return true; } + } + + public virtual int K1 + { + get { return 74; } + } + + public virtual int K2 + { + get { return 0; } + } + + public virtual int K3 + { + get { return 0; } + } + + public override ECLookupTable CreateCacheSafeLookupTable(ECPoint[] points, int off, int len) + { + ulong[] table = new ulong[len * SECT233R1_FE_LONGS * 2]; + { + int pos = 0; + for (int i = 0; i < len; ++i) + { + ECPoint p = points[off + i]; + Nat256.Copy64(((SecT233FieldElement)p.RawXCoord).x, 0, table, pos); pos += SECT233R1_FE_LONGS; + Nat256.Copy64(((SecT233FieldElement)p.RawYCoord).x, 0, table, pos); pos += SECT233R1_FE_LONGS; + } + } + + return new SecT233R1LookupTable(this, table, len); + } + + private class SecT233R1LookupTable + : AbstractECLookupTable + { + private readonly SecT233R1Curve m_outer; + private readonly ulong[] m_table; + private readonly int m_size; + + internal SecT233R1LookupTable(SecT233R1Curve outer, ulong[] table, int size) + { + this.m_outer = outer; + this.m_table = table; + this.m_size = size; + } + + public override int Size + { + get { return m_size; } + } + + public override ECPoint Lookup(int index) + { + ulong[] x = Nat256.Create64(), y = Nat256.Create64(); + int pos = 0; + + for (int i = 0; i < m_size; ++i) + { + ulong MASK = (ulong)(long)(((i ^ index) - 1) >> 31); + + for (int j = 0; j < SECT233R1_FE_LONGS; ++j) + { + x[j] ^= m_table[pos + j] & MASK; + y[j] ^= m_table[pos + SECT233R1_FE_LONGS + j] & MASK; + } + + pos += (SECT233R1_FE_LONGS * 2); + } + + return CreatePoint(x, y); + } + + public override ECPoint LookupVar(int index) + { + ulong[] x = Nat256.Create64(), y = Nat256.Create64(); + int pos = index * SECT233R1_FE_LONGS * 2; + + for (int j = 0; j < SECT233R1_FE_LONGS; ++j) + { + x[j] = m_table[pos + j]; + y[j] = m_table[pos + SECT233R1_FE_LONGS + j]; + } + + return CreatePoint(x, y); + } + + private ECPoint CreatePoint(ulong[] x, ulong[] y) + { + return m_outer.CreateRawPoint(new SecT233FieldElement(x), new SecT233FieldElement(y), SECT233R1_AFFINE_ZS, false); + } + } + } +} diff --git a/BouncyCastle/crypto/src/math/ec/custom/sec/SecT233R1Point.cs b/BouncyCastle/crypto/src/math/ec/custom/sec/SecT233R1Point.cs new file mode 100644 index 0000000..b9c6ce6 --- /dev/null +++ b/BouncyCastle/crypto/src/math/ec/custom/sec/SecT233R1Point.cs @@ -0,0 +1,278 @@ +using System; + +namespace Org.BouncyCastle.Math.EC.Custom.Sec +{ + internal class SecT233R1Point + : AbstractF2mPoint + { + /** + * @deprecated Use ECCurve.createPoint to construct points + */ + public SecT233R1Point(ECCurve curve, ECFieldElement x, ECFieldElement y) + : this(curve, x, y, false) + { + } + + /** + * @deprecated per-point compression property will be removed, refer {@link #getEncoded(bool)} + */ + public SecT233R1Point(ECCurve curve, ECFieldElement x, ECFieldElement y, bool withCompression) + : base(curve, x, y, withCompression) + { + if ((x == null) != (y == null)) + throw new ArgumentException("Exactly one of the field elements is null"); + } + + internal SecT233R1Point(ECCurve curve, ECFieldElement x, ECFieldElement y, ECFieldElement[] zs, bool withCompression) + : base(curve, x, y, zs, withCompression) + { + } + + protected override ECPoint Detach() + { + return new SecT233R1Point(null, AffineXCoord, AffineYCoord); + } + + public override ECFieldElement YCoord + { + get + { + ECFieldElement X = RawXCoord, L = RawYCoord; + + if (this.IsInfinity || X.IsZero) + return L; + + // Y is actually Lambda (X + Y/X) here; convert to affine value on the fly + ECFieldElement Y = L.Add(X).Multiply(X); + + ECFieldElement Z = RawZCoords[0]; + if (!Z.IsOne) + { + Y = Y.Divide(Z); + } + + return Y; + } + } + + protected internal override bool CompressionYTilde + { + get + { + ECFieldElement X = this.RawXCoord; + if (X.IsZero) + return false; + + ECFieldElement Y = this.RawYCoord; + + // Y is actually Lambda (X + Y/X) here + return Y.TestBitZero() != X.TestBitZero(); + } + } + + public override ECPoint Add(ECPoint b) + { + if (this.IsInfinity) + return b; + if (b.IsInfinity) + return this; + + ECCurve curve = this.Curve; + + ECFieldElement X1 = this.RawXCoord; + ECFieldElement X2 = b.RawXCoord; + + if (X1.IsZero) + { + if (X2.IsZero) + return curve.Infinity; + + return b.Add(this); + } + + ECFieldElement L1 = this.RawYCoord, Z1 = this.RawZCoords[0]; + ECFieldElement L2 = b.RawYCoord, Z2 = b.RawZCoords[0]; + + bool Z1IsOne = Z1.IsOne; + ECFieldElement U2 = X2, S2 = L2; + if (!Z1IsOne) + { + U2 = U2.Multiply(Z1); + S2 = S2.Multiply(Z1); + } + + bool Z2IsOne = Z2.IsOne; + ECFieldElement U1 = X1, S1 = L1; + if (!Z2IsOne) + { + U1 = U1.Multiply(Z2); + S1 = S1.Multiply(Z2); + } + + ECFieldElement A = S1.Add(S2); + ECFieldElement B = U1.Add(U2); + + if (B.IsZero) + { + if (A.IsZero) + return Twice(); + + return curve.Infinity; + } + + ECFieldElement X3, L3, Z3; + if (X2.IsZero) + { + // TODO This can probably be optimized quite a bit + ECPoint p = this.Normalize(); + X1 = p.XCoord; + ECFieldElement Y1 = p.YCoord; + + ECFieldElement Y2 = L2; + ECFieldElement L = Y1.Add(Y2).Divide(X1); + + X3 = L.Square().Add(L).Add(X1).AddOne(); + if (X3.IsZero) + { + return new SecT233R1Point(curve, X3, curve.B.Sqrt(), IsCompressed); + } + + ECFieldElement Y3 = L.Multiply(X1.Add(X3)).Add(X3).Add(Y1); + L3 = Y3.Divide(X3).Add(X3); + Z3 = curve.FromBigInteger(BigInteger.One); + } + else + { + B = B.Square(); + + ECFieldElement AU1 = A.Multiply(U1); + ECFieldElement AU2 = A.Multiply(U2); + + X3 = AU1.Multiply(AU2); + if (X3.IsZero) + { + return new SecT233R1Point(curve, X3, curve.B.Sqrt(), IsCompressed); + } + + ECFieldElement ABZ2 = A.Multiply(B); + if (!Z2IsOne) + { + ABZ2 = ABZ2.Multiply(Z2); + } + + L3 = AU2.Add(B).SquarePlusProduct(ABZ2, L1.Add(Z1)); + + Z3 = ABZ2; + if (!Z1IsOne) + { + Z3 = Z3.Multiply(Z1); + } + } + + return new SecT233R1Point(curve, X3, L3, new ECFieldElement[] { Z3 }, IsCompressed); + } + + public override ECPoint Twice() + { + if (this.IsInfinity) + return this; + + ECCurve curve = this.Curve; + + ECFieldElement X1 = this.RawXCoord; + if (X1.IsZero) + { + // A point with X == 0 is its own additive inverse + return curve.Infinity; + } + + ECFieldElement L1 = this.RawYCoord, Z1 = this.RawZCoords[0]; + + bool Z1IsOne = Z1.IsOne; + ECFieldElement L1Z1 = Z1IsOne ? L1 : L1.Multiply(Z1); + ECFieldElement Z1Sq = Z1IsOne ? Z1 : Z1.Square(); + ECFieldElement T = L1.Square().Add(L1Z1).Add(Z1Sq); + if (T.IsZero) + { + return new SecT233R1Point(curve, T, curve.B.Sqrt(), IsCompressed); + } + + ECFieldElement X3 = T.Square(); + ECFieldElement Z3 = Z1IsOne ? T : T.Multiply(Z1Sq); + + ECFieldElement X1Z1 = Z1IsOne ? X1 : X1.Multiply(Z1); + ECFieldElement L3 = X1Z1.SquarePlusProduct(T, L1Z1).Add(X3).Add(Z3); + + return new SecT233R1Point(curve, X3, L3, new ECFieldElement[] { Z3 }, IsCompressed); + } + + public override ECPoint TwicePlus(ECPoint b) + { + if (this.IsInfinity) + return b; + if (b.IsInfinity) + return Twice(); + + ECCurve curve = this.Curve; + + ECFieldElement X1 = this.RawXCoord; + if (X1.IsZero) + { + // A point with X == 0 is its own additive inverse + return b; + } + + ECFieldElement X2 = b.RawXCoord, Z2 = b.RawZCoords[0]; + if (X2.IsZero || !Z2.IsOne) + { + return Twice().Add(b); + } + + ECFieldElement L1 = this.RawYCoord, Z1 = this.RawZCoords[0]; + ECFieldElement L2 = b.RawYCoord; + + ECFieldElement X1Sq = X1.Square(); + ECFieldElement L1Sq = L1.Square(); + ECFieldElement Z1Sq = Z1.Square(); + ECFieldElement L1Z1 = L1.Multiply(Z1); + + ECFieldElement T = Z1Sq.Add(L1Sq).Add(L1Z1); + ECFieldElement A = L2.Multiply(Z1Sq).Add(L1Sq).MultiplyPlusProduct(T, X1Sq, Z1Sq); + ECFieldElement X2Z1Sq = X2.Multiply(Z1Sq); + ECFieldElement B = X2Z1Sq.Add(T).Square(); + + if (B.IsZero) + { + if (A.IsZero) + return b.Twice(); + + return curve.Infinity; + } + + if (A.IsZero) + { + return new SecT233R1Point(curve, A, curve.B.Sqrt(), IsCompressed); + } + + ECFieldElement X3 = A.Square().Multiply(X2Z1Sq); + ECFieldElement Z3 = A.Multiply(B).Multiply(Z1Sq); + ECFieldElement L3 = A.Add(B).Square().MultiplyPlusProduct(T, L2.AddOne(), Z3); + + return new SecT233R1Point(curve, X3, L3, new ECFieldElement[] { Z3 }, IsCompressed); + } + + public override ECPoint Negate() + { + if (this.IsInfinity) + return this; + + ECFieldElement X = this.RawXCoord; + if (X.IsZero) + return this; + + // L is actually Lambda (X + Y/X) here + ECFieldElement L = this.RawYCoord, Z = this.RawZCoords[0]; + return new SecT233R1Point(Curve, X, L.Add(Z), new ECFieldElement[] { Z }, IsCompressed); + } + } +} diff --git a/BouncyCastle/crypto/src/math/ec/custom/sec/SecT239Field.cs b/BouncyCastle/crypto/src/math/ec/custom/sec/SecT239Field.cs new file mode 100644 index 0000000..ce2e3ba --- /dev/null +++ b/BouncyCastle/crypto/src/math/ec/custom/sec/SecT239Field.cs @@ -0,0 +1,344 @@ +using System; +using System.Diagnostics; + +using Org.BouncyCastle.Math.Raw; + +namespace Org.BouncyCastle.Math.EC.Custom.Sec +{ + internal class SecT239Field + { + private const ulong M47 = ulong.MaxValue >> 17; + private const ulong M60 = ulong.MaxValue >> 4; + + public static void Add(ulong[] x, ulong[] y, ulong[] z) + { + z[0] = x[0] ^ y[0]; + z[1] = x[1] ^ y[1]; + z[2] = x[2] ^ y[2]; + z[3] = x[3] ^ y[3]; + } + + public static void AddExt(ulong[] xx, ulong[] yy, ulong[] zz) + { + zz[0] = xx[0] ^ yy[0]; + zz[1] = xx[1] ^ yy[1]; + zz[2] = xx[2] ^ yy[2]; + zz[3] = xx[3] ^ yy[3]; + zz[4] = xx[4] ^ yy[4]; + zz[5] = xx[5] ^ yy[5]; + zz[6] = xx[6] ^ yy[6]; + zz[7] = xx[7] ^ yy[7]; + } + + public static void AddOne(ulong[] x, ulong[] z) + { + z[0] = x[0] ^ 1UL; + z[1] = x[1]; + z[2] = x[2]; + z[3] = x[3]; + } + + private static void AddTo(ulong[] x, ulong[] z) + { + z[0] ^= x[0]; + z[1] ^= x[1]; + z[2] ^= x[2]; + z[3] ^= x[3]; + } + + public static ulong[] FromBigInteger(BigInteger x) + { + return Nat.FromBigInteger64(239, x); + } + + public static void HalfTrace(ulong[] x, ulong[] z) + { + ulong[] tt = Nat256.CreateExt64(); + + Nat256.Copy64(x, z); + for (int i = 1; i < 239; i += 2) + { + ImplSquare(z, tt); + Reduce(tt, z); + ImplSquare(z, tt); + Reduce(tt, z); + AddTo(x, z); + } + } + + public static void Invert(ulong[] x, ulong[] z) + { + if (Nat256.IsZero64(x)) + throw new InvalidOperationException(); + + // Itoh-Tsujii inversion + + ulong[] t0 = Nat256.Create64(); + ulong[] t1 = Nat256.Create64(); + + Square(x, t0); + Multiply(t0, x, t0); + Square(t0, t0); + Multiply(t0, x, t0); + SquareN(t0, 3, t1); + Multiply(t1, t0, t1); + Square(t1, t1); + Multiply(t1, x, t1); + SquareN(t1, 7, t0); + Multiply(t0, t1, t0); + SquareN(t0, 14, t1); + Multiply(t1, t0, t1); + Square(t1, t1); + Multiply(t1, x, t1); + SquareN(t1, 29, t0); + Multiply(t0, t1, t0); + Square(t0, t0); + Multiply(t0, x, t0); + SquareN(t0, 59, t1); + Multiply(t1, t0, t1); + Square(t1, t1); + Multiply(t1, x, t1); + SquareN(t1, 119, t0); + Multiply(t0, t1, t0); + Square(t0, z); + } + + public static void Multiply(ulong[] x, ulong[] y, ulong[] z) + { + ulong[] tt = Nat256.CreateExt64(); + ImplMultiply(x, y, tt); + Reduce(tt, z); + } + + public static void MultiplyAddToExt(ulong[] x, ulong[] y, ulong[] zz) + { + ulong[] tt = Nat256.CreateExt64(); + ImplMultiply(x, y, tt); + AddExt(zz, tt, zz); + } + + public static void Reduce(ulong[] xx, ulong[] z) + { + ulong x0 = xx[0], x1 = xx[1], x2 = xx[2], x3 = xx[3]; + ulong x4 = xx[4], x5 = xx[5], x6 = xx[6], x7 = xx[7]; + + x3 ^= (x7 << 17); + x4 ^= (x7 >> 47); + x5 ^= (x7 << 47); + x6 ^= (x7 >> 17); + + x2 ^= (x6 << 17); + x3 ^= (x6 >> 47); + x4 ^= (x6 << 47); + x5 ^= (x6 >> 17); + + x1 ^= (x5 << 17); + x2 ^= (x5 >> 47); + x3 ^= (x5 << 47); + x4 ^= (x5 >> 17); + + x0 ^= (x4 << 17); + x1 ^= (x4 >> 47); + x2 ^= (x4 << 47); + x3 ^= (x4 >> 17); + + ulong t = x3 >> 47; + z[0] = x0 ^ t; + z[1] = x1; + z[2] = x2 ^ (t << 30); + z[3] = x3 & M47; + } + + public static void Reduce17(ulong[] z, int zOff) + { + ulong z3 = z[zOff + 3], t = z3 >> 47; + z[zOff ] ^= t; + z[zOff + 2] ^= (t << 30); + z[zOff + 3] = z3 & M47; + } + + public static void Sqrt(ulong[] x, ulong[] z) + { + ulong u0, u1; + u0 = Interleave.Unshuffle(x[0]); u1 = Interleave.Unshuffle(x[1]); + ulong e0 = (u0 & 0x00000000FFFFFFFFUL) | (u1 << 32); + ulong c0 = (u0 >> 32) | (u1 & 0xFFFFFFFF00000000UL); + + u0 = Interleave.Unshuffle(x[2]); u1 = Interleave.Unshuffle(x[3]); + ulong e1 = (u0 & 0x00000000FFFFFFFFUL) | (u1 << 32); + ulong c1 = (u0 >> 32) | (u1 & 0xFFFFFFFF00000000UL); + + ulong c2, c3; + c3 = (c1 >> 49); + c2 = (c0 >> 49) | (c1 << 15); + c1 ^= (c0 << 15); + + ulong[] tt = Nat256.CreateExt64(); + + int[] shifts = { 39, 120 }; + for (int i = 0; i < shifts.Length; ++i) + { + int w = shifts[i] >> 6, s = shifts[i] & 63; + Debug.Assert(s != 0); + tt[w ] ^= (c0 << s); + tt[w + 1] ^= (c1 << s) | (c0 >> -s); + tt[w + 2] ^= (c2 << s) | (c1 >> -s); + tt[w + 3] ^= (c3 << s) | (c2 >> -s); + tt[w + 4] ^= (c3 >> -s); + } + + Reduce(tt, z); + + z[0] ^= e0; + z[1] ^= e1; + } + + public static void Square(ulong[] x, ulong[] z) + { + ulong[] tt = Nat256.CreateExt64(); + ImplSquare(x, tt); + Reduce(tt, z); + } + + public static void SquareAddToExt(ulong[] x, ulong[] zz) + { + ulong[] tt = Nat256.CreateExt64(); + ImplSquare(x, tt); + AddExt(zz, tt, zz); + } + + public static void SquareN(ulong[] x, int n, ulong[] z) + { + Debug.Assert(n > 0); + + ulong[] tt = Nat256.CreateExt64(); + ImplSquare(x, tt); + Reduce(tt, z); + + while (--n > 0) + { + ImplSquare(z, tt); + Reduce(tt, z); + } + } + + public static uint Trace(ulong[] x) + { + // Non-zero-trace bits: 0, 81, 162 + return (uint)(x[0] ^ (x[1] >> 17) ^ (x[2] >> 34)) & 1U; + } + + protected static void ImplCompactExt(ulong[] zz) + { + ulong z0 = zz[0], z1 = zz[1], z2 = zz[2], z3 = zz[3], z4 = zz[4], z5 = zz[5], z6 = zz[6], z7 = zz[7]; + zz[0] = z0 ^ (z1 << 60); + zz[1] = (z1 >> 4) ^ (z2 << 56); + zz[2] = (z2 >> 8) ^ (z3 << 52); + zz[3] = (z3 >> 12) ^ (z4 << 48); + zz[4] = (z4 >> 16) ^ (z5 << 44); + zz[5] = (z5 >> 20) ^ (z6 << 40); + zz[6] = (z6 >> 24) ^ (z7 << 36); + zz[7] = (z7 >> 28); + } + + protected static void ImplExpand(ulong[] x, ulong[] z) + { + ulong x0 = x[0], x1 = x[1], x2 = x[2], x3 = x[3]; + z[0] = x0 & M60; + z[1] = ((x0 >> 60) ^ (x1 << 4)) & M60; + z[2] = ((x1 >> 56) ^ (x2 << 8)) & M60; + z[3] = ((x2 >> 52) ^ (x3 << 12)); + } + + protected static void ImplMultiply(ulong[] x, ulong[] y, ulong[] zz) + { + /* + * "Two-level seven-way recursion" as described in "Batch binary Edwards", Daniel J. Bernstein. + */ + + ulong[] f = new ulong[4], g = new ulong[4]; + ImplExpand(x, f); + ImplExpand(y, g); + + ulong[] u = new ulong[8]; + + ImplMulwAcc(u, f[0], g[0], zz, 0); + ImplMulwAcc(u, f[1], g[1], zz, 1); + ImplMulwAcc(u, f[2], g[2], zz, 2); + ImplMulwAcc(u, f[3], g[3], zz, 3); + + // U *= (1 - t^n) + for (int i = 5; i > 0; --i) + { + zz[i] ^= zz[i - 1]; + } + + ImplMulwAcc(u, f[0] ^ f[1], g[0] ^ g[1], zz, 1); + ImplMulwAcc(u, f[2] ^ f[3], g[2] ^ g[3], zz, 3); + + // V *= (1 - t^2n) + for (int i = 7; i > 1; --i) + { + zz[i] ^= zz[i - 2]; + } + + // Double-length recursion + { + ulong c0 = f[0] ^ f[2], c1 = f[1] ^ f[3]; + ulong d0 = g[0] ^ g[2], d1 = g[1] ^ g[3]; + ImplMulwAcc(u, c0 ^ c1, d0 ^ d1, zz, 3); + ulong[] t = new ulong[3]; + ImplMulwAcc(u, c0, d0, t, 0); + ImplMulwAcc(u, c1, d1, t, 1); + ulong t0 = t[0], t1 = t[1], t2 = t[2]; + zz[2] ^= t0; + zz[3] ^= t0 ^ t1; + zz[4] ^= t2 ^ t1; + zz[5] ^= t2; + } + + ImplCompactExt(zz); + } + + protected static void ImplMulwAcc(ulong[] u, ulong x, ulong y, ulong[] z, int zOff) + { + Debug.Assert(x >> 60 == 0); + Debug.Assert(y >> 60 == 0); + + //u[0] = 0; + u[1] = y; + u[2] = u[1] << 1; + u[3] = u[2] ^ y; + u[4] = u[2] << 1; + u[5] = u[4] ^ y; + u[6] = u[3] << 1; + u[7] = u[6] ^ y; + + uint j = (uint)x; + ulong g, h = 0, l = u[j & 7] + ^ (u[(j >> 3) & 7] << 3); + int k = 54; + do + { + j = (uint)(x >> k); + g = u[j & 7] + ^ u[(j >> 3) & 7] << 3; + l ^= (g << k); + h ^= (g >> -k); + } + while ((k -= 6) > 0); + + h ^= ((x & 0x0820820820820820L) & (ulong)(((long)y << 4) >> 63)) >> 5; + + Debug.Assert(h >> 55 == 0); + + z[zOff ] ^= l & M60; + z[zOff + 1] ^= (l >> 60) ^ (h << 4); + } + + protected static void ImplSquare(ulong[] x, ulong[] zz) + { + Interleave.Expand64To128(x, 0, 4, zz, 0); + } + } +} diff --git a/BouncyCastle/crypto/src/math/ec/custom/sec/SecT239FieldElement.cs b/BouncyCastle/crypto/src/math/ec/custom/sec/SecT239FieldElement.cs new file mode 100644 index 0000000..9f1bf67 --- /dev/null +++ b/BouncyCastle/crypto/src/math/ec/custom/sec/SecT239FieldElement.cs @@ -0,0 +1,233 @@ +using System; + +using Org.BouncyCastle.Math.Raw; +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Math.EC.Custom.Sec +{ + internal class SecT239FieldElement + : AbstractF2mFieldElement + { + protected internal readonly ulong[] x; + + public SecT239FieldElement(BigInteger x) + { + if (x == null || x.SignValue < 0 || x.BitLength > 239) + throw new ArgumentException("value invalid for SecT239FieldElement", "x"); + + this.x = SecT239Field.FromBigInteger(x); + } + + public SecT239FieldElement() + { + this.x = Nat256.Create64(); + } + + protected internal SecT239FieldElement(ulong[] x) + { + this.x = x; + } + + public override bool IsOne + { + get { return Nat256.IsOne64(x); } + } + + public override bool IsZero + { + get { return Nat256.IsZero64(x); } + } + + public override bool TestBitZero() + { + return (x[0] & 1L) != 0L; + } + + public override BigInteger ToBigInteger() + { + return Nat256.ToBigInteger64(x); + } + + public override string FieldName + { + get { return "SecT239Field"; } + } + + public override int FieldSize + { + get { return 239; } + } + + public override ECFieldElement Add(ECFieldElement b) + { + ulong[] z = Nat256.Create64(); + SecT239Field.Add(x, ((SecT239FieldElement)b).x, z); + return new SecT239FieldElement(z); + } + + public override ECFieldElement AddOne() + { + ulong[] z = Nat256.Create64(); + SecT239Field.AddOne(x, z); + return new SecT239FieldElement(z); + } + + public override ECFieldElement Subtract(ECFieldElement b) + { + // Addition and Subtraction are the same in F2m + return Add(b); + } + + public override ECFieldElement Multiply(ECFieldElement b) + { + ulong[] z = Nat256.Create64(); + SecT239Field.Multiply(x, ((SecT239FieldElement)b).x, z); + return new SecT239FieldElement(z); + } + + public override ECFieldElement MultiplyMinusProduct(ECFieldElement b, ECFieldElement x, ECFieldElement y) + { + return MultiplyPlusProduct(b, x, y); + } + + public override ECFieldElement MultiplyPlusProduct(ECFieldElement b, ECFieldElement x, ECFieldElement y) + { + ulong[] ax = this.x, bx = ((SecT239FieldElement)b).x; + ulong[] xx = ((SecT239FieldElement)x).x, yx = ((SecT239FieldElement)y).x; + + ulong[] tt = Nat256.CreateExt64(); + SecT239Field.MultiplyAddToExt(ax, bx, tt); + SecT239Field.MultiplyAddToExt(xx, yx, tt); + + ulong[] z = Nat256.Create64(); + SecT239Field.Reduce(tt, z); + return new SecT239FieldElement(z); + } + + public override ECFieldElement Divide(ECFieldElement b) + { + return Multiply(b.Invert()); + } + + public override ECFieldElement Negate() + { + return this; + } + + public override ECFieldElement Square() + { + ulong[] z = Nat256.Create64(); + SecT239Field.Square(x, z); + return new SecT239FieldElement(z); + } + + public override ECFieldElement SquareMinusProduct(ECFieldElement x, ECFieldElement y) + { + return SquarePlusProduct(x, y); + } + + public override ECFieldElement SquarePlusProduct(ECFieldElement x, ECFieldElement y) + { + ulong[] ax = this.x; + ulong[] xx = ((SecT239FieldElement)x).x, yx = ((SecT239FieldElement)y).x; + + ulong[] tt = Nat256.CreateExt64(); + SecT239Field.SquareAddToExt(ax, tt); + SecT239Field.MultiplyAddToExt(xx, yx, tt); + + ulong[] z = Nat256.Create64(); + SecT239Field.Reduce(tt, z); + return new SecT239FieldElement(z); + } + + public override ECFieldElement SquarePow(int pow) + { + if (pow < 1) + return this; + + ulong[] z = Nat256.Create64(); + SecT239Field.SquareN(x, pow, z); + return new SecT239FieldElement(z); + } + + public override ECFieldElement HalfTrace() + { + ulong[] z = Nat256.Create64(); + SecT239Field.HalfTrace(x, z); + return new SecT239FieldElement(z); + } + + public override bool HasFastTrace + { + get { return true; } + } + + public override int Trace() + { + return (int)SecT239Field.Trace(x); + } + + public override ECFieldElement Invert() + { + ulong[] z = Nat256.Create64(); + SecT239Field.Invert(x, z); + return new SecT239FieldElement(z); + } + + public override ECFieldElement Sqrt() + { + ulong[] z = Nat256.Create64(); + SecT239Field.Sqrt(x, z); + return new SecT239FieldElement(z); + } + + public virtual int Representation + { + get { return F2mFieldElement.Tpb; } + } + + public virtual int M + { + get { return 239; } + } + + public virtual int K1 + { + get { return 158; } + } + + public virtual int K2 + { + get { return 0; } + } + + public virtual int K3 + { + get { return 0; } + } + + public override bool Equals(object obj) + { + return Equals(obj as SecT239FieldElement); + } + + public override bool Equals(ECFieldElement other) + { + return Equals(other as SecT239FieldElement); + } + + public virtual bool Equals(SecT239FieldElement other) + { + if (this == other) + return true; + if (null == other) + return false; + return Nat256.Eq64(x, other.x); + } + + public override int GetHashCode() + { + return 23900158 ^ Arrays.GetHashCode(x, 0, 4); + } + } +} diff --git a/BouncyCastle/crypto/src/math/ec/custom/sec/SecT239K1Curve.cs b/BouncyCastle/crypto/src/math/ec/custom/sec/SecT239K1Curve.cs new file mode 100644 index 0000000..48854ce --- /dev/null +++ b/BouncyCastle/crypto/src/math/ec/custom/sec/SecT239K1Curve.cs @@ -0,0 +1,183 @@ +using System; + +using Org.BouncyCastle.Math.EC.Multiplier; +using Org.BouncyCastle.Math.Raw; +using Org.BouncyCastle.Utilities.Encoders; + +namespace Org.BouncyCastle.Math.EC.Custom.Sec +{ + internal class SecT239K1Curve + : AbstractF2mCurve + { + private const int SECT239K1_DEFAULT_COORDS = COORD_LAMBDA_PROJECTIVE; + private const int SECT239K1_FE_LONGS = 4; + private static readonly ECFieldElement[] SECT239K1_AFFINE_ZS = new ECFieldElement[] { new SecT239FieldElement(BigInteger.One) }; + + protected readonly SecT239K1Point m_infinity; + + public SecT239K1Curve() + : base(239, 158, 0, 0) + { + this.m_infinity = new SecT239K1Point(this, null, null); + + this.m_a = FromBigInteger(BigInteger.Zero); + this.m_b = FromBigInteger(BigInteger.One); + this.m_order = new BigInteger(1, Hex.DecodeStrict("2000000000000000000000000000005A79FEC67CB6E91F1C1DA800E478A5")); + this.m_cofactor = BigInteger.ValueOf(4); + + this.m_coord = SECT239K1_DEFAULT_COORDS; + } + + protected override ECCurve CloneCurve() + { + return new SecT239K1Curve(); + } + + public override bool SupportsCoordinateSystem(int coord) + { + switch (coord) + { + case COORD_LAMBDA_PROJECTIVE: + return true; + default: + return false; + } + } + + protected override ECMultiplier CreateDefaultMultiplier() + { + return new WTauNafMultiplier(); + } + + public override ECPoint Infinity + { + get { return m_infinity; } + } + + public override int FieldSize + { + get { return 239; } + } + + public override ECFieldElement FromBigInteger(BigInteger x) + { + return new SecT239FieldElement(x); + } + + protected internal override ECPoint CreateRawPoint(ECFieldElement x, ECFieldElement y, bool withCompression) + { + return new SecT239K1Point(this, x, y, withCompression); + } + + protected internal override ECPoint CreateRawPoint(ECFieldElement x, ECFieldElement y, ECFieldElement[] zs, bool withCompression) + { + return new SecT239K1Point(this, x, y, zs, withCompression); + } + + public override bool IsKoblitz + { + get { return true; } + } + + public virtual int M + { + get { return 239; } + } + + public virtual bool IsTrinomial + { + get { return true; } + } + + public virtual int K1 + { + get { return 158; } + } + + public virtual int K2 + { + get { return 0; } + } + + public virtual int K3 + { + get { return 0; } + } + + public override ECLookupTable CreateCacheSafeLookupTable(ECPoint[] points, int off, int len) + { + ulong[] table = new ulong[len * SECT239K1_FE_LONGS * 2]; + { + int pos = 0; + for (int i = 0; i < len; ++i) + { + ECPoint p = points[off + i]; + Nat256.Copy64(((SecT239FieldElement)p.RawXCoord).x, 0, table, pos); pos += SECT239K1_FE_LONGS; + Nat256.Copy64(((SecT239FieldElement)p.RawYCoord).x, 0, table, pos); pos += SECT239K1_FE_LONGS; + } + } + + return new SecT239K1LookupTable(this, table, len); + } + + private class SecT239K1LookupTable + : AbstractECLookupTable + { + private readonly SecT239K1Curve m_outer; + private readonly ulong[] m_table; + private readonly int m_size; + + internal SecT239K1LookupTable(SecT239K1Curve outer, ulong[] table, int size) + { + this.m_outer = outer; + this.m_table = table; + this.m_size = size; + } + + public override int Size + { + get { return m_size; } + } + + public override ECPoint Lookup(int index) + { + ulong[] x = Nat256.Create64(), y = Nat256.Create64(); + int pos = 0; + + for (int i = 0; i < m_size; ++i) + { + ulong MASK = (ulong)(long)(((i ^ index) - 1) >> 31); + + for (int j = 0; j < SECT239K1_FE_LONGS; ++j) + { + x[j] ^= m_table[pos + j] & MASK; + y[j] ^= m_table[pos + SECT239K1_FE_LONGS + j] & MASK; + } + + pos += (SECT239K1_FE_LONGS * 2); + } + + return CreatePoint(x, y); + } + + public override ECPoint LookupVar(int index) + { + ulong[] x = Nat256.Create64(), y = Nat256.Create64(); + int pos = index * SECT239K1_FE_LONGS * 2; + + for (int j = 0; j < SECT239K1_FE_LONGS; ++j) + { + x[j] = m_table[pos + j]; + y[j] = m_table[pos + SECT239K1_FE_LONGS + j]; + } + + return CreatePoint(x, y); + } + + private ECPoint CreatePoint(ulong[] x, ulong[] y) + { + return m_outer.CreateRawPoint(new SecT239FieldElement(x), new SecT239FieldElement(y), SECT239K1_AFFINE_ZS, false); + } + } + } +} diff --git a/BouncyCastle/crypto/src/math/ec/custom/sec/SecT239K1Point.cs b/BouncyCastle/crypto/src/math/ec/custom/sec/SecT239K1Point.cs new file mode 100644 index 0000000..36b4606 --- /dev/null +++ b/BouncyCastle/crypto/src/math/ec/custom/sec/SecT239K1Point.cs @@ -0,0 +1,290 @@ +using System; + +namespace Org.BouncyCastle.Math.EC.Custom.Sec +{ + internal class SecT239K1Point + : AbstractF2mPoint + { + /** + * @deprecated Use ECCurve.createPoint to construct points + */ + public SecT239K1Point(ECCurve curve, ECFieldElement x, ECFieldElement y) + : this(curve, x, y, false) + { + } + + /** + * @deprecated per-point compression property will be removed, refer {@link #getEncoded(bool)} + */ + public SecT239K1Point(ECCurve curve, ECFieldElement x, ECFieldElement y, bool withCompression) + : base(curve, x, y, withCompression) + { + if ((x == null) != (y == null)) + throw new ArgumentException("Exactly one of the field elements is null"); + } + + internal SecT239K1Point(ECCurve curve, ECFieldElement x, ECFieldElement y, ECFieldElement[] zs, bool withCompression) + : base(curve, x, y, zs, withCompression) + { + } + + protected override ECPoint Detach() + { + return new SecT239K1Point(null, this.AffineXCoord, this.AffineYCoord); // earlier JDK + } + + public override ECFieldElement YCoord + { + get + { + ECFieldElement X = RawXCoord, L = RawYCoord; + + if (this.IsInfinity || X.IsZero) + return L; + + // Y is actually Lambda (X + Y/X) here; convert to affine value on the fly + ECFieldElement Y = L.Add(X).Multiply(X); + + ECFieldElement Z = RawZCoords[0]; + if (!Z.IsOne) + { + Y = Y.Divide(Z); + } + + return Y; + } + } + + protected internal override bool CompressionYTilde + { + get + { + ECFieldElement X = this.RawXCoord; + if (X.IsZero) + return false; + + ECFieldElement Y = this.RawYCoord; + + // Y is actually Lambda (X + Y/X) here + return Y.TestBitZero() != X.TestBitZero(); + } + } + + public override ECPoint Add(ECPoint b) + { + if (this.IsInfinity) + return b; + if (b.IsInfinity) + return this; + + ECCurve curve = this.Curve; + + ECFieldElement X1 = this.RawXCoord; + ECFieldElement X2 = b.RawXCoord; + + if (X1.IsZero) + { + if (X2.IsZero) + return curve.Infinity; + + return b.Add(this); + } + + ECFieldElement L1 = this.RawYCoord, Z1 = this.RawZCoords[0]; + ECFieldElement L2 = b.RawYCoord, Z2 = b.RawZCoords[0]; + + bool Z1IsOne = Z1.IsOne; + ECFieldElement U2 = X2, S2 = L2; + if (!Z1IsOne) + { + U2 = U2.Multiply(Z1); + S2 = S2.Multiply(Z1); + } + + bool Z2IsOne = Z2.IsOne; + ECFieldElement U1 = X1, S1 = L1; + if (!Z2IsOne) + { + U1 = U1.Multiply(Z2); + S1 = S1.Multiply(Z2); + } + + ECFieldElement A = S1.Add(S2); + ECFieldElement B = U1.Add(U2); + + if (B.IsZero) + { + if (A.IsZero) + return Twice(); + + return curve.Infinity; + } + + ECFieldElement X3, L3, Z3; + if (X2.IsZero) + { + // TODO This can probably be optimized quite a bit + ECPoint p = this.Normalize(); + X1 = p.XCoord; + ECFieldElement Y1 = p.YCoord; + + ECFieldElement Y2 = L2; + ECFieldElement L = Y1.Add(Y2).Divide(X1); + + X3 = L.Square().Add(L).Add(X1); + if (X3.IsZero) + { + return new SecT239K1Point(curve, X3, curve.B, IsCompressed); + } + + ECFieldElement Y3 = L.Multiply(X1.Add(X3)).Add(X3).Add(Y1); + L3 = Y3.Divide(X3).Add(X3); + Z3 = curve.FromBigInteger(BigInteger.One); + } + else + { + B = B.Square(); + + ECFieldElement AU1 = A.Multiply(U1); + ECFieldElement AU2 = A.Multiply(U2); + + X3 = AU1.Multiply(AU2); + if (X3.IsZero) + { + return new SecT239K1Point(curve, X3, curve.B, IsCompressed); + } + + ECFieldElement ABZ2 = A.Multiply(B); + if (!Z2IsOne) + { + ABZ2 = ABZ2.Multiply(Z2); + } + + L3 = AU2.Add(B).SquarePlusProduct(ABZ2, L1.Add(Z1)); + + Z3 = ABZ2; + if (!Z1IsOne) + { + Z3 = Z3.Multiply(Z1); + } + } + + return new SecT239K1Point(curve, X3, L3, new ECFieldElement[] { Z3 }, IsCompressed); + } + + public override ECPoint Twice() + { + if (this.IsInfinity) + return this; + + ECCurve curve = this.Curve; + + ECFieldElement X1 = this.RawXCoord; + if (X1.IsZero) + { + // A point with X == 0 is its own additive inverse + return curve.Infinity; + } + + + ECFieldElement L1 = this.RawYCoord, Z1 = this.RawZCoords[0]; + + bool Z1IsOne = Z1.IsOne; + ECFieldElement Z1Sq = Z1IsOne ? Z1 : Z1.Square(); + ECFieldElement T; + if (Z1IsOne) + { + T = L1.Square().Add(L1); + } + else + { + T = L1.Add(Z1).Multiply(L1); + } + + if (T.IsZero) + { + return new SecT239K1Point(curve, T, curve.B, IsCompressed); + } + + ECFieldElement X3 = T.Square(); + ECFieldElement Z3 = Z1IsOne ? T : T.Multiply(Z1Sq); + + ECFieldElement t1 = L1.Add(X1).Square(); + ECFieldElement t2 = Z1IsOne ? Z1 : Z1Sq.Square(); + ECFieldElement L3 = t1.Add(T).Add(Z1Sq).Multiply(t1).Add(t2).Add(X3).Add(Z3); + + return new SecT239K1Point(curve, X3, L3, new ECFieldElement[] { Z3 }, IsCompressed); + } + + public override ECPoint TwicePlus(ECPoint b) + { + if (this.IsInfinity) + return b; + if (b.IsInfinity) + return Twice(); + + ECCurve curve = this.Curve; + + ECFieldElement X1 = this.RawXCoord; + if (X1.IsZero) + { + // A point with X == 0 is its own additive inverse + return b; + } + + // NOTE: TwicePlus() only optimized for lambda-affine argument + ECFieldElement X2 = b.RawXCoord, Z2 = b.RawZCoords[0]; + if (X2.IsZero || !Z2.IsOne) + { + return Twice().Add(b); + } + + ECFieldElement L1 = this.RawYCoord, Z1 = this.RawZCoords[0]; + ECFieldElement L2 = b.RawYCoord; + + ECFieldElement X1Sq = X1.Square(); + ECFieldElement L1Sq = L1.Square(); + ECFieldElement Z1Sq = Z1.Square(); + ECFieldElement L1Z1 = L1.Multiply(Z1); + + ECFieldElement T = L1Sq.Add(L1Z1); + ECFieldElement L2plus1 = L2.AddOne(); + ECFieldElement A = L2plus1.Multiply(Z1Sq).Add(L1Sq).MultiplyPlusProduct(T, X1Sq, Z1Sq); + ECFieldElement X2Z1Sq = X2.Multiply(Z1Sq); + ECFieldElement B = X2Z1Sq.Add(T).Square(); + + if (B.IsZero) + { + if (A.IsZero) + return b.Twice(); + + return curve.Infinity; + } + + if (A.IsZero) + { + return new SecT239K1Point(curve, A, curve.B, IsCompressed); + } + + ECFieldElement X3 = A.Square().Multiply(X2Z1Sq); + ECFieldElement Z3 = A.Multiply(B).Multiply(Z1Sq); + ECFieldElement L3 = A.Add(B).Square().MultiplyPlusProduct(T, L2plus1, Z3); + + return new SecT239K1Point(curve, X3, L3, new ECFieldElement[] { Z3 }, IsCompressed); + } + + public override ECPoint Negate() + { + if (this.IsInfinity) + return this; + + ECFieldElement X = this.RawXCoord; + if (X.IsZero) + return this; + + // L is actually Lambda (X + Y/X) here + ECFieldElement L = this.RawYCoord, Z = this.RawZCoords[0]; + return new SecT239K1Point(Curve, X, L.Add(Z), new ECFieldElement[] { Z }, IsCompressed); + } + } +} diff --git a/BouncyCastle/crypto/src/math/ec/custom/sec/SecT283Field.cs b/BouncyCastle/crypto/src/math/ec/custom/sec/SecT283Field.cs new file mode 100644 index 0000000..61a1c9a --- /dev/null +++ b/BouncyCastle/crypto/src/math/ec/custom/sec/SecT283Field.cs @@ -0,0 +1,422 @@ +using System; +using System.Diagnostics; + +using Org.BouncyCastle.Math.Raw; + +namespace Org.BouncyCastle.Math.EC.Custom.Sec +{ + internal class SecT283Field + { + private const ulong M27 = ulong.MaxValue >> 37; + private const ulong M57 = ulong.MaxValue >> 7; + + private static readonly ulong[] ROOT_Z = new ulong[]{ 0x0C30C30C30C30808UL, 0x30C30C30C30C30C3UL, + 0x820820820820830CUL, 0x0820820820820820UL, 0x2082082UL }; + + public static void Add(ulong[] x, ulong[] y, ulong[] z) + { + z[0] = x[0] ^ y[0]; + z[1] = x[1] ^ y[1]; + z[2] = x[2] ^ y[2]; + z[3] = x[3] ^ y[3]; + z[4] = x[4] ^ y[4]; + } + + public static void AddExt(ulong[] xx, ulong[] yy, ulong[] zz) + { + zz[0] = xx[0] ^ yy[0]; + zz[1] = xx[1] ^ yy[1]; + zz[2] = xx[2] ^ yy[2]; + zz[3] = xx[3] ^ yy[3]; + zz[4] = xx[4] ^ yy[4]; + zz[5] = xx[5] ^ yy[5]; + zz[6] = xx[6] ^ yy[6]; + zz[7] = xx[7] ^ yy[7]; + zz[8] = xx[8] ^ yy[8]; + } + + public static void AddOne(ulong[] x, ulong[] z) + { + z[0] = x[0] ^ 1UL; + z[1] = x[1]; + z[2] = x[2]; + z[3] = x[3]; + z[4] = x[4]; + } + + private static void AddTo(ulong[] x, ulong[] z) + { + z[0] ^= x[0]; + z[1] ^= x[1]; + z[2] ^= x[2]; + z[3] ^= x[3]; + z[4] ^= x[4]; + } + + public static ulong[] FromBigInteger(BigInteger x) + { + return Nat.FromBigInteger64(283, x); + } + + public static void HalfTrace(ulong[] x, ulong[] z) + { + ulong[] tt = Nat.Create64(9); + + Nat320.Copy64(x, z); + for (int i = 1; i < 283; i += 2) + { + ImplSquare(z, tt); + Reduce(tt, z); + ImplSquare(z, tt); + Reduce(tt, z); + AddTo(x, z); + } + } + + public static void Invert(ulong[] x, ulong[] z) + { + if (Nat320.IsZero64(x)) + throw new InvalidOperationException(); + + // Itoh-Tsujii inversion + + ulong[] t0 = Nat320.Create64(); + ulong[] t1 = Nat320.Create64(); + + Square(x, t0); + Multiply(t0, x, t0); + SquareN(t0, 2, t1); + Multiply(t1, t0, t1); + SquareN(t1, 4, t0); + Multiply(t0, t1, t0); + SquareN(t0, 8, t1); + Multiply(t1, t0, t1); + Square(t1, t1); + Multiply(t1, x, t1); + SquareN(t1, 17, t0); + Multiply(t0, t1, t0); + Square(t0, t0); + Multiply(t0, x, t0); + SquareN(t0, 35, t1); + Multiply(t1, t0, t1); + SquareN(t1, 70, t0); + Multiply(t0, t1, t0); + Square(t0, t0); + Multiply(t0, x, t0); + SquareN(t0, 141, t1); + Multiply(t1, t0, t1); + Square(t1, z); + } + + public static void Multiply(ulong[] x, ulong[] y, ulong[] z) + { + ulong[] tt = Nat320.CreateExt64(); + ImplMultiply(x, y, tt); + Reduce(tt, z); + } + + public static void MultiplyAddToExt(ulong[] x, ulong[] y, ulong[] zz) + { + ulong[] tt = Nat320.CreateExt64(); + ImplMultiply(x, y, tt); + AddExt(zz, tt, zz); + } + + public static void Reduce(ulong[] xx, ulong[] z) + { + ulong x0 = xx[0], x1 = xx[1], x2 = xx[2], x3 = xx[3], x4 = xx[4]; + ulong x5 = xx[5], x6 = xx[6], x7 = xx[7], x8 = xx[8]; + + x3 ^= (x8 << 37) ^ (x8 << 42) ^ (x8 << 44) ^ (x8 << 49); + x4 ^= (x8 >> 27) ^ (x8 >> 22) ^ (x8 >> 20) ^ (x8 >> 15); + + x2 ^= (x7 << 37) ^ (x7 << 42) ^ (x7 << 44) ^ (x7 << 49); + x3 ^= (x7 >> 27) ^ (x7 >> 22) ^ (x7 >> 20) ^ (x7 >> 15); + + x1 ^= (x6 << 37) ^ (x6 << 42) ^ (x6 << 44) ^ (x6 << 49); + x2 ^= (x6 >> 27) ^ (x6 >> 22) ^ (x6 >> 20) ^ (x6 >> 15); + + x0 ^= (x5 << 37) ^ (x5 << 42) ^ (x5 << 44) ^ (x5 << 49); + x1 ^= (x5 >> 27) ^ (x5 >> 22) ^ (x5 >> 20) ^ (x5 >> 15); + + ulong t = x4 >> 27; + z[0] = x0 ^ t ^ (t << 5) ^ (t << 7) ^ (t << 12); + z[1] = x1; + z[2] = x2; + z[3] = x3; + z[4] = x4 & M27; + } + + public static void Reduce37(ulong[] z, int zOff) + { + ulong z4 = z[zOff + 4], t = z4 >> 27; + z[zOff ] ^= t ^ (t << 5) ^ (t << 7) ^ (t << 12); + z[zOff + 4] = z4 & M27; + } + + public static void Sqrt(ulong[] x, ulong[] z) + { + ulong[] odd = Nat320.Create64(); + + ulong u0, u1; + u0 = Interleave.Unshuffle(x[0]); u1 = Interleave.Unshuffle(x[1]); + ulong e0 = (u0 & 0x00000000FFFFFFFFUL) | (u1 << 32); + odd[0] = (u0 >> 32) | (u1 & 0xFFFFFFFF00000000UL); + + u0 = Interleave.Unshuffle(x[2]); u1 = Interleave.Unshuffle(x[3]); + ulong e1 = (u0 & 0x00000000FFFFFFFFUL) | (u1 << 32); + odd[1] = (u0 >> 32) | (u1 & 0xFFFFFFFF00000000UL); + + u0 = Interleave.Unshuffle(x[4]); + ulong e2 = (u0 & 0x00000000FFFFFFFFUL); + odd[2] = (u0 >> 32); + + Multiply(odd, ROOT_Z, z); + + z[0] ^= e0; + z[1] ^= e1; + z[2] ^= e2; + } + + public static void Square(ulong[] x, ulong[] z) + { + ulong[] tt = Nat.Create64(9); + ImplSquare(x, tt); + Reduce(tt, z); + } + + public static void SquareAddToExt(ulong[] x, ulong[] zz) + { + ulong[] tt = Nat.Create64(9); + ImplSquare(x, tt); + AddExt(zz, tt, zz); + } + + public static void SquareN(ulong[] x, int n, ulong[] z) + { + Debug.Assert(n > 0); + + ulong[] tt = Nat.Create64(9); + ImplSquare(x, tt); + Reduce(tt, z); + + while (--n > 0) + { + ImplSquare(z, tt); + Reduce(tt, z); + } + } + + public static uint Trace(ulong[] x) + { + // Non-zero-trace bits: 0, 271 + return (uint)(x[0] ^ (x[4] >> 15)) & 1U; + } + + protected static void ImplCompactExt(ulong[] zz) + { + ulong z0 = zz[0], z1 = zz[1], z2 = zz[2], z3 = zz[3], z4 = zz[4]; + ulong z5 = zz[5], z6 = zz[6], z7 = zz[7], z8 = zz[8], z9 = zz[9]; + zz[0] = z0 ^ (z1 << 57); + zz[1] = (z1 >> 7) ^ (z2 << 50); + zz[2] = (z2 >> 14) ^ (z3 << 43); + zz[3] = (z3 >> 21) ^ (z4 << 36); + zz[4] = (z4 >> 28) ^ (z5 << 29); + zz[5] = (z5 >> 35) ^ (z6 << 22); + zz[6] = (z6 >> 42) ^ (z7 << 15); + zz[7] = (z7 >> 49) ^ (z8 << 8); + zz[8] = (z8 >> 56) ^ (z9 << 1); + zz[9] = (z9 >> 63); // Zero! + } + + protected static void ImplExpand(ulong[] x, ulong[] z) + { + ulong x0 = x[0], x1 = x[1], x2 = x[2], x3 = x[3], x4 = x[4]; + z[0] = x0 & M57; + z[1] = ((x0 >> 57) ^ (x1 << 7)) & M57; + z[2] = ((x1 >> 50) ^ (x2 << 14)) & M57; + z[3] = ((x2 >> 43) ^ (x3 << 21)) & M57; + z[4] = ((x3 >> 36) ^ (x4 << 28)); + } + + //protected static void AddMs(ulong[] zz, int zOff, ulong[] p, params int[] ms) + //{ + // ulong t0 = 0, t1 = 0; + // foreach (int m in ms) + // { + // int i = (m - 1) << 1; + // t0 ^= p[i ]; + // t1 ^= p[i + 1]; + // } + // zz[zOff ] ^= t0; + // zz[zOff + 1] ^= t1; + //} + + protected static void ImplMultiply(ulong[] x, ulong[] y, ulong[] zz) + { + /* + * Formula (17) from "Some New Results on Binary Polynomial Multiplication", + * Murat Cenk and M. Anwar Hasan. + * + * The formula as given contained an error in the term t25, as noted below + */ + ulong[] a = new ulong[5], b = new ulong[5]; + ImplExpand(x, a); + ImplExpand(y, b); + + ulong[] u = zz; + ulong[] p = new ulong[26]; + + ImplMulw(u, a[0], b[0], p, 0); // m1 + ImplMulw(u, a[1], b[1], p, 2); // m2 + ImplMulw(u, a[2], b[2], p, 4); // m3 + ImplMulw(u, a[3], b[3], p, 6); // m4 + ImplMulw(u, a[4], b[4], p, 8); // m5 + + ulong u0 = a[0] ^ a[1], v0 = b[0] ^ b[1]; + ulong u1 = a[0] ^ a[2], v1 = b[0] ^ b[2]; + ulong u2 = a[2] ^ a[4], v2 = b[2] ^ b[4]; + ulong u3 = a[3] ^ a[4], v3 = b[3] ^ b[4]; + + ImplMulw(u, u1 ^ a[3], v1 ^ b[3], p, 18); // m10 + ImplMulw(u, u2 ^ a[1], v2 ^ b[1], p, 20); // m11 + + ulong A4 = u0 ^ u3 , B4 = v0 ^ v3; + ulong A5 = A4 ^ a[2], B5 = B4 ^ b[2]; + + ImplMulw(u, A4, B4, p, 22); // m12 + ImplMulw(u, A5, B5, p, 24); // m13 + + ImplMulw(u, u0, v0, p, 10); // m6 + ImplMulw(u, u1, v1, p, 12); // m7 + ImplMulw(u, u2, v2, p, 14); // m8 + ImplMulw(u, u3, v3, p, 16); // m9 + + + // Original method, corresponding to formula (16) + //AddMs(zz, 0, p, 1); + //AddMs(zz, 1, p, 1, 2, 6); + //AddMs(zz, 2, p, 1, 2, 3, 7); + //AddMs(zz, 3, p, 1, 3, 4, 5, 8, 10, 12, 13); + //AddMs(zz, 4, p, 1, 2, 4, 5, 6, 9, 10, 11, 13); + //AddMs(zz, 5, p, 1, 2, 3, 5, 7, 11, 12, 13); + //AddMs(zz, 6, p, 3, 4, 5, 8); + //AddMs(zz, 7, p, 4, 5, 9); + //AddMs(zz, 8, p, 5); + + // Improved method factors out common single-word terms + // NOTE: p1,...,p26 in the paper maps to p[0],...,p[25] here + + zz[0] = p[ 0]; + zz[9] = p[ 9]; + + ulong t1 = p[ 0] ^ p[ 1]; + ulong t2 = t1 ^ p[ 2]; + ulong t3 = t2 ^ p[10]; + + zz[1] = t3; + + ulong t4 = p[ 3] ^ p[ 4]; + ulong t5 = p[11] ^ p[12]; + ulong t6 = t4 ^ t5; + ulong t7 = t2 ^ t6; + + zz[2] = t7; + + ulong t8 = t1 ^ t4; + ulong t9 = p[ 5] ^ p[ 6]; + ulong t10 = t8 ^ t9; + ulong t11 = t10 ^ p[ 8]; + ulong t12 = p[13] ^ p[14]; + ulong t13 = t11 ^ t12; + ulong t14 = p[18] ^ p[22]; + ulong t15 = t14 ^ p[24]; + ulong t16 = t13 ^ t15; + + zz[3] = t16; + + ulong t17 = p[ 7] ^ p[ 8]; + ulong t18 = t17 ^ p[ 9]; + ulong t19 = t18 ^ p[17]; + + zz[8] = t19; + + ulong t20 = t18 ^ t9; + ulong t21 = p[15] ^ p[16]; + ulong t22 = t20 ^ t21; + + zz[7] = t22; + + ulong t23 = t22 ^ t3; + ulong t24 = p[19] ^ p[20]; + // ulong t25 = p[23] ^ p[24]; + ulong t25 = p[25] ^ p[24]; // Fixes an error in the paper: p[23] -> p{25] + ulong t26 = p[18] ^ p[23]; + ulong t27 = t24 ^ t25; + ulong t28 = t27 ^ t26; + ulong t29 = t28 ^ t23; + + zz[4] = t29; + + ulong t30 = t7 ^ t19; + ulong t31 = t27 ^ t30; + ulong t32 = p[21] ^ p[22]; + ulong t33 = t31 ^ t32; + + zz[5] = t33; + + ulong t34 = t11 ^ p[0]; + ulong t35 = t34 ^ p[9]; + ulong t36 = t35 ^ t12; + ulong t37 = t36 ^ p[21]; + ulong t38 = t37 ^ p[23]; + ulong t39 = t38 ^ p[25]; + + zz[6] = t39; + + ImplCompactExt(zz); + } + + protected static void ImplMulw(ulong[] u, ulong x, ulong y, ulong[] z, int zOff) + { + Debug.Assert(x >> 57 == 0); + Debug.Assert(y >> 57 == 0); + + //u[0] = 0; + u[1] = y; + u[2] = u[1] << 1; + u[3] = u[2] ^ y; + u[4] = u[2] << 1; + u[5] = u[4] ^ y; + u[6] = u[3] << 1; + u[7] = u[6] ^ y; + + uint j = (uint)x; + ulong g, h = 0, l = u[j & 7]; + int k = 48; + do + { + j = (uint)(x >> k); + g = u[j & 7] + ^ u[(j >> 3) & 7] << 3 + ^ u[(j >> 6) & 7] << 6; + l ^= (g << k); + h ^= (g >> -k); + } + while ((k -= 9) > 0); + + h ^= ((x & 0x0100804020100800L) & (ulong)(((long)y << 7) >> 63)) >> 8; + + Debug.Assert(h >> 49 == 0); + + z[zOff ] = l & M57; + z[zOff + 1] = (l >> 57) ^ (h << 7); + } + + protected static void ImplSquare(ulong[] x, ulong[] zz) + { + Interleave.Expand64To128(x, 0, 4, zz, 0); + zz[8] = Interleave.Expand32to64((uint)x[4]); + } + } +} diff --git a/BouncyCastle/crypto/src/math/ec/custom/sec/SecT283FieldElement.cs b/BouncyCastle/crypto/src/math/ec/custom/sec/SecT283FieldElement.cs new file mode 100644 index 0000000..6bd720a --- /dev/null +++ b/BouncyCastle/crypto/src/math/ec/custom/sec/SecT283FieldElement.cs @@ -0,0 +1,233 @@ +using System; + +using Org.BouncyCastle.Math.Raw; +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Math.EC.Custom.Sec +{ + internal class SecT283FieldElement + : AbstractF2mFieldElement + { + protected internal readonly ulong[] x; + + public SecT283FieldElement(BigInteger x) + { + if (x == null || x.SignValue < 0 || x.BitLength > 283) + throw new ArgumentException("value invalid for SecT283FieldElement", "x"); + + this.x = SecT283Field.FromBigInteger(x); + } + + public SecT283FieldElement() + { + this.x = Nat320.Create64(); + } + + protected internal SecT283FieldElement(ulong[] x) + { + this.x = x; + } + + public override bool IsOne + { + get { return Nat320.IsOne64(x); } + } + + public override bool IsZero + { + get { return Nat320.IsZero64(x); } + } + + public override bool TestBitZero() + { + return (x[0] & 1UL) != 0UL; + } + + public override BigInteger ToBigInteger() + { + return Nat320.ToBigInteger64(x); + } + + public override string FieldName + { + get { return "SecT283Field"; } + } + + public override int FieldSize + { + get { return 283; } + } + + public override ECFieldElement Add(ECFieldElement b) + { + ulong[] z = Nat320.Create64(); + SecT283Field.Add(x, ((SecT283FieldElement)b).x, z); + return new SecT283FieldElement(z); + } + + public override ECFieldElement AddOne() + { + ulong[] z = Nat320.Create64(); + SecT283Field.AddOne(x, z); + return new SecT283FieldElement(z); + } + + public override ECFieldElement Subtract(ECFieldElement b) + { + // Addition and subtraction are the same in F2m + return Add(b); + } + + public override ECFieldElement Multiply(ECFieldElement b) + { + ulong[] z = Nat320.Create64(); + SecT283Field.Multiply(x, ((SecT283FieldElement)b).x, z); + return new SecT283FieldElement(z); + } + + public override ECFieldElement MultiplyMinusProduct(ECFieldElement b, ECFieldElement x, ECFieldElement y) + { + return MultiplyPlusProduct(b, x, y); + } + + public override ECFieldElement MultiplyPlusProduct(ECFieldElement b, ECFieldElement x, ECFieldElement y) + { + ulong[] ax = this.x, bx = ((SecT283FieldElement)b).x; + ulong[] xx = ((SecT283FieldElement)x).x, yx = ((SecT283FieldElement)y).x; + + ulong[] tt = Nat.Create64(9); + SecT283Field.MultiplyAddToExt(ax, bx, tt); + SecT283Field.MultiplyAddToExt(xx, yx, tt); + + ulong[] z = Nat320.Create64(); + SecT283Field.Reduce(tt, z); + return new SecT283FieldElement(z); + } + + public override ECFieldElement Divide(ECFieldElement b) + { + return Multiply(b.Invert()); + } + + public override ECFieldElement Negate() + { + return this; + } + + public override ECFieldElement Square() + { + ulong[] z = Nat320.Create64(); + SecT283Field.Square(x, z); + return new SecT283FieldElement(z); + } + + public override ECFieldElement SquareMinusProduct(ECFieldElement x, ECFieldElement y) + { + return SquarePlusProduct(x, y); + } + + public override ECFieldElement SquarePlusProduct(ECFieldElement x, ECFieldElement y) + { + ulong[] ax = this.x; + ulong[] xx = ((SecT283FieldElement)x).x, yx = ((SecT283FieldElement)y).x; + + ulong[] tt = Nat.Create64(9); + SecT283Field.SquareAddToExt(ax, tt); + SecT283Field.MultiplyAddToExt(xx, yx, tt); + + ulong[] z = Nat320.Create64(); + SecT283Field.Reduce(tt, z); + return new SecT283FieldElement(z); + } + + public override ECFieldElement SquarePow(int pow) + { + if (pow < 1) + return this; + + ulong[] z = Nat320.Create64(); + SecT283Field.SquareN(x, pow, z); + return new SecT283FieldElement(z); + } + + public override ECFieldElement HalfTrace() + { + ulong[] z = Nat320.Create64(); + SecT283Field.HalfTrace(x, z); + return new SecT283FieldElement(z); + } + + public override bool HasFastTrace + { + get { return true; } + } + + public override int Trace() + { + return (int)SecT283Field.Trace(x); + } + + public override ECFieldElement Invert() + { + ulong[] z = Nat320.Create64(); + SecT283Field.Invert(x, z); + return new SecT283FieldElement(z); + } + + public override ECFieldElement Sqrt() + { + ulong[] z = Nat320.Create64(); + SecT283Field.Sqrt(x, z); + return new SecT283FieldElement(z); + } + + public virtual int Representation + { + get { return F2mFieldElement.Ppb; } + } + + public virtual int M + { + get { return 283; } + } + + public virtual int K1 + { + get { return 5; } + } + + public virtual int K2 + { + get { return 7; } + } + + public virtual int K3 + { + get { return 12; } + } + + public override bool Equals(object obj) + { + return Equals(obj as SecT283FieldElement); + } + + public override bool Equals(ECFieldElement other) + { + return Equals(other as SecT283FieldElement); + } + + public virtual bool Equals(SecT283FieldElement other) + { + if (this == other) + return true; + if (null == other) + return false; + return Nat320.Eq64(x, other.x); + } + + public override int GetHashCode() + { + return 2831275 ^ Arrays.GetHashCode(x, 0, 5); + } + } +} diff --git a/BouncyCastle/crypto/src/math/ec/custom/sec/SecT283K1Curve.cs b/BouncyCastle/crypto/src/math/ec/custom/sec/SecT283K1Curve.cs new file mode 100644 index 0000000..c4d1824 --- /dev/null +++ b/BouncyCastle/crypto/src/math/ec/custom/sec/SecT283K1Curve.cs @@ -0,0 +1,183 @@ +using System; + +using Org.BouncyCastle.Math.EC.Multiplier; +using Org.BouncyCastle.Math.Raw; +using Org.BouncyCastle.Utilities.Encoders; + +namespace Org.BouncyCastle.Math.EC.Custom.Sec +{ + internal class SecT283K1Curve + : AbstractF2mCurve + { + private const int SECT283K1_DEFAULT_COORDS = COORD_LAMBDA_PROJECTIVE; + private const int SECT283K1_FE_LONGS = 5; + private static readonly ECFieldElement[] SECT283K1_AFFINE_ZS = new ECFieldElement[] { new SecT283FieldElement(BigInteger.One) }; + + protected readonly SecT283K1Point m_infinity; + + public SecT283K1Curve() + : base(283, 5, 7, 12) + { + this.m_infinity = new SecT283K1Point(this, null, null); + + this.m_a = FromBigInteger(BigInteger.Zero); + this.m_b = FromBigInteger(BigInteger.One); + this.m_order = new BigInteger(1, Hex.DecodeStrict("01FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFE9AE2ED07577265DFF7F94451E061E163C61")); + this.m_cofactor = BigInteger.ValueOf(4); + + this.m_coord = SECT283K1_DEFAULT_COORDS; + } + + protected override ECCurve CloneCurve() + { + return new SecT283K1Curve(); + } + + public override bool SupportsCoordinateSystem(int coord) + { + switch (coord) + { + case COORD_LAMBDA_PROJECTIVE: + return true; + default: + return false; + } + } + + protected override ECMultiplier CreateDefaultMultiplier() + { + return new WTauNafMultiplier(); + } + + public override ECPoint Infinity + { + get { return m_infinity; } + } + + public override int FieldSize + { + get { return 283; } + } + + public override ECFieldElement FromBigInteger(BigInteger x) + { + return new SecT283FieldElement(x); + } + + protected internal override ECPoint CreateRawPoint(ECFieldElement x, ECFieldElement y, bool withCompression) + { + return new SecT283K1Point(this, x, y, withCompression); + } + + protected internal override ECPoint CreateRawPoint(ECFieldElement x, ECFieldElement y, ECFieldElement[] zs, bool withCompression) + { + return new SecT283K1Point(this, x, y, zs, withCompression); + } + + public override bool IsKoblitz + { + get { return true; } + } + + public virtual int M + { + get { return 283; } + } + + public virtual bool IsTrinomial + { + get { return false; } + } + + public virtual int K1 + { + get { return 5; } + } + + public virtual int K2 + { + get { return 7; } + } + + public virtual int K3 + { + get { return 12; } + } + + public override ECLookupTable CreateCacheSafeLookupTable(ECPoint[] points, int off, int len) + { + ulong[] table = new ulong[len * SECT283K1_FE_LONGS * 2]; + { + int pos = 0; + for (int i = 0; i < len; ++i) + { + ECPoint p = points[off + i]; + Nat320.Copy64(((SecT283FieldElement)p.RawXCoord).x, 0, table, pos); pos += SECT283K1_FE_LONGS; + Nat320.Copy64(((SecT283FieldElement)p.RawYCoord).x, 0, table, pos); pos += SECT283K1_FE_LONGS; + } + } + + return new SecT283K1LookupTable(this, table, len); + } + + private class SecT283K1LookupTable + : AbstractECLookupTable + { + private readonly SecT283K1Curve m_outer; + private readonly ulong[] m_table; + private readonly int m_size; + + internal SecT283K1LookupTable(SecT283K1Curve outer, ulong[] table, int size) + { + this.m_outer = outer; + this.m_table = table; + this.m_size = size; + } + + public override int Size + { + get { return m_size; } + } + + public override ECPoint Lookup(int index) + { + ulong[] x = Nat320.Create64(), y = Nat320.Create64(); + int pos = 0; + + for (int i = 0; i < m_size; ++i) + { + ulong MASK = (ulong)(long)(((i ^ index) - 1) >> 31); + + for (int j = 0; j < SECT283K1_FE_LONGS; ++j) + { + x[j] ^= m_table[pos + j] & MASK; + y[j] ^= m_table[pos + SECT283K1_FE_LONGS + j] & MASK; + } + + pos += (SECT283K1_FE_LONGS * 2); + } + + return CreatePoint(x, y); + } + + public override ECPoint LookupVar(int index) + { + ulong[] x = Nat320.Create64(), y = Nat320.Create64(); + int pos = index * SECT283K1_FE_LONGS * 2; + + for (int j = 0; j < SECT283K1_FE_LONGS; ++j) + { + x[j] = m_table[pos + j]; + y[j] = m_table[pos + SECT283K1_FE_LONGS + j]; + } + + return CreatePoint(x, y); + } + + private ECPoint CreatePoint(ulong[] x, ulong[] y) + { + return m_outer.CreateRawPoint(new SecT283FieldElement(x), new SecT283FieldElement(y), SECT283K1_AFFINE_ZS, false); + } + } + } +} diff --git a/BouncyCastle/crypto/src/math/ec/custom/sec/SecT283K1Point.cs b/BouncyCastle/crypto/src/math/ec/custom/sec/SecT283K1Point.cs new file mode 100644 index 0000000..d3d7fa1 --- /dev/null +++ b/BouncyCastle/crypto/src/math/ec/custom/sec/SecT283K1Point.cs @@ -0,0 +1,289 @@ +using System; + +namespace Org.BouncyCastle.Math.EC.Custom.Sec +{ + internal class SecT283K1Point + : AbstractF2mPoint + { + /** + * @deprecated Use ECCurve.createPoint to construct points + */ + public SecT283K1Point(ECCurve curve, ECFieldElement x, ECFieldElement y) + : this(curve, x, y, false) + { + } + + /** + * @deprecated per-point compression property will be removed, refer {@link #getEncoded(bool)} + */ + public SecT283K1Point(ECCurve curve, ECFieldElement x, ECFieldElement y, bool withCompression) + : base(curve, x, y, withCompression) + { + if ((x == null) != (y == null)) + throw new ArgumentException("Exactly one of the field elements is null"); + } + + internal SecT283K1Point(ECCurve curve, ECFieldElement x, ECFieldElement y, ECFieldElement[] zs, bool withCompression) + : base(curve, x, y, zs, withCompression) + { + } + + protected override ECPoint Detach() + { + return new SecT283K1Point(null, this.AffineXCoord, this.AffineYCoord); // earlier JDK + } + + public override ECFieldElement YCoord + { + get + { + ECFieldElement X = RawXCoord, L = RawYCoord; + + if (this.IsInfinity || X.IsZero) + return L; + + // Y is actually Lambda (X + Y/X) here; convert to affine value on the fly + ECFieldElement Y = L.Add(X).Multiply(X); + + ECFieldElement Z = RawZCoords[0]; + if (!Z.IsOne) + { + Y = Y.Divide(Z); + } + + return Y; + } + } + + protected internal override bool CompressionYTilde + { + get + { + ECFieldElement X = this.RawXCoord; + if (X.IsZero) + return false; + + ECFieldElement Y = this.RawYCoord; + + // Y is actually Lambda (X + Y/X) here + return Y.TestBitZero() != X.TestBitZero(); + } + } + + public override ECPoint Add(ECPoint b) + { + if (this.IsInfinity) + return b; + if (b.IsInfinity) + return this; + + ECCurve curve = this.Curve; + + ECFieldElement X1 = this.RawXCoord; + ECFieldElement X2 = b.RawXCoord; + + if (X1.IsZero) + { + if (X2.IsZero) + return curve.Infinity; + + return b.Add(this); + } + + ECFieldElement L1 = this.RawYCoord, Z1 = this.RawZCoords[0]; + ECFieldElement L2 = b.RawYCoord, Z2 = b.RawZCoords[0]; + + bool Z1IsOne = Z1.IsOne; + ECFieldElement U2 = X2, S2 = L2; + if (!Z1IsOne) + { + U2 = U2.Multiply(Z1); + S2 = S2.Multiply(Z1); + } + + bool Z2IsOne = Z2.IsOne; + ECFieldElement U1 = X1, S1 = L1; + if (!Z2IsOne) + { + U1 = U1.Multiply(Z2); + S1 = S1.Multiply(Z2); + } + + ECFieldElement A = S1.Add(S2); + ECFieldElement B = U1.Add(U2); + + if (B.IsZero) + { + if (A.IsZero) + return Twice(); + + return curve.Infinity; + } + + ECFieldElement X3, L3, Z3; + if (X2.IsZero) + { + // TODO This can probably be optimized quite a bit + ECPoint p = this.Normalize(); + X1 = p.XCoord; + ECFieldElement Y1 = p.YCoord; + + ECFieldElement Y2 = L2; + ECFieldElement L = Y1.Add(Y2).Divide(X1); + + X3 = L.Square().Add(L).Add(X1); + if (X3.IsZero) + { + return new SecT283K1Point(curve, X3, curve.B, IsCompressed); + } + + ECFieldElement Y3 = L.Multiply(X1.Add(X3)).Add(X3).Add(Y1); + L3 = Y3.Divide(X3).Add(X3); + Z3 = curve.FromBigInteger(BigInteger.One); + } + else + { + B = B.Square(); + + ECFieldElement AU1 = A.Multiply(U1); + ECFieldElement AU2 = A.Multiply(U2); + + X3 = AU1.Multiply(AU2); + if (X3.IsZero) + { + return new SecT283K1Point(curve, X3, curve.B, IsCompressed); + } + + ECFieldElement ABZ2 = A.Multiply(B); + if (!Z2IsOne) + { + ABZ2 = ABZ2.Multiply(Z2); + } + + L3 = AU2.Add(B).SquarePlusProduct(ABZ2, L1.Add(Z1)); + + Z3 = ABZ2; + if (!Z1IsOne) + { + Z3 = Z3.Multiply(Z1); + } + } + + return new SecT283K1Point(curve, X3, L3, new ECFieldElement[] { Z3 }, IsCompressed); + } + + public override ECPoint Twice() + { + if (this.IsInfinity) + return this; + + ECCurve curve = this.Curve; + + ECFieldElement X1 = this.RawXCoord; + if (X1.IsZero) + { + // A point with X == 0 is its own additive inverse + return curve.Infinity; + } + + ECFieldElement L1 = this.RawYCoord, Z1 = this.RawZCoords[0]; + + bool Z1IsOne = Z1.IsOne; + ECFieldElement Z1Sq = Z1IsOne ? Z1 : Z1.Square(); + ECFieldElement T; + if (Z1IsOne) + { + T = L1.Square().Add(L1); + } + else + { + T = L1.Add(Z1).Multiply(L1); + } + + if (T.IsZero) + { + return new SecT283K1Point(curve, T, curve.B, IsCompressed); + } + + ECFieldElement X3 = T.Square(); + ECFieldElement Z3 = Z1IsOne ? T : T.Multiply(Z1Sq); + + ECFieldElement t1 = L1.Add(X1).Square(); + ECFieldElement t2 = Z1IsOne ? Z1 : Z1Sq.Square(); + ECFieldElement L3 = t1.Add(T).Add(Z1Sq).Multiply(t1).Add(t2).Add(X3).Add(Z3); + + return new SecT283K1Point(curve, X3, L3, new ECFieldElement[] { Z3 }, IsCompressed); + } + + public override ECPoint TwicePlus(ECPoint b) + { + if (this.IsInfinity) + return b; + if (b.IsInfinity) + return Twice(); + + ECCurve curve = this.Curve; + + ECFieldElement X1 = this.RawXCoord; + if (X1.IsZero) + { + // A point with X == 0 is its own additive inverse + return b; + } + + // NOTE: TwicePlus() only optimized for lambda-affine argument + ECFieldElement X2 = b.RawXCoord, Z2 = b.RawZCoords[0]; + if (X2.IsZero || !Z2.IsOne) + { + return Twice().Add(b); + } + + ECFieldElement L1 = this.RawYCoord, Z1 = this.RawZCoords[0]; + ECFieldElement L2 = b.RawYCoord; + + ECFieldElement X1Sq = X1.Square(); + ECFieldElement L1Sq = L1.Square(); + ECFieldElement Z1Sq = Z1.Square(); + ECFieldElement L1Z1 = L1.Multiply(Z1); + + ECFieldElement T = L1Sq.Add(L1Z1); + ECFieldElement L2plus1 = L2.AddOne(); + ECFieldElement A = L2plus1.Multiply(Z1Sq).Add(L1Sq).MultiplyPlusProduct(T, X1Sq, Z1Sq); + ECFieldElement X2Z1Sq = X2.Multiply(Z1Sq); + ECFieldElement B = X2Z1Sq.Add(T).Square(); + + if (B.IsZero) + { + if (A.IsZero) + return b.Twice(); + + return curve.Infinity; + } + + if (A.IsZero) + { + return new SecT283K1Point(curve, A, curve.B, IsCompressed); + } + + ECFieldElement X3 = A.Square().Multiply(X2Z1Sq); + ECFieldElement Z3 = A.Multiply(B).Multiply(Z1Sq); + ECFieldElement L3 = A.Add(B).Square().MultiplyPlusProduct(T, L2plus1, Z3); + + return new SecT283K1Point(curve, X3, L3, new ECFieldElement[] { Z3 }, IsCompressed); + } + + public override ECPoint Negate() + { + if (this.IsInfinity) + return this; + + ECFieldElement X = this.RawXCoord; + if (X.IsZero) + return this; + + // L is actually Lambda (X + Y/X) here + ECFieldElement L = this.RawYCoord, Z = this.RawZCoords[0]; + return new SecT283K1Point(Curve, X, L.Add(Z), new ECFieldElement[] { Z }, IsCompressed); + } + } +} diff --git a/BouncyCastle/crypto/src/math/ec/custom/sec/SecT283R1Curve.cs b/BouncyCastle/crypto/src/math/ec/custom/sec/SecT283R1Curve.cs new file mode 100644 index 0000000..c294137 --- /dev/null +++ b/BouncyCastle/crypto/src/math/ec/custom/sec/SecT283R1Curve.cs @@ -0,0 +1,177 @@ +using System; + +using Org.BouncyCastle.Math.Raw; +using Org.BouncyCastle.Utilities.Encoders; + +namespace Org.BouncyCastle.Math.EC.Custom.Sec +{ + internal class SecT283R1Curve + : AbstractF2mCurve + { + private const int SECT283R1_DEFAULT_COORDS = COORD_LAMBDA_PROJECTIVE; + private const int SECT283R1_FE_LONGS = 5; + private static readonly ECFieldElement[] SECT283R1_AFFINE_ZS = new ECFieldElement[] { new SecT283FieldElement(BigInteger.One) }; + + protected readonly SecT283R1Point m_infinity; + + public SecT283R1Curve() + : base(283, 5, 7, 12) + { + this.m_infinity = new SecT283R1Point(this, null, null); + + this.m_a = FromBigInteger(BigInteger.One); + this.m_b = FromBigInteger(new BigInteger(1, Hex.DecodeStrict("027B680AC8B8596DA5A4AF8A19A0303FCA97FD7645309FA2A581485AF6263E313B79A2F5"))); + this.m_order = new BigInteger(1, Hex.DecodeStrict("03FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEF90399660FC938A90165B042A7CEFADB307")); + this.m_cofactor = BigInteger.Two; + + this.m_coord = SECT283R1_DEFAULT_COORDS; + } + + protected override ECCurve CloneCurve() + { + return new SecT283R1Curve(); + } + + public override bool SupportsCoordinateSystem(int coord) + { + switch (coord) + { + case COORD_LAMBDA_PROJECTIVE: + return true; + default: + return false; + } + } + + public override ECPoint Infinity + { + get { return m_infinity; } + } + + public override int FieldSize + { + get { return 283; } + } + + public override ECFieldElement FromBigInteger(BigInteger x) + { + return new SecT283FieldElement(x); + } + + protected internal override ECPoint CreateRawPoint(ECFieldElement x, ECFieldElement y, bool withCompression) + { + return new SecT283R1Point(this, x, y, withCompression); + } + + protected internal override ECPoint CreateRawPoint(ECFieldElement x, ECFieldElement y, ECFieldElement[] zs, bool withCompression) + { + return new SecT283R1Point(this, x, y, zs, withCompression); + } + + public override bool IsKoblitz + { + get { return false; } + } + + public virtual int M + { + get { return 283; } + } + + public virtual bool IsTrinomial + { + get { return false; } + } + + public virtual int K1 + { + get { return 5; } + } + + public virtual int K2 + { + get { return 7; } + } + + public virtual int K3 + { + get { return 12; } + } + + public override ECLookupTable CreateCacheSafeLookupTable(ECPoint[] points, int off, int len) + { + ulong[] table = new ulong[len * SECT283R1_FE_LONGS * 2]; + { + int pos = 0; + for (int i = 0; i < len; ++i) + { + ECPoint p = points[off + i]; + Nat320.Copy64(((SecT283FieldElement)p.RawXCoord).x, 0, table, pos); pos += SECT283R1_FE_LONGS; + Nat320.Copy64(((SecT283FieldElement)p.RawYCoord).x, 0, table, pos); pos += SECT283R1_FE_LONGS; + } + } + + return new SecT283R1LookupTable(this, table, len); + } + + private class SecT283R1LookupTable + : AbstractECLookupTable + { + private readonly SecT283R1Curve m_outer; + private readonly ulong[] m_table; + private readonly int m_size; + + internal SecT283R1LookupTable(SecT283R1Curve outer, ulong[] table, int size) + { + this.m_outer = outer; + this.m_table = table; + this.m_size = size; + } + + public override int Size + { + get { return m_size; } + } + + public override ECPoint Lookup(int index) + { + ulong[] x = Nat320.Create64(), y = Nat320.Create64(); + int pos = 0; + + for (int i = 0; i < m_size; ++i) + { + ulong MASK = (ulong)(long)(((i ^ index) - 1) >> 31); + + for (int j = 0; j < SECT283R1_FE_LONGS; ++j) + { + x[j] ^= m_table[pos + j] & MASK; + y[j] ^= m_table[pos + SECT283R1_FE_LONGS + j] & MASK; + } + + pos += (SECT283R1_FE_LONGS * 2); + } + + return CreatePoint(x, y); + } + + public override ECPoint LookupVar(int index) + { + ulong[] x = Nat320.Create64(), y = Nat320.Create64(); + int pos = index * SECT283R1_FE_LONGS * 2; + + for (int j = 0; j < SECT283R1_FE_LONGS; ++j) + { + x[j] = m_table[pos + j]; + y[j] = m_table[pos + SECT283R1_FE_LONGS + j]; + } + + return CreatePoint(x, y); + } + + private ECPoint CreatePoint(ulong[] x, ulong[] y) + { + return m_outer.CreateRawPoint(new SecT283FieldElement(x), new SecT283FieldElement(y), SECT283R1_AFFINE_ZS, false); + } + } + } +} diff --git a/BouncyCastle/crypto/src/math/ec/custom/sec/SecT283R1Point.cs b/BouncyCastle/crypto/src/math/ec/custom/sec/SecT283R1Point.cs new file mode 100644 index 0000000..8c4092d --- /dev/null +++ b/BouncyCastle/crypto/src/math/ec/custom/sec/SecT283R1Point.cs @@ -0,0 +1,278 @@ +using System; + +namespace Org.BouncyCastle.Math.EC.Custom.Sec +{ + internal class SecT283R1Point + : AbstractF2mPoint + { + /** + * @deprecated Use ECCurve.createPoint to construct points + */ + public SecT283R1Point(ECCurve curve, ECFieldElement x, ECFieldElement y) + : this(curve, x, y, false) + { + } + + /** + * @deprecated per-point compression property will be removed, refer {@link #getEncoded(bool)} + */ + public SecT283R1Point(ECCurve curve, ECFieldElement x, ECFieldElement y, bool withCompression) + : base(curve, x, y, withCompression) + { + if ((x == null) != (y == null)) + throw new ArgumentException("Exactly one of the field elements is null"); + } + + internal SecT283R1Point(ECCurve curve, ECFieldElement x, ECFieldElement y, ECFieldElement[] zs, bool withCompression) + : base(curve, x, y, zs, withCompression) + { + } + + protected override ECPoint Detach() + { + return new SecT283R1Point(null, AffineXCoord, AffineYCoord); + } + + public override ECFieldElement YCoord + { + get + { + ECFieldElement X = RawXCoord, L = RawYCoord; + + if (this.IsInfinity || X.IsZero) + return L; + + // Y is actually Lambda (X + Y/X) here; convert to affine value on the fly + ECFieldElement Y = L.Add(X).Multiply(X); + + ECFieldElement Z = RawZCoords[0]; + if (!Z.IsOne) + { + Y = Y.Divide(Z); + } + + return Y; + } + } + + protected internal override bool CompressionYTilde + { + get + { + ECFieldElement X = this.RawXCoord; + if (X.IsZero) + return false; + + ECFieldElement Y = this.RawYCoord; + + // Y is actually Lambda (X + Y/X) here + return Y.TestBitZero() != X.TestBitZero(); + } + } + + public override ECPoint Add(ECPoint b) + { + if (this.IsInfinity) + return b; + if (b.IsInfinity) + return this; + + ECCurve curve = this.Curve; + + ECFieldElement X1 = this.RawXCoord; + ECFieldElement X2 = b.RawXCoord; + + if (X1.IsZero) + { + if (X2.IsZero) + return curve.Infinity; + + return b.Add(this); + } + + ECFieldElement L1 = this.RawYCoord, Z1 = this.RawZCoords[0]; + ECFieldElement L2 = b.RawYCoord, Z2 = b.RawZCoords[0]; + + bool Z1IsOne = Z1.IsOne; + ECFieldElement U2 = X2, S2 = L2; + if (!Z1IsOne) + { + U2 = U2.Multiply(Z1); + S2 = S2.Multiply(Z1); + } + + bool Z2IsOne = Z2.IsOne; + ECFieldElement U1 = X1, S1 = L1; + if (!Z2IsOne) + { + U1 = U1.Multiply(Z2); + S1 = S1.Multiply(Z2); + } + + ECFieldElement A = S1.Add(S2); + ECFieldElement B = U1.Add(U2); + + if (B.IsZero) + { + if (A.IsZero) + return Twice(); + + return curve.Infinity; + } + + ECFieldElement X3, L3, Z3; + if (X2.IsZero) + { + // TODO This can probably be optimized quite a bit + ECPoint p = this.Normalize(); + X1 = p.XCoord; + ECFieldElement Y1 = p.YCoord; + + ECFieldElement Y2 = L2; + ECFieldElement L = Y1.Add(Y2).Divide(X1); + + X3 = L.Square().Add(L).Add(X1).AddOne(); + if (X3.IsZero) + { + return new SecT283R1Point(curve, X3, curve.B.Sqrt(), IsCompressed); + } + + ECFieldElement Y3 = L.Multiply(X1.Add(X3)).Add(X3).Add(Y1); + L3 = Y3.Divide(X3).Add(X3); + Z3 = curve.FromBigInteger(BigInteger.One); + } + else + { + B = B.Square(); + + ECFieldElement AU1 = A.Multiply(U1); + ECFieldElement AU2 = A.Multiply(U2); + + X3 = AU1.Multiply(AU2); + if (X3.IsZero) + { + return new SecT283R1Point(curve, X3, curve.B.Sqrt(), IsCompressed); + } + + ECFieldElement ABZ2 = A.Multiply(B); + if (!Z2IsOne) + { + ABZ2 = ABZ2.Multiply(Z2); + } + + L3 = AU2.Add(B).SquarePlusProduct(ABZ2, L1.Add(Z1)); + + Z3 = ABZ2; + if (!Z1IsOne) + { + Z3 = Z3.Multiply(Z1); + } + } + + return new SecT283R1Point(curve, X3, L3, new ECFieldElement[] { Z3 }, IsCompressed); + } + + public override ECPoint Twice() + { + if (this.IsInfinity) + return this; + + ECCurve curve = this.Curve; + + ECFieldElement X1 = this.RawXCoord; + if (X1.IsZero) + { + // A point with X == 0 is its own additive inverse + return curve.Infinity; + } + + ECFieldElement L1 = this.RawYCoord, Z1 = this.RawZCoords[0]; + + bool Z1IsOne = Z1.IsOne; + ECFieldElement L1Z1 = Z1IsOne ? L1 : L1.Multiply(Z1); + ECFieldElement Z1Sq = Z1IsOne ? Z1 : Z1.Square(); + ECFieldElement T = L1.Square().Add(L1Z1).Add(Z1Sq); + if (T.IsZero) + { + return new SecT283R1Point(curve, T, curve.B.Sqrt(), IsCompressed); + } + + ECFieldElement X3 = T.Square(); + ECFieldElement Z3 = Z1IsOne ? T : T.Multiply(Z1Sq); + + ECFieldElement X1Z1 = Z1IsOne ? X1 : X1.Multiply(Z1); + ECFieldElement L3 = X1Z1.SquarePlusProduct(T, L1Z1).Add(X3).Add(Z3); + + return new SecT283R1Point(curve, X3, L3, new ECFieldElement[] { Z3 }, IsCompressed); + } + + public override ECPoint TwicePlus(ECPoint b) + { + if (this.IsInfinity) + return b; + if (b.IsInfinity) + return Twice(); + + ECCurve curve = this.Curve; + + ECFieldElement X1 = this.RawXCoord; + if (X1.IsZero) + { + // A point with X == 0 is its own additive inverse + return b; + } + + ECFieldElement X2 = b.RawXCoord, Z2 = b.RawZCoords[0]; + if (X2.IsZero || !Z2.IsOne) + { + return Twice().Add(b); + } + + ECFieldElement L1 = this.RawYCoord, Z1 = this.RawZCoords[0]; + ECFieldElement L2 = b.RawYCoord; + + ECFieldElement X1Sq = X1.Square(); + ECFieldElement L1Sq = L1.Square(); + ECFieldElement Z1Sq = Z1.Square(); + ECFieldElement L1Z1 = L1.Multiply(Z1); + + ECFieldElement T = Z1Sq.Add(L1Sq).Add(L1Z1); + ECFieldElement A = L2.Multiply(Z1Sq).Add(L1Sq).MultiplyPlusProduct(T, X1Sq, Z1Sq); + ECFieldElement X2Z1Sq = X2.Multiply(Z1Sq); + ECFieldElement B = X2Z1Sq.Add(T).Square(); + + if (B.IsZero) + { + if (A.IsZero) + return b.Twice(); + + return curve.Infinity; + } + + if (A.IsZero) + { + return new SecT283R1Point(curve, A, curve.B.Sqrt(), IsCompressed); + } + + ECFieldElement X3 = A.Square().Multiply(X2Z1Sq); + ECFieldElement Z3 = A.Multiply(B).Multiply(Z1Sq); + ECFieldElement L3 = A.Add(B).Square().MultiplyPlusProduct(T, L2.AddOne(), Z3); + + return new SecT283R1Point(curve, X3, L3, new ECFieldElement[] { Z3 }, IsCompressed); + } + + public override ECPoint Negate() + { + if (this.IsInfinity) + return this; + + ECFieldElement X = this.RawXCoord; + if (X.IsZero) + return this; + + // L is actually Lambda (X + Y/X) here + ECFieldElement L = this.RawYCoord, Z = this.RawZCoords[0]; + return new SecT283R1Point(Curve, X, L.Add(Z), new ECFieldElement[] { Z }, IsCompressed); + } + } +} diff --git a/BouncyCastle/crypto/src/math/ec/custom/sec/SecT409Field.cs b/BouncyCastle/crypto/src/math/ec/custom/sec/SecT409Field.cs new file mode 100644 index 0000000..c35d3ce --- /dev/null +++ b/BouncyCastle/crypto/src/math/ec/custom/sec/SecT409Field.cs @@ -0,0 +1,394 @@ +using System; +using System.Diagnostics; + +using Org.BouncyCastle.Math.Raw; + +namespace Org.BouncyCastle.Math.EC.Custom.Sec +{ + internal class SecT409Field + { + private const ulong M25 = ulong.MaxValue >> 39; + private const ulong M59 = ulong.MaxValue >> 5; + + public static void Add(ulong[] x, ulong[] y, ulong[] z) + { + z[0] = x[0] ^ y[0]; + z[1] = x[1] ^ y[1]; + z[2] = x[2] ^ y[2]; + z[3] = x[3] ^ y[3]; + z[4] = x[4] ^ y[4]; + z[5] = x[5] ^ y[5]; + z[6] = x[6] ^ y[6]; + } + + public static void AddExt(ulong[] xx, ulong[] yy, ulong[] zz) + { + for (int i = 0; i < 13; ++i) + { + zz[i] = xx[i] ^ yy[i]; + } + } + + public static void AddOne(ulong[] x, ulong[] z) + { + z[0] = x[0] ^ 1UL; + z[1] = x[1]; + z[2] = x[2]; + z[3] = x[3]; + z[4] = x[4]; + z[5] = x[5]; + z[6] = x[6]; + } + + private static void AddTo(ulong[] x, ulong[] z) + { + z[0] ^= x[0]; + z[1] ^= x[1]; + z[2] ^= x[2]; + z[3] ^= x[3]; + z[4] ^= x[4]; + z[5] ^= x[5]; + z[6] ^= x[6]; + } + + public static ulong[] FromBigInteger(BigInteger x) + { + return Nat.FromBigInteger64(409, x); + } + + public static void HalfTrace(ulong[] x, ulong[] z) + { + ulong[] tt = Nat.Create64(13); + + Nat448.Copy64(x, z); + for (int i = 1; i < 409; i += 2) + { + ImplSquare(z, tt); + Reduce(tt, z); + ImplSquare(z, tt); + Reduce(tt, z); + AddTo(x, z); + } + } + + public static void Invert(ulong[] x, ulong[] z) + { + if (Nat448.IsZero64(x)) + throw new InvalidOperationException(); + + // Itoh-Tsujii inversion with bases { 2, 3 } + + ulong[] t0 = Nat448.Create64(); + ulong[] t1 = Nat448.Create64(); + ulong[] t2 = Nat448.Create64(); + + Square(x, t0); + + // 3 | 408 + SquareN(t0, 1, t1); + Multiply(t0, t1, t0); + SquareN(t1, 1, t1); + Multiply(t0, t1, t0); + + // 2 | 136 + SquareN(t0, 3, t1); + Multiply(t0, t1, t0); + + // 2 | 68 + SquareN(t0, 6, t1); + Multiply(t0, t1, t0); + + // 2 | 34 + SquareN(t0, 12, t1); + Multiply(t0, t1, t2); + + // ! {2,3} | 17 + SquareN(t2, 24, t0); + SquareN(t0, 24, t1); + Multiply(t0, t1, t0); + + // 2 | 8 + SquareN(t0, 48, t1); + Multiply(t0, t1, t0); + + // 2 | 4 + SquareN(t0, 96, t1); + Multiply(t0, t1, t0); + + // 2 | 2 + SquareN(t0, 192, t1); + Multiply(t0, t1, t0); + + Multiply(t0, t2, z); + } + + public static void Multiply(ulong[] x, ulong[] y, ulong[] z) + { + ulong[] tt = Nat448.CreateExt64(); + ImplMultiply(x, y, tt); + Reduce(tt, z); + } + + public static void MultiplyAddToExt(ulong[] x, ulong[] y, ulong[] zz) + { + ulong[] tt = Nat448.CreateExt64(); + ImplMultiply(x, y, tt); + AddExt(zz, tt, zz); + } + + public static void Reduce(ulong[] xx, ulong[] z) + { + ulong x00 = xx[0], x01 = xx[1], x02 = xx[2], x03 = xx[3]; + ulong x04 = xx[4], x05 = xx[5], x06 = xx[6], x07 = xx[7]; + + ulong u = xx[12]; + x05 ^= (u << 39); + x06 ^= (u >> 25) ^ (u << 62); + x07 ^= (u >> 2); + + u = xx[11]; + x04 ^= (u << 39); + x05 ^= (u >> 25) ^ (u << 62); + x06 ^= (u >> 2); + + u = xx[10]; + x03 ^= (u << 39); + x04 ^= (u >> 25) ^ (u << 62); + x05 ^= (u >> 2); + + u = xx[9]; + x02 ^= (u << 39); + x03 ^= (u >> 25) ^ (u << 62); + x04 ^= (u >> 2); + + u = xx[8]; + x01 ^= (u << 39); + x02 ^= (u >> 25) ^ (u << 62); + x03 ^= (u >> 2); + + u = x07; + x00 ^= (u << 39); + x01 ^= (u >> 25) ^ (u << 62); + x02 ^= (u >> 2); + + ulong t = x06 >> 25; + z[0] = x00 ^ t; + z[1] = x01 ^ (t << 23); + z[2] = x02; + z[3] = x03; + z[4] = x04; + z[5] = x05; + z[6] = x06 & M25; + } + + public static void Reduce39(ulong[] z, int zOff) + { + ulong z6 = z[zOff + 6], t = z6 >> 25; + z[zOff ] ^= t; + z[zOff + 1] ^= (t << 23); + z[zOff + 6] = z6 & M25; + } + + public static void Sqrt(ulong[] x, ulong[] z) + { + ulong u0, u1; + u0 = Interleave.Unshuffle(x[0]); u1 = Interleave.Unshuffle(x[1]); + ulong e0 = (u0 & 0x00000000FFFFFFFFUL) | (u1 << 32); + ulong c0 = (u0 >> 32) | (u1 & 0xFFFFFFFF00000000UL); + + u0 = Interleave.Unshuffle(x[2]); u1 = Interleave.Unshuffle(x[3]); + ulong e1 = (u0 & 0x00000000FFFFFFFFUL) | (u1 << 32); + ulong c1 = (u0 >> 32) | (u1 & 0xFFFFFFFF00000000UL); + + u0 = Interleave.Unshuffle(x[4]); u1 = Interleave.Unshuffle(x[5]); + ulong e2 = (u0 & 0x00000000FFFFFFFFUL) | (u1 << 32); + ulong c2 = (u0 >> 32) | (u1 & 0xFFFFFFFF00000000UL); + + u0 = Interleave.Unshuffle(x[6]); + ulong e3 = (u0 & 0x00000000FFFFFFFFUL); + ulong c3 = (u0 >> 32); + + z[0] = e0 ^ (c0 << 44); + z[1] = e1 ^ (c1 << 44) ^ (c0 >> 20); + z[2] = e2 ^ (c2 << 44) ^ (c1 >> 20); + z[3] = e3 ^ (c3 << 44) ^ (c2 >> 20) ^ (c0 << 13); + z[4] = (c3 >> 20) ^ (c1 << 13) ^ (c0 >> 51); + z[5] = (c2 << 13) ^ (c1 >> 51); + z[6] = (c3 << 13) ^ (c2 >> 51); + + Debug.Assert((c3 >> 51) == 0); + } + + public static void Square(ulong[] x, ulong[] z) + { + ulong[] tt = Nat.Create64(13); + ImplSquare(x, tt); + Reduce(tt, z); + } + + public static void SquareAddToExt(ulong[] x, ulong[] zz) + { + ulong[] tt = Nat.Create64(13); + ImplSquare(x, tt); + AddExt(zz, tt, zz); + } + + public static void SquareN(ulong[] x, int n, ulong[] z) + { + Debug.Assert(n > 0); + + ulong[] tt = Nat.Create64(13); + ImplSquare(x, tt); + Reduce(tt, z); + + while (--n > 0) + { + ImplSquare(z, tt); + Reduce(tt, z); + } + } + + public static uint Trace(ulong[] x) + { + // Non-zero-trace bits: 0 + return (uint)(x[0]) & 1U; + } + + protected static void ImplCompactExt(ulong[] zz) + { + ulong z00 = zz[ 0], z01 = zz[ 1], z02 = zz[ 2], z03 = zz[ 3], z04 = zz[ 4], z05 = zz[ 5], z06 = zz[ 6]; + ulong z07 = zz[ 7], z08 = zz[ 8], z09 = zz[ 9], z10 = zz[10], z11 = zz[11], z12 = zz[12], z13 = zz[13]; + zz[ 0] = z00 ^ (z01 << 59); + zz[ 1] = (z01 >> 5) ^ (z02 << 54); + zz[ 2] = (z02 >> 10) ^ (z03 << 49); + zz[ 3] = (z03 >> 15) ^ (z04 << 44); + zz[ 4] = (z04 >> 20) ^ (z05 << 39); + zz[ 5] = (z05 >> 25) ^ (z06 << 34); + zz[ 6] = (z06 >> 30) ^ (z07 << 29); + zz[ 7] = (z07 >> 35) ^ (z08 << 24); + zz[ 8] = (z08 >> 40) ^ (z09 << 19); + zz[ 9] = (z09 >> 45) ^ (z10 << 14); + zz[10] = (z10 >> 50) ^ (z11 << 9); + zz[11] = (z11 >> 55) ^ (z12 << 4) + ^ (z13 << 63); + zz[12] = (z13 >> 1); + //zz[13] = 0; + } + + protected static void ImplExpand(ulong[] x, ulong[] z) + { + ulong x0 = x[0], x1 = x[1], x2 = x[2], x3 = x[3], x4 = x[4], x5 = x[5], x6 = x[6]; + z[0] = x0 & M59; + z[1] = ((x0 >> 59) ^ (x1 << 5)) & M59; + z[2] = ((x1 >> 54) ^ (x2 << 10)) & M59; + z[3] = ((x2 >> 49) ^ (x3 << 15)) & M59; + z[4] = ((x3 >> 44) ^ (x4 << 20)) & M59; + z[5] = ((x4 >> 39) ^ (x5 << 25)) & M59; + z[6] = ((x5 >> 34) ^ (x6 << 30)); + } + + protected static void ImplMultiply(ulong[] x, ulong[] y, ulong[] zz) + { + ulong[] a = new ulong[7], b = new ulong[7]; + ImplExpand(x, a); + ImplExpand(y, b); + + ulong[] u = new ulong[8]; + for (int i = 0; i < 7; ++i) + { + ImplMulwAcc(u, a[i], b[i], zz, i << 1); + } + + ulong v0 = zz[0], v1 = zz[1]; + v0 ^= zz[ 2]; zz[1] = v0 ^ v1; v1 ^= zz[ 3]; + v0 ^= zz[ 4]; zz[2] = v0 ^ v1; v1 ^= zz[ 5]; + v0 ^= zz[ 6]; zz[3] = v0 ^ v1; v1 ^= zz[ 7]; + v0 ^= zz[ 8]; zz[4] = v0 ^ v1; v1 ^= zz[ 9]; + v0 ^= zz[10]; zz[5] = v0 ^ v1; v1 ^= zz[11]; + v0 ^= zz[12]; zz[6] = v0 ^ v1; v1 ^= zz[13]; + + ulong w = v0 ^ v1; + zz[ 7] = zz[0] ^ w; + zz[ 8] = zz[1] ^ w; + zz[ 9] = zz[2] ^ w; + zz[10] = zz[3] ^ w; + zz[11] = zz[4] ^ w; + zz[12] = zz[5] ^ w; + zz[13] = zz[6] ^ w; + + ImplMulwAcc(u, a[0] ^ a[1], b[0] ^ b[1], zz, 1); + + ImplMulwAcc(u, a[0] ^ a[2], b[0] ^ b[2], zz, 2); + + ImplMulwAcc(u, a[0] ^ a[3], b[0] ^ b[3], zz, 3); + ImplMulwAcc(u, a[1] ^ a[2], b[1] ^ b[2], zz, 3); + + ImplMulwAcc(u, a[0] ^ a[4], b[0] ^ b[4], zz, 4); + ImplMulwAcc(u, a[1] ^ a[3], b[1] ^ b[3], zz, 4); + + ImplMulwAcc(u, a[0] ^ a[5], b[0] ^ b[5], zz, 5); + ImplMulwAcc(u, a[1] ^ a[4], b[1] ^ b[4], zz, 5); + ImplMulwAcc(u, a[2] ^ a[3], b[2] ^ b[3], zz, 5); + + ImplMulwAcc(u, a[0] ^ a[6], b[0] ^ b[6], zz, 6); + ImplMulwAcc(u, a[1] ^ a[5], b[1] ^ b[5], zz, 6); + ImplMulwAcc(u, a[2] ^ a[4], b[2] ^ b[4], zz, 6); + + ImplMulwAcc(u, a[1] ^ a[6], b[1] ^ b[6], zz, 7); + ImplMulwAcc(u, a[2] ^ a[5], b[2] ^ b[5], zz, 7); + ImplMulwAcc(u, a[3] ^ a[4], b[3] ^ b[4], zz, 7); + + ImplMulwAcc(u, a[2] ^ a[6], b[2] ^ b[6], zz, 8); + ImplMulwAcc(u, a[3] ^ a[5], b[3] ^ b[5], zz, 8); + + ImplMulwAcc(u, a[3] ^ a[6], b[3] ^ b[6], zz, 9); + ImplMulwAcc(u, a[4] ^ a[5], b[4] ^ b[5], zz, 9); + + ImplMulwAcc(u, a[4] ^ a[6], b[4] ^ b[6], zz, 10); + + ImplMulwAcc(u, a[5] ^ a[6], b[5] ^ b[6], zz, 11); + + ImplCompactExt(zz); + } + + protected static void ImplMulwAcc(ulong[] u, ulong x, ulong y, ulong[] z, int zOff) + { + Debug.Assert(x >> 59 == 0); + Debug.Assert(y >> 59 == 0); + + //u[0] = 0; + u[1] = y; + u[2] = u[1] << 1; + u[3] = u[2] ^ y; + u[4] = u[2] << 1; + u[5] = u[4] ^ y; + u[6] = u[3] << 1; + u[7] = u[6] ^ y; + + uint j = (uint)x; + ulong g, h = 0, l = u[j & 7] + ^ (u[(j >> 3) & 7] << 3); + int k = 54; + do + { + j = (uint)(x >> k); + g = u[j & 7] + ^ u[(j >> 3) & 7] << 3; + l ^= (g << k); + h ^= (g >> -k); + } + while ((k -= 6) > 0); + + Debug.Assert(h >> 53 == 0); + + z[zOff ] ^= l & M59; + z[zOff + 1] ^= (l >> 59) ^ (h << 5); + } + + protected static void ImplSquare(ulong[] x, ulong[] zz) + { + Interleave.Expand64To128(x, 0, 6, zz, 0); + zz[12] = Interleave.Expand32to64((uint)x[6]); + } + } +} diff --git a/BouncyCastle/crypto/src/math/ec/custom/sec/SecT409FieldElement.cs b/BouncyCastle/crypto/src/math/ec/custom/sec/SecT409FieldElement.cs new file mode 100644 index 0000000..a9b0852 --- /dev/null +++ b/BouncyCastle/crypto/src/math/ec/custom/sec/SecT409FieldElement.cs @@ -0,0 +1,233 @@ +using System; + +using Org.BouncyCastle.Math.Raw; +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Math.EC.Custom.Sec +{ + internal class SecT409FieldElement + : AbstractF2mFieldElement + { + protected internal readonly ulong[] x; + + public SecT409FieldElement(BigInteger x) + { + if (x == null || x.SignValue < 0 || x.BitLength > 409) + throw new ArgumentException("value invalid for SecT409FieldElement", "x"); + + this.x = SecT409Field.FromBigInteger(x); + } + + public SecT409FieldElement() + { + this.x = Nat448.Create64(); + } + + protected internal SecT409FieldElement(ulong[] x) + { + this.x = x; + } + + public override bool IsOne + { + get { return Nat448.IsOne64(x); } + } + + public override bool IsZero + { + get { return Nat448.IsZero64(x); } + } + + public override bool TestBitZero() + { + return (x[0] & 1UL) != 0UL; + } + + public override BigInteger ToBigInteger() + { + return Nat448.ToBigInteger64(x); + } + + public override string FieldName + { + get { return "SecT409Field"; } + } + + public override int FieldSize + { + get { return 409; } + } + + public override ECFieldElement Add(ECFieldElement b) + { + ulong[] z = Nat448.Create64(); + SecT409Field.Add(x, ((SecT409FieldElement)b).x, z); + return new SecT409FieldElement(z); + } + + public override ECFieldElement AddOne() + { + ulong[] z = Nat448.Create64(); + SecT409Field.AddOne(x, z); + return new SecT409FieldElement(z); + } + + public override ECFieldElement Subtract(ECFieldElement b) + { + // Addition and subtraction are the same in F2m + return Add(b); + } + + public override ECFieldElement Multiply(ECFieldElement b) + { + ulong[] z = Nat448.Create64(); + SecT409Field.Multiply(x, ((SecT409FieldElement)b).x, z); + return new SecT409FieldElement(z); + } + + public override ECFieldElement MultiplyMinusProduct(ECFieldElement b, ECFieldElement x, ECFieldElement y) + { + return MultiplyPlusProduct(b, x, y); + } + + public override ECFieldElement MultiplyPlusProduct(ECFieldElement b, ECFieldElement x, ECFieldElement y) + { + ulong[] ax = this.x, bx = ((SecT409FieldElement)b).x; + ulong[] xx = ((SecT409FieldElement)x).x, yx = ((SecT409FieldElement)y).x; + + ulong[] tt = Nat.Create64(13); + SecT409Field.MultiplyAddToExt(ax, bx, tt); + SecT409Field.MultiplyAddToExt(xx, yx, tt); + + ulong[] z = Nat448.Create64(); + SecT409Field.Reduce(tt, z); + return new SecT409FieldElement(z); + } + + public override ECFieldElement Divide(ECFieldElement b) + { + return Multiply(b.Invert()); + } + + public override ECFieldElement Negate() + { + return this; + } + + public override ECFieldElement Square() + { + ulong[] z = Nat448.Create64(); + SecT409Field.Square(x, z); + return new SecT409FieldElement(z); + } + + public override ECFieldElement SquareMinusProduct(ECFieldElement x, ECFieldElement y) + { + return SquarePlusProduct(x, y); + } + + public override ECFieldElement SquarePlusProduct(ECFieldElement x, ECFieldElement y) + { + ulong[] ax = this.x; + ulong[] xx = ((SecT409FieldElement)x).x, yx = ((SecT409FieldElement)y).x; + + ulong[] tt = Nat.Create64(13); + SecT409Field.SquareAddToExt(ax, tt); + SecT409Field.MultiplyAddToExt(xx, yx, tt); + + ulong[] z = Nat448.Create64(); + SecT409Field.Reduce(tt, z); + return new SecT409FieldElement(z); + } + + public override ECFieldElement SquarePow(int pow) + { + if (pow < 1) + return this; + + ulong[] z = Nat448.Create64(); + SecT409Field.SquareN(x, pow, z); + return new SecT409FieldElement(z); + } + + public override ECFieldElement HalfTrace() + { + ulong[] z = Nat448.Create64(); + SecT409Field.HalfTrace(x, z); + return new SecT409FieldElement(z); + } + + public override bool HasFastTrace + { + get { return true; } + } + + public override int Trace() + { + return (int)SecT409Field.Trace(x); + } + + public override ECFieldElement Invert() + { + ulong[] z = Nat448.Create64(); + SecT409Field.Invert(x, z); + return new SecT409FieldElement(z); + } + + public override ECFieldElement Sqrt() + { + ulong[] z = Nat448.Create64(); + SecT409Field.Sqrt(x, z); + return new SecT409FieldElement(z); + } + + public virtual int Representation + { + get { return F2mFieldElement.Tpb; } + } + + public virtual int M + { + get { return 409; } + } + + public virtual int K1 + { + get { return 87; } + } + + public virtual int K2 + { + get { return 0; } + } + + public virtual int K3 + { + get { return 0; } + } + + public override bool Equals(object obj) + { + return Equals(obj as SecT409FieldElement); + } + + public override bool Equals(ECFieldElement other) + { + return Equals(other as SecT409FieldElement); + } + + public virtual bool Equals(SecT409FieldElement other) + { + if (this == other) + return true; + if (null == other) + return false; + return Nat448.Eq64(x, other.x); + } + + public override int GetHashCode() + { + return 4090087 ^ Arrays.GetHashCode(x, 0, 7); + } + } +} diff --git a/BouncyCastle/crypto/src/math/ec/custom/sec/SecT409K1Curve.cs b/BouncyCastle/crypto/src/math/ec/custom/sec/SecT409K1Curve.cs new file mode 100644 index 0000000..9e5fe88 --- /dev/null +++ b/BouncyCastle/crypto/src/math/ec/custom/sec/SecT409K1Curve.cs @@ -0,0 +1,183 @@ +using System; + +using Org.BouncyCastle.Math.EC.Multiplier; +using Org.BouncyCastle.Math.Raw; +using Org.BouncyCastle.Utilities.Encoders; + +namespace Org.BouncyCastle.Math.EC.Custom.Sec +{ + internal class SecT409K1Curve + : AbstractF2mCurve + { + private const int SECT409K1_DEFAULT_COORDS = COORD_LAMBDA_PROJECTIVE; + private const int SECT409K1_FE_LONGS = 7; + private static readonly ECFieldElement[] SECT409K1_AFFINE_ZS = new ECFieldElement[] { new SecT409FieldElement(BigInteger.One) }; + + protected readonly SecT409K1Point m_infinity; + + public SecT409K1Curve() + : base(409, 87, 0, 0) + { + this.m_infinity = new SecT409K1Point(this, null, null); + + this.m_a = FromBigInteger(BigInteger.Zero); + this.m_b = FromBigInteger(BigInteger.One); + this.m_order = new BigInteger(1, Hex.DecodeStrict("7FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFE5F83B2D4EA20400EC4557D5ED3E3E7CA5B4B5C83B8E01E5FCF")); + this.m_cofactor = BigInteger.ValueOf(4); + + this.m_coord = SECT409K1_DEFAULT_COORDS; + } + + protected override ECCurve CloneCurve() + { + return new SecT409K1Curve(); + } + + public override bool SupportsCoordinateSystem(int coord) + { + switch (coord) + { + case COORD_LAMBDA_PROJECTIVE: + return true; + default: + return false; + } + } + + protected override ECMultiplier CreateDefaultMultiplier() + { + return new WTauNafMultiplier(); + } + + public override ECPoint Infinity + { + get { return m_infinity; } + } + + public override int FieldSize + { + get { return 409; } + } + + public override ECFieldElement FromBigInteger(BigInteger x) + { + return new SecT409FieldElement(x); + } + + protected internal override ECPoint CreateRawPoint(ECFieldElement x, ECFieldElement y, bool withCompression) + { + return new SecT409K1Point(this, x, y, withCompression); + } + + protected internal override ECPoint CreateRawPoint(ECFieldElement x, ECFieldElement y, ECFieldElement[] zs, bool withCompression) + { + return new SecT409K1Point(this, x, y, zs, withCompression); + } + + public override bool IsKoblitz + { + get { return true; } + } + + public virtual int M + { + get { return 409; } + } + + public virtual bool IsTrinomial + { + get { return true; } + } + + public virtual int K1 + { + get { return 87; } + } + + public virtual int K2 + { + get { return 0; } + } + + public virtual int K3 + { + get { return 0; } + } + + public override ECLookupTable CreateCacheSafeLookupTable(ECPoint[] points, int off, int len) + { + ulong[] table = new ulong[len * SECT409K1_FE_LONGS * 2]; + { + int pos = 0; + for (int i = 0; i < len; ++i) + { + ECPoint p = points[off + i]; + Nat448.Copy64(((SecT409FieldElement)p.RawXCoord).x, 0, table, pos); pos += SECT409K1_FE_LONGS; + Nat448.Copy64(((SecT409FieldElement)p.RawYCoord).x, 0, table, pos); pos += SECT409K1_FE_LONGS; + } + } + + return new SecT409K1LookupTable(this, table, len); + } + + private class SecT409K1LookupTable + : AbstractECLookupTable + { + private readonly SecT409K1Curve m_outer; + private readonly ulong[] m_table; + private readonly int m_size; + + internal SecT409K1LookupTable(SecT409K1Curve outer, ulong[] table, int size) + { + this.m_outer = outer; + this.m_table = table; + this.m_size = size; + } + + public override int Size + { + get { return m_size; } + } + + public override ECPoint Lookup(int index) + { + ulong[] x = Nat448.Create64(), y = Nat448.Create64(); + int pos = 0; + + for (int i = 0; i < m_size; ++i) + { + ulong MASK = (ulong)(long)(((i ^ index) - 1) >> 31); + + for (int j = 0; j < SECT409K1_FE_LONGS; ++j) + { + x[j] ^= m_table[pos + j] & MASK; + y[j] ^= m_table[pos + SECT409K1_FE_LONGS + j] & MASK; + } + + pos += (SECT409K1_FE_LONGS * 2); + } + + return CreatePoint(x, y); + } + + public override ECPoint LookupVar(int index) + { + ulong[] x = Nat448.Create64(), y = Nat448.Create64(); + int pos = index * SECT409K1_FE_LONGS * 2; + + for (int j = 0; j < SECT409K1_FE_LONGS; ++j) + { + x[j] = m_table[pos + j]; + y[j] = m_table[pos + SECT409K1_FE_LONGS + j]; + } + + return CreatePoint(x, y); + } + + private ECPoint CreatePoint(ulong[] x, ulong[] y) + { + return m_outer.CreateRawPoint(new SecT409FieldElement(x), new SecT409FieldElement(y), SECT409K1_AFFINE_ZS, false); + } + } + } +} diff --git a/BouncyCastle/crypto/src/math/ec/custom/sec/SecT409K1Point.cs b/BouncyCastle/crypto/src/math/ec/custom/sec/SecT409K1Point.cs new file mode 100644 index 0000000..b127aea --- /dev/null +++ b/BouncyCastle/crypto/src/math/ec/custom/sec/SecT409K1Point.cs @@ -0,0 +1,289 @@ +using System; + +namespace Org.BouncyCastle.Math.EC.Custom.Sec +{ + internal class SecT409K1Point + : AbstractF2mPoint + { + /** + * @deprecated Use ECCurve.createPoint to construct points + */ + public SecT409K1Point(ECCurve curve, ECFieldElement x, ECFieldElement y) + : this(curve, x, y, false) + { + } + + /** + * @deprecated per-point compression property will be removed, refer {@link #getEncoded(bool)} + */ + public SecT409K1Point(ECCurve curve, ECFieldElement x, ECFieldElement y, bool withCompression) + : base(curve, x, y, withCompression) + { + if ((x == null) != (y == null)) + throw new ArgumentException("Exactly one of the field elements is null"); + } + + internal SecT409K1Point(ECCurve curve, ECFieldElement x, ECFieldElement y, ECFieldElement[] zs, bool withCompression) + : base(curve, x, y, zs, withCompression) + { + } + + protected override ECPoint Detach() + { + return new SecT409K1Point(null, this.AffineXCoord, this.AffineYCoord); // earlier JDK + } + + public override ECFieldElement YCoord + { + get + { + ECFieldElement X = RawXCoord, L = RawYCoord; + + if (this.IsInfinity || X.IsZero) + return L; + + // Y is actually Lambda (X + Y/X) here; convert to affine value on the fly + ECFieldElement Y = L.Add(X).Multiply(X); + + ECFieldElement Z = RawZCoords[0]; + if (!Z.IsOne) + { + Y = Y.Divide(Z); + } + + return Y; + } + } + + protected internal override bool CompressionYTilde + { + get + { + ECFieldElement X = this.RawXCoord; + if (X.IsZero) + return false; + + ECFieldElement Y = this.RawYCoord; + + // Y is actually Lambda (X + Y/X) here + return Y.TestBitZero() != X.TestBitZero(); + } + } + + public override ECPoint Add(ECPoint b) + { + if (this.IsInfinity) + return b; + if (b.IsInfinity) + return this; + + ECCurve curve = this.Curve; + + ECFieldElement X1 = this.RawXCoord; + ECFieldElement X2 = b.RawXCoord; + + if (X1.IsZero) + { + if (X2.IsZero) + return curve.Infinity; + + return b.Add(this); + } + + ECFieldElement L1 = this.RawYCoord, Z1 = this.RawZCoords[0]; + ECFieldElement L2 = b.RawYCoord, Z2 = b.RawZCoords[0]; + + bool Z1IsOne = Z1.IsOne; + ECFieldElement U2 = X2, S2 = L2; + if (!Z1IsOne) + { + U2 = U2.Multiply(Z1); + S2 = S2.Multiply(Z1); + } + + bool Z2IsOne = Z2.IsOne; + ECFieldElement U1 = X1, S1 = L1; + if (!Z2IsOne) + { + U1 = U1.Multiply(Z2); + S1 = S1.Multiply(Z2); + } + + ECFieldElement A = S1.Add(S2); + ECFieldElement B = U1.Add(U2); + + if (B.IsZero) + { + if (A.IsZero) + return Twice(); + + return curve.Infinity; + } + + ECFieldElement X3, L3, Z3; + if (X2.IsZero) + { + // TODO This can probably be optimized quite a bit + ECPoint p = this.Normalize(); + X1 = p.XCoord; + ECFieldElement Y1 = p.YCoord; + + ECFieldElement Y2 = L2; + ECFieldElement L = Y1.Add(Y2).Divide(X1); + + X3 = L.Square().Add(L).Add(X1); + if (X3.IsZero) + { + return new SecT409K1Point(curve, X3, curve.B, IsCompressed); + } + + ECFieldElement Y3 = L.Multiply(X1.Add(X3)).Add(X3).Add(Y1); + L3 = Y3.Divide(X3).Add(X3); + Z3 = curve.FromBigInteger(BigInteger.One); + } + else + { + B = B.Square(); + + ECFieldElement AU1 = A.Multiply(U1); + ECFieldElement AU2 = A.Multiply(U2); + + X3 = AU1.Multiply(AU2); + if (X3.IsZero) + { + return new SecT409K1Point(curve, X3, curve.B, IsCompressed); + } + + ECFieldElement ABZ2 = A.Multiply(B); + if (!Z2IsOne) + { + ABZ2 = ABZ2.Multiply(Z2); + } + + L3 = AU2.Add(B).SquarePlusProduct(ABZ2, L1.Add(Z1)); + + Z3 = ABZ2; + if (!Z1IsOne) + { + Z3 = Z3.Multiply(Z1); + } + } + + return new SecT409K1Point(curve, X3, L3, new ECFieldElement[] { Z3 }, IsCompressed); + } + + public override ECPoint Twice() + { + if (this.IsInfinity) + return this; + + ECCurve curve = this.Curve; + + ECFieldElement X1 = this.RawXCoord; + if (X1.IsZero) + { + // A point with X == 0 is its own additive inverse + return curve.Infinity; + } + + ECFieldElement L1 = this.RawYCoord, Z1 = this.RawZCoords[0]; + + bool Z1IsOne = Z1.IsOne; + ECFieldElement Z1Sq = Z1IsOne ? Z1 : Z1.Square(); + ECFieldElement T; + if (Z1IsOne) + { + T = L1.Square().Add(L1); + } + else + { + T = L1.Add(Z1).Multiply(L1); + } + + if (T.IsZero) + { + return new SecT409K1Point(curve, T, curve.B, IsCompressed); + } + + ECFieldElement X3 = T.Square(); + ECFieldElement Z3 = Z1IsOne ? T : T.Multiply(Z1Sq); + + ECFieldElement t1 = L1.Add(X1).Square(); + ECFieldElement t2 = Z1IsOne ? Z1 : Z1Sq.Square(); + ECFieldElement L3 = t1.Add(T).Add(Z1Sq).Multiply(t1).Add(t2).Add(X3).Add(Z3); + + return new SecT409K1Point(curve, X3, L3, new ECFieldElement[] { Z3 }, IsCompressed); + } + + public override ECPoint TwicePlus(ECPoint b) + { + if (this.IsInfinity) + return b; + if (b.IsInfinity) + return Twice(); + + ECCurve curve = this.Curve; + + ECFieldElement X1 = this.RawXCoord; + if (X1.IsZero) + { + // A point with X == 0 is its own additive inverse + return b; + } + + // NOTE: TwicePlus() only optimized for lambda-affine argument + ECFieldElement X2 = b.RawXCoord, Z2 = b.RawZCoords[0]; + if (X2.IsZero || !Z2.IsOne) + { + return Twice().Add(b); + } + + ECFieldElement L1 = this.RawYCoord, Z1 = this.RawZCoords[0]; + ECFieldElement L2 = b.RawYCoord; + + ECFieldElement X1Sq = X1.Square(); + ECFieldElement L1Sq = L1.Square(); + ECFieldElement Z1Sq = Z1.Square(); + ECFieldElement L1Z1 = L1.Multiply(Z1); + + ECFieldElement T = L1Sq.Add(L1Z1); + ECFieldElement L2plus1 = L2.AddOne(); + ECFieldElement A = L2plus1.Multiply(Z1Sq).Add(L1Sq).MultiplyPlusProduct(T, X1Sq, Z1Sq); + ECFieldElement X2Z1Sq = X2.Multiply(Z1Sq); + ECFieldElement B = X2Z1Sq.Add(T).Square(); + + if (B.IsZero) + { + if (A.IsZero) + return b.Twice(); + + return curve.Infinity; + } + + if (A.IsZero) + { + return new SecT409K1Point(curve, A, curve.B, IsCompressed); + } + + ECFieldElement X3 = A.Square().Multiply(X2Z1Sq); + ECFieldElement Z3 = A.Multiply(B).Multiply(Z1Sq); + ECFieldElement L3 = A.Add(B).Square().MultiplyPlusProduct(T, L2plus1, Z3); + + return new SecT409K1Point(curve, X3, L3, new ECFieldElement[] { Z3 }, IsCompressed); + } + + public override ECPoint Negate() + { + if (this.IsInfinity) + return this; + + ECFieldElement X = this.RawXCoord; + if (X.IsZero) + return this; + + // L is actually Lambda (X + Y/X) here + ECFieldElement L = this.RawYCoord, Z = this.RawZCoords[0]; + return new SecT409K1Point(Curve, X, L.Add(Z), new ECFieldElement[] { Z }, IsCompressed); + } + } +} diff --git a/BouncyCastle/crypto/src/math/ec/custom/sec/SecT409R1Curve.cs b/BouncyCastle/crypto/src/math/ec/custom/sec/SecT409R1Curve.cs new file mode 100644 index 0000000..845c14b --- /dev/null +++ b/BouncyCastle/crypto/src/math/ec/custom/sec/SecT409R1Curve.cs @@ -0,0 +1,177 @@ +using System; + +using Org.BouncyCastle.Math.Raw; +using Org.BouncyCastle.Utilities.Encoders; + +namespace Org.BouncyCastle.Math.EC.Custom.Sec +{ + internal class SecT409R1Curve + : AbstractF2mCurve + { + private const int SECT409R1_DEFAULT_COORDS = COORD_LAMBDA_PROJECTIVE; + private const int SECT409R1_FE_LONGS = 7; + private static readonly ECFieldElement[] SECT409R1_AFFINE_ZS = new ECFieldElement[] { new SecT409FieldElement(BigInteger.One) }; + + protected readonly SecT409R1Point m_infinity; + + public SecT409R1Curve() + : base(409, 87, 0, 0) + { + this.m_infinity = new SecT409R1Point(this, null, null); + + this.m_a = FromBigInteger(BigInteger.One); + this.m_b = FromBigInteger(new BigInteger(1, Hex.DecodeStrict("0021A5C2C8EE9FEB5C4B9A753B7B476B7FD6422EF1F3DD674761FA99D6AC27C8A9A197B272822F6CD57A55AA4F50AE317B13545F"))); + this.m_order = new BigInteger(1, Hex.DecodeStrict("010000000000000000000000000000000000000000000000000001E2AAD6A612F33307BE5FA47C3C9E052F838164CD37D9A21173")); + this.m_cofactor = BigInteger.Two; + + this.m_coord = SECT409R1_DEFAULT_COORDS; + } + + protected override ECCurve CloneCurve() + { + return new SecT409R1Curve(); + } + + public override bool SupportsCoordinateSystem(int coord) + { + switch (coord) + { + case COORD_LAMBDA_PROJECTIVE: + return true; + default: + return false; + } + } + + public override ECPoint Infinity + { + get { return m_infinity; } + } + + public override int FieldSize + { + get { return 409; } + } + + public override ECFieldElement FromBigInteger(BigInteger x) + { + return new SecT409FieldElement(x); + } + + protected internal override ECPoint CreateRawPoint(ECFieldElement x, ECFieldElement y, bool withCompression) + { + return new SecT409R1Point(this, x, y, withCompression); + } + + protected internal override ECPoint CreateRawPoint(ECFieldElement x, ECFieldElement y, ECFieldElement[] zs, bool withCompression) + { + return new SecT409R1Point(this, x, y, zs, withCompression); + } + + public override bool IsKoblitz + { + get { return false; } + } + + public virtual int M + { + get { return 409; } + } + + public virtual bool IsTrinomial + { + get { return true; } + } + + public virtual int K1 + { + get { return 87; } + } + + public virtual int K2 + { + get { return 0; } + } + + public virtual int K3 + { + get { return 0; } + } + + public override ECLookupTable CreateCacheSafeLookupTable(ECPoint[] points, int off, int len) + { + ulong[] table = new ulong[len * SECT409R1_FE_LONGS * 2]; + { + int pos = 0; + for (int i = 0; i < len; ++i) + { + ECPoint p = points[off + i]; + Nat448.Copy64(((SecT409FieldElement)p.RawXCoord).x, 0, table, pos); pos += SECT409R1_FE_LONGS; + Nat448.Copy64(((SecT409FieldElement)p.RawYCoord).x, 0, table, pos); pos += SECT409R1_FE_LONGS; + } + } + + return new SecT409R1LookupTable(this, table, len); + } + + private class SecT409R1LookupTable + : AbstractECLookupTable + { + private readonly SecT409R1Curve m_outer; + private readonly ulong[] m_table; + private readonly int m_size; + + internal SecT409R1LookupTable(SecT409R1Curve outer, ulong[] table, int size) + { + this.m_outer = outer; + this.m_table = table; + this.m_size = size; + } + + public override int Size + { + get { return m_size; } + } + + public override ECPoint Lookup(int index) + { + ulong[] x = Nat448.Create64(), y = Nat448.Create64(); + int pos = 0; + + for (int i = 0; i < m_size; ++i) + { + ulong MASK = (ulong)(long)(((i ^ index) - 1) >> 31); + + for (int j = 0; j < SECT409R1_FE_LONGS; ++j) + { + x[j] ^= m_table[pos + j] & MASK; + y[j] ^= m_table[pos + SECT409R1_FE_LONGS + j] & MASK; + } + + pos += (SECT409R1_FE_LONGS * 2); + } + + return CreatePoint(x, y); + } + + public override ECPoint LookupVar(int index) + { + ulong[] x = Nat448.Create64(), y = Nat448.Create64(); + int pos = index * SECT409R1_FE_LONGS * 2; + + for (int j = 0; j < SECT409R1_FE_LONGS; ++j) + { + x[j] = m_table[pos + j]; + y[j] = m_table[pos + SECT409R1_FE_LONGS + j]; + } + + return CreatePoint(x, y); + } + + private ECPoint CreatePoint(ulong[] x, ulong[] y) + { + return m_outer.CreateRawPoint(new SecT409FieldElement(x), new SecT409FieldElement(y), SECT409R1_AFFINE_ZS, false); + } + } + } +} diff --git a/BouncyCastle/crypto/src/math/ec/custom/sec/SecT409R1Point.cs b/BouncyCastle/crypto/src/math/ec/custom/sec/SecT409R1Point.cs new file mode 100644 index 0000000..546b107 --- /dev/null +++ b/BouncyCastle/crypto/src/math/ec/custom/sec/SecT409R1Point.cs @@ -0,0 +1,278 @@ +using System; + +namespace Org.BouncyCastle.Math.EC.Custom.Sec +{ + internal class SecT409R1Point + : AbstractF2mPoint + { + /** + * @deprecated Use ECCurve.createPoint to construct points + */ + public SecT409R1Point(ECCurve curve, ECFieldElement x, ECFieldElement y) + : this(curve, x, y, false) + { + } + + /** + * @deprecated per-point compression property will be removed, refer {@link #getEncoded(bool)} + */ + public SecT409R1Point(ECCurve curve, ECFieldElement x, ECFieldElement y, bool withCompression) + : base(curve, x, y, withCompression) + { + if ((x == null) != (y == null)) + throw new ArgumentException("Exactly one of the field elements is null"); + } + + internal SecT409R1Point(ECCurve curve, ECFieldElement x, ECFieldElement y, ECFieldElement[] zs, bool withCompression) + : base(curve, x, y, zs, withCompression) + { + } + + protected override ECPoint Detach() + { + return new SecT409R1Point(null, AffineXCoord, AffineYCoord); + } + + public override ECFieldElement YCoord + { + get + { + ECFieldElement X = RawXCoord, L = RawYCoord; + + if (this.IsInfinity || X.IsZero) + return L; + + // Y is actually Lambda (X + Y/X) here; convert to affine value on the fly + ECFieldElement Y = L.Add(X).Multiply(X); + + ECFieldElement Z = RawZCoords[0]; + if (!Z.IsOne) + { + Y = Y.Divide(Z); + } + + return Y; + } + } + + protected internal override bool CompressionYTilde + { + get + { + ECFieldElement X = this.RawXCoord; + if (X.IsZero) + return false; + + ECFieldElement Y = this.RawYCoord; + + // Y is actually Lambda (X + Y/X) here + return Y.TestBitZero() != X.TestBitZero(); + } + } + + public override ECPoint Add(ECPoint b) + { + if (this.IsInfinity) + return b; + if (b.IsInfinity) + return this; + + ECCurve curve = this.Curve; + + ECFieldElement X1 = this.RawXCoord; + ECFieldElement X2 = b.RawXCoord; + + if (X1.IsZero) + { + if (X2.IsZero) + return curve.Infinity; + + return b.Add(this); + } + + ECFieldElement L1 = this.RawYCoord, Z1 = this.RawZCoords[0]; + ECFieldElement L2 = b.RawYCoord, Z2 = b.RawZCoords[0]; + + bool Z1IsOne = Z1.IsOne; + ECFieldElement U2 = X2, S2 = L2; + if (!Z1IsOne) + { + U2 = U2.Multiply(Z1); + S2 = S2.Multiply(Z1); + } + + bool Z2IsOne = Z2.IsOne; + ECFieldElement U1 = X1, S1 = L1; + if (!Z2IsOne) + { + U1 = U1.Multiply(Z2); + S1 = S1.Multiply(Z2); + } + + ECFieldElement A = S1.Add(S2); + ECFieldElement B = U1.Add(U2); + + if (B.IsZero) + { + if (A.IsZero) + return Twice(); + + return curve.Infinity; + } + + ECFieldElement X3, L3, Z3; + if (X2.IsZero) + { + // TODO This can probably be optimized quite a bit + ECPoint p = this.Normalize(); + X1 = p.XCoord; + ECFieldElement Y1 = p.YCoord; + + ECFieldElement Y2 = L2; + ECFieldElement L = Y1.Add(Y2).Divide(X1); + + X3 = L.Square().Add(L).Add(X1).AddOne(); + if (X3.IsZero) + { + return new SecT409R1Point(curve, X3, curve.B.Sqrt(), IsCompressed); + } + + ECFieldElement Y3 = L.Multiply(X1.Add(X3)).Add(X3).Add(Y1); + L3 = Y3.Divide(X3).Add(X3); + Z3 = curve.FromBigInteger(BigInteger.One); + } + else + { + B = B.Square(); + + ECFieldElement AU1 = A.Multiply(U1); + ECFieldElement AU2 = A.Multiply(U2); + + X3 = AU1.Multiply(AU2); + if (X3.IsZero) + { + return new SecT409R1Point(curve, X3, curve.B.Sqrt(), IsCompressed); + } + + ECFieldElement ABZ2 = A.Multiply(B); + if (!Z2IsOne) + { + ABZ2 = ABZ2.Multiply(Z2); + } + + L3 = AU2.Add(B).SquarePlusProduct(ABZ2, L1.Add(Z1)); + + Z3 = ABZ2; + if (!Z1IsOne) + { + Z3 = Z3.Multiply(Z1); + } + } + + return new SecT409R1Point(curve, X3, L3, new ECFieldElement[] { Z3 }, IsCompressed); + } + + public override ECPoint Twice() + { + if (this.IsInfinity) + return this; + + ECCurve curve = this.Curve; + + ECFieldElement X1 = this.RawXCoord; + if (X1.IsZero) + { + // A point with X == 0 is its own additive inverse + return curve.Infinity; + } + + ECFieldElement L1 = this.RawYCoord, Z1 = this.RawZCoords[0]; + + bool Z1IsOne = Z1.IsOne; + ECFieldElement L1Z1 = Z1IsOne ? L1 : L1.Multiply(Z1); + ECFieldElement Z1Sq = Z1IsOne ? Z1 : Z1.Square(); + ECFieldElement T = L1.Square().Add(L1Z1).Add(Z1Sq); + if (T.IsZero) + { + return new SecT409R1Point(curve, T, curve.B.Sqrt(), IsCompressed); + } + + ECFieldElement X3 = T.Square(); + ECFieldElement Z3 = Z1IsOne ? T : T.Multiply(Z1Sq); + + ECFieldElement X1Z1 = Z1IsOne ? X1 : X1.Multiply(Z1); + ECFieldElement L3 = X1Z1.SquarePlusProduct(T, L1Z1).Add(X3).Add(Z3); + + return new SecT409R1Point(curve, X3, L3, new ECFieldElement[] { Z3 }, IsCompressed); + } + + public override ECPoint TwicePlus(ECPoint b) + { + if (this.IsInfinity) + return b; + if (b.IsInfinity) + return Twice(); + + ECCurve curve = this.Curve; + + ECFieldElement X1 = this.RawXCoord; + if (X1.IsZero) + { + // A point with X == 0 is its own additive inverse + return b; + } + + ECFieldElement X2 = b.RawXCoord, Z2 = b.RawZCoords[0]; + if (X2.IsZero || !Z2.IsOne) + { + return Twice().Add(b); + } + + ECFieldElement L1 = this.RawYCoord, Z1 = this.RawZCoords[0]; + ECFieldElement L2 = b.RawYCoord; + + ECFieldElement X1Sq = X1.Square(); + ECFieldElement L1Sq = L1.Square(); + ECFieldElement Z1Sq = Z1.Square(); + ECFieldElement L1Z1 = L1.Multiply(Z1); + + ECFieldElement T = Z1Sq.Add(L1Sq).Add(L1Z1); + ECFieldElement A = L2.Multiply(Z1Sq).Add(L1Sq).MultiplyPlusProduct(T, X1Sq, Z1Sq); + ECFieldElement X2Z1Sq = X2.Multiply(Z1Sq); + ECFieldElement B = X2Z1Sq.Add(T).Square(); + + if (B.IsZero) + { + if (A.IsZero) + return b.Twice(); + + return curve.Infinity; + } + + if (A.IsZero) + { + return new SecT409R1Point(curve, A, curve.B.Sqrt(), IsCompressed); + } + + ECFieldElement X3 = A.Square().Multiply(X2Z1Sq); + ECFieldElement Z3 = A.Multiply(B).Multiply(Z1Sq); + ECFieldElement L3 = A.Add(B).Square().MultiplyPlusProduct(T, L2.AddOne(), Z3); + + return new SecT409R1Point(curve, X3, L3, new ECFieldElement[] { Z3 }, IsCompressed); + } + + public override ECPoint Negate() + { + if (this.IsInfinity) + return this; + + ECFieldElement X = this.RawXCoord; + if (X.IsZero) + return this; + + // L is actually Lambda (X + Y/X) here + ECFieldElement L = this.RawYCoord, Z = this.RawZCoords[0]; + return new SecT409R1Point(Curve, X, L.Add(Z), new ECFieldElement[] { Z }, IsCompressed); + } + } +} diff --git a/BouncyCastle/crypto/src/math/ec/custom/sec/SecT571Field.cs b/BouncyCastle/crypto/src/math/ec/custom/sec/SecT571Field.cs new file mode 100644 index 0000000..1b8bb76 --- /dev/null +++ b/BouncyCastle/crypto/src/math/ec/custom/sec/SecT571Field.cs @@ -0,0 +1,449 @@ +using System; +using System.Diagnostics; + +using Org.BouncyCastle.Math.Raw; + +namespace Org.BouncyCastle.Math.EC.Custom.Sec +{ + internal class SecT571Field + { + private const ulong M59 = ulong.MaxValue >> 5; + + private static readonly ulong[] ROOT_Z = new ulong[]{ 0x2BE1195F08CAFB99UL, 0x95F08CAF84657C23UL, + 0xCAF84657C232BE11UL, 0x657C232BE1195F08UL, 0xF84657C2308CAF84UL, 0x7C232BE1195F08CAUL, + 0xBE1195F08CAF8465UL, 0x5F08CAF84657C232UL, 0x784657C232BE119UL }; + + public static void Add(ulong[] x, ulong[] y, ulong[] z) + { + for (int i = 0; i < 9; ++i) + { + z[i] = x[i] ^ y[i]; + } + } + + private static void Add(ulong[] x, int xOff, ulong[] y, int yOff, ulong[] z, int zOff) + { + for (int i = 0; i < 9; ++i) + { + z[zOff + i] = x[xOff + i] ^ y[yOff + i]; + } + } + + public static void AddBothTo(ulong[] x, ulong[] y, ulong[] z) + { + for (int i = 0; i < 9; ++i) + { + z[i] ^= x[i] ^ y[i]; + } + } + + private static void AddBothTo(ulong[] x, int xOff, ulong[] y, int yOff, ulong[] z, int zOff) + { + for (int i = 0; i < 9; ++i) + { + z[zOff + i] ^= x[xOff + i] ^ y[yOff + i]; + } + } + + public static void AddExt(ulong[] xx, ulong[] yy, ulong[] zz) + { + for (int i = 0; i < 18; ++i) + { + zz[i] = xx[i] ^ yy[i]; + } + } + + public static void AddOne(ulong[] x, ulong[] z) + { + z[0] = x[0] ^ 1UL; + for (int i = 1; i < 9; ++i) + { + z[i] = x[i]; + } + } + + private static void AddTo(ulong[] x, ulong[] z) + { + for (int i = 0; i < 9; ++i) + { + z[i] ^= x[i]; + } + } + + public static ulong[] FromBigInteger(BigInteger x) + { + return Nat.FromBigInteger64(571, x); + } + + public static void HalfTrace(ulong[] x, ulong[] z) + { + ulong[] tt = Nat576.CreateExt64(); + + Nat576.Copy64(x, z); + for (int i = 1; i < 571; i += 2) + { + ImplSquare(z, tt); + Reduce(tt, z); + ImplSquare(z, tt); + Reduce(tt, z); + AddTo(x, z); + } + } + + public static void Invert(ulong[] x, ulong[] z) + { + if (Nat576.IsZero64(x)) + throw new InvalidOperationException(); + + // Itoh-Tsujii inversion with bases { 2, 3, 5 } + + ulong[] t0 = Nat576.Create64(); + ulong[] t1 = Nat576.Create64(); + ulong[] t2 = Nat576.Create64(); + + Square(x, t2); + + // 5 | 570 + Square(t2, t0); + Square(t0, t1); + Multiply(t0, t1, t0); + SquareN(t0, 2, t1); + Multiply(t0, t1, t0); + Multiply(t0, t2, t0); + + // 3 | 114 + SquareN(t0, 5, t1); + Multiply(t0, t1, t0); + SquareN(t1, 5, t1); + Multiply(t0, t1, t0); + + // 2 | 38 + SquareN(t0, 15, t1); + Multiply(t0, t1, t2); + + // ! {2,3,5} | 19 + SquareN(t2, 30, t0); + SquareN(t0, 30, t1); + Multiply(t0, t1, t0); + + // 3 | 9 + SquareN(t0, 60, t1); + Multiply(t0, t1, t0); + SquareN(t1, 60, t1); + Multiply(t0, t1, t0); + + // 3 | 3 + SquareN(t0, 180, t1); + Multiply(t0, t1, t0); + SquareN(t1, 180, t1); + Multiply(t0, t1, t0); + + Multiply(t0, t2, z); + } + + public static void Multiply(ulong[] x, ulong[] y, ulong[] z) + { + ulong[] tt = Nat576.CreateExt64(); + ImplMultiply(x, y, tt); + Reduce(tt, z); + } + + public static void MultiplyAddToExt(ulong[] x, ulong[] y, ulong[] zz) + { + ulong[] tt = Nat576.CreateExt64(); + ImplMultiply(x, y, tt); + AddExt(zz, tt, zz); + } + + public static void MultiplyPrecomp(ulong[] x, ulong[] precomp, ulong[] z) + { + ulong[] tt = Nat576.CreateExt64(); + ImplMultiplyPrecomp(x, precomp, tt); + Reduce(tt, z); + } + + public static void MultiplyPrecompAddToExt(ulong[] x, ulong[] precomp, ulong[] zz) + { + ulong[] tt = Nat576.CreateExt64(); + ImplMultiplyPrecomp(x, precomp, tt); + AddExt(zz, tt, zz); + } + + public static ulong[] PrecompMultiplicand(ulong[] x) + { + /* + * Precompute table of all 4-bit products of x (first section) + */ + int len = 9 << 4; + ulong[] t = new ulong[len << 1]; + Array.Copy(x, 0, t, 9, 9); + //Reduce5(t, 9); + int tOff = 0; + for (int i = 7; i > 0; --i) + { + tOff += 18; + Nat.ShiftUpBit64(9, t, tOff >> 1, 0UL, t, tOff); + Reduce5(t, tOff); + Add(t, 9, t, tOff, t, tOff + 9); + } + + /* + * Second section with all 4-bit products of x shifted 4 bits + */ + Nat.ShiftUpBits64(len, t, 0, 4, 0UL, t, len); + + return t; + } + + public static void Reduce(ulong[] xx, ulong[] z) + { + ulong xx09 = xx[9]; + ulong u = xx[17], v = xx09; + + xx09 = v ^ (u >> 59) ^ (u >> 57) ^ (u >> 54) ^ (u >> 49); + v = xx[8] ^ (u << 5) ^ (u << 7) ^ (u << 10) ^ (u << 15); + + for (int i = 16; i >= 10; --i) + { + u = xx[i]; + z[i - 8] = v ^ (u >> 59) ^ (u >> 57) ^ (u >> 54) ^ (u >> 49); + v = xx[i - 9] ^ (u << 5) ^ (u << 7) ^ (u << 10) ^ (u << 15); + } + + u = xx09; + z[1] = v ^ (u >> 59) ^ (u >> 57) ^ (u >> 54) ^ (u >> 49); + v = xx[0] ^ (u << 5) ^ (u << 7) ^ (u << 10) ^ (u << 15); + + ulong x08 = z[8]; + ulong t = x08 >> 59; + z[0] = v ^ t ^ (t << 2) ^ (t << 5) ^ (t << 10); + z[8] = x08 & M59; + } + + public static void Reduce5(ulong[] z, int zOff) + { + ulong z8 = z[zOff + 8], t = z8 >> 59; + z[zOff ] ^= t ^ (t << 2) ^ (t << 5) ^ (t << 10); + z[zOff + 8] = z8 & M59; + } + + public static void Sqrt(ulong[] x, ulong[] z) + { + ulong[] evn = Nat576.Create64(), odd = Nat576.Create64(); + + int pos = 0; + for (int i = 0; i < 4; ++i) + { + ulong u0 = Interleave.Unshuffle(x[pos++]); + ulong u1 = Interleave.Unshuffle(x[pos++]); + evn[i] = (u0 & 0x00000000FFFFFFFFUL) | (u1 << 32); + odd[i] = (u0 >> 32) | (u1 & 0xFFFFFFFF00000000UL); + } + { + ulong u0 = Interleave.Unshuffle(x[pos]); + evn[4] = (u0 & 0x00000000FFFFFFFFUL); + odd[4] = (u0 >> 32); + } + + Multiply(odd, ROOT_Z, z); + Add(z, evn, z); + } + + public static void Square(ulong[] x, ulong[] z) + { + ulong[] tt = Nat576.CreateExt64(); + ImplSquare(x, tt); + Reduce(tt, z); + } + + public static void SquareAddToExt(ulong[] x, ulong[] zz) + { + ulong[] tt = Nat576.CreateExt64(); + ImplSquare(x, tt); + AddExt(zz, tt, zz); + } + + public static void SquareN(ulong[] x, int n, ulong[] z) + { + Debug.Assert(n > 0); + + ulong[] tt = Nat576.CreateExt64(); + ImplSquare(x, tt); + Reduce(tt, z); + + while (--n > 0) + { + ImplSquare(z, tt); + Reduce(tt, z); + } + } + + public static uint Trace(ulong[] x) + { + // Non-zero-trace bits: 0, 561, 569 + return (uint)(x[0] ^ (x[8] >> 49) ^ (x[8] >> 57)) & 1U; + } + + protected static void ImplMultiply(ulong[] x, ulong[] y, ulong[] zz) + { + //ulong[] precomp = PrecompMultiplicand(y); + + //ImplMultiplyPrecomp(x, precomp, zz); + + ulong[] u = new ulong[16]; + for (int i = 0; i < 9; ++i) + { + ImplMulwAcc(u, x[i], y[i], zz, i << 1); + } + + ulong v0 = zz[0], v1 = zz[1]; + v0 ^= zz[ 2]; zz[1] = v0 ^ v1; v1 ^= zz[ 3]; + v0 ^= zz[ 4]; zz[2] = v0 ^ v1; v1 ^= zz[ 5]; + v0 ^= zz[ 6]; zz[3] = v0 ^ v1; v1 ^= zz[ 7]; + v0 ^= zz[ 8]; zz[4] = v0 ^ v1; v1 ^= zz[ 9]; + v0 ^= zz[10]; zz[5] = v0 ^ v1; v1 ^= zz[11]; + v0 ^= zz[12]; zz[6] = v0 ^ v1; v1 ^= zz[13]; + v0 ^= zz[14]; zz[7] = v0 ^ v1; v1 ^= zz[15]; + v0 ^= zz[16]; zz[8] = v0 ^ v1; v1 ^= zz[17]; + + ulong w = v0 ^ v1; + zz[ 9] = zz[0] ^ w; + zz[10] = zz[1] ^ w; + zz[11] = zz[2] ^ w; + zz[12] = zz[3] ^ w; + zz[13] = zz[4] ^ w; + zz[14] = zz[5] ^ w; + zz[15] = zz[6] ^ w; + zz[16] = zz[7] ^ w; + zz[17] = zz[8] ^ w; + + ImplMulwAcc(u, x[0] ^ x[1], y[0] ^ y[1], zz, 1); + + ImplMulwAcc(u, x[0] ^ x[2], y[0] ^ y[2], zz, 2); + + ImplMulwAcc(u, x[0] ^ x[3], y[0] ^ y[3], zz, 3); + ImplMulwAcc(u, x[1] ^ x[2], y[1] ^ y[2], zz, 3); + + ImplMulwAcc(u, x[0] ^ x[4], y[0] ^ y[4], zz, 4); + ImplMulwAcc(u, x[1] ^ x[3], y[1] ^ y[3], zz, 4); + + ImplMulwAcc(u, x[0] ^ x[5], y[0] ^ y[5], zz, 5); + ImplMulwAcc(u, x[1] ^ x[4], y[1] ^ y[4], zz, 5); + ImplMulwAcc(u, x[2] ^ x[3], y[2] ^ y[3], zz, 5); + + ImplMulwAcc(u, x[0] ^ x[6], y[0] ^ y[6], zz, 6); + ImplMulwAcc(u, x[1] ^ x[5], y[1] ^ y[5], zz, 6); + ImplMulwAcc(u, x[2] ^ x[4], y[2] ^ y[4], zz, 6); + + ImplMulwAcc(u, x[0] ^ x[7], y[0] ^ y[7], zz, 7); + ImplMulwAcc(u, x[1] ^ x[6], y[1] ^ y[6], zz, 7); + ImplMulwAcc(u, x[2] ^ x[5], y[2] ^ y[5], zz, 7); + ImplMulwAcc(u, x[3] ^ x[4], y[3] ^ y[4], zz, 7); + + ImplMulwAcc(u, x[0] ^ x[8], y[0] ^ y[8], zz, 8); + ImplMulwAcc(u, x[1] ^ x[7], y[1] ^ y[7], zz, 8); + ImplMulwAcc(u, x[2] ^ x[6], y[2] ^ y[6], zz, 8); + ImplMulwAcc(u, x[3] ^ x[5], y[3] ^ y[5], zz, 8); + + ImplMulwAcc(u, x[1] ^ x[8], y[1] ^ y[8], zz, 9); + ImplMulwAcc(u, x[2] ^ x[7], y[2] ^ y[7], zz, 9); + ImplMulwAcc(u, x[3] ^ x[6], y[3] ^ y[6], zz, 9); + ImplMulwAcc(u, x[4] ^ x[5], y[4] ^ y[5], zz, 9); + + ImplMulwAcc(u, x[2] ^ x[8], y[2] ^ y[8], zz, 10); + ImplMulwAcc(u, x[3] ^ x[7], y[3] ^ y[7], zz, 10); + ImplMulwAcc(u, x[4] ^ x[6], y[4] ^ y[6], zz, 10); + + ImplMulwAcc(u, x[3] ^ x[8], y[3] ^ y[8], zz, 11); + ImplMulwAcc(u, x[4] ^ x[7], y[4] ^ y[7], zz, 11); + ImplMulwAcc(u, x[5] ^ x[6], y[5] ^ y[6], zz, 11); + + ImplMulwAcc(u, x[4] ^ x[8], y[4] ^ y[8], zz, 12); + ImplMulwAcc(u, x[5] ^ x[7], y[5] ^ y[7], zz, 12); + + ImplMulwAcc(u, x[5] ^ x[8], y[5] ^ y[8], zz, 13); + ImplMulwAcc(u, x[6] ^ x[7], y[6] ^ y[7], zz, 13); + + ImplMulwAcc(u, x[6] ^ x[8], y[6] ^ y[8], zz, 14); + + ImplMulwAcc(u, x[7] ^ x[8], y[7] ^ y[8], zz, 15); + } + + protected static void ImplMultiplyPrecomp(ulong[] x, ulong[] precomp, ulong[] zz) + { + uint MASK = 0xF; + + /* + * Lopez-Dahab algorithm + */ + + for (int k = 56; k >= 0; k -= 8) + { + for (int j = 1; j < 9; j += 2) + { + uint aVal = (uint)(x[j] >> k); + uint u = aVal & MASK; + uint v = (aVal >> 4) & MASK; + AddBothTo(precomp, (int)(9 * u), precomp, (int)(9 * (v + 16)), zz, j - 1); + } + Nat.ShiftUpBits64(16, zz, 0, 8, 0UL); + } + + for (int k = 56; k >= 0; k -= 8) + { + for (int j = 0; j < 9; j += 2) + { + uint aVal = (uint)(x[j] >> k); + uint u = aVal & MASK; + uint v = (aVal >> 4) & MASK; + AddBothTo(precomp, (int)(9 * u), precomp, (int)(9 * (v + 16)), zz, j); + } + if (k > 0) + { + Nat.ShiftUpBits64(18, zz, 0, 8, 0UL); + } + } + } + + protected static void ImplMulwAcc(ulong[] u, ulong x, ulong y, ulong[] z, int zOff) + { + //u[0] = 0; + u[1] = y; + for (int i = 2; i < 16; i += 2) + { + u[i ] = u[i >> 1] << 1; + u[i + 1] = u[i ] ^ y; + } + + uint j = (uint)x; + ulong g, h = 0, l = u[j & 15] + ^ u[(j >> 4) & 15] << 4; + int k = 56; + do + { + j = (uint)(x >> k); + g = u[j & 15] + ^ u[(j >> 4) & 15] << 4; + l ^= (g << k); + h ^= (g >> -k); + } + while ((k -= 8) > 0); + + for (int p = 0; p < 7; ++p) + { + x = (x & 0xFEFEFEFEFEFEFEFEUL) >> 1; + h ^= x & (ulong)((long)(y << p) >> 63); + } + + Debug.Assert(h >> 63 == 0); + + z[zOff ] ^= l; + z[zOff + 1] ^= h; + } + + protected static void ImplSquare(ulong[] x, ulong[] zz) + { + Interleave.Expand64To128(x, 0, 9, zz, 0); + } + } +} diff --git a/BouncyCastle/crypto/src/math/ec/custom/sec/SecT571FieldElement.cs b/BouncyCastle/crypto/src/math/ec/custom/sec/SecT571FieldElement.cs new file mode 100644 index 0000000..22edfe0 --- /dev/null +++ b/BouncyCastle/crypto/src/math/ec/custom/sec/SecT571FieldElement.cs @@ -0,0 +1,233 @@ +using System; + +using Org.BouncyCastle.Math.Raw; +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Math.EC.Custom.Sec +{ + internal class SecT571FieldElement + : AbstractF2mFieldElement + { + protected internal readonly ulong[] x; + + public SecT571FieldElement(BigInteger x) + { + if (x == null || x.SignValue < 0 || x.BitLength > 571) + throw new ArgumentException("value invalid for SecT571FieldElement", "x"); + + this.x = SecT571Field.FromBigInteger(x); + } + + public SecT571FieldElement() + { + this.x = Nat576.Create64(); + } + + protected internal SecT571FieldElement(ulong[] x) + { + this.x = x; + } + + public override bool IsOne + { + get { return Nat576.IsOne64(x); } + } + + public override bool IsZero + { + get { return Nat576.IsZero64(x); } + } + + public override bool TestBitZero() + { + return (x[0] & 1UL) != 0UL; + } + + public override BigInteger ToBigInteger() + { + return Nat576.ToBigInteger64(x); + } + + public override String FieldName + { + get { return "SecT571Field"; } + } + + public override int FieldSize + { + get { return 571; } + } + + public override ECFieldElement Add(ECFieldElement b) + { + ulong[] z = Nat576.Create64(); + SecT571Field.Add(x, ((SecT571FieldElement)b).x, z); + return new SecT571FieldElement(z); + } + + public override ECFieldElement AddOne() + { + ulong[] z = Nat576.Create64(); + SecT571Field.AddOne(x, z); + return new SecT571FieldElement(z); + } + + public override ECFieldElement Subtract(ECFieldElement b) + { + // Addition and subtraction are the same in F2m + return Add(b); + } + + public override ECFieldElement Multiply(ECFieldElement b) + { + ulong[] z = Nat576.Create64(); + SecT571Field.Multiply(x, ((SecT571FieldElement)b).x, z); + return new SecT571FieldElement(z); + } + + public override ECFieldElement MultiplyMinusProduct(ECFieldElement b, ECFieldElement x, ECFieldElement y) + { + return MultiplyPlusProduct(b, x, y); + } + + public override ECFieldElement MultiplyPlusProduct(ECFieldElement b, ECFieldElement x, ECFieldElement y) + { + ulong[] ax = this.x, bx = ((SecT571FieldElement)b).x; + ulong[] xx = ((SecT571FieldElement)x).x, yx = ((SecT571FieldElement)y).x; + + ulong[] tt = Nat576.CreateExt64(); + SecT571Field.MultiplyAddToExt(ax, bx, tt); + SecT571Field.MultiplyAddToExt(xx, yx, tt); + + ulong[] z = Nat576.Create64(); + SecT571Field.Reduce(tt, z); + return new SecT571FieldElement(z); + } + + public override ECFieldElement Divide(ECFieldElement b) + { + return Multiply(b.Invert()); + } + + public override ECFieldElement Negate() + { + return this; + } + + public override ECFieldElement Square() + { + ulong[] z = Nat576.Create64(); + SecT571Field.Square(x, z); + return new SecT571FieldElement(z); + } + + public override ECFieldElement SquareMinusProduct(ECFieldElement x, ECFieldElement y) + { + return SquarePlusProduct(x, y); + } + + public override ECFieldElement SquarePlusProduct(ECFieldElement x, ECFieldElement y) + { + ulong[] ax = this.x; + ulong[] xx = ((SecT571FieldElement)x).x, yx = ((SecT571FieldElement)y).x; + + ulong[] tt = Nat576.CreateExt64(); + SecT571Field.SquareAddToExt(ax, tt); + SecT571Field.MultiplyAddToExt(xx, yx, tt); + + ulong[] z = Nat576.Create64(); + SecT571Field.Reduce(tt, z); + return new SecT571FieldElement(z); + } + + public override ECFieldElement SquarePow(int pow) + { + if (pow < 1) + return this; + + ulong[] z = Nat576.Create64(); + SecT571Field.SquareN(x, pow, z); + return new SecT571FieldElement(z); + } + + public override ECFieldElement HalfTrace() + { + ulong[] z = Nat576.Create64(); + SecT571Field.HalfTrace(x, z); + return new SecT571FieldElement(z); + } + + public override bool HasFastTrace + { + get { return true; } + } + + public override int Trace() + { + return (int)SecT571Field.Trace(x); + } + + public override ECFieldElement Invert() + { + ulong[] z = Nat576.Create64(); + SecT571Field.Invert(x, z); + return new SecT571FieldElement(z); + } + + public override ECFieldElement Sqrt() + { + ulong[] z = Nat576.Create64(); + SecT571Field.Sqrt(x, z); + return new SecT571FieldElement(z); + } + + public virtual int Representation + { + get { return F2mFieldElement.Ppb; } + } + + public virtual int M + { + get { return 571; } + } + + public virtual int K1 + { + get { return 2; } + } + + public virtual int K2 + { + get { return 5; } + } + + public virtual int K3 + { + get { return 10; } + } + + public override bool Equals(object obj) + { + return Equals(obj as SecT571FieldElement); + } + + public override bool Equals(ECFieldElement other) + { + return Equals(other as SecT571FieldElement); + } + + public virtual bool Equals(SecT571FieldElement other) + { + if (this == other) + return true; + if (null == other) + return false; + return Nat576.Eq64(x, other.x); + } + + public override int GetHashCode() + { + return 5711052 ^ Arrays.GetHashCode(x, 0, 9); + } + } +} diff --git a/BouncyCastle/crypto/src/math/ec/custom/sec/SecT571K1Curve.cs b/BouncyCastle/crypto/src/math/ec/custom/sec/SecT571K1Curve.cs new file mode 100644 index 0000000..544a1ba --- /dev/null +++ b/BouncyCastle/crypto/src/math/ec/custom/sec/SecT571K1Curve.cs @@ -0,0 +1,183 @@ +using System; + +using Org.BouncyCastle.Math.EC.Multiplier; +using Org.BouncyCastle.Math.Raw; +using Org.BouncyCastle.Utilities.Encoders; + +namespace Org.BouncyCastle.Math.EC.Custom.Sec +{ + internal class SecT571K1Curve + : AbstractF2mCurve + { + private const int SECT571K1_DEFAULT_COORDS = COORD_LAMBDA_PROJECTIVE; + private const int SECT571K1_FE_LONGS = 9; + private static readonly ECFieldElement[] SECT571K1_AFFINE_ZS = new ECFieldElement[] { new SecT571FieldElement(BigInteger.One) }; + + protected readonly SecT571K1Point m_infinity; + + public SecT571K1Curve() + : base(571, 2, 5, 10) + { + this.m_infinity = new SecT571K1Point(this, null, null); + + this.m_a = FromBigInteger(BigInteger.Zero); + this.m_b = FromBigInteger(BigInteger.One); + this.m_order = new BigInteger(1, Hex.DecodeStrict("020000000000000000000000000000000000000000000000000000000000000000000000131850E1F19A63E4B391A8DB917F4138B630D84BE5D639381E91DEB45CFE778F637C1001")); + this.m_cofactor = BigInteger.ValueOf(4); + + this.m_coord = SECT571K1_DEFAULT_COORDS; + } + + protected override ECCurve CloneCurve() + { + return new SecT571K1Curve(); + } + + public override bool SupportsCoordinateSystem(int coord) + { + switch (coord) + { + case COORD_LAMBDA_PROJECTIVE: + return true; + default: + return false; + } + } + + protected override ECMultiplier CreateDefaultMultiplier() + { + return new WTauNafMultiplier(); + } + + public override ECPoint Infinity + { + get { return m_infinity; } + } + + public override int FieldSize + { + get { return 571; } + } + + public override ECFieldElement FromBigInteger(BigInteger x) + { + return new SecT571FieldElement(x); + } + + protected internal override ECPoint CreateRawPoint(ECFieldElement x, ECFieldElement y, bool withCompression) + { + return new SecT571K1Point(this, x, y, withCompression); + } + + protected internal override ECPoint CreateRawPoint(ECFieldElement x, ECFieldElement y, ECFieldElement[] zs, bool withCompression) + { + return new SecT571K1Point(this, x, y, zs, withCompression); + } + + public override bool IsKoblitz + { + get { return true; } + } + + public virtual int M + { + get { return 571; } + } + + public virtual bool IsTrinomial + { + get { return false; } + } + + public virtual int K1 + { + get { return 2; } + } + + public virtual int K2 + { + get { return 5; } + } + + public virtual int K3 + { + get { return 10; } + } + + public override ECLookupTable CreateCacheSafeLookupTable(ECPoint[] points, int off, int len) + { + ulong[] table = new ulong[len * SECT571K1_FE_LONGS * 2]; + { + int pos = 0; + for (int i = 0; i < len; ++i) + { + ECPoint p = points[off + i]; + Nat576.Copy64(((SecT571FieldElement)p.RawXCoord).x, 0, table, pos); pos += SECT571K1_FE_LONGS; + Nat576.Copy64(((SecT571FieldElement)p.RawYCoord).x, 0, table, pos); pos += SECT571K1_FE_LONGS; + } + } + + return new SecT571K1LookupTable(this, table, len); + } + + private class SecT571K1LookupTable + : AbstractECLookupTable + { + private readonly SecT571K1Curve m_outer; + private readonly ulong[] m_table; + private readonly int m_size; + + internal SecT571K1LookupTable(SecT571K1Curve outer, ulong[] table, int size) + { + this.m_outer = outer; + this.m_table = table; + this.m_size = size; + } + + public override int Size + { + get { return m_size; } + } + + public override ECPoint Lookup(int index) + { + ulong[] x = Nat576.Create64(), y = Nat576.Create64(); + int pos = 0; + + for (int i = 0; i < m_size; ++i) + { + ulong MASK = (ulong)(long)(((i ^ index) - 1) >> 31); + + for (int j = 0; j < SECT571K1_FE_LONGS; ++j) + { + x[j] ^= m_table[pos + j] & MASK; + y[j] ^= m_table[pos + SECT571K1_FE_LONGS + j] & MASK; + } + + pos += (SECT571K1_FE_LONGS * 2); + } + + return CreatePoint(x, y); + } + + public override ECPoint LookupVar(int index) + { + ulong[] x = Nat576.Create64(), y = Nat576.Create64(); + int pos = index * SECT571K1_FE_LONGS * 2; + + for (int j = 0; j < SECT571K1_FE_LONGS; ++j) + { + x[j] = m_table[pos + j]; + y[j] = m_table[pos + SECT571K1_FE_LONGS + j]; + } + + return CreatePoint(x, y); + } + + private ECPoint CreatePoint(ulong[] x, ulong[] y) + { + return m_outer.CreateRawPoint(new SecT571FieldElement(x), new SecT571FieldElement(y), SECT571K1_AFFINE_ZS, false); + } + } + } +} diff --git a/BouncyCastle/crypto/src/math/ec/custom/sec/SecT571K1Point.cs b/BouncyCastle/crypto/src/math/ec/custom/sec/SecT571K1Point.cs new file mode 100644 index 0000000..0f132c8 --- /dev/null +++ b/BouncyCastle/crypto/src/math/ec/custom/sec/SecT571K1Point.cs @@ -0,0 +1,327 @@ +using System; + +using Org.BouncyCastle.Math.Raw; + +namespace Org.BouncyCastle.Math.EC.Custom.Sec +{ + internal class SecT571K1Point + : AbstractF2mPoint + { + /** + * @deprecated Use ECCurve.createPoint to construct points + */ + public SecT571K1Point(ECCurve curve, ECFieldElement x, ECFieldElement y) + : this(curve, x, y, false) + { + } + + /** + * @deprecated per-point compression property will be removed, refer {@link #getEncoded(bool)} + */ + public SecT571K1Point(ECCurve curve, ECFieldElement x, ECFieldElement y, bool withCompression) + : base(curve, x, y, withCompression) + { + if ((x == null) != (y == null)) + throw new ArgumentException("Exactly one of the field elements is null"); + } + + internal SecT571K1Point(ECCurve curve, ECFieldElement x, ECFieldElement y, ECFieldElement[] zs, bool withCompression) + : base(curve, x, y, zs, withCompression) + { + } + + protected override ECPoint Detach() + { + return new SecT571K1Point(null, this.AffineXCoord, this.AffineYCoord); // earlier JDK + } + + public override ECFieldElement YCoord + { + get + { + ECFieldElement X = RawXCoord, L = RawYCoord; + + if (this.IsInfinity || X.IsZero) + return L; + + // Y is actually Lambda (X + Y/X) here; convert to affine value on the fly + ECFieldElement Y = L.Add(X).Multiply(X); + + ECFieldElement Z = RawZCoords[0]; + if (!Z.IsOne) + { + Y = Y.Divide(Z); + } + + return Y; + } + } + + protected internal override bool CompressionYTilde + { + get + { + ECFieldElement X = this.RawXCoord; + if (X.IsZero) + return false; + + ECFieldElement Y = this.RawYCoord; + + // Y is actually Lambda (X + Y/X) here + return Y.TestBitZero() != X.TestBitZero(); + } + } + + public override ECPoint Add(ECPoint b) + { + if (this.IsInfinity) + return b; + if (b.IsInfinity) + return this; + + ECCurve curve = this.Curve; + + SecT571FieldElement X1 = (SecT571FieldElement)this.RawXCoord; + SecT571FieldElement X2 = (SecT571FieldElement)b.RawXCoord; + + if (X1.IsZero) + { + if (X2.IsZero) + return curve.Infinity; + + return b.Add(this); + } + + SecT571FieldElement L1 = (SecT571FieldElement)this.RawYCoord, Z1 = (SecT571FieldElement)this.RawZCoords[0]; + SecT571FieldElement L2 = (SecT571FieldElement)b.RawYCoord, Z2 = (SecT571FieldElement)b.RawZCoords[0]; + + ulong[] t1 = Nat576.Create64(); + ulong[] t2 = Nat576.Create64(); + ulong[] t3 = Nat576.Create64(); + ulong[] t4 = Nat576.Create64(); + + ulong[] Z1Precomp = Z1.IsOne ? null : SecT571Field.PrecompMultiplicand(Z1.x); + ulong[] U2, S2; + if (Z1Precomp == null) + { + U2 = X2.x; + S2 = L2.x; + } + else + { + SecT571Field.MultiplyPrecomp(X2.x, Z1Precomp, U2 = t2); + SecT571Field.MultiplyPrecomp(L2.x, Z1Precomp, S2 = t4); + } + + ulong[] Z2Precomp = Z2.IsOne ? null : SecT571Field.PrecompMultiplicand(Z2.x); + ulong[] U1, S1; + if (Z2Precomp == null) + { + U1 = X1.x; + S1 = L1.x; + } + else + { + SecT571Field.MultiplyPrecomp(X1.x, Z2Precomp, U1 = t1); + SecT571Field.MultiplyPrecomp(L1.x, Z2Precomp, S1 = t3); + } + + ulong[] A = t3; + SecT571Field.Add(S1, S2, A); + + ulong[] B = t4; + SecT571Field.Add(U1, U2, B); + + if (Nat576.IsZero64(B)) + { + if (Nat576.IsZero64(A)) + return Twice(); + + return curve.Infinity; + } + + SecT571FieldElement X3, L3, Z3; + if (X2.IsZero) + { + // TODO This can probably be optimized quite a bit + ECPoint p = this.Normalize(); + X1 = (SecT571FieldElement)p.XCoord; + ECFieldElement Y1 = p.YCoord; + + ECFieldElement Y2 = L2; + ECFieldElement L = Y1.Add(Y2).Divide(X1); + + X3 = (SecT571FieldElement)L.Square().Add(L).Add(X1); + if (X3.IsZero) + { + return new SecT571K1Point(curve, X3, curve.B, IsCompressed); + } + + ECFieldElement Y3 = L.Multiply(X1.Add(X3)).Add(X3).Add(Y1); + L3 = (SecT571FieldElement)Y3.Divide(X3).Add(X3); + Z3 = (SecT571FieldElement)curve.FromBigInteger(BigInteger.One); + } + else + { + SecT571Field.Square(B, B); + + ulong[] APrecomp = SecT571Field.PrecompMultiplicand(A); + + ulong[] AU1 = t1; + ulong[] AU2 = t2; + + SecT571Field.MultiplyPrecomp(U1, APrecomp, AU1); + SecT571Field.MultiplyPrecomp(U2, APrecomp, AU2); + + X3 = new SecT571FieldElement(t1); + SecT571Field.Multiply(AU1, AU2, X3.x); + + if (X3.IsZero) + { + return new SecT571K1Point(curve, X3, curve.B, IsCompressed); + } + + Z3 = new SecT571FieldElement(t3); + SecT571Field.MultiplyPrecomp(B, APrecomp, Z3.x); + + if (Z2Precomp != null) + { + SecT571Field.MultiplyPrecomp(Z3.x, Z2Precomp, Z3.x); + } + + //L3 = AU2.Add(B).SquarePlusProduct(ABZ2, L1.Add(Z1)); + ulong[] tt = Nat576.CreateExt64(); + + SecT571Field.Add(AU2, B, t4); + SecT571Field.SquareAddToExt(t4, tt); + + SecT571Field.Add(L1.x, Z1.x, t4); + SecT571Field.MultiplyAddToExt(t4, Z3.x, tt); + + L3 = new SecT571FieldElement(t4); + SecT571Field.Reduce(tt, L3.x); + + if (Z1Precomp != null) + { + SecT571Field.MultiplyPrecomp(Z3.x, Z1Precomp, Z3.x); + } + } + + return new SecT571K1Point(curve, X3, L3, new ECFieldElement[] { Z3 }, IsCompressed); + } + + public override ECPoint Twice() + { + if (this.IsInfinity) + return this; + + ECCurve curve = this.Curve; + + ECFieldElement X1 = this.RawXCoord; + if (X1.IsZero) + { + // A point with X == 0 is its own additive inverse + return curve.Infinity; + } + + ECFieldElement L1 = this.RawYCoord, Z1 = this.RawZCoords[0]; + + bool Z1IsOne = Z1.IsOne; + ECFieldElement Z1Sq = Z1IsOne ? Z1 : Z1.Square(); + ECFieldElement T; + if (Z1IsOne) + { + T = L1.Square().Add(L1); + } + else + { + T = L1.Add(Z1).Multiply(L1); + } + + if (T.IsZero) + { + return new SecT571K1Point(curve, T, curve.B, IsCompressed); + } + + ECFieldElement X3 = T.Square(); + ECFieldElement Z3 = Z1IsOne ? T : T.Multiply(Z1Sq); + + ECFieldElement t1 = L1.Add(X1).Square(); + ECFieldElement t2 = Z1IsOne ? Z1 : Z1Sq.Square(); + ECFieldElement L3 = t1.Add(T).Add(Z1Sq).Multiply(t1).Add(t2).Add(X3).Add(Z3); + + return new SecT571K1Point(curve, X3, L3, new ECFieldElement[] { Z3 }, IsCompressed); + } + + public override ECPoint TwicePlus(ECPoint b) + { + if (this.IsInfinity) + return b; + if (b.IsInfinity) + return Twice(); + + ECCurve curve = this.Curve; + + ECFieldElement X1 = this.RawXCoord; + if (X1.IsZero) + { + // A point with X == 0 is its own additive inverse + return b; + } + + // NOTE: TwicePlus() only optimized for lambda-affine argument + ECFieldElement X2 = b.RawXCoord, Z2 = b.RawZCoords[0]; + if (X2.IsZero || !Z2.IsOne) + { + return Twice().Add(b); + } + + ECFieldElement L1 = this.RawYCoord, Z1 = this.RawZCoords[0]; + ECFieldElement L2 = b.RawYCoord; + + ECFieldElement X1Sq = X1.Square(); + ECFieldElement L1Sq = L1.Square(); + ECFieldElement Z1Sq = Z1.Square(); + ECFieldElement L1Z1 = L1.Multiply(Z1); + + ECFieldElement T = L1Sq.Add(L1Z1); + ECFieldElement L2plus1 = L2.AddOne(); + ECFieldElement A = L2plus1.Multiply(Z1Sq).Add(L1Sq).MultiplyPlusProduct(T, X1Sq, Z1Sq); + ECFieldElement X2Z1Sq = X2.Multiply(Z1Sq); + ECFieldElement B = X2Z1Sq.Add(T).Square(); + + if (B.IsZero) + { + if (A.IsZero) + return b.Twice(); + + return curve.Infinity; + } + + if (A.IsZero) + { + return new SecT571K1Point(curve, A, curve.B, IsCompressed); + } + + ECFieldElement X3 = A.Square().Multiply(X2Z1Sq); + ECFieldElement Z3 = A.Multiply(B).Multiply(Z1Sq); + ECFieldElement L3 = A.Add(B).Square().MultiplyPlusProduct(T, L2plus1, Z3); + + return new SecT571K1Point(curve, X3, L3, new ECFieldElement[] { Z3 }, IsCompressed); + } + + public override ECPoint Negate() + { + if (this.IsInfinity) + return this; + + ECFieldElement X = this.RawXCoord; + if (X.IsZero) + return this; + + // L is actually Lambda (X + Y/X) here + ECFieldElement L = this.RawYCoord, Z = this.RawZCoords[0]; + return new SecT571K1Point(Curve, X, L.Add(Z), new ECFieldElement[] { Z }, IsCompressed); + } + } +} diff --git a/BouncyCastle/crypto/src/math/ec/custom/sec/SecT571R1Curve.cs b/BouncyCastle/crypto/src/math/ec/custom/sec/SecT571R1Curve.cs new file mode 100644 index 0000000..67343b0 --- /dev/null +++ b/BouncyCastle/crypto/src/math/ec/custom/sec/SecT571R1Curve.cs @@ -0,0 +1,181 @@ +using System; + +using Org.BouncyCastle.Math.Raw; +using Org.BouncyCastle.Utilities.Encoders; + +namespace Org.BouncyCastle.Math.EC.Custom.Sec +{ + internal class SecT571R1Curve + : AbstractF2mCurve + { + private const int SECT571R1_DEFAULT_COORDS = COORD_LAMBDA_PROJECTIVE; + private const int SECT571R1_FE_LONGS = 9; + private static readonly ECFieldElement[] SECT571R1_AFFINE_ZS = new ECFieldElement[] { new SecT571FieldElement(BigInteger.One) }; + + protected readonly SecT571R1Point m_infinity; + + internal static readonly SecT571FieldElement SecT571R1_B = new SecT571FieldElement( + new BigInteger(1, Hex.DecodeStrict("02F40E7E2221F295DE297117B7F3D62F5C6A97FFCB8CEFF1CD6BA8CE4A9A18AD84FFABBD8EFA59332BE7AD6756A66E294AFD185A78FF12AA520E4DE739BACA0C7FFEFF7F2955727A"))); + internal static readonly SecT571FieldElement SecT571R1_B_SQRT = (SecT571FieldElement)SecT571R1_B.Sqrt(); + + public SecT571R1Curve() + : base(571, 2, 5, 10) + { + this.m_infinity = new SecT571R1Point(this, null, null); + + this.m_a = FromBigInteger(BigInteger.One); + this.m_b = SecT571R1_B; + this.m_order = new BigInteger(1, Hex.DecodeStrict("03FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFE661CE18FF55987308059B186823851EC7DD9CA1161DE93D5174D66E8382E9BB2FE84E47")); + this.m_cofactor = BigInteger.Two; + + this.m_coord = SECT571R1_DEFAULT_COORDS; + } + + protected override ECCurve CloneCurve() + { + return new SecT571R1Curve(); + } + + public override bool SupportsCoordinateSystem(int coord) + { + switch (coord) + { + case COORD_LAMBDA_PROJECTIVE: + return true; + default: + return false; + } + } + + public override ECPoint Infinity + { + get { return m_infinity; } + } + + public override int FieldSize + { + get { return 571; } + } + + public override ECFieldElement FromBigInteger(BigInteger x) + { + return new SecT571FieldElement(x); + } + + protected internal override ECPoint CreateRawPoint(ECFieldElement x, ECFieldElement y, bool withCompression) + { + return new SecT571R1Point(this, x, y, withCompression); + } + + protected internal override ECPoint CreateRawPoint(ECFieldElement x, ECFieldElement y, ECFieldElement[] zs, bool withCompression) + { + return new SecT571R1Point(this, x, y, zs, withCompression); + } + + public override bool IsKoblitz + { + get { return false; } + } + + public virtual int M + { + get { return 571; } + } + + public virtual bool IsTrinomial + { + get { return false; } + } + + public virtual int K1 + { + get { return 2; } + } + + public virtual int K2 + { + get { return 5; } + } + + public virtual int K3 + { + get { return 10; } + } + + public override ECLookupTable CreateCacheSafeLookupTable(ECPoint[] points, int off, int len) + { + ulong[] table = new ulong[len * SECT571R1_FE_LONGS * 2]; + { + int pos = 0; + for (int i = 0; i < len; ++i) + { + ECPoint p = points[off + i]; + Nat576.Copy64(((SecT571FieldElement)p.RawXCoord).x, 0, table, pos); pos += SECT571R1_FE_LONGS; + Nat576.Copy64(((SecT571FieldElement)p.RawYCoord).x, 0, table, pos); pos += SECT571R1_FE_LONGS; + } + } + + return new SecT571R1LookupTable(this, table, len); + } + + private class SecT571R1LookupTable + : AbstractECLookupTable + { + private readonly SecT571R1Curve m_outer; + private readonly ulong[] m_table; + private readonly int m_size; + + internal SecT571R1LookupTable(SecT571R1Curve outer, ulong[] table, int size) + { + this.m_outer = outer; + this.m_table = table; + this.m_size = size; + } + + public override int Size + { + get { return m_size; } + } + + public override ECPoint Lookup(int index) + { + ulong[] x = Nat576.Create64(), y = Nat576.Create64(); + int pos = 0; + + for (int i = 0; i < m_size; ++i) + { + ulong MASK = (ulong)(long)(((i ^ index) - 1) >> 31); + + for (int j = 0; j < SECT571R1_FE_LONGS; ++j) + { + x[j] ^= m_table[pos + j] & MASK; + y[j] ^= m_table[pos + SECT571R1_FE_LONGS + j] & MASK; + } + + pos += (SECT571R1_FE_LONGS * 2); + } + + return CreatePoint(x, y); + } + + public override ECPoint LookupVar(int index) + { + ulong[] x = Nat576.Create64(), y = Nat576.Create64(); + int pos = index * SECT571R1_FE_LONGS * 2; + + for (int j = 0; j < SECT571R1_FE_LONGS; ++j) + { + x[j] = m_table[pos + j]; + y[j] = m_table[pos + SECT571R1_FE_LONGS + j]; + } + + return CreatePoint(x, y); + } + + private ECPoint CreatePoint(ulong[] x, ulong[] y) + { + return m_outer.CreateRawPoint(new SecT571FieldElement(x), new SecT571FieldElement(y), SECT571R1_AFFINE_ZS, false); + } + } + } +} diff --git a/BouncyCastle/crypto/src/math/ec/custom/sec/SecT571R1Point.cs b/BouncyCastle/crypto/src/math/ec/custom/sec/SecT571R1Point.cs new file mode 100644 index 0000000..6a82a5e --- /dev/null +++ b/BouncyCastle/crypto/src/math/ec/custom/sec/SecT571R1Point.cs @@ -0,0 +1,352 @@ +using System; + +using Org.BouncyCastle.Math.Raw; + +namespace Org.BouncyCastle.Math.EC.Custom.Sec +{ + internal class SecT571R1Point + : AbstractF2mPoint + { + /** + * @deprecated Use ECCurve.createPoint to construct points + */ + public SecT571R1Point(ECCurve curve, ECFieldElement x, ECFieldElement y) + : this(curve, x, y, false) + { + } + + /** + * @deprecated per-point compression property will be removed, refer {@link #getEncoded(bool)} + */ + public SecT571R1Point(ECCurve curve, ECFieldElement x, ECFieldElement y, bool withCompression) + : base(curve, x, y, withCompression) + { + if ((x == null) != (y == null)) + throw new ArgumentException("Exactly one of the field elements is null"); + } + + internal SecT571R1Point(ECCurve curve, ECFieldElement x, ECFieldElement y, ECFieldElement[] zs, bool withCompression) + : base(curve, x, y, zs, withCompression) + { + } + + protected override ECPoint Detach() + { + return new SecT571R1Point(null, AffineXCoord, AffineYCoord); + } + + public override ECFieldElement YCoord + { + get + { + ECFieldElement X = RawXCoord, L = RawYCoord; + + if (this.IsInfinity || X.IsZero) + return L; + + // Y is actually Lambda (X + Y/X) here; convert to affine value on the fly + ECFieldElement Y = L.Add(X).Multiply(X); + + ECFieldElement Z = RawZCoords[0]; + if (!Z.IsOne) + { + Y = Y.Divide(Z); + } + + return Y; + } + } + + protected internal override bool CompressionYTilde + { + get + { + ECFieldElement X = this.RawXCoord; + if (X.IsZero) + return false; + + ECFieldElement Y = this.RawYCoord; + + // Y is actually Lambda (X + Y/X) here + return Y.TestBitZero() != X.TestBitZero(); + } + } + + public override ECPoint Add(ECPoint b) + { + if (this.IsInfinity) + return b; + if (b.IsInfinity) + return this; + + ECCurve curve = this.Curve; + + SecT571FieldElement X1 = (SecT571FieldElement)this.RawXCoord; + SecT571FieldElement X2 = (SecT571FieldElement)b.RawXCoord; + + if (X1.IsZero) + { + if (X2.IsZero) + return curve.Infinity; + + return b.Add(this); + } + + SecT571FieldElement L1 = (SecT571FieldElement)this.RawYCoord, Z1 = (SecT571FieldElement)this.RawZCoords[0]; + SecT571FieldElement L2 = (SecT571FieldElement)b.RawYCoord, Z2 = (SecT571FieldElement)b.RawZCoords[0]; + + ulong[] t1 = Nat576.Create64(); + ulong[] t2 = Nat576.Create64(); + ulong[] t3 = Nat576.Create64(); + ulong[] t4 = Nat576.Create64(); + + ulong[] Z1Precomp = Z1.IsOne ? null : SecT571Field.PrecompMultiplicand(Z1.x); + ulong[] U2, S2; + if (Z1Precomp == null) + { + U2 = X2.x; + S2 = L2.x; + } + else + { + SecT571Field.MultiplyPrecomp(X2.x, Z1Precomp, U2 = t2); + SecT571Field.MultiplyPrecomp(L2.x, Z1Precomp, S2 = t4); + } + + ulong[] Z2Precomp = Z2.IsOne ? null : SecT571Field.PrecompMultiplicand(Z2.x); + ulong[] U1, S1; + if (Z2Precomp == null) + { + U1 = X1.x; + S1 = L1.x; + } + else + { + SecT571Field.MultiplyPrecomp(X1.x, Z2Precomp, U1 = t1); + SecT571Field.MultiplyPrecomp(L1.x, Z2Precomp, S1 = t3); + } + + ulong[] A = t3; + SecT571Field.Add(S1, S2, A); + + ulong[] B = t4; + SecT571Field.Add(U1, U2, B); + + if (Nat576.IsZero64(B)) + { + if (Nat576.IsZero64(A)) + return Twice(); + + return curve.Infinity; + } + + SecT571FieldElement X3, L3, Z3; + if (X2.IsZero) + { + // TODO This can probably be optimized quite a bit + ECPoint p = this.Normalize(); + X1 = (SecT571FieldElement)p.XCoord; + ECFieldElement Y1 = p.YCoord; + + ECFieldElement Y2 = L2; + ECFieldElement L = Y1.Add(Y2).Divide(X1); + + X3 = (SecT571FieldElement)L.Square().Add(L).Add(X1).AddOne(); + if (X3.IsZero) + { + return new SecT571R1Point(curve, X3, SecT571R1Curve.SecT571R1_B_SQRT, IsCompressed); + } + + ECFieldElement Y3 = L.Multiply(X1.Add(X3)).Add(X3).Add(Y1); + L3 = (SecT571FieldElement)Y3.Divide(X3).Add(X3); + Z3 = (SecT571FieldElement)curve.FromBigInteger(BigInteger.One); + } + else + { + SecT571Field.Square(B, B); + + ulong[] APrecomp = SecT571Field.PrecompMultiplicand(A); + + ulong[] AU1 = t1; + ulong[] AU2 = t2; + + SecT571Field.MultiplyPrecomp(U1, APrecomp, AU1); + SecT571Field.MultiplyPrecomp(U2, APrecomp, AU2); + + X3 = new SecT571FieldElement(t1); + SecT571Field.Multiply(AU1, AU2, X3.x); + + if (X3.IsZero) + { + return new SecT571R1Point(curve, X3, SecT571R1Curve.SecT571R1_B_SQRT, IsCompressed); + } + + Z3 = new SecT571FieldElement(t3); + SecT571Field.MultiplyPrecomp(B, APrecomp, Z3.x); + + if (Z2Precomp != null) + { + SecT571Field.MultiplyPrecomp(Z3.x, Z2Precomp, Z3.x); + } + + ulong[] tt = Nat576.CreateExt64(); + + SecT571Field.Add(AU2, B, t4); + SecT571Field.SquareAddToExt(t4, tt); + + SecT571Field.Add(L1.x, Z1.x, t4); + SecT571Field.MultiplyAddToExt(t4, Z3.x, tt); + + L3 = new SecT571FieldElement(t4); + SecT571Field.Reduce(tt, L3.x); + + if (Z1Precomp != null) + { + SecT571Field.MultiplyPrecomp(Z3.x, Z1Precomp, Z3.x); + } + } + + return new SecT571R1Point(curve, X3, L3, new ECFieldElement[] { Z3 }, IsCompressed); + } + + public override ECPoint Twice() + { + if (this.IsInfinity) + return this; + + ECCurve curve = this.Curve; + + SecT571FieldElement X1 = (SecT571FieldElement)this.RawXCoord; + if (X1.IsZero) + { + // A point with X == 0 is its own additive inverse + return curve.Infinity; + } + + SecT571FieldElement L1 = (SecT571FieldElement)this.RawYCoord, Z1 = (SecT571FieldElement)this.RawZCoords[0]; + + ulong[] t1 = Nat576.Create64(); + ulong[] t2 = Nat576.Create64(); + + ulong[] Z1Precomp = Z1.IsOne ? null : SecT571Field.PrecompMultiplicand(Z1.x); + ulong[] L1Z1, Z1Sq; + if (Z1Precomp == null) + { + L1Z1 = L1.x; + Z1Sq = Z1.x; + } + else + { + SecT571Field.MultiplyPrecomp(L1.x, Z1Precomp, L1Z1 = t1); + SecT571Field.Square(Z1.x, Z1Sq = t2); + } + + ulong[] T = Nat576.Create64(); + SecT571Field.Square(L1.x, T); + SecT571Field.AddBothTo(L1Z1, Z1Sq, T); + + if (Nat576.IsZero64(T)) + { + return new SecT571R1Point(curve, new SecT571FieldElement(T), SecT571R1Curve.SecT571R1_B_SQRT, IsCompressed); + } + + ulong[] tt = Nat576.CreateExt64(); + SecT571Field.MultiplyAddToExt(T, L1Z1, tt); + + SecT571FieldElement X3 = new SecT571FieldElement(t1); + SecT571Field.Square(T, X3.x); + + SecT571FieldElement Z3 = new SecT571FieldElement(T); + if (Z1Precomp != null) + { + SecT571Field.Multiply(Z3.x, Z1Sq, Z3.x); + } + + ulong[] X1Z1; + if (Z1Precomp == null) + { + X1Z1 = X1.x; + } + else + { + SecT571Field.MultiplyPrecomp(X1.x, Z1Precomp, X1Z1 = t2); + } + + SecT571Field.SquareAddToExt(X1Z1, tt); + SecT571Field.Reduce(tt, t2); + SecT571Field.AddBothTo(X3.x, Z3.x, t2); + SecT571FieldElement L3 = new SecT571FieldElement(t2); + + return new SecT571R1Point(curve, X3, L3, new ECFieldElement[] { Z3 }, IsCompressed); + } + + public override ECPoint TwicePlus(ECPoint b) + { + if (this.IsInfinity) + return b; + if (b.IsInfinity) + return Twice(); + + ECCurve curve = this.Curve; + + ECFieldElement X1 = this.RawXCoord; + if (X1.IsZero) + { + // A point with X == 0 is its own additive inverse + return b; + } + + ECFieldElement X2 = b.RawXCoord, Z2 = b.RawZCoords[0]; + if (X2.IsZero || !Z2.IsOne) + { + return Twice().Add(b); + } + + ECFieldElement L1 = this.RawYCoord, Z1 = this.RawZCoords[0]; + ECFieldElement L2 = b.RawYCoord; + + ECFieldElement X1Sq = X1.Square(); + ECFieldElement L1Sq = L1.Square(); + ECFieldElement Z1Sq = Z1.Square(); + ECFieldElement L1Z1 = L1.Multiply(Z1); + + ECFieldElement T = Z1Sq.Add(L1Sq).Add(L1Z1); + ECFieldElement A = L2.Multiply(Z1Sq).Add(L1Sq).MultiplyPlusProduct(T, X1Sq, Z1Sq); + ECFieldElement X2Z1Sq = X2.Multiply(Z1Sq); + ECFieldElement B = X2Z1Sq.Add(T).Square(); + + if (B.IsZero) + { + if (A.IsZero) + return b.Twice(); + + return curve.Infinity; + } + + if (A.IsZero) + { + return new SecT571R1Point(curve, A, SecT571R1Curve.SecT571R1_B_SQRT, IsCompressed); + } + + ECFieldElement X3 = A.Square().Multiply(X2Z1Sq); + ECFieldElement Z3 = A.Multiply(B).Multiply(Z1Sq); + ECFieldElement L3 = A.Add(B).Square().MultiplyPlusProduct(T, L2.AddOne(), Z3); + + return new SecT571R1Point(curve, X3, L3, new ECFieldElement[] { Z3 }, IsCompressed); + } + + public override ECPoint Negate() + { + if (this.IsInfinity) + return this; + + ECFieldElement X = this.RawXCoord; + if (X.IsZero) + return this; + + // L is actually Lambda (X + Y/X) here + ECFieldElement L = this.RawYCoord, Z = this.RawZCoords[0]; + return new SecT571R1Point(Curve, X, L.Add(Z), new ECFieldElement[] { Z }, IsCompressed); + } + } +} diff --git a/BouncyCastle/crypto/src/math/ec/endo/ECEndomorphism.cs b/BouncyCastle/crypto/src/math/ec/endo/ECEndomorphism.cs new file mode 100644 index 0000000..dfb3213 --- /dev/null +++ b/BouncyCastle/crypto/src/math/ec/endo/ECEndomorphism.cs @@ -0,0 +1,11 @@ +using System; + +namespace Org.BouncyCastle.Math.EC.Endo +{ + public interface ECEndomorphism + { + ECPointMap PointMap { get; } + + bool HasEfficientPointMap { get; } + } +} diff --git a/BouncyCastle/crypto/src/math/ec/endo/EndoPreCompInfo.cs b/BouncyCastle/crypto/src/math/ec/endo/EndoPreCompInfo.cs new file mode 100644 index 0000000..cb926fc --- /dev/null +++ b/BouncyCastle/crypto/src/math/ec/endo/EndoPreCompInfo.cs @@ -0,0 +1,26 @@ +using System; + +using Org.BouncyCastle.Math.EC.Multiplier; + +namespace Org.BouncyCastle.Math.EC.Endo +{ + public class EndoPreCompInfo + : PreCompInfo + { + protected ECEndomorphism m_endomorphism; + + protected ECPoint m_mappedPoint; + + public virtual ECEndomorphism Endomorphism + { + get { return m_endomorphism; } + set { this.m_endomorphism = value; } + } + + public virtual ECPoint MappedPoint + { + get { return m_mappedPoint; } + set { this.m_mappedPoint = value; } + } + } +} diff --git a/BouncyCastle/crypto/src/math/ec/endo/EndoUtilities.cs b/BouncyCastle/crypto/src/math/ec/endo/EndoUtilities.cs new file mode 100644 index 0000000..843103b --- /dev/null +++ b/BouncyCastle/crypto/src/math/ec/endo/EndoUtilities.cs @@ -0,0 +1,79 @@ +using System; + +using Org.BouncyCastle.Math.EC.Multiplier; + +namespace Org.BouncyCastle.Math.EC.Endo +{ + public abstract class EndoUtilities + { + public static readonly string PRECOMP_NAME = "bc_endo"; + + public static BigInteger[] DecomposeScalar(ScalarSplitParameters p, BigInteger k) + { + int bits = p.Bits; + BigInteger b1 = CalculateB(k, p.G1, bits); + BigInteger b2 = CalculateB(k, p.G2, bits); + + BigInteger a = k.Subtract((b1.Multiply(p.V1A)).Add(b2.Multiply(p.V2A))); + BigInteger b = (b1.Multiply(p.V1B)).Add(b2.Multiply(p.V2B)).Negate(); + + return new BigInteger[]{ a, b }; + } + + public static ECPoint MapPoint(ECEndomorphism endomorphism, ECPoint p) + { + EndoPreCompInfo precomp = (EndoPreCompInfo)p.Curve.Precompute(p, PRECOMP_NAME, + new MapPointCallback(endomorphism, p)); + return precomp.MappedPoint; + } + + private static BigInteger CalculateB(BigInteger k, BigInteger g, int t) + { + bool negative = (g.SignValue < 0); + BigInteger b = k.Multiply(g.Abs()); + bool extra = b.TestBit(t - 1); + b = b.ShiftRight(t); + if (extra) + { + b = b.Add(BigInteger.One); + } + return negative ? b.Negate() : b; + } + + private class MapPointCallback + : IPreCompCallback + { + private readonly ECEndomorphism m_endomorphism; + private readonly ECPoint m_point; + + internal MapPointCallback(ECEndomorphism endomorphism, ECPoint point) + { + this.m_endomorphism = endomorphism; + this.m_point = point; + } + + public PreCompInfo Precompute(PreCompInfo existing) + { + EndoPreCompInfo existingEndo = existing as EndoPreCompInfo; + + if (CheckExisting(existingEndo, m_endomorphism)) + return existingEndo; + + ECPoint mappedPoint = m_endomorphism.PointMap.Map(m_point); + + EndoPreCompInfo result = new EndoPreCompInfo(); + result.Endomorphism = m_endomorphism; + result.MappedPoint = mappedPoint; + return result; + } + + private bool CheckExisting(EndoPreCompInfo existingEndo, ECEndomorphism endomorphism) + { + return null != existingEndo + && existingEndo.Endomorphism == endomorphism + && existingEndo.MappedPoint != null; + } + + } + } +} diff --git a/BouncyCastle/crypto/src/math/ec/endo/GlvEndomorphism.cs b/BouncyCastle/crypto/src/math/ec/endo/GlvEndomorphism.cs new file mode 100644 index 0000000..f65bdd6 --- /dev/null +++ b/BouncyCastle/crypto/src/math/ec/endo/GlvEndomorphism.cs @@ -0,0 +1,10 @@ +using System; + +namespace Org.BouncyCastle.Math.EC.Endo +{ + public interface GlvEndomorphism + : ECEndomorphism + { + BigInteger[] DecomposeScalar(BigInteger k); + } +} diff --git a/BouncyCastle/crypto/src/math/ec/endo/GlvTypeAEndomorphism.cs b/BouncyCastle/crypto/src/math/ec/endo/GlvTypeAEndomorphism.cs new file mode 100644 index 0000000..fda8f15 --- /dev/null +++ b/BouncyCastle/crypto/src/math/ec/endo/GlvTypeAEndomorphism.cs @@ -0,0 +1,38 @@ +using System; + +namespace Org.BouncyCastle.Math.EC.Endo +{ + public class GlvTypeAEndomorphism + : GlvEndomorphism + { + protected readonly GlvTypeAParameters m_parameters; + protected readonly ECPointMap m_pointMap; + + public GlvTypeAEndomorphism(ECCurve curve, GlvTypeAParameters parameters) + { + /* + * NOTE: 'curve' MUST only be used to create a suitable ECFieldElement. Due to the way + * ECCurve configuration works, 'curve' will not be the actual instance of ECCurve that the + * endomorphism is being used with. + */ + + this.m_parameters = parameters; + this.m_pointMap = new ScaleYNegateXPointMap(curve.FromBigInteger(parameters.I)); + } + + public virtual BigInteger[] DecomposeScalar(BigInteger k) + { + return EndoUtilities.DecomposeScalar(m_parameters.SplitParams, k); + } + + public virtual ECPointMap PointMap + { + get { return m_pointMap; } + } + + public virtual bool HasEfficientPointMap + { + get { return true; } + } + } +} diff --git a/BouncyCastle/crypto/src/math/ec/endo/GlvTypeAParameters.cs b/BouncyCastle/crypto/src/math/ec/endo/GlvTypeAParameters.cs new file mode 100644 index 0000000..68464c5 --- /dev/null +++ b/BouncyCastle/crypto/src/math/ec/endo/GlvTypeAParameters.cs @@ -0,0 +1,32 @@ +using System; + +namespace Org.BouncyCastle.Math.EC.Endo +{ + public class GlvTypeAParameters + { + protected readonly BigInteger m_i, m_lambda; + protected readonly ScalarSplitParameters m_splitParams; + + public GlvTypeAParameters(BigInteger i, BigInteger lambda, ScalarSplitParameters splitParams) + { + this.m_i = i; + this.m_lambda = lambda; + this.m_splitParams = splitParams; + } + + public virtual BigInteger I + { + get { return m_i; } + } + + public virtual BigInteger Lambda + { + get { return m_lambda; } + } + + public virtual ScalarSplitParameters SplitParams + { + get { return m_splitParams; } + } + } +} diff --git a/BouncyCastle/crypto/src/math/ec/endo/GlvTypeBEndomorphism.cs b/BouncyCastle/crypto/src/math/ec/endo/GlvTypeBEndomorphism.cs new file mode 100644 index 0000000..e4f12fe --- /dev/null +++ b/BouncyCastle/crypto/src/math/ec/endo/GlvTypeBEndomorphism.cs @@ -0,0 +1,38 @@ +using System; + +namespace Org.BouncyCastle.Math.EC.Endo +{ + public class GlvTypeBEndomorphism + : GlvEndomorphism + { + protected readonly GlvTypeBParameters m_parameters; + protected readonly ECPointMap m_pointMap; + + public GlvTypeBEndomorphism(ECCurve curve, GlvTypeBParameters parameters) + { + /* + * NOTE: 'curve' MUST only be used to create a suitable ECFieldElement. Due to the way + * ECCurve configuration works, 'curve' will not be the actual instance of ECCurve that the + * endomorphism is being used with. + */ + + this.m_parameters = parameters; + this.m_pointMap = new ScaleXPointMap(curve.FromBigInteger(parameters.Beta)); + } + + public virtual BigInteger[] DecomposeScalar(BigInteger k) + { + return EndoUtilities.DecomposeScalar(m_parameters.SplitParams, k); + } + + public virtual ECPointMap PointMap + { + get { return m_pointMap; } + } + + public virtual bool HasEfficientPointMap + { + get { return true; } + } + } +} diff --git a/BouncyCastle/crypto/src/math/ec/endo/GlvTypeBParameters.cs b/BouncyCastle/crypto/src/math/ec/endo/GlvTypeBParameters.cs new file mode 100644 index 0000000..5e2937b --- /dev/null +++ b/BouncyCastle/crypto/src/math/ec/endo/GlvTypeBParameters.cs @@ -0,0 +1,71 @@ +using System; + +namespace Org.BouncyCastle.Math.EC.Endo +{ + public class GlvTypeBParameters + { + protected readonly BigInteger m_beta, m_lambda; + protected readonly ScalarSplitParameters m_splitParams; + + [Obsolete("Use constructor taking a ScalarSplitParameters instead")] + public GlvTypeBParameters(BigInteger beta, BigInteger lambda, BigInteger[] v1, BigInteger[] v2, + BigInteger g1, BigInteger g2, int bits) + { + this.m_beta = beta; + this.m_lambda = lambda; + this.m_splitParams = new ScalarSplitParameters(v1, v2, g1, g2, bits); + } + + public GlvTypeBParameters(BigInteger beta, BigInteger lambda, ScalarSplitParameters splitParams) + { + this.m_beta = beta; + this.m_lambda = lambda; + this.m_splitParams = splitParams; + } + + public virtual BigInteger Beta + { + get { return m_beta; } + } + + public virtual BigInteger Lambda + { + get { return m_lambda; } + } + + public virtual ScalarSplitParameters SplitParams + { + get { return m_splitParams; } + } + + [Obsolete("Access via SplitParams instead")] + public virtual BigInteger[] V1 + { + get { return new BigInteger[] { m_splitParams.V1A, m_splitParams.V1B }; } + } + + [Obsolete("Access via SplitParams instead")] + public virtual BigInteger[] V2 + { + get { return new BigInteger[] { m_splitParams.V2A, m_splitParams.V2B }; } + } + + [Obsolete("Access via SplitParams instead")] + public virtual BigInteger G1 + { + get { return m_splitParams.G1; } + } + + [Obsolete("Access via SplitParams instead")] + public virtual BigInteger G2 + { + get { return m_splitParams.G2; } + } + + [Obsolete("Access via SplitParams instead")] + public virtual int Bits + { + get { return m_splitParams.Bits; } + } + } +} diff --git a/BouncyCastle/crypto/src/math/ec/endo/ScalarSplitParameters.cs b/BouncyCastle/crypto/src/math/ec/endo/ScalarSplitParameters.cs new file mode 100644 index 0000000..18d0bdb --- /dev/null +++ b/BouncyCastle/crypto/src/math/ec/endo/ScalarSplitParameters.cs @@ -0,0 +1,69 @@ +using System; + +using Org.BouncyCastle.Math; + +namespace Org.BouncyCastle.Math.EC.Endo +{ + public class ScalarSplitParameters + { + private static void CheckVector(BigInteger[] v, string name) + { + if (v == null || v.Length != 2 || v[0] == null || v[1] == null) + throw new ArgumentException("Must consist of exactly 2 (non-null) values", name); + } + + protected readonly BigInteger m_v1A, m_v1B, m_v2A, m_v2B; + protected readonly BigInteger m_g1, m_g2; + protected readonly int m_bits; + + public ScalarSplitParameters(BigInteger[] v1, BigInteger[] v2, BigInteger g1, + BigInteger g2, int bits) + { + CheckVector(v1, "v1"); + CheckVector(v2, "v2"); + + this.m_v1A = v1[0]; + this.m_v1B = v1[1]; + this.m_v2A = v2[0]; + this.m_v2B = v2[1]; + this.m_g1 = g1; + this.m_g2 = g2; + this.m_bits = bits; + } + + public virtual BigInteger V1A + { + get { return m_v1A; } + } + + public virtual BigInteger V1B + { + get { return m_v1B; } + } + + public virtual BigInteger V2A + { + get { return m_v2A; } + } + + public virtual BigInteger V2B + { + get { return m_v2B; } + } + + public virtual BigInteger G1 + { + get { return m_g1; } + } + + public virtual BigInteger G2 + { + get { return m_g2; } + } + + public virtual int Bits + { + get { return m_bits; } + } + } +} diff --git a/BouncyCastle/crypto/src/math/ec/multiplier/AbstractECMultiplier.cs b/BouncyCastle/crypto/src/math/ec/multiplier/AbstractECMultiplier.cs new file mode 100644 index 0000000..c2580c8 --- /dev/null +++ b/BouncyCastle/crypto/src/math/ec/multiplier/AbstractECMultiplier.cs @@ -0,0 +1,29 @@ +namespace Org.BouncyCastle.Math.EC.Multiplier +{ + public abstract class AbstractECMultiplier + : ECMultiplier + { + public virtual ECPoint Multiply(ECPoint p, BigInteger k) + { + int sign = k.SignValue; + if (sign == 0 || p.IsInfinity) + return p.Curve.Infinity; + + ECPoint positive = MultiplyPositive(p, k.Abs()); + ECPoint result = sign > 0 ? positive : positive.Negate(); + + /* + * Although the various multipliers ought not to produce invalid output under normal + * circumstances, a final check here is advised to guard against fault attacks. + */ + return CheckResult(result); + } + + protected abstract ECPoint MultiplyPositive(ECPoint p, BigInteger k); + + protected virtual ECPoint CheckResult(ECPoint p) + { + return ECAlgorithms.ImplCheckResult(p); + } + } +} diff --git a/BouncyCastle/crypto/src/math/ec/multiplier/DoubleAddMultiplier.cs b/BouncyCastle/crypto/src/math/ec/multiplier/DoubleAddMultiplier.cs new file mode 100644 index 0000000..6648727 --- /dev/null +++ b/BouncyCastle/crypto/src/math/ec/multiplier/DoubleAddMultiplier.cs @@ -0,0 +1,27 @@ +using System; + +namespace Org.BouncyCastle.Math.EC.Multiplier +{ + [Obsolete("Will be removed")] + public class DoubleAddMultiplier + : AbstractECMultiplier + { + /** + * Joye's double-add algorithm. + */ + protected override ECPoint MultiplyPositive(ECPoint p, BigInteger k) + { + ECPoint[] R = new ECPoint[]{ p.Curve.Infinity, p }; + + int n = k.BitLength; + for (int i = 0; i < n; ++i) + { + int b = k.TestBit(i) ? 1 : 0; + int bp = 1 - b; + R[bp] = R[bp].TwicePlus(R[b]); + } + + return R[0]; + } + } +} diff --git a/BouncyCastle/crypto/src/math/ec/multiplier/ECMultiplier.cs b/BouncyCastle/crypto/src/math/ec/multiplier/ECMultiplier.cs new file mode 100644 index 0000000..8d6136b --- /dev/null +++ b/BouncyCastle/crypto/src/math/ec/multiplier/ECMultiplier.cs @@ -0,0 +1,18 @@ +namespace Org.BouncyCastle.Math.EC.Multiplier +{ + /** + * Interface for classes encapsulating a point multiplication algorithm + * for ECPoints. + */ + public interface ECMultiplier + { + /** + * Multiplies the ECPoint p by k, i.e. + * p is added k times to itself. + * @param p The ECPoint to be multiplied. + * @param k The factor by which p is multiplied. + * @return p multiplied by k. + */ + ECPoint Multiply(ECPoint p, BigInteger k); + } +} diff --git a/BouncyCastle/crypto/src/math/ec/multiplier/FixedPointCombMultiplier.cs b/BouncyCastle/crypto/src/math/ec/multiplier/FixedPointCombMultiplier.cs new file mode 100644 index 0000000..37e5b5c --- /dev/null +++ b/BouncyCastle/crypto/src/math/ec/multiplier/FixedPointCombMultiplier.cs @@ -0,0 +1,58 @@ +using System; + +using Org.BouncyCastle.Math.Raw; + +namespace Org.BouncyCastle.Math.EC.Multiplier +{ + public class FixedPointCombMultiplier + : AbstractECMultiplier + { + protected override ECPoint MultiplyPositive(ECPoint p, BigInteger k) + { + ECCurve c = p.Curve; + int size = FixedPointUtilities.GetCombSize(c); + + if (k.BitLength > size) + { + /* + * TODO The comb works best when the scalars are less than the (possibly unknown) order. + * Still, if we want to handle larger scalars, we could allow customization of the comb + * size, or alternatively we could deal with the 'extra' bits either by running the comb + * multiple times as necessary, or by using an alternative multiplier as prelude. + */ + throw new InvalidOperationException("fixed-point comb doesn't support scalars larger than the curve order"); + } + + FixedPointPreCompInfo info = FixedPointUtilities.Precompute(p); + ECLookupTable lookupTable = info.LookupTable; + int width = info.Width; + + int d = (size + width - 1) / width; + + ECPoint R = c.Infinity; + + int fullComb = d * width; + uint[] K = Nat.FromBigInteger(fullComb, k); + + int top = fullComb - 1; + for (int i = 0; i < d; ++i) + { + uint secretIndex = 0; + + for (int j = top - i; j >= 0; j -= d) + { + uint secretBit = K[j >> 5] >> (j & 0x1F); + secretIndex ^= secretBit >> 1; + secretIndex <<= 1; + secretIndex ^= secretBit; + } + + ECPoint add = lookupTable.Lookup((int)secretIndex); + + R = R.TwicePlus(add); + } + + return R.Add(info.Offset); + } + } +} diff --git a/BouncyCastle/crypto/src/math/ec/multiplier/FixedPointPreCompInfo.cs b/BouncyCastle/crypto/src/math/ec/multiplier/FixedPointPreCompInfo.cs new file mode 100644 index 0000000..5d6af9e --- /dev/null +++ b/BouncyCastle/crypto/src/math/ec/multiplier/FixedPointPreCompInfo.cs @@ -0,0 +1,43 @@ +using System; + +namespace Org.BouncyCastle.Math.EC.Multiplier +{ + /** + * Class holding precomputation data for fixed-point multiplications. + */ + public class FixedPointPreCompInfo + : PreCompInfo + { + protected ECPoint m_offset = null; + + /** + * Lookup table for the precomputed ECPoints used for a fixed point multiplication. + */ + protected ECLookupTable m_lookupTable = null; + + /** + * The width used for the precomputation. If a larger width precomputation + * is already available this may be larger than was requested, so calling + * code should refer to the actual width. + */ + protected int m_width = -1; + + public virtual ECLookupTable LookupTable + { + get { return m_lookupTable; } + set { this.m_lookupTable = value; } + } + + public virtual ECPoint Offset + { + get { return m_offset; } + set { this.m_offset = value; } + } + + public virtual int Width + { + get { return m_width; } + set { this.m_width = value; } + } + } +} diff --git a/BouncyCastle/crypto/src/math/ec/multiplier/FixedPointUtilities.cs b/BouncyCastle/crypto/src/math/ec/multiplier/FixedPointUtilities.cs new file mode 100644 index 0000000..88f178e --- /dev/null +++ b/BouncyCastle/crypto/src/math/ec/multiplier/FixedPointUtilities.cs @@ -0,0 +1,95 @@ +using System; + +namespace Org.BouncyCastle.Math.EC.Multiplier +{ + public class FixedPointUtilities + { + public static readonly string PRECOMP_NAME = "bc_fixed_point"; + + public static int GetCombSize(ECCurve c) + { + BigInteger order = c.Order; + return order == null ? c.FieldSize + 1 : order.BitLength; + } + + public static FixedPointPreCompInfo GetFixedPointPreCompInfo(PreCompInfo preCompInfo) + { + return preCompInfo as FixedPointPreCompInfo; + } + + public static FixedPointPreCompInfo Precompute(ECPoint p) + { + return (FixedPointPreCompInfo)p.Curve.Precompute(p, PRECOMP_NAME, new FixedPointCallback(p)); + } + + private class FixedPointCallback + : IPreCompCallback + { + private readonly ECPoint m_p; + + internal FixedPointCallback(ECPoint p) + { + this.m_p = p; + } + + public PreCompInfo Precompute(PreCompInfo existing) + { + FixedPointPreCompInfo existingFP = (existing is FixedPointPreCompInfo) ? (FixedPointPreCompInfo)existing : null; + + ECCurve c = m_p.Curve; + int bits = FixedPointUtilities.GetCombSize(c); + int minWidth = bits > 250 ? 6 : 5; + int n = 1 << minWidth; + + if (CheckExisting(existingFP, n)) + return existingFP; + + int d = (bits + minWidth - 1) / minWidth; + + ECPoint[] pow2Table = new ECPoint[minWidth + 1]; + pow2Table[0] = m_p; + for (int i = 1; i < minWidth; ++i) + { + pow2Table[i] = pow2Table[i - 1].TimesPow2(d); + } + + // This will be the 'offset' value + pow2Table[minWidth] = pow2Table[0].Subtract(pow2Table[1]); + + c.NormalizeAll(pow2Table); + + ECPoint[] lookupTable = new ECPoint[n]; + lookupTable[0] = pow2Table[0]; + + for (int bit = minWidth - 1; bit >= 0; --bit) + { + ECPoint pow2 = pow2Table[bit]; + + int step = 1 << bit; + for (int i = step; i < n; i += (step << 1)) + { + lookupTable[i] = lookupTable[i - step].Add(pow2); + } + } + + c.NormalizeAll(lookupTable); + + FixedPointPreCompInfo result = new FixedPointPreCompInfo(); + result.LookupTable = c.CreateCacheSafeLookupTable(lookupTable, 0, lookupTable.Length); + result.Offset = pow2Table[minWidth]; + result.Width = minWidth; + return result; + } + + private bool CheckExisting(FixedPointPreCompInfo existingFP, int n) + { + return existingFP != null && CheckTable(existingFP.LookupTable, n); + } + + private bool CheckTable(ECLookupTable table, int n) + { + return table != null && table.Size >= n; + } + } + } +} diff --git a/BouncyCastle/crypto/src/math/ec/multiplier/GlvMultiplier.cs b/BouncyCastle/crypto/src/math/ec/multiplier/GlvMultiplier.cs new file mode 100644 index 0000000..9ef7d6e --- /dev/null +++ b/BouncyCastle/crypto/src/math/ec/multiplier/GlvMultiplier.cs @@ -0,0 +1,41 @@ +using System; + +using Org.BouncyCastle.Math.EC.Endo; + +namespace Org.BouncyCastle.Math.EC.Multiplier +{ + public class GlvMultiplier + : AbstractECMultiplier + { + protected readonly ECCurve curve; + protected readonly GlvEndomorphism glvEndomorphism; + + public GlvMultiplier(ECCurve curve, GlvEndomorphism glvEndomorphism) + { + if (curve == null || curve.Order == null) + throw new ArgumentException("Need curve with known group order", "curve"); + + this.curve = curve; + this.glvEndomorphism = glvEndomorphism; + } + + protected override ECPoint MultiplyPositive(ECPoint p, BigInteger k) + { + if (!curve.Equals(p.Curve)) + throw new InvalidOperationException(); + + BigInteger n = p.Curve.Order; + BigInteger[] ab = glvEndomorphism.DecomposeScalar(k.Mod(n)); + BigInteger a = ab[0], b = ab[1]; + + if (glvEndomorphism.HasEfficientPointMap) + { + return ECAlgorithms.ImplShamirsTrickWNaf(glvEndomorphism, p, a, b); + } + + ECPoint q = EndoUtilities.MapPoint(glvEndomorphism, p); + + return ECAlgorithms.ImplShamirsTrickWNaf(p, a, q, b); + } + } +} diff --git a/BouncyCastle/crypto/src/math/ec/multiplier/IPreCompCallback.cs b/BouncyCastle/crypto/src/math/ec/multiplier/IPreCompCallback.cs new file mode 100644 index 0000000..e64ae83 --- /dev/null +++ b/BouncyCastle/crypto/src/math/ec/multiplier/IPreCompCallback.cs @@ -0,0 +1,9 @@ +using System; + +namespace Org.BouncyCastle.Math.EC.Multiplier +{ + public interface IPreCompCallback + { + PreCompInfo Precompute(PreCompInfo existing); + } +} diff --git a/BouncyCastle/crypto/src/math/ec/multiplier/MixedNafR2LMultiplier.cs b/BouncyCastle/crypto/src/math/ec/multiplier/MixedNafR2LMultiplier.cs new file mode 100644 index 0000000..2bed892 --- /dev/null +++ b/BouncyCastle/crypto/src/math/ec/multiplier/MixedNafR2LMultiplier.cs @@ -0,0 +1,76 @@ +using System; + +namespace Org.BouncyCastle.Math.EC.Multiplier +{ + /** + * Class implementing the NAF (Non-Adjacent Form) multiplication algorithm (right-to-left) using + * mixed coordinates. + */ + [Obsolete("Will be removed")] + public class MixedNafR2LMultiplier + : AbstractECMultiplier + { + protected readonly int additionCoord, doublingCoord; + + /** + * By default, addition will be done in Jacobian coordinates, and doubling will be done in + * Modified Jacobian coordinates (independent of the original coordinate system of each point). + */ + public MixedNafR2LMultiplier() + : this(ECCurve.COORD_JACOBIAN, ECCurve.COORD_JACOBIAN_MODIFIED) + { + } + + public MixedNafR2LMultiplier(int additionCoord, int doublingCoord) + { + this.additionCoord = additionCoord; + this.doublingCoord = doublingCoord; + } + + protected override ECPoint MultiplyPositive(ECPoint p, BigInteger k) + { + ECCurve curveOrig = p.Curve; + + ECCurve curveAdd = ConfigureCurve(curveOrig, additionCoord); + ECCurve curveDouble = ConfigureCurve(curveOrig, doublingCoord); + + int[] naf = WNafUtilities.GenerateCompactNaf(k); + + ECPoint Ra = curveAdd.Infinity; + ECPoint Td = curveDouble.ImportPoint(p); + + int zeroes = 0; + for (int i = 0; i < naf.Length; ++i) + { + int ni = naf[i]; + int digit = ni >> 16; + zeroes += ni & 0xFFFF; + + Td = Td.TimesPow2(zeroes); + + ECPoint Tj = curveAdd.ImportPoint(Td); + if (digit < 0) + { + Tj = Tj.Negate(); + } + + Ra = Ra.Add(Tj); + + zeroes = 1; + } + + return curveOrig.ImportPoint(Ra); + } + + protected virtual ECCurve ConfigureCurve(ECCurve c, int coord) + { + if (c.CoordinateSystem == coord) + return c; + + if (!c.SupportsCoordinateSystem(coord)) + throw new ArgumentException("Coordinate system " + coord + " not supported by this curve", "coord"); + + return c.Configure().SetCoordinateSystem(coord).Create(); + } + } +} diff --git a/BouncyCastle/crypto/src/math/ec/multiplier/MontgomeryLadderMultiplier.cs b/BouncyCastle/crypto/src/math/ec/multiplier/MontgomeryLadderMultiplier.cs new file mode 100644 index 0000000..45df2fd --- /dev/null +++ b/BouncyCastle/crypto/src/math/ec/multiplier/MontgomeryLadderMultiplier.cs @@ -0,0 +1,28 @@ +using System; + +namespace Org.BouncyCastle.Math.EC.Multiplier +{ + [Obsolete("Will be removed")] + public class MontgomeryLadderMultiplier + : AbstractECMultiplier + { + /** + * Montgomery ladder. + */ + protected override ECPoint MultiplyPositive(ECPoint p, BigInteger k) + { + ECPoint[] R = new ECPoint[]{ p.Curve.Infinity, p }; + + int n = k.BitLength; + int i = n; + while (--i >= 0) + { + int b = k.TestBit(i) ? 1 : 0; + int bp = 1 - b; + R[bp] = R[bp].Add(R[b]); + R[b] = R[b].Twice(); + } + return R[0]; + } + } +} diff --git a/BouncyCastle/crypto/src/math/ec/multiplier/NafL2RMultiplier.cs b/BouncyCastle/crypto/src/math/ec/multiplier/NafL2RMultiplier.cs new file mode 100644 index 0000000..d41a0d6 --- /dev/null +++ b/BouncyCastle/crypto/src/math/ec/multiplier/NafL2RMultiplier.cs @@ -0,0 +1,33 @@ +using System; + +namespace Org.BouncyCastle.Math.EC.Multiplier +{ + /** + * Class implementing the NAF (Non-Adjacent Form) multiplication algorithm (left-to-right). + */ + [Obsolete("Will be removed")] + public class NafL2RMultiplier + : AbstractECMultiplier + { + protected override ECPoint MultiplyPositive(ECPoint p, BigInteger k) + { + int[] naf = WNafUtilities.GenerateCompactNaf(k); + + ECPoint addP = p.Normalize(), subP = addP.Negate(); + + ECPoint R = p.Curve.Infinity; + + int i = naf.Length; + while (--i >= 0) + { + int ni = naf[i]; + int digit = ni >> 16, zeroes = ni & 0xFFFF; + + R = R.TwicePlus(digit < 0 ? subP : addP); + R = R.TimesPow2(zeroes); + } + + return R; + } + } +} diff --git a/BouncyCastle/crypto/src/math/ec/multiplier/NafR2LMultiplier.cs b/BouncyCastle/crypto/src/math/ec/multiplier/NafR2LMultiplier.cs new file mode 100644 index 0000000..8157cf0 --- /dev/null +++ b/BouncyCastle/crypto/src/math/ec/multiplier/NafR2LMultiplier.cs @@ -0,0 +1,34 @@ +using System; + +namespace Org.BouncyCastle.Math.EC.Multiplier +{ + /** + * Class implementing the NAF (Non-Adjacent Form) multiplication algorithm (right-to-left). + */ + [Obsolete("Will be removed")] + public class NafR2LMultiplier + : AbstractECMultiplier + { + protected override ECPoint MultiplyPositive(ECPoint p, BigInteger k) + { + int[] naf = WNafUtilities.GenerateCompactNaf(k); + + ECPoint R0 = p.Curve.Infinity, R1 = p; + + int zeroes = 0; + for (int i = 0; i < naf.Length; ++i) + { + int ni = naf[i]; + int digit = ni >> 16; + zeroes += ni & 0xFFFF; + + R1 = R1.TimesPow2(zeroes); + R0 = R0.Add(digit < 0 ? R1.Negate() : R1); + + zeroes = 1; + } + + return R0; + } + } +} diff --git a/BouncyCastle/crypto/src/math/ec/multiplier/PreCompInfo.cs b/BouncyCastle/crypto/src/math/ec/multiplier/PreCompInfo.cs new file mode 100644 index 0000000..5c32892 --- /dev/null +++ b/BouncyCastle/crypto/src/math/ec/multiplier/PreCompInfo.cs @@ -0,0 +1,11 @@ +namespace Org.BouncyCastle.Math.EC.Multiplier +{ + /** + * Interface for classes storing precomputation data for multiplication + * algorithms. Used as a Memento (see GOF patterns) for + * WNafMultiplier. + */ + public interface PreCompInfo + { + } +} diff --git a/BouncyCastle/crypto/src/math/ec/multiplier/ReferenceMultiplier.cs b/BouncyCastle/crypto/src/math/ec/multiplier/ReferenceMultiplier.cs new file mode 100644 index 0000000..40563cd --- /dev/null +++ b/BouncyCastle/crypto/src/math/ec/multiplier/ReferenceMultiplier.cs @@ -0,0 +1,14 @@ +using System; + +namespace Org.BouncyCastle.Math.EC.Multiplier +{ + [Obsolete("Will be removed")] + public class ReferenceMultiplier + : AbstractECMultiplier + { + protected override ECPoint MultiplyPositive(ECPoint p, BigInteger k) + { + return ECAlgorithms.ReferenceMultiply(p, k); + } + } +} diff --git a/BouncyCastle/crypto/src/math/ec/multiplier/ValidityPreCompInfo.cs b/BouncyCastle/crypto/src/math/ec/multiplier/ValidityPreCompInfo.cs new file mode 100644 index 0000000..7ec2cbb --- /dev/null +++ b/BouncyCastle/crypto/src/math/ec/multiplier/ValidityPreCompInfo.cs @@ -0,0 +1,44 @@ +using System; + +namespace Org.BouncyCastle.Math.EC.Multiplier +{ + internal class ValidityPreCompInfo + : PreCompInfo + { + internal static readonly string PRECOMP_NAME = "bc_validity"; + + private bool failed = false; + private bool curveEquationPassed = false; + private bool orderPassed = false; + + internal bool HasFailed() + { + return failed; + } + + internal void ReportFailed() + { + failed = true; + } + + internal bool HasCurveEquationPassed() + { + return curveEquationPassed; + } + + internal void ReportCurveEquationPassed() + { + curveEquationPassed = true; + } + + internal bool HasOrderPassed() + { + return orderPassed; + } + + internal void ReportOrderPassed() + { + orderPassed = true; + } + } +} diff --git a/BouncyCastle/crypto/src/math/ec/multiplier/WNafL2RMultiplier.cs b/BouncyCastle/crypto/src/math/ec/multiplier/WNafL2RMultiplier.cs new file mode 100644 index 0000000..833bbb5 --- /dev/null +++ b/BouncyCastle/crypto/src/math/ec/multiplier/WNafL2RMultiplier.cs @@ -0,0 +1,89 @@ +using System; + +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Math.EC.Multiplier +{ + /** + * Class implementing the WNAF (Window Non-Adjacent Form) multiplication + * algorithm. + */ + public class WNafL2RMultiplier + : AbstractECMultiplier + { + /** + * Multiplies this by an integer k using the + * Window NAF method. + * @param k The integer by which this is multiplied. + * @return A new ECPoint which equals this + * multiplied by k. + */ + protected override ECPoint MultiplyPositive(ECPoint p, BigInteger k) + { + int minWidth = WNafUtilities.GetWindowSize(k.BitLength); + + WNafPreCompInfo info = WNafUtilities.Precompute(p, minWidth, true); + ECPoint[] preComp = info.PreComp; + ECPoint[] preCompNeg = info.PreCompNeg; + int width = info.Width; + + int[] wnaf = WNafUtilities.GenerateCompactWindowNaf(width, k); + + ECPoint R = p.Curve.Infinity; + + int i = wnaf.Length; + + /* + * NOTE: We try to optimize the first window using the precomputed points to substitute an + * addition for 2 or more doublings. + */ + if (i > 1) + { + int wi = wnaf[--i]; + int digit = wi >> 16, zeroes = wi & 0xFFFF; + + int n = System.Math.Abs(digit); + ECPoint[] table = digit < 0 ? preCompNeg : preComp; + + // Optimization can only be used for values in the lower half of the table + if ((n << 2) < (1 << width)) + { + int highest = 32 - Integers.NumberOfLeadingZeros(n); + + // TODO Get addition/doubling cost ratio from curve and compare to 'scale' to see if worth substituting? + int scale = width - highest; + int lowBits = n ^ (1 << (highest - 1)); + + int i1 = ((1 << (width - 1)) - 1); + int i2 = (lowBits << scale) + 1; + R = table[i1 >> 1].Add(table[i2 >> 1]); + + zeroes -= scale; + + //Console.WriteLine("Optimized: 2^" + scale + " * " + n + " = " + i1 + " + " + i2); + } + else + { + R = table[n >> 1]; + } + + R = R.TimesPow2(zeroes); + } + + while (i > 0) + { + int wi = wnaf[--i]; + int digit = wi >> 16, zeroes = wi & 0xFFFF; + + int n = System.Math.Abs(digit); + ECPoint[] table = digit < 0 ? preCompNeg : preComp; + ECPoint r = table[n >> 1]; + + R = R.TwicePlus(r); + R = R.TimesPow2(zeroes); + } + + return R; + } + } +} diff --git a/BouncyCastle/crypto/src/math/ec/multiplier/WNafPreCompInfo.cs b/BouncyCastle/crypto/src/math/ec/multiplier/WNafPreCompInfo.cs new file mode 100644 index 0000000..f979f33 --- /dev/null +++ b/BouncyCastle/crypto/src/math/ec/multiplier/WNafPreCompInfo.cs @@ -0,0 +1,85 @@ +namespace Org.BouncyCastle.Math.EC.Multiplier +{ + /** + * Class holding precomputation data for the WNAF (Window Non-Adjacent Form) + * algorithm. + */ + public class WNafPreCompInfo + : PreCompInfo + { + internal volatile int m_promotionCountdown = 4; + + protected int m_confWidth = -1; + + /** + * Array holding the precomputed ECPoints used for a Window + * NAF multiplication. + */ + protected ECPoint[] m_preComp = null; + + /** + * Array holding the negations of the precomputed ECPoints used + * for a Window NAF multiplication. + */ + protected ECPoint[] m_preCompNeg = null; + + /** + * Holds an ECPoint representing Twice(this). Used for the + * Window NAF multiplication to create or extend the precomputed values. + */ + protected ECPoint m_twice = null; + + protected int m_width = -1; + + internal int DecrementPromotionCountdown() + { + int t = m_promotionCountdown; + if (t > 0) + { + m_promotionCountdown = --t; + } + return t; + } + + internal int PromotionCountdown + { + get { return m_promotionCountdown; } + set { this.m_promotionCountdown = value; } + } + + public virtual bool IsPromoted + { + get { return m_promotionCountdown <= 0; } + } + + public virtual int ConfWidth + { + get { return m_confWidth; } + set { this.m_confWidth = value; } + } + + public virtual ECPoint[] PreComp + { + get { return m_preComp; } + set { this.m_preComp = value; } + } + + public virtual ECPoint[] PreCompNeg + { + get { return m_preCompNeg; } + set { this.m_preCompNeg = value; } + } + + public virtual ECPoint Twice + { + get { return m_twice; } + set { this.m_twice = value; } + } + + public virtual int Width + { + get { return m_width; } + set { this.m_width = value; } + } + } +} diff --git a/BouncyCastle/crypto/src/math/ec/multiplier/WNafUtilities.cs b/BouncyCastle/crypto/src/math/ec/multiplier/WNafUtilities.cs new file mode 100644 index 0000000..42265b2 --- /dev/null +++ b/BouncyCastle/crypto/src/math/ec/multiplier/WNafUtilities.cs @@ -0,0 +1,767 @@ +using System; + +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Math.EC.Multiplier +{ + public abstract class WNafUtilities + { + public static readonly string PRECOMP_NAME = "bc_wnaf"; + + private static readonly int[] DEFAULT_WINDOW_SIZE_CUTOFFS = new int[]{ 13, 41, 121, 337, 897, 2305 }; + private static readonly int MAX_WIDTH = 16; + + private static readonly ECPoint[] EMPTY_POINTS = new ECPoint[0]; + + public static void ConfigureBasepoint(ECPoint p) + { + ECCurve c = p.Curve; + if (null == c) + return; + + BigInteger n = c.Order; + int bits = (null == n) ? c.FieldSize + 1 : n.BitLength; + int confWidth = System.Math.Min(MAX_WIDTH, GetWindowSize(bits) + 3); + + c.Precompute(p, PRECOMP_NAME, new ConfigureBasepointCallback(c, confWidth)); + } + + public static int[] GenerateCompactNaf(BigInteger k) + { + if ((k.BitLength >> 16) != 0) + throw new ArgumentException("must have bitlength < 2^16", "k"); + if (k.SignValue == 0) + return Arrays.EmptyInts; + + BigInteger _3k = k.ShiftLeft(1).Add(k); + + int bits = _3k.BitLength; + int[] naf = new int[bits >> 1]; + + BigInteger diff = _3k.Xor(k); + + int highBit = bits - 1, length = 0, zeroes = 0; + for (int i = 1; i < highBit; ++i) + { + if (!diff.TestBit(i)) + { + ++zeroes; + continue; + } + + int digit = k.TestBit(i) ? -1 : 1; + naf[length++] = (digit << 16) | zeroes; + zeroes = 1; + ++i; + } + + naf[length++] = (1 << 16) | zeroes; + + if (naf.Length > length) + { + naf = Trim(naf, length); + } + + return naf; + } + + public static int[] GenerateCompactWindowNaf(int width, BigInteger k) + { + if (width == 2) + { + return GenerateCompactNaf(k); + } + + if (width < 2 || width > 16) + throw new ArgumentException("must be in the range [2, 16]", "width"); + if ((k.BitLength >> 16) != 0) + throw new ArgumentException("must have bitlength < 2^16", "k"); + if (k.SignValue == 0) + return Arrays.EmptyInts; + + int[] wnaf = new int[k.BitLength / width + 1]; + + // 2^width and a mask and sign bit set accordingly + int pow2 = 1 << width; + int mask = pow2 - 1; + int sign = pow2 >> 1; + + bool carry = false; + int length = 0, pos = 0; + + while (pos <= k.BitLength) + { + if (k.TestBit(pos) == carry) + { + ++pos; + continue; + } + + k = k.ShiftRight(pos); + + int digit = k.IntValue & mask; + if (carry) + { + ++digit; + } + + carry = (digit & sign) != 0; + if (carry) + { + digit -= pow2; + } + + int zeroes = length > 0 ? pos - 1 : pos; + wnaf[length++] = (digit << 16) | zeroes; + pos = width; + } + + // Reduce the WNAF array to its actual length + if (wnaf.Length > length) + { + wnaf = Trim(wnaf, length); + } + + return wnaf; + } + + public static byte[] GenerateJsf(BigInteger g, BigInteger h) + { + int digits = System.Math.Max(g.BitLength, h.BitLength) + 1; + byte[] jsf = new byte[digits]; + + BigInteger k0 = g, k1 = h; + int j = 0, d0 = 0, d1 = 0; + + int offset = 0; + while ((d0 | d1) != 0 || k0.BitLength > offset || k1.BitLength > offset) + { + int n0 = ((int)((uint)k0.IntValue >> offset) + d0) & 7; + int n1 = ((int)((uint)k1.IntValue >> offset) + d1) & 7; + + int u0 = n0 & 1; + if (u0 != 0) + { + u0 -= (n0 & 2); + if ((n0 + u0) == 4 && (n1 & 3) == 2) + { + u0 = -u0; + } + } + + int u1 = n1 & 1; + if (u1 != 0) + { + u1 -= (n1 & 2); + if ((n1 + u1) == 4 && (n0 & 3) == 2) + { + u1 = -u1; + } + } + + if ((d0 << 1) == 1 + u0) + { + d0 ^= 1; + } + if ((d1 << 1) == 1 + u1) + { + d1 ^= 1; + } + + if (++offset == 30) + { + offset = 0; + k0 = k0.ShiftRight(30); + k1 = k1.ShiftRight(30); + } + + jsf[j++] = (byte)((u0 << 4) | (u1 & 0xF)); + } + + // Reduce the JSF array to its actual length + if (jsf.Length > j) + { + jsf = Trim(jsf, j); + } + + return jsf; + } + + public static byte[] GenerateNaf(BigInteger k) + { + if (k.SignValue == 0) + return Arrays.EmptyBytes; + + BigInteger _3k = k.ShiftLeft(1).Add(k); + + int digits = _3k.BitLength - 1; + byte[] naf = new byte[digits]; + + BigInteger diff = _3k.Xor(k); + + for (int i = 1; i < digits; ++i) + { + if (diff.TestBit(i)) + { + naf[i - 1] = (byte)(k.TestBit(i) ? -1 : 1); + ++i; + } + } + + naf[digits - 1] = 1; + + return naf; + } + + /** + * Computes the Window NAF (non-adjacent Form) of an integer. + * @param width The width w of the Window NAF. The width is + * defined as the minimal number w, such that for any + * w consecutive digits in the resulting representation, at + * most one is non-zero. + * @param k The integer of which the Window NAF is computed. + * @return The Window NAF of the given width, such that the following holds: + * k = &sum;i=0l-1 ki2i + * , where the ki denote the elements of the + * returned byte[]. + */ + public static byte[] GenerateWindowNaf(int width, BigInteger k) + { + if (width == 2) + { + return GenerateNaf(k); + } + + if (width < 2 || width > 8) + throw new ArgumentException("must be in the range [2, 8]", "width"); + if (k.SignValue == 0) + return Arrays.EmptyBytes; + + byte[] wnaf = new byte[k.BitLength + 1]; + + // 2^width and a mask and sign bit set accordingly + int pow2 = 1 << width; + int mask = pow2 - 1; + int sign = pow2 >> 1; + + bool carry = false; + int length = 0, pos = 0; + + while (pos <= k.BitLength) + { + if (k.TestBit(pos) == carry) + { + ++pos; + continue; + } + + k = k.ShiftRight(pos); + + int digit = k.IntValue & mask; + if (carry) + { + ++digit; + } + + carry = (digit & sign) != 0; + if (carry) + { + digit -= pow2; + } + + length += (length > 0) ? pos - 1 : pos; + wnaf[length++] = (byte)digit; + pos = width; + } + + // Reduce the WNAF array to its actual length + if (wnaf.Length > length) + { + wnaf = Trim(wnaf, length); + } + + return wnaf; + } + + public static int GetNafWeight(BigInteger k) + { + if (k.SignValue == 0) + return 0; + + BigInteger _3k = k.ShiftLeft(1).Add(k); + BigInteger diff = _3k.Xor(k); + + return diff.BitCount; + } + + public static WNafPreCompInfo GetWNafPreCompInfo(ECPoint p) + { + return GetWNafPreCompInfo(p.Curve.GetPreCompInfo(p, PRECOMP_NAME)); + } + + public static WNafPreCompInfo GetWNafPreCompInfo(PreCompInfo preCompInfo) + { + return preCompInfo as WNafPreCompInfo; + } + + /** + * Determine window width to use for a scalar multiplication of the given size. + * + * @param bits the bit-length of the scalar to multiply by + * @return the window size to use + */ + public static int GetWindowSize(int bits) + { + return GetWindowSize(bits, DEFAULT_WINDOW_SIZE_CUTOFFS, MAX_WIDTH); + } + + /** + * Determine window width to use for a scalar multiplication of the given size. + * + * @param bits the bit-length of the scalar to multiply by + * @param maxWidth the maximum window width to return + * @return the window size to use + */ + public static int GetWindowSize(int bits, int maxWidth) + { + return GetWindowSize(bits, DEFAULT_WINDOW_SIZE_CUTOFFS, maxWidth); + } + + /** + * Determine window width to use for a scalar multiplication of the given size. + * + * @param bits the bit-length of the scalar to multiply by + * @param windowSizeCutoffs a monotonically increasing list of bit sizes at which to increment the window width + * @return the window size to use + */ + public static int GetWindowSize(int bits, int[] windowSizeCutoffs) + { + return GetWindowSize(bits, windowSizeCutoffs, MAX_WIDTH); + } + + /** + * Determine window width to use for a scalar multiplication of the given size. + * + * @param bits the bit-length of the scalar to multiply by + * @param windowSizeCutoffs a monotonically increasing list of bit sizes at which to increment the window width + * @param maxWidth the maximum window width to return + * @return the window size to use + */ + public static int GetWindowSize(int bits, int[] windowSizeCutoffs, int maxWidth) + { + int w = 0; + for (; w < windowSizeCutoffs.Length; ++w) + { + if (bits < windowSizeCutoffs[w]) + { + break; + } + } + + return System.Math.Max(2, System.Math.Min(maxWidth, w + 2)); + } + + [Obsolete] + public static ECPoint MapPointWithPrecomp(ECPoint p, int minWidth, bool includeNegated, + ECPointMap pointMap) + { + ECCurve c = p.Curve; + WNafPreCompInfo infoP = Precompute(p, minWidth, includeNegated); + + ECPoint q = pointMap.Map(p); + c.Precompute(q, PRECOMP_NAME, new MapPointCallback(infoP, includeNegated, pointMap)); + return q; + } + + public static WNafPreCompInfo Precompute(ECPoint p, int minWidth, bool includeNegated) + { + return (WNafPreCompInfo)p.Curve.Precompute(p, PRECOMP_NAME, + new PrecomputeCallback(p, minWidth, includeNegated)); + } + + public static WNafPreCompInfo PrecomputeWithPointMap(ECPoint p, ECPointMap pointMap, WNafPreCompInfo fromWNaf, + bool includeNegated) + { + return (WNafPreCompInfo)p.Curve.Precompute(p, PRECOMP_NAME, + new PrecomputeWithPointMapCallback(p, pointMap, fromWNaf, includeNegated)); + } + + private static byte[] Trim(byte[] a, int length) + { + byte[] result = new byte[length]; + Array.Copy(a, 0, result, 0, result.Length); + return result; + } + + private static int[] Trim(int[] a, int length) + { + int[] result = new int[length]; + Array.Copy(a, 0, result, 0, result.Length); + return result; + } + + private static ECPoint[] ResizeTable(ECPoint[] a, int length) + { + ECPoint[] result = new ECPoint[length]; + Array.Copy(a, 0, result, 0, a.Length); + return result; + } + + private class ConfigureBasepointCallback + : IPreCompCallback + { + private readonly ECCurve m_curve; + private readonly int m_confWidth; + + internal ConfigureBasepointCallback(ECCurve curve, int confWidth) + { + this.m_curve = curve; + this.m_confWidth = confWidth; + } + + public PreCompInfo Precompute(PreCompInfo existing) + { + WNafPreCompInfo existingWNaf = existing as WNafPreCompInfo; + + if (null != existingWNaf && existingWNaf.ConfWidth == m_confWidth) + { + existingWNaf.PromotionCountdown = 0; + return existingWNaf; + } + + WNafPreCompInfo result = new WNafPreCompInfo(); + + result.PromotionCountdown = 0; + result.ConfWidth = m_confWidth; + + if (null != existingWNaf) + { + result.PreComp = existingWNaf.PreComp; + result.PreCompNeg = existingWNaf.PreCompNeg; + result.Twice = existingWNaf.Twice; + result.Width = existingWNaf.Width; + } + + return result; + } + } + + private class MapPointCallback + : IPreCompCallback + { + private readonly WNafPreCompInfo m_infoP; + private readonly bool m_includeNegated; + private readonly ECPointMap m_pointMap; + + internal MapPointCallback(WNafPreCompInfo infoP, bool includeNegated, ECPointMap pointMap) + { + this.m_infoP = infoP; + this.m_includeNegated = includeNegated; + this.m_pointMap = pointMap; + } + + public PreCompInfo Precompute(PreCompInfo existing) + { + WNafPreCompInfo result = new WNafPreCompInfo(); + + result.ConfWidth = m_infoP.ConfWidth; + + ECPoint twiceP = m_infoP.Twice; + if (null != twiceP) + { + ECPoint twiceQ = m_pointMap.Map(twiceP); + result.Twice = twiceQ; + } + + ECPoint[] preCompP = m_infoP.PreComp; + ECPoint[] preCompQ = new ECPoint[preCompP.Length]; + for (int i = 0; i < preCompP.Length; ++i) + { + preCompQ[i] = m_pointMap.Map(preCompP[i]); + } + result.PreComp = preCompQ; + result.Width = m_infoP.Width; + + if (m_includeNegated) + { + ECPoint[] preCompNegQ = new ECPoint[preCompQ.Length]; + for (int i = 0; i < preCompNegQ.Length; ++i) + { + preCompNegQ[i] = preCompQ[i].Negate(); + } + result.PreCompNeg = preCompNegQ; + } + + return result; + } + } + + private class PrecomputeCallback + : IPreCompCallback + { + private readonly ECPoint m_p; + private readonly int m_minWidth; + private readonly bool m_includeNegated; + + internal PrecomputeCallback(ECPoint p, int minWidth, bool includeNegated) + { + this.m_p = p; + this.m_minWidth = minWidth; + this.m_includeNegated = includeNegated; + } + + public PreCompInfo Precompute(PreCompInfo existing) + { + WNafPreCompInfo existingWNaf = existing as WNafPreCompInfo; + + int width = System.Math.Max(2, System.Math.Min(MAX_WIDTH, m_minWidth)); + int reqPreCompLen = 1 << (width - 2); + + if (CheckExisting(existingWNaf, width, reqPreCompLen, m_includeNegated)) + { + existingWNaf.DecrementPromotionCountdown(); + return existingWNaf; + } + + WNafPreCompInfo result = new WNafPreCompInfo(); + + ECCurve c = m_p.Curve; + ECPoint[] preComp = null, preCompNeg = null; + ECPoint twiceP = null; + + if (null != existingWNaf) + { + int promotionCountdown = existingWNaf.DecrementPromotionCountdown(); + result.PromotionCountdown = promotionCountdown; + + int confWidth = existingWNaf.ConfWidth; + result.ConfWidth = confWidth; + + preComp = existingWNaf.PreComp; + preCompNeg = existingWNaf.PreCompNeg; + twiceP = existingWNaf.Twice; + } + + width = System.Math.Min(MAX_WIDTH, System.Math.Max(result.ConfWidth, width)); + reqPreCompLen = 1 << (width - 2); + + int iniPreCompLen = 0; + if (null == preComp) + { + preComp = EMPTY_POINTS; + } + else + { + iniPreCompLen = preComp.Length; + } + + if (iniPreCompLen < reqPreCompLen) + { + preComp = WNafUtilities.ResizeTable(preComp, reqPreCompLen); + + if (reqPreCompLen == 1) + { + preComp[0] = m_p.Normalize(); + } + else + { + int curPreCompLen = iniPreCompLen; + if (curPreCompLen == 0) + { + preComp[0] = m_p; + curPreCompLen = 1; + } + + ECFieldElement iso = null; + + if (reqPreCompLen == 2) + { + preComp[1] = m_p.ThreeTimes(); + } + else + { + ECPoint isoTwiceP = twiceP, last = preComp[curPreCompLen - 1]; + if (null == isoTwiceP) + { + isoTwiceP = preComp[0].Twice(); + twiceP = isoTwiceP; + + /* + * For Fp curves with Jacobian projective coordinates, use a (quasi-)isomorphism + * where 'twiceP' is "affine", so that the subsequent additions are cheaper. This + * also requires scaling the initial point's X, Y coordinates, and reversing the + * isomorphism as part of the subsequent normalization. + * + * NOTE: The correctness of this optimization depends on: + * 1) additions do not use the curve's A, B coefficients. + * 2) no special cases (i.e. Q +/- Q) when calculating 1P, 3P, 5P, ... + */ + if (!twiceP.IsInfinity && ECAlgorithms.IsFpCurve(c) && c.FieldSize >= 64) + { + switch (c.CoordinateSystem) + { + case ECCurve.COORD_JACOBIAN: + case ECCurve.COORD_JACOBIAN_CHUDNOVSKY: + case ECCurve.COORD_JACOBIAN_MODIFIED: + { + iso = twiceP.GetZCoord(0); + isoTwiceP = c.CreatePoint(twiceP.XCoord.ToBigInteger(), + twiceP.YCoord.ToBigInteger()); + + ECFieldElement iso2 = iso.Square(), iso3 = iso2.Multiply(iso); + last = last.ScaleX(iso2).ScaleY(iso3); + + if (iniPreCompLen == 0) + { + preComp[0] = last; + } + break; + } + } + } + } + + while (curPreCompLen < reqPreCompLen) + { + /* + * Compute the new ECPoints for the precomputation array. The values 1, 3, + * 5, ..., 2^(width-1)-1 times p are computed + */ + preComp[curPreCompLen++] = last = last.Add(isoTwiceP); + } + } + + /* + * Having oft-used operands in affine form makes operations faster. + */ + c.NormalizeAll(preComp, iniPreCompLen, reqPreCompLen - iniPreCompLen, iso); + } + } + + if (m_includeNegated) + { + int pos; + if (null == preCompNeg) + { + pos = 0; + preCompNeg = new ECPoint[reqPreCompLen]; + } + else + { + pos = preCompNeg.Length; + if (pos < reqPreCompLen) + { + preCompNeg = WNafUtilities.ResizeTable(preCompNeg, reqPreCompLen); + } + } + + while (pos < reqPreCompLen) + { + preCompNeg[pos] = preComp[pos].Negate(); + ++pos; + } + } + + result.PreComp = preComp; + result.PreCompNeg = preCompNeg; + result.Twice = twiceP; + result.Width = width; + return result; + } + + private bool CheckExisting(WNafPreCompInfo existingWNaf, int width, int reqPreCompLen, bool includeNegated) + { + return null != existingWNaf + && existingWNaf.Width >= System.Math.Max(existingWNaf.ConfWidth, width) + && CheckTable(existingWNaf.PreComp, reqPreCompLen) + && (!includeNegated || CheckTable(existingWNaf.PreCompNeg, reqPreCompLen)); + } + + private bool CheckTable(ECPoint[] table, int reqLen) + { + return null != table && table.Length >= reqLen; + } + } + + private class PrecomputeWithPointMapCallback + : IPreCompCallback + { + private readonly ECPoint m_point; + private readonly ECPointMap m_pointMap; + private readonly WNafPreCompInfo m_fromWNaf; + private readonly bool m_includeNegated; + + internal PrecomputeWithPointMapCallback(ECPoint point, ECPointMap pointMap, WNafPreCompInfo fromWNaf, + bool includeNegated) + { + this.m_point = point; + this.m_pointMap = pointMap; + this.m_fromWNaf = fromWNaf; + this.m_includeNegated = includeNegated; + } + + public PreCompInfo Precompute(PreCompInfo existing) + { + WNafPreCompInfo existingWNaf = existing as WNafPreCompInfo; + + int width = m_fromWNaf.Width; + int reqPreCompLen = m_fromWNaf.PreComp.Length; + + if (CheckExisting(existingWNaf, width, reqPreCompLen, m_includeNegated)) + { + existingWNaf.DecrementPromotionCountdown(); + return existingWNaf; + } + + /* + * TODO Ideally this method would support incremental calculation, but given the + * existing use-cases it would be of little-to-no benefit. + */ + WNafPreCompInfo result = new WNafPreCompInfo(); + + result.PromotionCountdown = m_fromWNaf.PromotionCountdown; + + ECPoint twiceFrom = m_fromWNaf.Twice; + if (null != twiceFrom) + { + ECPoint twice = m_pointMap.Map(twiceFrom); + result.Twice = twice; + } + + ECPoint[] preCompFrom = m_fromWNaf.PreComp; + ECPoint[] preComp = new ECPoint[preCompFrom.Length]; + for (int i = 0; i < preCompFrom.Length; ++i) + { + preComp[i] = m_pointMap.Map(preCompFrom[i]); + } + result.PreComp = preComp; + result.Width = width; + + if (m_includeNegated) + { + ECPoint[] preCompNeg = new ECPoint[preComp.Length]; + for (int i = 0; i < preCompNeg.Length; ++i) + { + preCompNeg[i] = preComp[i].Negate(); + } + result.PreCompNeg = preCompNeg; + } + + return result; + } + + private bool CheckExisting(WNafPreCompInfo existingWNaf, int width, int reqPreCompLen, bool includeNegated) + { + return null != existingWNaf + && existingWNaf.Width >= width + && CheckTable(existingWNaf.PreComp, reqPreCompLen) + && (!includeNegated || CheckTable(existingWNaf.PreCompNeg, reqPreCompLen)); + } + + private bool CheckTable(ECPoint[] table, int reqLen) + { + return null != table && table.Length >= reqLen; + } + } + } +} diff --git a/BouncyCastle/crypto/src/math/ec/multiplier/WTauNafMultiplier.cs b/BouncyCastle/crypto/src/math/ec/multiplier/WTauNafMultiplier.cs new file mode 100644 index 0000000..4dce544 --- /dev/null +++ b/BouncyCastle/crypto/src/math/ec/multiplier/WTauNafMultiplier.cs @@ -0,0 +1,138 @@ +using System; + +using Org.BouncyCastle.Math.EC.Abc; + +namespace Org.BouncyCastle.Math.EC.Multiplier +{ + /** + * Class implementing the WTNAF (Window + * τ-adic Non-Adjacent Form) algorithm. + */ + public class WTauNafMultiplier + : AbstractECMultiplier + { + // TODO Create WTauNafUtilities class and move various functionality into it + internal static readonly string PRECOMP_NAME = "bc_wtnaf"; + + /** + * Multiplies a {@link org.bouncycastle.math.ec.AbstractF2mPoint AbstractF2mPoint} + * by k using the reduced τ-adic NAF (RTNAF) + * method. + * @param p The AbstractF2mPoint to multiply. + * @param k The integer by which to multiply k. + * @return p multiplied by k. + */ + protected override ECPoint MultiplyPositive(ECPoint point, BigInteger k) + { + if (!(point is AbstractF2mPoint)) + throw new ArgumentException("Only AbstractF2mPoint can be used in WTauNafMultiplier"); + + AbstractF2mPoint p = (AbstractF2mPoint)point; + AbstractF2mCurve curve = (AbstractF2mCurve)p.Curve; + int m = curve.FieldSize; + sbyte a = (sbyte)curve.A.ToBigInteger().IntValue; + sbyte mu = Tnaf.GetMu(a); + BigInteger[] s = curve.GetSi(); + + ZTauElement rho = Tnaf.PartModReduction(k, m, a, s, mu, (sbyte)10); + + return MultiplyWTnaf(p, rho, a, mu); + } + + /** + * Multiplies a {@link org.bouncycastle.math.ec.AbstractF2mPoint AbstractF2mPoint} + * by an element λ of Z[τ] using + * the τ-adic NAF (TNAF) method. + * @param p The AbstractF2mPoint to multiply. + * @param lambda The element λ of + * Z[τ] of which to compute the + * [τ]-adic NAF. + * @return p multiplied by λ. + */ + private AbstractF2mPoint MultiplyWTnaf(AbstractF2mPoint p, ZTauElement lambda, + sbyte a, sbyte mu) + { + ZTauElement[] alpha = (a == 0) ? Tnaf.Alpha0 : Tnaf.Alpha1; + + BigInteger tw = Tnaf.GetTw(mu, Tnaf.Width); + + sbyte[]u = Tnaf.TauAdicWNaf(mu, lambda, Tnaf.Width, + BigInteger.ValueOf(Tnaf.Pow2Width), tw, alpha); + + return MultiplyFromWTnaf(p, u); + } + + /** + * Multiplies a {@link org.bouncycastle.math.ec.AbstractF2mPoint AbstractF2mPoint} + * by an element λ of Z[τ] + * using the window τ-adic NAF (TNAF) method, given the + * WTNAF of λ. + * @param p The AbstractF2mPoint to multiply. + * @param u The the WTNAF of λ.. + * @return λ * p + */ + private static AbstractF2mPoint MultiplyFromWTnaf(AbstractF2mPoint p, sbyte[] u) + { + AbstractF2mCurve curve = (AbstractF2mCurve)p.Curve; + sbyte a = (sbyte)curve.A.ToBigInteger().IntValue; + + WTauNafCallback callback = new WTauNafCallback(p, a); + WTauNafPreCompInfo preCompInfo = (WTauNafPreCompInfo)curve.Precompute(p, PRECOMP_NAME, callback); + AbstractF2mPoint[] pu = preCompInfo.PreComp; + + // TODO Include negations in precomp (optionally) and use from here + AbstractF2mPoint[] puNeg = new AbstractF2mPoint[pu.Length]; + for (int i = 0; i < pu.Length; ++i) + { + puNeg[i] = (AbstractF2mPoint)pu[i].Negate(); + } + + + // q = infinity + AbstractF2mPoint q = (AbstractF2mPoint) p.Curve.Infinity; + + int tauCount = 0; + for (int i = u.Length - 1; i >= 0; i--) + { + ++tauCount; + int ui = u[i]; + if (ui != 0) + { + q = q.TauPow(tauCount); + tauCount = 0; + + ECPoint x = ui > 0 ? pu[ui >> 1] : puNeg[(-ui) >> 1]; + q = (AbstractF2mPoint)q.Add(x); + } + } + if (tauCount > 0) + { + q = q.TauPow(tauCount); + } + return q; + } + + private class WTauNafCallback + : IPreCompCallback + { + private readonly AbstractF2mPoint m_p; + private readonly sbyte m_a; + + internal WTauNafCallback(AbstractF2mPoint p, sbyte a) + { + this.m_p = p; + this.m_a = a; + } + + public PreCompInfo Precompute(PreCompInfo existing) + { + if (existing is WTauNafPreCompInfo) + return existing; + + WTauNafPreCompInfo result = new WTauNafPreCompInfo(); + result.PreComp = Tnaf.GetPreComp(m_p, m_a); + return result; + } + } + } +} diff --git a/BouncyCastle/crypto/src/math/ec/multiplier/WTauNafPreCompInfo.cs b/BouncyCastle/crypto/src/math/ec/multiplier/WTauNafPreCompInfo.cs new file mode 100644 index 0000000..72659b3 --- /dev/null +++ b/BouncyCastle/crypto/src/math/ec/multiplier/WTauNafPreCompInfo.cs @@ -0,0 +1,24 @@ +namespace Org.BouncyCastle.Math.EC.Multiplier +{ + /** + * Class holding precomputation data for the WTNAF (Window + * τ-adic Non-Adjacent Form) algorithm. + */ + public class WTauNafPreCompInfo + : PreCompInfo + { + /** + * Array holding the precomputed AbstractF2mPoints used for the + * WTNAF multiplication in + * {@link org.bouncycastle.math.ec.multiplier.WTauNafMultiplier.multiply() + * WTauNafMultiplier.multiply()}. + */ + protected AbstractF2mPoint[] m_preComp; + + public virtual AbstractF2mPoint[] PreComp + { + get { return m_preComp; } + set { this.m_preComp = value; } + } + } +} diff --git a/BouncyCastle/crypto/src/math/ec/multiplier/ZSignedDigitL2RMultiplier.cs b/BouncyCastle/crypto/src/math/ec/multiplier/ZSignedDigitL2RMultiplier.cs new file mode 100644 index 0000000..1c7a5d1 --- /dev/null +++ b/BouncyCastle/crypto/src/math/ec/multiplier/ZSignedDigitL2RMultiplier.cs @@ -0,0 +1,32 @@ +using System; + +namespace Org.BouncyCastle.Math.EC.Multiplier +{ + [Obsolete("Will be removed")] + public class ZSignedDigitL2RMultiplier + : AbstractECMultiplier + { + /** + * 'Zeroless' Signed Digit Left-to-Right. + */ + protected override ECPoint MultiplyPositive(ECPoint p, BigInteger k) + { + ECPoint addP = p.Normalize(), subP = addP.Negate(); + + ECPoint R0 = addP; + + int n = k.BitLength; + int s = k.GetLowestSetBit(); + + int i = n; + while (--i > s) + { + R0 = R0.TwicePlus(k.TestBit(i) ? addP : subP); + } + + R0 = R0.TimesPow2(s); + + return R0; + } + } +} diff --git a/BouncyCastle/crypto/src/math/ec/multiplier/ZSignedDigitR2LMultiplier.cs b/BouncyCastle/crypto/src/math/ec/multiplier/ZSignedDigitR2LMultiplier.cs new file mode 100644 index 0000000..46d234c --- /dev/null +++ b/BouncyCastle/crypto/src/math/ec/multiplier/ZSignedDigitR2LMultiplier.cs @@ -0,0 +1,33 @@ +using System; + +namespace Org.BouncyCastle.Math.EC.Multiplier +{ + [Obsolete("Will be removed")] + public class ZSignedDigitR2LMultiplier + : AbstractECMultiplier + { + /** + * 'Zeroless' Signed Digit Right-to-Left. + */ + protected override ECPoint MultiplyPositive(ECPoint p, BigInteger k) + { + ECPoint R0 = p.Curve.Infinity, R1 = p; + + int n = k.BitLength; + int s = k.GetLowestSetBit(); + + R1 = R1.TimesPow2(s); + + int i = s; + while (++i < n) + { + R0 = R0.Add(k.TestBit(i) ? R1 : R1.Negate()); + R1 = R1.Twice(); + } + + R0 = R0.Add(R1); + + return R0; + } + } +} diff --git a/BouncyCastle/crypto/src/math/ec/rfc7748/X25519.cs b/BouncyCastle/crypto/src/math/ec/rfc7748/X25519.cs new file mode 100644 index 0000000..bf845d2 --- /dev/null +++ b/BouncyCastle/crypto/src/math/ec/rfc7748/X25519.cs @@ -0,0 +1,161 @@ +using System; +using System.Diagnostics; + +using Org.BouncyCastle.Math.EC.Rfc8032; +using Org.BouncyCastle.Security; +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Math.EC.Rfc7748 +{ + public abstract class X25519 + { + public const int PointSize = 32; + public const int ScalarSize = 32; + + private class F : X25519Field {}; + + private const int C_A = 486662; + private const int C_A24 = (C_A + 2)/4; + + //private static readonly int[] SqrtNeg486664 = { 0x03457E06, 0x03812ABF, 0x01A82CC6, 0x028A5BE8, 0x018B43A7, + // 0x03FC4F7E, 0x02C23700, 0x006BBD27, 0x03A30500, 0x001E4DDB }; + + public static bool CalculateAgreement(byte[] k, int kOff, byte[] u, int uOff, byte[] r, int rOff) + { + ScalarMult(k, kOff, u, uOff, r, rOff); + return !Arrays.AreAllZeroes(r, rOff, PointSize); + } + + private static uint Decode32(byte[] bs, int off) + { + uint n = bs[off]; + n |= (uint)bs[++off] << 8; + n |= (uint)bs[++off] << 16; + n |= (uint)bs[++off] << 24; + return n; + } + + private static void DecodeScalar(byte[] k, int kOff, uint[] n) + { + for (int i = 0; i < 8; ++i) + { + n[i] = Decode32(k, kOff + i * 4); + } + + n[0] &= 0xFFFFFFF8U; + n[7] &= 0x7FFFFFFFU; + n[7] |= 0x40000000U; + } + + public static void GeneratePrivateKey(SecureRandom random, byte[] k) + { + random.NextBytes(k); + + k[0] &= 0xF8; + k[ScalarSize - 1] &= 0x7F; + k[ScalarSize - 1] |= 0x40; + } + + public static void GeneratePublicKey(byte[] k, int kOff, byte[] r, int rOff) + { + ScalarMultBase(k, kOff, r, rOff); + } + + private static void PointDouble(int[] x, int[] z) + { + int[] a = F.Create(); + int[] b = F.Create(); + + F.Apm(x, z, a, b); + F.Sqr(a, a); + F.Sqr(b, b); + F.Mul(a, b, x); + F.Sub(a, b, a); + F.Mul(a, C_A24, z); + F.Add(z, b, z); + F.Mul(z, a, z); + } + + public static void Precompute() + { + Ed25519.Precompute(); + } + + public static void ScalarMult(byte[] k, int kOff, byte[] u, int uOff, byte[] r, int rOff) + { + uint[] n = new uint[8]; DecodeScalar(k, kOff, n); + + int[] x1 = F.Create(); F.Decode(u, uOff, x1); + int[] x2 = F.Create(); F.Copy(x1, 0, x2, 0); + int[] z2 = F.Create(); z2[0] = 1; + int[] x3 = F.Create(); x3[0] = 1; + int[] z3 = F.Create(); + + int[] t1 = F.Create(); + int[] t2 = F.Create(); + + Debug.Assert(n[7] >> 30 == 1U); + + int bit = 254, swap = 1; + do + { + F.Apm(x3, z3, t1, x3); + F.Apm(x2, z2, z3, x2); + F.Mul(t1, x2, t1); + F.Mul(x3, z3, x3); + F.Sqr(z3, z3); + F.Sqr(x2, x2); + + F.Sub(z3, x2, t2); + F.Mul(t2, C_A24, z2); + F.Add(z2, x2, z2); + F.Mul(z2, t2, z2); + F.Mul(x2, z3, x2); + + F.Apm(t1, x3, x3, z3); + F.Sqr(x3, x3); + F.Sqr(z3, z3); + F.Mul(z3, x1, z3); + + --bit; + + int word = bit >> 5, shift = bit & 0x1F; + int kt = (int)(n[word] >> shift) & 1; + swap ^= kt; + F.CSwap(swap, x2, x3); + F.CSwap(swap, z2, z3); + swap = kt; + } + while (bit >= 3); + + Debug.Assert(swap == 0); + + for (int i = 0; i < 3; ++i) + { + PointDouble(x2, z2); + } + + F.Inv(z2, z2); + F.Mul(x2, z2, x2); + + F.Normalize(x2); + F.Encode(x2, r, rOff); + } + + public static void ScalarMultBase(byte[] k, int kOff, byte[] r, int rOff) + { + int[] y = F.Create(); + int[] z = F.Create(); + + Ed25519.ScalarMultBaseYZ(k, kOff, y, z); + + F.Apm(z, y, y, z); + + F.Inv(z, z); + F.Mul(y, z, y); + + F.Normalize(y); + F.Encode(y, r, rOff); + } + } +} diff --git a/BouncyCastle/crypto/src/math/ec/rfc7748/X25519Field.cs b/BouncyCastle/crypto/src/math/ec/rfc7748/X25519Field.cs new file mode 100644 index 0000000..d0b8352 --- /dev/null +++ b/BouncyCastle/crypto/src/math/ec/rfc7748/X25519Field.cs @@ -0,0 +1,759 @@ +using System; +using System.Diagnostics; + +using Org.BouncyCastle.Math.Raw; + +namespace Org.BouncyCastle.Math.EC.Rfc7748 +{ + public abstract class X25519Field + { + public const int Size = 10; + + private const int M24 = 0x00FFFFFF; + private const int M25 = 0x01FFFFFF; + private const int M26 = 0x03FFFFFF; + + private static readonly uint[] P32 = new uint[]{ 0xFFFFFFEDU, 0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU, + 0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU, 0x7FFFFFFFU }; + private static readonly int[] RootNegOne = { 0x020EA0B0, 0x0386C9D2, 0x00478C4E, 0x0035697F, 0x005E8630, + 0x01FBD7A7, 0x0340264F, 0x01F0B2B4, 0x00027E0E, 0x00570649 }; + + protected X25519Field() {} + + public static void Add(int[] x, int[] y, int[] z) + { + for (int i = 0; i < Size; ++i) + { + z[i] = x[i] + y[i]; + } + } + + public static void AddOne(int[] z) + { + z[0] += 1; + } + + public static void AddOne(int[] z, int zOff) + { + z[zOff] += 1; + } + + public static void Apm(int[] x, int[] y, int[] zp, int[] zm) + { + for (int i = 0; i < Size; ++i) + { + int xi = x[i], yi = y[i]; + zp[i] = xi + yi; + zm[i] = xi - yi; + } + } + + public static int AreEqual(int[] x, int[] y) + { + int d = 0; + for (int i = 0; i < Size; ++i) + { + d |= x[i] ^ y[i]; + } + d |= d >> 16; + d &= 0xFFFF; + return (d - 1) >> 31; + } + + public static bool AreEqualVar(int[] x, int[] y) + { + return 0 != AreEqual(x, y); + } + + public static void Carry(int[] z) + { + int z0 = z[0], z1 = z[1], z2 = z[2], z3 = z[3], z4 = z[4]; + int z5 = z[5], z6 = z[6], z7 = z[7], z8 = z[8], z9 = z[9]; + + z2 += (z1 >> 26); z1 &= M26; + z4 += (z3 >> 26); z3 &= M26; + z7 += (z6 >> 26); z6 &= M26; + z9 += (z8 >> 26); z8 &= M26; + + z3 += (z2 >> 25); z2 &= M25; + z5 += (z4 >> 25); z4 &= M25; + z8 += (z7 >> 25); z7 &= M25; + //z0 += (z9 >> 24) * 19; z9 &= M24; + z0 += (z9 >> 25) * 38; z9 &= M25; + + z1 += (z0 >> 26); z0 &= M26; + z6 += (z5 >> 26); z5 &= M26; + + z2 += (z1 >> 26); z1 &= M26; + z4 += (z3 >> 26); z3 &= M26; + z7 += (z6 >> 26); z6 &= M26; + z9 += (z8 >> 26); z8 &= M26; + + z[0] = z0; z[1] = z1; z[2] = z2; z[3] = z3; z[4] = z4; + z[5] = z5; z[6] = z6; z[7] = z7; z[8] = z8; z[9] = z9; + } + + public static void CMov(int cond, int[] x, int xOff, int[] z, int zOff) + { + Debug.Assert(0 == cond || -1 == cond); + + for (int i = 0; i < Size; ++i) + { + int z_i = z[zOff + i], diff = z_i ^ x[xOff + i]; + z_i ^= (diff & cond); + z[zOff + i] = z_i; + } + } + + public static void CNegate(int negate, int[] z) + { + Debug.Assert(negate >> 1 == 0); + + int mask = 0 - negate; + for (int i = 0; i < Size; ++i) + { + z[i] = (z[i] ^ mask) - mask; + } + } + + public static void Copy(int[] x, int xOff, int[] z, int zOff) + { + for (int i = 0; i < Size; ++i) + { + z[zOff + i] = x[xOff + i]; + } + } + + public static int[] Create() + { + return new int[Size]; + } + + public static int[] CreateTable(int n) + { + return new int[Size * n]; + } + + public static void CSwap(int swap, int[] a, int[] b) + { + Debug.Assert(swap >> 1 == 0); + Debug.Assert(a != b); + + int mask = 0 - swap; + for (int i = 0; i < Size; ++i) + { + int ai = a[i], bi = b[i]; + int dummy = mask & (ai ^ bi); + a[i] = ai ^ dummy; + b[i] = bi ^ dummy; + } + } + + [CLSCompliantAttribute(false)] + public static void Decode(uint[] x, int xOff, int[] z) + { + Decode128(x, xOff, z, 0); + Decode128(x, xOff + 4, z, 5); + z[9] &= M24; + } + + public static void Decode(byte[] x, int xOff, int[] z) + { + Decode128(x, xOff, z, 0); + Decode128(x, xOff + 16, z, 5); + z[9] &= M24; + } + + private static void Decode128(uint[] x, int xOff, int[] z, int zOff) + { + uint t0 = x[xOff + 0], t1 = x[xOff + 1], t2 = x[xOff + 2], t3 = x[xOff + 3]; + + z[zOff + 0] = (int)t0 & M26; + z[zOff + 1] = (int)((t1 << 6) | (t0 >> 26)) & M26; + z[zOff + 2] = (int)((t2 << 12) | (t1 >> 20)) & M25; + z[zOff + 3] = (int)((t3 << 19) | (t2 >> 13)) & M26; + z[zOff + 4] = (int)(t3 >> 7); + } + + private static void Decode128(byte[] bs, int off, int[] z, int zOff) + { + uint t0 = Decode32(bs, off + 0); + uint t1 = Decode32(bs, off + 4); + uint t2 = Decode32(bs, off + 8); + uint t3 = Decode32(bs, off + 12); + + z[zOff + 0] = (int)t0 & M26; + z[zOff + 1] = (int)((t1 << 6) | (t0 >> 26)) & M26; + z[zOff + 2] = (int)((t2 << 12) | (t1 >> 20)) & M25; + z[zOff + 3] = (int)((t3 << 19) | (t2 >> 13)) & M26; + z[zOff + 4] = (int)(t3 >> 7); + } + + private static uint Decode32(byte[] bs, int off) + { + uint n = bs[off]; + n |= (uint)bs[++off] << 8; + n |= (uint)bs[++off] << 16; + n |= (uint)bs[++off] << 24; + return n; + } + + [CLSCompliantAttribute(false)] + public static void Encode(int[] x, uint[] z, int zOff) + { + Encode128(x, 0, z, zOff); + Encode128(x, 5, z, zOff + 4); + } + + public static void Encode(int[] x, byte[] z, int zOff) + { + Encode128(x, 0, z, zOff); + Encode128(x, 5, z, zOff + 16); + } + + private static void Encode128(int[] x, int xOff, uint[] z, int zOff) + { + uint x0 = (uint)x[xOff + 0], x1 = (uint)x[xOff + 1], x2 = (uint)x[xOff + 2], x3 = (uint)x[xOff + 3], + x4 = (uint)x[xOff + 4]; + + z[zOff + 0] = x0 | (x1 << 26); + z[zOff + 1] = (x1 >> 6) | (x2 << 20); + z[zOff + 2] = (x2 >> 12) | (x3 << 13); + z[zOff + 3] = (x3 >> 19) | (x4 << 7); + } + + private static void Encode128(int[] x, int xOff, byte[] bs, int off) + { + uint x0 = (uint)x[xOff + 0], x1 = (uint)x[xOff + 1], x2 = (uint)x[xOff + 2]; + uint x3 = (uint)x[xOff + 3], x4 = (uint)x[xOff + 4]; + + uint t0 = x0 | (x1 << 26); Encode32(t0, bs, off + 0); + uint t1 = (x1 >> 6) | (x2 << 20); Encode32(t1, bs, off + 4); + uint t2 = (x2 >> 12) | (x3 << 13); Encode32(t2, bs, off + 8); + uint t3 = (x3 >> 19) | (x4 << 7); Encode32(t3, bs, off + 12); + } + + private static void Encode32(uint n, byte[] bs, int off) + { + bs[ off] = (byte)(n ); + bs[++off] = (byte)(n >> 8); + bs[++off] = (byte)(n >> 16); + bs[++off] = (byte)(n >> 24); + } + + public static void Inv(int[] x, int[] z) + { + //int[] x2 = Create(); + //int[] t = Create(); + //PowPm5d8(x, x2, t); + //Sqr(t, 3, t); + //Mul(t, x2, z); + + int[] t = Create(); + uint[] u = new uint[8]; + + Copy(x, 0, t, 0); + Normalize(t); + Encode(t, u, 0); + + Mod.ModOddInverse(P32, u, u); + + Decode(u, 0, z); + } + + public static void InvVar(int[] x, int[] z) + { + int[] t = Create(); + uint[] u = new uint[8]; + + Copy(x, 0, t, 0); + Normalize(t); + Encode(t, u, 0); + + Mod.ModOddInverseVar(P32, u, u); + + Decode(u, 0, z); + } + + public static int IsOne(int[] x) + { + int d = x[0] ^ 1; + for (int i = 1; i < Size; ++i) + { + d |= x[i]; + } + d |= d >> 16; + d &= 0xFFFF; + return (d - 1) >> 31; + } + + public static bool IsOneVar(int[] x) + { + return 0 != IsOne(x); + } + + public static int IsZero(int[] x) + { + int d = 0; + for (int i = 0; i < Size; ++i) + { + d |= x[i]; + } + d |= d >> 16; + d &= 0xFFFF; + return (d - 1) >> 31; + } + + public static bool IsZeroVar(int[] x) + { + return 0 != IsZero(x); + } + + public static void Mul(int[] x, int y, int[] z) + { + int x0 = x[0], x1 = x[1], x2 = x[2], x3 = x[3], x4 = x[4]; + int x5 = x[5], x6 = x[6], x7 = x[7], x8 = x[8], x9 = x[9]; + long c0, c1, c2, c3; + + c0 = (long)x2 * y; x2 = (int)c0 & M25; c0 >>= 25; + c1 = (long)x4 * y; x4 = (int)c1 & M25; c1 >>= 25; + c2 = (long)x7 * y; x7 = (int)c2 & M25; c2 >>= 25; + //c3 = (long)x9 * y; x9 = (int)c3 & M24; c3 >>= 24; + //c3 *= 19; + c3 = (long)x9 * y; x9 = (int)c3 & M25; c3 >>= 25; + c3 *= 38; + + c3 += (long)x0 * y; z[0] = (int)c3 & M26; c3 >>= 26; + c1 += (long)x5 * y; z[5] = (int)c1 & M26; c1 >>= 26; + + c3 += (long)x1 * y; z[1] = (int)c3 & M26; c3 >>= 26; + c0 += (long)x3 * y; z[3] = (int)c0 & M26; c0 >>= 26; + c1 += (long)x6 * y; z[6] = (int)c1 & M26; c1 >>= 26; + c2 += (long)x8 * y; z[8] = (int)c2 & M26; c2 >>= 26; + + z[2] = x2 + (int)c3; + z[4] = x4 + (int)c0; + z[7] = x7 + (int)c1; + z[9] = x9 + (int)c2; + } + + public static void Mul(int[] x, int[] y, int[] z) + { + int x0 = x[0], y0 = y[0]; + int x1 = x[1], y1 = y[1]; + int x2 = x[2], y2 = y[2]; + int x3 = x[3], y3 = y[3]; + int x4 = x[4], y4 = y[4]; + + int u0 = x[5], v0 = y[5]; + int u1 = x[6], v1 = y[6]; + int u2 = x[7], v2 = y[7]; + int u3 = x[8], v3 = y[8]; + int u4 = x[9], v4 = y[9]; + + long a0 = (long)x0 * y0; + long a1 = (long)x0 * y1 + + (long)x1 * y0; + long a2 = (long)x0 * y2 + + (long)x1 * y1 + + (long)x2 * y0; + long a3 = (long)x1 * y2 + + (long)x2 * y1; + a3 <<= 1; + a3 += (long)x0 * y3 + + (long)x3 * y0; + long a4 = (long)x2 * y2; + a4 <<= 1; + a4 += (long)x0 * y4 + + (long)x1 * y3 + + (long)x3 * y1 + + (long)x4 * y0; + long a5 = (long)x1 * y4 + + (long)x2 * y3 + + (long)x3 * y2 + + (long)x4 * y1; + a5 <<= 1; + long a6 = (long)x2 * y4 + + (long)x4 * y2; + a6 <<= 1; + a6 += (long)x3 * y3; + long a7 = (long)x3 * y4 + + (long)x4 * y3; + long a8 = (long)x4 * y4; + a8 <<= 1; + + long b0 = (long)u0 * v0; + long b1 = (long)u0 * v1 + + (long)u1 * v0; + long b2 = (long)u0 * v2 + + (long)u1 * v1 + + (long)u2 * v0; + long b3 = (long)u1 * v2 + + (long)u2 * v1; + b3 <<= 1; + b3 += (long)u0 * v3 + + (long)u3 * v0; + long b4 = (long)u2 * v2; + b4 <<= 1; + b4 += (long)u0 * v4 + + (long)u1 * v3 + + (long)u3 * v1 + + (long)u4 * v0; + long b5 = (long)u1 * v4 + + (long)u2 * v3 + + (long)u3 * v2 + + (long)u4 * v1; + //b5 <<= 1; + long b6 = (long)u2 * v4 + + (long)u4 * v2; + b6 <<= 1; + b6 += (long)u3 * v3; + long b7 = (long)u3 * v4 + + (long)u4 * v3; + long b8 = (long)u4 * v4; + //b8 <<= 1; + + a0 -= b5 * 76; + a1 -= b6 * 38; + a2 -= b7 * 38; + a3 -= b8 * 76; + + a5 -= b0; + a6 -= b1; + a7 -= b2; + a8 -= b3; + //long a9 = -b4; + + x0 += u0; y0 += v0; + x1 += u1; y1 += v1; + x2 += u2; y2 += v2; + x3 += u3; y3 += v3; + x4 += u4; y4 += v4; + + long c0 = (long)x0 * y0; + long c1 = (long)x0 * y1 + + (long)x1 * y0; + long c2 = (long)x0 * y2 + + (long)x1 * y1 + + (long)x2 * y0; + long c3 = (long)x1 * y2 + + (long)x2 * y1; + c3 <<= 1; + c3 += (long)x0 * y3 + + (long)x3 * y0; + long c4 = (long)x2 * y2; + c4 <<= 1; + c4 += (long)x0 * y4 + + (long)x1 * y3 + + (long)x3 * y1 + + (long)x4 * y0; + long c5 = (long)x1 * y4 + + (long)x2 * y3 + + (long)x3 * y2 + + (long)x4 * y1; + c5 <<= 1; + long c6 = (long)x2 * y4 + + (long)x4 * y2; + c6 <<= 1; + c6 += (long)x3 * y3; + long c7 = (long)x3 * y4 + + (long)x4 * y3; + long c8 = (long)x4 * y4; + c8 <<= 1; + + int z8, z9; + long t; + + t = a8 + (c3 - a3); + z8 = (int)t & M26; t >>= 26; + //t += a9 + (c4 - a4); + t += (c4 - a4) - b4; + //z9 = (int)t & M24; t >>= 24; + //t = a0 + (t + ((c5 - a5) << 1)) * 19; + z9 = (int)t & M25; t >>= 25; + t = a0 + (t + c5 - a5) * 38; + z[0] = (int)t & M26; t >>= 26; + t += a1 + (c6 - a6) * 38; + z[1] = (int)t & M26; t >>= 26; + t += a2 + (c7 - a7) * 38; + z[2] = (int)t & M25; t >>= 25; + t += a3 + (c8 - a8) * 38; + z[3] = (int)t & M26; t >>= 26; + //t += a4 - a9 * 38; + t += a4 + b4 * 38; + z[4] = (int)t & M25; t >>= 25; + t += a5 + (c0 - a0); + z[5] = (int)t & M26; t >>= 26; + t += a6 + (c1 - a1); + z[6] = (int)t & M26; t >>= 26; + t += a7 + (c2 - a2); + z[7] = (int)t & M25; t >>= 25; + t += z8; + z[8] = (int)t & M26; t >>= 26; + z[9] = z9 + (int)t; + } + + public static void Negate(int[] x, int[] z) + { + for (int i = 0; i < Size; ++i) + { + z[i] = -x[i]; + } + } + + public static void Normalize(int[] z) + { + int x = (z[9] >> 23) & 1; + Reduce(z, x); + Reduce(z, -x); + Debug.Assert(z[9] >> 24 == 0); + } + + public static void One(int[] z) + { + z[0] = 1; + for (int i = 1; i < Size; ++i) + { + z[i] = 0; + } + } + + private static void PowPm5d8(int[] x, int[] rx2, int[] rz) + { + // z = x^((p-5)/8) = x^FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFD + // (250 1s) (1 0s) (1 1s) + // Addition chain: [1] 2 3 5 10 15 25 50 75 125 [250] + + int[] x2 = rx2; Sqr(x, x2); Mul(x, x2, x2); + int[] x3 = Create(); Sqr(x2, x3); Mul(x, x3, x3); + int[] x5 = x3; Sqr(x3, 2, x5); Mul(x2, x5, x5); + int[] x10 = Create(); Sqr(x5, 5, x10); Mul(x5, x10, x10); + int[] x15 = Create(); Sqr(x10, 5, x15); Mul(x5, x15, x15); + int[] x25 = x5; Sqr(x15, 10, x25); Mul(x10, x25, x25); + int[] x50 = x10; Sqr(x25, 25, x50); Mul(x25, x50, x50); + int[] x75 = x15; Sqr(x50, 25, x75); Mul(x25, x75, x75); + int[] x125 = x25; Sqr(x75, 50, x125); Mul(x50, x125, x125); + int[] x250 = x50; Sqr(x125, 125, x250); Mul(x125, x250, x250); + + int[] t = x125; + Sqr(x250, 2, t); + Mul(t, x, rz); + } + + private static void Reduce(int[] z, int x) + { + int t = z[9], z9 = t & M24; + t = (t >> 24) + x; + + long cc = t * 19; + cc += z[0]; z[0] = (int)cc & M26; cc >>= 26; + cc += z[1]; z[1] = (int)cc & M26; cc >>= 26; + cc += z[2]; z[2] = (int)cc & M25; cc >>= 25; + cc += z[3]; z[3] = (int)cc & M26; cc >>= 26; + cc += z[4]; z[4] = (int)cc & M25; cc >>= 25; + cc += z[5]; z[5] = (int)cc & M26; cc >>= 26; + cc += z[6]; z[6] = (int)cc & M26; cc >>= 26; + cc += z[7]; z[7] = (int)cc & M25; cc >>= 25; + cc += z[8]; z[8] = (int)cc & M26; cc >>= 26; + z[9] = z9 + (int)cc; + } + + public static void Sqr(int[] x, int[] z) + { + int x0 = x[0]; + int x1 = x[1]; + int x2 = x[2]; + int x3 = x[3]; + int x4 = x[4]; + + int u0 = x[5]; + int u1 = x[6]; + int u2 = x[7]; + int u3 = x[8]; + int u4 = x[9]; + + int x1_2 = x1 * 2; + int x2_2 = x2 * 2; + int x3_2 = x3 * 2; + int x4_2 = x4 * 2; + + long a0 = (long)x0 * x0; + long a1 = (long)x0 * x1_2; + long a2 = (long)x0 * x2_2 + + (long)x1 * x1; + long a3 = (long)x1_2 * x2_2 + + (long)x0 * x3_2; + long a4 = (long)x2 * x2_2 + + (long)x0 * x4_2 + + (long)x1 * x3_2; + long a5 = (long)x1_2 * x4_2 + + (long)x2_2 * x3_2; + long a6 = (long)x2_2 * x4_2 + + (long)x3 * x3; + long a7 = (long)x3 * x4_2; + long a8 = (long)x4 * x4_2; + + int u1_2 = u1 * 2; + int u2_2 = u2 * 2; + int u3_2 = u3 * 2; + int u4_2 = u4 * 2; + + long b0 = (long)u0 * u0; + long b1 = (long)u0 * u1_2; + long b2 = (long)u0 * u2_2 + + (long)u1 * u1; + long b3 = (long)u1_2 * u2_2 + + (long)u0 * u3_2; + long b4 = (long)u2 * u2_2 + + (long)u0 * u4_2 + + (long)u1 * u3_2; + long b5 = (long)u1_2 * u4_2 + + (long)u2_2 * u3_2; + long b6 = (long)u2_2 * u4_2 + + (long)u3 * u3; + long b7 = (long)u3 * u4_2; + long b8 = (long)u4 * u4_2; + + a0 -= b5 * 38; + a1 -= b6 * 38; + a2 -= b7 * 38; + a3 -= b8 * 38; + + a5 -= b0; + a6 -= b1; + a7 -= b2; + a8 -= b3; + //long a9 = -b4; + + x0 += u0; + x1 += u1; + x2 += u2; + x3 += u3; + x4 += u4; + + x1_2 = x1 * 2; + x2_2 = x2 * 2; + x3_2 = x3 * 2; + x4_2 = x4 * 2; + + long c0 = (long)x0 * x0; + long c1 = (long)x0 * x1_2; + long c2 = (long)x0 * x2_2 + + (long)x1 * x1; + long c3 = (long)x1_2 * x2_2 + + (long)x0 * x3_2; + long c4 = (long)x2 * x2_2 + + (long)x0 * x4_2 + + (long)x1 * x3_2; + long c5 = (long)x1_2 * x4_2 + + (long)x2_2 * x3_2; + long c6 = (long)x2_2 * x4_2 + + (long)x3 * x3; + long c7 = (long)x3 * x4_2; + long c8 = (long)x4 * x4_2; + + int z8, z9; + long t; + + t = a8 + (c3 - a3); + z8 = (int)t & M26; t >>= 26; + //t += a9 + (c4 - a4); + t += (c4 - a4) - b4; + //z9 = (int)t & M24; t >>= 24; + //t = a0 + (t + ((c5 - a5) << 1)) * 19; + z9 = (int)t & M25; t >>= 25; + t = a0 + (t + c5 - a5) * 38; + z[0] = (int)t & M26; t >>= 26; + t += a1 + (c6 - a6) * 38; + z[1] = (int)t & M26; t >>= 26; + t += a2 + (c7 - a7) * 38; + z[2] = (int)t & M25; t >>= 25; + t += a3 + (c8 - a8) * 38; + z[3] = (int)t & M26; t >>= 26; + //t += a4 - a9 * 38; + t += a4 + b4 * 38; + z[4] = (int)t & M25; t >>= 25; + t += a5 + (c0 - a0); + z[5] = (int)t & M26; t >>= 26; + t += a6 + (c1 - a1); + z[6] = (int)t & M26; t >>= 26; + t += a7 + (c2 - a2); + z[7] = (int)t & M25; t >>= 25; + t += z8; + z[8] = (int)t & M26; t >>= 26; + z[9] = z9 + (int)t; + } + + public static void Sqr(int[] x, int n, int[] z) + { + Debug.Assert(n > 0); + + Sqr(x, z); + + while (--n > 0) + { + Sqr(z, z); + } + } + + public static bool SqrtRatioVar(int[] u, int[] v, int[] z) + { + int[] uv3 = Create(); + int[] uv7 = Create(); + + Mul(u, v, uv3); + Sqr(v, uv7); + Mul(uv3, uv7, uv3); + Sqr(uv7, uv7); + Mul(uv7, uv3, uv7); + + int[] t = Create(); + int[] x = Create(); + PowPm5d8(uv7, t, x); + Mul(x, uv3, x); + + int[] vx2 = Create(); + Sqr(x, vx2); + Mul(vx2, v, vx2); + + Sub(vx2, u, t); + Normalize(t); + if (IsZeroVar(t)) + { + Copy(x, 0, z, 0); + return true; + } + + Add(vx2, u, t); + Normalize(t); + if (IsZeroVar(t)) + { + Mul(x, RootNegOne, z); + return true; + } + + return false; + } + + public static void Sub(int[] x, int[] y, int[] z) + { + for (int i = 0; i < Size; ++i) + { + z[i] = x[i] - y[i]; + } + } + + public static void SubOne(int[] z) + { + z[0] -= 1; + } + + public static void Zero(int[] z) + { + for (int i = 0; i < Size; ++i) + { + z[i] = 0; + } + } + } +} diff --git a/BouncyCastle/crypto/src/math/ec/rfc7748/X448.cs b/BouncyCastle/crypto/src/math/ec/rfc7748/X448.cs new file mode 100644 index 0000000..061a131 --- /dev/null +++ b/BouncyCastle/crypto/src/math/ec/rfc7748/X448.cs @@ -0,0 +1,168 @@ +using System; +using System.Diagnostics; + +using Org.BouncyCastle.Math.EC.Rfc8032; +using Org.BouncyCastle.Security; +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Math.EC.Rfc7748 +{ + public abstract class X448 + { + public const int PointSize = 56; + public const int ScalarSize = 56; + + private class F : X448Field {}; + + private const uint C_A = 156326; + private const uint C_A24 = (C_A + 2)/4; + + //private static readonly uint[] Sqrt156324 = { 0x0551B193U, 0x07A21E17U, 0x0E635AD3U, 0x00812ABBU, 0x025B3F99U, 0x01605224U, + // 0x0AF8CB32U, 0x0D2E7D68U, 0x06BA50FDU, 0x08E55693U, 0x0CB08EB4U, 0x02ABEBC1U, 0x051BA0BBU, 0x02F8812EU, 0x0829B611U, + // 0x0BA4D3A0U }; + + public static bool CalculateAgreement(byte[] k, int kOff, byte[] u, int uOff, byte[] r, int rOff) + { + ScalarMult(k, kOff, u, uOff, r, rOff); + return !Arrays.AreAllZeroes(r, rOff, PointSize); + } + + private static uint Decode32(byte[] bs, int off) + { + uint n = bs[off]; + n |= (uint)bs[++off] << 8; + n |= (uint)bs[++off] << 16; + n |= (uint)bs[++off] << 24; + return n; + } + + private static void DecodeScalar(byte[] k, int kOff, uint[] n) + { + for (int i = 0; i < 14; ++i) + { + n[i] = Decode32(k, kOff + i * 4); + } + + n[ 0] &= 0xFFFFFFFCU; + n[13] |= 0x80000000U; + } + + public static void GeneratePrivateKey(SecureRandom random, byte[] k) + { + random.NextBytes(k); + + k[0] &= 0xFC; + k[ScalarSize - 1] |= 0x80; + } + + public static void GeneratePublicKey(byte[] k, int kOff, byte[] r, int rOff) + { + ScalarMultBase(k, kOff, r, rOff); + } + + private static void PointDouble(uint[] x, uint[] z) + { + uint[] a = F.Create(); + uint[] b = F.Create(); + + //F.Apm(x, z, a, b); + F.Add(x, z, a); + F.Sub(x, z, b); + F.Sqr(a, a); + F.Sqr(b, b); + F.Mul(a, b, x); + F.Sub(a, b, a); + F.Mul(a, C_A24, z); + F.Add(z, b, z); + F.Mul(z, a, z); + } + + public static void Precompute() + { + Ed448.Precompute(); + } + + public static void ScalarMult(byte[] k, int kOff, byte[] u, int uOff, byte[] r, int rOff) + { + uint[] n = new uint[14]; DecodeScalar(k, kOff, n); + + uint[] x1 = F.Create(); F.Decode(u, uOff, x1); + uint[] x2 = F.Create(); F.Copy(x1, 0, x2, 0); + uint[] z2 = F.Create(); z2[0] = 1; + uint[] x3 = F.Create(); x3[0] = 1; + uint[] z3 = F.Create(); + + uint[] t1 = F.Create(); + uint[] t2 = F.Create(); + + Debug.Assert(n[13] >> 31 == 1U); + + int bit = 447, swap = 1; + do + { + //F.Apm(x3, z3, t1, x3); + F.Add(x3, z3, t1); + F.Sub(x3, z3, x3); + //F.Apm(x2, z2, z3, x2); + F.Add(x2, z2, z3); + F.Sub(x2, z2, x2); + + F.Mul(t1, x2, t1); + F.Mul(x3, z3, x3); + F.Sqr(z3, z3); + F.Sqr(x2, x2); + + F.Sub(z3, x2, t2); + F.Mul(t2, C_A24, z2); + F.Add(z2, x2, z2); + F.Mul(z2, t2, z2); + F.Mul(x2, z3, x2); + + //F.Apm(t1, x3, x3, z3); + F.Sub(t1, x3, z3); + F.Add(t1, x3, x3); + F.Sqr(x3, x3); + F.Sqr(z3, z3); + F.Mul(z3, x1, z3); + + --bit; + + int word = bit >> 5, shift = bit & 0x1F; + int kt = (int)(n[word] >> shift) & 1; + swap ^= kt; + F.CSwap(swap, x2, x3); + F.CSwap(swap, z2, z3); + swap = kt; + } + while (bit >= 2); + + Debug.Assert(swap == 0); + + for (int i = 0; i < 2; ++i) + { + PointDouble(x2, z2); + } + + F.Inv(z2, z2); + F.Mul(x2, z2, x2); + + F.Normalize(x2); + F.Encode(x2, r, rOff); + } + + public static void ScalarMultBase(byte[] k, int kOff, byte[] r, int rOff) + { + uint[] x = F.Create(); + uint[] y = F.Create(); + + Ed448.ScalarMultBaseXY(k, kOff, x, y); + + F.Inv(x, x); + F.Mul(x, y, x); + F.Sqr(x, x); + + F.Normalize(x); + F.Encode(x, r, rOff); + } + } +} diff --git a/BouncyCastle/crypto/src/math/ec/rfc7748/X448Field.cs b/BouncyCastle/crypto/src/math/ec/rfc7748/X448Field.cs new file mode 100644 index 0000000..6d8c60e --- /dev/null +++ b/BouncyCastle/crypto/src/math/ec/rfc7748/X448Field.cs @@ -0,0 +1,1144 @@ +using System; +using System.Diagnostics; + +using Org.BouncyCastle.Math.Raw; + +namespace Org.BouncyCastle.Math.EC.Rfc7748 +{ + [CLSCompliantAttribute(false)] + public abstract class X448Field + { + public const int Size = 16; + + private const uint M28 = 0x0FFFFFFFU; + + private static readonly uint[] P32 = new uint[]{ 0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU, + 0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFEU, 0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU, + 0xFFFFFFFFU, 0xFFFFFFFFU }; + + protected X448Field() {} + + public static void Add(uint[] x, uint[] y, uint[] z) + { + for (int i = 0; i < Size; ++i) + { + z[i] = x[i] + y[i]; + } + } + + public static void AddOne(uint[] z) + { + z[0] += 1; + } + + public static void AddOne(uint[] z, int zOff) + { + z[zOff] += 1; + } + + //public static void Apm(int[] x, int[] y, int[] zp, int[] zm) + //{ + // for (int i = 0; i < Size; ++i) + // { + // int xi = x[i], yi = y[i]; + // zp[i] = xi + yi; + // zm[i] = xi - yi; + // } + //} + + public static int AreEqual(uint[] x, uint[] y) + { + uint d = 0; + for (int i = 0; i < Size; ++i) + { + d |= x[i] ^ y[i]; + } + d |= d >> 16; + d &= 0xFFFF; + return ((int)d - 1) >> 31; + } + + public static bool AreEqualVar(uint[] x, uint[] y) + { + return 0 != AreEqual(x, y); + } + + public static void Carry(uint[] z) + { + uint z0 = z[0], z1 = z[1], z2 = z[2], z3 = z[3], z4 = z[4], z5 = z[5], z6 = z[6], z7 = z[7]; + uint z8 = z[8], z9 = z[9], z10 = z[10], z11 = z[11], z12 = z[12], z13 = z[13], z14 = z[14], z15 = z[15]; + + z1 += (z0 >> 28); z0 &= M28; + z5 += (z4 >> 28); z4 &= M28; + z9 += (z8 >> 28); z8 &= M28; + z13 += (z12 >> 28); z12 &= M28; + + z2 += (z1 >> 28); z1 &= M28; + z6 += (z5 >> 28); z5 &= M28; + z10 += (z9 >> 28); z9 &= M28; + z14 += (z13 >> 28); z13 &= M28; + + z3 += (z2 >> 28); z2 &= M28; + z7 += (z6 >> 28); z6 &= M28; + z11 += (z10 >> 28); z10 &= M28; + z15 += (z14 >> 28); z14 &= M28; + + uint t = z15 >> 28; z15 &= M28; + z0 += t; + z8 += t; + + z4 += (z3 >> 28); z3 &= M28; + z8 += (z7 >> 28); z7 &= M28; + z12 += (z11 >> 28); z11 &= M28; + + z1 += (z0 >> 28); z0 &= M28; + z5 += (z4 >> 28); z4 &= M28; + z9 += (z8 >> 28); z8 &= M28; + z13 += (z12 >> 28); z12 &= M28; + + z[0] = z0; z[1] = z1; z[2] = z2; z[3] = z3; z[4] = z4; z[5] = z5; z[6] = z6; z[7] = z7; + z[8] = z8; z[9] = z9; z[10] = z10; z[11] = z11; z[12] = z12; z[13] = z13; z[14] = z14; z[15] = z15; + } + + public static void CMov(int cond, uint[] x, int xOff, uint[] z, int zOff) + { + Debug.Assert(0 == cond || -1 == cond); + + uint MASK = (uint)cond; + + for (int i = 0; i < Size; ++i) + { + uint z_i = z[zOff + i], diff = z_i ^ x[xOff + i]; + z_i ^= (diff & MASK); + z[zOff + i] = z_i; + } + } + + public static void CNegate(int negate, uint[] z) + { + Debug.Assert(negate >> 1 == 0); + + uint[] t = Create(); + Sub(t, z, t); + + CMov(-negate, t, 0, z, 0); + } + + public static void Copy(uint[] x, int xOff, uint[] z, int zOff) + { + for (int i = 0; i < Size; ++i) + { + z[zOff + i] = x[xOff + i]; + } + } + + public static uint[] Create() + { + return new uint[Size]; + } + + public static uint[] CreateTable(int n) + { + return new uint[Size * n]; + } + + public static void CSwap(int swap, uint[] a, uint[] b) + { + Debug.Assert(swap >> 1 == 0); + Debug.Assert(a != b); + + uint mask = (uint)(0 - swap); + for (int i = 0; i < Size; ++i) + { + uint ai = a[i], bi = b[i]; + uint dummy = mask & (ai ^ bi); + a[i] = ai ^ dummy; + b[i] = bi ^ dummy; + } + } + + public static void Decode(uint[] x, int xOff, uint[] z) + { + Decode224(x, xOff, z, 0); + Decode224(x, xOff + 7, z, 8); + } + + public static void Decode(byte[] x, int xOff, uint[] z) + { + Decode56(x, xOff, z, 0); + Decode56(x, xOff + 7, z, 2); + Decode56(x, xOff + 14, z, 4); + Decode56(x, xOff + 21, z, 6); + Decode56(x, xOff + 28, z, 8); + Decode56(x, xOff + 35, z, 10); + Decode56(x, xOff + 42, z, 12); + Decode56(x, xOff + 49, z, 14); + } + + private static void Decode224(uint[] x, int xOff, uint[] z, int zOff) + { + uint x0 = x[xOff + 0], x1 = x[xOff + 1], x2 = x[xOff + 2], x3 = x[xOff + 3]; + uint x4 = x[xOff + 4], x5 = x[xOff + 5], x6 = x[xOff + 6]; + + z[zOff + 0] = x0 & M28; + z[zOff + 1] = (x0 >> 28 | x1 << 4) & M28; + z[zOff + 2] = (x1 >> 24 | x2 << 8) & M28; + z[zOff + 3] = (x2 >> 20 | x3 << 12) & M28; + z[zOff + 4] = (x3 >> 16 | x4 << 16) & M28; + z[zOff + 5] = (x4 >> 12 | x5 << 20) & M28; + z[zOff + 6] = (x5 >> 8 | x6 << 24) & M28; + z[zOff + 7] = x6 >> 4; + } + + private static uint Decode24(byte[] bs, int off) + { + uint n = bs[off]; + n |= (uint)bs[++off] << 8; + n |= (uint)bs[++off] << 16; + return n; + } + + private static uint Decode32(byte[] bs, int off) + { + uint n = bs[off]; + n |= (uint)bs[++off] << 8; + n |= (uint)bs[++off] << 16; + n |= (uint)bs[++off] << 24; + return n; + } + + private static void Decode56(byte[] bs, int off, uint[] z, int zOff) + { + uint lo = Decode32(bs, off); + uint hi = Decode24(bs, off + 4); + z[zOff] = lo & M28; + z[zOff + 1] = (lo >> 28) | (hi << 4); + } + + public static void Encode(uint[] x, uint[] z, int zOff) + { + Encode224(x, 0, z, zOff); + Encode224(x, 8, z, zOff + 7); + } + + public static void Encode(uint[] x, byte[] z, int zOff) + { + Encode56(x, 0, z, zOff); + Encode56(x, 2, z, zOff + 7); + Encode56(x, 4, z, zOff + 14); + Encode56(x, 6, z, zOff + 21); + Encode56(x, 8, z, zOff + 28); + Encode56(x, 10, z, zOff + 35); + Encode56(x, 12, z, zOff + 42); + Encode56(x, 14, z, zOff + 49); + } + + private static void Encode224(uint[] x, int xOff, uint[] z, int zOff) + { + uint x0 = x[xOff + 0], x1 = x[xOff + 1], x2 = x[xOff + 2], x3 = x[xOff + 3]; + uint x4 = x[xOff + 4], x5 = x[xOff + 5], x6 = x[xOff + 6], x7 = x[xOff + 7]; + + z[zOff + 0] = x0 | (x1 << 28); + z[zOff + 1] = (x1 >> 4) | (x2 << 24); + z[zOff + 2] = (x2 >> 8) | (x3 << 20); + z[zOff + 3] = (x3 >> 12) | (x4 << 16); + z[zOff + 4] = (x4 >> 16) | (x5 << 12); + z[zOff + 5] = (x5 >> 20) | (x6 << 8); + z[zOff + 6] = (x6 >> 24) | (x7 << 4); + } + + private static void Encode24(uint n, byte[] bs, int off) + { + bs[ off] = (byte)(n ); + bs[++off] = (byte)(n >> 8); + bs[++off] = (byte)(n >> 16); + } + + private static void Encode32(uint n, byte[] bs, int off) + { + bs[ off] = (byte)(n ); + bs[++off] = (byte)(n >> 8); + bs[++off] = (byte)(n >> 16); + bs[++off] = (byte)(n >> 24); + } + + private static void Encode56(uint[] x, int xOff, byte[] bs, int off) + { + uint lo = x[xOff], hi = x[xOff + 1]; + Encode32(lo | (hi << 28), bs, off); + Encode24(hi >> 4, bs, off + 4); + } + + public static void Inv(uint[] x, uint[] z) + { + //uint[] t = Create(); + //PowPm3d4(x, t); + //Sqr(t, 2, t); + //Mul(t, x, z); + + uint[] t = Create(); + uint[] u = new uint[14]; + + Copy(x, 0, t, 0); + Normalize(t); + Encode(t, u, 0); + + Mod.ModOddInverse(P32, u, u); + + Decode(u, 0, z); + } + + public static void InvVar(uint[] x, uint[] z) + { + uint[] t = Create(); + uint[] u = new uint[14]; + + Copy(x, 0, t, 0); + Normalize(t); + Encode(t, u, 0); + + Mod.ModOddInverseVar(P32, u, u); + + Decode(u, 0, z); + } + + public static int IsOne(uint[] x) + { + uint d = x[0] ^ 1; + for (int i = 1; i < Size; ++i) + { + d |= x[i]; + } + d |= d >> 16; + d &= 0xFFFF; + return ((int)d - 1) >> 31; + } + + public static bool IsOneVar(uint[] x) + { + return 0 != IsOne(x); + } + + public static int IsZero(uint[] x) + { + uint d = 0; + for (int i = 0; i < Size; ++i) + { + d |= x[i]; + } + d |= d >> 16; + d &= 0xFFFF; + return ((int)d - 1) >> 31; + } + + public static bool IsZeroVar(uint[] x) + { + return 0U != IsZero(x); + } + + public static void Mul(uint[] x, uint y, uint[] z) + { + uint x0 = x[0], x1 = x[1], x2 = x[2], x3 = x[3], x4 = x[4], x5 = x[5], x6 = x[6], x7 = x[7]; + uint x8 = x[8], x9 = x[9], x10 = x[10], x11 = x[11], x12 = x[12], x13 = x[13], x14 = x[14], x15 = x[15]; + + uint z1, z5, z9, z13; + ulong c, d, e, f; + + c = (ulong)x1 * y; + z1 = (uint)c & M28; c >>= 28; + d = (ulong)x5 * y; + z5 = (uint)d & M28; d >>= 28; + e = (ulong)x9 * y; + z9 = (uint)e & M28; e >>= 28; + f = (ulong)x13 * y; + z13 = (uint)f & M28; f >>= 28; + + c += (ulong)x2 * y; + z[2] = (uint)c & M28; c >>= 28; + d += (ulong)x6 * y; + z[6] = (uint)d & M28; d >>= 28; + e += (ulong)x10 * y; + z[10] = (uint)e & M28; e >>= 28; + f += (ulong)x14 * y; + z[14] = (uint)f & M28; f >>= 28; + + c += (ulong)x3 * y; + z[3] = (uint)c & M28; c >>= 28; + d += (ulong)x7 * y; + z[7] = (uint)d & M28; d >>= 28; + e += (ulong)x11 * y; + z[11] = (uint)e & M28; e >>= 28; + f += (ulong)x15 * y; + z[15] = (uint)f & M28; f >>= 28; + + d += f; + + c += (ulong)x4 * y; + z[4] = (uint)c & M28; c >>= 28; + d += (ulong)x8 * y; + z[8] = (uint)d & M28; d >>= 28; + e += (ulong)x12 * y; + z[12] = (uint)e & M28; e >>= 28; + f += (ulong)x0 * y; + z[0] = (uint)f & M28; f >>= 28; + + z[1] = z1 + (uint)f; + z[5] = z5 + (uint)c; + z[9] = z9 + (uint)d; + z[13] = z13 + (uint)e; + } + + public static void Mul(uint[] x, uint[] y, uint[] z) + { + uint x0 = x[0]; + uint x1 = x[1]; + uint x2 = x[2]; + uint x3 = x[3]; + uint x4 = x[4]; + uint x5 = x[5]; + uint x6 = x[6]; + uint x7 = x[7]; + + uint u0 = x[8]; + uint u1 = x[9]; + uint u2 = x[10]; + uint u3 = x[11]; + uint u4 = x[12]; + uint u5 = x[13]; + uint u6 = x[14]; + uint u7 = x[15]; + + uint y0 = y[0]; + uint y1 = y[1]; + uint y2 = y[2]; + uint y3 = y[3]; + uint y4 = y[4]; + uint y5 = y[5]; + uint y6 = y[6]; + uint y7 = y[7]; + + uint v0 = y[8]; + uint v1 = y[9]; + uint v2 = y[10]; + uint v3 = y[11]; + uint v4 = y[12]; + uint v5 = y[13]; + uint v6 = y[14]; + uint v7 = y[15]; + + uint s0 = x0 + u0; + uint s1 = x1 + u1; + uint s2 = x2 + u2; + uint s3 = x3 + u3; + uint s4 = x4 + u4; + uint s5 = x5 + u5; + uint s6 = x6 + u6; + uint s7 = x7 + u7; + + uint t0 = y0 + v0; + uint t1 = y1 + v1; + uint t2 = y2 + v2; + uint t3 = y3 + v3; + uint t4 = y4 + v4; + uint t5 = y5 + v5; + uint t6 = y6 + v6; + uint t7 = y7 + v7; + + uint z0, z1, z2, z3, z4, z5, z6, z7, z8, z9, z10, z11, z12, z13, z14, z15; + ulong c, d; + + ulong f0 = (ulong)x0 * y0; + ulong f8 = (ulong)x7 * y1 + + (ulong)x6 * y2 + + (ulong)x5 * y3 + + (ulong)x4 * y4 + + (ulong)x3 * y5 + + (ulong)x2 * y6 + + (ulong)x1 * y7; + ulong g0 = (ulong)u0 * v0; + ulong g8 = (ulong)u7 * v1 + + (ulong)u6 * v2 + + (ulong)u5 * v3 + + (ulong)u4 * v4 + + (ulong)u3 * v5 + + (ulong)u2 * v6 + + (ulong)u1 * v7; + ulong h0 = (ulong)s0 * t0; + ulong h8 = (ulong)s7 * t1 + + (ulong)s6 * t2 + + (ulong)s5 * t3 + + (ulong)s4 * t4 + + (ulong)s3 * t5 + + (ulong)s2 * t6 + + (ulong)s1 * t7; + + c = f0 + g0 + h8 - f8; + z0 = (uint)c & M28; c >>= 28; + d = g8 + h0 - f0 + h8; + z8 = (uint)d & M28; d >>= 28; + + ulong f1 = (ulong)x1 * y0 + + (ulong)x0 * y1; + ulong f9 = (ulong)x7 * y2 + + (ulong)x6 * y3 + + (ulong)x5 * y4 + + (ulong)x4 * y5 + + (ulong)x3 * y6 + + (ulong)x2 * y7; + ulong g1 = (ulong)u1 * v0 + + (ulong)u0 * v1; + ulong g9 = (ulong)u7 * v2 + + (ulong)u6 * v3 + + (ulong)u5 * v4 + + (ulong)u4 * v5 + + (ulong)u3 * v6 + + (ulong)u2 * v7; + ulong h1 = (ulong)s1 * t0 + + (ulong)s0 * t1; + ulong h9 = (ulong)s7 * t2 + + (ulong)s6 * t3 + + (ulong)s5 * t4 + + (ulong)s4 * t5 + + (ulong)s3 * t6 + + (ulong)s2 * t7; + + c += f1 + g1 + h9 - f9; + z1 = (uint)c & M28; c >>= 28; + d += g9 + h1 - f1 + h9; + z9 = (uint)d & M28; d >>= 28; + + ulong f2 = (ulong)x2 * y0 + + (ulong)x1 * y1 + + (ulong)x0 * y2; + ulong f10 = (ulong)x7 * y3 + + (ulong)x6 * y4 + + (ulong)x5 * y5 + + (ulong)x4 * y6 + + (ulong)x3 * y7; + ulong g2 = (ulong)u2 * v0 + + (ulong)u1 * v1 + + (ulong)u0 * v2; + ulong g10 = (ulong)u7 * v3 + + (ulong)u6 * v4 + + (ulong)u5 * v5 + + (ulong)u4 * v6 + + (ulong)u3 * v7; + ulong h2 = (ulong)s2 * t0 + + (ulong)s1 * t1 + + (ulong)s0 * t2; + ulong h10 = (ulong)s7 * t3 + + (ulong)s6 * t4 + + (ulong)s5 * t5 + + (ulong)s4 * t6 + + (ulong)s3 * t7; + + c += f2 + g2 + h10 - f10; + z2 = (uint)c & M28; c >>= 28; + d += g10 + h2 - f2 + h10; + z10 = (uint)d & M28; d >>= 28; + + ulong f3 = (ulong)x3 * y0 + + (ulong)x2 * y1 + + (ulong)x1 * y2 + + (ulong)x0 * y3; + ulong f11 = (ulong)x7 * y4 + + (ulong)x6 * y5 + + (ulong)x5 * y6 + + (ulong)x4 * y7; + ulong g3 = (ulong)u3 * v0 + + (ulong)u2 * v1 + + (ulong)u1 * v2 + + (ulong)u0 * v3; + ulong g11 = (ulong)u7 * v4 + + (ulong)u6 * v5 + + (ulong)u5 * v6 + + (ulong)u4 * v7; + ulong h3 = (ulong)s3 * t0 + + (ulong)s2 * t1 + + (ulong)s1 * t2 + + (ulong)s0 * t3; + ulong h11 = (ulong)s7 * t4 + + (ulong)s6 * t5 + + (ulong)s5 * t6 + + (ulong)s4 * t7; + + c += f3 + g3 + h11 - f11; + z3 = (uint)c & M28; c >>= 28; + d += g11 + h3 - f3 + h11; + z11 = (uint)d & M28; d >>= 28; + + ulong f4 = (ulong)x4 * y0 + + (ulong)x3 * y1 + + (ulong)x2 * y2 + + (ulong)x1 * y3 + + (ulong)x0 * y4; + ulong f12 = (ulong)x7 * y5 + + (ulong)x6 * y6 + + (ulong)x5 * y7; + ulong g4 = (ulong)u4 * v0 + + (ulong)u3 * v1 + + (ulong)u2 * v2 + + (ulong)u1 * v3 + + (ulong)u0 * v4; + ulong g12 = (ulong)u7 * v5 + + (ulong)u6 * v6 + + (ulong)u5 * v7; + ulong h4 = (ulong)s4 * t0 + + (ulong)s3 * t1 + + (ulong)s2 * t2 + + (ulong)s1 * t3 + + (ulong)s0 * t4; + ulong h12 = (ulong)s7 * t5 + + (ulong)s6 * t6 + + (ulong)s5 * t7; + + c += f4 + g4 + h12 - f12; + z4 = (uint)c & M28; c >>= 28; + d += g12 + h4 - f4 + h12; + z12 = (uint)d & M28; d >>= 28; + + ulong f5 = (ulong)x5 * y0 + + (ulong)x4 * y1 + + (ulong)x3 * y2 + + (ulong)x2 * y3 + + (ulong)x1 * y4 + + (ulong)x0 * y5; + ulong f13 = (ulong)x7 * y6 + + (ulong)x6 * y7; + ulong g5 = (ulong)u5 * v0 + + (ulong)u4 * v1 + + (ulong)u3 * v2 + + (ulong)u2 * v3 + + (ulong)u1 * v4 + + (ulong)u0 * v5; + ulong g13 = (ulong)u7 * v6 + + (ulong)u6 * v7; + ulong h5 = (ulong)s5 * t0 + + (ulong)s4 * t1 + + (ulong)s3 * t2 + + (ulong)s2 * t3 + + (ulong)s1 * t4 + + (ulong)s0 * t5; + ulong h13 = (ulong)s7 * t6 + + (ulong)s6 * t7; + + c += f5 + g5 + h13 - f13; + z5 = (uint)c & M28; c >>= 28; + d += g13 + h5 - f5 + h13; + z13 = (uint)d & M28; d >>= 28; + + ulong f6 = (ulong)x6 * y0 + + (ulong)x5 * y1 + + (ulong)x4 * y2 + + (ulong)x3 * y3 + + (ulong)x2 * y4 + + (ulong)x1 * y5 + + (ulong)x0 * y6; + ulong f14 = (ulong)x7 * y7; + ulong g6 = (ulong)u6 * v0 + + (ulong)u5 * v1 + + (ulong)u4 * v2 + + (ulong)u3 * v3 + + (ulong)u2 * v4 + + (ulong)u1 * v5 + + (ulong)u0 * v6; + ulong g14 = (ulong)u7 * v7; + ulong h6 = (ulong)s6 * t0 + + (ulong)s5 * t1 + + (ulong)s4 * t2 + + (ulong)s3 * t3 + + (ulong)s2 * t4 + + (ulong)s1 * t5 + + (ulong)s0 * t6; + ulong h14 = (ulong)s7 * t7; + + c += f6 + g6 + h14 - f14; + z6 = (uint)c & M28; c >>= 28; + d += g14 + h6 - f6 + h14; + z14 = (uint)d & M28; d >>= 28; + + ulong f7 = (ulong)x7 * y0 + + (ulong)x6 * y1 + + (ulong)x5 * y2 + + (ulong)x4 * y3 + + (ulong)x3 * y4 + + (ulong)x2 * y5 + + (ulong)x1 * y6 + + (ulong)x0 * y7; + ulong g7 = (ulong)u7 * v0 + + (ulong)u6 * v1 + + (ulong)u5 * v2 + + (ulong)u4 * v3 + + (ulong)u3 * v4 + + (ulong)u2 * v5 + + (ulong)u1 * v6 + + (ulong)u0 * v7; + ulong h7 = (ulong)s7 * t0 + + (ulong)s6 * t1 + + (ulong)s5 * t2 + + (ulong)s4 * t3 + + (ulong)s3 * t4 + + (ulong)s2 * t5 + + (ulong)s1 * t6 + + (ulong)s0 * t7; + + c += f7 + g7; + z7 = (uint)c & M28; c >>= 28; + d += h7 - f7; + z15 = (uint)d & M28; d >>= 28; + + c += d; + + c += z8; + z8 = (uint)c & M28; c >>= 28; + d += z0; + z0 = (uint)d & M28; d >>= 28; + z9 += (uint)c; + z1 += (uint)d; + + z[0] = z0; + z[1] = z1; + z[2] = z2; + z[3] = z3; + z[4] = z4; + z[5] = z5; + z[6] = z6; + z[7] = z7; + z[8] = z8; + z[9] = z9; + z[10] = z10; + z[11] = z11; + z[12] = z12; + z[13] = z13; + z[14] = z14; + z[15] = z15; + } + + public static void Negate(uint[] x, uint[] z) + { + uint[] zero = Create(); + Sub(zero, x, z); + } + + public static void Normalize(uint[] z) + { + //int x = (z[15] >> (28 - 1)) & 1; + Reduce(z, 1); + Reduce(z, -1); + Debug.Assert(z[15] >> 28 == 0U); + } + + public static void One(uint[] z) + { + z[0] = 1U; + for (int i = 1; i < Size; ++i) + { + z[i] = 0; + } + } + + private static void PowPm3d4(uint[] x, uint[] z) + { + // z = x^((p-3)/4) = x^(2^446 - 2^222 - 1) + // (223 1s) (1 0s) (222 1s) + // Addition chain: 1 2 3 6 9 18 19 37 74 111 [222] [223] + uint[] x2 = Create(); Sqr(x, x2); Mul(x, x2, x2); + uint[] x3 = Create(); Sqr(x2, x3); Mul(x, x3, x3); + uint[] x6 = Create(); Sqr(x3, 3, x6); Mul(x3, x6, x6); + uint[] x9 = Create(); Sqr(x6, 3, x9); Mul(x3, x9, x9); + uint[] x18 = Create(); Sqr(x9, 9, x18); Mul(x9, x18, x18); + uint[] x19 = Create(); Sqr(x18, x19); Mul(x, x19, x19); + uint[] x37 = Create(); Sqr(x19, 18, x37); Mul(x18, x37, x37); + uint[] x74 = Create(); Sqr(x37, 37, x74); Mul(x37, x74, x74); + uint[] x111 = Create(); Sqr(x74, 37, x111); Mul(x37, x111, x111); + uint[] x222 = Create(); Sqr(x111, 111, x222); Mul(x111, x222, x222); + uint[] x223 = Create(); Sqr(x222, x223); Mul(x, x223, x223); + + uint[] t = Create(); + Sqr(x223, 223, t); + Mul(t, x222, z); + } + + private static void Reduce(uint[] z, int x) + { + uint u = z[15], z15 = u & M28; + int t = (int)(u >> 28) + x; + + long cc = t; + for (int i = 0; i < 8; ++i) + { + cc += z[i]; z[i] = (uint)cc & M28; cc >>= 28; + } + cc += t; + for (int i = 8; i < 15; ++i) + { + cc += z[i]; z[i] = (uint)cc & M28; cc >>= 28; + } + z[15] = z15 + (uint)cc; + } + + public static void Sqr(uint[] x, uint[] z) + { + uint x0 = x[0]; + uint x1 = x[1]; + uint x2 = x[2]; + uint x3 = x[3]; + uint x4 = x[4]; + uint x5 = x[5]; + uint x6 = x[6]; + uint x7 = x[7]; + + uint u0 = x[8]; + uint u1 = x[9]; + uint u2 = x[10]; + uint u3 = x[11]; + uint u4 = x[12]; + uint u5 = x[13]; + uint u6 = x[14]; + uint u7 = x[15]; + + uint x0_2 = x0 * 2; + uint x1_2 = x1 * 2; + uint x2_2 = x2 * 2; + uint x3_2 = x3 * 2; + uint x4_2 = x4 * 2; + uint x5_2 = x5 * 2; + uint x6_2 = x6 * 2; + + uint u0_2 = u0 * 2; + uint u1_2 = u1 * 2; + uint u2_2 = u2 * 2; + uint u3_2 = u3 * 2; + uint u4_2 = u4 * 2; + uint u5_2 = u5 * 2; + uint u6_2 = u6 * 2; + + uint s0 = x0 + u0; + uint s1 = x1 + u1; + uint s2 = x2 + u2; + uint s3 = x3 + u3; + uint s4 = x4 + u4; + uint s5 = x5 + u5; + uint s6 = x6 + u6; + uint s7 = x7 + u7; + + uint s0_2 = s0 * 2; + uint s1_2 = s1 * 2; + uint s2_2 = s2 * 2; + uint s3_2 = s3 * 2; + uint s4_2 = s4 * 2; + uint s5_2 = s5 * 2; + uint s6_2 = s6 * 2; + + uint z0, z1, z2, z3, z4, z5, z6, z7, z8, z9, z10, z11, z12, z13, z14, z15; + ulong c, d; + + ulong f0 = (ulong)x0 * x0; + ulong f8 = (ulong)x7 * x1_2 + + (ulong)x6 * x2_2 + + (ulong)x5 * x3_2 + + (ulong)x4 * x4; + ulong g0 = (ulong)u0 * u0; + ulong g8 = (ulong)u7 * u1_2 + + (ulong)u6 * u2_2 + + (ulong)u5 * u3_2 + + (ulong)u4 * u4; + ulong h0 = (ulong)s0 * s0; + ulong h8 = (ulong)s7 * s1_2 + + (ulong)s6 * s2_2 + + (ulong)s5 * s3_2 + + (ulong)s4 * s4; + + c = f0 + g0 + h8 - f8; + z0 = (uint)c & M28; c >>= 28; + d = g8 + h0 - f0 + h8; + z8 = (uint)d & M28; d >>= 28; + + ulong f1 = (ulong)x1 * x0_2; + ulong f9 = (ulong)x7 * x2_2 + + (ulong)x6 * x3_2 + + (ulong)x5 * x4_2; + ulong g1 = (ulong)u1 * u0_2; + ulong g9 = (ulong)u7 * u2_2 + + (ulong)u6 * u3_2 + + (ulong)u5 * u4_2; + ulong h1 = (ulong)s1 * s0_2; + ulong h9 = (ulong)s7 * s2_2 + + (ulong)s6 * s3_2 + + (ulong)s5 * s4_2; + + c += f1 + g1 + h9 - f9; + z1 = (uint)c & M28; c >>= 28; + d += g9 + h1 - f1 + h9; + z9 = (uint)d & M28; d >>= 28; + + ulong f2 = (ulong)x2 * x0_2 + + (ulong)x1 * x1; + ulong f10 = (ulong)x7 * x3_2 + + (ulong)x6 * x4_2 + + (ulong)x5 * x5; + ulong g2 = (ulong)u2 * u0_2 + + (ulong)u1 * u1; + ulong g10 = (ulong)u7 * u3_2 + + (ulong)u6 * u4_2 + + (ulong)u5 * u5; + ulong h2 = (ulong)s2 * s0_2 + + (ulong)s1 * s1; + ulong h10 = (ulong)s7 * s3_2 + + (ulong)s6 * s4_2 + + (ulong)s5 * s5; + + c += f2 + g2 + h10 - f10; + z2 = (uint)c & M28; c >>= 28; + d += g10 + h2 - f2 + h10; + z10 = (uint)d & M28; d >>= 28; + + ulong f3 = (ulong)x3 * x0_2 + + (ulong)x2 * x1_2; + ulong f11 = (ulong)x7 * x4_2 + + (ulong)x6 * x5_2; + ulong g3 = (ulong)u3 * u0_2 + + (ulong)u2 * u1_2; + ulong g11 = (ulong)u7 * u4_2 + + (ulong)u6 * u5_2; + ulong h3 = (ulong)s3 * s0_2 + + (ulong)s2 * s1_2; + ulong h11 = (ulong)s7 * s4_2 + + (ulong)s6 * s5_2; + + c += f3 + g3 + h11 - f11; + z3 = (uint)c & M28; c >>= 28; + d += g11 + h3 - f3 + h11; + z11 = (uint)d & M28; d >>= 28; + + ulong f4 = (ulong)x4 * x0_2 + + (ulong)x3 * x1_2 + + (ulong)x2 * x2; + ulong f12 = (ulong)x7 * x5_2 + + (ulong)x6 * x6; + ulong g4 = (ulong)u4 * u0_2 + + (ulong)u3 * u1_2 + + (ulong)u2 * u2; + ulong g12 = (ulong)u7 * u5_2 + + (ulong)u6 * u6; + ulong h4 = (ulong)s4 * s0_2 + + (ulong)s3 * s1_2 + + (ulong)s2 * s2; + ulong h12 = (ulong)s7 * s5_2 + + (ulong)s6 * s6; + + c += f4 + g4 + h12 - f12; + z4 = (uint)c & M28; c >>= 28; + d += g12 + h4 - f4 + h12; + z12 = (uint)d & M28; d >>= 28; + + ulong f5 = (ulong)x5 * x0_2 + + (ulong)x4 * x1_2 + + (ulong)x3 * x2_2; + ulong f13 = (ulong)x7 * x6_2; + ulong g5 = (ulong)u5 * u0_2 + + (ulong)u4 * u1_2 + + (ulong)u3 * u2_2; + ulong g13 = (ulong)u7 * u6_2; + ulong h5 = (ulong)s5 * s0_2 + + (ulong)s4 * s1_2 + + (ulong)s3 * s2_2; + ulong h13 = (ulong)s7 * s6_2; + + c += f5 + g5 + h13 - f13; + z5 = (uint)c & M28; c >>= 28; + d += g13 + h5 - f5 + h13; + z13 = (uint)d & M28; d >>= 28; + + ulong f6 = (ulong)x6 * x0_2 + + (ulong)x5 * x1_2 + + (ulong)x4 * x2_2 + + (ulong)x3 * x3; + ulong f14 = (ulong)x7 * x7; + ulong g6 = (ulong)u6 * u0_2 + + (ulong)u5 * u1_2 + + (ulong)u4 * u2_2 + + (ulong)u3 * u3; + ulong g14 = (ulong)u7 * u7; + ulong h6 = (ulong)s6 * s0_2 + + (ulong)s5 * s1_2 + + (ulong)s4 * s2_2 + + (ulong)s3 * s3; + ulong h14 = (ulong)s7 * s7; + + c += f6 + g6 + h14 - f14; + z6 = (uint)c & M28; c >>= 28; + d += g14 + h6 - f6 + h14; + z14 = (uint)d & M28; d >>= 28; + + ulong f7 = (ulong)x7 * x0_2 + + (ulong)x6 * x1_2 + + (ulong)x5 * x2_2 + + (ulong)x4 * x3_2; + ulong g7 = (ulong)u7 * u0_2 + + (ulong)u6 * u1_2 + + (ulong)u5 * u2_2 + + (ulong)u4 * u3_2; + ulong h7 = (ulong)s7 * s0_2 + + (ulong)s6 * s1_2 + + (ulong)s5 * s2_2 + + (ulong)s4 * s3_2; + + c += f7 + g7; + z7 = (uint)c & M28; c >>= 28; + d += h7 - f7; + z15 = (uint)d & M28; d >>= 28; + + c += d; + + c += z8; + z8 = (uint)c & M28; c >>= 28; + d += z0; + z0 = (uint)d & M28; d >>= 28; + z9 += (uint)c; + z1 += (uint)d; + + z[0] = z0; + z[1] = z1; + z[2] = z2; + z[3] = z3; + z[4] = z4; + z[5] = z5; + z[6] = z6; + z[7] = z7; + z[8] = z8; + z[9] = z9; + z[10] = z10; + z[11] = z11; + z[12] = z12; + z[13] = z13; + z[14] = z14; + z[15] = z15; + } + + public static void Sqr(uint[] x, int n, uint[] z) + { + Debug.Assert(n > 0); + + Sqr(x, z); + + while (--n > 0) + { + Sqr(z, z); + } + } + + public static bool SqrtRatioVar(uint[] u, uint[] v, uint[] z) + { + uint[] u3v = Create(); + uint[] u5v3 = Create(); + + Sqr(u, u3v); + Mul(u3v, v, u3v); + Sqr(u3v, u5v3); + Mul(u3v, u, u3v); + Mul(u5v3, u, u5v3); + Mul(u5v3, v, u5v3); + + uint[] x = Create(); + PowPm3d4(u5v3, x); + Mul(x, u3v, x); + + uint[] t = Create(); + Sqr(x, t); + Mul(t, v, t); + + Sub(u, t, t); + Normalize(t); + + if (IsZeroVar(t)) + { + Copy(x, 0, z, 0); + return true; + } + + return false; + } + + public static void Sub(uint[] x, uint[] y, uint[] z) + { + uint x0 = x[0], x1 = x[1], x2 = x[2], x3 = x[3], x4 = x[4], x5 = x[5], x6 = x[6], x7 = x[7]; + uint x8 = x[8], x9 = x[9], x10 = x[10], x11 = x[11], x12 = x[12], x13 = x[13], x14 = x[14], x15 = x[15]; + uint y0 = y[0], y1 = y[1], y2 = y[2], y3 = y[3], y4 = y[4], y5 = y[5], y6 = y[6], y7 = y[7]; + uint y8 = y[8], y9 = y[9], y10 = y[10], y11 = y[11], y12 = y[12], y13 = y[13], y14 = y[14], y15 = y[15]; + + uint z0 = x0 + 0x1FFFFFFEU - y0; + uint z1 = x1 + 0x1FFFFFFEU - y1; + uint z2 = x2 + 0x1FFFFFFEU - y2; + uint z3 = x3 + 0x1FFFFFFEU - y3; + uint z4 = x4 + 0x1FFFFFFEU - y4; + uint z5 = x5 + 0x1FFFFFFEU - y5; + uint z6 = x6 + 0x1FFFFFFEU - y6; + uint z7 = x7 + 0x1FFFFFFEU - y7; + uint z8 = x8 + 0x1FFFFFFCU - y8; + uint z9 = x9 + 0x1FFFFFFEU - y9; + uint z10 = x10 + 0x1FFFFFFEU - y10; + uint z11 = x11 + 0x1FFFFFFEU - y11; + uint z12 = x12 + 0x1FFFFFFEU - y12; + uint z13 = x13 + 0x1FFFFFFEU - y13; + uint z14 = x14 + 0x1FFFFFFEU - y14; + uint z15 = x15 + 0x1FFFFFFEU - y15; + + z2 += z1 >> 28; z1 &= M28; + z6 += z5 >> 28; z5 &= M28; + z10 += z9 >> 28; z9 &= M28; + z14 += z13 >> 28; z13 &= M28; + + z3 += z2 >> 28; z2 &= M28; + z7 += z6 >> 28; z6 &= M28; + z11 += z10 >> 28; z10 &= M28; + z15 += z14 >> 28; z14 &= M28; + + uint t = z15 >> 28; z15 &= M28; + z0 += t; + z8 += t; + + z4 += z3 >> 28; z3 &= M28; + z8 += z7 >> 28; z7 &= M28; + z12 += z11 >> 28; z11 &= M28; + + z1 += z0 >> 28; z0 &= M28; + z5 += z4 >> 28; z4 &= M28; + z9 += z8 >> 28; z8 &= M28; + z13 += z12 >> 28; z12 &= M28; + + z[0] = z0; + z[1] = z1; + z[2] = z2; + z[3] = z3; + z[4] = z4; + z[5] = z5; + z[6] = z6; + z[7] = z7; + z[8] = z8; + z[9] = z9; + z[10] = z10; + z[11] = z11; + z[12] = z12; + z[13] = z13; + z[14] = z14; + z[15] = z15; + } + + public static void SubOne(uint[] z) + { + uint[] one = Create(); + one[0] = 1U; + + Sub(z, one, z); + } + + public static void Zero(uint[] z) + { + for (int i = 0; i < Size; ++i) + { + z[i] = 0; + } + } + } +} diff --git a/BouncyCastle/crypto/src/math/ec/rfc8032/Ed25519.cs b/BouncyCastle/crypto/src/math/ec/rfc8032/Ed25519.cs new file mode 100644 index 0000000..a50fdda --- /dev/null +++ b/BouncyCastle/crypto/src/math/ec/rfc8032/Ed25519.cs @@ -0,0 +1,1423 @@ +using System; +using System.Diagnostics; + +using Org.BouncyCastle.Crypto; +using Org.BouncyCastle.Crypto.Digests; +using Org.BouncyCastle.Math.EC.Rfc7748; +using Org.BouncyCastle.Math.Raw; +using Org.BouncyCastle.Security; +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Math.EC.Rfc8032 +{ + public abstract class Ed25519 + { + // -x^2 + y^2 == 1 + 0x52036CEE2B6FFE738CC740797779E89800700A4D4141D8AB75EB4DCA135978A3 * x^2 * y^2 + + public enum Algorithm + { + Ed25519 = 0, + Ed25519ctx = 1, + Ed25519ph = 2, + } + + private class F : X25519Field {}; + + private const long M08L = 0x000000FFL; + private const long M28L = 0x0FFFFFFFL; + private const long M32L = 0xFFFFFFFFL; + + private const int CoordUints = 8; + private const int PointBytes = CoordUints * 4; + private const int ScalarUints = 8; + private const int ScalarBytes = ScalarUints * 4; + + public static readonly int PrehashSize = 64; + public static readonly int PublicKeySize = PointBytes; + public static readonly int SecretKeySize = 32; + public static readonly int SignatureSize = PointBytes + ScalarBytes; + + // "SigEd25519 no Ed25519 collisions" + private static readonly byte[] Dom2Prefix = new byte[]{ 0x53, 0x69, 0x67, 0x45, 0x64, 0x32, 0x35, 0x35, 0x31, + 0x39, 0x20, 0x6e, 0x6f, 0x20, 0x45, 0x64, 0x32, 0x35, 0x35, 0x31, 0x39, 0x20, 0x63, 0x6f, 0x6c, 0x6c, 0x69, + 0x73, 0x69, 0x6f, 0x6e, 0x73 }; + + private static readonly uint[] P = { 0xFFFFFFEDU, 0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU, + 0xFFFFFFFFU, 0xFFFFFFFFU, 0x7FFFFFFFU }; + private static readonly uint[] L = { 0x5CF5D3EDU, 0x5812631AU, 0xA2F79CD6U, 0x14DEF9DEU, 0x00000000U, + 0x00000000U, 0x00000000U, 0x10000000U }; + + private const int L0 = unchecked((int)0xFCF5D3ED); // L0:26/-- + private const int L1 = 0x012631A6; // L1:24/22 + private const int L2 = 0x079CD658; // L2:27/-- + private const int L3 = unchecked((int)0xFF9DEA2F); // L3:23/-- + private const int L4 = 0x000014DF; // L4:12/11 + + private static readonly int[] B_x = { 0x0325D51A, 0x018B5823, 0x007B2C95, 0x0304A92D, 0x00D2598E, 0x01D6DC5C, + 0x01388C7F, 0x013FEC0A, 0x029E6B72, 0x0042D26D }; + private static readonly int[] B_y = { 0x02666658, 0x01999999, 0x00666666, 0x03333333, 0x00CCCCCC, 0x02666666, + 0x01999999, 0x00666666, 0x03333333, 0x00CCCCCC, }; + private static readonly int[] C_d = { 0x035978A3, 0x02D37284, 0x018AB75E, 0x026A0A0E, 0x0000E014, 0x0379E898, + 0x01D01E5D, 0x01E738CC, 0x03715B7F, 0x00A406D9 }; + private static readonly int[] C_d2 = { 0x02B2F159, 0x01A6E509, 0x01156EBD, 0x00D4141D, 0x0001C029, 0x02F3D130, + 0x03A03CBB, 0x01CE7198, 0x02E2B6FF, 0x00480DB3 }; + private static readonly int[] C_d4 = { 0x0165E2B2, 0x034DCA13, 0x002ADD7A, 0x01A8283B, 0x00038052, 0x01E7A260, + 0x03407977, 0x019CE331, 0x01C56DFF, 0x00901B67 }; + + private const int WnafWidthBase = 7; + + // ScalarMultBase is hard-coded for these values of blocks, teeth, spacing so they can't be freely changed + private const int PrecompBlocks = 8; + private const int PrecompTeeth = 4; + private const int PrecompSpacing = 8; + private const int PrecompPoints = 1 << (PrecompTeeth - 1); + private const int PrecompMask = PrecompPoints - 1; + + private static readonly object precompLock = new object(); + // TODO[ed25519] Convert to PointPrecomp + private static PointExt[] precompBaseTable = null; + private static int[] precompBase = null; + + private class PointAccum + { + internal int[] x = F.Create(); + internal int[] y = F.Create(); + internal int[] z = F.Create(); + internal int[] u = F.Create(); + internal int[] v = F.Create(); + } + + private class PointAffine + { + internal int[] x = F.Create(); + internal int[] y = F.Create(); + } + + private class PointExt + { + internal int[] x = F.Create(); + internal int[] y = F.Create(); + internal int[] z = F.Create(); + internal int[] t = F.Create(); + } + + private class PointPrecomp + { + internal int[] ypx_h = F.Create(); + internal int[] ymx_h = F.Create(); + internal int[] xyd = F.Create(); + } + + private static byte[] CalculateS(byte[] r, byte[] k, byte[] s) + { + uint[] t = new uint[ScalarUints * 2]; DecodeScalar(r, 0, t); + uint[] u = new uint[ScalarUints]; DecodeScalar(k, 0, u); + uint[] v = new uint[ScalarUints]; DecodeScalar(s, 0, v); + + Nat256.MulAddTo(u, v, t); + + byte[] result = new byte[ScalarBytes * 2]; + for (int i = 0; i < t.Length; ++i) + { + Encode32(t[i], result, i * 4); + } + return ReduceScalar(result); + } + + private static bool CheckContextVar(byte[] ctx, byte phflag) + { + return ctx == null && phflag == 0x00 + || ctx != null && ctx.Length < 256; + } + + private static int CheckPoint(int[] x, int[] y) + { + int[] t = F.Create(); + int[] u = F.Create(); + int[] v = F.Create(); + + F.Sqr(x, u); + F.Sqr(y, v); + F.Mul(u, v, t); + F.Sub(v, u, v); + F.Mul(t, C_d, t); + F.AddOne(t); + F.Sub(t, v, t); + F.Normalize(t); + + return F.IsZero(t); + } + + private static int CheckPoint(int[] x, int[] y, int[] z) + { + int[] t = F.Create(); + int[] u = F.Create(); + int[] v = F.Create(); + int[] w = F.Create(); + + F.Sqr(x, u); + F.Sqr(y, v); + F.Sqr(z, w); + F.Mul(u, v, t); + F.Sub(v, u, v); + F.Mul(v, w, v); + F.Sqr(w, w); + F.Mul(t, C_d, t); + F.Add(t, w, t); + F.Sub(t, v, t); + F.Normalize(t); + + return F.IsZero(t); + } + + private static bool CheckPointVar(byte[] p) + { + uint[] t = new uint[CoordUints]; + Decode32(p, 0, t, 0, CoordUints); + t[CoordUints - 1] &= 0x7FFFFFFFU; + return !Nat256.Gte(t, P); + } + + private static bool CheckScalarVar(byte[] s, uint[] n) + { + DecodeScalar(s, 0, n); + return !Nat256.Gte(n, L); + } + + private static byte[] Copy(byte[] buf, int off, int len) + { + byte[] result = new byte[len]; + Array.Copy(buf, off, result, 0, len); + return result; + } + + private static IDigest CreateDigest() + { + return new Sha512Digest(); + } + + public static IDigest CreatePrehash() + { + return CreateDigest(); + } + + private static uint Decode24(byte[] bs, int off) + { + uint n = bs[off]; + n |= (uint)bs[++off] << 8; + n |= (uint)bs[++off] << 16; + return n; + } + + private static uint Decode32(byte[] bs, int off) + { + uint n = bs[off]; + n |= (uint)bs[++off] << 8; + n |= (uint)bs[++off] << 16; + n |= (uint)bs[++off] << 24; + return n; + } + + private static void Decode32(byte[] bs, int bsOff, uint[] n, int nOff, int nLen) + { + for (int i = 0; i < nLen; ++i) + { + n[nOff + i] = Decode32(bs, bsOff + i * 4); + } + } + + private static bool DecodePointVar(byte[] p, int pOff, bool negate, PointAffine r) + { + byte[] py = Copy(p, pOff, PointBytes); + if (!CheckPointVar(py)) + return false; + + int x_0 = (py[PointBytes - 1] & 0x80) >> 7; + py[PointBytes - 1] &= 0x7F; + + F.Decode(py, 0, r.y); + + int[] u = F.Create(); + int[] v = F.Create(); + + F.Sqr(r.y, u); + F.Mul(C_d, u, v); + F.SubOne(u); + F.AddOne(v); + + if (!F.SqrtRatioVar(u, v, r.x)) + return false; + + F.Normalize(r.x); + if (x_0 == 1 && F.IsZeroVar(r.x)) + return false; + + if (negate ^ (x_0 != (r.x[0] & 1))) + { + F.Negate(r.x, r.x); + } + + return true; + } + + private static void DecodeScalar(byte[] k, int kOff, uint[] n) + { + Decode32(k, kOff, n, 0, ScalarUints); + } + + private static void Dom2(IDigest d, byte phflag, byte[] ctx) + { + if (ctx != null) + { + int n = Dom2Prefix.Length; + byte[] t = new byte[n + 2 + ctx.Length]; + Dom2Prefix.CopyTo(t, 0); + t[n] = phflag; + t[n + 1] = (byte)ctx.Length; + ctx.CopyTo(t, n + 2); + + d.BlockUpdate(t, 0, t.Length); + } + } + + private static void Encode24(uint n, byte[] bs, int off) + { + bs[off] = (byte)(n); + bs[++off] = (byte)(n >> 8); + bs[++off] = (byte)(n >> 16); + } + + private static void Encode32(uint n, byte[] bs, int off) + { + bs[off] = (byte)(n); + bs[++off] = (byte)(n >> 8); + bs[++off] = (byte)(n >> 16); + bs[++off] = (byte)(n >> 24); + } + + private static void Encode56(ulong n, byte[] bs, int off) + { + Encode32((uint)n, bs, off); + Encode24((uint)(n >> 32), bs, off + 4); + } + + private static int EncodePoint(PointAccum p, byte[] r, int rOff) + { + int[] x = F.Create(); + int[] y = F.Create(); + + F.Inv(p.z, y); + F.Mul(p.x, y, x); + F.Mul(p.y, y, y); + F.Normalize(x); + F.Normalize(y); + + int result = CheckPoint(x, y); + + F.Encode(y, r, rOff); + r[rOff + PointBytes - 1] |= (byte)((x[0] & 1) << 7); + + return result; + } + + public static void GeneratePrivateKey(SecureRandom random, byte[] k) + { + random.NextBytes(k); + } + + public static void GeneratePublicKey(byte[] sk, int skOff, byte[] pk, int pkOff) + { + IDigest d = CreateDigest(); + byte[] h = new byte[d.GetDigestSize()]; + + d.BlockUpdate(sk, skOff, SecretKeySize); + d.DoFinal(h, 0); + + byte[] s = new byte[ScalarBytes]; + PruneScalar(h, 0, s); + + ScalarMultBaseEncoded(s, pk, pkOff); + } + + private static uint GetWindow4(uint[] x, int n) + { + int w = (int)((uint)n >> 3), b = (n & 7) << 2; + return (x[w] >> b) & 15U; + } + + private static sbyte[] GetWnafVar(uint[] n, int width) + { + Debug.Assert(n[ScalarUints - 1] <= L[ScalarUints - 1]); + Debug.Assert(2 <= width && width <= 8); + + uint[] t = new uint[ScalarUints * 2]; + { + uint c = 0; + int tPos = t.Length, i = ScalarUints; + while (--i >= 0) + { + uint next = n[i]; + t[--tPos] = (next >> 16) | (c << 16); + t[--tPos] = c = next; + } + } + + sbyte[] ws = new sbyte[253]; + + int lead = 32 - width; + + uint carry = 0U; + int j = 0; + for (int i = 0; i < t.Length; ++i, j -= 16) + { + uint word = t[i]; + while (j < 16) + { + uint word16 = word >> j; + uint bit = word16 & 1U; + + if (bit == carry) + { + ++j; + continue; + } + + uint digit = (word16 | 1U) << lead; + carry = digit >> 31; + + ws[(i << 4) + j] = (sbyte)((int)digit >> lead); + + j += width; + } + } + + Debug.Assert(carry == 0); + + return ws; + } + + private static void ImplSign(IDigest d, byte[] h, byte[] s, byte[] pk, int pkOff, byte[] ctx, byte phflag, + byte[] m, int mOff, int mLen, byte[] sig, int sigOff) + { + Dom2(d, phflag, ctx); + d.BlockUpdate(h, ScalarBytes, ScalarBytes); + d.BlockUpdate(m, mOff, mLen); + d.DoFinal(h, 0); + + byte[] r = ReduceScalar(h); + byte[] R = new byte[PointBytes]; + ScalarMultBaseEncoded(r, R, 0); + + Dom2(d, phflag, ctx); + d.BlockUpdate(R, 0, PointBytes); + d.BlockUpdate(pk, pkOff, PointBytes); + d.BlockUpdate(m, mOff, mLen); + d.DoFinal(h, 0); + + byte[] k = ReduceScalar(h); + byte[] S = CalculateS(r, k, s); + + Array.Copy(R, 0, sig, sigOff, PointBytes); + Array.Copy(S, 0, sig, sigOff + PointBytes, ScalarBytes); + } + + private static void ImplSign(byte[] sk, int skOff, byte[] ctx, byte phflag, byte[] m, int mOff, int mLen, + byte[] sig, int sigOff) + { + if (!CheckContextVar(ctx, phflag)) + throw new ArgumentException("ctx"); + + IDigest d = CreateDigest(); + byte[] h = new byte[d.GetDigestSize()]; + + d.BlockUpdate(sk, skOff, SecretKeySize); + d.DoFinal(h, 0); + + byte[] s = new byte[ScalarBytes]; + PruneScalar(h, 0, s); + + byte[] pk = new byte[PointBytes]; + ScalarMultBaseEncoded(s, pk, 0); + + ImplSign(d, h, s, pk, 0, ctx, phflag, m, mOff, mLen, sig, sigOff); + } + + private static void ImplSign(byte[] sk, int skOff, byte[] pk, int pkOff, byte[] ctx, byte phflag, byte[] m, + int mOff, int mLen, byte[] sig, int sigOff) + { + if (!CheckContextVar(ctx, phflag)) + throw new ArgumentException("ctx"); + + IDigest d = CreateDigest(); + byte[] h = new byte[d.GetDigestSize()]; + + d.BlockUpdate(sk, skOff, SecretKeySize); + d.DoFinal(h, 0); + + byte[] s = new byte[ScalarBytes]; + PruneScalar(h, 0, s); + + ImplSign(d, h, s, pk, pkOff, ctx, phflag, m, mOff, mLen, sig, sigOff); + } + + private static bool ImplVerify(byte[] sig, int sigOff, byte[] pk, int pkOff, byte[] ctx, byte phflag, byte[] m, + int mOff, int mLen) + { + if (!CheckContextVar(ctx, phflag)) + throw new ArgumentException("ctx"); + + byte[] R = Copy(sig, sigOff, PointBytes); + byte[] S = Copy(sig, sigOff + PointBytes, ScalarBytes); + + if (!CheckPointVar(R)) + return false; + + uint[] nS = new uint[ScalarUints]; + if (!CheckScalarVar(S, nS)) + return false; + + PointAffine pA = new PointAffine(); + if (!DecodePointVar(pk, pkOff, true, pA)) + return false; + + IDigest d = CreateDigest(); + byte[] h = new byte[d.GetDigestSize()]; + + Dom2(d, phflag, ctx); + d.BlockUpdate(R, 0, PointBytes); + d.BlockUpdate(pk, pkOff, PointBytes); + d.BlockUpdate(m, mOff, mLen); + d.DoFinal(h, 0); + + byte[] k = ReduceScalar(h); + + uint[] nA = new uint[ScalarUints]; + DecodeScalar(k, 0, nA); + + PointAccum pR = new PointAccum(); + ScalarMultStrausVar(nS, nA, pA, pR); + + byte[] check = new byte[PointBytes]; + return 0 != EncodePoint(pR, check, 0) && Arrays.AreEqual(check, R); + } + + private static bool IsNeutralElementVar(int[] x, int[] y) + { + return F.IsZeroVar(x) && F.IsOneVar(y); + } + + private static bool IsNeutralElementVar(int[] x, int[] y, int[] z) + { + return F.IsZeroVar(x) && F.AreEqualVar(y, z); + } + + private static void PointAdd(PointExt p, PointAccum r) + { + int[] a = F.Create(); + int[] b = F.Create(); + int[] c = F.Create(); + int[] d = F.Create(); + int[] e = r.u; + int[] f = F.Create(); + int[] g = F.Create(); + int[] h = r.v; + + F.Apm(r.y, r.x, b, a); + F.Apm(p.y, p.x, d, c); + F.Mul(a, c, a); + F.Mul(b, d, b); + F.Mul(r.u, r.v, c); + F.Mul(c, p.t, c); + F.Mul(c, C_d2, c); + F.Mul(r.z, p.z, d); + F.Add(d, d, d); + F.Apm(b, a, h, e); + F.Apm(d, c, g, f); + F.Carry(g); + F.Mul(e, f, r.x); + F.Mul(g, h, r.y); + F.Mul(f, g, r.z); + } + + private static void PointAdd(PointExt p, PointExt r) + { + int[] a = F.Create(); + int[] b = F.Create(); + int[] c = F.Create(); + int[] d = F.Create(); + int[] e = F.Create(); + int[] f = F.Create(); + int[] g = F.Create(); + int[] h = F.Create(); + + F.Apm(p.y, p.x, b, a); + F.Apm(r.y, r.x, d, c); + F.Mul(a, c, a); + F.Mul(b, d, b); + F.Mul(p.t, r.t, c); + F.Mul(c, C_d2, c); + F.Mul(p.z, r.z, d); + F.Add(d, d, d); + F.Apm(b, a, h, e); + F.Apm(d, c, g, f); + F.Carry(g); + F.Mul(e, f, r.x); + F.Mul(g, h, r.y); + F.Mul(f, g, r.z); + F.Mul(e, h, r.t); + } + + private static void PointAddVar(bool negate, PointExt p, PointAccum r) + { + int[] a = F.Create(); + int[] b = F.Create(); + int[] c = F.Create(); + int[] d = F.Create(); + int[] e = r.u; + int[] f = F.Create(); + int[] g = F.Create(); + int[] h = r.v; + + int[] nc, nd, nf, ng; + if (negate) + { + nc = d; nd = c; nf = g; ng = f; + } + else + { + nc = c; nd = d; nf = f; ng = g; + } + + F.Apm(r.y, r.x, b, a); + F.Apm(p.y, p.x, nd, nc); + F.Mul(a, c, a); + F.Mul(b, d, b); + F.Mul(r.u, r.v, c); + F.Mul(c, p.t, c); + F.Mul(c, C_d2, c); + F.Mul(r.z, p.z, d); + F.Add(d, d, d); + F.Apm(b, a, h, e); + F.Apm(d, c, ng, nf); + F.Carry(ng); + F.Mul(e, f, r.x); + F.Mul(g, h, r.y); + F.Mul(f, g, r.z); + } + + private static void PointAddVar(bool negate, PointExt p, PointExt q, PointExt r) + { + int[] a = F.Create(); + int[] b = F.Create(); + int[] c = F.Create(); + int[] d = F.Create(); + int[] e = F.Create(); + int[] f = F.Create(); + int[] g = F.Create(); + int[] h = F.Create(); + + int[] nc, nd, nf, ng; + if (negate) + { + nc = d; nd = c; nf = g; ng = f; + } + else + { + nc = c; nd = d; nf = f; ng = g; + } + + F.Apm(p.y, p.x, b, a); + F.Apm(q.y, q.x, nd, nc); + F.Mul(a, c, a); + F.Mul(b, d, b); + F.Mul(p.t, q.t, c); + F.Mul(c, C_d2, c); + F.Mul(p.z, q.z, d); + F.Add(d, d, d); + F.Apm(b, a, h, e); + F.Apm(d, c, ng, nf); + F.Carry(ng); + F.Mul(e, f, r.x); + F.Mul(g, h, r.y); + F.Mul(f, g, r.z); + F.Mul(e, h, r.t); + } + + private static void PointAddPrecomp(PointPrecomp p, PointAccum r) + { + int[] a = F.Create(); + int[] b = F.Create(); + int[] c = F.Create(); + int[] e = r.u; + int[] f = F.Create(); + int[] g = F.Create(); + int[] h = r.v; + + F.Apm(r.y, r.x, b, a); + F.Mul(a, p.ymx_h, a); + F.Mul(b, p.ypx_h, b); + F.Mul(r.u, r.v, c); + F.Mul(c, p.xyd, c); + F.Apm(b, a, h, e); + F.Apm(r.z, c, g, f); + F.Carry(g); + F.Mul(e, f, r.x); + F.Mul(g, h, r.y); + F.Mul(f, g, r.z); + } + + private static PointExt PointCopy(PointAccum p) + { + PointExt r = new PointExt(); + F.Copy(p.x, 0, r.x, 0); + F.Copy(p.y, 0, r.y, 0); + F.Copy(p.z, 0, r.z, 0); + F.Mul(p.u, p.v, r.t); + return r; + } + + private static PointExt PointCopy(PointAffine p) + { + PointExt r = new PointExt(); + F.Copy(p.x, 0, r.x, 0); + F.Copy(p.y, 0, r.y, 0); + PointExtendXY(r); + return r; + } + + private static PointExt PointCopy(PointExt p) + { + PointExt r = new PointExt(); + PointCopy(p, r); + return r; + } + + private static void PointCopy(PointExt p, PointExt r) + { + F.Copy(p.x, 0, r.x, 0); + F.Copy(p.y, 0, r.y, 0); + F.Copy(p.z, 0, r.z, 0); + F.Copy(p.t, 0, r.t, 0); + } + + private static void PointDouble(PointAccum r) + { + int[] a = F.Create(); + int[] b = F.Create(); + int[] c = F.Create(); + int[] e = r.u; + int[] f = F.Create(); + int[] g = F.Create(); + int[] h = r.v; + + F.Sqr(r.x, a); + F.Sqr(r.y, b); + F.Sqr(r.z, c); + F.Add(c, c, c); + F.Apm(a, b, h, g); + F.Add(r.x, r.y, e); + F.Sqr(e, e); + F.Sub(h, e, e); + F.Add(c, g, f); + F.Carry(f); + F.Mul(e, f, r.x); + F.Mul(g, h, r.y); + F.Mul(f, g, r.z); + } + + private static void PointExtendXY(PointAccum p) + { + F.One(p.z); + F.Copy(p.x, 0, p.u, 0); + F.Copy(p.y, 0, p.v, 0); + } + + private static void PointExtendXY(PointExt p) + { + F.One(p.z); + F.Mul(p.x, p.y, p.t); + } + + private static void PointLookup(int block, int index, PointPrecomp p) + { + Debug.Assert(0 <= block && block < PrecompBlocks); + Debug.Assert(0 <= index && index < PrecompPoints); + + int off = block * PrecompPoints * 3 * F.Size; + + for (int i = 0; i < PrecompPoints; ++i) + { + int cond = ((i ^ index) - 1) >> 31; + F.CMov(cond, precompBase, off, p.ypx_h, 0); off += F.Size; + F.CMov(cond, precompBase, off, p.ymx_h, 0); off += F.Size; + F.CMov(cond, precompBase, off, p.xyd, 0); off += F.Size; + } + } + + private static void PointLookup(uint[] x, int n, int[] table, PointExt r) + { + // TODO This method is currently hardcoded to 4-bit windows and 8 precomputed points + + uint w = GetWindow4(x, n); + + int sign = (int)(w >> (4 - 1)) ^ 1; + int abs = ((int)w ^ -sign) & 7; + + Debug.Assert(sign == 0 || sign == 1); + Debug.Assert(0 <= abs && abs < 8); + + for (int i = 0, off = 0; i < 8; ++i) + { + int cond = ((i ^ abs) - 1) >> 31; + F.CMov(cond, table, off, r.x, 0); off += F.Size; + F.CMov(cond, table, off, r.y, 0); off += F.Size; + F.CMov(cond, table, off, r.z, 0); off += F.Size; + F.CMov(cond, table, off, r.t, 0); off += F.Size; + } + + F.CNegate(sign, r.x); + F.CNegate(sign, r.t); + } + + private static int[] PointPrecompute(PointAffine p, int count) + { + Debug.Assert(count > 0); + + PointExt q = PointCopy(p); + PointExt d = PointCopy(q); + PointAdd(q, d); + + int[] table = F.CreateTable(count * 4); + int off = 0; + + int i = 0; + for (;;) + { + F.Copy(q.x, 0, table, off); off += F.Size; + F.Copy(q.y, 0, table, off); off += F.Size; + F.Copy(q.z, 0, table, off); off += F.Size; + F.Copy(q.t, 0, table, off); off += F.Size; + + if (++i == count) + break; + + PointAdd(d, q); + } + + return table; + } + + private static PointExt[] PointPrecomputeVar(PointExt p, int count) + { + Debug.Assert(count > 0); + + PointExt d = new PointExt(); + PointAddVar(false, p, p, d); + + PointExt[] table = new PointExt[count]; + table[0] = PointCopy(p); + for (int i = 1; i < count; ++i) + { + PointAddVar(false, table[i - 1], d, table[i] = new PointExt()); + } + return table; + } + + private static void PointSetNeutral(PointAccum p) + { + F.Zero(p.x); + F.One(p.y); + F.One(p.z); + F.Zero(p.u); + F.One(p.v); + } + + private static void PointSetNeutral(PointExt p) + { + F.Zero(p.x); + F.One(p.y); + F.One(p.z); + F.Zero(p.t); + } + + public static void Precompute() + { + lock (precompLock) + { + if (precompBase != null) + return; + + // Precomputed table for the base point in verification ladder + { + PointExt b = new PointExt(); + F.Copy(B_x, 0, b.x, 0); + F.Copy(B_y, 0, b.y, 0); + PointExtendXY(b); + + precompBaseTable = PointPrecomputeVar(b, 1 << (WnafWidthBase - 2)); + } + + PointAccum p = new PointAccum(); + F.Copy(B_x, 0, p.x, 0); + F.Copy(B_y, 0, p.y, 0); + PointExtendXY(p); + + precompBase = F.CreateTable(PrecompBlocks * PrecompPoints * 3); + + int off = 0; + for (int b = 0; b < PrecompBlocks; ++b) + { + PointExt[] ds = new PointExt[PrecompTeeth]; + + PointExt sum = new PointExt(); + PointSetNeutral(sum); + + for (int t = 0; t < PrecompTeeth; ++t) + { + PointExt q = PointCopy(p); + PointAddVar(true, sum, q, sum); + PointDouble(p); + + ds[t] = PointCopy(p); + + if (b + t != PrecompBlocks + PrecompTeeth - 2) + { + for (int s = 1; s < PrecompSpacing; ++s) + { + PointDouble(p); + } + } + } + + PointExt[] points = new PointExt[PrecompPoints]; + int k = 0; + points[k++] = sum; + + for (int t = 0; t < (PrecompTeeth - 1); ++t) + { + int size = 1 << t; + for (int j = 0; j < size; ++j, ++k) + { + PointAddVar(false, points[k - size], ds[t], points[k] = new PointExt()); + } + } + + Debug.Assert(k == PrecompPoints); + + int[] cs = F.CreateTable(PrecompPoints); + + // TODO[ed25519] A single batch inversion across all blocks? + { + int[] u = F.Create(); + F.Copy(points[0].z, 0, u, 0); + F.Copy(u, 0, cs, 0); + + int i = 0; + while (++i < PrecompPoints) + { + F.Mul(u, points[i].z, u); + F.Copy(u, 0, cs, i * F.Size); + } + + F.Add(u, u, u); + F.InvVar(u, u); + --i; + + int[] t = F.Create(); + + while (i > 0) + { + int j = i--; + F.Copy(cs, i * F.Size, t, 0); + F.Mul(t, u, t); + F.Copy(t, 0, cs, j * F.Size); + F.Mul(u, points[j].z, u); + } + + F.Copy(u, 0, cs, 0); + } + + for (int i = 0; i < PrecompPoints; ++i) + { + PointExt q = points[i]; + + int[] x = F.Create(); + int[] y = F.Create(); + + //F.Add(q.z, q.z, x); + //F.InvVar(x, y); + F.Copy(cs, i * F.Size, y, 0); + + F.Mul(q.x, y, x); + F.Mul(q.y, y, y); + + PointPrecomp r = new PointPrecomp(); + F.Apm(y, x, r.ypx_h, r.ymx_h); + F.Mul(x, y, r.xyd); + F.Mul(r.xyd, C_d4, r.xyd); + + F.Normalize(r.ypx_h); + F.Normalize(r.ymx_h); + //F.Normalize(r.xyd); + + F.Copy(r.ypx_h, 0, precompBase, off); off += F.Size; + F.Copy(r.ymx_h, 0, precompBase, off); off += F.Size; + F.Copy(r.xyd, 0, precompBase, off); off += F.Size; + } + } + + Debug.Assert(off == precompBase.Length); + } + } + + private static void PruneScalar(byte[] n, int nOff, byte[] r) + { + Array.Copy(n, nOff, r, 0, ScalarBytes); + + r[0] &= 0xF8; + r[ScalarBytes - 1] &= 0x7F; + r[ScalarBytes - 1] |= 0x40; + } + + private static byte[] ReduceScalar(byte[] n) + { + long x00 = Decode32(n, 0) & M32L; // x00:32/-- + long x01 = (Decode24(n, 4) << 4) & M32L; // x01:28/-- + long x02 = Decode32(n, 7) & M32L; // x02:32/-- + long x03 = (Decode24(n, 11) << 4) & M32L; // x03:28/-- + long x04 = Decode32(n, 14) & M32L; // x04:32/-- + long x05 = (Decode24(n, 18) << 4) & M32L; // x05:28/-- + long x06 = Decode32(n, 21) & M32L; // x06:32/-- + long x07 = (Decode24(n, 25) << 4) & M32L; // x07:28/-- + long x08 = Decode32(n, 28) & M32L; // x08:32/-- + long x09 = (Decode24(n, 32) << 4) & M32L; // x09:28/-- + long x10 = Decode32(n, 35) & M32L; // x10:32/-- + long x11 = (Decode24(n, 39) << 4) & M32L; // x11:28/-- + long x12 = Decode32(n, 42) & M32L; // x12:32/-- + long x13 = (Decode24(n, 46) << 4) & M32L; // x13:28/-- + long x14 = Decode32(n, 49) & M32L; // x14:32/-- + long x15 = (Decode24(n, 53) << 4) & M32L; // x15:28/-- + long x16 = Decode32(n, 56) & M32L; // x16:32/-- + long x17 = (Decode24(n, 60) << 4) & M32L; // x17:28/-- + long x18 = n[63] & M08L; // x18:08/-- + long t; + + //x18 += (x17 >> 28); x17 &= M28L; + x09 -= x18 * L0; // x09:34/28 + x10 -= x18 * L1; // x10:33/30 + x11 -= x18 * L2; // x11:35/28 + x12 -= x18 * L3; // x12:32/31 + x13 -= x18 * L4; // x13:28/21 + + x17 += (x16 >> 28); x16 &= M28L; // x17:28/--, x16:28/-- + x08 -= x17 * L0; // x08:54/32 + x09 -= x17 * L1; // x09:52/51 + x10 -= x17 * L2; // x10:55/34 + x11 -= x17 * L3; // x11:51/36 + x12 -= x17 * L4; // x12:41/-- + + //x16 += (x15 >> 28); x15 &= M28L; + x07 -= x16 * L0; // x07:54/28 + x08 -= x16 * L1; // x08:54/53 + x09 -= x16 * L2; // x09:55/53 + x10 -= x16 * L3; // x10:55/52 + x11 -= x16 * L4; // x11:51/41 + + x15 += (x14 >> 28); x14 &= M28L; // x15:28/--, x14:28/-- + x06 -= x15 * L0; // x06:54/32 + x07 -= x15 * L1; // x07:54/53 + x08 -= x15 * L2; // x08:56/-- + x09 -= x15 * L3; // x09:55/54 + x10 -= x15 * L4; // x10:55/53 + + //x14 += (x13 >> 28); x13 &= M28L; + x05 -= x14 * L0; // x05:54/28 + x06 -= x14 * L1; // x06:54/53 + x07 -= x14 * L2; // x07:56/-- + x08 -= x14 * L3; // x08:56/51 + x09 -= x14 * L4; // x09:56/-- + + x13 += (x12 >> 28); x12 &= M28L; // x13:28/22, x12:28/-- + x04 -= x13 * L0; // x04:54/49 + x05 -= x13 * L1; // x05:54/53 + x06 -= x13 * L2; // x06:56/-- + x07 -= x13 * L3; // x07:56/52 + x08 -= x13 * L4; // x08:56/52 + + x12 += (x11 >> 28); x11 &= M28L; // x12:28/24, x11:28/-- + x03 -= x12 * L0; // x03:54/49 + x04 -= x12 * L1; // x04:54/51 + x05 -= x12 * L2; // x05:56/-- + x06 -= x12 * L3; // x06:56/52 + x07 -= x12 * L4; // x07:56/53 + + x11 += (x10 >> 28); x10 &= M28L; // x11:29/--, x10:28/-- + x02 -= x11 * L0; // x02:55/32 + x03 -= x11 * L1; // x03:55/-- + x04 -= x11 * L2; // x04:56/55 + x05 -= x11 * L3; // x05:56/52 + x06 -= x11 * L4; // x06:56/53 + + x10 += (x09 >> 28); x09 &= M28L; // x10:29/--, x09:28/-- + x01 -= x10 * L0; // x01:55/28 + x02 -= x10 * L1; // x02:55/54 + x03 -= x10 * L2; // x03:56/55 + x04 -= x10 * L3; // x04:57/-- + x05 -= x10 * L4; // x05:56/53 + + x08 += (x07 >> 28); x07 &= M28L; // x08:56/53, x07:28/-- + x09 += (x08 >> 28); x08 &= M28L; // x09:29/25, x08:28/-- + + t = (x08 >> 27) & 1L; + x09 += t; // x09:29/26 + + x00 -= x09 * L0; // x00:55/53 + x01 -= x09 * L1; // x01:55/54 + x02 -= x09 * L2; // x02:57/-- + x03 -= x09 * L3; // x03:57/-- + x04 -= x09 * L4; // x04:57/42 + + x01 += (x00 >> 28); x00 &= M28L; + x02 += (x01 >> 28); x01 &= M28L; + x03 += (x02 >> 28); x02 &= M28L; + x04 += (x03 >> 28); x03 &= M28L; + x05 += (x04 >> 28); x04 &= M28L; + x06 += (x05 >> 28); x05 &= M28L; + x07 += (x06 >> 28); x06 &= M28L; + x08 += (x07 >> 28); x07 &= M28L; + x09 = (x08 >> 28); x08 &= M28L; + + x09 -= t; + + Debug.Assert(x09 == 0L || x09 == -1L); + + x00 += x09 & L0; + x01 += x09 & L1; + x02 += x09 & L2; + x03 += x09 & L3; + x04 += x09 & L4; + + x01 += (x00 >> 28); x00 &= M28L; + x02 += (x01 >> 28); x01 &= M28L; + x03 += (x02 >> 28); x02 &= M28L; + x04 += (x03 >> 28); x03 &= M28L; + x05 += (x04 >> 28); x04 &= M28L; + x06 += (x05 >> 28); x05 &= M28L; + x07 += (x06 >> 28); x06 &= M28L; + x08 += (x07 >> 28); x07 &= M28L; + + byte[] r = new byte[ScalarBytes]; + Encode56((ulong)(x00 | (x01 << 28)), r, 0); + Encode56((ulong)(x02 | (x03 << 28)), r, 7); + Encode56((ulong)(x04 | (x05 << 28)), r, 14); + Encode56((ulong)(x06 | (x07 << 28)), r, 21); + Encode32((uint)x08, r, 28); + return r; + } + + private static void ScalarMult(byte[] k, PointAffine p, PointAccum r) + { + uint[] n = new uint[ScalarUints]; + DecodeScalar(k, 0, n); + + // Recode the scalar into signed-digit form + { + uint c1 = Nat.CAdd(ScalarUints, ~(int)n[0] & 1, n, L, n); Debug.Assert(c1 == 0U); + uint c2 = Nat.ShiftDownBit(ScalarUints, n, 1U); Debug.Assert(c2 == (1U << 31)); + } + + int[] table = PointPrecompute(p, 8); + PointExt q = new PointExt(); + + PointSetNeutral(r); + + int w = 63; + for (;;) + { + PointLookup(n, w, table, q); + PointAdd(q, r); + + if (--w < 0) + break; + + for (int i = 0; i < 4; ++i) + { + PointDouble(r); + } + } + } + + private static void ScalarMultBase(byte[] k, PointAccum r) + { + // Equivalent (but much slower) + //PointAffine p = new PointAffine(); + //F.Copy(B_x, 0, p.x, 0); + //F.Copy(B_y, 0, p.y, 0); + //ScalarMult(k, p, r); + + Precompute(); + + uint[] n = new uint[ScalarUints]; + DecodeScalar(k, 0, n); + + // Recode the scalar into signed-digit form, then group comb bits in each block + { + uint c1 = Nat.CAdd(ScalarUints, ~(int)n[0] & 1, n, L, n); Debug.Assert(c1 == 0U); + uint c2 = Nat.ShiftDownBit(ScalarUints, n, 1U); Debug.Assert(c2 == (1U << 31)); + + for (int i = 0; i < ScalarUints; ++i) + { + n[i] = Interleave.Shuffle2(n[i]); + } + } + + PointPrecomp p = new PointPrecomp(); + + PointSetNeutral(r); + + int cOff = (PrecompSpacing - 1) * PrecompTeeth; + for (;;) + { + for (int b = 0; b < PrecompBlocks; ++b) + { + uint w = n[b] >> cOff; + int sign = (int)(w >> (PrecompTeeth - 1)) & 1; + int abs = ((int)w ^ -sign) & PrecompMask; + + Debug.Assert(sign == 0 || sign == 1); + Debug.Assert(0 <= abs && abs < PrecompPoints); + + PointLookup(b, abs, p); + + F.CSwap(sign, p.ypx_h, p.ymx_h); + F.CNegate(sign, p.xyd); + + PointAddPrecomp(p, r); + } + + if ((cOff -= PrecompTeeth) < 0) + break; + + PointDouble(r); + } + } + + private static void ScalarMultBaseEncoded(byte[] k, byte[] r, int rOff) + { + PointAccum p = new PointAccum(); + ScalarMultBase(k, p); + if (0 == EncodePoint(p, r, rOff)) + throw new InvalidOperationException(); + } + + internal static void ScalarMultBaseYZ(byte[] k, int kOff, int[] y, int[] z) + { + byte[] n = new byte[ScalarBytes]; + PruneScalar(k, kOff, n); + + PointAccum p = new PointAccum(); + ScalarMultBase(n, p); + + if (0 == CheckPoint(p.x, p.y, p.z)) + throw new InvalidOperationException(); + + F.Copy(p.y, 0, y, 0); + F.Copy(p.z, 0, z, 0); + } + + private static void ScalarMultOrderVar(PointAffine p, PointAccum r) + { + int width = 5; + + sbyte[] ws_p = GetWnafVar(L, width); + + PointExt[] tp = PointPrecomputeVar(PointCopy(p), 1 << (width - 2)); + + PointSetNeutral(r); + + for (int bit = 252; ;) + { + int wp = ws_p[bit]; + if (wp != 0) + { + int sign = wp >> 31; + int index = (wp ^ sign) >> 1; + + PointAddVar((sign != 0), tp[index], r); + } + + if (--bit < 0) + break; + + PointDouble(r); + } + } + + private static void ScalarMultStrausVar(uint[] nb, uint[] np, PointAffine p, PointAccum r) + { + Precompute(); + + int width = 5; + + sbyte[] ws_b = GetWnafVar(nb, WnafWidthBase); + sbyte[] ws_p = GetWnafVar(np, width); + + PointExt[] tp = PointPrecomputeVar(PointCopy(p), 1 << (width - 2)); + + PointSetNeutral(r); + + for (int bit = 252;;) + { + int wb = ws_b[bit]; + if (wb != 0) + { + int sign = wb >> 31; + int index = (wb ^ sign) >> 1; + + PointAddVar((sign != 0), precompBaseTable[index], r); + } + + int wp = ws_p[bit]; + if (wp != 0) + { + int sign = wp >> 31; + int index = (wp ^ sign) >> 1; + + PointAddVar((sign != 0), tp[index], r); + } + + if (--bit < 0) + break; + + PointDouble(r); + } + } + + public static void Sign(byte[] sk, int skOff, byte[] m, int mOff, int mLen, byte[] sig, int sigOff) + { + byte[] ctx = null; + byte phflag = 0x00; + + ImplSign(sk, skOff, ctx, phflag, m, mOff, mLen, sig, sigOff); + } + + public static void Sign(byte[] sk, int skOff, byte[] pk, int pkOff, byte[] m, int mOff, int mLen, byte[] sig, int sigOff) + { + byte[] ctx = null; + byte phflag = 0x00; + + ImplSign(sk, skOff, pk, pkOff, ctx, phflag, m, mOff, mLen, sig, sigOff); + } + + public static void Sign(byte[] sk, int skOff, byte[] ctx, byte[] m, int mOff, int mLen, byte[] sig, int sigOff) + { + byte phflag = 0x00; + + ImplSign(sk, skOff, ctx, phflag, m, mOff, mLen, sig, sigOff); + } + + public static void Sign(byte[] sk, int skOff, byte[] pk, int pkOff, byte[] ctx, byte[] m, int mOff, int mLen, byte[] sig, int sigOff) + { + byte phflag = 0x00; + + ImplSign(sk, skOff, pk, pkOff, ctx, phflag, m, mOff, mLen, sig, sigOff); + } + + public static void SignPrehash(byte[] sk, int skOff, byte[] ctx, byte[] ph, int phOff, byte[] sig, int sigOff) + { + byte phflag = 0x01; + + ImplSign(sk, skOff, ctx, phflag, ph, phOff, PrehashSize, sig, sigOff); + } + + public static void SignPrehash(byte[] sk, int skOff, byte[] pk, int pkOff, byte[] ctx, byte[] ph, int phOff, byte[] sig, int sigOff) + { + byte phflag = 0x01; + + ImplSign(sk, skOff, pk, pkOff, ctx, phflag, ph, phOff, PrehashSize, sig, sigOff); + } + + public static void SignPrehash(byte[] sk, int skOff, byte[] ctx, IDigest ph, byte[] sig, int sigOff) + { + byte[] m = new byte[PrehashSize]; + if (PrehashSize != ph.DoFinal(m, 0)) + throw new ArgumentException("ph"); + + byte phflag = 0x01; + + ImplSign(sk, skOff, ctx, phflag, m, 0, m.Length, sig, sigOff); + } + + public static void SignPrehash(byte[] sk, int skOff, byte[] pk, int pkOff, byte[] ctx, IDigest ph, byte[] sig, int sigOff) + { + byte[] m = new byte[PrehashSize]; + if (PrehashSize != ph.DoFinal(m, 0)) + throw new ArgumentException("ph"); + + byte phflag = 0x01; + + ImplSign(sk, skOff, pk, pkOff, ctx, phflag, m, 0, m.Length, sig, sigOff); + } + + public static bool ValidatePublicKeyFull(byte[] pk, int pkOff) + { + PointAffine p = new PointAffine(); + if (!DecodePointVar(pk, pkOff, false, p)) + return false; + + F.Normalize(p.x); + F.Normalize(p.y); + + if (IsNeutralElementVar(p.x, p.y)) + return false; + + PointAccum r = new PointAccum(); + ScalarMultOrderVar(p, r); + + F.Normalize(r.x); + F.Normalize(r.y); + F.Normalize(r.z); + + return IsNeutralElementVar(r.x, r.y, r.z); + } + + public static bool ValidatePublicKeyPartial(byte[] pk, int pkOff) + { + PointAffine p = new PointAffine(); + return DecodePointVar(pk, pkOff, false, p); + } + + public static bool Verify(byte[] sig, int sigOff, byte[] pk, int pkOff, byte[] m, int mOff, int mLen) + { + byte[] ctx = null; + byte phflag = 0x00; + + return ImplVerify(sig, sigOff, pk, pkOff, ctx, phflag, m, mOff, mLen); + } + + public static bool Verify(byte[] sig, int sigOff, byte[] pk, int pkOff, byte[] ctx, byte[] m, int mOff, int mLen) + { + byte phflag = 0x00; + + return ImplVerify(sig, sigOff, pk, pkOff, ctx, phflag, m, mOff, mLen); + } + + public static bool VerifyPrehash(byte[] sig, int sigOff, byte[] pk, int pkOff, byte[] ctx, byte[] ph, int phOff) + { + byte phflag = 0x01; + + return ImplVerify(sig, sigOff, pk, pkOff, ctx, phflag, ph, phOff, PrehashSize); + } + + public static bool VerifyPrehash(byte[] sig, int sigOff, byte[] pk, int pkOff, byte[] ctx, IDigest ph) + { + byte[] m = new byte[PrehashSize]; + if (PrehashSize != ph.DoFinal(m, 0)) + throw new ArgumentException("ph"); + + byte phflag = 0x01; + + return ImplVerify(sig, sigOff, pk, pkOff, ctx, phflag, m, 0, m.Length); + } + } +} diff --git a/BouncyCastle/crypto/src/math/ec/rfc8032/Ed448.cs b/BouncyCastle/crypto/src/math/ec/rfc8032/Ed448.cs new file mode 100644 index 0000000..2cde2d7 --- /dev/null +++ b/BouncyCastle/crypto/src/math/ec/rfc8032/Ed448.cs @@ -0,0 +1,1462 @@ +using System; +using System.Diagnostics; + +using Org.BouncyCastle.Crypto; +using Org.BouncyCastle.Crypto.Digests; +using Org.BouncyCastle.Math.EC.Rfc7748; +using Org.BouncyCastle.Math.Raw; +using Org.BouncyCastle.Security; +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Math.EC.Rfc8032 +{ + public abstract class Ed448 + { + // x^2 + y^2 == 1 - 39081 * x^2 * y^2 + + public enum Algorithm + { + Ed448 = 0, + Ed448ph = 1, + } + + private class F : X448Field {}; + + private const ulong M26UL = 0x03FFFFFFUL; + private const ulong M28UL = 0x0FFFFFFFUL; + + private const int CoordUints = 14; + private const int PointBytes = CoordUints * 4 + 1; + private const int ScalarUints = 14; + private const int ScalarBytes = ScalarUints * 4 + 1; + + public static readonly int PrehashSize = 64; + public static readonly int PublicKeySize = PointBytes; + public static readonly int SecretKeySize = 57; + public static readonly int SignatureSize = PointBytes + ScalarBytes; + + // "SigEd448" + private static readonly byte[] Dom4Prefix = new byte[]{ 0x53, 0x69, 0x67, 0x45, 0x64, 0x34, 0x34, 0x38 }; + + private static readonly uint[] P = { 0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU, + 0xFFFFFFFEU, 0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU }; + private static readonly uint[] L = { 0xAB5844F3U, 0x2378C292U, 0x8DC58F55U, 0x216CC272U, 0xAED63690U, 0xC44EDB49U, 0x7CCA23E9U, + 0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU, 0xFFFFFFFFU, 0x3FFFFFFFU }; + + private const int L_0 = 0x04A7BB0D; // L_0:26/24 + private const int L_1 = 0x0873D6D5; // L_1:27/23 + private const int L_2 = 0x0A70AADC; // L_2:27/26 + private const int L_3 = 0x03D8D723; // L_3:26/-- + private const int L_4 = 0x096FDE93; // L_4:27/25 + private const int L_5 = 0x0B65129C; // L_5:27/26 + private const int L_6 = 0x063BB124; // L_6:27/-- + private const int L_7 = 0x08335DC1; // L_7:27/22 + + private const int L4_0 = 0x029EEC34; // L4_0:25/24 + private const int L4_1 = 0x01CF5B55; // L4_1:25/-- + private const int L4_2 = 0x09C2AB72; // L4_2:27/25 + private const int L4_3 = 0x0F635C8E; // L4_3:28/-- + private const int L4_4 = 0x05BF7A4C; // L4_4:26/25 + private const int L4_5 = 0x0D944A72; // L4_5:28/-- + private const int L4_6 = 0x08EEC492; // L4_6:27/24 + private const int L4_7 = 0x20CD7705; // L4_7:29/24 + + private static readonly uint[] B_x = { 0x070CC05EU, 0x026A82BCU, 0x00938E26U, 0x080E18B0U, 0x0511433BU, 0x0F72AB66U, 0x0412AE1AU, + 0x0A3D3A46U, 0x0A6DE324U, 0x00F1767EU, 0x04657047U, 0x036DA9E1U, 0x05A622BFU, 0x0ED221D1U, 0x066BED0DU, 0x04F1970CU }; + private static readonly uint[] B_y = { 0x0230FA14U, 0x008795BFU, 0x07C8AD98U, 0x0132C4EDU, 0x09C4FDBDU, 0x01CE67C3U, 0x073AD3FFU, + 0x005A0C2DU, 0x07789C1EU, 0x0A398408U, 0x0A73736CU, 0x0C7624BEU, 0x003756C9U, 0x02488762U, 0x016EB6BCU, 0x0693F467U }; + private const int C_d = -39081; + + private const int WnafWidthBase = 7; + + // ScalarMultBase supports varying blocks, teeth, spacing so long as their product is in range [449, 479] + private const int PrecompBlocks = 5; + private const int PrecompTeeth = 5; + private const int PrecompSpacing = 18; + private const int PrecompRange = PrecompBlocks * PrecompTeeth * PrecompSpacing; // 448 < range < 480 + private const int PrecompPoints = 1 << (PrecompTeeth - 1); + private const int PrecompMask = PrecompPoints - 1; + + private static readonly object precompLock = new object(); + // TODO[ed448] Convert to PointPrecomp + private static PointExt[] precompBaseTable = null; + private static uint[] precompBase = null; + + private class PointExt + { + internal uint[] x = F.Create(); + internal uint[] y = F.Create(); + internal uint[] z = F.Create(); + } + + private class PointPrecomp + { + internal uint[] x = F.Create(); + internal uint[] y = F.Create(); + } + + private static byte[] CalculateS(byte[] r, byte[] k, byte[] s) + { + uint[] t = new uint[ScalarUints * 2]; DecodeScalar(r, 0, t); + uint[] u = new uint[ScalarUints]; DecodeScalar(k, 0, u); + uint[] v = new uint[ScalarUints]; DecodeScalar(s, 0, v); + + Nat.MulAddTo(ScalarUints, u, v, t); + + byte[] result = new byte[ScalarBytes * 2]; + for (int i = 0; i < t.Length; ++i) + { + Encode32(t[i], result, i * 4); + } + return ReduceScalar(result); + } + + private static bool CheckContextVar(byte[] ctx) + { + return ctx != null && ctx.Length < 256; + } + + private static int CheckPoint(uint[] x, uint[] y) + { + uint[] t = F.Create(); + uint[] u = F.Create(); + uint[] v = F.Create(); + + F.Sqr(x, u); + F.Sqr(y, v); + F.Mul(u, v, t); + F.Add(u, v, u); + F.Mul(t, -C_d, t); + F.SubOne(t); + F.Add(t, u, t); + F.Normalize(t); + + return F.IsZero(t); + } + + private static int CheckPoint(uint[] x, uint[] y, uint[] z) + { + uint[] t = F.Create(); + uint[] u = F.Create(); + uint[] v = F.Create(); + uint[] w = F.Create(); + + F.Sqr(x, u); + F.Sqr(y, v); + F.Sqr(z, w); + F.Mul(u, v, t); + F.Add(u, v, u); + F.Mul(u, w, u); + F.Sqr(w, w); + F.Mul(t, -C_d, t); + F.Sub(t, w, t); + F.Add(t, u, t); + F.Normalize(t); + + return F.IsZero(t); + } + + private static bool CheckPointVar(byte[] p) + { + if ((p[PointBytes - 1] & 0x7F) != 0x00) + return false; + + uint[] t = new uint[CoordUints]; + Decode32(p, 0, t, 0, CoordUints); + return !Nat.Gte(CoordUints, t, P); + } + + private static bool CheckScalarVar(byte[] s, uint[] n) + { + if (s[ScalarBytes - 1] != 0x00) + return false; + + DecodeScalar(s, 0, n); + return !Nat.Gte(ScalarUints, n, L); + } + + private static byte[] Copy(byte[] buf, int off, int len) + { + byte[] result = new byte[len]; + Array.Copy(buf, off, result, 0, len); + return result; + } + + public static IXof CreatePrehash() + { + return CreateXof(); + } + + private static IXof CreateXof() + { + return new ShakeDigest(256); + } + + private static uint Decode16(byte[] bs, int off) + { + uint n = bs[off]; + n |= (uint)bs[++off] << 8; + return n; + } + + private static uint Decode24(byte[] bs, int off) + { + uint n = bs[off]; + n |= (uint)bs[++off] << 8; + n |= (uint)bs[++off] << 16; + return n; + } + + private static uint Decode32(byte[] bs, int off) + { + uint n = bs[off]; + n |= (uint)bs[++off] << 8; + n |= (uint)bs[++off] << 16; + n |= (uint)bs[++off] << 24; + return n; + } + + private static void Decode32(byte[] bs, int bsOff, uint[] n, int nOff, int nLen) + { + for (int i = 0; i < nLen; ++i) + { + n[nOff + i] = Decode32(bs, bsOff + i * 4); + } + } + + private static bool DecodePointVar(byte[] p, int pOff, bool negate, PointExt r) + { + byte[] py = Copy(p, pOff, PointBytes); + if (!CheckPointVar(py)) + return false; + + int x_0 = (py[PointBytes - 1] & 0x80) >> 7; + py[PointBytes - 1] &= 0x7F; + + F.Decode(py, 0, r.y); + + uint[] u = F.Create(); + uint[] v = F.Create(); + + F.Sqr(r.y, u); + F.Mul(u, (uint)-C_d, v); + F.Negate(u, u); + F.AddOne(u); + F.AddOne(v); + + if (!F.SqrtRatioVar(u, v, r.x)) + return false; + + F.Normalize(r.x); + if (x_0 == 1 && F.IsZeroVar(r.x)) + return false; + + if (negate ^ (x_0 != (r.x[0] & 1))) + { + F.Negate(r.x, r.x); + } + + PointExtendXY(r); + return true; + } + + private static void DecodeScalar(byte[] k, int kOff, uint[] n) + { + Debug.Assert(k[kOff + ScalarBytes - 1] == 0x00); + + Decode32(k, kOff, n, 0, ScalarUints); + } + + private static void Dom4(IXof d, byte phflag, byte[] ctx) + { + int n = Dom4Prefix.Length; + byte[] t = new byte[n + 2 + ctx.Length]; + Dom4Prefix.CopyTo(t, 0); + t[n] = phflag; + t[n + 1] = (byte)ctx.Length; + ctx.CopyTo(t, n + 2); + + d.BlockUpdate(t, 0, t.Length); + } + + private static void Encode24(uint n, byte[] bs, int off) + { + bs[off] = (byte)(n); + bs[++off] = (byte)(n >> 8); + bs[++off] = (byte)(n >> 16); + } + + private static void Encode32(uint n, byte[] bs, int off) + { + bs[off] = (byte)(n); + bs[++off] = (byte)(n >> 8); + bs[++off] = (byte)(n >> 16); + bs[++off] = (byte)(n >> 24); + } + + private static void Encode56(ulong n, byte[] bs, int off) + { + Encode32((uint)n, bs, off); + Encode24((uint)(n >> 32), bs, off + 4); + } + + private static int EncodePoint(PointExt p, byte[] r, int rOff) + { + uint[] x = F.Create(); + uint[] y = F.Create(); + + F.Inv(p.z, y); + F.Mul(p.x, y, x); + F.Mul(p.y, y, y); + F.Normalize(x); + F.Normalize(y); + + int result = CheckPoint(x, y); + + F.Encode(y, r, rOff); + r[rOff + PointBytes - 1] = (byte)((x[0] & 1) << 7); + + return result; + } + + public static void GeneratePrivateKey(SecureRandom random, byte[] k) + { + random.NextBytes(k); + } + + public static void GeneratePublicKey(byte[] sk, int skOff, byte[] pk, int pkOff) + { + IXof d = CreateXof(); + byte[] h = new byte[ScalarBytes * 2]; + + d.BlockUpdate(sk, skOff, SecretKeySize); + d.DoFinal(h, 0, h.Length); + + byte[] s = new byte[ScalarBytes]; + PruneScalar(h, 0, s); + + ScalarMultBaseEncoded(s, pk, pkOff); + } + + private static uint GetWindow4(uint[] x, int n) + { + int w = (int)((uint)n >> 3), b = (n & 7) << 2; + return (x[w] >> b) & 15U; + } + + private static sbyte[] GetWnafVar(uint[] n, int width) + { + Debug.Assert(n[ScalarUints - 1] <= L[ScalarUints - 1]); + Debug.Assert(2 <= width && width <= 8); + + uint[] t = new uint[ScalarUints * 2]; + { + uint c = 0; + int tPos = t.Length, i = ScalarUints; + while (--i >= 0) + { + uint next = n[i]; + t[--tPos] = (next >> 16) | (c << 16); + t[--tPos] = c = next; + } + } + + sbyte[] ws = new sbyte[447]; + + int lead = 32 - width; + + uint carry = 0U; + int j = 0; + for (int i = 0; i < t.Length; ++i, j -= 16) + { + uint word = t[i]; + while (j < 16) + { + uint word16 = word >> j; + uint bit = word16 & 1U; + + if (bit == carry) + { + ++j; + continue; + } + + uint digit = (word16 | 1U) << lead; + carry = digit >> 31; + + ws[(i << 4) + j] = (sbyte)((int)digit >> lead); + + j += width; + } + } + + Debug.Assert(carry == 0); + + return ws; + } + + private static void ImplSign(IXof d, byte[] h, byte[] s, byte[] pk, int pkOff, byte[] ctx, byte phflag, + byte[] m, int mOff, int mLen, byte[] sig, int sigOff) + { + Dom4(d, phflag, ctx); + d.BlockUpdate(h, ScalarBytes, ScalarBytes); + d.BlockUpdate(m, mOff, mLen); + d.DoFinal(h, 0, h.Length); + + byte[] r = ReduceScalar(h); + byte[] R = new byte[PointBytes]; + ScalarMultBaseEncoded(r, R, 0); + + Dom4(d, phflag, ctx); + d.BlockUpdate(R, 0, PointBytes); + d.BlockUpdate(pk, pkOff, PointBytes); + d.BlockUpdate(m, mOff, mLen); + d.DoFinal(h, 0, h.Length); + + byte[] k = ReduceScalar(h); + byte[] S = CalculateS(r, k, s); + + Array.Copy(R, 0, sig, sigOff, PointBytes); + Array.Copy(S, 0, sig, sigOff + PointBytes, ScalarBytes); + } + + private static void ImplSign(byte[] sk, int skOff, byte[] ctx, byte phflag, byte[] m, int mOff, int mLen, + byte[] sig, int sigOff) + { + if (!CheckContextVar(ctx)) + throw new ArgumentException("ctx"); + + IXof d = CreateXof(); + byte[] h = new byte[ScalarBytes * 2]; + + d.BlockUpdate(sk, skOff, SecretKeySize); + d.DoFinal(h, 0, h.Length); + + byte[] s = new byte[ScalarBytes]; + PruneScalar(h, 0, s); + + byte[] pk = new byte[PointBytes]; + ScalarMultBaseEncoded(s, pk, 0); + + ImplSign(d, h, s, pk, 0, ctx, phflag, m, mOff, mLen, sig, sigOff); + } + + private static void ImplSign(byte[] sk, int skOff, byte[] pk, int pkOff, byte[] ctx, byte phflag, + byte[] m, int mOff, int mLen, byte[] sig, int sigOff) + { + if (!CheckContextVar(ctx)) + throw new ArgumentException("ctx"); + + IXof d = CreateXof(); + byte[] h = new byte[ScalarBytes * 2]; + + d.BlockUpdate(sk, skOff, SecretKeySize); + d.DoFinal(h, 0, h.Length); + + byte[] s = new byte[ScalarBytes]; + PruneScalar(h, 0, s); + + ImplSign(d, h, s, pk, pkOff, ctx, phflag, m, mOff, mLen, sig, sigOff); + } + + private static bool ImplVerify(byte[] sig, int sigOff, byte[] pk, int pkOff, byte[] ctx, byte phflag, + byte[] m, int mOff, int mLen) + { + if (!CheckContextVar(ctx)) + throw new ArgumentException("ctx"); + + byte[] R = Copy(sig, sigOff, PointBytes); + byte[] S = Copy(sig, sigOff + PointBytes, ScalarBytes); + + if (!CheckPointVar(R)) + return false; + + uint[] nS = new uint[ScalarUints]; + if (!CheckScalarVar(S, nS)) + return false; + + PointExt pA = new PointExt(); + if (!DecodePointVar(pk, pkOff, true, pA)) + return false; + + IXof d = CreateXof(); + byte[] h = new byte[ScalarBytes * 2]; + + Dom4(d, phflag, ctx); + d.BlockUpdate(R, 0, PointBytes); + d.BlockUpdate(pk, pkOff, PointBytes); + d.BlockUpdate(m, mOff, mLen); + d.DoFinal(h, 0, h.Length); + + byte[] k = ReduceScalar(h); + + uint[] nA = new uint[ScalarUints]; + DecodeScalar(k, 0, nA); + + PointExt pR = new PointExt(); + ScalarMultStrausVar(nS, nA, pA, pR); + + byte[] check = new byte[PointBytes]; + return 0 != EncodePoint(pR, check, 0) && Arrays.AreEqual(check, R); + } + + private static bool IsNeutralElementVar(uint[] x, uint[] y) + { + return F.IsZeroVar(x) && F.IsOneVar(y); + } + + private static bool IsNeutralElementVar(uint[] x, uint[] y, uint[] z) + { + return F.IsZeroVar(x) && F.AreEqualVar(y, z); + } + + private static void PointAdd(PointExt p, PointExt r) + { + uint[] a = F.Create(); + uint[] b = F.Create(); + uint[] c = F.Create(); + uint[] d = F.Create(); + uint[] e = F.Create(); + uint[] f = F.Create(); + uint[] g = F.Create(); + uint[] h = F.Create(); + + F.Mul(p.z, r.z, a); + F.Sqr(a, b); + F.Mul(p.x, r.x, c); + F.Mul(p.y, r.y, d); + F.Mul(c, d, e); + F.Mul(e, -C_d, e); + //F.Apm(b, e, f, g); + F.Add(b, e, f); + F.Sub(b, e, g); + F.Add(p.x, p.y, b); + F.Add(r.x, r.y, e); + F.Mul(b, e, h); + //F.Apm(d, c, b, e); + F.Add(d, c, b); + F.Sub(d, c, e); + F.Carry(b); + F.Sub(h, b, h); + F.Mul(h, a, h); + F.Mul(e, a, e); + F.Mul(f, h, r.x); + F.Mul(e, g, r.y); + F.Mul(f, g, r.z); + } + + private static void PointAddVar(bool negate, PointExt p, PointExt r) + { + uint[] a = F.Create(); + uint[] b = F.Create(); + uint[] c = F.Create(); + uint[] d = F.Create(); + uint[] e = F.Create(); + uint[] f = F.Create(); + uint[] g = F.Create(); + uint[] h = F.Create(); + + uint[] nb, ne, nf, ng; + if (negate) + { + nb = e; ne = b; nf = g; ng = f; + F.Sub(p.y, p.x, h); + } + else + { + nb = b; ne = e; nf = f; ng = g; + F.Add(p.y, p.x, h); + } + + F.Mul(p.z, r.z, a); + F.Sqr(a, b); + F.Mul(p.x, r.x, c); + F.Mul(p.y, r.y, d); + F.Mul(c, d, e); + F.Mul(e, -C_d, e); + //F.Apm(b, e, nf, ng); + F.Add(b, e, nf); + F.Sub(b, e, ng); + F.Add(r.x, r.y, e); + F.Mul(h, e, h); + //F.Apm(d, c, nb, ne); + F.Add(d, c, nb); + F.Sub(d, c, ne); + F.Carry(nb); + F.Sub(h, b, h); + F.Mul(h, a, h); + F.Mul(e, a, e); + F.Mul(f, h, r.x); + F.Mul(e, g, r.y); + F.Mul(f, g, r.z); + } + + private static void PointAddPrecomp(PointPrecomp p, PointExt r) + { + uint[] b = F.Create(); + uint[] c = F.Create(); + uint[] d = F.Create(); + uint[] e = F.Create(); + uint[] f = F.Create(); + uint[] g = F.Create(); + uint[] h = F.Create(); + + F.Sqr(r.z, b); + F.Mul(p.x, r.x, c); + F.Mul(p.y, r.y, d); + F.Mul(c, d, e); + F.Mul(e, -C_d, e); + //F.Apm(b, e, f, g); + F.Add(b, e, f); + F.Sub(b, e, g); + F.Add(p.x, p.y, b); + F.Add(r.x, r.y, e); + F.Mul(b, e, h); + //F.Apm(d, c, b, e); + F.Add(d, c, b); + F.Sub(d, c, e); + F.Carry(b); + F.Sub(h, b, h); + F.Mul(h, r.z, h); + F.Mul(e, r.z, e); + F.Mul(f, h, r.x); + F.Mul(e, g, r.y); + F.Mul(f, g, r.z); + } + + private static PointExt PointCopy(PointExt p) + { + PointExt r = new PointExt(); + PointCopy(p, r); + return r; + } + + private static void PointCopy(PointExt p, PointExt r) + { + F.Copy(p.x, 0, r.x, 0); + F.Copy(p.y, 0, r.y, 0); + F.Copy(p.z, 0, r.z, 0); + } + + private static void PointDouble(PointExt r) + { + uint[] b = F.Create(); + uint[] c = F.Create(); + uint[] d = F.Create(); + uint[] e = F.Create(); + uint[] h = F.Create(); + uint[] j = F.Create(); + + F.Add(r.x, r.y, b); + F.Sqr(b, b); + F.Sqr(r.x, c); + F.Sqr(r.y, d); + F.Add(c, d, e); + F.Carry(e); + F.Sqr(r.z, h); + F.Add(h, h, h); + F.Carry(h); + F.Sub(e, h, j); + F.Sub(b, e, b); + F.Sub(c, d, c); + F.Mul(b, j, r.x); + F.Mul(e, c, r.y); + F.Mul(e, j, r.z); + } + + private static void PointExtendXY(PointExt p) + { + F.One(p.z); + } + + private static void PointLookup(int block, int index, PointPrecomp p) + { + Debug.Assert(0 <= block && block < PrecompBlocks); + Debug.Assert(0 <= index && index < PrecompPoints); + + int off = block * PrecompPoints * 2 * F.Size; + + for (int i = 0; i < PrecompPoints; ++i) + { + int cond = ((i ^ index) - 1) >> 31; + F.CMov(cond, precompBase, off, p.x, 0); off += F.Size; + F.CMov(cond, precompBase, off, p.y, 0); off += F.Size; + } + } + + private static void PointLookup(uint[] x, int n, uint[] table, PointExt r) + { + // TODO This method is currently hardcoded to 4-bit windows and 8 precomputed points + + uint w = GetWindow4(x, n); + + int sign = (int)(w >> (4 - 1)) ^ 1; + int abs = ((int)w ^ -sign) & 7; + + Debug.Assert(sign == 0 || sign == 1); + Debug.Assert(0 <= abs && abs < 8); + + for (int i = 0, off = 0; i < 8; ++i) + { + int cond = ((i ^ abs) - 1) >> 31; + F.CMov(cond, table, off, r.x, 0); off += F.Size; + F.CMov(cond, table, off, r.y, 0); off += F.Size; + F.CMov(cond, table, off, r.z, 0); off += F.Size; + } + + F.CNegate(sign, r.x); + } + + private static void PointLookup15(uint[] table, PointExt r) + { + int off = F.Size * 3 * 7; + + F.Copy(table, off, r.x, 0); off += F.Size; + F.Copy(table, off, r.y, 0); off += F.Size; + F.Copy(table, off, r.z, 0); + } + + private static uint[] PointPrecompute(PointExt p, int count) + { + Debug.Assert(count > 0); + + PointExt q = PointCopy(p); + PointExt d = PointCopy(q); + PointDouble(d); + + uint[] table = F.CreateTable(count * 3); + int off = 0; + + int i = 0; + for (;;) + { + F.Copy(q.x, 0, table, off); off += F.Size; + F.Copy(q.y, 0, table, off); off += F.Size; + F.Copy(q.z, 0, table, off); off += F.Size; + + if (++i == count) + break; + + PointAdd(d, q); + } + + return table; + } + + private static PointExt[] PointPrecomputeVar(PointExt p, int count) + { + Debug.Assert(count > 0); + + PointExt d = PointCopy(p); + PointDouble(d); + + PointExt[] table = new PointExt[count]; + table[0] = PointCopy(p); + for (int i = 1; i < count; ++i) + { + table[i] = PointCopy(table[i - 1]); + PointAddVar(false, d, table[i]); + } + return table; + } + + private static void PointSetNeutral(PointExt p) + { + F.Zero(p.x); + F.One(p.y); + F.One(p.z); + } + + public static void Precompute() + { + lock (precompLock) + { + if (precompBase != null) + return; + + Debug.Assert(PrecompRange > 448); + Debug.Assert(PrecompRange < 480); + + PointExt p = new PointExt(); + F.Copy(B_x, 0, p.x, 0); + F.Copy(B_y, 0, p.y, 0); + PointExtendXY(p); + + precompBaseTable = PointPrecomputeVar(p, 1 << (WnafWidthBase - 2)); + + precompBase = F.CreateTable(PrecompBlocks * PrecompPoints * 2); + + int off = 0; + for (int b = 0; b < PrecompBlocks; ++b) + { + PointExt[] ds = new PointExt[PrecompTeeth]; + + PointExt sum = new PointExt(); + PointSetNeutral(sum); + + for (int t = 0; t < PrecompTeeth; ++t) + { + PointAddVar(true, p, sum); + PointDouble(p); + + ds[t] = PointCopy(p); + + if (b + t != PrecompBlocks + PrecompTeeth - 2) + { + for (int s = 1; s < PrecompSpacing; ++s) + { + PointDouble(p); + } + } + } + + PointExt[] points = new PointExt[PrecompPoints]; + int k = 0; + points[k++] = sum; + + for (int t = 0; t < (PrecompTeeth - 1); ++t) + { + int size = 1 << t; + for (int j = 0; j < size; ++j, ++k) + { + points[k] = PointCopy(points[k - size]); + PointAddVar(false, ds[t], points[k]); + } + } + + Debug.Assert(k == PrecompPoints); + + uint[] cs = F.CreateTable(PrecompPoints); + + // TODO[ed448] A single batch inversion across all blocks? + { + uint[] u = F.Create(); + F.Copy(points[0].z, 0, u, 0); + F.Copy(u, 0, cs, 0); + + int i = 0; + while (++i < PrecompPoints) + { + F.Mul(u, points[i].z, u); + F.Copy(u, 0, cs, i * F.Size); + } + + F.InvVar(u, u); + --i; + + uint[] t = F.Create(); + + while (i > 0) + { + int j = i--; + F.Copy(cs, i * F.Size, t, 0); + F.Mul(t, u, t); + F.Copy(t, 0, cs, j * F.Size); + F.Mul(u, points[j].z, u); + } + + F.Copy(u, 0, cs, 0); + } + + for (int i = 0; i < PrecompPoints; ++i) + { + PointExt q = points[i]; + + //F.InvVar(q.z, q.z); + F.Copy(cs, i * F.Size, q.z, 0); + + F.Mul(q.x, q.z, q.x); + F.Mul(q.y, q.z, q.y); + + //F.Normalize(q.x); + //F.Normalize(q.y); + + F.Copy(q.x, 0, precompBase, off); off += F.Size; + F.Copy(q.y, 0, precompBase, off); off += F.Size; + } + } + + Debug.Assert(off == precompBase.Length); + } + } + + private static void PruneScalar(byte[] n, int nOff, byte[] r) + { + Array.Copy(n, nOff, r, 0, ScalarBytes - 1); + + r[0] &= 0xFC; + r[ScalarBytes - 2] |= 0x80; + r[ScalarBytes - 1] = 0x00; + } + + private static byte[] ReduceScalar(byte[] n) + { + ulong x00 = Decode32(n, 0); // x00:32/-- + ulong x01 = (Decode24(n, 4) << 4); // x01:28/-- + ulong x02 = Decode32(n, 7); // x02:32/-- + ulong x03 = (Decode24(n, 11) << 4); // x03:28/-- + ulong x04 = Decode32(n, 14); // x04:32/-- + ulong x05 = (Decode24(n, 18) << 4); // x05:28/-- + ulong x06 = Decode32(n, 21); // x06:32/-- + ulong x07 = (Decode24(n, 25) << 4); // x07:28/-- + ulong x08 = Decode32(n, 28); // x08:32/-- + ulong x09 = (Decode24(n, 32) << 4); // x09:28/-- + ulong x10 = Decode32(n, 35); // x10:32/-- + ulong x11 = (Decode24(n, 39) << 4); // x11:28/-- + ulong x12 = Decode32(n, 42); // x12:32/-- + ulong x13 = (Decode24(n, 46) << 4); // x13:28/-- + ulong x14 = Decode32(n, 49); // x14:32/-- + ulong x15 = (Decode24(n, 53) << 4); // x15:28/-- + ulong x16 = Decode32(n, 56); // x16:32/-- + ulong x17 = (Decode24(n, 60) << 4); // x17:28/-- + ulong x18 = Decode32(n, 63); // x18:32/-- + ulong x19 = (Decode24(n, 67) << 4); // x19:28/-- + ulong x20 = Decode32(n, 70); // x20:32/-- + ulong x21 = (Decode24(n, 74) << 4); // x21:28/-- + ulong x22 = Decode32(n, 77); // x22:32/-- + ulong x23 = (Decode24(n, 81) << 4); // x23:28/-- + ulong x24 = Decode32(n, 84); // x24:32/-- + ulong x25 = (Decode24(n, 88) << 4); // x25:28/-- + ulong x26 = Decode32(n, 91); // x26:32/-- + ulong x27 = (Decode24(n, 95) << 4); // x27:28/-- + ulong x28 = Decode32(n, 98); // x28:32/-- + ulong x29 = (Decode24(n, 102) << 4); // x29:28/-- + ulong x30 = Decode32(n, 105); // x30:32/-- + ulong x31 = (Decode24(n, 109) << 4); // x31:28/-- + ulong x32 = Decode16(n, 112); // x32:16/-- + + // x32 += (x31 >> 28); x31 &= M28UL; + x16 += x32 * L4_0; // x16:42/-- + x17 += x32 * L4_1; // x17:41/28 + x18 += x32 * L4_2; // x18:43/42 + x19 += x32 * L4_3; // x19:44/28 + x20 += x32 * L4_4; // x20:43/-- + x21 += x32 * L4_5; // x21:44/28 + x22 += x32 * L4_6; // x22:43/41 + x23 += x32 * L4_7; // x23:45/41 + + x31 += (x30 >> 28); x30 &= M28UL; // x31:28/--, x30:28/-- + x15 += x31 * L4_0; // x15:54/-- + x16 += x31 * L4_1; // x16:53/42 + x17 += x31 * L4_2; // x17:55/54 + x18 += x31 * L4_3; // x18:56/44 + x19 += x31 * L4_4; // x19:55/-- + x20 += x31 * L4_5; // x20:56/43 + x21 += x31 * L4_6; // x21:55/53 + x22 += x31 * L4_7; // x22:57/53 + + //x30 += (x29 >> 28); x29 &= M28UL; + x14 += x30 * L4_0; // x14:54/-- + x15 += x30 * L4_1; // x15:54/53 + x16 += x30 * L4_2; // x16:56/-- + x17 += x30 * L4_3; // x17:57/-- + x18 += x30 * L4_4; // x18:56/55 + x19 += x30 * L4_5; // x19:56/55 + x20 += x30 * L4_6; // x20:57/-- + x21 += x30 * L4_7; // x21:57/56 + + x29 += (x28 >> 28); x28 &= M28UL; // x29:28/--, x28:28/-- + x13 += x29 * L4_0; // x13:54/-- + x14 += x29 * L4_1; // x14:54/53 + x15 += x29 * L4_2; // x15:56/-- + x16 += x29 * L4_3; // x16:57/-- + x17 += x29 * L4_4; // x17:57/55 + x18 += x29 * L4_5; // x18:57/55 + x19 += x29 * L4_6; // x19:57/52 + x20 += x29 * L4_7; // x20:58/52 + + //x28 += (x27 >> 28); x27 &= M28UL; + x12 += x28 * L4_0; // x12:54/-- + x13 += x28 * L4_1; // x13:54/53 + x14 += x28 * L4_2; // x14:56/-- + x15 += x28 * L4_3; // x15:57/-- + x16 += x28 * L4_4; // x16:57/55 + x17 += x28 * L4_5; // x17:58/-- + x18 += x28 * L4_6; // x18:58/-- + x19 += x28 * L4_7; // x19:58/53 + + x27 += (x26 >> 28); x26 &= M28UL; // x27:28/--, x26:28/-- + x11 += x27 * L4_0; // x11:54/-- + x12 += x27 * L4_1; // x12:54/53 + x13 += x27 * L4_2; // x13:56/-- + x14 += x27 * L4_3; // x14:57/-- + x15 += x27 * L4_4; // x15:57/55 + x16 += x27 * L4_5; // x16:58/-- + x17 += x27 * L4_6; // x17:58/56 + x18 += x27 * L4_7; // x18:59/-- + + //x26 += (x25 >> 28); x25 &= M28UL; + x10 += x26 * L4_0; // x10:54/-- + x11 += x26 * L4_1; // x11:54/53 + x12 += x26 * L4_2; // x12:56/-- + x13 += x26 * L4_3; // x13:57/-- + x14 += x26 * L4_4; // x14:57/55 + x15 += x26 * L4_5; // x15:58/-- + x16 += x26 * L4_6; // x16:58/56 + x17 += x26 * L4_7; // x17:59/-- + + x25 += (x24 >> 28); x24 &= M28UL; // x25:28/--, x24:28/-- + x09 += x25 * L4_0; // x09:54/-- + x10 += x25 * L4_1; // x10:54/53 + x11 += x25 * L4_2; // x11:56/-- + x12 += x25 * L4_3; // x12:57/-- + x13 += x25 * L4_4; // x13:57/55 + x14 += x25 * L4_5; // x14:58/-- + x15 += x25 * L4_6; // x15:58/56 + x16 += x25 * L4_7; // x16:59/-- + + x21 += (x20 >> 28); x20 &= M28UL; // x21:58/--, x20:28/-- + x22 += (x21 >> 28); x21 &= M28UL; // x22:57/54, x21:28/-- + x23 += (x22 >> 28); x22 &= M28UL; // x23:45/42, x22:28/-- + x24 += (x23 >> 28); x23 &= M28UL; // x24:28/18, x23:28/-- + + x08 += x24 * L4_0; // x08:54/-- + x09 += x24 * L4_1; // x09:55/-- + x10 += x24 * L4_2; // x10:56/46 + x11 += x24 * L4_3; // x11:57/46 + x12 += x24 * L4_4; // x12:57/55 + x13 += x24 * L4_5; // x13:58/-- + x14 += x24 * L4_6; // x14:58/56 + x15 += x24 * L4_7; // x15:59/-- + + x07 += x23 * L4_0; // x07:54/-- + x08 += x23 * L4_1; // x08:54/53 + x09 += x23 * L4_2; // x09:56/53 + x10 += x23 * L4_3; // x10:57/46 + x11 += x23 * L4_4; // x11:57/55 + x12 += x23 * L4_5; // x12:58/-- + x13 += x23 * L4_6; // x13:58/56 + x14 += x23 * L4_7; // x14:59/-- + + x06 += x22 * L4_0; // x06:54/-- + x07 += x22 * L4_1; // x07:54/53 + x08 += x22 * L4_2; // x08:56/-- + x09 += x22 * L4_3; // x09:57/53 + x10 += x22 * L4_4; // x10:57/55 + x11 += x22 * L4_5; // x11:58/-- + x12 += x22 * L4_6; // x12:58/56 + x13 += x22 * L4_7; // x13:59/-- + + x18 += (x17 >> 28); x17 &= M28UL; // x18:59/31, x17:28/-- + x19 += (x18 >> 28); x18 &= M28UL; // x19:58/54, x18:28/-- + x20 += (x19 >> 28); x19 &= M28UL; // x20:30/29, x19:28/-- + x21 += (x20 >> 28); x20 &= M28UL; // x21:28/03, x20:28/-- + + x05 += x21 * L4_0; // x05:54/-- + x06 += x21 * L4_1; // x06:55/-- + x07 += x21 * L4_2; // x07:56/31 + x08 += x21 * L4_3; // x08:57/31 + x09 += x21 * L4_4; // x09:57/56 + x10 += x21 * L4_5; // x10:58/-- + x11 += x21 * L4_6; // x11:58/56 + x12 += x21 * L4_7; // x12:59/-- + + x04 += x20 * L4_0; // x04:54/-- + x05 += x20 * L4_1; // x05:54/53 + x06 += x20 * L4_2; // x06:56/53 + x07 += x20 * L4_3; // x07:57/31 + x08 += x20 * L4_4; // x08:57/55 + x09 += x20 * L4_5; // x09:58/-- + x10 += x20 * L4_6; // x10:58/56 + x11 += x20 * L4_7; // x11:59/-- + + x03 += x19 * L4_0; // x03:54/-- + x04 += x19 * L4_1; // x04:54/53 + x05 += x19 * L4_2; // x05:56/-- + x06 += x19 * L4_3; // x06:57/53 + x07 += x19 * L4_4; // x07:57/55 + x08 += x19 * L4_5; // x08:58/-- + x09 += x19 * L4_6; // x09:58/56 + x10 += x19 * L4_7; // x10:59/-- + + x15 += (x14 >> 28); x14 &= M28UL; // x15:59/31, x14:28/-- + x16 += (x15 >> 28); x15 &= M28UL; // x16:59/32, x15:28/-- + x17 += (x16 >> 28); x16 &= M28UL; // x17:31/29, x16:28/-- + x18 += (x17 >> 28); x17 &= M28UL; // x18:28/04, x17:28/-- + + x02 += x18 * L4_0; // x02:54/-- + x03 += x18 * L4_1; // x03:55/-- + x04 += x18 * L4_2; // x04:56/32 + x05 += x18 * L4_3; // x05:57/32 + x06 += x18 * L4_4; // x06:57/56 + x07 += x18 * L4_5; // x07:58/-- + x08 += x18 * L4_6; // x08:58/56 + x09 += x18 * L4_7; // x09:59/-- + + x01 += x17 * L4_0; // x01:54/-- + x02 += x17 * L4_1; // x02:54/53 + x03 += x17 * L4_2; // x03:56/53 + x04 += x17 * L4_3; // x04:57/32 + x05 += x17 * L4_4; // x05:57/55 + x06 += x17 * L4_5; // x06:58/-- + x07 += x17 * L4_6; // x07:58/56 + x08 += x17 * L4_7; // x08:59/-- + + x16 *= 4; + x16 += (x15 >> 26); x15 &= M26UL; + x16 += 1; // x16:30/01 + + x00 += x16 * L_0; + x01 += x16 * L_1; + x02 += x16 * L_2; + x03 += x16 * L_3; + x04 += x16 * L_4; + x05 += x16 * L_5; + x06 += x16 * L_6; + x07 += x16 * L_7; + + x01 += (x00 >> 28); x00 &= M28UL; + x02 += (x01 >> 28); x01 &= M28UL; + x03 += (x02 >> 28); x02 &= M28UL; + x04 += (x03 >> 28); x03 &= M28UL; + x05 += (x04 >> 28); x04 &= M28UL; + x06 += (x05 >> 28); x05 &= M28UL; + x07 += (x06 >> 28); x06 &= M28UL; + x08 += (x07 >> 28); x07 &= M28UL; + x09 += (x08 >> 28); x08 &= M28UL; + x10 += (x09 >> 28); x09 &= M28UL; + x11 += (x10 >> 28); x10 &= M28UL; + x12 += (x11 >> 28); x11 &= M28UL; + x13 += (x12 >> 28); x12 &= M28UL; + x14 += (x13 >> 28); x13 &= M28UL; + x15 += (x14 >> 28); x14 &= M28UL; + x16 = (x15 >> 26); x15 &= M26UL; + + x16 -= 1; + + Debug.Assert(x16 == 0UL || x16 == ulong.MaxValue); + + x00 -= x16 & L_0; + x01 -= x16 & L_1; + x02 -= x16 & L_2; + x03 -= x16 & L_3; + x04 -= x16 & L_4; + x05 -= x16 & L_5; + x06 -= x16 & L_6; + x07 -= x16 & L_7; + + x01 += (ulong)((long)x00 >> 28); x00 &= M28UL; + x02 += (ulong)((long)x01 >> 28); x01 &= M28UL; + x03 += (ulong)((long)x02 >> 28); x02 &= M28UL; + x04 += (ulong)((long)x03 >> 28); x03 &= M28UL; + x05 += (ulong)((long)x04 >> 28); x04 &= M28UL; + x06 += (ulong)((long)x05 >> 28); x05 &= M28UL; + x07 += (ulong)((long)x06 >> 28); x06 &= M28UL; + x08 += (ulong)((long)x07 >> 28); x07 &= M28UL; + x09 += (ulong)((long)x08 >> 28); x08 &= M28UL; + x10 += (ulong)((long)x09 >> 28); x09 &= M28UL; + x11 += (ulong)((long)x10 >> 28); x10 &= M28UL; + x12 += (ulong)((long)x11 >> 28); x11 &= M28UL; + x13 += (ulong)((long)x12 >> 28); x12 &= M28UL; + x14 += (ulong)((long)x13 >> 28); x13 &= M28UL; + x15 += (ulong)((long)x14 >> 28); x14 &= M28UL; + + Debug.Assert(x15 >> 26 == 0UL); + + byte[] r = new byte[ScalarBytes]; + Encode56(x00 | (x01 << 28), r, 0); + Encode56(x02 | (x03 << 28), r, 7); + Encode56(x04 | (x05 << 28), r, 14); + Encode56(x06 | (x07 << 28), r, 21); + Encode56(x08 | (x09 << 28), r, 28); + Encode56(x10 | (x11 << 28), r, 35); + Encode56(x12 | (x13 << 28), r, 42); + Encode56(x14 | (x15 << 28), r, 49); + //r[ScalarBytes - 1] = 0; + return r; + } + + private static void ScalarMult(byte[] k, PointExt p, PointExt r) + { + uint[] n = new uint[ScalarUints]; + DecodeScalar(k, 0, n); + + // Recode the scalar into signed-digit form + { + uint c1 = Nat.CAdd(ScalarUints, ~(int)n[0] & 1, n, L, n); + uint c2 = Nat.ShiftDownBit(ScalarUints, n, c1); Debug.Assert(c2 == (1U << 31)); + + // NOTE: Bit 448 is implicitly set after the signed-digit recoding + } + + uint[] table = PointPrecompute(p, 8); + PointExt q = new PointExt(); + + // Replace first 4 doublings (2^4 * P) with 1 addition (P + 15 * P) + PointLookup15(table, r); + PointAdd(p, r); + + int w = 111; + for (;;) + { + PointLookup(n, w, table, q); + PointAdd(q, r); + + if (--w < 0) + break; + + for (int i = 0; i < 4; ++i) + { + PointDouble(r); + } + } + } + + private static void ScalarMultBase(byte[] k, PointExt r) + { + // Equivalent (but much slower) + //PointExt p = new PointExt(); + //F.Copy(B_x, 0, p.x, 0); + //F.Copy(B_y, 0, p.y, 0); + //PointExtendXY(p); + //ScalarMult(k, p, r); + + Precompute(); + + uint[] n = new uint[ScalarUints + 1]; + DecodeScalar(k, 0, n); + + // Recode the scalar into signed-digit form + { + n[ScalarUints] = (1U << (PrecompRange - 448)) + + Nat.CAdd(ScalarUints, ~(int)n[0] & 1, n, L, n); + uint c = Nat.ShiftDownBit(n.Length, n, 0); + Debug.Assert(c == (1U << 31)); + } + + PointPrecomp p = new PointPrecomp(); + + PointSetNeutral(r); + + int cOff = PrecompSpacing - 1; + for (;;) + { + int tPos = cOff; + + for (int b = 0; b < PrecompBlocks; ++b) + { + uint w = 0; + for (int t = 0; t < PrecompTeeth; ++t) + { + uint tBit = n[tPos >> 5] >> (tPos & 0x1F); + w &= ~(1U << t); + w ^= (tBit << t); + tPos += PrecompSpacing; + } + + int sign = (int)(w >> (PrecompTeeth - 1)) & 1; + int abs = ((int)w ^ -sign) & PrecompMask; + + Debug.Assert(sign == 0 || sign == 1); + Debug.Assert(0 <= abs && abs < PrecompPoints); + + PointLookup(b, abs, p); + + F.CNegate(sign, p.x); + + PointAddPrecomp(p, r); + } + + if (--cOff < 0) + break; + + PointDouble(r); + } + } + + private static void ScalarMultBaseEncoded(byte[] k, byte[] r, int rOff) + { + PointExt p = new PointExt(); + ScalarMultBase(k, p); + if (0 == EncodePoint(p, r, rOff)) + throw new InvalidOperationException(); + } + + internal static void ScalarMultBaseXY(byte[] k, int kOff, uint[] x, uint[] y) + { + byte[] n = new byte[ScalarBytes]; + PruneScalar(k, kOff, n); + + PointExt p = new PointExt(); + ScalarMultBase(n, p); + + if (0 == CheckPoint(p.x, p.y, p.z)) + throw new InvalidOperationException(); + + F.Copy(p.x, 0, x, 0); + F.Copy(p.y, 0, y, 0); + } + + private static void ScalarMultOrderVar(PointExt p, PointExt r) + { + int width = 5; + + sbyte[] ws_p = GetWnafVar(L, width); + + PointExt[] tp = PointPrecomputeVar(p, 1 << (width - 2)); + + PointSetNeutral(r); + + for (int bit = 446; ;) + { + int wp = ws_p[bit]; + if (wp != 0) + { + int sign = wp >> 31; + int index = (wp ^ sign) >> 1; + + PointAddVar((sign != 0), tp[index], r); + } + + if (--bit < 0) + break; + + PointDouble(r); + } + } + + private static void ScalarMultStrausVar(uint[] nb, uint[] np, PointExt p, PointExt r) + { + Precompute(); + + int width = 5; + + sbyte[] ws_b = GetWnafVar(nb, WnafWidthBase); + sbyte[] ws_p = GetWnafVar(np, width); + + PointExt[] tp = PointPrecomputeVar(p, 1 << (width - 2)); + + PointSetNeutral(r); + + for (int bit = 446;;) + { + int wb = ws_b[bit]; + if (wb != 0) + { + int sign = wb >> 31; + int index = (wb ^ sign) >> 1; + + PointAddVar((sign != 0), precompBaseTable[index], r); + } + + int wp = ws_p[bit]; + if (wp != 0) + { + int sign = wp >> 31; + int index = (wp ^ sign) >> 1; + + PointAddVar((sign != 0), tp[index], r); + } + + if (--bit < 0) + break; + + PointDouble(r); + } + } + + public static void Sign(byte[] sk, int skOff, byte[] ctx, byte[] m, int mOff, int mLen, byte[] sig, int sigOff) + { + byte phflag = 0x00; + + ImplSign(sk, skOff, ctx, phflag, m, mOff, mLen, sig, sigOff); + } + + public static void Sign(byte[] sk, int skOff, byte[] pk, int pkOff, byte[] ctx, byte[] m, int mOff, int mLen, byte[] sig, int sigOff) + { + byte phflag = 0x00; + + ImplSign(sk, skOff, pk, pkOff, ctx, phflag, m, mOff, mLen, sig, sigOff); + } + + public static void SignPrehash(byte[] sk, int skOff, byte[] ctx, byte[] ph, int phOff, byte[] sig, int sigOff) + { + byte phflag = 0x01; + + ImplSign(sk, skOff, ctx, phflag, ph, phOff, PrehashSize, sig, sigOff); + } + + public static void SignPrehash(byte[] sk, int skOff, byte[] pk, int pkOff, byte[] ctx, byte[] ph, int phOff, byte[] sig, int sigOff) + { + byte phflag = 0x01; + + ImplSign(sk, skOff, pk, pkOff, ctx, phflag, ph, phOff, PrehashSize, sig, sigOff); + } + + public static void SignPrehash(byte[] sk, int skOff, byte[] ctx, IXof ph, byte[] sig, int sigOff) + { + byte[] m = new byte[PrehashSize]; + if (PrehashSize != ph.DoFinal(m, 0, PrehashSize)) + throw new ArgumentException("ph"); + + byte phflag = 0x01; + + ImplSign(sk, skOff, ctx, phflag, m, 0, m.Length, sig, sigOff); + } + + public static void SignPrehash(byte[] sk, int skOff, byte[] pk, int pkOff, byte[] ctx, IXof ph, byte[] sig, int sigOff) + { + byte[] m = new byte[PrehashSize]; + if (PrehashSize != ph.DoFinal(m, 0, PrehashSize)) + throw new ArgumentException("ph"); + + byte phflag = 0x01; + + ImplSign(sk, skOff, pk, pkOff, ctx, phflag, m, 0, m.Length, sig, sigOff); + } + + public static bool ValidatePublicKeyFull(byte[] pk, int pkOff) + { + PointExt p = new PointExt(); + if (!DecodePointVar(pk, pkOff, false, p)) + return false; + + F.Normalize(p.x); + F.Normalize(p.y); + F.Normalize(p.z); + + if (IsNeutralElementVar(p.x, p.y, p.z)) + return false; + + PointExt r = new PointExt(); + ScalarMultOrderVar(p, r); + + F.Normalize(r.x); + F.Normalize(r.y); + F.Normalize(r.z); + + return IsNeutralElementVar(r.x, r.y, r.z); + } + + public static bool ValidatePublicKeyPartial(byte[] pk, int pkOff) + { + PointExt p = new PointExt(); + return DecodePointVar(pk, pkOff, false, p); + } + + public static bool Verify(byte[] sig, int sigOff, byte[] pk, int pkOff, byte[] ctx, byte[] m, int mOff, int mLen) + { + byte phflag = 0x00; + + return ImplVerify(sig, sigOff, pk, pkOff, ctx, phflag, m, mOff, mLen); + } + + public static bool VerifyPrehash(byte[] sig, int sigOff, byte[] pk, int pkOff, byte[] ctx, byte[] ph, int phOff) + { + byte phflag = 0x01; + + return ImplVerify(sig, sigOff, pk, pkOff, ctx, phflag, ph, phOff, PrehashSize); + } + + public static bool VerifyPrehash(byte[] sig, int sigOff, byte[] pk, int pkOff, byte[] ctx, IXof ph) + { + byte[] m = new byte[PrehashSize]; + if (PrehashSize != ph.DoFinal(m, 0, PrehashSize)) + throw new ArgumentException("ph"); + + byte phflag = 0x01; + + return ImplVerify(sig, sigOff, pk, pkOff, ctx, phflag, m, 0, m.Length); + } + } +} diff --git a/BouncyCastle/crypto/src/math/field/FiniteFields.cs b/BouncyCastle/crypto/src/math/field/FiniteFields.cs new file mode 100644 index 0000000..4aeb100 --- /dev/null +++ b/BouncyCastle/crypto/src/math/field/FiniteFields.cs @@ -0,0 +1,54 @@ +using System; + +namespace Org.BouncyCastle.Math.Field +{ + public abstract class FiniteFields + { + internal static readonly IFiniteField GF_2 = new PrimeField(BigInteger.ValueOf(2)); + internal static readonly IFiniteField GF_3 = new PrimeField(BigInteger.ValueOf(3)); + + public static IPolynomialExtensionField GetBinaryExtensionField(int[] exponents) + { + if (exponents[0] != 0) + { + throw new ArgumentException("Irreducible polynomials in GF(2) must have constant term", "exponents"); + } + for (int i = 1; i < exponents.Length; ++i) + { + if (exponents[i] <= exponents[i - 1]) + { + throw new ArgumentException("Polynomial exponents must be monotonically increasing", "exponents"); + } + } + + return new GenericPolynomialExtensionField(GF_2, new GF2Polynomial(exponents)); + } + + // public static IPolynomialExtensionField GetTernaryExtensionField(Term[] terms) + // { + // return new GenericPolynomialExtensionField(GF_3, new GF3Polynomial(terms)); + // } + + public static IFiniteField GetPrimeField(BigInteger characteristic) + { + int bitLength = characteristic.BitLength; + if (characteristic.SignValue <= 0 || bitLength < 2) + { + throw new ArgumentException("Must be >= 2", "characteristic"); + } + + if (bitLength < 3) + { + switch (characteristic.IntValue) + { + case 2: + return GF_2; + case 3: + return GF_3; + } + } + + return new PrimeField(characteristic); + } + } +} diff --git a/BouncyCastle/crypto/src/math/field/GF2Polynomial.cs b/BouncyCastle/crypto/src/math/field/GF2Polynomial.cs new file mode 100644 index 0000000..c062d50 --- /dev/null +++ b/BouncyCastle/crypto/src/math/field/GF2Polynomial.cs @@ -0,0 +1,46 @@ +using System; + +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Math.Field +{ + internal class GF2Polynomial + : IPolynomial + { + protected readonly int[] exponents; + + internal GF2Polynomial(int[] exponents) + { + this.exponents = Arrays.Clone(exponents); + } + + public virtual int Degree + { + get { return exponents[exponents.Length - 1]; } + } + + public virtual int[] GetExponentsPresent() + { + return Arrays.Clone(exponents); + } + + public override bool Equals(object obj) + { + if (this == obj) + { + return true; + } + GF2Polynomial other = obj as GF2Polynomial; + if (null == other) + { + return false; + } + return Arrays.AreEqual(exponents, other.exponents); + } + + public override int GetHashCode() + { + return Arrays.GetHashCode(exponents); + } + } +} diff --git a/BouncyCastle/crypto/src/math/field/GenericPolynomialExtensionField.cs b/BouncyCastle/crypto/src/math/field/GenericPolynomialExtensionField.cs new file mode 100644 index 0000000..13ef571 --- /dev/null +++ b/BouncyCastle/crypto/src/math/field/GenericPolynomialExtensionField.cs @@ -0,0 +1,63 @@ +using System; + +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Math.Field +{ + internal class GenericPolynomialExtensionField + : IPolynomialExtensionField + { + protected readonly IFiniteField subfield; + protected readonly IPolynomial minimalPolynomial; + + internal GenericPolynomialExtensionField(IFiniteField subfield, IPolynomial polynomial) + { + this.subfield = subfield; + this.minimalPolynomial = polynomial; + } + + public virtual BigInteger Characteristic + { + get { return subfield.Characteristic; } + } + + public virtual int Dimension + { + get { return subfield.Dimension * minimalPolynomial.Degree; } + } + + public virtual IFiniteField Subfield + { + get { return subfield; } + } + + public virtual int Degree + { + get { return minimalPolynomial.Degree; } + } + + public virtual IPolynomial MinimalPolynomial + { + get { return minimalPolynomial; } + } + + public override bool Equals(object obj) + { + if (this == obj) + { + return true; + } + GenericPolynomialExtensionField other = obj as GenericPolynomialExtensionField; + if (null == other) + { + return false; + } + return subfield.Equals(other.subfield) && minimalPolynomial.Equals(other.minimalPolynomial); + } + + public override int GetHashCode() + { + return subfield.GetHashCode() ^ Integers.RotateLeft(minimalPolynomial.GetHashCode(), 16); + } + } +} diff --git a/BouncyCastle/crypto/src/math/field/IExtensionField.cs b/BouncyCastle/crypto/src/math/field/IExtensionField.cs new file mode 100644 index 0000000..17f45c1 --- /dev/null +++ b/BouncyCastle/crypto/src/math/field/IExtensionField.cs @@ -0,0 +1,12 @@ +using System; + +namespace Org.BouncyCastle.Math.Field +{ + public interface IExtensionField + : IFiniteField + { + IFiniteField Subfield { get; } + + int Degree { get; } + } +} diff --git a/BouncyCastle/crypto/src/math/field/IFiniteField.cs b/BouncyCastle/crypto/src/math/field/IFiniteField.cs new file mode 100644 index 0000000..b618be7 --- /dev/null +++ b/BouncyCastle/crypto/src/math/field/IFiniteField.cs @@ -0,0 +1,11 @@ +using System; + +namespace Org.BouncyCastle.Math.Field +{ + public interface IFiniteField + { + BigInteger Characteristic { get; } + + int Dimension { get; } + } +} diff --git a/BouncyCastle/crypto/src/math/field/IPolynomial.cs b/BouncyCastle/crypto/src/math/field/IPolynomial.cs new file mode 100644 index 0000000..ad6dfb6 --- /dev/null +++ b/BouncyCastle/crypto/src/math/field/IPolynomial.cs @@ -0,0 +1,15 @@ +using System; + +namespace Org.BouncyCastle.Math.Field +{ + public interface IPolynomial + { + int Degree { get; } + + //BigInteger[] GetCoefficients(); + + int[] GetExponentsPresent(); + + //Term[] GetNonZeroTerms(); + } +} diff --git a/BouncyCastle/crypto/src/math/field/IPolynomialExtensionField.cs b/BouncyCastle/crypto/src/math/field/IPolynomialExtensionField.cs new file mode 100644 index 0000000..3818c18 --- /dev/null +++ b/BouncyCastle/crypto/src/math/field/IPolynomialExtensionField.cs @@ -0,0 +1,10 @@ +using System; + +namespace Org.BouncyCastle.Math.Field +{ + public interface IPolynomialExtensionField + : IExtensionField + { + IPolynomial MinimalPolynomial { get; } + } +} diff --git a/BouncyCastle/crypto/src/math/field/PrimeField.cs b/BouncyCastle/crypto/src/math/field/PrimeField.cs new file mode 100644 index 0000000..f6ba629 --- /dev/null +++ b/BouncyCastle/crypto/src/math/field/PrimeField.cs @@ -0,0 +1,44 @@ +using System; + +namespace Org.BouncyCastle.Math.Field +{ + internal class PrimeField + : IFiniteField + { + protected readonly BigInteger characteristic; + + internal PrimeField(BigInteger characteristic) + { + this.characteristic = characteristic; + } + + public virtual BigInteger Characteristic + { + get { return characteristic; } + } + + public virtual int Dimension + { + get { return 1; } + } + + public override bool Equals(object obj) + { + if (this == obj) + { + return true; + } + PrimeField other = obj as PrimeField; + if (null == other) + { + return false; + } + return characteristic.Equals(other.characteristic); + } + + public override int GetHashCode() + { + return characteristic.GetHashCode(); + } + } +} diff --git a/BouncyCastle/crypto/src/math/raw/Bits.cs b/BouncyCastle/crypto/src/math/raw/Bits.cs new file mode 100644 index 0000000..d344e16 --- /dev/null +++ b/BouncyCastle/crypto/src/math/raw/Bits.cs @@ -0,0 +1,29 @@ +using System; + +namespace Org.BouncyCastle.Math.Raw +{ + internal abstract class Bits + { + internal static uint BitPermuteStep(uint x, uint m, int s) + { + uint t = (x ^ (x >> s)) & m; + return (t ^ (t << s)) ^ x; + } + + internal static ulong BitPermuteStep(ulong x, ulong m, int s) + { + ulong t = (x ^ (x >> s)) & m; + return (t ^ (t << s)) ^ x; + } + + internal static uint BitPermuteStepSimple(uint x, uint m, int s) + { + return ((x & m) << s) | ((x >> s) & m); + } + + internal static ulong BitPermuteStepSimple(ulong x, ulong m, int s) + { + return ((x & m) << s) | ((x >> s) & m); + } + } +} diff --git a/BouncyCastle/crypto/src/math/raw/Interleave.cs b/BouncyCastle/crypto/src/math/raw/Interleave.cs new file mode 100644 index 0000000..8e98eac --- /dev/null +++ b/BouncyCastle/crypto/src/math/raw/Interleave.cs @@ -0,0 +1,178 @@ +using System; + +namespace Org.BouncyCastle.Math.Raw +{ + internal abstract class Interleave + { + private const ulong M32 = 0x55555555UL; + private const ulong M64 = 0x5555555555555555UL; + private const ulong M64R = 0xAAAAAAAAAAAAAAAAUL; + + /* + * This expands 8 bit indices into 16 bit contents (high bit 14), by inserting 0s between bits. + * In a binary field, this operation is the same as squaring an 8 bit number. + */ + //private static readonly ushort[] INTERLEAVE2_TABLE = new ushort[] + //{ + // 0x0000, 0x0001, 0x0004, 0x0005, 0x0010, 0x0011, 0x0014, 0x0015, + // 0x0040, 0x0041, 0x0044, 0x0045, 0x0050, 0x0051, 0x0054, 0x0055, + // 0x0100, 0x0101, 0x0104, 0x0105, 0x0110, 0x0111, 0x0114, 0x0115, + // 0x0140, 0x0141, 0x0144, 0x0145, 0x0150, 0x0151, 0x0154, 0x0155, + // 0x0400, 0x0401, 0x0404, 0x0405, 0x0410, 0x0411, 0x0414, 0x0415, + // 0x0440, 0x0441, 0x0444, 0x0445, 0x0450, 0x0451, 0x0454, 0x0455, + // 0x0500, 0x0501, 0x0504, 0x0505, 0x0510, 0x0511, 0x0514, 0x0515, + // 0x0540, 0x0541, 0x0544, 0x0545, 0x0550, 0x0551, 0x0554, 0x0555, + // 0x1000, 0x1001, 0x1004, 0x1005, 0x1010, 0x1011, 0x1014, 0x1015, + // 0x1040, 0x1041, 0x1044, 0x1045, 0x1050, 0x1051, 0x1054, 0x1055, + // 0x1100, 0x1101, 0x1104, 0x1105, 0x1110, 0x1111, 0x1114, 0x1115, + // 0x1140, 0x1141, 0x1144, 0x1145, 0x1150, 0x1151, 0x1154, 0x1155, + // 0x1400, 0x1401, 0x1404, 0x1405, 0x1410, 0x1411, 0x1414, 0x1415, + // 0x1440, 0x1441, 0x1444, 0x1445, 0x1450, 0x1451, 0x1454, 0x1455, + // 0x1500, 0x1501, 0x1504, 0x1505, 0x1510, 0x1511, 0x1514, 0x1515, + // 0x1540, 0x1541, 0x1544, 0x1545, 0x1550, 0x1551, 0x1554, 0x1555, + // 0x4000, 0x4001, 0x4004, 0x4005, 0x4010, 0x4011, 0x4014, 0x4015, + // 0x4040, 0x4041, 0x4044, 0x4045, 0x4050, 0x4051, 0x4054, 0x4055, + // 0x4100, 0x4101, 0x4104, 0x4105, 0x4110, 0x4111, 0x4114, 0x4115, + // 0x4140, 0x4141, 0x4144, 0x4145, 0x4150, 0x4151, 0x4154, 0x4155, + // 0x4400, 0x4401, 0x4404, 0x4405, 0x4410, 0x4411, 0x4414, 0x4415, + // 0x4440, 0x4441, 0x4444, 0x4445, 0x4450, 0x4451, 0x4454, 0x4455, + // 0x4500, 0x4501, 0x4504, 0x4505, 0x4510, 0x4511, 0x4514, 0x4515, + // 0x4540, 0x4541, 0x4544, 0x4545, 0x4550, 0x4551, 0x4554, 0x4555, + // 0x5000, 0x5001, 0x5004, 0x5005, 0x5010, 0x5011, 0x5014, 0x5015, + // 0x5040, 0x5041, 0x5044, 0x5045, 0x5050, 0x5051, 0x5054, 0x5055, + // 0x5100, 0x5101, 0x5104, 0x5105, 0x5110, 0x5111, 0x5114, 0x5115, + // 0x5140, 0x5141, 0x5144, 0x5145, 0x5150, 0x5151, 0x5154, 0x5155, + // 0x5400, 0x5401, 0x5404, 0x5405, 0x5410, 0x5411, 0x5414, 0x5415, + // 0x5440, 0x5441, 0x5444, 0x5445, 0x5450, 0x5451, 0x5454, 0x5455, + // 0x5500, 0x5501, 0x5504, 0x5505, 0x5510, 0x5511, 0x5514, 0x5515, + // 0x5540, 0x5541, 0x5544, 0x5545, 0x5550, 0x5551, 0x5554, 0x5555 + //}; + + internal static uint Expand8to16(uint x) + { + x &= 0xFFU; + x = (x | (x << 4)) & 0x0F0FU; + x = (x | (x << 2)) & 0x3333U; + x = (x | (x << 1)) & 0x5555U; + return x; + } + + internal static uint Expand16to32(uint x) + { + x &= 0xFFFFU; + x = (x | (x << 8)) & 0x00FF00FFU; + x = (x | (x << 4)) & 0x0F0F0F0FU; + x = (x | (x << 2)) & 0x33333333U; + x = (x | (x << 1)) & 0x55555555U; + return x; + } + + internal static ulong Expand32to64(uint x) + { + // "shuffle" low half to even bits and high half to odd bits + x = Bits.BitPermuteStep(x, 0x0000FF00U, 8); + x = Bits.BitPermuteStep(x, 0x00F000F0U, 4); + x = Bits.BitPermuteStep(x, 0x0C0C0C0CU, 2); + x = Bits.BitPermuteStep(x, 0x22222222U, 1); + + return ((x >> 1) & M32) << 32 | (x & M32); + } + + internal static void Expand64To128(ulong x, ulong[] z, int zOff) + { + // "shuffle" low half to even bits and high half to odd bits + x = Bits.BitPermuteStep(x, 0x00000000FFFF0000UL, 16); + x = Bits.BitPermuteStep(x, 0x0000FF000000FF00UL, 8); + x = Bits.BitPermuteStep(x, 0x00F000F000F000F0UL, 4); + x = Bits.BitPermuteStep(x, 0x0C0C0C0C0C0C0C0CUL, 2); + x = Bits.BitPermuteStep(x, 0x2222222222222222UL, 1); + + z[zOff ] = (x ) & M64; + z[zOff + 1] = (x >> 1) & M64; + } + + internal static void Expand64To128(ulong[] xs, int xsOff, int xsLen, ulong[] zs, int zsOff) + { + for (int i = 0; i < xsLen; ++i) + { + Expand64To128(xs[xsOff + i], zs, zsOff); + zsOff += 2; + } + } + + internal static void Expand64To128Rev(ulong x, ulong[] z, int zOff) + { + // "shuffle" low half to even bits and high half to odd bits + x = Bits.BitPermuteStep(x, 0x00000000FFFF0000UL, 16); + x = Bits.BitPermuteStep(x, 0x0000FF000000FF00UL, 8); + x = Bits.BitPermuteStep(x, 0x00F000F000F000F0UL, 4); + x = Bits.BitPermuteStep(x, 0x0C0C0C0C0C0C0C0CUL, 2); + x = Bits.BitPermuteStep(x, 0x2222222222222222UL, 1); + + z[zOff] = (x ) & M64R; + z[zOff + 1] = (x << 1) & M64R; + } + + internal static uint Shuffle(uint x) + { + // "shuffle" low half to even bits and high half to odd bits + x = Bits.BitPermuteStep(x, 0x0000FF00U, 8); + x = Bits.BitPermuteStep(x, 0x00F000F0U, 4); + x = Bits.BitPermuteStep(x, 0x0C0C0C0CU, 2); + x = Bits.BitPermuteStep(x, 0x22222222U, 1); + return x; + } + + internal static ulong Shuffle(ulong x) + { + // "shuffle" low half to even bits and high half to odd bits + x = Bits.BitPermuteStep(x, 0x00000000FFFF0000UL, 16); + x = Bits.BitPermuteStep(x, 0x0000FF000000FF00UL, 8); + x = Bits.BitPermuteStep(x, 0x00F000F000F000F0UL, 4); + x = Bits.BitPermuteStep(x, 0x0C0C0C0C0C0C0C0CUL, 2); + x = Bits.BitPermuteStep(x, 0x2222222222222222UL, 1); + return x; + } + + internal static uint Shuffle2(uint x) + { + // "shuffle" (twice) low half to even bits and high half to odd bits + x = Bits.BitPermuteStep(x, 0x00AA00AAU, 7); + x = Bits.BitPermuteStep(x, 0x0000CCCCU, 14); + x = Bits.BitPermuteStep(x, 0x00F000F0U, 4); + x = Bits.BitPermuteStep(x, 0x0000FF00U, 8); + return x; + } + + internal static uint Unshuffle(uint x) + { + // "unshuffle" even bits to low half and odd bits to high half + x = Bits.BitPermuteStep(x, 0x22222222U, 1); + x = Bits.BitPermuteStep(x, 0x0C0C0C0CU, 2); + x = Bits.BitPermuteStep(x, 0x00F000F0U, 4); + x = Bits.BitPermuteStep(x, 0x0000FF00U, 8); + return x; + } + + internal static ulong Unshuffle(ulong x) + { + // "unshuffle" even bits to low half and odd bits to high half + x = Bits.BitPermuteStep(x, 0x2222222222222222UL, 1); + x = Bits.BitPermuteStep(x, 0x0C0C0C0C0C0C0C0CUL, 2); + x = Bits.BitPermuteStep(x, 0x00F000F000F000F0UL, 4); + x = Bits.BitPermuteStep(x, 0x0000FF000000FF00UL, 8); + x = Bits.BitPermuteStep(x, 0x00000000FFFF0000UL, 16); + return x; + } + + internal static uint Unshuffle2(uint x) + { + // "unshuffle" (twice) even bits to low half and odd bits to high half + x = Bits.BitPermuteStep(x, 0x0000FF00U, 8); + x = Bits.BitPermuteStep(x, 0x00F000F0U, 4); + x = Bits.BitPermuteStep(x, 0x0000CCCCU, 14); + x = Bits.BitPermuteStep(x, 0x00AA00AAU, 7); + return x; + } + } +} diff --git a/BouncyCastle/crypto/src/math/raw/Mod.cs b/BouncyCastle/crypto/src/math/raw/Mod.cs new file mode 100644 index 0000000..d4d1f71 --- /dev/null +++ b/BouncyCastle/crypto/src/math/raw/Mod.cs @@ -0,0 +1,604 @@ +using System; +using System.Diagnostics; + +using Org.BouncyCastle.Crypto.Utilities; +using Org.BouncyCastle.Security; +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Math.Raw +{ + /* + * Modular inversion as implemented in this class is based on the paper "Fast constant-time gcd + * computation and modular inversion" by Daniel J. Bernstein and Bo-Yin Yang. + */ + + internal abstract class Mod + { + private static readonly SecureRandom RandomSource = new SecureRandom(); + + private const int M30 = 0x3FFFFFFF; + private const ulong M32UL = 0xFFFFFFFFUL; + + public static void CheckedModOddInverse(uint[] m, uint[] x, uint[] z) + { + if (0 == ModOddInverse(m, x, z)) + throw new ArithmeticException("Inverse does not exist."); + } + + public static void CheckedModOddInverseVar(uint[] m, uint[] x, uint[] z) + { + if (!ModOddInverseVar(m, x, z)) + throw new ArithmeticException("Inverse does not exist."); + } + + public static uint Inverse32(uint d) + { + Debug.Assert((d & 1) == 1); + + //int x = d + (((d + 1) & 4) << 1); // d.x == 1 mod 2**4 + uint x = d; // d.x == 1 mod 2**3 + x *= 2 - d * x; // d.x == 1 mod 2**6 + x *= 2 - d * x; // d.x == 1 mod 2**12 + x *= 2 - d * x; // d.x == 1 mod 2**24 + x *= 2 - d * x; // d.x == 1 mod 2**48 + Debug.Assert(d * x == 1); + return x; + } + + public static uint ModOddInverse(uint[] m, uint[] x, uint[] z) + { + int len32 = m.Length; + Debug.Assert(len32 > 0); + Debug.Assert((m[0] & 1) != 0); + Debug.Assert(m[len32 - 1] != 0); + + int bits = (len32 << 5) - Integers.NumberOfLeadingZeros((int)m[len32 - 1]); + int len30 = (bits + 29) / 30; + + int[] t = new int[4]; + int[] D = new int[len30]; + int[] E = new int[len30]; + int[] F = new int[len30]; + int[] G = new int[len30]; + int[] M = new int[len30]; + + E[0] = 1; + Encode30(bits, x, 0, G, 0); + Encode30(bits, m, 0, M, 0); + Array.Copy(M, 0, F, 0, len30); + + int delta = 0; + int m0Inv32 = (int)Inverse32((uint)M[0]); + int maxDivsteps = GetMaximumDivsteps(bits); + + for (int divSteps = 0; divSteps < maxDivsteps; divSteps += 30) + { + delta = Divsteps30(delta, F[0], G[0], t); + UpdateDE30(len30, D, E, t, m0Inv32, M); + UpdateFG30(len30, F, G, t); + } + + int signF = F[len30 - 1] >> 31; + CNegate30(len30, signF, F); + + /* + * D is in the range (-2.M, M). First, conditionally add M if D is negative, to bring it + * into the range (-M, M). Then normalize by conditionally negating (according to signF) + * and/or then adding M, to bring it into the range [0, M). + */ + CNormalize30(len30, signF, D, M); + + Decode30(bits, D, 0, z, 0); + Debug.Assert(0 != Nat.LessThan(len32, z, m)); + + return (uint)(EqualTo(len30, F, 1) & EqualToZero(len30, G)); + } + + public static bool ModOddInverseVar(uint[] m, uint[] x, uint[] z) + { + int len32 = m.Length; + Debug.Assert(len32 > 0); + Debug.Assert((m[0] & 1) != 0); + Debug.Assert(m[len32 - 1] != 0); + + int bits = (len32 << 5) - Integers.NumberOfLeadingZeros((int)m[len32 - 1]); + int len30 = (bits + 29) / 30; + + int[] t = new int[4]; + int[] D = new int[len30]; + int[] E = new int[len30]; + int[] F = new int[len30]; + int[] G = new int[len30]; + int[] M = new int[len30]; + + E[0] = 1; + Encode30(bits, x, 0, G, 0); + Encode30(bits, m, 0, M, 0); + Array.Copy(M, 0, F, 0, len30); + + int clzG = Integers.NumberOfLeadingZeros(G[len30 - 1] | 1) - (len30 * 30 + 2 - bits); + int eta = -1 - clzG; + int lenDE = len30, lenFG = len30; + int m0Inv32 = (int)Inverse32((uint)M[0]); + int maxDivsteps = GetMaximumDivsteps(bits); + + int divsteps = 0; + while (!IsZero(lenFG, G)) + { + if (divsteps >= maxDivsteps) + return false; + + divsteps += 30; + + eta = Divsteps30Var(eta, F[0], G[0], t); + UpdateDE30(lenDE, D, E, t, m0Inv32, M); + UpdateFG30(lenFG, F, G, t); + + int fn = F[lenFG - 1]; + int gn = G[lenFG - 1]; + + int cond = (lenFG - 2) >> 31; + cond |= fn ^ (fn >> 31); + cond |= gn ^ (gn >> 31); + + if (cond == 0) + { + F[lenFG - 2] |= fn << 30; + G[lenFG - 2] |= gn << 30; + --lenFG; + } + } + + int signF = F[lenFG - 1] >> 31; + + /* + * D is in the range (-2.M, M). First, conditionally add M if D is negative, to bring it + * into the range (-M, M). Then normalize by conditionally negating (according to signF) + * and/or then adding M, to bring it into the range [0, M). + */ + int signD = D[lenDE - 1] >> 31; + if (signD < 0) + { + signD = Add30(lenDE, D, M); + } + if (signF < 0) + { + signD = Negate30(lenDE, D); + signF = Negate30(lenFG, F); + } + Debug.Assert(0 == signF); + + if (!IsOne(lenFG, F)) + return false; + + if (signD < 0) + { + signD = Add30(lenDE, D, M); + } + Debug.Assert(0 == signD); + + Decode30(bits, D, 0, z, 0); + Debug.Assert(!Nat.Gte(len32, z, m)); + + return true; + } + + public static uint[] Random(uint[] p) + { + int len = p.Length; + uint[] s = Nat.Create(len); + + uint m = p[len - 1]; + m |= m >> 1; + m |= m >> 2; + m |= m >> 4; + m |= m >> 8; + m |= m >> 16; + + do + { + byte[] bytes = new byte[len << 2]; + RandomSource.NextBytes(bytes); + Pack.BE_To_UInt32(bytes, 0, s); + s[len - 1] &= m; + } + while (Nat.Gte(len, s, p)); + + return s; + } + + private static int Add30(int len30, int[] D, int[] M) + { + Debug.Assert(len30 > 0); + Debug.Assert(D.Length >= len30); + Debug.Assert(M.Length >= len30); + + int c = 0, last = len30 - 1; + for (int i = 0; i < last; ++i) + { + c += D[i] + M[i]; + D[i] = c & M30; c >>= 30; + } + c += D[last] + M[last]; + D[last] = c; c >>= 30; + return c; + } + + private static void CNegate30(int len30, int cond, int[] D) + { + Debug.Assert(len30 > 0); + Debug.Assert(D.Length >= len30); + + int c = 0, last = len30 - 1; + for (int i = 0; i < last; ++i) + { + c += (D[i] ^ cond) - cond; + D[i] = c & M30; c >>= 30; + } + c += (D[last] ^ cond) - cond; + D[last] = c; + } + + private static void CNormalize30(int len30, int condNegate, int[] D, int[] M) + { + Debug.Assert(len30 > 0); + Debug.Assert(D.Length >= len30); + Debug.Assert(M.Length >= len30); + + int last = len30 - 1; + + { + int c = 0, condAdd = D[last] >> 31; + for (int i = 0; i < last; ++i) + { + int di = D[i] + (M[i] & condAdd); + di = (di ^ condNegate) - condNegate; + c += di; D[i] = c & M30; c >>= 30; + } + { + int di = D[last] + (M[last] & condAdd); + di = (di ^ condNegate) - condNegate; + c += di; D[last] = c; + } + } + + { + int c = 0, condAdd = D[last] >> 31; + for (int i = 0; i < last; ++i) + { + int di = D[i] + (M[i] & condAdd); + c += di; D[i] = c & M30; c >>= 30; + } + { + int di = D[last] + (M[last] & condAdd); + c += di; D[last] = c; + } + Debug.Assert(c >> 30 == 0); + } + } + + private static void Decode30(int bits, int[] x, int xOff, uint[] z, int zOff) + { + Debug.Assert(bits > 0); + + int avail = 0; + ulong data = 0L; + + while (bits > 0) + { + while (avail < System.Math.Min(32, bits)) + { + data |= (ulong)x[xOff++] << avail; + avail += 30; + } + + z[zOff++] = (uint)data; data >>= 32; + avail -= 32; + bits -= 32; + } + } + + private static int Divsteps30(int delta, int f0, int g0, int[] t) + { + int u = 1 << 30, v = 0, q = 0, r = 1 << 30; + int f = f0, g = g0; + + for (int i = 0; i < 30; ++i) + { + Debug.Assert((f & 1) == 1); + Debug.Assert(((u >> (30 - i)) * f0 + (v >> (30 - i)) * g0) == f << i); + Debug.Assert(((q >> (30 - i)) * f0 + (r >> (30 - i)) * g0) == g << i); + + int c1 = delta >> 31; + int c2 = -(g & 1); + + int x = f ^ c1; + int y = u ^ c1; + int z = v ^ c1; + + g -= x & c2; + q -= y & c2; + r -= z & c2; + + c2 &= ~c1; + delta = (delta ^ c2) - (c2 - 1); + + f += g & c2; + u += q & c2; + v += r & c2; + + g >>= 1; + q >>= 1; + r >>= 1; + } + + t[0] = u; + t[1] = v; + t[2] = q; + t[3] = r; + + return delta; + } + + private static int Divsteps30Var(int eta, int f0, int g0, int[] t) + { + int u = 1, v = 0, q = 0, r = 1; + int f = f0, g = g0, m, w, x, y, z; + int i = 30, limit, zeros; + + for (; ; ) + { + // Use a sentinel bit to count zeros only up to i. + zeros = Integers.NumberOfTrailingZeros(g | (-1 << i)); + + g >>= zeros; + u <<= zeros; + v <<= zeros; + eta -= zeros; + i -= zeros; + + if (i <= 0) + break; + + Debug.Assert((f & 1) == 1); + Debug.Assert((g & 1) == 1); + Debug.Assert((u * f0 + v * g0) == f << (30 - i)); + Debug.Assert((q * f0 + r * g0) == g << (30 - i)); + + if (eta < 0) + { + eta = -eta; + x = f; f = g; g = -x; + y = u; u = q; q = -y; + z = v; v = r; r = -z; + + // Handle up to 6 divsteps at once, subject to eta and i. + limit = (eta + 1) > i ? i : (eta + 1); + m = (int)((uint.MaxValue >> (32 - limit)) & 63U); + + w = (f * g * (f * f - 2)) & m; + } + else + { + // Handle up to 4 divsteps at once, subject to eta and i. + limit = (eta + 1) > i ? i : (eta + 1); + m = (int)((uint.MaxValue >> (32 - limit)) & 15U); + + w = f + (((f + 1) & 4) << 1); + w = (-w * g) & m; + } + + g += f * w; + q += u * w; + r += v * w; + + Debug.Assert((g & m) == 0); + } + + t[0] = u; + t[1] = v; + t[2] = q; + t[3] = r; + + return eta; + } + + private static void Encode30(int bits, uint[] x, int xOff, int[] z, int zOff) + { + Debug.Assert(bits > 0); + + int avail = 0; + ulong data = 0UL; + + while (bits > 0) + { + if (avail < System.Math.Min(30, bits)) + { + data |= (x[xOff++] & M32UL) << avail; + avail += 32; + } + + z[zOff++] = (int)data & M30; data >>= 30; + avail -= 30; + bits -= 30; + } + } + + private static int EqualTo(int len, int[] x, int y) + { + int d = x[0] ^ y; + for (int i = 1; i < len; ++i) + { + d |= x[i]; + } + d = (int)((uint)d >> 1) | (d & 1); + return (d - 1) >> 31; + } + + private static int EqualToZero(int len, int[] x) + { + int d = 0; + for (int i = 0; i < len; ++i) + { + d |= x[i]; + } + d = (int)((uint)d >> 1) | (d & 1); + return (d - 1) >> 31; + } + + private static int GetMaximumDivsteps(int bits) + { + return (49 * bits + (bits < 46 ? 80 : 47)) / 17; + } + + private static bool IsOne(int len, int[] x) + { + if (x[0] != 1) + { + return false; + } + for (int i = 1; i < len; ++i) + { + if (x[i] != 0) + { + return false; + } + } + return true; + } + + private static bool IsZero(int len, int[] x) + { + if (x[0] != 0) + { + return false; + } + for (int i = 1; i < len; ++i) + { + if (x[i] != 0) + { + return false; + } + } + return true; + } + + private static int Negate30(int len30, int[] D) + { + Debug.Assert(len30 > 0); + Debug.Assert(D.Length >= len30); + + int c = 0, last = len30 - 1; + for (int i = 0; i < last; ++i) + { + c -= D[i]; + D[i] = c & M30; c >>= 30; + } + c -= D[last]; + D[last] = c; c >>= 30; + return c; + } + + private static void UpdateDE30(int len30, int[] D, int[] E, int[] t, int m0Inv32, int[] M) + { + Debug.Assert(len30 > 0); + Debug.Assert(D.Length >= len30); + Debug.Assert(E.Length >= len30); + Debug.Assert(M.Length >= len30); + Debug.Assert(m0Inv32 * M[0] == 1); + + int u = t[0], v = t[1], q = t[2], r = t[3]; + int di, ei, i, md, me, mi, sd, se; + long cd, ce; + + /* + * We accept D (E) in the range (-2.M, M) and conceptually add the modulus to the input + * value if it is initially negative. Instead of adding it explicitly, we add u and/or v (q + * and/or r) to md (me). + */ + sd = D[len30 - 1] >> 31; + se = E[len30 - 1] >> 31; + + md = (u & sd) + (v & se); + me = (q & sd) + (r & se); + + mi = M[0]; + di = D[0]; + ei = E[0]; + + cd = (long)u * di + (long)v * ei; + ce = (long)q * di + (long)r * ei; + + /* + * Subtract from md/me an extra term in the range [0, 2^30) such that the low 30 bits of the + * intermediate D/E values will be 0, allowing clean division by 2^30. The final D/E are + * thus in the range (-2.M, M), consistent with the input constraint. + */ + md -= (m0Inv32 * (int)cd + md) & M30; + me -= (m0Inv32 * (int)ce + me) & M30; + + cd += (long)mi * md; + ce += (long)mi * me; + + Debug.Assert(((int)cd & M30) == 0); + Debug.Assert(((int)ce & M30) == 0); + + cd >>= 30; + ce >>= 30; + + for (i = 1; i < len30; ++i) + { + mi = M[i]; + di = D[i]; + ei = E[i]; + + cd += (long)u * di + (long)v * ei + (long)mi * md; + ce += (long)q * di + (long)r * ei + (long)mi * me; + + D[i - 1] = (int)cd & M30; cd >>= 30; + E[i - 1] = (int)ce & M30; ce >>= 30; + } + + D[len30 - 1] = (int)cd; + E[len30 - 1] = (int)ce; + } + + private static void UpdateFG30(int len30, int[] F, int[] G, int[] t) + { + Debug.Assert(len30 > 0); + Debug.Assert(F.Length >= len30); + Debug.Assert(G.Length >= len30); + + int u = t[0], v = t[1], q = t[2], r = t[3]; + int fi, gi, i; + long cf, cg; + + fi = F[0]; + gi = G[0]; + + cf = (long)u * fi + (long)v * gi; + cg = (long)q * fi + (long)r * gi; + + Debug.Assert(((int)cf & M30) == 0); + Debug.Assert(((int)cg & M30) == 0); + + cf >>= 30; + cg >>= 30; + + for (i = 1; i < len30; ++i) + { + fi = F[i]; + gi = G[i]; + + cf += (long)u * fi + (long)v * gi; + cg += (long)q * fi + (long)r * gi; + + F[i - 1] = (int)cf & M30; cf >>= 30; + G[i - 1] = (int)cg & M30; cg >>= 30; + } + + F[len30 - 1] = (int)cf; + G[len30 - 1] = (int)cg; + } + } +} \ No newline at end of file diff --git a/BouncyCastle/crypto/src/math/raw/Nat.cs b/BouncyCastle/crypto/src/math/raw/Nat.cs new file mode 100644 index 0000000..effe464 --- /dev/null +++ b/BouncyCastle/crypto/src/math/raw/Nat.cs @@ -0,0 +1,1418 @@ +using System; +using System.Diagnostics; + +using Org.BouncyCastle.Crypto.Utilities; + +namespace Org.BouncyCastle.Math.Raw +{ + internal abstract class Nat + { + private const ulong M = 0xFFFFFFFFUL; + + public static uint Add(int len, uint[] x, uint[] y, uint[] z) + { + ulong c = 0; + for (int i = 0; i < len; ++i) + { + c += (ulong)x[i] + y[i]; + z[i] = (uint)c; + c >>= 32; + } + return (uint)c; + } + + public static uint Add33At(int len, uint x, uint[] z, int zPos) + { + Debug.Assert(zPos <= (len - 2)); + ulong c = (ulong)z[zPos + 0] + x; + z[zPos + 0] = (uint)c; + c >>= 32; + c += (ulong)z[zPos + 1] + 1; + z[zPos + 1] = (uint)c; + c >>= 32; + return c == 0 ? 0 : IncAt(len, z, zPos + 2); + } + + public static uint Add33At(int len, uint x, uint[] z, int zOff, int zPos) + { + Debug.Assert(zPos <= (len - 2)); + ulong c = (ulong)z[zOff + zPos] + x; + z[zOff + zPos] = (uint)c; + c >>= 32; + c += (ulong)z[zOff + zPos + 1] + 1; + z[zOff + zPos + 1] = (uint)c; + c >>= 32; + return c == 0 ? 0 : IncAt(len, z, zOff, zPos + 2); + } + + public static uint Add33To(int len, uint x, uint[] z) + { + ulong c = (ulong)z[0] + x; + z[0] = (uint)c; + c >>= 32; + c += (ulong)z[1] + 1; + z[1] = (uint)c; + c >>= 32; + return c == 0 ? 0 : IncAt(len, z, 2); + } + + public static uint Add33To(int len, uint x, uint[] z, int zOff) + { + ulong c = (ulong)z[zOff + 0] + x; + z[zOff + 0] = (uint)c; + c >>= 32; + c += (ulong)z[zOff + 1] + 1; + z[zOff + 1] = (uint)c; + c >>= 32; + return c == 0 ? 0 : IncAt(len, z, zOff, 2); + } + + public static uint AddBothTo(int len, uint[] x, uint[] y, uint[] z) + { + ulong c = 0; + for (int i = 0; i < len; ++i) + { + c += (ulong)x[i] + y[i] + z[i]; + z[i] = (uint)c; + c >>= 32; + } + return (uint)c; + } + + public static uint AddBothTo(int len, uint[] x, int xOff, uint[] y, int yOff, uint[] z, int zOff) + { + ulong c = 0; + for (int i = 0; i < len; ++i) + { + c += (ulong)x[xOff + i] + y[yOff + i] + z[zOff + i]; + z[zOff + i] = (uint)c; + c >>= 32; + } + return (uint)c; + } + + public static uint AddDWordAt(int len, ulong x, uint[] z, int zPos) + { + Debug.Assert(zPos <= (len - 2)); + ulong c = (ulong)z[zPos + 0] + (x & M); + z[zPos + 0] = (uint)c; + c >>= 32; + c += (ulong)z[zPos + 1] + (x >> 32); + z[zPos + 1] = (uint)c; + c >>= 32; + return c == 0 ? 0 : IncAt(len, z, zPos + 2); + } + + public static uint AddDWordAt(int len, ulong x, uint[] z, int zOff, int zPos) + { + Debug.Assert(zPos <= (len - 2)); + ulong c = (ulong)z[zOff + zPos] + (x & M); + z[zOff + zPos] = (uint)c; + c >>= 32; + c += (ulong)z[zOff + zPos + 1] + (x >> 32); + z[zOff + zPos + 1] = (uint)c; + c >>= 32; + return c == 0 ? 0 : IncAt(len, z, zOff, zPos + 2); + } + + public static uint AddDWordTo(int len, ulong x, uint[] z) + { + ulong c = (ulong)z[0] + (x & M); + z[0] = (uint)c; + c >>= 32; + c += (ulong)z[1] + (x >> 32); + z[1] = (uint)c; + c >>= 32; + return c == 0 ? 0 : IncAt(len, z, 2); + } + + public static uint AddDWordTo(int len, ulong x, uint[] z, int zOff) + { + ulong c = (ulong)z[zOff + 0] + (x & M); + z[zOff + 0] = (uint)c; + c >>= 32; + c += (ulong)z[zOff + 1] + (x >> 32); + z[zOff + 1] = (uint)c; + c >>= 32; + return c == 0 ? 0 : IncAt(len, z, zOff, 2); + } + + public static uint AddTo(int len, uint[] x, uint[] z) + { + ulong c = 0; + for (int i = 0; i < len; ++i) + { + c += (ulong)x[i] + z[i]; + z[i] = (uint)c; + c >>= 32; + } + return (uint)c; + } + + public static uint AddTo(int len, uint[] x, int xOff, uint[] z, int zOff) + { + ulong c = 0; + for (int i = 0; i < len; ++i) + { + c += (ulong)x[xOff + i] + z[zOff + i]; + z[zOff + i] = (uint)c; + c >>= 32; + } + return (uint)c; + } + + public static uint AddTo(int len, uint[] x, int xOff, uint[] z, int zOff, uint cIn) + { + ulong c = cIn; + for (int i = 0; i < len; ++i) + { + c += (ulong)x[xOff + i] + z[zOff + i]; + z[zOff + i] = (uint)c; + c >>= 32; + } + return (uint)c; + } + + public static uint AddToEachOther(int len, uint[] u, int uOff, uint[] v, int vOff) + { + ulong c = 0; + for (int i = 0; i < len; ++i) + { + c += (ulong)u[uOff + i] + v[vOff + i]; + u[uOff + i] = (uint)c; + v[vOff + i] = (uint)c; + c >>= 32; + } + return (uint)c; + } + + public static uint AddWordAt(int len, uint x, uint[] z, int zPos) + { + Debug.Assert(zPos <= (len - 1)); + ulong c = (ulong)x + z[zPos]; + z[zPos] = (uint)c; + c >>= 32; + return c == 0 ? 0 : IncAt(len, z, zPos + 1); + } + + public static uint AddWordAt(int len, uint x, uint[] z, int zOff, int zPos) + { + Debug.Assert(zPos <= (len - 1)); + ulong c = (ulong)x + z[zOff + zPos]; + z[zOff + zPos] = (uint)c; + c >>= 32; + return c == 0 ? 0 : IncAt(len, z, zOff, zPos + 1); + } + + public static uint AddWordTo(int len, uint x, uint[] z) + { + ulong c = (ulong)x + z[0]; + z[0] = (uint)c; + c >>= 32; + return c == 0 ? 0 : IncAt(len, z, 1); + } + + public static uint AddWordTo(int len, uint x, uint[] z, int zOff) + { + ulong c = (ulong)x + z[zOff]; + z[zOff] = (uint)c; + c >>= 32; + return c == 0 ? 0 : IncAt(len, z, zOff, 1); + } + + public static uint CAdd(int len, int mask, uint[] x, uint[] y, uint[] z) + { + uint MASK = (uint)-(mask & 1); + + ulong c = 0; + for (int i = 0; i < len; ++i) + { + c += (ulong)x[i] + (y[i] & MASK); + z[i] = (uint)c; + c >>= 32; + } + return (uint)c; + } + + public static void CMov(int len, int mask, uint[] x, int xOff, uint[] z, int zOff) + { + uint MASK = (uint)-(mask & 1); + + for (int i = 0; i < len; ++i) + { + uint z_i = z[zOff + i], diff = z_i ^ x[xOff + i]; + z_i ^= (diff & MASK); + z[zOff + i] = z_i; + } + + //uint half = 0x55555555U, rest = half << (-(int)MASK); + + //for (int i = 0; i < len; ++i) + //{ + // uint z_i = z[zOff + i], diff = z_i ^ x[xOff + i]; + // z_i ^= (diff & half); + // z_i ^= (diff & rest); + // z[zOff + i] = z_i; + //} + } + + public static void CMov(int len, int mask, int[] x, int xOff, int[] z, int zOff) + { + mask = -(mask & 1); + + for (int i = 0; i < len; ++i) + { + int z_i = z[zOff + i], diff = z_i ^ x[xOff + i]; + z_i ^= (diff & mask); + z[zOff + i] = z_i; + } + + //int half = 0x55555555, rest = half << (-mask); + + //for (int i = 0; i < len; ++i) + //{ + // int z_i = z[zOff + i], diff = z_i ^ x[xOff + i]; + // z_i ^= (diff & half); + // z_i ^= (diff & rest); + // z[zOff + i] = z_i; + //} + } + + public static int Compare(int len, uint[] x, uint[] y) + { + for (int i = len - 1; i >= 0; --i) + { + uint x_i = x[i]; + uint y_i = y[i]; + if (x_i < y_i) + return -1; + if (x_i > y_i) + return 1; + } + return 0; + } + + public static int Compare(int len, uint[] x, int xOff, uint[] y, int yOff) + { + for (int i = len - 1; i >= 0; --i) + { + uint x_i = x[xOff + i]; + uint y_i = y[yOff + i]; + if (x_i < y_i) + return -1; + if (x_i > y_i) + return 1; + } + return 0; + } + + public static void Copy(int len, uint[] x, uint[] z) + { + Array.Copy(x, 0, z, 0, len); + } + + public static uint[] Copy(int len, uint[] x) + { + uint[] z = new uint[len]; + Array.Copy(x, 0, z, 0, len); + return z; + } + + public static void Copy(int len, uint[] x, int xOff, uint[] z, int zOff) + { + Array.Copy(x, xOff, z, zOff, len); + } + + public static ulong[] Copy64(int len, ulong[] x) + { + ulong[] z = new ulong[len]; + Array.Copy(x, 0, z, 0, len); + return z; + } + + public static void Copy64(int len, ulong[] x, ulong[] z) + { + Array.Copy(x, 0, z, 0, len); + } + + public static void Copy64(int len, ulong[] x, int xOff, ulong[] z, int zOff) + { + Array.Copy(x, xOff, z, zOff, len); + } + + public static uint[] Create(int len) + { + return new uint[len]; + } + + public static ulong[] Create64(int len) + { + return new ulong[len]; + } + + public static int CSub(int len, int mask, uint[] x, uint[] y, uint[] z) + { + long MASK = (uint)-(mask & 1); + long c = 0; + for (int i = 0; i < len; ++i) + { + c += (long)x[i] - (y[i] & MASK); + z[i] = (uint)c; + c >>= 32; + } + return (int)c; + } + + public static int CSub(int len, int mask, uint[] x, int xOff, uint[] y, int yOff, uint[] z, int zOff) + { + long MASK = (uint)-(mask & 1); + long c = 0; + for (int i = 0; i < len; ++i) + { + c += (long)x[xOff + i] - (y[yOff + i] & MASK); + z[zOff + i] = (uint)c; + c >>= 32; + } + return (int)c; + } + + public static int Dec(int len, uint[] z) + { + for (int i = 0; i < len; ++i) + { + if (--z[i] != uint.MaxValue) + { + return 0; + } + } + return -1; + } + + public static int Dec(int len, uint[] x, uint[] z) + { + int i = 0; + while (i < len) + { + uint c = x[i] - 1; + z[i] = c; + ++i; + if (c != uint.MaxValue) + { + while (i < len) + { + z[i] = x[i]; + ++i; + } + return 0; + } + } + return -1; + } + + public static int DecAt(int len, uint[] z, int zPos) + { + Debug.Assert(zPos <= len); + for (int i = zPos; i < len; ++i) + { + if (--z[i] != uint.MaxValue) + { + return 0; + } + } + return -1; + } + + public static int DecAt(int len, uint[] z, int zOff, int zPos) + { + Debug.Assert(zPos <= len); + for (int i = zPos; i < len; ++i) + { + if (--z[zOff + i] != uint.MaxValue) + { + return 0; + } + } + return -1; + } + + public static bool Eq(int len, uint[] x, uint[] y) + { + for (int i = len - 1; i >= 0; --i) + { + if (x[i] != y[i]) + { + return false; + } + } + return true; + } + + public static uint EqualTo(int len, uint[] x, uint y) + { + uint d = x[0] ^ y; + for (int i = 1; i < len; ++i) + { + d |= x[i]; + } + d = (d >> 1) | (d & 1); + return (uint)(((int)d - 1) >> 31); + } + + public static uint EqualTo(int len, uint[] x, int xOff, uint y) + { + uint d = x[xOff] ^ y; + for (int i = 1; i < len; ++i) + { + d |= x[xOff + i]; + } + d = (d >> 1) | (d & 1); + return (uint)(((int)d - 1) >> 31); + } + + public static uint EqualTo(int len, uint[] x, uint[] y) + { + uint d = 0; + for (int i = 0; i < len; ++i) + { + d |= x[i] ^ y[i]; + } + d = (d >> 1) | (d & 1); + return (uint)(((int)d - 1) >> 31); + } + + public static uint EqualTo(int len, uint[] x, int xOff, uint[] y, int yOff) + { + uint d = 0; + for (int i = 0; i < len; ++i) + { + d |= x[xOff + i] ^ y[yOff + i]; + } + d = (d >> 1) | (d & 1); + return (uint)(((int)d - 1) >> 31); + } + + public static uint EqualToZero(int len, uint[] x) + { + uint d = 0; + for (int i = 0; i < len; ++i) + { + d |= x[i]; + } + d = (d >> 1) | (d & 1); + return (uint)(((int)d - 1) >> 31); + } + + public static uint EqualToZero(int len, uint[] x, int xOff) + { + uint d = 0; + for (int i = 0; i < len; ++i) + { + d |= x[xOff + i]; + } + d = (d >> 1) | (d & 1); + return (uint)(((int)d - 1) >> 31); + } + + public static uint[] FromBigInteger(int bits, BigInteger x) + { + if (bits < 1) + throw new ArgumentException(); + if (x.SignValue < 0 || x.BitLength > bits) + throw new ArgumentException(); + + int len = (bits + 31) >> 5; + Debug.Assert(len > 0); + uint[] z = Create(len); + + // NOTE: Use a fixed number of loop iterations + z[0] = (uint)x.IntValue; + for (int i = 1; i < len; ++i) + { + x = x.ShiftRight(32); + z[i] = (uint)x.IntValue; + } + return z; + } + + public static ulong[] FromBigInteger64(int bits, BigInteger x) + { + if (bits < 1) + throw new ArgumentException(); + if (x.SignValue < 0 || x.BitLength > bits) + throw new ArgumentException(); + + int len = (bits + 63) >> 6; + Debug.Assert(len > 0); + ulong[] z = Create64(len); + + // NOTE: Use a fixed number of loop iterations + z[0] = (ulong)x.LongValue; + for (int i = 1; i < len; ++i) + { + x = x.ShiftRight(64); + z[i] = (ulong)x.LongValue; + } + return z; + } + + public static uint GetBit(uint[] x, int bit) + { + if (bit == 0) + { + return x[0] & 1; + } + int w = bit >> 5; + if (w < 0 || w >= x.Length) + { + return 0; + } + int b = bit & 31; + return (x[w] >> b) & 1; + } + + public static bool Gte(int len, uint[] x, uint[] y) + { + for (int i = len - 1; i >= 0; --i) + { + uint x_i = x[i], y_i = y[i]; + if (x_i < y_i) + return false; + if (x_i > y_i) + return true; + } + return true; + } + + public static uint Inc(int len, uint[] z) + { + for (int i = 0; i < len; ++i) + { + if (++z[i] != uint.MinValue) + { + return 0; + } + } + return 1; + } + + public static uint Inc(int len, uint[] x, uint[] z) + { + int i = 0; + while (i < len) + { + uint c = x[i] + 1; + z[i] = c; + ++i; + if (c != 0) + { + while (i < len) + { + z[i] = x[i]; + ++i; + } + return 0; + } + } + return 1; + } + + public static uint IncAt(int len, uint[] z, int zPos) + { + Debug.Assert(zPos <= len); + for (int i = zPos; i < len; ++i) + { + if (++z[i] != uint.MinValue) + { + return 0; + } + } + return 1; + } + + public static uint IncAt(int len, uint[] z, int zOff, int zPos) + { + Debug.Assert(zPos <= len); + for (int i = zPos; i < len; ++i) + { + if (++z[zOff + i] != uint.MinValue) + { + return 0; + } + } + return 1; + } + + public static bool IsOne(int len, uint[] x) + { + if (x[0] != 1) + { + return false; + } + for (int i = 1; i < len; ++i) + { + if (x[i] != 0) + { + return false; + } + } + return true; + } + + public static bool IsZero(int len, uint[] x) + { + if (x[0] != 0) + { + return false; + } + for (int i = 1; i < len; ++i) + { + if (x[i] != 0) + { + return false; + } + } + return true; + } + + public static int LessThan(int len, uint[] x, uint[] y) + { + long c = 0; + for (int i = 0; i < len; ++i) + { + c += (long)x[i] - y[i]; + c >>= 32; + } + Debug.Assert(c == 0L || c == -1L); + return (int)c; + } + + public static int LessThan(int len, uint[] x, int xOff, uint[] y, int yOff) + { + long c = 0; + for (int i = 0; i < len; ++i) + { + c += (long)x[xOff + i] - y[yOff + i]; + c >>= 32; + } + Debug.Assert(c == 0L || c == -1L); + return (int)c; + } + + public static void Mul(int len, uint[] x, uint[] y, uint[] zz) + { + zz[len] = MulWord(len, x[0], y, zz); + + for (int i = 1; i < len; ++i) + { + zz[i + len] = MulWordAddTo(len, x[i], y, 0, zz, i); + } + } + + public static void Mul(int len, uint[] x, int xOff, uint[] y, int yOff, uint[] zz, int zzOff) + { + zz[zzOff + len] = MulWord(len, x[xOff], y, yOff, zz, zzOff); + + for (int i = 1; i < len; ++i) + { + zz[zzOff + i + len] = MulWordAddTo(len, x[xOff + i], y, yOff, zz, zzOff + i); + } + } + + public static void Mul(uint[] x, int xOff, int xLen, uint[] y, int yOff, int yLen, uint[] zz, int zzOff) + { + zz[zzOff + yLen] = MulWord(yLen, x[xOff], y, yOff, zz, zzOff); + + for (int i = 1; i < xLen; ++i) + { + zz[zzOff + i + yLen] = MulWordAddTo(yLen, x[xOff + i], y, yOff, zz, zzOff + i); + } + } + + public static uint MulAddTo(int len, uint[] x, uint[] y, uint[] zz) + { + ulong zc = 0; + for (int i = 0; i < len; ++i) + { + zc += MulWordAddTo(len, x[i], y, 0, zz, i) & M; + zc += zz[i + len] & M; + zz[i + len] = (uint)zc; + zc >>= 32; + } + return (uint)zc; + } + + public static uint MulAddTo(int len, uint[] x, int xOff, uint[] y, int yOff, uint[] zz, int zzOff) + { + ulong zc = 0; + for (int i = 0; i < len; ++i) + { + zc += MulWordAddTo(len, x[xOff + i], y, yOff, zz, zzOff) & M; + zc += zz[zzOff + len] & M; + zz[zzOff + len] = (uint)zc; + zc >>= 32; + ++zzOff; + } + return (uint)zc; + } + + public static uint Mul31BothAdd(int len, uint a, uint[] x, uint b, uint[] y, uint[] z, int zOff) + { + ulong c = 0, aVal = (ulong)a, bVal = (ulong)b; + int i = 0; + do + { + c += aVal * x[i] + bVal * y[i] + z[zOff + i]; + z[zOff + i] = (uint)c; + c >>= 32; + } + while (++i < len); + return (uint)c; + } + + public static uint MulWord(int len, uint x, uint[] y, uint[] z) + { + ulong c = 0, xVal = (ulong)x; + int i = 0; + do + { + c += xVal * y[i]; + z[i] = (uint)c; + c >>= 32; + } + while (++i < len); + return (uint)c; + } + + public static uint MulWord(int len, uint x, uint[] y, int yOff, uint[] z, int zOff) + { + ulong c = 0, xVal = (ulong)x; + int i = 0; + do + { + c += xVal * y[yOff + i]; + z[zOff + i] = (uint)c; + c >>= 32; + } + while (++i < len); + return (uint)c; + } + + public static uint MulWordAddTo(int len, uint x, uint[] y, int yOff, uint[] z, int zOff) + { + ulong c = 0, xVal = (ulong)x; + int i = 0; + do + { + c += xVal * y[yOff + i] + z[zOff + i]; + z[zOff + i] = (uint)c; + c >>= 32; + } + while (++i < len); + return (uint)c; + } + + public static uint MulWordDwordAddAt(int len, uint x, ulong y, uint[] z, int zPos) + { + Debug.Assert(zPos <= (len - 3)); + ulong c = 0, xVal = (ulong)x; + c += xVal * (uint)y + z[zPos + 0]; + z[zPos + 0] = (uint)c; + c >>= 32; + c += xVal * (y >> 32) + z[zPos + 1]; + z[zPos + 1] = (uint)c; + c >>= 32; + c += (ulong)z[zPos + 2]; + z[zPos + 2] = (uint)c; + c >>= 32; + return c == 0 ? 0 : IncAt(len, z, zPos + 3); + } + + public static uint ShiftDownBit(int len, uint[] z, uint c) + { + int i = len; + while (--i >= 0) + { + uint next = z[i]; + z[i] = (next >> 1) | (c << 31); + c = next; + } + return c << 31; + } + + public static uint ShiftDownBit(int len, uint[] z, int zOff, uint c) + { + int i = len; + while (--i >= 0) + { + uint next = z[zOff + i]; + z[zOff + i] = (next >> 1) | (c << 31); + c = next; + } + return c << 31; + } + + public static uint ShiftDownBit(int len, uint[] x, uint c, uint[] z) + { + int i = len; + while (--i >= 0) + { + uint next = x[i]; + z[i] = (next >> 1) | (c << 31); + c = next; + } + return c << 31; + } + + public static uint ShiftDownBit(int len, uint[] x, int xOff, uint c, uint[] z, int zOff) + { + int i = len; + while (--i >= 0) + { + uint next = x[xOff + i]; + z[zOff + i] = (next >> 1) | (c << 31); + c = next; + } + return c << 31; + } + + public static uint ShiftDownBits(int len, uint[] z, int bits, uint c) + { + Debug.Assert(bits > 0 && bits < 32); + int i = len; + while (--i >= 0) + { + uint next = z[i]; + z[i] = (next >> bits) | (c << -bits); + c = next; + } + return c << -bits; + } + + public static uint ShiftDownBits(int len, uint[] z, int zOff, int bits, uint c) + { + Debug.Assert(bits > 0 && bits < 32); + int i = len; + while (--i >= 0) + { + uint next = z[zOff + i]; + z[zOff + i] = (next >> bits) | (c << -bits); + c = next; + } + return c << -bits; + } + + public static uint ShiftDownBits(int len, uint[] x, int bits, uint c, uint[] z) + { + Debug.Assert(bits > 0 && bits < 32); + int i = len; + while (--i >= 0) + { + uint next = x[i]; + z[i] = (next >> bits) | (c << -bits); + c = next; + } + return c << -bits; + } + + public static uint ShiftDownBits(int len, uint[] x, int xOff, int bits, uint c, uint[] z, int zOff) + { + Debug.Assert(bits > 0 && bits < 32); + int i = len; + while (--i >= 0) + { + uint next = x[xOff + i]; + z[zOff + i] = (next >> bits) | (c << -bits); + c = next; + } + return c << -bits; + } + + public static uint ShiftDownWord(int len, uint[] z, uint c) + { + int i = len; + while (--i >= 0) + { + uint next = z[i]; + z[i] = c; + c = next; + } + return c; + } + + public static uint ShiftUpBit(int len, uint[] z, uint c) + { + for (int i = 0; i < len; ++i) + { + uint next = z[i]; + z[i] = (next << 1) | (c >> 31); + c = next; + } + return c >> 31; + } + + public static uint ShiftUpBit(int len, uint[] z, int zOff, uint c) + { + for (int i = 0; i < len; ++i) + { + uint next = z[zOff + i]; + z[zOff + i] = (next << 1) | (c >> 31); + c = next; + } + return c >> 31; + } + + public static uint ShiftUpBit(int len, uint[] x, uint c, uint[] z) + { + for (int i = 0; i < len; ++i) + { + uint next = x[i]; + z[i] = (next << 1) | (c >> 31); + c = next; + } + return c >> 31; + } + + public static uint ShiftUpBit(int len, uint[] x, int xOff, uint c, uint[] z, int zOff) + { + for (int i = 0; i < len; ++i) + { + uint next = x[xOff + i]; + z[zOff + i] = (next << 1) | (c >> 31); + c = next; + } + return c >> 31; + } + + public static ulong ShiftUpBit64(int len, ulong[] x, int xOff, ulong c, ulong[] z, int zOff) + { + for (int i = 0; i < len; ++i) + { + ulong next = x[xOff + i]; + z[zOff + i] = (next << 1) | (c >> 63); + c = next; + } + return c >> 63; + } + + public static uint ShiftUpBits(int len, uint[] z, int bits, uint c) + { + Debug.Assert(bits > 0 && bits < 32); + for (int i = 0; i < len; ++i) + { + uint next = z[i]; + z[i] = (next << bits) | (c >> -bits); + c = next; + } + return c >> -bits; + } + + public static uint ShiftUpBits(int len, uint[] z, int zOff, int bits, uint c) + { + Debug.Assert(bits > 0 && bits < 32); + for (int i = 0; i < len; ++i) + { + uint next = z[zOff + i]; + z[zOff + i] = (next << bits) | (c >> -bits); + c = next; + } + return c >> -bits; + } + + public static ulong ShiftUpBits64(int len, ulong[] z, int zOff, int bits, ulong c) + { + Debug.Assert(bits > 0 && bits < 64); + for (int i = 0; i < len; ++i) + { + ulong next = z[zOff + i]; + z[zOff + i] = (next << bits) | (c >> -bits); + c = next; + } + return c >> -bits; + } + + public static uint ShiftUpBits(int len, uint[] x, int bits, uint c, uint[] z) + { + Debug.Assert(bits > 0 && bits < 32); + for (int i = 0; i < len; ++i) + { + uint next = x[i]; + z[i] = (next << bits) | (c >> -bits); + c = next; + } + return c >> -bits; + } + + public static uint ShiftUpBits(int len, uint[] x, int xOff, int bits, uint c, uint[] z, int zOff) + { + Debug.Assert(bits > 0 && bits < 32); + for (int i = 0; i < len; ++i) + { + uint next = x[xOff + i]; + z[zOff + i] = (next << bits) | (c >> -bits); + c = next; + } + return c >> -bits; + } + + public static ulong ShiftUpBits64(int len, ulong[] x, int xOff, int bits, ulong c, ulong[] z, int zOff) + { + Debug.Assert(bits > 0 && bits < 64); + for (int i = 0; i < len; ++i) + { + ulong next = x[xOff + i]; + z[zOff + i] = (next << bits) | (c >> -bits); + c = next; + } + return c >> -bits; + } + + public static void Square(int len, uint[] x, uint[] zz) + { + int extLen = len << 1; + uint c = 0; + int j = len, k = extLen; + do + { + ulong xVal = (ulong)x[--j]; + ulong p = xVal * xVal; + zz[--k] = (c << 31) | (uint)(p >> 33); + zz[--k] = (uint)(p >> 1); + c = (uint)p; + } + while (j > 0); + + ulong d = 0UL; + int zzPos = 2; + + for (int i = 1; i < len; ++i) + { + d += SquareWordAddTo(x, i, zz); + d += zz[zzPos]; + zz[zzPos++] = (uint)d; d >>= 32; + d += zz[zzPos]; + zz[zzPos++] = (uint)d; d >>= 32; + } + Debug.Assert(0UL == d); + + ShiftUpBit(extLen, zz, x[0] << 31); + } + + public static void Square(int len, uint[] x, int xOff, uint[] zz, int zzOff) + { + int extLen = len << 1; + uint c = 0; + int j = len, k = extLen; + do + { + ulong xVal = (ulong)x[xOff + --j]; + ulong p = xVal * xVal; + zz[zzOff + --k] = (c << 31) | (uint)(p >> 33); + zz[zzOff + --k] = (uint)(p >> 1); + c = (uint)p; + } + while (j > 0); + + ulong d = 0UL; + int zzPos = zzOff + 2; + + for (int i = 1; i < len; ++i) + { + d += SquareWordAddTo(x, xOff, i, zz, zzOff); + d += zz[zzPos]; + zz[zzPos++] = (uint)d; d >>= 32; + d += zz[zzPos]; + zz[zzPos++] = (uint)d; d >>= 32; + } + Debug.Assert(0UL == d); + + ShiftUpBit(extLen, zz, zzOff, x[xOff] << 31); + } + + [Obsolete("Use 'SquareWordAddTo' instead")] + public static uint SquareWordAdd(uint[] x, int xPos, uint[] z) + { + ulong c = 0, xVal = (ulong)x[xPos]; + int i = 0; + do + { + c += xVal * x[i] + z[xPos + i]; + z[xPos + i] = (uint)c; + c >>= 32; + } + while (++i < xPos); + return (uint)c; + } + + [Obsolete("Use 'SquareWordAddTo' instead")] + public static uint SquareWordAdd(uint[] x, int xOff, int xPos, uint[] z, int zOff) + { + ulong c = 0, xVal = (ulong)x[xOff + xPos]; + int i = 0; + do + { + c += xVal * (x[xOff + i] & M) + (z[xPos + zOff] & M); + z[xPos + zOff] = (uint)c; + c >>= 32; + ++zOff; + } + while (++i < xPos); + return (uint)c; + } + + public static uint SquareWordAddTo(uint[] x, int xPos, uint[] z) + { + ulong c = 0, xVal = (ulong)x[xPos]; + int i = 0; + do + { + c += xVal * x[i] + z[xPos + i]; + z[xPos + i] = (uint)c; + c >>= 32; + } + while (++i < xPos); + return (uint)c; + } + + public static uint SquareWordAddTo(uint[] x, int xOff, int xPos, uint[] z, int zOff) + { + ulong c = 0, xVal = (ulong)x[xOff + xPos]; + int i = 0; + do + { + c += xVal * (x[xOff + i] & M) + (z[xPos + zOff] & M); + z[xPos + zOff] = (uint)c; + c >>= 32; + ++zOff; + } + while (++i < xPos); + return (uint)c; + } + + public static int Sub(int len, uint[] x, uint[] y, uint[] z) + { + long c = 0; + for (int i = 0; i < len; ++i) + { + c += (long)x[i] - y[i]; + z[i] = (uint)c; + c >>= 32; + } + return (int)c; + } + + public static int Sub(int len, uint[] x, int xOff, uint[] y, int yOff, uint[] z, int zOff) + { + long c = 0; + for (int i = 0; i < len; ++i) + { + c += (long)x[xOff + i] - y[yOff + i]; + z[zOff + i] = (uint)c; + c >>= 32; + } + return (int)c; + } + public static int Sub33At(int len, uint x, uint[] z, int zPos) + { + Debug.Assert(zPos <= (len - 2)); + long c = (long)z[zPos + 0] - x; + z[zPos + 0] = (uint)c; + c >>= 32; + c += (long)z[zPos + 1] - 1; + z[zPos + 1] = (uint)c; + c >>= 32; + return c == 0 ? 0 : DecAt(len, z, zPos + 2); + } + + public static int Sub33At(int len, uint x, uint[] z, int zOff, int zPos) + { + Debug.Assert(zPos <= (len - 2)); + long c = (long)z[zOff + zPos] - x; + z[zOff + zPos] = (uint)c; + c >>= 32; + c += (long)z[zOff + zPos + 1] - 1; + z[zOff + zPos + 1] = (uint)c; + c >>= 32; + return c == 0 ? 0 : DecAt(len, z, zOff, zPos + 2); + } + + public static int Sub33From(int len, uint x, uint[] z) + { + long c = (long)z[0] - x; + z[0] = (uint)c; + c >>= 32; + c += (long)z[1] - 1; + z[1] = (uint)c; + c >>= 32; + return c == 0 ? 0 : DecAt(len, z, 2); + } + + public static int Sub33From(int len, uint x, uint[] z, int zOff) + { + long c = (long)z[zOff + 0] - x; + z[zOff + 0] = (uint)c; + c >>= 32; + c += (long)z[zOff + 1] - 1; + z[zOff + 1] = (uint)c; + c >>= 32; + return c == 0 ? 0 : DecAt(len, z, zOff, 2); + } + + public static int SubBothFrom(int len, uint[] x, uint[] y, uint[] z) + { + long c = 0; + for (int i = 0; i < len; ++i) + { + c += (long)z[i] - x[i] - y[i]; + z[i] = (uint)c; + c >>= 32; + } + return (int)c; + } + + public static int SubBothFrom(int len, uint[] x, int xOff, uint[] y, int yOff, uint[] z, int zOff) + { + long c = 0; + for (int i = 0; i < len; ++i) + { + c += (long)z[zOff + i] - x[xOff + i] - y[yOff + i]; + z[zOff + i] = (uint)c; + c >>= 32; + } + return (int)c; + } + + public static int SubDWordAt(int len, ulong x, uint[] z, int zPos) + { + Debug.Assert(zPos <= (len - 2)); + long c = (long)z[zPos + 0] - (long)(x & M); + z[zPos + 0] = (uint)c; + c >>= 32; + c += (long)z[zPos + 1] - (long)(x >> 32); + z[zPos + 1] = (uint)c; + c >>= 32; + return c == 0 ? 0 : DecAt(len, z, zPos + 2); + } + + public static int SubDWordAt(int len, ulong x, uint[] z, int zOff, int zPos) + { + Debug.Assert(zPos <= (len - 2)); + long c = (long)z[zOff + zPos] - (long)(x & M); + z[zOff + zPos] = (uint)c; + c >>= 32; + c += (long)z[zOff + zPos + 1] - (long)(x >> 32); + z[zOff + zPos + 1] = (uint)c; + c >>= 32; + return c == 0 ? 0 : DecAt(len, z, zOff, zPos + 2); + } + + public static int SubDWordFrom(int len, ulong x, uint[] z) + { + long c = (long)z[0] - (long)(x & M); + z[0] = (uint)c; + c >>= 32; + c += (long)z[1] - (long)(x >> 32); + z[1] = (uint)c; + c >>= 32; + return c == 0 ? 0 : DecAt(len, z, 2); + } + + public static int SubDWordFrom(int len, ulong x, uint[] z, int zOff) + { + long c = (long)z[zOff + 0] - (long)(x & M); + z[zOff + 0] = (uint)c; + c >>= 32; + c += (long)z[zOff + 1] - (long)(x >> 32); + z[zOff + 1] = (uint)c; + c >>= 32; + return c == 0 ? 0 : DecAt(len, z, zOff, 2); + } + + public static int SubFrom(int len, uint[] x, uint[] z) + { + long c = 0; + for (int i = 0; i < len; ++i) + { + c += (long)z[i] - x[i]; + z[i] = (uint)c; + c >>= 32; + } + return (int)c; + } + + public static int SubFrom(int len, uint[] x, int xOff, uint[] z, int zOff) + { + long c = 0; + for (int i = 0; i < len; ++i) + { + c += (long)z[zOff + i] - x[xOff + i]; + z[zOff + i] = (uint)c; + c >>= 32; + } + return (int)c; + } + + public static int SubWordAt(int len, uint x, uint[] z, int zPos) + { + Debug.Assert(zPos <= (len - 1)); + long c = (long)z[zPos] - x; + z[zPos] = (uint)c; + c >>= 32; + return c == 0 ? 0 : DecAt(len, z, zPos + 1); + } + + public static int SubWordAt(int len, uint x, uint[] z, int zOff, int zPos) + { + Debug.Assert(zPos <= (len - 1)); + long c = (long)z[zOff + zPos] - x; + z[zOff + zPos] = (uint)c; + c >>= 32; + return c == 0 ? 0 : DecAt(len, z, zOff, zPos + 1); + } + + public static int SubWordFrom(int len, uint x, uint[] z) + { + long c = (long)z[0] - x; + z[0] = (uint)c; + c >>= 32; + return c == 0 ? 0 : DecAt(len, z, 1); + } + + public static int SubWordFrom(int len, uint x, uint[] z, int zOff) + { + long c = (long)z[zOff + 0] - x; + z[zOff + 0] = (uint)c; + c >>= 32; + return c == 0 ? 0 : DecAt(len, z, zOff, 1); + } + + public static BigInteger ToBigInteger(int len, uint[] x) + { + byte[] bs = new byte[len << 2]; + for (int i = 0; i < len; ++i) + { + uint x_i = x[i]; + if (x_i != 0) + { + Pack.UInt32_To_BE(x_i, bs, (len - 1 - i) << 2); + } + } + return new BigInteger(1, bs); + } + + public static void Zero(int len, uint[] z) + { + for (int i = 0; i < len; ++i) + { + z[i] = 0; + } + } + + public static void Zero64(int len, ulong[] z) + { + for (int i = 0; i < len; ++i) + { + z[i] = 0UL; + } + } + } +} diff --git a/BouncyCastle/crypto/src/math/raw/Nat128.cs b/BouncyCastle/crypto/src/math/raw/Nat128.cs new file mode 100644 index 0000000..d336b32 --- /dev/null +++ b/BouncyCastle/crypto/src/math/raw/Nat128.cs @@ -0,0 +1,842 @@ +using System; +using System.Diagnostics; + +using Org.BouncyCastle.Crypto.Utilities; + +namespace Org.BouncyCastle.Math.Raw +{ + internal abstract class Nat128 + { + private const ulong M = 0xFFFFFFFFUL; + + public static uint Add(uint[] x, uint[] y, uint[] z) + { + ulong c = 0; + c += (ulong)x[0] + y[0]; + z[0] = (uint)c; + c >>= 32; + c += (ulong)x[1] + y[1]; + z[1] = (uint)c; + c >>= 32; + c += (ulong)x[2] + y[2]; + z[2] = (uint)c; + c >>= 32; + c += (ulong)x[3] + y[3]; + z[3] = (uint)c; + c >>= 32; + return (uint)c; + } + + public static uint AddBothTo(uint[] x, uint[] y, uint[] z) + { + ulong c = 0; + c += (ulong)x[0] + y[0] + z[0]; + z[0] = (uint)c; + c >>= 32; + c += (ulong)x[1] + y[1] + z[1]; + z[1] = (uint)c; + c >>= 32; + c += (ulong)x[2] + y[2] + z[2]; + z[2] = (uint)c; + c >>= 32; + c += (ulong)x[3] + y[3] + z[3]; + z[3] = (uint)c; + c >>= 32; + return (uint)c; + } + + public static uint AddTo(uint[] x, uint[] z) + { + ulong c = 0; + c += (ulong)x[0] + z[0]; + z[0] = (uint)c; + c >>= 32; + c += (ulong)x[1] + z[1]; + z[1] = (uint)c; + c >>= 32; + c += (ulong)x[2] + z[2]; + z[2] = (uint)c; + c >>= 32; + c += (ulong)x[3] + z[3]; + z[3] = (uint)c; + c >>= 32; + return (uint)c; + } + + public static uint AddTo(uint[] x, int xOff, uint[] z, int zOff, uint cIn) + { + ulong c = cIn; + c += (ulong)x[xOff + 0] + z[zOff + 0]; + z[zOff + 0] = (uint)c; + c >>= 32; + c += (ulong)x[xOff + 1] + z[zOff + 1]; + z[zOff + 1] = (uint)c; + c >>= 32; + c += (ulong)x[xOff + 2] + z[zOff + 2]; + z[zOff + 2] = (uint)c; + c >>= 32; + c += (ulong)x[xOff + 3] + z[zOff + 3]; + z[zOff + 3] = (uint)c; + c >>= 32; + return (uint)c; + } + + public static uint AddToEachOther(uint[] u, int uOff, uint[] v, int vOff) + { + ulong c = 0; + c += (ulong)u[uOff + 0] + v[vOff + 0]; + u[uOff + 0] = (uint)c; + v[vOff + 0] = (uint)c; + c >>= 32; + c += (ulong)u[uOff + 1] + v[vOff + 1]; + u[uOff + 1] = (uint)c; + v[vOff + 1] = (uint)c; + c >>= 32; + c += (ulong)u[uOff + 2] + v[vOff + 2]; + u[uOff + 2] = (uint)c; + v[vOff + 2] = (uint)c; + c >>= 32; + c += (ulong)u[uOff + 3] + v[vOff + 3]; + u[uOff + 3] = (uint)c; + v[vOff + 3] = (uint)c; + c >>= 32; + return (uint)c; + } + + public static void Copy(uint[] x, uint[] z) + { + z[0] = x[0]; + z[1] = x[1]; + z[2] = x[2]; + z[3] = x[3]; + } + + public static void Copy(uint[] x, int xOff, uint[] z, int zOff) + { + z[zOff + 0] = x[xOff + 0]; + z[zOff + 1] = x[xOff + 1]; + z[zOff + 2] = x[xOff + 2]; + z[zOff + 3] = x[xOff + 3]; + } + + public static void Copy64(ulong[] x, ulong[] z) + { + z[0] = x[0]; + z[1] = x[1]; + } + + public static void Copy64(ulong[] x, int xOff, ulong[] z, int zOff) + { + z[zOff + 0] = x[xOff + 0]; + z[zOff + 1] = x[xOff + 1]; + } + + public static uint[] Create() + { + return new uint[4]; + } + + public static ulong[] Create64() + { + return new ulong[2]; + } + + public static uint[] CreateExt() + { + return new uint[8]; + } + + public static ulong[] CreateExt64() + { + return new ulong[4]; + } + + public static bool Diff(uint[] x, int xOff, uint[] y, int yOff, uint[] z, int zOff) + { + bool pos = Gte(x, xOff, y, yOff); + if (pos) + { + Sub(x, xOff, y, yOff, z, zOff); + } + else + { + Sub(y, yOff, x, xOff, z, zOff); + } + return pos; + } + + public static bool Eq(uint[] x, uint[] y) + { + for (int i = 3; i >= 0; --i) + { + if (x[i] != y[i]) + return false; + } + return true; + } + + public static bool Eq64(ulong[] x, ulong[] y) + { + for (int i = 1; i >= 0; --i) + { + if (x[i] != y[i]) + return false; + } + return true; + } + + public static uint GetBit(uint[] x, int bit) + { + if (bit == 0) + { + return x[0] & 1; + } + if ((bit & 127) != bit) + { + return 0; + } + int w = bit >> 5; + int b = bit & 31; + return (x[w] >> b) & 1; + } + + public static bool Gte(uint[] x, uint[] y) + { + for (int i = 3; i >= 0; --i) + { + uint x_i = x[i], y_i = y[i]; + if (x_i < y_i) + return false; + if (x_i > y_i) + return true; + } + return true; + } + + public static bool Gte(uint[] x, int xOff, uint[] y, int yOff) + { + for (int i = 3; i >= 0; --i) + { + uint x_i = x[xOff + i], y_i = y[yOff + i]; + if (x_i < y_i) + return false; + if (x_i > y_i) + return true; + } + return true; + } + + public static bool IsOne(uint[] x) + { + if (x[0] != 1) + { + return false; + } + for (int i = 1; i < 4; ++i) + { + if (x[i] != 0) + { + return false; + } + } + return true; + } + + public static bool IsOne64(ulong[] x) + { + if (x[0] != 1UL) + { + return false; + } + for (int i = 1; i < 2; ++i) + { + if (x[i] != 0UL) + { + return false; + } + } + return true; + } + + public static bool IsZero(uint[] x) + { + for (int i = 0; i < 4; ++i) + { + if (x[i] != 0) + { + return false; + } + } + return true; + } + + public static bool IsZero64(ulong[] x) + { + for (int i = 0; i < 2; ++i) + { + if (x[i] != 0UL) + { + return false; + } + } + return true; + } + + public static void Mul(uint[] x, uint[] y, uint[] zz) + { + ulong y_0 = y[0]; + ulong y_1 = y[1]; + ulong y_2 = y[2]; + ulong y_3 = y[3]; + + { + ulong c = 0, x_0 = x[0]; + c += x_0 * y_0; + zz[0] = (uint)c; + c >>= 32; + c += x_0 * y_1; + zz[1] = (uint)c; + c >>= 32; + c += x_0 * y_2; + zz[2] = (uint)c; + c >>= 32; + c += x_0 * y_3; + zz[3] = (uint)c; + c >>= 32; + zz[4] = (uint)c; + } + + for (int i = 1; i < 4; ++i) + { + ulong c = 0, x_i = x[i]; + c += x_i * y_0 + zz[i + 0]; + zz[i + 0] = (uint)c; + c >>= 32; + c += x_i * y_1 + zz[i + 1]; + zz[i + 1] = (uint)c; + c >>= 32; + c += x_i * y_2 + zz[i + 2]; + zz[i + 2] = (uint)c; + c >>= 32; + c += x_i * y_3 + zz[i + 3]; + zz[i + 3] = (uint)c; + c >>= 32; + zz[i + 4] = (uint)c; + } + } + + public static void Mul(uint[] x, int xOff, uint[] y, int yOff, uint[] zz, int zzOff) + { + ulong y_0 = y[yOff + 0]; + ulong y_1 = y[yOff + 1]; + ulong y_2 = y[yOff + 2]; + ulong y_3 = y[yOff + 3]; + + { + ulong c = 0, x_0 = x[xOff + 0]; + c += x_0 * y_0; + zz[zzOff + 0] = (uint)c; + c >>= 32; + c += x_0 * y_1; + zz[zzOff + 1] = (uint)c; + c >>= 32; + c += x_0 * y_2; + zz[zzOff + 2] = (uint)c; + c >>= 32; + c += x_0 * y_3; + zz[zzOff + 3] = (uint)c; + c >>= 32; + zz[zzOff + 4] = (uint)c; + } + + for (int i = 1; i < 4; ++i) + { + ++zzOff; + ulong c = 0, x_i = x[xOff + i]; + c += x_i * y_0 + zz[zzOff + 0]; + zz[zzOff + 0] = (uint)c; + c >>= 32; + c += x_i * y_1 + zz[zzOff + 1]; + zz[zzOff + 1] = (uint)c; + c >>= 32; + c += x_i * y_2 + zz[zzOff + 2]; + zz[zzOff + 2] = (uint)c; + c >>= 32; + c += x_i * y_3 + zz[zzOff + 3]; + zz[zzOff + 3] = (uint)c; + c >>= 32; + zz[zzOff + 4] = (uint)c; + } + } + + public static uint MulAddTo(uint[] x, uint[] y, uint[] zz) + { + ulong y_0 = y[0]; + ulong y_1 = y[1]; + ulong y_2 = y[2]; + ulong y_3 = y[3]; + + ulong zc = 0; + for (int i = 0; i < 4; ++i) + { + ulong c = 0, x_i = x[i]; + c += x_i * y_0 + zz[i + 0]; + zz[i + 0] = (uint)c; + c >>= 32; + c += x_i * y_1 + zz[i + 1]; + zz[i + 1] = (uint)c; + c >>= 32; + c += x_i * y_2 + zz[i + 2]; + zz[i + 2] = (uint)c; + c >>= 32; + c += x_i * y_3 + zz[i + 3]; + zz[i + 3] = (uint)c; + c >>= 32; + + zc += c + zz[i + 4]; + zz[i + 4] = (uint)zc; + zc >>= 32; + } + return (uint)zc; + } + + public static uint MulAddTo(uint[] x, int xOff, uint[] y, int yOff, uint[] zz, int zzOff) + { + ulong y_0 = y[yOff + 0]; + ulong y_1 = y[yOff + 1]; + ulong y_2 = y[yOff + 2]; + ulong y_3 = y[yOff + 3]; + + ulong zc = 0; + for (int i = 0; i < 4; ++i) + { + ulong c = 0, x_i = x[xOff + i]; + c += x_i * y_0 + zz[zzOff + 0]; + zz[zzOff + 0] = (uint)c; + c >>= 32; + c += x_i * y_1 + zz[zzOff + 1]; + zz[zzOff + 1] = (uint)c; + c >>= 32; + c += x_i * y_2 + zz[zzOff + 2]; + zz[zzOff + 2] = (uint)c; + c >>= 32; + c += x_i * y_3 + zz[zzOff + 3]; + zz[zzOff + 3] = (uint)c; + c >>= 32; + + zc += c + zz[zzOff + 4]; + zz[zzOff + 4] = (uint)zc; + zc >>= 32; + ++zzOff; + } + return (uint)zc; + } + + public static ulong Mul33Add(uint w, uint[] x, int xOff, uint[] y, int yOff, uint[] z, int zOff) + { + Debug.Assert(w >> 31 == 0); + + ulong c = 0, wVal = w; + ulong x0 = x[xOff + 0]; + c += wVal * x0 + y[yOff + 0]; + z[zOff + 0] = (uint)c; + c >>= 32; + ulong x1 = x[xOff + 1]; + c += wVal * x1 + x0 + y[yOff + 1]; + z[zOff + 1] = (uint)c; + c >>= 32; + ulong x2 = x[xOff + 2]; + c += wVal * x2 + x1 + y[yOff + 2]; + z[zOff + 2] = (uint)c; + c >>= 32; + ulong x3 = x[xOff + 3]; + c += wVal * x3 + x2 + y[yOff + 3]; + z[zOff + 3] = (uint)c; + c >>= 32; + c += x3; + return c; + } + + public static uint MulWordAddExt(uint x, uint[] yy, int yyOff, uint[] zz, int zzOff) + { + Debug.Assert(yyOff <= 4); + Debug.Assert(zzOff <= 4); + + ulong c = 0, xVal = x; + c += xVal * yy[yyOff + 0] + zz[zzOff + 0]; + zz[zzOff + 0] = (uint)c; + c >>= 32; + c += xVal * yy[yyOff + 1] + zz[zzOff + 1]; + zz[zzOff + 1] = (uint)c; + c >>= 32; + c += xVal * yy[yyOff + 2] + zz[zzOff + 2]; + zz[zzOff + 2] = (uint)c; + c >>= 32; + c += xVal * yy[yyOff + 3] + zz[zzOff + 3]; + zz[zzOff + 3] = (uint)c; + c >>= 32; + return (uint)c; + } + + public static uint Mul33DWordAdd(uint x, ulong y, uint[] z, int zOff) + { + Debug.Assert(x >> 31 == 0); + Debug.Assert(zOff <= 0); + ulong c = 0, xVal = x; + ulong y00 = y & M; + c += xVal * y00 + z[zOff + 0]; + z[zOff + 0] = (uint)c; + c >>= 32; + ulong y01 = y >> 32; + c += xVal * y01 + y00 + z[zOff + 1]; + z[zOff + 1] = (uint)c; + c >>= 32; + c += y01 + z[zOff + 2]; + z[zOff + 2] = (uint)c; + c >>= 32; + c += z[zOff + 3]; + z[zOff + 3] = (uint)c; + c >>= 32; + return (uint)c; + } + + public static uint Mul33WordAdd(uint x, uint y, uint[] z, int zOff) + { + Debug.Assert(x >> 31 == 0); + Debug.Assert(zOff <= 1); + ulong c = 0, yVal = y; + c += yVal * x + z[zOff + 0]; + z[zOff + 0] = (uint)c; + c >>= 32; + c += yVal + z[zOff + 1]; + z[zOff + 1] = (uint)c; + c >>= 32; + c += z[zOff + 2]; + z[zOff + 2] = (uint)c; + c >>= 32; + return c == 0 ? 0 : Nat.IncAt(4, z, zOff, 3); + } + + public static uint MulWordDwordAdd(uint x, ulong y, uint[] z, int zOff) + { + Debug.Assert(zOff <= 1); + ulong c = 0, xVal = x; + c += xVal * y + z[zOff + 0]; + z[zOff + 0] = (uint)c; + c >>= 32; + c += xVal * (y >> 32) + z[zOff + 1]; + z[zOff + 1] = (uint)c; + c >>= 32; + c += z[zOff + 2]; + z[zOff + 2] = (uint)c; + c >>= 32; + return c == 0 ? 0 : Nat.IncAt(4, z, zOff, 3); + } + + public static uint MulWordsAdd(uint x, uint y, uint[] z, int zOff) + { + Debug.Assert(zOff <= 2); + + ulong c = 0, xVal = x, yVal = y; + c += yVal * xVal + z[zOff + 0]; + z[zOff + 0] = (uint)c; + c >>= 32; + c += z[zOff + 1]; + z[zOff + 1] = (uint)c; + c >>= 32; + return c == 0 ? 0 : Nat.IncAt(4, z, zOff, 2); + } + + public static uint MulWord(uint x, uint[] y, uint[] z, int zOff) + { + ulong c = 0, xVal = x; + int i = 0; + do + { + c += xVal * y[i]; + z[zOff + i] = (uint)c; + c >>= 32; + } + while (++i < 4); + return (uint)c; + } + + public static void Square(uint[] x, uint[] zz) + { + ulong x_0 = x[0]; + ulong zz_1; + + uint c = 0, w; + { + int i = 3, j = 8; + do + { + ulong xVal = x[i--]; + ulong p = xVal * xVal; + zz[--j] = (c << 31) | (uint)(p >> 33); + zz[--j] = (uint)(p >> 1); + c = (uint)p; + } + while (i > 0); + + { + ulong p = x_0 * x_0; + zz_1 = (ulong)(c << 31) | (p >> 33); + zz[0] = (uint)p; + c = (uint)(p >> 32) & 1; + } + } + + ulong x_1 = x[1]; + ulong zz_2 = zz[2]; + + { + zz_1 += x_1 * x_0; + w = (uint)zz_1; + zz[1] = (w << 1) | c; + c = w >> 31; + zz_2 += zz_1 >> 32; + } + + ulong x_2 = x[2]; + ulong zz_3 = zz[3]; + ulong zz_4 = zz[4]; + { + zz_2 += x_2 * x_0; + w = (uint)zz_2; + zz[2] = (w << 1) | c; + c = w >> 31; + zz_3 += (zz_2 >> 32) + x_2 * x_1; + zz_4 += zz_3 >> 32; + zz_3 &= M; + } + + ulong x_3 = x[3]; + ulong zz_5 = zz[5] + (zz_4 >> 32); zz_4 &= M; + ulong zz_6 = zz[6] + (zz_5 >> 32); zz_5 &= M; + { + zz_3 += x_3 * x_0; + w = (uint)zz_3; + zz[3] = (w << 1) | c; + c = w >> 31; + zz_4 += (zz_3 >> 32) + x_3 * x_1; + zz_5 += (zz_4 >> 32) + x_3 * x_2; + zz_6 += zz_5 >> 32; + } + + w = (uint)zz_4; + zz[4] = (w << 1) | c; + c = w >> 31; + w = (uint)zz_5; + zz[5] = (w << 1) | c; + c = w >> 31; + w = (uint)zz_6; + zz[6] = (w << 1) | c; + c = w >> 31; + w = zz[7] + (uint)(zz_6 >> 32); + zz[7] = (w << 1) | c; + } + + public static void Square(uint[] x, int xOff, uint[] zz, int zzOff) + { + ulong x_0 = x[xOff + 0]; + ulong zz_1; + + uint c = 0, w; + { + int i = 3, j = 8; + do + { + ulong xVal = x[xOff + i--]; + ulong p = xVal * xVal; + zz[zzOff + --j] = (c << 31) | (uint)(p >> 33); + zz[zzOff + --j] = (uint)(p >> 1); + c = (uint)p; + } + while (i > 0); + + { + ulong p = x_0 * x_0; + zz_1 = (ulong)(c << 31) | (p >> 33); + zz[zzOff + 0] = (uint)p; + c = (uint)(p >> 32) & 1; + } + } + + ulong x_1 = x[xOff + 1]; + ulong zz_2 = zz[zzOff + 2]; + + { + zz_1 += x_1 * x_0; + w = (uint)zz_1; + zz[zzOff + 1] = (w << 1) | c; + c = w >> 31; + zz_2 += zz_1 >> 32; + } + + ulong x_2 = x[xOff + 2]; + ulong zz_3 = zz[zzOff + 3]; + ulong zz_4 = zz[zzOff + 4]; + { + zz_2 += x_2 * x_0; + w = (uint)zz_2; + zz[zzOff + 2] = (w << 1) | c; + c = w >> 31; + zz_3 += (zz_2 >> 32) + x_2 * x_1; + zz_4 += zz_3 >> 32; + zz_3 &= M; + } + + ulong x_3 = x[xOff + 3]; + ulong zz_5 = zz[zzOff + 5] + (zz_4 >> 32); zz_4 &= M; + ulong zz_6 = zz[zzOff + 6] + (zz_5 >> 32); zz_5 &= M; + { + zz_3 += x_3 * x_0; + w = (uint)zz_3; + zz[zzOff + 3] = (w << 1) | c; + c = w >> 31; + zz_4 += (zz_3 >> 32) + x_3 * x_1; + zz_5 += (zz_4 >> 32) + x_3 * x_2; + zz_6 += zz_5 >> 32; + } + + w = (uint)zz_4; + zz[zzOff + 4] = (w << 1) | c; + c = w >> 31; + w = (uint)zz_5; + zz[zzOff + 5] = (w << 1) | c; + c = w >> 31; + w = (uint)zz_6; + zz[zzOff + 6] = (w << 1) | c; + c = w >> 31; + w = zz[zzOff + 7] + (uint)(zz_6 >> 32); + zz[zzOff + 7] = (w << 1) | c; + } + + public static int Sub(uint[] x, uint[] y, uint[] z) + { + long c = 0; + c += (long)x[0] - y[0]; + z[0] = (uint)c; + c >>= 32; + c += (long)x[1] - y[1]; + z[1] = (uint)c; + c >>= 32; + c += (long)x[2] - y[2]; + z[2] = (uint)c; + c >>= 32; + c += (long)x[3] - y[3]; + z[3] = (uint)c; + c >>= 32; + return (int)c; + } + + public static int Sub(uint[] x, int xOff, uint[] y, int yOff, uint[] z, int zOff) + { + long c = 0; + c += (long)x[xOff + 0] - y[yOff + 0]; + z[zOff + 0] = (uint)c; + c >>= 32; + c += (long)x[xOff + 1] - y[yOff + 1]; + z[zOff + 1] = (uint)c; + c >>= 32; + c += (long)x[xOff + 2] - y[yOff + 2]; + z[zOff + 2] = (uint)c; + c >>= 32; + c += (long)x[xOff + 3] - y[yOff + 3]; + z[zOff + 3] = (uint)c; + c >>= 32; + return (int)c; + } + + public static int SubBothFrom(uint[] x, uint[] y, uint[] z) + { + long c = 0; + c += (long)z[0] - x[0] - y[0]; + z[0] = (uint)c; + c >>= 32; + c += (long)z[1] - x[1] - y[1]; + z[1] = (uint)c; + c >>= 32; + c += (long)z[2] - x[2] - y[2]; + z[2] = (uint)c; + c >>= 32; + c += (long)z[3] - x[3] - y[3]; + z[3] = (uint)c; + c >>= 32; + return (int)c; + } + + public static int SubFrom(uint[] x, uint[] z) + { + long c = 0; + c += (long)z[0] - x[0]; + z[0] = (uint)c; + c >>= 32; + c += (long)z[1] - x[1]; + z[1] = (uint)c; + c >>= 32; + c += (long)z[2] - x[2]; + z[2] = (uint)c; + c >>= 32; + c += (long)z[3] - x[3]; + z[3] = (uint)c; + c >>= 32; + return (int)c; + } + + public static int SubFrom(uint[] x, int xOff, uint[] z, int zOff) + { + long c = 0; + c += (long)z[zOff + 0] - x[xOff + 0]; + z[zOff + 0] = (uint)c; + c >>= 32; + c += (long)z[zOff + 1] - x[xOff + 1]; + z[zOff + 1] = (uint)c; + c >>= 32; + c += (long)z[zOff + 2] - x[xOff + 2]; + z[zOff + 2] = (uint)c; + c >>= 32; + c += (long)z[zOff + 3] - x[xOff + 3]; + z[zOff + 3] = (uint)c; + c >>= 32; + return (int)c; + } + + public static BigInteger ToBigInteger(uint[] x) + { + byte[] bs = new byte[16]; + for (int i = 0; i < 4; ++i) + { + uint x_i = x[i]; + if (x_i != 0) + { + Pack.UInt32_To_BE(x_i, bs, (3 - i) << 2); + } + } + return new BigInteger(1, bs); + } + + public static BigInteger ToBigInteger64(ulong[] x) + { + byte[] bs = new byte[16]; + for (int i = 0; i < 2; ++i) + { + ulong x_i = x[i]; + if (x_i != 0UL) + { + Pack.UInt64_To_BE(x_i, bs, (1 - i) << 3); + } + } + return new BigInteger(1, bs); + } + + public static void Zero(uint[] z) + { + z[0] = 0; + z[1] = 0; + z[2] = 0; + z[3] = 0; + } + } +} diff --git a/BouncyCastle/crypto/src/math/raw/Nat160.cs b/BouncyCastle/crypto/src/math/raw/Nat160.cs new file mode 100644 index 0000000..f862700 --- /dev/null +++ b/BouncyCastle/crypto/src/math/raw/Nat160.cs @@ -0,0 +1,870 @@ +using System; +using System.Diagnostics; + +using Org.BouncyCastle.Crypto.Utilities; + +namespace Org.BouncyCastle.Math.Raw +{ + internal abstract class Nat160 + { + private const ulong M = 0xFFFFFFFFUL; + + public static uint Add(uint[] x, uint[] y, uint[] z) + { + ulong c = 0; + c += (ulong)x[0] + y[0]; + z[0] = (uint)c; + c >>= 32; + c += (ulong)x[1] + y[1]; + z[1] = (uint)c; + c >>= 32; + c += (ulong)x[2] + y[2]; + z[2] = (uint)c; + c >>= 32; + c += (ulong)x[3] + y[3]; + z[3] = (uint)c; + c >>= 32; + c += (ulong)x[4] + y[4]; + z[4] = (uint)c; + c >>= 32; + return (uint)c; + } + + public static uint AddBothTo(uint[] x, uint[] y, uint[] z) + { + ulong c = 0; + c += (ulong)x[0] + y[0] + z[0]; + z[0] = (uint)c; + c >>= 32; + c += (ulong)x[1] + y[1] + z[1]; + z[1] = (uint)c; + c >>= 32; + c += (ulong)x[2] + y[2] + z[2]; + z[2] = (uint)c; + c >>= 32; + c += (ulong)x[3] + y[3] + z[3]; + z[3] = (uint)c; + c >>= 32; + c += (ulong)x[4] + y[4] + z[4]; + z[4] = (uint)c; + c >>= 32; + return (uint)c; + } + + public static uint AddTo(uint[] x, uint[] z) + { + ulong c = 0; + c += (ulong)x[0] + z[0]; + z[0] = (uint)c; + c >>= 32; + c += (ulong)x[1] + z[1]; + z[1] = (uint)c; + c >>= 32; + c += (ulong)x[2] + z[2]; + z[2] = (uint)c; + c >>= 32; + c += (ulong)x[3] + z[3]; + z[3] = (uint)c; + c >>= 32; + c += (ulong)x[4] + z[4]; + z[4] = (uint)c; + c >>= 32; + return (uint)c; + } + + public static uint AddTo(uint[] x, int xOff, uint[] z, int zOff, uint cIn) + { + ulong c = cIn; + c += (ulong)x[xOff + 0] + z[zOff + 0]; + z[zOff + 0] = (uint)c; + c >>= 32; + c += (ulong)x[xOff + 1] + z[zOff + 1]; + z[zOff + 1] = (uint)c; + c >>= 32; + c += (ulong)x[xOff + 2] + z[zOff + 2]; + z[zOff + 2] = (uint)c; + c >>= 32; + c += (ulong)x[xOff + 3] + z[zOff + 3]; + z[zOff + 3] = (uint)c; + c >>= 32; + c += (ulong)x[xOff + 4] + z[zOff + 4]; + z[zOff + 4] = (uint)c; + c >>= 32; + c += (ulong)x[xOff + 5] + z[zOff + 5]; + return (uint)c; + } + + public static uint AddToEachOther(uint[] u, int uOff, uint[] v, int vOff) + { + ulong c = 0; + c += (ulong)u[uOff + 0] + v[vOff + 0]; + u[uOff + 0] = (uint)c; + v[vOff + 0] = (uint)c; + c >>= 32; + c += (ulong)u[uOff + 1] + v[vOff + 1]; + u[uOff + 1] = (uint)c; + v[vOff + 1] = (uint)c; + c >>= 32; + c += (ulong)u[uOff + 2] + v[vOff + 2]; + u[uOff + 2] = (uint)c; + v[vOff + 2] = (uint)c; + c >>= 32; + c += (ulong)u[uOff + 3] + v[vOff + 3]; + u[uOff + 3] = (uint)c; + v[vOff + 3] = (uint)c; + c >>= 32; + c += (ulong)u[uOff + 4] + v[vOff + 4]; + u[uOff + 4] = (uint)c; + v[vOff + 4] = (uint)c; + c >>= 32; + return (uint)c; + } + + public static void Copy(uint[] x, uint[] z) + { + z[0] = x[0]; + z[1] = x[1]; + z[2] = x[2]; + z[3] = x[3]; + z[4] = x[4]; + } + + public static void Copy(uint[] x, int xOff, uint[] z, int zOff) + { + z[zOff + 0] = x[xOff + 0]; + z[zOff + 1] = x[xOff + 1]; + z[zOff + 2] = x[xOff + 2]; + z[zOff + 3] = x[xOff + 3]; + z[zOff + 4] = x[xOff + 4]; + } + + public static uint[] Create() + { + return new uint[5]; + } + + public static uint[] CreateExt() + { + return new uint[10]; + } + + public static bool Diff(uint[] x, int xOff, uint[] y, int yOff, uint[] z, int zOff) + { + bool pos = Gte(x, xOff, y, yOff); + if (pos) + { + Sub(x, xOff, y, yOff, z, zOff); + } + else + { + Sub(y, yOff, x, xOff, z, zOff); + } + return pos; + } + + public static bool Eq(uint[] x, uint[] y) + { + for (int i = 4; i >= 0; --i) + { + if (x[i] != y[i]) + return false; + } + return true; + } + + public static uint GetBit(uint[] x, int bit) + { + if (bit == 0) + { + return x[0] & 1; + } + int w = bit >> 5; + if (w < 0 || w >= 5) + { + return 0; + } + int b = bit & 31; + return (x[w] >> b) & 1; + } + + public static bool Gte(uint[] x, uint[] y) + { + for (int i = 4; i >= 0; --i) + { + uint x_i = x[i], y_i = y[i]; + if (x_i < y_i) + return false; + if (x_i > y_i) + return true; + } + return true; + } + + public static bool Gte(uint[] x, int xOff, uint[] y, int yOff) + { + for (int i = 4; i >= 0; --i) + { + uint x_i = x[xOff + i], y_i = y[yOff + i]; + if (x_i < y_i) + return false; + if (x_i > y_i) + return true; + } + return true; + } + + public static bool IsOne(uint[] x) + { + if (x[0] != 1) + { + return false; + } + for (int i = 1; i < 5; ++i) + { + if (x[i] != 0) + { + return false; + } + } + return true; + } + + public static bool IsZero(uint[] x) + { + for (int i = 0; i < 5; ++i) + { + if (x[i] != 0) + { + return false; + } + } + return true; + } + + public static void Mul(uint[] x, uint[] y, uint[] zz) + { + ulong y_0 = y[0]; + ulong y_1 = y[1]; + ulong y_2 = y[2]; + ulong y_3 = y[3]; + ulong y_4 = y[4]; + + { + ulong c = 0, x_0 = x[0]; + c += x_0 * y_0; + zz[0] = (uint)c; + c >>= 32; + c += x_0 * y_1; + zz[1] = (uint)c; + c >>= 32; + c += x_0 * y_2; + zz[2] = (uint)c; + c >>= 32; + c += x_0 * y_3; + zz[3] = (uint)c; + c >>= 32; + c += x_0 * y_4; + zz[4] = (uint)c; + c >>= 32; + zz[5] = (uint)c; + } + + for (int i = 1; i < 5; ++i) + { + ulong c = 0, x_i = x[i]; + c += x_i * y_0 + zz[i + 0]; + zz[i + 0] = (uint)c; + c >>= 32; + c += x_i * y_1 + zz[i + 1]; + zz[i + 1] = (uint)c; + c >>= 32; + c += x_i * y_2 + zz[i + 2]; + zz[i + 2] = (uint)c; + c >>= 32; + c += x_i * y_3 + zz[i + 3]; + zz[i + 3] = (uint)c; + c >>= 32; + c += x_i * y_4 + zz[i + 4]; + zz[i + 4] = (uint)c; + c >>= 32; + zz[i + 5] = (uint)c; + } + } + + public static void Mul(uint[] x, int xOff, uint[] y, int yOff, uint[] zz, int zzOff) + { + ulong y_0 = y[yOff + 0]; + ulong y_1 = y[yOff + 1]; + ulong y_2 = y[yOff + 2]; + ulong y_3 = y[yOff + 3]; + ulong y_4 = y[yOff + 4]; + + { + ulong c = 0, x_0 = x[xOff + 0]; + c += x_0 * y_0; + zz[zzOff + 0] = (uint)c; + c >>= 32; + c += x_0 * y_1; + zz[zzOff + 1] = (uint)c; + c >>= 32; + c += x_0 * y_2; + zz[zzOff + 2] = (uint)c; + c >>= 32; + c += x_0 * y_3; + zz[zzOff + 3] = (uint)c; + c >>= 32; + c += x_0 * y_4; + zz[zzOff + 4] = (uint)c; + c >>= 32; + zz[zzOff + 5] = (uint)c; + } + + for (int i = 1; i < 5; ++i) + { + ++zzOff; + ulong c = 0, x_i = x[xOff + i]; + c += x_i * y_0 + zz[zzOff + 0]; + zz[zzOff + 0] = (uint)c; + c >>= 32; + c += x_i * y_1 + zz[zzOff + 1]; + zz[zzOff + 1] = (uint)c; + c >>= 32; + c += x_i * y_2 + zz[zzOff + 2]; + zz[zzOff + 2] = (uint)c; + c >>= 32; + c += x_i * y_3 + zz[zzOff + 3]; + zz[zzOff + 3] = (uint)c; + c >>= 32; + c += x_i * y_4 + zz[zzOff + 4]; + zz[zzOff + 4] = (uint)c; + c >>= 32; + zz[zzOff + 5] = (uint)c; + } + } + + public static uint MulAddTo(uint[] x, uint[] y, uint[] zz) + { + ulong y_0 = y[0]; + ulong y_1 = y[1]; + ulong y_2 = y[2]; + ulong y_3 = y[3]; + ulong y_4 = y[4]; + + ulong zc = 0; + for (int i = 0; i < 5; ++i) + { + ulong c = 0, x_i = x[i]; + c += x_i * y_0 + zz[i + 0]; + zz[i + 0] = (uint)c; + c >>= 32; + c += x_i * y_1 + zz[i + 1]; + zz[i + 1] = (uint)c; + c >>= 32; + c += x_i * y_2 + zz[i + 2]; + zz[i + 2] = (uint)c; + c >>= 32; + c += x_i * y_3 + zz[i + 3]; + zz[i + 3] = (uint)c; + c >>= 32; + c += x_i * y_4 + zz[i + 4]; + zz[i + 4] = (uint)c; + c >>= 32; + + zc += c + zz[i + 5]; + zz[i + 5] = (uint)zc; + zc >>= 32; + } + return (uint)zc; + } + + public static uint MulAddTo(uint[] x, int xOff, uint[] y, int yOff, uint[] zz, int zzOff) + { + ulong y_0 = y[yOff + 0]; + ulong y_1 = y[yOff + 1]; + ulong y_2 = y[yOff + 2]; + ulong y_3 = y[yOff + 3]; + ulong y_4 = y[yOff + 4]; + + ulong zc = 0; + for (int i = 0; i < 5; ++i) + { + ulong c = 0, x_i = x[xOff + i]; + c += x_i * y_0 + zz[zzOff + 0]; + zz[zzOff + 0] = (uint)c; + c >>= 32; + c += x_i * y_1 + zz[zzOff + 1]; + zz[zzOff + 1] = (uint)c; + c >>= 32; + c += x_i * y_2 + zz[zzOff + 2]; + zz[zzOff + 2] = (uint)c; + c >>= 32; + c += x_i * y_3 + zz[zzOff + 3]; + zz[zzOff + 3] = (uint)c; + c >>= 32; + c += x_i * y_4 + zz[zzOff + 4]; + zz[zzOff + 4] = (uint)c; + c >>= 32; + + zc += c + zz[zzOff + 5]; + zz[zzOff + 5] = (uint)zc; + zc >>= 32; + ++zzOff; + } + return (uint)zc; + } + + public static ulong Mul33Add(uint w, uint[] x, int xOff, uint[] y, int yOff, uint[] z, int zOff) + { + Debug.Assert(w >> 31 == 0); + + ulong c = 0, wVal = w; + ulong x0 = x[xOff + 0]; + c += wVal * x0 + y[yOff + 0]; + z[zOff + 0] = (uint)c; + c >>= 32; + ulong x1 = x[xOff + 1]; + c += wVal * x1 + x0 + y[yOff + 1]; + z[zOff + 1] = (uint)c; + c >>= 32; + ulong x2 = x[xOff + 2]; + c += wVal * x2 + x1 + y[yOff + 2]; + z[zOff + 2] = (uint)c; + c >>= 32; + ulong x3 = x[xOff + 3]; + c += wVal * x3 + x2 + y[yOff + 3]; + z[zOff + 3] = (uint)c; + c >>= 32; + ulong x4 = x[xOff + 4]; + c += wVal * x4 + x3 + y[yOff + 4]; + z[zOff + 4] = (uint)c; + c >>= 32; + c += x4; + return c; + } + + public static uint MulWordAddExt(uint x, uint[] yy, int yyOff, uint[] zz, int zzOff) + { + Debug.Assert(yyOff <= 5); + Debug.Assert(zzOff <= 5); + + ulong c = 0, xVal = x; + c += xVal * yy[yyOff + 0] + zz[zzOff + 0]; + zz[zzOff + 0] = (uint)c; + c >>= 32; + c += xVal * yy[yyOff + 1] + zz[zzOff + 1]; + zz[zzOff + 1] = (uint)c; + c >>= 32; + c += xVal * yy[yyOff + 2] + zz[zzOff + 2]; + zz[zzOff + 2] = (uint)c; + c >>= 32; + c += xVal * yy[yyOff + 3] + zz[zzOff + 3]; + zz[zzOff + 3] = (uint)c; + c >>= 32; + c += xVal * yy[yyOff + 4] + zz[zzOff + 4]; + zz[zzOff + 4] = (uint)c; + c >>= 32; + return (uint)c; + } + + public static uint Mul33DWordAdd(uint x, ulong y, uint[] z, int zOff) + { + Debug.Assert(x >> 31 == 0); + Debug.Assert(zOff <= 1); + ulong c = 0, xVal = x; + ulong y00 = y & M; + c += xVal * y00 + z[zOff + 0]; + z[zOff + 0] = (uint)c; + c >>= 32; + ulong y01 = y >> 32; + c += xVal * y01 + y00 + z[zOff + 1]; + z[zOff + 1] = (uint)c; + c >>= 32; + c += y01 + z[zOff + 2]; + z[zOff + 2] = (uint)c; + c >>= 32; + c += z[zOff + 3]; + z[zOff + 3] = (uint)c; + c >>= 32; + return c == 0 ? 0 : Nat.IncAt(5, z, zOff, 4); + } + + public static uint Mul33WordAdd(uint x, uint y, uint[] z, int zOff) + { + Debug.Assert(x >> 31 == 0); + Debug.Assert(zOff <= 2); + ulong c = 0, yVal = y; + c += yVal * x + z[zOff + 0]; + z[zOff + 0] = (uint)c; + c >>= 32; + c += yVal + z[zOff + 1]; + z[zOff + 1] = (uint)c; + c >>= 32; + c += z[zOff + 2]; + z[zOff + 2] = (uint)c; + c >>= 32; + return c == 0 ? 0 : Nat.IncAt(5, z, zOff, 3); + } + + public static uint MulWordDwordAdd(uint x, ulong y, uint[] z, int zOff) + { + Debug.Assert(zOff <= 2); + ulong c = 0, xVal = x; + c += xVal * y + z[zOff + 0]; + z[zOff + 0] = (uint)c; + c >>= 32; + c += xVal * (y >> 32) + z[zOff + 1]; + z[zOff + 1] = (uint)c; + c >>= 32; + c += z[zOff + 2]; + z[zOff + 2] = (uint)c; + c >>= 32; + return c == 0 ? 0 : Nat.IncAt(5, z, zOff, 3); + } + + public static uint MulWordsAdd(uint x, uint y, uint[] z, int zOff) + { + Debug.Assert(zOff <= 3); + + ulong c = 0, xVal = x, yVal = y; + c += yVal * xVal + z[zOff + 0]; + z[zOff + 0] = (uint)c; + c >>= 32; + c += z[zOff + 1]; + z[zOff + 1] = (uint)c; + c >>= 32; + return c == 0 ? 0 : Nat.IncAt(5, z, zOff, 2); + } + + public static uint MulWord(uint x, uint[] y, uint[] z, int zOff) + { + ulong c = 0, xVal = x; + int i = 0; + do + { + c += xVal * y[i]; + z[zOff + i] = (uint)c; + c >>= 32; + } + while (++i < 5); + return (uint)c; + } + + public static void Square(uint[] x, uint[] zz) + { + ulong x_0 = x[0]; + ulong zz_1; + + uint c = 0, w; + { + int i = 4, j = 10; + do + { + ulong xVal = x[i--]; + ulong p = xVal * xVal; + zz[--j] = (c << 31) | (uint)(p >> 33); + zz[--j] = (uint)(p >> 1); + c = (uint)p; + } + while (i > 0); + + { + ulong p = x_0 * x_0; + zz_1 = (ulong)(c << 31) | (p >> 33); + zz[0] = (uint)p; + c = (uint)(p >> 32) & 1; + } + } + + ulong x_1 = x[1]; + ulong zz_2 = zz[2]; + + { + zz_1 += x_1 * x_0; + w = (uint)zz_1; + zz[1] = (w << 1) | c; + c = w >> 31; + zz_2 += zz_1 >> 32; + } + + ulong x_2 = x[2]; + ulong zz_3 = zz[3]; + ulong zz_4 = zz[4]; + { + zz_2 += x_2 * x_0; + w = (uint)zz_2; + zz[2] = (w << 1) | c; + c = w >> 31; + zz_3 += (zz_2 >> 32) + x_2 * x_1; + zz_4 += zz_3 >> 32; + zz_3 &= M; + } + + ulong x_3 = x[3]; + ulong zz_5 = zz[5] + (zz_4 >> 32); zz_4 &= M; + ulong zz_6 = zz[6] + (zz_5 >> 32); zz_5 &= M; + { + zz_3 += x_3 * x_0; + w = (uint)zz_3; + zz[3] = (w << 1) | c; + c = w >> 31; + zz_4 += (zz_3 >> 32) + x_3 * x_1; + zz_5 += (zz_4 >> 32) + x_3 * x_2; + zz_4 &= M; + zz_6 += zz_5 >> 32; + zz_5 &= M; + } + + ulong x_4 = x[4]; + ulong zz_7 = zz[7] + (zz_6 >> 32); zz_6 &= M; + ulong zz_8 = zz[8] + (zz_7 >> 32); zz_7 &= M; + { + zz_4 += x_4 * x_0; + w = (uint)zz_4; + zz[4] = (w << 1) | c; + c = w >> 31; + zz_5 += (zz_4 >> 32) + x_4 * x_1; + zz_6 += (zz_5 >> 32) + x_4 * x_2; + zz_7 += (zz_6 >> 32) + x_4 * x_3; + zz_8 += zz_7 >> 32; + } + + w = (uint)zz_5; + zz[5] = (w << 1) | c; + c = w >> 31; + w = (uint)zz_6; + zz[6] = (w << 1) | c; + c = w >> 31; + w = (uint)zz_7; + zz[7] = (w << 1) | c; + c = w >> 31; + w = (uint)zz_8; + zz[8] = (w << 1) | c; + c = w >> 31; + w = zz[9] + (uint)(zz_8 >> 32); + zz[9] = (w << 1) | c; + } + + public static void Square(uint[] x, int xOff, uint[] zz, int zzOff) + { + ulong x_0 = x[xOff + 0]; + ulong zz_1; + + uint c = 0, w; + { + int i = 4, j = 10; + do + { + ulong xVal = x[xOff + i--]; + ulong p = xVal * xVal; + zz[zzOff + --j] = (c << 31) | (uint)(p >> 33); + zz[zzOff + --j] = (uint)(p >> 1); + c = (uint)p; + } + while (i > 0); + + { + ulong p = x_0 * x_0; + zz_1 = (ulong)(c << 31) | (p >> 33); + zz[zzOff + 0] = (uint)p; + c = (uint)(p >> 32) & 1; + } + } + + ulong x_1 = x[xOff + 1]; + ulong zz_2 = zz[zzOff + 2]; + + { + zz_1 += x_1 * x_0; + w = (uint)zz_1; + zz[zzOff + 1] = (w << 1) | c; + c = w >> 31; + zz_2 += zz_1 >> 32; + } + + ulong x_2 = x[xOff + 2]; + ulong zz_3 = zz[zzOff + 3]; + ulong zz_4 = zz[zzOff + 4]; + { + zz_2 += x_2 * x_0; + w = (uint)zz_2; + zz[zzOff + 2] = (w << 1) | c; + c = w >> 31; + zz_3 += (zz_2 >> 32) + x_2 * x_1; + zz_4 += zz_3 >> 32; + zz_3 &= M; + } + + ulong x_3 = x[xOff + 3]; + ulong zz_5 = zz[zzOff + 5] + (zz_4 >> 32); zz_4 &= M; + ulong zz_6 = zz[zzOff + 6] + (zz_5 >> 32); zz_5 &= M; + { + zz_3 += x_3 * x_0; + w = (uint)zz_3; + zz[zzOff + 3] = (w << 1) | c; + c = w >> 31; + zz_4 += (zz_3 >> 32) + x_3 * x_1; + zz_5 += (zz_4 >> 32) + x_3 * x_2; + zz_4 &= M; + zz_6 += zz_5 >> 32; + zz_5 &= M; + } + + ulong x_4 = x[xOff + 4]; + ulong zz_7 = zz[zzOff + 7] + (zz_6 >> 32); zz_6 &= M; + ulong zz_8 = zz[zzOff + 8] + (zz_7 >> 32); zz_7 &= M; + { + zz_4 += x_4 * x_0; + w = (uint)zz_4; + zz[zzOff + 4] = (w << 1) | c; + c = w >> 31; + zz_5 += (zz_4 >> 32) + x_4 * x_1; + zz_6 += (zz_5 >> 32) + x_4 * x_2; + zz_7 += (zz_6 >> 32) + x_4 * x_3; + zz_8 += zz_7 >> 32; + } + + w = (uint)zz_5; + zz[zzOff + 5] = (w << 1) | c; + c = w >> 31; + w = (uint)zz_6; + zz[zzOff + 6] = (w << 1) | c; + c = w >> 31; + w = (uint)zz_7; + zz[zzOff + 7] = (w << 1) | c; + c = w >> 31; + w = (uint)zz_8; + zz[zzOff + 8] = (w << 1) | c; + c = w >> 31; + w = zz[zzOff + 9] + (uint)(zz_8 >> 32); + zz[zzOff + 9] = (w << 1) | c; + } + + public static int Sub(uint[] x, uint[] y, uint[] z) + { + long c = 0; + c += (long)x[0] - y[0]; + z[0] = (uint)c; + c >>= 32; + c += (long)x[1] - y[1]; + z[1] = (uint)c; + c >>= 32; + c += (long)x[2] - y[2]; + z[2] = (uint)c; + c >>= 32; + c += (long)x[3] - y[3]; + z[3] = (uint)c; + c >>= 32; + c += (long)x[4] - y[4]; + z[4] = (uint)c; + c >>= 32; + return (int)c; + } + + public static int Sub(uint[] x, int xOff, uint[] y, int yOff, uint[] z, int zOff) + { + long c = 0; + c += (long)x[xOff + 0] - y[yOff + 0]; + z[zOff + 0] = (uint)c; + c >>= 32; + c += (long)x[xOff + 1] - y[yOff + 1]; + z[zOff + 1] = (uint)c; + c >>= 32; + c += (long)x[xOff + 2] - y[yOff + 2]; + z[zOff + 2] = (uint)c; + c >>= 32; + c += (long)x[xOff + 3] - y[yOff + 3]; + z[zOff + 3] = (uint)c; + c >>= 32; + c += (long)x[xOff + 4] - y[yOff + 4]; + z[zOff + 4] = (uint)c; + c >>= 32; + return (int)c; + } + + public static int SubBothFrom(uint[] x, uint[] y, uint[] z) + { + long c = 0; + c += (long)z[0] - x[0] - y[0]; + z[0] = (uint)c; + c >>= 32; + c += (long)z[1] - x[1] - y[1]; + z[1] = (uint)c; + c >>= 32; + c += (long)z[2] - x[2] - y[2]; + z[2] = (uint)c; + c >>= 32; + c += (long)z[3] - x[3] - y[3]; + z[3] = (uint)c; + c >>= 32; + c += (long)z[4] - x[4] - y[4]; + z[4] = (uint)c; + c >>= 32; + return (int)c; + } + + public static int SubFrom(uint[] x, uint[] z) + { + long c = 0; + c += (long)z[0] - x[0]; + z[0] = (uint)c; + c >>= 32; + c += (long)z[1] - x[1]; + z[1] = (uint)c; + c >>= 32; + c += (long)z[2] - x[2]; + z[2] = (uint)c; + c >>= 32; + c += (long)z[3] - x[3]; + z[3] = (uint)c; + c >>= 32; + c += (long)z[4] - x[4]; + z[4] = (uint)c; + c >>= 32; + return (int)c; + } + + public static int SubFrom(uint[] x, int xOff, uint[] z, int zOff) + { + long c = 0; + c += (long)z[zOff + 0] - x[xOff + 0]; + z[zOff + 0] = (uint)c; + c >>= 32; + c += (long)z[zOff + 1] - x[xOff + 1]; + z[zOff + 1] = (uint)c; + c >>= 32; + c += (long)z[zOff + 2] - x[xOff + 2]; + z[zOff + 2] = (uint)c; + c >>= 32; + c += (long)z[zOff + 3] - x[xOff + 3]; + z[zOff + 3] = (uint)c; + c >>= 32; + c += (long)z[zOff + 4] - x[xOff + 4]; + z[zOff + 4] = (uint)c; + c >>= 32; + return (int)c; + } + + public static BigInteger ToBigInteger(uint[] x) + { + byte[] bs = new byte[20]; + for (int i = 0; i < 5; ++i) + { + uint x_i = x[i]; + if (x_i != 0) + { + Pack.UInt32_To_BE(x_i, bs, (4 - i) << 2); + } + } + return new BigInteger(1, bs); + } + + public static void Zero(uint[] z) + { + z[0] = 0; + z[1] = 0; + z[2] = 0; + z[3] = 0; + z[4] = 0; + } + } +} diff --git a/BouncyCastle/crypto/src/math/raw/Nat192.cs b/BouncyCastle/crypto/src/math/raw/Nat192.cs new file mode 100644 index 0000000..7522907 --- /dev/null +++ b/BouncyCastle/crypto/src/math/raw/Nat192.cs @@ -0,0 +1,1037 @@ +using System; +using System.Diagnostics; + +using Org.BouncyCastle.Crypto.Utilities; + +namespace Org.BouncyCastle.Math.Raw +{ + internal abstract class Nat192 + { + private const ulong M = 0xFFFFFFFFUL; + + public static uint Add(uint[] x, uint[] y, uint[] z) + { + ulong c = 0; + c += (ulong)x[0] + y[0]; + z[0] = (uint)c; + c >>= 32; + c += (ulong)x[1] + y[1]; + z[1] = (uint)c; + c >>= 32; + c += (ulong)x[2] + y[2]; + z[2] = (uint)c; + c >>= 32; + c += (ulong)x[3] + y[3]; + z[3] = (uint)c; + c >>= 32; + c += (ulong)x[4] + y[4]; + z[4] = (uint)c; + c >>= 32; + c += (ulong)x[5] + y[5]; + z[5] = (uint)c; + c >>= 32; + return (uint)c; + } + + public static uint AddBothTo(uint[] x, uint[] y, uint[] z) + { + ulong c = 0; + c += (ulong)x[0] + y[0] + z[0]; + z[0] = (uint)c; + c >>= 32; + c += (ulong)x[1] + y[1] + z[1]; + z[1] = (uint)c; + c >>= 32; + c += (ulong)x[2] + y[2] + z[2]; + z[2] = (uint)c; + c >>= 32; + c += (ulong)x[3] + y[3] + z[3]; + z[3] = (uint)c; + c >>= 32; + c += (ulong)x[4] + y[4] + z[4]; + z[4] = (uint)c; + c >>= 32; + c += (ulong)x[5] + y[5] + z[5]; + z[5] = (uint)c; + c >>= 32; + return (uint)c; + } + + public static uint AddTo(uint[] x, uint[] z) + { + ulong c = 0; + c += (ulong)x[0] + z[0]; + z[0] = (uint)c; + c >>= 32; + c += (ulong)x[1] + z[1]; + z[1] = (uint)c; + c >>= 32; + c += (ulong)x[2] + z[2]; + z[2] = (uint)c; + c >>= 32; + c += (ulong)x[3] + z[3]; + z[3] = (uint)c; + c >>= 32; + c += (ulong)x[4] + z[4]; + z[4] = (uint)c; + c >>= 32; + c += (ulong)x[5] + z[5]; + z[5] = (uint)c; + c >>= 32; + return (uint)c; + } + + public static uint AddTo(uint[] x, int xOff, uint[] z, int zOff, uint cIn) + { + ulong c = cIn; + c += (ulong)x[xOff + 0] + z[zOff + 0]; + z[zOff + 0] = (uint)c; + c >>= 32; + c += (ulong)x[xOff + 1] + z[zOff + 1]; + z[zOff + 1] = (uint)c; + c >>= 32; + c += (ulong)x[xOff + 2] + z[zOff + 2]; + z[zOff + 2] = (uint)c; + c >>= 32; + c += (ulong)x[xOff + 3] + z[zOff + 3]; + z[zOff + 3] = (uint)c; + c >>= 32; + c += (ulong)x[xOff + 4] + z[zOff + 4]; + z[zOff + 4] = (uint)c; + c >>= 32; + c += (ulong)x[xOff + 5] + z[zOff + 5]; + z[zOff + 5] = (uint)c; + c >>= 32; + return (uint)c; + } + + public static uint AddToEachOther(uint[] u, int uOff, uint[] v, int vOff) + { + ulong c = 0; + c += (ulong)u[uOff + 0] + v[vOff + 0]; + u[uOff + 0] = (uint)c; + v[vOff + 0] = (uint)c; + c >>= 32; + c += (ulong)u[uOff + 1] + v[vOff + 1]; + u[uOff + 1] = (uint)c; + v[vOff + 1] = (uint)c; + c >>= 32; + c += (ulong)u[uOff + 2] + v[vOff + 2]; + u[uOff + 2] = (uint)c; + v[vOff + 2] = (uint)c; + c >>= 32; + c += (ulong)u[uOff + 3] + v[vOff + 3]; + u[uOff + 3] = (uint)c; + v[vOff + 3] = (uint)c; + c >>= 32; + c += (ulong)u[uOff + 4] + v[vOff + 4]; + u[uOff + 4] = (uint)c; + v[vOff + 4] = (uint)c; + c >>= 32; + c += (ulong)u[uOff + 5] + v[vOff + 5]; + u[uOff + 5] = (uint)c; + v[vOff + 5] = (uint)c; + c >>= 32; + return (uint)c; + } + + public static void Copy(uint[] x, uint[] z) + { + z[0] = x[0]; + z[1] = x[1]; + z[2] = x[2]; + z[3] = x[3]; + z[4] = x[4]; + z[5] = x[5]; + } + + public static void Copy(uint[] x, int xOff, uint[] z, int zOff) + { + z[zOff + 0] = x[xOff + 0]; + z[zOff + 1] = x[xOff + 1]; + z[zOff + 2] = x[xOff + 2]; + z[zOff + 3] = x[xOff + 3]; + z[zOff + 4] = x[xOff + 4]; + z[zOff + 5] = x[xOff + 5]; + } + + public static void Copy64(ulong[] x, ulong[] z) + { + z[0] = x[0]; + z[1] = x[1]; + z[2] = x[2]; + } + + public static void Copy64(ulong[] x, int xOff, ulong[] z, int zOff) + { + z[zOff + 0] = x[xOff + 0]; + z[zOff + 1] = x[xOff + 1]; + z[zOff + 2] = x[xOff + 2]; + } + + public static uint[] Create() + { + return new uint[6]; + } + + public static ulong[] Create64() + { + return new ulong[3]; + } + + public static uint[] CreateExt() + { + return new uint[12]; + } + + public static ulong[] CreateExt64() + { + return new ulong[6]; + } + + public static bool Diff(uint[] x, int xOff, uint[] y, int yOff, uint[] z, int zOff) + { + bool pos = Gte(x, xOff, y, yOff); + if (pos) + { + Sub(x, xOff, y, yOff, z, zOff); + } + else + { + Sub(y, yOff, x, xOff, z, zOff); + } + return pos; + } + + public static bool Eq(uint[] x, uint[] y) + { + for (int i = 5; i >= 0; --i) + { + if (x[i] != y[i]) + return false; + } + return true; + } + + public static bool Eq64(ulong[] x, ulong[] y) + { + for (int i = 2; i >= 0; --i) + { + if (x[i] != y[i]) + { + return false; + } + } + return true; + } + + public static uint GetBit(uint[] x, int bit) + { + if (bit == 0) + { + return x[0] & 1; + } + int w = bit >> 5; + if (w < 0 || w >= 6) + { + return 0; + } + int b = bit & 31; + return (x[w] >> b) & 1; + } + + public static bool Gte(uint[] x, uint[] y) + { + for (int i = 5; i >= 0; --i) + { + uint x_i = x[i], y_i = y[i]; + if (x_i < y_i) + return false; + if (x_i > y_i) + return true; + } + return true; + } + + public static bool Gte(uint[] x, int xOff, uint[] y, int yOff) + { + for (int i = 5; i >= 0; --i) + { + uint x_i = x[xOff + i], y_i = y[yOff + i]; + if (x_i < y_i) + return false; + if (x_i > y_i) + return true; + } + return true; + } + + public static bool IsOne(uint[] x) + { + if (x[0] != 1) + { + return false; + } + for (int i = 1; i < 6; ++i) + { + if (x[i] != 0) + { + return false; + } + } + return true; + } + + public static bool IsOne64(ulong[] x) + { + if (x[0] != 1UL) + { + return false; + } + for (int i = 1; i < 3; ++i) + { + if (x[i] != 0UL) + { + return false; + } + } + return true; + } + + public static bool IsZero(uint[] x) + { + for (int i = 0; i < 6; ++i) + { + if (x[i] != 0) + { + return false; + } + } + return true; + } + + public static bool IsZero64(ulong[] x) + { + for (int i = 0; i < 3; ++i) + { + if (x[i] != 0UL) + { + return false; + } + } + return true; + } + + public static void Mul(uint[] x, uint[] y, uint[] zz) + { + ulong y_0 = y[0]; + ulong y_1 = y[1]; + ulong y_2 = y[2]; + ulong y_3 = y[3]; + ulong y_4 = y[4]; + ulong y_5 = y[5]; + + { + ulong c = 0, x_0 = x[0]; + c += x_0 * y_0; + zz[0] = (uint)c; + c >>= 32; + c += x_0 * y_1; + zz[1] = (uint)c; + c >>= 32; + c += x_0 * y_2; + zz[2] = (uint)c; + c >>= 32; + c += x_0 * y_3; + zz[3] = (uint)c; + c >>= 32; + c += x_0 * y_4; + zz[4] = (uint)c; + c >>= 32; + c += x_0 * y_5; + zz[5] = (uint)c; + c >>= 32; + zz[6] = (uint)c; + } + + for (int i = 1; i < 6; ++i) + { + ulong c = 0, x_i = x[i]; + c += x_i * y_0 + zz[i + 0]; + zz[i + 0] = (uint)c; + c >>= 32; + c += x_i * y_1 + zz[i + 1]; + zz[i + 1] = (uint)c; + c >>= 32; + c += x_i * y_2 + zz[i + 2]; + zz[i + 2] = (uint)c; + c >>= 32; + c += x_i * y_3 + zz[i + 3]; + zz[i + 3] = (uint)c; + c >>= 32; + c += x_i * y_4 + zz[i + 4]; + zz[i + 4] = (uint)c; + c >>= 32; + c += x_i * y_5 + zz[i + 5]; + zz[i + 5] = (uint)c; + c >>= 32; + zz[i + 6] = (uint)c; + } + } + + public static void Mul(uint[] x, int xOff, uint[] y, int yOff, uint[] zz, int zzOff) + { + ulong y_0 = y[yOff + 0]; + ulong y_1 = y[yOff + 1]; + ulong y_2 = y[yOff + 2]; + ulong y_3 = y[yOff + 3]; + ulong y_4 = y[yOff + 4]; + ulong y_5 = y[yOff + 5]; + + { + ulong c = 0, x_0 = x[xOff + 0]; + c += x_0 * y_0; + zz[zzOff + 0] = (uint)c; + c >>= 32; + c += x_0 * y_1; + zz[zzOff + 1] = (uint)c; + c >>= 32; + c += x_0 * y_2; + zz[zzOff + 2] = (uint)c; + c >>= 32; + c += x_0 * y_3; + zz[zzOff + 3] = (uint)c; + c >>= 32; + c += x_0 * y_4; + zz[zzOff + 4] = (uint)c; + c >>= 32; + c += x_0 * y_5; + zz[zzOff + 5] = (uint)c; + c >>= 32; + zz[zzOff + 6] = (uint)c; + } + + for (int i = 1; i < 6; ++i) + { + ++zzOff; + ulong c = 0, x_i = x[xOff + i]; + c += x_i * y_0 + zz[zzOff + 0]; + zz[zzOff + 0] = (uint)c; + c >>= 32; + c += x_i * y_1 + zz[zzOff + 1]; + zz[zzOff + 1] = (uint)c; + c >>= 32; + c += x_i * y_2 + zz[zzOff + 2]; + zz[zzOff + 2] = (uint)c; + c >>= 32; + c += x_i * y_3 + zz[zzOff + 3]; + zz[zzOff + 3] = (uint)c; + c >>= 32; + c += x_i * y_4 + zz[zzOff + 4]; + zz[zzOff + 4] = (uint)c; + c >>= 32; + c += x_i * y_5 + zz[zzOff + 5]; + zz[zzOff + 5] = (uint)c; + c >>= 32; + zz[zzOff + 6] = (uint)c; + } + } + + public static uint MulAddTo(uint[] x, uint[] y, uint[] zz) + { + ulong y_0 = y[0]; + ulong y_1 = y[1]; + ulong y_2 = y[2]; + ulong y_3 = y[3]; + ulong y_4 = y[4]; + ulong y_5 = y[5]; + + ulong zc = 0; + for (int i = 0; i < 6; ++i) + { + ulong c = 0, x_i = x[i]; + c += x_i * y_0 + zz[i + 0]; + zz[i + 0] = (uint)c; + c >>= 32; + c += x_i * y_1 + zz[i + 1]; + zz[i + 1] = (uint)c; + c >>= 32; + c += x_i * y_2 + zz[i + 2]; + zz[i + 2] = (uint)c; + c >>= 32; + c += x_i * y_3 + zz[i + 3]; + zz[i + 3] = (uint)c; + c >>= 32; + c += x_i * y_4 + zz[i + 4]; + zz[i + 4] = (uint)c; + c >>= 32; + c += x_i * y_5 + zz[i + 5]; + zz[i + 5] = (uint)c; + c >>= 32; + + zc += c + zz[i + 6]; + zz[i + 6] = (uint)zc; + zc >>= 32; + } + return (uint)zc; + } + + public static uint MulAddTo(uint[] x, int xOff, uint[] y, int yOff, uint[] zz, int zzOff) + { + ulong y_0 = y[yOff + 0]; + ulong y_1 = y[yOff + 1]; + ulong y_2 = y[yOff + 2]; + ulong y_3 = y[yOff + 3]; + ulong y_4 = y[yOff + 4]; + ulong y_5 = y[yOff + 5]; + + ulong zc = 0; + for (int i = 0; i < 6; ++i) + { + ulong c = 0, x_i = x[xOff + i]; + c += x_i * y_0 + zz[zzOff + 0]; + zz[zzOff + 0] = (uint)c; + c >>= 32; + c += x_i * y_1 + zz[zzOff + 1]; + zz[zzOff + 1] = (uint)c; + c >>= 32; + c += x_i * y_2 + zz[zzOff + 2]; + zz[zzOff + 2] = (uint)c; + c >>= 32; + c += x_i * y_3 + zz[zzOff + 3]; + zz[zzOff + 3] = (uint)c; + c >>= 32; + c += x_i * y_4 + zz[zzOff + 4]; + zz[zzOff + 4] = (uint)c; + c >>= 32; + c += x_i * y_5 + zz[zzOff + 5]; + zz[zzOff + 5] = (uint)c; + c >>= 32; + + zc += c + zz[zzOff + 6]; + zz[zzOff + 6] = (uint)zc; + zc >>= 32; + ++zzOff; + } + return (uint)zc; + } + + public static ulong Mul33Add(uint w, uint[] x, int xOff, uint[] y, int yOff, uint[] z, int zOff) + { + Debug.Assert(w >> 31 == 0); + + ulong c = 0, wVal = w; + ulong x0 = x[xOff + 0]; + c += wVal * x0 + y[yOff + 0]; + z[zOff + 0] = (uint)c; + c >>= 32; + ulong x1 = x[xOff + 1]; + c += wVal * x1 + x0 + y[yOff + 1]; + z[zOff + 1] = (uint)c; + c >>= 32; + ulong x2 = x[xOff + 2]; + c += wVal * x2 + x1 + y[yOff + 2]; + z[zOff + 2] = (uint)c; + c >>= 32; + ulong x3 = x[xOff + 3]; + c += wVal * x3 + x2 + y[yOff + 3]; + z[zOff + 3] = (uint)c; + c >>= 32; + ulong x4 = x[xOff + 4]; + c += wVal * x4 + x3 + y[yOff + 4]; + z[zOff + 4] = (uint)c; + c >>= 32; + ulong x5 = x[xOff + 5]; + c += wVal * x5 + x4 + y[yOff + 5]; + z[zOff + 5] = (uint)c; + c >>= 32; + c += x5; + return c; + } + + public static uint MulWordAddExt(uint x, uint[] yy, int yyOff, uint[] zz, int zzOff) + { + Debug.Assert(yyOff <= 6); + Debug.Assert(zzOff <= 6); + ulong c = 0, xVal = x; + c += xVal * yy[yyOff + 0] + zz[zzOff + 0]; + zz[zzOff + 0] = (uint)c; + c >>= 32; + c += xVal * yy[yyOff + 1] + zz[zzOff + 1]; + zz[zzOff + 1] = (uint)c; + c >>= 32; + c += xVal * yy[yyOff + 2] + zz[zzOff + 2]; + zz[zzOff + 2] = (uint)c; + c >>= 32; + c += xVal * yy[yyOff + 3] + zz[zzOff + 3]; + zz[zzOff + 3] = (uint)c; + c >>= 32; + c += xVal * yy[yyOff + 4] + zz[zzOff + 4]; + zz[zzOff + 4] = (uint)c; + c >>= 32; + c += xVal * yy[yyOff + 5] + zz[zzOff + 5]; + zz[zzOff + 5] = (uint)c; + c >>= 32; + return (uint)c; + } + + public static uint Mul33DWordAdd(uint x, ulong y, uint[] z, int zOff) + { + Debug.Assert(x >> 31 == 0); + Debug.Assert(zOff <= 2); + ulong c = 0, xVal = x; + ulong y00 = y & M; + c += xVal * y00 + z[zOff + 0]; + z[zOff + 0] = (uint)c; + c >>= 32; + ulong y01 = y >> 32; + c += xVal * y01 + y00 + z[zOff + 1]; + z[zOff + 1] = (uint)c; + c >>= 32; + c += y01 + z[zOff + 2]; + z[zOff + 2] = (uint)c; + c >>= 32; + c += z[zOff + 3]; + z[zOff + 3] = (uint)c; + c >>= 32; + return c == 0 ? 0 : Nat.IncAt(6, z, zOff, 4); + } + + public static uint Mul33WordAdd(uint x, uint y, uint[] z, int zOff) + { + Debug.Assert(x >> 31 == 0); + Debug.Assert(zOff <=3); + ulong c = 0, yVal = y; + c += yVal * x + z[zOff + 0]; + z[zOff + 0] = (uint)c; + c >>= 32; + c += yVal + z[zOff + 1]; + z[zOff + 1] = (uint)c; + c >>= 32; + c += z[zOff + 2]; + z[zOff + 2] = (uint)c; + c >>= 32; + return c == 0 ? 0 : Nat.IncAt(6, z, zOff, 3); + } + + public static uint MulWordDwordAdd(uint x, ulong y, uint[] z, int zOff) + { + Debug.Assert(zOff <= 3); + ulong c = 0, xVal = x; + c += xVal * y + z[zOff + 0]; + z[zOff + 0] = (uint)c; + c >>= 32; + c += xVal * (y >> 32) + z[zOff + 1]; + z[zOff + 1] = (uint)c; + c >>= 32; + c += z[zOff + 2]; + z[zOff + 2] = (uint)c; + c >>= 32; + return c == 0 ? 0 : Nat.IncAt(6, z, zOff, 3); + } + + public static uint MulWord(uint x, uint[] y, uint[] z, int zOff) + { + ulong c = 0, xVal = x; + int i = 0; + do + { + c += xVal * y[i]; + z[zOff + i] = (uint)c; + c >>= 32; + } + while (++i < 6); + return (uint)c; + } + + public static void Square(uint[] x, uint[] zz) + { + ulong x_0 = x[0]; + ulong zz_1; + + uint c = 0, w; + { + int i = 5, j = 12; + do + { + ulong xVal = x[i--]; + ulong p = xVal * xVal; + zz[--j] = (c << 31) | (uint)(p >> 33); + zz[--j] = (uint)(p >> 1); + c = (uint)p; + } + while (i > 0); + + { + ulong p = x_0 * x_0; + zz_1 = (ulong)(c << 31) | (p >> 33); + zz[0] = (uint)p; + c = (uint)(p >> 32) & 1; + } + } + + ulong x_1 = x[1]; + ulong zz_2 = zz[2]; + + { + zz_1 += x_1 * x_0; + w = (uint)zz_1; + zz[1] = (w << 1) | c; + c = w >> 31; + zz_2 += zz_1 >> 32; + } + + ulong x_2 = x[2]; + ulong zz_3 = zz[3]; + ulong zz_4 = zz[4]; + { + zz_2 += x_2 * x_0; + w = (uint)zz_2; + zz[2] = (w << 1) | c; + c = w >> 31; + zz_3 += (zz_2 >> 32) + x_2 * x_1; + zz_4 += zz_3 >> 32; + zz_3 &= M; + } + + ulong x_3 = x[3]; + ulong zz_5 = zz[5] + (zz_4 >> 32); zz_4 &= M; + ulong zz_6 = zz[6] + (zz_5 >> 32); zz_5 &= M; + { + zz_3 += x_3 * x_0; + w = (uint)zz_3; + zz[3] = (w << 1) | c; + c = w >> 31; + zz_4 += (zz_3 >> 32) + x_3 * x_1; + zz_5 += (zz_4 >> 32) + x_3 * x_2; + zz_4 &= M; + zz_6 += zz_5 >> 32; + zz_5 &= M; + } + + ulong x_4 = x[4]; + ulong zz_7 = zz[7] + (zz_6 >> 32); zz_6 &= M; + ulong zz_8 = zz[8] + (zz_7 >> 32); zz_7 &= M; + { + zz_4 += x_4 * x_0; + w = (uint)zz_4; + zz[4] = (w << 1) | c; + c = w >> 31; + zz_5 += (zz_4 >> 32) + x_4 * x_1; + zz_6 += (zz_5 >> 32) + x_4 * x_2; + zz_5 &= M; + zz_7 += (zz_6 >> 32) + x_4 * x_3; + zz_6 &= M; + zz_8 += zz_7 >> 32; + zz_7 &= M; + } + + ulong x_5 = x[5]; + ulong zz_9 = zz[9] + (zz_8 >> 32); zz_8 &= M; + ulong zz_10 = zz[10] + (zz_9 >> 32); zz_9 &= M; + { + zz_5 += x_5 * x_0; + w = (uint)zz_5; + zz[5] = (w << 1) | c; + c = w >> 31; + zz_6 += (zz_5 >> 32) + x_5 * x_1; + zz_7 += (zz_6 >> 32) + x_5 * x_2; + zz_8 += (zz_7 >> 32) + x_5 * x_3; + zz_9 += (zz_8 >> 32) + x_5 * x_4; + zz_10 += zz_9 >> 32; + } + + w = (uint)zz_6; + zz[6] = (w << 1) | c; + c = w >> 31; + w = (uint)zz_7; + zz[7] = (w << 1) | c; + c = w >> 31; + w = (uint)zz_8; + zz[8] = (w << 1) | c; + c = w >> 31; + w = (uint)zz_9; + zz[9] = (w << 1) | c; + c = w >> 31; + w = (uint)zz_10; + zz[10] = (w << 1) | c; + c = w >> 31; + w = zz[11] + (uint)(zz_10 >> 32); + zz[11] = (w << 1) | c; + } + + public static void Square(uint[] x, int xOff, uint[] zz, int zzOff) + { + ulong x_0 = x[xOff + 0]; + ulong zz_1; + + uint c = 0, w; + { + int i = 5, j = 12; + do + { + ulong xVal = x[xOff + i--]; + ulong p = xVal * xVal; + zz[zzOff + --j] = (c << 31) | (uint)(p >> 33); + zz[zzOff + --j] = (uint)(p >> 1); + c = (uint)p; + } + while (i > 0); + + { + ulong p = x_0 * x_0; + zz_1 = (ulong)(c << 31) | (p >> 33); + zz[zzOff + 0] = (uint)p; + c = (uint)(p >> 32) & 1; + } + } + + ulong x_1 = x[xOff + 1]; + ulong zz_2 = zz[zzOff + 2]; + + { + zz_1 += x_1 * x_0; + w = (uint)zz_1; + zz[zzOff + 1] = (w << 1) | c; + c = w >> 31; + zz_2 += zz_1 >> 32; + } + + ulong x_2 = x[xOff + 2]; + ulong zz_3 = zz[zzOff + 3]; + ulong zz_4 = zz[zzOff + 4]; + { + zz_2 += x_2 * x_0; + w = (uint)zz_2; + zz[zzOff + 2] = (w << 1) | c; + c = w >> 31; + zz_3 += (zz_2 >> 32) + x_2 * x_1; + zz_4 += zz_3 >> 32; + zz_3 &= M; + } + + ulong x_3 = x[xOff + 3]; + ulong zz_5 = zz[zzOff + 5] + (zz_4 >> 32); zz_4 &= M; + ulong zz_6 = zz[zzOff + 6] + (zz_5 >> 32); zz_5 &= M; + { + zz_3 += x_3 * x_0; + w = (uint)zz_3; + zz[zzOff + 3] = (w << 1) | c; + c = w >> 31; + zz_4 += (zz_3 >> 32) + x_3 * x_1; + zz_5 += (zz_4 >> 32) + x_3 * x_2; + zz_4 &= M; + zz_6 += zz_5 >> 32; + zz_5 &= M; + } + + ulong x_4 = x[xOff + 4]; + ulong zz_7 = zz[zzOff + 7] + (zz_6 >> 32); zz_6 &= M; + ulong zz_8 = zz[zzOff + 8] + (zz_7 >> 32); zz_7 &= M; + { + zz_4 += x_4 * x_0; + w = (uint)zz_4; + zz[zzOff + 4] = (w << 1) | c; + c = w >> 31; + zz_5 += (zz_4 >> 32) + x_4 * x_1; + zz_6 += (zz_5 >> 32) + x_4 * x_2; + zz_5 &= M; + zz_7 += (zz_6 >> 32) + x_4 * x_3; + zz_6 &= M; + zz_8 += zz_7 >> 32; + zz_7 &= M; + } + + ulong x_5 = x[xOff + 5]; + ulong zz_9 = zz[zzOff + 9] + (zz_8 >> 32); zz_8 &= M; + ulong zz_10 = zz[zzOff + 10] + (zz_9 >> 32); zz_9 &= M; + { + zz_5 += x_5 * x_0; + w = (uint)zz_5; + zz[zzOff + 5] = (w << 1) | c; + c = w >> 31; + zz_6 += (zz_5 >> 32) + x_5 * x_1; + zz_7 += (zz_6 >> 32) + x_5 * x_2; + zz_8 += (zz_7 >> 32) + x_5 * x_3; + zz_9 += (zz_8 >> 32) + x_5 * x_4; + zz_10 += zz_9 >> 32; + } + + w = (uint)zz_6; + zz[zzOff + 6] = (w << 1) | c; + c = w >> 31; + w = (uint)zz_7; + zz[zzOff + 7] = (w << 1) | c; + c = w >> 31; + w = (uint)zz_8; + zz[zzOff + 8] = (w << 1) | c; + c = w >> 31; + w = (uint)zz_9; + zz[zzOff + 9] = (w << 1) | c; + c = w >> 31; + w = (uint)zz_10; + zz[zzOff + 10] = (w << 1) | c; + c = w >> 31; + w = zz[zzOff + 11] + (uint)(zz_10 >> 32); + zz[zzOff + 11] = (w << 1) | c; + } + + public static int Sub(uint[] x, uint[] y, uint[] z) + { + long c = 0; + c += (long)x[0] - y[0]; + z[0] = (uint)c; + c >>= 32; + c += (long)x[1] - y[1]; + z[1] = (uint)c; + c >>= 32; + c += (long)x[2] - y[2]; + z[2] = (uint)c; + c >>= 32; + c += (long)x[3] - y[3]; + z[3] = (uint)c; + c >>= 32; + c += (long)x[4] - y[4]; + z[4] = (uint)c; + c >>= 32; + c += (long)x[5] - y[5]; + z[5] = (uint)c; + c >>= 32; + return (int)c; + } + + public static int Sub(uint[] x, int xOff, uint[] y, int yOff, uint[] z, int zOff) + { + long c = 0; + c += (long)x[xOff + 0] - y[yOff + 0]; + z[zOff + 0] = (uint)c; + c >>= 32; + c += (long)x[xOff + 1] - y[yOff + 1]; + z[zOff + 1] = (uint)c; + c >>= 32; + c += (long)x[xOff + 2] - y[yOff + 2]; + z[zOff + 2] = (uint)c; + c >>= 32; + c += (long)x[xOff + 3] - y[yOff + 3]; + z[zOff + 3] = (uint)c; + c >>= 32; + c += (long)x[xOff + 4] - y[yOff + 4]; + z[zOff + 4] = (uint)c; + c >>= 32; + c += (long)x[xOff + 5] - y[yOff + 5]; + z[zOff + 5] = (uint)c; + c >>= 32; + return (int)c; + } + + public static int SubBothFrom(uint[] x, uint[] y, uint[] z) + { + long c = 0; + c += (long)z[0] - x[0] - y[0]; + z[0] = (uint)c; + c >>= 32; + c += (long)z[1] - x[1] - y[1]; + z[1] = (uint)c; + c >>= 32; + c += (long)z[2] - x[2] - y[2]; + z[2] = (uint)c; + c >>= 32; + c += (long)z[3] - x[3] - y[3]; + z[3] = (uint)c; + c >>= 32; + c += (long)z[4] - x[4] - y[4]; + z[4] = (uint)c; + c >>= 32; + c += (long)z[5] - x[5] - y[5]; + z[5] = (uint)c; + c >>= 32; + return (int)c; + } + + public static int SubFrom(uint[] x, uint[] z) + { + long c = 0; + c += (long)z[0] - x[0]; + z[0] = (uint)c; + c >>= 32; + c += (long)z[1] - x[1]; + z[1] = (uint)c; + c >>= 32; + c += (long)z[2] - x[2]; + z[2] = (uint)c; + c >>= 32; + c += (long)z[3] - x[3]; + z[3] = (uint)c; + c >>= 32; + c += (long)z[4] - x[4]; + z[4] = (uint)c; + c >>= 32; + c += (long)z[5] - x[5]; + z[5] = (uint)c; + c >>= 32; + return (int)c; + } + + public static int SubFrom(uint[] x, int xOff, uint[] z, int zOff) + { + long c = 0; + c += (long)z[zOff + 0] - x[xOff + 0]; + z[zOff + 0] = (uint)c; + c >>= 32; + c += (long)z[zOff + 1] - x[xOff + 1]; + z[zOff + 1] = (uint)c; + c >>= 32; + c += (long)z[zOff + 2] - x[xOff + 2]; + z[zOff + 2] = (uint)c; + c >>= 32; + c += (long)z[zOff + 3] - x[xOff + 3]; + z[zOff + 3] = (uint)c; + c >>= 32; + c += (long)z[zOff + 4] - x[xOff + 4]; + z[zOff + 4] = (uint)c; + c >>= 32; + c += (long)z[zOff + 5] - x[xOff + 5]; + z[zOff + 5] = (uint)c; + c >>= 32; + return (int)c; + } + + public static BigInteger ToBigInteger(uint[] x) + { + byte[] bs = new byte[24]; + for (int i = 0; i < 6; ++i) + { + uint x_i = x[i]; + if (x_i != 0) + { + Pack.UInt32_To_BE(x_i, bs, (5 - i) << 2); + } + } + return new BigInteger(1, bs); + } + + public static BigInteger ToBigInteger64(ulong[] x) + { + byte[] bs = new byte[24]; + for (int i = 0; i < 3; ++i) + { + ulong x_i = x[i]; + if (x_i != 0L) + { + Pack.UInt64_To_BE(x_i, bs, (2 - i) << 3); + } + } + return new BigInteger(1, bs); + } + + public static void Zero(uint[] z) + { + z[0] = 0; + z[1] = 0; + z[2] = 0; + z[3] = 0; + z[4] = 0; + z[5] = 0; + } + } +} diff --git a/BouncyCastle/crypto/src/math/raw/Nat224.cs b/BouncyCastle/crypto/src/math/raw/Nat224.cs new file mode 100644 index 0000000..1aabd3f --- /dev/null +++ b/BouncyCastle/crypto/src/math/raw/Nat224.cs @@ -0,0 +1,1174 @@ +using System; +using System.Diagnostics; + +using Org.BouncyCastle.Crypto.Utilities; + +namespace Org.BouncyCastle.Math.Raw +{ + internal abstract class Nat224 + { + private const ulong M = 0xFFFFFFFFUL; + + public static uint Add(uint[] x, uint[] y, uint[] z) + { + ulong c = 0; + c += (ulong)x[0] + y[0]; + z[0] = (uint)c; + c >>= 32; + c += (ulong)x[1] + y[1]; + z[1] = (uint)c; + c >>= 32; + c += (ulong)x[2] + y[2]; + z[2] = (uint)c; + c >>= 32; + c += (ulong)x[3] + y[3]; + z[3] = (uint)c; + c >>= 32; + c += (ulong)x[4] + y[4]; + z[4] = (uint)c; + c >>= 32; + c += (ulong)x[5] + y[5]; + z[5] = (uint)c; + c >>= 32; + c += (ulong)x[6] + y[6]; + z[6] = (uint)c; + c >>= 32; + return (uint)c; + } + + public static uint Add(uint[] x, int xOff, uint[] y, int yOff, uint[] z, int zOff) + { + ulong c = 0; + c += (ulong)x[xOff + 0] + y[yOff + 0]; + z[zOff + 0] = (uint)c; + c >>= 32; + c += (ulong)x[xOff + 1] + y[yOff + 1]; + z[zOff + 1] = (uint)c; + c >>= 32; + c += (ulong)x[xOff + 2] + y[yOff + 2]; + z[zOff + 2] = (uint)c; + c >>= 32; + c += (ulong)x[xOff + 3] + y[yOff + 3]; + z[zOff + 3] = (uint)c; + c >>= 32; + c += (ulong)x[xOff + 4] + y[yOff + 4]; + z[zOff + 4] = (uint)c; + c >>= 32; + c += (ulong)x[xOff + 5] + y[yOff + 5]; + z[zOff + 5] = (uint)c; + c >>= 32; + c += (ulong)x[xOff + 6] + y[yOff + 6]; + z[zOff + 6] = (uint)c; + c >>= 32; + return (uint)c; + } + + public static uint AddBothTo(uint[] x, uint[] y, uint[] z) + { + ulong c = 0; + c += (ulong)x[0] + y[0] + z[0]; + z[0] = (uint)c; + c >>= 32; + c += (ulong)x[1] + y[1] + z[1]; + z[1] = (uint)c; + c >>= 32; + c += (ulong)x[2] + y[2] + z[2]; + z[2] = (uint)c; + c >>= 32; + c += (ulong)x[3] + y[3] + z[3]; + z[3] = (uint)c; + c >>= 32; + c += (ulong)x[4] + y[4] + z[4]; + z[4] = (uint)c; + c >>= 32; + c += (ulong)x[5] + y[5] + z[5]; + z[5] = (uint)c; + c >>= 32; + c += (ulong)x[6] + y[6] + z[6]; + z[6] = (uint)c; + c >>= 32; + return (uint)c; + } + + public static uint AddBothTo(uint[] x, int xOff, uint[] y, int yOff, uint[] z, int zOff) + { + ulong c = 0; + c += (ulong)x[xOff + 0] + y[yOff + 0] + z[zOff + 0]; + z[zOff + 0] = (uint)c; + c >>= 32; + c += (ulong)x[xOff + 1] + y[yOff + 1] + z[zOff + 1]; + z[zOff + 1] = (uint)c; + c >>= 32; + c += (ulong)x[xOff + 2] + y[yOff + 2] + z[zOff + 2]; + z[zOff + 2] = (uint)c; + c >>= 32; + c += (ulong)x[xOff + 3] + y[yOff + 3] + z[zOff + 3]; + z[zOff + 3] = (uint)c; + c >>= 32; + c += (ulong)x[xOff + 4] + y[yOff + 4] + z[zOff + 4]; + z[zOff + 4] = (uint)c; + c >>= 32; + c += (ulong)x[xOff + 5] + y[yOff + 5] + z[zOff + 5]; + z[zOff + 5] = (uint)c; + c >>= 32; + c += (ulong)x[xOff + 6] + y[yOff + 6] + z[zOff + 6]; + z[zOff + 6] = (uint)c; + c >>= 32; + return (uint)c; + } + + public static uint AddTo(uint[] x, uint[] z) + { + ulong c = 0; + c += (ulong)x[0] + z[0]; + z[0] = (uint)c; + c >>= 32; + c += (ulong)x[1] + z[1]; + z[1] = (uint)c; + c >>= 32; + c += (ulong)x[2] + z[2]; + z[2] = (uint)c; + c >>= 32; + c += (ulong)x[3] + z[3]; + z[3] = (uint)c; + c >>= 32; + c += (ulong)x[4] + z[4]; + z[4] = (uint)c; + c >>= 32; + c += (ulong)x[5] + z[5]; + z[5] = (uint)c; + c >>= 32; + c += (ulong)x[6] + z[6]; + z[6] = (uint)c; + c >>= 32; + return (uint)c; + } + + public static uint AddTo(uint[] x, int xOff, uint[] z, int zOff, uint cIn) + { + ulong c = cIn; + c += (ulong)x[xOff + 0] + z[zOff + 0]; + z[zOff + 0] = (uint)c; + c >>= 32; + c += (ulong)x[xOff + 1] + z[zOff + 1]; + z[zOff + 1] = (uint)c; + c >>= 32; + c += (ulong)x[xOff + 2] + z[zOff + 2]; + z[zOff + 2] = (uint)c; + c >>= 32; + c += (ulong)x[xOff + 3] + z[zOff + 3]; + z[zOff + 3] = (uint)c; + c >>= 32; + c += (ulong)x[xOff + 4] + z[zOff + 4]; + z[zOff + 4] = (uint)c; + c >>= 32; + c += (ulong)x[xOff + 5] + z[zOff + 5]; + z[zOff + 5] = (uint)c; + c >>= 32; + c += (ulong)x[xOff + 6] + z[zOff + 6]; + z[zOff + 6] = (uint)c; + c >>= 32; + return (uint)c; + } + + public static uint AddToEachOther(uint[] u, int uOff, uint[] v, int vOff) + { + ulong c = 0; + c += (ulong)u[uOff + 0] + v[vOff + 0]; + u[uOff + 0] = (uint)c; + v[vOff + 0] = (uint)c; + c >>= 32; + c += (ulong)u[uOff + 1] + v[vOff + 1]; + u[uOff + 1] = (uint)c; + v[vOff + 1] = (uint)c; + c >>= 32; + c += (ulong)u[uOff + 2] + v[vOff + 2]; + u[uOff + 2] = (uint)c; + v[vOff + 2] = (uint)c; + c >>= 32; + c += (ulong)u[uOff + 3] + v[vOff + 3]; + u[uOff + 3] = (uint)c; + v[vOff + 3] = (uint)c; + c >>= 32; + c += (ulong)u[uOff + 4] + v[vOff + 4]; + u[uOff + 4] = (uint)c; + v[vOff + 4] = (uint)c; + c >>= 32; + c += (ulong)u[uOff + 5] + v[vOff + 5]; + u[uOff + 5] = (uint)c; + v[vOff + 5] = (uint)c; + c >>= 32; + c += (ulong)u[uOff + 6] + v[vOff + 6]; + u[uOff + 6] = (uint)c; + v[vOff + 6] = (uint)c; + c >>= 32; + return (uint)c; + } + + public static void Copy(uint[] x, uint[] z) + { + z[0] = x[0]; + z[1] = x[1]; + z[2] = x[2]; + z[3] = x[3]; + z[4] = x[4]; + z[5] = x[5]; + z[6] = x[6]; + } + + public static void Copy(uint[] x, int xOff, uint[] z, int zOff) + { + z[zOff + 0] = x[xOff + 0]; + z[zOff + 1] = x[xOff + 1]; + z[zOff + 2] = x[xOff + 2]; + z[zOff + 3] = x[xOff + 3]; + z[zOff + 4] = x[xOff + 4]; + z[zOff + 5] = x[xOff + 5]; + z[zOff + 6] = x[xOff + 6]; + } + + public static uint[] Create() + { + return new uint[7]; + } + + public static uint[] CreateExt() + { + return new uint[14]; + } + + public static bool Diff(uint[] x, int xOff, uint[] y, int yOff, uint[] z, int zOff) + { + bool pos = Gte(x, xOff, y, yOff); + if (pos) + { + Sub(x, xOff, y, yOff, z, zOff); + } + else + { + Sub(y, yOff, x, xOff, z, zOff); + } + return pos; + } + + public static bool Eq(uint[] x, uint[] y) + { + for (int i = 6; i >= 0; --i) + { + if (x[i] != y[i]) + return false; + } + return true; + } + + public static uint GetBit(uint[] x, int bit) + { + if (bit == 0) + { + return x[0] & 1; + } + int w = bit >> 5; + if (w < 0 || w >= 7) + { + return 0; + } + int b = bit & 31; + return (x[w] >> b) & 1; + } + + public static bool Gte(uint[] x, uint[] y) + { + for (int i = 6; i >= 0; --i) + { + uint x_i = x[i], y_i = y[i]; + if (x_i < y_i) + return false; + if (x_i > y_i) + return true; + } + return true; + } + + public static bool Gte(uint[] x, int xOff, uint[] y, int yOff) + { + for (int i = 6; i >= 0; --i) + { + uint x_i = x[xOff + i], y_i = y[yOff + i]; + if (x_i < y_i) + return false; + if (x_i > y_i) + return true; + } + return true; + } + + public static bool IsOne(uint[] x) + { + if (x[0] != 1) + { + return false; + } + for (int i = 1; i < 7; ++i) + { + if (x[i] != 0) + { + return false; + } + } + return true; + } + + public static bool IsZero(uint[] x) + { + for (int i = 0; i < 7; ++i) + { + if (x[i] != 0) + { + return false; + } + } + return true; + } + + public static void Mul(uint[] x, uint[] y, uint[] zz) + { + ulong y_0 = y[0]; + ulong y_1 = y[1]; + ulong y_2 = y[2]; + ulong y_3 = y[3]; + ulong y_4 = y[4]; + ulong y_5 = y[5]; + ulong y_6 = y[6]; + + { + ulong c = 0, x_0 = x[0]; + c += x_0 * y_0; + zz[0] = (uint)c; + c >>= 32; + c += x_0 * y_1; + zz[1] = (uint)c; + c >>= 32; + c += x_0 * y_2; + zz[2] = (uint)c; + c >>= 32; + c += x_0 * y_3; + zz[3] = (uint)c; + c >>= 32; + c += x_0 * y_4; + zz[4] = (uint)c; + c >>= 32; + c += x_0 * y_5; + zz[5] = (uint)c; + c >>= 32; + c += x_0 * y_6; + zz[6] = (uint)c; + c >>= 32; + zz[7] = (uint)c; + } + + for (int i = 1; i < 7; ++i) + { + ulong c = 0, x_i = x[i]; + c += x_i * y_0 + zz[i + 0]; + zz[i + 0] = (uint)c; + c >>= 32; + c += x_i * y_1 + zz[i + 1]; + zz[i + 1] = (uint)c; + c >>= 32; + c += x_i * y_2 + zz[i + 2]; + zz[i + 2] = (uint)c; + c >>= 32; + c += x_i * y_3 + zz[i + 3]; + zz[i + 3] = (uint)c; + c >>= 32; + c += x_i * y_4 + zz[i + 4]; + zz[i + 4] = (uint)c; + c >>= 32; + c += x_i * y_5 + zz[i + 5]; + zz[i + 5] = (uint)c; + c >>= 32; + c += x_i * y_6 + zz[i + 6]; + zz[i + 6] = (uint)c; + c >>= 32; + zz[i + 7] = (uint)c; + } + } + + public static void Mul(uint[] x, int xOff, uint[] y, int yOff, uint[] zz, int zzOff) + { + ulong y_0 = y[yOff + 0]; + ulong y_1 = y[yOff + 1]; + ulong y_2 = y[yOff + 2]; + ulong y_3 = y[yOff + 3]; + ulong y_4 = y[yOff + 4]; + ulong y_5 = y[yOff + 5]; + ulong y_6 = y[yOff + 6]; + + { + ulong c = 0, x_0 = x[xOff + 0]; + c += x_0 * y_0; + zz[zzOff + 0] = (uint)c; + c >>= 32; + c += x_0 * y_1; + zz[zzOff + 1] = (uint)c; + c >>= 32; + c += x_0 * y_2; + zz[zzOff + 2] = (uint)c; + c >>= 32; + c += x_0 * y_3; + zz[zzOff + 3] = (uint)c; + c >>= 32; + c += x_0 * y_4; + zz[zzOff + 4] = (uint)c; + c >>= 32; + c += x_0 * y_5; + zz[zzOff + 5] = (uint)c; + c >>= 32; + c += x_0 * y_6; + zz[zzOff + 6] = (uint)c; + c >>= 32; + zz[zzOff + 7] = (uint)c; + } + + for (int i = 1; i < 7; ++i) + { + ++zzOff; + ulong c = 0, x_i = x[xOff + i]; + c += x_i * y_0 + zz[zzOff + 0]; + zz[zzOff + 0] = (uint)c; + c >>= 32; + c += x_i * y_1 + zz[zzOff + 1]; + zz[zzOff + 1] = (uint)c; + c >>= 32; + c += x_i * y_2 + zz[zzOff + 2]; + zz[zzOff + 2] = (uint)c; + c >>= 32; + c += x_i * y_3 + zz[zzOff + 3]; + zz[zzOff + 3] = (uint)c; + c >>= 32; + c += x_i * y_4 + zz[zzOff + 4]; + zz[zzOff + 4] = (uint)c; + c >>= 32; + c += x_i * y_5 + zz[zzOff + 5]; + zz[zzOff + 5] = (uint)c; + c >>= 32; + c += x_i * y_6 + zz[zzOff + 6]; + zz[zzOff + 6] = (uint)c; + c >>= 32; + zz[zzOff + 7] = (uint)c; + } + } + + public static uint MulAddTo(uint[] x, uint[] y, uint[] zz) + { + ulong y_0 = y[0]; + ulong y_1 = y[1]; + ulong y_2 = y[2]; + ulong y_3 = y[3]; + ulong y_4 = y[4]; + ulong y_5 = y[5]; + ulong y_6 = y[6]; + + ulong zc = 0; + for (int i = 0; i < 7; ++i) + { + ulong c = 0, x_i = x[i]; + c += x_i * y_0 + zz[i + 0]; + zz[i + 0] = (uint)c; + c >>= 32; + c += x_i * y_1 + zz[i + 1]; + zz[i + 1] = (uint)c; + c >>= 32; + c += x_i * y_2 + zz[i + 2]; + zz[i + 2] = (uint)c; + c >>= 32; + c += x_i * y_3 + zz[i + 3]; + zz[i + 3] = (uint)c; + c >>= 32; + c += x_i * y_4 + zz[i + 4]; + zz[i + 4] = (uint)c; + c >>= 32; + c += x_i * y_5 + zz[i + 5]; + zz[i + 5] = (uint)c; + c >>= 32; + c += x_i * y_6 + zz[i + 6]; + zz[i + 6] = (uint)c; + c >>= 32; + + zc += c + zz[i + 7]; + zz[i + 7] = (uint)zc; + zc >>= 32; + } + return (uint)zc; + } + + public static uint MulAddTo(uint[] x, int xOff, uint[] y, int yOff, uint[] zz, int zzOff) + { + ulong y_0 = y[yOff + 0]; + ulong y_1 = y[yOff + 1]; + ulong y_2 = y[yOff + 2]; + ulong y_3 = y[yOff + 3]; + ulong y_4 = y[yOff + 4]; + ulong y_5 = y[yOff + 5]; + ulong y_6 = y[yOff + 6]; + + ulong zc = 0; + for (int i = 0; i < 7; ++i) + { + ulong c = 0, x_i = x[xOff + i]; + c += x_i * y_0 + zz[zzOff + 0]; + zz[zzOff + 0] = (uint)c; + c >>= 32; + c += x_i * y_1 + zz[zzOff + 1]; + zz[zzOff + 1] = (uint)c; + c >>= 32; + c += x_i * y_2 + zz[zzOff + 2]; + zz[zzOff + 2] = (uint)c; + c >>= 32; + c += x_i * y_3 + zz[zzOff + 3]; + zz[zzOff + 3] = (uint)c; + c >>= 32; + c += x_i * y_4 + zz[zzOff + 4]; + zz[zzOff + 4] = (uint)c; + c >>= 32; + c += x_i * y_5 + zz[zzOff + 5]; + zz[zzOff + 5] = (uint)c; + c >>= 32; + c += x_i * y_6 + zz[zzOff + 6]; + zz[zzOff + 6] = (uint)c; + c >>= 32; + + zc += c + zz[zzOff + 7]; + zz[zzOff + 7] = (uint)zc; + zc >>= 32; + ++zzOff; + } + return (uint)zc; + } + + public static ulong Mul33Add(uint w, uint[] x, int xOff, uint[] y, int yOff, uint[] z, int zOff) + { + Debug.Assert(w >> 31 == 0); + + ulong c = 0, wVal = w; + ulong x0 = x[xOff + 0]; + c += wVal * x0 + y[yOff + 0]; + z[zOff + 0] = (uint)c; + c >>= 32; + ulong x1 = x[xOff + 1]; + c += wVal * x1 + x0 + y[yOff + 1]; + z[zOff + 1] = (uint)c; + c >>= 32; + ulong x2 = x[xOff + 2]; + c += wVal * x2 + x1 + y[yOff + 2]; + z[zOff + 2] = (uint)c; + c >>= 32; + ulong x3 = x[xOff + 3]; + c += wVal * x3 + x2 + y[yOff + 3]; + z[zOff + 3] = (uint)c; + c >>= 32; + ulong x4 = x[xOff + 4]; + c += wVal * x4 + x3 + y[yOff + 4]; + z[zOff + 4] = (uint)c; + c >>= 32; + ulong x5 = x[xOff + 5]; + c += wVal * x5 + x4 + y[yOff + 5]; + z[zOff + 5] = (uint)c; + c >>= 32; + ulong x6 = x[xOff + 6]; + c += wVal * x6 + x5 + y[yOff + 6]; + z[zOff + 6] = (uint)c; + c >>= 32; + c += x6; + return c; + } + + public static uint MulByWord(uint x, uint[] z) + { + ulong c = 0, xVal = x; + c += xVal * (ulong)z[0]; + z[0] = (uint)c; + c >>= 32; + c += xVal * (ulong)z[1]; + z[1] = (uint)c; + c >>= 32; + c += xVal * (ulong)z[2]; + z[2] = (uint)c; + c >>= 32; + c += xVal * (ulong)z[3]; + z[3] = (uint)c; + c >>= 32; + c += xVal * (ulong)z[4]; + z[4] = (uint)c; + c >>= 32; + c += xVal * (ulong)z[5]; + z[5] = (uint)c; + c >>= 32; + c += xVal * (ulong)z[6]; + z[6] = (uint)c; + c >>= 32; + return (uint)c; + } + + public static uint MulByWordAddTo(uint x, uint[] y, uint[] z) + { + ulong c = 0, xVal = x; + c += xVal * (ulong)z[0] + y[0]; + z[0] = (uint)c; + c >>= 32; + c += xVal * (ulong)z[1] + y[1]; + z[1] = (uint)c; + c >>= 32; + c += xVal * (ulong)z[2] + y[2]; + z[2] = (uint)c; + c >>= 32; + c += xVal * (ulong)z[3] + y[3]; + z[3] = (uint)c; + c >>= 32; + c += xVal * (ulong)z[4] + y[4]; + z[4] = (uint)c; + c >>= 32; + c += xVal * (ulong)z[5] + y[5]; + z[5] = (uint)c; + c >>= 32; + c += xVal * (ulong)z[6] + y[6]; + z[6] = (uint)c; + c >>= 32; + return (uint)c; + } + + public static uint MulWordAddTo(uint x, uint[] y, int yOff, uint[] z, int zOff) + { + ulong c = 0, xVal = x; + c += xVal * y[yOff + 0] + z[zOff + 0]; + z[zOff + 0] = (uint)c; + c >>= 32; + c += xVal * y[yOff + 1] + z[zOff + 1]; + z[zOff + 1] = (uint)c; + c >>= 32; + c += xVal * y[yOff + 2] + z[zOff + 2]; + z[zOff + 2] = (uint)c; + c >>= 32; + c += xVal * y[yOff + 3] + z[zOff + 3]; + z[zOff + 3] = (uint)c; + c >>= 32; + c += xVal * y[yOff + 4] + z[zOff + 4]; + z[zOff + 4] = (uint)c; + c >>= 32; + c += xVal * y[yOff + 5] + z[zOff + 5]; + z[zOff + 5] = (uint)c; + c >>= 32; + c += xVal * y[yOff + 6] + z[zOff + 6]; + z[zOff + 6] = (uint)c; + c >>= 32; + return (uint)c; + } + + public static uint Mul33DWordAdd(uint x, ulong y, uint[] z, int zOff) + { + Debug.Assert(x >> 31 == 0); + Debug.Assert(zOff <= 3); + ulong c = 0, xVal = x; + ulong y00 = y & M; + c += xVal * y00 + z[zOff + 0]; + z[zOff + 0] = (uint)c; + c >>= 32; + ulong y01 = y >> 32; + c += xVal * y01 + y00 + z[zOff + 1]; + z[zOff + 1] = (uint)c; + c >>= 32; + c += y01 + z[zOff + 2]; + z[zOff + 2] = (uint)c; + c >>= 32; + c += z[zOff + 3]; + z[zOff + 3] = (uint)c; + c >>= 32; + return c == 0 ? 0 : Nat.IncAt(7, z, zOff, 4); + } + + public static uint Mul33WordAdd(uint x, uint y, uint[] z, int zOff) + { + Debug.Assert(x >> 31 == 0); + Debug.Assert(zOff <= 4); + ulong c = 0, yVal = y; + c += yVal * x + z[zOff + 0]; + z[zOff + 0] = (uint)c; + c >>= 32; + c += yVal + z[zOff + 1]; + z[zOff + 1] = (uint)c; + c >>= 32; + c += z[zOff + 2]; + z[zOff + 2] = (uint)c; + c >>= 32; + return c == 0 ? 0 : Nat.IncAt(7, z, zOff, 3); + } + + public static uint MulWordDwordAdd(uint x, ulong y, uint[] z, int zOff) + { + Debug.Assert(zOff <= 4); + ulong c = 0, xVal = x; + c += xVal * y + z[zOff + 0]; + z[zOff + 0] = (uint)c; + c >>= 32; + c += xVal * (y >> 32) + z[zOff + 1]; + z[zOff + 1] = (uint)c; + c >>= 32; + c += z[zOff + 2]; + z[zOff + 2] = (uint)c; + c >>= 32; + return c == 0 ? 0 : Nat.IncAt(7, z, zOff, 3); + } + + public static uint MulWord(uint x, uint[] y, uint[] z, int zOff) + { + ulong c = 0, xVal = x; + int i = 0; + do + { + c += xVal * y[i]; + z[zOff + i] = (uint)c; + c >>= 32; + } + while (++i < 7); + return (uint)c; + } + + public static void Square(uint[] x, uint[] zz) + { + ulong x_0 = x[0]; + ulong zz_1; + + uint c = 0, w; + { + int i = 6, j = 14; + do + { + ulong xVal = x[i--]; + ulong p = xVal * xVal; + zz[--j] = (c << 31) | (uint)(p >> 33); + zz[--j] = (uint)(p >> 1); + c = (uint)p; + } + while (i > 0); + + { + ulong p = x_0 * x_0; + zz_1 = (ulong)(c << 31) | (p >> 33); + zz[0] = (uint)p; + c = (uint)(p >> 32) & 1; + } + } + + ulong x_1 = x[1]; + ulong zz_2 = zz[2]; + + { + zz_1 += x_1 * x_0; + w = (uint)zz_1; + zz[1] = (w << 1) | c; + c = w >> 31; + zz_2 += zz_1 >> 32; + } + + ulong x_2 = x[2]; + ulong zz_3 = zz[3]; + ulong zz_4 = zz[4]; + { + zz_2 += x_2 * x_0; + w = (uint)zz_2; + zz[2] = (w << 1) | c; + c = w >> 31; + zz_3 += (zz_2 >> 32) + x_2 * x_1; + zz_4 += zz_3 >> 32; + zz_3 &= M; + } + + ulong x_3 = x[3]; + ulong zz_5 = zz[5] + (zz_4 >> 32); zz_4 &= M; + ulong zz_6 = zz[6] + (zz_5 >> 32); zz_5 &= M; + { + zz_3 += x_3 * x_0; + w = (uint)zz_3; + zz[3] = (w << 1) | c; + c = w >> 31; + zz_4 += (zz_3 >> 32) + x_3 * x_1; + zz_5 += (zz_4 >> 32) + x_3 * x_2; + zz_4 &= M; + zz_6 += zz_5 >> 32; + zz_5 &= M; + } + + ulong x_4 = x[4]; + ulong zz_7 = zz[7] + (zz_6 >> 32); zz_6 &= M; + ulong zz_8 = zz[8] + (zz_7 >> 32); zz_7 &= M; + { + zz_4 += x_4 * x_0; + w = (uint)zz_4; + zz[4] = (w << 1) | c; + c = w >> 31; + zz_5 += (zz_4 >> 32) + x_4 * x_1; + zz_6 += (zz_5 >> 32) + x_4 * x_2; + zz_5 &= M; + zz_7 += (zz_6 >> 32) + x_4 * x_3; + zz_6 &= M; + zz_8 += zz_7 >> 32; + zz_7 &= M; + } + + ulong x_5 = x[5]; + ulong zz_9 = zz[9] + (zz_8 >> 32); zz_8 &= M; + ulong zz_10 = zz[10] + (zz_9 >> 32); zz_9 &= M; + { + zz_5 += x_5 * x_0; + w = (uint)zz_5; + zz[5] = (w << 1) | c; + c = w >> 31; + zz_6 += (zz_5 >> 32) + x_5 * x_1; + zz_7 += (zz_6 >> 32) + x_5 * x_2; + zz_6 &= M; + zz_8 += (zz_7 >> 32) + x_5 * x_3; + zz_7 &= M; + zz_9 += (zz_8 >> 32) + x_5 * x_4; + zz_8 &= M; + zz_10 += zz_9 >> 32; + zz_9 &= M; + } + + ulong x_6 = x[6]; + ulong zz_11 = zz[11] + (zz_10 >> 32); zz_10 &= M; + ulong zz_12 = zz[12] + (zz_11 >> 32); zz_11 &= M; + { + zz_6 += x_6 * x_0; + w = (uint)zz_6; + zz[6] = (w << 1) | c; + c = w >> 31; + zz_7 += (zz_6 >> 32) + x_6 * x_1; + zz_8 += (zz_7 >> 32) + x_6 * x_2; + zz_9 += (zz_8 >> 32) + x_6 * x_3; + zz_10 += (zz_9 >> 32) + x_6 * x_4; + zz_11 += (zz_10 >> 32) + x_6 * x_5; + zz_12 += zz_11 >> 32; + } + + w = (uint)zz_7; + zz[7] = (w << 1) | c; + c = w >> 31; + w = (uint)zz_8; + zz[8] = (w << 1) | c; + c = w >> 31; + w = (uint)zz_9; + zz[9] = (w << 1) | c; + c = w >> 31; + w = (uint)zz_10; + zz[10] = (w << 1) | c; + c = w >> 31; + w = (uint)zz_11; + zz[11] = (w << 1) | c; + c = w >> 31; + w = (uint)zz_12; + zz[12] = (w << 1) | c; + c = w >> 31; + w = zz[13] + (uint)(zz_12 >> 32); + zz[13] = (w << 1) | c; + } + + public static void Square(uint[] x, int xOff, uint[] zz, int zzOff) + { + ulong x_0 = x[xOff + 0]; + ulong zz_1; + + uint c = 0, w; + { + int i = 6, j = 14; + do + { + ulong xVal = x[xOff + i--]; + ulong p = xVal * xVal; + zz[zzOff + --j] = (c << 31) | (uint)(p >> 33); + zz[zzOff + --j] = (uint)(p >> 1); + c = (uint)p; + } + while (i > 0); + + { + ulong p = x_0 * x_0; + zz_1 = (ulong)(c << 31) | (p >> 33); + zz[zzOff + 0] = (uint)p; + c = (uint)(p >> 32) & 1; + } + } + + ulong x_1 = x[xOff + 1]; + ulong zz_2 = zz[zzOff + 2]; + + { + zz_1 += x_1 * x_0; + w = (uint)zz_1; + zz[zzOff + 1] = (w << 1) | c; + c = w >> 31; + zz_2 += zz_1 >> 32; + } + + ulong x_2 = x[xOff + 2]; + ulong zz_3 = zz[zzOff + 3]; + ulong zz_4 = zz[zzOff + 4]; + { + zz_2 += x_2 * x_0; + w = (uint)zz_2; + zz[zzOff + 2] = (w << 1) | c; + c = w >> 31; + zz_3 += (zz_2 >> 32) + x_2 * x_1; + zz_4 += zz_3 >> 32; + zz_3 &= M; + } + + ulong x_3 = x[xOff + 3]; + ulong zz_5 = zz[zzOff + 5] + (zz_4 >> 32); zz_4 &= M; + ulong zz_6 = zz[zzOff + 6] + (zz_5 >> 32); zz_5 &= M; + { + zz_3 += x_3 * x_0; + w = (uint)zz_3; + zz[zzOff + 3] = (w << 1) | c; + c = w >> 31; + zz_4 += (zz_3 >> 32) + x_3 * x_1; + zz_5 += (zz_4 >> 32) + x_3 * x_2; + zz_4 &= M; + zz_6 += zz_5 >> 32; + zz_5 &= M; + } + + ulong x_4 = x[xOff + 4]; + ulong zz_7 = zz[zzOff + 7] + (zz_6 >> 32); zz_6 &= M; + ulong zz_8 = zz[zzOff + 8] + (zz_7 >> 32); zz_7 &= M; + { + zz_4 += x_4 * x_0; + w = (uint)zz_4; + zz[zzOff + 4] = (w << 1) | c; + c = w >> 31; + zz_5 += (zz_4 >> 32) + x_4 * x_1; + zz_6 += (zz_5 >> 32) + x_4 * x_2; + zz_5 &= M; + zz_7 += (zz_6 >> 32) + x_4 * x_3; + zz_6 &= M; + zz_8 += zz_7 >> 32; + zz_7 &= M; + } + + ulong x_5 = x[xOff + 5]; + ulong zz_9 = zz[zzOff + 9] + (zz_8 >> 32); zz_8 &= M; + ulong zz_10 = zz[zzOff + 10] + (zz_9 >> 32); zz_9 &= M; + { + zz_5 += x_5 * x_0; + w = (uint)zz_5; + zz[zzOff + 5] = (w << 1) | c; + c = w >> 31; + zz_6 += (zz_5 >> 32) + x_5 * x_1; + zz_7 += (zz_6 >> 32) + x_5 * x_2; + zz_6 &= M; + zz_8 += (zz_7 >> 32) + x_5 * x_3; + zz_7 &= M; + zz_9 += (zz_8 >> 32) + x_5 * x_4; + zz_8 &= M; + zz_10 += zz_9 >> 32; + zz_9 &= M; + } + + ulong x_6 = x[xOff + 6]; + ulong zz_11 = zz[zzOff + 11] + (zz_10 >> 32); zz_10 &= M; + ulong zz_12 = zz[zzOff + 12] + (zz_11 >> 32); zz_11 &= M; + { + zz_6 += x_6 * x_0; + w = (uint)zz_6; + zz[zzOff + 6] = (w << 1) | c; + c = w >> 31; + zz_7 += (zz_6 >> 32) + x_6 * x_1; + zz_8 += (zz_7 >> 32) + x_6 * x_2; + zz_9 += (zz_8 >> 32) + x_6 * x_3; + zz_10 += (zz_9 >> 32) + x_6 * x_4; + zz_11 += (zz_10 >> 32) + x_6 * x_5; + zz_12 += zz_11 >> 32; + } + + w = (uint)zz_7; + zz[zzOff + 7] = (w << 1) | c; + c = w >> 31; + w = (uint)zz_8; + zz[zzOff + 8] = (w << 1) | c; + c = w >> 31; + w = (uint)zz_9; + zz[zzOff + 9] = (w << 1) | c; + c = w >> 31; + w = (uint)zz_10; + zz[zzOff + 10] = (w << 1) | c; + c = w >> 31; + w = (uint)zz_11; + zz[zzOff + 11] = (w << 1) | c; + c = w >> 31; + w = (uint)zz_12; + zz[zzOff + 12] = (w << 1) | c; + c = w >> 31; + w = zz[zzOff + 13] + (uint)(zz_12 >> 32); + zz[zzOff + 13] = (w << 1) | c; + } + + public static int Sub(uint[] x, uint[] y, uint[] z) + { + long c = 0; + c += (long)x[0] - y[0]; + z[0] = (uint)c; + c >>= 32; + c += (long)x[1] - y[1]; + z[1] = (uint)c; + c >>= 32; + c += (long)x[2] - y[2]; + z[2] = (uint)c; + c >>= 32; + c += (long)x[3] - y[3]; + z[3] = (uint)c; + c >>= 32; + c += (long)x[4] - y[4]; + z[4] = (uint)c; + c >>= 32; + c += (long)x[5] - y[5]; + z[5] = (uint)c; + c >>= 32; + c += (long)x[6] - y[6]; + z[6] = (uint)c; + c >>= 32; + return (int)c; + } + + public static int Sub(uint[] x, int xOff, uint[] y, int yOff, uint[] z, int zOff) + { + long c = 0; + c += (long)x[xOff + 0] - y[yOff + 0]; + z[zOff + 0] = (uint)c; + c >>= 32; + c += (long)x[xOff + 1] - y[yOff + 1]; + z[zOff + 1] = (uint)c; + c >>= 32; + c += (long)x[xOff + 2] - y[yOff + 2]; + z[zOff + 2] = (uint)c; + c >>= 32; + c += (long)x[xOff + 3] - y[yOff + 3]; + z[zOff + 3] = (uint)c; + c >>= 32; + c += (long)x[xOff + 4] - y[yOff + 4]; + z[zOff + 4] = (uint)c; + c >>= 32; + c += (long)x[xOff + 5] - y[yOff + 5]; + z[zOff + 5] = (uint)c; + c >>= 32; + c += (long)x[xOff + 6] - y[yOff + 6]; + z[zOff + 6] = (uint)c; + c >>= 32; + return (int)c; + } + + public static int SubBothFrom(uint[] x, uint[] y, uint[] z) + { + long c = 0; + c += (long)z[0] - x[0] - y[0]; + z[0] = (uint)c; + c >>= 32; + c += (long)z[1] - x[1] - y[1]; + z[1] = (uint)c; + c >>= 32; + c += (long)z[2] - x[2] - y[2]; + z[2] = (uint)c; + c >>= 32; + c += (long)z[3] - x[3] - y[3]; + z[3] = (uint)c; + c >>= 32; + c += (long)z[4] - x[4] - y[4]; + z[4] = (uint)c; + c >>= 32; + c += (long)z[5] - x[5] - y[5]; + z[5] = (uint)c; + c >>= 32; + c += (long)z[6] - x[6] - y[6]; + z[6] = (uint)c; + c >>= 32; + return (int)c; + } + + public static int SubFrom(uint[] x, uint[] z) + { + long c = 0; + c += (long)z[0] - x[0]; + z[0] = (uint)c; + c >>= 32; + c += (long)z[1] - x[1]; + z[1] = (uint)c; + c >>= 32; + c += (long)z[2] - x[2]; + z[2] = (uint)c; + c >>= 32; + c += (long)z[3] - x[3]; + z[3] = (uint)c; + c >>= 32; + c += (long)z[4] - x[4]; + z[4] = (uint)c; + c >>= 32; + c += (long)z[5] - x[5]; + z[5] = (uint)c; + c >>= 32; + c += (long)z[6] - x[6]; + z[6] = (uint)c; + c >>= 32; + return (int)c; + } + + public static int SubFrom(uint[] x, int xOff, uint[] z, int zOff) + { + long c = 0; + c += (long)z[zOff + 0] - x[xOff + 0]; + z[zOff + 0] = (uint)c; + c >>= 32; + c += (long)z[zOff + 1] - x[xOff + 1]; + z[zOff + 1] = (uint)c; + c >>= 32; + c += (long)z[zOff + 2] - x[xOff + 2]; + z[zOff + 2] = (uint)c; + c >>= 32; + c += (long)z[zOff + 3] - x[xOff + 3]; + z[zOff + 3] = (uint)c; + c >>= 32; + c += (long)z[zOff + 4] - x[xOff + 4]; + z[zOff + 4] = (uint)c; + c >>= 32; + c += (long)z[zOff + 5] - x[xOff + 5]; + z[zOff + 5] = (uint)c; + c >>= 32; + c += (long)z[zOff + 6] - x[xOff + 6]; + z[zOff + 6] = (uint)c; + c >>= 32; + return (int)c; + } + + public static BigInteger ToBigInteger(uint[] x) + { + byte[] bs = new byte[28]; + for (int i = 0; i < 7; ++i) + { + uint x_i = x[i]; + if (x_i != 0) + { + Pack.UInt32_To_BE(x_i, bs, (6 - i) << 2); + } + } + return new BigInteger(1, bs); + } + + public static void Zero(uint[] z) + { + z[0] = 0; + z[1] = 0; + z[2] = 0; + z[3] = 0; + z[4] = 0; + z[5] = 0; + z[6] = 0; + } + } +} diff --git a/BouncyCastle/crypto/src/math/raw/Nat256.cs b/BouncyCastle/crypto/src/math/raw/Nat256.cs new file mode 100644 index 0000000..710060b --- /dev/null +++ b/BouncyCastle/crypto/src/math/raw/Nat256.cs @@ -0,0 +1,1379 @@ +using System; +using System.Diagnostics; + +using Org.BouncyCastle.Crypto.Utilities; + +namespace Org.BouncyCastle.Math.Raw +{ + internal abstract class Nat256 + { + private const ulong M = 0xFFFFFFFFUL; + + public static uint Add(uint[] x, uint[] y, uint[] z) + { + ulong c = 0; + c += (ulong)x[0] + y[0]; + z[0] = (uint)c; + c >>= 32; + c += (ulong)x[1] + y[1]; + z[1] = (uint)c; + c >>= 32; + c += (ulong)x[2] + y[2]; + z[2] = (uint)c; + c >>= 32; + c += (ulong)x[3] + y[3]; + z[3] = (uint)c; + c >>= 32; + c += (ulong)x[4] + y[4]; + z[4] = (uint)c; + c >>= 32; + c += (ulong)x[5] + y[5]; + z[5] = (uint)c; + c >>= 32; + c += (ulong)x[6] + y[6]; + z[6] = (uint)c; + c >>= 32; + c += (ulong)x[7] + y[7]; + z[7] = (uint)c; + c >>= 32; + return (uint)c; + } + + public static uint Add(uint[] x, int xOff, uint[] y, int yOff, uint[] z, int zOff) + { + ulong c = 0; + c += (ulong)x[xOff + 0] + y[yOff + 0]; + z[zOff + 0] = (uint)c; + c >>= 32; + c += (ulong)x[xOff + 1] + y[yOff + 1]; + z[zOff + 1] = (uint)c; + c >>= 32; + c += (ulong)x[xOff + 2] + y[yOff + 2]; + z[zOff + 2] = (uint)c; + c >>= 32; + c += (ulong)x[xOff + 3] + y[yOff + 3]; + z[zOff + 3] = (uint)c; + c >>= 32; + c += (ulong)x[xOff + 4] + y[yOff + 4]; + z[zOff + 4] = (uint)c; + c >>= 32; + c += (ulong)x[xOff + 5] + y[yOff + 5]; + z[zOff + 5] = (uint)c; + c >>= 32; + c += (ulong)x[xOff + 6] + y[yOff + 6]; + z[zOff + 6] = (uint)c; + c >>= 32; + c += (ulong)x[xOff + 7] + y[yOff + 7]; + z[zOff + 7] = (uint)c; + c >>= 32; + return (uint)c; + } + + public static uint AddBothTo(uint[] x, uint[] y, uint[] z) + { + ulong c = 0; + c += (ulong)x[0] + y[0] + z[0]; + z[0] = (uint)c; + c >>= 32; + c += (ulong)x[1] + y[1] + z[1]; + z[1] = (uint)c; + c >>= 32; + c += (ulong)x[2] + y[2] + z[2]; + z[2] = (uint)c; + c >>= 32; + c += (ulong)x[3] + y[3] + z[3]; + z[3] = (uint)c; + c >>= 32; + c += (ulong)x[4] + y[4] + z[4]; + z[4] = (uint)c; + c >>= 32; + c += (ulong)x[5] + y[5] + z[5]; + z[5] = (uint)c; + c >>= 32; + c += (ulong)x[6] + y[6] + z[6]; + z[6] = (uint)c; + c >>= 32; + c += (ulong)x[7] + y[7] + z[7]; + z[7] = (uint)c; + c >>= 32; + return (uint)c; + } + + public static uint AddBothTo(uint[] x, int xOff, uint[] y, int yOff, uint[] z, int zOff) + { + ulong c = 0; + c += (ulong)x[xOff + 0] + y[yOff + 0] + z[zOff + 0]; + z[zOff + 0] = (uint)c; + c >>= 32; + c += (ulong)x[xOff + 1] + y[yOff + 1] + z[zOff + 1]; + z[zOff + 1] = (uint)c; + c >>= 32; + c += (ulong)x[xOff + 2] + y[yOff + 2] + z[zOff + 2]; + z[zOff + 2] = (uint)c; + c >>= 32; + c += (ulong)x[xOff + 3] + y[yOff + 3] + z[zOff + 3]; + z[zOff + 3] = (uint)c; + c >>= 32; + c += (ulong)x[xOff + 4] + y[yOff + 4] + z[zOff + 4]; + z[zOff + 4] = (uint)c; + c >>= 32; + c += (ulong)x[xOff + 5] + y[yOff + 5] + z[zOff + 5]; + z[zOff + 5] = (uint)c; + c >>= 32; + c += (ulong)x[xOff + 6] + y[yOff + 6] + z[zOff + 6]; + z[zOff + 6] = (uint)c; + c >>= 32; + c += (ulong)x[xOff + 7] + y[yOff + 7] + z[zOff + 7]; + z[zOff + 7] = (uint)c; + c >>= 32; + return (uint)c; + } + + public static uint AddTo(uint[] x, uint[] z) + { + ulong c = 0; + c += (ulong)x[0] + z[0]; + z[0] = (uint)c; + c >>= 32; + c += (ulong)x[1] + z[1]; + z[1] = (uint)c; + c >>= 32; + c += (ulong)x[2] + z[2]; + z[2] = (uint)c; + c >>= 32; + c += (ulong)x[3] + z[3]; + z[3] = (uint)c; + c >>= 32; + c += (ulong)x[4] + z[4]; + z[4] = (uint)c; + c >>= 32; + c += (ulong)x[5] + z[5]; + z[5] = (uint)c; + c >>= 32; + c += (ulong)x[6] + z[6]; + z[6] = (uint)c; + c >>= 32; + c += (ulong)x[7] + z[7]; + z[7] = (uint)c; + c >>= 32; + return (uint)c; + } + + public static uint AddTo(uint[] x, int xOff, uint[] z, int zOff, uint cIn) + { + ulong c = cIn; + c += (ulong)x[xOff + 0] + z[zOff + 0]; + z[zOff + 0] = (uint)c; + c >>= 32; + c += (ulong)x[xOff + 1] + z[zOff + 1]; + z[zOff + 1] = (uint)c; + c >>= 32; + c += (ulong)x[xOff + 2] + z[zOff + 2]; + z[zOff + 2] = (uint)c; + c >>= 32; + c += (ulong)x[xOff + 3] + z[zOff + 3]; + z[zOff + 3] = (uint)c; + c >>= 32; + c += (ulong)x[xOff + 4] + z[zOff + 4]; + z[zOff + 4] = (uint)c; + c >>= 32; + c += (ulong)x[xOff + 5] + z[zOff + 5]; + z[zOff + 5] = (uint)c; + c >>= 32; + c += (ulong)x[xOff + 6] + z[zOff + 6]; + z[zOff + 6] = (uint)c; + c >>= 32; + c += (ulong)x[xOff + 7] + z[zOff + 7]; + z[zOff + 7] = (uint)c; + c >>= 32; + return (uint)c; + } + + public static uint AddToEachOther(uint[] u, int uOff, uint[] v, int vOff) + { + ulong c = 0; + c += (ulong)u[uOff + 0] + v[vOff + 0]; + u[uOff + 0] = (uint)c; + v[vOff + 0] = (uint)c; + c >>= 32; + c += (ulong)u[uOff + 1] + v[vOff + 1]; + u[uOff + 1] = (uint)c; + v[vOff + 1] = (uint)c; + c >>= 32; + c += (ulong)u[uOff + 2] + v[vOff + 2]; + u[uOff + 2] = (uint)c; + v[vOff + 2] = (uint)c; + c >>= 32; + c += (ulong)u[uOff + 3] + v[vOff + 3]; + u[uOff + 3] = (uint)c; + v[vOff + 3] = (uint)c; + c >>= 32; + c += (ulong)u[uOff + 4] + v[vOff + 4]; + u[uOff + 4] = (uint)c; + v[vOff + 4] = (uint)c; + c >>= 32; + c += (ulong)u[uOff + 5] + v[vOff + 5]; + u[uOff + 5] = (uint)c; + v[vOff + 5] = (uint)c; + c >>= 32; + c += (ulong)u[uOff + 6] + v[vOff + 6]; + u[uOff + 6] = (uint)c; + v[vOff + 6] = (uint)c; + c >>= 32; + c += (ulong)u[uOff + 7] + v[vOff + 7]; + u[uOff + 7] = (uint)c; + v[vOff + 7] = (uint)c; + c >>= 32; + return (uint)c; + } + + public static void Copy(uint[] x, uint[] z) + { + z[0] = x[0]; + z[1] = x[1]; + z[2] = x[2]; + z[3] = x[3]; + z[4] = x[4]; + z[5] = x[5]; + z[6] = x[6]; + z[7] = x[7]; + } + + public static void Copy(uint[] x, int xOff, uint[] z, int zOff) + { + z[zOff + 0] = x[xOff + 0]; + z[zOff + 1] = x[xOff + 1]; + z[zOff + 2] = x[xOff + 2]; + z[zOff + 3] = x[xOff + 3]; + z[zOff + 4] = x[xOff + 4]; + z[zOff + 5] = x[xOff + 5]; + z[zOff + 6] = x[xOff + 6]; + z[zOff + 7] = x[xOff + 7]; + } + + public static void Copy64(ulong[] x, ulong[] z) + { + z[0] = x[0]; + z[1] = x[1]; + z[2] = x[2]; + z[3] = x[3]; + } + + public static void Copy64(ulong[] x, int xOff, ulong[] z, int zOff) + { + z[zOff + 0] = x[xOff + 0]; + z[zOff + 1] = x[xOff + 1]; + z[zOff + 2] = x[xOff + 2]; + z[zOff + 3] = x[xOff + 3]; + } + + public static uint[] Create() + { + return new uint[8]; + } + + public static ulong[] Create64() + { + return new ulong[4]; + } + + public static uint[] CreateExt() + { + return new uint[16]; + } + + public static ulong[] CreateExt64() + { + return new ulong[8]; + } + + public static bool Diff(uint[] x, int xOff, uint[] y, int yOff, uint[] z, int zOff) + { + bool pos = Gte(x, xOff, y, yOff); + if (pos) + { + Sub(x, xOff, y, yOff, z, zOff); + } + else + { + Sub(y, yOff, x, xOff, z, zOff); + } + return pos; + } + + public static bool Eq(uint[] x, uint[] y) + { + for (int i = 7; i >= 0; --i) + { + if (x[i] != y[i]) + return false; + } + return true; + } + + public static bool Eq64(ulong[] x, ulong[] y) + { + for (int i = 3; i >= 0; --i) + { + if (x[i] != y[i]) + { + return false; + } + } + return true; + } + + public static uint GetBit(uint[] x, int bit) + { + if (bit == 0) + { + return x[0] & 1; + } + if ((bit & 255) != bit) + { + return 0; + } + int w = bit >> 5; + int b = bit & 31; + return (x[w] >> b) & 1; + } + + public static bool Gte(uint[] x, uint[] y) + { + for (int i = 7; i >= 0; --i) + { + uint x_i = x[i], y_i = y[i]; + if (x_i < y_i) + return false; + if (x_i > y_i) + return true; + } + return true; + } + + public static bool Gte(uint[] x, int xOff, uint[] y, int yOff) + { + for (int i = 7; i >= 0; --i) + { + uint x_i = x[xOff + i], y_i = y[yOff + i]; + if (x_i < y_i) + return false; + if (x_i > y_i) + return true; + } + return true; + } + + public static bool IsOne(uint[] x) + { + if (x[0] != 1) + { + return false; + } + for (int i = 1; i < 8; ++i) + { + if (x[i] != 0) + { + return false; + } + } + return true; + } + + public static bool IsOne64(ulong[] x) + { + if (x[0] != 1UL) + { + return false; + } + for (int i = 1; i < 4; ++i) + { + if (x[i] != 0UL) + { + return false; + } + } + return true; + } + + public static bool IsZero(uint[] x) + { + for (int i = 0; i < 8; ++i) + { + if (x[i] != 0) + { + return false; + } + } + return true; + } + + public static bool IsZero64(ulong[] x) + { + for (int i = 0; i < 4; ++i) + { + if (x[i] != 0UL) + { + return false; + } + } + return true; + } + + public static void Mul(uint[] x, uint[] y, uint[] zz) + { + ulong y_0 = y[0]; + ulong y_1 = y[1]; + ulong y_2 = y[2]; + ulong y_3 = y[3]; + ulong y_4 = y[4]; + ulong y_5 = y[5]; + ulong y_6 = y[6]; + ulong y_7 = y[7]; + + { + ulong c = 0, x_0 = x[0]; + c += x_0 * y_0; + zz[0] = (uint)c; + c >>= 32; + c += x_0 * y_1; + zz[1] = (uint)c; + c >>= 32; + c += x_0 * y_2; + zz[2] = (uint)c; + c >>= 32; + c += x_0 * y_3; + zz[3] = (uint)c; + c >>= 32; + c += x_0 * y_4; + zz[4] = (uint)c; + c >>= 32; + c += x_0 * y_5; + zz[5] = (uint)c; + c >>= 32; + c += x_0 * y_6; + zz[6] = (uint)c; + c >>= 32; + c += x_0 * y_7; + zz[7] = (uint)c; + c >>= 32; + zz[8] = (uint)c; + } + + for (int i = 1; i < 8; ++i) + { + ulong c = 0, x_i = x[i]; + c += x_i * y_0 + zz[i + 0]; + zz[i + 0] = (uint)c; + c >>= 32; + c += x_i * y_1 + zz[i + 1]; + zz[i + 1] = (uint)c; + c >>= 32; + c += x_i * y_2 + zz[i + 2]; + zz[i + 2] = (uint)c; + c >>= 32; + c += x_i * y_3 + zz[i + 3]; + zz[i + 3] = (uint)c; + c >>= 32; + c += x_i * y_4 + zz[i + 4]; + zz[i + 4] = (uint)c; + c >>= 32; + c += x_i * y_5 + zz[i + 5]; + zz[i + 5] = (uint)c; + c >>= 32; + c += x_i * y_6 + zz[i + 6]; + zz[i + 6] = (uint)c; + c >>= 32; + c += x_i * y_7 + zz[i + 7]; + zz[i + 7] = (uint)c; + c >>= 32; + zz[i + 8] = (uint)c; + } + } + + public static void Mul(uint[] x, int xOff, uint[] y, int yOff, uint[] zz, int zzOff) + { + ulong y_0 = y[yOff + 0]; + ulong y_1 = y[yOff + 1]; + ulong y_2 = y[yOff + 2]; + ulong y_3 = y[yOff + 3]; + ulong y_4 = y[yOff + 4]; + ulong y_5 = y[yOff + 5]; + ulong y_6 = y[yOff + 6]; + ulong y_7 = y[yOff + 7]; + + { + ulong c = 0, x_0 = x[xOff + 0]; + c += x_0 * y_0; + zz[zzOff + 0] = (uint)c; + c >>= 32; + c += x_0 * y_1; + zz[zzOff + 1] = (uint)c; + c >>= 32; + c += x_0 * y_2; + zz[zzOff + 2] = (uint)c; + c >>= 32; + c += x_0 * y_3; + zz[zzOff + 3] = (uint)c; + c >>= 32; + c += x_0 * y_4; + zz[zzOff + 4] = (uint)c; + c >>= 32; + c += x_0 * y_5; + zz[zzOff + 5] = (uint)c; + c >>= 32; + c += x_0 * y_6; + zz[zzOff + 6] = (uint)c; + c >>= 32; + c += x_0 * y_7; + zz[zzOff + 7] = (uint)c; + c >>= 32; + zz[zzOff + 8] = (uint)c; + } + + for (int i = 1; i < 8; ++i) + { + ++zzOff; + ulong c = 0, x_i = x[xOff + i]; + c += x_i * y_0 + zz[zzOff + 0]; + zz[zzOff + 0] = (uint)c; + c >>= 32; + c += x_i * y_1 + zz[zzOff + 1]; + zz[zzOff + 1] = (uint)c; + c >>= 32; + c += x_i * y_2 + zz[zzOff + 2]; + zz[zzOff + 2] = (uint)c; + c >>= 32; + c += x_i * y_3 + zz[zzOff + 3]; + zz[zzOff + 3] = (uint)c; + c >>= 32; + c += x_i * y_4 + zz[zzOff + 4]; + zz[zzOff + 4] = (uint)c; + c >>= 32; + c += x_i * y_5 + zz[zzOff + 5]; + zz[zzOff + 5] = (uint)c; + c >>= 32; + c += x_i * y_6 + zz[zzOff + 6]; + zz[zzOff + 6] = (uint)c; + c >>= 32; + c += x_i * y_7 + zz[zzOff + 7]; + zz[zzOff + 7] = (uint)c; + c >>= 32; + zz[zzOff + 8] = (uint)c; + } + } + + public static uint MulAddTo(uint[] x, uint[] y, uint[] zz) + { + ulong y_0 = y[0]; + ulong y_1 = y[1]; + ulong y_2 = y[2]; + ulong y_3 = y[3]; + ulong y_4 = y[4]; + ulong y_5 = y[5]; + ulong y_6 = y[6]; + ulong y_7 = y[7]; + + ulong zc = 0; + for (int i = 0; i < 8; ++i) + { + ulong c = 0, x_i = x[i]; + c += x_i * y_0 + zz[i + 0]; + zz[i + 0] = (uint)c; + c >>= 32; + c += x_i * y_1 + zz[i + 1]; + zz[i + 1] = (uint)c; + c >>= 32; + c += x_i * y_2 + zz[i + 2]; + zz[i + 2] = (uint)c; + c >>= 32; + c += x_i * y_3 + zz[i + 3]; + zz[i + 3] = (uint)c; + c >>= 32; + c += x_i * y_4 + zz[i + 4]; + zz[i + 4] = (uint)c; + c >>= 32; + c += x_i * y_5 + zz[i + 5]; + zz[i + 5] = (uint)c; + c >>= 32; + c += x_i * y_6 + zz[i + 6]; + zz[i + 6] = (uint)c; + c >>= 32; + c += x_i * y_7 + zz[i + 7]; + zz[i + 7] = (uint)c; + c >>= 32; + + zc += c + zz[i + 8]; + zz[i + 8] = (uint)zc; + zc >>= 32; + } + return (uint)zc; + } + + public static uint MulAddTo(uint[] x, int xOff, uint[] y, int yOff, uint[] zz, int zzOff) + { + ulong y_0 = y[yOff + 0]; + ulong y_1 = y[yOff + 1]; + ulong y_2 = y[yOff + 2]; + ulong y_3 = y[yOff + 3]; + ulong y_4 = y[yOff + 4]; + ulong y_5 = y[yOff + 5]; + ulong y_6 = y[yOff + 6]; + ulong y_7 = y[yOff + 7]; + + ulong zc = 0; + for (int i = 0; i < 8; ++i) + { + ulong c = 0, x_i = x[xOff + i]; + c += x_i * y_0 + zz[zzOff + 0]; + zz[zzOff + 0] = (uint)c; + c >>= 32; + c += x_i * y_1 + zz[zzOff + 1]; + zz[zzOff + 1] = (uint)c; + c >>= 32; + c += x_i * y_2 + zz[zzOff + 2]; + zz[zzOff + 2] = (uint)c; + c >>= 32; + c += x_i * y_3 + zz[zzOff + 3]; + zz[zzOff + 3] = (uint)c; + c >>= 32; + c += x_i * y_4 + zz[zzOff + 4]; + zz[zzOff + 4] = (uint)c; + c >>= 32; + c += x_i * y_5 + zz[zzOff + 5]; + zz[zzOff + 5] = (uint)c; + c >>= 32; + c += x_i * y_6 + zz[zzOff + 6]; + zz[zzOff + 6] = (uint)c; + c >>= 32; + c += x_i * y_7 + zz[zzOff + 7]; + zz[zzOff + 7] = (uint)c; + c >>= 32; + + zc += c + zz[zzOff + 8]; + zz[zzOff + 8] = (uint)zc; + zc >>= 32; + ++zzOff; + } + return (uint)zc; + } + + public static ulong Mul33Add(uint w, uint[] x, int xOff, uint[] y, int yOff, uint[] z, int zOff) + { + Debug.Assert(w >> 31 == 0); + + ulong c = 0, wVal = w; + ulong x0 = x[xOff + 0]; + c += wVal * x0 + y[yOff + 0]; + z[zOff + 0] = (uint)c; + c >>= 32; + ulong x1 = x[xOff + 1]; + c += wVal * x1 + x0 + y[yOff + 1]; + z[zOff + 1] = (uint)c; + c >>= 32; + ulong x2 = x[xOff + 2]; + c += wVal * x2 + x1 + y[yOff + 2]; + z[zOff + 2] = (uint)c; + c >>= 32; + ulong x3 = x[xOff + 3]; + c += wVal * x3 + x2 + y[yOff + 3]; + z[zOff + 3] = (uint)c; + c >>= 32; + ulong x4 = x[xOff + 4]; + c += wVal * x4 + x3 + y[yOff + 4]; + z[zOff + 4] = (uint)c; + c >>= 32; + ulong x5 = x[xOff + 5]; + c += wVal * x5 + x4 + y[yOff + 5]; + z[zOff + 5] = (uint)c; + c >>= 32; + ulong x6 = x[xOff + 6]; + c += wVal * x6 + x5 + y[yOff + 6]; + z[zOff + 6] = (uint)c; + c >>= 32; + ulong x7 = x[xOff + 7]; + c += wVal * x7 + x6 + y[yOff + 7]; + z[zOff + 7] = (uint)c; + c >>= 32; + c += x7; + return c; + } + + public static uint MulByWord(uint x, uint[] z) + { + ulong c = 0, xVal = x; + c += xVal * (ulong)z[0]; + z[0] = (uint)c; + c >>= 32; + c += xVal * (ulong)z[1]; + z[1] = (uint)c; + c >>= 32; + c += xVal * (ulong)z[2]; + z[2] = (uint)c; + c >>= 32; + c += xVal * (ulong)z[3]; + z[3] = (uint)c; + c >>= 32; + c += xVal * (ulong)z[4]; + z[4] = (uint)c; + c >>= 32; + c += xVal * (ulong)z[5]; + z[5] = (uint)c; + c >>= 32; + c += xVal * (ulong)z[6]; + z[6] = (uint)c; + c >>= 32; + c += xVal * (ulong)z[7]; + z[7] = (uint)c; + c >>= 32; + return (uint)c; + } + + public static uint MulByWordAddTo(uint x, uint[] y, uint[] z) + { + ulong c = 0, xVal = x; + c += xVal * (ulong)z[0] + y[0]; + z[0] = (uint)c; + c >>= 32; + c += xVal * (ulong)z[1] + y[1]; + z[1] = (uint)c; + c >>= 32; + c += xVal * (ulong)z[2] + y[2]; + z[2] = (uint)c; + c >>= 32; + c += xVal * (ulong)z[3] + y[3]; + z[3] = (uint)c; + c >>= 32; + c += xVal * (ulong)z[4] + y[4]; + z[4] = (uint)c; + c >>= 32; + c += xVal * (ulong)z[5] + y[5]; + z[5] = (uint)c; + c >>= 32; + c += xVal * (ulong)z[6] + y[6]; + z[6] = (uint)c; + c >>= 32; + c += xVal * (ulong)z[7] + y[7]; + z[7] = (uint)c; + c >>= 32; + return (uint)c; + } + + public static uint MulWordAddTo(uint x, uint[] y, int yOff, uint[] z, int zOff) + { + ulong c = 0, xVal = x; + c += xVal * y[yOff + 0] + z[zOff + 0]; + z[zOff + 0] = (uint)c; + c >>= 32; + c += xVal * y[yOff + 1] + z[zOff + 1]; + z[zOff + 1] = (uint)c; + c >>= 32; + c += xVal * y[yOff + 2] + z[zOff + 2]; + z[zOff + 2] = (uint)c; + c >>= 32; + c += xVal * y[yOff + 3] + z[zOff + 3]; + z[zOff + 3] = (uint)c; + c >>= 32; + c += xVal * y[yOff + 4] + z[zOff + 4]; + z[zOff + 4] = (uint)c; + c >>= 32; + c += xVal * y[yOff + 5] + z[zOff + 5]; + z[zOff + 5] = (uint)c; + c >>= 32; + c += xVal * y[yOff + 6] + z[zOff + 6]; + z[zOff + 6] = (uint)c; + c >>= 32; + c += xVal * y[yOff + 7] + z[zOff + 7]; + z[zOff + 7] = (uint)c; + c >>= 32; + return (uint)c; + } + + public static uint Mul33DWordAdd(uint x, ulong y, uint[] z, int zOff) + { + Debug.Assert(x >> 31 == 0); + Debug.Assert(zOff <= 4); + ulong c = 0, xVal = x; + ulong y00 = y & M; + c += xVal * y00 + z[zOff + 0]; + z[zOff + 0] = (uint)c; + c >>= 32; + ulong y01 = y >> 32; + c += xVal * y01 + y00 + z[zOff + 1]; + z[zOff + 1] = (uint)c; + c >>= 32; + c += y01 + z[zOff + 2]; + z[zOff + 2] = (uint)c; + c >>= 32; + c += z[zOff + 3]; + z[zOff + 3] = (uint)c; + c >>= 32; + return c == 0 ? 0 : Nat.IncAt(8, z, zOff, 4); + } + + public static uint Mul33WordAdd(uint x, uint y, uint[] z, int zOff) + { + Debug.Assert(x >> 31 == 0); + Debug.Assert(zOff <= 5); + ulong c = 0, yVal = y; + c += yVal * x + z[zOff + 0]; + z[zOff + 0] = (uint)c; + c >>= 32; + c += yVal + z[zOff + 1]; + z[zOff + 1] = (uint)c; + c >>= 32; + c += z[zOff + 2]; + z[zOff + 2] = (uint)c; + c >>= 32; + return c == 0 ? 0 : Nat.IncAt(8, z, zOff, 3); + } + + public static uint MulWordDwordAdd(uint x, ulong y, uint[] z, int zOff) + { + Debug.Assert(zOff <= 5); + ulong c = 0, xVal = x; + c += xVal * y + z[zOff + 0]; + z[zOff + 0] = (uint)c; + c >>= 32; + c += xVal * (y >> 32) + z[zOff + 1]; + z[zOff + 1] = (uint)c; + c >>= 32; + c += z[zOff + 2]; + z[zOff + 2] = (uint)c; + c >>= 32; + return c == 0 ? 0 : Nat.IncAt(8, z, zOff, 3); + } + + public static uint MulWord(uint x, uint[] y, uint[] z, int zOff) + { + ulong c = 0, xVal = x; + int i = 0; + do + { + c += xVal * y[i]; + z[zOff + i] = (uint)c; + c >>= 32; + } + while (++i < 8); + return (uint)c; + } + + public static void Square(uint[] x, uint[] zz) + { + ulong x_0 = x[0]; + ulong zz_1; + + uint c = 0, w; + { + int i = 7, j = 16; + do + { + ulong xVal = x[i--]; + ulong p = xVal * xVal; + zz[--j] = (c << 31) | (uint)(p >> 33); + zz[--j] = (uint)(p >> 1); + c = (uint)p; + } + while (i > 0); + + { + ulong p = x_0 * x_0; + zz_1 = (ulong)(c << 31) | (p >> 33); + zz[0] = (uint)p; + c = (uint)(p >> 32) & 1; + } + } + + ulong x_1 = x[1]; + ulong zz_2 = zz[2]; + + { + zz_1 += x_1 * x_0; + w = (uint)zz_1; + zz[1] = (w << 1) | c; + c = w >> 31; + zz_2 += zz_1 >> 32; + } + + ulong x_2 = x[2]; + ulong zz_3 = zz[3]; + ulong zz_4 = zz[4]; + { + zz_2 += x_2 * x_0; + w = (uint)zz_2; + zz[2] = (w << 1) | c; + c = w >> 31; + zz_3 += (zz_2 >> 32) + x_2 * x_1; + zz_4 += zz_3 >> 32; + zz_3 &= M; + } + + ulong x_3 = x[3]; + ulong zz_5 = zz[5] + (zz_4 >> 32); zz_4 &= M; + ulong zz_6 = zz[6] + (zz_5 >> 32); zz_5 &= M; + { + zz_3 += x_3 * x_0; + w = (uint)zz_3; + zz[3] = (w << 1) | c; + c = w >> 31; + zz_4 += (zz_3 >> 32) + x_3 * x_1; + zz_5 += (zz_4 >> 32) + x_3 * x_2; + zz_4 &= M; + zz_6 += zz_5 >> 32; + zz_5 &= M; + } + + ulong x_4 = x[4]; + ulong zz_7 = zz[7] + (zz_6 >> 32); zz_6 &= M; + ulong zz_8 = zz[8] + (zz_7 >> 32); zz_7 &= M; + { + zz_4 += x_4 * x_0; + w = (uint)zz_4; + zz[4] = (w << 1) | c; + c = w >> 31; + zz_5 += (zz_4 >> 32) + x_4 * x_1; + zz_6 += (zz_5 >> 32) + x_4 * x_2; + zz_5 &= M; + zz_7 += (zz_6 >> 32) + x_4 * x_3; + zz_6 &= M; + zz_8 += zz_7 >> 32; + zz_7 &= M; + } + + ulong x_5 = x[5]; + ulong zz_9 = zz[9] + (zz_8 >> 32); zz_8 &= M; + ulong zz_10 = zz[10] + (zz_9 >> 32); zz_9 &= M; + { + zz_5 += x_5 * x_0; + w = (uint)zz_5; + zz[5] = (w << 1) | c; + c = w >> 31; + zz_6 += (zz_5 >> 32) + x_5 * x_1; + zz_7 += (zz_6 >> 32) + x_5 * x_2; + zz_6 &= M; + zz_8 += (zz_7 >> 32) + x_5 * x_3; + zz_7 &= M; + zz_9 += (zz_8 >> 32) + x_5 * x_4; + zz_8 &= M; + zz_10 += zz_9 >> 32; + zz_9 &= M; + } + + ulong x_6 = x[6]; + ulong zz_11 = zz[11] + (zz_10 >> 32); zz_10 &= M; + ulong zz_12 = zz[12] + (zz_11 >> 32); zz_11 &= M; + { + zz_6 += x_6 * x_0; + w = (uint)zz_6; + zz[6] = (w << 1) | c; + c = w >> 31; + zz_7 += (zz_6 >> 32) + x_6 * x_1; + zz_8 += (zz_7 >> 32) + x_6 * x_2; + zz_7 &= M; + zz_9 += (zz_8 >> 32) + x_6 * x_3; + zz_8 &= M; + zz_10 += (zz_9 >> 32) + x_6 * x_4; + zz_9 &= M; + zz_11 += (zz_10 >> 32) + x_6 * x_5; + zz_10 &= M; + zz_12 += zz_11 >> 32; + zz_11 &= M; + } + + ulong x_7 = x[7]; + ulong zz_13 = zz[13] + (zz_12 >> 32); zz_12 &= M; + ulong zz_14 = zz[14] + (zz_13 >> 32); zz_13 &= M; + { + zz_7 += x_7 * x_0; + w = (uint)zz_7; + zz[7] = (w << 1) | c; + c = w >> 31; + zz_8 += (zz_7 >> 32) + x_7 * x_1; + zz_9 += (zz_8 >> 32) + x_7 * x_2; + zz_10 += (zz_9 >> 32) + x_7 * x_3; + zz_11 += (zz_10 >> 32) + x_7 * x_4; + zz_12 += (zz_11 >> 32) + x_7 * x_5; + zz_13 += (zz_12 >> 32) + x_7 * x_6; + zz_14 += zz_13 >> 32; + } + + w = (uint)zz_8; + zz[8] = (w << 1) | c; + c = w >> 31; + w = (uint)zz_9; + zz[9] = (w << 1) | c; + c = w >> 31; + w = (uint)zz_10; + zz[10] = (w << 1) | c; + c = w >> 31; + w = (uint)zz_11; + zz[11] = (w << 1) | c; + c = w >> 31; + w = (uint)zz_12; + zz[12] = (w << 1) | c; + c = w >> 31; + w = (uint)zz_13; + zz[13] = (w << 1) | c; + c = w >> 31; + w = (uint)zz_14; + zz[14] = (w << 1) | c; + c = w >> 31; + w = zz[15] + (uint)(zz_14 >> 32); + zz[15] = (w << 1) | c; + } + + public static void Square(uint[] x, int xOff, uint[] zz, int zzOff) + { + ulong x_0 = x[xOff + 0]; + ulong zz_1; + + uint c = 0, w; + { + int i = 7, j = 16; + do + { + ulong xVal = x[xOff + i--]; + ulong p = xVal * xVal; + zz[zzOff + --j] = (c << 31) | (uint)(p >> 33); + zz[zzOff + --j] = (uint)(p >> 1); + c = (uint)p; + } + while (i > 0); + + { + ulong p = x_0 * x_0; + zz_1 = (ulong)(c << 31) | (p >> 33); + zz[zzOff + 0] = (uint)p; + c = (uint)(p >> 32) & 1; + } + } + + ulong x_1 = x[xOff + 1]; + ulong zz_2 = zz[zzOff + 2]; + + { + zz_1 += x_1 * x_0; + w = (uint)zz_1; + zz[zzOff + 1] = (w << 1) | c; + c = w >> 31; + zz_2 += zz_1 >> 32; + } + + ulong x_2 = x[xOff + 2]; + ulong zz_3 = zz[zzOff + 3]; + ulong zz_4 = zz[zzOff + 4]; + { + zz_2 += x_2 * x_0; + w = (uint)zz_2; + zz[zzOff + 2] = (w << 1) | c; + c = w >> 31; + zz_3 += (zz_2 >> 32) + x_2 * x_1; + zz_4 += zz_3 >> 32; + zz_3 &= M; + } + + ulong x_3 = x[xOff + 3]; + ulong zz_5 = zz[zzOff + 5] + (zz_4 >> 32); zz_4 &= M; + ulong zz_6 = zz[zzOff + 6] + (zz_5 >> 32); zz_5 &= M; + { + zz_3 += x_3 * x_0; + w = (uint)zz_3; + zz[zzOff + 3] = (w << 1) | c; + c = w >> 31; + zz_4 += (zz_3 >> 32) + x_3 * x_1; + zz_5 += (zz_4 >> 32) + x_3 * x_2; + zz_4 &= M; + zz_6 += zz_5 >> 32; + zz_5 &= M; + } + + ulong x_4 = x[xOff + 4]; + ulong zz_7 = zz[zzOff + 7] + (zz_6 >> 32); zz_6 &= M; + ulong zz_8 = zz[zzOff + 8] + (zz_7 >> 32); zz_7 &= M; + { + zz_4 += x_4 * x_0; + w = (uint)zz_4; + zz[zzOff + 4] = (w << 1) | c; + c = w >> 31; + zz_5 += (zz_4 >> 32) + x_4 * x_1; + zz_6 += (zz_5 >> 32) + x_4 * x_2; + zz_5 &= M; + zz_7 += (zz_6 >> 32) + x_4 * x_3; + zz_6 &= M; + zz_8 += zz_7 >> 32; + zz_7 &= M; + } + + ulong x_5 = x[xOff + 5]; + ulong zz_9 = zz[zzOff + 9] + (zz_8 >> 32); zz_8 &= M; + ulong zz_10 = zz[zzOff + 10] + (zz_9 >> 32); zz_9 &= M; + { + zz_5 += x_5 * x_0; + w = (uint)zz_5; + zz[zzOff + 5] = (w << 1) | c; + c = w >> 31; + zz_6 += (zz_5 >> 32) + x_5 * x_1; + zz_7 += (zz_6 >> 32) + x_5 * x_2; + zz_6 &= M; + zz_8 += (zz_7 >> 32) + x_5 * x_3; + zz_7 &= M; + zz_9 += (zz_8 >> 32) + x_5 * x_4; + zz_8 &= M; + zz_10 += zz_9 >> 32; + zz_9 &= M; + } + + ulong x_6 = x[xOff + 6]; + ulong zz_11 = zz[zzOff + 11] + (zz_10 >> 32); zz_10 &= M; + ulong zz_12 = zz[zzOff + 12] + (zz_11 >> 32); zz_11 &= M; + { + zz_6 += x_6 * x_0; + w = (uint)zz_6; + zz[zzOff + 6] = (w << 1) | c; + c = w >> 31; + zz_7 += (zz_6 >> 32) + x_6 * x_1; + zz_8 += (zz_7 >> 32) + x_6 * x_2; + zz_7 &= M; + zz_9 += (zz_8 >> 32) + x_6 * x_3; + zz_8 &= M; + zz_10 += (zz_9 >> 32) + x_6 * x_4; + zz_9 &= M; + zz_11 += (zz_10 >> 32) + x_6 * x_5; + zz_10 &= M; + zz_12 += zz_11 >> 32; + zz_11 &= M; + } + + ulong x_7 = x[xOff + 7]; + ulong zz_13 = zz[zzOff + 13] + (zz_12 >> 32); zz_12 &= M; + ulong zz_14 = zz[zzOff + 14] + (zz_13 >> 32); zz_13 &= M; + { + zz_7 += x_7 * x_0; + w = (uint)zz_7; + zz[zzOff + 7] = (w << 1) | c; + c = w >> 31; + zz_8 += (zz_7 >> 32) + x_7 * x_1; + zz_9 += (zz_8 >> 32) + x_7 * x_2; + zz_10 += (zz_9 >> 32) + x_7 * x_3; + zz_11 += (zz_10 >> 32) + x_7 * x_4; + zz_12 += (zz_11 >> 32) + x_7 * x_5; + zz_13 += (zz_12 >> 32) + x_7 * x_6; + zz_14 += zz_13 >> 32; + } + + w = (uint)zz_8; + zz[zzOff + 8] = (w << 1) | c; + c = w >> 31; + w = (uint)zz_9; + zz[zzOff + 9] = (w << 1) | c; + c = w >> 31; + w = (uint)zz_10; + zz[zzOff + 10] = (w << 1) | c; + c = w >> 31; + w = (uint)zz_11; + zz[zzOff + 11] = (w << 1) | c; + c = w >> 31; + w = (uint)zz_12; + zz[zzOff + 12] = (w << 1) | c; + c = w >> 31; + w = (uint)zz_13; + zz[zzOff + 13] = (w << 1) | c; + c = w >> 31; + w = (uint)zz_14; + zz[zzOff + 14] = (w << 1) | c; + c = w >> 31; + w = zz[zzOff + 15] + (uint)(zz_14 >> 32); + zz[zzOff + 15] = (w << 1) | c; + } + + public static int Sub(uint[] x, uint[] y, uint[] z) + { + long c = 0; + c += (long)x[0] - y[0]; + z[0] = (uint)c; + c >>= 32; + c += (long)x[1] - y[1]; + z[1] = (uint)c; + c >>= 32; + c += (long)x[2] - y[2]; + z[2] = (uint)c; + c >>= 32; + c += (long)x[3] - y[3]; + z[3] = (uint)c; + c >>= 32; + c += (long)x[4] - y[4]; + z[4] = (uint)c; + c >>= 32; + c += (long)x[5] - y[5]; + z[5] = (uint)c; + c >>= 32; + c += (long)x[6] - y[6]; + z[6] = (uint)c; + c >>= 32; + c += (long)x[7] - y[7]; + z[7] = (uint)c; + c >>= 32; + return (int)c; + } + + public static int Sub(uint[] x, int xOff, uint[] y, int yOff, uint[] z, int zOff) + { + long c = 0; + c += (long)x[xOff + 0] - y[yOff + 0]; + z[zOff + 0] = (uint)c; + c >>= 32; + c += (long)x[xOff + 1] - y[yOff + 1]; + z[zOff + 1] = (uint)c; + c >>= 32; + c += (long)x[xOff + 2] - y[yOff + 2]; + z[zOff + 2] = (uint)c; + c >>= 32; + c += (long)x[xOff + 3] - y[yOff + 3]; + z[zOff + 3] = (uint)c; + c >>= 32; + c += (long)x[xOff + 4] - y[yOff + 4]; + z[zOff + 4] = (uint)c; + c >>= 32; + c += (long)x[xOff + 5] - y[yOff + 5]; + z[zOff + 5] = (uint)c; + c >>= 32; + c += (long)x[xOff + 6] - y[yOff + 6]; + z[zOff + 6] = (uint)c; + c >>= 32; + c += (long)x[xOff + 7] - y[yOff + 7]; + z[zOff + 7] = (uint)c; + c >>= 32; + return (int)c; + } + + public static int SubBothFrom(uint[] x, uint[] y, uint[] z) + { + long c = 0; + c += (long)z[0] - x[0] - y[0]; + z[0] = (uint)c; + c >>= 32; + c += (long)z[1] - x[1] - y[1]; + z[1] = (uint)c; + c >>= 32; + c += (long)z[2] - x[2] - y[2]; + z[2] = (uint)c; + c >>= 32; + c += (long)z[3] - x[3] - y[3]; + z[3] = (uint)c; + c >>= 32; + c += (long)z[4] - x[4] - y[4]; + z[4] = (uint)c; + c >>= 32; + c += (long)z[5] - x[5] - y[5]; + z[5] = (uint)c; + c >>= 32; + c += (long)z[6] - x[6] - y[6]; + z[6] = (uint)c; + c >>= 32; + c += (long)z[7] - x[7] - y[7]; + z[7] = (uint)c; + c >>= 32; + return (int)c; + } + + public static int SubFrom(uint[] x, uint[] z) + { + long c = 0; + c += (long)z[0] - x[0]; + z[0] = (uint)c; + c >>= 32; + c += (long)z[1] - x[1]; + z[1] = (uint)c; + c >>= 32; + c += (long)z[2] - x[2]; + z[2] = (uint)c; + c >>= 32; + c += (long)z[3] - x[3]; + z[3] = (uint)c; + c >>= 32; + c += (long)z[4] - x[4]; + z[4] = (uint)c; + c >>= 32; + c += (long)z[5] - x[5]; + z[5] = (uint)c; + c >>= 32; + c += (long)z[6] - x[6]; + z[6] = (uint)c; + c >>= 32; + c += (long)z[7] - x[7]; + z[7] = (uint)c; + c >>= 32; + return (int)c; + } + + public static int SubFrom(uint[] x, int xOff, uint[] z, int zOff) + { + long c = 0; + c += (long)z[zOff + 0] - x[xOff + 0]; + z[zOff + 0] = (uint)c; + c >>= 32; + c += (long)z[zOff + 1] - x[xOff + 1]; + z[zOff + 1] = (uint)c; + c >>= 32; + c += (long)z[zOff + 2] - x[xOff + 2]; + z[zOff + 2] = (uint)c; + c >>= 32; + c += (long)z[zOff + 3] - x[xOff + 3]; + z[zOff + 3] = (uint)c; + c >>= 32; + c += (long)z[zOff + 4] - x[xOff + 4]; + z[zOff + 4] = (uint)c; + c >>= 32; + c += (long)z[zOff + 5] - x[xOff + 5]; + z[zOff + 5] = (uint)c; + c >>= 32; + c += (long)z[zOff + 6] - x[xOff + 6]; + z[zOff + 6] = (uint)c; + c >>= 32; + c += (long)z[zOff + 7] - x[xOff + 7]; + z[zOff + 7] = (uint)c; + c >>= 32; + return (int)c; + } + + public static BigInteger ToBigInteger(uint[] x) + { + byte[] bs = new byte[32]; + for (int i = 0; i < 8; ++i) + { + uint x_i = x[i]; + if (x_i != 0) + { + Pack.UInt32_To_BE(x_i, bs, (7 - i) << 2); + } + } + return new BigInteger(1, bs); + } + + public static BigInteger ToBigInteger64(ulong[] x) + { + byte[] bs = new byte[32]; + for (int i = 0; i < 4; ++i) + { + ulong x_i = x[i]; + if (x_i != 0L) + { + Pack.UInt64_To_BE(x_i, bs, (3 - i) << 3); + } + } + return new BigInteger(1, bs); + } + + public static void Zero(uint[] z) + { + z[0] = 0; + z[1] = 0; + z[2] = 0; + z[3] = 0; + z[4] = 0; + z[5] = 0; + z[6] = 0; + z[7] = 0; + } + } +} diff --git a/BouncyCastle/crypto/src/math/raw/Nat320.cs b/BouncyCastle/crypto/src/math/raw/Nat320.cs new file mode 100644 index 0000000..0b250aa --- /dev/null +++ b/BouncyCastle/crypto/src/math/raw/Nat320.cs @@ -0,0 +1,92 @@ +using System; +using System.Diagnostics; + +using Org.BouncyCastle.Crypto.Utilities; + +namespace Org.BouncyCastle.Math.Raw +{ + internal abstract class Nat320 + { + public static void Copy64(ulong[] x, ulong[] z) + { + z[0] = x[0]; + z[1] = x[1]; + z[2] = x[2]; + z[3] = x[3]; + z[4] = x[4]; + } + + public static void Copy64(ulong[] x, int xOff, ulong[] z, int zOff) + { + z[zOff + 0] = x[xOff + 0]; + z[zOff + 1] = x[xOff + 1]; + z[zOff + 2] = x[xOff + 2]; + z[zOff + 3] = x[xOff + 3]; + z[zOff + 4] = x[xOff + 4]; + } + + public static ulong[] Create64() + { + return new ulong[5]; + } + + public static ulong[] CreateExt64() + { + return new ulong[10]; + } + + public static bool Eq64(ulong[] x, ulong[] y) + { + for (int i = 4; i >= 0; --i) + { + if (x[i] != y[i]) + { + return false; + } + } + return true; + } + + public static bool IsOne64(ulong[] x) + { + if (x[0] != 1UL) + { + return false; + } + for (int i = 1; i < 5; ++i) + { + if (x[i] != 0UL) + { + return false; + } + } + return true; + } + + public static bool IsZero64(ulong[] x) + { + for (int i = 0; i < 5; ++i) + { + if (x[i] != 0UL) + { + return false; + } + } + return true; + } + + public static BigInteger ToBigInteger64(ulong[] x) + { + byte[] bs = new byte[40]; + for (int i = 0; i < 5; ++i) + { + ulong x_i = x[i]; + if (x_i != 0L) + { + Pack.UInt64_To_BE(x_i, bs, (4 - i) << 3); + } + } + return new BigInteger(1, bs); + } + } +} diff --git a/BouncyCastle/crypto/src/math/raw/Nat384.cs b/BouncyCastle/crypto/src/math/raw/Nat384.cs new file mode 100644 index 0000000..ed1c47e --- /dev/null +++ b/BouncyCastle/crypto/src/math/raw/Nat384.cs @@ -0,0 +1,46 @@ +using System; +using System.Diagnostics; + +namespace Org.BouncyCastle.Math.Raw +{ + internal abstract class Nat384 + { + public static void Mul(uint[] x, uint[] y, uint[] zz) + { + Nat192.Mul(x, y, zz); + Nat192.Mul(x, 6, y, 6, zz, 12); + + uint c18 = Nat192.AddToEachOther(zz, 6, zz, 12); + uint c12 = c18 + Nat192.AddTo(zz, 0, zz, 6, 0); + c18 += Nat192.AddTo(zz, 18, zz, 12, c12); + + uint[] dx = Nat192.Create(), dy = Nat192.Create(); + bool neg = Nat192.Diff(x, 6, x, 0, dx, 0) != Nat192.Diff(y, 6, y, 0, dy, 0); + + uint[] tt = Nat192.CreateExt(); + Nat192.Mul(dx, dy, tt); + + c18 += neg ? Nat.AddTo(12, tt, 0, zz, 6) : (uint)Nat.SubFrom(12, tt, 0, zz, 6); + Nat.AddWordAt(24, c18, zz, 18); + } + + public static void Square(uint[] x, uint[] zz) + { + Nat192.Square(x, zz); + Nat192.Square(x, 6, zz, 12); + + uint c18 = Nat192.AddToEachOther(zz, 6, zz, 12); + uint c12 = c18 + Nat192.AddTo(zz, 0, zz, 6, 0); + c18 += Nat192.AddTo(zz, 18, zz, 12, c12); + + uint[] dx = Nat192.Create(); + Nat192.Diff(x, 6, x, 0, dx, 0); + + uint[] m = Nat192.CreateExt(); + Nat192.Square(dx, m); + + c18 += (uint)Nat.SubFrom(12, m, 0, zz, 6); + Nat.AddWordAt(24, c18, zz, 18); + } + } +} diff --git a/BouncyCastle/crypto/src/math/raw/Nat448.cs b/BouncyCastle/crypto/src/math/raw/Nat448.cs new file mode 100644 index 0000000..898e331 --- /dev/null +++ b/BouncyCastle/crypto/src/math/raw/Nat448.cs @@ -0,0 +1,134 @@ +using System; +using System.Diagnostics; + +using Org.BouncyCastle.Crypto.Utilities; + +namespace Org.BouncyCastle.Math.Raw +{ + internal abstract class Nat448 + { + public static void Copy64(ulong[] x, ulong[] z) + { + z[0] = x[0]; + z[1] = x[1]; + z[2] = x[2]; + z[3] = x[3]; + z[4] = x[4]; + z[5] = x[5]; + z[6] = x[6]; + } + + public static void Copy64(ulong[] x, int xOff, ulong[] z, int zOff) + { + z[zOff + 0] = x[xOff + 0]; + z[zOff + 1] = x[xOff + 1]; + z[zOff + 2] = x[xOff + 2]; + z[zOff + 3] = x[xOff + 3]; + z[zOff + 4] = x[xOff + 4]; + z[zOff + 5] = x[xOff + 5]; + z[zOff + 6] = x[xOff + 6]; + } + + public static ulong[] Create64() + { + return new ulong[7]; + } + + public static ulong[] CreateExt64() + { + return new ulong[14]; + } + + public static bool Eq64(ulong[] x, ulong[] y) + { + for (int i = 6; i >= 0; --i) + { + if (x[i] != y[i]) + { + return false; + } + } + return true; + } + + public static bool IsOne64(ulong[] x) + { + if (x[0] != 1UL) + { + return false; + } + for (int i = 1; i < 7; ++i) + { + if (x[i] != 0UL) + { + return false; + } + } + return true; + } + + public static bool IsZero64(ulong[] x) + { + for (int i = 0; i < 7; ++i) + { + if (x[i] != 0UL) + { + return false; + } + } + return true; + } + + public static void Mul(uint[] x, uint[] y, uint[] zz) + { + Nat224.Mul(x, y, zz); + Nat224.Mul(x, 7, y, 7, zz, 14); + + uint c21 = Nat224.AddToEachOther(zz, 7, zz, 14); + uint c14 = c21 + Nat224.AddTo(zz, 0, zz, 7, 0); + c21 += Nat224.AddTo(zz, 21, zz, 14, c14); + + uint[] dx = Nat224.Create(), dy = Nat224.Create(); + bool neg = Nat224.Diff(x, 7, x, 0, dx, 0) != Nat224.Diff(y, 7, y, 0, dy, 0); + + uint[] tt = Nat224.CreateExt(); + Nat224.Mul(dx, dy, tt); + + c21 += neg ? Nat.AddTo(14, tt, 0, zz, 7) : (uint)Nat.SubFrom(14, tt, 0, zz, 7); + Nat.AddWordAt(28, c21, zz, 21); + } + + public static void Square(uint[] x, uint[] zz) + { + Nat224.Square(x, zz); + Nat224.Square(x, 7, zz, 14); + + uint c21 = Nat224.AddToEachOther(zz, 7, zz, 14); + uint c14 = c21 + Nat224.AddTo(zz, 0, zz, 7, 0); + c21 += Nat224.AddTo(zz, 21, zz, 14, c14); + + uint[] dx = Nat224.Create(); + Nat224.Diff(x, 7, x, 0, dx, 0); + + uint[] tt = Nat224.CreateExt(); + Nat224.Square(dx, tt); + + c21 += (uint)Nat.SubFrom(14, tt, 0, zz, 7); + Nat.AddWordAt(28, c21, zz, 21); + } + + public static BigInteger ToBigInteger64(ulong[] x) + { + byte[] bs = new byte[56]; + for (int i = 0; i < 7; ++i) + { + ulong x_i = x[i]; + if (x_i != 0L) + { + Pack.UInt64_To_BE(x_i, bs, (6 - i) << 3); + } + } + return new BigInteger(1, bs); + } + } +} diff --git a/BouncyCastle/crypto/src/math/raw/Nat512.cs b/BouncyCastle/crypto/src/math/raw/Nat512.cs new file mode 100644 index 0000000..a9ef2b3 --- /dev/null +++ b/BouncyCastle/crypto/src/math/raw/Nat512.cs @@ -0,0 +1,46 @@ +using System; +using System.Diagnostics; + +namespace Org.BouncyCastle.Math.Raw +{ + internal abstract class Nat512 + { + public static void Mul(uint[] x, uint[] y, uint[] zz) + { + Nat256.Mul(x, y, zz); + Nat256.Mul(x, 8, y, 8, zz, 16); + + uint c24 = Nat256.AddToEachOther(zz, 8, zz, 16); + uint c16 = c24 + Nat256.AddTo(zz, 0, zz, 8, 0); + c24 += Nat256.AddTo(zz, 24, zz, 16, c16); + + uint[] dx = Nat256.Create(), dy = Nat256.Create(); + bool neg = Nat256.Diff(x, 8, x, 0, dx, 0) != Nat256.Diff(y, 8, y, 0, dy, 0); + + uint[] tt = Nat256.CreateExt(); + Nat256.Mul(dx, dy, tt); + + c24 += neg ? Nat.AddTo(16, tt, 0, zz, 8) : (uint)Nat.SubFrom(16, tt, 0, zz, 8); + Nat.AddWordAt(32, c24, zz, 24); + } + + public static void Square(uint[] x, uint[] zz) + { + Nat256.Square(x, zz); + Nat256.Square(x, 8, zz, 16); + + uint c24 = Nat256.AddToEachOther(zz, 8, zz, 16); + uint c16 = c24 + Nat256.AddTo(zz, 0, zz, 8, 0); + c24 += Nat256.AddTo(zz, 24, zz, 16, c16); + + uint[] dx = Nat256.Create(); + Nat256.Diff(x, 8, x, 0, dx, 0); + + uint[] m = Nat256.CreateExt(); + Nat256.Square(dx, m); + + c24 += (uint)Nat.SubFrom(16, m, 0, zz, 8); + Nat.AddWordAt(32, c24, zz, 24); + } + } +} diff --git a/BouncyCastle/crypto/src/math/raw/Nat576.cs b/BouncyCastle/crypto/src/math/raw/Nat576.cs new file mode 100644 index 0000000..174d52b --- /dev/null +++ b/BouncyCastle/crypto/src/math/raw/Nat576.cs @@ -0,0 +1,100 @@ +using System; +using System.Diagnostics; + +using Org.BouncyCastle.Crypto.Utilities; + +namespace Org.BouncyCastle.Math.Raw +{ + internal abstract class Nat576 + { + public static void Copy64(ulong[] x, ulong[] z) + { + z[0] = x[0]; + z[1] = x[1]; + z[2] = x[2]; + z[3] = x[3]; + z[4] = x[4]; + z[5] = x[5]; + z[6] = x[6]; + z[7] = x[7]; + z[8] = x[8]; + } + + public static void Copy64(ulong[] x, int xOff, ulong[] z, int zOff) + { + z[zOff + 0] = x[xOff + 0]; + z[zOff + 1] = x[xOff + 1]; + z[zOff + 2] = x[xOff + 2]; + z[zOff + 3] = x[xOff + 3]; + z[zOff + 4] = x[xOff + 4]; + z[zOff + 5] = x[xOff + 5]; + z[zOff + 6] = x[xOff + 6]; + z[zOff + 7] = x[xOff + 7]; + z[zOff + 8] = x[xOff + 8]; + } + + public static ulong[] Create64() + { + return new ulong[9]; + } + + public static ulong[] CreateExt64() + { + return new ulong[18]; + } + + public static bool Eq64(ulong[] x, ulong[] y) + { + for (int i = 8; i >= 0; --i) + { + if (x[i] != y[i]) + { + return false; + } + } + return true; + } + + public static bool IsOne64(ulong[] x) + { + if (x[0] != 1UL) + { + return false; + } + for (int i = 1; i < 9; ++i) + { + if (x[i] != 0UL) + { + return false; + } + } + return true; + } + + public static bool IsZero64(ulong[] x) + { + for (int i = 0; i < 9; ++i) + { + if (x[i] != 0UL) + { + return false; + } + } + return true; + } + + public static BigInteger ToBigInteger64(ulong[] x) + { + byte[] bs = new byte[72]; + for (int i = 0; i < 9; ++i) + { + ulong x_i = x[i]; + if (x_i != 0L) + { + Pack.UInt64_To_BE(x_i, bs, (8 - i) << 3); + } + } + return new BigInteger(1, bs); + } + } +} diff --git a/BouncyCastle/crypto/src/ocsp/BasicOCSPResp.cs b/BouncyCastle/crypto/src/ocsp/BasicOCSPResp.cs new file mode 100644 index 0000000..e79d556 --- /dev/null +++ b/BouncyCastle/crypto/src/ocsp/BasicOCSPResp.cs @@ -0,0 +1,220 @@ +using System; +using System.Collections; +using System.IO; + +using Org.BouncyCastle.Asn1; +using Org.BouncyCastle.Asn1.Ocsp; +using Org.BouncyCastle.Asn1.X509; +using Org.BouncyCastle.Crypto; +using Org.BouncyCastle.Security; +using Org.BouncyCastle.Security.Certificates; +using Org.BouncyCastle.Utilities; +using Org.BouncyCastle.X509; +using Org.BouncyCastle.X509.Store; + +namespace Org.BouncyCastle.Ocsp +{ + /// + /// + /// BasicOcspResponse ::= SEQUENCE { + /// tbsResponseData ResponseData, + /// signatureAlgorithm AlgorithmIdentifier, + /// signature BIT STRING, + /// certs [0] EXPLICIT SEQUENCE OF Certificate OPTIONAL + /// } + /// + /// + public class BasicOcspResp + : X509ExtensionBase + { + private readonly BasicOcspResponse resp; + private readonly ResponseData data; +// private readonly X509Certificate[] chain; + + public BasicOcspResp( + BasicOcspResponse resp) + { + this.resp = resp; + this.data = resp.TbsResponseData; + } + + /// The DER encoding of the tbsResponseData field. + /// In the event of an encoding error. + public byte[] GetTbsResponseData() + { + try + { + return data.GetDerEncoded(); + } + catch (IOException e) + { + throw new OcspException("problem encoding tbsResponseData", e); + } + } + + public int Version + { + get { return data.Version.IntValueExact + 1; } + } + + public RespID ResponderId + { + get { return new RespID(data.ResponderID); } + } + + public DateTime ProducedAt + { + get { return data.ProducedAt.ToDateTime(); } + } + + public SingleResp[] Responses + { + get + { + Asn1Sequence s = data.Responses; + SingleResp[] rs = new SingleResp[s.Count]; + + for (int i = 0; i != rs.Length; i++) + { + rs[i] = new SingleResp(SingleResponse.GetInstance(s[i])); + } + + return rs; + } + } + + public X509Extensions ResponseExtensions + { + get { return data.ResponseExtensions; } + } + + protected override X509Extensions GetX509Extensions() + { + return ResponseExtensions; + } + + public string SignatureAlgName + { + get { return OcspUtilities.GetAlgorithmName(resp.SignatureAlgorithm.Algorithm); } + } + + public string SignatureAlgOid + { + get { return resp.SignatureAlgorithm.Algorithm.Id; } + } + + [Obsolete("RespData class is no longer required as all functionality is available on this class")] + public RespData GetResponseData() + { + return new RespData(data); + } + + public byte[] GetSignature() + { + return resp.GetSignatureOctets(); + } + + private IList GetCertList() + { + // load the certificates and revocation lists if we have any + + IList certs = Platform.CreateArrayList(); + Asn1Sequence s = resp.Certs; + + if (s != null) + { + foreach (Asn1Encodable ae in s) + { + try + { + certs.Add(new X509CertificateParser().ReadCertificate(ae.GetEncoded())); + } + catch (IOException ex) + { + throw new OcspException("can't re-encode certificate!", ex); + } + catch (CertificateException ex) + { + throw new OcspException("can't re-encode certificate!", ex); + } + } + } + + return certs; + } + + public X509Certificate[] GetCerts() + { + IList certs = GetCertList(); + X509Certificate[] result = new X509Certificate[certs.Count]; + for (int i = 0; i < certs.Count; ++i) + { + result[i] = (X509Certificate)certs[i]; + } + return result; + } + + /// The certificates, if any, associated with the response. + /// In the event of an encoding error. + public IX509Store GetCertificates( + string type) + { + try + { + return X509StoreFactory.Create( + "Certificate/" + type, + new X509CollectionStoreParameters(this.GetCertList())); + } + catch (Exception e) + { + throw new OcspException("can't setup the CertStore", e); + } + } + + /// + /// Verify the signature against the tbsResponseData object we contain. + /// + public bool Verify( + AsymmetricKeyParameter publicKey) + { + try + { + ISigner signature = SignerUtilities.GetSigner(this.SignatureAlgName); + signature.Init(false, publicKey); + byte[] bs = data.GetDerEncoded(); + signature.BlockUpdate(bs, 0, bs.Length); + + return signature.VerifySignature(this.GetSignature()); + } + catch (Exception e) + { + throw new OcspException("exception processing sig: " + e, e); + } + } + + /// The ASN.1 encoded representation of this object. + public byte[] GetEncoded() + { + return resp.GetEncoded(); + } + + public override bool Equals( + object obj) + { + if (obj == this) + return true; + + BasicOcspResp other = obj as BasicOcspResp; + + if (other == null) + return false; + + return resp.Equals(other.resp); + } + + public override int GetHashCode() + { + return resp.GetHashCode(); + } + } +} diff --git a/BouncyCastle/crypto/src/ocsp/BasicOCSPRespGenerator.cs b/BouncyCastle/crypto/src/ocsp/BasicOCSPRespGenerator.cs new file mode 100644 index 0000000..0dd4e0a --- /dev/null +++ b/BouncyCastle/crypto/src/ocsp/BasicOCSPRespGenerator.cs @@ -0,0 +1,313 @@ +using System; +using System.Collections; +using System.IO; + +using Org.BouncyCastle.Asn1; +using Org.BouncyCastle.Asn1.Ocsp; +using Org.BouncyCastle.Asn1.X509; +using Org.BouncyCastle.Crypto; +using Org.BouncyCastle.Security; +using Org.BouncyCastle.Security.Certificates; +using Org.BouncyCastle.Utilities; +using Org.BouncyCastle.X509; +using Org.BouncyCastle.Crypto.Operators; + +namespace Org.BouncyCastle.Ocsp +{ + /** + * Generator for basic OCSP response objects. + */ + public class BasicOcspRespGenerator + { + private readonly IList list = Platform.CreateArrayList(); + + private X509Extensions responseExtensions; + private RespID responderID; + + private class ResponseObject + { + internal CertificateID certId; + internal CertStatus certStatus; + internal DerGeneralizedTime thisUpdate; + internal DerGeneralizedTime nextUpdate; + internal X509Extensions extensions; + + public ResponseObject( + CertificateID certId, + CertificateStatus certStatus, + DateTime thisUpdate, + X509Extensions extensions) + : this(certId, certStatus, new DerGeneralizedTime(thisUpdate), null, extensions) + { + } + + public ResponseObject( + CertificateID certId, + CertificateStatus certStatus, + DateTime thisUpdate, + DateTime nextUpdate, + X509Extensions extensions) + : this(certId, certStatus, new DerGeneralizedTime(thisUpdate), new DerGeneralizedTime(nextUpdate), extensions) + { + } + + private ResponseObject( + CertificateID certId, + CertificateStatus certStatus, + DerGeneralizedTime thisUpdate, + DerGeneralizedTime nextUpdate, + X509Extensions extensions) + { + this.certId = certId; + + if (certStatus == null) + { + this.certStatus = new CertStatus(); + } + else if (certStatus is UnknownStatus) + { + this.certStatus = new CertStatus(2, DerNull.Instance); + } + else + { + RevokedStatus rs = (RevokedStatus) certStatus; + CrlReason revocationReason = rs.HasRevocationReason + ? new CrlReason(rs.RevocationReason) + : null; + + this.certStatus = new CertStatus( + new RevokedInfo(new DerGeneralizedTime(rs.RevocationTime), revocationReason)); + } + + this.thisUpdate = thisUpdate; + this.nextUpdate = nextUpdate; + + this.extensions = extensions; + } + + public SingleResponse ToResponse() + { + return new SingleResponse(certId.ToAsn1Object(), certStatus, thisUpdate, nextUpdate, extensions); + } + } + + /** + * basic constructor + */ + public BasicOcspRespGenerator( + RespID responderID) + { + this.responderID = responderID; + } + + /** + * construct with the responderID to be the SHA-1 keyHash of the passed in public key. + */ + public BasicOcspRespGenerator( + AsymmetricKeyParameter publicKey) + { + this.responderID = new RespID(publicKey); + } + + /** + * Add a response for a particular Certificate ID. + * + * @param certID certificate ID details + * @param certStatus status of the certificate - null if okay + */ + public void AddResponse( + CertificateID certID, + CertificateStatus certStatus) + { + list.Add(new ResponseObject(certID, certStatus, DateTime.UtcNow, null)); + } + + /** + * Add a response for a particular Certificate ID. + * + * @param certID certificate ID details + * @param certStatus status of the certificate - null if okay + * @param singleExtensions optional extensions + */ + public void AddResponse( + CertificateID certID, + CertificateStatus certStatus, + X509Extensions singleExtensions) + { + list.Add(new ResponseObject(certID, certStatus, DateTime.UtcNow, singleExtensions)); + } + + /** + * Add a response for a particular Certificate ID. + * + * @param certID certificate ID details + * @param nextUpdate date when next update should be requested + * @param certStatus status of the certificate - null if okay + * @param singleExtensions optional extensions + */ + public void AddResponse( + CertificateID certID, + CertificateStatus certStatus, + DateTime nextUpdate, + X509Extensions singleExtensions) + { + list.Add(new ResponseObject(certID, certStatus, DateTime.UtcNow, nextUpdate, singleExtensions)); + } + + /** + * Add a response for a particular Certificate ID. + * + * @param certID certificate ID details + * @param thisUpdate date this response was valid on + * @param nextUpdate date when next update should be requested + * @param certStatus status of the certificate - null if okay + * @param singleExtensions optional extensions + */ + public void AddResponse( + CertificateID certID, + CertificateStatus certStatus, + DateTime thisUpdate, + DateTime nextUpdate, + X509Extensions singleExtensions) + { + list.Add(new ResponseObject(certID, certStatus, thisUpdate, nextUpdate, singleExtensions)); + } + + /** + * Set the extensions for the response. + * + * @param responseExtensions the extension object to carry. + */ + public void SetResponseExtensions( + X509Extensions responseExtensions) + { + this.responseExtensions = responseExtensions; + } + + private BasicOcspResp GenerateResponse( + ISignatureFactory signatureCalculator, + X509Certificate[] chain, + DateTime producedAt) + { + AlgorithmIdentifier signingAlgID = (AlgorithmIdentifier)signatureCalculator.AlgorithmDetails; + DerObjectIdentifier signingAlgorithm = signingAlgID.Algorithm; + + Asn1EncodableVector responses = new Asn1EncodableVector(); + + foreach (ResponseObject respObj in list) + { + try + { + responses.Add(respObj.ToResponse()); + } + catch (Exception e) + { + throw new OcspException("exception creating Request", e); + } + } + + ResponseData tbsResp = new ResponseData(responderID.ToAsn1Object(), new DerGeneralizedTime(producedAt), new DerSequence(responses), responseExtensions); + DerBitString bitSig = null; + + try + { + IStreamCalculator streamCalculator = signatureCalculator.CreateCalculator(); + + byte[] encoded = tbsResp.GetDerEncoded(); + + streamCalculator.Stream.Write(encoded, 0, encoded.Length); + + Platform.Dispose(streamCalculator.Stream); + + bitSig = new DerBitString(((IBlockResult)streamCalculator.GetResult()).Collect()); + } + catch (Exception e) + { + throw new OcspException("exception processing TBSRequest: " + e, e); + } + + AlgorithmIdentifier sigAlgId = OcspUtilities.GetSigAlgID(signingAlgorithm); + + DerSequence chainSeq = null; + if (chain != null && chain.Length > 0) + { + Asn1EncodableVector v = new Asn1EncodableVector(); + try + { + for (int i = 0; i != chain.Length; i++) + { + v.Add( + X509CertificateStructure.GetInstance( + Asn1Object.FromByteArray(chain[i].GetEncoded()))); + } + } + catch (IOException e) + { + throw new OcspException("error processing certs", e); + } + catch (CertificateEncodingException e) + { + throw new OcspException("error encoding certs", e); + } + + chainSeq = new DerSequence(v); + } + + return new BasicOcspResp(new BasicOcspResponse(tbsResp, sigAlgId, bitSig, chainSeq)); + } + + public BasicOcspResp Generate( + string signingAlgorithm, + AsymmetricKeyParameter privateKey, + X509Certificate[] chain, + DateTime thisUpdate) + { + return Generate(signingAlgorithm, privateKey, chain, thisUpdate, null); + } + + public BasicOcspResp Generate( + string signingAlgorithm, + AsymmetricKeyParameter privateKey, + X509Certificate[] chain, + DateTime producedAt, + SecureRandom random) + { + if (signingAlgorithm == null) + { + throw new ArgumentException("no signing algorithm specified"); + } + + return GenerateResponse(new Asn1SignatureFactory(signingAlgorithm, privateKey, random), chain, producedAt); + } + + /// + /// Generate the signed response using the passed in signature calculator. + /// + /// Implementation of signing calculator factory. + /// The certificate chain associated with the response signer. + /// "produced at" date. + /// + public BasicOcspResp Generate( + ISignatureFactory signatureCalculatorFactory, + X509Certificate[] chain, + DateTime producedAt) + { + if (signatureCalculatorFactory == null) + { + throw new ArgumentException("no signature calculator specified"); + } + + return GenerateResponse(signatureCalculatorFactory, chain, producedAt); + } + + /** + * Return an IEnumerable of the signature names supported by the generator. + * + * @return an IEnumerable containing recognised names. + */ + public IEnumerable SignatureAlgNames + { + get { return OcspUtilities.AlgNames; } + } + } +} diff --git a/BouncyCastle/crypto/src/ocsp/CertificateID.cs b/BouncyCastle/crypto/src/ocsp/CertificateID.cs new file mode 100644 index 0000000..ec902d5 --- /dev/null +++ b/BouncyCastle/crypto/src/ocsp/CertificateID.cs @@ -0,0 +1,141 @@ +using System; + +using Org.BouncyCastle.Asn1; +using Org.BouncyCastle.Asn1.Ocsp; +using Org.BouncyCastle.Asn1.X509; +using Org.BouncyCastle.Crypto; +using Org.BouncyCastle.Math; +using Org.BouncyCastle.Security; +using Org.BouncyCastle.X509; + +namespace Org.BouncyCastle.Ocsp +{ + public class CertificateID + { + public const string HashSha1 = "1.3.14.3.2.26"; + + private readonly CertID id; + + public CertificateID( + CertID id) + { + if (id == null) + throw new ArgumentNullException("id"); + + this.id = id; + } + + /** + * create from an issuer certificate and the serial number of the + * certificate it signed. + * @exception OcspException if any problems occur creating the id fields. + */ + public CertificateID( + string hashAlgorithm, + X509Certificate issuerCert, + BigInteger serialNumber) + { + AlgorithmIdentifier hashAlg = new AlgorithmIdentifier( + new DerObjectIdentifier(hashAlgorithm), DerNull.Instance); + + this.id = CreateCertID(hashAlg, issuerCert, new DerInteger(serialNumber)); + } + + public string HashAlgOid + { + get { return id.HashAlgorithm.Algorithm.Id; } + } + + public byte[] GetIssuerNameHash() + { + return id.IssuerNameHash.GetOctets(); + } + + public byte[] GetIssuerKeyHash() + { + return id.IssuerKeyHash.GetOctets(); + } + + /** + * return the serial number for the certificate associated + * with this request. + */ + public BigInteger SerialNumber + { + get { return id.SerialNumber.Value; } + } + + public bool MatchesIssuer( + X509Certificate issuerCert) + { + return CreateCertID(id.HashAlgorithm, issuerCert, id.SerialNumber).Equals(id); + } + + public CertID ToAsn1Object() + { + return id; + } + + public override bool Equals( + object obj) + { + if (obj == this) + return true; + + CertificateID other = obj as CertificateID; + + if (other == null) + return false; + + return id.ToAsn1Object().Equals(other.id.ToAsn1Object()); + } + + public override int GetHashCode() + { + return id.ToAsn1Object().GetHashCode(); + } + + + /** + * Create a new CertificateID for a new serial number derived from a previous one + * calculated for the same CA certificate. + * + * @param original the previously calculated CertificateID for the CA. + * @param newSerialNumber the serial number for the new certificate of interest. + * + * @return a new CertificateID for newSerialNumber + */ + public static CertificateID DeriveCertificateID(CertificateID original, BigInteger newSerialNumber) + { + return new CertificateID(new CertID(original.id.HashAlgorithm, original.id.IssuerNameHash, + original.id.IssuerKeyHash, new DerInteger(newSerialNumber))); + } + + private static CertID CreateCertID( + AlgorithmIdentifier hashAlg, + X509Certificate issuerCert, + DerInteger serialNumber) + { + try + { + String hashAlgorithm = hashAlg.Algorithm.Id; + + X509Name issuerName = PrincipalUtilities.GetSubjectX509Principal(issuerCert); + byte[] issuerNameHash = DigestUtilities.CalculateDigest( + hashAlgorithm, issuerName.GetEncoded()); + + AsymmetricKeyParameter issuerKey = issuerCert.GetPublicKey(); + SubjectPublicKeyInfo info = SubjectPublicKeyInfoFactory.CreateSubjectPublicKeyInfo(issuerKey); + byte[] issuerKeyHash = DigestUtilities.CalculateDigest( + hashAlgorithm, info.PublicKeyData.GetBytes()); + + return new CertID(hashAlg, new DerOctetString(issuerNameHash), + new DerOctetString(issuerKeyHash), serialNumber); + } + catch (Exception e) + { + throw new OcspException("problem creating ID: " + e, e); + } + } + } +} diff --git a/BouncyCastle/crypto/src/ocsp/CertificateStatus.cs b/BouncyCastle/crypto/src/ocsp/CertificateStatus.cs new file mode 100644 index 0000000..edfcc25 --- /dev/null +++ b/BouncyCastle/crypto/src/ocsp/CertificateStatus.cs @@ -0,0 +1,9 @@ +using System; + +namespace Org.BouncyCastle.Ocsp +{ + public abstract class CertificateStatus + { + public static readonly CertificateStatus Good = null; + } +} diff --git a/BouncyCastle/crypto/src/ocsp/OCSPException.cs b/BouncyCastle/crypto/src/ocsp/OCSPException.cs new file mode 100644 index 0000000..d7b14dd --- /dev/null +++ b/BouncyCastle/crypto/src/ocsp/OCSPException.cs @@ -0,0 +1,28 @@ +using System; + +namespace Org.BouncyCastle.Ocsp +{ +#if !(NETCF_1_0 || NETCF_2_0 || SILVERLIGHT || PORTABLE) + [Serializable] +#endif + public class OcspException + : Exception + { + public OcspException() + { + } + + public OcspException( + string message) + : base(message) + { + } + + public OcspException( + string message, + Exception e) + : base(message, e) + { + } + } +} diff --git a/BouncyCastle/crypto/src/ocsp/OCSPReq.cs b/BouncyCastle/crypto/src/ocsp/OCSPReq.cs new file mode 100644 index 0000000..5408f06 --- /dev/null +++ b/BouncyCastle/crypto/src/ocsp/OCSPReq.cs @@ -0,0 +1,268 @@ +using System; +using System.Collections; +using System.IO; + +using Org.BouncyCastle.Asn1; +using Org.BouncyCastle.Asn1.Ocsp; +using Org.BouncyCastle.Asn1.X509; +using Org.BouncyCastle.Crypto; +using Org.BouncyCastle.Security; +using Org.BouncyCastle.Security.Certificates; +using Org.BouncyCastle.Utilities; +using Org.BouncyCastle.X509; +using Org.BouncyCastle.X509.Store; + +namespace Org.BouncyCastle.Ocsp +{ + /** + * 
    +	 * OcspRequest     ::=     SEQUENCE {
+	 *       tbsRequest                  TBSRequest,
+	 *       optionalSignature   [0]     EXPLICIT Signature OPTIONAL }
+	 *
+	 *   TBSRequest      ::=     SEQUENCE {
+	 *       version             [0]     EXPLICIT Version DEFAULT v1,
+	 *       requestorName       [1]     EXPLICIT GeneralName OPTIONAL,
+	 *       requestList                 SEQUENCE OF Request,
+	 *       requestExtensions   [2]     EXPLICIT Extensions OPTIONAL }
+	 *
+	 *   Signature       ::=     SEQUENCE {
+	 *       signatureAlgorithm      AlgorithmIdentifier,
+	 *       signature               BIT STRING,
+	 *       certs               [0] EXPLICIT SEQUENCE OF Certificate OPTIONAL}
+	 *
+	 *   Version         ::=             INTEGER  {  v1(0) }
+	 *
+	 *   Request         ::=     SEQUENCE {
+	 *       reqCert                     CertID,
+	 *       singleRequestExtensions     [0] EXPLICIT Extensions OPTIONAL }
+	 *
+	 *   CertID          ::=     SEQUENCE {
+	 *       hashAlgorithm       AlgorithmIdentifier,
+	 *       issuerNameHash      OCTET STRING, -- Hash of Issuer's DN
+	 *       issuerKeyHash       OCTET STRING, -- Hash of Issuers public key
+	 *       serialNumber        CertificateSerialNumber }
+	 *
    + */ + public class OcspReq + : X509ExtensionBase + { + private OcspRequest req; + + public OcspReq( + OcspRequest req) + { + this.req = req; + } + + public OcspReq( + byte[] req) + : this(new Asn1InputStream(req)) + { + } + + public OcspReq( + Stream inStr) + : this(new Asn1InputStream(inStr)) + { + } + + private OcspReq( + Asn1InputStream aIn) + { + try + { + this.req = OcspRequest.GetInstance(aIn.ReadObject()); + } + catch (ArgumentException e) + { + throw new IOException("malformed request: " + e.Message); + } + catch (InvalidCastException e) + { + throw new IOException("malformed request: " + e.Message); + } + } + + /** + * Return the DER encoding of the tbsRequest field. + * @return DER encoding of tbsRequest + * @throws OcspException in the event of an encoding error. + */ + public byte[] GetTbsRequest() + { + try + { + return req.TbsRequest.GetEncoded(); + } + catch (IOException e) + { + throw new OcspException("problem encoding tbsRequest", e); + } + } + + public int Version + { + get { return req.TbsRequest.Version.IntValueExact + 1; } + } + + public GeneralName RequestorName + { + get { return GeneralName.GetInstance(req.TbsRequest.RequestorName); } + } + + public Req[] GetRequestList() + { + Asn1Sequence seq = req.TbsRequest.RequestList; + Req[] requests = new Req[seq.Count]; + + for (int i = 0; i != requests.Length; i++) + { + requests[i] = new Req(Request.GetInstance(seq[i])); + } + + return requests; + } + + public X509Extensions RequestExtensions + { + get { return X509Extensions.GetInstance(req.TbsRequest.RequestExtensions); } + } + + protected override X509Extensions GetX509Extensions() + { + return RequestExtensions; + } + + /** + * return the object identifier representing the signature algorithm + */ + public string SignatureAlgOid + { + get + { + if (!this.IsSigned) + return null; + + return req.OptionalSignature.SignatureAlgorithm.Algorithm.Id; + } + } + + public byte[] GetSignature() + { + if (!this.IsSigned) + return null; + + return req.OptionalSignature.GetSignatureOctets(); + } + + private IList GetCertList() + { + // load the certificates if we have any + + IList certs = Platform.CreateArrayList(); + Asn1Sequence s = req.OptionalSignature.Certs; + + if (s != null) + { + foreach (Asn1Encodable ae in s) + { + try + { + certs.Add(new X509CertificateParser().ReadCertificate(ae.GetEncoded())); + } + catch (Exception e) + { + throw new OcspException("can't re-encode certificate!", e); + } + } + } + + return certs; + } + + public X509Certificate[] GetCerts() + { + if (!this.IsSigned) + return null; + + IList certs = this.GetCertList(); + X509Certificate[] result = new X509Certificate[certs.Count]; + for (int i = 0; i < certs.Count; ++i) + { + result[i] = (X509Certificate)certs[i]; + } + return result; + } + + /** + * If the request is signed return a possibly empty CertStore containing the certificates in the + * request. If the request is not signed the method returns null. + * + * @return null if not signed, a CertStore otherwise + * @throws OcspException + */ + public IX509Store GetCertificates( + string type) + { + if (!this.IsSigned) + return null; + + try + { + return X509StoreFactory.Create( + "Certificate/" + type, + new X509CollectionStoreParameters(this.GetCertList())); + } + catch (Exception e) + { + throw new OcspException("can't setup the CertStore", e); + } + } + + /** + * Return whether or not this request is signed. + * + * @return true if signed false otherwise. + */ + public bool IsSigned + { + get { return req.OptionalSignature != null; } + } + + /** + * Verify the signature against the TBSRequest object we contain. + */ + public bool Verify( + AsymmetricKeyParameter publicKey) + { + if (!this.IsSigned) + throw new OcspException("attempt to Verify signature on unsigned object"); + + try + { + ISigner signature = SignerUtilities.GetSigner(this.SignatureAlgOid); + + signature.Init(false, publicKey); + + byte[] encoded = req.TbsRequest.GetEncoded(); + + signature.BlockUpdate(encoded, 0, encoded.Length); + + return signature.VerifySignature(this.GetSignature()); + } + catch (Exception e) + { + throw new OcspException("exception processing sig: " + e, e); + } + } + + /** + * return the ASN.1 encoded representation of this object. + */ + public byte[] GetEncoded() + { + return req.GetEncoded(); + } + } +} diff --git a/BouncyCastle/crypto/src/ocsp/OCSPReqGenerator.cs b/BouncyCastle/crypto/src/ocsp/OCSPReqGenerator.cs new file mode 100644 index 0000000..8032a45 --- /dev/null +++ b/BouncyCastle/crypto/src/ocsp/OCSPReqGenerator.cs @@ -0,0 +1,243 @@ +using System; +using System.Collections; +using System.IO; + +using Org.BouncyCastle.Asn1; +using Org.BouncyCastle.Asn1.Ocsp; +using Org.BouncyCastle.Asn1.X509; +using Org.BouncyCastle.Crypto; +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Security; +using Org.BouncyCastle.Security.Certificates; +using Org.BouncyCastle.Utilities; +using Org.BouncyCastle.X509; + +namespace Org.BouncyCastle.Ocsp +{ + public class OcspReqGenerator + { + private IList list = Platform.CreateArrayList(); + private GeneralName requestorName = null; + private X509Extensions requestExtensions = null; + + private class RequestObject + { + internal CertificateID certId; + internal X509Extensions extensions; + + public RequestObject( + CertificateID certId, + X509Extensions extensions) + { + this.certId = certId; + this.extensions = extensions; + } + + public Request ToRequest() + { + return new Request(certId.ToAsn1Object(), extensions); + } + } + + /** + * Add a request for the given CertificateID. + * + * @param certId certificate ID of interest + */ + public void AddRequest( + CertificateID certId) + { + list.Add(new RequestObject(certId, null)); + } + + /** + * Add a request with extensions + * + * @param certId certificate ID of interest + * @param singleRequestExtensions the extensions to attach to the request + */ + public void AddRequest( + CertificateID certId, + X509Extensions singleRequestExtensions) + { + list.Add(new RequestObject(certId, singleRequestExtensions)); + } + + /** + * Set the requestor name to the passed in X509Principal + * + * @param requestorName a X509Principal representing the requestor name. + */ + public void SetRequestorName( + X509Name requestorName) + { + try + { + this.requestorName = new GeneralName(GeneralName.DirectoryName, requestorName); + } + catch (Exception e) + { + throw new ArgumentException("cannot encode principal", e); + } + } + + public void SetRequestorName( + GeneralName requestorName) + { + this.requestorName = requestorName; + } + + public void SetRequestExtensions( + X509Extensions requestExtensions) + { + this.requestExtensions = requestExtensions; + } + + private OcspReq GenerateRequest( + DerObjectIdentifier signingAlgorithm, + AsymmetricKeyParameter privateKey, + X509Certificate[] chain, + SecureRandom random) + { + Asn1EncodableVector requests = new Asn1EncodableVector(); + + foreach (RequestObject reqObj in list) + { + try + { + requests.Add(reqObj.ToRequest()); + } + catch (Exception e) + { + throw new OcspException("exception creating Request", e); + } + } + + TbsRequest tbsReq = new TbsRequest(requestorName, new DerSequence(requests), requestExtensions); + + ISigner sig = null; + Signature signature = null; + + if (signingAlgorithm != null) + { + if (requestorName == null) + { + throw new OcspException("requestorName must be specified if request is signed."); + } + + try + { + sig = SignerUtilities.GetSigner(signingAlgorithm.Id); + if (random != null) + { + sig.Init(true, new ParametersWithRandom(privateKey, random)); + } + else + { + sig.Init(true, privateKey); + } + } + catch (Exception e) + { + throw new OcspException("exception creating signature: " + e, e); + } + + DerBitString bitSig = null; + + try + { + byte[] encoded = tbsReq.GetEncoded(); + sig.BlockUpdate(encoded, 0, encoded.Length); + + bitSig = new DerBitString(sig.GenerateSignature()); + } + catch (Exception e) + { + throw new OcspException("exception processing TBSRequest: " + e, e); + } + + AlgorithmIdentifier sigAlgId = new AlgorithmIdentifier(signingAlgorithm, DerNull.Instance); + + if (chain != null && chain.Length > 0) + { + Asn1EncodableVector v = new Asn1EncodableVector(); + try + { + for (int i = 0; i != chain.Length; i++) + { + v.Add( + X509CertificateStructure.GetInstance( + Asn1Object.FromByteArray(chain[i].GetEncoded()))); + } + } + catch (IOException e) + { + throw new OcspException("error processing certs", e); + } + catch (CertificateEncodingException e) + { + throw new OcspException("error encoding certs", e); + } + + signature = new Signature(sigAlgId, bitSig, new DerSequence(v)); + } + else + { + signature = new Signature(sigAlgId, bitSig); + } + } + + return new OcspReq(new OcspRequest(tbsReq, signature)); + } + + /** + * Generate an unsigned request + * + * @return the OcspReq + * @throws OcspException + */ + public OcspReq Generate() + { + return GenerateRequest(null, null, null, null); + } + + public OcspReq Generate( + string signingAlgorithm, + AsymmetricKeyParameter privateKey, + X509Certificate[] chain) + { + return Generate(signingAlgorithm, privateKey, chain, null); + } + + public OcspReq Generate( + string signingAlgorithm, + AsymmetricKeyParameter privateKey, + X509Certificate[] chain, + SecureRandom random) + { + if (signingAlgorithm == null) + throw new ArgumentException("no signing algorithm specified"); + + try + { + DerObjectIdentifier oid = OcspUtilities.GetAlgorithmOid(signingAlgorithm); + + return GenerateRequest(oid, privateKey, chain, random); + } + catch (ArgumentException) + { + throw new ArgumentException("unknown signing algorithm specified: " + signingAlgorithm); + } + } + + /** + * Return an IEnumerable of the signature names supported by the generator. + * + * @return an IEnumerable containing recognised names. + */ + public IEnumerable SignatureAlgNames + { + get { return OcspUtilities.AlgNames; } + } + } +} diff --git a/BouncyCastle/crypto/src/ocsp/OCSPResp.cs b/BouncyCastle/crypto/src/ocsp/OCSPResp.cs new file mode 100644 index 0000000..1e65b2f --- /dev/null +++ b/BouncyCastle/crypto/src/ocsp/OCSPResp.cs @@ -0,0 +1,100 @@ +using System; +using System.IO; + +using Org.BouncyCastle.Asn1; +using Org.BouncyCastle.Asn1.Ocsp; + +namespace Org.BouncyCastle.Ocsp +{ + public class OcspResp + { + private OcspResponse resp; + + public OcspResp( + OcspResponse resp) + { + this.resp = resp; + } + + public OcspResp( + byte[] resp) + : this(new Asn1InputStream(resp)) + { + } + + public OcspResp( + Stream inStr) + : this(new Asn1InputStream(inStr)) + { + } + + private OcspResp( + Asn1InputStream aIn) + { + try + { + this.resp = OcspResponse.GetInstance(aIn.ReadObject()); + } + catch (Exception e) + { + throw new IOException("malformed response: " + e.Message, e); + } + } + + public int Status + { + get { return this.resp.ResponseStatus.IntValueExact; } + } + + public object GetResponseObject() + { + ResponseBytes rb = this.resp.ResponseBytes; + + if (rb == null) + return null; + + if (rb.ResponseType.Equals(OcspObjectIdentifiers.PkixOcspBasic)) + { + try + { + return new BasicOcspResp( + BasicOcspResponse.GetInstance( + Asn1Object.FromByteArray(rb.Response.GetOctets()))); + } + catch (Exception e) + { + throw new OcspException("problem decoding object: " + e, e); + } + } + + return rb.Response; + } + + /** + * return the ASN.1 encoded representation of this object. + */ + public byte[] GetEncoded() + { + return resp.GetEncoded(); + } + + public override bool Equals( + object obj) + { + if (obj == this) + return true; + + OcspResp other = obj as OcspResp; + + if (other == null) + return false; + + return resp.Equals(other.resp); + } + + public override int GetHashCode() + { + return resp.GetHashCode(); + } + } +} diff --git a/BouncyCastle/crypto/src/ocsp/OCSPRespGenerator.cs b/BouncyCastle/crypto/src/ocsp/OCSPRespGenerator.cs new file mode 100644 index 0000000..e0eb9ae --- /dev/null +++ b/BouncyCastle/crypto/src/ocsp/OCSPRespGenerator.cs @@ -0,0 +1,54 @@ +using System; + +using Org.BouncyCastle.Asn1; +using Org.BouncyCastle.Asn1.Ocsp; + +namespace Org.BouncyCastle.Ocsp +{ + /** + * base generator for an OCSP response - at the moment this only supports the + * generation of responses containing BasicOCSP responses. + */ + public class OCSPRespGenerator + { + public const int Successful = 0; // Response has valid confirmations + public const int MalformedRequest = 1; // Illegal confirmation request + public const int InternalError = 2; // Internal error in issuer + public const int TryLater = 3; // Try again later + // (4) is not used + public const int SigRequired = 5; // Must sign the request + public const int Unauthorized = 6; // Request unauthorized + + public OcspResp Generate( + int status, + object response) + { + if (response == null) + { + return new OcspResp(new OcspResponse(new OcspResponseStatus(status),null)); + } + if (response is BasicOcspResp) + { + BasicOcspResp r = (BasicOcspResp)response; + Asn1OctetString octs; + + try + { + octs = new DerOctetString(r.GetEncoded()); + } + catch (Exception e) + { + throw new OcspException("can't encode object.", e); + } + + ResponseBytes rb = new ResponseBytes( + OcspObjectIdentifiers.PkixOcspBasic, octs); + + return new OcspResp(new OcspResponse( + new OcspResponseStatus(status), rb)); + } + + throw new OcspException("unknown response object"); + } + } +} diff --git a/BouncyCastle/crypto/src/ocsp/OCSPRespStatus.cs b/BouncyCastle/crypto/src/ocsp/OCSPRespStatus.cs new file mode 100644 index 0000000..9c00c70 --- /dev/null +++ b/BouncyCastle/crypto/src/ocsp/OCSPRespStatus.cs @@ -0,0 +1,22 @@ +using System; + +namespace Org.BouncyCastle.Ocsp +{ + [Obsolete("Use version with correct spelling 'OcspRespStatus'")] + public abstract class OcscpRespStatus : OcspRespStatus + { + } + + public abstract class OcspRespStatus + { + /** + * note 4 is not used. + */ + public const int Successful = 0; // --Response has valid confirmations + public const int MalformedRequest = 1; // --Illegal confirmation request + public const int InternalError = 2; // --Internal error in issuer + public const int TryLater = 3; // --Try again later + public const int SigRequired = 5; // --Must sign the request + public const int Unauthorized = 6; // --Request unauthorized + } +} diff --git a/BouncyCastle/crypto/src/ocsp/OCSPUtil.cs b/BouncyCastle/crypto/src/ocsp/OCSPUtil.cs new file mode 100644 index 0000000..e45b31b --- /dev/null +++ b/BouncyCastle/crypto/src/ocsp/OCSPUtil.cs @@ -0,0 +1,157 @@ +using System; +using System.Collections; + +using Org.BouncyCastle.Asn1; +using Org.BouncyCastle.Asn1.CryptoPro; +using Org.BouncyCastle.Asn1.Nist; +using Org.BouncyCastle.Asn1.Oiw; +using Org.BouncyCastle.Asn1.Pkcs; +using Org.BouncyCastle.Asn1.TeleTrust; +using Org.BouncyCastle.Asn1.X509; +using Org.BouncyCastle.Asn1.X9; +using Org.BouncyCastle.Utilities; +using Org.BouncyCastle.Utilities.Collections; + +namespace Org.BouncyCastle.Ocsp +{ + class OcspUtilities + { + private static readonly IDictionary algorithms = Platform.CreateHashtable(); + private static readonly IDictionary oids = Platform.CreateHashtable(); + private static readonly ISet noParams = new HashSet(); + + static OcspUtilities() + { + algorithms.Add("MD2WITHRSAENCRYPTION", PkcsObjectIdentifiers.MD2WithRsaEncryption); + algorithms.Add("MD2WITHRSA", PkcsObjectIdentifiers.MD2WithRsaEncryption); + algorithms.Add("MD5WITHRSAENCRYPTION", PkcsObjectIdentifiers.MD5WithRsaEncryption); + algorithms.Add("MD5WITHRSA", PkcsObjectIdentifiers.MD5WithRsaEncryption); + algorithms.Add("SHA1WITHRSAENCRYPTION", PkcsObjectIdentifiers.Sha1WithRsaEncryption); + algorithms.Add("SHA-1WITHRSAENCRYPTION", PkcsObjectIdentifiers.Sha1WithRsaEncryption); + algorithms.Add("SHA1WITHRSA", PkcsObjectIdentifiers.Sha1WithRsaEncryption); + algorithms.Add("SHA-1WITHRSA", PkcsObjectIdentifiers.Sha1WithRsaEncryption); + algorithms.Add("SHA224WITHRSAENCRYPTION", PkcsObjectIdentifiers.Sha224WithRsaEncryption); + algorithms.Add("SHA-224WITHRSAENCRYPTION", PkcsObjectIdentifiers.Sha224WithRsaEncryption); + algorithms.Add("SHA224WITHRSA", PkcsObjectIdentifiers.Sha224WithRsaEncryption); + algorithms.Add("SHA-224WITHRSA", PkcsObjectIdentifiers.Sha224WithRsaEncryption); + algorithms.Add("SHA256WITHRSAENCRYPTION", PkcsObjectIdentifiers.Sha256WithRsaEncryption); + algorithms.Add("SHA-256WITHRSAENCRYPTION", PkcsObjectIdentifiers.Sha256WithRsaEncryption); + algorithms.Add("SHA256WITHRSA", PkcsObjectIdentifiers.Sha256WithRsaEncryption); + algorithms.Add("SHA-256WITHRSA", PkcsObjectIdentifiers.Sha256WithRsaEncryption); + algorithms.Add("SHA384WITHRSAENCRYPTION", PkcsObjectIdentifiers.Sha384WithRsaEncryption); + algorithms.Add("SHA-384WITHRSAENCRYPTION", PkcsObjectIdentifiers.Sha384WithRsaEncryption); + algorithms.Add("SHA384WITHRSA", PkcsObjectIdentifiers.Sha384WithRsaEncryption); + algorithms.Add("SHA-384WITHRSA", PkcsObjectIdentifiers.Sha384WithRsaEncryption); + algorithms.Add("SHA512WITHRSAENCRYPTION", PkcsObjectIdentifiers.Sha512WithRsaEncryption); + algorithms.Add("SHA-512WITHRSAENCRYPTION", PkcsObjectIdentifiers.Sha512WithRsaEncryption); + algorithms.Add("SHA512WITHRSA", PkcsObjectIdentifiers.Sha512WithRsaEncryption); + algorithms.Add("SHA-512WITHRSA", PkcsObjectIdentifiers.Sha512WithRsaEncryption); + algorithms.Add("SHA512(224)WITHRSAENCRYPTION", PkcsObjectIdentifiers.Sha512_224WithRSAEncryption); + algorithms.Add("SHA-512(224)WITHRSAENCRYPTION", PkcsObjectIdentifiers.Sha512_224WithRSAEncryption); + algorithms.Add("SHA512(224)WITHRSA", PkcsObjectIdentifiers.Sha512_224WithRSAEncryption); + algorithms.Add("SHA-512(224)WITHRSA", PkcsObjectIdentifiers.Sha512_224WithRSAEncryption); + algorithms.Add("SHA512(256)WITHRSAENCRYPTION", PkcsObjectIdentifiers.Sha512_256WithRSAEncryption); + algorithms.Add("SHA-512(256)WITHRSAENCRYPTION", PkcsObjectIdentifiers.Sha512_256WithRSAEncryption); + algorithms.Add("SHA512(256)WITHRSA", PkcsObjectIdentifiers.Sha512_256WithRSAEncryption); + algorithms.Add("SHA-512(256)WITHRSA", PkcsObjectIdentifiers.Sha512_256WithRSAEncryption); + algorithms.Add("RIPEMD160WITHRSAENCRYPTION", TeleTrusTObjectIdentifiers.RsaSignatureWithRipeMD160); + algorithms.Add("RIPEMD160WITHRSA", TeleTrusTObjectIdentifiers.RsaSignatureWithRipeMD160); + algorithms.Add("RIPEMD128WITHRSAENCRYPTION", TeleTrusTObjectIdentifiers.RsaSignatureWithRipeMD128); + algorithms.Add("RIPEMD128WITHRSA", TeleTrusTObjectIdentifiers.RsaSignatureWithRipeMD128); + algorithms.Add("RIPEMD256WITHRSAENCRYPTION", TeleTrusTObjectIdentifiers.RsaSignatureWithRipeMD256); + algorithms.Add("RIPEMD256WITHRSA", TeleTrusTObjectIdentifiers.RsaSignatureWithRipeMD256); + algorithms.Add("SHA1WITHDSA", X9ObjectIdentifiers.IdDsaWithSha1); + algorithms.Add("DSAWITHSHA1", X9ObjectIdentifiers.IdDsaWithSha1); + algorithms.Add("SHA224WITHDSA", NistObjectIdentifiers.DsaWithSha224); + algorithms.Add("SHA256WITHDSA", NistObjectIdentifiers.DsaWithSha256); + algorithms.Add("SHA1WITHECDSA", X9ObjectIdentifiers.ECDsaWithSha1); + algorithms.Add("ECDSAWITHSHA1", X9ObjectIdentifiers.ECDsaWithSha1); + algorithms.Add("SHA224WITHECDSA", X9ObjectIdentifiers.ECDsaWithSha224); + algorithms.Add("SHA256WITHECDSA", X9ObjectIdentifiers.ECDsaWithSha256); + algorithms.Add("SHA384WITHECDSA", X9ObjectIdentifiers.ECDsaWithSha384); + algorithms.Add("SHA512WITHECDSA", X9ObjectIdentifiers.ECDsaWithSha512); + algorithms.Add("GOST3411WITHGOST3410", CryptoProObjectIdentifiers.GostR3411x94WithGostR3410x94); + algorithms.Add("GOST3411WITHGOST3410-94", CryptoProObjectIdentifiers.GostR3411x94WithGostR3410x94); + + oids.Add(PkcsObjectIdentifiers.MD2WithRsaEncryption, "MD2WITHRSA"); + oids.Add(PkcsObjectIdentifiers.MD5WithRsaEncryption, "MD5WITHRSA"); + oids.Add(PkcsObjectIdentifiers.Sha1WithRsaEncryption, "SHA1WITHRSA"); + oids.Add(PkcsObjectIdentifiers.Sha224WithRsaEncryption, "SHA224WITHRSA"); + oids.Add(PkcsObjectIdentifiers.Sha256WithRsaEncryption, "SHA256WITHRSA"); + oids.Add(PkcsObjectIdentifiers.Sha384WithRsaEncryption, "SHA384WITHRSA"); + oids.Add(PkcsObjectIdentifiers.Sha512WithRsaEncryption, "SHA512WITHRSA"); + oids.Add(PkcsObjectIdentifiers.Sha512_224WithRSAEncryption, "SHA512(224)WITHRSA"); + oids.Add(PkcsObjectIdentifiers.Sha512_256WithRSAEncryption, "SHA512(256)WITHRSA"); + oids.Add(TeleTrusTObjectIdentifiers.RsaSignatureWithRipeMD160, "RIPEMD160WITHRSA"); + oids.Add(TeleTrusTObjectIdentifiers.RsaSignatureWithRipeMD128, "RIPEMD128WITHRSA"); + oids.Add(TeleTrusTObjectIdentifiers.RsaSignatureWithRipeMD256, "RIPEMD256WITHRSA"); + oids.Add(X9ObjectIdentifiers.IdDsaWithSha1, "SHA1WITHDSA"); + oids.Add(NistObjectIdentifiers.DsaWithSha224, "SHA224WITHDSA"); + oids.Add(NistObjectIdentifiers.DsaWithSha256, "SHA256WITHDSA"); + oids.Add(X9ObjectIdentifiers.ECDsaWithSha1, "SHA1WITHECDSA"); + oids.Add(X9ObjectIdentifiers.ECDsaWithSha224, "SHA224WITHECDSA"); + oids.Add(X9ObjectIdentifiers.ECDsaWithSha256, "SHA256WITHECDSA"); + oids.Add(X9ObjectIdentifiers.ECDsaWithSha384, "SHA384WITHECDSA"); + oids.Add(X9ObjectIdentifiers.ECDsaWithSha512, "SHA512WITHECDSA"); + oids.Add(CryptoProObjectIdentifiers.GostR3411x94WithGostR3410x94, "GOST3411WITHGOST3410"); + oids.Add(OiwObjectIdentifiers.MD5WithRsa, "MD5WITHRSA"); + oids.Add(OiwObjectIdentifiers.Sha1WithRsa, "SHA1WITHRSA"); + oids.Add(OiwObjectIdentifiers.DsaWithSha1, "SHA1WITHDSA"); + + // + // According to RFC 3279, the ASN.1 encoding SHALL (id-dsa-with-sha1) or MUST (ecdsa-with-SHA*) omit the parameters field. + // The parameters field SHALL be NULL for RSA based signature algorithms. + // + noParams.Add(X9ObjectIdentifiers.ECDsaWithSha1); + noParams.Add(X9ObjectIdentifiers.ECDsaWithSha224); + noParams.Add(X9ObjectIdentifiers.ECDsaWithSha256); + noParams.Add(X9ObjectIdentifiers.ECDsaWithSha384); + noParams.Add(X9ObjectIdentifiers.ECDsaWithSha512); + noParams.Add(X9ObjectIdentifiers.IdDsaWithSha1); + noParams.Add(OiwObjectIdentifiers.DsaWithSha1); + noParams.Add(NistObjectIdentifiers.DsaWithSha224); + noParams.Add(NistObjectIdentifiers.DsaWithSha256); + } + + internal static DerObjectIdentifier GetAlgorithmOid( + string algorithmName) + { + algorithmName = Platform.ToUpperInvariant(algorithmName); + + if (algorithms.Contains(algorithmName)) + { + return (DerObjectIdentifier)algorithms[algorithmName]; + } + + return new DerObjectIdentifier(algorithmName); + } + + + internal static string GetAlgorithmName( + DerObjectIdentifier oid) + { + if (oids.Contains(oid)) + { + return (string)oids[oid]; + } + + return oid.Id; + } + + internal static AlgorithmIdentifier GetSigAlgID( + DerObjectIdentifier sigOid) + { + if (noParams.Contains(sigOid)) + { + return new AlgorithmIdentifier(sigOid); + } + + return new AlgorithmIdentifier(sigOid, DerNull.Instance); + } + + internal static IEnumerable AlgNames + { + get { return new EnumerableProxy(algorithms.Keys); } + } + } +} diff --git a/BouncyCastle/crypto/src/ocsp/Req.cs b/BouncyCastle/crypto/src/ocsp/Req.cs new file mode 100644 index 0000000..68fd9f1 --- /dev/null +++ b/BouncyCastle/crypto/src/ocsp/Req.cs @@ -0,0 +1,38 @@ +using System; +using System.Collections; +using System.IO; + +using Org.BouncyCastle.Asn1; +using Org.BouncyCastle.Asn1.Ocsp; +using Org.BouncyCastle.Asn1.X509; +using Org.BouncyCastle.X509; + +namespace Org.BouncyCastle.Ocsp +{ + public class Req + : X509ExtensionBase + { + private Request req; + + public Req( + Request req) + { + this.req = req; + } + + public CertificateID GetCertID() + { + return new CertificateID(req.ReqCert); + } + + public X509Extensions SingleRequestExtensions + { + get { return req.SingleRequestExtensions; } + } + + protected override X509Extensions GetX509Extensions() + { + return SingleRequestExtensions; + } + } +} diff --git a/BouncyCastle/crypto/src/ocsp/RespData.cs b/BouncyCastle/crypto/src/ocsp/RespData.cs new file mode 100644 index 0000000..7ec0e4b --- /dev/null +++ b/BouncyCastle/crypto/src/ocsp/RespData.cs @@ -0,0 +1,60 @@ +using System; +using System.Collections; + +using Org.BouncyCastle.Asn1; +using Org.BouncyCastle.Asn1.Ocsp; +using Org.BouncyCastle.Asn1.X509; +using Org.BouncyCastle.X509; + +namespace Org.BouncyCastle.Ocsp +{ + public class RespData + : X509ExtensionBase + { + internal readonly ResponseData data; + + public RespData( + ResponseData data) + { + this.data = data; + } + + public int Version + { + get { return data.Version.IntValueExact + 1; } + } + + public RespID GetResponderId() + { + return new RespID(data.ResponderID); + } + + public DateTime ProducedAt + { + get { return data.ProducedAt.ToDateTime(); } + } + + public SingleResp[] GetResponses() + { + Asn1Sequence s = data.Responses; + SingleResp[] rs = new SingleResp[s.Count]; + + for (int i = 0; i != rs.Length; i++) + { + rs[i] = new SingleResp(SingleResponse.GetInstance(s[i])); + } + + return rs; + } + + public X509Extensions ResponseExtensions + { + get { return data.ResponseExtensions; } + } + + protected override X509Extensions GetX509Extensions() + { + return ResponseExtensions; + } + } +} diff --git a/BouncyCastle/crypto/src/ocsp/RespID.cs b/BouncyCastle/crypto/src/ocsp/RespID.cs new file mode 100644 index 0000000..3238b26 --- /dev/null +++ b/BouncyCastle/crypto/src/ocsp/RespID.cs @@ -0,0 +1,72 @@ +using System; + +using Org.BouncyCastle.Asn1; +using Org.BouncyCastle.Asn1.Ocsp; +using Org.BouncyCastle.Asn1.X509; +using Org.BouncyCastle.Crypto; +using Org.BouncyCastle.Security; +using Org.BouncyCastle.X509; + +namespace Org.BouncyCastle.Ocsp +{ + /** + * Carrier for a ResponderID. + */ + public class RespID + { + internal readonly ResponderID id; + + public RespID( + ResponderID id) + { + this.id = id; + } + + public RespID( + X509Name name) + { + this.id = new ResponderID(name); + } + + public RespID( + AsymmetricKeyParameter publicKey) + { + try + { + SubjectPublicKeyInfo info = SubjectPublicKeyInfoFactory.CreateSubjectPublicKeyInfo(publicKey); + + byte[] keyHash = DigestUtilities.CalculateDigest("SHA1", info.PublicKeyData.GetBytes()); + + this.id = new ResponderID(new DerOctetString(keyHash)); + } + catch (Exception e) + { + throw new OcspException("problem creating ID: " + e, e); + } + } + + public ResponderID ToAsn1Object() + { + return id; + } + + public override bool Equals( + object obj) + { + if (obj == this) + return true; + + RespID other = obj as RespID; + + if (other == null) + return false; + + return id.Equals(other.id); + } + + public override int GetHashCode() + { + return id.GetHashCode(); + } + } +} diff --git a/BouncyCastle/crypto/src/ocsp/RevokedStatus.cs b/BouncyCastle/crypto/src/ocsp/RevokedStatus.cs new file mode 100644 index 0000000..edbeb57 --- /dev/null +++ b/BouncyCastle/crypto/src/ocsp/RevokedStatus.cs @@ -0,0 +1,58 @@ +using System; + +using Org.BouncyCastle.Asn1; +using Org.BouncyCastle.Asn1.Ocsp; +using Org.BouncyCastle.Asn1.X509; + +namespace Org.BouncyCastle.Ocsp +{ + /** + * wrapper for the RevokedInfo object + */ + public class RevokedStatus + : CertificateStatus + { + internal readonly RevokedInfo info; + + public RevokedStatus( + RevokedInfo info) + { + this.info = info; + } + + public RevokedStatus( + DateTime revocationDate, + int reason) + { + this.info = new RevokedInfo(new DerGeneralizedTime(revocationDate), new CrlReason(reason)); + } + + public DateTime RevocationTime + { + get { return info.RevocationTime.ToDateTime(); } + } + + public bool HasRevocationReason + { + get { return (info.RevocationReason != null); } + } + + /** + * return the revocation reason. Note: this field is optional, test for it + * with hasRevocationReason() first. + * @exception InvalidOperationException if a reason is asked for and none is avaliable + */ + public int RevocationReason + { + get + { + if (info.RevocationReason == null) + { + throw new InvalidOperationException("attempt to get a reason where none is available"); + } + + return info.RevocationReason.IntValueExact; + } + } + } +} diff --git a/BouncyCastle/crypto/src/ocsp/SingleResp.cs b/BouncyCastle/crypto/src/ocsp/SingleResp.cs new file mode 100644 index 0000000..b8979c5 --- /dev/null +++ b/BouncyCastle/crypto/src/ocsp/SingleResp.cs @@ -0,0 +1,81 @@ +using System; +using System.Collections; + +using Org.BouncyCastle.Asn1; +using Org.BouncyCastle.Asn1.Ocsp; +using Org.BouncyCastle.Asn1.X509; +using Org.BouncyCastle.Utilities.Date; +using Org.BouncyCastle.X509; + +namespace Org.BouncyCastle.Ocsp +{ + public class SingleResp + : X509ExtensionBase + { + internal readonly SingleResponse resp; + + public SingleResp( + SingleResponse resp) + { + this.resp = resp; + } + + public CertificateID GetCertID() + { + return new CertificateID(resp.CertId); + } + + /** + * Return the status object for the response - null indicates good. + * + * @return the status object for the response, null if it is good. + */ + public object GetCertStatus() + { + CertStatus s = resp.CertStatus; + + if (s.TagNo == 0) + { + return null; // good + } + + if (s.TagNo == 1) + { + return new RevokedStatus(RevokedInfo.GetInstance(s.Status)); + } + + return new UnknownStatus(); + } + + public DateTime ThisUpdate + { + get { return resp.ThisUpdate.ToDateTime(); } + } + + /** + * return the NextUpdate value - note: this is an optional field so may + * be returned as null. + * + * @return nextUpdate, or null if not present. + */ + public DateTimeObject NextUpdate + { + get + { + return resp.NextUpdate == null + ? null + : new DateTimeObject(resp.NextUpdate.ToDateTime()); + } + } + + public X509Extensions SingleExtensions + { + get { return resp.SingleExtensions; } + } + + protected override X509Extensions GetX509Extensions() + { + return SingleExtensions; + } + } +} diff --git a/BouncyCastle/crypto/src/ocsp/UnknownStatus.cs b/BouncyCastle/crypto/src/ocsp/UnknownStatus.cs new file mode 100644 index 0000000..c0f7a3a --- /dev/null +++ b/BouncyCastle/crypto/src/ocsp/UnknownStatus.cs @@ -0,0 +1,15 @@ +using System; + +namespace Org.BouncyCastle.Ocsp +{ + /** + * wrapper for the UnknownInfo object + */ + public class UnknownStatus + : CertificateStatus + { + public UnknownStatus() + { + } + } +} diff --git a/BouncyCastle/crypto/src/openpgp/IStreamGenerator.cs b/BouncyCastle/crypto/src/openpgp/IStreamGenerator.cs new file mode 100644 index 0000000..379213a --- /dev/null +++ b/BouncyCastle/crypto/src/openpgp/IStreamGenerator.cs @@ -0,0 +1,7 @@ +namespace Org.BouncyCastle.Bcpg.OpenPgp +{ + public interface IStreamGenerator + { + void Close(); + } +} diff --git a/BouncyCastle/crypto/src/openpgp/PGPKeyRing.cs b/BouncyCastle/crypto/src/openpgp/PGPKeyRing.cs new file mode 100644 index 0000000..9d9454f --- /dev/null +++ b/BouncyCastle/crypto/src/openpgp/PGPKeyRing.cs @@ -0,0 +1,81 @@ +using System.Collections; +using System.IO; + +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Bcpg.OpenPgp +{ + public abstract class PgpKeyRing + : PgpObject + { + internal PgpKeyRing() + { + } + + internal static TrustPacket ReadOptionalTrustPacket(BcpgInputStream pIn) + { + PacketTag tag = pIn.SkipMarkerPackets(); + + return tag == PacketTag.Trust ? (TrustPacket)pIn.ReadPacket() : null; + } + + internal static IList ReadSignaturesAndTrust(BcpgInputStream pIn) + { + try + { + IList sigList = Platform.CreateArrayList(); + + while (pIn.SkipMarkerPackets() == PacketTag.Signature) + { + SignaturePacket signaturePacket = (SignaturePacket)pIn.ReadPacket(); + TrustPacket trustPacket = ReadOptionalTrustPacket(pIn); + + sigList.Add(new PgpSignature(signaturePacket, trustPacket)); + } + + return sigList; + } + catch (PgpException e) + { + throw new IOException("can't create signature object: " + e.Message, e); + } + } + + internal static void ReadUserIDs(BcpgInputStream pIn, out IList ids, out IList idTrusts, out IList idSigs) + { + ids = Platform.CreateArrayList(); + idTrusts = Platform.CreateArrayList(); + idSigs = Platform.CreateArrayList(); + + while (IsUserTag(pIn.SkipMarkerPackets())) + { + Packet obj = pIn.ReadPacket(); + if (obj is UserIdPacket) + { + UserIdPacket id = (UserIdPacket)obj; + ids.Add(id.GetId()); + } + else + { + UserAttributePacket user = (UserAttributePacket)obj; + ids.Add(new PgpUserAttributeSubpacketVector(user.GetSubpackets())); + } + + idTrusts.Add(ReadOptionalTrustPacket(pIn)); + idSigs.Add(ReadSignaturesAndTrust(pIn)); + } + } + + private static bool IsUserTag(PacketTag tag) + { + switch (tag) + { + case PacketTag.UserAttribute: + case PacketTag.UserId: + return true; + default: + return false; + } + } + } +} diff --git a/BouncyCastle/crypto/src/openpgp/PGPObject.cs b/BouncyCastle/crypto/src/openpgp/PGPObject.cs new file mode 100644 index 0000000..d38276c --- /dev/null +++ b/BouncyCastle/crypto/src/openpgp/PGPObject.cs @@ -0,0 +1,9 @@ +namespace Org.BouncyCastle.Bcpg.OpenPgp +{ + public abstract class PgpObject + { + internal PgpObject() + { + } + } +} diff --git a/BouncyCastle/crypto/src/openpgp/PGPUserAttributeSubpacketVectorGenerator.cs b/BouncyCastle/crypto/src/openpgp/PGPUserAttributeSubpacketVectorGenerator.cs new file mode 100644 index 0000000..9d56c8b --- /dev/null +++ b/BouncyCastle/crypto/src/openpgp/PGPUserAttributeSubpacketVectorGenerator.cs @@ -0,0 +1,33 @@ +using System; +using System.Collections; + +using Org.BouncyCastle.Bcpg.Attr; +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Bcpg.OpenPgp +{ + public class PgpUserAttributeSubpacketVectorGenerator + { + private IList list = Platform.CreateArrayList(); + + public virtual void SetImageAttribute( + ImageAttrib.Format imageType, + byte[] imageData) + { + if (imageData == null) + throw new ArgumentException("attempt to set null image", "imageData"); + + list.Add(new ImageAttrib(imageType, imageData)); + } + + public virtual PgpUserAttributeSubpacketVector Generate() + { + UserAttributeSubpacket[] a = new UserAttributeSubpacket[list.Count]; + for (int i = 0; i < list.Count; ++i) + { + a[i] = (UserAttributeSubpacket)list[i]; + } + return new PgpUserAttributeSubpacketVector(a); + } + } +} diff --git a/BouncyCastle/crypto/src/openpgp/PgpCompressedData.cs b/BouncyCastle/crypto/src/openpgp/PgpCompressedData.cs new file mode 100644 index 0000000..c841b74 --- /dev/null +++ b/BouncyCastle/crypto/src/openpgp/PgpCompressedData.cs @@ -0,0 +1,54 @@ +using System.IO; + +using Org.BouncyCastle.Apache.Bzip2; +using Org.BouncyCastle.Utilities.Zlib; + +namespace Org.BouncyCastle.Bcpg.OpenPgp +{ + /// Compressed data objects + public class PgpCompressedData + : PgpObject + { + private readonly CompressedDataPacket data; + + public PgpCompressedData( + BcpgInputStream bcpgInput) + { + Packet packet = bcpgInput.ReadPacket(); + if (!(packet is CompressedDataPacket)) + throw new IOException("unexpected packet in stream: " + packet); + + this.data = (CompressedDataPacket)packet; + } + + /// The algorithm used for compression + public CompressionAlgorithmTag Algorithm + { + get { return data.Algorithm; } + } + + /// Get the raw input stream contained in the object. + public Stream GetInputStream() + { + return data.GetInputStream(); + } + + /// Return an uncompressed input stream which allows reading of the compressed data. + public Stream GetDataStream() + { + switch (Algorithm) + { + case CompressionAlgorithmTag.Uncompressed: + return GetInputStream(); + case CompressionAlgorithmTag.Zip: + return new ZInputStream(GetInputStream(), true); + case CompressionAlgorithmTag.ZLib: + return new ZInputStream(GetInputStream()); + case CompressionAlgorithmTag.BZip2: + return new CBZip2InputStream(GetInputStream()); + default: + throw new PgpException("can't recognise compression algorithm: " + Algorithm); + } + } + } +} diff --git a/BouncyCastle/crypto/src/openpgp/PgpCompressedDataGenerator.cs b/BouncyCastle/crypto/src/openpgp/PgpCompressedDataGenerator.cs new file mode 100644 index 0000000..51b6452 --- /dev/null +++ b/BouncyCastle/crypto/src/openpgp/PgpCompressedDataGenerator.cs @@ -0,0 +1,221 @@ +using System; +using System.IO; + +using Org.BouncyCastle.Apache.Bzip2; +using Org.BouncyCastle.Utilities; +using Org.BouncyCastle.Utilities.Zlib; + +namespace Org.BouncyCastle.Bcpg.OpenPgp +{ + /// Class for producing compressed data packets. + public class PgpCompressedDataGenerator + : IStreamGenerator + { + private readonly CompressionAlgorithmTag algorithm; + private readonly int compression; + + private Stream dOut; + private BcpgOutputStream pkOut; + + public PgpCompressedDataGenerator( + CompressionAlgorithmTag algorithm) + : this(algorithm, JZlib.Z_DEFAULT_COMPRESSION) + { + } + + public PgpCompressedDataGenerator( + CompressionAlgorithmTag algorithm, + int compression) + { + switch (algorithm) + { + case CompressionAlgorithmTag.Uncompressed: + case CompressionAlgorithmTag.Zip: + case CompressionAlgorithmTag.ZLib: + case CompressionAlgorithmTag.BZip2: + break; + default: + throw new ArgumentException("unknown compression algorithm", "algorithm"); + } + + if (compression != JZlib.Z_DEFAULT_COMPRESSION) + { + if ((compression < JZlib.Z_NO_COMPRESSION) || (compression > JZlib.Z_BEST_COMPRESSION)) + { + throw new ArgumentException("unknown compression level: " + compression); + } + } + + this.algorithm = algorithm; + this.compression = compression; + } + + /// + ///

    + /// Return an output stream which will save the data being written to + /// the compressed object. + ///

    + ///

    + /// The stream created can be closed off by either calling Close() + /// on the stream or Close() on the generator. Closing the returned + /// stream does not close off the Stream parameter outStr. + ///

    + ///     + /// Stream to be used for output. + /// A Stream for output of the compressed data. + /// + /// + /// + public Stream Open( + Stream outStr) + { + if (dOut != null) + throw new InvalidOperationException("generator already in open state"); + if (outStr == null) + throw new ArgumentNullException("outStr"); + + this.pkOut = new BcpgOutputStream(outStr, PacketTag.CompressedData); + + doOpen(); + + return new WrappedGeneratorStream(this, dOut); + } + + /// + ///

    + /// Return an output stream which will compress the data as it is written to it. + /// The stream will be written out in chunks according to the size of the passed in buffer. + ///

    + ///

    + /// The stream created can be closed off by either calling Close() + /// on the stream or Close() on the generator. Closing the returned + /// stream does not close off the Stream parameter outStr. + ///

    + ///

    + /// Note: if the buffer is not a power of 2 in length only the largest power of 2 + /// bytes worth of the buffer will be used. + ///

    + ///

    + /// Note: using this may break compatibility with RFC 1991 compliant tools. + /// Only recent OpenPGP implementations are capable of accepting these streams. + ///

    + ///     + /// Stream to be used for output. + /// The buffer to use. + /// A Stream for output of the compressed data. + /// + /// + /// + /// + public Stream Open( + Stream outStr, + byte[] buffer) + { + if (dOut != null) + throw new InvalidOperationException("generator already in open state"); + if (outStr == null) + throw new ArgumentNullException("outStr"); + if (buffer == null) + throw new ArgumentNullException("buffer"); + + this.pkOut = new BcpgOutputStream(outStr, PacketTag.CompressedData, buffer); + + doOpen(); + + return new WrappedGeneratorStream(this, dOut); + } + + private void doOpen() + { + pkOut.WriteByte((byte) algorithm); + + switch (algorithm) + { + case CompressionAlgorithmTag.Uncompressed: + dOut = pkOut; + break; + case CompressionAlgorithmTag.Zip: + dOut = new SafeZOutputStream(pkOut, compression, true); + break; + case CompressionAlgorithmTag.ZLib: + dOut = new SafeZOutputStream(pkOut, compression, false); + break; + case CompressionAlgorithmTag.BZip2: + dOut = new SafeCBZip2OutputStream(pkOut); + break; + default: + // Constructor should guard against this possibility + throw new InvalidOperationException(); + } + } + + /// Close the compressed object.summary> + public void Close() + { + if (dOut != null) + { + if (dOut != pkOut) + { + Platform.Dispose(dOut); + } + dOut = null; + + pkOut.Finish(); + pkOut.Flush(); + pkOut = null; + } + } + + private class SafeCBZip2OutputStream : CBZip2OutputStream + { + public SafeCBZip2OutputStream(Stream output) + : base(output) + { + } + +#if PORTABLE + protected override void Dispose(bool disposing) + { + if (disposing) + { + Finish(); + return; + } + base.Dispose(disposing); + } +#else + public override void Close() + { + Finish(); + } +#endif + } + + private class SafeZOutputStream : ZOutputStream + { + public SafeZOutputStream(Stream output, int level, bool nowrap) + : base(output, level, nowrap) + { + } + +#if PORTABLE + protected override void Dispose(bool disposing) + { + if (disposing) + { + Finish(); + End(); + return; + } + base.Dispose(disposing); + } +#else + public override void Close() + { + Finish(); + End(); + } +#endif + } + } +} diff --git a/BouncyCastle/crypto/src/openpgp/PgpDataValidationException.cs b/BouncyCastle/crypto/src/openpgp/PgpDataValidationException.cs new file mode 100644 index 0000000..d06833c --- /dev/null +++ b/BouncyCastle/crypto/src/openpgp/PgpDataValidationException.cs @@ -0,0 +1,18 @@ +using System; + +namespace Org.BouncyCastle.Bcpg.OpenPgp +{ + /// + /// Thrown if the IV at the start of a data stream indicates the wrong key is being used. + /// +#if !(NETCF_1_0 || NETCF_2_0 || SILVERLIGHT || PORTABLE) + [Serializable] +#endif + public class PgpDataValidationException + : PgpException + { + public PgpDataValidationException() : base() {} + public PgpDataValidationException(string message) : base(message) {} + public PgpDataValidationException(string message, Exception exception) : base(message, exception) {} + } +} diff --git a/BouncyCastle/crypto/src/openpgp/PgpEncryptedData.cs b/BouncyCastle/crypto/src/openpgp/PgpEncryptedData.cs new file mode 100644 index 0000000..558e0b8 --- /dev/null +++ b/BouncyCastle/crypto/src/openpgp/PgpEncryptedData.cs @@ -0,0 +1,151 @@ +using System; +using System.Diagnostics; +using System.IO; + +using Org.BouncyCastle.Crypto; +using Org.BouncyCastle.Crypto.IO; +using Org.BouncyCastle.Security; +using Org.BouncyCastle.Utilities; +using Org.BouncyCastle.Utilities.IO; + +namespace Org.BouncyCastle.Bcpg.OpenPgp +{ + public abstract class PgpEncryptedData + { + internal class TruncatedStream + : BaseInputStream + { + private const int LookAheadSize = 22; + private const int LookAheadBufSize = 512; + private const int LookAheadBufLimit = LookAheadBufSize - LookAheadSize; + + private readonly Stream inStr; + private readonly byte[] lookAhead = new byte[LookAheadBufSize]; + private int bufStart, bufEnd; + + internal TruncatedStream( + Stream inStr) + { + int numRead = Streams.ReadFully(inStr, lookAhead, 0, lookAhead.Length); + + if (numRead < LookAheadSize) + throw new EndOfStreamException(); + + this.inStr = inStr; + this.bufStart = 0; + this.bufEnd = numRead - LookAheadSize; + } + + private int FillBuffer() + { + if (bufEnd < LookAheadBufLimit) + return 0; + + Debug.Assert(bufStart == LookAheadBufLimit); + Debug.Assert(bufEnd == LookAheadBufLimit); + + Array.Copy(lookAhead, LookAheadBufLimit, lookAhead, 0, LookAheadSize); + bufEnd = Streams.ReadFully(inStr, lookAhead, LookAheadSize, LookAheadBufLimit); + bufStart = 0; + return bufEnd; + } + + public override int ReadByte() + { + if (bufStart < bufEnd) + return lookAhead[bufStart++]; + + if (FillBuffer() < 1) + return -1; + + return lookAhead[bufStart++]; + } + + public override int Read(byte[] buf, int off, int len) + { + int avail = bufEnd - bufStart; + + int pos = off; + while (len > avail) + { + Array.Copy(lookAhead, bufStart, buf, pos, avail); + + bufStart += avail; + pos += avail; + len -= avail; + + if ((avail = FillBuffer()) < 1) + return pos - off; + } + + Array.Copy(lookAhead, bufStart, buf, pos, len); + bufStart += len; + + return pos + len - off; + } + + internal byte[] GetLookAhead() + { + byte[] temp = new byte[LookAheadSize]; + Array.Copy(lookAhead, bufStart, temp, 0, LookAheadSize); + return temp; + } + } + + internal InputStreamPacket encData; + internal Stream encStream; + internal TruncatedStream truncStream; + + internal PgpEncryptedData( + InputStreamPacket encData) + { + this.encData = encData; + } + + /// Return the raw input stream for the data stream. + public virtual Stream GetInputStream() + { + return encData.GetInputStream(); + } + + /// Return true if the message is integrity protected. + /// True, if there is a modification detection code namespace associated + /// with this stream. + public bool IsIntegrityProtected() + { + return encData is SymmetricEncIntegrityPacket; + } + + /// Note: This can only be called after the message has been read. + /// True, if the message verifies, false otherwise + public bool Verify() + { + if (!IsIntegrityProtected()) + throw new PgpException("data not integrity protected."); + + DigestStream dIn = (DigestStream) encStream; + + // + // make sure we are at the end. + // + while (encStream.ReadByte() >= 0) + { + // do nothing + } + + // + // process the MDC packet + // + byte[] lookAhead = truncStream.GetLookAhead(); + + IDigest hash = dIn.ReadDigest(); + hash.BlockUpdate(lookAhead, 0, 2); + byte[] digest = DigestUtilities.DoFinal(hash); + + byte[] streamDigest = new byte[digest.Length]; + Array.Copy(lookAhead, 2, streamDigest, 0, streamDigest.Length); + + return Arrays.ConstantTimeAreEqual(digest, streamDigest); + } + } +} diff --git a/BouncyCastle/crypto/src/openpgp/PgpEncryptedDataGenerator.cs b/BouncyCastle/crypto/src/openpgp/PgpEncryptedDataGenerator.cs new file mode 100644 index 0000000..336baf0 --- /dev/null +++ b/BouncyCastle/crypto/src/openpgp/PgpEncryptedDataGenerator.cs @@ -0,0 +1,604 @@ +using System; +using System.Collections; +using System.Diagnostics; +using System.IO; + +using Org.BouncyCastle.Asn1.X9; +using Org.BouncyCastle.Crypto; +using Org.BouncyCastle.Crypto.IO; +using Org.BouncyCastle.Crypto.Generators; +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Math; +using Org.BouncyCastle.Math.EC; +using Org.BouncyCastle.Security; +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Bcpg.OpenPgp +{ + /// Generator for encrypted objects. + public class PgpEncryptedDataGenerator + : IStreamGenerator + { + private BcpgOutputStream pOut; + private CipherStream cOut; + private IBufferedCipher c; + private bool withIntegrityPacket; + private bool oldFormat; + private DigestStream digestOut; + + private abstract class EncMethod + : ContainedPacket + { + protected byte[] sessionInfo; + protected SymmetricKeyAlgorithmTag encAlgorithm; + protected KeyParameter key; + + public abstract void AddSessionInfo(byte[] si, SecureRandom random); + } + + private class PbeMethod + : EncMethod + { + private S2k s2k; + + internal PbeMethod( + SymmetricKeyAlgorithmTag encAlgorithm, + S2k s2k, + KeyParameter key) + { + this.encAlgorithm = encAlgorithm; + this.s2k = s2k; + this.key = key; + } + + public KeyParameter GetKey() + { + return key; + } + + public override void AddSessionInfo( + byte[] si, + SecureRandom random) + { + string cName = PgpUtilities.GetSymmetricCipherName(encAlgorithm); + IBufferedCipher c = CipherUtilities.GetCipher(cName + "/CFB/NoPadding"); + + byte[] iv = new byte[c.GetBlockSize()]; + c.Init(true, new ParametersWithRandom(new ParametersWithIV(key, iv), random)); + + this.sessionInfo = c.DoFinal(si, 0, si.Length - 2); + } + + public override void Encode(BcpgOutputStream pOut) + { + SymmetricKeyEncSessionPacket pk = new SymmetricKeyEncSessionPacket( + encAlgorithm, s2k, sessionInfo); + + pOut.WritePacket(pk); + } + } + + private class PubMethod + : EncMethod + { + internal PgpPublicKey pubKey; + internal bool sessionKeyObfuscation; + internal byte[][] data; + + internal PubMethod(PgpPublicKey pubKey, bool sessionKeyObfuscation) + { + this.pubKey = pubKey; + this.sessionKeyObfuscation = sessionKeyObfuscation; + } + + public override void AddSessionInfo( + byte[] sessionInfo, + SecureRandom random) + { + byte[] encryptedSessionInfo = EncryptSessionInfo(sessionInfo, random); + + this.data = ProcessSessionInfo(encryptedSessionInfo); + } + + private byte[] EncryptSessionInfo(byte[] sessionInfo, SecureRandom random) + { + if (pubKey.Algorithm != PublicKeyAlgorithmTag.ECDH) + { + IBufferedCipher c; + switch (pubKey.Algorithm) + { + case PublicKeyAlgorithmTag.RsaEncrypt: + case PublicKeyAlgorithmTag.RsaGeneral: + c = CipherUtilities.GetCipher("RSA//PKCS1Padding"); + break; + case PublicKeyAlgorithmTag.ElGamalEncrypt: + case PublicKeyAlgorithmTag.ElGamalGeneral: + c = CipherUtilities.GetCipher("ElGamal/ECB/PKCS1Padding"); + break; + case PublicKeyAlgorithmTag.Dsa: + throw new PgpException("Can't use DSA for encryption."); + case PublicKeyAlgorithmTag.ECDsa: + throw new PgpException("Can't use ECDSA for encryption."); + default: + throw new PgpException("unknown asymmetric algorithm: " + pubKey.Algorithm); + } + + AsymmetricKeyParameter akp = pubKey.GetKey(); + c.Init(true, new ParametersWithRandom(akp, random)); + return c.DoFinal(sessionInfo); + } + + ECDHPublicBcpgKey ecKey = (ECDHPublicBcpgKey)pubKey.PublicKeyPacket.Key; + + // Generate the ephemeral key pair + IAsymmetricCipherKeyPairGenerator gen = GeneratorUtilities.GetKeyPairGenerator("ECDH"); + gen.Init(new ECKeyGenerationParameters(ecKey.CurveOid, random)); + + AsymmetricCipherKeyPair ephKp = gen.GenerateKeyPair(); + ECPrivateKeyParameters ephPriv = (ECPrivateKeyParameters)ephKp.Private; + ECPublicKeyParameters ephPub = (ECPublicKeyParameters)ephKp.Public; + + ECPublicKeyParameters pub = (ECPublicKeyParameters)pubKey.GetKey(); + ECPoint S = pub.Q.Multiply(ephPriv.D).Normalize(); + + KeyParameter key = new KeyParameter(Rfc6637Utilities.CreateKey(pubKey.PublicKeyPacket, S)); + + IWrapper w = PgpUtilities.CreateWrapper(ecKey.SymmetricKeyAlgorithm); + w.Init(true, new ParametersWithRandom(key, random)); + + byte[] paddedSessionData = PgpPad.PadSessionData(sessionInfo, sessionKeyObfuscation); + + byte[] C = w.Wrap(paddedSessionData, 0, paddedSessionData.Length); + byte[] VB = new MPInteger(new BigInteger(1, ephPub.Q.GetEncoded(false))).GetEncoded(); + + byte[] rv = new byte[VB.Length + 1 + C.Length]; + + Array.Copy(VB, 0, rv, 0, VB.Length); + rv[VB.Length] = (byte)C.Length; + Array.Copy(C, 0, rv, VB.Length + 1, C.Length); + + return rv; + } + + private byte[][] ProcessSessionInfo(byte[] encryptedSessionInfo) + { + byte[][] data; + + switch (pubKey.Algorithm) + { + case PublicKeyAlgorithmTag.RsaEncrypt: + case PublicKeyAlgorithmTag.RsaGeneral: + data = new byte[][] { ConvertToEncodedMpi(encryptedSessionInfo) }; + break; + case PublicKeyAlgorithmTag.ElGamalEncrypt: + case PublicKeyAlgorithmTag.ElGamalGeneral: + int halfLength = encryptedSessionInfo.Length / 2; + byte[] b1 = new byte[halfLength]; + byte[] b2 = new byte[halfLength]; + + Array.Copy(encryptedSessionInfo, 0, b1, 0, halfLength); + Array.Copy(encryptedSessionInfo, halfLength, b2, 0, halfLength); + + data = new byte[][] { + ConvertToEncodedMpi(b1), + ConvertToEncodedMpi(b2), + }; + break; + case PublicKeyAlgorithmTag.ECDH: + data = new byte[][]{ encryptedSessionInfo }; + break; + default: + throw new PgpException("unknown asymmetric algorithm: " + pubKey.Algorithm); + } + + return data; + } + + private byte[] ConvertToEncodedMpi(byte[] encryptedSessionInfo) + { + try + { + return new MPInteger(new BigInteger(1, encryptedSessionInfo)).GetEncoded(); + } + catch (IOException e) + { + throw new PgpException("Invalid MPI encoding: " + e.Message, e); + } + } + + public override void Encode(BcpgOutputStream pOut) + { + PublicKeyEncSessionPacket pk = new PublicKeyEncSessionPacket(pubKey.KeyId, pubKey.Algorithm, data); + + pOut.WritePacket(pk); + } + } + + private readonly IList methods = Platform.CreateArrayList(); + private readonly SymmetricKeyAlgorithmTag defAlgorithm; + private readonly SecureRandom rand; + + public PgpEncryptedDataGenerator( + SymmetricKeyAlgorithmTag encAlgorithm) + { + this.defAlgorithm = encAlgorithm; + this.rand = new SecureRandom(); + } + + public PgpEncryptedDataGenerator( + SymmetricKeyAlgorithmTag encAlgorithm, + bool withIntegrityPacket) + { + this.defAlgorithm = encAlgorithm; + this.withIntegrityPacket = withIntegrityPacket; + this.rand = new SecureRandom(); + } + + /// Existing SecureRandom constructor. + /// The symmetric algorithm to use. + /// Source of randomness. + public PgpEncryptedDataGenerator( + SymmetricKeyAlgorithmTag encAlgorithm, + SecureRandom rand) + { + this.defAlgorithm = encAlgorithm; + this.rand = rand; + } + + /// Creates a cipher stream which will have an integrity packet associated with it. + public PgpEncryptedDataGenerator( + SymmetricKeyAlgorithmTag encAlgorithm, + bool withIntegrityPacket, + SecureRandom rand) + { + this.defAlgorithm = encAlgorithm; + this.rand = rand; + this.withIntegrityPacket = withIntegrityPacket; + } + + /// Base constructor. + /// The symmetric algorithm to use. + /// Source of randomness. + /// PGP 2.6.x compatibility required. + public PgpEncryptedDataGenerator( + SymmetricKeyAlgorithmTag encAlgorithm, + SecureRandom rand, + bool oldFormat) + { + this.defAlgorithm = encAlgorithm; + this.rand = rand; + this.oldFormat = oldFormat; + } + + /// + /// Add a PBE encryption method to the encrypted object using the default algorithm (S2K_SHA1). + /// + /// + /// Conversion of the passphrase characters to bytes is performed using Convert.ToByte(), which is + /// the historical behaviour of the library (1.7 and earlier). + /// + [Obsolete("Use version that takes an explicit s2kDigest parameter")] + public void AddMethod(char[] passPhrase) + { + AddMethod(passPhrase, HashAlgorithmTag.Sha1); + } + + /// Add a PBE encryption method to the encrypted object. + /// + /// Conversion of the passphrase characters to bytes is performed using Convert.ToByte(), which is + /// the historical behaviour of the library (1.7 and earlier). + /// + public void AddMethod(char[] passPhrase, HashAlgorithmTag s2kDigest) + { + DoAddMethod(PgpUtilities.EncodePassPhrase(passPhrase, false), true, s2kDigest); + } + + /// Add a PBE encryption method to the encrypted object. + /// + /// The passphrase is encoded to bytes using UTF8 (Encoding.UTF8.GetBytes). + /// + public void AddMethodUtf8(char[] passPhrase, HashAlgorithmTag s2kDigest) + { + DoAddMethod(PgpUtilities.EncodePassPhrase(passPhrase, true), true, s2kDigest); + } + + /// Add a PBE encryption method to the encrypted object. + /// + /// Allows the caller to handle the encoding of the passphrase to bytes. + /// + public void AddMethodRaw(byte[] rawPassPhrase, HashAlgorithmTag s2kDigest) + { + DoAddMethod(rawPassPhrase, false, s2kDigest); + } + + internal void DoAddMethod(byte[] rawPassPhrase, bool clearPassPhrase, HashAlgorithmTag s2kDigest) + { + S2k s2k = PgpUtilities.GenerateS2k(s2kDigest, 0x60, rand); + + methods.Add(new PbeMethod(defAlgorithm, s2k, PgpUtilities.DoMakeKeyFromPassPhrase(defAlgorithm, s2k, rawPassPhrase, clearPassPhrase))); + } + + /// Add a public key encrypted session key to the encrypted object. + public void AddMethod(PgpPublicKey key) + { + AddMethod(key, true); + } + + public void AddMethod(PgpPublicKey key, bool sessionKeyObfuscation) + { + if (!key.IsEncryptionKey) + { + throw new ArgumentException("passed in key not an encryption key!"); + } + + methods.Add(new PubMethod(key, sessionKeyObfuscation)); + } + + private void AddCheckSum( + byte[] sessionInfo) + { + Debug.Assert(sessionInfo != null); + Debug.Assert(sessionInfo.Length >= 3); + + int check = 0; + + for (int i = 1; i < sessionInfo.Length - 2; i++) + { + check += sessionInfo[i]; + } + + sessionInfo[sessionInfo.Length - 2] = (byte)(check >> 8); + sessionInfo[sessionInfo.Length - 1] = (byte)(check); + } + + private byte[] CreateSessionInfo( + SymmetricKeyAlgorithmTag algorithm, + KeyParameter key) + { + byte[] keyBytes = key.GetKey(); + byte[] sessionInfo = new byte[keyBytes.Length + 3]; + sessionInfo[0] = (byte) algorithm; + keyBytes.CopyTo(sessionInfo, 1); + AddCheckSum(sessionInfo); + return sessionInfo; + } + + /// + ///

    + /// If buffer is non null stream assumed to be partial, otherwise the length will be used + /// to output a fixed length packet. + ///

    + ///

    + /// The stream created can be closed off by either calling Close() + /// on the stream or Close() on the generator. Closing the returned + /// stream does not close off the Stream parameter outStr. + ///

    + ///     + private Stream Open( + Stream outStr, + long length, + byte[] buffer) + { + if (cOut != null) + throw new InvalidOperationException("generator already in open state"); + if (methods.Count == 0) + throw new InvalidOperationException("No encryption methods specified"); + if (outStr == null) + throw new ArgumentNullException("outStr"); + + pOut = new BcpgOutputStream(outStr); + + KeyParameter key; + + if (methods.Count == 1) + { + if (methods[0] is PbeMethod) + { + PbeMethod m = (PbeMethod)methods[0]; + + key = m.GetKey(); + } + else + { + key = PgpUtilities.MakeRandomKey(defAlgorithm, rand); + + byte[] sessionInfo = CreateSessionInfo(defAlgorithm, key); + PubMethod m = (PubMethod)methods[0]; + + try + { + m.AddSessionInfo(sessionInfo, rand); + } + catch (Exception e) + { + throw new PgpException("exception encrypting session key", e); + } + } + + pOut.WritePacket((ContainedPacket)methods[0]); + } + else // multiple methods + { + key = PgpUtilities.MakeRandomKey(defAlgorithm, rand); + byte[] sessionInfo = CreateSessionInfo(defAlgorithm, key); + + for (int i = 0; i != methods.Count; i++) + { + EncMethod m = (EncMethod)methods[i]; + + try + { + m.AddSessionInfo(sessionInfo, rand); + } + catch (Exception e) + { + throw new PgpException("exception encrypting session key", e); + } + + pOut.WritePacket(m); + } + } + + string cName = PgpUtilities.GetSymmetricCipherName(defAlgorithm); + if (cName == null) + { + throw new PgpException("null cipher specified"); + } + + try + { + if (withIntegrityPacket) + { + cName += "/CFB/NoPadding"; + } + else + { + cName += "/OpenPGPCFB/NoPadding"; + } + + c = CipherUtilities.GetCipher(cName); + + // TODO Confirm the IV should be all zero bytes (not inLineIv - see below) + byte[] iv = new byte[c.GetBlockSize()]; + c.Init(true, new ParametersWithRandom(new ParametersWithIV(key, iv), rand)); + + if (buffer == null) + { + // + // we have to Add block size + 2 for the Generated IV and + 1 + 22 if integrity protected + // + if (withIntegrityPacket) + { + pOut = new BcpgOutputStream(outStr, PacketTag.SymmetricEncryptedIntegrityProtected, length + c.GetBlockSize() + 2 + 1 + 22); + pOut.WriteByte(1); // version number + } + else + { + pOut = new BcpgOutputStream(outStr, PacketTag.SymmetricKeyEncrypted, length + c.GetBlockSize() + 2, oldFormat); + } + } + else + { + if (withIntegrityPacket) + { + pOut = new BcpgOutputStream(outStr, PacketTag.SymmetricEncryptedIntegrityProtected, buffer); + pOut.WriteByte(1); // version number + } + else + { + pOut = new BcpgOutputStream(outStr, PacketTag.SymmetricKeyEncrypted, buffer); + } + } + + int blockSize = c.GetBlockSize(); + byte[] inLineIv = new byte[blockSize + 2]; + rand.NextBytes(inLineIv, 0, blockSize); + Array.Copy(inLineIv, inLineIv.Length - 4, inLineIv, inLineIv.Length - 2, 2); + + Stream myOut = cOut = new CipherStream(pOut, null, c); + + if (withIntegrityPacket) + { + string digestName = PgpUtilities.GetDigestName(HashAlgorithmTag.Sha1); + IDigest digest = DigestUtilities.GetDigest(digestName); + myOut = digestOut = new DigestStream(myOut, null, digest); + } + + myOut.Write(inLineIv, 0, inLineIv.Length); + + return new WrappedGeneratorStream(this, myOut); + } + catch (Exception e) + { + throw new PgpException("Exception creating cipher", e); + } + } + + /// + ///

    + /// Return an output stream which will encrypt the data as it is written to it. + ///

    + ///

    + /// The stream created can be closed off by either calling Close() + /// on the stream or Close() on the generator. Closing the returned + /// stream does not close off the Stream parameter outStr. + ///

    + ///     + public Stream Open( + Stream outStr, + long length) + { + return Open(outStr, length, null); + } + + /// + ///

    + /// Return an output stream which will encrypt the data as it is written to it. + /// The stream will be written out in chunks according to the size of the passed in buffer. + ///

    + ///

    + /// The stream created can be closed off by either calling Close() + /// on the stream or Close() on the generator. Closing the returned + /// stream does not close off the Stream parameter outStr. + ///

    + ///

    + /// Note: if the buffer is not a power of 2 in length only the largest power of 2 + /// bytes worth of the buffer will be used. + ///

    + ///     + public Stream Open( + Stream outStr, + byte[] buffer) + { + return Open(outStr, 0, buffer); + } + + /// + ///

    + /// Close off the encrypted object - this is equivalent to calling Close() on the stream + /// returned by the Open() method. + ///

    + ///

    + /// Note: This does not close the underlying output stream, only the stream on top of + /// it created by the Open() method. + ///

    + ///     + public void Close() + { + if (cOut != null) + { + // TODO Should this all be under the try/catch block? + if (digestOut != null) + { + // + // hand code a mod detection packet + // + BcpgOutputStream bOut = new BcpgOutputStream( + digestOut, PacketTag.ModificationDetectionCode, 20); + + bOut.Flush(); + digestOut.Flush(); + + // TODO + byte[] dig = DigestUtilities.DoFinal(digestOut.WriteDigest()); + cOut.Write(dig, 0, dig.Length); + } + + cOut.Flush(); + + try + { + pOut.Write(c.DoFinal()); + pOut.Finish(); + } + catch (Exception e) + { + throw new IOException(e.Message, e); + } + + cOut = null; + pOut = null; + } + } + } +} diff --git a/BouncyCastle/crypto/src/openpgp/PgpEncryptedDataList.cs b/BouncyCastle/crypto/src/openpgp/PgpEncryptedDataList.cs new file mode 100644 index 0000000..1f605da --- /dev/null +++ b/BouncyCastle/crypto/src/openpgp/PgpEncryptedDataList.cs @@ -0,0 +1,77 @@ +using System; +using System.Collections; +using System.IO; + +using Org.BouncyCastle.Utilities; +using Org.BouncyCastle.Utilities.Collections; + +namespace Org.BouncyCastle.Bcpg.OpenPgp +{ + /// A holder for a list of PGP encryption method packets. + public class PgpEncryptedDataList + : PgpObject + { + private readonly IList list = Platform.CreateArrayList(); + private readonly InputStreamPacket data; + + public PgpEncryptedDataList( + BcpgInputStream bcpgInput) + { + while (bcpgInput.NextPacketTag() == PacketTag.PublicKeyEncryptedSession + || bcpgInput.NextPacketTag() == PacketTag.SymmetricKeyEncryptedSessionKey) + { + list.Add(bcpgInput.ReadPacket()); + } + + Packet packet = bcpgInput.ReadPacket(); + if (!(packet is InputStreamPacket)) + throw new IOException("unexpected packet in stream: " + packet); + + this.data = (InputStreamPacket)packet; + + for (int i = 0; i != list.Count; i++) + { + if (list[i] is SymmetricKeyEncSessionPacket) + { + list[i] = new PgpPbeEncryptedData((SymmetricKeyEncSessionPacket) list[i], data); + } + else + { + list[i] = new PgpPublicKeyEncryptedData((PublicKeyEncSessionPacket) list[i], data); + } + } + } + + public PgpEncryptedData this[int index] + { + get { return (PgpEncryptedData) list[index]; } + } + + [Obsolete("Use 'object[index]' syntax instead")] + public object Get(int index) + { + return this[index]; + } + + [Obsolete("Use 'Count' property instead")] + public int Size + { + get { return list.Count; } + } + + public int Count + { + get { return list.Count; } + } + + public bool IsEmpty + { + get { return list.Count == 0; } + } + + public IEnumerable GetEncryptedDataObjects() + { + return new EnumerableProxy(list); + } + } +} diff --git a/BouncyCastle/crypto/src/openpgp/PgpException.cs b/BouncyCastle/crypto/src/openpgp/PgpException.cs new file mode 100644 index 0000000..230dab8 --- /dev/null +++ b/BouncyCastle/crypto/src/openpgp/PgpException.cs @@ -0,0 +1,22 @@ +using System; + +namespace Org.BouncyCastle.Bcpg.OpenPgp +{ + /// Generic exception class for PGP encoding/decoding problems. +#if !(NETCF_1_0 || NETCF_2_0 || SILVERLIGHT || PORTABLE) + [Serializable] +#endif + public class PgpException + : Exception + { + public PgpException() : base() {} + public PgpException(string message) : base(message) {} + public PgpException(string message, Exception exception) : base(message, exception) {} + + [Obsolete("Use InnerException property")] + public Exception UnderlyingException + { + get { return InnerException; } + } + } +} diff --git a/BouncyCastle/crypto/src/openpgp/PgpExperimental.cs b/BouncyCastle/crypto/src/openpgp/PgpExperimental.cs new file mode 100644 index 0000000..8518335 --- /dev/null +++ b/BouncyCastle/crypto/src/openpgp/PgpExperimental.cs @@ -0,0 +1,16 @@ +using System; + +namespace Org.BouncyCastle.Bcpg.OpenPgp +{ + public class PgpExperimental + : PgpObject + { + private readonly ExperimentalPacket p; + + public PgpExperimental( + BcpgInputStream bcpgIn) + { + p = (ExperimentalPacket) bcpgIn.ReadPacket(); + } + } +} diff --git a/BouncyCastle/crypto/src/openpgp/PgpKeyFlags.cs b/BouncyCastle/crypto/src/openpgp/PgpKeyFlags.cs new file mode 100644 index 0000000..ea18006 --- /dev/null +++ b/BouncyCastle/crypto/src/openpgp/PgpKeyFlags.cs @@ -0,0 +1,13 @@ +namespace Org.BouncyCastle.Bcpg.OpenPgp +{ + /// Key flag values for the KeyFlags subpacket. + public abstract class PgpKeyFlags + { + public const int CanCertify = 0x01; // This key may be used to certify other keys. + public const int CanSign = 0x02; // This key may be used to sign data. + public const int CanEncryptCommunications = 0x04; // This key may be used to encrypt communications. + public const int CanEncryptStorage = 0x08; // This key may be used to encrypt storage. + public const int MaybeSplit = 0x10; // The private component of this key may have been split by a secret-sharing mechanism. + public const int MaybeShared = 0x80; // The private component of this key may be in the possession of more than one person. + } +} diff --git a/BouncyCastle/crypto/src/openpgp/PgpKeyPair.cs b/BouncyCastle/crypto/src/openpgp/PgpKeyPair.cs new file mode 100644 index 0000000..9cf78fa --- /dev/null +++ b/BouncyCastle/crypto/src/openpgp/PgpKeyPair.cs @@ -0,0 +1,67 @@ +using System; + +using Org.BouncyCastle.Crypto; + +namespace Org.BouncyCastle.Bcpg.OpenPgp +{ + /// + /// General class to handle JCA key pairs and convert them into OpenPGP ones. + ///

    + /// A word for the unwary, the KeyId for an OpenPGP public key is calculated from + /// a hash that includes the time of creation, if you pass a different date to the + /// constructor below with the same public private key pair the KeyIs will not be the + /// same as for previous generations of the key, so ideally you only want to do + /// this once. + ///

    + ///     + public class PgpKeyPair + { + private readonly PgpPublicKey pub; + private readonly PgpPrivateKey priv; + + public PgpKeyPair( + PublicKeyAlgorithmTag algorithm, + AsymmetricCipherKeyPair keyPair, + DateTime time) + : this(algorithm, keyPair.Public, keyPair.Private, time) + { + } + + public PgpKeyPair( + PublicKeyAlgorithmTag algorithm, + AsymmetricKeyParameter pubKey, + AsymmetricKeyParameter privKey, + DateTime time) + { + this.pub = new PgpPublicKey(algorithm, pubKey, time); + this.priv = new PgpPrivateKey(pub.KeyId, pub.PublicKeyPacket, privKey); + } + + /// Create a key pair from a PgpPrivateKey and a PgpPublicKey. + /// The public key. + /// The private key. + public PgpKeyPair( + PgpPublicKey pub, + PgpPrivateKey priv) + { + this.pub = pub; + this.priv = priv; + } + + /// The keyId associated with this key pair. + public long KeyId + { + get { return pub.KeyId; } + } + + public PgpPublicKey PublicKey + { + get { return pub; } + } + + public PgpPrivateKey PrivateKey + { + get { return priv; } + } + } +} diff --git a/BouncyCastle/crypto/src/openpgp/PgpKeyRingGenerator.cs b/BouncyCastle/crypto/src/openpgp/PgpKeyRingGenerator.cs new file mode 100644 index 0000000..352575b --- /dev/null +++ b/BouncyCastle/crypto/src/openpgp/PgpKeyRingGenerator.cs @@ -0,0 +1,440 @@ +using System; +using System.Collections; +using Org.BouncyCastle.Security; +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Bcpg.OpenPgp +{ + /// + /// Generator for a PGP master and subkey ring. + /// This class will generate both the secret and public key rings + /// + public class PgpKeyRingGenerator + { + private IList keys = Platform.CreateArrayList(); + private string id; + private SymmetricKeyAlgorithmTag encAlgorithm; + private HashAlgorithmTag hashAlgorithm; + private int certificationLevel; + private byte[] rawPassPhrase; + private bool useSha1; + private PgpKeyPair masterKey; + private PgpSignatureSubpacketVector hashedPacketVector; + private PgpSignatureSubpacketVector unhashedPacketVector; + private SecureRandom rand; + + /// + /// Create a new key ring generator using old style checksumming. It is recommended to use + /// SHA1 checksumming where possible. + /// + /// + /// Conversion of the passphrase characters to bytes is performed using Convert.ToByte(), which is + /// the historical behaviour of the library (1.7 and earlier). + /// + /// The certification level for keys on this ring. + /// The master key pair. + /// The id to be associated with the ring. + /// The algorithm to be used to protect secret keys. + /// The passPhrase to be used to protect secret keys. + /// Packets to be included in the certification hash. + /// Packets to be attached unhashed to the certification. + /// input secured random. + [Obsolete("Use version taking an explicit 'useSha1' parameter instead")] + public PgpKeyRingGenerator( + int certificationLevel, + PgpKeyPair masterKey, + string id, + SymmetricKeyAlgorithmTag encAlgorithm, + char[] passPhrase, + PgpSignatureSubpacketVector hashedPackets, + PgpSignatureSubpacketVector unhashedPackets, + SecureRandom rand) + : this(certificationLevel, masterKey, id, encAlgorithm, passPhrase, false, hashedPackets, unhashedPackets, rand) + { + } + + /// + /// Create a new key ring generator. + /// + /// + /// Conversion of the passphrase characters to bytes is performed using Convert.ToByte(), which is + /// the historical behaviour of the library (1.7 and earlier). + /// + /// The certification level for keys on this ring. + /// The master key pair. + /// The id to be associated with the ring. + /// The algorithm to be used to protect secret keys. + /// The passPhrase to be used to protect secret keys. + /// Checksum the secret keys with SHA1 rather than the older 16 bit checksum. + /// Packets to be included in the certification hash. + /// Packets to be attached unhashed to the certification. + /// input secured random. + public PgpKeyRingGenerator( + int certificationLevel, + PgpKeyPair masterKey, + string id, + SymmetricKeyAlgorithmTag encAlgorithm, + char[] passPhrase, + bool useSha1, + PgpSignatureSubpacketVector hashedPackets, + PgpSignatureSubpacketVector unhashedPackets, + SecureRandom rand) + : this(certificationLevel, masterKey, id, encAlgorithm, false, passPhrase, useSha1, hashedPackets, unhashedPackets, rand) + { + } + + /// + /// Create a new key ring generator. + /// + /// The certification level for keys on this ring. + /// The master key pair. + /// The id to be associated with the ring. + /// The algorithm to be used to protect secret keys. + /// + /// If true, conversion of the passphrase to bytes uses Encoding.UTF8.GetBytes(), otherwise the conversion + /// is performed using Convert.ToByte(), which is the historical behaviour of the library (1.7 and earlier). + /// + /// The passPhrase to be used to protect secret keys. + /// Checksum the secret keys with SHA1 rather than the older 16 bit checksum. + /// Packets to be included in the certification hash. + /// Packets to be attached unhashed to the certification. + /// input secured random. + public PgpKeyRingGenerator( + int certificationLevel, + PgpKeyPair masterKey, + string id, + SymmetricKeyAlgorithmTag encAlgorithm, + bool utf8PassPhrase, + char[] passPhrase, + bool useSha1, + PgpSignatureSubpacketVector hashedPackets, + PgpSignatureSubpacketVector unhashedPackets, + SecureRandom rand) + : this(certificationLevel, masterKey, id, encAlgorithm, + PgpUtilities.EncodePassPhrase(passPhrase, utf8PassPhrase), + useSha1, hashedPackets, unhashedPackets, rand) + { + } + + /// + /// Create a new key ring generator. + /// + /// The certification level for keys on this ring. + /// The master key pair. + /// The id to be associated with the ring. + /// The algorithm to be used to protect secret keys. + /// The passPhrase to be used to protect secret keys. + /// Checksum the secret keys with SHA1 rather than the older 16 bit checksum. + /// Packets to be included in the certification hash. + /// Packets to be attached unhashed to the certification. + /// input secured random. + public PgpKeyRingGenerator( + int certificationLevel, + PgpKeyPair masterKey, + string id, + SymmetricKeyAlgorithmTag encAlgorithm, + byte[] rawPassPhrase, + bool useSha1, + PgpSignatureSubpacketVector hashedPackets, + PgpSignatureSubpacketVector unhashedPackets, + SecureRandom rand) + { + this.certificationLevel = certificationLevel; + this.masterKey = masterKey; + this.id = id; + this.encAlgorithm = encAlgorithm; + this.rawPassPhrase = rawPassPhrase; + this.useSha1 = useSha1; + this.hashedPacketVector = hashedPackets; + this.unhashedPacketVector = unhashedPackets; + this.rand = rand; + + keys.Add(new PgpSecretKey(certificationLevel, masterKey, id, encAlgorithm, rawPassPhrase, false, useSha1, hashedPackets, unhashedPackets, rand)); + } + + /// + /// Create a new key ring generator. + /// + /// + /// Conversion of the passphrase characters to bytes is performed using Convert.ToByte(), which is + /// the historical behaviour of the library (1.7 and earlier). + /// + /// The certification level for keys on this ring. + /// The master key pair. + /// The id to be associated with the ring. + /// The algorithm to be used to protect secret keys. + /// The hash algorithm. + /// The passPhrase to be used to protect secret keys. + /// Checksum the secret keys with SHA1 rather than the older 16 bit checksum. + /// Packets to be included in the certification hash. + /// Packets to be attached unhashed to the certification. + /// input secured random. + public PgpKeyRingGenerator( + int certificationLevel, + PgpKeyPair masterKey, + string id, + SymmetricKeyAlgorithmTag encAlgorithm, + HashAlgorithmTag hashAlgorithm, + char[] passPhrase, + bool useSha1, + PgpSignatureSubpacketVector hashedPackets, + PgpSignatureSubpacketVector unhashedPackets, + SecureRandom rand) + : this(certificationLevel, masterKey, id, encAlgorithm, hashAlgorithm, false, passPhrase, useSha1, hashedPackets, unhashedPackets, rand) + { + } + + /// + /// Create a new key ring generator. + /// + /// The certification level for keys on this ring. + /// The master key pair. + /// The id to be associated with the ring. + /// The algorithm to be used to protect secret keys. + /// The hash algorithm. + /// + /// If true, conversion of the passphrase to bytes uses Encoding.UTF8.GetBytes(), otherwise the conversion + /// is performed using Convert.ToByte(), which is the historical behaviour of the library (1.7 and earlier). + /// + /// The passPhrase to be used to protect secret keys. + /// Checksum the secret keys with SHA1 rather than the older 16 bit checksum. + /// Packets to be included in the certification hash. + /// Packets to be attached unhashed to the certification. + /// input secured random. + public PgpKeyRingGenerator( + int certificationLevel, + PgpKeyPair masterKey, + string id, + SymmetricKeyAlgorithmTag encAlgorithm, + HashAlgorithmTag hashAlgorithm, + bool utf8PassPhrase, + char[] passPhrase, + bool useSha1, + PgpSignatureSubpacketVector hashedPackets, + PgpSignatureSubpacketVector unhashedPackets, + SecureRandom rand) + : this(certificationLevel, masterKey, id, encAlgorithm, hashAlgorithm, + PgpUtilities.EncodePassPhrase(passPhrase, utf8PassPhrase), + useSha1, hashedPackets, unhashedPackets, rand) + { + } + + /// + /// Create a new key ring generator. + /// + /// + /// Allows the caller to handle the encoding of the passphrase to bytes. + /// + /// The certification level for keys on this ring. + /// The master key pair. + /// The id to be associated with the ring. + /// The algorithm to be used to protect secret keys. + /// The hash algorithm. + /// The passPhrase to be used to protect secret keys. + /// Checksum the secret keys with SHA1 rather than the older 16 bit checksum. + /// Packets to be included in the certification hash. + /// Packets to be attached unhashed to the certification. + /// input secured random. + public PgpKeyRingGenerator( + int certificationLevel, + PgpKeyPair masterKey, + string id, + SymmetricKeyAlgorithmTag encAlgorithm, + HashAlgorithmTag hashAlgorithm, + byte[] rawPassPhrase, + bool useSha1, + PgpSignatureSubpacketVector hashedPackets, + PgpSignatureSubpacketVector unhashedPackets, + SecureRandom rand) + { + this.certificationLevel = certificationLevel; + this.masterKey = masterKey; + this.id = id; + this.encAlgorithm = encAlgorithm; + this.rawPassPhrase = rawPassPhrase; + this.useSha1 = useSha1; + this.hashedPacketVector = hashedPackets; + this.unhashedPacketVector = unhashedPackets; + this.rand = rand; + this.hashAlgorithm = hashAlgorithm; + + keys.Add(new PgpSecretKey(certificationLevel, masterKey, id, encAlgorithm, hashAlgorithm, rawPassPhrase, false, useSha1, hashedPackets, unhashedPackets, rand)); + } + + /// Add a subkey to the key ring to be generated with default certification. + public void AddSubKey( + PgpKeyPair keyPair) + { + AddSubKey(keyPair, this.hashedPacketVector, this.unhashedPacketVector); + } + + + /// + /// Add a subkey to the key ring to be generated with default certification. + /// + /// The key pair. + /// The hash algorithm. + public void AddSubKey(PgpKeyPair keyPair, HashAlgorithmTag hashAlgorithm) + { + this.AddSubKey(keyPair, this.hashedPacketVector, this.unhashedPacketVector, hashAlgorithm); + } + + /// + /// Add a signing subkey to the key ring to be generated with default certification and a primary key binding signature. + /// + /// The key pair. + /// The hash algorithm. + /// The primary-key binding hash algorithm. + public void AddSubKey(PgpKeyPair keyPair, HashAlgorithmTag hashAlgorithm, HashAlgorithmTag primaryKeyBindingHashAlgorithm) + { + this.AddSubKey(keyPair, this.hashedPacketVector, this.unhashedPacketVector, hashAlgorithm, primaryKeyBindingHashAlgorithm); + } + + /// + /// Add a subkey with specific hashed and unhashed packets associated with it and + /// default certification using SHA-1. + /// + /// Public/private key pair. + /// Hashed packet values to be included in certification. + /// Unhashed packets values to be included in certification. + /// + public void AddSubKey( + PgpKeyPair keyPair, + PgpSignatureSubpacketVector hashedPackets, + PgpSignatureSubpacketVector unhashedPackets) + { + AddSubKey(keyPair, hashedPackets, unhashedPackets, HashAlgorithmTag.Sha1); + } + + /// + /// Add a subkey with specific hashed and unhashed packets associated with it and + /// default certification. + /// + /// Public/private key pair. + /// Hashed packet values to be included in certification. + /// Unhashed packets values to be included in certification. + /// The hash algorithm. + /// exception adding subkey: + /// + public void AddSubKey( + PgpKeyPair keyPair, + PgpSignatureSubpacketVector hashedPackets, + PgpSignatureSubpacketVector unhashedPackets, + HashAlgorithmTag hashAlgorithm) + { + try + { + PgpSignatureGenerator sGen = new PgpSignatureGenerator(masterKey.PublicKey.Algorithm, hashAlgorithm); + + // + // Generate the certification + // + sGen.InitSign(PgpSignature.SubkeyBinding, masterKey.PrivateKey); + + sGen.SetHashedSubpackets(hashedPackets); + sGen.SetUnhashedSubpackets(unhashedPackets); + + IList subSigs = Platform.CreateArrayList(); + subSigs.Add(sGen.GenerateCertification(masterKey.PublicKey, keyPair.PublicKey)); + + keys.Add(new PgpSecretKey(keyPair.PrivateKey, new PgpPublicKey(keyPair.PublicKey, null, subSigs), encAlgorithm, + rawPassPhrase, false, useSha1, rand, false)); + } + catch (PgpException) + { + throw; + } + catch (Exception e) + { + throw new PgpException("exception adding subkey: ", e); + } + } + + /// + /// Add a signing subkey with specific hashed and unhashed packets associated with it and + /// default certifications, including the primary-key binding signature. + /// + /// Public/private key pair. + /// Hashed packet values to be included in certification. + /// Unhashed packets values to be included in certification. + /// The hash algorithm. + /// The primary-key binding hash algorithm. + /// exception adding subkey: + /// + public void AddSubKey( + PgpKeyPair keyPair, + PgpSignatureSubpacketVector hashedPackets, + PgpSignatureSubpacketVector unhashedPackets, + HashAlgorithmTag hashAlgorithm, + HashAlgorithmTag primaryKeyBindingHashAlgorithm) + { + try + { + PgpSignatureGenerator sGen = new PgpSignatureGenerator(masterKey.PublicKey.Algorithm, hashAlgorithm); + + // + // Generate the certification + // + sGen.InitSign(PgpSignature.SubkeyBinding, masterKey.PrivateKey); + + // add primary key binding sub packet + PgpSignatureGenerator pGen = new PgpSignatureGenerator(keyPair.PublicKey.Algorithm, primaryKeyBindingHashAlgorithm); + + pGen.InitSign(PgpSignature.PrimaryKeyBinding, keyPair.PrivateKey); + + PgpSignatureSubpacketGenerator spGen = new PgpSignatureSubpacketGenerator(hashedPackets); + + spGen.SetEmbeddedSignature(false, + pGen.GenerateCertification(masterKey.PublicKey, keyPair.PublicKey)); + + sGen.SetHashedSubpackets(spGen.Generate()); + sGen.SetUnhashedSubpackets(unhashedPackets); + + IList subSigs = Platform.CreateArrayList(); + subSigs.Add(sGen.GenerateCertification(masterKey.PublicKey, keyPair.PublicKey)); + + keys.Add(new PgpSecretKey(keyPair.PrivateKey, new PgpPublicKey(keyPair.PublicKey, null, subSigs), encAlgorithm, + rawPassPhrase, false, useSha1, rand, false)); + } + catch (PgpException) + { + throw; + } + catch (Exception e) + { + throw new PgpException("exception adding subkey: ", e); + } + } + + /// Return the secret key ring. + public PgpSecretKeyRing GenerateSecretKeyRing() + { + return new PgpSecretKeyRing(keys); + } + + /// Return the public key ring that corresponds to the secret key ring. + public PgpPublicKeyRing GeneratePublicKeyRing() + { + IList pubKeys = Platform.CreateArrayList(); + + IEnumerator enumerator = keys.GetEnumerator(); + enumerator.MoveNext(); + + PgpSecretKey pgpSecretKey = (PgpSecretKey) enumerator.Current; + pubKeys.Add(pgpSecretKey.PublicKey); + + while (enumerator.MoveNext()) + { + pgpSecretKey = (PgpSecretKey) enumerator.Current; + + PgpPublicKey k = new PgpPublicKey(pgpSecretKey.PublicKey); + k.publicPk = new PublicSubkeyPacket( + k.Algorithm, k.CreationTime, k.publicPk.Key); + + pubKeys.Add(k); + } + + return new PgpPublicKeyRing(pubKeys); + } + } +} diff --git a/BouncyCastle/crypto/src/openpgp/PgpKeyValidationException.cs b/BouncyCastle/crypto/src/openpgp/PgpKeyValidationException.cs new file mode 100644 index 0000000..383ae57 --- /dev/null +++ b/BouncyCastle/crypto/src/openpgp/PgpKeyValidationException.cs @@ -0,0 +1,18 @@ +using System; + +namespace Org.BouncyCastle.Bcpg.OpenPgp +{ + /// + /// Thrown if the key checksum is invalid. + /// +#if !(NETCF_1_0 || NETCF_2_0 || SILVERLIGHT || PORTABLE) + [Serializable] +#endif + public class PgpKeyValidationException + : PgpException + { + public PgpKeyValidationException() : base() {} + public PgpKeyValidationException(string message) : base(message) {} + public PgpKeyValidationException(string message, Exception exception) : base(message, exception) {} + } +} diff --git a/BouncyCastle/crypto/src/openpgp/PgpLiteralData.cs b/BouncyCastle/crypto/src/openpgp/PgpLiteralData.cs new file mode 100644 index 0000000..d1b7b4a --- /dev/null +++ b/BouncyCastle/crypto/src/openpgp/PgpLiteralData.cs @@ -0,0 +1,67 @@ +using System; +using System.IO; + +using Org.BouncyCastle.Utilities.Date; + +namespace Org.BouncyCastle.Bcpg.OpenPgp +{ + /// Class for processing literal data objects. + public class PgpLiteralData + : PgpObject + { + public const char Binary = 'b'; + public const char Text = 't'; + public const char Utf8 = 'u'; + + /// The special name indicating a "for your eyes only" packet. + public const string Console = "_CONSOLE"; + + private readonly LiteralDataPacket data; + + public PgpLiteralData( + BcpgInputStream bcpgInput) + { + Packet packet = bcpgInput.ReadPacket(); + if (!(packet is LiteralDataPacket)) + throw new IOException("unexpected packet in stream: " + packet); + + this.data = (LiteralDataPacket)packet; + } + + /// The format of the data stream - Binary or Text + public int Format + { + get { return data.Format; } + } + + /// The file name that's associated with the data stream. + public string FileName + { + get { return data.FileName; } + } + + /// Return the file name as an unintrepreted byte array. + public byte[] GetRawFileName() + { + return data.GetRawFileName(); + } + + /// The modification time for the file. + public DateTime ModificationTime + { + get { return DateTimeUtilities.UnixMsToDateTime(data.ModificationTime); } + } + + /// The raw input stream for the data stream. + public Stream GetInputStream() + { + return data.GetInputStream(); + } + + /// The input stream representing the data stream. + public Stream GetDataStream() + { + return GetInputStream(); + } + } +} diff --git a/BouncyCastle/crypto/src/openpgp/PgpLiteralDataGenerator.cs b/BouncyCastle/crypto/src/openpgp/PgpLiteralDataGenerator.cs new file mode 100644 index 0000000..7672659 --- /dev/null +++ b/BouncyCastle/crypto/src/openpgp/PgpLiteralDataGenerator.cs @@ -0,0 +1,182 @@ +using System; +using System.IO; +using System.Text; + +using Org.BouncyCastle.Utilities; +using Org.BouncyCastle.Utilities.Date; + +namespace Org.BouncyCastle.Bcpg.OpenPgp +{ + /// Class for producing literal data packets. + public class PgpLiteralDataGenerator + : IStreamGenerator + { + public const char Binary = PgpLiteralData.Binary; + public const char Text = PgpLiteralData.Text; + public const char Utf8 = PgpLiteralData.Utf8; + + /// The special name indicating a "for your eyes only" packet. + public const string Console = PgpLiteralData.Console; + + private BcpgOutputStream pkOut; + private bool oldFormat; + + public PgpLiteralDataGenerator() + { + } + + /// + /// Generates literal data objects in the old format. + /// This is important if you need compatibility with PGP 2.6.x. + /// + /// If true, uses old format. + public PgpLiteralDataGenerator( + bool oldFormat) + { + this.oldFormat = oldFormat; + } + + private void WriteHeader( + BcpgOutputStream outStr, + char format, + byte[] encName, + long modificationTime) + { + outStr.Write( + (byte) format, + (byte) encName.Length); + + outStr.Write(encName); + + long modDate = modificationTime / 1000L; + + outStr.Write( + (byte)(modDate >> 24), + (byte)(modDate >> 16), + (byte)(modDate >> 8), + (byte)modDate); + } + + /// + ///

    + /// Open a literal data packet, returning a stream to store the data inside the packet. + ///

    + ///

    + /// The stream created can be closed off by either calling Close() + /// on the stream or Close() on the generator. Closing the returned + /// stream does not close off the Stream parameter outStr. + ///

    + ///     + /// The stream we want the packet in. + /// The format we are using. + /// The name of the 'file'. + /// The length of the data we will write. + /// The time of last modification we want stored. + public Stream Open( + Stream outStr, + char format, + string name, + long length, + DateTime modificationTime) + { + if (pkOut != null) + throw new InvalidOperationException("generator already in open state"); + if (outStr == null) + throw new ArgumentNullException("outStr"); + + // Do this first, since it might throw an exception + long unixMs = DateTimeUtilities.DateTimeToUnixMs(modificationTime); + + byte[] encName = Strings.ToUtf8ByteArray(name); + + pkOut = new BcpgOutputStream(outStr, PacketTag.LiteralData, + length + 2 + encName.Length + 4, oldFormat); + + WriteHeader(pkOut, format, encName, unixMs); + + return new WrappedGeneratorStream(this, pkOut); + } + + /// + ///

    + /// Open a literal data packet, returning a stream to store the data inside the packet, + /// as an indefinite length stream. The stream is written out as a series of partial + /// packets with a chunk size determined by the size of the passed in buffer. + ///

    + ///

    + /// The stream created can be closed off by either calling Close() + /// on the stream or Close() on the generator. Closing the returned + /// stream does not close off the Stream parameter outStr. + ///

    + ///

    + /// Note: if the buffer is not a power of 2 in length only the largest power of 2 + /// bytes worth of the buffer will be used.

    + ///     + /// The stream we want the packet in. + /// The format we are using. + /// The name of the 'file'. + /// The time of last modification we want stored. + /// The buffer to use for collecting data to put into chunks. + public Stream Open( + Stream outStr, + char format, + string name, + DateTime modificationTime, + byte[] buffer) + { + if (pkOut != null) + throw new InvalidOperationException("generator already in open state"); + if (outStr == null) + throw new ArgumentNullException("outStr"); + + // Do this first, since it might throw an exception + long unixMs = DateTimeUtilities.DateTimeToUnixMs(modificationTime); + + byte[] encName = Strings.ToUtf8ByteArray(name); + + pkOut = new BcpgOutputStream(outStr, PacketTag.LiteralData, buffer); + + WriteHeader(pkOut, format, encName, unixMs); + + return new WrappedGeneratorStream(this, pkOut); + } + +#if !PORTABLE || DOTNET + /// + ///

    + /// Open a literal data packet for the passed in FileInfo object, returning + /// an output stream for saving the file contents. + ///

    + ///

    + /// The stream created can be closed off by either calling Close() + /// on the stream or Close() on the generator. Closing the returned + /// stream does not close off the Stream parameter outStr. + ///

    + ///     + /// The stream we want the packet in. + /// The format we are using. + /// The FileInfo object containg the packet details. + public Stream Open( + Stream outStr, + char format, + FileInfo file) + { + return Open(outStr, format, file.Name, file.Length, file.LastWriteTime); + } +#endif + + /// + /// Close the literal data packet - this is equivalent to calling Close() + /// on the stream returned by the Open() method. + /// + public void Close() + { + if (pkOut != null) + { + pkOut.Finish(); + pkOut.Flush(); + pkOut = null; + } + } + } +} diff --git a/BouncyCastle/crypto/src/openpgp/PgpMarker.cs b/BouncyCastle/crypto/src/openpgp/PgpMarker.cs new file mode 100644 index 0000000..7257767 --- /dev/null +++ b/BouncyCastle/crypto/src/openpgp/PgpMarker.cs @@ -0,0 +1,25 @@ +using System; +using System.IO; + +namespace Org.BouncyCastle.Bcpg.OpenPgp +{ + /// + /// A PGP marker packet - in general these should be ignored other than where + /// the idea is to preserve the original input stream. + /// + public class PgpMarker + : PgpObject + { + private readonly MarkerPacket data; + + public PgpMarker( + BcpgInputStream bcpgInput) + { + Packet packet = bcpgInput.ReadPacket(); + if (!(packet is MarkerPacket)) + throw new IOException("unexpected packet in stream: " + packet); + + this.data = (MarkerPacket)packet; + } + } +} diff --git a/BouncyCastle/crypto/src/openpgp/PgpObjectFactory.cs b/BouncyCastle/crypto/src/openpgp/PgpObjectFactory.cs new file mode 100644 index 0000000..c67c7cc --- /dev/null +++ b/BouncyCastle/crypto/src/openpgp/PgpObjectFactory.cs @@ -0,0 +1,168 @@ +using System; +using System.Collections; +using System.IO; + +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Bcpg.OpenPgp +{ + /// + /// General class for reading a PGP object stream. + ///

    + /// Note: if this class finds a PgpPublicKey or a PgpSecretKey it + /// will create a PgpPublicKeyRing, or a PgpSecretKeyRing for each + /// key found. If all you are trying to do is read a key ring file use + /// either PgpPublicKeyRingBundle or PgpSecretKeyRingBundle.

    + ///     + public class PgpObjectFactory + { + private readonly BcpgInputStream bcpgIn; + + public PgpObjectFactory( + Stream inputStream) + { + this.bcpgIn = BcpgInputStream.Wrap(inputStream); + } + + public PgpObjectFactory( + byte[] bytes) + : this(new MemoryStream(bytes, false)) + { + } + + /// Return the next object in the stream, or null if the end is reached. + /// On a parse error + public PgpObject NextPgpObject() + { + PacketTag tag = bcpgIn.NextPacketTag(); + + if ((int) tag == -1) return null; + + switch (tag) + { + case PacketTag.Signature: + { + IList l = Platform.CreateArrayList(); + + while (bcpgIn.NextPacketTag() == PacketTag.Signature) + { + try + { + l.Add(new PgpSignature(bcpgIn)); + } + catch (UnsupportedPacketVersionException e) + { + // Signatures of unsupported version MUST BE ignored + // see: https://tests.sequoia-pgp.org/#Detached_signatures_with_unknown_packets + continue; + } + catch (PgpException e) + { + throw new IOException("can't create signature object: " + e); + } + } + + PgpSignature[] sigs = new PgpSignature[l.Count]; + for (int i = 0; i < l.Count; ++i) + { + sigs[i] = (PgpSignature)l[i]; + } + return new PgpSignatureList(sigs); + } + case PacketTag.SecretKey: + try + { + return new PgpSecretKeyRing(bcpgIn); + } + catch (PgpException e) + { + throw new IOException("can't create secret key object: " + e); + } + case PacketTag.PublicKey: + return new PgpPublicKeyRing(bcpgIn); + // TODO Make PgpPublicKey a PgpObject or return a PgpPublicKeyRing +// case PacketTag.PublicSubkey: +// return PgpPublicKeyRing.ReadSubkey(bcpgIn); + case PacketTag.CompressedData: + return new PgpCompressedData(bcpgIn); + case PacketTag.LiteralData: + return new PgpLiteralData(bcpgIn); + case PacketTag.PublicKeyEncryptedSession: + case PacketTag.SymmetricKeyEncryptedSessionKey: + return new PgpEncryptedDataList(bcpgIn); + case PacketTag.OnePassSignature: + { + IList l = Platform.CreateArrayList(); + + while (bcpgIn.NextPacketTag() == PacketTag.OnePassSignature) + { + try + { + l.Add(new PgpOnePassSignature(bcpgIn)); + } + catch (PgpException e) + { + throw new IOException("can't create one pass signature object: " + e); + } + } + + PgpOnePassSignature[] sigs = new PgpOnePassSignature[l.Count]; + for (int i = 0; i < l.Count; ++i) + { + sigs[i] = (PgpOnePassSignature)l[i]; + } + return new PgpOnePassSignatureList(sigs); + } + case PacketTag.Marker: + return new PgpMarker(bcpgIn); + case PacketTag.Experimental1: + case PacketTag.Experimental2: + case PacketTag.Experimental3: + case PacketTag.Experimental4: + return new PgpExperimental(bcpgIn); + } + + throw new IOException("unknown object in stream " + bcpgIn.NextPacketTag()); + } + + [Obsolete("Use NextPgpObject() instead")] + public object NextObject() + { + return NextPgpObject(); + } + + /// + /// Return all available objects in a list. + /// + /// An IList containing all objects from this factory, in order. + public IList AllPgpObjects() + { + IList result = Platform.CreateArrayList(); + PgpObject pgpObject; + while ((pgpObject = NextPgpObject()) != null) + { + result.Add(pgpObject); + } + return result; + } + + /// + /// Read all available objects, returning only those that are assignable to the specified type. + /// + /// The type of objects to return. All other objects are ignored. + /// An IList containing the filtered objects from this factory, in order. + public IList FilterPgpObjects(Type type) + { + IList result = Platform.CreateArrayList(); + PgpObject pgpObject; + while ((pgpObject = NextPgpObject()) != null) + { + if (type.IsInstanceOfType(pgpObject)) + { + result.Add(pgpObject); + } + } + return result; + } + } +} diff --git a/BouncyCastle/crypto/src/openpgp/PgpOnePassSignature.cs b/BouncyCastle/crypto/src/openpgp/PgpOnePassSignature.cs new file mode 100644 index 0000000..2fab513 --- /dev/null +++ b/BouncyCastle/crypto/src/openpgp/PgpOnePassSignature.cs @@ -0,0 +1,187 @@ +using System; +using System.IO; + +using Org.BouncyCastle.Crypto; +using Org.BouncyCastle.Security; + +namespace Org.BouncyCastle.Bcpg.OpenPgp +{ + /// A one pass signature object. + public class PgpOnePassSignature + { + private static OnePassSignaturePacket Cast(Packet packet) + { + if (!(packet is OnePassSignaturePacket)) + throw new IOException("unexpected packet in stream: " + packet); + + return (OnePassSignaturePacket)packet; + } + + private readonly OnePassSignaturePacket sigPack; + private readonly int signatureType; + private ISigner sig; + private byte lastb; + + internal PgpOnePassSignature( + BcpgInputStream bcpgInput) + : this(Cast(bcpgInput.ReadPacket())) + { + } + + internal PgpOnePassSignature( + OnePassSignaturePacket sigPack) + { + this.sigPack = sigPack; + this.signatureType = sigPack.SignatureType; + } + + /// Initialise the signature object for verification. + public void InitVerify( + PgpPublicKey pubKey) + { + lastb = 0; + + try + { + sig = SignerUtilities.GetSigner( + PgpUtilities.GetSignatureName(sigPack.KeyAlgorithm, sigPack.HashAlgorithm)); + } + catch (Exception e) + { + throw new PgpException("can't set up signature object.", e); + } + + try + { + sig.Init(false, pubKey.GetKey()); + } + catch (InvalidKeyException e) + { + throw new PgpException("invalid key.", e); + } + } + + public void Update( + byte b) + { + if (signatureType == PgpSignature.CanonicalTextDocument) + { + doCanonicalUpdateByte(b); + } + else + { + sig.Update(b); + } + } + + private void doCanonicalUpdateByte( + byte b) + { + if (b == '\r') + { + doUpdateCRLF(); + } + else if (b == '\n') + { + if (lastb != '\r') + { + doUpdateCRLF(); + } + } + else + { + sig.Update(b); + } + + lastb = b; + } + + private void doUpdateCRLF() + { + sig.Update((byte)'\r'); + sig.Update((byte)'\n'); + } + + public void Update( + byte[] bytes) + { + if (signatureType == PgpSignature.CanonicalTextDocument) + { + for (int i = 0; i != bytes.Length; i++) + { + doCanonicalUpdateByte(bytes[i]); + } + } + else + { + sig.BlockUpdate(bytes, 0, bytes.Length); + } + } + + public void Update( + byte[] bytes, + int off, + int length) + { + if (signatureType == PgpSignature.CanonicalTextDocument) + { + int finish = off + length; + + for (int i = off; i != finish; i++) + { + doCanonicalUpdateByte(bytes[i]); + } + } + else + { + sig.BlockUpdate(bytes, off, length); + } + } + + /// Verify the calculated signature against the passed in PgpSignature. + public bool Verify( + PgpSignature pgpSig) + { + byte[] trailer = pgpSig.GetSignatureTrailer(); + + sig.BlockUpdate(trailer, 0, trailer.Length); + + return sig.VerifySignature(pgpSig.GetSignature()); + } + + public long KeyId + { + get { return sigPack.KeyId; } + } + + public int SignatureType + { + get { return sigPack.SignatureType; } + } + + public HashAlgorithmTag HashAlgorithm + { + get { return sigPack.HashAlgorithm; } + } + + public PublicKeyAlgorithmTag KeyAlgorithm + { + get { return sigPack.KeyAlgorithm; } + } + + public byte[] GetEncoded() + { + MemoryStream bOut = new MemoryStream(); + + Encode(bOut); + + return bOut.ToArray(); + } + + public void Encode( + Stream outStr) + { + BcpgOutputStream.Wrap(outStr).WritePacket(sigPack); + } + } +} diff --git a/BouncyCastle/crypto/src/openpgp/PgpOnePassSignatureList.cs b/BouncyCastle/crypto/src/openpgp/PgpOnePassSignatureList.cs new file mode 100644 index 0000000..37c4288 --- /dev/null +++ b/BouncyCastle/crypto/src/openpgp/PgpOnePassSignatureList.cs @@ -0,0 +1,51 @@ +using System; + +namespace Org.BouncyCastle.Bcpg.OpenPgp +{ + /// Holder for a list of PgpOnePassSignature objects. + public class PgpOnePassSignatureList + : PgpObject + { + private readonly PgpOnePassSignature[] sigs; + + public PgpOnePassSignatureList( + PgpOnePassSignature[] sigs) + { + this.sigs = (PgpOnePassSignature[]) sigs.Clone(); + } + + public PgpOnePassSignatureList( + PgpOnePassSignature sig) + { + this.sigs = new PgpOnePassSignature[]{ sig }; + } + + public PgpOnePassSignature this[int index] + { + get { return sigs[index]; } + } + + [Obsolete("Use 'object[index]' syntax instead")] + public PgpOnePassSignature Get( + int index) + { + return this[index]; + } + + [Obsolete("Use 'Count' property instead")] + public int Size + { + get { return sigs.Length; } + } + + public int Count + { + get { return sigs.Length; } + } + + public bool IsEmpty + { + get { return (sigs.Length == 0); } + } + } +} diff --git a/BouncyCastle/crypto/src/openpgp/PgpPad.cs b/BouncyCastle/crypto/src/openpgp/PgpPad.cs new file mode 100644 index 0000000..227e310 --- /dev/null +++ b/BouncyCastle/crypto/src/openpgp/PgpPad.cs @@ -0,0 +1,65 @@ +using System; + +namespace Org.BouncyCastle.Bcpg.OpenPgp +{ + /// Padding functions. + public sealed class PgpPad + { + private PgpPad() + { + } + + public static byte[] PadSessionData(byte[] sessionInfo) + { + return PadSessionData(sessionInfo, true); + } + + public static byte[] PadSessionData(byte[] sessionInfo, bool obfuscate) + { + int length = sessionInfo.Length; + int paddedLength = ((length >> 3) + 1) << 3; + + if (obfuscate) + { + paddedLength = System.Math.Max(40, paddedLength); + } + + int padCount = paddedLength - length; + byte padByte = (byte)padCount; + + byte[] result = new byte[paddedLength]; + Array.Copy(sessionInfo, 0, result, 0, length); + for (int i = length; i < paddedLength; ++i) + { + result[i] = padByte; + } + return result; + } + + public static byte[] UnpadSessionData(byte[] encoded) + { + int paddedLength = encoded.Length; + byte padByte = encoded[paddedLength - 1]; + int padCount = padByte; + int length = paddedLength - padCount; + int last = length - 1; + + int diff = 0; + for (int i = 0; i < paddedLength; ++i) + { + int mask = (last - i) >> 31; + diff |= (padByte ^ encoded[i]) & mask; + } + + diff |= paddedLength & 7; + diff |= (40 - paddedLength) >> 31; + + if (diff != 0) + throw new PgpException("bad padding found in session data"); + + byte[] result = new byte[length]; + Array.Copy(encoded, 0, result, 0, length); + return result; + } + } +} diff --git a/BouncyCastle/crypto/src/openpgp/PgpPbeEncryptedData.cs b/BouncyCastle/crypto/src/openpgp/PgpPbeEncryptedData.cs new file mode 100644 index 0000000..f43f2f5 --- /dev/null +++ b/BouncyCastle/crypto/src/openpgp/PgpPbeEncryptedData.cs @@ -0,0 +1,160 @@ +using System; +using System.IO; + +using Org.BouncyCastle.Crypto; +using Org.BouncyCastle.Crypto.IO; +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Security; +using Org.BouncyCastle.Utilities.IO; + +namespace Org.BouncyCastle.Bcpg.OpenPgp +{ + /// A password based encryption object. + public class PgpPbeEncryptedData + : PgpEncryptedData + { + private readonly SymmetricKeyEncSessionPacket keyData; + + internal PgpPbeEncryptedData( + SymmetricKeyEncSessionPacket keyData, + InputStreamPacket encData) + : base(encData) + { + this.keyData = keyData; + } + + /// Return the raw input stream for the data stream. + public override Stream GetInputStream() + { + return encData.GetInputStream(); + } + + /// Return the decrypted input stream, using the passed in passphrase. + /// + /// Conversion of the passphrase characters to bytes is performed using Convert.ToByte(), which is + /// the historical behaviour of the library (1.7 and earlier). + /// + public Stream GetDataStream(char[] passPhrase) + { + return DoGetDataStream(PgpUtilities.EncodePassPhrase(passPhrase, false), true); + } + + /// Return the decrypted input stream, using the passed in passphrase. + /// + /// The passphrase is encoded to bytes using UTF8 (Encoding.UTF8.GetBytes). + /// + public Stream GetDataStreamUtf8(char[] passPhrase) + { + return DoGetDataStream(PgpUtilities.EncodePassPhrase(passPhrase, true), true); + } + + /// Return the decrypted input stream, using the passed in passphrase. + /// + /// Allows the caller to handle the encoding of the passphrase to bytes. + /// + public Stream GetDataStreamRaw(byte[] rawPassPhrase) + { + return DoGetDataStream(rawPassPhrase, false); + } + + internal Stream DoGetDataStream(byte[] rawPassPhrase, bool clearPassPhrase) + { + try + { + SymmetricKeyAlgorithmTag keyAlgorithm = keyData.EncAlgorithm; + + KeyParameter key = PgpUtilities.DoMakeKeyFromPassPhrase( + keyAlgorithm, keyData.S2k, rawPassPhrase, clearPassPhrase); + + byte[] secKeyData = keyData.GetSecKeyData(); + if (secKeyData != null && secKeyData.Length > 0) + { + IBufferedCipher keyCipher = CipherUtilities.GetCipher( + PgpUtilities.GetSymmetricCipherName(keyAlgorithm) + "/CFB/NoPadding"); + + keyCipher.Init(false, + new ParametersWithIV(key, new byte[keyCipher.GetBlockSize()])); + + byte[] keyBytes = keyCipher.DoFinal(secKeyData); + + keyAlgorithm = (SymmetricKeyAlgorithmTag) keyBytes[0]; + + key = ParameterUtilities.CreateKeyParameter( + PgpUtilities.GetSymmetricCipherName(keyAlgorithm), + keyBytes, 1, keyBytes.Length - 1); + } + + + IBufferedCipher c = CreateStreamCipher(keyAlgorithm); + + byte[] iv = new byte[c.GetBlockSize()]; + + c.Init(false, new ParametersWithIV(key, iv)); + + encStream = BcpgInputStream.Wrap(new CipherStream(encData.GetInputStream(), c, null)); + + if (encData is SymmetricEncIntegrityPacket) + { + truncStream = new TruncatedStream(encStream); + + string digestName = PgpUtilities.GetDigestName(HashAlgorithmTag.Sha1); + IDigest digest = DigestUtilities.GetDigest(digestName); + + encStream = new DigestStream(truncStream, digest, null); + } + + if (Streams.ReadFully(encStream, iv, 0, iv.Length) < iv.Length) + throw new EndOfStreamException("unexpected end of stream."); + + int v1 = encStream.ReadByte(); + int v2 = encStream.ReadByte(); + + if (v1 < 0 || v2 < 0) + throw new EndOfStreamException("unexpected end of stream."); + + + // Note: the oracle attack on the "quick check" bytes is not deemed + // a security risk for PBE (see PgpPublicKeyEncryptedData) + + bool repeatCheckPassed = + iv[iv.Length - 2] == (byte)v1 + && iv[iv.Length - 1] == (byte)v2; + + // Note: some versions of PGP appear to produce 0 for the extra + // bytes rather than repeating the two previous bytes + bool zeroesCheckPassed = + v1 == 0 + && v2 == 0; + + if (!repeatCheckPassed && !zeroesCheckPassed) + { + throw new PgpDataValidationException("quick check failed."); + } + + + return encStream; + } + catch (PgpException e) + { + throw e; + } + catch (Exception e) + { + throw new PgpException("Exception creating cipher", e); + } + } + + private IBufferedCipher CreateStreamCipher( + SymmetricKeyAlgorithmTag keyAlgorithm) + { + string mode = (encData is SymmetricEncIntegrityPacket) + ? "CFB" + : "OpenPGPCFB"; + + string cName = PgpUtilities.GetSymmetricCipherName(keyAlgorithm) + + "/" + mode + "/NoPadding"; + + return CipherUtilities.GetCipher(cName); + } + } +} diff --git a/BouncyCastle/crypto/src/openpgp/PgpPrivateKey.cs b/BouncyCastle/crypto/src/openpgp/PgpPrivateKey.cs new file mode 100644 index 0000000..61487a5 --- /dev/null +++ b/BouncyCastle/crypto/src/openpgp/PgpPrivateKey.cs @@ -0,0 +1,51 @@ +using System; + +using Org.BouncyCastle.Crypto; + +namespace Org.BouncyCastle.Bcpg.OpenPgp +{ + /// General class to contain a private key for use with other OpenPGP objects. + public class PgpPrivateKey + { + private readonly long keyID; + private readonly PublicKeyPacket publicKeyPacket; + private readonly AsymmetricKeyParameter privateKey; + + /// + /// Create a PgpPrivateKey from a keyID, the associated public data packet, and a regular private key. + /// + /// ID of the corresponding public key. + /// the public key data packet to be associated with this private key. + /// the private key data packet to be associated with this private key. + public PgpPrivateKey( + long keyID, + PublicKeyPacket publicKeyPacket, + AsymmetricKeyParameter privateKey) + { + if (!privateKey.IsPrivate) + throw new ArgumentException("Expected a private key", "privateKey"); + + this.keyID = keyID; + this.publicKeyPacket = publicKeyPacket; + this.privateKey = privateKey; + } + + /// The keyId associated with the contained private key. + public long KeyId + { + get { return keyID; } + } + + /// The public key packet associated with this private key, if available. + public PublicKeyPacket PublicKeyPacket + { + get { return publicKeyPacket; } + } + + /// The contained private key. + public AsymmetricKeyParameter Key + { + get { return privateKey; } + } + } +} diff --git a/BouncyCastle/crypto/src/openpgp/PgpPublicKey.cs b/BouncyCastle/crypto/src/openpgp/PgpPublicKey.cs new file mode 100644 index 0000000..0fcffc3 --- /dev/null +++ b/BouncyCastle/crypto/src/openpgp/PgpPublicKey.cs @@ -0,0 +1,1023 @@ +using System; +using System.Collections; +using System.IO; + +using Org.BouncyCastle.Asn1; +using Org.BouncyCastle.Asn1.Gnu; +using Org.BouncyCastle.Asn1.X9; +using Org.BouncyCastle.Crypto; +using Org.BouncyCastle.Crypto.Generators; +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Math; +using Org.BouncyCastle.Math.EC; +using Org.BouncyCastle.Security; +using Org.BouncyCastle.Utilities; +using Org.BouncyCastle.Utilities.Collections; + +namespace Org.BouncyCastle.Bcpg.OpenPgp +{ + /// General class to handle a PGP public key object. + public class PgpPublicKey + { + public static byte[] CalculateFingerprint(PublicKeyPacket publicPk) + { + IBcpgKey key = publicPk.Key; + IDigest digest; + + if (publicPk.Version <= 3) + { + RsaPublicBcpgKey rK = (RsaPublicBcpgKey)key; + + try + { + digest = DigestUtilities.GetDigest("MD5"); + UpdateDigest(digest, rK.Modulus); + UpdateDigest(digest, rK.PublicExponent); + } + catch (Exception e) + { + throw new PgpException("can't encode key components: " + e.Message, e); + } + } + else + { + try + { + byte[] kBytes = publicPk.GetEncodedContents(); + + digest = DigestUtilities.GetDigest("SHA1"); + + digest.Update(0x99); + digest.Update((byte)(kBytes.Length >> 8)); + digest.Update((byte)kBytes.Length); + digest.BlockUpdate(kBytes, 0, kBytes.Length); + } + catch (Exception e) + { + throw new PgpException("can't encode key components: " + e.Message, e); + } + } + + return DigestUtilities.DoFinal(digest); + } + + private static void UpdateDigest(IDigest d, BigInteger b) + { + byte[] bytes = b.ToByteArrayUnsigned(); + d.BlockUpdate(bytes, 0, bytes.Length); + } + + private static readonly int[] MasterKeyCertificationTypes = new int[] + { + PgpSignature.PositiveCertification, + PgpSignature.CasualCertification, + PgpSignature.NoCertification, + PgpSignature.DefaultCertification, + PgpSignature.DirectKey, + }; + + private long keyId; + private byte[] fingerprint; + private int keyStrength; + + internal PublicKeyPacket publicPk; + internal TrustPacket trustPk; + internal IList keySigs = Platform.CreateArrayList(); + internal IList ids = Platform.CreateArrayList(); + internal IList idTrusts = Platform.CreateArrayList(); + internal IList idSigs = Platform.CreateArrayList(); + internal IList subSigs; + + private void Init() + { + IBcpgKey key = publicPk.Key; + + this.fingerprint = CalculateFingerprint(publicPk); + + if (publicPk.Version <= 3) + { + RsaPublicBcpgKey rK = (RsaPublicBcpgKey) key; + + this.keyId = rK.Modulus.LongValue; + this.keyStrength = rK.Modulus.BitLength; + } + else + { + this.keyId = (long)(((ulong)fingerprint[fingerprint.Length - 8] << 56) + | ((ulong)fingerprint[fingerprint.Length - 7] << 48) + | ((ulong)fingerprint[fingerprint.Length - 6] << 40) + | ((ulong)fingerprint[fingerprint.Length - 5] << 32) + | ((ulong)fingerprint[fingerprint.Length - 4] << 24) + | ((ulong)fingerprint[fingerprint.Length - 3] << 16) + | ((ulong)fingerprint[fingerprint.Length - 2] << 8) + | (ulong)fingerprint[fingerprint.Length - 1]); + + if (key is RsaPublicBcpgKey) + { + this.keyStrength = ((RsaPublicBcpgKey)key).Modulus.BitLength; + } + else if (key is DsaPublicBcpgKey) + { + this.keyStrength = ((DsaPublicBcpgKey)key).P.BitLength; + } + else if (key is ElGamalPublicBcpgKey) + { + this.keyStrength = ((ElGamalPublicBcpgKey)key).P.BitLength; + } + else if (key is ECPublicBcpgKey) + { + DerObjectIdentifier curveOid = ((ECPublicBcpgKey)key).CurveOid; + if (GnuObjectIdentifiers.Ed25519.Equals(curveOid) + //|| CryptlibObjectIdentifiers.curvey25519.Equals(curveOid) + ) + { + this.keyStrength = 256; + } + else + { + X9ECParametersHolder ecParameters = ECKeyPairGenerator.FindECCurveByOidLazy(curveOid); + + if (ecParameters != null) + { + this.keyStrength = ecParameters.Curve.FieldSize; + } + else + { + this.keyStrength = -1; // unknown + } + } + } + } + } + + /// + /// Create a PgpPublicKey from the passed in lightweight one. + /// + /// + /// Note: the time passed in affects the value of the key's keyId, so you probably only want + /// to do this once for a lightweight key, or make sure you keep track of the time you used. + /// + /// Asymmetric algorithm type representing the public key. + /// Actual public key to associate. + /// Date of creation. + /// If pubKey is not public. + /// On key creation problem. + public PgpPublicKey( + PublicKeyAlgorithmTag algorithm, + AsymmetricKeyParameter pubKey, + DateTime time) + { + if (pubKey.IsPrivate) + throw new ArgumentException("Expected a public key", "pubKey"); + + IBcpgKey bcpgKey; + if (pubKey is RsaKeyParameters) + { + RsaKeyParameters rK = (RsaKeyParameters) pubKey; + + bcpgKey = new RsaPublicBcpgKey(rK.Modulus, rK.Exponent); + } + else if (pubKey is DsaPublicKeyParameters) + { + DsaPublicKeyParameters dK = (DsaPublicKeyParameters) pubKey; + DsaParameters dP = dK.Parameters; + + bcpgKey = new DsaPublicBcpgKey(dP.P, dP.Q, dP.G, dK.Y); + } + else if (pubKey is ECPublicKeyParameters) + { + ECPublicKeyParameters ecK = (ECPublicKeyParameters)pubKey; + + if (algorithm == PublicKeyAlgorithmTag.ECDH) + { + bcpgKey = new ECDHPublicBcpgKey(ecK.PublicKeyParamSet, ecK.Q, HashAlgorithmTag.Sha256, SymmetricKeyAlgorithmTag.Aes128); + } + else if (algorithm == PublicKeyAlgorithmTag.ECDsa) + { + bcpgKey = new ECDsaPublicBcpgKey(ecK.PublicKeyParamSet, ecK.Q); + } + else + { + throw new PgpException("unknown EC algorithm"); + } + } + else if (pubKey is ElGamalPublicKeyParameters) + { + ElGamalPublicKeyParameters eK = (ElGamalPublicKeyParameters) pubKey; + ElGamalParameters eS = eK.Parameters; + + bcpgKey = new ElGamalPublicBcpgKey(eS.P, eS.G, eK.Y); + } + else + { + throw new PgpException("unknown key class"); + } + + this.publicPk = new PublicKeyPacket(algorithm, time, bcpgKey); + this.ids = Platform.CreateArrayList(); + this.idSigs = Platform.CreateArrayList(); + + try + { + Init(); + } + catch (IOException e) + { + throw new PgpException("exception calculating keyId", e); + } + } + + public PgpPublicKey(PublicKeyPacket publicPk) + : this(publicPk, Platform.CreateArrayList(), Platform.CreateArrayList()) + { + } + + /// Constructor for a sub-key. + internal PgpPublicKey( + PublicKeyPacket publicPk, + TrustPacket trustPk, + IList sigs) + { + this.publicPk = publicPk; + this.trustPk = trustPk; + this.subSigs = sigs; + + Init(); + } + + internal PgpPublicKey( + PgpPublicKey key, + TrustPacket trust, + IList subSigs) + { + this.publicPk = key.publicPk; + this.trustPk = trust; + this.subSigs = subSigs; + + this.fingerprint = key.fingerprint; + this.keyId = key.keyId; + this.keyStrength = key.keyStrength; + } + + /// Copy constructor. + /// The public key to copy. + internal PgpPublicKey( + PgpPublicKey pubKey) + { + this.publicPk = pubKey.publicPk; + + this.keySigs = Platform.CreateArrayList(pubKey.keySigs); + this.ids = Platform.CreateArrayList(pubKey.ids); + this.idTrusts = Platform.CreateArrayList(pubKey.idTrusts); + this.idSigs = Platform.CreateArrayList(pubKey.idSigs.Count); + for (int i = 0; i != pubKey.idSigs.Count; i++) + { + this.idSigs.Add(Platform.CreateArrayList((IList)pubKey.idSigs[i])); + } + + if (pubKey.subSigs != null) + { + this.subSigs = Platform.CreateArrayList(pubKey.subSigs.Count); + for (int i = 0; i != pubKey.subSigs.Count; i++) + { + this.subSigs.Add(pubKey.subSigs[i]); + } + } + + this.fingerprint = pubKey.fingerprint; + this.keyId = pubKey.keyId; + this.keyStrength = pubKey.keyStrength; + } + + internal PgpPublicKey( + PublicKeyPacket publicPk, + TrustPacket trustPk, + IList keySigs, + IList ids, + IList idTrusts, + IList idSigs) + { + this.publicPk = publicPk; + this.trustPk = trustPk; + this.keySigs = keySigs; + this.ids = ids; + this.idTrusts = idTrusts; + this.idSigs = idSigs; + + Init(); + } + + internal PgpPublicKey( + PublicKeyPacket publicPk, + IList ids, + IList idSigs) + { + this.publicPk = publicPk; + this.ids = ids; + this.idSigs = idSigs; + Init(); + } + + /// The version of this key. + public int Version + { + get { return publicPk.Version; } + } + + /// The creation time of this key. + public DateTime CreationTime + { + get { return publicPk.GetTime(); } + } + + /// The number of valid days from creation time - zero means no expiry. + /// WARNING: This method will return 1 for keys with version > 3 that expire in less than 1 day + [Obsolete("Use 'GetValidSeconds' instead")] + public int ValidDays + { + get + { + if (publicPk.Version <= 3) + { + return publicPk.ValidDays; + } + + long expSecs = GetValidSeconds(); + if (expSecs <= 0) + return 0; + + int days = (int)(expSecs / (24 * 60 * 60)); + return System.Math.Max(1, days); + } + } + + /// Return the trust data associated with the public key, if present. + /// A byte array with trust data, null otherwise. + public byte[] GetTrustData() + { + if (trustPk == null) + { + return null; + } + + return Arrays.Clone(trustPk.GetLevelAndTrustAmount()); + } + + /// The number of valid seconds from creation time - zero means no expiry. + public long GetValidSeconds() + { + if (publicPk.Version <= 3) + { + return (long)publicPk.ValidDays * (24 * 60 * 60); + } + + if (IsMasterKey) + { + for (int i = 0; i != MasterKeyCertificationTypes.Length; i++) + { + long seconds = GetExpirationTimeFromSig(true, MasterKeyCertificationTypes[i]); + if (seconds >= 0) + { + return seconds; + } + } + } + else + { + long seconds = GetExpirationTimeFromSig(false, PgpSignature.SubkeyBinding); + if (seconds >= 0) + { + return seconds; + } + + seconds = GetExpirationTimeFromSig(false, PgpSignature.DirectKey); + if (seconds >= 0) + { + return seconds; + } + } + + return 0; + } + + private long GetExpirationTimeFromSig(bool selfSigned, int signatureType) + { + long expiryTime = -1; + long lastDate = -1; + + foreach (PgpSignature sig in GetSignaturesOfType(signatureType)) + { + if (selfSigned && sig.KeyId != this.KeyId) + continue; + + PgpSignatureSubpacketVector hashed = sig.GetHashedSubPackets(); + if (hashed == null) + continue; + + if (!hashed.HasSubpacket(SignatureSubpacketTag.KeyExpireTime)) + continue; + + long current = hashed.GetKeyExpirationTime(); + + if (sig.KeyId == this.KeyId) + { + if (sig.CreationTime.Ticks > lastDate) + { + lastDate = sig.CreationTime.Ticks; + expiryTime = current; + } + } + else if (current == 0 || current > expiryTime) + { + expiryTime = current; + } + } + + return expiryTime; + } + + /// The keyId associated with the public key. + public long KeyId + { + get { return keyId; } + } + + /// The fingerprint of the key + public byte[] GetFingerprint() + { + return (byte[]) fingerprint.Clone(); + } + + /// + /// Check if this key has an algorithm type that makes it suitable to use for encryption. + /// + /// + /// Note: with version 4 keys KeyFlags subpackets should also be considered when present for + /// determining the preferred use of the key. + /// + /// + /// true if this key algorithm is suitable for encryption. + /// + public bool IsEncryptionKey + { + get + { + switch (publicPk.Algorithm) + { + case PublicKeyAlgorithmTag.ECDH: + case PublicKeyAlgorithmTag.ElGamalEncrypt: + case PublicKeyAlgorithmTag.ElGamalGeneral: + case PublicKeyAlgorithmTag.RsaEncrypt: + case PublicKeyAlgorithmTag.RsaGeneral: + return true; + default: + return false; + } + } + } + + /// True, if this could be a master key. + public bool IsMasterKey + { + get + { + // this might seem a bit excessive, but we're also trying to flag something can't be a master key. + return !(publicPk is PublicSubkeyPacket) + && !(this.IsEncryptionKey && publicPk.Algorithm != PublicKeyAlgorithmTag.RsaGeneral); + } + } + + /// The algorithm code associated with the public key. + public PublicKeyAlgorithmTag Algorithm + { + get { return publicPk.Algorithm; } + } + + /// The strength of the key in bits. + public int BitStrength + { + get { return keyStrength; } + } + + /// The public key contained in the object. + /// A lightweight public key. + /// If the key algorithm is not recognised. + public AsymmetricKeyParameter GetKey() + { + try + { + switch (publicPk.Algorithm) + { + case PublicKeyAlgorithmTag.RsaEncrypt: + case PublicKeyAlgorithmTag.RsaGeneral: + case PublicKeyAlgorithmTag.RsaSign: + RsaPublicBcpgKey rsaK = (RsaPublicBcpgKey)publicPk.Key; + return new RsaKeyParameters(false, rsaK.Modulus, rsaK.PublicExponent); + case PublicKeyAlgorithmTag.Dsa: + DsaPublicBcpgKey dsaK = (DsaPublicBcpgKey)publicPk.Key; + return new DsaPublicKeyParameters(dsaK.Y, new DsaParameters(dsaK.P, dsaK.Q, dsaK.G)); + case PublicKeyAlgorithmTag.ECDsa: + return GetECKey("ECDSA"); + case PublicKeyAlgorithmTag.ECDH: + return GetECKey("ECDH"); + case PublicKeyAlgorithmTag.ElGamalEncrypt: + case PublicKeyAlgorithmTag.ElGamalGeneral: + ElGamalPublicBcpgKey elK = (ElGamalPublicBcpgKey)publicPk.Key; + return new ElGamalPublicKeyParameters(elK.Y, new ElGamalParameters(elK.P, elK.G)); + default: + throw new PgpException("unknown public key algorithm encountered"); + } + } + catch (PgpException e) + { + throw e; + } + catch (Exception e) + { + throw new PgpException("exception constructing public key", e); + } + } + + private ECPublicKeyParameters GetECKey(string algorithm) + { + ECPublicBcpgKey ecK = (ECPublicBcpgKey)publicPk.Key; + X9ECParameters x9 = ECKeyPairGenerator.FindECCurveByOid(ecK.CurveOid); + ECPoint q = x9.Curve.DecodePoint(BigIntegers.AsUnsignedByteArray(ecK.EncodedPoint)); + return new ECPublicKeyParameters(algorithm, q, ecK.CurveOid); + } + + /// Allows enumeration of any user IDs associated with the key. + /// An IEnumerable of string objects. + public IEnumerable GetUserIds() + { + IList temp = Platform.CreateArrayList(); + + foreach (object o in ids) + { + if (o is string) + { + temp.Add(o); + } + } + + return new EnumerableProxy(temp); + } + + /// Allows enumeration of any user attribute vectors associated with the key. + /// An IEnumerable of PgpUserAttributeSubpacketVector objects. + public IEnumerable GetUserAttributes() + { + IList temp = Platform.CreateArrayList(); + + foreach (object o in ids) + { + if (o is PgpUserAttributeSubpacketVector) + { + temp.Add(o); + } + } + + return new EnumerableProxy(temp); + } + + /// Allows enumeration of any signatures associated with the passed in id. + /// The ID to be matched. + /// An IEnumerable of PgpSignature objects. + public IEnumerable GetSignaturesForId(string id) + { + if (id == null) + throw new ArgumentNullException("id"); + + IList signatures = Platform.CreateArrayList(); + bool userIdFound = false; + + for (int i = 0; i != ids.Count; i++) + { + if (id.Equals(ids[i])) + { + userIdFound = true; + CollectionUtilities.AddRange(signatures, (IList)idSigs[i]); + } + } + + return userIdFound ? signatures : null; + } + + /// Allows enumeration of signatures associated with the passed in user attributes. + /// The vector of user attributes to be matched. + /// An IEnumerable of PgpSignature objects. + public IEnumerable GetSignaturesForUserAttribute(PgpUserAttributeSubpacketVector userAttributes) + { + if (userAttributes == null) + throw new ArgumentNullException("userAttributes"); + + IList signatures = Platform.CreateArrayList(); + bool attributeFound = false; + + for (int i = 0; i != ids.Count; i++) + { + if (userAttributes.Equals(ids[i])) + { + attributeFound = true; + CollectionUtilities.AddRange(signatures, (IList)idSigs[i]); + } + } + + return attributeFound ? signatures : null; + } + + /// Allows enumeration of signatures of the passed in type that are on this key. + /// The type of the signature to be returned. + /// An IEnumerable of PgpSignature objects. + public IEnumerable GetSignaturesOfType( + int signatureType) + { + IList temp = Platform.CreateArrayList(); + + foreach (PgpSignature sig in GetSignatures()) + { + if (sig.SignatureType == signatureType) + { + temp.Add(sig); + } + } + + return new EnumerableProxy(temp); + } + + /// Allows enumeration of all signatures/certifications associated with this key. + /// An IEnumerable with all signatures/certifications. + public IEnumerable GetSignatures() + { + IList sigs = subSigs; + if (sigs == null) + { + sigs = Platform.CreateArrayList(keySigs); + + foreach (ICollection extraSigs in idSigs) + { + CollectionUtilities.AddRange(sigs, extraSigs); + } + } + + return new EnumerableProxy(sigs); + } + + /** + * Return all signatures/certifications directly associated with this key (ie, not to a user id). + * + * @return an iterator (possibly empty) with all signatures/certifications. + */ + public IEnumerable GetKeySignatures() + { + IList sigs = subSigs; + if (sigs == null) + { + sigs = Platform.CreateArrayList(keySigs); + } + return new EnumerableProxy(sigs); + } + + public PublicKeyPacket PublicKeyPacket + { + get { return publicPk; } + } + + public byte[] GetEncoded() + { + MemoryStream bOut = new MemoryStream(); + Encode(bOut); + return bOut.ToArray(); + } + + public void Encode( + Stream outStr) + { + BcpgOutputStream bcpgOut = BcpgOutputStream.Wrap(outStr); + + bcpgOut.WritePacket(publicPk); + if (trustPk != null) + { + bcpgOut.WritePacket(trustPk); + } + + if (subSigs == null) // not a sub-key + { + foreach (PgpSignature keySig in keySigs) + { + keySig.Encode(bcpgOut); + } + + for (int i = 0; i != ids.Count; i++) + { + if (ids[i] is string) + { + string id = (string) ids[i]; + + bcpgOut.WritePacket(new UserIdPacket(id)); + } + else + { + PgpUserAttributeSubpacketVector v = (PgpUserAttributeSubpacketVector)ids[i]; + bcpgOut.WritePacket(new UserAttributePacket(v.ToSubpacketArray())); + } + + if (idTrusts[i] != null) + { + bcpgOut.WritePacket((ContainedPacket)idTrusts[i]); + } + + foreach (PgpSignature sig in (IList) idSigs[i]) + { + sig.Encode(bcpgOut); + } + } + } + else + { + foreach (PgpSignature subSig in subSigs) + { + subSig.Encode(bcpgOut); + } + } + } + + /// Check whether this (sub)key has a revocation signature on it. + /// True, if this (sub)key has been revoked. + public bool IsRevoked() + { + int ns = 0; + bool revoked = false; + if (IsMasterKey) // Master key + { + while (!revoked && (ns < keySigs.Count)) + { + if (((PgpSignature)keySigs[ns++]).SignatureType == PgpSignature.KeyRevocation) + { + revoked = true; + } + } + } + else // Sub-key + { + while (!revoked && (ns < subSigs.Count)) + { + if (((PgpSignature)subSigs[ns++]).SignatureType == PgpSignature.SubkeyRevocation) + { + revoked = true; + } + } + } + return revoked; + } + + /// Add a certification for an id to the given public key. + /// The key the certification is to be added to. + /// The ID the certification is associated with. + /// The new certification. + /// The re-certified key. + public static PgpPublicKey AddCertification( + PgpPublicKey key, + string id, + PgpSignature certification) + { + return AddCert(key, id, certification); + } + + /// Add a certification for the given UserAttributeSubpackets to the given public key. + /// The key the certification is to be added to. + /// The attributes the certification is associated with. + /// The new certification. + /// The re-certified key. + public static PgpPublicKey AddCertification( + PgpPublicKey key, + PgpUserAttributeSubpacketVector userAttributes, + PgpSignature certification) + { + return AddCert(key, userAttributes, certification); + } + + private static PgpPublicKey AddCert( + PgpPublicKey key, + object id, + PgpSignature certification) + { + PgpPublicKey returnKey = new PgpPublicKey(key); + IList sigList = null; + + for (int i = 0; i != returnKey.ids.Count; i++) + { + if (id.Equals(returnKey.ids[i])) + { + sigList = (IList) returnKey.idSigs[i]; + } + } + + if (sigList != null) + { + sigList.Add(certification); + } + else + { + sigList = Platform.CreateArrayList(); + sigList.Add(certification); + returnKey.ids.Add(id); + returnKey.idTrusts.Add(null); + returnKey.idSigs.Add(sigList); + } + + return returnKey; + } + + /// + /// Remove any certifications associated with a user attribute subpacket on a key. + /// + /// The key the certifications are to be removed from. + /// The attributes to be removed. + /// + /// The re-certified key, or null if the user attribute subpacket was not found on the key. + /// + public static PgpPublicKey RemoveCertification( + PgpPublicKey key, + PgpUserAttributeSubpacketVector userAttributes) + { + return RemoveCert(key, userAttributes); + } + + /// Remove any certifications associated with a given ID on a key. + /// The key the certifications are to be removed from. + /// The ID that is to be removed. + /// The re-certified key, or null if the ID was not found on the key. + public static PgpPublicKey RemoveCertification( + PgpPublicKey key, + string id) + { + return RemoveCert(key, id); + } + + private static PgpPublicKey RemoveCert( + PgpPublicKey key, + object id) + { + PgpPublicKey returnKey = new PgpPublicKey(key); + bool found = false; + + for (int i = 0; i < returnKey.ids.Count; i++) + { + if (id.Equals(returnKey.ids[i])) + { + found = true; + returnKey.ids.RemoveAt(i); + returnKey.idTrusts.RemoveAt(i); + returnKey.idSigs.RemoveAt(i); + } + } + + return found ? returnKey : null; + } + + /// Remove a certification associated with a given ID on a key. + /// The key the certifications are to be removed from. + /// The ID that the certfication is to be removed from. + /// The certfication to be removed. + /// The re-certified key, or null if the certification was not found. + public static PgpPublicKey RemoveCertification( + PgpPublicKey key, + string id, + PgpSignature certification) + { + return RemoveCert(key, id, certification); + } + + /// Remove a certification associated with a given user attributes on a key. + /// The key the certifications are to be removed from. + /// The user attributes that the certfication is to be removed from. + /// The certification to be removed. + /// The re-certified key, or null if the certification was not found. + public static PgpPublicKey RemoveCertification( + PgpPublicKey key, + PgpUserAttributeSubpacketVector userAttributes, + PgpSignature certification) + { + return RemoveCert(key, userAttributes, certification); + } + + private static PgpPublicKey RemoveCert( + PgpPublicKey key, + object id, + PgpSignature certification) + { + PgpPublicKey returnKey = new PgpPublicKey(key); + bool found = false; + + for (int i = 0; i < returnKey.ids.Count; i++) + { + if (id.Equals(returnKey.ids[i])) + { + IList certs = (IList) returnKey.idSigs[i]; + found = certs.Contains(certification); + + if (found) + { + certs.Remove(certification); + } + } + } + + return found ? returnKey : null; + } + + /// Add a revocation or some other key certification to a key. + /// The key the revocation is to be added to. + /// The key signature to be added. + /// The new changed public key object. + public static PgpPublicKey AddCertification( + PgpPublicKey key, + PgpSignature certification) + { + if (key.IsMasterKey) + { + if (certification.SignatureType == PgpSignature.SubkeyRevocation) + { + throw new ArgumentException("signature type incorrect for master key revocation."); + } + } + else + { + if (certification.SignatureType == PgpSignature.KeyRevocation) + { + throw new ArgumentException("signature type incorrect for sub-key revocation."); + } + } + + PgpPublicKey returnKey = new PgpPublicKey(key); + + if (returnKey.subSigs != null) + { + returnKey.subSigs.Add(certification); + } + else + { + returnKey.keySigs.Add(certification); + } + + return returnKey; + } + + /// Remove a certification from the key. + /// The key the certifications are to be removed from. + /// The certfication to be removed. + /// The modified key, null if the certification was not found. + public static PgpPublicKey RemoveCertification( + PgpPublicKey key, + PgpSignature certification) + { + PgpPublicKey returnKey = new PgpPublicKey(key); + IList sigs = returnKey.subSigs != null + ? returnKey.subSigs + : returnKey.keySigs; + +// bool found = sigs.Remove(certification); + int pos = sigs.IndexOf(certification); + bool found = pos >= 0; + + if (found) + { + sigs.RemoveAt(pos); + } + else + { + foreach (String id in key.GetUserIds()) + { + foreach (object sig in key.GetSignaturesForId(id)) + { + // TODO Is this the right type of equality test? + if (certification == sig) + { + found = true; + returnKey = PgpPublicKey.RemoveCertification(returnKey, id, certification); + } + } + } + + if (!found) + { + foreach (PgpUserAttributeSubpacketVector id in key.GetUserAttributes()) + { + foreach (object sig in key.GetSignaturesForUserAttribute(id)) + { + // TODO Is this the right type of equality test? + if (certification == sig) + { + found = true; + returnKey = PgpPublicKey.RemoveCertification(returnKey, id, certification); + } + } + } + } + } + + return returnKey; + } + } +} diff --git a/BouncyCastle/crypto/src/openpgp/PgpPublicKeyEncryptedData.cs b/BouncyCastle/crypto/src/openpgp/PgpPublicKeyEncryptedData.cs new file mode 100644 index 0000000..04fe3ad --- /dev/null +++ b/BouncyCastle/crypto/src/openpgp/PgpPublicKeyEncryptedData.cs @@ -0,0 +1,277 @@ +using System; +using System.IO; + +using Org.BouncyCastle.Asn1.X9; +using Org.BouncyCastle.Crypto; +using Org.BouncyCastle.Crypto.IO; +using Org.BouncyCastle.Crypto.Generators; +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Math; +using Org.BouncyCastle.Math.EC; +using Org.BouncyCastle.Security; +using Org.BouncyCastle.Utilities.IO; + +namespace Org.BouncyCastle.Bcpg.OpenPgp +{ + /// A public key encrypted data object. + public class PgpPublicKeyEncryptedData + : PgpEncryptedData + { + private PublicKeyEncSessionPacket keyData; + + internal PgpPublicKeyEncryptedData( + PublicKeyEncSessionPacket keyData, + InputStreamPacket encData) + : base(encData) + { + this.keyData = keyData; + } + + private static IBufferedCipher GetKeyCipher( + PublicKeyAlgorithmTag algorithm) + { + try + { + switch (algorithm) + { + case PublicKeyAlgorithmTag.RsaEncrypt: + case PublicKeyAlgorithmTag.RsaGeneral: + return CipherUtilities.GetCipher("RSA//PKCS1Padding"); + case PublicKeyAlgorithmTag.ElGamalEncrypt: + case PublicKeyAlgorithmTag.ElGamalGeneral: + return CipherUtilities.GetCipher("ElGamal/ECB/PKCS1Padding"); + default: + throw new PgpException("unknown asymmetric algorithm: " + algorithm); + } + } + catch (PgpException e) + { + throw e; + } + catch (Exception e) + { + throw new PgpException("Exception creating cipher", e); + } + } + + private bool ConfirmCheckSum( + byte[] sessionInfo) + { + int check = 0; + + for (int i = 1; i != sessionInfo.Length - 2; i++) + { + check += sessionInfo[i] & 0xff; + } + + return (sessionInfo[sessionInfo.Length - 2] == (byte)(check >> 8)) + && (sessionInfo[sessionInfo.Length - 1] == (byte)(check)); + } + + /// The key ID for the key used to encrypt the data. + public long KeyId + { + get { return keyData.KeyId; } + } + + /// + /// Return the algorithm code for the symmetric algorithm used to encrypt the data. + /// + public SymmetricKeyAlgorithmTag GetSymmetricAlgorithm( + PgpPrivateKey privKey) + { + byte[] sessionData = RecoverSessionData(privKey); + + return (SymmetricKeyAlgorithmTag)sessionData[0]; + } + + /// Return the decrypted data stream for the packet. + public Stream GetDataStream( + PgpPrivateKey privKey) + { + byte[] sessionData = RecoverSessionData(privKey); + + if (!ConfirmCheckSum(sessionData)) + throw new PgpKeyValidationException("key checksum failed"); + + SymmetricKeyAlgorithmTag symmAlg = (SymmetricKeyAlgorithmTag)sessionData[0]; + if (symmAlg == SymmetricKeyAlgorithmTag.Null) + return encData.GetInputStream(); + + IBufferedCipher cipher; + string cipherName = PgpUtilities.GetSymmetricCipherName(symmAlg); + string cName = cipherName; + + try + { + if (encData is SymmetricEncIntegrityPacket) + { + cName += "/CFB/NoPadding"; + } + else + { + cName += "/OpenPGPCFB/NoPadding"; + } + + cipher = CipherUtilities.GetCipher(cName); + } + catch (PgpException e) + { + throw e; + } + catch (Exception e) + { + throw new PgpException("exception creating cipher", e); + } + + try + { + KeyParameter key = ParameterUtilities.CreateKeyParameter( + cipherName, sessionData, 1, sessionData.Length - 3); + + byte[] iv = new byte[cipher.GetBlockSize()]; + + cipher.Init(false, new ParametersWithIV(key, iv)); + + encStream = BcpgInputStream.Wrap(new CipherStream(encData.GetInputStream(), cipher, null)); + + if (encData is SymmetricEncIntegrityPacket) + { + truncStream = new TruncatedStream(encStream); + + string digestName = PgpUtilities.GetDigestName(HashAlgorithmTag.Sha1); + IDigest digest = DigestUtilities.GetDigest(digestName); + + encStream = new DigestStream(truncStream, digest, null); + } + + if (Streams.ReadFully(encStream, iv, 0, iv.Length) < iv.Length) + throw new EndOfStreamException("unexpected end of stream."); + + int v1 = encStream.ReadByte(); + int v2 = encStream.ReadByte(); + + if (v1 < 0 || v2 < 0) + throw new EndOfStreamException("unexpected end of stream."); + + // Note: the oracle attack on the "quick check" bytes is deemed + // a security risk for typical public key encryption usages, + // therefore we do not perform the check. + +// bool repeatCheckPassed = +// iv[iv.Length - 2] == (byte)v1 +// && iv[iv.Length - 1] == (byte)v2; +// +// // Note: some versions of PGP appear to produce 0 for the extra +// // bytes rather than repeating the two previous bytes +// bool zeroesCheckPassed = +// v1 == 0 +// && v2 == 0; +// +// if (!repeatCheckPassed && !zeroesCheckPassed) +// { +// throw new PgpDataValidationException("quick check failed."); +// } + + return encStream; + } + catch (PgpException e) + { + throw e; + } + catch (Exception e) + { + throw new PgpException("Exception starting decryption", e); + } + } + + private byte[] RecoverSessionData(PgpPrivateKey privKey) + { + byte[][] secKeyData = keyData.GetEncSessionKey(); + + if (keyData.Algorithm == PublicKeyAlgorithmTag.ECDH) + { + ECDHPublicBcpgKey ecKey = (ECDHPublicBcpgKey)privKey.PublicKeyPacket.Key; + X9ECParameters x9Params = ECKeyPairGenerator.FindECCurveByOid(ecKey.CurveOid); + + byte[] enc = secKeyData[0]; + + int pLen = ((((enc[0] & 0xff) << 8) + (enc[1] & 0xff)) + 7) / 8; + if ((2 + pLen + 1) > enc.Length) + throw new PgpException("encoded length out of range"); + + byte[] pEnc = new byte[pLen]; + Array.Copy(enc, 2, pEnc, 0, pLen); + + int keyLen = enc[pLen + 2]; + if ((2 + pLen + 1 + keyLen) > enc.Length) + throw new PgpException("encoded length out of range"); + + byte[] keyEnc = new byte[keyLen]; + Array.Copy(enc, 2 + pLen + 1, keyEnc, 0, keyEnc.Length); + + ECPoint publicPoint = x9Params.Curve.DecodePoint(pEnc); + + ECPrivateKeyParameters privKeyParams = (ECPrivateKeyParameters)privKey.Key; + ECPoint S = publicPoint.Multiply(privKeyParams.D).Normalize(); + + KeyParameter key = new KeyParameter(Rfc6637Utilities.CreateKey(privKey.PublicKeyPacket, S)); + + IWrapper w = PgpUtilities.CreateWrapper(ecKey.SymmetricKeyAlgorithm); + w.Init(false, key); + + return PgpPad.UnpadSessionData(w.Unwrap(keyEnc, 0, keyEnc.Length)); + } + + IBufferedCipher cipher = GetKeyCipher(keyData.Algorithm); + + try + { + cipher.Init(false, privKey.Key); + } + catch (InvalidKeyException e) + { + throw new PgpException("error setting asymmetric cipher", e); + } + + if (keyData.Algorithm == PublicKeyAlgorithmTag.RsaEncrypt + || keyData.Algorithm == PublicKeyAlgorithmTag.RsaGeneral) + { + byte[] bi = secKeyData[0]; + + cipher.ProcessBytes(bi, 2, bi.Length - 2); + } + else + { + ElGamalPrivateKeyParameters k = (ElGamalPrivateKeyParameters)privKey.Key; + int size = (k.Parameters.P.BitLength + 7) / 8; + + ProcessEncodedMpi(cipher, size, secKeyData[0]); + ProcessEncodedMpi(cipher, size, secKeyData[1]); + } + + try + { + return cipher.DoFinal(); + } + catch (Exception e) + { + throw new PgpException("exception decrypting secret key", e); + } + } + + private static void ProcessEncodedMpi(IBufferedCipher cipher, int size, byte[] mpiEnc) + { + if (mpiEnc.Length - 2 > size) // leading Zero? Shouldn't happen but... + { + cipher.ProcessBytes(mpiEnc, 3, mpiEnc.Length - 3); + } + else + { + byte[] tmp = new byte[size]; + Array.Copy(mpiEnc, 2, tmp, tmp.Length - (mpiEnc.Length - 2), mpiEnc.Length - 2); + cipher.ProcessBytes(tmp, 0, tmp.Length); + } + } + } +} diff --git a/BouncyCastle/crypto/src/openpgp/PgpPublicKeyRing.cs b/BouncyCastle/crypto/src/openpgp/PgpPublicKeyRing.cs new file mode 100644 index 0000000..b35e014 --- /dev/null +++ b/BouncyCastle/crypto/src/openpgp/PgpPublicKeyRing.cs @@ -0,0 +1,209 @@ +using System; +using System.Collections; +using System.IO; + +using Org.BouncyCastle.Utilities; +using Org.BouncyCastle.Utilities.Collections; + +namespace Org.BouncyCastle.Bcpg.OpenPgp +{ + /// + /// Class to hold a single master public key and its subkeys. + ///

    + /// Often PGP keyring files consist of multiple master keys, if you are trying to process + /// or construct one of these you should use the PgpPublicKeyRingBundle class. + ///

    + ///     + public class PgpPublicKeyRing + : PgpKeyRing + { + private readonly IList keys; + + public PgpPublicKeyRing( + byte[] encoding) + : this(new MemoryStream(encoding, false)) + { + } + + internal PgpPublicKeyRing( + IList pubKeys) + { + this.keys = pubKeys; + } + + public PgpPublicKeyRing( + Stream inputStream) + { + this.keys = Platform.CreateArrayList(); + + BcpgInputStream bcpgInput = BcpgInputStream.Wrap(inputStream); + + PacketTag initialTag = bcpgInput.SkipMarkerPackets(); + if (initialTag != PacketTag.PublicKey && initialTag != PacketTag.PublicSubkey) + { + throw new IOException("public key ring doesn't start with public key tag: " + + "tag 0x" + ((int)initialTag).ToString("X")); + } + + PublicKeyPacket pubPk = ReadPublicKeyPacket(bcpgInput); + TrustPacket trustPk = ReadOptionalTrustPacket(bcpgInput); + + // direct signatures and revocations + IList keySigs = ReadSignaturesAndTrust(bcpgInput); + + IList ids, idTrusts, idSigs; + ReadUserIDs(bcpgInput, out ids, out idTrusts, out idSigs); + + keys.Add(new PgpPublicKey(pubPk, trustPk, keySigs, ids, idTrusts, idSigs)); + + + // Read subkeys + while (bcpgInput.NextPacketTag() == PacketTag.PublicSubkey) + { + keys.Add(ReadSubkey(bcpgInput)); + } + } + + /// Return the first public key in the ring. + public virtual PgpPublicKey GetPublicKey() + { + return (PgpPublicKey) keys[0]; + } + + /// Return the public key referred to by the passed in key ID if it is present. + public virtual PgpPublicKey GetPublicKey( + long keyId) + { + foreach (PgpPublicKey k in keys) + { + if (keyId == k.KeyId) + { + return k; + } + } + + return null; + } + + /// Allows enumeration of all the public keys. + /// An IEnumerable of PgpPublicKey objects. + public virtual IEnumerable GetPublicKeys() + { + return new EnumerableProxy(keys); + } + + public virtual byte[] GetEncoded() + { + MemoryStream bOut = new MemoryStream(); + + Encode(bOut); + + return bOut.ToArray(); + } + + public virtual void Encode( + Stream outStr) + { + if (outStr == null) + throw new ArgumentNullException("outStr"); + + foreach (PgpPublicKey k in keys) + { + k.Encode(outStr); + } + } + + /// + /// Returns a new key ring with the public key passed in either added or + /// replacing an existing one. + /// + /// The public key ring to be modified. + /// The public key to be inserted. + /// A new PgpPublicKeyRing + public static PgpPublicKeyRing InsertPublicKey( + PgpPublicKeyRing pubRing, + PgpPublicKey pubKey) + { + IList keys = Platform.CreateArrayList(pubRing.keys); + bool found = false; + bool masterFound = false; + + for (int i = 0; i != keys.Count; i++) + { + PgpPublicKey key = (PgpPublicKey) keys[i]; + + if (key.KeyId == pubKey.KeyId) + { + found = true; + keys[i] = pubKey; + } + if (key.IsMasterKey) + { + masterFound = true; + } + } + + if (!found) + { + if (pubKey.IsMasterKey) + { + if (masterFound) + throw new ArgumentException("cannot add a master key to a ring that already has one"); + + keys.Insert(0, pubKey); + } + else + { + keys.Add(pubKey); + } + } + + return new PgpPublicKeyRing(keys); + } + + /// Returns a new key ring with the public key passed in removed from the key ring. + /// The public key ring to be modified. + /// The public key to be removed. + /// A new PgpPublicKeyRing, or null if pubKey is not found. + public static PgpPublicKeyRing RemovePublicKey( + PgpPublicKeyRing pubRing, + PgpPublicKey pubKey) + { + IList keys = Platform.CreateArrayList(pubRing.keys); + bool found = false; + + for (int i = 0; i < keys.Count; i++) + { + PgpPublicKey key = (PgpPublicKey) keys[i]; + + if (key.KeyId == pubKey.KeyId) + { + found = true; + keys.RemoveAt(i); + } + } + + return found ? new PgpPublicKeyRing(keys) : null; + } + + internal static PublicKeyPacket ReadPublicKeyPacket(BcpgInputStream bcpgInput) + { + Packet packet = bcpgInput.ReadPacket(); + if (!(packet is PublicKeyPacket)) + throw new IOException("unexpected packet in stream: " + packet); + + return (PublicKeyPacket)packet; + } + + internal static PgpPublicKey ReadSubkey(BcpgInputStream bcpgInput) + { + PublicKeyPacket pk = ReadPublicKeyPacket(bcpgInput); + TrustPacket kTrust = ReadOptionalTrustPacket(bcpgInput); + + // PGP 8 actually leaves out the signature. + IList sigList = ReadSignaturesAndTrust(bcpgInput); + + return new PgpPublicKey(pk, kTrust, sigList); + } + } +} diff --git a/BouncyCastle/crypto/src/openpgp/PgpPublicKeyRingBundle.cs b/BouncyCastle/crypto/src/openpgp/PgpPublicKeyRingBundle.cs new file mode 100644 index 0000000..08d0aa0 --- /dev/null +++ b/BouncyCastle/crypto/src/openpgp/PgpPublicKeyRingBundle.cs @@ -0,0 +1,280 @@ +using System; +using System.Collections; +using System.IO; + +using Org.BouncyCastle.Utilities; +using Org.BouncyCastle.Utilities.Collections; + +namespace Org.BouncyCastle.Bcpg.OpenPgp +{ + /// + /// Often a PGP key ring file is made up of a succession of master/sub-key key rings. + /// If you want to read an entire public key file in one hit this is the class for you. + /// + public class PgpPublicKeyRingBundle + { + private readonly IDictionary pubRings; + private readonly IList order; + + private PgpPublicKeyRingBundle( + IDictionary pubRings, + IList order) + { + this.pubRings = pubRings; + this.order = order; + } + + public PgpPublicKeyRingBundle( + byte[] encoding) + : this(new MemoryStream(encoding, false)) + { + } + + /// Build a PgpPublicKeyRingBundle from the passed in input stream. + /// Input stream containing data. + /// If a problem parsing the stream occurs. + /// If an object is encountered which isn't a PgpPublicKeyRing. + public PgpPublicKeyRingBundle( + Stream inputStream) + : this(new PgpObjectFactory(inputStream).AllPgpObjects()) + { + } + + public PgpPublicKeyRingBundle( + IEnumerable e) + { + this.pubRings = Platform.CreateHashtable(); + this.order = Platform.CreateArrayList(); + + foreach (object obj in e) + { + // Marker packets must be ignored + if (obj is PgpMarker) + continue; + + PgpPublicKeyRing pgpPub = obj as PgpPublicKeyRing; + if (pgpPub == null) + throw new PgpException(Platform.GetTypeName(obj) + " found where PgpPublicKeyRing expected"); + + long key = pgpPub.GetPublicKey().KeyId; + pubRings.Add(key, pgpPub); + order.Add(key); + } + } + + [Obsolete("Use 'Count' property instead")] + public int Size + { + get { return order.Count; } + } + + /// Return the number of key rings in this collection. + public int Count + { + get { return order.Count; } + } + + /// Allow enumeration of the public key rings making up this collection. + public IEnumerable GetKeyRings() + { + return new EnumerableProxy(pubRings.Values); + } + + /// Allow enumeration of the key rings associated with the passed in userId. + /// The user ID to be matched. + /// An IEnumerable of key rings which matched (possibly none). + public IEnumerable GetKeyRings( + string userId) + { + return GetKeyRings(userId, false, false); + } + + /// Allow enumeration of the key rings associated with the passed in userId. + /// The user ID to be matched. + /// If true, userId need only be a substring of an actual ID string to match. + /// An IEnumerable of key rings which matched (possibly none). + public IEnumerable GetKeyRings( + string userId, + bool matchPartial) + { + return GetKeyRings(userId, matchPartial, false); + } + + /// Allow enumeration of the key rings associated with the passed in userId. + /// The user ID to be matched. + /// If true, userId need only be a substring of an actual ID string to match. + /// If true, case is ignored in user ID comparisons. + /// An IEnumerable of key rings which matched (possibly none). + public IEnumerable GetKeyRings( + string userId, + bool matchPartial, + bool ignoreCase) + { + IList rings = Platform.CreateArrayList(); + + if (ignoreCase) + { + userId = Platform.ToUpperInvariant(userId); + } + + foreach (PgpPublicKeyRing pubRing in GetKeyRings()) + { + foreach (string nextUserID in pubRing.GetPublicKey().GetUserIds()) + { + string next = nextUserID; + if (ignoreCase) + { + next = Platform.ToUpperInvariant(next); + } + + if (matchPartial) + { + if (Platform.IndexOf(next, userId) > -1) + { + rings.Add(pubRing); + } + } + else + { + if (next.Equals(userId)) + { + rings.Add(pubRing); + } + } + } + } + + return new EnumerableProxy(rings); + } + + /// Return the PGP public key associated with the given key id. + /// The ID of the public key to return. + public PgpPublicKey GetPublicKey( + long keyId) + { + foreach (PgpPublicKeyRing pubRing in GetKeyRings()) + { + PgpPublicKey pub = pubRing.GetPublicKey(keyId); + + if (pub != null) + { + return pub; + } + } + + return null; + } + + /// Return the public key ring which contains the key referred to by keyId + /// key ID to match against + public PgpPublicKeyRing GetPublicKeyRing( + long keyId) + { + if (pubRings.Contains(keyId)) + { + return (PgpPublicKeyRing)pubRings[keyId]; + } + + foreach (PgpPublicKeyRing pubRing in GetKeyRings()) + { + PgpPublicKey pub = pubRing.GetPublicKey(keyId); + + if (pub != null) + { + return pubRing; + } + } + + return null; + } + + /// + /// Return true if a key matching the passed in key ID is present, false otherwise. + /// + /// key ID to look for. + public bool Contains( + long keyID) + { + return GetPublicKey(keyID) != null; + } + + public byte[] GetEncoded() + { + MemoryStream bOut = new MemoryStream(); + + Encode(bOut); + + return bOut.ToArray(); + } + + public void Encode( + Stream outStr) + { + BcpgOutputStream bcpgOut = BcpgOutputStream.Wrap(outStr); + + foreach (long key in order) + { + PgpPublicKeyRing sec = (PgpPublicKeyRing) pubRings[key]; + + sec.Encode(bcpgOut); + } + } + + /// + /// Return a new bundle containing the contents of the passed in bundle and + /// the passed in public key ring. + /// + /// The PgpPublicKeyRingBundle the key ring is to be added to. + /// The key ring to be added. + /// A new PgpPublicKeyRingBundle merging the current one with the passed in key ring. + /// If the keyId for the passed in key ring is already present. + public static PgpPublicKeyRingBundle AddPublicKeyRing( + PgpPublicKeyRingBundle bundle, + PgpPublicKeyRing publicKeyRing) + { + long key = publicKeyRing.GetPublicKey().KeyId; + + if (bundle.pubRings.Contains(key)) + { + throw new ArgumentException("Bundle already contains a key with a keyId for the passed in ring."); + } + + IDictionary newPubRings = Platform.CreateHashtable(bundle.pubRings); + IList newOrder = Platform.CreateArrayList(bundle.order); + + newPubRings[key] = publicKeyRing; + + newOrder.Add(key); + + return new PgpPublicKeyRingBundle(newPubRings, newOrder); + } + + /// + /// Return a new bundle containing the contents of the passed in bundle with + /// the passed in public key ring removed. + /// + /// The PgpPublicKeyRingBundle the key ring is to be removed from. + /// The key ring to be removed. + /// A new PgpPublicKeyRingBundle not containing the passed in key ring. + /// If the keyId for the passed in key ring is not present. + public static PgpPublicKeyRingBundle RemovePublicKeyRing( + PgpPublicKeyRingBundle bundle, + PgpPublicKeyRing publicKeyRing) + { + long key = publicKeyRing.GetPublicKey().KeyId; + + if (!bundle.pubRings.Contains(key)) + { + throw new ArgumentException("Bundle does not contain a key with a keyId for the passed in ring."); + } + + IDictionary newPubRings = Platform.CreateHashtable(bundle.pubRings); + IList newOrder = Platform.CreateArrayList(bundle.order); + + newPubRings.Remove(key); + newOrder.Remove(key); + + return new PgpPublicKeyRingBundle(newPubRings, newOrder); + } + } +} diff --git a/BouncyCastle/crypto/src/openpgp/PgpSecretKey.cs b/BouncyCastle/crypto/src/openpgp/PgpSecretKey.cs new file mode 100644 index 0000000..a3ffd4a --- /dev/null +++ b/BouncyCastle/crypto/src/openpgp/PgpSecretKey.cs @@ -0,0 +1,1302 @@ +using System; +using System.Collections; +using System.IO; + +using Org.BouncyCastle.Asn1.X9; +using Org.BouncyCastle.Crypto; +using Org.BouncyCastle.Crypto.Generators; +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Math; +using Org.BouncyCastle.Security; +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Bcpg.OpenPgp +{ + /// General class to handle a PGP secret key object. + public class PgpSecretKey + { + private readonly SecretKeyPacket secret; + private readonly PgpPublicKey pub; + + internal PgpSecretKey( + SecretKeyPacket secret, + PgpPublicKey pub) + { + this.secret = secret; + this.pub = pub; + } + + internal PgpSecretKey( + PgpPrivateKey privKey, + PgpPublicKey pubKey, + SymmetricKeyAlgorithmTag encAlgorithm, + byte[] rawPassPhrase, + bool clearPassPhrase, + bool useSha1, + SecureRandom rand, + bool isMasterKey) + { + BcpgObject secKey; + + this.pub = pubKey; + + switch (pubKey.Algorithm) + { + case PublicKeyAlgorithmTag.RsaEncrypt: + case PublicKeyAlgorithmTag.RsaSign: + case PublicKeyAlgorithmTag.RsaGeneral: + RsaPrivateCrtKeyParameters rsK = (RsaPrivateCrtKeyParameters) privKey.Key; + secKey = new RsaSecretBcpgKey(rsK.Exponent, rsK.P, rsK.Q); + break; + case PublicKeyAlgorithmTag.Dsa: + DsaPrivateKeyParameters dsK = (DsaPrivateKeyParameters) privKey.Key; + secKey = new DsaSecretBcpgKey(dsK.X); + break; + case PublicKeyAlgorithmTag.ECDH: + case PublicKeyAlgorithmTag.ECDsa: + ECPrivateKeyParameters ecK = (ECPrivateKeyParameters)privKey.Key; + secKey = new ECSecretBcpgKey(ecK.D); + break; + case PublicKeyAlgorithmTag.ElGamalEncrypt: + case PublicKeyAlgorithmTag.ElGamalGeneral: + ElGamalPrivateKeyParameters esK = (ElGamalPrivateKeyParameters) privKey.Key; + secKey = new ElGamalSecretBcpgKey(esK.X); + break; + default: + throw new PgpException("unknown key class"); + } + + try + { + MemoryStream bOut = new MemoryStream(); + BcpgOutputStream pOut = new BcpgOutputStream(bOut); + + pOut.WriteObject(secKey); + + byte[] keyData = bOut.ToArray(); + byte[] checksumData = Checksum(useSha1, keyData, keyData.Length); + + keyData = Arrays.Concatenate(keyData, checksumData); + + if (encAlgorithm == SymmetricKeyAlgorithmTag.Null) + { + if (isMasterKey) + { + this.secret = new SecretKeyPacket(pub.publicPk, encAlgorithm, null, null, keyData); + } + else + { + this.secret = new SecretSubkeyPacket(pub.publicPk, encAlgorithm, null, null, keyData); + } + } + else + { + S2k s2k; + byte[] iv; + + byte[] encData; + if (pub.Version >= 4) + { + encData = EncryptKeyDataV4(keyData, encAlgorithm, HashAlgorithmTag.Sha1, rawPassPhrase, clearPassPhrase, rand, out s2k, out iv); + } + else + { + encData = EncryptKeyDataV3(keyData, encAlgorithm, rawPassPhrase, clearPassPhrase, rand, out s2k, out iv); + } + + int s2kUsage = useSha1 + ? SecretKeyPacket.UsageSha1 + : SecretKeyPacket.UsageChecksum; + + if (isMasterKey) + { + this.secret = new SecretKeyPacket(pub.publicPk, encAlgorithm, s2kUsage, s2k, iv, encData); + } + else + { + this.secret = new SecretSubkeyPacket(pub.publicPk, encAlgorithm, s2kUsage, s2k, iv, encData); + } + } + } + catch (PgpException e) + { + throw e; + } + catch (Exception e) + { + throw new PgpException("Exception encrypting key", e); + } + } + + /// + /// Conversion of the passphrase characters to bytes is performed using Convert.ToByte(), which is + /// the historical behaviour of the library (1.7 and earlier). + /// + [Obsolete("Use the constructor taking an explicit 'useSha1' parameter instead")] + public PgpSecretKey( + int certificationLevel, + PgpKeyPair keyPair, + string id, + SymmetricKeyAlgorithmTag encAlgorithm, + char[] passPhrase, + PgpSignatureSubpacketVector hashedPackets, + PgpSignatureSubpacketVector unhashedPackets, + SecureRandom rand) + : this(certificationLevel, keyPair, id, encAlgorithm, passPhrase, false, hashedPackets, unhashedPackets, rand) + { + } + + /// + /// Conversion of the passphrase characters to bytes is performed using Convert.ToByte(), which is + /// the historical behaviour of the library (1.7 and earlier). + /// + public PgpSecretKey( + int certificationLevel, + PgpKeyPair keyPair, + string id, + SymmetricKeyAlgorithmTag encAlgorithm, + char[] passPhrase, + bool useSha1, + PgpSignatureSubpacketVector hashedPackets, + PgpSignatureSubpacketVector unhashedPackets, + SecureRandom rand) + : this(certificationLevel, keyPair, id, encAlgorithm, false, passPhrase, useSha1, hashedPackets, unhashedPackets, rand) + { + } + + /// + /// If utf8PassPhrase is true, conversion of the passphrase to bytes uses Encoding.UTF8.GetBytes(), otherwise the conversion + /// is performed using Convert.ToByte(), which is the historical behaviour of the library (1.7 and earlier). + /// + public PgpSecretKey( + int certificationLevel, + PgpKeyPair keyPair, + string id, + SymmetricKeyAlgorithmTag encAlgorithm, + bool utf8PassPhrase, + char[] passPhrase, + bool useSha1, + PgpSignatureSubpacketVector hashedPackets, + PgpSignatureSubpacketVector unhashedPackets, + SecureRandom rand) + : this(certificationLevel, keyPair, id, encAlgorithm, + PgpUtilities.EncodePassPhrase(passPhrase, utf8PassPhrase), true, + useSha1, hashedPackets, unhashedPackets, rand) + { + } + + /// + /// Allows the caller to handle the encoding of the passphrase to bytes. + /// + public PgpSecretKey( + int certificationLevel, + PgpKeyPair keyPair, + string id, + SymmetricKeyAlgorithmTag encAlgorithm, + byte[] rawPassPhrase, + bool useSha1, + PgpSignatureSubpacketVector hashedPackets, + PgpSignatureSubpacketVector unhashedPackets, + SecureRandom rand) + : this(certificationLevel, keyPair, id, encAlgorithm, rawPassPhrase, false, useSha1, hashedPackets, unhashedPackets, rand) + { + } + + internal PgpSecretKey( + int certificationLevel, + PgpKeyPair keyPair, + string id, + SymmetricKeyAlgorithmTag encAlgorithm, + byte[] rawPassPhrase, + bool clearPassPhrase, + bool useSha1, + PgpSignatureSubpacketVector hashedPackets, + PgpSignatureSubpacketVector unhashedPackets, + SecureRandom rand) + : this(keyPair.PrivateKey, CertifiedPublicKey(certificationLevel, keyPair, id, hashedPackets, unhashedPackets), + encAlgorithm, rawPassPhrase, clearPassPhrase, useSha1, rand, true) + { + } + + /// + /// Conversion of the passphrase characters to bytes is performed using Convert.ToByte(), which is + /// the historical behaviour of the library (1.7 and earlier). + /// + public PgpSecretKey( + int certificationLevel, + PgpKeyPair keyPair, + string id, + SymmetricKeyAlgorithmTag encAlgorithm, + HashAlgorithmTag hashAlgorithm, + char[] passPhrase, + bool useSha1, + PgpSignatureSubpacketVector hashedPackets, + PgpSignatureSubpacketVector unhashedPackets, + SecureRandom rand) + : this(certificationLevel, keyPair, id, encAlgorithm, hashAlgorithm, false, passPhrase, useSha1, hashedPackets, unhashedPackets, rand) + { + } + + /// + /// If utf8PassPhrase is true, conversion of the passphrase to bytes uses Encoding.UTF8.GetBytes(), otherwise the conversion + /// is performed using Convert.ToByte(), which is the historical behaviour of the library (1.7 and earlier). + /// + public PgpSecretKey( + int certificationLevel, + PgpKeyPair keyPair, + string id, + SymmetricKeyAlgorithmTag encAlgorithm, + HashAlgorithmTag hashAlgorithm, + bool utf8PassPhrase, + char[] passPhrase, + bool useSha1, + PgpSignatureSubpacketVector hashedPackets, + PgpSignatureSubpacketVector unhashedPackets, + SecureRandom rand) + : this(certificationLevel, keyPair, id, encAlgorithm, hashAlgorithm, + PgpUtilities.EncodePassPhrase(passPhrase, utf8PassPhrase), true, + useSha1, hashedPackets, unhashedPackets, rand) + { + } + + /// + /// Allows the caller to handle the encoding of the passphrase to bytes. + /// + public PgpSecretKey( + int certificationLevel, + PgpKeyPair keyPair, + string id, + SymmetricKeyAlgorithmTag encAlgorithm, + HashAlgorithmTag hashAlgorithm, + byte[] rawPassPhrase, + bool useSha1, + PgpSignatureSubpacketVector hashedPackets, + PgpSignatureSubpacketVector unhashedPackets, + SecureRandom rand) + : this(certificationLevel, keyPair, id, encAlgorithm, hashAlgorithm, rawPassPhrase, false, useSha1, hashedPackets, unhashedPackets, rand) + { + } + + internal PgpSecretKey( + int certificationLevel, + PgpKeyPair keyPair, + string id, + SymmetricKeyAlgorithmTag encAlgorithm, + HashAlgorithmTag hashAlgorithm, + byte[] rawPassPhrase, + bool clearPassPhrase, + bool useSha1, + PgpSignatureSubpacketVector hashedPackets, + PgpSignatureSubpacketVector unhashedPackets, + SecureRandom rand) + : this(keyPair.PrivateKey, CertifiedPublicKey(certificationLevel, keyPair, id, hashedPackets, unhashedPackets, hashAlgorithm), + encAlgorithm, rawPassPhrase, clearPassPhrase, useSha1, rand, true) + { + } + + private static PgpPublicKey CertifiedPublicKey( + int certificationLevel, + PgpKeyPair keyPair, + string id, + PgpSignatureSubpacketVector hashedPackets, + PgpSignatureSubpacketVector unhashedPackets) + { + PgpSignatureGenerator sGen; + try + { + sGen = new PgpSignatureGenerator(keyPair.PublicKey.Algorithm, HashAlgorithmTag.Sha1); + } + catch (Exception e) + { + throw new PgpException("Creating signature generator: " + e.Message, e); + } + + // + // Generate the certification + // + sGen.InitSign(certificationLevel, keyPair.PrivateKey); + + sGen.SetHashedSubpackets(hashedPackets); + sGen.SetUnhashedSubpackets(unhashedPackets); + + try + { + PgpSignature certification = sGen.GenerateCertification(id, keyPair.PublicKey); + return PgpPublicKey.AddCertification(keyPair.PublicKey, id, certification); + } + catch (Exception e) + { + throw new PgpException("Exception doing certification: " + e.Message, e); + } + } + + + private static PgpPublicKey CertifiedPublicKey( + int certificationLevel, + PgpKeyPair keyPair, + string id, + PgpSignatureSubpacketVector hashedPackets, + PgpSignatureSubpacketVector unhashedPackets, + HashAlgorithmTag hashAlgorithm) + { + PgpSignatureGenerator sGen; + try + { + sGen = new PgpSignatureGenerator(keyPair.PublicKey.Algorithm, hashAlgorithm); + } + catch (Exception e) + { + throw new PgpException("Creating signature generator: " + e.Message, e); + } + + // + // Generate the certification + // + sGen.InitSign(certificationLevel, keyPair.PrivateKey); + + sGen.SetHashedSubpackets(hashedPackets); + sGen.SetUnhashedSubpackets(unhashedPackets); + + try + { + PgpSignature certification = sGen.GenerateCertification(id, keyPair.PublicKey); + return PgpPublicKey.AddCertification(keyPair.PublicKey, id, certification); + } + catch (Exception e) + { + throw new PgpException("Exception doing certification: " + e.Message, e); + } + } + + public PgpSecretKey( + int certificationLevel, + PublicKeyAlgorithmTag algorithm, + AsymmetricKeyParameter pubKey, + AsymmetricKeyParameter privKey, + DateTime time, + string id, + SymmetricKeyAlgorithmTag encAlgorithm, + char[] passPhrase, + PgpSignatureSubpacketVector hashedPackets, + PgpSignatureSubpacketVector unhashedPackets, + SecureRandom rand) + : this(certificationLevel, + new PgpKeyPair(algorithm, pubKey, privKey, time), + id, encAlgorithm, passPhrase, false, hashedPackets, unhashedPackets, rand) + { + } + + public PgpSecretKey( + int certificationLevel, + PublicKeyAlgorithmTag algorithm, + AsymmetricKeyParameter pubKey, + AsymmetricKeyParameter privKey, + DateTime time, + string id, + SymmetricKeyAlgorithmTag encAlgorithm, + char[] passPhrase, + bool useSha1, + PgpSignatureSubpacketVector hashedPackets, + PgpSignatureSubpacketVector unhashedPackets, + SecureRandom rand) + : this(certificationLevel, new PgpKeyPair(algorithm, pubKey, privKey, time), id, encAlgorithm, passPhrase, useSha1, hashedPackets, unhashedPackets, rand) + { + } + + /// + /// Check if this key has an algorithm type that makes it suitable to use for signing. + /// + /// + /// Note: with version 4 keys KeyFlags subpackets should also be considered when present for + /// determining the preferred use of the key. + /// + /// + /// true if this key algorithm is suitable for use with signing. + /// + public bool IsSigningKey + { + get + { + switch (pub.Algorithm) + { + case PublicKeyAlgorithmTag.RsaGeneral: + case PublicKeyAlgorithmTag.RsaSign: + case PublicKeyAlgorithmTag.Dsa: + case PublicKeyAlgorithmTag.ECDsa: + case PublicKeyAlgorithmTag.EdDsa: + case PublicKeyAlgorithmTag.ElGamalGeneral: + return true; + default: + return false; + } + } + } + + /// True, if this is a master key. + public bool IsMasterKey + { + get { return pub.IsMasterKey; } + } + + /// Detect if the Secret Key's Private Key is empty or not + public bool IsPrivateKeyEmpty + { + get + { + byte[] secKeyData = secret.GetSecretKeyData(); + + return secKeyData == null || secKeyData.Length < 1; + } + } + + /// The algorithm the key is encrypted with. + public SymmetricKeyAlgorithmTag KeyEncryptionAlgorithm + { + get { return secret.EncAlgorithm; } + } + + /// The key ID of the public key associated with this key. + public long KeyId + { + get { return pub.KeyId; } + } + + /// Return the S2K usage associated with this key. + public int S2kUsage + { + get { return secret.S2kUsage; } + } + + /// Return the S2K used to process this key. + public S2k S2k + { + get { return secret.S2k; } + } + + /// The public key associated with this key. + public PgpPublicKey PublicKey + { + get { return pub; } + } + + /// Allows enumeration of any user IDs associated with the key. + /// An IEnumerable of string objects. + public IEnumerable UserIds + { + get { return pub.GetUserIds(); } + } + + /// Allows enumeration of any user attribute vectors associated with the key. + /// An IEnumerable of string objects. + public IEnumerable UserAttributes + { + get { return pub.GetUserAttributes(); } + } + + private byte[] ExtractKeyData(byte[] rawPassPhrase, bool clearPassPhrase) + { + SymmetricKeyAlgorithmTag encAlgorithm = secret.EncAlgorithm; + byte[] encData = secret.GetSecretKeyData(); + + if (encAlgorithm == SymmetricKeyAlgorithmTag.Null) + // TODO Check checksum here? + return encData; + + // TODO Factor this block out as 'decryptData' + try + { + KeyParameter key = PgpUtilities.DoMakeKeyFromPassPhrase(secret.EncAlgorithm, secret.S2k, rawPassPhrase, clearPassPhrase); + byte[] iv = secret.GetIV(); + byte[] data; + + if (secret.PublicKeyPacket.Version >= 4) + { + data = RecoverKeyData(encAlgorithm, "/CFB/NoPadding", key, iv, encData, 0, encData.Length); + + bool useSha1 = secret.S2kUsage == SecretKeyPacket.UsageSha1; + byte[] check = Checksum(useSha1, data, (useSha1) ? data.Length - 20 : data.Length - 2); + + for (int i = 0; i != check.Length; i++) + { + if (check[i] != data[data.Length - check.Length + i]) + { + throw new PgpException("Checksum mismatch at " + i + " of " + check.Length); + } + } + } + else // version 2 or 3, RSA only. + { + data = new byte[encData.Length]; + + iv = Arrays.Clone(iv); + + // + // read in the four numbers + // + int pos = 0; + + for (int i = 0; i != 4; i++) + { + int encLen = ((((encData[pos] & 0xff) << 8) | (encData[pos + 1] & 0xff)) + 7) / 8; + + data[pos] = encData[pos]; + data[pos + 1] = encData[pos + 1]; + pos += 2; + + if (encLen > (encData.Length - pos)) + throw new PgpException("out of range encLen found in encData"); + + byte[] tmp = RecoverKeyData(encAlgorithm, "/CFB/NoPadding", key, iv, encData, pos, encLen); + Array.Copy(tmp, 0, data, pos, encLen); + pos += encLen; + + if (i != 3) + { + Array.Copy(encData, pos - iv.Length, iv, 0, iv.Length); + } + } + + // + // verify and copy checksum + // + + data[pos] = encData[pos]; + data[pos + 1] = encData[pos + 1]; + + int cs = ((encData[pos] << 8) & 0xff00) | (encData[pos + 1] & 0xff); + int calcCs = 0; + for (int j = 0; j < pos; j++) + { + calcCs += data[j] & 0xff; + } + + calcCs &= 0xffff; + if (calcCs != cs) + { + throw new PgpException("Checksum mismatch: passphrase wrong, expected " + + cs.ToString("X") + + " found " + calcCs.ToString("X")); + } + } + + return data; + } + catch (PgpException e) + { + throw e; + } + catch (Exception e) + { + throw new PgpException("Exception decrypting key", e); + } + } + + private static byte[] RecoverKeyData(SymmetricKeyAlgorithmTag encAlgorithm, string modeAndPadding, + KeyParameter key, byte[] iv, byte[] keyData, int keyOff, int keyLen) + { + IBufferedCipher c; + try + { + string cName = PgpUtilities.GetSymmetricCipherName(encAlgorithm); + c = CipherUtilities.GetCipher(cName + modeAndPadding); + } + catch (Exception e) + { + throw new PgpException("Exception creating cipher", e); + } + + c.Init(false, new ParametersWithIV(key, iv)); + + return c.DoFinal(keyData, keyOff, keyLen); + } + + /// Extract a PgpPrivateKey from this secret key's encrypted contents. + /// + /// Conversion of the passphrase characters to bytes is performed using Convert.ToByte(), which is + /// the historical behaviour of the library (1.7 and earlier). + /// + public PgpPrivateKey ExtractPrivateKey(char[] passPhrase) + { + return DoExtractPrivateKey(PgpUtilities.EncodePassPhrase(passPhrase, false), true); + } + + /// Extract a PgpPrivateKey from this secret key's encrypted contents. + /// + /// The passphrase is encoded to bytes using UTF8 (Encoding.UTF8.GetBytes). + /// + public PgpPrivateKey ExtractPrivateKeyUtf8(char[] passPhrase) + { + return DoExtractPrivateKey(PgpUtilities.EncodePassPhrase(passPhrase, true), true); + } + + /// Extract a PgpPrivateKey from this secret key's encrypted contents. + /// + /// Allows the caller to handle the encoding of the passphrase to bytes. + /// + public PgpPrivateKey ExtractPrivateKeyRaw(byte[] rawPassPhrase) + { + return DoExtractPrivateKey(rawPassPhrase, false); + } + + internal PgpPrivateKey DoExtractPrivateKey(byte[] rawPassPhrase, bool clearPassPhrase) + { + if (IsPrivateKeyEmpty) + return null; + + PublicKeyPacket pubPk = secret.PublicKeyPacket; + try + { + byte[] data = ExtractKeyData(rawPassPhrase, clearPassPhrase); + BcpgInputStream bcpgIn = BcpgInputStream.Wrap(new MemoryStream(data, false)); + AsymmetricKeyParameter privateKey; + switch (pubPk.Algorithm) + { + case PublicKeyAlgorithmTag.RsaEncrypt: + case PublicKeyAlgorithmTag.RsaGeneral: + case PublicKeyAlgorithmTag.RsaSign: + RsaPublicBcpgKey rsaPub = (RsaPublicBcpgKey)pubPk.Key; + RsaSecretBcpgKey rsaPriv = new RsaSecretBcpgKey(bcpgIn); + RsaPrivateCrtKeyParameters rsaPrivSpec = new RsaPrivateCrtKeyParameters( + rsaPriv.Modulus, + rsaPub.PublicExponent, + rsaPriv.PrivateExponent, + rsaPriv.PrimeP, + rsaPriv.PrimeQ, + rsaPriv.PrimeExponentP, + rsaPriv.PrimeExponentQ, + rsaPriv.CrtCoefficient); + privateKey = rsaPrivSpec; + break; + case PublicKeyAlgorithmTag.Dsa: + DsaPublicBcpgKey dsaPub = (DsaPublicBcpgKey)pubPk.Key; + DsaSecretBcpgKey dsaPriv = new DsaSecretBcpgKey(bcpgIn); + DsaParameters dsaParams = new DsaParameters(dsaPub.P, dsaPub.Q, dsaPub.G); + privateKey = new DsaPrivateKeyParameters(dsaPriv.X, dsaParams); + break; + case PublicKeyAlgorithmTag.ECDH: + privateKey = GetECKey("ECDH", bcpgIn); + break; + case PublicKeyAlgorithmTag.ECDsa: + privateKey = GetECKey("ECDSA", bcpgIn); + break; + case PublicKeyAlgorithmTag.ElGamalEncrypt: + case PublicKeyAlgorithmTag.ElGamalGeneral: + ElGamalPublicBcpgKey elPub = (ElGamalPublicBcpgKey)pubPk.Key; + ElGamalSecretBcpgKey elPriv = new ElGamalSecretBcpgKey(bcpgIn); + ElGamalParameters elParams = new ElGamalParameters(elPub.P, elPub.G); + privateKey = new ElGamalPrivateKeyParameters(elPriv.X, elParams); + break; + default: + throw new PgpException("unknown public key algorithm encountered"); + } + + return new PgpPrivateKey(KeyId, pubPk, privateKey); + } + catch (PgpException e) + { + throw e; + } + catch (Exception e) + { + throw new PgpException("Exception constructing key", e); + } + } + + private ECPrivateKeyParameters GetECKey(string algorithm, BcpgInputStream bcpgIn) + { + ECPublicBcpgKey ecdsaPub = (ECPublicBcpgKey)secret.PublicKeyPacket.Key; + ECSecretBcpgKey ecdsaPriv = new ECSecretBcpgKey(bcpgIn); + return new ECPrivateKeyParameters(algorithm, ecdsaPriv.X, ecdsaPub.CurveOid); + } + + private static byte[] Checksum( + bool useSha1, + byte[] bytes, + int length) + { + if (useSha1) + { + try + { + IDigest dig = DigestUtilities.GetDigest("SHA1"); + dig.BlockUpdate(bytes, 0, length); + return DigestUtilities.DoFinal(dig); + } + //catch (NoSuchAlgorithmException e) + catch (Exception e) + { + throw new PgpException("Can't find SHA-1", e); + } + } + else + { + int Checksum = 0; + for (int i = 0; i != length; i++) + { + Checksum += bytes[i]; + } + + return new byte[] { (byte)(Checksum >> 8), (byte)Checksum }; + } + } + + public byte[] GetEncoded() + { + MemoryStream bOut = new MemoryStream(); + Encode(bOut); + return bOut.ToArray(); + } + + public void Encode( + Stream outStr) + { + BcpgOutputStream bcpgOut = BcpgOutputStream.Wrap(outStr); + + bcpgOut.WritePacket(secret); + if (pub.trustPk != null) + { + bcpgOut.WritePacket(pub.trustPk); + } + + if (pub.subSigs == null) // is not a sub key + { + foreach (PgpSignature keySig in pub.keySigs) + { + keySig.Encode(bcpgOut); + } + + for (int i = 0; i != pub.ids.Count; i++) + { + object pubID = pub.ids[i]; + if (pubID is string) + { + string id = (string) pubID; + bcpgOut.WritePacket(new UserIdPacket(id)); + } + else + { + PgpUserAttributeSubpacketVector v = (PgpUserAttributeSubpacketVector) pubID; + bcpgOut.WritePacket(new UserAttributePacket(v.ToSubpacketArray())); + } + + if (pub.idTrusts[i] != null) + { + bcpgOut.WritePacket((ContainedPacket)pub.idTrusts[i]); + } + + foreach (PgpSignature sig in (IList) pub.idSigs[i]) + { + sig.Encode(bcpgOut); + } + } + } + else + { + foreach (PgpSignature subSig in pub.subSigs) + { + subSig.Encode(bcpgOut); + } + } + + // TODO Check that this is right/necessary + //bcpgOut.Finish(); + } + + /// + /// Return a copy of the passed in secret key, encrypted using a new password + /// and the passed in algorithm. + /// + /// + /// Conversion of the passphrase characters to bytes is performed using Convert.ToByte(), which is + /// the historical behaviour of the library (1.7 and earlier). + /// + /// The PgpSecretKey to be copied. + /// The current password for the key. + /// The new password for the key. + /// The algorithm to be used for the encryption. + /// Source of randomness. + public static PgpSecretKey CopyWithNewPassword( + PgpSecretKey key, + char[] oldPassPhrase, + char[] newPassPhrase, + SymmetricKeyAlgorithmTag newEncAlgorithm, + SecureRandom rand) + { + return DoCopyWithNewPassword(key, PgpUtilities.EncodePassPhrase(oldPassPhrase, false), + PgpUtilities.EncodePassPhrase(newPassPhrase, false), true, newEncAlgorithm, rand); + } + + /// + /// Return a copy of the passed in secret key, encrypted using a new password + /// and the passed in algorithm. + /// + /// + /// The passphrase is encoded to bytes using UTF8 (Encoding.UTF8.GetBytes). + /// + /// The PgpSecretKey to be copied. + /// The current password for the key. + /// The new password for the key. + /// The algorithm to be used for the encryption. + /// Source of randomness. + public static PgpSecretKey CopyWithNewPasswordUtf8( + PgpSecretKey key, + char[] oldPassPhrase, + char[] newPassPhrase, + SymmetricKeyAlgorithmTag newEncAlgorithm, + SecureRandom rand) + { + return DoCopyWithNewPassword(key, PgpUtilities.EncodePassPhrase(oldPassPhrase, true), + PgpUtilities.EncodePassPhrase(newPassPhrase, true), true, newEncAlgorithm, rand); + } + + /// + /// Return a copy of the passed in secret key, encrypted using a new password + /// and the passed in algorithm. + /// + /// + /// Allows the caller to handle the encoding of the passphrase to bytes. + /// + /// The PgpSecretKey to be copied. + /// The current password for the key. + /// The new password for the key. + /// The algorithm to be used for the encryption. + /// Source of randomness. + public static PgpSecretKey CopyWithNewPasswordRaw( + PgpSecretKey key, + byte[] rawOldPassPhrase, + byte[] rawNewPassPhrase, + SymmetricKeyAlgorithmTag newEncAlgorithm, + SecureRandom rand) + { + return DoCopyWithNewPassword(key, rawOldPassPhrase, rawNewPassPhrase, false, newEncAlgorithm, rand); + } + + internal static PgpSecretKey DoCopyWithNewPassword( + PgpSecretKey key, + byte[] rawOldPassPhrase, + byte[] rawNewPassPhrase, + bool clearPassPhrase, + SymmetricKeyAlgorithmTag newEncAlgorithm, + SecureRandom rand) + { + if (key.IsPrivateKeyEmpty) + throw new PgpException("no private key in this SecretKey - public key present only."); + + byte[] rawKeyData = key.ExtractKeyData(rawOldPassPhrase, clearPassPhrase); + int s2kUsage = key.secret.S2kUsage; + byte[] iv = null; + S2k s2k = null; + byte[] keyData; + PublicKeyPacket pubKeyPacket = key.secret.PublicKeyPacket; + + if (newEncAlgorithm == SymmetricKeyAlgorithmTag.Null) + { + s2kUsage = SecretKeyPacket.UsageNone; + if (key.secret.S2kUsage == SecretKeyPacket.UsageSha1) // SHA-1 hash, need to rewrite Checksum + { + keyData = new byte[rawKeyData.Length - 18]; + + Array.Copy(rawKeyData, 0, keyData, 0, keyData.Length - 2); + + byte[] check = Checksum(false, keyData, keyData.Length - 2); + + keyData[keyData.Length - 2] = check[0]; + keyData[keyData.Length - 1] = check[1]; + } + else + { + keyData = rawKeyData; + } + } + else + { + if (s2kUsage == SecretKeyPacket.UsageNone) + { + s2kUsage = SecretKeyPacket.UsageChecksum; + } + + try + { + if (pubKeyPacket.Version >= 4) + { + keyData = EncryptKeyDataV4(rawKeyData, newEncAlgorithm, HashAlgorithmTag.Sha1, rawNewPassPhrase, clearPassPhrase, rand, out s2k, out iv); + } + else + { + keyData = EncryptKeyDataV3(rawKeyData, newEncAlgorithm, rawNewPassPhrase, clearPassPhrase, rand, out s2k, out iv); + } + } + catch (PgpException e) + { + throw e; + } + catch (Exception e) + { + throw new PgpException("Exception encrypting key", e); + } + } + + SecretKeyPacket secret; + if (key.secret is SecretSubkeyPacket) + { + secret = new SecretSubkeyPacket(pubKeyPacket, newEncAlgorithm, s2kUsage, s2k, iv, keyData); + } + else + { + secret = new SecretKeyPacket(pubKeyPacket, newEncAlgorithm, s2kUsage, s2k, iv, keyData); + } + + return new PgpSecretKey(secret, key.pub); + } + + /// Replace the passed the public key on the passed in secret key. + /// Secret key to change. + /// New public key. + /// A new secret key. + /// If KeyId's do not match. + public static PgpSecretKey ReplacePublicKey( + PgpSecretKey secretKey, + PgpPublicKey publicKey) + { + if (publicKey.KeyId != secretKey.KeyId) + throw new ArgumentException("KeyId's do not match"); + + return new PgpSecretKey(secretKey.secret, publicKey); + } + + private static byte[] EncryptKeyDataV3( + byte[] rawKeyData, + SymmetricKeyAlgorithmTag encAlgorithm, + byte[] rawPassPhrase, + bool clearPassPhrase, + SecureRandom random, + out S2k s2k, + out byte[] iv) + { + // Version 2 or 3 - RSA Keys only + + s2k = null; + iv = null; + + KeyParameter encKey = PgpUtilities.DoMakeKeyFromPassPhrase(encAlgorithm, s2k, rawPassPhrase, clearPassPhrase); + + byte[] keyData = new byte[rawKeyData.Length]; + + // + // process 4 numbers + // + int pos = 0; + for (int i = 0; i != 4; i++) + { + int encLen = ((((rawKeyData[pos] & 0xff) << 8) | (rawKeyData[pos + 1] & 0xff)) + 7) / 8; + + keyData[pos] = rawKeyData[pos]; + keyData[pos + 1] = rawKeyData[pos + 1]; + + if (encLen > (rawKeyData.Length - (pos + 2))) + throw new PgpException("out of range encLen found in rawKeyData"); + + byte[] tmp; + if (i == 0) + { + tmp = EncryptData(encAlgorithm, encKey, rawKeyData, pos + 2, encLen, random, ref iv); + } + else + { + byte[] tmpIv = Arrays.CopyOfRange(keyData, pos - iv.Length, pos); + + tmp = EncryptData(encAlgorithm, encKey, rawKeyData, pos + 2, encLen, random, ref tmpIv); + } + + Array.Copy(tmp, 0, keyData, pos + 2, tmp.Length); + pos += 2 + encLen; + } + + // + // copy in checksum. + // + keyData[pos] = rawKeyData[pos]; + keyData[pos + 1] = rawKeyData[pos + 1]; + + return keyData; + } + + private static byte[] EncryptKeyDataV4( + byte[] rawKeyData, + SymmetricKeyAlgorithmTag encAlgorithm, + HashAlgorithmTag hashAlgorithm, + byte[] rawPassPhrase, + bool clearPassPhrase, + SecureRandom random, + out S2k s2k, + out byte[] iv) + { + s2k = PgpUtilities.GenerateS2k(hashAlgorithm, 0x60, random); + + KeyParameter key = PgpUtilities.DoMakeKeyFromPassPhrase(encAlgorithm, s2k, rawPassPhrase, clearPassPhrase); + + iv = null; + return EncryptData(encAlgorithm, key, rawKeyData, 0, rawKeyData.Length, random, ref iv); + } + + private static byte[] EncryptData( + SymmetricKeyAlgorithmTag encAlgorithm, + KeyParameter key, + byte[] data, + int dataOff, + int dataLen, + SecureRandom random, + ref byte[] iv) + { + IBufferedCipher c; + try + { + string cName = PgpUtilities.GetSymmetricCipherName(encAlgorithm); + c = CipherUtilities.GetCipher(cName + "/CFB/NoPadding"); + } + catch (Exception e) + { + throw new PgpException("Exception creating cipher", e); + } + + if (iv == null) + { + iv = PgpUtilities.GenerateIV(c.GetBlockSize(), random); + } + + c.Init(true, new ParametersWithRandom(new ParametersWithIV(key, iv), random)); + + return c.DoFinal(data, dataOff, dataLen); + } + + /// + /// Parse a secret key from one of the GPG S expression keys associating it with the passed in public key. + /// + /// + /// Conversion of the passphrase characters to bytes is performed using Convert.ToByte(), which is + /// the historical behaviour of the library (1.7 and earlier). + /// + public static PgpSecretKey ParseSecretKeyFromSExpr(Stream inputStream, char[] passPhrase, PgpPublicKey pubKey) + { + return DoParseSecretKeyFromSExpr(inputStream, PgpUtilities.EncodePassPhrase(passPhrase, false), true, pubKey); + } + + /// + /// Parse a secret key from one of the GPG S expression keys associating it with the passed in public key. + /// + /// + /// The passphrase is encoded to bytes using UTF8 (Encoding.UTF8.GetBytes). + /// + public static PgpSecretKey ParseSecretKeyFromSExprUtf8(Stream inputStream, char[] passPhrase, PgpPublicKey pubKey) + { + return DoParseSecretKeyFromSExpr(inputStream, PgpUtilities.EncodePassPhrase(passPhrase, true), true, pubKey); + } + + /// + /// Parse a secret key from one of the GPG S expression keys associating it with the passed in public key. + /// + /// + /// Allows the caller to handle the encoding of the passphrase to bytes. + /// + public static PgpSecretKey ParseSecretKeyFromSExprRaw(Stream inputStream, byte[] rawPassPhrase, PgpPublicKey pubKey) + { + return DoParseSecretKeyFromSExpr(inputStream, rawPassPhrase, false, pubKey); + } + + internal static PgpSecretKey DoParseSecretKeyFromSExpr(Stream inputStream, byte[] rawPassPhrase, bool clearPassPhrase, PgpPublicKey pubKey) + { + SXprUtilities.SkipOpenParenthesis(inputStream); + + string type = SXprUtilities.ReadString(inputStream, inputStream.ReadByte()); + if (type.Equals("protected-private-key")) + { + SXprUtilities.SkipOpenParenthesis(inputStream); + + string curveName; + + string keyType = SXprUtilities.ReadString(inputStream, inputStream.ReadByte()); + if (keyType.Equals("ecc")) + { + SXprUtilities.SkipOpenParenthesis(inputStream); + + string curveID = SXprUtilities.ReadString(inputStream, inputStream.ReadByte()); + curveName = SXprUtilities.ReadString(inputStream, inputStream.ReadByte()); + + SXprUtilities.SkipCloseParenthesis(inputStream); + } + else + { + throw new PgpException("no curve details found"); + } + + byte[] qVal; + + SXprUtilities.SkipOpenParenthesis(inputStream); + + type = SXprUtilities.ReadString(inputStream, inputStream.ReadByte()); + if (type.Equals("q")) + { + qVal = SXprUtilities.ReadBytes(inputStream, inputStream.ReadByte()); + } + else + { + throw new PgpException("no q value found"); + } + + SXprUtilities.SkipCloseParenthesis(inputStream); + + byte[] dValue = GetDValue(inputStream, rawPassPhrase, clearPassPhrase, curveName); + // TODO: check SHA-1 hash. + + return new PgpSecretKey(new SecretKeyPacket(pubKey.PublicKeyPacket, SymmetricKeyAlgorithmTag.Null, null, null, + new ECSecretBcpgKey(new BigInteger(1, dValue)).GetEncoded()), pubKey); + } + + throw new PgpException("unknown key type found"); + } + + /// + /// Parse a secret key from one of the GPG S expression keys. + /// + /// + /// Conversion of the passphrase characters to bytes is performed using Convert.ToByte(), which is + /// the historical behaviour of the library (1.7 and earlier). + /// + public static PgpSecretKey ParseSecretKeyFromSExpr(Stream inputStream, char[] passPhrase) + { + return DoParseSecretKeyFromSExpr(inputStream, PgpUtilities.EncodePassPhrase(passPhrase, false), true); + } + + /// + /// Parse a secret key from one of the GPG S expression keys. + /// + /// + /// The passphrase is encoded to bytes using UTF8 (Encoding.UTF8.GetBytes). + /// + public static PgpSecretKey ParseSecretKeyFromSExprUtf8(Stream inputStream, char[] passPhrase) + { + return DoParseSecretKeyFromSExpr(inputStream, PgpUtilities.EncodePassPhrase(passPhrase, true), true); + } + + /// + /// Parse a secret key from one of the GPG S expression keys. + /// + /// + /// Allows the caller to handle the encoding of the passphrase to bytes. + /// + public static PgpSecretKey ParseSecretKeyFromSExprRaw(Stream inputStream, byte[] rawPassPhrase) + { + return DoParseSecretKeyFromSExpr(inputStream, rawPassPhrase, false); + } + + /// + /// Parse a secret key from one of the GPG S expression keys. + /// + internal static PgpSecretKey DoParseSecretKeyFromSExpr(Stream inputStream, byte[] rawPassPhrase, bool clearPassPhrase) + { + SXprUtilities.SkipOpenParenthesis(inputStream); + + string type = SXprUtilities.ReadString(inputStream, inputStream.ReadByte()); + if (type.Equals("protected-private-key")) + { + SXprUtilities.SkipOpenParenthesis(inputStream); + + string curveName; + + string keyType = SXprUtilities.ReadString(inputStream, inputStream.ReadByte()); + if (keyType.Equals("ecc")) + { + SXprUtilities.SkipOpenParenthesis(inputStream); + + string curveID = SXprUtilities.ReadString(inputStream, inputStream.ReadByte()); + curveName = SXprUtilities.ReadString(inputStream, inputStream.ReadByte()); + + if (Platform.StartsWith(curveName, "NIST ")) + { + curveName = curveName.Substring("NIST ".Length); + } + + SXprUtilities.SkipCloseParenthesis(inputStream); + } + else + { + throw new PgpException("no curve details found"); + } + + byte[] qVal; + + SXprUtilities.SkipOpenParenthesis(inputStream); + + type = SXprUtilities.ReadString(inputStream, inputStream.ReadByte()); + if (type.Equals("q")) + { + qVal = SXprUtilities.ReadBytes(inputStream, inputStream.ReadByte()); + } + else + { + throw new PgpException("no q value found"); + } + + PublicKeyPacket pubPacket = new PublicKeyPacket(PublicKeyAlgorithmTag.ECDsa, DateTime.UtcNow, + new ECDsaPublicBcpgKey(ECNamedCurveTable.GetOid(curveName), new BigInteger(1, qVal))); + + SXprUtilities.SkipCloseParenthesis(inputStream); + + byte[] dValue = GetDValue(inputStream, rawPassPhrase, clearPassPhrase, curveName); + // TODO: check SHA-1 hash. + + return new PgpSecretKey(new SecretKeyPacket(pubPacket, SymmetricKeyAlgorithmTag.Null, null, null, + new ECSecretBcpgKey(new BigInteger(1, dValue)).GetEncoded()), new PgpPublicKey(pubPacket)); + } + + throw new PgpException("unknown key type found"); + } + + private static byte[] GetDValue(Stream inputStream, byte[] rawPassPhrase, bool clearPassPhrase, string curveName) + { + string type; + SXprUtilities.SkipOpenParenthesis(inputStream); + + string protection; + S2k s2k; + byte[] iv; + byte[] secKeyData; + + type = SXprUtilities.ReadString(inputStream, inputStream.ReadByte()); + if (type.Equals("protected")) + { + protection = SXprUtilities.ReadString(inputStream, inputStream.ReadByte()); + + SXprUtilities.SkipOpenParenthesis(inputStream); + + s2k = SXprUtilities.ParseS2k(inputStream); + + iv = SXprUtilities.ReadBytes(inputStream, inputStream.ReadByte()); + + SXprUtilities.SkipCloseParenthesis(inputStream); + + secKeyData = SXprUtilities.ReadBytes(inputStream, inputStream.ReadByte()); + } + else + { + throw new PgpException("protected block not found"); + } + + // TODO: recognise other algorithms + KeyParameter key = PgpUtilities.DoMakeKeyFromPassPhrase(SymmetricKeyAlgorithmTag.Aes128, s2k, rawPassPhrase, clearPassPhrase); + + byte[] data = RecoverKeyData(SymmetricKeyAlgorithmTag.Aes128, "/CBC/NoPadding", key, iv, secKeyData, 0, secKeyData.Length); + + // + // parse the secret key S-expr + // + Stream keyIn = new MemoryStream(data, false); + + SXprUtilities.SkipOpenParenthesis(keyIn); + SXprUtilities.SkipOpenParenthesis(keyIn); + SXprUtilities.SkipOpenParenthesis(keyIn); + String name = SXprUtilities.ReadString(keyIn, keyIn.ReadByte()); + return SXprUtilities.ReadBytes(keyIn, keyIn.ReadByte()); + } + } +} diff --git a/BouncyCastle/crypto/src/openpgp/PgpSecretKeyRing.cs b/BouncyCastle/crypto/src/openpgp/PgpSecretKeyRing.cs new file mode 100644 index 0000000..06ad4d3 --- /dev/null +++ b/BouncyCastle/crypto/src/openpgp/PgpSecretKeyRing.cs @@ -0,0 +1,308 @@ +using System; +using System.Collections; +using System.IO; + +using Org.BouncyCastle.Security; +using Org.BouncyCastle.Utilities; +using Org.BouncyCastle.Utilities.Collections; + +namespace Org.BouncyCastle.Bcpg.OpenPgp +{ + /// + /// Class to hold a single master secret key and its subkeys. + ///

    + /// Often PGP keyring files consist of multiple master keys, if you are trying to process + /// or construct one of these you should use the PgpSecretKeyRingBundle class. + ///

    + ///     + public class PgpSecretKeyRing + : PgpKeyRing + { + private readonly IList keys; + private readonly IList extraPubKeys; + + internal PgpSecretKeyRing( + IList keys) + : this(keys, Platform.CreateArrayList()) + { + } + + private PgpSecretKeyRing( + IList keys, + IList extraPubKeys) + { + this.keys = keys; + this.extraPubKeys = extraPubKeys; + } + + public PgpSecretKeyRing( + byte[] encoding) + : this(new MemoryStream(encoding)) + { + } + + public PgpSecretKeyRing( + Stream inputStream) + { + this.keys = Platform.CreateArrayList(); + this.extraPubKeys = Platform.CreateArrayList(); + + BcpgInputStream bcpgInput = BcpgInputStream.Wrap(inputStream); + + PacketTag initialTag = bcpgInput.SkipMarkerPackets(); + if (initialTag != PacketTag.SecretKey && initialTag != PacketTag.SecretSubkey) + { + throw new IOException("secret key ring doesn't start with secret key tag: " + + "tag 0x" + ((int)initialTag).ToString("X")); + } + + SecretKeyPacket secret = (SecretKeyPacket) bcpgInput.ReadPacket(); + + // + // ignore GPG comment packets if found. + // + while (bcpgInput.NextPacketTag() == PacketTag.Experimental2) + { + bcpgInput.ReadPacket(); + } + + TrustPacket trust = ReadOptionalTrustPacket(bcpgInput); + + // revocation and direct signatures + IList keySigs = ReadSignaturesAndTrust(bcpgInput); + + IList ids, idTrusts, idSigs; + ReadUserIDs(bcpgInput, out ids, out idTrusts, out idSigs); + + keys.Add(new PgpSecretKey(secret, new PgpPublicKey(secret.PublicKeyPacket, trust, keySigs, ids, idTrusts, idSigs))); + + + // Read subkeys + while (bcpgInput.NextPacketTag() == PacketTag.SecretSubkey + || bcpgInput.NextPacketTag() == PacketTag.PublicSubkey) + { + if (bcpgInput.NextPacketTag() == PacketTag.SecretSubkey) + { + SecretSubkeyPacket sub = (SecretSubkeyPacket) bcpgInput.ReadPacket(); + + // + // ignore GPG comment packets if found. + // + while (bcpgInput.NextPacketTag() == PacketTag.Experimental2) + { + bcpgInput.ReadPacket(); + } + + TrustPacket subTrust = ReadOptionalTrustPacket(bcpgInput); + IList sigList = ReadSignaturesAndTrust(bcpgInput); + + keys.Add(new PgpSecretKey(sub, new PgpPublicKey(sub.PublicKeyPacket, subTrust, sigList))); + } + else + { + PublicSubkeyPacket sub = (PublicSubkeyPacket) bcpgInput.ReadPacket(); + + TrustPacket subTrust = ReadOptionalTrustPacket(bcpgInput); + IList sigList = ReadSignaturesAndTrust(bcpgInput); + + extraPubKeys.Add(new PgpPublicKey(sub, subTrust, sigList)); + } + } + } + + /// Return the public key for the master key. + public PgpPublicKey GetPublicKey() + { + return ((PgpSecretKey) keys[0]).PublicKey; + } + + /// Return the master private key. + public PgpSecretKey GetSecretKey() + { + return (PgpSecretKey) keys[0]; + } + + /// Allows enumeration of the secret keys. + /// An IEnumerable of PgpSecretKey objects. + public IEnumerable GetSecretKeys() + { + return new EnumerableProxy(keys); + } + + public PgpSecretKey GetSecretKey( + long keyId) + { + foreach (PgpSecretKey k in keys) + { + if (keyId == k.KeyId) + { + return k; + } + } + + return null; + } + + /// + /// Return an iterator of the public keys in the secret key ring that + /// have no matching private key. At the moment only personal certificate data + /// appears in this fashion. + /// + /// An IEnumerable of unattached, or extra, public keys. + public IEnumerable GetExtraPublicKeys() + { + return new EnumerableProxy(extraPubKeys); + } + + public byte[] GetEncoded() + { + MemoryStream bOut = new MemoryStream(); + + Encode(bOut); + + return bOut.ToArray(); + } + + public void Encode( + Stream outStr) + { + if (outStr == null) + throw new ArgumentNullException("outStr"); + + foreach (PgpSecretKey key in keys) + { + key.Encode(outStr); + } + foreach (PgpPublicKey extraPubKey in extraPubKeys) + { + extraPubKey.Encode(outStr); + } + } + + /// + /// Replace the public key set on the secret ring with the corresponding key off the public ring. + /// + /// Secret ring to be changed. + /// Public ring containing the new public key set. + public static PgpSecretKeyRing ReplacePublicKeys( + PgpSecretKeyRing secretRing, + PgpPublicKeyRing publicRing) + { + IList newList = Platform.CreateArrayList(secretRing.keys.Count); + + foreach (PgpSecretKey sk in secretRing.keys) + { + PgpPublicKey pk = publicRing.GetPublicKey(sk.KeyId); + + newList.Add(PgpSecretKey.ReplacePublicKey(sk, pk)); + } + + return new PgpSecretKeyRing(newList); + } + + /// + /// Return a copy of the passed in secret key ring, with the master key and sub keys encrypted + /// using a new password and the passed in algorithm. + /// + /// The PgpSecretKeyRing to be copied. + /// The current password for key. + /// The new password for the key. + /// The algorithm to be used for the encryption. + /// Source of randomness. + public static PgpSecretKeyRing CopyWithNewPassword( + PgpSecretKeyRing ring, + char[] oldPassPhrase, + char[] newPassPhrase, + SymmetricKeyAlgorithmTag newEncAlgorithm, + SecureRandom rand) + { + IList newKeys = Platform.CreateArrayList(ring.keys.Count); + foreach (PgpSecretKey secretKey in ring.GetSecretKeys()) + { + if (secretKey.IsPrivateKeyEmpty) + { + newKeys.Add(secretKey); + } + else + { + newKeys.Add(PgpSecretKey.CopyWithNewPassword(secretKey, oldPassPhrase, newPassPhrase, newEncAlgorithm, rand)); + } + } + + return new PgpSecretKeyRing(newKeys, ring.extraPubKeys); + } + + /// + /// Returns a new key ring with the secret key passed in either added or + /// replacing an existing one with the same key ID. + /// + /// The secret key ring to be modified. + /// The secret key to be inserted. + /// A new PgpSecretKeyRing + public static PgpSecretKeyRing InsertSecretKey( + PgpSecretKeyRing secRing, + PgpSecretKey secKey) + { + IList keys = Platform.CreateArrayList(secRing.keys); + bool found = false; + bool masterFound = false; + + for (int i = 0; i != keys.Count; i++) + { + PgpSecretKey key = (PgpSecretKey) keys[i]; + + if (key.KeyId == secKey.KeyId) + { + found = true; + keys[i] = secKey; + } + if (key.IsMasterKey) + { + masterFound = true; + } + } + + if (!found) + { + if (secKey.IsMasterKey) + { + if (masterFound) + throw new ArgumentException("cannot add a master key to a ring that already has one"); + + keys.Insert(0, secKey); + } + else + { + keys.Add(secKey); + } + } + + return new PgpSecretKeyRing(keys, secRing.extraPubKeys); + } + + /// Returns a new key ring with the secret key passed in removed from the key ring. + /// The secret key ring to be modified. + /// The secret key to be removed. + /// A new PgpSecretKeyRing, or null if secKey is not found. + public static PgpSecretKeyRing RemoveSecretKey( + PgpSecretKeyRing secRing, + PgpSecretKey secKey) + { + IList keys = Platform.CreateArrayList(secRing.keys); + bool found = false; + + for (int i = 0; i < keys.Count; i++) + { + PgpSecretKey key = (PgpSecretKey)keys[i]; + + if (key.KeyId == secKey.KeyId) + { + found = true; + keys.RemoveAt(i); + } + } + + return found ? new PgpSecretKeyRing(keys, secRing.extraPubKeys) : null; + } + } +} diff --git a/BouncyCastle/crypto/src/openpgp/PgpSecretKeyRingBundle.cs b/BouncyCastle/crypto/src/openpgp/PgpSecretKeyRingBundle.cs new file mode 100644 index 0000000..26be9c1 --- /dev/null +++ b/BouncyCastle/crypto/src/openpgp/PgpSecretKeyRingBundle.cs @@ -0,0 +1,281 @@ +using System; +using System.Collections; +using System.IO; + +using Org.BouncyCastle.Utilities; +using Org.BouncyCastle.Utilities.Collections; + +namespace Org.BouncyCastle.Bcpg.OpenPgp +{ + /// + /// Often a PGP key ring file is made up of a succession of master/sub-key key rings. + /// If you want to read an entire secret key file in one hit this is the class for you. + /// + public class PgpSecretKeyRingBundle + { + private readonly IDictionary secretRings; + private readonly IList order; + + private PgpSecretKeyRingBundle( + IDictionary secretRings, + IList order) + { + this.secretRings = secretRings; + this.order = order; + } + + public PgpSecretKeyRingBundle( + byte[] encoding) + : this(new MemoryStream(encoding, false)) + { + } + + /// Build a PgpSecretKeyRingBundle from the passed in input stream. + /// Input stream containing data. + /// If a problem parsing the stream occurs. + /// If an object is encountered which isn't a PgpSecretKeyRing. + public PgpSecretKeyRingBundle( + Stream inputStream) + : this(new PgpObjectFactory(inputStream).AllPgpObjects()) + { + } + + public PgpSecretKeyRingBundle( + IEnumerable e) + { + this.secretRings = Platform.CreateHashtable(); + this.order = Platform.CreateArrayList(); + + foreach (object obj in e) + { + // Marker packets must be ignored + if (obj is PgpMarker) + continue; + + PgpSecretKeyRing pgpSecret = obj as PgpSecretKeyRing; + if (pgpSecret == null) + throw new PgpException(Platform.GetTypeName(obj) + " found where PgpSecretKeyRing expected"); + + long key = pgpSecret.GetPublicKey().KeyId; + secretRings.Add(key, pgpSecret); + order.Add(key); + } + } + + [Obsolete("Use 'Count' property instead")] + public int Size + { + get { return order.Count; } + } + + /// Return the number of rings in this collection. + public int Count + { + get { return order.Count; } + } + + /// Allow enumeration of the secret key rings making up this collection. + public IEnumerable GetKeyRings() + { + return new EnumerableProxy(secretRings.Values); + } + + /// Allow enumeration of the key rings associated with the passed in userId. + /// The user ID to be matched. + /// An IEnumerable of key rings which matched (possibly none). + public IEnumerable GetKeyRings( + string userId) + { + return GetKeyRings(userId, false, false); + } + + /// Allow enumeration of the key rings associated with the passed in userId. + /// The user ID to be matched. + /// If true, userId need only be a substring of an actual ID string to match. + /// An IEnumerable of key rings which matched (possibly none). + public IEnumerable GetKeyRings( + string userId, + bool matchPartial) + { + return GetKeyRings(userId, matchPartial, false); + } + + /// Allow enumeration of the key rings associated with the passed in userId. + /// The user ID to be matched. + /// If true, userId need only be a substring of an actual ID string to match. + /// If true, case is ignored in user ID comparisons. + /// An IEnumerable of key rings which matched (possibly none). + public IEnumerable GetKeyRings( + string userId, + bool matchPartial, + bool ignoreCase) + { + IList rings = Platform.CreateArrayList(); + + if (ignoreCase) + { + userId = Platform.ToUpperInvariant(userId); + } + + foreach (PgpSecretKeyRing secRing in GetKeyRings()) + { + foreach (string nextUserID in secRing.GetSecretKey().UserIds) + { + string next = nextUserID; + if (ignoreCase) + { + next = Platform.ToUpperInvariant(next); + } + + if (matchPartial) + { + if (Platform.IndexOf(next, userId) > -1) + { + rings.Add(secRing); + } + } + else + { + if (next.Equals(userId)) + { + rings.Add(secRing); + } + } + } + } + + return new EnumerableProxy(rings); + } + + /// Return the PGP secret key associated with the given key id. + /// The ID of the secret key to return. + public PgpSecretKey GetSecretKey( + long keyId) + { + foreach (PgpSecretKeyRing secRing in GetKeyRings()) + { + PgpSecretKey sec = secRing.GetSecretKey(keyId); + + if (sec != null) + { + return sec; + } + } + + return null; + } + + /// Return the secret key ring which contains the key referred to by keyId + /// The ID of the secret key + public PgpSecretKeyRing GetSecretKeyRing( + long keyId) + { + long id = keyId; + + if (secretRings.Contains(id)) + { + return (PgpSecretKeyRing) secretRings[id]; + } + + foreach (PgpSecretKeyRing secretRing in GetKeyRings()) + { + PgpSecretKey secret = secretRing.GetSecretKey(keyId); + + if (secret != null) + { + return secretRing; + } + } + + return null; + } + + /// + /// Return true if a key matching the passed in key ID is present, false otherwise. + /// + /// key ID to look for. + public bool Contains( + long keyID) + { + return GetSecretKey(keyID) != null; + } + + public byte[] GetEncoded() + { + MemoryStream bOut = new MemoryStream(); + + Encode(bOut); + + return bOut.ToArray(); + } + + public void Encode( + Stream outStr) + { + BcpgOutputStream bcpgOut = BcpgOutputStream.Wrap(outStr); + + foreach (long key in order) + { + PgpSecretKeyRing pub = (PgpSecretKeyRing) secretRings[key]; + + pub.Encode(bcpgOut); + } + } + + /// + /// Return a new bundle containing the contents of the passed in bundle and + /// the passed in secret key ring. + /// + /// The PgpSecretKeyRingBundle the key ring is to be added to. + /// The key ring to be added. + /// A new PgpSecretKeyRingBundle merging the current one with the passed in key ring. + /// If the keyId for the passed in key ring is already present. + public static PgpSecretKeyRingBundle AddSecretKeyRing( + PgpSecretKeyRingBundle bundle, + PgpSecretKeyRing secretKeyRing) + { + long key = secretKeyRing.GetPublicKey().KeyId; + + if (bundle.secretRings.Contains(key)) + { + throw new ArgumentException("Collection already contains a key with a keyId for the passed in ring."); + } + + IDictionary newSecretRings = Platform.CreateHashtable(bundle.secretRings); + IList newOrder = Platform.CreateArrayList(bundle.order); + + newSecretRings[key] = secretKeyRing; + newOrder.Add(key); + + return new PgpSecretKeyRingBundle(newSecretRings, newOrder); + } + + /// + /// Return a new bundle containing the contents of the passed in bundle with + /// the passed in secret key ring removed. + /// + /// The PgpSecretKeyRingBundle the key ring is to be removed from. + /// The key ring to be removed. + /// A new PgpSecretKeyRingBundle not containing the passed in key ring. + /// If the keyId for the passed in key ring is not present. + public static PgpSecretKeyRingBundle RemoveSecretKeyRing( + PgpSecretKeyRingBundle bundle, + PgpSecretKeyRing secretKeyRing) + { + long key = secretKeyRing.GetPublicKey().KeyId; + + if (!bundle.secretRings.Contains(key)) + { + throw new ArgumentException("Collection does not contain a key with a keyId for the passed in ring."); + } + + IDictionary newSecretRings = Platform.CreateHashtable(bundle.secretRings); + IList newOrder = Platform.CreateArrayList(bundle.order); + + newSecretRings.Remove(key); + newOrder.Remove(key); + + return new PgpSecretKeyRingBundle(newSecretRings, newOrder); + } + } +} diff --git a/BouncyCastle/crypto/src/openpgp/PgpSignature.cs b/BouncyCastle/crypto/src/openpgp/PgpSignature.cs new file mode 100644 index 0000000..fb62447 --- /dev/null +++ b/BouncyCastle/crypto/src/openpgp/PgpSignature.cs @@ -0,0 +1,455 @@ +using System; +using System.IO; +using Org.BouncyCastle.Asn1; + +using Org.BouncyCastle.Crypto; +using Org.BouncyCastle.Security; +using Org.BouncyCastle.Utilities; +using Org.BouncyCastle.Utilities.Date; + +namespace Org.BouncyCastle.Bcpg.OpenPgp +{ + /// A PGP signature object. + public class PgpSignature + { + private static SignaturePacket Cast(Packet packet) + { + if (!(packet is SignaturePacket)) + throw new IOException("unexpected packet in stream: " + packet); + + return (SignaturePacket)packet; + } + + public const int BinaryDocument = 0x00; + public const int CanonicalTextDocument = 0x01; + public const int StandAlone = 0x02; + + public const int DefaultCertification = 0x10; + public const int NoCertification = 0x11; + public const int CasualCertification = 0x12; + public const int PositiveCertification = 0x13; + + public const int SubkeyBinding = 0x18; + public const int PrimaryKeyBinding = 0x19; + public const int DirectKey = 0x1f; + public const int KeyRevocation = 0x20; + public const int SubkeyRevocation = 0x28; + public const int CertificationRevocation = 0x30; + public const int Timestamp = 0x40; + + private readonly SignaturePacket sigPck; + private readonly int signatureType; + private readonly TrustPacket trustPck; + + private ISigner sig; + private byte lastb; // Initial value anything but '\r' + + internal PgpSignature( + BcpgInputStream bcpgInput) + : this(Cast(bcpgInput.ReadPacket())) + { + } + + internal PgpSignature( + SignaturePacket sigPacket) + : this(sigPacket, null) + { + } + + internal PgpSignature( + SignaturePacket sigPacket, + TrustPacket trustPacket) + { + if (sigPacket == null) + throw new ArgumentNullException("sigPacket"); + + this.sigPck = sigPacket; + this.signatureType = sigPck.SignatureType; + this.trustPck = trustPacket; + } + + private void GetSig() + { + this.sig = SignerUtilities.GetSigner( + PgpUtilities.GetSignatureName(sigPck.KeyAlgorithm, sigPck.HashAlgorithm)); + } + + /// The OpenPGP version number for this signature. + public int Version + { + get { return sigPck.Version; } + } + + /// The key algorithm associated with this signature. + public PublicKeyAlgorithmTag KeyAlgorithm + { + get { return sigPck.KeyAlgorithm; } + } + + /// The hash algorithm associated with this signature. + public HashAlgorithmTag HashAlgorithm + { + get { return sigPck.HashAlgorithm; } + } + + /// Return true if this signature represents a certification. + public bool IsCertification() + { + return IsCertification(SignatureType); + } + + public void InitVerify( + PgpPublicKey pubKey) + { + lastb = 0; + if (sig == null) + { + GetSig(); + } + try + { + sig.Init(false, pubKey.GetKey()); + } + catch (InvalidKeyException e) + { + throw new PgpException("invalid key.", e); + } + } + + public void Update( + byte b) + { + if (signatureType == CanonicalTextDocument) + { + doCanonicalUpdateByte(b); + } + else + { + sig.Update(b); + } + } + + private void doCanonicalUpdateByte( + byte b) + { + if (b == '\r') + { + doUpdateCRLF(); + } + else if (b == '\n') + { + if (lastb != '\r') + { + doUpdateCRLF(); + } + } + else + { + sig.Update(b); + } + + lastb = b; + } + + private void doUpdateCRLF() + { + sig.Update((byte)'\r'); + sig.Update((byte)'\n'); + } + + public void Update( + params byte[] bytes) + { + Update(bytes, 0, bytes.Length); + } + + public void Update( + byte[] bytes, + int off, + int length) + { + if (signatureType == CanonicalTextDocument) + { + int finish = off + length; + + for (int i = off; i != finish; i++) + { + doCanonicalUpdateByte(bytes[i]); + } + } + else + { + sig.BlockUpdate(bytes, off, length); + } + } + + public bool Verify() + { + byte[] trailer = GetSignatureTrailer(); + sig.BlockUpdate(trailer, 0, trailer.Length); + + return sig.VerifySignature(GetSignature()); + } + + private void UpdateWithIdData( + int header, + byte[] idBytes) + { + this.Update( + (byte) header, + (byte)(idBytes.Length >> 24), + (byte)(idBytes.Length >> 16), + (byte)(idBytes.Length >> 8), + (byte)(idBytes.Length)); + this.Update(idBytes); + } + + private void UpdateWithPublicKey( + PgpPublicKey key) + { + byte[] keyBytes = GetEncodedPublicKey(key); + + this.Update( + (byte) 0x99, + (byte)(keyBytes.Length >> 8), + (byte)(keyBytes.Length)); + this.Update(keyBytes); + } + + /// + /// Verify the signature as certifying the passed in public key as associated + /// with the passed in user attributes. + /// + /// User attributes the key was stored under. + /// The key to be verified. + /// True, if the signature matches, false otherwise. + public bool VerifyCertification( + PgpUserAttributeSubpacketVector userAttributes, + PgpPublicKey key) + { + UpdateWithPublicKey(key); + + // + // hash in the userAttributes + // + try + { + MemoryStream bOut = new MemoryStream(); + foreach (UserAttributeSubpacket packet in userAttributes.ToSubpacketArray()) + { + packet.Encode(bOut); + } + UpdateWithIdData(0xd1, bOut.ToArray()); + } + catch (IOException e) + { + throw new PgpException("cannot encode subpacket array", e); + } + + this.Update(sigPck.GetSignatureTrailer()); + + return sig.VerifySignature(this.GetSignature()); + } + + /// + /// Verify the signature as certifying the passed in public key as associated + /// with the passed in ID. + /// + /// ID the key was stored under. + /// The key to be verified. + /// True, if the signature matches, false otherwise. + public bool VerifyCertification( + string id, + PgpPublicKey key) + { + UpdateWithPublicKey(key); + + // + // hash in the id + // + UpdateWithIdData(0xb4, Strings.ToUtf8ByteArray(id)); + + Update(sigPck.GetSignatureTrailer()); + + return sig.VerifySignature(GetSignature()); + } + + /// Verify a certification for the passed in key against the passed in master key. + /// The key we are verifying against. + /// The key we are verifying. + /// True, if the certification is valid, false otherwise. + public bool VerifyCertification( + PgpPublicKey masterKey, + PgpPublicKey pubKey) + { + UpdateWithPublicKey(masterKey); + UpdateWithPublicKey(pubKey); + + Update(sigPck.GetSignatureTrailer()); + + return sig.VerifySignature(GetSignature()); + } + + /// Verify a key certification, such as revocation, for the passed in key. + /// The key we are checking. + /// True, if the certification is valid, false otherwise. + public bool VerifyCertification( + PgpPublicKey pubKey) + { + if (SignatureType != KeyRevocation + && SignatureType != SubkeyRevocation) + { + throw new InvalidOperationException("signature is not a key signature"); + } + + UpdateWithPublicKey(pubKey); + + Update(sigPck.GetSignatureTrailer()); + + return sig.VerifySignature(GetSignature()); + } + + public int SignatureType + { + get { return sigPck.SignatureType; } + } + + /// The ID of the key that created the signature. + public long KeyId + { + get { return sigPck.KeyId; } + } + + [Obsolete("Use 'CreationTime' property instead")] + public DateTime GetCreationTime() + { + return CreationTime; + } + + /// The creation time of this signature. + public DateTime CreationTime + { + get { return DateTimeUtilities.UnixMsToDateTime(sigPck.CreationTime); } + } + + public byte[] GetSignatureTrailer() + { + return sigPck.GetSignatureTrailer(); + } + + /// + /// Return true if the signature has either hashed or unhashed subpackets. + /// + public bool HasSubpackets + { + get + { + return sigPck.GetHashedSubPackets() != null + || sigPck.GetUnhashedSubPackets() != null; + } + } + + public PgpSignatureSubpacketVector GetHashedSubPackets() + { + return createSubpacketVector(sigPck.GetHashedSubPackets()); + } + + public PgpSignatureSubpacketVector GetUnhashedSubPackets() + { + return createSubpacketVector(sigPck.GetUnhashedSubPackets()); + } + + private PgpSignatureSubpacketVector createSubpacketVector(SignatureSubpacket[] pcks) + { + return pcks == null ? null : new PgpSignatureSubpacketVector(pcks); + } + + public byte[] GetSignature() + { + MPInteger[] sigValues = sigPck.GetSignature(); + byte[] signature; + + if (sigValues != null) + { + if (sigValues.Length == 1) // an RSA signature + { + signature = sigValues[0].Value.ToByteArrayUnsigned(); + } + else + { + try + { + signature = new DerSequence( + new DerInteger(sigValues[0].Value), + new DerInteger(sigValues[1].Value)).GetEncoded(); + } + catch (IOException e) + { + throw new PgpException("exception encoding DSA sig.", e); + } + } + } + else + { + signature = sigPck.GetSignatureBytes(); + } + + return signature; + } + + // TODO Handle the encoding stuff by subclassing BcpgObject? + public byte[] GetEncoded() + { + MemoryStream bOut = new MemoryStream(); + + Encode(bOut); + + return bOut.ToArray(); + } + + public void Encode( + Stream outStream) + { + BcpgOutputStream bcpgOut = BcpgOutputStream.Wrap(outStream); + + bcpgOut.WritePacket(sigPck); + + if (trustPck != null) + { + bcpgOut.WritePacket(trustPck); + } + } + + private byte[] GetEncodedPublicKey( + PgpPublicKey pubKey) + { + try + { + return pubKey.publicPk.GetEncodedContents(); + } + catch (IOException e) + { + throw new PgpException("exception preparing key.", e); + } + } + + /// + /// Return true if the passed in signature type represents a certification, false if the signature type is not. + /// + /// + /// true if signatureType is a certification, false otherwise. + public static bool IsCertification(int signatureType) + { + switch (signatureType) + { + case DefaultCertification: + case NoCertification: + case CasualCertification: + case PositiveCertification: + return true; + default: + return false; + } + } + } +} diff --git a/BouncyCastle/crypto/src/openpgp/PgpSignatureGenerator.cs b/BouncyCastle/crypto/src/openpgp/PgpSignatureGenerator.cs new file mode 100644 index 0000000..c530968 --- /dev/null +++ b/BouncyCastle/crypto/src/openpgp/PgpSignatureGenerator.cs @@ -0,0 +1,393 @@ +using System; +using System.IO; + +using Org.BouncyCastle.Bcpg.Sig; +using Org.BouncyCastle.Crypto; +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Math; +using Org.BouncyCastle.Security; +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Bcpg.OpenPgp +{ + /// Generator for PGP signatures. + // TODO Should be able to implement ISigner? + public class PgpSignatureGenerator + { + private static readonly SignatureSubpacket[] EmptySignatureSubpackets = new SignatureSubpacket[0]; + + private PublicKeyAlgorithmTag keyAlgorithm; + private HashAlgorithmTag hashAlgorithm; + private PgpPrivateKey privKey; + private ISigner sig; + private IDigest dig; + private int signatureType; + private byte lastb; + + private SignatureSubpacket[] unhashed = EmptySignatureSubpackets; + private SignatureSubpacket[] hashed = EmptySignatureSubpackets; + + /// Create a generator for the passed in keyAlgorithm and hashAlgorithm codes. + public PgpSignatureGenerator( + PublicKeyAlgorithmTag keyAlgorithm, + HashAlgorithmTag hashAlgorithm) + { + this.keyAlgorithm = keyAlgorithm; + this.hashAlgorithm = hashAlgorithm; + + dig = DigestUtilities.GetDigest(PgpUtilities.GetDigestName(hashAlgorithm)); + sig = SignerUtilities.GetSigner(PgpUtilities.GetSignatureName(keyAlgorithm, hashAlgorithm)); + } + + /// Initialise the generator for signing. + public void InitSign( + int sigType, + PgpPrivateKey key) + { + InitSign(sigType, key, null); + } + + /// Initialise the generator for signing. + public void InitSign( + int sigType, + PgpPrivateKey key, + SecureRandom random) + { + this.privKey = key; + this.signatureType = sigType; + + try + { + ICipherParameters cp = key.Key; + if (random != null) + { + cp = new ParametersWithRandom(key.Key, random); + } + + sig.Init(true, cp); + } + catch (InvalidKeyException e) + { + throw new PgpException("invalid key.", e); + } + + dig.Reset(); + lastb = 0; + } + + public void Update( + byte b) + { + if (signatureType == PgpSignature.CanonicalTextDocument) + { + doCanonicalUpdateByte(b); + } + else + { + doUpdateByte(b); + } + } + + private void doCanonicalUpdateByte( + byte b) + { + if (b == '\r') + { + doUpdateCRLF(); + } + else if (b == '\n') + { + if (lastb != '\r') + { + doUpdateCRLF(); + } + } + else + { + doUpdateByte(b); + } + + lastb = b; + } + + private void doUpdateCRLF() + { + doUpdateByte((byte)'\r'); + doUpdateByte((byte)'\n'); + } + + private void doUpdateByte( + byte b) + { + sig.Update(b); + dig.Update(b); + } + + public void Update( + params byte[] b) + { + Update(b, 0, b.Length); + } + + public void Update( + byte[] b, + int off, + int len) + { + if (signatureType == PgpSignature.CanonicalTextDocument) + { + int finish = off + len; + + for (int i = off; i != finish; i++) + { + doCanonicalUpdateByte(b[i]); + } + } + else + { + sig.BlockUpdate(b, off, len); + dig.BlockUpdate(b, off, len); + } + } + + public void SetHashedSubpackets( + PgpSignatureSubpacketVector hashedPackets) + { + hashed = hashedPackets == null + ? EmptySignatureSubpackets + : hashedPackets.ToSubpacketArray(); + } + + public void SetUnhashedSubpackets( + PgpSignatureSubpacketVector unhashedPackets) + { + unhashed = unhashedPackets == null + ? EmptySignatureSubpackets + : unhashedPackets.ToSubpacketArray(); + } + + /// Return the one pass header associated with the current signature. + public PgpOnePassSignature GenerateOnePassVersion( + bool isNested) + { + return new PgpOnePassSignature( + new OnePassSignaturePacket( + signatureType, hashAlgorithm, keyAlgorithm, privKey.KeyId, isNested)); + } + + /// Return a signature object containing the current signature state. + public PgpSignature Generate() + { + SignatureSubpacket[] hPkts = hashed, unhPkts = unhashed; + + if (!packetPresent(hashed, SignatureSubpacketTag.CreationTime)) + { + hPkts = insertSubpacket(hPkts, new SignatureCreationTime(false, DateTime.UtcNow)); + } + + if (!packetPresent(hashed, SignatureSubpacketTag.IssuerKeyId) + && !packetPresent(unhashed, SignatureSubpacketTag.IssuerKeyId)) + { + unhPkts = insertSubpacket(unhPkts, new IssuerKeyId(false, privKey.KeyId)); + } + + int version = 4; + byte[] hData; + + try + { + MemoryStream hOut = new MemoryStream(); + + for (int i = 0; i != hPkts.Length; i++) + { + hPkts[i].Encode(hOut); + } + + byte[] data = hOut.ToArray(); + + MemoryStream sOut = new MemoryStream(data.Length + 6); + sOut.WriteByte((byte)version); + sOut.WriteByte((byte)signatureType); + sOut.WriteByte((byte)keyAlgorithm); + sOut.WriteByte((byte)hashAlgorithm); + sOut.WriteByte((byte)(data.Length >> 8)); + sOut.WriteByte((byte)data.Length); + sOut.Write(data, 0, data.Length); + + hData = sOut.ToArray(); + } + catch (IOException e) + { + throw new PgpException("exception encoding hashed data.", e); + } + + sig.BlockUpdate(hData, 0, hData.Length); + dig.BlockUpdate(hData, 0, hData.Length); + + hData = new byte[] + { + (byte) version, + 0xff, + (byte)(hData.Length >> 24), + (byte)(hData.Length >> 16), + (byte)(hData.Length >> 8), + (byte) hData.Length + }; + + sig.BlockUpdate(hData, 0, hData.Length); + dig.BlockUpdate(hData, 0, hData.Length); + + byte[] sigBytes = sig.GenerateSignature(); + byte[] digest = DigestUtilities.DoFinal(dig); + byte[] fingerPrint = new byte[] { digest[0], digest[1] }; + + // an RSA signature + bool isRsa = keyAlgorithm == PublicKeyAlgorithmTag.RsaSign + || keyAlgorithm == PublicKeyAlgorithmTag.RsaGeneral; + + MPInteger[] sigValues = isRsa + ? PgpUtilities.RsaSigToMpi(sigBytes) + : PgpUtilities.DsaSigToMpi(sigBytes); + + return new PgpSignature( + new SignaturePacket(signatureType, privKey.KeyId, keyAlgorithm, + hashAlgorithm, hPkts, unhPkts, fingerPrint, sigValues)); + } + + /// Generate a certification for the passed in ID and key. + /// The ID we are certifying against the public key. + /// The key we are certifying against the ID. + /// The certification. + public PgpSignature GenerateCertification( + string id, + PgpPublicKey pubKey) + { + UpdateWithPublicKey(pubKey); + + // + // hash in the id + // + UpdateWithIdData(0xb4, Strings.ToUtf8ByteArray(id)); + + return Generate(); + } + + /// Generate a certification for the passed in userAttributes. + /// The ID we are certifying against the public key. + /// The key we are certifying against the ID. + /// The certification. + public PgpSignature GenerateCertification( + PgpUserAttributeSubpacketVector userAttributes, + PgpPublicKey pubKey) + { + UpdateWithPublicKey(pubKey); + + // + // hash in the attributes + // + try + { + MemoryStream bOut = new MemoryStream(); + foreach (UserAttributeSubpacket packet in userAttributes.ToSubpacketArray()) + { + packet.Encode(bOut); + } + UpdateWithIdData(0xd1, bOut.ToArray()); + } + catch (IOException e) + { + throw new PgpException("cannot encode subpacket array", e); + } + + return this.Generate(); + } + + /// Generate a certification for the passed in key against the passed in master key. + /// The key we are certifying against. + /// The key we are certifying. + /// The certification. + public PgpSignature GenerateCertification( + PgpPublicKey masterKey, + PgpPublicKey pubKey) + { + UpdateWithPublicKey(masterKey); + UpdateWithPublicKey(pubKey); + + return Generate(); + } + + /// Generate a certification, such as a revocation, for the passed in key. + /// The key we are certifying. + /// The certification. + public PgpSignature GenerateCertification( + PgpPublicKey pubKey) + { + UpdateWithPublicKey(pubKey); + + return Generate(); + } + + private byte[] GetEncodedPublicKey( + PgpPublicKey pubKey) + { + try + { + return pubKey.publicPk.GetEncodedContents(); + } + catch (IOException e) + { + throw new PgpException("exception preparing key.", e); + } + } + + private bool packetPresent( + SignatureSubpacket[] packets, + SignatureSubpacketTag type) + { + for (int i = 0; i != packets.Length; i++) + { + if (packets[i].SubpacketType == type) + { + return true; + } + } + + return false; + } + + private SignatureSubpacket[] insertSubpacket( + SignatureSubpacket[] packets, + SignatureSubpacket subpacket) + { + SignatureSubpacket[] tmp = new SignatureSubpacket[packets.Length + 1]; + tmp[0] = subpacket; + packets.CopyTo(tmp, 1); + return tmp; + } + + private void UpdateWithIdData( + int header, + byte[] idBytes) + { + this.Update( + (byte) header, + (byte)(idBytes.Length >> 24), + (byte)(idBytes.Length >> 16), + (byte)(idBytes.Length >> 8), + (byte)(idBytes.Length)); + this.Update(idBytes); + } + + private void UpdateWithPublicKey( + PgpPublicKey key) + { + byte[] keyBytes = GetEncodedPublicKey(key); + + this.Update( + (byte) 0x99, + (byte)(keyBytes.Length >> 8), + (byte)(keyBytes.Length)); + this.Update(keyBytes); + } + } +} diff --git a/BouncyCastle/crypto/src/openpgp/PgpSignatureList.cs b/BouncyCastle/crypto/src/openpgp/PgpSignatureList.cs new file mode 100644 index 0000000..61976fc --- /dev/null +++ b/BouncyCastle/crypto/src/openpgp/PgpSignatureList.cs @@ -0,0 +1,51 @@ +using System; + +namespace Org.BouncyCastle.Bcpg.OpenPgp +{ + /// A list of PGP signatures - normally in the signature block after literal data. + public class PgpSignatureList + : PgpObject + { + private PgpSignature[] sigs; + + public PgpSignatureList( + PgpSignature[] sigs) + { + this.sigs = (PgpSignature[]) sigs.Clone(); + } + + public PgpSignatureList( + PgpSignature sig) + { + this.sigs = new PgpSignature[]{ sig }; + } + + public PgpSignature this[int index] + { + get { return sigs[index]; } + } + + [Obsolete("Use 'object[index]' syntax instead")] + public PgpSignature Get( + int index) + { + return this[index]; + } + + [Obsolete("Use 'Count' property instead")] + public int Size + { + get { return sigs.Length; } + } + + public int Count + { + get { return sigs.Length; } + } + + public bool IsEmpty + { + get { return (sigs.Length == 0); } + } + } +} diff --git a/BouncyCastle/crypto/src/openpgp/PgpSignatureSubpacketGenerator.cs b/BouncyCastle/crypto/src/openpgp/PgpSignatureSubpacketGenerator.cs new file mode 100644 index 0000000..3987012 --- /dev/null +++ b/BouncyCastle/crypto/src/openpgp/PgpSignatureSubpacketGenerator.cs @@ -0,0 +1,236 @@ +using System; +using System.Collections; + +using Org.BouncyCastle.Bcpg.Sig; +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Bcpg.OpenPgp +{ + /// Generator for signature subpackets. + public class PgpSignatureSubpacketGenerator + { + private IList list = Platform.CreateArrayList(); + + + /// + ///Base constructor, creates an empty generator. + /// + public PgpSignatureSubpacketGenerator() + { + } + + /// + /// Constructor for pre-initialising the generator from an existing one. + /// + /// + /// sigSubV an initial set of subpackets. + /// + public PgpSignatureSubpacketGenerator(PgpSignatureSubpacketVector sigSubV) + { + if (sigSubV != null) + { + SignatureSubpacket[] subs = sigSubV.ToSubpacketArray(); + for (int i = 0; i != sigSubV.Count; i++) + { + list.Add(subs[i]); + } + } + } + + public void SetRevocable( + bool isCritical, + bool isRevocable) + { + list.Add(new Revocable(isCritical, isRevocable)); + } + + public void SetExportable( + bool isCritical, + bool isExportable) + { + list.Add(new Exportable(isCritical, isExportable)); + } + + public void SetFeature( + bool isCritical, + byte feature) + { + list.Add(new Features(isCritical, feature)); + } + + /// + /// Add a TrustSignature packet to the signature. The values for depth and trust are largely + /// installation dependent but there are some guidelines in RFC 4880 - 5.2.3.13. + /// + /// true if the packet is critical. + /// depth level. + /// trust amount. + public void SetTrust( + bool isCritical, + int depth, + int trustAmount) + { + list.Add(new TrustSignature(isCritical, depth, trustAmount)); + } + + /// + /// Set the number of seconds a key is valid for after the time of its creation. + /// A value of zero means the key never expires. + /// + /// True, if should be treated as critical, false otherwise. + /// The number of seconds the key is valid, or zero if no expiry. + public void SetKeyExpirationTime( + bool isCritical, + long seconds) + { + list.Add(new KeyExpirationTime(isCritical, seconds)); + } + + /// + /// Set the number of seconds a signature is valid for after the time of its creation. + /// A value of zero means the signature never expires. + /// + /// True, if should be treated as critical, false otherwise. + /// The number of seconds the signature is valid, or zero if no expiry. + public void SetSignatureExpirationTime( + bool isCritical, + long seconds) + { + list.Add(new SignatureExpirationTime(isCritical, seconds)); + } + + /// + /// Set the creation time for the signature. + ///

    + /// Note: this overrides the generation of a creation time when the signature + /// is generated.

    + ///     + public void SetSignatureCreationTime( + bool isCritical, + DateTime date) + { + list.Add(new SignatureCreationTime(isCritical, date)); + } + + public void SetPreferredHashAlgorithms( + bool isCritical, + int[] algorithms) + { + list.Add(new PreferredAlgorithms(SignatureSubpacketTag.PreferredHashAlgorithms, isCritical, algorithms)); + } + + public void SetPreferredSymmetricAlgorithms( + bool isCritical, + int[] algorithms) + { + list.Add(new PreferredAlgorithms(SignatureSubpacketTag.PreferredSymmetricAlgorithms, isCritical, algorithms)); + } + + public void SetPreferredCompressionAlgorithms( + bool isCritical, + int[] algorithms) + { + list.Add(new PreferredAlgorithms(SignatureSubpacketTag.PreferredCompressionAlgorithms, isCritical, algorithms)); + } + + public void SetKeyFlags( + bool isCritical, + int flags) + { + list.Add(new KeyFlags(isCritical, flags)); + } + + public void SetSignerUserId( + bool isCritical, + string userId) + { + if (userId == null) + throw new ArgumentNullException("userId"); + + list.Add(new SignerUserId(isCritical, userId)); + } + + public void SetSignerUserId( + bool isCritical, + byte[] rawUserId) + { + if (rawUserId == null) + throw new ArgumentNullException("rawUserId"); + + list.Add(new SignerUserId(isCritical, false, rawUserId)); + } + + public void SetEmbeddedSignature( + bool isCritical, + PgpSignature pgpSignature) + { + byte[] sig = pgpSignature.GetEncoded(); + byte[] data; + + // TODO Should be >= ? + if (sig.Length - 1 > 256) + { + data = new byte[sig.Length - 3]; + } + else + { + data = new byte[sig.Length - 2]; + } + + Array.Copy(sig, sig.Length - data.Length, data, 0, data.Length); + + list.Add(new EmbeddedSignature(isCritical, false, data)); + } + + public void SetPrimaryUserId( + bool isCritical, + bool isPrimaryUserId) + { + list.Add(new PrimaryUserId(isCritical, isPrimaryUserId)); + } + + public void SetNotationData( + bool isCritical, + bool isHumanReadable, + string notationName, + string notationValue) + { + list.Add(new NotationData(isCritical, isHumanReadable, notationName, notationValue)); + } + + /// + /// Sets revocation reason sub packet + /// + public void SetRevocationReason(bool isCritical, RevocationReasonTag reason, + string description) + { + list.Add(new RevocationReason(isCritical, reason, description)); + } + + /// + /// Sets revocation key sub packet + /// + public void SetRevocationKey(bool isCritical, PublicKeyAlgorithmTag keyAlgorithm, byte[] fingerprint) + { + list.Add(new RevocationKey(isCritical, RevocationKeyTag.ClassDefault, keyAlgorithm, fingerprint)); + } + + /// + /// Sets issuer key sub packet + /// + public void SetIssuerKeyID(bool isCritical, long keyID) + { + list.Add(new IssuerKeyId(isCritical, keyID)); + } + + public PgpSignatureSubpacketVector Generate() + { + SignatureSubpacket[] a = new SignatureSubpacket[list.Count]; + for (int i = 0; i < list.Count; ++i) + { + a[i] = (SignatureSubpacket)list[i]; + } + return new PgpSignatureSubpacketVector(a); + } + } +} diff --git a/BouncyCastle/crypto/src/openpgp/PgpSignatureSubpacketVector.cs b/BouncyCastle/crypto/src/openpgp/PgpSignatureSubpacketVector.cs new file mode 100644 index 0000000..810f49c --- /dev/null +++ b/BouncyCastle/crypto/src/openpgp/PgpSignatureSubpacketVector.cs @@ -0,0 +1,274 @@ +using System; +using System.Collections; +using System.IO; +using Org.BouncyCastle.Bcpg.Sig; +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Bcpg.OpenPgp +{ + /// Container for a list of signature subpackets. + public class PgpSignatureSubpacketVector + { + public static PgpSignatureSubpacketVector FromSubpackets(SignatureSubpacket[] packets) + { + if (packets == null) + { + packets = new SignatureSubpacket[0]; + } + return new PgpSignatureSubpacketVector(packets); + } + + private readonly SignatureSubpacket[] packets; + + internal PgpSignatureSubpacketVector( + SignatureSubpacket[] packets) + { + this.packets = packets; + } + + public SignatureSubpacket GetSubpacket( + SignatureSubpacketTag type) + { + for (int i = 0; i != packets.Length; i++) + { + if (packets[i].SubpacketType == type) + { + return packets[i]; + } + } + + return null; + } + + /** + * Return true if a particular subpacket type exists. + * + * @param type type to look for. + * @return true if present, false otherwise. + */ + public bool HasSubpacket( + SignatureSubpacketTag type) + { + return GetSubpacket(type) != null; + } + + /** + * Return all signature subpackets of the passed in type. + * @param type subpacket type code + * @return an array of zero or more matching subpackets. + */ + public SignatureSubpacket[] GetSubpackets( + SignatureSubpacketTag type) + { + int count = 0; + for (int i = 0; i < packets.Length; ++i) + { + if (packets[i].SubpacketType == type) + { + ++count; + } + } + + SignatureSubpacket[] result = new SignatureSubpacket[count]; + + int pos = 0; + for (int i = 0; i < packets.Length; ++i) + { + if (packets[i].SubpacketType == type) + { + result[pos++] = packets[i]; + } + } + + return result; + } + + public NotationData[] GetNotationDataOccurrences() + { + SignatureSubpacket[] notations = GetSubpackets(SignatureSubpacketTag.NotationData); + NotationData[] vals = new NotationData[notations.Length]; + + for (int i = 0; i < notations.Length; i++) + { + vals[i] = (NotationData) notations[i]; + } + + return vals; + } + + [Obsolete("Use 'GetNotationDataOccurrences' instead")] + public NotationData[] GetNotationDataOccurences() + { + return GetNotationDataOccurrences(); + } + + public long GetIssuerKeyId() + { + SignatureSubpacket p = GetSubpacket(SignatureSubpacketTag.IssuerKeyId); + + return p == null ? 0 : ((IssuerKeyId) p).KeyId; + } + + public bool HasSignatureCreationTime() + { + return GetSubpacket(SignatureSubpacketTag.CreationTime) != null; + } + + public DateTime GetSignatureCreationTime() + { + SignatureSubpacket p = GetSubpacket(SignatureSubpacketTag.CreationTime); + + if (p == null) + { + throw new PgpException("SignatureCreationTime not available"); + } + + return ((SignatureCreationTime)p).GetTime(); + } + + /// + /// Return the number of seconds a signature is valid for after its creation date. + /// A value of zero means the signature never expires. + /// + /// Seconds a signature is valid for. + public long GetSignatureExpirationTime() + { + SignatureSubpacket p = GetSubpacket(SignatureSubpacketTag.ExpireTime); + + return p == null ? 0 : ((SignatureExpirationTime) p).Time; + } + + /// + /// Return the number of seconds a key is valid for after its creation date. + /// A value of zero means the key never expires. + /// + /// Seconds a signature is valid for. + public long GetKeyExpirationTime() + { + SignatureSubpacket p = GetSubpacket(SignatureSubpacketTag.KeyExpireTime); + + return p == null ? 0 : ((KeyExpirationTime) p).Time; + } + + public int[] GetPreferredHashAlgorithms() + { + SignatureSubpacket p = GetSubpacket(SignatureSubpacketTag.PreferredHashAlgorithms); + + return p == null ? null : ((PreferredAlgorithms) p).GetPreferences(); + } + + public int[] GetPreferredSymmetricAlgorithms() + { + SignatureSubpacket p = GetSubpacket(SignatureSubpacketTag.PreferredSymmetricAlgorithms); + + return p == null ? null : ((PreferredAlgorithms) p).GetPreferences(); + } + + public int[] GetPreferredCompressionAlgorithms() + { + SignatureSubpacket p = GetSubpacket(SignatureSubpacketTag.PreferredCompressionAlgorithms); + + return p == null ? null : ((PreferredAlgorithms) p).GetPreferences(); + } + + public int GetKeyFlags() + { + SignatureSubpacket p = GetSubpacket(SignatureSubpacketTag.KeyFlags); + + return p == null ? 0 : ((KeyFlags) p).Flags; + } + + public string GetSignerUserId() + { + SignatureSubpacket p = GetSubpacket(SignatureSubpacketTag.SignerUserId); + + return p == null ? null : ((SignerUserId) p).GetId(); + } + + public bool IsPrimaryUserId() + { + PrimaryUserId primaryId = (PrimaryUserId) + this.GetSubpacket(SignatureSubpacketTag.PrimaryUserId); + + if (primaryId != null) + { + return primaryId.IsPrimaryUserId(); + } + + return false; + } + + public PgpSignatureList GetEmbeddedSignatures() + { + SignatureSubpacket [] sigs = GetSubpackets(SignatureSubpacketTag.EmbeddedSignature); + PgpSignature[] l = new PgpSignature[sigs.Length]; + + for (int i = 0; i < sigs.Length; i++) + { + try + { + l[i] = new PgpSignature(SignaturePacket.FromByteArray(sigs[i].GetData())); + } + catch (IOException e) + { + throw new PgpException("Unable to parse signature packet: " + e.Message, e); + } + } + + return new PgpSignatureList(l); + } + + public SignatureSubpacketTag[] GetCriticalTags() + { + int count = 0; + for (int i = 0; i != packets.Length; i++) + { + if (packets[i].IsCritical()) + { + count++; + } + } + + SignatureSubpacketTag[] list = new SignatureSubpacketTag[count]; + + count = 0; + + for (int i = 0; i != packets.Length; i++) + { + if (packets[i].IsCritical()) + { + list[count++] = packets[i].SubpacketType; + } + } + + return list; + } + + public Features GetFeatures() + { + SignatureSubpacket p = this.GetSubpacket(SignatureSubpacketTag.Features); + + if (p == null) + return null; + + return new Features(p.IsCritical(), p.IsLongLength(), p.GetData()); + } + + [Obsolete("Use 'Count' property instead")] + public int Size + { + get { return packets.Length; } + } + + /// Return the number of packets this vector contains. + public int Count + { + get { return packets.Length; } + } + + internal SignatureSubpacket[] ToSubpacketArray() + { + return packets; + } + } +} diff --git a/BouncyCastle/crypto/src/openpgp/PgpUserAttributeSubpacketVector.cs b/BouncyCastle/crypto/src/openpgp/PgpUserAttributeSubpacketVector.cs new file mode 100644 index 0000000..df50813 --- /dev/null +++ b/BouncyCastle/crypto/src/openpgp/PgpUserAttributeSubpacketVector.cs @@ -0,0 +1,90 @@ +using Org.BouncyCastle.Bcpg.Attr; + +namespace Org.BouncyCastle.Bcpg.OpenPgp +{ + /// Container for a list of user attribute subpackets. + public class PgpUserAttributeSubpacketVector + { + public static PgpUserAttributeSubpacketVector FromSubpackets(UserAttributeSubpacket[] packets) + { + if (packets == null) + { + packets = new UserAttributeSubpacket[0]; + } + return new PgpUserAttributeSubpacketVector(packets); + } + + private readonly UserAttributeSubpacket[] packets; + + internal PgpUserAttributeSubpacketVector( + UserAttributeSubpacket[] packets) + { + this.packets = packets; + } + + public UserAttributeSubpacket GetSubpacket( + UserAttributeSubpacketTag type) + { + for (int i = 0; i != packets.Length; i++) + { + if (packets[i].SubpacketType == type) + { + return packets[i]; + } + } + + return null; + } + + public ImageAttrib GetImageAttribute() + { + UserAttributeSubpacket p = GetSubpacket(UserAttributeSubpacketTag.ImageAttribute); + + return p == null ? null : (ImageAttrib) p; + } + + internal UserAttributeSubpacket[] ToSubpacketArray() + { + return packets; + } + + public override bool Equals( + object obj) + { + if (obj == this) + return true; + + PgpUserAttributeSubpacketVector other = obj as PgpUserAttributeSubpacketVector; + + if (other == null) + return false; + + if (other.packets.Length != packets.Length) + { + return false; + } + + for (int i = 0; i != packets.Length; i++) + { + if (!other.packets[i].Equals(packets[i])) + { + return false; + } + } + + return true; + } + + public override int GetHashCode() + { + int code = 0; + + foreach (object o in packets) + { + code ^= o.GetHashCode(); + } + + return code; + } + } +} diff --git a/BouncyCastle/crypto/src/openpgp/PgpUtilities.cs b/BouncyCastle/crypto/src/openpgp/PgpUtilities.cs new file mode 100644 index 0000000..fcc4f67 --- /dev/null +++ b/BouncyCastle/crypto/src/openpgp/PgpUtilities.cs @@ -0,0 +1,588 @@ +using System; +using System.Collections; +using System.IO; +using System.Text; + +using Org.BouncyCastle.Asn1; +using Org.BouncyCastle.Asn1.EdEC; +using Org.BouncyCastle.Asn1.Sec; +using Org.BouncyCastle.Asn1.X9; +using Org.BouncyCastle.Crypto; +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Math; +using Org.BouncyCastle.Security; +using Org.BouncyCastle.Utilities; +using Org.BouncyCastle.Utilities.Encoders; +using Org.BouncyCastle.Utilities.IO; + +namespace Org.BouncyCastle.Bcpg.OpenPgp +{ + /// Basic utility class. + public sealed class PgpUtilities + { + private static IDictionary NameToHashID = CreateNameToHashID(); + private static IDictionary OidToName = CreateOidToName(); + + private static IDictionary CreateNameToHashID() + { + IDictionary d = Platform.CreateHashtable(); + d.Add("sha1", HashAlgorithmTag.Sha1); + d.Add("sha224", HashAlgorithmTag.Sha224); + d.Add("sha256", HashAlgorithmTag.Sha256); + d.Add("sha384", HashAlgorithmTag.Sha384); + d.Add("sha512", HashAlgorithmTag.Sha512); + d.Add("ripemd160", HashAlgorithmTag.RipeMD160); + d.Add("rmd160", HashAlgorithmTag.RipeMD160); + d.Add("md2", HashAlgorithmTag.MD2); + d.Add("tiger", HashAlgorithmTag.Tiger192); + d.Add("haval", HashAlgorithmTag.Haval5pass160); + d.Add("md5", HashAlgorithmTag.MD5); + return d; + } + + private static IDictionary CreateOidToName() + { + IDictionary d = Platform.CreateHashtable(); + d.Add(EdECObjectIdentifiers.id_X25519, "Curve25519"); + d.Add(EdECObjectIdentifiers.id_Ed25519, "Ed25519"); + d.Add(SecObjectIdentifiers.SecP256r1, "NIST P-256"); + d.Add(SecObjectIdentifiers.SecP384r1, "NIST P-384"); + d.Add(SecObjectIdentifiers.SecP521r1, "NIST P-521"); + return d; + } + + private PgpUtilities() + { + } + + public static MPInteger[] DsaSigToMpi( + byte[] encoding) + { + DerInteger i1, i2; + + try + { + Asn1Sequence s = Asn1Sequence.GetInstance(encoding); + + i1 = DerInteger.GetInstance(s[0]); + i2 = DerInteger.GetInstance(s[1]); + } + catch (Exception e) + { + throw new PgpException("exception encoding signature", e); + } + + return new MPInteger[]{ + new MPInteger(i1.Value), + new MPInteger(i2.Value) + }; + } + + public static MPInteger[] RsaSigToMpi( + byte[] encoding) + { + return new MPInteger[]{ new MPInteger(new BigInteger(1, encoding)) }; + } + + public static string GetDigestName( + HashAlgorithmTag hashAlgorithm) + { + switch (hashAlgorithm) + { + case HashAlgorithmTag.Sha1: + return "SHA1"; + case HashAlgorithmTag.MD2: + return "MD2"; + case HashAlgorithmTag.MD5: + return "MD5"; + case HashAlgorithmTag.RipeMD160: + return "RIPEMD160"; + case HashAlgorithmTag.Sha224: + return "SHA224"; + case HashAlgorithmTag.Sha256: + return "SHA256"; + case HashAlgorithmTag.Sha384: + return "SHA384"; + case HashAlgorithmTag.Sha512: + return "SHA512"; + default: + throw new PgpException("unknown hash algorithm tag in GetDigestName: " + hashAlgorithm); + } + } + + public static int GetDigestIDForName(string name) + { + name = Platform.ToLowerInvariant(name); + if (NameToHashID.Contains(name)) + return (Int32)NameToHashID[name]; + + throw new ArgumentException("unable to map " + name + " to a hash id", "name"); + } + + /** + * Return the EC curve name for the passed in OID. + * + * @param oid the EC curve object identifier in the PGP key + * @return a string representation of the OID. + */ + public static string GetCurveName(DerObjectIdentifier oid) + { + string name = (string)OidToName[oid]; + if (name != null) + return name; + + // fall back + return ECNamedCurveTable.GetName(oid); + } + + public static string GetSignatureName( + PublicKeyAlgorithmTag keyAlgorithm, + HashAlgorithmTag hashAlgorithm) + { + string encAlg; + switch (keyAlgorithm) + { + case PublicKeyAlgorithmTag.RsaGeneral: + case PublicKeyAlgorithmTag.RsaSign: + encAlg = "RSA"; + break; + case PublicKeyAlgorithmTag.Dsa: + encAlg = "DSA"; + break; + case PublicKeyAlgorithmTag.ECDH: + encAlg = "ECDH"; + break; + case PublicKeyAlgorithmTag.ECDsa: + encAlg = "ECDSA"; + break; + case PublicKeyAlgorithmTag.ElGamalEncrypt: // in some malformed cases. + case PublicKeyAlgorithmTag.ElGamalGeneral: + encAlg = "ElGamal"; + break; + default: + throw new PgpException("unknown algorithm tag in signature:" + keyAlgorithm); + } + + return GetDigestName(hashAlgorithm) + "with" + encAlg; + } + + public static string GetSymmetricCipherName( + SymmetricKeyAlgorithmTag algorithm) + { + switch (algorithm) + { + case SymmetricKeyAlgorithmTag.Null: + return null; + case SymmetricKeyAlgorithmTag.TripleDes: + return "DESEDE"; + case SymmetricKeyAlgorithmTag.Idea: + return "IDEA"; + case SymmetricKeyAlgorithmTag.Cast5: + return "CAST5"; + case SymmetricKeyAlgorithmTag.Blowfish: + return "Blowfish"; + case SymmetricKeyAlgorithmTag.Safer: + return "SAFER"; + case SymmetricKeyAlgorithmTag.Des: + return "DES"; + case SymmetricKeyAlgorithmTag.Aes128: + return "AES"; + case SymmetricKeyAlgorithmTag.Aes192: + return "AES"; + case SymmetricKeyAlgorithmTag.Aes256: + return "AES"; + case SymmetricKeyAlgorithmTag.Twofish: + return "Twofish"; + case SymmetricKeyAlgorithmTag.Camellia128: + return "Camellia"; + case SymmetricKeyAlgorithmTag.Camellia192: + return "Camellia"; + case SymmetricKeyAlgorithmTag.Camellia256: + return "Camellia"; + default: + throw new PgpException("unknown symmetric algorithm: " + algorithm); + } + } + + public static int GetKeySize(SymmetricKeyAlgorithmTag algorithm) + { + int keySize; + switch (algorithm) + { + case SymmetricKeyAlgorithmTag.Des: + keySize = 64; + break; + case SymmetricKeyAlgorithmTag.Idea: + case SymmetricKeyAlgorithmTag.Cast5: + case SymmetricKeyAlgorithmTag.Blowfish: + case SymmetricKeyAlgorithmTag.Safer: + case SymmetricKeyAlgorithmTag.Aes128: + case SymmetricKeyAlgorithmTag.Camellia128: + keySize = 128; + break; + case SymmetricKeyAlgorithmTag.TripleDes: + case SymmetricKeyAlgorithmTag.Aes192: + case SymmetricKeyAlgorithmTag.Camellia192: + keySize = 192; + break; + case SymmetricKeyAlgorithmTag.Aes256: + case SymmetricKeyAlgorithmTag.Twofish: + case SymmetricKeyAlgorithmTag.Camellia256: + keySize = 256; + break; + default: + throw new PgpException("unknown symmetric algorithm: " + algorithm); + } + + return keySize; + } + + public static KeyParameter MakeKey( + SymmetricKeyAlgorithmTag algorithm, + byte[] keyBytes) + { + string algName = GetSymmetricCipherName(algorithm); + + return ParameterUtilities.CreateKeyParameter(algName, keyBytes); + } + + public static KeyParameter MakeRandomKey( + SymmetricKeyAlgorithmTag algorithm, + SecureRandom random) + { + int keySize = GetKeySize(algorithm); + byte[] keyBytes = new byte[(keySize + 7) / 8]; + random.NextBytes(keyBytes); + return MakeKey(algorithm, keyBytes); + } + + internal static byte[] EncodePassPhrase(char[] passPhrase, bool utf8) + { + return passPhrase == null + ? null + : utf8 + ? Encoding.UTF8.GetBytes(passPhrase) + : Strings.ToByteArray(passPhrase); + } + + /// + /// Conversion of the passphrase characters to bytes is performed using Convert.ToByte(), which is + /// the historical behaviour of the library (1.7 and earlier). + /// + public static KeyParameter MakeKeyFromPassPhrase(SymmetricKeyAlgorithmTag algorithm, S2k s2k, char[] passPhrase) + { + return DoMakeKeyFromPassPhrase(algorithm, s2k, EncodePassPhrase(passPhrase, false), true); + } + + /// + /// The passphrase is encoded to bytes using UTF8 (Encoding.UTF8.GetBytes). + /// + public static KeyParameter MakeKeyFromPassPhraseUtf8(SymmetricKeyAlgorithmTag algorithm, S2k s2k, char[] passPhrase) + { + return DoMakeKeyFromPassPhrase(algorithm, s2k, EncodePassPhrase(passPhrase, true), true); + } + + /// + /// Allows the caller to handle the encoding of the passphrase to bytes. + /// + public static KeyParameter MakeKeyFromPassPhraseRaw(SymmetricKeyAlgorithmTag algorithm, S2k s2k, byte[] rawPassPhrase) + { + return DoMakeKeyFromPassPhrase(algorithm, s2k, rawPassPhrase, false); + } + + internal static KeyParameter DoMakeKeyFromPassPhrase(SymmetricKeyAlgorithmTag algorithm, S2k s2k, byte[] rawPassPhrase, bool clearPassPhrase) + { + int keySize = GetKeySize(algorithm); + byte[] pBytes = rawPassPhrase; + byte[] keyBytes = new byte[(keySize + 7) / 8]; + + int generatedBytes = 0; + int loopCount = 0; + + while (generatedBytes < keyBytes.Length) + { + IDigest digest; + if (s2k != null) + { + string digestName = GetDigestName(s2k.HashAlgorithm); + + try + { + digest = DigestUtilities.GetDigest(digestName); + } + catch (Exception e) + { + throw new PgpException("can't find S2k digest", e); + } + + for (int i = 0; i != loopCount; i++) + { + digest.Update(0); + } + + byte[] iv = s2k.GetIV(); + + switch (s2k.Type) + { + case S2k.Simple: + digest.BlockUpdate(pBytes, 0, pBytes.Length); + break; + case S2k.Salted: + digest.BlockUpdate(iv, 0, iv.Length); + digest.BlockUpdate(pBytes, 0, pBytes.Length); + break; + case S2k.SaltedAndIterated: + long count = s2k.IterationCount; + digest.BlockUpdate(iv, 0, iv.Length); + digest.BlockUpdate(pBytes, 0, pBytes.Length); + + count -= iv.Length + pBytes.Length; + + while (count > 0) + { + if (count < iv.Length) + { + digest.BlockUpdate(iv, 0, (int)count); + break; + } + else + { + digest.BlockUpdate(iv, 0, iv.Length); + count -= iv.Length; + } + + if (count < pBytes.Length) + { + digest.BlockUpdate(pBytes, 0, (int)count); + count = 0; + } + else + { + digest.BlockUpdate(pBytes, 0, pBytes.Length); + count -= pBytes.Length; + } + } + break; + default: + throw new PgpException("unknown S2k type: " + s2k.Type); + } + } + else + { + try + { + digest = DigestUtilities.GetDigest("MD5"); + + for (int i = 0; i != loopCount; i++) + { + digest.Update(0); + } + + digest.BlockUpdate(pBytes, 0, pBytes.Length); + } + catch (Exception e) + { + throw new PgpException("can't find MD5 digest", e); + } + } + + byte[] dig = DigestUtilities.DoFinal(digest); + + if (dig.Length > (keyBytes.Length - generatedBytes)) + { + Array.Copy(dig, 0, keyBytes, generatedBytes, keyBytes.Length - generatedBytes); + } + else + { + Array.Copy(dig, 0, keyBytes, generatedBytes, dig.Length); + } + + generatedBytes += dig.Length; + + loopCount++; + } + + if (clearPassPhrase && rawPassPhrase != null) + { + Array.Clear(rawPassPhrase, 0, rawPassPhrase.Length); + } + + return MakeKey(algorithm, keyBytes); + } + +#if !PORTABLE || DOTNET + /// Write out the passed in file as a literal data packet. + public static void WriteFileToLiteralData( + Stream output, + char fileType, + FileInfo file) + { + PgpLiteralDataGenerator lData = new PgpLiteralDataGenerator(); + Stream pOut = lData.Open(output, fileType, file.Name, file.Length, file.LastWriteTime); + PipeFileContents(file, pOut, 32768); + } + + /// Write out the passed in file as a literal data packet in partial packet format. + public static void WriteFileToLiteralData( + Stream output, + char fileType, + FileInfo file, + byte[] buffer) + { + PgpLiteralDataGenerator lData = new PgpLiteralDataGenerator(); + Stream pOut = lData.Open(output, fileType, file.Name, file.LastWriteTime, buffer); + PipeFileContents(file, pOut, buffer.Length); + } + + private static void PipeFileContents(FileInfo file, Stream pOut, int bufSize) + { + FileStream inputStream = file.OpenRead(); + byte[] buf = new byte[bufSize]; + + try + { + int len; + while ((len = inputStream.Read(buf, 0, buf.Length)) > 0) + { + pOut.Write(buf, 0, len); + } + } + finally + { + Array.Clear(buf, 0, buf.Length); + + Platform.Dispose(pOut); + Platform.Dispose(inputStream); + } + } +#endif + + private const int ReadAhead = 60; + + private static bool IsPossiblyBase64( + int ch) + { + return (ch >= 'A' && ch <= 'Z') || (ch >= 'a' && ch <= 'z') + || (ch >= '0' && ch <= '9') || (ch == '+') || (ch == '/') + || (ch == '\r') || (ch == '\n'); + } + + /// + /// Return either an ArmoredInputStream or a BcpgInputStream based on whether + /// the initial characters of the stream are binary PGP encodings or not. + /// + public static Stream GetDecoderStream( + Stream inputStream) + { + // TODO Remove this restriction? + if (!inputStream.CanSeek) + throw new ArgumentException("inputStream must be seek-able", "inputStream"); + + long markedPos = inputStream.Position; + + int ch = inputStream.ReadByte(); + if ((ch & 0x80) != 0) + { + inputStream.Position = markedPos; + + return inputStream; + } + + if (!IsPossiblyBase64(ch)) + { + inputStream.Position = markedPos; + + return new ArmoredInputStream(inputStream); + } + + byte[] buf = new byte[ReadAhead]; + int count = 1; + int index = 1; + + buf[0] = (byte)ch; + while (count != ReadAhead && (ch = inputStream.ReadByte()) >= 0) + { + if (!IsPossiblyBase64(ch)) + { + inputStream.Position = markedPos; + + return new ArmoredInputStream(inputStream); + } + + if (ch != '\n' && ch != '\r') + { + buf[index++] = (byte)ch; + } + + count++; + } + + inputStream.Position = markedPos; + + // + // nothing but new lines, little else, assume regular armoring + // + if (count < 4) + { + return new ArmoredInputStream(inputStream); + } + + // + // test our non-blank data + // + byte[] firstBlock = new byte[8]; + + Array.Copy(buf, 0, firstBlock, 0, firstBlock.Length); + + try + { + byte[] decoded = Base64.Decode(firstBlock); + + // + // it's a base64 PGP block. + // + bool hasHeaders = (decoded[0] & 0x80) == 0; + + return new ArmoredInputStream(inputStream, hasHeaders); + } + catch (IOException e) + { + throw e; + } + catch (Exception e) + { + throw new IOException(e.Message); + } + } + + internal static IWrapper CreateWrapper(SymmetricKeyAlgorithmTag encAlgorithm) + { + switch (encAlgorithm) + { + case SymmetricKeyAlgorithmTag.Aes128: + case SymmetricKeyAlgorithmTag.Aes192: + case SymmetricKeyAlgorithmTag.Aes256: + return WrapperUtilities.GetWrapper("AESWRAP"); + case SymmetricKeyAlgorithmTag.Camellia128: + case SymmetricKeyAlgorithmTag.Camellia192: + case SymmetricKeyAlgorithmTag.Camellia256: + return WrapperUtilities.GetWrapper("CAMELLIAWRAP"); + default: + throw new PgpException("unknown wrap algorithm: " + encAlgorithm); + } + } + + internal static byte[] GenerateIV(int length, SecureRandom random) + { + byte[] iv = new byte[length]; + random.NextBytes(iv); + return iv; + } + + internal static S2k GenerateS2k(HashAlgorithmTag hashAlgorithm, int s2kCount, SecureRandom random) + { + byte[] iv = GenerateIV(8, random); + return new S2k(hashAlgorithm, iv, s2kCount); + } + } +} diff --git a/BouncyCastle/crypto/src/openpgp/PgpV3SignatureGenerator.cs b/BouncyCastle/crypto/src/openpgp/PgpV3SignatureGenerator.cs new file mode 100644 index 0000000..fc8b42d --- /dev/null +++ b/BouncyCastle/crypto/src/openpgp/PgpV3SignatureGenerator.cs @@ -0,0 +1,199 @@ +using System; + +using Org.BouncyCastle.Crypto; +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Math; +using Org.BouncyCastle.Security; +using Org.BouncyCastle.Utilities.Date; + +namespace Org.BouncyCastle.Bcpg.OpenPgp +{ + /// Generator for old style PGP V3 Signatures. + // TODO Should be able to implement ISigner? + public class PgpV3SignatureGenerator + { + private PublicKeyAlgorithmTag keyAlgorithm; + private HashAlgorithmTag hashAlgorithm; + private PgpPrivateKey privKey; + private ISigner sig; + private IDigest dig; + private int signatureType; + private byte lastb; + + /// Create a generator for the passed in keyAlgorithm and hashAlgorithm codes. + public PgpV3SignatureGenerator( + PublicKeyAlgorithmTag keyAlgorithm, + HashAlgorithmTag hashAlgorithm) + { + this.keyAlgorithm = keyAlgorithm; + this.hashAlgorithm = hashAlgorithm; + + dig = DigestUtilities.GetDigest(PgpUtilities.GetDigestName(hashAlgorithm)); + sig = SignerUtilities.GetSigner(PgpUtilities.GetSignatureName(keyAlgorithm, hashAlgorithm)); + } + + /// Initialise the generator for signing. + public void InitSign( + int sigType, + PgpPrivateKey key) + { + InitSign(sigType, key, null); + } + + /// Initialise the generator for signing. + public void InitSign( + int sigType, + PgpPrivateKey key, + SecureRandom random) + { + this.privKey = key; + this.signatureType = sigType; + + try + { + ICipherParameters cp = key.Key; + if (random != null) + { + cp = new ParametersWithRandom(key.Key, random); + } + + sig.Init(true, cp); + } + catch (InvalidKeyException e) + { + throw new PgpException("invalid key.", e); + } + + dig.Reset(); + lastb = 0; + } + + public void Update( + byte b) + { + if (signatureType == PgpSignature.CanonicalTextDocument) + { + doCanonicalUpdateByte(b); + } + else + { + doUpdateByte(b); + } + } + + private void doCanonicalUpdateByte( + byte b) + { + if (b == '\r') + { + doUpdateCRLF(); + } + else if (b == '\n') + { + if (lastb != '\r') + { + doUpdateCRLF(); + } + } + else + { + doUpdateByte(b); + } + + lastb = b; + } + + private void doUpdateCRLF() + { + doUpdateByte((byte)'\r'); + doUpdateByte((byte)'\n'); + } + + private void doUpdateByte( + byte b) + { + sig.Update(b); + dig.Update(b); + } + + public void Update( + byte[] b) + { + if (signatureType == PgpSignature.CanonicalTextDocument) + { + for (int i = 0; i != b.Length; i++) + { + doCanonicalUpdateByte(b[i]); + } + } + else + { + sig.BlockUpdate(b, 0, b.Length); + dig.BlockUpdate(b, 0, b.Length); + } + } + + public void Update( + byte[] b, + int off, + int len) + { + if (signatureType == PgpSignature.CanonicalTextDocument) + { + int finish = off + len; + + for (int i = off; i != finish; i++) + { + doCanonicalUpdateByte(b[i]); + } + } + else + { + sig.BlockUpdate(b, off, len); + dig.BlockUpdate(b, off, len); + } + } + + /// Return the one pass header associated with the current signature. + public PgpOnePassSignature GenerateOnePassVersion( + bool isNested) + { + return new PgpOnePassSignature( + new OnePassSignaturePacket(signatureType, hashAlgorithm, keyAlgorithm, privKey.KeyId, isNested)); + } + + /// Return a V3 signature object containing the current signature state. + public PgpSignature Generate() + { + long creationTime = DateTimeUtilities.CurrentUnixMs() / 1000L; + + byte[] hData = new byte[] + { + (byte) signatureType, + (byte)(creationTime >> 24), + (byte)(creationTime >> 16), + (byte)(creationTime >> 8), + (byte) creationTime + }; + + sig.BlockUpdate(hData, 0, hData.Length); + dig.BlockUpdate(hData, 0, hData.Length); + + byte[] sigBytes = sig.GenerateSignature(); + byte[] digest = DigestUtilities.DoFinal(dig); + byte[] fingerPrint = new byte[]{ digest[0], digest[1] }; + + // an RSA signature + bool isRsa = keyAlgorithm == PublicKeyAlgorithmTag.RsaSign + || keyAlgorithm == PublicKeyAlgorithmTag.RsaGeneral; + + MPInteger[] sigValues = isRsa + ? PgpUtilities.RsaSigToMpi(sigBytes) + : PgpUtilities.DsaSigToMpi(sigBytes); + + return new PgpSignature( + new SignaturePacket(3, signatureType, privKey.KeyId, keyAlgorithm, + hashAlgorithm, creationTime * 1000L, fingerPrint, sigValues)); + } + } +} diff --git a/BouncyCastle/crypto/src/openpgp/Rfc6637Utilities.cs b/BouncyCastle/crypto/src/openpgp/Rfc6637Utilities.cs new file mode 100644 index 0000000..5d992ec --- /dev/null +++ b/BouncyCastle/crypto/src/openpgp/Rfc6637Utilities.cs @@ -0,0 +1,138 @@ +using System; +using System.IO; + +using Org.BouncyCastle.Asn1; +using Org.BouncyCastle.Asn1.Nist; +using Org.BouncyCastle.Crypto; +using Org.BouncyCastle.Math.EC; +using Org.BouncyCastle.Security; +using Org.BouncyCastle.Utilities; +using Org.BouncyCastle.Utilities.Encoders; + +namespace Org.BouncyCastle.Bcpg.OpenPgp +{ + public sealed class Rfc6637Utilities + { + private Rfc6637Utilities() + { + } + + // "Anonymous Sender ", which is the octet sequence + private static readonly byte[] ANONYMOUS_SENDER = Hex.Decode("416E6F6E796D6F75732053656E64657220202020"); + + public static string GetAgreementAlgorithm(PublicKeyPacket pubKeyData) + { + ECDHPublicBcpgKey ecKey = (ECDHPublicBcpgKey)pubKeyData.Key; + + switch (ecKey.HashAlgorithm) + { + case HashAlgorithmTag.Sha256: + return "ECCDHwithSHA256CKDF"; + case HashAlgorithmTag.Sha384: + return "ECCDHwithSHA384CKDF"; + case HashAlgorithmTag.Sha512: + return "ECCDHwithSHA512CKDF"; + default: + throw new ArgumentException("Unknown hash algorithm specified: " + ecKey.HashAlgorithm); + } + } + + public static DerObjectIdentifier GetKeyEncryptionOID(SymmetricKeyAlgorithmTag algID) + { + switch (algID) + { + case SymmetricKeyAlgorithmTag.Aes128: + return NistObjectIdentifiers.IdAes128Wrap; + case SymmetricKeyAlgorithmTag.Aes192: + return NistObjectIdentifiers.IdAes192Wrap; + case SymmetricKeyAlgorithmTag.Aes256: + return NistObjectIdentifiers.IdAes256Wrap; + default: + throw new PgpException("unknown symmetric algorithm ID: " + algID); + } + } + + public static int GetKeyLength(SymmetricKeyAlgorithmTag algID) + { + switch (algID) + { + case SymmetricKeyAlgorithmTag.Aes128: + return 16; + case SymmetricKeyAlgorithmTag.Aes192: + return 24; + case SymmetricKeyAlgorithmTag.Aes256: + return 32; + default: + throw new PgpException("unknown symmetric algorithm ID: " + algID); + } + } + + public static byte[] CreateKey(PublicKeyPacket pubKeyData, ECPoint s) + { + byte[] userKeyingMaterial = CreateUserKeyingMaterial(pubKeyData); + + ECDHPublicBcpgKey ecKey = (ECDHPublicBcpgKey)pubKeyData.Key; + + return Kdf(ecKey.HashAlgorithm, s, GetKeyLength(ecKey.SymmetricKeyAlgorithm), userKeyingMaterial); + } + + // RFC 6637 - Section 8 + // curve_OID_len = (byte)len(curve_OID); + // Param = curve_OID_len || curve_OID || public_key_alg_ID || 03 + // || 01 || KDF_hash_ID || KEK_alg_ID for AESKeyWrap || "Anonymous + // Sender " || recipient_fingerprint; + // Z_len = the key size for the KEK_alg_ID used with AESKeyWrap + // Compute Z = KDF( S, Z_len, Param ); + public static byte[] CreateUserKeyingMaterial(PublicKeyPacket pubKeyData) + { + MemoryStream pOut = new MemoryStream(); + ECDHPublicBcpgKey ecKey = (ECDHPublicBcpgKey)pubKeyData.Key; + byte[] encOid = ecKey.CurveOid.GetEncoded(); + + pOut.Write(encOid, 1, encOid.Length - 1); + pOut.WriteByte((byte)pubKeyData.Algorithm); + pOut.WriteByte(0x03); + pOut.WriteByte(0x01); + pOut.WriteByte((byte)ecKey.HashAlgorithm); + pOut.WriteByte((byte)ecKey.SymmetricKeyAlgorithm); + pOut.Write(ANONYMOUS_SENDER, 0, ANONYMOUS_SENDER.Length); + + byte[] fingerprint = PgpPublicKey.CalculateFingerprint(pubKeyData); + pOut.Write(fingerprint, 0, fingerprint.Length); + + return pOut.ToArray(); + } + + // RFC 6637 - Section 7 + // Implements KDF( X, oBits, Param ); + // Input: point X = (x,y) + // oBits - the desired size of output + // hBits - the size of output of hash function Hash + // Param - octets representing the parameters + // Assumes that oBits <= hBits + // Convert the point X to the octet string, see section 6: + // ZB' = 04 || x || y + // and extract the x portion from ZB' + // ZB = x; + // MB = Hash ( 00 || 00 || 00 || 01 || ZB || Param ); + // return oBits leftmost bits of MB. + private static byte[] Kdf(HashAlgorithmTag digestAlg, ECPoint s, int keyLen, byte[] parameters) + { + byte[] ZB = s.XCoord.GetEncoded(); + + string digestName = PgpUtilities.GetDigestName(digestAlg); + IDigest digest = DigestUtilities.GetDigest(digestName); + + digest.Update(0x00); + digest.Update(0x00); + digest.Update(0x00); + digest.Update(0x01); + digest.BlockUpdate(ZB, 0, ZB.Length); + digest.BlockUpdate(parameters, 0, parameters.Length); + + byte[] hash = DigestUtilities.DoFinal(digest); + + return Arrays.CopyOfRange(hash, 0, keyLen); + } + } +} diff --git a/BouncyCastle/crypto/src/openpgp/SXprUtilities.cs b/BouncyCastle/crypto/src/openpgp/SXprUtilities.cs new file mode 100644 index 0000000..68ff373 --- /dev/null +++ b/BouncyCastle/crypto/src/openpgp/SXprUtilities.cs @@ -0,0 +1,102 @@ +using System; +using System.IO; + +using Org.BouncyCastle.Utilities.IO; + +namespace Org.BouncyCastle.Bcpg.OpenPgp +{ + /** + * Utility functions for looking a S-expression keys. This class will move when it finds a better home! + *

    + * Format documented here: + * http://git.gnupg.org/cgi-bin/gitweb.cgi?p=gnupg.git;a=blob;f=agent/keyformat.txt;h=42c4b1f06faf1bbe71ffadc2fee0fad6bec91a97;hb=refs/heads/master + *

    + */ + public sealed class SXprUtilities + { + private SXprUtilities() + { + } + + private static int ReadLength(Stream input, int ch) + { + int len = ch - '0'; + + while ((ch = input.ReadByte()) >= 0 && ch != ':') + { + len = len * 10 + ch - '0'; + } + + return len; + } + + internal static string ReadString(Stream input, int ch) + { + int len = ReadLength(input, ch); + + char[] chars = new char[len]; + + for (int i = 0; i != chars.Length; i++) + { + chars[i] = (char)input.ReadByte(); + } + + return new string(chars); + } + + internal static byte[] ReadBytes(Stream input, int ch) + { + int len = ReadLength(input, ch); + + byte[] data = new byte[len]; + + Streams.ReadFully(input, data); + + return data; + } + + internal static S2k ParseS2k(Stream input) + { + SkipOpenParenthesis(input); + + string alg = ReadString(input, input.ReadByte()); + byte[] iv = ReadBytes(input, input.ReadByte()); + long iterationCount = Int64.Parse(ReadString(input, input.ReadByte())); + + SkipCloseParenthesis(input); + + // we have to return the actual iteration count provided. + return new MyS2k(HashAlgorithmTag.Sha1, iv, iterationCount); + } + + internal static void SkipOpenParenthesis(Stream input) + { + int ch = input.ReadByte(); + if (ch != '(') + throw new IOException("unknown character encountered"); + } + + internal static void SkipCloseParenthesis(Stream input) + { + int ch = input.ReadByte(); + if (ch != ')') + throw new IOException("unknown character encountered"); + } + + private class MyS2k : S2k + { + private readonly long mIterationCount64; + + internal MyS2k(HashAlgorithmTag algorithm, byte[] iv, long iterationCount64) + : base(algorithm, iv, (int)iterationCount64) + { + this.mIterationCount64 = iterationCount64; + } + + public override long IterationCount + { + get { return mIterationCount64; } + } + } + } +} diff --git a/BouncyCastle/crypto/src/openpgp/WrappedGeneratorStream.cs b/BouncyCastle/crypto/src/openpgp/WrappedGeneratorStream.cs new file mode 100644 index 0000000..5f4a4b0 --- /dev/null +++ b/BouncyCastle/crypto/src/openpgp/WrappedGeneratorStream.cs @@ -0,0 +1,37 @@ +using System.IO; + +using Org.BouncyCastle.Utilities.IO; + +namespace Org.BouncyCastle.Bcpg.OpenPgp +{ + public class WrappedGeneratorStream + : FilterStream + { + private readonly IStreamGenerator gen; + + public WrappedGeneratorStream( + IStreamGenerator gen, + Stream str) + : base(str) + { + this.gen = gen; + } + +#if PORTABLE + protected override void Dispose(bool disposing) + { + if (disposing) + { + gen.Close(); + return; + } + base.Dispose(disposing); + } +#else + public override void Close() + { + gen.Close(); + } +#endif + } +} diff --git a/BouncyCastle/crypto/src/openssl/EncryptionException.cs b/BouncyCastle/crypto/src/openssl/EncryptionException.cs new file mode 100644 index 0000000..043e902 --- /dev/null +++ b/BouncyCastle/crypto/src/openssl/EncryptionException.cs @@ -0,0 +1,25 @@ +using System; +using System.IO; + +namespace Org.BouncyCastle.Security +{ +#if !(NETCF_1_0 || NETCF_2_0 || SILVERLIGHT || PORTABLE) + [Serializable] +#endif + public class EncryptionException + : IOException + { + public EncryptionException( + string message) + : base(message) + { + } + + public EncryptionException( + string message, + Exception exception) + : base(message, exception) + { + } + } +} diff --git a/BouncyCastle/crypto/src/openssl/IPasswordFinder.cs b/BouncyCastle/crypto/src/openssl/IPasswordFinder.cs new file mode 100644 index 0000000..4fcef1b --- /dev/null +++ b/BouncyCastle/crypto/src/openssl/IPasswordFinder.cs @@ -0,0 +1,9 @@ +using System; + +namespace Org.BouncyCastle.OpenSsl +{ + public interface IPasswordFinder + { + char[] GetPassword(); + } +} diff --git a/BouncyCastle/crypto/src/openssl/MiscPemGenerator.cs b/BouncyCastle/crypto/src/openssl/MiscPemGenerator.cs new file mode 100644 index 0000000..d875f49 --- /dev/null +++ b/BouncyCastle/crypto/src/openssl/MiscPemGenerator.cs @@ -0,0 +1,274 @@ +using System; +using System.Collections; +using System.IO; + +using Org.BouncyCastle.Asn1; +using Org.BouncyCastle.Asn1.CryptoPro; +using Org.BouncyCastle.Asn1.Pkcs; +using Org.BouncyCastle.Asn1.X509; +using Org.BouncyCastle.Asn1.X9; +using Org.BouncyCastle.Crypto; +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Math; +using Org.BouncyCastle.Pkcs; +using Org.BouncyCastle.Security; +using Org.BouncyCastle.Security.Certificates; +using Org.BouncyCastle.Utilities; +using Org.BouncyCastle.Utilities.Encoders; +using Org.BouncyCastle.Utilities.IO.Pem; +using Org.BouncyCastle.X509; + +namespace Org.BouncyCastle.OpenSsl +{ + /** + * PEM generator for the original set of PEM objects used in Open SSL. + */ + public class MiscPemGenerator + : PemObjectGenerator + { + private object obj; + private string algorithm; + private char[] password; + private SecureRandom random; + + public MiscPemGenerator(object obj) + { + this.obj = obj; + } + + public MiscPemGenerator( + object obj, + string algorithm, + char[] password, + SecureRandom random) + { + this.obj = obj; + this.algorithm = algorithm; + this.password = password; + this.random = random; + } + + private static PemObject CreatePemObject(object obj) + { + if (obj == null) + throw new ArgumentNullException("obj"); + + if (obj is AsymmetricCipherKeyPair) + { + return CreatePemObject(((AsymmetricCipherKeyPair)obj).Private); + } + + string type; + byte[] encoding; + + if (obj is PemObject) + return (PemObject)obj; + + if (obj is PemObjectGenerator) + return ((PemObjectGenerator)obj).Generate(); + + if (obj is X509Certificate) + { + // TODO Should we prefer "X509 CERTIFICATE" here? + type = "CERTIFICATE"; + try + { + encoding = ((X509Certificate)obj).GetEncoded(); + } + catch (CertificateEncodingException e) + { + throw new IOException("Cannot Encode object: " + e.ToString()); + } + } + else if (obj is X509Crl) + { + type = "X509 CRL"; + try + { + encoding = ((X509Crl)obj).GetEncoded(); + } + catch (CrlException e) + { + throw new IOException("Cannot Encode object: " + e.ToString()); + } + } + else if (obj is AsymmetricKeyParameter) + { + AsymmetricKeyParameter akp = (AsymmetricKeyParameter) obj; + if (akp.IsPrivate) + { + encoding = EncodePrivateKey(akp, out type); + } + else + { + type = "PUBLIC KEY"; + + encoding = SubjectPublicKeyInfoFactory.CreateSubjectPublicKeyInfo(akp).GetDerEncoded(); + } + } + else if (obj is IX509AttributeCertificate) + { + type = "ATTRIBUTE CERTIFICATE"; + encoding = ((X509V2AttributeCertificate)obj).GetEncoded(); + } + else if (obj is Pkcs10CertificationRequest) + { + type = "CERTIFICATE REQUEST"; + encoding = ((Pkcs10CertificationRequest)obj).GetEncoded(); + } + else if (obj is Asn1.Cms.ContentInfo) + { + type = "PKCS7"; + encoding = ((Asn1.Cms.ContentInfo)obj).GetEncoded(); + } + else + { + throw new PemGenerationException("Object type not supported: " + Platform.GetTypeName(obj)); + } + + return new PemObject(type, encoding); + } + +// private string GetHexEncoded(byte[] bytes) +// { +// bytes = Hex.Encode(bytes); +// +// char[] chars = new char[bytes.Length]; +// +// for (int i = 0; i != bytes.Length; i++) +// { +// chars[i] = (char)bytes[i]; +// } +// +// return new string(chars); +// } + + private static PemObject CreatePemObject( + object obj, + string algorithm, + char[] password, + SecureRandom random) + { + if (obj == null) + throw new ArgumentNullException("obj"); + if (algorithm == null) + throw new ArgumentNullException("algorithm"); + if (password == null) + throw new ArgumentNullException("password"); + if (random == null) + throw new ArgumentNullException("random"); + + if (obj is AsymmetricCipherKeyPair) + { + return CreatePemObject(((AsymmetricCipherKeyPair)obj).Private, algorithm, password, random); + } + + string type = null; + byte[] keyData = null; + + if (obj is AsymmetricKeyParameter) + { + AsymmetricKeyParameter akp = (AsymmetricKeyParameter) obj; + if (akp.IsPrivate) + { + keyData = EncodePrivateKey(akp, out type); + } + } + + if (type == null || keyData == null) + { + // TODO Support other types? + throw new PemGenerationException("Object type not supported: " + Platform.GetTypeName(obj)); + } + + + string dekAlgName = Platform.ToUpperInvariant(algorithm); + + // Note: For backward compatibility + if (dekAlgName == "DESEDE") + { + dekAlgName = "DES-EDE3-CBC"; + } + + int ivLength = Platform.StartsWith(dekAlgName, "AES-") ? 16 : 8; + + byte[] iv = new byte[ivLength]; + random.NextBytes(iv); + + byte[] encData = PemUtilities.Crypt(true, keyData, password, dekAlgName, iv); + + IList headers = Platform.CreateArrayList(2); + + headers.Add(new PemHeader("Proc-Type", "4,ENCRYPTED")); + headers.Add(new PemHeader("DEK-Info", dekAlgName + "," + + Strings.ToUpperCase(Hex.ToHexString(iv)))); + + return new PemObject(type, headers, encData); + } + + private static byte[] EncodePrivateKey( + AsymmetricKeyParameter akp, + out string keyType) + { + PrivateKeyInfo info = PrivateKeyInfoFactory.CreatePrivateKeyInfo(akp); + AlgorithmIdentifier algID = info.PrivateKeyAlgorithm; + DerObjectIdentifier oid = algID.Algorithm; + + if (oid.Equals(X9ObjectIdentifiers.IdDsa)) + { + keyType = "DSA PRIVATE KEY"; + + DsaParameter p = DsaParameter.GetInstance(algID.Parameters); + + BigInteger x = ((DsaPrivateKeyParameters) akp).X; + BigInteger y = p.G.ModPow(x, p.P); + + // TODO Create an ASN1 object somewhere for this? + return new DerSequence( + new DerInteger(0), + new DerInteger(p.P), + new DerInteger(p.Q), + new DerInteger(p.G), + new DerInteger(y), + new DerInteger(x)).GetEncoded(); + } + + if (oid.Equals(PkcsObjectIdentifiers.RsaEncryption)) + { + keyType = "RSA PRIVATE KEY"; + + return info.ParsePrivateKey().GetEncoded(); + } + else if (oid.Equals(CryptoProObjectIdentifiers.GostR3410x2001) + || oid.Equals(X9ObjectIdentifiers.IdECPublicKey)) + { + keyType = "EC PRIVATE KEY"; + + return info.ParsePrivateKey().GetEncoded(); + } + else + { + keyType = "PRIVATE KEY"; + + return info.GetEncoded(); + } + } + + public PemObject Generate() + { + try + { + if (algorithm != null) + { + return CreatePemObject(obj, algorithm, password, random); + } + + return CreatePemObject(obj); + } + catch (IOException e) + { + throw new PemGenerationException("encoding exception", e); + } + } + } +} diff --git a/BouncyCastle/crypto/src/openssl/PEMException.cs b/BouncyCastle/crypto/src/openssl/PEMException.cs new file mode 100644 index 0000000..6b3e510 --- /dev/null +++ b/BouncyCastle/crypto/src/openssl/PEMException.cs @@ -0,0 +1,25 @@ +using System; +using System.IO; + +namespace Org.BouncyCastle.OpenSsl +{ +#if !(NETCF_1_0 || NETCF_2_0 || SILVERLIGHT || PORTABLE) + [Serializable] +#endif + public class PemException + : IOException + { + public PemException( + string message) + : base(message) + { + } + + public PemException( + string message, + Exception exception) + : base(message, exception) + { + } + } +} diff --git a/BouncyCastle/crypto/src/openssl/PEMReader.cs b/BouncyCastle/crypto/src/openssl/PEMReader.cs new file mode 100644 index 0000000..65d3f5a --- /dev/null +++ b/BouncyCastle/crypto/src/openssl/PEMReader.cs @@ -0,0 +1,391 @@ +using System; +using System.Collections; +using System.Diagnostics; +using System.IO; +using System.Text; + +using Org.BouncyCastle.Asn1; +using Org.BouncyCastle.Asn1.Nist; +using Org.BouncyCastle.Asn1.Pkcs; +using Org.BouncyCastle.Asn1.Sec; +using Org.BouncyCastle.Asn1.TeleTrust; +using Org.BouncyCastle.Asn1.X509; +using Org.BouncyCastle.Asn1.X9; +using Org.BouncyCastle.Crypto; +using Org.BouncyCastle.Crypto.EC; +using Org.BouncyCastle.Crypto.Generators; +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Pkcs; +using Org.BouncyCastle.Security; +using Org.BouncyCastle.Utilities; +using Org.BouncyCastle.Utilities.Encoders; +using Org.BouncyCastle.Utilities.IO.Pem; +using Org.BouncyCastle.X509; + +namespace Org.BouncyCastle.OpenSsl +{ + /** + * Class for reading OpenSSL PEM encoded streams containing + * X509 certificates, PKCS8 encoded keys and PKCS7 objects. + *

    + * In the case of PKCS7 objects the reader will return a CMS ContentInfo object. Keys and + * Certificates will be returned using the appropriate java.security type.

    + */ + public class PemReader + : Org.BouncyCastle.Utilities.IO.Pem.PemReader + { +// private static readonly IDictionary parsers = new Hashtable(); + + static PemReader() + { +// parsers.Add("CERTIFICATE REQUEST", new PKCS10CertificationRequestParser()); +// parsers.Add("NEW CERTIFICATE REQUEST", new PKCS10CertificationRequestParser()); +// parsers.Add("CERTIFICATE", new X509CertificateParser(provider)); +// parsers.Add("X509 CERTIFICATE", new X509CertificateParser(provider)); +// parsers.Add("X509 CRL", new X509CRLParser(provider)); +// parsers.Add("PKCS7", new PKCS7Parser()); +// parsers.Add("ATTRIBUTE CERTIFICATE", new X509AttributeCertificateParser()); +// parsers.Add("EC PARAMETERS", new ECNamedCurveSpecParser()); +// parsers.Add("PUBLIC KEY", new PublicKeyParser(provider)); +// parsers.Add("RSA PUBLIC KEY", new RSAPublicKeyParser(provider)); +// parsers.Add("RSA PRIVATE KEY", new RSAKeyPairParser(provider)); +// parsers.Add("DSA PRIVATE KEY", new DSAKeyPairParser(provider)); +// parsers.Add("EC PRIVATE KEY", new ECDSAKeyPairParser(provider)); +// parsers.Add("ENCRYPTED PRIVATE KEY", new EncryptedPrivateKeyParser(provider)); +// parsers.Add("PRIVATE KEY", new PrivateKeyParser(provider)); + } + + private readonly IPasswordFinder pFinder; + + /** + * Create a new PemReader + * + * @param reader the Reader + */ + public PemReader( + TextReader reader) + : this(reader, null) + { + } + + /** + * Create a new PemReader with a password finder + * + * @param reader the Reader + * @param pFinder the password finder + */ + public PemReader( + TextReader reader, + IPasswordFinder pFinder) + : base(reader) + { + this.pFinder = pFinder; + } + + public object ReadObject() + { + PemObject obj = ReadPemObject(); + + if (obj == null) + return null; + + // TODO Follow Java build and map to parser objects? +// if (parsers.Contains(obj.Type)) +// return ((PemObjectParser)parsers[obj.Type]).ParseObject(obj); + + if (Platform.EndsWith(obj.Type, "PRIVATE KEY")) + return ReadPrivateKey(obj); + + switch (obj.Type) + { + case "PUBLIC KEY": + return ReadPublicKey(obj); + case "RSA PUBLIC KEY": + return ReadRsaPublicKey(obj); + case "CERTIFICATE REQUEST": + case "NEW CERTIFICATE REQUEST": + return ReadCertificateRequest(obj); + case "CERTIFICATE": + case "X509 CERTIFICATE": + return ReadCertificate(obj); + case "PKCS7": + case "CMS": + return ReadPkcs7(obj); + case "X509 CRL": + return ReadCrl(obj); + case "ATTRIBUTE CERTIFICATE": + return ReadAttributeCertificate(obj); + // TODO Add back in when tests done, and return type issue resolved + //case "EC PARAMETERS": + // return ReadECParameters(obj); + default: + throw new IOException("unrecognised object: " + obj.Type); + } + } + + private AsymmetricKeyParameter ReadRsaPublicKey(PemObject pemObject) + { + RsaPublicKeyStructure rsaPubStructure = RsaPublicKeyStructure.GetInstance( + Asn1Object.FromByteArray(pemObject.Content)); + + return new RsaKeyParameters( + false, // not private + rsaPubStructure.Modulus, + rsaPubStructure.PublicExponent); + } + + private AsymmetricKeyParameter ReadPublicKey(PemObject pemObject) + { + return PublicKeyFactory.CreateKey(pemObject.Content); + } + + /** + * Reads in a X509Certificate. + * + * @return the X509Certificate + * @throws IOException if an I/O error occured + */ + private X509Certificate ReadCertificate(PemObject pemObject) + { + try + { + return new X509CertificateParser().ReadCertificate(pemObject.Content); + } + catch (Exception e) + { + throw new PemException("problem parsing cert: " + e.ToString()); + } + } + + /** + * Reads in a X509CRL. + * + * @return the X509Certificate + * @throws IOException if an I/O error occured + */ + private X509Crl ReadCrl(PemObject pemObject) + { + try + { + return new X509CrlParser().ReadCrl(pemObject.Content); + } + catch (Exception e) + { + throw new PemException("problem parsing cert: " + e.ToString()); + } + } + + /** + * Reads in a PKCS10 certification request. + * + * @return the certificate request. + * @throws IOException if an I/O error occured + */ + private Pkcs10CertificationRequest ReadCertificateRequest(PemObject pemObject) + { + try + { + return new Pkcs10CertificationRequest(pemObject.Content); + } + catch (Exception e) + { + throw new PemException("problem parsing cert: " + e.ToString()); + } + } + + /** + * Reads in a X509 Attribute Certificate. + * + * @return the X509 Attribute Certificate + * @throws IOException if an I/O error occured + */ + private IX509AttributeCertificate ReadAttributeCertificate(PemObject pemObject) + { + return new X509V2AttributeCertificate(pemObject.Content); + } + + /** + * Reads in a PKCS7 object. This returns a ContentInfo object suitable for use with the CMS + * API. + * + * @return the X509Certificate + * @throws IOException if an I/O error occured + */ + // TODO Consider returning Asn1.Pkcs.ContentInfo + private Asn1.Cms.ContentInfo ReadPkcs7(PemObject pemObject) + { + try + { + return Asn1.Cms.ContentInfo.GetInstance( + Asn1Object.FromByteArray(pemObject.Content)); + } + catch (Exception e) + { + throw new PemException("problem parsing PKCS7 object: " + e.ToString()); + } + } + + /** + * Read a Key Pair + */ + private object ReadPrivateKey(PemObject pemObject) + { + // + // extract the key + // + Debug.Assert(Platform.EndsWith(pemObject.Type, "PRIVATE KEY")); + + string type = pemObject.Type.Substring(0, pemObject.Type.Length - "PRIVATE KEY".Length).Trim(); + byte[] keyBytes = pemObject.Content; + + IDictionary fields = Platform.CreateHashtable(); + foreach (PemHeader header in pemObject.Headers) + { + fields[header.Name] = header.Value; + } + + string procType = (string) fields["Proc-Type"]; + + if (procType == "4,ENCRYPTED") + { + if (pFinder == null) + throw new PasswordException("No password finder specified, but a password is required"); + + char[] password = pFinder.GetPassword(); + + if (password == null) + throw new PasswordException("Password is null, but a password is required"); + + string dekInfo = (string) fields["DEK-Info"]; + string[] tknz = dekInfo.Split(','); + + string dekAlgName = tknz[0].Trim(); + byte[] iv = Hex.Decode(tknz[1].Trim()); + + keyBytes = PemUtilities.Crypt(false, keyBytes, password, dekAlgName, iv); + } + + try + { + AsymmetricKeyParameter pubSpec, privSpec; + Asn1Sequence seq = Asn1Sequence.GetInstance(keyBytes); + + switch (type) + { + case "RSA": + { + if (seq.Count != 9) + throw new PemException("malformed sequence in RSA private key"); + + RsaPrivateKeyStructure rsa = RsaPrivateKeyStructure.GetInstance(seq); + + pubSpec = new RsaKeyParameters(false, rsa.Modulus, rsa.PublicExponent); + privSpec = new RsaPrivateCrtKeyParameters( + rsa.Modulus, rsa.PublicExponent, rsa.PrivateExponent, + rsa.Prime1, rsa.Prime2, rsa.Exponent1, rsa.Exponent2, + rsa.Coefficient); + + break; + } + + case "DSA": + { + if (seq.Count != 6) + throw new PemException("malformed sequence in DSA private key"); + + // TODO Create an ASN1 object somewhere for this? + //DerInteger v = (DerInteger)seq[0]; + DerInteger p = (DerInteger)seq[1]; + DerInteger q = (DerInteger)seq[2]; + DerInteger g = (DerInteger)seq[3]; + DerInteger y = (DerInteger)seq[4]; + DerInteger x = (DerInteger)seq[5]; + + DsaParameters parameters = new DsaParameters(p.Value, q.Value, g.Value); + + privSpec = new DsaPrivateKeyParameters(x.Value, parameters); + pubSpec = new DsaPublicKeyParameters(y.Value, parameters); + + break; + } + + case "EC": + { + ECPrivateKeyStructure pKey = ECPrivateKeyStructure.GetInstance(seq); + AlgorithmIdentifier algId = new AlgorithmIdentifier( + X9ObjectIdentifiers.IdECPublicKey, pKey.GetParameters()); + + PrivateKeyInfo privInfo = new PrivateKeyInfo(algId, pKey.ToAsn1Object()); + + // TODO Are the keys returned here ECDSA, as Java version forces? + privSpec = PrivateKeyFactory.CreateKey(privInfo); + + DerBitString pubKey = pKey.GetPublicKey(); + if (pubKey != null) + { + SubjectPublicKeyInfo pubInfo = new SubjectPublicKeyInfo(algId, pubKey.GetBytes()); + + // TODO Are the keys returned here ECDSA, as Java version forces? + pubSpec = PublicKeyFactory.CreateKey(pubInfo); + } + else + { + pubSpec = ECKeyPairGenerator.GetCorrespondingPublicKey( + (ECPrivateKeyParameters)privSpec); + } + + break; + } + + case "ENCRYPTED": + { + char[] password = pFinder.GetPassword(); + + if (password == null) + throw new PasswordException("Password is null, but a password is required"); + + return PrivateKeyFactory.DecryptKey(password, EncryptedPrivateKeyInfo.GetInstance(seq)); + } + + case "": + { + return PrivateKeyFactory.CreateKey(PrivateKeyInfo.GetInstance(seq)); + } + + default: + throw new ArgumentException("Unknown key type: " + type, "type"); + } + + return new AsymmetricCipherKeyPair(pubSpec, privSpec); + } + catch (IOException e) + { + throw e; + } + catch (Exception e) + { + throw new PemException( + "problem creating " + type + " private key: " + e.ToString()); + } + } + + // TODO Add an equivalent class for ECNamedCurveParameterSpec? + //private ECNamedCurveParameterSpec ReadECParameters( +// private X9ECParameters ReadECParameters(PemObject pemObject) +// { +// DerObjectIdentifier oid = (DerObjectIdentifier)Asn1Object.FromByteArray(pemObject.Content); +// +// //return ECNamedCurveTable.getParameterSpec(oid.Id); +// return GetCurveParameters(oid.Id); +// } + + private static X9ECParameters GetCurveParameters(string name) + { + X9ECParameters ecP = ECKeyPairGenerator.FindECCurveByName(name); + if (ecP == null) + throw new Exception("unknown curve name: " + name); + + return ecP; + } + } +} diff --git a/BouncyCastle/crypto/src/openssl/PEMUtilities.cs b/BouncyCastle/crypto/src/openssl/PEMUtilities.cs new file mode 100644 index 0000000..b58e5e7 --- /dev/null +++ b/BouncyCastle/crypto/src/openssl/PEMUtilities.cs @@ -0,0 +1,158 @@ +using System; + +using Org.BouncyCastle.Crypto; +using Org.BouncyCastle.Crypto.Generators; +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Security; +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.OpenSsl +{ + internal sealed class PemUtilities + { + private enum PemBaseAlg { AES_128, AES_192, AES_256, BF, DES, DES_EDE, DES_EDE3, RC2, RC2_40, RC2_64 }; + private enum PemMode { CBC, CFB, ECB, OFB }; + + static PemUtilities() + { + // Signal to obfuscation tools not to change enum constants + ((PemBaseAlg)Enums.GetArbitraryValue(typeof(PemBaseAlg))).ToString(); + ((PemMode)Enums.GetArbitraryValue(typeof(PemMode))).ToString(); + } + + private static void ParseDekAlgName( + string dekAlgName, + out PemBaseAlg baseAlg, + out PemMode mode) + { + try + { + mode = PemMode.ECB; + + if (dekAlgName == "DES-EDE" || dekAlgName == "DES-EDE3") + { + baseAlg = (PemBaseAlg)Enums.GetEnumValue(typeof(PemBaseAlg), dekAlgName); + return; + } + + int pos = dekAlgName.LastIndexOf('-'); + if (pos >= 0) + { + baseAlg = (PemBaseAlg)Enums.GetEnumValue(typeof(PemBaseAlg), dekAlgName.Substring(0, pos)); + mode = (PemMode)Enums.GetEnumValue(typeof(PemMode), dekAlgName.Substring(pos + 1)); + return; + } + } + catch (ArgumentException) + { + } + + throw new EncryptionException("Unknown DEK algorithm: " + dekAlgName); + } + + internal static byte[] Crypt( + bool encrypt, + byte[] bytes, + char[] password, + string dekAlgName, + byte[] iv) + { + PemBaseAlg baseAlg; + PemMode mode; + ParseDekAlgName(dekAlgName, out baseAlg, out mode); + + string padding; + switch (mode) + { + case PemMode.CBC: + case PemMode.ECB: + padding = "PKCS5Padding"; + break; + case PemMode.CFB: + case PemMode.OFB: + padding = "NoPadding"; + break; + default: + throw new EncryptionException("Unknown DEK algorithm: " + dekAlgName); + } + + string algorithm; + + byte[] salt = iv; + switch (baseAlg) + { + case PemBaseAlg.AES_128: + case PemBaseAlg.AES_192: + case PemBaseAlg.AES_256: + algorithm = "AES"; + if (salt.Length > 8) + { + salt = new byte[8]; + Array.Copy(iv, 0, salt, 0, salt.Length); + } + break; + case PemBaseAlg.BF: + algorithm = "BLOWFISH"; + break; + case PemBaseAlg.DES: + algorithm = "DES"; + break; + case PemBaseAlg.DES_EDE: + case PemBaseAlg.DES_EDE3: + algorithm = "DESede"; + break; + case PemBaseAlg.RC2: + case PemBaseAlg.RC2_40: + case PemBaseAlg.RC2_64: + algorithm = "RC2"; + break; + default: + throw new EncryptionException("Unknown DEK algorithm: " + dekAlgName); + } + + string cipherName = algorithm + "/" + mode + "/" + padding; + IBufferedCipher cipher = CipherUtilities.GetCipher(cipherName); + + ICipherParameters cParams = GetCipherParameters(password, baseAlg, salt); + + if (mode != PemMode.ECB) + { + cParams = new ParametersWithIV(cParams, iv); + } + + cipher.Init(encrypt, cParams); + + return cipher.DoFinal(bytes); + } + + private static ICipherParameters GetCipherParameters( + char[] password, + PemBaseAlg baseAlg, + byte[] salt) + { + string algorithm; + int keyBits; + switch (baseAlg) + { + case PemBaseAlg.AES_128: keyBits = 128; algorithm = "AES128"; break; + case PemBaseAlg.AES_192: keyBits = 192; algorithm = "AES192"; break; + case PemBaseAlg.AES_256: keyBits = 256; algorithm = "AES256"; break; + case PemBaseAlg.BF: keyBits = 128; algorithm = "BLOWFISH"; break; + case PemBaseAlg.DES: keyBits = 64; algorithm = "DES"; break; + case PemBaseAlg.DES_EDE: keyBits = 128; algorithm = "DESEDE"; break; + case PemBaseAlg.DES_EDE3: keyBits = 192; algorithm = "DESEDE3"; break; + case PemBaseAlg.RC2: keyBits = 128; algorithm = "RC2"; break; + case PemBaseAlg.RC2_40: keyBits = 40; algorithm = "RC2"; break; + case PemBaseAlg.RC2_64: keyBits = 64; algorithm = "RC2"; break; + default: + return null; + } + + OpenSslPbeParametersGenerator pGen = new OpenSslPbeParametersGenerator(); + + pGen.Init(PbeParametersGenerator.Pkcs5PasswordToBytes(password), salt); + + return pGen.GenerateDerivedParameters(algorithm, keyBits); + } + } +} diff --git a/BouncyCastle/crypto/src/openssl/PEMWriter.cs b/BouncyCastle/crypto/src/openssl/PEMWriter.cs new file mode 100644 index 0000000..aefb018 --- /dev/null +++ b/BouncyCastle/crypto/src/openssl/PEMWriter.cs @@ -0,0 +1,61 @@ +using System; +using System.Diagnostics; +using System.Globalization; +using System.IO; +using System.Text; + +using Org.BouncyCastle.Asn1; +using Org.BouncyCastle.Asn1.CryptoPro; +using Org.BouncyCastle.Asn1.Pkcs; +using Org.BouncyCastle.Asn1.X509; +using Org.BouncyCastle.Asn1.X9; +using Org.BouncyCastle.Crypto; +using Org.BouncyCastle.Crypto.Generators; +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Math; +using Org.BouncyCastle.Pkcs; +using Org.BouncyCastle.Security; +using Org.BouncyCastle.Security.Certificates; +using Org.BouncyCastle.Utilities.Encoders; +using Org.BouncyCastle.Utilities.IO.Pem; +using Org.BouncyCastle.X509; + +namespace Org.BouncyCastle.OpenSsl +{ + /// General purpose writer for OpenSSL PEM objects. + public class PemWriter + : Org.BouncyCastle.Utilities.IO.Pem.PemWriter + { + /// The TextWriter object to write the output to. + public PemWriter( + TextWriter writer) + : base(writer) + { + } + + public void WriteObject( + object obj) + { + try + { + base.WriteObject(new MiscPemGenerator(obj)); + } + catch (PemGenerationException e) + { + if (e.InnerException is IOException) + throw (IOException)e.InnerException; + + throw e; + } + } + + public void WriteObject( + object obj, + string algorithm, + char[] password, + SecureRandom random) + { + base.WriteObject(new MiscPemGenerator(obj, algorithm, password, random)); + } + } +} diff --git a/BouncyCastle/crypto/src/openssl/PasswordException.cs b/BouncyCastle/crypto/src/openssl/PasswordException.cs new file mode 100644 index 0000000..38e679b --- /dev/null +++ b/BouncyCastle/crypto/src/openssl/PasswordException.cs @@ -0,0 +1,25 @@ +using System; +using System.IO; + +namespace Org.BouncyCastle.Security +{ +#if !(NETCF_1_0 || NETCF_2_0 || SILVERLIGHT || PORTABLE) + [Serializable] +#endif + public class PasswordException + : IOException + { + public PasswordException( + string message) + : base(message) + { + } + + public PasswordException( + string message, + Exception exception) + : base(message, exception) + { + } + } +} diff --git a/BouncyCastle/crypto/src/openssl/Pkcs8Generator.cs b/BouncyCastle/crypto/src/openssl/Pkcs8Generator.cs new file mode 100644 index 0000000..d03ea08 --- /dev/null +++ b/BouncyCastle/crypto/src/openssl/Pkcs8Generator.cs @@ -0,0 +1,111 @@ +using System; +using System.Collections; +using System.IO; + +using Org.BouncyCastle.Asn1; +using Org.BouncyCastle.Asn1.Nist; +using Org.BouncyCastle.Asn1.Pkcs; +using Org.BouncyCastle.Asn1.X509; +using Org.BouncyCastle.Crypto; +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Pkcs; +using Org.BouncyCastle.Security; +using Org.BouncyCastle.Utilities.IO.Pem; + +namespace Org.BouncyCastle.OpenSsl +{ + public class Pkcs8Generator + : PemObjectGenerator + { + // FIXME See PbeUtilities static constructor +// public static readonly string Aes128Cbc = NistObjectIdentifiers.IdAes128Cbc.Id; +// public static readonly string Aes192Cbc = NistObjectIdentifiers.IdAes192Cbc.Id; +// public static readonly string Aes256Cbc = NistObjectIdentifiers.IdAes256Cbc.Id; +// +// public static readonly string Des3Cbc = PkcsObjectIdentifiers.DesEde3Cbc.Id; + + public static readonly string PbeSha1_RC4_128 = PkcsObjectIdentifiers.PbeWithShaAnd128BitRC4.Id; + public static readonly string PbeSha1_RC4_40 = PkcsObjectIdentifiers.PbeWithShaAnd40BitRC4.Id; + public static readonly string PbeSha1_3DES = PkcsObjectIdentifiers.PbeWithShaAnd3KeyTripleDesCbc.Id; + public static readonly string PbeSha1_2DES = PkcsObjectIdentifiers.PbeWithShaAnd2KeyTripleDesCbc.Id; + public static readonly string PbeSha1_RC2_128 = PkcsObjectIdentifiers.PbeWithShaAnd128BitRC2Cbc.Id; + public static readonly string PbeSha1_RC2_40 = PkcsObjectIdentifiers.PbewithShaAnd40BitRC2Cbc.Id; + + private char[] password; + private string algorithm; + private int iterationCount; + private AsymmetricKeyParameter privKey; + private SecureRandom random; + + /** + * Constructor for an unencrypted private key PEM object. + * + * @param key private key to be encoded. + */ + public Pkcs8Generator(AsymmetricKeyParameter privKey) + { + this.privKey = privKey; + } + + /** + * Constructor for an encrypted private key PEM object. + * + * @param key private key to be encoded + * @param algorithm encryption algorithm to use + * @param provider provider to use + * @throws NoSuchAlgorithmException if algorithm/mode cannot be found + */ + public Pkcs8Generator(AsymmetricKeyParameter privKey, string algorithm) + { + // TODO Check privKey.IsPrivate + this.privKey = privKey; + this.algorithm = algorithm; + this.iterationCount = 2048; + } + + public SecureRandom SecureRandom + { + set { this.random = value; } + } + + public char[] Password + { + set { this.password = value; } + } + + public int IterationCount + { + set { this.iterationCount = value; } + } + + public PemObject Generate() + { + if (algorithm == null) + { + PrivateKeyInfo pki = PrivateKeyInfoFactory.CreatePrivateKeyInfo(privKey); + + return new PemObject("PRIVATE KEY", pki.GetEncoded()); + } + + // TODO Theoretically, the amount of salt needed depends on the algorithm + byte[] salt = new byte[20]; + if (random == null) + { + random = new SecureRandom(); + } + random.NextBytes(salt); + + try + { + EncryptedPrivateKeyInfo epki = EncryptedPrivateKeyInfoFactory.CreateEncryptedPrivateKeyInfo( + algorithm, password, salt, iterationCount, privKey); + + return new PemObject("ENCRYPTED PRIVATE KEY", epki.GetEncoded()); + } + catch (Exception e) + { + throw new PemGenerationException("Couldn't encrypt private key", e); + } + } + } +} diff --git a/BouncyCastle/crypto/src/pkcs/AsymmetricKeyEntry.cs b/BouncyCastle/crypto/src/pkcs/AsymmetricKeyEntry.cs new file mode 100644 index 0000000..6da3ade --- /dev/null +++ b/BouncyCastle/crypto/src/pkcs/AsymmetricKeyEntry.cs @@ -0,0 +1,60 @@ +using System; +using System.Collections; + +using Org.BouncyCastle.Crypto; +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Pkcs +{ + public class AsymmetricKeyEntry + : Pkcs12Entry + { + private readonly AsymmetricKeyParameter key; + + public AsymmetricKeyEntry( + AsymmetricKeyParameter key) + : base(Platform.CreateHashtable()) + { + this.key = key; + } + +#if !(SILVERLIGHT || PORTABLE) + [Obsolete] + public AsymmetricKeyEntry( + AsymmetricKeyParameter key, + Hashtable attributes) + : base(attributes) + { + this.key = key; + } +#endif + + public AsymmetricKeyEntry( + AsymmetricKeyParameter key, + IDictionary attributes) + : base(attributes) + { + this.key = key; + } + + public AsymmetricKeyParameter Key + { + get { return this.key; } + } + + public override bool Equals(object obj) + { + AsymmetricKeyEntry other = obj as AsymmetricKeyEntry; + + if (other == null) + return false; + + return key.Equals(other.key); + } + + public override int GetHashCode() + { + return ~key.GetHashCode(); + } + } +} diff --git a/BouncyCastle/crypto/src/pkcs/EncryptedPrivateKeyInfoFactory.cs b/BouncyCastle/crypto/src/pkcs/EncryptedPrivateKeyInfoFactory.cs new file mode 100644 index 0000000..000eb7a --- /dev/null +++ b/BouncyCastle/crypto/src/pkcs/EncryptedPrivateKeyInfoFactory.cs @@ -0,0 +1,102 @@ +using System; + +using Org.BouncyCastle.Asn1; +using Org.BouncyCastle.Asn1.Pkcs; +using Org.BouncyCastle.Asn1.X509; +using Org.BouncyCastle.Crypto; +using Org.BouncyCastle.Security; + +namespace Org.BouncyCastle.Pkcs +{ + public sealed class EncryptedPrivateKeyInfoFactory + { + private EncryptedPrivateKeyInfoFactory() + { + } + + public static EncryptedPrivateKeyInfo CreateEncryptedPrivateKeyInfo( + DerObjectIdentifier algorithm, + char[] passPhrase, + byte[] salt, + int iterationCount, + AsymmetricKeyParameter key) + { + return CreateEncryptedPrivateKeyInfo( + algorithm.Id, passPhrase, salt, iterationCount, + PrivateKeyInfoFactory.CreatePrivateKeyInfo(key)); + } + + public static EncryptedPrivateKeyInfo CreateEncryptedPrivateKeyInfo( + string algorithm, + char[] passPhrase, + byte[] salt, + int iterationCount, + AsymmetricKeyParameter key) + { + return CreateEncryptedPrivateKeyInfo( + algorithm, passPhrase, salt, iterationCount, + PrivateKeyInfoFactory.CreatePrivateKeyInfo(key)); + } + + public static EncryptedPrivateKeyInfo CreateEncryptedPrivateKeyInfo( + string algorithm, + char[] passPhrase, + byte[] salt, + int iterationCount, + PrivateKeyInfo keyInfo) + { + IBufferedCipher cipher = PbeUtilities.CreateEngine(algorithm) as IBufferedCipher; + if (cipher == null) + throw new Exception("Unknown encryption algorithm: " + algorithm); + + Asn1Encodable pbeParameters = PbeUtilities.GenerateAlgorithmParameters( + algorithm, salt, iterationCount); + ICipherParameters cipherParameters = PbeUtilities.GenerateCipherParameters( + algorithm, passPhrase, pbeParameters); + cipher.Init(true, cipherParameters); + byte[] encoding = cipher.DoFinal(keyInfo.GetEncoded()); + + DerObjectIdentifier oid = PbeUtilities.GetObjectIdentifier(algorithm); + AlgorithmIdentifier algID = new AlgorithmIdentifier(oid, pbeParameters); + return new EncryptedPrivateKeyInfo(algID, encoding); + } + + public static EncryptedPrivateKeyInfo CreateEncryptedPrivateKeyInfo( + DerObjectIdentifier cipherAlgorithm, + DerObjectIdentifier prfAlgorithm, + char[] passPhrase, + byte[] salt, + int iterationCount, + SecureRandom random, + AsymmetricKeyParameter key) + { + return CreateEncryptedPrivateKeyInfo( + cipherAlgorithm, prfAlgorithm, passPhrase, salt, iterationCount, random, + PrivateKeyInfoFactory.CreatePrivateKeyInfo(key)); + } + + public static EncryptedPrivateKeyInfo CreateEncryptedPrivateKeyInfo( + DerObjectIdentifier cipherAlgorithm, + DerObjectIdentifier prfAlgorithm, + char[] passPhrase, + byte[] salt, + int iterationCount, + SecureRandom random, + PrivateKeyInfo keyInfo) + { + IBufferedCipher cipher = CipherUtilities.GetCipher(cipherAlgorithm) as IBufferedCipher; + if (cipher == null) + throw new Exception("Unknown encryption algorithm: " + cipherAlgorithm); + + Asn1Encodable pbeParameters = PbeUtilities.GenerateAlgorithmParameters( + cipherAlgorithm, prfAlgorithm, salt, iterationCount, random); + ICipherParameters cipherParameters = PbeUtilities.GenerateCipherParameters( + PkcsObjectIdentifiers.IdPbeS2, passPhrase, pbeParameters); + cipher.Init(true, cipherParameters); + byte[] encoding = cipher.DoFinal(keyInfo.GetEncoded()); + + AlgorithmIdentifier algID = new AlgorithmIdentifier(PkcsObjectIdentifiers.IdPbeS2, pbeParameters); + return new EncryptedPrivateKeyInfo(algID, encoding); + } + } +} diff --git a/BouncyCastle/crypto/src/pkcs/PKCS12StoreBuilder.cs b/BouncyCastle/crypto/src/pkcs/PKCS12StoreBuilder.cs new file mode 100644 index 0000000..b61a9ea --- /dev/null +++ b/BouncyCastle/crypto/src/pkcs/PKCS12StoreBuilder.cs @@ -0,0 +1,50 @@ +using System; + +using Org.BouncyCastle.Asn1; +using Org.BouncyCastle.Asn1.Pkcs; + +namespace Org.BouncyCastle.Pkcs +{ + public class Pkcs12StoreBuilder + { + private DerObjectIdentifier keyAlgorithm = PkcsObjectIdentifiers.PbeWithShaAnd3KeyTripleDesCbc; + private DerObjectIdentifier certAlgorithm = PkcsObjectIdentifiers.PbewithShaAnd40BitRC2Cbc; + private DerObjectIdentifier keyPrfAlgorithm = null; + private DerObjectIdentifier certPrfAlgorithm = null; + private bool useDerEncoding = false; + + public Pkcs12StoreBuilder() + { + } + + public Pkcs12Store Build() + { + return new Pkcs12Store(keyAlgorithm, keyPrfAlgorithm, certAlgorithm, certPrfAlgorithm, useDerEncoding); + } + + public Pkcs12StoreBuilder SetCertAlgorithm(DerObjectIdentifier certAlgorithm) + { + this.certAlgorithm = certAlgorithm; + return this; + } + + public Pkcs12StoreBuilder SetKeyAlgorithm(DerObjectIdentifier keyAlgorithm) + { + this.keyAlgorithm = keyAlgorithm; + return this; + } + + // Specify a PKCS#5 Scheme 2 encryption for keys + public Pkcs12StoreBuilder SetKeyAlgorithm(DerObjectIdentifier keyAlgorithm, DerObjectIdentifier keyPrfAlgorithm) + { + this.keyAlgorithm = keyAlgorithm; + this.keyPrfAlgorithm = keyPrfAlgorithm; + return this; + } + public Pkcs12StoreBuilder SetUseDerEncoding(bool useDerEncoding) + { + this.useDerEncoding = useDerEncoding; + return this; + } + } +} diff --git a/BouncyCastle/crypto/src/pkcs/Pkcs10CertificationRequest.cs b/BouncyCastle/crypto/src/pkcs/Pkcs10CertificationRequest.cs new file mode 100644 index 0000000..c4624bf --- /dev/null +++ b/BouncyCastle/crypto/src/pkcs/Pkcs10CertificationRequest.cs @@ -0,0 +1,553 @@ +using System; +using System.Collections; +using System.IO; + +using Org.BouncyCastle.Asn1; +using Org.BouncyCastle.Asn1.CryptoPro; +using Org.BouncyCastle.Asn1.Nist; +using Org.BouncyCastle.Asn1.Oiw; +using Org.BouncyCastle.Asn1.Pkcs; +using Org.BouncyCastle.Asn1.TeleTrust; +using Org.BouncyCastle.Asn1.X509; +using Org.BouncyCastle.Asn1.X9; +using Org.BouncyCastle.Crypto; +using Org.BouncyCastle.Security; +using Org.BouncyCastle.Utilities; +using Org.BouncyCastle.Utilities.Collections; +using Org.BouncyCastle.X509; +using Org.BouncyCastle.Crypto.Operators; +using Org.BouncyCastle.Asn1.Utilities; + +namespace Org.BouncyCastle.Pkcs +{ + /// + /// A class for verifying and creating Pkcs10 Certification requests. + /// + /// + /// CertificationRequest ::= Sequence { + /// certificationRequestInfo CertificationRequestInfo, + /// signatureAlgorithm AlgorithmIdentifier{{ SignatureAlgorithms }}, + /// signature BIT STRING + /// } + /// + /// CertificationRequestInfo ::= Sequence { + /// version Integer { v1(0) } (v1,...), + /// subject Name, + /// subjectPKInfo SubjectPublicKeyInfo{{ PKInfoAlgorithms }}, + /// attributes [0] Attributes{{ CRIAttributes }} + /// } + /// + /// Attributes { ATTRIBUTE:IOSet } ::= Set OF Attr{{ IOSet }} + /// + /// Attr { ATTRIBUTE:IOSet } ::= Sequence { + /// type ATTRIBUTE.&id({IOSet}), + /// values Set SIZE(1..MAX) OF ATTRIBUTE.&Type({IOSet}{\@type}) + /// } + /// + /// see + public class Pkcs10CertificationRequest + : CertificationRequest + { + protected static readonly IDictionary algorithms = Platform.CreateHashtable(); + protected static readonly IDictionary exParams = Platform.CreateHashtable(); + protected static readonly IDictionary keyAlgorithms = Platform.CreateHashtable(); + protected static readonly IDictionary oids = Platform.CreateHashtable(); + protected static readonly ISet noParams = new HashSet(); + + static Pkcs10CertificationRequest() + { + algorithms.Add("MD2WITHRSAENCRYPTION", PkcsObjectIdentifiers.MD2WithRsaEncryption); + algorithms.Add("MD2WITHRSA", PkcsObjectIdentifiers.MD2WithRsaEncryption); + algorithms.Add("MD5WITHRSAENCRYPTION", PkcsObjectIdentifiers.MD5WithRsaEncryption); + algorithms.Add("MD5WITHRSA", PkcsObjectIdentifiers.MD5WithRsaEncryption); + algorithms.Add("RSAWITHMD5", PkcsObjectIdentifiers.MD5WithRsaEncryption); + algorithms.Add("SHA1WITHRSAENCRYPTION", PkcsObjectIdentifiers.Sha1WithRsaEncryption); + algorithms.Add("SHA-1WITHRSAENCRYPTION", PkcsObjectIdentifiers.Sha1WithRsaEncryption); + algorithms.Add("SHA1WITHRSA", PkcsObjectIdentifiers.Sha1WithRsaEncryption); + algorithms.Add("SHA-1WITHRSA", PkcsObjectIdentifiers.Sha1WithRsaEncryption); + algorithms.Add("SHA224WITHRSAENCRYPTION", PkcsObjectIdentifiers.Sha224WithRsaEncryption); + algorithms.Add("SHA-224WITHRSAENCRYPTION", PkcsObjectIdentifiers.Sha224WithRsaEncryption); + algorithms.Add("SHA224WITHRSA", PkcsObjectIdentifiers.Sha224WithRsaEncryption); + algorithms.Add("SHA-224WITHRSA", PkcsObjectIdentifiers.Sha224WithRsaEncryption); + algorithms.Add("SHA256WITHRSAENCRYPTION", PkcsObjectIdentifiers.Sha256WithRsaEncryption); + algorithms.Add("SHA-256WITHRSAENCRYPTION", PkcsObjectIdentifiers.Sha256WithRsaEncryption); + algorithms.Add("SHA256WITHRSA", PkcsObjectIdentifiers.Sha256WithRsaEncryption); + algorithms.Add("SHA-256WITHRSA", PkcsObjectIdentifiers.Sha256WithRsaEncryption); + algorithms.Add("SHA384WITHRSAENCRYPTION", PkcsObjectIdentifiers.Sha384WithRsaEncryption); + algorithms.Add("SHA-384WITHRSAENCRYPTION", PkcsObjectIdentifiers.Sha384WithRsaEncryption); + algorithms.Add("SHA384WITHRSA", PkcsObjectIdentifiers.Sha384WithRsaEncryption); + algorithms.Add("SHA-384WITHRSA", PkcsObjectIdentifiers.Sha384WithRsaEncryption); + algorithms.Add("SHA512WITHRSAENCRYPTION", PkcsObjectIdentifiers.Sha512WithRsaEncryption); + algorithms.Add("SHA-512WITHRSAENCRYPTION", PkcsObjectIdentifiers.Sha512WithRsaEncryption); + algorithms.Add("SHA512WITHRSA", PkcsObjectIdentifiers.Sha512WithRsaEncryption); + algorithms.Add("SHA-512WITHRSA", PkcsObjectIdentifiers.Sha512WithRsaEncryption); + algorithms.Add("SHA512(224)WITHRSAENCRYPTION", PkcsObjectIdentifiers.Sha512_224WithRSAEncryption); + algorithms.Add("SHA-512(224)WITHRSAENCRYPTION", PkcsObjectIdentifiers.Sha512_224WithRSAEncryption); + algorithms.Add("SHA512(224)WITHRSA", PkcsObjectIdentifiers.Sha512_224WithRSAEncryption); + algorithms.Add("SHA-512(224)WITHRSA", PkcsObjectIdentifiers.Sha512_224WithRSAEncryption); + algorithms.Add("SHA512(256)WITHRSAENCRYPTION", PkcsObjectIdentifiers.Sha512_256WithRSAEncryption); + algorithms.Add("SHA-512(256)WITHRSAENCRYPTION", PkcsObjectIdentifiers.Sha512_256WithRSAEncryption); + algorithms.Add("SHA512(256)WITHRSA", PkcsObjectIdentifiers.Sha512_256WithRSAEncryption); + algorithms.Add("SHA-512(256)WITHRSA", PkcsObjectIdentifiers.Sha512_256WithRSAEncryption); + algorithms.Add("SHA1WITHRSAANDMGF1", PkcsObjectIdentifiers.IdRsassaPss); + algorithms.Add("SHA224WITHRSAANDMGF1", PkcsObjectIdentifiers.IdRsassaPss); + algorithms.Add("SHA256WITHRSAANDMGF1", PkcsObjectIdentifiers.IdRsassaPss); + algorithms.Add("SHA384WITHRSAANDMGF1", PkcsObjectIdentifiers.IdRsassaPss); + algorithms.Add("SHA512WITHRSAANDMGF1", PkcsObjectIdentifiers.IdRsassaPss); + algorithms.Add("RSAWITHSHA1", PkcsObjectIdentifiers.Sha1WithRsaEncryption); + algorithms.Add("RIPEMD128WITHRSAENCRYPTION", TeleTrusTObjectIdentifiers.RsaSignatureWithRipeMD128); + algorithms.Add("RIPEMD128WITHRSA", TeleTrusTObjectIdentifiers.RsaSignatureWithRipeMD128); + algorithms.Add("RIPEMD160WITHRSAENCRYPTION", TeleTrusTObjectIdentifiers.RsaSignatureWithRipeMD160); + algorithms.Add("RIPEMD160WITHRSA", TeleTrusTObjectIdentifiers.RsaSignatureWithRipeMD160); + algorithms.Add("RIPEMD256WITHRSAENCRYPTION", TeleTrusTObjectIdentifiers.RsaSignatureWithRipeMD256); + algorithms.Add("RIPEMD256WITHRSA", TeleTrusTObjectIdentifiers.RsaSignatureWithRipeMD256); + algorithms.Add("SHA1WITHDSA", X9ObjectIdentifiers.IdDsaWithSha1); + algorithms.Add("DSAWITHSHA1", X9ObjectIdentifiers.IdDsaWithSha1); + algorithms.Add("SHA224WITHDSA", NistObjectIdentifiers.DsaWithSha224); + algorithms.Add("SHA256WITHDSA", NistObjectIdentifiers.DsaWithSha256); + algorithms.Add("SHA384WITHDSA", NistObjectIdentifiers.DsaWithSha384); + algorithms.Add("SHA512WITHDSA", NistObjectIdentifiers.DsaWithSha512); + algorithms.Add("SHA1WITHECDSA", X9ObjectIdentifiers.ECDsaWithSha1); + algorithms.Add("SHA224WITHECDSA", X9ObjectIdentifiers.ECDsaWithSha224); + algorithms.Add("SHA256WITHECDSA", X9ObjectIdentifiers.ECDsaWithSha256); + algorithms.Add("SHA384WITHECDSA", X9ObjectIdentifiers.ECDsaWithSha384); + algorithms.Add("SHA512WITHECDSA", X9ObjectIdentifiers.ECDsaWithSha512); + algorithms.Add("ECDSAWITHSHA1", X9ObjectIdentifiers.ECDsaWithSha1); + algorithms.Add("GOST3411WITHGOST3410", CryptoProObjectIdentifiers.GostR3411x94WithGostR3410x94); + algorithms.Add("GOST3410WITHGOST3411", CryptoProObjectIdentifiers.GostR3411x94WithGostR3410x94); + algorithms.Add("GOST3411WITHECGOST3410", CryptoProObjectIdentifiers.GostR3411x94WithGostR3410x2001); + algorithms.Add("GOST3411WITHECGOST3410-2001", CryptoProObjectIdentifiers.GostR3411x94WithGostR3410x2001); + algorithms.Add("GOST3411WITHGOST3410-2001", CryptoProObjectIdentifiers.GostR3411x94WithGostR3410x2001); + + // + // reverse mappings + // + oids.Add(PkcsObjectIdentifiers.Sha1WithRsaEncryption, "SHA1WITHRSA"); + oids.Add(PkcsObjectIdentifiers.Sha224WithRsaEncryption, "SHA224WITHRSA"); + oids.Add(PkcsObjectIdentifiers.Sha256WithRsaEncryption, "SHA256WITHRSA"); + oids.Add(PkcsObjectIdentifiers.Sha384WithRsaEncryption, "SHA384WITHRSA"); + oids.Add(PkcsObjectIdentifiers.Sha512WithRsaEncryption, "SHA512WITHRSA"); + oids.Add(PkcsObjectIdentifiers.Sha512_224WithRSAEncryption, "SHA512(224)WITHRSA"); + oids.Add(PkcsObjectIdentifiers.Sha512_256WithRSAEncryption, "SHA512(256)WITHRSA"); + oids.Add(CryptoProObjectIdentifiers.GostR3411x94WithGostR3410x94, "GOST3411WITHGOST3410"); + oids.Add(CryptoProObjectIdentifiers.GostR3411x94WithGostR3410x2001, "GOST3411WITHECGOST3410"); + + oids.Add(PkcsObjectIdentifiers.MD5WithRsaEncryption, "MD5WITHRSA"); + oids.Add(PkcsObjectIdentifiers.MD2WithRsaEncryption, "MD2WITHRSA"); + oids.Add(X9ObjectIdentifiers.IdDsaWithSha1, "SHA1WITHDSA"); + oids.Add(X9ObjectIdentifiers.ECDsaWithSha1, "SHA1WITHECDSA"); + oids.Add(X9ObjectIdentifiers.ECDsaWithSha224, "SHA224WITHECDSA"); + oids.Add(X9ObjectIdentifiers.ECDsaWithSha256, "SHA256WITHECDSA"); + oids.Add(X9ObjectIdentifiers.ECDsaWithSha384, "SHA384WITHECDSA"); + oids.Add(X9ObjectIdentifiers.ECDsaWithSha512, "SHA512WITHECDSA"); + oids.Add(OiwObjectIdentifiers.MD5WithRsa, "MD5WITHRSA"); + oids.Add(OiwObjectIdentifiers.Sha1WithRsa, "SHA1WITHRSA"); + oids.Add(OiwObjectIdentifiers.DsaWithSha1, "SHA1WITHDSA"); + oids.Add(NistObjectIdentifiers.DsaWithSha224, "SHA224WITHDSA"); + oids.Add(NistObjectIdentifiers.DsaWithSha256, "SHA256WITHDSA"); + + // + // key types + // + keyAlgorithms.Add(PkcsObjectIdentifiers.RsaEncryption, "RSA"); + keyAlgorithms.Add(X9ObjectIdentifiers.IdDsa, "DSA"); + + // + // According to RFC 3279, the ASN.1 encoding SHALL (id-dsa-with-sha1) or MUST (ecdsa-with-SHA*) omit the parameters field. + // The parameters field SHALL be NULL for RSA based signature algorithms. + // + noParams.Add(X9ObjectIdentifiers.ECDsaWithSha1); + noParams.Add(X9ObjectIdentifiers.ECDsaWithSha224); + noParams.Add(X9ObjectIdentifiers.ECDsaWithSha256); + noParams.Add(X9ObjectIdentifiers.ECDsaWithSha384); + noParams.Add(X9ObjectIdentifiers.ECDsaWithSha512); + noParams.Add(X9ObjectIdentifiers.IdDsaWithSha1); + noParams.Add(OiwObjectIdentifiers.DsaWithSha1); + noParams.Add(NistObjectIdentifiers.DsaWithSha224); + noParams.Add(NistObjectIdentifiers.DsaWithSha256); + + // + // RFC 4491 + // + noParams.Add(CryptoProObjectIdentifiers.GostR3411x94WithGostR3410x94); + noParams.Add(CryptoProObjectIdentifiers.GostR3411x94WithGostR3410x2001); + + // + // explicit params + // + AlgorithmIdentifier sha1AlgId = new AlgorithmIdentifier(OiwObjectIdentifiers.IdSha1, DerNull.Instance); + exParams.Add("SHA1WITHRSAANDMGF1", CreatePssParams(sha1AlgId, 20)); + + AlgorithmIdentifier sha224AlgId = new AlgorithmIdentifier(NistObjectIdentifiers.IdSha224, DerNull.Instance); + exParams.Add("SHA224WITHRSAANDMGF1", CreatePssParams(sha224AlgId, 28)); + + AlgorithmIdentifier sha256AlgId = new AlgorithmIdentifier(NistObjectIdentifiers.IdSha256, DerNull.Instance); + exParams.Add("SHA256WITHRSAANDMGF1", CreatePssParams(sha256AlgId, 32)); + + AlgorithmIdentifier sha384AlgId = new AlgorithmIdentifier(NistObjectIdentifiers.IdSha384, DerNull.Instance); + exParams.Add("SHA384WITHRSAANDMGF1", CreatePssParams(sha384AlgId, 48)); + + AlgorithmIdentifier sha512AlgId = new AlgorithmIdentifier(NistObjectIdentifiers.IdSha512, DerNull.Instance); + exParams.Add("SHA512WITHRSAANDMGF1", CreatePssParams(sha512AlgId, 64)); + } + + private static RsassaPssParameters CreatePssParams( + AlgorithmIdentifier hashAlgId, + int saltSize) + { + return new RsassaPssParameters( + hashAlgId, + new AlgorithmIdentifier(PkcsObjectIdentifiers.IdMgf1, hashAlgId), + new DerInteger(saltSize), + new DerInteger(1)); + } + + protected Pkcs10CertificationRequest() + { + } + + public Pkcs10CertificationRequest( + byte[] encoded) + : base((Asn1Sequence)Asn1Object.FromByteArray(encoded)) + { + } + + public Pkcs10CertificationRequest( + Asn1Sequence seq) + : base(seq) + { + } + + public Pkcs10CertificationRequest( + Stream input) + : base((Asn1Sequence)Asn1Object.FromStream(input)) + { + } + + /// + /// Instantiate a Pkcs10CertificationRequest object with the necessary credentials. + /// + ///Name of Sig Alg. + /// X509Name of subject eg OU="My unit." O="My Organisatioin" C="au" + /// Public Key to be included in cert reqest. + /// ASN1Set of Attributes. + /// Matching Private key for nominated (above) public key to be used to sign the request. + public Pkcs10CertificationRequest( + string signatureAlgorithm, + X509Name subject, + AsymmetricKeyParameter publicKey, + Asn1Set attributes, + AsymmetricKeyParameter signingKey) + : this(new Asn1SignatureFactory(signatureAlgorithm, signingKey), subject, publicKey, attributes) + { + } + + /// + /// Instantiate a Pkcs10CertificationRequest object with the necessary credentials. + /// + ///The factory for signature calculators to sign the PKCS#10 request with. + /// X509Name of subject eg OU="My unit." O="My Organisatioin" C="au" + /// Public Key to be included in cert reqest. + /// ASN1Set of Attributes. + /// Ignored. + [Obsolete("Use constructor without 'signingKey' parameter (ignored here)")] + public Pkcs10CertificationRequest( + ISignatureFactory signatureFactory, + X509Name subject, + AsymmetricKeyParameter publicKey, + Asn1Set attributes, + AsymmetricKeyParameter signingKey) + : this(signatureFactory, subject, publicKey, attributes) + { + } + + /// + /// Instantiate a Pkcs10CertificationRequest object with the necessary credentials. + /// + ///The factory for signature calculators to sign the PKCS#10 request with. + /// X509Name of subject eg OU="My unit." O="My Organisatioin" C="au" + /// Public Key to be included in cert reqest. + /// ASN1Set of Attributes. + public Pkcs10CertificationRequest( + ISignatureFactory signatureFactory, + X509Name subject, + AsymmetricKeyParameter publicKey, + Asn1Set attributes) + { + if (signatureFactory == null) + throw new ArgumentNullException("signatureFactory"); + if (subject == null) + throw new ArgumentNullException("subject"); + if (publicKey == null) + throw new ArgumentNullException("publicKey"); + if (publicKey.IsPrivate) + throw new ArgumentException("expected public key", "publicKey"); + + Init(signatureFactory, subject, publicKey, attributes); + } + + private void Init( + ISignatureFactory signatureFactory, + X509Name subject, + AsymmetricKeyParameter publicKey, + Asn1Set attributes) + { + this.sigAlgId = (AlgorithmIdentifier)signatureFactory.AlgorithmDetails; + + SubjectPublicKeyInfo pubInfo = SubjectPublicKeyInfoFactory.CreateSubjectPublicKeyInfo(publicKey); + + this.reqInfo = new CertificationRequestInfo(subject, pubInfo, attributes); + + IStreamCalculator streamCalculator = signatureFactory.CreateCalculator(); + + byte[] reqInfoData = reqInfo.GetDerEncoded(); + + streamCalculator.Stream.Write(reqInfoData, 0, reqInfoData.Length); + + Platform.Dispose(streamCalculator.Stream); + + // Generate Signature. + sigBits = new DerBitString(((IBlockResult)streamCalculator.GetResult()).Collect()); + } + + // internal Pkcs10CertificationRequest( + // Asn1InputStream seqStream) + // { + // Asn1Sequence seq = (Asn1Sequence) seqStream.ReadObject(); + // try + // { + // this.reqInfo = CertificationRequestInfo.GetInstance(seq[0]); + // this.sigAlgId = AlgorithmIdentifier.GetInstance(seq[1]); + // this.sigBits = (DerBitString) seq[2]; + // } + // catch (Exception ex) + // { + // throw new ArgumentException("Create From Asn1Sequence: " + ex.Message); + // } + // } + + /// + /// Get the public key. + /// + /// The public key. + public AsymmetricKeyParameter GetPublicKey() + { + return PublicKeyFactory.CreateKey(reqInfo.SubjectPublicKeyInfo); + } + + /// + /// Verify Pkcs10 Cert Request is valid. + /// + /// true = valid. + public bool Verify() + { + return Verify(this.GetPublicKey()); + } + + public bool Verify( + AsymmetricKeyParameter publicKey) + { + return Verify(new Asn1VerifierFactoryProvider(publicKey)); + } + + public bool Verify( + IVerifierFactoryProvider verifierProvider) + { + return Verify(verifierProvider.CreateVerifierFactory(sigAlgId)); + } + + public bool Verify( + IVerifierFactory verifier) + { + try + { + byte[] b = reqInfo.GetDerEncoded(); + + IStreamCalculator streamCalculator = verifier.CreateCalculator(); + + streamCalculator.Stream.Write(b, 0, b.Length); + + Platform.Dispose(streamCalculator.Stream); + + return ((IVerifier)streamCalculator.GetResult()).IsVerified(sigBits.GetOctets()); + } + catch (Exception e) + { + throw new SignatureException("exception encoding TBS cert request", e); + } + } + + // /// + // /// Get the Der Encoded Pkcs10 Certification Request. + // /// + // /// A byte array. + // public byte[] GetEncoded() + // { + // return new CertificationRequest(reqInfo, sigAlgId, sigBits).GetDerEncoded(); + // } + + // TODO Figure out how to set parameters on an ISigner + private void SetSignatureParameters( + ISigner signature, + Asn1Encodable asn1Params) + { + if (asn1Params != null && !(asn1Params is Asn1Null)) + { + // AlgorithmParameters sigParams = AlgorithmParameters.GetInstance(signature.getAlgorithm()); + // + // try + // { + // sigParams.init(asn1Params.ToAsn1Object().GetDerEncoded()); + // } + // catch (IOException e) + // { + // throw new SignatureException("IOException decoding parameters: " + e.Message); + // } + + if (Platform.EndsWith(signature.AlgorithmName, "MGF1")) + { + throw Platform.CreateNotImplementedException("signature algorithm with MGF1"); + + // try + // { + // signature.setParameter(sigParams.getParameterSpec(PSSParameterSpec.class)); + // } + // catch (GeneralSecurityException e) + // { + // throw new SignatureException("Exception extracting parameters: " + e.getMessage()); + // } + } + } + } + + internal static string GetSignatureName( + AlgorithmIdentifier sigAlgId) + { + Asn1Encodable asn1Params = sigAlgId.Parameters; + + if (asn1Params != null && !(asn1Params is Asn1Null)) + { + if (sigAlgId.Algorithm.Equals(PkcsObjectIdentifiers.IdRsassaPss)) + { + RsassaPssParameters rsaParams = RsassaPssParameters.GetInstance(asn1Params); + return GetDigestAlgName(rsaParams.HashAlgorithm.Algorithm) + "withRSAandMGF1"; + } + } + + return sigAlgId.Algorithm.Id; + } + + private static string GetDigestAlgName( + DerObjectIdentifier digestAlgOID) + { + if (PkcsObjectIdentifiers.MD5.Equals(digestAlgOID)) + { + return "MD5"; + } + else if (OiwObjectIdentifiers.IdSha1.Equals(digestAlgOID)) + { + return "SHA1"; + } + else if (NistObjectIdentifiers.IdSha224.Equals(digestAlgOID)) + { + return "SHA224"; + } + else if (NistObjectIdentifiers.IdSha256.Equals(digestAlgOID)) + { + return "SHA256"; + } + else if (NistObjectIdentifiers.IdSha384.Equals(digestAlgOID)) + { + return "SHA384"; + } + else if (NistObjectIdentifiers.IdSha512.Equals(digestAlgOID)) + { + return "SHA512"; + } + else if (NistObjectIdentifiers.IdSha512_224.Equals(digestAlgOID)) + { + return "SHA512(224)"; + } + else if (NistObjectIdentifiers.IdSha512_256.Equals(digestAlgOID)) + { + return "SHA512(256)"; + } + else if (TeleTrusTObjectIdentifiers.RipeMD128.Equals(digestAlgOID)) + { + return "RIPEMD128"; + } + else if (TeleTrusTObjectIdentifiers.RipeMD160.Equals(digestAlgOID)) + { + return "RIPEMD160"; + } + else if (TeleTrusTObjectIdentifiers.RipeMD256.Equals(digestAlgOID)) + { + return "RIPEMD256"; + } + else if (CryptoProObjectIdentifiers.GostR3411.Equals(digestAlgOID)) + { + return "GOST3411"; + } + else + { + return digestAlgOID.Id; + } + } + + /// + /// Returns X509Extensions if the Extensions Request attribute can be found and returns the extensions block. + /// + /// X509Extensions block or null if one cannot be found. + public X509Extensions GetRequestedExtensions() + { + if (reqInfo.Attributes != null) + { + foreach (Asn1Encodable item in reqInfo.Attributes) + { + AttributePkcs attributePkcs; + try + { + attributePkcs = AttributePkcs.GetInstance(item); + + } + catch (ArgumentException ex) + { + throw new ArgumentException("encountered non PKCS attribute in extensions block", ex); + } + + if (attributePkcs.AttrType.Equals(PkcsObjectIdentifiers.Pkcs9AtExtensionRequest)) + { + X509ExtensionsGenerator generator = new X509ExtensionsGenerator(); + + Asn1Sequence extensionSequence = Asn1Sequence.GetInstance(attributePkcs.AttrValues[0]); + + + foreach (Asn1Encodable seqItem in extensionSequence) + { + + Asn1Sequence itemSeq = Asn1Sequence.GetInstance(seqItem); + if (itemSeq.Count == 2) + { + generator.AddExtension(DerObjectIdentifier.GetInstance(itemSeq[0]), false, Asn1OctetString.GetInstance(itemSeq[1]).GetOctets()); + } + else if (itemSeq.Count == 3) + { + generator.AddExtension(DerObjectIdentifier.GetInstance(itemSeq[0]), DerBoolean.GetInstance(itemSeq[1]).IsTrue, Asn1OctetString.GetInstance(itemSeq[2]).GetOctets()); + } + else + { + throw new ArgumentException("incorrect sequence size of X509Extension got " + itemSeq.Count + " expected 2 or 3"); + } + } + + return generator.Generate(); + } + + } + } + + return null; + } + + } +} diff --git a/BouncyCastle/crypto/src/pkcs/Pkcs10CertificationRequestDelaySigned.cs b/BouncyCastle/crypto/src/pkcs/Pkcs10CertificationRequestDelaySigned.cs new file mode 100644 index 0000000..ecbb4ab --- /dev/null +++ b/BouncyCastle/crypto/src/pkcs/Pkcs10CertificationRequestDelaySigned.cs @@ -0,0 +1,150 @@ +using System; +using System.Collections; +using System.Globalization; +using System.IO; + +using Org.BouncyCastle.Asn1; +using Org.BouncyCastle.Asn1.CryptoPro; +using Org.BouncyCastle.Asn1.Nist; +using Org.BouncyCastle.Asn1.Oiw; +using Org.BouncyCastle.Asn1.Pkcs; +using Org.BouncyCastle.Asn1.TeleTrust; +using Org.BouncyCastle.Asn1.X509; +using Org.BouncyCastle.Asn1.X9; +using Org.BouncyCastle.Crypto; +using Org.BouncyCastle.Security; +using Org.BouncyCastle.Utilities; +using Org.BouncyCastle.Utilities.Collections; +using Org.BouncyCastle.X509; + +namespace Org.BouncyCastle.Pkcs +{ + /// + /// A class for creating and verifying Pkcs10 Certification requests (this is an extension on ). + /// The requests are made using delay signing. This is useful for situations where + /// the private key is in another environment and not directly accessible (e.g. HSM) + /// So the first step creates the request, then the signing is done outside this + /// object and the signature is then used to complete the request. + /// + /// + /// CertificationRequest ::= Sequence { + /// certificationRequestInfo CertificationRequestInfo, + /// signatureAlgorithm AlgorithmIdentifier{{ SignatureAlgorithms }}, + /// signature BIT STRING + /// } + /// + /// CertificationRequestInfo ::= Sequence { + /// version Integer { v1(0) } (v1,...), + /// subject Name, + /// subjectPKInfo SubjectPublicKeyInfo{{ PKInfoAlgorithms }}, + /// attributes [0] Attributes{{ CRIAttributes }} + /// } + /// + /// Attributes { ATTRIBUTE:IOSet } ::= Set OF Attr{{ IOSet }} + /// + /// Attr { ATTRIBUTE:IOSet } ::= Sequence { + /// type ATTRIBUTE.&id({IOSet}), + /// values Set SIZE(1..MAX) OF ATTRIBUTE.&Type({IOSet}{\@type}) + /// } + /// + /// see + public class Pkcs10CertificationRequestDelaySigned : Pkcs10CertificationRequest + { + protected Pkcs10CertificationRequestDelaySigned() + : base() + { + } + public Pkcs10CertificationRequestDelaySigned( + byte[] encoded) + : base(encoded) + { + } + public Pkcs10CertificationRequestDelaySigned( + Asn1Sequence seq) + : base(seq) + { + } + public Pkcs10CertificationRequestDelaySigned( + Stream input) + : base(input) + { + } + public Pkcs10CertificationRequestDelaySigned( + string signatureAlgorithm, + X509Name subject, + AsymmetricKeyParameter publicKey, + Asn1Set attributes, + AsymmetricKeyParameter signingKey) + : base(signatureAlgorithm, subject, publicKey, attributes, signingKey) + { + } + /// + /// Instantiate a Pkcs10CertificationRequest object with the necessary credentials. + /// + /// Name of Sig Alg. + /// X509Name of subject eg OU="My unit." O="My Organisatioin" C="au" + /// Public Key to be included in cert reqest. + /// ASN1Set of Attributes. + /// + /// After the object is constructed use the and finally the + /// SignRequest methods to finalize the request. + /// + public Pkcs10CertificationRequestDelaySigned( + string signatureAlgorithm, + X509Name subject, + AsymmetricKeyParameter publicKey, + Asn1Set attributes) + { + if (signatureAlgorithm == null) + throw new ArgumentNullException("signatureAlgorithm"); + if (subject == null) + throw new ArgumentNullException("subject"); + if (publicKey == null) + throw new ArgumentNullException("publicKey"); + if (publicKey.IsPrivate) + throw new ArgumentException("expected public key", "publicKey"); +// DerObjectIdentifier sigOid = SignerUtilities.GetObjectIdentifier(signatureAlgorithm); + string algorithmName = Platform.ToUpperInvariant(signatureAlgorithm); + DerObjectIdentifier sigOid = (DerObjectIdentifier) algorithms[algorithmName]; + if (sigOid == null) + { + try + { + sigOid = new DerObjectIdentifier(algorithmName); + } + catch (Exception e) + { + throw new ArgumentException("Unknown signature type requested", e); + } + } + if (noParams.Contains(sigOid)) + { + this.sigAlgId = new AlgorithmIdentifier(sigOid); + } + else if (exParams.Contains(algorithmName)) + { + this.sigAlgId = new AlgorithmIdentifier(sigOid, (Asn1Encodable) exParams[algorithmName]); + } + else + { + this.sigAlgId = new AlgorithmIdentifier(sigOid, DerNull.Instance); + } + SubjectPublicKeyInfo pubInfo = SubjectPublicKeyInfoFactory.CreateSubjectPublicKeyInfo(publicKey); + this.reqInfo = new CertificationRequestInfo(subject, pubInfo, attributes); + } + public byte[] GetDataToSign() + { + return reqInfo.GetDerEncoded(); + } + public void SignRequest(byte[] signedData) + { + //build the signature from the signed data + sigBits = new DerBitString(signedData); + } + public void SignRequest(DerBitString signedData) + { + //build the signature from the signed data + sigBits = signedData; + } + } +} diff --git a/BouncyCastle/crypto/src/pkcs/Pkcs12Entry.cs b/BouncyCastle/crypto/src/pkcs/Pkcs12Entry.cs new file mode 100644 index 0000000..5dcc94e --- /dev/null +++ b/BouncyCastle/crypto/src/pkcs/Pkcs12Entry.cs @@ -0,0 +1,64 @@ +using System; +using System.Collections; + +using Org.BouncyCastle.Asn1; +using Org.BouncyCastle.Utilities.Collections; + +namespace Org.BouncyCastle.Pkcs +{ + public abstract class Pkcs12Entry + { + private readonly IDictionary attributes; + + protected internal Pkcs12Entry( + IDictionary attributes) + { + this.attributes = attributes; + + foreach (DictionaryEntry entry in attributes) + { + if (!(entry.Key is string)) + throw new ArgumentException("Attribute keys must be of type: " + typeof(string).FullName, "attributes"); + if (!(entry.Value is Asn1Encodable)) + throw new ArgumentException("Attribute values must be of type: " + typeof(Asn1Encodable).FullName, "attributes"); + } + } + + [Obsolete("Use 'object[index]' syntax instead")] + public Asn1Encodable GetBagAttribute( + DerObjectIdentifier oid) + { + return (Asn1Encodable)this.attributes[oid.Id]; + } + + [Obsolete("Use 'object[index]' syntax instead")] + public Asn1Encodable GetBagAttribute( + string oid) + { + return (Asn1Encodable)this.attributes[oid]; + } + + [Obsolete("Use 'BagAttributeKeys' property")] + public IEnumerator GetBagAttributeKeys() + { + return this.attributes.Keys.GetEnumerator(); + } + + public Asn1Encodable this[ + DerObjectIdentifier oid] + { + get { return (Asn1Encodable) this.attributes[oid.Id]; } + } + + public Asn1Encodable this[ + string oid] + { + get { return (Asn1Encodable) this.attributes[oid]; } + } + + public IEnumerable BagAttributeKeys + { + get { return new EnumerableProxy(this.attributes.Keys); } + } + } +} diff --git a/BouncyCastle/crypto/src/pkcs/Pkcs12Store.cs b/BouncyCastle/crypto/src/pkcs/Pkcs12Store.cs new file mode 100644 index 0000000..832367e --- /dev/null +++ b/BouncyCastle/crypto/src/pkcs/Pkcs12Store.cs @@ -0,0 +1,1159 @@ +using System; +using System.Collections; +using System.IO; +using System.Text; + +using Org.BouncyCastle.Asn1; +using Org.BouncyCastle.Asn1.Oiw; +using Org.BouncyCastle.Asn1.Pkcs; +using Org.BouncyCastle.Asn1.X509; +using Org.BouncyCastle.Asn1.Utilities; +using Org.BouncyCastle.Crypto; +using Org.BouncyCastle.Security; +using Org.BouncyCastle.Utilities; +using Org.BouncyCastle.Utilities.Collections; +using Org.BouncyCastle.Utilities.Encoders; +using Org.BouncyCastle.X509; + +namespace Org.BouncyCastle.Pkcs +{ + public class Pkcs12Store + { + public const string IgnoreUselessPasswordProperty = "Org.BouncyCastle.Pkcs12.IgnoreUselessPassword"; + + private readonly IgnoresCaseHashtable keys = new IgnoresCaseHashtable(); + private readonly IDictionary localIds = Platform.CreateHashtable(); + private readonly IgnoresCaseHashtable certs = new IgnoresCaseHashtable(); + private readonly IDictionary chainCerts = Platform.CreateHashtable(); + private readonly IDictionary keyCerts = Platform.CreateHashtable(); + private readonly DerObjectIdentifier keyAlgorithm; + private readonly DerObjectIdentifier keyPrfAlgorithm; + private readonly DerObjectIdentifier certAlgorithm; + private readonly DerObjectIdentifier certPrfAlgorithm; + private readonly bool useDerEncoding; + + private AsymmetricKeyEntry unmarkedKeyEntry = null; + + private const int MinIterations = 1024; + private const int SaltSize = 20; + + private static SubjectKeyIdentifier CreateSubjectKeyID( + AsymmetricKeyParameter pubKey) + { + return new SubjectKeyIdentifier( + SubjectPublicKeyInfoFactory.CreateSubjectPublicKeyInfo(pubKey)); + } + + internal class CertId + { + private readonly byte[] id; + + internal CertId( + AsymmetricKeyParameter pubKey) + { + this.id = CreateSubjectKeyID(pubKey).GetKeyIdentifier(); + } + + internal CertId( + byte[] id) + { + this.id = id; + } + + internal byte[] Id + { + get { return id; } + } + + public override int GetHashCode() + { + return Arrays.GetHashCode(id); + } + + public override bool Equals( + object obj) + { + if (obj == this) + return true; + + CertId other = obj as CertId; + + if (other == null) + return false; + + return Arrays.AreEqual(id, other.id); + } + } + + internal Pkcs12Store( + DerObjectIdentifier keyAlgorithm, + DerObjectIdentifier certAlgorithm, + bool useDerEncoding) + { + this.keyAlgorithm = keyAlgorithm; + this.keyPrfAlgorithm = null; + this.certAlgorithm = certAlgorithm; + this.certPrfAlgorithm = null; + this.useDerEncoding = useDerEncoding; + } + + internal Pkcs12Store( + DerObjectIdentifier keyAlgorithm, + DerObjectIdentifier keyPrfAlgorithm, + DerObjectIdentifier certAlgorithm, + DerObjectIdentifier certPrfAlgorithm, + bool useDerEncoding) + { + this.keyAlgorithm = keyAlgorithm; + this.keyPrfAlgorithm = keyPrfAlgorithm; + this.certAlgorithm = certAlgorithm; + this.certPrfAlgorithm = certPrfAlgorithm; + this.useDerEncoding = useDerEncoding; + } + + // TODO Consider making obsolete + // [Obsolete("Use 'Pkcs12StoreBuilder' instead")] + public Pkcs12Store() + : this(PkcsObjectIdentifiers.PbeWithShaAnd3KeyTripleDesCbc, + PkcsObjectIdentifiers.PbewithShaAnd40BitRC2Cbc, false) + { + } + + // TODO Consider making obsolete +// [Obsolete("Use 'Pkcs12StoreBuilder' and 'Load' method instead")] + public Pkcs12Store( + Stream input, + char[] password) + : this() + { + Load(input, password); + } + + protected virtual void LoadKeyBag(PrivateKeyInfo privKeyInfo, Asn1Set bagAttributes) + { + AsymmetricKeyParameter privKey = PrivateKeyFactory.CreateKey(privKeyInfo); + + IDictionary attributes = Platform.CreateHashtable(); + AsymmetricKeyEntry keyEntry = new AsymmetricKeyEntry(privKey, attributes); + + string alias = null; + Asn1OctetString localId = null; + + if (bagAttributes != null) + { + foreach (Asn1Sequence sq in bagAttributes) + { + DerObjectIdentifier aOid = DerObjectIdentifier.GetInstance(sq[0]); + Asn1Set attrSet = Asn1Set.GetInstance(sq[1]); + Asn1Encodable attr = null; + + if (attrSet.Count > 0) + { + // TODO We should be adding all attributes in the set + attr = attrSet[0]; + + // TODO We might want to "merge" attribute sets with + // the same OID - currently, differing values give an error + if (attributes.Contains(aOid.Id)) + { + // OK, but the value has to be the same + if (!attributes[aOid.Id].Equals(attr)) + throw new IOException("attempt to add existing attribute with different value"); + } + else + { + attributes.Add(aOid.Id, attr); + } + + if (aOid.Equals(PkcsObjectIdentifiers.Pkcs9AtFriendlyName)) + { + alias = ((DerBmpString)attr).GetString(); + // TODO Do these in a separate loop, just collect aliases here + keys[alias] = keyEntry; + } + else if (aOid.Equals(PkcsObjectIdentifiers.Pkcs9AtLocalKeyID)) + { + localId = (Asn1OctetString)attr; + } + } + } + } + + if (localId != null) + { + string name = Hex.ToHexString(localId.GetOctets()); + + if (alias == null) + { + keys[name] = keyEntry; + } + else + { + // TODO There may have been more than one alias + localIds[alias] = name; + } + } + else + { + unmarkedKeyEntry = keyEntry; + } + } + + protected virtual void LoadPkcs8ShroudedKeyBag(EncryptedPrivateKeyInfo encPrivKeyInfo, Asn1Set bagAttributes, + char[] password, bool wrongPkcs12Zero) + { + if (password != null) + { + PrivateKeyInfo privInfo = PrivateKeyInfoFactory.CreatePrivateKeyInfo( + password, wrongPkcs12Zero, encPrivKeyInfo); + + LoadKeyBag(privInfo, bagAttributes); + } + } + + public void Load( + Stream input, + char[] password) + { + if (input == null) + throw new ArgumentNullException("input"); + + Pfx bag = Pfx.GetInstance(Asn1Object.FromStream(input)); + ContentInfo info = bag.AuthSafe; + bool wrongPkcs12Zero = false; + + if (bag.MacData != null) // check the mac code + { + if (password == null) + throw new ArgumentNullException("password", "no password supplied when one expected"); + + MacData mData = bag.MacData; + DigestInfo dInfo = mData.Mac; + AlgorithmIdentifier algId = dInfo.AlgorithmID; + byte[] salt = mData.GetSalt(); + int itCount = mData.IterationCount.IntValue; + + byte[] data = Asn1OctetString.GetInstance(info.Content).GetOctets(); + + byte[] mac = CalculatePbeMac(algId.Algorithm, salt, itCount, password, false, data); + byte[] dig = dInfo.GetDigest(); + + if (!Arrays.ConstantTimeAreEqual(mac, dig)) + { + if (password.Length > 0) + throw new IOException("PKCS12 key store MAC invalid - wrong password or corrupted file."); + + // Try with incorrect zero length password + mac = CalculatePbeMac(algId.Algorithm, salt, itCount, password, true, data); + + if (!Arrays.ConstantTimeAreEqual(mac, dig)) + throw new IOException("PKCS12 key store MAC invalid - wrong password or corrupted file."); + + wrongPkcs12Zero = true; + } + } + else if (password != null) + { + string ignoreProperty = Platform.GetEnvironmentVariable(IgnoreUselessPasswordProperty); + bool ignore = ignoreProperty != null && Platform.EqualsIgnoreCase("true", ignoreProperty); + + if (!ignore) + { + throw new IOException("password supplied for keystore that does not require one"); + } + } + + keys.Clear(); + localIds.Clear(); + unmarkedKeyEntry = null; + + IList certBags = Platform.CreateArrayList(); + + if (info.ContentType.Equals(PkcsObjectIdentifiers.Data)) + { + Asn1OctetString content = Asn1OctetString.GetInstance(info.Content); + AuthenticatedSafe authSafe = AuthenticatedSafe.GetInstance(content.GetOctets()); + ContentInfo[] cis = authSafe.GetContentInfo(); + + foreach (ContentInfo ci in cis) + { + DerObjectIdentifier oid = ci.ContentType; + + byte[] octets = null; + if (oid.Equals(PkcsObjectIdentifiers.Data)) + { + octets = Asn1OctetString.GetInstance(ci.Content).GetOctets(); + } + else if (oid.Equals(PkcsObjectIdentifiers.EncryptedData)) + { + if (password != null) + { + EncryptedData d = EncryptedData.GetInstance(ci.Content); + octets = CryptPbeData(false, d.EncryptionAlgorithm, + password, wrongPkcs12Zero, d.Content.GetOctets()); + } + } + else + { + // TODO Other data types + } + + if (octets != null) + { + Asn1Sequence seq = Asn1Sequence.GetInstance(octets); + + foreach (Asn1Sequence subSeq in seq) + { + SafeBag b = SafeBag.GetInstance(subSeq); + + if (b.BagID.Equals(PkcsObjectIdentifiers.CertBag)) + { + certBags.Add(b); + } + else if (b.BagID.Equals(PkcsObjectIdentifiers.Pkcs8ShroudedKeyBag)) + { + LoadPkcs8ShroudedKeyBag(EncryptedPrivateKeyInfo.GetInstance(b.BagValue), + b.BagAttributes, password, wrongPkcs12Zero); + } + else if (b.BagID.Equals(PkcsObjectIdentifiers.KeyBag)) + { + LoadKeyBag(PrivateKeyInfo.GetInstance(b.BagValue), b.BagAttributes); + } + else + { + // TODO Other bag types + } + } + } + } + } + + certs.Clear(); + chainCerts.Clear(); + keyCerts.Clear(); + + foreach (SafeBag b in certBags) + { + CertBag certBag = CertBag.GetInstance(b.BagValue); + byte[] octets = ((Asn1OctetString)certBag.CertValue).GetOctets(); + X509Certificate cert = new X509CertificateParser().ReadCertificate(octets); + + // + // set the attributes + // + IDictionary attributes = Platform.CreateHashtable(); + Asn1OctetString localId = null; + string alias = null; + + if (b.BagAttributes != null) + { + foreach (Asn1Sequence sq in b.BagAttributes) + { + DerObjectIdentifier aOid = DerObjectIdentifier.GetInstance(sq[0]); + Asn1Set attrSet = Asn1Set.GetInstance(sq[1]); + + if (attrSet.Count > 0) + { + // TODO We should be adding all attributes in the set + Asn1Encodable attr = attrSet[0]; + + // TODO We might want to "merge" attribute sets with + // the same OID - currently, differing values give an error + if (attributes.Contains(aOid.Id)) + { + // we've found more than one - one might be incorrect + if (aOid.Equals(PkcsObjectIdentifiers.Pkcs9AtLocalKeyID)) + { + String id = Hex.ToHexString(Asn1OctetString.GetInstance(attr).GetOctets()); + if (!(keys[id] != null || localIds[id] != null)) + { + continue; // ignore this one - it's not valid + } + } + + // OK, but the value has to be the same + if (!attributes[aOid.Id].Equals(attr)) + { + throw new IOException("attempt to add existing attribute with different value"); + } + } + else + { + attributes.Add(aOid.Id, attr); + } + + if (aOid.Equals(PkcsObjectIdentifiers.Pkcs9AtFriendlyName)) + { + alias = ((DerBmpString)attr).GetString(); + } + else if (aOid.Equals(PkcsObjectIdentifiers.Pkcs9AtLocalKeyID)) + { + localId = (Asn1OctetString)attr; + } + } + } + } + + CertId certId = new CertId(cert.GetPublicKey()); + X509CertificateEntry certEntry = new X509CertificateEntry(cert, attributes); + + chainCerts[certId] = certEntry; + + if (unmarkedKeyEntry != null) + { + if (keyCerts.Count == 0) + { + string name = Hex.ToHexString(certId.Id); + + keyCerts[name] = certEntry; + keys[name] = unmarkedKeyEntry; + } + else + { + keys["unmarked"] = unmarkedKeyEntry; + } + } + else + { + if (localId != null) + { + string name = Hex.ToHexString(localId.GetOctets()); + + keyCerts[name] = certEntry; + } + + if (alias != null) + { + // TODO There may have been more than one alias + certs[alias] = certEntry; + } + } + } + } + + public AsymmetricKeyEntry GetKey( + string alias) + { + if (alias == null) + throw new ArgumentNullException("alias"); + + return (AsymmetricKeyEntry)keys[alias]; + } + + public bool IsCertificateEntry( + string alias) + { + if (alias == null) + throw new ArgumentNullException("alias"); + + return (certs[alias] != null && keys[alias] == null); + } + + public bool IsKeyEntry( + string alias) + { + if (alias == null) + throw new ArgumentNullException("alias"); + + return (keys[alias] != null); + } + + private IDictionary GetAliasesTable() + { + IDictionary tab = Platform.CreateHashtable(); + + foreach (string key in certs.Keys) + { + tab[key] = "cert"; + } + + foreach (string a in keys.Keys) + { + if (tab[a] == null) + { + tab[a] = "key"; + } + } + + return tab; + } + + public IEnumerable Aliases + { + get { return new EnumerableProxy(GetAliasesTable().Keys); } + } + + public bool ContainsAlias( + string alias) + { + return certs[alias] != null || keys[alias] != null; + } + + /** + * simply return the cert entry for the private key + */ + public X509CertificateEntry GetCertificate( + string alias) + { + if (alias == null) + throw new ArgumentNullException("alias"); + + X509CertificateEntry c = (X509CertificateEntry) certs[alias]; + + // + // look up the key table - and try the local key id + // + if (c == null) + { + string id = (string)localIds[alias]; + if (id != null) + { + c = (X509CertificateEntry)keyCerts[id]; + } + else + { + c = (X509CertificateEntry)keyCerts[alias]; + } + } + + return c; + } + + public string GetCertificateAlias( + X509Certificate cert) + { + if (cert == null) + throw new ArgumentNullException("cert"); + + foreach (DictionaryEntry entry in certs) + { + X509CertificateEntry entryValue = (X509CertificateEntry) entry.Value; + if (entryValue.Certificate.Equals(cert)) + { + return (string) entry.Key; + } + } + + foreach (DictionaryEntry entry in keyCerts) + { + X509CertificateEntry entryValue = (X509CertificateEntry) entry.Value; + if (entryValue.Certificate.Equals(cert)) + { + return (string) entry.Key; + } + } + + return null; + } + + public X509CertificateEntry[] GetCertificateChain( + string alias) + { + if (alias == null) + throw new ArgumentNullException("alias"); + + if (!IsKeyEntry(alias)) + { + return null; + } + + X509CertificateEntry c = GetCertificate(alias); + + if (c != null) + { + IList cs = Platform.CreateArrayList(); + + while (c != null) + { + X509Certificate x509c = c.Certificate; + X509CertificateEntry nextC = null; + + Asn1OctetString akiValue = x509c.GetExtensionValue(X509Extensions.AuthorityKeyIdentifier); + if (akiValue != null) + { + AuthorityKeyIdentifier aki = AuthorityKeyIdentifier.GetInstance(akiValue.GetOctets()); + + byte[] keyID = aki.GetKeyIdentifier(); + if (keyID != null) + { + nextC = (X509CertificateEntry)chainCerts[new CertId(keyID)]; + } + } + + if (nextC == null) + { + // + // no authority key id, try the Issuer DN + // + X509Name i = x509c.IssuerDN; + X509Name s = x509c.SubjectDN; + + if (!i.Equivalent(s)) + { + foreach (CertId certId in chainCerts.Keys) + { + X509CertificateEntry x509CertEntry = (X509CertificateEntry) chainCerts[certId]; + + X509Certificate crt = x509CertEntry.Certificate; + + X509Name sub = crt.SubjectDN; + if (sub.Equivalent(i)) + { + try + { + x509c.Verify(crt.GetPublicKey()); + + nextC = x509CertEntry; + break; + } + catch (InvalidKeyException) + { + // TODO What if it doesn't verify? + } + } + } + } + } + + cs.Add(c); + if (nextC != c) // self signed - end of the chain + { + c = nextC; + } + else + { + c = null; + } + } + + X509CertificateEntry[] result = new X509CertificateEntry[cs.Count]; + for (int i = 0; i < cs.Count; ++i) + { + result[i] = (X509CertificateEntry)cs[i]; + } + return result; + } + + return null; + } + + public void SetCertificateEntry( + string alias, + X509CertificateEntry certEntry) + { + if (alias == null) + throw new ArgumentNullException("alias"); + if (certEntry == null) + throw new ArgumentNullException("certEntry"); + if (keys[alias] != null) + throw new ArgumentException("There is a key entry with the name " + alias + "."); + + certs[alias] = certEntry; + chainCerts[new CertId(certEntry.Certificate.GetPublicKey())] = certEntry; + } + + public void SetKeyEntry( + string alias, + AsymmetricKeyEntry keyEntry, + X509CertificateEntry[] chain) + { + if (alias == null) + throw new ArgumentNullException("alias"); + if (keyEntry == null) + throw new ArgumentNullException("keyEntry"); + if (keyEntry.Key.IsPrivate && (chain == null)) + throw new ArgumentException("No certificate chain for private key"); + + if (keys[alias] != null) + { + DeleteEntry(alias); + } + + keys[alias] = keyEntry; + certs[alias] = chain[0]; + + for (int i = 0; i != chain.Length; i++) + { + chainCerts[new CertId(chain[i].Certificate.GetPublicKey())] = chain[i]; + } + } + + public void DeleteEntry( + string alias) + { + if (alias == null) + throw new ArgumentNullException("alias"); + + AsymmetricKeyEntry k = (AsymmetricKeyEntry)keys[alias]; + if (k != null) + { + keys.Remove(alias); + } + + X509CertificateEntry c = (X509CertificateEntry)certs[alias]; + + if (c != null) + { + certs.Remove(alias); + chainCerts.Remove(new CertId(c.Certificate.GetPublicKey())); + } + + if (k != null) + { + string id = (string)localIds[alias]; + if (id != null) + { + localIds.Remove(alias); + c = (X509CertificateEntry)keyCerts[id]; + } + if (c != null) + { + keyCerts.Remove(id); + chainCerts.Remove(new CertId(c.Certificate.GetPublicKey())); + } + } + + if (c == null && k == null) + { + throw new ArgumentException("no such entry as " + alias); + } + } + + public bool IsEntryOfType( + string alias, + Type entryType) + { + if (entryType == typeof(X509CertificateEntry)) + return IsCertificateEntry(alias); + + if (entryType == typeof(AsymmetricKeyEntry)) + return IsKeyEntry(alias) && GetCertificate(alias) != null; + + return false; + } + + [Obsolete("Use 'Count' property instead")] + public int Size() + { + return Count; + } + + public int Count + { + // TODO Seems a little inefficient + get { return GetAliasesTable().Count; } + } + + public void Save( + Stream stream, + char[] password, + SecureRandom random) + { + if (stream == null) + throw new ArgumentNullException("stream"); + if (random == null) + throw new ArgumentNullException("random"); + + // + // handle the keys + // + Asn1EncodableVector keyBags = new Asn1EncodableVector(); + foreach (string name in keys.Keys) + { + byte[] kSalt = new byte[SaltSize]; + random.NextBytes(kSalt); + + AsymmetricKeyEntry privKey = (AsymmetricKeyEntry)keys[name]; + + DerObjectIdentifier bagOid; + Asn1Encodable bagData; + + if (password == null) + { + bagOid = PkcsObjectIdentifiers.KeyBag; + bagData = PrivateKeyInfoFactory.CreatePrivateKeyInfo(privKey.Key); + } + else + { + bagOid = PkcsObjectIdentifiers.Pkcs8ShroudedKeyBag; + if (keyPrfAlgorithm != null) + { + bagData = EncryptedPrivateKeyInfoFactory.CreateEncryptedPrivateKeyInfo( + keyAlgorithm, keyPrfAlgorithm, password, kSalt, MinIterations, random, privKey.Key); + } + else + { + bagData = EncryptedPrivateKeyInfoFactory.CreateEncryptedPrivateKeyInfo( + keyAlgorithm, password, kSalt, MinIterations, privKey.Key); + } + } + + Asn1EncodableVector kName = new Asn1EncodableVector(); + + foreach (string oid in privKey.BagAttributeKeys) + { + Asn1Encodable entry = privKey[oid]; + + // NB: Ignore any existing FriendlyName + if (oid.Equals(PkcsObjectIdentifiers.Pkcs9AtFriendlyName.Id)) + continue; + + kName.Add( + new DerSequence( + new DerObjectIdentifier(oid), + new DerSet(entry))); + } + + // + // make sure we are using the local alias on store + // + // NB: We always set the FriendlyName based on 'name' + //if (privKey[PkcsObjectIdentifiers.Pkcs9AtFriendlyName] == null) + { + kName.Add( + new DerSequence( + PkcsObjectIdentifiers.Pkcs9AtFriendlyName, + new DerSet(new DerBmpString(name)))); + } + + // + // make sure we have a local key-id + // + if (privKey[PkcsObjectIdentifiers.Pkcs9AtLocalKeyID] == null) + { + X509CertificateEntry ct = GetCertificate(name); + AsymmetricKeyParameter pubKey = ct.Certificate.GetPublicKey(); + SubjectKeyIdentifier subjectKeyID = CreateSubjectKeyID(pubKey); + + kName.Add( + new DerSequence( + PkcsObjectIdentifiers.Pkcs9AtLocalKeyID, + new DerSet(subjectKeyID))); + } + + keyBags.Add(new SafeBag(bagOid, bagData.ToAsn1Object(), new DerSet(kName))); + } + + byte[] keyBagsEncoding = new DerSequence(keyBags).GetDerEncoded(); + ContentInfo keysInfo = new ContentInfo(PkcsObjectIdentifiers.Data, new BerOctetString(keyBagsEncoding)); + + // + // certificate processing + // + byte[] cSalt = new byte[SaltSize]; + + random.NextBytes(cSalt); + + Asn1EncodableVector certBags = new Asn1EncodableVector(); + Pkcs12PbeParams cParams = new Pkcs12PbeParams(cSalt, MinIterations); + AlgorithmIdentifier cAlgId = new AlgorithmIdentifier(certAlgorithm, cParams.ToAsn1Object()); + ISet doneCerts = new HashSet(); + + foreach (string name in keys.Keys) + { + X509CertificateEntry certEntry = GetCertificate(name); + CertBag cBag = new CertBag( + PkcsObjectIdentifiers.X509Certificate, + new DerOctetString(certEntry.Certificate.GetEncoded())); + + Asn1EncodableVector fName = new Asn1EncodableVector(); + + foreach (string oid in certEntry.BagAttributeKeys) + { + Asn1Encodable entry = certEntry[oid]; + + // NB: Ignore any existing FriendlyName + if (oid.Equals(PkcsObjectIdentifiers.Pkcs9AtFriendlyName.Id)) + continue; + + fName.Add( + new DerSequence( + new DerObjectIdentifier(oid), + new DerSet(entry))); + } + + // + // make sure we are using the local alias on store + // + // NB: We always set the FriendlyName based on 'name' + //if (certEntry[PkcsObjectIdentifiers.Pkcs9AtFriendlyName] == null) + { + fName.Add( + new DerSequence( + PkcsObjectIdentifiers.Pkcs9AtFriendlyName, + new DerSet(new DerBmpString(name)))); + } + + // + // make sure we have a local key-id + // + if (certEntry[PkcsObjectIdentifiers.Pkcs9AtLocalKeyID] == null) + { + AsymmetricKeyParameter pubKey = certEntry.Certificate.GetPublicKey(); + SubjectKeyIdentifier subjectKeyID = CreateSubjectKeyID(pubKey); + + fName.Add( + new DerSequence( + PkcsObjectIdentifiers.Pkcs9AtLocalKeyID, + new DerSet(subjectKeyID))); + } + + certBags.Add(new SafeBag(PkcsObjectIdentifiers.CertBag, cBag.ToAsn1Object(), new DerSet(fName))); + + doneCerts.Add(certEntry.Certificate); + } + + foreach (string certId in certs.Keys) + { + X509CertificateEntry cert = (X509CertificateEntry)certs[certId]; + + if (keys[certId] != null) + continue; + + CertBag cBag = new CertBag( + PkcsObjectIdentifiers.X509Certificate, + new DerOctetString(cert.Certificate.GetEncoded())); + + Asn1EncodableVector fName = new Asn1EncodableVector(); + + foreach (string oid in cert.BagAttributeKeys) + { + // a certificate not immediately linked to a key doesn't require + // a localKeyID and will confuse some PKCS12 implementations. + // + // If we find one, we'll prune it out. + if (oid.Equals(PkcsObjectIdentifiers.Pkcs9AtLocalKeyID.Id)) + continue; + + Asn1Encodable entry = cert[oid]; + + // NB: Ignore any existing FriendlyName + if (oid.Equals(PkcsObjectIdentifiers.Pkcs9AtFriendlyName.Id)) + continue; + + fName.Add( + new DerSequence( + new DerObjectIdentifier(oid), + new DerSet(entry))); + } + + // + // make sure we are using the local alias on store + // + // NB: We always set the FriendlyName based on 'certId' + //if (cert[PkcsObjectIdentifiers.Pkcs9AtFriendlyName] == null) + { + fName.Add( + new DerSequence( + PkcsObjectIdentifiers.Pkcs9AtFriendlyName, + new DerSet(new DerBmpString(certId)))); + } + + certBags.Add(new SafeBag(PkcsObjectIdentifiers.CertBag, cBag.ToAsn1Object(), new DerSet(fName))); + + doneCerts.Add(cert.Certificate); + } + + foreach (CertId certId in chainCerts.Keys) + { + X509CertificateEntry cert = (X509CertificateEntry)chainCerts[certId]; + + if (doneCerts.Contains(cert.Certificate)) + continue; + + CertBag cBag = new CertBag( + PkcsObjectIdentifiers.X509Certificate, + new DerOctetString(cert.Certificate.GetEncoded())); + + Asn1EncodableVector fName = new Asn1EncodableVector(); + + foreach (string oid in cert.BagAttributeKeys) + { + // a certificate not immediately linked to a key doesn't require + // a localKeyID and will confuse some PKCS12 implementations. + // + // If we find one, we'll prune it out. + if (oid.Equals(PkcsObjectIdentifiers.Pkcs9AtLocalKeyID.Id)) + continue; + + fName.Add( + new DerSequence( + new DerObjectIdentifier(oid), + new DerSet(cert[oid]))); + } + + certBags.Add(new SafeBag(PkcsObjectIdentifiers.CertBag, cBag.ToAsn1Object(), new DerSet(fName))); + } + + byte[] certBagsEncoding = new DerSequence(certBags).GetDerEncoded(); + + ContentInfo certsInfo; + if (password == null || certAlgorithm == null) + { + certsInfo = new ContentInfo(PkcsObjectIdentifiers.Data, new BerOctetString(certBagsEncoding)); + } + else + { + byte[] certBytes = CryptPbeData(true, cAlgId, password, false, certBagsEncoding); + EncryptedData cInfo = new EncryptedData(PkcsObjectIdentifiers.Data, cAlgId, new BerOctetString(certBytes)); + certsInfo = new ContentInfo(PkcsObjectIdentifiers.EncryptedData, cInfo.ToAsn1Object()); + } + + ContentInfo[] info = new ContentInfo[]{ keysInfo, certsInfo }; + + byte[] data = new AuthenticatedSafe(info).GetEncoded( + useDerEncoding ? Asn1Encodable.Der : Asn1Encodable.Ber); + + ContentInfo mainInfo = new ContentInfo(PkcsObjectIdentifiers.Data, new BerOctetString(data)); + + // + // create the mac + // + MacData macData = null; + if (password != null) + { + byte[] mSalt = new byte[20]; + random.NextBytes(mSalt); + + byte[] mac = CalculatePbeMac(OiwObjectIdentifiers.IdSha1, + mSalt, MinIterations, password, false, data); + + AlgorithmIdentifier algId = new AlgorithmIdentifier( + OiwObjectIdentifiers.IdSha1, DerNull.Instance); + DigestInfo dInfo = new DigestInfo(algId, mac); + + macData = new MacData(dInfo, mSalt, MinIterations); + } + + // + // output the Pfx + // + Pfx pfx = new Pfx(mainInfo, macData); + + pfx.EncodeTo(stream, useDerEncoding ? Asn1Encodable.Der : Asn1Encodable.Ber); + } + + internal static byte[] CalculatePbeMac( + DerObjectIdentifier oid, + byte[] salt, + int itCount, + char[] password, + bool wrongPkcs12Zero, + byte[] data) + { + Asn1Encodable asn1Params = PbeUtilities.GenerateAlgorithmParameters( + oid, salt, itCount); + ICipherParameters cipherParams = PbeUtilities.GenerateCipherParameters( + oid, password, wrongPkcs12Zero, asn1Params); + + IMac mac = (IMac) PbeUtilities.CreateEngine(oid); + mac.Init(cipherParams); + return MacUtilities.DoFinal(mac, data); + } + + private static byte[] CryptPbeData( + bool forEncryption, + AlgorithmIdentifier algId, + char[] password, + bool wrongPkcs12Zero, + byte[] data) + { + IBufferedCipher cipher = PbeUtilities.CreateEngine(algId) as IBufferedCipher; + + if (cipher == null) + throw new Exception("Unknown encryption algorithm: " + algId.Algorithm); + + if (algId.Algorithm.Equals(PkcsObjectIdentifiers.IdPbeS2)) + { + PbeS2Parameters pbeParameters = PbeS2Parameters.GetInstance(algId.Parameters); + ICipherParameters cipherParams = PbeUtilities.GenerateCipherParameters( + algId.Algorithm, password, pbeParameters); + cipher.Init(forEncryption, cipherParams); + return cipher.DoFinal(data); + } + else + { + Pkcs12PbeParams pbeParameters = Pkcs12PbeParams.GetInstance(algId.Parameters); + ICipherParameters cipherParams = PbeUtilities.GenerateCipherParameters( + algId.Algorithm, password, wrongPkcs12Zero, pbeParameters); + cipher.Init(forEncryption, cipherParams); + return cipher.DoFinal(data); + } + } + + private class IgnoresCaseHashtable + : IEnumerable + { + private readonly IDictionary orig = Platform.CreateHashtable(); + private readonly IDictionary keys = Platform.CreateHashtable(); + + public void Clear() + { + orig.Clear(); + keys.Clear(); + } + + public IEnumerator GetEnumerator() + { + return orig.GetEnumerator(); + } + + public ICollection Keys + { + get { return orig.Keys; } + } + + public object Remove( + string alias) + { + string upper = Platform.ToUpperInvariant(alias); + string k = (string)keys[upper]; + + if (k == null) + return null; + + keys.Remove(upper); + + object o = orig[k]; + orig.Remove(k); + return o; + } + + public object this[ + string alias] + { + get + { + string upper = Platform.ToUpperInvariant(alias); + string k = (string)keys[upper]; + + if (k == null) + return null; + + return orig[k]; + } + set + { + string upper = Platform.ToUpperInvariant(alias); + string k = (string)keys[upper]; + if (k != null) + { + orig.Remove(k); + } + keys[upper] = alias; + orig[alias] = value; + } + } + + public ICollection Values + { + get { return orig.Values; } + } + + public int Count + { + get { return orig.Count; } + } + } + } +} diff --git a/BouncyCastle/crypto/src/pkcs/Pkcs12Utilities.cs b/BouncyCastle/crypto/src/pkcs/Pkcs12Utilities.cs new file mode 100644 index 0000000..2fbb82d --- /dev/null +++ b/BouncyCastle/crypto/src/pkcs/Pkcs12Utilities.cs @@ -0,0 +1,77 @@ +using System; +using System.IO; + +using Org.BouncyCastle.Asn1; +using Org.BouncyCastle.Asn1.Pkcs; +using Org.BouncyCastle.Asn1.X509; + +namespace Org.BouncyCastle.Pkcs +{ + /** + * Utility class for reencoding PKCS#12 files to definite length. + */ + public class Pkcs12Utilities + { + /** + * Just re-encode the outer layer of the PKCS#12 file to definite length encoding. + * + * @param berPKCS12File - original PKCS#12 file + * @return a byte array representing the DER encoding of the PFX structure + * @throws IOException + */ + public static byte[] ConvertToDefiniteLength( + byte[] berPkcs12File) + { + Pfx pfx = Pfx.GetInstance(berPkcs12File); + + return pfx.GetEncoded(Asn1Encodable.Der); + } + + /** + * Re-encode the PKCS#12 structure to definite length encoding at the inner layer + * as well, recomputing the MAC accordingly. + * + * @param berPKCS12File - original PKCS12 file. + * @param provider - provider to use for MAC calculation. + * @return a byte array representing the DER encoding of the PFX structure. + * @throws IOException on parsing, encoding errors. + */ + public static byte[] ConvertToDefiniteLength( + byte[] berPkcs12File, + char[] passwd) + { + Pfx pfx = Pfx.GetInstance(berPkcs12File); + + ContentInfo info = pfx.AuthSafe; + + Asn1OctetString content = Asn1OctetString.GetInstance(info.Content); + Asn1Object obj = Asn1Object.FromByteArray(content.GetOctets()); + + info = new ContentInfo(info.ContentType, new DerOctetString(obj.GetEncoded(Asn1Encodable.Der))); + + MacData mData = pfx.MacData; + + try + { + int itCount = mData.IterationCount.IntValue; + byte[] data = Asn1OctetString.GetInstance(info.Content).GetOctets(); + byte[] res = Pkcs12Store.CalculatePbeMac( + mData.Mac.AlgorithmID.Algorithm, mData.GetSalt(), itCount, passwd, false, data); + + AlgorithmIdentifier algId = new AlgorithmIdentifier( + mData.Mac.AlgorithmID.Algorithm, DerNull.Instance); + DigestInfo dInfo = new DigestInfo(algId, res); + + mData = new MacData(dInfo, mData.GetSalt(), itCount); + } + catch (Exception e) + { + throw new IOException("error constructing MAC: " + e.ToString()); + } + + pfx = new Pfx(info, mData); + + return pfx.GetEncoded(Asn1Encodable.Der); + } + } +} \ No newline at end of file diff --git a/BouncyCastle/crypto/src/pkcs/Pkcs8EncryptedPrivateKeyInfo.cs b/BouncyCastle/crypto/src/pkcs/Pkcs8EncryptedPrivateKeyInfo.cs new file mode 100644 index 0000000..5882dee --- /dev/null +++ b/BouncyCastle/crypto/src/pkcs/Pkcs8EncryptedPrivateKeyInfo.cs @@ -0,0 +1,106 @@ +using System; +using System.IO; + +using Org.BouncyCastle.Asn1.Pkcs; +using Org.BouncyCastle.Asn1.X509; +using Org.BouncyCastle.Crypto; +using Org.BouncyCastle.Utilities; +using Org.BouncyCastle.Utilities.IO; + +namespace Org.BouncyCastle.Pkcs +{ + /// + /// A holding class for a PKCS#8 encrypted private key info object that allows for its decryption. + /// + public class Pkcs8EncryptedPrivateKeyInfo + { + private EncryptedPrivateKeyInfo encryptedPrivateKeyInfo; + + private static EncryptedPrivateKeyInfo parseBytes(byte[] pkcs8Encoding) + { + try + { + return EncryptedPrivateKeyInfo.GetInstance(pkcs8Encoding); + } + + catch (ArgumentException e) + { + throw new PkcsIOException("malformed data: " + e.Message, e); + } + catch (Exception e) + { + throw new PkcsIOException("malformed data: " + e.Message, e); + } + } + + /// + /// Base constructor from a PKCS#8 EncryptedPrivateKeyInfo object. + /// + /// A PKCS#8 EncryptedPrivateKeyInfo object. + public Pkcs8EncryptedPrivateKeyInfo(EncryptedPrivateKeyInfo encryptedPrivateKeyInfo) + { + this.encryptedPrivateKeyInfo = encryptedPrivateKeyInfo; + } + + /// + /// Base constructor from a BER encoding of a PKCS#8 EncryptedPrivateKeyInfo object. + /// + /// A BER encoding of a PKCS#8 EncryptedPrivateKeyInfo objects. + public Pkcs8EncryptedPrivateKeyInfo(byte[] encryptedPrivateKeyInfo) : this(parseBytes(encryptedPrivateKeyInfo)) + { + + } + + /// + /// Returns the underlying ASN.1 structure inside this object. + /// + /// Return the EncryptedPrivateKeyInfo structure in this object. + public EncryptedPrivateKeyInfo ToAsn1Structure() + { + return encryptedPrivateKeyInfo; + } + + /// + /// Returns a copy of the encrypted data in this structure. + /// + /// Return a copy of the encrypted data in this object. + public byte[] GetEncryptedData() + { + return encryptedPrivateKeyInfo.GetEncryptedData(); + } + + /// + /// Return a binary ASN.1 encoding of the EncryptedPrivateKeyInfo structure in this object. + /// + /// A byte array containing the encoded object. + public byte[] GetEncoded() + { + return encryptedPrivateKeyInfo.GetEncoded(); + } + + /// + /// Get a decryptor from the passed in provider and decrypt the encrypted private key info, returning the result. + /// + /// A provider to query for decryptors for the object. + /// The decrypted private key info structure. + public PrivateKeyInfo DecryptPrivateKeyInfo(IDecryptorBuilderProvider inputDecryptorProvider) + { + try + { + ICipherBuilder decryptorBuilder = inputDecryptorProvider.CreateDecryptorBuilder(encryptedPrivateKeyInfo.EncryptionAlgorithm); + + ICipher encIn = decryptorBuilder.BuildCipher(new MemoryInputStream(encryptedPrivateKeyInfo.GetEncryptedData())); + + Stream strm = encIn.Stream; + byte[] data = Streams.ReadAll(encIn.Stream); + Platform.Dispose(strm); + + return PrivateKeyInfo.GetInstance(data); + } + catch (Exception e) + { + throw new PkcsException("unable to read encrypted data: " + e.Message, e); + } + } + } +} diff --git a/BouncyCastle/crypto/src/pkcs/Pkcs8EncryptedPrivateKeyInfoBuilder.cs b/BouncyCastle/crypto/src/pkcs/Pkcs8EncryptedPrivateKeyInfoBuilder.cs new file mode 100644 index 0000000..8f75149 --- /dev/null +++ b/BouncyCastle/crypto/src/pkcs/Pkcs8EncryptedPrivateKeyInfoBuilder.cs @@ -0,0 +1,51 @@ +using System; +using System.IO; + +using Org.BouncyCastle.Asn1.Pkcs; +using Org.BouncyCastle.Asn1.X509; +using Org.BouncyCastle.Crypto; +using Org.BouncyCastle.Utilities; +using Org.BouncyCastle.Utilities.IO; + +namespace Org.BouncyCastle.Pkcs +{ + public class Pkcs8EncryptedPrivateKeyInfoBuilder + { + private PrivateKeyInfo privateKeyInfo; + + public Pkcs8EncryptedPrivateKeyInfoBuilder(byte[] privateKeyInfo): this(PrivateKeyInfo.GetInstance(privateKeyInfo)) + { + } + + public Pkcs8EncryptedPrivateKeyInfoBuilder(PrivateKeyInfo privateKeyInfo) + { + this.privateKeyInfo = privateKeyInfo; + } + + /// + /// Create the encrypted private key info using the passed in encryptor. + /// + /// The encryptor to use. + /// An encrypted private key info containing the original private key info. + public Pkcs8EncryptedPrivateKeyInfo Build( + ICipherBuilder encryptor) + { + try + { + MemoryStream bOut = new MemoryOutputStream(); + ICipher cOut = encryptor.BuildCipher(bOut); + byte[] keyData = privateKeyInfo.GetEncoded(); + + Stream str = cOut.Stream; + str.Write(keyData, 0, keyData.Length); + Platform.Dispose(str); + + return new Pkcs8EncryptedPrivateKeyInfo(new EncryptedPrivateKeyInfo((AlgorithmIdentifier)encryptor.AlgorithmDetails, bOut.ToArray())); + } + catch (IOException) + { + throw new InvalidOperationException("cannot encode privateKeyInfo"); + } + } + } +} diff --git a/BouncyCastle/crypto/src/pkcs/PkcsException.cs b/BouncyCastle/crypto/src/pkcs/PkcsException.cs new file mode 100644 index 0000000..7a69ff7 --- /dev/null +++ b/BouncyCastle/crypto/src/pkcs/PkcsException.cs @@ -0,0 +1,21 @@ +using System; + +namespace Org.BouncyCastle.Pkcs +{ + /// + /// Base exception for PKCS related issues. + /// + public class PkcsException + : Exception + { + public PkcsException(string message) + : base(message) + { + } + + public PkcsException(string message, Exception underlying) + : base(message, underlying) + { + } + } +} diff --git a/BouncyCastle/crypto/src/pkcs/PkcsIOException.cs b/BouncyCastle/crypto/src/pkcs/PkcsIOException.cs new file mode 100644 index 0000000..19f17a3 --- /dev/null +++ b/BouncyCastle/crypto/src/pkcs/PkcsIOException.cs @@ -0,0 +1,19 @@ +using System; +using System.IO; + +namespace Org.BouncyCastle.Pkcs +{ + /// + /// Base exception for parsing related issues in the PKCS namespace. + /// + public class PkcsIOException: IOException + { + public PkcsIOException(String message) : base(message) + { + } + + public PkcsIOException(String message, Exception underlying) : base(message, underlying) + { + } + } +} diff --git a/BouncyCastle/crypto/src/pkcs/PrivateKeyInfoFactory.cs b/BouncyCastle/crypto/src/pkcs/PrivateKeyInfoFactory.cs new file mode 100644 index 0000000..0d50269 --- /dev/null +++ b/BouncyCastle/crypto/src/pkcs/PrivateKeyInfoFactory.cs @@ -0,0 +1,291 @@ +using System; + +using Org.BouncyCastle.Asn1; +using Org.BouncyCastle.Asn1.CryptoPro; +using Org.BouncyCastle.Asn1.EdEC; +using Org.BouncyCastle.Asn1.Oiw; +using Org.BouncyCastle.Asn1.Pkcs; +using Org.BouncyCastle.Asn1.Rosstandart; +using Org.BouncyCastle.Asn1.Sec; +using Org.BouncyCastle.Asn1.X509; +using Org.BouncyCastle.Asn1.X9; +using Org.BouncyCastle.Crypto; +using Org.BouncyCastle.Crypto.Generators; +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Math; +using Org.BouncyCastle.Security; +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Pkcs +{ + public sealed class PrivateKeyInfoFactory + { + private PrivateKeyInfoFactory() + { + } + + public static PrivateKeyInfo CreatePrivateKeyInfo( + AsymmetricKeyParameter privateKey) + { + return CreatePrivateKeyInfo(privateKey, null); + } + + /** + * Create a PrivateKeyInfo representation of a private key with attributes. + * + * @param privateKey the key to be encoded into the info object. + * @param attributes the set of attributes to be included. + * @return the appropriate PrivateKeyInfo + * @throws java.io.IOException on an error encoding the key + */ + public static PrivateKeyInfo CreatePrivateKeyInfo(AsymmetricKeyParameter privateKey, Asn1Set attributes) + { + if (privateKey == null) + throw new ArgumentNullException("privateKey"); + if (!privateKey.IsPrivate) + throw new ArgumentException("Public key passed - private key expected", "privateKey"); + + if (privateKey is ElGamalPrivateKeyParameters) + { + ElGamalPrivateKeyParameters _key = (ElGamalPrivateKeyParameters)privateKey; + ElGamalParameters egp = _key.Parameters; + return new PrivateKeyInfo( + new AlgorithmIdentifier(OiwObjectIdentifiers.ElGamalAlgorithm, new ElGamalParameter(egp.P, egp.G).ToAsn1Object()), + new DerInteger(_key.X), + attributes); + } + + if (privateKey is DsaPrivateKeyParameters) + { + DsaPrivateKeyParameters _key = (DsaPrivateKeyParameters)privateKey; + DsaParameters dp = _key.Parameters; + return new PrivateKeyInfo( + new AlgorithmIdentifier(X9ObjectIdentifiers.IdDsa, new DsaParameter(dp.P, dp.Q, dp.G).ToAsn1Object()), + new DerInteger(_key.X), + attributes); + } + + if (privateKey is DHPrivateKeyParameters) + { + DHPrivateKeyParameters _key = (DHPrivateKeyParameters)privateKey; + + DHParameter p = new DHParameter( + _key.Parameters.P, _key.Parameters.G, _key.Parameters.L); + + return new PrivateKeyInfo( + new AlgorithmIdentifier(_key.AlgorithmOid, p.ToAsn1Object()), + new DerInteger(_key.X), + attributes); + } + + if (privateKey is RsaKeyParameters) + { + AlgorithmIdentifier algID = new AlgorithmIdentifier( + PkcsObjectIdentifiers.RsaEncryption, DerNull.Instance); + + RsaPrivateKeyStructure keyStruct; + if (privateKey is RsaPrivateCrtKeyParameters) + { + RsaPrivateCrtKeyParameters _key = (RsaPrivateCrtKeyParameters)privateKey; + + keyStruct = new RsaPrivateKeyStructure( + _key.Modulus, + _key.PublicExponent, + _key.Exponent, + _key.P, + _key.Q, + _key.DP, + _key.DQ, + _key.QInv); + } + else + { + RsaKeyParameters _key = (RsaKeyParameters) privateKey; + + keyStruct = new RsaPrivateKeyStructure( + _key.Modulus, + BigInteger.Zero, + _key.Exponent, + BigInteger.Zero, + BigInteger.Zero, + BigInteger.Zero, + BigInteger.Zero, + BigInteger.Zero); + } + + return new PrivateKeyInfo(algID, keyStruct.ToAsn1Object(), attributes); + } + + if (privateKey is ECPrivateKeyParameters) + { + ECPrivateKeyParameters priv = (ECPrivateKeyParameters) privateKey; + DerBitString publicKey = new DerBitString(ECKeyPairGenerator.GetCorrespondingPublicKey(priv).Q.GetEncoded(false)); + + ECDomainParameters dp = priv.Parameters; + + // ECGOST3410 + if (dp is ECGost3410Parameters) + { + ECGost3410Parameters domainParameters = (ECGost3410Parameters) dp; + + Gost3410PublicKeyAlgParameters gostParams = new Gost3410PublicKeyAlgParameters( + (domainParameters).PublicKeyParamSet, + (domainParameters).DigestParamSet, + (domainParameters).EncryptionParamSet); + + bool is512 = priv.D.BitLength > 256; + DerObjectIdentifier identifier = (is512) ? + RosstandartObjectIdentifiers.id_tc26_gost_3410_12_512 : + RosstandartObjectIdentifiers.id_tc26_gost_3410_12_256; + int size = (is512) ? 64 : 32; + + byte[] encKey = new byte[size]; + + ExtractBytes(encKey, size, 0, priv.D); + + return new PrivateKeyInfo(new AlgorithmIdentifier(identifier, gostParams), new DerOctetString(encKey)); + } + + + int orderBitLength = dp.N.BitLength; + + AlgorithmIdentifier algID; + ECPrivateKeyStructure ec; + + if (priv.AlgorithmName == "ECGOST3410") + { + if (priv.PublicKeyParamSet == null) + throw Platform.CreateNotImplementedException("Not a CryptoPro parameter set"); + + Gost3410PublicKeyAlgParameters gostParams = new Gost3410PublicKeyAlgParameters( + priv.PublicKeyParamSet, CryptoProObjectIdentifiers.GostR3411x94CryptoProParamSet); + + algID = new AlgorithmIdentifier(CryptoProObjectIdentifiers.GostR3410x2001, gostParams); + + // TODO Do we need to pass any parameters here? + ec = new ECPrivateKeyStructure(orderBitLength, priv.D, publicKey, null); + } + else + { + X962Parameters x962; + if (priv.PublicKeyParamSet == null) + { + X9ECParameters ecP = new X9ECParameters(dp.Curve, dp.G, dp.N, dp.H, dp.GetSeed()); + x962 = new X962Parameters(ecP); + } + else + { + x962 = new X962Parameters(priv.PublicKeyParamSet); + } + + ec = new ECPrivateKeyStructure(orderBitLength, priv.D, publicKey, x962); + + algID = new AlgorithmIdentifier(X9ObjectIdentifiers.IdECPublicKey, x962); + } + + return new PrivateKeyInfo(algID, ec, attributes); + } + + if (privateKey is Gost3410PrivateKeyParameters) + { + Gost3410PrivateKeyParameters _key = (Gost3410PrivateKeyParameters)privateKey; + + if (_key.PublicKeyParamSet == null) + throw Platform.CreateNotImplementedException("Not a CryptoPro parameter set"); + + byte[] keyEnc = _key.X.ToByteArrayUnsigned(); + byte[] keyBytes = new byte[keyEnc.Length]; + + for (int i = 0; i != keyBytes.Length; i++) + { + keyBytes[i] = keyEnc[keyEnc.Length - 1 - i]; // must be little endian + } + + Gost3410PublicKeyAlgParameters algParams = new Gost3410PublicKeyAlgParameters( + _key.PublicKeyParamSet, CryptoProObjectIdentifiers.GostR3411x94CryptoProParamSet, null); + + AlgorithmIdentifier algID = new AlgorithmIdentifier( + CryptoProObjectIdentifiers.GostR3410x94, + algParams.ToAsn1Object()); + + return new PrivateKeyInfo(algID, new DerOctetString(keyBytes), attributes); + } + + if (privateKey is X448PrivateKeyParameters) + { + X448PrivateKeyParameters key = (X448PrivateKeyParameters)privateKey; + + return new PrivateKeyInfo(new AlgorithmIdentifier(EdECObjectIdentifiers.id_X448), + new DerOctetString(key.GetEncoded()), attributes, key.GeneratePublicKey().GetEncoded()); + } + + if (privateKey is X25519PrivateKeyParameters) + { + X25519PrivateKeyParameters key = (X25519PrivateKeyParameters)privateKey; + + return new PrivateKeyInfo(new AlgorithmIdentifier(EdECObjectIdentifiers.id_X25519), + new DerOctetString(key.GetEncoded()), attributes, key.GeneratePublicKey().GetEncoded()); + } + + if (privateKey is Ed448PrivateKeyParameters) + { + Ed448PrivateKeyParameters key = (Ed448PrivateKeyParameters)privateKey; + + return new PrivateKeyInfo(new AlgorithmIdentifier(EdECObjectIdentifiers.id_Ed448), + new DerOctetString(key.GetEncoded()), attributes, key.GeneratePublicKey().GetEncoded()); + } + + if (privateKey is Ed25519PrivateKeyParameters) + { + Ed25519PrivateKeyParameters key = (Ed25519PrivateKeyParameters)privateKey; + + return new PrivateKeyInfo(new AlgorithmIdentifier(EdECObjectIdentifiers.id_Ed25519), + new DerOctetString(key.GetEncoded()), attributes, key.GeneratePublicKey().GetEncoded()); + } + + throw new ArgumentException("Class provided is not convertible: " + Platform.GetTypeName(privateKey)); + } + + public static PrivateKeyInfo CreatePrivateKeyInfo( + char[] passPhrase, + EncryptedPrivateKeyInfo encInfo) + { + return CreatePrivateKeyInfo(passPhrase, false, encInfo); + } + + public static PrivateKeyInfo CreatePrivateKeyInfo( + char[] passPhrase, + bool wrongPkcs12Zero, + EncryptedPrivateKeyInfo encInfo) + { + AlgorithmIdentifier algID = encInfo.EncryptionAlgorithm; + + IBufferedCipher cipher = PbeUtilities.CreateEngine(algID) as IBufferedCipher; + if (cipher == null) + throw new Exception("Unknown encryption algorithm: " + algID.Algorithm); + + ICipherParameters cipherParameters = PbeUtilities.GenerateCipherParameters( + algID, passPhrase, wrongPkcs12Zero); + cipher.Init(false, cipherParameters); + byte[] keyBytes = cipher.DoFinal(encInfo.GetEncryptedData()); + + return PrivateKeyInfo.GetInstance(keyBytes); + } + + private static void ExtractBytes(byte[] encKey, int size, int offSet, BigInteger bI) + { + byte[] val = bI.ToByteArray(); + if (val.Length < size) + { + byte[] tmp = new byte[size]; + Array.Copy(val, 0, tmp, tmp.Length - val.Length, val.Length); + val = tmp; + } + + for (int i = 0; i != size; i++) + { + encKey[offSet + i] = val[val.Length - 1 - i]; + } + } + } +} diff --git a/BouncyCastle/crypto/src/pkcs/X509CertificateEntry.cs b/BouncyCastle/crypto/src/pkcs/X509CertificateEntry.cs new file mode 100644 index 0000000..2f81dd8 --- /dev/null +++ b/BouncyCastle/crypto/src/pkcs/X509CertificateEntry.cs @@ -0,0 +1,60 @@ +using System; +using System.Collections; + +using Org.BouncyCastle.Utilities; +using Org.BouncyCastle.X509; + +namespace Org.BouncyCastle.Pkcs +{ + public class X509CertificateEntry + : Pkcs12Entry + { + private readonly X509Certificate cert; + + public X509CertificateEntry( + X509Certificate cert) + : base(Platform.CreateHashtable()) + { + this.cert = cert; + } + +#if !(SILVERLIGHT || PORTABLE) + [Obsolete] + public X509CertificateEntry( + X509Certificate cert, + Hashtable attributes) + : base(attributes) + { + this.cert = cert; + } +#endif + + public X509CertificateEntry( + X509Certificate cert, + IDictionary attributes) + : base(attributes) + { + this.cert = cert; + } + + public X509Certificate Certificate + { + get { return this.cert; } + } + + public override bool Equals(object obj) + { + X509CertificateEntry other = obj as X509CertificateEntry; + + if (other == null) + return false; + + return cert.Equals(other.cert); + } + + public override int GetHashCode() + { + return ~cert.GetHashCode(); + } + } +} diff --git a/BouncyCastle/crypto/src/pkix/CertStatus.cs b/BouncyCastle/crypto/src/pkix/CertStatus.cs new file mode 100644 index 0000000..4f40b7b --- /dev/null +++ b/BouncyCastle/crypto/src/pkix/CertStatus.cs @@ -0,0 +1,35 @@ +using System; + +using Org.BouncyCastle.Utilities.Date; + +namespace Org.BouncyCastle.Pkix +{ + public class CertStatus + { + public const int Unrevoked = 11; + + public const int Undetermined = 12; + + private int status = Unrevoked; + + DateTimeObject revocationDate = null; + + /// + /// Returns the revocationDate. + /// + public DateTimeObject RevocationDate + { + get { return revocationDate; } + set { this.revocationDate = value; } + } + + /// + /// Returns the certStatus. + /// + public int Status + { + get { return status; } + set { this.status = value; } + } + } +} diff --git a/BouncyCastle/crypto/src/pkix/PkixAttrCertChecker.cs b/BouncyCastle/crypto/src/pkix/PkixAttrCertChecker.cs new file mode 100644 index 0000000..a6eab84 --- /dev/null +++ b/BouncyCastle/crypto/src/pkix/PkixAttrCertChecker.cs @@ -0,0 +1,57 @@ +using System; +using System.Collections; + +using Org.BouncyCastle.Utilities.Collections; +using Org.BouncyCastle.X509; + +namespace Org.BouncyCastle.Pkix +{ + public abstract class PkixAttrCertChecker + { + /** + * Returns an immutable Set of X.509 attribute certificate + * extensions that this PkixAttrCertChecker supports or + * null if no extensions are supported. + *

    + * Each element of the set is a String representing the + * Object Identifier (OID) of the X.509 extension that is supported. + *

    + *

    + * All X.509 attribute certificate extensions that a + * PkixAttrCertChecker might possibly be able to process + * should be included in the set. + *

    + * + * @return an immutable Set of X.509 extension OIDs (in + * String format) supported by this + * PkixAttrCertChecker, or null if no + * extensions are supported + */ + public abstract ISet GetSupportedExtensions(); + + /** + * Performs checks on the specified attribute certificate. Every handled + * extension is rmeoved from the unresolvedCritExts + * collection. + * + * @param attrCert The attribute certificate to be checked. + * @param certPath The certificate path which belongs to the attribute + * certificate issuer public key certificate. + * @param holderCertPath The certificate path which belongs to the holder + * certificate. + * @param unresolvedCritExts a Collection of OID strings + * representing the current set of unresolved critical extensions + * @throws CertPathValidatorException if the specified attribute certificate + * does not pass the check. + */ + public abstract void Check(IX509AttributeCertificate attrCert, PkixCertPath certPath, + PkixCertPath holderCertPath, ICollection unresolvedCritExts); + + /** + * Returns a clone of this object. + * + * @return a copy of this PkixAttrCertChecker + */ + public abstract PkixAttrCertChecker Clone(); + } +} diff --git a/BouncyCastle/crypto/src/pkix/PkixAttrCertPathBuilder.cs b/BouncyCastle/crypto/src/pkix/PkixAttrCertPathBuilder.cs new file mode 100644 index 0000000..a45f30b --- /dev/null +++ b/BouncyCastle/crypto/src/pkix/PkixAttrCertPathBuilder.cs @@ -0,0 +1,215 @@ +using System; +using System.Collections; + +using Org.BouncyCastle.Asn1.X509; +using Org.BouncyCastle.Security.Certificates; +using Org.BouncyCastle.Utilities; +using Org.BouncyCastle.Utilities.Collections; +using Org.BouncyCastle.X509; +using Org.BouncyCastle.X509.Store; + +namespace Org.BouncyCastle.Pkix +{ + public class PkixAttrCertPathBuilder + { + /** + * Build and validate a CertPath using the given parameter. + * + * @param params PKIXBuilderParameters object containing all information to + * build the CertPath + */ + public virtual PkixCertPathBuilderResult Build( + PkixBuilderParameters pkixParams) + { + // search target certificates + + IX509Selector certSelect = pkixParams.GetTargetConstraints(); + if (!(certSelect is X509AttrCertStoreSelector)) + { + throw new PkixCertPathBuilderException( + "TargetConstraints must be an instance of " + + typeof(X509AttrCertStoreSelector).FullName + + " for " + + typeof(PkixAttrCertPathBuilder).FullName + " class."); + } + + ICollection targets; + try + { + targets = PkixCertPathValidatorUtilities.FindCertificates( + (X509AttrCertStoreSelector)certSelect, pkixParams.GetStores()); + } + catch (Exception e) + { + throw new PkixCertPathBuilderException("Error finding target attribute certificate.", e); + } + + if (targets.Count == 0) + { + throw new PkixCertPathBuilderException( + "No attribute certificate found matching targetConstraints."); + } + + PkixCertPathBuilderResult result = null; + + // check all potential target certificates + foreach (IX509AttributeCertificate cert in targets) + { + X509CertStoreSelector selector = new X509CertStoreSelector(); + X509Name[] principals = cert.Issuer.GetPrincipals(); + ISet issuers = new HashSet(); + for (int i = 0; i < principals.Length; i++) + { + try + { + selector.Subject = principals[i]; + + issuers.AddAll(PkixCertPathValidatorUtilities.FindCertificates(selector, pkixParams.GetStores())); + } + catch (Exception e) + { + throw new PkixCertPathBuilderException( + "Public key certificate for attribute certificate cannot be searched.", + e); + } + } + + if (issuers.IsEmpty) + throw new PkixCertPathBuilderException("Public key certificate for attribute certificate cannot be found."); + + IList certPathList = Platform.CreateArrayList(); + + foreach (X509Certificate issuer in issuers) + { + result = Build(cert, issuer, pkixParams, certPathList); + + if (result != null) + break; + } + + if (result != null) + break; + } + + if (result == null && certPathException != null) + { + throw new PkixCertPathBuilderException( + "Possible certificate chain could not be validated.", + certPathException); + } + + if (result == null && certPathException == null) + { + throw new PkixCertPathBuilderException( + "Unable to find certificate chain."); + } + + return result; + } + + private Exception certPathException; + + private PkixCertPathBuilderResult Build( + IX509AttributeCertificate attrCert, + X509Certificate tbvCert, + PkixBuilderParameters pkixParams, + IList tbvPath) + { + // If tbvCert is readily present in tbvPath, it indicates having run + // into a cycle in the + // PKI graph. + if (tbvPath.Contains(tbvCert)) + return null; + + // step out, the certificate is not allowed to appear in a certification + // chain + if (pkixParams.GetExcludedCerts().Contains(tbvCert)) + return null; + + // test if certificate path exceeds maximum length + if (pkixParams.MaxPathLength != -1) + { + if (tbvPath.Count - 1 > pkixParams.MaxPathLength) + return null; + } + + tbvPath.Add(tbvCert); + + PkixCertPathBuilderResult builderResult = null; + +// X509CertificateParser certParser = new X509CertificateParser(); + PkixAttrCertPathValidator validator = new PkixAttrCertPathValidator(); + + try + { + // check whether the issuer of is a TrustAnchor + if (PkixCertPathValidatorUtilities.IsIssuerTrustAnchor(tbvCert, pkixParams.GetTrustAnchors())) + { + PkixCertPath certPath = new PkixCertPath(tbvPath); + PkixCertPathValidatorResult result; + + try + { + result = validator.Validate(certPath, pkixParams); + } + catch (Exception e) + { + throw new Exception("Certification path could not be validated.", e); + } + + return new PkixCertPathBuilderResult(certPath, result.TrustAnchor, + result.PolicyTree, result.SubjectPublicKey); + } + else + { + // add additional X.509 stores from locations in certificate + try + { + PkixCertPathValidatorUtilities.AddAdditionalStoresFromAltNames(tbvCert, pkixParams); + } + catch (CertificateParsingException e) + { + throw new Exception("No additional X.509 stores can be added from certificate locations.", e); + } + + // try to get the issuer certificate from one of the stores + ISet issuers = new HashSet(); + try + { + issuers.AddAll(PkixCertPathValidatorUtilities.FindIssuerCerts(tbvCert, pkixParams)); + } + catch (Exception e) + { + throw new Exception("Cannot find issuer certificate for certificate in certification path.", e); + } + + if (issuers.IsEmpty) + throw new Exception("No issuer certificate for certificate in certification path found."); + + foreach (X509Certificate issuer in issuers) + { + // if untrusted self signed certificate continue + if (PkixCertPathValidatorUtilities.IsSelfIssued(issuer)) + continue; + + builderResult = Build(attrCert, issuer, pkixParams, tbvPath); + + if (builderResult != null) + break; + } + } + } + catch (Exception e) + { + certPathException = new Exception("No valid certification path could be build.", e); + } + + if (builderResult == null) + { + tbvPath.Remove(tbvCert); + } + + return builderResult; + } + } +} diff --git a/BouncyCastle/crypto/src/pkix/PkixAttrCertPathValidator.cs b/BouncyCastle/crypto/src/pkix/PkixAttrCertPathValidator.cs new file mode 100644 index 0000000..5f53bcd --- /dev/null +++ b/BouncyCastle/crypto/src/pkix/PkixAttrCertPathValidator.cs @@ -0,0 +1,76 @@ +using System; + +using Org.BouncyCastle.X509; +using Org.BouncyCastle.X509.Store; + +namespace Org.BouncyCastle.Pkix +{ + /** + * CertPathValidatorSpi implementation for X.509 Attribute Certificates la RFC 3281. + * + * @see org.bouncycastle.x509.ExtendedPkixParameters + */ + public class PkixAttrCertPathValidator + // extends CertPathValidatorSpi + { + /** + * Validates an attribute certificate with the given certificate path. + * + *

    + * params must be an instance of + * ExtendedPkixParameters. + *

    + * The target constraints in the params must be an + * X509AttrCertStoreSelector with at least the attribute + * certificate criterion set. Obey that also target informations may be + * necessary to correctly validate this attribute certificate. + *

    + * The attribute certificate issuer must be added to the trusted attribute + * issuers with {@link ExtendedPkixParameters#setTrustedACIssuers(Set)}. + *

    + * @param certPath The certificate path which belongs to the attribute + * certificate issuer public key certificate. + * @param params The PKIX parameters. + * @return A PKIXCertPathValidatorResult of the result of + * validating the certPath. + * @throws InvalidAlgorithmParameterException if params is + * inappropriate for this validator. + * @throws CertPathValidatorException if the verification fails. + */ + public virtual PkixCertPathValidatorResult Validate( + PkixCertPath certPath, + PkixParameters pkixParams) + { + IX509Selector certSelect = pkixParams.GetTargetConstraints(); + if (!(certSelect is X509AttrCertStoreSelector)) + { + throw new ArgumentException( + "TargetConstraints must be an instance of " + typeof(X509AttrCertStoreSelector).FullName, + "pkixParams"); + } + IX509AttributeCertificate attrCert = ((X509AttrCertStoreSelector) certSelect).AttributeCert; + + PkixCertPath holderCertPath = Rfc3281CertPathUtilities.ProcessAttrCert1(attrCert, pkixParams); + PkixCertPathValidatorResult result = Rfc3281CertPathUtilities.ProcessAttrCert2(certPath, pkixParams); + X509Certificate issuerCert = (X509Certificate)certPath.Certificates[0]; + Rfc3281CertPathUtilities.ProcessAttrCert3(issuerCert, pkixParams); + Rfc3281CertPathUtilities.ProcessAttrCert4(issuerCert, pkixParams); + Rfc3281CertPathUtilities.ProcessAttrCert5(attrCert, pkixParams); + // 6 already done in X509AttrCertStoreSelector + Rfc3281CertPathUtilities.ProcessAttrCert7(attrCert, certPath, holderCertPath, pkixParams); + Rfc3281CertPathUtilities.AdditionalChecks(attrCert, pkixParams); + DateTime date; + try + { + date = PkixCertPathValidatorUtilities.GetValidCertDateFromValidityModel(pkixParams, null, -1); + } + catch (Exception e) + { + throw new PkixCertPathValidatorException( + "Could not get validity date from attribute certificate.", e); + } + Rfc3281CertPathUtilities.CheckCrls(attrCert, pkixParams, issuerCert, date, certPath.Certificates); + return result; + } + } +} diff --git a/BouncyCastle/crypto/src/pkix/PkixBuilderParameters.cs b/BouncyCastle/crypto/src/pkix/PkixBuilderParameters.cs new file mode 100644 index 0000000..9b8fb3d --- /dev/null +++ b/BouncyCastle/crypto/src/pkix/PkixBuilderParameters.cs @@ -0,0 +1,140 @@ +using System; +using System.Text; + +using Org.BouncyCastle.Security; +using Org.BouncyCastle.X509.Store; +using Org.BouncyCastle.Utilities; +using Org.BouncyCastle.Utilities.Collections; + +namespace Org.BouncyCastle.Pkix +{ + /// + /// Summary description for PkixBuilderParameters. + /// + public class PkixBuilderParameters + : PkixParameters + { + private int maxPathLength = 5; + + private ISet excludedCerts = new HashSet(); + + /** + * Returns an instance of PkixBuilderParameters. + *

    + * This method can be used to get a copy from other + * PKIXBuilderParameters, PKIXParameters, + * and ExtendedPKIXParameters instances. + *

    + * + * @param pkixParams The PKIX parameters to create a copy of. + * @return An PkixBuilderParameters instance. + */ + public static PkixBuilderParameters GetInstance( + PkixParameters pkixParams) + { + PkixBuilderParameters parameters = new PkixBuilderParameters( + pkixParams.GetTrustAnchors(), + new X509CertStoreSelector(pkixParams.GetTargetCertConstraints())); + parameters.SetParams(pkixParams); + return parameters; + } + + public PkixBuilderParameters( + ISet trustAnchors, + IX509Selector targetConstraints) + : base(trustAnchors) + { + SetTargetCertConstraints(targetConstraints); + } + + public virtual int MaxPathLength + { + get { return maxPathLength; } + set + { + if (value < -1) + { + throw new InvalidParameterException( + "The maximum path length parameter can not be less than -1."); + } + this.maxPathLength = value; + } + } + + /// + /// Excluded certificates are not used for building a certification path. + /// + /// the excluded certificates. + public virtual ISet GetExcludedCerts() + { + return new HashSet(excludedCerts); + } + + /// + /// Sets the excluded certificates which are not used for building a + /// certification path. If the ISet is null an + /// empty set is assumed. + /// + /// + /// The given set is cloned to protect it against subsequent modifications. + /// + /// The excluded certificates to set. + public virtual void SetExcludedCerts( + ISet excludedCerts) + { + if (excludedCerts == null) + { + this.excludedCerts = new HashSet(); + } + else + { + this.excludedCerts = new HashSet(excludedCerts); + } + } + + /** + * Can alse handle ExtendedPKIXBuilderParameters and + * PKIXBuilderParameters. + * + * @param params Parameters to set. + * @see org.bouncycastle.x509.ExtendedPKIXParameters#setParams(java.security.cert.PKIXParameters) + */ + protected override void SetParams( + PkixParameters parameters) + { + base.SetParams(parameters); + if (parameters is PkixBuilderParameters) + { + PkixBuilderParameters _params = (PkixBuilderParameters) parameters; + maxPathLength = _params.maxPathLength; + excludedCerts = new HashSet(_params.excludedCerts); + } + } + + /** + * Makes a copy of this PKIXParameters object. Changes to the + * copy will not affect the original and vice versa. + * + * @return a copy of this PKIXParameters object + */ + public override object Clone() + { + PkixBuilderParameters parameters = new PkixBuilderParameters( + GetTrustAnchors(), GetTargetCertConstraints()); + parameters.SetParams(this); + return parameters; + } + + public override string ToString() + { + string nl = Platform.NewLine; + StringBuilder s = new StringBuilder(); + s.Append("PkixBuilderParameters [" + nl); + s.Append(base.ToString()); + s.Append(" Maximum Path Length: "); + s.Append(MaxPathLength); + s.Append(nl + "]" + nl); + return s.ToString(); + } + } +} diff --git a/BouncyCastle/crypto/src/pkix/PkixCertPath.cs b/BouncyCastle/crypto/src/pkix/PkixCertPath.cs new file mode 100644 index 0000000..459c161 --- /dev/null +++ b/BouncyCastle/crypto/src/pkix/PkixCertPath.cs @@ -0,0 +1,460 @@ +using System; +using System.Collections; +using System.IO; +using System.Text; + +using Org.BouncyCastle.Asn1; +using Org.BouncyCastle.Asn1.Cms; +using Org.BouncyCastle.Asn1.X509; +using Org.BouncyCastle.Asn1.Pkcs; +using Org.BouncyCastle.Cms; +using Org.BouncyCastle.X509; +using Org.BouncyCastle.OpenSsl; +using Org.BouncyCastle.Security.Certificates; +using Org.BouncyCastle.Utilities; +using Org.BouncyCastle.Utilities.Collections; + +namespace Org.BouncyCastle.Pkix +{ + /** + * An immutable sequence of certificates (a certification path).
    + *
    + * This is an abstract class that defines the methods common to all CertPaths. + * Subclasses can handle different kinds of certificates (X.509, PGP, etc.).
    + *
    + * All CertPath objects have a type, a list of Certificates, and one or more + * supported encodings. Because the CertPath class is immutable, a CertPath + * cannot change in any externally visible way after being constructed. This + * stipulation applies to all public fields and methods of this class and any + * added or overridden by subclasses.
    + *
    + * The type is a string that identifies the type of Certificates in the + * certification path. For each certificate cert in a certification path + * certPath, cert.getType().equals(certPath.getType()) must be true.
    + *
    + * The list of Certificates is an ordered List of zero or more Certificates. + * This List and all of the Certificates contained in it must be immutable.
    + *
    + * Each CertPath object must support one or more encodings so that the object + * can be translated into a byte array for storage or transmission to other + * parties. Preferably, these encodings should be well-documented standards + * (such as PKCS#7). One of the encodings supported by a CertPath is considered + * the default encoding. This encoding is used if no encoding is explicitly + * requested (for the {@link #getEncoded()} method, for instance).
    + *
    + * All CertPath objects are also Serializable. CertPath objects are resolved + * into an alternate {@link CertPathRep} object during serialization. This + * allows a CertPath object to be serialized into an equivalent representation + * regardless of its underlying implementation.
    + *
    + * CertPath objects can be created with a CertificateFactory or they can be + * returned by other classes, such as a CertPathBuilder.
    + *
    + * By convention, X.509 CertPaths (consisting of X509Certificates), are ordered + * starting with the target certificate and ending with a certificate issued by + * the trust anchor. That is, the issuer of one certificate is the subject of + * the following one. The certificate representing the + * {@link TrustAnchor TrustAnchor} should not be included in the certification + * path. Unvalidated X.509 CertPaths may not follow these conventions. PKIX + * CertPathValidators will detect any departure from these conventions that + * cause the certification path to be invalid and throw a + * CertPathValidatorException.
    + *
    + * Concurrent Access
    + *
    + * All CertPath objects must be thread-safe. That is, multiple threads may + * concurrently invoke the methods defined in this class on a single CertPath + * object (or more than one) with no ill effects. This is also true for the List + * returned by CertPath.getCertificates.
    + *
    + * Requiring CertPath objects to be immutable and thread-safe allows them to be + * passed around to various pieces of code without worrying about coordinating + * access. Providing this thread-safety is generally not difficult, since the + * CertPath and List objects in question are immutable. + * + * @see CertificateFactory + * @see CertPathBuilder + */ + /// + /// CertPath implementation for X.509 certificates. + /// + public class PkixCertPath +// : CertPath + { + internal static readonly IList certPathEncodings; + + static PkixCertPath() + { + IList encodings = Platform.CreateArrayList(); + encodings.Add("PkiPath"); + encodings.Add("PEM"); + encodings.Add("PKCS7"); + certPathEncodings = CollectionUtilities.ReadOnly(encodings); + } + + private readonly IList certificates; + + /** + * @param certs + */ + private static IList SortCerts( + IList certs) + { + if (certs.Count < 2) + return certs; + + X509Name issuer = ((X509Certificate)certs[0]).IssuerDN; + bool okay = true; + + for (int i = 1; i != certs.Count; i++) + { + X509Certificate cert = (X509Certificate)certs[i]; + + if (issuer.Equivalent(cert.SubjectDN, true)) + { + issuer = ((X509Certificate)certs[i]).IssuerDN; + } + else + { + okay = false; + break; + } + } + + if (okay) + return certs; + + // find end-entity cert + IList retList = Platform.CreateArrayList(certs.Count); + IList orig = Platform.CreateArrayList(certs); + + for (int i = 0; i < certs.Count; i++) + { + X509Certificate cert = (X509Certificate)certs[i]; + bool found = false; + + X509Name subject = cert.SubjectDN; + foreach (X509Certificate c in certs) + { + if (c.IssuerDN.Equivalent(subject, true)) + { + found = true; + break; + } + } + + if (!found) + { + retList.Add(cert); + certs.RemoveAt(i); + } + } + + // can only have one end entity cert - something's wrong, give up. + if (retList.Count > 1) + return orig; + + for (int i = 0; i != retList.Count; i++) + { + issuer = ((X509Certificate)retList[i]).IssuerDN; + + for (int j = 0; j < certs.Count; j++) + { + X509Certificate c = (X509Certificate)certs[j]; + if (issuer.Equivalent(c.SubjectDN, true)) + { + retList.Add(c); + certs.RemoveAt(j); + break; + } + } + } + + // make sure all certificates are accounted for. + if (certs.Count > 0) + return orig; + + return retList; + } + + /** + * Creates a CertPath of the specified type. + * This constructor is protected because most users should use + * a CertificateFactory to create CertPaths. + * @param type the standard name of the type of Certificatesin this path + **/ + public PkixCertPath( + ICollection certificates) +// : base("X.509") + { + this.certificates = SortCerts(Platform.CreateArrayList(certificates)); + } + + public PkixCertPath( + Stream inStream) + : this(inStream, "PkiPath") + { + } + + /** + * Creates a CertPath of the specified type. + * This constructor is protected because most users should use + * a CertificateFactory to create CertPaths. + * + * @param type the standard name of the type of Certificatesin this path + **/ + public PkixCertPath( + Stream inStream, + string encoding) +// : base("X.509") + { + string upper = Platform.ToUpperInvariant(encoding); + + IList certs; + try + { + if (upper.Equals(Platform.ToUpperInvariant("PkiPath"))) + { + Asn1InputStream derInStream = new Asn1InputStream(inStream); + Asn1Object derObject = derInStream.ReadObject(); + if (!(derObject is Asn1Sequence)) + { + throw new CertificateException( + "input stream does not contain a ASN1 SEQUENCE while reading PkiPath encoded data to load CertPath"); + } + + certs = Platform.CreateArrayList(); + + foreach (Asn1Encodable ae in (Asn1Sequence)derObject) + { + byte[] derBytes = ae.GetEncoded(Asn1Encodable.Der); + Stream certInStream = new MemoryStream(derBytes, false); + + // TODO Is inserting at the front important (list will be sorted later anyway)? + certs.Insert(0, new X509CertificateParser().ReadCertificate(certInStream)); + } + } + else if (upper.Equals("PKCS7") || upper.Equals("PEM")) + { + certs = Platform.CreateArrayList(new X509CertificateParser().ReadCertificates(inStream)); + } + else + { + throw new CertificateException("unsupported encoding: " + encoding); + } + } + catch (IOException ex) + { + throw new CertificateException( + "IOException throw while decoding CertPath:\n" + + ex.ToString()); + } + + this.certificates = SortCerts(certs); + } + + /** + * Returns an iteration of the encodings supported by this + * certification path, with the default encoding + * first. Attempts to modify the returned Iterator via its + * remove method result in an UnsupportedOperationException. + * + * @return an Iterator over the names of the supported encodings (as Strings) + **/ + public virtual IEnumerable Encodings + { + get { return new EnumerableProxy(certPathEncodings); } + } + + /** + * Compares this certification path for equality with the specified object. + * Two CertPaths are equal if and only if their types are equal and their + * certificate Lists (and by implication the Certificates in those Lists) + * are equal. A CertPath is never equal to an object that is not a CertPath.
    + *
    + * This algorithm is implemented by this method. If it is overridden, the + * behavior specified here must be maintained. + * + * @param other + * the object to test for equality with this certification path + * + * @return true if the specified object is equal to this certification path, + * false otherwise + * + * @see Object#hashCode() Object.hashCode() + */ + public override bool Equals( + object obj) + { + if (this == obj) + return true; + + PkixCertPath other = obj as PkixCertPath; + if (other == null) + return false; + +// if (!this.Type.Equals(other.Type)) +// return false; + + //return this.Certificates.Equals(other.Certificates); + + // TODO Extract this to a utility class + IList thisCerts = this.Certificates; + IList otherCerts = other.Certificates; + + if (thisCerts.Count != otherCerts.Count) + return false; + + IEnumerator e1 = thisCerts.GetEnumerator(); + IEnumerator e2 = otherCerts.GetEnumerator(); + + while (e1.MoveNext()) + { + e2.MoveNext(); + + if (!Platform.Equals(e1.Current, e2.Current)) + return false; + } + + return true; + } + + public override int GetHashCode() + { + // FIXME? + return this.Certificates.GetHashCode(); + } + + /** + * Returns the encoded form of this certification path, using + * the default encoding. + * + * @return the encoded bytes + * @exception CertificateEncodingException if an encoding error occurs + **/ + public virtual byte[] GetEncoded() + { + foreach (object enc in Encodings) + { + if (enc is string) + { + return GetEncoded((string)enc); + } + } + return null; + } + + /** + * Returns the encoded form of this certification path, using + * the specified encoding. + * + * @param encoding the name of the encoding to use + * @return the encoded bytes + * @exception CertificateEncodingException if an encoding error + * occurs or the encoding requested is not supported + * + */ + public virtual byte[] GetEncoded( + string encoding) + { + if (Platform.EqualsIgnoreCase(encoding, "PkiPath")) + { + Asn1EncodableVector v = new Asn1EncodableVector(); + + for (int i = certificates.Count - 1; i >= 0; i--) + { + v.Add(ToAsn1Object((X509Certificate) certificates[i])); + } + + return ToDerEncoded(new DerSequence(v)); + } + else if (Platform.EqualsIgnoreCase(encoding, "PKCS7")) + { + Asn1.Pkcs.ContentInfo encInfo = new Asn1.Pkcs.ContentInfo( + PkcsObjectIdentifiers.Data, null); + + Asn1EncodableVector v = new Asn1EncodableVector(); + for (int i = 0; i != certificates.Count; i++) + { + v.Add(ToAsn1Object((X509Certificate)certificates[i])); + } + + Asn1.Pkcs.SignedData sd = new Asn1.Pkcs.SignedData( + new DerInteger(1), + new DerSet(), + encInfo, + new DerSet(v), + null, + new DerSet()); + + return ToDerEncoded(new Asn1.Pkcs.ContentInfo(PkcsObjectIdentifiers.SignedData, sd)); + } + else if (Platform.EqualsIgnoreCase(encoding, "PEM")) + { + MemoryStream bOut = new MemoryStream(); + PemWriter pWrt = new PemWriter(new StreamWriter(bOut)); + + try + { + for (int i = 0; i != certificates.Count; i++) + { + pWrt.WriteObject(certificates[i]); + } + + Platform.Dispose(pWrt.Writer); + } + catch (Exception) + { + throw new CertificateEncodingException("can't encode certificate for PEM encoded path"); + } + + return bOut.ToArray(); + } + else + { + throw new CertificateEncodingException("unsupported encoding: " + encoding); + } + } + + /// + /// Returns the list of certificates in this certification + /// path. + /// + public virtual IList Certificates + { + get { return CollectionUtilities.ReadOnly(certificates); } + } + + /** + * Return a DERObject containing the encoded certificate. + * + * @param cert the X509Certificate object to be encoded + * + * @return the DERObject + **/ + private Asn1Object ToAsn1Object( + X509Certificate cert) + { + try + { + return Asn1Object.FromByteArray(cert.GetEncoded()); + } + catch (Exception e) + { + throw new CertificateEncodingException("Exception while encoding certificate", e); + } + } + + private byte[] ToDerEncoded(Asn1Encodable obj) + { + try + { + return obj.GetEncoded(Asn1Encodable.Der); + } + catch (IOException e) + { + throw new CertificateEncodingException("Exception thrown", e); + } + } + } +} diff --git a/BouncyCastle/crypto/src/pkix/PkixCertPathBuilder.cs b/BouncyCastle/crypto/src/pkix/PkixCertPathBuilder.cs new file mode 100644 index 0000000..1bc7b8c --- /dev/null +++ b/BouncyCastle/crypto/src/pkix/PkixCertPathBuilder.cs @@ -0,0 +1,205 @@ +using System; +using System.Collections; +using System.Text; + +using Org.BouncyCastle.Asn1.IsisMtt; +using Org.BouncyCastle.Asn1; +using Org.BouncyCastle.Asn1.X509; +using Org.BouncyCastle.Asn1.X500; +using Org.BouncyCastle.Crypto; +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Math; +using Org.BouncyCastle.Security.Certificates; +using Org.BouncyCastle.Utilities; +using Org.BouncyCastle.Utilities.Collections; +using Org.BouncyCastle.X509; +using Org.BouncyCastle.X509.Store; + +namespace Org.BouncyCastle.Pkix +{ + /** + * Implements the PKIX CertPathBuilding algorithm for BouncyCastle. + * + * @see CertPathBuilderSpi + */ + public class PkixCertPathBuilder + // : CertPathBuilderSpi + { + /** + * Build and validate a CertPath using the given parameter. + * + * @param params PKIXBuilderParameters object containing all information to + * build the CertPath + */ + public virtual PkixCertPathBuilderResult Build( + PkixBuilderParameters pkixParams) + { + // search target certificates + + IX509Selector certSelect = pkixParams.GetTargetCertConstraints(); + if (!(certSelect is X509CertStoreSelector)) + { + throw new PkixCertPathBuilderException( + "TargetConstraints must be an instance of " + + typeof(X509CertStoreSelector).FullName + " for " + + Platform.GetTypeName(this) + " class."); + } + + ISet targets = new HashSet(); + try + { + targets.AddAll(PkixCertPathValidatorUtilities.FindCertificates((X509CertStoreSelector)certSelect, pkixParams.GetStores())); + // TODO Should this include an entry for pkixParams.GetAdditionalStores() too? + } + catch (Exception e) + { + throw new PkixCertPathBuilderException( + "Error finding target certificate.", e); + } + + if (targets.IsEmpty) + throw new PkixCertPathBuilderException("No certificate found matching targetConstraints."); + + PkixCertPathBuilderResult result = null; + IList certPathList = Platform.CreateArrayList(); + + // check all potential target certificates + foreach (X509Certificate cert in targets) + { + result = Build(cert, pkixParams, certPathList); + + if (result != null) + break; + } + + if (result == null && certPathException != null) + { + throw new PkixCertPathBuilderException(certPathException.Message, certPathException.InnerException); + } + + if (result == null && certPathException == null) + { + throw new PkixCertPathBuilderException("Unable to find certificate chain."); + } + + return result; + } + + private Exception certPathException; + + protected virtual PkixCertPathBuilderResult Build( + X509Certificate tbvCert, + PkixBuilderParameters pkixParams, + IList tbvPath) + { + // If tbvCert is readily present in tbvPath, it indicates having run + // into a cycle in the PKI graph. + if (tbvPath.Contains(tbvCert)) + return null; + + // step out, the certificate is not allowed to appear in a certification + // chain. + if (pkixParams.GetExcludedCerts().Contains(tbvCert)) + return null; + + // test if certificate path exceeds maximum length + if (pkixParams.MaxPathLength != -1) + { + if (tbvPath.Count - 1 > pkixParams.MaxPathLength) + return null; + } + + tbvPath.Add(tbvCert); + +// X509CertificateParser certParser = new X509CertificateParser(); + PkixCertPathBuilderResult builderResult = null; + PkixCertPathValidator validator = new PkixCertPathValidator(); + + try + { + // check whether the issuer of is a TrustAnchor + if (PkixCertPathValidatorUtilities.IsIssuerTrustAnchor(tbvCert, pkixParams.GetTrustAnchors())) + { + // exception message from possibly later tried certification + // chains + PkixCertPath certPath = null; + try + { + certPath = new PkixCertPath(tbvPath); + } + catch (Exception e) + { + throw new Exception( + "Certification path could not be constructed from certificate list.", + e); + } + + PkixCertPathValidatorResult result = null; + try + { + result = (PkixCertPathValidatorResult)validator.Validate( + certPath, pkixParams); + } + catch (Exception e) + { + throw new Exception( + "Certification path could not be validated.", e); + } + + return new PkixCertPathBuilderResult(certPath, result.TrustAnchor, + result.PolicyTree, result.SubjectPublicKey); + } + else + { + // add additional X.509 stores from locations in certificate + try + { + PkixCertPathValidatorUtilities.AddAdditionalStoresFromAltNames( + tbvCert, pkixParams); + } + catch (CertificateParsingException e) + { + throw new Exception( + "No additiontal X.509 stores can be added from certificate locations.", + e); + } + + // try to get the issuer certificate from one of the stores + HashSet issuers = new HashSet(); + try + { + issuers.AddAll(PkixCertPathValidatorUtilities.FindIssuerCerts(tbvCert, pkixParams)); + } + catch (Exception e) + { + throw new Exception( + "Cannot find issuer certificate for certificate in certification path.", + e); + } + + if (issuers.IsEmpty) + throw new Exception("No issuer certificate for certificate in certification path found."); + + foreach (X509Certificate issuer in issuers) + { + builderResult = Build(issuer, pkixParams, tbvPath); + + if (builderResult != null) + break; + } + } + } + catch (Exception e) + { + certPathException = e; + } + + if (builderResult == null) + { + tbvPath.Remove(tbvCert); + } + + return builderResult; + } + } +} diff --git a/BouncyCastle/crypto/src/pkix/PkixCertPathBuilderException.cs b/BouncyCastle/crypto/src/pkix/PkixCertPathBuilderException.cs new file mode 100644 index 0000000..0f10179 --- /dev/null +++ b/BouncyCastle/crypto/src/pkix/PkixCertPathBuilderException.cs @@ -0,0 +1,22 @@ +using System; + +using Org.BouncyCastle.Security; + +namespace Org.BouncyCastle.Pkix +{ + /// + /// Summary description for PkixCertPathBuilderException. + /// +#if !(NETCF_1_0 || NETCF_2_0 || SILVERLIGHT || PORTABLE) + [Serializable] +#endif + public class PkixCertPathBuilderException : GeneralSecurityException + { + public PkixCertPathBuilderException() : base() { } + + public PkixCertPathBuilderException(string message) : base(message) { } + + public PkixCertPathBuilderException(string message, Exception exception) : base(message, exception) { } + + } +} diff --git a/BouncyCastle/crypto/src/pkix/PkixCertPathBuilderResult.cs b/BouncyCastle/crypto/src/pkix/PkixCertPathBuilderResult.cs new file mode 100644 index 0000000..f800303 --- /dev/null +++ b/BouncyCastle/crypto/src/pkix/PkixCertPathBuilderResult.cs @@ -0,0 +1,45 @@ +using System; +using System.Text; + +using Org.BouncyCastle.Crypto; +using Org.BouncyCastle.Pkix; + +namespace Org.BouncyCastle.Pkix +{ + /// + /// Summary description for PkixCertPathBuilderResult. + /// + public class PkixCertPathBuilderResult + : PkixCertPathValidatorResult//, ICertPathBuilderResult + { + private PkixCertPath certPath; + + public PkixCertPathBuilderResult( + PkixCertPath certPath, + TrustAnchor trustAnchor, + PkixPolicyNode policyTree, + AsymmetricKeyParameter subjectPublicKey) + : base(trustAnchor, policyTree, subjectPublicKey) + { + if (certPath == null) + throw new ArgumentNullException("certPath"); + + this.certPath = certPath; + } + + public PkixCertPath CertPath + { + get { return certPath; } + } + + public override string ToString() + { + StringBuilder s = new StringBuilder(); + s.Append("SimplePKIXCertPathBuilderResult: [\n"); + s.Append(" Certification Path: ").Append(CertPath).Append('\n'); + s.Append(" Trust Anchor: ").Append(this.TrustAnchor.TrustedCert.IssuerDN.ToString()).Append('\n'); + s.Append(" Subject Public Key: ").Append(this.SubjectPublicKey).Append("\n]"); + return s.ToString(); + } + } +} diff --git a/BouncyCastle/crypto/src/pkix/PkixCertPathChecker.cs b/BouncyCastle/crypto/src/pkix/PkixCertPathChecker.cs new file mode 100644 index 0000000..da7e82b --- /dev/null +++ b/BouncyCastle/crypto/src/pkix/PkixCertPathChecker.cs @@ -0,0 +1,99 @@ +using Org.BouncyCastle.Utilities.Collections; +using Org.BouncyCastle.X509; + +namespace Org.BouncyCastle.Pkix +{ + public abstract class PkixCertPathChecker + { + protected PkixCertPathChecker() + { + } + + /** + * Initializes the internal state of this PKIXCertPathChecker. + *

    + * The forward flag specifies the order that certificates + * will be passed to the {@link #check check} method (forward or reverse). A + * PKIXCertPathChecker must support reverse checking + * and may support forward checking. + *

    + * + * @param forward + * the order that certificates are presented to the + * check method. If true, + * certificates are presented from target to most-trusted CA + * (forward); if false, from most-trusted CA to + * target (reverse). + * @exception CertPathValidatorException + * if this PKIXCertPathChecker is unable to + * check certificates in the specified order; it should never + * be thrown if the forward flag is false since reverse + * checking must be supported + */ + public abstract void Init(bool forward); + //throws CertPathValidatorException; + + /** + * Indicates if forward checking is supported. Forward checking refers to + * the ability of the PKIXCertPathChecker to perform its + * checks when certificates are presented to the check method + * in the forward direction (from target to most-trusted CA). + * + * @return true if forward checking is supported, + * false otherwise + */ + public abstract bool IsForwardCheckingSupported(); + + /** + * Returns an immutable Set of X.509 certificate extensions + * that this PKIXCertPathChecker supports (i.e. recognizes, + * is able to process), or null if no extensions are + * supported. + *

    + * Each element of the set is a String representing the + * Object Identifier (OID) of the X.509 extension that is supported. The OID + * is represented by a set of nonnegative integers separated by periods. + *

    + * All X.509 certificate extensions that a PKIXCertPathChecker + * might possibly be able to process should be included in the set. + *

    + * + * @return an immutable Set of X.509 extension OIDs (in + * String format) supported by this + * PKIXCertPathChecker, or null if no + * extensions are supported + */ + public abstract ISet GetSupportedExtensions(); + + /** + * Performs the check(s) on the specified certificate using its internal + * state and removes any critical extensions that it processes from the + * specified collection of OID strings that represent the unresolved + * critical extensions. The certificates are presented in the order + * specified by the init method. + * + * @param cert + * the Certificate to be checked + * @param unresolvedCritExts + * a Collection of OID strings representing the + * current set of unresolved critical extensions + * @exception CertPathValidatorException + * if the specified certificate does not pass the check + */ + public abstract void Check(X509Certificate cert, ISet unresolvedCritExts); + //throws CertPathValidatorException; + + /** + * Returns a clone of this object. Calls the Object.clone() + * method. All subclasses which maintain state must support and override + * this method, if necessary. + * + * @return a copy of this PKIXCertPathChecker + */ + public virtual object Clone() + { + // TODO Check this + return base.MemberwiseClone(); + } + } +} diff --git a/BouncyCastle/crypto/src/pkix/PkixCertPathValidator.cs b/BouncyCastle/crypto/src/pkix/PkixCertPathValidator.cs new file mode 100644 index 0000000..64039f9 --- /dev/null +++ b/BouncyCastle/crypto/src/pkix/PkixCertPathValidator.cs @@ -0,0 +1,448 @@ +using System; +using System.Collections; +using Org.BouncyCastle.Asn1; +using Org.BouncyCastle.Asn1.X509; +using Org.BouncyCastle.Crypto; +using Org.BouncyCastle.Security.Certificates; +using Org.BouncyCastle.Utilities; +using Org.BouncyCastle.Utilities.Collections; +using Org.BouncyCastle.X509; +using Org.BouncyCastle.X509.Store; + +namespace Org.BouncyCastle.Pkix +{ + /** + * The Service Provider Interface (SPI) + * for the {@link CertPathValidator CertPathValidator} class. All + * CertPathValidator implementations must include a class (the + * SPI class) that extends this class (CertPathValidatorSpi) + * and implements all of its methods. In general, instances of this class + * should only be accessed through the CertPathValidator class. + * For details, see the Java Cryptography Architecture.
    + *
    + * Concurrent Access
    + *
    + * Instances of this class need not be protected against concurrent + * access from multiple threads. Threads that need to access a single + * CertPathValidatorSpi instance concurrently should synchronize + * amongst themselves and provide the necessary locking before calling the + * wrapping CertPathValidator object.
    + *
    + * However, implementations of CertPathValidatorSpi may still + * encounter concurrency issues, since multiple threads each + * manipulating a different CertPathValidatorSpi instance need not + * synchronize. + */ + /// + /// CertPathValidatorSpi implementation for X.509 Certificate validation a la RFC + /// 3280. + /// + public class PkixCertPathValidator + { + public virtual PkixCertPathValidatorResult Validate( + PkixCertPath certPath, + PkixParameters paramsPkix) + { + if (paramsPkix.GetTrustAnchors() == null) + { + throw new ArgumentException( + "trustAnchors is null, this is not allowed for certification path validation.", + "parameters"); + } + + // + // 6.1.1 - inputs + // + + // + // (a) + // + IList certs = certPath.Certificates; + int n = certs.Count; + + if (certs.Count == 0) + throw new PkixCertPathValidatorException("Certification path is empty.", null, certPath, 0); + + // + // (b) + // + // DateTime validDate = PkixCertPathValidatorUtilities.GetValidDate(paramsPkix); + + // + // (c) + // + ISet userInitialPolicySet = paramsPkix.GetInitialPolicies(); + + // + // (d) + // + TrustAnchor trust; + try + { + trust = PkixCertPathValidatorUtilities.FindTrustAnchor( + (X509Certificate)certs[certs.Count - 1], + paramsPkix.GetTrustAnchors()); + + if (trust == null) + throw new PkixCertPathValidatorException("Trust anchor for certification path not found.", null, certPath, -1); + + CheckCertificate(trust.TrustedCert); + } + catch (Exception e) + { + throw new PkixCertPathValidatorException(e.Message, e.InnerException, certPath, certs.Count - 1); + } + + // + // (e), (f), (g) are part of the paramsPkix object. + // + IEnumerator certIter; + int index = 0; + int i; + // Certificate for each interation of the validation loop + // Signature information for each iteration of the validation loop + // + // 6.1.2 - setup + // + + // + // (a) + // + IList[] policyNodes = new IList[n + 1]; + for (int j = 0; j < policyNodes.Length; j++) + { + policyNodes[j] = Platform.CreateArrayList(); + } + + ISet policySet = new HashSet(); + + policySet.Add(Rfc3280CertPathUtilities.ANY_POLICY); + + PkixPolicyNode validPolicyTree = new PkixPolicyNode(Platform.CreateArrayList(), 0, policySet, null, new HashSet(), + Rfc3280CertPathUtilities.ANY_POLICY, false); + + policyNodes[0].Add(validPolicyTree); + + // + // (b) and (c) + // + PkixNameConstraintValidator nameConstraintValidator = new PkixNameConstraintValidator(); + + // (d) + // + int explicitPolicy; + ISet acceptablePolicies = new HashSet(); + + if (paramsPkix.IsExplicitPolicyRequired) + { + explicitPolicy = 0; + } + else + { + explicitPolicy = n + 1; + } + + // + // (e) + // + int inhibitAnyPolicy; + + if (paramsPkix.IsAnyPolicyInhibited) + { + inhibitAnyPolicy = 0; + } + else + { + inhibitAnyPolicy = n + 1; + } + + // + // (f) + // + int policyMapping; + + if (paramsPkix.IsPolicyMappingInhibited) + { + policyMapping = 0; + } + else + { + policyMapping = n + 1; + } + + // + // (g), (h), (i), (j) + // + AsymmetricKeyParameter workingPublicKey; + X509Name workingIssuerName; + + X509Certificate sign = trust.TrustedCert; + try + { + if (sign != null) + { + workingIssuerName = sign.SubjectDN; + workingPublicKey = sign.GetPublicKey(); + } + else + { + workingIssuerName = new X509Name(trust.CAName); + workingPublicKey = trust.CAPublicKey; + } + } + catch (ArgumentException ex) + { + throw new PkixCertPathValidatorException("Subject of trust anchor could not be (re)encoded.", ex, certPath, + -1); + } + + AlgorithmIdentifier workingAlgId = null; + try + { + workingAlgId = PkixCertPathValidatorUtilities.GetAlgorithmIdentifier(workingPublicKey); + } + catch (PkixCertPathValidatorException e) + { + throw new PkixCertPathValidatorException( + "Algorithm identifier of public key of trust anchor could not be read.", e, certPath, -1); + } + +// DerObjectIdentifier workingPublicKeyAlgorithm = workingAlgId.Algorithm; +// Asn1Encodable workingPublicKeyParameters = workingAlgId.Parameters; + + // + // (k) + // + int maxPathLength = n; + + // + // 6.1.3 + // + + X509CertStoreSelector certConstraints = paramsPkix.GetTargetCertConstraints(); + if (certConstraints != null && !certConstraints.Match((X509Certificate)certs[0])) + { + throw new PkixCertPathValidatorException( + "Target certificate in certification path does not match targetConstraints.", null, certPath, 0); + } + + // + // initialize CertPathChecker's + // + IList pathCheckers = paramsPkix.GetCertPathCheckers(); + certIter = pathCheckers.GetEnumerator(); + + while (certIter.MoveNext()) + { + ((PkixCertPathChecker)certIter.Current).Init(false); + } + + X509Certificate cert = null; + + for (index = certs.Count - 1; index >= 0; index--) + { + // try + // { + // + // i as defined in the algorithm description + // + i = n - index; + + // + // set certificate to be checked in this round + // sign and workingPublicKey and workingIssuerName are set + // at the end of the for loop and initialized the + // first time from the TrustAnchor + // + cert = (X509Certificate)certs[index]; + + try + { + CheckCertificate(cert); + } + catch (Exception e) + { + throw new PkixCertPathValidatorException(e.Message, e.InnerException, certPath, index); + } + + // + // 6.1.3 + // + + Rfc3280CertPathUtilities.ProcessCertA(certPath, paramsPkix, index, workingPublicKey, + workingIssuerName, sign); + + Rfc3280CertPathUtilities.ProcessCertBC(certPath, index, nameConstraintValidator); + + validPolicyTree = Rfc3280CertPathUtilities.ProcessCertD(certPath, index, + acceptablePolicies, validPolicyTree, policyNodes, inhibitAnyPolicy); + + validPolicyTree = Rfc3280CertPathUtilities.ProcessCertE(certPath, index, validPolicyTree); + + Rfc3280CertPathUtilities.ProcessCertF(certPath, index, validPolicyTree, explicitPolicy); + + // + // 6.1.4 + // + + if (i != n) + { + if (cert != null && cert.Version == 1) + { + // we've found the trust anchor at the top of the path, ignore and keep going + if ((i == 1) && cert.Equals(trust.TrustedCert)) + continue; + + throw new PkixCertPathValidatorException( + "Version 1 certificates can't be used as CA ones.", null, certPath, index); + } + + Rfc3280CertPathUtilities.PrepareNextCertA(certPath, index); + + validPolicyTree = Rfc3280CertPathUtilities.PrepareCertB(certPath, index, policyNodes, + validPolicyTree, policyMapping); + + Rfc3280CertPathUtilities.PrepareNextCertG(certPath, index, nameConstraintValidator); + + // (h) + explicitPolicy = Rfc3280CertPathUtilities.PrepareNextCertH1(certPath, index, explicitPolicy); + policyMapping = Rfc3280CertPathUtilities.PrepareNextCertH2(certPath, index, policyMapping); + inhibitAnyPolicy = Rfc3280CertPathUtilities.PrepareNextCertH3(certPath, index, inhibitAnyPolicy); + + // + // (i) + // + explicitPolicy = Rfc3280CertPathUtilities.PrepareNextCertI1(certPath, index, explicitPolicy); + policyMapping = Rfc3280CertPathUtilities.PrepareNextCertI2(certPath, index, policyMapping); + + // (j) + inhibitAnyPolicy = Rfc3280CertPathUtilities.PrepareNextCertJ(certPath, index, inhibitAnyPolicy); + + // (k) + Rfc3280CertPathUtilities.PrepareNextCertK(certPath, index); + + // (l) + maxPathLength = Rfc3280CertPathUtilities.PrepareNextCertL(certPath, index, maxPathLength); + + // (m) + maxPathLength = Rfc3280CertPathUtilities.PrepareNextCertM(certPath, index, maxPathLength); + + // (n) + Rfc3280CertPathUtilities.PrepareNextCertN(certPath, index); + + ISet criticalExtensions1 = cert.GetCriticalExtensionOids(); + + if (criticalExtensions1 != null) + { + criticalExtensions1 = new HashSet(criticalExtensions1); + + // these extensions are handled by the algorithm + criticalExtensions1.Remove(X509Extensions.KeyUsage.Id); + criticalExtensions1.Remove(X509Extensions.CertificatePolicies.Id); + criticalExtensions1.Remove(X509Extensions.PolicyMappings.Id); + criticalExtensions1.Remove(X509Extensions.InhibitAnyPolicy.Id); + criticalExtensions1.Remove(X509Extensions.IssuingDistributionPoint.Id); + criticalExtensions1.Remove(X509Extensions.DeltaCrlIndicator.Id); + criticalExtensions1.Remove(X509Extensions.PolicyConstraints.Id); + criticalExtensions1.Remove(X509Extensions.BasicConstraints.Id); + criticalExtensions1.Remove(X509Extensions.SubjectAlternativeName.Id); + criticalExtensions1.Remove(X509Extensions.NameConstraints.Id); + } + else + { + criticalExtensions1 = new HashSet(); + } + + // (o) + Rfc3280CertPathUtilities.PrepareNextCertO(certPath, index, criticalExtensions1, pathCheckers); + + // set signing certificate for next round + sign = cert; + + // (c) + workingIssuerName = sign.SubjectDN; + + // (d) + try + { + workingPublicKey = PkixCertPathValidatorUtilities.GetNextWorkingKey(certPath.Certificates, index); + } + catch (PkixCertPathValidatorException e) + { + throw new PkixCertPathValidatorException("Next working key could not be retrieved.", e, certPath, index); + } + + workingAlgId = PkixCertPathValidatorUtilities.GetAlgorithmIdentifier(workingPublicKey); + // (f) +// workingPublicKeyAlgorithm = workingAlgId.Algorithm; + // (e) +// workingPublicKeyParameters = workingAlgId.Parameters; + } + } + + // + // 6.1.5 Wrap-up procedure + // + + explicitPolicy = Rfc3280CertPathUtilities.WrapupCertA(explicitPolicy, cert); + + explicitPolicy = Rfc3280CertPathUtilities.WrapupCertB(certPath, index + 1, explicitPolicy); + + // + // (c) (d) and (e) are already done + // + + // + // (f) + // + ISet criticalExtensions = cert.GetCriticalExtensionOids(); + + if (criticalExtensions != null) + { + criticalExtensions = new HashSet(criticalExtensions); + + // Requires .Id + // these extensions are handled by the algorithm + criticalExtensions.Remove(X509Extensions.KeyUsage.Id); + criticalExtensions.Remove(X509Extensions.CertificatePolicies.Id); + criticalExtensions.Remove(X509Extensions.PolicyMappings.Id); + criticalExtensions.Remove(X509Extensions.InhibitAnyPolicy.Id); + criticalExtensions.Remove(X509Extensions.IssuingDistributionPoint.Id); + criticalExtensions.Remove(X509Extensions.DeltaCrlIndicator.Id); + criticalExtensions.Remove(X509Extensions.PolicyConstraints.Id); + criticalExtensions.Remove(X509Extensions.BasicConstraints.Id); + criticalExtensions.Remove(X509Extensions.SubjectAlternativeName.Id); + criticalExtensions.Remove(X509Extensions.NameConstraints.Id); + criticalExtensions.Remove(X509Extensions.CrlDistributionPoints.Id); + } + else + { + criticalExtensions = new HashSet(); + } + + Rfc3280CertPathUtilities.WrapupCertF(certPath, index + 1, pathCheckers, criticalExtensions); + + PkixPolicyNode intersection = Rfc3280CertPathUtilities.WrapupCertG(certPath, paramsPkix, userInitialPolicySet, + index + 1, policyNodes, validPolicyTree, acceptablePolicies); + + if ((explicitPolicy > 0) || (intersection != null)) + { + return new PkixCertPathValidatorResult(trust, intersection, cert.GetPublicKey()); + } + + throw new PkixCertPathValidatorException("Path processing failed on policy.", null, certPath, index); + } + + internal static void CheckCertificate(X509Certificate cert) + { + try + { + TbsCertificateStructure.GetInstance(cert.CertificateStructure.TbsCertificate); + } + catch (CertificateEncodingException e) + { + throw new Exception("unable to process TBSCertificate", e); + } + } + } +} diff --git a/BouncyCastle/crypto/src/pkix/PkixCertPathValidatorException.cs b/BouncyCastle/crypto/src/pkix/PkixCertPathValidatorException.cs new file mode 100644 index 0000000..a477f7d --- /dev/null +++ b/BouncyCastle/crypto/src/pkix/PkixCertPathValidatorException.cs @@ -0,0 +1,221 @@ +using System; +using Org.BouncyCastle.Security; + +namespace Org.BouncyCastle.Pkix +{ + /** + * An exception indicating one of a variety of problems encountered when + * validating a certification path.
    + *
    + * A CertPathValidatorException provides support for wrapping + * exceptions. The {@link #getCause getCause} method returns the throwable, + * if any, that caused this exception to be thrown.
    + *
    + * A CertPathValidatorException may also include the + * certification path that was being validated when the exception was thrown + * and the index of the certificate in the certification path that caused the + * exception to be thrown. Use the {@link #getCertPath getCertPath} and + * {@link #getIndex getIndex} methods to retrieve this information.
    + *
    + * Concurrent Access
    + *
    + * Unless otherwise specified, the methods defined in this class are not + * thread-safe. Multiple threads that need to access a single + * object concurrently should synchronize amongst themselves and + * provide the necessary locking. Multiple threads each manipulating + * separate objects need not synchronize. + * + * @see CertPathValidator + **/ +#if !(NETCF_1_0 || NETCF_2_0 || SILVERLIGHT || PORTABLE) + [Serializable] +#endif + public class PkixCertPathValidatorException + : GeneralSecurityException + { + private Exception cause; + private PkixCertPath certPath; + private int index = -1; + + public PkixCertPathValidatorException() : base() { } + + /// + /// Creates a PkixCertPathValidatorException with the given detail + /// message. A detail message is a String that describes this + /// particular exception. + /// + /// the detail message + public PkixCertPathValidatorException(string message) : base(message) { } + + /// + /// Creates a PkixCertPathValidatorException with the specified + /// detail message and cause. + /// + /// the detail message + /// the cause (which is saved for later retrieval by the + /// {@link #getCause getCause()} method). (A null + /// value is permitted, and indicates that the cause is + /// nonexistent or unknown.) + public PkixCertPathValidatorException(string message, Exception cause) : base(message) + { + this.cause = cause; + } + + /// + /// Creates a PkixCertPathValidatorException with the specified + /// detail message, cause, certification path, and index. + /// + /// the detail message (or null if none) + /// the cause (or null if none) + /// the certification path that was in the process of being + /// validated when the error was encountered + /// the index of the certificate in the certification path that * + public PkixCertPathValidatorException( + string message, + Exception cause, + PkixCertPath certPath, + int index) + : base(message) + { + if (certPath == null && index != -1) + { + throw new ArgumentNullException( + "certPath = null and index != -1"); + } + if (index < -1 + || (certPath != null && index >= certPath.Certificates.Count)) + { + throw new IndexOutOfRangeException( + " index < -1 or out of bound of certPath.getCertificates()"); + } + + this.cause = cause; + this.certPath = certPath; + this.index = index; + } + + // + // Prints a stack trace to a PrintWriter, including the + // backtrace of the cause, if any. + // + // @param pw + // the PrintWriter to use for output + // + // public void printStackTrace(PrintWriter pw) + // { + // super.printStackTrace(pw); + // if (getCause() != null) + // { + // getCause().printStackTrace(pw); + // } + // } + //} + + + // /** + // * Creates a CertPathValidatorException that wraps the + // * specified throwable. This allows any exception to be converted into a + // * CertPathValidatorException, while retaining information + // * about the wrapped exception, which may be useful for debugging. The + // * detail message is set to (cause==null ? null : cause.toString() + // * ) + // * (which typically contains the class and detail message of cause). + // * + // * @param cause + // * the cause (which is saved for later retrieval by the + // * {@link #getCause getCause()} method). (A null + // * value is permitted, and indicates that the cause is + // * nonexistent or unknown.) + // */ + // public PkixCertPathValidatorException(Throwable cause) + // { + // this.cause = cause; + // } + // + + /// + /// Returns the detail message for this CertPathValidatorException. + /// + /// the detail message, or null if neither the message nor cause were specified + public override string Message + { + get + { + string message = base.Message; + + if (message != null) + { + return message; + } + + if (cause != null) + { + return cause.Message; + } + + return null; + } + } + + /** + * Returns the certification path that was being validated when the + * exception was thrown. + * + * @return the CertPath that was being validated when the + * exception was thrown (or null if not specified) + */ + public PkixCertPath CertPath + { + get { return certPath; } + } + + /** + * Returns the index of the certificate in the certification path that + * caused the exception to be thrown. Note that the list of certificates in + * a CertPath is zero based. If no index has been set, -1 is + * returned. + * + * @return the index that has been set, or -1 if none has been set + */ + public int Index + { + get { return index; } + } + +// /** +// * Returns the cause of this CertPathValidatorException or +// * null if the cause is nonexistent or unknown. +// * +// * @return the cause of this throwable or null if the cause +// * is nonexistent or unknown. +// */ +// public Throwable getCause() +// { +// return cause; +// } +// +// /** +// * Returns a string describing this exception, including a description of +// * the internal (wrapped) cause if there is one. +// * +// * @return a string representation of this +// * CertPathValidatorException +// */ +// public String toString() +// { +// StringBuffer sb = new StringBuffer(); +// String s = getMessage(); +// if (s != null) +// { +// sb.append(s); +// } +// if (getIndex() >= 0) +// { +// sb.append("index in certpath: ").append(getIndex()).append('\n'); +// sb.append(getCertPath()); +// } +// return sb.toString(); +// } + + } +} diff --git a/BouncyCastle/crypto/src/pkix/PkixCertPathValidatorResult.cs b/BouncyCastle/crypto/src/pkix/PkixCertPathValidatorResult.cs new file mode 100644 index 0000000..c7d81c7 --- /dev/null +++ b/BouncyCastle/crypto/src/pkix/PkixCertPathValidatorResult.cs @@ -0,0 +1,69 @@ +using System; +using System.Text; + +using Org.BouncyCastle.Crypto; +using Org.BouncyCastle.Security; + +namespace Org.BouncyCastle.Pkix +{ + /// + /// Summary description for PkixCertPathValidatorResult. + /// + public class PkixCertPathValidatorResult + //: ICertPathValidatorResult + { + private TrustAnchor trustAnchor; + private PkixPolicyNode policyTree; + private AsymmetricKeyParameter subjectPublicKey; + + public PkixPolicyNode PolicyTree + { + get { return this.policyTree; } + } + + public TrustAnchor TrustAnchor + { + get { return this.trustAnchor; } + } + + public AsymmetricKeyParameter SubjectPublicKey + { + get { return this.subjectPublicKey; } + } + + public PkixCertPathValidatorResult( + TrustAnchor trustAnchor, + PkixPolicyNode policyTree, + AsymmetricKeyParameter subjectPublicKey) + { + if (subjectPublicKey == null) + { + throw new NullReferenceException("subjectPublicKey must be non-null"); + } + if (trustAnchor == null) + { + throw new NullReferenceException("trustAnchor must be non-null"); + } + + this.trustAnchor = trustAnchor; + this.policyTree = policyTree; + this.subjectPublicKey = subjectPublicKey; + } + + public object Clone() + { + return new PkixCertPathValidatorResult(this.TrustAnchor, this.PolicyTree, this.SubjectPublicKey); + } + + public override String ToString() + { + StringBuilder sB = new StringBuilder(); + sB.Append("PKIXCertPathValidatorResult: [ \n"); + sB.Append(" Trust Anchor: ").Append(this.TrustAnchor).Append('\n'); + sB.Append(" Policy Tree: ").Append(this.PolicyTree).Append('\n'); + sB.Append(" Subject Public Key: ").Append(this.SubjectPublicKey).Append("\n]"); + return sB.ToString(); + } + + } +} diff --git a/BouncyCastle/crypto/src/pkix/PkixCertPathValidatorUtilities.cs b/BouncyCastle/crypto/src/pkix/PkixCertPathValidatorUtilities.cs new file mode 100644 index 0000000..57dfcd6 --- /dev/null +++ b/BouncyCastle/crypto/src/pkix/PkixCertPathValidatorUtilities.cs @@ -0,0 +1,1212 @@ +using System; +using System.Collections; +using System.IO; +using System.Text; + +using Org.BouncyCastle.Asn1; +using Org.BouncyCastle.Asn1.IsisMtt; +using Org.BouncyCastle.Asn1.X509; +using Org.BouncyCastle.Crypto; +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Math; +using Org.BouncyCastle.Security; +using Org.BouncyCastle.Utilities; +using Org.BouncyCastle.Utilities.Collections; +using Org.BouncyCastle.Utilities.Date; +using Org.BouncyCastle.X509; +using Org.BouncyCastle.X509.Extension; +using Org.BouncyCastle.X509.Store; + +namespace Org.BouncyCastle.Pkix +{ + /// + /// Summary description for PkixCertPathValidatorUtilities. + /// + public class PkixCertPathValidatorUtilities + { + private static readonly PkixCrlUtilities CrlUtilities = new PkixCrlUtilities(); + + internal static readonly string ANY_POLICY = "2.5.29.32.0"; + + internal static readonly string CRL_NUMBER = X509Extensions.CrlNumber.Id; + + /// + /// key usage bits + /// + internal static readonly int KEY_CERT_SIGN = 5; + internal static readonly int CRL_SIGN = 6; + + internal static readonly string[] crlReasons = new string[] + { + "unspecified", + "keyCompromise", + "cACompromise", + "affiliationChanged", + "superseded", + "cessationOfOperation", + "certificateHold", + "unknown", + "removeFromCRL", + "privilegeWithdrawn", + "aACompromise" + }; + + /// + /// Search the given Set of TrustAnchor's for one that is the + /// issuer of the given X509 certificate. + /// + /// the X509 certificate + /// a Set of TrustAnchor's + /// the TrustAnchor object if found or + /// null if not. + /// + /// @exception + internal static TrustAnchor FindTrustAnchor( + X509Certificate cert, + ISet trustAnchors) + { + IEnumerator iter = trustAnchors.GetEnumerator(); + TrustAnchor trust = null; + AsymmetricKeyParameter trustPublicKey = null; + Exception invalidKeyEx = null; + + X509CertStoreSelector certSelectX509 = new X509CertStoreSelector(); + + try + { + certSelectX509.Subject = GetIssuerPrincipal(cert); + } + catch (IOException ex) + { + throw new Exception("Cannot set subject search criteria for trust anchor.", ex); + } + + while (iter.MoveNext() && trust == null) + { + trust = (TrustAnchor) iter.Current; + if (trust.TrustedCert != null) + { + if (certSelectX509.Match(trust.TrustedCert)) + { + trustPublicKey = trust.TrustedCert.GetPublicKey(); + } + else + { + trust = null; + } + } + else if (trust.CAName != null && trust.CAPublicKey != null) + { + try + { + X509Name certIssuer = GetIssuerPrincipal(cert); + X509Name caName = new X509Name(trust.CAName); + + if (certIssuer.Equivalent(caName, true)) + { + trustPublicKey = trust.CAPublicKey; + } + else + { + trust = null; + } + } + catch (InvalidParameterException) + { + trust = null; + } + } + else + { + trust = null; + } + + if (trustPublicKey != null) + { + try + { + cert.Verify(trustPublicKey); + } + catch (Exception ex) + { + invalidKeyEx = ex; + trust = null; + } + } + } + + if (trust == null && invalidKeyEx != null) + { + throw new Exception("TrustAnchor found but certificate validation failed.", invalidKeyEx); + } + + return trust; + } + + internal static bool IsIssuerTrustAnchor( + X509Certificate cert, + ISet trustAnchors) + { + try + { + return FindTrustAnchor(cert, trustAnchors) != null; + } + catch (Exception) + { + return false; + } + } + + internal static void AddAdditionalStoresFromAltNames( + X509Certificate cert, + PkixParameters pkixParams) + { + // if in the IssuerAltName extension an URI + // is given, add an additinal X.509 store + if (cert.GetIssuerAlternativeNames() != null) + { + IEnumerator it = cert.GetIssuerAlternativeNames().GetEnumerator(); + while (it.MoveNext()) + { + // look for URI + IList list = (IList)it.Current; + //if (list[0].Equals(new Integer(GeneralName.UniformResourceIdentifier))) + if (list[0].Equals(GeneralName.UniformResourceIdentifier)) + { + // found + string temp = (string)list[1]; + PkixCertPathValidatorUtilities.AddAdditionalStoreFromLocation(temp, pkixParams); + } + } + } + } + + internal static DateTime GetValidDate(PkixParameters paramsPKIX) + { + DateTimeObject validDate = paramsPKIX.Date; + + if (validDate == null) + return DateTime.UtcNow; + + return validDate.Value; + } + + /// + /// Returns the issuer of an attribute certificate or certificate. + /// + /// The attribute certificate or certificate. + /// The issuer as X500Principal. + internal static X509Name GetIssuerPrincipal( + object cert) + { + if (cert is X509Certificate) + { + return ((X509Certificate)cert).IssuerDN; + } + else + { + return ((IX509AttributeCertificate)cert).Issuer.GetPrincipals()[0]; + } + } + + internal static bool IsSelfIssued( + X509Certificate cert) + { + return cert.SubjectDN.Equivalent(cert.IssuerDN, true); + } + + internal static AlgorithmIdentifier GetAlgorithmIdentifier( + AsymmetricKeyParameter key) + { + try + { + SubjectPublicKeyInfo info = SubjectPublicKeyInfoFactory.CreateSubjectPublicKeyInfo(key); + + return info.AlgorithmID; + } + catch (Exception e) + { + throw new PkixCertPathValidatorException("Subject public key cannot be decoded.", e); + } + } + + internal static bool IsAnyPolicy( + ISet policySet) + { + return policySet == null || policySet.Contains(ANY_POLICY) || policySet.Count == 0; + } + + internal static void AddAdditionalStoreFromLocation( + string location, + PkixParameters pkixParams) + { + if (pkixParams.IsAdditionalLocationsEnabled) + { + try + { + if (Platform.StartsWith(location, "ldap://")) + { + // ldap://directory.d-trust.net/CN=D-TRUST + // Qualified CA 2003 1:PN,O=D-Trust GmbH,C=DE + // skip "ldap://" + location = location.Substring(7); + // after first / baseDN starts + string url;//, baseDN; + int slashPos = location.IndexOf('/'); + if (slashPos != -1) + { + url = "ldap://" + location.Substring(0, slashPos); +// baseDN = location.Substring(slashPos); + } + else + { + url = "ldap://" + location; +// baseDN = nsull; + } + + throw Platform.CreateNotImplementedException("LDAP cert/CRL stores"); + + // use all purpose parameters + //X509LDAPCertStoreParameters ldapParams = new X509LDAPCertStoreParameters.Builder( + // url, baseDN).build(); + //pkixParams.AddAdditionalStore(X509Store.getInstance( + // "CERTIFICATE/LDAP", ldapParams)); + //pkixParams.AddAdditionalStore(X509Store.getInstance( + // "CRL/LDAP", ldapParams)); + //pkixParams.AddAdditionalStore(X509Store.getInstance( + // "ATTRIBUTECERTIFICATE/LDAP", ldapParams)); + //pkixParams.AddAdditionalStore(X509Store.getInstance( + // "CERTIFICATEPAIR/LDAP", ldapParams)); + } + } + catch (Exception) + { + // cannot happen + throw new Exception("Exception adding X.509 stores."); + } + } + } + + private static BigInteger GetSerialNumber( + object cert) + { + if (cert is X509Certificate) + { + return ((X509Certificate)cert).SerialNumber; + } + else + { + return ((X509V2AttributeCertificate)cert).SerialNumber; + } + } + + // + // policy checking + // + + internal static ISet GetQualifierSet(Asn1Sequence qualifiers) + { + ISet pq = new HashSet(); + + if (qualifiers == null) + { + return pq; + } + + foreach (Asn1Encodable ae in qualifiers) + { + try + { +// pq.Add(PolicyQualifierInfo.GetInstance(Asn1Object.FromByteArray(ae.GetEncoded()))); + pq.Add(PolicyQualifierInfo.GetInstance(ae.ToAsn1Object())); + } + catch (IOException ex) + { + throw new PkixCertPathValidatorException("Policy qualifier info cannot be decoded.", ex); + } + } + + return pq; + } + + internal static PkixPolicyNode RemovePolicyNode( + PkixPolicyNode validPolicyTree, + IList[] policyNodes, + PkixPolicyNode _node) + { + PkixPolicyNode _parent = (PkixPolicyNode)_node.Parent; + + if (validPolicyTree == null) + { + return null; + } + + if (_parent == null) + { + for (int j = 0; j < policyNodes.Length; j++) + { + policyNodes[j] = Platform.CreateArrayList(); + } + + return null; + } + else + { + _parent.RemoveChild(_node); + RemovePolicyNodeRecurse(policyNodes, _node); + + return validPolicyTree; + } + } + + private static void RemovePolicyNodeRecurse(IList[] policyNodes, PkixPolicyNode _node) + { + policyNodes[_node.Depth].Remove(_node); + + if (_node.HasChildren) + { + foreach (PkixPolicyNode _child in _node.Children) + { + RemovePolicyNodeRecurse(policyNodes, _child); + } + } + } + + internal static void PrepareNextCertB1( + int i, + IList[] policyNodes, + string id_p, + IDictionary m_idp, + X509Certificate cert) + { + bool idp_found = false; + IEnumerator nodes_i = policyNodes[i].GetEnumerator(); + while (nodes_i.MoveNext()) + { + PkixPolicyNode node = (PkixPolicyNode)nodes_i.Current; + if (node.ValidPolicy.Equals(id_p)) + { + idp_found = true; + node.ExpectedPolicies = (ISet)m_idp[id_p]; + break; + } + } + + if (!idp_found) + { + nodes_i = policyNodes[i].GetEnumerator(); + while (nodes_i.MoveNext()) + { + PkixPolicyNode node = (PkixPolicyNode)nodes_i.Current; + if (ANY_POLICY.Equals(node.ValidPolicy)) + { + ISet pq = null; + Asn1Sequence policies = null; + try + { + policies = DerSequence.GetInstance(GetExtensionValue(cert, X509Extensions.CertificatePolicies)); + } + catch (Exception e) + { + throw new Exception("Certificate policies cannot be decoded.", e); + } + + IEnumerator enm = policies.GetEnumerator(); + while (enm.MoveNext()) + { + PolicyInformation pinfo = null; + + try + { + pinfo = PolicyInformation.GetInstance(enm.Current); + } + catch (Exception ex) + { + throw new Exception("Policy information cannot be decoded.", ex); + } + + if (ANY_POLICY.Equals(pinfo.PolicyIdentifier.Id)) + { + try + { + pq = GetQualifierSet(pinfo.PolicyQualifiers); + } + catch (PkixCertPathValidatorException ex) + { + throw new PkixCertPathValidatorException( + "Policy qualifier info set could not be built.", ex); + } + break; + } + } + bool ci = false; + ISet critExtOids = cert.GetCriticalExtensionOids(); + if (critExtOids != null) + { + ci = critExtOids.Contains(X509Extensions.CertificatePolicies.Id); + } + + PkixPolicyNode p_node = (PkixPolicyNode)node.Parent; + if (ANY_POLICY.Equals(p_node.ValidPolicy)) + { + PkixPolicyNode c_node = new PkixPolicyNode( + Platform.CreateArrayList(), i, + (ISet)m_idp[id_p], + p_node, pq, id_p, ci); + p_node.AddChild(c_node); + policyNodes[i].Add(c_node); + } + break; + } + } + } + } + + internal static PkixPolicyNode PrepareNextCertB2( + int i, + IList[] policyNodes, + string id_p, + PkixPolicyNode validPolicyTree) + { + int pos = 0; + + // Copy to avoid RemoveAt calls interfering with enumeration + foreach (PkixPolicyNode node in Platform.CreateArrayList(policyNodes[i])) + { + if (node.ValidPolicy.Equals(id_p)) + { + PkixPolicyNode p_node = (PkixPolicyNode)node.Parent; + p_node.RemoveChild(node); + + // Removal of element at current iterator position not supported in C# + //nodes_i.remove(); + policyNodes[i].RemoveAt(pos); + + for (int k = (i - 1); k >= 0; k--) + { + IList nodes = policyNodes[k]; + for (int l = 0; l < nodes.Count; l++) + { + PkixPolicyNode node2 = (PkixPolicyNode)nodes[l]; + if (!node2.HasChildren) + { + validPolicyTree = RemovePolicyNode(validPolicyTree, policyNodes, node2); + if (validPolicyTree == null) + break; + } + } + } + } + else + { + ++pos; + } + } + return validPolicyTree; + } + + internal static void GetCertStatus( + DateTime validDate, + X509Crl crl, + Object cert, + CertStatus certStatus) + { + X509Crl bcCRL = null; + + try + { + bcCRL = new X509Crl(CertificateList.GetInstance((Asn1Sequence)Asn1Sequence.FromByteArray(crl.GetEncoded()))); + } + catch (Exception exception) + { + throw new Exception("Bouncy Castle X509Crl could not be created.", exception); + } + + X509CrlEntry crl_entry = (X509CrlEntry)bcCRL.GetRevokedCertificate(GetSerialNumber(cert)); + + if (crl_entry == null) + return; + + X509Name issuer = GetIssuerPrincipal(cert); + + if (!issuer.Equivalent(crl_entry.GetCertificateIssuer(), true) + && !issuer.Equivalent(crl.IssuerDN, true)) + { + return; + } + + int reasonCodeValue = CrlReason.Unspecified; + + if (crl_entry.HasExtensions) + { + try + { + Asn1Object extValue = GetExtensionValue(crl_entry, X509Extensions.ReasonCode); + DerEnumerated reasonCode = DerEnumerated.GetInstance(extValue); + if (null != reasonCode) + { + reasonCodeValue = reasonCode.IntValueExact; + } + } + catch (Exception e) + { + throw new Exception("Reason code CRL entry extension could not be decoded.", e); + } + } + + DateTime revocationDate = crl_entry.RevocationDate; + if (validDate.Ticks < revocationDate.Ticks) + { + switch (reasonCodeValue) + { + case CrlReason.Unspecified: + case CrlReason.KeyCompromise: + case CrlReason.CACompromise: + case CrlReason.AACompromise: + break; + default: + return; + } + } + + // (i) or (j) + certStatus.Status = reasonCodeValue; + certStatus.RevocationDate = new DateTimeObject(revocationDate); + } + + /** + * Return the next working key inheriting DSA parameters if necessary. + *

    + * This methods inherits DSA parameters from the indexed certificate or + * previous certificates in the certificate chain to the returned + * PublicKey. The list is searched upwards, meaning the end + * certificate is at position 0 and previous certificates are following. + *

    + *

    + * If the indexed certificate does not contain a DSA key this method simply + * returns the public key. If the DSA key already contains DSA parameters + * the key is also only returned. + *

    + * + * @param certs The certification path. + * @param index The index of the certificate which contains the public key + * which should be extended with DSA parameters. + * @return The public key of the certificate in list position + * index extended with DSA parameters if applicable. + * @throws Exception if DSA parameters cannot be inherited. + */ + internal static AsymmetricKeyParameter GetNextWorkingKey( + IList certs, + int index) + { + //Only X509Certificate + X509Certificate cert = (X509Certificate)certs[index]; + + AsymmetricKeyParameter pubKey = cert.GetPublicKey(); + + if (!(pubKey is DsaPublicKeyParameters)) + return pubKey; + + DsaPublicKeyParameters dsaPubKey = (DsaPublicKeyParameters)pubKey; + + if (dsaPubKey.Parameters != null) + return dsaPubKey; + + for (int i = index + 1; i < certs.Count; i++) + { + X509Certificate parentCert = (X509Certificate)certs[i]; + pubKey = parentCert.GetPublicKey(); + + if (!(pubKey is DsaPublicKeyParameters)) + { + throw new PkixCertPathValidatorException( + "DSA parameters cannot be inherited from previous certificate."); + } + + DsaPublicKeyParameters prevDSAPubKey = (DsaPublicKeyParameters)pubKey; + + if (prevDSAPubKey.Parameters == null) + continue; + + DsaParameters dsaParams = prevDSAPubKey.Parameters; + + try + { + return new DsaPublicKeyParameters(dsaPubKey.Y, dsaParams); + } + catch (Exception exception) + { + throw new Exception(exception.Message); + } + } + + throw new PkixCertPathValidatorException("DSA parameters cannot be inherited from previous certificate."); + } + + internal static DateTime GetValidCertDateFromValidityModel( + PkixParameters paramsPkix, + PkixCertPath certPath, + int index) + { + if (paramsPkix.ValidityModel != PkixParameters.ChainValidityModel) + { + return GetValidDate(paramsPkix); + } + + // if end cert use given signing/encryption/... time + if (index <= 0) + { + return PkixCertPathValidatorUtilities.GetValidDate(paramsPkix); + // else use time when previous cert was created + } + + if (index - 1 == 0) + { + DerGeneralizedTime dateOfCertgen = null; + try + { + X509Certificate cert = (X509Certificate)certPath.Certificates[index - 1]; + Asn1OctetString extVal = cert.GetExtensionValue( + IsisMttObjectIdentifiers.IdIsisMttATDateOfCertGen); + dateOfCertgen = DerGeneralizedTime.GetInstance(extVal); + } + catch (ArgumentException) + { + throw new Exception( + "Date of cert gen extension could not be read."); + } + if (dateOfCertgen != null) + { + try + { + return dateOfCertgen.ToDateTime(); + } + catch (ArgumentException e) + { + throw new Exception( + "Date from date of cert gen extension could not be parsed.", + e); + } + } + } + + return ((X509Certificate)certPath.Certificates[index - 1]).NotBefore; + } + + /// + /// Return a Collection of all certificates or attribute certificates found + /// in the X509Store's that are matching the certSelect criteriums. + /// + /// a {@link Selector} object that will be used to select + /// the certificates + /// a List containing only X509Store objects. These + /// are used to search for certificates. + /// a Collection of all found or + /// objects. + /// May be empty but never null. + /// + internal static ICollection FindCertificates( + X509CertStoreSelector certSelect, + IList certStores) + { + ISet certs = new HashSet(); + + foreach (IX509Store certStore in certStores) + { + try + { +// certs.AddAll(certStore.GetMatches(certSelect)); + foreach (X509Certificate c in certStore.GetMatches(certSelect)) + { + certs.Add(c); + } + } + catch (Exception e) + { + throw new Exception("Problem while picking certificates from X.509 store.", e); + } + } + + return certs; + } + + /** + * Add the CRL issuers from the cRLIssuer field of the distribution point or + * from the certificate if not given to the issuer criterion of the + * selector. + *

    + * The issuerPrincipals are a collection with a single + * X500Principal for X509Certificates. For + * {@link X509AttributeCertificate}s the issuer may contain more than one + * X500Principal. + *

    + * + * @param dp The distribution point. + * @param issuerPrincipals The issuers of the certificate or attribute + * certificate which contains the distribution point. + * @param selector The CRL selector. + * @param pkixParams The PKIX parameters containing the cert stores. + * @throws Exception if an exception occurs while processing. + * @throws ClassCastException if issuerPrincipals does not + * contain only X500Principals. + */ + internal static void GetCrlIssuersFromDistributionPoint( + DistributionPoint dp, + ICollection issuerPrincipals, + X509CrlStoreSelector selector, + PkixParameters pkixParams) + { + IList issuers = Platform.CreateArrayList(); + // indirect CRL + if (dp.CrlIssuer != null) + { + GeneralName[] genNames = dp.CrlIssuer.GetNames(); + // look for a DN + for (int j = 0; j < genNames.Length; j++) + { + if (genNames[j].TagNo == GeneralName.DirectoryName) + { + try + { + issuers.Add(X509Name.GetInstance(genNames[j].Name.ToAsn1Object())); + } + catch (IOException e) + { + throw new Exception( + "CRL issuer information from distribution point cannot be decoded.", + e); + } + } + } + } + else + { + /* + * certificate issuer is CRL issuer, distributionPoint field MUST be + * present. + */ + if (dp.DistributionPointName == null) + { + throw new Exception( + "CRL issuer is omitted from distribution point but no distributionPoint field present."); + } + + // add and check issuer principals + for (IEnumerator it = issuerPrincipals.GetEnumerator(); it.MoveNext(); ) + { + issuers.Add((X509Name)it.Current); + } + } + // TODO: is not found although this should correctly add the rel name. selector of Sun is buggy here or PKI test case is invalid + // distributionPoint + // if (dp.getDistributionPoint() != null) + // { + // // look for nameRelativeToCRLIssuer + // if (dp.getDistributionPoint().getType() == DistributionPointName.NAME_RELATIVE_TO_CRL_ISSUER) + // { + // // append fragment to issuer, only one + // // issuer can be there, if this is given + // if (issuers.size() != 1) + // { + // throw new AnnotatedException( + // "nameRelativeToCRLIssuer field is given but more than one CRL issuer is given."); + // } + // DEREncodable relName = dp.getDistributionPoint().getName(); + // Iterator it = issuers.iterator(); + // List issuersTemp = new ArrayList(issuers.size()); + // while (it.hasNext()) + // { + // Enumeration e = null; + // try + // { + // e = ASN1Sequence.getInstance( + // new ASN1InputStream(((X500Principal) it.next()) + // .getEncoded()).readObject()).getObjects(); + // } + // catch (IOException ex) + // { + // throw new AnnotatedException( + // "Cannot decode CRL issuer information.", ex); + // } + // ASN1EncodableVector v = new ASN1EncodableVector(); + // while (e.hasMoreElements()) + // { + // v.add((DEREncodable) e.nextElement()); + // } + // v.add(relName); + // issuersTemp.add(new X500Principal(new DERSequence(v) + // .getDEREncoded())); + // } + // issuers.clear(); + // issuers.addAll(issuersTemp); + // } + // } + + selector.Issuers = issuers; + } + + /** + * Fetches complete CRLs according to RFC 3280. + * + * @param dp The distribution point for which the complete CRL + * @param cert The X509Certificate or + * {@link org.bouncycastle.x509.X509AttributeCertificate} for + * which the CRL should be searched. + * @param currentDate The date for which the delta CRLs must be valid. + * @param paramsPKIX The extended PKIX parameters. + * @return A Set of X509CRLs with complete + * CRLs. + * @throws Exception if an exception occurs while picking the CRLs + * or no CRLs are found. + */ + internal static ISet GetCompleteCrls( + DistributionPoint dp, + object cert, + DateTime currentDate, + PkixParameters paramsPKIX) + { + X509CrlStoreSelector crlselect = new X509CrlStoreSelector(); + try + { + ISet issuers = new HashSet(); + if (cert is X509V2AttributeCertificate) + { + issuers.Add(((X509V2AttributeCertificate)cert) + .Issuer.GetPrincipals()[0]); + } + else + { + issuers.Add(GetIssuerPrincipal(cert)); + } + PkixCertPathValidatorUtilities.GetCrlIssuersFromDistributionPoint(dp, issuers, crlselect, paramsPKIX); + } + catch (Exception e) + { + throw new Exception("Could not get issuer information from distribution point.", e); + } + + if (cert is X509Certificate) + { + crlselect.CertificateChecking = (X509Certificate)cert; + } + else if (cert is X509V2AttributeCertificate) + { + crlselect.AttrCertChecking = (IX509AttributeCertificate)cert; + } + + crlselect.CompleteCrlEnabled = true; + ISet crls = CrlUtilities.FindCrls(crlselect, paramsPKIX, currentDate); + + if (crls.IsEmpty) + { + if (cert is IX509AttributeCertificate) + { + IX509AttributeCertificate aCert = (IX509AttributeCertificate)cert; + + throw new Exception("No CRLs found for issuer \"" + aCert.Issuer.GetPrincipals()[0] + "\""); + } + else + { + X509Certificate xCert = (X509Certificate)cert; + + throw new Exception("No CRLs found for issuer \"" + xCert.IssuerDN + "\""); + } + } + + return crls; + } + + /** + * Fetches delta CRLs according to RFC 3280 section 5.2.4. + * + * @param currentDate The date for which the delta CRLs must be valid. + * @param paramsPKIX The extended PKIX parameters. + * @param completeCRL The complete CRL the delta CRL is for. + * @return A Set of X509CRLs with delta CRLs. + * @throws Exception if an exception occurs while picking the delta + * CRLs. + */ + internal static ISet GetDeltaCrls( + DateTime currentDate, + PkixParameters paramsPKIX, + X509Crl completeCRL) + { + X509CrlStoreSelector deltaSelect = new X509CrlStoreSelector(); + + // 5.2.4 (a) + try + { + IList deltaSelectIssuer = Platform.CreateArrayList(); + deltaSelectIssuer.Add(completeCRL.IssuerDN); + deltaSelect.Issuers = deltaSelectIssuer; + } + catch (IOException e) + { + throw new Exception("Cannot extract issuer from CRL.", e); + } + + BigInteger completeCRLNumber = null; + try + { + Asn1Object asn1Object = GetExtensionValue(completeCRL, X509Extensions.CrlNumber); + if (asn1Object != null) + { + completeCRLNumber = CrlNumber.GetInstance(asn1Object).PositiveValue; + } + } + catch (Exception e) + { + throw new Exception( + "CRL number extension could not be extracted from CRL.", e); + } + + // 5.2.4 (b) + byte[] idp = null; + + try + { + Asn1Object obj = GetExtensionValue(completeCRL, X509Extensions.IssuingDistributionPoint); + if (obj != null) + { + idp = obj.GetDerEncoded(); + } + } + catch (Exception e) + { + throw new Exception( + "Issuing distribution point extension value could not be read.", + e); + } + + // 5.2.4 (d) + + deltaSelect.MinCrlNumber = (completeCRLNumber == null) + ? null + : completeCRLNumber.Add(BigInteger.One); + + deltaSelect.IssuingDistributionPoint = idp; + deltaSelect.IssuingDistributionPointEnabled = true; + + // 5.2.4 (c) + deltaSelect.MaxBaseCrlNumber = completeCRLNumber; + + // find delta CRLs + ISet temp = CrlUtilities.FindCrls(deltaSelect, paramsPKIX, currentDate); + + ISet result = new HashSet(); + + foreach (X509Crl crl in temp) + { + if (isDeltaCrl(crl)) + { + result.Add(crl); + } + } + + return result; + } + + private static bool isDeltaCrl( + X509Crl crl) + { + ISet critical = crl.GetCriticalExtensionOids(); + + return critical.Contains(X509Extensions.DeltaCrlIndicator.Id); + } + + internal static ICollection FindCertificates( + X509AttrCertStoreSelector certSelect, + IList certStores) + { + ISet certs = new HashSet(); + + foreach (IX509Store certStore in certStores) + { + try + { +// certs.AddAll(certStore.GetMatches(certSelect)); + foreach (X509V2AttributeCertificate ac in certStore.GetMatches(certSelect)) + { + certs.Add(ac); + } + } + catch (Exception e) + { + throw new Exception( + "Problem while picking certificates from X.509 store.", e); + } + } + + return certs; + } + + internal static void AddAdditionalStoresFromCrlDistributionPoint( + CrlDistPoint crldp, + PkixParameters pkixParams) + { + if (crldp != null) + { + DistributionPoint[] dps = null; + try + { + dps = crldp.GetDistributionPoints(); + } + catch (Exception e) + { + throw new Exception( + "Distribution points could not be read.", e); + } + for (int i = 0; i < dps.Length; i++) + { + DistributionPointName dpn = dps[i].DistributionPointName; + // look for URIs in fullName + if (dpn != null) + { + if (dpn.PointType == DistributionPointName.FullName) + { + GeneralName[] genNames = GeneralNames.GetInstance( + dpn.Name).GetNames(); + // look for an URI + for (int j = 0; j < genNames.Length; j++) + { + if (genNames[j].TagNo == GeneralName.UniformResourceIdentifier) + { + string location = DerIA5String.GetInstance( + genNames[j].Name).GetString(); + PkixCertPathValidatorUtilities.AddAdditionalStoreFromLocation( + location, pkixParams); + } + } + } + } + } + } + } + + internal static bool ProcessCertD1i( + int index, + IList[] policyNodes, + DerObjectIdentifier pOid, + ISet pq) + { + IList policyNodeVec = policyNodes[index - 1]; + + for (int j = 0; j < policyNodeVec.Count; j++) + { + PkixPolicyNode node = (PkixPolicyNode)policyNodeVec[j]; + ISet expectedPolicies = node.ExpectedPolicies; + + if (expectedPolicies.Contains(pOid.Id)) + { + ISet childExpectedPolicies = new HashSet(); + childExpectedPolicies.Add(pOid.Id); + + PkixPolicyNode child = new PkixPolicyNode(Platform.CreateArrayList(), + index, + childExpectedPolicies, + node, + pq, + pOid.Id, + false); + node.AddChild(child); + policyNodes[index].Add(child); + + return true; + } + } + + return false; + } + + internal static void ProcessCertD1ii( + int index, + IList[] policyNodes, + DerObjectIdentifier _poid, + ISet _pq) + { + IList policyNodeVec = policyNodes[index - 1]; + + for (int j = 0; j < policyNodeVec.Count; j++) + { + PkixPolicyNode _node = (PkixPolicyNode)policyNodeVec[j]; + + if (ANY_POLICY.Equals(_node.ValidPolicy)) + { + ISet _childExpectedPolicies = new HashSet(); + _childExpectedPolicies.Add(_poid.Id); + + PkixPolicyNode _child = new PkixPolicyNode(Platform.CreateArrayList(), + index, + _childExpectedPolicies, + _node, + _pq, + _poid.Id, + false); + _node.AddChild(_child); + policyNodes[index].Add(_child); + return; + } + } + } + + /** + * Find the issuer certificates of a given certificate. + * + * @param cert + * The certificate for which an issuer should be found. + * @param pkixParams + * @return A Collection object containing the issuer + * X509Certificates. Never null. + * + * @exception Exception + * if an error occurs. + */ + internal static ICollection FindIssuerCerts( + X509Certificate cert, + PkixBuilderParameters pkixParams) + { + X509CertStoreSelector certSelect = new X509CertStoreSelector(); + ISet certs = new HashSet(); + try + { + certSelect.Subject = cert.IssuerDN; + } + catch (IOException ex) + { + throw new Exception( + "Subject criteria for certificate selector to find issuer certificate could not be set.", ex); + } + + try + { + certs.AddAll(PkixCertPathValidatorUtilities.FindCertificates(certSelect, pkixParams.GetStores())); + certs.AddAll(PkixCertPathValidatorUtilities.FindCertificates(certSelect, pkixParams.GetAdditionalStores())); + } + catch (Exception e) + { + throw new Exception("Issuer certificate cannot be searched.", e); + } + + return certs; + } + + /// + /// Extract the value of the given extension, if it exists. + /// + /// The extension object. + /// The object identifier to obtain. + /// Asn1Object + /// if the extension cannot be read. + internal static Asn1Object GetExtensionValue( + IX509Extension ext, + DerObjectIdentifier oid) + { + Asn1OctetString bytes = ext.GetExtensionValue(oid); + + if (bytes == null) + return null; + + return X509ExtensionUtilities.FromExtensionValue(bytes); + } + } +} diff --git a/BouncyCastle/crypto/src/pkix/PkixCrlUtilities.cs b/BouncyCastle/crypto/src/pkix/PkixCrlUtilities.cs new file mode 100644 index 0000000..06a7caa --- /dev/null +++ b/BouncyCastle/crypto/src/pkix/PkixCrlUtilities.cs @@ -0,0 +1,110 @@ +using System; +using System.Collections; + +using Org.BouncyCastle.Utilities.Collections; +using Org.BouncyCastle.Utilities.Date; +using Org.BouncyCastle.X509; +using Org.BouncyCastle.X509.Store; + +namespace Org.BouncyCastle.Pkix +{ + public class PkixCrlUtilities + { + public virtual ISet FindCrls(X509CrlStoreSelector crlselect, PkixParameters paramsPkix, DateTime currentDate) + { + ISet initialSet = new HashSet(); + + // get complete CRL(s) + try + { + initialSet.AddAll(FindCrls(crlselect, paramsPkix.GetAdditionalStores())); + initialSet.AddAll(FindCrls(crlselect, paramsPkix.GetStores())); + } + catch (Exception e) + { + throw new Exception("Exception obtaining complete CRLs.", e); + } + + ISet finalSet = new HashSet(); + DateTime validityDate = currentDate; + + if (paramsPkix.Date != null) + { + validityDate = paramsPkix.Date.Value; + } + + // based on RFC 5280 6.3.3 + foreach (X509Crl crl in initialSet) + { + DateTimeObject nextUpdate = crl.NextUpdate; + + if (null == nextUpdate || nextUpdate.Value.CompareTo(validityDate) > 0) + { + X509Certificate cert = crlselect.CertificateChecking; + + if (null == cert || crl.ThisUpdate.CompareTo(cert.NotAfter) < 0) + { + finalSet.Add(crl); + } + } + } + + return finalSet; + } + + public virtual ISet FindCrls(X509CrlStoreSelector crlselect, PkixParameters paramsPkix) + { + ISet completeSet = new HashSet(); + + // get complete CRL(s) + try + { + completeSet.AddAll(FindCrls(crlselect, paramsPkix.GetStores())); + } + catch (Exception e) + { + throw new Exception("Exception obtaining complete CRLs.", e); + } + + return completeSet; + } + + /// + /// crl checking + /// Return a Collection of all CRLs found in the X509Store's that are + /// matching the crlSelect criteriums. + /// + /// a {@link X509CRLStoreSelector} object that will be used + /// to select the CRLs + /// a List containing only {@link org.bouncycastle.x509.X509Store + /// X509Store} objects. These are used to search for CRLs + /// a Collection of all found {@link X509CRL X509CRL} objects. May be + /// empty but never null. + /// + private ICollection FindCrls(X509CrlStoreSelector crlSelect, IList crlStores) + { + ISet crls = new HashSet(); + + Exception lastException = null; + bool foundValidStore = false; + + foreach (IX509Store store in crlStores) + { + try + { + crls.AddAll(store.GetMatches(crlSelect)); + foundValidStore = true; + } + catch (X509StoreException e) + { + lastException = new Exception("Exception searching in X.509 CRL store.", e); + } + } + + if (!foundValidStore && lastException != null) + throw lastException; + + return crls; + } + } +} diff --git a/BouncyCastle/crypto/src/pkix/PkixNameConstraintValidator.cs b/BouncyCastle/crypto/src/pkix/PkixNameConstraintValidator.cs new file mode 100644 index 0000000..dbf7625 --- /dev/null +++ b/BouncyCastle/crypto/src/pkix/PkixNameConstraintValidator.cs @@ -0,0 +1,1939 @@ +using System; +using System.Collections; +using System.IO; + +using Org.BouncyCastle.Asn1; +using Org.BouncyCastle.Asn1.X500; +using Org.BouncyCastle.Asn1.X500.Style; +using Org.BouncyCastle.Asn1.X509; +using Org.BouncyCastle.Utilities; +using Org.BouncyCastle.Utilities.Collections; +using Org.BouncyCastle.Utilities.Encoders; + +namespace Org.BouncyCastle.Pkix +{ + public class PkixNameConstraintValidator + { + // TODO Implement X500Name and styles + //private static readonly DerObjectIdentifier SerialNumberOid = Rfc4519Style.SerialNumber; + private static readonly DerObjectIdentifier SerialNumberOid = new DerObjectIdentifier("2.5.4.5"); + + private ISet excludedSubtreesDN = new HashSet(); + + private ISet excludedSubtreesDNS = new HashSet(); + + private ISet excludedSubtreesEmail = new HashSet(); + + private ISet excludedSubtreesURI = new HashSet(); + + private ISet excludedSubtreesIP = new HashSet(); + + private ISet excludedSubtreesOtherName = new HashSet(); + + private ISet permittedSubtreesDN; + + private ISet permittedSubtreesDNS; + + private ISet permittedSubtreesEmail; + + private ISet permittedSubtreesURI; + + private ISet permittedSubtreesIP; + + private ISet permittedSubtreesOtherName; + + public PkixNameConstraintValidator() + { + } + + private static bool WithinDNSubtree( + Asn1Sequence dns, + Asn1Sequence subtree) + { + if (subtree.Count < 1 || subtree.Count > dns.Count) + return false; + + int start = 0; + Rdn subtreeRdnStart = Rdn.GetInstance(subtree[0]); + for (int j = 0; j < dns.Count; j++) + { + start = j; + Rdn dnsRdn = Rdn.GetInstance(dns[j]); + if (IetfUtilities.RdnAreEqual(subtreeRdnStart, dnsRdn)) + break; + } + + if (subtree.Count > dns.Count - start) + return false; + + for (int j = 0; j < subtree.Count; ++j) + { + // both subtree and dns are a ASN.1 Name and the elements are a RDN + Rdn subtreeRdn = Rdn.GetInstance(subtree[j]); + Rdn dnsRdn = Rdn.GetInstance(dns[start + j]); + + // check if types and values of all naming attributes are matching, other types which are not restricted are allowed, see https://tools.ietf.org/html/rfc5280#section-7.1 + + // Two relative distinguished names + // RDN1 and RDN2 match if they have the same number of naming attributes + // and for each naming attribute in RDN1 there is a matching naming attribute in RDN2. + // NOTE: this is checking the attributes in the same order, which might be not necessary, if this is a problem also IETFUtils.rDNAreEqual mus tbe changed. + // use new RFC 5280 comparison, NOTE: this is now different from with RFC 3280, where only binary comparison is used + // obey RFC 5280 7.1 + // special treatment of serialNumber for GSMA SGP.22 RSP specification + if (subtreeRdn.Count == 1 && dnsRdn.Count == 1 + && subtreeRdn.GetFirst().GetType().Equals(SerialNumberOid) + && dnsRdn.GetFirst().GetType().Equals(SerialNumberOid)) + { + if (!Platform.StartsWith(dnsRdn.GetFirst().Value.ToString(), subtreeRdn.GetFirst().Value.ToString())) + return false; + } + else if (!IetfUtilities.RdnAreEqual(subtreeRdn, dnsRdn)) + { + return false; + } + } + + return true; + } + + public void CheckPermittedDN(Asn1Sequence dn) + { + CheckPermittedDirectory(permittedSubtreesDN, dn); + } + + public void CheckExcludedDN(Asn1Sequence dn) + { + CheckExcludedDirectory(excludedSubtreesDN, dn); + } + + private ISet IntersectDN(ISet permitted, ISet dns) + { + ISet intersect = new HashSet(); + foreach (GeneralSubtree subtree1 in dns) + { + Asn1Sequence dn1 = Asn1Sequence.GetInstance(subtree1.Base.Name); + if (permitted == null) + { + if (dn1 != null) + { + intersect.Add(dn1); + } + } + else + { + foreach (object obj2 in permitted) + { + Asn1Sequence dn2 = Asn1Sequence.GetInstance(obj2); + + if (WithinDNSubtree(dn1, dn2)) + { + intersect.Add(dn1); + } + else if (WithinDNSubtree(dn2, dn1)) + { + intersect.Add(dn2); + } + } + } + } + return intersect; + } + + private ISet UnionDN(ISet excluded, Asn1Sequence dn) + { + if (excluded.IsEmpty) + { + if (dn == null) + return excluded; + + excluded.Add(dn); + return excluded; + } + else + { + ISet union = new HashSet(); + + foreach (object obj in excluded) + { + Asn1Sequence subtree = Asn1Sequence.GetInstance(obj); + + if (WithinDNSubtree(dn, subtree)) + { + union.Add(subtree); + } + else if (WithinDNSubtree(subtree, dn)) + { + union.Add(dn); + } + else + { + union.Add(subtree); + union.Add(dn); + } + } + + return union; + } + } + + private ISet IntersectOtherName(ISet permitted, ISet otherNames) + { + ISet intersect = new HashSet(); + foreach (GeneralSubtree subtree1 in otherNames) + { + OtherName otherName1 = OtherName.GetInstance(subtree1.Base.Name); + if (otherName1 == null) + continue; + + if (permitted == null) + { + intersect.Add(otherName1); + } + else + { + foreach (object obj2 in permitted) + { + OtherName otherName2 = OtherName.GetInstance(obj2); + if (otherName2 == null) + continue; + + IntersectOtherName(otherName1, otherName2, intersect); + } + } + } + return intersect; + } + + private void IntersectOtherName(OtherName otherName1, OtherName otherName2, ISet intersect) + { + if (otherName1.Equals(otherName2)) + { + intersect.Add(otherName1); + } + } + + private ISet UnionOtherName(ISet permitted, OtherName otherName) + { + ISet union = permitted != null ? new HashSet(permitted) : new HashSet(); + union.Add(otherName); + return union; + } + + private ISet IntersectEmail(ISet permitted, ISet emails) + { + ISet intersect = new HashSet(); + foreach (GeneralSubtree subtree1 in emails) + { + string email = ExtractNameAsString(subtree1.Base); + + if (permitted == null) + { + if (email != null) + { + intersect.Add(email); + } + } + else + { + foreach (string _permitted in permitted) + { + IntersectEmail(email, _permitted, intersect); + } + } + } + return intersect; + } + + private ISet UnionEmail(ISet excluded, string email) + { + if (excluded.IsEmpty) + { + if (email == null) + { + return excluded; + } + excluded.Add(email); + return excluded; + } + else + { + ISet union = new HashSet(); + foreach (string _excluded in excluded) + { + UnionEmail(_excluded, email, union); + } + return union; + } + } + + /** + * Returns the intersection of the permitted IP ranges in + * permitted with ip. + * + * @param permitted A Set of permitted IP addresses with + * their subnet mask as byte arrays. + * @param ips The IP address with its subnet mask. + * @return The Set of permitted IP ranges intersected with + * ip. + */ + private ISet IntersectIP(ISet permitted, ISet ips) + { + ISet intersect = new HashSet(); + foreach (GeneralSubtree subtree in ips) + { + byte[] ip = Asn1OctetString.GetInstance(subtree.Base.Name).GetOctets(); + if (permitted == null) + { + if (ip != null) + { + intersect.Add(ip); + } + } + else + { + foreach (byte[] _permitted in permitted) + { + intersect.AddAll(IntersectIPRange(_permitted, ip)); + } + } + } + return intersect; + } + + /** + * Returns the union of the excluded IP ranges in excluded + * with ip. + * + * @param excluded A Set of excluded IP addresses with their + * subnet mask as byte arrays. + * @param ip The IP address with its subnet mask. + * @return The Set of excluded IP ranges unified with + * ip as byte arrays. + */ + private ISet UnionIP(ISet excluded, byte[] ip) + { + if (excluded.IsEmpty) + { + if (ip == null) + { + return excluded; + } + excluded.Add(ip); + + return excluded; + } + else + { + ISet union = new HashSet(); + foreach (byte[] _excluded in excluded) + { + union.AddAll(UnionIPRange(_excluded, ip)); + } + return union; + } + } + + /** + * Calculates the union if two IP ranges. + * + * @param ipWithSubmask1 The first IP address with its subnet mask. + * @param ipWithSubmask2 The second IP address with its subnet mask. + * @return A Set with the union of both addresses. + */ + private ISet UnionIPRange(byte[] ipWithSubmask1, byte[] ipWithSubmask2) + { + ISet set = new HashSet(); + // difficult, adding always all IPs is not wrong + if (Arrays.AreEqual(ipWithSubmask1, ipWithSubmask2)) + { + set.Add(ipWithSubmask1); + } + else + { + set.Add(ipWithSubmask1); + set.Add(ipWithSubmask2); + } + return set; + } + + /** + * Calculates the interesction if two IP ranges. + * + * @param ipWithSubmask1 The first IP address with its subnet mask. + * @param ipWithSubmask2 The second IP address with its subnet mask. + * @return A Set with the single IP address with its subnet + * mask as a byte array or an empty Set. + */ + private ISet IntersectIPRange(byte[] ipWithSubmask1, byte[] ipWithSubmask2) + { + if (ipWithSubmask1.Length != ipWithSubmask2.Length) + { + //Collections.EMPTY_SET; + return new HashSet(); + } + + byte[][] temp = ExtractIPsAndSubnetMasks(ipWithSubmask1, ipWithSubmask2); + byte[] ip1 = temp[0]; + byte[] subnetmask1 = temp[1]; + byte[] ip2 = temp[2]; + byte[] subnetmask2 = temp[3]; + + byte[][] minMax = MinMaxIPs(ip1, subnetmask1, ip2, subnetmask2); + byte[] min; + byte[] max; + max = Min(minMax[1], minMax[3]); + min = Max(minMax[0], minMax[2]); + + // minimum IP address must be bigger than max + if (CompareTo(min, max) == 1) + { + //return Collections.EMPTY_SET; + return new HashSet(); + } + // OR keeps all significant bits + byte[] ip = Or(minMax[0], minMax[2]); + byte[] subnetmask = Or(subnetmask1, subnetmask2); + + //return new HashSet( ICollectionsingleton(IpWithSubnetMask(ip, subnetmask)); + ISet hs = new HashSet(); + hs.Add(IpWithSubnetMask(ip, subnetmask)); + + return hs; + } + + /** + * Concatenates the IP address with its subnet mask. + * + * @param ip The IP address. + * @param subnetMask Its subnet mask. + * @return The concatenated IP address with its subnet mask. + */ + private byte[] IpWithSubnetMask(byte[] ip, byte[] subnetMask) + { + int ipLength = ip.Length; + byte[] temp = new byte[ipLength * 2]; + Array.Copy(ip, 0, temp, 0, ipLength); + Array.Copy(subnetMask, 0, temp, ipLength, ipLength); + return temp; + } + + /** + * Splits the IP addresses and their subnet mask. + * + * @param ipWithSubmask1 The first IP address with the subnet mask. + * @param ipWithSubmask2 The second IP address with the subnet mask. + * @return An array with two elements. Each element contains the IP address + * and the subnet mask in this order. + */ + private byte[][] ExtractIPsAndSubnetMasks( + byte[] ipWithSubmask1, + byte[] ipWithSubmask2) + { + int ipLength = ipWithSubmask1.Length / 2; + byte[] ip1 = new byte[ipLength]; + byte[] subnetmask1 = new byte[ipLength]; + Array.Copy(ipWithSubmask1, 0, ip1, 0, ipLength); + Array.Copy(ipWithSubmask1, ipLength, subnetmask1, 0, ipLength); + + byte[] ip2 = new byte[ipLength]; + byte[] subnetmask2 = new byte[ipLength]; + Array.Copy(ipWithSubmask2, 0, ip2, 0, ipLength); + Array.Copy(ipWithSubmask2, ipLength, subnetmask2, 0, ipLength); + return new byte[][]{ ip1, subnetmask1, ip2, subnetmask2 }; + } + + /** + * Based on the two IP addresses and their subnet masks the IP range is + * computed for each IP address - subnet mask pair and returned as the + * minimum IP address and the maximum address of the range. + * + * @param ip1 The first IP address. + * @param subnetmask1 The subnet mask of the first IP address. + * @param ip2 The second IP address. + * @param subnetmask2 The subnet mask of the second IP address. + * @return A array with two elements. The first/second element contains the + * min and max IP address of the first/second IP address and its + * subnet mask. + */ + private byte[][] MinMaxIPs( + byte[] ip1, + byte[] subnetmask1, + byte[] ip2, + byte[] subnetmask2) + { + int ipLength = ip1.Length; + byte[] min1 = new byte[ipLength]; + byte[] max1 = new byte[ipLength]; + + byte[] min2 = new byte[ipLength]; + byte[] max2 = new byte[ipLength]; + + for (int i = 0; i < ipLength; i++) + { + min1[i] = (byte)(ip1[i] & subnetmask1[i]); + max1[i] = (byte)(ip1[i] & subnetmask1[i] | ~subnetmask1[i]); + + min2[i] = (byte)(ip2[i] & subnetmask2[i]); + max2[i] = (byte)(ip2[i] & subnetmask2[i] | ~subnetmask2[i]); + } + + return new byte[][]{ min1, max1, min2, max2 }; + } + + private bool IsOtherNameConstrained(OtherName constraint, OtherName otherName) + { + return constraint.Equals(otherName); + } + + private bool IsOtherNameConstrained(ISet constraints, OtherName otherName) + { + foreach (object obj in constraints) + { + OtherName constraint = OtherName.GetInstance(obj); + + if (IsOtherNameConstrained(constraint, otherName)) + return true; + } + + return false; + } + + private void CheckPermittedOtherName(ISet permitted, OtherName name) + { + if (permitted != null && !IsOtherNameConstrained(permitted, name)) + { + throw new PkixNameConstraintValidatorException( + "Subject OtherName is not from a permitted subtree."); + } + } + + private void CheckExcludedOtherName(ISet excluded, OtherName name) + { + if (IsOtherNameConstrained(excluded, name)) + { + throw new PkixNameConstraintValidatorException( + "OtherName is from an excluded subtree."); + } + } + + private bool IsEmailConstrained(string constraint, string email) + { + string sub = email.Substring(email.IndexOf('@') + 1); + // a particular mailbox + if (constraint.IndexOf('@') != -1) + { + if (Platform.ToUpperInvariant(email).Equals(Platform.ToUpperInvariant(constraint))) + { + return true; + } + } + // on particular host + else if (!(constraint[0].Equals('.'))) + { + if (Platform.ToUpperInvariant(sub).Equals(Platform.ToUpperInvariant(constraint))) + { + return true; + } + } + // address in sub domain + else if (WithinDomain(sub, constraint)) + { + return true; + } + return false; + } + + private bool IsEmailConstrained(ISet constraints, string email) + { + foreach (string constraint in constraints) + { + if (IsEmailConstrained(constraint, email)) + return true; + } + + return false; + } + + private void CheckPermittedEmail(ISet permitted, string email) + { + if (permitted != null + && !(email.Length == 0 && permitted.IsEmpty) + && !IsEmailConstrained(permitted, email)) + { + throw new PkixNameConstraintValidatorException( + "Subject email address is not from a permitted subtree."); + } + } + + private void CheckExcludedEmail(ISet excluded, string email) + { + if (IsEmailConstrained(excluded, email)) + { + throw new PkixNameConstraintValidatorException( + "Email address is from an excluded subtree."); + } + } + + private bool IsDnsConstrained(string constraint, string dns) + { + return WithinDomain(dns, constraint) || Platform.EqualsIgnoreCase(dns, constraint); + } + + private bool IsDnsConstrained(ISet constraints, string dns) + { + foreach (string constraint in constraints) + { + if (IsDnsConstrained(constraint, dns)) + return true; + } + + return false; + } + + private void CheckPermittedDns(ISet permitted, string dns) + { + if (permitted != null + && !(dns.Length == 0 && permitted.IsEmpty) + && !IsDnsConstrained(permitted, dns)) + { + throw new PkixNameConstraintValidatorException( + "DNS is not from a permitted subtree."); + } + } + + private void CheckExcludedDns(ISet excluded, string dns) + { + if (IsDnsConstrained(excluded, dns)) + { + throw new PkixNameConstraintValidatorException( + "DNS is from an excluded subtree."); + } + } + + private bool IsDirectoryConstrained(ISet constraints, Asn1Sequence directory) + { + foreach (object obj in constraints) + { + Asn1Sequence constraint = Asn1Sequence.GetInstance(obj); + + if (WithinDNSubtree(directory, constraint)) + return true; + } + + return false; + } + + private void CheckPermittedDirectory(ISet permitted, Asn1Sequence directory) + { + if (permitted != null + && !(directory.Count == 0 && permitted.IsEmpty) + && !IsDirectoryConstrained(permitted, directory)) + { + throw new PkixNameConstraintValidatorException( + "Subject distinguished name is not from a permitted subtree"); + } + } + + private void CheckExcludedDirectory(ISet excluded, Asn1Sequence directory) + { + if (IsDirectoryConstrained(excluded, directory)) + { + throw new PkixNameConstraintValidatorException( + "Subject distinguished name is from an excluded subtree"); + } + } + + private bool IsUriConstrained(string constraint, string uri) + { + string host = ExtractHostFromURL(uri); + + if (Platform.StartsWith(constraint, ".")) + { + // in sub domain or domain + return WithinDomain(host, constraint); + } + + // a host + return Platform.EqualsIgnoreCase(host, constraint); + } + + private bool IsUriConstrained(ISet constraints, string uri) + { + foreach (string constraint in constraints) + { + if (IsUriConstrained(constraint, uri)) + return true; + } + + return false; + } + + private void CheckPermittedUri(ISet permitted, string uri) + { + if (permitted != null + && !(uri.Length == 0 && permitted.IsEmpty) + && !IsUriConstrained(permitted, uri)) + { + throw new PkixNameConstraintValidatorException( + "URI is not from a permitted subtree."); + } + } + + private void CheckExcludedUri(ISet excluded, string uri) + { + if (IsUriConstrained(excluded, uri)) + { + throw new PkixNameConstraintValidatorException( + "URI is from an excluded subtree."); + } + } + + /** + * Checks if the IP address ip is constrained by + * constraint. + * + * @param constraint The constraint. This is an IP address concatenated with + * its subnetmask. + * @param ip The IP address. + * @return true if constrained, false + * otherwise. + */ + private bool IsIPConstrained(byte[] constraint, byte[] ip) + { + int ipLength = ip.Length; + if (ipLength != (constraint.Length / 2)) + { + return false; + } + + byte[] subnetMask = new byte[ipLength]; + Array.Copy(constraint, ipLength, subnetMask, 0, ipLength); + + byte[] permittedSubnetAddress = new byte[ipLength]; + + byte[] ipSubnetAddress = new byte[ipLength]; + + // the resulting IP address by applying the subnet mask + for (int i = 0; i < ipLength; i++) + { + permittedSubnetAddress[i] = (byte)(constraint[i] & subnetMask[i]); + ipSubnetAddress[i] = (byte)(ip[i] & subnetMask[i]); + } + + return Arrays.AreEqual(permittedSubnetAddress, ipSubnetAddress); + } + + private bool IsIPConstrained(ISet constraints, byte[] ip) + { + foreach (byte[] constraint in constraints) + { + if (IsIPConstrained(constraint, ip)) + return true; + } + + return false; + } + + /** + * Checks if the IP ip is included in the permitted ISet + * permitted. + * + * @param permitted A Set of permitted IP addresses with + * their subnet mask as byte arrays. + * @param ip The IP address. + * @throws PkixNameConstraintValidatorException + * if the IP is not permitted. + */ + private void CheckPermittedIP(ISet permitted, byte[] ip) + { + if (permitted != null + && !(ip.Length == 0 && permitted.IsEmpty) + && !IsIPConstrained(permitted, ip)) + { + throw new PkixNameConstraintValidatorException( + "IP is not from a permitted subtree."); + } + } + + /** + * Checks if the IP ip is included in the excluded ISet + * excluded. + * + * @param excluded A Set of excluded IP addresses with their + * subnet mask as byte arrays. + * @param ip The IP address. + * @throws PkixNameConstraintValidatorException + * if the IP is excluded. + */ + private void CheckExcludedIP(ISet excluded, byte[] ip) + { + if (IsIPConstrained(excluded, ip)) + { + throw new PkixNameConstraintValidatorException( + "IP is from an excluded subtree."); + } + } + + private bool WithinDomain(string testDomain, string domain) + { + string tempDomain = domain; + if (Platform.StartsWith(tempDomain, ".")) + { + tempDomain = tempDomain.Substring(1); + } + + string[] domainParts = tempDomain.Split('.'); // Strings.split(tempDomain, '.'); + string[] testDomainParts = testDomain.Split('.'); // Strings.split(testDomain, '.'); + + // must have at least one subdomain + if (testDomainParts.Length <= domainParts.Length) + return false; + + int d = testDomainParts.Length - domainParts.Length; + for (int i = -1; i < domainParts.Length; i++) + { + if (i == -1) + { + if (testDomainParts[i + d].Length < 1) + { + return false; + } + } + else if (!Platform.EqualsIgnoreCase(testDomainParts[i + d], domainParts[i])) + { + return false; + } + } + return true; + } + + /** + * The common part of email1 and email2 is + * added to the union union. If email1 and + * email2 have nothing in common they are added both. + * + * @param email1 Email address constraint 1. + * @param email2 Email address constraint 2. + * @param union The union. + */ + private void UnionEmail(string email1, string email2, ISet union) + { + // email1 is a particular address + if (email1.IndexOf('@') != -1) + { + string _sub = email1.Substring(email1.IndexOf('@') + 1); + // both are a particular mailbox + if (email2.IndexOf('@') != -1) + { + if (Platform.EqualsIgnoreCase(email1, email2)) + { + union.Add(email1); + } + else + { + union.Add(email1); + union.Add(email2); + } + } + // email2 specifies a domain + else if (Platform.StartsWith(email2, ".")) + { + if (WithinDomain(_sub, email2)) + { + union.Add(email2); + } + else + { + union.Add(email1); + union.Add(email2); + } + } + // email2 specifies a particular host + else + { + if (Platform.EqualsIgnoreCase(_sub, email2)) + { + union.Add(email2); + } + else + { + union.Add(email1); + union.Add(email2); + } + } + } + // email1 specifies a domain + else if (Platform.StartsWith(email1, ".")) + { + if (email2.IndexOf('@') != -1) + { + string _sub = email2.Substring(email1.IndexOf('@') + 1); + if (WithinDomain(_sub, email1)) + { + union.Add(email1); + } + else + { + union.Add(email1); + union.Add(email2); + } + } + // email2 specifies a domain + else if (Platform.StartsWith(email2, ".")) + { + if (WithinDomain(email1, email2) || Platform.EqualsIgnoreCase(email1, email2)) + { + union.Add(email2); + } + else if (WithinDomain(email2, email1)) + { + union.Add(email1); + } + else + { + union.Add(email1); + union.Add(email2); + } + } + else + { + if (WithinDomain(email2, email1)) + { + union.Add(email1); + } + else + { + union.Add(email1); + union.Add(email2); + } + } + } + // email specifies a host + else + { + if (email2.IndexOf('@') != -1) + { + string _sub = email2.Substring(email1.IndexOf('@') + 1); + if (Platform.EqualsIgnoreCase(_sub, email1)) + { + union.Add(email1); + } + else + { + union.Add(email1); + union.Add(email2); + } + } + // email2 specifies a domain + else if (Platform.StartsWith(email2, ".")) + { + if (WithinDomain(email1, email2)) + { + union.Add(email2); + } + else + { + union.Add(email1); + union.Add(email2); + } + } + // email2 specifies a particular host + else + { + if (Platform.EqualsIgnoreCase(email1, email2)) + { + union.Add(email1); + } + else + { + union.Add(email1); + union.Add(email2); + } + } + } + } + + private void unionURI(string email1, string email2, ISet union) + { + // email1 is a particular address + if (email1.IndexOf('@') != -1) + { + string _sub = email1.Substring(email1.IndexOf('@') + 1); + // both are a particular mailbox + if (email2.IndexOf('@') != -1) + { + if (Platform.EqualsIgnoreCase(email1, email2)) + { + union.Add(email1); + } + else + { + union.Add(email1); + union.Add(email2); + } + } + // email2 specifies a domain + else if (Platform.StartsWith(email2, ".")) + { + if (WithinDomain(_sub, email2)) + { + union.Add(email2); + } + else + { + union.Add(email1); + union.Add(email2); + } + } + // email2 specifies a particular host + else + { + if (Platform.EqualsIgnoreCase(_sub, email2)) + { + union.Add(email2); + } + else + { + union.Add(email1); + union.Add(email2); + + } + } + } + // email1 specifies a domain + else if (Platform.StartsWith(email1, ".")) + { + if (email2.IndexOf('@') != -1) + { + string _sub = email2.Substring(email1.IndexOf('@') + 1); + if (WithinDomain(_sub, email1)) + { + union.Add(email1); + } + else + { + union.Add(email1); + union.Add(email2); + } + } + // email2 specifies a domain + else if (Platform.StartsWith(email2, ".")) + { + if (WithinDomain(email1, email2) || Platform.EqualsIgnoreCase(email1, email2)) + { + union.Add(email2); + } + else if (WithinDomain(email2, email1)) + { + union.Add(email1); + } + else + { + union.Add(email1); + union.Add(email2); + } + } + else + { + if (WithinDomain(email2, email1)) + { + union.Add(email1); + } + else + { + union.Add(email1); + union.Add(email2); + } + } + } + // email specifies a host + else + { + if (email2.IndexOf('@') != -1) + { + string _sub = email2.Substring(email1.IndexOf('@') + 1); + if (Platform.EqualsIgnoreCase(_sub, email1)) + { + union.Add(email1); + } + else + { + union.Add(email1); + union.Add(email2); + } + } + // email2 specifies a domain + else if (Platform.StartsWith(email2, ".")) + { + if (WithinDomain(email1, email2)) + { + union.Add(email2); + } + else + { + union.Add(email1); + union.Add(email2); + } + } + // email2 specifies a particular host + else + { + if (Platform.EqualsIgnoreCase(email1, email2)) + { + union.Add(email1); + } + else + { + union.Add(email1); + union.Add(email2); + } + } + } + } + + private ISet IntersectDns(ISet permitted, ISet dnss) + { + ISet intersect = new HashSet(); + foreach (GeneralSubtree subtree in dnss) + { + string dns = ExtractNameAsString(subtree.Base); + if (permitted == null) + { + if (dns != null) + { + intersect.Add(dns); + } + } + else + { + foreach (string _permitted in permitted) + { + if (WithinDomain(_permitted, dns)) + { + intersect.Add(_permitted); + } + else if (WithinDomain(dns, _permitted)) + { + intersect.Add(dns); + } + } + } + } + + return intersect; + } + + private ISet UnionDns(ISet excluded, string dns) + { + if (excluded.IsEmpty) + { + if (dns == null) + return excluded; + + excluded.Add(dns); + return excluded; + } + else + { + ISet union = new HashSet(); + foreach (string _excluded in excluded) + { + if (WithinDomain(_excluded, dns)) + { + union.Add(dns); + } + else if (WithinDomain(dns, _excluded)) + { + union.Add(_excluded); + } + else + { + union.Add(_excluded); + union.Add(dns); + } + } + return union; + } + } + + /** + * The most restricting part from email1 and + * email2 is added to the intersection intersect. + * + * @param email1 Email address constraint 1. + * @param email2 Email address constraint 2. + * @param intersect The intersection. + */ + private void IntersectEmail(string email1, string email2, ISet intersect) + { + // email1 is a particular address + if (email1.IndexOf('@') != -1) + { + string _sub = email1.Substring(email1.IndexOf('@') + 1); + // both are a particular mailbox + if (email2.IndexOf('@') != -1) + { + if (Platform.EqualsIgnoreCase(email1, email2)) + { + intersect.Add(email1); + } + } + // email2 specifies a domain + else if (Platform.StartsWith(email2, ".")) + { + if (WithinDomain(_sub, email2)) + { + intersect.Add(email1); + } + } + // email2 specifies a particular host + else + { + if (Platform.EqualsIgnoreCase(_sub, email2)) + { + intersect.Add(email1); + } + } + } + // email specifies a domain + else if (Platform.StartsWith(email1, ".")) + { + if (email2.IndexOf('@') != -1) + { + string _sub = email2.Substring(email1.IndexOf('@') + 1); + if (WithinDomain(_sub, email1)) + { + intersect.Add(email2); + } + } + // email2 specifies a domain + else if (Platform.StartsWith(email2, ".")) + { + if (WithinDomain(email1, email2) || Platform.EqualsIgnoreCase(email1, email2)) + { + intersect.Add(email1); + } + else if (WithinDomain(email2, email1)) + { + intersect.Add(email2); + } + } + else + { + if (WithinDomain(email2, email1)) + { + intersect.Add(email2); + } + } + } + // email1 specifies a host + else + { + if (email2.IndexOf('@') != -1) + { + string _sub = email2.Substring(email2.IndexOf('@') + 1); + if (Platform.EqualsIgnoreCase(_sub, email1)) + { + intersect.Add(email2); + } + } + // email2 specifies a domain + else if (Platform.StartsWith(email2, ".")) + { + if (WithinDomain(email1, email2)) + { + intersect.Add(email1); + } + } + // email2 specifies a particular host + else + { + if (Platform.EqualsIgnoreCase(email1, email2)) + { + intersect.Add(email1); + } + } + } + } + + private ISet IntersectUri(ISet permitted, ISet uris) + { + ISet intersect = new HashSet(); + foreach (GeneralSubtree subtree in uris) + { + string uri = ExtractNameAsString(subtree.Base); + if (permitted == null) + { + if (uri != null) + { + intersect.Add(uri); + } + } + else + { + foreach (string _permitted in permitted) + { + IntersectUri(_permitted, uri, intersect); + } + } + } + return intersect; + } + + private ISet UnionUri(ISet excluded, string uri) + { + if (excluded.IsEmpty) + { + if (uri == null) + return excluded; + + excluded.Add(uri); + return excluded; + } + else + { + ISet union = new HashSet(); + foreach (string _excluded in excluded) + { + unionURI(_excluded, uri, union); + } + return union; + } + } + + private void IntersectUri(string email1, string email2, ISet intersect) + { + // email1 is a particular address + if (email1.IndexOf('@') != -1) + { + string _sub = email1.Substring(email1.IndexOf('@') + 1); + // both are a particular mailbox + if (email2.IndexOf('@') != -1) + { + if (Platform.EqualsIgnoreCase(email1, email2)) + { + intersect.Add(email1); + } + } + // email2 specifies a domain + else if (Platform.StartsWith(email2, ".")) + { + if (WithinDomain(_sub, email2)) + { + intersect.Add(email1); + } + } + // email2 specifies a particular host + else + { + if (Platform.EqualsIgnoreCase(_sub, email2)) + { + intersect.Add(email1); + } + } + } + // email specifies a domain + else if (Platform.StartsWith(email1, ".")) + { + if (email2.IndexOf('@') != -1) + { + string _sub = email2.Substring(email1.IndexOf('@') + 1); + if (WithinDomain(_sub, email1)) + { + intersect.Add(email2); + } + } + // email2 specifies a domain + else if (Platform.StartsWith(email2, ".")) + { + if (WithinDomain(email1, email2) || Platform.EqualsIgnoreCase(email1, email2)) + { + intersect.Add(email1); + } + else if (WithinDomain(email2, email1)) + { + intersect.Add(email2); + } + } + else + { + if (WithinDomain(email2, email1)) + { + intersect.Add(email2); + } + } + } + // email1 specifies a host + else + { + if (email2.IndexOf('@') != -1) + { + string _sub = email2.Substring(email2.IndexOf('@') + 1); + if (Platform.EqualsIgnoreCase(_sub, email1)) + { + intersect.Add(email2); + } + } + // email2 specifies a domain + else if (Platform.StartsWith(email2, ".")) + { + if (WithinDomain(email1, email2)) + { + intersect.Add(email1); + } + } + // email2 specifies a particular host + else + { + if (Platform.EqualsIgnoreCase(email1, email2)) + { + intersect.Add(email1); + } + } + } + } + + private static string ExtractHostFromURL(string url) + { + // see RFC 1738 + // remove ':' after protocol, e.g. http: + string sub = url.Substring(url.IndexOf(':') + 1); + // extract host from Common Internet Scheme Syntax, e.g. http:// + int idxOfSlashes = Platform.IndexOf(sub, "//"); + if (idxOfSlashes != -1) + { + sub = sub.Substring(idxOfSlashes + 2); + } + // first remove port, e.g. http://test.com:21 + if (sub.LastIndexOf(':') != -1) + { + sub = sub.Substring(0, sub.LastIndexOf(':')); + } + // remove user and password, e.g. http://john:password@test.com + sub = sub.Substring(sub.IndexOf(':') + 1); + sub = sub.Substring(sub.IndexOf('@') + 1); + // remove local parts, e.g. http://test.com/bla + if (sub.IndexOf('/') != -1) + { + sub = sub.Substring(0, sub.IndexOf('/')); + } + return sub; + } + + /** + * Checks if the given GeneralName is in the permitted ISet. + * + * @param name The GeneralName + * @throws PkixNameConstraintValidatorException + * If the name + */ + public void checkPermitted(GeneralName name) + //throws PkixNameConstraintValidatorException + { + switch (name.TagNo) + { + case GeneralName.OtherName: + CheckPermittedOtherName(permittedSubtreesOtherName, OtherName.GetInstance(name.Name)); + break; + case GeneralName.Rfc822Name: + CheckPermittedEmail(permittedSubtreesEmail, ExtractNameAsString(name)); + break; + case GeneralName.DnsName: + CheckPermittedDns(permittedSubtreesDNS, ExtractNameAsString(name)); + break; + case GeneralName.DirectoryName: + CheckPermittedDN(Asn1Sequence.GetInstance(name.Name.ToAsn1Object())); + break; + case GeneralName.UniformResourceIdentifier: + CheckPermittedUri(permittedSubtreesURI, ExtractNameAsString(name)); + break; + case GeneralName.IPAddress: + CheckPermittedIP(permittedSubtreesIP, Asn1OctetString.GetInstance(name.Name).GetOctets()); + break; + } + } + + /** + * Check if the given GeneralName is contained in the excluded ISet. + * + * @param name The GeneralName. + * @throws PkixNameConstraintValidatorException + * If the name is + * excluded. + */ + public void checkExcluded(GeneralName name) + //throws PkixNameConstraintValidatorException + { + switch (name.TagNo) + { + case GeneralName.OtherName: + CheckExcludedOtherName(excludedSubtreesOtherName, OtherName.GetInstance(name.Name)); + break; + case GeneralName.Rfc822Name: + CheckExcludedEmail(excludedSubtreesEmail, ExtractNameAsString(name)); + break; + case GeneralName.DnsName: + CheckExcludedDns(excludedSubtreesDNS, ExtractNameAsString(name)); + break; + case GeneralName.DirectoryName: + CheckExcludedDN(Asn1Sequence.GetInstance(name.Name.ToAsn1Object())); + break; + case GeneralName.UniformResourceIdentifier: + CheckExcludedUri(excludedSubtreesURI, ExtractNameAsString(name)); + break; + case GeneralName.IPAddress: + CheckExcludedIP(excludedSubtreesIP, Asn1OctetString.GetInstance(name.Name).GetOctets()); + break; + } + } + + /** + * Updates the permitted ISet of these name constraints with the intersection + * with the given subtree. + * + * @param permitted The permitted subtrees + */ + + public void IntersectPermittedSubtree(Asn1Sequence permitted) + { + IDictionary subtreesMap = Platform.CreateHashtable(); + + // group in ISets in a map ordered by tag no. + foreach (object obj in permitted) + { + GeneralSubtree subtree = GeneralSubtree.GetInstance(obj); + + int tagNo = subtree.Base.TagNo; + if (subtreesMap[tagNo] == null) + { + subtreesMap[tagNo] = new HashSet(); + } + + ((ISet)subtreesMap[tagNo]).Add(subtree); + } + + foreach (DictionaryEntry entry in subtreesMap) + { + // go through all subtree groups + switch ((int)entry.Key) + { + case GeneralName.OtherName: + permittedSubtreesOtherName = IntersectOtherName(permittedSubtreesOtherName, + (ISet)entry.Value); + break; + case GeneralName.Rfc822Name: + permittedSubtreesEmail = IntersectEmail(permittedSubtreesEmail, + (ISet)entry.Value); + break; + case GeneralName.DnsName: + permittedSubtreesDNS = IntersectDns(permittedSubtreesDNS, + (ISet)entry.Value); + break; + case GeneralName.DirectoryName: + permittedSubtreesDN = IntersectDN(permittedSubtreesDN, + (ISet)entry.Value); + break; + case GeneralName.UniformResourceIdentifier: + permittedSubtreesURI = IntersectUri(permittedSubtreesURI, + (ISet)entry.Value); + break; + case GeneralName.IPAddress: + permittedSubtreesIP = IntersectIP(permittedSubtreesIP, + (ISet)entry.Value); + break; + } + } + } + + private string ExtractNameAsString(GeneralName name) + { + return DerIA5String.GetInstance(name.Name).GetString(); + } + + public void IntersectEmptyPermittedSubtree(int nameType) + { + switch (nameType) + { + case GeneralName.OtherName: + permittedSubtreesOtherName = new HashSet(); + break; + case GeneralName.Rfc822Name: + permittedSubtreesEmail = new HashSet(); + break; + case GeneralName.DnsName: + permittedSubtreesDNS = new HashSet(); + break; + case GeneralName.DirectoryName: + permittedSubtreesDN = new HashSet(); + break; + case GeneralName.UniformResourceIdentifier: + permittedSubtreesURI = new HashSet(); + break; + case GeneralName.IPAddress: + permittedSubtreesIP = new HashSet(); + break; + } + } + + /** + * Adds a subtree to the excluded ISet of these name constraints. + * + * @param subtree A subtree with an excluded GeneralName. + */ + public void AddExcludedSubtree(GeneralSubtree subtree) + { + GeneralName subTreeBase = subtree.Base; + + switch (subTreeBase.TagNo) + { + case GeneralName.OtherName: + excludedSubtreesOtherName = UnionOtherName(excludedSubtreesOtherName, + OtherName.GetInstance(subTreeBase.Name)); + break; + case GeneralName.Rfc822Name: + excludedSubtreesEmail = UnionEmail(excludedSubtreesEmail, + ExtractNameAsString(subTreeBase)); + break; + case GeneralName.DnsName: + excludedSubtreesDNS = UnionDns(excludedSubtreesDNS, + ExtractNameAsString(subTreeBase)); + break; + case GeneralName.DirectoryName: + excludedSubtreesDN = UnionDN(excludedSubtreesDN, + (Asn1Sequence)subTreeBase.Name.ToAsn1Object()); + break; + case GeneralName.UniformResourceIdentifier: + excludedSubtreesURI = UnionUri(excludedSubtreesURI, + ExtractNameAsString(subTreeBase)); + break; + case GeneralName.IPAddress: + excludedSubtreesIP = UnionIP(excludedSubtreesIP, + Asn1OctetString.GetInstance(subTreeBase.Name).GetOctets()); + break; + } + } + + /** + * Returns the maximum IP address. + * + * @param ip1 The first IP address. + * @param ip2 The second IP address. + * @return The maximum IP address. + */ + private static byte[] Max(byte[] ip1, byte[] ip2) + { + for (int i = 0; i < ip1.Length; i++) + { + if ((ip1[i] & 0xFFFF) > (ip2[i] & 0xFFFF)) + { + return ip1; + } + } + return ip2; + } + + /** + * Returns the minimum IP address. + * + * @param ip1 The first IP address. + * @param ip2 The second IP address. + * @return The minimum IP address. + */ + private static byte[] Min(byte[] ip1, byte[] ip2) + { + for (int i = 0; i < ip1.Length; i++) + { + if ((ip1[i] & 0xFFFF) < (ip2[i] & 0xFFFF)) + { + return ip1; + } + } + return ip2; + } + + /** + * Compares IP address ip1 with ip2. If ip1 + * is equal to ip2 0 is returned. If ip1 is bigger 1 is returned, -1 + * otherwise. + * + * @param ip1 The first IP address. + * @param ip2 The second IP address. + * @return 0 if ip1 is equal to ip2, 1 if ip1 is bigger, -1 otherwise. + */ + private static int CompareTo(byte[] ip1, byte[] ip2) + { + if (Org.BouncyCastle.Utilities.Arrays.AreEqual(ip1, ip2)) + { + return 0; + } + if (Org.BouncyCastle.Utilities.Arrays.AreEqual(Max(ip1, ip2), ip1)) + { + return 1; + } + return -1; + } + + /** + * Returns the logical OR of the IP addresses ip1 and + * ip2. + * + * @param ip1 The first IP address. + * @param ip2 The second IP address. + * @return The OR of ip1 and ip2. + */ + private static byte[] Or(byte[] ip1, byte[] ip2) + { + byte[] temp = new byte[ip1.Length]; + for (int i = 0; i < ip1.Length; i++) + { + temp[i] = (byte)(ip1[i] | ip2[i]); + } + return temp; + } + + [Obsolete("Use GetHashCode instead")] + public int HashCode() + { + return GetHashCode(); + } + + public override int GetHashCode() + { + return HashCollection(excludedSubtreesDN) + + HashCollection(excludedSubtreesDNS) + + HashCollection(excludedSubtreesEmail) + + HashCollection(excludedSubtreesIP) + + HashCollection(excludedSubtreesURI) + + HashCollection(excludedSubtreesOtherName) + + HashCollection(permittedSubtreesDN) + + HashCollection(permittedSubtreesDNS) + + HashCollection(permittedSubtreesEmail) + + HashCollection(permittedSubtreesIP) + + HashCollection(permittedSubtreesURI) + + HashCollection(permittedSubtreesOtherName); + } + + private int HashCollection(ICollection c) + { + if (c == null) + return 0; + + int hash = 0; + foreach (Object o in c) + { + if (o is byte[]) + { + hash += Arrays.GetHashCode((byte[])o); + } + else + { + hash += o.GetHashCode(); + } + } + return hash; + } + + public override bool Equals(Object o) + { + if (!(o is PkixNameConstraintValidator)) + return false; + + PkixNameConstraintValidator constraintValidator = (PkixNameConstraintValidator)o; + + return CollectionsAreEqual(constraintValidator.excludedSubtreesDN, excludedSubtreesDN) + && CollectionsAreEqual(constraintValidator.excludedSubtreesDNS, excludedSubtreesDNS) + && CollectionsAreEqual(constraintValidator.excludedSubtreesEmail, excludedSubtreesEmail) + && CollectionsAreEqual(constraintValidator.excludedSubtreesIP, excludedSubtreesIP) + && CollectionsAreEqual(constraintValidator.excludedSubtreesURI, excludedSubtreesURI) + && CollectionsAreEqual(constraintValidator.excludedSubtreesOtherName, excludedSubtreesOtherName) + && CollectionsAreEqual(constraintValidator.permittedSubtreesDN, permittedSubtreesDN) + && CollectionsAreEqual(constraintValidator.permittedSubtreesDNS, permittedSubtreesDNS) + && CollectionsAreEqual(constraintValidator.permittedSubtreesEmail, permittedSubtreesEmail) + && CollectionsAreEqual(constraintValidator.permittedSubtreesIP, permittedSubtreesIP) + && CollectionsAreEqual(constraintValidator.permittedSubtreesURI, permittedSubtreesURI) + && CollectionsAreEqual(constraintValidator.permittedSubtreesOtherName, permittedSubtreesOtherName); + } + + private bool CollectionsAreEqual(ICollection coll1, ICollection coll2) + { + if (coll1 == coll2) + return true; + if (coll1 == null || coll2 == null || coll1.Count != coll2.Count) + return false; + + foreach (Object a in coll1) + { + bool found = false; + foreach (Object b in coll2) + { + if (SpecialEquals(a, b)) + { + found = true; + break; + } + } + + if (!found) + return false; + } + return true; + } + + private bool SpecialEquals(Object o1, Object o2) + { + if (o1 == o2) + { + return true; + } + if (o1 == null || o2 == null) + { + return false; + } + if ((o1 is byte[]) && (o2 is byte[])) + { + return Arrays.AreEqual((byte[])o1, (byte[])o2); + } + else + { + return o1.Equals(o2); + } + } + + /** + * Stringifies an IPv4 or v6 address with subnet mask. + * + * @param ip The IP with subnet mask. + * @return The stringified IP address. + */ + private string StringifyIP(byte[] ip) + { + string temp = ""; + for (int i = 0; i < ip.Length / 2; i++) + { + //temp += Integer.toString(ip[i] & 0x00FF) + "."; + temp += (ip[i] & 0x00FF) + "."; + } + temp = temp.Substring(0, temp.Length - 1); + temp += "/"; + for (int i = ip.Length / 2; i < ip.Length; i++) + { + //temp += Integer.toString(ip[i] & 0x00FF) + "."; + temp += (ip[i] & 0x00FF) + "."; + } + temp = temp.Substring(0, temp.Length - 1); + return temp; + } + + private string StringifyIPCollection(ISet ips) + { + string temp = ""; + temp += "["; + foreach (byte[] ip in ips) + { + temp += StringifyIP(ip) + ","; + } + if (temp.Length > 1) + { + temp = temp.Substring(0, temp.Length - 1); + } + temp += "]"; + return temp; + } + + private string StringifyOtherNameCollection(ISet otherNames) + { + string temp = ""; + temp += "["; + foreach (object obj in otherNames) + { + OtherName name = OtherName.GetInstance(obj); + if (temp.Length > 1) + { + temp += ","; + } + temp += name.TypeID.Id; + temp += ":"; + try + { + temp += Hex.ToHexString(name.Value.ToAsn1Object().GetEncoded()); + } + catch (IOException e) + { + temp += e.ToString(); + } + } + temp += "]"; + return temp; + } + + public override string ToString() + { + string temp = ""; + + temp += "permitted:\n"; + if (permittedSubtreesDN != null) + { + temp += "DN:\n"; + temp += permittedSubtreesDN.ToString() + "\n"; + } + if (permittedSubtreesDNS != null) + { + temp += "DNS:\n"; + temp += permittedSubtreesDNS.ToString() + "\n"; + } + if (permittedSubtreesEmail != null) + { + temp += "Email:\n"; + temp += permittedSubtreesEmail.ToString() + "\n"; + } + if (permittedSubtreesURI != null) + { + temp += "URI:\n"; + temp += permittedSubtreesURI.ToString() + "\n"; + } + if (permittedSubtreesIP != null) + { + temp += "IP:\n"; + temp += StringifyIPCollection(permittedSubtreesIP) + "\n"; + } + if (permittedSubtreesOtherName != null) + { + temp += "OtherName:\n"; + temp += StringifyOtherNameCollection(permittedSubtreesOtherName); + } + temp += "excluded:\n"; + if (!(excludedSubtreesDN.IsEmpty)) + { + temp += "DN:\n"; + temp += excludedSubtreesDN.ToString() + "\n"; + } + if (!excludedSubtreesDNS.IsEmpty) + { + temp += "DNS:\n"; + temp += excludedSubtreesDNS.ToString() + "\n"; + } + if (!excludedSubtreesEmail.IsEmpty) + { + temp += "Email:\n"; + temp += excludedSubtreesEmail.ToString() + "\n"; + } + if (!excludedSubtreesURI.IsEmpty) + { + temp += "URI:\n"; + temp += excludedSubtreesURI.ToString() + "\n"; + } + if (!excludedSubtreesIP.IsEmpty) + { + temp += "IP:\n"; + temp += StringifyIPCollection(excludedSubtreesIP) + "\n"; + } + if (!excludedSubtreesOtherName.IsEmpty) + { + temp += "OtherName:\n"; + temp += StringifyOtherNameCollection(excludedSubtreesOtherName); + } + return temp; + } + } +} diff --git a/BouncyCastle/crypto/src/pkix/PkixNameConstraintValidatorException.cs b/BouncyCastle/crypto/src/pkix/PkixNameConstraintValidatorException.cs new file mode 100644 index 0000000..b187525 --- /dev/null +++ b/BouncyCastle/crypto/src/pkix/PkixNameConstraintValidatorException.cs @@ -0,0 +1,16 @@ +using System; + +namespace Org.BouncyCastle.Pkix +{ +#if !(NETCF_1_0 || NETCF_2_0 || SILVERLIGHT || PORTABLE) + [Serializable] +#endif + public class PkixNameConstraintValidatorException + : Exception + { + public PkixNameConstraintValidatorException(String msg) + : base(msg) + { + } + } +} diff --git a/BouncyCastle/crypto/src/pkix/PkixParameters.cs b/BouncyCastle/crypto/src/pkix/PkixParameters.cs new file mode 100644 index 0000000..01ed9d4 --- /dev/null +++ b/BouncyCastle/crypto/src/pkix/PkixParameters.cs @@ -0,0 +1,893 @@ +using System; +using System.Collections; + +using Org.BouncyCastle.Utilities; +using Org.BouncyCastle.Utilities.Collections; +using Org.BouncyCastle.Utilities.Date; +using Org.BouncyCastle.X509.Store; + +namespace Org.BouncyCastle.Pkix +{ + /// + /// Summary description for PkixParameters. + /// + public class PkixParameters +// : ICertPathParameters + { + /** + * This is the default PKIX validity model. Actually there are two variants + * of this: The PKIX model and the modified PKIX model. The PKIX model + * verifies that all involved certificates must have been valid at the + * current time. The modified PKIX model verifies that all involved + * certificates were valid at the signing time. Both are indirectly choosen + * with the {@link PKIXParameters#setDate(java.util.Date)} method, so this + * methods sets the Date when all certificates must have been + * valid. + */ + public const int PkixValidityModel = 0; + + /** + * This model uses the following validity model. Each certificate must have + * been valid at the moment where is was used. That means the end + * certificate must have been valid at the time the signature was done. The + * CA certificate which signed the end certificate must have been valid, + * when the end certificate was signed. The CA (or Root CA) certificate must + * have been valid, when the CA certificate was signed and so on. So the + * {@link PKIXParameters#setDate(java.util.Date)} method sets the time, when + * the end certificate must have been valid.

    It is used e.g. + * in the German signature law. + */ + public const int ChainValidityModel = 1; + + private ISet trustAnchors; + private DateTimeObject date; + private IList certPathCheckers; + private bool revocationEnabled = true; + private ISet initialPolicies; + //private bool checkOnlyEECertificateCrl = false; + private bool explicitPolicyRequired = false; + private bool anyPolicyInhibited = false; + private bool policyMappingInhibited = false; + private bool policyQualifiersRejected = true; + private IX509Selector certSelector; + private IList stores; + private IX509Selector selector; + private bool additionalLocationsEnabled; + private IList additionalStores; + private ISet trustedACIssuers; + private ISet necessaryACAttributes; + private ISet prohibitedACAttributes; + private ISet attrCertCheckers; + private int validityModel = PkixValidityModel; + private bool useDeltas = false; + + /** + * Creates an instance of PKIXParameters with the specified Set of + * most-trusted CAs. Each element of the set is a TrustAnchor.
    + *
    + * Note that the Set is copied to protect against subsequent modifications. + * + * @param trustAnchors + * a Set of TrustAnchors + * + * @exception InvalidAlgorithmParameterException + * if the specified Set is empty + * (trustAnchors.isEmpty() == true) + * @exception NullPointerException + * if the specified Set is null + * @exception ClassCastException + * if any of the elements in the Set are not of type + * java.security.cert.TrustAnchor + */ + public PkixParameters( + ISet trustAnchors) + { + SetTrustAnchors(trustAnchors); + + this.initialPolicies = new HashSet(); + this.certPathCheckers = Platform.CreateArrayList(); + this.stores = Platform.CreateArrayList(); + this.additionalStores = Platform.CreateArrayList(); + this.trustedACIssuers = new HashSet(); + this.necessaryACAttributes = new HashSet(); + this.prohibitedACAttributes = new HashSet(); + this.attrCertCheckers = new HashSet(); + } + +// // TODO implement for other keystores (see Java build)? +// /** +// * Creates an instance of PKIXParameters that +// * populates the set of most-trusted CAs from the trusted +// * certificate entries contained in the specified KeyStore. +// * Only keystore entries that contain trusted X509Certificates +// * are considered; all other certificate types are ignored. +// * +// * @param keystore a KeyStore from which the set of +// * most-trusted CAs will be populated +// * @throws KeyStoreException if the keystore has not been initialized +// * @throws InvalidAlgorithmParameterException if the keystore does +// * not contain at least one trusted certificate entry +// * @throws NullPointerException if the keystore is null +// */ +// public PkixParameters( +// Pkcs12Store keystore) +//// throws KeyStoreException, InvalidAlgorithmParameterException +// { +// if (keystore == null) +// throw new ArgumentNullException("keystore"); +// ISet trustAnchors = new HashSet(); +// foreach (string alias in keystore.Aliases) +// { +// if (keystore.IsCertificateEntry(alias)) +// { +// X509CertificateEntry x509Entry = keystore.GetCertificate(alias); +// trustAnchors.Add(new TrustAnchor(x509Entry.Certificate, null)); +// } +// } +// SetTrustAnchors(trustAnchors); +// +// this.initialPolicies = new HashSet(); +// this.certPathCheckers = new ArrayList(); +// this.stores = new ArrayList(); +// this.additionalStores = new ArrayList(); +// this.trustedACIssuers = new HashSet(); +// this.necessaryACAttributes = new HashSet(); +// this.prohibitedACAttributes = new HashSet(); +// this.attrCertCheckers = new HashSet(); +// } + + public virtual bool IsRevocationEnabled + { + get { return revocationEnabled; } + set { revocationEnabled = value; } + } + + public virtual bool IsExplicitPolicyRequired + { + get { return explicitPolicyRequired; } + set { this.explicitPolicyRequired = value; } + } + + public virtual bool IsAnyPolicyInhibited + { + get { return anyPolicyInhibited; } + set { this.anyPolicyInhibited = value; } + } + + public virtual bool IsPolicyMappingInhibited + { + get { return policyMappingInhibited; } + set { this.policyMappingInhibited = value; } + } + + public virtual bool IsPolicyQualifiersRejected + { + get { return policyQualifiersRejected; } + set { this.policyQualifiersRejected = value; } + } + + //public bool IsCheckOnlyEECertificateCrl + //{ + // get { return this.checkOnlyEECertificateCrl; } + // set { this.checkOnlyEECertificateCrl = value; } + //} + + public virtual DateTimeObject Date + { + get { return this.date; } + set { this.date = value; } + } + + // Returns a Set of the most-trusted CAs. + public virtual ISet GetTrustAnchors() + { + return new HashSet(this.trustAnchors); + } + + // Sets the set of most-trusted CAs. + // Set is copied to protect against subsequent modifications. + public virtual void SetTrustAnchors( + ISet tas) + { + if (tas == null) + throw new ArgumentNullException("value"); + if (tas.IsEmpty) + throw new ArgumentException("non-empty set required", "value"); + + // Explicit copy to enforce type-safety + this.trustAnchors = new HashSet(); + foreach (TrustAnchor ta in tas) + { + if (ta != null) + { + trustAnchors.Add(ta); + } + } + } + + /** + * Returns the required constraints on the target certificate. The + * constraints are returned as an instance of CertSelector. If + * null, no constraints are defined.
    + *
    + * Note that the CertSelector returned is cloned to protect against + * subsequent modifications. + * + * @return a CertSelector specifying the constraints on the target + * certificate (or null) + * + * @see #setTargetCertConstraints(CertSelector) + */ + public virtual X509CertStoreSelector GetTargetCertConstraints() + { + if (certSelector == null) + { + return null; + } + + return (X509CertStoreSelector)certSelector.Clone(); + } + + /** + * Sets the required constraints on the target certificate. The constraints + * are specified as an instance of CertSelector. If null, no constraints are + * defined.
    + *
    + * Note that the CertSelector specified is cloned to protect against + * subsequent modifications. + * + * @param selector + * a CertSelector specifying the constraints on the target + * certificate (or null) + * + * @see #getTargetCertConstraints() + */ + public virtual void SetTargetCertConstraints( + IX509Selector selector) + { + if (selector == null) + { + certSelector = null; + } + else + { + certSelector = (IX509Selector)selector.Clone(); + } + } + + /** + * Returns an immutable Set of initial policy identifiers (OID strings), + * indicating that any one of these policies would be acceptable to the + * certificate user for the purposes of certification path processing. The + * default return value is an empty Set, which is + * interpreted as meaning that any policy would be acceptable. + * + * @return an immutable Set of initial policy OIDs in String + * format, or an empty Set (implying any policy is + * acceptable). Never returns null. + * + * @see #setInitialPolicies(java.util.Set) + */ + public virtual ISet GetInitialPolicies() + { + ISet returnSet = initialPolicies; + + // TODO Can it really be null? + if (initialPolicies == null) + { + returnSet = new HashSet(); + } + + return new HashSet(returnSet); + } + + /** + * Sets the Set of initial policy identifiers (OID strings), + * indicating that any one of these policies would be acceptable to the + * certificate user for the purposes of certification path processing. By + * default, any policy is acceptable (i.e. all policies), so a user that + * wants to allow any policy as acceptable does not need to call this + * method, or can call it with an empty Set (or + * null).
    + *
    + * Note that the Set is copied to protect against subsequent modifications.
    + *
    + * + * @param initialPolicies + * a Set of initial policy OIDs in String format (or + * null) + * + * @exception ClassCastException + * if any of the elements in the set are not of type String + * + * @see #getInitialPolicies() + */ + public virtual void SetInitialPolicies( + ISet initialPolicies) + { + this.initialPolicies = new HashSet(); + if (initialPolicies != null) + { + foreach (string obj in initialPolicies) + { + if (obj != null) + { + this.initialPolicies.Add(obj); + } + } + } + } + + /** + * Sets a List of additional certification path checkers. If + * the specified List contains an object that is not a PKIXCertPathChecker, + * it is ignored.
    + *
    + * Each PKIXCertPathChecker specified implements additional + * checks on a certificate. Typically, these are checks to process and + * verify private extensions contained in certificates. Each + * PKIXCertPathChecker should be instantiated with any + * initialization parameters needed to execute the check.
    + *
    + * This method allows sophisticated applications to extend a PKIX + * CertPathValidator or CertPathBuilder. Each + * of the specified PKIXCertPathCheckers will be called, in turn, by a PKIX + * CertPathValidator or CertPathBuilder for + * each certificate processed or validated.
    + *
    + * Regardless of whether these additional PKIXCertPathCheckers are set, a + * PKIX CertPathValidator or CertPathBuilder + * must perform all of the required PKIX checks on each certificate. The one + * exception to this rule is if the RevocationEnabled flag is set to false + * (see the {@link #setRevocationEnabled(boolean) setRevocationEnabled} + * method).
    + *
    + * Note that the List supplied here is copied and each PKIXCertPathChecker + * in the list is cloned to protect against subsequent modifications. + * + * @param checkers + * a List of PKIXCertPathCheckers. May be null, in which case no + * additional checkers will be used. + * @exception ClassCastException + * if any of the elements in the list are not of type + * java.security.cert.PKIXCertPathChecker + * @see #getCertPathCheckers() + */ + public virtual void SetCertPathCheckers(IList checkers) + { + certPathCheckers = Platform.CreateArrayList(); + if (checkers != null) + { + foreach (PkixCertPathChecker obj in checkers) + { + certPathCheckers.Add(obj.Clone()); + } + } + } + + /** + * Returns the List of certification path checkers. Each PKIXCertPathChecker + * in the returned IList is cloned to protect against subsequent modifications. + * + * @return an immutable List of PKIXCertPathCheckers (may be empty, but not + * null) + * + * @see #setCertPathCheckers(java.util.List) + */ + public virtual IList GetCertPathCheckers() + { + IList checkers = Platform.CreateArrayList(); + foreach (PkixCertPathChecker obj in certPathCheckers) + { + checkers.Add(obj.Clone()); + } + return checkers; + } + + /** + * Adds a PKIXCertPathChecker to the list of certification + * path checkers. See the {@link #setCertPathCheckers setCertPathCheckers} + * method for more details. + *

    + * Note that the PKIXCertPathChecker is cloned to protect + * against subsequent modifications.

    + * + * @param checker a PKIXCertPathChecker to add to the list of + * checks. If null, the checker is ignored (not added to list). + */ + public virtual void AddCertPathChecker( + PkixCertPathChecker checker) + { + if (checker != null) + { + certPathCheckers.Add(checker.Clone()); + } + } + + public virtual object Clone() + { + // FIXME Check this whole method against the Java implementation! + + PkixParameters parameters = new PkixParameters(GetTrustAnchors()); + parameters.SetParams(this); + return parameters; + + +// PkixParameters obj = new PkixParameters(new HashSet()); +//// (PkixParameters) this.MemberwiseClone(); +// obj.x509Stores = new ArrayList(x509Stores); +// obj.certPathCheckers = new ArrayList(certPathCheckers); +// +// //Iterator iter = certPathCheckers.iterator(); +// //obj.certPathCheckers = new ArrayList(); +// //while (iter.hasNext()) +// //{ +// // obj.certPathCheckers.add(((PKIXCertPathChecker)iter.next()) +// // .clone()); +// //} +// //if (initialPolicies != null) +// //{ +// // obj.initialPolicies = new HashSet(initialPolicies); +// //} +//// if (trustAnchors != null) +//// { +//// obj.trustAnchors = new HashSet(trustAnchors); +//// } +//// if (certSelector != null) +//// { +//// obj.certSelector = (X509CertStoreSelector) certSelector.Clone(); +//// } +// return obj; + } + + /** + * Method to support Clone() under J2ME. + * super.Clone() does not exist and fields are not copied. + * + * @param params Parameters to set. If this are + * ExtendedPkixParameters they are copied to. + */ + protected virtual void SetParams( + PkixParameters parameters) + { + Date = parameters.Date; + SetCertPathCheckers(parameters.GetCertPathCheckers()); + IsAnyPolicyInhibited = parameters.IsAnyPolicyInhibited; + IsExplicitPolicyRequired = parameters.IsExplicitPolicyRequired; + IsPolicyMappingInhibited = parameters.IsPolicyMappingInhibited; + IsRevocationEnabled = parameters.IsRevocationEnabled; + SetInitialPolicies(parameters.GetInitialPolicies()); + IsPolicyQualifiersRejected = parameters.IsPolicyQualifiersRejected; + SetTargetCertConstraints(parameters.GetTargetCertConstraints()); + SetTrustAnchors(parameters.GetTrustAnchors()); + + validityModel = parameters.validityModel; + useDeltas = parameters.useDeltas; + additionalLocationsEnabled = parameters.additionalLocationsEnabled; + selector = parameters.selector == null ? null + : (IX509Selector) parameters.selector.Clone(); + stores = Platform.CreateArrayList(parameters.stores); + additionalStores = Platform.CreateArrayList(parameters.additionalStores); + trustedACIssuers = new HashSet(parameters.trustedACIssuers); + prohibitedACAttributes = new HashSet(parameters.prohibitedACAttributes); + necessaryACAttributes = new HashSet(parameters.necessaryACAttributes); + attrCertCheckers = new HashSet(parameters.attrCertCheckers); + } + + /** + * Whether delta CRLs should be used for checking the revocation status. + * Defaults to false. + */ + public virtual bool IsUseDeltasEnabled + { + get { return useDeltas; } + set { useDeltas = value; } + } + + /** + * The validity model. + * @see #CHAIN_VALIDITY_MODEL + * @see #PKIX_VALIDITY_MODEL + */ + public virtual int ValidityModel + { + get { return validityModel; } + set { validityModel = value; } + } + + /** + * Sets the Bouncy Castle Stores for finding CRLs, certificates, attribute + * certificates or cross certificates. + *

    + * The IList is cloned. + *

    + * + * @param stores A list of stores to use. + * @see #getStores + * @throws ClassCastException if an element of stores is not + * a {@link Store}. + */ + public virtual void SetStores( + IList stores) + { + if (stores == null) + { + this.stores = Platform.CreateArrayList(); + } + else + { + foreach (object obj in stores) + { + if (!(obj is IX509Store)) + { + throw new InvalidCastException( + "All elements of list must be of type " + typeof(IX509Store).FullName); + } + } + this.stores = Platform.CreateArrayList(stores); + } + } + + /** + * Adds a Bouncy Castle {@link Store} to find CRLs, certificates, attribute + * certificates or cross certificates. + *

    + * This method should be used to add local stores, like collection based + * X.509 stores, if available. Local stores should be considered first, + * before trying to use additional (remote) locations, because they do not + * need possible additional network traffic. + *

    + * If store is null it is ignored. + *

    + * + * @param store The store to add. + * @see #getStores + */ + public virtual void AddStore( + IX509Store store) + { + if (store != null) + { + stores.Add(store); + } + } + + /** + * Adds an additional Bouncy Castle {@link Store} to find CRLs, certificates, + * attribute certificates or cross certificates. + *

    + * You should not use this method. This method is used for adding additional + * X.509 stores, which are used to add (remote) locations, e.g. LDAP, found + * during X.509 object processing, e.g. in certificates or CRLs. This method + * is used in PKIX certification path processing. + *

    + * If store is null it is ignored. + *

    + * + * @param store The store to add. + * @see #getStores() + */ + public virtual void AddAdditionalStore( + IX509Store store) + { + if (store != null) + { + additionalStores.Add(store); + } + } + + /** + * Returns an IList of additional Bouncy Castle + * Stores used for finding CRLs, certificates, attribute + * certificates or cross certificates. + * + * @return an immutable IList of additional Bouncy Castle + * Stores. Never null. + * + * @see #addAddionalStore(Store) + */ + public virtual IList GetAdditionalStores() + { + return Platform.CreateArrayList(additionalStores); + } + + /** + * Returns an IList of Bouncy Castle + * Stores used for finding CRLs, certificates, attribute + * certificates or cross certificates. + * + * @return an immutable IList of Bouncy Castle + * Stores. Never null. + * + * @see #setStores(IList) + */ + public virtual IList GetStores() + { + return Platform.CreateArrayList(stores); + } + + /** + * Returns if additional {@link X509Store}s for locations like LDAP found + * in certificates or CRLs should be used. + * + * @return Returns true if additional stores are used. + */ + public virtual bool IsAdditionalLocationsEnabled + { + get { return additionalLocationsEnabled; } + } + + /** + * Sets if additional {@link X509Store}s for locations like LDAP found in + * certificates or CRLs should be used. + * + * @param enabled true if additional stores are used. + */ + public virtual void SetAdditionalLocationsEnabled( + bool enabled) + { + additionalLocationsEnabled = enabled; + } + + /** + * Returns the required constraints on the target certificate or attribute + * certificate. The constraints are returned as an instance of + * IX509Selector. If null, no constraints are + * defined. + * + *

    + * The target certificate in a PKIX path may be a certificate or an + * attribute certificate. + *

    + * Note that the IX509Selector returned is cloned to protect + * against subsequent modifications. + *

    + * @return a IX509Selector specifying the constraints on the + * target certificate or attribute certificate (or null) + * @see #setTargetConstraints + * @see X509CertStoreSelector + * @see X509AttributeCertStoreSelector + */ + public virtual IX509Selector GetTargetConstraints() + { + if (selector != null) + { + return (IX509Selector) selector.Clone(); + } + else + { + return null; + } + } + + /** + * Sets the required constraints on the target certificate or attribute + * certificate. The constraints are specified as an instance of + * IX509Selector. If null, no constraints are + * defined. + *

    + * The target certificate in a PKIX path may be a certificate or an + * attribute certificate. + *

    + * Note that the IX509Selector specified is cloned to protect + * against subsequent modifications. + *

    + * + * @param selector a IX509Selector specifying the constraints on + * the target certificate or attribute certificate (or + * null) + * @see #getTargetConstraints + * @see X509CertStoreSelector + * @see X509AttributeCertStoreSelector + */ + public virtual void SetTargetConstraints(IX509Selector selector) + { + if (selector != null) + { + this.selector = (IX509Selector) selector.Clone(); + } + else + { + this.selector = null; + } + } + + /** + * Returns the trusted attribute certificate issuers. If attribute + * certificates is verified the trusted AC issuers must be set. + *

    + * The returned ISet consists of TrustAnchors. + *

    + * The returned ISet is immutable. Never null + *

    + * + * @return Returns an immutable set of the trusted AC issuers. + */ + public virtual ISet GetTrustedACIssuers() + { + return new HashSet(trustedACIssuers); + } + + /** + * Sets the trusted attribute certificate issuers. If attribute certificates + * is verified the trusted AC issuers must be set. + *

    + * The trustedACIssuers must be a ISet of + * TrustAnchor + *

    + * The given set is cloned. + *

    + * + * @param trustedACIssuers The trusted AC issuers to set. Is never + * null. + * @throws ClassCastException if an element of stores is not + * a TrustAnchor. + */ + public virtual void SetTrustedACIssuers( + ISet trustedACIssuers) + { + if (trustedACIssuers == null) + { + this.trustedACIssuers = new HashSet(); + } + else + { + foreach (object obj in trustedACIssuers) + { + if (!(obj is TrustAnchor)) + { + throw new InvalidCastException("All elements of set must be " + + "of type " + typeof(TrustAnchor).FullName + "."); + } + } + this.trustedACIssuers = new HashSet(trustedACIssuers); + } + } + + /** + * Returns the necessary attributes which must be contained in an attribute + * certificate. + *

    + * The returned ISet is immutable and contains + * Strings with the OIDs. + *

    + * + * @return Returns the necessary AC attributes. + */ + public virtual ISet GetNecessaryACAttributes() + { + return new HashSet(necessaryACAttributes); + } + + /** + * Sets the necessary which must be contained in an attribute certificate. + *

    + * The ISet must contain Strings with the + * OIDs. + *

    + * The set is cloned. + *

    + * + * @param necessaryACAttributes The necessary AC attributes to set. + * @throws ClassCastException if an element of + * necessaryACAttributes is not a + * String. + */ + public virtual void SetNecessaryACAttributes( + ISet necessaryACAttributes) + { + if (necessaryACAttributes == null) + { + this.necessaryACAttributes = new HashSet(); + } + else + { + foreach (object obj in necessaryACAttributes) + { + if (!(obj is string)) + { + throw new InvalidCastException("All elements of set must be " + + "of type string."); + } + } + this.necessaryACAttributes = new HashSet(necessaryACAttributes); + } + } + + /** + * Returns the attribute certificates which are not allowed. + *

    + * The returned ISet is immutable and contains + * Strings with the OIDs. + *

    + * + * @return Returns the prohibited AC attributes. Is never null. + */ + public virtual ISet GetProhibitedACAttributes() + { + return new HashSet(prohibitedACAttributes); + } + + /** + * Sets the attribute certificates which are not allowed. + *

    + * The ISet must contain Strings with the + * OIDs. + *

    + * The set is cloned. + *

    + * + * @param prohibitedACAttributes The prohibited AC attributes to set. + * @throws ClassCastException if an element of + * prohibitedACAttributes is not a + * String. + */ + public virtual void SetProhibitedACAttributes( + ISet prohibitedACAttributes) + { + if (prohibitedACAttributes == null) + { + this.prohibitedACAttributes = new HashSet(); + } + else + { + foreach (object obj in prohibitedACAttributes) + { + if (!(obj is String)) + { + throw new InvalidCastException("All elements of set must be " + + "of type string."); + } + } + this.prohibitedACAttributes = new HashSet(prohibitedACAttributes); + } + } + + /** + * Returns the attribute certificate checker. The returned set contains + * {@link PKIXAttrCertChecker}s and is immutable. + * + * @return Returns the attribute certificate checker. Is never + * null. + */ + public virtual ISet GetAttrCertCheckers() + { + return new HashSet(attrCertCheckers); + } + + /** + * Sets the attribute certificate checkers. + *

    + * All elements in the ISet must a {@link PKIXAttrCertChecker}. + *

    + *

    + * The given set is cloned. + *

    + * + * @param attrCertCheckers The attribute certificate checkers to set. Is + * never null. + * @throws ClassCastException if an element of attrCertCheckers + * is not a PKIXAttrCertChecker. + */ + public virtual void SetAttrCertCheckers( + ISet attrCertCheckers) + { + if (attrCertCheckers == null) + { + this.attrCertCheckers = new HashSet(); + } + else + { + foreach (object obj in attrCertCheckers) + { + if (!(obj is PkixAttrCertChecker)) + { + throw new InvalidCastException("All elements of set must be " + + "of type " + typeof(PkixAttrCertChecker).FullName + "."); + } + } + this.attrCertCheckers = new HashSet(attrCertCheckers); + } + } + } +} diff --git a/BouncyCastle/crypto/src/pkix/PkixPolicyNode.cs b/BouncyCastle/crypto/src/pkix/PkixPolicyNode.cs new file mode 100644 index 0000000..fc5b82f --- /dev/null +++ b/BouncyCastle/crypto/src/pkix/PkixPolicyNode.cs @@ -0,0 +1,158 @@ +using System; +using System.Collections; +using System.Text; + +using Org.BouncyCastle.Utilities; +using Org.BouncyCastle.Utilities.Collections; + +namespace Org.BouncyCastle.Pkix +{ + /// + /// Summary description for PkixPolicyNode. + /// + public class PkixPolicyNode +// : IPolicyNode + { + protected IList mChildren; + protected int mDepth; + protected ISet mExpectedPolicies; + protected PkixPolicyNode mParent; + protected ISet mPolicyQualifiers; + protected string mValidPolicy; + protected bool mCritical; + + public virtual int Depth + { + get { return this.mDepth; } + } + + public virtual IEnumerable Children + { + get { return new EnumerableProxy(mChildren); } + } + + public virtual bool IsCritical + { + get { return this.mCritical; } + set { this.mCritical = value; } + } + + public virtual ISet PolicyQualifiers + { + get { return new HashSet(this.mPolicyQualifiers); } + } + + public virtual string ValidPolicy + { + get { return this.mValidPolicy; } + } + + public virtual bool HasChildren + { + get { return mChildren.Count != 0; } + } + + public virtual ISet ExpectedPolicies + { + get { return new HashSet(this.mExpectedPolicies); } + set { this.mExpectedPolicies = new HashSet(value); } + } + + public virtual PkixPolicyNode Parent + { + get { return this.mParent; } + set { this.mParent = value; } + } + + /// Constructors + public PkixPolicyNode( + IList children, + int depth, + ISet expectedPolicies, + PkixPolicyNode parent, + ISet policyQualifiers, + string validPolicy, + bool critical) + { + if (children == null) + { + this.mChildren = Platform.CreateArrayList(); + } + else + { + this.mChildren = Platform.CreateArrayList(children); + } + + this.mDepth = depth; + this.mExpectedPolicies = expectedPolicies; + this.mParent = parent; + this.mPolicyQualifiers = policyQualifiers; + this.mValidPolicy = validPolicy; + this.mCritical = critical; + } + + public virtual void AddChild( + PkixPolicyNode child) + { + child.Parent = this; + mChildren.Add(child); + } + + public virtual void RemoveChild( + PkixPolicyNode child) + { + mChildren.Remove(child); + } + + public override string ToString() + { + return ToString(""); + } + + public virtual string ToString( + string indent) + { + StringBuilder buf = new StringBuilder(); + buf.Append(indent); + buf.Append(mValidPolicy); + buf.Append(" {"); + buf.Append(Platform.NewLine); + + foreach (PkixPolicyNode child in mChildren) + { + buf.Append(child.ToString(indent + " ")); + } + + buf.Append(indent); + buf.Append("}"); + buf.Append(Platform.NewLine); + return buf.ToString(); + } + + public virtual object Clone() + { + return Copy(); + } + + public virtual PkixPolicyNode Copy() + { + PkixPolicyNode node = new PkixPolicyNode( + Platform.CreateArrayList(), + mDepth, + new HashSet(mExpectedPolicies), + null, + new HashSet(mPolicyQualifiers), + mValidPolicy, + mCritical); + + foreach (PkixPolicyNode child in mChildren) + { + PkixPolicyNode copy = child.Copy(); + copy.Parent = node; + node.AddChild(copy); + } + + return node; + } + } +} diff --git a/BouncyCastle/crypto/src/pkix/ReasonsMask.cs b/BouncyCastle/crypto/src/pkix/ReasonsMask.cs new file mode 100644 index 0000000..e389bfe --- /dev/null +++ b/BouncyCastle/crypto/src/pkix/ReasonsMask.cs @@ -0,0 +1,96 @@ +using System; + +using Org.BouncyCastle.Asn1.X509; + +namespace Org.BouncyCastle.Pkix +{ + /// + /// This class helps to handle CRL revocation reasons mask. Each CRL handles a + /// certain set of revocation reasons. + /// + internal class ReasonsMask + { + private int _reasons; + + /// + /// Constructs are reason mask with the reasons. + /// + /// The reasons. + internal ReasonsMask( + int reasons) + { + _reasons = reasons; + } + + /// + /// A reason mask with no reason. + /// + internal ReasonsMask() + : this(0) + { + } + + /// + /// A mask with all revocation reasons. + /// + internal static readonly ReasonsMask AllReasons = new ReasonsMask( + ReasonFlags.AACompromise | ReasonFlags.AffiliationChanged | ReasonFlags.CACompromise + | ReasonFlags.CertificateHold | ReasonFlags.CessationOfOperation + | ReasonFlags.KeyCompromise | ReasonFlags.PrivilegeWithdrawn | ReasonFlags.Unused + | ReasonFlags.Superseded); + + /** + * Adds all reasons from the reasons mask to this mask. + * + * @param mask The reasons mask to add. + */ + internal void AddReasons( + ReasonsMask mask) + { + _reasons = _reasons | mask.Reasons.IntValue; + } + + /// + /// Returns true if this reasons mask contains all possible + /// reasons. + /// + /// true if this reasons mask contains all possible reasons. + /// + internal bool IsAllReasons + { + get { return _reasons == AllReasons._reasons; } + } + + /// + /// Intersects this mask with the given reasons mask. + /// + /// mask The mask to intersect with. + /// The intersection of this and teh given mask. + internal ReasonsMask Intersect( + ReasonsMask mask) + { + ReasonsMask _mask = new ReasonsMask(); + _mask.AddReasons(new ReasonsMask(_reasons & mask.Reasons.IntValue)); + return _mask; + } + + /// + /// Returns true if the passed reasons mask has new reasons. + /// + /// The reasons mask which should be tested for new reasons. + /// true if the passed reasons mask has new reasons. + internal bool HasNewReasons( + ReasonsMask mask) + { + return ((_reasons | mask.Reasons.IntValue ^ _reasons) != 0); + } + + /// + /// Returns the reasons in this mask. + /// + public ReasonFlags Reasons + { + get { return new ReasonFlags(_reasons); } + } + } +} diff --git a/BouncyCastle/crypto/src/pkix/Rfc3280CertPathUtilities.cs b/BouncyCastle/crypto/src/pkix/Rfc3280CertPathUtilities.cs new file mode 100644 index 0000000..d6594f4 --- /dev/null +++ b/BouncyCastle/crypto/src/pkix/Rfc3280CertPathUtilities.cs @@ -0,0 +1,2447 @@ +using System; +using System.Collections; +using System.Globalization; +using System.IO; + +using Org.BouncyCastle.Asn1; +using Org.BouncyCastle.Asn1.X509; +using Org.BouncyCastle.Crypto; +using Org.BouncyCastle.Math; +using Org.BouncyCastle.Security; +using Org.BouncyCastle.Security.Certificates; +using Org.BouncyCastle.Utilities; +using Org.BouncyCastle.Utilities.Collections; +using Org.BouncyCastle.Utilities.Date; +using Org.BouncyCastle.X509; +using Org.BouncyCastle.X509.Store; + +namespace Org.BouncyCastle.Pkix +{ + public class Rfc3280CertPathUtilities + { + private static readonly PkixCrlUtilities CrlUtilities = new PkixCrlUtilities(); + + internal static readonly string ANY_POLICY = "2.5.29.32.0"; + + // key usage bits + internal static readonly int KEY_CERT_SIGN = 5; + internal static readonly int CRL_SIGN = 6; + + /** + * If the complete CRL includes an issuing distribution point (IDP) CRL + * extension check the following: + *

    + * (i) If the distribution point name is present in the IDP CRL extension + * and the distribution field is present in the DP, then verify that one of + * the names in the IDP matches one of the names in the DP. If the + * distribution point name is present in the IDP CRL extension and the + * distribution field is omitted from the DP, then verify that one of the + * names in the IDP matches one of the names in the cRLIssuer field of the + * DP. + *

    + *

    + * (ii) If the onlyContainsUserCerts boolean is asserted in the IDP CRL + * extension, verify that the certificate does not include the basic + * constraints extension with the cA boolean asserted. + *

    + *

    + * (iii) If the onlyContainsCACerts boolean is asserted in the IDP CRL + * extension, verify that the certificate includes the basic constraints + * extension with the cA boolean asserted. + *

    + *

    + * (iv) Verify that the onlyContainsAttributeCerts boolean is not asserted. + *

    + * + * @param dp The distribution point. + * @param cert The certificate. + * @param crl The CRL. + * @throws AnnotatedException if one of the conditions is not met or an error occurs. + */ + internal static void ProcessCrlB2( + DistributionPoint dp, + object cert, + X509Crl crl) + { + IssuingDistributionPoint idp = null; + try + { + idp = IssuingDistributionPoint.GetInstance(PkixCertPathValidatorUtilities.GetExtensionValue(crl, X509Extensions.IssuingDistributionPoint)); + } + catch (Exception e) + { + throw new Exception("0 Issuing distribution point extension could not be decoded.", e); + } + // (b) (2) (i) + // distribution point name is present + if (idp != null) + { + if (idp.DistributionPoint != null) + { + // make list of names + DistributionPointName dpName = IssuingDistributionPoint.GetInstance(idp).DistributionPoint; + IList names = Platform.CreateArrayList(); + + if (dpName.PointType == DistributionPointName.FullName) + { + GeneralName[] genNames = GeneralNames.GetInstance(dpName.Name).GetNames(); + for (int j = 0; j < genNames.Length; j++) + { + names.Add(genNames[j]); + } + } + if (dpName.PointType == DistributionPointName.NameRelativeToCrlIssuer) + { + Asn1EncodableVector vec = new Asn1EncodableVector(); + try + { + IEnumerator e = Asn1Sequence.GetInstance( + Asn1Sequence.FromByteArray(crl.IssuerDN.GetEncoded())).GetEnumerator(); + while (e.MoveNext()) + { + vec.Add((Asn1Encodable)e.Current); + } + } + catch (IOException e) + { + throw new Exception("Could not read CRL issuer.", e); + } + vec.Add(dpName.Name); + names.Add(new GeneralName(X509Name.GetInstance(new DerSequence(vec)))); + } + bool matches = false; + // verify that one of the names in the IDP matches one + // of the names in the DP. + if (dp.DistributionPointName != null) + { + dpName = dp.DistributionPointName; + GeneralName[] genNames = null; + if (dpName.PointType == DistributionPointName.FullName) + { + genNames = GeneralNames.GetInstance(dpName.Name).GetNames(); + } + if (dpName.PointType == DistributionPointName.NameRelativeToCrlIssuer) + { + if (dp.CrlIssuer != null) + { + genNames = dp.CrlIssuer.GetNames(); + } + else + { + genNames = new GeneralName[1]; + try + { + genNames[0] = new GeneralName( + PkixCertPathValidatorUtilities.GetIssuerPrincipal(cert)); + } + catch (IOException e) + { + throw new Exception("Could not read certificate issuer.", e); + } + } + for (int j = 0; j < genNames.Length; j++) + { + IEnumerator e = Asn1Sequence.GetInstance(genNames[j].Name.ToAsn1Object()).GetEnumerator(); + Asn1EncodableVector vec = new Asn1EncodableVector(); + while (e.MoveNext()) + { + vec.Add((Asn1Encodable)e.Current); + } + vec.Add(dpName.Name); + genNames[j] = new GeneralName(X509Name.GetInstance(new DerSequence(vec))); + } + } + if (genNames != null) + { + for (int j = 0; j < genNames.Length; j++) + { + if (names.Contains(genNames[j])) + { + matches = true; + break; + } + } + } + if (!matches) + { + throw new Exception( + "No match for certificate CRL issuing distribution point name to cRLIssuer CRL distribution point."); + } + } + // verify that one of the names in + // the IDP matches one of the names in the cRLIssuer field of + // the DP + else + { + if (dp.CrlIssuer == null) + { + throw new Exception("Either the cRLIssuer or the distributionPoint field must " + + "be contained in DistributionPoint."); + } + GeneralName[] genNames = dp.CrlIssuer.GetNames(); + for (int j = 0; j < genNames.Length; j++) + { + if (names.Contains(genNames[j])) + { + matches = true; + break; + } + } + if (!matches) + { + throw new Exception( + "No match for certificate CRL issuing distribution point name to cRLIssuer CRL distribution point."); + } + } + } + BasicConstraints bc = null; + try + { + bc = BasicConstraints.GetInstance(PkixCertPathValidatorUtilities.GetExtensionValue( + (IX509Extension)cert, X509Extensions.BasicConstraints)); + } + catch (Exception e) + { + throw new Exception("Basic constraints extension could not be decoded.", e); + } + + //if (cert is X509Certificate) + { + // (b) (2) (ii) + if (idp.OnlyContainsUserCerts && ((bc != null) && bc.IsCA())) + { + throw new Exception("CA Cert CRL only contains user certificates."); + } + + // (b) (2) (iii) + if (idp.OnlyContainsCACerts && (bc == null || !bc.IsCA())) + { + throw new Exception("End CRL only contains CA certificates."); + } + } + + // (b) (2) (iv) + if (idp.OnlyContainsAttributeCerts) + { + throw new Exception("onlyContainsAttributeCerts boolean is asserted."); + } + } + } + + internal static void ProcessCertBC( + PkixCertPath certPath, + int index, + PkixNameConstraintValidator nameConstraintValidator) + //throws CertPathValidatorException + { + IList certs = certPath.Certificates; + X509Certificate cert = (X509Certificate)certs[index]; + int n = certs.Count; + // i as defined in the algorithm description + int i = n - index; + // + // (b), (c) permitted and excluded subtree checking. + // + if (!(PkixCertPathValidatorUtilities.IsSelfIssued(cert) && (i < n))) + { + X509Name principal = cert.SubjectDN; + Asn1Sequence dns; + + try + { + dns = Asn1Sequence.GetInstance(principal.GetEncoded()); + } + catch (Exception e) + { + throw new PkixCertPathValidatorException( + "Exception extracting subject name when checking subtrees.", e, certPath, index); + } + + try + { + nameConstraintValidator.CheckPermittedDN(dns); + nameConstraintValidator.CheckExcludedDN(dns); + } + catch (PkixNameConstraintValidatorException e) + { + throw new PkixCertPathValidatorException( + "Subtree check for certificate subject failed.", e, certPath, index); + } + + GeneralNames altName = null; + try + { + altName = GeneralNames.GetInstance( + PkixCertPathValidatorUtilities.GetExtensionValue(cert, X509Extensions.SubjectAlternativeName)); + } + catch (Exception e) + { + throw new PkixCertPathValidatorException( + "Subject alternative name extension could not be decoded.", e, certPath, index); + } + + IList emails = X509Name.GetInstance(dns).GetValueList(X509Name.EmailAddress); + foreach (string email in emails) + { + GeneralName emailAsGeneralName = new GeneralName(GeneralName.Rfc822Name, email); + try + { + nameConstraintValidator.checkPermitted(emailAsGeneralName); + nameConstraintValidator.checkExcluded(emailAsGeneralName); + } + catch (PkixNameConstraintValidatorException ex) + { + throw new PkixCertPathValidatorException( + "Subtree check for certificate subject alternative email failed.", ex, certPath, index); + } + } + if (altName != null) + { + GeneralName[] genNames = null; + try + { + genNames = altName.GetNames(); + } + catch (Exception e) + { + throw new PkixCertPathValidatorException( + "Subject alternative name contents could not be decoded.", e, certPath, index); + } + foreach (GeneralName genName in genNames) + { + try + { + nameConstraintValidator.checkPermitted(genName); + nameConstraintValidator.checkExcluded(genName); + } + catch (PkixNameConstraintValidatorException e) + { + throw new PkixCertPathValidatorException( + "Subtree check for certificate subject alternative name failed.", e, certPath, index); + } + } + } + } + } + + internal static void PrepareNextCertA( + PkixCertPath certPath, + int index) + //throws CertPathValidatorException + { + IList certs = certPath.Certificates; + X509Certificate cert = (X509Certificate)certs[index]; + // + // + // (a) check the policy mappings + // + Asn1Sequence pm = null; + try + { + pm = Asn1Sequence.GetInstance( + PkixCertPathValidatorUtilities.GetExtensionValue(cert, X509Extensions.PolicyMappings)); + } + catch (Exception ex) + { + throw new PkixCertPathValidatorException( + "Policy mappings extension could not be decoded.", ex, certPath, index); + } + if (pm != null) + { + Asn1Sequence mappings = pm; + + for (int j = 0; j < mappings.Count; j++) + { + DerObjectIdentifier issuerDomainPolicy = null; + DerObjectIdentifier subjectDomainPolicy = null; + try + { + Asn1Sequence mapping = Asn1Sequence.GetInstance(mappings[j]); + + issuerDomainPolicy = DerObjectIdentifier.GetInstance(mapping[0]); + subjectDomainPolicy = DerObjectIdentifier.GetInstance(mapping[1]); + } + catch (Exception e) + { + throw new PkixCertPathValidatorException( + "Policy mappings extension contents could not be decoded.", e, certPath, index); + } + + if (Rfc3280CertPathUtilities.ANY_POLICY.Equals(issuerDomainPolicy.Id)) + throw new PkixCertPathValidatorException( + "IssuerDomainPolicy is anyPolicy", null, certPath, index); + + if (Rfc3280CertPathUtilities.ANY_POLICY.Equals(subjectDomainPolicy.Id)) + throw new PkixCertPathValidatorException( + "SubjectDomainPolicy is anyPolicy,", null, certPath, index); + } + } + } + + internal static PkixPolicyNode ProcessCertD( + PkixCertPath certPath, + int index, + ISet acceptablePolicies, + PkixPolicyNode validPolicyTree, + IList[] policyNodes, + int inhibitAnyPolicy) + //throws CertPathValidatorException + { + IList certs = certPath.Certificates; + X509Certificate cert = (X509Certificate)certs[index]; + int n = certs.Count; + // i as defined in the algorithm description + int i = n - index; + // + // (d) policy Information checking against initial policy and + // policy mapping + // + Asn1Sequence certPolicies = null; + try + { + certPolicies = Asn1Sequence.GetInstance( + PkixCertPathValidatorUtilities.GetExtensionValue(cert, X509Extensions.CertificatePolicies)); + } + catch (Exception e) + { + throw new PkixCertPathValidatorException( + "Could not read certificate policies extension from certificate.", e, certPath, index); + } + if (certPolicies != null && validPolicyTree != null) + { + // + // (d) (1) + // + ISet pols = new HashSet(); + + foreach (Asn1Encodable ae in certPolicies) + { + PolicyInformation pInfo = PolicyInformation.GetInstance(ae.ToAsn1Object()); + DerObjectIdentifier pOid = pInfo.PolicyIdentifier; + + pols.Add(pOid.Id); + + if (!Rfc3280CertPathUtilities.ANY_POLICY.Equals(pOid.Id)) + { + ISet pq = null; + try + { + pq = PkixCertPathValidatorUtilities.GetQualifierSet(pInfo.PolicyQualifiers); + } + catch (PkixCertPathValidatorException ex) + { + throw new PkixCertPathValidatorException( + "Policy qualifier info set could not be build.", ex, certPath, index); + } + + bool match = PkixCertPathValidatorUtilities.ProcessCertD1i(i, policyNodes, pOid, pq); + + if (!match) + { + PkixCertPathValidatorUtilities.ProcessCertD1ii(i, policyNodes, pOid, pq); + } + } + } + + if (acceptablePolicies.IsEmpty || acceptablePolicies.Contains(Rfc3280CertPathUtilities.ANY_POLICY)) + { + acceptablePolicies.Clear(); + acceptablePolicies.AddAll(pols); + } + else + { + ISet t1 = new HashSet(); + + foreach (object o in acceptablePolicies) + { + if (pols.Contains(o)) + { + t1.Add(o); + } + } + acceptablePolicies.Clear(); + acceptablePolicies.AddAll(t1); + } + + // + // (d) (2) + // + if ((inhibitAnyPolicy > 0) || ((i < n) && PkixCertPathValidatorUtilities.IsSelfIssued(cert))) + { + foreach (Asn1Encodable ae in certPolicies) + { + PolicyInformation pInfo = PolicyInformation.GetInstance(ae.ToAsn1Object()); + if (Rfc3280CertPathUtilities.ANY_POLICY.Equals(pInfo.PolicyIdentifier.Id)) + { + ISet _apq = PkixCertPathValidatorUtilities.GetQualifierSet(pInfo.PolicyQualifiers); + IList _nodes = policyNodes[i - 1]; + + for (int k = 0; k < _nodes.Count; k++) + { + PkixPolicyNode _node = (PkixPolicyNode)_nodes[k]; + + IEnumerator _policySetIter = _node.ExpectedPolicies.GetEnumerator(); + while (_policySetIter.MoveNext()) + { + object _tmp = _policySetIter.Current; + + string _policy; + if (_tmp is string) + { + _policy = (string)_tmp; + } + else if (_tmp is DerObjectIdentifier) + { + _policy = ((DerObjectIdentifier)_tmp).Id; + } + else + { + continue; + } + + bool _found = false; + + foreach (PkixPolicyNode _child in _node.Children) + { + if (_policy.Equals(_child.ValidPolicy)) + { + _found = true; + } + } + + if (!_found) + { + ISet _newChildExpectedPolicies = new HashSet(); + _newChildExpectedPolicies.Add(_policy); + + PkixPolicyNode _newChild = new PkixPolicyNode(Platform.CreateArrayList(), i, + _newChildExpectedPolicies, _node, _apq, _policy, false); + _node.AddChild(_newChild); + policyNodes[i].Add(_newChild); + } + } + } + break; + } + } + } + + PkixPolicyNode _validPolicyTree = validPolicyTree; + // + // (d) (3) + // + for (int j = (i - 1); j >= 0; j--) + { + IList nodes = policyNodes[j]; + + for (int k = 0; k < nodes.Count; k++) + { + PkixPolicyNode node = (PkixPolicyNode)nodes[k]; + if (!node.HasChildren) + { + _validPolicyTree = PkixCertPathValidatorUtilities.RemovePolicyNode(_validPolicyTree, policyNodes, + node); + if (_validPolicyTree == null) + { + break; + } + } + } + } + + // + // d (4) + // + ISet criticalExtensionOids = cert.GetCriticalExtensionOids(); + + if (criticalExtensionOids != null) + { + bool critical = criticalExtensionOids.Contains(X509Extensions.CertificatePolicies.Id); + + IList nodes = policyNodes[i]; + for (int j = 0; j < nodes.Count; j++) + { + PkixPolicyNode node = (PkixPolicyNode)nodes[j]; + node.IsCritical = critical; + } + } + return _validPolicyTree; + } + return null; + } + + /** + * If the DP includes cRLIssuer, then verify that the issuer field in the + * complete CRL matches cRLIssuer in the DP and that the complete CRL + * contains an + * g distribution point extension with the indirectCRL + * boolean asserted. Otherwise, verify that the CRL issuer matches the + * certificate issuer. + * + * @param dp The distribution point. + * @param cert The certificate ot attribute certificate. + * @param crl The CRL for cert. + * @throws AnnotatedException if one of the above conditions does not apply or an error + * occurs. + */ + internal static void ProcessCrlB1( + DistributionPoint dp, + object cert, + X509Crl crl) + { + Asn1Object idp = PkixCertPathValidatorUtilities.GetExtensionValue( + crl, X509Extensions.IssuingDistributionPoint); + + bool isIndirect = false; + if (idp != null) + { + if (IssuingDistributionPoint.GetInstance(idp).IsIndirectCrl) + { + isIndirect = true; + } + } + byte[] issuerBytes = crl.IssuerDN.GetEncoded(); + + bool matchIssuer = false; + if (dp.CrlIssuer != null) + { + GeneralName[] genNames = dp.CrlIssuer.GetNames(); + for (int j = 0; j < genNames.Length; j++) + { + if (genNames[j].TagNo == GeneralName.DirectoryName) + { + try + { + if (Org.BouncyCastle.Utilities.Arrays.AreEqual(genNames[j].Name.ToAsn1Object().GetEncoded(), issuerBytes)) + { + matchIssuer = true; + } + } + catch (IOException e) + { + throw new Exception( + "CRL issuer information from distribution point cannot be decoded.", e); + } + } + } + if (matchIssuer && !isIndirect) + { + throw new Exception("Distribution point contains cRLIssuer field but CRL is not indirect."); + } + if (!matchIssuer) + { + throw new Exception("CRL issuer of CRL does not match CRL issuer of distribution point."); + } + } + else + { + if (crl.IssuerDN.Equivalent(PkixCertPathValidatorUtilities.GetIssuerPrincipal(cert), true)) + { + matchIssuer = true; + } + } + if (!matchIssuer) + { + throw new Exception("Cannot find matching CRL issuer for certificate."); + } + } + + internal static ReasonsMask ProcessCrlD( + X509Crl crl, + DistributionPoint dp) + //throws AnnotatedException + { + IssuingDistributionPoint idp = null; + try + { + idp = IssuingDistributionPoint.GetInstance(PkixCertPathValidatorUtilities.GetExtensionValue(crl, X509Extensions.IssuingDistributionPoint)); + } + catch (Exception e) + { + throw new Exception("issuing distribution point extension could not be decoded.", e); + } + + // (d) (1) + if (idp != null && idp.OnlySomeReasons != null && dp.Reasons != null) + { + return new ReasonsMask(dp.Reasons.IntValue).Intersect(new ReasonsMask(idp.OnlySomeReasons + .IntValue)); + } + // (d) (4) + if ((idp == null || idp.OnlySomeReasons == null) && dp.Reasons == null) + { + return ReasonsMask.AllReasons; + } + + // (d) (2) and (d)(3) + + ReasonsMask dpReasons = null; + + if (dp.Reasons == null) + { + dpReasons = ReasonsMask.AllReasons; + } + else + { + dpReasons = new ReasonsMask(dp.Reasons.IntValue); + } + + ReasonsMask idpReasons = null; + + if (idp == null) + { + idpReasons = ReasonsMask.AllReasons; + } + else + { + idpReasons = new ReasonsMask(idp.OnlySomeReasons.IntValue); + } + + return dpReasons.Intersect(idpReasons); + } + + /** + * Obtain and validate the certification path for the complete CRL issuer. + * If a key usage extension is present in the CRL issuer's certificate, + * verify that the cRLSign bit is set. + * + * @param crl CRL which contains revocation information for the certificate + * cert. + * @param cert The attribute certificate or certificate to check if it is + * revoked. + * @param defaultCRLSignCert The issuer certificate of the certificate cert. + * @param defaultCRLSignKey The public key of the issuer certificate + * defaultCRLSignCert. + * @param paramsPKIX paramsPKIX PKIX parameters. + * @param certPathCerts The certificates on the certification path. + * @return A Set with all keys of possible CRL issuer + * certificates. + * @throws AnnotatedException if the CRL is not valid or the status cannot be checked or + * some error occurs. + */ + internal static ISet ProcessCrlF( + X509Crl crl, + object cert, + X509Certificate defaultCRLSignCert, + AsymmetricKeyParameter defaultCRLSignKey, + PkixParameters paramsPKIX, + IList certPathCerts) + { + // (f) + + // get issuer from CRL + X509CertStoreSelector selector = new X509CertStoreSelector(); + try + { + selector.Subject = crl.IssuerDN; + } + catch (IOException e) + { + throw new Exception( + "Subject criteria for certificate selector to find issuer certificate for CRL could not be set.", e); + } + + // get CRL signing certs + IList coll = Platform.CreateArrayList(); + + try + { + CollectionUtilities.AddRange(coll, PkixCertPathValidatorUtilities.FindCertificates(selector, paramsPKIX.GetStores())); + CollectionUtilities.AddRange(coll, PkixCertPathValidatorUtilities.FindCertificates(selector, paramsPKIX.GetAdditionalStores())); + } + catch (Exception e) + { + throw new Exception("Issuer certificate for CRL cannot be searched.", e); + } + + coll.Add(defaultCRLSignCert); + + IEnumerator cert_it = coll.GetEnumerator(); + + IList validCerts = Platform.CreateArrayList(); + IList validKeys = Platform.CreateArrayList(); + + while (cert_it.MoveNext()) + { + X509Certificate signingCert = (X509Certificate)cert_it.Current; + + /* + * CA of the certificate, for which this CRL is checked, has also + * signed CRL, so skip the path validation, because is already done + */ + if (signingCert.Equals(defaultCRLSignCert)) + { + validCerts.Add(signingCert); + validKeys.Add(defaultCRLSignKey); + continue; + } + try + { +// CertPathBuilder builder = CertPathBuilder.GetInstance("PKIX"); + PkixCertPathBuilder builder = new PkixCertPathBuilder(); + selector = new X509CertStoreSelector(); + selector.Certificate = signingCert; + + PkixParameters temp = (PkixParameters)paramsPKIX.Clone(); + temp.SetTargetCertConstraints(selector); + + PkixBuilderParameters parameters = (PkixBuilderParameters) + PkixBuilderParameters.GetInstance(temp); + + /* + * if signingCert is placed not higher on the cert path a + * dependency loop results. CRL for cert is checked, but + * signingCert is needed for checking the CRL which is dependent + * on checking cert because it is higher in the cert path and so + * signing signingCert transitively. so, revocation is disabled, + * forgery attacks of the CRL are detected in this outer loop + * for all other it must be enabled to prevent forgery attacks + */ + if (certPathCerts.Contains(signingCert)) + { + parameters.IsRevocationEnabled = false; + } + else + { + parameters.IsRevocationEnabled = true; + } + IList certs = builder.Build(parameters).CertPath.Certificates; + validCerts.Add(signingCert); + validKeys.Add(PkixCertPathValidatorUtilities.GetNextWorkingKey(certs, 0)); + } + catch (PkixCertPathBuilderException e) + { + throw new Exception("CertPath for CRL signer failed to validate.", e); + } + catch (PkixCertPathValidatorException e) + { + throw new Exception("Public key of issuer certificate of CRL could not be retrieved.", e); + } + //catch (Exception e) + //{ + // throw new Exception(e.Message); + //} + } + + ISet checkKeys = new HashSet(); + + Exception lastException = null; + for (int i = 0; i < validCerts.Count; i++) + { + X509Certificate signCert = (X509Certificate)validCerts[i]; + bool[] keyusage = signCert.GetKeyUsage(); + + if (keyusage != null && (keyusage.Length < 7 || !keyusage[CRL_SIGN])) + { + lastException = new Exception( + "Issuer certificate key usage extension does not permit CRL signing."); + } + else + { + checkKeys.Add(validKeys[i]); + } + } + + if ((checkKeys.Count == 0) && lastException == null) + { + throw new Exception("Cannot find a valid issuer certificate."); + } + if ((checkKeys.Count == 0) && lastException != null) + { + throw lastException; + } + + return checkKeys; + } + + internal static AsymmetricKeyParameter ProcessCrlG( + X509Crl crl, + ISet keys) + { + Exception lastException = null; + foreach (AsymmetricKeyParameter key in keys) + { + try + { + crl.Verify(key); + return key; + } + catch (Exception e) + { + lastException = e; + } + } + throw new Exception("Cannot verify CRL.", lastException); + } + + internal static X509Crl ProcessCrlH( + ISet deltaCrls, + AsymmetricKeyParameter key) + { + Exception lastException = null; + foreach (X509Crl crl in deltaCrls) + { + try + { + crl.Verify(key); + return crl; + } + catch (Exception e) + { + lastException = e; + } + } + if (lastException != null) + { + throw new Exception("Cannot verify delta CRL.", lastException); + } + return null; + } + + /** + * Checks a distribution point for revocation information for the + * certificate cert. + * + * @param dp The distribution point to consider. + * @param paramsPKIX PKIX parameters. + * @param cert Certificate to check if it is revoked. + * @param validDate The date when the certificate revocation status should be + * checked. + * @param defaultCRLSignCert The issuer certificate of the certificate cert. + * @param defaultCRLSignKey The public key of the issuer certificate + * defaultCRLSignCert. + * @param certStatus The current certificate revocation status. + * @param reasonMask The reasons mask which is already checked. + * @param certPathCerts The certificates of the certification path. + * @throws AnnotatedException if the certificate is revoked or the status cannot be checked + * or some error occurs. + */ + private static void CheckCrl( + DistributionPoint dp, + PkixParameters paramsPKIX, + X509Certificate cert, + DateTime validDate, + X509Certificate defaultCRLSignCert, + AsymmetricKeyParameter defaultCRLSignKey, + CertStatus certStatus, + ReasonsMask reasonMask, + IList certPathCerts) + //throws AnnotatedException + { + DateTime currentDate = DateTime.UtcNow; + + if (validDate.Ticks > currentDate.Ticks) + { + throw new Exception("Validation time is in future."); + } + + // (a) + /* + * We always get timely valid CRLs, so there is no step (a) (1). + * "locally cached" CRLs are assumed to be in getStore(), additional + * CRLs must be enabled in the ExtendedPKIXParameters and are in + * getAdditionalStore() + */ + + ISet crls = PkixCertPathValidatorUtilities.GetCompleteCrls(dp, cert, currentDate, paramsPKIX); + bool validCrlFound = false; + Exception lastException = null; + + IEnumerator crl_iter = crls.GetEnumerator(); + + while (crl_iter.MoveNext() && certStatus.Status == CertStatus.Unrevoked && !reasonMask.IsAllReasons) + { + try + { + X509Crl crl = (X509Crl)crl_iter.Current; + + // (d) + ReasonsMask interimReasonsMask = Rfc3280CertPathUtilities.ProcessCrlD(crl, dp); + + // (e) + /* + * The reasons mask is updated at the end, so only valid CRLs + * can update it. If this CRL does not contain new reasons it + * must be ignored. + */ + if (!interimReasonsMask.HasNewReasons(reasonMask)) + { + continue; + } + + // (f) + ISet keys = Rfc3280CertPathUtilities.ProcessCrlF(crl, cert, defaultCRLSignCert, defaultCRLSignKey, + paramsPKIX, certPathCerts); + // (g) + AsymmetricKeyParameter key = Rfc3280CertPathUtilities.ProcessCrlG(crl, keys); + + X509Crl deltaCRL = null; + + if (paramsPKIX.IsUseDeltasEnabled) + { + // get delta CRLs + ISet deltaCRLs = PkixCertPathValidatorUtilities.GetDeltaCrls(currentDate, paramsPKIX, crl); + // we only want one valid delta CRL + // (h) + deltaCRL = Rfc3280CertPathUtilities.ProcessCrlH(deltaCRLs, key); + } + + /* + * CRL must be be valid at the current time, not the validation + * time. If a certificate is revoked with reason keyCompromise, + * cACompromise, it can be used for forgery, also for the past. + * This reason may not be contained in older CRLs. + */ + + /* + * in the chain model signatures stay valid also after the + * certificate has been expired, so they do not have to be in + * the CRL validity time + */ + + if (paramsPKIX.ValidityModel != PkixParameters.ChainValidityModel) + { + /* + * if a certificate has expired, but was revoked, it is not + * more in the CRL, so it would be regarded as valid if the + * first check is not done + */ + if (cert.NotAfter.Ticks < crl.ThisUpdate.Ticks) + { + throw new Exception("No valid CRL for current time found."); + } + } + + Rfc3280CertPathUtilities.ProcessCrlB1(dp, cert, crl); + + // (b) (2) + Rfc3280CertPathUtilities.ProcessCrlB2(dp, cert, crl); + + // (c) + Rfc3280CertPathUtilities.ProcessCrlC(deltaCRL, crl, paramsPKIX); + + // (i) + Rfc3280CertPathUtilities.ProcessCrlI(validDate, deltaCRL, cert, certStatus, paramsPKIX); + + // (j) + Rfc3280CertPathUtilities.ProcessCrlJ(validDate, crl, cert, certStatus); + + // (k) + if (certStatus.Status == CrlReason.RemoveFromCrl) + { + certStatus.Status = CertStatus.Unrevoked; + } + + // update reasons mask + reasonMask.AddReasons(interimReasonsMask); + + ISet criticalExtensions = crl.GetCriticalExtensionOids(); + + if (criticalExtensions != null) + { + criticalExtensions = new HashSet(criticalExtensions); + criticalExtensions.Remove(X509Extensions.IssuingDistributionPoint.Id); + criticalExtensions.Remove(X509Extensions.DeltaCrlIndicator.Id); + + if (!criticalExtensions.IsEmpty) + throw new Exception("CRL contains unsupported critical extensions."); + } + + if (deltaCRL != null) + { + criticalExtensions = deltaCRL.GetCriticalExtensionOids(); + if (criticalExtensions != null) + { + criticalExtensions = new HashSet(criticalExtensions); + criticalExtensions.Remove(X509Extensions.IssuingDistributionPoint.Id); + criticalExtensions.Remove(X509Extensions.DeltaCrlIndicator.Id); + + if (!criticalExtensions.IsEmpty) + throw new Exception("Delta CRL contains unsupported critical extension."); + } + } + + validCrlFound = true; + } + catch (Exception e) + { + lastException = e; + } + } + if (!validCrlFound) + { + throw lastException; + } + } + + /** + * Checks a certificate if it is revoked. + * + * @param paramsPKIX PKIX parameters. + * @param cert Certificate to check if it is revoked. + * @param validDate The date when the certificate revocation status should be + * checked. + * @param sign The issuer certificate of the certificate cert. + * @param workingPublicKey The public key of the issuer certificate sign. + * @param certPathCerts The certificates of the certification path. + * @throws AnnotatedException if the certificate is revoked or the status cannot be checked + * or some error occurs. + */ + protected static void CheckCrls( + PkixParameters paramsPKIX, + X509Certificate cert, + DateTime validDate, + X509Certificate sign, + AsymmetricKeyParameter workingPublicKey, + IList certPathCerts) + { + Exception lastException = null; + CrlDistPoint crldp = null; + + try + { + crldp = CrlDistPoint.GetInstance(PkixCertPathValidatorUtilities.GetExtensionValue(cert, X509Extensions.CrlDistributionPoints)); + } + catch (Exception e) + { + throw new Exception("CRL distribution point extension could not be read.", e); + } + + try + { + PkixCertPathValidatorUtilities.AddAdditionalStoresFromCrlDistributionPoint(crldp, paramsPKIX); + } + catch (Exception e) + { + throw new Exception( + "No additional CRL locations could be decoded from CRL distribution point extension.", e); + } + CertStatus certStatus = new CertStatus(); + ReasonsMask reasonsMask = new ReasonsMask(); + + bool validCrlFound = false; + + // for each distribution point + if (crldp != null) + { + DistributionPoint[] dps = null; + try + { + dps = crldp.GetDistributionPoints(); + } + catch (Exception e) + { + throw new Exception("Distribution points could not be read.", e); + } + if (dps != null) + { + for (int i = 0; i < dps.Length && certStatus.Status == CertStatus.Unrevoked && !reasonsMask.IsAllReasons; i++) + { + PkixParameters paramsPKIXClone = (PkixParameters)paramsPKIX.Clone(); + try + { + CheckCrl(dps[i], paramsPKIXClone, cert, validDate, sign, workingPublicKey, certStatus, reasonsMask, certPathCerts); + validCrlFound = true; + } + catch (Exception e) + { + lastException = e; + } + } + } + } + + /* + * If the revocation status has not been determined, repeat the process + * above with any available CRLs not specified in a distribution point + * but issued by the certificate issuer. + */ + + if (certStatus.Status == CertStatus.Unrevoked && !reasonsMask.IsAllReasons) + { + try + { + /* + * assume a DP with both the reasons and the cRLIssuer fields + * omitted and a distribution point name of the certificate + * issuer. + */ + X509Name issuer; + try + { + issuer = X509Name.GetInstance(cert.IssuerDN.GetEncoded()); + } + catch (Exception e) + { + throw new Exception("Issuer from certificate for CRL could not be reencoded.", e); + } + DistributionPoint dp = new DistributionPoint(new DistributionPointName(0, new GeneralNames( + new GeneralName(GeneralName.DirectoryName, issuer))), null, null); + PkixParameters paramsPKIXClone = (PkixParameters)paramsPKIX.Clone(); + + CheckCrl(dp, paramsPKIXClone, cert, validDate, sign, workingPublicKey, certStatus, reasonsMask, + certPathCerts); + + validCrlFound = true; + } + catch (Exception e) + { + lastException = e; + } + } + + if (!validCrlFound) + { + throw lastException; + } + if (certStatus.Status != CertStatus.Unrevoked) + { + // This format is enforced by the NistCertPath tests + string formattedDate = certStatus.RevocationDate.Value.ToString( + "ddd MMM dd HH:mm:ss K yyyy"); + string message = "Certificate revocation after " + formattedDate; + message += ", reason: " + CrlReasons[certStatus.Status]; + throw new Exception(message); + } + + if (!reasonsMask.IsAllReasons && certStatus.Status == CertStatus.Unrevoked) + { + certStatus.Status = CertStatus.Undetermined; + } + + if (certStatus.Status == CertStatus.Undetermined) + { + throw new Exception("Certificate status could not be determined."); + } + } + + internal static PkixPolicyNode PrepareCertB( + PkixCertPath certPath, + int index, + IList[] policyNodes, + PkixPolicyNode validPolicyTree, + int policyMapping) + //throws CertPathValidatorException + { + IList certs = certPath.Certificates; + X509Certificate cert = (X509Certificate)certs[index]; + int n = certs.Count; + // i as defined in the algorithm description + int i = n - index; + // (b) + // + Asn1Sequence pm = null; + try + { + pm = (Asn1Sequence)Asn1Sequence.GetInstance(PkixCertPathValidatorUtilities.GetExtensionValue(cert, X509Extensions.PolicyMappings)); + } + catch (Exception ex) + { + throw new PkixCertPathValidatorException( + "Policy mappings extension could not be decoded.", ex, certPath, index); + } + PkixPolicyNode _validPolicyTree = validPolicyTree; + if (pm != null) + { + Asn1Sequence mappings = (Asn1Sequence)pm; + IDictionary m_idp = Platform.CreateHashtable(); + ISet s_idp = new HashSet(); + + for (int j = 0; j < mappings.Count; j++) + { + Asn1Sequence mapping = (Asn1Sequence) mappings[j]; + string id_p = ((DerObjectIdentifier) mapping[0]).Id; + string sd_p = ((DerObjectIdentifier) mapping[1]).Id; + ISet tmp; + + if (!m_idp.Contains(id_p)) + { + tmp = new HashSet(); + tmp.Add(sd_p); + m_idp[id_p] = tmp; + s_idp.Add(id_p); + } + else + { + tmp = (ISet)m_idp[id_p]; + tmp.Add(sd_p); + } + } + + IEnumerator it_idp = s_idp.GetEnumerator(); + while (it_idp.MoveNext()) + { + string id_p = (string)it_idp.Current; + + // + // (1) + // + if (policyMapping > 0) + { + bool idp_found = false; + IEnumerator nodes_i = policyNodes[i].GetEnumerator(); + + while (nodes_i.MoveNext()) + { + PkixPolicyNode node = (PkixPolicyNode)nodes_i.Current; + if (node.ValidPolicy.Equals(id_p)) + { + idp_found = true; + node.ExpectedPolicies = (ISet)m_idp[id_p]; + break; + } + } + + if (!idp_found) + { + nodes_i = policyNodes[i].GetEnumerator(); + while (nodes_i.MoveNext()) + { + PkixPolicyNode node = (PkixPolicyNode)nodes_i.Current; + if (Rfc3280CertPathUtilities.ANY_POLICY.Equals(node.ValidPolicy)) + { + ISet pq = null; + Asn1Sequence policies = null; + try + { + policies = (Asn1Sequence)PkixCertPathValidatorUtilities.GetExtensionValue(cert, + X509Extensions.CertificatePolicies); + } + catch (Exception e) + { + throw new PkixCertPathValidatorException( + "Certificate policies extension could not be decoded.", e, certPath, index); + } + + foreach (Asn1Encodable ae in policies) + { + PolicyInformation pinfo = null; + try + { + pinfo = PolicyInformation.GetInstance(ae.ToAsn1Object()); + } + catch (Exception ex) + { + throw new PkixCertPathValidatorException( + "Policy information could not be decoded.", ex, certPath, index); + } + if (Rfc3280CertPathUtilities.ANY_POLICY.Equals(pinfo.PolicyIdentifier.Id)) + { + try + { + pq = PkixCertPathValidatorUtilities + .GetQualifierSet(pinfo.PolicyQualifiers); + } + catch (PkixCertPathValidatorException ex) + { + throw new PkixCertPathValidatorException( + "Policy qualifier info set could not be decoded.", ex, certPath, + index); + } + break; + } + } + bool ci = false; + ISet critExtOids = cert.GetCriticalExtensionOids(); + if (critExtOids != null) + { + ci = critExtOids.Contains(X509Extensions.CertificatePolicies.Id); + } + + PkixPolicyNode p_node = (PkixPolicyNode)node.Parent; + if (Rfc3280CertPathUtilities.ANY_POLICY.Equals(p_node.ValidPolicy)) + { + PkixPolicyNode c_node = new PkixPolicyNode(Platform.CreateArrayList(), i, + (ISet)m_idp[id_p], p_node, pq, id_p, ci); + p_node.AddChild(c_node); + policyNodes[i].Add(c_node); + } + break; + } + } + } + + // + // (2) + // + } + else if (policyMapping <= 0) + { + foreach (PkixPolicyNode node in Platform.CreateArrayList(policyNodes[i])) + { + if (node.ValidPolicy.Equals(id_p)) + { + node.Parent.RemoveChild(node); + + for (int k = i - 1; k >= 0; k--) + { + foreach (PkixPolicyNode node2 in Platform.CreateArrayList(policyNodes[k])) + { + if (!node2.HasChildren) + { + _validPolicyTree = PkixCertPathValidatorUtilities.RemovePolicyNode( + _validPolicyTree, policyNodes, node2); + + if (_validPolicyTree == null) + break; + } + } + } + } + } + } + } + } + return _validPolicyTree; + } + + internal static ISet[] ProcessCrlA1ii( + DateTime currentDate, + PkixParameters paramsPKIX, + X509Certificate cert, + X509Crl crl) + { + ISet deltaSet = new HashSet(); + X509CrlStoreSelector crlselect = new X509CrlStoreSelector(); + crlselect.CertificateChecking = cert; + + try + { + IList issuer = Platform.CreateArrayList(); + issuer.Add(crl.IssuerDN); + crlselect.Issuers = issuer; + } + catch (IOException e) + { + throw new Exception("Cannot extract issuer from CRL." + e, e); + } + + crlselect.CompleteCrlEnabled = true; + ISet completeSet = CrlUtilities.FindCrls(crlselect, paramsPKIX, currentDate); + + if (paramsPKIX.IsUseDeltasEnabled) + { + // get delta CRL(s) + try + { + deltaSet.AddAll(PkixCertPathValidatorUtilities.GetDeltaCrls(currentDate, paramsPKIX, crl)); + } + catch (Exception e) + { + throw new Exception("Exception obtaining delta CRLs.", e); + } + } + + return new ISet[]{ completeSet, deltaSet }; + } + + internal static ISet ProcessCrlA1i( + DateTime currentDate, + PkixParameters paramsPKIX, + X509Certificate cert, + X509Crl crl) + { + ISet deltaSet = new HashSet(); + if (paramsPKIX.IsUseDeltasEnabled) + { + CrlDistPoint freshestCRL = null; + try + { + freshestCRL = CrlDistPoint.GetInstance( + PkixCertPathValidatorUtilities.GetExtensionValue(cert, X509Extensions.FreshestCrl)); + } + catch (Exception e) + { + throw new Exception("Freshest CRL extension could not be decoded from certificate.", e); + } + + if (freshestCRL == null) + { + try + { + freshestCRL = CrlDistPoint.GetInstance(PkixCertPathValidatorUtilities.GetExtensionValue(crl, X509Extensions.FreshestCrl)); + } + catch (Exception e) + { + throw new Exception("Freshest CRL extension could not be decoded from CRL.", e); + } + } + if (freshestCRL != null) + { + try + { + PkixCertPathValidatorUtilities.AddAdditionalStoresFromCrlDistributionPoint(freshestCRL, paramsPKIX); + } + catch (Exception e) + { + throw new Exception( + "No new delta CRL locations could be added from Freshest CRL extension.", e); + } + // get delta CRL(s) + try + { + deltaSet.AddAll(PkixCertPathValidatorUtilities.GetDeltaCrls(currentDate, paramsPKIX, crl)); + } + catch (Exception e) + { + throw new Exception("Exception obtaining delta CRLs.", e); + } + } + } + return deltaSet; + } + + internal static void ProcessCertF( + PkixCertPath certPath, + int index, + PkixPolicyNode validPolicyTree, + int explicitPolicy) + { + // + // (f) + // + if (explicitPolicy <= 0 && validPolicyTree == null) + { + throw new PkixCertPathValidatorException( + "No valid policy tree found when one expected.", null, certPath, index); + } + } + + internal static void ProcessCertA( + PkixCertPath certPath, + PkixParameters paramsPKIX, + int index, + AsymmetricKeyParameter workingPublicKey, + X509Name workingIssuerName, + X509Certificate sign) + { + IList certs = certPath.Certificates; + X509Certificate cert = (X509Certificate)certs[index]; + // + // (a) verify + // + try + { + // (a) (1) + // + cert.Verify(workingPublicKey); + } + catch (GeneralSecurityException e) + { + throw new PkixCertPathValidatorException("Could not validate certificate signature.", e, certPath, index); + } + + try + { + // (a) (2) + // + cert.CheckValidity(PkixCertPathValidatorUtilities + .GetValidCertDateFromValidityModel(paramsPKIX, certPath, index)); + } + catch (CertificateExpiredException e) + { + throw new PkixCertPathValidatorException("Could not validate certificate: " + e.Message, e, certPath, index); + } + catch (CertificateNotYetValidException e) + { + throw new PkixCertPathValidatorException("Could not validate certificate: " + e.Message, e, certPath, index); + } + catch (Exception e) + { + throw new PkixCertPathValidatorException("Could not validate time of certificate.", e, certPath, index); + } + + // + // (a) (3) + // + if (paramsPKIX.IsRevocationEnabled) + { + try + { + CheckCrls(paramsPKIX, cert, PkixCertPathValidatorUtilities.GetValidCertDateFromValidityModel(paramsPKIX, + certPath, index), sign, workingPublicKey, certs); + } + catch (Exception e) + { + Exception cause = e.InnerException; + if (cause == null) + { + cause = e; + } + throw new PkixCertPathValidatorException(e.Message, cause, certPath, index); + } + } + + // + // (a) (4) name chaining + // + X509Name issuer = PkixCertPathValidatorUtilities.GetIssuerPrincipal(cert); + if (!issuer.Equivalent(workingIssuerName, true)) + { + throw new PkixCertPathValidatorException("IssuerName(" + issuer + + ") does not match SubjectName(" + workingIssuerName + ") of signing certificate.", null, + certPath, index); + } + } + + internal static int PrepareNextCertI1( + PkixCertPath certPath, + int index, + int explicitPolicy) + { + IList certs = certPath.Certificates; + X509Certificate cert = (X509Certificate)certs[index]; + // + // (i) + // + Asn1Sequence pc = null; + try + { + pc = Asn1Sequence.GetInstance( + PkixCertPathValidatorUtilities.GetExtensionValue(cert, X509Extensions.PolicyConstraints)); + } + catch (Exception e) + { + throw new PkixCertPathValidatorException( + "Policy constraints extension cannot be decoded.", e, certPath, index); + } + + int tmpInt; + + if (pc != null) + { + IEnumerator policyConstraints = pc.GetEnumerator(); + + while (policyConstraints.MoveNext()) + { + try + { + Asn1TaggedObject constraint = Asn1TaggedObject.GetInstance(policyConstraints.Current); + if (constraint.TagNo == 0) + { + tmpInt = DerInteger.GetInstance(constraint, false).IntValueExact; + if (tmpInt < explicitPolicy) + { + return tmpInt; + } + break; + } + } + catch (ArgumentException e) + { + throw new PkixCertPathValidatorException( + "Policy constraints extension contents cannot be decoded.", e, certPath, index); + } + } + } + return explicitPolicy; + } + + internal static int PrepareNextCertI2( + PkixCertPath certPath, + int index, + int policyMapping) + //throws CertPathValidatorException + { + IList certs = certPath.Certificates; + X509Certificate cert = (X509Certificate)certs[index]; + + // + // (i) + // + Asn1Sequence pc = null; + try + { + pc = Asn1Sequence.GetInstance( + PkixCertPathValidatorUtilities.GetExtensionValue(cert, X509Extensions.PolicyConstraints)); + } + catch (Exception e) + { + throw new PkixCertPathValidatorException( + "Policy constraints extension cannot be decoded.", e, certPath, index); + } + + int tmpInt; + + if (pc != null) + { + IEnumerator policyConstraints = pc.GetEnumerator(); + + while (policyConstraints.MoveNext()) + { + try + { + Asn1TaggedObject constraint = Asn1TaggedObject.GetInstance(policyConstraints.Current); + if (constraint.TagNo == 1) + { + tmpInt = DerInteger.GetInstance(constraint, false).IntValueExact; + if (tmpInt < policyMapping) + { + return tmpInt; + } + break; + } + } + catch (ArgumentException e) + { + throw new PkixCertPathValidatorException( + "Policy constraints extension contents cannot be decoded.", e, certPath, index); + } + } + } + return policyMapping; + } + + internal static void PrepareNextCertG( + PkixCertPath certPath, + int index, + PkixNameConstraintValidator nameConstraintValidator) + //throws CertPathValidatorException + { + IList certs = certPath.Certificates; + X509Certificate cert = (X509Certificate)certs[index]; + + // + // (g) handle the name constraints extension + // + NameConstraints nc = null; + try + { + Asn1Sequence ncSeq = Asn1Sequence.GetInstance( + PkixCertPathValidatorUtilities.GetExtensionValue(cert, X509Extensions.NameConstraints)); + if (ncSeq != null) + { + nc = new NameConstraints(ncSeq); + } + } + catch (Exception e) + { + throw new PkixCertPathValidatorException( + "Name constraints extension could not be decoded.", e, certPath, index); + } + if (nc != null) + { + // + // (g) (1) permitted subtrees + // + Asn1Sequence permitted = nc.PermittedSubtrees; + if (permitted != null) + { + try + { + nameConstraintValidator.IntersectPermittedSubtree(permitted); + } + catch (Exception ex) + { + throw new PkixCertPathValidatorException( + "Permitted subtrees cannot be build from name constraints extension.", ex, certPath, index); + } + } + + // + // (g) (2) excluded subtrees + // + Asn1Sequence excluded = nc.ExcludedSubtrees; + if (excluded != null) + { + IEnumerator e = excluded.GetEnumerator(); + try + { + while (e.MoveNext()) + { + GeneralSubtree subtree = GeneralSubtree.GetInstance(e.Current); + nameConstraintValidator.AddExcludedSubtree(subtree); + } + } + catch (Exception ex) + { + throw new PkixCertPathValidatorException( + "Excluded subtrees cannot be build from name constraints extension.", ex, certPath, index); + } + } + } + } + + internal static int PrepareNextCertJ( + PkixCertPath certPath, + int index, + int inhibitAnyPolicy) + //throws CertPathValidatorException + { + IList certs = certPath.Certificates; + X509Certificate cert = (X509Certificate)certs[index]; + + // + // (j) + // + DerInteger iap = null; + try + { + iap = DerInteger.GetInstance( + PkixCertPathValidatorUtilities.GetExtensionValue(cert, X509Extensions.InhibitAnyPolicy)); + } + catch (Exception e) + { + throw new PkixCertPathValidatorException( + "Inhibit any-policy extension cannot be decoded.", e, certPath, index); + } + + if (iap != null) + { + int _inhibitAnyPolicy = iap.IntValueExact; + + if (_inhibitAnyPolicy < inhibitAnyPolicy) + return _inhibitAnyPolicy; + } + return inhibitAnyPolicy; + } + + internal static void PrepareNextCertK( + PkixCertPath certPath, + int index) + //throws CertPathValidatorException + { + IList certs = certPath.Certificates; + X509Certificate cert = (X509Certificate)certs[index]; + // + // (k) + // + BasicConstraints bc = null; + try + { + bc = BasicConstraints.GetInstance( + PkixCertPathValidatorUtilities.GetExtensionValue(cert, X509Extensions.BasicConstraints)); + } + catch (Exception e) + { + throw new PkixCertPathValidatorException("Basic constraints extension cannot be decoded.", e, certPath, + index); + } + if (bc != null) + { + if (!(bc.IsCA())) + throw new PkixCertPathValidatorException("Not a CA certificate"); + } + else + { + throw new PkixCertPathValidatorException("Intermediate certificate lacks BasicConstraints"); + } + } + + internal static int PrepareNextCertL( + PkixCertPath certPath, + int index, + int maxPathLength) + //throws CertPathValidatorException + { + IList certs = certPath.Certificates; + X509Certificate cert = (X509Certificate)certs[index]; + // + // (l) + // + if (!PkixCertPathValidatorUtilities.IsSelfIssued(cert)) + { + if (maxPathLength <= 0) + { + throw new PkixCertPathValidatorException("Max path length not greater than zero", null, certPath, index); + } + + return maxPathLength - 1; + } + return maxPathLength; + } + + internal static int PrepareNextCertM( + PkixCertPath certPath, + int index, + int maxPathLength) + //throws CertPathValidatorException + { + IList certs = certPath.Certificates; + X509Certificate cert = (X509Certificate)certs[index]; + + // + // (m) + // + BasicConstraints bc = null; + try + { + bc = BasicConstraints.GetInstance( + PkixCertPathValidatorUtilities.GetExtensionValue(cert, X509Extensions.BasicConstraints)); + } + catch (Exception e) + { + throw new PkixCertPathValidatorException("Basic constraints extension cannot be decoded.", e, certPath, + index); + } + if (bc != null) + { + BigInteger _pathLengthConstraint = bc.PathLenConstraint; + + if (_pathLengthConstraint != null) + { + int _plc = _pathLengthConstraint.IntValue; + + if (_plc < maxPathLength) + { + return _plc; + } + } + } + return maxPathLength; + } + + internal static void PrepareNextCertN( + PkixCertPath certPath, + int index) + //throws CertPathValidatorException + { + IList certs = certPath.Certificates; + X509Certificate cert = (X509Certificate)certs[index]; + + // + // (n) + // + bool[] _usage = cert.GetKeyUsage(); + + if ((_usage != null) && !_usage[Rfc3280CertPathUtilities.KEY_CERT_SIGN]) + { + throw new PkixCertPathValidatorException( + "Issuer certificate keyusage extension is critical and does not permit key signing.", null, + certPath, index); + } + } + + internal static void PrepareNextCertO( + PkixCertPath certPath, + int index, + ISet criticalExtensions, + IList pathCheckers) + //throws CertPathValidatorException + { + IList certs = certPath.Certificates; + X509Certificate cert = (X509Certificate)certs[index]; + + // + // (o) + // + IEnumerator tmpIter = pathCheckers.GetEnumerator(); + while (tmpIter.MoveNext()) + { + try + { + ((PkixCertPathChecker)tmpIter.Current).Check(cert, criticalExtensions); + } + catch (PkixCertPathValidatorException e) + { + throw new PkixCertPathValidatorException(e.Message, e.InnerException, certPath, index); + } + } + if (!criticalExtensions.IsEmpty) + { + throw new PkixCertPathValidatorException("Certificate has unsupported critical extension.", null, certPath, + index); + } + } + + internal static int PrepareNextCertH1( + PkixCertPath certPath, + int index, + int explicitPolicy) + { + IList certs = certPath.Certificates; + X509Certificate cert = (X509Certificate)certs[index]; + + // + // (h) + // + if (!PkixCertPathValidatorUtilities.IsSelfIssued(cert)) + { + // + // (1) + // + if (explicitPolicy != 0) + return explicitPolicy - 1; + } + return explicitPolicy; + } + + internal static int PrepareNextCertH2( + PkixCertPath certPath, + int index, + int policyMapping) + { + IList certs = certPath.Certificates; + X509Certificate cert = (X509Certificate)certs[index]; + + // + // (h) + // + if (!PkixCertPathValidatorUtilities.IsSelfIssued(cert)) + { + // + // (2) + // + if (policyMapping != 0) + return policyMapping - 1; + } + return policyMapping; + } + + + internal static int PrepareNextCertH3( + PkixCertPath certPath, + int index, + int inhibitAnyPolicy) + { + IList certs = certPath.Certificates; + X509Certificate cert = (X509Certificate)certs[index]; + + // + // (h) + // + if (!PkixCertPathValidatorUtilities.IsSelfIssued(cert)) + { + // + // (3) + // + if (inhibitAnyPolicy != 0) + return inhibitAnyPolicy - 1; + } + return inhibitAnyPolicy; + } + + internal static int WrapupCertA( + int explicitPolicy, + X509Certificate cert) + { + // + // (a) + // + if (!PkixCertPathValidatorUtilities.IsSelfIssued(cert) && (explicitPolicy != 0)) + { + explicitPolicy--; + } + return explicitPolicy; + } + + internal static int WrapupCertB( + PkixCertPath certPath, + int index, + int explicitPolicy) + //throws CertPathValidatorException + { + IList certs = certPath.Certificates; + X509Certificate cert = (X509Certificate)certs[index]; + + // + // (b) + // + int tmpInt; + Asn1Sequence pc = null; + try + { + pc = Asn1Sequence.GetInstance( + PkixCertPathValidatorUtilities.GetExtensionValue(cert, X509Extensions.PolicyConstraints)); + } + catch (Exception e) + { + throw new PkixCertPathValidatorException("Policy constraints could not be decoded.", e, certPath, index); + } + + if (pc != null) + { + IEnumerator policyConstraints = pc.GetEnumerator(); + + while (policyConstraints.MoveNext()) + { + Asn1TaggedObject constraint = (Asn1TaggedObject)policyConstraints.Current; + switch (constraint.TagNo) + { + case 0: + try + { + tmpInt = DerInteger.GetInstance(constraint, false).IntValueExact; + } + catch (Exception e) + { + throw new PkixCertPathValidatorException( + "Policy constraints requireExplicitPolicy field could not be decoded.", e, certPath, + index); + } + if (tmpInt == 0) + { + return 0; + } + break; + } + } + } + return explicitPolicy; + } + + internal static void WrapupCertF( + PkixCertPath certPath, + int index, + IList pathCheckers, + ISet criticalExtensions) + //throws CertPathValidatorException + { + IList certs = certPath.Certificates; + X509Certificate cert = (X509Certificate)certs[index]; + IEnumerator tmpIter = pathCheckers.GetEnumerator(); + + while (tmpIter.MoveNext()) + { + try + { + ((PkixCertPathChecker)tmpIter.Current).Check(cert, criticalExtensions); + } + catch (PkixCertPathValidatorException e) + { + throw new PkixCertPathValidatorException("Additional certificate path checker failed.", e, certPath, + index); + } + } + + if (!criticalExtensions.IsEmpty) + { + throw new PkixCertPathValidatorException("Certificate has unsupported critical extension", + null, certPath, index); + } + } + + internal static PkixPolicyNode WrapupCertG( + PkixCertPath certPath, + PkixParameters paramsPKIX, + ISet userInitialPolicySet, + int index, + IList[] policyNodes, + PkixPolicyNode validPolicyTree, + ISet acceptablePolicies) + { + int n = certPath.Certificates.Count; + + // + // (g) + // + PkixPolicyNode intersection; + + // + // (g) (i) + // + if (validPolicyTree == null) + { + if (paramsPKIX.IsExplicitPolicyRequired) + { + throw new PkixCertPathValidatorException( + "Explicit policy requested but none available.", null, certPath, index); + } + intersection = null; + } + else if (PkixCertPathValidatorUtilities.IsAnyPolicy(userInitialPolicySet)) // (g) + // (ii) + { + if (paramsPKIX.IsExplicitPolicyRequired) + { + if (acceptablePolicies.IsEmpty) + { + throw new PkixCertPathValidatorException( + "Explicit policy requested but none available.", null, certPath, index); + } + else + { + ISet _validPolicyNodeSet = new HashSet(); + + for (int j = 0; j < policyNodes.Length; j++) + { + IList _nodeDepth = policyNodes[j]; + + for (int k = 0; k < _nodeDepth.Count; k++) + { + PkixPolicyNode _node = (PkixPolicyNode)_nodeDepth[k]; + + if (Rfc3280CertPathUtilities.ANY_POLICY.Equals(_node.ValidPolicy)) + { + foreach (object o in _node.Children) + { + _validPolicyNodeSet.Add(o); + } + } + } + } + + foreach (PkixPolicyNode _node in _validPolicyNodeSet) + { + string _validPolicy = _node.ValidPolicy; + + if (!acceptablePolicies.Contains(_validPolicy)) + { + // TODO? + // validPolicyTree = + // removePolicyNode(validPolicyTree, policyNodes, + // _node); + } + } + if (validPolicyTree != null) + { + for (int j = (n - 1); j >= 0; j--) + { + IList nodes = policyNodes[j]; + + for (int k = 0; k < nodes.Count; k++) + { + PkixPolicyNode node = (PkixPolicyNode)nodes[k]; + if (!node.HasChildren) + { + validPolicyTree = PkixCertPathValidatorUtilities.RemovePolicyNode(validPolicyTree, + policyNodes, node); + } + } + } + } + } + } + + intersection = validPolicyTree; + } + else + { + // + // (g) (iii) + // + // This implementation is not exactly same as the one described in + // RFC3280. + // However, as far as the validation result is concerned, both + // produce + // adequate result. The only difference is whether AnyPolicy is + // remain + // in the policy tree or not. + // + // (g) (iii) 1 + // + ISet _validPolicyNodeSet = new HashSet(); + + for (int j = 0; j < policyNodes.Length; j++) + { + IList _nodeDepth = policyNodes[j]; + + for (int k = 0; k < _nodeDepth.Count; k++) + { + PkixPolicyNode _node = (PkixPolicyNode)_nodeDepth[k]; + + if (Rfc3280CertPathUtilities.ANY_POLICY.Equals(_node.ValidPolicy)) + { + foreach (PkixPolicyNode _c_node in _node.Children) + { + if (!Rfc3280CertPathUtilities.ANY_POLICY.Equals(_c_node.ValidPolicy)) + { + _validPolicyNodeSet.Add(_c_node); + } + } + } + } + } + + // + // (g) (iii) 2 + // + IEnumerator _vpnsIter = _validPolicyNodeSet.GetEnumerator(); + while (_vpnsIter.MoveNext()) + { + PkixPolicyNode _node = (PkixPolicyNode)_vpnsIter.Current; + string _validPolicy = _node.ValidPolicy; + + if (!userInitialPolicySet.Contains(_validPolicy)) + { + validPolicyTree = PkixCertPathValidatorUtilities.RemovePolicyNode(validPolicyTree, policyNodes, _node); + } + } + + // + // (g) (iii) 4 + // + if (validPolicyTree != null) + { + for (int j = (n - 1); j >= 0; j--) + { + IList nodes = policyNodes[j]; + + for (int k = 0; k < nodes.Count; k++) + { + PkixPolicyNode node = (PkixPolicyNode)nodes[k]; + if (!node.HasChildren) + { + validPolicyTree = PkixCertPathValidatorUtilities.RemovePolicyNode(validPolicyTree, policyNodes, + node); + } + } + } + } + + intersection = validPolicyTree; + } + return intersection; + } + + /** + * If use-deltas is set, verify the issuer and scope of the delta CRL. + * + * @param deltaCRL The delta CRL. + * @param completeCRL The complete CRL. + * @param pkixParams The PKIX paramaters. + * @throws AnnotatedException if an exception occurs. + */ + internal static void ProcessCrlC( + X509Crl deltaCRL, + X509Crl completeCRL, + PkixParameters pkixParams) + { + if (deltaCRL == null) + return; + + IssuingDistributionPoint completeidp = null; + try + { + completeidp = IssuingDistributionPoint.GetInstance( + PkixCertPathValidatorUtilities.GetExtensionValue(completeCRL, X509Extensions.IssuingDistributionPoint)); + } + catch (Exception e) + { + throw new Exception("000 Issuing distribution point extension could not be decoded.", e); + } + + if (pkixParams.IsUseDeltasEnabled) + { + // (c) (1) + if (!deltaCRL.IssuerDN.Equivalent(completeCRL.IssuerDN, true)) + throw new Exception("Complete CRL issuer does not match delta CRL issuer."); + + // (c) (2) + IssuingDistributionPoint deltaidp = null; + try + { + deltaidp = IssuingDistributionPoint.GetInstance( + PkixCertPathValidatorUtilities.GetExtensionValue(deltaCRL, X509Extensions.IssuingDistributionPoint)); + } + catch (Exception e) + { + throw new Exception( + "Issuing distribution point extension from delta CRL could not be decoded.", e); + } + + if (!Platform.Equals(completeidp, deltaidp)) + { + throw new Exception( + "Issuing distribution point extension from delta CRL and complete CRL does not match."); + } + + // (c) (3) + Asn1Object completeKeyIdentifier = null; + try + { + completeKeyIdentifier = PkixCertPathValidatorUtilities.GetExtensionValue( + completeCRL, X509Extensions.AuthorityKeyIdentifier); + } + catch (Exception e) + { + throw new Exception( + "Authority key identifier extension could not be extracted from complete CRL.", e); + } + + Asn1Object deltaKeyIdentifier = null; + try + { + deltaKeyIdentifier = PkixCertPathValidatorUtilities.GetExtensionValue( + deltaCRL, X509Extensions.AuthorityKeyIdentifier); + } + catch (Exception e) + { + throw new Exception( + "Authority key identifier extension could not be extracted from delta CRL.", e); + } + + if (completeKeyIdentifier == null) + throw new Exception("CRL authority key identifier is null."); + + if (deltaKeyIdentifier == null) + throw new Exception("Delta CRL authority key identifier is null."); + + if (!completeKeyIdentifier.Equals(deltaKeyIdentifier)) + { + throw new Exception( + "Delta CRL authority key identifier does not match complete CRL authority key identifier."); + } + } + } + + internal static void ProcessCrlI( + DateTime validDate, + X509Crl deltacrl, + object cert, + CertStatus certStatus, + PkixParameters pkixParams) + { + if (pkixParams.IsUseDeltasEnabled && deltacrl != null) + { + PkixCertPathValidatorUtilities.GetCertStatus(validDate, deltacrl, cert, certStatus); + } + } + + internal static void ProcessCrlJ( + DateTime validDate, + X509Crl completecrl, + object cert, + CertStatus certStatus) + { + if (certStatus.Status == CertStatus.Unrevoked) + { + PkixCertPathValidatorUtilities.GetCertStatus(validDate, completecrl, cert, certStatus); + } + } + + internal static PkixPolicyNode ProcessCertE( + PkixCertPath certPath, + int index, + PkixPolicyNode validPolicyTree) + { + IList certs = certPath.Certificates; + X509Certificate cert = (X509Certificate)certs[index]; + + // + // (e) + // + Asn1Sequence certPolicies = null; + try + { + certPolicies = Asn1Sequence.GetInstance( + PkixCertPathValidatorUtilities.GetExtensionValue(cert, X509Extensions.CertificatePolicies)); + } + catch (Exception e) + { + throw new PkixCertPathValidatorException("Could not read certificate policies extension from certificate.", + e, certPath, index); + } + if (certPolicies == null) + { + validPolicyTree = null; + } + return validPolicyTree; + } + + internal static readonly string[] CrlReasons = new string[] + { + "unspecified", + "keyCompromise", + "cACompromise", + "affiliationChanged", + "superseded", + "cessationOfOperation", + "certificateHold", + "unknown", + "removeFromCRL", + "privilegeWithdrawn", + "aACompromise" + }; + } +} diff --git a/BouncyCastle/crypto/src/pkix/Rfc3281CertPathUtilities.cs b/BouncyCastle/crypto/src/pkix/Rfc3281CertPathUtilities.cs new file mode 100644 index 0000000..66025f0 --- /dev/null +++ b/BouncyCastle/crypto/src/pkix/Rfc3281CertPathUtilities.cs @@ -0,0 +1,609 @@ +using System; +using System.Collections; +using System.Globalization; +using System.IO; + +using Org.BouncyCastle.Asn1; +using Org.BouncyCastle.Asn1.X509; +using Org.BouncyCastle.Crypto; +using Org.BouncyCastle.Security.Certificates; +using Org.BouncyCastle.Utilities.Collections; +using Org.BouncyCastle.X509; +using Org.BouncyCastle.X509.Store; + +namespace Org.BouncyCastle.Pkix +{ + internal class Rfc3281CertPathUtilities + { + internal static void ProcessAttrCert7( + IX509AttributeCertificate attrCert, + PkixCertPath certPath, + PkixCertPath holderCertPath, + PkixParameters pkixParams) + { + // TODO: + // AA Controls + // Attribute encryption + // Proxy + ISet critExtOids = attrCert.GetCriticalExtensionOids(); + + // 7.1 + // process extensions + + // target information checked in step 6 / X509AttributeCertStoreSelector + if (critExtOids.Contains(X509Extensions.TargetInformation.Id)) + { + try + { + TargetInformation.GetInstance(PkixCertPathValidatorUtilities + .GetExtensionValue(attrCert, X509Extensions.TargetInformation)); + } + catch (Exception e) + { + throw new PkixCertPathValidatorException( + "Target information extension could not be read.", e); + } + } + critExtOids.Remove(X509Extensions.TargetInformation.Id); + foreach (PkixAttrCertChecker checker in pkixParams.GetAttrCertCheckers()) + { + checker.Check(attrCert, certPath, holderCertPath, critExtOids); + } + if (!critExtOids.IsEmpty) + { + throw new PkixCertPathValidatorException( + "Attribute certificate contains unsupported critical extensions: " + + critExtOids); + } + } + + /** + * Checks if an attribute certificate is revoked. + * + * @param attrCert Attribute certificate to check if it is revoked. + * @param paramsPKIX PKIX parameters. + * @param issuerCert The issuer certificate of the attribute certificate + * attrCert. + * @param validDate The date when the certificate revocation status should + * be checked. + * @param certPathCerts The certificates of the certification path to be + * checked. + * + * @throws CertPathValidatorException if the certificate is revoked or the + * status cannot be checked or some error occurs. + */ + internal static void CheckCrls( + IX509AttributeCertificate attrCert, + PkixParameters paramsPKIX, + X509Certificate issuerCert, + DateTime validDate, + IList certPathCerts) + { + if (!paramsPKIX.IsRevocationEnabled) + { + return; + } + + // check if revocation is available + if (attrCert.GetExtensionValue(X509Extensions.NoRevAvail) != null) + { + if (attrCert.GetExtensionValue(X509Extensions.CrlDistributionPoints) != null + || attrCert.GetExtensionValue(X509Extensions.AuthorityInfoAccess) != null) + { + throw new PkixCertPathValidatorException( + "No rev avail extension is set, but also an AC revocation pointer."); + } + + return; + } + + CrlDistPoint crldp = null; + try + { + crldp = CrlDistPoint.GetInstance( + PkixCertPathValidatorUtilities.GetExtensionValue( + attrCert, X509Extensions.CrlDistributionPoints)); + } + catch (Exception e) + { + throw new PkixCertPathValidatorException( + "CRL distribution point extension could not be read.", e); + } + try + { + PkixCertPathValidatorUtilities + .AddAdditionalStoresFromCrlDistributionPoint(crldp, paramsPKIX); + } + catch (Exception e) + { + throw new PkixCertPathValidatorException( + "No additional CRL locations could be decoded from CRL distribution point extension.", e); + } + + CertStatus certStatus = new CertStatus(); + ReasonsMask reasonsMask = new ReasonsMask(); + + Exception lastException = null; + bool validCrlFound = false; + // for each distribution point + if (crldp != null) + { + DistributionPoint[] dps = null; + try + { + dps = crldp.GetDistributionPoints(); + } + catch (Exception e) + { + throw new PkixCertPathValidatorException( + "Distribution points could not be read.", e); + } + try + { + for (int i = 0; i < dps.Length + && certStatus.Status == CertStatus.Unrevoked + && !reasonsMask.IsAllReasons; i++) + { + PkixParameters paramsPKIXClone = (PkixParameters) paramsPKIX + .Clone(); + CheckCrl(dps[i], attrCert, paramsPKIXClone, + validDate, issuerCert, certStatus, reasonsMask, + certPathCerts); + validCrlFound = true; + } + } + catch (Exception e) + { + lastException = new Exception( + "No valid CRL for distribution point found.", e); + } + } + + /* + * If the revocation status has not been determined, repeat the + * process above with any available CRLs not specified in a + * distribution point but issued by the certificate issuer. + */ + + if (certStatus.Status == CertStatus.Unrevoked + && !reasonsMask.IsAllReasons) + { + try + { + /* + * assume a DP with both the reasons and the cRLIssuer + * fields omitted and a distribution point name of the + * certificate issuer. + */ + X509Name issuer; + try + { + issuer = X509Name.GetInstance(attrCert.Issuer.GetPrincipals()[0].GetEncoded()); + } + catch (Exception e) + { + throw new Exception( + "Issuer from certificate for CRL could not be reencoded.", + e); + } + DistributionPoint dp = new DistributionPoint( + new DistributionPointName(0, new GeneralNames( + new GeneralName(GeneralName.DirectoryName, issuer))), null, null); + PkixParameters paramsPKIXClone = (PkixParameters) paramsPKIX.Clone(); + CheckCrl(dp, attrCert, paramsPKIXClone, validDate, + issuerCert, certStatus, reasonsMask, certPathCerts); + validCrlFound = true; + } + catch (Exception e) + { + lastException = new Exception( + "No valid CRL for distribution point found.", e); + } + } + + if (!validCrlFound) + { + throw new PkixCertPathValidatorException( + "No valid CRL found.", lastException); + } + if (certStatus.Status != CertStatus.Unrevoked) + { + // This format is enforced by the NistCertPath tests + string formattedDate = certStatus.RevocationDate.Value.ToString( + "ddd MMM dd HH:mm:ss K yyyy"); + string message = "Attribute certificate revocation after " + + formattedDate; + message += ", reason: " + + Rfc3280CertPathUtilities.CrlReasons[certStatus.Status]; + throw new PkixCertPathValidatorException(message); + } + if (!reasonsMask.IsAllReasons + && certStatus.Status == CertStatus.Unrevoked) + { + certStatus.Status = CertStatus.Undetermined; + } + if (certStatus.Status == CertStatus.Undetermined) + { + throw new PkixCertPathValidatorException( + "Attribute certificate status could not be determined."); + } + } + + internal static void AdditionalChecks( + IX509AttributeCertificate attrCert, + PkixParameters pkixParams) + { + // 1 + foreach (string oid in pkixParams.GetProhibitedACAttributes()) + { + if (attrCert.GetAttributes(oid) != null) + { + throw new PkixCertPathValidatorException( + "Attribute certificate contains prohibited attribute: " + + oid + "."); + } + } + foreach (string oid in pkixParams.GetNecessaryACAttributes()) + { + if (attrCert.GetAttributes(oid) == null) + { + throw new PkixCertPathValidatorException( + "Attribute certificate does not contain necessary attribute: " + + oid + "."); + } + } + } + + internal static void ProcessAttrCert5( + IX509AttributeCertificate attrCert, + PkixParameters pkixParams) + { + try + { + attrCert.CheckValidity(PkixCertPathValidatorUtilities.GetValidDate(pkixParams)); + } + catch (CertificateExpiredException e) + { + throw new PkixCertPathValidatorException( + "Attribute certificate is not valid.", e); + } + catch (CertificateNotYetValidException e) + { + throw new PkixCertPathValidatorException( + "Attribute certificate is not valid.", e); + } + } + + internal static void ProcessAttrCert4( + X509Certificate acIssuerCert, + PkixParameters pkixParams) + { + ISet set = pkixParams.GetTrustedACIssuers(); + bool trusted = false; + foreach (TrustAnchor anchor in set) + { + IDictionary symbols = X509Name.RFC2253Symbols; + if (acIssuerCert.SubjectDN.ToString(false, symbols).Equals(anchor.CAName) + || acIssuerCert.Equals(anchor.TrustedCert)) + { + trusted = true; + } + } + if (!trusted) + { + throw new PkixCertPathValidatorException( + "Attribute certificate issuer is not directly trusted."); + } + } + + internal static void ProcessAttrCert3( + X509Certificate acIssuerCert, + PkixParameters pkixParams) + { + if (acIssuerCert.GetKeyUsage() != null + && (!acIssuerCert.GetKeyUsage()[0] && !acIssuerCert.GetKeyUsage()[1])) + { + throw new PkixCertPathValidatorException( + "Attribute certificate issuer public key cannot be used to validate digital signatures."); + } + if (acIssuerCert.GetBasicConstraints() != -1) + { + throw new PkixCertPathValidatorException( + "Attribute certificate issuer is also a public key certificate issuer."); + } + } + + internal static PkixCertPathValidatorResult ProcessAttrCert2( + PkixCertPath certPath, + PkixParameters pkixParams) + { + PkixCertPathValidator validator = new PkixCertPathValidator(); + + try + { + return validator.Validate(certPath, pkixParams); + } + catch (PkixCertPathValidatorException e) + { + throw new PkixCertPathValidatorException( + "Certification path for issuer certificate of attribute certificate could not be validated.", + e); + } + } + + /** + * Searches for a holder public key certificate and verifies its + * certification path. + * + * @param attrCert the attribute certificate. + * @param pkixParams The PKIX parameters. + * @return The certificate path of the holder certificate. + * @throws Exception if + *
      + *
    • no public key certificate can be found although holder + * information is given by an entity name or a base certificate + * ID
      • + *
    • support classes cannot be created
      • + *
    • no certification path for the public key certificate can + * be built
      • + *
    + */ + internal static PkixCertPath ProcessAttrCert1( + IX509AttributeCertificate attrCert, + PkixParameters pkixParams) + { + PkixCertPathBuilderResult result = null; + // find holder PKCs + ISet holderPKCs = new HashSet(); + if (attrCert.Holder.GetIssuer() != null) + { + X509CertStoreSelector selector = new X509CertStoreSelector(); + selector.SerialNumber = attrCert.Holder.SerialNumber; + X509Name[] principals = attrCert.Holder.GetIssuer(); + for (int i = 0; i < principals.Length; i++) + { + try + { +// if (principals[i] is X500Principal) + { + selector.Issuer = principals[i]; + } + holderPKCs.AddAll(PkixCertPathValidatorUtilities + .FindCertificates(selector, pkixParams.GetStores())); + } + catch (Exception e) + { + throw new PkixCertPathValidatorException( + "Public key certificate for attribute certificate cannot be searched.", + e); + } + } + if (holderPKCs.IsEmpty) + { + throw new PkixCertPathValidatorException( + "Public key certificate specified in base certificate ID for attribute certificate cannot be found."); + } + } + if (attrCert.Holder.GetEntityNames() != null) + { + X509CertStoreSelector selector = new X509CertStoreSelector(); + X509Name[] principals = attrCert.Holder.GetEntityNames(); + for (int i = 0; i < principals.Length; i++) + { + try + { +// if (principals[i] is X500Principal) + { + selector.Issuer = principals[i]; + } + holderPKCs.AddAll(PkixCertPathValidatorUtilities + .FindCertificates(selector, pkixParams.GetStores())); + } + catch (Exception e) + { + throw new PkixCertPathValidatorException( + "Public key certificate for attribute certificate cannot be searched.", + e); + } + } + if (holderPKCs.IsEmpty) + { + throw new PkixCertPathValidatorException( + "Public key certificate specified in entity name for attribute certificate cannot be found."); + } + } + + // verify cert paths for PKCs + PkixBuilderParameters parameters = (PkixBuilderParameters) + PkixBuilderParameters.GetInstance(pkixParams); + + PkixCertPathValidatorException lastException = null; + foreach (X509Certificate cert in holderPKCs) + { + X509CertStoreSelector selector = new X509CertStoreSelector(); + selector.Certificate = cert; + parameters.SetTargetConstraints(selector); + + PkixCertPathBuilder builder = new PkixCertPathBuilder(); + + try + { + result = builder.Build(PkixBuilderParameters.GetInstance(parameters)); + } + catch (PkixCertPathBuilderException e) + { + lastException = new PkixCertPathValidatorException( + "Certification path for public key certificate of attribute certificate could not be build.", + e); + } + } + if (lastException != null) + { + throw lastException; + } + return result.CertPath; + } + + /** + * + * Checks a distribution point for revocation information for the + * certificate attrCert. + * + * @param dp The distribution point to consider. + * @param attrCert The attribute certificate which should be checked. + * @param paramsPKIX PKIX parameters. + * @param validDate The date when the certificate revocation status should + * be checked. + * @param issuerCert Certificate to check if it is revoked. + * @param reasonMask The reasons mask which is already checked. + * @param certPathCerts The certificates of the certification path to be + * checked. + * @throws Exception if the certificate is revoked or the status + * cannot be checked or some error occurs. + */ + private static void CheckCrl( + DistributionPoint dp, + IX509AttributeCertificate attrCert, + PkixParameters paramsPKIX, + DateTime validDate, + X509Certificate issuerCert, + CertStatus certStatus, + ReasonsMask reasonMask, + IList certPathCerts) + { + /* + * 4.3.6 No Revocation Available + * + * The noRevAvail extension, defined in [X.509-2000], allows an AC + * issuer to indicate that no revocation information will be made + * available for this AC. + */ + if (attrCert.GetExtensionValue(X509Extensions.NoRevAvail) != null) + { + return; + } + + DateTime currentDate = DateTime.UtcNow; + if (validDate.CompareTo(currentDate) > 0) + { + throw new Exception("Validation time is in future."); + } + + // (a) + /* + * We always get timely valid CRLs, so there is no step (a) (1). + * "locally cached" CRLs are assumed to be in getStore(), additional + * CRLs must be enabled in the ExtendedPkixParameters and are in + * getAdditionalStore() + */ + ISet crls = PkixCertPathValidatorUtilities.GetCompleteCrls(dp, attrCert, + currentDate, paramsPKIX); + bool validCrlFound = false; + Exception lastException = null; + + IEnumerator crl_iter = crls.GetEnumerator(); + + while (crl_iter.MoveNext() + && certStatus.Status == CertStatus.Unrevoked + && !reasonMask.IsAllReasons) + { + try + { + X509Crl crl = (X509Crl) crl_iter.Current; + + // (d) + ReasonsMask interimReasonsMask = Rfc3280CertPathUtilities.ProcessCrlD(crl, dp); + + // (e) + /* + * The reasons mask is updated at the end, so only valid CRLs + * can update it. If this CRL does not contain new reasons it + * must be ignored. + */ + if (!interimReasonsMask.HasNewReasons(reasonMask)) + { + continue; + } + + // (f) + ISet keys = Rfc3280CertPathUtilities.ProcessCrlF(crl, attrCert, + null, null, paramsPKIX, certPathCerts); + // (g) + AsymmetricKeyParameter pubKey = Rfc3280CertPathUtilities.ProcessCrlG(crl, keys); + + X509Crl deltaCRL = null; + + if (paramsPKIX.IsUseDeltasEnabled) + { + // get delta CRLs + ISet deltaCRLs = PkixCertPathValidatorUtilities.GetDeltaCrls( + currentDate, paramsPKIX, crl); + // we only want one valid delta CRL + // (h) + deltaCRL = Rfc3280CertPathUtilities.ProcessCrlH(deltaCRLs, pubKey); + } + + /* + * CRL must be be valid at the current time, not the validation + * time. If a certificate is revoked with reason keyCompromise, + * cACompromise, it can be used for forgery, also for the past. + * This reason may not be contained in older CRLs. + */ + + /* + * in the chain model signatures stay valid also after the + * certificate has been expired, so they do not have to be in + * the CRL vality time + */ + if (paramsPKIX.ValidityModel != PkixParameters.ChainValidityModel) + { + /* + * if a certificate has expired, but was revoked, it is not + * more in the CRL, so it would be regarded as valid if the + * first check is not done + */ + if (attrCert.NotAfter.CompareTo(crl.ThisUpdate) < 0) + { + throw new Exception( + "No valid CRL for current time found."); + } + } + + Rfc3280CertPathUtilities.ProcessCrlB1(dp, attrCert, crl); + + // (b) (2) + Rfc3280CertPathUtilities.ProcessCrlB2(dp, attrCert, crl); + + // (c) + Rfc3280CertPathUtilities.ProcessCrlC(deltaCRL, crl, paramsPKIX); + + // (i) + Rfc3280CertPathUtilities.ProcessCrlI(validDate, deltaCRL, + attrCert, certStatus, paramsPKIX); + + // (j) + Rfc3280CertPathUtilities.ProcessCrlJ(validDate, crl, attrCert, + certStatus); + + // (k) + if (certStatus.Status == CrlReason.RemoveFromCrl) + { + certStatus.Status = CertStatus.Unrevoked; + } + + // update reasons mask + reasonMask.AddReasons(interimReasonsMask); + validCrlFound = true; + } + catch (Exception e) + { + lastException = e; + } + } + if (!validCrlFound) + { + throw lastException; + } + } + } +} diff --git a/BouncyCastle/crypto/src/pkix/TrustAnchor.cs b/BouncyCastle/crypto/src/pkix/TrustAnchor.cs new file mode 100644 index 0000000..22078ba --- /dev/null +++ b/BouncyCastle/crypto/src/pkix/TrustAnchor.cs @@ -0,0 +1,259 @@ +using System; +using System.IO; +using System.Text; + +using Org.BouncyCastle.Asn1; +using Org.BouncyCastle.Asn1.X509; +using Org.BouncyCastle.Crypto; +using Org.BouncyCastle.Utilities; +using Org.BouncyCastle.X509; + +namespace Org.BouncyCastle.Pkix +{ + /// + /// A trust anchor or most-trusted Certification Authority (CA). + /// + /// This class represents a "most-trusted CA", which is used as a trust anchor + /// for validating X.509 certification paths. A most-trusted CA includes the + /// public key of the CA, the CA's name, and any constraints upon the set of + /// paths which may be validated using this key. These parameters can be + /// specified in the form of a trusted X509Certificate or as individual + /// parameters. + /// + public class TrustAnchor + { + private readonly AsymmetricKeyParameter pubKey; + private readonly string caName; + private readonly X509Name caPrincipal; + private readonly X509Certificate trustedCert; + private byte[] ncBytes; + private NameConstraints nc; + + /// + /// Creates an instance of TrustAnchor with the specified X509Certificate and + /// optional name constraints, which are intended to be used as additional + /// constraints when validating an X.509 certification path. + /// The name constraints are specified as a byte array. This byte array + /// should contain the DER encoded form of the name constraints, as they + /// would appear in the NameConstraints structure defined in RFC 2459 and + /// X.509. The ASN.1 definition of this structure appears below. + /// + /// 
    +	    ///	NameConstraints ::= SEQUENCE {
+	    ///		permittedSubtrees       [0]     GeneralSubtrees OPTIONAL,
+	    ///		excludedSubtrees        [1]     GeneralSubtrees OPTIONAL }
+	    ///	   
+        /// GeneralSubtrees ::= SEQUENCE SIZE (1..MAX) OF GeneralSubtree
+        /// 
+        ///		GeneralSubtree ::= SEQUENCE {
+        ///		base                    GeneralName,
+        ///		minimum         [0]     BaseDistance DEFAULT 0,
+        ///		maximum         [1]     BaseDistance OPTIONAL }
+        ///		
+        ///		BaseDistance ::= INTEGER (0..MAX)
+		///
+		///		GeneralName ::= CHOICE {
+		///		otherName                       [0]     OtherName,
+		///		rfc822Name                      [1]     IA5String,
+		///		dNSName                         [2]     IA5String,
+		///		x400Address                     [3]     ORAddress,
+		///		directoryName                   [4]     Name,
+		///		ediPartyName                    [5]     EDIPartyName,
+		///		uniformResourceIdentifier       [6]     IA5String,
+		///		iPAddress                       [7]     OCTET STRING,
+		///		registeredID                    [8]     OBJECT IDENTIFIER}
+		///
    + /// + /// Note that the name constraints byte array supplied is cloned to protect + /// against subsequent modifications. + ///     + /// a trusted X509Certificate + /// a byte array containing the ASN.1 DER encoding of a + /// NameConstraints extension to be used for checking name + /// constraints. Only the value of the extension is included, not + /// the OID or criticality flag. Specify null to omit the + /// parameter. + /// if the specified X509Certificate is null + public TrustAnchor( + X509Certificate trustedCert, + byte[] nameConstraints) + { + if (trustedCert == null) + throw new ArgumentNullException("trustedCert"); + + this.trustedCert = trustedCert; + this.pubKey = null; + this.caName = null; + this.caPrincipal = null; + setNameConstraints(nameConstraints); + } + + /// + /// Creates an instance of TrustAnchor where the + /// most-trusted CA is specified as an X500Principal and public key. + /// + /// + ///

    + /// Name constraints are an optional parameter, and are intended to be used + /// as additional constraints when validating an X.509 certification path. + ///

    + /// The name constraints are specified as a byte array. This byte array + /// contains the DER encoded form of the name constraints, as they + /// would appear in the NameConstraints structure defined in RFC 2459 + /// and X.509. The ASN.1 notation for this structure is supplied in the + /// documentation for the other constructors. + ///

    + /// Note that the name constraints byte array supplied here is cloned to + /// protect against subsequent modifications. + ///

    + ///     + /// the name of the most-trusted CA as X509Name + /// the public key of the most-trusted CA + /// + /// a byte array containing the ASN.1 DER encoding of a NameConstraints extension to + /// be used for checking name constraints. Only the value of the extension is included, + /// not the OID or criticality flag. Specify null to omit the parameter. + /// + /// + /// if caPrincipal or pubKey is null + /// + public TrustAnchor( + X509Name caPrincipal, + AsymmetricKeyParameter pubKey, + byte[] nameConstraints) + { + if (caPrincipal == null) + throw new ArgumentNullException("caPrincipal"); + if (pubKey == null) + throw new ArgumentNullException("pubKey"); + + this.trustedCert = null; + this.caPrincipal = caPrincipal; + this.caName = caPrincipal.ToString(); + this.pubKey = pubKey; + setNameConstraints(nameConstraints); + } + + /// + /// Creates an instance of TrustAnchor where the most-trusted + /// CA is specified as a distinguished name and public key. Name constraints + /// are an optional parameter, and are intended to be used as additional + /// constraints when validating an X.509 certification path. + ///
    + /// The name constraints are specified as a byte array. This byte array + /// contains the DER encoded form of the name constraints, as they would + /// appear in the NameConstraints structure defined in RFC 2459 and X.509. + ///     + /// the X.500 distinguished name of the most-trusted CA in RFC + /// 2253 string format + /// the public key of the most-trusted CA + /// a byte array containing the ASN.1 DER encoding of a + /// NameConstraints extension to be used for checking name + /// constraints. Only the value of the extension is included, not + /// the OID or criticality flag. Specify null to omit the + /// parameter. + /// throws NullPointerException, IllegalArgumentException + public TrustAnchor( + string caName, + AsymmetricKeyParameter pubKey, + byte[] nameConstraints) + { + if (caName == null) + throw new ArgumentNullException("caName"); + if (pubKey == null) + throw new ArgumentNullException("pubKey"); + if (caName.Length == 0) + throw new ArgumentException("caName can not be an empty string"); + + this.caPrincipal = new X509Name(caName); + this.pubKey = pubKey; + this.caName = caName; + this.trustedCert = null; + setNameConstraints(nameConstraints); + } + + /// + /// Returns the most-trusted CA certificate. + /// + public X509Certificate TrustedCert + { + get { return this.trustedCert; } + } + + /// + /// Returns the name of the most-trusted CA as an X509Name. + /// + public X509Name CA + { + get { return this.caPrincipal; } + } + + /// + /// Returns the name of the most-trusted CA in RFC 2253 string format. + /// + public string CAName + { + get { return this.caName; } + } + + /// + /// Returns the public key of the most-trusted CA. + /// + public AsymmetricKeyParameter CAPublicKey + { + get { return this.pubKey; } + } + + /// + /// Decode the name constraints and clone them if not null. + /// + private void setNameConstraints( + byte[] bytes) + { + if (bytes == null) + { + ncBytes = null; + nc = null; + } + else + { + ncBytes = (byte[]) bytes.Clone(); + // validate DER encoding + //nc = new NameConstraintsExtension(Boolean.FALSE, bytes); + nc = NameConstraints.GetInstance(Asn1Object.FromByteArray(bytes)); + } + } + + public byte[] GetNameConstraints + { + get { return Arrays.Clone(ncBytes); } + } + + /// + /// Returns a formatted string describing the TrustAnchor. + /// + /// a formatted string describing the TrustAnchor + public override string ToString() + { + // TODO Some of the sub-objects might not implement ToString() properly + string nl = Platform.NewLine; + StringBuilder sb = new StringBuilder(); + sb.Append("["); + sb.Append(nl); + if (this.pubKey != null) + { + sb.Append(" Trusted CA Public Key: ").Append(this.pubKey).Append(nl); + sb.Append(" Trusted CA Issuer Name: ").Append(this.caName).Append(nl); + } + else + { + sb.Append(" Trusted CA cert: ").Append(this.TrustedCert).Append(nl); + } + if (nc != null) + { + sb.Append(" Name Constraints: ").Append(nc).Append(nl); + } + return sb.ToString(); + } + } +} \ No newline at end of file diff --git a/BouncyCastle/crypto/src/security/AgreementUtilities.cs b/BouncyCastle/crypto/src/security/AgreementUtilities.cs new file mode 100644 index 0000000..26d1628 --- /dev/null +++ b/BouncyCastle/crypto/src/security/AgreementUtilities.cs @@ -0,0 +1,124 @@ +using System.Collections; + +using Org.BouncyCastle.Asn1; +using Org.BouncyCastle.Asn1.EdEC; +using Org.BouncyCastle.Asn1.X9; +using Org.BouncyCastle.Crypto; +using Org.BouncyCastle.Crypto.Agreement; +using Org.BouncyCastle.Crypto.Agreement.Kdf; +using Org.BouncyCastle.Crypto.Digests; +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Security +{ + /// + /// Utility class for creating IBasicAgreement objects from their names/Oids + /// + public sealed class AgreementUtilities + { + private AgreementUtilities() + { + } + + private static readonly IDictionary algorithms = Platform.CreateHashtable(); + //private static readonly IDictionary oids = Platform.CreateHashtable(); + + static AgreementUtilities() + { + algorithms[X9ObjectIdentifiers.DHSinglePassCofactorDHSha1KdfScheme.Id] = "ECCDHWITHSHA1KDF"; + algorithms[X9ObjectIdentifiers.DHSinglePassStdDHSha1KdfScheme.Id] = "ECDHWITHSHA1KDF"; + algorithms[X9ObjectIdentifiers.MqvSinglePassSha1KdfScheme.Id] = "ECMQVWITHSHA1KDF"; + + algorithms[EdECObjectIdentifiers.id_X25519.Id] = "X25519"; + algorithms[EdECObjectIdentifiers.id_X448.Id] = "X448"; + } + + public static IBasicAgreement GetBasicAgreement( + DerObjectIdentifier oid) + { + return GetBasicAgreement(oid.Id); + } + + public static IBasicAgreement GetBasicAgreement( + string algorithm) + { + string mechanism = GetMechanism(algorithm); + + if (mechanism == "DH" || mechanism == "DIFFIEHELLMAN") + return new DHBasicAgreement(); + + if (mechanism == "ECDH") + return new ECDHBasicAgreement(); + + if (mechanism == "ECDHC" || mechanism == "ECCDH") + return new ECDHCBasicAgreement(); + + if (mechanism == "ECMQV") + return new ECMqvBasicAgreement(); + + throw new SecurityUtilityException("Basic Agreement " + algorithm + " not recognised."); + } + + public static IBasicAgreement GetBasicAgreementWithKdf( + DerObjectIdentifier oid, + string wrapAlgorithm) + { + return GetBasicAgreementWithKdf(oid.Id, wrapAlgorithm); + } + + public static IBasicAgreement GetBasicAgreementWithKdf( + string agreeAlgorithm, + string wrapAlgorithm) + { + string mechanism = GetMechanism(agreeAlgorithm); + + // 'DHWITHSHA1KDF' retained for backward compatibility + if (mechanism == "DHWITHSHA1KDF" || mechanism == "ECDHWITHSHA1KDF") + return new ECDHWithKdfBasicAgreement( + wrapAlgorithm, + new ECDHKekGenerator( + new Sha1Digest())); + + if (mechanism == "ECMQVWITHSHA1KDF") + return new ECMqvWithKdfBasicAgreement( + wrapAlgorithm, + new ECDHKekGenerator( + new Sha1Digest())); + + throw new SecurityUtilityException("Basic Agreement (with KDF) " + agreeAlgorithm + " not recognised."); + } + + public static IRawAgreement GetRawAgreement( + DerObjectIdentifier oid) + { + return GetRawAgreement(oid.Id); + } + + public static IRawAgreement GetRawAgreement( + string algorithm) + { + string mechanism = GetMechanism(algorithm); + + if (mechanism == "X25519") + return new X25519Agreement(); + + if (mechanism == "X448") + return new X448Agreement(); + + throw new SecurityUtilityException("Raw Agreement " + algorithm + " not recognised."); + } + + public static string GetAlgorithmName( + DerObjectIdentifier oid) + { + return (string)algorithms[oid.Id]; + } + + private static string GetMechanism(string algorithm) + { + string upper = Platform.ToUpperInvariant(algorithm); + string mechanism = (string)algorithms[upper]; + return mechanism == null ? upper : mechanism; + } + } +} diff --git a/BouncyCastle/crypto/src/security/CipherUtilities.cs b/BouncyCastle/crypto/src/security/CipherUtilities.cs new file mode 100644 index 0000000..3b92add --- /dev/null +++ b/BouncyCastle/crypto/src/security/CipherUtilities.cs @@ -0,0 +1,840 @@ +using System; +using System.Collections; + +using Org.BouncyCastle.Asn1; +using Org.BouncyCastle.Asn1.CryptoPro; +using Org.BouncyCastle.Asn1.Kisa; +using Org.BouncyCastle.Asn1.Nist; +using Org.BouncyCastle.Asn1.Nsri; +using Org.BouncyCastle.Asn1.Ntt; +using Org.BouncyCastle.Asn1.Oiw; +using Org.BouncyCastle.Asn1.Pkcs; +using Org.BouncyCastle.Crypto; +using Org.BouncyCastle.Crypto.Agreement; +using Org.BouncyCastle.Crypto.Digests; +using Org.BouncyCastle.Crypto.Encodings; +using Org.BouncyCastle.Crypto.Engines; +using Org.BouncyCastle.Crypto.Generators; +using Org.BouncyCastle.Crypto.Macs; +using Org.BouncyCastle.Crypto.Modes; +using Org.BouncyCastle.Crypto.Paddings; +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Security +{ + /// + /// Cipher Utility class contains methods that can not be specifically grouped into other classes. + /// + public sealed class CipherUtilities + { + private enum CipherAlgorithm { + AES, + ARC4, + ARIA, + BLOWFISH, + CAMELLIA, + CAST5, + CAST6, + CHACHA, + CHACHA20_POLY1305, + CHACHA7539, + DES, + DESEDE, + ELGAMAL, + GOST28147, + HC128, + HC256, + IDEA, + NOEKEON, + PBEWITHSHAAND128BITRC4, + PBEWITHSHAAND40BITRC4, + RC2, + RC5, + RC5_64, + RC6, + RIJNDAEL, + RSA, + SALSA20, + SEED, + SERPENT, + SKIPJACK, + SM4, + TEA, + THREEFISH_256, + THREEFISH_512, + THREEFISH_1024, + TNEPRES, + TWOFISH, + VMPC, + VMPC_KSA3, + XTEA, + }; + + private enum CipherMode { ECB, NONE, CBC, CCM, CFB, CTR, CTS, EAX, GCM, GOFB, OCB, OFB, OPENPGPCFB, SIC }; + private enum CipherPadding + { + NOPADDING, + RAW, + ISO10126PADDING, + ISO10126D2PADDING, + ISO10126_2PADDING, + ISO7816_4PADDING, + ISO9797_1PADDING, + ISO9796_1, + ISO9796_1PADDING, + OAEP, + OAEPPADDING, + OAEPWITHMD5ANDMGF1PADDING, + OAEPWITHSHA1ANDMGF1PADDING, + OAEPWITHSHA_1ANDMGF1PADDING, + OAEPWITHSHA224ANDMGF1PADDING, + OAEPWITHSHA_224ANDMGF1PADDING, + OAEPWITHSHA256ANDMGF1PADDING, + OAEPWITHSHA_256ANDMGF1PADDING, + OAEPWITHSHA256ANDMGF1WITHSHA256PADDING, + OAEPWITHSHA_256ANDMGF1WITHSHA_256PADDING, + OAEPWITHSHA256ANDMGF1WITHSHA1PADDING, + OAEPWITHSHA_256ANDMGF1WITHSHA_1PADDING, + OAEPWITHSHA384ANDMGF1PADDING, + OAEPWITHSHA_384ANDMGF1PADDING, + OAEPWITHSHA512ANDMGF1PADDING, + OAEPWITHSHA_512ANDMGF1PADDING, + PKCS1, + PKCS1PADDING, + PKCS5, + PKCS5PADDING, + PKCS7, + PKCS7PADDING, + TBCPADDING, + WITHCTS, + X923PADDING, + ZEROBYTEPADDING, + }; + + private static readonly IDictionary algorithms = Platform.CreateHashtable(); + private static readonly IDictionary oids = Platform.CreateHashtable(); + + static CipherUtilities() + { + // Signal to obfuscation tools not to change enum constants + ((CipherAlgorithm)Enums.GetArbitraryValue(typeof(CipherAlgorithm))).ToString(); + ((CipherMode)Enums.GetArbitraryValue(typeof(CipherMode))).ToString(); + ((CipherPadding)Enums.GetArbitraryValue(typeof(CipherPadding))).ToString(); + + // TODO Flesh out the list of aliases + + algorithms[NistObjectIdentifiers.IdAes128Cbc.Id] = "AES/CBC/PKCS7PADDING"; + algorithms[NistObjectIdentifiers.IdAes192Cbc.Id] = "AES/CBC/PKCS7PADDING"; + algorithms[NistObjectIdentifiers.IdAes256Cbc.Id] = "AES/CBC/PKCS7PADDING"; + + algorithms[NistObjectIdentifiers.IdAes128Ccm.Id] = "AES/CCM/NOPADDING"; + algorithms[NistObjectIdentifiers.IdAes192Ccm.Id] = "AES/CCM/NOPADDING"; + algorithms[NistObjectIdentifiers.IdAes256Ccm.Id] = "AES/CCM/NOPADDING"; + + algorithms[NistObjectIdentifiers.IdAes128Cfb.Id] = "AES/CFB/NOPADDING"; + algorithms[NistObjectIdentifiers.IdAes192Cfb.Id] = "AES/CFB/NOPADDING"; + algorithms[NistObjectIdentifiers.IdAes256Cfb.Id] = "AES/CFB/NOPADDING"; + + algorithms[NistObjectIdentifiers.IdAes128Ecb.Id] = "AES/ECB/PKCS7PADDING"; + algorithms[NistObjectIdentifiers.IdAes192Ecb.Id] = "AES/ECB/PKCS7PADDING"; + algorithms[NistObjectIdentifiers.IdAes256Ecb.Id] = "AES/ECB/PKCS7PADDING"; + algorithms["AES//PKCS7"] = "AES/ECB/PKCS7PADDING"; + algorithms["AES//PKCS7PADDING"] = "AES/ECB/PKCS7PADDING"; + algorithms["AES//PKCS5"] = "AES/ECB/PKCS7PADDING"; + algorithms["AES//PKCS5PADDING"] = "AES/ECB/PKCS7PADDING"; + + algorithms[NistObjectIdentifiers.IdAes128Gcm.Id] = "AES/GCM/NOPADDING"; + algorithms[NistObjectIdentifiers.IdAes192Gcm.Id] = "AES/GCM/NOPADDING"; + algorithms[NistObjectIdentifiers.IdAes256Gcm.Id] = "AES/GCM/NOPADDING"; + + algorithms[NistObjectIdentifiers.IdAes128Ofb.Id] = "AES/OFB/NOPADDING"; + algorithms[NistObjectIdentifiers.IdAes192Ofb.Id] = "AES/OFB/NOPADDING"; + algorithms[NistObjectIdentifiers.IdAes256Ofb.Id] = "AES/OFB/NOPADDING"; + + algorithms[NsriObjectIdentifiers.id_aria128_cbc.Id] = "ARIA/CBC/PKCS7PADDING"; + algorithms[NsriObjectIdentifiers.id_aria192_cbc.Id] = "ARIA/CBC/PKCS7PADDING"; + algorithms[NsriObjectIdentifiers.id_aria256_cbc.Id] = "ARIA/CBC/PKCS7PADDING"; + + algorithms[NsriObjectIdentifiers.id_aria128_ccm.Id] = "ARIA/CCM/NOPADDING"; + algorithms[NsriObjectIdentifiers.id_aria192_ccm.Id] = "ARIA/CCM/NOPADDING"; + algorithms[NsriObjectIdentifiers.id_aria256_ccm.Id] = "ARIA/CCM/NOPADDING"; + + algorithms[NsriObjectIdentifiers.id_aria128_cfb.Id] = "ARIA/CFB/NOPADDING"; + algorithms[NsriObjectIdentifiers.id_aria192_cfb.Id] = "ARIA/CFB/NOPADDING"; + algorithms[NsriObjectIdentifiers.id_aria256_cfb.Id] = "ARIA/CFB/NOPADDING"; + + algorithms[NsriObjectIdentifiers.id_aria128_ctr.Id] = "ARIA/CTR/NOPADDING"; + algorithms[NsriObjectIdentifiers.id_aria192_ctr.Id] = "ARIA/CTR/NOPADDING"; + algorithms[NsriObjectIdentifiers.id_aria256_ctr.Id] = "ARIA/CTR/NOPADDING"; + + algorithms[NsriObjectIdentifiers.id_aria128_ecb.Id] = "ARIA/ECB/PKCS7PADDING"; + algorithms[NsriObjectIdentifiers.id_aria192_ecb.Id] = "ARIA/ECB/PKCS7PADDING"; + algorithms[NsriObjectIdentifiers.id_aria256_ecb.Id] = "ARIA/ECB/PKCS7PADDING"; + algorithms["ARIA//PKCS7"] = "ARIA/ECB/PKCS7PADDING"; + algorithms["ARIA//PKCS7PADDING"] = "ARIA/ECB/PKCS7PADDING"; + algorithms["ARIA//PKCS5"] = "ARIA/ECB/PKCS7PADDING"; + algorithms["ARIA//PKCS5PADDING"] = "ARIA/ECB/PKCS7PADDING"; + + algorithms[NsriObjectIdentifiers.id_aria128_gcm.Id] = "ARIA/GCM/NOPADDING"; + algorithms[NsriObjectIdentifiers.id_aria192_gcm.Id] = "ARIA/GCM/NOPADDING"; + algorithms[NsriObjectIdentifiers.id_aria256_gcm.Id] = "ARIA/GCM/NOPADDING"; + + algorithms[NsriObjectIdentifiers.id_aria128_ofb.Id] = "ARIA/OFB/NOPADDING"; + algorithms[NsriObjectIdentifiers.id_aria192_ofb.Id] = "ARIA/OFB/NOPADDING"; + algorithms[NsriObjectIdentifiers.id_aria256_ofb.Id] = "ARIA/OFB/NOPADDING"; + + algorithms["RSA/ECB/PKCS1"] = "RSA//PKCS1PADDING"; + algorithms["RSA/ECB/PKCS1PADDING"] = "RSA//PKCS1PADDING"; + algorithms[PkcsObjectIdentifiers.RsaEncryption.Id] = "RSA//PKCS1PADDING"; + algorithms[PkcsObjectIdentifiers.IdRsaesOaep.Id] = "RSA//OAEPPADDING"; + + algorithms[OiwObjectIdentifiers.DesCbc.Id] = "DES/CBC"; + algorithms[OiwObjectIdentifiers.DesCfb.Id] = "DES/CFB"; + algorithms[OiwObjectIdentifiers.DesEcb.Id] = "DES/ECB"; + algorithms[OiwObjectIdentifiers.DesOfb.Id] = "DES/OFB"; + algorithms[OiwObjectIdentifiers.DesEde.Id] = "DESEDE"; + algorithms["TDEA"] = "DESEDE"; + algorithms[PkcsObjectIdentifiers.DesEde3Cbc.Id] = "DESEDE/CBC"; + algorithms[PkcsObjectIdentifiers.RC2Cbc.Id] = "RC2/CBC"; + algorithms["1.3.6.1.4.1.188.7.1.1.2"] = "IDEA/CBC"; + algorithms["1.2.840.113533.7.66.10"] = "CAST5/CBC"; + + algorithms["RC4"] = "ARC4"; + algorithms["ARCFOUR"] = "ARC4"; + algorithms["1.2.840.113549.3.4"] = "ARC4"; + + + + algorithms["PBEWITHSHA1AND128BITRC4"] = "PBEWITHSHAAND128BITRC4"; + algorithms[PkcsObjectIdentifiers.PbeWithShaAnd128BitRC4.Id] = "PBEWITHSHAAND128BITRC4"; + algorithms["PBEWITHSHA1AND40BITRC4"] = "PBEWITHSHAAND40BITRC4"; + algorithms[PkcsObjectIdentifiers.PbeWithShaAnd40BitRC4.Id] = "PBEWITHSHAAND40BITRC4"; + + algorithms["PBEWITHSHA1ANDDES"] = "PBEWITHSHA1ANDDES-CBC"; + algorithms[PkcsObjectIdentifiers.PbeWithSha1AndDesCbc.Id] = "PBEWITHSHA1ANDDES-CBC"; + algorithms["PBEWITHSHA1ANDRC2"] = "PBEWITHSHA1ANDRC2-CBC"; + algorithms[PkcsObjectIdentifiers.PbeWithSha1AndRC2Cbc.Id] = "PBEWITHSHA1ANDRC2-CBC"; + + algorithms["PBEWITHSHA1AND3-KEYTRIPLEDES-CBC"] = "PBEWITHSHAAND3-KEYTRIPLEDES-CBC"; + algorithms["PBEWITHSHAAND3KEYTRIPLEDES"] = "PBEWITHSHAAND3-KEYTRIPLEDES-CBC"; + algorithms[PkcsObjectIdentifiers.PbeWithShaAnd3KeyTripleDesCbc.Id] = "PBEWITHSHAAND3-KEYTRIPLEDES-CBC"; + algorithms["PBEWITHSHA1ANDDESEDE"] = "PBEWITHSHAAND3-KEYTRIPLEDES-CBC"; + + algorithms["PBEWITHSHA1AND2-KEYTRIPLEDES-CBC"] = "PBEWITHSHAAND2-KEYTRIPLEDES-CBC"; + algorithms[PkcsObjectIdentifiers.PbeWithShaAnd2KeyTripleDesCbc.Id] = "PBEWITHSHAAND2-KEYTRIPLEDES-CBC"; + + algorithms["PBEWITHSHA1AND128BITRC2-CBC"] = "PBEWITHSHAAND128BITRC2-CBC"; + algorithms[PkcsObjectIdentifiers.PbeWithShaAnd128BitRC2Cbc.Id] = "PBEWITHSHAAND128BITRC2-CBC"; + + algorithms["PBEWITHSHA1AND40BITRC2-CBC"] = "PBEWITHSHAAND40BITRC2-CBC"; + algorithms[PkcsObjectIdentifiers.PbewithShaAnd40BitRC2Cbc.Id] = "PBEWITHSHAAND40BITRC2-CBC"; + + algorithms["PBEWITHSHA1AND128BITAES-CBC-BC"] = "PBEWITHSHAAND128BITAES-CBC-BC"; + algorithms["PBEWITHSHA-1AND128BITAES-CBC-BC"] = "PBEWITHSHAAND128BITAES-CBC-BC"; + + algorithms["PBEWITHSHA1AND192BITAES-CBC-BC"] = "PBEWITHSHAAND192BITAES-CBC-BC"; + algorithms["PBEWITHSHA-1AND192BITAES-CBC-BC"] = "PBEWITHSHAAND192BITAES-CBC-BC"; + + algorithms["PBEWITHSHA1AND256BITAES-CBC-BC"] = "PBEWITHSHAAND256BITAES-CBC-BC"; + algorithms["PBEWITHSHA-1AND256BITAES-CBC-BC"] = "PBEWITHSHAAND256BITAES-CBC-BC"; + + algorithms["PBEWITHSHA-256AND128BITAES-CBC-BC"] = "PBEWITHSHA256AND128BITAES-CBC-BC"; + algorithms["PBEWITHSHA-256AND192BITAES-CBC-BC"] = "PBEWITHSHA256AND192BITAES-CBC-BC"; + algorithms["PBEWITHSHA-256AND256BITAES-CBC-BC"] = "PBEWITHSHA256AND256BITAES-CBC-BC"; + + + algorithms["GOST"] = "GOST28147"; + algorithms["GOST-28147"] = "GOST28147"; + algorithms[CryptoProObjectIdentifiers.GostR28147Cbc.Id] = "GOST28147/CBC/PKCS7PADDING"; + + algorithms["RC5-32"] = "RC5"; + + algorithms[NttObjectIdentifiers.IdCamellia128Cbc.Id] = "CAMELLIA/CBC/PKCS7PADDING"; + algorithms[NttObjectIdentifiers.IdCamellia192Cbc.Id] = "CAMELLIA/CBC/PKCS7PADDING"; + algorithms[NttObjectIdentifiers.IdCamellia256Cbc.Id] = "CAMELLIA/CBC/PKCS7PADDING"; + + algorithms[KisaObjectIdentifiers.IdSeedCbc.Id] = "SEED/CBC/PKCS7PADDING"; + + algorithms["1.3.6.1.4.1.3029.1.2"] = "BLOWFISH/CBC"; + + algorithms["CHACHA20"] = "CHACHA7539"; + algorithms[PkcsObjectIdentifiers.IdAlgAeadChaCha20Poly1305.Id] = "CHACHA20-POLY1305"; + } + + private CipherUtilities() + { + } + + /// + /// Returns a ObjectIdentifier for a give encoding. + /// + /// A string representation of the encoding. + /// A DerObjectIdentifier, null if the Oid is not available. + // TODO Don't really want to support this + public static DerObjectIdentifier GetObjectIdentifier( + string mechanism) + { + if (mechanism == null) + throw new ArgumentNullException("mechanism"); + + mechanism = Platform.ToUpperInvariant(mechanism); + string aliased = (string) algorithms[mechanism]; + + if (aliased != null) + mechanism = aliased; + + return (DerObjectIdentifier) oids[mechanism]; + } + + public static ICollection Algorithms + { + get { return oids.Keys; } + } + + public static IBufferedCipher GetCipher( + DerObjectIdentifier oid) + { + return GetCipher(oid.Id); + } + + public static IBufferedCipher GetCipher( + string algorithm) + { + if (algorithm == null) + throw new ArgumentNullException("algorithm"); + + algorithm = Platform.ToUpperInvariant(algorithm); + + { + string aliased = (string) algorithms[algorithm]; + + if (aliased != null) + algorithm = aliased; + } + + IBasicAgreement iesAgreement = null; + if (algorithm == "IES") + { + iesAgreement = new DHBasicAgreement(); + } + else if (algorithm == "ECIES") + { + iesAgreement = new ECDHBasicAgreement(); + } + + if (iesAgreement != null) + { + return new BufferedIesCipher( + new IesEngine( + iesAgreement, + new Kdf2BytesGenerator( + new Sha1Digest()), + new HMac( + new Sha1Digest()))); + } + + + + if (Platform.StartsWith(algorithm, "PBE")) + { + if (Platform.EndsWith(algorithm, "-CBC")) + { + if (algorithm == "PBEWITHSHA1ANDDES-CBC") + { + return new PaddedBufferedBlockCipher( + new CbcBlockCipher(new DesEngine())); + } + else if (algorithm == "PBEWITHSHA1ANDRC2-CBC") + { + return new PaddedBufferedBlockCipher( + new CbcBlockCipher(new RC2Engine())); + } + else if (Strings.IsOneOf(algorithm, + "PBEWITHSHAAND2-KEYTRIPLEDES-CBC", "PBEWITHSHAAND3-KEYTRIPLEDES-CBC")) + { + return new PaddedBufferedBlockCipher( + new CbcBlockCipher(new DesEdeEngine())); + } + else if (Strings.IsOneOf(algorithm, + "PBEWITHSHAAND128BITRC2-CBC", "PBEWITHSHAAND40BITRC2-CBC")) + { + return new PaddedBufferedBlockCipher( + new CbcBlockCipher(new RC2Engine())); + } + } + else if (Platform.EndsWith(algorithm, "-BC") || Platform.EndsWith(algorithm, "-OPENSSL")) + { + if (Strings.IsOneOf(algorithm, + "PBEWITHSHAAND128BITAES-CBC-BC", + "PBEWITHSHAAND192BITAES-CBC-BC", + "PBEWITHSHAAND256BITAES-CBC-BC", + "PBEWITHSHA256AND128BITAES-CBC-BC", + "PBEWITHSHA256AND192BITAES-CBC-BC", + "PBEWITHSHA256AND256BITAES-CBC-BC", + "PBEWITHMD5AND128BITAES-CBC-OPENSSL", + "PBEWITHMD5AND192BITAES-CBC-OPENSSL", + "PBEWITHMD5AND256BITAES-CBC-OPENSSL")) + { + return new PaddedBufferedBlockCipher( + new CbcBlockCipher(new AesEngine())); + } + } + } + + + + string[] parts = algorithm.Split('/'); + + IAeadCipher aeadCipher = null; + IBlockCipher blockCipher = null; + IAsymmetricBlockCipher asymBlockCipher = null; + IStreamCipher streamCipher = null; + + string algorithmName = parts[0]; + + { + string aliased = (string)algorithms[algorithmName]; + + if (aliased != null) + algorithmName = aliased; + } + + CipherAlgorithm cipherAlgorithm; + try + { + cipherAlgorithm = (CipherAlgorithm)Enums.GetEnumValue(typeof(CipherAlgorithm), algorithmName); + } + catch (ArgumentException) + { + throw new SecurityUtilityException("Cipher " + algorithm + " not recognised."); + } + + switch (cipherAlgorithm) + { + case CipherAlgorithm.AES: + blockCipher = new AesEngine(); + break; + case CipherAlgorithm.ARC4: + streamCipher = new RC4Engine(); + break; + case CipherAlgorithm.ARIA: + blockCipher = new AriaEngine(); + break; + case CipherAlgorithm.BLOWFISH: + blockCipher = new BlowfishEngine(); + break; + case CipherAlgorithm.CAMELLIA: + blockCipher = new CamelliaEngine(); + break; + case CipherAlgorithm.CAST5: + blockCipher = new Cast5Engine(); + break; + case CipherAlgorithm.CAST6: + blockCipher = new Cast6Engine(); + break; + case CipherAlgorithm.CHACHA: + streamCipher = new ChaChaEngine(); + break; + case CipherAlgorithm.CHACHA20_POLY1305: + aeadCipher = new ChaCha20Poly1305(); + break; + case CipherAlgorithm.CHACHA7539: + streamCipher = new ChaCha7539Engine(); + break; + case CipherAlgorithm.DES: + blockCipher = new DesEngine(); + break; + case CipherAlgorithm.DESEDE: + blockCipher = new DesEdeEngine(); + break; + case CipherAlgorithm.ELGAMAL: + asymBlockCipher = new ElGamalEngine(); + break; + case CipherAlgorithm.GOST28147: + blockCipher = new Gost28147Engine(); + break; + case CipherAlgorithm.HC128: + streamCipher = new HC128Engine(); + break; + case CipherAlgorithm.HC256: + streamCipher = new HC256Engine(); + break; + case CipherAlgorithm.IDEA: + blockCipher = new IdeaEngine(); + break; + case CipherAlgorithm.NOEKEON: + blockCipher = new NoekeonEngine(); + break; + case CipherAlgorithm.PBEWITHSHAAND128BITRC4: + case CipherAlgorithm.PBEWITHSHAAND40BITRC4: + streamCipher = new RC4Engine(); + break; + case CipherAlgorithm.RC2: + blockCipher = new RC2Engine(); + break; + case CipherAlgorithm.RC5: + blockCipher = new RC532Engine(); + break; + case CipherAlgorithm.RC5_64: + blockCipher = new RC564Engine(); + break; + case CipherAlgorithm.RC6: + blockCipher = new RC6Engine(); + break; + case CipherAlgorithm.RIJNDAEL: + blockCipher = new RijndaelEngine(); + break; + case CipherAlgorithm.RSA: + asymBlockCipher = new RsaBlindedEngine(); + break; + case CipherAlgorithm.SALSA20: + streamCipher = new Salsa20Engine(); + break; + case CipherAlgorithm.SEED: + blockCipher = new SeedEngine(); + break; + case CipherAlgorithm.SERPENT: + blockCipher = new SerpentEngine(); + break; + case CipherAlgorithm.SKIPJACK: + blockCipher = new SkipjackEngine(); + break; + case CipherAlgorithm.SM4: + blockCipher = new SM4Engine(); + break; + case CipherAlgorithm.TEA: + blockCipher = new TeaEngine(); + break; + case CipherAlgorithm.THREEFISH_256: + blockCipher = new ThreefishEngine(ThreefishEngine.BLOCKSIZE_256); + break; + case CipherAlgorithm.THREEFISH_512: + blockCipher = new ThreefishEngine(ThreefishEngine.BLOCKSIZE_512); + break; + case CipherAlgorithm.THREEFISH_1024: + blockCipher = new ThreefishEngine(ThreefishEngine.BLOCKSIZE_1024); + break; + case CipherAlgorithm.TNEPRES: + blockCipher = new TnepresEngine(); + break; + case CipherAlgorithm.TWOFISH: + blockCipher = new TwofishEngine(); + break; + case CipherAlgorithm.VMPC: + streamCipher = new VmpcEngine(); + break; + case CipherAlgorithm.VMPC_KSA3: + streamCipher = new VmpcKsa3Engine(); + break; + case CipherAlgorithm.XTEA: + blockCipher = new XteaEngine(); + break; + default: + throw new SecurityUtilityException("Cipher " + algorithm + " not recognised."); + } + + if (aeadCipher != null) + { + if (parts.Length > 1) + throw new ArgumentException("Modes and paddings cannot be applied to AEAD ciphers"); + + return new BufferedAeadCipher(aeadCipher); + } + + if (streamCipher != null) + { + if (parts.Length > 1) + throw new ArgumentException("Modes and paddings not used for stream ciphers"); + + return new BufferedStreamCipher(streamCipher); + } + + + bool cts = false; + bool padded = true; + IBlockCipherPadding padding = null; + IAeadBlockCipher aeadBlockCipher = null; + + if (parts.Length > 2) + { + if (streamCipher != null) + throw new ArgumentException("Paddings not used for stream ciphers"); + + string paddingName = parts[2]; + + CipherPadding cipherPadding; + if (paddingName == "") + { + cipherPadding = CipherPadding.RAW; + } + else if (paddingName == "X9.23PADDING") + { + cipherPadding = CipherPadding.X923PADDING; + } + else + { + try + { + cipherPadding = (CipherPadding)Enums.GetEnumValue(typeof(CipherPadding), paddingName); + } + catch (ArgumentException) + { + throw new SecurityUtilityException("Cipher " + algorithm + " not recognised."); + } + } + + switch (cipherPadding) + { + case CipherPadding.NOPADDING: + padded = false; + break; + case CipherPadding.RAW: + break; + case CipherPadding.ISO10126PADDING: + case CipherPadding.ISO10126D2PADDING: + case CipherPadding.ISO10126_2PADDING: + padding = new ISO10126d2Padding(); + break; + case CipherPadding.ISO7816_4PADDING: + case CipherPadding.ISO9797_1PADDING: + padding = new ISO7816d4Padding(); + break; + case CipherPadding.ISO9796_1: + case CipherPadding.ISO9796_1PADDING: + asymBlockCipher = new ISO9796d1Encoding(asymBlockCipher); + break; + case CipherPadding.OAEP: + case CipherPadding.OAEPPADDING: + asymBlockCipher = new OaepEncoding(asymBlockCipher); + break; + case CipherPadding.OAEPWITHMD5ANDMGF1PADDING: + asymBlockCipher = new OaepEncoding(asymBlockCipher, new MD5Digest()); + break; + case CipherPadding.OAEPWITHSHA1ANDMGF1PADDING: + case CipherPadding.OAEPWITHSHA_1ANDMGF1PADDING: + asymBlockCipher = new OaepEncoding(asymBlockCipher, new Sha1Digest()); + break; + case CipherPadding.OAEPWITHSHA224ANDMGF1PADDING: + case CipherPadding.OAEPWITHSHA_224ANDMGF1PADDING: + asymBlockCipher = new OaepEncoding(asymBlockCipher, new Sha224Digest()); + break; + case CipherPadding.OAEPWITHSHA256ANDMGF1PADDING: + case CipherPadding.OAEPWITHSHA_256ANDMGF1PADDING: + case CipherPadding.OAEPWITHSHA256ANDMGF1WITHSHA256PADDING: + case CipherPadding.OAEPWITHSHA_256ANDMGF1WITHSHA_256PADDING: + asymBlockCipher = new OaepEncoding(asymBlockCipher, new Sha256Digest()); + break; + case CipherPadding.OAEPWITHSHA256ANDMGF1WITHSHA1PADDING: + case CipherPadding.OAEPWITHSHA_256ANDMGF1WITHSHA_1PADDING: + asymBlockCipher = new OaepEncoding(asymBlockCipher, new Sha256Digest(), new Sha1Digest(), null); + break; + case CipherPadding.OAEPWITHSHA384ANDMGF1PADDING: + case CipherPadding.OAEPWITHSHA_384ANDMGF1PADDING: + asymBlockCipher = new OaepEncoding(asymBlockCipher, new Sha384Digest()); + break; + case CipherPadding.OAEPWITHSHA512ANDMGF1PADDING: + case CipherPadding.OAEPWITHSHA_512ANDMGF1PADDING: + asymBlockCipher = new OaepEncoding(asymBlockCipher, new Sha512Digest()); + break; + case CipherPadding.PKCS1: + case CipherPadding.PKCS1PADDING: + asymBlockCipher = new Pkcs1Encoding(asymBlockCipher); + break; + case CipherPadding.PKCS5: + case CipherPadding.PKCS5PADDING: + case CipherPadding.PKCS7: + case CipherPadding.PKCS7PADDING: + padding = new Pkcs7Padding(); + break; + case CipherPadding.TBCPADDING: + padding = new TbcPadding(); + break; + case CipherPadding.WITHCTS: + cts = true; + break; + case CipherPadding.X923PADDING: + padding = new X923Padding(); + break; + case CipherPadding.ZEROBYTEPADDING: + padding = new ZeroBytePadding(); + break; + default: + throw new SecurityUtilityException("Cipher " + algorithm + " not recognised."); + } + } + + string mode = ""; + if (parts.Length > 1) + { + mode = parts[1]; + + int di = GetDigitIndex(mode); + string modeName = di >= 0 ? mode.Substring(0, di) : mode; + + try + { + CipherMode cipherMode = modeName == "" + ? CipherMode.NONE + : (CipherMode)Enums.GetEnumValue(typeof(CipherMode), modeName); + + switch (cipherMode) + { + case CipherMode.ECB: + case CipherMode.NONE: + break; + case CipherMode.CBC: + blockCipher = new CbcBlockCipher(blockCipher); + break; + case CipherMode.CCM: + aeadBlockCipher = new CcmBlockCipher(blockCipher); + break; + case CipherMode.CFB: + { + int bits = (di < 0) + ? 8 * blockCipher.GetBlockSize() + : int.Parse(mode.Substring(di)); + + blockCipher = new CfbBlockCipher(blockCipher, bits); + break; + } + case CipherMode.CTR: + blockCipher = new SicBlockCipher(blockCipher); + break; + case CipherMode.CTS: + cts = true; + blockCipher = new CbcBlockCipher(blockCipher); + break; + case CipherMode.EAX: + aeadBlockCipher = new EaxBlockCipher(blockCipher); + break; + case CipherMode.GCM: + aeadBlockCipher = new GcmBlockCipher(blockCipher); + break; + case CipherMode.GOFB: + blockCipher = new GOfbBlockCipher(blockCipher); + break; + case CipherMode.OCB: + aeadBlockCipher = new OcbBlockCipher(blockCipher, CreateBlockCipher(cipherAlgorithm)); + break; + case CipherMode.OFB: + { + int bits = (di < 0) + ? 8 * blockCipher.GetBlockSize() + : int.Parse(mode.Substring(di)); + + blockCipher = new OfbBlockCipher(blockCipher, bits); + break; + } + case CipherMode.OPENPGPCFB: + blockCipher = new OpenPgpCfbBlockCipher(blockCipher); + break; + case CipherMode.SIC: + if (blockCipher.GetBlockSize() < 16) + { + throw new ArgumentException("Warning: SIC-Mode can become a twotime-pad if the blocksize of the cipher is too small. Use a cipher with a block size of at least 128 bits (e.g. AES)"); + } + blockCipher = new SicBlockCipher(blockCipher); + break; + default: + throw new SecurityUtilityException("Cipher " + algorithm + " not recognised."); + } + } + catch (ArgumentException) + { + throw new SecurityUtilityException("Cipher " + algorithm + " not recognised."); + } + } + + if (aeadBlockCipher != null) + { + if (cts) + throw new SecurityUtilityException("CTS mode not valid for AEAD ciphers."); + if (padded && parts.Length > 2 && parts[2] != "") + throw new SecurityUtilityException("Bad padding specified for AEAD cipher."); + + return new BufferedAeadBlockCipher(aeadBlockCipher); + } + + if (blockCipher != null) + { + if (cts) + { + return new CtsBlockCipher(blockCipher); + } + + if (padding != null) + { + return new PaddedBufferedBlockCipher(blockCipher, padding); + } + + if (!padded || blockCipher.IsPartialBlockOkay) + { + return new BufferedBlockCipher(blockCipher); + } + + return new PaddedBufferedBlockCipher(blockCipher); + } + + if (asymBlockCipher != null) + { + return new BufferedAsymmetricBlockCipher(asymBlockCipher); + } + + throw new SecurityUtilityException("Cipher " + algorithm + " not recognised."); + } + + public static string GetAlgorithmName( + DerObjectIdentifier oid) + { + return (string) algorithms[oid.Id]; + } + + private static int GetDigitIndex( + string s) + { + for (int i = 0; i < s.Length; ++i) + { + if (char.IsDigit(s[i])) + return i; + } + + return -1; + } + + private static IBlockCipher CreateBlockCipher(CipherAlgorithm cipherAlgorithm) + { + switch (cipherAlgorithm) + { + case CipherAlgorithm.AES: return new AesEngine(); + case CipherAlgorithm.ARIA: return new AriaEngine(); + case CipherAlgorithm.BLOWFISH: return new BlowfishEngine(); + case CipherAlgorithm.CAMELLIA: return new CamelliaEngine(); + case CipherAlgorithm.CAST5: return new Cast5Engine(); + case CipherAlgorithm.CAST6: return new Cast6Engine(); + case CipherAlgorithm.DES: return new DesEngine(); + case CipherAlgorithm.DESEDE: return new DesEdeEngine(); + case CipherAlgorithm.GOST28147: return new Gost28147Engine(); + case CipherAlgorithm.IDEA: return new IdeaEngine(); + case CipherAlgorithm.NOEKEON: return new NoekeonEngine(); + case CipherAlgorithm.RC2: return new RC2Engine(); + case CipherAlgorithm.RC5: return new RC532Engine(); + case CipherAlgorithm.RC5_64: return new RC564Engine(); + case CipherAlgorithm.RC6: return new RC6Engine(); + case CipherAlgorithm.RIJNDAEL: return new RijndaelEngine(); + case CipherAlgorithm.SEED: return new SeedEngine(); + case CipherAlgorithm.SERPENT: return new SerpentEngine(); + case CipherAlgorithm.SKIPJACK: return new SkipjackEngine(); + case CipherAlgorithm.SM4: return new SM4Engine(); + case CipherAlgorithm.TEA: return new TeaEngine(); + case CipherAlgorithm.THREEFISH_256: return new ThreefishEngine(ThreefishEngine.BLOCKSIZE_256); + case CipherAlgorithm.THREEFISH_512: return new ThreefishEngine(ThreefishEngine.BLOCKSIZE_512); + case CipherAlgorithm.THREEFISH_1024: return new ThreefishEngine(ThreefishEngine.BLOCKSIZE_1024); + case CipherAlgorithm.TNEPRES: return new TnepresEngine(); + case CipherAlgorithm.TWOFISH: return new TwofishEngine(); + case CipherAlgorithm.XTEA: return new XteaEngine(); + default: + throw new SecurityUtilityException("Cipher " + cipherAlgorithm + " not recognised or not a block cipher"); + } + } + } +} diff --git a/BouncyCastle/crypto/src/security/DigestUtilities.cs b/BouncyCastle/crypto/src/security/DigestUtilities.cs new file mode 100644 index 0000000..c67dd8b --- /dev/null +++ b/BouncyCastle/crypto/src/security/DigestUtilities.cs @@ -0,0 +1,307 @@ +using System; +using System.Collections; + +using Org.BouncyCastle.Asn1; +using Org.BouncyCastle.Asn1.CryptoPro; +using Org.BouncyCastle.Asn1.GM; +using Org.BouncyCastle.Asn1.Misc; +using Org.BouncyCastle.Asn1.Nist; +using Org.BouncyCastle.Asn1.Pkcs; +using Org.BouncyCastle.Asn1.Oiw; +using Org.BouncyCastle.Asn1.Rosstandart; +using Org.BouncyCastle.Asn1.TeleTrust; +using Org.BouncyCastle.Asn1.UA; +using Org.BouncyCastle.Security; +using Org.BouncyCastle.Crypto.Digests; +using Org.BouncyCastle.Crypto; +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Security +{ + /// + /// Utility class for creating IDigest objects from their names/Oids + /// + public sealed class DigestUtilities + { + private enum DigestAlgorithm { + BLAKE2B_160, BLAKE2B_256, BLAKE2B_384, BLAKE2B_512, + BLAKE2S_128, BLAKE2S_160, BLAKE2S_224, BLAKE2S_256, + DSTU7564_256, DSTU7564_384, DSTU7564_512, + GOST3411, + GOST3411_2012_256, GOST3411_2012_512, + KECCAK_224, KECCAK_256, KECCAK_288, KECCAK_384, KECCAK_512, + MD2, MD4, MD5, + NONE, + RIPEMD128, RIPEMD160, RIPEMD256, RIPEMD320, + SHA_1, SHA_224, SHA_256, SHA_384, SHA_512, + SHA_512_224, SHA_512_256, + SHA3_224, SHA3_256, SHA3_384, SHA3_512, + SHAKE128_256, SHAKE256_512, + SM3, + TIGER, + WHIRLPOOL, + }; + + private DigestUtilities() + { + } + + private static readonly IDictionary algorithms = Platform.CreateHashtable(); + private static readonly IDictionary oids = Platform.CreateHashtable(); + + static DigestUtilities() + { + // Signal to obfuscation tools not to change enum constants + ((DigestAlgorithm)Enums.GetArbitraryValue(typeof(DigestAlgorithm))).ToString(); + + algorithms[PkcsObjectIdentifiers.MD2.Id] = "MD2"; + algorithms[PkcsObjectIdentifiers.MD4.Id] = "MD4"; + algorithms[PkcsObjectIdentifiers.MD5.Id] = "MD5"; + + algorithms["SHA1"] = "SHA-1"; + algorithms[OiwObjectIdentifiers.IdSha1.Id] = "SHA-1"; + algorithms[PkcsObjectIdentifiers.IdHmacWithSha1.Id] = "SHA-1"; + algorithms[MiscObjectIdentifiers.HMAC_SHA1.Id] = "SHA-1"; + algorithms["SHA224"] = "SHA-224"; + algorithms[NistObjectIdentifiers.IdSha224.Id] = "SHA-224"; + algorithms[PkcsObjectIdentifiers.IdHmacWithSha224.Id] = "SHA-224"; + algorithms["SHA256"] = "SHA-256"; + algorithms[NistObjectIdentifiers.IdSha256.Id] = "SHA-256"; + algorithms[PkcsObjectIdentifiers.IdHmacWithSha256.Id] = "SHA-256"; + algorithms["SHA384"] = "SHA-384"; + algorithms[NistObjectIdentifiers.IdSha384.Id] = "SHA-384"; + algorithms[PkcsObjectIdentifiers.IdHmacWithSha384.Id] = "SHA-384"; + algorithms["SHA512"] = "SHA-512"; + algorithms[NistObjectIdentifiers.IdSha512.Id] = "SHA-512"; + algorithms[PkcsObjectIdentifiers.IdHmacWithSha512.Id] = "SHA-512"; + + algorithms["SHA512/224"] = "SHA-512/224"; + algorithms["SHA512(224)"] = "SHA-512/224"; + algorithms["SHA-512(224)"] = "SHA-512/224"; + algorithms[NistObjectIdentifiers.IdSha512_224.Id] = "SHA-512/224"; + algorithms["SHA512/256"] = "SHA-512/256"; + algorithms["SHA512(256)"] = "SHA-512/256"; + algorithms["SHA-512(256)"] = "SHA-512/256"; + algorithms[NistObjectIdentifiers.IdSha512_256.Id] = "SHA-512/256"; + + algorithms["RIPEMD-128"] = "RIPEMD128"; + algorithms[TeleTrusTObjectIdentifiers.RipeMD128.Id] = "RIPEMD128"; + algorithms["RIPEMD-160"] = "RIPEMD160"; + algorithms[TeleTrusTObjectIdentifiers.RipeMD160.Id] = "RIPEMD160"; + algorithms["RIPEMD-256"] = "RIPEMD256"; + algorithms[TeleTrusTObjectIdentifiers.RipeMD256.Id] = "RIPEMD256"; + algorithms["RIPEMD-320"] = "RIPEMD320"; +// algorithms[TeleTrusTObjectIdentifiers.RipeMD320.Id] = "RIPEMD320"; + + algorithms[CryptoProObjectIdentifiers.GostR3411.Id] = "GOST3411"; + + algorithms["KECCAK224"] = "KECCAK-224"; + algorithms["KECCAK256"] = "KECCAK-256"; + algorithms["KECCAK288"] = "KECCAK-288"; + algorithms["KECCAK384"] = "KECCAK-384"; + algorithms["KECCAK512"] = "KECCAK-512"; + + algorithms[NistObjectIdentifiers.IdSha3_224.Id] = "SHA3-224"; + algorithms[NistObjectIdentifiers.IdHMacWithSha3_224.Id] = "SHA3-224"; + algorithms[NistObjectIdentifiers.IdSha3_256.Id] = "SHA3-256"; + algorithms[NistObjectIdentifiers.IdHMacWithSha3_256.Id] = "SHA3-256"; + algorithms[NistObjectIdentifiers.IdSha3_384.Id] = "SHA3-384"; + algorithms[NistObjectIdentifiers.IdHMacWithSha3_384.Id] = "SHA3-384"; + algorithms[NistObjectIdentifiers.IdSha3_512.Id] = "SHA3-512"; + algorithms[NistObjectIdentifiers.IdHMacWithSha3_512.Id] = "SHA3-512"; + algorithms["SHAKE128"] = "SHAKE128-256"; + algorithms[NistObjectIdentifiers.IdShake128.Id] = "SHAKE128-256"; + algorithms["SHAKE256"] = "SHAKE256-512"; + algorithms[NistObjectIdentifiers.IdShake256.Id] = "SHAKE256-512"; + + algorithms[GMObjectIdentifiers.sm3.Id] = "SM3"; + + algorithms[MiscObjectIdentifiers.id_blake2b160.Id] = "BLAKE2B-160"; + algorithms[MiscObjectIdentifiers.id_blake2b256.Id] = "BLAKE2B-256"; + algorithms[MiscObjectIdentifiers.id_blake2b384.Id] = "BLAKE2B-384"; + algorithms[MiscObjectIdentifiers.id_blake2b512.Id] = "BLAKE2B-512"; + algorithms[MiscObjectIdentifiers.id_blake2s128.Id] = "BLAKE2S-128"; + algorithms[MiscObjectIdentifiers.id_blake2s160.Id] = "BLAKE2S-160"; + algorithms[MiscObjectIdentifiers.id_blake2s224.Id] = "BLAKE2S-224"; + algorithms[MiscObjectIdentifiers.id_blake2s256.Id] = "BLAKE2S-256"; + + algorithms[RosstandartObjectIdentifiers.id_tc26_gost_3411_12_256.Id] = "GOST3411-2012-256"; + algorithms[RosstandartObjectIdentifiers.id_tc26_gost_3411_12_512.Id] = "GOST3411-2012-512"; + + algorithms[UAObjectIdentifiers.dstu7564digest_256.Id] = "DSTU7564-256"; + algorithms[UAObjectIdentifiers.dstu7564digest_384.Id] = "DSTU7564-384"; + algorithms[UAObjectIdentifiers.dstu7564digest_512.Id] = "DSTU7564-512"; + + oids["MD2"] = PkcsObjectIdentifiers.MD2; + oids["MD4"] = PkcsObjectIdentifiers.MD4; + oids["MD5"] = PkcsObjectIdentifiers.MD5; + oids["SHA-1"] = OiwObjectIdentifiers.IdSha1; + oids["SHA-224"] = NistObjectIdentifiers.IdSha224; + oids["SHA-256"] = NistObjectIdentifiers.IdSha256; + oids["SHA-384"] = NistObjectIdentifiers.IdSha384; + oids["SHA-512"] = NistObjectIdentifiers.IdSha512; + oids["SHA-512/224"] = NistObjectIdentifiers.IdSha512_224; + oids["SHA-512/256"] = NistObjectIdentifiers.IdSha512_256; + oids["SHA3-224"] = NistObjectIdentifiers.IdSha3_224; + oids["SHA3-256"] = NistObjectIdentifiers.IdSha3_256; + oids["SHA3-384"] = NistObjectIdentifiers.IdSha3_384; + oids["SHA3-512"] = NistObjectIdentifiers.IdSha3_512; + oids["SHAKE128-256"] = NistObjectIdentifiers.IdShake128; + oids["SHAKE256-512"] = NistObjectIdentifiers.IdShake256; + oids["RIPEMD128"] = TeleTrusTObjectIdentifiers.RipeMD128; + oids["RIPEMD160"] = TeleTrusTObjectIdentifiers.RipeMD160; + oids["RIPEMD256"] = TeleTrusTObjectIdentifiers.RipeMD256; + oids["GOST3411"] = CryptoProObjectIdentifiers.GostR3411; + oids["SM3"] = GMObjectIdentifiers.sm3; + oids["BLAKE2B-160"] = MiscObjectIdentifiers.id_blake2b160; + oids["BLAKE2B-256"] = MiscObjectIdentifiers.id_blake2b256; + oids["BLAKE2B-384"] = MiscObjectIdentifiers.id_blake2b384; + oids["BLAKE2B-512"] = MiscObjectIdentifiers.id_blake2b512; + oids["BLAKE2S-128"] = MiscObjectIdentifiers.id_blake2s128; + oids["BLAKE2S-160"] = MiscObjectIdentifiers.id_blake2s160; + oids["BLAKE2S-224"] = MiscObjectIdentifiers.id_blake2s224; + oids["BLAKE2S-256"] = MiscObjectIdentifiers.id_blake2s256; + oids["GOST3411-2012-256"] = RosstandartObjectIdentifiers.id_tc26_gost_3411_12_256; + oids["GOST3411-2012-512"] = RosstandartObjectIdentifiers.id_tc26_gost_3411_12_512; + oids["DSTU7564-256"] = UAObjectIdentifiers.dstu7564digest_256; + oids["DSTU7564-384"] = UAObjectIdentifiers.dstu7564digest_384; + oids["DSTU7564-512"] = UAObjectIdentifiers.dstu7564digest_512; + } + + /// + /// Returns a ObjectIdentifier for a given digest mechanism. + /// + /// A string representation of the digest meanism. + /// A DerObjectIdentifier, null if the Oid is not available. + + public static DerObjectIdentifier GetObjectIdentifier( + string mechanism) + { + if (mechanism == null) + throw new System.ArgumentNullException("mechanism"); + + mechanism = Platform.ToUpperInvariant(mechanism); + string aliased = (string) algorithms[mechanism]; + + if (aliased != null) + mechanism = aliased; + + return (DerObjectIdentifier) oids[mechanism]; + } + + public static ICollection Algorithms + { + get { return oids.Keys; } + } + + public static IDigest GetDigest( + DerObjectIdentifier id) + { + return GetDigest(id.Id); + } + + public static IDigest GetDigest( + string algorithm) + { + string upper = Platform.ToUpperInvariant(algorithm); + string mechanism = (string) algorithms[upper]; + + if (mechanism == null) + { + mechanism = upper; + } + + try + { + DigestAlgorithm digestAlgorithm = (DigestAlgorithm)Enums.GetEnumValue( + typeof(DigestAlgorithm), mechanism); + + switch (digestAlgorithm) + { + case DigestAlgorithm.BLAKE2B_160: return new Blake2bDigest(160); + case DigestAlgorithm.BLAKE2B_256: return new Blake2bDigest(256); + case DigestAlgorithm.BLAKE2B_384: return new Blake2bDigest(384); + case DigestAlgorithm.BLAKE2B_512: return new Blake2bDigest(512); + case DigestAlgorithm.BLAKE2S_128: return new Blake2sDigest(128); + case DigestAlgorithm.BLAKE2S_160: return new Blake2sDigest(160); + case DigestAlgorithm.BLAKE2S_224: return new Blake2sDigest(224); + case DigestAlgorithm.BLAKE2S_256: return new Blake2sDigest(256); + case DigestAlgorithm.DSTU7564_256: return new Dstu7564Digest(256); + case DigestAlgorithm.DSTU7564_384: return new Dstu7564Digest(384); + case DigestAlgorithm.DSTU7564_512: return new Dstu7564Digest(512); + case DigestAlgorithm.GOST3411: return new Gost3411Digest(); + case DigestAlgorithm.GOST3411_2012_256: return new Gost3411_2012_256Digest(); + case DigestAlgorithm.GOST3411_2012_512: return new Gost3411_2012_512Digest(); + case DigestAlgorithm.KECCAK_224: return new KeccakDigest(224); + case DigestAlgorithm.KECCAK_256: return new KeccakDigest(256); + case DigestAlgorithm.KECCAK_288: return new KeccakDigest(288); + case DigestAlgorithm.KECCAK_384: return new KeccakDigest(384); + case DigestAlgorithm.KECCAK_512: return new KeccakDigest(512); + case DigestAlgorithm.MD2: return new MD2Digest(); + case DigestAlgorithm.MD4: return new MD4Digest(); + case DigestAlgorithm.MD5: return new MD5Digest(); + case DigestAlgorithm.NONE: return new NullDigest(); + case DigestAlgorithm.RIPEMD128: return new RipeMD128Digest(); + case DigestAlgorithm.RIPEMD160: return new RipeMD160Digest(); + case DigestAlgorithm.RIPEMD256: return new RipeMD256Digest(); + case DigestAlgorithm.RIPEMD320: return new RipeMD320Digest(); + case DigestAlgorithm.SHA_1: return new Sha1Digest(); + case DigestAlgorithm.SHA_224: return new Sha224Digest(); + case DigestAlgorithm.SHA_256: return new Sha256Digest(); + case DigestAlgorithm.SHA_384: return new Sha384Digest(); + case DigestAlgorithm.SHA_512: return new Sha512Digest(); + case DigestAlgorithm.SHA_512_224: return new Sha512tDigest(224); + case DigestAlgorithm.SHA_512_256: return new Sha512tDigest(256); + case DigestAlgorithm.SHA3_224: return new Sha3Digest(224); + case DigestAlgorithm.SHA3_256: return new Sha3Digest(256); + case DigestAlgorithm.SHA3_384: return new Sha3Digest(384); + case DigestAlgorithm.SHA3_512: return new Sha3Digest(512); + case DigestAlgorithm.SHAKE128_256: return new ShakeDigest(128); + case DigestAlgorithm.SHAKE256_512: return new ShakeDigest(256); + case DigestAlgorithm.SM3: return new SM3Digest(); + case DigestAlgorithm.TIGER: return new TigerDigest(); + case DigestAlgorithm.WHIRLPOOL: return new WhirlpoolDigest(); + } + } + catch (ArgumentException) + { + } + + throw new SecurityUtilityException("Digest " + mechanism + " not recognised."); + } + + public static string GetAlgorithmName( + DerObjectIdentifier oid) + { + return (string) algorithms[oid.Id]; + } + + public static byte[] CalculateDigest(DerObjectIdentifier id, byte[] input) + { + return CalculateDigest(id.Id, input); + } + + public static byte[] CalculateDigest(string algorithm, byte[] input) + { + IDigest digest = GetDigest(algorithm); + digest.BlockUpdate(input, 0, input.Length); + return DoFinal(digest); + } + + public static byte[] DoFinal( + IDigest digest) + { + byte[] b = new byte[digest.GetDigestSize()]; + digest.DoFinal(b, 0); + return b; + } + + public static byte[] DoFinal( + IDigest digest, + byte[] input) + { + digest.BlockUpdate(input, 0, input.Length); + return DoFinal(digest); + } + } +} diff --git a/BouncyCastle/crypto/src/security/DotNetUtilities.cs b/BouncyCastle/crypto/src/security/DotNetUtilities.cs new file mode 100644 index 0000000..f0064fb --- /dev/null +++ b/BouncyCastle/crypto/src/security/DotNetUtilities.cs @@ -0,0 +1,250 @@ +#if !(NETCF_1_0 || SILVERLIGHT || PORTABLE) + +using System; +using System.Security.Cryptography; +using SystemX509 = System.Security.Cryptography.X509Certificates; + +using Org.BouncyCastle.Asn1.Pkcs; +using Org.BouncyCastle.Asn1.X509; +using Org.BouncyCastle.Crypto; +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Math; +using Org.BouncyCastle.Utilities; +using Org.BouncyCastle.X509; + +namespace Org.BouncyCastle.Security +{ + /// + /// A class containing methods to interface the BouncyCastle world to the .NET Crypto world. + /// + public sealed class DotNetUtilities + { + private DotNetUtilities() + { + } + + /// + /// Create an System.Security.Cryptography.X509Certificate from an X509Certificate Structure. + /// + /// + /// A System.Security.Cryptography.X509Certificate. + public static SystemX509.X509Certificate ToX509Certificate( + X509CertificateStructure x509Struct) + { + return new SystemX509.X509Certificate(x509Struct.GetDerEncoded()); + } + + public static SystemX509.X509Certificate ToX509Certificate( + X509Certificate x509Cert) + { + return new SystemX509.X509Certificate(x509Cert.GetEncoded()); + } + + public static X509Certificate FromX509Certificate( + SystemX509.X509Certificate x509Cert) + { + return new X509CertificateParser().ReadCertificate(x509Cert.GetRawCertData()); + } + + public static AsymmetricCipherKeyPair GetDsaKeyPair(DSA dsa) + { + return GetDsaKeyPair(dsa.ExportParameters(true)); + } + + public static AsymmetricCipherKeyPair GetDsaKeyPair(DSAParameters dp) + { + DsaValidationParameters validationParameters = (dp.Seed != null) + ? new DsaValidationParameters(dp.Seed, dp.Counter) + : null; + + DsaParameters parameters = new DsaParameters( + new BigInteger(1, dp.P), + new BigInteger(1, dp.Q), + new BigInteger(1, dp.G), + validationParameters); + + DsaPublicKeyParameters pubKey = new DsaPublicKeyParameters( + new BigInteger(1, dp.Y), + parameters); + + DsaPrivateKeyParameters privKey = new DsaPrivateKeyParameters( + new BigInteger(1, dp.X), + parameters); + + return new AsymmetricCipherKeyPair(pubKey, privKey); + } + + public static DsaPublicKeyParameters GetDsaPublicKey(DSA dsa) + { + return GetDsaPublicKey(dsa.ExportParameters(false)); + } + + public static DsaPublicKeyParameters GetDsaPublicKey(DSAParameters dp) + { + DsaValidationParameters validationParameters = (dp.Seed != null) + ? new DsaValidationParameters(dp.Seed, dp.Counter) + : null; + + DsaParameters parameters = new DsaParameters( + new BigInteger(1, dp.P), + new BigInteger(1, dp.Q), + new BigInteger(1, dp.G), + validationParameters); + + return new DsaPublicKeyParameters( + new BigInteger(1, dp.Y), + parameters); + } + + public static AsymmetricCipherKeyPair GetRsaKeyPair(RSA rsa) + { + return GetRsaKeyPair(rsa.ExportParameters(true)); + } + + public static AsymmetricCipherKeyPair GetRsaKeyPair(RSAParameters rp) + { + BigInteger modulus = new BigInteger(1, rp.Modulus); + BigInteger pubExp = new BigInteger(1, rp.Exponent); + + RsaKeyParameters pubKey = new RsaKeyParameters( + false, + modulus, + pubExp); + + RsaPrivateCrtKeyParameters privKey = new RsaPrivateCrtKeyParameters( + modulus, + pubExp, + new BigInteger(1, rp.D), + new BigInteger(1, rp.P), + new BigInteger(1, rp.Q), + new BigInteger(1, rp.DP), + new BigInteger(1, rp.DQ), + new BigInteger(1, rp.InverseQ)); + + return new AsymmetricCipherKeyPair(pubKey, privKey); + } + + public static RsaKeyParameters GetRsaPublicKey(RSA rsa) + { + return GetRsaPublicKey(rsa.ExportParameters(false)); + } + + public static RsaKeyParameters GetRsaPublicKey( + RSAParameters rp) + { + return new RsaKeyParameters( + false, + new BigInteger(1, rp.Modulus), + new BigInteger(1, rp.Exponent)); + } + + public static AsymmetricCipherKeyPair GetKeyPair(AsymmetricAlgorithm privateKey) + { + if (privateKey is DSA) + { + return GetDsaKeyPair((DSA)privateKey); + } + + if (privateKey is RSA) + { + return GetRsaKeyPair((RSA)privateKey); + } + + throw new ArgumentException("Unsupported algorithm specified", "privateKey"); + } + + public static RSA ToRSA(RsaKeyParameters rsaKey) + { + // TODO This appears to not work for private keys (when no CRT info) + return CreateRSAProvider(ToRSAParameters(rsaKey)); + } + + public static RSA ToRSA(RsaKeyParameters rsaKey, CspParameters csp) + { + // TODO This appears to not work for private keys (when no CRT info) + return CreateRSAProvider(ToRSAParameters(rsaKey), csp); + } + + public static RSA ToRSA(RsaPrivateCrtKeyParameters privKey) + { + return CreateRSAProvider(ToRSAParameters(privKey)); + } + + public static RSA ToRSA(RsaPrivateCrtKeyParameters privKey, CspParameters csp) + { + return CreateRSAProvider(ToRSAParameters(privKey), csp); + } + + public static RSA ToRSA(RsaPrivateKeyStructure privKey) + { + return CreateRSAProvider(ToRSAParameters(privKey)); + } + + public static RSA ToRSA(RsaPrivateKeyStructure privKey, CspParameters csp) + { + return CreateRSAProvider(ToRSAParameters(privKey), csp); + } + + public static RSAParameters ToRSAParameters(RsaKeyParameters rsaKey) + { + RSAParameters rp = new RSAParameters(); + rp.Modulus = rsaKey.Modulus.ToByteArrayUnsigned(); + if (rsaKey.IsPrivate) + rp.D = ConvertRSAParametersField(rsaKey.Exponent, rp.Modulus.Length); + else + rp.Exponent = rsaKey.Exponent.ToByteArrayUnsigned(); + return rp; + } + + public static RSAParameters ToRSAParameters(RsaPrivateCrtKeyParameters privKey) + { + RSAParameters rp = new RSAParameters(); + rp.Modulus = privKey.Modulus.ToByteArrayUnsigned(); + rp.Exponent = privKey.PublicExponent.ToByteArrayUnsigned(); + rp.P = privKey.P.ToByteArrayUnsigned(); + rp.Q = privKey.Q.ToByteArrayUnsigned(); + rp.D = ConvertRSAParametersField(privKey.Exponent, rp.Modulus.Length); + rp.DP = ConvertRSAParametersField(privKey.DP, rp.P.Length); + rp.DQ = ConvertRSAParametersField(privKey.DQ, rp.Q.Length); + rp.InverseQ = ConvertRSAParametersField(privKey.QInv, rp.Q.Length); + return rp; + } + + public static RSAParameters ToRSAParameters(RsaPrivateKeyStructure privKey) + { + RSAParameters rp = new RSAParameters(); + rp.Modulus = privKey.Modulus.ToByteArrayUnsigned(); + rp.Exponent = privKey.PublicExponent.ToByteArrayUnsigned(); + rp.P = privKey.Prime1.ToByteArrayUnsigned(); + rp.Q = privKey.Prime2.ToByteArrayUnsigned(); + rp.D = ConvertRSAParametersField(privKey.PrivateExponent, rp.Modulus.Length); + rp.DP = ConvertRSAParametersField(privKey.Exponent1, rp.P.Length); + rp.DQ = ConvertRSAParametersField(privKey.Exponent2, rp.Q.Length); + rp.InverseQ = ConvertRSAParametersField(privKey.Coefficient, rp.Q.Length); + return rp; + } + + private static byte[] ConvertRSAParametersField(BigInteger n, int size) + { + return BigIntegers.AsUnsignedByteArray(size, n); + } + + private static RSA CreateRSAProvider(RSAParameters rp) + { + CspParameters csp = new CspParameters(); + csp.KeyContainerName = string.Format("BouncyCastle-{0}", Guid.NewGuid()); + RSACryptoServiceProvider rsaCsp = new RSACryptoServiceProvider(csp); + rsaCsp.ImportParameters(rp); + return rsaCsp; + } + + private static RSA CreateRSAProvider(RSAParameters rp, CspParameters csp) + { + RSACryptoServiceProvider rsaCsp = new RSACryptoServiceProvider(csp); + rsaCsp.ImportParameters(rp); + return rsaCsp; + } + } +} + +#endif diff --git a/BouncyCastle/crypto/src/security/GeneralSecurityException.cs b/BouncyCastle/crypto/src/security/GeneralSecurityException.cs new file mode 100644 index 0000000..d4ab38c --- /dev/null +++ b/BouncyCastle/crypto/src/security/GeneralSecurityException.cs @@ -0,0 +1,29 @@ +using System; + +namespace Org.BouncyCastle.Security +{ +#if !(NETCF_1_0 || NETCF_2_0 || SILVERLIGHT || PORTABLE) + [Serializable] +#endif + public class GeneralSecurityException + : Exception + { + public GeneralSecurityException() + : base() + { + } + + public GeneralSecurityException( + string message) + : base(message) + { + } + + public GeneralSecurityException( + string message, + Exception exception) + : base(message, exception) + { + } + } +} diff --git a/BouncyCastle/crypto/src/security/GeneratorUtilities.cs b/BouncyCastle/crypto/src/security/GeneratorUtilities.cs new file mode 100644 index 0000000..8f996bc --- /dev/null +++ b/BouncyCastle/crypto/src/security/GeneratorUtilities.cs @@ -0,0 +1,432 @@ +using System.Collections; + +using Org.BouncyCastle.Asn1; +using Org.BouncyCastle.Asn1.CryptoPro; +using Org.BouncyCastle.Asn1.EdEC; +using Org.BouncyCastle.Asn1.Iana; +using Org.BouncyCastle.Asn1.Kisa; +using Org.BouncyCastle.Asn1.Nist; +using Org.BouncyCastle.Asn1.Nsri; +using Org.BouncyCastle.Asn1.Ntt; +using Org.BouncyCastle.Asn1.Oiw; +using Org.BouncyCastle.Asn1.Pkcs; +using Org.BouncyCastle.Asn1.Rosstandart; +using Org.BouncyCastle.Asn1.X9; +using Org.BouncyCastle.Crypto; +using Org.BouncyCastle.Crypto.Generators; +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Security +{ + public sealed class GeneratorUtilities + { + private GeneratorUtilities() + { + } + + private static readonly IDictionary kgAlgorithms = Platform.CreateHashtable(); + private static readonly IDictionary kpgAlgorithms = Platform.CreateHashtable(); + private static readonly IDictionary defaultKeySizes = Platform.CreateHashtable(); + + static GeneratorUtilities() + { + // + // key generators. + // + AddKgAlgorithm("AES", + "AESWRAP"); + AddKgAlgorithm("AES128", + "2.16.840.1.101.3.4.2", + NistObjectIdentifiers.IdAes128Cbc, + NistObjectIdentifiers.IdAes128Ccm, + NistObjectIdentifiers.IdAes128Cfb, + NistObjectIdentifiers.IdAes128Ecb, + NistObjectIdentifiers.IdAes128Gcm, + NistObjectIdentifiers.IdAes128Ofb, + NistObjectIdentifiers.IdAes128Wrap); + AddKgAlgorithm("AES192", + "2.16.840.1.101.3.4.22", + NistObjectIdentifiers.IdAes192Cbc, + NistObjectIdentifiers.IdAes192Ccm, + NistObjectIdentifiers.IdAes192Cfb, + NistObjectIdentifiers.IdAes192Ecb, + NistObjectIdentifiers.IdAes192Gcm, + NistObjectIdentifiers.IdAes192Ofb, + NistObjectIdentifiers.IdAes192Wrap); + AddKgAlgorithm("AES256", + "2.16.840.1.101.3.4.42", + NistObjectIdentifiers.IdAes256Cbc, + NistObjectIdentifiers.IdAes256Ccm, + NistObjectIdentifiers.IdAes256Cfb, + NistObjectIdentifiers.IdAes256Ecb, + NistObjectIdentifiers.IdAes256Gcm, + NistObjectIdentifiers.IdAes256Ofb, + NistObjectIdentifiers.IdAes256Wrap); + AddKgAlgorithm("BLOWFISH", + "1.3.6.1.4.1.3029.1.2"); + AddKgAlgorithm("CAMELLIA", + "CAMELLIAWRAP"); + AddKgAlgorithm("ARIA"); + AddKgAlgorithm("ARIA128", + NsriObjectIdentifiers.id_aria128_cbc, + NsriObjectIdentifiers.id_aria128_ccm, + NsriObjectIdentifiers.id_aria128_cfb, + NsriObjectIdentifiers.id_aria128_ctr, + NsriObjectIdentifiers.id_aria128_ecb, + NsriObjectIdentifiers.id_aria128_gcm, + NsriObjectIdentifiers.id_aria128_ocb2, + NsriObjectIdentifiers.id_aria128_ofb); + AddKgAlgorithm("ARIA192", + NsriObjectIdentifiers.id_aria192_cbc, + NsriObjectIdentifiers.id_aria192_ccm, + NsriObjectIdentifiers.id_aria192_cfb, + NsriObjectIdentifiers.id_aria192_ctr, + NsriObjectIdentifiers.id_aria192_ecb, + NsriObjectIdentifiers.id_aria192_gcm, + NsriObjectIdentifiers.id_aria192_ocb2, + NsriObjectIdentifiers.id_aria192_ofb); + AddKgAlgorithm("ARIA256", + NsriObjectIdentifiers.id_aria256_cbc, + NsriObjectIdentifiers.id_aria256_ccm, + NsriObjectIdentifiers.id_aria256_cfb, + NsriObjectIdentifiers.id_aria256_ctr, + NsriObjectIdentifiers.id_aria256_ecb, + NsriObjectIdentifiers.id_aria256_gcm, + NsriObjectIdentifiers.id_aria256_ocb2, + NsriObjectIdentifiers.id_aria256_ofb); + AddKgAlgorithm("CAMELLIA128", + NttObjectIdentifiers.IdCamellia128Cbc, + NttObjectIdentifiers.IdCamellia128Wrap); + AddKgAlgorithm("CAMELLIA192", + NttObjectIdentifiers.IdCamellia192Cbc, + NttObjectIdentifiers.IdCamellia192Wrap); + AddKgAlgorithm("CAMELLIA256", + NttObjectIdentifiers.IdCamellia256Cbc, + NttObjectIdentifiers.IdCamellia256Wrap); + AddKgAlgorithm("CAST5", + "1.2.840.113533.7.66.10"); + AddKgAlgorithm("CAST6"); + AddKgAlgorithm("CHACHA"); + AddKgAlgorithm("CHACHA7539", + "CHACHA20", + "CHACHA20-POLY1305", + PkcsObjectIdentifiers.IdAlgAeadChaCha20Poly1305); + AddKgAlgorithm("DES", + OiwObjectIdentifiers.DesCbc, + OiwObjectIdentifiers.DesCfb, + OiwObjectIdentifiers.DesEcb, + OiwObjectIdentifiers.DesOfb); + AddKgAlgorithm("DESEDE", + "DESEDEWRAP", + "TDEA", + OiwObjectIdentifiers.DesEde); + AddKgAlgorithm("DESEDE3", + PkcsObjectIdentifiers.DesEde3Cbc, + PkcsObjectIdentifiers.IdAlgCms3DesWrap); + AddKgAlgorithm("GOST28147", + "GOST", + "GOST-28147", + CryptoProObjectIdentifiers.GostR28147Cbc); + AddKgAlgorithm("HC128"); + AddKgAlgorithm("HC256"); + AddKgAlgorithm("IDEA", + "1.3.6.1.4.1.188.7.1.1.2"); + AddKgAlgorithm("NOEKEON"); + AddKgAlgorithm("RC2", + PkcsObjectIdentifiers.RC2Cbc, + PkcsObjectIdentifiers.IdAlgCmsRC2Wrap); + AddKgAlgorithm("RC4", + "ARC4", + "1.2.840.113549.3.4"); + AddKgAlgorithm("RC5", + "RC5-32"); + AddKgAlgorithm("RC5-64"); + AddKgAlgorithm("RC6"); + AddKgAlgorithm("RIJNDAEL"); + AddKgAlgorithm("SALSA20"); + AddKgAlgorithm("SEED", + KisaObjectIdentifiers.IdNpkiAppCmsSeedWrap, + KisaObjectIdentifiers.IdSeedCbc); + AddKgAlgorithm("SERPENT"); + AddKgAlgorithm("SKIPJACK"); + AddKgAlgorithm("SM4"); + AddKgAlgorithm("TEA"); + AddKgAlgorithm("THREEFISH-256"); + AddKgAlgorithm("THREEFISH-512"); + AddKgAlgorithm("THREEFISH-1024"); + AddKgAlgorithm("TNEPRES"); + AddKgAlgorithm("TWOFISH"); + AddKgAlgorithm("VMPC"); + AddKgAlgorithm("VMPC-KSA3"); + AddKgAlgorithm("XTEA"); + + // + // HMac key generators + // + AddHMacKeyGenerator("MD2"); + AddHMacKeyGenerator("MD4"); + AddHMacKeyGenerator("MD5", + IanaObjectIdentifiers.HmacMD5); + AddHMacKeyGenerator("SHA1", + PkcsObjectIdentifiers.IdHmacWithSha1, + IanaObjectIdentifiers.HmacSha1); + AddHMacKeyGenerator("SHA224", + PkcsObjectIdentifiers.IdHmacWithSha224); + AddHMacKeyGenerator("SHA256", + PkcsObjectIdentifiers.IdHmacWithSha256); + AddHMacKeyGenerator("SHA384", + PkcsObjectIdentifiers.IdHmacWithSha384); + AddHMacKeyGenerator("SHA512", + PkcsObjectIdentifiers.IdHmacWithSha512); + AddHMacKeyGenerator("SHA512/224"); + AddHMacKeyGenerator("SHA512/256"); + AddHMacKeyGenerator("KECCAK224"); + AddHMacKeyGenerator("KECCAK256"); + AddHMacKeyGenerator("KECCAK288"); + AddHMacKeyGenerator("KECCAK384"); + AddHMacKeyGenerator("KECCAK512"); + AddHMacKeyGenerator("SHA3-224", + NistObjectIdentifiers.IdHMacWithSha3_224); + AddHMacKeyGenerator("SHA3-256", + NistObjectIdentifiers.IdHMacWithSha3_256); + AddHMacKeyGenerator("SHA3-384", + NistObjectIdentifiers.IdHMacWithSha3_384); + AddHMacKeyGenerator("SHA3-512", + NistObjectIdentifiers.IdHMacWithSha3_512); + AddHMacKeyGenerator("RIPEMD128"); + AddHMacKeyGenerator("RIPEMD160", + IanaObjectIdentifiers.HmacRipeMD160); + AddHMacKeyGenerator("TIGER", + IanaObjectIdentifiers.HmacTiger); + AddHMacKeyGenerator("GOST3411-2012-256", + RosstandartObjectIdentifiers.id_tc26_hmac_gost_3411_12_256); + AddHMacKeyGenerator("GOST3411-2012-512", + RosstandartObjectIdentifiers.id_tc26_hmac_gost_3411_12_512); + + // + // key pair generators. + // + AddKpgAlgorithm("DH", + "DIFFIEHELLMAN"); + AddKpgAlgorithm("DSA"); + AddKpgAlgorithm("EC", + // TODO Should this be an alias for ECDH? + X9ObjectIdentifiers.DHSinglePassStdDHSha1KdfScheme); + AddKpgAlgorithm("ECDH", + "ECIES"); + AddKpgAlgorithm("ECDHC"); + AddKpgAlgorithm("ECMQV", + X9ObjectIdentifiers.MqvSinglePassSha1KdfScheme); + AddKpgAlgorithm("ECDSA"); + AddKpgAlgorithm("ECGOST3410", + "ECGOST-3410", + "GOST-3410-2001"); + AddKpgAlgorithm("Ed25519", + "Ed25519ctx", + "Ed25519ph", + EdECObjectIdentifiers.id_Ed25519); + AddKpgAlgorithm("Ed448", + "Ed448ph", + EdECObjectIdentifiers.id_Ed448); + AddKpgAlgorithm("ELGAMAL"); + AddKpgAlgorithm("GOST3410", + "GOST-3410", + "GOST-3410-94"); + AddKpgAlgorithm("RSA", + "1.2.840.113549.1.1.1"); + AddKpgAlgorithm("RSASSA-PSS"); + AddKpgAlgorithm("X25519", + EdECObjectIdentifiers.id_X25519); + AddKpgAlgorithm("X448", + EdECObjectIdentifiers.id_X448); + + AddDefaultKeySizeEntries(64, "DES"); + AddDefaultKeySizeEntries(80, "SKIPJACK"); + AddDefaultKeySizeEntries(128, "AES128", "ARIA128", "BLOWFISH", "CAMELLIA128", "CAST5", "CHACHA", "DESEDE", + "HC128", "HMACMD2", "HMACMD4", "HMACMD5", "HMACRIPEMD128", "IDEA", "NOEKEON", + "RC2", "RC4", "RC5", "SALSA20", "SEED", "SM4", "TEA", "XTEA", "VMPC", "VMPC-KSA3"); + AddDefaultKeySizeEntries(160, "HMACRIPEMD160", "HMACSHA1"); + AddDefaultKeySizeEntries(192, "AES", "AES192", "ARIA192", "CAMELLIA192", "DESEDE3", "HMACTIGER", + "RIJNDAEL", "SERPENT", "TNEPRES"); + AddDefaultKeySizeEntries(224, "HMACSHA3-224", "HMACKECCAK224", "HMACSHA224", "HMACSHA512/224"); + AddDefaultKeySizeEntries(256, "AES256", "ARIA", "ARIA256", "CAMELLIA", "CAMELLIA256", "CAST6", + "CHACHA7539", "GOST28147", "HC256", "HMACGOST3411-2012-256", "HMACSHA3-256", "HMACKECCAK256", + "HMACSHA256", "HMACSHA512/256", "RC5-64", "RC6", "THREEFISH-256", "TWOFISH"); + AddDefaultKeySizeEntries(288, "HMACKECCAK288"); + AddDefaultKeySizeEntries(384, "HMACSHA3-384", "HMACKECCAK384", "HMACSHA384"); + AddDefaultKeySizeEntries(512, "HMACGOST3411-2012-512", "HMACSHA3-512", "HMACKECCAK512", "HMACSHA512", + "THREEFISH-512"); + AddDefaultKeySizeEntries(1024, "THREEFISH-1024"); + } + + private static void AddDefaultKeySizeEntries(int size, params string[] algorithms) + { + foreach (string algorithm in algorithms) + { + defaultKeySizes.Add(algorithm, size); + } + } + + private static void AddKgAlgorithm( + string canonicalName, + params object[] aliases) + { + kgAlgorithms[Platform.ToUpperInvariant(canonicalName)] = canonicalName; + + foreach (object alias in aliases) + { + kgAlgorithms[Platform.ToUpperInvariant(alias.ToString())] = canonicalName; + } + } + + private static void AddKpgAlgorithm( + string canonicalName, + params object[] aliases) + { + kpgAlgorithms[Platform.ToUpperInvariant(canonicalName)] = canonicalName; + + foreach (object alias in aliases) + { + kpgAlgorithms[Platform.ToUpperInvariant(alias.ToString())] = canonicalName; + } + } + + private static void AddHMacKeyGenerator( + string algorithm, + params object[] aliases) + { + string mainName = "HMAC" + algorithm; + + kgAlgorithms[mainName] = mainName; + kgAlgorithms["HMAC-" + algorithm] = mainName; + kgAlgorithms["HMAC/" + algorithm] = mainName; + + foreach (object alias in aliases) + { + kgAlgorithms[Platform.ToUpperInvariant(alias.ToString())] = mainName; + } + } + + // TODO Consider making this public + internal static string GetCanonicalKeyGeneratorAlgorithm( + string algorithm) + { + return (string) kgAlgorithms[Platform.ToUpperInvariant(algorithm)]; + } + + // TODO Consider making this public + internal static string GetCanonicalKeyPairGeneratorAlgorithm( + string algorithm) + { + return (string)kpgAlgorithms[Platform.ToUpperInvariant(algorithm)]; + } + + public static CipherKeyGenerator GetKeyGenerator( + DerObjectIdentifier oid) + { + return GetKeyGenerator(oid.Id); + } + + public static CipherKeyGenerator GetKeyGenerator( + string algorithm) + { + string canonicalName = GetCanonicalKeyGeneratorAlgorithm(algorithm); + + if (canonicalName == null) + throw new SecurityUtilityException("KeyGenerator " + algorithm + " not recognised."); + + int defaultKeySize = FindDefaultKeySize(canonicalName); + if (defaultKeySize == -1) + throw new SecurityUtilityException("KeyGenerator " + algorithm + + " (" + canonicalName + ") not supported."); + + if (canonicalName == "DES") + return new DesKeyGenerator(defaultKeySize); + + if (canonicalName == "DESEDE" || canonicalName == "DESEDE3") + return new DesEdeKeyGenerator(defaultKeySize); + + return new CipherKeyGenerator(defaultKeySize); + } + + public static IAsymmetricCipherKeyPairGenerator GetKeyPairGenerator( + DerObjectIdentifier oid) + { + return GetKeyPairGenerator(oid.Id); + } + + public static IAsymmetricCipherKeyPairGenerator GetKeyPairGenerator( + string algorithm) + { + string canonicalName = GetCanonicalKeyPairGeneratorAlgorithm(algorithm); + + if (canonicalName == null) + throw new SecurityUtilityException("KeyPairGenerator " + algorithm + " not recognised."); + + if (canonicalName == "DH") + return new DHKeyPairGenerator(); + + if (canonicalName == "DSA") + return new DsaKeyPairGenerator(); + + // "EC", "ECDH", "ECDHC", "ECDSA", "ECGOST3410", "ECMQV" + if (Platform.StartsWith(canonicalName, "EC")) + return new ECKeyPairGenerator(canonicalName); + + if (canonicalName == "Ed25519") + return new Ed25519KeyPairGenerator(); + + if (canonicalName == "Ed448") + return new Ed448KeyPairGenerator(); + + if (canonicalName == "ELGAMAL") + return new ElGamalKeyPairGenerator(); + + if (canonicalName == "GOST3410") + return new Gost3410KeyPairGenerator(); + + if (canonicalName == "RSA" || canonicalName == "RSASSA-PSS") + return new RsaKeyPairGenerator(); + + if (canonicalName == "X25519") + return new X25519KeyPairGenerator(); + + if (canonicalName == "X448") + return new X448KeyPairGenerator(); + + throw new SecurityUtilityException("KeyPairGenerator " + algorithm + + " (" + canonicalName + ") not supported."); + } + + internal static int GetDefaultKeySize( + DerObjectIdentifier oid) + { + return GetDefaultKeySize(oid.Id); + } + + internal static int GetDefaultKeySize( + string algorithm) + { + string canonicalName = GetCanonicalKeyGeneratorAlgorithm(algorithm); + + if (canonicalName == null) + throw new SecurityUtilityException("KeyGenerator " + algorithm + " not recognised."); + + int defaultKeySize = FindDefaultKeySize(canonicalName); + if (defaultKeySize == -1) + throw new SecurityUtilityException("KeyGenerator " + algorithm + + " (" + canonicalName + ") not supported."); + + return defaultKeySize; + } + + private static int FindDefaultKeySize( + string canonicalName) + { + if (!defaultKeySizes.Contains(canonicalName)) + return -1; + + return (int)defaultKeySizes[canonicalName]; + } + } +} diff --git a/BouncyCastle/crypto/src/security/InvalidKeyException.cs b/BouncyCastle/crypto/src/security/InvalidKeyException.cs new file mode 100644 index 0000000..ebad9e3 --- /dev/null +++ b/BouncyCastle/crypto/src/security/InvalidKeyException.cs @@ -0,0 +1,14 @@ +using System; + +namespace Org.BouncyCastle.Security +{ +#if !(NETCF_1_0 || NETCF_2_0 || SILVERLIGHT || PORTABLE) + [Serializable] +#endif + public class InvalidKeyException : KeyException + { + public InvalidKeyException() : base() { } + public InvalidKeyException(string message) : base(message) { } + public InvalidKeyException(string message, Exception exception) : base(message, exception) { } + } +} diff --git a/BouncyCastle/crypto/src/security/InvalidParameterException.cs b/BouncyCastle/crypto/src/security/InvalidParameterException.cs new file mode 100644 index 0000000..48172f4 --- /dev/null +++ b/BouncyCastle/crypto/src/security/InvalidParameterException.cs @@ -0,0 +1,14 @@ +using System; + +namespace Org.BouncyCastle.Security +{ +#if !(NETCF_1_0 || NETCF_2_0 || SILVERLIGHT || PORTABLE) + [Serializable] +#endif + public class InvalidParameterException : KeyException + { + public InvalidParameterException() : base() { } + public InvalidParameterException(string message) : base(message) { } + public InvalidParameterException(string message, Exception exception) : base(message, exception) { } + } +} diff --git a/BouncyCastle/crypto/src/security/KeyException.cs b/BouncyCastle/crypto/src/security/KeyException.cs new file mode 100644 index 0000000..e19fa89 --- /dev/null +++ b/BouncyCastle/crypto/src/security/KeyException.cs @@ -0,0 +1,14 @@ +using System; + +namespace Org.BouncyCastle.Security +{ +#if !(NETCF_1_0 || NETCF_2_0 || SILVERLIGHT || PORTABLE) + [Serializable] +#endif + public class KeyException : GeneralSecurityException + { + public KeyException() : base() { } + public KeyException(string message) : base(message) { } + public KeyException(string message, Exception exception) : base(message, exception) { } + } +} diff --git a/BouncyCastle/crypto/src/security/MacUtilities.cs b/BouncyCastle/crypto/src/security/MacUtilities.cs new file mode 100644 index 0000000..f36fc6a --- /dev/null +++ b/BouncyCastle/crypto/src/security/MacUtilities.cs @@ -0,0 +1,268 @@ +using System; +using System.Collections; +using System.Globalization; + +using Org.BouncyCastle.Asn1; +using Org.BouncyCastle.Asn1.Iana; +using Org.BouncyCastle.Asn1.Misc; +using Org.BouncyCastle.Asn1.Nist; +using Org.BouncyCastle.Asn1.Pkcs; +using Org.BouncyCastle.Asn1.Rosstandart; +using Org.BouncyCastle.Crypto; +using Org.BouncyCastle.Crypto.Engines; +using Org.BouncyCastle.Crypto.Macs; +using Org.BouncyCastle.Crypto.Paddings; +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Security +{ + /// + /// Utility class for creating HMac object from their names/Oids + /// + public sealed class MacUtilities + { + private MacUtilities() + { + } + + private static readonly IDictionary algorithms = Platform.CreateHashtable(); + //private static readonly IDictionary oids = Platform.CreateHashtable(); + + static MacUtilities() + { + algorithms[IanaObjectIdentifiers.HmacMD5.Id] = "HMAC-MD5"; + algorithms[IanaObjectIdentifiers.HmacRipeMD160.Id] = "HMAC-RIPEMD160"; + algorithms[IanaObjectIdentifiers.HmacSha1.Id] = "HMAC-SHA1"; + algorithms[IanaObjectIdentifiers.HmacTiger.Id] = "HMAC-TIGER"; + + algorithms[PkcsObjectIdentifiers.IdHmacWithSha1.Id] = "HMAC-SHA1"; + algorithms[MiscObjectIdentifiers.HMAC_SHA1.Id] = "HMAC-SHA1"; + algorithms[PkcsObjectIdentifiers.IdHmacWithSha224.Id] = "HMAC-SHA224"; + algorithms[PkcsObjectIdentifiers.IdHmacWithSha256.Id] = "HMAC-SHA256"; + algorithms[PkcsObjectIdentifiers.IdHmacWithSha384.Id] = "HMAC-SHA384"; + algorithms[PkcsObjectIdentifiers.IdHmacWithSha512.Id] = "HMAC-SHA512"; + + algorithms[NistObjectIdentifiers.IdHMacWithSha3_224.Id] = "HMAC-SHA3-224"; + algorithms[NistObjectIdentifiers.IdHMacWithSha3_256.Id] = "HMAC-SHA3-256"; + algorithms[NistObjectIdentifiers.IdHMacWithSha3_384.Id] = "HMAC-SHA3-384"; + algorithms[NistObjectIdentifiers.IdHMacWithSha3_512.Id] = "HMAC-SHA3-512"; + + algorithms[RosstandartObjectIdentifiers.id_tc26_hmac_gost_3411_12_256.Id] = "HMAC-GOST3411-2012-256"; + algorithms[RosstandartObjectIdentifiers.id_tc26_hmac_gost_3411_12_512.Id] = "HMAC-GOST3411-2012-512"; + + // TODO AESMAC? + + algorithms["DES"] = "DESMAC"; + algorithms["DES/CFB8"] = "DESMAC/CFB8"; + algorithms["DES64"] = "DESMAC64"; + algorithms["DESEDE"] = "DESEDEMAC"; + algorithms[PkcsObjectIdentifiers.DesEde3Cbc.Id] = "DESEDEMAC"; + algorithms["DESEDE/CFB8"] = "DESEDEMAC/CFB8"; + algorithms["DESISO9797MAC"] = "DESWITHISO9797"; + algorithms["DESEDE64"] = "DESEDEMAC64"; + + algorithms["DESEDE64WITHISO7816-4PADDING"] = "DESEDEMAC64WITHISO7816-4PADDING"; + algorithms["DESEDEISO9797ALG1MACWITHISO7816-4PADDING"] = "DESEDEMAC64WITHISO7816-4PADDING"; + algorithms["DESEDEISO9797ALG1WITHISO7816-4PADDING"] = "DESEDEMAC64WITHISO7816-4PADDING"; + + algorithms["ISO9797ALG3"] = "ISO9797ALG3MAC"; + algorithms["ISO9797ALG3MACWITHISO7816-4PADDING"] = "ISO9797ALG3WITHISO7816-4PADDING"; + + algorithms["SKIPJACK"] = "SKIPJACKMAC"; + algorithms["SKIPJACK/CFB8"] = "SKIPJACKMAC/CFB8"; + algorithms["IDEA"] = "IDEAMAC"; + algorithms["IDEA/CFB8"] = "IDEAMAC/CFB8"; + algorithms["RC2"] = "RC2MAC"; + algorithms["RC2/CFB8"] = "RC2MAC/CFB8"; + algorithms["RC5"] = "RC5MAC"; + algorithms["RC5/CFB8"] = "RC5MAC/CFB8"; + algorithms["GOST28147"] = "GOST28147MAC"; + algorithms["VMPC"] = "VMPCMAC"; + algorithms["VMPC-MAC"] = "VMPCMAC"; + algorithms["SIPHASH"] = "SIPHASH-2-4"; + + algorithms["PBEWITHHMACSHA"] = "PBEWITHHMACSHA1"; + algorithms["1.3.14.3.2.26"] = "PBEWITHHMACSHA1"; + } + +// /// +// /// Returns a ObjectIdentifier for a given digest mechanism. +// /// +// /// A string representation of the digest meanism. +// /// A DerObjectIdentifier, null if the Oid is not available. +// public static DerObjectIdentifier GetObjectIdentifier( +// string mechanism) +// { +// mechanism = (string) algorithms[Platform.ToUpperInvariant(mechanism)]; +// +// if (mechanism != null) +// { +// return (DerObjectIdentifier)oids[mechanism]; +// } +// +// return null; +// } + +// public static ICollection Algorithms +// { +// get { return oids.Keys; } +// } + + public static IMac GetMac( + DerObjectIdentifier id) + { + return GetMac(id.Id); + } + + public static IMac GetMac( + string algorithm) + { + string upper = Platform.ToUpperInvariant(algorithm); + + string mechanism = (string) algorithms[upper]; + + if (mechanism == null) + { + mechanism = upper; + } + + if (Platform.StartsWith(mechanism, "PBEWITH")) + { + mechanism = mechanism.Substring("PBEWITH".Length); + } + + if (Platform.StartsWith(mechanism, "HMAC")) + { + string digestName; + if (Platform.StartsWith(mechanism, "HMAC-") || Platform.StartsWith(mechanism, "HMAC/")) + { + digestName = mechanism.Substring(5); + } + else + { + digestName = mechanism.Substring(4); + } + + return new HMac(DigestUtilities.GetDigest(digestName)); + } + + if (mechanism == "AESCMAC") + { + return new CMac(new AesEngine()); + } + if (mechanism == "DESMAC") + { + return new CbcBlockCipherMac(new DesEngine()); + } + if (mechanism == "DESMAC/CFB8") + { + return new CfbBlockCipherMac(new DesEngine()); + } + if (mechanism == "DESMAC64") + { + return new CbcBlockCipherMac(new DesEngine(), 64); + } + if (mechanism == "DESEDECMAC") + { + return new CMac(new DesEdeEngine()); + } + if (mechanism == "DESEDEMAC") + { + return new CbcBlockCipherMac(new DesEdeEngine()); + } + if (mechanism == "DESEDEMAC/CFB8") + { + return new CfbBlockCipherMac(new DesEdeEngine()); + } + if (mechanism == "DESEDEMAC64") + { + return new CbcBlockCipherMac(new DesEdeEngine(), 64); + } + if (mechanism == "DESEDEMAC64WITHISO7816-4PADDING") + { + return new CbcBlockCipherMac(new DesEdeEngine(), 64, new ISO7816d4Padding()); + } + if (mechanism == "DESWITHISO9797" + || mechanism == "ISO9797ALG3MAC") + { + return new ISO9797Alg3Mac(new DesEngine()); + } + if (mechanism == "ISO9797ALG3WITHISO7816-4PADDING") + { + return new ISO9797Alg3Mac(new DesEngine(), new ISO7816d4Padding()); + } + if (mechanism == "SKIPJACKMAC") + { + return new CbcBlockCipherMac(new SkipjackEngine()); + } + if (mechanism == "SKIPJACKMAC/CFB8") + { + return new CfbBlockCipherMac(new SkipjackEngine()); + } + if (mechanism == "IDEAMAC") + { + return new CbcBlockCipherMac(new IdeaEngine()); + } + if (mechanism == "IDEAMAC/CFB8") + { + return new CfbBlockCipherMac(new IdeaEngine()); + } + if (mechanism == "RC2MAC") + { + return new CbcBlockCipherMac(new RC2Engine()); + } + if (mechanism == "RC2MAC/CFB8") + { + return new CfbBlockCipherMac(new RC2Engine()); + } + if (mechanism == "RC5MAC") + { + return new CbcBlockCipherMac(new RC532Engine()); + } + if (mechanism == "RC5MAC/CFB8") + { + return new CfbBlockCipherMac(new RC532Engine()); + } + if (mechanism == "GOST28147MAC") + { + return new Gost28147Mac(); + } + if (mechanism == "VMPCMAC") + { + return new VmpcMac(); + } + if (mechanism == "SIPHASH-2-4") + { + return new SipHash(); + } + throw new SecurityUtilityException("Mac " + mechanism + " not recognised."); + } + + public static string GetAlgorithmName( + DerObjectIdentifier oid) + { + return (string) algorithms[oid.Id]; + } + + public static byte[] CalculateMac(string algorithm, ICipherParameters cp, byte[] input) + { + IMac mac = GetMac(algorithm); + mac.Init(cp); + mac.BlockUpdate(input, 0, input.Length); + return DoFinal(mac); + } + + public static byte[] DoFinal(IMac mac) + { + byte[] b = new byte[mac.GetMacSize()]; + mac.DoFinal(b, 0); + return b; + } + + public static byte[] DoFinal(IMac mac, byte[] input) + { + mac.BlockUpdate(input, 0, input.Length); + return DoFinal(mac); + } + } +} diff --git a/BouncyCastle/crypto/src/security/NoSuchAlgorithmException.cs b/BouncyCastle/crypto/src/security/NoSuchAlgorithmException.cs new file mode 100644 index 0000000..c56ec65 --- /dev/null +++ b/BouncyCastle/crypto/src/security/NoSuchAlgorithmException.cs @@ -0,0 +1,15 @@ +using System; + +namespace Org.BouncyCastle.Security +{ + [Obsolete("Never thrown")] +#if !(NETCF_1_0 || NETCF_2_0 || SILVERLIGHT || PORTABLE) + [Serializable] +#endif + public class NoSuchAlgorithmException : GeneralSecurityException + { + public NoSuchAlgorithmException() : base() {} + public NoSuchAlgorithmException(string message) : base(message) {} + public NoSuchAlgorithmException(string message, Exception exception) : base(message, exception) {} + } +} diff --git a/BouncyCastle/crypto/src/security/ParameterUtilities.cs b/BouncyCastle/crypto/src/security/ParameterUtilities.cs new file mode 100644 index 0000000..fdb8d86 --- /dev/null +++ b/BouncyCastle/crypto/src/security/ParameterUtilities.cs @@ -0,0 +1,372 @@ +using System; +using System.Collections; + +using Org.BouncyCastle.Asn1; +using Org.BouncyCastle.Asn1.CryptoPro; +using Org.BouncyCastle.Asn1.Kisa; +using Org.BouncyCastle.Asn1.Misc; +using Org.BouncyCastle.Asn1.Nist; +using Org.BouncyCastle.Asn1.Nsri; +using Org.BouncyCastle.Asn1.Ntt; +using Org.BouncyCastle.Asn1.Oiw; +using Org.BouncyCastle.Asn1.Pkcs; +using Org.BouncyCastle.Crypto; +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Security +{ + public sealed class ParameterUtilities + { + private ParameterUtilities() + { + } + + private static readonly IDictionary algorithms = Platform.CreateHashtable(); + private static readonly IDictionary basicIVSizes = Platform.CreateHashtable(); + + static ParameterUtilities() + { + AddAlgorithm("AES", + "AESWRAP"); + AddAlgorithm("AES128", + "2.16.840.1.101.3.4.2", + NistObjectIdentifiers.IdAes128Cbc, + NistObjectIdentifiers.IdAes128Ccm, + NistObjectIdentifiers.IdAes128Cfb, + NistObjectIdentifiers.IdAes128Ecb, + NistObjectIdentifiers.IdAes128Gcm, + NistObjectIdentifiers.IdAes128Ofb, + NistObjectIdentifiers.IdAes128Wrap); + AddAlgorithm("AES192", + "2.16.840.1.101.3.4.22", + NistObjectIdentifiers.IdAes192Cbc, + NistObjectIdentifiers.IdAes192Ccm, + NistObjectIdentifiers.IdAes192Cfb, + NistObjectIdentifiers.IdAes192Ecb, + NistObjectIdentifiers.IdAes192Gcm, + NistObjectIdentifiers.IdAes192Ofb, + NistObjectIdentifiers.IdAes192Wrap); + AddAlgorithm("AES256", + "2.16.840.1.101.3.4.42", + NistObjectIdentifiers.IdAes256Cbc, + NistObjectIdentifiers.IdAes256Ccm, + NistObjectIdentifiers.IdAes256Cfb, + NistObjectIdentifiers.IdAes256Ecb, + NistObjectIdentifiers.IdAes256Gcm, + NistObjectIdentifiers.IdAes256Ofb, + NistObjectIdentifiers.IdAes256Wrap); + AddAlgorithm("ARIA"); + AddAlgorithm("ARIA128", + NsriObjectIdentifiers.id_aria128_cbc, + NsriObjectIdentifiers.id_aria128_ccm, + NsriObjectIdentifiers.id_aria128_cfb, + NsriObjectIdentifiers.id_aria128_ctr, + NsriObjectIdentifiers.id_aria128_ecb, + NsriObjectIdentifiers.id_aria128_gcm, + NsriObjectIdentifiers.id_aria128_ocb2, + NsriObjectIdentifiers.id_aria128_ofb); + AddAlgorithm("ARIA192", + NsriObjectIdentifiers.id_aria192_cbc, + NsriObjectIdentifiers.id_aria192_ccm, + NsriObjectIdentifiers.id_aria192_cfb, + NsriObjectIdentifiers.id_aria192_ctr, + NsriObjectIdentifiers.id_aria192_ecb, + NsriObjectIdentifiers.id_aria192_gcm, + NsriObjectIdentifiers.id_aria192_ocb2, + NsriObjectIdentifiers.id_aria192_ofb); + AddAlgorithm("ARIA256", + NsriObjectIdentifiers.id_aria256_cbc, + NsriObjectIdentifiers.id_aria256_ccm, + NsriObjectIdentifiers.id_aria256_cfb, + NsriObjectIdentifiers.id_aria256_ctr, + NsriObjectIdentifiers.id_aria256_ecb, + NsriObjectIdentifiers.id_aria256_gcm, + NsriObjectIdentifiers.id_aria256_ocb2, + NsriObjectIdentifiers.id_aria256_ofb); + AddAlgorithm("BLOWFISH", + "1.3.6.1.4.1.3029.1.2"); + AddAlgorithm("CAMELLIA", + "CAMELLIAWRAP"); + AddAlgorithm("CAMELLIA128", + NttObjectIdentifiers.IdCamellia128Cbc, + NttObjectIdentifiers.IdCamellia128Wrap); + AddAlgorithm("CAMELLIA192", + NttObjectIdentifiers.IdCamellia192Cbc, + NttObjectIdentifiers.IdCamellia192Wrap); + AddAlgorithm("CAMELLIA256", + NttObjectIdentifiers.IdCamellia256Cbc, + NttObjectIdentifiers.IdCamellia256Wrap); + AddAlgorithm("CAST5", + "1.2.840.113533.7.66.10"); + AddAlgorithm("CAST6"); + AddAlgorithm("CHACHA"); + AddAlgorithm("CHACHA7539", + "CHACHA20", + "CHACHA20-POLY1305", + PkcsObjectIdentifiers.IdAlgAeadChaCha20Poly1305); + AddAlgorithm("DES", + OiwObjectIdentifiers.DesCbc, + OiwObjectIdentifiers.DesCfb, + OiwObjectIdentifiers.DesEcb, + OiwObjectIdentifiers.DesOfb); + AddAlgorithm("DESEDE", + "DESEDEWRAP", + "TDEA", + OiwObjectIdentifiers.DesEde, + PkcsObjectIdentifiers.IdAlgCms3DesWrap); + AddAlgorithm("DESEDE3", + PkcsObjectIdentifiers.DesEde3Cbc); + AddAlgorithm("GOST28147", + "GOST", + "GOST-28147", + CryptoProObjectIdentifiers.GostR28147Cbc); + AddAlgorithm("HC128"); + AddAlgorithm("HC256"); + AddAlgorithm("IDEA", + "1.3.6.1.4.1.188.7.1.1.2"); + AddAlgorithm("NOEKEON"); + AddAlgorithm("RC2", + PkcsObjectIdentifiers.RC2Cbc, + PkcsObjectIdentifiers.IdAlgCmsRC2Wrap); + AddAlgorithm("RC4", + "ARC4", + "1.2.840.113549.3.4"); + AddAlgorithm("RC5", + "RC5-32"); + AddAlgorithm("RC5-64"); + AddAlgorithm("RC6"); + AddAlgorithm("RIJNDAEL"); + AddAlgorithm("SALSA20"); + AddAlgorithm("SEED", + KisaObjectIdentifiers.IdNpkiAppCmsSeedWrap, + KisaObjectIdentifiers.IdSeedCbc); + AddAlgorithm("SERPENT"); + AddAlgorithm("SKIPJACK"); + AddAlgorithm("SM4"); + AddAlgorithm("TEA"); + AddAlgorithm("THREEFISH-256"); + AddAlgorithm("THREEFISH-512"); + AddAlgorithm("THREEFISH-1024"); + AddAlgorithm("TNEPRES"); + AddAlgorithm("TWOFISH"); + AddAlgorithm("VMPC"); + AddAlgorithm("VMPC-KSA3"); + AddAlgorithm("XTEA"); + + AddBasicIVSizeEntries(8, "BLOWFISH", "CHACHA", "DES", "DESEDE", "DESEDE3", "SALSA20"); + AddBasicIVSizeEntries(12, "CHACHA7539"); + AddBasicIVSizeEntries(16, "AES", "AES128", "AES192", "AES256", "ARIA", "ARIA128", "ARIA192", "ARIA256", + "CAMELLIA", "CAMELLIA128", "CAMELLIA192", "CAMELLIA256", "NOEKEON", "SEED", "SM4"); + + // TODO These algorithms support an IV + // but JCE doesn't seem to provide an AlgorithmParametersGenerator for them + // "RIJNDAEL", "SKIPJACK", "TWOFISH" + } + + private static void AddAlgorithm( + string canonicalName, + params object[] aliases) + { + algorithms[canonicalName] = canonicalName; + + foreach (object alias in aliases) + { + algorithms[alias.ToString()] = canonicalName; + } + } + + private static void AddBasicIVSizeEntries(int size, params string[] algorithms) + { + foreach (string algorithm in algorithms) + { + basicIVSizes.Add(algorithm, size); + } + } + + public static string GetCanonicalAlgorithmName( + string algorithm) + { + return (string) algorithms[Platform.ToUpperInvariant(algorithm)]; + } + + public static KeyParameter CreateKeyParameter( + DerObjectIdentifier algOid, + byte[] keyBytes) + { + return CreateKeyParameter(algOid.Id, keyBytes, 0, keyBytes.Length); + } + + public static KeyParameter CreateKeyParameter( + string algorithm, + byte[] keyBytes) + { + return CreateKeyParameter(algorithm, keyBytes, 0, keyBytes.Length); + } + + public static KeyParameter CreateKeyParameter( + DerObjectIdentifier algOid, + byte[] keyBytes, + int offset, + int length) + { + return CreateKeyParameter(algOid.Id, keyBytes, offset, length); + } + + public static KeyParameter CreateKeyParameter( + string algorithm, + byte[] keyBytes, + int offset, + int length) + { + if (algorithm == null) + throw new ArgumentNullException("algorithm"); + + string canonical = GetCanonicalAlgorithmName(algorithm); + + if (canonical == null) + throw new SecurityUtilityException("Algorithm " + algorithm + " not recognised."); + + if (canonical == "DES") + return new DesParameters(keyBytes, offset, length); + + if (canonical == "DESEDE" || canonical =="DESEDE3") + return new DesEdeParameters(keyBytes, offset, length); + + if (canonical == "RC2") + return new RC2Parameters(keyBytes, offset, length); + + return new KeyParameter(keyBytes, offset, length); + } + + public static ICipherParameters GetCipherParameters( + DerObjectIdentifier algOid, + ICipherParameters key, + Asn1Object asn1Params) + { + return GetCipherParameters(algOid.Id, key, asn1Params); + } + + public static ICipherParameters GetCipherParameters( + string algorithm, + ICipherParameters key, + Asn1Object asn1Params) + { + if (algorithm == null) + throw new ArgumentNullException("algorithm"); + + string canonical = GetCanonicalAlgorithmName(algorithm); + + if (canonical == null) + throw new SecurityUtilityException("Algorithm " + algorithm + " not recognised."); + + byte[] iv = null; + + try + { + // TODO These algorithms support an IV + // but JCE doesn't seem to provide an AlgorithmParametersGenerator for them + // "RIJNDAEL", "SKIPJACK", "TWOFISH" + + int basicIVKeySize = FindBasicIVSize(canonical); + if (basicIVKeySize != -1 + || canonical == "RIJNDAEL" || canonical == "SKIPJACK" || canonical == "TWOFISH") + { + iv = ((Asn1OctetString) asn1Params).GetOctets(); + } + else if (canonical == "CAST5") + { + iv = Cast5CbcParameters.GetInstance(asn1Params).GetIV(); + } + else if (canonical == "IDEA") + { + iv = IdeaCbcPar.GetInstance(asn1Params).GetIV(); + } + else if (canonical == "RC2") + { + iv = RC2CbcParameter.GetInstance(asn1Params).GetIV(); + } + } + catch (Exception e) + { + throw new ArgumentException("Could not process ASN.1 parameters", e); + } + + if (iv != null) + { + return new ParametersWithIV(key, iv); + } + + throw new SecurityUtilityException("Algorithm " + algorithm + " not recognised."); + } + + public static Asn1Encodable GenerateParameters( + DerObjectIdentifier algID, + SecureRandom random) + { + return GenerateParameters(algID.Id, random); + } + + public static Asn1Encodable GenerateParameters( + string algorithm, + SecureRandom random) + { + if (algorithm == null) + throw new ArgumentNullException("algorithm"); + + string canonical = GetCanonicalAlgorithmName(algorithm); + + if (canonical == null) + throw new SecurityUtilityException("Algorithm " + algorithm + " not recognised."); + + // TODO These algorithms support an IV + // but JCE doesn't seem to provide an AlgorithmParametersGenerator for them + // "RIJNDAEL", "SKIPJACK", "TWOFISH" + + int basicIVKeySize = FindBasicIVSize(canonical); + if (basicIVKeySize != -1) + return CreateIVOctetString(random, basicIVKeySize); + + if (canonical == "CAST5") + return new Cast5CbcParameters(CreateIV(random, 8), 128); + + if (canonical == "IDEA") + return new IdeaCbcPar(CreateIV(random, 8)); + + if (canonical == "RC2") + return new RC2CbcParameter(CreateIV(random, 8)); + + throw new SecurityUtilityException("Algorithm " + algorithm + " not recognised."); + } + + public static ICipherParameters WithRandom(ICipherParameters cp, SecureRandom random) + { + if (random != null) + { + cp = new ParametersWithRandom(cp, random); + } + return cp; + } + + private static Asn1OctetString CreateIVOctetString( + SecureRandom random, + int ivLength) + { + return new DerOctetString(CreateIV(random, ivLength)); + } + + private static byte[] CreateIV(SecureRandom random, int ivLength) + { + return SecureRandom.GetNextBytes(random, ivLength); + } + + private static int FindBasicIVSize( + string canonicalName) + { + if (!basicIVSizes.Contains(canonicalName)) + return -1; + + return (int)basicIVSizes[canonicalName]; + } + } +} diff --git a/BouncyCastle/crypto/src/security/PbeUtilities.cs b/BouncyCastle/crypto/src/security/PbeUtilities.cs new file mode 100644 index 0000000..622c6dd --- /dev/null +++ b/BouncyCastle/crypto/src/security/PbeUtilities.cs @@ -0,0 +1,693 @@ +using System; +using System.Collections; + +using Org.BouncyCastle.Asn1; +using Org.BouncyCastle.Asn1.BC; +using Org.BouncyCastle.Asn1.Nist; +using Org.BouncyCastle.Asn1.Oiw; +using Org.BouncyCastle.Asn1.Pkcs; +using Org.BouncyCastle.Asn1.TeleTrust; +using Org.BouncyCastle.Asn1.X509; +using Org.BouncyCastle.Crypto; +using Org.BouncyCastle.Crypto.Digests; +using Org.BouncyCastle.Crypto.Engines; +using Org.BouncyCastle.Crypto.Generators; +using Org.BouncyCastle.Crypto.Macs; +using Org.BouncyCastle.Crypto.Modes; +using Org.BouncyCastle.Crypto.Paddings; +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Security +{ + /// + /// + /// + public sealed class PbeUtilities + { + private PbeUtilities() + { + } + + const string Pkcs5S1 = "Pkcs5S1"; + const string Pkcs5S2 = "Pkcs5S2"; + const string Pkcs12 = "Pkcs12"; + const string OpenSsl = "OpenSsl"; + + private static readonly IDictionary algorithms = Platform.CreateHashtable(); + private static readonly IDictionary algorithmType = Platform.CreateHashtable(); + private static readonly IDictionary oids = Platform.CreateHashtable(); + + static PbeUtilities() + { + algorithms["PKCS5SCHEME1"] = "Pkcs5scheme1"; + algorithms["PKCS5SCHEME2"] = "Pkcs5scheme2"; + algorithms["PBKDF2"] = "Pkcs5scheme2"; + algorithms[PkcsObjectIdentifiers.IdPbeS2.Id] = "Pkcs5scheme2"; +// algorithms[PkcsObjectIdentifiers.IdPbkdf2.Id] = "Pkcs5scheme2"; + + // FIXME Add support for these? (see Pkcs8Generator) +// algorithms[PkcsObjectIdentifiers.DesEde3Cbc.Id] = "Pkcs5scheme2"; +// algorithms[NistObjectIdentifiers.IdAes128Cbc.Id] = "Pkcs5scheme2"; +// algorithms[NistObjectIdentifiers.IdAes192Cbc.Id] = "Pkcs5scheme2"; +// algorithms[NistObjectIdentifiers.IdAes256Cbc.Id] = "Pkcs5scheme2"; + + algorithms["PBEWITHMD2ANDDES-CBC"] = "PBEwithMD2andDES-CBC"; + algorithms[PkcsObjectIdentifiers.PbeWithMD2AndDesCbc.Id] = "PBEwithMD2andDES-CBC"; + algorithms["PBEWITHMD2ANDRC2-CBC"] = "PBEwithMD2andRC2-CBC"; + algorithms[PkcsObjectIdentifiers.PbeWithMD2AndRC2Cbc.Id] = "PBEwithMD2andRC2-CBC"; + algorithms["PBEWITHMD5ANDDES-CBC"] = "PBEwithMD5andDES-CBC"; + algorithms[PkcsObjectIdentifiers.PbeWithMD5AndDesCbc.Id] = "PBEwithMD5andDES-CBC"; + algorithms["PBEWITHMD5ANDRC2-CBC"] = "PBEwithMD5andRC2-CBC"; + algorithms[PkcsObjectIdentifiers.PbeWithMD5AndRC2Cbc.Id] = "PBEwithMD5andRC2-CBC"; + algorithms["PBEWITHSHA1ANDDES"] = "PBEwithSHA-1andDES-CBC"; + algorithms["PBEWITHSHA-1ANDDES"] = "PBEwithSHA-1andDES-CBC"; + algorithms["PBEWITHSHA1ANDDES-CBC"] = "PBEwithSHA-1andDES-CBC"; + algorithms["PBEWITHSHA-1ANDDES-CBC"] = "PBEwithSHA-1andDES-CBC"; + algorithms[PkcsObjectIdentifiers.PbeWithSha1AndDesCbc.Id] = "PBEwithSHA-1andDES-CBC"; + algorithms["PBEWITHSHA1ANDRC2"] = "PBEwithSHA-1andRC2-CBC"; + algorithms["PBEWITHSHA-1ANDRC2"] = "PBEwithSHA-1andRC2-CBC"; + algorithms["PBEWITHSHA1ANDRC2-CBC"] = "PBEwithSHA-1andRC2-CBC"; + algorithms["PBEWITHSHA-1ANDRC2-CBC"] = "PBEwithSHA-1andRC2-CBC"; + algorithms[PkcsObjectIdentifiers.PbeWithSha1AndRC2Cbc.Id] = "PBEwithSHA-1andRC2-CBC"; + algorithms["PKCS12"] = "Pkcs12"; + algorithms[BCObjectIdentifiers.bc_pbe_sha1_pkcs12_aes128_cbc.Id] = "PBEwithSHA-1and128bitAES-CBC-BC"; + algorithms[BCObjectIdentifiers.bc_pbe_sha1_pkcs12_aes192_cbc.Id] = "PBEwithSHA-1and192bitAES-CBC-BC"; + algorithms[BCObjectIdentifiers.bc_pbe_sha1_pkcs12_aes256_cbc.Id] = "PBEwithSHA-1and256bitAES-CBC-BC"; + algorithms[BCObjectIdentifiers.bc_pbe_sha256_pkcs12_aes128_cbc.Id] = "PBEwithSHA-256and128bitAES-CBC-BC"; + algorithms[BCObjectIdentifiers.bc_pbe_sha256_pkcs12_aes192_cbc.Id] = "PBEwithSHA-256and192bitAES-CBC-BC"; + algorithms[BCObjectIdentifiers.bc_pbe_sha256_pkcs12_aes256_cbc.Id] = "PBEwithSHA-256and256bitAES-CBC-BC"; + algorithms["PBEWITHSHAAND128BITRC4"] = "PBEwithSHA-1and128bitRC4"; + algorithms["PBEWITHSHA1AND128BITRC4"] = "PBEwithSHA-1and128bitRC4"; + algorithms["PBEWITHSHA-1AND128BITRC4"] = "PBEwithSHA-1and128bitRC4"; + algorithms[PkcsObjectIdentifiers.PbeWithShaAnd128BitRC4.Id] = "PBEwithSHA-1and128bitRC4"; + algorithms["PBEWITHSHAAND40BITRC4"] = "PBEwithSHA-1and40bitRC4"; + algorithms["PBEWITHSHA1AND40BITRC4"] = "PBEwithSHA-1and40bitRC4"; + algorithms["PBEWITHSHA-1AND40BITRC4"] = "PBEwithSHA-1and40bitRC4"; + algorithms[PkcsObjectIdentifiers.PbeWithShaAnd40BitRC4.Id] = "PBEwithSHA-1and40bitRC4"; + algorithms["PBEWITHSHAAND3-KEYDESEDE-CBC"] = "PBEwithSHA-1and3-keyDESEDE-CBC"; + algorithms["PBEWITHSHAAND3-KEYTRIPLEDES-CBC"] = "PBEwithSHA-1and3-keyDESEDE-CBC"; + algorithms["PBEWITHSHA1AND3-KEYDESEDE-CBC"] = "PBEwithSHA-1and3-keyDESEDE-CBC"; + algorithms["PBEWITHSHA1AND3-KEYTRIPLEDES-CBC"] = "PBEwithSHA-1and3-keyDESEDE-CBC"; + algorithms["PBEWITHSHA-1AND3-KEYDESEDE-CBC"] = "PBEwithSHA-1and3-keyDESEDE-CBC"; + algorithms["PBEWITHSHA-1AND3-KEYTRIPLEDES-CBC"] = "PBEwithSHA-1and3-keyDESEDE-CBC"; + algorithms[PkcsObjectIdentifiers.PbeWithShaAnd3KeyTripleDesCbc.Id] = "PBEwithSHA-1and3-keyDESEDE-CBC"; + algorithms["PBEWITHSHAAND2-KEYDESEDE-CBC"] = "PBEwithSHA-1and2-keyDESEDE-CBC"; + algorithms["PBEWITHSHAAND2-KEYTRIPLEDES-CBC"] = "PBEwithSHA-1and2-keyDESEDE-CBC"; + algorithms["PBEWITHSHA1AND2-KEYDESEDE-CBC"] = "PBEwithSHA-1and2-keyDESEDE-CBC"; + algorithms["PBEWITHSHA1AND2-KEYTRIPLEDES-CBC"] = "PBEwithSHA-1and2-keyDESEDE-CBC"; + algorithms["PBEWITHSHA-1AND2-KEYDESEDE-CBC"] = "PBEwithSHA-1and2-keyDESEDE-CBC"; + algorithms["PBEWITHSHA-1AND2-KEYTRIPLEDES-CBC"] = "PBEwithSHA-1and2-keyDESEDE-CBC"; + algorithms[PkcsObjectIdentifiers.PbeWithShaAnd2KeyTripleDesCbc.Id] = "PBEwithSHA-1and2-keyDESEDE-CBC"; + algorithms["PBEWITHSHAAND128BITRC2-CBC"] = "PBEwithSHA-1and128bitRC2-CBC"; + algorithms["PBEWITHSHA1AND128BITRC2-CBC"] = "PBEwithSHA-1and128bitRC2-CBC"; + algorithms["PBEWITHSHA-1AND128BITRC2-CBC"] = "PBEwithSHA-1and128bitRC2-CBC"; + algorithms[PkcsObjectIdentifiers.PbeWithShaAnd128BitRC2Cbc.Id] = "PBEwithSHA-1and128bitRC2-CBC"; + algorithms["PBEWITHSHAAND40BITRC2-CBC"] = "PBEwithSHA-1and40bitRC2-CBC"; + algorithms["PBEWITHSHA1AND40BITRC2-CBC"] = "PBEwithSHA-1and40bitRC2-CBC"; + algorithms["PBEWITHSHA-1AND40BITRC2-CBC"] = "PBEwithSHA-1and40bitRC2-CBC"; + algorithms[PkcsObjectIdentifiers.PbewithShaAnd40BitRC2Cbc.Id] = "PBEwithSHA-1and40bitRC2-CBC"; + algorithms["PBEWITHSHAAND128BITAES-CBC-BC"] = "PBEwithSHA-1and128bitAES-CBC-BC"; + algorithms["PBEWITHSHA1AND128BITAES-CBC-BC"] = "PBEwithSHA-1and128bitAES-CBC-BC"; + algorithms["PBEWITHSHA-1AND128BITAES-CBC-BC"] = "PBEwithSHA-1and128bitAES-CBC-BC"; + algorithms["PBEWITHSHAAND192BITAES-CBC-BC"] = "PBEwithSHA-1and192bitAES-CBC-BC"; + algorithms["PBEWITHSHA1AND192BITAES-CBC-BC"] = "PBEwithSHA-1and192bitAES-CBC-BC"; + algorithms["PBEWITHSHA-1AND192BITAES-CBC-BC"] = "PBEwithSHA-1and192bitAES-CBC-BC"; + algorithms["PBEWITHSHAAND256BITAES-CBC-BC"] = "PBEwithSHA-1and256bitAES-CBC-BC"; + algorithms["PBEWITHSHA1AND256BITAES-CBC-BC"] = "PBEwithSHA-1and256bitAES-CBC-BC"; + algorithms["PBEWITHSHA-1AND256BITAES-CBC-BC"] = "PBEwithSHA-1and256bitAES-CBC-BC"; + algorithms["PBEWITHSHA256AND128BITAES-CBC-BC"] = "PBEwithSHA-256and128bitAES-CBC-BC"; + algorithms["PBEWITHSHA-256AND128BITAES-CBC-BC"] = "PBEwithSHA-256and128bitAES-CBC-BC"; + algorithms["PBEWITHSHA256AND192BITAES-CBC-BC"] = "PBEwithSHA-256and192bitAES-CBC-BC"; + algorithms["PBEWITHSHA-256AND192BITAES-CBC-BC"] = "PBEwithSHA-256and192bitAES-CBC-BC"; + algorithms["PBEWITHSHA256AND256BITAES-CBC-BC"] = "PBEwithSHA-256and256bitAES-CBC-BC"; + algorithms["PBEWITHSHA-256AND256BITAES-CBC-BC"] = "PBEwithSHA-256and256bitAES-CBC-BC"; + algorithms["PBEWITHSHAANDIDEA"] = "PBEwithSHA-1andIDEA-CBC"; + algorithms["PBEWITHSHAANDIDEA-CBC"] = "PBEwithSHA-1andIDEA-CBC"; + algorithms["PBEWITHSHAANDTWOFISH"] = "PBEwithSHA-1andTWOFISH-CBC"; + algorithms["PBEWITHSHAANDTWOFISH-CBC"] = "PBEwithSHA-1andTWOFISH-CBC"; + algorithms["PBEWITHHMACSHA1"] = "PBEwithHmacSHA-1"; + algorithms["PBEWITHHMACSHA-1"] = "PBEwithHmacSHA-1"; + algorithms[OiwObjectIdentifiers.IdSha1.Id] = "PBEwithHmacSHA-1"; + algorithms["PBEWITHHMACSHA224"] = "PBEwithHmacSHA-224"; + algorithms["PBEWITHHMACSHA-224"] = "PBEwithHmacSHA-224"; + algorithms[NistObjectIdentifiers.IdSha224.Id] = "PBEwithHmacSHA-224"; + algorithms["PBEWITHHMACSHA256"] = "PBEwithHmacSHA-256"; + algorithms["PBEWITHHMACSHA-256"] = "PBEwithHmacSHA-256"; + algorithms[NistObjectIdentifiers.IdSha256.Id] = "PBEwithHmacSHA-256"; + algorithms["PBEWITHHMACRIPEMD128"] = "PBEwithHmacRipeMD128"; + algorithms[TeleTrusTObjectIdentifiers.RipeMD128.Id] = "PBEwithHmacRipeMD128"; + algorithms["PBEWITHHMACRIPEMD160"] = "PBEwithHmacRipeMD160"; + algorithms[TeleTrusTObjectIdentifiers.RipeMD160.Id] = "PBEwithHmacRipeMD160"; + algorithms["PBEWITHHMACRIPEMD256"] = "PBEwithHmacRipeMD256"; + algorithms[TeleTrusTObjectIdentifiers.RipeMD256.Id] = "PBEwithHmacRipeMD256"; + algorithms["PBEWITHHMACTIGER"] = "PBEwithHmacTiger"; + + algorithms["PBEWITHMD5AND128BITAES-CBC-OPENSSL"] = "PBEwithMD5and128bitAES-CBC-OpenSSL"; + algorithms["PBEWITHMD5AND192BITAES-CBC-OPENSSL"] = "PBEwithMD5and192bitAES-CBC-OpenSSL"; + algorithms["PBEWITHMD5AND256BITAES-CBC-OPENSSL"] = "PBEwithMD5and256bitAES-CBC-OpenSSL"; + + algorithmType["Pkcs5scheme1"] = Pkcs5S1; + algorithmType["Pkcs5scheme2"] = Pkcs5S2; + algorithmType["PBEwithMD2andDES-CBC"] = Pkcs5S1; + algorithmType["PBEwithMD2andRC2-CBC"] = Pkcs5S1; + algorithmType["PBEwithMD5andDES-CBC"] = Pkcs5S1; + algorithmType["PBEwithMD5andRC2-CBC"] = Pkcs5S1; + algorithmType["PBEwithSHA-1andDES-CBC"] = Pkcs5S1; + algorithmType["PBEwithSHA-1andRC2-CBC"] = Pkcs5S1; + algorithmType["Pkcs12"] = Pkcs12; + algorithmType["PBEwithSHA-1and128bitRC4"] = Pkcs12; + algorithmType["PBEwithSHA-1and40bitRC4"] = Pkcs12; + algorithmType["PBEwithSHA-1and3-keyDESEDE-CBC"] = Pkcs12; + algorithmType["PBEwithSHA-1and2-keyDESEDE-CBC"] = Pkcs12; + algorithmType["PBEwithSHA-1and128bitRC2-CBC"] = Pkcs12; + algorithmType["PBEwithSHA-1and40bitRC2-CBC"] = Pkcs12; + algorithmType["PBEwithSHA-1and128bitAES-CBC-BC"] = Pkcs12; + algorithmType["PBEwithSHA-1and192bitAES-CBC-BC"] = Pkcs12; + algorithmType["PBEwithSHA-1and256bitAES-CBC-BC"] = Pkcs12; + algorithmType["PBEwithSHA-256and128bitAES-CBC-BC"] = Pkcs12; + algorithmType["PBEwithSHA-256and192bitAES-CBC-BC"] = Pkcs12; + algorithmType["PBEwithSHA-256and256bitAES-CBC-BC"] = Pkcs12; + algorithmType["PBEwithSHA-1andIDEA-CBC"] = Pkcs12; + algorithmType["PBEwithSHA-1andTWOFISH-CBC"] = Pkcs12; + algorithmType["PBEwithHmacSHA-1"] = Pkcs12; + algorithmType["PBEwithHmacSHA-224"] = Pkcs12; + algorithmType["PBEwithHmacSHA-256"] = Pkcs12; + algorithmType["PBEwithHmacRipeMD128"] = Pkcs12; + algorithmType["PBEwithHmacRipeMD160"] = Pkcs12; + algorithmType["PBEwithHmacRipeMD256"] = Pkcs12; + algorithmType["PBEwithHmacTiger"] = Pkcs12; + + algorithmType["PBEwithMD5and128bitAES-CBC-OpenSSL"] = OpenSsl; + algorithmType["PBEwithMD5and192bitAES-CBC-OpenSSL"] = OpenSsl; + algorithmType["PBEwithMD5and256bitAES-CBC-OpenSSL"] = OpenSsl; + + oids["PBEwithMD2andDES-CBC"] = PkcsObjectIdentifiers.PbeWithMD2AndDesCbc; + oids["PBEwithMD2andRC2-CBC"] = PkcsObjectIdentifiers.PbeWithMD2AndRC2Cbc; + oids["PBEwithMD5andDES-CBC"] = PkcsObjectIdentifiers.PbeWithMD5AndDesCbc; + oids["PBEwithMD5andRC2-CBC"] = PkcsObjectIdentifiers.PbeWithMD5AndRC2Cbc; + oids["PBEwithSHA-1andDES-CBC"] = PkcsObjectIdentifiers.PbeWithSha1AndDesCbc; + oids["PBEwithSHA-1andRC2-CBC"] = PkcsObjectIdentifiers.PbeWithSha1AndRC2Cbc; + oids["PBEwithSHA-1and128bitRC4"] = PkcsObjectIdentifiers.PbeWithShaAnd128BitRC4; + oids["PBEwithSHA-1and40bitRC4"] = PkcsObjectIdentifiers.PbeWithShaAnd40BitRC4; + oids["PBEwithSHA-1and3-keyDESEDE-CBC"] = PkcsObjectIdentifiers.PbeWithShaAnd3KeyTripleDesCbc; + oids["PBEwithSHA-1and2-keyDESEDE-CBC"] = PkcsObjectIdentifiers.PbeWithShaAnd2KeyTripleDesCbc; + oids["PBEwithSHA-1and128bitRC2-CBC"] = PkcsObjectIdentifiers.PbeWithShaAnd128BitRC2Cbc; + oids["PBEwithSHA-1and40bitRC2-CBC"] = PkcsObjectIdentifiers.PbewithShaAnd40BitRC2Cbc; + oids["PBEwithHmacSHA-1"] = OiwObjectIdentifiers.IdSha1; + oids["PBEwithHmacSHA-224"] = NistObjectIdentifiers.IdSha224; + oids["PBEwithHmacSHA-256"] = NistObjectIdentifiers.IdSha256; + oids["PBEwithHmacRipeMD128"] = TeleTrusTObjectIdentifiers.RipeMD128; + oids["PBEwithHmacRipeMD160"] = TeleTrusTObjectIdentifiers.RipeMD160; + oids["PBEwithHmacRipeMD256"] = TeleTrusTObjectIdentifiers.RipeMD256; + oids["Pkcs5scheme2"] = PkcsObjectIdentifiers.IdPbeS2; + } + + static PbeParametersGenerator MakePbeGenerator( + string type, + IDigest digest, + byte[] key, + byte[] salt, + int iterationCount) + { + PbeParametersGenerator generator; + + if (type.Equals(Pkcs5S1)) + { + generator = new Pkcs5S1ParametersGenerator(digest); + } + else if (type.Equals(Pkcs5S2)) + { + generator = new Pkcs5S2ParametersGenerator(digest); + } + else if (type.Equals(Pkcs12)) + { + generator = new Pkcs12ParametersGenerator(digest); + } + else if (type.Equals(OpenSsl)) + { + generator = new OpenSslPbeParametersGenerator(); + } + else + { + throw new ArgumentException("Unknown PBE type: " + type, "type"); + } + + generator.Init(key, salt, iterationCount); + return generator; + } + + /// + /// Returns a ObjectIdentifier for a give encoding. + /// + /// A string representation of the encoding. + /// A DerObjectIdentifier, null if the Oid is not available. + public static DerObjectIdentifier GetObjectIdentifier( + string mechanism) + { + mechanism = (string) algorithms[Platform.ToUpperInvariant(mechanism)]; + if (mechanism != null) + { + return (DerObjectIdentifier)oids[mechanism]; + } + return null; + } + + public static ICollection Algorithms + { + get { return oids.Keys; } + } + + public static bool IsPkcs12( + string algorithm) + { + string mechanism = (string)algorithms[Platform.ToUpperInvariant(algorithm)]; + + return mechanism != null && Pkcs12.Equals(algorithmType[mechanism]); + } + + public static bool IsPkcs5Scheme1( + string algorithm) + { + string mechanism = (string)algorithms[Platform.ToUpperInvariant(algorithm)]; + + return mechanism != null && Pkcs5S1.Equals(algorithmType[mechanism]); + } + + public static bool IsPkcs5Scheme2( + string algorithm) + { + string mechanism = (string)algorithms[Platform.ToUpperInvariant(algorithm)]; + + return mechanism != null && Pkcs5S2.Equals(algorithmType[mechanism]); + } + + public static bool IsOpenSsl( + string algorithm) + { + string mechanism = (string)algorithms[Platform.ToUpperInvariant(algorithm)]; + + return mechanism != null && OpenSsl.Equals(algorithmType[mechanism]); + } + + public static bool IsPbeAlgorithm( + string algorithm) + { + string mechanism = (string)algorithms[Platform.ToUpperInvariant(algorithm)]; + + return mechanism != null && algorithmType[mechanism] != null; + } + + public static Asn1Encodable GenerateAlgorithmParameters( + DerObjectIdentifier algorithmOid, + byte[] salt, + int iterationCount) + { + return GenerateAlgorithmParameters(algorithmOid.Id, salt, iterationCount); + } + + public static Asn1Encodable GenerateAlgorithmParameters( + string algorithm, + byte[] salt, + int iterationCount) + { + if (IsPkcs12(algorithm)) + { + return new Pkcs12PbeParams(salt, iterationCount); + } + else if (IsPkcs5Scheme2(algorithm)) + { + return new Pbkdf2Params(salt, iterationCount); + } + else + { + return new PbeParameter(salt, iterationCount); + } + } + + public static Asn1Encodable GenerateAlgorithmParameters( + DerObjectIdentifier cipherAlgorithm, + DerObjectIdentifier hashAlgorithm, + byte[] salt, + int iterationCount, + SecureRandom secureRandom) + { + EncryptionScheme encScheme; + if (NistObjectIdentifiers.IdAes128Cbc.Equals(cipherAlgorithm) + || NistObjectIdentifiers.IdAes192Cbc.Equals(cipherAlgorithm) + || NistObjectIdentifiers.IdAes256Cbc.Equals(cipherAlgorithm) + || NistObjectIdentifiers.IdAes128Cfb.Equals(cipherAlgorithm) + || NistObjectIdentifiers.IdAes192Cfb.Equals(cipherAlgorithm) + || NistObjectIdentifiers.IdAes256Cfb.Equals(cipherAlgorithm)) + { + byte[] iv = new byte[16]; + secureRandom.NextBytes(iv); + encScheme = new EncryptionScheme(cipherAlgorithm, new DerOctetString(iv)); + } + else + { + throw new ArgumentException("unknown cipher: " + cipherAlgorithm); + } + + KeyDerivationFunc func = new KeyDerivationFunc(PkcsObjectIdentifiers.IdPbkdf2, new Pbkdf2Params(salt, iterationCount, new AlgorithmIdentifier(hashAlgorithm, DerNull.Instance))); + + return new PbeS2Parameters(func, encScheme); + } + + public static ICipherParameters GenerateCipherParameters( + DerObjectIdentifier algorithmOid, + char[] password, + Asn1Encodable pbeParameters) + { + return GenerateCipherParameters(algorithmOid.Id, password, false, pbeParameters); + } + + public static ICipherParameters GenerateCipherParameters( + DerObjectIdentifier algorithmOid, + char[] password, + bool wrongPkcs12Zero, + Asn1Encodable pbeParameters) + { + return GenerateCipherParameters(algorithmOid.Id, password, wrongPkcs12Zero, pbeParameters); + } + + public static ICipherParameters GenerateCipherParameters( + AlgorithmIdentifier algID, + char[] password) + { + return GenerateCipherParameters(algID.Algorithm.Id, password, false, algID.Parameters); + } + + public static ICipherParameters GenerateCipherParameters( + AlgorithmIdentifier algID, + char[] password, + bool wrongPkcs12Zero) + { + return GenerateCipherParameters(algID.Algorithm.Id, password, wrongPkcs12Zero, algID.Parameters); + } + + public static ICipherParameters GenerateCipherParameters( + string algorithm, + char[] password, + Asn1Encodable pbeParameters) + { + return GenerateCipherParameters(algorithm, password, false, pbeParameters); + } + + public static ICipherParameters GenerateCipherParameters( + string algorithm, + char[] password, + bool wrongPkcs12Zero, + Asn1Encodable pbeParameters) + { + string mechanism = (string)algorithms[Platform.ToUpperInvariant(algorithm)]; + + byte[] keyBytes = null; + byte[] salt = null; + int iterationCount = 0; + + if (IsPkcs12(mechanism)) + { + Pkcs12PbeParams pbeParams = Pkcs12PbeParams.GetInstance(pbeParameters); + salt = pbeParams.GetIV(); + iterationCount = pbeParams.Iterations.IntValue; + keyBytes = PbeParametersGenerator.Pkcs12PasswordToBytes(password, wrongPkcs12Zero); + } + else if (IsPkcs5Scheme2(mechanism)) + { + // See below + } + else + { + PbeParameter pbeParams = PbeParameter.GetInstance(pbeParameters); + salt = pbeParams.GetSalt(); + iterationCount = pbeParams.IterationCount.IntValue; + keyBytes = PbeParametersGenerator.Pkcs5PasswordToBytes(password); + } + + ICipherParameters parameters = null; + + if (IsPkcs5Scheme2(mechanism)) + { + PbeS2Parameters s2p = PbeS2Parameters.GetInstance(pbeParameters.ToAsn1Object()); + AlgorithmIdentifier encScheme = s2p.EncryptionScheme; + DerObjectIdentifier encOid = encScheme.Algorithm; + Asn1Object encParams = encScheme.Parameters.ToAsn1Object(); + + Pbkdf2Params pbeParams = Pbkdf2Params.GetInstance(s2p.KeyDerivationFunc.Parameters.ToAsn1Object()); + IDigest digest = DigestUtilities.GetDigest(pbeParams.Prf.Algorithm); + + byte[] iv; + if (encOid.Equals(PkcsObjectIdentifiers.RC2Cbc)) // PKCS5.B.2.3 + { + RC2CbcParameter rc2Params = RC2CbcParameter.GetInstance(encParams); + iv = rc2Params.GetIV(); + } + else + { + iv = Asn1OctetString.GetInstance(encParams).GetOctets(); + } + + salt = pbeParams.GetSalt(); + iterationCount = pbeParams.IterationCount.IntValue; + keyBytes = PbeParametersGenerator.Pkcs5PasswordToBytes(password); + + int keyLength = pbeParams.KeyLength != null + ? pbeParams.KeyLength.IntValue * 8 + : GeneratorUtilities.GetDefaultKeySize(encOid); + + PbeParametersGenerator gen = MakePbeGenerator( + (string)algorithmType[mechanism], digest, keyBytes, salt, iterationCount); + + parameters = gen.GenerateDerivedParameters(encOid.Id, keyLength); + + if (iv != null) + { + // FIXME? OpenSSL weirdness with IV of zeros (for ECB keys?) + if (Arrays.AreEqual(iv, new byte[iv.Length])) + { + //Console.Error.Write("***** IV all 0 (length " + iv.Length + ") *****"); + } + else + { + parameters = new ParametersWithIV(parameters, iv); + } + } + } + else if (Platform.StartsWith(mechanism, "PBEwithSHA-1")) + { + PbeParametersGenerator generator = MakePbeGenerator( + (string) algorithmType[mechanism], new Sha1Digest(), keyBytes, salt, iterationCount); + + if (mechanism.Equals("PBEwithSHA-1and128bitAES-CBC-BC")) + { + parameters = generator.GenerateDerivedParameters("AES", 128, 128); + } + else if (mechanism.Equals("PBEwithSHA-1and192bitAES-CBC-BC")) + { + parameters = generator.GenerateDerivedParameters("AES", 192, 128); + } + else if (mechanism.Equals("PBEwithSHA-1and256bitAES-CBC-BC")) + { + parameters = generator.GenerateDerivedParameters("AES", 256, 128); + } + else if (mechanism.Equals("PBEwithSHA-1and128bitRC4")) + { + parameters = generator.GenerateDerivedParameters("RC4", 128); + } + else if (mechanism.Equals("PBEwithSHA-1and40bitRC4")) + { + parameters = generator.GenerateDerivedParameters("RC4", 40); + } + else if (mechanism.Equals("PBEwithSHA-1and3-keyDESEDE-CBC")) + { + parameters = generator.GenerateDerivedParameters("DESEDE", 192, 64); + } + else if (mechanism.Equals("PBEwithSHA-1and2-keyDESEDE-CBC")) + { + parameters = generator.GenerateDerivedParameters("DESEDE", 128, 64); + } + else if (mechanism.Equals("PBEwithSHA-1and128bitRC2-CBC")) + { + parameters = generator.GenerateDerivedParameters("RC2", 128, 64); + } + else if (mechanism.Equals("PBEwithSHA-1and40bitRC2-CBC")) + { + parameters = generator.GenerateDerivedParameters("RC2", 40, 64); + } + else if (mechanism.Equals("PBEwithSHA-1andDES-CBC")) + { + parameters = generator.GenerateDerivedParameters("DES", 64, 64); + } + else if (mechanism.Equals("PBEwithSHA-1andRC2-CBC")) + { + parameters = generator.GenerateDerivedParameters("RC2", 64, 64); + } + } + else if (Platform.StartsWith(mechanism, "PBEwithSHA-256")) + { + PbeParametersGenerator generator = MakePbeGenerator( + (string) algorithmType[mechanism], new Sha256Digest(), keyBytes, salt, iterationCount); + + if (mechanism.Equals("PBEwithSHA-256and128bitAES-CBC-BC")) + { + parameters = generator.GenerateDerivedParameters("AES", 128, 128); + } + else if (mechanism.Equals("PBEwithSHA-256and192bitAES-CBC-BC")) + { + parameters = generator.GenerateDerivedParameters("AES", 192, 128); + } + else if (mechanism.Equals("PBEwithSHA-256and256bitAES-CBC-BC")) + { + parameters = generator.GenerateDerivedParameters("AES", 256, 128); + } + } + else if (Platform.StartsWith(mechanism, "PBEwithMD5")) + { + PbeParametersGenerator generator = MakePbeGenerator( + (string)algorithmType[mechanism], new MD5Digest(), keyBytes, salt, iterationCount); + + if (mechanism.Equals("PBEwithMD5andDES-CBC")) + { + parameters = generator.GenerateDerivedParameters("DES", 64, 64); + } + else if (mechanism.Equals("PBEwithMD5andRC2-CBC")) + { + parameters = generator.GenerateDerivedParameters("RC2", 64, 64); + } + else if (mechanism.Equals("PBEwithMD5and128bitAES-CBC-OpenSSL")) + { + parameters = generator.GenerateDerivedParameters("AES", 128, 128); + } + else if (mechanism.Equals("PBEwithMD5and192bitAES-CBC-OpenSSL")) + { + parameters = generator.GenerateDerivedParameters("AES", 192, 128); + } + else if (mechanism.Equals("PBEwithMD5and256bitAES-CBC-OpenSSL")) + { + parameters = generator.GenerateDerivedParameters("AES", 256, 128); + } + } + else if (Platform.StartsWith(mechanism, "PBEwithMD2")) + { + PbeParametersGenerator generator = MakePbeGenerator( + (string)algorithmType[mechanism], new MD2Digest(), keyBytes, salt, iterationCount); + if (mechanism.Equals("PBEwithMD2andDES-CBC")) + { + parameters = generator.GenerateDerivedParameters("DES", 64, 64); + } + else if (mechanism.Equals("PBEwithMD2andRC2-CBC")) + { + parameters = generator.GenerateDerivedParameters("RC2", 64, 64); + } + } + else if (Platform.StartsWith(mechanism, "PBEwithHmac")) + { + string digestName = mechanism.Substring("PBEwithHmac".Length); + IDigest digest = DigestUtilities.GetDigest(digestName); + + PbeParametersGenerator generator = MakePbeGenerator( + (string) algorithmType[mechanism], digest, keyBytes, salt, iterationCount); + + int bitLen = digest.GetDigestSize() * 8; + parameters = generator.GenerateDerivedMacParameters(bitLen); + } + + Array.Clear(keyBytes, 0, keyBytes.Length); + + return FixDesParity(mechanism, parameters); + } + + public static object CreateEngine( + DerObjectIdentifier algorithmOid) + { + return CreateEngine(algorithmOid.Id); + } + + public static object CreateEngine( + AlgorithmIdentifier algID) + { + string algorithm = algID.Algorithm.Id; + + if (IsPkcs5Scheme2(algorithm)) + { + PbeS2Parameters s2p = PbeS2Parameters.GetInstance(algID.Parameters.ToAsn1Object()); + AlgorithmIdentifier encScheme = s2p.EncryptionScheme; + return CipherUtilities.GetCipher(encScheme.Algorithm); + } + + return CreateEngine(algorithm); + } + + public static object CreateEngine( + string algorithm) + { + string mechanism = (string)algorithms[Platform.ToUpperInvariant(algorithm)]; + + if (Platform.StartsWith(mechanism, "PBEwithHmac")) + { + string digestName = mechanism.Substring("PBEwithHmac".Length); + + return MacUtilities.GetMac("HMAC/" + digestName); + } + + if (Platform.StartsWith(mechanism, "PBEwithMD2") + || Platform.StartsWith(mechanism, "PBEwithMD5") + || Platform.StartsWith(mechanism, "PBEwithSHA-1") + || Platform.StartsWith(mechanism, "PBEwithSHA-256")) + { + if (Platform.EndsWith(mechanism, "AES-CBC-BC") || Platform.EndsWith(mechanism, "AES-CBC-OPENSSL")) + { + return CipherUtilities.GetCipher("AES/CBC"); + } + + if (Platform.EndsWith(mechanism, "DES-CBC")) + { + return CipherUtilities.GetCipher("DES/CBC"); + } + + if (Platform.EndsWith(mechanism, "DESEDE-CBC")) + { + return CipherUtilities.GetCipher("DESEDE/CBC"); + } + + if (Platform.EndsWith(mechanism, "RC2-CBC")) + { + return CipherUtilities.GetCipher("RC2/CBC"); + } + + if (Platform.EndsWith(mechanism, "RC4")) + { + return CipherUtilities.GetCipher("RC4"); + } + } + + return null; + } + + public static string GetEncodingName( + DerObjectIdentifier oid) + { + return (string) algorithms[oid.Id]; + } + + private static ICipherParameters FixDesParity(string mechanism, ICipherParameters parameters) + { + if (!Platform.EndsWith(mechanism, "DES-CBC") && !Platform.EndsWith(mechanism, "DESEDE-CBC")) + { + return parameters; + } + + if (parameters is ParametersWithIV) + { + ParametersWithIV ivParams = (ParametersWithIV)parameters; + return new ParametersWithIV(FixDesParity(mechanism, ivParams.Parameters), ivParams.GetIV()); + } + + KeyParameter kParam = (KeyParameter)parameters; + byte[] keyBytes = kParam.GetKey(); + DesParameters.SetOddParity(keyBytes); + return new KeyParameter(keyBytes); + } + } +} diff --git a/BouncyCastle/crypto/src/security/PrivateKeyFactory.cs b/BouncyCastle/crypto/src/security/PrivateKeyFactory.cs new file mode 100644 index 0000000..a8c4d94 --- /dev/null +++ b/BouncyCastle/crypto/src/security/PrivateKeyFactory.cs @@ -0,0 +1,338 @@ +using System; +using System.Collections; +using System.IO; +using System.Text; + +using Org.BouncyCastle.Asn1; +using Org.BouncyCastle.Asn1.CryptoPro; +using Org.BouncyCastle.Asn1.EdEC; +using Org.BouncyCastle.Asn1.Oiw; +using Org.BouncyCastle.Asn1.Pkcs; +using Org.BouncyCastle.Asn1.Rosstandart; +using Org.BouncyCastle.Asn1.Sec; +using Org.BouncyCastle.Asn1.X509; +using Org.BouncyCastle.Asn1.X9; +using Org.BouncyCastle.Crypto; +using Org.BouncyCastle.Crypto.Generators; +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Math; +using Org.BouncyCastle.Pkcs; +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Security +{ + public sealed class PrivateKeyFactory + { + private PrivateKeyFactory() + { + } + + public static AsymmetricKeyParameter CreateKey( + byte[] privateKeyInfoData) + { + return CreateKey( + PrivateKeyInfo.GetInstance( + Asn1Object.FromByteArray(privateKeyInfoData))); + } + + public static AsymmetricKeyParameter CreateKey( + Stream inStr) + { + return CreateKey( + PrivateKeyInfo.GetInstance( + Asn1Object.FromStream(inStr))); + } + + public static AsymmetricKeyParameter CreateKey( + PrivateKeyInfo keyInfo) + { + AlgorithmIdentifier algID = keyInfo.PrivateKeyAlgorithm; + DerObjectIdentifier algOid = algID.Algorithm; + + // TODO See RSAUtil.isRsaOid in Java build + if (algOid.Equals(PkcsObjectIdentifiers.RsaEncryption) + || algOid.Equals(X509ObjectIdentifiers.IdEARsa) + || algOid.Equals(PkcsObjectIdentifiers.IdRsassaPss) + || algOid.Equals(PkcsObjectIdentifiers.IdRsaesOaep)) + { + RsaPrivateKeyStructure keyStructure = RsaPrivateKeyStructure.GetInstance(keyInfo.ParsePrivateKey()); + + return new RsaPrivateCrtKeyParameters( + keyStructure.Modulus, + keyStructure.PublicExponent, + keyStructure.PrivateExponent, + keyStructure.Prime1, + keyStructure.Prime2, + keyStructure.Exponent1, + keyStructure.Exponent2, + keyStructure.Coefficient); + } + // TODO? + // else if (algOid.Equals(X9ObjectIdentifiers.DHPublicNumber)) + else if (algOid.Equals(PkcsObjectIdentifiers.DhKeyAgreement)) + { + DHParameter para = new DHParameter( + Asn1Sequence.GetInstance(algID.Parameters.ToAsn1Object())); + DerInteger derX = (DerInteger)keyInfo.ParsePrivateKey(); + + BigInteger lVal = para.L; + int l = lVal == null ? 0 : lVal.IntValue; + DHParameters dhParams = new DHParameters(para.P, para.G, null, l); + + return new DHPrivateKeyParameters(derX.Value, dhParams, algOid); + } + else if (algOid.Equals(OiwObjectIdentifiers.ElGamalAlgorithm)) + { + ElGamalParameter para = new ElGamalParameter( + Asn1Sequence.GetInstance(algID.Parameters.ToAsn1Object())); + DerInteger derX = (DerInteger)keyInfo.ParsePrivateKey(); + + return new ElGamalPrivateKeyParameters( + derX.Value, + new ElGamalParameters(para.P, para.G)); + } + else if (algOid.Equals(X9ObjectIdentifiers.IdDsa)) + { + DerInteger derX = (DerInteger)keyInfo.ParsePrivateKey(); + Asn1Encodable ae = algID.Parameters; + + DsaParameters parameters = null; + if (ae != null) + { + DsaParameter para = DsaParameter.GetInstance(ae.ToAsn1Object()); + parameters = new DsaParameters(para.P, para.Q, para.G); + } + + return new DsaPrivateKeyParameters(derX.Value, parameters); + } + else if (algOid.Equals(X9ObjectIdentifiers.IdECPublicKey)) + { + X962Parameters para = X962Parameters.GetInstance(algID.Parameters.ToAsn1Object()); + + X9ECParameters x9; + if (para.IsNamedCurve) + { + x9 = ECKeyPairGenerator.FindECCurveByOid((DerObjectIdentifier)para.Parameters); + } + else + { + x9 = new X9ECParameters((Asn1Sequence)para.Parameters); + } + + ECPrivateKeyStructure ec = ECPrivateKeyStructure.GetInstance(keyInfo.ParsePrivateKey()); + BigInteger d = ec.GetKey(); + + if (para.IsNamedCurve) + { + return new ECPrivateKeyParameters("EC", d, (DerObjectIdentifier)para.Parameters); + } + + ECDomainParameters dParams = new ECDomainParameters(x9.Curve, x9.G, x9.N, x9.H, x9.GetSeed()); + return new ECPrivateKeyParameters(d, dParams); + } + else if (algOid.Equals(CryptoProObjectIdentifiers.GostR3410x2001)) + { + Gost3410PublicKeyAlgParameters gostParams = Gost3410PublicKeyAlgParameters.GetInstance( + algID.Parameters.ToAsn1Object()); + + X9ECParameters ecP = ECGost3410NamedCurves.GetByOidX9(gostParams.PublicKeyParamSet); + + if (ecP == null) + throw new ArgumentException("Unrecognized curve OID for GostR3410x2001 private key"); + + Asn1Object privKey = keyInfo.ParsePrivateKey(); + ECPrivateKeyStructure ec; + + if (privKey is DerInteger) + { + ec = new ECPrivateKeyStructure(ecP.N.BitLength, ((DerInteger)privKey).PositiveValue); + } + else + { + ec = ECPrivateKeyStructure.GetInstance(privKey); + } + + return new ECPrivateKeyParameters("ECGOST3410", ec.GetKey(), gostParams.PublicKeyParamSet); + } + else if (algOid.Equals(CryptoProObjectIdentifiers.GostR3410x94)) + { + Gost3410PublicKeyAlgParameters gostParams = Gost3410PublicKeyAlgParameters.GetInstance(algID.Parameters); + + Asn1Object privKey = keyInfo.ParsePrivateKey(); + BigInteger x; + + if (privKey is DerInteger) + { + x = DerInteger.GetInstance(privKey).PositiveValue; + } + else + { + x = new BigInteger(1, Arrays.Reverse(Asn1OctetString.GetInstance(privKey).GetOctets())); + } + + return new Gost3410PrivateKeyParameters(x, gostParams.PublicKeyParamSet); + } + else if (algOid.Equals(EdECObjectIdentifiers.id_X25519)) + { + return new X25519PrivateKeyParameters(GetRawKey(keyInfo)); + } + else if (algOid.Equals(EdECObjectIdentifiers.id_X448)) + { + return new X448PrivateKeyParameters(GetRawKey(keyInfo)); + } + else if (algOid.Equals(EdECObjectIdentifiers.id_Ed25519)) + { + return new Ed25519PrivateKeyParameters(GetRawKey(keyInfo)); + } + else if (algOid.Equals(EdECObjectIdentifiers.id_Ed448)) + { + return new Ed448PrivateKeyParameters(GetRawKey(keyInfo)); + } + else if (algOid.Equals(RosstandartObjectIdentifiers.id_tc26_gost_3410_12_512) + || algOid.Equals(RosstandartObjectIdentifiers.id_tc26_gost_3410_12_256)) + { + Gost3410PublicKeyAlgParameters gostParams = Gost3410PublicKeyAlgParameters.GetInstance(keyInfo.PrivateKeyAlgorithm.Parameters); + ECGost3410Parameters ecSpec; + BigInteger d; + Asn1Object p = keyInfo.PrivateKeyAlgorithm.Parameters.ToAsn1Object(); + if (p is Asn1Sequence && (Asn1Sequence.GetInstance(p).Count == 2 || Asn1Sequence.GetInstance(p).Count == 3)) + { + + X9ECParameters ecP = ECGost3410NamedCurves.GetByOidX9(gostParams.PublicKeyParamSet); + + ecSpec = new ECGost3410Parameters( + new ECNamedDomainParameters( + gostParams.PublicKeyParamSet, ecP), + gostParams.PublicKeyParamSet, + gostParams.DigestParamSet, + gostParams.EncryptionParamSet); + + Asn1OctetString privEnc = keyInfo.PrivateKeyData; + if (privEnc.GetOctets().Length == 32 || privEnc.GetOctets().Length == 64) + { + byte[] dVal = Arrays.Reverse(privEnc.GetOctets()); + d = new BigInteger(1, dVal); + } + else + { + Asn1Encodable privKey = keyInfo.ParsePrivateKey(); + if (privKey is DerInteger) + { + d = DerInteger.GetInstance(privKey).PositiveValue; + } + else + { + byte[] dVal = Arrays.Reverse(Asn1OctetString.GetInstance(privKey).GetOctets()); + d = new BigInteger(1, dVal); + } + } + } + else + { + X962Parameters parameters = X962Parameters.GetInstance(keyInfo.PrivateKeyAlgorithm.Parameters); + + if (parameters.IsNamedCurve) + { + DerObjectIdentifier oid = DerObjectIdentifier.GetInstance(parameters.Parameters); + X9ECParameters ecP = ECKeyPairGenerator.FindECCurveByOid(oid); + + ecSpec = new ECGost3410Parameters(new ECNamedDomainParameters(oid, ecP), + gostParams.PublicKeyParamSet, gostParams.DigestParamSet, + gostParams.EncryptionParamSet); + } + else if (parameters.IsImplicitlyCA) + { + ecSpec = null; + } + else + { + X9ECParameters ecP = X9ECParameters.GetInstance(parameters.Parameters); + ecSpec = new ECGost3410Parameters(new ECNamedDomainParameters(algOid, ecP), + gostParams.PublicKeyParamSet, gostParams.DigestParamSet, + gostParams.EncryptionParamSet); + } + + Asn1Encodable privKey = keyInfo.ParsePrivateKey(); + if (privKey is DerInteger) + { + DerInteger derD = DerInteger.GetInstance(privKey); + d = derD.Value; + } + else + { + ECPrivateKeyStructure ec = ECPrivateKeyStructure.GetInstance(privKey); + d = ec.GetKey(); + } + } + + return new ECPrivateKeyParameters( + d, + new ECGost3410Parameters( + ecSpec, + gostParams.PublicKeyParamSet, + gostParams.DigestParamSet, + gostParams.EncryptionParamSet)); + + } + else + { + throw new SecurityUtilityException("algorithm identifier in private key not recognised"); + } + } + + private static byte[] GetRawKey(PrivateKeyInfo keyInfo) + { + return Asn1OctetString.GetInstance(keyInfo.ParsePrivateKey()).GetOctets(); + } + + public static AsymmetricKeyParameter DecryptKey( + char[] passPhrase, + EncryptedPrivateKeyInfo encInfo) + { + return CreateKey(PrivateKeyInfoFactory.CreatePrivateKeyInfo(passPhrase, encInfo)); + } + + public static AsymmetricKeyParameter DecryptKey( + char[] passPhrase, + byte[] encryptedPrivateKeyInfoData) + { + return DecryptKey(passPhrase, Asn1Object.FromByteArray(encryptedPrivateKeyInfoData)); + } + + public static AsymmetricKeyParameter DecryptKey( + char[] passPhrase, + Stream encryptedPrivateKeyInfoStream) + { + return DecryptKey(passPhrase, Asn1Object.FromStream(encryptedPrivateKeyInfoStream)); + } + + private static AsymmetricKeyParameter DecryptKey( + char[] passPhrase, + Asn1Object asn1Object) + { + return DecryptKey(passPhrase, EncryptedPrivateKeyInfo.GetInstance(asn1Object)); + } + + public static byte[] EncryptKey( + DerObjectIdentifier algorithm, + char[] passPhrase, + byte[] salt, + int iterationCount, + AsymmetricKeyParameter key) + { + return EncryptedPrivateKeyInfoFactory.CreateEncryptedPrivateKeyInfo( + algorithm, passPhrase, salt, iterationCount, key).GetEncoded(); + } + + public static byte[] EncryptKey( + string algorithm, + char[] passPhrase, + byte[] salt, + int iterationCount, + AsymmetricKeyParameter key) + { + return EncryptedPrivateKeyInfoFactory.CreateEncryptedPrivateKeyInfo( + algorithm, passPhrase, salt, iterationCount, key).GetEncoded(); + } + } +} diff --git a/BouncyCastle/crypto/src/security/PublicKeyFactory.cs b/BouncyCastle/crypto/src/security/PublicKeyFactory.cs new file mode 100644 index 0000000..10b2aac --- /dev/null +++ b/BouncyCastle/crypto/src/security/PublicKeyFactory.cs @@ -0,0 +1,320 @@ +using System; +using System.Collections; +using System.IO; +using System.Text; + +using Org.BouncyCastle.Asn1; +using Org.BouncyCastle.Asn1.CryptoPro; +using Org.BouncyCastle.Asn1.EdEC; +using Org.BouncyCastle.Asn1.Oiw; +using Org.BouncyCastle.Asn1.Pkcs; +using Org.BouncyCastle.Asn1.Rosstandart; +using Org.BouncyCastle.Asn1.Sec; +using Org.BouncyCastle.Asn1.X509; +using Org.BouncyCastle.Asn1.X9; +using Org.BouncyCastle.Crypto; +using Org.BouncyCastle.Crypto.Generators; +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Math; +using Org.BouncyCastle.Math.EC; +using Org.BouncyCastle.Utilities; +using Org.BouncyCastle.Utilities.Encoders; + +namespace Org.BouncyCastle.Security +{ + public sealed class PublicKeyFactory + { + private PublicKeyFactory() + { + } + + public static AsymmetricKeyParameter CreateKey( + byte[] keyInfoData) + { + return CreateKey( + SubjectPublicKeyInfo.GetInstance( + Asn1Object.FromByteArray(keyInfoData))); + } + + public static AsymmetricKeyParameter CreateKey( + Stream inStr) + { + return CreateKey( + SubjectPublicKeyInfo.GetInstance( + Asn1Object.FromStream(inStr))); + } + + public static AsymmetricKeyParameter CreateKey( + SubjectPublicKeyInfo keyInfo) + { + AlgorithmIdentifier algID = keyInfo.AlgorithmID; + DerObjectIdentifier algOid = algID.Algorithm; + + // TODO See RSAUtil.isRsaOid in Java build + if (algOid.Equals(PkcsObjectIdentifiers.RsaEncryption) + || algOid.Equals(X509ObjectIdentifiers.IdEARsa) + || algOid.Equals(PkcsObjectIdentifiers.IdRsassaPss) + || algOid.Equals(PkcsObjectIdentifiers.IdRsaesOaep)) + { + RsaPublicKeyStructure pubKey = RsaPublicKeyStructure.GetInstance( + keyInfo.ParsePublicKey()); + + return new RsaKeyParameters(false, pubKey.Modulus, pubKey.PublicExponent); + } + else if (algOid.Equals(X9ObjectIdentifiers.DHPublicNumber)) + { + Asn1Sequence seq = Asn1Sequence.GetInstance(algID.Parameters.ToAsn1Object()); + + DHPublicKey dhPublicKey = DHPublicKey.GetInstance(keyInfo.ParsePublicKey()); + + BigInteger y = dhPublicKey.Y.Value; + + if (IsPkcsDHParam(seq)) + return ReadPkcsDHParam(algOid, y, seq); + + DHDomainParameters dhParams = DHDomainParameters.GetInstance(seq); + + BigInteger p = dhParams.P.Value; + BigInteger g = dhParams.G.Value; + BigInteger q = dhParams.Q.Value; + + BigInteger j = null; + if (dhParams.J != null) + { + j = dhParams.J.Value; + } + + DHValidationParameters validation = null; + DHValidationParms dhValidationParms = dhParams.ValidationParms; + if (dhValidationParms != null) + { + byte[] seed = dhValidationParms.Seed.GetBytes(); + BigInteger pgenCounter = dhValidationParms.PgenCounter.Value; + + // TODO Check pgenCounter size? + + validation = new DHValidationParameters(seed, pgenCounter.IntValue); + } + + return new DHPublicKeyParameters(y, new DHParameters(p, g, q, j, validation)); + } + else if (algOid.Equals(PkcsObjectIdentifiers.DhKeyAgreement)) + { + Asn1Sequence seq = Asn1Sequence.GetInstance(algID.Parameters.ToAsn1Object()); + + DerInteger derY = (DerInteger)keyInfo.ParsePublicKey(); + + return ReadPkcsDHParam(algOid, derY.Value, seq); + } + else if (algOid.Equals(OiwObjectIdentifiers.ElGamalAlgorithm)) + { + ElGamalParameter para = new ElGamalParameter( + Asn1Sequence.GetInstance(algID.Parameters.ToAsn1Object())); + DerInteger derY = (DerInteger)keyInfo.ParsePublicKey(); + + return new ElGamalPublicKeyParameters( + derY.Value, + new ElGamalParameters(para.P, para.G)); + } + else if (algOid.Equals(X9ObjectIdentifiers.IdDsa) + || algOid.Equals(OiwObjectIdentifiers.DsaWithSha1)) + { + DerInteger derY = (DerInteger)keyInfo.ParsePublicKey(); + Asn1Encodable ae = algID.Parameters; + + DsaParameters parameters = null; + if (ae != null) + { + DsaParameter para = DsaParameter.GetInstance(ae.ToAsn1Object()); + parameters = new DsaParameters(para.P, para.Q, para.G); + } + + return new DsaPublicKeyParameters(derY.Value, parameters); + } + else if (algOid.Equals(X9ObjectIdentifiers.IdECPublicKey)) + { + X962Parameters para = X962Parameters.GetInstance(algID.Parameters.ToAsn1Object()); + + X9ECParameters x9; + if (para.IsNamedCurve) + { + x9 = ECKeyPairGenerator.FindECCurveByOid((DerObjectIdentifier)para.Parameters); + } + else + { + x9 = new X9ECParameters((Asn1Sequence)para.Parameters); + } + + Asn1OctetString key = new DerOctetString(keyInfo.PublicKeyData.GetBytes()); + X9ECPoint derQ = new X9ECPoint(x9.Curve, key); + ECPoint q = derQ.Point; + + if (para.IsNamedCurve) + { + return new ECPublicKeyParameters("EC", q, (DerObjectIdentifier)para.Parameters); + } + + ECDomainParameters dParams = new ECDomainParameters(x9); + return new ECPublicKeyParameters(q, dParams); + } + else if (algOid.Equals(CryptoProObjectIdentifiers.GostR3410x2001)) + { + Gost3410PublicKeyAlgParameters gostParams = Gost3410PublicKeyAlgParameters.GetInstance(algID.Parameters); + DerObjectIdentifier publicKeyParamSet = gostParams.PublicKeyParamSet; + + X9ECParameters ecP = ECGost3410NamedCurves.GetByOidX9(publicKeyParamSet); + if (ecP == null) + return null; + + Asn1OctetString key; + try + { + key = (Asn1OctetString)keyInfo.ParsePublicKey(); + } + catch (IOException e) + { + throw new ArgumentException("error recovering GOST3410_2001 public key", e); + } + + int fieldSize = 32; + int keySize = 2 * fieldSize; + + byte[] keyEnc = key.GetOctets(); + if (keyEnc.Length != keySize) + throw new ArgumentException("invalid length for GOST3410_2001 public key"); + + byte[] x9Encoding = new byte[1 + keySize]; + x9Encoding[0] = 0x04; + for (int i = 1; i <= fieldSize; ++i) + { + x9Encoding[i] = keyEnc[fieldSize - i]; + x9Encoding[i + fieldSize] = keyEnc[keySize - i]; + } + + ECPoint q = ecP.Curve.DecodePoint(x9Encoding); + + return new ECPublicKeyParameters("ECGOST3410", q, publicKeyParamSet); + } + else if (algOid.Equals(CryptoProObjectIdentifiers.GostR3410x94)) + { + Gost3410PublicKeyAlgParameters algParams = Gost3410PublicKeyAlgParameters.GetInstance(algID.Parameters); + + Asn1OctetString key; + try + { + key = (Asn1OctetString)keyInfo.ParsePublicKey(); + } + catch (IOException e) + { + throw new ArgumentException("error recovering GOST3410_94 public key", e); + } + + byte[] keyBytes = Arrays.Reverse(key.GetOctets()); // was little endian + + BigInteger y = new BigInteger(1, keyBytes); + + return new Gost3410PublicKeyParameters(y, algParams.PublicKeyParamSet); + } + else if (algOid.Equals(EdECObjectIdentifiers.id_X25519)) + { + return new X25519PublicKeyParameters(GetRawKey(keyInfo)); + } + else if (algOid.Equals(EdECObjectIdentifiers.id_X448)) + { + return new X448PublicKeyParameters(GetRawKey(keyInfo)); + } + else if (algOid.Equals(EdECObjectIdentifiers.id_Ed25519)) + { + return new Ed25519PublicKeyParameters(GetRawKey(keyInfo)); + } + else if (algOid.Equals(EdECObjectIdentifiers.id_Ed448)) + { + return new Ed448PublicKeyParameters(GetRawKey(keyInfo)); + } + else if (algOid.Equals(RosstandartObjectIdentifiers.id_tc26_gost_3410_12_256) + || algOid.Equals(RosstandartObjectIdentifiers.id_tc26_gost_3410_12_512)) + { + Gost3410PublicKeyAlgParameters gostParams = Gost3410PublicKeyAlgParameters.GetInstance(algID.Parameters); + DerObjectIdentifier publicKeyParamSet = gostParams.PublicKeyParamSet; + + ECGost3410Parameters ecDomainParameters =new ECGost3410Parameters( + new ECNamedDomainParameters(publicKeyParamSet, ECGost3410NamedCurves.GetByOidX9(publicKeyParamSet)), + publicKeyParamSet, + gostParams.DigestParamSet, + gostParams.EncryptionParamSet); + + Asn1OctetString key; + try + { + key = (Asn1OctetString)keyInfo.ParsePublicKey(); + } + catch (IOException e) + { + throw new ArgumentException("error recovering GOST3410_2012 public key", e); + } + + int fieldSize = 32; + if (algOid.Equals(RosstandartObjectIdentifiers.id_tc26_gost_3410_12_512)) + { + fieldSize = 64; + } + int keySize = 2 * fieldSize; + + byte[] keyEnc = key.GetOctets(); + if (keyEnc.Length != keySize) + throw new ArgumentException("invalid length for GOST3410_2012 public key"); + + byte[] x9Encoding = new byte[1 + keySize]; + x9Encoding[0] = 0x04; + for (int i = 1; i <= fieldSize; ++i) + { + x9Encoding[i] = keyEnc[fieldSize - i]; + x9Encoding[i + fieldSize] = keyEnc[keySize - i]; + } + + ECPoint q = ecDomainParameters.Curve.DecodePoint(x9Encoding); + + return new ECPublicKeyParameters(q, ecDomainParameters); + } + else + { + throw new SecurityUtilityException("algorithm identifier in public key not recognised: " + algOid); + } + } + + private static byte[] GetRawKey(SubjectPublicKeyInfo keyInfo) + { + /* + * TODO[RFC 8422] + * - Require keyInfo.Algorithm.Parameters == null? + */ + return keyInfo.PublicKeyData.GetOctets(); + } + + private static bool IsPkcsDHParam(Asn1Sequence seq) + { + if (seq.Count == 2) + return true; + + if (seq.Count > 3) + return false; + + DerInteger l = DerInteger.GetInstance(seq[2]); + DerInteger p = DerInteger.GetInstance(seq[0]); + + return l.Value.CompareTo(BigInteger.ValueOf(p.Value.BitLength)) <= 0; + } + + private static DHPublicKeyParameters ReadPkcsDHParam(DerObjectIdentifier algOid, + BigInteger y, Asn1Sequence seq) + { + DHParameter para = new DHParameter(seq); + + BigInteger lVal = para.L; + int l = lVal == null ? 0 : lVal.IntValue; + DHParameters dhParams = new DHParameters(para.P, para.G, null, l); + + return new DHPublicKeyParameters(y, dhParams, algOid); + } + } +} diff --git a/BouncyCastle/crypto/src/security/SecureRandom.cs b/BouncyCastle/crypto/src/security/SecureRandom.cs new file mode 100644 index 0000000..982fbf3 --- /dev/null +++ b/BouncyCastle/crypto/src/security/SecureRandom.cs @@ -0,0 +1,259 @@ +using System; +using System.Threading; + +using Org.BouncyCastle.Crypto; +using Org.BouncyCastle.Crypto.Digests; +using Org.BouncyCastle.Crypto.Prng; +using Org.BouncyCastle.Crypto.Utilities; +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Security +{ + public class SecureRandom + : Random + { + private static long counter = Times.NanoTime(); + +#if NETCF_1_0 || PORTABLE + private static object counterLock = new object(); + private static long NextCounterValue() + { + lock (counterLock) + { + return ++counter; + } + } + + private static readonly SecureRandom[] master = { null }; + private static SecureRandom Master + { + get + { + lock (master) + { + if (master[0] == null) + { + SecureRandom sr = master[0] = GetInstance("SHA256PRNG", false); + + // Even though Ticks has at most 8 or 14 bits of entropy, there's no harm in adding it. + sr.SetSeed(DateTime.Now.Ticks); + + // 32 will be enough when ThreadedSeedGenerator is fixed. Until then, ThreadedSeedGenerator returns low + // entropy, and this is not sufficient to be secure. http://www.bouncycastle.org/csharpdevmailarchive/msg00814.html + sr.SetSeed(new ThreadedSeedGenerator().GenerateSeed(32, true)); + } + + return master[0]; + } + } + } +#else + private static long NextCounterValue() + { + return Interlocked.Increment(ref counter); + } + + private static readonly SecureRandom master = new SecureRandom(new CryptoApiRandomGenerator()); + private static SecureRandom Master + { + get { return master; } + } +#endif + + private static DigestRandomGenerator CreatePrng(string digestName, bool autoSeed) + { + IDigest digest = DigestUtilities.GetDigest(digestName); + if (digest == null) + return null; + DigestRandomGenerator prng = new DigestRandomGenerator(digest); + if (autoSeed) + { + prng.AddSeedMaterial(NextCounterValue()); + prng.AddSeedMaterial(GetNextBytes(Master, digest.GetDigestSize())); + } + return prng; + } + + public static byte[] GetNextBytes(SecureRandom secureRandom, int length) + { + byte[] result = new byte[length]; + secureRandom.NextBytes(result); + return result; + } + + /// + /// Create and auto-seed an instance based on the given algorithm. + /// + /// Equivalent to GetInstance(algorithm, true) + /// e.g. "SHA256PRNG" + public static SecureRandom GetInstance(string algorithm) + { + return GetInstance(algorithm, true); + } + + /// + /// Create an instance based on the given algorithm, with optional auto-seeding + /// + /// e.g. "SHA256PRNG" + /// If true, the instance will be auto-seeded. + public static SecureRandom GetInstance(string algorithm, bool autoSeed) + { + string upper = Platform.ToUpperInvariant(algorithm); + if (Platform.EndsWith(upper, "PRNG")) + { + string digestName = upper.Substring(0, upper.Length - "PRNG".Length); + DigestRandomGenerator prng = CreatePrng(digestName, autoSeed); + if (prng != null) + { + return new SecureRandom(prng); + } + } + + throw new ArgumentException("Unrecognised PRNG algorithm: " + algorithm, "algorithm"); + } + + [Obsolete("Call GenerateSeed() on a SecureRandom instance instead")] + public static byte[] GetSeed(int length) + { + return GetNextBytes(Master, length); + } + + protected readonly IRandomGenerator generator; + + public SecureRandom() + : this(CreatePrng("SHA256", true)) + { + } + + /// + /// To replicate existing predictable output, replace with GetInstance("SHA1PRNG", false), followed by SetSeed(seed) + /// + [Obsolete("Use GetInstance/SetSeed instead")] + public SecureRandom(byte[] seed) + : this(CreatePrng("SHA1", false)) + { + SetSeed(seed); + } + + /// Use the specified instance of IRandomGenerator as random source. + /// + /// This constructor performs no seeding of either the IRandomGenerator or the + /// constructed SecureRandom. It is the responsibility of the client to provide + /// proper seed material as necessary/appropriate for the given IRandomGenerator + /// implementation. + /// + /// The source to generate all random bytes from. + public SecureRandom(IRandomGenerator generator) + : base(0) + { + this.generator = generator; + } + + public virtual byte[] GenerateSeed(int length) + { + return GetNextBytes(Master, length); + } + + public virtual void SetSeed(byte[] seed) + { + generator.AddSeedMaterial(seed); + } + + public virtual void SetSeed(long seed) + { + generator.AddSeedMaterial(seed); + } + + public override int Next() + { + return NextInt() & int.MaxValue; + } + + public override int Next(int maxValue) + { + + if (maxValue < 2) + { + if (maxValue < 0) + throw new ArgumentOutOfRangeException("maxValue", "cannot be negative"); + + return 0; + } + + int bits; + + // Test whether maxValue is a power of 2 + if ((maxValue & (maxValue - 1)) == 0) + { + bits = NextInt() & int.MaxValue; + return (int)(((long)bits * maxValue) >> 31); + } + + int result; + do + { + bits = NextInt() & int.MaxValue; + result = bits % maxValue; + } + while (bits - result + (maxValue - 1) < 0); // Ignore results near overflow + + return result; + } + + public override int Next(int minValue, int maxValue) + { + if (maxValue <= minValue) + { + if (maxValue == minValue) + return minValue; + + throw new ArgumentException("maxValue cannot be less than minValue"); + } + + int diff = maxValue - minValue; + if (diff > 0) + return minValue + Next(diff); + + for (;;) + { + int i = NextInt(); + + if (i >= minValue && i < maxValue) + return i; + } + } + + public override void NextBytes(byte[] buf) + { + generator.NextBytes(buf); + } + + public virtual void NextBytes(byte[] buf, int off, int len) + { + generator.NextBytes(buf, off, len); + } + + private static readonly double DoubleScale = 1.0 / Convert.ToDouble(1L << 53); + + public override double NextDouble() + { + ulong x = (ulong)NextLong() >> 11; + + return Convert.ToDouble(x) * DoubleScale; + } + + public virtual int NextInt() + { + byte[] bytes = new byte[4]; + NextBytes(bytes); + return (int)Pack.BE_To_UInt32(bytes, 0); + } + + public virtual long NextLong() + { + byte[] bytes = new byte[8]; + NextBytes(bytes); + return (long)Pack.BE_To_UInt64(bytes, 0); + } + } +} diff --git a/BouncyCastle/crypto/src/security/SecurityUtilityException.cs b/BouncyCastle/crypto/src/security/SecurityUtilityException.cs new file mode 100644 index 0000000..8a19530 --- /dev/null +++ b/BouncyCastle/crypto/src/security/SecurityUtilityException.cs @@ -0,0 +1,36 @@ +using System; + +namespace Org.BouncyCastle.Security +{ +#if !(NETCF_1_0 || NETCF_2_0 || SILVERLIGHT || PORTABLE) + [Serializable] +#endif + public class SecurityUtilityException + : Exception + { + /** + * base constructor. + */ + public SecurityUtilityException() + { + } + + /** + * create a SecurityUtilityException with the given message. + * + * @param message the message to be carried with the exception. + */ + public SecurityUtilityException( + string message) + : base(message) + { + } + + public SecurityUtilityException( + string message, + Exception exception) + : base(message, exception) + { + } + } +} diff --git a/BouncyCastle/crypto/src/security/SignatureException.cs b/BouncyCastle/crypto/src/security/SignatureException.cs new file mode 100644 index 0000000..3ad617d --- /dev/null +++ b/BouncyCastle/crypto/src/security/SignatureException.cs @@ -0,0 +1,14 @@ +using System; + +namespace Org.BouncyCastle.Security +{ +#if !(NETCF_1_0 || NETCF_2_0 || SILVERLIGHT || PORTABLE) + [Serializable] +#endif + public class SignatureException : GeneralSecurityException + { + public SignatureException() : base() { } + public SignatureException(string message) : base(message) { } + public SignatureException(string message, Exception exception) : base(message, exception) { } + } +} diff --git a/BouncyCastle/crypto/src/security/SignerUtilities.cs b/BouncyCastle/crypto/src/security/SignerUtilities.cs new file mode 100644 index 0000000..8a28989 --- /dev/null +++ b/BouncyCastle/crypto/src/security/SignerUtilities.cs @@ -0,0 +1,698 @@ +using System; +using System.Collections; +using System.IO; + +using Org.BouncyCastle.Asn1; +using Org.BouncyCastle.Asn1.Bsi; +using Org.BouncyCastle.Asn1.CryptoPro; +using Org.BouncyCastle.Asn1.Eac; +using Org.BouncyCastle.Asn1.EdEC; +using Org.BouncyCastle.Asn1.GM; +using Org.BouncyCastle.Asn1.Nist; +using Org.BouncyCastle.Asn1.Oiw; +using Org.BouncyCastle.Asn1.Pkcs; +using Org.BouncyCastle.Asn1.TeleTrust; +using Org.BouncyCastle.Asn1.X509; +using Org.BouncyCastle.Asn1.X9; +using Org.BouncyCastle.Security; +using Org.BouncyCastle.Crypto.Digests; +using Org.BouncyCastle.Crypto; +using Org.BouncyCastle.Crypto.Engines; +using Org.BouncyCastle.Crypto.Signers; +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Security +{ + /// + /// Signer Utility class contains methods that can not be specifically grouped into other classes. + /// + public sealed class SignerUtilities + { + private SignerUtilities() + { + } + + internal static readonly IDictionary algorithms = Platform.CreateHashtable(); + internal static readonly IDictionary oids = Platform.CreateHashtable(); + + static SignerUtilities() + { + algorithms["MD2WITHRSA"] = "MD2withRSA"; + algorithms["MD2WITHRSAENCRYPTION"] = "MD2withRSA"; + algorithms[PkcsObjectIdentifiers.MD2WithRsaEncryption.Id] = "MD2withRSA"; + + algorithms["MD4WITHRSA"] = "MD4withRSA"; + algorithms["MD4WITHRSAENCRYPTION"] = "MD4withRSA"; + algorithms[PkcsObjectIdentifiers.MD4WithRsaEncryption.Id] = "MD4withRSA"; + algorithms[OiwObjectIdentifiers.MD4WithRsa.Id] = "MD4withRSA"; + algorithms[OiwObjectIdentifiers.MD4WithRsaEncryption.Id] = "MD4withRSA"; + + algorithms["MD5WITHRSA"] = "MD5withRSA"; + algorithms["MD5WITHRSAENCRYPTION"] = "MD5withRSA"; + algorithms[PkcsObjectIdentifiers.MD5WithRsaEncryption.Id] = "MD5withRSA"; + algorithms[OiwObjectIdentifiers.MD5WithRsa.Id] = "MD5withRSA"; + + algorithms["SHA1WITHRSA"] = "SHA-1withRSA"; + algorithms["SHA-1WITHRSA"] = "SHA-1withRSA"; + algorithms["SHA1WITHRSAENCRYPTION"] = "SHA-1withRSA"; + algorithms["SHA-1WITHRSAENCRYPTION"] = "SHA-1withRSA"; + algorithms[PkcsObjectIdentifiers.Sha1WithRsaEncryption.Id] = "SHA-1withRSA"; + algorithms[OiwObjectIdentifiers.Sha1WithRsa.Id] = "SHA-1withRSA"; + + algorithms["SHA224WITHRSA"] = "SHA-224withRSA"; + algorithms["SHA-224WITHRSA"] = "SHA-224withRSA"; + algorithms["SHA224WITHRSAENCRYPTION"] = "SHA-224withRSA"; + algorithms["SHA-224WITHRSAENCRYPTION"] = "SHA-224withRSA"; + algorithms[PkcsObjectIdentifiers.Sha224WithRsaEncryption.Id] = "SHA-224withRSA"; + + algorithms["SHA256WITHRSA"] = "SHA-256withRSA"; + algorithms["SHA-256WITHRSA"] = "SHA-256withRSA"; + algorithms["SHA256WITHRSAENCRYPTION"] = "SHA-256withRSA"; + algorithms["SHA-256WITHRSAENCRYPTION"] = "SHA-256withRSA"; + algorithms[PkcsObjectIdentifiers.Sha256WithRsaEncryption.Id] = "SHA-256withRSA"; + + algorithms["SHA384WITHRSA"] = "SHA-384withRSA"; + algorithms["SHA-384WITHRSA"] = "SHA-384withRSA"; + algorithms["SHA384WITHRSAENCRYPTION"] = "SHA-384withRSA"; + algorithms["SHA-384WITHRSAENCRYPTION"] = "SHA-384withRSA"; + algorithms[PkcsObjectIdentifiers.Sha384WithRsaEncryption.Id] = "SHA-384withRSA"; + + algorithms["SHA512WITHRSA"] = "SHA-512withRSA"; + algorithms["SHA-512WITHRSA"] = "SHA-512withRSA"; + algorithms["SHA512WITHRSAENCRYPTION"] = "SHA-512withRSA"; + algorithms["SHA-512WITHRSAENCRYPTION"] = "SHA-512withRSA"; + algorithms[PkcsObjectIdentifiers.Sha512WithRsaEncryption.Id] = "SHA-512withRSA"; + + algorithms["SHA512(224)WITHRSA"] = "SHA-512(224)withRSA"; + algorithms["SHA-512(224)WITHRSA"] = "SHA-512(224)withRSA"; + algorithms["SHA512(224)WITHRSAENCRYPTION"] = "SHA-512(224)withRSA"; + algorithms["SHA-512(224)WITHRSAENCRYPTION"] = "SHA-512(224)withRSA"; + algorithms[PkcsObjectIdentifiers.Sha512_224WithRSAEncryption.Id] = "SHA-512(224)withRSA"; + + algorithms["SHA512(256)WITHRSA"] = "SHA-512(256)withRSA"; + algorithms["SHA-512(256)WITHRSA"] = "SHA-512(256)withRSA"; + algorithms["SHA512(256)WITHRSAENCRYPTION"] = "SHA-512(256)withRSA"; + algorithms["SHA-512(256)WITHRSAENCRYPTION"] = "SHA-512(256)withRSA"; + algorithms[PkcsObjectIdentifiers.Sha512_256WithRSAEncryption.Id] = "SHA-512(256)withRSA"; + + algorithms["SHA3-224WITHRSA"] = "SHA3-224withRSA"; + algorithms["SHA3-224WITHRSAENCRYPTION"] = "SHA3-224withRSA"; + algorithms[NistObjectIdentifiers.IdRsassaPkcs1V15WithSha3_224.Id] = "SHA3-224withRSA"; + algorithms["SHA3-256WITHRSA"] = "SHA3-256withRSA"; + algorithms["SHA3-256WITHRSAENCRYPTION"] = "SHA3-256withRSA"; + algorithms[NistObjectIdentifiers.IdRsassaPkcs1V15WithSha3_256.Id] = "SHA3-256withRSA"; + algorithms["SHA3-384WITHRSA"] = "SHA3-384withRSA"; + algorithms["SHA3-384WITHRSAENCRYPTION"] = "SHA3-384withRSA"; + algorithms[NistObjectIdentifiers.IdRsassaPkcs1V15WithSha3_384.Id] = "SHA3-384withRSA"; + algorithms["SHA3-512WITHRSA"] = "SHA3-512withRSA"; + algorithms["SHA3-512WITHRSAENCRYPTION"] = "SHA3-512withRSA"; + algorithms[NistObjectIdentifiers.IdRsassaPkcs1V15WithSha3_512.Id] = "SHA3-512withRSA"; + + algorithms["PSSWITHRSA"] = "PSSwithRSA"; + algorithms["RSASSA-PSS"] = "PSSwithRSA"; + algorithms[PkcsObjectIdentifiers.IdRsassaPss.Id] = "PSSwithRSA"; + algorithms["RSAPSS"] = "PSSwithRSA"; + + algorithms["SHA1WITHRSAANDMGF1"] = "SHA-1withRSAandMGF1"; + algorithms["SHA-1WITHRSAANDMGF1"] = "SHA-1withRSAandMGF1"; + algorithms["SHA1WITHRSA/PSS"] = "SHA-1withRSAandMGF1"; + algorithms["SHA-1WITHRSA/PSS"] = "SHA-1withRSAandMGF1"; + algorithms["SHA1WITHRSASSA-PSS"] = "SHA-1withRSAandMGF1"; + algorithms["SHA-1WITHRSASSA-PSS"] = "SHA-1withRSAandMGF1"; + + algorithms["SHA224WITHRSAANDMGF1"] = "SHA-224withRSAandMGF1"; + algorithms["SHA-224WITHRSAANDMGF1"] = "SHA-224withRSAandMGF1"; + algorithms["SHA224WITHRSA/PSS"] = "SHA-224withRSAandMGF1"; + algorithms["SHA-224WITHRSA/PSS"] = "SHA-224withRSAandMGF1"; + algorithms["SHA224WITHRSASSA-PSS"] = "SHA-224withRSAandMGF1"; + algorithms["SHA-224WITHRSASSA-PSS"] = "SHA-224withRSAandMGF1"; + + algorithms["SHA256WITHRSAANDMGF1"] = "SHA-256withRSAandMGF1"; + algorithms["SHA-256WITHRSAANDMGF1"] = "SHA-256withRSAandMGF1"; + algorithms["SHA256WITHRSA/PSS"] = "SHA-256withRSAandMGF1"; + algorithms["SHA-256WITHRSA/PSS"] = "SHA-256withRSAandMGF1"; + algorithms["SHA256WITHRSASSA-PSS"] = "SHA-256withRSAandMGF1"; + algorithms["SHA-256WITHRSASSA-PSS"] = "SHA-256withRSAandMGF1"; + + algorithms["SHA384WITHRSAANDMGF1"] = "SHA-384withRSAandMGF1"; + algorithms["SHA-384WITHRSAANDMGF1"] = "SHA-384withRSAandMGF1"; + algorithms["SHA384WITHRSA/PSS"] = "SHA-384withRSAandMGF1"; + algorithms["SHA-384WITHRSA/PSS"] = "SHA-384withRSAandMGF1"; + algorithms["SHA384WITHRSASSA-PSS"] = "SHA-384withRSAandMGF1"; + algorithms["SHA-384WITHRSASSA-PSS"] = "SHA-384withRSAandMGF1"; + + algorithms["SHA512WITHRSAANDMGF1"] = "SHA-512withRSAandMGF1"; + algorithms["SHA-512WITHRSAANDMGF1"] = "SHA-512withRSAandMGF1"; + algorithms["SHA512WITHRSA/PSS"] = "SHA-512withRSAandMGF1"; + algorithms["SHA-512WITHRSA/PSS"] = "SHA-512withRSAandMGF1"; + algorithms["SHA512WITHRSASSA-PSS"] = "SHA-512withRSAandMGF1"; + algorithms["SHA-512WITHRSASSA-PSS"] = "SHA-512withRSAandMGF1"; + + algorithms["RIPEMD128WITHRSA"] = "RIPEMD128withRSA"; + algorithms["RIPEMD128WITHRSAENCRYPTION"] = "RIPEMD128withRSA"; + algorithms[TeleTrusTObjectIdentifiers.RsaSignatureWithRipeMD128.Id] = "RIPEMD128withRSA"; + + algorithms["RIPEMD160WITHRSA"] = "RIPEMD160withRSA"; + algorithms["RIPEMD160WITHRSAENCRYPTION"] = "RIPEMD160withRSA"; + algorithms[TeleTrusTObjectIdentifiers.RsaSignatureWithRipeMD160.Id] = "RIPEMD160withRSA"; + + algorithms["RIPEMD256WITHRSA"] = "RIPEMD256withRSA"; + algorithms["RIPEMD256WITHRSAENCRYPTION"] = "RIPEMD256withRSA"; + algorithms[TeleTrusTObjectIdentifiers.RsaSignatureWithRipeMD256.Id] = "RIPEMD256withRSA"; + + algorithms["NONEWITHRSA"] = "RSA"; + algorithms["RSAWITHNONE"] = "RSA"; + algorithms["RAWRSA"] = "RSA"; + + algorithms["RAWRSAPSS"] = "RAWRSASSA-PSS"; + algorithms["NONEWITHRSAPSS"] = "RAWRSASSA-PSS"; + algorithms["NONEWITHRSASSA-PSS"] = "RAWRSASSA-PSS"; + + algorithms["NONEWITHDSA"] = "NONEwithDSA"; + algorithms["DSAWITHNONE"] = "NONEwithDSA"; + algorithms["RAWDSA"] = "NONEwithDSA"; + + algorithms["DSA"] = "SHA-1withDSA"; + algorithms["DSAWITHSHA1"] = "SHA-1withDSA"; + algorithms["DSAWITHSHA-1"] = "SHA-1withDSA"; + algorithms["SHA/DSA"] = "SHA-1withDSA"; + algorithms["SHA1/DSA"] = "SHA-1withDSA"; + algorithms["SHA-1/DSA"] = "SHA-1withDSA"; + algorithms["SHA1WITHDSA"] = "SHA-1withDSA"; + algorithms["SHA-1WITHDSA"] = "SHA-1withDSA"; + algorithms[X9ObjectIdentifiers.IdDsaWithSha1.Id] = "SHA-1withDSA"; + algorithms[OiwObjectIdentifiers.DsaWithSha1.Id] = "SHA-1withDSA"; + + algorithms["DSAWITHSHA224"] = "SHA-224withDSA"; + algorithms["DSAWITHSHA-224"] = "SHA-224withDSA"; + algorithms["SHA224/DSA"] = "SHA-224withDSA"; + algorithms["SHA-224/DSA"] = "SHA-224withDSA"; + algorithms["SHA224WITHDSA"] = "SHA-224withDSA"; + algorithms["SHA-224WITHDSA"] = "SHA-224withDSA"; + algorithms[NistObjectIdentifiers.DsaWithSha224.Id] = "SHA-224withDSA"; + + algorithms["DSAWITHSHA256"] = "SHA-256withDSA"; + algorithms["DSAWITHSHA-256"] = "SHA-256withDSA"; + algorithms["SHA256/DSA"] = "SHA-256withDSA"; + algorithms["SHA-256/DSA"] = "SHA-256withDSA"; + algorithms["SHA256WITHDSA"] = "SHA-256withDSA"; + algorithms["SHA-256WITHDSA"] = "SHA-256withDSA"; + algorithms[NistObjectIdentifiers.DsaWithSha256.Id] = "SHA-256withDSA"; + + algorithms["DSAWITHSHA384"] = "SHA-384withDSA"; + algorithms["DSAWITHSHA-384"] = "SHA-384withDSA"; + algorithms["SHA384/DSA"] = "SHA-384withDSA"; + algorithms["SHA-384/DSA"] = "SHA-384withDSA"; + algorithms["SHA384WITHDSA"] = "SHA-384withDSA"; + algorithms["SHA-384WITHDSA"] = "SHA-384withDSA"; + algorithms[NistObjectIdentifiers.DsaWithSha384.Id] = "SHA-384withDSA"; + + algorithms["DSAWITHSHA512"] = "SHA-512withDSA"; + algorithms["DSAWITHSHA-512"] = "SHA-512withDSA"; + algorithms["SHA512/DSA"] = "SHA-512withDSA"; + algorithms["SHA-512/DSA"] = "SHA-512withDSA"; + algorithms["SHA512WITHDSA"] = "SHA-512withDSA"; + algorithms["SHA-512WITHDSA"] = "SHA-512withDSA"; + algorithms[NistObjectIdentifiers.DsaWithSha512.Id] = "SHA-512withDSA"; + + algorithms["NONEWITHECDSA"] = "NONEwithECDSA"; + algorithms["ECDSAWITHNONE"] = "NONEwithECDSA"; + + algorithms["ECDSA"] = "SHA-1withECDSA"; + algorithms["SHA1/ECDSA"] = "SHA-1withECDSA"; + algorithms["SHA-1/ECDSA"] = "SHA-1withECDSA"; + algorithms["ECDSAWITHSHA1"] = "SHA-1withECDSA"; + algorithms["ECDSAWITHSHA-1"] = "SHA-1withECDSA"; + algorithms["SHA1WITHECDSA"] = "SHA-1withECDSA"; + algorithms["SHA-1WITHECDSA"] = "SHA-1withECDSA"; + algorithms[X9ObjectIdentifiers.ECDsaWithSha1.Id] = "SHA-1withECDSA"; + algorithms[TeleTrusTObjectIdentifiers.ECSignWithSha1.Id] = "SHA-1withECDSA"; + + algorithms["SHA224/ECDSA"] = "SHA-224withECDSA"; + algorithms["SHA-224/ECDSA"] = "SHA-224withECDSA"; + algorithms["ECDSAWITHSHA224"] = "SHA-224withECDSA"; + algorithms["ECDSAWITHSHA-224"] = "SHA-224withECDSA"; + algorithms["SHA224WITHECDSA"] = "SHA-224withECDSA"; + algorithms["SHA-224WITHECDSA"] = "SHA-224withECDSA"; + algorithms[X9ObjectIdentifiers.ECDsaWithSha224.Id] = "SHA-224withECDSA"; + + algorithms["SHA256/ECDSA"] = "SHA-256withECDSA"; + algorithms["SHA-256/ECDSA"] = "SHA-256withECDSA"; + algorithms["ECDSAWITHSHA256"] = "SHA-256withECDSA"; + algorithms["ECDSAWITHSHA-256"] = "SHA-256withECDSA"; + algorithms["SHA256WITHECDSA"] = "SHA-256withECDSA"; + algorithms["SHA-256WITHECDSA"] = "SHA-256withECDSA"; + algorithms[X9ObjectIdentifiers.ECDsaWithSha256.Id] = "SHA-256withECDSA"; + + algorithms["SHA384/ECDSA"] = "SHA-384withECDSA"; + algorithms["SHA-384/ECDSA"] = "SHA-384withECDSA"; + algorithms["ECDSAWITHSHA384"] = "SHA-384withECDSA"; + algorithms["ECDSAWITHSHA-384"] = "SHA-384withECDSA"; + algorithms["SHA384WITHECDSA"] = "SHA-384withECDSA"; + algorithms["SHA-384WITHECDSA"] = "SHA-384withECDSA"; + algorithms[X9ObjectIdentifiers.ECDsaWithSha384.Id] = "SHA-384withECDSA"; + + algorithms["SHA512/ECDSA"] = "SHA-512withECDSA"; + algorithms["SHA-512/ECDSA"] = "SHA-512withECDSA"; + algorithms["ECDSAWITHSHA512"] = "SHA-512withECDSA"; + algorithms["ECDSAWITHSHA-512"] = "SHA-512withECDSA"; + algorithms["SHA512WITHECDSA"] = "SHA-512withECDSA"; + algorithms["SHA-512WITHECDSA"] = "SHA-512withECDSA"; + algorithms[X9ObjectIdentifiers.ECDsaWithSha512.Id] = "SHA-512withECDSA"; + + algorithms["RIPEMD160/ECDSA"] = "RIPEMD160withECDSA"; + algorithms["ECDSAWITHRIPEMD160"] = "RIPEMD160withECDSA"; + algorithms["RIPEMD160WITHECDSA"] = "RIPEMD160withECDSA"; + algorithms[TeleTrusTObjectIdentifiers.ECSignWithRipeMD160.Id] = "RIPEMD160withECDSA"; + + algorithms["NONEWITHCVC-ECDSA"] = "NONEwithCVC-ECDSA"; + algorithms["CVC-ECDSAWITHNONE"] = "NONEwithCVC-ECDSA"; + + algorithms["SHA1/CVC-ECDSA"] = "SHA-1withCVC-ECDSA"; + algorithms["SHA-1/CVC-ECDSA"] = "SHA-1withCVC-ECDSA"; + algorithms["CVC-ECDSAWITHSHA1"] = "SHA-1withCVC-ECDSA"; + algorithms["CVC-ECDSAWITHSHA-1"] = "SHA-1withCVC-ECDSA"; + algorithms["SHA1WITHCVC-ECDSA"] = "SHA-1withCVC-ECDSA"; + algorithms["SHA-1WITHCVC-ECDSA"] = "SHA-1withCVC-ECDSA"; + algorithms[EacObjectIdentifiers.id_TA_ECDSA_SHA_1.Id] = "SHA-1withCVC-ECDSA"; + + algorithms["SHA224/CVC-ECDSA"] = "SHA-224withCVC-ECDSA"; + algorithms["SHA-224/CVC-ECDSA"] = "SHA-224withCVC-ECDSA"; + algorithms["CVC-ECDSAWITHSHA224"] = "SHA-224withCVC-ECDSA"; + algorithms["CVC-ECDSAWITHSHA-224"] = "SHA-224withCVC-ECDSA"; + algorithms["SHA224WITHCVC-ECDSA"] = "SHA-224withCVC-ECDSA"; + algorithms["SHA-224WITHCVC-ECDSA"] = "SHA-224withCVC-ECDSA"; + algorithms[EacObjectIdentifiers.id_TA_ECDSA_SHA_224.Id] = "SHA-224withCVC-ECDSA"; + + algorithms["SHA256/CVC-ECDSA"] = "SHA-256withCVC-ECDSA"; + algorithms["SHA-256/CVC-ECDSA"] = "SHA-256withCVC-ECDSA"; + algorithms["CVC-ECDSAWITHSHA256"] = "SHA-256withCVC-ECDSA"; + algorithms["CVC-ECDSAWITHSHA-256"] = "SHA-256withCVC-ECDSA"; + algorithms["SHA256WITHCVC-ECDSA"] = "SHA-256withCVC-ECDSA"; + algorithms["SHA-256WITHCVC-ECDSA"] = "SHA-256withCVC-ECDSA"; + algorithms[EacObjectIdentifiers.id_TA_ECDSA_SHA_256.Id] = "SHA-256withCVC-ECDSA"; + + algorithms["SHA384/CVC-ECDSA"] = "SHA-384withCVC-ECDSA"; + algorithms["SHA-384/CVC-ECDSA"] = "SHA-384withCVC-ECDSA"; + algorithms["CVC-ECDSAWITHSHA384"] = "SHA-384withCVC-ECDSA"; + algorithms["CVC-ECDSAWITHSHA-384"] = "SHA-384withCVC-ECDSA"; + algorithms["SHA384WITHCVC-ECDSA"] = "SHA-384withCVC-ECDSA"; + algorithms["SHA-384WITHCVC-ECDSA"] = "SHA-384withCVC-ECDSA"; + algorithms[EacObjectIdentifiers.id_TA_ECDSA_SHA_384.Id] = "SHA-384withCVC-ECDSA"; + + algorithms["SHA512/CVC-ECDSA"] = "SHA-512withCVC-ECDSA"; + algorithms["SHA-512/CVC-ECDSA"] = "SHA-512withCVC-ECDSA"; + algorithms["CVC-ECDSAWITHSHA512"] = "SHA-512withCVC-ECDSA"; + algorithms["CVC-ECDSAWITHSHA-512"] = "SHA-512withCVC-ECDSA"; + algorithms["SHA512WITHCVC-ECDSA"] = "SHA-512withCVC-ECDSA"; + algorithms["SHA-512WITHCVC-ECDSA"] = "SHA-512withCVC-ECDSA"; + algorithms[EacObjectIdentifiers.id_TA_ECDSA_SHA_512.Id] = "SHA-512withCVC-ECDSA"; + + algorithms["NONEWITHPLAIN-ECDSA"] = "NONEwithPLAIN-ECDSA"; + algorithms["PLAIN-ECDSAWITHNONE"] = "NONEwithPLAIN-ECDSA"; + + algorithms["SHA1/PLAIN-ECDSA"] = "SHA-1withPLAIN-ECDSA"; + algorithms["SHA-1/PLAIN-ECDSA"] = "SHA-1withPLAIN-ECDSA"; + algorithms["PLAIN-ECDSAWITHSHA1"] = "SHA-1withPLAIN-ECDSA"; + algorithms["PLAIN-ECDSAWITHSHA-1"] = "SHA-1withPLAIN-ECDSA"; + algorithms["SHA1WITHPLAIN-ECDSA"] = "SHA-1withPLAIN-ECDSA"; + algorithms["SHA-1WITHPLAIN-ECDSA"] = "SHA-1withPLAIN-ECDSA"; + algorithms[BsiObjectIdentifiers.ecdsa_plain_SHA1.Id] = "SHA-1withPLAIN-ECDSA"; + + algorithms["SHA224/PLAIN-ECDSA"] = "SHA-224withPLAIN-ECDSA"; + algorithms["SHA-224/PLAIN-ECDSA"] = "SHA-224withPLAIN-ECDSA"; + algorithms["PLAIN-ECDSAWITHSHA224"] = "SHA-224withPLAIN-ECDSA"; + algorithms["PLAIN-ECDSAWITHSHA-224"] = "SHA-224withPLAIN-ECDSA"; + algorithms["SHA224WITHPLAIN-ECDSA"] = "SHA-224withPLAIN-ECDSA"; + algorithms["SHA-224WITHPLAIN-ECDSA"] = "SHA-224withPLAIN-ECDSA"; + algorithms[BsiObjectIdentifiers.ecdsa_plain_SHA224.Id] = "SHA-224withPLAIN-ECDSA"; + + algorithms["SHA256/PLAIN-ECDSA"] = "SHA-256withPLAIN-ECDSA"; + algorithms["SHA-256/PLAIN-ECDSA"] = "SHA-256withPLAIN-ECDSA"; + algorithms["PLAIN-ECDSAWITHSHA256"] = "SHA-256withPLAIN-ECDSA"; + algorithms["PLAIN-ECDSAWITHSHA-256"] = "SHA-256withPLAIN-ECDSA"; + algorithms["SHA256WITHPLAIN-ECDSA"] = "SHA-256withPLAIN-ECDSA"; + algorithms["SHA-256WITHPLAIN-ECDSA"] = "SHA-256withPLAIN-ECDSA"; + algorithms[BsiObjectIdentifiers.ecdsa_plain_SHA256.Id] = "SHA-256withPLAIN-ECDSA"; + + algorithms["SHA384/PLAIN-ECDSA"] = "SHA-384withPLAIN-ECDSA"; + algorithms["SHA-384/PLAIN-ECDSA"] = "SHA-384withPLAIN-ECDSA"; + algorithms["PLAIN-ECDSAWITHSHA384"] = "SHA-384withPLAIN-ECDSA"; + algorithms["PLAIN-ECDSAWITHSHA-384"] = "SHA-384withPLAIN-ECDSA"; + algorithms["SHA384WITHPLAIN-ECDSA"] = "SHA-384withPLAIN-ECDSA"; + algorithms["SHA-384WITHPLAIN-ECDSA"] = "SHA-384withPLAIN-ECDSA"; + algorithms[BsiObjectIdentifiers.ecdsa_plain_SHA384.Id] = "SHA-384withPLAIN-ECDSA"; + + algorithms["SHA512/PLAIN-ECDSA"] = "SHA-512withPLAIN-ECDSA"; + algorithms["SHA-512/PLAIN-ECDSA"] = "SHA-512withPLAIN-ECDSA"; + algorithms["PLAIN-ECDSAWITHSHA512"] = "SHA-512withPLAIN-ECDSA"; + algorithms["PLAIN-ECDSAWITHSHA-512"] = "SHA-512withPLAIN-ECDSA"; + algorithms["SHA512WITHPLAIN-ECDSA"] = "SHA-512withPLAIN-ECDSA"; + algorithms["SHA-512WITHPLAIN-ECDSA"] = "SHA-512withPLAIN-ECDSA"; + algorithms[BsiObjectIdentifiers.ecdsa_plain_SHA512.Id] = "SHA-512withPLAIN-ECDSA"; + + algorithms["RIPEMD160/PLAIN-ECDSA"] = "RIPEMD160withPLAIN-ECDSA"; + algorithms["PLAIN-ECDSAWITHRIPEMD160"] = "RIPEMD160withPLAIN-ECDSA"; + algorithms["RIPEMD160WITHPLAIN-ECDSA"] = "RIPEMD160withPLAIN-ECDSA"; + algorithms[BsiObjectIdentifiers.ecdsa_plain_RIPEMD160.Id] = "RIPEMD160withPLAIN-ECDSA"; + + algorithms["SHA1WITHECNR"] = "SHA-1withECNR"; + algorithms["SHA-1WITHECNR"] = "SHA-1withECNR"; + algorithms["SHA224WITHECNR"] = "SHA-224withECNR"; + algorithms["SHA-224WITHECNR"] = "SHA-224withECNR"; + algorithms["SHA256WITHECNR"] = "SHA-256withECNR"; + algorithms["SHA-256WITHECNR"] = "SHA-256withECNR"; + algorithms["SHA384WITHECNR"] = "SHA-384withECNR"; + algorithms["SHA-384WITHECNR"] = "SHA-384withECNR"; + algorithms["SHA512WITHECNR"] = "SHA-512withECNR"; + algorithms["SHA-512WITHECNR"] = "SHA-512withECNR"; + + algorithms["GOST-3410"] = "GOST3410"; + algorithms["GOST-3410-94"] = "GOST3410"; + algorithms["GOST3411WITHGOST3410"] = "GOST3410"; + algorithms[CryptoProObjectIdentifiers.GostR3411x94WithGostR3410x94.Id] = "GOST3410"; + + algorithms["ECGOST-3410"] = "ECGOST3410"; + algorithms["ECGOST-3410-2001"] = "ECGOST3410"; + algorithms["GOST3411WITHECGOST3410"] = "ECGOST3410"; + algorithms[CryptoProObjectIdentifiers.GostR3411x94WithGostR3410x2001.Id] = "ECGOST3410"; + + algorithms["ED25519"] = "Ed25519"; + algorithms[EdECObjectIdentifiers.id_Ed25519.Id] = "Ed25519"; + algorithms["ED25519CTX"] = "Ed25519ctx"; + algorithms["ED25519PH"] = "Ed25519ph"; + algorithms["ED448"] = "Ed448"; + algorithms[EdECObjectIdentifiers.id_Ed448.Id] = "Ed448"; + algorithms["ED448PH"] = "Ed448ph"; + + algorithms["SHA256WITHSM2"] = "SHA256withSM2"; + algorithms[GMObjectIdentifiers.sm2sign_with_sha256.Id] = "SHA256withSM2"; + algorithms["SM3WITHSM2"] = "SM3withSM2"; + algorithms[GMObjectIdentifiers.sm2sign_with_sm3.Id] = "SM3withSM2"; + + oids["MD2withRSA"] = PkcsObjectIdentifiers.MD2WithRsaEncryption; + oids["MD4withRSA"] = PkcsObjectIdentifiers.MD4WithRsaEncryption; + oids["MD5withRSA"] = PkcsObjectIdentifiers.MD5WithRsaEncryption; + + oids["SHA-1withRSA"] = PkcsObjectIdentifiers.Sha1WithRsaEncryption; + oids["SHA-224withRSA"] = PkcsObjectIdentifiers.Sha224WithRsaEncryption; + oids["SHA-256withRSA"] = PkcsObjectIdentifiers.Sha256WithRsaEncryption; + oids["SHA-384withRSA"] = PkcsObjectIdentifiers.Sha384WithRsaEncryption; + oids["SHA-512withRSA"] = PkcsObjectIdentifiers.Sha512WithRsaEncryption; + oids["SHA-512(224)withRSA"] = PkcsObjectIdentifiers.Sha512_224WithRSAEncryption; + oids["SHA-512(256)withRSA"] = PkcsObjectIdentifiers.Sha512_256WithRSAEncryption; + oids["SHA3-224withRSA"] = NistObjectIdentifiers.IdRsassaPkcs1V15WithSha3_224; + oids["SHA3-256withRSA"] = NistObjectIdentifiers.IdRsassaPkcs1V15WithSha3_256; + oids["SHA3-384withRSA"] = NistObjectIdentifiers.IdRsassaPkcs1V15WithSha3_384; + oids["SHA3-512withRSA"] = NistObjectIdentifiers.IdRsassaPkcs1V15WithSha3_512; + + oids["PSSwithRSA"] = PkcsObjectIdentifiers.IdRsassaPss; + oids["SHA-1withRSAandMGF1"] = PkcsObjectIdentifiers.IdRsassaPss; + oids["SHA-224withRSAandMGF1"] = PkcsObjectIdentifiers.IdRsassaPss; + oids["SHA-256withRSAandMGF1"] = PkcsObjectIdentifiers.IdRsassaPss; + oids["SHA-384withRSAandMGF1"] = PkcsObjectIdentifiers.IdRsassaPss; + oids["SHA-512withRSAandMGF1"] = PkcsObjectIdentifiers.IdRsassaPss; + + oids["RIPEMD128withRSA"] = TeleTrusTObjectIdentifiers.RsaSignatureWithRipeMD128; + oids["RIPEMD160withRSA"] = TeleTrusTObjectIdentifiers.RsaSignatureWithRipeMD160; + oids["RIPEMD256withRSA"] = TeleTrusTObjectIdentifiers.RsaSignatureWithRipeMD256; + + oids["SHA-1withDSA"] = X9ObjectIdentifiers.IdDsaWithSha1; + + oids["SHA-1withECDSA"] = X9ObjectIdentifiers.ECDsaWithSha1; + oids["SHA-224withECDSA"] = X9ObjectIdentifiers.ECDsaWithSha224; + oids["SHA-256withECDSA"] = X9ObjectIdentifiers.ECDsaWithSha256; + oids["SHA-384withECDSA"] = X9ObjectIdentifiers.ECDsaWithSha384; + oids["SHA-512withECDSA"] = X9ObjectIdentifiers.ECDsaWithSha512; + oids["RIPEMD160withECDSA"] = TeleTrusTObjectIdentifiers.ECSignWithRipeMD160; + + oids["SHA-1withCVC-ECDSA"] = EacObjectIdentifiers.id_TA_ECDSA_SHA_1; + oids["SHA-224withCVC-ECDSA"] = EacObjectIdentifiers.id_TA_ECDSA_SHA_224; + oids["SHA-256withCVC-ECDSA"] = EacObjectIdentifiers.id_TA_ECDSA_SHA_256; + oids["SHA-384withCVC-ECDSA"] = EacObjectIdentifiers.id_TA_ECDSA_SHA_384; + oids["SHA-512withCVC-ECDSA"] = EacObjectIdentifiers.id_TA_ECDSA_SHA_512; + + oids["SHA-1withPLAIN-ECDSA"] = BsiObjectIdentifiers.ecdsa_plain_SHA1; + oids["SHA-224withPLAIN-ECDSA"] = BsiObjectIdentifiers.ecdsa_plain_SHA224; + oids["SHA-256withPLAIN-ECDSA"] = BsiObjectIdentifiers.ecdsa_plain_SHA256; + oids["SHA-384withPLAIN-ECDSA"] = BsiObjectIdentifiers.ecdsa_plain_SHA384; + oids["SHA-512withPLAIN-ECDSA"] = BsiObjectIdentifiers.ecdsa_plain_SHA512; + oids["RIPEMD160withPLAIN-ECDSA"] = BsiObjectIdentifiers.ecdsa_plain_RIPEMD160; + + oids["GOST3410"] = CryptoProObjectIdentifiers.GostR3411x94WithGostR3410x94; + oids["ECGOST3410"] = CryptoProObjectIdentifiers.GostR3411x94WithGostR3410x2001; + + oids["Ed25519"] = EdECObjectIdentifiers.id_Ed25519; + oids["Ed448"] = EdECObjectIdentifiers.id_Ed448; + + oids["SHA256withSM2"] = GMObjectIdentifiers.sm2sign_with_sha256; + oids["SM3withSM2"] = GMObjectIdentifiers.sm2sign_with_sm3; + } + + /// + /// Returns an ObjectIdentifier for a given encoding. + /// + /// A string representation of the encoding. + /// A DerObjectIdentifier, null if the OID is not available. + // TODO Don't really want to support this + public static DerObjectIdentifier GetObjectIdentifier( + string mechanism) + { + if (mechanism == null) + throw new ArgumentNullException("mechanism"); + + mechanism = Platform.ToUpperInvariant(mechanism); + string aliased = (string) algorithms[mechanism]; + + if (aliased != null) + mechanism = aliased; + + return (DerObjectIdentifier) oids[mechanism]; + } + + public static ICollection Algorithms + { + get { return oids.Keys; } + } + + public static Asn1Encodable GetDefaultX509Parameters( + DerObjectIdentifier id) + { + return GetDefaultX509Parameters(id.Id); + } + + public static Asn1Encodable GetDefaultX509Parameters( + string algorithm) + { + if (algorithm == null) + throw new ArgumentNullException("algorithm"); + + algorithm = Platform.ToUpperInvariant(algorithm); + + string mechanism = (string) algorithms[algorithm]; + + if (mechanism == null) + mechanism = algorithm; + + if (mechanism == "PSSwithRSA") + { + // TODO The Sha1Digest here is a default. In JCE version, the actual digest + // to be used can be overridden by subsequent parameter settings. + return GetPssX509Parameters("SHA-1"); + } + + if (Platform.EndsWith(mechanism, "withRSAandMGF1")) + { + string digestName = mechanism.Substring(0, mechanism.Length - "withRSAandMGF1".Length); + return GetPssX509Parameters(digestName); + } + + return DerNull.Instance; + } + + private static Asn1Encodable GetPssX509Parameters( + string digestName) + { + AlgorithmIdentifier hashAlgorithm = new AlgorithmIdentifier( + DigestUtilities.GetObjectIdentifier(digestName), DerNull.Instance); + + // TODO Is it possible for the MGF hash alg to be different from the PSS one? + AlgorithmIdentifier maskGenAlgorithm = new AlgorithmIdentifier( + PkcsObjectIdentifiers.IdMgf1, hashAlgorithm); + + int saltLen = DigestUtilities.GetDigest(digestName).GetDigestSize(); + return new RsassaPssParameters(hashAlgorithm, maskGenAlgorithm, + new DerInteger(saltLen), new DerInteger(1)); + } + + public static ISigner GetSigner( + DerObjectIdentifier id) + { + return GetSigner(id.Id); + } + + public static ISigner GetSigner( + string algorithm) + { + if (algorithm == null) + throw new ArgumentNullException("algorithm"); + + algorithm = Platform.ToUpperInvariant(algorithm); + + string mechanism = (string) algorithms[algorithm]; + + if (mechanism == null) + mechanism = algorithm; + + if (Platform.StartsWith(mechanism, "Ed")) + { + if (mechanism.Equals("Ed25519")) + { + return new Ed25519Signer(); + } + if (mechanism.Equals("Ed25519ctx")) + { + return new Ed25519ctxSigner(Arrays.EmptyBytes); + } + if (mechanism.Equals("Ed25519ph")) + { + return new Ed25519phSigner(Arrays.EmptyBytes); + } + if (mechanism.Equals("Ed448")) + { + return new Ed448Signer(Arrays.EmptyBytes); + } + if (mechanism.Equals("Ed448ph")) + { + return new Ed448phSigner(Arrays.EmptyBytes); + } + } + + if (mechanism.Equals("RSA")) + { + return (new RsaDigestSigner(new NullDigest(), (AlgorithmIdentifier)null)); + } + if (mechanism.Equals("RAWRSASSA-PSS")) + { + // TODO Add support for other parameter settings + return PssSigner.CreateRawSigner(new RsaBlindedEngine(), new Sha1Digest()); + } + if (mechanism.Equals("PSSwithRSA")) + { + // TODO The Sha1Digest here is a default. In JCE version, the actual digest + // to be used can be overridden by subsequent parameter settings. + return new PssSigner(new RsaBlindedEngine(), new Sha1Digest()); + } + if (Platform.EndsWith(mechanism, "withRSA")) + { + string digestName = mechanism.Substring(0, mechanism.LastIndexOf("with")); + IDigest digest = DigestUtilities.GetDigest(digestName); + return new RsaDigestSigner(digest); + } + if (Platform.EndsWith(mechanism, "withRSAandMGF1")) + { + string digestName = mechanism.Substring(0, mechanism.LastIndexOf("with")); + IDigest digest = DigestUtilities.GetDigest(digestName); + return new PssSigner(new RsaBlindedEngine(), digest); + } + + if (Platform.EndsWith(mechanism, "withDSA")) + { + string digestName = mechanism.Substring(0, mechanism.LastIndexOf("with")); + IDigest digest = DigestUtilities.GetDigest(digestName); + return new DsaDigestSigner(new DsaSigner(), digest); + } + + if (Platform.EndsWith(mechanism, "withECDSA")) + { + string digestName = mechanism.Substring(0, mechanism.LastIndexOf("with")); + IDigest digest = DigestUtilities.GetDigest(digestName); + return new DsaDigestSigner(new ECDsaSigner(), digest); + } + + if (Platform.EndsWith(mechanism, "withCVC-ECDSA") + || Platform.EndsWith(mechanism, "withPLAIN-ECDSA")) + { + string digestName = mechanism.Substring(0, mechanism.LastIndexOf("with")); + IDigest digest = DigestUtilities.GetDigest(digestName); + return new DsaDigestSigner(new ECDsaSigner(), digest, PlainDsaEncoding.Instance); + } + + if (Platform.EndsWith(mechanism, "withECNR")) + { + string digestName = mechanism.Substring(0, mechanism.LastIndexOf("with")); + IDigest digest = DigestUtilities.GetDigest(digestName); + return new DsaDigestSigner(new ECNRSigner(), digest); + } + + if (Platform.EndsWith(mechanism, "withSM2")) + { + string digestName = mechanism.Substring(0, mechanism.LastIndexOf("with")); + IDigest digest = DigestUtilities.GetDigest(digestName); + return new SM2Signer(digest); + } + + if (mechanism.Equals("GOST3410")) + { + return new Gost3410DigestSigner(new Gost3410Signer(), new Gost3411Digest()); + } + if (mechanism.Equals("ECGOST3410")) + { + return new Gost3410DigestSigner(new ECGost3410Signer(), new Gost3411Digest()); + } + + if (mechanism.Equals("SHA1WITHRSA/ISO9796-2")) + { + return new Iso9796d2Signer(new RsaBlindedEngine(), new Sha1Digest(), true); + } + if (mechanism.Equals("MD5WITHRSA/ISO9796-2")) + { + return new Iso9796d2Signer(new RsaBlindedEngine(), new MD5Digest(), true); + } + if (mechanism.Equals("RIPEMD160WITHRSA/ISO9796-2")) + { + return new Iso9796d2Signer(new RsaBlindedEngine(), new RipeMD160Digest(), true); + } + + if (Platform.EndsWith(mechanism, "/X9.31")) + { + string x931 = mechanism.Substring(0, mechanism.Length - "/X9.31".Length); + int withPos = Platform.IndexOf(x931, "WITH"); + if (withPos > 0) + { + int endPos = withPos + "WITH".Length; + + string digestName = x931.Substring(0, withPos); + IDigest digest = DigestUtilities.GetDigest(digestName); + + string cipherName = x931.Substring(endPos, x931.Length - endPos); + if (cipherName.Equals("RSA")) + { + IAsymmetricBlockCipher cipher = new RsaBlindedEngine(); + return new X931Signer(cipher, digest); + } + } + } + + throw new SecurityUtilityException("Signer " + algorithm + " not recognised."); + } + + public static string GetEncodingName( + DerObjectIdentifier oid) + { + return (string) algorithms[oid.Id]; + } + + public static ISigner InitSigner(DerObjectIdentifier algorithmOid, bool forSigning, AsymmetricKeyParameter privateKey, SecureRandom random) + { + return InitSigner(algorithmOid.Id, forSigning, privateKey, random); + } + + public static ISigner InitSigner(string algorithm, bool forSigning, AsymmetricKeyParameter privateKey, SecureRandom random) + { + ISigner signer = SignerUtilities.GetSigner(algorithm); + signer.Init(forSigning, ParameterUtilities.WithRandom(privateKey, random)); + return signer; + } + } +} diff --git a/BouncyCastle/crypto/src/security/WrapperUtilities.cs b/BouncyCastle/crypto/src/security/WrapperUtilities.cs new file mode 100644 index 0000000..c576320 --- /dev/null +++ b/BouncyCastle/crypto/src/security/WrapperUtilities.cs @@ -0,0 +1,153 @@ +using System; +using System.Collections; + +using Org.BouncyCastle.Asn1; +using Org.BouncyCastle.Asn1.Kisa; +using Org.BouncyCastle.Asn1.Nist; +using Org.BouncyCastle.Asn1.Ntt; +using Org.BouncyCastle.Asn1.Pkcs; +using Org.BouncyCastle.Crypto; +using Org.BouncyCastle.Crypto.Engines; +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Security +{ + /// + /// Utility class for creating IWrapper objects from their names/Oids + /// + public sealed class WrapperUtilities + { + private enum WrapAlgorithm { AESWRAP, CAMELLIAWRAP, DESEDEWRAP, RC2WRAP, SEEDWRAP, + DESEDERFC3211WRAP, AESRFC3211WRAP, CAMELLIARFC3211WRAP }; + + private WrapperUtilities() + { + } + + private static readonly IDictionary algorithms = Platform.CreateHashtable(); + //private static readonly IDictionary oids = Platform.CreateHashtable(); + + static WrapperUtilities() + { + // Signal to obfuscation tools not to change enum constants + ((WrapAlgorithm)Enums.GetArbitraryValue(typeof(WrapAlgorithm))).ToString(); + + algorithms[NistObjectIdentifiers.IdAes128Wrap.Id] = "AESWRAP"; + algorithms[NistObjectIdentifiers.IdAes192Wrap.Id] = "AESWRAP"; + algorithms[NistObjectIdentifiers.IdAes256Wrap.Id] = "AESWRAP"; + + algorithms[NttObjectIdentifiers.IdCamellia128Wrap.Id] = "CAMELLIAWRAP"; + algorithms[NttObjectIdentifiers.IdCamellia192Wrap.Id] = "CAMELLIAWRAP"; + algorithms[NttObjectIdentifiers.IdCamellia256Wrap.Id] = "CAMELLIAWRAP"; + + algorithms[PkcsObjectIdentifiers.IdAlgCms3DesWrap.Id] = "DESEDEWRAP"; + algorithms["TDEAWRAP"] = "DESEDEWRAP"; + + algorithms[PkcsObjectIdentifiers.IdAlgCmsRC2Wrap.Id] = "RC2WRAP"; + + algorithms[KisaObjectIdentifiers.IdNpkiAppCmsSeedWrap.Id] = "SEEDWRAP"; + } + + public static IWrapper GetWrapper( + DerObjectIdentifier oid) + { + return GetWrapper(oid.Id); + } + + public static IWrapper GetWrapper( + string algorithm) + { + string upper = Platform.ToUpperInvariant(algorithm); + string mechanism = (string)algorithms[upper]; + + if (mechanism == null) + { + mechanism = upper; + } + + try + { + WrapAlgorithm wrapAlgorithm = (WrapAlgorithm)Enums.GetEnumValue( + typeof(WrapAlgorithm), mechanism); + + switch (wrapAlgorithm) + { + case WrapAlgorithm.AESWRAP: return new AesWrapEngine(); + case WrapAlgorithm.CAMELLIAWRAP: return new CamelliaWrapEngine(); + case WrapAlgorithm.DESEDEWRAP: return new DesEdeWrapEngine(); + case WrapAlgorithm.RC2WRAP: return new RC2WrapEngine(); + case WrapAlgorithm.SEEDWRAP: return new SeedWrapEngine(); + case WrapAlgorithm.DESEDERFC3211WRAP: return new Rfc3211WrapEngine(new DesEdeEngine()); + case WrapAlgorithm.AESRFC3211WRAP: return new Rfc3211WrapEngine(new AesEngine()); + case WrapAlgorithm.CAMELLIARFC3211WRAP: return new Rfc3211WrapEngine(new CamelliaEngine()); + } + } + catch (ArgumentException) + { + } + + // Create an IBufferedCipher and use it as IWrapper (via BufferedCipherWrapper) + IBufferedCipher blockCipher = CipherUtilities.GetCipher(algorithm); + + if (blockCipher != null) + return new BufferedCipherWrapper(blockCipher); + + throw new SecurityUtilityException("Wrapper " + algorithm + " not recognised."); + } + + public static string GetAlgorithmName( + DerObjectIdentifier oid) + { + return (string) algorithms[oid.Id]; + } + + private class BufferedCipherWrapper + : IWrapper + { + private readonly IBufferedCipher cipher; + private bool forWrapping; + + public BufferedCipherWrapper( + IBufferedCipher cipher) + { + this.cipher = cipher; + } + + public string AlgorithmName + { + get { return cipher.AlgorithmName; } + } + + public void Init( + bool forWrapping, + ICipherParameters parameters) + { + this.forWrapping = forWrapping; + + cipher.Init(forWrapping, parameters); + } + + public byte[] Wrap( + byte[] input, + int inOff, + int length) + { + if (!forWrapping) + throw new InvalidOperationException("Not initialised for wrapping"); + + return cipher.DoFinal(input, inOff, length); + } + + public byte[] Unwrap( + byte[] input, + int inOff, + int length) + { + if (forWrapping) + throw new InvalidOperationException("Not initialised for unwrapping"); + + return cipher.DoFinal(input, inOff, length); + } + } + } +} diff --git a/BouncyCastle/crypto/src/security/cert/CertificateEncodingException.cs b/BouncyCastle/crypto/src/security/cert/CertificateEncodingException.cs new file mode 100644 index 0000000..ab9024f --- /dev/null +++ b/BouncyCastle/crypto/src/security/cert/CertificateEncodingException.cs @@ -0,0 +1,14 @@ +using System; + +namespace Org.BouncyCastle.Security.Certificates +{ +#if !(NETCF_1_0 || NETCF_2_0 || SILVERLIGHT || PORTABLE) + [Serializable] +#endif + public class CertificateEncodingException : CertificateException + { + public CertificateEncodingException() : base() { } + public CertificateEncodingException(string msg) : base(msg) { } + public CertificateEncodingException(string msg, Exception e) : base(msg, e) { } + } +} diff --git a/BouncyCastle/crypto/src/security/cert/CertificateException.cs b/BouncyCastle/crypto/src/security/cert/CertificateException.cs new file mode 100644 index 0000000..4bbaccf --- /dev/null +++ b/BouncyCastle/crypto/src/security/cert/CertificateException.cs @@ -0,0 +1,14 @@ +using System; + +namespace Org.BouncyCastle.Security.Certificates +{ +#if !(NETCF_1_0 || NETCF_2_0 || SILVERLIGHT || PORTABLE) + [Serializable] +#endif + public class CertificateException : GeneralSecurityException + { + public CertificateException() : base() { } + public CertificateException(string message) : base(message) { } + public CertificateException(string message, Exception exception) : base(message, exception) { } + } +} diff --git a/BouncyCastle/crypto/src/security/cert/CertificateExpiredException.cs b/BouncyCastle/crypto/src/security/cert/CertificateExpiredException.cs new file mode 100644 index 0000000..864fb85 --- /dev/null +++ b/BouncyCastle/crypto/src/security/cert/CertificateExpiredException.cs @@ -0,0 +1,14 @@ +using System; + +namespace Org.BouncyCastle.Security.Certificates +{ +#if !(NETCF_1_0 || NETCF_2_0 || SILVERLIGHT || PORTABLE) + [Serializable] +#endif + public class CertificateExpiredException : CertificateException + { + public CertificateExpiredException() : base() { } + public CertificateExpiredException(string message) : base(message) { } + public CertificateExpiredException(string message, Exception exception) : base(message, exception) { } + } +} diff --git a/BouncyCastle/crypto/src/security/cert/CertificateNotYetValidException.cs b/BouncyCastle/crypto/src/security/cert/CertificateNotYetValidException.cs new file mode 100644 index 0000000..02112be --- /dev/null +++ b/BouncyCastle/crypto/src/security/cert/CertificateNotYetValidException.cs @@ -0,0 +1,14 @@ +using System; + +namespace Org.BouncyCastle.Security.Certificates +{ +#if !(NETCF_1_0 || NETCF_2_0 || SILVERLIGHT || PORTABLE) + [Serializable] +#endif + public class CertificateNotYetValidException : CertificateException + { + public CertificateNotYetValidException() : base() { } + public CertificateNotYetValidException(string message) : base(message) { } + public CertificateNotYetValidException(string message, Exception exception) : base(message, exception) { } + } +} diff --git a/BouncyCastle/crypto/src/security/cert/CertificateParsingException.cs b/BouncyCastle/crypto/src/security/cert/CertificateParsingException.cs new file mode 100644 index 0000000..ae909ca --- /dev/null +++ b/BouncyCastle/crypto/src/security/cert/CertificateParsingException.cs @@ -0,0 +1,14 @@ +using System; + +namespace Org.BouncyCastle.Security.Certificates +{ +#if !(NETCF_1_0 || NETCF_2_0 || SILVERLIGHT || PORTABLE) + [Serializable] +#endif + public class CertificateParsingException : CertificateException + { + public CertificateParsingException() : base() { } + public CertificateParsingException(string message) : base(message) { } + public CertificateParsingException(string message, Exception exception) : base(message, exception) { } + } +} diff --git a/BouncyCastle/crypto/src/security/cert/CrlException.cs b/BouncyCastle/crypto/src/security/cert/CrlException.cs new file mode 100644 index 0000000..fe9807e --- /dev/null +++ b/BouncyCastle/crypto/src/security/cert/CrlException.cs @@ -0,0 +1,14 @@ +using System; + +namespace Org.BouncyCastle.Security.Certificates +{ +#if !(NETCF_1_0 || NETCF_2_0 || SILVERLIGHT || PORTABLE) + [Serializable] +#endif + public class CrlException : GeneralSecurityException + { + public CrlException() : base() { } + public CrlException(string msg) : base(msg) {} + public CrlException(string msg, Exception e) : base(msg, e) {} + } +} diff --git a/BouncyCastle/crypto/src/tls/AbstractTlsClient.cs b/BouncyCastle/crypto/src/tls/AbstractTlsClient.cs new file mode 100644 index 0000000..d5e1925 --- /dev/null +++ b/BouncyCastle/crypto/src/tls/AbstractTlsClient.cs @@ -0,0 +1,445 @@ +using System; +using System.Collections; +using System.IO; + +using Org.BouncyCastle.Tls.Crypto; +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Tls +{ + /// Base class for a TLS client. + public abstract class AbstractTlsClient + : AbstractTlsPeer, TlsClient + { + protected TlsClientContext m_context; + protected ProtocolVersion[] m_protocolVersions; + protected int[] m_cipherSuites; + + protected IList m_supportedGroups; + protected IList m_supportedSignatureAlgorithms; + protected IList m_supportedSignatureAlgorithmsCert; + + protected AbstractTlsClient(TlsCrypto crypto) + : base(crypto) + { + } + + /// + protected virtual bool AllowUnexpectedServerExtension(int extensionType, byte[] extensionData) + { + switch (extensionType) + { + case ExtensionType.supported_groups: + /* + * Exception added based on field reports that some servers do send this, although the + * Supported Elliptic Curves Extension is clearly intended to be client-only. If + * present, we still require that it is a valid EllipticCurveList. + */ + TlsExtensionsUtilities.ReadSupportedGroupsExtension(extensionData); + return true; + + case ExtensionType.ec_point_formats: + /* + * Exception added based on field reports that some servers send this even when they + * didn't negotiate an ECC cipher suite. If present, we still require that it is a valid + * ECPointFormatList. + */ + TlsExtensionsUtilities.ReadSupportedPointFormatsExtension(extensionData); + return true; + + default: + return false; + } + } + + protected virtual IList GetNamedGroupRoles() + { + IList namedGroupRoles = TlsUtilities.GetNamedGroupRoles(GetCipherSuites()); + IList sigAlgs = m_supportedSignatureAlgorithms, sigAlgsCert = m_supportedSignatureAlgorithmsCert; + + if ((null == sigAlgs || TlsUtilities.ContainsAnySignatureAlgorithm(sigAlgs, SignatureAlgorithm.ecdsa)) + || (null != sigAlgsCert + && TlsUtilities.ContainsAnySignatureAlgorithm(sigAlgsCert, SignatureAlgorithm.ecdsa))) + { + TlsUtilities.AddToSet(namedGroupRoles, NamedGroupRole.ecdsa); + } + + return namedGroupRoles; + } + + /// + protected virtual void CheckForUnexpectedServerExtension(IDictionary serverExtensions, int extensionType) + { + byte[] extensionData = TlsUtilities.GetExtensionData(serverExtensions, extensionType); + if (extensionData != null && !AllowUnexpectedServerExtension(extensionType, extensionData)) + throw new TlsFatalAlert(AlertDescription.illegal_parameter); + } + + /// + public virtual TlsPskIdentity GetPskIdentity() + { + return null; + } + + /// + public virtual TlsSrpIdentity GetSrpIdentity() + { + return null; + } + + public virtual TlsDHGroupVerifier GetDHGroupVerifier() + { + return new DefaultTlsDHGroupVerifier(); + } + + public virtual TlsSrpConfigVerifier GetSrpConfigVerifier() + { + return new DefaultTlsSrpConfigVerifier(); + } + + protected virtual IList GetCertificateAuthorities() + { + return null; + } + + protected virtual IList GetProtocolNames() + { + return null; + } + + protected virtual CertificateStatusRequest GetCertificateStatusRequest() + { + return new CertificateStatusRequest(CertificateStatusType.ocsp, new OcspStatusRequest(null, null)); + } + + /// an of (or null). + protected virtual IList GetMultiCertStatusRequest() + { + return null; + } + + protected virtual IList GetSniServerNames() + { + return null; + } + + /// The default implementation calls this to determine which named + /// groups to include in the supported_groups extension for the ClientHello. + /// The named group roles for which there should + /// be at least one supported group. By default this is inferred from the offered cipher suites and signature + /// algorithms. + /// an of . See for group constants. + /// + protected virtual IList GetSupportedGroups(IList namedGroupRoles) + { + TlsCrypto crypto = Crypto; + IList supportedGroups = Platform.CreateArrayList(); + + if (namedGroupRoles.Contains(NamedGroupRole.ecdh)) + { + TlsUtilities.AddIfSupported(supportedGroups, crypto, + new int[]{ NamedGroup.x25519, NamedGroup.x448 }); + } + + if (namedGroupRoles.Contains(NamedGroupRole.ecdh) || + namedGroupRoles.Contains(NamedGroupRole.ecdsa)) + { + TlsUtilities.AddIfSupported(supportedGroups, crypto, + new int[]{ NamedGroup.secp256r1, NamedGroup.secp384r1 }); + } + + if (namedGroupRoles.Contains(NamedGroupRole.dh)) + { + TlsUtilities.AddIfSupported(supportedGroups, crypto, + new int[]{ NamedGroup.ffdhe2048, NamedGroup.ffdhe3072, NamedGroup.ffdhe4096 }); + } + + return supportedGroups; + } + + protected virtual IList GetSupportedSignatureAlgorithms() + { + return TlsUtilities.GetDefaultSupportedSignatureAlgorithms(m_context); + } + + protected virtual IList GetSupportedSignatureAlgorithmsCert() + { + return null; + } + + protected virtual IList GetTrustedCAIndication() + { + return null; + } + + public virtual void Init(TlsClientContext context) + { + this.m_context = context; + + this.m_protocolVersions = GetSupportedVersions(); + this.m_cipherSuites = GetSupportedCipherSuites(); + } + + public override ProtocolVersion[] GetProtocolVersions() + { + return m_protocolVersions; + } + + public override int[] GetCipherSuites() + { + return m_cipherSuites; + } + + /// + public override void NotifyHandshakeBeginning() + { + base.NotifyHandshakeBeginning(); + + this.m_supportedGroups = null; + this.m_supportedSignatureAlgorithms = null; + this.m_supportedSignatureAlgorithmsCert = null; + } + + public virtual TlsSession GetSessionToResume() + { + return null; + } + + public virtual IList GetExternalPsks() + { + return null; + } + + public virtual bool IsFallback() + { + /* + * RFC 7507 4. The TLS_FALLBACK_SCSV cipher suite value is meant for use by clients that + * repeat a connection attempt with a downgraded protocol (perform a "fallback retry") in + * order to work around interoperability problems with legacy servers. + */ + return false; + } + + /// + public virtual IDictionary GetClientExtensions() + { + IDictionary clientExtensions = Platform.CreateHashtable(); + + bool offeringTlsV13Plus = false; + bool offeringPreTlsV13 = false; + { + ProtocolVersion[] supportedVersions = GetProtocolVersions(); + for (int i = 0; i < supportedVersions.Length; ++i) + { + if (TlsUtilities.IsTlsV13(supportedVersions[i])) + { + offeringTlsV13Plus = true; + } + else + { + offeringPreTlsV13 = true; + } + } + } + + IList protocolNames = GetProtocolNames(); + if (protocolNames != null) + { + TlsExtensionsUtilities.AddAlpnExtensionClient(clientExtensions, protocolNames); + } + + IList sniServerNames = GetSniServerNames(); + if (sniServerNames != null) + { + TlsExtensionsUtilities.AddServerNameExtensionClient(clientExtensions, sniServerNames); + } + + CertificateStatusRequest statusRequest = GetCertificateStatusRequest(); + if (statusRequest != null) + { + TlsExtensionsUtilities.AddStatusRequestExtension(clientExtensions, statusRequest); + } + + if (offeringTlsV13Plus) + { + IList certificateAuthorities = GetCertificateAuthorities(); + if (certificateAuthorities != null) + { + TlsExtensionsUtilities.AddCertificateAuthoritiesExtension(clientExtensions, certificateAuthorities); + } + } + + if (offeringPreTlsV13) + { + // TODO Shouldn't add if no offered cipher suite uses a block cipher? + TlsExtensionsUtilities.AddEncryptThenMacExtension(clientExtensions); + + IList statusRequestV2 = GetMultiCertStatusRequest(); + if (statusRequestV2 != null) + { + TlsExtensionsUtilities.AddStatusRequestV2Extension(clientExtensions, statusRequestV2); + } + + IList trustedCAKeys = GetTrustedCAIndication(); + if (trustedCAKeys != null) + { + TlsExtensionsUtilities.AddTrustedCAKeysExtensionClient(clientExtensions, trustedCAKeys); + } + } + + ProtocolVersion clientVersion = m_context.ClientVersion; + + /* + * RFC 5246 7.4.1.4.1. Note: this extension is not meaningful for TLS versions prior to 1.2. + * Clients MUST NOT offer it if they are offering prior versions. + */ + if (TlsUtilities.IsSignatureAlgorithmsExtensionAllowed(clientVersion)) + { + IList supportedSigAlgs = GetSupportedSignatureAlgorithms(); + if (null != supportedSigAlgs && supportedSigAlgs.Count > 0) + { + this.m_supportedSignatureAlgorithms = supportedSigAlgs; + + TlsExtensionsUtilities.AddSignatureAlgorithmsExtension(clientExtensions, supportedSigAlgs); + } + + IList supportedSigAlgsCert = GetSupportedSignatureAlgorithmsCert(); + if (null != supportedSigAlgsCert && supportedSigAlgsCert.Count > 0) + { + this.m_supportedSignatureAlgorithmsCert = supportedSigAlgsCert; + + TlsExtensionsUtilities.AddSignatureAlgorithmsCertExtension(clientExtensions, supportedSigAlgsCert); + } + } + + IList namedGroupRoles = GetNamedGroupRoles(); + + IList supportedGroups = GetSupportedGroups(namedGroupRoles); + if (supportedGroups != null && supportedGroups.Count > 0) + { + this.m_supportedGroups = supportedGroups; + + TlsExtensionsUtilities.AddSupportedGroupsExtension(clientExtensions, supportedGroups); + } + + if (offeringPreTlsV13) + { + if (namedGroupRoles.Contains(NamedGroupRole.ecdh) || + namedGroupRoles.Contains(NamedGroupRole.ecdsa)) + { + TlsExtensionsUtilities.AddSupportedPointFormatsExtension(clientExtensions, + new short[]{ ECPointFormat.uncompressed }); + } + } + + return clientExtensions; + } + + public virtual IList GetEarlyKeyShareGroups() + { + /* + * RFC 8446 4.2.8. Each KeyShareEntry value MUST correspond to a group offered in the + * "supported_groups" extension and MUST appear in the same order. However, the values MAY + * be a non-contiguous subset of the "supported_groups" extension and MAY omit the most + * preferred groups. + */ + + if (null == m_supportedGroups || m_supportedGroups.Count < 1) + return null; + + if (m_supportedGroups.Contains(NamedGroup.x25519)) + return TlsUtilities.VectorOfOne(NamedGroup.x25519); + + if (m_supportedGroups.Contains(NamedGroup.secp256r1)) + return TlsUtilities.VectorOfOne(NamedGroup.secp256r1); + + return TlsUtilities.VectorOfOne(m_supportedGroups[0]); + } + + /// + public virtual void NotifyServerVersion(ProtocolVersion serverVersion) + { + } + + public virtual void NotifySessionToResume(TlsSession session) + { + } + + public virtual void NotifySessionID(byte[] sessionID) + { + } + + public virtual void NotifySelectedCipherSuite(int selectedCipherSuite) + { + } + + /// + public virtual void NotifySelectedPsk(TlsPsk selectedPsk) + { + } + + /// + public virtual void ProcessServerExtensions(IDictionary serverExtensions) + { + if (null == serverExtensions) + return; + + SecurityParameters securityParameters = m_context.SecurityParameters; + bool isTlsV13 = TlsUtilities.IsTlsV13(securityParameters.NegotiatedVersion); + + if (isTlsV13) + { + /* + * NOTE: From TLS 1.3 the protocol classes are strict about what extensions can appear. + */ + } + else + { + /* + * RFC 5246 7.4.1.4.1. Servers MUST NOT send this extension. + */ + CheckForUnexpectedServerExtension(serverExtensions, ExtensionType.signature_algorithms); + CheckForUnexpectedServerExtension(serverExtensions, ExtensionType.signature_algorithms_cert); + + CheckForUnexpectedServerExtension(serverExtensions, ExtensionType.supported_groups); + + int selectedCipherSuite = securityParameters.CipherSuite; + + if (TlsEccUtilities.IsEccCipherSuite(selectedCipherSuite)) + { + // We only support uncompressed format, this is just to validate the extension, if present. + TlsExtensionsUtilities.GetSupportedPointFormatsExtension(serverExtensions); + } + else + { + CheckForUnexpectedServerExtension(serverExtensions, ExtensionType.ec_point_formats); + } + + /* + * RFC 7685 3. The server MUST NOT echo the extension. + */ + CheckForUnexpectedServerExtension(serverExtensions, ExtensionType.padding); + } + } + + /// + public virtual void ProcessServerSupplementalData(IList serverSupplementalData) + { + if (serverSupplementalData != null) + throw new TlsFatalAlert(AlertDescription.unexpected_message); + } + + public abstract TlsAuthentication GetAuthentication(); + + /// + public virtual IList GetClientSupplementalData() + { + return null; + } + + /// + public virtual void NotifyNewSessionTicket(NewSessionTicket newSessionTicket) + { + } + } +} diff --git a/BouncyCastle/crypto/src/tls/AbstractTlsContext.cs b/BouncyCastle/crypto/src/tls/AbstractTlsContext.cs new file mode 100644 index 0000000..0317b14 --- /dev/null +++ b/BouncyCastle/crypto/src/tls/AbstractTlsContext.cs @@ -0,0 +1,301 @@ +using System; +using System.IO; +using System.Threading; + +using Org.BouncyCastle.Crypto.Utilities; +using Org.BouncyCastle.Tls.Crypto; +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Tls +{ + internal abstract class AbstractTlsContext + : TlsContext + { + private static long counter = Times.NanoTime(); + +#if NETCF_1_0 + private static object counterLock = new object(); + private static long NextCounterValue() + { + lock (counterLock) + { + return ++counter; + } + } +#else + private static long NextCounterValue() + { + return Interlocked.Increment(ref counter); + } +#endif + + private static TlsNonceGenerator CreateNonceGenerator(TlsCrypto crypto, int connectionEnd) + { + byte[] additionalSeedMaterial = new byte[16]; + Pack.UInt64_To_BE((ulong)NextCounterValue(), additionalSeedMaterial, 0); + Pack.UInt64_To_BE((ulong)Times.NanoTime(), additionalSeedMaterial, 8); + additionalSeedMaterial[0] &= 0x7F; + additionalSeedMaterial[0] |= (byte)(connectionEnd << 7); + + return crypto.CreateNonceGenerator(additionalSeedMaterial); + } + + private readonly TlsCrypto m_crypto; + private readonly int m_connectionEnd; + private readonly TlsNonceGenerator m_nonceGenerator; + + private SecurityParameters m_securityParameters = null; + private ProtocolVersion[] m_clientSupportedVersions = null; + private ProtocolVersion m_clientVersion = null; + private ProtocolVersion m_rsaPreMasterSecretVersion = null; + private TlsSession m_session = null; + private object m_userObject = null; + private bool m_connected = false; + + internal AbstractTlsContext(TlsCrypto crypto, int connectionEnd) + { + this.m_crypto = crypto; + this.m_connectionEnd = connectionEnd; + this.m_nonceGenerator = CreateNonceGenerator(crypto, connectionEnd); + } + + /// + internal void HandshakeBeginning(TlsPeer peer) + { + lock (this) + { + if (null != m_securityParameters) + throw new TlsFatalAlert(AlertDescription.internal_error, "Handshake already started"); + + m_securityParameters = new SecurityParameters(); + m_securityParameters.m_entity = m_connectionEnd; + } + + peer.NotifyHandshakeBeginning(); + } + + /// + internal void HandshakeComplete(TlsPeer peer, TlsSession session) + { + lock (this) + { + if (null == m_securityParameters) + throw new TlsFatalAlert(AlertDescription.internal_error); + + this.m_session = session; + this.m_connected = true; + } + + peer.NotifyHandshakeComplete(); + } + + internal bool IsConnected + { + get { lock (this) return m_connected; } + } + + internal bool IsHandshaking + { + get { lock (this) return !m_connected && null != m_securityParameters; } + } + + public TlsCrypto Crypto + { + get { return m_crypto; } + } + + public virtual TlsNonceGenerator NonceGenerator + { + get { return m_nonceGenerator; } + } + + public SecurityParameters SecurityParameters + { + get { lock (this) return m_securityParameters; } + } + + public abstract bool IsServer { get; } + + public virtual ProtocolVersion[] ClientSupportedVersions + { + get { return m_clientSupportedVersions; } + } + + internal void SetClientSupportedVersions(ProtocolVersion[] clientSupportedVersions) + { + this.m_clientSupportedVersions = clientSupportedVersions; + } + + public virtual ProtocolVersion ClientVersion + { + get { return m_clientVersion; } + } + + internal void SetClientVersion(ProtocolVersion clientVersion) + { + this.m_clientVersion = clientVersion; + } + + public virtual ProtocolVersion RsaPreMasterSecretVersion + { + get { return m_rsaPreMasterSecretVersion; } + } + + internal void SetRsaPreMasterSecretVersion(ProtocolVersion rsaPreMasterSecretVersion) + { + this.m_rsaPreMasterSecretVersion = rsaPreMasterSecretVersion; + } + + public virtual ProtocolVersion ServerVersion + { + get { return SecurityParameters.NegotiatedVersion; } + } + + public virtual TlsSession ResumableSession + { + get + { + TlsSession session = Session; + if (session == null || !session.IsResumable) + return null; + + return session; + } + } + + public virtual TlsSession Session + { + get { return m_session; } + } + + public virtual object UserObject + { + get { return m_userObject; } + set { this.m_userObject = value; } + } + + public virtual byte[] ExportChannelBinding(int channelBinding) + { + if (!IsConnected) + throw new InvalidOperationException("Export of channel bindings unavailable before handshake completion"); + + SecurityParameters securityParameters = SecurityParameters; + + if (TlsUtilities.IsTlsV13(securityParameters.NegotiatedVersion)) + return null; + + switch (channelBinding) + { + case ChannelBinding.tls_server_end_point: + { + byte[] tlsServerEndPoint = securityParameters.TlsServerEndPoint; + + return TlsUtilities.IsNullOrEmpty(tlsServerEndPoint) ? null : Arrays.Clone(tlsServerEndPoint); + } + + case ChannelBinding.tls_unique: + { + return Arrays.Clone(securityParameters.TlsUnique); + } + + case ChannelBinding.tls_unique_for_telnet: + default: + throw new NotSupportedException(); + } + } + + public virtual byte[] ExportEarlyKeyingMaterial(string asciiLabel, byte[] context, int length) + { + // TODO[tls13] Ensure early_exporter_master_secret is available suitably early! + if (!IsConnected) + throw new InvalidOperationException("Export of early key material only available during handshake"); + + SecurityParameters sp = SecurityParameters; + + return ExportKeyingMaterial13(CheckEarlyExportSecret(sp.EarlyExporterMasterSecret), + sp.PrfCryptoHashAlgorithm, asciiLabel, context, length); + } + + public virtual byte[] ExportKeyingMaterial(string asciiLabel, byte[] context, int length) + { + if (!IsConnected) + throw new InvalidOperationException("Export of key material unavailable before handshake completion"); + + /* + * TODO[tls13] Introduce a TlsExporter interface? Avoid calculating (early) exporter + * secret(s) unless the peer actually uses it. + */ + SecurityParameters sp = SecurityParameters; + + if (!sp.IsExtendedMasterSecret) + { + /* + * RFC 7627 5.4. If a client or server chooses to continue with a full handshake without + * the extended master secret extension, [..] the client or server MUST NOT export any + * key material based on the new master secret for any subsequent application-level + * authentication. In particular, it MUST disable [RFC5705] [..]. + */ + throw new InvalidOperationException("Export of key material requires extended_master_secret"); + } + + if (TlsUtilities.IsTlsV13(sp.NegotiatedVersion)) + { + return ExportKeyingMaterial13(CheckExportSecret(sp.ExporterMasterSecret), sp.PrfCryptoHashAlgorithm, + asciiLabel, context, length); + } + + byte[] seed = TlsUtilities.CalculateExporterSeed(sp, context); + + return TlsUtilities.Prf(sp, CheckExportSecret(sp.MasterSecret), asciiLabel, seed, length).Extract(); + } + + protected virtual byte[] ExportKeyingMaterial13(TlsSecret secret, int cryptoHashAlgorithm, string asciiLabel, + byte[] context, int length) + { + if (null == context) + { + context = TlsUtilities.EmptyBytes; + } + else if (!TlsUtilities.IsValidUint16(context.Length)) + { + throw new ArgumentException("must have length less than 2^16 (or be null)", "context"); + } + + TlsHash exporterHash = Crypto.CreateHash(cryptoHashAlgorithm); + byte[] emptyTranscriptHash = exporterHash.CalculateHash(); + + TlsSecret exporterSecret = TlsUtilities.DeriveSecret(SecurityParameters, secret, asciiLabel, + emptyTranscriptHash); + + byte[] exporterContext = emptyTranscriptHash; + if (context.Length > 0) + { + exporterHash.Update(context, 0, context.Length); + exporterContext = exporterHash.CalculateHash(); + } + + return TlsCryptoUtilities + .HkdfExpandLabel(exporterSecret, cryptoHashAlgorithm, "exporter", exporterContext, length).Extract(); + } + + protected virtual TlsSecret CheckEarlyExportSecret(TlsSecret secret) + { + if (null == secret) + { + // TODO[tls13] For symmetry with normal export, ideally available for NotifyHandshakeBeginning() only + //throw new InvalidOperationException("Export of early key material only available from NotifyHandshakeBeginning()"); + throw new InvalidOperationException("Export of early key material not available for this handshake"); + } + return secret; + } + + protected virtual TlsSecret CheckExportSecret(TlsSecret secret) + { + if (null == secret) + throw new InvalidOperationException( + "Export of key material only available from NotifyHandshakeComplete()"); + + return secret; + } + } +} diff --git a/BouncyCastle/crypto/src/tls/AbstractTlsKeyExchange.cs b/BouncyCastle/crypto/src/tls/AbstractTlsKeyExchange.cs new file mode 100644 index 0000000..4e61f4c --- /dev/null +++ b/BouncyCastle/crypto/src/tls/AbstractTlsKeyExchange.cs @@ -0,0 +1,90 @@ +using System; +using System.IO; + +using Org.BouncyCastle.Tls.Crypto; + +namespace Org.BouncyCastle.Tls +{ + /// Base class for supporting a TLS key exchange implementation. + public abstract class AbstractTlsKeyExchange + : TlsKeyExchange + { + protected readonly int m_keyExchange; + + protected TlsContext m_context; + + protected AbstractTlsKeyExchange(int keyExchange) + { + this.m_keyExchange = keyExchange; + } + + public virtual void Init(TlsContext context) + { + this.m_context = context; + } + + public abstract void SkipServerCredentials(); + + public abstract void ProcessServerCredentials(TlsCredentials serverCredentials); + + public virtual void ProcessServerCertificate(Certificate serverCertificate) + { + throw new TlsFatalAlert(AlertDescription.internal_error); + } + + public virtual bool RequiresServerKeyExchange + { + get { return false; } + } + + public virtual byte[] GenerateServerKeyExchange() + { + if (RequiresServerKeyExchange) + throw new TlsFatalAlert(AlertDescription.internal_error); + + return null; + } + + public virtual void SkipServerKeyExchange() + { + if (RequiresServerKeyExchange) + throw new TlsFatalAlert(AlertDescription.unexpected_message); + } + + public virtual void ProcessServerKeyExchange(Stream input) + { + if (!RequiresServerKeyExchange) + throw new TlsFatalAlert(AlertDescription.unexpected_message); + } + + public virtual short[] GetClientCertificateTypes() + { + return null; + } + + public virtual void SkipClientCredentials() + { + } + + public abstract void ProcessClientCredentials(TlsCredentials clientCredentials); + + public virtual void ProcessClientCertificate(Certificate clientCertificate) + { + } + + public abstract void GenerateClientKeyExchange(Stream output); + + public virtual void ProcessClientKeyExchange(Stream input) + { + // Key exchange implementation MUST support client key exchange + throw new TlsFatalAlert(AlertDescription.internal_error); + } + + public virtual bool RequiresCertificateVerify + { + get { return true; } + } + + public abstract TlsSecret GeneratePreMasterSecret(); + } +} diff --git a/BouncyCastle/crypto/src/tls/AbstractTlsKeyExchangeFactory.cs b/BouncyCastle/crypto/src/tls/AbstractTlsKeyExchangeFactory.cs new file mode 100644 index 0000000..946ad5f --- /dev/null +++ b/BouncyCastle/crypto/src/tls/AbstractTlsKeyExchangeFactory.cs @@ -0,0 +1,90 @@ +using System; + +using Org.BouncyCastle.Tls.Crypto; + +namespace Org.BouncyCastle.Tls +{ + /// Base class for supporting a TLS key exchange factory implementation. + public abstract class AbstractTlsKeyExchangeFactory + : TlsKeyExchangeFactory + { + public virtual TlsKeyExchange CreateDHKeyExchange(int keyExchange) + { + throw new TlsFatalAlert(AlertDescription.internal_error); + } + + public virtual TlsKeyExchange CreateDHanonKeyExchangeClient(int keyExchange, TlsDHGroupVerifier dhGroupVerifier) + { + throw new TlsFatalAlert(AlertDescription.internal_error); + } + + public virtual TlsKeyExchange CreateDHanonKeyExchangeServer(int keyExchange, TlsDHConfig dhConfig) + { + throw new TlsFatalAlert(AlertDescription.internal_error); + } + + public virtual TlsKeyExchange CreateDheKeyExchangeClient(int keyExchange, TlsDHGroupVerifier dhGroupVerifier) + { + throw new TlsFatalAlert(AlertDescription.internal_error); + } + + public virtual TlsKeyExchange CreateDheKeyExchangeServer(int keyExchange, TlsDHConfig dhConfig) + { + throw new TlsFatalAlert(AlertDescription.internal_error); + } + + public virtual TlsKeyExchange CreateECDHKeyExchange(int keyExchange) + { + throw new TlsFatalAlert(AlertDescription.internal_error); + } + + public virtual TlsKeyExchange CreateECDHanonKeyExchangeClient(int keyExchange) + { + throw new TlsFatalAlert(AlertDescription.internal_error); + } + + public virtual TlsKeyExchange CreateECDHanonKeyExchangeServer(int keyExchange, TlsECConfig ecConfig) + { + throw new TlsFatalAlert(AlertDescription.internal_error); + } + + public virtual TlsKeyExchange CreateECDheKeyExchangeClient(int keyExchange) + { + throw new TlsFatalAlert(AlertDescription.internal_error); + } + + public virtual TlsKeyExchange CreateECDheKeyExchangeServer(int keyExchange, TlsECConfig ecConfig) + { + throw new TlsFatalAlert(AlertDescription.internal_error); + } + + public virtual TlsKeyExchange CreatePskKeyExchangeClient(int keyExchange, TlsPskIdentity pskIdentity, + TlsDHGroupVerifier dhGroupVerifier) + { + throw new TlsFatalAlert(AlertDescription.internal_error); + } + + public virtual TlsKeyExchange CreatePskKeyExchangeServer(int keyExchange, + TlsPskIdentityManager pskIdentityManager, TlsDHConfig dhConfig, TlsECConfig ecConfig) + { + throw new TlsFatalAlert(AlertDescription.internal_error); + } + + public virtual TlsKeyExchange CreateRsaKeyExchange(int keyExchange) + { + throw new TlsFatalAlert(AlertDescription.internal_error); + } + + public virtual TlsKeyExchange CreateSrpKeyExchangeClient(int keyExchange, TlsSrpIdentity srpIdentity, + TlsSrpConfigVerifier srpConfigVerifier) + { + throw new TlsFatalAlert(AlertDescription.internal_error); + } + + public virtual TlsKeyExchange CreateSrpKeyExchangeServer(int keyExchange, + TlsSrpLoginParameters loginParameters) + { + throw new TlsFatalAlert(AlertDescription.internal_error); + } + } +} diff --git a/BouncyCastle/crypto/src/tls/AbstractTlsPeer.cs b/BouncyCastle/crypto/src/tls/AbstractTlsPeer.cs new file mode 100644 index 0000000..b3a7c2b --- /dev/null +++ b/BouncyCastle/crypto/src/tls/AbstractTlsPeer.cs @@ -0,0 +1,162 @@ +using System; +using System.IO; + +using Org.BouncyCastle.Tls.Crypto; + +namespace Org.BouncyCastle.Tls +{ + /// Base class for a TLS client or server. + public abstract class AbstractTlsPeer + : TlsPeer + { + private readonly TlsCrypto m_crypto; + + private volatile TlsCloseable m_closeHandle; + + protected AbstractTlsPeer(TlsCrypto crypto) + { + this.m_crypto = crypto; + } + + /// Get the values that are supported by this peer. + /// + /// WARNING: Mixing DTLS and TLS versions in the returned array is currently NOT supported. Use a separate + /// (sub-)class for each case. + /// + /// an array of supported values. + protected virtual ProtocolVersion[] GetSupportedVersions() + { + // TODO[tls13] Enable TLSv13 by default in due course + return ProtocolVersion.TLSv13.DownTo(ProtocolVersion.TLSv10); + } + + protected abstract int[] GetSupportedCipherSuites(); + + /// + public virtual void Cancel() + { + TlsCloseable closeHandle = this.m_closeHandle; + if (null != closeHandle) + { + closeHandle.Close(); + } + } + + public virtual TlsCrypto Crypto + { + get { return m_crypto; } + } + + public virtual void NotifyCloseHandle(TlsCloseable closeHandle) + { + this.m_closeHandle = closeHandle; + } + + public abstract ProtocolVersion[] GetProtocolVersions(); + + public abstract int[] GetCipherSuites(); + + /// + public virtual void NotifyHandshakeBeginning() + { + } + + public virtual int GetHandshakeTimeoutMillis() + { + return 0; + } + + public virtual bool AllowLegacyResumption() + { + return false; + } + + public virtual int GetMaxCertificateChainLength() + { + return 10; + } + + public virtual int GetMaxHandshakeMessageSize() + { + return 32768; + } + + public virtual short[] GetPskKeyExchangeModes() + { + return new short[]{ PskKeyExchangeMode.psk_dhe_ke }; + } + + public virtual bool RequiresCloseNotify() + { + return true; + } + + public virtual bool RequiresExtendedMasterSecret() + { + return false; + } + + public virtual bool ShouldCheckSigAlgOfPeerCerts() + { + return true; + } + + public virtual bool ShouldUseExtendedMasterSecret() + { + return true; + } + + public virtual bool ShouldUseExtendedPadding() + { + return false; + } + + public virtual bool ShouldUseGmtUnixTime() + { + /* + * draft-mathewson-no-gmtunixtime-00 2. For the reasons we discuss above, we recommend that + * TLS implementors MUST by default set the entire value the ClientHello.Random and + * ServerHello.Random fields, including gmt_unix_time, to a cryptographically random + * sequence. + */ + return false; + } + + /// + public virtual void NotifySecureRenegotiation(bool secureRenegotiation) + { + if (!secureRenegotiation) + throw new TlsFatalAlert(AlertDescription.handshake_failure); + } + + /// + public virtual TlsKeyExchangeFactory GetKeyExchangeFactory() + { + return new DefaultTlsKeyExchangeFactory(); + } + + public virtual void NotifyAlertRaised(short alertLevel, short alertDescription, string message, + Exception cause) + { + } + + public virtual void NotifyAlertReceived(short alertLevel, short alertDescription) + { + } + + /// + public virtual void NotifyHandshakeComplete() + { + } + + public virtual TlsHeartbeat GetHeartbeat() + { + return null; + } + + public virtual short GetHeartbeatPolicy() + { + return HeartbeatMode.peer_not_allowed_to_send; + } + } +} diff --git a/BouncyCastle/crypto/src/tls/AbstractTlsServer.cs b/BouncyCastle/crypto/src/tls/AbstractTlsServer.cs new file mode 100644 index 0000000..f122333 --- /dev/null +++ b/BouncyCastle/crypto/src/tls/AbstractTlsServer.cs @@ -0,0 +1,583 @@ +using System; +using System.Collections; +using System.IO; + +using Org.BouncyCastle.Tls.Crypto; +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Tls +{ + /// Base class for a TLS server. + public abstract class AbstractTlsServer + : AbstractTlsPeer, TlsServer + { + protected TlsServerContext m_context; + protected ProtocolVersion[] m_protocolVersions; + protected int[] m_cipherSuites; + + protected int[] m_offeredCipherSuites; + protected IDictionary m_clientExtensions; + + protected bool m_encryptThenMACOffered; + protected short m_maxFragmentLengthOffered; + protected bool m_truncatedHMacOffered; + protected bool m_clientSentECPointFormats; + protected CertificateStatusRequest m_certificateStatusRequest; + protected IList m_statusRequestV2; + protected IList m_trustedCAKeys; + + protected int m_selectedCipherSuite; + protected IList m_clientProtocolNames; + protected ProtocolName m_selectedProtocolName; + + protected readonly IDictionary m_serverExtensions = Platform.CreateHashtable(); + + public AbstractTlsServer(TlsCrypto crypto) + : base(crypto) + { + } + + protected virtual bool AllowCertificateStatus() + { + return true; + } + + protected virtual bool AllowEncryptThenMac() + { + return true; + } + + protected virtual bool AllowMultiCertStatus() + { + return false; + } + + protected virtual bool AllowTruncatedHmac() + { + return false; + } + + protected virtual bool AllowTrustedCAIndication() + { + return false; + } + + protected virtual int GetMaximumNegotiableCurveBits() + { + int[] clientSupportedGroups = m_context.SecurityParameters.ClientSupportedGroups; + if (clientSupportedGroups == null) + { + /* + * RFC 4492 4. A client that proposes ECC cipher suites may choose not to include these + * extensions. In this case, the server is free to choose any one of the elliptic curves + * or point formats [...]. + */ + return NamedGroup.GetMaximumCurveBits(); + } + + int maxBits = 0; + for (int i = 0; i < clientSupportedGroups.Length; ++i) + { + maxBits = System.Math.Max(maxBits, NamedGroup.GetCurveBits(clientSupportedGroups[i])); + } + return maxBits; + } + + protected virtual int GetMaximumNegotiableFiniteFieldBits() + { + int[] clientSupportedGroups = m_context.SecurityParameters.ClientSupportedGroups; + if (clientSupportedGroups == null) + { + return NamedGroup.GetMaximumFiniteFieldBits(); + } + + int maxBits = 0; + for (int i = 0; i < clientSupportedGroups.Length; ++i) + { + maxBits = System.Math.Max(maxBits, NamedGroup.GetFiniteFieldBits(clientSupportedGroups[i])); + } + return maxBits; + } + + protected virtual IList GetProtocolNames() + { + return null; + } + + protected virtual bool IsSelectableCipherSuite(int cipherSuite, int availCurveBits, int availFiniteFieldBits, + IList sigAlgs) + { + // TODO[tls13] The version check should be separated out (eventually select ciphersuite before version) + return TlsUtilities.IsValidVersionForCipherSuite(cipherSuite, m_context.ServerVersion) + && availCurveBits >= TlsEccUtilities.GetMinimumCurveBits(cipherSuite) + && availFiniteFieldBits >= TlsDHUtilities.GetMinimumFiniteFieldBits(cipherSuite) + && TlsUtilities.IsValidCipherSuiteForSignatureAlgorithms(cipherSuite, sigAlgs); + } + + protected virtual bool PreferLocalCipherSuites() + { + return false; + } + + /// + protected virtual bool SelectCipherSuite(int cipherSuite) + { + this.m_selectedCipherSuite = cipherSuite; + return true; + } + + protected virtual int SelectDH(int minimumFiniteFieldBits) + { + int[] clientSupportedGroups = m_context.SecurityParameters.ClientSupportedGroups; + if (clientSupportedGroups == null) + return SelectDHDefault(minimumFiniteFieldBits); + + // Try to find a supported named group of the required size from the client's list. + for (int i = 0; i < clientSupportedGroups.Length; ++i) + { + int namedGroup = clientSupportedGroups[i]; + if (NamedGroup.GetFiniteFieldBits(namedGroup) >= minimumFiniteFieldBits) + return namedGroup; + } + + return -1; + } + + protected virtual int SelectDHDefault(int minimumFiniteFieldBits) + { + return minimumFiniteFieldBits <= 2048 ? NamedGroup.ffdhe2048 + : minimumFiniteFieldBits <= 3072 ? NamedGroup.ffdhe3072 + : minimumFiniteFieldBits <= 4096 ? NamedGroup.ffdhe4096 + : minimumFiniteFieldBits <= 6144 ? NamedGroup.ffdhe6144 + : minimumFiniteFieldBits <= 8192 ? NamedGroup.ffdhe8192 + : -1; + } + + protected virtual int SelectECDH(int minimumCurveBits) + { + int[] clientSupportedGroups = m_context.SecurityParameters.ClientSupportedGroups; + if (clientSupportedGroups == null) + return SelectECDHDefault(minimumCurveBits); + + // Try to find a supported named group of the required size from the client's list. + for (int i = 0; i < clientSupportedGroups.Length; ++i) + { + int namedGroup = clientSupportedGroups[i]; + if (NamedGroup.GetCurveBits(namedGroup) >= minimumCurveBits) + return namedGroup; + } + + return -1; + } + + protected virtual int SelectECDHDefault(int minimumCurveBits) + { + return minimumCurveBits <= 256 ? NamedGroup.secp256r1 + : minimumCurveBits <= 384 ? NamedGroup.secp384r1 + : minimumCurveBits <= 521 ? NamedGroup.secp521r1 + : -1; + } + + protected virtual ProtocolName SelectProtocolName() + { + IList serverProtocolNames = GetProtocolNames(); + if (null == serverProtocolNames || serverProtocolNames.Count < 1) + return null; + + ProtocolName result = SelectProtocolName(m_clientProtocolNames, serverProtocolNames); + if (null == result) + throw new TlsFatalAlert(AlertDescription.no_application_protocol); + + return result; + } + + protected virtual ProtocolName SelectProtocolName(IList clientProtocolNames, IList serverProtocolNames) + { + foreach (ProtocolName serverProtocolName in serverProtocolNames) + { + if (clientProtocolNames.Contains(serverProtocolName)) + return serverProtocolName; + } + return null; + } + + protected virtual bool ShouldSelectProtocolNameEarly() + { + return true; + } + + public virtual void Init(TlsServerContext context) + { + this.m_context = context; + + this.m_protocolVersions = GetSupportedVersions(); + this.m_cipherSuites = GetSupportedCipherSuites(); + } + + public override ProtocolVersion[] GetProtocolVersions() + { + return m_protocolVersions; + } + + public override int[] GetCipherSuites() + { + return m_cipherSuites; + } + + public override void NotifyHandshakeBeginning() + { + base.NotifyHandshakeBeginning(); + + this.m_offeredCipherSuites = null; + this.m_clientExtensions = null; + this.m_encryptThenMACOffered = false; + this.m_maxFragmentLengthOffered = 0; + this.m_truncatedHMacOffered = false; + this.m_clientSentECPointFormats = false; + this.m_certificateStatusRequest = null; + this.m_selectedCipherSuite = -1; + this.m_selectedProtocolName = null; + this.m_serverExtensions.Clear(); + } + + public virtual TlsSession GetSessionToResume(byte[] sessionID) + { + return null; + } + + public virtual byte[] GetNewSessionID() + { + return null; + } + + public virtual TlsPskExternal GetExternalPsk(IList identities) + { + return null; + } + + public virtual void NotifySession(TlsSession session) + { + } + + public virtual void NotifyClientVersion(ProtocolVersion clientVersion) + { + } + + public virtual void NotifyFallback(bool isFallback) + { + /* + * RFC 7507 3. If TLS_FALLBACK_SCSV appears in ClientHello.cipher_suites and the highest + * protocol version supported by the server is higher than the version indicated in + * ClientHello.client_version, the server MUST respond with a fatal inappropriate_fallback + * alert [..]. + */ + if (isFallback) + { + ProtocolVersion[] serverVersions = GetProtocolVersions(); + ProtocolVersion clientVersion = m_context.ClientVersion; + + ProtocolVersion latestServerVersion; + if (clientVersion.IsTls) + { + latestServerVersion = ProtocolVersion.GetLatestTls(serverVersions); + } + else if (clientVersion.IsDtls) + { + latestServerVersion = ProtocolVersion.GetLatestDtls(serverVersions); + } + else + { + throw new TlsFatalAlert(AlertDescription.internal_error); + } + + if (null != latestServerVersion && latestServerVersion.IsLaterVersionOf(clientVersion)) + { + throw new TlsFatalAlert(AlertDescription.inappropriate_fallback); + } + } + } + + public virtual void NotifyOfferedCipherSuites(int[] offeredCipherSuites) + { + this.m_offeredCipherSuites = offeredCipherSuites; + } + + public virtual void ProcessClientExtensions(IDictionary clientExtensions) + { + this.m_clientExtensions = clientExtensions; + + if (null != clientExtensions) + { + this.m_clientProtocolNames = TlsExtensionsUtilities.GetAlpnExtensionClient(clientExtensions); + + if (ShouldSelectProtocolNameEarly()) + { + if (null != m_clientProtocolNames && m_clientProtocolNames.Count > 0) + { + this.m_selectedProtocolName = SelectProtocolName(); + } + } + + // TODO[tls13] Don't need these if we have negotiated (D)TLS 1.3+ + { + this.m_encryptThenMACOffered = TlsExtensionsUtilities.HasEncryptThenMacExtension(clientExtensions); + this.m_truncatedHMacOffered = TlsExtensionsUtilities.HasTruncatedHmacExtension(clientExtensions); + this.m_statusRequestV2 = TlsExtensionsUtilities.GetStatusRequestV2Extension(clientExtensions); + this.m_trustedCAKeys = TlsExtensionsUtilities.GetTrustedCAKeysExtensionClient(clientExtensions); + + // We only support uncompressed format, this is just to validate the extension, and note its presence. + this.m_clientSentECPointFormats = + null != TlsExtensionsUtilities.GetSupportedPointFormatsExtension(clientExtensions); + } + + this.m_certificateStatusRequest = TlsExtensionsUtilities.GetStatusRequestExtension(clientExtensions); + + this.m_maxFragmentLengthOffered = TlsExtensionsUtilities.GetMaxFragmentLengthExtension(clientExtensions); + if (m_maxFragmentLengthOffered >= 0 && !MaxFragmentLength.IsValid(m_maxFragmentLengthOffered)) + throw new TlsFatalAlert(AlertDescription.illegal_parameter); + } + } + + public virtual ProtocolVersion GetServerVersion() + { + ProtocolVersion[] serverVersions = GetProtocolVersions(); + ProtocolVersion[] clientVersions = m_context.ClientSupportedVersions; + + foreach (ProtocolVersion clientVersion in clientVersions) + { + if (ProtocolVersion.Contains(serverVersions, clientVersion)) + return clientVersion; + } + + throw new TlsFatalAlert(AlertDescription.protocol_version); + } + + public virtual int[] GetSupportedGroups() + { + // TODO[tls13] The rest of this class assumes all named groups are supported + return new int[]{ NamedGroup.x25519, NamedGroup.x448, NamedGroup.secp256r1, NamedGroup.secp384r1, + NamedGroup.ffdhe2048, NamedGroup.ffdhe3072, NamedGroup.ffdhe4096 }; + } + + public virtual int GetSelectedCipherSuite() + { + SecurityParameters securityParameters = m_context.SecurityParameters; + ProtocolVersion negotiatedVersion = securityParameters.NegotiatedVersion; + + if (TlsUtilities.IsTlsV13(negotiatedVersion)) + { + int commonCipherSuite13 = TlsUtilities.GetCommonCipherSuite13(negotiatedVersion, m_offeredCipherSuites, + GetCipherSuites(), PreferLocalCipherSuites()); + + if (commonCipherSuite13 >= 0 && SelectCipherSuite(commonCipherSuite13)) + { + return commonCipherSuite13; + } + } + else + { + /* + * RFC 5246 7.4.3. In order to negotiate correctly, the server MUST check any candidate + * cipher suites against the "signature_algorithms" extension before selecting them. This is + * somewhat inelegant but is a compromise designed to minimize changes to the original + * cipher suite design. + */ + IList sigAlgs = TlsUtilities.GetUsableSignatureAlgorithms(securityParameters.ClientSigAlgs); + + /* + * RFC 4429 5.1. A server that receives a ClientHello containing one or both of these + * extensions MUST use the client's enumerated capabilities to guide its selection of an + * appropriate cipher suite. One of the proposed ECC cipher suites must be negotiated only + * if the server can successfully complete the handshake while using the curves and point + * formats supported by the client [...]. + */ + int availCurveBits = GetMaximumNegotiableCurveBits(); + int availFiniteFieldBits = GetMaximumNegotiableFiniteFieldBits(); + + int[] cipherSuites = TlsUtilities.GetCommonCipherSuites(m_offeredCipherSuites, GetCipherSuites(), + PreferLocalCipherSuites()); + + for (int i = 0; i < cipherSuites.Length; ++i) + { + int cipherSuite = cipherSuites[i]; + if (IsSelectableCipherSuite(cipherSuite, availCurveBits, availFiniteFieldBits, sigAlgs) + && SelectCipherSuite(cipherSuite)) + { + return cipherSuite; + } + } + } + + throw new TlsFatalAlert(AlertDescription.handshake_failure, "No selectable cipher suite"); + } + + // IDictionary is (Int32 -> byte[]) + public virtual IDictionary GetServerExtensions() + { + bool isTlsV13 = TlsUtilities.IsTlsV13(m_context); + + if (isTlsV13) + { + if (null != m_certificateStatusRequest && AllowCertificateStatus()) + { + /* + * TODO[tls13] RFC 8446 4.4.2.1. OCSP Status and SCT Extensions. + * + * OCSP information is carried in an extension for a CertificateEntry. + */ + } + } + else + { + if (m_encryptThenMACOffered && AllowEncryptThenMac()) + { + /* + * RFC 7366 3. If a server receives an encrypt-then-MAC request extension from a client + * and then selects a stream or Authenticated Encryption with Associated Data (AEAD) + * ciphersuite, it MUST NOT send an encrypt-then-MAC response extension back to the + * client. + */ + if (TlsUtilities.IsBlockCipherSuite(m_selectedCipherSuite)) + { + TlsExtensionsUtilities.AddEncryptThenMacExtension(m_serverExtensions); + } + } + + if (m_truncatedHMacOffered && AllowTruncatedHmac()) + { + TlsExtensionsUtilities.AddTruncatedHmacExtension(m_serverExtensions); + } + + if (m_clientSentECPointFormats && TlsEccUtilities.IsEccCipherSuite(m_selectedCipherSuite)) + { + /* + * RFC 4492 5.2. A server that selects an ECC cipher suite in response to a ClientHello + * message including a Supported Point Formats Extension appends this extension (along + * with others) to its ServerHello message, enumerating the point formats it can parse. + */ + TlsExtensionsUtilities.AddSupportedPointFormatsExtension(m_serverExtensions, + new short[]{ ECPointFormat.uncompressed }); + } + + // TODO[tls13] See RFC 8446 4.4.2.1 + if (null != m_statusRequestV2 && AllowMultiCertStatus()) + { + /* + * RFC 6961 2.2. If a server returns a "CertificateStatus" message in response to a + * "status_request_v2" request, then the server MUST have included an extension of type + * "status_request_v2" with empty "extension_data" in the extended server hello.. + */ + TlsExtensionsUtilities.AddEmptyExtensionData(m_serverExtensions, ExtensionType.status_request_v2); + } + else if (null != this.m_certificateStatusRequest && AllowCertificateStatus()) + { + /* + * RFC 6066 8. If a server returns a "CertificateStatus" message, then the server MUST + * have included an extension of type "status_request" with empty "extension_data" in + * the extended server hello. + */ + TlsExtensionsUtilities.AddEmptyExtensionData(m_serverExtensions, ExtensionType.status_request); + } + + if (null != m_trustedCAKeys && AllowTrustedCAIndication()) + { + TlsExtensionsUtilities.AddTrustedCAKeysExtensionServer(m_serverExtensions); + } + } + + if (m_maxFragmentLengthOffered >= 0 && MaxFragmentLength.IsValid(m_maxFragmentLengthOffered)) + { + TlsExtensionsUtilities.AddMaxFragmentLengthExtension(m_serverExtensions, m_maxFragmentLengthOffered); + } + + return m_serverExtensions; + } + + public virtual void GetServerExtensionsForConnection(IDictionary serverExtensions) + { + if (!ShouldSelectProtocolNameEarly()) + { + if (null != m_clientProtocolNames && m_clientProtocolNames.Count > 0) + { + this.m_selectedProtocolName = SelectProtocolName(); + } + } + + /* + * RFC 7301 3.1. When session resumption or session tickets [...] are used, the previous + * contents of this extension are irrelevant, and only the values in the new handshake + * messages are considered. + */ + if (null == m_selectedProtocolName) + { + serverExtensions.Remove(ExtensionType.application_layer_protocol_negotiation); + } + else + { + TlsExtensionsUtilities.AddAlpnExtensionServer(serverExtensions, m_selectedProtocolName); + } + } + + public virtual IList GetServerSupplementalData() + { + return null; + } + + public abstract TlsCredentials GetCredentials(); + + public virtual CertificateStatus GetCertificateStatus() + { + return null; + } + + public virtual CertificateRequest GetCertificateRequest() + { + return null; + } + + public virtual TlsPskIdentityManager GetPskIdentityManager() + { + return null; + } + + public virtual TlsSrpLoginParameters GetSrpLoginParameters() + { + return null; + } + + public virtual TlsDHConfig GetDHConfig() + { + int minimumFiniteFieldBits = TlsDHUtilities.GetMinimumFiniteFieldBits(m_selectedCipherSuite); + int namedGroup = SelectDH(minimumFiniteFieldBits); + return TlsDHUtilities.CreateNamedDHConfig(m_context, namedGroup); + } + + public virtual TlsECConfig GetECDHConfig() + { + int minimumCurveBits = TlsEccUtilities.GetMinimumCurveBits(m_selectedCipherSuite); + int namedGroup = SelectECDH(minimumCurveBits); + return TlsEccUtilities.CreateNamedECConfig(m_context, namedGroup); + } + + public virtual void ProcessClientSupplementalData(IList clientSupplementalData) + { + if (clientSupplementalData != null) + throw new TlsFatalAlert(AlertDescription.unexpected_message); + } + + public virtual void NotifyClientCertificate(Certificate clientCertificate) + { + throw new TlsFatalAlert(AlertDescription.internal_error); + } + + public virtual NewSessionTicket GetNewSessionTicket() + { + /* + * RFC 5077 3.3. If the server determines that it does not want to include a ticket after it + * has included the SessionTicket extension in the ServerHello, then it sends a zero-length + * ticket in the NewSessionTicket handshake message. + */ + return new NewSessionTicket(0L, TlsUtilities.EmptyBytes); + } + } +} diff --git a/BouncyCastle/crypto/src/tls/AlertDescription.cs b/BouncyCastle/crypto/src/tls/AlertDescription.cs new file mode 100644 index 0000000..dc207bb --- /dev/null +++ b/BouncyCastle/crypto/src/tls/AlertDescription.cs @@ -0,0 +1,323 @@ +using System; + +namespace Org.BouncyCastle.Tls +{ + /// RFC 5246 7.2. + public abstract class AlertDescription + { + /// This message notifies the recipient that the sender will not send any more messages on this + /// connection. + /// + /// Note that as of TLS 1.1, failure to properly close a connection no longer requires that a session not be + /// resumed. This is a change from TLS 1.0 ("The session becomes unresumable if any connection is terminated + /// without proper close_notify messages with level equal to warning.") to conform with widespread + /// implementation practice. + /// + public const short close_notify = 0; + + /// An inappropriate message was received. + /// + /// This alert is always fatal and should never be observed in communication between proper implementations. + /// + public const short unexpected_message = 10; + + /// This alert is returned if a record is received with an incorrect MAC. + /// + /// This alert also MUST be returned if an alert is sent because a TLSCiphertext decrypted in an invalid way: + /// either it wasn't an even multiple of the block length, or its padding values, when checked, weren't + /// correct. This message is always fatal and should never be observed in communication between proper + /// implementations (except when messages were corrupted in the network). + /// + public const short bad_record_mac = 20; + + /// + /// This alert was used in some earlier versions of TLS, and may have permitted certain attacks against the CBC + /// mode [CBCATT]. It MUST NOT be sent by compliant implementations. + /// + public const short decryption_failed = 21; + + /// A TLSCiphertext record was received that had a length more than 2^14+2048 bytes, or a record + /// decrypted to a TLSCompressed record with more than 2^14+1024 bytes. + /// + /// This message is always fatal and should never be observed in communication between proper implementations + /// (except when messages were corrupted in the network). + /// + public const short record_overflow = 22; + + /// The decompression function received improper input (e.g., data that would expand to excessive + /// length). + /// + /// This message is always fatal and should never be observed in communication between proper implementations. + /// + public const short decompression_failure = 30; + + /// Reception of a handshake_failure alert message indicates that the sender was unable to negotiate + /// an acceptable set of security parameters given the options available. + /// + /// This is a fatal error. + /// + public const short handshake_failure = 40; + + /// + /// This alert was used in SSLv3 but not any version of TLS. It MUST NOT be sent by compliant implementations. + /// + public const short no_certificate = 41; + + /// A certificate was corrupt, contained signatures that did not verify correctly, etc. + public const short bad_certificate = 42; + + /// A certificate was of an unsupported type. + public const short unsupported_certificate = 43; + + /// A certificate was revoked by its signer. + public const short certificate_revoked = 44; + + /// A certificate has expired or is not currently valid. + public const short certificate_expired = 45; + + /// Some other (unspecified) issue arose in processing the certificate, rendering it unacceptable. + /// + public const short certificate_unknown = 46; + + /// A field in the handshake was out of range or inconsistent with other fields. + /// + /// This message is always fatal. + /// + public const short illegal_parameter = 47; + + /// A valid certificate chain or partial chain was received, but the certificate was not accepted + /// because the CA certificate could not be located or couldn't be matched with a known, trusted CA. + /// + /// This message is always fatal. + /// + public const short unknown_ca = 48; + + /// A valid certificate was received, but when access control was applied, the sender decided not to + /// proceed with negotiation. + /// + /// This message is always fatal. + /// + public const short access_denied = 49; + + /// A message could not be decoded because some field was out of the specified range or the length of + /// the message was incorrect. + /// + /// This message is always fatal and should never be observed in communication between proper + /// implementations (except when messages were corrupted in the network). + /// + public const short decode_error = 50; + + /// A handshake cryptographic operation failed, including being unable to correctly verify a signature + /// or validate a Finished message. + /// + /// This message is always fatal. + /// + public const short decrypt_error = 51; + + /// + /// This alert was used in some earlier versions of TLS. It MUST NOT be sent by compliant implementations. + /// + public const short export_restriction = 60; + + /// The protocol version the client has attempted to negotiate is recognized but not supported. + /// + /// + /// (For example, old protocol versions might be avoided for security reasons.) This message is always fatal. + /// + public const short protocol_version = 70; + + /// Returned instead of handshake_failure when a negotiation has failed specifically because the + /// server requires ciphers more secure than those supported by the client. + /// + /// This message is always fatal. + /// + public const short insufficient_security = 71; + + /// An internal error unrelated to the peer or the correctness of the protocol (such as a memory + /// allocation failure) makes it impossible to continue. + /// + /// This message is always fatal. + /// + public const short internal_error = 80; + + /// This handshake is being canceled for some reason unrelated to a protocol failure. + /// + /// If the user cancels an operation after the handshake is complete, just closing the connection by sending a + /// close_notify is more appropriate. This alert should be followed by a close_notify. This message is + /// generally a warning. + /// + public const short user_canceled = 90; + + /// Sent by the client in response to a hello request or by the server in response to a client hello + /// after initial handshaking. + /// + /// Either of these would normally lead to renegotiation; when that is not appropriate, the recipient should + /// respond with this alert. At that point, the original requester can decide whether to proceed with the + /// connection. One case where this would be appropriate is where a server has spawned a process to satisfy a + /// request; the process might receive security parameters (key length, authentication, etc.) at startup, and + /// it might be difficult to communicate changes to these parameters after that point. This message is always a + /// warning. + /// + public const short no_renegotiation = 100; + + /// Sent by clients that receive an extended server hello containing an extension that they did not + /// put in the corresponding client hello. + /// + /// This message is always fatal. + /// + public const short unsupported_extension = 110; + + /* + * RFC 3546 + */ + + /// This alert is sent by servers who are unable to retrieve a certificate chain from the URL supplied + /// by the client(see Section 3.3). + /// + /// This message MAY be fatal - for example if client authentication is required by the server for the + /// handshake to continue and the server is unable to retrieve the certificate chain, it may send a fatal + /// alert. + /// + public const short certificate_unobtainable = 111; + + /// This alert is sent by servers that receive a server_name extension request, but do not recognize + /// the server name. + /// + /// This message MAY be fatal. + /// + public const short unrecognized_name = 112; + + /// This alert is sent by clients that receive an invalid certificate status response (see Section 3.6 + /// ). + /// + /// This message is always fatal. + /// + public const short bad_certificate_status_response = 113; + + /// This alert is sent by servers when a certificate hash does not match a client provided + /// certificate_hash. + /// + /// This message is always fatal. + /// + public const short bad_certificate_hash_value = 114; + + /* + * RFC 4279 + */ + + /// If the server does not recognize the PSK identity, it MAY respond with an "unknown_psk_identity" + /// alert message. + public const short unknown_psk_identity = 115; + + /* + * RFC 7301 + */ + + /// In the event that the server supports no protocols that the client advertises, then the server + /// SHALL respond with a fatal "no_application_protocol" alert. + public const short no_application_protocol = 120; + + /* + * RFC 7507 + */ + + /// If TLS_FALLBACK_SCSV appears in ClientHello.cipher_suites and the highest protocol version + /// supported by the server is higher than the version indicated in ClientHello.client_version, the server MUST + /// respond with a fatal inappropriate_fallback alert[..]. + public const short inappropriate_fallback = 86; + + /* + * RFC 8446 + */ + + /// Sent by endpoints that receive a handshake message not containing an extension that is mandatory + /// to send for the offered TLS version or other negotiated parameters. + public const short missing_extension = 109; + + /// Sent by servers when a client certificate is desired but none was provided by the client. + /// + public const short certificate_required = 116; + + public static string GetName(short alertDescription) + { + switch (alertDescription) + { + case close_notify: + return "close_notify"; + case unexpected_message: + return "unexpected_message"; + case bad_record_mac: + return "bad_record_mac"; + case decryption_failed: + return "decryption_failed"; + case record_overflow: + return "record_overflow"; + case decompression_failure: + return "decompression_failure"; + case handshake_failure: + return "handshake_failure"; + case no_certificate: + return "no_certificate"; + case bad_certificate: + return "bad_certificate"; + case unsupported_certificate: + return "unsupported_certificate"; + case certificate_revoked: + return "certificate_revoked"; + case certificate_expired: + return "certificate_expired"; + case certificate_unknown: + return "certificate_unknown"; + case illegal_parameter: + return "illegal_parameter"; + case unknown_ca: + return "unknown_ca"; + case access_denied: + return "access_denied"; + case decode_error: + return "decode_error"; + case decrypt_error: + return "decrypt_error"; + case export_restriction: + return "export_restriction"; + case protocol_version: + return "protocol_version"; + case insufficient_security: + return "insufficient_security"; + case internal_error: + return "internal_error"; + case user_canceled: + return "user_canceled"; + case no_renegotiation: + return "no_renegotiation"; + case unsupported_extension: + return "unsupported_extension"; + case certificate_unobtainable: + return "certificate_unobtainable"; + case unrecognized_name: + return "unrecognized_name"; + case bad_certificate_status_response: + return "bad_certificate_status_response"; + case bad_certificate_hash_value: + return "bad_certificate_hash_value"; + case unknown_psk_identity: + return "unknown_psk_identity"; + case no_application_protocol: + return "no_application_protocol"; + case inappropriate_fallback: + return "inappropriate_fallback"; + case missing_extension: + return "missing_extension"; + case certificate_required: + return "certificate_required"; + default: + return "UNKNOWN"; + } + } + + public static string GetText(short alertDescription) + { + return GetName(alertDescription) + "(" + alertDescription + ")"; + } + } +} diff --git a/BouncyCastle/crypto/src/tls/AlertLevel.cs b/BouncyCastle/crypto/src/tls/AlertLevel.cs new file mode 100644 index 0000000..6e128e0 --- /dev/null +++ b/BouncyCastle/crypto/src/tls/AlertLevel.cs @@ -0,0 +1,29 @@ +using System; + +namespace Org.BouncyCastle.Tls +{ + /// RFC 5246 7.2 + public abstract class AlertLevel + { + public const short warning = 1; + public const short fatal = 2; + + public static string GetName(short alertDescription) + { + switch (alertDescription) + { + case warning: + return "warning"; + case fatal: + return "fatal"; + default: + return "UNKNOWN"; + } + } + + public static string GetText(short alertDescription) + { + return GetName(alertDescription) + "(" + alertDescription + ")"; + } + } +} diff --git a/BouncyCastle/crypto/src/tls/BasicTlsPskExternal.cs b/BouncyCastle/crypto/src/tls/BasicTlsPskExternal.cs new file mode 100644 index 0000000..dd9b7b2 --- /dev/null +++ b/BouncyCastle/crypto/src/tls/BasicTlsPskExternal.cs @@ -0,0 +1,42 @@ +using System; + +using Org.BouncyCastle.Tls.Crypto; +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Tls +{ + public class BasicTlsPskExternal + : TlsPskExternal + { + protected readonly byte[] m_identity; + protected readonly TlsSecret m_key; + protected readonly int m_prfAlgorithm; + + public BasicTlsPskExternal(byte[] identity, TlsSecret key) + : this(identity, key, Tls.PrfAlgorithm.tls13_hkdf_sha256) + { + } + + public BasicTlsPskExternal(byte[] identity, TlsSecret key, int prfAlgorithm) + { + this.m_identity = Arrays.Clone(identity); + this.m_key = key; + this.m_prfAlgorithm = prfAlgorithm; + } + + public virtual byte[] Identity + { + get { return m_identity; } + } + + public virtual TlsSecret Key + { + get { return m_key; } + } + + public virtual int PrfAlgorithm + { + get { return m_prfAlgorithm; } + } + } +} diff --git a/BouncyCastle/crypto/src/tls/BasicTlsPskIdentity.cs b/BouncyCastle/crypto/src/tls/BasicTlsPskIdentity.cs new file mode 100644 index 0000000..4ed385a --- /dev/null +++ b/BouncyCastle/crypto/src/tls/BasicTlsPskIdentity.cs @@ -0,0 +1,44 @@ +using System; + +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Tls +{ + /// A basic PSK Identity holder. + public class BasicTlsPskIdentity + : TlsPskIdentity + { + protected readonly byte[] m_identity; + protected readonly byte[] m_psk; + + public BasicTlsPskIdentity(byte[] identity, byte[] psk) + { + this.m_identity = Arrays.Clone(identity); + this.m_psk = Arrays.Clone(psk); + } + + public BasicTlsPskIdentity(string identity, byte[] psk) + { + this.m_identity = Strings.ToUtf8ByteArray(identity); + this.m_psk = Arrays.Clone(psk); + } + + public virtual void SkipIdentityHint() + { + } + + public virtual void NotifyIdentityHint(byte[] psk_identity_hint) + { + } + + public virtual byte[] GetPskIdentity() + { + return m_identity; + } + + public byte[] GetPsk() + { + return Arrays.Clone(m_psk); + } + } +} diff --git a/BouncyCastle/crypto/src/tls/BasicTlsSrpIdentity.cs b/BouncyCastle/crypto/src/tls/BasicTlsSrpIdentity.cs new file mode 100644 index 0000000..9a527a7 --- /dev/null +++ b/BouncyCastle/crypto/src/tls/BasicTlsSrpIdentity.cs @@ -0,0 +1,36 @@ +using System; + +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Tls +{ + /// A basic SRP Identity holder. + public class BasicTlsSrpIdentity + : TlsSrpIdentity + { + protected readonly byte[] m_identity; + protected readonly byte[] m_password; + + public BasicTlsSrpIdentity(byte[] identity, byte[] password) + { + this.m_identity = Arrays.Clone(identity); + this.m_password = Arrays.Clone(password); + } + + public BasicTlsSrpIdentity(string identity, string password) + { + this.m_identity = Strings.ToUtf8ByteArray(identity); + this.m_password = Strings.ToUtf8ByteArray(password); + } + + public virtual byte[] GetSrpIdentity() + { + return m_identity; + } + + public virtual byte[] GetSrpPassword() + { + return m_password; + } + } +} diff --git a/BouncyCastle/crypto/src/tls/ByteQueue.cs b/BouncyCastle/crypto/src/tls/ByteQueue.cs new file mode 100644 index 0000000..b024197 --- /dev/null +++ b/BouncyCastle/crypto/src/tls/ByteQueue.cs @@ -0,0 +1,195 @@ +using System; +using System.IO; + +namespace Org.BouncyCastle.Tls +{ + /// A queue for bytes. This file could be more optimized. + public sealed class ByteQueue + { + /// The smallest number which can be written as 2^x which is bigger than i. + public static int NextTwoPow(int i) + { + /* + * This code is based of a lot of code I found on the Internet which mostly + * referenced a book called "Hacking delight". + */ + i |= i >> 1; + i |= i >> 2; + i |= i >> 4; + i |= i >> 8; + i |= i >> 16; + return i + 1; + } + + /// The buffer where we store our data. + private byte[] m_databuf; + + /// How many bytes at the beginning of the buffer are skipped. + private int m_skipped = 0; + + /// How many bytes in the buffer are valid data. + private int m_available = 0; + + private bool m_readOnlyBuf = false; + + public ByteQueue() + : this(0) + { + } + + public ByteQueue(int capacity) + { + this.m_databuf = capacity == 0 ? TlsUtilities.EmptyBytes : new byte[capacity]; + } + + public ByteQueue(byte[] buf, int off, int len) + { + this.m_databuf = buf; + this.m_skipped = off; + this.m_available = len; + this.m_readOnlyBuf = true; + } + + /// Add some data to our buffer. + /// A byte-array to read data from. + /// How many bytes to skip at the beginning of the array. + /// How many bytes to read from the array. + public void AddData(byte[] buf, int off, int len) + { + if (m_readOnlyBuf) + throw new InvalidOperationException("Cannot add data to read-only buffer"); + + if ((m_skipped + m_available + len) > m_databuf.Length) + { + int desiredSize = ByteQueue.NextTwoPow(m_available + len); + if (desiredSize > m_databuf.Length) + { + byte[] tmp = new byte[desiredSize]; + Array.Copy(m_databuf, m_skipped, tmp, 0, m_available); + m_databuf = tmp; + } + else + { + Array.Copy(m_databuf, m_skipped, m_databuf, 0, m_available); + } + m_skipped = 0; + } + + Array.Copy(buf, off, m_databuf, m_skipped + m_available, len); + m_available += len; + } + + /// The number of bytes which are available in this buffer. + public int Available + { + get { return m_available; } + } + + /// Copy some bytes from the beginning of the data to the provided . + /// The to copy the bytes to. + /// How many bytes to copy. + public void CopyTo(Stream output, int length) + { + if (length > m_available) + throw new InvalidOperationException("Cannot copy " + length + " bytes, only got " + m_available); + + output.Write(m_databuf, m_skipped, length); + } + + /// Read data from the buffer. + /// The buffer where the read data will be copied to. + /// How many bytes to skip at the beginning of buf. + /// How many bytes to read at all. + /// How many bytes from our data to skip. + public void Read(byte[] buf, int offset, int len, int skip) + { + if ((buf.Length - offset) < len) + { + throw new ArgumentException("Buffer size of " + buf.Length + + " is too small for a read of " + len + " bytes"); + } + if ((m_available - skip) < len) + { + throw new InvalidOperationException("Not enough data to read"); + } + Array.Copy(m_databuf, m_skipped + skip, buf, offset, len); + } + + /// Return a over some bytes at the beginning of the data. + /// + /// How many bytes will be readable. + /// A over the data. + internal HandshakeMessageInput ReadHandshakeMessage(int length) + { + if (length > m_available) + throw new InvalidOperationException("Cannot read " + length + " bytes, only got " + m_available); + + int position = m_skipped; + + m_available -= length; + m_skipped += length; + + return new HandshakeMessageInput(m_databuf, position, length); + } + + public int ReadInt32() + { + if (m_available < 4) + throw new InvalidOperationException("Not enough data to read"); + + return TlsUtilities.ReadInt32(m_databuf, m_skipped); + } + + /// Remove some bytes from our data from the beginning. + /// How many bytes to remove. + public void RemoveData(int i) + { + if (i > m_available) + throw new InvalidOperationException("Cannot remove " + i + " bytes, only got " + m_available); + + /* + * Skip the data. + */ + m_available -= i; + m_skipped += i; + } + + /// Remove data from the buffer. + /// The buffer where the removed data will be copied to. + /// How many bytes to skip at the beginning of buf. + /// How many bytes to read at all. + /// How many bytes from our data to skip. + public void RemoveData(byte[] buf, int off, int len, int skip) + { + Read(buf, off, len, skip); + RemoveData(skip + len); + } + + public byte[] RemoveData(int len, int skip) + { + byte[] buf = new byte[len]; + RemoveData(buf, 0, len, skip); + return buf; + } + + public void Shrink() + { + if (m_available == 0) + { + m_databuf = TlsUtilities.EmptyBytes; + m_skipped = 0; + } + else + { + int desiredSize = ByteQueue.NextTwoPow(m_available); + if (desiredSize < m_databuf.Length) + { + byte[] tmp = new byte[desiredSize]; + Array.Copy(m_databuf, m_skipped, tmp, 0, m_available); + m_databuf = tmp; + m_skipped = 0; + } + } + } + } +} diff --git a/BouncyCastle/crypto/src/tls/ByteQueueInputStream.cs b/BouncyCastle/crypto/src/tls/ByteQueueInputStream.cs new file mode 100644 index 0000000..b59b5d1 --- /dev/null +++ b/BouncyCastle/crypto/src/tls/ByteQueueInputStream.cs @@ -0,0 +1,72 @@ +using System; + +using Org.BouncyCastle.Utilities.IO; + +namespace Org.BouncyCastle.Tls +{ + public sealed class ByteQueueInputStream + : BaseInputStream + { + private readonly ByteQueue m_buffer; + + public ByteQueueInputStream() + { + this.m_buffer = new ByteQueue(); + } + + public void AddBytes(byte[] buf) + { + m_buffer.AddData(buf, 0, buf.Length); + } + + public void AddBytes(byte[] buf, int bufOff, int bufLen) + { + m_buffer.AddData(buf, bufOff, bufLen); + } + + public int Peek(byte[] buf) + { + int bytesToRead = System.Math.Min(m_buffer.Available, buf.Length); + m_buffer.Read(buf, 0, bytesToRead, 0); + return bytesToRead; + } + + public override int ReadByte() + { + if (m_buffer.Available == 0) + return -1; + + return m_buffer.RemoveData(1, 0)[0]; + } + + public override int Read(byte[] buf, int off, int len) + { + int bytesToRead = System.Math.Min(m_buffer.Available, len); + m_buffer.RemoveData(buf, off, bytesToRead, 0); + return bytesToRead; + } + + public long Skip(long n) + { + int bytesToRemove = System.Math.Min((int)n, m_buffer.Available); + m_buffer.RemoveData(bytesToRemove); + return bytesToRemove; + } + + public int Available + { + get { return m_buffer.Available; } + } + +#if PORTABLE + //protected override void Dispose(bool disposing) + //{ + // base.Dispose(disposing); + //} +#else + public override void Close() + { + } +#endif + } +} diff --git a/BouncyCastle/crypto/src/tls/ByteQueueOutputStream.cs b/BouncyCastle/crypto/src/tls/ByteQueueOutputStream.cs new file mode 100644 index 0000000..76f0491 --- /dev/null +++ b/BouncyCastle/crypto/src/tls/ByteQueueOutputStream.cs @@ -0,0 +1,33 @@ +using System; + +using Org.BouncyCastle.Utilities.IO; + +namespace Org.BouncyCastle.Tls +{ + /// OutputStream based on a ByteQueue implementation. + public sealed class ByteQueueOutputStream + : BaseOutputStream + { + private readonly ByteQueue m_buffer; + + public ByteQueueOutputStream() + { + this.m_buffer = new ByteQueue(); + } + + public ByteQueue Buffer + { + get { return m_buffer; } + } + + public override void WriteByte(byte b) + { + m_buffer.AddData(new byte[]{ b }, 0, 1); + } + + public override void Write(byte[] buf, int off, int len) + { + m_buffer.AddData(buf, off, len); + } + } +} diff --git a/BouncyCastle/crypto/src/tls/CachedInformationType.cs b/BouncyCastle/crypto/src/tls/CachedInformationType.cs new file mode 100644 index 0000000..273efab --- /dev/null +++ b/BouncyCastle/crypto/src/tls/CachedInformationType.cs @@ -0,0 +1,28 @@ +using System; + +namespace Org.BouncyCastle.Tls +{ + public abstract class CachedInformationType + { + public const short cert = 1; + public const short cert_req = 2; + + public static string GetName(short cachedInformationType) + { + switch (cachedInformationType) + { + case cert: + return "cert"; + case cert_req: + return "cert_req"; + default: + return "UNKNOWN"; + } + } + + public static string GetText(short cachedInformationType) + { + return GetName(cachedInformationType) + "(" + cachedInformationType + ")"; + } + } +} diff --git a/BouncyCastle/crypto/src/tls/CertChainType.cs b/BouncyCastle/crypto/src/tls/CertChainType.cs new file mode 100644 index 0000000..8b989e8 --- /dev/null +++ b/BouncyCastle/crypto/src/tls/CertChainType.cs @@ -0,0 +1,34 @@ +using System; + +namespace Org.BouncyCastle.Tls +{ + /// Implementation of the RFC 3546 3.3. CertChainType. + public abstract class CertChainType + { + public const short individual_certs = 0; + public const short pkipath = 1; + + public static string GetName(short certChainType) + { + switch (certChainType) + { + case individual_certs: + return "individual_certs"; + case pkipath: + return "pkipath"; + default: + return "UNKNOWN"; + } + } + + public static string GetText(short certChainType) + { + return GetName(certChainType) + "(" + certChainType + ")"; + } + + public static bool IsValid(short certChainType) + { + return certChainType >= individual_certs && certChainType <= pkipath; + } + } +} diff --git a/BouncyCastle/crypto/src/tls/Certificate.cs b/BouncyCastle/crypto/src/tls/Certificate.cs new file mode 100644 index 0000000..fef35fc --- /dev/null +++ b/BouncyCastle/crypto/src/tls/Certificate.cs @@ -0,0 +1,294 @@ +using System; +using System.Collections; +using System.IO; + +using Org.BouncyCastle.Tls.Crypto; +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Tls +{ + /// Parsing and encoding of a Certificate struct from RFC 4346. + /// + /// 
    +    /// opaque ASN.1Cert<2^24-1>;
+    /// struct {
+    ///   ASN.1Cert certificate_list<0..2^24-1>;
+    /// } Certificate;
+    ///
    + ///     + public sealed class Certificate + { + private static readonly TlsCertificate[] EmptyCerts = new TlsCertificate[0]; + private static readonly CertificateEntry[] EmptyCertEntries = new CertificateEntry[0]; + + public static readonly Certificate EmptyChain = new Certificate(EmptyCerts); + public static readonly Certificate EmptyChainTls13 = new Certificate(TlsUtilities.EmptyBytes, EmptyCertEntries); + + public sealed class ParseOptions + { + private int m_maxChainLength = int.MaxValue; + + public int MaxChainLength + { + get { return m_maxChainLength; } + } + + public ParseOptions SetMaxChainLength(int maxChainLength) + { + this.m_maxChainLength = maxChainLength; + return this; + } + } + + private static CertificateEntry[] Convert(TlsCertificate[] certificateList) + { + if (TlsUtilities.IsNullOrContainsNull(certificateList)) + throw new ArgumentException("cannot be null or contain any nulls", "certificateList"); + + int count = certificateList.Length; + CertificateEntry[] result = new CertificateEntry[count]; + for (int i = 0; i < count; ++i) + { + result[i] = new CertificateEntry(certificateList[i], null); + } + return result; + } + + private readonly byte[] m_certificateRequestContext; + private readonly CertificateEntry[] m_certificateEntryList; + + public Certificate(TlsCertificate[] certificateList) + : this(null, Convert(certificateList)) + { + } + + // TODO[tls13] Prefer to manage the certificateRequestContext internally only? + public Certificate(byte[] certificateRequestContext, CertificateEntry[] certificateEntryList) + { + if (null != certificateRequestContext && !TlsUtilities.IsValidUint8(certificateRequestContext.Length)) + throw new ArgumentException("cannot be longer than 255", "certificateRequestContext"); + if (TlsUtilities.IsNullOrContainsNull(certificateEntryList)) + throw new ArgumentException("cannot be null or contain any nulls", "certificateEntryList"); + + this.m_certificateRequestContext = TlsUtilities.Clone(certificateRequestContext); + this.m_certificateEntryList = certificateEntryList; + } + + public byte[] GetCertificateRequestContext() + { + return TlsUtilities.Clone(m_certificateRequestContext); + } + + /// an array of representing a certificate chain. + public TlsCertificate[] GetCertificateList() + { + return CloneCertificateList(); + } + + public TlsCertificate GetCertificateAt(int index) + { + return m_certificateEntryList[index].Certificate; + } + + public CertificateEntry GetCertificateEntryAt(int index) + { + return m_certificateEntryList[index]; + } + + public CertificateEntry[] GetCertificateEntryList() + { + return CloneCertificateEntryList(); + } + + public short CertificateType + { + get { return Tls.CertificateType.X509; } + } + + public int Length + { + get { return m_certificateEntryList.Length; } + } + + /// true if this certificate chain contains no certificates, or false otherwise. + /// + public bool IsEmpty + { + get { return m_certificateEntryList.Length == 0; } + } + + /// Encode this to a , and optionally calculate the + /// "end point hash" (per RFC 5929's tls-server-end-point binding). + /// the of the current connection. + /// the to encode to. + /// the to write the "end point hash" to (or null). + /// + /// + public void Encode(TlsContext context, Stream messageOutput, Stream endPointHashOutput) + { + bool isTlsV13 = TlsUtilities.IsTlsV13(context); + + if ((null != m_certificateRequestContext) != isTlsV13) + throw new InvalidOperationException(); + + if (isTlsV13) + { + TlsUtilities.WriteOpaque8(m_certificateRequestContext, messageOutput); + } + + int count = m_certificateEntryList.Length; + IList certEncodings = Platform.CreateArrayList(count); + IList extEncodings = isTlsV13 ? Platform.CreateArrayList(count) : null; + + long totalLength = 0; + for (int i = 0; i < count; ++i) + { + CertificateEntry entry = m_certificateEntryList[i]; + TlsCertificate cert = entry.Certificate; + byte[] derEncoding = cert.GetEncoded(); + + if (i == 0 && endPointHashOutput != null) + { + CalculateEndPointHash(context, cert, derEncoding, endPointHashOutput); + } + + certEncodings.Add(derEncoding); + totalLength += derEncoding.Length; + totalLength += 3; + + if (isTlsV13) + { + IDictionary extensions = entry.Extensions; + byte[] extEncoding = (null == extensions) + ? TlsUtilities.EmptyBytes + : TlsProtocol.WriteExtensionsData(extensions); + + extEncodings.Add(extEncoding); + totalLength += extEncoding.Length; + totalLength += 2; + } + } + + TlsUtilities.CheckUint24(totalLength); + TlsUtilities.WriteUint24((int)totalLength, messageOutput); + + for (int i = 0; i < count; ++i) + { + byte[] certEncoding = (byte[])certEncodings[i]; + TlsUtilities.WriteOpaque24(certEncoding, messageOutput); + + if (isTlsV13) + { + byte[] extEncoding = (byte[])extEncodings[i]; + TlsUtilities.WriteOpaque16(extEncoding, messageOutput); + } + } + } + + /// Parse a from a . + /// the to apply during parsing. + /// the of the current connection. + /// the to parse from. + /// the to write the "end point hash" to (or null). + /// + /// a object. + /// + public static Certificate Parse(ParseOptions options, TlsContext context, Stream messageInput, + Stream endPointHashOutput) + { + SecurityParameters securityParameters = context.SecurityParameters; + bool isTlsV13 = TlsUtilities.IsTlsV13(securityParameters.NegotiatedVersion); + + byte[] certificateRequestContext = null; + if (isTlsV13) + { + certificateRequestContext = TlsUtilities.ReadOpaque8(messageInput); + } + + int totalLength = TlsUtilities.ReadUint24(messageInput); + if (totalLength == 0) + { + return !isTlsV13 ? EmptyChain + : certificateRequestContext.Length < 1 ? EmptyChainTls13 + : new Certificate(certificateRequestContext, EmptyCertEntries); + } + + byte[] certListData = TlsUtilities.ReadFully(totalLength, messageInput); + MemoryStream buf = new MemoryStream(certListData, false); + + TlsCrypto crypto = context.Crypto; + int maxChainLength = System.Math.Max(1, options.MaxChainLength); + + IList certificate_list = Platform.CreateArrayList(); + while (buf.Position < buf.Length) + { + if (certificate_list.Count >= maxChainLength) + { + throw new TlsFatalAlert(AlertDescription.internal_error, + "Certificate chain longer than maximum (" + maxChainLength + ")"); + } + + byte[] derEncoding = TlsUtilities.ReadOpaque24(buf, 1); + TlsCertificate cert = crypto.CreateCertificate(derEncoding); + + if (certificate_list.Count < 1 && endPointHashOutput != null) + { + CalculateEndPointHash(context, cert, derEncoding, endPointHashOutput); + } + + IDictionary extensions = null; + if (isTlsV13) + { + byte[] extEncoding = TlsUtilities.ReadOpaque16(buf); + + extensions = TlsProtocol.ReadExtensionsData13(HandshakeType.certificate, extEncoding); + } + + certificate_list.Add(new CertificateEntry(cert, extensions)); + } + + CertificateEntry[] certificateList = new CertificateEntry[certificate_list.Count]; + for (int i = 0; i < certificate_list.Count; i++) + { + certificateList[i] = (CertificateEntry)certificate_list[i]; + } + + return new Certificate(certificateRequestContext, certificateList); + } + + private static void CalculateEndPointHash(TlsContext context, TlsCertificate cert, byte[] encoding, + Stream output) + { + byte[] endPointHash = TlsUtilities.CalculateEndPointHash(context, cert, encoding); + if (endPointHash != null && endPointHash.Length > 0) + { + output.Write(endPointHash, 0, endPointHash.Length); + } + } + + private TlsCertificate[] CloneCertificateList() + { + int count = m_certificateEntryList.Length; + if (0 == count) + return EmptyCerts; + + TlsCertificate[] result = new TlsCertificate[count]; + for (int i = 0; i < count; ++i) + { + result[i] = m_certificateEntryList[i].Certificate; + } + return result; + } + + private CertificateEntry[] CloneCertificateEntryList() + { + int count = m_certificateEntryList.Length; + if (0 == count) + return EmptyCertEntries; + + CertificateEntry[] result = new CertificateEntry[count]; + Array.Copy(m_certificateEntryList, 0, result, 0, count); + return result; + } + } +} diff --git a/BouncyCastle/crypto/src/tls/CertificateCompressionAlgorithm.cs b/BouncyCastle/crypto/src/tls/CertificateCompressionAlgorithm.cs new file mode 100644 index 0000000..4b6ebda --- /dev/null +++ b/BouncyCastle/crypto/src/tls/CertificateCompressionAlgorithm.cs @@ -0,0 +1,47 @@ +using System; + +namespace Org.BouncyCastle.Tls +{ + /** + * RFC 8879 + */ + public abstract class CertificateCompressionAlgorithm + { + public const int zlib = 1; + public const int brotli = 2; + public const int zstd = 3; + + public static string GetName(int certificateCompressionAlgorithm) + { + switch (certificateCompressionAlgorithm) + { + case zlib: + return "zlib"; + case brotli: + return "brotli"; + case zstd: + return "zstd"; + default: + return "UNKNOWN"; + } + } + + public static string GetText(int certificateCompressionAlgorithm) + { + return GetName(certificateCompressionAlgorithm) + "(" + certificateCompressionAlgorithm + ")"; + } + + public static bool IsRecognized(int certificateCompressionAlgorithm) + { + switch (certificateCompressionAlgorithm) + { + case zlib: + case brotli: + case zstd: + return true; + default: + return false; + } + } + } +} diff --git a/BouncyCastle/crypto/src/tls/CertificateEntry.cs b/BouncyCastle/crypto/src/tls/CertificateEntry.cs new file mode 100644 index 0000000..b886775 --- /dev/null +++ b/BouncyCastle/crypto/src/tls/CertificateEntry.cs @@ -0,0 +1,32 @@ +using System; +using System.Collections; + +using Org.BouncyCastle.Tls.Crypto; + +namespace Org.BouncyCastle.Tls +{ + public sealed class CertificateEntry + { + private readonly TlsCertificate m_certificate; + private readonly IDictionary m_extensions; + + public CertificateEntry(TlsCertificate certificate, IDictionary extensions) + { + if (null == certificate) + throw new ArgumentNullException("certificate"); + + this.m_certificate = certificate; + this.m_extensions = extensions; + } + + public TlsCertificate Certificate + { + get { return m_certificate; } + } + + public IDictionary Extensions + { + get { return m_extensions; } + } + } +} diff --git a/BouncyCastle/crypto/src/tls/CertificateRequest.cs b/BouncyCastle/crypto/src/tls/CertificateRequest.cs new file mode 100644 index 0000000..8005731 --- /dev/null +++ b/BouncyCastle/crypto/src/tls/CertificateRequest.cs @@ -0,0 +1,278 @@ +using System; +using System.Collections; +using System.IO; + +using Org.BouncyCastle.Asn1; +using Org.BouncyCastle.Asn1.X509; +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Tls +{ + /// Parsing and encoding of a CertificateRequest struct from RFC 4346. + /// + /// 
    +    /// struct {
+    ///   ClientCertificateType certificate_types<1..2^8-1>;
+    ///   DistinguishedName certificate_authorities<3..2^16-1>;
+    /// } CertificateRequest;
+    ///
    + /// Updated for RFC 5246: + /// 
    +    /// struct {
+    ///   ClientCertificateType certificate_types <1..2 ^ 8 - 1>;
+    ///   SignatureAndHashAlgorithm supported_signature_algorithms <2 ^ 16 - 1>;
+    ///   DistinguishedName certificate_authorities <0..2 ^ 16 - 1>;
+    /// } CertificateRequest;
+    ///
    + /// Revised for RFC 8446: + /// 
    +    /// struct {
+    ///   opaque certificate_request_context <0..2 ^ 8 - 1>;
+    ///   Extension extensions <2..2 ^ 16 - 1>;
+    /// } CertificateRequest;
+    ///
    + ///     + /// + /// + public sealed class CertificateRequest + { + /// + private static IList CheckSupportedSignatureAlgorithms(IList supportedSignatureAlgorithms, + short alertDescription) + { + if (null == supportedSignatureAlgorithms) + throw new TlsFatalAlert(alertDescription, "'signature_algorithms' is required"); + + return supportedSignatureAlgorithms; + } + + private readonly byte[] m_certificateRequestContext; + private readonly short[] m_certificateTypes; + private readonly IList m_supportedSignatureAlgorithms; + private readonly IList m_supportedSignatureAlgorithmsCert; + private readonly IList m_certificateAuthorities; + + /// see for valid constants. + /// + /// an of . + public CertificateRequest(short[] certificateTypes, IList supportedSignatureAlgorithms, + IList certificateAuthorities) + : this(null, certificateTypes, supportedSignatureAlgorithms, null, certificateAuthorities) + { + } + + // TODO[tls13] Prefer to manage the certificateRequestContext internally only? + /// + public CertificateRequest(byte[] certificateRequestContext, IList supportedSignatureAlgorithms, + IList supportedSignatureAlgorithmsCert, IList certificateAuthorities) + : this(certificateRequestContext, null, + CheckSupportedSignatureAlgorithms(supportedSignatureAlgorithms, AlertDescription.internal_error), + supportedSignatureAlgorithmsCert, certificateAuthorities) + { + /* + * TODO[tls13] Removed certificateTypes, added certificate_request_context, added extensions + * (required: signature_algorithms, optional: status_request, signed_certificate_timestamp, + * certificate_authorities, oid_filters, signature_algorithms_cert) + */ + } + + private CertificateRequest(byte[] certificateRequestContext, short[] certificateTypes, + IList supportedSignatureAlgorithms, IList supportedSignatureAlgorithmsCert, IList certificateAuthorities) + { + if (null != certificateRequestContext && !TlsUtilities.IsValidUint8(certificateRequestContext.Length)) + throw new ArgumentException("cannot be longer than 255", "certificateRequestContext"); + if (null != certificateTypes + && (certificateTypes.Length < 1 || !TlsUtilities.IsValidUint8(certificateTypes.Length))) + { + throw new ArgumentException("should have length from 1 to 255", "certificateTypes"); + } + + this.m_certificateRequestContext = TlsUtilities.Clone(certificateRequestContext); + this.m_certificateTypes = certificateTypes; + this.m_supportedSignatureAlgorithms = supportedSignatureAlgorithms; + this.m_supportedSignatureAlgorithmsCert = supportedSignatureAlgorithmsCert; + this.m_certificateAuthorities = certificateAuthorities; + } + + public byte[] GetCertificateRequestContext() + { + return TlsUtilities.Clone(m_certificateRequestContext); + } + + /// an array of certificate types + /// + public short[] CertificateTypes + { + get { return m_certificateTypes; } + } + + /// an of (or null before TLS 1.2). + /// + public IList SupportedSignatureAlgorithms + { + get { return m_supportedSignatureAlgorithms; } + } + + /// an optional of . May be non-null from + /// TLS 1.3 onwards. + public IList SupportedSignatureAlgorithmsCert + { + get { return m_supportedSignatureAlgorithmsCert; } + } + + /// an of . + public IList CertificateAuthorities + { + get { return m_certificateAuthorities; } + } + + public bool HasCertificateRequestContext(byte[] certificateRequestContext) + { + return Arrays.AreEqual(m_certificateRequestContext, certificateRequestContext); + } + + /// Encode this to a . + /// the of the current connection. + /// the to encode to. + /// + public void Encode(TlsContext context, Stream output) + { + ProtocolVersion negotiatedVersion = context.ServerVersion; + bool isTlsV12 = TlsUtilities.IsTlsV12(negotiatedVersion); + bool isTlsV13 = TlsUtilities.IsTlsV13(negotiatedVersion); + + if (isTlsV13 != (null != m_certificateRequestContext) || + isTlsV13 != (null == m_certificateTypes) || + isTlsV12 != (null != m_supportedSignatureAlgorithms) || + (!isTlsV13 && (null != m_supportedSignatureAlgorithmsCert))) + { + throw new InvalidOperationException(); + } + + if (isTlsV13) + { + TlsUtilities.WriteOpaque8(m_certificateRequestContext, output); + + IDictionary extensions = Platform.CreateHashtable(); + TlsExtensionsUtilities.AddSignatureAlgorithmsExtension(extensions, m_supportedSignatureAlgorithms); + + if (null != m_supportedSignatureAlgorithmsCert) + { + TlsExtensionsUtilities.AddSignatureAlgorithmsCertExtension(extensions, + m_supportedSignatureAlgorithmsCert); + } + + if (null != m_certificateAuthorities) + { + TlsExtensionsUtilities.AddCertificateAuthoritiesExtension(extensions, m_certificateAuthorities); + } + + byte[] extEncoding = TlsProtocol.WriteExtensionsData(extensions); + + TlsUtilities.WriteOpaque16(extEncoding, output); + return; + } + + TlsUtilities.WriteUint8ArrayWithUint8Length(m_certificateTypes, output); + + if (isTlsV12) + { + // TODO Check whether SignatureAlgorithm.anonymous is allowed here + TlsUtilities.EncodeSupportedSignatureAlgorithms(m_supportedSignatureAlgorithms, output); + } + + if (m_certificateAuthorities == null || m_certificateAuthorities.Count < 1) + { + TlsUtilities.WriteUint16(0, output); + } + else + { + IList derEncodings = Platform.CreateArrayList(m_certificateAuthorities.Count); + + int totalLength = 0; + foreach (X509Name certificateAuthority in m_certificateAuthorities) + { + byte[] derEncoding = certificateAuthority.GetEncoded(Asn1Encodable.Der); + derEncodings.Add(derEncoding); + totalLength += derEncoding.Length + 2; + } + + TlsUtilities.CheckUint16(totalLength); + TlsUtilities.WriteUint16(totalLength, output); + + foreach (byte[] derEncoding in derEncodings) + { + TlsUtilities.WriteOpaque16(derEncoding, output); + } + } + } + + /// Parse a from a + /// the of the current connection. + /// the to parse from. + /// a object. + /// + public static CertificateRequest Parse(TlsContext context, Stream input) + { + ProtocolVersion negotiatedVersion = context.ServerVersion; + bool isTlsV13 = TlsUtilities.IsTlsV13(negotiatedVersion); + + if (isTlsV13) + { + byte[] certificateRequestContext = TlsUtilities.ReadOpaque8(input); + + /* + * TODO[tls13] required: signature_algorithms; optional: status_request, + * signed_certificate_timestamp, certificate_authorities, oid_filters, + * signature_algorithms_cert + */ + + byte[] extEncoding = TlsUtilities.ReadOpaque16(input); + + IDictionary extensions = TlsProtocol.ReadExtensionsData13(HandshakeType.certificate_request, + extEncoding); + + IList supportedSignatureAlgorithms13 = CheckSupportedSignatureAlgorithms( + TlsExtensionsUtilities.GetSignatureAlgorithmsExtension(extensions), + AlertDescription.missing_extension); + IList supportedSignatureAlgorithmsCert13 = TlsExtensionsUtilities + .GetSignatureAlgorithmsCertExtension(extensions); + IList certificateAuthorities13 = TlsExtensionsUtilities.GetCertificateAuthoritiesExtension(extensions); + + return new CertificateRequest(certificateRequestContext, supportedSignatureAlgorithms13, + supportedSignatureAlgorithmsCert13, certificateAuthorities13); + } + + bool isTLSv12 = TlsUtilities.IsTlsV12(negotiatedVersion); + + short[] certificateTypes = TlsUtilities.ReadUint8ArrayWithUint8Length(input, 1); + + IList supportedSignatureAlgorithms = null; + if (isTLSv12) + { + supportedSignatureAlgorithms = TlsUtilities.ParseSupportedSignatureAlgorithms(input); + } + + IList certificateAuthorities = null; + { + byte[] certAuthData = TlsUtilities.ReadOpaque16(input); + if (certAuthData.Length > 0) + { + certificateAuthorities = Platform.CreateArrayList(); + MemoryStream bis = new MemoryStream(certAuthData, false); + do + { + byte[] derEncoding = TlsUtilities.ReadOpaque16(bis, 1); + Asn1Object asn1 = TlsUtilities.ReadAsn1Object(derEncoding); + X509Name ca = X509Name.GetInstance(asn1); + TlsUtilities.RequireDerEncoding(ca, derEncoding); + certificateAuthorities.Add(ca); + } + while (bis.Position < bis.Length); + } + } + + return new CertificateRequest(certificateTypes, supportedSignatureAlgorithms, certificateAuthorities); + } + } +} diff --git a/BouncyCastle/crypto/src/tls/CertificateStatus.cs b/BouncyCastle/crypto/src/tls/CertificateStatus.cs new file mode 100644 index 0000000..cbf5600 --- /dev/null +++ b/BouncyCastle/crypto/src/tls/CertificateStatus.cs @@ -0,0 +1,226 @@ +using System; +using System.Collections; +using System.IO; + +using Org.BouncyCastle.Asn1; +using Org.BouncyCastle.Asn1.Ocsp; +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Tls +{ + public sealed class CertificateStatus + { + private readonly short m_statusType; + private readonly object m_response; + + public CertificateStatus(short statusType, object response) + { + if (!IsCorrectType(statusType, response)) + throw new ArgumentException("not an instance of the correct type", "response"); + + this.m_statusType = statusType; + this.m_response = response; + } + + public short StatusType + { + get { return m_statusType; } + } + + public object Response + { + get { return m_response; } + } + + public OcspResponse OcspResponse + { + get + { + if (!IsCorrectType(CertificateStatusType.ocsp, m_response)) + throw new InvalidOperationException("'response' is not an OCSPResponse"); + + return (OcspResponse)m_response; + } + } + + /// an of (possibly null) . + public IList OcspResponseList + { + get + { + if (!IsCorrectType(CertificateStatusType.ocsp_multi, m_response)) + throw new InvalidOperationException("'response' is not an OCSPResponseList"); + + return (IList)m_response; + } + } + + /// Encode this to a . + /// the to encode to. + /// + public void Encode(Stream output) + { + TlsUtilities.WriteUint8(m_statusType, output); + + switch (m_statusType) + { + case CertificateStatusType.ocsp: + { + OcspResponse ocspResponse = (OcspResponse)m_response; + byte[] derEncoding = ocspResponse.GetEncoded(Asn1Encodable.Der); + TlsUtilities.WriteOpaque24(derEncoding, output); + break; + } + case CertificateStatusType.ocsp_multi: + { + IList ocspResponseList = (IList)m_response; + int count = ocspResponseList.Count; + + IList derEncodings = Platform.CreateArrayList(count); + long totalLength = 0; + foreach (OcspResponse ocspResponse in ocspResponseList) + { + if (ocspResponse == null) + { + derEncodings.Add(TlsUtilities.EmptyBytes); + } + else + { + byte[] derEncoding = ocspResponse.GetEncoded(Asn1Encodable.Der); + derEncodings.Add(derEncoding); + totalLength += derEncoding.Length; + } + totalLength += 3; + } + + TlsUtilities.CheckUint24(totalLength); + TlsUtilities.WriteUint24((int)totalLength, output); + + foreach (byte[] derEncoding in derEncodings) + { + TlsUtilities.WriteOpaque24(derEncoding, output); + } + + break; + } + default: + throw new TlsFatalAlert(AlertDescription.internal_error); + } + } + + /// Parse a from a . + /// the of the current connection. + /// the to parse from. + /// a object. + /// + public static CertificateStatus Parse(TlsContext context, Stream input) + { + SecurityParameters securityParameters = context.SecurityParameters; + + Certificate peerCertificate = securityParameters.PeerCertificate; + if (null == peerCertificate || peerCertificate.IsEmpty + || CertificateType.X509 != peerCertificate.CertificateType) + { + throw new TlsFatalAlert(AlertDescription.internal_error); + } + + int certificateCount = peerCertificate.Length; + int statusRequestVersion = securityParameters.StatusRequestVersion; + + short status_type = TlsUtilities.ReadUint8(input); + object response; + + switch (status_type) + { + case CertificateStatusType.ocsp: + { + RequireStatusRequestVersion(1, statusRequestVersion); + + byte[] derEncoding = TlsUtilities.ReadOpaque24(input, 1); + response = ParseOcspResponse(derEncoding); + break; + } + case CertificateStatusType.ocsp_multi: + { + RequireStatusRequestVersion(2, statusRequestVersion); + + byte[] ocsp_response_list = TlsUtilities.ReadOpaque24(input, 1); + MemoryStream buf = new MemoryStream(ocsp_response_list, false); + + IList ocspResponseList = Platform.CreateArrayList(); + while (buf.Position < buf.Length) + { + if (ocspResponseList.Count >= certificateCount) + throw new TlsFatalAlert(AlertDescription.illegal_parameter); + + int length = TlsUtilities.ReadUint24(buf); + if (length < 1) + { + ocspResponseList.Add(null); + } + else + { + byte[] derEncoding = TlsUtilities.ReadFully(length, buf); + ocspResponseList.Add(ParseOcspResponse(derEncoding)); + } + } + + // Match IList capacity to actual size + response = Platform.CreateArrayList(ocspResponseList); + break; + } + default: + throw new TlsFatalAlert(AlertDescription.decode_error); + } + + return new CertificateStatus(status_type, response); + } + + private static bool IsCorrectType(short statusType, Object response) + { + switch (statusType) + { + case CertificateStatusType.ocsp: + return response is OcspResponse; + case CertificateStatusType.ocsp_multi: + return IsOcspResponseList(response); + default: + throw new ArgumentException("unsupported CertificateStatusType", "statusType"); + } + } + + private static bool IsOcspResponseList(object response) + { + if (!(response is IList)) + return false; + + IList v = (IList)response; + int count = v.Count; + if (count < 1) + return false; + + foreach (object e in v) + { + if (null != e && !(e is OcspResponse)) + return false; + } + return true; + } + + /// + private static OcspResponse ParseOcspResponse(byte[] derEncoding) + { + Asn1Object asn1 = TlsUtilities.ReadAsn1Object(derEncoding); + OcspResponse ocspResponse = OcspResponse.GetInstance(asn1); + TlsUtilities.RequireDerEncoding(ocspResponse, derEncoding); + return ocspResponse; + } + + /// + private static void RequireStatusRequestVersion(int minVersion, int statusRequestVersion) + { + if (statusRequestVersion < minVersion) + throw new TlsFatalAlert(AlertDescription.decode_error); + } + } +} diff --git a/BouncyCastle/crypto/src/tls/CertificateStatusRequest.cs b/BouncyCastle/crypto/src/tls/CertificateStatusRequest.cs new file mode 100644 index 0000000..4731316 --- /dev/null +++ b/BouncyCastle/crypto/src/tls/CertificateStatusRequest.cs @@ -0,0 +1,91 @@ +using System; +using System.IO; + +namespace Org.BouncyCastle.Tls +{ + /// Implementation of the RFC 3546 3.6. CertificateStatusRequest. + public sealed class CertificateStatusRequest + { + private short m_statusType; + private object m_request; + + public CertificateStatusRequest(short statusType, object request) + { + if (!IsCorrectType(statusType, request)) + throw new ArgumentException("not an instance of the correct type", "request"); + + this.m_statusType = statusType; + this.m_request = request; + } + + public short StatusType + { + get { return m_statusType; } + } + + public object Request + { + get { return m_request; } + } + + public OcspStatusRequest OcspStatusRequest + { + get + { + if (!IsCorrectType(CertificateStatusType.ocsp, m_request)) + throw new InvalidOperationException("'request' is not an OCSPStatusRequest"); + + return (OcspStatusRequest)m_request; + } + } + + /// Encode this to a . + /// the to encode to. + /// + public void Encode(Stream output) + { + TlsUtilities.WriteUint8(m_statusType, output); + + switch (m_statusType) + { + case CertificateStatusType.ocsp: + ((OcspStatusRequest)m_request).Encode(output); + break; + default: + throw new TlsFatalAlert(AlertDescription.internal_error); + } + } + + /// Parse a from a . + /// the to parse from. + /// a object. + /// + public static CertificateStatusRequest Parse(Stream input) + { + short status_type = TlsUtilities.ReadUint8(input); + object request; + + switch (status_type) + { + case CertificateStatusType.ocsp: + request = OcspStatusRequest.Parse(input); + break; + default: + throw new TlsFatalAlert(AlertDescription.decode_error); + } + + return new CertificateStatusRequest(status_type, request); + } + + private static bool IsCorrectType(short statusType, object request) + { + switch (statusType) + { + case CertificateStatusType.ocsp: + return request is OcspStatusRequest; + default: + throw new ArgumentException("unsupported CertificateStatusType", "statusType"); + } + } + } +} diff --git a/BouncyCastle/crypto/src/tls/CertificateStatusRequestItemV2.cs b/BouncyCastle/crypto/src/tls/CertificateStatusRequestItemV2.cs new file mode 100644 index 0000000..a30d9ad --- /dev/null +++ b/BouncyCastle/crypto/src/tls/CertificateStatusRequestItemV2.cs @@ -0,0 +1,100 @@ +using System; +using System.IO; + +namespace Org.BouncyCastle.Tls +{ + /// Implementation of the RFC 6961 2.2. CertificateStatusRequestItemV2. + public sealed class CertificateStatusRequestItemV2 + { + private readonly short m_statusType; + private readonly object m_request; + + public CertificateStatusRequestItemV2(short statusType, object request) + { + if (!IsCorrectType(statusType, request)) + throw new ArgumentException("not an instance of the correct type", "request"); + + this.m_statusType = statusType; + this.m_request = request; + } + + public short StatusType + { + get { return m_statusType; } + } + + public object Request + { + get { return m_request; } + } + + public OcspStatusRequest OcspStatusRequest + { + get + { + if (!(m_request is OcspStatusRequest)) + throw new InvalidOperationException("'request' is not an OcspStatusRequest"); + + return (OcspStatusRequest)m_request; + } + } + + /// Encode this to a . + /// the to encode to. + /// + public void Encode(Stream output) + { + TlsUtilities.WriteUint8(m_statusType, output); + + MemoryStream buf = new MemoryStream(); + switch (m_statusType) + { + case CertificateStatusType.ocsp: + case CertificateStatusType.ocsp_multi: + ((OcspStatusRequest)m_request).Encode(buf); + break; + default: + throw new TlsFatalAlert(AlertDescription.internal_error); + } + byte[] requestBytes = buf.ToArray(); + TlsUtilities.WriteOpaque16(requestBytes, output); + } + + /// Parse a from a . + /// the to parse from. + /// a object. + /// + public static CertificateStatusRequestItemV2 Parse(Stream input) + { + short status_type = TlsUtilities.ReadUint8(input); + + object request; + byte[] requestBytes = TlsUtilities.ReadOpaque16(input); + MemoryStream buf = new MemoryStream(requestBytes, false); + switch (status_type) + { + case CertificateStatusType.ocsp: + case CertificateStatusType.ocsp_multi: + request = OcspStatusRequest.Parse(buf); + break; + default: + throw new TlsFatalAlert(AlertDescription.decode_error); + } + TlsProtocol.AssertEmpty(buf); + + return new CertificateStatusRequestItemV2(status_type, request); + } + + private static bool IsCorrectType(short statusType, object request) + { + switch (statusType) + { + case CertificateStatusType.ocsp: + case CertificateStatusType.ocsp_multi: + return request is OcspStatusRequest; + default: + throw new ArgumentException("unsupported CertificateStatusType", "statusType"); + } + } + } +} diff --git a/BouncyCastle/crypto/src/tls/CertificateStatusType.cs b/BouncyCastle/crypto/src/tls/CertificateStatusType.cs new file mode 100644 index 0000000..bb0c424 --- /dev/null +++ b/BouncyCastle/crypto/src/tls/CertificateStatusType.cs @@ -0,0 +1,17 @@ +using System; + +namespace Org.BouncyCastle.Tls +{ + public abstract class CertificateStatusType + { + /* + * RFC 6066 + */ + public const short ocsp = 1; + + /* + * RFC 6961 + */ + public const short ocsp_multi = 2; + } +} diff --git a/BouncyCastle/crypto/src/tls/CertificateType.cs b/BouncyCastle/crypto/src/tls/CertificateType.cs new file mode 100644 index 0000000..eed3024 --- /dev/null +++ b/BouncyCastle/crypto/src/tls/CertificateType.cs @@ -0,0 +1,16 @@ +using System; + +namespace Org.BouncyCastle.Tls +{ + /// RFC 6091 + public abstract class CertificateType + { + public const short X509 = 0; + public const short OpenPGP = 1; + + /* + * RFC 7250 + */ + public const short RawPublicKey = 2; + } +} diff --git a/BouncyCastle/crypto/src/tls/CertificateUrl.cs b/BouncyCastle/crypto/src/tls/CertificateUrl.cs new file mode 100644 index 0000000..d244577 --- /dev/null +++ b/BouncyCastle/crypto/src/tls/CertificateUrl.cs @@ -0,0 +1,116 @@ +using System; +using System.Collections; +using System.IO; + +using Org.BouncyCastle.Utilities; +using Org.BouncyCastle.Utilities.IO; + +namespace Org.BouncyCastle.Tls +{ + /// RFC 3546 3.3 + public sealed class CertificateUrl + { + private readonly short m_type; + private readonly IList m_urlAndHashList; + + /// see for valid constants. + /// an of . + public CertificateUrl(short type, IList urlAndHashList) + { + if (!CertChainType.IsValid(type)) + throw new ArgumentException("not a valid CertChainType value", "type"); + if (urlAndHashList == null || urlAndHashList.Count < 1) + throw new ArgumentException("must have length > 0", "urlAndHashList"); + if (type == CertChainType.pkipath && urlAndHashList.Count != 1) + throw new ArgumentException("must contain exactly one entry when type is " + + CertChainType.GetText(type), "urlAndHashList"); + + this.m_type = type; + this.m_urlAndHashList = urlAndHashList; + } + + /// + public short Type + { + get { return m_type; } + } + + /// an of . + public IList UrlAndHashList + { + get { return m_urlAndHashList; } + } + + /// Encode this to a . + /// the to encode to. + /// + public void Encode(Stream output) + { + TlsUtilities.WriteUint8(m_type, output); + + ListBuffer16 buf = new ListBuffer16(); + foreach (UrlAndHash urlAndHash in m_urlAndHashList) + { + urlAndHash.Encode(buf); + } + buf.EncodeTo(output); + } + + /// Parse a from a . + /// the of the current connection. + /// the to parse from. + /// a object. + /// + public static CertificateUrl Parse(TlsContext context, Stream input) + { + short type = TlsUtilities.ReadUint8(input); + if (!CertChainType.IsValid(type)) + throw new TlsFatalAlert(AlertDescription.decode_error); + + int totalLength = TlsUtilities.ReadUint16(input); + if (totalLength < 1) + throw new TlsFatalAlert(AlertDescription.decode_error); + + byte[] urlAndHashListData = TlsUtilities.ReadFully(totalLength, input); + + MemoryStream buf = new MemoryStream(urlAndHashListData, false); + + IList url_and_hash_list = Platform.CreateArrayList(); + while (buf.Position < buf.Length) + { + UrlAndHash url_and_hash = UrlAndHash.Parse(context, buf); + url_and_hash_list.Add(url_and_hash); + } + + if (type == CertChainType.pkipath && url_and_hash_list.Count != 1) + throw new TlsFatalAlert(AlertDescription.decode_error); + + return new CertificateUrl(type, url_and_hash_list); + } + + // TODO Could be more generally useful + internal class ListBuffer16 + : MemoryStream + { + internal ListBuffer16() + { + // Reserve space for length + TlsUtilities.WriteUint16(0, this); + } + + internal void EncodeTo(Stream output) + { + // Patch actual length back in + int length = (int)Length - 2; + TlsUtilities.CheckUint16(length); + + Seek(0L, SeekOrigin.Begin); + TlsUtilities.WriteUint16(length, this); + + Streams.WriteBufTo(this, output); + + Platform.Dispose(this); + } + } + } +} diff --git a/BouncyCastle/crypto/src/tls/ChangeCipherSpec.cs b/BouncyCastle/crypto/src/tls/ChangeCipherSpec.cs new file mode 100644 index 0000000..f83fdb4 --- /dev/null +++ b/BouncyCastle/crypto/src/tls/ChangeCipherSpec.cs @@ -0,0 +1,9 @@ +using System; + +namespace Org.BouncyCastle.Tls +{ + public abstract class ChangeCipherSpec + { + public const short change_cipher_spec = 1; + } +} diff --git a/BouncyCastle/crypto/src/tls/ChannelBinding.cs b/BouncyCastle/crypto/src/tls/ChannelBinding.cs new file mode 100644 index 0000000..84f8bc4 --- /dev/null +++ b/BouncyCastle/crypto/src/tls/ChannelBinding.cs @@ -0,0 +1,19 @@ +using System; + +namespace Org.BouncyCastle.Tls +{ + /// RFC 5056 + /// + /// Note that the values here are implementation-specific and arbitrary. It is recommended not to depend on the + /// particular values (e.g.serialization). + /// + public abstract class ChannelBinding + { + /* + * RFC 5929 + */ + public const int tls_server_end_point = 0; + public const int tls_unique = 1; + public const int tls_unique_for_telnet = 2; + } +} diff --git a/BouncyCastle/crypto/src/tls/CipherSuite.cs b/BouncyCastle/crypto/src/tls/CipherSuite.cs new file mode 100644 index 0000000..5c53268 --- /dev/null +++ b/BouncyCastle/crypto/src/tls/CipherSuite.cs @@ -0,0 +1,461 @@ +using System; + +namespace Org.BouncyCastle.Tls +{ + /// RFC 2246 A.5 + public abstract class CipherSuite + { + public static bool IsScsv(int cipherSuite) + { + switch (cipherSuite) + { + case TLS_EMPTY_RENEGOTIATION_INFO_SCSV: + case TLS_FALLBACK_SCSV: + return true; + default: + return false; + } + } + + public const int TLS_NULL_WITH_NULL_NULL = 0x0000; + public const int TLS_RSA_WITH_NULL_MD5 = 0x0001; + public const int TLS_RSA_WITH_NULL_SHA = 0x0002; + public const int TLS_RSA_EXPORT_WITH_RC4_40_MD5 = 0x0003; + public const int TLS_RSA_WITH_RC4_128_MD5 = 0x0004; + public const int TLS_RSA_WITH_RC4_128_SHA = 0x0005; + public const int TLS_RSA_EXPORT_WITH_RC2_CBC_40_MD5 = 0x0006; + public const int TLS_RSA_WITH_IDEA_CBC_SHA = 0x0007; + public const int TLS_RSA_EXPORT_WITH_DES40_CBC_SHA = 0x0008; + public const int TLS_RSA_WITH_DES_CBC_SHA = 0x0009; + public const int TLS_RSA_WITH_3DES_EDE_CBC_SHA = 0x000A; + public const int TLS_DH_DSS_EXPORT_WITH_DES40_CBC_SHA = 0x000B; + public const int TLS_DH_DSS_WITH_DES_CBC_SHA = 0x000C; + public const int TLS_DH_DSS_WITH_3DES_EDE_CBC_SHA = 0x000D; + public const int TLS_DH_RSA_EXPORT_WITH_DES40_CBC_SHA = 0x000E; + public const int TLS_DH_RSA_WITH_DES_CBC_SHA = 0x000F; + public const int TLS_DH_RSA_WITH_3DES_EDE_CBC_SHA = 0x0010; + public const int TLS_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA = 0x0011; + public const int TLS_DHE_DSS_WITH_DES_CBC_SHA = 0x0012; + public const int TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA = 0x0013; + public const int TLS_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA = 0x0014; + public const int TLS_DHE_RSA_WITH_DES_CBC_SHA = 0x0015; + public const int TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA = 0x0016; + public const int TLS_DH_anon_EXPORT_WITH_RC4_40_MD5 = 0x0017; + public const int TLS_DH_anon_WITH_RC4_128_MD5 = 0x0018; + public const int TLS_DH_anon_EXPORT_WITH_DES40_CBC_SHA = 0x0019; + public const int TLS_DH_anon_WITH_DES_CBC_SHA = 0x001A; + public const int TLS_DH_anon_WITH_3DES_EDE_CBC_SHA = 0x001B; + + /* + * Note: The cipher suite values { 0x00, 0x1C } and { 0x00, 0x1D } are reserved to avoid + * collision with Fortezza-based cipher suites in SSL 3. + */ + + /* + * RFC 3268 + */ + public const int TLS_RSA_WITH_AES_128_CBC_SHA = 0x002F; + public const int TLS_DH_DSS_WITH_AES_128_CBC_SHA = 0x0030; + public const int TLS_DH_RSA_WITH_AES_128_CBC_SHA = 0x0031; + public const int TLS_DHE_DSS_WITH_AES_128_CBC_SHA = 0x0032; + public const int TLS_DHE_RSA_WITH_AES_128_CBC_SHA = 0x0033; + public const int TLS_DH_anon_WITH_AES_128_CBC_SHA = 0x0034; + public const int TLS_RSA_WITH_AES_256_CBC_SHA = 0x0035; + public const int TLS_DH_DSS_WITH_AES_256_CBC_SHA = 0x0036; + public const int TLS_DH_RSA_WITH_AES_256_CBC_SHA = 0x0037; + public const int TLS_DHE_DSS_WITH_AES_256_CBC_SHA = 0x0038; + public const int TLS_DHE_RSA_WITH_AES_256_CBC_SHA = 0x0039; + public const int TLS_DH_anon_WITH_AES_256_CBC_SHA = 0x003A; + + /* + * RFC 5932 + */ + public const int TLS_RSA_WITH_CAMELLIA_128_CBC_SHA = 0x0041; + public const int TLS_DH_DSS_WITH_CAMELLIA_128_CBC_SHA = 0x0042; + public const int TLS_DH_RSA_WITH_CAMELLIA_128_CBC_SHA = 0x0043; + public const int TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA = 0x0044; + public const int TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA = 0x0045; + public const int TLS_DH_anon_WITH_CAMELLIA_128_CBC_SHA = 0x0046; + + public const int TLS_RSA_WITH_CAMELLIA_256_CBC_SHA = 0x0084; + public const int TLS_DH_DSS_WITH_CAMELLIA_256_CBC_SHA = 0x0085; + public const int TLS_DH_RSA_WITH_CAMELLIA_256_CBC_SHA = 0x0086; + public const int TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA = 0x0087; + public const int TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA = 0x0088; + public const int TLS_DH_anon_WITH_CAMELLIA_256_CBC_SHA = 0x0089; + + public const int TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256 = 0x00BA; + public const int TLS_DH_DSS_WITH_CAMELLIA_128_CBC_SHA256 = 0x00BB; + public const int TLS_DH_RSA_WITH_CAMELLIA_128_CBC_SHA256 = 0x00BC; + public const int TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA256 = 0x00BD; + public const int TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 = 0x00BE; + public const int TLS_DH_anon_WITH_CAMELLIA_128_CBC_SHA256 = 0x00BF; + + public const int TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256 = 0x00C0; + public const int TLS_DH_DSS_WITH_CAMELLIA_256_CBC_SHA256 = 0x00C1; + public const int TLS_DH_RSA_WITH_CAMELLIA_256_CBC_SHA256 = 0x00C2; + public const int TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA256 = 0x00C3; + public const int TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256 = 0x00C4; + public const int TLS_DH_anon_WITH_CAMELLIA_256_CBC_SHA256 = 0x00C5; + + /* + * RFC 4162 + */ + public const int TLS_RSA_WITH_SEED_CBC_SHA = 0x0096; + public const int TLS_DH_DSS_WITH_SEED_CBC_SHA = 0x0097; + public const int TLS_DH_RSA_WITH_SEED_CBC_SHA = 0x0098; + public const int TLS_DHE_DSS_WITH_SEED_CBC_SHA = 0x0099; + public const int TLS_DHE_RSA_WITH_SEED_CBC_SHA = 0x009A; + public const int TLS_DH_anon_WITH_SEED_CBC_SHA = 0x009B; + + /* + * RFC 4279 + */ + public const int TLS_PSK_WITH_RC4_128_SHA = 0x008A; + public const int TLS_PSK_WITH_3DES_EDE_CBC_SHA = 0x008B; + public const int TLS_PSK_WITH_AES_128_CBC_SHA = 0x008C; + public const int TLS_PSK_WITH_AES_256_CBC_SHA = 0x008D; + public const int TLS_DHE_PSK_WITH_RC4_128_SHA = 0x008E; + public const int TLS_DHE_PSK_WITH_3DES_EDE_CBC_SHA = 0x008F; + public const int TLS_DHE_PSK_WITH_AES_128_CBC_SHA = 0x0090; + public const int TLS_DHE_PSK_WITH_AES_256_CBC_SHA = 0x0091; + public const int TLS_RSA_PSK_WITH_RC4_128_SHA = 0x0092; + public const int TLS_RSA_PSK_WITH_3DES_EDE_CBC_SHA = 0x0093; + public const int TLS_RSA_PSK_WITH_AES_128_CBC_SHA = 0x0094; + public const int TLS_RSA_PSK_WITH_AES_256_CBC_SHA = 0x0095; + + /* + * RFC 4492 + */ + public const int TLS_ECDH_ECDSA_WITH_NULL_SHA = 0xC001; + public const int TLS_ECDH_ECDSA_WITH_RC4_128_SHA = 0xC002; + public const int TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA = 0xC003; + public const int TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA = 0xC004; + public const int TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA = 0xC005; + public const int TLS_ECDHE_ECDSA_WITH_NULL_SHA = 0xC006; + public const int TLS_ECDHE_ECDSA_WITH_RC4_128_SHA = 0xC007; + public const int TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA = 0xC008; + public const int TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA = 0xC009; + public const int TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA = 0xC00A; + public const int TLS_ECDH_RSA_WITH_NULL_SHA = 0xC00B; + public const int TLS_ECDH_RSA_WITH_RC4_128_SHA = 0xC00C; + public const int TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA = 0xC00D; + public const int TLS_ECDH_RSA_WITH_AES_128_CBC_SHA = 0xC00E; + public const int TLS_ECDH_RSA_WITH_AES_256_CBC_SHA = 0xC00F; + public const int TLS_ECDHE_RSA_WITH_NULL_SHA = 0xC010; + public const int TLS_ECDHE_RSA_WITH_RC4_128_SHA = 0xC011; + public const int TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA = 0xC012; + public const int TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA = 0xC013; + public const int TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA = 0xC014; + public const int TLS_ECDH_anon_WITH_NULL_SHA = 0xC015; + public const int TLS_ECDH_anon_WITH_RC4_128_SHA = 0xC016; + public const int TLS_ECDH_anon_WITH_3DES_EDE_CBC_SHA = 0xC017; + public const int TLS_ECDH_anon_WITH_AES_128_CBC_SHA = 0xC018; + public const int TLS_ECDH_anon_WITH_AES_256_CBC_SHA = 0xC019; + + /* + * RFC 4785 + */ + public const int TLS_PSK_WITH_NULL_SHA = 0x002C; + public const int TLS_DHE_PSK_WITH_NULL_SHA = 0x002D; + public const int TLS_RSA_PSK_WITH_NULL_SHA = 0x002E; + + /* + * RFC 5054 + */ + public const int TLS_SRP_SHA_WITH_3DES_EDE_CBC_SHA = 0xC01A; + public const int TLS_SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHA = 0xC01B; + public const int TLS_SRP_SHA_DSS_WITH_3DES_EDE_CBC_SHA = 0xC01C; + public const int TLS_SRP_SHA_WITH_AES_128_CBC_SHA = 0xC01D; + public const int TLS_SRP_SHA_RSA_WITH_AES_128_CBC_SHA = 0xC01E; + public const int TLS_SRP_SHA_DSS_WITH_AES_128_CBC_SHA = 0xC01F; + public const int TLS_SRP_SHA_WITH_AES_256_CBC_SHA = 0xC020; + public const int TLS_SRP_SHA_RSA_WITH_AES_256_CBC_SHA = 0xC021; + public const int TLS_SRP_SHA_DSS_WITH_AES_256_CBC_SHA = 0xC022; + + /* + * RFC 5246 + */ + public const int TLS_RSA_WITH_NULL_SHA256 = 0x003B; + public const int TLS_RSA_WITH_AES_128_CBC_SHA256 = 0x003C; + public const int TLS_RSA_WITH_AES_256_CBC_SHA256 = 0x003D; + public const int TLS_DH_DSS_WITH_AES_128_CBC_SHA256 = 0x003E; + public const int TLS_DH_RSA_WITH_AES_128_CBC_SHA256 = 0x003F; + public const int TLS_DHE_DSS_WITH_AES_128_CBC_SHA256 = 0x0040; + public const int TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 = 0x0067; + public const int TLS_DH_DSS_WITH_AES_256_CBC_SHA256 = 0x0068; + public const int TLS_DH_RSA_WITH_AES_256_CBC_SHA256 = 0x0069; + public const int TLS_DHE_DSS_WITH_AES_256_CBC_SHA256 = 0x006A; + public const int TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 = 0x006B; + public const int TLS_DH_anon_WITH_AES_128_CBC_SHA256 = 0x006C; + public const int TLS_DH_anon_WITH_AES_256_CBC_SHA256 = 0x006D; + + /* + * RFC 5288 + */ + public const int TLS_RSA_WITH_AES_128_GCM_SHA256 = 0x009C; + public const int TLS_RSA_WITH_AES_256_GCM_SHA384 = 0x009D; + public const int TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 = 0x009E; + public const int TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 = 0x009F; + public const int TLS_DH_RSA_WITH_AES_128_GCM_SHA256 = 0x00A0; + public const int TLS_DH_RSA_WITH_AES_256_GCM_SHA384 = 0x00A1; + public const int TLS_DHE_DSS_WITH_AES_128_GCM_SHA256 = 0x00A2; + public const int TLS_DHE_DSS_WITH_AES_256_GCM_SHA384 = 0x00A3; + public const int TLS_DH_DSS_WITH_AES_128_GCM_SHA256 = 0x00A4; + public const int TLS_DH_DSS_WITH_AES_256_GCM_SHA384 = 0x00A5; + public const int TLS_DH_anon_WITH_AES_128_GCM_SHA256 = 0x00A6; + public const int TLS_DH_anon_WITH_AES_256_GCM_SHA384 = 0x00A7; + + /* + * RFC 5289 + */ + public const int TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 = 0xC023; + public const int TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384 = 0xC024; + public const int TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256 = 0xC025; + public const int TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384 = 0xC026; + public const int TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 = 0xC027; + public const int TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 = 0xC028; + public const int TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256 = 0xC029; + public const int TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384 = 0xC02A; + public const int TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 = 0xC02B; + public const int TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 = 0xC02C; + public const int TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256 = 0xC02D; + public const int TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384 = 0xC02E; + public const int TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 = 0xC02F; + public const int TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 = 0xC030; + public const int TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256 = 0xC031; + public const int TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384 = 0xC032; + + /* + * RFC 5487 + */ + public const int TLS_PSK_WITH_AES_128_GCM_SHA256 = 0x00A8; + public const int TLS_PSK_WITH_AES_256_GCM_SHA384 = 0x00A9; + public const int TLS_DHE_PSK_WITH_AES_128_GCM_SHA256 = 0x00AA; + public const int TLS_DHE_PSK_WITH_AES_256_GCM_SHA384 = 0x00AB; + public const int TLS_RSA_PSK_WITH_AES_128_GCM_SHA256 = 0x00AC; + public const int TLS_RSA_PSK_WITH_AES_256_GCM_SHA384 = 0x00AD; + public const int TLS_PSK_WITH_AES_128_CBC_SHA256 = 0x00AE; + public const int TLS_PSK_WITH_AES_256_CBC_SHA384 = 0x00AF; + public const int TLS_PSK_WITH_NULL_SHA256 = 0x00B0; + public const int TLS_PSK_WITH_NULL_SHA384 = 0x00B1; + public const int TLS_DHE_PSK_WITH_AES_128_CBC_SHA256 = 0x00B2; + public const int TLS_DHE_PSK_WITH_AES_256_CBC_SHA384 = 0x00B3; + public const int TLS_DHE_PSK_WITH_NULL_SHA256 = 0x00B4; + public const int TLS_DHE_PSK_WITH_NULL_SHA384 = 0x00B5; + public const int TLS_RSA_PSK_WITH_AES_128_CBC_SHA256 = 0x00B6; + public const int TLS_RSA_PSK_WITH_AES_256_CBC_SHA384 = 0x00B7; + public const int TLS_RSA_PSK_WITH_NULL_SHA256 = 0x00B8; + public const int TLS_RSA_PSK_WITH_NULL_SHA384 = 0x00B9; + + /* + * RFC 5489 + */ + public const int TLS_ECDHE_PSK_WITH_RC4_128_SHA = 0xC033; + public const int TLS_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA = 0xC034; + public const int TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA = 0xC035; + public const int TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA = 0xC036; + public const int TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256 = 0xC037; + public const int TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384 = 0xC038; + public const int TLS_ECDHE_PSK_WITH_NULL_SHA = 0xC039; + public const int TLS_ECDHE_PSK_WITH_NULL_SHA256 = 0xC03A; + public const int TLS_ECDHE_PSK_WITH_NULL_SHA384 = 0xC03B; + + /* + * RFC 5746 + */ + public const int TLS_EMPTY_RENEGOTIATION_INFO_SCSV = 0x00FF; + + /* + * RFC 6209 + */ + public const int TLS_RSA_WITH_ARIA_128_CBC_SHA256 = 0xC03C; + public const int TLS_RSA_WITH_ARIA_256_CBC_SHA384 = 0xC03D; + public const int TLS_DH_DSS_WITH_ARIA_128_CBC_SHA256 = 0xC03E; + public const int TLS_DH_DSS_WITH_ARIA_256_CBC_SHA384 = 0xC03F; + public const int TLS_DH_RSA_WITH_ARIA_128_CBC_SHA256 = 0xC040; + public const int TLS_DH_RSA_WITH_ARIA_256_CBC_SHA384 = 0xC041; + public const int TLS_DHE_DSS_WITH_ARIA_128_CBC_SHA256 = 0xC042; + public const int TLS_DHE_DSS_WITH_ARIA_256_CBC_SHA384 = 0xC043; + public const int TLS_DHE_RSA_WITH_ARIA_128_CBC_SHA256 = 0xC044; + public const int TLS_DHE_RSA_WITH_ARIA_256_CBC_SHA384 = 0xC045; + public const int TLS_DH_anon_WITH_ARIA_128_CBC_SHA256 = 0xC046; + public const int TLS_DH_anon_WITH_ARIA_256_CBC_SHA384 = 0xC047; + + public const int TLS_ECDHE_ECDSA_WITH_ARIA_128_CBC_SHA256 = 0xC048; + public const int TLS_ECDHE_ECDSA_WITH_ARIA_256_CBC_SHA384 = 0xC049; + public const int TLS_ECDH_ECDSA_WITH_ARIA_128_CBC_SHA256 = 0xC04A; + public const int TLS_ECDH_ECDSA_WITH_ARIA_256_CBC_SHA384 = 0xC04B; + public const int TLS_ECDHE_RSA_WITH_ARIA_128_CBC_SHA256 = 0xC04C; + public const int TLS_ECDHE_RSA_WITH_ARIA_256_CBC_SHA384 = 0xC04D; + public const int TLS_ECDH_RSA_WITH_ARIA_128_CBC_SHA256 = 0xC04E; + public const int TLS_ECDH_RSA_WITH_ARIA_256_CBC_SHA384 = 0xC04F; + + public const int TLS_RSA_WITH_ARIA_128_GCM_SHA256 = 0xC050; + public const int TLS_RSA_WITH_ARIA_256_GCM_SHA384 = 0xC051; + public const int TLS_DHE_RSA_WITH_ARIA_128_GCM_SHA256 = 0xC052; + public const int TLS_DHE_RSA_WITH_ARIA_256_GCM_SHA384 = 0xC053; + public const int TLS_DH_RSA_WITH_ARIA_128_GCM_SHA256 = 0xC054; + public const int TLS_DH_RSA_WITH_ARIA_256_GCM_SHA384 = 0xC055; + public const int TLS_DHE_DSS_WITH_ARIA_128_GCM_SHA256 = 0xC056; + public const int TLS_DHE_DSS_WITH_ARIA_256_GCM_SHA384 = 0xC057; + public const int TLS_DH_DSS_WITH_ARIA_128_GCM_SHA256 = 0xC058; + public const int TLS_DH_DSS_WITH_ARIA_256_GCM_SHA384 = 0xC059; + public const int TLS_DH_anon_WITH_ARIA_128_GCM_SHA256 = 0xC05A; + public const int TLS_DH_anon_WITH_ARIA_256_GCM_SHA384 = 0xC05B; + + public const int TLS_ECDHE_ECDSA_WITH_ARIA_128_GCM_SHA256 = 0xC05C; + public const int TLS_ECDHE_ECDSA_WITH_ARIA_256_GCM_SHA384 = 0xC05D; + public const int TLS_ECDH_ECDSA_WITH_ARIA_128_GCM_SHA256 = 0xC05E; + public const int TLS_ECDH_ECDSA_WITH_ARIA_256_GCM_SHA384 = 0xC05F; + public const int TLS_ECDHE_RSA_WITH_ARIA_128_GCM_SHA256 = 0xC060; + public const int TLS_ECDHE_RSA_WITH_ARIA_256_GCM_SHA384 = 0xC061; + public const int TLS_ECDH_RSA_WITH_ARIA_128_GCM_SHA256 = 0xC062; + public const int TLS_ECDH_RSA_WITH_ARIA_256_GCM_SHA384 = 0xC063; + + public const int TLS_PSK_WITH_ARIA_128_CBC_SHA256 = 0xC064; + public const int TLS_PSK_WITH_ARIA_256_CBC_SHA384 = 0xC065; + public const int TLS_DHE_PSK_WITH_ARIA_128_CBC_SHA256 = 0xC066; + public const int TLS_DHE_PSK_WITH_ARIA_256_CBC_SHA384 = 0xC067; + public const int TLS_RSA_PSK_WITH_ARIA_128_CBC_SHA256 = 0xC068; + public const int TLS_RSA_PSK_WITH_ARIA_256_CBC_SHA384 = 0xC069; + public const int TLS_PSK_WITH_ARIA_128_GCM_SHA256 = 0xC06A; + public const int TLS_PSK_WITH_ARIA_256_GCM_SHA384 = 0xC06B; + public const int TLS_DHE_PSK_WITH_ARIA_128_GCM_SHA256 = 0xC06C; + public const int TLS_DHE_PSK_WITH_ARIA_256_GCM_SHA384 = 0xC06D; + public const int TLS_RSA_PSK_WITH_ARIA_128_GCM_SHA256 = 0xC06E; + public const int TLS_RSA_PSK_WITH_ARIA_256_GCM_SHA384 = 0xC06F; + public const int TLS_ECDHE_PSK_WITH_ARIA_128_CBC_SHA256 = 0xC070; + public const int TLS_ECDHE_PSK_WITH_ARIA_256_CBC_SHA384 = 0xC071; + + /* + * RFC 6367 + */ + public const int TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256 = 0xC072; + public const int TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384 = 0xC073; + public const int TLS_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256 = 0xC074; + public const int TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384 = 0xC075; + public const int TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 = 0xC076; + public const int TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384 = 0xC077; + public const int TLS_ECDH_RSA_WITH_CAMELLIA_128_CBC_SHA256 = 0xC078; + public const int TLS_ECDH_RSA_WITH_CAMELLIA_256_CBC_SHA384 = 0xC079; + + public const int TLS_RSA_WITH_CAMELLIA_128_GCM_SHA256 = 0xC07A; + public const int TLS_RSA_WITH_CAMELLIA_256_GCM_SHA384 = 0xC07B; + public const int TLS_DHE_RSA_WITH_CAMELLIA_128_GCM_SHA256 = 0xC07C; + public const int TLS_DHE_RSA_WITH_CAMELLIA_256_GCM_SHA384 = 0xC07D; + public const int TLS_DH_RSA_WITH_CAMELLIA_128_GCM_SHA256 = 0xC07E; + public const int TLS_DH_RSA_WITH_CAMELLIA_256_GCM_SHA384 = 0xC07F; + public const int TLS_DHE_DSS_WITH_CAMELLIA_128_GCM_SHA256 = 0xC080; + public const int TLS_DHE_DSS_WITH_CAMELLIA_256_GCM_SHA384 = 0xC081; + public const int TLS_DH_DSS_WITH_CAMELLIA_128_GCM_SHA256 = 0xC082; + public const int TLS_DH_DSS_WITH_CAMELLIA_256_GCM_SHA384 = 0xC083; + public const int TLS_DH_anon_WITH_CAMELLIA_128_GCM_SHA256 = 0xC084; + public const int TLS_DH_anon_WITH_CAMELLIA_256_GCM_SHA384 = 0xC085; + public const int TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_GCM_SHA256 = 0xC086; + public const int TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_GCM_SHA384 = 0xC087; + public const int TLS_ECDH_ECDSA_WITH_CAMELLIA_128_GCM_SHA256 = 0xC088; + public const int TLS_ECDH_ECDSA_WITH_CAMELLIA_256_GCM_SHA384 = 0xC089; + public const int TLS_ECDHE_RSA_WITH_CAMELLIA_128_GCM_SHA256 = 0xC08A; + public const int TLS_ECDHE_RSA_WITH_CAMELLIA_256_GCM_SHA384 = 0xC08B; + public const int TLS_ECDH_RSA_WITH_CAMELLIA_128_GCM_SHA256 = 0xC08C; + public const int TLS_ECDH_RSA_WITH_CAMELLIA_256_GCM_SHA384 = 0xC08D; + + public const int TLS_PSK_WITH_CAMELLIA_128_GCM_SHA256 = 0xC08E; + public const int TLS_PSK_WITH_CAMELLIA_256_GCM_SHA384 = 0xC08F; + public const int TLS_DHE_PSK_WITH_CAMELLIA_128_GCM_SHA256 = 0xC090; + public const int TLS_DHE_PSK_WITH_CAMELLIA_256_GCM_SHA384 = 0xC091; + public const int TLS_RSA_PSK_WITH_CAMELLIA_128_GCM_SHA256 = 0xC092; + public const int TLS_RSA_PSK_WITH_CAMELLIA_256_GCM_SHA384 = 0xC093; + public const int TLS_PSK_WITH_CAMELLIA_128_CBC_SHA256 = 0xC094; + public const int TLS_PSK_WITH_CAMELLIA_256_CBC_SHA384 = 0xC095; + public const int TLS_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256 = 0xC096; + public const int TLS_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384 = 0xC097; + public const int TLS_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256 = 0xC098; + public const int TLS_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384 = 0xC099; + public const int TLS_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256 = 0xC09A; + public const int TLS_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384 = 0xC09B; + + /* + * RFC 6655 + */ + public const int TLS_RSA_WITH_AES_128_CCM = 0xC09C; + public const int TLS_RSA_WITH_AES_256_CCM = 0xC09D; + public const int TLS_DHE_RSA_WITH_AES_128_CCM = 0xC09E; + public const int TLS_DHE_RSA_WITH_AES_256_CCM = 0xC09F; + public const int TLS_RSA_WITH_AES_128_CCM_8 = 0xC0A0; + public const int TLS_RSA_WITH_AES_256_CCM_8 = 0xC0A1; + public const int TLS_DHE_RSA_WITH_AES_128_CCM_8 = 0xC0A2; + public const int TLS_DHE_RSA_WITH_AES_256_CCM_8 = 0xC0A3; + public const int TLS_PSK_WITH_AES_128_CCM = 0xC0A4; + public const int TLS_PSK_WITH_AES_256_CCM = 0xC0A5; + public const int TLS_DHE_PSK_WITH_AES_128_CCM = 0xC0A6; + public const int TLS_DHE_PSK_WITH_AES_256_CCM = 0xC0A7; + public const int TLS_PSK_WITH_AES_128_CCM_8 = 0xC0A8; + public const int TLS_PSK_WITH_AES_256_CCM_8 = 0xC0A9; + public const int TLS_PSK_DHE_WITH_AES_128_CCM_8 = 0xC0AA; + public const int TLS_PSK_DHE_WITH_AES_256_CCM_8 = 0xC0AB; + + /* + * RFC 7251 + */ + public const int TLS_ECDHE_ECDSA_WITH_AES_128_CCM = 0xC0AC; + public const int TLS_ECDHE_ECDSA_WITH_AES_256_CCM = 0xC0AD; + public const int TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8 = 0xC0AE; + public const int TLS_ECDHE_ECDSA_WITH_AES_256_CCM_8 = 0xC0AF; + + /* + * RFC 7507 + */ + public const int TLS_FALLBACK_SCSV = 0x5600; + + /* + * RFC 7905 + */ + public const int TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256 = 0xCCA8; + public const int TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256 = 0xCCA9; + public const int TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256 = 0xCCAA; + public const int TLS_PSK_WITH_CHACHA20_POLY1305_SHA256 = 0xCCAB; + public const int TLS_ECDHE_PSK_WITH_CHACHA20_POLY1305_SHA256 = 0xCCAC; + public const int TLS_DHE_PSK_WITH_CHACHA20_POLY1305_SHA256 = 0xCCAD; + public const int TLS_RSA_PSK_WITH_CHACHA20_POLY1305_SHA256 = 0xCCAE; + + /* + * RFC 8442 + */ + public const int TLS_ECDHE_PSK_WITH_AES_128_GCM_SHA256 = 0xD001; + public const int TLS_ECDHE_PSK_WITH_AES_256_GCM_SHA384 = 0xD002; + public const int TLS_ECDHE_PSK_WITH_AES_128_CCM_8_SHA256 = 0xD003; + public const int TLS_ECDHE_PSK_WITH_AES_128_CCM_SHA256 = 0xD005; + + /* + * TLS 1.3 Section + * + * Although TLS 1.3 uses the same cipher suite space as previous versions of TLS, TLS 1.3 cipher + * suites are defined differently, only specifying the symmetric ciphers, and cannot be used for + * TLS 1.2. Similarly, cipher suites for TLS 1.2 and lower cannot be used with TLS 1.3. + */ + + /* + * RFC 8446 + */ + public const int TLS_AES_128_GCM_SHA256 = 0x1301; + public const int TLS_AES_256_GCM_SHA384 = 0x1302; + public const int TLS_CHACHA20_POLY1305_SHA256 = 0x1303; + public const int TLS_AES_128_CCM_SHA256 = 0x1304; + public const int TLS_AES_128_CCM_8_SHA256 = 0x1305; + + /* + * RFC 8998 + */ + public const int TLS_SM4_GCM_SM3 = 0x00C6; + public const int TLS_SM4_CCM_SM3 = 0x00C7; + + /* + * draft-smyshlyaev-tls12-gost-suites-10 + */ + public const int TLS_GOSTR341112_256_WITH_KUZNYECHIK_CTR_OMAC = 0xC100; + public const int TLS_GOSTR341112_256_WITH_MAGMA_CTR_OMAC = 0xC101; + public const int TLS_GOSTR341112_256_WITH_28147_CNT_IMIT = 0xC102; + } +} diff --git a/BouncyCastle/crypto/src/tls/CipherType.cs b/BouncyCastle/crypto/src/tls/CipherType.cs new file mode 100644 index 0000000..3525960 --- /dev/null +++ b/BouncyCastle/crypto/src/tls/CipherType.cs @@ -0,0 +1,20 @@ +using System; + +namespace Org.BouncyCastle.Tls +{ + /// RFC 2246 + /// + /// Note that the values here are implementation-specific and arbitrary. It is recommended not to depend on the + /// particular values (e.g. serialization). + /// + public abstract class CipherType + { + public const int stream = 0; + public const int block = 1; + + /* + * RFC 5246 + */ + public const int aead = 2; + } +} diff --git a/BouncyCastle/crypto/src/tls/ClientAuthenticationType.cs b/BouncyCastle/crypto/src/tls/ClientAuthenticationType.cs new file mode 100644 index 0000000..2166e97 --- /dev/null +++ b/BouncyCastle/crypto/src/tls/ClientAuthenticationType.cs @@ -0,0 +1,14 @@ +using System; + +namespace Org.BouncyCastle.Tls +{ + public abstract class ClientAuthenticationType + { + /* + * RFC 5077 4 + */ + public const short anonymous = 0; + public const short certificate_based = 1; + public const short psk = 2; + } +} diff --git a/BouncyCastle/crypto/src/tls/ClientCertificateType.cs b/BouncyCastle/crypto/src/tls/ClientCertificateType.cs new file mode 100644 index 0000000..f3a4a08 --- /dev/null +++ b/BouncyCastle/crypto/src/tls/ClientCertificateType.cs @@ -0,0 +1,69 @@ +using System; + +namespace Org.BouncyCastle.Tls +{ + public abstract class ClientCertificateType + { + /* + * RFC 4346 7.4.4 + */ + public const short rsa_sign = 1; + public const short dss_sign = 2; + public const short rsa_fixed_dh = 3; + public const short dss_fixed_dh = 4; + public const short rsa_ephemeral_dh_RESERVED = 5; + public const short dss_ephemeral_dh_RESERVED = 6; + public const short fortezza_dms_RESERVED = 20; + + /* + * RFC 4492 5.5 + */ + public const short ecdsa_sign = 64; + public const short rsa_fixed_ecdh = 65; + public const short ecdsa_fixed_ecdh = 66; + + /* + * draft-smyshlyaev-tls12-gost-suites-10 + */ + public const short gost_sign256 = 67; + public const short gost_sign512 = 68; + + public static string GetName(short clientCertificateType) + { + switch (clientCertificateType) + { + case rsa_sign: + return "rsa_sign"; + case dss_sign: + return "dss_sign"; + case rsa_fixed_dh: + return "rsa_fixed_dh"; + case dss_fixed_dh: + return "dss_fixed_dh"; + case rsa_ephemeral_dh_RESERVED: + return "rsa_ephemeral_dh_RESERVED"; + case dss_ephemeral_dh_RESERVED: + return "dss_ephemeral_dh_RESERVED"; + case fortezza_dms_RESERVED: + return "fortezza_dms_RESERVED"; + case ecdsa_sign: + return "ecdsa_sign"; + case rsa_fixed_ecdh: + return "rsa_fixed_ecdh"; + case ecdsa_fixed_ecdh: + return "ecdsa_fixed_ecdh"; + case gost_sign256: + return "gost_sign256"; + case gost_sign512: + return "gost_sign512"; + default: + return "UNKNOWN"; + } + } + + public static string GetText(short clientCertificateType) + { + return GetName(clientCertificateType) + "(" + clientCertificateType + ")"; + } + } +} diff --git a/BouncyCastle/crypto/src/tls/ClientHello.cs b/BouncyCastle/crypto/src/tls/ClientHello.cs new file mode 100644 index 0000000..7f1018e --- /dev/null +++ b/BouncyCastle/crypto/src/tls/ClientHello.cs @@ -0,0 +1,177 @@ +using System; +using System.Collections; +using System.IO; + +using Org.BouncyCastle.Utilities; +using Org.BouncyCastle.Utilities.IO; + +namespace Org.BouncyCastle.Tls +{ + public sealed class ClientHello + { + private readonly ProtocolVersion m_version; + private readonly byte[] m_random; + private readonly byte[] m_sessionID; + private readonly byte[] m_cookie; + private readonly int[] m_cipherSuites; + private readonly IDictionary m_extensions; + private readonly int m_bindersSize; + + public ClientHello(ProtocolVersion version, byte[] random, byte[] sessionID, byte[] cookie, + int[] cipherSuites, IDictionary extensions, int bindersSize) + { + this.m_version = version; + this.m_random = random; + this.m_sessionID = sessionID; + this.m_cookie = cookie; + this.m_cipherSuites = cipherSuites; + this.m_extensions = extensions; + this.m_bindersSize = bindersSize; + } + + public int BindersSize + { + get { return m_bindersSize; } + } + + public int[] CipherSuites + { + get { return m_cipherSuites; } + } + + public byte[] Cookie + { + get { return m_cookie; } + } + + public IDictionary Extensions + { + get { return m_extensions; } + } + + public byte[] Random + { + get { return m_random; } + } + + public byte[] SessionID + { + get { return m_sessionID; } + } + + public ProtocolVersion Version + { + get { return m_version; } + } + + /// Encode this to a . + /// the of the current connection. + /// the to encode to. + /// + public void Encode(TlsContext context, Stream output) + { + if (m_bindersSize < 0) + throw new TlsFatalAlert(AlertDescription.internal_error); + + TlsUtilities.WriteVersion(m_version, output); + + output.Write(m_random, 0, m_random.Length); + + TlsUtilities.WriteOpaque8(m_sessionID, output); + + if (null != m_cookie) + { + TlsUtilities.WriteOpaque8(m_cookie, output); + } + + TlsUtilities.WriteUint16ArrayWithUint16Length(m_cipherSuites, output); + + TlsUtilities.WriteUint8ArrayWithUint8Length(new short[]{ CompressionMethod.cls_null }, output); + + TlsProtocol.WriteExtensions(output, m_extensions, m_bindersSize); + } + + /// Parse a from a . + /// the to parse from. + /// for DTLS this should be non-null; the input is copied to this + /// , minus the cookie field. + /// a object. + /// + public static ClientHello Parse(MemoryStream messageInput, Stream dtlsOutput) + { + try + { + return ImplParse(messageInput, dtlsOutput); + } + catch (TlsFatalAlert e) + { + throw e; + } + catch (IOException e) + { + throw new TlsFatalAlert(AlertDescription.decode_error, e); + } + } + + /// + private static ClientHello ImplParse(MemoryStream messageInput, Stream dtlsOutput) + { + Stream input = messageInput; + if (null != dtlsOutput) + { + input = new TeeInputStream(input, dtlsOutput); + } + + ProtocolVersion clientVersion = TlsUtilities.ReadVersion(input); + + byte[] random = TlsUtilities.ReadFully(32, input); + + byte[] sessionID = TlsUtilities.ReadOpaque8(input, 0, 32); + + byte[] cookie = null; + if (null != dtlsOutput) + { + /* + * RFC 6347 This specification increases the cookie size limit to 255 bytes for greater + * future flexibility. The limit remains 32 for previous versions of DTLS. + */ + int maxCookieLength = ProtocolVersion.DTLSv12.IsEqualOrEarlierVersionOf(clientVersion) ? 255 : 32; + + cookie = TlsUtilities.ReadOpaque8(messageInput, 0, maxCookieLength); + } + + int cipher_suites_length = TlsUtilities.ReadUint16(input); + if (cipher_suites_length < 2 || (cipher_suites_length & 1) != 0 + || (int)(messageInput.Length - messageInput.Position) < cipher_suites_length) + { + throw new TlsFatalAlert(AlertDescription.decode_error); + } + + /* + * NOTE: "If the session_id field is not empty (implying a session resumption request) this + * vector must include at least the cipher_suite from that session." + */ + int[] cipherSuites = TlsUtilities.ReadUint16Array(cipher_suites_length / 2, input); + + short[] compressionMethods = TlsUtilities.ReadUint8ArrayWithUint8Length(input, 1); + if (!Arrays.Contains(compressionMethods, CompressionMethod.cls_null)) + throw new TlsFatalAlert(AlertDescription.handshake_failure); + + /* + * NOTE: Can't use TlsProtocol.ReadExtensions directly because TeeInputStream a) won't have + * 'Length' or 'Position' properties in the FIPS provider, b) isn't a MemoryStream. + */ + IDictionary extensions = null; + if (messageInput.Position < messageInput.Length) + { + byte[] extBytes = TlsUtilities.ReadOpaque16(input); + + TlsProtocol.AssertEmpty(messageInput); + + extensions = TlsProtocol.ReadExtensionsDataClientHello(extBytes); + } + + return new ClientHello(clientVersion, random, sessionID, cookie, cipherSuites, extensions, -1); + } + } +} diff --git a/BouncyCastle/crypto/src/tls/CombinedHash.cs b/BouncyCastle/crypto/src/tls/CombinedHash.cs new file mode 100644 index 0000000..71151d2 --- /dev/null +++ b/BouncyCastle/crypto/src/tls/CombinedHash.cs @@ -0,0 +1,67 @@ +using System; + +using Org.BouncyCastle.Tls.Crypto; +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Tls +{ + /// A combined hash, which implements md5(m) || sha1(m). + public class CombinedHash + : TlsHash + { + protected readonly TlsContext m_context; + protected readonly TlsCrypto m_crypto; + protected readonly TlsHash m_md5; + protected readonly TlsHash m_sha1; + + internal CombinedHash(TlsContext context, TlsHash md5, TlsHash sha1) + { + this.m_context = context; + this.m_crypto = context.Crypto; + this.m_md5 = md5; + this.m_sha1 = sha1; + } + + public CombinedHash(TlsCrypto crypto) + { + this.m_crypto = crypto; + this.m_md5 = crypto.CreateHash(CryptoHashAlgorithm.md5); + this.m_sha1 = crypto.CreateHash(CryptoHashAlgorithm.sha1); + } + + public CombinedHash(CombinedHash t) + { + this.m_context = t.m_context; + this.m_crypto = t.m_crypto; + this.m_md5 = t.m_md5.CloneHash(); + this.m_sha1 = t.m_sha1.CloneHash(); + } + + public virtual void Update(byte[] input, int inOff, int len) + { + m_md5.Update(input, inOff, len); + m_sha1.Update(input, inOff, len); + } + + public virtual byte[] CalculateHash() + { + if (null != m_context && TlsUtilities.IsSsl(m_context)) + { + Ssl3Utilities.CompleteCombinedHash(m_context, m_md5, m_sha1); + } + + return Arrays.Concatenate(m_md5.CalculateHash(), m_sha1.CalculateHash()); + } + + public virtual TlsHash CloneHash() + { + return new CombinedHash(this); + } + + public virtual void Reset() + { + m_md5.Reset(); + m_sha1.Reset(); + } + } +} diff --git a/BouncyCastle/crypto/src/tls/CompressionMethod.cs b/BouncyCastle/crypto/src/tls/CompressionMethod.cs new file mode 100644 index 0000000..21b43d4 --- /dev/null +++ b/BouncyCastle/crypto/src/tls/CompressionMethod.cs @@ -0,0 +1,20 @@ +using System; + +namespace Org.BouncyCastle.Tls +{ + /// RFC 2246 6.1 + public abstract class CompressionMethod + { + public const short cls_null = 0; + + /* + * RFC 3749 2 + */ + public const short DEFLATE = 1; + + /* + * Values from 224 decimal (0xE0) through 255 decimal (0xFF) + * inclusive are reserved for private use. + */ + } +} diff --git a/BouncyCastle/crypto/src/tls/ConnectionEnd.cs b/BouncyCastle/crypto/src/tls/ConnectionEnd.cs new file mode 100644 index 0000000..01ceb1b --- /dev/null +++ b/BouncyCastle/crypto/src/tls/ConnectionEnd.cs @@ -0,0 +1,15 @@ +using System; + +namespace Org.BouncyCastle.Tls +{ + /// RFC 2246 + /// + /// Note that the values here are implementation-specific and arbitrary. It is recommended not to depend on the + /// particular values(e.g.serialization). + /// + public abstract class ConnectionEnd + { + public const int server = 0; + public const int client = 1; + } +} diff --git a/BouncyCastle/crypto/src/tls/ContentType.cs b/BouncyCastle/crypto/src/tls/ContentType.cs new file mode 100644 index 0000000..cf89539 --- /dev/null +++ b/BouncyCastle/crypto/src/tls/ContentType.cs @@ -0,0 +1,38 @@ +using System; + +namespace Org.BouncyCastle.Tls +{ + /// RFC 2246 6.2.1 + public abstract class ContentType + { + public const short change_cipher_spec = 20; + public const short alert = 21; + public const short handshake = 22; + public const short application_data = 23; + public const short heartbeat = 24; + + public static string GetName(short contentType) + { + switch (contentType) + { + case alert: + return "alert"; + case application_data: + return "application_data"; + case change_cipher_spec: + return "change_cipher_spec"; + case handshake: + return "handshake"; + case heartbeat: + return "heartbeat"; + default: + return "UNKNOWN"; + } + } + + public static string GetText(short contentType) + { + return GetName(contentType) + "(" + contentType + ")"; + } + } +} diff --git a/BouncyCastle/crypto/src/tls/DatagramReceiver.cs b/BouncyCastle/crypto/src/tls/DatagramReceiver.cs new file mode 100644 index 0000000..5ab605a --- /dev/null +++ b/BouncyCastle/crypto/src/tls/DatagramReceiver.cs @@ -0,0 +1,14 @@ +using System; +using System.IO; + +namespace Org.BouncyCastle.Tls +{ + public interface DatagramReceiver + { + /// + int GetReceiveLimit(); + + /// + int Receive(byte[] buf, int off, int len, int waitMillis); + } +} diff --git a/BouncyCastle/crypto/src/tls/DatagramSender.cs b/BouncyCastle/crypto/src/tls/DatagramSender.cs new file mode 100644 index 0000000..bf14c18 --- /dev/null +++ b/BouncyCastle/crypto/src/tls/DatagramSender.cs @@ -0,0 +1,14 @@ +using System; +using System.IO; + +namespace Org.BouncyCastle.Tls +{ + public interface DatagramSender + { + /// + int GetSendLimit(); + + /// + void Send(byte[] buf, int off, int len); + } +} diff --git a/BouncyCastle/crypto/src/tls/DatagramTransport.cs b/BouncyCastle/crypto/src/tls/DatagramTransport.cs new file mode 100644 index 0000000..4aecd05 --- /dev/null +++ b/BouncyCastle/crypto/src/tls/DatagramTransport.cs @@ -0,0 +1,10 @@ +using System; + +namespace Org.BouncyCastle.Tls +{ + /// Base interface for an object sending and receiving DTLS data. + public interface DatagramTransport + : DatagramReceiver, DatagramSender, TlsCloseable + { + } +} diff --git a/BouncyCastle/crypto/src/tls/DefaultTlsClient.cs b/BouncyCastle/crypto/src/tls/DefaultTlsClient.cs new file mode 100644 index 0000000..a2a7426 --- /dev/null +++ b/BouncyCastle/crypto/src/tls/DefaultTlsClient.cs @@ -0,0 +1,48 @@ +using System; + +using Org.BouncyCastle.Tls.Crypto; + +namespace Org.BouncyCastle.Tls +{ + public abstract class DefaultTlsClient + : AbstractTlsClient + { + private static readonly int[] DefaultCipherSuites = new int[] + { + /* + * TODO[tls13] TLS 1.3 + */ + //CipherSuite.TLS_CHACHA20_POLY1305_SHA256, + //CipherSuite.TLS_AES_128_GCM_SHA256, + + /* + * pre-TLS 1.3 + */ + CipherSuite.TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256, + CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, + CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256, + CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, + CipherSuite.TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256, + CipherSuite.TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, + CipherSuite.TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256, + CipherSuite.TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, + CipherSuite.TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256, + CipherSuite.TLS_DHE_RSA_WITH_AES_128_GCM_SHA256, + CipherSuite.TLS_DHE_RSA_WITH_AES_128_CBC_SHA256, + CipherSuite.TLS_DHE_RSA_WITH_AES_128_CBC_SHA, + CipherSuite.TLS_RSA_WITH_AES_128_GCM_SHA256, + CipherSuite.TLS_RSA_WITH_AES_128_CBC_SHA256, + CipherSuite.TLS_RSA_WITH_AES_128_CBC_SHA, + }; + + public DefaultTlsClient(TlsCrypto crypto) + : base(crypto) + { + } + + protected override int[] GetSupportedCipherSuites() + { + return TlsUtilities.GetSupportedCipherSuites(Crypto, DefaultCipherSuites); + } + } +} diff --git a/BouncyCastle/crypto/src/tls/DefaultTlsCredentialedSigner.cs b/BouncyCastle/crypto/src/tls/DefaultTlsCredentialedSigner.cs new file mode 100644 index 0000000..64bc30a --- /dev/null +++ b/BouncyCastle/crypto/src/tls/DefaultTlsCredentialedSigner.cs @@ -0,0 +1,66 @@ +using System; + +using Org.BouncyCastle.Tls.Crypto; +using Org.BouncyCastle.Tls.Crypto.Impl; + +namespace Org.BouncyCastle.Tls +{ + /// Container class for generating signatures that carries the signature type, parameters, public key + /// certificate and public key's associated signer object. + public class DefaultTlsCredentialedSigner + : TlsCredentialedSigner + { + protected readonly TlsCryptoParameters m_cryptoParams; + protected readonly Certificate m_certificate; + protected readonly SignatureAndHashAlgorithm m_signatureAndHashAlgorithm; + protected readonly TlsSigner m_signer; + + public DefaultTlsCredentialedSigner(TlsCryptoParameters cryptoParams, TlsSigner signer, + Certificate certificate, SignatureAndHashAlgorithm signatureAndHashAlgorithm) + { + if (certificate == null) + throw new ArgumentNullException("certificate"); + if (certificate.IsEmpty) + throw new ArgumentException("cannot be empty", "certificate"); + if (signer == null) + throw new ArgumentNullException("signer"); + + this.m_cryptoParams = cryptoParams; + this.m_certificate = certificate; + this.m_signatureAndHashAlgorithm = signatureAndHashAlgorithm; + this.m_signer = signer; + } + + public virtual Certificate Certificate + { + get { return m_certificate; } + } + + public virtual byte[] GenerateRawSignature(byte[] hash) + { + return m_signer.GenerateRawSignature(GetEffectiveAlgorithm(), hash); + } + + public virtual SignatureAndHashAlgorithm SignatureAndHashAlgorithm + { + get { return m_signatureAndHashAlgorithm; } + } + + public virtual TlsStreamSigner GetStreamSigner() + { + return m_signer.GetStreamSigner(GetEffectiveAlgorithm()); + } + + protected virtual SignatureAndHashAlgorithm GetEffectiveAlgorithm() + { + SignatureAndHashAlgorithm algorithm = null; + if (TlsImplUtilities.IsTlsV12(m_cryptoParams)) + { + algorithm = SignatureAndHashAlgorithm; + if (algorithm == null) + throw new InvalidOperationException("'signatureAndHashAlgorithm' cannot be null for (D)TLS 1.2+"); + } + return algorithm; + } + } +} diff --git a/BouncyCastle/crypto/src/tls/DefaultTlsDHGroupVerifier.cs b/BouncyCastle/crypto/src/tls/DefaultTlsDHGroupVerifier.cs new file mode 100644 index 0000000..8b9cf2e --- /dev/null +++ b/BouncyCastle/crypto/src/tls/DefaultTlsDHGroupVerifier.cs @@ -0,0 +1,107 @@ +using System; +using System.Collections; + +using Org.BouncyCastle.Math; +using Org.BouncyCastle.Tls.Crypto; +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Tls +{ + public class DefaultTlsDHGroupVerifier + : TlsDHGroupVerifier + { + public static readonly int DefaultMinimumPrimeBits = 2048; + + private static readonly IList DefaultGroups = Platform.CreateArrayList(); + + private static void AddDefaultGroup(DHGroup dhGroup) + { + DefaultGroups.Add(dhGroup); + } + + static DefaultTlsDHGroupVerifier() + { + /* + * These 10 standard groups are those specified in NIST SP 800-56A Rev. 3 Appendix D. Make + * sure to consider the impact on BCJSSE's FIPS mode and/or usage with the BCFIPS provider + * before modifying this list. + */ + + AddDefaultGroup(DHStandardGroups.rfc3526_2048); + AddDefaultGroup(DHStandardGroups.rfc3526_3072); + AddDefaultGroup(DHStandardGroups.rfc3526_4096); + AddDefaultGroup(DHStandardGroups.rfc3526_6144); + AddDefaultGroup(DHStandardGroups.rfc3526_8192); + + AddDefaultGroup(DHStandardGroups.rfc7919_ffdhe2048); + AddDefaultGroup(DHStandardGroups.rfc7919_ffdhe3072); + AddDefaultGroup(DHStandardGroups.rfc7919_ffdhe4096); + AddDefaultGroup(DHStandardGroups.rfc7919_ffdhe6144); + AddDefaultGroup(DHStandardGroups.rfc7919_ffdhe8192); + } + + // IList is (DHGroup) + protected readonly IList m_groups; + protected readonly int m_minimumPrimeBits; + + /// Accept named groups and various standard DH groups with 'P' at least + /// bits. + public DefaultTlsDHGroupVerifier() + : this(DefaultMinimumPrimeBits) + { + } + + /// Accept named groups and various standard DH groups with 'P' at least the specified number of bits. + /// + /// the minimum bitlength of 'P'. + public DefaultTlsDHGroupVerifier(int minimumPrimeBits) + : this(DefaultGroups, minimumPrimeBits) + { + } + + /// Accept named groups and a custom set of group parameters, subject to a minimum bitlength for 'P'. + /// + /// a list of acceptable s. + /// the minimum bitlength of 'P'. + public DefaultTlsDHGroupVerifier(IList groups, int minimumPrimeBits) + { + this.m_groups = Platform.CreateArrayList(groups); + this.m_minimumPrimeBits = minimumPrimeBits; + } + + public virtual bool Accept(DHGroup dhGroup) + { + return CheckMinimumPrimeBits(dhGroup) && CheckGroup(dhGroup); + } + + public virtual int MinimumPrimeBits + { + get { return m_minimumPrimeBits; } + } + + protected virtual bool AreGroupsEqual(DHGroup a, DHGroup b) + { + return a == b || (AreParametersEqual(a.P, b.P) && AreParametersEqual(a.G, b.G)); + } + + protected virtual bool AreParametersEqual(BigInteger a, BigInteger b) + { + return a == b || a.Equals(b); + } + + protected virtual bool CheckGroup(DHGroup dhGroup) + { + foreach (DHGroup group in m_groups) + { + if (AreGroupsEqual(dhGroup, group)) + return true; + } + return false; + } + + protected virtual bool CheckMinimumPrimeBits(DHGroup dhGroup) + { + return dhGroup.P.BitLength >= MinimumPrimeBits; + } + } +} diff --git a/BouncyCastle/crypto/src/tls/DefaultTlsHeartbeat.cs b/BouncyCastle/crypto/src/tls/DefaultTlsHeartbeat.cs new file mode 100644 index 0000000..9090d2c --- /dev/null +++ b/BouncyCastle/crypto/src/tls/DefaultTlsHeartbeat.cs @@ -0,0 +1,44 @@ +using System; + +using Org.BouncyCastle.Crypto.Utilities; + +namespace Org.BouncyCastle.Tls +{ + public class DefaultTlsHeartbeat + : TlsHeartbeat + { + private readonly int idleMillis, timeoutMillis; + + private uint counter = 0U; + + public DefaultTlsHeartbeat(int idleMillis, int timeoutMillis) + { + if (idleMillis <= 0) + throw new ArgumentException("must be > 0", "idleMillis"); + if (timeoutMillis <= 0) + throw new ArgumentException("must be > 0", "timeoutMillis"); + + this.idleMillis = idleMillis; + this.timeoutMillis = timeoutMillis; + } + + public virtual byte[] GeneratePayload() + { + lock (this) + { + // NOTE: The counter naturally wraps back to 0 + return Pack.UInt32_To_BE(++counter); + } + } + + public virtual int IdleMillis + { + get { return idleMillis; } + } + + public virtual int TimeoutMillis + { + get { return timeoutMillis; } + } + } +} diff --git a/BouncyCastle/crypto/src/tls/DefaultTlsKeyExchangeFactory.cs b/BouncyCastle/crypto/src/tls/DefaultTlsKeyExchangeFactory.cs new file mode 100644 index 0000000..c8d6ff1 --- /dev/null +++ b/BouncyCastle/crypto/src/tls/DefaultTlsKeyExchangeFactory.cs @@ -0,0 +1,89 @@ +using System; + +using Org.BouncyCastle.Tls.Crypto; + +namespace Org.BouncyCastle.Tls +{ + public class DefaultTlsKeyExchangeFactory + : AbstractTlsKeyExchangeFactory + { + public override TlsKeyExchange CreateDHKeyExchange(int keyExchange) + { + return new TlsDHKeyExchange(keyExchange); + } + + public override TlsKeyExchange CreateDHanonKeyExchangeClient(int keyExchange, + TlsDHGroupVerifier dhGroupVerifier) + { + return new TlsDHanonKeyExchange(keyExchange, dhGroupVerifier); + } + + public override TlsKeyExchange CreateDHanonKeyExchangeServer(int keyExchange, TlsDHConfig dhConfig) + { + return new TlsDHanonKeyExchange(keyExchange, dhConfig); + } + + public override TlsKeyExchange CreateDheKeyExchangeClient(int keyExchange, TlsDHGroupVerifier dhGroupVerifier) + { + return new TlsDheKeyExchange(keyExchange, dhGroupVerifier); + } + + public override TlsKeyExchange CreateDheKeyExchangeServer(int keyExchange, TlsDHConfig dhConfig) + { + return new TlsDheKeyExchange(keyExchange, dhConfig); + } + + public override TlsKeyExchange CreateECDHKeyExchange(int keyExchange) + { + return new TlsECDHKeyExchange(keyExchange); + } + + public override TlsKeyExchange CreateECDHanonKeyExchangeClient(int keyExchange) + { + return new TlsECDHanonKeyExchange(keyExchange); + } + + public override TlsKeyExchange CreateECDHanonKeyExchangeServer(int keyExchange, TlsECConfig ecConfig) + { + return new TlsECDHanonKeyExchange(keyExchange, ecConfig); + } + + public override TlsKeyExchange CreateECDheKeyExchangeClient(int keyExchange) + { + return new TlsECDheKeyExchange(keyExchange); + } + + public override TlsKeyExchange CreateECDheKeyExchangeServer(int keyExchange, TlsECConfig ecConfig) + { + return new TlsECDheKeyExchange(keyExchange, ecConfig); + } + + public override TlsKeyExchange CreatePskKeyExchangeClient(int keyExchange, TlsPskIdentity pskIdentity, + TlsDHGroupVerifier dhGroupVerifier) + { + return new TlsPskKeyExchange(keyExchange, pskIdentity, dhGroupVerifier); + } + + public override TlsKeyExchange CreatePskKeyExchangeServer(int keyExchange, + TlsPskIdentityManager pskIdentityManager, TlsDHConfig dhConfig, TlsECConfig ecConfig) + { + return new TlsPskKeyExchange(keyExchange, pskIdentityManager, dhConfig, ecConfig); + } + + public override TlsKeyExchange CreateRsaKeyExchange(int keyExchange) + { + return new TlsRsaKeyExchange(keyExchange); + } + + public override TlsKeyExchange CreateSrpKeyExchangeClient(int keyExchange, TlsSrpIdentity srpIdentity, + TlsSrpConfigVerifier srpConfigVerifier) + { + return new TlsSrpKeyExchange(keyExchange, srpIdentity, srpConfigVerifier); + } + + public override TlsKeyExchange CreateSrpKeyExchangeServer(int keyExchange, TlsSrpLoginParameters loginParameters) + { + return new TlsSrpKeyExchange(keyExchange, loginParameters); + } + } +} diff --git a/BouncyCastle/crypto/src/tls/DefaultTlsServer.cs b/BouncyCastle/crypto/src/tls/DefaultTlsServer.cs new file mode 100644 index 0000000..de8a3f4 --- /dev/null +++ b/BouncyCastle/crypto/src/tls/DefaultTlsServer.cs @@ -0,0 +1,108 @@ +using System; +using System.IO; + +using Org.BouncyCastle.Tls.Crypto; + +namespace Org.BouncyCastle.Tls +{ + public abstract class DefaultTlsServer + : AbstractTlsServer + { + private static readonly int[] DefaultCipherSuites = new int[] + { + /* + * TODO[tls13] TLS 1.3 + */ + //CipherSuite.TLS_CHACHA20_POLY1305_SHA256, + //CipherSuite.TLS_AES_256_GCM_SHA384, + //CipherSuite.TLS_AES_128_GCM_SHA256, + + /* + * pre-TLS 1.3 + */ + CipherSuite.TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256, + CipherSuite.TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384, + CipherSuite.TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, + CipherSuite.TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384, + CipherSuite.TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256, + CipherSuite.TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA, + CipherSuite.TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, + CipherSuite.TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256, + CipherSuite.TLS_DHE_RSA_WITH_AES_256_GCM_SHA384, + CipherSuite.TLS_DHE_RSA_WITH_AES_128_GCM_SHA256, + CipherSuite.TLS_DHE_RSA_WITH_AES_256_CBC_SHA256, + CipherSuite.TLS_DHE_RSA_WITH_AES_128_CBC_SHA256, + CipherSuite.TLS_DHE_RSA_WITH_AES_256_CBC_SHA, + CipherSuite.TLS_DHE_RSA_WITH_AES_128_CBC_SHA, + CipherSuite.TLS_RSA_WITH_AES_256_GCM_SHA384, + CipherSuite.TLS_RSA_WITH_AES_128_GCM_SHA256, + CipherSuite.TLS_RSA_WITH_AES_256_CBC_SHA256, + CipherSuite.TLS_RSA_WITH_AES_128_CBC_SHA256, + CipherSuite.TLS_RSA_WITH_AES_256_CBC_SHA, + CipherSuite.TLS_RSA_WITH_AES_128_CBC_SHA, + }; + + public DefaultTlsServer(TlsCrypto crypto) + : base(crypto) + { + } + + /// + protected virtual TlsCredentialedSigner GetDsaSignerCredentials() + { + throw new TlsFatalAlert(AlertDescription.internal_error); + } + + /// + protected virtual TlsCredentialedSigner GetECDsaSignerCredentials() + { + throw new TlsFatalAlert(AlertDescription.internal_error); + } + + /// + protected virtual TlsCredentialedDecryptor GetRsaEncryptionCredentials() + { + throw new TlsFatalAlert(AlertDescription.internal_error); + } + + /// + protected virtual TlsCredentialedSigner GetRsaSignerCredentials() + { + throw new TlsFatalAlert(AlertDescription.internal_error); + } + + protected override int[] GetSupportedCipherSuites() + { + return TlsUtilities.GetSupportedCipherSuites(Crypto, DefaultCipherSuites); + } + + public override TlsCredentials GetCredentials() + { + int keyExchangeAlgorithm = m_context.SecurityParameters.KeyExchangeAlgorithm; + + switch (keyExchangeAlgorithm) + { + case KeyExchangeAlgorithm.DHE_DSS: + return GetDsaSignerCredentials(); + + case KeyExchangeAlgorithm.DH_anon: + case KeyExchangeAlgorithm.ECDH_anon: + return null; + + case KeyExchangeAlgorithm.ECDHE_ECDSA: + return GetECDsaSignerCredentials(); + + case KeyExchangeAlgorithm.DHE_RSA: + case KeyExchangeAlgorithm.ECDHE_RSA: + return GetRsaSignerCredentials(); + + case KeyExchangeAlgorithm.RSA: + return GetRsaEncryptionCredentials(); + + default: + // Note: internal error here; selected a key exchange we don't implement! + throw new TlsFatalAlert(AlertDescription.internal_error); + } + } + } +} diff --git a/BouncyCastle/crypto/src/tls/DefaultTlsSrpConfigVerifier.cs b/BouncyCastle/crypto/src/tls/DefaultTlsSrpConfigVerifier.cs new file mode 100644 index 0000000..7812498 --- /dev/null +++ b/BouncyCastle/crypto/src/tls/DefaultTlsSrpConfigVerifier.cs @@ -0,0 +1,63 @@ +using System; +using System.Collections; + +using Org.BouncyCastle.Math; +using Org.BouncyCastle.Tls.Crypto; +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Tls +{ + public class DefaultTlsSrpConfigVerifier + : TlsSrpConfigVerifier + { + private static readonly IList DefaultGroups = Platform.CreateArrayList(); + + static DefaultTlsSrpConfigVerifier() + { + DefaultGroups.Add(Srp6StandardGroups.rfc5054_1024); + DefaultGroups.Add(Srp6StandardGroups.rfc5054_1536); + DefaultGroups.Add(Srp6StandardGroups.rfc5054_2048); + DefaultGroups.Add(Srp6StandardGroups.rfc5054_3072); + DefaultGroups.Add(Srp6StandardGroups.rfc5054_4096); + DefaultGroups.Add(Srp6StandardGroups.rfc5054_6144); + DefaultGroups.Add(Srp6StandardGroups.rfc5054_8192); + } + + // IList is (SRP6Group) + protected readonly IList m_groups; + + /// Accept only the group parameters specified in RFC 5054 Appendix A. + public DefaultTlsSrpConfigVerifier() + : this(DefaultGroups) + { + } + + /// Specify a custom set of acceptable group parameters. + /// an of acceptable . + public DefaultTlsSrpConfigVerifier(IList groups) + { + this.m_groups = Platform.CreateArrayList(groups); + } + + public virtual bool Accept(TlsSrpConfig srpConfig) + { + foreach (Srp6Group group in m_groups) + { + if (AreGroupsEqual(srpConfig, group)) + return true; + } + return false; + } + + protected virtual bool AreGroupsEqual(TlsSrpConfig a, Srp6Group b) + { + BigInteger[] ng = a.GetExplicitNG(); + return AreParametersEqual(ng[0], b.N) && AreParametersEqual(ng[1], b.G); + } + + protected virtual bool AreParametersEqual(BigInteger a, BigInteger b) + { + return a == b || a.Equals(b); + } + } +} diff --git a/BouncyCastle/crypto/src/tls/DeferredHash.cs b/BouncyCastle/crypto/src/tls/DeferredHash.cs new file mode 100644 index 0000000..ac66c8f --- /dev/null +++ b/BouncyCastle/crypto/src/tls/DeferredHash.cs @@ -0,0 +1,242 @@ +using System; +using System.Collections; +using System.IO; + +using Org.BouncyCastle.Tls.Crypto; +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Tls +{ + /// Buffers input until the hash algorithm is determined. + internal sealed class DeferredHash + : TlsHandshakeHash + { + private const int BufferingHashLimit = 4; + + private readonly TlsContext m_context; + + private DigestInputBuffer m_buf; + private IDictionary m_hashes; + private bool m_forceBuffering; + private bool m_sealed; + + internal DeferredHash(TlsContext context) + { + this.m_context = context; + this.m_buf = new DigestInputBuffer(); + this.m_hashes = Platform.CreateHashtable(); + this.m_forceBuffering = false; + this.m_sealed = false; + } + + /// + public void CopyBufferTo(Stream output) + { + if (m_buf == null) + { + // If you see this, you need to call ForceBuffering() before SealHashAlgorithms() + throw new InvalidOperationException("Not buffering"); + } + + m_buf.CopyInputTo(output); + } + + public void ForceBuffering() + { + if (m_sealed) + throw new InvalidOperationException("Too late to force buffering"); + + this.m_forceBuffering = true; + } + + public void NotifyPrfDetermined() + { + SecurityParameters securityParameters = m_context.SecurityParameters; + + switch (securityParameters.PrfAlgorithm) + { + case PrfAlgorithm.ssl_prf_legacy: + case PrfAlgorithm.tls_prf_legacy: + { + CheckTrackingHash(CryptoHashAlgorithm.md5); + CheckTrackingHash(CryptoHashAlgorithm.sha1); + break; + } + default: + { + CheckTrackingHash(securityParameters.PrfCryptoHashAlgorithm); + break; + } + } + } + + public void TrackHashAlgorithm(int cryptoHashAlgorithm) + { + if (m_sealed) + throw new InvalidOperationException("Too late to track more hash algorithms"); + + CheckTrackingHash(cryptoHashAlgorithm); + } + + public void SealHashAlgorithms() + { + if (m_sealed) + throw new InvalidOperationException("Already sealed"); + + this.m_sealed = true; + CheckStopBuffering(); + } + + public void StopTracking() + { + SecurityParameters securityParameters = m_context.SecurityParameters; + + IDictionary newHashes = Platform.CreateHashtable(); + switch (securityParameters.PrfAlgorithm) + { + case PrfAlgorithm.ssl_prf_legacy: + case PrfAlgorithm.tls_prf_legacy: + { + CloneHash(newHashes, CryptoHashAlgorithm.md5); + CloneHash(newHashes, CryptoHashAlgorithm.sha1); + break; + } + default: + { + CloneHash(newHashes, securityParameters.PrfCryptoHashAlgorithm); + break; + } + } + + this.m_buf = null; + this.m_hashes = newHashes; + this.m_forceBuffering = false; + this.m_sealed = true; + } + + public TlsHash ForkPrfHash() + { + CheckStopBuffering(); + + SecurityParameters securityParameters = m_context.SecurityParameters; + + TlsHash prfHash; + switch (securityParameters.PrfAlgorithm) + { + case PrfAlgorithm.ssl_prf_legacy: + case PrfAlgorithm.tls_prf_legacy: + { + TlsHash md5Hash = CloneHash(CryptoHashAlgorithm.md5); + TlsHash sha1Hash = CloneHash(CryptoHashAlgorithm.sha1); + prfHash = new CombinedHash(m_context, md5Hash, sha1Hash); + break; + } + default: + { + prfHash = CloneHash(securityParameters.PrfCryptoHashAlgorithm); + break; + } + } + + if (m_buf != null) + { + m_buf.UpdateDigest(prfHash); + } + + return prfHash; + } + + public byte[] GetFinalHash(int cryptoHashAlgorithm) + { + TlsHash hash = (TlsHash)m_hashes[cryptoHashAlgorithm]; + if (hash == null) + throw new InvalidOperationException("CryptoHashAlgorithm." + cryptoHashAlgorithm + + " is not being tracked"); + + CheckStopBuffering(); + + hash = hash.CloneHash(); + if (m_buf != null) + { + m_buf.UpdateDigest(hash); + } + + return hash.CalculateHash(); + } + + public void Update(byte[] input, int inOff, int len) + { + if (m_buf != null) + { + m_buf.Write(input, inOff, len); + return; + } + + foreach (TlsHash hash in m_hashes.Values) + { + hash.Update(input, inOff, len); + } + } + + public byte[] CalculateHash() + { + throw new InvalidOperationException("Use 'ForkPrfHash' to get a definite hash"); + } + + public TlsHash CloneHash() + { + throw new InvalidOperationException("attempt to clone a DeferredHash"); + } + + public void Reset() + { + if (m_buf != null) + { + m_buf.SetLength(0); + return; + } + + foreach (TlsHash hash in m_hashes.Values) + { + hash.Reset(); + } + } + + private void CheckStopBuffering() + { + if (!m_forceBuffering && m_sealed && m_buf != null && m_hashes.Count <= BufferingHashLimit) + { + foreach (TlsHash hash in m_hashes.Values) + { + m_buf.UpdateDigest(hash); + } + + this.m_buf = null; + } + } + + private void CheckTrackingHash(int cryptoHashAlgorithm) + { + if (!m_hashes.Contains(cryptoHashAlgorithm)) + { + TlsHash hash = m_context.Crypto.CreateHash(cryptoHashAlgorithm); + m_hashes[cryptoHashAlgorithm] = hash; + } + } + + private TlsHash CloneHash(int cryptoHashAlgorithm) + { + return ((TlsHash)m_hashes[cryptoHashAlgorithm]).CloneHash(); + } + + private void CloneHash(IDictionary newHashes, int cryptoHashAlgorithm) + { + TlsHash hash = CloneHash(cryptoHashAlgorithm); + if (m_buf != null) + { + m_buf.UpdateDigest(hash); + } + newHashes[cryptoHashAlgorithm] = hash; + } + } +} diff --git a/BouncyCastle/crypto/src/tls/DigestInputBuffer.cs b/BouncyCastle/crypto/src/tls/DigestInputBuffer.cs new file mode 100644 index 0000000..9b4ea4b --- /dev/null +++ b/BouncyCastle/crypto/src/tls/DigestInputBuffer.cs @@ -0,0 +1,26 @@ +using System; +using System.IO; + +using Org.BouncyCastle.Tls.Crypto; +using Org.BouncyCastle.Utilities.IO; + +namespace Org.BouncyCastle.Tls +{ + internal class DigestInputBuffer + : MemoryStream + { + internal void UpdateDigest(TlsHash hash) + { + Streams.WriteBufTo(this, new TlsHashSink(hash)); + } + + /// + internal void CopyInputTo(Stream output) + { + // TODO[tls-port] + // NOTE: Copy data since the output here may be under control of external code. + //Streams.PipeAll(new MemoryStream(buf, 0, count), output); + Streams.WriteBufTo(this, output); + } + } +} diff --git a/BouncyCastle/crypto/src/tls/DigitallySigned.cs b/BouncyCastle/crypto/src/tls/DigitallySigned.cs new file mode 100644 index 0000000..e977b35 --- /dev/null +++ b/BouncyCastle/crypto/src/tls/DigitallySigned.cs @@ -0,0 +1,62 @@ +using System; +using System.IO; + +namespace Org.BouncyCastle.Tls +{ + public sealed class DigitallySigned + { + private readonly SignatureAndHashAlgorithm algorithm; + private readonly byte[] signature; + + public DigitallySigned(SignatureAndHashAlgorithm algorithm, byte[] signature) + { + if (signature == null) + throw new ArgumentNullException("signature"); + + this.algorithm = algorithm; + this.signature = signature; + } + + /// a (or null before TLS 1.2). + public SignatureAndHashAlgorithm Algorithm + { + get { return algorithm; } + } + + public byte[] Signature + { + get { return signature; } + } + + /// Encode this to a . + /// the to encode to. + /// + public void Encode(Stream output) + { + if (algorithm != null) + { + algorithm.Encode(output); + } + TlsUtilities.WriteOpaque16(signature, output); + } + + /// Parse a from a . + /// the of the current connection. + /// the to parse from. + /// a object. + /// + public static DigitallySigned Parse(TlsContext context, Stream input) + { + SignatureAndHashAlgorithm algorithm = null; + if (TlsUtilities.IsTlsV12(context)) + { + algorithm = SignatureAndHashAlgorithm.Parse(input); + + if (SignatureAlgorithm.anonymous == algorithm.Signature) + throw new TlsFatalAlert(AlertDescription.illegal_parameter); + } + byte[] signature = TlsUtilities.ReadOpaque16(input); + return new DigitallySigned(algorithm, signature); + } + } +} diff --git a/BouncyCastle/crypto/src/tls/DtlsClientProtocol.cs b/BouncyCastle/crypto/src/tls/DtlsClientProtocol.cs new file mode 100644 index 0000000..44f574e --- /dev/null +++ b/BouncyCastle/crypto/src/tls/DtlsClientProtocol.cs @@ -0,0 +1,981 @@ +using System; +using System.Collections; +using System.IO; + +using Org.BouncyCastle.Tls.Crypto; +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Tls +{ + public class DtlsClientProtocol + : DtlsProtocol + { + public DtlsClientProtocol() + : base() + { + } + + /// + public virtual DtlsTransport Connect(TlsClient client, DatagramTransport transport) + { + if (client == null) + throw new ArgumentNullException("client"); + if (transport == null) + throw new ArgumentNullException("transport"); + + ClientHandshakeState state = new ClientHandshakeState(); + state.client = client; + state.clientContext = new TlsClientContextImpl(client.Crypto); + + client.Init(state.clientContext); + state.clientContext.HandshakeBeginning(client); + + SecurityParameters securityParameters = state.clientContext.SecurityParameters; + securityParameters.m_extendedPadding = client.ShouldUseExtendedPadding(); + + TlsSession sessionToResume = state.client.GetSessionToResume(); + if (sessionToResume != null && sessionToResume.IsResumable) + { + SessionParameters sessionParameters = sessionToResume.ExportSessionParameters(); + + /* + * NOTE: If we ever enable session resumption without extended_master_secret, then + * renegotiation MUST be disabled (see RFC 7627 5.4). + */ + if (sessionParameters != null + && (sessionParameters.IsExtendedMasterSecret + || (!state.client.RequiresExtendedMasterSecret() && state.client.AllowLegacyResumption()))) + { + TlsSecret masterSecret = sessionParameters.MasterSecret; + lock (masterSecret) + { + if (masterSecret.IsAlive()) + { + state.tlsSession = sessionToResume; + state.sessionParameters = sessionParameters; + state.sessionMasterSecret = state.clientContext.Crypto.AdoptSecret(masterSecret); + } + } + } + } + + DtlsRecordLayer recordLayer = new DtlsRecordLayer(state.clientContext, state.client, transport); + client.NotifyCloseHandle(recordLayer); + + try + { + return ClientHandshake(state, recordLayer); + } + catch (TlsFatalAlert fatalAlert) + { + AbortClientHandshake(state, recordLayer, fatalAlert.AlertDescription); + throw fatalAlert; + } + catch (IOException e) + { + AbortClientHandshake(state, recordLayer, AlertDescription.internal_error); + throw e; + } + catch (Exception e) + { + AbortClientHandshake(state, recordLayer, AlertDescription.internal_error); + throw new TlsFatalAlert(AlertDescription.internal_error, e); + } + finally + { + securityParameters.Clear(); + } + } + + internal virtual void AbortClientHandshake(ClientHandshakeState state, DtlsRecordLayer recordLayer, + short alertDescription) + { + recordLayer.Fail(alertDescription); + InvalidateSession(state); + } + + /// + internal virtual DtlsTransport ClientHandshake(ClientHandshakeState state, DtlsRecordLayer recordLayer) + { + SecurityParameters securityParameters = state.clientContext.SecurityParameters; + + DtlsReliableHandshake handshake = new DtlsReliableHandshake(state.clientContext, recordLayer, + state.client.GetHandshakeTimeoutMillis(), null); + + byte[] clientHelloBody = GenerateClientHello(state); + + recordLayer.SetWriteVersion(ProtocolVersion.DTLSv10); + + handshake.SendMessage(HandshakeType.client_hello, clientHelloBody); + + DtlsReliableHandshake.Message serverMessage = handshake.ReceiveMessage(); + + // TODO Consider stricter HelloVerifyRequest protocol + //if (serverMessage.Type == HandshakeType.hello_verify_request) + while (serverMessage.Type == HandshakeType.hello_verify_request) + { + byte[] cookie = ProcessHelloVerifyRequest(state, serverMessage.Body); + byte[] patched = PatchClientHelloWithCookie(clientHelloBody, cookie); + + handshake.ResetAfterHelloVerifyRequestClient(); + handshake.SendMessage(HandshakeType.client_hello, patched); + + serverMessage = handshake.ReceiveMessage(); + } + + if (serverMessage.Type == HandshakeType.server_hello) + { + ProtocolVersion recordLayerVersion = recordLayer.ReadVersion; + ReportServerVersion(state, recordLayerVersion); + recordLayer.SetWriteVersion(recordLayerVersion); + + ProcessServerHello(state, serverMessage.Body); + } + else + { + throw new TlsFatalAlert(AlertDescription.unexpected_message); + } + + handshake.HandshakeHash.NotifyPrfDetermined(); + + ApplyMaxFragmentLengthExtension(recordLayer, securityParameters.MaxFragmentLength); + + if (state.resumedSession) + { + securityParameters.m_masterSecret = state.sessionMasterSecret; + recordLayer.InitPendingEpoch(TlsUtilities.InitCipher(state.clientContext)); + + // NOTE: Calculated exclusive of the actual Finished message from the server + securityParameters.m_peerVerifyData = TlsUtilities.CalculateVerifyData(state.clientContext, + handshake.HandshakeHash, true); + ProcessFinished(handshake.ReceiveMessageBody(HandshakeType.finished), + securityParameters.PeerVerifyData); + + // NOTE: Calculated exclusive of the Finished message itself + securityParameters.m_localVerifyData = TlsUtilities.CalculateVerifyData(state.clientContext, + handshake.HandshakeHash, false); + handshake.SendMessage(HandshakeType.finished, securityParameters.LocalVerifyData); + + handshake.Finish(); + + if (securityParameters.IsExtendedMasterSecret) + { + securityParameters.m_tlsUnique = securityParameters.PeerVerifyData; + } + + securityParameters.m_localCertificate = state.sessionParameters.LocalCertificate; + securityParameters.m_peerCertificate = state.sessionParameters.PeerCertificate; + securityParameters.m_pskIdentity = state.sessionParameters.PskIdentity; + securityParameters.m_srpIdentity = state.sessionParameters.SrpIdentity; + + state.clientContext.HandshakeComplete(state.client, state.tlsSession); + + recordLayer.InitHeartbeat(state.heartbeat, + HeartbeatMode.peer_allowed_to_send == state.heartbeatPolicy); + + return new DtlsTransport(recordLayer); + } + + InvalidateSession(state); + state.tlsSession = TlsUtilities.ImportSession(securityParameters.SessionID, null); + + serverMessage = handshake.ReceiveMessage(); + + if (serverMessage.Type == HandshakeType.supplemental_data) + { + ProcessServerSupplementalData(state, serverMessage.Body); + serverMessage = handshake.ReceiveMessage(); + } + else + { + state.client.ProcessServerSupplementalData(null); + } + + state.keyExchange = TlsUtilities.InitKeyExchangeClient(state.clientContext, state.client); + + if (serverMessage.Type == HandshakeType.certificate) + { + ProcessServerCertificate(state, serverMessage.Body); + serverMessage = handshake.ReceiveMessage(); + } + else + { + // Okay, Certificate is optional + state.authentication = null; + } + + if (serverMessage.Type == HandshakeType.certificate_status) + { + if (securityParameters.StatusRequestVersion < 1) + throw new TlsFatalAlert(AlertDescription.unexpected_message); + + ProcessCertificateStatus(state, serverMessage.Body); + serverMessage = handshake.ReceiveMessage(); + } + else + { + // Okay, CertificateStatus is optional + } + + TlsUtilities.ProcessServerCertificate(state.clientContext, state.certificateStatus, state.keyExchange, + state.authentication, state.clientExtensions, state.serverExtensions); + + if (serverMessage.Type == HandshakeType.server_key_exchange) + { + ProcessServerKeyExchange(state, serverMessage.Body); + serverMessage = handshake.ReceiveMessage(); + } + else + { + // Okay, ServerKeyExchange is optional + state.keyExchange.SkipServerKeyExchange(); + } + + if (serverMessage.Type == HandshakeType.certificate_request) + { + ProcessCertificateRequest(state, serverMessage.Body); + + TlsUtilities.EstablishServerSigAlgs(securityParameters, state.certificateRequest); + + /* + * TODO Give the client a chance to immediately select the CertificateVerify hash + * algorithm here to avoid tracking the other hash algorithms unnecessarily? + */ + TlsUtilities.TrackHashAlgorithms(handshake.HandshakeHash, securityParameters.ServerSigAlgs); + + serverMessage = handshake.ReceiveMessage(); + } + else + { + // Okay, CertificateRequest is optional + } + + if (serverMessage.Type == HandshakeType.server_hello_done) + { + if (serverMessage.Body.Length != 0) + { + throw new TlsFatalAlert(AlertDescription.decode_error); + } + } + else + { + throw new TlsFatalAlert(AlertDescription.unexpected_message); + } + + IList clientSupplementalData = state.client.GetClientSupplementalData(); + if (clientSupplementalData != null) + { + byte[] supplementalDataBody = GenerateSupplementalData(clientSupplementalData); + handshake.SendMessage(HandshakeType.supplemental_data, supplementalDataBody); + } + + if (null != state.certificateRequest) + { + state.clientCredentials = TlsUtilities.EstablishClientCredentials(state.authentication, + state.certificateRequest); + + /* + * RFC 5246 If no suitable certificate is available, the client MUST send a certificate + * message containing no certificates. + * + * NOTE: In previous RFCs, this was SHOULD instead of MUST. + */ + + Certificate clientCertificate = null; + if (null != state.clientCredentials) + { + clientCertificate = state.clientCredentials.Certificate; + } + + SendCertificateMessage(state.clientContext, handshake, clientCertificate, null); + } + + TlsCredentialedSigner credentialedSigner = null; + TlsStreamSigner streamSigner = null; + + if (null != state.clientCredentials) + { + state.keyExchange.ProcessClientCredentials(state.clientCredentials); + + if (state.clientCredentials is TlsCredentialedSigner) + { + credentialedSigner = (TlsCredentialedSigner)state.clientCredentials; + streamSigner = credentialedSigner.GetStreamSigner(); + } + } + else + { + state.keyExchange.SkipClientCredentials(); + } + + bool forceBuffering = streamSigner != null; + TlsUtilities.SealHandshakeHash(state.clientContext, handshake.HandshakeHash, forceBuffering); + + byte[] clientKeyExchangeBody = GenerateClientKeyExchange(state); + handshake.SendMessage(HandshakeType.client_key_exchange, clientKeyExchangeBody); + + securityParameters.m_sessionHash = TlsUtilities.GetCurrentPrfHash(handshake.HandshakeHash); + + TlsProtocol.EstablishMasterSecret(state.clientContext, state.keyExchange); + recordLayer.InitPendingEpoch(TlsUtilities.InitCipher(state.clientContext)); + + { + if (credentialedSigner != null) + { + DigitallySigned certificateVerify = TlsUtilities.GenerateCertificateVerifyClient( + state.clientContext, credentialedSigner, streamSigner, handshake.HandshakeHash); + byte[] certificateVerifyBody = GenerateCertificateVerify(state, certificateVerify); + handshake.SendMessage(HandshakeType.certificate_verify, certificateVerifyBody); + } + + handshake.PrepareToFinish(); + } + + securityParameters.m_localVerifyData = TlsUtilities.CalculateVerifyData(state.clientContext, + handshake.HandshakeHash, false); + handshake.SendMessage(HandshakeType.finished, securityParameters.LocalVerifyData); + + if (state.expectSessionTicket) + { + serverMessage = handshake.ReceiveMessage(); + if (serverMessage.Type == HandshakeType.new_session_ticket) + { + /* + * RFC 5077 3.4. If the client receives a session ticket from the server, then it + * discards any Session ID that was sent in the ServerHello. + */ + securityParameters.m_sessionID = TlsUtilities.EmptyBytes; + InvalidateSession(state); + state.tlsSession = TlsUtilities.ImportSession(securityParameters.SessionID, null); + + ProcessNewSessionTicket(state, serverMessage.Body); + } + else + { + throw new TlsFatalAlert(AlertDescription.unexpected_message); + } + } + + // NOTE: Calculated exclusive of the actual Finished message from the server + securityParameters.m_peerVerifyData = TlsUtilities.CalculateVerifyData(state.clientContext, + handshake.HandshakeHash, true); + ProcessFinished(handshake.ReceiveMessageBody(HandshakeType.finished), securityParameters.PeerVerifyData); + + handshake.Finish(); + + state.sessionMasterSecret = securityParameters.MasterSecret; + + state.sessionParameters = new SessionParameters.Builder() + .SetCipherSuite(securityParameters.CipherSuite) + .SetExtendedMasterSecret(securityParameters.IsExtendedMasterSecret) + .SetLocalCertificate(securityParameters.LocalCertificate) + .SetMasterSecret(state.clientContext.Crypto.AdoptSecret(state.sessionMasterSecret)) + .SetNegotiatedVersion(securityParameters.NegotiatedVersion) + .SetPeerCertificate(securityParameters.PeerCertificate) + .SetPskIdentity(securityParameters.PskIdentity) + .SetSrpIdentity(securityParameters.SrpIdentity) + // TODO Consider filtering extensions that aren't relevant to resumed sessions + .SetServerExtensions(state.serverExtensions) + .Build(); + + state.tlsSession = TlsUtilities.ImportSession(securityParameters.SessionID, state.sessionParameters); + + securityParameters.m_tlsUnique = securityParameters.LocalVerifyData; + + state.clientContext.HandshakeComplete(state.client, state.tlsSession); + + recordLayer.InitHeartbeat(state.heartbeat, HeartbeatMode.peer_allowed_to_send == state.heartbeatPolicy); + + return new DtlsTransport(recordLayer); + } + + /// + protected virtual byte[] GenerateCertificateVerify(ClientHandshakeState state, + DigitallySigned certificateVerify) + { + MemoryStream buf = new MemoryStream(); + certificateVerify.Encode(buf); + return buf.ToArray(); + } + + /// + protected virtual byte[] GenerateClientHello(ClientHandshakeState state) + { + TlsClientContextImpl context = state.clientContext; + SecurityParameters securityParameters = context.SecurityParameters; + + context.SetClientSupportedVersions(state.client.GetProtocolVersions()); + + ProtocolVersion client_version = ProtocolVersion.GetLatestDtls(context.ClientSupportedVersions); + if (!ProtocolVersion.IsSupportedDtlsVersionClient(client_version)) + throw new TlsFatalAlert(AlertDescription.internal_error); + + context.SetClientVersion(client_version); + + byte[] session_id = TlsUtilities.GetSessionID(state.tlsSession); + + bool fallback = state.client.IsFallback(); + + state.offeredCipherSuites = state.client.GetCipherSuites(); + + if (session_id.Length > 0 && state.sessionParameters != null) + { + if (!Arrays.Contains(state.offeredCipherSuites, state.sessionParameters.CipherSuite)) + { + session_id = TlsUtilities.EmptyBytes; + } + } + + state.clientExtensions = TlsExtensionsUtilities.EnsureExtensionsInitialised( + state.client.GetClientExtensions()); + + ProtocolVersion legacy_version = client_version; + if (client_version.IsLaterVersionOf(ProtocolVersion.DTLSv12)) + { + legacy_version = ProtocolVersion.DTLSv12; + + TlsExtensionsUtilities.AddSupportedVersionsExtensionClient(state.clientExtensions, + context.ClientSupportedVersions); + } + + context.SetRsaPreMasterSecretVersion(legacy_version); + + securityParameters.m_clientServerNames = TlsExtensionsUtilities.GetServerNameExtensionClient( + state.clientExtensions); + + if (TlsUtilities.IsSignatureAlgorithmsExtensionAllowed(client_version)) + { + TlsUtilities.EstablishClientSigAlgs(securityParameters, state.clientExtensions); + } + + securityParameters.m_clientSupportedGroups = TlsExtensionsUtilities.GetSupportedGroupsExtension( + state.clientExtensions); + + state.clientAgreements = TlsUtilities.AddKeyShareToClientHello(state.clientContext, state.client, + state.clientExtensions); + + if (TlsUtilities.IsExtendedMasterSecretOptionalDtls(context.ClientSupportedVersions) + && state.client.ShouldUseExtendedMasterSecret()) + { + TlsExtensionsUtilities.AddExtendedMasterSecretExtension(state.clientExtensions); + } + else if (!TlsUtilities.IsTlsV13(client_version) + && state.client.RequiresExtendedMasterSecret()) + { + throw new TlsFatalAlert(AlertDescription.internal_error); + } + + { + bool useGmtUnixTime = ProtocolVersion.DTLSv12.IsEqualOrLaterVersionOf(client_version) + && state.client.ShouldUseGmtUnixTime(); + + securityParameters.m_clientRandom = TlsProtocol.CreateRandomBlock(useGmtUnixTime, state.clientContext); + } + + // Cipher Suites (and SCSV) + { + /* + * RFC 5746 3.4. The client MUST include either an empty "renegotiation_info" extension, + * or the TLS_EMPTY_RENEGOTIATION_INFO_SCSV signaling cipher suite value in the + * ClientHello. Including both is NOT RECOMMENDED. + */ + bool noRenegExt = (null == TlsUtilities.GetExtensionData(state.clientExtensions, + ExtensionType.renegotiation_info)); + bool noRenegScsv = !Arrays.Contains(state.offeredCipherSuites, + CipherSuite.TLS_EMPTY_RENEGOTIATION_INFO_SCSV); + + if (noRenegExt && noRenegScsv) + { + state.offeredCipherSuites = Arrays.Append(state.offeredCipherSuites, + CipherSuite.TLS_EMPTY_RENEGOTIATION_INFO_SCSV); + } + } + + /* (Fallback SCSV) + * RFC 7507 4. If a client sends a ClientHello.client_version containing a lower value + * than the latest (highest-valued) version supported by the client, it SHOULD include + * the TLS_FALLBACK_SCSV cipher suite value in ClientHello.cipher_suites [..]. (The + * client SHOULD put TLS_FALLBACK_SCSV after all cipher suites that it actually intends + * to negotiate.) + */ + if (fallback && !Arrays.Contains(state.offeredCipherSuites, CipherSuite.TLS_FALLBACK_SCSV)) + { + state.offeredCipherSuites = Arrays.Append(state.offeredCipherSuites, CipherSuite.TLS_FALLBACK_SCSV); + } + + // Heartbeats + { + state.heartbeat = state.client.GetHeartbeat(); + state.heartbeatPolicy = state.client.GetHeartbeatPolicy(); + + if (null != state.heartbeat || HeartbeatMode.peer_allowed_to_send == state.heartbeatPolicy) + { + TlsExtensionsUtilities.AddHeartbeatExtension(state.clientExtensions, + new HeartbeatExtension(state.heartbeatPolicy)); + } + } + + + + ClientHello clientHello = new ClientHello(legacy_version, securityParameters.ClientRandom, session_id, + TlsUtilities.EmptyBytes, state.offeredCipherSuites, state.clientExtensions, 0); + + MemoryStream buf = new MemoryStream(); + clientHello.Encode(state.clientContext, buf); + return buf.ToArray(); + } + + /// + protected virtual byte[] GenerateClientKeyExchange(ClientHandshakeState state) + { + MemoryStream buf = new MemoryStream(); + state.keyExchange.GenerateClientKeyExchange(buf); + return buf.ToArray(); + } + + protected virtual void InvalidateSession(ClientHandshakeState state) + { + if (state.sessionMasterSecret != null) + { + state.sessionMasterSecret.Destroy(); + state.sessionMasterSecret = null; + } + + if (state.sessionParameters != null) + { + state.sessionParameters.Clear(); + state.sessionParameters = null; + } + + if (state.tlsSession != null) + { + state.tlsSession.Invalidate(); + state.tlsSession = null; + } + } + + /// + protected virtual void ProcessCertificateRequest(ClientHandshakeState state, byte[] body) + { + if (null == state.authentication) + { + /* + * RFC 2246 7.4.4. It is a fatal handshake_failure alert for an anonymous server to + * request client identification. + */ + throw new TlsFatalAlert(AlertDescription.handshake_failure); + } + + MemoryStream buf = new MemoryStream(body, false); + + CertificateRequest certificateRequest = CertificateRequest.Parse(state.clientContext, buf); + + TlsProtocol.AssertEmpty(buf); + + state.certificateRequest = TlsUtilities.ValidateCertificateRequest(certificateRequest, state.keyExchange); + } + + /// + protected virtual void ProcessCertificateStatus(ClientHandshakeState state, byte[] body) + { + MemoryStream buf = new MemoryStream(body, false); + + // TODO[tls13] Ensure this cannot happen for (D)TLS1.3+ + state.certificateStatus = CertificateStatus.Parse(state.clientContext, buf); + + TlsProtocol.AssertEmpty(buf); + } + + /// + protected virtual byte[] ProcessHelloVerifyRequest(ClientHandshakeState state, byte[] body) + { + MemoryStream buf = new MemoryStream(body, false); + + ProtocolVersion server_version = TlsUtilities.ReadVersion(buf); + + /* + * RFC 6347 This specification increases the cookie size limit to 255 bytes for greater + * future flexibility. The limit remains 32 for previous versions of DTLS. + */ + int maxCookieLength = ProtocolVersion.DTLSv12.IsEqualOrEarlierVersionOf(server_version) ? 255 : 32; + + byte[] cookie = TlsUtilities.ReadOpaque8(buf, 0, maxCookieLength); + + TlsProtocol.AssertEmpty(buf); + + // TODO Seems this behaviour is not yet in line with OpenSSL for DTLS 1.2 + //ReportServerVersion(state, server_version); + if (!server_version.IsEqualOrEarlierVersionOf(state.clientContext.ClientVersion)) + throw new TlsFatalAlert(AlertDescription.illegal_parameter); + + return cookie; + } + + /// + protected virtual void ProcessNewSessionTicket(ClientHandshakeState state, byte[] body) + { + MemoryStream buf = new MemoryStream(body, false); + + NewSessionTicket newSessionTicket = NewSessionTicket.Parse(buf); + + TlsProtocol.AssertEmpty(buf); + + state.client.NotifyNewSessionTicket(newSessionTicket); + } + + /// + protected virtual void ProcessServerCertificate(ClientHandshakeState state, byte[] body) + { + state.authentication = TlsUtilities.ReceiveServerCertificate(state.clientContext, state.client, + new MemoryStream(body, false)); + } + + /// + protected virtual void ProcessServerHello(ClientHandshakeState state, byte[] body) + { + MemoryStream buf = new MemoryStream(body, false); + + ServerHello serverHello = ServerHello.Parse(buf); + ProtocolVersion server_version = serverHello.Version; + + state.serverExtensions = serverHello.Extensions; + + + + SecurityParameters securityParameters = state.clientContext.SecurityParameters; + + // TODO[dtls13] Check supported_version extension for negotiated version + + ReportServerVersion(state, server_version); + + securityParameters.m_serverRandom = serverHello.Random; + + if (!state.clientContext.ClientVersion.Equals(server_version)) + { + TlsUtilities.CheckDowngradeMarker(server_version, securityParameters.ServerRandom); + } + + { + byte[] selectedSessionID = serverHello.SessionID; + securityParameters.m_sessionID = selectedSessionID; + state.client.NotifySessionID(selectedSessionID); + state.resumedSession = selectedSessionID.Length > 0 && state.tlsSession != null + && Arrays.AreEqual(selectedSessionID, state.tlsSession.SessionID); + } + + /* + * Find out which CipherSuite the server has chosen and check that it was one of the offered + * ones, and is a valid selection for the negotiated version. + */ + { + int cipherSuite = ValidateSelectedCipherSuite(serverHello.CipherSuite, + AlertDescription.illegal_parameter); + + if (!TlsUtilities.IsValidCipherSuiteSelection(state.offeredCipherSuites, cipherSuite) || + !TlsUtilities.IsValidVersionForCipherSuite(cipherSuite, securityParameters.NegotiatedVersion)) + { + throw new TlsFatalAlert(AlertDescription.illegal_parameter); + } + + TlsUtilities.NegotiatedCipherSuite(securityParameters, cipherSuite); + state.client.NotifySelectedCipherSuite(cipherSuite); + } + + /* + * RFC3546 2.2 The extended server hello message format MAY be sent in place of the server + * hello message when the client has requested extended functionality via the extended + * client hello message specified in Section 2.1. ... Note that the extended server hello + * message is only sent in response to an extended client hello message. This prevents the + * possibility that the extended server hello message could "break" existing TLS 1.0 + * clients. + */ + + /* + * TODO RFC 3546 2.3 If [...] the older session is resumed, then the server MUST ignore + * extensions appearing in the client hello, and send a server hello containing no + * extensions. + */ + + /* + * RFC 7627 4. Clients and servers SHOULD NOT accept handshakes that do not use the extended + * master secret [..]. (and see 5.2, 5.3) + * + * RFC 8446 Appendix D. Because TLS 1.3 always hashes in the transcript up to the server + * Finished, implementations which support both TLS 1.3 and earlier versions SHOULD indicate + * the use of the Extended Master Secret extension in their APIs whenever TLS 1.3 is used. + */ + if (TlsUtilities.IsTlsV13(server_version)) + { + securityParameters.m_extendedMasterSecret = true; + } + else + { + bool acceptedExtendedMasterSecret = TlsExtensionsUtilities.HasExtendedMasterSecretExtension( + state.serverExtensions); + + if (acceptedExtendedMasterSecret) + { + if (!state.resumedSession && !state.client.ShouldUseExtendedMasterSecret()) + throw new TlsFatalAlert(AlertDescription.handshake_failure); + } + else + { + if (state.client.RequiresExtendedMasterSecret() + || (state.resumedSession && !state.client.AllowLegacyResumption())) + { + throw new TlsFatalAlert(AlertDescription.handshake_failure); + } + } + + securityParameters.m_extendedMasterSecret = acceptedExtendedMasterSecret; + } + + /* + * + * RFC 3546 2.2 Note that the extended server hello message is only sent in response to an + * extended client hello message. However, see RFC 5746 exception below. We always include + * the SCSV, so an Extended Server Hello is always allowed. + */ + if (state.serverExtensions != null) + { + foreach (int extType in state.serverExtensions.Keys) + { + /* + * RFC 5746 3.6. Note that sending a "renegotiation_info" extension in response to a + * ClientHello containing only the SCSV is an explicit exception to the prohibition + * in RFC 5246, Section 7.4.1.4, on the server sending unsolicited extensions and is + * only allowed because the client is signaling its willingness to receive the + * extension via the TLS_EMPTY_RENEGOTIATION_INFO_SCSV SCSV. + */ + if (extType == ExtensionType.renegotiation_info) + continue; + + /* + * RFC 5246 7.4.1.4 An extension type MUST NOT appear in the ServerHello unless the + * same extension type appeared in the corresponding ClientHello. If a client + * receives an extension type in ServerHello that it did not request in the + * associated ClientHello, it MUST abort the handshake with an unsupported_extension + * fatal alert. + */ + if (null == TlsUtilities.GetExtensionData(state.clientExtensions, extType)) + throw new TlsFatalAlert(AlertDescription.unsupported_extension); + + /* + * RFC 3546 2.3. If [...] the older session is resumed, then the server MUST ignore + * extensions appearing in the client hello, and send a server hello containing no + * extensions[.] + */ + if (state.resumedSession) + { + // TODO[compat-gnutls] GnuTLS test server sends server extensions e.g. ec_point_formats + // TODO[compat-openssl] OpenSSL test server sends server extensions e.g. ec_point_formats + // TODO[compat-polarssl] PolarSSL test server sends server extensions e.g. ec_point_formats + //throw new TlsFatalAlert(AlertDescription.illegal_parameter); + } + } + } + + /* + * RFC 5746 3.4. Client Behavior: Initial Handshake + */ + { + /* + * When a ServerHello is received, the client MUST check if it includes the + * "renegotiation_info" extension: + */ + byte[] renegExtData = TlsUtilities.GetExtensionData(state.serverExtensions, + ExtensionType.renegotiation_info); + if (renegExtData != null) + { + /* + * If the extension is present, set the secure_renegotiation flag to TRUE. The + * client MUST then verify that the length of the "renegotiated_connection" + * field is zero, and if it is not, MUST abort the handshake (by sending a fatal + * handshake_failure alert). + */ + securityParameters.m_secureRenegotiation = true; + + if (!Arrays.ConstantTimeAreEqual(renegExtData, + TlsProtocol.CreateRenegotiationInfo(TlsUtilities.EmptyBytes))) + { + throw new TlsFatalAlert(AlertDescription.handshake_failure); + } + } + } + + // TODO[compat-gnutls] GnuTLS test server fails to send renegotiation_info extension when resuming + state.client.NotifySecureRenegotiation(securityParameters.IsSecureRenegotiation); + + /* + * RFC 7301 3.1. When session resumption or session tickets [...] are used, the previous + * contents of this extension are irrelevant, and only the values in the new handshake + * messages are considered. + */ + securityParameters.m_applicationProtocol = TlsExtensionsUtilities.GetAlpnExtensionServer( + state.serverExtensions); + securityParameters.m_applicationProtocolSet = true; + + // Heartbeats + { + HeartbeatExtension heartbeatExtension = TlsExtensionsUtilities.GetHeartbeatExtension( + state.serverExtensions); + if (null == heartbeatExtension) + { + state.heartbeat = null; + state.heartbeatPolicy = HeartbeatMode.peer_not_allowed_to_send; + } + else if (HeartbeatMode.peer_allowed_to_send != heartbeatExtension.Mode) + { + state.heartbeat = null; + } + } + + + + IDictionary sessionClientExtensions = state.clientExtensions, + sessionServerExtensions = state.serverExtensions; + + if (state.resumedSession) + { + if (securityParameters.CipherSuite != state.sessionParameters.CipherSuite + || !server_version.Equals(state.sessionParameters.NegotiatedVersion)) + { + throw new TlsFatalAlert(AlertDescription.illegal_parameter); + } + + sessionClientExtensions = null; + sessionServerExtensions = state.sessionParameters.ReadServerExtensions(); + } + + if (sessionServerExtensions != null && sessionServerExtensions.Count > 0) + { + { + /* + * RFC 7366 3. If a server receives an encrypt-then-MAC request extension from a client + * and then selects a stream or Authenticated Encryption with Associated Data (AEAD) + * ciphersuite, it MUST NOT send an encrypt-then-MAC response extension back to the + * client. + */ + bool serverSentEncryptThenMac = TlsExtensionsUtilities.HasEncryptThenMacExtension( + sessionServerExtensions); + if (serverSentEncryptThenMac && !TlsUtilities.IsBlockCipherSuite(securityParameters.CipherSuite)) + throw new TlsFatalAlert(AlertDescription.illegal_parameter); + + securityParameters.m_encryptThenMac = serverSentEncryptThenMac; + } + + securityParameters.m_maxFragmentLength = EvaluateMaxFragmentLengthExtension(state.resumedSession, + sessionClientExtensions, sessionServerExtensions, AlertDescription.illegal_parameter); + + securityParameters.m_truncatedHmac = TlsExtensionsUtilities.HasTruncatedHmacExtension( + sessionServerExtensions); + + if (!state.resumedSession) + { + // TODO[tls13] See RFC 8446 4.4.2.1 + if (TlsUtilities.HasExpectedEmptyExtensionData(sessionServerExtensions, + ExtensionType.status_request_v2, AlertDescription.illegal_parameter)) + { + securityParameters.m_statusRequestVersion = 2; + } + else if (TlsUtilities.HasExpectedEmptyExtensionData(sessionServerExtensions, + ExtensionType.status_request, AlertDescription.illegal_parameter)) + { + securityParameters.m_statusRequestVersion = 1; + } + } + + state.expectSessionTicket = !state.resumedSession + && TlsUtilities.HasExpectedEmptyExtensionData(sessionServerExtensions, + ExtensionType.session_ticket, AlertDescription.illegal_parameter); + } + + if (sessionClientExtensions != null) + { + state.client.ProcessServerExtensions(sessionServerExtensions); + } + } + + /// + protected virtual void ProcessServerKeyExchange(ClientHandshakeState state, byte[] body) + { + MemoryStream buf = new MemoryStream(body, false); + state.keyExchange.ProcessServerKeyExchange(buf); + TlsProtocol.AssertEmpty(buf); + } + + /// + protected virtual void ProcessServerSupplementalData(ClientHandshakeState state, byte[] body) + { + MemoryStream buf = new MemoryStream(body, false); + IList serverSupplementalData = TlsProtocol.ReadSupplementalDataMessage(buf); + state.client.ProcessServerSupplementalData(serverSupplementalData); + } + + /// + protected virtual void ReportServerVersion(ClientHandshakeState state, ProtocolVersion server_version) + { + TlsClientContextImpl context = state.clientContext; + SecurityParameters securityParameters = context.SecurityParameters; + + ProtocolVersion currentServerVersion = securityParameters.NegotiatedVersion; + if (null != currentServerVersion) + { + if (!currentServerVersion.Equals(server_version)) + throw new TlsFatalAlert(AlertDescription.illegal_parameter); + + return; + } + + if (!ProtocolVersion.Contains(context.ClientSupportedVersions, server_version)) + throw new TlsFatalAlert(AlertDescription.protocol_version); + + securityParameters.m_negotiatedVersion = server_version; + + TlsUtilities.NegotiatedVersionDtlsClient(state.clientContext, state.client); + } + + /// + protected static byte[] PatchClientHelloWithCookie(byte[] clientHelloBody, byte[] cookie) + { + int sessionIDPos = 34; + int sessionIDLength = TlsUtilities.ReadUint8(clientHelloBody, sessionIDPos); + + int cookieLengthPos = sessionIDPos + 1 + sessionIDLength; + int cookiePos = cookieLengthPos + 1; + + byte[] patched = new byte[clientHelloBody.Length + cookie.Length]; + Array.Copy(clientHelloBody, 0, patched, 0, cookieLengthPos); + TlsUtilities.CheckUint8(cookie.Length); + TlsUtilities.WriteUint8(cookie.Length, patched, cookieLengthPos); + Array.Copy(cookie, 0, patched, cookiePos, cookie.Length); + Array.Copy(clientHelloBody, cookiePos, patched, cookiePos + cookie.Length, + clientHelloBody.Length - cookiePos); + + return patched; + } + + protected internal class ClientHandshakeState + { + internal TlsClient client = null; + internal TlsClientContextImpl clientContext = null; + internal TlsSession tlsSession = null; + internal SessionParameters sessionParameters = null; + internal TlsSecret sessionMasterSecret = null; + internal SessionParameters.Builder sessionParametersBuilder = null; + internal int[] offeredCipherSuites = null; + internal IDictionary clientExtensions = null; + internal IDictionary serverExtensions = null; + internal bool resumedSession = false; + internal bool expectSessionTicket = false; + internal IDictionary clientAgreements = null; + internal TlsKeyExchange keyExchange = null; + internal TlsAuthentication authentication = null; + internal CertificateStatus certificateStatus = null; + internal CertificateRequest certificateRequest = null; + internal TlsCredentials clientCredentials = null; + internal TlsHeartbeat heartbeat = null; + internal short heartbeatPolicy = HeartbeatMode.peer_not_allowed_to_send; + } + } +} diff --git a/BouncyCastle/crypto/src/tls/DtlsEpoch.cs b/BouncyCastle/crypto/src/tls/DtlsEpoch.cs new file mode 100644 index 0000000..e4ce849 --- /dev/null +++ b/BouncyCastle/crypto/src/tls/DtlsEpoch.cs @@ -0,0 +1,61 @@ +using System; +using System.IO; + +using Org.BouncyCastle.Tls.Crypto; + +namespace Org.BouncyCastle.Tls +{ + internal sealed class DtlsEpoch + { + private readonly DtlsReplayWindow m_replayWindow = new DtlsReplayWindow(); + + private readonly int m_epoch; + private readonly TlsCipher m_cipher; + + private long m_sequenceNumber = 0; + + internal DtlsEpoch(int epoch, TlsCipher cipher) + { + if (epoch < 0) + throw new ArgumentException("must be >= 0", "epoch"); + if (cipher == null) + throw new ArgumentNullException("cipher"); + + this.m_epoch = epoch; + this.m_cipher = cipher; + } + + /// + internal long AllocateSequenceNumber() + { + lock (this) + { + if (m_sequenceNumber >= (1L << 48)) + throw new TlsFatalAlert(AlertDescription.internal_error); + + return m_sequenceNumber++; + } + } + + internal TlsCipher Cipher + { + get { return m_cipher; } + } + + internal int Epoch + { + get { return m_epoch; } + } + + internal DtlsReplayWindow ReplayWindow + { + get { return m_replayWindow; } + } + + internal long SequenceNumber + { + get { lock (this) return m_sequenceNumber; } + set { lock (this) this.m_sequenceNumber = value; } + } + } +} diff --git a/BouncyCastle/crypto/src/tls/DtlsHandshakeRetransmit.cs b/BouncyCastle/crypto/src/tls/DtlsHandshakeRetransmit.cs new file mode 100644 index 0000000..6e691b8 --- /dev/null +++ b/BouncyCastle/crypto/src/tls/DtlsHandshakeRetransmit.cs @@ -0,0 +1,11 @@ +using System; +using System.IO; + +namespace Org.BouncyCastle.Tls +{ + internal interface DtlsHandshakeRetransmit + { + /// + void ReceivedHandshakeRecord(int epoch, byte[] buf, int off, int len); + } +} diff --git a/BouncyCastle/crypto/src/tls/DtlsProtocol.cs b/BouncyCastle/crypto/src/tls/DtlsProtocol.cs new file mode 100644 index 0000000..f0f42f9 --- /dev/null +++ b/BouncyCastle/crypto/src/tls/DtlsProtocol.cs @@ -0,0 +1,107 @@ +using System; +using System.Collections; +using System.IO; + +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Tls +{ + public abstract class DtlsProtocol + { + internal DtlsProtocol() + { + } + + /// + internal virtual void ProcessFinished(byte[] body, byte[] expected_verify_data) + { + MemoryStream buf = new MemoryStream(body, false); + + byte[] verify_data = TlsUtilities.ReadFully(expected_verify_data.Length, buf); + + TlsProtocol.AssertEmpty(buf); + + if (!Arrays.ConstantTimeAreEqual(expected_verify_data, verify_data)) + throw new TlsFatalAlert(AlertDescription.handshake_failure); + } + + /// + internal static void ApplyMaxFragmentLengthExtension(DtlsRecordLayer recordLayer, short maxFragmentLength) + { + if (maxFragmentLength >= 0) + { + if (!MaxFragmentLength.IsValid(maxFragmentLength)) + throw new TlsFatalAlert(AlertDescription.internal_error); + + int plainTextLimit = 1 << (8 + maxFragmentLength); + recordLayer.SetPlaintextLimit(plainTextLimit); + } + } + + /// + internal static short EvaluateMaxFragmentLengthExtension(bool resumedSession, IDictionary clientExtensions, + IDictionary serverExtensions, short alertDescription) + { + short maxFragmentLength = TlsExtensionsUtilities.GetMaxFragmentLengthExtension(serverExtensions); + if (maxFragmentLength >= 0) + { + if (!MaxFragmentLength.IsValid(maxFragmentLength) + || (!resumedSession && maxFragmentLength != TlsExtensionsUtilities + .GetMaxFragmentLengthExtension(clientExtensions))) + { + throw new TlsFatalAlert(alertDescription); + } + } + return maxFragmentLength; + } + + /// + internal static byte[] GenerateCertificate(TlsContext context, Certificate certificate, Stream endPointHash) + { + MemoryStream buf = new MemoryStream(); + certificate.Encode(context, buf, endPointHash); + return buf.ToArray(); + } + + /// + internal static byte[] GenerateSupplementalData(IList supplementalData) + { + MemoryStream buf = new MemoryStream(); + TlsProtocol.WriteSupplementalData(buf, supplementalData); + return buf.ToArray(); + } + + /// + internal static void SendCertificateMessage(TlsContext context, DtlsReliableHandshake handshake, + Certificate certificate, Stream endPointHash) + { + SecurityParameters securityParameters = context.SecurityParameters; + if (null != securityParameters.LocalCertificate) + throw new TlsFatalAlert(AlertDescription.internal_error); + + if (null == certificate) + { + certificate = Certificate.EmptyChain; + } + + byte[] certificateBody = GenerateCertificate(context, certificate, endPointHash); + handshake.SendMessage(HandshakeType.certificate, certificateBody); + + securityParameters.m_localCertificate = certificate; + } + + /// + internal static int ValidateSelectedCipherSuite(int selectedCipherSuite, short alertDescription) + { + switch (TlsUtilities.GetEncryptionAlgorithm(selectedCipherSuite)) + { + case EncryptionAlgorithm.RC4_40: + case EncryptionAlgorithm.RC4_128: + case -1: + throw new TlsFatalAlert(alertDescription); + default: + return selectedCipherSuite; + } + } + } +} diff --git a/BouncyCastle/crypto/src/tls/DtlsReassembler.cs b/BouncyCastle/crypto/src/tls/DtlsReassembler.cs new file mode 100644 index 0000000..964c8eb --- /dev/null +++ b/BouncyCastle/crypto/src/tls/DtlsReassembler.cs @@ -0,0 +1,120 @@ +using System; +using System.Collections; + +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Tls +{ + internal sealed class DtlsReassembler + { + private readonly short m_msg_type; + private readonly byte[] m_body; + + private readonly IList m_missing = Platform.CreateArrayList(); + + internal DtlsReassembler(short msg_type, int length) + { + this.m_msg_type = msg_type; + this.m_body = new byte[length]; + this.m_missing.Add(new Range(0, length)); + } + + internal short MsgType + { + get { return m_msg_type; } + } + + internal byte[] GetBodyIfComplete() + { + return m_missing.Count > 0 ? null : m_body; + } + + internal void ContributeFragment(short msg_type, int length, byte[] buf, int off, int fragment_offset, + int fragment_length) + { + int fragment_end = fragment_offset + fragment_length; + + if (m_msg_type != msg_type || m_body.Length != length || fragment_end > length) + return; + + if (fragment_length == 0) + { + // NOTE: Empty messages still require an empty fragment to complete it + if (fragment_offset == 0 && m_missing.Count > 0) + { + Range firstRange = (Range)m_missing[0]; + if (firstRange.End == 0) + { + m_missing.RemoveAt(0); + } + } + return; + } + + for (int i = 0; i < m_missing.Count; ++i) + { + Range range = (Range)m_missing[i]; + if (range.Start >= fragment_end) + break; + + if (range.End > fragment_offset) + { + int copyStart = System.Math.Max(range.Start, fragment_offset); + int copyEnd = System.Math.Min(range.End, fragment_end); + int copyLength = copyEnd - copyStart; + + Array.Copy(buf, off + copyStart - fragment_offset, m_body, copyStart, copyLength); + + if (copyStart == range.Start) + { + if (copyEnd == range.End) + { + m_missing.RemoveAt(i--); + } + else + { + range.Start = copyEnd; + } + } + else + { + if (copyEnd != range.End) + { + m_missing.Insert(++i, new Range(copyEnd, range.End)); + } + range.End = copyStart; + } + } + } + } + + internal void Reset() + { + m_missing.Clear(); + m_missing.Add(new Range(0, m_body.Length)); + } + + private sealed class Range + { + private int m_start, m_end; + + internal Range(int start, int end) + { + this.m_start = start; + this.m_end = end; + } + + public int Start + { + get { return m_start; } + set { this.m_start = value; } + } + + public int End + { + get { return m_end; } + set { this.m_end = value; } + } + } + } +} diff --git a/BouncyCastle/crypto/src/tls/DtlsRecordLayer.cs b/BouncyCastle/crypto/src/tls/DtlsRecordLayer.cs new file mode 100644 index 0000000..ffc0719 --- /dev/null +++ b/BouncyCastle/crypto/src/tls/DtlsRecordLayer.cs @@ -0,0 +1,817 @@ +using System; +using System.IO; +#if !PORTABLE || DOTNET +using System.Net.Sockets; +#endif + +using Org.BouncyCastle.Tls.Crypto; +using Org.BouncyCastle.Utilities; +using Org.BouncyCastle.Utilities.Date; + +namespace Org.BouncyCastle.Tls +{ + internal class DtlsRecordLayer + : DatagramTransport + { + private const int RECORD_HEADER_LENGTH = 13; + private const int MAX_FRAGMENT_LENGTH = 1 << 14; + private const long TCP_MSL = 1000L * 60 * 2; + private const long RETRANSMIT_TIMEOUT = TCP_MSL * 2; + + /// + internal static byte[] ReceiveClientHelloRecord(byte[] data, int dataOff, int dataLen) + { + if (dataLen < RECORD_HEADER_LENGTH) + { + return null; + } + + short contentType = TlsUtilities.ReadUint8(data, dataOff + 0); + if (ContentType.handshake != contentType) + return null; + + ProtocolVersion version = TlsUtilities.ReadVersion(data, dataOff + 1); + if (!ProtocolVersion.DTLSv10.IsEqualOrEarlierVersionOf(version)) + return null; + + int epoch = TlsUtilities.ReadUint16(data, dataOff + 3); + if (0 != epoch) + return null; + + //long sequenceNumber = TlsUtilities.ReadUint48(data, dataOff + 5); + + int length = TlsUtilities.ReadUint16(data, dataOff + 11); + if (dataLen < RECORD_HEADER_LENGTH + length) + return null; + + if (length > MAX_FRAGMENT_LENGTH) + return null; + + // NOTE: We ignore/drop any data after the first record + return TlsUtilities.CopyOfRangeExact(data, dataOff + RECORD_HEADER_LENGTH, + dataOff + RECORD_HEADER_LENGTH + length); + } + + /// + internal static void SendHelloVerifyRequestRecord(DatagramSender sender, long recordSeq, byte[] message) + { + TlsUtilities.CheckUint16(message.Length); + + byte[] record = new byte[RECORD_HEADER_LENGTH + message.Length]; + TlsUtilities.WriteUint8(ContentType.handshake, record, 0); + TlsUtilities.WriteVersion(ProtocolVersion.DTLSv10, record, 1); + TlsUtilities.WriteUint16(0, record, 3); + TlsUtilities.WriteUint48(recordSeq, record, 5); + TlsUtilities.WriteUint16(message.Length, record, 11); + + Array.Copy(message, 0, record, RECORD_HEADER_LENGTH, message.Length); + + SendDatagram(sender, record, 0, record.Length); + } + + /// + private static void SendDatagram(DatagramSender sender, byte[] buf, int off, int len) + { + // TODO[tls-port] Can we support interrupted IO on .NET? + //try + //{ + // sender.Send(buf, off, len); + //} + //catch (InterruptedIOException e) + //{ + // e.bytesTransferred = 0; + // throw e; + //} + + sender.Send(buf, off, len); + } + + private readonly TlsContext m_context; + private readonly TlsPeer m_peer; + private readonly DatagramTransport m_transport; + + private readonly ByteQueue m_recordQueue = new ByteQueue(); + private readonly object m_writeLock = new object(); + + private volatile bool m_closed = false; + private volatile bool m_failed = false; + // TODO[dtls13] Review the draft/RFC (legacy_record_version) to see if readVersion can be removed + private volatile ProtocolVersion m_readVersion = null, m_writeVersion = null; + private volatile bool m_inConnection; + private volatile bool m_inHandshake; + private volatile int m_plaintextLimit; + private DtlsEpoch m_currentEpoch, m_pendingEpoch; + private DtlsEpoch m_readEpoch, m_writeEpoch; + + private DtlsHandshakeRetransmit m_retransmit = null; + private DtlsEpoch m_retransmitEpoch = null; + private Timeout m_retransmitTimeout = null; + + private TlsHeartbeat m_heartbeat = null; // If non-null, controls the sending of heartbeat requests + private bool m_heartBeatResponder = false; // Whether we should send heartbeat responses + + private HeartbeatMessage m_heartbeatInFlight = null; // The current in-flight heartbeat request, if any + private Timeout m_heartbeatTimeout = null; // Idle timeout (if none in-flight), else expiry timeout for response + + private int m_heartbeatResendMillis = -1; // Delay before retransmit of current in-flight heartbeat request + private Timeout m_heartbeatResendTimeout = null; // Timeout for next retransmit of the in-flight heartbeat request + + internal DtlsRecordLayer(TlsContext context, TlsPeer peer, DatagramTransport transport) + { + this.m_context = context; + this.m_peer = peer; + this.m_transport = transport; + + this.m_inHandshake = true; + + this.m_currentEpoch = new DtlsEpoch(0, TlsNullNullCipher.Instance); + this.m_pendingEpoch = null; + this.m_readEpoch = m_currentEpoch; + this.m_writeEpoch = m_currentEpoch; + + SetPlaintextLimit(MAX_FRAGMENT_LENGTH); + } + + internal virtual bool IsClosed + { + get { return m_closed; } + } + + internal virtual void ResetAfterHelloVerifyRequestServer(long recordSeq) + { + this.m_inConnection = true; + + m_currentEpoch.SequenceNumber = recordSeq; + m_currentEpoch.ReplayWindow.Reset(recordSeq); + } + + internal virtual void SetPlaintextLimit(int plaintextLimit) + { + this.m_plaintextLimit = plaintextLimit; + } + + internal virtual int ReadEpoch + { + get { return m_readEpoch.Epoch; } + } + + internal virtual ProtocolVersion ReadVersion + { + get { return m_readVersion; } + set { this.m_readVersion = value; } + } + + internal virtual void SetWriteVersion(ProtocolVersion writeVersion) + { + this.m_writeVersion = writeVersion; + } + + internal virtual void InitPendingEpoch(TlsCipher pendingCipher) + { + if (m_pendingEpoch != null) + throw new InvalidOperationException(); + + /* + * TODO "In order to ensure that any given sequence/epoch pair is unique, implementations + * MUST NOT allow the same epoch value to be reused within two times the TCP maximum segment + * lifetime." + */ + + // TODO Check for overflow + this.m_pendingEpoch = new DtlsEpoch(m_writeEpoch.Epoch + 1, pendingCipher); + } + + internal virtual void HandshakeSuccessful(DtlsHandshakeRetransmit retransmit) + { + if (m_readEpoch == m_currentEpoch || m_writeEpoch == m_currentEpoch) + { + // TODO + throw new InvalidOperationException(); + } + + if (null != retransmit) + { + this.m_retransmit = retransmit; + this.m_retransmitEpoch = m_currentEpoch; + this.m_retransmitTimeout = new Timeout(RETRANSMIT_TIMEOUT); + } + + this.m_inHandshake = false; + this.m_currentEpoch = m_pendingEpoch; + this.m_pendingEpoch = null; + } + + internal virtual void InitHeartbeat(TlsHeartbeat heartbeat, bool heartbeatResponder) + { + if (m_inHandshake) + throw new InvalidOperationException(); + + this.m_heartbeat = heartbeat; + this.m_heartBeatResponder = heartbeatResponder; + + if (null != heartbeat) + { + ResetHeartbeat(); + } + } + + internal virtual void ResetWriteEpoch() + { + if (null != m_retransmitEpoch) + { + this.m_writeEpoch = m_retransmitEpoch; + } + else + { + this.m_writeEpoch = m_currentEpoch; + } + } + + /// + public virtual int GetReceiveLimit() + { + return System.Math.Min(m_plaintextLimit, + m_readEpoch.Cipher.GetPlaintextLimit(m_transport.GetReceiveLimit() - RECORD_HEADER_LENGTH)); + } + + /// + public virtual int GetSendLimit() + { + return System.Math.Min(m_plaintextLimit, + m_writeEpoch.Cipher.GetPlaintextLimit(m_transport.GetSendLimit() - RECORD_HEADER_LENGTH)); + } + + /// + public virtual int Receive(byte[] buf, int off, int len, int waitMillis) + { + long currentTimeMillis = DateTimeUtilities.CurrentUnixMs(); + + Timeout timeout = Timeout.ForWaitMillis(waitMillis, currentTimeMillis); + byte[] record = null; + + while (waitMillis >= 0) + { + if (null != m_retransmitTimeout && m_retransmitTimeout.RemainingMillis(currentTimeMillis) < 1) + { + m_retransmit = null; + m_retransmitEpoch = null; + m_retransmitTimeout = null; + } + + if (Timeout.HasExpired(m_heartbeatTimeout, currentTimeMillis)) + { + if (null != m_heartbeatInFlight) + throw new TlsTimeoutException("Heartbeat timed out"); + + this.m_heartbeatInFlight = HeartbeatMessage.Create(m_context, + HeartbeatMessageType.heartbeat_request, m_heartbeat.GeneratePayload()); + this.m_heartbeatTimeout = new Timeout(m_heartbeat.TimeoutMillis, currentTimeMillis); + + this.m_heartbeatResendMillis = DtlsReliableHandshake.INITIAL_RESEND_MILLIS; + this.m_heartbeatResendTimeout = new Timeout(m_heartbeatResendMillis, currentTimeMillis); + + SendHeartbeatMessage(m_heartbeatInFlight); + } + else if (Timeout.HasExpired(m_heartbeatResendTimeout, currentTimeMillis)) + { + this.m_heartbeatResendMillis = DtlsReliableHandshake.BackOff(m_heartbeatResendMillis); + this.m_heartbeatResendTimeout = new Timeout(m_heartbeatResendMillis, currentTimeMillis); + + SendHeartbeatMessage(m_heartbeatInFlight); + } + + waitMillis = Timeout.ConstrainWaitMillis(waitMillis, m_heartbeatTimeout, currentTimeMillis); + waitMillis = Timeout.ConstrainWaitMillis(waitMillis, m_heartbeatResendTimeout, currentTimeMillis); + + // NOTE: Guard against bad logic giving a negative value + if (waitMillis < 0) + { + waitMillis = 1; + } + + int receiveLimit = System.Math.Min(len, GetReceiveLimit()) + RECORD_HEADER_LENGTH; + if (null == record || record.Length < receiveLimit) + { + record = new byte[receiveLimit]; + } + + int received = ReceiveRecord(record, 0, receiveLimit, waitMillis); + int processed = ProcessRecord(received, record, buf, off); + if (processed >= 0) + { + return processed; + } + + currentTimeMillis = DateTimeUtilities.CurrentUnixMs(); + waitMillis = Timeout.GetWaitMillis(timeout, currentTimeMillis); + } + + return -1; + } + + /// + public virtual void Send(byte[] buf, int off, int len) + { + short contentType = ContentType.application_data; + + if (m_inHandshake || m_writeEpoch == m_retransmitEpoch) + { + contentType = ContentType.handshake; + + short handshakeType = TlsUtilities.ReadUint8(buf, off); + if (handshakeType == HandshakeType.finished) + { + DtlsEpoch nextEpoch = null; + if (m_inHandshake) + { + nextEpoch = m_pendingEpoch; + } + else if (m_writeEpoch == m_retransmitEpoch) + { + nextEpoch = m_currentEpoch; + } + + if (nextEpoch == null) + { + // TODO + throw new InvalidOperationException(); + } + + // Implicitly send change_cipher_spec and change to pending cipher state + + // TODO Send change_cipher_spec and finished records in single datagram? + byte[] data = new byte[]{ 1 }; + SendRecord(ContentType.change_cipher_spec, data, 0, data.Length); + + this.m_writeEpoch = nextEpoch; + } + } + + SendRecord(contentType, buf, off, len); + } + + /// + public virtual void Close() + { + if (!m_closed) + { + if (m_inHandshake && m_inConnection) + { + Warn(AlertDescription.user_canceled, "User canceled handshake"); + } + CloseTransport(); + } + } + + internal virtual void Fail(short alertDescription) + { + if (!m_closed) + { + if (m_inConnection) + { + try + { + RaiseAlert(AlertLevel.fatal, alertDescription, null, null); + } + catch (Exception) + { + // Ignore + } + } + + this.m_failed = true; + + CloseTransport(); + } + } + + internal virtual void Failed() + { + if (!m_closed) + { + this.m_failed = true; + + CloseTransport(); + } + } + + /// + internal virtual void Warn(short alertDescription, String message) + { + RaiseAlert(AlertLevel.warning, alertDescription, message, null); + } + + private void CloseTransport() + { + if (!m_closed) + { + /* + * RFC 5246 7.2.1. Unless some other fatal alert has been transmitted, each party is + * required to send a close_notify alert before closing the write side of the + * connection. The other party MUST respond with a close_notify alert of its own and + * close down the connection immediately, discarding any pending writes. + */ + + try + { + if (!m_failed) + { + Warn(AlertDescription.close_notify, null); + } + m_transport.Close(); + } + catch (Exception) + { + // Ignore + } + + this.m_closed = true; + } + } + + /// + private void RaiseAlert(short alertLevel, short alertDescription, string message, Exception cause) + { + m_peer.NotifyAlertRaised(alertLevel, alertDescription, message, cause); + + byte[] error = new byte[2]; + error[0] = (byte)alertLevel; + error[1] = (byte)alertDescription; + + SendRecord(ContentType.alert, error, 0, 2); + } + + /// + private int ReceiveDatagram(byte[] buf, int off, int len, int waitMillis) + { + try + { + return m_transport.Receive(buf, off, len, waitMillis); + } + catch (TlsTimeoutException) + { + return -1; + } +#if !PORTABLE || DOTNET + catch (SocketException e) + { + if (TlsUtilities.IsTimeout(e)) + return -1; + + throw e; + } +#endif + // TODO[tls-port] Can we support interrupted IO on .NET? + //catch (InterruptedIOException e) + //{ + // e.bytesTransferred = 0; + // throw e; + //} + } + + // TODO Include 'currentTimeMillis' as an argument, use with Timeout, resetHeartbeat + /// + private int ProcessRecord(int received, byte[] record, byte[] buf, int off) + { + // NOTE: received < 0 (timeout) is covered by this first case + if (received < RECORD_HEADER_LENGTH) + return -1; + + int length = TlsUtilities.ReadUint16(record, 11); + if (received != (length + RECORD_HEADER_LENGTH)) + return -1; + + // TODO[dtls13] Deal with opaque record type for 1.3 AEAD ciphers + short recordType = TlsUtilities.ReadUint8(record, 0); + + switch (recordType) + { + case ContentType.alert: + case ContentType.application_data: + case ContentType.change_cipher_spec: + case ContentType.handshake: + case ContentType.heartbeat: + break; + default: + return -1; + } + + int epoch = TlsUtilities.ReadUint16(record, 3); + + DtlsEpoch recordEpoch = null; + if (epoch == m_readEpoch.Epoch) + { + recordEpoch = m_readEpoch; + } + else if (recordType == ContentType.handshake && null != m_retransmitEpoch + && epoch == m_retransmitEpoch.Epoch) + { + recordEpoch = m_retransmitEpoch; + } + + if (null == recordEpoch) + return -1; + + long seq = TlsUtilities.ReadUint48(record, 5); + if (recordEpoch.ReplayWindow.ShouldDiscard(seq)) + return -1; + + ProtocolVersion recordVersion = TlsUtilities.ReadVersion(record, 1); + if (!recordVersion.IsDtls) + return -1; + + if (null != m_readVersion && !m_readVersion.Equals(recordVersion)) + { + /* + * Special-case handling for retransmitted ClientHello records. + * + * TODO Revisit how 'readVersion' works, since this is quite awkward. + */ + bool isClientHelloFragment = + ReadEpoch == 0 + && length > 0 + && ContentType.handshake == recordType + && HandshakeType.client_hello == TlsUtilities.ReadUint8(record, RECORD_HEADER_LENGTH); + + if (!isClientHelloFragment) + return -1; + } + + long macSeqNo = GetMacSequenceNumber(recordEpoch.Epoch, seq); + + TlsDecodeResult decoded = recordEpoch.Cipher.DecodeCiphertext(macSeqNo, recordType, recordVersion, record, + RECORD_HEADER_LENGTH, length); + + recordEpoch.ReplayWindow.ReportAuthenticated(seq); + + if (decoded.len > m_plaintextLimit) + return -1; + + if (decoded.len < 1 && decoded.contentType != ContentType.application_data) + return -1; + + if (null == m_readVersion) + { + bool isHelloVerifyRequest = + ReadEpoch == 0 + && length > 0 + && ContentType.handshake == recordType + && HandshakeType.hello_verify_request == TlsUtilities.ReadUint8(record, RECORD_HEADER_LENGTH); + + if (isHelloVerifyRequest) + { + /* + * RFC 6347 4.2.1 DTLS 1.2 server implementations SHOULD use DTLS version 1.0 + * regardless of the version of TLS that is expected to be negotiated. DTLS 1.2 and + * 1.0 clients MUST use the version solely to indicate packet formatting (which is + * the same in both DTLS 1.2 and 1.0) and not as part of version negotiation. + */ + if (!ProtocolVersion.DTLSv12.IsEqualOrLaterVersionOf(recordVersion)) + return -1; + } + else + { + this.m_readVersion = recordVersion; + } + } + + switch (decoded.contentType) + { + case ContentType.alert: + { + if (decoded.len == 2) + { + short alertLevel = TlsUtilities.ReadUint8(decoded.buf, decoded.off); + short alertDescription = TlsUtilities.ReadUint8(decoded.buf, decoded.off + 1); + + m_peer.NotifyAlertReceived(alertLevel, alertDescription); + + if (alertLevel == AlertLevel.fatal) + { + Failed(); + throw new TlsFatalAlert(alertDescription); + } + + // TODO Can close_notify be a fatal alert? + if (alertDescription == AlertDescription.close_notify) + { + CloseTransport(); + } + } + + return -1; + } + case ContentType.application_data: + { + if (m_inHandshake) + { + // TODO Consider buffering application data for new epoch that arrives + // out-of-order with the Finished message + return -1; + } + break; + } + case ContentType.change_cipher_spec: + { + // Implicitly receive change_cipher_spec and change to pending cipher state + + for (int i = 0; i < decoded.len; ++i) + { + short message = TlsUtilities.ReadUint8(decoded.buf, decoded.off + i); + if (message != ChangeCipherSpec.change_cipher_spec) + continue; + + if (m_pendingEpoch != null) + { + m_readEpoch = m_pendingEpoch; + } + } + + return -1; + } + case ContentType.handshake: + { + if (!m_inHandshake) + { + if (null != m_retransmit) + { + m_retransmit.ReceivedHandshakeRecord(epoch, decoded.buf, decoded.off, decoded.len); + } + + // TODO Consider support for HelloRequest + return -1; + } + break; + } + case ContentType.heartbeat: + { + if (null != m_heartbeatInFlight || m_heartBeatResponder) + { + try + { + MemoryStream input = new MemoryStream(decoded.buf, decoded.off, decoded.len, false); + HeartbeatMessage heartbeatMessage = HeartbeatMessage.Parse(input); + + if (null != heartbeatMessage) + { + switch (heartbeatMessage.Type) + { + case HeartbeatMessageType.heartbeat_request: + { + if (m_heartBeatResponder) + { + HeartbeatMessage response = HeartbeatMessage.Create(m_context, + HeartbeatMessageType.heartbeat_response, heartbeatMessage.Payload); + + SendHeartbeatMessage(response); + } + break; + } + case HeartbeatMessageType.heartbeat_response: + { + if (null != m_heartbeatInFlight + && Arrays.AreEqual(heartbeatMessage.Payload, m_heartbeatInFlight.Payload)) + { + ResetHeartbeat(); + } + break; + } + default: + break; + } + } + } + catch (Exception) + { + // Ignore + } + } + + return -1; + } + default: + return -1; + } + + /* + * NOTE: If we receive any non-handshake data in the new epoch implies the peer has + * received our final flight. + */ + if (!m_inHandshake && null != m_retransmit) + { + this.m_retransmit = null; + this.m_retransmitEpoch = null; + this.m_retransmitTimeout = null; + } + + Array.Copy(decoded.buf, decoded.off, buf, off, decoded.len); + return decoded.len; + } + + /// + private int ReceiveRecord(byte[] buf, int off, int len, int waitMillis) + { + if (m_recordQueue.Available > 0) + { + int length = 0; + if (m_recordQueue.Available >= RECORD_HEADER_LENGTH) + { + byte[] lengthBytes = new byte[2]; + m_recordQueue.Read(lengthBytes, 0, 2, 11); + length = TlsUtilities.ReadUint16(lengthBytes, 0); + } + + int received = System.Math.Min(m_recordQueue.Available, RECORD_HEADER_LENGTH + length); + m_recordQueue.RemoveData(buf, off, received, 0); + return received; + } + + { + int received = ReceiveDatagram(buf, off, len, waitMillis); + if (received >= RECORD_HEADER_LENGTH) + { + this.m_inConnection = true; + + int fragmentLength = TlsUtilities.ReadUint16(buf, off + 11); + int recordLength = RECORD_HEADER_LENGTH + fragmentLength; + if (received > recordLength) + { + m_recordQueue.AddData(buf, off + recordLength, received - recordLength); + received = recordLength; + } + } + + return received; + } + } + + private void ResetHeartbeat() + { + this.m_heartbeatInFlight = null; + this.m_heartbeatResendMillis = -1; + this.m_heartbeatResendTimeout = null; + this.m_heartbeatTimeout = new Timeout(m_heartbeat.IdleMillis); + } + + /// + private void SendHeartbeatMessage(HeartbeatMessage heartbeatMessage) + { + MemoryStream output = new MemoryStream(); + heartbeatMessage.Encode(output); + byte[] buf = output.ToArray(); + + SendRecord(ContentType.heartbeat, buf, 0, buf.Length); + } + + /* + * Currently uses synchronization to ensure heartbeat sends and application data sends don't + * interfere with each other. It may be overly cautious; the sequence number allocation is + * atomic, and if we synchronize only on the datagram send instead, then the only effect should + * be possible reordering of records (which might surprise a reliable transport implementation). + */ + /// + private void SendRecord(short contentType, byte[] buf, int off, int len) + { + // Never send anything until a valid ClientHello has been received + if (m_writeVersion == null) + return; + + if (len > m_plaintextLimit) + throw new TlsFatalAlert(AlertDescription.internal_error); + + /* + * RFC 5246 6.2.1 Implementations MUST NOT send zero-length fragments of Handshake, Alert, + * or ChangeCipherSpec content types. + */ + if (len < 1 && contentType != ContentType.application_data) + throw new TlsFatalAlert(AlertDescription.internal_error); + + lock (m_writeLock) + { + int recordEpoch = m_writeEpoch.Epoch; + long recordSequenceNumber = m_writeEpoch.AllocateSequenceNumber(); + long macSequenceNumber = GetMacSequenceNumber(recordEpoch, recordSequenceNumber); + ProtocolVersion recordVersion = m_writeVersion; + + TlsEncodeResult encoded = m_writeEpoch.Cipher.EncodePlaintext(macSequenceNumber, contentType, + recordVersion, RECORD_HEADER_LENGTH, buf, off, len); + + int ciphertextLength = encoded.len - RECORD_HEADER_LENGTH; + TlsUtilities.CheckUint16(ciphertextLength); + + TlsUtilities.WriteUint8(encoded.recordType, encoded.buf, encoded.off + 0); + TlsUtilities.WriteVersion(recordVersion, encoded.buf, encoded.off + 1); + TlsUtilities.WriteUint16(recordEpoch, encoded.buf, encoded.off + 3); + TlsUtilities.WriteUint48(recordSequenceNumber, encoded.buf, encoded.off + 5); + TlsUtilities.WriteUint16(ciphertextLength, encoded.buf, encoded.off + 11); + + SendDatagram(m_transport, encoded.buf, encoded.off, encoded.len); + } + } + + private static long GetMacSequenceNumber(int epoch, long sequence_number) + { + return ((epoch & 0xFFFFFFFFL) << 48) | sequence_number; + } + } +} diff --git a/BouncyCastle/crypto/src/tls/DtlsReliableHandshake.cs b/BouncyCastle/crypto/src/tls/DtlsReliableHandshake.cs new file mode 100644 index 0000000..7581e47 --- /dev/null +++ b/BouncyCastle/crypto/src/tls/DtlsReliableHandshake.cs @@ -0,0 +1,574 @@ +using System; +using System.Collections; +using System.IO; + +using Org.BouncyCastle.Utilities; +using Org.BouncyCastle.Utilities.Date; + +namespace Org.BouncyCastle.Tls +{ + internal class DtlsReliableHandshake + { + private const int MAX_RECEIVE_AHEAD = 16; + private const int MESSAGE_HEADER_LENGTH = 12; + + internal const int INITIAL_RESEND_MILLIS = 1000; + private const int MAX_RESEND_MILLIS = 60000; + + /// + internal static DtlsRequest ReadClientRequest(byte[] data, int dataOff, int dataLen, Stream dtlsOutput) + { + // TODO Support the possibility of a fragmented ClientHello datagram + + byte[] message = DtlsRecordLayer.ReceiveClientHelloRecord(data, dataOff, dataLen); + if (null == message || message.Length < MESSAGE_HEADER_LENGTH) + return null; + + long recordSeq = TlsUtilities.ReadUint48(data, dataOff + 5); + + short msgType = TlsUtilities.ReadUint8(message, 0); + if (HandshakeType.client_hello != msgType) + return null; + + int length = TlsUtilities.ReadUint24(message, 1); + if (message.Length != MESSAGE_HEADER_LENGTH + length) + return null; + + // TODO Consider stricter HelloVerifyRequest-related checks + //int messageSeq = TlsUtilities.ReadUint16(message, 4); + //if (messageSeq > 1) + // return null; + + int fragmentOffset = TlsUtilities.ReadUint24(message, 6); + if (0 != fragmentOffset) + return null; + + int fragmentLength = TlsUtilities.ReadUint24(message, 9); + if (length != fragmentLength) + return null; + + ClientHello clientHello = ClientHello.Parse( + new MemoryStream(message, MESSAGE_HEADER_LENGTH, length, false), dtlsOutput); + + return new DtlsRequest(recordSeq, message, clientHello); + } + + /// + internal static void SendHelloVerifyRequest(DatagramSender sender, long recordSeq, byte[] cookie) + { + TlsUtilities.CheckUint8(cookie.Length); + + int length = 3 + cookie.Length; + + byte[] message = new byte[MESSAGE_HEADER_LENGTH + length]; + TlsUtilities.WriteUint8(HandshakeType.hello_verify_request, message, 0); + TlsUtilities.WriteUint24(length, message, 1); + //TlsUtilities.WriteUint16(0, message, 4); + //TlsUtilities.WriteUint24(0, message, 6); + TlsUtilities.WriteUint24(length, message, 9); + + // HelloVerifyRequest fields + TlsUtilities.WriteVersion(ProtocolVersion.DTLSv10, message, MESSAGE_HEADER_LENGTH + 0); + TlsUtilities.WriteOpaque8(cookie, message, MESSAGE_HEADER_LENGTH + 2); + + DtlsRecordLayer.SendHelloVerifyRequestRecord(sender, recordSeq, message); + } + + /* + * No 'final' modifiers so that it works in earlier JDKs + */ + private DtlsRecordLayer m_recordLayer; + private Timeout m_handshakeTimeout; + + private TlsHandshakeHash m_handshakeHash; + + private IDictionary m_currentInboundFlight = Platform.CreateHashtable(); + private IDictionary m_previousInboundFlight = null; + private IList m_outboundFlight = Platform.CreateArrayList(); + + private int m_resendMillis = -1; + private Timeout m_resendTimeout = null; + + private int m_next_send_seq = 0, m_next_receive_seq = 0; + + internal DtlsReliableHandshake(TlsContext context, DtlsRecordLayer transport, int timeoutMillis, + DtlsRequest request) + { + this.m_recordLayer = transport; + this.m_handshakeHash = new DeferredHash(context); + this.m_handshakeTimeout = Timeout.ForWaitMillis(timeoutMillis); + + if (null != request) + { + this.m_resendMillis = INITIAL_RESEND_MILLIS; + this.m_resendTimeout = new Timeout(m_resendMillis); + + long recordSeq = request.RecordSeq; + int messageSeq = request.MessageSeq; + byte[] message = request.Message; + + m_recordLayer.ResetAfterHelloVerifyRequestServer(recordSeq); + + // Simulate a previous flight consisting of the request ClientHello + DtlsReassembler reassembler = new DtlsReassembler(HandshakeType.client_hello, + message.Length - MESSAGE_HEADER_LENGTH); + m_currentInboundFlight[messageSeq] = reassembler; + + // We sent HelloVerifyRequest with (message) sequence number 0 + this.m_next_send_seq = 1; + this.m_next_receive_seq = messageSeq + 1; + + m_handshakeHash.Update(message, 0, message.Length); + } + } + + internal void ResetAfterHelloVerifyRequestClient() + { + this.m_currentInboundFlight = Platform.CreateHashtable(); + this.m_previousInboundFlight = null; + this.m_outboundFlight = Platform.CreateArrayList(); + + this.m_resendMillis = -1; + this.m_resendTimeout = null; + + // We're waiting for ServerHello, always with (message) sequence number 1 + this.m_next_receive_seq = 1; + + m_handshakeHash.Reset(); + } + + internal TlsHandshakeHash HandshakeHash + { + get { return m_handshakeHash; } + } + + internal void PrepareToFinish() + { + m_handshakeHash.StopTracking(); + } + + /// + internal void SendMessage(short msg_type, byte[] body) + { + TlsUtilities.CheckUint24(body.Length); + + if (null != m_resendTimeout) + { + CheckInboundFlight(); + + this.m_resendMillis = -1; + this.m_resendTimeout = null; + + m_outboundFlight.Clear(); + } + + Message message = new Message(m_next_send_seq++, msg_type, body); + + m_outboundFlight.Add(message); + + WriteMessage(message); + UpdateHandshakeMessagesDigest(message); + } + + /// + internal Message ReceiveMessage() + { + Message message = ImplReceiveMessage(); + UpdateHandshakeMessagesDigest(message); + return message; + } + + /// + internal byte[] ReceiveMessageBody(short msg_type) + { + Message message = ImplReceiveMessage(); + if (message.Type != msg_type) + throw new TlsFatalAlert(AlertDescription.unexpected_message); + + UpdateHandshakeMessagesDigest(message); + return message.Body; + } + + /// + internal Message ReceiveMessageDelayedDigest(short msg_type) + { + Message message = ImplReceiveMessage(); + if (message.Type != msg_type) + throw new TlsFatalAlert(AlertDescription.unexpected_message); + + return message; + } + + /// + internal void UpdateHandshakeMessagesDigest(Message message) + { + short msg_type = message.Type; + switch (msg_type) + { + case HandshakeType.hello_request: + case HandshakeType.hello_verify_request: + case HandshakeType.key_update: + break; + + // TODO[dtls13] Not included in the transcript for (D)TLS 1.3+ + case HandshakeType.new_session_ticket: + default: + { + byte[] body = message.Body; + byte[] buf = new byte[MESSAGE_HEADER_LENGTH]; + TlsUtilities.WriteUint8(msg_type, buf, 0); + TlsUtilities.WriteUint24(body.Length, buf, 1); + TlsUtilities.WriteUint16(message.Seq, buf, 4); + TlsUtilities.WriteUint24(0, buf, 6); + TlsUtilities.WriteUint24(body.Length, buf, 9); + m_handshakeHash.Update(buf, 0, buf.Length); + m_handshakeHash.Update(body, 0, body.Length); + break; + } + } + } + + internal void Finish() + { + DtlsHandshakeRetransmit retransmit = null; + if (null != m_resendTimeout) + { + CheckInboundFlight(); + } + else + { + PrepareInboundFlight(null); + + if (m_previousInboundFlight != null) + { + /* + * RFC 6347 4.2.4. In addition, for at least twice the default MSL defined for [TCP], + * when in the FINISHED state, the node that transmits the last flight (the server in an + * ordinary handshake or the client in a resumed handshake) MUST respond to a retransmit + * of the peer's last flight with a retransmit of the last flight. + */ + retransmit = new Retransmit(this); + } + } + + m_recordLayer.HandshakeSuccessful(retransmit); + } + + internal static int BackOff(int timeoutMillis) + { + /* + * TODO[DTLS] implementations SHOULD back off handshake packet size during the + * retransmit backoff. + */ + return System.Math.Min(timeoutMillis * 2, MAX_RESEND_MILLIS); + } + + /** + * Check that there are no "extra" messages left in the current inbound flight + */ + private void CheckInboundFlight() + { + foreach (int key in m_currentInboundFlight.Keys) + { + if (key >= m_next_receive_seq) + { + // TODO Should this be considered an error? + } + } + } + + /// + private Message GetPendingMessage() + { + DtlsReassembler next = (DtlsReassembler)m_currentInboundFlight[m_next_receive_seq]; + if (next != null) + { + byte[] body = next.GetBodyIfComplete(); + if (body != null) + { + m_previousInboundFlight = null; + return new Message(m_next_receive_seq++, next.MsgType, body); + } + } + return null; + } + + /// + private Message ImplReceiveMessage() + { + long currentTimeMillis = DateTimeUtilities.CurrentUnixMs(); + + if (null == m_resendTimeout) + { + m_resendMillis = INITIAL_RESEND_MILLIS; + m_resendTimeout = new Timeout(m_resendMillis, currentTimeMillis); + + PrepareInboundFlight(Platform.CreateHashtable()); + } + + byte[] buf = null; + + for (;;) + { + if (m_recordLayer.IsClosed) + throw new TlsFatalAlert(AlertDescription.user_canceled); + + Message pending = GetPendingMessage(); + if (pending != null) + return pending; + + if (Timeout.HasExpired(m_handshakeTimeout, currentTimeMillis)) + throw new TlsTimeoutException("Handshake timed out"); + + int waitMillis = Timeout.GetWaitMillis(m_handshakeTimeout, currentTimeMillis); + waitMillis = Timeout.ConstrainWaitMillis(waitMillis, m_resendTimeout, currentTimeMillis); + + // NOTE: Ensure a finite wait, of at least 1ms + if (waitMillis < 1) + { + waitMillis = 1; + } + + int receiveLimit = m_recordLayer.GetReceiveLimit(); + if (buf == null || buf.Length < receiveLimit) + { + buf = new byte[receiveLimit]; + } + + int received = m_recordLayer.Receive(buf, 0, receiveLimit, waitMillis); + if (received < 0) + { + ResendOutboundFlight(); + } + else + { + ProcessRecord(MAX_RECEIVE_AHEAD, m_recordLayer.ReadEpoch, buf, 0, received); + } + + currentTimeMillis = DateTimeUtilities.CurrentUnixMs(); + } + } + + private void PrepareInboundFlight(IDictionary nextFlight) + { + ResetAll(m_currentInboundFlight); + m_previousInboundFlight = m_currentInboundFlight; + m_currentInboundFlight = nextFlight; + } + + /// + private void ProcessRecord(int windowSize, int epoch, byte[] buf, int off, int len) + { + bool checkPreviousFlight = false; + + while (len >= MESSAGE_HEADER_LENGTH) + { + int fragment_length = TlsUtilities.ReadUint24(buf, off + 9); + int message_length = fragment_length + MESSAGE_HEADER_LENGTH; + if (len < message_length) + { + // NOTE: Truncated message - ignore it + break; + } + + int length = TlsUtilities.ReadUint24(buf, off + 1); + int fragment_offset = TlsUtilities.ReadUint24(buf, off + 6); + if (fragment_offset + fragment_length > length) + { + // NOTE: Malformed fragment - ignore it and the rest of the record + break; + } + + /* + * NOTE: This very simple epoch check will only work until we want to support + * renegotiation (and we're not likely to do that anyway). + */ + short msg_type = TlsUtilities.ReadUint8(buf, off + 0); + int expectedEpoch = msg_type == HandshakeType.finished ? 1 : 0; + if (epoch != expectedEpoch) + break; + + int message_seq = TlsUtilities.ReadUint16(buf, off + 4); + if (message_seq >= (m_next_receive_seq + windowSize)) + { + // NOTE: Too far ahead - ignore + } + else if (message_seq >= m_next_receive_seq) + { + DtlsReassembler reassembler = (DtlsReassembler)m_currentInboundFlight[message_seq]; + if (reassembler == null) + { + reassembler = new DtlsReassembler(msg_type, length); + m_currentInboundFlight[message_seq] = reassembler; + } + + reassembler.ContributeFragment(msg_type, length, buf, off + MESSAGE_HEADER_LENGTH, fragment_offset, + fragment_length); + } + else if (m_previousInboundFlight != null) + { + /* + * NOTE: If we receive the previous flight of incoming messages in full again, + * retransmit our last flight + */ + + DtlsReassembler reassembler = (DtlsReassembler)m_previousInboundFlight[message_seq]; + if (reassembler != null) + { + reassembler.ContributeFragment(msg_type, length, buf, off + MESSAGE_HEADER_LENGTH, + fragment_offset, fragment_length); + checkPreviousFlight = true; + } + } + + off += message_length; + len -= message_length; + } + + if (checkPreviousFlight && CheckAll(m_previousInboundFlight)) + { + ResendOutboundFlight(); + ResetAll(m_previousInboundFlight); + } + } + + /// + private void ResendOutboundFlight() + { + m_recordLayer.ResetWriteEpoch(); + foreach (Message message in m_outboundFlight) + { + WriteMessage(message); + } + + m_resendMillis = BackOff(m_resendMillis); + m_resendTimeout = new Timeout(m_resendMillis); + } + + /// + private void WriteMessage(Message message) + { + int sendLimit = m_recordLayer.GetSendLimit(); + int fragmentLimit = sendLimit - MESSAGE_HEADER_LENGTH; + + // TODO Support a higher minimum fragment size? + if (fragmentLimit < 1) + { + // TODO Should we be throwing an exception here? + throw new TlsFatalAlert(AlertDescription.internal_error); + } + + int length = message.Body.Length; + + // NOTE: Must still send a fragment if body is empty + int fragment_offset = 0; + do + { + int fragment_length = System.Math.Min(length - fragment_offset, fragmentLimit); + WriteHandshakeFragment(message, fragment_offset, fragment_length); + fragment_offset += fragment_length; + } + while (fragment_offset < length); + } + + /// + private void WriteHandshakeFragment(Message message, int fragment_offset, int fragment_length) + { + RecordLayerBuffer fragment = new RecordLayerBuffer(MESSAGE_HEADER_LENGTH + fragment_length); + TlsUtilities.WriteUint8(message.Type, fragment); + TlsUtilities.WriteUint24(message.Body.Length, fragment); + TlsUtilities.WriteUint16(message.Seq, fragment); + TlsUtilities.WriteUint24(fragment_offset, fragment); + TlsUtilities.WriteUint24(fragment_length, fragment); + fragment.Write(message.Body, fragment_offset, fragment_length); + + fragment.SendToRecordLayer(m_recordLayer); + } + + private static bool CheckAll(IDictionary inboundFlight) + { + foreach (DtlsReassembler r in inboundFlight.Values) + { + if (r.GetBodyIfComplete() == null) + return false; + } + return true; + } + + private static void ResetAll(IDictionary inboundFlight) + { + foreach (DtlsReassembler r in inboundFlight.Values) + { + r.Reset(); + } + } + + internal class Message + { + private readonly int m_message_seq; + private readonly short m_msg_type; + private readonly byte[] m_body; + + internal Message(int message_seq, short msg_type, byte[] body) + { + this.m_message_seq = message_seq; + this.m_msg_type = msg_type; + this.m_body = body; + } + + public int Seq + { + get { return m_message_seq; } + } + + public short Type + { + get { return m_msg_type; } + } + + public byte[] Body + { + get { return m_body; } + } + } + + internal class RecordLayerBuffer + : MemoryStream + { + internal RecordLayerBuffer(int size) + : base(size) + { + } + + internal void SendToRecordLayer(DtlsRecordLayer recordLayer) + { +#if PORTABLE + byte[] buf = ToArray(); + int bufLen = buf.Length; +#else + byte[] buf = GetBuffer(); + int bufLen = (int)Length; +#endif + + recordLayer.Send(buf, 0, bufLen); + Platform.Dispose(this); + } + } + + internal class Retransmit + : DtlsHandshakeRetransmit + { + private readonly DtlsReliableHandshake m_outer; + + internal Retransmit(DtlsReliableHandshake outer) + { + this.m_outer = outer; + } + + public void ReceivedHandshakeRecord(int epoch, byte[] buf, int off, int len) + { + m_outer.ProcessRecord(0, epoch, buf, off, len); + } + } + } +} diff --git a/BouncyCastle/crypto/src/tls/DtlsReplayWindow.cs b/BouncyCastle/crypto/src/tls/DtlsReplayWindow.cs new file mode 100644 index 0000000..a08114c --- /dev/null +++ b/BouncyCastle/crypto/src/tls/DtlsReplayWindow.cs @@ -0,0 +1,84 @@ +using System; + +namespace Org.BouncyCastle.Tls +{ + /** + * RFC 4347 4.1.2.5 Anti-replay + *

    + * Support fast rejection of duplicate records by maintaining a sliding receive window + *

    + */ + internal sealed class DtlsReplayWindow + { + private const long ValidSeqMask = 0x0000FFFFFFFFFFFFL; + + private const long WindowSize = 64L; + + private long m_latestConfirmedSeq = -1; + private ulong m_bitmap = 0; + + /// Check whether a received record with the given sequence number should be rejected as a duplicate. + /// + /// the 48-bit DTLSPlainText.sequence_number field of a received record. + /// true if the record should be discarded without further processing. + internal bool ShouldDiscard(long seq) + { + if ((seq & ValidSeqMask) != seq) + return true; + + if (seq <= m_latestConfirmedSeq) + { + long diff = m_latestConfirmedSeq - seq; + if (diff >= WindowSize) + return true; + + if ((m_bitmap & (1UL << (int)diff)) != 0) + return true; + } + + return false; + } + + /// Report that a received record with the given sequence number passed authentication checks. + /// + /// the 48-bit DTLSPlainText.sequence_number field of an authenticated record. + internal void ReportAuthenticated(long seq) + { + if ((seq & ValidSeqMask) != seq) + throw new ArgumentException("out of range", "seq"); + + if (seq <= m_latestConfirmedSeq) + { + long diff = m_latestConfirmedSeq - seq; + if (diff < WindowSize) + { + m_bitmap |= (1UL << (int)diff); + } + } + else + { + long diff = seq - m_latestConfirmedSeq; + if (diff >= WindowSize) + { + m_bitmap = 1; + } + else + { + m_bitmap <<= (int)diff; // for earlier JDKs + m_bitmap |= 1UL; + } + m_latestConfirmedSeq = seq; + } + } + + internal void Reset(long seq) + { + if ((seq & ValidSeqMask) != seq) + throw new ArgumentException("out of range", "seq"); + + // Discard future records unless sequence number > 'seq' + m_latestConfirmedSeq = seq; + m_bitmap = ulong.MaxValue >> (int)System.Math.Max(0, 63 - seq); + } + } +} diff --git a/BouncyCastle/crypto/src/tls/DtlsRequest.cs b/BouncyCastle/crypto/src/tls/DtlsRequest.cs new file mode 100644 index 0000000..126429e --- /dev/null +++ b/BouncyCastle/crypto/src/tls/DtlsRequest.cs @@ -0,0 +1,38 @@ +using System; + +namespace Org.BouncyCastle.Tls +{ + public sealed class DtlsRequest + { + private readonly long m_recordSeq; + private readonly byte[] m_message; + private readonly ClientHello m_clientHello; + + internal DtlsRequest(long recordSeq, byte[] message, ClientHello clientHello) + { + this.m_recordSeq = recordSeq; + this.m_message = message; + this.m_clientHello = clientHello; + } + + internal ClientHello ClientHello + { + get { return m_clientHello; } + } + + internal byte[] Message + { + get { return m_message; } + } + + internal int MessageSeq + { + get { return TlsUtilities.ReadUint16(m_message, 4); } + } + + internal long RecordSeq + { + get { return m_recordSeq; } + } + } +} diff --git a/BouncyCastle/crypto/src/tls/DtlsServerProtocol.cs b/BouncyCastle/crypto/src/tls/DtlsServerProtocol.cs new file mode 100644 index 0000000..b491224 --- /dev/null +++ b/BouncyCastle/crypto/src/tls/DtlsServerProtocol.cs @@ -0,0 +1,845 @@ +using System; +using System.Collections; +using System.IO; + +using Org.BouncyCastle.Tls.Crypto; +using Org.BouncyCastle.Utilities; +using Org.BouncyCastle.Utilities.IO; + +namespace Org.BouncyCastle.Tls +{ + public class DtlsServerProtocol + : DtlsProtocol + { + protected bool m_verifyRequests = true; + + public DtlsServerProtocol() + : base() + { + } + + public virtual bool VerifyRequests + { + get { return m_verifyRequests; } + set { this.m_verifyRequests = value; } + } + + /// + public virtual DtlsTransport Accept(TlsServer server, DatagramTransport transport) + { + return Accept(server, transport, null); + } + + /// + public virtual DtlsTransport Accept(TlsServer server, DatagramTransport transport, DtlsRequest request) + { + if (server == null) + throw new ArgumentNullException("server"); + if (transport == null) + throw new ArgumentNullException("transport"); + + ServerHandshakeState state = new ServerHandshakeState(); + state.server = server; + state.serverContext = new TlsServerContextImpl(server.Crypto); + server.Init(state.serverContext); + state.serverContext.HandshakeBeginning(server); + + SecurityParameters securityParameters = state.serverContext.SecurityParameters; + securityParameters.m_extendedPadding = server.ShouldUseExtendedPadding(); + + DtlsRecordLayer recordLayer = new DtlsRecordLayer(state.serverContext, state.server, transport); + server.NotifyCloseHandle(recordLayer); + + try + { + return ServerHandshake(state, recordLayer, request); + } + catch (TlsFatalAlert fatalAlert) + { + AbortServerHandshake(state, recordLayer, fatalAlert.AlertDescription); + throw fatalAlert; + } + catch (IOException e) + { + AbortServerHandshake(state, recordLayer, AlertDescription.internal_error); + throw e; + } + catch (Exception e) + { + AbortServerHandshake(state, recordLayer, AlertDescription.internal_error); + throw new TlsFatalAlert(AlertDescription.internal_error, e); + } + finally + { + securityParameters.Clear(); + } + } + + internal virtual void AbortServerHandshake(ServerHandshakeState state, DtlsRecordLayer recordLayer, + short alertDescription) + { + recordLayer.Fail(alertDescription); + InvalidateSession(state); + } + + /// + internal virtual DtlsTransport ServerHandshake(ServerHandshakeState state, DtlsRecordLayer recordLayer, + DtlsRequest request) + { + SecurityParameters securityParameters = state.serverContext.SecurityParameters; + + DtlsReliableHandshake handshake = new DtlsReliableHandshake(state.serverContext, recordLayer, + state.server.GetHandshakeTimeoutMillis(), request); + + DtlsReliableHandshake.Message clientMessage = null; + + if (null == request) + { + clientMessage = handshake.ReceiveMessage(); + + // NOTE: DtlsRecordLayer requires any DTLS version, we don't otherwise constrain this + //ProtocolVersion recordLayerVersion = recordLayer.ReadVersion; + + if (clientMessage.Type == HandshakeType.client_hello) + { + ProcessClientHello(state, clientMessage.Body); + } + else + { + throw new TlsFatalAlert(AlertDescription.unexpected_message); + } + } + else + { + ProcessClientHello(state, request.ClientHello); + } + + /* + * NOTE: Currently no server support for session resumption + * + * If adding support, ensure securityParameters.tlsUnique is set to the localVerifyData, but + * ONLY when extended_master_secret has been negotiated (otherwise NULL). + */ + { + // TODO[resumption] + + state.tlsSession = TlsUtilities.ImportSession(TlsUtilities.EmptyBytes, null); + state.sessionParameters = null; + state.sessionMasterSecret = null; + } + + securityParameters.m_sessionID = state.tlsSession.SessionID; + + state.server.NotifySession(state.tlsSession); + + { + byte[] serverHelloBody = GenerateServerHello(state, recordLayer); + + // TODO[dtls13] Ideally, move this into GenerateServerHello once legacy_record_version clarified + { + ProtocolVersion recordLayerVersion = state.serverContext.ServerVersion; + recordLayer.ReadVersion = recordLayerVersion; + recordLayer.SetWriteVersion(recordLayerVersion); + } + + handshake.SendMessage(HandshakeType.server_hello, serverHelloBody); + } + + handshake.HandshakeHash.NotifyPrfDetermined(); + + IList serverSupplementalData = state.server.GetServerSupplementalData(); + if (serverSupplementalData != null) + { + byte[] supplementalDataBody = GenerateSupplementalData(serverSupplementalData); + handshake.SendMessage(HandshakeType.supplemental_data, supplementalDataBody); + } + + state.keyExchange = TlsUtilities.InitKeyExchangeServer(state.serverContext, state.server); + state.serverCredentials = TlsUtilities.EstablishServerCredentials(state.server); + + // Server certificate + { + Certificate serverCertificate = null; + + MemoryStream endPointHash = new MemoryStream(); + if (state.serverCredentials == null) + { + state.keyExchange.SkipServerCredentials(); + } + else + { + state.keyExchange.ProcessServerCredentials(state.serverCredentials); + + serverCertificate = state.serverCredentials.Certificate; + + SendCertificateMessage(state.serverContext, handshake, serverCertificate, endPointHash); + } + securityParameters.m_tlsServerEndPoint = endPointHash.ToArray(); + + // TODO[RFC 3546] Check whether empty certificates is possible, allowed, or excludes CertificateStatus + if (serverCertificate == null || serverCertificate.IsEmpty) + { + securityParameters.m_statusRequestVersion = 0; + } + } + + if (securityParameters.StatusRequestVersion > 0) + { + CertificateStatus certificateStatus = state.server.GetCertificateStatus(); + if (certificateStatus != null) + { + byte[] certificateStatusBody = GenerateCertificateStatus(state, certificateStatus); + handshake.SendMessage(HandshakeType.certificate_status, certificateStatusBody); + } + } + + byte[] serverKeyExchange = state.keyExchange.GenerateServerKeyExchange(); + if (serverKeyExchange != null) + { + handshake.SendMessage(HandshakeType.server_key_exchange, serverKeyExchange); + } + + if (state.serverCredentials != null) + { + state.certificateRequest = state.server.GetCertificateRequest(); + + if (null == state.certificateRequest) + { + /* + * For static agreement key exchanges, CertificateRequest is required since + * the client Certificate message is mandatory but can only be sent if the + * server requests it. + */ + if (!state.keyExchange.RequiresCertificateVerify) + throw new TlsFatalAlert(AlertDescription.internal_error); + } + else + { + if (TlsUtilities.IsTlsV12(state.serverContext) + != (state.certificateRequest.SupportedSignatureAlgorithms != null)) + { + throw new TlsFatalAlert(AlertDescription.internal_error); + } + + state.certificateRequest = TlsUtilities.ValidateCertificateRequest(state.certificateRequest, state.keyExchange); + + TlsUtilities.EstablishServerSigAlgs(securityParameters, state.certificateRequest); + + TlsUtilities.TrackHashAlgorithms(handshake.HandshakeHash, securityParameters.ServerSigAlgs); + + byte[] certificateRequestBody = GenerateCertificateRequest(state, state.certificateRequest); + handshake.SendMessage(HandshakeType.certificate_request, certificateRequestBody); + } + } + + handshake.SendMessage(HandshakeType.server_hello_done, TlsUtilities.EmptyBytes); + + bool forceBuffering = false; + TlsUtilities.SealHandshakeHash(state.serverContext, handshake.HandshakeHash, forceBuffering); + + clientMessage = handshake.ReceiveMessage(); + + if (clientMessage.Type == HandshakeType.supplemental_data) + { + ProcessClientSupplementalData(state, clientMessage.Body); + clientMessage = handshake.ReceiveMessage(); + } + else + { + state.server.ProcessClientSupplementalData(null); + } + + if (state.certificateRequest == null) + { + state.keyExchange.SkipClientCredentials(); + } + else + { + if (clientMessage.Type == HandshakeType.certificate) + { + ProcessClientCertificate(state, clientMessage.Body); + clientMessage = handshake.ReceiveMessage(); + } + else + { + if (TlsUtilities.IsTlsV12(state.serverContext)) + { + /* + * RFC 5246 If no suitable certificate is available, the client MUST send a + * certificate message containing no certificates. + * + * NOTE: In previous RFCs, this was SHOULD instead of MUST. + */ + throw new TlsFatalAlert(AlertDescription.unexpected_message); + } + + NotifyClientCertificate(state, Certificate.EmptyChain); + } + } + + if (clientMessage.Type == HandshakeType.client_key_exchange) + { + ProcessClientKeyExchange(state, clientMessage.Body); + } + else + { + throw new TlsFatalAlert(AlertDescription.unexpected_message); + } + + securityParameters.m_sessionHash = TlsUtilities.GetCurrentPrfHash(handshake.HandshakeHash); + + TlsProtocol.EstablishMasterSecret(state.serverContext, state.keyExchange); + recordLayer.InitPendingEpoch(TlsUtilities.InitCipher(state.serverContext)); + + /* + * RFC 5246 7.4.8 This message is only sent following a client certificate that has signing + * capability (i.e., all certificates except those containing fixed Diffie-Hellman + * parameters). + */ + { + if (ExpectCertificateVerifyMessage(state)) + { + clientMessage = handshake.ReceiveMessageDelayedDigest(HandshakeType.certificate_verify); + byte[] certificateVerifyBody = clientMessage.Body; + ProcessCertificateVerify(state, certificateVerifyBody, handshake.HandshakeHash); + handshake.PrepareToFinish(); + handshake.UpdateHandshakeMessagesDigest(clientMessage); + } + else + { + handshake.PrepareToFinish(); + } + } + + // NOTE: Calculated exclusive of the actual Finished message from the client + securityParameters.m_peerVerifyData = TlsUtilities.CalculateVerifyData(state.serverContext, + handshake.HandshakeHash, false); + ProcessFinished(handshake.ReceiveMessageBody(HandshakeType.finished), securityParameters.PeerVerifyData); + + if (state.expectSessionTicket) + { + /* + * TODO[new_session_ticket] Check the server-side rules regarding the session ID, since the client + * is going to ignore any session ID it received once it sees the new_session_ticket message. + */ + + NewSessionTicket newSessionTicket = state.server.GetNewSessionTicket(); + byte[] newSessionTicketBody = GenerateNewSessionTicket(state, newSessionTicket); + handshake.SendMessage(HandshakeType.new_session_ticket, newSessionTicketBody); + } + + // NOTE: Calculated exclusive of the Finished message itself + securityParameters.m_localVerifyData = TlsUtilities.CalculateVerifyData(state.serverContext, + handshake.HandshakeHash, true); + handshake.SendMessage(HandshakeType.finished, securityParameters.LocalVerifyData); + + handshake.Finish(); + + state.sessionMasterSecret = securityParameters.MasterSecret; + + state.sessionParameters = new SessionParameters.Builder() + .SetCipherSuite(securityParameters.CipherSuite) + .SetExtendedMasterSecret(securityParameters.IsExtendedMasterSecret) + .SetLocalCertificate(securityParameters.LocalCertificate) + .SetMasterSecret(state.serverContext.Crypto.AdoptSecret(state.sessionMasterSecret)) + .SetNegotiatedVersion(securityParameters.NegotiatedVersion) + .SetPeerCertificate(securityParameters.PeerCertificate) + .SetPskIdentity(securityParameters.PskIdentity) + .SetSrpIdentity(securityParameters.SrpIdentity) + // TODO Consider filtering extensions that aren't relevant to resumed sessions + .SetServerExtensions(state.serverExtensions) + .Build(); + + state.tlsSession = TlsUtilities.ImportSession(state.tlsSession.SessionID, state.sessionParameters); + + securityParameters.m_tlsUnique = securityParameters.PeerVerifyData; + + state.serverContext.HandshakeComplete(state.server, state.tlsSession); + + recordLayer.InitHeartbeat(state.heartbeat, HeartbeatMode.peer_allowed_to_send == state.heartbeatPolicy); + + return new DtlsTransport(recordLayer); + } + + /// + protected virtual byte[] GenerateCertificateRequest(ServerHandshakeState state, + CertificateRequest certificateRequest) + { + MemoryStream buf = new MemoryStream(); + certificateRequest.Encode(state.serverContext, buf); + return buf.ToArray(); + } + + /// + protected virtual byte[] GenerateCertificateStatus(ServerHandshakeState state, + CertificateStatus certificateStatus) + { + MemoryStream buf = new MemoryStream(); + // TODO[tls13] Ensure this cannot happen for (D)TLS1.3+ + certificateStatus.Encode(buf); + return buf.ToArray(); + } + + /// + protected virtual byte[] GenerateNewSessionTicket(ServerHandshakeState state, + NewSessionTicket newSessionTicket) + { + MemoryStream buf = new MemoryStream(); + newSessionTicket.Encode(buf); + return buf.ToArray(); + } + + /// + internal virtual byte[] GenerateServerHello(ServerHandshakeState state, DtlsRecordLayer recordLayer) + { + TlsServerContextImpl context = state.serverContext; + SecurityParameters securityParameters = context.SecurityParameters; + + ProtocolVersion server_version = state.server.GetServerVersion(); + { + if (!ProtocolVersion.Contains(context.ClientSupportedVersions, server_version)) + throw new TlsFatalAlert(AlertDescription.internal_error); + + // TODO[dtls13] Read draft/RFC for guidance on the legacy_record_version field + //ProtocolVersion legacy_record_version = server_version.IsLaterVersionOf(ProtocolVersion.DTLSv12) + // ? ProtocolVersion.DTLSv12 + // : server_version; + + //recordLayer.SetWriteVersion(legacy_record_version); + securityParameters.m_negotiatedVersion = server_version; + + TlsUtilities.NegotiatedVersionDtlsServer(context); + } + + { + bool useGmtUnixTime = ProtocolVersion.DTLSv12.IsEqualOrLaterVersionOf(server_version) + && state.server.ShouldUseGmtUnixTime(); + + securityParameters.m_serverRandom = TlsProtocol.CreateRandomBlock(useGmtUnixTime, context); + + if (!server_version.Equals(ProtocolVersion.GetLatestDtls(state.server.GetProtocolVersions()))) + { + TlsUtilities.WriteDowngradeMarker(server_version, securityParameters.ServerRandom); + } + } + + { + int cipherSuite = ValidateSelectedCipherSuite(state.server.GetSelectedCipherSuite(), + AlertDescription.internal_error); + + if (!TlsUtilities.IsValidCipherSuiteSelection(state.offeredCipherSuites, cipherSuite) || + !TlsUtilities.IsValidVersionForCipherSuite(cipherSuite, securityParameters.NegotiatedVersion)) + { + throw new TlsFatalAlert(AlertDescription.internal_error); + } + + TlsUtilities.NegotiatedCipherSuite(securityParameters, cipherSuite); + } + + state.serverExtensions = TlsExtensionsUtilities.EnsureExtensionsInitialised( + state.server.GetServerExtensions()); + + state.server.GetServerExtensionsForConnection(state.serverExtensions); + + ProtocolVersion legacy_version = server_version; + if (server_version.IsLaterVersionOf(ProtocolVersion.DTLSv12)) + { + legacy_version = ProtocolVersion.DTLSv12; + + TlsExtensionsUtilities.AddSupportedVersionsExtensionServer(state.serverExtensions, server_version); + } + + /* + * RFC 5746 3.6. Server Behavior: Initial Handshake + */ + if (securityParameters.IsSecureRenegotiation) + { + byte[] renegExtData = TlsUtilities.GetExtensionData(state.serverExtensions, + ExtensionType.renegotiation_info); + bool noRenegExt = (null == renegExtData); + + if (noRenegExt) + { + /* + * Note that sending a "renegotiation_info" extension in response to a ClientHello + * containing only the SCSV is an explicit exception to the prohibition in RFC 5246, + * Section 7.4.1.4, on the server sending unsolicited extensions and is only allowed + * because the client is signaling its willingness to receive the extension via the + * TLS_EMPTY_RENEGOTIATION_INFO_SCSV SCSV. + */ + + /* + * If the secure_renegotiation flag is set to TRUE, the server MUST include an empty + * "renegotiation_info" extension in the ServerHello message. + */ + state.serverExtensions[ExtensionType.renegotiation_info] = TlsProtocol.CreateRenegotiationInfo( + TlsUtilities.EmptyBytes); + } + } + + /* + * RFC 7627 4. Clients and servers SHOULD NOT accept handshakes that do not use the extended + * master secret [..]. (and see 5.2, 5.3) + * + * RFC 8446 Appendix D. Because TLS 1.3 always hashes in the transcript up to the server + * Finished, implementations which support both TLS 1.3 and earlier versions SHOULD indicate + * the use of the Extended Master Secret extension in their APIs whenever TLS 1.3 is used. + */ + if (TlsUtilities.IsTlsV13(server_version)) + { + securityParameters.m_extendedMasterSecret = true; + } + else + { + securityParameters.m_extendedMasterSecret = state.offeredExtendedMasterSecret + && state.server.ShouldUseExtendedMasterSecret(); + + if (securityParameters.IsExtendedMasterSecret) + { + TlsExtensionsUtilities.AddExtendedMasterSecretExtension(state.serverExtensions); + } + else if (state.server.RequiresExtendedMasterSecret()) + { + throw new TlsFatalAlert(AlertDescription.handshake_failure); + } + else if (state.resumedSession && !state.server.AllowLegacyResumption()) + { + throw new TlsFatalAlert(AlertDescription.internal_error); + } + } + + // Heartbeats + if (null != state.heartbeat || HeartbeatMode.peer_allowed_to_send == state.heartbeatPolicy) + { + TlsExtensionsUtilities.AddHeartbeatExtension(state.serverExtensions, + new HeartbeatExtension(state.heartbeatPolicy)); + } + + + + /* + * RFC 7301 3.1. When session resumption or session tickets [...] are used, the previous + * contents of this extension are irrelevant, and only the values in the new handshake + * messages are considered. + */ + securityParameters.m_applicationProtocol = TlsExtensionsUtilities.GetAlpnExtensionServer( + state.serverExtensions); + securityParameters.m_applicationProtocolSet = true; + + /* + * TODO RFC 3546 2.3 If [...] the older session is resumed, then the server MUST ignore + * extensions appearing in the client hello, and send a server hello containing no + * extensions. + */ + if (state.serverExtensions.Count > 0) + { + securityParameters.m_encryptThenMac = TlsExtensionsUtilities.HasEncryptThenMacExtension( + state.serverExtensions); + + securityParameters.m_maxFragmentLength = EvaluateMaxFragmentLengthExtension(state.resumedSession, + state.clientExtensions, state.serverExtensions, AlertDescription.internal_error); + + securityParameters.m_truncatedHmac = TlsExtensionsUtilities.HasTruncatedHmacExtension(state.serverExtensions); + + /* + * TODO It's surprising that there's no provision to allow a 'fresh' CertificateStatus to be sent in + * a session resumption handshake. + */ + if (!state.resumedSession) + { + // TODO[tls13] See RFC 8446 4.4.2.1 + if (TlsUtilities.HasExpectedEmptyExtensionData(state.serverExtensions, + ExtensionType.status_request_v2, AlertDescription.internal_error)) + { + securityParameters.m_statusRequestVersion = 2; + } + else if (TlsUtilities.HasExpectedEmptyExtensionData(state.serverExtensions, + ExtensionType.status_request, AlertDescription.internal_error)) + { + securityParameters.m_statusRequestVersion = 1; + } + } + + state.expectSessionTicket = !state.resumedSession + && TlsUtilities.HasExpectedEmptyExtensionData(state.serverExtensions, ExtensionType.session_ticket, + AlertDescription.internal_error); + } + + ApplyMaxFragmentLengthExtension(recordLayer, securityParameters.MaxFragmentLength); + + + + ServerHello serverHello = new ServerHello(legacy_version, securityParameters.ServerRandom, + state.tlsSession.SessionID, securityParameters.CipherSuite, state.serverExtensions); + + MemoryStream buf = new MemoryStream(); + serverHello.Encode(state.serverContext, buf); + return buf.ToArray(); + } + + protected virtual void InvalidateSession(ServerHandshakeState state) + { + if (state.sessionMasterSecret != null) + { + state.sessionMasterSecret.Destroy(); + state.sessionMasterSecret = null; + } + + if (state.sessionParameters != null) + { + state.sessionParameters.Clear(); + state.sessionParameters = null; + } + + if (state.tlsSession != null) + { + state.tlsSession.Invalidate(); + state.tlsSession = null; + } + } + + /// + protected virtual void NotifyClientCertificate(ServerHandshakeState state, Certificate clientCertificate) + { + if (null == state.certificateRequest) + throw new TlsFatalAlert(AlertDescription.internal_error); + + TlsUtilities.ProcessClientCertificate(state.serverContext, clientCertificate, state.keyExchange, + state.server); + } + + /// + protected virtual void ProcessClientCertificate(ServerHandshakeState state, byte[] body) + { + MemoryStream buf = new MemoryStream(body, false); + + Certificate.ParseOptions options = new Certificate.ParseOptions() + .SetMaxChainLength(state.server.GetMaxCertificateChainLength()); + + Certificate clientCertificate = Certificate.Parse(options, state.serverContext, buf, null); + + TlsProtocol.AssertEmpty(buf); + + NotifyClientCertificate(state, clientCertificate); + } + + /// + protected virtual void ProcessCertificateVerify(ServerHandshakeState state, byte[] body, + TlsHandshakeHash handshakeHash) + { + if (state.certificateRequest == null) + throw new InvalidOperationException(); + + MemoryStream buf = new MemoryStream(body, false); + + TlsServerContextImpl context = state.serverContext; + DigitallySigned certificateVerify = DigitallySigned.Parse(context, buf); + + TlsProtocol.AssertEmpty(buf); + + TlsUtilities.VerifyCertificateVerifyClient(context, state.certificateRequest, certificateVerify, handshakeHash); + } + + /// + protected virtual void ProcessClientHello(ServerHandshakeState state, byte[] body) + { + MemoryStream buf = new MemoryStream(body, false); + ClientHello clientHello = ClientHello.Parse(buf, new NullOutputStream()); + ProcessClientHello(state, clientHello); + } + + /// + protected virtual void ProcessClientHello(ServerHandshakeState state, ClientHello clientHello) + { + // TODO Read RFCs for guidance on the expected record layer version number + ProtocolVersion legacy_version = clientHello.Version; + state.offeredCipherSuites = clientHello.CipherSuites; + + /* + * TODO RFC 3546 2.3 If [...] the older session is resumed, then the server MUST ignore + * extensions appearing in the client hello, and send a server hello containing no + * extensions. + */ + state.clientExtensions = clientHello.Extensions; + + + + TlsServerContextImpl context = state.serverContext; + SecurityParameters securityParameters = context.SecurityParameters; + + if (!legacy_version.IsDtls) + throw new TlsFatalAlert(AlertDescription.illegal_parameter); + + context.SetRsaPreMasterSecretVersion(legacy_version); + + context.SetClientSupportedVersions( + TlsExtensionsUtilities.GetSupportedVersionsExtensionClient(state.clientExtensions)); + + ProtocolVersion client_version = legacy_version; + if (null == context.ClientSupportedVersions) + { + if (client_version.IsLaterVersionOf(ProtocolVersion.DTLSv12)) + { + client_version = ProtocolVersion.DTLSv12; + } + + context.SetClientSupportedVersions(client_version.DownTo(ProtocolVersion.DTLSv10)); + } + else + { + client_version = ProtocolVersion.GetLatestDtls(context.ClientSupportedVersions); + } + + if (!ProtocolVersion.SERVER_EARLIEST_SUPPORTED_DTLS.IsEqualOrEarlierVersionOf(client_version)) + throw new TlsFatalAlert(AlertDescription.protocol_version); + + context.SetClientVersion(client_version); + + state.server.NotifyClientVersion(context.ClientVersion); + + securityParameters.m_clientRandom = clientHello.Random; + + state.server.NotifyFallback(Arrays.Contains(state.offeredCipherSuites, CipherSuite.TLS_FALLBACK_SCSV)); + + state.server.NotifyOfferedCipherSuites(state.offeredCipherSuites); + + /* + * TODO[resumption] Check RFC 7627 5.4. for required behaviour + */ + + /* + * RFC 5746 3.6. Server Behavior: Initial Handshake + */ + { + /* + * RFC 5746 3.4. The client MUST include either an empty "renegotiation_info" extension, + * or the TLS_EMPTY_RENEGOTIATION_INFO_SCSV signaling cipher suite value in the + * ClientHello. Including both is NOT RECOMMENDED. + */ + + /* + * When a ClientHello is received, the server MUST check if it includes the + * TLS_EMPTY_RENEGOTIATION_INFO_SCSV SCSV. If it does, set the secure_renegotiation flag + * to TRUE. + */ + if (Arrays.Contains(state.offeredCipherSuites, CipherSuite.TLS_EMPTY_RENEGOTIATION_INFO_SCSV)) + { + securityParameters.m_secureRenegotiation = true; + } + + /* + * The server MUST check if the "renegotiation_info" extension is included in the + * ClientHello. + */ + byte[] renegExtData = TlsUtilities.GetExtensionData(state.clientExtensions, + ExtensionType.renegotiation_info); + if (renegExtData != null) + { + /* + * If the extension is present, set secure_renegotiation flag to TRUE. The + * server MUST then verify that the length of the "renegotiated_connection" + * field is zero, and if it is not, MUST abort the handshake. + */ + securityParameters.m_secureRenegotiation = true; + + if (!Arrays.ConstantTimeAreEqual(renegExtData, + TlsProtocol.CreateRenegotiationInfo(TlsUtilities.EmptyBytes))) + { + throw new TlsFatalAlert(AlertDescription.handshake_failure); + } + } + } + + state.server.NotifySecureRenegotiation(securityParameters.IsSecureRenegotiation); + + state.offeredExtendedMasterSecret = TlsExtensionsUtilities.HasExtendedMasterSecretExtension( + state.clientExtensions); + + if (state.clientExtensions != null) + { + // NOTE: Validates the padding extension data, if present + TlsExtensionsUtilities.GetPaddingExtension(state.clientExtensions); + + securityParameters.m_clientServerNames = TlsExtensionsUtilities.GetServerNameExtensionClient( + state.clientExtensions); + + /* + * RFC 5246 7.4.1.4.1. Note: this extension is not meaningful for TLS versions prior + * to 1.2. Clients MUST NOT offer it if they are offering prior versions. + */ + if (TlsUtilities.IsSignatureAlgorithmsExtensionAllowed(client_version)) + { + TlsUtilities.EstablishClientSigAlgs(securityParameters, state.clientExtensions); + } + + securityParameters.m_clientSupportedGroups = TlsExtensionsUtilities.GetSupportedGroupsExtension( + state.clientExtensions); + + // Heartbeats + { + HeartbeatExtension heartbeatExtension = TlsExtensionsUtilities.GetHeartbeatExtension( + state.clientExtensions); + if (null != heartbeatExtension) + { + if (HeartbeatMode.peer_allowed_to_send == heartbeatExtension.Mode) + { + state.heartbeat = state.server.GetHeartbeat(); + } + + state.heartbeatPolicy = state.server.GetHeartbeatPolicy(); + } + } + + state.server.ProcessClientExtensions(state.clientExtensions); + } + } + + /// + protected virtual void ProcessClientKeyExchange(ServerHandshakeState state, byte[] body) + { + MemoryStream buf = new MemoryStream(body, false); + state.keyExchange.ProcessClientKeyExchange(buf); + TlsProtocol.AssertEmpty(buf); + } + + /// + protected virtual void ProcessClientSupplementalData(ServerHandshakeState state, byte[] body) + { + MemoryStream buf = new MemoryStream(body, false); + IList clientSupplementalData = TlsProtocol.ReadSupplementalDataMessage(buf); + state.server.ProcessClientSupplementalData(clientSupplementalData); + } + + protected virtual bool ExpectCertificateVerifyMessage(ServerHandshakeState state) + { + if (null == state.certificateRequest) + return false; + + Certificate clientCertificate = state.serverContext.SecurityParameters.PeerCertificate; + + return null != clientCertificate && !clientCertificate.IsEmpty + && (null == state.keyExchange || state.keyExchange.RequiresCertificateVerify); + } + + protected internal class ServerHandshakeState + { + internal TlsServer server = null; + internal TlsServerContextImpl serverContext = null; + internal TlsSession tlsSession = null; + internal SessionParameters sessionParameters = null; + internal TlsSecret sessionMasterSecret = null; + internal SessionParameters.Builder sessionParametersBuilder = null; + internal int[] offeredCipherSuites = null; + internal IDictionary clientExtensions = null; + internal IDictionary serverExtensions = null; + internal bool offeredExtendedMasterSecret = false; + internal bool resumedSession = false; + internal bool expectSessionTicket = false; + internal TlsKeyExchange keyExchange = null; + internal TlsCredentials serverCredentials = null; + internal CertificateRequest certificateRequest = null; + internal TlsHeartbeat heartbeat = null; + internal short heartbeatPolicy = HeartbeatMode.peer_not_allowed_to_send; + } + } +} diff --git a/BouncyCastle/crypto/src/tls/DtlsTransport.cs b/BouncyCastle/crypto/src/tls/DtlsTransport.cs new file mode 100644 index 0000000..a41cb78 --- /dev/null +++ b/BouncyCastle/crypto/src/tls/DtlsTransport.cs @@ -0,0 +1,139 @@ +using System; +using System.IO; +#if !PORTABLE || DOTNET +using System.Net.Sockets; +#endif + +namespace Org.BouncyCastle.Tls +{ + public class DtlsTransport + : DatagramTransport + { + private readonly DtlsRecordLayer m_recordLayer; + + internal DtlsTransport(DtlsRecordLayer recordLayer) + { + this.m_recordLayer = recordLayer; + } + + /// + public virtual int GetReceiveLimit() + { + return m_recordLayer.GetReceiveLimit(); + } + + /// + public virtual int GetSendLimit() + { + return m_recordLayer.GetSendLimit(); + } + + /// + public virtual int Receive(byte[] buf, int off, int len, int waitMillis) + { + if (null == buf) + throw new ArgumentNullException("buf"); + if (off < 0 || off >= buf.Length) + throw new ArgumentException("invalid offset: " + off, "off"); + if (len < 0 || len > buf.Length - off) + throw new ArgumentException("invalid length: " + len, "len"); + if (waitMillis < 0) + throw new ArgumentException("cannot be negative", "waitMillis"); + + try + { + return m_recordLayer.Receive(buf, off, len, waitMillis); + } + catch (TlsFatalAlert fatalAlert) + { + m_recordLayer.Fail(fatalAlert.AlertDescription); + throw fatalAlert; + } + catch (TlsTimeoutException e) + { + throw e; + } +#if !PORTABLE || DOTNET + catch (SocketException e) + { + if (TlsUtilities.IsTimeout(e)) + throw e; + + m_recordLayer.Fail(AlertDescription.internal_error); + throw new TlsFatalAlert(AlertDescription.internal_error, e); + } +#endif + // TODO[tls-port] Can we support interrupted IO on .NET? + //catch (InterruptedIOException e) + //{ + // throw e; + //} + catch (IOException e) + { + m_recordLayer.Fail(AlertDescription.internal_error); + throw e; + } + catch (Exception e) + { + m_recordLayer.Fail(AlertDescription.internal_error); + throw new TlsFatalAlert(AlertDescription.internal_error, e); + } + } + + /// + public virtual void Send(byte[] buf, int off, int len) + { + if (null == buf) + throw new ArgumentNullException("buf"); + if (off < 0 || off >= buf.Length) + throw new ArgumentException("invalid offset: " + off, "off"); + if (len < 0 || len > buf.Length - off) + throw new ArgumentException("invalid length: " + len, "len"); + + try + { + m_recordLayer.Send(buf, off, len); + } + catch (TlsFatalAlert fatalAlert) + { + m_recordLayer.Fail(fatalAlert.AlertDescription); + throw fatalAlert; + } + catch (TlsTimeoutException e) + { + throw e; + } +#if !PORTABLE || DOTNET + catch (SocketException e) + { + if (TlsUtilities.IsTimeout(e)) + throw e; + + m_recordLayer.Fail(AlertDescription.internal_error); + throw new TlsFatalAlert(AlertDescription.internal_error, e); + } +#endif + // TODO[tls-port] Can we support interrupted IO on .NET? + //catch (InterruptedIOException e) + //{ + // throw e; + //} + catch (IOException e) + { + m_recordLayer.Fail(AlertDescription.internal_error); + throw e; + } + catch (Exception e) + { + m_recordLayer.Fail(AlertDescription.internal_error); + throw new TlsFatalAlert(AlertDescription.internal_error, e); + } + } + + /// + public virtual void Close() + { + m_recordLayer.Close(); + } + } +} diff --git a/BouncyCastle/crypto/src/tls/DtlsVerifier.cs b/BouncyCastle/crypto/src/tls/DtlsVerifier.cs new file mode 100644 index 0000000..edadeae --- /dev/null +++ b/BouncyCastle/crypto/src/tls/DtlsVerifier.cs @@ -0,0 +1,89 @@ +using System; +using System.IO; + +using Org.BouncyCastle.Tls.Crypto; +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Tls +{ + public class DtlsVerifier + { + private static TlsMac CreateCookieMac(TlsCrypto crypto) + { + TlsMac mac = crypto.CreateHmac(MacAlgorithm.hmac_sha256); + + byte[] secret = new byte[mac.MacLength]; + crypto.SecureRandom.NextBytes(secret); + + mac.SetKey(secret, 0, secret.Length); + + return mac; + } + + private readonly TlsMac m_cookieMac; + private readonly TlsMacSink m_cookieMacSink; + + public DtlsVerifier(TlsCrypto crypto) + { + this.m_cookieMac = CreateCookieMac(crypto); + this.m_cookieMacSink = new TlsMacSink(m_cookieMac); + } + + public virtual DtlsRequest VerifyRequest(byte[] clientID, byte[] data, int dataOff, int dataLen, + DatagramSender sender) + { + lock (this) + { + bool resetCookieMac = true; + + try + { + m_cookieMac.Update(clientID, 0, clientID.Length); + + DtlsRequest request = DtlsReliableHandshake.ReadClientRequest(data, dataOff, dataLen, + m_cookieMacSink); + if (null != request) + { + byte[] expectedCookie = m_cookieMac.CalculateMac(); + resetCookieMac = false; + + // TODO Consider stricter HelloVerifyRequest protocol + //switch (request.MessageSeq) + //{ + //case 0: + //{ + // DtlsReliableHandshake.SendHelloVerifyRequest(sender, request.RecordSeq, expectedCookie); + // break; + //} + //case 1: + //{ + // if (Arrays.ConstantTimeAreEqual(expectedCookie, request.ClientHello.Cookie)) + // return request; + + // break; + //} + //} + + if (Arrays.ConstantTimeAreEqual(expectedCookie, request.ClientHello.Cookie)) + return request; + + DtlsReliableHandshake.SendHelloVerifyRequest(sender, request.RecordSeq, expectedCookie); + } + } + catch (IOException) + { + // Ignore + } + finally + { + if (resetCookieMac) + { + m_cookieMac.Reset(); + } + } + + return null; + } + } + } +} diff --git a/BouncyCastle/crypto/src/tls/ECCurveType.cs b/BouncyCastle/crypto/src/tls/ECCurveType.cs new file mode 100644 index 0000000..969d51b --- /dev/null +++ b/BouncyCastle/crypto/src/tls/ECCurveType.cs @@ -0,0 +1,29 @@ +using System; + +namespace Org.BouncyCastle.Tls +{ + /// RFC 4492 5.4 + public abstract class ECCurveType + { + /** + * Indicates the elliptic curve domain parameters are conveyed verbosely, and the + * underlying finite field is a prime field. + */ + public const short explicit_prime = 1; + + /** + * Indicates the elliptic curve domain parameters are conveyed verbosely, and the + * underlying finite field is a characteristic-2 field. + */ + public const short explicit_char2 = 2; + + /** + * Indicates that a named curve is used. This option SHOULD be used when applicable. + */ + public const short named_curve = 3; + + /* + * Values 248 through 255 are reserved for private use. + */ + } +} diff --git a/BouncyCastle/crypto/src/tls/ECPointFormat.cs b/BouncyCastle/crypto/src/tls/ECPointFormat.cs new file mode 100644 index 0000000..d399cc6 --- /dev/null +++ b/BouncyCastle/crypto/src/tls/ECPointFormat.cs @@ -0,0 +1,16 @@ +using System; + +namespace Org.BouncyCastle.Tls +{ + /// RFC 4492 5.1.2 + public abstract class ECPointFormat + { + public const short uncompressed = 0; + public const short ansiX962_compressed_prime = 1; + public const short ansiX962_compressed_char2 = 2; + + /* + * reserved (248..255) + */ + } +} diff --git a/BouncyCastle/crypto/src/tls/EncryptionAlgorithm.cs b/BouncyCastle/crypto/src/tls/EncryptionAlgorithm.cs new file mode 100644 index 0000000..8064451 --- /dev/null +++ b/BouncyCastle/crypto/src/tls/EncryptionAlgorithm.cs @@ -0,0 +1,82 @@ +using System; + +namespace Org.BouncyCastle.Tls +{ + /// RFC 2246 + /// + /// Note that the values here are implementation-specific and arbitrary. It is recommended not to depend on the + /// particular values (e.g. serialization). + /// + public abstract class EncryptionAlgorithm + { + public const int NULL = 0; + public const int RC4_40 = 1; + public const int RC4_128 = 2; + public const int RC2_CBC_40 = 3; + public const int IDEA_CBC = 4; + public const int DES40_CBC = 5; + public const int DES_CBC = 6; + public const int cls_3DES_EDE_CBC = 7; + + /* + * RFC 3268 + */ + public const int AES_128_CBC = 8; + public const int AES_256_CBC = 9; + + /* + * RFC 5289 + */ + public const int AES_128_GCM = 10; + public const int AES_256_GCM = 11; + + /* + * RFC 5932 + */ + public const int CAMELLIA_128_CBC = 12; + public const int CAMELLIA_256_CBC = 13; + + /* + * RFC 4162 + */ + public const int SEED_CBC = 14; + + /* + * RFC 6655 + */ + public const int AES_128_CCM = 15; + public const int AES_128_CCM_8 = 16; + public const int AES_256_CCM = 17; + public const int AES_256_CCM_8 = 18; + + /* + * RFC 6367 + */ + public const int CAMELLIA_128_GCM = 19; + public const int CAMELLIA_256_GCM = 20; + + /* + * RFC 7905 + */ + public const int CHACHA20_POLY1305 = 21; + + /* + * RFC 6209 + */ + public const int ARIA_128_CBC = 22; + public const int ARIA_256_CBC = 23; + public const int ARIA_128_GCM = 24; + public const int ARIA_256_GCM = 25; + + /* + * RFC 8998 + */ + public const int SM4_CCM = 26; + public const int SM4_GCM = 27; + + /* + * GMT 0024-2014 + */ + public const int SM4_CBC = 28; + } +} diff --git a/BouncyCastle/crypto/src/tls/ExporterLabel.cs b/BouncyCastle/crypto/src/tls/ExporterLabel.cs new file mode 100644 index 0000000..481a3ee --- /dev/null +++ b/BouncyCastle/crypto/src/tls/ExporterLabel.cs @@ -0,0 +1,42 @@ +using System; + +namespace Org.BouncyCastle.Tls +{ + /// RFC 5705 + public abstract class ExporterLabel + { + /* + * RFC 5246 + */ + public const string client_finished = "client finished"; + public const string server_finished = "server finished"; + public const string master_secret = "master secret"; + public const string key_expansion = "key expansion"; + + /* + * RFC 5216 + */ + public const string client_EAP_encryption = "client EAP encryption"; + + /* + * RFC 5281 + */ + public const string ttls_keying_material = "ttls keying material"; + public const string ttls_challenge = "ttls challenge"; + + /* + * RFC 5764 + */ + public const string dtls_srtp = "EXTRACTOR-dtls_srtp"; + + /* + * RFC 7627 + */ + public const string extended_master_secret = "extended master secret"; + + /* + * draft-ietf-tokbind-protocol-16 + */ + public const string token_binding = "EXPORTER-Token-Binding"; + } +} diff --git a/BouncyCastle/crypto/src/tls/ExtensionType.cs b/BouncyCastle/crypto/src/tls/ExtensionType.cs new file mode 100644 index 0000000..a1f1fa7 --- /dev/null +++ b/BouncyCastle/crypto/src/tls/ExtensionType.cs @@ -0,0 +1,287 @@ +using System; + +namespace Org.BouncyCastle.Tls +{ + public abstract class ExtensionType + { + /* + * RFC 2546 2.3. + */ + public const int server_name = 0; + public const int max_fragment_length = 1; + public const int client_certificate_url = 2; + public const int trusted_ca_keys = 3; + public const int truncated_hmac = 4; + public const int status_request = 5; + + /* + * RFC 4681 + */ + public const int user_mapping = 6; + + /* + * RFC 5878 + */ + public const int client_authz = 7; + public const int server_authz = 8; + + /* + * RFC 6091 + */ + public const int cert_type = 9; + + /* + * RFC 7919 (originally 'elliptic_curves' from RFC 4492) + */ + public const int supported_groups = 10; + + /* + * RFC 4492 5.1. + */ + public const int ec_point_formats = 11; + + /* + * RFC 5054 2.8.1. + */ + public const int srp = 12; + + /* + * RFC 5246 7.4.1.4. + */ + public const int signature_algorithms = 13; + + /* + * RFC 5764 9. + */ + public const int use_srtp = 14; + + /* + * RFC 6520 6. + */ + public const int heartbeat = 15; + + /* + * RFC 7301 + */ + public const int application_layer_protocol_negotiation = 16; + + /* + * RFC 6961 + */ + public const int status_request_v2 = 17; + + /* + * RFC 6962 + */ + public const int signed_certificate_timestamp = 18; + + /* + * RFC 7250 + */ + public const int client_certificate_type = 19; + public const int server_certificate_type = 20; + + /* + * RFC 7685 + */ + public const int padding = 21; + + /* + * RFC 7366 + */ + public const int encrypt_then_mac = 22; + + /* + * RFC 7627 + */ + public const int extended_master_secret = 23; + + /* + * RFC 8472 + */ + public const int token_binding = 24; + + /* + * RFC 7924 + */ + public const int cached_info = 25; + + /* + * RFC 8879 + */ + public const int compress_certificate = 27; + + /* + * RFC 8449 + */ + public const int record_size_limit = 28; + + /* + * RFC 5077 7. + */ + public const int session_ticket = 35; + + /* + * RFC 8446 + */ + public const int pre_shared_key = 41; + public const int early_data = 42; + public const int supported_versions = 43; + public const int cookie = 44; + public const int psk_key_exchange_modes = 45; + public const int certificate_authorities = 47; + public const int oid_filters = 48; + public const int post_handshake_auth = 49; + public const int signature_algorithms_cert = 50; + public const int key_share = 51; + + /* + * RFC 5746 3.2. + */ + public const int renegotiation_info = 0xff01; + + public static string GetName(int extensionType) + { + switch (extensionType) + { + case server_name: + return "server_name"; + case max_fragment_length: + return "max_fragment_length"; + case client_certificate_url: + return "client_certificate_url"; + case trusted_ca_keys: + return "trusted_ca_keys"; + case truncated_hmac: + return "truncated_hmac"; + case status_request: + return "status_request"; + case user_mapping: + return "user_mapping"; + case client_authz: + return "client_authz"; + case server_authz: + return "server_authz"; + case cert_type: + return "cert_type"; + case supported_groups: + return "supported_groups"; + case ec_point_formats: + return "ec_point_formats"; + case srp: + return "srp"; + case signature_algorithms: + return "signature_algorithms"; + case use_srtp: + return "use_srtp"; + case heartbeat: + return "heartbeat"; + case application_layer_protocol_negotiation: + return "application_layer_protocol_negotiation"; + case status_request_v2: + return "status_request_v2"; + case signed_certificate_timestamp: + return "signed_certificate_timestamp"; + case client_certificate_type: + return "client_certificate_type"; + case server_certificate_type: + return "server_certificate_type"; + case padding: + return "padding"; + case encrypt_then_mac: + return "encrypt_then_mac"; + case extended_master_secret: + return "extended_master_secret"; + case token_binding: + return "token_binding"; + case cached_info: + return "cached_info"; + case compress_certificate: + return "compress_certificate"; + case record_size_limit: + return "record_size_limit"; + case session_ticket: + return "session_ticket"; + case pre_shared_key: + return "pre_shared_key"; + case early_data: + return "early_data"; + case supported_versions: + return "supported_versions"; + case cookie: + return "cookie"; + case psk_key_exchange_modes: + return "psk_key_exchange_modes"; + case certificate_authorities: + return "certificate_authorities"; + case oid_filters: + return "oid_filters"; + case post_handshake_auth: + return "post_handshake_auth"; + case signature_algorithms_cert: + return "signature_algorithms_cert"; + case key_share: + return "key_share"; + case renegotiation_info: + return "renegotiation_info"; + default: + return "UNKNOWN"; + } + } + + public static string GetText(int extensionType) + { + return GetName(extensionType) + "(" + extensionType + ")"; + } + + public static bool IsRecognized(int extensionType) + { + switch (extensionType) + { + case server_name: + case max_fragment_length: + case client_certificate_url: + case trusted_ca_keys: + case truncated_hmac: + case status_request: + case user_mapping: + case client_authz: + case server_authz: + case cert_type: + case supported_groups: + case ec_point_formats: + case srp: + case signature_algorithms: + case use_srtp: + case heartbeat: + case application_layer_protocol_negotiation: + case status_request_v2: + case signed_certificate_timestamp: + case client_certificate_type: + case server_certificate_type: + case padding: + case encrypt_then_mac: + case extended_master_secret: + case token_binding: + case cached_info: + case compress_certificate: + case record_size_limit: + case session_ticket: + case pre_shared_key: + case early_data: + case supported_versions: + case cookie: + case psk_key_exchange_modes: + case certificate_authorities: + case oid_filters: + case post_handshake_auth: + case signature_algorithms_cert: + case key_share: + case renegotiation_info: + return true; + default: + return false; + } + } + } +} diff --git a/BouncyCastle/crypto/src/tls/HandshakeMessageInput.cs b/BouncyCastle/crypto/src/tls/HandshakeMessageInput.cs new file mode 100644 index 0000000..8d9a291 --- /dev/null +++ b/BouncyCastle/crypto/src/tls/HandshakeMessageInput.cs @@ -0,0 +1,60 @@ +using System; +using System.IO; + +using Org.BouncyCastle.Tls.Crypto; +using Org.BouncyCastle.Utilities.IO; + +namespace Org.BouncyCastle.Tls +{ + // TODO Rewrite without MemoryStream + public sealed class HandshakeMessageInput + : MemoryStream + { + private readonly int m_offset; + + internal HandshakeMessageInput(byte[] buf, int offset, int length) +#if PORTABLE + : base(buf, offset, length, false) +#else + : base(buf, offset, length, false, true) +#endif + { +#if PORTABLE + this.m_offset = 0; +#else + this.m_offset = offset; +#endif + } + + public void UpdateHash(TlsHash hash) + { + Streams.WriteBufTo(this, new TlsHashSink(hash)); + } + + internal void UpdateHashPrefix(TlsHash hash, int bindersSize) + { +#if PORTABLE + byte[] buf = ToArray(); + int count = buf.Length; +#else + byte[] buf = GetBuffer(); + int count = (int)Length; +#endif + + hash.Update(buf, m_offset, count - bindersSize); + } + + internal void UpdateHashSuffix(TlsHash hash, int bindersSize) + { +#if PORTABLE + byte[] buf = ToArray(); + int count = buf.Length; +#else + byte[] buf = GetBuffer(); + int count = (int)Length; +#endif + + hash.Update(buf, m_offset + count - bindersSize, bindersSize); + } + } +} diff --git a/BouncyCastle/crypto/src/tls/HandshakeMessageOutput.cs b/BouncyCastle/crypto/src/tls/HandshakeMessageOutput.cs new file mode 100644 index 0000000..ff45ce6 --- /dev/null +++ b/BouncyCastle/crypto/src/tls/HandshakeMessageOutput.cs @@ -0,0 +1,104 @@ +using System; +using System.IO; + +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Tls +{ + internal sealed class HandshakeMessageOutput + : MemoryStream + { + internal static int GetLength(int bodyLength) + { + return 4 + bodyLength; + } + + /// + internal static void Send(TlsProtocol protocol, short handshakeType, byte[] body) + { + HandshakeMessageOutput message = new HandshakeMessageOutput(handshakeType, body.Length); + message.Write(body, 0, body.Length); + message.Send(protocol); + } + + /// + internal HandshakeMessageOutput(short handshakeType) + : this(handshakeType, 60) + { + } + + /// + internal HandshakeMessageOutput(short handshakeType, int bodyLength) + : base(GetLength(bodyLength)) + { + TlsUtilities.CheckUint8(handshakeType); + TlsUtilities.WriteUint8(handshakeType, this); + // Reserve space for length + Seek(3L, SeekOrigin.Current); + } + + /// + internal void Send(TlsProtocol protocol) + { + // Patch actual length back in + int bodyLength = (int)Length - 4; + TlsUtilities.CheckUint24(bodyLength); + + Seek(1L, SeekOrigin.Begin); + TlsUtilities.WriteUint24(bodyLength, this); + +#if PORTABLE + byte[] buf = ToArray(); + int count = buf.Length; +#else + byte[] buf = GetBuffer(); + int count = (int)Length; +#endif + protocol.WriteHandshakeMessage(buf, 0, count); + + Platform.Dispose(this); + } + + internal void PrepareClientHello(TlsHandshakeHash handshakeHash, int bindersSize) + { + // Patch actual length back in + int bodyLength = (int)Length - 4 + bindersSize; + TlsUtilities.CheckUint24(bodyLength); + + Seek(1L, SeekOrigin.Begin); + TlsUtilities.WriteUint24(bodyLength, this); + +#if PORTABLE + byte[] buf = ToArray(); + int count = buf.Length; +#else + byte[] buf = GetBuffer(); + int count = (int)Length; +#endif + + handshakeHash.Update(buf, 0, count); + + Seek(0L, SeekOrigin.End); + } + + internal void SendClientHello(TlsClientProtocol clientProtocol, TlsHandshakeHash handshakeHash, int bindersSize) + { +#if PORTABLE + byte[] buf = ToArray(); + int count = buf.Length; +#else + byte[] buf = GetBuffer(); + int count = (int)Length; +#endif + + if (bindersSize > 0) + { + handshakeHash.Update(buf, count - bindersSize, bindersSize); + } + + clientProtocol.WriteHandshakeMessage(buf, 0, count); + + Platform.Dispose(this); + } + } +} diff --git a/BouncyCastle/crypto/src/tls/HandshakeType.cs b/BouncyCastle/crypto/src/tls/HandshakeType.cs new file mode 100644 index 0000000..ad2c29c --- /dev/null +++ b/BouncyCastle/crypto/src/tls/HandshakeType.cs @@ -0,0 +1,139 @@ +using System; + +namespace Org.BouncyCastle.Tls +{ + public abstract class HandshakeType + { + /* + * RFC 2246 7.4 + */ + public const short hello_request = 0; + public const short client_hello = 1; + public const short server_hello = 2; + public const short certificate = 11; + public const short server_key_exchange = 12; + public const short certificate_request = 13; + public const short server_hello_done = 14; + public const short certificate_verify = 15; + public const short client_key_exchange = 16; + public const short finished = 20; + + /* + * RFC 3546 2.4 + */ + public const short certificate_url = 21; + public const short certificate_status = 22; + + /* + * (DTLS) RFC 4347 4.3.2 + */ + public const short hello_verify_request = 3; + + /* + * RFC 4680 + */ + public const short supplemental_data = 23; + + /* + * RFC 8446 + */ + public const short new_session_ticket = 4; + public const short end_of_early_data = 5; + public const short hello_retry_request = 6; + public const short encrypted_extensions = 8; + public const short key_update = 24; + public const short message_hash = 254; + + /* + * RFC 8879 + */ + public const short compressed_certificate = 25; + + public static string GetName(short handshakeType) + { + switch (handshakeType) + { + case hello_request: + return "hello_request"; + case client_hello: + return "client_hello"; + case server_hello: + return "server_hello"; + case certificate: + return "certificate"; + case server_key_exchange: + return "server_key_exchange"; + case certificate_request: + return "certificate_request"; + case server_hello_done: + return "server_hello_done"; + case certificate_verify: + return "certificate_verify"; + case client_key_exchange: + return "client_key_exchange"; + case finished: + return "finished"; + case certificate_url: + return "certificate_url"; + case certificate_status: + return "certificate_status"; + case hello_verify_request: + return "hello_verify_request"; + case supplemental_data: + return "supplemental_data"; + case new_session_ticket: + return "new_session_ticket"; + case end_of_early_data: + return "end_of_early_data"; + case hello_retry_request: + return "hello_retry_request"; + case encrypted_extensions: + return "encrypted_extensions"; + case key_update: + return "key_update"; + case message_hash: + return "message_hash"; + case compressed_certificate: + return "compressed_certificate"; + default: + return "UNKNOWN"; + } + } + + public static string GetText(short handshakeType) + { + return GetName(handshakeType) + "(" + handshakeType + ")"; + } + + public static bool IsRecognized(short handshakeType) + { + switch (handshakeType) + { + case hello_request: + case client_hello: + case server_hello: + case certificate: + case server_key_exchange: + case certificate_request: + case server_hello_done: + case certificate_verify: + case client_key_exchange: + case finished: + case certificate_url: + case certificate_status: + case hello_verify_request: + case supplemental_data: + case new_session_ticket: + case end_of_early_data: + case hello_retry_request: + case encrypted_extensions: + case key_update: + case message_hash: + case compressed_certificate: + return true; + default: + return false; + } + } + } +} diff --git a/BouncyCastle/crypto/src/tls/HashAlgorithm.cs b/BouncyCastle/crypto/src/tls/HashAlgorithm.cs new file mode 100644 index 0000000..2c8ba4f --- /dev/null +++ b/BouncyCastle/crypto/src/tls/HashAlgorithm.cs @@ -0,0 +1,94 @@ +using System; + +namespace Org.BouncyCastle.Tls +{ + /// RFC 5246 7.4.1.4.1 + public abstract class HashAlgorithm + { + public const short none = 0; + public const short md5 = 1; + public const short sha1 = 2; + public const short sha224 = 3; + public const short sha256 = 4; + public const short sha384 = 5; + public const short sha512 = 6; + + /* + * RFC 8422 + */ + public const short Intrinsic = 8; + + public static string GetName(short hashAlgorithm) + { + switch (hashAlgorithm) + { + case none: + return "none"; + case md5: + return "md5"; + case sha1: + return "sha1"; + case sha224: + return "sha224"; + case sha256: + return "sha256"; + case sha384: + return "sha384"; + case sha512: + return "sha512"; + case Intrinsic: + return "Intrinsic"; + default: + return "UNKNOWN"; + } + } + + public static int GetOutputSize(short hashAlgorithm) + { + switch (hashAlgorithm) + { + case md5: + return 16; + case sha1: + return 20; + case sha224: + return 28; + case sha256: + return 32; + case sha384: + return 48; + case sha512: + return 64; + default: + return -1; + } + } + + public static string GetText(short hashAlgorithm) + { + return GetName(hashAlgorithm) + "(" + hashAlgorithm + ")"; + } + + public static bool IsPrivate(short hashAlgorithm) + { + return 224 <= hashAlgorithm && hashAlgorithm <= 255; + } + + public static bool IsRecognized(short hashAlgorithm) + { + switch (hashAlgorithm) + { + case md5: + case sha1: + case sha224: + case sha256: + case sha384: + case sha512: + case Intrinsic: + return true; + default: + return false; + } + } + } +} diff --git a/BouncyCastle/crypto/src/tls/HeartbeatExtension.cs b/BouncyCastle/crypto/src/tls/HeartbeatExtension.cs new file mode 100644 index 0000000..c44d84a --- /dev/null +++ b/BouncyCastle/crypto/src/tls/HeartbeatExtension.cs @@ -0,0 +1,44 @@ +using System; +using System.IO; + +namespace Org.BouncyCastle.Tls +{ + public sealed class HeartbeatExtension + { + private readonly short m_mode; + + public HeartbeatExtension(short mode) + { + if (!HeartbeatMode.IsValid(mode)) + throw new ArgumentException("not a valid HeartbeatMode value", "mode"); + + this.m_mode = mode; + } + + public short Mode + { + get { return m_mode; } + } + + /// Encode this to a . + /// the to encode to. + /// + public void Encode(Stream output) + { + TlsUtilities.WriteUint8(m_mode, output); + } + + /// Parse a from a . + /// the to parse from. + /// a object. + /// + public static HeartbeatExtension Parse(Stream input) + { + short mode = TlsUtilities.ReadUint8(input); + if (!HeartbeatMode.IsValid(mode)) + throw new TlsFatalAlert(AlertDescription.illegal_parameter); + + return new HeartbeatExtension(mode); + } + } +} diff --git a/BouncyCastle/crypto/src/tls/HeartbeatMessage.cs b/BouncyCastle/crypto/src/tls/HeartbeatMessage.cs new file mode 100644 index 0000000..9e5c7d1 --- /dev/null +++ b/BouncyCastle/crypto/src/tls/HeartbeatMessage.cs @@ -0,0 +1,118 @@ +using System; +using System.IO; + +using Org.BouncyCastle.Utilities; +using Org.BouncyCastle.Utilities.IO; + +namespace Org.BouncyCastle.Tls +{ + public sealed class HeartbeatMessage + { + public static HeartbeatMessage Create(TlsContext context, short type, byte[] payload) + { + return Create(context, type, payload, 16); + } + + public static HeartbeatMessage Create(TlsContext context, short type, byte[] payload, int paddingLength) + { + byte[] padding = context.NonceGenerator.GenerateNonce(paddingLength); + + return new HeartbeatMessage(type, payload, padding); + } + + private readonly short m_type; + private readonly byte[] m_payload; + private readonly byte[] m_padding; + + public HeartbeatMessage(short type, byte[] payload, byte[] padding) + { + if (!HeartbeatMessageType.IsValid(type)) + throw new ArgumentException("not a valid HeartbeatMessageType value", "type"); + if (null == payload || payload.Length >= (1 << 16)) + throw new ArgumentException("must have length < 2^16", "payload"); + if (null == padding || padding.Length < 16) + throw new ArgumentException("must have length >= 16", "padding"); + + this.m_type = type; + this.m_payload = payload; + this.m_padding = padding; + } + + public int PaddingLength + { + /* + * RFC 6520 4. The padding of a received HeartbeatMessage message MUST be ignored + */ + get { return m_padding.Length; } + } + + public byte[] Payload + { + get { return m_payload; } + } + + public short Type + { + get { return m_type; } + } + + /// Encode this to a . + /// the to encode to. + /// + public void Encode(Stream output) + { + TlsUtilities.WriteUint8(m_type, output); + + TlsUtilities.CheckUint16(m_payload.Length); + TlsUtilities.WriteUint16(m_payload.Length, output); + output.Write(m_payload, 0, m_payload.Length); + + output.Write(m_padding, 0, m_padding.Length); + } + + /// Parse a from a . + /// the to parse from. + /// a object. + /// + public static HeartbeatMessage Parse(Stream input) + { + short type = TlsUtilities.ReadUint8(input); + if (!HeartbeatMessageType.IsValid(type)) + throw new TlsFatalAlert(AlertDescription.illegal_parameter); + + int payload_length = TlsUtilities.ReadUint16(input); + byte[] payloadBuffer = Streams.ReadAll(input); + + byte[] payload = GetPayload(payloadBuffer, payload_length); + if (null == payload) + { + /* + * RFC 6520 4. If the payload_length of a received HeartbeatMessage is too large, the received + * HeartbeatMessage MUST be discarded silently. + */ + return null; + } + + byte[] padding = GetPadding(payloadBuffer, payload_length); + + return new HeartbeatMessage(type, payload, padding); + } + + private static byte[] GetPayload(byte[] payloadBuffer, int payloadLength) + { + /* + * RFC 6520 4. The padding_length MUST be at least 16. + */ + int maxPayloadLength = payloadBuffer.Length - 16; + if (payloadLength > maxPayloadLength) + return null; + + return Arrays.CopyOf(payloadBuffer, payloadLength); + } + + private static byte[] GetPadding(byte[] payloadBuffer, int payloadLength) + { + return TlsUtilities.CopyOfRangeExact(payloadBuffer, payloadLength, payloadBuffer.Length); + } + } +} diff --git a/BouncyCastle/crypto/src/tls/HeartbeatMessageType.cs b/BouncyCastle/crypto/src/tls/HeartbeatMessageType.cs new file mode 100644 index 0000000..18f86b1 --- /dev/null +++ b/BouncyCastle/crypto/src/tls/HeartbeatMessageType.cs @@ -0,0 +1,34 @@ +using System; + +namespace Org.BouncyCastle.Tls +{ + /// RFC 6520 3. + public abstract class HeartbeatMessageType + { + public const short heartbeat_request = 1; + public const short heartbeat_response = 2; + + public static string GetName(short heartbeatMessageType) + { + switch (heartbeatMessageType) + { + case heartbeat_request: + return "heartbeat_request"; + case heartbeat_response: + return "heartbeat_response"; + default: + return "UNKNOWN"; + } + } + + public static string GetText(short heartbeatMessageType) + { + return GetName(heartbeatMessageType) + "(" + heartbeatMessageType + ")"; + } + + public static bool IsValid(short heartbeatMessageType) + { + return heartbeatMessageType >= heartbeat_request && heartbeatMessageType <= heartbeat_response; + } + } +} diff --git a/BouncyCastle/crypto/src/tls/HeartbeatMode.cs b/BouncyCastle/crypto/src/tls/HeartbeatMode.cs new file mode 100644 index 0000000..8e65d54 --- /dev/null +++ b/BouncyCastle/crypto/src/tls/HeartbeatMode.cs @@ -0,0 +1,36 @@ +using System; + +namespace Org.BouncyCastle.Tls +{ + /* + * RFC 6520 + */ + public abstract class HeartbeatMode + { + public const short peer_allowed_to_send = 1; + public const short peer_not_allowed_to_send = 2; + + public static string GetName(short heartbeatMode) + { + switch (heartbeatMode) + { + case peer_allowed_to_send: + return "peer_allowed_to_send"; + case peer_not_allowed_to_send: + return "peer_not_allowed_to_send"; + default: + return "UNKNOWN"; + } + } + + public static string GetText(short heartbeatMode) + { + return GetName(heartbeatMode) + "(" + heartbeatMode + ")"; + } + + public static bool IsValid(short heartbeatMode) + { + return heartbeatMode >= peer_allowed_to_send && heartbeatMode <= peer_not_allowed_to_send; + } + } +} diff --git a/BouncyCastle/crypto/src/tls/IdentifierType.cs b/BouncyCastle/crypto/src/tls/IdentifierType.cs new file mode 100644 index 0000000..df62e82 --- /dev/null +++ b/BouncyCastle/crypto/src/tls/IdentifierType.cs @@ -0,0 +1,35 @@ +using System; + +namespace Org.BouncyCastle.Tls +{ + /// RFC 6066 + public abstract class IdentifierType + { + public const short pre_agreed = 0; + public const short key_sha1_hash = 1; + public const short x509_name = 2; + public const short cert_sha1_hash = 3; + + public static string GetName(short identifierType) + { + switch (identifierType) + { + case pre_agreed: + return "pre_agreed"; + case key_sha1_hash: + return "key_sha1_hash"; + case x509_name: + return "x509_name"; + case cert_sha1_hash: + return "cert_sha1_hash"; + default: + return "UNKNOWN"; + } + } + + public static string GetText(short identifierType) + { + return GetName(identifierType) + "(" + identifierType + ")"; + } + } +} diff --git a/BouncyCastle/crypto/src/tls/KeyExchangeAlgorithm.cs b/BouncyCastle/crypto/src/tls/KeyExchangeAlgorithm.cs new file mode 100644 index 0000000..1dfa6db --- /dev/null +++ b/BouncyCastle/crypto/src/tls/KeyExchangeAlgorithm.cs @@ -0,0 +1,63 @@ +using System; + +namespace Org.BouncyCastle.Tls +{ + /// RFC 2246 + /// + /// Note that the values here are implementation-specific and arbitrary. It is recommended not to depend on the + /// particular values (e.g. serialization). + /// + public abstract class KeyExchangeAlgorithm + { + /* + * NOTE: We interpret TLS 1.3 cipher suites as having a NULL key exchange + */ + public const int NULL = 0; + + public const int RSA = 1; + public const int RSA_EXPORT = 2; + public const int DHE_DSS = 3; + public const int DHE_DSS_EXPORT = 4; + public const int DHE_RSA = 5; + public const int DHE_RSA_EXPORT = 6; + public const int DH_DSS = 7; + public const int DH_DSS_EXPORT = 8; + public const int DH_RSA = 9; + public const int DH_RSA_EXPORT = 10; + public const int DH_anon = 11; + public const int DH_anon_EXPORT = 12; + + /* + * RFC 4279 + */ + public const int PSK = 13; + public const int DHE_PSK = 14; + public const int RSA_PSK = 15; + + /* + * RFC 4429 + */ + public const int ECDH_ECDSA = 16; + public const int ECDHE_ECDSA = 17; + public const int ECDH_RSA = 18; + public const int ECDHE_RSA = 19; + public const int ECDH_anon = 20; + + /* + * RFC 5054 + */ + public const int SRP = 21; + public const int SRP_DSS = 22; + public const int SRP_RSA = 23; + + /* + * RFC 5489 + */ + public const int ECDHE_PSK = 24; + + /* + * GMT 0024-2014 + */ + public const int SM2 = 25; + } +} diff --git a/BouncyCastle/crypto/src/tls/KeyShareEntry.cs b/BouncyCastle/crypto/src/tls/KeyShareEntry.cs new file mode 100644 index 0000000..c4be657 --- /dev/null +++ b/BouncyCastle/crypto/src/tls/KeyShareEntry.cs @@ -0,0 +1,62 @@ +using System; +using System.IO; + +namespace Org.BouncyCastle.Tls +{ + public sealed class KeyShareEntry + { + private static bool CheckKeyExchangeLength(int length) + { + return 0 < length && length < (1 << 16); + } + + private readonly int m_namedGroup; + private readonly byte[] m_keyExchange; + + /// + /// + public KeyShareEntry(int namedGroup, byte[] keyExchange) + { + if (!TlsUtilities.IsValidUint16(namedGroup)) + throw new ArgumentException("should be a uint16", "namedGroup"); + if (null == keyExchange) + throw new ArgumentNullException("keyExchange"); + if (!CheckKeyExchangeLength(keyExchange.Length)) + throw new ArgumentException("must have length from 1 to (2^16 - 1)", "keyExchange"); + + this.m_namedGroup = namedGroup; + this.m_keyExchange = keyExchange; + } + + /// + public int NamedGroup + { + get { return m_namedGroup; } + } + + public byte[] KeyExchange + { + get { return m_keyExchange; } + } + + /// Encode this to a . + /// the to encode to. + /// + public void Encode(Stream output) + { + TlsUtilities.WriteUint16(NamedGroup, output); + TlsUtilities.WriteOpaque16(KeyExchange, output); + } + + /// Parse a from a . + /// the to parse from. + /// a object. + /// + public static KeyShareEntry Parse(Stream input) + { + int namedGroup = TlsUtilities.ReadUint16(input); + byte[] keyExchange = TlsUtilities.ReadOpaque16(input, 1); + return new KeyShareEntry(namedGroup, keyExchange); + } + } +} diff --git a/BouncyCastle/crypto/src/tls/KeyUpdateRequest.cs b/BouncyCastle/crypto/src/tls/KeyUpdateRequest.cs new file mode 100644 index 0000000..2a784e6 --- /dev/null +++ b/BouncyCastle/crypto/src/tls/KeyUpdateRequest.cs @@ -0,0 +1,34 @@ +using System; + +namespace Org.BouncyCastle.Tls +{ + /// RFC 8446 4.6.3 + public abstract class KeyUpdateRequest + { + public const short update_not_requested = 0; + public const short update_requested = 1; + + public static string GetName(short keyUpdateRequest) + { + switch (keyUpdateRequest) + { + case update_not_requested: + return "update_not_requested"; + case update_requested: + return "update_requested"; + default: + return "UNKNOWN"; + } + } + + public static string GetText(short keyUpdateRequest) + { + return GetName(keyUpdateRequest) + "(" + keyUpdateRequest + ")"; + } + + public static bool IsValid(short keyUpdateRequest) + { + return keyUpdateRequest >= update_not_requested && keyUpdateRequest <= update_requested; + } + } +} diff --git a/BouncyCastle/crypto/src/tls/MacAlgorithm.cs b/BouncyCastle/crypto/src/tls/MacAlgorithm.cs new file mode 100644 index 0000000..1706de1 --- /dev/null +++ b/BouncyCastle/crypto/src/tls/MacAlgorithm.cs @@ -0,0 +1,66 @@ +using System; + +namespace Org.BouncyCastle.Tls +{ + /// RFC 2246 + /// + /// Note that the values here are implementation-specific and arbitrary. It is recommended not to depend on the + /// particular values (e.g. serialization). + /// + public abstract class MacAlgorithm + { + public const int cls_null = 0; + public const int md5 = 1; + public const int sha = 2; + + /* + * RFC 5246 + */ + public const int hmac_md5 = md5; + public const int hmac_sha1 = sha; + public const int hmac_sha256 = 3; + public const int hmac_sha384 = 4; + public const int hmac_sha512 = 5; + + public static string GetName(int macAlgorithm) + { + switch (macAlgorithm) + { + case cls_null: + return "null"; + case hmac_md5: + return "hmac_md5"; + case hmac_sha1: + return "hmac_sha1"; + case hmac_sha256: + return "hmac_sha256"; + case hmac_sha384: + return "hmac_sha384"; + case hmac_sha512: + return "hmac_sha512"; + default: + return "UNKNOWN"; + } + } + + public static string GetText(int macAlgorithm) + { + return GetName(macAlgorithm) + "(" + macAlgorithm + ")"; + } + + public static bool IsHmac(int macAlgorithm) + { + switch (macAlgorithm) + { + case hmac_md5: + case hmac_sha1: + case hmac_sha256: + case hmac_sha384: + case hmac_sha512: + return true; + default: + return false; + } + } + } +} diff --git a/BouncyCastle/crypto/src/tls/MaxFragmentLength.cs b/BouncyCastle/crypto/src/tls/MaxFragmentLength.cs new file mode 100644 index 0000000..d335de5 --- /dev/null +++ b/BouncyCastle/crypto/src/tls/MaxFragmentLength.cs @@ -0,0 +1,20 @@ +using System; + +namespace Org.BouncyCastle.Tls +{ + public abstract class MaxFragmentLength + { + /* + * RFC 3546 3.2. + */ + public const short pow2_9 = 1; + public const short pow2_10 = 2; + public const short pow2_11 = 3; + public const short pow2_12 = 4; + + public static bool IsValid(short maxFragmentLength) + { + return maxFragmentLength >= pow2_9 && maxFragmentLength <= pow2_12; + } + } +} diff --git a/BouncyCastle/crypto/src/tls/NameType.cs b/BouncyCastle/crypto/src/tls/NameType.cs new file mode 100644 index 0000000..f2e8ec6 --- /dev/null +++ b/BouncyCastle/crypto/src/tls/NameType.cs @@ -0,0 +1,38 @@ +using System; + +namespace Org.BouncyCastle.Tls +{ + public abstract class NameType + { + /* + * RFC 3546 3.1. + */ + public const short host_name = 0; + + public static string GetName(short nameType) + { + switch (nameType) + { + case host_name: + return "host_name"; + default: + return "UNKNOWN"; + } + } + + public static string GetText(short nameType) + { + return GetName(nameType) + "(" + nameType + ")"; + } + + public static bool IsRecognized(short nameType) + { + return host_name == nameType; + } + + public static bool IsValid(short nameType) + { + return TlsUtilities.IsValidUint8(nameType); + } + } +} diff --git a/BouncyCastle/crypto/src/tls/NamedGroup.cs b/BouncyCastle/crypto/src/tls/NamedGroup.cs new file mode 100644 index 0000000..0035ef9 --- /dev/null +++ b/BouncyCastle/crypto/src/tls/NamedGroup.cs @@ -0,0 +1,416 @@ +using System; + +namespace Org.BouncyCastle.Tls +{ + /// RFC 7919 + public abstract class NamedGroup + { + /* + * RFC 4492 5.1.1 + *

    + * The named curves defined here are those specified in SEC 2 [13]. Note that many of these curves + * are also recommended in ANSI X9.62 [7] and FIPS 186-2 [11]. Values 0xFE00 through 0xFEFF are + * reserved for private use. Values 0xFF01 and 0xFF02 indicate that the client supports arbitrary + * prime and characteristic-2 curves, respectively (the curve parameters must be encoded explicitly + * in ECParameters). + */ + public const int sect163k1 = 1; + public const int sect163r1 = 2; + public const int sect163r2 = 3; + public const int sect193r1 = 4; + public const int sect193r2 = 5; + public const int sect233k1 = 6; + public const int sect233r1 = 7; + public const int sect239k1 = 8; + public const int sect283k1 = 9; + public const int sect283r1 = 10; + public const int sect409k1 = 11; + public const int sect409r1 = 12; + public const int sect571k1 = 13; + public const int sect571r1 = 14; + public const int secp160k1 = 15; + public const int secp160r1 = 16; + public const int secp160r2 = 17; + public const int secp192k1 = 18; + public const int secp192r1 = 19; + public const int secp224k1 = 20; + public const int secp224r1 = 21; + public const int secp256k1 = 22; + public const int secp256r1 = 23; + public const int secp384r1 = 24; + public const int secp521r1 = 25; + + /* + * RFC 7027 + */ + public const int brainpoolP256r1 = 26; + public const int brainpoolP384r1 = 27; + public const int brainpoolP512r1 = 28; + + /* + * RFC 8422 + */ + public const int x25519 = 29; + public const int x448 = 30; + + /* + * RFC 8734 + */ + public const int brainpoolP256r1tls13 = 31; + public const int brainpoolP384r1tls13 = 32; + public const int brainpoolP512r1tls13 = 33; + + /* + * draft-smyshlyaev-tls12-gost-suites-10 + */ + public const int GC256A = 34; + public const int GC256B = 35; + public const int GC256C = 36; + public const int GC256D = 37; + public const int GC512A = 38; + public const int GC512B = 39; + public const int GC512C = 40; + + /* + * RFC 8998 + */ + public const int curveSM2 = 41; + + /* + * RFC 7919 2. Codepoints in the "Supported Groups Registry" with a high byte of 0x01 (that is, + * between 256 and 511, inclusive) are set aside for FFDHE groups, though only a small number of + * them are initially defined and we do not expect many other FFDHE groups to be added to this + * range. No codepoints outside of this range will be allocated to FFDHE groups. + */ + public const int ffdhe2048 = 256; + public const int ffdhe3072 = 257; + public const int ffdhe4096 = 258; + public const int ffdhe6144 = 259; + public const int ffdhe8192 = 260; + + /* + * RFC 8446 reserved ffdhe_private_use (0x01FC..0x01FF) + */ + + /* + * RFC 4492 reserved ecdhe_private_use (0xFE00..0xFEFF) + */ + + /* + * RFC 4492 + */ + public const int arbitrary_explicit_prime_curves = 0xFF01; + public const int arbitrary_explicit_char2_curves = 0xFF02; + + /* Names of the actual underlying elliptic curves (not necessarily matching the NamedGroup names). */ + private static readonly string[] CurveNames = new string[]{ "sect163k1", "sect163r1", "sect163r2", "sect193r1", + "sect193r2", "sect233k1", "sect233r1", "sect239k1", "sect283k1", "sect283r1", "sect409k1", "sect409r1", + "sect571k1", "sect571r1", "secp160k1", "secp160r1", "secp160r2", "secp192k1", "secp192r1", "secp224k1", + "secp224r1", "secp256k1", "secp256r1", "secp384r1", "secp521r1", "brainpoolP256r1", "brainpoolP384r1", + "brainpoolP512r1", "X25519", "X448", "brainpoolP256r1", "brainpoolP384r1", "brainpoolP512r1", + "Tc26-Gost-3410-12-256-paramSetA", "GostR3410-2001-CryptoPro-A", "GostR3410-2001-CryptoPro-B", + "GostR3410-2001-CryptoPro-C", "Tc26-Gost-3410-12-512-paramSetA", "Tc26-Gost-3410-12-512-paramSetB", + "Tc26-Gost-3410-12-512-paramSetC", "sm2p256v1" }; + + private static readonly string[] FiniteFieldNames = new string[]{ "ffdhe2048", "ffdhe3072", "ffdhe4096", + "ffdhe6144", "ffdhe8192" }; + + public static bool CanBeNegotiated(int namedGroup, ProtocolVersion version) + { + if (TlsUtilities.IsTlsV13(version)) + { + if ((namedGroup >= sect163k1 && namedGroup <= secp256k1) + || (namedGroup >= brainpoolP256r1 && namedGroup <= brainpoolP512r1) + || (namedGroup >= GC256A && namedGroup <= GC512C) + || (namedGroup >= arbitrary_explicit_prime_curves && namedGroup <= arbitrary_explicit_char2_curves)) + { + return false; + } + } + else + { + if ((namedGroup >= brainpoolP256r1tls13 && namedGroup <= brainpoolP512r1tls13) + || (namedGroup == curveSM2)) + { + return false; + } + } + + return IsValid(namedGroup); + } + + public static int GetCurveBits(int namedGroup) + { + switch (namedGroup) + { + case secp160k1: + case secp160r1: + case secp160r2: + return 160; + + case sect163k1: + case sect163r1: + case sect163r2: + return 163; + + case secp192k1: + case secp192r1: + return 192; + + case sect193r1: + case sect193r2: + return 193; + + case secp224k1: + case secp224r1: + return 224; + + case sect233k1: + case sect233r1: + return 233; + + case sect239k1: + return 239; + + case x25519: + return 252; + + case brainpoolP256r1: + case brainpoolP256r1tls13: + case curveSM2: + case GC256A: + case GC256B: + case GC256C: + case GC256D: + case secp256k1: + case secp256r1: + return 256; + + case sect283k1: + case sect283r1: + return 283; + + case brainpoolP384r1: + case brainpoolP384r1tls13: + case secp384r1: + return 384; + + case sect409k1: + case sect409r1: + return 409; + + case x448: + return 446; + + case brainpoolP512r1: + case brainpoolP512r1tls13: + case GC512A: + case GC512B: + case GC512C: + return 512; + + case secp521r1: + return 521; + + case sect571k1: + case sect571r1: + return 571; + + default: + return 0; + } + } + + public static string GetCurveName(int namedGroup) + { + if (RefersToASpecificCurve(namedGroup)) + { + return CurveNames[namedGroup - sect163k1]; + } + + return null; + } + + public static int GetFiniteFieldBits(int namedGroup) + { + switch (namedGroup) + { + case ffdhe2048: + return 2048; + case ffdhe3072: + return 3072; + case ffdhe4096: + return 4096; + case ffdhe6144: + return 6144; + case ffdhe8192: + return 8192; + default: + return 0; + } + } + + public static string GetFiniteFieldName(int namedGroup) + { + if (RefersToASpecificFiniteField(namedGroup)) + { + return FiniteFieldNames[namedGroup - ffdhe2048]; + } + + return null; + } + + public static int GetMaximumChar2CurveBits() + { + return 571; + } + + public static int GetMaximumCurveBits() + { + return 571; + } + + public static int GetMaximumFiniteFieldBits() + { + return 8192; + } + + public static int GetMaximumPrimeCurveBits() + { + return 521; + } + + public static string GetName(int namedGroup) + { + if (IsPrivate(namedGroup)) + { + return "PRIVATE"; + } + + switch (namedGroup) + { + case x25519: + return "x25519"; + case x448: + return "x448"; + case brainpoolP256r1tls13: + return "brainpoolP256r1tls13"; + case brainpoolP384r1tls13: + return "brainpoolP384r1tls13"; + case brainpoolP512r1tls13: + return "brainpoolP512r1tls13"; + case GC256A: + return "GC256A"; + case GC256B: + return "GC256B"; + case GC256C: + return "GC256C"; + case GC256D: + return "GC256D"; + case GC512A: + return "GC512A"; + case GC512B: + return "GC512B"; + case GC512C: + return "GC512C"; + case curveSM2: + return "curveSM2"; + case arbitrary_explicit_prime_curves: + return "arbitrary_explicit_prime_curves"; + case arbitrary_explicit_char2_curves: + return "arbitrary_explicit_char2_curves"; + } + + string standardName = GetStandardName(namedGroup); + if (null != standardName) + { + return standardName; + } + + return "UNKNOWN"; + } + + public static string GetStandardName(int namedGroup) + { + string curveName = GetCurveName(namedGroup); + if (null != curveName) + { + return curveName; + } + + string finiteFieldName = GetFiniteFieldName(namedGroup); + if (null != finiteFieldName) + { + return finiteFieldName; + } + + return null; + } + + public static string GetText(int namedGroup) + { + return GetName(namedGroup) + "(" + namedGroup + ")"; + } + + public static bool IsChar2Curve(int namedGroup) + { + return (namedGroup >= sect163k1 && namedGroup <= sect571r1) + || (namedGroup == arbitrary_explicit_char2_curves); + } + + public static bool IsPrimeCurve(int namedGroup) + { + return (namedGroup >= secp160k1 && namedGroup <= curveSM2) + || (namedGroup == arbitrary_explicit_prime_curves); + } + + public static bool IsPrivate(int namedGroup) + { + return (namedGroup >> 2) == 0x7F || (namedGroup >> 8) == 0xFE; + } + + public static bool IsValid(int namedGroup) + { + return RefersToASpecificGroup(namedGroup) + || IsPrivate(namedGroup) + || (namedGroup >= arbitrary_explicit_prime_curves && namedGroup <= arbitrary_explicit_char2_curves); + } + + public static bool RefersToAnECDHCurve(int namedGroup) + { + return RefersToASpecificCurve(namedGroup); + } + + public static bool RefersToAnECDSACurve(int namedGroup) + { + /* + * TODO[RFC 8998] Double-check whether this method is only being used to mean + * "signature-capable" or specifically ECDSA, and consider curveSM2 behaviour + * accordingly. + */ + return RefersToASpecificCurve(namedGroup) + && !RefersToAnXDHCurve(namedGroup); + } + + public static bool RefersToAnXDHCurve(int namedGroup) + { + return namedGroup >= x25519 && namedGroup <= x448; + } + + public static bool RefersToASpecificCurve(int namedGroup) + { + return namedGroup >= sect163k1 && namedGroup <= curveSM2; + } + + public static bool RefersToASpecificFiniteField(int namedGroup) + { + return namedGroup >= ffdhe2048 && namedGroup <= ffdhe8192; + } + + public static bool RefersToASpecificGroup(int namedGroup) + { + return RefersToASpecificCurve(namedGroup) + || RefersToASpecificFiniteField(namedGroup); + } + } +} diff --git a/BouncyCastle/crypto/src/tls/NamedGroupRole.cs b/BouncyCastle/crypto/src/tls/NamedGroupRole.cs new file mode 100644 index 0000000..d86e6ad --- /dev/null +++ b/BouncyCastle/crypto/src/tls/NamedGroupRole.cs @@ -0,0 +1,15 @@ +using System; + +namespace Org.BouncyCastle.Tls +{ + /// + /// Note that the values here are implementation-specific and arbitrary. It is recommended not to depend on the + /// particular values (e.g. serialization). + /// + public abstract class NamedGroupRole + { + public const int dh = 1; + public const int ecdh = 2; + public const int ecdsa = 3; + } +} diff --git a/BouncyCastle/crypto/src/tls/NewSessionTicket.cs b/BouncyCastle/crypto/src/tls/NewSessionTicket.cs new file mode 100644 index 0000000..6e2a013 --- /dev/null +++ b/BouncyCastle/crypto/src/tls/NewSessionTicket.cs @@ -0,0 +1,47 @@ +using System; +using System.IO; + +namespace Org.BouncyCastle.Tls +{ + public sealed class NewSessionTicket + { + private readonly long m_ticketLifetimeHint; + private readonly byte[] m_ticket; + + public NewSessionTicket(long ticketLifetimeHint, byte[] ticket) + { + this.m_ticketLifetimeHint = ticketLifetimeHint; + this.m_ticket = ticket; + } + + public long TicketLifetimeHint + { + get { return m_ticketLifetimeHint; } + } + + public byte[] Ticket + { + get { return m_ticket; } + } + + ///

    Encode this to a . + /// the to encode to. + /// + public void Encode(Stream output) + { + TlsUtilities.WriteUint32(TicketLifetimeHint, output); + TlsUtilities.WriteOpaque16(Ticket, output); + } + + /// Parse a from a . + /// the to parse from. + /// a object. + /// + public static NewSessionTicket Parse(Stream input) + { + long ticketLifetimeHint = TlsUtilities.ReadUint32(input); + byte[] ticket = TlsUtilities.ReadOpaque16(input); + return new NewSessionTicket(ticketLifetimeHint, ticket); + } + } +} diff --git a/BouncyCastle/crypto/src/tls/OcspStatusRequest.cs b/BouncyCastle/crypto/src/tls/OcspStatusRequest.cs new file mode 100644 index 0000000..8679022 --- /dev/null +++ b/BouncyCastle/crypto/src/tls/OcspStatusRequest.cs @@ -0,0 +1,116 @@ +using System; +using System.Collections; +using System.IO; + +using Org.BouncyCastle.Asn1; +using Org.BouncyCastle.Asn1.Ocsp; +using Org.BouncyCastle.Asn1.X509; +using Org.BouncyCastle.Utilities; +using Org.BouncyCastle.Utilities.IO; + +namespace Org.BouncyCastle.Tls +{ + /// RFC 3546 3.6 + public sealed class OcspStatusRequest + { + private readonly IList m_responderIDList; + private readonly X509Extensions m_requestExtensions; + + /// an of , specifying the list of + /// trusted OCSP responders. An empty list has the special meaning that the responders are implicitly known to + /// the server - e.g., by prior arrangement. + /// OCSP request extensions. A null value means that there are no extensions. + /// + public OcspStatusRequest(IList responderIDList, X509Extensions requestExtensions) + { + this.m_responderIDList = responderIDList; + this.m_requestExtensions = requestExtensions; + } + + /// an of . + public IList ResponderIDList + { + get { return m_responderIDList; } + } + + /// OCSP request extensions. + public X509Extensions RequestExtensions + { + get { return m_requestExtensions; } + } + + /// Encode this to a . + /// the to encode to. + /// + public void Encode(Stream output) + { + if (m_responderIDList == null || m_responderIDList.Count < 1) + { + TlsUtilities.WriteUint16(0, output); + } + else + { + MemoryStream buf = new MemoryStream(); + foreach (ResponderID responderID in m_responderIDList) + { + byte[] derEncoding = responderID.GetEncoded(Asn1Encodable.Der); + TlsUtilities.WriteOpaque16(derEncoding, buf); + } + TlsUtilities.CheckUint16(buf.Length); + TlsUtilities.WriteUint16((int)buf.Length, output); + Streams.WriteBufTo(buf, output); + } + + if (m_requestExtensions == null) + { + TlsUtilities.WriteUint16(0, output); + } + else + { + byte[] derEncoding = m_requestExtensions.GetEncoded(Asn1Encodable.Der); + TlsUtilities.CheckUint16(derEncoding.Length); + TlsUtilities.WriteUint16(derEncoding.Length, output); + output.Write(derEncoding, 0, derEncoding.Length); + } + } + + /// Parse an from a . + /// the to parse from. + /// an object. + /// + public static OcspStatusRequest Parse(Stream input) + { + IList responderIDList = Platform.CreateArrayList(); + { + byte[] data = TlsUtilities.ReadOpaque16(input); + if (data.Length > 0) + { + MemoryStream buf = new MemoryStream(data, false); + do + { + byte[] derEncoding = TlsUtilities.ReadOpaque16(buf, 1); + Asn1Object asn1 = TlsUtilities.ReadAsn1Object(derEncoding); + ResponderID responderID = ResponderID.GetInstance(asn1); + TlsUtilities.RequireDerEncoding(responderID, derEncoding); + responderIDList.Add(responderID); + } + while (buf.Position < buf.Length); + } + } + + X509Extensions requestExtensions = null; + { + byte[] derEncoding = TlsUtilities.ReadOpaque16(input); + if (derEncoding.Length > 0) + { + Asn1Object asn1 = TlsUtilities.ReadAsn1Object(derEncoding); + X509Extensions extensions = X509Extensions.GetInstance(asn1); + TlsUtilities.RequireDerEncoding(extensions, derEncoding); + requestExtensions = extensions; + } + } + + return new OcspStatusRequest(responderIDList, requestExtensions); + } + } +} diff --git a/BouncyCastle/crypto/src/tls/OfferedPsks.cs b/BouncyCastle/crypto/src/tls/OfferedPsks.cs new file mode 100644 index 0000000..1cc8a2a --- /dev/null +++ b/BouncyCastle/crypto/src/tls/OfferedPsks.cs @@ -0,0 +1,224 @@ +using System; +using System.Collections; +using System.IO; + +using Org.BouncyCastle.Tls.Crypto; +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Tls +{ + public sealed class OfferedPsks + { + internal class BindersConfig + { + internal readonly TlsPsk[] m_psks; + internal readonly short[] m_pskKeyExchangeModes; + internal readonly TlsSecret[] m_earlySecrets; + internal int m_bindersSize; + + internal BindersConfig(TlsPsk[] psks, short[] pskKeyExchangeModes, TlsSecret[] earlySecrets, + int bindersSize) + { + this.m_psks = psks; + this.m_pskKeyExchangeModes = pskKeyExchangeModes; + this.m_earlySecrets = earlySecrets; + this.m_bindersSize = bindersSize; + } + } + + internal class SelectedConfig + { + internal readonly int m_index; + internal readonly TlsPsk m_psk; + internal readonly short[] m_pskKeyExchangeModes; + internal readonly TlsSecret m_earlySecret; + + internal SelectedConfig(int index, TlsPsk psk, short[] pskKeyExchangeModes, TlsSecret earlySecret) + { + this.m_index = index; + this.m_psk = psk; + this.m_pskKeyExchangeModes = pskKeyExchangeModes; + this.m_earlySecret = earlySecret; + } + } + + private readonly IList m_identities; + private readonly IList m_binders; + private readonly int m_bindersSize; + + public OfferedPsks(IList identities) + : this(identities, null, -1) + { + } + + private OfferedPsks(IList identities, IList binders, int bindersSize) + { + if (null == identities || identities.Count < 1) + throw new ArgumentException("cannot be null or empty", "identities"); + if (null != binders && identities.Count != binders.Count) + throw new ArgumentException("must be the same length as 'identities' (or null)", "binders"); + if ((null != binders) != (bindersSize >= 0)) + throw new ArgumentException("must be >= 0 iff 'binders' are present", "bindersSize"); + + this.m_identities = identities; + this.m_binders = binders; + this.m_bindersSize = bindersSize; + } + + public IList Binders + { + get { return m_binders; } + } + + public int BindersSize + { + get { return m_bindersSize; } + } + + public IList Identities + { + get { return m_identities; } + } + + public int GetIndexOfIdentity(PskIdentity pskIdentity) + { + for (int i = 0, count = m_identities.Count; i < count; ++i) + { + if (pskIdentity.Equals(m_identities[i])) + return i; + } + return -1; + } + + /// + public void Encode(Stream output) + { + // identities + { + int lengthOfIdentitiesList = 0; + foreach (PskIdentity identity in m_identities) + { + lengthOfIdentitiesList += identity.GetEncodedLength(); + } + + TlsUtilities.CheckUint16(lengthOfIdentitiesList); + TlsUtilities.WriteUint16(lengthOfIdentitiesList, output); + + foreach (PskIdentity identity in m_identities) + { + identity.Encode(output); + } + } + + // binders + if (null != m_binders) + { + int lengthOfBindersList = 0; + foreach (byte[] binder in m_binders) + { + lengthOfBindersList += 1 + binder.Length; + } + + TlsUtilities.CheckUint16(lengthOfBindersList); + TlsUtilities.WriteUint16(lengthOfBindersList, output); + + foreach (byte[] binder in m_binders) + { + TlsUtilities.WriteOpaque8(binder, output); + } + } + } + + /// + internal static void EncodeBinders(Stream output, TlsCrypto crypto, TlsHandshakeHash handshakeHash, + BindersConfig bindersConfig) + { + TlsPsk[] psks = bindersConfig.m_psks; + TlsSecret[] earlySecrets = bindersConfig.m_earlySecrets; + int expectedLengthOfBindersList = bindersConfig.m_bindersSize - 2; + + TlsUtilities.CheckUint16(expectedLengthOfBindersList); + TlsUtilities.WriteUint16(expectedLengthOfBindersList, output); + + int lengthOfBindersList = 0; + for (int i = 0; i < psks.Length; ++i) + { + TlsPsk psk = psks[i]; + TlsSecret earlySecret = earlySecrets[i]; + + // TODO[tls13-psk] Handle resumption PSKs + bool isExternalPsk = true; + int pskCryptoHashAlgorithm = TlsCryptoUtilities.GetHashForPrf(psk.PrfAlgorithm); + + // TODO[tls13-psk] Cache the transcript hashes per algorithm to avoid duplicates for multiple PSKs + TlsHash hash = crypto.CreateHash(pskCryptoHashAlgorithm); + handshakeHash.CopyBufferTo(new TlsHashSink(hash)); + byte[] transcriptHash = hash.CalculateHash(); + + byte[] binder = TlsUtilities.CalculatePskBinder(crypto, isExternalPsk, pskCryptoHashAlgorithm, + earlySecret, transcriptHash); + + lengthOfBindersList += 1 + binder.Length; + TlsUtilities.WriteOpaque8(binder, output); + } + + if (expectedLengthOfBindersList != lengthOfBindersList) + throw new TlsFatalAlert(AlertDescription.internal_error); + } + + /// + internal static int GetBindersSize(TlsPsk[] psks) + { + int lengthOfBindersList = 0; + for (int i = 0; i < psks.Length; ++i) + { + TlsPsk psk = psks[i]; + + int prfAlgorithm = psk.PrfAlgorithm; + int prfCryptoHashAlgorithm = TlsCryptoUtilities.GetHashForPrf(prfAlgorithm); + + lengthOfBindersList += 1 + TlsCryptoUtilities.GetHashOutputSize(prfCryptoHashAlgorithm); + } + TlsUtilities.CheckUint16(lengthOfBindersList); + return 2 + lengthOfBindersList; + } + + /// + public static OfferedPsks Parse(Stream input) + { + IList identities = Platform.CreateArrayList(); + { + int totalLengthIdentities = TlsUtilities.ReadUint16(input); + if (totalLengthIdentities < 7) + throw new TlsFatalAlert(AlertDescription.decode_error); + + byte[] identitiesData = TlsUtilities.ReadFully(totalLengthIdentities, input); + MemoryStream buf = new MemoryStream(identitiesData, false); + do + { + PskIdentity identity = PskIdentity.Parse(buf); + identities.Add(identity); + } + while (buf.Position < buf.Length); + } + + IList binders = Platform.CreateArrayList(); + int totalLengthBinders = TlsUtilities.ReadUint16(input); + { + if (totalLengthBinders < 33) + throw new TlsFatalAlert(AlertDescription.decode_error); + + byte[] bindersData = TlsUtilities.ReadFully(totalLengthBinders, input); + MemoryStream buf = new MemoryStream(bindersData, false); + do + { + byte[] binder = TlsUtilities.ReadOpaque8(buf, 32); + binders.Add(binder); + } + while (buf.Position < buf.Length); + } + + return new OfferedPsks(identities, binders, 2 + totalLengthBinders); + } + } +} diff --git a/BouncyCastle/crypto/src/tls/PrfAlgorithm.cs b/BouncyCastle/crypto/src/tls/PrfAlgorithm.cs new file mode 100644 index 0000000..ec9c2f2 --- /dev/null +++ b/BouncyCastle/crypto/src/tls/PrfAlgorithm.cs @@ -0,0 +1,49 @@ +using System; + +namespace Org.BouncyCastle.Tls +{ + /// RFC 5246 + /// + /// Note that the values here are implementation-specific and arbitrary. It is recommended not to depend on the + /// particular values (e.g. serialization). + /// + public abstract class PrfAlgorithm + { + public const int ssl_prf_legacy = 0; + public const int tls_prf_legacy = 1; + public const int tls_prf_sha256 = 2; + public const int tls_prf_sha384 = 3; + public const int tls13_hkdf_sha256 = 4; + public const int tls13_hkdf_sha384 = 5; + //public const int tls13_hkdf_sha512 = 6; + public const int tls13_hkdf_sm3 = 7; + + public static string GetName(int prfAlgorithm) + { + switch (prfAlgorithm) + { + case ssl_prf_legacy: + return "ssl_prf_legacy"; + case tls_prf_legacy: + return "tls_prf_legacy"; + case tls_prf_sha256: + return "tls_prf_sha256"; + case tls_prf_sha384: + return "tls_prf_sha384"; + case tls13_hkdf_sha256: + return "tls13_hkdf_sha256"; + case tls13_hkdf_sha384: + return "tls13_hkdf_sha384"; + case tls13_hkdf_sm3: + return "tls13_hkdf_sm3"; + default: + return "UNKNOWN"; + } + } + + public static string GetText(int prfAlgorithm) + { + return GetName(prfAlgorithm) + "(" + prfAlgorithm + ")"; + } + } +} diff --git a/BouncyCastle/crypto/src/tls/ProtocolName.cs b/BouncyCastle/crypto/src/tls/ProtocolName.cs new file mode 100644 index 0000000..529e81b --- /dev/null +++ b/BouncyCastle/crypto/src/tls/ProtocolName.cs @@ -0,0 +1,88 @@ +using System; +using System.IO; + +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Tls +{ + /// RFC 7301 Represents a protocol name for use with ALPN. + public sealed class ProtocolName + { + public static ProtocolName AsRawBytes(byte[] bytes) + { + return new ProtocolName(Arrays.Clone(bytes)); + } + + public static ProtocolName AsUtf8Encoding(String name) + { + return new ProtocolName(Strings.ToUtf8ByteArray(name)); + } + + public static readonly ProtocolName Http_1_1 = AsUtf8Encoding("http/1.1"); + public static readonly ProtocolName Spdy_1 = AsUtf8Encoding("spdy/1"); + public static readonly ProtocolName Spdy_2 = AsUtf8Encoding("spdy/2"); + public static readonly ProtocolName Spdy_3 = AsUtf8Encoding("spdy/3"); + public static readonly ProtocolName Stun_Turn = AsUtf8Encoding("stun.turn"); + public static readonly ProtocolName Stun_Nat_Discovery = AsUtf8Encoding("stun.nat-discovery"); + public static readonly ProtocolName Http_2_Tls = AsUtf8Encoding("h2"); + public static readonly ProtocolName Http_2_Tcp = AsUtf8Encoding("h2c"); + public static readonly ProtocolName WebRtc = AsUtf8Encoding("webrtc"); + public static readonly ProtocolName WebRtc_Confidential = AsUtf8Encoding("c-webrtc"); + public static readonly ProtocolName Ftp = AsUtf8Encoding("ftp"); + public static readonly ProtocolName Imap = AsUtf8Encoding("imap"); + public static readonly ProtocolName Pop3 = AsUtf8Encoding("pop3"); + public static readonly ProtocolName ManageSieve = AsUtf8Encoding("managesieve"); + public static readonly ProtocolName Coap = AsUtf8Encoding("coap"); + public static readonly ProtocolName Xmpp_Client = AsUtf8Encoding("xmpp-client"); + public static readonly ProtocolName Xmpp_Server = AsUtf8Encoding("xmpp-server"); + + private readonly byte[] m_bytes; + + private ProtocolName(byte[] bytes) + { + if (bytes == null) + throw new ArgumentNullException("bytes"); + if (bytes.Length < 1 || bytes.Length > 255) + throw new ArgumentException("must have length from 1 to 255", "bytes"); + + this.m_bytes = bytes; + } + + public byte[] GetBytes() + { + return Arrays.Clone(m_bytes); + } + + public string GetUtf8Decoding() + { + return Strings.FromUtf8ByteArray(m_bytes); + } + + /// Encode this to a . + /// the to encode to. + /// + public void Encode(Stream output) + { + TlsUtilities.WriteOpaque8(m_bytes, output); + } + + /// Parse a from a . + /// the to parse from. + /// a object. + /// + public static ProtocolName Parse(Stream input) + { + return new ProtocolName(TlsUtilities.ReadOpaque8(input, 1)); + } + + public override bool Equals(object obj) + { + return obj is ProtocolName && Arrays.AreEqual(m_bytes, ((ProtocolName)obj).m_bytes); + } + + public override int GetHashCode() + { + return Arrays.GetHashCode(m_bytes); + } + } +} diff --git a/BouncyCastle/crypto/src/tls/ProtocolVersion.cs b/BouncyCastle/crypto/src/tls/ProtocolVersion.cs new file mode 100644 index 0000000..f37ce38 --- /dev/null +++ b/BouncyCastle/crypto/src/tls/ProtocolVersion.cs @@ -0,0 +1,406 @@ +using System; +using System.Collections; + +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Tls +{ + public sealed class ProtocolVersion + { + public static readonly ProtocolVersion SSLv3 = new ProtocolVersion(0x0300, "SSL 3.0"); + public static readonly ProtocolVersion TLSv10 = new ProtocolVersion(0x0301, "TLS 1.0"); + public static readonly ProtocolVersion TLSv11 = new ProtocolVersion(0x0302, "TLS 1.1"); + public static readonly ProtocolVersion TLSv12 = new ProtocolVersion(0x0303, "TLS 1.2"); + public static readonly ProtocolVersion TLSv13 = new ProtocolVersion(0x0304, "TLS 1.3"); + public static readonly ProtocolVersion DTLSv10 = new ProtocolVersion(0xFEFF, "DTLS 1.0"); + public static readonly ProtocolVersion DTLSv12 = new ProtocolVersion(0xFEFD, "DTLS 1.2"); + + internal static readonly ProtocolVersion CLIENT_EARLIEST_SUPPORTED_DTLS = DTLSv10; + internal static readonly ProtocolVersion CLIENT_EARLIEST_SUPPORTED_TLS = SSLv3; + internal static readonly ProtocolVersion CLIENT_LATEST_SUPPORTED_DTLS = DTLSv12; + internal static readonly ProtocolVersion CLIENT_LATEST_SUPPORTED_TLS = TLSv13; + + internal static readonly ProtocolVersion SERVER_EARLIEST_SUPPORTED_DTLS = DTLSv10; + internal static readonly ProtocolVersion SERVER_EARLIEST_SUPPORTED_TLS = SSLv3; + internal static readonly ProtocolVersion SERVER_LATEST_SUPPORTED_DTLS = DTLSv12; + internal static readonly ProtocolVersion SERVER_LATEST_SUPPORTED_TLS = TLSv13; + + public static bool Contains(ProtocolVersion[] versions, ProtocolVersion version) + { + if (versions != null && version != null) + { + for (int i = 0; i < versions.Length; ++i) + { + if (version.Equals(versions[i])) + return true; + } + } + return false; + } + + public static ProtocolVersion GetEarliestDtls(ProtocolVersion[] versions) + { + ProtocolVersion earliest = null; + if (null != versions) + { + for (int i = 0; i < versions.Length; ++i) + { + ProtocolVersion next = versions[i]; + if (null != next && next.IsDtls) + { + if (null == earliest || next.MinorVersion > earliest.MinorVersion) + { + earliest = next; + } + } + } + } + return earliest; + } + + public static ProtocolVersion GetEarliestTls(ProtocolVersion[] versions) + { + ProtocolVersion earliest = null; + if (null != versions) + { + for (int i = 0; i < versions.Length; ++i) + { + ProtocolVersion next = versions[i]; + if (null != next && next.IsTls) + { + if (null == earliest || next.MinorVersion < earliest.MinorVersion) + { + earliest = next; + } + } + } + } + return earliest; + } + + public static ProtocolVersion GetLatestDtls(ProtocolVersion[] versions) + { + ProtocolVersion latest = null; + if (null != versions) + { + for (int i = 0; i < versions.Length; ++i) + { + ProtocolVersion next = versions[i]; + if (null != next && next.IsDtls) + { + if (null == latest || next.MinorVersion < latest.MinorVersion) + { + latest = next; + } + } + } + } + return latest; + } + + public static ProtocolVersion GetLatestTls(ProtocolVersion[] versions) + { + ProtocolVersion latest = null; + if (null != versions) + { + for (int i = 0; i < versions.Length; ++i) + { + ProtocolVersion next = versions[i]; + if (null != next && next.IsTls) + { + if (null == latest || next.MinorVersion > latest.MinorVersion) + { + latest = next; + } + } + } + } + return latest; + } + + internal static bool IsSupportedDtlsVersionClient(ProtocolVersion version) + { + return null != version + && version.IsEqualOrLaterVersionOf(CLIENT_EARLIEST_SUPPORTED_DTLS) + && version.IsEqualOrEarlierVersionOf(CLIENT_LATEST_SUPPORTED_DTLS); + } + + internal static bool IsSupportedDtlsVersionServer(ProtocolVersion version) + { + return null != version + && version.IsEqualOrLaterVersionOf(SERVER_EARLIEST_SUPPORTED_DTLS) + && version.IsEqualOrEarlierVersionOf(SERVER_LATEST_SUPPORTED_DTLS); + } + + internal static bool IsSupportedTlsVersionClient(ProtocolVersion version) + { + if (null == version) + return false; + + int fullVersion = version.FullVersion; + + return fullVersion >= CLIENT_EARLIEST_SUPPORTED_TLS.FullVersion + && fullVersion <= CLIENT_LATEST_SUPPORTED_TLS.FullVersion; + } + + internal static bool IsSupportedTlsVersionServer(ProtocolVersion version) + { + if (null == version) + return false; + + int fullVersion = version.FullVersion; + + return fullVersion >= SERVER_EARLIEST_SUPPORTED_TLS.FullVersion + && fullVersion <= SERVER_LATEST_SUPPORTED_TLS.FullVersion; + } + + private readonly int version; + private readonly string name; + + private ProtocolVersion(int v, string name) + { + this.version = v & 0xFFFF; + this.name = name; + } + + public ProtocolVersion[] DownTo(ProtocolVersion min) + { + if (!IsEqualOrLaterVersionOf(min)) + throw new ArgumentException("must be an equal or earlier version of this one", "min"); + + IList result = Platform.CreateArrayList(); + result.Add(this); + + ProtocolVersion current = this; + while (!current.Equals(min)) + { + current = current.GetPreviousVersion(); + result.Add(current); + } + + ProtocolVersion[] versions = new ProtocolVersion[result.Count]; + for (int i = 0; i < result.Count; ++i) + { + versions[i] = (ProtocolVersion)result[i]; + } + return versions; + } + + public int FullVersion + { + get { return version; } + } + + public int MajorVersion + { + get { return version >> 8; } + } + + public int MinorVersion + { + get { return version & 0xFF; } + } + + public string Name + { + get { return name; } + } + + public bool IsDtls + { + get { return MajorVersion == 0xFE; } + } + + public bool IsSsl + { + get { return this == SSLv3; } + } + + public bool IsTls + { + get { return MajorVersion == 0x03; } + } + + public ProtocolVersion GetEquivalentTlsVersion() + { + switch (MajorVersion) + { + case 0x03: + return this; + case 0xFE: + switch (MinorVersion) + { + case 0xFF: return TLSv11; + case 0xFD: return TLSv12; + default: return null; + } + default: + return null; + } + } + + public ProtocolVersion GetNextVersion() + { + int major = MajorVersion, minor = MinorVersion; + switch (major) + { + case 0x03: + switch (minor) + { + case 0xFF: return null; + default: return Get(major, minor + 1); + } + case 0xFE: + switch (minor) + { + case 0x00: return null; + case 0xFF: return DTLSv12; + default: return Get(major, minor - 1); + } + default: + return null; + } + } + + public ProtocolVersion GetPreviousVersion() + { + int major = MajorVersion, minor = MinorVersion; + switch (major) + { + case 0x03: + switch (minor) + { + case 0x00: return null; + default: return Get(major, minor - 1); + } + case 0xFE: + switch (minor) + { + case 0xFF: return null; + case 0xFD: return DTLSv10; + default: return Get(major, minor + 1); + } + default: + return null; + } + } + + public bool IsEarlierVersionOf(ProtocolVersion version) + { + if (null == version || MajorVersion != version.MajorVersion) + return false; + + int diffMinorVersion = MinorVersion - version.MinorVersion; + return IsDtls ? diffMinorVersion > 0 : diffMinorVersion < 0; + } + + public bool IsEqualOrEarlierVersionOf(ProtocolVersion version) + { + if (null == version || MajorVersion != version.MajorVersion) + return false; + + int diffMinorVersion = MinorVersion - version.MinorVersion; + return IsDtls ? diffMinorVersion >= 0 : diffMinorVersion <= 0; + } + + public bool IsEqualOrLaterVersionOf(ProtocolVersion version) + { + if (null == version || MajorVersion != version.MajorVersion) + return false; + + int diffMinorVersion = MinorVersion - version.MinorVersion; + return IsDtls ? diffMinorVersion <= 0 : diffMinorVersion >= 0; + } + + public bool IsLaterVersionOf(ProtocolVersion version) + { + if (null == version || MajorVersion != version.MajorVersion) + return false; + + int diffMinorVersion = MinorVersion - version.MinorVersion; + return IsDtls ? diffMinorVersion < 0 : diffMinorVersion > 0; + } + + public override bool Equals(object other) + { + return this == other || (other is ProtocolVersion && Equals((ProtocolVersion)other)); + } + + public bool Equals(ProtocolVersion other) + { + return other != null && this.version == other.version; + } + + public override int GetHashCode() + { + return version; + } + + public static ProtocolVersion Get(int major, int minor) + { + switch (major) + { + case 0x03: + { + switch (minor) + { + case 0x00: + return SSLv3; + case 0x01: + return TLSv10; + case 0x02: + return TLSv11; + case 0x03: + return TLSv12; + case 0x04: + return TLSv13; + } + return GetUnknownVersion(major, minor, "TLS"); + } + case 0xFE: + { + switch (minor) + { + case 0xFF: + return DTLSv10; + case 0xFE: + throw new ArgumentException("{0xFE, 0xFE} is a reserved protocol version"); + case 0xFD: + return DTLSv12; + } + return GetUnknownVersion(major, minor, "DTLS"); + } + default: + { + return GetUnknownVersion(major, minor, "UNKNOWN"); + } + } + } + + public ProtocolVersion[] Only() + { + return new ProtocolVersion[]{ this }; + } + + public override string ToString() + { + return name; + } + + private static void CheckUint8(int versionOctet) + { + if (!TlsUtilities.IsValidUint8(versionOctet)) + throw new ArgumentException("not a valid octet", "versionOctet"); + } + + private static ProtocolVersion GetUnknownVersion(int major, int minor, string prefix) + { + CheckUint8(major); + CheckUint8(minor); + + int v = (major << 8) | minor; + string hex = Platform.ToUpperInvariant(Convert.ToString(0x10000 | v, 16).Substring(1)); + return new ProtocolVersion(v, prefix + " 0x" + hex); + } + } +} diff --git a/BouncyCastle/crypto/src/tls/PskIdentity.cs b/BouncyCastle/crypto/src/tls/PskIdentity.cs new file mode 100644 index 0000000..1887d0a --- /dev/null +++ b/BouncyCastle/crypto/src/tls/PskIdentity.cs @@ -0,0 +1,69 @@ +using System; +using System.IO; + +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Tls +{ + public sealed class PskIdentity + { + private readonly byte[] m_identity; + private readonly long m_obfuscatedTicketAge; + + public PskIdentity(byte[] identity, long obfuscatedTicketAge) + { + if (null == identity) + throw new ArgumentNullException("identity"); + if (identity.Length < 1 || !TlsUtilities.IsValidUint16(identity.Length)) + throw new ArgumentException("should have length from 1 to 65535", "identity"); + if (!TlsUtilities.IsValidUint32(obfuscatedTicketAge)) + throw new ArgumentException("should be a uint32", "obfuscatedTicketAge"); + + this.m_identity = identity; + this.m_obfuscatedTicketAge = obfuscatedTicketAge; + } + + public int GetEncodedLength() + { + return 6 + m_identity.Length; + } + + public byte[] Identity + { + get { return m_identity; } + } + + public long ObfuscatedTicketAge + { + get { return m_obfuscatedTicketAge; } + } + + public void Encode(Stream output) + { + TlsUtilities.WriteOpaque16(Identity, output); + TlsUtilities.WriteUint32(ObfuscatedTicketAge, output); + } + + public static PskIdentity Parse(Stream input) + { + byte[] identity = TlsUtilities.ReadOpaque16(input, 1); + long obfuscatedTicketAge = TlsUtilities.ReadUint32(input); + return new PskIdentity(identity, obfuscatedTicketAge); + } + + public override bool Equals(object obj) + { + PskIdentity that = obj as PskIdentity; + if (null == that) + return false; + + return this.m_obfuscatedTicketAge == that.m_obfuscatedTicketAge + && Arrays.ConstantTimeAreEqual(this.m_identity, that.m_identity); + } + + public override int GetHashCode() + { + return Arrays.GetHashCode(m_identity) ^ m_obfuscatedTicketAge.GetHashCode(); + } + } +} diff --git a/BouncyCastle/crypto/src/tls/PskKeyExchangeMode.cs b/BouncyCastle/crypto/src/tls/PskKeyExchangeMode.cs new file mode 100644 index 0000000..565745b --- /dev/null +++ b/BouncyCastle/crypto/src/tls/PskKeyExchangeMode.cs @@ -0,0 +1,32 @@ +using System; + +namespace Org.BouncyCastle.Tls +{ + public abstract class PskKeyExchangeMode + { + /* + * RFC 8446 + */ + + public const short psk_ke = 0; + public const short psk_dhe_ke = 1; + + public static string GetName(short pskKeyExchangeMode) + { + switch (pskKeyExchangeMode) + { + case psk_ke: + return "psk_ke"; + case psk_dhe_ke: + return "psk_dhe_ke"; + default: + return "UNKNOWN"; + } + } + + public static string GetText(short pskKeyExchangeMode) + { + return GetName(pskKeyExchangeMode) + "(" + pskKeyExchangeMode + ")"; + } + } +} diff --git a/BouncyCastle/crypto/src/tls/PskTlsClient.cs b/BouncyCastle/crypto/src/tls/PskTlsClient.cs new file mode 100644 index 0000000..3e9a003 --- /dev/null +++ b/BouncyCastle/crypto/src/tls/PskTlsClient.cs @@ -0,0 +1,60 @@ +using System; +using System.IO; + +using Org.BouncyCastle.Tls.Crypto; + +namespace Org.BouncyCastle.Tls +{ + public class PskTlsClient + : AbstractTlsClient + { + private static readonly int[] DefaultCipherSuites = new int[] + { + CipherSuite.TLS_ECDHE_PSK_WITH_CHACHA20_POLY1305_SHA256, + CipherSuite.TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256, + CipherSuite.TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA, + CipherSuite.TLS_DHE_PSK_WITH_CHACHA20_POLY1305_SHA256, + CipherSuite.TLS_DHE_PSK_WITH_AES_128_GCM_SHA256, + CipherSuite.TLS_DHE_PSK_WITH_AES_128_CBC_SHA256, + CipherSuite.TLS_DHE_PSK_WITH_AES_128_CBC_SHA + }; + + protected readonly TlsPskIdentity m_pskIdentity; + + public PskTlsClient(TlsCrypto crypto, byte[] identity, byte[] psk) + : this(crypto, new BasicTlsPskIdentity(identity, psk)) + { + } + + public PskTlsClient(TlsCrypto crypto, TlsPskIdentity pskIdentity) + : base(crypto) + { + this.m_pskIdentity = pskIdentity; + } + + protected override ProtocolVersion[] GetSupportedVersions() + { + return ProtocolVersion.TLSv12.DownTo(ProtocolVersion.TLSv10); + } + + protected override int[] GetSupportedCipherSuites() + { + return TlsUtilities.GetSupportedCipherSuites(Crypto, DefaultCipherSuites); + } + + public override TlsPskIdentity GetPskIdentity() + { + return m_pskIdentity; + } + + /// + public override TlsAuthentication GetAuthentication() + { + /* + * Note: This method is not called unless a server certificate is sent, which may be the + * case e.g. for RSA_PSK key exchange. + */ + throw new TlsFatalAlert(AlertDescription.internal_error); + } + } +} diff --git a/BouncyCastle/crypto/src/tls/PskTlsServer.cs b/BouncyCastle/crypto/src/tls/PskTlsServer.cs new file mode 100644 index 0000000..7197b6a --- /dev/null +++ b/BouncyCastle/crypto/src/tls/PskTlsServer.cs @@ -0,0 +1,76 @@ +using System; +using System.IO; + +using Org.BouncyCastle.Tls.Crypto; + +namespace Org.BouncyCastle.Tls +{ + public class PskTlsServer + : AbstractTlsServer + { + private static readonly int[] DefaultCipherSuites = new int[] + { + CipherSuite.TLS_ECDHE_PSK_WITH_CHACHA20_POLY1305_SHA256, + CipherSuite.TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384, + CipherSuite.TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256, + CipherSuite.TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA, + CipherSuite.TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA, + CipherSuite.TLS_DHE_PSK_WITH_CHACHA20_POLY1305_SHA256, + CipherSuite.TLS_DHE_PSK_WITH_AES_256_GCM_SHA384, + CipherSuite.TLS_DHE_PSK_WITH_AES_128_GCM_SHA256, + CipherSuite.TLS_DHE_PSK_WITH_AES_256_CBC_SHA384, + CipherSuite.TLS_DHE_PSK_WITH_AES_128_CBC_SHA256, + CipherSuite.TLS_DHE_PSK_WITH_AES_256_CBC_SHA, + CipherSuite.TLS_DHE_PSK_WITH_AES_128_CBC_SHA + }; + + protected readonly TlsPskIdentityManager m_pskIdentityManager; + + public PskTlsServer(TlsCrypto crypto, TlsPskIdentityManager pskIdentityManager) + : base(crypto) + { + this.m_pskIdentityManager = pskIdentityManager; + } + + /// + protected virtual TlsCredentialedDecryptor GetRsaEncryptionCredentials() + { + throw new TlsFatalAlert(AlertDescription.internal_error); + } + + protected override ProtocolVersion[] GetSupportedVersions() + { + return ProtocolVersion.TLSv12.DownTo(ProtocolVersion.TLSv10); + } + + protected override int[] GetSupportedCipherSuites() + { + return TlsUtilities.GetSupportedCipherSuites(Crypto, DefaultCipherSuites); + } + + public override TlsCredentials GetCredentials() + { + int keyExchangeAlgorithm = m_context.SecurityParameters.KeyExchangeAlgorithm; + + switch (keyExchangeAlgorithm) + { + case KeyExchangeAlgorithm.DHE_PSK: + case KeyExchangeAlgorithm.ECDHE_PSK: + case KeyExchangeAlgorithm.PSK: + return null; + + case KeyExchangeAlgorithm.RSA_PSK: + return GetRsaEncryptionCredentials(); + + default: + // Note: internal error here; selected a key exchange we don't implement! + throw new TlsFatalAlert(AlertDescription.internal_error); + } + } + + public override TlsPskIdentityManager GetPskIdentityManager() + { + return m_pskIdentityManager; + } + } +} diff --git a/BouncyCastle/crypto/src/tls/RecordFormat.cs b/BouncyCastle/crypto/src/tls/RecordFormat.cs new file mode 100644 index 0000000..3bc0469 --- /dev/null +++ b/BouncyCastle/crypto/src/tls/RecordFormat.cs @@ -0,0 +1,12 @@ +using System; + +namespace Org.BouncyCastle.Tls +{ + public abstract class RecordFormat + { + public const int TypeOffset = 0; + public const int VersionOffset = 1; + public const int LengthOffset = 3; + public const int FragmentOffset = 5; + } +} diff --git a/BouncyCastle/crypto/src/tls/RecordPreview.cs b/BouncyCastle/crypto/src/tls/RecordPreview.cs new file mode 100644 index 0000000..a0abb0f --- /dev/null +++ b/BouncyCastle/crypto/src/tls/RecordPreview.cs @@ -0,0 +1,36 @@ +using System; + +namespace Org.BouncyCastle.Tls +{ + public sealed class RecordPreview + { + private readonly int recordSize; + private readonly int contentLimit; + + internal static RecordPreview CombineAppData(RecordPreview a, RecordPreview b) + { + return new RecordPreview(a.RecordSize + b.RecordSize, a.ContentLimit + b.ContentLimit); + } + + internal static RecordPreview ExtendRecordSize(RecordPreview a, int recordSize) + { + return new RecordPreview(a.RecordSize + recordSize, a.ContentLimit); + } + + internal RecordPreview(int recordSize, int contentLimit) + { + this.recordSize = recordSize; + this.contentLimit = contentLimit; + } + + public int ContentLimit + { + get { return contentLimit; } + } + + public int RecordSize + { + get { return recordSize; } + } + } +} diff --git a/BouncyCastle/crypto/src/tls/RecordStream.cs b/BouncyCastle/crypto/src/tls/RecordStream.cs new file mode 100644 index 0000000..a97d346 --- /dev/null +++ b/BouncyCastle/crypto/src/tls/RecordStream.cs @@ -0,0 +1,533 @@ +using System; +using System.Diagnostics; +using System.IO; + +using Org.BouncyCastle.Tls.Crypto; +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Tls +{ + /// An implementation of the TLS 1.0/1.1/1.2 record layer. + internal sealed class RecordStream + { + private const int DefaultPlaintextLimit = (1 << 14); + + private readonly Record m_inputRecord = new Record(); + private readonly SequenceNumber m_readSeqNo = new SequenceNumber(), m_writeSeqNo = new SequenceNumber(); + + private readonly TlsProtocol m_handler; + private readonly Stream m_input; + private readonly Stream m_output; + + private TlsCipher m_pendingCipher = null; + private TlsCipher m_readCipher = TlsNullNullCipher.Instance; + private TlsCipher m_readCipherDeferred = null; + private TlsCipher m_writeCipher = TlsNullNullCipher.Instance; + + private ProtocolVersion m_writeVersion = null; + + private int m_plaintextLimit = DefaultPlaintextLimit; + private int m_ciphertextLimit = DefaultPlaintextLimit; + private bool m_ignoreChangeCipherSpec = false; + + internal RecordStream(TlsProtocol handler, Stream input, Stream output) + { + this.m_handler = handler; + this.m_input = input; + this.m_output = output; + } + + internal int PlaintextLimit + { + get { return m_plaintextLimit; } + } + + internal void SetPlaintextLimit(int plaintextLimit) + { + this.m_plaintextLimit = plaintextLimit; + this.m_ciphertextLimit = m_readCipher.GetCiphertextDecodeLimit(plaintextLimit); + } + + internal void SetWriteVersion(ProtocolVersion writeVersion) + { + this.m_writeVersion = writeVersion; + } + + internal void SetIgnoreChangeCipherSpec(bool ignoreChangeCipherSpec) + { + this.m_ignoreChangeCipherSpec = ignoreChangeCipherSpec; + } + + internal void SetPendingCipher(TlsCipher tlsCipher) + { + this.m_pendingCipher = tlsCipher; + } + + /// + internal void NotifyChangeCipherSpecReceived() + { + if (m_pendingCipher == null) + throw new TlsFatalAlert(AlertDescription.unexpected_message, "No pending cipher"); + + EnablePendingCipherRead(false); + } + + /// + internal void EnablePendingCipherRead(bool deferred) + { + if (m_pendingCipher == null) + throw new TlsFatalAlert(AlertDescription.internal_error); + + if (m_readCipherDeferred != null) + throw new TlsFatalAlert(AlertDescription.internal_error); + + if (deferred) + { + this.m_readCipherDeferred = m_pendingCipher; + } + else + { + this.m_readCipher = m_pendingCipher; + this.m_ciphertextLimit = m_readCipher.GetCiphertextDecodeLimit(m_plaintextLimit); + m_readSeqNo.Reset(); + } + } + + /// + internal void EnablePendingCipherWrite() + { + if (m_pendingCipher == null) + throw new TlsFatalAlert(AlertDescription.internal_error); + + this.m_writeCipher = this.m_pendingCipher; + m_writeSeqNo.Reset(); + } + + /// + internal void FinaliseHandshake() + { + if (m_readCipher != m_pendingCipher || m_writeCipher != m_pendingCipher) + throw new TlsFatalAlert(AlertDescription.handshake_failure); + + this.m_pendingCipher = null; + } + + internal bool NeedsKeyUpdate() + { + return m_writeSeqNo.CurrentValue >= (1L << 20); + } + + /// + internal void NotifyKeyUpdateReceived() + { + m_readCipher.RekeyDecoder(); + m_readSeqNo.Reset(); + } + + /// + internal void NotifyKeyUpdateSent() + { + m_writeCipher.RekeyEncoder(); + m_writeSeqNo.Reset(); + } + + /// + internal RecordPreview PreviewRecordHeader(byte[] recordHeader) + { + short recordType = CheckRecordType(recordHeader, RecordFormat.TypeOffset); + + //ProtocolVersion recordVersion = TlsUtilities.ReadVersion(recordHeader, RecordFormat.VersionOffset); + + int length = TlsUtilities.ReadUint16(recordHeader, RecordFormat.LengthOffset); + + CheckLength(length, m_ciphertextLimit, AlertDescription.record_overflow); + + int recordSize = RecordFormat.FragmentOffset + length; + int applicationDataLimit = 0; + + // NOTE: For TLS 1.3, this only MIGHT be application data + if (ContentType.application_data == recordType && m_handler.IsApplicationDataReady) + { + applicationDataLimit = System.Math.Max(0, System.Math.Min(m_plaintextLimit, + m_readCipher.GetPlaintextLimit(length))); + } + + return new RecordPreview(recordSize, applicationDataLimit); + } + + internal RecordPreview PreviewOutputRecord(int contentLength) + { + int contentLimit = System.Math.Max(0, System.Math.Min(m_plaintextLimit, contentLength)); + int recordSize = PreviewOutputRecordSize(contentLimit); + return new RecordPreview(recordSize, contentLimit); + } + + internal int PreviewOutputRecordSize(int contentLength) + { + Debug.Assert(contentLength <= m_plaintextLimit); + + return RecordFormat.FragmentOffset + m_writeCipher.GetCiphertextEncodeLimit(contentLength, m_plaintextLimit); + } + + /// + internal bool ReadFullRecord(byte[] input, int inputOff, int inputLen) + { + if (inputLen < RecordFormat.FragmentOffset) + return false; + + int length = TlsUtilities.ReadUint16(input, inputOff + RecordFormat.LengthOffset); + if (inputLen != (RecordFormat.FragmentOffset + length)) + return false; + + short recordType = CheckRecordType(input, inputOff + RecordFormat.TypeOffset); + + ProtocolVersion recordVersion = TlsUtilities.ReadVersion(input, inputOff + RecordFormat.VersionOffset); + + CheckLength(length, m_ciphertextLimit, AlertDescription.record_overflow); + + if (m_ignoreChangeCipherSpec && ContentType.change_cipher_spec == recordType) + { + CheckChangeCipherSpec(input, inputOff + RecordFormat.FragmentOffset, length); + return true; + } + + TlsDecodeResult decoded = DecodeAndVerify(recordType, recordVersion, input, + inputOff + RecordFormat.FragmentOffset, length); + + m_handler.ProcessRecord(decoded.contentType, decoded.buf, decoded.off, decoded.len); + return true; + } + + /// + internal bool ReadRecord() + { + if (!m_inputRecord.ReadHeader(m_input)) + return false; + + short recordType = CheckRecordType(m_inputRecord.m_buf, RecordFormat.TypeOffset); + + ProtocolVersion recordVersion = TlsUtilities.ReadVersion(m_inputRecord.m_buf, RecordFormat.VersionOffset); + + int length = TlsUtilities.ReadUint16(m_inputRecord.m_buf, RecordFormat.LengthOffset); + + CheckLength(length, m_ciphertextLimit, AlertDescription.record_overflow); + + m_inputRecord.ReadFragment(m_input, length); + + TlsDecodeResult decoded; + try + { + if (m_ignoreChangeCipherSpec && ContentType.change_cipher_spec == recordType) + { + CheckChangeCipherSpec(m_inputRecord.m_buf, RecordFormat.FragmentOffset, length); + return true; + } + + decoded = DecodeAndVerify(recordType, recordVersion, m_inputRecord.m_buf, RecordFormat.FragmentOffset, + length); + } + finally + { + m_inputRecord.Reset(); + } + + m_handler.ProcessRecord(decoded.contentType, decoded.buf, decoded.off, decoded.len); + return true; + } + + /// + internal TlsDecodeResult DecodeAndVerify(short recordType, ProtocolVersion recordVersion, byte[] ciphertext, + int off, int len) + { + long seqNo = m_readSeqNo.NextValue(AlertDescription.unexpected_message); + TlsDecodeResult decoded = m_readCipher.DecodeCiphertext(seqNo, recordType, recordVersion, ciphertext, off, + len); + + CheckLength(decoded.len, m_plaintextLimit, AlertDescription.record_overflow); + + /* + * RFC 5246 6.2.1 Implementations MUST NOT send zero-length fragments of Handshake, Alert, + * or ChangeCipherSpec content types. + */ + if (decoded.len < 1 && decoded.contentType != ContentType.application_data) + throw new TlsFatalAlert(AlertDescription.illegal_parameter); + + return decoded; + } + + /// + internal void WriteRecord(short contentType, byte[] plaintext, int plaintextOffset, int plaintextLength) + { + // Never send anything until a valid ClientHello has been received + if (m_writeVersion == null) + return; + + /* + * RFC 5246 6.2.1 The length should not exceed 2^14. + */ + CheckLength(plaintextLength, m_plaintextLimit, AlertDescription.internal_error); + + /* + * RFC 5246 6.2.1 Implementations MUST NOT send zero-length fragments of Handshake, Alert, + * or ChangeCipherSpec content types. + */ + if (plaintextLength < 1 && contentType != ContentType.application_data) + throw new TlsFatalAlert(AlertDescription.internal_error); + + long seqNo = m_writeSeqNo.NextValue(AlertDescription.internal_error); + ProtocolVersion recordVersion = m_writeVersion; + + TlsEncodeResult encoded = m_writeCipher.EncodePlaintext(seqNo, contentType, recordVersion, + RecordFormat.FragmentOffset, plaintext, plaintextOffset, plaintextLength); + + int ciphertextLength = encoded.len - RecordFormat.FragmentOffset; + TlsUtilities.CheckUint16(ciphertextLength); + + TlsUtilities.WriteUint8(encoded.recordType, encoded.buf, encoded.off + RecordFormat.TypeOffset); + TlsUtilities.WriteVersion(recordVersion, encoded.buf, encoded.off + RecordFormat.VersionOffset); + TlsUtilities.WriteUint16(ciphertextLength, encoded.buf, encoded.off + RecordFormat.LengthOffset); + + // TODO[tls-port] Can we support interrupted IO on .NET? + //try + //{ + m_output.Write(encoded.buf, encoded.off, encoded.len); + //} + //catch (InterruptedIOException e) + //{ + // throw new TlsFatalAlert(AlertDescription.internal_error, e); + //} + + m_output.Flush(); + } + + /// + internal void Close() + { + m_inputRecord.Reset(); + + IOException io = null; + try + { + Platform.Dispose(m_input); + } + catch (IOException e) + { + io = e; + } + + try + { + Platform.Dispose(m_output); + } + catch (IOException e) + { + if (io == null) + { + io = e; + } + else + { + // TODO[tls] Available from JDK 7 + //io.addSuppressed(e); + } + } + + if (io != null) + throw io; + } + + /// + private void CheckChangeCipherSpec(byte[] buf, int off, int len) + { + if (1 != len || (byte)ChangeCipherSpec.change_cipher_spec != buf[off]) + { + throw new TlsFatalAlert(AlertDescription.unexpected_message, + "Malformed " + ContentType.GetText(ContentType.change_cipher_spec)); + } + } + + /// + private short CheckRecordType(byte[] buf, int off) + { + short recordType = TlsUtilities.ReadUint8(buf, off); + + if (null != m_readCipherDeferred && recordType == ContentType.application_data) + { + this.m_readCipher = m_readCipherDeferred; + this.m_readCipherDeferred = null; + this.m_ciphertextLimit = m_readCipher.GetCiphertextDecodeLimit(m_plaintextLimit); + m_readSeqNo.Reset(); + } + else if (m_readCipher.UsesOpaqueRecordType) + { + if (ContentType.application_data != recordType) + { + if (m_ignoreChangeCipherSpec && ContentType.change_cipher_spec == recordType) + { + // See RFC 8446 D.4. + } + else + { + throw new TlsFatalAlert(AlertDescription.unexpected_message, + "Opaque " + ContentType.GetText(recordType)); + } + } + } + else + { + switch (recordType) + { + case ContentType.application_data: + { + if (!m_handler.IsApplicationDataReady) + { + throw new TlsFatalAlert(AlertDescription.unexpected_message, + "Not ready for " + ContentType.GetText(ContentType.application_data)); + } + break; + } + case ContentType.alert: + case ContentType.change_cipher_spec: + case ContentType.handshake: + // case ContentType.heartbeat: + break; + default: + throw new TlsFatalAlert(AlertDescription.unexpected_message, + "Unsupported " + ContentType.GetText(recordType)); + } + } + + return recordType; + } + + /// + private static void CheckLength(int length, int limit, short alertDescription) + { + if (length > limit) + throw new TlsFatalAlert(alertDescription); + } + + private sealed class Record + { + private readonly byte[] m_header = new byte[RecordFormat.FragmentOffset]; + + internal volatile byte[] m_buf; + internal volatile int m_pos; + + internal Record() + { + this.m_buf = m_header; + this.m_pos = 0; + } + + /// + internal void FillTo(Stream input, int length) + { + while (m_pos < length) + { + // TODO[tls-port] Can we support interrupted IO on .NET? + //try + //{ + int numRead = input.Read(m_buf, m_pos, length - m_pos); + if (numRead < 1) + break; + + m_pos += numRead; + //} + //catch (InterruptedIOException e) + //{ + // /* + // * Although modifying the bytesTransferred doesn't seem ideal, it's the simplest + // * way to make sure we don't break client code that depends on the exact type, + // * e.g. in Apache's httpcomponents-core-4.4.9, BHttpConnectionBase.isStale + // * depends on the exception type being SocketTimeoutException (or a subclass). + // * + // * We can set to 0 here because the only relevant callstack (via + // * TlsProtocol.readApplicationData) only ever processes one non-empty record (so + // * interruption after partial output cannot occur). + // */ + // m_pos += e.bytesTransferred; + // e.bytesTransferred = 0; + // throw e; + //} + } + } + + /// + internal void ReadFragment(Stream input, int fragmentLength) + { + int recordLength = RecordFormat.FragmentOffset + fragmentLength; + Resize(recordLength); + FillTo(input, recordLength); + if (m_pos < recordLength) + throw new EndOfStreamException(); + } + + /// + internal bool ReadHeader(Stream input) + { + FillTo(input, RecordFormat.FragmentOffset); + if (m_pos == 0) + return false; + + if (m_pos < RecordFormat.FragmentOffset) + throw new EndOfStreamException(); + + return true; + } + + internal void Reset() + { + m_buf = m_header; + m_pos = 0; + } + + private void Resize(int length) + { + if (m_buf.Length < length) + { + byte[] tmp = new byte[length]; + Array.Copy(m_buf, 0, tmp, 0, m_pos); + m_buf = tmp; + } + } + } + + private sealed class SequenceNumber + { + private long m_value = 0L; + private bool m_exhausted = false; + + internal long CurrentValue + { + get { lock (this) return m_value; } + } + + /// + internal long NextValue(short alertDescription) + { + lock (this) + { + if (m_exhausted) + throw new TlsFatalAlert(alertDescription, "Sequence numbers exhausted"); + + long result = m_value; + if (++m_value == 0L) + { + this.m_exhausted = true; + } + return result; + } + } + + internal void Reset() + { + lock (this) + { + this.m_value = 0L; + this.m_exhausted = false; + } + } + } + } +} diff --git a/BouncyCastle/crypto/src/tls/SecurityParameters.cs b/BouncyCastle/crypto/src/tls/SecurityParameters.cs new file mode 100644 index 0000000..548e4a4 --- /dev/null +++ b/BouncyCastle/crypto/src/tls/SecurityParameters.cs @@ -0,0 +1,321 @@ +using System; +using System.Collections; + +using Org.BouncyCastle.Tls.Crypto; + +namespace Org.BouncyCastle.Tls +{ + public sealed class SecurityParameters + { + internal int m_entity = -1; + internal bool m_secureRenegotiation = false; + internal int m_cipherSuite = Tls.CipherSuite.TLS_NULL_WITH_NULL_NULL; + internal short m_maxFragmentLength = -1; + internal int m_prfAlgorithm = -1; + internal int m_prfCryptoHashAlgorithm = -1; + internal int m_prfHashLength = -1; + internal int m_verifyDataLength = -1; + internal TlsSecret m_baseKeyClient = null; + internal TlsSecret m_baseKeyServer = null; + internal TlsSecret m_earlyExporterMasterSecret = null; + internal TlsSecret m_earlySecret = null; + internal TlsSecret m_exporterMasterSecret = null; + internal TlsSecret m_handshakeSecret = null; + internal TlsSecret m_masterSecret = null; + internal TlsSecret m_trafficSecretClient = null; + internal TlsSecret m_trafficSecretServer = null; + internal byte[] m_clientRandom = null; + internal byte[] m_serverRandom = null; + internal byte[] m_sessionHash = null; + internal byte[] m_sessionID = null; + internal byte[] m_pskIdentity = null; + internal byte[] m_srpIdentity = null; + internal byte[] m_tlsServerEndPoint = null; + internal byte[] m_tlsUnique = null; + internal bool m_encryptThenMac = false; + internal bool m_extendedMasterSecret = false; + internal bool m_extendedPadding = false; + internal bool m_truncatedHmac = false; + internal ProtocolName m_applicationProtocol = null; + internal bool m_applicationProtocolSet = false; + internal short[] m_clientCertTypes = null; + internal IList m_clientServerNames = null; + internal IList m_clientSigAlgs = null; + internal IList m_clientSigAlgsCert = null; + internal int[] m_clientSupportedGroups = null; + internal IList m_serverSigAlgs = null; + internal IList m_serverSigAlgsCert = null; + internal int[] m_serverSupportedGroups = null; + internal int m_keyExchangeAlgorithm = -1; + internal Certificate m_localCertificate = null; + internal Certificate m_peerCertificate = null; + internal ProtocolVersion m_negotiatedVersion = null; + internal int m_statusRequestVersion = 0; + + // TODO[tls-ops] Investigate whether we can handle verify data using TlsSecret + internal byte[] m_localVerifyData = null; + internal byte[] m_peerVerifyData = null; + + internal void Clear() + { + this.m_sessionHash = null; + this.m_sessionID = null; + this.m_clientCertTypes = null; + this.m_clientServerNames = null; + this.m_clientSigAlgs = null; + this.m_clientSigAlgsCert = null; + this.m_clientSupportedGroups = null; + this.m_serverSigAlgs = null; + this.m_serverSigAlgsCert = null; + this.m_serverSupportedGroups = null; + this.m_statusRequestVersion = 0; + + this.m_baseKeyClient = ClearSecret(m_baseKeyClient); + this.m_baseKeyServer = ClearSecret(m_baseKeyServer); + this.m_earlyExporterMasterSecret = ClearSecret(m_earlyExporterMasterSecret); + this.m_earlySecret = ClearSecret(m_earlySecret); + this.m_exporterMasterSecret = ClearSecret(m_exporterMasterSecret); + this.m_handshakeSecret = ClearSecret(m_handshakeSecret); + this.m_masterSecret = ClearSecret(m_masterSecret); + } + + public ProtocolName ApplicationProtocol + { + get { return m_applicationProtocol; } + } + + public TlsSecret BaseKeyClient + { + get { return m_baseKeyClient; } + } + + public TlsSecret BaseKeyServer + { + get { return m_baseKeyServer; } + } + + public int CipherSuite + { + get { return m_cipherSuite; } + } + + public short[] ClientCertTypes + { + get { return m_clientCertTypes; } + } + + public byte[] ClientRandom + { + get { return m_clientRandom; } + } + + public IList ClientServerNames + { + get { return m_clientServerNames; } + } + + public IList ClientSigAlgs + { + get { return m_clientSigAlgs; } + } + + public IList ClientSigAlgsCert + { + get { return m_clientSigAlgsCert; } + } + + public int[] ClientSupportedGroups + { + get { return m_clientSupportedGroups; } + } + + public TlsSecret EarlyExporterMasterSecret + { + get { return m_earlyExporterMasterSecret; } + } + + public TlsSecret EarlySecret + { + get { return m_earlySecret; } + } + + public TlsSecret ExporterMasterSecret + { + get { return m_exporterMasterSecret; } + } + + public int Entity + { + get { return m_entity; } + } + + public TlsSecret HandshakeSecret + { + get { return m_handshakeSecret; } + } + + public bool IsApplicationProtocolSet + { + get { return m_applicationProtocolSet; } + } + + public bool IsEncryptThenMac + { + get { return m_encryptThenMac; } + } + + public bool IsExtendedMasterSecret + { + get { return m_extendedMasterSecret; } + } + + public bool IsExtendedPadding + { + get { return m_extendedPadding; } + } + + public bool IsSecureRenegotiation + { + get { return m_secureRenegotiation; } + } + + public bool IsTruncatedHmac + { + get { return m_truncatedHmac; } + } + + public int KeyExchangeAlgorithm + { + get { return m_keyExchangeAlgorithm; } + } + + public Certificate LocalCertificate + { + get { return m_localCertificate; } + } + + public byte[] LocalVerifyData + { + get { return m_localVerifyData; } + } + + public TlsSecret MasterSecret + { + get { return m_masterSecret; } + } + + public short MaxFragmentLength + { + get { return m_maxFragmentLength; } + } + + public ProtocolVersion NegotiatedVersion + { + get { return m_negotiatedVersion; } + } + + public Certificate PeerCertificate + { + get { return m_peerCertificate; } + } + + public byte[] PeerVerifyData + { + get { return m_peerVerifyData; } + } + + public int PrfAlgorithm + { + get { return m_prfAlgorithm; } + } + + public int PrfCryptoHashAlgorithm + { + get { return m_prfCryptoHashAlgorithm; } + } + + public int PrfHashLength + { + get { return m_prfHashLength; } + } + + public byte[] PskIdentity + { + get { return m_pskIdentity; } + } + + public byte[] ServerRandom + { + get { return m_serverRandom; } + } + + public IList ServerSigAlgs + { + get { return m_serverSigAlgs; } + } + + public IList ServerSigAlgsCert + { + get { return m_serverSigAlgsCert; } + } + + public int[] ServerSupportedGroups + { + get { return m_serverSupportedGroups; } + } + + public byte[] SessionHash + { + get { return m_sessionHash; } + } + + public byte[] SessionID + { + get { return m_sessionID; } + } + + public byte[] SrpIdentity + { + get { return m_srpIdentity; } + } + + public int StatusRequestVersion + { + get { return m_statusRequestVersion; } + } + + public byte[] TlsServerEndPoint + { + get { return m_tlsServerEndPoint; } + } + + public byte[] TlsUnique + { + get { return m_tlsUnique; } + } + + public TlsSecret TrafficSecretClient + { + get { return m_trafficSecretClient; } + } + + public TlsSecret TrafficSecretServer + { + get { return m_trafficSecretServer; } + } + + public int VerifyDataLength + { + get { return m_verifyDataLength; } + } + + private static TlsSecret ClearSecret(TlsSecret secret) + { + if (null != secret) + { + secret.Destroy(); + } + return null; + } + } +} diff --git a/BouncyCastle/crypto/src/tls/ServerHello.cs b/BouncyCastle/crypto/src/tls/ServerHello.cs new file mode 100644 index 0000000..15cc090 --- /dev/null +++ b/BouncyCastle/crypto/src/tls/ServerHello.cs @@ -0,0 +1,108 @@ +using System; +using System.Collections; +using System.IO; + +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Tls +{ + public sealed class ServerHello + { + private static readonly byte[] HelloRetryRequestMagic = { 0xCF, 0x21, 0xAD, 0x74, 0xE5, 0x9A, 0x61, 0x11, 0xBE, + 0x1D, 0x8C, 0x02, 0x1E, 0x65, 0xB8, 0x91, 0xC2, 0xA2, 0x11, 0x16, 0x7A, 0xBB, 0x8C, 0x5E, 0x07, 0x9E, 0x09, + 0xE2, 0xC8, 0xA8, 0x33, 0x9C }; + + private readonly ProtocolVersion m_version; + private readonly byte[] m_random; + private readonly byte[] m_sessionID; + private readonly int m_cipherSuite; + private readonly IDictionary m_extensions; + + public ServerHello(byte[] sessionID, int cipherSuite, IDictionary extensions) + : this(ProtocolVersion.TLSv12, Arrays.Clone(HelloRetryRequestMagic), sessionID, cipherSuite, extensions) + { + } + + public ServerHello(ProtocolVersion version, byte[] random, byte[] sessionID, int cipherSuite, + IDictionary extensions) + { + this.m_version = version; + this.m_random = random; + this.m_sessionID = sessionID; + this.m_cipherSuite = cipherSuite; + this.m_extensions = extensions; + } + + public int CipherSuite + { + get { return m_cipherSuite; } + } + + public IDictionary Extensions + { + get { return m_extensions; } + } + + public byte[] Random + { + get { return m_random; } + } + + public byte[] SessionID + { + get { return m_sessionID; } + } + + public ProtocolVersion Version + { + get { return m_version; } + } + + public bool IsHelloRetryRequest() + { + return Arrays.AreEqual(HelloRetryRequestMagic, m_random); + } + + /// Encode this to a . + /// the of the current connection. + /// the to encode to. + /// + public void Encode(TlsContext context, Stream output) + { + TlsUtilities.WriteVersion(m_version, output); + + output.Write(m_random, 0, m_random.Length); + + TlsUtilities.WriteOpaque8(m_sessionID, output); + + TlsUtilities.WriteUint16(m_cipherSuite, output); + + TlsUtilities.WriteUint8(CompressionMethod.cls_null, output); + + TlsProtocol.WriteExtensions(output, m_extensions); + } + + /// Parse a from a . + /// the to parse from. + /// a object. + /// + public static ServerHello Parse(MemoryStream input) + { + ProtocolVersion version = TlsUtilities.ReadVersion(input); + + byte[] random = TlsUtilities.ReadFully(32, input); + + byte[] sessionID = TlsUtilities.ReadOpaque8(input, 0, 32); + + int cipherSuite = TlsUtilities.ReadUint16(input); + + short compressionMethod = TlsUtilities.ReadUint8(input); + if (CompressionMethod.cls_null != compressionMethod) + throw new TlsFatalAlert(AlertDescription.illegal_parameter); + + IDictionary extensions = TlsProtocol.ReadExtensions(input); + + return new ServerHello(version, random, sessionID, cipherSuite, extensions); + } + } +} diff --git a/BouncyCastle/crypto/src/tls/ServerName.cs b/BouncyCastle/crypto/src/tls/ServerName.cs new file mode 100644 index 0000000..da40c2c --- /dev/null +++ b/BouncyCastle/crypto/src/tls/ServerName.cs @@ -0,0 +1,63 @@ +using System; +using System.IO; + +namespace Org.BouncyCastle.Tls +{ + /// RFC 6066 3. Server Name Indication + /// + /// Current implementation uses this guidance: "For backward compatibility, all future data structures associated + /// with new NameTypes MUST begin with a 16-bit length field. TLS MAY treat provided server names as opaque data + /// and pass the names and types to the application.". RFC 6066 specifies ASCII encoding for host_name (possibly + /// using A-labels for IDNs), but note that the previous version (RFC 4366) specified UTF-8 encoding (see RFC 6066 + /// Appendix A). For maximum compatibility, it is recommended that client code tolerate receiving UTF-8 from the + /// peer, but only generate ASCII itself. + /// + public sealed class ServerName + { + private readonly short nameType; + private readonly byte[] nameData; + + public ServerName(short nameType, byte[] nameData) + { + if (!TlsUtilities.IsValidUint8(nameType)) + throw new ArgumentException("must be from 0 to 255", "nameType"); + if (null == nameData) + throw new ArgumentNullException("nameData"); + if (nameData.Length < 1 || !TlsUtilities.IsValidUint16(nameData.Length)) + throw new ArgumentException("must have length from 1 to 65535", "nameData"); + + this.nameType = nameType; + this.nameData = nameData; + } + + public byte[] NameData + { + get { return nameData; } + } + + public short NameType + { + get { return nameType; } + } + + /// Encode this to a . + /// the to encode to. + /// + public void Encode(Stream output) + { + TlsUtilities.WriteUint8(nameType, output); + TlsUtilities.WriteOpaque16(nameData, output); + } + + /// Parse a from a . + /// the to parse from. + /// a object. + /// + public static ServerName Parse(Stream input) + { + short name_type = TlsUtilities.ReadUint8(input); + byte[] nameData = TlsUtilities.ReadOpaque16(input, 1); + return new ServerName(name_type, nameData); + } + } +} diff --git a/BouncyCastle/crypto/src/tls/ServerNameList.cs b/BouncyCastle/crypto/src/tls/ServerNameList.cs new file mode 100644 index 0000000..915e943 --- /dev/null +++ b/BouncyCastle/crypto/src/tls/ServerNameList.cs @@ -0,0 +1,87 @@ +using System; +using System.Collections; +using System.IO; + +using Org.BouncyCastle.Utilities; +using Org.BouncyCastle.Utilities.IO; + +namespace Org.BouncyCastle.Tls +{ + public sealed class ServerNameList + { + private readonly IList m_serverNameList; + + /// an of . + public ServerNameList(IList serverNameList) + { + if (null == serverNameList) + throw new ArgumentNullException("serverNameList"); + + this.m_serverNameList = serverNameList; + } + + /// an of . + public IList ServerNames + { + get { return m_serverNameList; } + } + + /// Encode this to a . + /// the to encode to . + /// + public void Encode(Stream output) + { + MemoryStream buf = new MemoryStream(); + + short[] nameTypesSeen = TlsUtilities.EmptyShorts; + foreach (ServerName entry in ServerNames) + { + nameTypesSeen = CheckNameType(nameTypesSeen, entry.NameType); + if (null == nameTypesSeen) + throw new TlsFatalAlert(AlertDescription.internal_error); + + entry.Encode(buf); + } + + int length = (int)buf.Length; + TlsUtilities.CheckUint16(length); + TlsUtilities.WriteUint16(length, output); + Streams.WriteBufTo(buf, output); + } + + /// Parse a from a . + /// the to parse from. + /// a object. + /// + public static ServerNameList Parse(Stream input) + { + byte[] data = TlsUtilities.ReadOpaque16(input, 1); + + MemoryStream buf = new MemoryStream(data, false); + + short[] nameTypesSeen = TlsUtilities.EmptyShorts; + IList server_name_list = Platform.CreateArrayList(); + while (buf.Position < buf.Length) + { + ServerName entry = ServerName.Parse(buf); + + nameTypesSeen = CheckNameType(nameTypesSeen, entry.NameType); + if (null == nameTypesSeen) + throw new TlsFatalAlert(AlertDescription.illegal_parameter); + + server_name_list.Add(entry); + } + + return new ServerNameList(server_name_list); + } + + private static short[] CheckNameType(short[] nameTypesSeen, short nameType) + { + // RFC 6066 3. The ServerNameList MUST NOT contain more than one name of the same NameType. + if (Arrays.Contains(nameTypesSeen, nameType)) + return null; + + return Arrays.Append(nameTypesSeen, nameType); + } + } +} diff --git a/BouncyCastle/crypto/src/tls/ServerOnlyTlsAuthentication.cs b/BouncyCastle/crypto/src/tls/ServerOnlyTlsAuthentication.cs new file mode 100644 index 0000000..5a8d599 --- /dev/null +++ b/BouncyCastle/crypto/src/tls/ServerOnlyTlsAuthentication.cs @@ -0,0 +1,15 @@ +using System; + +namespace Org.BouncyCastle.Tls +{ + public abstract class ServerOnlyTlsAuthentication + : TlsAuthentication + { + public abstract void NotifyServerCertificate(TlsServerCertificate serverCertificate); + + public TlsCredentials GetClientCredentials(CertificateRequest certificateRequest) + { + return null; + } + } +} diff --git a/BouncyCastle/crypto/src/tls/ServerSrpParams.cs b/BouncyCastle/crypto/src/tls/ServerSrpParams.cs new file mode 100644 index 0000000..9aca882 --- /dev/null +++ b/BouncyCastle/crypto/src/tls/ServerSrpParams.cs @@ -0,0 +1,67 @@ +using System; +using System.IO; + +using Org.BouncyCastle.Math; +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Tls +{ + public sealed class ServerSrpParams + { + private BigInteger m_N, m_g, m_B; + private byte[] m_s; + + public ServerSrpParams(BigInteger N, BigInteger g, byte[] s, BigInteger B) + { + this.m_N = N; + this.m_g = g; + this.m_s = Arrays.Clone(s); + this.m_B = B; + } + + public BigInteger B + { + get { return m_B; } + } + + public BigInteger G + { + get { return m_g; } + } + + public BigInteger N + { + get { return m_N; } + } + + public byte[] S + { + get { return m_s; } + } + + /// Encode this to a . + /// the to encode to. + /// + public void Encode(Stream output) + { + TlsSrpUtilities.WriteSrpParameter(m_N, output); + TlsSrpUtilities.WriteSrpParameter(m_g, output); + TlsUtilities.WriteOpaque8(m_s, output); + TlsSrpUtilities.WriteSrpParameter(m_B, output); + } + + /// Parse a from a . + /// the to parse from. + /// a object. + /// + public static ServerSrpParams Parse(Stream input) + { + BigInteger N = TlsSrpUtilities.ReadSrpParameter(input); + BigInteger g = TlsSrpUtilities.ReadSrpParameter(input); + byte[] s = TlsUtilities.ReadOpaque8(input, 1); + BigInteger B = TlsSrpUtilities.ReadSrpParameter(input); + + return new ServerSrpParams(N, g, s, B); + } + } +} diff --git a/BouncyCastle/crypto/src/tls/SessionParameters.cs b/BouncyCastle/crypto/src/tls/SessionParameters.cs new file mode 100644 index 0000000..9a62e35 --- /dev/null +++ b/BouncyCastle/crypto/src/tls/SessionParameters.cs @@ -0,0 +1,195 @@ +using System; +using System.Collections; +using System.IO; + +using Org.BouncyCastle.Tls.Crypto; +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Tls +{ + public sealed class SessionParameters + { + public sealed class Builder + { + private int m_cipherSuite = -1; + private Certificate m_localCertificate = null; + private TlsSecret m_masterSecret = null; + private ProtocolVersion m_negotiatedVersion; + private Certificate m_peerCertificate = null; + private byte[] m_pskIdentity = null; + private byte[] m_srpIdentity = null; + private byte[] m_encodedServerExtensions = null; + private bool m_extendedMasterSecret = false; + + public Builder() + { + } + + public SessionParameters Build() + { + Validate(m_cipherSuite >= 0, "cipherSuite"); + Validate(m_masterSecret != null, "masterSecret"); + return new SessionParameters(m_cipherSuite, m_localCertificate, m_masterSecret, m_negotiatedVersion, + m_peerCertificate, m_pskIdentity, m_srpIdentity, m_encodedServerExtensions, m_extendedMasterSecret); + } + + public Builder SetCipherSuite(int cipherSuite) + { + this.m_cipherSuite = cipherSuite; + return this; + } + + public Builder SetExtendedMasterSecret(bool extendedMasterSecret) + { + this.m_extendedMasterSecret = extendedMasterSecret; + return this; + } + + public Builder SetLocalCertificate(Certificate localCertificate) + { + this.m_localCertificate = localCertificate; + return this; + } + + public Builder SetMasterSecret(TlsSecret masterSecret) + { + this.m_masterSecret = masterSecret; + return this; + } + + public Builder SetNegotiatedVersion(ProtocolVersion negotiatedVersion) + { + this.m_negotiatedVersion = negotiatedVersion; + return this; + } + + public Builder SetPeerCertificate(Certificate peerCertificate) + { + this.m_peerCertificate = peerCertificate; + return this; + } + + public Builder SetPskIdentity(byte[] pskIdentity) + { + this.m_pskIdentity = pskIdentity; + return this; + } + + public Builder SetSrpIdentity(byte[] srpIdentity) + { + this.m_srpIdentity = srpIdentity; + return this; + } + + /// + public Builder SetServerExtensions(IDictionary serverExtensions) + { + if (serverExtensions == null || serverExtensions.Count < 1) + { + this.m_encodedServerExtensions = null; + } + else + { + MemoryStream buf = new MemoryStream(); + TlsProtocol.WriteExtensions(buf, serverExtensions); + this.m_encodedServerExtensions = buf.ToArray(); + } + return this; + } + + private void Validate(bool condition, string parameter) + { + if (!condition) + throw new InvalidOperationException("Required session parameter '" + parameter + "' not configured"); + } + } + + private readonly int m_cipherSuite; + private readonly Certificate m_localCertificate; + private readonly TlsSecret m_masterSecret; + private readonly ProtocolVersion m_negotiatedVersion; + private readonly Certificate m_peerCertificate; + private readonly byte[] m_pskIdentity; + private readonly byte[] m_srpIdentity; + private readonly byte[] m_encodedServerExtensions; + private readonly bool m_extendedMasterSecret; + + private SessionParameters(int cipherSuite, Certificate localCertificate, TlsSecret masterSecret, + ProtocolVersion negotiatedVersion, Certificate peerCertificate, byte[] pskIdentity, byte[] srpIdentity, + byte[] encodedServerExtensions, bool extendedMasterSecret) + { + this.m_cipherSuite = cipherSuite; + this.m_localCertificate = localCertificate; + this.m_masterSecret = masterSecret; + this.m_negotiatedVersion = negotiatedVersion; + this.m_peerCertificate = peerCertificate; + this.m_pskIdentity = Arrays.Clone(pskIdentity); + this.m_srpIdentity = Arrays.Clone(srpIdentity); + this.m_encodedServerExtensions = encodedServerExtensions; + this.m_extendedMasterSecret = extendedMasterSecret; + } + + public int CipherSuite + { + get { return m_cipherSuite; } + } + + public void Clear() + { + if (m_masterSecret != null) + { + m_masterSecret.Destroy(); + } + } + + public SessionParameters Copy() + { + return new SessionParameters(m_cipherSuite, m_localCertificate, m_masterSecret, m_negotiatedVersion, + m_peerCertificate, m_pskIdentity, m_srpIdentity, m_encodedServerExtensions, m_extendedMasterSecret); + } + + public bool IsExtendedMasterSecret + { + get { return m_extendedMasterSecret; } + } + + public Certificate LocalCertificate + { + get { return m_localCertificate; } + } + + public TlsSecret MasterSecret + { + get { return m_masterSecret; } + } + + public ProtocolVersion NegotiatedVersion + { + get { return m_negotiatedVersion; } + } + + public Certificate PeerCertificate + { + get { return m_peerCertificate; } + } + + public byte[] PskIdentity + { + get { return m_pskIdentity; } + } + + /// + public IDictionary ReadServerExtensions() + { + if (m_encodedServerExtensions == null) + return null; + + return TlsProtocol.ReadExtensions(new MemoryStream(m_encodedServerExtensions, false)); + } + + public byte[] SrpIdentity + { + get { return m_srpIdentity; } + } + } +} diff --git a/BouncyCastle/crypto/src/tls/SignatureAlgorithm.cs b/BouncyCastle/crypto/src/tls/SignatureAlgorithm.cs new file mode 100644 index 0000000..726504c --- /dev/null +++ b/BouncyCastle/crypto/src/tls/SignatureAlgorithm.cs @@ -0,0 +1,125 @@ +using System; + +namespace Org.BouncyCastle.Tls +{ + /** + * RFC 5246 7.4.1.4.1 (in RFC 2246, there were no specific values assigned) + */ + public class SignatureAlgorithm + { + public const short anonymous = 0; + public const short rsa = 1; + public const short dsa = 2; + public const short ecdsa = 3; + + /* + * RFC 8422 + */ + public const short ed25519 = 7; + public const short ed448 = 8; + + /* + * RFC 8446 (implied from SignatureScheme values) + * RFC 8447 reserved these values without allocating the implied names + */ + public const short rsa_pss_rsae_sha256 = 4; + public const short rsa_pss_rsae_sha384 = 5; + public const short rsa_pss_rsae_sha512 = 6; + public const short rsa_pss_pss_sha256 = 9; + public const short rsa_pss_pss_sha384 = 10; + public const short rsa_pss_pss_sha512 = 11; + + /* + * RFC 8734 (implied from SignatureScheme values) + */ + public const short ecdsa_brainpoolP256r1tls13_sha256 = 26; + public const short ecdsa_brainpoolP384r1tls13_sha384 = 27; + public const short ecdsa_brainpoolP512r1tls13_sha512 = 28; + + /* + * draft-smyshlyaev-tls12-gost-suites-10 + */ + public const short gostr34102012_256 = 64; + public const short gostr34102012_512 = 65; + + public static short GetClientCertificateType(short signatureAlgorithm) + { + switch (signatureAlgorithm) + { + case SignatureAlgorithm.rsa: + case SignatureAlgorithm.rsa_pss_rsae_sha256: + case SignatureAlgorithm.rsa_pss_rsae_sha384: + case SignatureAlgorithm.rsa_pss_rsae_sha512: + case SignatureAlgorithm.rsa_pss_pss_sha256: + case SignatureAlgorithm.rsa_pss_pss_sha384: + case SignatureAlgorithm.rsa_pss_pss_sha512: + return ClientCertificateType.rsa_sign; + + case SignatureAlgorithm.dsa: + return ClientCertificateType.dss_sign; + + case SignatureAlgorithm.ecdsa: + case SignatureAlgorithm.ed25519: + case SignatureAlgorithm.ed448: + return ClientCertificateType.ecdsa_sign; + + case SignatureAlgorithm.gostr34102012_256: + return ClientCertificateType.gost_sign256; + + case SignatureAlgorithm.gostr34102012_512: + return ClientCertificateType.gost_sign512; + + default: + return -1; + } + } + + public static string GetName(short signatureAlgorithm) + { + switch (signatureAlgorithm) + { + case anonymous: + return "anonymous"; + case rsa: + return "rsa"; + case dsa: + return "dsa"; + case ecdsa: + return "ecdsa"; + case ed25519: + return "ed25519"; + case ed448: + return "ed448"; + case gostr34102012_256: + return "gostr34102012_256"; + case gostr34102012_512: + return "gostr34102012_512"; + case rsa_pss_rsae_sha256: + return "rsa_pss_rsae_sha256"; + case rsa_pss_rsae_sha384: + return "rsa_pss_rsae_sha384"; + case rsa_pss_rsae_sha512: + return "rsa_pss_rsae_sha512"; + case rsa_pss_pss_sha256: + return "rsa_pss_pss_sha256"; + case rsa_pss_pss_sha384: + return "rsa_pss_pss_sha384"; + case rsa_pss_pss_sha512: + return "rsa_pss_pss_sha512"; + case ecdsa_brainpoolP256r1tls13_sha256: + return "ecdsa_brainpoolP256r1tls13_sha256"; + case ecdsa_brainpoolP384r1tls13_sha384: + return "ecdsa_brainpoolP384r1tls13_sha384"; + case ecdsa_brainpoolP512r1tls13_sha512: + return "ecdsa_brainpoolP512r1tls13_sha512"; + default: + return "UNKNOWN"; + } + } + + public static string GetText(short signatureAlgorithm) + { + return GetName(signatureAlgorithm) + "(" + signatureAlgorithm + ")"; + } + } +} diff --git a/BouncyCastle/crypto/src/tls/SignatureAndHashAlgorithm.cs b/BouncyCastle/crypto/src/tls/SignatureAndHashAlgorithm.cs new file mode 100644 index 0000000..9de2a42 --- /dev/null +++ b/BouncyCastle/crypto/src/tls/SignatureAndHashAlgorithm.cs @@ -0,0 +1,171 @@ +using System; +using System.IO; + +namespace Org.BouncyCastle.Tls +{ + /// RFC 5246 7.4.1.4.1 + public sealed class SignatureAndHashAlgorithm + { + public static readonly SignatureAndHashAlgorithm ecdsa_brainpoolP256r1tls13_sha256 = + Create(SignatureScheme.ecdsa_brainpoolP256r1tls13_sha256); + public static readonly SignatureAndHashAlgorithm ecdsa_brainpoolP384r1tls13_sha384 = + Create(SignatureScheme.ecdsa_brainpoolP384r1tls13_sha384); + public static readonly SignatureAndHashAlgorithm ecdsa_brainpoolP512r1tls13_sha512 = + Create(SignatureScheme.ecdsa_brainpoolP512r1tls13_sha512); + public static readonly SignatureAndHashAlgorithm ed25519 = + Create(SignatureScheme.ed25519); + public static readonly SignatureAndHashAlgorithm ed448 = + Create(SignatureScheme.ed448); + public static readonly SignatureAndHashAlgorithm gostr34102012_256 = + Create(HashAlgorithm.Intrinsic, SignatureAlgorithm.gostr34102012_256); + public static readonly SignatureAndHashAlgorithm gostr34102012_512 = + Create(HashAlgorithm.Intrinsic, SignatureAlgorithm.gostr34102012_512); + public static readonly SignatureAndHashAlgorithm rsa_pss_rsae_sha256 = + Create(SignatureScheme.rsa_pss_rsae_sha256); + public static readonly SignatureAndHashAlgorithm rsa_pss_rsae_sha384 = + Create(SignatureScheme.rsa_pss_rsae_sha384); + public static readonly SignatureAndHashAlgorithm rsa_pss_rsae_sha512 = + Create(SignatureScheme.rsa_pss_rsae_sha512); + public static readonly SignatureAndHashAlgorithm rsa_pss_pss_sha256 = + Create(SignatureScheme.rsa_pss_pss_sha256); + public static readonly SignatureAndHashAlgorithm rsa_pss_pss_sha384 = + Create(SignatureScheme.rsa_pss_pss_sha384); + public static readonly SignatureAndHashAlgorithm rsa_pss_pss_sha512 = + Create(SignatureScheme.rsa_pss_pss_sha512); + + public static SignatureAndHashAlgorithm GetInstance(short hashAlgorithm, short signatureAlgorithm) + { + switch (hashAlgorithm) + { + case HashAlgorithm.Intrinsic: + return GetInstanceIntrinsic(signatureAlgorithm); + default: + return Create(hashAlgorithm, signatureAlgorithm); + } + } + + private static SignatureAndHashAlgorithm GetInstanceIntrinsic(short signatureAlgorithm) + { + switch (signatureAlgorithm) + { + case SignatureAlgorithm.ed25519: + return ed25519; + case SignatureAlgorithm.ed448: + return ed448; + case SignatureAlgorithm.gostr34102012_256: + return gostr34102012_256; + case SignatureAlgorithm.gostr34102012_512: + return gostr34102012_512; + case SignatureAlgorithm.rsa_pss_rsae_sha256: + return rsa_pss_rsae_sha256; + case SignatureAlgorithm.rsa_pss_rsae_sha384: + return rsa_pss_rsae_sha384; + case SignatureAlgorithm.rsa_pss_rsae_sha512: + return rsa_pss_rsae_sha512; + case SignatureAlgorithm.rsa_pss_pss_sha256: + return rsa_pss_pss_sha256; + case SignatureAlgorithm.rsa_pss_pss_sha384: + return rsa_pss_pss_sha384; + case SignatureAlgorithm.rsa_pss_pss_sha512: + return rsa_pss_pss_sha512; + case SignatureAlgorithm.ecdsa_brainpoolP256r1tls13_sha256: + return ecdsa_brainpoolP256r1tls13_sha256; + case SignatureAlgorithm.ecdsa_brainpoolP384r1tls13_sha384: + return ecdsa_brainpoolP384r1tls13_sha384; + case SignatureAlgorithm.ecdsa_brainpoolP512r1tls13_sha512: + return ecdsa_brainpoolP512r1tls13_sha512; + default: + return Create(HashAlgorithm.Intrinsic, signatureAlgorithm); + } + } + + private static SignatureAndHashAlgorithm Create(int signatureScheme) + { + short hashAlgorithm = SignatureScheme.GetHashAlgorithm(signatureScheme); + short signatureAlgorithm = SignatureScheme.GetSignatureAlgorithm(signatureScheme); + return Create(hashAlgorithm, signatureAlgorithm); + } + + private static SignatureAndHashAlgorithm Create(short hashAlgorithm, short signatureAlgorithm) + { + return new SignatureAndHashAlgorithm(hashAlgorithm, signatureAlgorithm); + } + + private readonly short m_hash; + private readonly short m_signature; + + /// + /// + public SignatureAndHashAlgorithm(short hash, short signature) + { + /* + * TODO]tls] The TlsUtils methods are inlined here to avoid circular static initialization + * b/w these classes. We should refactor parts of TlsUtils into separate classes. e.g. the + * TLS low-level encoding methods, and/or the SigAndHash registry and methods. + */ + + //if (!TlsUtilities.IsValidUint8(hash)) + if ((hash & 0xFF) != hash) + throw new ArgumentException("should be a uint8", "hash"); + + //if (!TlsUtilities.IsValidUint8(signature)) + if ((signature & 0xFF) != signature) + throw new ArgumentException("should be a uint8", "signature"); + + this.m_hash = hash; + this.m_signature = signature; + } + + /// + public short Hash + { + get { return m_hash; } + } + + /// + public short Signature + { + get { return m_signature; } + } + + /// Encode this to a . + /// the to encode to. + /// + public void Encode(Stream output) + { + TlsUtilities.WriteUint8(Hash, output); + TlsUtilities.WriteUint8(Signature, output); + } + + /// Parse a from a . + /// the to parse from. + /// a object. + /// + public static SignatureAndHashAlgorithm Parse(Stream input) + { + short hash = TlsUtilities.ReadUint8(input); + short signature = TlsUtilities.ReadUint8(input); + + return GetInstance(hash, signature); + } + + public override bool Equals(object obj) + { + if (!(obj is SignatureAndHashAlgorithm)) + return false; + + SignatureAndHashAlgorithm other = (SignatureAndHashAlgorithm)obj; + return other.Hash == Hash && other.Signature == Signature; + } + + public override int GetHashCode() + { + return ((int)Hash << 16) | (int)Signature; + } + + public override string ToString() + { + return "{" + HashAlgorithm.GetText(Hash) + "," + SignatureAlgorithm.GetText(Signature) + "}"; + } + } +} diff --git a/BouncyCastle/crypto/src/tls/SignatureScheme.cs b/BouncyCastle/crypto/src/tls/SignatureScheme.cs new file mode 100644 index 0000000..4b93413 --- /dev/null +++ b/BouncyCastle/crypto/src/tls/SignatureScheme.cs @@ -0,0 +1,235 @@ +using System; + +using Org.BouncyCastle.Tls.Crypto; + +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Tls +{ + public abstract class SignatureScheme + { + /* + * RFC 8446 + */ + + public const int rsa_pkcs1_sha1 = 0x0201; + public const int ecdsa_sha1 = 0x0203; + + public const int rsa_pkcs1_sha256 = 0x0401; + public const int rsa_pkcs1_sha384 = 0x0501; + public const int rsa_pkcs1_sha512 = 0x0601; + + public const int ecdsa_secp256r1_sha256 = 0x0403; + public const int ecdsa_secp384r1_sha384 = 0x0503; + public const int ecdsa_secp521r1_sha512 = 0x0603; + + public const int rsa_pss_rsae_sha256 = 0x0804; + public const int rsa_pss_rsae_sha384 = 0x0805; + public const int rsa_pss_rsae_sha512 = 0x0806; + + public const int ed25519 = 0x0807; + public const int ed448 = 0x0808; + + public const int rsa_pss_pss_sha256 = 0x0809; + public const int rsa_pss_pss_sha384 = 0x080A; + public const int rsa_pss_pss_sha512 = 0x080B; + + /* + * RFC 8734 + */ + + public const int ecdsa_brainpoolP256r1tls13_sha256 = 0x081A; + public const int ecdsa_brainpoolP384r1tls13_sha384 = 0x081B; + public const int ecdsa_brainpoolP512r1tls13_sha512 = 0x081C; + + /* + * RFC 8998 + */ + + public const int sm2sig_sm3 = 0x0708; + + /* + * RFC 8446 reserved for private use (0xFE00..0xFFFF) + */ + + public static int From(SignatureAndHashAlgorithm sigAndHashAlg) + { + if (null == sigAndHashAlg) + throw new ArgumentNullException(); + + return From(sigAndHashAlg.Hash, sigAndHashAlg.Signature); + } + + public static int From(short hashAlgorithm, short signatureAlgorithm) + { + return ((hashAlgorithm & 0xFF) << 8) | (signatureAlgorithm & 0xFF); + } + + public static int GetCryptoHashAlgorithm(int signatureScheme) + { + switch (signatureScheme) + { + case ed25519: + case ed448: + return -1; + case ecdsa_brainpoolP256r1tls13_sha256: + case rsa_pss_pss_sha256: + case rsa_pss_rsae_sha256: + return CryptoHashAlgorithm.sha256; + case ecdsa_brainpoolP384r1tls13_sha384: + case rsa_pss_pss_sha384: + case rsa_pss_rsae_sha384: + return CryptoHashAlgorithm.sha384; + case ecdsa_brainpoolP512r1tls13_sha512: + case rsa_pss_pss_sha512: + case rsa_pss_rsae_sha512: + return CryptoHashAlgorithm.sha512; + case sm2sig_sm3: + return CryptoHashAlgorithm.sm3; + default: + { + short hashAlgorithm = GetHashAlgorithm(signatureScheme); + if (HashAlgorithm.Intrinsic == hashAlgorithm || !HashAlgorithm.IsRecognized(hashAlgorithm)) + return -1; + + return TlsCryptoUtilities.GetHash(GetHashAlgorithm(signatureScheme)); + } + } + } + + public static string GetName(int signatureScheme) + { + switch (signatureScheme) + { + case rsa_pkcs1_sha1: + return "rsa_pkcs1_sha1"; + case ecdsa_sha1: + return "ecdsa_sha1"; + case rsa_pkcs1_sha256: + return "rsa_pkcs1_sha256"; + case rsa_pkcs1_sha384: + return "rsa_pkcs1_sha384"; + case rsa_pkcs1_sha512: + return "rsa_pkcs1_sha512"; + case ecdsa_secp256r1_sha256: + return "ecdsa_secp256r1_sha256"; + case ecdsa_secp384r1_sha384: + return "ecdsa_secp384r1_sha384"; + case ecdsa_secp521r1_sha512: + return "ecdsa_secp521r1_sha512"; + case rsa_pss_rsae_sha256: + return "rsa_pss_rsae_sha256"; + case rsa_pss_rsae_sha384: + return "rsa_pss_rsae_sha384"; + case rsa_pss_rsae_sha512: + return "rsa_pss_rsae_sha512"; + case ed25519: + return "ed25519"; + case ed448: + return "ed448"; + case rsa_pss_pss_sha256: + return "rsa_pss_pss_sha256"; + case rsa_pss_pss_sha384: + return "rsa_pss_pss_sha384"; + case rsa_pss_pss_sha512: + return "rsa_pss_pss_sha512"; + case ecdsa_brainpoolP256r1tls13_sha256: + return "ecdsa_brainpoolP256r1tls13_sha256"; + case ecdsa_brainpoolP384r1tls13_sha384: + return "ecdsa_brainpoolP384r1tls13_sha384"; + case ecdsa_brainpoolP512r1tls13_sha512: + return "ecdsa_brainpoolP512r1tls13_sha512"; + case sm2sig_sm3: + return "sm2sig_sm3"; + default: + return "UNKNOWN"; + } + } + + /** + * For TLS 1.3+ usage, some signature schemes are constrained to use a particular + * ({@link NamedGroup}. Not relevant for TLS 1.2 and below. + */ + public static int GetNamedGroup(int signatureScheme) + { + switch (signatureScheme) + { + case ecdsa_brainpoolP256r1tls13_sha256: + return NamedGroup.brainpoolP256r1tls13; + case ecdsa_brainpoolP384r1tls13_sha384: + return NamedGroup.brainpoolP384r1tls13; + case ecdsa_brainpoolP512r1tls13_sha512: + return NamedGroup.brainpoolP512r1tls13; + case ecdsa_secp256r1_sha256: + return NamedGroup.secp256r1; + case ecdsa_secp384r1_sha384: + return NamedGroup.secp384r1; + case ecdsa_secp521r1_sha512: + return NamedGroup.secp521r1; + case sm2sig_sm3: + return NamedGroup.curveSM2; + default: + return -1; + } + } + + public static short GetHashAlgorithm(int signatureScheme) + { + // TODO[RFC 8998] sm2sig_sm3 + return (short)((signatureScheme >> 8) & 0xFF); + } + + public static short GetSignatureAlgorithm(int signatureScheme) + { + // TODO[RFC 8998] sm2sig_sm3 + return (short)(signatureScheme & 0xFF); + } + + public static SignatureAndHashAlgorithm GetSignatureAndHashAlgorithm(int signatureScheme) + { + return SignatureAndHashAlgorithm.GetInstance( + GetHashAlgorithm(signatureScheme), + GetSignatureAlgorithm(signatureScheme)); + } + + public static string GetText(int signatureScheme) + { + string hex = Platform.ToUpperInvariant(Convert.ToString(signatureScheme, 16)); + return GetName(signatureScheme) + "(0x" + hex + ")"; + } + + public static bool IsPrivate(int signatureScheme) + { + return (signatureScheme >> 9) == 0xFE; + } + + public static bool IsECDsa(int signatureScheme) + { + switch (signatureScheme) + { + case ecdsa_brainpoolP256r1tls13_sha256: + case ecdsa_brainpoolP384r1tls13_sha384: + case ecdsa_brainpoolP512r1tls13_sha512: + return true; + default: + return SignatureAlgorithm.ecdsa == GetSignatureAlgorithm(signatureScheme); + } + } + + public static bool IsRsaPss(int signatureScheme) + { + switch (signatureScheme) + { + case rsa_pss_rsae_sha256: + case rsa_pss_rsae_sha384: + case rsa_pss_rsae_sha512: + case rsa_pss_pss_sha256: + case rsa_pss_pss_sha384: + case rsa_pss_pss_sha512: + return true; + default: + return false; + } + } + } +} diff --git a/BouncyCastle/crypto/src/tls/SimulatedTlsSrpIdentityManager.cs b/BouncyCastle/crypto/src/tls/SimulatedTlsSrpIdentityManager.cs new file mode 100644 index 0000000..904bdae --- /dev/null +++ b/BouncyCastle/crypto/src/tls/SimulatedTlsSrpIdentityManager.cs @@ -0,0 +1,69 @@ +using System; +using System.IO; + +using Org.BouncyCastle.Math; +using Org.BouncyCastle.Tls.Crypto; +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Tls +{ + /// An implementation of that simulates the existence of "unknown" + /// identities to obscure the fact that there is no verifier for them. + public class SimulatedTlsSrpIdentityManager + : TlsSrpIdentityManager + { + private static readonly byte[] PrefixPassword = Strings.ToByteArray("password"); + private static readonly byte[] PrefixSalt = Strings.ToByteArray("salt"); + + /// Create a that implements the algorithm from RFC 5054 + /// 2.5.1.3. + /// + /// the defining the group that SRP is operating in. + /// the secret "seed key" referred to in RFC 5054 2.5.1.3. + /// an instance of . + /// + public static SimulatedTlsSrpIdentityManager GetRfc5054Default(TlsCrypto crypto, Srp6Group group, byte[] seedKey) + { + TlsMac mac = crypto.CreateHmac(MacAlgorithm.hmac_sha1); + + mac.SetKey(seedKey, 0, seedKey.Length); + + TlsSrpConfig srpConfig = new TlsSrpConfig(); + + srpConfig.SetExplicitNG(new BigInteger[]{ group.N, group.G }); + + return new SimulatedTlsSrpIdentityManager(group, crypto.CreateSrp6VerifierGenerator(srpConfig), mac); + } + + protected readonly Srp6Group m_group; + protected readonly TlsSrp6VerifierGenerator m_verifierGenerator; + protected readonly TlsMac m_mac; + + public SimulatedTlsSrpIdentityManager(Srp6Group group, TlsSrp6VerifierGenerator verifierGenerator, TlsMac mac) + { + this.m_group = group; + this.m_verifierGenerator = verifierGenerator; + this.m_mac = mac; + } + + public virtual TlsSrpLoginParameters GetLoginParameters(byte[] identity) + { + m_mac.Update(PrefixSalt, 0, PrefixSalt.Length); + m_mac.Update(identity, 0, identity.Length); + + byte[] salt = m_mac.CalculateMac(); + + m_mac.Update(PrefixPassword, 0, PrefixPassword.Length); + m_mac.Update(identity, 0, identity.Length); + + byte[] password = m_mac.CalculateMac(); + + BigInteger verifier = m_verifierGenerator.GenerateVerifier(salt, identity, password); + + TlsSrpConfig srpConfig = new TlsSrpConfig(); + srpConfig.SetExplicitNG(new BigInteger[]{ m_group.N, m_group.G }); + + return new TlsSrpLoginParameters(identity, srpConfig, verifier, salt); + } + } +} diff --git a/BouncyCastle/crypto/src/tls/SrpTlsClient.cs b/BouncyCastle/crypto/src/tls/SrpTlsClient.cs new file mode 100644 index 0000000..a2b0e94 --- /dev/null +++ b/BouncyCastle/crypto/src/tls/SrpTlsClient.cs @@ -0,0 +1,83 @@ +using System; +using System.Collections; +using System.IO; + +using Org.BouncyCastle.Tls.Crypto; + +namespace Org.BouncyCastle.Tls +{ + public class SrpTlsClient + : AbstractTlsClient + { + private static readonly int[] DefaultCipherSuites = new int[] + { + CipherSuite.TLS_SRP_SHA_RSA_WITH_AES_128_CBC_SHA + }; + + protected readonly TlsSrpIdentity m_srpIdentity; + + public SrpTlsClient(TlsCrypto crypto, byte[] identity, byte[] password) + : this(crypto, new BasicTlsSrpIdentity(identity, password)) + { + } + + public SrpTlsClient(TlsCrypto crypto, TlsSrpIdentity srpIdentity) + : base(crypto) + { + this.m_srpIdentity = srpIdentity; + } + + protected override int[] GetSupportedCipherSuites() + { + return TlsUtilities.GetSupportedCipherSuites(Crypto, DefaultCipherSuites); + } + + protected override ProtocolVersion[] GetSupportedVersions() + { + return ProtocolVersion.TLSv12.DownTo(ProtocolVersion.TLSv10); + } + + protected virtual bool RequireSrpServerExtension + { + // No explicit guidance in RFC 5054; by default an (empty) extension from server is optional + get { return false; } + } + + /// + public override IDictionary GetClientExtensions() + { + IDictionary clientExtensions = TlsExtensionsUtilities.EnsureExtensionsInitialised( + base.GetClientExtensions()); + TlsSrpUtilities.AddSrpExtension(clientExtensions, m_srpIdentity.GetSrpIdentity()); + return clientExtensions; + } + + /// + public override void ProcessServerExtensions(IDictionary serverExtensions) + { + if (!TlsUtilities.HasExpectedEmptyExtensionData(serverExtensions, ExtensionType.srp, + AlertDescription.illegal_parameter)) + { + if (RequireSrpServerExtension) + throw new TlsFatalAlert(AlertDescription.illegal_parameter); + } + + base.ProcessServerExtensions(serverExtensions); + } + + public override TlsSrpIdentity GetSrpIdentity() + { + return m_srpIdentity; + } + + /// + public override TlsAuthentication GetAuthentication() + { + /* + * Note: This method is not called unless a server certificate is sent, which may be the + * case e.g. for SRP_DSS or SRP_RSA key exchange. + */ + throw new TlsFatalAlert(AlertDescription.internal_error); + } + } +} diff --git a/BouncyCastle/crypto/src/tls/SrpTlsServer.cs b/BouncyCastle/crypto/src/tls/SrpTlsServer.cs new file mode 100644 index 0000000..58f89ee --- /dev/null +++ b/BouncyCastle/crypto/src/tls/SrpTlsServer.cs @@ -0,0 +1,106 @@ +using System; +using System.Collections; +using System.IO; + +using Org.BouncyCastle.Tls.Crypto; + +namespace Org.BouncyCastle.Tls +{ + public class SrpTlsServer + : AbstractTlsServer + { + private static readonly int[] DefaultCipherSuites = new int[] + { + CipherSuite.TLS_SRP_SHA_DSS_WITH_AES_256_CBC_SHA, + CipherSuite.TLS_SRP_SHA_DSS_WITH_AES_128_CBC_SHA, + CipherSuite.TLS_SRP_SHA_RSA_WITH_AES_256_CBC_SHA, + CipherSuite.TLS_SRP_SHA_RSA_WITH_AES_128_CBC_SHA, + CipherSuite.TLS_SRP_SHA_WITH_AES_256_CBC_SHA, + CipherSuite.TLS_SRP_SHA_WITH_AES_128_CBC_SHA + }; + + protected readonly TlsSrpIdentityManager m_srpIdentityManager; + + protected byte[] m_srpIdentity = null; + protected TlsSrpLoginParameters m_srpLoginParameters = null; + + public SrpTlsServer(TlsCrypto crypto, TlsSrpIdentityManager srpIdentityManager) + : base(crypto) + { + this.m_srpIdentityManager = srpIdentityManager; + } + + /// + protected virtual TlsCredentialedSigner GetDsaSignerCredentials() + { + throw new TlsFatalAlert(AlertDescription.internal_error); + } + + /// + protected virtual TlsCredentialedSigner GetRsaSignerCredentials() + { + throw new TlsFatalAlert(AlertDescription.internal_error); + } + + protected override ProtocolVersion[] GetSupportedVersions() + { + return ProtocolVersion.TLSv12.DownTo(ProtocolVersion.TLSv10); + } + + protected override int[] GetSupportedCipherSuites() + { + return TlsUtilities.GetSupportedCipherSuites(Crypto, DefaultCipherSuites); + } + + public override void ProcessClientExtensions(IDictionary clientExtensions) + { + base.ProcessClientExtensions(clientExtensions); + + this.m_srpIdentity = TlsSrpUtilities.GetSrpExtension(clientExtensions); + } + + public override int GetSelectedCipherSuite() + { + int cipherSuite = base.GetSelectedCipherSuite(); + + if (TlsSrpUtilities.IsSrpCipherSuite(cipherSuite)) + { + if (m_srpIdentity != null) + { + this.m_srpLoginParameters = m_srpIdentityManager.GetLoginParameters(m_srpIdentity); + } + + if (m_srpLoginParameters == null) + throw new TlsFatalAlert(AlertDescription.unknown_psk_identity); + } + + return cipherSuite; + } + + public override TlsCredentials GetCredentials() + { + int keyExchangeAlgorithm = m_context.SecurityParameters.KeyExchangeAlgorithm; + + switch (keyExchangeAlgorithm) + { + case KeyExchangeAlgorithm.SRP: + return null; + + case KeyExchangeAlgorithm.SRP_DSS: + return GetDsaSignerCredentials(); + + case KeyExchangeAlgorithm.SRP_RSA: + return GetRsaSignerCredentials(); + + default: + // Note: internal error here; selected a key exchange we don't implement! + throw new TlsFatalAlert(AlertDescription.internal_error); + } + } + + public override TlsSrpLoginParameters GetSrpLoginParameters() + { + return m_srpLoginParameters; + } + } +} diff --git a/BouncyCastle/crypto/src/tls/SrtpProtectionProfile.cs b/BouncyCastle/crypto/src/tls/SrtpProtectionProfile.cs new file mode 100644 index 0000000..e81988e --- /dev/null +++ b/BouncyCastle/crypto/src/tls/SrtpProtectionProfile.cs @@ -0,0 +1,21 @@ +using System; + +namespace Org.BouncyCastle.Tls +{ + public abstract class SrtpProtectionProfile + { + /* + * RFC 5764 4.1.2. + */ + public const int SRTP_AES128_CM_HMAC_SHA1_80 = 0x0001; + public const int SRTP_AES128_CM_HMAC_SHA1_32 = 0x0002; + public const int SRTP_NULL_HMAC_SHA1_80 = 0x0005; + public const int SRTP_NULL_HMAC_SHA1_32 = 0x0006; + + /* + * RFC 7714 14.2. + */ + public const int SRTP_AEAD_AES_128_GCM = 0x0007; + public const int SRTP_AEAD_AES_256_GCM = 0x0008; + } +} diff --git a/BouncyCastle/crypto/src/tls/Ssl3Utilities.cs b/BouncyCastle/crypto/src/tls/Ssl3Utilities.cs new file mode 100644 index 0000000..594bdef --- /dev/null +++ b/BouncyCastle/crypto/src/tls/Ssl3Utilities.cs @@ -0,0 +1,69 @@ +using System; +using System.IO; + +using Org.BouncyCastle.Tls.Crypto; +using Org.BouncyCastle.Utilities; +using Org.BouncyCastle.Utilities.IO; + +namespace Org.BouncyCastle.Tls +{ + internal abstract class Ssl3Utilities + { + private static readonly byte[] SSL_CLIENT = {0x43, 0x4C, 0x4E, 0x54}; + private static readonly byte[] SSL_SERVER = {0x53, 0x52, 0x56, 0x52}; + + private const byte IPAD_BYTE = (byte)0x36; + private const byte OPAD_BYTE = (byte)0x5C; + + private static readonly byte[] IPAD = GenPad(IPAD_BYTE, 48); + private static readonly byte[] OPAD = GenPad(OPAD_BYTE, 48); + + internal static byte[] CalculateVerifyData(TlsHandshakeHash handshakeHash, bool isServer) + { + TlsHash prf = handshakeHash.ForkPrfHash(); + byte[] sslSender = isServer ? SSL_SERVER : SSL_CLIENT; + prf.Update(sslSender, 0, sslSender.Length); + return prf.CalculateHash(); + } + + internal static void CompleteCombinedHash(TlsContext context, TlsHash md5, TlsHash sha1) + { + TlsSecret masterSecret = context.SecurityParameters.MasterSecret; + byte[] master_secret = context.Crypto.AdoptSecret(masterSecret).Extract(); + + CompleteHash(master_secret, md5, 48); + CompleteHash(master_secret, sha1, 40); + } + + private static void CompleteHash(byte[] master_secret, TlsHash hash, int padLength) + { + hash.Update(master_secret, 0, master_secret.Length); + hash.Update(IPAD, 0, padLength); + + byte[] tmp = hash.CalculateHash(); + + hash.Update(master_secret, 0, master_secret.Length); + hash.Update(OPAD, 0, padLength); + hash.Update(tmp, 0, tmp.Length); + } + + private static byte[] GenPad(byte b, int count) + { + byte[] padding = new byte[count]; + Arrays.Fill(padding, b); + return padding; + } + + /// + internal static byte[] ReadEncryptedPms(Stream input) + { + return Streams.ReadAll(input); + } + + /// + internal static void WriteEncryptedPms(byte[] encryptedPms, Stream output) + { + output.Write(encryptedPms, 0, encryptedPms.Length); + } + } +} diff --git a/BouncyCastle/crypto/src/tls/SupplementalDataEntry.cs b/BouncyCastle/crypto/src/tls/SupplementalDataEntry.cs new file mode 100644 index 0000000..baf4289 --- /dev/null +++ b/BouncyCastle/crypto/src/tls/SupplementalDataEntry.cs @@ -0,0 +1,26 @@ +using System; + +namespace Org.BouncyCastle.Tls +{ + public sealed class SupplementalDataEntry + { + private readonly int m_dataType; + private readonly byte[] m_data; + + public SupplementalDataEntry(int dataType, byte[] data) + { + this.m_dataType = dataType; + this.m_data = data; + } + + public int DataType + { + get { return m_dataType; } + } + + public byte[] Data + { + get { return m_data; } + } + } +} diff --git a/BouncyCastle/crypto/src/tls/SupplementalDataType.cs b/BouncyCastle/crypto/src/tls/SupplementalDataType.cs new file mode 100644 index 0000000..d1eebfd --- /dev/null +++ b/BouncyCastle/crypto/src/tls/SupplementalDataType.cs @@ -0,0 +1,13 @@ +using System; + +namespace Org.BouncyCastle.Tls +{ + /// RFC 4680 + public abstract class SupplementalDataType + { + /* + * RFC 4681 + */ + public const int user_mapping_data = 0; + } +} diff --git a/BouncyCastle/crypto/src/tls/Timeout.cs b/BouncyCastle/crypto/src/tls/Timeout.cs new file mode 100644 index 0000000..e47fc5d --- /dev/null +++ b/BouncyCastle/crypto/src/tls/Timeout.cs @@ -0,0 +1,119 @@ +using System; + +using Org.BouncyCastle.Utilities.Date; + +namespace Org.BouncyCastle.Tls +{ + internal class Timeout + { + private long durationMillis; + private long startMillis; + + internal Timeout(long durationMillis) + : this(durationMillis, DateTimeUtilities.CurrentUnixMs()) + { + } + + internal Timeout(long durationMillis, long currentTimeMillis) + { + this.durationMillis = System.Math.Max(0, durationMillis); + this.startMillis = System.Math.Max(0, currentTimeMillis); + } + + //internal long RemainingMillis() + //{ + // return RemainingMillis(DateTimeUtilities.CurrentUnixMs()); + //} + + internal long RemainingMillis(long currentTimeMillis) + { + lock (this) + { + // If clock jumped backwards, reset start time + if (startMillis > currentTimeMillis) + { + startMillis = currentTimeMillis; + return durationMillis; + } + + long elapsed = currentTimeMillis - startMillis; + long remaining = durationMillis - elapsed; + + // Once timeout reached, lock it in + if (remaining <= 0) + return durationMillis = 0L; + + return remaining; + } + } + + //internal static int ConstrainWaitMillis(int waitMillis, Timeout timeout) + //{ + // return constrainWaitMillis(waitMillis, timeout, DateTimeUtilities.CurrentUnixMs()); + //} + + internal static int ConstrainWaitMillis(int waitMillis, Timeout timeout, long currentTimeMillis) + { + if (waitMillis < 0) + return -1; + + int timeoutMillis = GetWaitMillis(timeout, currentTimeMillis); + if (timeoutMillis < 0) + return -1; + + if (waitMillis == 0) + return timeoutMillis; + + if (timeoutMillis == 0) + return waitMillis; + + return System.Math.Min(waitMillis, timeoutMillis); + } + + internal static Timeout ForWaitMillis(int waitMillis) + { + return ForWaitMillis(waitMillis, DateTimeUtilities.CurrentUnixMs()); + } + + internal static Timeout ForWaitMillis(int waitMillis, long currentTimeMillis) + { + if (waitMillis < 0) + throw new ArgumentException("cannot be negative", "waitMillis"); + + if (waitMillis > 0) + return new Timeout(waitMillis, currentTimeMillis); + + return null; + } + + //internal static int GetWaitMillis(Timeout timeout) + //{ + // return GetWaitMillis(timeout, DateTimeUtilities.CurrentUnixMs()); + //} + + internal static int GetWaitMillis(Timeout timeout, long currentTimeMillis) + { + if (null == timeout) + return 0; + + long remainingMillis = timeout.RemainingMillis(currentTimeMillis); + if (remainingMillis < 1L) + return -1; + + if (remainingMillis > int.MaxValue) + return int.MaxValue; + + return (int)remainingMillis; + } + + internal static bool HasExpired(Timeout timeout) + { + return HasExpired(timeout, DateTimeUtilities.CurrentUnixMs()); + } + + internal static bool HasExpired(Timeout timeout, long currentTimeMillis) + { + return null != timeout && timeout.RemainingMillis(currentTimeMillis) < 1L; + } + } +} diff --git a/BouncyCastle/crypto/src/tls/TlsAuthentication.cs b/BouncyCastle/crypto/src/tls/TlsAuthentication.cs new file mode 100644 index 0000000..32228ed --- /dev/null +++ b/BouncyCastle/crypto/src/tls/TlsAuthentication.cs @@ -0,0 +1,29 @@ +using System; +using System.IO; + +namespace Org.BouncyCastle.Tls +{ + /// Base interface to provide TLS authentication credentials. + public interface TlsAuthentication + { + /// Called by the protocol handler to report the server certificate. + /// + /// Note: this method is responsible for certificate verification and validation. + /// + /// the server certificate received. + /// + void NotifyServerCertificate(TlsServerCertificate serverCertificate); + + /// Return client credentials in response to server's certificate request. + /// + /// The returned value may be null, or else it MUST implement exactly one of + /// , , or + /// , depending on the key exchange that was negotiated and the details of + /// the . + /// + /// details of the certificate request. + /// a object or null for no client authentication. + /// + TlsCredentials GetClientCredentials(CertificateRequest certificateRequest); + } +} diff --git a/BouncyCastle/crypto/src/tls/TlsClient.cs b/BouncyCastle/crypto/src/tls/TlsClient.cs new file mode 100644 index 0000000..66bb3bc --- /dev/null +++ b/BouncyCastle/crypto/src/tls/TlsClient.cs @@ -0,0 +1,110 @@ +using System; +using System.Collections; +using System.IO; + +namespace Org.BouncyCastle.Tls +{ + public interface TlsClient + : TlsPeer + { + void Init(TlsClientContext context); + + /// Return the session this client wants to resume, if any. + /// + /// Note that the peer's certificate chain for the session (if any) may need to be periodically revalidated. + /// + /// A representing the resumable session to be used for this connection, or + /// null to use a new session. + /// + TlsSession GetSessionToResume(); + + /// Return the external PSKs to offer in the ClientHello. + /// This will only be called when TLS 1.3 or higher is amongst the offered protocol versions. + /// an of instances, or null if none should be + /// offered. + IList GetExternalPsks(); + + bool IsFallback(); + + /// (Int32 -> byte[]) + /// + IDictionary GetClientExtensions(); + + /// If this client is offering TLS 1.3 or higher, this method may be called to determine for which + /// groups a key share should be included in the initial ClientHello. + /// + /// Groups that were not included in the supported_groups extension (by will + /// be ignored. The protocol will then add a suitable key_share extension to the ClientHello extensions. + /// + /// an of named group values, possibly empty or null. + /// + IList GetEarlyKeyShareGroups(); + + /// + void NotifyServerVersion(ProtocolVersion selectedVersion); + + /// Notifies the client of the session that will be offered in ClientHello for resumption, if any. + /// + /// + /// This will be either the session returned from {@link #getSessionToResume()} or null if that session was + /// unusable. NOTE: the actual negotiated session_id is notified by . + /// + /// The representing the resumable session to be offered for + /// this connection, or null if there is none. + /// + void NotifySessionToResume(TlsSession session); + + /// Notifies the client of the session_id sent in the ServerHello. + /// + /// + void NotifySessionID(byte[] sessionID); + + void NotifySelectedCipherSuite(int selectedCipherSuite); + + /// + void NotifySelectedPsk(TlsPsk selectedPsk); + + /// The protocol implementation validates that any server extensions received correspond to client + /// extensions sent. + /// + /// If further processing of the server extensions is needed, it can be done in this callback. NOTE: This is + /// not called for session resumption handshakes. + /// + /// (Int32 -> byte[]) + /// + void ProcessServerExtensions(IDictionary serverExtensions); + + /// (SupplementalDataEntry) + /// + void ProcessServerSupplementalData(IList serverSupplementalData); + + /// + TlsPskIdentity GetPskIdentity(); + + /// + TlsSrpIdentity GetSrpIdentity(); + + /// + TlsDHGroupVerifier GetDHGroupVerifier(); + + /// + TlsSrpConfigVerifier GetSrpConfigVerifier(); + + /// + TlsAuthentication GetAuthentication(); + + /// (SupplementalDataEntry) + /// + IList GetClientSupplementalData(); + + /// RFC 5077 3.3. NewSessionTicket Handshake Message + /// + /// This method will be called (only) when a NewSessionTicket handshake message is received. The ticket is + /// opaque to the client and clients MUST NOT examine the ticket under the assumption that it complies with e.g. + /// RFC 5077 4. "Recommended Ticket Construction". + /// + /// The ticket. + /// + void NotifyNewSessionTicket(NewSessionTicket newSessionTicket); + } +} diff --git a/BouncyCastle/crypto/src/tls/TlsClientContext.cs b/BouncyCastle/crypto/src/tls/TlsClientContext.cs new file mode 100644 index 0000000..f1ed06e --- /dev/null +++ b/BouncyCastle/crypto/src/tls/TlsClientContext.cs @@ -0,0 +1,10 @@ +using System; + +namespace Org.BouncyCastle.Tls +{ + /// Marker interface to distinguish a TLS client context. + public interface TlsClientContext + : TlsContext + { + } +} diff --git a/BouncyCastle/crypto/src/tls/TlsClientContextImpl.cs b/BouncyCastle/crypto/src/tls/TlsClientContextImpl.cs new file mode 100644 index 0000000..3ce4ab8 --- /dev/null +++ b/BouncyCastle/crypto/src/tls/TlsClientContextImpl.cs @@ -0,0 +1,20 @@ +using System; + +using Org.BouncyCastle.Tls.Crypto; + +namespace Org.BouncyCastle.Tls +{ + internal class TlsClientContextImpl + : AbstractTlsContext, TlsClientContext + { + internal TlsClientContextImpl(TlsCrypto crypto) + : base(crypto, ConnectionEnd.client) + { + } + + public override bool IsServer + { + get { return false; } + } + } +} diff --git a/BouncyCastle/crypto/src/tls/TlsClientProtocol.cs b/BouncyCastle/crypto/src/tls/TlsClientProtocol.cs new file mode 100644 index 0000000..cb59289 --- /dev/null +++ b/BouncyCastle/crypto/src/tls/TlsClientProtocol.cs @@ -0,0 +1,1798 @@ +using System; +using System.Collections; +using System.IO; + +using Org.BouncyCastle.Tls.Crypto; +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Tls +{ + public class TlsClientProtocol + : TlsProtocol + { + protected TlsClient m_tlsClient = null; + internal TlsClientContextImpl m_tlsClientContext = null; + + protected IDictionary m_clientAgreements = null; + internal OfferedPsks.BindersConfig m_clientBinders = null; + protected ClientHello m_clientHello = null; + protected TlsKeyExchange m_keyExchange = null; + protected TlsAuthentication m_authentication = null; + + protected CertificateStatus m_certificateStatus = null; + protected CertificateRequest m_certificateRequest = null; + + /// Constructor for non-blocking mode. + /// + /// When data is received, use to provide the received ciphertext, + /// then use to read the corresponding cleartext.

    + /// Similarly, when data needs to be sent, use + /// to provide the cleartext, then use to get the + /// corresponding ciphertext. + ///     + public TlsClientProtocol() + : base() + { + } + + /// Constructor for blocking mode. + /// The of data to/from the server. + public TlsClientProtocol(Stream stream) + : base(stream) + { + } + + /// Constructor for blocking mode. + /// The of data from the server. + /// The of data to the server. + public TlsClientProtocol(Stream input, Stream output) + : base(input, output) + { + } + + /// Initiates a TLS handshake in the role of client. + /// + /// In blocking mode, this will not return until the handshake is complete. In non-blocking mode, use + /// to receive a callback when the handshake is complete. + /// + /// The to use for the handshake. + /// If in blocking mode and handshake was not successful. + public virtual void Connect(TlsClient tlsClient) + { + if (tlsClient == null) + throw new ArgumentNullException("tlsClient"); + if (m_tlsClient != null) + throw new InvalidOperationException("'Connect' can only be called once"); + + this.m_tlsClient = tlsClient; + this.m_tlsClientContext = new TlsClientContextImpl(tlsClient.Crypto); + + tlsClient.Init(m_tlsClientContext); + tlsClient.NotifyCloseHandle(this); + + BeginHandshake(); + + if (m_blocking) + { + BlockForHandshake(); + } + } + + protected override void BeginHandshake() + { + base.BeginHandshake(); + + SendClientHello(); + this.m_connectionState = CS_CLIENT_HELLO; + } + + protected override void CleanupHandshake() + { + base.CleanupHandshake(); + + this.m_clientAgreements = null; + this.m_clientBinders = null; + this.m_clientHello = null; + this.m_keyExchange = null; + this.m_authentication = null; + + this.m_certificateStatus = null; + this.m_certificateRequest = null; + } + + protected override TlsContext Context + { + get { return m_tlsClientContext; } + } + + internal override AbstractTlsContext ContextAdmin + { + get { return m_tlsClientContext; } + } + + protected override TlsPeer Peer + { + get { return m_tlsClient; } + } + + /// + protected virtual void Handle13HandshakeMessage(short type, HandshakeMessageInput buf) + { + if (!IsTlsV13ConnectionState() || m_resumedSession) + throw new TlsFatalAlert(AlertDescription.internal_error); + + switch (type) + { + case HandshakeType.certificate: + { + switch (m_connectionState) + { + case CS_SERVER_ENCRYPTED_EXTENSIONS: + case CS_SERVER_CERTIFICATE_REQUEST: + { + if (m_connectionState != CS_SERVER_CERTIFICATE_REQUEST) + { + Skip13CertificateRequest(); + } + + Receive13ServerCertificate(buf); + this.m_connectionState = CS_SERVER_CERTIFICATE; + break; + } + default: + throw new TlsFatalAlert(AlertDescription.unexpected_message); + } + break; + } + case HandshakeType.certificate_request: + { + switch (m_connectionState) + { + case CS_END: + { + // TODO[tls13] Permit post-handshake authentication if we sent post_handshake_auth extension + throw new TlsFatalAlert(AlertDescription.unexpected_message); + } + case CS_SERVER_ENCRYPTED_EXTENSIONS: + { + Receive13CertificateRequest(buf, false); + this.m_connectionState = CS_SERVER_CERTIFICATE_REQUEST; + break; + } + default: + throw new TlsFatalAlert(AlertDescription.unexpected_message); + } + break; + } + case HandshakeType.certificate_verify: + { + switch (m_connectionState) + { + case CS_SERVER_CERTIFICATE: + { + Receive13ServerCertificateVerify(buf); + buf.UpdateHash(m_handshakeHash); + this.m_connectionState = CS_SERVER_CERTIFICATE_VERIFY; + break; + } + default: + throw new TlsFatalAlert(AlertDescription.unexpected_message); + } + break; + } + case HandshakeType.encrypted_extensions: + { + switch (m_connectionState) + { + case CS_SERVER_HELLO: + { + Receive13EncryptedExtensions(buf); + this.m_connectionState = CS_SERVER_ENCRYPTED_EXTENSIONS; + break; + } + default: + throw new TlsFatalAlert(AlertDescription.unexpected_message); + } + break; + } + case HandshakeType.finished: + { + switch (m_connectionState) + { + case CS_SERVER_ENCRYPTED_EXTENSIONS: + case CS_SERVER_CERTIFICATE_REQUEST: + case CS_SERVER_CERTIFICATE_VERIFY: + { + if (m_connectionState == CS_SERVER_ENCRYPTED_EXTENSIONS) + { + Skip13CertificateRequest(); + } + if (m_connectionState != CS_SERVER_CERTIFICATE_VERIFY) + { + Skip13ServerCertificate(); + } + + Receive13ServerFinished(buf); + buf.UpdateHash(m_handshakeHash); + this.m_connectionState = CS_SERVER_FINISHED; + + byte[] serverFinishedTranscriptHash = TlsUtilities.GetCurrentPrfHash(m_handshakeHash); + + // See RFC 8446 D.4. + m_recordStream.SetIgnoreChangeCipherSpec(false); + + /* + * TODO[tls13] After receiving the server's Finished message, if the server has accepted early + * data, an EndOfEarlyData message will be sent to indicate the key change. This message will + * be encrypted with the 0-RTT traffic keys. + */ + + if (null != m_certificateRequest) + { + TlsCredentialedSigner clientCredentials = TlsUtilities.Establish13ClientCredentials( + m_authentication, m_certificateRequest); + + Certificate clientCertificate = null; + if (null != clientCredentials) + { + clientCertificate = clientCredentials.Certificate; + } + + if (null == clientCertificate) + { + // In this calling context, certificate_request_context is length 0 + clientCertificate = Certificate.EmptyChainTls13; + } + + Send13CertificateMessage(clientCertificate); + this.m_connectionState = CS_CLIENT_CERTIFICATE; + + if (null != clientCredentials) + { + DigitallySigned certificateVerify = TlsUtilities.Generate13CertificateVerify( + m_tlsClientContext, clientCredentials, m_handshakeHash); + Send13CertificateVerifyMessage(certificateVerify); + this.m_connectionState = CS_CLIENT_CERTIFICATE_VERIFY; + } + } + + Send13FinishedMessage(); + this.m_connectionState = CS_CLIENT_FINISHED; + + TlsUtilities.Establish13PhaseApplication(m_tlsClientContext, serverFinishedTranscriptHash, + m_recordStream); + + m_recordStream.EnablePendingCipherWrite(); + m_recordStream.EnablePendingCipherRead(false); + + CompleteHandshake(); + break; + } + default: + throw new TlsFatalAlert(AlertDescription.unexpected_message); + } + break; + } + case HandshakeType.key_update: + { + Receive13KeyUpdate(buf); + break; + } + case HandshakeType.new_session_ticket: + { + Receive13NewSessionTicket(buf); + break; + } + case HandshakeType.server_hello: + { + switch (m_connectionState) + { + case CS_CLIENT_HELLO: + { + // NOTE: Legacy handler should be dispatching initial ServerHello/HelloRetryRequest. + throw new TlsFatalAlert(AlertDescription.internal_error); + } + case CS_CLIENT_HELLO_RETRY: + { + ServerHello serverHello = ReceiveServerHelloMessage(buf); + if (serverHello.IsHelloRetryRequest()) + throw new TlsFatalAlert(AlertDescription.unexpected_message); + + Process13ServerHello(serverHello, true); + buf.UpdateHash(m_handshakeHash); + this.m_connectionState = CS_SERVER_HELLO; + + Process13ServerHelloCoda(serverHello, true); + break; + } + default: + throw new TlsFatalAlert(AlertDescription.unexpected_message); + } + break; + } + + case HandshakeType.certificate_status: + case HandshakeType.certificate_url: + case HandshakeType.client_hello: + case HandshakeType.client_key_exchange: + case HandshakeType.compressed_certificate: + case HandshakeType.end_of_early_data: + case HandshakeType.hello_request: + case HandshakeType.hello_verify_request: + case HandshakeType.message_hash: + case HandshakeType.server_hello_done: + case HandshakeType.server_key_exchange: + case HandshakeType.supplemental_data: + default: + throw new TlsFatalAlert(AlertDescription.unexpected_message); + } + } + + protected override void HandleHandshakeMessage(short type, HandshakeMessageInput buf) + { + SecurityParameters securityParameters = m_tlsClientContext.SecurityParameters; + + if (m_connectionState > CS_CLIENT_HELLO + && TlsUtilities.IsTlsV13(securityParameters.NegotiatedVersion)) + { + Handle13HandshakeMessage(type, buf); + return; + } + + if (!IsLegacyConnectionState()) + throw new TlsFatalAlert(AlertDescription.internal_error); + + if (m_resumedSession) + { + if (type != HandshakeType.finished || m_connectionState != CS_SERVER_HELLO) + throw new TlsFatalAlert(AlertDescription.unexpected_message); + + ProcessFinishedMessage(buf); + buf.UpdateHash(m_handshakeHash); + this.m_connectionState = CS_SERVER_FINISHED; + + SendChangeCipherSpec(); + SendFinishedMessage(); + this.m_connectionState = CS_CLIENT_FINISHED; + + CompleteHandshake(); + return; + } + + switch (type) + { + case HandshakeType.certificate: + { + switch (m_connectionState) + { + case CS_SERVER_HELLO: + case CS_SERVER_SUPPLEMENTAL_DATA: + { + if (m_connectionState != CS_SERVER_SUPPLEMENTAL_DATA) + { + HandleSupplementalData(null); + } + + /* + * NOTE: Certificate processing (including authentication) is delayed to allow for a + * possible CertificateStatus message. + */ + this.m_authentication = TlsUtilities.ReceiveServerCertificate(m_tlsClientContext, m_tlsClient, + buf); + break; + } + default: + throw new TlsFatalAlert(AlertDescription.unexpected_message); + } + + this.m_connectionState = CS_SERVER_CERTIFICATE; + break; + } + case HandshakeType.certificate_status: + { + switch (m_connectionState) + { + case CS_SERVER_CERTIFICATE: + { + if (securityParameters.StatusRequestVersion < 1) + throw new TlsFatalAlert(AlertDescription.unexpected_message); + + this.m_certificateStatus = CertificateStatus.Parse(m_tlsClientContext, buf); + + AssertEmpty(buf); + + this.m_connectionState = CS_SERVER_CERTIFICATE_STATUS; + break; + } + default: + throw new TlsFatalAlert(AlertDescription.unexpected_message); + } + break; + } + case HandshakeType.finished: + { + switch (m_connectionState) + { + case CS_CLIENT_FINISHED: + case CS_SERVER_SESSION_TICKET: + { + if (m_connectionState != CS_SERVER_SESSION_TICKET) + { + /* + * RFC 5077 3.3. This message MUST be sent if the server included a + * SessionTicket extension in the ServerHello. + */ + if (m_expectSessionTicket) + throw new TlsFatalAlert(AlertDescription.unexpected_message); + } + + ProcessFinishedMessage(buf); + this.m_connectionState = CS_SERVER_FINISHED; + + CompleteHandshake(); + break; + } + default: + throw new TlsFatalAlert(AlertDescription.unexpected_message); + } + break; + } + case HandshakeType.server_hello: + { + switch (m_connectionState) + { + case CS_CLIENT_HELLO: + { + ServerHello serverHello = ReceiveServerHelloMessage(buf); + + // TODO[tls13] Only treat as HRR if it's TLS 1.3?? + if (serverHello.IsHelloRetryRequest()) + { + Process13HelloRetryRequest(serverHello); + m_handshakeHash.NotifyPrfDetermined(); + TlsUtilities.AdjustTranscriptForRetry(m_handshakeHash); + buf.UpdateHash(m_handshakeHash); + this.m_connectionState = CS_SERVER_HELLO_RETRY_REQUEST; + + Send13ClientHelloRetry(); + m_handshakeHash.SealHashAlgorithms(); + this.m_connectionState = CS_CLIENT_HELLO_RETRY; + } + else + { + ProcessServerHello(serverHello); + m_handshakeHash.NotifyPrfDetermined(); + buf.UpdateHash(m_handshakeHash); + this.m_connectionState = CS_SERVER_HELLO; + + if (TlsUtilities.IsTlsV13(securityParameters.NegotiatedVersion)) + { + m_handshakeHash.SealHashAlgorithms(); + Process13ServerHelloCoda(serverHello, false); + } + } + + break; + } + default: + throw new TlsFatalAlert(AlertDescription.unexpected_message); + } + break; + } + case HandshakeType.supplemental_data: + { + switch (m_connectionState) + { + case CS_SERVER_HELLO: + { + HandleSupplementalData(ReadSupplementalDataMessage(buf)); + break; + } + default: + throw new TlsFatalAlert(AlertDescription.unexpected_message); + } + break; + } + case HandshakeType.server_hello_done: + { + switch (m_connectionState) + { + case CS_SERVER_HELLO: + case CS_SERVER_SUPPLEMENTAL_DATA: + case CS_SERVER_CERTIFICATE: + case CS_SERVER_CERTIFICATE_STATUS: + case CS_SERVER_KEY_EXCHANGE: + case CS_SERVER_CERTIFICATE_REQUEST: + { + if (m_connectionState == CS_SERVER_HELLO) + { + HandleSupplementalData(null); + } + if (m_connectionState == CS_SERVER_HELLO || + m_connectionState == CS_SERVER_SUPPLEMENTAL_DATA) + { + this.m_authentication = null; + } + if (m_connectionState != CS_SERVER_KEY_EXCHANGE && + m_connectionState != CS_SERVER_CERTIFICATE_REQUEST) + { + HandleServerCertificate(); + + // There was no server key exchange message; check it's OK + m_keyExchange.SkipServerKeyExchange(); + } + + AssertEmpty(buf); + + this.m_connectionState = CS_SERVER_HELLO_DONE; + + IList clientSupplementalData = m_tlsClient.GetClientSupplementalData(); + if (clientSupplementalData != null) + { + SendSupplementalDataMessage(clientSupplementalData); + this.m_connectionState = CS_CLIENT_SUPPLEMENTAL_DATA; + } + + TlsCredentialedSigner credentialedSigner = null; + TlsStreamSigner streamSigner = null; + + if (m_certificateRequest == null) + { + m_keyExchange.SkipClientCredentials(); + } + else + { + Certificate clientCertificate = null; + + TlsCredentials clientCredentials = TlsUtilities.EstablishClientCredentials(m_authentication, + m_certificateRequest); + if (null == clientCredentials) + { + m_keyExchange.SkipClientCredentials(); + + /* + * RFC 5246 If no suitable certificate is available, the client MUST send a + * certificate message containing no certificates. + * + * NOTE: In previous RFCs, this was SHOULD instead of MUST. + */ + } + else + { + m_keyExchange.ProcessClientCredentials(clientCredentials); + + clientCertificate = clientCredentials.Certificate; + + if (clientCredentials is TlsCredentialedSigner) + { + credentialedSigner = (TlsCredentialedSigner)clientCredentials; + streamSigner = credentialedSigner.GetStreamSigner(); + } + } + + SendCertificateMessage(clientCertificate, null); + this.m_connectionState = CS_CLIENT_CERTIFICATE; + } + + bool forceBuffering = streamSigner != null; + TlsUtilities.SealHandshakeHash(m_tlsClientContext, m_handshakeHash, forceBuffering); + + /* + * Send the client key exchange message, depending on the key exchange we are using + * in our CipherSuite. + */ + SendClientKeyExchange(); + this.m_connectionState = CS_CLIENT_KEY_EXCHANGE; + + bool isSsl = TlsUtilities.IsSsl(m_tlsClientContext); + if (isSsl) + { + // NOTE: For SSLv3 (only), master_secret needed to calculate session hash + EstablishMasterSecret(m_tlsClientContext, m_keyExchange); + } + + securityParameters.m_sessionHash = TlsUtilities.GetCurrentPrfHash(m_handshakeHash); + + if (!isSsl) + { + // NOTE: For (D)TLS, session hash potentially needed for extended_master_secret + EstablishMasterSecret(m_tlsClientContext, m_keyExchange); + } + + m_recordStream.SetPendingCipher(TlsUtilities.InitCipher(m_tlsClientContext)); + + if (credentialedSigner != null) + { + DigitallySigned certificateVerify = TlsUtilities.GenerateCertificateVerifyClient( + m_tlsClientContext, credentialedSigner, streamSigner, m_handshakeHash); + SendCertificateVerifyMessage(certificateVerify); + this.m_connectionState = CS_CLIENT_CERTIFICATE_VERIFY; + } + + m_handshakeHash.StopTracking(); + + SendChangeCipherSpec(); + SendFinishedMessage(); + break; + } + default: + throw new TlsFatalAlert(AlertDescription.unexpected_message); + } + + this.m_connectionState = CS_CLIENT_FINISHED; + break; + } + case HandshakeType.server_key_exchange: + { + switch (m_connectionState) + { + case CS_SERVER_HELLO: + case CS_SERVER_SUPPLEMENTAL_DATA: + case CS_SERVER_CERTIFICATE: + case CS_SERVER_CERTIFICATE_STATUS: + { + if (m_connectionState == CS_SERVER_HELLO) + { + HandleSupplementalData(null); + } + if (m_connectionState != CS_SERVER_CERTIFICATE && + m_connectionState != CS_SERVER_CERTIFICATE_STATUS) + { + this.m_authentication = null; + } + + HandleServerCertificate(); + + m_keyExchange.ProcessServerKeyExchange(buf); + + AssertEmpty(buf); + break; + } + default: + throw new TlsFatalAlert(AlertDescription.unexpected_message); + } + + this.m_connectionState = CS_SERVER_KEY_EXCHANGE; + break; + } + case HandshakeType.certificate_request: + { + switch (m_connectionState) + { + case CS_SERVER_CERTIFICATE: + case CS_SERVER_CERTIFICATE_STATUS: + case CS_SERVER_KEY_EXCHANGE: + { + if (m_connectionState != CS_SERVER_KEY_EXCHANGE) + { + HandleServerCertificate(); + + // There was no server key exchange message; check it's OK + m_keyExchange.SkipServerKeyExchange(); + } + + ReceiveCertificateRequest(buf); + + TlsUtilities.EstablishServerSigAlgs(securityParameters, m_certificateRequest); + + /* + * TODO Give the client a chance to immediately select the CertificateVerify hash + * algorithm here to avoid tracking the other hash algorithms unnecessarily? + */ + TlsUtilities.TrackHashAlgorithms(m_handshakeHash, securityParameters.ServerSigAlgs); + + break; + } + default: + throw new TlsFatalAlert(AlertDescription.unexpected_message); + } + + this.m_connectionState = CS_SERVER_CERTIFICATE_REQUEST; + break; + } + case HandshakeType.new_session_ticket: + { + switch (m_connectionState) + { + case CS_CLIENT_FINISHED: + { + if (!m_expectSessionTicket) + { + /* + * RFC 5077 3.3. This message MUST NOT be sent if the server did not include a + * SessionTicket extension in the ServerHello. + */ + throw new TlsFatalAlert(AlertDescription.unexpected_message); + } + + /* + * RFC 5077 3.4. If the client receives a session ticket from the server, then it + * discards any Session ID that was sent in the ServerHello. + */ + securityParameters.m_sessionID = TlsUtilities.EmptyBytes; + InvalidateSession(); + this.m_tlsSession = TlsUtilities.ImportSession(securityParameters.SessionID, null); + + ReceiveNewSessionTicket(buf); + break; + } + default: + throw new TlsFatalAlert(AlertDescription.unexpected_message); + } + + this.m_connectionState = CS_SERVER_SESSION_TICKET; + break; + } + case HandshakeType.hello_request: + { + AssertEmpty(buf); + + /* + * RFC 2246 7.4.1.1 Hello request This message will be ignored by the client if the + * client is currently negotiating a session. This message may be ignored by the client + * if it does not wish to renegotiate a session, or the client may, if it wishes, + * respond with a no_renegotiation alert. + */ + if (IsApplicationDataReady) + { + RefuseRenegotiation(); + } + break; + } + + case HandshakeType.certificate_url: + case HandshakeType.certificate_verify: + case HandshakeType.client_hello: + case HandshakeType.client_key_exchange: + case HandshakeType.compressed_certificate: + case HandshakeType.encrypted_extensions: + case HandshakeType.end_of_early_data: + case HandshakeType.hello_verify_request: + case HandshakeType.key_update: + case HandshakeType.message_hash: + default: + throw new TlsFatalAlert(AlertDescription.unexpected_message); + } + } + + /// + protected virtual void HandleServerCertificate() + { + TlsUtilities.ProcessServerCertificate(m_tlsClientContext, m_certificateStatus, m_keyExchange, + m_authentication, m_clientExtensions, m_serverExtensions); + } + + /// + protected virtual void HandleSupplementalData(IList serverSupplementalData) + { + m_tlsClient.ProcessServerSupplementalData(serverSupplementalData); + this.m_connectionState = CS_SERVER_SUPPLEMENTAL_DATA; + + this.m_keyExchange = TlsUtilities.InitKeyExchangeClient(m_tlsClientContext, m_tlsClient); + } + + /// + protected virtual void Process13HelloRetryRequest(ServerHello helloRetryRequest) + { + ProtocolVersion legacy_record_version = ProtocolVersion.TLSv12; + m_recordStream.SetWriteVersion(legacy_record_version); + + SecurityParameters securityParameters = m_tlsClientContext.SecurityParameters; + + /* + * RFC 8446 4.1.4. Upon receipt of a HelloRetryRequest, the client MUST check the + * legacy_version, legacy_session_id_echo, cipher_suite, and legacy_compression_method as + * specified in Section 4.1.3 and then process the extensions, starting with determining the + * version using "supported_versions". + */ + ProtocolVersion legacy_version = helloRetryRequest.Version; + byte[] legacy_session_id_echo = helloRetryRequest.SessionID; + int cipherSuite = helloRetryRequest.CipherSuite; + // NOTE: legacy_compression_method checked during ServerHello parsing + + if (!ProtocolVersion.TLSv12.Equals(legacy_version) || + !Arrays.AreEqual(m_clientHello.SessionID, legacy_session_id_echo) || + !TlsUtilities.IsValidCipherSuiteSelection(m_clientHello.CipherSuites, cipherSuite)) + { + throw new TlsFatalAlert(AlertDescription.illegal_parameter); + } + + IDictionary extensions = helloRetryRequest.Extensions; + if (null == extensions) + throw new TlsFatalAlert(AlertDescription.illegal_parameter); + + TlsUtilities.CheckExtensionData13(extensions, HandshakeType.hello_retry_request, + AlertDescription.illegal_parameter); + + { + /* + * RFC 8446 4.2. Implementations MUST NOT send extension responses if the remote + * endpoint did not send the corresponding extension requests, with the exception of the + * "cookie" extension in the HelloRetryRequest. Upon receiving such an extension, an + * endpoint MUST abort the handshake with an "unsupported_extension" alert. + */ + foreach (int extType in extensions.Keys) + { + if (ExtensionType.cookie == extType) + continue; + + if (null == TlsUtilities.GetExtensionData(m_clientExtensions, extType)) + throw new TlsFatalAlert(AlertDescription.unsupported_extension); + } + } + + ProtocolVersion server_version = TlsExtensionsUtilities.GetSupportedVersionsExtensionServer(extensions); + if (null == server_version) + throw new TlsFatalAlert(AlertDescription.missing_extension); + + if (!ProtocolVersion.TLSv13.IsEqualOrEarlierVersionOf(server_version) || + !ProtocolVersion.Contains(m_tlsClientContext.ClientSupportedVersions, server_version) || + !TlsUtilities.IsValidVersionForCipherSuite(cipherSuite, server_version)) + { + throw new TlsFatalAlert(AlertDescription.illegal_parameter); + } + + if (null != m_clientBinders) + { + if (!Arrays.Contains(m_clientBinders.m_pskKeyExchangeModes, PskKeyExchangeMode.psk_dhe_ke)) + { + this.m_clientBinders = null; + + m_tlsClient.NotifySelectedPsk(null); + } + } + + /* + * RFC 8446 4.2.8. Upon receipt of this [Key Share] extension in a HelloRetryRequest, the + * client MUST verify that (1) the selected_group field corresponds to a group which was + * provided in the "supported_groups" extension in the original ClientHello and (2) the + * selected_group field does not correspond to a group which was provided in the "key_share" + * extension in the original ClientHello. If either of these checks fails, then the client + * MUST abort the handshake with an "illegal_parameter" alert. + */ + int selected_group = TlsExtensionsUtilities.GetKeyShareHelloRetryRequest(extensions); + + if (!TlsUtilities.IsValidKeyShareSelection(server_version, securityParameters.ClientSupportedGroups, + m_clientAgreements, selected_group)) + { + throw new TlsFatalAlert(AlertDescription.illegal_parameter); + } + + byte[] cookie = TlsExtensionsUtilities.GetCookieExtension(extensions); + + + + securityParameters.m_negotiatedVersion = server_version; + TlsUtilities.NegotiatedVersionTlsClient(m_tlsClientContext, m_tlsClient); + + this.m_resumedSession = false; + securityParameters.m_sessionID = TlsUtilities.EmptyBytes; + m_tlsClient.NotifySessionID(TlsUtilities.EmptyBytes); + + TlsUtilities.NegotiatedCipherSuite(securityParameters, cipherSuite); + m_tlsClient.NotifySelectedCipherSuite(cipherSuite); + + this.m_clientAgreements = null; + this.m_retryCookie = cookie; + this.m_retryGroup = selected_group; + } + + /// + protected virtual void Process13ServerHello(ServerHello serverHello, bool afterHelloRetryRequest) + { + SecurityParameters securityParameters = m_tlsClientContext.SecurityParameters; + + ProtocolVersion legacy_version = serverHello.Version; + byte[] legacy_session_id_echo = serverHello.SessionID; + int cipherSuite = serverHello.CipherSuite; + // NOTE: legacy_compression_method checked during ServerHello parsing + + if (!ProtocolVersion.TLSv12.Equals(legacy_version) || + !Arrays.AreEqual(m_clientHello.SessionID, legacy_session_id_echo)) + { + throw new TlsFatalAlert(AlertDescription.illegal_parameter); + } + + IDictionary extensions = serverHello.Extensions; + if (null == extensions) + throw new TlsFatalAlert(AlertDescription.illegal_parameter); + + TlsUtilities.CheckExtensionData13(extensions, HandshakeType.server_hello, + AlertDescription.illegal_parameter); + + if (afterHelloRetryRequest) + { + ProtocolVersion server_version = TlsExtensionsUtilities.GetSupportedVersionsExtensionServer(extensions); + if (null == server_version) + throw new TlsFatalAlert(AlertDescription.missing_extension); + + if (!securityParameters.NegotiatedVersion.Equals(server_version) || + securityParameters.CipherSuite != cipherSuite) + { + throw new TlsFatalAlert(AlertDescription.illegal_parameter); + } + } + else + { + if (!TlsUtilities.IsValidCipherSuiteSelection(m_clientHello.CipherSuites, cipherSuite) || + !TlsUtilities.IsValidVersionForCipherSuite(cipherSuite, securityParameters.NegotiatedVersion)) + { + throw new TlsFatalAlert(AlertDescription.illegal_parameter); + } + + this.m_resumedSession = false; + securityParameters.m_sessionID = TlsUtilities.EmptyBytes; + m_tlsClient.NotifySessionID(TlsUtilities.EmptyBytes); + + TlsUtilities.NegotiatedCipherSuite(securityParameters, cipherSuite); + m_tlsClient.NotifySelectedCipherSuite(cipherSuite); + } + + this.m_clientHello = null; + + // NOTE: Apparently downgrade marker mechanism not used for TLS 1.3+? + securityParameters.m_serverRandom = serverHello.Random; + + securityParameters.m_secureRenegotiation = false; + + /* + * RFC 8446 Appendix D. Because TLS 1.3 always hashes in the transcript up to the server + * Finished, implementations which support both TLS 1.3 and earlier versions SHOULD indicate + * the use of the Extended Master Secret extension in their APIs whenever TLS 1.3 is used. + */ + securityParameters.m_extendedMasterSecret = true; + + /* + * TODO[tls13] RFC 8446 4.4.2.1. OCSP Status and SCT Extensions. + * + * OCSP information is carried in an extension for a CertificateEntry. + */ + securityParameters.m_statusRequestVersion = m_clientExtensions.Contains(ExtensionType.status_request) ? 1 : 0; + + TlsSecret pskEarlySecret = null; + { + int selected_identity = TlsExtensionsUtilities.GetPreSharedKeyServerHello(extensions); + TlsPsk selectedPsk = null; + + if (selected_identity >= 0) + { + if (null == m_clientBinders || selected_identity >= m_clientBinders.m_psks.Length) + throw new TlsFatalAlert(AlertDescription.illegal_parameter); + + selectedPsk = m_clientBinders.m_psks[selected_identity]; + if (selectedPsk.PrfAlgorithm != securityParameters.PrfAlgorithm) + throw new TlsFatalAlert(AlertDescription.illegal_parameter); + + pskEarlySecret = m_clientBinders.m_earlySecrets[selected_identity]; + + this.m_selectedPsk13 = true; + } + + m_tlsClient.NotifySelectedPsk(selectedPsk); + } + + TlsSecret sharedSecret = null; + { + KeyShareEntry keyShareEntry = TlsExtensionsUtilities.GetKeyShareServerHello(extensions); + if (null == keyShareEntry) + { + if (afterHelloRetryRequest + || null == pskEarlySecret + || !Arrays.Contains(m_clientBinders.m_pskKeyExchangeModes, PskKeyExchangeMode.psk_ke)) + { + throw new TlsFatalAlert(AlertDescription.illegal_parameter); + } + } + else + { + if (null != pskEarlySecret + && !Arrays.Contains(m_clientBinders.m_pskKeyExchangeModes, PskKeyExchangeMode.psk_dhe_ke)) + { + throw new TlsFatalAlert(AlertDescription.illegal_parameter); + } + + TlsAgreement agreement = (TlsAgreement)m_clientAgreements[keyShareEntry.NamedGroup]; + if (null == agreement) + throw new TlsFatalAlert(AlertDescription.illegal_parameter); + + agreement.ReceivePeerValue(keyShareEntry.KeyExchange); + sharedSecret = agreement.CalculateSecret(); + } + } + + this.m_clientAgreements = null; + this.m_clientBinders = null; + + TlsUtilities.Establish13PhaseSecrets(m_tlsClientContext, pskEarlySecret, sharedSecret); + + InvalidateSession(); + this.m_tlsSession = TlsUtilities.ImportSession(securityParameters.SessionID, null); + } + + /// + protected virtual void Process13ServerHelloCoda(ServerHello serverHello, bool afterHelloRetryRequest) + { + byte[] serverHelloTranscriptHash = TlsUtilities.GetCurrentPrfHash(m_handshakeHash); + + TlsUtilities.Establish13PhaseHandshake(m_tlsClientContext, serverHelloTranscriptHash, m_recordStream); + + // See RFC 8446 D.4. + if (!afterHelloRetryRequest) + { + m_recordStream.SetIgnoreChangeCipherSpec(true); + + /* + * TODO[tls13] If offering early_data, the record is placed immediately after the first + * ClientHello. + */ + /* + * TODO[tls13] Ideally wait until just after Server Finished received, but then we'd need to defer + * the enabling of the pending write cipher + */ + SendChangeCipherSpecMessage(); + } + + m_recordStream.EnablePendingCipherWrite(); + m_recordStream.EnablePendingCipherRead(false); + } + + /// + protected virtual void ProcessServerHello(ServerHello serverHello) + { + IDictionary serverHelloExtensions = serverHello.Extensions; + + ProtocolVersion legacy_version = serverHello.Version; + ProtocolVersion supported_version = TlsExtensionsUtilities.GetSupportedVersionsExtensionServer( + serverHelloExtensions); + + ProtocolVersion server_version; + if (null == supported_version) + { + server_version = legacy_version; + } + else + { + if (!ProtocolVersion.TLSv12.Equals(legacy_version) || + !ProtocolVersion.TLSv13.IsEqualOrEarlierVersionOf(supported_version)) + { + throw new TlsFatalAlert(AlertDescription.illegal_parameter); + } + + server_version = supported_version; + } + + SecurityParameters securityParameters = m_tlsClientContext.SecurityParameters; + + // NOT renegotiating + { + if (!ProtocolVersion.Contains(m_tlsClientContext.ClientSupportedVersions, server_version)) + throw new TlsFatalAlert(AlertDescription.protocol_version); + + ProtocolVersion legacy_record_version = server_version.IsLaterVersionOf(ProtocolVersion.TLSv12) + ? ProtocolVersion.TLSv12 + : server_version; + + m_recordStream.SetWriteVersion(legacy_record_version); + securityParameters.m_negotiatedVersion = server_version; + } + + TlsUtilities.NegotiatedVersionTlsClient(m_tlsClientContext, m_tlsClient); + + if (ProtocolVersion.TLSv13.IsEqualOrEarlierVersionOf(server_version)) + { + Process13ServerHello(serverHello, false); + return; + } + + int[] offeredCipherSuites = m_clientHello.CipherSuites; + + this.m_clientHello = null; + this.m_retryCookie = null; + this.m_retryGroup = -1; + + securityParameters.m_serverRandom = serverHello.Random; + + if (!m_tlsClientContext.ClientVersion.Equals(server_version)) + { + TlsUtilities.CheckDowngradeMarker(server_version, securityParameters.ServerRandom); + } + + { + byte[] selectedSessionID = serverHello.SessionID; + securityParameters.m_sessionID = selectedSessionID; + m_tlsClient.NotifySessionID(selectedSessionID); + this.m_resumedSession = selectedSessionID.Length > 0 && m_tlsSession != null + && Arrays.AreEqual(selectedSessionID, m_tlsSession.SessionID); + } + + /* + * Find out which CipherSuite the server has chosen and check that it was one of the offered + * ones, and is a valid selection for the negotiated version. + */ + { + int cipherSuite = serverHello.CipherSuite; + + if (!TlsUtilities.IsValidCipherSuiteSelection(offeredCipherSuites, cipherSuite) || + !TlsUtilities.IsValidVersionForCipherSuite(cipherSuite, securityParameters.NegotiatedVersion)) + { + throw new TlsFatalAlert(AlertDescription.illegal_parameter); + } + + TlsUtilities.NegotiatedCipherSuite(securityParameters, cipherSuite); + m_tlsClient.NotifySelectedCipherSuite(cipherSuite); + } + + /* + * RFC 3546 2.2 Note that the extended server hello message is only sent in response to an + * extended client hello message. + * + * However, see RFC 5746 exception below. We always include the SCSV, so an Extended Server + * Hello is always allowed. + */ + this.m_serverExtensions = serverHelloExtensions; + if (m_serverExtensions != null) + { + foreach (int extType in m_serverExtensions.Keys) + { + /* + * RFC 5746 3.6. Note that sending a "renegotiation_info" extension in response to a + * ClientHello containing only the SCSV is an explicit exception to the prohibition + * in RFC 5246, Section 7.4.1.4, on the server sending unsolicited extensions and is + * only allowed because the client is signaling its willingness to receive the + * extension via the TLS_EMPTY_RENEGOTIATION_INFO_SCSV SCSV. + */ + if (ExtensionType.renegotiation_info == extType) + continue; + + /* + * RFC 5246 7.4.1.4 An extension type MUST NOT appear in the ServerHello unless the + * same extension type appeared in the corresponding ClientHello. If a client + * receives an extension type in ServerHello that it did not request in the + * associated ClientHello, it MUST abort the handshake with an unsupported_extension + * fatal alert. + */ + if (null == TlsUtilities.GetExtensionData(m_clientExtensions, extType)) + throw new TlsFatalAlert(AlertDescription.unsupported_extension); + + /* + * RFC 3546 2.3. If [...] the older session is resumed, then the server MUST ignore + * extensions appearing in the client hello, and send a server hello containing no + * extensions[.] + */ + if (m_resumedSession) + { + // TODO[compat-gnutls] GnuTLS test server sends server extensions e.g. ec_point_formats + // TODO[compat-openssl] OpenSSL test server sends server extensions e.g. ec_point_formats + // TODO[compat-polarssl] PolarSSL test server sends server extensions e.g. ec_point_formats + // throw new TlsFatalAlert(AlertDescription.illegal_parameter); + } + } + } + + byte[] renegExtData = TlsUtilities.GetExtensionData(m_serverExtensions, ExtensionType.renegotiation_info); + + // NOT renegotiating + { + /* + * RFC 5746 3.4. Client Behavior: Initial Handshake (both full and session-resumption) + */ + + /* + * When a ServerHello is received, the client MUST check if it includes the + * "renegotiation_info" extension: + */ + if (renegExtData == null) + { + /* + * If the extension is not present, the server does not support secure + * renegotiation; set secure_renegotiation flag to FALSE. In this case, some clients + * may want to terminate the handshake instead of continuing; see Section 4.1 for + * discussion. + */ + securityParameters.m_secureRenegotiation = false; + } + else + { + /* + * If the extension is present, set the secure_renegotiation flag to TRUE. The + * client MUST then verify that the length of the "renegotiated_connection" + * field is zero, and if it is not, MUST abort the handshake (by sending a fatal + * handshake_failure alert). + */ + securityParameters.m_secureRenegotiation = true; + + if (!Arrays.ConstantTimeAreEqual(renegExtData, CreateRenegotiationInfo(TlsUtilities.EmptyBytes))) + throw new TlsFatalAlert(AlertDescription.handshake_failure); + } + } + + // TODO[compat-gnutls] GnuTLS test server fails to send renegotiation_info extension when resuming + m_tlsClient.NotifySecureRenegotiation(securityParameters.IsSecureRenegotiation); + + /* + * RFC 7627 4. Clients and servers SHOULD NOT accept handshakes that do not use the extended + * master secret [..]. (and see 5.2, 5.3) + * + * RFC 8446 Appendix D. Because TLS 1.3 always hashes in the transcript up to the server + * Finished, implementations which support both TLS 1.3 and earlier versions SHOULD indicate + * the use of the Extended Master Secret extension in their APIs whenever TLS 1.3 is used. + */ + { + bool acceptedExtendedMasterSecret = TlsExtensionsUtilities.HasExtendedMasterSecretExtension( + m_serverExtensions); + + if (acceptedExtendedMasterSecret) + { + if (server_version.IsSsl + || (!m_resumedSession && !m_tlsClient.ShouldUseExtendedMasterSecret())) + { + throw new TlsFatalAlert(AlertDescription.handshake_failure); + } + } + else + { + if (m_tlsClient.RequiresExtendedMasterSecret() + || (m_resumedSession && !m_tlsClient.AllowLegacyResumption())) + { + throw new TlsFatalAlert(AlertDescription.handshake_failure); + } + } + + securityParameters.m_extendedMasterSecret = acceptedExtendedMasterSecret; + } + + /* + * RFC 7301 3.1. When session resumption or session tickets [...] are used, the previous + * contents of this extension are irrelevant, and only the values in the new handshake + * messages are considered. + */ + securityParameters.m_applicationProtocol = TlsExtensionsUtilities.GetAlpnExtensionServer( + m_serverExtensions); + securityParameters.m_applicationProtocolSet = true; + + IDictionary sessionClientExtensions = m_clientExtensions, sessionServerExtensions = m_serverExtensions; + if (m_resumedSession) + { + if (securityParameters.CipherSuite != m_sessionParameters.CipherSuite + || !server_version.Equals(m_sessionParameters.NegotiatedVersion)) + { + throw new TlsFatalAlert(AlertDescription.illegal_parameter); + } + + sessionClientExtensions = null; + sessionServerExtensions = m_sessionParameters.ReadServerExtensions(); + } + + if (sessionServerExtensions != null && sessionServerExtensions.Count > 0) + { + { + /* + * RFC 7366 3. If a server receives an encrypt-then-MAC request extension from a client + * and then selects a stream or Authenticated Encryption with Associated Data (AEAD) + * ciphersuite, it MUST NOT send an encrypt-then-MAC response extension back to the + * client. + */ + bool serverSentEncryptThenMAC = TlsExtensionsUtilities.HasEncryptThenMacExtension( + sessionServerExtensions); + if (serverSentEncryptThenMAC && !TlsUtilities.IsBlockCipherSuite(securityParameters.CipherSuite)) + throw new TlsFatalAlert(AlertDescription.illegal_parameter); + + securityParameters.m_encryptThenMac = serverSentEncryptThenMAC; + } + + securityParameters.m_maxFragmentLength = ProcessMaxFragmentLengthExtension(sessionClientExtensions, + sessionServerExtensions, AlertDescription.illegal_parameter); + + securityParameters.m_truncatedHmac = TlsExtensionsUtilities.HasTruncatedHmacExtension( + sessionServerExtensions); + + /* + * TODO It's surprising that there's no provision to allow a 'fresh' CertificateStatus to be sent in + * a session resumption handshake. + */ + if (!m_resumedSession) + { + // TODO[tls13] See RFC 8446 4.4.2.1 + if (TlsUtilities.HasExpectedEmptyExtensionData(sessionServerExtensions, + ExtensionType.status_request_v2, AlertDescription.illegal_parameter)) + { + securityParameters.m_statusRequestVersion = 2; + } + else if (TlsUtilities.HasExpectedEmptyExtensionData(sessionServerExtensions, + ExtensionType.status_request, AlertDescription.illegal_parameter)) + { + securityParameters.m_statusRequestVersion = 1; + } + + this.m_expectSessionTicket = TlsUtilities.HasExpectedEmptyExtensionData(sessionServerExtensions, + ExtensionType.session_ticket, AlertDescription.illegal_parameter); + } + } + + if (sessionClientExtensions != null) + { + m_tlsClient.ProcessServerExtensions(sessionServerExtensions); + } + + ApplyMaxFragmentLengthExtension(securityParameters.MaxFragmentLength); + + if (m_resumedSession) + { + securityParameters.m_masterSecret = m_sessionMasterSecret; + m_recordStream.SetPendingCipher(TlsUtilities.InitCipher(m_tlsClientContext)); + } + else + { + InvalidateSession(); + this.m_tlsSession = TlsUtilities.ImportSession(securityParameters.SessionID, null); + } + } + + /// + protected virtual void Receive13CertificateRequest(MemoryStream buf, bool postHandshakeAuth) + { + // TODO[tls13] Support for post_handshake_auth + if (postHandshakeAuth) + throw new TlsFatalAlert(AlertDescription.internal_error); + + /* + * RFC 8446 4.3.2. A server which is authenticating with a certificate MAY optionally + * request a certificate from the client. + */ + + if (m_selectedPsk13) + throw new TlsFatalAlert(AlertDescription.unexpected_message); + + CertificateRequest certificateRequest = CertificateRequest.Parse(m_tlsClientContext, buf); + + AssertEmpty(buf); + + if (!certificateRequest.HasCertificateRequestContext(TlsUtilities.EmptyBytes)) + throw new TlsFatalAlert(AlertDescription.illegal_parameter); + + this.m_certificateRequest = certificateRequest; + + TlsUtilities.EstablishServerSigAlgs(m_tlsClientContext.SecurityParameters, certificateRequest); + } + + /// + protected virtual void Receive13EncryptedExtensions(MemoryStream buf) + { + byte[] extBytes = TlsUtilities.ReadOpaque16(buf); + + AssertEmpty(buf); + + + this.m_serverExtensions = ReadExtensionsData13(HandshakeType.encrypted_extensions, extBytes); + + { + /* + * RFC 8446 4.2. Implementations MUST NOT send extension responses if the remote + * endpoint did not send the corresponding extension requests, with the exception of the + * "cookie" extension in the HelloRetryRequest. Upon receiving such an extension, an + * endpoint MUST abort the handshake with an "unsupported_extension" alert. + */ + foreach (int extType in m_serverExtensions.Keys) + { + if (null == TlsUtilities.GetExtensionData(m_clientExtensions, extType)) + throw new TlsFatalAlert(AlertDescription.unsupported_extension); + } + } + + + SecurityParameters securityParameters = m_tlsClientContext.SecurityParameters; + ProtocolVersion negotiatedVersion = securityParameters.NegotiatedVersion; + + securityParameters.m_applicationProtocol = TlsExtensionsUtilities.GetAlpnExtensionServer( + m_serverExtensions); + securityParameters.m_applicationProtocolSet = true; + + IDictionary sessionClientExtensions = m_clientExtensions, sessionServerExtensions = m_serverExtensions; + if (m_resumedSession) + { + if (securityParameters.CipherSuite != m_sessionParameters.CipherSuite + || !negotiatedVersion.Equals(m_sessionParameters.NegotiatedVersion)) + { + throw new TlsFatalAlert(AlertDescription.illegal_parameter); + } + + sessionClientExtensions = null; + sessionServerExtensions = m_sessionParameters.ReadServerExtensions(); + } + + securityParameters.m_maxFragmentLength = ProcessMaxFragmentLengthExtension(sessionClientExtensions, + sessionServerExtensions, AlertDescription.illegal_parameter); + + securityParameters.m_encryptThenMac = false; + securityParameters.m_truncatedHmac = false; + + /* + * TODO[tls13] RFC 8446 4.4.2.1. OCSP Status and SCT Extensions. + * + * OCSP information is carried in an extension for a CertificateEntry. + */ + securityParameters.m_statusRequestVersion = m_clientExtensions.Contains(ExtensionType.status_request) + ? 1 : 0; + + this.m_expectSessionTicket = false; + + if (null != sessionClientExtensions) + { + m_tlsClient.ProcessServerExtensions(m_serverExtensions); + } + + ApplyMaxFragmentLengthExtension(securityParameters.MaxFragmentLength); + } + + /// + protected virtual void Receive13NewSessionTicket(MemoryStream buf) + { + if (!IsApplicationDataReady) + throw new TlsFatalAlert(AlertDescription.unexpected_message); + + // TODO[tls13] Do something more than just ignore them + + // struct { + // uint32 ticket_lifetime; + // uint32 ticket_age_add; + // opaque ticket_nonce<0..255>; + // opaque ticket<1..2^16-1>; + // Extension extensions<0..2^16-2>; + // } NewSessionTicket; + + TlsUtilities.ReadUint32(buf); + TlsUtilities.ReadUint32(buf); + TlsUtilities.ReadOpaque8(buf); + TlsUtilities.ReadOpaque16(buf); + TlsUtilities.ReadOpaque16(buf); + AssertEmpty(buf); + } + + /// + protected virtual void Receive13ServerCertificate(MemoryStream buf) + { + if (m_selectedPsk13) + throw new TlsFatalAlert(AlertDescription.unexpected_message); + + this.m_authentication = TlsUtilities.Receive13ServerCertificate(m_tlsClientContext, m_tlsClient, buf); + + // NOTE: In TLS 1.3 we don't have to wait for a possible CertificateStatus message. + HandleServerCertificate(); + } + + /// + protected virtual void Receive13ServerCertificateVerify(MemoryStream buf) + { + Certificate serverCertificate = m_tlsClientContext.SecurityParameters.PeerCertificate; + if (null == serverCertificate || serverCertificate.IsEmpty) + throw new TlsFatalAlert(AlertDescription.internal_error); + + // TODO[tls13] Actual structure is 'CertificateVerify' in RFC 8446, consider adding for clarity + DigitallySigned certificateVerify = DigitallySigned.Parse(m_tlsClientContext, buf); + + AssertEmpty(buf); + + TlsUtilities.Verify13CertificateVerifyServer(m_tlsClientContext, certificateVerify, m_handshakeHash); + } + + /// + protected virtual void Receive13ServerFinished(MemoryStream buf) + { + Process13FinishedMessage(buf); + } + + /// + protected virtual void ReceiveCertificateRequest(MemoryStream buf) + { + if (null == m_authentication) + { + /* + * RFC 2246 7.4.4. It is a fatal handshake_failure alert for an anonymous server to + * request client identification. + */ + throw new TlsFatalAlert(AlertDescription.handshake_failure); + } + + CertificateRequest certificateRequest = CertificateRequest.Parse(m_tlsClientContext, buf); + + AssertEmpty(buf); + + this.m_certificateRequest = TlsUtilities.ValidateCertificateRequest(certificateRequest, m_keyExchange); + } + + /// + protected virtual void ReceiveNewSessionTicket(MemoryStream buf) + { + NewSessionTicket newSessionTicket = NewSessionTicket.Parse(buf); + + AssertEmpty(buf); + + m_tlsClient.NotifyNewSessionTicket(newSessionTicket); + } + + /// + protected virtual ServerHello ReceiveServerHelloMessage(MemoryStream buf) + { + return ServerHello.Parse(buf); + } + + /// + protected virtual void Send13ClientHelloRetry() + { + IDictionary clientHelloExtensions = m_clientHello.Extensions; + + clientHelloExtensions.Remove(ExtensionType.cookie); + clientHelloExtensions.Remove(ExtensionType.early_data); + clientHelloExtensions.Remove(ExtensionType.key_share); + clientHelloExtensions.Remove(ExtensionType.pre_shared_key); + + /* + * RFC 4.2.2. When sending the new ClientHello, the client MUST copy the contents of the + * extension received in the HelloRetryRequest into a "cookie" extension in the new + * ClientHello. + */ + if (null != m_retryCookie) + { + /* + * - Including a "cookie" extension if one was provided in the HelloRetryRequest. + */ + TlsExtensionsUtilities.AddCookieExtension(clientHelloExtensions, m_retryCookie); + this.m_retryCookie = null; + } + + /* + * - Updating the "pre_shared_key" extension if present by recomputing the "obfuscated_ticket_age" + * and binder values and (optionally) removing any PSKs which are incompatible with the server's + * indicated cipher suite. + */ + if (null != m_clientBinders) + { + this.m_clientBinders = TlsUtilities.AddPreSharedKeyToClientHelloRetry(m_tlsClientContext, + m_clientBinders, clientHelloExtensions); + if (null == m_clientBinders) + { + m_tlsClient.NotifySelectedPsk(null); + } + } + + /* + * RFC 8446 4.2.8. [..] when sending the new ClientHello, the client MUST replace the + * original "key_share" extension with one containing only a new KeyShareEntry for the group + * indicated in the selected_group field of the triggering HelloRetryRequest. + */ + if (m_retryGroup < 0) + throw new TlsFatalAlert(AlertDescription.internal_error); + + /* + * - If a "key_share" extension was supplied in the HelloRetryRequest, replacing the list of shares + * with a list containing a single KeyShareEntry from the indicated group + */ + this.m_clientAgreements = TlsUtilities.AddKeyShareToClientHelloRetry(m_tlsClientContext, + clientHelloExtensions, m_retryGroup); + + /* + * TODO[tls13] Optionally adding, removing, or changing the length of the "padding" + * extension [RFC7685]. + */ + + // See RFC 8446 D.4. + { + m_recordStream.SetIgnoreChangeCipherSpec(true); + + /* + * TODO[tls13] If offering early_data, the record is placed immediately after the first + * ClientHello. + */ + SendChangeCipherSpecMessage(); + } + + SendClientHelloMessage(); + } + + /// + protected virtual void SendCertificateVerifyMessage(DigitallySigned certificateVerify) + { + HandshakeMessageOutput message = new HandshakeMessageOutput(HandshakeType.certificate_verify); + certificateVerify.Encode(message); + message.Send(this); + } + + /// + protected virtual void SendClientHello() + { + SecurityParameters securityParameters = m_tlsClientContext.SecurityParameters; + + ProtocolVersion[] supportedVersions; + ProtocolVersion earliestVersion, latestVersion; + + // NOT renegotiating + { + supportedVersions = m_tlsClient.GetProtocolVersions(); + + if (ProtocolVersion.Contains(supportedVersions, ProtocolVersion.SSLv3)) + { + // TODO[tls13] Prevent offering SSLv3 AND TLSv13? + m_recordStream.SetWriteVersion(ProtocolVersion.SSLv3); + } + else + { + m_recordStream.SetWriteVersion(ProtocolVersion.TLSv10); + } + + earliestVersion = ProtocolVersion.GetEarliestTls(supportedVersions); + latestVersion = ProtocolVersion.GetLatestTls(supportedVersions); + + if (!ProtocolVersion.IsSupportedTlsVersionClient(latestVersion)) + throw new TlsFatalAlert(AlertDescription.internal_error); + + m_tlsClientContext.SetClientVersion(latestVersion); + } + + m_tlsClientContext.SetClientSupportedVersions(supportedVersions); + + bool offeringTlsV12Minus = ProtocolVersion.TLSv12.IsEqualOrLaterVersionOf(earliestVersion); + bool offeringTlsV13Plus = ProtocolVersion.TLSv13.IsEqualOrEarlierVersionOf(latestVersion); + + EstablishSession(offeringTlsV12Minus ? m_tlsClient.GetSessionToResume() : null); + m_tlsClient.NotifySessionToResume(m_tlsSession); + + /* + * TODO RFC 5077 3.4. When presenting a ticket, the client MAY generate and include a + * Session ID in the TLS ClientHello. + */ + byte[] legacy_session_id = TlsUtilities.GetSessionID(m_tlsSession); + + bool fallback = m_tlsClient.IsFallback(); + + int[] offeredCipherSuites = m_tlsClient.GetCipherSuites(); + + if (legacy_session_id.Length > 0 && m_sessionParameters != null) + { + if (!Arrays.Contains(offeredCipherSuites, m_sessionParameters.CipherSuite)) + { + legacy_session_id = TlsUtilities.EmptyBytes; + } + } + + this.m_clientExtensions = TlsExtensionsUtilities.EnsureExtensionsInitialised( + m_tlsClient.GetClientExtensions()); + + ProtocolVersion legacy_version = latestVersion; + if (offeringTlsV13Plus) + { + legacy_version = ProtocolVersion.TLSv12; + + TlsExtensionsUtilities.AddSupportedVersionsExtensionClient(m_clientExtensions, supportedVersions); + + /* + * RFC 8446 4.2.1. In compatibility mode [..], this field MUST be non-empty, so a client + * not offering a pre-TLS 1.3 session MUST generate a new 32-byte value. + */ + if (legacy_session_id.Length < 1) + { + legacy_session_id = m_tlsClientContext.NonceGenerator.GenerateNonce(32); + } + } + + m_tlsClientContext.SetRsaPreMasterSecretVersion(legacy_version); + + securityParameters.m_clientServerNames = TlsExtensionsUtilities.GetServerNameExtensionClient( + m_clientExtensions); + + if (TlsUtilities.IsSignatureAlgorithmsExtensionAllowed(latestVersion)) + { + TlsUtilities.EstablishClientSigAlgs(securityParameters, m_clientExtensions); + } + + securityParameters.m_clientSupportedGroups = TlsExtensionsUtilities.GetSupportedGroupsExtension( + m_clientExtensions); + + this.m_clientBinders = TlsUtilities.AddPreSharedKeyToClientHello(m_tlsClientContext, m_tlsClient, + m_clientExtensions, offeredCipherSuites); + + // TODO[tls13-psk] Perhaps don't add key_share if external PSK(s) offered and 'psk_dhe_ke' not offered + this.m_clientAgreements = TlsUtilities.AddKeyShareToClientHello(m_tlsClientContext, m_tlsClient, + m_clientExtensions); + + if (TlsUtilities.IsExtendedMasterSecretOptionalTls(supportedVersions) + && (m_tlsClient.ShouldUseExtendedMasterSecret() || + (null != m_sessionParameters && m_sessionParameters.IsExtendedMasterSecret))) + { + TlsExtensionsUtilities.AddExtendedMasterSecretExtension(m_clientExtensions); + } + else if (!offeringTlsV13Plus && m_tlsClient.RequiresExtendedMasterSecret()) + { + throw new TlsFatalAlert(AlertDescription.internal_error); + } + + { + bool useGmtUnixTime = !offeringTlsV13Plus && m_tlsClient.ShouldUseGmtUnixTime(); + + securityParameters.m_clientRandom = CreateRandomBlock(useGmtUnixTime, m_tlsClientContext); + } + + // NOT renegotiating + { + /* + * RFC 5746 3.4. Client Behavior: Initial Handshake (both full and session-resumption) + */ + + /* + * The client MUST include either an empty "renegotiation_info" extension, or the + * TLS_EMPTY_RENEGOTIATION_INFO_SCSV signaling cipher suite value in the ClientHello. + * Including both is NOT RECOMMENDED. + */ + bool noRenegExt = (null == TlsUtilities.GetExtensionData(m_clientExtensions, + ExtensionType.renegotiation_info)); + bool noRenegScsv = !Arrays.Contains(offeredCipherSuites, CipherSuite.TLS_EMPTY_RENEGOTIATION_INFO_SCSV); + + if (noRenegExt && noRenegScsv) + { + // TODO[tls13] Probably want to not add this if no pre-TLSv13 versions offered? + offeredCipherSuites = Arrays.Append(offeredCipherSuites, CipherSuite.TLS_EMPTY_RENEGOTIATION_INFO_SCSV); + } + } + + /* + * (Fallback SCSV) + * RFC 7507 4. If a client sends a ClientHello.client_version containing a lower value + * than the latest (highest-valued) version supported by the client, it SHOULD include + * the TLS_FALLBACK_SCSV cipher suite value in ClientHello.cipher_suites [..]. (The + * client SHOULD put TLS_FALLBACK_SCSV after all cipher suites that it actually intends + * to negotiate.) + */ + if (fallback && !Arrays.Contains(offeredCipherSuites, CipherSuite.TLS_FALLBACK_SCSV)) + { + offeredCipherSuites = Arrays.Append(offeredCipherSuites, CipherSuite.TLS_FALLBACK_SCSV); + } + + + + int bindersSize = null == m_clientBinders ? 0 : m_clientBinders.m_bindersSize; + + this.m_clientHello = new ClientHello(legacy_version, securityParameters.ClientRandom, legacy_session_id, + null, offeredCipherSuites, m_clientExtensions, bindersSize); + + SendClientHelloMessage(); + } + + /// + protected virtual void SendClientHelloMessage() + { + HandshakeMessageOutput message = new HandshakeMessageOutput(HandshakeType.client_hello); + m_clientHello.Encode(m_tlsClientContext, message); + + message.PrepareClientHello(m_handshakeHash, m_clientHello.BindersSize); + + if (null != m_clientBinders) + { + OfferedPsks.EncodeBinders(message, m_tlsClientContext.Crypto, m_handshakeHash, m_clientBinders); + } + + message.SendClientHello(this, m_handshakeHash, m_clientHello.BindersSize); + } + + /// + protected virtual void SendClientKeyExchange() + { + HandshakeMessageOutput message = new HandshakeMessageOutput(HandshakeType.client_key_exchange); + m_keyExchange.GenerateClientKeyExchange(message); + message.Send(this); + } + + /// + protected virtual void Skip13CertificateRequest() + { + this.m_certificateRequest = null; + } + + /// + protected virtual void Skip13ServerCertificate() + { + if (!m_selectedPsk13) + throw new TlsFatalAlert(AlertDescription.unexpected_message); + + this.m_authentication = TlsUtilities.Skip13ServerCertificate(m_tlsClientContext); + } + } +} diff --git a/BouncyCastle/crypto/src/tls/TlsCloseable.cs b/BouncyCastle/crypto/src/tls/TlsCloseable.cs new file mode 100644 index 0000000..baf2ff4 --- /dev/null +++ b/BouncyCastle/crypto/src/tls/TlsCloseable.cs @@ -0,0 +1,11 @@ +using System; +using System.IO; + +namespace Org.BouncyCastle.Tls +{ + public interface TlsCloseable + { + /// + void Close(); + } +} diff --git a/BouncyCastle/crypto/src/tls/TlsContext.cs b/BouncyCastle/crypto/src/tls/TlsContext.cs new file mode 100644 index 0000000..5a2802f --- /dev/null +++ b/BouncyCastle/crypto/src/tls/TlsContext.cs @@ -0,0 +1,79 @@ +using System; + +using Org.BouncyCastle.Tls.Crypto; + +namespace Org.BouncyCastle.Tls +{ + /// Base interface for a TLS context implementation. + public interface TlsContext + { + TlsCrypto Crypto { get; } + + TlsNonceGenerator NonceGenerator { get; } + + SecurityParameters SecurityParameters { get; } + + /// Return true if this context is for a server, false otherwise. + /// true for a server based context, false for a client based one. + bool IsServer { get; } + + ProtocolVersion[] ClientSupportedVersions { get; } + + ProtocolVersion ClientVersion { get; } + + ProtocolVersion RsaPreMasterSecretVersion { get; } + + ProtocolVersion ServerVersion { get; } + + /// Used to get the resumable session, if any, used by this connection. + /// + /// Only available after the handshake has successfully completed. + /// + /// A representing the resumable session used by this connection, or null if + /// no resumable session available. + /// + TlsSession ResumableSession { get; } + + /// Used to get the session information for this connection. + /// + /// Only available after the handshake has successfully completed. Use + /// to find out if the session is resumable. + /// + /// A representing the session used by this connection. + /// + TlsSession Session { get; } + + object UserObject { get; set; } + + /// Export the value of the specified channel binding. + /// + /// Only available after the handshake has successfully completed. + /// + /// A constant specifying the channel binding to + /// export. + /// A copy of the channel binding data as a byte[], or null if the binding could not be + /// determined. + byte[] ExportChannelBinding(int channelBinding); + + /// Export (early data) keying material according to RFC 5705: "Keying Material Exporters for TLS", as + /// updated for TLS 1.3 (RFC 8446). + /// + /// NOTE: for use in settings where an exporter is needed for 0-RTT data. + /// + /// indicates which application will use the exported keys. + /// allows the application using the exporter to mix its own data with the TLS PRF + /// for the exporter output. + /// the number of bytes to generate. + /// a pseudorandom bit string of 'length' bytes generated from the (exporter_)master_secret. + byte[] ExportEarlyKeyingMaterial(string asciiLabel, byte[] context_value, int length); + + /// Export keying material according to RFC 5705: "Keying Material Exporters for TLS", as updated for + /// TLS 1.3 (RFC 8446) when negotiated. + /// indicates which application will use the exported keys. + /// allows the application using the exporter to mix its own data with the TLS PRF + /// for the exporter output. + /// the number of bytes to generate. + /// a pseudorandom bit string of 'length' bytes generated from the (exporter_)master_secret. + byte[] ExportKeyingMaterial(string asciiLabel, byte[] context_value, int length); + } +} diff --git a/BouncyCastle/crypto/src/tls/TlsCredentialedAgreement.cs b/BouncyCastle/crypto/src/tls/TlsCredentialedAgreement.cs new file mode 100644 index 0000000..354a177 --- /dev/null +++ b/BouncyCastle/crypto/src/tls/TlsCredentialedAgreement.cs @@ -0,0 +1,19 @@ +using System; +using System.IO; + +using Org.BouncyCastle.Tls.Crypto; + +namespace Org.BouncyCastle.Tls +{ + /// Support interface for generating a secret based on the credentials sent by a TLS peer. + public interface TlsCredentialedAgreement + : TlsCredentials + { + /// Calculate an agreed secret based on our credentials and the public key credentials of our peer. + /// + /// public key certificate of our TLS peer. + /// the agreed secret. + /// in case of an exception on generation of the secret. + TlsSecret GenerateAgreement(TlsCertificate peerCertificate); + } +} diff --git a/BouncyCastle/crypto/src/tls/TlsCredentialedDecryptor.cs b/BouncyCastle/crypto/src/tls/TlsCredentialedDecryptor.cs new file mode 100644 index 0000000..5fa021d --- /dev/null +++ b/BouncyCastle/crypto/src/tls/TlsCredentialedDecryptor.cs @@ -0,0 +1,19 @@ +using System; +using System.IO; + +using Org.BouncyCastle.Tls.Crypto; + +namespace Org.BouncyCastle.Tls +{ + /// Base interface for a class that decrypts TLS secrets. + public interface TlsCredentialedDecryptor + : TlsCredentials + { + /// Decrypt the passed in cipher text using the parameters available. + /// the parameters to use for the decryption. + /// the cipher text containing the secret. + /// a TLS secret. + /// on a parsing or decryption error. + TlsSecret Decrypt(TlsCryptoParameters cryptoParams, byte[] ciphertext); + } +} diff --git a/BouncyCastle/crypto/src/tls/TlsCredentialedSigner.cs b/BouncyCastle/crypto/src/tls/TlsCredentialedSigner.cs new file mode 100644 index 0000000..c6f5a8d --- /dev/null +++ b/BouncyCastle/crypto/src/tls/TlsCredentialedSigner.cs @@ -0,0 +1,26 @@ +using System; +using System.IO; + +using Org.BouncyCastle.Tls.Crypto; + +namespace Org.BouncyCastle.Tls +{ + /// Support interface for generating a signature based on our private credentials. + public interface TlsCredentialedSigner + : TlsCredentials + { + /// Generate a signature against the passed in hash. + /// a message digest calculated across the message the signature is to apply to. + /// an encoded signature. + /// if the hash cannot be processed, or there is an issue with the private + /// credentials. + byte[] GenerateRawSignature(byte[] hash); + + /// Return the algorithm IDs for the signature algorithm and the associated hash it uses. + /// the full algorithm details for the signature. + SignatureAndHashAlgorithm SignatureAndHashAlgorithm { get; } + + /// + TlsStreamSigner GetStreamSigner(); + } +} diff --git a/BouncyCastle/crypto/src/tls/TlsCredentials.cs b/BouncyCastle/crypto/src/tls/TlsCredentials.cs new file mode 100644 index 0000000..4a6084a --- /dev/null +++ b/BouncyCastle/crypto/src/tls/TlsCredentials.cs @@ -0,0 +1,12 @@ +using System; + +namespace Org.BouncyCastle.Tls +{ + /// Base interface for interfaces/classes carrying TLS credentials. + public interface TlsCredentials + { + /// Return the certificate structure representing our identity. + /// our certificate structure. + Certificate Certificate { get; } + } +} diff --git a/BouncyCastle/crypto/src/tls/TlsDHGroupVerifier.cs b/BouncyCastle/crypto/src/tls/TlsDHGroupVerifier.cs new file mode 100644 index 0000000..2fb208c --- /dev/null +++ b/BouncyCastle/crypto/src/tls/TlsDHGroupVerifier.cs @@ -0,0 +1,15 @@ +using System; + +using Org.BouncyCastle.Tls.Crypto; + +namespace Org.BouncyCastle.Tls +{ + /// Interface for verifying explicit Diffie-Hellman group parameters. + public interface TlsDHGroupVerifier + { + /// Check whether the given DH group is acceptable for use. + /// the to check. + /// true if (and only if) the specified group is acceptable. + bool Accept(DHGroup dhGroup); + } +} diff --git a/BouncyCastle/crypto/src/tls/TlsDHKeyExchange.cs b/BouncyCastle/crypto/src/tls/TlsDHKeyExchange.cs new file mode 100644 index 0000000..abce91f --- /dev/null +++ b/BouncyCastle/crypto/src/tls/TlsDHKeyExchange.cs @@ -0,0 +1,91 @@ +using System; +using System.IO; + +using Org.BouncyCastle.Tls.Crypto; + +namespace Org.BouncyCastle.Tls +{ + /// (D)TLS DH key exchange. + public class TlsDHKeyExchange + : AbstractTlsKeyExchange + { + private static int CheckKeyExchange(int keyExchange) + { + switch (keyExchange) + { + case KeyExchangeAlgorithm.DH_DSS: + case KeyExchangeAlgorithm.DH_RSA: + return keyExchange; + default: + throw new ArgumentException("unsupported key exchange algorithm", "keyExchange"); + } + } + + protected TlsCredentialedAgreement m_agreementCredentials; + protected TlsCertificate m_dhPeerCertificate; + + public TlsDHKeyExchange(int keyExchange) + : base(CheckKeyExchange(keyExchange)) + { + } + + public override void SkipServerCredentials() + { + throw new TlsFatalAlert(AlertDescription.internal_error); + } + + public override void ProcessServerCredentials(TlsCredentials serverCredentials) + { + this.m_agreementCredentials = TlsUtilities.RequireAgreementCredentials(serverCredentials); + } + + public override void ProcessServerCertificate(Certificate serverCertificate) + { + this.m_dhPeerCertificate = serverCertificate.GetCertificateAt(0).CheckUsageInRole(TlsCertificateRole.DH); + } + + public override short[] GetClientCertificateTypes() + { + return new short[]{ ClientCertificateType.dss_fixed_dh, ClientCertificateType.rsa_fixed_dh }; + } + + public override void SkipClientCredentials() + { + throw new TlsFatalAlert(AlertDescription.unexpected_message); + } + + public override void ProcessClientCredentials(TlsCredentials clientCredentials) + { + this.m_agreementCredentials = TlsUtilities.RequireAgreementCredentials(clientCredentials); + } + + public override void GenerateClientKeyExchange(Stream output) + { + /* + * RFC 2246 7.4.7.2 If the client certificate already contains a suitable Diffie-Hellman + * key, then Yc is implicit and does not need to be sent again. In this case, the Client Key + * Exchange message will be sent, but will be empty. + */ + } + + public override void ProcessClientCertificate(Certificate clientCertificate) + { + this.m_dhPeerCertificate = clientCertificate.GetCertificateAt(0).CheckUsageInRole(TlsCertificateRole.DH); + } + + public override void ProcessClientKeyExchange(Stream input) + { + // For dss_fixed_dh and rsa_fixed_dh, the key arrived in the client certificate + } + + public override bool RequiresCertificateVerify + { + get { return false; } + } + + public override TlsSecret GeneratePreMasterSecret() + { + return m_agreementCredentials.GenerateAgreement(m_dhPeerCertificate); + } + } +} diff --git a/BouncyCastle/crypto/src/tls/TlsDHUtilities.cs b/BouncyCastle/crypto/src/tls/TlsDHUtilities.cs new file mode 100644 index 0000000..7605b00 --- /dev/null +++ b/BouncyCastle/crypto/src/tls/TlsDHUtilities.cs @@ -0,0 +1,159 @@ +using System; +using System.IO; + +using Org.BouncyCastle.Math; +using Org.BouncyCastle.Tls.Crypto; +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Tls +{ + public abstract class TlsDHUtilities + { + public static TlsDHConfig CreateNamedDHConfig(TlsContext context, int namedGroup) + { + if (namedGroup < 0 || NamedGroup.GetFiniteFieldBits(namedGroup) < 1) + return null; + + bool padded = TlsUtilities.IsTlsV13(context); + return new TlsDHConfig(namedGroup, padded); + } + + public static DHGroup GetDHGroup(TlsDHConfig dhConfig) + { + int namedGroup = dhConfig.NamedGroup; + if (namedGroup >= 0) + return GetNamedDHGroup(namedGroup); + + return dhConfig.ExplicitGroup; + } + + public static DHGroup GetNamedDHGroup(int namedGroup) + { + switch (namedGroup) + { + case NamedGroup.ffdhe2048: + return DHStandardGroups.rfc7919_ffdhe2048; + case NamedGroup.ffdhe3072: + return DHStandardGroups.rfc7919_ffdhe3072; + case NamedGroup.ffdhe4096: + return DHStandardGroups.rfc7919_ffdhe4096; + case NamedGroup.ffdhe6144: + return DHStandardGroups.rfc7919_ffdhe6144; + case NamedGroup.ffdhe8192: + return DHStandardGroups.rfc7919_ffdhe8192; + default: + return null; + } + } + + public static int GetMinimumFiniteFieldBits(int cipherSuite) + { + /* + * NOTE: An equivalent mechanism was added to support a minimum bit-size requirement for ECC + * mooted in early drafts of RFC 8442. This requirement was removed in later drafts, so that + * mechanism is currently somewhat trivial, and this similarly so. + */ + return IsDHCipherSuite(cipherSuite) ? 1 : 0; + } + + public static bool IsDHCipherSuite(int cipherSuite) + { + switch (TlsUtilities.GetKeyExchangeAlgorithm(cipherSuite)) + { + case KeyExchangeAlgorithm.DH_anon: + case KeyExchangeAlgorithm.DH_DSS: + case KeyExchangeAlgorithm.DH_RSA: + case KeyExchangeAlgorithm.DHE_DSS: + case KeyExchangeAlgorithm.DHE_PSK: + case KeyExchangeAlgorithm.DHE_RSA: + return true; + + default: + return false; + } + } + + public static int GetNamedGroupForDHParameters(BigInteger p, BigInteger g) + { + int[] namedGroups = new int[]{ NamedGroup.ffdhe2048, NamedGroup.ffdhe3072, NamedGroup.ffdhe4096, + NamedGroup.ffdhe6144, NamedGroup.ffdhe8192 }; + + for (int i = 0; i < namedGroups.Length; ++i) + { + int namedGroup = namedGroups[i]; + DHGroup dhGroup = GetNamedDHGroup(namedGroup); + if (dhGroup != null && dhGroup.P.Equals(p) && dhGroup.G.Equals(g)) + return namedGroup; + } + + return -1; + } + + public static DHGroup GetStandardGroupForDHParameters(BigInteger p, BigInteger g) + { + DHGroup[] standardGroups = new DHGroup[] { DHStandardGroups.rfc7919_ffdhe2048, + DHStandardGroups.rfc7919_ffdhe3072, DHStandardGroups.rfc7919_ffdhe4096, DHStandardGroups.rfc7919_ffdhe6144, + DHStandardGroups.rfc7919_ffdhe8192, DHStandardGroups.rfc3526_1536, DHStandardGroups.rfc3526_2048, + DHStandardGroups.rfc3526_3072, DHStandardGroups.rfc3526_4096, DHStandardGroups.rfc3526_6144, + DHStandardGroups.rfc3526_8192, DHStandardGroups.rfc5996_768, DHStandardGroups.rfc5996_1024 }; + + for (int i = 0; i < standardGroups.Length; ++i) + { + DHGroup dhGroup = standardGroups[i]; + if (dhGroup != null && dhGroup.P.Equals(p) && dhGroup.G.Equals(g)) + return dhGroup; + } + + return null; + } + + /// + public static TlsDHConfig ReceiveDHConfig(TlsContext context, TlsDHGroupVerifier dhGroupVerifier, + Stream input) + { + BigInteger p = ReadDHParameter(input); + BigInteger g = ReadDHParameter(input); + + int namedGroup = GetNamedGroupForDHParameters(p, g); + if (namedGroup< 0) + { + DHGroup dhGroup = GetStandardGroupForDHParameters(p, g); + if (null == dhGroup) + { + dhGroup = new DHGroup(p, null, g, 0); + } + + if (!dhGroupVerifier.Accept(dhGroup)) + throw new TlsFatalAlert(AlertDescription.insufficient_security); + + return new TlsDHConfig(dhGroup); + } + + int[] clientSupportedGroups = context.SecurityParameters.ClientSupportedGroups; + if (null == clientSupportedGroups || Arrays.Contains(clientSupportedGroups, namedGroup)) + return new TlsDHConfig(namedGroup, false); + + throw new TlsFatalAlert(AlertDescription.illegal_parameter); + } + + /// + public static BigInteger ReadDHParameter(Stream input) + { + return new BigInteger(1, TlsUtilities.ReadOpaque16(input, 1)); + } + + /// + public static void WriteDHConfig(TlsDHConfig dhConfig, Stream output) + { + DHGroup group = GetDHGroup(dhConfig); + WriteDHParameter(group.P, output); + WriteDHParameter(group.G, output); + } + + /// + public static void WriteDHParameter(BigInteger x, Stream output) + { + TlsUtilities.WriteOpaque16(BigIntegers.AsUnsignedByteArray(x), output); + } + } +} diff --git a/BouncyCastle/crypto/src/tls/TlsDHanonKeyExchange.cs b/BouncyCastle/crypto/src/tls/TlsDHanonKeyExchange.cs new file mode 100644 index 0000000..dd03ce0 --- /dev/null +++ b/BouncyCastle/crypto/src/tls/TlsDHanonKeyExchange.cs @@ -0,0 +1,124 @@ +using System; +using System.IO; + +using Org.BouncyCastle.Tls.Crypto; + +namespace Org.BouncyCastle.Tls +{ + /// (D)TLS DH_anon key exchange. + public class TlsDHanonKeyExchange + : AbstractTlsKeyExchange + { + private static int CheckKeyExchange(int keyExchange) + { + switch (keyExchange) + { + case KeyExchangeAlgorithm.DH_anon: + return keyExchange; + default: + throw new ArgumentException("unsupported key exchange algorithm", "keyExchange"); + } + } + + protected TlsDHGroupVerifier m_dhGroupVerifier; + protected TlsDHConfig m_dhConfig; + + protected TlsAgreement m_agreement; + + public TlsDHanonKeyExchange(int keyExchange, TlsDHGroupVerifier dhGroupVerifier) + : this(keyExchange, dhGroupVerifier, null) + { + } + + public TlsDHanonKeyExchange(int keyExchange, TlsDHConfig dhConfig) + : this(keyExchange, null, dhConfig) + { + } + + private TlsDHanonKeyExchange(int keyExchange, TlsDHGroupVerifier dhGroupVerifier, TlsDHConfig dhConfig) + : base(CheckKeyExchange(keyExchange)) + { + this.m_dhGroupVerifier = dhGroupVerifier; + this.m_dhConfig = dhConfig; + } + + public override void SkipServerCredentials() + { + } + + public override void ProcessServerCredentials(TlsCredentials serverCredentials) + { + throw new TlsFatalAlert(AlertDescription.internal_error); + } + + public override void ProcessServerCertificate(Certificate serverCertificate) + { + throw new TlsFatalAlert(AlertDescription.unexpected_message); + } + + public override bool RequiresServerKeyExchange + { + get { return true; } + } + + public override byte[] GenerateServerKeyExchange() + { + MemoryStream buf = new MemoryStream(); + + TlsDHUtilities.WriteDHConfig(m_dhConfig, buf); + + this.m_agreement = m_context.Crypto.CreateDHDomain(m_dhConfig).CreateDH(); + + byte[] y = m_agreement.GenerateEphemeral(); + + TlsUtilities.WriteOpaque16(y, buf); + + return buf. ToArray(); + } + + public override void ProcessServerKeyExchange(Stream input) + { + this.m_dhConfig = TlsDHUtilities.ReceiveDHConfig(m_context, m_dhGroupVerifier, input); + + byte[] y = TlsUtilities.ReadOpaque16(input, 1); + + this.m_agreement = m_context.Crypto.CreateDHDomain(m_dhConfig).CreateDH(); + + m_agreement.ReceivePeerValue(y); + } + + public override short[] GetClientCertificateTypes() + { + return null; + } + + public override void ProcessClientCredentials(TlsCredentials clientCredentials) + { + throw new TlsFatalAlert(AlertDescription.internal_error); + } + + public override void GenerateClientKeyExchange(Stream output) + { + byte[] y = m_agreement.GenerateEphemeral(); + + TlsUtilities.WriteOpaque16(y, output); + } + + public override void ProcessClientCertificate(Certificate clientCertificate) + { + throw new TlsFatalAlert(AlertDescription.unexpected_message); + } + + public override void ProcessClientKeyExchange(Stream input) + { + byte[] y = TlsUtilities.ReadOpaque16(input, 1); + + m_agreement.ReceivePeerValue(y); + } + + public override TlsSecret GeneratePreMasterSecret() + { + return m_agreement.CalculateSecret(); + } + } +} diff --git a/BouncyCastle/crypto/src/tls/TlsDheKeyExchange.cs b/BouncyCastle/crypto/src/tls/TlsDheKeyExchange.cs new file mode 100644 index 0000000..74b919c --- /dev/null +++ b/BouncyCastle/crypto/src/tls/TlsDheKeyExchange.cs @@ -0,0 +1,129 @@ +using System; +using System.IO; + +using Org.BouncyCastle.Tls.Crypto; +using Org.BouncyCastle.Utilities.IO; + +namespace Org.BouncyCastle.Tls +{ + public class TlsDheKeyExchange + : AbstractTlsKeyExchange + { + private static int CheckKeyExchange(int keyExchange) + { + switch (keyExchange) + { + case KeyExchangeAlgorithm.DHE_DSS: + case KeyExchangeAlgorithm.DHE_RSA: + return keyExchange; + default: + throw new ArgumentException("unsupported key exchange algorithm", "keyExchange"); + } + } + + protected TlsDHGroupVerifier m_dhGroupVerifier; + protected TlsDHConfig m_dhConfig; + + protected TlsCredentialedSigner m_serverCredentials = null; + protected TlsCertificate m_serverCertificate = null; + protected TlsAgreement m_agreement; + + public TlsDheKeyExchange(int keyExchange, TlsDHGroupVerifier dhGroupVerifier) + : this(keyExchange, dhGroupVerifier, null) + { + } + + public TlsDheKeyExchange(int keyExchange, TlsDHConfig dhConfig) + : this(keyExchange, null, dhConfig) + { + } + + private TlsDheKeyExchange(int keyExchange, TlsDHGroupVerifier dhGroupVerifier, TlsDHConfig dhConfig) + : base(CheckKeyExchange(keyExchange)) + { + this.m_dhGroupVerifier = dhGroupVerifier; + this.m_dhConfig = dhConfig; + } + + public override void SkipServerCredentials() + { + throw new TlsFatalAlert(AlertDescription.internal_error); + } + + public override void ProcessServerCredentials(TlsCredentials serverCredentials) + { + this.m_serverCredentials = TlsUtilities.RequireSignerCredentials(serverCredentials); + } + + public override void ProcessServerCertificate(Certificate serverCertificate) + { + this.m_serverCertificate = serverCertificate.GetCertificateAt(0); + } + + public override bool RequiresServerKeyExchange + { + get { return true; } + } + + public override byte[] GenerateServerKeyExchange() + { + DigestInputBuffer digestBuffer = new DigestInputBuffer(); + + TlsDHUtilities.WriteDHConfig(m_dhConfig, digestBuffer); + + this.m_agreement = m_context.Crypto.CreateDHDomain(m_dhConfig).CreateDH(); + + byte[] y = m_agreement.GenerateEphemeral(); + + TlsUtilities.WriteOpaque16(y, digestBuffer); + + TlsUtilities.GenerateServerKeyExchangeSignature(m_context, m_serverCredentials, null, digestBuffer); + + return digestBuffer.ToArray(); + } + + public override void ProcessServerKeyExchange(Stream input) + { + DigestInputBuffer digestBuffer = new DigestInputBuffer(); + Stream teeIn = new TeeInputStream(input, digestBuffer); + + this.m_dhConfig = TlsDHUtilities.ReceiveDHConfig(m_context, m_dhGroupVerifier, teeIn); + + byte[] y = TlsUtilities.ReadOpaque16(teeIn, 1); + + TlsUtilities.VerifyServerKeyExchangeSignature(m_context, input, m_serverCertificate, null, digestBuffer); + + this.m_agreement = m_context.Crypto.CreateDHDomain(m_dhConfig).CreateDH(); + + m_agreement.ReceivePeerValue(y); + } + + public override short[] GetClientCertificateTypes() + { + return new short[]{ ClientCertificateType.dss_sign, ClientCertificateType.ecdsa_sign, + ClientCertificateType.rsa_sign }; + } + + public override void ProcessClientCredentials(TlsCredentials clientCredentials) + { + TlsUtilities.RequireSignerCredentials(clientCredentials); + } + + public override void GenerateClientKeyExchange(Stream output) + { + byte[] y = m_agreement.GenerateEphemeral(); + + TlsUtilities.WriteOpaque16(y, output); + } + + public override void ProcessClientKeyExchange(Stream input) + { + m_agreement.ReceivePeerValue(TlsUtilities.ReadOpaque16(input, 1)); + } + + public override TlsSecret GeneratePreMasterSecret() + { + return m_agreement.CalculateSecret(); + } + } +} diff --git a/BouncyCastle/crypto/src/tls/TlsECDHKeyExchange.cs b/BouncyCastle/crypto/src/tls/TlsECDHKeyExchange.cs new file mode 100644 index 0000000..e7e2981 --- /dev/null +++ b/BouncyCastle/crypto/src/tls/TlsECDHKeyExchange.cs @@ -0,0 +1,95 @@ +using System; +using System.IO; + +using Org.BouncyCastle.Tls.Crypto; + +namespace Org.BouncyCastle.Tls +{ + /// (D)TLS ECDH key exchange (see RFC 4492). + public class TlsECDHKeyExchange + : AbstractTlsKeyExchange + { + private static int CheckKeyExchange(int keyExchange) + { + switch (keyExchange) + { + case KeyExchangeAlgorithm.ECDH_ECDSA: + case KeyExchangeAlgorithm.ECDH_RSA: + return keyExchange; + default: + throw new ArgumentException("unsupported key exchange algorithm", "keyExchange"); + } + } + + protected TlsCredentialedAgreement m_agreementCredentials; + protected TlsCertificate m_ecdhPeerCertificate; + + public TlsECDHKeyExchange(int keyExchange) + : base(CheckKeyExchange(keyExchange)) + { + } + + public override void SkipServerCredentials() + { + throw new TlsFatalAlert(AlertDescription.internal_error); + } + + public override void ProcessServerCredentials(TlsCredentials serverCredentials) + { + this.m_agreementCredentials = TlsUtilities.RequireAgreementCredentials(serverCredentials); + } + + public override void ProcessServerCertificate(Certificate serverCertificate) + { + this.m_ecdhPeerCertificate = serverCertificate.GetCertificateAt(0).CheckUsageInRole( + TlsCertificateRole.ECDH); + } + + public override short[] GetClientCertificateTypes() + { + /* + * RFC 4492 3. [...] The ECDSA_fixed_ECDH and RSA_fixed_ECDH mechanisms are usable with + * ECDH_ECDSA and ECDH_RSA. Their use with ECDHE_ECDSA and ECDHE_RSA is prohibited because + * the use of a long-term ECDH client key would jeopardize the forward secrecy property of + * these algorithms. + */ + return new short[]{ ClientCertificateType.ecdsa_fixed_ecdh, ClientCertificateType.rsa_fixed_ecdh }; + } + + public override void SkipClientCredentials() + { + throw new TlsFatalAlert(AlertDescription.unexpected_message); + } + + public override void ProcessClientCredentials(TlsCredentials clientCredentials) + { + this.m_agreementCredentials = TlsUtilities.RequireAgreementCredentials(clientCredentials); + } + + public override void GenerateClientKeyExchange(Stream output) + { + // In this case, the Client Key Exchange message will be sent, but will be empty. + } + + public override void ProcessClientCertificate(Certificate clientCertificate) + { + this.m_ecdhPeerCertificate = clientCertificate.GetCertificateAt(0).CheckUsageInRole( + TlsCertificateRole.ECDH); + } + + public override void ProcessClientKeyExchange(Stream input) + { + // For ecdsa_fixed_ecdh and rsa_fixed_ecdh, the key arrived in the client certificate + } + + public override bool RequiresCertificateVerify + { + get { return false; } + } + + public override TlsSecret GeneratePreMasterSecret() + { + return m_agreementCredentials.GenerateAgreement(m_ecdhPeerCertificate); + } + } +} diff --git a/BouncyCastle/crypto/src/tls/TlsECDHanonKeyExchange.cs b/BouncyCastle/crypto/src/tls/TlsECDHanonKeyExchange.cs new file mode 100644 index 0000000..66b0ec9 --- /dev/null +++ b/BouncyCastle/crypto/src/tls/TlsECDHanonKeyExchange.cs @@ -0,0 +1,127 @@ +using System; +using System.IO; + +using Org.BouncyCastle.Tls.Crypto; + +namespace Org.BouncyCastle.Tls +{ + /// (D)TLS ECDH_anon key exchange (see RFC 4492). + public class TlsECDHanonKeyExchange + : AbstractTlsKeyExchange + { + private static int CheckKeyExchange(int keyExchange) + { + switch (keyExchange) + { + case KeyExchangeAlgorithm.ECDH_anon: + return keyExchange; + default: + throw new ArgumentException("unsupported key exchange algorithm", "keyExchange"); + } + } + + protected TlsECConfig m_ecConfig; + + protected TlsAgreement m_agreement; + + public TlsECDHanonKeyExchange(int keyExchange) + : this(keyExchange, null) + { + } + + public TlsECDHanonKeyExchange(int keyExchange, TlsECConfig ecConfig) + : base(CheckKeyExchange(keyExchange)) + { + this.m_ecConfig = ecConfig; + } + + public override void SkipServerCredentials() + { + } + + public override void ProcessServerCredentials(TlsCredentials serverCredentials) + { + throw new TlsFatalAlert(AlertDescription.internal_error); + } + + public override void ProcessServerCertificate(Certificate serverCertificate) + { + throw new TlsFatalAlert(AlertDescription.unexpected_message); + } + + public override bool RequiresServerKeyExchange + { + get { return true; } + } + + public override byte[] GenerateServerKeyExchange() + { + MemoryStream buf = new MemoryStream(); + + TlsEccUtilities.WriteECConfig(m_ecConfig, buf); + + this.m_agreement = m_context.Crypto.CreateECDomain(m_ecConfig).CreateECDH(); + + GenerateEphemeral(buf); + + return buf.ToArray(); + } + + public override void ProcessServerKeyExchange(Stream input) + { + this.m_ecConfig = TlsEccUtilities.ReceiveECDHConfig(m_context, input); + + byte[] point = TlsUtilities.ReadOpaque8(input, 1); + + this.m_agreement = m_context.Crypto.CreateECDomain(m_ecConfig).CreateECDH(); + + ProcessEphemeral(point); + } + + public override short[] GetClientCertificateTypes() + { + return null; + } + + public override void ProcessClientCredentials(TlsCredentials clientCredentials) + { + throw new TlsFatalAlert(AlertDescription.internal_error); + } + + public override void GenerateClientKeyExchange(Stream output) + { + GenerateEphemeral(output); + } + + public override void ProcessClientCertificate(Certificate clientCertificate) + { + throw new TlsFatalAlert(AlertDescription.unexpected_message); + } + + public override void ProcessClientKeyExchange(Stream input) + { + byte[] point = TlsUtilities.ReadOpaque8(input, 1); + + ProcessEphemeral(point); + } + + public override TlsSecret GeneratePreMasterSecret() + { + return m_agreement.CalculateSecret(); + } + + protected virtual void GenerateEphemeral(Stream output) + { + byte[] point = m_agreement.GenerateEphemeral(); + + TlsUtilities.WriteOpaque8(point, output); + } + + protected virtual void ProcessEphemeral(byte[] point) + { + TlsEccUtilities.CheckPointEncoding(m_ecConfig.NamedGroup, point); + + this.m_agreement.ReceivePeerValue(point); + } + } +} diff --git a/BouncyCastle/crypto/src/tls/TlsECDheKeyExchange.cs b/BouncyCastle/crypto/src/tls/TlsECDheKeyExchange.cs new file mode 100644 index 0000000..1073775 --- /dev/null +++ b/BouncyCastle/crypto/src/tls/TlsECDheKeyExchange.cs @@ -0,0 +1,141 @@ +using System; +using System.IO; + +using Org.BouncyCastle.Tls.Crypto; +using Org.BouncyCastle.Utilities.IO; + +namespace Org.BouncyCastle.Tls +{ + /// (D)TLS ECDHE key exchange (see RFC 4492). + public class TlsECDheKeyExchange + : AbstractTlsKeyExchange + { + private static int CheckKeyExchange(int keyExchange) + { + switch (keyExchange) + { + case KeyExchangeAlgorithm.ECDHE_ECDSA: + case KeyExchangeAlgorithm.ECDHE_RSA: + return keyExchange; + default: + throw new ArgumentException("unsupported key exchange algorithm", "keyExchange"); + } + } + + protected TlsECConfig m_ecConfig; + + protected TlsCredentialedSigner m_serverCredentials = null; + protected TlsCertificate m_serverCertificate = null; + protected TlsAgreement m_agreement; + + public TlsECDheKeyExchange(int keyExchange) + : this(keyExchange, null) + { + } + + public TlsECDheKeyExchange(int keyExchange, TlsECConfig ecConfig) + : base(CheckKeyExchange(keyExchange)) + { + this.m_ecConfig = ecConfig; + } + + public override void SkipServerCredentials() + { + throw new TlsFatalAlert(AlertDescription.internal_error); + } + + public override void ProcessServerCredentials(TlsCredentials serverCredentials) + { + this.m_serverCredentials = TlsUtilities.RequireSignerCredentials(serverCredentials); + } + + public override void ProcessServerCertificate(Certificate serverCertificate) + { + this.m_serverCertificate = serverCertificate.GetCertificateAt(0); + } + + public override bool RequiresServerKeyExchange + { + get { return true; } + } + + public override byte[] GenerateServerKeyExchange() + { + DigestInputBuffer digestBuffer = new DigestInputBuffer(); + + TlsEccUtilities.WriteECConfig(m_ecConfig, digestBuffer); + + this.m_agreement = m_context.Crypto.CreateECDomain(m_ecConfig).CreateECDH(); + + GenerateEphemeral(digestBuffer); + + TlsUtilities.GenerateServerKeyExchangeSignature(m_context, m_serverCredentials, null, digestBuffer); + + return digestBuffer.ToArray(); + } + + public override void ProcessServerKeyExchange(Stream input) + { + DigestInputBuffer digestBuffer = new DigestInputBuffer(); + Stream teeIn = new TeeInputStream(input, digestBuffer); + + this.m_ecConfig = TlsEccUtilities.ReceiveECDHConfig(m_context, teeIn); + + byte[] point = TlsUtilities.ReadOpaque8(teeIn, 1); + + TlsUtilities.VerifyServerKeyExchangeSignature(m_context, input, m_serverCertificate, null, digestBuffer); + + this.m_agreement = m_context.Crypto.CreateECDomain(m_ecConfig).CreateECDH(); + + ProcessEphemeral(point); + } + + public override short[] GetClientCertificateTypes() + { + /* + * RFC 4492 3. [...] The ECDSA_fixed_ECDH and RSA_fixed_ECDH mechanisms are usable with + * ECDH_ECDSA and ECDH_RSA. Their use with ECDHE_ECDSA and ECDHE_RSA is prohibited because + * the use of a long-term ECDH client key would jeopardize the forward secrecy property of + * these algorithms. + */ + return new short[]{ ClientCertificateType.dss_sign, ClientCertificateType.ecdsa_sign, + ClientCertificateType.rsa_sign }; + } + + public override void ProcessClientCredentials(TlsCredentials clientCredentials) + { + TlsUtilities.RequireSignerCredentials(clientCredentials); + } + + public override void GenerateClientKeyExchange(Stream output) + { + GenerateEphemeral(output); + } + + public override void ProcessClientKeyExchange(Stream input) + { + byte[] point = TlsUtilities.ReadOpaque8(input, 1); + + ProcessEphemeral(point); + } + + public override TlsSecret GeneratePreMasterSecret() + { + return m_agreement.CalculateSecret(); + } + + protected virtual void GenerateEphemeral(Stream output) + { + byte[] point = m_agreement.GenerateEphemeral(); + + TlsUtilities.WriteOpaque8(point, output); + } + + protected virtual void ProcessEphemeral(byte[] point) + { + TlsEccUtilities.CheckPointEncoding(m_ecConfig.NamedGroup, point); + + this.m_agreement.ReceivePeerValue(point); + } + } +} diff --git a/BouncyCastle/crypto/src/tls/TlsEccUtilities.cs b/BouncyCastle/crypto/src/tls/TlsEccUtilities.cs new file mode 100644 index 0000000..59320a7 --- /dev/null +++ b/BouncyCastle/crypto/src/tls/TlsEccUtilities.cs @@ -0,0 +1,117 @@ +using System; +using System.IO; + +using Org.BouncyCastle.Tls.Crypto; +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Tls +{ + public abstract class TlsEccUtilities + { + /// + public static TlsECConfig CreateNamedECConfig(TlsContext context, int namedGroup) + { + if (NamedGroup.GetCurveBits(namedGroup) < 1) + throw new TlsFatalAlert(AlertDescription.internal_error); + + return new TlsECConfig(namedGroup); + } + + public static int GetMinimumCurveBits(int cipherSuite) + { + /* + * NOTE: This mechanism was added to support a minimum bit-size requirement mooted in early + * drafts of RFC 8442. This requirement was removed in later drafts, so this mechanism is + * currently somewhat trivial. + */ + return IsEccCipherSuite(cipherSuite) ? 1 : 0; + } + + public static bool IsEccCipherSuite(int cipherSuite) + { + switch (TlsUtilities.GetKeyExchangeAlgorithm(cipherSuite)) + { + case KeyExchangeAlgorithm.ECDH_anon: + case KeyExchangeAlgorithm.ECDH_ECDSA: + case KeyExchangeAlgorithm.ECDH_RSA: + case KeyExchangeAlgorithm.ECDHE_ECDSA: + case KeyExchangeAlgorithm.ECDHE_PSK: + case KeyExchangeAlgorithm.ECDHE_RSA: + return true; + + default: + return false; + } + } + + /// + public static void CheckPointEncoding(int namedGroup, byte[] encoding) + { + if (TlsUtilities.IsNullOrEmpty(encoding)) + throw new TlsFatalAlert(AlertDescription.illegal_parameter); + + switch (namedGroup) + { + case NamedGroup.x25519: + case NamedGroup.x448: + return; + } + + switch (encoding[0]) + { + case 0x04: // uncompressed + return; + + case 0x00: // infinity + case 0x02: // compressed + case 0x03: // compressed + case 0x06: // hybrid + case 0x07: // hybrid + default: + throw new TlsFatalAlert(AlertDescription.illegal_parameter); + } + } + + /// + public static TlsECConfig ReceiveECDHConfig(TlsContext context, Stream input) + { + short curveType = TlsUtilities.ReadUint8(input); + if (curveType != ECCurveType.named_curve) + throw new TlsFatalAlert(AlertDescription.handshake_failure); + + int namedGroup = TlsUtilities.ReadUint16(input); + if (NamedGroup.RefersToAnECDHCurve(namedGroup)) + { + int[] clientSupportedGroups = context.SecurityParameters.ClientSupportedGroups; + if (null == clientSupportedGroups || Arrays.Contains(clientSupportedGroups, namedGroup)) + return new TlsECConfig(namedGroup); + } + + throw new TlsFatalAlert(AlertDescription.illegal_parameter); + } + + /// + public static void WriteECConfig(TlsECConfig ecConfig, Stream output) + { + WriteNamedECParameters(ecConfig.NamedGroup, output); + } + + /// + public static void WriteNamedECParameters(int namedGroup, Stream output) + { + if (!NamedGroup.RefersToASpecificCurve(namedGroup)) + { + /* + * RFC 4492 5.4. All those values of NamedCurve are allowed that refer to a specific + * curve. Values of NamedCurve that indicate support for a class of explicitly defined + * curves are not allowed here [...]. + */ + throw new TlsFatalAlert(AlertDescription.internal_error); + } + + TlsUtilities.WriteUint8(ECCurveType.named_curve, output); + TlsUtilities.CheckUint16(namedGroup); + TlsUtilities.WriteUint16(namedGroup, output); + } + } +} diff --git a/BouncyCastle/crypto/src/tls/TlsException.cs b/BouncyCastle/crypto/src/tls/TlsException.cs new file mode 100644 index 0000000..c6d7a19 --- /dev/null +++ b/BouncyCastle/crypto/src/tls/TlsException.cs @@ -0,0 +1,24 @@ +using System; +using System.IO; + +namespace Org.BouncyCastle.Tls +{ + public class TlsException + : IOException + { + public TlsException() + : base() + { + } + + public TlsException(string message) + : base(message) + { + } + + public TlsException(string message, Exception cause) + : base(message, cause) + { + } + } +} diff --git a/BouncyCastle/crypto/src/tls/TlsExtensionsUtilities.cs b/BouncyCastle/crypto/src/tls/TlsExtensionsUtilities.cs new file mode 100644 index 0000000..e1db930 --- /dev/null +++ b/BouncyCastle/crypto/src/tls/TlsExtensionsUtilities.cs @@ -0,0 +1,1412 @@ +using System; +using System.Collections; +using System.IO; + +using Org.BouncyCastle.Asn1; +using Org.BouncyCastle.Asn1.X509; +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Tls +{ + public abstract class TlsExtensionsUtilities + { + public static IDictionary EnsureExtensionsInitialised(IDictionary extensions) + { + return extensions == null ? Platform.CreateHashtable() : extensions; + } + + /// (Int32 -> byte[]) + /// an of . + /// + public static void AddAlpnExtensionClient(IDictionary extensions, IList protocolNameList) + { + extensions[ExtensionType.application_layer_protocol_negotiation] = CreateAlpnExtensionClient(protocolNameList); + } + + /// + public static void AddAlpnExtensionServer(IDictionary extensions, ProtocolName protocolName) + { + extensions[ExtensionType.application_layer_protocol_negotiation] = CreateAlpnExtensionServer(protocolName); + } + + /// + public static void AddCertificateAuthoritiesExtension(IDictionary extensions, IList authorities) + { + extensions[ExtensionType.certificate_authorities] = CreateCertificateAuthoritiesExtension(authorities); + } + + /// + public static void AddClientCertificateTypeExtensionClient(IDictionary extensions, short[] certificateTypes) + { + extensions[ExtensionType.client_certificate_type] = CreateCertificateTypeExtensionClient(certificateTypes); + } + + /// + public static void AddClientCertificateTypeExtensionServer(IDictionary extensions, short certificateType) + { + extensions[ExtensionType.client_certificate_type] = CreateCertificateTypeExtensionServer(certificateType); + } + + public static void AddClientCertificateUrlExtension(IDictionary extensions) + { + extensions[ExtensionType.client_certificate_url] = CreateClientCertificateUrlExtension(); + } + + /// + public static void AddCompressCertificateExtension(IDictionary extensions, int[] algorithms) + { + extensions[ExtensionType.compress_certificate] = CreateCompressCertificateExtension(algorithms); + } + + /// + public static void AddCookieExtension(IDictionary extensions, byte[] cookie) + { + extensions[ExtensionType.cookie] = CreateCookieExtension(cookie); + } + + public static void AddEarlyDataIndication(IDictionary extensions) + { + extensions[ExtensionType.early_data] = CreateEarlyDataIndication(); + } + + /// + public static void AddEarlyDataMaxSize(IDictionary extensions, long maxSize) + { + extensions[ExtensionType.early_data] = CreateEarlyDataMaxSize(maxSize); + } + + public static void AddEmptyExtensionData(IDictionary extensions, Int32 extType) + { + extensions[extType] = CreateEmptyExtensionData(); + } + + public static void AddEncryptThenMacExtension(IDictionary extensions) + { + extensions[ExtensionType.encrypt_then_mac] = CreateEncryptThenMacExtension(); + } + + public static void AddExtendedMasterSecretExtension(IDictionary extensions) + { + extensions[ExtensionType.extended_master_secret] = CreateExtendedMasterSecretExtension(); + } + + /// + public static void AddHeartbeatExtension(IDictionary extensions, HeartbeatExtension heartbeatExtension) + { + extensions[ExtensionType.heartbeat] = CreateHeartbeatExtension(heartbeatExtension); + } + + /// + public static void AddKeyShareClientHello(IDictionary extensions, IList clientShares) + { + extensions[ExtensionType.key_share] = CreateKeyShareClientHello(clientShares); + } + + /// + public static void AddKeyShareHelloRetryRequest(IDictionary extensions, int namedGroup) + { + extensions[ExtensionType.key_share] = CreateKeyShareHelloRetryRequest(namedGroup); + } + + /// + public static void AddKeyShareServerHello(IDictionary extensions, KeyShareEntry serverShare) + { + extensions[ExtensionType.key_share] = CreateKeyShareServerHello(serverShare); + } + + /// + public static void AddMaxFragmentLengthExtension(IDictionary extensions, short maxFragmentLength) + { + extensions[ExtensionType.max_fragment_length] = CreateMaxFragmentLengthExtension(maxFragmentLength); + } + + /// + public static void AddOidFiltersExtension(IDictionary extensions, IDictionary filters) + { + extensions[ExtensionType.oid_filters] = CreateOidFiltersExtension(filters); + } + + /// + public static void AddPaddingExtension(IDictionary extensions, int dataLength) + { + extensions[ExtensionType.padding] = CreatePaddingExtension(dataLength); + } + + public static void AddPostHandshakeAuthExtension(IDictionary extensions) + { + extensions[ExtensionType.post_handshake_auth] = CreatePostHandshakeAuthExtension(); + } + + /// + public static void AddPreSharedKeyClientHello(IDictionary extensions, OfferedPsks offeredPsks) + { + extensions[ExtensionType.pre_shared_key] = CreatePreSharedKeyClientHello(offeredPsks); + } + + /// + public static void AddPreSharedKeyServerHello(IDictionary extensions, int selectedIdentity) + { + extensions[ExtensionType.pre_shared_key] = CreatePreSharedKeyServerHello(selectedIdentity); + } + + /// + public static void AddPskKeyExchangeModesExtension(IDictionary extensions, short[] modes) + { + extensions[ExtensionType.psk_key_exchange_modes] = CreatePskKeyExchangeModesExtension(modes); + } + + /// + public static void AddRecordSizeLimitExtension(IDictionary extensions, int recordSizeLimit) + { + extensions[ExtensionType.record_size_limit] = CreateRecordSizeLimitExtension(recordSizeLimit); + } + + /// + public static void AddServerCertificateTypeExtensionClient(IDictionary extensions, short[] certificateTypes) + { + extensions[ExtensionType.server_certificate_type] = CreateCertificateTypeExtensionClient(certificateTypes); + } + + /// + public static void AddServerCertificateTypeExtensionServer(IDictionary extensions, short certificateType) + { + extensions[ExtensionType.server_certificate_type] = CreateCertificateTypeExtensionServer(certificateType); + } + + /// + public static void AddServerNameExtensionClient(IDictionary extensions, IList serverNameList) + { + extensions[ExtensionType.server_name] = CreateServerNameExtensionClient(serverNameList); + } + + /// + public static void AddServerNameExtensionServer(IDictionary extensions) + { + extensions[ExtensionType.server_name] = CreateServerNameExtensionServer(); + } + + /// + public static void AddSignatureAlgorithmsExtension(IDictionary extensions, IList supportedSignatureAlgorithms) + { + extensions[ExtensionType.signature_algorithms] = CreateSignatureAlgorithmsExtension(supportedSignatureAlgorithms); + } + + /// + public static void AddSignatureAlgorithmsCertExtension(IDictionary extensions, IList supportedSignatureAlgorithms) + { + extensions[ExtensionType.signature_algorithms_cert] = CreateSignatureAlgorithmsCertExtension(supportedSignatureAlgorithms); + } + + /// + public static void AddStatusRequestExtension(IDictionary extensions, CertificateStatusRequest statusRequest) + { + extensions[ExtensionType.status_request] = CreateStatusRequestExtension(statusRequest); + } + + /// + public static void AddStatusRequestV2Extension(IDictionary extensions, IList statusRequestV2) + { + extensions[ExtensionType.status_request_v2] = CreateStatusRequestV2Extension(statusRequestV2); + } + + /// + public static void AddSupportedGroupsExtension(IDictionary extensions, IList namedGroups) + { + extensions[ExtensionType.supported_groups] = CreateSupportedGroupsExtension(namedGroups); + } + + /// + public static void AddSupportedPointFormatsExtension(IDictionary extensions, short[] ecPointFormats) + { + extensions[ExtensionType.ec_point_formats] = CreateSupportedPointFormatsExtension(ecPointFormats); + } + + /// + public static void AddSupportedVersionsExtensionClient(IDictionary extensions, ProtocolVersion[] versions) + { + extensions[ExtensionType.supported_versions] = CreateSupportedVersionsExtensionClient(versions); + } + + /// + public static void AddSupportedVersionsExtensionServer(IDictionary extensions, ProtocolVersion selectedVersion) + { + extensions[ExtensionType.supported_versions] = CreateSupportedVersionsExtensionServer(selectedVersion); + } + + public static void AddTruncatedHmacExtension(IDictionary extensions) + { + extensions[ExtensionType.truncated_hmac] = CreateTruncatedHmacExtension(); + } + + /// + public static void AddTrustedCAKeysExtensionClient(IDictionary extensions, IList trustedAuthoritiesList) + { + extensions[ExtensionType.trusted_ca_keys] = CreateTrustedCAKeysExtensionClient(trustedAuthoritiesList); + } + + public static void AddTrustedCAKeysExtensionServer(IDictionary extensions) + { + extensions[ExtensionType.trusted_ca_keys] = CreateTrustedCAKeysExtensionServer(); + } + + /// an of . + /// + public static IList GetAlpnExtensionClient(IDictionary extensions) + { + byte[] extensionData = TlsUtilities.GetExtensionData(extensions, ExtensionType.application_layer_protocol_negotiation); + return extensionData == null ? null : ReadAlpnExtensionClient(extensionData); + } + + /// + public static ProtocolName GetAlpnExtensionServer(IDictionary extensions) + { + byte[] extensionData = TlsUtilities.GetExtensionData(extensions, ExtensionType.application_layer_protocol_negotiation); + return extensionData == null ? null : ReadAlpnExtensionServer(extensionData); + } + + /// + public static IList GetCertificateAuthoritiesExtension(IDictionary extensions) + { + byte[] extensionData = TlsUtilities.GetExtensionData(extensions, ExtensionType.certificate_authorities); + return extensionData == null ? null : ReadCertificateAuthoritiesExtension(extensionData); + } + + /// + public static short[] GetClientCertificateTypeExtensionClient(IDictionary extensions) + { + byte[] extensionData = TlsUtilities.GetExtensionData(extensions, ExtensionType.client_certificate_type); + return extensionData == null ? null : ReadCertificateTypeExtensionClient(extensionData); + } + + /// + public static short GetClientCertificateTypeExtensionServer(IDictionary extensions) + { + byte[] extensionData = TlsUtilities.GetExtensionData(extensions, ExtensionType.client_certificate_type); + return extensionData == null ? (short)-1 : ReadCertificateTypeExtensionServer(extensionData); + } + + /// + public static int[] GetCompressCertificateExtension(IDictionary extensions) + { + byte[] extensionData = TlsUtilities.GetExtensionData(extensions, ExtensionType.compress_certificate); + return extensionData == null ? null : ReadCompressCertificateExtension(extensionData); + } + + /// + public static byte[] GetCookieExtension(IDictionary extensions) + { + byte[] extensionData = TlsUtilities.GetExtensionData(extensions, ExtensionType.cookie); + return extensionData == null ? null : ReadCookieExtension(extensionData); + } + + /// + public static long GetEarlyDataMaxSize(IDictionary extensions) + { + byte[] extensionData = TlsUtilities.GetExtensionData(extensions, ExtensionType.early_data); + return extensionData == null ? -1L : ReadEarlyDataMaxSize(extensionData); + } + + /// + public static HeartbeatExtension GetHeartbeatExtension(IDictionary extensions) + { + byte[] extensionData = TlsUtilities.GetExtensionData(extensions, ExtensionType.heartbeat); + return extensionData == null ? null : ReadHeartbeatExtension(extensionData); + } + + /// + public static IList GetKeyShareClientHello(IDictionary extensions) + { + byte[] extensionData = TlsUtilities.GetExtensionData(extensions, ExtensionType.key_share); + return extensionData == null ? null : ReadKeyShareClientHello(extensionData); + } + + /// + public static int GetKeyShareHelloRetryRequest(IDictionary extensions) + { + byte[] extensionData = TlsUtilities.GetExtensionData(extensions, ExtensionType.key_share); + return extensionData == null ? -1 : ReadKeyShareHelloRetryRequest(extensionData); + } + + /// + public static KeyShareEntry GetKeyShareServerHello(IDictionary extensions) + { + byte[] extensionData = TlsUtilities.GetExtensionData(extensions, ExtensionType.key_share); + return extensionData == null ? null : ReadKeyShareServerHello(extensionData); + } + + /// + public static short GetMaxFragmentLengthExtension(IDictionary extensions) + { + byte[] extensionData = TlsUtilities.GetExtensionData(extensions, ExtensionType.max_fragment_length); + return extensionData == null ? (short)-1 : ReadMaxFragmentLengthExtension(extensionData); + } + + /// + public static IDictionary GetOidFiltersExtension(IDictionary extensions) + { + byte[] extensionData = TlsUtilities.GetExtensionData(extensions, ExtensionType.oid_filters); + return extensionData == null ? null : ReadOidFiltersExtension(extensionData); + } + + /// + public static int GetPaddingExtension(IDictionary extensions) + { + byte[] extensionData = TlsUtilities.GetExtensionData(extensions, ExtensionType.padding); + return extensionData == null ? -1 : ReadPaddingExtension(extensionData); + } + + /// + public static OfferedPsks GetPreSharedKeyClientHello(IDictionary extensions) + { + byte[] extensionData = TlsUtilities.GetExtensionData(extensions, ExtensionType.pre_shared_key); + return extensionData == null ? null : ReadPreSharedKeyClientHello(extensionData); + } + + /// + public static int GetPreSharedKeyServerHello(IDictionary extensions) + { + byte[] extensionData = TlsUtilities.GetExtensionData(extensions, ExtensionType.pre_shared_key); + return extensionData == null ? -1 : ReadPreSharedKeyServerHello(extensionData); + } + + /// + public static short[] GetPskKeyExchangeModesExtension(IDictionary extensions) + { + byte[] extensionData = TlsUtilities.GetExtensionData(extensions, ExtensionType.psk_key_exchange_modes); + return extensionData == null ? null : ReadPskKeyExchangeModesExtension(extensionData); + } + + /// + public static int GetRecordSizeLimitExtension(IDictionary extensions) + { + byte[] extensionData = TlsUtilities.GetExtensionData(extensions, ExtensionType.record_size_limit); + return extensionData == null ? -1 : ReadRecordSizeLimitExtension(extensionData); + } + + /// + public static short[] GetServerCertificateTypeExtensionClient(IDictionary extensions) + { + byte[] extensionData = TlsUtilities.GetExtensionData(extensions, ExtensionType.server_certificate_type); + return extensionData == null ? null : ReadCertificateTypeExtensionClient(extensionData); + } + + /// + public static short GetServerCertificateTypeExtensionServer(IDictionary extensions) + { + byte[] extensionData = TlsUtilities.GetExtensionData(extensions, ExtensionType.server_certificate_type); + return extensionData == null ? (short)-1 : ReadCertificateTypeExtensionServer(extensionData); + } + + /// + public static IList GetServerNameExtensionClient(IDictionary extensions) + { + byte[] extensionData = TlsUtilities.GetExtensionData(extensions, ExtensionType.server_name); + return extensionData == null ? null : ReadServerNameExtensionClient(extensionData); + } + + /// + public static IList GetSignatureAlgorithmsExtension(IDictionary extensions) + { + byte[] extensionData = TlsUtilities.GetExtensionData(extensions, ExtensionType.signature_algorithms); + return extensionData == null ? null : ReadSignatureAlgorithmsExtension(extensionData); + } + + /// + public static IList GetSignatureAlgorithmsCertExtension(IDictionary extensions) + { + byte[] extensionData = TlsUtilities.GetExtensionData(extensions, ExtensionType.signature_algorithms_cert); + return extensionData == null ? null : ReadSignatureAlgorithmsCertExtension(extensionData); + } + + /// + public static CertificateStatusRequest GetStatusRequestExtension(IDictionary extensions) + { + byte[] extensionData = TlsUtilities.GetExtensionData(extensions, ExtensionType.status_request); + return extensionData == null ? null : ReadStatusRequestExtension(extensionData); + } + + /// + public static IList GetStatusRequestV2Extension(IDictionary extensions) + { + byte[] extensionData = TlsUtilities.GetExtensionData(extensions, ExtensionType.status_request_v2); + return extensionData == null ? null : ReadStatusRequestV2Extension(extensionData); + } + + /// + public static int[] GetSupportedGroupsExtension(IDictionary extensions) + { + byte[] extensionData = TlsUtilities.GetExtensionData(extensions, ExtensionType.supported_groups); + return extensionData == null ? null : ReadSupportedGroupsExtension(extensionData); + } + + /// + public static short[] GetSupportedPointFormatsExtension(IDictionary extensions) + { + byte[] extensionData = TlsUtilities.GetExtensionData(extensions, ExtensionType.ec_point_formats); + return extensionData == null ? null : ReadSupportedPointFormatsExtension(extensionData); + } + + /// + public static ProtocolVersion[] GetSupportedVersionsExtensionClient(IDictionary extensions) + { + byte[] extensionData = TlsUtilities.GetExtensionData(extensions, ExtensionType.supported_versions); + return extensionData == null ? null : ReadSupportedVersionsExtensionClient(extensionData); + } + + /// + public static ProtocolVersion GetSupportedVersionsExtensionServer(IDictionary extensions) + { + byte[] extensionData = TlsUtilities.GetExtensionData(extensions, ExtensionType.supported_versions); + return extensionData == null ? null : ReadSupportedVersionsExtensionServer(extensionData); + } + + /// + public static IList GetTrustedCAKeysExtensionClient(IDictionary extensions) + { + byte[] extensionData = TlsUtilities.GetExtensionData(extensions, ExtensionType.trusted_ca_keys); + return extensionData == null ? null : ReadTrustedCAKeysExtensionClient(extensionData); + } + + /// + public static bool HasClientCertificateUrlExtension(IDictionary extensions) + { + byte[] extensionData = TlsUtilities.GetExtensionData(extensions, ExtensionType.client_certificate_url); + return extensionData == null ? false : ReadClientCertificateUrlExtension(extensionData); + } + + /// + public static bool HasEarlyDataIndication(IDictionary extensions) + { + byte[] extensionData = TlsUtilities.GetExtensionData(extensions, ExtensionType.early_data); + return extensionData == null ? false : ReadEarlyDataIndication(extensionData); + } + + /// + public static bool HasEncryptThenMacExtension(IDictionary extensions) + { + byte[] extensionData = TlsUtilities.GetExtensionData(extensions, ExtensionType.encrypt_then_mac); + return extensionData == null ? false : ReadEncryptThenMacExtension(extensionData); + } + + /// + public static bool HasExtendedMasterSecretExtension(IDictionary extensions) + { + byte[] extensionData = TlsUtilities.GetExtensionData(extensions, ExtensionType.extended_master_secret); + return extensionData == null ? false : ReadExtendedMasterSecretExtension(extensionData); + } + + /// + public static bool HasServerNameExtensionServer(IDictionary extensions) + { + byte[] extensionData = TlsUtilities.GetExtensionData(extensions, ExtensionType.server_name); + return extensionData == null ? false : ReadServerNameExtensionServer(extensionData); + } + + /// + public static bool HasPostHandshakeAuthExtension(IDictionary extensions) + { + byte[] extensionData = TlsUtilities.GetExtensionData(extensions, ExtensionType.post_handshake_auth); + return extensionData == null ? false : ReadPostHandshakeAuthExtension(extensionData); + } + + /// + public static bool HasTruncatedHmacExtension(IDictionary extensions) + { + byte[] extensionData = TlsUtilities.GetExtensionData(extensions, ExtensionType.truncated_hmac); + return extensionData == null ? false : ReadTruncatedHmacExtension(extensionData); + } + + /// + public static bool HasTrustedCAKeysExtensionServer(IDictionary extensions) + { + byte[] extensionData = TlsUtilities.GetExtensionData(extensions, ExtensionType.trusted_ca_keys); + return extensionData == null ? false : ReadTrustedCAKeysExtensionServer(extensionData); + } + + /// an of . + /// + public static byte[] CreateAlpnExtensionClient(IList protocolNameList) + { + if (protocolNameList == null || protocolNameList.Count < 1) + throw new TlsFatalAlert(AlertDescription.internal_error); + + MemoryStream buf = new MemoryStream(); + + // Placeholder for length + TlsUtilities.WriteUint16(0, buf); + + foreach (ProtocolName protocolName in protocolNameList) + { + protocolName.Encode(buf); + } + + return PatchOpaque16(buf); + } + + /// + public static byte[] CreateAlpnExtensionServer(ProtocolName protocolName) + { + IList protocol_name_list = Platform.CreateArrayList(); + protocol_name_list.Add(protocolName); + + return CreateAlpnExtensionClient(protocol_name_list); + } + + /// + public static byte[] CreateCertificateAuthoritiesExtension(IList authorities) + { + if (null == authorities || authorities.Count < 1) + throw new TlsFatalAlert(AlertDescription.internal_error); + + MemoryStream buf = new MemoryStream(); + + // Placeholder for length + TlsUtilities.WriteUint16(0, buf); + + foreach (X509Name authority in authorities) + { + byte[] derEncoding = authority.GetEncoded(Asn1Encodable.Der); + TlsUtilities.WriteOpaque16(derEncoding, buf); + } + + return PatchOpaque16(buf); + } + + /// + public static byte[] CreateCertificateTypeExtensionClient(short[] certificateTypes) + { + if (TlsUtilities.IsNullOrEmpty(certificateTypes) || certificateTypes.Length > 255) + throw new TlsFatalAlert(AlertDescription.internal_error); + + return TlsUtilities.EncodeUint8ArrayWithUint8Length(certificateTypes); + } + + /// + public static byte[] CreateCertificateTypeExtensionServer(short certificateType) + { + return TlsUtilities.EncodeUint8(certificateType); + } + + public static byte[] CreateClientCertificateUrlExtension() + { + return CreateEmptyExtensionData(); + } + + /// + public static byte[] CreateCompressCertificateExtension(int[] algorithms) + { + if (TlsUtilities.IsNullOrEmpty(algorithms) || algorithms.Length > 127) + throw new TlsFatalAlert(AlertDescription.internal_error); + + return TlsUtilities.EncodeUint16ArrayWithUint8Length(algorithms); + } + + /// + public static byte[] CreateCookieExtension(byte[] cookie) + { + if (TlsUtilities.IsNullOrEmpty(cookie) || cookie.Length >= (1 << 16)) + throw new TlsFatalAlert(AlertDescription.internal_error); + + return TlsUtilities.EncodeOpaque16(cookie); + } + + public static byte[] CreateEarlyDataIndication() + { + return CreateEmptyExtensionData(); + } + + /// + public static byte[] CreateEarlyDataMaxSize(long maxSize) + { + return TlsUtilities.EncodeUint32(maxSize); + } + + public static byte[] CreateEmptyExtensionData() + { + return TlsUtilities.EmptyBytes; + } + + public static byte[] CreateEncryptThenMacExtension() + { + return CreateEmptyExtensionData(); + } + + public static byte[] CreateExtendedMasterSecretExtension() + { + return CreateEmptyExtensionData(); + } + + /// + public static byte[] CreateHeartbeatExtension(HeartbeatExtension heartbeatExtension) + { + if (heartbeatExtension == null) + { + throw new TlsFatalAlert(AlertDescription.internal_error); + } + + MemoryStream buf = new MemoryStream(); + + heartbeatExtension.Encode(buf); + + return buf.ToArray(); + } + + /// + public static byte[] CreateKeyShareClientHello(IList clientShares) + { + if (clientShares == null || clientShares.Count < 1) + return TlsUtilities.EncodeUint16(0); + + MemoryStream buf = new MemoryStream(); + + // Placeholder for length + TlsUtilities.WriteUint16(0, buf); + + foreach (KeyShareEntry clientShare in clientShares) + { + clientShare.Encode(buf); + } + + return PatchOpaque16(buf); + } + + /// + public static byte[] CreateKeyShareHelloRetryRequest(int namedGroup) + { + return TlsUtilities.EncodeUint16(namedGroup); + } + + /// + public static byte[] CreateKeyShareServerHello(KeyShareEntry serverShare) + { + if (serverShare == null) + { + throw new TlsFatalAlert(AlertDescription.internal_error); + } + + MemoryStream buf = new MemoryStream(); + + serverShare.Encode(buf); + + return buf.ToArray(); + } + + /// + public static byte[] CreateMaxFragmentLengthExtension(short maxFragmentLength) + { + return TlsUtilities.EncodeUint8(maxFragmentLength); + } + + /// + public static byte[] CreateOidFiltersExtension(IDictionary filters) + { + MemoryStream buf = new MemoryStream(); + + // Placeholder for length + TlsUtilities.WriteUint16(0, buf); + + if (null != filters) + { + foreach (DerObjectIdentifier certificateExtensionOid in filters.Keys) + { + byte[] certificateExtensionValues = (byte[])filters[certificateExtensionOid]; + + if (null == certificateExtensionOid || null == certificateExtensionValues) + throw new TlsFatalAlert(AlertDescription.internal_error); + + byte[] derEncoding = certificateExtensionOid.GetEncoded(Asn1Encodable.Der); + TlsUtilities.WriteOpaque8(derEncoding, buf); + + TlsUtilities.WriteOpaque16(certificateExtensionValues, buf); + } + } + + return PatchOpaque16(buf); + } + + /// + public static byte[] CreatePaddingExtension(int dataLength) + { + TlsUtilities.CheckUint16(dataLength); + return new byte[dataLength]; + } + + public static byte[] CreatePostHandshakeAuthExtension() + { + return CreateEmptyExtensionData(); + } + + /// + public static byte[] CreatePreSharedKeyClientHello(OfferedPsks offeredPsks) + { + if (offeredPsks == null) + throw new TlsFatalAlert(AlertDescription.internal_error); + + MemoryStream buf = new MemoryStream(); + + offeredPsks.Encode(buf); + + return buf.ToArray(); + } + + /// + public static byte[] CreatePreSharedKeyServerHello(int selectedIdentity) + { + return TlsUtilities.EncodeUint16(selectedIdentity); + } + + /// + public static byte[] CreatePskKeyExchangeModesExtension(short[] modes) + { + if (TlsUtilities.IsNullOrEmpty(modes) || modes.Length > 255) + throw new TlsFatalAlert(AlertDescription.internal_error); + + return TlsUtilities.EncodeUint8ArrayWithUint8Length(modes); + } + + /// + public static byte[] CreateRecordSizeLimitExtension(int recordSizeLimit) + { + if (recordSizeLimit < 64) + throw new TlsFatalAlert(AlertDescription.internal_error); + + return TlsUtilities.EncodeUint16(recordSizeLimit); + } + + /// + public static byte[] CreateServerNameExtensionClient(IList serverNameList) + { + if (serverNameList == null) + throw new TlsFatalAlert(AlertDescription.internal_error); + + MemoryStream buf = new MemoryStream(); + + new ServerNameList(serverNameList).Encode(buf); + + return buf.ToArray(); + } + + public static byte[] CreateServerNameExtensionServer() + { + return CreateEmptyExtensionData(); + } + + /// + public static byte[] CreateSignatureAlgorithmsExtension(IList supportedSignatureAlgorithms) + { + MemoryStream buf = new MemoryStream(); + + TlsUtilities.EncodeSupportedSignatureAlgorithms(supportedSignatureAlgorithms, buf); + + return buf.ToArray(); + } + + /// + public static byte[] CreateSignatureAlgorithmsCertExtension(IList supportedSignatureAlgorithms) + { + return CreateSignatureAlgorithmsExtension(supportedSignatureAlgorithms); + } + + /// + public static byte[] CreateStatusRequestExtension(CertificateStatusRequest statusRequest) + { + if (statusRequest == null) + throw new TlsFatalAlert(AlertDescription.internal_error); + + MemoryStream buf = new MemoryStream(); + + statusRequest.Encode(buf); + + return buf.ToArray(); + } + + /// + public static byte[] CreateStatusRequestV2Extension(IList statusRequestV2) + { + if (statusRequestV2 == null || statusRequestV2.Count < 1) + throw new TlsFatalAlert(AlertDescription.internal_error); + + MemoryStream buf = new MemoryStream(); + + // Placeholder for length + TlsUtilities.WriteUint16(0, buf); + + foreach (CertificateStatusRequestItemV2 entry in statusRequestV2) + { + entry.Encode(buf); + } + + return PatchOpaque16(buf); + } + + /// + public static byte[] CreateSupportedGroupsExtension(IList namedGroups) + { + if (namedGroups == null || namedGroups.Count < 1) + throw new TlsFatalAlert(AlertDescription.internal_error); + + int count = namedGroups.Count; + int[] values = new int[count]; + for (int i = 0; i < count; ++i) + { + values[i] = (Int32)namedGroups[i]; + } + + return TlsUtilities.EncodeUint16ArrayWithUint16Length(values); + } + + /// + public static byte[] CreateSupportedPointFormatsExtension(short[] ecPointFormats) + { + if (ecPointFormats == null || !Arrays.Contains(ecPointFormats, ECPointFormat.uncompressed)) + { + /* + * RFC 4492 5.1. If the Supported Point Formats Extension is indeed sent, it MUST + * contain the value 0 (uncompressed) as one of the items in the list of point formats. + */ + + // NOTE: We add it at the start (highest preference) + ecPointFormats = Arrays.Prepend(ecPointFormats, ECPointFormat.uncompressed); + } + + return TlsUtilities.EncodeUint8ArrayWithUint8Length(ecPointFormats); + } + + /// + public static byte[] CreateSupportedVersionsExtensionClient(ProtocolVersion[] versions) + { + if (TlsUtilities.IsNullOrEmpty(versions) || versions.Length > 127) + throw new TlsFatalAlert(AlertDescription.internal_error); + + int count = versions.Length; + byte[] data = new byte[1 + count * 2]; + TlsUtilities.WriteUint8(count * 2, data, 0); + for (int i = 0; i < count; ++i) + { + TlsUtilities.WriteVersion((ProtocolVersion)versions[i], data, 1 + i * 2); + } + return data; + } + + /// + public static byte[] CreateSupportedVersionsExtensionServer(ProtocolVersion selectedVersion) + { + return TlsUtilities.EncodeVersion(selectedVersion); + } + + public static byte[] CreateTruncatedHmacExtension() + { + return CreateEmptyExtensionData(); + } + + /// + public static byte[] CreateTrustedCAKeysExtensionClient(IList trustedAuthoritiesList) + { + MemoryStream buf = new MemoryStream(); + + // Placeholder for length + TlsUtilities.WriteUint16(0, buf); + + if (trustedAuthoritiesList != null) + { + foreach (TrustedAuthority entry in trustedAuthoritiesList) + { + entry.Encode(buf); + } + } + + return PatchOpaque16(buf); + } + + public static byte[] CreateTrustedCAKeysExtensionServer() + { + return CreateEmptyExtensionData(); + } + + /// + private static bool ReadEmptyExtensionData(byte[] extensionData) + { + if (extensionData == null) + throw new ArgumentNullException("extensionData"); + + if (extensionData.Length != 0) + throw new TlsFatalAlert(AlertDescription.illegal_parameter); + + return true; + } + + /// an of . + /// + public static IList ReadAlpnExtensionClient(byte[] extensionData) + { + if (extensionData == null) + throw new ArgumentNullException("extensionData"); + + MemoryStream buf = new MemoryStream(extensionData); + + int length = TlsUtilities.ReadUint16(buf); + if (length != (extensionData.Length - 2)) + throw new TlsFatalAlert(AlertDescription.decode_error); + + IList protocol_name_list = Platform.CreateArrayList(); + while (buf.Position < buf.Length) + { + ProtocolName protocolName = ProtocolName.Parse(buf); + + protocol_name_list.Add(protocolName); + } + return protocol_name_list; + } + + /// + public static ProtocolName ReadAlpnExtensionServer(byte[] extensionData) + { + IList protocol_name_list = ReadAlpnExtensionClient(extensionData); + if (protocol_name_list.Count != 1) + throw new TlsFatalAlert(AlertDescription.decode_error); + + return (ProtocolName)protocol_name_list[0]; + } + + /// + public static IList ReadCertificateAuthoritiesExtension(byte[] extensionData) + { + if (extensionData == null) + throw new ArgumentNullException("extensionData"); + if (extensionData.Length < 5) + throw new TlsFatalAlert(AlertDescription.decode_error); + + MemoryStream buf = new MemoryStream(extensionData); + + int length = TlsUtilities.ReadUint16(buf); + if (length != (extensionData.Length - 2)) + throw new TlsFatalAlert(AlertDescription.decode_error); + + IList authorities = Platform.CreateArrayList(); + while (buf.Position < buf.Length) + { + byte[] derEncoding = TlsUtilities.ReadOpaque16(buf, 1); + Asn1Object asn1 = TlsUtilities.ReadAsn1Object(derEncoding); + X509Name ca = X509Name.GetInstance(asn1); + TlsUtilities.RequireDerEncoding(ca, derEncoding); + authorities.Add(ca); + } + return authorities; + } + + /// + public static short[] ReadCertificateTypeExtensionClient(byte[] extensionData) + { + short[] certificateTypes = TlsUtilities.DecodeUint8ArrayWithUint8Length(extensionData); + if (certificateTypes.Length < 1) + throw new TlsFatalAlert(AlertDescription.decode_error); + + return certificateTypes; + } + + /// + public static short ReadCertificateTypeExtensionServer(byte[] extensionData) + { + return TlsUtilities.DecodeUint8(extensionData); + } + + /// + public static bool ReadClientCertificateUrlExtension(byte[] extensionData) + { + return ReadEmptyExtensionData(extensionData); + } + + /// + public static int[] ReadCompressCertificateExtension(byte[] extensionData) + { + int[] algorithms = TlsUtilities.DecodeUint16ArrayWithUint8Length(extensionData); + if (algorithms.Length < 1) + throw new TlsFatalAlert(AlertDescription.decode_error); + + return algorithms; + } + + /// + public static byte[] ReadCookieExtension(byte[] extensionData) + { + return TlsUtilities.DecodeOpaque16(extensionData, 1); + } + + /// + public static bool ReadEarlyDataIndication(byte[] extensionData) + { + return ReadEmptyExtensionData(extensionData); + } + + /// + public static long ReadEarlyDataMaxSize(byte[] extensionData) + { + return TlsUtilities.DecodeUint32(extensionData); + } + + /// + public static bool ReadEncryptThenMacExtension(byte[] extensionData) + { + return ReadEmptyExtensionData(extensionData); + } + + /// + public static bool ReadExtendedMasterSecretExtension(byte[] extensionData) + { + return ReadEmptyExtensionData(extensionData); + } + + /// + public static HeartbeatExtension ReadHeartbeatExtension(byte[] extensionData) + { + if (extensionData == null) + throw new ArgumentNullException("extensionData"); + + MemoryStream buf = new MemoryStream(extensionData, false); + + HeartbeatExtension heartbeatExtension = HeartbeatExtension.Parse(buf); + + TlsProtocol.AssertEmpty(buf); + + return heartbeatExtension; + } + + /// + public static IList ReadKeyShareClientHello(byte[] extensionData) + { + if (extensionData == null) + throw new ArgumentNullException("extensionData"); + + /* + * TODO[tls13] Clients MUST NOT offer multiple KeyShareEntry values for the same group. + * Clients MUST NOT offer any KeyShareEntry values for groups not listed in the client's + * "supported_groups" extension. Servers MAY check for violations of these rules and abort + * the handshake with an "illegal_parameter" alert if one is violated. + */ + + MemoryStream buf = new MemoryStream(extensionData, false); + + int length = TlsUtilities.ReadUint16(buf); + if (length != (extensionData.Length - 2)) + throw new TlsFatalAlert(AlertDescription.decode_error); + + IList clientShares = Platform.CreateArrayList(); + while (buf.Position < buf.Length) + { + KeyShareEntry clientShare = KeyShareEntry.Parse(buf); + + clientShares.Add(clientShare); + } + return clientShares; + } + + /// + public static int ReadKeyShareHelloRetryRequest(byte[] extensionData) + { + return TlsUtilities.DecodeUint16(extensionData); + } + + /// + public static KeyShareEntry ReadKeyShareServerHello(byte[] extensionData) + { + if (extensionData == null) + throw new ArgumentNullException("extensionData"); + + MemoryStream buf = new MemoryStream(extensionData, false); + + KeyShareEntry serverShare = KeyShareEntry.Parse(buf); + + TlsProtocol.AssertEmpty(buf); + + return serverShare; + } + + /// + public static short ReadMaxFragmentLengthExtension(byte[] extensionData) + { + return TlsUtilities.DecodeUint8(extensionData); + } + + /// + public static IDictionary ReadOidFiltersExtension(byte[] extensionData) + { + if (extensionData == null) + throw new ArgumentNullException("extensionData"); + if (extensionData.Length < 2) + throw new TlsFatalAlert(AlertDescription.decode_error); + + MemoryStream buf = new MemoryStream(extensionData, false); + + int length = TlsUtilities.ReadUint16(buf); + if (length != (extensionData.Length - 2)) + throw new TlsFatalAlert(AlertDescription.decode_error); + + IDictionary filters = Platform.CreateHashtable(); + while (buf.Position < buf.Length) + { + byte[] derEncoding = TlsUtilities.ReadOpaque8(buf, 1); + Asn1Object asn1 = TlsUtilities.ReadAsn1Object(derEncoding); + DerObjectIdentifier certificateExtensionOid = DerObjectIdentifier.GetInstance(asn1); + TlsUtilities.RequireDerEncoding(certificateExtensionOid, derEncoding); + + if (filters.Contains(certificateExtensionOid)) + throw new TlsFatalAlert(AlertDescription.illegal_parameter); + + byte[] certificateExtensionValues = TlsUtilities.ReadOpaque16(buf); + + filters[certificateExtensionOid] = certificateExtensionValues; + } + return filters; + } + + /// + public static int ReadPaddingExtension(byte[] extensionData) + { + if (extensionData == null) + throw new ArgumentNullException("extensionData"); + + if (!Arrays.AreAllZeroes(extensionData, 0, extensionData.Length)) + throw new TlsFatalAlert(AlertDescription.illegal_parameter); + + return extensionData.Length; + } + + /// + public static bool ReadPostHandshakeAuthExtension(byte[] extensionData) + { + return ReadEmptyExtensionData(extensionData); + } + + /// + public static OfferedPsks ReadPreSharedKeyClientHello(byte[] extensionData) + { + if (extensionData == null) + throw new ArgumentNullException("extensionData"); + + MemoryStream buf = new MemoryStream(extensionData, false); + + OfferedPsks offeredPsks = OfferedPsks.Parse(buf); + + TlsProtocol.AssertEmpty(buf); + + return offeredPsks; + } + + /// + public static int ReadPreSharedKeyServerHello(byte[] extensionData) + { + return TlsUtilities.DecodeUint16(extensionData); + } + + /// + public static short[] ReadPskKeyExchangeModesExtension(byte[] extensionData) + { + short[] modes = TlsUtilities.DecodeUint8ArrayWithUint8Length(extensionData); + if (modes.Length < 1) + throw new TlsFatalAlert(AlertDescription.decode_error); + + return modes; + } + + /// + public static int ReadRecordSizeLimitExtension(byte[] extensionData) + { + int recordSizeLimit = TlsUtilities.DecodeUint16(extensionData); + if (recordSizeLimit < 64) + throw new TlsFatalAlert(AlertDescription.illegal_parameter); + + return recordSizeLimit; + } + + /// + public static IList ReadServerNameExtensionClient(byte[] extensionData) + { + if (extensionData == null) + throw new ArgumentNullException("extensionData"); + + MemoryStream buf = new MemoryStream(extensionData, false); + + ServerNameList serverNameList = ServerNameList.Parse(buf); + + TlsProtocol.AssertEmpty(buf); + + return serverNameList.ServerNames; + } + + /// + public static bool ReadServerNameExtensionServer(byte[] extensionData) + { + return ReadEmptyExtensionData(extensionData); + } + + /// + public static IList ReadSignatureAlgorithmsExtension(byte[] extensionData) + { + if (extensionData == null) + throw new ArgumentNullException("extensionData"); + + MemoryStream buf = new MemoryStream(extensionData, false); + + IList supported_signature_algorithms = TlsUtilities.ParseSupportedSignatureAlgorithms(buf); + + TlsProtocol.AssertEmpty(buf); + + return supported_signature_algorithms; + } + + /// + public static IList ReadSignatureAlgorithmsCertExtension(byte[] extensionData) + { + return ReadSignatureAlgorithmsExtension(extensionData); + } + + /// + public static CertificateStatusRequest ReadStatusRequestExtension(byte[] extensionData) + { + if (extensionData == null) + throw new ArgumentNullException("extensionData"); + + MemoryStream buf = new MemoryStream(extensionData, false); + + CertificateStatusRequest statusRequest = CertificateStatusRequest.Parse(buf); + + TlsProtocol.AssertEmpty(buf); + + return statusRequest; + } + + /// + public static IList ReadStatusRequestV2Extension(byte[] extensionData) + { + if (extensionData == null) + throw new ArgumentNullException("extensionData"); + if (extensionData.Length < 3) + throw new TlsFatalAlert(AlertDescription.decode_error); + + MemoryStream buf = new MemoryStream(extensionData, false); + + int length = TlsUtilities.ReadUint16(buf); + if (length != (extensionData.Length - 2)) + throw new TlsFatalAlert(AlertDescription.decode_error); + + IList statusRequestV2 = Platform.CreateArrayList(); + while (buf.Position < buf.Length) + { + CertificateStatusRequestItemV2 entry = CertificateStatusRequestItemV2.Parse(buf); + statusRequestV2.Add(entry); + } + return statusRequestV2; + } + + /// + public static int[] ReadSupportedGroupsExtension(byte[] extensionData) + { + if (extensionData == null) + throw new ArgumentNullException("extensionData"); + + MemoryStream buf = new MemoryStream(extensionData, false); + + int length = TlsUtilities.ReadUint16(buf); + if (length < 2 || (length & 1) != 0) + throw new TlsFatalAlert(AlertDescription.decode_error); + + int[] namedGroups = TlsUtilities.ReadUint16Array(length / 2, buf); + + TlsProtocol.AssertEmpty(buf); + + return namedGroups; + } + + /// + public static short[] ReadSupportedPointFormatsExtension(byte[] extensionData) + { + short[] ecPointFormats = TlsUtilities.DecodeUint8ArrayWithUint8Length(extensionData); + if (!Arrays.Contains(ecPointFormats, ECPointFormat.uncompressed)) + { + /* + * RFC 4492 5.1. If the Supported Point Formats Extension is indeed sent, it MUST + * contain the value 0 (uncompressed) as one of the items in the list of point formats. + */ + throw new TlsFatalAlert(AlertDescription.illegal_parameter); + } + return ecPointFormats; + } + + /// + public static ProtocolVersion[] ReadSupportedVersionsExtensionClient(byte[] extensionData) + { + if (extensionData == null) + throw new ArgumentNullException("extensionData"); + if (extensionData.Length < 3 || extensionData.Length > 255 || (extensionData.Length & 1) == 0) + throw new TlsFatalAlert(AlertDescription.decode_error); + + int length = TlsUtilities.ReadUint8(extensionData, 0); + if (length != (extensionData.Length - 1)) + throw new TlsFatalAlert(AlertDescription.decode_error); + + int count = length / 2; + ProtocolVersion[] versions = new ProtocolVersion[count]; + for (int i = 0; i < count; ++i) + { + versions[i] = TlsUtilities.ReadVersion(extensionData, 1 + i * 2); + } + return versions; + } + + /// + public static ProtocolVersion ReadSupportedVersionsExtensionServer(byte[] extensionData) + { + if (extensionData == null) + throw new ArgumentNullException("extensionData"); + if (extensionData.Length != 2) + throw new TlsFatalAlert(AlertDescription.decode_error); + + return TlsUtilities.ReadVersion(extensionData, 0); + } + + /// + public static bool ReadTruncatedHmacExtension(byte[] extensionData) + { + return ReadEmptyExtensionData(extensionData); + } + + /// + public static IList ReadTrustedCAKeysExtensionClient(byte[] extensionData) + { + if (extensionData == null) + throw new ArgumentNullException("extensionData"); + if (extensionData.Length < 2) + throw new TlsFatalAlert(AlertDescription.decode_error); + + MemoryStream buf = new MemoryStream(extensionData, false); + + int length = TlsUtilities.ReadUint16(buf); + if (length != (extensionData.Length - 2)) + throw new TlsFatalAlert(AlertDescription.decode_error); + + IList trusted_authorities_list = Platform.CreateArrayList(); + while (buf.Position < buf.Length) + { + TrustedAuthority entry = TrustedAuthority.Parse(buf); + trusted_authorities_list.Add(entry); + } + return trusted_authorities_list; + } + + /// + public static bool ReadTrustedCAKeysExtensionServer(byte[] extensionData) + { + return ReadEmptyExtensionData(extensionData); + } + + /// + private static byte[] PatchOpaque16(MemoryStream buf) + { + int length = (int)buf.Length - 2; + TlsUtilities.CheckUint16(length); + byte[] extensionData = buf.ToArray(); + TlsUtilities.WriteUint16(length, extensionData, 0); + return extensionData; + } + } +} diff --git a/BouncyCastle/crypto/src/tls/TlsFatalAlert.cs b/BouncyCastle/crypto/src/tls/TlsFatalAlert.cs new file mode 100644 index 0000000..9f0ea8f --- /dev/null +++ b/BouncyCastle/crypto/src/tls/TlsFatalAlert.cs @@ -0,0 +1,46 @@ +using System; + +namespace Org.BouncyCastle.Tls +{ + public class TlsFatalAlert + : TlsException + { + private static string GetMessage(short alertDescription, string detailMessage) + { + string msg = Tls.AlertDescription.GetText(alertDescription); + if (null != detailMessage) + { + msg += "; " + detailMessage; + } + return msg; + } + + protected readonly short m_alertDescription; + + public TlsFatalAlert(short alertDescription) + : this(alertDescription, (string)null) + { + } + + public TlsFatalAlert(short alertDescription, string detailMessage) + : this(alertDescription, detailMessage, null) + { + } + + public TlsFatalAlert(short alertDescription, Exception alertCause) + : this(alertDescription, null, alertCause) + { + } + + public TlsFatalAlert(short alertDescription, string detailMessage, Exception alertCause) + : base(GetMessage(alertDescription, detailMessage), alertCause) + { + this.m_alertDescription = alertDescription; + } + + public virtual short AlertDescription + { + get { return m_alertDescription; } + } + } +} diff --git a/BouncyCastle/crypto/src/tls/TlsFatalAlertReceived.cs b/BouncyCastle/crypto/src/tls/TlsFatalAlertReceived.cs new file mode 100644 index 0000000..0bf6cff --- /dev/null +++ b/BouncyCastle/crypto/src/tls/TlsFatalAlertReceived.cs @@ -0,0 +1,21 @@ +using System; + +namespace Org.BouncyCastle.Tls +{ + public class TlsFatalAlertReceived + : TlsException + { + protected readonly short m_alertDescription; + + public TlsFatalAlertReceived(short alertDescription) + : base(Tls.AlertDescription.GetText(alertDescription)) + { + this.m_alertDescription = alertDescription; + } + + public virtual short AlertDescription + { + get { return m_alertDescription; } + } + } +} diff --git a/BouncyCastle/crypto/src/tls/TlsHandshakeHash.cs b/BouncyCastle/crypto/src/tls/TlsHandshakeHash.cs new file mode 100644 index 0000000..88aeaaa --- /dev/null +++ b/BouncyCastle/crypto/src/tls/TlsHandshakeHash.cs @@ -0,0 +1,29 @@ +using System; +using System.IO; + +using Org.BouncyCastle.Tls.Crypto; + +namespace Org.BouncyCastle.Tls +{ + /// Base interface for an object that can calculate a handshake hash. + public interface TlsHandshakeHash + : TlsHash + { + /// + void CopyBufferTo(Stream output); + + void ForceBuffering(); + + void NotifyPrfDetermined(); + + void TrackHashAlgorithm(int cryptoHashAlgorithm); + + void SealHashAlgorithms(); + + void StopTracking(); + + TlsHash ForkPrfHash(); + + byte[] GetFinalHash(int cryptoHashAlgorithm); + } +} diff --git a/BouncyCastle/crypto/src/tls/TlsHeartbeat.cs b/BouncyCastle/crypto/src/tls/TlsHeartbeat.cs new file mode 100644 index 0000000..3f208a8 --- /dev/null +++ b/BouncyCastle/crypto/src/tls/TlsHeartbeat.cs @@ -0,0 +1,13 @@ +using System; + +namespace Org.BouncyCastle.Tls +{ + public interface TlsHeartbeat + { + byte[] GeneratePayload(); + + int IdleMillis { get; } + + int TimeoutMillis { get; } + } +} diff --git a/BouncyCastle/crypto/src/tls/TlsKeyExchange.cs b/BouncyCastle/crypto/src/tls/TlsKeyExchange.cs new file mode 100644 index 0000000..42c2aa4 --- /dev/null +++ b/BouncyCastle/crypto/src/tls/TlsKeyExchange.cs @@ -0,0 +1,55 @@ +using System; +using System.IO; + +using Org.BouncyCastle.Tls.Crypto; + +namespace Org.BouncyCastle.Tls +{ + /// A generic interface for key exchange implementations in (D)TLS. + public interface TlsKeyExchange + { + void Init(TlsContext context); + + /// + void SkipServerCredentials(); + + /// + void ProcessServerCredentials(TlsCredentials serverCredentials); + + /// + void ProcessServerCertificate(Certificate serverCertificate); + + bool RequiresServerKeyExchange { get; } + + /// + byte[] GenerateServerKeyExchange(); + + /// + void SkipServerKeyExchange(); + + /// + void ProcessServerKeyExchange(Stream input); + + short[] GetClientCertificateTypes(); + + /// + void SkipClientCredentials(); + + /// + void ProcessClientCredentials(TlsCredentials clientCredentials); + + /// + void ProcessClientCertificate(Certificate clientCertificate); + + /// + void GenerateClientKeyExchange(Stream output); + + /// + void ProcessClientKeyExchange(Stream input); + + bool RequiresCertificateVerify { get; } + + /// + TlsSecret GeneratePreMasterSecret(); + } +} diff --git a/BouncyCastle/crypto/src/tls/TlsKeyExchangeFactory.cs b/BouncyCastle/crypto/src/tls/TlsKeyExchangeFactory.cs new file mode 100644 index 0000000..59b5327 --- /dev/null +++ b/BouncyCastle/crypto/src/tls/TlsKeyExchangeFactory.cs @@ -0,0 +1,59 @@ +using System; +using System.IO; + +using Org.BouncyCastle.Tls.Crypto; + +namespace Org.BouncyCastle.Tls +{ + /// Interface for a key exchange factory offering a variety of specific algorithms. + public interface TlsKeyExchangeFactory + { + /// + TlsKeyExchange CreateDHKeyExchange(int keyExchange); + + /// + TlsKeyExchange CreateDHanonKeyExchangeClient(int keyExchange, TlsDHGroupVerifier dhGroupVerifier); + + /// + TlsKeyExchange CreateDHanonKeyExchangeServer(int keyExchange, TlsDHConfig dhConfig); + + /// + TlsKeyExchange CreateDheKeyExchangeClient(int keyExchange, TlsDHGroupVerifier dhGroupVerifier); + + /// + TlsKeyExchange CreateDheKeyExchangeServer(int keyExchange, TlsDHConfig dhConfig); + + /// + TlsKeyExchange CreateECDHKeyExchange(int keyExchange); + + /// + TlsKeyExchange CreateECDHanonKeyExchangeClient(int keyExchange); + + /// + TlsKeyExchange CreateECDHanonKeyExchangeServer(int keyExchange, TlsECConfig ecConfig); + + /// + TlsKeyExchange CreateECDheKeyExchangeClient(int keyExchange); + + /// + TlsKeyExchange CreateECDheKeyExchangeServer(int keyExchange, TlsECConfig ecConfig); + + /// + TlsKeyExchange CreatePskKeyExchangeClient(int keyExchange, TlsPskIdentity pskIdentity, + TlsDHGroupVerifier dhGroupVerifier); + + /// + TlsKeyExchange CreatePskKeyExchangeServer(int keyExchange, TlsPskIdentityManager pskIdentityManager, + TlsDHConfig dhConfig, TlsECConfig ecConfig); + + /// + TlsKeyExchange CreateRsaKeyExchange(int keyExchange); + + /// + TlsKeyExchange CreateSrpKeyExchangeClient(int keyExchange, TlsSrpIdentity srpIdentity, + TlsSrpConfigVerifier srpConfigVerifier); + + /// + TlsKeyExchange CreateSrpKeyExchangeServer(int keyExchange, TlsSrpLoginParameters loginParameters); + } +} diff --git a/BouncyCastle/crypto/src/tls/TlsNoCloseNotifyException.cs b/BouncyCastle/crypto/src/tls/TlsNoCloseNotifyException.cs new file mode 100644 index 0000000..8fdfbbf --- /dev/null +++ b/BouncyCastle/crypto/src/tls/TlsNoCloseNotifyException.cs @@ -0,0 +1,21 @@ +using System; +using System.IO; + +namespace Org.BouncyCastle.Tls +{ + /// This exception will be thrown (only) when the connection is closed by the peer without sending a + /// close_notify warning alert. + /// + /// If this happens, the TLS protocol cannot rule out truncation of the connection data (potentially + /// malicious). It may be possible to check for truncation via some property of a higher level protocol + /// built upon TLS, e.g.the Content-Length header for HTTPS. + /// + public class TlsNoCloseNotifyException + : EndOfStreamException + { + public TlsNoCloseNotifyException() + : base("No close_notify alert received before connection closed") + { + } + } +} diff --git a/BouncyCastle/crypto/src/tls/TlsObjectIdentifiers.cs b/BouncyCastle/crypto/src/tls/TlsObjectIdentifiers.cs new file mode 100644 index 0000000..e4bba69 --- /dev/null +++ b/BouncyCastle/crypto/src/tls/TlsObjectIdentifiers.cs @@ -0,0 +1,14 @@ +using System; + +using Org.BouncyCastle.Asn1; +using Org.BouncyCastle.Asn1.X509; + +namespace Org.BouncyCastle.Tls +{ + /// Object Identifiers associated with TLS extensions. + public abstract class TlsObjectIdentifiers + { + /// RFC 7633 + public static readonly DerObjectIdentifier id_pe_tlsfeature = X509ObjectIdentifiers.IdPE.Branch("24"); + } +} diff --git a/BouncyCastle/crypto/src/tls/TlsPeer.cs b/BouncyCastle/crypto/src/tls/TlsPeer.cs new file mode 100644 index 0000000..ef28371 --- /dev/null +++ b/BouncyCastle/crypto/src/tls/TlsPeer.cs @@ -0,0 +1,123 @@ +using System; +using System.IO; + +using Org.BouncyCastle.Tls.Crypto; + +namespace Org.BouncyCastle.Tls +{ + /// Base interface for a (D)TLS endpoint. + public interface TlsPeer + { + TlsCrypto Crypto { get; } + + void NotifyCloseHandle(TlsCloseable closehandle); + + /// + void Cancel(); + + ProtocolVersion[] GetProtocolVersions(); + + int[] GetCipherSuites(); + + /// Notifies the peer that a new handshake is about to begin. + /// + void NotifyHandshakeBeginning(); + + /// Specify the timeout, in milliseconds, to use for the complete handshake process. + /// + /// NOTE: Currently only respected by DTLS protocols. Negative values are not allowed. A timeout of zero means + /// an infinite timeout (i.e.the handshake will never time out). + /// + /// the handshake timeout, in milliseconds. + int GetHandshakeTimeoutMillis(); + + bool AllowLegacyResumption(); + + int GetMaxCertificateChainLength(); + + int GetMaxHandshakeMessageSize(); + + short[] GetPskKeyExchangeModes(); + + /// + /// This option is provided as a last resort for interoperability with TLS peers that fail to correctly send a + /// close_notify alert at end of stream. Implementations SHOULD return true; caution is advised if returning + /// false without a full understanding of the implications. + /// + bool RequiresCloseNotify(); + + /// This implementation supports RFC 7627 and will always negotiate the extended_master_secret + /// extension where possible. When connecting to a peer that does not offer/accept this extension, it is + /// recommended to abort the handshake.This option is provided for interoperability with legacy peers, although + /// some TLS features will be disabled in that case (see RFC 7627 5.4). + /// + /// true if the handshake should be aborted when the peer does not negotiate the + /// extended_master_secret extension, or false to support legacy interoperability. + bool RequiresExtendedMasterSecret(); + + bool ShouldUseExtendedMasterSecret(); + + /// See RFC 5246 6.2.3.2. Controls whether block cipher encryption may randomly add extra padding + /// beyond the minimum. + /// + /// Note that in configurations where this is known to be potential security risk this setting will be ignored + /// (and extended padding disabled). Extra padding is always supported when decrypting received records. + /// + /// true if random extra padding should be added during block cipher encryption, or + /// false to always use the minimum amount of required padding. + bool ShouldUseExtendedPadding(); + + /// draft-mathewson-no-gmtunixtime-00 2. "If existing users of a TLS implementation may rely on + /// gmt_unix_time containing the current time, we recommend that implementors MAY provide the ability to set + /// gmt_unix_time as an option only, off by default.". + /// + /// NOTE: For a server that has negotiated TLS 1.3 (or later), or a client that has offered TLS 1.3 (or later), + /// this is not called and gmt_unix_time is not used. + /// + /// true if the current time should be used in the gmt_unix_time field of Random, or + /// false if gmt_unix_time should contain a cryptographically random value. + bool ShouldUseGmtUnixTime(); + + /// RFC 5746 3.4/3.6. In case this is false, peers may want to terminate the handshake instead of + /// continuing; see Section 4.1/4.3 for discussion. + /// + /// NOTE: TLS 1.3 forbids renegotiation, so this is never called when TLS 1.3 (or later) was negotiated. + /// + /// + void NotifySecureRenegotiation(bool secureRenegotiation); + + /// + TlsKeyExchangeFactory GetKeyExchangeFactory(); + + /// This method will be called when an alert is raised by the protocol. + /// + /// + /// A human-readable message explaining what caused this alert. May be null. + /// The that caused this alert to be raised. May be null. + void NotifyAlertRaised(short alertLevel, short alertDescription, string message, Exception cause); + + /// This method will be called when an alert is received from the remote peer. + /// + /// + void NotifyAlertReceived(short alertLevel, short alertDescription); + + /// Notifies the peer that the handshake has been successfully completed. + /// + void NotifyHandshakeComplete(); + + /// Return a instance that will control the generation of heartbeats + /// locally (if permitted by the remote peer), or null to not generate heartbeats. Heartbeats are described in + /// RFC 6520. + /// an instance of . + /// + TlsHeartbeat GetHeartbeat(); + + /// Return the heartbeat mode applicable to the remote peer. Heartbeats are described in RFC 6520. + /// + /// + /// See enumeration class for appropriate return values. + /// + /// the value. + short GetHeartbeatPolicy(); + } +} diff --git a/BouncyCastle/crypto/src/tls/TlsProtocol.cs b/BouncyCastle/crypto/src/tls/TlsProtocol.cs new file mode 100644 index 0000000..8fe6dc2 --- /dev/null +++ b/BouncyCastle/crypto/src/tls/TlsProtocol.cs @@ -0,0 +1,1965 @@ +using System; +using System.Collections; +using System.IO; + +using Org.BouncyCastle.Tls.Crypto; +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Tls +{ + public abstract class TlsProtocol + : TlsCloseable + { + /* + * Connection States. + * + * NOTE: Redirection of handshake messages to TLS 1.3 handlers assumes CS_START, CS_CLIENT_HELLO + * are lower than any of the other values. + */ + protected const short CS_START = 0; + protected const short CS_CLIENT_HELLO = 1; + protected const short CS_SERVER_HELLO_RETRY_REQUEST = 2; + protected const short CS_CLIENT_HELLO_RETRY = 3; + protected const short CS_SERVER_HELLO = 4; + protected const short CS_SERVER_ENCRYPTED_EXTENSIONS = 5; + protected const short CS_SERVER_SUPPLEMENTAL_DATA = 6; + protected const short CS_SERVER_CERTIFICATE = 7; + protected const short CS_SERVER_CERTIFICATE_STATUS = 8; + protected const short CS_SERVER_CERTIFICATE_VERIFY = 9; + protected const short CS_SERVER_KEY_EXCHANGE = 10; + protected const short CS_SERVER_CERTIFICATE_REQUEST = 11; + protected const short CS_SERVER_HELLO_DONE = 12; + protected const short CS_CLIENT_END_OF_EARLY_DATA = 13; + protected const short CS_CLIENT_SUPPLEMENTAL_DATA = 14; + protected const short CS_CLIENT_CERTIFICATE = 15; + protected const short CS_CLIENT_KEY_EXCHANGE = 16; + protected const short CS_CLIENT_CERTIFICATE_VERIFY = 17; + protected const short CS_CLIENT_FINISHED = 18; + protected const short CS_SERVER_SESSION_TICKET = 19; + protected const short CS_SERVER_FINISHED = 20; + protected const short CS_END = 21; + + protected bool IsLegacyConnectionState() + { + switch (m_connectionState) + { + case CS_START: + case CS_CLIENT_HELLO: + case CS_SERVER_HELLO: + case CS_SERVER_SUPPLEMENTAL_DATA: + case CS_SERVER_CERTIFICATE: + case CS_SERVER_CERTIFICATE_STATUS: + case CS_SERVER_KEY_EXCHANGE: + case CS_SERVER_CERTIFICATE_REQUEST: + case CS_SERVER_HELLO_DONE: + case CS_CLIENT_SUPPLEMENTAL_DATA: + case CS_CLIENT_CERTIFICATE: + case CS_CLIENT_KEY_EXCHANGE: + case CS_CLIENT_CERTIFICATE_VERIFY: + case CS_CLIENT_FINISHED: + case CS_SERVER_SESSION_TICKET: + case CS_SERVER_FINISHED: + case CS_END: + return true; + + case CS_SERVER_HELLO_RETRY_REQUEST: + case CS_CLIENT_HELLO_RETRY: + case CS_SERVER_ENCRYPTED_EXTENSIONS: + case CS_SERVER_CERTIFICATE_VERIFY: + case CS_CLIENT_END_OF_EARLY_DATA: + default: + return false; + } + } + + protected bool IsTlsV13ConnectionState() + { + switch (m_connectionState) + { + case CS_START: + case CS_CLIENT_HELLO: + case CS_SERVER_HELLO_RETRY_REQUEST: + case CS_CLIENT_HELLO_RETRY: + case CS_SERVER_HELLO: + case CS_SERVER_ENCRYPTED_EXTENSIONS: + case CS_SERVER_CERTIFICATE_REQUEST: + case CS_SERVER_CERTIFICATE: + case CS_SERVER_CERTIFICATE_VERIFY: + case CS_SERVER_FINISHED: + case CS_CLIENT_END_OF_EARLY_DATA: + case CS_CLIENT_CERTIFICATE: + case CS_CLIENT_CERTIFICATE_VERIFY: + case CS_CLIENT_FINISHED: + case CS_END: + return true; + + case CS_SERVER_SUPPLEMENTAL_DATA: + case CS_SERVER_CERTIFICATE_STATUS: + case CS_SERVER_KEY_EXCHANGE: + case CS_SERVER_HELLO_DONE: + case CS_CLIENT_SUPPLEMENTAL_DATA: + case CS_CLIENT_KEY_EXCHANGE: + case CS_SERVER_SESSION_TICKET: + default: + return false; + } + } + + /* + * Different modes to handle the known IV weakness + */ + protected const short ADS_MODE_1_Nsub1 = 0; // 1/n-1 record splitting + protected const short ADS_MODE_0_N = 1; // 0/n record splitting + protected const short ADS_MODE_0_N_FIRSTONLY = 2; // 0/n record splitting on first data fragment only + + /* + * Queues for data from some protocols. + */ + private readonly ByteQueue m_applicationDataQueue = new ByteQueue(0); + private readonly ByteQueue m_alertQueue = new ByteQueue(2); + private readonly ByteQueue m_handshakeQueue = new ByteQueue(0); + //private readonly ByteQueue m_heartbeatQueue = new ByteQueue(0); + + internal readonly RecordStream m_recordStream; + internal readonly object m_recordWriteLock = new object(); + + private int m_maxHandshakeMessageSize = -1; + + internal TlsHandshakeHash m_handshakeHash; + + private TlsStream m_tlsStream = null; + + private volatile bool m_closed = false; + private volatile bool m_failedWithError = false; + private volatile bool m_appDataReady = false; + private volatile bool m_appDataSplitEnabled = true; + private volatile bool m_keyUpdateEnabled = false; + //private volatile bool m_keyUpdatePendingReceive = false; + private volatile bool m_keyUpdatePendingSend = false; + private volatile bool m_resumableHandshake = false; + private volatile int m_appDataSplitMode = ADS_MODE_1_Nsub1; + + protected TlsSession m_tlsSession = null; + protected SessionParameters m_sessionParameters = null; + protected TlsSecret m_sessionMasterSecret = null; + + protected byte[] m_retryCookie = null; + protected int m_retryGroup = -1; + protected IDictionary m_clientExtensions = null; + protected IDictionary m_serverExtensions = null; + + protected short m_connectionState = CS_START; + protected bool m_resumedSession = false; + protected bool m_selectedPsk13 = false; + protected bool m_receivedChangeCipherSpec = false; + protected bool m_expectSessionTicket = false; + + protected readonly bool m_blocking; + protected readonly ByteQueueInputStream m_inputBuffers; + protected readonly ByteQueueOutputStream m_outputBuffer; + + protected TlsProtocol() + { + this.m_blocking = false; + this.m_inputBuffers = new ByteQueueInputStream(); + this.m_outputBuffer = new ByteQueueOutputStream(); + this.m_recordStream = new RecordStream(this, m_inputBuffers, m_outputBuffer); + } + + public TlsProtocol(Stream stream) + : this(stream, stream) + { + } + + public TlsProtocol(Stream input, Stream output) + { + this.m_blocking = true; + this.m_inputBuffers = null; + this.m_outputBuffer = null; + this.m_recordStream = new RecordStream(this, input, output); + } + + /// + public virtual void ResumeHandshake() + { + if (!m_blocking) + throw new InvalidOperationException("Cannot use ResumeHandshake() in non-blocking mode!"); + if (!IsHandshaking) + throw new InvalidOperationException("No handshake in progress"); + + BlockForHandshake(); + } + + /// + protected virtual void CloseConnection() + { + m_recordStream.Close(); + } + + protected abstract TlsContext Context { get; } + + internal abstract AbstractTlsContext ContextAdmin { get; } + + protected abstract TlsPeer Peer { get; } + + /// + protected virtual void HandleAlertMessage(short alertLevel, short alertDescription) + { + Peer.NotifyAlertReceived(alertLevel, alertDescription); + + if (alertLevel == AlertLevel.warning) + { + HandleAlertWarningMessage(alertDescription); + } + else + { + HandleFailure(); + + throw new TlsFatalAlertReceived(alertDescription); + } + } + + /// + protected virtual void HandleAlertWarningMessage(short alertDescription) + { + switch (alertDescription) + { + /* + * RFC 5246 7.2.1. The other party MUST respond with a close_notify alert of its own + * and close down the connection immediately, discarding any pending writes. + */ + case AlertDescription.close_notify: + { + if (!m_appDataReady) + throw new TlsFatalAlert(AlertDescription.handshake_failure); + + HandleClose(false); + break; + } + case AlertDescription.no_certificate: + { + throw new TlsFatalAlert(AlertDescription.unexpected_message); + } + case AlertDescription.no_renegotiation: + { + // TODO[reneg] Give peer the option to tolerate this + throw new TlsFatalAlert(AlertDescription.handshake_failure); + } + } + } + + /// + protected virtual void HandleChangeCipherSpecMessage() + { + } + + /// + protected virtual void HandleClose(bool user_canceled) + { + if (!m_closed) + { + this.m_closed = true; + + if (!m_appDataReady) + { + CleanupHandshake(); + + if (user_canceled) + { + RaiseAlertWarning(AlertDescription.user_canceled, "User canceled handshake"); + } + } + + RaiseAlertWarning(AlertDescription.close_notify, "Connection closed"); + + CloseConnection(); + } + } + + /// + protected virtual void HandleException(short alertDescription, string message, Exception e) + { + // TODO[tls-port] Can we support interrupted IO on .NET? + //if ((m_appDataReady || IsResumableHandshake()) && (e is InterruptedIOException)) + // return; + + if (!m_closed) + { + RaiseAlertFatal(alertDescription, message, e); + + HandleFailure(); + } + } + + /// + protected virtual void HandleFailure() + { + this.m_closed = true; + this.m_failedWithError = true; + + /* + * RFC 2246 7.2.1. The session becomes unresumable if any connection is terminated + * without proper close_notify messages with level equal to warning. + */ + // TODO This isn't quite in the right place. Also, as of TLS 1.1 the above is obsolete. + InvalidateSession(); + + if (!m_appDataReady) + { + CleanupHandshake(); + } + + CloseConnection(); + } + + /// + protected abstract void HandleHandshakeMessage(short type, HandshakeMessageInput buf); + + /// + protected virtual void ApplyMaxFragmentLengthExtension(short maxFragmentLength) + { + if (maxFragmentLength >= 0) + { + if (!MaxFragmentLength.IsValid(maxFragmentLength)) + throw new TlsFatalAlert(AlertDescription.internal_error); + + int plainTextLimit = 1 << (8 + maxFragmentLength); + m_recordStream.SetPlaintextLimit(plainTextLimit); + } + } + + /// + protected virtual void CheckReceivedChangeCipherSpec(bool expected) + { + if (expected != m_receivedChangeCipherSpec) + throw new TlsFatalAlert(AlertDescription.unexpected_message); + } + + /// + protected virtual void BlockForHandshake() + { + while (m_connectionState != CS_END) + { + if (IsClosed) + { + // NOTE: Any close during the handshake should have raised an exception. + throw new TlsFatalAlert(AlertDescription.internal_error); + } + + SafeReadRecord(); + } + } + + /// + protected virtual void BeginHandshake() + { + AbstractTlsContext context = ContextAdmin; + TlsPeer peer = Peer; + + this.m_maxHandshakeMessageSize = System.Math.Max(1024, peer.GetMaxHandshakeMessageSize()); + + this.m_handshakeHash = new DeferredHash(context); + this.m_connectionState = CS_START; + this.m_resumedSession = false; + this.m_selectedPsk13 = false; + + context.HandshakeBeginning(peer); + + SecurityParameters securityParameters = context.SecurityParameters; + + securityParameters.m_extendedPadding = peer.ShouldUseExtendedPadding(); + } + + protected virtual void CleanupHandshake() + { + TlsContext context = Context; + if (null != context) + { + SecurityParameters securityParameters = context.SecurityParameters; + if (null != securityParameters) + { + securityParameters.Clear(); + } + } + + this.m_tlsSession = null; + this.m_sessionParameters = null; + this.m_sessionMasterSecret = null; + + this.m_retryCookie = null; + this.m_retryGroup = -1; + this.m_clientExtensions = null; + this.m_serverExtensions = null; + + this.m_resumedSession = false; + this.m_selectedPsk13 = false; + this.m_receivedChangeCipherSpec = false; + this.m_expectSessionTicket = false; + } + + /// + protected virtual void CompleteHandshake() + { + try + { + AbstractTlsContext context = ContextAdmin; + SecurityParameters securityParameters = context.SecurityParameters; + + if (!context.IsHandshaking || + null == securityParameters.LocalVerifyData || + null == securityParameters.PeerVerifyData) + { + throw new TlsFatalAlert(AlertDescription.internal_error); + } + + m_recordStream.FinaliseHandshake(); + this.m_connectionState = CS_END; + + // TODO Prefer to set to null, but would need guards elsewhere + this.m_handshakeHash = new DeferredHash(context); + + m_alertQueue.Shrink(); + m_handshakeQueue.Shrink(); + + ProtocolVersion negotiatedVersion = securityParameters.NegotiatedVersion; + + this.m_appDataSplitEnabled = !TlsUtilities.IsTlsV11(negotiatedVersion); + this.m_appDataReady = true; + + this.m_keyUpdateEnabled = TlsUtilities.IsTlsV13(negotiatedVersion); + + if (m_blocking) + { + this.m_tlsStream = new TlsStream(this); + } + + if (m_sessionParameters == null) + { + this.m_sessionMasterSecret = securityParameters.MasterSecret; + + this.m_sessionParameters = new SessionParameters.Builder() + .SetCipherSuite(securityParameters.CipherSuite) + .SetExtendedMasterSecret(securityParameters.IsExtendedMasterSecret) + .SetLocalCertificate(securityParameters.LocalCertificate) + .SetMasterSecret(context.Crypto.AdoptSecret(m_sessionMasterSecret)) + .SetNegotiatedVersion(securityParameters.NegotiatedVersion) + .SetPeerCertificate(securityParameters.PeerCertificate) + .SetPskIdentity(securityParameters.PskIdentity) + .SetSrpIdentity(securityParameters.SrpIdentity) + // TODO Consider filtering extensions that aren't relevant to resumed sessions + .SetServerExtensions(m_serverExtensions) + .Build(); + + this.m_tlsSession = TlsUtilities.ImportSession(securityParameters.SessionID, m_sessionParameters); + } + else + { + securityParameters.m_localCertificate = m_sessionParameters.LocalCertificate; + securityParameters.m_peerCertificate = m_sessionParameters.PeerCertificate; + securityParameters.m_pskIdentity = m_sessionParameters.PskIdentity; + securityParameters.m_srpIdentity = m_sessionParameters.SrpIdentity; + } + + context.HandshakeComplete(Peer, m_tlsSession); + } + finally + { + CleanupHandshake(); + } + } + + /// + internal void ProcessRecord(short protocol, byte[] buf, int off, int len) + { + /* + * Have a look at the protocol type, and add it to the correct queue. + */ + switch (protocol) + { + case ContentType.alert: + { + m_alertQueue.AddData(buf, off, len); + ProcessAlertQueue(); + break; + } + case ContentType.application_data: + { + if (!m_appDataReady) + throw new TlsFatalAlert(AlertDescription.unexpected_message); + + m_applicationDataQueue.AddData(buf, off, len); + ProcessApplicationDataQueue(); + break; + } + case ContentType.change_cipher_spec: + { + ProcessChangeCipherSpec(buf, off, len); + break; + } + case ContentType.handshake: + { + if (m_handshakeQueue.Available > 0) + { + m_handshakeQueue.AddData(buf, off, len); + ProcessHandshakeQueue(m_handshakeQueue); + } + else + { + ByteQueue tmpQueue = new ByteQueue(buf, off, len); + ProcessHandshakeQueue(tmpQueue); + int remaining = tmpQueue.Available; + if (remaining > 0) + { + m_handshakeQueue.AddData(buf, off + len - remaining, remaining); + } + } + break; + } + //case ContentType.heartbeat: + //{ + // if (!m_appDataReady) + // throw new TlsFatalAlert(AlertDescription.unexpected_message); + + // // TODO[RFC 6520] + // m_heartbeatQueue.addData(buf, off, len); + // ProcessHeartbeatQueue(); + // break; + //} + default: + throw new TlsFatalAlert(AlertDescription.unexpected_message); + } + } + + /// + private void ProcessHandshakeQueue(ByteQueue queue) + { + /* + * We need the first 4 bytes, they contain type and length of the message. + */ + while (queue.Available >= 4) + { + int header = queue.ReadInt32(); + + short type = (short)((uint)header >> 24); + if (!HandshakeType.IsRecognized(type)) + { + throw new TlsFatalAlert(AlertDescription.unexpected_message, + "Handshake message of unrecognized type: " + type); + } + + int length = header & 0x00FFFFFF; + if (length > m_maxHandshakeMessageSize) + { + throw new TlsFatalAlert(AlertDescription.internal_error, + "Handshake message length exceeds the maximum: " + HandshakeType.GetText(type) + ", " + length + + " > " + m_maxHandshakeMessageSize); + } + + int totalLength = 4 + length; + if (queue.Available < totalLength) + { + // Not enough bytes in the buffer to read the full message. + break; + } + + /* + * Check ChangeCipherSpec status + */ + switch (type) + { + case HandshakeType.hello_request: + break; + + default: + { + ProtocolVersion negotiatedVersion = Context.ServerVersion; + if (null != negotiatedVersion && TlsUtilities.IsTlsV13(negotiatedVersion)) + break; + + CheckReceivedChangeCipherSpec(HandshakeType.finished == type); + break; + } + } + + HandshakeMessageInput buf = queue.ReadHandshakeMessage(totalLength); + + switch (type) + { + /* + * These message types aren't included in the transcript. + */ + case HandshakeType.hello_request: + case HandshakeType.key_update: + break; + + /* + * Not included in the transcript for (D)TLS 1.3+ + */ + case HandshakeType.new_session_ticket: + { + ProtocolVersion negotiatedVersion = Context.ServerVersion; + if (null != negotiatedVersion && !TlsUtilities.IsTlsV13(negotiatedVersion)) + { + buf.UpdateHash(m_handshakeHash); + } + + break; + } + + /* + * These message types are deferred to the handler to explicitly update the transcript. + */ + case HandshakeType.certificate_verify: + case HandshakeType.client_hello: + case HandshakeType.finished: + case HandshakeType.server_hello: + break; + + /* + * For all others we automatically update the transcript immediately. + */ + default: + { + buf.UpdateHash(m_handshakeHash); + break; + } + } + + buf.Seek(4L, SeekOrigin.Current); + + HandleHandshakeMessage(type, buf); + } + } + + private void ProcessApplicationDataQueue() + { + /* + * There is nothing we need to do here. + * + * This function could be used for callbacks when application data arrives in the future. + */ + } + + /// + private void ProcessAlertQueue() + { + while (m_alertQueue.Available >= 2) + { + /* + * An alert is always 2 bytes. Read the alert. + */ + byte[] alert = m_alertQueue.RemoveData(2, 0); + short alertLevel = alert[0]; + short alertDescription = alert[1]; + + HandleAlertMessage(alertLevel, alertDescription); + } + } + + /// This method is called, when a change cipher spec message is received. + /// If the message has an invalid content or the handshake is not in the correct + /// state. + private void ProcessChangeCipherSpec(byte[] buf, int off, int len) + { + ProtocolVersion negotiatedVersion = Context.ServerVersion; + if (null == negotiatedVersion || TlsUtilities.IsTlsV13(negotiatedVersion)) + { + // See RFC 8446 D.4. + throw new TlsFatalAlert(AlertDescription.unexpected_message); + } + + for (int i = 0; i < len; ++i) + { + short message = TlsUtilities.ReadUint8(buf, off + i); + + if (message != ChangeCipherSpec.change_cipher_spec) + throw new TlsFatalAlert(AlertDescription.decode_error); + + if (this.m_receivedChangeCipherSpec + || m_alertQueue.Available > 0 + || m_handshakeQueue.Available > 0) + { + throw new TlsFatalAlert(AlertDescription.unexpected_message); + } + + m_recordStream.NotifyChangeCipherSpecReceived(); + + this.m_receivedChangeCipherSpec = true; + + HandleChangeCipherSpecMessage(); + } + } + + public virtual int ApplicationDataAvailable + { + get { return m_applicationDataQueue.Available; } + } + + /// Read data from the network. + /// + /// The method will return immediately, if there is still some data left in the buffer, or block until some + /// application data has been read from the network. + /// + /// The buffer where the data will be copied to. + /// The position where the data will be placed in the buffer. + /// The maximum number of bytes to read. + /// The number of bytes read. + /// If something goes wrong during reading data. + public virtual int ReadApplicationData(byte[] buf, int off, int len) + { + if (len < 1) + return 0; + + while (m_applicationDataQueue.Available == 0) + { + if (this.m_closed) + { + if (this.m_failedWithError) + throw new IOException("Cannot read application data on failed TLS connection"); + + return -1; + } + if (!m_appDataReady) + throw new InvalidOperationException("Cannot read application data until initial handshake completed."); + + /* + * NOTE: Only called more than once when empty records are received, so no special + * InterruptedIOException handling is necessary. + */ + SafeReadRecord(); + } + + len = System.Math.Min(len, m_applicationDataQueue.Available); + m_applicationDataQueue.RemoveData(buf, off, len, 0); + return len; + } + + /// + protected virtual RecordPreview SafePreviewRecordHeader(byte[] recordHeader) + { + try + { + return m_recordStream.PreviewRecordHeader(recordHeader); + } + catch (TlsFatalAlert e) + { + HandleException(e.AlertDescription, "Failed to read record", e); + throw e; + } + catch (IOException e) + { + HandleException(AlertDescription.internal_error, "Failed to read record", e); + throw e; + } + catch (Exception e) + { + HandleException(AlertDescription.internal_error, "Failed to read record", e); + throw new TlsFatalAlert(AlertDescription.internal_error, e); + } + } + + /// + protected virtual void SafeReadRecord() + { + try + { + if (m_recordStream.ReadRecord()) + return; + + if (!m_appDataReady) + throw new TlsFatalAlert(AlertDescription.handshake_failure); + + if (!Peer.RequiresCloseNotify()) + { + HandleClose(false); + return; + } + } + catch (TlsFatalAlertReceived e) + { + // Connection failure already handled at source + throw e; + } + catch (TlsFatalAlert e) + { + HandleException(e.AlertDescription, "Failed to read record", e); + throw e; + } + catch (IOException e) + { + HandleException(AlertDescription.internal_error, "Failed to read record", e); + throw e; + } + catch (Exception e) + { + HandleException(AlertDescription.internal_error, "Failed to read record", e); + throw new TlsFatalAlert(AlertDescription.internal_error, e); + } + + HandleFailure(); + + throw new TlsNoCloseNotifyException(); + } + + /// + protected virtual bool SafeReadFullRecord(byte[] input, int inputOff, int inputLen) + { + try + { + return m_recordStream.ReadFullRecord(input, inputOff, inputLen); + } + catch (TlsFatalAlert e) + { + HandleException(e.AlertDescription, "Failed to process record", e); + throw e; + } + catch (IOException e) + { + HandleException(AlertDescription.internal_error, "Failed to process record", e); + throw e; + } + catch (Exception e) + { + HandleException(AlertDescription.internal_error, "Failed to process record", e); + throw new TlsFatalAlert(AlertDescription.internal_error, e); + } + } + + /// + protected virtual void SafeWriteRecord(short type, byte[] buf, int offset, int len) + { + try + { + m_recordStream.WriteRecord(type, buf, offset, len); + } + catch (TlsFatalAlert e) + { + HandleException(e.AlertDescription, "Failed to write record", e); + throw e; + } + catch (IOException e) + { + HandleException(AlertDescription.internal_error, "Failed to write record", e); + throw e; + } + catch (Exception e) + { + HandleException(AlertDescription.internal_error, "Failed to write record", e); + throw new TlsFatalAlert(AlertDescription.internal_error, e); + } + } + + /// Write some application data. + /// + /// Fragmentation is handled internally. Usable in both blocking/non-blocking modes.

    + /// In blocking mode, the output will be automatically sent via the underlying transport. In non-blocking mode, + /// call to get the output bytes to send to the peer.

    + /// This method must not be called until after the initial handshake is complete. Attempting to call it earlier + /// will result in an . + ///     + /// The buffer containing application data to send. + /// The offset at which the application data begins + /// The number of bytes of application data. + /// If called before the initial handshake has completed. + /// + /// If connection is already closed, or for encryption or transport errors. + /// + public virtual void WriteApplicationData(byte[] buf, int off, int len) + { + if (!m_appDataReady) + throw new InvalidOperationException( + "Cannot write application data until initial handshake completed."); + + lock (m_recordWriteLock) + { + while (len > 0) + { + if (m_closed) + throw new IOException("Cannot write application data on closed/failed TLS connection"); + + /* + * RFC 5246 6.2.1. Zero-length fragments of Application data MAY be sent as they are + * potentially useful as a traffic analysis countermeasure. + * + * NOTE: Actually, implementations appear to have settled on 1/n-1 record splitting. + */ + if (m_appDataSplitEnabled) + { + /* + * Protect against known IV attack! + * + * DO NOT REMOVE THIS CODE, EXCEPT YOU KNOW EXACTLY WHAT YOU ARE DOING HERE. + */ + switch (m_appDataSplitMode) + { + case ADS_MODE_0_N_FIRSTONLY: + { + this.m_appDataSplitEnabled = false; + SafeWriteRecord(ContentType.application_data, TlsUtilities.EmptyBytes, 0, 0); + break; + } + case ADS_MODE_0_N: + { + SafeWriteRecord(ContentType.application_data, TlsUtilities.EmptyBytes, 0, 0); + break; + } + case ADS_MODE_1_Nsub1: + default: + { + if (len > 1) + { + SafeWriteRecord(ContentType.application_data, buf, off, 1); + ++off; + --len; + } + break; + } + } + } + else if (m_keyUpdateEnabled) + { + if (m_keyUpdatePendingSend) + { + Send13KeyUpdate(false); + } + else if (m_recordStream.NeedsKeyUpdate()) + { + Send13KeyUpdate(true); + } + } + + // Fragment data according to the current fragment limit. + int toWrite = System.Math.Min(len, m_recordStream.PlaintextLimit); + SafeWriteRecord(ContentType.application_data, buf, off, toWrite); + off += toWrite; + len -= toWrite; + } + } + } + + public virtual int AppDataSplitMode + { + get { return m_appDataSplitMode; } + set + { + if (value < ADS_MODE_1_Nsub1 || value > ADS_MODE_0_N_FIRSTONLY) + throw new InvalidOperationException("Illegal appDataSplitMode mode: " + value); + + this.m_appDataSplitMode = value; + } + } + + public virtual bool IsResumableHandshake + { + get { return m_resumableHandshake; } + set { this.m_resumableHandshake = value; } + } + + /// + internal void WriteHandshakeMessage(byte[] buf, int off, int len) + { + if (len < 4) + throw new TlsFatalAlert(AlertDescription.internal_error); + + short type = TlsUtilities.ReadUint8(buf, off); + switch (type) + { + /* + * These message types aren't included in the transcript. + */ + case HandshakeType.hello_request: + case HandshakeType.key_update: + break; + + /* + * Not included in the transcript for (D)TLS 1.3+ + */ + case HandshakeType.new_session_ticket: + { + ProtocolVersion negotiatedVersion = Context.ServerVersion; + if (null != negotiatedVersion && !TlsUtilities.IsTlsV13(negotiatedVersion)) + { + m_handshakeHash.Update(buf, off, len); + } + + break; + } + + /* + * These message types are deferred to the writer to explicitly update the transcript. + */ + case HandshakeType.client_hello: + break; + + /* + * For all others we automatically update the transcript. + */ + default: + { + m_handshakeHash.Update(buf, off, len); + break; + } + } + + int total = 0; + do + { + // Fragment data according to the current fragment limit. + int toWrite = System.Math.Min(len - total, m_recordStream.PlaintextLimit); + SafeWriteRecord(ContentType.handshake, buf, off + total, toWrite); + total += toWrite; + } + while (total < len); + } + + /// The secure bidirectional stream for this connection + /// Only allowed in blocking mode. + public virtual Stream Stream + { + get + { + if (!m_blocking) + throw new InvalidOperationException( + "Cannot use Stream in non-blocking mode! Use OfferInput()/OfferOutput() instead."); + + return this.m_tlsStream; + } + } + + /// Should be called in non-blocking mode when the input data reaches EOF. + /// + public virtual void CloseInput() + { + if (m_blocking) + throw new InvalidOperationException("Cannot use CloseInput() in blocking mode!"); + + if (m_closed) + return; + + if (m_inputBuffers.Available > 0) + throw new EndOfStreamException(); + + if (!m_appDataReady) + throw new TlsFatalAlert(AlertDescription.handshake_failure); + + if (!Peer.RequiresCloseNotify()) + { + HandleClose(false); + return; + } + + HandleFailure(); + + throw new TlsNoCloseNotifyException(); + } + + /// + public virtual RecordPreview PreviewInputRecord(byte[] recordHeader) + { + if (m_blocking) + throw new InvalidOperationException("Cannot use PreviewInputRecord() in blocking mode!"); + if (m_inputBuffers.Available != 0) + throw new InvalidOperationException("Can only use PreviewInputRecord() for record-aligned input."); + if (m_closed) + throw new IOException("Connection is closed, cannot accept any more input"); + + return SafePreviewRecordHeader(recordHeader); + } + + /// + public virtual RecordPreview PreviewOutputRecord(int applicationDataSize) + { + if (!m_appDataReady) + throw new InvalidOperationException( + "Cannot use PreviewOutputRecord() until initial handshake completed."); + if (m_blocking) + throw new InvalidOperationException("Cannot use PreviewOutputRecord() in blocking mode!"); + if (m_outputBuffer.Buffer.Available != 0) + throw new InvalidOperationException("Can only use PreviewOutputRecord() for record-aligned output."); + if (m_closed) + throw new IOException("Connection is closed, cannot produce any more output"); + + if (applicationDataSize < 1) + return new RecordPreview(0, 0); + + if (m_appDataSplitEnabled) + { + switch (m_appDataSplitMode) + { + case ADS_MODE_0_N_FIRSTONLY: + case ADS_MODE_0_N: + { + RecordPreview a = m_recordStream.PreviewOutputRecord(0); + RecordPreview b = m_recordStream.PreviewOutputRecord(applicationDataSize); + return RecordPreview.CombineAppData(a, b); + } + case ADS_MODE_1_Nsub1: + default: + { + RecordPreview a = m_recordStream.PreviewOutputRecord(1); + if (applicationDataSize > 1) + { + RecordPreview b = m_recordStream.PreviewOutputRecord(applicationDataSize - 1); + a = RecordPreview.CombineAppData(a, b); + } + return a; + } + } + } + else + { + RecordPreview a = m_recordStream.PreviewOutputRecord(applicationDataSize); + if (m_keyUpdateEnabled && (m_keyUpdatePendingSend || m_recordStream.NeedsKeyUpdate())) + { + int keyUpdateLength = HandshakeMessageOutput.GetLength(1); + int recordSize = m_recordStream.PreviewOutputRecordSize(keyUpdateLength); + a = RecordPreview.ExtendRecordSize(a, recordSize); + } + return a; + } + } + + /// Equivalent to OfferInput(input, 0, input.Length). + /// The input buffer to offer. + /// + /// + public virtual void OfferInput(byte[] input) + { + OfferInput(input, 0, input.Length); + } + + /// Offer input from an arbitrary source. + /// Only allowed in non-blocking mode.

    + /// This method will decrypt and process all records that are fully available. If only part of a record is + /// available, the buffer will be retained until the remainder of the record is offered.

    + /// If any records containing application data were processed, the decrypted data can be obtained using + /// . If any records containing protocol data were processed, a + /// response may have been generated. You should always check to see if there is any available output after + /// calling this method by calling . + ///     + /// The input buffer to offer. + /// The offset within the input buffer that input begins. + /// The number of bytes of input being offered. + /// If an error occurs while decrypting or processing a record. + public virtual void OfferInput(byte[] input, int inputOff, int inputLen) + { + if (m_blocking) + throw new InvalidOperationException("Cannot use OfferInput() in blocking mode! Use Stream instead."); + if (m_closed) + throw new IOException("Connection is closed, cannot accept any more input"); + + // Fast path if the input is arriving one record at a time + if (m_inputBuffers.Available == 0 && SafeReadFullRecord(input, inputOff, inputLen)) + { + if (m_closed) + { + if (!m_appDataReady) + { + // NOTE: Any close during the handshake should have raised an exception. + throw new TlsFatalAlert(AlertDescription.internal_error); + } + } + return; + } + + m_inputBuffers.AddBytes(input, inputOff, inputLen); + + // loop while there are enough bytes to read the length of the next record + while (m_inputBuffers.Available >= RecordFormat.FragmentOffset) + { + byte[] recordHeader = new byte[RecordFormat.FragmentOffset]; + if (RecordFormat.FragmentOffset != m_inputBuffers.Peek(recordHeader)) + throw new TlsFatalAlert(AlertDescription.internal_error); + + RecordPreview preview = SafePreviewRecordHeader(recordHeader); + if (m_inputBuffers.Available < preview.RecordSize) + { + // not enough bytes to read a whole record + break; + } + + // NOTE: This is actually reading from inputBuffers, so InterruptedIOException shouldn't be possible + SafeReadRecord(); + + if (m_closed) + { + if (!m_appDataReady) + { + // NOTE: Any close during the handshake should have raised an exception. + throw new TlsFatalAlert(AlertDescription.internal_error); + } + break; + } + } + } + + public virtual int ApplicationDataLimit + { + get { return m_recordStream.PlaintextLimit; } + } + + /// Gets the amount of received application data. + /// A call to is guaranteed to be able to return at least + /// this much data.

    + /// Only allowed in non-blocking mode. + ///     + /// The number of bytes of available application data. + public virtual int GetAvailableInputBytes() + { + if (m_blocking) + throw new InvalidOperationException("Cannot use GetAvailableInputBytes() in blocking mode!"); + + return ApplicationDataAvailable; + } + + /// Retrieves received application data. + /// + /// Use to check how much application data is currently available. This + /// method functions similarly to , except that it never blocks. If + /// no data is available, nothing will be copied and zero will be returned.

    + /// Only allowed in non-blocking mode. + ///     + /// The buffer to hold the application data. + /// The start offset in the buffer at which the data is written. + /// The maximum number of bytes to read. + /// The total number of bytes copied to the buffer. May be less than the length specified if the + /// length was greater than the amount of available data. + public virtual int ReadInput(byte[] buf, int off, int len) + { + if (m_blocking) + throw new InvalidOperationException("Cannot use ReadInput() in blocking mode! Use Stream instead."); + + len = System.Math.Min(len, ApplicationDataAvailable); + if (len < 1) + return 0; + + m_applicationDataQueue.RemoveData(buf, off, len, 0); + return len; + } + + /// Gets the amount of encrypted data available to be sent. + /// + /// A call to is guaranteed to be able to return at least this much + /// data. Only allowed in non-blocking mode. + /// + /// The number of bytes of available encrypted data. + public virtual int GetAvailableOutputBytes() + { + if (m_blocking) + throw new InvalidOperationException("Cannot use GetAvailableOutputBytes() in blocking mode! Use Stream instead."); + + return m_outputBuffer.Buffer.Available; + } + + /// Retrieves encrypted data to be sent. + /// + /// Use to check how much encrypted data is currently available. This + /// method functions similarly to , except that it never blocks. If + /// no data is available, nothing will be copied and zero will be returned. Only allowed in non-blocking mode. + /// + /// The buffer to hold the encrypted data. + /// The start offset in the buffer at which the data is written. + /// The maximum number of bytes to read. + /// The total number of bytes copied to the buffer. May be less than the length specified if the + /// length was greater than the amount of available data. + public virtual int ReadOutput(byte[] buffer, int offset, int length) + { + if (m_blocking) + throw new InvalidOperationException("Cannot use ReadOutput() in blocking mode! Use 'Stream() instead."); + + int bytesToRead = System.Math.Min(GetAvailableOutputBytes(), length); + m_outputBuffer.Buffer.RemoveData(buffer, offset, bytesToRead, 0); + return bytesToRead; + } + + protected virtual bool EstablishSession(TlsSession sessionToResume) + { + this.m_tlsSession = null; + this.m_sessionParameters = null; + this.m_sessionMasterSecret = null; + + if (null == sessionToResume || !sessionToResume.IsResumable) + return false; + + SessionParameters sessionParameters = sessionToResume.ExportSessionParameters(); + if (null == sessionParameters) + return false; + + if (!sessionParameters.IsExtendedMasterSecret) + { + TlsPeer peer = Peer; + if (!peer.AllowLegacyResumption() || peer.RequiresExtendedMasterSecret()) + return false; + + /* + * NOTE: For session resumption without extended_master_secret, renegotiation MUST be + * disabled (see RFC 7627 5.4). We currently do not implement renegotiation and it is + * unlikely we ever would since it was removed in TLS 1.3. + */ + } + + TlsSecret sessionMasterSecret = TlsUtilities.GetSessionMasterSecret(Context.Crypto, + sessionParameters.MasterSecret); + if (null == sessionMasterSecret) + return false; + + this.m_tlsSession = sessionToResume; + this.m_sessionParameters = sessionParameters; + this.m_sessionMasterSecret = sessionMasterSecret; + + return true; + } + + protected virtual void InvalidateSession() + { + if (m_sessionMasterSecret != null) + { + m_sessionMasterSecret.Destroy(); + this.m_sessionMasterSecret = null; + } + + if (m_sessionParameters != null) + { + m_sessionParameters.Clear(); + this.m_sessionParameters = null; + } + + if (m_tlsSession != null) + { + m_tlsSession.Invalidate(); + this.m_tlsSession = null; + } + } + + /// + protected virtual void ProcessFinishedMessage(MemoryStream buf) + { + TlsContext context = Context; + SecurityParameters securityParameters = context.SecurityParameters; + bool isServerContext = context.IsServer; + + byte[] verify_data = TlsUtilities.ReadFully(securityParameters.VerifyDataLength, buf); + + AssertEmpty(buf); + + byte[] expected_verify_data = TlsUtilities.CalculateVerifyData(context, m_handshakeHash, !isServerContext); + + /* + * Compare both checksums. + */ + if (!Arrays.ConstantTimeAreEqual(expected_verify_data, verify_data)) + { + /* + * Wrong checksum in the finished message. + */ + throw new TlsFatalAlert(AlertDescription.decrypt_error); + } + + securityParameters.m_peerVerifyData = expected_verify_data; + + if (!m_resumedSession || securityParameters.IsExtendedMasterSecret) + { + if (null == securityParameters.LocalVerifyData) + { + securityParameters.m_tlsUnique = expected_verify_data; + } + } + } + + /// + protected virtual void Process13FinishedMessage(MemoryStream buf) + { + TlsContext context = Context; + SecurityParameters securityParameters = context.SecurityParameters; + bool isServerContext = context.IsServer; + + byte[] verify_data = TlsUtilities.ReadFully(securityParameters.VerifyDataLength, buf); + + AssertEmpty(buf); + + byte[] expected_verify_data = TlsUtilities.CalculateVerifyData(context, m_handshakeHash, !isServerContext); + + /* + * Compare both checksums. + */ + if (!Arrays.ConstantTimeAreEqual(expected_verify_data, verify_data)) + { + /* + * Wrong checksum in the finished message. + */ + throw new TlsFatalAlert(AlertDescription.decrypt_error); + } + + securityParameters.m_peerVerifyData = expected_verify_data; + securityParameters.m_tlsUnique = null; + } + + /// + protected virtual void RaiseAlertFatal(short alertDescription, string message, Exception cause) + { + Peer.NotifyAlertRaised(AlertLevel.fatal, alertDescription, message, cause); + + byte[] alert = new byte[]{ (byte)AlertLevel.fatal, (byte)alertDescription }; + + try + { + m_recordStream.WriteRecord(ContentType.alert, alert, 0, 2); + } + catch (Exception) + { + // We are already processing an exception, so just ignore this + } + } + + /// + protected virtual void RaiseAlertWarning(short alertDescription, string message) + { + Peer.NotifyAlertRaised(AlertLevel.warning, alertDescription, message, null); + + byte[] alert = new byte[]{ (byte)AlertLevel.warning, (byte)alertDescription }; + + SafeWriteRecord(ContentType.alert, alert, 0, 2); + } + + + /// + protected virtual void Receive13KeyUpdate(MemoryStream buf) + { + // TODO[tls13] This is interesting enough to notify the TlsPeer for possible logging/vetting + + if (!(m_appDataReady && m_keyUpdateEnabled)) + throw new TlsFatalAlert(AlertDescription.unexpected_message); + + short requestUpdate = TlsUtilities.ReadUint8(buf); + + AssertEmpty(buf); + + if (!KeyUpdateRequest.IsValid(requestUpdate)) + throw new TlsFatalAlert(AlertDescription.illegal_parameter); + + bool updateRequested = (KeyUpdateRequest.update_requested == requestUpdate); + + TlsUtilities.Update13TrafficSecretPeer(Context); + m_recordStream.NotifyKeyUpdateReceived(); + + //this.m_keyUpdatePendingReceive &= updateRequested; + this.m_keyUpdatePendingSend |= updateRequested; + } + + /// + protected virtual void SendCertificateMessage(Certificate certificate, Stream endPointHash) + { + TlsContext context = Context; + SecurityParameters securityParameters = context.SecurityParameters; + if (null != securityParameters.LocalCertificate) + throw new TlsFatalAlert(AlertDescription.internal_error); + + if (null == certificate) + { + certificate = Certificate.EmptyChain; + } + + if (certificate.IsEmpty && !context.IsServer && securityParameters.NegotiatedVersion.IsSsl) + { + string message = "SSLv3 client didn't provide credentials"; + RaiseAlertWarning(AlertDescription.no_certificate, message); + } + else + { + HandshakeMessageOutput message = new HandshakeMessageOutput(HandshakeType.certificate); + certificate.Encode(context, message, endPointHash); + message.Send(this); + } + + securityParameters.m_localCertificate = certificate; + } + + /// + protected virtual void Send13CertificateMessage(Certificate certificate) + { + if (null == certificate) + throw new TlsFatalAlert(AlertDescription.internal_error); + + TlsContext context = Context; + SecurityParameters securityParameters = context.SecurityParameters; + if (null != securityParameters.LocalCertificate) + throw new TlsFatalAlert(AlertDescription.internal_error); + + HandshakeMessageOutput message = new HandshakeMessageOutput(HandshakeType.certificate); + certificate.Encode(context, message, null); + message.Send(this); + + securityParameters.m_localCertificate = certificate; + } + + /// + protected virtual void Send13CertificateVerifyMessage(DigitallySigned certificateVerify) + { + HandshakeMessageOutput message = new HandshakeMessageOutput(HandshakeType.certificate_verify); + certificateVerify.Encode(message); + message.Send(this); + } + + /// + protected virtual void SendChangeCipherSpec() + { + SendChangeCipherSpecMessage(); + m_recordStream.EnablePendingCipherWrite(); + } + + /// + protected virtual void SendChangeCipherSpecMessage() + { + byte[] message = new byte[]{ 1 }; + SafeWriteRecord(ContentType.change_cipher_spec, message, 0, message.Length); + } + + /// + protected virtual void SendFinishedMessage() + { + TlsContext context = Context; + SecurityParameters securityParameters = context.SecurityParameters; + bool isServerContext = context.IsServer; + + byte[] verify_data = TlsUtilities.CalculateVerifyData(context, m_handshakeHash, isServerContext); + + securityParameters.m_localVerifyData = verify_data; + + if (!m_resumedSession || securityParameters.IsExtendedMasterSecret) + { + if (null == securityParameters.PeerVerifyData) + { + securityParameters.m_tlsUnique = verify_data; + } + } + + HandshakeMessageOutput.Send(this, HandshakeType.finished, verify_data); + } + + /// + protected virtual void Send13FinishedMessage() + { + TlsContext context = Context; + SecurityParameters securityParameters = context.SecurityParameters; + bool isServerContext = context.IsServer; + + byte[] verify_data = TlsUtilities.CalculateVerifyData(context, m_handshakeHash, isServerContext); + + securityParameters.m_localVerifyData = verify_data; + securityParameters.m_tlsUnique = null; + + HandshakeMessageOutput.Send(this, HandshakeType.finished, verify_data); + } + + /// + protected virtual void Send13KeyUpdate(bool updateRequested) + { + // TODO[tls13] This is interesting enough to notify the TlsPeer for possible logging/vetting + + if (!(m_appDataReady && m_keyUpdateEnabled)) + throw new TlsFatalAlert(AlertDescription.internal_error); + + short requestUpdate = updateRequested + ? KeyUpdateRequest.update_requested + : KeyUpdateRequest.update_not_requested; + + HandshakeMessageOutput.Send(this, HandshakeType.key_update, TlsUtilities.EncodeUint8(requestUpdate)); + + TlsUtilities.Update13TrafficSecretLocal(Context); + m_recordStream.NotifyKeyUpdateSent(); + + //this.m_keyUpdatePendingReceive |= updateRequested; + this.m_keyUpdatePendingSend &= updateRequested; + } + + /// + protected virtual void SendSupplementalDataMessage(IList supplementalData) + { + HandshakeMessageOutput message = new HandshakeMessageOutput(HandshakeType.supplemental_data); + WriteSupplementalData(message, supplementalData); + message.Send(this); + } + + public virtual void Close() + { + HandleClose(true); + } + + public virtual void Flush() + { + } + + internal bool IsApplicationDataReady + { + get { return m_appDataReady; } + } + + public virtual bool IsClosed + { + get { return m_closed; } + } + + public virtual bool IsConnected + { + get + { + if (m_closed) + return false; + + AbstractTlsContext context = ContextAdmin; + + return null != context && context.IsConnected; + } + } + + public virtual bool IsHandshaking + { + get + { + if (m_closed) + return false; + + AbstractTlsContext context = ContextAdmin; + + return null != context && context.IsHandshaking; + } + } + + /// + protected virtual short ProcessMaxFragmentLengthExtension(IDictionary clientExtensions, + IDictionary serverExtensions, short alertDescription) + { + short maxFragmentLength = TlsExtensionsUtilities.GetMaxFragmentLengthExtension(serverExtensions); + if (maxFragmentLength >= 0) + { + if (!MaxFragmentLength.IsValid(maxFragmentLength) + || (!m_resumedSession && + maxFragmentLength != TlsExtensionsUtilities.GetMaxFragmentLengthExtension(clientExtensions))) + { + throw new TlsFatalAlert(alertDescription); + } + } + return maxFragmentLength; + } + + /// + protected virtual void RefuseRenegotiation() + { + /* + * RFC 5746 4.5 SSLv3 clients [..] SHOULD use a fatal handshake_failure alert. + */ + if (TlsUtilities.IsSsl(Context)) + throw new TlsFatalAlert(AlertDescription.handshake_failure); + + RaiseAlertWarning(AlertDescription.no_renegotiation, "Renegotiation not supported"); + } + + /// Make sure the 'buf' is now empty. Fail otherwise. + /// The to check. + /// + internal static void AssertEmpty(MemoryStream buf) + { + if (buf.Position < buf.Length) + throw new TlsFatalAlert(AlertDescription.decode_error); + } + + internal static byte[] CreateRandomBlock(bool useGmtUnixTime, TlsContext context) + { + byte[] result = context.NonceGenerator.GenerateNonce(32); + + if (useGmtUnixTime) + { + TlsUtilities.WriteGmtUnixTime(result, 0); + } + + return result; + } + + /// + internal static byte[] CreateRenegotiationInfo(byte[] renegotiated_connection) + { + return TlsUtilities.EncodeOpaque8(renegotiated_connection); + } + + /// + internal static void EstablishMasterSecret(TlsContext context, TlsKeyExchange keyExchange) + { + TlsSecret preMasterSecret = keyExchange.GeneratePreMasterSecret(); + if (preMasterSecret == null) + throw new TlsFatalAlert(AlertDescription.internal_error); + + try + { + context.SecurityParameters.m_masterSecret = TlsUtilities.CalculateMasterSecret(context, + preMasterSecret); + } + finally + { + /* + * RFC 2246 8.1. The pre_master_secret should be deleted from memory once the + * master_secret has been computed. + */ + preMasterSecret.Destroy(); + } + } + + /// + internal static IDictionary ReadExtensions(MemoryStream input) + { + if (input.Position >= input.Length) + return null; + + byte[] extBytes = TlsUtilities.ReadOpaque16(input); + + AssertEmpty(input); + + return ReadExtensionsData(extBytes); + } + + /// + internal static IDictionary ReadExtensionsData(byte[] extBytes) + { + // Int32 -> byte[] + IDictionary extensions = Platform.CreateHashtable(); + + if (extBytes.Length > 0) + { + MemoryStream buf = new MemoryStream(extBytes, false); + + do + { + int extension_type = TlsUtilities.ReadUint16(buf); + byte[] extension_data = TlsUtilities.ReadOpaque16(buf); + + /* + * RFC 3546 2.3 There MUST NOT be more than one extension of the same type. + */ + Int32 key = extension_type; + if (extensions.Contains(key)) + throw new TlsFatalAlert(AlertDescription.illegal_parameter, + "Repeated extension: " + ExtensionType.GetText(extension_type)); + + extensions.Add(key, extension_data); + } + while (buf.Position < buf.Length); + } + + return extensions; + } + + /// + internal static IDictionary ReadExtensionsData13(int handshakeType, byte[] extBytes) + { + // Int32 -> byte[] + IDictionary extensions = Platform.CreateHashtable(); + + if (extBytes.Length > 0) + { + MemoryStream buf = new MemoryStream(extBytes, false); + + do + { + int extension_type = TlsUtilities.ReadUint16(buf); + + if (!TlsUtilities.IsPermittedExtensionType13(handshakeType, extension_type)) + { + throw new TlsFatalAlert(AlertDescription.illegal_parameter, + "Invalid extension: " + ExtensionType.GetText(extension_type)); + } + + byte[] extension_data = TlsUtilities.ReadOpaque16(buf); + + /* + * RFC 3546 2.3 There MUST NOT be more than one extension of the same type. + */ + Int32 key = extension_type; + if (extensions.Contains(key)) + throw new TlsFatalAlert(AlertDescription.illegal_parameter, + "Repeated extension: " + ExtensionType.GetText(extension_type)); + + extensions.Add(key, extension_data); + } + while (buf.Position < buf.Length); + } + + return extensions; + } + + /// + internal static IDictionary ReadExtensionsDataClientHello(byte[] extBytes) + { + /* + * TODO[tls13] We are currently allowing any extensions to appear in ClientHello. It is + * somewhat complicated to restrict what can appear based on the specific set of versions + * the client is offering, and anyway could be fragile since clients may take a + * "kitchen sink" approach to adding extensions independently of the offered versions. + */ + + // Int32 -> byte[] + IDictionary extensions = Platform.CreateHashtable(); + + if (extBytes.Length > 0) + { + MemoryStream buf = new MemoryStream(extBytes, false); + + int extension_type; + bool pre_shared_key_found = false; + + do + { + extension_type = TlsUtilities.ReadUint16(buf); + byte[] extension_data = TlsUtilities.ReadOpaque16(buf); + + /* + * RFC 3546 2.3 There MUST NOT be more than one extension of the same type. + */ + Int32 key = extension_type; + if (extensions.Contains(key)) + throw new TlsFatalAlert(AlertDescription.illegal_parameter, + "Repeated extension: " + ExtensionType.GetText(extension_type)); + + extensions.Add(key, extension_data); + + pre_shared_key_found |= (ExtensionType.pre_shared_key == extension_type); + } + while (buf.Position < buf.Length); + + if (pre_shared_key_found && (ExtensionType.pre_shared_key != extension_type)) + throw new TlsFatalAlert(AlertDescription.illegal_parameter, + "'pre_shared_key' MUST be last in ClientHello"); + } + + return extensions; + } + + /// + internal static IList ReadSupplementalDataMessage(MemoryStream input) + { + byte[] supp_data = TlsUtilities.ReadOpaque24(input, 1); + + AssertEmpty(input); + + MemoryStream buf = new MemoryStream(supp_data, false); + + IList supplementalData = Platform.CreateArrayList(); + + while (buf.Position < buf.Length) + { + int supp_data_type = TlsUtilities.ReadUint16(buf); + byte[] data = TlsUtilities.ReadOpaque16(buf); + + supplementalData.Add(new SupplementalDataEntry(supp_data_type, data)); + } + + return supplementalData; + } + + /// + internal static void WriteExtensions(Stream output, IDictionary extensions) + { + WriteExtensions(output, extensions, 0); + } + + /// + internal static void WriteExtensions(Stream output, IDictionary extensions, int bindersSize) + { + if (null == extensions || extensions.Count < 1) + return; + + byte[] extBytes = WriteExtensionsData(extensions, bindersSize); + + int lengthWithBinders = extBytes.Length + bindersSize; + TlsUtilities.CheckUint16(lengthWithBinders); + TlsUtilities.WriteUint16(lengthWithBinders, output); + output.Write(extBytes, 0, extBytes.Length); + } + + /// + internal static byte[] WriteExtensionsData(IDictionary extensions) + { + return WriteExtensionsData(extensions, 0); + } + + /// + internal static byte[] WriteExtensionsData(IDictionary extensions, int bindersSize) + { + MemoryStream buf = new MemoryStream(); + WriteExtensionsData(extensions, buf, bindersSize); + return buf.ToArray(); + } + + /// + internal static void WriteExtensionsData(IDictionary extensions, MemoryStream buf) + { + WriteExtensionsData(extensions, buf, 0); + } + + /// + internal static void WriteExtensionsData(IDictionary extensions, MemoryStream buf, int bindersSize) + { + /* + * NOTE: There are reports of servers that don't accept a zero-length extension as the last + * one, so we write out any zero-length ones first as a best-effort workaround. + */ + WriteSelectedExtensions(buf, extensions, true); + WriteSelectedExtensions(buf, extensions, false); + WritePreSharedKeyExtension(buf, extensions, bindersSize); + } + + /// + internal static void WritePreSharedKeyExtension(MemoryStream buf, IDictionary extensions, int bindersSize) + { + byte[] extension_data = (byte[])extensions[ExtensionType.pre_shared_key]; + if (null != extension_data) + { + TlsUtilities.CheckUint16(ExtensionType.pre_shared_key); + TlsUtilities.WriteUint16(ExtensionType.pre_shared_key, buf); + + int lengthWithBinders = extension_data.Length + bindersSize; + TlsUtilities.CheckUint16(lengthWithBinders); + TlsUtilities.WriteUint16(lengthWithBinders, buf); + buf.Write(extension_data, 0, extension_data.Length); + } + } + + /// + internal static void WriteSelectedExtensions(Stream output, IDictionary extensions, bool selectEmpty) + { + foreach (Int32 key in extensions.Keys) + { + int extension_type = key; + + // NOTE: Must be last; handled by 'WritePreSharedKeyExtension' + if (ExtensionType.pre_shared_key == extension_type) + continue; + + byte[] extension_data = (byte[])extensions[key]; + + if (selectEmpty == (extension_data.Length == 0)) + { + TlsUtilities.CheckUint16(extension_type); + TlsUtilities.WriteUint16(extension_type, output); + TlsUtilities.WriteOpaque16(extension_data, output); + } + } + } + + /// + internal static void WriteSupplementalData(Stream output, IList supplementalData) + { + MemoryStream buf = new MemoryStream(); + + foreach (SupplementalDataEntry entry in supplementalData) + { + int supp_data_type = entry.DataType; + TlsUtilities.CheckUint16(supp_data_type); + TlsUtilities.WriteUint16(supp_data_type, buf); + TlsUtilities.WriteOpaque16(entry.Data, buf); + } + + byte[] supp_data = buf.ToArray(); + + TlsUtilities.WriteOpaque24(supp_data, output); + } + } +} diff --git a/BouncyCastle/crypto/src/tls/TlsPsk.cs b/BouncyCastle/crypto/src/tls/TlsPsk.cs new file mode 100644 index 0000000..c3aac32 --- /dev/null +++ b/BouncyCastle/crypto/src/tls/TlsPsk.cs @@ -0,0 +1,15 @@ +using System; + +using Org.BouncyCastle.Tls.Crypto; + +namespace Org.BouncyCastle.Tls +{ + public interface TlsPsk + { + byte[] Identity { get; } + + TlsSecret Key { get; } + + int PrfAlgorithm { get; } + } +} diff --git a/BouncyCastle/crypto/src/tls/TlsPskExternal.cs b/BouncyCastle/crypto/src/tls/TlsPskExternal.cs new file mode 100644 index 0000000..1e7b717 --- /dev/null +++ b/BouncyCastle/crypto/src/tls/TlsPskExternal.cs @@ -0,0 +1,9 @@ +using System; + +namespace Org.BouncyCastle.Tls +{ + public interface TlsPskExternal + : TlsPsk + { + } +} diff --git a/BouncyCastle/crypto/src/tls/TlsPskIdentity.cs b/BouncyCastle/crypto/src/tls/TlsPskIdentity.cs new file mode 100644 index 0000000..ae78872 --- /dev/null +++ b/BouncyCastle/crypto/src/tls/TlsPskIdentity.cs @@ -0,0 +1,16 @@ +using System; + +namespace Org.BouncyCastle.Tls +{ + /// Processor interface for a PSK identity. + public interface TlsPskIdentity + { + void SkipIdentityHint(); + + void NotifyIdentityHint(byte[] psk_identity_hint); + + byte[] GetPskIdentity(); + + byte[] GetPsk(); + } +} diff --git a/BouncyCastle/crypto/src/tls/TlsPskIdentityManager.cs b/BouncyCastle/crypto/src/tls/TlsPskIdentityManager.cs new file mode 100644 index 0000000..5bf10bc --- /dev/null +++ b/BouncyCastle/crypto/src/tls/TlsPskIdentityManager.cs @@ -0,0 +1,12 @@ +using System; + +namespace Org.BouncyCastle.Tls +{ + /// Base interface for an object that can process a PSK identity. + public interface TlsPskIdentityManager + { + byte[] GetHint(); + + byte[] GetPsk(byte[] identity); + } +} diff --git a/BouncyCastle/crypto/src/tls/TlsPskKeyExchange.cs b/BouncyCastle/crypto/src/tls/TlsPskKeyExchange.cs new file mode 100644 index 0000000..8a279c6 --- /dev/null +++ b/BouncyCastle/crypto/src/tls/TlsPskKeyExchange.cs @@ -0,0 +1,305 @@ +using System; +using System.IO; + +using Org.BouncyCastle.Tls.Crypto; +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Tls +{ + /// (D)TLS PSK key exchange (RFC 4279). + public class TlsPskKeyExchange + : AbstractTlsKeyExchange + { + private static int CheckKeyExchange(int keyExchange) + { + switch (keyExchange) + { + case KeyExchangeAlgorithm.DHE_PSK: + case KeyExchangeAlgorithm.ECDHE_PSK: + case KeyExchangeAlgorithm.PSK: + case KeyExchangeAlgorithm.RSA_PSK: + return keyExchange; + default: + throw new ArgumentException("unsupported key exchange algorithm", "keyExchange"); + } + } + + protected TlsPskIdentity m_pskIdentity; + protected TlsPskIdentityManager m_pskIdentityManager; + protected TlsDHGroupVerifier m_dhGroupVerifier; + + protected byte[] m_psk_identity_hint = null; + protected byte[] m_psk = null; + + protected TlsDHConfig m_dhConfig; + protected TlsECConfig m_ecConfig; + protected TlsAgreement m_agreement; + + protected TlsCredentialedDecryptor m_serverCredentials = null; + protected TlsEncryptor m_serverEncryptor; + protected TlsSecret m_preMasterSecret; + + public TlsPskKeyExchange(int keyExchange, TlsPskIdentity pskIdentity, TlsDHGroupVerifier dhGroupVerifier) + : this(keyExchange, pskIdentity, null, dhGroupVerifier, null, null) + { + } + + public TlsPskKeyExchange(int keyExchange, TlsPskIdentityManager pskIdentityManager, + TlsDHConfig dhConfig, TlsECConfig ecConfig) + : this(keyExchange, null, pskIdentityManager, null, dhConfig, ecConfig) + { + } + + private TlsPskKeyExchange(int keyExchange, TlsPskIdentity pskIdentity, TlsPskIdentityManager pskIdentityManager, + TlsDHGroupVerifier dhGroupVerifier, TlsDHConfig dhConfig, TlsECConfig ecConfig) + : base(CheckKeyExchange(keyExchange)) + { + this.m_pskIdentity = pskIdentity; + this.m_pskIdentityManager = pskIdentityManager; + this.m_dhGroupVerifier = dhGroupVerifier; + this.m_dhConfig = dhConfig; + this.m_ecConfig = ecConfig; + } + + public override void SkipServerCredentials() + { + if (m_keyExchange == KeyExchangeAlgorithm.RSA_PSK) + throw new TlsFatalAlert(AlertDescription.internal_error); + } + + public override void ProcessServerCredentials(TlsCredentials serverCredentials) + { + if (m_keyExchange != KeyExchangeAlgorithm.RSA_PSK) + throw new TlsFatalAlert(AlertDescription.internal_error); + + this.m_serverCredentials = TlsUtilities.RequireDecryptorCredentials(serverCredentials); + } + + public override void ProcessServerCertificate(Certificate serverCertificate) + { + if (m_keyExchange != KeyExchangeAlgorithm.RSA_PSK) + throw new TlsFatalAlert(AlertDescription.unexpected_message); + + this.m_serverEncryptor = serverCertificate.GetCertificateAt(0).CreateEncryptor( + TlsCertificateRole.RsaEncryption); + } + + public override byte[] GenerateServerKeyExchange() + { + this.m_psk_identity_hint = m_pskIdentityManager.GetHint(); + + if (this.m_psk_identity_hint == null && !RequiresServerKeyExchange) + return null; + + MemoryStream buf = new MemoryStream(); + + if (this.m_psk_identity_hint == null) + { + TlsUtilities.WriteOpaque16(TlsUtilities.EmptyBytes, buf); + } + else + { + TlsUtilities.WriteOpaque16(this.m_psk_identity_hint, buf); + } + + if (this.m_keyExchange == KeyExchangeAlgorithm.DHE_PSK) + { + if (this.m_dhConfig == null) + throw new TlsFatalAlert(AlertDescription.internal_error); + + TlsDHUtilities.WriteDHConfig(m_dhConfig, buf); + + this.m_agreement = m_context.Crypto.CreateDHDomain(m_dhConfig).CreateDH(); + + GenerateEphemeralDH(buf); + } + else if (this.m_keyExchange == KeyExchangeAlgorithm.ECDHE_PSK) + { + if (this.m_ecConfig == null) + throw new TlsFatalAlert(AlertDescription.internal_error); + + TlsEccUtilities.WriteECConfig(m_ecConfig, buf); + + this.m_agreement = m_context.Crypto.CreateECDomain(m_ecConfig).CreateECDH(); + + GenerateEphemeralECDH(buf); + } + + return buf.ToArray(); + } + + public override bool RequiresServerKeyExchange + { + get + { + switch (m_keyExchange) + { + case KeyExchangeAlgorithm.DHE_PSK: + case KeyExchangeAlgorithm.ECDHE_PSK: + return true; + default: + return false; + } + } + } + + public override void ProcessServerKeyExchange(Stream input) + { + this.m_psk_identity_hint = TlsUtilities.ReadOpaque16(input); + + if (this.m_keyExchange == KeyExchangeAlgorithm.DHE_PSK) + { + this.m_dhConfig = TlsDHUtilities.ReceiveDHConfig(m_context, m_dhGroupVerifier, input); + + byte[] y = TlsUtilities.ReadOpaque16(input, 1); + + this.m_agreement = m_context.Crypto.CreateDHDomain(m_dhConfig).CreateDH(); + + ProcessEphemeralDH(y); + } + else if (this.m_keyExchange == KeyExchangeAlgorithm.ECDHE_PSK) + { + this.m_ecConfig = TlsEccUtilities.ReceiveECDHConfig(m_context, input); + + byte[] point = TlsUtilities.ReadOpaque8(input, 1); + + this.m_agreement = m_context.Crypto.CreateECDomain(m_ecConfig).CreateECDH(); + + ProcessEphemeralECDH(point); + } + } + + public override void ProcessClientCredentials(TlsCredentials clientCredentials) + { + throw new TlsFatalAlert(AlertDescription.internal_error); + } + + public override void GenerateClientKeyExchange(Stream output) + { + if (m_psk_identity_hint == null) + { + m_pskIdentity.SkipIdentityHint(); + } + else + { + m_pskIdentity.NotifyIdentityHint(m_psk_identity_hint); + } + + byte[] psk_identity = m_pskIdentity.GetPskIdentity(); + if (psk_identity == null) + throw new TlsFatalAlert(AlertDescription.internal_error); + + this.m_psk = m_pskIdentity.GetPsk(); + if (m_psk == null) + throw new TlsFatalAlert(AlertDescription.internal_error); + + TlsUtilities.WriteOpaque16(psk_identity, output); + + m_context.SecurityParameters.m_pskIdentity = Arrays.Clone(psk_identity); + + if (this.m_keyExchange == KeyExchangeAlgorithm.DHE_PSK) + { + GenerateEphemeralDH(output); + } + else if (this.m_keyExchange == KeyExchangeAlgorithm.ECDHE_PSK) + { + GenerateEphemeralECDH(output); + } + else if (this.m_keyExchange == KeyExchangeAlgorithm.RSA_PSK) + { + this.m_preMasterSecret = TlsUtilities.GenerateEncryptedPreMasterSecret(m_context, m_serverEncryptor, + output); + } + } + + public override void ProcessClientKeyExchange(Stream input) + { + byte[] psk_identity = TlsUtilities.ReadOpaque16(input); + + this.m_psk = m_pskIdentityManager.GetPsk(psk_identity); + if (m_psk == null) + throw new TlsFatalAlert(AlertDescription.unknown_psk_identity); + + m_context.SecurityParameters.m_pskIdentity = psk_identity; + + if (this.m_keyExchange == KeyExchangeAlgorithm.DHE_PSK) + { + byte[] y = TlsUtilities.ReadOpaque16(input, 1); + + ProcessEphemeralDH(y); + } + else if (this.m_keyExchange == KeyExchangeAlgorithm.ECDHE_PSK) + { + byte[] point = TlsUtilities.ReadOpaque8(input, 1); + + ProcessEphemeralECDH(point); + } + else if (this.m_keyExchange == KeyExchangeAlgorithm.RSA_PSK) + { + byte[] encryptedPreMasterSecret = TlsUtilities.ReadEncryptedPms(m_context, input); + + this.m_preMasterSecret = m_serverCredentials.Decrypt(new TlsCryptoParameters(m_context), + encryptedPreMasterSecret); + } + } + + public override TlsSecret GeneratePreMasterSecret() + { + byte[] other_secret = GenerateOtherSecret(m_psk.Length); + + MemoryStream buf = new MemoryStream(4 + other_secret.Length + m_psk.Length); + TlsUtilities.WriteOpaque16(other_secret, buf); + TlsUtilities.WriteOpaque16(m_psk, buf); + + Array.Clear(m_psk, 0, m_psk.Length); + this.m_psk = null; + + return m_context.Crypto.CreateSecret(buf.ToArray()); + } + + protected virtual void GenerateEphemeralDH(Stream output) + { + byte[] y = m_agreement.GenerateEphemeral(); + TlsUtilities.WriteOpaque16(y, output); + } + + protected virtual void GenerateEphemeralECDH(Stream output) + { + byte[] point = m_agreement.GenerateEphemeral(); + TlsUtilities.WriteOpaque8(point, output); + } + + protected virtual byte[] GenerateOtherSecret(int pskLength) + { + if (this.m_keyExchange == KeyExchangeAlgorithm.PSK) + return new byte[pskLength]; + + if (this.m_keyExchange == KeyExchangeAlgorithm.DHE_PSK || + this.m_keyExchange == KeyExchangeAlgorithm.ECDHE_PSK) + { + if (m_agreement != null) + return m_agreement.CalculateSecret().Extract(); + } + + if (this.m_keyExchange == KeyExchangeAlgorithm.RSA_PSK) + { + if (m_preMasterSecret != null) + return this.m_preMasterSecret.Extract(); + } + + throw new TlsFatalAlert(AlertDescription.internal_error); + } + + protected virtual void ProcessEphemeralDH(byte[] y) + { + this.m_agreement.ReceivePeerValue(y); + } + + protected virtual void ProcessEphemeralECDH(byte[] point) + { + TlsEccUtilities.CheckPointEncoding(m_ecConfig.NamedGroup, point); + + this.m_agreement.ReceivePeerValue(point); + } + } +} diff --git a/BouncyCastle/crypto/src/tls/TlsRsaKeyExchange.cs b/BouncyCastle/crypto/src/tls/TlsRsaKeyExchange.cs new file mode 100644 index 0000000..a2f5559 --- /dev/null +++ b/BouncyCastle/crypto/src/tls/TlsRsaKeyExchange.cs @@ -0,0 +1,80 @@ +using System; +using System.IO; + +using Org.BouncyCastle.Tls.Crypto; + +namespace Org.BouncyCastle.Tls +{ + /// (D)TLS RSA key exchange. + public class TlsRsaKeyExchange + : AbstractTlsKeyExchange + { + private static int CheckKeyExchange(int keyExchange) + { + switch (keyExchange) + { + case KeyExchangeAlgorithm.RSA: + return keyExchange; + default: + throw new ArgumentException("unsupported key exchange algorithm", "keyExchange"); + } + } + + protected TlsCredentialedDecryptor m_serverCredentials = null; + protected TlsEncryptor m_serverEncryptor; + protected TlsSecret m_preMasterSecret; + + public TlsRsaKeyExchange(int keyExchange) + : base(CheckKeyExchange(keyExchange)) + { + } + + public override void SkipServerCredentials() + { + throw new TlsFatalAlert(AlertDescription.internal_error); + } + + public override void ProcessServerCredentials(TlsCredentials serverCredentials) + { + this.m_serverCredentials = TlsUtilities.RequireDecryptorCredentials(serverCredentials); + } + + public override void ProcessServerCertificate(Certificate serverCertificate) + { + this.m_serverEncryptor = serverCertificate.GetCertificateAt(0).CreateEncryptor( + TlsCertificateRole.RsaEncryption); + } + + public override short[] GetClientCertificateTypes() + { + return new short[]{ ClientCertificateType.rsa_sign, ClientCertificateType.dss_sign, + ClientCertificateType.ecdsa_sign }; + } + + public override void ProcessClientCredentials(TlsCredentials clientCredentials) + { + TlsUtilities.RequireSignerCredentials(clientCredentials); + } + + public override void GenerateClientKeyExchange(Stream output) + { + this.m_preMasterSecret = TlsUtilities.GenerateEncryptedPreMasterSecret(m_context, m_serverEncryptor, + output); + } + + public override void ProcessClientKeyExchange(Stream input) + { + byte[] encryptedPreMasterSecret = TlsUtilities.ReadEncryptedPms(m_context, input); + + this.m_preMasterSecret = m_serverCredentials.Decrypt(new TlsCryptoParameters(m_context), + encryptedPreMasterSecret); + } + + public override TlsSecret GeneratePreMasterSecret() + { + TlsSecret tmp = this.m_preMasterSecret; + this.m_preMasterSecret = null; + return tmp; + } + } +} diff --git a/BouncyCastle/crypto/src/tls/TlsServer.cs b/BouncyCastle/crypto/src/tls/TlsServer.cs new file mode 100644 index 0000000..fe88d7c --- /dev/null +++ b/BouncyCastle/crypto/src/tls/TlsServer.cs @@ -0,0 +1,130 @@ +using System; +using System.Collections; +using System.IO; + +using Org.BouncyCastle.Tls.Crypto; + +namespace Org.BouncyCastle.Tls +{ + /// Interface describing a TLS server endpoint. + public interface TlsServer + : TlsPeer + { + void Init(TlsServerContext context); + + /// Return the specified session, if available. + /// + /// Note that the peer's certificate chain for the session (if any) may need to be periodically revalidated. + /// + /// the ID of the session to resume. + /// A with the specified session ID, or null. + /// + TlsSession GetSessionToResume(byte[] sessionID); + + byte[] GetNewSessionID(); + + /// Return the external PSK to select from the ClientHello. + /// + /// WARNING: EXPERIMENTAL FEATURE, UNSTABLE API + /// Note that this will only be called when TLS 1.3 or higher is amongst the offered protocol versions, and one + /// or more PSKs are actually offered. + /// + /// an of instances. + /// The corresponding to the selected identity, or null to not select + /// any. + TlsPskExternal GetExternalPsk(IList identities); + + void NotifySession(TlsSession session); + + /// + void NotifyClientVersion(ProtocolVersion clientVersion); + + /// + void NotifyFallback(bool isFallback); + + /// + void NotifyOfferedCipherSuites(int[] offeredCipherSuites); + + /// (Int32 -> byte[]) + /// + void ProcessClientExtensions(IDictionary clientExtensions); + + /// + ProtocolVersion GetServerVersion(); + + /// + int[] GetSupportedGroups(); + + /// + int GetSelectedCipherSuite(); + + /// (Int32 -> byte[]) + /// + IDictionary GetServerExtensions(); + + /// (Int32 -> byte[]) + /// + void GetServerExtensionsForConnection(IDictionary serverExtensions); + + /// (SupplementalDataEntry) + /// + IList GetServerSupplementalData(); + + /// Return server credentials to use. + /// + /// The returned value may be null, or else it MUST implement exactly one of + /// , , or + /// , depending on the key exchange that was negotiated. + /// + /// a object or null for anonymous key exchanges. + /// + TlsCredentials GetCredentials(); + + /// + /// This method will be called (only) if the server included an extension of type "status_request" with empty + /// "extension_data" in the extended server hello. See RFC 3546 3.6. Certificate Status Request. If a + /// non-null is returned, it is sent to the client as a handshake message of + /// type "certificate_status". + /// + /// A to be sent to the client (or null for none). + /// + CertificateStatus GetCertificateStatus(); + + /// + CertificateRequest GetCertificateRequest(); + + /// + TlsPskIdentityManager GetPskIdentityManager(); + + /// + TlsSrpLoginParameters GetSrpLoginParameters(); + + /// + TlsDHConfig GetDHConfig(); + + /// + TlsECConfig GetECDHConfig(); + + /// (SupplementalDataEntry) + /// + void ProcessClientSupplementalData(IList clientSupplementalData); + + /// Called by the protocol handler to report the client certificate, only if + /// returned non-null. + /// + /// Note: this method is responsible for certificate verification and validation. + /// + /// the effective client certificate (may be an empty chain). + /// + void NotifyClientCertificate(Certificate clientCertificate); + + /// RFC 5077 3.3. NewSessionTicket Handshake Message. + /// + /// This method will be called (only) if a NewSessionTicket extension was sent by the server. See RFC 5077 + /// 4. Recommended Ticket Construction for recommended format and protection. + /// + /// The ticket. + /// + NewSessionTicket GetNewSessionTicket(); + } +} diff --git a/BouncyCastle/crypto/src/tls/TlsServerCertificate.cs b/BouncyCastle/crypto/src/tls/TlsServerCertificate.cs new file mode 100644 index 0000000..bea896a --- /dev/null +++ b/BouncyCastle/crypto/src/tls/TlsServerCertificate.cs @@ -0,0 +1,12 @@ +using System; + +namespace Org.BouncyCastle.Tls +{ + /// Server certificate carrier interface. + public interface TlsServerCertificate + { + Certificate Certificate { get; } + + CertificateStatus CertificateStatus { get; } + } +} diff --git a/BouncyCastle/crypto/src/tls/TlsServerCertificateImpl.cs b/BouncyCastle/crypto/src/tls/TlsServerCertificateImpl.cs new file mode 100644 index 0000000..db2d091 --- /dev/null +++ b/BouncyCastle/crypto/src/tls/TlsServerCertificateImpl.cs @@ -0,0 +1,27 @@ +using System; + +namespace Org.BouncyCastle.Tls +{ + internal sealed class TlsServerCertificateImpl + : TlsServerCertificate + { + private readonly Certificate m_certificate; + private readonly CertificateStatus m_certificateStatus; + + internal TlsServerCertificateImpl(Certificate certificate, CertificateStatus certificateStatus) + { + this.m_certificate = certificate; + this.m_certificateStatus = certificateStatus; + } + + public Certificate Certificate + { + get { return m_certificate; } + } + + public CertificateStatus CertificateStatus + { + get { return m_certificateStatus; } + } + } +} diff --git a/BouncyCastle/crypto/src/tls/TlsServerContext.cs b/BouncyCastle/crypto/src/tls/TlsServerContext.cs new file mode 100644 index 0000000..85a0751 --- /dev/null +++ b/BouncyCastle/crypto/src/tls/TlsServerContext.cs @@ -0,0 +1,10 @@ +using System; + +namespace Org.BouncyCastle.Tls +{ + /// Marker interface to distinguish a TLS server context. + public interface TlsServerContext + : TlsContext + { + } +} diff --git a/BouncyCastle/crypto/src/tls/TlsServerContextImpl.cs b/BouncyCastle/crypto/src/tls/TlsServerContextImpl.cs new file mode 100644 index 0000000..0c719bc --- /dev/null +++ b/BouncyCastle/crypto/src/tls/TlsServerContextImpl.cs @@ -0,0 +1,20 @@ +using System; + +using Org.BouncyCastle.Tls.Crypto; + +namespace Org.BouncyCastle.Tls +{ + internal class TlsServerContextImpl + : AbstractTlsContext, TlsServerContext + { + internal TlsServerContextImpl(TlsCrypto crypto) + : base(crypto, ConnectionEnd.server) + { + } + + public override bool IsServer + { + get { return true; } + } + } +} diff --git a/BouncyCastle/crypto/src/tls/TlsServerProtocol.cs b/BouncyCastle/crypto/src/tls/TlsServerProtocol.cs new file mode 100644 index 0000000..0ab8a7a --- /dev/null +++ b/BouncyCastle/crypto/src/tls/TlsServerProtocol.cs @@ -0,0 +1,1525 @@ +using System; +using System.Collections; +using System.IO; + +using Org.BouncyCastle.Tls.Crypto; +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Tls +{ + public class TlsServerProtocol + : TlsProtocol + { + protected TlsServer m_tlsServer = null; + internal TlsServerContextImpl m_tlsServerContext = null; + + protected int[] m_offeredCipherSuites = null; + protected TlsKeyExchange m_keyExchange = null; + protected CertificateRequest m_certificateRequest = null; + + /// Constructor for non-blocking mode. + /// + /// When data is received, use to provide the received ciphertext, + /// then use to read the corresponding cleartext.

    + /// Similarly, when data needs to be sent, use + /// to provide the cleartext, then use to get the + /// corresponding ciphertext. + ///     + public TlsServerProtocol() + : base() + { + } + + /// Constructor for blocking mode. + /// The of data to/from the server. + public TlsServerProtocol(Stream stream) + : base(stream) + { + } + + /// Constructor for blocking mode. + /// The of data from the server. + /// The of data to the server. + public TlsServerProtocol(Stream input, Stream output) + : base(input, output) + { + } + + /// Receives a TLS handshake in the role of server. + /// + /// In blocking mode, this will not return until the handshake is complete. In non-blocking mode, use + /// to receive a callback when the handshake is complete. + /// + /// The to use for the handshake. + /// If in blocking mode and handshake was not successful. + public void Accept(TlsServer tlsServer) + { + if (tlsServer == null) + throw new ArgumentNullException("tlsServer"); + if (m_tlsServer != null) + throw new InvalidOperationException("'Accept' can only be called once"); + + this.m_tlsServer = tlsServer; + this.m_tlsServerContext = new TlsServerContextImpl(tlsServer.Crypto); + + tlsServer.Init(m_tlsServerContext); + tlsServer.NotifyCloseHandle(this); + + BeginHandshake(); + + if (m_blocking) + { + BlockForHandshake(); + } + } + + protected override void CleanupHandshake() + { + base.CleanupHandshake(); + + this.m_offeredCipherSuites = null; + this.m_keyExchange = null; + this.m_certificateRequest = null; + } + + protected virtual bool ExpectCertificateVerifyMessage() + { + if (null == m_certificateRequest) + return false; + + Certificate clientCertificate = m_tlsServerContext.SecurityParameters.PeerCertificate; + + return null != clientCertificate && !clientCertificate.IsEmpty + && (null == m_keyExchange || m_keyExchange.RequiresCertificateVerify); + } + + /// + protected virtual ServerHello Generate13HelloRetryRequest(ClientHello clientHello) + { + // TODO[tls13] In future there might be other reasons for a HelloRetryRequest. + if (m_retryGroup < 0) + throw new TlsFatalAlert(AlertDescription.internal_error); + + SecurityParameters securityParameters = m_tlsServerContext.SecurityParameters; + ProtocolVersion serverVersion = securityParameters.NegotiatedVersion; + + IDictionary serverHelloExtensions = Platform.CreateHashtable(); + TlsExtensionsUtilities.AddSupportedVersionsExtensionServer(serverHelloExtensions, serverVersion); + if (m_retryGroup >= 0) + { + TlsExtensionsUtilities.AddKeyShareHelloRetryRequest(serverHelloExtensions, m_retryGroup); + } + if (null != m_retryCookie) + { + TlsExtensionsUtilities.AddCookieExtension(serverHelloExtensions, m_retryCookie); + } + + TlsUtilities.CheckExtensionData13(serverHelloExtensions, HandshakeType.hello_retry_request, + AlertDescription.internal_error); + + return new ServerHello(clientHello.SessionID, securityParameters.CipherSuite, serverHelloExtensions); + } + + /// + protected virtual ServerHello Generate13ServerHello(ClientHello clientHello, + HandshakeMessageInput clientHelloMessage, bool afterHelloRetryRequest) + { + SecurityParameters securityParameters = m_tlsServerContext.SecurityParameters; + + + byte[] legacy_session_id = clientHello.SessionID; + + IDictionary clientHelloExtensions = clientHello.Extensions; + if (null == clientHelloExtensions) + throw new TlsFatalAlert(AlertDescription.missing_extension); + + + ProtocolVersion serverVersion = securityParameters.NegotiatedVersion; + TlsCrypto crypto = m_tlsServerContext.Crypto; + + // NOTE: Will only select for psk_dhe_ke + OfferedPsks.SelectedConfig selectedPsk = TlsUtilities.SelectPreSharedKey(m_tlsServerContext, m_tlsServer, + clientHelloExtensions, clientHelloMessage, m_handshakeHash, afterHelloRetryRequest); + + IList clientShares = TlsExtensionsUtilities.GetKeyShareClientHello(clientHelloExtensions); + KeyShareEntry clientShare = null; + + if (afterHelloRetryRequest) + { + if (m_retryGroup < 0) + throw new TlsFatalAlert(AlertDescription.internal_error); + + if (null == selectedPsk) + { + /* + * RFC 8446 4.2.3. If a server is authenticating via a certificate and the client has + * not sent a "signature_algorithms" extension, then the server MUST abort the handshake + * with a "missing_extension" alert. + */ + if (null == securityParameters.ClientSigAlgs) + throw new TlsFatalAlert(AlertDescription.missing_extension); + } + else + { + // TODO[tls13] Maybe filter the offered PSKs by PRF algorithm before server selection instead + if (selectedPsk.m_psk.PrfAlgorithm != securityParameters.PrfAlgorithm) + throw new TlsFatalAlert(AlertDescription.illegal_parameter); + } + + /* + * TODO[tls13] Confirm fields in the ClientHello haven't changed + * + * RFC 8446 4.1.2 [..] when the server has responded to its ClientHello with a + * HelloRetryRequest [..] the client MUST send the same ClientHello without + * modification, except as follows: [key_share, early_data, cookie, pre_shared_key, + * padding]. + */ + + byte[] cookie = TlsExtensionsUtilities.GetCookieExtension(clientHelloExtensions); + if (!Arrays.AreEqual(m_retryCookie, cookie)) + throw new TlsFatalAlert(AlertDescription.illegal_parameter); + + this.m_retryCookie = null; + + clientShare = TlsUtilities.SelectKeyShare(clientShares, m_retryGroup); + if (null == clientShare) + throw new TlsFatalAlert(AlertDescription.illegal_parameter); + } + else + { + this.m_clientExtensions = clientHelloExtensions; + + securityParameters.m_secureRenegotiation = false; + + // NOTE: Validates the padding extension data, if present + TlsExtensionsUtilities.GetPaddingExtension(clientHelloExtensions); + + securityParameters.m_clientServerNames = TlsExtensionsUtilities + .GetServerNameExtensionClient(clientHelloExtensions); + + TlsUtilities.EstablishClientSigAlgs(securityParameters, clientHelloExtensions); + + /* + * RFC 8446 4.2.3. If a server is authenticating via a certificate and the client has + * not sent a "signature_algorithms" extension, then the server MUST abort the handshake + * with a "missing_extension" alert. + */ + if (null == selectedPsk && null == securityParameters.ClientSigAlgs) + throw new TlsFatalAlert(AlertDescription.missing_extension); + + m_tlsServer.ProcessClientExtensions(clientHelloExtensions); + + /* + * NOTE: Currently no server support for session resumption + * + * If adding support, ensure securityParameters.tlsUnique is set to the localVerifyData, but + * ONLY when extended_master_secret has been negotiated (otherwise NULL). + */ + { + // TODO[tls13] Resumption/PSK + + this.m_tlsSession = TlsUtilities.ImportSession(TlsUtilities.EmptyBytes, null); + this.m_sessionParameters = null; + this.m_sessionMasterSecret = null; + } + + securityParameters.m_sessionID = m_tlsSession.SessionID; + + m_tlsServer.NotifySession(m_tlsSession); + + TlsUtilities.NegotiatedVersionTlsServer(m_tlsServerContext); + + { + securityParameters.m_serverRandom = CreateRandomBlock(false, m_tlsServerContext); + + if (!serverVersion.Equals(ProtocolVersion.GetLatestTls(m_tlsServer.GetProtocolVersions()))) + { + TlsUtilities.WriteDowngradeMarker(serverVersion, securityParameters.ServerRandom); + } + } + + { + // TODO[tls13] Constrain selection when PSK selected + int cipherSuite = m_tlsServer.GetSelectedCipherSuite(); + + if (!TlsUtilities.IsValidCipherSuiteSelection(m_offeredCipherSuites, cipherSuite) || + !TlsUtilities.IsValidVersionForCipherSuite(cipherSuite, serverVersion)) + { + throw new TlsFatalAlert(AlertDescription.internal_error); + } + + TlsUtilities.NegotiatedCipherSuite(securityParameters, cipherSuite); + } + + int[] clientSupportedGroups = securityParameters.ClientSupportedGroups; + int[] serverSupportedGroups = securityParameters.ServerSupportedGroups; + + clientShare = TlsUtilities.SelectKeyShare(crypto, serverVersion, clientShares, clientSupportedGroups, + serverSupportedGroups); + + if (null == clientShare) + { + this.m_retryGroup = TlsUtilities.SelectKeyShareGroup(crypto, serverVersion, clientSupportedGroups, + serverSupportedGroups); + if (m_retryGroup < 0) + throw new TlsFatalAlert(AlertDescription.handshake_failure); + + this.m_retryCookie = m_tlsServerContext.NonceGenerator.GenerateNonce(16); + + return Generate13HelloRetryRequest(clientHello); + } + + if (clientShare.NamedGroup != serverSupportedGroups[0]) + { + /* + * TODO[tls13] RFC 8446 4.2.7. As of TLS 1.3, servers are permitted to send the + * "supported_groups" extension to the client. Clients MUST NOT act upon any + * information found in "supported_groups" prior to successful completion of the + * handshake but MAY use the information learned from a successfully completed + * handshake to change what groups they use in their "key_share" extension in + * subsequent connections. If the server has a group it prefers to the ones in the + * "key_share" extension but is still willing to accept the ClientHello, it SHOULD + * send "supported_groups" to update the client's view of its preferences; this + * extension SHOULD contain all groups the server supports, regardless of whether + * they are currently supported by the client. + */ + } + } + + + IDictionary serverHelloExtensions = Platform.CreateHashtable(); + IDictionary serverEncryptedExtensions = TlsExtensionsUtilities.EnsureExtensionsInitialised( + m_tlsServer.GetServerExtensions()); + + m_tlsServer.GetServerExtensionsForConnection(serverEncryptedExtensions); + + ProtocolVersion serverLegacyVersion = ProtocolVersion.TLSv12; + TlsExtensionsUtilities.AddSupportedVersionsExtensionServer(serverHelloExtensions, serverVersion); + + /* + * RFC 8446 Appendix D. Because TLS 1.3 always hashes in the transcript up to the server + * Finished, implementations which support both TLS 1.3 and earlier versions SHOULD indicate + * the use of the Extended Master Secret extension in their APIs whenever TLS 1.3 is used. + */ + securityParameters.m_extendedMasterSecret = true; + + /* + * RFC 7301 3.1. When session resumption or session tickets [...] are used, the previous + * contents of this extension are irrelevant, and only the values in the new handshake + * messages are considered. + */ + securityParameters.m_applicationProtocol = TlsExtensionsUtilities.GetAlpnExtensionServer( + serverEncryptedExtensions); + securityParameters.m_applicationProtocolSet = true; + + if (serverEncryptedExtensions.Count > 0) + { + securityParameters.m_maxFragmentLength = ProcessMaxFragmentLengthExtension(clientHelloExtensions, + serverEncryptedExtensions, AlertDescription.internal_error); + } + + securityParameters.m_encryptThenMac = false; + securityParameters.m_truncatedHmac = false; + + /* + * TODO[tls13] RFC 8446 4.4.2.1. OCSP Status and SCT Extensions. + * + * OCSP information is carried in an extension for a CertificateEntry. + */ + securityParameters.m_statusRequestVersion = clientHelloExtensions.Contains(ExtensionType.status_request) + ? 1 : 0; + + this.m_expectSessionTicket = false; + + TlsSecret pskEarlySecret = null; + if (null != selectedPsk) + { + pskEarlySecret = selectedPsk.m_earlySecret; + + this.m_selectedPsk13 = true; + + TlsExtensionsUtilities.AddPreSharedKeyServerHello(serverHelloExtensions, selectedPsk.m_index); + } + + TlsSecret sharedSecret; + { + int namedGroup = clientShare.NamedGroup; + + TlsAgreement agreement; + if (NamedGroup.RefersToASpecificCurve(namedGroup)) + { + agreement = crypto.CreateECDomain(new TlsECConfig(namedGroup)).CreateECDH(); + } + else if (NamedGroup.RefersToASpecificFiniteField(namedGroup)) + { + agreement = crypto.CreateDHDomain(new TlsDHConfig(namedGroup, true)).CreateDH(); + } + else + { + throw new TlsFatalAlert(AlertDescription.internal_error); + } + + byte[] key_exchange = agreement.GenerateEphemeral(); + KeyShareEntry serverShare = new KeyShareEntry(namedGroup, key_exchange); + TlsExtensionsUtilities.AddKeyShareServerHello(serverHelloExtensions, serverShare); + + agreement.ReceivePeerValue(clientShare.KeyExchange); + sharedSecret = agreement.CalculateSecret(); + } + + TlsUtilities.Establish13PhaseSecrets(m_tlsServerContext, pskEarlySecret, sharedSecret); + + this.m_serverExtensions = serverEncryptedExtensions; + + ApplyMaxFragmentLengthExtension(securityParameters.MaxFragmentLength); + + TlsUtilities.CheckExtensionData13(serverHelloExtensions, HandshakeType.server_hello, + AlertDescription.internal_error); + + return new ServerHello(serverLegacyVersion, securityParameters.ServerRandom, legacy_session_id, + securityParameters.CipherSuite, serverHelloExtensions); + } + + /// + protected virtual ServerHello GenerateServerHello(ClientHello clientHello, + HandshakeMessageInput clientHelloMessage) + { + ProtocolVersion clientLegacyVersion = clientHello.Version; + if (!clientLegacyVersion.IsTls) + throw new TlsFatalAlert(AlertDescription.illegal_parameter); + + this.m_offeredCipherSuites = clientHello.CipherSuites; + + + + SecurityParameters securityParameters = m_tlsServerContext.SecurityParameters; + + m_tlsServerContext.SetClientSupportedVersions( + TlsExtensionsUtilities.GetSupportedVersionsExtensionClient(clientHello.Extensions)); + + ProtocolVersion clientVersion = clientLegacyVersion; + if (null == m_tlsServerContext.ClientSupportedVersions) + { + if (clientVersion.IsLaterVersionOf(ProtocolVersion.TLSv12)) + { + clientVersion = ProtocolVersion.TLSv12; + } + + m_tlsServerContext.SetClientSupportedVersions(clientVersion.DownTo(ProtocolVersion.SSLv3)); + } + else + { + clientVersion = ProtocolVersion.GetLatestTls(m_tlsServerContext.ClientSupportedVersions); + } + + // Set the legacy_record_version to use for early alerts + m_recordStream.SetWriteVersion(clientVersion); + + if (!ProtocolVersion.SERVER_EARLIEST_SUPPORTED_TLS.IsEqualOrEarlierVersionOf(clientVersion)) + throw new TlsFatalAlert(AlertDescription.protocol_version); + + // NOT renegotiating + { + m_tlsServerContext.SetClientVersion(clientVersion); + } + + m_tlsServer.NotifyClientVersion(m_tlsServerContext.ClientVersion); + + securityParameters.m_clientRandom = clientHello.Random; + + m_tlsServer.NotifyFallback(Arrays.Contains(m_offeredCipherSuites, CipherSuite.TLS_FALLBACK_SCSV)); + + m_tlsServer.NotifyOfferedCipherSuites(m_offeredCipherSuites); + + // TODO[tls13] Negotiate cipher suite first? + + ProtocolVersion serverVersion; + + // NOT renegotiating + { + serverVersion = m_tlsServer.GetServerVersion(); + if (!ProtocolVersion.Contains(m_tlsServerContext.ClientSupportedVersions, serverVersion)) + throw new TlsFatalAlert(AlertDescription.internal_error); + + securityParameters.m_negotiatedVersion = serverVersion; + } + + securityParameters.m_clientSupportedGroups = TlsExtensionsUtilities.GetSupportedGroupsExtension( + clientHello.Extensions); + securityParameters.m_serverSupportedGroups = m_tlsServer.GetSupportedGroups(); + + if (ProtocolVersion.TLSv13.IsEqualOrEarlierVersionOf(serverVersion)) + { + // See RFC 8446 D.4. + m_recordStream.SetIgnoreChangeCipherSpec(true); + + m_recordStream.SetWriteVersion(ProtocolVersion.TLSv12); + + return Generate13ServerHello(clientHello, clientHelloMessage, false); + } + + m_recordStream.SetWriteVersion(serverVersion); + + this.m_clientExtensions = clientHello.Extensions; + + byte[] clientRenegExtData = TlsUtilities.GetExtensionData(m_clientExtensions, ExtensionType.renegotiation_info); + + // NOT renegotiating + { + /* + * RFC 5746 3.6. Server Behavior: Initial Handshake (both full and session-resumption) + */ + + /* + * RFC 5746 3.4. The client MUST include either an empty "renegotiation_info" extension, + * or the TLS_EMPTY_RENEGOTIATION_INFO_SCSV signaling cipher suite value in the + * ClientHello. Including both is NOT RECOMMENDED. + */ + + /* + * When a ClientHello is received, the server MUST check if it includes the + * TLS_EMPTY_RENEGOTIATION_INFO_SCSV SCSV. If it does, set the secure_renegotiation flag + * to TRUE. + */ + if (Arrays.Contains(m_offeredCipherSuites, CipherSuite.TLS_EMPTY_RENEGOTIATION_INFO_SCSV)) + { + securityParameters.m_secureRenegotiation = true; + } + + /* + * The server MUST check if the "renegotiation_info" extension is included in the + * ClientHello. + */ + if (clientRenegExtData != null) + { + /* + * If the extension is present, set secure_renegotiation flag to TRUE. The + * server MUST then verify that the length of the "renegotiated_connection" + * field is zero, and if it is not, MUST abort the handshake. + */ + securityParameters.m_secureRenegotiation = true; + + if (!Arrays.ConstantTimeAreEqual(clientRenegExtData, + CreateRenegotiationInfo(TlsUtilities.EmptyBytes))) + { + throw new TlsFatalAlert(AlertDescription.handshake_failure); + } + } + } + + m_tlsServer.NotifySecureRenegotiation(securityParameters.IsSecureRenegotiation); + + bool offeredExtendedMasterSecret = TlsExtensionsUtilities.HasExtendedMasterSecretExtension( + m_clientExtensions); + + if (m_clientExtensions != null) + { + // NOTE: Validates the padding extension data, if present + TlsExtensionsUtilities.GetPaddingExtension(m_clientExtensions); + + securityParameters.m_clientServerNames = TlsExtensionsUtilities.GetServerNameExtensionClient( + m_clientExtensions); + + /* + * RFC 5246 7.4.1.4.1. Note: this extension is not meaningful for TLS versions prior + * to 1.2. Clients MUST NOT offer it if they are offering prior versions. + */ + if (TlsUtilities.IsSignatureAlgorithmsExtensionAllowed(clientVersion)) + { + TlsUtilities.EstablishClientSigAlgs(securityParameters, m_clientExtensions); + } + + securityParameters.m_clientSupportedGroups = TlsExtensionsUtilities.GetSupportedGroupsExtension( + m_clientExtensions); + + m_tlsServer.ProcessClientExtensions(m_clientExtensions); + } + + this.m_resumedSession = EstablishSession(m_tlsServer.GetSessionToResume(clientHello.SessionID)); + + if (!m_resumedSession) + { + byte[] newSessionID = m_tlsServer.GetNewSessionID(); + if (null == newSessionID) + { + newSessionID = TlsUtilities.EmptyBytes; + } + + this.m_tlsSession = TlsUtilities.ImportSession(newSessionID, null); + this.m_sessionParameters = null; + this.m_sessionMasterSecret = null; + } + + securityParameters.m_sessionID = m_tlsSession.SessionID; + + m_tlsServer.NotifySession(m_tlsSession); + + TlsUtilities.NegotiatedVersionTlsServer(m_tlsServerContext); + + { + bool useGmtUnixTime = m_tlsServer.ShouldUseGmtUnixTime(); + + securityParameters.m_serverRandom = CreateRandomBlock(useGmtUnixTime, m_tlsServerContext); + + if (!serverVersion.Equals(ProtocolVersion.GetLatestTls(m_tlsServer.GetProtocolVersions()))) + { + TlsUtilities.WriteDowngradeMarker(serverVersion, securityParameters.ServerRandom); + } + } + + { + int cipherSuite = m_resumedSession + ? m_sessionParameters.CipherSuite + : m_tlsServer.GetSelectedCipherSuite(); + + if (!TlsUtilities.IsValidCipherSuiteSelection(m_offeredCipherSuites, cipherSuite) || + !TlsUtilities.IsValidVersionForCipherSuite(cipherSuite, serverVersion)) + { + throw new TlsFatalAlert(AlertDescription.internal_error); + } + + TlsUtilities.NegotiatedCipherSuite(securityParameters, cipherSuite); + } + + m_tlsServerContext.SetRsaPreMasterSecretVersion(clientLegacyVersion); + + { + IDictionary sessionServerExtensions = m_resumedSession + ? m_sessionParameters.ReadServerExtensions() + : m_tlsServer.GetServerExtensions(); + + this.m_serverExtensions = TlsExtensionsUtilities.EnsureExtensionsInitialised(sessionServerExtensions); + } + + m_tlsServer.GetServerExtensionsForConnection(m_serverExtensions); + + // NOT renegotiating + { + /* + * RFC 5746 3.6. Server Behavior: Initial Handshake (both full and session-resumption) + */ + if (securityParameters.IsSecureRenegotiation) + { + byte[] serverRenegExtData = TlsUtilities.GetExtensionData(m_serverExtensions, + ExtensionType.renegotiation_info); + bool noRenegExt = (null == serverRenegExtData); + + if (noRenegExt) + { + /* + * Note that sending a "renegotiation_info" extension in response to a ClientHello + * containing only the SCSV is an explicit exception to the prohibition in RFC 5246, + * Section 7.4.1.4, on the server sending unsolicited extensions and is only allowed + * because the client is signaling its willingness to receive the extension via the + * TLS_EMPTY_RENEGOTIATION_INFO_SCSV SCSV. + */ + + /* + * If the secure_renegotiation flag is set to TRUE, the server MUST include an empty + * "renegotiation_info" extension in the ServerHello message. + */ + this.m_serverExtensions[ExtensionType.renegotiation_info] = CreateRenegotiationInfo( + TlsUtilities.EmptyBytes); + } + } + } + + /* + * RFC 7627 4. Clients and servers SHOULD NOT accept handshakes that do not use the extended + * master secret [..]. (and see 5.2, 5.3) + */ + if (m_resumedSession) + { + if (!m_sessionParameters.IsExtendedMasterSecret) + { + /* + * TODO[resumption] ProvTlsServer currently only resumes EMS sessions. Revisit this + * in relation to 'tlsServer.allowLegacyResumption()'. + */ + throw new TlsFatalAlert(AlertDescription.internal_error); + } + + if (!offeredExtendedMasterSecret) + throw new TlsFatalAlert(AlertDescription.handshake_failure); + + securityParameters.m_extendedMasterSecret = true; + + TlsExtensionsUtilities.AddExtendedMasterSecretExtension(m_serverExtensions); + } + else + { + securityParameters.m_extendedMasterSecret = offeredExtendedMasterSecret && !serverVersion.IsSsl + && m_tlsServer.ShouldUseExtendedMasterSecret(); + + if (securityParameters.IsExtendedMasterSecret) + { + TlsExtensionsUtilities.AddExtendedMasterSecretExtension(m_serverExtensions); + } + else if (m_tlsServer.RequiresExtendedMasterSecret()) + { + throw new TlsFatalAlert(AlertDescription.handshake_failure); + } + } + + securityParameters.m_applicationProtocol = TlsExtensionsUtilities.GetAlpnExtensionServer(m_serverExtensions); + securityParameters.m_applicationProtocolSet = true; + + if (m_serverExtensions.Count > 0) + { + securityParameters.m_encryptThenMac = TlsExtensionsUtilities.HasEncryptThenMacExtension( + m_serverExtensions); + + securityParameters.m_maxFragmentLength = ProcessMaxFragmentLengthExtension(m_clientExtensions, + m_serverExtensions, AlertDescription.internal_error); + + securityParameters.m_truncatedHmac = TlsExtensionsUtilities.HasTruncatedHmacExtension( + m_serverExtensions); + + if (!m_resumedSession) + { + if (TlsUtilities.HasExpectedEmptyExtensionData(m_serverExtensions, ExtensionType.status_request_v2, + AlertDescription.internal_error)) + { + securityParameters.m_statusRequestVersion = 2; + } + else if (TlsUtilities.HasExpectedEmptyExtensionData(m_serverExtensions, ExtensionType.status_request, + AlertDescription.internal_error)) + { + securityParameters.m_statusRequestVersion = 1; + } + + this.m_expectSessionTicket = TlsUtilities.HasExpectedEmptyExtensionData(m_serverExtensions, + ExtensionType.session_ticket, AlertDescription.internal_error); + } + } + + ApplyMaxFragmentLengthExtension(securityParameters.MaxFragmentLength); + + return new ServerHello(serverVersion, securityParameters.ServerRandom, m_tlsSession.SessionID, + securityParameters.CipherSuite, m_serverExtensions); + } + + protected override TlsContext Context + { + get { return m_tlsServerContext; } + } + + internal override AbstractTlsContext ContextAdmin + { + get { return m_tlsServerContext; } + } + + protected override TlsPeer Peer + { + get { return m_tlsServer; } + } + + /// + protected virtual void Handle13HandshakeMessage(short type, HandshakeMessageInput buf) + { + if (!IsTlsV13ConnectionState()) + throw new TlsFatalAlert(AlertDescription.internal_error); + + if (m_resumedSession) + { + /* + * TODO[tls13] Abbreviated handshakes (PSK resumption) + * + * NOTE: No CertificateRequest, Certificate, CertificateVerify messages, but client + * might now send EndOfEarlyData after receiving server Finished message. + */ + throw new TlsFatalAlert(AlertDescription.internal_error); + } + + switch (type) + { + case HandshakeType.certificate: + { + switch (m_connectionState) + { + case CS_SERVER_FINISHED: + { + Receive13ClientCertificate(buf); + this.m_connectionState = CS_CLIENT_CERTIFICATE; + break; + } + default: + throw new TlsFatalAlert(AlertDescription.unexpected_message); + } + break; + } + case HandshakeType.certificate_verify: + { + switch (m_connectionState) + { + case CS_CLIENT_CERTIFICATE: + { + Receive13ClientCertificateVerify(buf); + buf.UpdateHash(m_handshakeHash); + this.m_connectionState = CS_CLIENT_CERTIFICATE_VERIFY; + break; + } + default: + throw new TlsFatalAlert(AlertDescription.unexpected_message); + } + break; + } + case HandshakeType.client_hello: + { + switch (m_connectionState) + { + case CS_START: + { + // NOTE: Legacy handler should be dispatching initial ClientHello. + throw new TlsFatalAlert(AlertDescription.internal_error); + } + case CS_SERVER_HELLO_RETRY_REQUEST: + { + ClientHello clientHelloRetry = ReceiveClientHelloMessage(buf); + this.m_connectionState = CS_CLIENT_HELLO_RETRY; + + ServerHello serverHello = Generate13ServerHello(clientHelloRetry, buf, true); + SendServerHelloMessage(serverHello); + this.m_connectionState = CS_SERVER_HELLO; + + Send13ServerHelloCoda(serverHello, true); + break; + } + default: + throw new TlsFatalAlert(AlertDescription.unexpected_message); + } + break; + } + case HandshakeType.finished: + { + switch (m_connectionState) + { + case CS_SERVER_FINISHED: + case CS_CLIENT_CERTIFICATE: + case CS_CLIENT_CERTIFICATE_VERIFY: + { + if (m_connectionState == CS_SERVER_FINISHED) + { + Skip13ClientCertificate(); + } + if (m_connectionState != CS_CLIENT_CERTIFICATE_VERIFY) + { + Skip13ClientCertificateVerify(); + } + + Receive13ClientFinished(buf); + this.m_connectionState = CS_CLIENT_FINISHED; + + // See RFC 8446 D.4. + m_recordStream.SetIgnoreChangeCipherSpec(false); + + // NOTE: Completes the switch to application-data phase (server entered after CS_SERVER_FINISHED). + m_recordStream.EnablePendingCipherRead(false); + + CompleteHandshake(); + break; + } + default: + throw new TlsFatalAlert(AlertDescription.unexpected_message); + } + break; + } + case HandshakeType.key_update: + { + Receive13KeyUpdate(buf); + break; + } + + case HandshakeType.certificate_request: + case HandshakeType.certificate_status: + case HandshakeType.certificate_url: + case HandshakeType.client_key_exchange: + case HandshakeType.compressed_certificate: + case HandshakeType.encrypted_extensions: + case HandshakeType.end_of_early_data: + case HandshakeType.hello_request: + case HandshakeType.hello_verify_request: + case HandshakeType.message_hash: + case HandshakeType.new_session_ticket: + case HandshakeType.server_hello: + case HandshakeType.server_hello_done: + case HandshakeType.server_key_exchange: + case HandshakeType.supplemental_data: + default: + throw new TlsFatalAlert(AlertDescription.unexpected_message); + } + } + + protected override void HandleHandshakeMessage(short type, HandshakeMessageInput buf) + { + SecurityParameters securityParameters = m_tlsServerContext.SecurityParameters; + + if (m_connectionState > CS_CLIENT_HELLO + && TlsUtilities.IsTlsV13(securityParameters.NegotiatedVersion)) + { + Handle13HandshakeMessage(type, buf); + return; + } + + if (!IsLegacyConnectionState()) + throw new TlsFatalAlert(AlertDescription.internal_error); + + if (m_resumedSession) + { + if (type != HandshakeType.finished || m_connectionState != CS_SERVER_FINISHED) + throw new TlsFatalAlert(AlertDescription.unexpected_message); + + ProcessFinishedMessage(buf); + this.m_connectionState = CS_CLIENT_FINISHED; + + CompleteHandshake(); + return; + } + + switch (type) + { + case HandshakeType.client_hello: + { + if (IsApplicationDataReady) + { + RefuseRenegotiation(); + break; + } + + switch (m_connectionState) + { + case CS_END: + { + throw new TlsFatalAlert(AlertDescription.internal_error); + } + case CS_START: + { + ClientHello clientHello = ReceiveClientHelloMessage(buf); + this.m_connectionState = CS_CLIENT_HELLO; + + ServerHello serverHello = GenerateServerHello(clientHello, buf); + m_handshakeHash.NotifyPrfDetermined(); + + if (TlsUtilities.IsTlsV13(securityParameters.NegotiatedVersion)) + { + m_handshakeHash.SealHashAlgorithms(); + + if (serverHello.IsHelloRetryRequest()) + { + TlsUtilities.AdjustTranscriptForRetry(m_handshakeHash); + SendServerHelloMessage(serverHello); + this.m_connectionState = CS_SERVER_HELLO_RETRY_REQUEST; + + // See RFC 8446 D.4. + SendChangeCipherSpecMessage(); + } + else + { + SendServerHelloMessage(serverHello); + this.m_connectionState = CS_SERVER_HELLO; + + // See RFC 8446 D.4. + SendChangeCipherSpecMessage(); + + Send13ServerHelloCoda(serverHello, false); + } + break; + } + + // For TLS 1.3+, this was already done by GenerateServerHello + buf.UpdateHash(m_handshakeHash); + + SendServerHelloMessage(serverHello); + this.m_connectionState = CS_SERVER_HELLO; + + if (m_resumedSession) + { + securityParameters.m_masterSecret = m_sessionMasterSecret; + m_recordStream.SetPendingCipher(TlsUtilities.InitCipher(m_tlsServerContext)); + + SendChangeCipherSpec(); + SendFinishedMessage(); + this.m_connectionState = CS_SERVER_FINISHED; + break; + } + + IList serverSupplementalData = m_tlsServer.GetServerSupplementalData(); + if (serverSupplementalData != null) + { + SendSupplementalDataMessage(serverSupplementalData); + this.m_connectionState = CS_SERVER_SUPPLEMENTAL_DATA; + } + + this.m_keyExchange = TlsUtilities.InitKeyExchangeServer(m_tlsServerContext, m_tlsServer); + + TlsCredentials serverCredentials = TlsUtilities.EstablishServerCredentials(m_tlsServer); + + // Server certificate + { + Certificate serverCertificate = null; + + MemoryStream endPointHash = new MemoryStream(); + if (null == serverCredentials) + { + m_keyExchange.SkipServerCredentials(); + } + else + { + m_keyExchange.ProcessServerCredentials(serverCredentials); + + serverCertificate = serverCredentials.Certificate; + SendCertificateMessage(serverCertificate, endPointHash); + this.m_connectionState = CS_SERVER_CERTIFICATE; + } + + securityParameters.m_tlsServerEndPoint = endPointHash.ToArray(); + + // TODO[RFC 3546] Check whether empty certificates is possible, allowed, or excludes + // CertificateStatus + if (null == serverCertificate || serverCertificate.IsEmpty) + { + securityParameters.m_statusRequestVersion = 0; + } + } + + if (securityParameters.StatusRequestVersion > 0) + { + CertificateStatus certificateStatus = m_tlsServer.GetCertificateStatus(); + if (certificateStatus != null) + { + SendCertificateStatusMessage(certificateStatus); + this.m_connectionState = CS_SERVER_CERTIFICATE_STATUS; + } + } + + byte[] serverKeyExchange = m_keyExchange.GenerateServerKeyExchange(); + if (serverKeyExchange != null) + { + SendServerKeyExchangeMessage(serverKeyExchange); + this.m_connectionState = CS_SERVER_KEY_EXCHANGE; + } + + if (null != serverCredentials) + { + this.m_certificateRequest = m_tlsServer.GetCertificateRequest(); + + if (null == m_certificateRequest) + { + /* + * For static agreement key exchanges, CertificateRequest is required since + * the client Certificate message is mandatory but can only be sent if the + * server requests it. + */ + if (!m_keyExchange.RequiresCertificateVerify) + throw new TlsFatalAlert(AlertDescription.internal_error); + } + else + { + if (TlsUtilities.IsTlsV12(m_tlsServerContext) + != (m_certificateRequest.SupportedSignatureAlgorithms != null)) + { + throw new TlsFatalAlert(AlertDescription.internal_error); + } + + this.m_certificateRequest = TlsUtilities.ValidateCertificateRequest(m_certificateRequest, + m_keyExchange); + + TlsUtilities.EstablishServerSigAlgs(securityParameters, m_certificateRequest); + + TlsUtilities.TrackHashAlgorithms(m_handshakeHash, securityParameters.ServerSigAlgs); + + SendCertificateRequestMessage(m_certificateRequest); + this.m_connectionState = CS_SERVER_CERTIFICATE_REQUEST; + } + } + + SendServerHelloDoneMessage(); + this.m_connectionState = CS_SERVER_HELLO_DONE; + + bool forceBuffering = false; + TlsUtilities.SealHandshakeHash(m_tlsServerContext, m_handshakeHash, forceBuffering); + + break; + } + default: + throw new TlsFatalAlert(AlertDescription.unexpected_message); + } + break; + } + case HandshakeType.supplemental_data: + { + switch (m_connectionState) + { + case CS_SERVER_HELLO_DONE: + { + m_tlsServer.ProcessClientSupplementalData(ReadSupplementalDataMessage(buf)); + this.m_connectionState = CS_CLIENT_SUPPLEMENTAL_DATA; + break; + } + default: + throw new TlsFatalAlert(AlertDescription.unexpected_message); + } + break; + } + case HandshakeType.certificate: + { + switch (m_connectionState) + { + case CS_SERVER_HELLO_DONE: + case CS_CLIENT_SUPPLEMENTAL_DATA: + { + if (m_connectionState != CS_CLIENT_SUPPLEMENTAL_DATA) + { + m_tlsServer.ProcessClientSupplementalData(null); + } + + ReceiveCertificateMessage(buf); + this.m_connectionState = CS_CLIENT_CERTIFICATE; + break; + } + default: + throw new TlsFatalAlert(AlertDescription.unexpected_message); + } + break; + } + case HandshakeType.client_key_exchange: + { + switch (m_connectionState) + { + case CS_SERVER_HELLO_DONE: + case CS_CLIENT_SUPPLEMENTAL_DATA: + case CS_CLIENT_CERTIFICATE: + { + if (m_connectionState == CS_SERVER_HELLO_DONE) + { + m_tlsServer.ProcessClientSupplementalData(null); + } + if (m_connectionState != CS_CLIENT_CERTIFICATE) + { + if (null == m_certificateRequest) + { + m_keyExchange.SkipClientCredentials(); + } + else if (TlsUtilities.IsTlsV12(m_tlsServerContext)) + { + /* + * RFC 5246 If no suitable certificate is available, the client MUST send a + * certificate message containing no certificates. + * + * NOTE: In previous RFCs, this was SHOULD instead of MUST. + */ + throw new TlsFatalAlert(AlertDescription.unexpected_message); + } + else if (TlsUtilities.IsSsl(m_tlsServerContext)) + { + /* + * SSL 3.0 If the server has sent a certificate request Message, the client must + * send either the certificate message or a no_certificate alert. + */ + throw new TlsFatalAlert(AlertDescription.unexpected_message); + } + else + { + NotifyClientCertificate(Certificate.EmptyChain); + } + } + + ReceiveClientKeyExchangeMessage(buf); + this.m_connectionState = CS_CLIENT_KEY_EXCHANGE; + break; + } + default: + throw new TlsFatalAlert(AlertDescription.unexpected_message); + } + break; + } + case HandshakeType.certificate_verify: + { + switch (m_connectionState) + { + case CS_CLIENT_KEY_EXCHANGE: + { + /* + * RFC 5246 7.4.8 This message is only sent following a client certificate that has + * signing capability (i.e., all certificates except those containing fixed + * Diffie-Hellman parameters). + */ + if (!ExpectCertificateVerifyMessage()) + throw new TlsFatalAlert(AlertDescription.unexpected_message); + + ReceiveCertificateVerifyMessage(buf); + buf.UpdateHash(m_handshakeHash); + this.m_connectionState = CS_CLIENT_CERTIFICATE_VERIFY; + break; + } + default: + throw new TlsFatalAlert(AlertDescription.unexpected_message); + } + break; + } + case HandshakeType.finished: + { + switch (m_connectionState) + { + case CS_CLIENT_KEY_EXCHANGE: + case CS_CLIENT_CERTIFICATE_VERIFY: + { + if (m_connectionState != CS_CLIENT_CERTIFICATE_VERIFY) + { + if (ExpectCertificateVerifyMessage()) + throw new TlsFatalAlert(AlertDescription.unexpected_message); + } + + ProcessFinishedMessage(buf); + buf.UpdateHash(m_handshakeHash); + this.m_connectionState = CS_CLIENT_FINISHED; + + if (m_expectSessionTicket) + { + /* + * TODO[new_session_ticket] Check the server-side rules regarding the session ID, since + * the client is going to ignore any session ID it received once it sees the + * new_session_ticket message. + */ + + SendNewSessionTicketMessage(m_tlsServer.GetNewSessionTicket()); + this.m_connectionState = CS_SERVER_SESSION_TICKET; + } + + SendChangeCipherSpec(); + SendFinishedMessage(); + this.m_connectionState = CS_SERVER_FINISHED; + + CompleteHandshake(); + break; + } + default: + throw new TlsFatalAlert(AlertDescription.unexpected_message); + } + break; + } + + case HandshakeType.certificate_request: + case HandshakeType.certificate_status: + case HandshakeType.certificate_url: + case HandshakeType.compressed_certificate: + case HandshakeType.encrypted_extensions: + case HandshakeType.end_of_early_data: + case HandshakeType.hello_request: + case HandshakeType.hello_verify_request: + case HandshakeType.key_update: + case HandshakeType.message_hash: + case HandshakeType.new_session_ticket: + case HandshakeType.server_hello: + case HandshakeType.server_hello_done: + case HandshakeType.server_key_exchange: + default: + throw new TlsFatalAlert(AlertDescription.unexpected_message); + } + } + + protected override void HandleAlertWarningMessage(short alertDescription) + { + /* + * SSL 3.0 If the server has sent a certificate request Message, the client must send + * either the certificate message or a no_certificate alert. + */ + if (AlertDescription.no_certificate == alertDescription && null != m_certificateRequest + && TlsUtilities.IsSsl(m_tlsServerContext)) + { + switch (m_connectionState) + { + case CS_SERVER_HELLO_DONE: + case CS_CLIENT_SUPPLEMENTAL_DATA: + { + if (m_connectionState != CS_CLIENT_SUPPLEMENTAL_DATA) + { + m_tlsServer.ProcessClientSupplementalData(null); + } + + NotifyClientCertificate(Certificate.EmptyChain); + this.m_connectionState = CS_CLIENT_CERTIFICATE; + return; + } + } + } + + base.HandleAlertWarningMessage(alertDescription); + } + + /// + protected virtual void NotifyClientCertificate(Certificate clientCertificate) + { + if (null == m_certificateRequest) + throw new TlsFatalAlert(AlertDescription.internal_error); + + TlsUtilities.ProcessClientCertificate(m_tlsServerContext, clientCertificate, m_keyExchange, m_tlsServer); + } + + /// + protected virtual void Receive13ClientCertificate(MemoryStream buf) + { + // TODO[tls13] This currently just duplicates 'receiveCertificateMessage' + + if (null == m_certificateRequest) + throw new TlsFatalAlert(AlertDescription.unexpected_message); + + Certificate.ParseOptions options = new Certificate.ParseOptions() + .SetMaxChainLength(m_tlsServer.GetMaxCertificateChainLength()); + + Certificate clientCertificate = Certificate.Parse(options, m_tlsServerContext, buf, null); + + AssertEmpty(buf); + + NotifyClientCertificate(clientCertificate); + } + + /// + protected void Receive13ClientCertificateVerify(MemoryStream buf) + { + Certificate clientCertificate = m_tlsServerContext.SecurityParameters.PeerCertificate; + if (null == clientCertificate || clientCertificate.IsEmpty) + throw new TlsFatalAlert(AlertDescription.internal_error); + + // TODO[tls13] Actual structure is 'CertificateVerify' in RFC 8446, consider adding for clarity + DigitallySigned certificateVerify = DigitallySigned.Parse(m_tlsServerContext, buf); + + AssertEmpty(buf); + + TlsUtilities.Verify13CertificateVerifyClient(m_tlsServerContext, m_certificateRequest, certificateVerify, + m_handshakeHash); + } + + /// + protected virtual void Receive13ClientFinished(MemoryStream buf) + { + Process13FinishedMessage(buf); + } + + /// + protected virtual void ReceiveCertificateMessage(MemoryStream buf) + { + if (null == m_certificateRequest) + throw new TlsFatalAlert(AlertDescription.unexpected_message); + + Certificate.ParseOptions options = new Certificate.ParseOptions() + .SetMaxChainLength(m_tlsServer.GetMaxCertificateChainLength()); + + Certificate clientCertificate = Certificate.Parse(options, m_tlsServerContext, buf, null); + + AssertEmpty(buf); + + NotifyClientCertificate(clientCertificate); + } + + /// + protected virtual void ReceiveCertificateVerifyMessage(MemoryStream buf) + { + DigitallySigned certificateVerify = DigitallySigned.Parse(m_tlsServerContext, buf); + + AssertEmpty(buf); + + TlsUtilities.VerifyCertificateVerifyClient(m_tlsServerContext, m_certificateRequest, certificateVerify, + m_handshakeHash); + + m_handshakeHash.StopTracking(); + } + + /// + protected virtual ClientHello ReceiveClientHelloMessage(MemoryStream buf) + { + return ClientHello.Parse(buf, null); + } + + /// + protected virtual void ReceiveClientKeyExchangeMessage(MemoryStream buf) + { + m_keyExchange.ProcessClientKeyExchange(buf); + + AssertEmpty(buf); + + bool isSsl = TlsUtilities.IsSsl(m_tlsServerContext); + if (isSsl) + { + // NOTE: For SSLv3 (only), master_secret needed to calculate session hash + EstablishMasterSecret(m_tlsServerContext, m_keyExchange); + } + + m_tlsServerContext.SecurityParameters.m_sessionHash = TlsUtilities.GetCurrentPrfHash(m_handshakeHash); + + if (!isSsl) + { + // NOTE: For (D)TLS, session hash potentially needed for extended_master_secret + EstablishMasterSecret(m_tlsServerContext, m_keyExchange); + } + + m_recordStream.SetPendingCipher(TlsUtilities.InitCipher(m_tlsServerContext)); + + if (!ExpectCertificateVerifyMessage()) + { + m_handshakeHash.StopTracking(); + } + } + + /// + protected virtual void Send13EncryptedExtensionsMessage(IDictionary serverExtensions) + { + // TODO[tls13] Avoid extra copy; use placeholder to write opaque-16 data directly to message buffer + + byte[] extBytes = WriteExtensionsData(serverExtensions); + + HandshakeMessageOutput message = new HandshakeMessageOutput(HandshakeType.encrypted_extensions); + TlsUtilities.WriteOpaque16(extBytes, message); + message.Send(this); + } + + /// + protected virtual void Send13ServerHelloCoda(ServerHello serverHello, bool afterHelloRetryRequest) + { + SecurityParameters securityParameters = m_tlsServerContext.SecurityParameters; + + byte[] serverHelloTranscriptHash = TlsUtilities.GetCurrentPrfHash(m_handshakeHash); + + TlsUtilities.Establish13PhaseHandshake(m_tlsServerContext, serverHelloTranscriptHash, m_recordStream); + + m_recordStream.EnablePendingCipherWrite(); + m_recordStream.EnablePendingCipherRead(true); + + Send13EncryptedExtensionsMessage(m_serverExtensions); + this.m_connectionState = CS_SERVER_ENCRYPTED_EXTENSIONS; + + if (m_selectedPsk13) + { + /* + * For PSK-only key exchange, there's no CertificateRequest, Certificate, CertificateVerify. + */ + } + else + { + // CertificateRequest + { + this.m_certificateRequest = m_tlsServer.GetCertificateRequest(); + if (null != m_certificateRequest) + { + if (!m_certificateRequest.HasCertificateRequestContext(TlsUtilities.EmptyBytes)) + throw new TlsFatalAlert(AlertDescription.internal_error); + + TlsUtilities.EstablishServerSigAlgs(securityParameters, m_certificateRequest); + + SendCertificateRequestMessage(m_certificateRequest); + this.m_connectionState = CS_SERVER_CERTIFICATE_REQUEST; + } + } + + TlsCredentialedSigner serverCredentials = TlsUtilities.Establish13ServerCredentials(m_tlsServer); + if (null == serverCredentials) + throw new TlsFatalAlert(AlertDescription.internal_error); + + // Certificate + { + /* + * TODO[tls13] Note that we are expecting the TlsServer implementation to take care of + * e.g. adding optional "status_request" extension to each CertificateEntry. + */ + /* + * No CertificateStatus message is sent; TLS 1.3 uses per-CertificateEntry + * "status_request" extension instead. + */ + + Certificate serverCertificate = serverCredentials.Certificate; + Send13CertificateMessage(serverCertificate); + securityParameters.m_tlsServerEndPoint = null; + this.m_connectionState = CS_SERVER_CERTIFICATE; + } + + // CertificateVerify + { + DigitallySigned certificateVerify = TlsUtilities.Generate13CertificateVerify(m_tlsServerContext, + serverCredentials, m_handshakeHash); + Send13CertificateVerifyMessage(certificateVerify); + this.m_connectionState = CS_CLIENT_CERTIFICATE_VERIFY; + } + } + + // Finished + { + Send13FinishedMessage(); + this.m_connectionState = CS_SERVER_FINISHED; + } + + byte[] serverFinishedTranscriptHash = TlsUtilities.GetCurrentPrfHash(m_handshakeHash); + + TlsUtilities.Establish13PhaseApplication(m_tlsServerContext, serverFinishedTranscriptHash, m_recordStream); + + m_recordStream.EnablePendingCipherWrite(); + } + + /// + protected virtual void SendCertificateRequestMessage(CertificateRequest certificateRequest) + { + HandshakeMessageOutput message = new HandshakeMessageOutput(HandshakeType.certificate_request); + certificateRequest.Encode(m_tlsServerContext, message); + message.Send(this); + } + + /// + protected virtual void SendCertificateStatusMessage(CertificateStatus certificateStatus) + { + HandshakeMessageOutput message = new HandshakeMessageOutput(HandshakeType.certificate_status); + // TODO[tls13] Ensure this cannot happen for (D)TLS1.3+ + certificateStatus.Encode(message); + message.Send(this); + } + + /// + protected virtual void SendHelloRequestMessage() + { + HandshakeMessageOutput.Send(this, HandshakeType.hello_request, TlsUtilities.EmptyBytes); + } + + /// + protected virtual void SendNewSessionTicketMessage(NewSessionTicket newSessionTicket) + { + if (newSessionTicket == null) + throw new TlsFatalAlert(AlertDescription.internal_error); + + HandshakeMessageOutput message = new HandshakeMessageOutput(HandshakeType.new_session_ticket); + newSessionTicket.Encode(message); + message.Send(this); + } + + /// + protected virtual void SendServerHelloDoneMessage() + { + HandshakeMessageOutput.Send(this, HandshakeType.server_hello_done, TlsUtilities.EmptyBytes); + } + + /// + protected virtual void SendServerHelloMessage(ServerHello serverHello) + { + HandshakeMessageOutput message = new HandshakeMessageOutput(HandshakeType.server_hello); + serverHello.Encode(m_tlsServerContext, message); + message.Send(this); + } + + /// + protected virtual void SendServerKeyExchangeMessage(byte[] serverKeyExchange) + { + HandshakeMessageOutput.Send(this, HandshakeType.server_key_exchange, serverKeyExchange); + } + + /// + protected virtual void Skip13ClientCertificate() + { + if (null != m_certificateRequest) + throw new TlsFatalAlert(AlertDescription.unexpected_message); + } + + /// + protected virtual void Skip13ClientCertificateVerify() + { + if (ExpectCertificateVerifyMessage()) + throw new TlsFatalAlert(AlertDescription.unexpected_message); + } + } +} diff --git a/BouncyCastle/crypto/src/tls/TlsSession.cs b/BouncyCastle/crypto/src/tls/TlsSession.cs new file mode 100644 index 0000000..bc68757 --- /dev/null +++ b/BouncyCastle/crypto/src/tls/TlsSession.cs @@ -0,0 +1,16 @@ +using System; + +namespace Org.BouncyCastle.Tls +{ + /// Base interface for a carrier object for a TLS session. + public interface TlsSession + { + SessionParameters ExportSessionParameters(); + + byte[] SessionID { get; } + + void Invalidate(); + + bool IsResumable { get; } + } +} diff --git a/BouncyCastle/crypto/src/tls/TlsSessionImpl.cs b/BouncyCastle/crypto/src/tls/TlsSessionImpl.cs new file mode 100644 index 0000000..a4eb6b9 --- /dev/null +++ b/BouncyCastle/crypto/src/tls/TlsSessionImpl.cs @@ -0,0 +1,52 @@ +using System; + +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Tls +{ + internal class TlsSessionImpl + : TlsSession + { + private readonly byte[] m_sessionID; + private readonly SessionParameters m_sessionParameters; + private bool m_resumable; + + internal TlsSessionImpl(byte[] sessionID, SessionParameters sessionParameters) + { + if (sessionID == null) + throw new ArgumentNullException("sessionID"); + if (sessionID.Length > 32) + throw new ArgumentException("cannot be longer than 32 bytes", "sessionID"); + + this.m_sessionID = Arrays.Clone(sessionID); + this.m_sessionParameters = sessionParameters; + this.m_resumable = sessionID.Length > 0 && null != sessionParameters; + } + + public SessionParameters ExportSessionParameters() + { + lock (this) + { + return m_sessionParameters == null ? null : m_sessionParameters.Copy(); + } + } + + public byte[] SessionID + { + get { lock (this) return m_sessionID; } + } + + public void Invalidate() + { + lock (this) + { + this.m_resumable = false; + } + } + + public bool IsResumable + { + get { lock (this) return m_resumable; } + } + } +} diff --git a/BouncyCastle/crypto/src/tls/TlsSrpConfigVerifier.cs b/BouncyCastle/crypto/src/tls/TlsSrpConfigVerifier.cs new file mode 100644 index 0000000..e4d83ab --- /dev/null +++ b/BouncyCastle/crypto/src/tls/TlsSrpConfigVerifier.cs @@ -0,0 +1,15 @@ +using System; + +using Org.BouncyCastle.Tls.Crypto; + +namespace Org.BouncyCastle.Tls +{ + /// Interface for verifying SRP config needs to conform to. + public interface TlsSrpConfigVerifier + { + /// Check whether the given SRP configuration is acceptable for use. + /// the to check. + /// true if (and only if) the specified configuration is acceptable. + bool Accept(TlsSrpConfig srpConfig); + } +} diff --git a/BouncyCastle/crypto/src/tls/TlsSrpIdentity.cs b/BouncyCastle/crypto/src/tls/TlsSrpIdentity.cs new file mode 100644 index 0000000..c0492e4 --- /dev/null +++ b/BouncyCastle/crypto/src/tls/TlsSrpIdentity.cs @@ -0,0 +1,12 @@ +using System; + +namespace Org.BouncyCastle.Tls +{ + /// Processor interface for an SRP identity. + public interface TlsSrpIdentity + { + byte[] GetSrpIdentity(); + + byte[] GetSrpPassword(); + } +} diff --git a/BouncyCastle/crypto/src/tls/TlsSrpIdentityManager.cs b/BouncyCastle/crypto/src/tls/TlsSrpIdentityManager.cs new file mode 100644 index 0000000..1cc2840 --- /dev/null +++ b/BouncyCastle/crypto/src/tls/TlsSrpIdentityManager.cs @@ -0,0 +1,18 @@ +using System; + +namespace Org.BouncyCastle.Tls +{ + /// Base interface for an object that can return login parameters from an SRP identity. + public interface TlsSrpIdentityManager + { + /// Lookup the corresponding to the specified identity. + /// + /// NOTE: To avoid "identity probing", unknown identities SHOULD be handled as recommended in RFC 5054 2.5.1.3. + /// is provided for this purpose. + /// + /// the SRP identity sent by the connecting client. + /// the for the specified identity, or else 'simulated' parameters + /// if the identity is not recognized. A null value is also allowed, but not recommended. + TlsSrpLoginParameters GetLoginParameters(byte[] identity); + } +} diff --git a/BouncyCastle/crypto/src/tls/TlsSrpKeyExchange.cs b/BouncyCastle/crypto/src/tls/TlsSrpKeyExchange.cs new file mode 100644 index 0000000..b4b35ae --- /dev/null +++ b/BouncyCastle/crypto/src/tls/TlsSrpKeyExchange.cs @@ -0,0 +1,187 @@ +using System; +using System.IO; + +using Org.BouncyCastle.Tls.Crypto; +using Org.BouncyCastle.Math; +using Org.BouncyCastle.Utilities; +using Org.BouncyCastle.Utilities.IO; + +namespace Org.BouncyCastle.Tls +{ + /// (D)TLS SRP key exchange (RFC 5054). + public class TlsSrpKeyExchange + : AbstractTlsKeyExchange + { + private static int CheckKeyExchange(int keyExchange) + { + switch (keyExchange) + { + case KeyExchangeAlgorithm.SRP: + case KeyExchangeAlgorithm.SRP_DSS: + case KeyExchangeAlgorithm.SRP_RSA: + return keyExchange; + default: + throw new ArgumentException("unsupported key exchange algorithm", "keyExchange"); + } + } + + protected TlsSrpIdentity m_srpIdentity; + protected TlsSrpConfigVerifier m_srpConfigVerifier; + protected TlsCertificate m_serverCertificate = null; + protected byte[] m_srpSalt = null; + protected TlsSrp6Client m_srpClient = null; + + protected TlsSrpLoginParameters m_srpLoginParameters; + protected TlsCredentialedSigner m_serverCredentials = null; + protected TlsSrp6Server m_srpServer = null; + + protected BigInteger m_srpPeerCredentials = null; + + public TlsSrpKeyExchange(int keyExchange, TlsSrpIdentity srpIdentity, TlsSrpConfigVerifier srpConfigVerifier) + : base(CheckKeyExchange(keyExchange)) + { + this.m_srpIdentity = srpIdentity; + this.m_srpConfigVerifier = srpConfigVerifier; + } + + public TlsSrpKeyExchange(int keyExchange, TlsSrpLoginParameters srpLoginParameters) + : base(CheckKeyExchange(keyExchange)) + { + this.m_srpLoginParameters = srpLoginParameters; + } + + public override void SkipServerCredentials() + { + if (m_keyExchange != KeyExchangeAlgorithm.SRP) + throw new TlsFatalAlert(AlertDescription.internal_error); + } + + public override void ProcessServerCredentials(TlsCredentials serverCredentials) + { + if (m_keyExchange == KeyExchangeAlgorithm.SRP) + throw new TlsFatalAlert(AlertDescription.internal_error); + + this.m_serverCredentials = TlsUtilities.RequireSignerCredentials(serverCredentials); + } + + public override void ProcessServerCertificate(Certificate serverCertificate) + { + if (m_keyExchange == KeyExchangeAlgorithm.SRP) + throw new TlsFatalAlert(AlertDescription.internal_error); + + this.m_serverCertificate = serverCertificate.GetCertificateAt(0); + } + + public override bool RequiresServerKeyExchange + { + get { return true; } + } + + public override byte[] GenerateServerKeyExchange() + { + TlsSrpConfig config = m_srpLoginParameters.Config; + + this.m_srpServer = m_context.Crypto.CreateSrp6Server(config, m_srpLoginParameters.Verifier); + + BigInteger B = m_srpServer.GenerateServerCredentials(); + + BigInteger[] ng = config.GetExplicitNG(); + ServerSrpParams srpParams = new ServerSrpParams(ng[0], ng[1], m_srpLoginParameters.Salt, B); + + DigestInputBuffer digestBuffer = new DigestInputBuffer(); + + srpParams.Encode(digestBuffer); + + if (m_serverCredentials != null) + { + TlsUtilities.GenerateServerKeyExchangeSignature(m_context, m_serverCredentials, null, digestBuffer); + } + + return digestBuffer.ToArray(); + } + + public override void ProcessServerKeyExchange(Stream input) + { + DigestInputBuffer digestBuffer = null; + Stream teeIn = input; + + if (m_keyExchange != KeyExchangeAlgorithm.SRP) + { + digestBuffer = new DigestInputBuffer(); + teeIn = new TeeInputStream(input, digestBuffer); + } + + ServerSrpParams srpParams = ServerSrpParams.Parse(teeIn); + + if (digestBuffer != null) + { + TlsUtilities.VerifyServerKeyExchangeSignature(m_context, input, m_serverCertificate, null, + digestBuffer); + } + + TlsSrpConfig config = new TlsSrpConfig(); + config.SetExplicitNG(new BigInteger[]{ srpParams.N, srpParams.G }); + + if (!m_srpConfigVerifier.Accept(config)) + throw new TlsFatalAlert(AlertDescription.insufficient_security); + + this.m_srpSalt = srpParams.S; + + /* + * RFC 5054 2.5.3: The client MUST abort the handshake with an "illegal_parameter" alert if + * B % N = 0. + */ + this.m_srpPeerCredentials = ValidatePublicValue(srpParams.N, srpParams.B); + this.m_srpClient = m_context.Crypto.CreateSrp6Client(config); + } + + public override void ProcessClientCredentials(TlsCredentials clientCredentials) + { + throw new TlsFatalAlert(AlertDescription.internal_error); + } + + public override void GenerateClientKeyExchange(Stream output) + { + byte[] identity = m_srpIdentity.GetSrpIdentity(); + byte[] password = m_srpIdentity.GetSrpPassword(); + + BigInteger A = m_srpClient.GenerateClientCredentials(m_srpSalt, identity, password); + TlsSrpUtilities.WriteSrpParameter(A, output); + + m_context.SecurityParameters.m_srpIdentity = Arrays.Clone(identity); + } + + public override void ProcessClientKeyExchange(Stream input) + { + /* + * RFC 5054 2.5.4: The server MUST abort the handshake with an "illegal_parameter" alert if + * A % N = 0. + */ + this.m_srpPeerCredentials = ValidatePublicValue(m_srpLoginParameters.Config.GetExplicitNG()[0], + TlsSrpUtilities.ReadSrpParameter(input)); + + m_context.SecurityParameters.m_srpIdentity = Arrays.Clone(m_srpLoginParameters.Identity); + } + + public override TlsSecret GeneratePreMasterSecret() + { + BigInteger S = m_srpServer != null + ? m_srpServer.CalculateSecret(m_srpPeerCredentials) + : m_srpClient.CalculateSecret(m_srpPeerCredentials); + + // TODO Check if this needs to be a fixed size + return m_context.Crypto.CreateSecret(BigIntegers.AsUnsignedByteArray(S)); + } + + protected static BigInteger ValidatePublicValue(BigInteger N, BigInteger val) + { + val = val.Mod(N); + + // Check that val % N != 0 + if (val.Equals(BigInteger.Zero)) + throw new TlsFatalAlert(AlertDescription.illegal_parameter); + + return val; + } + } +} diff --git a/BouncyCastle/crypto/src/tls/TlsSrpLoginParameters.cs b/BouncyCastle/crypto/src/tls/TlsSrpLoginParameters.cs new file mode 100644 index 0000000..2dda942 --- /dev/null +++ b/BouncyCastle/crypto/src/tls/TlsSrpLoginParameters.cs @@ -0,0 +1,44 @@ +using System; + +using Org.BouncyCastle.Math; +using Org.BouncyCastle.Tls.Crypto; +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Tls +{ + public class TlsSrpLoginParameters + { + protected byte[] m_identity; + protected TlsSrpConfig m_srpConfig; + protected BigInteger m_verifier; + protected byte[] m_salt; + + public TlsSrpLoginParameters(byte[] identity, TlsSrpConfig srpConfig, BigInteger verifier, byte[] salt) + { + this.m_identity = Arrays.Clone(identity); + this.m_srpConfig = srpConfig; + this.m_verifier = verifier; + this.m_salt = Arrays.Clone(salt); + } + + public virtual TlsSrpConfig Config + { + get { return m_srpConfig; } + } + + public virtual byte[] Identity + { + get { return m_identity; } + } + + public virtual byte[] Salt + { + get { return m_salt; } + } + + public virtual BigInteger Verifier + { + get { return m_verifier; } + } + } +} diff --git a/BouncyCastle/crypto/src/tls/TlsSrpUtilities.cs b/BouncyCastle/crypto/src/tls/TlsSrpUtilities.cs new file mode 100644 index 0000000..c36a667 --- /dev/null +++ b/BouncyCastle/crypto/src/tls/TlsSrpUtilities.cs @@ -0,0 +1,69 @@ +using System; +using System.Collections; +using System.IO; + +using Org.BouncyCastle.Math; +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Tls +{ + public abstract class TlsSrpUtilities + { + /// + public static void AddSrpExtension(IDictionary extensions, byte[] identity) + { + extensions[ExtensionType.srp] = CreateSrpExtension(identity); + } + + /// + public static byte[] GetSrpExtension(IDictionary extensions) + { + byte[] extensionData = TlsUtilities.GetExtensionData(extensions, ExtensionType.srp); + return extensionData == null ? null : ReadSrpExtension(extensionData); + } + + /// + public static byte[] CreateSrpExtension(byte[] identity) + { + if (identity == null) + throw new TlsFatalAlert(AlertDescription.internal_error); + + return TlsUtilities.EncodeOpaque8(identity); + } + + /// + public static byte[] ReadSrpExtension(byte[] extensionData) + { + if (extensionData == null) + throw new ArgumentNullException("extensionData"); + + return TlsUtilities.DecodeOpaque8(extensionData, 1); + } + + /// + public static BigInteger ReadSrpParameter(Stream input) + { + return new BigInteger(1, TlsUtilities.ReadOpaque16(input, 1)); + } + + /// + public static void WriteSrpParameter(BigInteger x, Stream output) + { + TlsUtilities.WriteOpaque16(BigIntegers.AsUnsignedByteArray(x), output); + } + + public static bool IsSrpCipherSuite(int cipherSuite) + { + switch (TlsUtilities.GetKeyExchangeAlgorithm(cipherSuite)) + { + case KeyExchangeAlgorithm.SRP: + case KeyExchangeAlgorithm.SRP_DSS: + case KeyExchangeAlgorithm.SRP_RSA: + return true; + + default: + return false; + } + } + } +} diff --git a/BouncyCastle/crypto/src/tls/TlsSrtpUtilities.cs b/BouncyCastle/crypto/src/tls/TlsSrtpUtilities.cs new file mode 100644 index 0000000..72a9e77 --- /dev/null +++ b/BouncyCastle/crypto/src/tls/TlsSrtpUtilities.cs @@ -0,0 +1,63 @@ +using System; +using System.Collections; +using System.IO; + +namespace Org.BouncyCastle.Tls +{ + /// RFC 5764 DTLS Extension to Establish Keys for SRTP. + public abstract class TlsSrtpUtilities +{ + /// + public static void AddUseSrtpExtension(IDictionary extensions, UseSrtpData useSrtpData) + { + extensions[ExtensionType.use_srtp] = CreateUseSrtpExtension(useSrtpData); + } + + /// + public static UseSrtpData GetUseSrtpExtension(IDictionary extensions) + { + byte[] extensionData = TlsUtilities.GetExtensionData(extensions, ExtensionType.use_srtp); + return extensionData == null ? null : ReadUseSrtpExtension(extensionData); + } + + /// + public static byte[] CreateUseSrtpExtension(UseSrtpData useSrtpData) + { + if (useSrtpData == null) + throw new ArgumentNullException("useSrtpData"); + + MemoryStream buf = new MemoryStream(); + + // SRTPProtectionProfiles + TlsUtilities.WriteUint16ArrayWithUint16Length(useSrtpData.ProtectionProfiles, buf); + + // srtp_mki + TlsUtilities.WriteOpaque8(useSrtpData.Mki, buf); + + return buf.ToArray(); + } + + /// + public static UseSrtpData ReadUseSrtpExtension(byte[] extensionData) + { + if (extensionData == null) + throw new ArgumentNullException("extensionData"); + + MemoryStream buf = new MemoryStream(extensionData, false); + + // SRTPProtectionProfiles + int length = TlsUtilities.ReadUint16(buf); + if (length < 2 || (length & 1) != 0) + throw new TlsFatalAlert(AlertDescription.decode_error); + + int[] protectionProfiles = TlsUtilities.ReadUint16Array(length / 2, buf); + + // srtp_mki + byte[] mki = TlsUtilities.ReadOpaque8(buf); + + TlsProtocol.AssertEmpty(buf); + + return new UseSrtpData(protectionProfiles, mki); + } + } +} diff --git a/BouncyCastle/crypto/src/tls/TlsStream.cs b/BouncyCastle/crypto/src/tls/TlsStream.cs new file mode 100644 index 0000000..9ca88a2 --- /dev/null +++ b/BouncyCastle/crypto/src/tls/TlsStream.cs @@ -0,0 +1,96 @@ +using System; +using System.IO; + +namespace Org.BouncyCastle.Tls +{ + internal class TlsStream + : Stream + { + private readonly TlsProtocol m_handler; + + internal TlsStream(TlsProtocol handler) + { + this.m_handler = handler; + } + + public override bool CanRead + { + get { return !m_handler.IsClosed; } + } + + public override bool CanSeek + { + get { return false; } + } + + public override bool CanWrite + { + get { return !m_handler.IsClosed; } + } + +#if PORTABLE + protected override void Dispose(bool disposing) + { + if (disposing) + { + m_handler.Close(); + } + base.Dispose(disposing); + } +#else + public override void Close() + { + m_handler.Close(); + base.Close(); + } +#endif + + public override void Flush() + { + m_handler.Flush(); + } + + public override long Length + { + get { throw new NotSupportedException(); } + } + + public override long Position + { + get { throw new NotSupportedException(); } + set { throw new NotSupportedException(); } + } + + public override int Read(byte[] buf, int off, int len) + { + return m_handler.ReadApplicationData(buf, off, len); + } + + public override int ReadByte() + { + byte[] buf = new byte[1]; + int ret = Read(buf, 0, 1); + return ret <= 0 ? -1 : buf[0]; + } + + public override long Seek(long offset, SeekOrigin origin) + { + throw new NotSupportedException(); + } + + public override void SetLength(long value) + { + throw new NotSupportedException(); + } + + public override void Write(byte[] buf, int off, int len) + { + m_handler.WriteApplicationData(buf, off, len); + } + + public override void WriteByte(byte b) + { + Write(new byte[]{ b }, 0, 1); + } + } +} diff --git a/BouncyCastle/crypto/src/tls/TlsTimeoutException.cs b/BouncyCastle/crypto/src/tls/TlsTimeoutException.cs new file mode 100644 index 0000000..ce2e1ac --- /dev/null +++ b/BouncyCastle/crypto/src/tls/TlsTimeoutException.cs @@ -0,0 +1,24 @@ +using System; +using System.IO; + +namespace Org.BouncyCastle.Tls +{ + public class TlsTimeoutException + : IOException + { + public TlsTimeoutException() + : base() + { + } + + public TlsTimeoutException(string message) + : base(message) + { + } + + public TlsTimeoutException(string message, Exception cause) + : base(message, cause) + { + } + } +} diff --git a/BouncyCastle/crypto/src/tls/TlsUtilities.cs b/BouncyCastle/crypto/src/tls/TlsUtilities.cs new file mode 100644 index 0000000..05d38c5 --- /dev/null +++ b/BouncyCastle/crypto/src/tls/TlsUtilities.cs @@ -0,0 +1,5736 @@ +using System; +using System.Collections; +using System.IO; +#if !PORTABLE || DOTNET +using System.Net.Sockets; +#endif + +using Org.BouncyCastle.Asn1; +using Org.BouncyCastle.Asn1.Bsi; +using Org.BouncyCastle.Asn1.Eac; +using Org.BouncyCastle.Asn1.EdEC; +using Org.BouncyCastle.Asn1.Nist; +using Org.BouncyCastle.Asn1.Oiw; +using Org.BouncyCastle.Asn1.Pkcs; +using Org.BouncyCastle.Asn1.Rosstandart; +using Org.BouncyCastle.Asn1.X509; +using Org.BouncyCastle.Asn1.X9; +using Org.BouncyCastle.Math; +using Org.BouncyCastle.Tls.Crypto; +using Org.BouncyCastle.Utilities; +using Org.BouncyCastle.Utilities.Date; +using Org.BouncyCastle.Utilities.Encoders; +using Org.BouncyCastle.Utilities.IO; + +namespace Org.BouncyCastle.Tls +{ + public abstract class TlsUtilities + { + private static readonly byte[] DowngradeTlsV11 = Hex.DecodeStrict("444F574E47524400"); + private static readonly byte[] DowngradeTlsV12 = Hex.DecodeStrict("444F574E47524401"); + + private static readonly IDictionary CertSigAlgOids = CreateCertSigAlgOids(); + private static readonly IList DefaultSupportedSigAlgs = CreateDefaultSupportedSigAlgs(); + + private static void AddCertSigAlgOid(IDictionary d, DerObjectIdentifier oid, + SignatureAndHashAlgorithm sigAndHash) + { + d[oid.Id] = sigAndHash; + } + + private static void AddCertSigAlgOid(IDictionary d, DerObjectIdentifier oid, short hashAlgorithm, + short signatureAlgorithm) + { + AddCertSigAlgOid(d, oid, SignatureAndHashAlgorithm.GetInstance(hashAlgorithm, signatureAlgorithm)); + } + + private static IDictionary CreateCertSigAlgOids() + { + IDictionary d = Platform.CreateHashtable(); + + AddCertSigAlgOid(d, NistObjectIdentifiers.DsaWithSha224, HashAlgorithm.sha224, SignatureAlgorithm.dsa); + AddCertSigAlgOid(d, NistObjectIdentifiers.DsaWithSha256, HashAlgorithm.sha256, SignatureAlgorithm.dsa); + AddCertSigAlgOid(d, NistObjectIdentifiers.DsaWithSha384, HashAlgorithm.sha384, SignatureAlgorithm.dsa); + AddCertSigAlgOid(d, NistObjectIdentifiers.DsaWithSha512, HashAlgorithm.sha512, SignatureAlgorithm.dsa); + + AddCertSigAlgOid(d, OiwObjectIdentifiers.DsaWithSha1, HashAlgorithm.sha1, SignatureAlgorithm.dsa); + AddCertSigAlgOid(d, OiwObjectIdentifiers.Sha1WithRsa, HashAlgorithm.sha1, SignatureAlgorithm.rsa); + + AddCertSigAlgOid(d, PkcsObjectIdentifiers.Sha1WithRsaEncryption, HashAlgorithm.sha1, SignatureAlgorithm.rsa); + AddCertSigAlgOid(d, PkcsObjectIdentifiers.Sha224WithRsaEncryption, HashAlgorithm.sha224, SignatureAlgorithm.rsa); + AddCertSigAlgOid(d, PkcsObjectIdentifiers.Sha256WithRsaEncryption, HashAlgorithm.sha256, SignatureAlgorithm.rsa); + AddCertSigAlgOid(d, PkcsObjectIdentifiers.Sha384WithRsaEncryption, HashAlgorithm.sha384, SignatureAlgorithm.rsa); + AddCertSigAlgOid(d, PkcsObjectIdentifiers.Sha512WithRsaEncryption, HashAlgorithm.sha512, SignatureAlgorithm.rsa); + + AddCertSigAlgOid(d, X9ObjectIdentifiers.ECDsaWithSha1, HashAlgorithm.sha1, SignatureAlgorithm.ecdsa); + AddCertSigAlgOid(d, X9ObjectIdentifiers.ECDsaWithSha224, HashAlgorithm.sha224, SignatureAlgorithm.ecdsa); + AddCertSigAlgOid(d, X9ObjectIdentifiers.ECDsaWithSha256, HashAlgorithm.sha256, SignatureAlgorithm.ecdsa); + AddCertSigAlgOid(d, X9ObjectIdentifiers.ECDsaWithSha384, HashAlgorithm.sha384, SignatureAlgorithm.ecdsa); + AddCertSigAlgOid(d, X9ObjectIdentifiers.ECDsaWithSha512, HashAlgorithm.sha512, SignatureAlgorithm.ecdsa); + AddCertSigAlgOid(d, X9ObjectIdentifiers.IdDsaWithSha1, HashAlgorithm.sha1, SignatureAlgorithm.dsa); + + AddCertSigAlgOid(d, EacObjectIdentifiers.id_TA_ECDSA_SHA_1, HashAlgorithm.sha1, SignatureAlgorithm.ecdsa); + AddCertSigAlgOid(d, EacObjectIdentifiers.id_TA_ECDSA_SHA_224, HashAlgorithm.sha224, SignatureAlgorithm.ecdsa); + AddCertSigAlgOid(d, EacObjectIdentifiers.id_TA_ECDSA_SHA_256, HashAlgorithm.sha256, SignatureAlgorithm.ecdsa); + AddCertSigAlgOid(d, EacObjectIdentifiers.id_TA_ECDSA_SHA_384, HashAlgorithm.sha384, SignatureAlgorithm.ecdsa); + AddCertSigAlgOid(d, EacObjectIdentifiers.id_TA_ECDSA_SHA_512, HashAlgorithm.sha512, SignatureAlgorithm.ecdsa); + AddCertSigAlgOid(d, EacObjectIdentifiers.id_TA_RSA_v1_5_SHA_1, HashAlgorithm.sha1, SignatureAlgorithm.rsa); + AddCertSigAlgOid(d, EacObjectIdentifiers.id_TA_RSA_v1_5_SHA_256, HashAlgorithm.sha256, SignatureAlgorithm.rsa); + + AddCertSigAlgOid(d, BsiObjectIdentifiers.ecdsa_plain_SHA1, HashAlgorithm.sha1, SignatureAlgorithm.ecdsa); + AddCertSigAlgOid(d, BsiObjectIdentifiers.ecdsa_plain_SHA224, HashAlgorithm.sha224, SignatureAlgorithm.ecdsa); + AddCertSigAlgOid(d, BsiObjectIdentifiers.ecdsa_plain_SHA256, HashAlgorithm.sha256, SignatureAlgorithm.ecdsa); + AddCertSigAlgOid(d, BsiObjectIdentifiers.ecdsa_plain_SHA384, HashAlgorithm.sha384, SignatureAlgorithm.ecdsa); + AddCertSigAlgOid(d, BsiObjectIdentifiers.ecdsa_plain_SHA512, HashAlgorithm.sha512, SignatureAlgorithm.ecdsa); + + AddCertSigAlgOid(d, EdECObjectIdentifiers.id_Ed25519, SignatureAndHashAlgorithm.ed25519); + AddCertSigAlgOid(d, EdECObjectIdentifiers.id_Ed448, SignatureAndHashAlgorithm.ed448); + + AddCertSigAlgOid(d, RosstandartObjectIdentifiers.id_tc26_signwithdigest_gost_3410_12_256, + SignatureAndHashAlgorithm.gostr34102012_256); + AddCertSigAlgOid(d, RosstandartObjectIdentifiers.id_tc26_signwithdigest_gost_3410_12_512, + SignatureAndHashAlgorithm.gostr34102012_512); + + // TODO[RFC 8998] + //AddCertSigAlgOid(d, GMObjectIdentifiers.sm2sign_with_sm3, HashAlgorithm.sm3, SignatureAlgorithm.sm2); + + return d; + } + + private static IList CreateDefaultSupportedSigAlgs() + { + IList result = Platform.CreateArrayList(); + result.Add(SignatureAndHashAlgorithm.ed25519); + result.Add(SignatureAndHashAlgorithm.ed448); + result.Add(SignatureAndHashAlgorithm.GetInstance(HashAlgorithm.sha256, SignatureAlgorithm.ecdsa)); + result.Add(SignatureAndHashAlgorithm.GetInstance(HashAlgorithm.sha384, SignatureAlgorithm.ecdsa)); + result.Add(SignatureAndHashAlgorithm.GetInstance(HashAlgorithm.sha512, SignatureAlgorithm.ecdsa)); + result.Add(SignatureAndHashAlgorithm.rsa_pss_rsae_sha256); + result.Add(SignatureAndHashAlgorithm.rsa_pss_rsae_sha384); + result.Add(SignatureAndHashAlgorithm.rsa_pss_rsae_sha512); + result.Add(SignatureAndHashAlgorithm.rsa_pss_pss_sha256); + result.Add(SignatureAndHashAlgorithm.rsa_pss_pss_sha384); + result.Add(SignatureAndHashAlgorithm.rsa_pss_pss_sha512); + result.Add(SignatureAndHashAlgorithm.GetInstance(HashAlgorithm.sha256, SignatureAlgorithm.rsa)); + result.Add(SignatureAndHashAlgorithm.GetInstance(HashAlgorithm.sha384, SignatureAlgorithm.rsa)); + result.Add(SignatureAndHashAlgorithm.GetInstance(HashAlgorithm.sha512, SignatureAlgorithm.rsa)); + result.Add(SignatureAndHashAlgorithm.GetInstance(HashAlgorithm.sha256, SignatureAlgorithm.dsa)); + result.Add(SignatureAndHashAlgorithm.GetInstance(HashAlgorithm.sha384, SignatureAlgorithm.dsa)); + result.Add(SignatureAndHashAlgorithm.GetInstance(HashAlgorithm.sha512, SignatureAlgorithm.dsa)); + result.Add(SignatureAndHashAlgorithm.GetInstance(HashAlgorithm.sha224, SignatureAlgorithm.ecdsa)); + result.Add(SignatureAndHashAlgorithm.GetInstance(HashAlgorithm.sha224, SignatureAlgorithm.rsa)); + result.Add(SignatureAndHashAlgorithm.GetInstance(HashAlgorithm.sha224, SignatureAlgorithm.dsa)); + result.Add(SignatureAndHashAlgorithm.GetInstance(HashAlgorithm.sha1, SignatureAlgorithm.ecdsa)); + result.Add(SignatureAndHashAlgorithm.GetInstance(HashAlgorithm.sha1, SignatureAlgorithm.rsa)); + result.Add(SignatureAndHashAlgorithm.GetInstance(HashAlgorithm.sha1, SignatureAlgorithm.dsa)); + return result; + } + + public static readonly byte[] EmptyBytes = new byte[0]; + public static readonly short[] EmptyShorts = new short[0]; + public static readonly int[] EmptyInts = new int[0]; + public static readonly long[] EmptyLongs = new long[0]; + public static readonly string[] EmptyStrings = new string[0]; + + internal static short MinimumHashStrict = HashAlgorithm.sha1; + internal static short MinimumHashPreferred = HashAlgorithm.sha256; + + public static void CheckUint8(short i) + { + if (!IsValidUint8(i)) + throw new TlsFatalAlert(AlertDescription.internal_error); + } + + public static void CheckUint8(int i) + { + if (!IsValidUint8(i)) + throw new TlsFatalAlert(AlertDescription.internal_error); + } + + public static void CheckUint8(long i) + { + if (!IsValidUint8(i)) + throw new TlsFatalAlert(AlertDescription.internal_error); + } + + public static void CheckUint16(int i) + { + if (!IsValidUint16(i)) + throw new TlsFatalAlert(AlertDescription.internal_error); + } + + public static void CheckUint16(long i) + { + if (!IsValidUint16(i)) + throw new TlsFatalAlert(AlertDescription.internal_error); + } + + public static void CheckUint24(int i) + { + if (!IsValidUint24(i)) + throw new TlsFatalAlert(AlertDescription.internal_error); + } + + public static void CheckUint24(long i) + { + if (!IsValidUint24(i)) + throw new TlsFatalAlert(AlertDescription.internal_error); + } + + public static void CheckUint32(long i) + { + if (!IsValidUint32(i)) + throw new TlsFatalAlert(AlertDescription.internal_error); + } + + public static void CheckUint48(long i) + { + if (!IsValidUint48(i)) + throw new TlsFatalAlert(AlertDescription.internal_error); + } + + public static void CheckUint64(long i) + { + if (!IsValidUint64(i)) + throw new TlsFatalAlert(AlertDescription.internal_error); + } + + public static bool IsValidUint8(short i) + { + return (i & 0xFF) == i; + } + + public static bool IsValidUint8(int i) + { + return (i & 0xFF) == i; + } + + public static bool IsValidUint8(long i) + { + return (i & 0xFFL) == i; + } + + public static bool IsValidUint16(int i) + { + return (i & 0xFFFF) == i; + } + + public static bool IsValidUint16(long i) + { + return (i & 0xFFFFL) == i; + } + + public static bool IsValidUint24(int i) + { + return (i & 0xFFFFFF) == i; + } + + public static bool IsValidUint24(long i) + { + return (i & 0xFFFFFFL) == i; + } + + public static bool IsValidUint32(long i) + { + return (i & 0xFFFFFFFFL) == i; + } + + public static bool IsValidUint48(long i) + { + return (i & 0xFFFFFFFFFFFFL) == i; + } + + public static bool IsValidUint64(long i) + { + return true; + } + + public static bool IsSsl(TlsContext context) + { + return context.ServerVersion.IsSsl; + } + + public static bool IsTlsV10(ProtocolVersion version) + { + return ProtocolVersion.TLSv10.IsEqualOrEarlierVersionOf(version.GetEquivalentTlsVersion()); + } + + public static bool IsTlsV10(TlsContext context) + { + return IsTlsV10(context.ServerVersion); + } + + public static bool IsTlsV11(ProtocolVersion version) + { + return ProtocolVersion.TLSv11.IsEqualOrEarlierVersionOf(version.GetEquivalentTlsVersion()); + } + + public static bool IsTlsV11(TlsContext context) + { + return IsTlsV11(context.ServerVersion); + } + + public static bool IsTlsV12(ProtocolVersion version) + { + return ProtocolVersion.TLSv12.IsEqualOrEarlierVersionOf(version.GetEquivalentTlsVersion()); + } + + public static bool IsTlsV12(TlsContext context) + { + return IsTlsV12(context.ServerVersion); + } + + public static bool IsTlsV13(ProtocolVersion version) + { + return ProtocolVersion.TLSv13.IsEqualOrEarlierVersionOf(version.GetEquivalentTlsVersion()); + } + + public static bool IsTlsV13(TlsContext context) + { + return IsTlsV13(context.ServerVersion); + } + + public static void WriteUint8(short i, Stream output) + { + output.WriteByte((byte)i); + } + + public static void WriteUint8(int i, Stream output) + { + output.WriteByte((byte)i); + } + + public static void WriteUint8(short i, byte[] buf, int offset) + { + buf[offset] = (byte)i; + } + + public static void WriteUint8(int i, byte[] buf, int offset) + { + buf[offset] = (byte)i; + } + + public static void WriteUint16(int i, Stream output) + { + output.WriteByte((byte)(i >> 8)); + output.WriteByte((byte)i); + } + + public static void WriteUint16(int i, byte[] buf, int offset) + { + buf[offset ] = (byte)(i >> 8); + buf[offset + 1] = (byte)i; + } + + public static void WriteUint24(int i, Stream output) + { + output.WriteByte((byte)(i >> 16)); + output.WriteByte((byte)(i >> 8)); + output.WriteByte((byte)i); + } + + public static void WriteUint24(int i, byte[] buf, int offset) + { + buf[offset ] = (byte)(i >> 16); + buf[offset + 1] = (byte)(i >> 8); + buf[offset + 2] = (byte)i; + } + + public static void WriteUint32(long i, Stream output) + { + output.WriteByte((byte)(i >> 24)); + output.WriteByte((byte)(i >> 16)); + output.WriteByte((byte)(i >> 8)); + output.WriteByte((byte)i); + } + + public static void WriteUint32(long i, byte[] buf, int offset) + { + buf[offset ] = (byte)(i >> 24); + buf[offset + 1] = (byte)(i >> 16); + buf[offset + 2] = (byte)(i >> 8); + buf[offset + 3] = (byte)i; + } + + public static void WriteUint48(long i, Stream output) + { + output.WriteByte((byte)(i >> 40)); + output.WriteByte((byte)(i >> 32)); + output.WriteByte((byte)(i >> 24)); + output.WriteByte((byte)(i >> 16)); + output.WriteByte((byte)(i >> 8)); + output.WriteByte((byte)i); + } + + public static void WriteUint48(long i, byte[] buf, int offset) + { + buf[offset ] = (byte)(i >> 40); + buf[offset + 1] = (byte)(i >> 32); + buf[offset + 2] = (byte)(i >> 24); + buf[offset + 3] = (byte)(i >> 16); + buf[offset + 4] = (byte)(i >> 8); + buf[offset + 5] = (byte)i; + } + + public static void WriteUint64(long i, Stream output) + { + output.WriteByte((byte)(i >> 56)); + output.WriteByte((byte)(i >> 48)); + output.WriteByte((byte)(i >> 40)); + output.WriteByte((byte)(i >> 32)); + output.WriteByte((byte)(i >> 24)); + output.WriteByte((byte)(i >> 16)); + output.WriteByte((byte)(i >> 8)); + output.WriteByte((byte) i); + } + + public static void WriteUint64(long i, byte[] buf, int offset) + { + buf[offset ] = (byte)(i >> 56); + buf[offset + 1] = (byte)(i >> 48); + buf[offset + 2] = (byte)(i >> 40); + buf[offset + 3] = (byte)(i >> 32); + buf[offset + 4] = (byte)(i >> 24); + buf[offset + 5] = (byte)(i >> 16); + buf[offset + 6] = (byte)(i >> 8); + buf[offset + 7] = (byte)i; + } + + public static void WriteOpaque8(byte[] buf, Stream output) + { + CheckUint8(buf.Length); + WriteUint8(buf.Length, output); + output.Write(buf, 0, buf.Length); + } + + public static void WriteOpaque8(byte[] data, byte[] buf, int off) + { + CheckUint8(data.Length); + WriteUint8(data.Length, buf, off); + Array.Copy(data, 0, buf, off + 1, data.Length); + } + + public static void WriteOpaque16(byte[] buf, Stream output) + { + CheckUint16(buf.Length); + WriteUint16(buf.Length, output); + output.Write(buf, 0, buf.Length); + } + + public static void WriteOpaque16(byte[] data, byte[] buf, int off) + { + CheckUint16(data.Length); + WriteUint16(data.Length, buf, off); + Array.Copy(data, 0, buf, off + 2, data.Length); + } + + public static void WriteOpaque24(byte[] buf, Stream output) + { + CheckUint24(buf.Length); + WriteUint24(buf.Length, output); + output.Write(buf, 0, buf.Length); + } + + public static void WriteOpaque24(byte[] data, byte[] buf, int off) + { + CheckUint24(data.Length); + WriteUint24(data.Length, buf, off); + Array.Copy(data, 0, buf, off + 3, data.Length); + } + + public static void WriteUint8Array(short[] u8s, Stream output) + { + for (int i = 0; i < u8s.Length; ++i) + { + WriteUint8(u8s[i], output); + } + } + + public static void WriteUint8Array(short[] u8s, byte[] buf, int offset) + { + for (int i = 0; i < u8s.Length; ++i) + { + WriteUint8(u8s[i], buf, offset); + ++offset; + } + } + + public static void WriteUint8ArrayWithUint8Length(short[] u8s, Stream output) + { + CheckUint8(u8s.Length); + WriteUint8(u8s.Length, output); + WriteUint8Array(u8s, output); + } + + public static void WriteUint8ArrayWithUint8Length(short[] u8s, byte[] buf, int offset) + { + CheckUint8(u8s.Length); + WriteUint8(u8s.Length, buf, offset); + WriteUint8Array(u8s, buf, offset + 1); + } + + public static void WriteUint16Array(int[] u16s, Stream output) + { + for (int i = 0; i < u16s.Length; ++i) + { + WriteUint16(u16s[i], output); + } + } + + public static void WriteUint16Array(int[] u16s, byte[] buf, int offset) + { + for (int i = 0; i < u16s.Length; ++i) + { + WriteUint16(u16s[i], buf, offset); + offset += 2; + } + } + + public static void WriteUint16ArrayWithUint8Length(int[] u16s, byte[] buf, int offset) + { + int length = 2 * u16s.Length; + CheckUint8(length); + WriteUint8(length, buf, offset); + WriteUint16Array(u16s, buf, offset + 1); + } + + public static void WriteUint16ArrayWithUint16Length(int[] u16s, Stream output) + { + int length = 2 * u16s.Length; + CheckUint16(length); + WriteUint16(length, output); + WriteUint16Array(u16s, output); + } + + public static void WriteUint16ArrayWithUint16Length(int[] u16s, byte[] buf, int offset) + { + int length = 2 * u16s.Length; + CheckUint16(length); + WriteUint16(length, buf, offset); + WriteUint16Array(u16s, buf, offset + 2); + } + + public static byte[] DecodeOpaque8(byte[] buf) + { + return DecodeOpaque8(buf, 0); + } + + public static byte[] DecodeOpaque8(byte[] buf, int minLength) + { + if (buf == null) + throw new ArgumentNullException("buf"); + if (buf.Length < 1) + throw new TlsFatalAlert(AlertDescription.decode_error); + + short length = ReadUint8(buf, 0); + if (buf.Length != (length + 1) || length < minLength) + throw new TlsFatalAlert(AlertDescription.decode_error); + + return CopyOfRangeExact(buf, 1, buf.Length); + } + + public static byte[] DecodeOpaque16(byte[] buf) + { + return DecodeOpaque16(buf, 0); + } + + public static byte[] DecodeOpaque16(byte[] buf, int minLength) + { + if (buf == null) + throw new ArgumentNullException("buf"); + if (buf.Length < 2) + throw new TlsFatalAlert(AlertDescription.decode_error); + + int length = ReadUint16(buf, 0); + if (buf.Length != (length + 2) || length < minLength) + throw new TlsFatalAlert(AlertDescription.decode_error); + + return CopyOfRangeExact(buf, 2, buf.Length); + } + + public static short DecodeUint8(byte[] buf) + { + if (buf == null) + throw new ArgumentNullException("buf"); + if (buf.Length != 1) + throw new TlsFatalAlert(AlertDescription.decode_error); + + return ReadUint8(buf, 0); + } + + public static short[] DecodeUint8ArrayWithUint8Length(byte[] buf) + { + if (buf == null) + throw new ArgumentNullException("buf"); + + int count = ReadUint8(buf, 0); + if (buf.Length != (count + 1)) + throw new TlsFatalAlert(AlertDescription.decode_error); + + short[] uints = new short[count]; + for (int i = 0; i < count; ++i) + { + uints[i] = ReadUint8(buf, i + 1); + } + return uints; + } + + public static int DecodeUint16(byte[] buf) + { + if (buf == null) + throw new ArgumentNullException("buf"); + if (buf.Length != 2) + throw new TlsFatalAlert(AlertDescription.decode_error); + + return ReadUint16(buf, 0); + } + + public static int[] DecodeUint16ArrayWithUint8Length(byte[] buf) + { + if (buf == null) + throw new ArgumentNullException("buf"); + + int length = ReadUint8(buf, 0); + if (buf.Length != (length + 1) || (length & 1) != 0) + throw new TlsFatalAlert(AlertDescription.decode_error); + + int count = length / 2, pos = 1; + int[] u16s = new int[count]; + for (int i = 0; i < count; ++i) + { + u16s[i] = ReadUint16(buf, pos); + pos += 2; + } + return u16s; + } + + public static long DecodeUint32(byte[] buf) + { + if (buf == null) + throw new ArgumentNullException("buf"); + if (buf.Length != 4) + throw new TlsFatalAlert(AlertDescription.decode_error); + + return ReadUint32(buf, 0); + } + + public static byte[] EncodeOpaque8(byte[] buf) + { + CheckUint8(buf.Length); + return Arrays.Prepend(buf, (byte)buf.Length); + } + + public static byte[] EncodeOpaque16(byte[] buf) + { + CheckUint16(buf.Length); + byte[] r = new byte[2 + buf.Length]; + WriteUint16(buf.Length, r, 0); + Array.Copy(buf, 0, r, 2, buf.Length); + return r; + } + + public static byte[] EncodeOpaque24(byte[] buf) + { + CheckUint24(buf.Length); + byte[] r = new byte[3 + buf.Length]; + WriteUint24(buf.Length, r, 0); + Array.Copy(buf, 0, r, 3, buf.Length); + return r; + } + + public static byte[] EncodeUint8(short u8) + { + CheckUint8(u8); + + byte[] encoding = new byte[1]; + WriteUint8(u8, encoding, 0); + return encoding; + } + + public static byte[] EncodeUint8ArrayWithUint8Length(short[] u8s) + { + byte[] result = new byte[1 + u8s.Length]; + WriteUint8ArrayWithUint8Length(u8s, result, 0); + return result; + } + + public static byte[] EncodeUint16(int u16) + { + CheckUint16(u16); + + byte[] encoding = new byte[2]; + WriteUint16(u16, encoding, 0); + return encoding; + } + + public static byte[] EncodeUint16ArrayWithUint8Length(int[] u16s) + { + int length = 2 * u16s.Length; + byte[] result = new byte[1 + length]; + WriteUint16ArrayWithUint8Length(u16s, result, 0); + return result; + } + + public static byte[] EncodeUint16ArrayWithUint16Length(int[] u16s) + { + int length = 2 * u16s.Length; + byte[] result = new byte[2 + length]; + WriteUint16ArrayWithUint16Length(u16s, result, 0); + return result; + } + + public static byte[] EncodeUint24(int u24) + { + CheckUint24(u24); + + byte[] encoding = new byte[3]; + WriteUint24(u24, encoding, 0); + return encoding; + } + + public static byte[] EncodeUint32(long u32) + { + CheckUint32(u32); + + byte[] encoding = new byte[4]; + WriteUint32(u32, encoding, 0); + return encoding; + } + + public static byte[] EncodeVersion(ProtocolVersion version) + { + return new byte[]{ + (byte)version.MajorVersion, + (byte)version.MinorVersion + }; + } + + public static int ReadInt32(byte[] buf, int offset) + { + int n = buf[offset] << 24; + n |= (buf[++offset] & 0xff) << 16; + n |= (buf[++offset] & 0xff) << 8; + n |= (buf[++offset] & 0xff); + return n; + } + + public static short ReadUint8(Stream input) + { + int i = input.ReadByte(); + if (i < 0) + throw new EndOfStreamException(); + return (short)i; + } + + public static short ReadUint8(byte[] buf, int offset) + { + return (short)(buf[offset] & 0xff); + } + + public static int ReadUint16(Stream input) + { + int i1 = input.ReadByte(); + int i2 = input.ReadByte(); + if (i2 < 0) + throw new EndOfStreamException(); + return (i1 << 8) | i2; + } + + public static int ReadUint16(byte[] buf, int offset) + { + int n = (buf[offset] & 0xff) << 8; + n |= (buf[++offset] & 0xff); + return n; + } + + public static int ReadUint24(Stream input) + { + int i1 = input.ReadByte(); + int i2 = input.ReadByte(); + int i3 = input.ReadByte(); + if (i3 < 0) + throw new EndOfStreamException(); + + return (i1 << 16) | (i2 << 8) | i3; + } + + public static int ReadUint24(byte[] buf, int offset) + { + int n = (buf[offset] & 0xff) << 16; + n |= (buf[++offset] & 0xff) << 8; + n |= (buf[++offset] & 0xff); + return n; + } + + public static long ReadUint32(Stream input) + { + int i1 = input.ReadByte(); + int i2 = input.ReadByte(); + int i3 = input.ReadByte(); + int i4 = input.ReadByte(); + if (i4 < 0) + throw new EndOfStreamException(); + + return ((i1 << 24) | (i2 << 16) | (i3 << 8) | i4) & 0xFFFFFFFFL; + } + + public static long ReadUint32(byte[] buf, int offset) + { + int n = (buf[offset] & 0xff) << 24; + n |= (buf[++offset] & 0xff) << 16; + n |= (buf[++offset] & 0xff) << 8; + n |= (buf[++offset] & 0xff); + return n & 0xFFFFFFFFL; + } + + public static long ReadUint48(Stream input) + { + int hi = ReadUint24(input); + int lo = ReadUint24(input); + return ((long)(hi & 0xffffffffL) << 24) | (long)(lo & 0xffffffffL); + } + + public static long ReadUint48(byte[] buf, int offset) + { + int hi = ReadUint24(buf, offset); + int lo = ReadUint24(buf, offset + 3); + return ((long)(hi & 0xffffffffL) << 24) | (long)(lo & 0xffffffffL); + } + + public static byte[] ReadAllOrNothing(int length, Stream input) + { + if (length < 1) + return EmptyBytes; + byte[] buf = new byte[length]; + int read = Streams.ReadFully(input, buf); + if (read == 0) + return null; + if (read != length) + throw new EndOfStreamException(); + return buf; + } + + public static byte[] ReadFully(int length, Stream input) + { + if (length < 1) + return EmptyBytes; + byte[] buf = new byte[length]; + if (length != Streams.ReadFully(input, buf)) + throw new EndOfStreamException(); + return buf; + } + + public static void ReadFully(byte[] buf, Stream input) + { + int length = buf.Length; + if (length > 0 && length != Streams.ReadFully(input, buf)) + throw new EndOfStreamException(); + } + + public static byte[] ReadOpaque8(Stream input) + { + short length = ReadUint8(input); + return ReadFully(length, input); + } + + public static byte[] ReadOpaque8(Stream input, int minLength) + { + short length = ReadUint8(input); + if (length < minLength) + throw new TlsFatalAlert(AlertDescription.decode_error); + + return ReadFully(length, input); + } + + public static byte[] ReadOpaque8(Stream input, int minLength, int maxLength) + { + short length = ReadUint8(input); + if (length < minLength || maxLength < length) + throw new TlsFatalAlert(AlertDescription.decode_error); + + return ReadFully(length, input); + } + + public static byte[] ReadOpaque16(Stream input) + { + int length = ReadUint16(input); + return ReadFully(length, input); + } + + public static byte[] ReadOpaque16(Stream input, int minLength) + { + int length = ReadUint16(input); + if (length < minLength) + throw new TlsFatalAlert(AlertDescription.decode_error); + + return ReadFully(length, input); + } + + public static byte[] ReadOpaque24(Stream input) + { + int length = ReadUint24(input); + return ReadFully(length, input); + } + + public static byte[] ReadOpaque24(Stream input, int minLength) + { + int length = ReadUint24(input); + if (length < minLength) + throw new TlsFatalAlert(AlertDescription.decode_error); + + return ReadFully(length, input); + } + + public static short[] ReadUint8Array(int count, Stream input) + { + short[] uints = new short[count]; + for (int i = 0; i < count; ++i) + { + uints[i] = ReadUint8(input); + } + return uints; + } + + public static short[] ReadUint8ArrayWithUint8Length(Stream input, int minLength) + { + int length = ReadUint8(input); + if (length < minLength) + throw new TlsFatalAlert(AlertDescription.decode_error); + + return ReadUint8Array(length, input); + } + + public static int[] ReadUint16Array(int count, Stream input) + { + int[] uints = new int[count]; + for (int i = 0; i < count; ++i) + { + uints[i] = ReadUint16(input); + } + return uints; + } + + public static ProtocolVersion ReadVersion(byte[] buf, int offset) + { + return ProtocolVersion.Get(buf[offset], buf[offset + 1]); + } + + public static ProtocolVersion ReadVersion(Stream input) + { + int i1 = input.ReadByte(); + int i2 = input.ReadByte(); + if (i2 < 0) + throw new EndOfStreamException(); + + return ProtocolVersion.Get(i1, i2); + } + + public static Asn1Object ReadAsn1Object(byte[] encoding) + { + Asn1InputStream asn1 = new Asn1InputStream(encoding); + Asn1Object result = asn1.ReadObject(); + if (null == result) + throw new TlsFatalAlert(AlertDescription.decode_error); + if (null != asn1.ReadObject()) + throw new TlsFatalAlert(AlertDescription.decode_error); + + return result; + } + + /// + [Obsolete("Will be removed. Use ReadAsn1Object in combination with RequireDerEncoding instead")] + public static Asn1Object ReadDerObject(byte[] encoding) + { + /* + * NOTE: The current ASN.1 parsing code can't enforce DER-only parsing, but since DER is + * canonical, we can check it by re-encoding the result and comparing to the original. + */ + Asn1Object result = ReadAsn1Object(encoding); + RequireDerEncoding(result, encoding); + return result; + } + + /// + public static void RequireDerEncoding(Asn1Encodable asn1, byte[] encoding) + { + /* + * NOTE: The current ASN.1 parsing code can't enforce DER-only parsing, but since DER is + * canonical, we can check it by re-encoding the result and comparing to the original. + */ + byte[] check = asn1.GetEncoded(Asn1Encodable.Der); + if (!Arrays.AreEqual(check, encoding)) + throw new TlsFatalAlert(AlertDescription.decode_error); + } + + public static void WriteGmtUnixTime(byte[] buf, int offset) + { + int t = (int)(DateTimeUtilities.CurrentUnixMs() / 1000L); + buf[offset ] = (byte)(t >> 24); + buf[offset + 1] = (byte)(t >> 16); + buf[offset + 2] = (byte)(t >> 8); + buf[offset + 3] = (byte)t; + } + + public static void WriteVersion(ProtocolVersion version, Stream output) + { + output.WriteByte((byte)version.MajorVersion); + output.WriteByte((byte)version.MinorVersion); + } + + public static void WriteVersion(ProtocolVersion version, byte[] buf, int offset) + { + buf[offset] = (byte)version.MajorVersion; + buf[offset + 1] = (byte)version.MinorVersion; + } + + public static void AddIfSupported(IList supportedAlgs, TlsCrypto crypto, SignatureAndHashAlgorithm alg) + { + if (crypto.HasSignatureAndHashAlgorithm(alg)) + { + supportedAlgs.Add(alg); + } + } + + public static void AddIfSupported(IList supportedGroups, TlsCrypto crypto, int namedGroup) + { + if (crypto.HasNamedGroup(namedGroup)) + { + supportedGroups.Add(namedGroup); + } + } + + public static void AddIfSupported(IList supportedGroups, TlsCrypto crypto, int[] namedGroups) + { + for (int i = 0; i < namedGroups.Length; ++i) + { + AddIfSupported(supportedGroups, crypto, namedGroups[i]); + } + } + + public static bool AddToSet(IList s, int i) + { + bool result = !s.Contains(i); + if (result) + { + s.Add(i); + } + return result; + } + + public static IList GetDefaultDssSignatureAlgorithms() + { + return GetDefaultSignatureAlgorithms(SignatureAlgorithm.dsa); + } + + public static IList GetDefaultECDsaSignatureAlgorithms() + { + return GetDefaultSignatureAlgorithms(SignatureAlgorithm.ecdsa); + } + + public static IList GetDefaultRsaSignatureAlgorithms() + { + return GetDefaultSignatureAlgorithms(SignatureAlgorithm.rsa); + } + + public static SignatureAndHashAlgorithm GetDefaultSignatureAlgorithm(short signatureAlgorithm) + { + /* + * RFC 5246 7.4.1.4.1. If the client does not send the signature_algorithms extension, + * the server MUST do the following: + * + * - If the negotiated key exchange algorithm is one of (RSA, DHE_RSA, DH_RSA, RSA_PSK, + * ECDH_RSA, ECDHE_RSA), behave as if client had sent the value {sha1,rsa}. + * + * - If the negotiated key exchange algorithm is one of (DHE_DSS, DH_DSS), behave as if + * the client had sent the value {sha1,dsa}. + * + * - If the negotiated key exchange algorithm is one of (ECDH_ECDSA, ECDHE_ECDSA), + * behave as if the client had sent value {sha1,ecdsa}. + */ + + switch (signatureAlgorithm) + { + case SignatureAlgorithm.dsa: + case SignatureAlgorithm.ecdsa: + case SignatureAlgorithm.rsa: + return SignatureAndHashAlgorithm.GetInstance(HashAlgorithm.sha1, signatureAlgorithm); + default: + return null; + } + } + + public static IList GetDefaultSignatureAlgorithms(short signatureAlgorithm) + { + SignatureAndHashAlgorithm sigAndHashAlg = GetDefaultSignatureAlgorithm(signatureAlgorithm); + + return null == sigAndHashAlg ? Platform.CreateArrayList() : VectorOfOne(sigAndHashAlg); + } + + public static IList GetDefaultSupportedSignatureAlgorithms(TlsContext context) + { + TlsCrypto crypto = context.Crypto; + + IList result = Platform.CreateArrayList(DefaultSupportedSigAlgs.Count); + foreach (SignatureAndHashAlgorithm sigAndHashAlg in DefaultSupportedSigAlgs) + { + AddIfSupported(result, crypto, sigAndHashAlg); + } + return result; + } + + public static SignatureAndHashAlgorithm GetSignatureAndHashAlgorithm(TlsContext context, + TlsCredentialedSigner signerCredentials) + { + return GetSignatureAndHashAlgorithm(context.ServerVersion, signerCredentials); + } + + internal static SignatureAndHashAlgorithm GetSignatureAndHashAlgorithm(ProtocolVersion negotiatedVersion, + TlsCredentialedSigner signerCredentials) + { + SignatureAndHashAlgorithm signatureAndHashAlgorithm = null; + if (IsTlsV12(negotiatedVersion)) + { + signatureAndHashAlgorithm = signerCredentials.SignatureAndHashAlgorithm; + if (signatureAndHashAlgorithm == null) + throw new TlsFatalAlert(AlertDescription.internal_error); + } + return signatureAndHashAlgorithm; + } + + public static byte[] GetExtensionData(IDictionary extensions, int extensionType) + { + return extensions == null || !extensions.Contains(extensionType) + ? null + : (byte[])extensions[extensionType]; + } + + public static bool HasExpectedEmptyExtensionData(IDictionary extensions, int extensionType, + short alertDescription) + { + byte[] extension_data = GetExtensionData(extensions, extensionType); + if (extension_data == null) + return false; + + if (extension_data.Length != 0) + throw new TlsFatalAlert(alertDescription); + + return true; + } + + public static TlsSession ImportSession(byte[] sessionID, SessionParameters sessionParameters) + { + return new TlsSessionImpl(sessionID, sessionParameters); + } + + internal static bool IsExtendedMasterSecretOptionalDtls(ProtocolVersion[] activeProtocolVersions) + { + return ProtocolVersion.Contains(activeProtocolVersions, ProtocolVersion.DTLSv12) + || ProtocolVersion.Contains(activeProtocolVersions, ProtocolVersion.DTLSv10); + } + + internal static bool IsExtendedMasterSecretOptionalTls(ProtocolVersion[] activeProtocolVersions) + { + return ProtocolVersion.Contains(activeProtocolVersions, ProtocolVersion.TLSv12) + || ProtocolVersion.Contains(activeProtocolVersions, ProtocolVersion.TLSv11) + || ProtocolVersion.Contains(activeProtocolVersions, ProtocolVersion.TLSv10); + } + + public static bool IsNullOrContainsNull(object[] array) + { + if (null == array) + return true; + + int count = array.Length; + for (int i = 0; i < count; ++i) + { + if (null == array[i]) + return true; + } + return false; + } + + public static bool IsNullOrEmpty(byte[] array) + { + return null == array || array.Length < 1; + } + + public static bool IsNullOrEmpty(short[] array) + { + return null == array || array.Length < 1; + } + + public static bool IsNullOrEmpty(int[] array) + { + return null == array || array.Length < 1; + } + + public static bool IsNullOrEmpty(object[] array) + { + return null == array || array.Length < 1; + } + + public static bool IsNullOrEmpty(string s) + { + return null == s || s.Length < 1; + } + + public static bool IsNullOrEmpty(IList v) + { + return null == v || v.Count < 1; + } + + public static bool IsSignatureAlgorithmsExtensionAllowed(ProtocolVersion version) + { + return null != version + && ProtocolVersion.TLSv12.IsEqualOrEarlierVersionOf(version.GetEquivalentTlsVersion()); + } + + public static short GetLegacyClientCertType(short signatureAlgorithm) + { + switch (signatureAlgorithm) + { + case SignatureAlgorithm.rsa: + return ClientCertificateType.rsa_sign; + case SignatureAlgorithm.dsa: + return ClientCertificateType.dss_sign; + case SignatureAlgorithm.ecdsa: + return ClientCertificateType.ecdsa_sign; + default: + return -1; + } + } + + public static short GetLegacySignatureAlgorithmClient(short clientCertificateType) + { + switch (clientCertificateType) + { + case ClientCertificateType.dss_sign: + return SignatureAlgorithm.dsa; + case ClientCertificateType.ecdsa_sign: + return SignatureAlgorithm.ecdsa; + case ClientCertificateType.rsa_sign: + return SignatureAlgorithm.rsa; + default: + return -1; + } + } + + public static short GetLegacySignatureAlgorithmClientCert(short clientCertificateType) + { + switch (clientCertificateType) + { + case ClientCertificateType.dss_sign: + case ClientCertificateType.dss_fixed_dh: + return SignatureAlgorithm.dsa; + + case ClientCertificateType.ecdsa_sign: + case ClientCertificateType.ecdsa_fixed_ecdh: + return SignatureAlgorithm.ecdsa; + + case ClientCertificateType.rsa_sign: + case ClientCertificateType.rsa_fixed_dh: + case ClientCertificateType.rsa_fixed_ecdh: + return SignatureAlgorithm.rsa; + default: + return -1; + } + } + + public static short GetLegacySignatureAlgorithmServer(int keyExchangeAlgorithm) + { + switch (keyExchangeAlgorithm) + { + case KeyExchangeAlgorithm.DHE_DSS: + case KeyExchangeAlgorithm.SRP_DSS: + return SignatureAlgorithm.dsa; + + case KeyExchangeAlgorithm.ECDHE_ECDSA: + return SignatureAlgorithm.ecdsa; + + case KeyExchangeAlgorithm.DHE_RSA: + case KeyExchangeAlgorithm.ECDHE_RSA: + case KeyExchangeAlgorithm.SRP_RSA: + return SignatureAlgorithm.rsa; + + default: + return -1; + } + } + + public static short GetLegacySignatureAlgorithmServerCert(int keyExchangeAlgorithm) + { + switch (keyExchangeAlgorithm) + { + case KeyExchangeAlgorithm.DH_DSS: + case KeyExchangeAlgorithm.DHE_DSS: + case KeyExchangeAlgorithm.SRP_DSS: + return SignatureAlgorithm.dsa; + + case KeyExchangeAlgorithm.ECDH_ECDSA: + case KeyExchangeAlgorithm.ECDHE_ECDSA: + return SignatureAlgorithm.ecdsa; + + case KeyExchangeAlgorithm.DH_RSA: + case KeyExchangeAlgorithm.DHE_RSA: + case KeyExchangeAlgorithm.ECDH_RSA: + case KeyExchangeAlgorithm.ECDHE_RSA: + case KeyExchangeAlgorithm.RSA: + case KeyExchangeAlgorithm.RSA_PSK: + case KeyExchangeAlgorithm.SRP_RSA: + return SignatureAlgorithm.rsa; + + default: + return -1; + } + } + + public static IList GetLegacySupportedSignatureAlgorithms() + { + IList result = Platform.CreateArrayList(3); + result.Add(SignatureAndHashAlgorithm.GetInstance(HashAlgorithm.sha1, SignatureAlgorithm.dsa)); + result.Add(SignatureAndHashAlgorithm.GetInstance(HashAlgorithm.sha1, SignatureAlgorithm.ecdsa)); + result.Add(SignatureAndHashAlgorithm.GetInstance(HashAlgorithm.sha1, SignatureAlgorithm.rsa)); + return result; + } + + /// + public static void EncodeSupportedSignatureAlgorithms(IList supportedSignatureAlgorithms, Stream output) + { + if (supportedSignatureAlgorithms == null || supportedSignatureAlgorithms.Count < 1 + || supportedSignatureAlgorithms.Count >= (1 << 15)) + { + throw new ArgumentException("must have length from 1 to (2^15 - 1)", "supportedSignatureAlgorithms"); + } + + // supported_signature_algorithms + int length = 2 * supportedSignatureAlgorithms.Count; + CheckUint16(length); + WriteUint16(length, output); + foreach (SignatureAndHashAlgorithm entry in supportedSignatureAlgorithms) + { + if (entry.Signature == SignatureAlgorithm.anonymous) + { + /* + * RFC 5246 7.4.1.4.1 The "anonymous" value is meaningless in this context but used + * in Section 7.4.3. It MUST NOT appear in this extension. + */ + throw new ArgumentException( + "SignatureAlgorithm.anonymous MUST NOT appear in the signature_algorithms extension"); + } + entry.Encode(output); + } + } + + /// + public static IList ParseSupportedSignatureAlgorithms(Stream input) + { + // supported_signature_algorithms + int length = ReadUint16(input); + if (length < 2 || (length & 1) != 0) + throw new TlsFatalAlert(AlertDescription.decode_error); + + int count = length / 2; + IList supportedSignatureAlgorithms = Platform.CreateArrayList(count); + for (int i = 0; i < count; ++i) + { + SignatureAndHashAlgorithm sigAndHashAlg = SignatureAndHashAlgorithm.Parse(input); + + if (SignatureAlgorithm.anonymous != sigAndHashAlg.Signature) + { + supportedSignatureAlgorithms.Add(sigAndHashAlg); + } + } + return supportedSignatureAlgorithms; + } + + /// + public static void VerifySupportedSignatureAlgorithm(IList supportedSignatureAlgorithms, + SignatureAndHashAlgorithm signatureAlgorithm) + { + if (supportedSignatureAlgorithms == null || supportedSignatureAlgorithms.Count < 1 + || supportedSignatureAlgorithms.Count >= (1 << 15)) + { + throw new ArgumentException("must have length from 1 to (2^15 - 1)", "supportedSignatureAlgorithms"); + } + if (signatureAlgorithm == null) + throw new ArgumentNullException("signatureAlgorithm"); + + if (signatureAlgorithm.Signature == SignatureAlgorithm.anonymous + || !ContainsSignatureAlgorithm(supportedSignatureAlgorithms, signatureAlgorithm)) + { + throw new TlsFatalAlert(AlertDescription.illegal_parameter); + } + } + + /// + public static bool ContainsSignatureAlgorithm(IList supportedSignatureAlgorithms, + SignatureAndHashAlgorithm signatureAlgorithm) + { + foreach (SignatureAndHashAlgorithm entry in supportedSignatureAlgorithms) + { + if (entry.Equals(signatureAlgorithm)) + return true; + } + + return false; + } + + public static bool ContainsAnySignatureAlgorithm(IList supportedSignatureAlgorithms, short signatureAlgorithm) + { + foreach (SignatureAndHashAlgorithm entry in supportedSignatureAlgorithms) + { + if (entry.Signature == signatureAlgorithm) + return true; + } + + return false; + } + + public static TlsSecret Prf(SecurityParameters securityParameters, TlsSecret secret, string asciiLabel, + byte[] seed, int length) + { + return secret.DeriveUsingPrf(securityParameters.PrfAlgorithm, asciiLabel, seed, length); + } + + public static byte[] Clone(byte[] data) + { + return null == data ? null : data.Length == 0 ? EmptyBytes : (byte[])data.Clone(); + } + + public static string[] Clone(string[] s) + { + return null == s ? null : s.Length < 1 ? EmptyStrings : (string[])s.Clone(); + } + + public static bool ConstantTimeAreEqual(int len, byte[] a, int aOff, byte[] b, int bOff) + { + int d = 0; + for (int i = 0; i < len; ++i) + { + d |= a[aOff + i] ^ b[bOff + i]; + } + return 0 == d; + } + + public static byte[] CopyOfRangeExact(byte[] original, int from, int to) + { + int newLength = to - from; + byte[] copy = new byte[newLength]; + Array.Copy(original, from, copy, 0, newLength); + return copy; + } + + internal static byte[] Concat(byte[] a, byte[] b) + { + byte[] c = new byte[a.Length + b.Length]; + Array.Copy(a, 0, c, 0, a.Length); + Array.Copy(b, 0, c, a.Length, b.Length); + return c; + } + + /// + internal static byte[] CalculateEndPointHash(TlsContext context, TlsCertificate certificate, byte[] enc) + { + return CalculateEndPointHash(context, certificate, enc, 0, enc.Length); + } + + /// + internal static byte[] CalculateEndPointHash(TlsContext context, TlsCertificate certificate, byte[] enc, + int encOff, int encLen) + { + short hashAlgorithm = HashAlgorithm.none; + + string sigAlgOid = certificate.SigAlgOid; + if (sigAlgOid != null) + { + if (PkcsObjectIdentifiers.IdRsassaPss.Id.Equals(sigAlgOid)) + { + RsassaPssParameters pssParams = RsassaPssParameters.GetInstance(certificate.GetSigAlgParams()); + if (null != pssParams) + { + DerObjectIdentifier hashOid = pssParams.HashAlgorithm.Algorithm; + if (NistObjectIdentifiers.IdSha256.Equals(hashOid)) + { + hashAlgorithm = HashAlgorithm.sha256; + } + else if (NistObjectIdentifiers.IdSha384.Equals(hashOid)) + { + hashAlgorithm = HashAlgorithm.sha384; + } + else if (NistObjectIdentifiers.IdSha512.Equals(hashOid)) + { + hashAlgorithm = HashAlgorithm.sha512; + } + } + } + else + { + if (CertSigAlgOids.Contains(sigAlgOid)) + { + hashAlgorithm = ((SignatureAndHashAlgorithm)CertSigAlgOids[sigAlgOid]).Hash; + } + } + } + + switch (hashAlgorithm) + { + case HashAlgorithm.Intrinsic: + hashAlgorithm = HashAlgorithm.none; + break; + case HashAlgorithm.md5: + case HashAlgorithm.sha1: + hashAlgorithm = HashAlgorithm.sha256; + break; + } + + if (HashAlgorithm.none != hashAlgorithm) + { + TlsHash hash = CreateHash(context.Crypto, hashAlgorithm); + if (hash != null) + { + hash.Update(enc, encOff, encLen); + return hash.CalculateHash(); + } + } + + return EmptyBytes; + } + + public static byte[] CalculateExporterSeed(SecurityParameters securityParameters, byte[] context) + { + byte[] cr = securityParameters.ClientRandom, sr = securityParameters.ServerRandom; + if (null == context) + return Arrays.Concatenate(cr, sr); + + if (!IsValidUint16(context.Length)) + throw new ArgumentException("must have length less than 2^16 (or be null)", "context"); + + byte[] contextLength = new byte[2]; + WriteUint16(context.Length, contextLength, 0); + + return Arrays.ConcatenateAll(cr, sr, contextLength, context); + } + + private static byte[] CalculateFinishedHmac(SecurityParameters securityParameters, TlsSecret baseKey, + byte[] transcriptHash) + { + int prfCryptoHashAlgorithm = securityParameters.PrfCryptoHashAlgorithm; + int prfHashLength = securityParameters.PrfHashLength; + + return CalculateFinishedHmac(prfCryptoHashAlgorithm, prfHashLength, baseKey, transcriptHash); + } + + private static byte[] CalculateFinishedHmac(int prfCryptoHashAlgorithm, int prfHashLength, TlsSecret baseKey, + byte[] transcriptHash) + { + TlsSecret finishedKey = TlsCryptoUtilities.HkdfExpandLabel(baseKey, prfCryptoHashAlgorithm, "finished", + EmptyBytes, prfHashLength); + + try + { + return finishedKey.CalculateHmac(prfCryptoHashAlgorithm, transcriptHash, 0, transcriptHash.Length); + } + finally + { + finishedKey.Destroy(); + } + } + + internal static TlsSecret CalculateMasterSecret(TlsContext context, TlsSecret preMasterSecret) + { + SecurityParameters sp = context.SecurityParameters; + + string asciiLabel; + byte[] seed; + if (sp.IsExtendedMasterSecret) + { + asciiLabel = ExporterLabel.extended_master_secret; + seed = sp.SessionHash; + } + else + { + asciiLabel = ExporterLabel.master_secret; + seed = Concat(sp.ClientRandom, sp.ServerRandom); + } + + return Prf(sp, preMasterSecret, asciiLabel, seed, 48); + } + + internal static byte[] CalculatePskBinder(TlsCrypto crypto, bool isExternalPsk, int pskCryptoHashAlgorithm, + TlsSecret earlySecret, byte[] transcriptHash) + { + int prfHashLength = TlsCryptoUtilities.GetHashOutputSize(pskCryptoHashAlgorithm); + + string label = isExternalPsk ? "ext binder" : "res binder"; + byte[] emptyTranscriptHash = crypto.CreateHash(pskCryptoHashAlgorithm).CalculateHash(); + + TlsSecret binderKey = DeriveSecret(pskCryptoHashAlgorithm, prfHashLength, earlySecret, label, + emptyTranscriptHash); + + try + { + return CalculateFinishedHmac(pskCryptoHashAlgorithm, prfHashLength, binderKey, transcriptHash); + } + finally + { + binderKey.Destroy(); + } + } + + internal static byte[] CalculateVerifyData(TlsContext context, TlsHandshakeHash handshakeHash, bool isServer) + { + SecurityParameters securityParameters = context.SecurityParameters; + ProtocolVersion negotiatedVersion = securityParameters.NegotiatedVersion; + + if (IsTlsV13(negotiatedVersion)) + { + TlsSecret baseKey = isServer + ? securityParameters.BaseKeyServer + : securityParameters.BaseKeyClient; + byte[] transcriptHash = GetCurrentPrfHash(handshakeHash); + + return CalculateFinishedHmac(securityParameters, baseKey, transcriptHash); + } + + if (negotiatedVersion.IsSsl) + { + return Ssl3Utilities.CalculateVerifyData(handshakeHash, isServer); + } + + string asciiLabel = isServer ? ExporterLabel.server_finished : ExporterLabel.client_finished; + byte[] prfHash = GetCurrentPrfHash(handshakeHash); + + TlsSecret master_secret = securityParameters.MasterSecret; + int verify_data_length = securityParameters.VerifyDataLength; + + return Prf(securityParameters, master_secret, asciiLabel, prfHash, verify_data_length).Extract(); + } + + internal static void Establish13PhaseSecrets(TlsContext context, TlsSecret pskEarlySecret, + TlsSecret sharedSecret) + { + TlsCrypto crypto = context.Crypto; + SecurityParameters securityParameters = context.SecurityParameters; + int cryptoHashAlgorithm = securityParameters.PrfCryptoHashAlgorithm; + TlsSecret zeros = crypto.HkdfInit(cryptoHashAlgorithm); + byte[] emptyTranscriptHash = crypto.CreateHash(cryptoHashAlgorithm).CalculateHash(); + + TlsSecret earlySecret = pskEarlySecret; + if (null == earlySecret) + { + earlySecret = crypto + .HkdfInit(cryptoHashAlgorithm) + .HkdfExtract(cryptoHashAlgorithm, zeros); + } + + if (null == sharedSecret) + { + sharedSecret = zeros; + } + + TlsSecret handshakeSecret = DeriveSecret(securityParameters, earlySecret, "derived", emptyTranscriptHash) + .HkdfExtract(cryptoHashAlgorithm, sharedSecret); + + if (sharedSecret != zeros) + { + sharedSecret.Destroy(); + } + + TlsSecret masterSecret = DeriveSecret(securityParameters, handshakeSecret, "derived", emptyTranscriptHash) + .HkdfExtract(cryptoHashAlgorithm, zeros); + + securityParameters.m_earlySecret = earlySecret; + securityParameters.m_handshakeSecret = handshakeSecret; + securityParameters.m_masterSecret = masterSecret; + } + + private static void Establish13TrafficSecrets(TlsContext context, byte[] transcriptHash, TlsSecret phaseSecret, + string clientLabel, string serverLabel, RecordStream recordStream) + { + SecurityParameters securityParameters = context.SecurityParameters; + + securityParameters.m_trafficSecretClient = DeriveSecret(securityParameters, phaseSecret, clientLabel, + transcriptHash); + + if (null != serverLabel) + { + securityParameters.m_trafficSecretServer = DeriveSecret(securityParameters, phaseSecret, serverLabel, + transcriptHash); + } + + // TODO[tls13] Early data (client->server only) + + recordStream.SetPendingCipher(InitCipher(context)); + } + + internal static void Establish13PhaseApplication(TlsContext context, byte[] serverFinishedTranscriptHash, + RecordStream recordStream) + { + SecurityParameters securityParameters = context.SecurityParameters; + TlsSecret phaseSecret = securityParameters.MasterSecret; + + Establish13TrafficSecrets(context, serverFinishedTranscriptHash, phaseSecret, "c ap traffic", + "s ap traffic", recordStream); + + securityParameters.m_exporterMasterSecret = DeriveSecret(securityParameters, phaseSecret, "exp master", + serverFinishedTranscriptHash); + } + + internal static void Establish13PhaseEarly(TlsContext context, byte[] clientHelloTranscriptHash, + RecordStream recordStream) + { + SecurityParameters securityParameters = context.SecurityParameters; + TlsSecret phaseSecret = securityParameters.EarlySecret; + + // TODO[tls13] binder_key + + // TODO[tls13] Early data (client->server only) + if (null != recordStream) + { + Establish13TrafficSecrets(context, clientHelloTranscriptHash, phaseSecret, "c e traffic", null, + recordStream); + } + + securityParameters.m_earlyExporterMasterSecret = DeriveSecret(securityParameters, phaseSecret, + "e exp master", clientHelloTranscriptHash); + } + + internal static void Establish13PhaseHandshake(TlsContext context, byte[] serverHelloTranscriptHash, + RecordStream recordStream) + { + SecurityParameters securityParameters = context.SecurityParameters; + TlsSecret phaseSecret = securityParameters.HandshakeSecret; + + Establish13TrafficSecrets(context, serverHelloTranscriptHash, phaseSecret, "c hs traffic", "s hs traffic", + recordStream); + + securityParameters.m_baseKeyClient = securityParameters.TrafficSecretClient; + securityParameters.m_baseKeyServer = securityParameters.TrafficSecretServer; + } + + internal static void Update13TrafficSecretLocal(TlsContext context) + { + Update13TrafficSecret(context, context.IsServer); + } + + internal static void Update13TrafficSecretPeer(TlsContext context) + { + Update13TrafficSecret(context, !context.IsServer); + } + + private static void Update13TrafficSecret(TlsContext context, bool forServer) + { + SecurityParameters securityParameters = context.SecurityParameters; + + TlsSecret current; + if (forServer) + { + current = securityParameters.TrafficSecretServer; + securityParameters.m_trafficSecretServer = Update13TrafficSecret(securityParameters, current); + } + else + { + current = securityParameters.TrafficSecretClient; + securityParameters.m_trafficSecretClient = Update13TrafficSecret(securityParameters, current); + } + + if (null != current) + { + current.Destroy(); + } + } + + private static TlsSecret Update13TrafficSecret(SecurityParameters securityParameters, TlsSecret secret) + { + return TlsCryptoUtilities.HkdfExpandLabel(secret, securityParameters.PrfCryptoHashAlgorithm, "traffic upd", + EmptyBytes, securityParameters.PrfHashLength); + } + + public static DerObjectIdentifier GetOidForHashAlgorithm(short hashAlgorithm) + { + switch (hashAlgorithm) + { + case HashAlgorithm.md5: + return PkcsObjectIdentifiers.MD5; + case HashAlgorithm.sha1: + return X509ObjectIdentifiers.IdSha1; + case HashAlgorithm.sha224: + return NistObjectIdentifiers.IdSha224; + case HashAlgorithm.sha256: + return NistObjectIdentifiers.IdSha256; + case HashAlgorithm.sha384: + return NistObjectIdentifiers.IdSha384; + case HashAlgorithm.sha512: + return NistObjectIdentifiers.IdSha512; + // TODO[RFC 8998] + //case HashAlgorithm.sm3: + // return GMObjectIdentifiers.sm3; + default: + throw new ArgumentException("invalid HashAlgorithm: " + HashAlgorithm.GetText(hashAlgorithm)); + } + } + + internal static int GetPrfAlgorithm(SecurityParameters securityParameters, int cipherSuite) + { + ProtocolVersion negotiatedVersion = securityParameters.NegotiatedVersion; + + bool isTlsV13 = IsTlsV13(negotiatedVersion); + bool isTlsV12Exactly = !isTlsV13 && IsTlsV12(negotiatedVersion); + bool isSsl = negotiatedVersion.IsSsl; + + switch (cipherSuite) + { + case CipherSuite.TLS_AES_128_CCM_SHA256: + case CipherSuite.TLS_AES_128_CCM_8_SHA256: + case CipherSuite.TLS_AES_128_GCM_SHA256: + case CipherSuite.TLS_CHACHA20_POLY1305_SHA256: + { + if (isTlsV13) + return PrfAlgorithm.tls13_hkdf_sha256; + + throw new TlsFatalAlert(AlertDescription.illegal_parameter); + } + + case CipherSuite.TLS_AES_256_GCM_SHA384: + { + if (isTlsV13) + return PrfAlgorithm.tls13_hkdf_sha384; + + throw new TlsFatalAlert(AlertDescription.illegal_parameter); + } + + case CipherSuite.TLS_SM4_CCM_SM3: + case CipherSuite.TLS_SM4_GCM_SM3: + { + if (isTlsV13) + return PrfAlgorithm.tls13_hkdf_sm3; + + throw new TlsFatalAlert(AlertDescription.illegal_parameter); + } + + case CipherSuite.TLS_DH_anon_WITH_AES_128_CBC_SHA256: + case CipherSuite.TLS_DH_anon_WITH_AES_128_GCM_SHA256: + case CipherSuite.TLS_DH_anon_WITH_AES_256_CBC_SHA256: + case CipherSuite.TLS_DH_anon_WITH_ARIA_128_CBC_SHA256: + case CipherSuite.TLS_DH_anon_WITH_ARIA_128_GCM_SHA256: + case CipherSuite.TLS_DH_anon_WITH_CAMELLIA_128_CBC_SHA256: + case CipherSuite.TLS_DH_anon_WITH_CAMELLIA_128_GCM_SHA256: + case CipherSuite.TLS_DH_anon_WITH_CAMELLIA_256_CBC_SHA256: + case CipherSuite.TLS_DH_DSS_WITH_AES_128_CBC_SHA256: + case CipherSuite.TLS_DH_DSS_WITH_AES_128_GCM_SHA256: + case CipherSuite.TLS_DH_DSS_WITH_AES_256_CBC_SHA256: + case CipherSuite.TLS_DH_DSS_WITH_ARIA_128_CBC_SHA256: + case CipherSuite.TLS_DH_DSS_WITH_ARIA_128_GCM_SHA256: + case CipherSuite.TLS_DH_DSS_WITH_CAMELLIA_128_CBC_SHA256: + case CipherSuite.TLS_DH_DSS_WITH_CAMELLIA_128_GCM_SHA256: + case CipherSuite.TLS_DH_DSS_WITH_CAMELLIA_256_CBC_SHA256: + case CipherSuite.TLS_DH_RSA_WITH_AES_128_CBC_SHA256: + case CipherSuite.TLS_DH_RSA_WITH_AES_128_GCM_SHA256: + case CipherSuite.TLS_DH_RSA_WITH_AES_256_CBC_SHA256: + case CipherSuite.TLS_DH_RSA_WITH_ARIA_128_CBC_SHA256: + case CipherSuite.TLS_DH_RSA_WITH_ARIA_128_GCM_SHA256: + case CipherSuite.TLS_DH_RSA_WITH_CAMELLIA_128_CBC_SHA256: + case CipherSuite.TLS_DH_RSA_WITH_CAMELLIA_128_GCM_SHA256: + case CipherSuite.TLS_DH_RSA_WITH_CAMELLIA_256_CBC_SHA256: + case CipherSuite.TLS_DHE_DSS_WITH_AES_128_CBC_SHA256: + case CipherSuite.TLS_DHE_DSS_WITH_AES_128_GCM_SHA256: + case CipherSuite.TLS_DHE_DSS_WITH_AES_256_CBC_SHA256: + case CipherSuite.TLS_DHE_DSS_WITH_ARIA_128_CBC_SHA256: + case CipherSuite.TLS_DHE_DSS_WITH_ARIA_128_GCM_SHA256: + case CipherSuite.TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA256: + case CipherSuite.TLS_DHE_DSS_WITH_CAMELLIA_128_GCM_SHA256: + case CipherSuite.TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA256: + case CipherSuite.TLS_DHE_PSK_WITH_AES_128_CCM: + case CipherSuite.TLS_DHE_PSK_WITH_AES_128_GCM_SHA256: + case CipherSuite.TLS_DHE_PSK_WITH_ARIA_128_CBC_SHA256: + case CipherSuite.TLS_DHE_PSK_WITH_ARIA_128_GCM_SHA256: + case CipherSuite.TLS_DHE_PSK_WITH_AES_256_CCM: + case CipherSuite.TLS_DHE_PSK_WITH_CAMELLIA_128_GCM_SHA256: + case CipherSuite.TLS_DHE_PSK_WITH_CHACHA20_POLY1305_SHA256: + case CipherSuite.TLS_DHE_RSA_WITH_AES_128_CBC_SHA256: + case CipherSuite.TLS_DHE_RSA_WITH_AES_128_CCM: + case CipherSuite.TLS_DHE_RSA_WITH_AES_128_CCM_8: + case CipherSuite.TLS_DHE_RSA_WITH_AES_128_GCM_SHA256: + case CipherSuite.TLS_DHE_RSA_WITH_AES_256_CBC_SHA256: + case CipherSuite.TLS_DHE_RSA_WITH_AES_256_CCM: + case CipherSuite.TLS_DHE_RSA_WITH_AES_256_CCM_8: + case CipherSuite.TLS_DHE_RSA_WITH_ARIA_128_CBC_SHA256: + case CipherSuite.TLS_DHE_RSA_WITH_ARIA_128_GCM_SHA256: + case CipherSuite.TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256: + case CipherSuite.TLS_DHE_RSA_WITH_CAMELLIA_128_GCM_SHA256: + case CipherSuite.TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256: + case CipherSuite.TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256: + case CipherSuite.TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256: + case CipherSuite.TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256: + case CipherSuite.TLS_ECDH_ECDSA_WITH_ARIA_128_CBC_SHA256: + case CipherSuite.TLS_ECDH_ECDSA_WITH_ARIA_128_GCM_SHA256: + case CipherSuite.TLS_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256: + case CipherSuite.TLS_ECDH_ECDSA_WITH_CAMELLIA_128_GCM_SHA256: + case CipherSuite.TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256: + case CipherSuite.TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256: + case CipherSuite.TLS_ECDH_RSA_WITH_ARIA_128_CBC_SHA256: + case CipherSuite.TLS_ECDH_RSA_WITH_ARIA_128_GCM_SHA256: + case CipherSuite.TLS_ECDH_RSA_WITH_CAMELLIA_128_CBC_SHA256: + case CipherSuite.TLS_ECDH_RSA_WITH_CAMELLIA_128_GCM_SHA256: + case CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256: + case CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_128_CCM: + case CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8: + case CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256: + case CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_256_CCM: + case CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_256_CCM_8: + case CipherSuite.TLS_ECDHE_ECDSA_WITH_ARIA_128_CBC_SHA256: + case CipherSuite.TLS_ECDHE_ECDSA_WITH_ARIA_128_GCM_SHA256: + case CipherSuite.TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256: + case CipherSuite.TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_GCM_SHA256: + case CipherSuite.TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256: + case CipherSuite.TLS_ECDHE_PSK_WITH_AES_128_CCM_8_SHA256: + case CipherSuite.TLS_ECDHE_PSK_WITH_AES_128_CCM_SHA256: + case CipherSuite.TLS_ECDHE_PSK_WITH_AES_128_GCM_SHA256: + case CipherSuite.TLS_ECDHE_PSK_WITH_ARIA_128_CBC_SHA256: + case CipherSuite.TLS_ECDHE_PSK_WITH_CHACHA20_POLY1305_SHA256: + case CipherSuite.TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256: + case CipherSuite.TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256: + case CipherSuite.TLS_ECDHE_RSA_WITH_ARIA_128_CBC_SHA256: + case CipherSuite.TLS_ECDHE_RSA_WITH_ARIA_128_GCM_SHA256: + case CipherSuite.TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256: + case CipherSuite.TLS_ECDHE_RSA_WITH_CAMELLIA_128_GCM_SHA256: + case CipherSuite.TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256: + case CipherSuite.TLS_PSK_DHE_WITH_AES_128_CCM_8: + case CipherSuite.TLS_PSK_DHE_WITH_AES_256_CCM_8: + case CipherSuite.TLS_PSK_WITH_AES_128_CCM: + case CipherSuite.TLS_PSK_WITH_AES_128_CCM_8: + case CipherSuite.TLS_PSK_WITH_AES_128_GCM_SHA256: + case CipherSuite.TLS_PSK_WITH_CHACHA20_POLY1305_SHA256: + case CipherSuite.TLS_PSK_WITH_AES_256_CCM: + case CipherSuite.TLS_PSK_WITH_AES_256_CCM_8: + case CipherSuite.TLS_PSK_WITH_ARIA_128_CBC_SHA256: + case CipherSuite.TLS_PSK_WITH_ARIA_128_GCM_SHA256: + case CipherSuite.TLS_PSK_WITH_CAMELLIA_128_GCM_SHA256: + case CipherSuite.TLS_RSA_PSK_WITH_AES_128_GCM_SHA256: + case CipherSuite.TLS_RSA_PSK_WITH_ARIA_128_CBC_SHA256: + case CipherSuite.TLS_RSA_PSK_WITH_ARIA_128_GCM_SHA256: + case CipherSuite.TLS_RSA_PSK_WITH_CAMELLIA_128_GCM_SHA256: + case CipherSuite.TLS_RSA_PSK_WITH_CHACHA20_POLY1305_SHA256: + case CipherSuite.TLS_RSA_WITH_AES_128_CBC_SHA256: + case CipherSuite.TLS_RSA_WITH_AES_128_CCM: + case CipherSuite.TLS_RSA_WITH_AES_128_CCM_8: + case CipherSuite.TLS_RSA_WITH_AES_128_GCM_SHA256: + case CipherSuite.TLS_RSA_WITH_AES_256_CBC_SHA256: + case CipherSuite.TLS_RSA_WITH_AES_256_CCM: + case CipherSuite.TLS_RSA_WITH_AES_256_CCM_8: + case CipherSuite.TLS_RSA_WITH_ARIA_128_CBC_SHA256: + case CipherSuite.TLS_RSA_WITH_ARIA_128_GCM_SHA256: + case CipherSuite.TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256: + case CipherSuite.TLS_RSA_WITH_CAMELLIA_128_GCM_SHA256: + case CipherSuite.TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256: + case CipherSuite.TLS_RSA_WITH_NULL_SHA256: + { + if (isTlsV12Exactly) + return PrfAlgorithm.tls_prf_sha256; + + throw new TlsFatalAlert(AlertDescription.illegal_parameter); + } + + case CipherSuite.TLS_DH_anon_WITH_AES_256_GCM_SHA384: + case CipherSuite.TLS_DH_anon_WITH_ARIA_256_CBC_SHA384: + case CipherSuite.TLS_DH_anon_WITH_ARIA_256_GCM_SHA384: + case CipherSuite.TLS_DH_anon_WITH_CAMELLIA_256_GCM_SHA384: + case CipherSuite.TLS_DH_DSS_WITH_AES_256_GCM_SHA384: + case CipherSuite.TLS_DH_DSS_WITH_ARIA_256_CBC_SHA384: + case CipherSuite.TLS_DH_DSS_WITH_ARIA_256_GCM_SHA384: + case CipherSuite.TLS_DH_DSS_WITH_CAMELLIA_256_GCM_SHA384: + case CipherSuite.TLS_DH_RSA_WITH_AES_256_GCM_SHA384: + case CipherSuite.TLS_DH_RSA_WITH_ARIA_256_CBC_SHA384: + case CipherSuite.TLS_DH_RSA_WITH_ARIA_256_GCM_SHA384: + case CipherSuite.TLS_DH_RSA_WITH_CAMELLIA_256_GCM_SHA384: + case CipherSuite.TLS_DHE_DSS_WITH_AES_256_GCM_SHA384: + case CipherSuite.TLS_DHE_DSS_WITH_ARIA_256_CBC_SHA384: + case CipherSuite.TLS_DHE_DSS_WITH_ARIA_256_GCM_SHA384: + case CipherSuite.TLS_DHE_DSS_WITH_CAMELLIA_256_GCM_SHA384: + case CipherSuite.TLS_DHE_PSK_WITH_AES_256_GCM_SHA384: + case CipherSuite.TLS_DHE_PSK_WITH_ARIA_256_CBC_SHA384: + case CipherSuite.TLS_DHE_PSK_WITH_ARIA_256_GCM_SHA384: + case CipherSuite.TLS_DHE_PSK_WITH_CAMELLIA_256_GCM_SHA384: + case CipherSuite.TLS_DHE_RSA_WITH_AES_256_GCM_SHA384: + case CipherSuite.TLS_DHE_RSA_WITH_ARIA_256_CBC_SHA384: + case CipherSuite.TLS_DHE_RSA_WITH_ARIA_256_GCM_SHA384: + case CipherSuite.TLS_DHE_RSA_WITH_CAMELLIA_256_GCM_SHA384: + case CipherSuite.TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384: + case CipherSuite.TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384: + case CipherSuite.TLS_ECDH_ECDSA_WITH_ARIA_256_CBC_SHA384: + case CipherSuite.TLS_ECDH_ECDSA_WITH_ARIA_256_GCM_SHA384: + case CipherSuite.TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384: + case CipherSuite.TLS_ECDH_ECDSA_WITH_CAMELLIA_256_GCM_SHA384: + case CipherSuite.TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384: + case CipherSuite.TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384: + case CipherSuite.TLS_ECDH_RSA_WITH_ARIA_256_CBC_SHA384: + case CipherSuite.TLS_ECDH_RSA_WITH_ARIA_256_GCM_SHA384: + case CipherSuite.TLS_ECDH_RSA_WITH_CAMELLIA_256_CBC_SHA384: + case CipherSuite.TLS_ECDH_RSA_WITH_CAMELLIA_256_GCM_SHA384: + case CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384: + case CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384: + case CipherSuite.TLS_ECDHE_ECDSA_WITH_ARIA_256_CBC_SHA384: + case CipherSuite.TLS_ECDHE_ECDSA_WITH_ARIA_256_GCM_SHA384: + case CipherSuite.TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384: + case CipherSuite.TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_GCM_SHA384: + case CipherSuite.TLS_ECDHE_PSK_WITH_AES_256_GCM_SHA384: + case CipherSuite.TLS_ECDHE_PSK_WITH_ARIA_256_CBC_SHA384: + case CipherSuite.TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384: + case CipherSuite.TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384: + case CipherSuite.TLS_ECDHE_RSA_WITH_ARIA_256_CBC_SHA384: + case CipherSuite.TLS_ECDHE_RSA_WITH_ARIA_256_GCM_SHA384: + case CipherSuite.TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384: + case CipherSuite.TLS_ECDHE_RSA_WITH_CAMELLIA_256_GCM_SHA384: + case CipherSuite.TLS_PSK_WITH_AES_256_GCM_SHA384: + case CipherSuite.TLS_PSK_WITH_ARIA_256_CBC_SHA384: + case CipherSuite.TLS_PSK_WITH_ARIA_256_GCM_SHA384: + case CipherSuite.TLS_PSK_WITH_CAMELLIA_256_GCM_SHA384: + case CipherSuite.TLS_RSA_PSK_WITH_AES_256_GCM_SHA384: + case CipherSuite.TLS_RSA_PSK_WITH_ARIA_256_CBC_SHA384: + case CipherSuite.TLS_RSA_PSK_WITH_ARIA_256_GCM_SHA384: + case CipherSuite.TLS_RSA_PSK_WITH_CAMELLIA_256_GCM_SHA384: + case CipherSuite.TLS_RSA_WITH_AES_256_GCM_SHA384: + case CipherSuite.TLS_RSA_WITH_ARIA_256_CBC_SHA384: + case CipherSuite.TLS_RSA_WITH_ARIA_256_GCM_SHA384: + case CipherSuite.TLS_RSA_WITH_CAMELLIA_256_GCM_SHA384: + { + if (isTlsV12Exactly) + return PrfAlgorithm.tls_prf_sha384; + + throw new TlsFatalAlert(AlertDescription.illegal_parameter); + } + + case CipherSuite.TLS_DHE_PSK_WITH_AES_256_CBC_SHA384: + case CipherSuite.TLS_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384: + case CipherSuite.TLS_DHE_PSK_WITH_NULL_SHA384: + case CipherSuite.TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384: + case CipherSuite.TLS_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384: + case CipherSuite.TLS_ECDHE_PSK_WITH_NULL_SHA384: + case CipherSuite.TLS_PSK_WITH_AES_256_CBC_SHA384: + case CipherSuite.TLS_PSK_WITH_CAMELLIA_256_CBC_SHA384: + case CipherSuite.TLS_PSK_WITH_NULL_SHA384: + case CipherSuite.TLS_RSA_PSK_WITH_AES_256_CBC_SHA384: + case CipherSuite.TLS_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384: + case CipherSuite.TLS_RSA_PSK_WITH_NULL_SHA384: + { + if (isTlsV13) + throw new TlsFatalAlert(AlertDescription.illegal_parameter); + + if (isTlsV12Exactly) + return PrfAlgorithm.tls_prf_sha384; + + if (isSsl) + return PrfAlgorithm.ssl_prf_legacy; + + return PrfAlgorithm.tls_prf_legacy; + } + + default: + { + if (isTlsV13) + throw new TlsFatalAlert(AlertDescription.illegal_parameter); + + if (isTlsV12Exactly) + return PrfAlgorithm.tls_prf_sha256; + + if (isSsl) + return PrfAlgorithm.ssl_prf_legacy; + + return PrfAlgorithm.tls_prf_legacy; + } + } + } + + internal static int GetPrfAlgorithm13(int cipherSuite) + { + // NOTE: GetPrfAlgorithms13 relies on the number of distinct return values + switch (cipherSuite) + { + case CipherSuite.TLS_AES_128_CCM_SHA256: + case CipherSuite.TLS_AES_128_CCM_8_SHA256: + case CipherSuite.TLS_AES_128_GCM_SHA256: + case CipherSuite.TLS_CHACHA20_POLY1305_SHA256: + return PrfAlgorithm.tls13_hkdf_sha256; + + case CipherSuite.TLS_AES_256_GCM_SHA384: + return PrfAlgorithm.tls13_hkdf_sha384; + + case CipherSuite.TLS_SM4_CCM_SM3: + case CipherSuite.TLS_SM4_GCM_SM3: + return PrfAlgorithm.tls13_hkdf_sm3; + + default: + return -1; + } + } + + internal static int[] GetPrfAlgorithms13(int[] cipherSuites) + { + int[] result = new int[System.Math.Min(3, cipherSuites.Length)]; + + int count = 0; + for (int i = 0; i < cipherSuites.Length; ++i) + { + int prfAlgorithm = GetPrfAlgorithm13(cipherSuites[i]); + if (prfAlgorithm >= 0 && !Arrays.Contains(result, prfAlgorithm)) + { + result[count++] = prfAlgorithm; + } + } + + return Truncate(result, count); + } + + internal static byte[] CalculateSignatureHash(TlsContext context, SignatureAndHashAlgorithm algorithm, + byte[] extraSignatureInput, DigestInputBuffer buf) + { + TlsCrypto crypto = context.Crypto; + + TlsHash h = algorithm == null + ? new CombinedHash(crypto) + : CreateHash(crypto, algorithm.Hash); + + SecurityParameters sp = context.SecurityParameters; + // NOTE: The implicit copy here is intended (and important) + byte[] randoms = Arrays.Concatenate(sp.ClientRandom, sp.ServerRandom); + h.Update(randoms, 0, randoms.Length); + + if (null != extraSignatureInput) + { + h.Update(extraSignatureInput, 0, extraSignatureInput.Length); + } + + buf.UpdateDigest(h); + + return h.CalculateHash(); + } + + internal static void SendSignatureInput(TlsContext context, byte[] extraSignatureInput, DigestInputBuffer buf, + Stream output) + { + SecurityParameters sp = context.SecurityParameters; + // NOTE: The implicit copy here is intended (and important) + byte[] randoms = Arrays.Concatenate(sp.ClientRandom, sp.ServerRandom); + output.Write(randoms, 0, randoms.Length); + + if (null != extraSignatureInput) + { + output.Write(extraSignatureInput, 0, extraSignatureInput.Length); + } + + buf.CopyInputTo(output); + + Platform.Dispose(output); + } + + internal static DigitallySigned GenerateCertificateVerifyClient(TlsClientContext clientContext, + TlsCredentialedSigner credentialedSigner, TlsStreamSigner streamSigner, TlsHandshakeHash handshakeHash) + { + SecurityParameters securityParameters = clientContext.SecurityParameters; + ProtocolVersion negotiatedVersion = securityParameters.NegotiatedVersion; + + if (IsTlsV13(negotiatedVersion)) + { + // Should be using GenerateCertificateVerify13 instead + throw new TlsFatalAlert(AlertDescription.internal_error); + } + + /* + * RFC 5246 4.7. digitally-signed element needs SignatureAndHashAlgorithm from TLS 1.2 + */ + SignatureAndHashAlgorithm signatureAndHashAlgorithm = GetSignatureAndHashAlgorithm(negotiatedVersion, + credentialedSigner); + + byte[] signature; + if (streamSigner != null) + { + handshakeHash.CopyBufferTo(streamSigner.GetOutputStream()); + signature = streamSigner.GetSignature(); + } + else + { + byte[] hash; + if (signatureAndHashAlgorithm == null) + { + hash = securityParameters.SessionHash; + } + else + { + int signatureScheme = SignatureScheme.From(signatureAndHashAlgorithm); + int cryptoHashAlgorithm = SignatureScheme.GetCryptoHashAlgorithm(signatureScheme); + + hash = handshakeHash.GetFinalHash(cryptoHashAlgorithm); + } + + signature = credentialedSigner.GenerateRawSignature(hash); + } + + return new DigitallySigned(signatureAndHashAlgorithm, signature); + } + + internal static DigitallySigned Generate13CertificateVerify(TlsContext context, + TlsCredentialedSigner credentialedSigner, TlsHandshakeHash handshakeHash) + { + SignatureAndHashAlgorithm signatureAndHashAlgorithm = credentialedSigner.SignatureAndHashAlgorithm; + if (null == signatureAndHashAlgorithm) + throw new TlsFatalAlert(AlertDescription.internal_error); + + string contextString = context.IsServer + ? "TLS 1.3, server CertificateVerify" + : "TLS 1.3, client CertificateVerify"; + + byte[] signature = Generate13CertificateVerify(context.Crypto, credentialedSigner, contextString, + handshakeHash, signatureAndHashAlgorithm); + + return new DigitallySigned(signatureAndHashAlgorithm, signature); + } + + private static byte[] Generate13CertificateVerify(TlsCrypto crypto, TlsCredentialedSigner credentialedSigner, + string contextString, TlsHandshakeHash handshakeHash, SignatureAndHashAlgorithm signatureAndHashAlgorithm) + { + TlsStreamSigner streamSigner = credentialedSigner.GetStreamSigner(); + + byte[] header = GetCertificateVerifyHeader(contextString); + byte[] prfHash = GetCurrentPrfHash(handshakeHash); + + if (null != streamSigner) + { + Stream output = streamSigner.GetOutputStream(); + output.Write(header, 0, header.Length); + output.Write(prfHash, 0, prfHash.Length); + return streamSigner.GetSignature(); + } + + int signatureScheme = SignatureScheme.From(signatureAndHashAlgorithm); + int cryptoHashAlgorithm = SignatureScheme.GetCryptoHashAlgorithm(signatureScheme); + + TlsHash tlsHash = crypto.CreateHash(cryptoHashAlgorithm); + tlsHash.Update(header, 0, header.Length); + tlsHash.Update(prfHash, 0, prfHash.Length); + byte[] hash = tlsHash.CalculateHash(); + return credentialedSigner.GenerateRawSignature(hash); + } + + internal static void VerifyCertificateVerifyClient(TlsServerContext serverContext, + CertificateRequest certificateRequest, DigitallySigned certificateVerify, TlsHandshakeHash handshakeHash) + { + SecurityParameters securityParameters = serverContext.SecurityParameters; + Certificate clientCertificate = securityParameters.PeerCertificate; + TlsCertificate verifyingCert = clientCertificate.GetCertificateAt(0); + SignatureAndHashAlgorithm sigAndHashAlg = certificateVerify.Algorithm; + short signatureAlgorithm; + + if (null == sigAndHashAlg) + { + signatureAlgorithm = verifyingCert.GetLegacySignatureAlgorithm(); + + short clientCertType = GetLegacyClientCertType(signatureAlgorithm); + if (clientCertType < 0 || !Arrays.Contains(certificateRequest.CertificateTypes, clientCertType)) + throw new TlsFatalAlert(AlertDescription.unsupported_certificate); + } + else + { + signatureAlgorithm = sigAndHashAlg.Signature; + + // TODO Is it possible (maybe only pre-1.2 to check this immediately when the Certificate arrives? + if (!IsValidSignatureAlgorithmForCertificateVerify(signatureAlgorithm, + certificateRequest.CertificateTypes)) + { + throw new TlsFatalAlert(AlertDescription.illegal_parameter); + } + + VerifySupportedSignatureAlgorithm(securityParameters.ServerSigAlgs, sigAndHashAlg); + } + + // Verify the CertificateVerify message contains a correct signature. + bool verified; + try + { + TlsVerifier verifier = verifyingCert.CreateVerifier(signatureAlgorithm); + TlsStreamVerifier streamVerifier = verifier.GetStreamVerifier(certificateVerify); + + if (streamVerifier != null) + { + handshakeHash.CopyBufferTo(streamVerifier.GetOutputStream()); + verified = streamVerifier.IsVerified(); + } + else + { + byte[] hash; + if (IsTlsV12(serverContext)) + { + int signatureScheme = SignatureScheme.From(sigAndHashAlg); + int cryptoHashAlgorithm = SignatureScheme.GetCryptoHashAlgorithm(signatureScheme); + + hash = handshakeHash.GetFinalHash(cryptoHashAlgorithm); + } + else + { + hash = securityParameters.SessionHash; + } + + verified = verifier.VerifyRawSignature(certificateVerify, hash); + } + } + catch (TlsFatalAlert e) + { + throw e; + } + catch (Exception e) + { + throw new TlsFatalAlert(AlertDescription.decrypt_error, e); + } + + if (!verified) + { + throw new TlsFatalAlert(AlertDescription.decrypt_error); + } + } + + internal static void Verify13CertificateVerifyClient(TlsServerContext serverContext, + CertificateRequest certificateRequest, DigitallySigned certificateVerify, TlsHandshakeHash handshakeHash) + { + SecurityParameters securityParameters = serverContext.SecurityParameters; + Certificate clientCertificate = securityParameters.PeerCertificate; + TlsCertificate verifyingCert = clientCertificate.GetCertificateAt(0); + + SignatureAndHashAlgorithm sigAndHashAlg = certificateVerify.Algorithm; + VerifySupportedSignatureAlgorithm(securityParameters.ServerSigAlgs, sigAndHashAlg); + + int signatureScheme = SignatureScheme.From(sigAndHashAlg); + + // Verify the CertificateVerify message contains a correct signature. + bool verified; + try + { + TlsVerifier verifier = verifyingCert.CreateVerifier(signatureScheme); + + verified = Verify13CertificateVerify(serverContext.Crypto, certificateVerify, verifier, + "TLS 1.3, client CertificateVerify", handshakeHash); + } + catch (TlsFatalAlert e) + { + throw e; + } + catch (Exception e) + { + throw new TlsFatalAlert(AlertDescription.decrypt_error, e); + } + + if (!verified) + { + throw new TlsFatalAlert(AlertDescription.decrypt_error); + } + } + + internal static void Verify13CertificateVerifyServer(TlsClientContext clientContext, + DigitallySigned certificateVerify, TlsHandshakeHash handshakeHash) + { + SecurityParameters securityParameters = clientContext.SecurityParameters; + Certificate serverCertificate = securityParameters.PeerCertificate; + TlsCertificate verifyingCert = serverCertificate.GetCertificateAt(0); + + SignatureAndHashAlgorithm sigAndHashAlg = certificateVerify.Algorithm; + VerifySupportedSignatureAlgorithm(securityParameters.ClientSigAlgs, sigAndHashAlg); + + int signatureScheme = SignatureScheme.From(sigAndHashAlg); + + // Verify the CertificateVerify message contains a correct signature. + bool verified; + try + { + TlsVerifier verifier = verifyingCert.CreateVerifier(signatureScheme); + + verified = Verify13CertificateVerify(clientContext.Crypto, certificateVerify, verifier, + "TLS 1.3, server CertificateVerify", handshakeHash); + } + catch (TlsFatalAlert e) + { + throw e; + } + catch (Exception e) + { + throw new TlsFatalAlert(AlertDescription.decrypt_error, e); + } + + if (!verified) + { + throw new TlsFatalAlert(AlertDescription.decrypt_error); + } + } + + private static bool Verify13CertificateVerify(TlsCrypto crypto, DigitallySigned certificateVerify, + TlsVerifier verifier, string contextString, TlsHandshakeHash handshakeHash) + { + TlsStreamVerifier streamVerifier = verifier.GetStreamVerifier(certificateVerify); + + byte[] header = GetCertificateVerifyHeader(contextString); + byte[] prfHash = GetCurrentPrfHash(handshakeHash); + + if (null != streamVerifier) + { + Stream output = streamVerifier.GetOutputStream(); + output.Write(header, 0, header.Length); + output.Write(prfHash, 0, prfHash.Length); + return streamVerifier.IsVerified(); + } + + int signatureScheme = SignatureScheme.From(certificateVerify.Algorithm); + int cryptoHashAlgorithm = SignatureScheme.GetCryptoHashAlgorithm(signatureScheme); + + TlsHash tlsHash = crypto.CreateHash(cryptoHashAlgorithm); + tlsHash.Update(header, 0, header.Length); + tlsHash.Update(prfHash, 0, prfHash.Length); + byte[] hash = tlsHash.CalculateHash(); + return verifier.VerifyRawSignature(certificateVerify, hash); + } + + private static byte[] GetCertificateVerifyHeader(string contextString) + { + int count = contextString.Length; + byte[] header = new byte[64 + count + 1]; + for (int i = 0; i < 64; ++i) + { + header[i] = 0x20; + } + for (int i = 0; i < count; ++i) + { + char c = contextString[i]; + header[64 + i] = (byte)c; + } + header[64 + count] = 0x00; + return header; + } + + /// + internal static void GenerateServerKeyExchangeSignature(TlsContext context, TlsCredentialedSigner credentials, + byte[] extraSignatureInput, DigestInputBuffer digestBuffer) + { + /* + * RFC 5246 4.7. digitally-signed element needs SignatureAndHashAlgorithm from TLS 1.2 + */ + SignatureAndHashAlgorithm algorithm = GetSignatureAndHashAlgorithm(context, credentials); + TlsStreamSigner streamSigner = credentials.GetStreamSigner(); + + byte[] signature; + if (streamSigner != null) + { + SendSignatureInput(context, extraSignatureInput, digestBuffer, streamSigner.GetOutputStream()); + signature = streamSigner.GetSignature(); + } + else + { + byte[] hash = CalculateSignatureHash(context, algorithm, extraSignatureInput, digestBuffer); + signature = credentials.GenerateRawSignature(hash); + } + + DigitallySigned digitallySigned = new DigitallySigned(algorithm, signature); + + digitallySigned.Encode(digestBuffer); + } + + /// + internal static void VerifyServerKeyExchangeSignature(TlsContext context, Stream signatureInput, + TlsCertificate serverCertificate, byte[] extraSignatureInput, DigestInputBuffer digestBuffer) + { + DigitallySigned digitallySigned = DigitallySigned.Parse(context, signatureInput); + + SecurityParameters securityParameters = context.SecurityParameters; + int keyExchangeAlgorithm = securityParameters.KeyExchangeAlgorithm; + + SignatureAndHashAlgorithm sigAndHashAlg = digitallySigned.Algorithm; + short signatureAlgorithm; + + if (sigAndHashAlg == null) + { + signatureAlgorithm = GetLegacySignatureAlgorithmServer(keyExchangeAlgorithm); + } + else + { + signatureAlgorithm = sigAndHashAlg.Signature; + + if (!IsValidSignatureAlgorithmForServerKeyExchange(signatureAlgorithm, keyExchangeAlgorithm)) + throw new TlsFatalAlert(AlertDescription.illegal_parameter); + + VerifySupportedSignatureAlgorithm(securityParameters.ClientSigAlgs, sigAndHashAlg); + } + + TlsVerifier verifier = serverCertificate.CreateVerifier(signatureAlgorithm); + TlsStreamVerifier streamVerifier = verifier.GetStreamVerifier(digitallySigned); + + bool verified; + if (streamVerifier != null) + { + SendSignatureInput(context, null, digestBuffer, streamVerifier.GetOutputStream()); + verified = streamVerifier.IsVerified(); + } + else + { + byte[] hash = CalculateSignatureHash(context, sigAndHashAlg, null, digestBuffer); + verified = verifier.VerifyRawSignature(digitallySigned, hash); + } + + if (!verified) + { + throw new TlsFatalAlert(AlertDescription.decrypt_error); + } + } + + internal static void TrackHashAlgorithms(TlsHandshakeHash handshakeHash, IList supportedSignatureAlgorithms) + { + if (supportedSignatureAlgorithms != null) + { + foreach (SignatureAndHashAlgorithm signatureAndHashAlgorithm in supportedSignatureAlgorithms) + { + /* + * TODO We could validate the signature algorithm part. Currently the impact is + * that we might be tracking extra hashes pointlessly (but there are only a + * limited number of recognized hash algorithms). + */ + int signatureScheme = SignatureScheme.From(signatureAndHashAlgorithm); + int cryptoHashAlgorithm = SignatureScheme.GetCryptoHashAlgorithm(signatureScheme); + + if (cryptoHashAlgorithm >= 0) + { + handshakeHash.TrackHashAlgorithm(cryptoHashAlgorithm); + } + else if (HashAlgorithm.Intrinsic == signatureAndHashAlgorithm.Hash) + { + handshakeHash.ForceBuffering(); + } + } + } + } + + public static bool HasSigningCapability(short clientCertificateType) + { + switch (clientCertificateType) + { + case ClientCertificateType.dss_sign: + case ClientCertificateType.ecdsa_sign: + case ClientCertificateType.rsa_sign: + return true; + default: + return false; + } + } + + public static IList VectorOfOne(object obj) + { + IList v = Platform.CreateArrayList(1); + v.Add(obj); + return v; + } + + public static int GetCipherType(int cipherSuite) + { + int encryptionAlgorithm = GetEncryptionAlgorithm(cipherSuite); + + return GetEncryptionAlgorithmType(encryptionAlgorithm); + } + + public static int GetEncryptionAlgorithm(int cipherSuite) + { + switch (cipherSuite) + { + case CipherSuite.TLS_DH_anon_WITH_3DES_EDE_CBC_SHA: + case CipherSuite.TLS_DH_DSS_WITH_3DES_EDE_CBC_SHA: + case CipherSuite.TLS_DH_RSA_WITH_3DES_EDE_CBC_SHA: + case CipherSuite.TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA: + case CipherSuite.TLS_DHE_PSK_WITH_3DES_EDE_CBC_SHA: + case CipherSuite.TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA: + case CipherSuite.TLS_ECDH_anon_WITH_3DES_EDE_CBC_SHA: + case CipherSuite.TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA: + case CipherSuite.TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA: + case CipherSuite.TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA: + case CipherSuite.TLS_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA: + case CipherSuite.TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA: + case CipherSuite.TLS_PSK_WITH_3DES_EDE_CBC_SHA: + case CipherSuite.TLS_RSA_PSK_WITH_3DES_EDE_CBC_SHA: + case CipherSuite.TLS_RSA_WITH_3DES_EDE_CBC_SHA: + case CipherSuite.TLS_SRP_SHA_DSS_WITH_3DES_EDE_CBC_SHA: + case CipherSuite.TLS_SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHA: + case CipherSuite.TLS_SRP_SHA_WITH_3DES_EDE_CBC_SHA: + return EncryptionAlgorithm.cls_3DES_EDE_CBC; + + case CipherSuite.TLS_DH_anon_WITH_AES_128_CBC_SHA: + case CipherSuite.TLS_DH_anon_WITH_AES_128_CBC_SHA256: + case CipherSuite.TLS_DH_DSS_WITH_AES_128_CBC_SHA: + case CipherSuite.TLS_DH_DSS_WITH_AES_128_CBC_SHA256: + case CipherSuite.TLS_DH_RSA_WITH_AES_128_CBC_SHA: + case CipherSuite.TLS_DH_RSA_WITH_AES_128_CBC_SHA256: + case CipherSuite.TLS_DHE_DSS_WITH_AES_128_CBC_SHA: + case CipherSuite.TLS_DHE_DSS_WITH_AES_128_CBC_SHA256: + case CipherSuite.TLS_DHE_PSK_WITH_AES_128_CBC_SHA: + case CipherSuite.TLS_DHE_PSK_WITH_AES_128_CBC_SHA256: + case CipherSuite.TLS_DHE_RSA_WITH_AES_128_CBC_SHA: + case CipherSuite.TLS_DHE_RSA_WITH_AES_128_CBC_SHA256: + case CipherSuite.TLS_ECDH_anon_WITH_AES_128_CBC_SHA: + case CipherSuite.TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA: + case CipherSuite.TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256: + case CipherSuite.TLS_ECDH_RSA_WITH_AES_128_CBC_SHA: + case CipherSuite.TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256: + case CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA: + case CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256: + case CipherSuite.TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA: + case CipherSuite.TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256: + case CipherSuite.TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA: + case CipherSuite.TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256: + case CipherSuite.TLS_PSK_WITH_AES_128_CBC_SHA: + case CipherSuite.TLS_PSK_WITH_AES_128_CBC_SHA256: + case CipherSuite.TLS_RSA_PSK_WITH_AES_128_CBC_SHA: + case CipherSuite.TLS_RSA_PSK_WITH_AES_128_CBC_SHA256: + case CipherSuite.TLS_RSA_WITH_AES_128_CBC_SHA: + case CipherSuite.TLS_RSA_WITH_AES_128_CBC_SHA256: + case CipherSuite.TLS_SRP_SHA_DSS_WITH_AES_128_CBC_SHA: + case CipherSuite.TLS_SRP_SHA_RSA_WITH_AES_128_CBC_SHA: + case CipherSuite.TLS_SRP_SHA_WITH_AES_128_CBC_SHA: + return EncryptionAlgorithm.AES_128_CBC; + + case CipherSuite.TLS_AES_128_CCM_SHA256: + case CipherSuite.TLS_DHE_PSK_WITH_AES_128_CCM: + case CipherSuite.TLS_DHE_RSA_WITH_AES_128_CCM: + case CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_128_CCM: + case CipherSuite.TLS_ECDHE_PSK_WITH_AES_128_CCM_SHA256: + case CipherSuite.TLS_PSK_WITH_AES_128_CCM: + case CipherSuite.TLS_RSA_WITH_AES_128_CCM: + return EncryptionAlgorithm.AES_128_CCM; + + case CipherSuite.TLS_AES_128_CCM_8_SHA256: + case CipherSuite.TLS_DHE_RSA_WITH_AES_128_CCM_8: + case CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8: + case CipherSuite.TLS_ECDHE_PSK_WITH_AES_128_CCM_8_SHA256: + case CipherSuite.TLS_PSK_DHE_WITH_AES_128_CCM_8: + case CipherSuite.TLS_PSK_WITH_AES_128_CCM_8: + case CipherSuite.TLS_RSA_WITH_AES_128_CCM_8: + return EncryptionAlgorithm.AES_128_CCM_8; + + case CipherSuite.TLS_AES_128_GCM_SHA256: + case CipherSuite.TLS_DH_anon_WITH_AES_128_GCM_SHA256: + case CipherSuite.TLS_DH_DSS_WITH_AES_128_GCM_SHA256: + case CipherSuite.TLS_DH_RSA_WITH_AES_128_GCM_SHA256: + case CipherSuite.TLS_DHE_DSS_WITH_AES_128_GCM_SHA256: + case CipherSuite.TLS_DHE_PSK_WITH_AES_128_GCM_SHA256: + case CipherSuite.TLS_DHE_RSA_WITH_AES_128_GCM_SHA256: + case CipherSuite.TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256: + case CipherSuite.TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256: + case CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256: + case CipherSuite.TLS_ECDHE_PSK_WITH_AES_128_GCM_SHA256: + case CipherSuite.TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256: + case CipherSuite.TLS_PSK_WITH_AES_128_GCM_SHA256: + case CipherSuite.TLS_RSA_PSK_WITH_AES_128_GCM_SHA256: + case CipherSuite.TLS_RSA_WITH_AES_128_GCM_SHA256: + return EncryptionAlgorithm.AES_128_GCM; + + case CipherSuite.TLS_DH_anon_WITH_AES_256_CBC_SHA: + case CipherSuite.TLS_DH_anon_WITH_AES_256_CBC_SHA256: + case CipherSuite.TLS_DH_DSS_WITH_AES_256_CBC_SHA: + case CipherSuite.TLS_DH_DSS_WITH_AES_256_CBC_SHA256: + case CipherSuite.TLS_DH_RSA_WITH_AES_256_CBC_SHA: + case CipherSuite.TLS_DH_RSA_WITH_AES_256_CBC_SHA256: + case CipherSuite.TLS_DHE_DSS_WITH_AES_256_CBC_SHA: + case CipherSuite.TLS_DHE_DSS_WITH_AES_256_CBC_SHA256: + case CipherSuite.TLS_DHE_PSK_WITH_AES_256_CBC_SHA: + case CipherSuite.TLS_DHE_PSK_WITH_AES_256_CBC_SHA384: + case CipherSuite.TLS_DHE_RSA_WITH_AES_256_CBC_SHA: + case CipherSuite.TLS_DHE_RSA_WITH_AES_256_CBC_SHA256: + case CipherSuite.TLS_ECDH_anon_WITH_AES_256_CBC_SHA: + case CipherSuite.TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA: + case CipherSuite.TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384: + case CipherSuite.TLS_ECDH_RSA_WITH_AES_256_CBC_SHA: + case CipherSuite.TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384: + case CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA: + case CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384: + case CipherSuite.TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA: + case CipherSuite.TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384: + case CipherSuite.TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA: + case CipherSuite.TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384: + case CipherSuite.TLS_PSK_WITH_AES_256_CBC_SHA: + case CipherSuite.TLS_PSK_WITH_AES_256_CBC_SHA384: + case CipherSuite.TLS_RSA_PSK_WITH_AES_256_CBC_SHA: + case CipherSuite.TLS_RSA_PSK_WITH_AES_256_CBC_SHA384: + case CipherSuite.TLS_RSA_WITH_AES_256_CBC_SHA: + case CipherSuite.TLS_RSA_WITH_AES_256_CBC_SHA256: + case CipherSuite.TLS_SRP_SHA_DSS_WITH_AES_256_CBC_SHA: + case CipherSuite.TLS_SRP_SHA_RSA_WITH_AES_256_CBC_SHA: + case CipherSuite.TLS_SRP_SHA_WITH_AES_256_CBC_SHA: + return EncryptionAlgorithm.AES_256_CBC; + + case CipherSuite.TLS_DHE_PSK_WITH_AES_256_CCM: + case CipherSuite.TLS_DHE_RSA_WITH_AES_256_CCM: + case CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_256_CCM: + case CipherSuite.TLS_PSK_WITH_AES_256_CCM: + case CipherSuite.TLS_RSA_WITH_AES_256_CCM: + return EncryptionAlgorithm.AES_256_CCM; + + case CipherSuite.TLS_DHE_RSA_WITH_AES_256_CCM_8: + case CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_256_CCM_8: + case CipherSuite.TLS_PSK_DHE_WITH_AES_256_CCM_8: + case CipherSuite.TLS_PSK_WITH_AES_256_CCM_8: + case CipherSuite.TLS_RSA_WITH_AES_256_CCM_8: + return EncryptionAlgorithm.AES_256_CCM_8; + + case CipherSuite.TLS_AES_256_GCM_SHA384: + case CipherSuite.TLS_DH_anon_WITH_AES_256_GCM_SHA384: + case CipherSuite.TLS_DH_DSS_WITH_AES_256_GCM_SHA384: + case CipherSuite.TLS_DH_RSA_WITH_AES_256_GCM_SHA384: + case CipherSuite.TLS_DHE_DSS_WITH_AES_256_GCM_SHA384: + case CipherSuite.TLS_DHE_PSK_WITH_AES_256_GCM_SHA384: + case CipherSuite.TLS_DHE_RSA_WITH_AES_256_GCM_SHA384: + case CipherSuite.TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384: + case CipherSuite.TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384: + case CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384: + case CipherSuite.TLS_ECDHE_PSK_WITH_AES_256_GCM_SHA384: + case CipherSuite.TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384: + case CipherSuite.TLS_PSK_WITH_AES_256_GCM_SHA384: + case CipherSuite.TLS_RSA_PSK_WITH_AES_256_GCM_SHA384: + case CipherSuite.TLS_RSA_WITH_AES_256_GCM_SHA384: + return EncryptionAlgorithm.AES_256_GCM; + + case CipherSuite.TLS_DH_anon_WITH_ARIA_128_CBC_SHA256: + case CipherSuite.TLS_DH_DSS_WITH_ARIA_128_CBC_SHA256: + case CipherSuite.TLS_DH_RSA_WITH_ARIA_128_CBC_SHA256: + case CipherSuite.TLS_DHE_DSS_WITH_ARIA_128_CBC_SHA256: + case CipherSuite.TLS_DHE_PSK_WITH_ARIA_128_CBC_SHA256: + case CipherSuite.TLS_DHE_RSA_WITH_ARIA_128_CBC_SHA256: + case CipherSuite.TLS_ECDH_ECDSA_WITH_ARIA_128_CBC_SHA256: + case CipherSuite.TLS_ECDH_RSA_WITH_ARIA_128_CBC_SHA256: + case CipherSuite.TLS_ECDHE_ECDSA_WITH_ARIA_128_CBC_SHA256: + case CipherSuite.TLS_ECDHE_PSK_WITH_ARIA_128_CBC_SHA256: + case CipherSuite.TLS_ECDHE_RSA_WITH_ARIA_128_CBC_SHA256: + case CipherSuite.TLS_PSK_WITH_ARIA_128_CBC_SHA256: + case CipherSuite.TLS_RSA_WITH_ARIA_128_CBC_SHA256: + case CipherSuite.TLS_RSA_PSK_WITH_ARIA_128_CBC_SHA256: + return EncryptionAlgorithm.ARIA_128_CBC; + + case CipherSuite.TLS_DH_anon_WITH_ARIA_128_GCM_SHA256: + case CipherSuite.TLS_DH_DSS_WITH_ARIA_128_GCM_SHA256: + case CipherSuite.TLS_DH_RSA_WITH_ARIA_128_GCM_SHA256: + case CipherSuite.TLS_DHE_DSS_WITH_ARIA_128_GCM_SHA256: + case CipherSuite.TLS_DHE_PSK_WITH_ARIA_128_GCM_SHA256: + case CipherSuite.TLS_DHE_RSA_WITH_ARIA_128_GCM_SHA256: + case CipherSuite.TLS_ECDH_ECDSA_WITH_ARIA_128_GCM_SHA256: + case CipherSuite.TLS_ECDH_RSA_WITH_ARIA_128_GCM_SHA256: + case CipherSuite.TLS_ECDHE_ECDSA_WITH_ARIA_128_GCM_SHA256: + case CipherSuite.TLS_ECDHE_RSA_WITH_ARIA_128_GCM_SHA256: + case CipherSuite.TLS_PSK_WITH_ARIA_128_GCM_SHA256: + case CipherSuite.TLS_RSA_WITH_ARIA_128_GCM_SHA256: + case CipherSuite.TLS_RSA_PSK_WITH_ARIA_128_GCM_SHA256: + return EncryptionAlgorithm.ARIA_128_GCM; + + case CipherSuite.TLS_DH_anon_WITH_ARIA_256_CBC_SHA384: + case CipherSuite.TLS_DH_DSS_WITH_ARIA_256_CBC_SHA384: + case CipherSuite.TLS_DH_RSA_WITH_ARIA_256_CBC_SHA384: + case CipherSuite.TLS_DHE_DSS_WITH_ARIA_256_CBC_SHA384: + case CipherSuite.TLS_DHE_PSK_WITH_ARIA_256_CBC_SHA384: + case CipherSuite.TLS_DHE_RSA_WITH_ARIA_256_CBC_SHA384: + case CipherSuite.TLS_ECDH_ECDSA_WITH_ARIA_256_CBC_SHA384: + case CipherSuite.TLS_ECDH_RSA_WITH_ARIA_256_CBC_SHA384: + case CipherSuite.TLS_ECDHE_ECDSA_WITH_ARIA_256_CBC_SHA384: + case CipherSuite.TLS_ECDHE_PSK_WITH_ARIA_256_CBC_SHA384: + case CipherSuite.TLS_ECDHE_RSA_WITH_ARIA_256_CBC_SHA384: + case CipherSuite.TLS_PSK_WITH_ARIA_256_CBC_SHA384: + case CipherSuite.TLS_RSA_WITH_ARIA_256_CBC_SHA384: + case CipherSuite.TLS_RSA_PSK_WITH_ARIA_256_CBC_SHA384: + return EncryptionAlgorithm.ARIA_256_CBC; + + case CipherSuite.TLS_DH_anon_WITH_ARIA_256_GCM_SHA384: + case CipherSuite.TLS_DH_DSS_WITH_ARIA_256_GCM_SHA384: + case CipherSuite.TLS_DH_RSA_WITH_ARIA_256_GCM_SHA384: + case CipherSuite.TLS_DHE_DSS_WITH_ARIA_256_GCM_SHA384: + case CipherSuite.TLS_DHE_PSK_WITH_ARIA_256_GCM_SHA384: + case CipherSuite.TLS_DHE_RSA_WITH_ARIA_256_GCM_SHA384: + case CipherSuite.TLS_ECDH_ECDSA_WITH_ARIA_256_GCM_SHA384: + case CipherSuite.TLS_ECDH_RSA_WITH_ARIA_256_GCM_SHA384: + case CipherSuite.TLS_ECDHE_ECDSA_WITH_ARIA_256_GCM_SHA384: + case CipherSuite.TLS_ECDHE_RSA_WITH_ARIA_256_GCM_SHA384: + case CipherSuite.TLS_PSK_WITH_ARIA_256_GCM_SHA384: + case CipherSuite.TLS_RSA_WITH_ARIA_256_GCM_SHA384: + case CipherSuite.TLS_RSA_PSK_WITH_ARIA_256_GCM_SHA384: + return EncryptionAlgorithm.ARIA_256_GCM; + + case CipherSuite.TLS_DH_anon_WITH_CAMELLIA_128_CBC_SHA: + case CipherSuite.TLS_DH_anon_WITH_CAMELLIA_128_CBC_SHA256: + case CipherSuite.TLS_DH_DSS_WITH_CAMELLIA_128_CBC_SHA: + case CipherSuite.TLS_DH_DSS_WITH_CAMELLIA_128_CBC_SHA256: + case CipherSuite.TLS_DH_RSA_WITH_CAMELLIA_128_CBC_SHA: + case CipherSuite.TLS_DH_RSA_WITH_CAMELLIA_128_CBC_SHA256: + case CipherSuite.TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA: + case CipherSuite.TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA256: + case CipherSuite.TLS_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256: + case CipherSuite.TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA: + case CipherSuite.TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256: + case CipherSuite.TLS_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256: + case CipherSuite.TLS_ECDH_RSA_WITH_CAMELLIA_128_CBC_SHA256: + case CipherSuite.TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256: + case CipherSuite.TLS_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256: + case CipherSuite.TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256: + case CipherSuite.TLS_PSK_WITH_CAMELLIA_128_CBC_SHA256: + case CipherSuite.TLS_RSA_WITH_CAMELLIA_128_CBC_SHA: + case CipherSuite.TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256: + case CipherSuite.TLS_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256: + return EncryptionAlgorithm.CAMELLIA_128_CBC; + + case CipherSuite.TLS_DH_anon_WITH_CAMELLIA_128_GCM_SHA256: + case CipherSuite.TLS_DH_DSS_WITH_CAMELLIA_128_GCM_SHA256: + case CipherSuite.TLS_DH_RSA_WITH_CAMELLIA_128_GCM_SHA256: + case CipherSuite.TLS_DHE_DSS_WITH_CAMELLIA_128_GCM_SHA256: + case CipherSuite.TLS_DHE_PSK_WITH_CAMELLIA_128_GCM_SHA256: + case CipherSuite.TLS_DHE_RSA_WITH_CAMELLIA_128_GCM_SHA256: + case CipherSuite.TLS_ECDH_ECDSA_WITH_CAMELLIA_128_GCM_SHA256: + case CipherSuite.TLS_ECDH_RSA_WITH_CAMELLIA_128_GCM_SHA256: + case CipherSuite.TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_GCM_SHA256: + case CipherSuite.TLS_ECDHE_RSA_WITH_CAMELLIA_128_GCM_SHA256: + case CipherSuite.TLS_PSK_WITH_CAMELLIA_128_GCM_SHA256: + case CipherSuite.TLS_RSA_PSK_WITH_CAMELLIA_128_GCM_SHA256: + case CipherSuite.TLS_RSA_WITH_CAMELLIA_128_GCM_SHA256: + return EncryptionAlgorithm.CAMELLIA_128_GCM; + + case CipherSuite.TLS_DH_anon_WITH_CAMELLIA_256_CBC_SHA: + case CipherSuite.TLS_DH_anon_WITH_CAMELLIA_256_CBC_SHA256: + case CipherSuite.TLS_DH_DSS_WITH_CAMELLIA_256_CBC_SHA: + case CipherSuite.TLS_DH_DSS_WITH_CAMELLIA_256_CBC_SHA256: + case CipherSuite.TLS_DH_RSA_WITH_CAMELLIA_256_CBC_SHA: + case CipherSuite.TLS_DH_RSA_WITH_CAMELLIA_256_CBC_SHA256: + case CipherSuite.TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA: + case CipherSuite.TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA256: + case CipherSuite.TLS_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384: + case CipherSuite.TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA: + case CipherSuite.TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256: + case CipherSuite.TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384: + case CipherSuite.TLS_ECDH_RSA_WITH_CAMELLIA_256_CBC_SHA384: + case CipherSuite.TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384: + case CipherSuite.TLS_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384: + case CipherSuite.TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384: + case CipherSuite.TLS_PSK_WITH_CAMELLIA_256_CBC_SHA384: + case CipherSuite.TLS_RSA_WITH_CAMELLIA_256_CBC_SHA: + case CipherSuite.TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256: + case CipherSuite.TLS_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384: + return EncryptionAlgorithm.CAMELLIA_256_CBC; + + case CipherSuite.TLS_DH_anon_WITH_CAMELLIA_256_GCM_SHA384: + case CipherSuite.TLS_DH_DSS_WITH_CAMELLIA_256_GCM_SHA384: + case CipherSuite.TLS_DH_RSA_WITH_CAMELLIA_256_GCM_SHA384: + case CipherSuite.TLS_DHE_DSS_WITH_CAMELLIA_256_GCM_SHA384: + case CipherSuite.TLS_DHE_PSK_WITH_CAMELLIA_256_GCM_SHA384: + case CipherSuite.TLS_DHE_RSA_WITH_CAMELLIA_256_GCM_SHA384: + case CipherSuite.TLS_ECDH_ECDSA_WITH_CAMELLIA_256_GCM_SHA384: + case CipherSuite.TLS_ECDH_RSA_WITH_CAMELLIA_256_GCM_SHA384: + case CipherSuite.TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_GCM_SHA384: + case CipherSuite.TLS_ECDHE_RSA_WITH_CAMELLIA_256_GCM_SHA384: + case CipherSuite.TLS_PSK_WITH_CAMELLIA_256_GCM_SHA384: + case CipherSuite.TLS_RSA_PSK_WITH_CAMELLIA_256_GCM_SHA384: + case CipherSuite.TLS_RSA_WITH_CAMELLIA_256_GCM_SHA384: + return EncryptionAlgorithm.CAMELLIA_256_GCM; + + case CipherSuite.TLS_CHACHA20_POLY1305_SHA256: + case CipherSuite.TLS_DHE_PSK_WITH_CHACHA20_POLY1305_SHA256: + case CipherSuite.TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256: + case CipherSuite.TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256: + case CipherSuite.TLS_ECDHE_PSK_WITH_CHACHA20_POLY1305_SHA256: + case CipherSuite.TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256: + case CipherSuite.TLS_PSK_WITH_CHACHA20_POLY1305_SHA256: + case CipherSuite.TLS_RSA_PSK_WITH_CHACHA20_POLY1305_SHA256: + return EncryptionAlgorithm.CHACHA20_POLY1305; + + case CipherSuite.TLS_DHE_PSK_WITH_NULL_SHA: + case CipherSuite.TLS_ECDH_anon_WITH_NULL_SHA: + case CipherSuite.TLS_ECDH_ECDSA_WITH_NULL_SHA: + case CipherSuite.TLS_ECDH_RSA_WITH_NULL_SHA: + case CipherSuite.TLS_ECDHE_ECDSA_WITH_NULL_SHA: + case CipherSuite.TLS_ECDHE_PSK_WITH_NULL_SHA: + case CipherSuite.TLS_ECDHE_RSA_WITH_NULL_SHA: + case CipherSuite.TLS_PSK_WITH_NULL_SHA: + case CipherSuite.TLS_RSA_PSK_WITH_NULL_SHA: + case CipherSuite.TLS_RSA_WITH_NULL_SHA: + return EncryptionAlgorithm.NULL; + + case CipherSuite.TLS_DHE_PSK_WITH_NULL_SHA256: + case CipherSuite.TLS_ECDHE_PSK_WITH_NULL_SHA256: + case CipherSuite.TLS_PSK_WITH_NULL_SHA256: + case CipherSuite.TLS_RSA_PSK_WITH_NULL_SHA256: + case CipherSuite.TLS_RSA_WITH_NULL_SHA256: + return EncryptionAlgorithm.NULL; + + case CipherSuite.TLS_DHE_PSK_WITH_NULL_SHA384: + case CipherSuite.TLS_ECDHE_PSK_WITH_NULL_SHA384: + case CipherSuite.TLS_PSK_WITH_NULL_SHA384: + case CipherSuite.TLS_RSA_PSK_WITH_NULL_SHA384: + return EncryptionAlgorithm.NULL; + + case CipherSuite.TLS_DH_anon_WITH_SEED_CBC_SHA: + case CipherSuite.TLS_DH_DSS_WITH_SEED_CBC_SHA: + case CipherSuite.TLS_DH_RSA_WITH_SEED_CBC_SHA: + case CipherSuite.TLS_DHE_DSS_WITH_SEED_CBC_SHA: + case CipherSuite.TLS_DHE_RSA_WITH_SEED_CBC_SHA: + case CipherSuite.TLS_RSA_WITH_SEED_CBC_SHA: + return EncryptionAlgorithm.SEED_CBC; + + case CipherSuite.TLS_SM4_CCM_SM3: + return EncryptionAlgorithm.SM4_CCM; + + case CipherSuite.TLS_SM4_GCM_SM3: + return EncryptionAlgorithm.SM4_GCM; + + default: + return -1; + } + } + + public static int GetEncryptionAlgorithmType(int encryptionAlgorithm) + { + switch (encryptionAlgorithm) + { + case EncryptionAlgorithm.AES_128_CCM: + case EncryptionAlgorithm.AES_128_CCM_8: + case EncryptionAlgorithm.AES_128_GCM: + case EncryptionAlgorithm.AES_256_CCM: + case EncryptionAlgorithm.AES_256_CCM_8: + case EncryptionAlgorithm.AES_256_GCM: + case EncryptionAlgorithm.ARIA_128_GCM: + case EncryptionAlgorithm.ARIA_256_GCM: + case EncryptionAlgorithm.CAMELLIA_128_GCM: + case EncryptionAlgorithm.CAMELLIA_256_GCM: + case EncryptionAlgorithm.CHACHA20_POLY1305: + case EncryptionAlgorithm.SM4_CCM: + case EncryptionAlgorithm.SM4_GCM: + return CipherType.aead; + + case EncryptionAlgorithm.RC2_CBC_40: + case EncryptionAlgorithm.IDEA_CBC: + case EncryptionAlgorithm.DES40_CBC: + case EncryptionAlgorithm.DES_CBC: + case EncryptionAlgorithm.cls_3DES_EDE_CBC: + case EncryptionAlgorithm.AES_128_CBC: + case EncryptionAlgorithm.AES_256_CBC: + case EncryptionAlgorithm.ARIA_128_CBC: + case EncryptionAlgorithm.ARIA_256_CBC: + case EncryptionAlgorithm.CAMELLIA_128_CBC: + case EncryptionAlgorithm.CAMELLIA_256_CBC: + case EncryptionAlgorithm.SEED_CBC: + case EncryptionAlgorithm.SM4_CBC: + return CipherType.block; + + case EncryptionAlgorithm.NULL: + case EncryptionAlgorithm.RC4_40: + case EncryptionAlgorithm.RC4_128: + return CipherType.stream; + + default: + return -1; + } + } + + public static int GetKeyExchangeAlgorithm(int cipherSuite) + { + switch (cipherSuite) + { + case CipherSuite.TLS_DH_anon_WITH_3DES_EDE_CBC_SHA: + case CipherSuite.TLS_DH_anon_WITH_AES_128_CBC_SHA: + case CipherSuite.TLS_DH_anon_WITH_AES_128_CBC_SHA256: + case CipherSuite.TLS_DH_anon_WITH_AES_128_GCM_SHA256: + case CipherSuite.TLS_DH_anon_WITH_AES_256_CBC_SHA: + case CipherSuite.TLS_DH_anon_WITH_AES_256_CBC_SHA256: + case CipherSuite.TLS_DH_anon_WITH_AES_256_GCM_SHA384: + case CipherSuite.TLS_DH_anon_WITH_ARIA_128_CBC_SHA256: + case CipherSuite.TLS_DH_anon_WITH_ARIA_128_GCM_SHA256: + case CipherSuite.TLS_DH_anon_WITH_ARIA_256_CBC_SHA384: + case CipherSuite.TLS_DH_anon_WITH_ARIA_256_GCM_SHA384: + case CipherSuite.TLS_DH_anon_WITH_CAMELLIA_128_CBC_SHA: + case CipherSuite.TLS_DH_anon_WITH_CAMELLIA_128_CBC_SHA256: + case CipherSuite.TLS_DH_anon_WITH_CAMELLIA_128_GCM_SHA256: + case CipherSuite.TLS_DH_anon_WITH_CAMELLIA_256_CBC_SHA: + case CipherSuite.TLS_DH_anon_WITH_CAMELLIA_256_CBC_SHA256: + case CipherSuite.TLS_DH_anon_WITH_CAMELLIA_256_GCM_SHA384: + case CipherSuite.TLS_DH_anon_WITH_SEED_CBC_SHA: + return KeyExchangeAlgorithm.DH_anon; + + case CipherSuite.TLS_DH_DSS_WITH_3DES_EDE_CBC_SHA: + case CipherSuite.TLS_DH_DSS_WITH_AES_128_CBC_SHA: + case CipherSuite.TLS_DH_DSS_WITH_AES_128_CBC_SHA256: + case CipherSuite.TLS_DH_DSS_WITH_AES_128_GCM_SHA256: + case CipherSuite.TLS_DH_DSS_WITH_AES_256_CBC_SHA: + case CipherSuite.TLS_DH_DSS_WITH_AES_256_CBC_SHA256: + case CipherSuite.TLS_DH_DSS_WITH_AES_256_GCM_SHA384: + case CipherSuite.TLS_DH_DSS_WITH_ARIA_128_CBC_SHA256: + case CipherSuite.TLS_DH_DSS_WITH_ARIA_128_GCM_SHA256: + case CipherSuite.TLS_DH_DSS_WITH_ARIA_256_CBC_SHA384: + case CipherSuite.TLS_DH_DSS_WITH_ARIA_256_GCM_SHA384: + case CipherSuite.TLS_DH_DSS_WITH_CAMELLIA_128_CBC_SHA: + case CipherSuite.TLS_DH_DSS_WITH_CAMELLIA_128_CBC_SHA256: + case CipherSuite.TLS_DH_DSS_WITH_CAMELLIA_128_GCM_SHA256: + case CipherSuite.TLS_DH_DSS_WITH_CAMELLIA_256_CBC_SHA: + case CipherSuite.TLS_DH_DSS_WITH_CAMELLIA_256_CBC_SHA256: + case CipherSuite.TLS_DH_DSS_WITH_CAMELLIA_256_GCM_SHA384: + case CipherSuite.TLS_DH_DSS_WITH_SEED_CBC_SHA: + return KeyExchangeAlgorithm.DH_DSS; + + case CipherSuite.TLS_DH_RSA_WITH_3DES_EDE_CBC_SHA: + case CipherSuite.TLS_DH_RSA_WITH_AES_128_CBC_SHA: + case CipherSuite.TLS_DH_RSA_WITH_AES_128_CBC_SHA256: + case CipherSuite.TLS_DH_RSA_WITH_AES_128_GCM_SHA256: + case CipherSuite.TLS_DH_RSA_WITH_AES_256_CBC_SHA: + case CipherSuite.TLS_DH_RSA_WITH_AES_256_CBC_SHA256: + case CipherSuite.TLS_DH_RSA_WITH_AES_256_GCM_SHA384: + case CipherSuite.TLS_DH_RSA_WITH_ARIA_128_CBC_SHA256: + case CipherSuite.TLS_DH_RSA_WITH_ARIA_128_GCM_SHA256: + case CipherSuite.TLS_DH_RSA_WITH_ARIA_256_CBC_SHA384: + case CipherSuite.TLS_DH_RSA_WITH_ARIA_256_GCM_SHA384: + case CipherSuite.TLS_DH_RSA_WITH_CAMELLIA_128_CBC_SHA: + case CipherSuite.TLS_DH_RSA_WITH_CAMELLIA_128_CBC_SHA256: + case CipherSuite.TLS_DH_RSA_WITH_CAMELLIA_128_GCM_SHA256: + case CipherSuite.TLS_DH_RSA_WITH_CAMELLIA_256_CBC_SHA: + case CipherSuite.TLS_DH_RSA_WITH_CAMELLIA_256_CBC_SHA256: + case CipherSuite.TLS_DH_RSA_WITH_CAMELLIA_256_GCM_SHA384: + case CipherSuite.TLS_DH_RSA_WITH_SEED_CBC_SHA: + return KeyExchangeAlgorithm.DH_RSA; + + case CipherSuite.TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA: + case CipherSuite.TLS_DHE_DSS_WITH_AES_128_CBC_SHA: + case CipherSuite.TLS_DHE_DSS_WITH_AES_128_CBC_SHA256: + case CipherSuite.TLS_DHE_DSS_WITH_AES_128_GCM_SHA256: + case CipherSuite.TLS_DHE_DSS_WITH_AES_256_CBC_SHA: + case CipherSuite.TLS_DHE_DSS_WITH_AES_256_CBC_SHA256: + case CipherSuite.TLS_DHE_DSS_WITH_AES_256_GCM_SHA384: + case CipherSuite.TLS_DHE_DSS_WITH_ARIA_128_CBC_SHA256: + case CipherSuite.TLS_DHE_DSS_WITH_ARIA_128_GCM_SHA256: + case CipherSuite.TLS_DHE_DSS_WITH_ARIA_256_CBC_SHA384: + case CipherSuite.TLS_DHE_DSS_WITH_ARIA_256_GCM_SHA384: + case CipherSuite.TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA: + case CipherSuite.TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA256: + case CipherSuite.TLS_DHE_DSS_WITH_CAMELLIA_128_GCM_SHA256: + case CipherSuite.TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA: + case CipherSuite.TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA256: + case CipherSuite.TLS_DHE_DSS_WITH_CAMELLIA_256_GCM_SHA384: + case CipherSuite.TLS_DHE_DSS_WITH_SEED_CBC_SHA: + return KeyExchangeAlgorithm.DHE_DSS; + + case CipherSuite.TLS_DHE_PSK_WITH_3DES_EDE_CBC_SHA: + case CipherSuite.TLS_DHE_PSK_WITH_AES_128_CBC_SHA: + case CipherSuite.TLS_DHE_PSK_WITH_AES_128_CBC_SHA256: + case CipherSuite.TLS_DHE_PSK_WITH_AES_128_CCM: + case CipherSuite.TLS_DHE_PSK_WITH_AES_128_GCM_SHA256: + case CipherSuite.TLS_DHE_PSK_WITH_AES_256_CBC_SHA: + case CipherSuite.TLS_DHE_PSK_WITH_AES_256_CBC_SHA384: + case CipherSuite.TLS_DHE_PSK_WITH_AES_256_CCM: + case CipherSuite.TLS_DHE_PSK_WITH_AES_256_GCM_SHA384: + case CipherSuite.TLS_DHE_PSK_WITH_ARIA_128_CBC_SHA256: + case CipherSuite.TLS_DHE_PSK_WITH_ARIA_128_GCM_SHA256: + case CipherSuite.TLS_DHE_PSK_WITH_ARIA_256_CBC_SHA384: + case CipherSuite.TLS_DHE_PSK_WITH_ARIA_256_GCM_SHA384: + case CipherSuite.TLS_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256: + case CipherSuite.TLS_DHE_PSK_WITH_CAMELLIA_128_GCM_SHA256: + case CipherSuite.TLS_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384: + case CipherSuite.TLS_DHE_PSK_WITH_CAMELLIA_256_GCM_SHA384: + case CipherSuite.TLS_DHE_PSK_WITH_CHACHA20_POLY1305_SHA256: + case CipherSuite.TLS_DHE_PSK_WITH_NULL_SHA: + case CipherSuite.TLS_DHE_PSK_WITH_NULL_SHA256: + case CipherSuite.TLS_DHE_PSK_WITH_NULL_SHA384: + case CipherSuite.TLS_PSK_DHE_WITH_AES_128_CCM_8: + case CipherSuite.TLS_PSK_DHE_WITH_AES_256_CCM_8: + return KeyExchangeAlgorithm.DHE_PSK; + + case CipherSuite.TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA: + case CipherSuite.TLS_DHE_RSA_WITH_AES_128_CBC_SHA: + case CipherSuite.TLS_DHE_RSA_WITH_AES_128_CBC_SHA256: + case CipherSuite.TLS_DHE_RSA_WITH_AES_128_CCM: + case CipherSuite.TLS_DHE_RSA_WITH_AES_128_CCM_8: + case CipherSuite.TLS_DHE_RSA_WITH_AES_128_GCM_SHA256: + case CipherSuite.TLS_DHE_RSA_WITH_AES_256_CBC_SHA: + case CipherSuite.TLS_DHE_RSA_WITH_AES_256_CBC_SHA256: + case CipherSuite.TLS_DHE_RSA_WITH_AES_256_CCM: + case CipherSuite.TLS_DHE_RSA_WITH_AES_256_CCM_8: + case CipherSuite.TLS_DHE_RSA_WITH_AES_256_GCM_SHA384: + case CipherSuite.TLS_DHE_RSA_WITH_ARIA_128_CBC_SHA256: + case CipherSuite.TLS_DHE_RSA_WITH_ARIA_128_GCM_SHA256: + case CipherSuite.TLS_DHE_RSA_WITH_ARIA_256_CBC_SHA384: + case CipherSuite.TLS_DHE_RSA_WITH_ARIA_256_GCM_SHA384: + case CipherSuite.TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA: + case CipherSuite.TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256: + case CipherSuite.TLS_DHE_RSA_WITH_CAMELLIA_128_GCM_SHA256: + case CipherSuite.TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA: + case CipherSuite.TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256: + case CipherSuite.TLS_DHE_RSA_WITH_CAMELLIA_256_GCM_SHA384: + case CipherSuite.TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256: + case CipherSuite.TLS_DHE_RSA_WITH_SEED_CBC_SHA: + return KeyExchangeAlgorithm.DHE_RSA; + + case CipherSuite.TLS_ECDH_anon_WITH_3DES_EDE_CBC_SHA: + case CipherSuite.TLS_ECDH_anon_WITH_AES_128_CBC_SHA: + case CipherSuite.TLS_ECDH_anon_WITH_AES_256_CBC_SHA: + case CipherSuite.TLS_ECDH_anon_WITH_NULL_SHA: + return KeyExchangeAlgorithm.ECDH_anon; + + case CipherSuite.TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA: + case CipherSuite.TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA: + case CipherSuite.TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256: + case CipherSuite.TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256: + case CipherSuite.TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA: + case CipherSuite.TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384: + case CipherSuite.TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384: + case CipherSuite.TLS_ECDH_ECDSA_WITH_ARIA_128_CBC_SHA256: + case CipherSuite.TLS_ECDH_ECDSA_WITH_ARIA_128_GCM_SHA256: + case CipherSuite.TLS_ECDH_ECDSA_WITH_ARIA_256_CBC_SHA384: + case CipherSuite.TLS_ECDH_ECDSA_WITH_ARIA_256_GCM_SHA384: + case CipherSuite.TLS_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256: + case CipherSuite.TLS_ECDH_ECDSA_WITH_CAMELLIA_128_GCM_SHA256: + case CipherSuite.TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384: + case CipherSuite.TLS_ECDH_ECDSA_WITH_CAMELLIA_256_GCM_SHA384: + case CipherSuite.TLS_ECDH_ECDSA_WITH_NULL_SHA: + return KeyExchangeAlgorithm.ECDH_ECDSA; + + case CipherSuite.TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA: + case CipherSuite.TLS_ECDH_RSA_WITH_AES_128_CBC_SHA: + case CipherSuite.TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256: + case CipherSuite.TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256: + case CipherSuite.TLS_ECDH_RSA_WITH_AES_256_CBC_SHA: + case CipherSuite.TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384: + case CipherSuite.TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384: + case CipherSuite.TLS_ECDH_RSA_WITH_ARIA_128_CBC_SHA256: + case CipherSuite.TLS_ECDH_RSA_WITH_ARIA_128_GCM_SHA256: + case CipherSuite.TLS_ECDH_RSA_WITH_ARIA_256_CBC_SHA384: + case CipherSuite.TLS_ECDH_RSA_WITH_ARIA_256_GCM_SHA384: + case CipherSuite.TLS_ECDH_RSA_WITH_CAMELLIA_128_CBC_SHA256: + case CipherSuite.TLS_ECDH_RSA_WITH_CAMELLIA_128_GCM_SHA256: + case CipherSuite.TLS_ECDH_RSA_WITH_CAMELLIA_256_CBC_SHA384: + case CipherSuite.TLS_ECDH_RSA_WITH_CAMELLIA_256_GCM_SHA384: + case CipherSuite.TLS_ECDH_RSA_WITH_NULL_SHA: + return KeyExchangeAlgorithm.ECDH_RSA; + + case CipherSuite.TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA: + case CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA: + case CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256: + case CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_128_CCM: + case CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8: + case CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256: + case CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA: + case CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384: + case CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_256_CCM: + case CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_256_CCM_8: + case CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384: + case CipherSuite.TLS_ECDHE_ECDSA_WITH_ARIA_128_CBC_SHA256: + case CipherSuite.TLS_ECDHE_ECDSA_WITH_ARIA_128_GCM_SHA256: + case CipherSuite.TLS_ECDHE_ECDSA_WITH_ARIA_256_CBC_SHA384: + case CipherSuite.TLS_ECDHE_ECDSA_WITH_ARIA_256_GCM_SHA384: + case CipherSuite.TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256: + case CipherSuite.TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_GCM_SHA256: + case CipherSuite.TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384: + case CipherSuite.TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_GCM_SHA384: + case CipherSuite.TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256: + case CipherSuite.TLS_ECDHE_ECDSA_WITH_NULL_SHA: + return KeyExchangeAlgorithm.ECDHE_ECDSA; + + case CipherSuite.TLS_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA: + case CipherSuite.TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA: + case CipherSuite.TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256: + case CipherSuite.TLS_ECDHE_PSK_WITH_AES_128_CCM_8_SHA256: + case CipherSuite.TLS_ECDHE_PSK_WITH_AES_128_CCM_SHA256: + case CipherSuite.TLS_ECDHE_PSK_WITH_AES_128_GCM_SHA256: + case CipherSuite.TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA: + case CipherSuite.TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384: + case CipherSuite.TLS_ECDHE_PSK_WITH_AES_256_GCM_SHA384: + case CipherSuite.TLS_ECDHE_PSK_WITH_ARIA_128_CBC_SHA256: + case CipherSuite.TLS_ECDHE_PSK_WITH_ARIA_256_CBC_SHA384: + case CipherSuite.TLS_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256: + case CipherSuite.TLS_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384: + case CipherSuite.TLS_ECDHE_PSK_WITH_CHACHA20_POLY1305_SHA256: + case CipherSuite.TLS_ECDHE_PSK_WITH_NULL_SHA: + case CipherSuite.TLS_ECDHE_PSK_WITH_NULL_SHA256: + case CipherSuite.TLS_ECDHE_PSK_WITH_NULL_SHA384: + return KeyExchangeAlgorithm.ECDHE_PSK; + + case CipherSuite.TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA: + case CipherSuite.TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA: + case CipherSuite.TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256: + case CipherSuite.TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256: + case CipherSuite.TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA: + case CipherSuite.TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384: + case CipherSuite.TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384: + case CipherSuite.TLS_ECDHE_RSA_WITH_ARIA_128_CBC_SHA256: + case CipherSuite.TLS_ECDHE_RSA_WITH_ARIA_128_GCM_SHA256: + case CipherSuite.TLS_ECDHE_RSA_WITH_ARIA_256_CBC_SHA384: + case CipherSuite.TLS_ECDHE_RSA_WITH_ARIA_256_GCM_SHA384: + case CipherSuite.TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256: + case CipherSuite.TLS_ECDHE_RSA_WITH_CAMELLIA_128_GCM_SHA256: + case CipherSuite.TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384: + case CipherSuite.TLS_ECDHE_RSA_WITH_CAMELLIA_256_GCM_SHA384: + case CipherSuite.TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256: + case CipherSuite.TLS_ECDHE_RSA_WITH_NULL_SHA: + return KeyExchangeAlgorithm.ECDHE_RSA; + + case CipherSuite.TLS_AES_128_CCM_8_SHA256: + case CipherSuite.TLS_AES_128_CCM_SHA256: + case CipherSuite.TLS_AES_128_GCM_SHA256: + case CipherSuite.TLS_AES_256_GCM_SHA384: + case CipherSuite.TLS_CHACHA20_POLY1305_SHA256: + case CipherSuite.TLS_SM4_CCM_SM3: + case CipherSuite.TLS_SM4_GCM_SM3: + return KeyExchangeAlgorithm.NULL; + + case CipherSuite.TLS_PSK_WITH_3DES_EDE_CBC_SHA: + case CipherSuite.TLS_PSK_WITH_AES_128_CBC_SHA: + case CipherSuite.TLS_PSK_WITH_AES_128_CBC_SHA256: + case CipherSuite.TLS_PSK_WITH_AES_128_CCM: + case CipherSuite.TLS_PSK_WITH_AES_128_CCM_8: + case CipherSuite.TLS_PSK_WITH_AES_128_GCM_SHA256: + case CipherSuite.TLS_PSK_WITH_AES_256_CBC_SHA: + case CipherSuite.TLS_PSK_WITH_AES_256_CBC_SHA384: + case CipherSuite.TLS_PSK_WITH_AES_256_CCM: + case CipherSuite.TLS_PSK_WITH_AES_256_CCM_8: + case CipherSuite.TLS_PSK_WITH_AES_256_GCM_SHA384: + case CipherSuite.TLS_PSK_WITH_ARIA_128_CBC_SHA256: + case CipherSuite.TLS_PSK_WITH_ARIA_128_GCM_SHA256: + case CipherSuite.TLS_PSK_WITH_ARIA_256_CBC_SHA384: + case CipherSuite.TLS_PSK_WITH_ARIA_256_GCM_SHA384: + case CipherSuite.TLS_PSK_WITH_CAMELLIA_128_CBC_SHA256: + case CipherSuite.TLS_PSK_WITH_CAMELLIA_128_GCM_SHA256: + case CipherSuite.TLS_PSK_WITH_CAMELLIA_256_CBC_SHA384: + case CipherSuite.TLS_PSK_WITH_CAMELLIA_256_GCM_SHA384: + case CipherSuite.TLS_PSK_WITH_CHACHA20_POLY1305_SHA256: + case CipherSuite.TLS_PSK_WITH_NULL_SHA: + case CipherSuite.TLS_PSK_WITH_NULL_SHA256: + case CipherSuite.TLS_PSK_WITH_NULL_SHA384: + return KeyExchangeAlgorithm.PSK; + + case CipherSuite.TLS_RSA_WITH_3DES_EDE_CBC_SHA: + case CipherSuite.TLS_RSA_WITH_AES_128_CBC_SHA: + case CipherSuite.TLS_RSA_WITH_AES_128_CBC_SHA256: + case CipherSuite.TLS_RSA_WITH_AES_128_CCM: + case CipherSuite.TLS_RSA_WITH_AES_128_CCM_8: + case CipherSuite.TLS_RSA_WITH_AES_128_GCM_SHA256: + case CipherSuite.TLS_RSA_WITH_AES_256_CBC_SHA: + case CipherSuite.TLS_RSA_WITH_AES_256_CBC_SHA256: + case CipherSuite.TLS_RSA_WITH_AES_256_CCM: + case CipherSuite.TLS_RSA_WITH_AES_256_CCM_8: + case CipherSuite.TLS_RSA_WITH_AES_256_GCM_SHA384: + case CipherSuite.TLS_RSA_WITH_ARIA_128_CBC_SHA256: + case CipherSuite.TLS_RSA_WITH_ARIA_128_GCM_SHA256: + case CipherSuite.TLS_RSA_WITH_ARIA_256_CBC_SHA384: + case CipherSuite.TLS_RSA_WITH_ARIA_256_GCM_SHA384: + case CipherSuite.TLS_RSA_WITH_CAMELLIA_128_CBC_SHA: + case CipherSuite.TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256: + case CipherSuite.TLS_RSA_WITH_CAMELLIA_128_GCM_SHA256: + case CipherSuite.TLS_RSA_WITH_CAMELLIA_256_CBC_SHA: + case CipherSuite.TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256: + case CipherSuite.TLS_RSA_WITH_CAMELLIA_256_GCM_SHA384: + case CipherSuite.TLS_RSA_WITH_NULL_SHA: + case CipherSuite.TLS_RSA_WITH_NULL_SHA256: + case CipherSuite.TLS_RSA_WITH_SEED_CBC_SHA: + return KeyExchangeAlgorithm.RSA; + + case CipherSuite.TLS_RSA_PSK_WITH_3DES_EDE_CBC_SHA: + case CipherSuite.TLS_RSA_PSK_WITH_AES_128_CBC_SHA: + case CipherSuite.TLS_RSA_PSK_WITH_AES_128_CBC_SHA256: + case CipherSuite.TLS_RSA_PSK_WITH_AES_128_GCM_SHA256: + case CipherSuite.TLS_RSA_PSK_WITH_AES_256_CBC_SHA: + case CipherSuite.TLS_RSA_PSK_WITH_AES_256_CBC_SHA384: + case CipherSuite.TLS_RSA_PSK_WITH_AES_256_GCM_SHA384: + case CipherSuite.TLS_RSA_PSK_WITH_ARIA_128_CBC_SHA256: + case CipherSuite.TLS_RSA_PSK_WITH_ARIA_128_GCM_SHA256: + case CipherSuite.TLS_RSA_PSK_WITH_ARIA_256_CBC_SHA384: + case CipherSuite.TLS_RSA_PSK_WITH_ARIA_256_GCM_SHA384: + case CipherSuite.TLS_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256: + case CipherSuite.TLS_RSA_PSK_WITH_CAMELLIA_128_GCM_SHA256: + case CipherSuite.TLS_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384: + case CipherSuite.TLS_RSA_PSK_WITH_CAMELLIA_256_GCM_SHA384: + case CipherSuite.TLS_RSA_PSK_WITH_CHACHA20_POLY1305_SHA256: + case CipherSuite.TLS_RSA_PSK_WITH_NULL_SHA: + case CipherSuite.TLS_RSA_PSK_WITH_NULL_SHA256: + case CipherSuite.TLS_RSA_PSK_WITH_NULL_SHA384: + return KeyExchangeAlgorithm.RSA_PSK; + + case CipherSuite.TLS_SRP_SHA_WITH_3DES_EDE_CBC_SHA: + case CipherSuite.TLS_SRP_SHA_WITH_AES_128_CBC_SHA: + case CipherSuite.TLS_SRP_SHA_WITH_AES_256_CBC_SHA: + return KeyExchangeAlgorithm.SRP; + + case CipherSuite.TLS_SRP_SHA_DSS_WITH_3DES_EDE_CBC_SHA: + case CipherSuite.TLS_SRP_SHA_DSS_WITH_AES_128_CBC_SHA: + case CipherSuite.TLS_SRP_SHA_DSS_WITH_AES_256_CBC_SHA: + return KeyExchangeAlgorithm.SRP_DSS; + + case CipherSuite.TLS_SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHA: + case CipherSuite.TLS_SRP_SHA_RSA_WITH_AES_128_CBC_SHA: + case CipherSuite.TLS_SRP_SHA_RSA_WITH_AES_256_CBC_SHA: + return KeyExchangeAlgorithm.SRP_RSA; + + default: + return -1; + } + } + + public static IList GetKeyExchangeAlgorithms(int[] cipherSuites) + { + IList result = Platform.CreateArrayList(); + if (null != cipherSuites) + { + for (int i = 0; i < cipherSuites.Length; ++i) + { + AddToSet(result, GetKeyExchangeAlgorithm(cipherSuites[i])); + } + result.Remove(-1); + } + return result; + } + + public static int GetMacAlgorithm(int cipherSuite) + { + switch (cipherSuite) + { + case CipherSuite.TLS_AES_128_CCM_SHA256: + case CipherSuite.TLS_AES_128_CCM_8_SHA256: + case CipherSuite.TLS_AES_128_GCM_SHA256: + case CipherSuite.TLS_AES_256_GCM_SHA384: + case CipherSuite.TLS_CHACHA20_POLY1305_SHA256: + case CipherSuite.TLS_DH_anon_WITH_AES_128_GCM_SHA256: + case CipherSuite.TLS_DH_anon_WITH_AES_256_GCM_SHA384: + case CipherSuite.TLS_DH_anon_WITH_ARIA_128_GCM_SHA256: + case CipherSuite.TLS_DH_anon_WITH_ARIA_256_GCM_SHA384: + case CipherSuite.TLS_DH_anon_WITH_CAMELLIA_128_GCM_SHA256: + case CipherSuite.TLS_DH_anon_WITH_CAMELLIA_256_GCM_SHA384: + case CipherSuite.TLS_DH_DSS_WITH_AES_128_GCM_SHA256: + case CipherSuite.TLS_DH_DSS_WITH_AES_256_GCM_SHA384: + case CipherSuite.TLS_DH_DSS_WITH_ARIA_128_GCM_SHA256: + case CipherSuite.TLS_DH_DSS_WITH_ARIA_256_GCM_SHA384: + case CipherSuite.TLS_DH_DSS_WITH_CAMELLIA_128_GCM_SHA256: + case CipherSuite.TLS_DH_DSS_WITH_CAMELLIA_256_GCM_SHA384: + case CipherSuite.TLS_DH_RSA_WITH_AES_128_GCM_SHA256: + case CipherSuite.TLS_DH_RSA_WITH_AES_256_GCM_SHA384: + case CipherSuite.TLS_DH_RSA_WITH_ARIA_128_GCM_SHA256: + case CipherSuite.TLS_DH_RSA_WITH_ARIA_256_GCM_SHA384: + case CipherSuite.TLS_DH_RSA_WITH_CAMELLIA_128_GCM_SHA256: + case CipherSuite.TLS_DH_RSA_WITH_CAMELLIA_256_GCM_SHA384: + case CipherSuite.TLS_DHE_DSS_WITH_AES_128_GCM_SHA256: + case CipherSuite.TLS_DHE_DSS_WITH_AES_256_GCM_SHA384: + case CipherSuite.TLS_DHE_DSS_WITH_ARIA_128_GCM_SHA256: + case CipherSuite.TLS_DHE_DSS_WITH_ARIA_256_GCM_SHA384: + case CipherSuite.TLS_DHE_DSS_WITH_CAMELLIA_128_GCM_SHA256: + case CipherSuite.TLS_DHE_DSS_WITH_CAMELLIA_256_GCM_SHA384: + case CipherSuite.TLS_DHE_PSK_WITH_AES_128_CCM: + case CipherSuite.TLS_DHE_PSK_WITH_AES_128_GCM_SHA256: + case CipherSuite.TLS_DHE_PSK_WITH_AES_256_CCM: + case CipherSuite.TLS_DHE_PSK_WITH_AES_256_GCM_SHA384: + case CipherSuite.TLS_DHE_PSK_WITH_ARIA_128_GCM_SHA256: + case CipherSuite.TLS_DHE_PSK_WITH_ARIA_256_GCM_SHA384: + case CipherSuite.TLS_DHE_PSK_WITH_CAMELLIA_128_GCM_SHA256: + case CipherSuite.TLS_DHE_PSK_WITH_CAMELLIA_256_GCM_SHA384: + case CipherSuite.TLS_DHE_PSK_WITH_CHACHA20_POLY1305_SHA256: + case CipherSuite.TLS_DHE_RSA_WITH_AES_128_CCM: + case CipherSuite.TLS_DHE_RSA_WITH_AES_128_CCM_8: + case CipherSuite.TLS_DHE_RSA_WITH_AES_128_GCM_SHA256: + case CipherSuite.TLS_DHE_RSA_WITH_AES_256_CCM: + case CipherSuite.TLS_DHE_RSA_WITH_AES_256_CCM_8: + case CipherSuite.TLS_DHE_RSA_WITH_AES_256_GCM_SHA384: + case CipherSuite.TLS_DHE_RSA_WITH_ARIA_128_GCM_SHA256: + case CipherSuite.TLS_DHE_RSA_WITH_ARIA_256_GCM_SHA384: + case CipherSuite.TLS_DHE_RSA_WITH_CAMELLIA_128_GCM_SHA256: + case CipherSuite.TLS_DHE_RSA_WITH_CAMELLIA_256_GCM_SHA384: + case CipherSuite.TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256: + case CipherSuite.TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256: + case CipherSuite.TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384: + case CipherSuite.TLS_ECDH_ECDSA_WITH_ARIA_128_GCM_SHA256: + case CipherSuite.TLS_ECDH_ECDSA_WITH_ARIA_256_GCM_SHA384: + case CipherSuite.TLS_ECDH_ECDSA_WITH_CAMELLIA_128_GCM_SHA256: + case CipherSuite.TLS_ECDH_ECDSA_WITH_CAMELLIA_256_GCM_SHA384: + case CipherSuite.TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256: + case CipherSuite.TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384: + case CipherSuite.TLS_ECDH_RSA_WITH_ARIA_128_GCM_SHA256: + case CipherSuite.TLS_ECDH_RSA_WITH_ARIA_256_GCM_SHA384: + case CipherSuite.TLS_ECDH_RSA_WITH_CAMELLIA_128_GCM_SHA256: + case CipherSuite.TLS_ECDH_RSA_WITH_CAMELLIA_256_GCM_SHA384: + case CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_128_CCM: + case CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8: + case CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256: + case CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_256_CCM: + case CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_256_CCM_8: + case CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384: + case CipherSuite.TLS_ECDHE_ECDSA_WITH_ARIA_128_GCM_SHA256: + case CipherSuite.TLS_ECDHE_ECDSA_WITH_ARIA_256_GCM_SHA384: + case CipherSuite.TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_GCM_SHA256: + case CipherSuite.TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_GCM_SHA384: + case CipherSuite.TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256: + case CipherSuite.TLS_ECDHE_PSK_WITH_AES_128_CCM_8_SHA256: + case CipherSuite.TLS_ECDHE_PSK_WITH_AES_128_CCM_SHA256: + case CipherSuite.TLS_ECDHE_PSK_WITH_AES_128_GCM_SHA256: + case CipherSuite.TLS_ECDHE_PSK_WITH_AES_256_GCM_SHA384: + case CipherSuite.TLS_ECDHE_PSK_WITH_CHACHA20_POLY1305_SHA256: + case CipherSuite.TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256: + case CipherSuite.TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384: + case CipherSuite.TLS_ECDHE_RSA_WITH_ARIA_128_GCM_SHA256: + case CipherSuite.TLS_ECDHE_RSA_WITH_ARIA_256_GCM_SHA384: + case CipherSuite.TLS_ECDHE_RSA_WITH_CAMELLIA_128_GCM_SHA256: + case CipherSuite.TLS_ECDHE_RSA_WITH_CAMELLIA_256_GCM_SHA384: + case CipherSuite.TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256: + case CipherSuite.TLS_PSK_DHE_WITH_AES_128_CCM_8: + case CipherSuite.TLS_PSK_DHE_WITH_AES_256_CCM_8: + case CipherSuite.TLS_PSK_WITH_AES_128_CCM: + case CipherSuite.TLS_PSK_WITH_AES_128_CCM_8: + case CipherSuite.TLS_PSK_WITH_AES_128_GCM_SHA256: + case CipherSuite.TLS_PSK_WITH_AES_256_CCM: + case CipherSuite.TLS_PSK_WITH_AES_256_CCM_8: + case CipherSuite.TLS_PSK_WITH_AES_256_GCM_SHA384: + case CipherSuite.TLS_PSK_WITH_ARIA_128_GCM_SHA256: + case CipherSuite.TLS_PSK_WITH_ARIA_256_GCM_SHA384: + case CipherSuite.TLS_PSK_WITH_CAMELLIA_128_GCM_SHA256: + case CipherSuite.TLS_PSK_WITH_CAMELLIA_256_GCM_SHA384: + case CipherSuite.TLS_PSK_WITH_CHACHA20_POLY1305_SHA256: + case CipherSuite.TLS_RSA_PSK_WITH_AES_128_GCM_SHA256: + case CipherSuite.TLS_RSA_PSK_WITH_AES_256_GCM_SHA384: + case CipherSuite.TLS_RSA_PSK_WITH_ARIA_128_GCM_SHA256: + case CipherSuite.TLS_RSA_PSK_WITH_ARIA_256_GCM_SHA384: + case CipherSuite.TLS_RSA_PSK_WITH_CAMELLIA_128_GCM_SHA256: + case CipherSuite.TLS_RSA_PSK_WITH_CAMELLIA_256_GCM_SHA384: + case CipherSuite.TLS_RSA_PSK_WITH_CHACHA20_POLY1305_SHA256: + case CipherSuite.TLS_RSA_WITH_AES_128_CCM: + case CipherSuite.TLS_RSA_WITH_AES_128_CCM_8: + case CipherSuite.TLS_RSA_WITH_AES_128_GCM_SHA256: + case CipherSuite.TLS_RSA_WITH_AES_256_CCM: + case CipherSuite.TLS_RSA_WITH_AES_256_CCM_8: + case CipherSuite.TLS_RSA_WITH_AES_256_GCM_SHA384: + case CipherSuite.TLS_RSA_WITH_ARIA_128_GCM_SHA256: + case CipherSuite.TLS_RSA_WITH_ARIA_256_GCM_SHA384: + case CipherSuite.TLS_RSA_WITH_CAMELLIA_128_GCM_SHA256: + case CipherSuite.TLS_RSA_WITH_CAMELLIA_256_GCM_SHA384: + case CipherSuite.TLS_SM4_CCM_SM3: + case CipherSuite.TLS_SM4_GCM_SM3: + return MacAlgorithm.cls_null; + + case CipherSuite.TLS_DH_anon_WITH_3DES_EDE_CBC_SHA: + case CipherSuite.TLS_DH_anon_WITH_AES_128_CBC_SHA: + case CipherSuite.TLS_DH_anon_WITH_AES_256_CBC_SHA: + case CipherSuite.TLS_DH_anon_WITH_CAMELLIA_128_CBC_SHA: + case CipherSuite.TLS_DH_anon_WITH_CAMELLIA_256_CBC_SHA: + case CipherSuite.TLS_DH_anon_WITH_SEED_CBC_SHA: + case CipherSuite.TLS_DH_DSS_WITH_3DES_EDE_CBC_SHA: + case CipherSuite.TLS_DH_DSS_WITH_AES_128_CBC_SHA: + case CipherSuite.TLS_DH_DSS_WITH_AES_256_CBC_SHA: + case CipherSuite.TLS_DH_DSS_WITH_CAMELLIA_128_CBC_SHA: + case CipherSuite.TLS_DH_DSS_WITH_CAMELLIA_256_CBC_SHA: + case CipherSuite.TLS_DH_DSS_WITH_SEED_CBC_SHA: + case CipherSuite.TLS_DH_RSA_WITH_3DES_EDE_CBC_SHA: + case CipherSuite.TLS_DH_RSA_WITH_AES_128_CBC_SHA: + case CipherSuite.TLS_DH_RSA_WITH_AES_256_CBC_SHA: + case CipherSuite.TLS_DH_RSA_WITH_CAMELLIA_128_CBC_SHA: + case CipherSuite.TLS_DH_RSA_WITH_CAMELLIA_256_CBC_SHA: + case CipherSuite.TLS_DH_RSA_WITH_SEED_CBC_SHA: + case CipherSuite.TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA: + case CipherSuite.TLS_DHE_DSS_WITH_AES_128_CBC_SHA: + case CipherSuite.TLS_DHE_DSS_WITH_AES_256_CBC_SHA: + case CipherSuite.TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA: + case CipherSuite.TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA: + case CipherSuite.TLS_DHE_DSS_WITH_SEED_CBC_SHA: + case CipherSuite.TLS_DHE_PSK_WITH_3DES_EDE_CBC_SHA: + case CipherSuite.TLS_DHE_PSK_WITH_AES_128_CBC_SHA: + case CipherSuite.TLS_DHE_PSK_WITH_AES_256_CBC_SHA: + case CipherSuite.TLS_DHE_PSK_WITH_NULL_SHA: + case CipherSuite.TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA: + case CipherSuite.TLS_DHE_RSA_WITH_AES_128_CBC_SHA: + case CipherSuite.TLS_DHE_RSA_WITH_AES_256_CBC_SHA: + case CipherSuite.TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA: + case CipherSuite.TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA: + case CipherSuite.TLS_DHE_RSA_WITH_SEED_CBC_SHA: + case CipherSuite.TLS_ECDH_anon_WITH_3DES_EDE_CBC_SHA: + case CipherSuite.TLS_ECDH_anon_WITH_AES_128_CBC_SHA: + case CipherSuite.TLS_ECDH_anon_WITH_AES_256_CBC_SHA: + case CipherSuite.TLS_ECDH_anon_WITH_NULL_SHA: + case CipherSuite.TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA: + case CipherSuite.TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA: + case CipherSuite.TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA: + case CipherSuite.TLS_ECDH_ECDSA_WITH_NULL_SHA: + case CipherSuite.TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA: + case CipherSuite.TLS_ECDH_RSA_WITH_AES_128_CBC_SHA: + case CipherSuite.TLS_ECDH_RSA_WITH_AES_256_CBC_SHA: + case CipherSuite.TLS_ECDH_RSA_WITH_NULL_SHA: + case CipherSuite.TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA: + case CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA: + case CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA: + case CipherSuite.TLS_ECDHE_ECDSA_WITH_NULL_SHA: + case CipherSuite.TLS_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA: + case CipherSuite.TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA: + case CipherSuite.TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA: + case CipherSuite.TLS_ECDHE_PSK_WITH_NULL_SHA: + case CipherSuite.TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA: + case CipherSuite.TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA: + case CipherSuite.TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA: + case CipherSuite.TLS_ECDHE_RSA_WITH_NULL_SHA: + case CipherSuite.TLS_RSA_PSK_WITH_3DES_EDE_CBC_SHA: + case CipherSuite.TLS_RSA_PSK_WITH_AES_128_CBC_SHA: + case CipherSuite.TLS_RSA_PSK_WITH_AES_256_CBC_SHA: + case CipherSuite.TLS_PSK_WITH_3DES_EDE_CBC_SHA: + case CipherSuite.TLS_PSK_WITH_AES_128_CBC_SHA: + case CipherSuite.TLS_PSK_WITH_AES_256_CBC_SHA: + case CipherSuite.TLS_PSK_WITH_NULL_SHA: + case CipherSuite.TLS_RSA_PSK_WITH_NULL_SHA: + case CipherSuite.TLS_RSA_WITH_3DES_EDE_CBC_SHA: + case CipherSuite.TLS_RSA_WITH_AES_128_CBC_SHA: + case CipherSuite.TLS_RSA_WITH_AES_256_CBC_SHA: + case CipherSuite.TLS_RSA_WITH_CAMELLIA_128_CBC_SHA: + case CipherSuite.TLS_RSA_WITH_CAMELLIA_256_CBC_SHA: + case CipherSuite.TLS_RSA_WITH_NULL_SHA: + case CipherSuite.TLS_RSA_WITH_SEED_CBC_SHA: + case CipherSuite.TLS_SRP_SHA_DSS_WITH_3DES_EDE_CBC_SHA: + case CipherSuite.TLS_SRP_SHA_DSS_WITH_AES_128_CBC_SHA: + case CipherSuite.TLS_SRP_SHA_DSS_WITH_AES_256_CBC_SHA: + case CipherSuite.TLS_SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHA: + case CipherSuite.TLS_SRP_SHA_RSA_WITH_AES_128_CBC_SHA: + case CipherSuite.TLS_SRP_SHA_RSA_WITH_AES_256_CBC_SHA: + case CipherSuite.TLS_SRP_SHA_WITH_3DES_EDE_CBC_SHA: + case CipherSuite.TLS_SRP_SHA_WITH_AES_128_CBC_SHA: + case CipherSuite.TLS_SRP_SHA_WITH_AES_256_CBC_SHA: + return MacAlgorithm.hmac_sha1; + + case CipherSuite.TLS_DH_anon_WITH_AES_128_CBC_SHA256: + case CipherSuite.TLS_DH_anon_WITH_AES_256_CBC_SHA256: + case CipherSuite.TLS_DH_anon_WITH_ARIA_128_CBC_SHA256: + case CipherSuite.TLS_DH_anon_WITH_CAMELLIA_128_CBC_SHA256: + case CipherSuite.TLS_DH_anon_WITH_CAMELLIA_256_CBC_SHA256: + case CipherSuite.TLS_DH_DSS_WITH_AES_128_CBC_SHA256: + case CipherSuite.TLS_DH_DSS_WITH_AES_256_CBC_SHA256: + case CipherSuite.TLS_DH_DSS_WITH_ARIA_128_CBC_SHA256: + case CipherSuite.TLS_DH_DSS_WITH_CAMELLIA_128_CBC_SHA256: + case CipherSuite.TLS_DH_DSS_WITH_CAMELLIA_256_CBC_SHA256: + case CipherSuite.TLS_DH_RSA_WITH_AES_128_CBC_SHA256: + case CipherSuite.TLS_DH_RSA_WITH_AES_256_CBC_SHA256: + case CipherSuite.TLS_DH_RSA_WITH_ARIA_128_CBC_SHA256: + case CipherSuite.TLS_DH_RSA_WITH_CAMELLIA_128_CBC_SHA256: + case CipherSuite.TLS_DH_RSA_WITH_CAMELLIA_256_CBC_SHA256: + case CipherSuite.TLS_DHE_DSS_WITH_AES_128_CBC_SHA256: + case CipherSuite.TLS_DHE_DSS_WITH_AES_256_CBC_SHA256: + case CipherSuite.TLS_DHE_DSS_WITH_ARIA_128_CBC_SHA256: + case CipherSuite.TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA256: + case CipherSuite.TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA256: + case CipherSuite.TLS_DHE_PSK_WITH_AES_128_CBC_SHA256: + case CipherSuite.TLS_DHE_PSK_WITH_ARIA_128_CBC_SHA256: + case CipherSuite.TLS_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256: + case CipherSuite.TLS_DHE_PSK_WITH_NULL_SHA256: + case CipherSuite.TLS_DHE_RSA_WITH_AES_128_CBC_SHA256: + case CipherSuite.TLS_DHE_RSA_WITH_AES_256_CBC_SHA256: + case CipherSuite.TLS_DHE_RSA_WITH_ARIA_128_CBC_SHA256: + case CipherSuite.TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256: + case CipherSuite.TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256: + case CipherSuite.TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256: + case CipherSuite.TLS_ECDH_ECDSA_WITH_ARIA_128_CBC_SHA256: + case CipherSuite.TLS_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256: + case CipherSuite.TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256: + case CipherSuite.TLS_ECDH_RSA_WITH_ARIA_128_CBC_SHA256: + case CipherSuite.TLS_ECDH_RSA_WITH_CAMELLIA_128_CBC_SHA256: + case CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256: + case CipherSuite.TLS_ECDHE_ECDSA_WITH_ARIA_128_CBC_SHA256: + case CipherSuite.TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256: + case CipherSuite.TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256: + case CipherSuite.TLS_ECDHE_PSK_WITH_ARIA_128_CBC_SHA256: + case CipherSuite.TLS_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256: + case CipherSuite.TLS_ECDHE_PSK_WITH_NULL_SHA256: + case CipherSuite.TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256: + case CipherSuite.TLS_ECDHE_RSA_WITH_ARIA_128_CBC_SHA256: + case CipherSuite.TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256: + case CipherSuite.TLS_PSK_WITH_AES_128_CBC_SHA256: + case CipherSuite.TLS_PSK_WITH_ARIA_128_CBC_SHA256: + case CipherSuite.TLS_PSK_WITH_CAMELLIA_128_CBC_SHA256: + case CipherSuite.TLS_PSK_WITH_NULL_SHA256: + case CipherSuite.TLS_RSA_PSK_WITH_AES_128_CBC_SHA256: + case CipherSuite.TLS_RSA_PSK_WITH_ARIA_128_CBC_SHA256: + case CipherSuite.TLS_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256: + case CipherSuite.TLS_RSA_PSK_WITH_NULL_SHA256: + case CipherSuite.TLS_RSA_WITH_AES_128_CBC_SHA256: + case CipherSuite.TLS_RSA_WITH_AES_256_CBC_SHA256: + case CipherSuite.TLS_RSA_WITH_ARIA_128_CBC_SHA256: + case CipherSuite.TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256: + case CipherSuite.TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256: + case CipherSuite.TLS_RSA_WITH_NULL_SHA256: + return MacAlgorithm.hmac_sha256; + + case CipherSuite.TLS_DH_anon_WITH_ARIA_256_CBC_SHA384: + case CipherSuite.TLS_DH_DSS_WITH_ARIA_256_CBC_SHA384: + case CipherSuite.TLS_DH_RSA_WITH_ARIA_256_CBC_SHA384: + case CipherSuite.TLS_DHE_DSS_WITH_ARIA_256_CBC_SHA384: + case CipherSuite.TLS_DHE_PSK_WITH_AES_256_CBC_SHA384: + case CipherSuite.TLS_DHE_PSK_WITH_ARIA_256_CBC_SHA384: + case CipherSuite.TLS_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384: + case CipherSuite.TLS_DHE_PSK_WITH_NULL_SHA384: + case CipherSuite.TLS_DHE_RSA_WITH_ARIA_256_CBC_SHA384: + case CipherSuite.TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384: + case CipherSuite.TLS_ECDH_ECDSA_WITH_ARIA_256_CBC_SHA384: + case CipherSuite.TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384: + case CipherSuite.TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384: + case CipherSuite.TLS_ECDH_RSA_WITH_ARIA_256_CBC_SHA384: + case CipherSuite.TLS_ECDH_RSA_WITH_CAMELLIA_256_CBC_SHA384: + case CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384: + case CipherSuite.TLS_ECDHE_ECDSA_WITH_ARIA_256_CBC_SHA384: + case CipherSuite.TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384: + case CipherSuite.TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384: + case CipherSuite.TLS_ECDHE_PSK_WITH_ARIA_256_CBC_SHA384: + case CipherSuite.TLS_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384: + case CipherSuite.TLS_ECDHE_PSK_WITH_NULL_SHA384: + case CipherSuite.TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384: + case CipherSuite.TLS_ECDHE_RSA_WITH_ARIA_256_CBC_SHA384: + case CipherSuite.TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384: + case CipherSuite.TLS_PSK_WITH_AES_256_CBC_SHA384: + case CipherSuite.TLS_PSK_WITH_ARIA_256_CBC_SHA384: + case CipherSuite.TLS_PSK_WITH_CAMELLIA_256_CBC_SHA384: + case CipherSuite.TLS_PSK_WITH_NULL_SHA384: + case CipherSuite.TLS_RSA_PSK_WITH_AES_256_CBC_SHA384: + case CipherSuite.TLS_RSA_PSK_WITH_ARIA_256_CBC_SHA384: + case CipherSuite.TLS_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384: + case CipherSuite.TLS_RSA_PSK_WITH_NULL_SHA384: + case CipherSuite.TLS_RSA_WITH_ARIA_256_CBC_SHA384: + return MacAlgorithm.hmac_sha384; + + default: + return -1; + } + } + + public static ProtocolVersion GetMinimumVersion(int cipherSuite) + { + switch (cipherSuite) + { + case CipherSuite.TLS_AES_128_CCM_SHA256: + case CipherSuite.TLS_AES_128_CCM_8_SHA256: + case CipherSuite.TLS_AES_128_GCM_SHA256: + case CipherSuite.TLS_AES_256_GCM_SHA384: + case CipherSuite.TLS_CHACHA20_POLY1305_SHA256: + case CipherSuite.TLS_SM4_CCM_SM3: + case CipherSuite.TLS_SM4_GCM_SM3: + return ProtocolVersion.TLSv13; + + case CipherSuite.TLS_DH_anon_WITH_AES_128_CBC_SHA256: + case CipherSuite.TLS_DH_anon_WITH_AES_128_GCM_SHA256: + case CipherSuite.TLS_DH_anon_WITH_AES_256_CBC_SHA256: + case CipherSuite.TLS_DH_anon_WITH_AES_256_GCM_SHA384: + case CipherSuite.TLS_DH_anon_WITH_ARIA_128_CBC_SHA256: + case CipherSuite.TLS_DH_anon_WITH_ARIA_128_GCM_SHA256: + case CipherSuite.TLS_DH_anon_WITH_ARIA_256_CBC_SHA384: + case CipherSuite.TLS_DH_anon_WITH_ARIA_256_GCM_SHA384: + case CipherSuite.TLS_DH_anon_WITH_CAMELLIA_128_CBC_SHA256: + case CipherSuite.TLS_DH_anon_WITH_CAMELLIA_128_GCM_SHA256: + case CipherSuite.TLS_DH_anon_WITH_CAMELLIA_256_CBC_SHA256: + case CipherSuite.TLS_DH_anon_WITH_CAMELLIA_256_GCM_SHA384: + case CipherSuite.TLS_DH_DSS_WITH_AES_128_CBC_SHA256: + case CipherSuite.TLS_DH_DSS_WITH_AES_128_GCM_SHA256: + case CipherSuite.TLS_DH_DSS_WITH_AES_256_CBC_SHA256: + case CipherSuite.TLS_DH_DSS_WITH_AES_256_GCM_SHA384: + case CipherSuite.TLS_DH_DSS_WITH_ARIA_128_CBC_SHA256: + case CipherSuite.TLS_DH_DSS_WITH_ARIA_128_GCM_SHA256: + case CipherSuite.TLS_DH_DSS_WITH_ARIA_256_CBC_SHA384: + case CipherSuite.TLS_DH_DSS_WITH_ARIA_256_GCM_SHA384: + case CipherSuite.TLS_DH_DSS_WITH_CAMELLIA_128_CBC_SHA256: + case CipherSuite.TLS_DH_DSS_WITH_CAMELLIA_128_GCM_SHA256: + case CipherSuite.TLS_DH_DSS_WITH_CAMELLIA_256_CBC_SHA256: + case CipherSuite.TLS_DH_DSS_WITH_CAMELLIA_256_GCM_SHA384: + case CipherSuite.TLS_DH_RSA_WITH_AES_128_CBC_SHA256: + case CipherSuite.TLS_DH_RSA_WITH_AES_128_GCM_SHA256: + case CipherSuite.TLS_DH_RSA_WITH_AES_256_CBC_SHA256: + case CipherSuite.TLS_DH_RSA_WITH_AES_256_GCM_SHA384: + case CipherSuite.TLS_DH_RSA_WITH_ARIA_128_CBC_SHA256: + case CipherSuite.TLS_DH_RSA_WITH_ARIA_128_GCM_SHA256: + case CipherSuite.TLS_DH_RSA_WITH_ARIA_256_CBC_SHA384: + case CipherSuite.TLS_DH_RSA_WITH_ARIA_256_GCM_SHA384: + case CipherSuite.TLS_DH_RSA_WITH_CAMELLIA_128_CBC_SHA256: + case CipherSuite.TLS_DH_RSA_WITH_CAMELLIA_128_GCM_SHA256: + case CipherSuite.TLS_DH_RSA_WITH_CAMELLIA_256_CBC_SHA256: + case CipherSuite.TLS_DH_RSA_WITH_CAMELLIA_256_GCM_SHA384: + case CipherSuite.TLS_DHE_DSS_WITH_AES_128_CBC_SHA256: + case CipherSuite.TLS_DHE_DSS_WITH_AES_128_GCM_SHA256: + case CipherSuite.TLS_DHE_DSS_WITH_AES_256_CBC_SHA256: + case CipherSuite.TLS_DHE_DSS_WITH_AES_256_GCM_SHA384: + case CipherSuite.TLS_DHE_DSS_WITH_ARIA_128_CBC_SHA256: + case CipherSuite.TLS_DHE_DSS_WITH_ARIA_128_GCM_SHA256: + case CipherSuite.TLS_DHE_DSS_WITH_ARIA_256_CBC_SHA384: + case CipherSuite.TLS_DHE_DSS_WITH_ARIA_256_GCM_SHA384: + case CipherSuite.TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA256: + case CipherSuite.TLS_DHE_DSS_WITH_CAMELLIA_128_GCM_SHA256: + case CipherSuite.TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA256: + case CipherSuite.TLS_DHE_DSS_WITH_CAMELLIA_256_GCM_SHA384: + case CipherSuite.TLS_DHE_PSK_WITH_AES_128_CCM: + case CipherSuite.TLS_DHE_PSK_WITH_AES_128_GCM_SHA256: + case CipherSuite.TLS_DHE_PSK_WITH_AES_256_CCM: + case CipherSuite.TLS_DHE_PSK_WITH_AES_256_GCM_SHA384: + case CipherSuite.TLS_DHE_PSK_WITH_ARIA_128_CBC_SHA256: + case CipherSuite.TLS_DHE_PSK_WITH_ARIA_128_GCM_SHA256: + case CipherSuite.TLS_DHE_PSK_WITH_ARIA_256_CBC_SHA384: + case CipherSuite.TLS_DHE_PSK_WITH_ARIA_256_GCM_SHA384: + case CipherSuite.TLS_DHE_PSK_WITH_CAMELLIA_128_GCM_SHA256: + case CipherSuite.TLS_DHE_PSK_WITH_CAMELLIA_256_GCM_SHA384: + case CipherSuite.TLS_DHE_PSK_WITH_CHACHA20_POLY1305_SHA256: + case CipherSuite.TLS_DHE_RSA_WITH_AES_128_CBC_SHA256: + case CipherSuite.TLS_DHE_RSA_WITH_AES_128_CCM: + case CipherSuite.TLS_DHE_RSA_WITH_AES_128_CCM_8: + case CipherSuite.TLS_DHE_RSA_WITH_AES_128_GCM_SHA256: + case CipherSuite.TLS_DHE_RSA_WITH_AES_256_CBC_SHA256: + case CipherSuite.TLS_DHE_RSA_WITH_AES_256_CCM: + case CipherSuite.TLS_DHE_RSA_WITH_AES_256_CCM_8: + case CipherSuite.TLS_DHE_RSA_WITH_AES_256_GCM_SHA384: + case CipherSuite.TLS_DHE_RSA_WITH_ARIA_128_CBC_SHA256: + case CipherSuite.TLS_DHE_RSA_WITH_ARIA_128_GCM_SHA256: + case CipherSuite.TLS_DHE_RSA_WITH_ARIA_256_CBC_SHA384: + case CipherSuite.TLS_DHE_RSA_WITH_ARIA_256_GCM_SHA384: + case CipherSuite.TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256: + case CipherSuite.TLS_DHE_RSA_WITH_CAMELLIA_128_GCM_SHA256: + case CipherSuite.TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256: + case CipherSuite.TLS_DHE_RSA_WITH_CAMELLIA_256_GCM_SHA384: + case CipherSuite.TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256: + case CipherSuite.TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256: + case CipherSuite.TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256: + case CipherSuite.TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384: + case CipherSuite.TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384: + case CipherSuite.TLS_ECDH_ECDSA_WITH_ARIA_128_CBC_SHA256: + case CipherSuite.TLS_ECDH_ECDSA_WITH_ARIA_128_GCM_SHA256: + case CipherSuite.TLS_ECDH_ECDSA_WITH_ARIA_256_CBC_SHA384: + case CipherSuite.TLS_ECDH_ECDSA_WITH_ARIA_256_GCM_SHA384: + case CipherSuite.TLS_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256: + case CipherSuite.TLS_ECDH_ECDSA_WITH_CAMELLIA_128_GCM_SHA256: + case CipherSuite.TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384: + case CipherSuite.TLS_ECDH_ECDSA_WITH_CAMELLIA_256_GCM_SHA384: + case CipherSuite.TLS_ECDH_RSA_WITH_ARIA_128_CBC_SHA256: + case CipherSuite.TLS_ECDH_RSA_WITH_ARIA_128_GCM_SHA256: + case CipherSuite.TLS_ECDH_RSA_WITH_ARIA_256_CBC_SHA384: + case CipherSuite.TLS_ECDH_RSA_WITH_ARIA_256_GCM_SHA384: + case CipherSuite.TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256: + case CipherSuite.TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256: + case CipherSuite.TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384: + case CipherSuite.TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384: + case CipherSuite.TLS_ECDH_RSA_WITH_CAMELLIA_128_CBC_SHA256: + case CipherSuite.TLS_ECDH_RSA_WITH_CAMELLIA_128_GCM_SHA256: + case CipherSuite.TLS_ECDH_RSA_WITH_CAMELLIA_256_CBC_SHA384: + case CipherSuite.TLS_ECDH_RSA_WITH_CAMELLIA_256_GCM_SHA384: + case CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256: + case CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_128_CCM: + case CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8: + case CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256: + case CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384: + case CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_256_CCM: + case CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_256_CCM_8: + case CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384: + case CipherSuite.TLS_ECDHE_ECDSA_WITH_ARIA_128_CBC_SHA256: + case CipherSuite.TLS_ECDHE_ECDSA_WITH_ARIA_128_GCM_SHA256: + case CipherSuite.TLS_ECDHE_ECDSA_WITH_ARIA_256_CBC_SHA384: + case CipherSuite.TLS_ECDHE_ECDSA_WITH_ARIA_256_GCM_SHA384: + case CipherSuite.TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256: + case CipherSuite.TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_GCM_SHA256: + case CipherSuite.TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384: + case CipherSuite.TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_GCM_SHA384: + case CipherSuite.TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256: + case CipherSuite.TLS_ECDHE_PSK_WITH_AES_128_CCM_8_SHA256: + case CipherSuite.TLS_ECDHE_PSK_WITH_AES_128_CCM_SHA256: + case CipherSuite.TLS_ECDHE_PSK_WITH_AES_128_GCM_SHA256: + case CipherSuite.TLS_ECDHE_PSK_WITH_AES_256_GCM_SHA384: + case CipherSuite.TLS_ECDHE_PSK_WITH_ARIA_128_CBC_SHA256: + case CipherSuite.TLS_ECDHE_PSK_WITH_ARIA_256_CBC_SHA384: + case CipherSuite.TLS_ECDHE_PSK_WITH_CHACHA20_POLY1305_SHA256: + case CipherSuite.TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256: + case CipherSuite.TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256: + case CipherSuite.TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384: + case CipherSuite.TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384: + case CipherSuite.TLS_ECDHE_RSA_WITH_ARIA_128_CBC_SHA256: + case CipherSuite.TLS_ECDHE_RSA_WITH_ARIA_128_GCM_SHA256: + case CipherSuite.TLS_ECDHE_RSA_WITH_ARIA_256_CBC_SHA384: + case CipherSuite.TLS_ECDHE_RSA_WITH_ARIA_256_GCM_SHA384: + case CipherSuite.TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256: + case CipherSuite.TLS_ECDHE_RSA_WITH_CAMELLIA_128_GCM_SHA256: + case CipherSuite.TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384: + case CipherSuite.TLS_ECDHE_RSA_WITH_CAMELLIA_256_GCM_SHA384: + case CipherSuite.TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256: + case CipherSuite.TLS_PSK_DHE_WITH_AES_128_CCM_8: + case CipherSuite.TLS_PSK_DHE_WITH_AES_256_CCM_8: + case CipherSuite.TLS_PSK_WITH_AES_128_CCM: + case CipherSuite.TLS_PSK_WITH_AES_128_CCM_8: + case CipherSuite.TLS_PSK_WITH_AES_128_GCM_SHA256: + case CipherSuite.TLS_PSK_WITH_AES_256_CCM: + case CipherSuite.TLS_PSK_WITH_AES_256_CCM_8: + case CipherSuite.TLS_PSK_WITH_AES_256_GCM_SHA384: + case CipherSuite.TLS_PSK_WITH_ARIA_128_CBC_SHA256: + case CipherSuite.TLS_PSK_WITH_ARIA_128_GCM_SHA256: + case CipherSuite.TLS_PSK_WITH_ARIA_256_CBC_SHA384: + case CipherSuite.TLS_PSK_WITH_ARIA_256_GCM_SHA384: + case CipherSuite.TLS_PSK_WITH_CAMELLIA_128_GCM_SHA256: + case CipherSuite.TLS_PSK_WITH_CAMELLIA_256_GCM_SHA384: + case CipherSuite.TLS_PSK_WITH_CHACHA20_POLY1305_SHA256: + case CipherSuite.TLS_RSA_PSK_WITH_AES_128_GCM_SHA256: + case CipherSuite.TLS_RSA_PSK_WITH_AES_256_GCM_SHA384: + case CipherSuite.TLS_RSA_PSK_WITH_ARIA_128_CBC_SHA256: + case CipherSuite.TLS_RSA_PSK_WITH_ARIA_128_GCM_SHA256: + case CipherSuite.TLS_RSA_PSK_WITH_ARIA_256_CBC_SHA384: + case CipherSuite.TLS_RSA_PSK_WITH_ARIA_256_GCM_SHA384: + case CipherSuite.TLS_RSA_PSK_WITH_CAMELLIA_128_GCM_SHA256: + case CipherSuite.TLS_RSA_PSK_WITH_CAMELLIA_256_GCM_SHA384: + case CipherSuite.TLS_RSA_PSK_WITH_CHACHA20_POLY1305_SHA256: + case CipherSuite.TLS_RSA_WITH_AES_128_CBC_SHA256: + case CipherSuite.TLS_RSA_WITH_AES_128_CCM: + case CipherSuite.TLS_RSA_WITH_AES_128_CCM_8: + case CipherSuite.TLS_RSA_WITH_AES_128_GCM_SHA256: + case CipherSuite.TLS_RSA_WITH_AES_256_CBC_SHA256: + case CipherSuite.TLS_RSA_WITH_AES_256_CCM: + case CipherSuite.TLS_RSA_WITH_AES_256_CCM_8: + case CipherSuite.TLS_RSA_WITH_AES_256_GCM_SHA384: + case CipherSuite.TLS_RSA_WITH_ARIA_128_CBC_SHA256: + case CipherSuite.TLS_RSA_WITH_ARIA_128_GCM_SHA256: + case CipherSuite.TLS_RSA_WITH_ARIA_256_CBC_SHA384: + case CipherSuite.TLS_RSA_WITH_ARIA_256_GCM_SHA384: + case CipherSuite.TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256: + case CipherSuite.TLS_RSA_WITH_CAMELLIA_128_GCM_SHA256: + case CipherSuite.TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256: + case CipherSuite.TLS_RSA_WITH_CAMELLIA_256_GCM_SHA384: + case CipherSuite.TLS_RSA_WITH_NULL_SHA256: + return ProtocolVersion.TLSv12; + + default: + return ProtocolVersion.SSLv3; + } + } + + public static IList GetNamedGroupRoles(int[] cipherSuites) + { + return GetNamedGroupRoles(GetKeyExchangeAlgorithms(cipherSuites)); + } + + public static IList GetNamedGroupRoles(IList keyExchangeAlgorithms) + { + IList result = Platform.CreateArrayList(); + foreach (int keyExchangeAlgorithm in keyExchangeAlgorithms) + { + switch (keyExchangeAlgorithm) + { + case KeyExchangeAlgorithm.DH_anon: + case KeyExchangeAlgorithm.DH_DSS: + case KeyExchangeAlgorithm.DH_RSA: + case KeyExchangeAlgorithm.DHE_DSS: + case KeyExchangeAlgorithm.DHE_PSK: + case KeyExchangeAlgorithm.DHE_RSA: + { + AddToSet(result, NamedGroupRole.dh); + break; + } + + case KeyExchangeAlgorithm.ECDH_anon: + case KeyExchangeAlgorithm.ECDH_RSA: + case KeyExchangeAlgorithm.ECDHE_PSK: + case KeyExchangeAlgorithm.ECDHE_RSA: + { + AddToSet(result, NamedGroupRole.ecdh); + break; + } + + case KeyExchangeAlgorithm.ECDH_ECDSA: + case KeyExchangeAlgorithm.ECDHE_ECDSA: + { + AddToSet(result, NamedGroupRole.ecdh); + AddToSet(result, NamedGroupRole.ecdsa); + break; + } + + case KeyExchangeAlgorithm.NULL: + { + // TODO[tls13] We're conservatively adding both here, though maybe only one is needed + AddToSet(result, NamedGroupRole.dh); + AddToSet(result, NamedGroupRole.ecdh); + break; + } + } + } + return result; + } + + /// + public static bool IsAeadCipherSuite(int cipherSuite) + { + return CipherType.aead == GetCipherType(cipherSuite); + } + + /// + public static bool IsBlockCipherSuite(int cipherSuite) + { + return CipherType.block == GetCipherType(cipherSuite); + } + + /// + public static bool IsStreamCipherSuite(int cipherSuite) + { + return CipherType.stream == GetCipherType(cipherSuite); + } + + /// Whether a server can select the specified cipher suite given the available signature algorithms + /// for ServerKeyExchange. + public static bool IsValidCipherSuiteForSignatureAlgorithms(int cipherSuite, IList sigAlgs) + { + int keyExchangeAlgorithm = GetKeyExchangeAlgorithm(cipherSuite); + + switch (keyExchangeAlgorithm) + { + case KeyExchangeAlgorithm.DHE_DSS: + case KeyExchangeAlgorithm.DHE_RSA: + case KeyExchangeAlgorithm.ECDHE_ECDSA: + case KeyExchangeAlgorithm.ECDHE_RSA: + case KeyExchangeAlgorithm.NULL: + case KeyExchangeAlgorithm.SRP_RSA: + case KeyExchangeAlgorithm.SRP_DSS: + break; + + default: + return true; + } + + foreach (short signatureAlgorithm in sigAlgs) + { + if (IsValidSignatureAlgorithmForServerKeyExchange(signatureAlgorithm, keyExchangeAlgorithm)) + return true; + } + + return false; + } + + internal static bool IsValidCipherSuiteSelection(int[] offeredCipherSuites, int cipherSuite) + { + return null != offeredCipherSuites + && Arrays.Contains(offeredCipherSuites, cipherSuite) + && CipherSuite.TLS_NULL_WITH_NULL_NULL != cipherSuite + && !CipherSuite.IsScsv(cipherSuite); + } + + internal static bool IsValidKeyShareSelection(ProtocolVersion negotiatedVersion, int[] clientSupportedGroups, + IDictionary clientAgreements, int keyShareGroup) + { + return null != clientSupportedGroups + && Arrays.Contains(clientSupportedGroups, keyShareGroup) + && !clientAgreements.Contains(keyShareGroup) + && NamedGroup.CanBeNegotiated(keyShareGroup, negotiatedVersion); + } + + internal static bool IsValidSignatureAlgorithmForCertificateVerify(short signatureAlgorithm, + short[] clientCertificateTypes) + { + short clientCertificateType = SignatureAlgorithm.GetClientCertificateType(signatureAlgorithm); + + return clientCertificateType >= 0 && Arrays.Contains(clientCertificateTypes, clientCertificateType); + } + + internal static bool IsValidSignatureAlgorithmForServerKeyExchange(short signatureAlgorithm, + int keyExchangeAlgorithm) + { + // TODO[tls13] + + switch (keyExchangeAlgorithm) + { + case KeyExchangeAlgorithm.DHE_RSA: + case KeyExchangeAlgorithm.ECDHE_RSA: + case KeyExchangeAlgorithm.SRP_RSA: + switch (signatureAlgorithm) + { + case SignatureAlgorithm.rsa: + case SignatureAlgorithm.rsa_pss_rsae_sha256: + case SignatureAlgorithm.rsa_pss_rsae_sha384: + case SignatureAlgorithm.rsa_pss_rsae_sha512: + case SignatureAlgorithm.rsa_pss_pss_sha256: + case SignatureAlgorithm.rsa_pss_pss_sha384: + case SignatureAlgorithm.rsa_pss_pss_sha512: + return true; + default: + return false; + } + + case KeyExchangeAlgorithm.DHE_DSS: + case KeyExchangeAlgorithm.SRP_DSS: + return SignatureAlgorithm.dsa == signatureAlgorithm; + + case KeyExchangeAlgorithm.ECDHE_ECDSA: + switch (signatureAlgorithm) + { + case SignatureAlgorithm.ecdsa: + case SignatureAlgorithm.ed25519: + case SignatureAlgorithm.ed448: + return true; + default: + return false; + } + + case KeyExchangeAlgorithm.NULL: + return SignatureAlgorithm.anonymous != signatureAlgorithm; + + default: + return false; + } + } + + public static bool IsValidSignatureSchemeForServerKeyExchange(int signatureScheme, int keyExchangeAlgorithm) + { + short signatureAlgorithm = SignatureScheme.GetSignatureAlgorithm(signatureScheme); + + return IsValidSignatureAlgorithmForServerKeyExchange(signatureAlgorithm, keyExchangeAlgorithm); + } + + public static bool IsValidVersionForCipherSuite(int cipherSuite, ProtocolVersion version) + { + version = version.GetEquivalentTlsVersion(); + + ProtocolVersion minimumVersion = GetMinimumVersion(cipherSuite); + if (minimumVersion == version) + return true; + + if (!minimumVersion.IsEarlierVersionOf(version)) + return false; + + return ProtocolVersion.TLSv13.IsEqualOrEarlierVersionOf(minimumVersion) + || ProtocolVersion.TLSv13.IsLaterVersionOf(version); + } + + /// + public static SignatureAndHashAlgorithm ChooseSignatureAndHashAlgorithm(TlsContext context, IList sigHashAlgs, + short signatureAlgorithm) + { + return ChooseSignatureAndHashAlgorithm(context.ServerVersion, sigHashAlgs, signatureAlgorithm); + } + + /// + public static SignatureAndHashAlgorithm ChooseSignatureAndHashAlgorithm(ProtocolVersion negotiatedVersion, + IList sigHashAlgs, short signatureAlgorithm) + { + if (!IsTlsV12(negotiatedVersion)) + return null; + + + if (sigHashAlgs == null) + { + /* + * TODO[tls13] RFC 8446 4.2.3 Clients which desire the server to authenticate itself via + * a certificate MUST send the "signature_algorithms" extension. + */ + + sigHashAlgs = GetDefaultSignatureAlgorithms(signatureAlgorithm); + } + + SignatureAndHashAlgorithm result = null; + foreach (SignatureAndHashAlgorithm sigHashAlg in sigHashAlgs) + { + if (sigHashAlg.Signature != signatureAlgorithm) + continue; + + short hash = sigHashAlg.Hash; + if (hash < MinimumHashStrict) + continue; + + if (result == null) + { + result = sigHashAlg; + continue; + } + + short current = result.Hash; + if (current < MinimumHashPreferred) + { + if (hash > current) + { + result = sigHashAlg; + } + } + else if (hash >= MinimumHashPreferred) + { + if (hash < current) + { + result = sigHashAlg; + } + } + } + if (result == null) + throw new TlsFatalAlert(AlertDescription.internal_error); + + return result; + } + + public static IList GetUsableSignatureAlgorithms(IList sigHashAlgs) + { + if (sigHashAlgs == null) + { + IList v = Platform.CreateArrayList(3); + v.Add(SignatureAlgorithm.rsa); + v.Add(SignatureAlgorithm.dsa); + v.Add(SignatureAlgorithm.ecdsa); + return v; + } + else + { + IList v = Platform.CreateArrayList(); + foreach (SignatureAndHashAlgorithm sigHashAlg in sigHashAlgs) + { + if (sigHashAlg.Hash >= MinimumHashStrict) + { + short sigAlg = sigHashAlg.Signature; + if (!v.Contains(sigAlg)) + { + // TODO Check for crypto support before choosing (or pass in cached list?) + v.Add(sigAlg); + } + } + } + return v; + } + } + + public static int GetCommonCipherSuite13(ProtocolVersion negotiatedVersion, int[] peerCipherSuites, + int[] localCipherSuites, bool useLocalOrder) + { + int[] ordered = peerCipherSuites, unordered = localCipherSuites; + if (useLocalOrder) + { + ordered = localCipherSuites; + unordered = peerCipherSuites; + } + + for (int i = 0; i < ordered.Length; ++i) + { + int candidate = ordered[i]; + if (Arrays.Contains(unordered, candidate) && + IsValidVersionForCipherSuite(candidate, negotiatedVersion)) + { + return candidate; + } + } + + return -1; + } + + public static int[] GetCommonCipherSuites(int[] peerCipherSuites, int[] localCipherSuites, bool useLocalOrder) + { + int[] ordered = peerCipherSuites, unordered = localCipherSuites; + if (useLocalOrder) + { + ordered = localCipherSuites; + unordered = peerCipherSuites; + } + + int count = 0, limit = System.Math.Min(ordered.Length, unordered.Length); + int[] candidates = new int[limit]; + for (int i = 0; i < ordered.Length; ++i) + { + int candidate = ordered[i]; + if (!Contains(candidates, 0, count, candidate) + && Arrays.Contains(unordered, candidate)) + { + candidates[count++] = candidate; + } + } + + if (count < limit) + { + candidates = Arrays.CopyOf(candidates, count); + } + + return candidates; + } + + public static int[] GetSupportedCipherSuites(TlsCrypto crypto, int[] suites) + { + return GetSupportedCipherSuites(crypto, suites, 0, suites.Length); + } + + public static int[] GetSupportedCipherSuites(TlsCrypto crypto, int[] suites, int suitesOff, int suitesCount) + { + int[] supported = new int[suitesCount]; + int count = 0; + + for (int i = 0; i < suitesCount; ++i) + { + int suite = suites[suitesOff + i]; + if (IsSupportedCipherSuite(crypto, suite)) + { + supported[count++] = suite; + } + } + + if (count < suitesCount) + { + supported = Arrays.CopyOf(supported, count); + } + + return supported; + } + + public static bool IsSupportedCipherSuite(TlsCrypto crypto, int cipherSuite) + { + int keyExchangeAlgorithm = GetKeyExchangeAlgorithm(cipherSuite); + if (!IsSupportedKeyExchange(crypto, keyExchangeAlgorithm)) + return false; + + int encryptionAlgorithm = GetEncryptionAlgorithm(cipherSuite); + if (encryptionAlgorithm < 0 || !crypto.HasEncryptionAlgorithm(encryptionAlgorithm)) + return false; + + int macAlgorithm = GetMacAlgorithm(cipherSuite); + if (macAlgorithm != MacAlgorithm.cls_null) + { + if (macAlgorithm < 0 || !crypto.HasMacAlgorithm(macAlgorithm)) + return false; + } + + return true; + } + + public static bool IsSupportedKeyExchange(TlsCrypto crypto, int keyExchangeAlgorithm) + { + switch (keyExchangeAlgorithm) + { + case KeyExchangeAlgorithm.DH_anon: + case KeyExchangeAlgorithm.DH_DSS: + case KeyExchangeAlgorithm.DH_RSA: + case KeyExchangeAlgorithm.DHE_PSK: + return crypto.HasDHAgreement(); + + case KeyExchangeAlgorithm.DHE_DSS: + return crypto.HasDHAgreement() + && crypto.HasSignatureAlgorithm(SignatureAlgorithm.dsa); + + case KeyExchangeAlgorithm.DHE_RSA: + return crypto.HasDHAgreement() + && HasAnyRsaSigAlgs(crypto); + + case KeyExchangeAlgorithm.ECDH_anon: + case KeyExchangeAlgorithm.ECDH_ECDSA: + case KeyExchangeAlgorithm.ECDH_RSA: + case KeyExchangeAlgorithm.ECDHE_PSK: + return crypto.HasECDHAgreement(); + + case KeyExchangeAlgorithm.ECDHE_ECDSA: + return crypto.HasECDHAgreement() + && (crypto.HasSignatureAlgorithm(SignatureAlgorithm.ecdsa) + || crypto.HasSignatureAlgorithm(SignatureAlgorithm.ed25519) + || crypto.HasSignatureAlgorithm(SignatureAlgorithm.ed448)); + + case KeyExchangeAlgorithm.ECDHE_RSA: + return crypto.HasECDHAgreement() + && HasAnyRsaSigAlgs(crypto); + + case KeyExchangeAlgorithm.NULL: + case KeyExchangeAlgorithm.PSK: + return true; + + case KeyExchangeAlgorithm.RSA: + case KeyExchangeAlgorithm.RSA_PSK: + return crypto.HasRsaEncryption(); + + case KeyExchangeAlgorithm.SRP: + return crypto.HasSrpAuthentication(); + + case KeyExchangeAlgorithm.SRP_DSS: + return crypto.HasSrpAuthentication() + && crypto.HasSignatureAlgorithm(SignatureAlgorithm.dsa); + + case KeyExchangeAlgorithm.SRP_RSA: + return crypto.HasSrpAuthentication() + && HasAnyRsaSigAlgs(crypto); + + default: + return false; + } + } + + internal static bool HasAnyRsaSigAlgs(TlsCrypto crypto) + { + return crypto.HasSignatureAlgorithm(SignatureAlgorithm.rsa) + || crypto.HasSignatureAlgorithm(SignatureAlgorithm.rsa_pss_rsae_sha256) + || crypto.HasSignatureAlgorithm(SignatureAlgorithm.rsa_pss_rsae_sha384) + || crypto.HasSignatureAlgorithm(SignatureAlgorithm.rsa_pss_rsae_sha512) + || crypto.HasSignatureAlgorithm(SignatureAlgorithm.rsa_pss_pss_sha256) + || crypto.HasSignatureAlgorithm(SignatureAlgorithm.rsa_pss_pss_sha384) + || crypto.HasSignatureAlgorithm(SignatureAlgorithm.rsa_pss_pss_sha512); + } + + internal static byte[] GetCurrentPrfHash(TlsHandshakeHash handshakeHash) + { + return handshakeHash.ForkPrfHash().CalculateHash(); + } + + internal static void SealHandshakeHash(TlsContext context, TlsHandshakeHash handshakeHash, bool forceBuffering) + { + if (forceBuffering || !context.Crypto.HasAllRawSignatureAlgorithms()) + { + handshakeHash.ForceBuffering(); + } + + handshakeHash.SealHashAlgorithms(); + } + + private static TlsHash CreateHash(TlsCrypto crypto, short hashAlgorithm) + { + int cryptoHashAlgorithm = TlsCryptoUtilities.GetHash(hashAlgorithm); + + return crypto.CreateHash(cryptoHashAlgorithm); + } + + /// + private static TlsKeyExchange CreateKeyExchangeClient(TlsClient client, int keyExchange) + { + TlsKeyExchangeFactory factory = client.GetKeyExchangeFactory(); + + switch (keyExchange) + { + case KeyExchangeAlgorithm.DH_anon: + return factory.CreateDHanonKeyExchangeClient(keyExchange, client.GetDHGroupVerifier()); + + case KeyExchangeAlgorithm.DH_DSS: + case KeyExchangeAlgorithm.DH_RSA: + return factory.CreateDHKeyExchange(keyExchange); + + case KeyExchangeAlgorithm.DHE_DSS: + case KeyExchangeAlgorithm.DHE_RSA: + return factory.CreateDheKeyExchangeClient(keyExchange, client.GetDHGroupVerifier()); + + case KeyExchangeAlgorithm.ECDH_anon: + return factory.CreateECDHanonKeyExchangeClient(keyExchange); + + case KeyExchangeAlgorithm.ECDH_ECDSA: + case KeyExchangeAlgorithm.ECDH_RSA: + return factory.CreateECDHKeyExchange(keyExchange); + + case KeyExchangeAlgorithm.ECDHE_ECDSA: + case KeyExchangeAlgorithm.ECDHE_RSA: + return factory.CreateECDheKeyExchangeClient(keyExchange); + + case KeyExchangeAlgorithm.RSA: + return factory.CreateRsaKeyExchange(keyExchange); + + case KeyExchangeAlgorithm.DHE_PSK: + return factory.CreatePskKeyExchangeClient(keyExchange, client.GetPskIdentity(), + client.GetDHGroupVerifier()); + + case KeyExchangeAlgorithm.ECDHE_PSK: + case KeyExchangeAlgorithm.PSK: + case KeyExchangeAlgorithm.RSA_PSK: + return factory.CreatePskKeyExchangeClient(keyExchange, client.GetPskIdentity(), null); + + case KeyExchangeAlgorithm.SRP: + case KeyExchangeAlgorithm.SRP_DSS: + case KeyExchangeAlgorithm.SRP_RSA: + return factory.CreateSrpKeyExchangeClient(keyExchange, client.GetSrpIdentity(), + client.GetSrpConfigVerifier()); + + default: + /* + * Note: internal error here; the TlsProtocol implementation verifies that the + * server-selected cipher suite was in the list of client-offered cipher suites, so if + * we now can't produce an implementation, we shouldn't have offered it! + */ + throw new TlsFatalAlert(AlertDescription.internal_error); + } + } + + /// + private static TlsKeyExchange CreateKeyExchangeServer(TlsServer server, int keyExchange) + { + TlsKeyExchangeFactory factory = server.GetKeyExchangeFactory(); + + switch (keyExchange) + { + case KeyExchangeAlgorithm.DH_anon: + return factory.CreateDHanonKeyExchangeServer(keyExchange, server.GetDHConfig()); + + case KeyExchangeAlgorithm.DH_DSS: + case KeyExchangeAlgorithm.DH_RSA: + return factory.CreateDHKeyExchange(keyExchange); + + case KeyExchangeAlgorithm.DHE_DSS: + case KeyExchangeAlgorithm.DHE_RSA: + return factory.CreateDheKeyExchangeServer(keyExchange, server.GetDHConfig()); + + case KeyExchangeAlgorithm.ECDH_anon: + return factory.CreateECDHanonKeyExchangeServer(keyExchange, server.GetECDHConfig()); + + case KeyExchangeAlgorithm.ECDH_ECDSA: + case KeyExchangeAlgorithm.ECDH_RSA: + return factory.CreateECDHKeyExchange(keyExchange); + + case KeyExchangeAlgorithm.ECDHE_ECDSA: + case KeyExchangeAlgorithm.ECDHE_RSA: + return factory.CreateECDheKeyExchangeServer(keyExchange, server.GetECDHConfig()); + + case KeyExchangeAlgorithm.RSA: + return factory.CreateRsaKeyExchange(keyExchange); + + case KeyExchangeAlgorithm.DHE_PSK: + return factory.CreatePskKeyExchangeServer(keyExchange, server.GetPskIdentityManager(), + server.GetDHConfig(), null); + + case KeyExchangeAlgorithm.ECDHE_PSK: + return factory.CreatePskKeyExchangeServer(keyExchange, server.GetPskIdentityManager(), null, + server.GetECDHConfig()); + + case KeyExchangeAlgorithm.PSK: + case KeyExchangeAlgorithm.RSA_PSK: + return factory.CreatePskKeyExchangeServer(keyExchange, server.GetPskIdentityManager(), null, null); + + case KeyExchangeAlgorithm.SRP: + case KeyExchangeAlgorithm.SRP_DSS: + case KeyExchangeAlgorithm.SRP_RSA: + return factory.CreateSrpKeyExchangeServer(keyExchange, server.GetSrpLoginParameters()); + + default: + /* + * Note: internal error here; the TlsProtocol implementation verifies that the + * server-selected cipher suite was in the list of client-offered cipher suites, so if + * we now can't produce an implementation, we shouldn't have offered it! + */ + throw new TlsFatalAlert(AlertDescription.internal_error); + } + } + + /// + internal static TlsKeyExchange InitKeyExchangeClient(TlsClientContext clientContext, TlsClient client) + { + SecurityParameters securityParameters = clientContext.SecurityParameters; + TlsKeyExchange keyExchange = CreateKeyExchangeClient(client, securityParameters.KeyExchangeAlgorithm); + keyExchange.Init(clientContext); + return keyExchange; + } + + /// + internal static TlsKeyExchange InitKeyExchangeServer(TlsServerContext serverContext, TlsServer server) + { + SecurityParameters securityParameters = serverContext.SecurityParameters; + TlsKeyExchange keyExchange = CreateKeyExchangeServer(server, securityParameters.KeyExchangeAlgorithm); + keyExchange.Init(serverContext); + return keyExchange; + } + + internal static TlsCipher InitCipher(TlsContext context) + { + SecurityParameters securityParameters = context.SecurityParameters; + int cipherSuite = securityParameters.CipherSuite; + int encryptionAlgorithm = GetEncryptionAlgorithm(cipherSuite); + int macAlgorithm = GetMacAlgorithm(cipherSuite); + + if (encryptionAlgorithm < 0 || macAlgorithm < 0) + throw new TlsFatalAlert(AlertDescription.internal_error); + + return context.Crypto.CreateCipher(new TlsCryptoParameters(context), encryptionAlgorithm, macAlgorithm); + } + + /// Check the signature algorithm for certificates in the peer's CertPath as specified in RFC 5246 + /// 7.4.2, 7.4.4, 7.4.6 and similar rules for earlier TLS versions. + /// + /// The supplied CertPath should include the trust anchor (its signature algorithm isn't checked, but in the + /// general case checking a certificate requires the issuer certificate). + /// + /// if any certificate in the CertPath (excepting the trust anchor) has a + /// signature algorithm that is not one of the locally supported signature algorithms. + public static void CheckPeerSigAlgs(TlsContext context, TlsCertificate[] peerCertPath) + { + if (context.IsServer) + { + CheckSigAlgOfClientCerts(context, peerCertPath); + } + else + { + CheckSigAlgOfServerCerts(context, peerCertPath); + } + } + + private static void CheckSigAlgOfClientCerts(TlsContext context, TlsCertificate[] clientCertPath) + { + SecurityParameters securityParameters = context.SecurityParameters; + short[] clientCertTypes = securityParameters.ClientCertTypes; + IList serverSigAlgsCert = securityParameters.ServerSigAlgsCert; + + int trustAnchorPos = clientCertPath.Length - 1; + for (int i = 0; i < trustAnchorPos; ++i) + { + TlsCertificate subjectCert = clientCertPath[i]; + TlsCertificate issuerCert = clientCertPath[i + 1]; + + SignatureAndHashAlgorithm sigAndHashAlg = GetCertSigAndHashAlg(subjectCert, issuerCert); + + bool valid = false; + if (null == sigAndHashAlg) + { + // We don't recognize the 'signatureAlgorithm' of the certificate + } + else if (null == serverSigAlgsCert) + { + // TODO Review this (legacy) logic with RFC 4346 (7.4?.2?) + if (null != clientCertTypes) + { + for (int j = 0; j < clientCertTypes.Length; ++j) + { + short signatureAlgorithm = GetLegacySignatureAlgorithmClientCert(clientCertTypes[j]); + if (sigAndHashAlg.Signature == signatureAlgorithm) + { + valid = true; + break; + } + } + } + } + else + { + /* + * RFC 5246 7.4.4 Any certificates provided by the client MUST be signed using a + * hash/signature algorithm pair found in supported_signature_algorithms. + */ + valid = ContainsSignatureAlgorithm(serverSigAlgsCert, sigAndHashAlg); + } + + if (!valid) + { + throw new TlsFatalAlert(AlertDescription.bad_certificate); + } + } + } + + private static void CheckSigAlgOfServerCerts(TlsContext context, TlsCertificate[] serverCertPath) + { + SecurityParameters securityParameters = context.SecurityParameters; + IList clientSigAlgsCert = securityParameters.ClientSigAlgsCert; + IList clientSigAlgs = securityParameters.ClientSigAlgs; + + /* + * NOTE: For TLS 1.2, we'll check 'signature_algorithms' too (if it's distinct), since + * there's no way of knowing whether the server understood 'signature_algorithms_cert'. + */ + if (clientSigAlgs == clientSigAlgsCert || IsTlsV13(securityParameters.NegotiatedVersion)) + { + clientSigAlgs = null; + } + + int trustAnchorPos = serverCertPath.Length - 1; + for (int i = 0; i < trustAnchorPos; ++i) + { + TlsCertificate subjectCert = serverCertPath[i]; + TlsCertificate issuerCert = serverCertPath[i + 1]; + + SignatureAndHashAlgorithm sigAndHashAlg = GetCertSigAndHashAlg(subjectCert, issuerCert); + + bool valid = false; + if (null == sigAndHashAlg) + { + // We don't recognize the 'signatureAlgorithm' of the certificate + } + else if (null == clientSigAlgsCert) + { + /* + * RFC 4346 7.4.2. Unless otherwise specified, the signing algorithm for the + * certificate MUST be the same as the algorithm for the certificate key. + */ + short signatureAlgorithm = GetLegacySignatureAlgorithmServerCert( + securityParameters.KeyExchangeAlgorithm); + + valid = (signatureAlgorithm == sigAndHashAlg.Signature); + } + else + { + /* + * RFC 5246 7.4.2. If the client provided a "signature_algorithms" extension, then + * all certificates provided by the server MUST be signed by a hash/signature algorithm + * pair that appears in that extension. + */ + valid = ContainsSignatureAlgorithm(clientSigAlgsCert, sigAndHashAlg) + || (null != clientSigAlgs && ContainsSignatureAlgorithm(clientSigAlgs, sigAndHashAlg)); + } + + if (!valid) + throw new TlsFatalAlert(AlertDescription.bad_certificate); + } + } + + internal static void CheckTlsFeatures(Certificate serverCertificate, IDictionary clientExtensions, + IDictionary serverExtensions) + { + /* + * RFC 7633 4.3.3. A client MUST treat a certificate with a TLS feature extension as an + * invalid certificate if the features offered by the server do not contain all features + * present in both the client's ClientHello message and the TLS feature extension. + */ + byte[] tlsFeatures = serverCertificate.GetCertificateAt(0).GetExtension(TlsObjectIdentifiers.id_pe_tlsfeature); + if (tlsFeatures != null) + { + // TODO[tls] Proper ASN.1 type class for this extension? + Asn1Sequence tlsFeaturesSeq = (Asn1Sequence)ReadAsn1Object(tlsFeatures); + for (int i = 0; i < tlsFeaturesSeq.Count; ++i) + { + if (!(tlsFeaturesSeq[i] is DerInteger)) + throw new TlsFatalAlert(AlertDescription.bad_certificate); + } + + RequireDerEncoding(tlsFeaturesSeq, tlsFeatures); + + foreach (DerInteger tlsExtensionElement in tlsFeaturesSeq) + { + BigInteger tlsExtension = tlsExtensionElement.PositiveValue; + if (tlsExtension.BitLength <= 16) + { + int extensionType = tlsExtension.IntValueExact; + + if (clientExtensions.Contains(extensionType) && !serverExtensions.Contains(extensionType)) + throw new TlsFatalAlert(AlertDescription.certificate_unknown); + } + } + } + } + + internal static void ProcessClientCertificate(TlsServerContext serverContext, Certificate clientCertificate, + TlsKeyExchange keyExchange, TlsServer server) + { + SecurityParameters securityParameters = serverContext.SecurityParameters; + if (null != securityParameters.PeerCertificate) + throw new TlsFatalAlert(AlertDescription.unexpected_message); + + bool isTlsV13 = IsTlsV13(securityParameters.NegotiatedVersion); + if (isTlsV13) + { + // 'keyExchange' not used + } + else if (clientCertificate.IsEmpty) + { + /* + * NOTE: We tolerate SSLv3 clients sending an empty chain, although "If no suitable + * certificate is available, the client should send a no_certificate alert instead". + */ + + keyExchange.SkipClientCredentials(); + } + else + { + keyExchange.ProcessClientCertificate(clientCertificate); + } + + securityParameters.m_peerCertificate = clientCertificate; + + /* + * RFC 5246 7.4.6. If the client does not send any certificates, the server MAY at its + * discretion either continue the handshake without client authentication, or respond with a + * fatal handshake_failure alert. Also, if some aspect of the certificate chain was + * unacceptable (e.g., it was not signed by a known, trusted CA), the server MAY at its + * discretion either continue the handshake (considering the client unauthenticated) or send + * a fatal alert. + */ + server.NotifyClientCertificate(clientCertificate); + } + + internal static void ProcessServerCertificate(TlsClientContext clientContext, + CertificateStatus serverCertificateStatus, TlsKeyExchange keyExchange, + TlsAuthentication clientAuthentication, IDictionary clientExtensions, IDictionary serverExtensions) + { + SecurityParameters securityParameters = clientContext.SecurityParameters; + bool isTlsV13 = IsTlsV13(securityParameters.NegotiatedVersion); + + if (null == clientAuthentication) + { + if (isTlsV13) + throw new TlsFatalAlert(AlertDescription.internal_error); + + // There was no server certificate message; check it's OK + keyExchange.SkipServerCredentials(); + securityParameters.m_tlsServerEndPoint = EmptyBytes; + return; + } + + Certificate serverCertificate = securityParameters.PeerCertificate; + + CheckTlsFeatures(serverCertificate, clientExtensions, serverExtensions); + + if (!isTlsV13) + { + keyExchange.ProcessServerCertificate(serverCertificate); + } + + clientAuthentication.NotifyServerCertificate( + new TlsServerCertificateImpl(serverCertificate, serverCertificateStatus)); + } + + internal static SignatureAndHashAlgorithm GetCertSigAndHashAlg(TlsCertificate subjectCert, TlsCertificate issuerCert) + { + string sigAlgOid = subjectCert.SigAlgOid; + + if (null != sigAlgOid) + { + if (!PkcsObjectIdentifiers.IdRsassaPss.Id.Equals(sigAlgOid)) + { + if (!CertSigAlgOids.Contains(sigAlgOid)) + return null; + + return (SignatureAndHashAlgorithm)CertSigAlgOids[sigAlgOid]; + } + + RsassaPssParameters pssParams = RsassaPssParameters.GetInstance(subjectCert.GetSigAlgParams()); + if (null != pssParams) + { + DerObjectIdentifier hashOid = pssParams.HashAlgorithm.Algorithm; + if (NistObjectIdentifiers.IdSha256.Equals(hashOid)) + { + if (issuerCert.SupportsSignatureAlgorithmCA(SignatureAlgorithm.rsa_pss_pss_sha256)) + return SignatureAndHashAlgorithm.rsa_pss_pss_sha256; + + if (issuerCert.SupportsSignatureAlgorithmCA(SignatureAlgorithm.rsa_pss_rsae_sha256)) + return SignatureAndHashAlgorithm.rsa_pss_rsae_sha256; + } + else if (NistObjectIdentifiers.IdSha384.Equals(hashOid)) + { + if (issuerCert.SupportsSignatureAlgorithmCA(SignatureAlgorithm.rsa_pss_pss_sha384)) + return SignatureAndHashAlgorithm.rsa_pss_pss_sha384; + + if (issuerCert.SupportsSignatureAlgorithmCA(SignatureAlgorithm.rsa_pss_rsae_sha384)) + return SignatureAndHashAlgorithm.rsa_pss_rsae_sha384; + } + else if (NistObjectIdentifiers.IdSha512.Equals(hashOid)) + { + if (issuerCert.SupportsSignatureAlgorithmCA(SignatureAlgorithm.rsa_pss_pss_sha512)) + return SignatureAndHashAlgorithm.rsa_pss_pss_sha512; + + if (issuerCert.SupportsSignatureAlgorithmCA(SignatureAlgorithm.rsa_pss_rsae_sha512)) + return SignatureAndHashAlgorithm.rsa_pss_rsae_sha512; + } + } + } + + return null; + } + + internal static CertificateRequest ValidateCertificateRequest(CertificateRequest certificateRequest, + TlsKeyExchange keyExchange) + { + short[] validClientCertificateTypes = keyExchange.GetClientCertificateTypes(); + if (IsNullOrEmpty(validClientCertificateTypes)) + throw new TlsFatalAlert(AlertDescription.unexpected_message); + + certificateRequest = NormalizeCertificateRequest(certificateRequest, validClientCertificateTypes); + if (certificateRequest == null) + throw new TlsFatalAlert(AlertDescription.illegal_parameter); + + return certificateRequest; + } + + internal static CertificateRequest NormalizeCertificateRequest(CertificateRequest certificateRequest, + short[] validClientCertificateTypes) + { + if (ContainsAll(validClientCertificateTypes, certificateRequest.CertificateTypes)) + return certificateRequest; + + short[] retained = RetainAll(certificateRequest.CertificateTypes, validClientCertificateTypes); + if (retained.Length < 1) + return null; + + // TODO Filter for unique sigAlgs/CAs only + return new CertificateRequest(retained, certificateRequest.SupportedSignatureAlgorithms, + certificateRequest.CertificateAuthorities); + } + + internal static bool Contains(int[] buf, int off, int len, int value) + { + for (int i = 0; i < len; ++i) + { + if (value == buf[off + i]) + return true; + } + return false; + } + + internal static bool ContainsAll(short[] container, short[] elements) + { + for (int i = 0; i < elements.Length; ++i) + { + if (!Arrays.Contains(container, elements[i])) + return false; + } + return true; + } + + internal static short[] RetainAll(short[] retainer, short[] elements) + { + short[] retained = new short[System.Math.Min(retainer.Length, elements.Length)]; + + int count = 0; + for (int i = 0; i < elements.Length; ++i) + { + if (Arrays.Contains(retainer, elements[i])) + { + retained[count++] = elements[i]; + } + } + + return Truncate(retained, count); + } + + internal static short[] Truncate(short[] a, int n) + { + if (n >= a.Length) + return a; + + short[] t = new short[n]; + Array.Copy(a, 0, t, 0, n); + return t; + } + + internal static int[] Truncate(int[] a, int n) + { + if (n >= a.Length) + return a; + + int[] t = new int[n]; + Array.Copy(a, 0, t, 0, n); + return t; + } + + /// + internal static TlsCredentialedAgreement RequireAgreementCredentials(TlsCredentials credentials) + { + if (!(credentials is TlsCredentialedAgreement)) + throw new TlsFatalAlert(AlertDescription.internal_error); + + return (TlsCredentialedAgreement)credentials; + } + + /// + internal static TlsCredentialedDecryptor RequireDecryptorCredentials(TlsCredentials credentials) + { + if (!(credentials is TlsCredentialedDecryptor)) + throw new TlsFatalAlert(AlertDescription.internal_error); + + return (TlsCredentialedDecryptor)credentials; + } + + /// + internal static TlsCredentialedSigner RequireSignerCredentials(TlsCredentials credentials) + { + if (!(credentials is TlsCredentialedSigner)) + throw new TlsFatalAlert(AlertDescription.internal_error); + + return (TlsCredentialedSigner)credentials; + } + + private static void CheckDowngradeMarker(byte[] randomBlock, byte[] downgradeMarker) + { + int len = downgradeMarker.Length; + if (ConstantTimeAreEqual(len, downgradeMarker, 0, randomBlock, randomBlock.Length - len)) + throw new TlsFatalAlert(AlertDescription.illegal_parameter); + } + + internal static void CheckDowngradeMarker(ProtocolVersion version, byte[] randomBlock) + { + version = version.GetEquivalentTlsVersion(); + + if (version.IsEqualOrEarlierVersionOf(ProtocolVersion.TLSv11)) + { + CheckDowngradeMarker(randomBlock, DowngradeTlsV11); + } + if (version.IsEqualOrEarlierVersionOf(ProtocolVersion.TLSv12)) + { + CheckDowngradeMarker(randomBlock, DowngradeTlsV12); + } + } + + internal static void WriteDowngradeMarker(ProtocolVersion version, byte[] randomBlock) + { + version = version.GetEquivalentTlsVersion(); + + byte[] marker; + if (ProtocolVersion.TLSv12 == version) + { + marker = DowngradeTlsV12; + } + else if (version.IsEqualOrEarlierVersionOf(ProtocolVersion.TLSv11)) + { + marker = DowngradeTlsV11; + } + else + { + throw new TlsFatalAlert(AlertDescription.internal_error); + } + + Array.Copy(marker, 0, randomBlock, randomBlock.Length - marker.Length, marker.Length); + } + + internal static TlsAuthentication ReceiveServerCertificate(TlsClientContext clientContext, TlsClient client, + MemoryStream buf) + { + SecurityParameters securityParameters = clientContext.SecurityParameters; + if (null != securityParameters.PeerCertificate) + throw new TlsFatalAlert(AlertDescription.unexpected_message); + + MemoryStream endPointHash = new MemoryStream(); + + Certificate.ParseOptions options = new Certificate.ParseOptions() + .SetMaxChainLength(client.GetMaxCertificateChainLength()); + + Certificate serverCertificate = Certificate.Parse(options, clientContext, buf, endPointHash); + + TlsProtocol.AssertEmpty(buf); + + if (serverCertificate.IsEmpty) + throw new TlsFatalAlert(AlertDescription.decode_error); + + securityParameters.m_peerCertificate = serverCertificate; + securityParameters.m_tlsServerEndPoint = endPointHash.ToArray(); + + TlsAuthentication authentication = client.GetAuthentication(); + if (null == authentication) + throw new TlsFatalAlert(AlertDescription.internal_error); + + return authentication; + } + + internal static TlsAuthentication Receive13ServerCertificate(TlsClientContext clientContext, TlsClient client, + MemoryStream buf) + { + SecurityParameters securityParameters = clientContext.SecurityParameters; + if (null != securityParameters.PeerCertificate) + throw new TlsFatalAlert(AlertDescription.unexpected_message); + + Certificate.ParseOptions options = new Certificate.ParseOptions() + .SetMaxChainLength(client.GetMaxCertificateChainLength()); + + Certificate serverCertificate = Certificate.Parse(options, clientContext, buf, null); + + TlsProtocol.AssertEmpty(buf); + + if (serverCertificate.GetCertificateRequestContext().Length > 0) + throw new TlsFatalAlert(AlertDescription.illegal_parameter); + + if (serverCertificate.IsEmpty) + throw new TlsFatalAlert(AlertDescription.decode_error); + + securityParameters.m_peerCertificate = serverCertificate; + securityParameters.m_tlsServerEndPoint = null; + + TlsAuthentication authentication = client.GetAuthentication(); + if (null == authentication) + throw new TlsFatalAlert(AlertDescription.internal_error); + + return authentication; + } + + internal static TlsAuthentication Skip13ServerCertificate(TlsClientContext clientContext) + { + SecurityParameters securityParameters = clientContext.SecurityParameters; + if (null != securityParameters.PeerCertificate) + throw new TlsFatalAlert(AlertDescription.internal_error); + + securityParameters.m_peerCertificate = null; + securityParameters.m_tlsServerEndPoint = null; + + return null; + } + + public static bool ContainsNonAscii(byte[] bs) + { + for (int i = 0; i < bs.Length; ++i) + { + int c = bs[i]; + if (c >= 0x80) + return true; + } + return false; + } + + public static bool ContainsNonAscii(string s) + { + for (int i = 0; i < s.Length; ++i) + { + int c = s[i]; + if (c >= 0x80) + return true; + } + return false; + } + + internal static IDictionary AddKeyShareToClientHello(TlsClientContext clientContext, TlsClient client, + IDictionary clientExtensions) + { + /* + * RFC 8446 9.2. If containing a "supported_groups" extension, it MUST also contain a + * "key_share" extension, and vice versa. An empty KeyShare.client_shares vector is + * permitted. + */ + if (!IsTlsV13(clientContext.ClientVersion) + || !clientExtensions.Contains(ExtensionType.supported_groups)) + { + return null; + } + + int[] supportedGroups = TlsExtensionsUtilities.GetSupportedGroupsExtension(clientExtensions); + IList keyShareGroups = client.GetEarlyKeyShareGroups(); + IDictionary clientAgreements = Platform.CreateHashtable(3); + IList clientShares = Platform.CreateArrayList(2); + + CollectKeyShares(clientContext.Crypto, supportedGroups, keyShareGroups, clientAgreements, clientShares); + + // TODO[tls13-psk] When clientShares empty, consider not adding extension if pre_shared_key in use + TlsExtensionsUtilities.AddKeyShareClientHello(clientExtensions, clientShares); + + return clientAgreements; + } + + internal static IDictionary AddKeyShareToClientHelloRetry(TlsClientContext clientContext, + IDictionary clientExtensions, int keyShareGroup) + { + int[] supportedGroups = new int[]{ keyShareGroup }; + IList keyShareGroups = VectorOfOne(keyShareGroup); + IDictionary clientAgreements = Platform.CreateHashtable(1); + IList clientShares = Platform.CreateArrayList(1); + + CollectKeyShares(clientContext.Crypto, supportedGroups, keyShareGroups, clientAgreements, clientShares); + + TlsExtensionsUtilities.AddKeyShareClientHello(clientExtensions, clientShares); + + if (clientAgreements.Count < 1 || clientShares.Count < 1) + { + // NOTE: Probable cause is declaring an unsupported NamedGroup in supported_groups extension + throw new TlsFatalAlert(AlertDescription.internal_error); + } + + return clientAgreements; + } + + private static void CollectKeyShares(TlsCrypto crypto, int[] supportedGroups, IList keyShareGroups, + IDictionary clientAgreements, IList clientShares) + { + if (IsNullOrEmpty(supportedGroups)) + return; + + if (null == keyShareGroups || keyShareGroups.Count < 1) + return; + + for (int i = 0; i < supportedGroups.Length; ++i) + { + int supportedGroup = supportedGroups[i]; + + if (!keyShareGroups.Contains(supportedGroup) + || clientAgreements.Contains(supportedGroup) + || !crypto.HasNamedGroup(supportedGroup)) + { + continue; + } + + TlsAgreement agreement = null; + if (NamedGroup.RefersToASpecificCurve(supportedGroup)) + { + if (crypto.HasECDHAgreement()) + { + agreement = crypto.CreateECDomain(new TlsECConfig(supportedGroup)).CreateECDH(); + } + } + else if (NamedGroup.RefersToASpecificFiniteField(supportedGroup)) + { + if (crypto.HasDHAgreement()) + { + agreement = crypto.CreateDHDomain(new TlsDHConfig(supportedGroup, true)).CreateDH(); + } + } + + if (null != agreement) + { + byte[] key_exchange = agreement.GenerateEphemeral(); + KeyShareEntry clientShare = new KeyShareEntry(supportedGroup, key_exchange); + + clientShares.Add(clientShare); + clientAgreements[supportedGroup] = agreement; + } + } + } + + internal static KeyShareEntry SelectKeyShare(IList clientShares, int keyShareGroup) + { + if (null != clientShares && 1 == clientShares.Count) + { + KeyShareEntry clientShare = (KeyShareEntry)clientShares[0]; + if (null != clientShare && clientShare.NamedGroup == keyShareGroup) + { + return clientShare; + } + } + return null; + } + + internal static KeyShareEntry SelectKeyShare(TlsCrypto crypto, ProtocolVersion negotiatedVersion, + IList clientShares, int[] clientSupportedGroups, int[] serverSupportedGroups) + { + if (null != clientShares && !IsNullOrEmpty(clientSupportedGroups) && !IsNullOrEmpty(serverSupportedGroups)) + { + foreach (KeyShareEntry clientShare in clientShares) + { + int group = clientShare.NamedGroup; + + if (!NamedGroup.CanBeNegotiated(group, negotiatedVersion)) + continue; + + if (!Arrays.Contains(serverSupportedGroups, group) || + !Arrays.Contains(clientSupportedGroups, group)) + { + continue; + } + + if (!crypto.HasNamedGroup(group)) + continue; + + if ((NamedGroup.RefersToASpecificCurve(group) && !crypto.HasECDHAgreement()) || + (NamedGroup.RefersToASpecificFiniteField(group) && !crypto.HasDHAgreement())) + { + continue; + } + + return clientShare; + } + } + return null; + } + + internal static int SelectKeyShareGroup(TlsCrypto crypto, ProtocolVersion negotiatedVersion, + int[] clientSupportedGroups, int[] serverSupportedGroups) + { + if (!IsNullOrEmpty(clientSupportedGroups) && !IsNullOrEmpty(serverSupportedGroups)) + { + foreach (int group in clientSupportedGroups) + { + if (!NamedGroup.CanBeNegotiated(group, negotiatedVersion)) + continue; + + if (!Arrays.Contains(serverSupportedGroups, group)) + continue; + + if (!crypto.HasNamedGroup(group)) + continue; + + if ((NamedGroup.RefersToASpecificCurve(group) && !crypto.HasECDHAgreement()) || + (NamedGroup.RefersToASpecificFiniteField(group) && !crypto.HasDHAgreement())) + { + continue; + } + + return group; + } + } + return -1; + } + + internal static byte[] ReadEncryptedPms(TlsContext context, Stream input) + { + if (IsSsl(context)) + return Ssl3Utilities.ReadEncryptedPms(input); + + return ReadOpaque16(input); + } + + internal static void WriteEncryptedPms(TlsContext context, byte[] encryptedPms, Stream output) + { + if (IsSsl(context)) + { + Ssl3Utilities.WriteEncryptedPms(encryptedPms, output); + } + else + { + WriteOpaque16(encryptedPms, output); + } + } + + internal static byte[] GetSessionID(TlsSession tlsSession) + { + if (null != tlsSession) + { + byte[] sessionID = tlsSession.SessionID; + if (null != sessionID + && sessionID.Length > 0 + && sessionID.Length <= 32) + { + return sessionID; + } + } + return EmptyBytes; + } + + internal static void AdjustTranscriptForRetry(TlsHandshakeHash handshakeHash) + { + byte[] clientHelloHash = GetCurrentPrfHash(handshakeHash); + handshakeHash.Reset(); + + int length = clientHelloHash.Length; + CheckUint8(length); + + byte[] synthetic = new byte[4 + length]; + WriteUint8(HandshakeType.message_hash, synthetic, 0); + WriteUint24(length, synthetic, 1); + Array.Copy(clientHelloHash, 0, synthetic, 4, length); + + handshakeHash.Update(synthetic, 0, synthetic.Length); + } + + internal static TlsCredentials EstablishClientCredentials(TlsAuthentication clientAuthentication, + CertificateRequest certificateRequest) + { + return ValidateCredentials(clientAuthentication.GetClientCredentials(certificateRequest)); + } + + internal static TlsCredentialedSigner Establish13ClientCredentials(TlsAuthentication clientAuthentication, + CertificateRequest certificateRequest) + { + return Validate13Credentials(clientAuthentication.GetClientCredentials(certificateRequest)); + } + + internal static void EstablishClientSigAlgs(SecurityParameters securityParameters, + IDictionary clientExtensions) + { + securityParameters.m_clientSigAlgs = TlsExtensionsUtilities.GetSignatureAlgorithmsExtension( + clientExtensions); + securityParameters.m_clientSigAlgsCert = TlsExtensionsUtilities.GetSignatureAlgorithmsCertExtension( + clientExtensions); + } + + internal static TlsCredentials EstablishServerCredentials(TlsServer server) + { + return ValidateCredentials(server.GetCredentials()); + } + + internal static TlsCredentialedSigner Establish13ServerCredentials(TlsServer server) + { + return Validate13Credentials(server.GetCredentials()); + } + + internal static void EstablishServerSigAlgs(SecurityParameters securityParameters, + CertificateRequest certificateRequest) + { + securityParameters.m_clientCertTypes = certificateRequest.CertificateTypes; + securityParameters.m_serverSigAlgs = certificateRequest.SupportedSignatureAlgorithms; + securityParameters.m_serverSigAlgsCert = certificateRequest.SupportedSignatureAlgorithmsCert; + + if (null == securityParameters.ServerSigAlgsCert) + { + securityParameters.m_serverSigAlgsCert = securityParameters.ServerSigAlgs; + } + } + + internal static TlsCredentials ValidateCredentials(TlsCredentials credentials) + { + if (null != credentials) + { + int count = 0; + count += (credentials is TlsCredentialedAgreement) ? 1 : 0; + count += (credentials is TlsCredentialedDecryptor) ? 1 : 0; + count += (credentials is TlsCredentialedSigner) ? 1 : 0; + if (count != 1) + throw new TlsFatalAlert(AlertDescription.internal_error); + } + return credentials; + } + + internal static TlsCredentialedSigner Validate13Credentials(TlsCredentials credentials) + { + if (null == credentials) + return null; + + if (!(credentials is TlsCredentialedSigner)) + throw new TlsFatalAlert(AlertDescription.internal_error); + + return (TlsCredentialedSigner)credentials; + } + + internal static void NegotiatedCipherSuite(SecurityParameters securityParameters, int cipherSuite) + { + securityParameters.m_cipherSuite = cipherSuite; + securityParameters.m_keyExchangeAlgorithm = GetKeyExchangeAlgorithm(cipherSuite); + + int prfAlgorithm = GetPrfAlgorithm(securityParameters, cipherSuite); + securityParameters.m_prfAlgorithm = prfAlgorithm; + + switch (prfAlgorithm) + { + case PrfAlgorithm.ssl_prf_legacy: + case PrfAlgorithm.tls_prf_legacy: + { + securityParameters.m_prfCryptoHashAlgorithm = -1; + securityParameters.m_prfHashLength = -1; + break; + } + default: + { + int prfCryptoHashAlgorithm = TlsCryptoUtilities.GetHashForPrf(prfAlgorithm); + + securityParameters.m_prfCryptoHashAlgorithm = prfCryptoHashAlgorithm; + securityParameters.m_prfHashLength = TlsCryptoUtilities.GetHashOutputSize(prfCryptoHashAlgorithm); + break; + } + } + + /* + * TODO[tls13] We're slowly moving towards negotiating cipherSuite THEN version. We could + * move this to "after parameter negotiation" i.e. after ServerHello/EncryptedExtensions. + */ + ProtocolVersion negotiatedVersion = securityParameters.NegotiatedVersion; + if (IsTlsV13(negotiatedVersion)) + { + securityParameters.m_verifyDataLength = securityParameters.PrfHashLength; + } + else + { + securityParameters.m_verifyDataLength = negotiatedVersion.IsSsl ? 36 : 12; + } + } + + internal static void NegotiatedVersion(SecurityParameters securityParameters) + { + if (!IsSignatureAlgorithmsExtensionAllowed(securityParameters.NegotiatedVersion)) + { + securityParameters.m_clientSigAlgs = null; + securityParameters.m_clientSigAlgsCert = null; + return; + } + + if (null == securityParameters.ClientSigAlgs) + { + securityParameters.m_clientSigAlgs = GetLegacySupportedSignatureAlgorithms(); + } + + if (null == securityParameters.ClientSigAlgsCert) + { + securityParameters.m_clientSigAlgsCert = securityParameters.ClientSigAlgs; + } + } + + internal static void NegotiatedVersionDtlsClient(TlsClientContext clientContext, TlsClient client) + { + SecurityParameters securityParameters = clientContext.SecurityParameters; + ProtocolVersion negotiatedVersion = securityParameters.NegotiatedVersion; + + if (!ProtocolVersion.IsSupportedDtlsVersionClient(negotiatedVersion)) + throw new TlsFatalAlert(AlertDescription.internal_error); + + NegotiatedVersion(securityParameters); + + client.NotifyServerVersion(negotiatedVersion); + } + + internal static void NegotiatedVersionDtlsServer(TlsServerContext serverContext) + { + SecurityParameters securityParameters = serverContext.SecurityParameters; + ProtocolVersion negotiatedVersion = securityParameters.NegotiatedVersion; + + if (!ProtocolVersion.IsSupportedDtlsVersionServer(negotiatedVersion)) + throw new TlsFatalAlert(AlertDescription.internal_error); + + NegotiatedVersion(securityParameters); + } + + internal static void NegotiatedVersionTlsClient(TlsClientContext clientContext, TlsClient client) + { + SecurityParameters securityParameters = clientContext.SecurityParameters; + ProtocolVersion negotiatedVersion = securityParameters.NegotiatedVersion; + + if (!ProtocolVersion.IsSupportedTlsVersionClient(negotiatedVersion)) + throw new TlsFatalAlert(AlertDescription.internal_error); + + NegotiatedVersion(securityParameters); + + client.NotifyServerVersion(negotiatedVersion); + } + + internal static void NegotiatedVersionTlsServer(TlsServerContext serverContext) + { + SecurityParameters securityParameters = serverContext.SecurityParameters; + ProtocolVersion negotiatedVersion = securityParameters.NegotiatedVersion; + + if (!ProtocolVersion.IsSupportedTlsVersionServer(negotiatedVersion)) + throw new TlsFatalAlert(AlertDescription.internal_error); + + NegotiatedVersion(securityParameters); + } + + internal static TlsSecret DeriveSecret(SecurityParameters securityParameters, TlsSecret secret, string label, + byte[] transcriptHash) + { + int prfCryptoHashAlgorithm = securityParameters.PrfCryptoHashAlgorithm; + int prfHashLength = securityParameters.PrfHashLength; + + return DeriveSecret(prfCryptoHashAlgorithm, prfHashLength, secret, label, transcriptHash); + } + + internal static TlsSecret DeriveSecret(int prfCryptoHashAlgorithm, int prfHashLength, TlsSecret secret, + string label, byte[] transcriptHash) + { + if (transcriptHash.Length != prfHashLength) + throw new TlsFatalAlert(AlertDescription.internal_error); + + return TlsCryptoUtilities.HkdfExpandLabel(secret, prfCryptoHashAlgorithm, label, transcriptHash, + prfHashLength); + } + + internal static TlsSecret GetSessionMasterSecret(TlsCrypto crypto, TlsSecret masterSecret) + { + if (null != masterSecret) + { + lock (masterSecret) + { + if (masterSecret.IsAlive()) + return crypto.AdoptSecret(masterSecret); + } + } + + return null; + } + + internal static bool IsPermittedExtensionType13(int handshakeType, int extensionType) + { + switch (extensionType) + { + case ExtensionType.server_name: + case ExtensionType.max_fragment_length: + case ExtensionType.supported_groups: + case ExtensionType.use_srtp: + case ExtensionType.heartbeat: + case ExtensionType.application_layer_protocol_negotiation: + case ExtensionType.client_certificate_type: + case ExtensionType.server_certificate_type: + { + switch (handshakeType) + { + case HandshakeType.client_hello: + case HandshakeType.encrypted_extensions: + return true; + default: + return false; + } + } + case ExtensionType.status_request: + case ExtensionType.signed_certificate_timestamp: + { + switch (handshakeType) + { + case HandshakeType.client_hello: + case HandshakeType.certificate_request: + case HandshakeType.certificate: + return true; + default: + return false; + } + } + case ExtensionType.signature_algorithms: + case ExtensionType.compress_certificate: + case ExtensionType.certificate_authorities: + case ExtensionType.signature_algorithms_cert: + { + switch (handshakeType) + { + case HandshakeType.client_hello: + case HandshakeType.certificate_request: + return true; + default: + return false; + } + } + case ExtensionType.padding: + case ExtensionType.psk_key_exchange_modes: + case ExtensionType.post_handshake_auth: + { + switch (handshakeType) + { + case HandshakeType.client_hello: + return true; + default: + return false; + } + } + case ExtensionType.key_share: + case ExtensionType.supported_versions: + { + switch (handshakeType) + { + case HandshakeType.client_hello: + case HandshakeType.server_hello: + case HandshakeType.hello_retry_request: + return true; + default: + return false; + } + } + case ExtensionType.pre_shared_key: + { + switch (handshakeType) + { + case HandshakeType.client_hello: + case HandshakeType.server_hello: + return true; + default: + return false; + } + } + case ExtensionType.early_data: + { + switch (handshakeType) + { + case HandshakeType.client_hello: + case HandshakeType.encrypted_extensions: + case HandshakeType.new_session_ticket: + return true; + default: + return false; + } + } + case ExtensionType.cookie: + { + switch (handshakeType) + { + case HandshakeType.client_hello: + case HandshakeType.hello_retry_request: + return true; + default: + return false; + } + } + case ExtensionType.oid_filters: + { + switch (handshakeType) + { + case HandshakeType.certificate_request: + return true; + default: + return false; + } + } + default: + { + return !ExtensionType.IsRecognized(extensionType); + } + } + } + + /// + internal static void CheckExtensionData13(IDictionary extensions, int handshakeType, short alertDescription) + { + foreach (int extensionType in extensions.Keys) + { + if (!IsPermittedExtensionType13(handshakeType, extensionType)) + throw new TlsFatalAlert(alertDescription, "Invalid extension: " + + ExtensionType.GetText(extensionType)); + } + } + + /// Generate a pre_master_secret and send it encrypted to the server. + /// + public static TlsSecret GenerateEncryptedPreMasterSecret(TlsContext context, TlsEncryptor encryptor, + Stream output) + { + ProtocolVersion version = context.RsaPreMasterSecretVersion; + TlsSecret preMasterSecret = context.Crypto.GenerateRsaPreMasterSecret(version); + byte[] encryptedPreMasterSecret = preMasterSecret.Encrypt(encryptor); + WriteEncryptedPms(context, encryptedPreMasterSecret, output); + return preMasterSecret; + } + +#if !PORTABLE || DOTNET + public static bool IsTimeout(SocketException e) + { +#if NET_1_1 + return 10060 == e.ErrorCode; +#else + return SocketError.TimedOut == e.SocketErrorCode; +#endif + } +#endif + + /// + internal static void AddPreSharedKeyToClientExtensions(TlsPsk[] psks, IDictionary clientExtensions) + { + IList identities = Platform.CreateArrayList(psks.Length); + for (int i = 0; i < psks.Length; ++i) + { + TlsPsk psk = psks[i]; + + // TODO[tls13-psk] Handle obfuscated_ticket_age for resumption PSKs + identities.Add(new PskIdentity(psk.Identity, 0L)); + } + + TlsExtensionsUtilities.AddPreSharedKeyClientHello(clientExtensions, new OfferedPsks(identities)); + } + + /// + internal static OfferedPsks.BindersConfig AddPreSharedKeyToClientHello(TlsClientContext clientContext, + TlsClient client, IDictionary clientExtensions, int[] offeredCipherSuites) + { + if (!IsTlsV13(clientContext.ClientVersion)) + return null; + + TlsPskExternal[] pskExternals = GetPskExternalsClient(client, offeredCipherSuites); + if (null == pskExternals) + return null; + + short[] pskKeyExchangeModes = client.GetPskKeyExchangeModes(); + if (IsNullOrEmpty(pskKeyExchangeModes)) + throw new TlsFatalAlert(AlertDescription.internal_error, + "External PSKs configured but no PskKeyExchangeMode available"); + + TlsSecret[] pskEarlySecrets = GetPskEarlySecrets(clientContext.Crypto, pskExternals); + + int bindersSize = OfferedPsks.GetBindersSize(pskExternals); + + AddPreSharedKeyToClientExtensions(pskExternals, clientExtensions); + TlsExtensionsUtilities.AddPskKeyExchangeModesExtension(clientExtensions, pskKeyExchangeModes); + + return new OfferedPsks.BindersConfig(pskExternals, pskKeyExchangeModes, pskEarlySecrets, bindersSize); + } + + /// + internal static OfferedPsks.BindersConfig AddPreSharedKeyToClientHelloRetry(TlsClientContext clientContext, + OfferedPsks.BindersConfig clientBinders, IDictionary clientExtensions) + { + SecurityParameters securityParameters = clientContext.SecurityParameters; + + int prfAlgorithm = GetPrfAlgorithm13(securityParameters.CipherSuite); + + IList pskIndices = GetPskIndices(clientBinders.m_psks, prfAlgorithm); + if (pskIndices.Count < 1) + return null; + + OfferedPsks.BindersConfig result = clientBinders; + + int count = pskIndices.Count; + if (count < clientBinders.m_psks.Length) + { + TlsPsk[] psks = new TlsPsk[count]; + TlsSecret[] earlySecrets = new TlsSecret[count]; + + for (int i = 0; i < count; ++i) + { + int j = (int)pskIndices[i]; + + psks[i] = clientBinders.m_psks[j]; + earlySecrets[i] = clientBinders.m_earlySecrets[j]; + } + + int bindersSize = OfferedPsks.GetBindersSize(psks); + + result = new OfferedPsks.BindersConfig(psks, clientBinders.m_pskKeyExchangeModes, earlySecrets, + bindersSize); + } + + AddPreSharedKeyToClientExtensions(result.m_psks, clientExtensions); + // NOTE: psk_key_exchange_modes should already be in 'clientExtensions' from the ClientHello + + return result; + } + + internal static OfferedPsks.SelectedConfig SelectPreSharedKey(TlsServerContext serverContext, TlsServer server, + IDictionary clientHelloExtensions, HandshakeMessageInput clientHelloMessage, TlsHandshakeHash handshakeHash, + bool afterHelloRetryRequest) + { + bool handshakeHashUpdated = false; + + OfferedPsks offeredPsks = TlsExtensionsUtilities.GetPreSharedKeyClientHello(clientHelloExtensions); + if (null != offeredPsks) + { + short[] pskKeyExchangeModes = TlsExtensionsUtilities.GetPskKeyExchangeModesExtension( + clientHelloExtensions); + if (IsNullOrEmpty(pskKeyExchangeModes)) + throw new TlsFatalAlert(AlertDescription.missing_extension); + + // TODO[tls13] Add support for psk_ke? + if (Arrays.Contains(pskKeyExchangeModes, PskKeyExchangeMode.psk_dhe_ke)) + { + // TODO[tls13] Prefer to get the exact index from the server? + TlsPskExternal psk = server.GetExternalPsk(offeredPsks.Identities); + if (null != psk) + { + int index = offeredPsks.GetIndexOfIdentity(new PskIdentity(psk.Identity, 0L)); + if (index >= 0) + { + byte[] binder = (byte[])offeredPsks.Binders[index]; + + TlsCrypto crypto = serverContext.Crypto; + TlsSecret earlySecret = GetPskEarlySecret(crypto, psk); + + // TODO[tls13-psk] Handle resumption PSKs + bool isExternalPsk = true; + int pskCryptoHashAlgorithm = TlsCryptoUtilities.GetHashForPrf(psk.PrfAlgorithm); + + byte[] transcriptHash; + { + handshakeHashUpdated = true; + int bindersSize = offeredPsks.BindersSize; + clientHelloMessage.UpdateHashPrefix(handshakeHash, bindersSize); + + if (afterHelloRetryRequest) + { + transcriptHash = handshakeHash.GetFinalHash(pskCryptoHashAlgorithm); + } + else + { + TlsHash hash = crypto.CreateHash(pskCryptoHashAlgorithm); + handshakeHash.CopyBufferTo(new TlsHashSink(hash)); + transcriptHash = hash.CalculateHash(); + } + + clientHelloMessage.UpdateHashSuffix(handshakeHash, bindersSize); + } + + byte[] calculatedBinder = CalculatePskBinder(crypto, isExternalPsk, pskCryptoHashAlgorithm, + earlySecret, transcriptHash); + + if (Arrays.ConstantTimeAreEqual(calculatedBinder, binder)) + return new OfferedPsks.SelectedConfig(index, psk, pskKeyExchangeModes, earlySecret); + } + } + } + } + + if (!handshakeHashUpdated) + { + clientHelloMessage.UpdateHash(handshakeHash); + } + + return null; + } + + internal static TlsSecret GetPskEarlySecret(TlsCrypto crypto, TlsPsk psk) + { + int cryptoHashAlgorithm = TlsCryptoUtilities.GetHashForPrf(psk.PrfAlgorithm); + + return crypto + .HkdfInit(cryptoHashAlgorithm) + .HkdfExtract(cryptoHashAlgorithm, psk.Key); + } + + internal static TlsSecret[] GetPskEarlySecrets(TlsCrypto crypto, TlsPsk[] psks) + { + int count = psks.Length; + TlsSecret[] earlySecrets = new TlsSecret[count]; + for (int i = 0; i < count; ++i) + { + earlySecrets[i] = GetPskEarlySecret(crypto, psks[i]); + } + return earlySecrets; + } + + /// + internal static TlsPskExternal[] GetPskExternalsClient(TlsClient client, int[] offeredCipherSuites) + { + IList externalPsks = client.GetExternalPsks(); + if (IsNullOrEmpty(externalPsks)) + return null; + + int[] prfAlgorithms = GetPrfAlgorithms13(offeredCipherSuites); + + int count = externalPsks.Count; + TlsPskExternal[] result = new TlsPskExternal[count]; + + for (int i = 0; i < count; ++i) + { + TlsPskExternal pskExternal = externalPsks[i] as TlsPskExternal; + if (null == pskExternal) + throw new TlsFatalAlert(AlertDescription.internal_error, + "External PSKs element is not a TlsPSKExternal"); + + if (!Arrays.Contains(prfAlgorithms, pskExternal.PrfAlgorithm)) + throw new TlsFatalAlert(AlertDescription.internal_error, + "External PSK incompatible with offered cipher suites"); + + result[i] = pskExternal; + } + + return result; + } + + internal static IList GetPskIndices(TlsPsk[] psks, int prfAlgorithm) + { + IList v = Platform.CreateArrayList(psks.Length); + for (int i = 0; i < psks.Length; ++i) + { + if (psks[i].PrfAlgorithm == prfAlgorithm) + { + v.Add(i); + } + } + return v; + } + } +} diff --git a/BouncyCastle/crypto/src/tls/TrustedAuthority.cs b/BouncyCastle/crypto/src/tls/TrustedAuthority.cs new file mode 100644 index 0000000..b826664 --- /dev/null +++ b/BouncyCastle/crypto/src/tls/TrustedAuthority.cs @@ -0,0 +1,151 @@ +using System; +using System.IO; + +using Org.BouncyCastle.Asn1; +using Org.BouncyCastle.Asn1.X509; +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Tls +{ + public sealed class TrustedAuthority + { + private readonly short m_identifierType; + private readonly object m_identifier; + + public TrustedAuthority(short identifierType, object identifier) + { + if (!IsCorrectType(identifierType, identifier)) + throw new ArgumentException("not an instance of the correct type", "identifier"); + + this.m_identifierType = identifierType; + this.m_identifier = identifier; + } + + public short IdentifierType + { + get { return m_identifierType; } + } + + public object Identifier + { + get { return m_identifier; } + } + + public byte[] GetCertSha1Hash() + { + return Arrays.Clone((byte[])m_identifier); + } + + public byte[] GetKeySha1Hash() + { + return Arrays.Clone((byte[])m_identifier); + } + + public X509Name X509Name + { + get + { + CheckCorrectType(Tls.IdentifierType.x509_name); + return (X509Name)m_identifier; + } + } + + /// Encode this to a . + /// the to encode to. + /// + public void Encode(Stream output) + { + TlsUtilities.WriteUint8(m_identifierType, output); + + switch (m_identifierType) + { + case Tls.IdentifierType.cert_sha1_hash: + case Tls.IdentifierType.key_sha1_hash: + { + byte[] sha1Hash = (byte[])m_identifier; + output.Write(sha1Hash, 0, sha1Hash.Length); + break; + } + case Tls.IdentifierType.pre_agreed: + { + break; + } + case Tls.IdentifierType.x509_name: + { + X509Name dn = (X509Name)m_identifier; + byte[] derEncoding = dn.GetEncoded(Asn1Encodable.Der); + TlsUtilities.WriteOpaque16(derEncoding, output); + break; + } + default: + throw new TlsFatalAlert(AlertDescription.internal_error); + } + } + + /// Parse a from a . + /// the to parse from. + /// a object. + /// + public static TrustedAuthority Parse(Stream input) + { + short identifier_type = TlsUtilities.ReadUint8(input); + object identifier; + + switch (identifier_type) + { + case Tls.IdentifierType.cert_sha1_hash: + case Tls.IdentifierType.key_sha1_hash: + { + identifier = TlsUtilities.ReadFully(20, input); + break; + } + case Tls.IdentifierType.pre_agreed: + { + identifier = null; + break; + } + case Tls.IdentifierType.x509_name: + { + byte[] derEncoding = TlsUtilities.ReadOpaque16(input, 1); + Asn1Object asn1 = TlsUtilities.ReadAsn1Object(derEncoding); + X509Name x509Name = X509Name.GetInstance(asn1); + TlsUtilities.RequireDerEncoding(x509Name, derEncoding); + identifier = x509Name; + break; + } + default: + throw new TlsFatalAlert(AlertDescription.decode_error); + } + + return new TrustedAuthority(identifier_type, identifier); + } + + private void CheckCorrectType(short expectedIdentifierType) + { + if (m_identifierType != expectedIdentifierType || !IsCorrectType(expectedIdentifierType, m_identifier)) + throw new InvalidOperationException("TrustedAuthority is not of type " + + Tls.IdentifierType.GetName(expectedIdentifierType)); + } + + private static bool IsCorrectType(short identifierType, object identifier) + { + switch (identifierType) + { + case Tls.IdentifierType.cert_sha1_hash: + case Tls.IdentifierType.key_sha1_hash: + return IsSha1Hash(identifier); + case Tls.IdentifierType.pre_agreed: + return identifier == null; + case Tls.IdentifierType.x509_name: + return identifier is X509Name; + default: + throw new ArgumentException("unsupported IdentifierType", "identifierType"); + } + } + + private static bool IsSha1Hash(object identifier) + { + return identifier is byte[] && ((byte[])identifier).Length == 20; + } + } +} diff --git a/BouncyCastle/crypto/src/tls/UrlAndHash.cs b/BouncyCastle/crypto/src/tls/UrlAndHash.cs new file mode 100644 index 0000000..47347c1 --- /dev/null +++ b/BouncyCastle/crypto/src/tls/UrlAndHash.cs @@ -0,0 +1,83 @@ +using System; +using System.IO; + +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Tls +{ + /// RFC 6066 5. + public sealed class UrlAndHash + { + private readonly string m_url; + private readonly byte[] m_sha1Hash; + + public UrlAndHash(string url, byte[] sha1Hash) + { + if (TlsUtilities.IsNullOrEmpty(url) || url.Length >= (1 << 16)) + throw new ArgumentException("must have length from 1 to (2^16 - 1)", "url"); + if (sha1Hash != null && sha1Hash.Length != 20) + throw new ArgumentException("must have length == 20, if present", "sha1Hash"); + + this.m_url = url; + this.m_sha1Hash = sha1Hash; + } + + public string Url + { + get { return m_url; } + } + + public byte[] Sha1Hash + { + get { return m_sha1Hash; } + } + + /// Encode this to a . + /// the to encode to. + /// + public void Encode(Stream output) + { + byte[] urlEncoding = Strings.ToByteArray(m_url); + TlsUtilities.WriteOpaque16(urlEncoding, output); + + if (m_sha1Hash == null) + { + TlsUtilities.WriteUint8(0, output); + } + else + { + TlsUtilities.WriteUint8(1, output); + output.Write(m_sha1Hash, 0, m_sha1Hash.Length); + } + } + + /// Parse a from a . + /// the of the current connection. + /// the to parse from. + /// a object. + /// + public static UrlAndHash Parse(TlsContext context, Stream input) + { + byte[] urlEncoding = TlsUtilities.ReadOpaque16(input, 1); + string url = Strings.FromByteArray(urlEncoding); + + byte[] sha1Hash = null; + short padding = TlsUtilities.ReadUint8(input); + switch (padding) + { + case 0: + if (TlsUtilities.IsTlsV12(context)) + throw new TlsFatalAlert(AlertDescription.illegal_parameter); + + break; + case 1: + sha1Hash = TlsUtilities.ReadFully(20, input); + break; + default: + throw new TlsFatalAlert(AlertDescription.illegal_parameter); + } + + return new UrlAndHash(url, sha1Hash); + } + } +} diff --git a/BouncyCastle/crypto/src/tls/UseSrtpData.cs b/BouncyCastle/crypto/src/tls/UseSrtpData.cs new file mode 100644 index 0000000..6c7e7da --- /dev/null +++ b/BouncyCastle/crypto/src/tls/UseSrtpData.cs @@ -0,0 +1,43 @@ +using System; + +namespace Org.BouncyCastle.Tls +{ + /// RFC 5764 4.1.1 + public sealed class UseSrtpData + { + private readonly int[] m_protectionProfiles; + private readonly byte[] m_mki; + + /// see for valid constants. + /// valid lengths from 0 to 255. + public UseSrtpData(int[] protectionProfiles, byte[] mki) + { + if (TlsUtilities.IsNullOrEmpty(protectionProfiles) || protectionProfiles.Length >= (1 << 15)) + throw new ArgumentException("must have length from 1 to (2^15 - 1)", "protectionProfiles"); + + if (mki == null) + { + mki = TlsUtilities.EmptyBytes; + } + else if (mki.Length > 255) + { + throw new ArgumentException("cannot be longer than 255 bytes", "mki"); + } + + this.m_protectionProfiles = protectionProfiles; + this.m_mki = mki; + } + + /// see for valid constants. + public int[] ProtectionProfiles + { + get { return m_protectionProfiles; } + } + + /// valid lengths from 0 to 255. + public byte[] Mki + { + get { return m_mki; } + } + } +} diff --git a/BouncyCastle/crypto/src/tls/UserMappingType.cs b/BouncyCastle/crypto/src/tls/UserMappingType.cs new file mode 100644 index 0000000..ba02cbc --- /dev/null +++ b/BouncyCastle/crypto/src/tls/UserMappingType.cs @@ -0,0 +1,13 @@ +using System; + +namespace Org.BouncyCastle.Tls +{ + /// RFC 4681 + public abstract class UserMappingType + { + /* + * RFC 4681 + */ + public const short upn_domain_hint = 64; + } +} diff --git a/BouncyCastle/crypto/src/tls/crypto/CryptoHashAlgorithm.cs b/BouncyCastle/crypto/src/tls/crypto/CryptoHashAlgorithm.cs new file mode 100644 index 0000000..dc3c869 --- /dev/null +++ b/BouncyCastle/crypto/src/tls/crypto/CryptoHashAlgorithm.cs @@ -0,0 +1,15 @@ +using System; + +namespace Org.BouncyCastle.Tls.Crypto +{ + public abstract class CryptoHashAlgorithm + { + public const int md5 = 1; + public const int sha1 = 2; + public const int sha224 = 3; + public const int sha256 = 4; + public const int sha384 = 5; + public const int sha512 = 6; + public const int sm3 = 7; + } +} diff --git a/BouncyCastle/crypto/src/tls/crypto/CryptoSignatureAlgorithm.cs b/BouncyCastle/crypto/src/tls/crypto/CryptoSignatureAlgorithm.cs new file mode 100644 index 0000000..ed58820 --- /dev/null +++ b/BouncyCastle/crypto/src/tls/crypto/CryptoSignatureAlgorithm.cs @@ -0,0 +1,22 @@ +using System; + +namespace Org.BouncyCastle.Tls.Crypto +{ + public abstract class CryptoSignatureAlgorithm + { + public const int rsa = 1; + public const int dsa = 2; + public const int ecdsa = 3; + public const int rsa_pss_rsae_sha256 = 4; + public const int rsa_pss_rsae_sha384 = 5; + public const int rsa_pss_rsae_sha512 = 6; + public const int ed25519 = 7; + public const int ed448 = 8; + public const int rsa_pss_pss_sha256 = 9; + public const int rsa_pss_pss_sha384 = 10; + public const int rsa_pss_pss_sha512 = 11; + public const int gostr34102012_256 = 64; + public const int gostr34102012_512 = 65; + public const int sm2 = 200; + } +} diff --git a/BouncyCastle/crypto/src/tls/crypto/DHGroup.cs b/BouncyCastle/crypto/src/tls/crypto/DHGroup.cs new file mode 100644 index 0000000..364a604 --- /dev/null +++ b/BouncyCastle/crypto/src/tls/crypto/DHGroup.cs @@ -0,0 +1,46 @@ +using System; + +using Org.BouncyCastle.Math; + +namespace Org.BouncyCastle.Tls.Crypto +{ + /// Carrier class for Diffie-Hellman group parameters. + public class DHGroup + { + private readonly BigInteger g, p, q; + private readonly int l; + + /// Base constructor with the prime factor of (p - 1). + /// the prime modulus. + /// specifies the prime factor of (p - 1). + /// the base generator. + /// + public DHGroup(BigInteger p, BigInteger q, BigInteger g, int l) + { + this.p = p; + this.g = g; + this.q = q; + this.l = l; + } + + public virtual BigInteger G + { + get { return g; } + } + + public virtual int L + { + get { return l; } + } + + public virtual BigInteger P + { + get { return p; } + } + + public virtual BigInteger Q + { + get { return q; } + } + } +} diff --git a/BouncyCastle/crypto/src/tls/crypto/DHStandardGroups.cs b/BouncyCastle/crypto/src/tls/crypto/DHStandardGroups.cs new file mode 100644 index 0000000..40ddb57 --- /dev/null +++ b/BouncyCastle/crypto/src/tls/crypto/DHStandardGroups.cs @@ -0,0 +1,248 @@ +using System; + +using Org.BouncyCastle.Math; +using Org.BouncyCastle.Utilities.Encoders; + +namespace Org.BouncyCastle.Tls.Crypto +{ + /// Standard Diffie-Hellman groups from various IETF specifications. + public class DHStandardGroups + { + private static readonly BigInteger Two = BigInteger.Two; + + private static BigInteger FromHex(string hex) + { + return new BigInteger(1, Hex.DecodeStrict(hex)); + } + + //private static DHGroup FromPG(string hexP, string hexG) + //{ + // return new DHGroup(FromHex(hexP), null, FromHex(hexG), 0); + //} + + private static DHGroup SafePrimeGen2(string hexP) + { + return SafePrimeGen2(hexP, 0); + } + + private static DHGroup SafePrimeGen2(string hexP, int l) + { + // NOTE: A group using a safe prime (i.e. q = (p-1)/2), and generator g = 2 + BigInteger p = FromHex(hexP); + return new DHGroup(p, p.ShiftRight(1), Two, l); + } + + /* + * RFC 2409 + */ + private static readonly string rfc2409_768_p = "FFFFFFFFFFFFFFFFC90FDAA22168C234C4C6628B80DC1CD1" + + "29024E088A67CC74020BBEA63B139B22514A08798E3404DD" + "EF9519B3CD3A431B302B0A6DF25F14374FE1356D6D51C245" + + "E485B576625E7EC6F44C42E9A63A3620FFFFFFFFFFFFFFFF"; + public static readonly DHGroup rfc2409_768 = SafePrimeGen2(rfc2409_768_p); + + private static readonly string rfc2409_1024_p = "FFFFFFFFFFFFFFFFC90FDAA22168C234C4C6628B80DC1CD1" + + "29024E088A67CC74020BBEA63B139B22514A08798E3404DD" + "EF9519B3CD3A431B302B0A6DF25F14374FE1356D6D51C245" + + "E485B576625E7EC6F44C42E9A637ED6B0BFF5CB6F406B7ED" + "EE386BFB5A899FA5AE9F24117C4B1FE649286651ECE65381" + + "FFFFFFFFFFFFFFFF"; + public static readonly DHGroup rfc2409_1024 = SafePrimeGen2(rfc2409_1024_p); + + /* + * RFC 3526 + */ + private static readonly string rfc3526_1536_p = "FFFFFFFFFFFFFFFFC90FDAA22168C234C4C6628B80DC1CD1" + + "29024E088A67CC74020BBEA63B139B22514A08798E3404DD" + "EF9519B3CD3A431B302B0A6DF25F14374FE1356D6D51C245" + + "E485B576625E7EC6F44C42E9A637ED6B0BFF5CB6F406B7ED" + "EE386BFB5A899FA5AE9F24117C4B1FE649286651ECE45B3D" + + "C2007CB8A163BF0598DA48361C55D39A69163FA8FD24CF5F" + "83655D23DCA3AD961C62F356208552BB9ED529077096966D" + + "670C354E4ABC9804F1746C08CA237327FFFFFFFFFFFFFFFF"; + private static readonly int rfc3526_1536_l = 200; // RFC3526/RFC7919 + public static readonly DHGroup rfc3526_1536 = SafePrimeGen2(rfc3526_1536_p, rfc3526_1536_l); + + private static readonly string rfc3526_2048_p = "FFFFFFFFFFFFFFFFC90FDAA22168C234C4C6628B80DC1CD1" + + "29024E088A67CC74020BBEA63B139B22514A08798E3404DD" + "EF9519B3CD3A431B302B0A6DF25F14374FE1356D6D51C245" + + "E485B576625E7EC6F44C42E9A637ED6B0BFF5CB6F406B7ED" + "EE386BFB5A899FA5AE9F24117C4B1FE649286651ECE45B3D" + + "C2007CB8A163BF0598DA48361C55D39A69163FA8FD24CF5F" + "83655D23DCA3AD961C62F356208552BB9ED529077096966D" + + "670C354E4ABC9804F1746C08CA18217C32905E462E36CE3B" + "E39E772C180E86039B2783A2EC07A28FB5C55DF06F4C52C9" + + "DE2BCBF6955817183995497CEA956AE515D2261898FA0510" + "15728E5A8AACAA68FFFFFFFFFFFFFFFF"; + private static readonly int rfc3526_2048_l = System.Math.Max(225, 112 * 2); // MAX(RFC3526/RFC7919,FIPS) + public static readonly DHGroup rfc3526_2048 = SafePrimeGen2(rfc3526_2048_p, rfc3526_2048_l); + + private static readonly string rfc3526_3072_p = "FFFFFFFFFFFFFFFFC90FDAA22168C234C4C6628B80DC1CD1" + + "29024E088A67CC74020BBEA63B139B22514A08798E3404DD" + "EF9519B3CD3A431B302B0A6DF25F14374FE1356D6D51C245" + + "E485B576625E7EC6F44C42E9A637ED6B0BFF5CB6F406B7ED" + "EE386BFB5A899FA5AE9F24117C4B1FE649286651ECE45B3D" + + "C2007CB8A163BF0598DA48361C55D39A69163FA8FD24CF5F" + "83655D23DCA3AD961C62F356208552BB9ED529077096966D" + + "670C354E4ABC9804F1746C08CA18217C32905E462E36CE3B" + "E39E772C180E86039B2783A2EC07A28FB5C55DF06F4C52C9" + + "DE2BCBF6955817183995497CEA956AE515D2261898FA0510" + "15728E5A8AAAC42DAD33170D04507A33A85521ABDF1CBA64" + + "ECFB850458DBEF0A8AEA71575D060C7DB3970F85A6E1E4C7" + "ABF5AE8CDB0933D71E8C94E04A25619DCEE3D2261AD2EE6B" + + "F12FFA06D98A0864D87602733EC86A64521F2B18177B200C" + "BBE117577A615D6C770988C0BAD946E208E24FA074E5AB31" + + "43DB5BFCE0FD108E4B82D120A93AD2CAFFFFFFFFFFFFFFFF"; + private static readonly int rfc3526_3072_l = System.Math.Max(275, 128 * 2); // MAX(RFC3526/RFC7919,FIPS) + public static readonly DHGroup rfc3526_3072 = SafePrimeGen2(rfc3526_3072_p, rfc3526_3072_l); + + private static readonly string rfc3526_4096_p = "FFFFFFFFFFFFFFFFC90FDAA22168C234C4C6628B80DC1CD1" + + "29024E088A67CC74020BBEA63B139B22514A08798E3404DD" + "EF9519B3CD3A431B302B0A6DF25F14374FE1356D6D51C245" + + "E485B576625E7EC6F44C42E9A637ED6B0BFF5CB6F406B7ED" + "EE386BFB5A899FA5AE9F24117C4B1FE649286651ECE45B3D" + + "C2007CB8A163BF0598DA48361C55D39A69163FA8FD24CF5F" + "83655D23DCA3AD961C62F356208552BB9ED529077096966D" + + "670C354E4ABC9804F1746C08CA18217C32905E462E36CE3B" + "E39E772C180E86039B2783A2EC07A28FB5C55DF06F4C52C9" + + "DE2BCBF6955817183995497CEA956AE515D2261898FA0510" + "15728E5A8AAAC42DAD33170D04507A33A85521ABDF1CBA64" + + "ECFB850458DBEF0A8AEA71575D060C7DB3970F85A6E1E4C7" + "ABF5AE8CDB0933D71E8C94E04A25619DCEE3D2261AD2EE6B" + + "F12FFA06D98A0864D87602733EC86A64521F2B18177B200C" + "BBE117577A615D6C770988C0BAD946E208E24FA074E5AB31" + + "43DB5BFCE0FD108E4B82D120A92108011A723C12A787E6D7" + "88719A10BDBA5B2699C327186AF4E23C1A946834B6150BDA" + + "2583E9CA2AD44CE8DBBBC2DB04DE8EF92E8EFC141FBECAA6" + "287C59474E6BC05D99B2964FA090C3A2233BA186515BE7ED" + + "1F612970CEE2D7AFB81BDD762170481CD0069127D5B05AA9" + "93B4EA988D8FDDC186FFB7DC90A6C08F4DF435C934063199" + + "FFFFFFFFFFFFFFFF"; + private static readonly int rfc3526_4096_l = System.Math.Max(325, 152 * 2); // MAX(RFC3526/RFC7919,FIPS) + public static readonly DHGroup rfc3526_4096 = SafePrimeGen2(rfc3526_4096_p, rfc3526_4096_l); + + private static readonly string rfc3526_6144_p = "FFFFFFFFFFFFFFFFC90FDAA22168C234C4C6628B80DC1CD129024E08" + + "8A67CC74020BBEA63B139B22514A08798E3404DDEF9519B3CD3A431B" + + "302B0A6DF25F14374FE1356D6D51C245E485B576625E7EC6F44C42E9" + + "A637ED6B0BFF5CB6F406B7EDEE386BFB5A899FA5AE9F24117C4B1FE6" + + "49286651ECE45B3DC2007CB8A163BF0598DA48361C55D39A69163FA8" + + "FD24CF5F83655D23DCA3AD961C62F356208552BB9ED529077096966D" + + "670C354E4ABC9804F1746C08CA18217C32905E462E36CE3BE39E772C" + + "180E86039B2783A2EC07A28FB5C55DF06F4C52C9DE2BCBF695581718" + + "3995497CEA956AE515D2261898FA051015728E5A8AAAC42DAD33170D" + + "04507A33A85521ABDF1CBA64ECFB850458DBEF0A8AEA71575D060C7D" + + "B3970F85A6E1E4C7ABF5AE8CDB0933D71E8C94E04A25619DCEE3D226" + + "1AD2EE6BF12FFA06D98A0864D87602733EC86A64521F2B18177B200C" + + "BBE117577A615D6C770988C0BAD946E208E24FA074E5AB3143DB5BFC" + + "E0FD108E4B82D120A92108011A723C12A787E6D788719A10BDBA5B26" + + "99C327186AF4E23C1A946834B6150BDA2583E9CA2AD44CE8DBBBC2DB" + + "04DE8EF92E8EFC141FBECAA6287C59474E6BC05D99B2964FA090C3A2" + + "233BA186515BE7ED1F612970CEE2D7AFB81BDD762170481CD0069127" + + "D5B05AA993B4EA988D8FDDC186FFB7DC90A6C08F4DF435C934028492" + + "36C3FAB4D27C7026C1D4DCB2602646DEC9751E763DBA37BDF8FF9406" + + "AD9E530EE5DB382F413001AEB06A53ED9027D831179727B0865A8918" + + "DA3EDBEBCF9B14ED44CE6CBACED4BB1BDB7F1447E6CC254B33205151" + + "2BD7AF426FB8F401378CD2BF5983CA01C64B92ECF032EA15D1721D03" + + "F482D7CE6E74FEF6D55E702F46980C82B5A84031900B1C9E59E7C97F" + + "BEC7E8F323A97A7E36CC88BE0F1D45B7FF585AC54BD407B22B4154AA" + + "CC8F6D7EBF48E1D814CC5ED20F8037E0A79715EEF29BE32806A1D58B" + + "B7C5DA76F550AA3D8A1FBFF0EB19CCB1A313D55CDA56C9EC2EF29632" + + "387FE8D76E3C0468043E8F663F4860EE12BF2D5B0B7474D6E694F91E" + + "6DCC4024FFFFFFFFFFFFFFFF"; + private static readonly int rfc3526_6144_l = System.Math.Max(375, 176 * 2); // MAX(RFC3526/RFC7919,FIPS) + public static readonly DHGroup rfc3526_6144 = SafePrimeGen2(rfc3526_6144_p, rfc3526_6144_l); + + private static readonly string rfc3526_8192_p = "FFFFFFFFFFFFFFFFC90FDAA22168C234C4C6628B80DC1CD1" + + "29024E088A67CC74020BBEA63B139B22514A08798E3404DD" + "EF9519B3CD3A431B302B0A6DF25F14374FE1356D6D51C245" + + "E485B576625E7EC6F44C42E9A637ED6B0BFF5CB6F406B7ED" + "EE386BFB5A899FA5AE9F24117C4B1FE649286651ECE45B3D" + + "C2007CB8A163BF0598DA48361C55D39A69163FA8FD24CF5F" + "83655D23DCA3AD961C62F356208552BB9ED529077096966D" + + "670C354E4ABC9804F1746C08CA18217C32905E462E36CE3B" + "E39E772C180E86039B2783A2EC07A28FB5C55DF06F4C52C9" + + "DE2BCBF6955817183995497CEA956AE515D2261898FA0510" + "15728E5A8AAAC42DAD33170D04507A33A85521ABDF1CBA64" + + "ECFB850458DBEF0A8AEA71575D060C7DB3970F85A6E1E4C7" + "ABF5AE8CDB0933D71E8C94E04A25619DCEE3D2261AD2EE6B" + + "F12FFA06D98A0864D87602733EC86A64521F2B18177B200C" + "BBE117577A615D6C770988C0BAD946E208E24FA074E5AB31" + + "43DB5BFCE0FD108E4B82D120A92108011A723C12A787E6D7" + "88719A10BDBA5B2699C327186AF4E23C1A946834B6150BDA" + + "2583E9CA2AD44CE8DBBBC2DB04DE8EF92E8EFC141FBECAA6" + "287C59474E6BC05D99B2964FA090C3A2233BA186515BE7ED" + + "1F612970CEE2D7AFB81BDD762170481CD0069127D5B05AA9" + "93B4EA988D8FDDC186FFB7DC90A6C08F4DF435C934028492" + + "36C3FAB4D27C7026C1D4DCB2602646DEC9751E763DBA37BD" + "F8FF9406AD9E530EE5DB382F413001AEB06A53ED9027D831" + + "179727B0865A8918DA3EDBEBCF9B14ED44CE6CBACED4BB1B" + "DB7F1447E6CC254B332051512BD7AF426FB8F401378CD2BF" + + "5983CA01C64B92ECF032EA15D1721D03F482D7CE6E74FEF6" + "D55E702F46980C82B5A84031900B1C9E59E7C97FBEC7E8F3" + + "23A97A7E36CC88BE0F1D45B7FF585AC54BD407B22B4154AA" + "CC8F6D7EBF48E1D814CC5ED20F8037E0A79715EEF29BE328" + + "06A1D58BB7C5DA76F550AA3D8A1FBFF0EB19CCB1A313D55C" + "DA56C9EC2EF29632387FE8D76E3C0468043E8F663F4860EE" + + "12BF2D5B0B7474D6E694F91E6DBE115974A3926F12FEE5E4" + "38777CB6A932DF8CD8BEC4D073B931BA3BC832B68D9DD300" + + "741FA7BF8AFC47ED2576F6936BA424663AAB639C5AE4F568" + "3423B4742BF1C978238F16CBE39D652DE3FDB8BEFC848AD9" + + "22222E04A4037C0713EB57A81A23F0C73473FC646CEA306B" + "4BCBC8862F8385DDFA9D4B7FA2C087E879683303ED5BDD3A" + + "062B3CF5B3A278A66D2A13F83F44F82DDF310EE074AB6A36" + "4597E899A0255DC164F31CC50846851DF9AB48195DED7EA1" + + "B1D510BD7EE74D73FAF36BC31ECFA268359046F4EB879F92" + "4009438B481C6CD7889A002ED5EE382BC9190DA6FC026E47" + + "9558E4475677E9AA9E3050E2765694DFC81F56E880B96E71" + "60C980DD98EDD3DFFFFFFFFFFFFFFFFF"; + private static readonly int rfc3526_8192_l = System.Math.Max(400, 200 * 2); // MAX(RFC3526/RFC7919,FIPS) + public static readonly DHGroup rfc3526_8192 = SafePrimeGen2(rfc3526_8192_p, rfc3526_8192_l); + + /* + * RFC 4306 + */ + public static readonly DHGroup rfc4306_768 = rfc2409_768; + public static readonly DHGroup rfc4306_1024 = rfc2409_1024; + + /* + * RFC 5996 + */ + public static readonly DHGroup rfc5996_768 = rfc4306_768; + public static readonly DHGroup rfc5996_1024 = rfc4306_1024; + + /* + * RFC 7919 + */ + private static readonly string rfc7919_ffdhe2048_p = "FFFFFFFFFFFFFFFFADF85458A2BB4A9AAFDC5620273D3CF1" + + "D8B9C583CE2D3695A9E13641146433FBCC939DCE249B3EF9" + "7D2FE363630C75D8F681B202AEC4617AD3DF1ED5D5FD6561" + + "2433F51F5F066ED0856365553DED1AF3B557135E7F57C935" + "984F0C70E0E68B77E2A689DAF3EFE8721DF158A136ADE735" + + "30ACCA4F483A797ABC0AB182B324FB61D108A94BB2C8E3FB" + "B96ADAB760D7F4681D4F42A3DE394DF4AE56EDE76372BB19" + + "0B07A7C8EE0A6D709E02FCE1CDF7E2ECC03404CD28342F61" + "9172FE9CE98583FF8E4F1232EEF28183C3FE3B1B4C6FAD73" + + "3BB5FCBC2EC22005C58EF1837D1683B2C6F34A26C1B2EFFA" + "886B423861285C97FFFFFFFFFFFFFFFF"; + private static readonly int rfc7919_ffdhe2048_l = System.Math.Max(225, 112 * 2); // MAX(RFC7919,FIPS) + public static readonly DHGroup rfc7919_ffdhe2048 = SafePrimeGen2(rfc7919_ffdhe2048_p, rfc7919_ffdhe2048_l); + + private static readonly string rfc7919_ffdhe3072_p = "FFFFFFFFFFFFFFFFADF85458A2BB4A9AAFDC5620273D3CF1" + + "D8B9C583CE2D3695A9E13641146433FBCC939DCE249B3EF9" + "7D2FE363630C75D8F681B202AEC4617AD3DF1ED5D5FD6561" + + "2433F51F5F066ED0856365553DED1AF3B557135E7F57C935" + "984F0C70E0E68B77E2A689DAF3EFE8721DF158A136ADE735" + + "30ACCA4F483A797ABC0AB182B324FB61D108A94BB2C8E3FB" + "B96ADAB760D7F4681D4F42A3DE394DF4AE56EDE76372BB19" + + "0B07A7C8EE0A6D709E02FCE1CDF7E2ECC03404CD28342F61" + "9172FE9CE98583FF8E4F1232EEF28183C3FE3B1B4C6FAD73" + + "3BB5FCBC2EC22005C58EF1837D1683B2C6F34A26C1B2EFFA" + "886B4238611FCFDCDE355B3B6519035BBC34F4DEF99C0238" + + "61B46FC9D6E6C9077AD91D2691F7F7EE598CB0FAC186D91C" + "AEFE130985139270B4130C93BC437944F4FD4452E2D74DD3" + + "64F2E21E71F54BFF5CAE82AB9C9DF69EE86D2BC522363A0D" + "ABC521979B0DEADA1DBF9A42D5C4484E0ABCD06BFA53DDEF" + + "3C1B20EE3FD59D7C25E41D2B66C62E37FFFFFFFFFFFFFFFF"; + private static readonly int rfc7919_ffdhe3072_l = System.Math.Max(275, 128 * 2); // MAX(RFC7919,FIPS) + public static readonly DHGroup rfc7919_ffdhe3072 = SafePrimeGen2(rfc7919_ffdhe3072_p, rfc7919_ffdhe3072_l); + + private static readonly string rfc7919_ffdhe4096_p = "FFFFFFFFFFFFFFFFADF85458A2BB4A9AAFDC5620273D3CF1" + + "D8B9C583CE2D3695A9E13641146433FBCC939DCE249B3EF9" + "7D2FE363630C75D8F681B202AEC4617AD3DF1ED5D5FD6561" + + "2433F51F5F066ED0856365553DED1AF3B557135E7F57C935" + "984F0C70E0E68B77E2A689DAF3EFE8721DF158A136ADE735" + + "30ACCA4F483A797ABC0AB182B324FB61D108A94BB2C8E3FB" + "B96ADAB760D7F4681D4F42A3DE394DF4AE56EDE76372BB19" + + "0B07A7C8EE0A6D709E02FCE1CDF7E2ECC03404CD28342F61" + "9172FE9CE98583FF8E4F1232EEF28183C3FE3B1B4C6FAD73" + + "3BB5FCBC2EC22005C58EF1837D1683B2C6F34A26C1B2EFFA" + "886B4238611FCFDCDE355B3B6519035BBC34F4DEF99C0238" + + "61B46FC9D6E6C9077AD91D2691F7F7EE598CB0FAC186D91C" + "AEFE130985139270B4130C93BC437944F4FD4452E2D74DD3" + + "64F2E21E71F54BFF5CAE82AB9C9DF69EE86D2BC522363A0D" + "ABC521979B0DEADA1DBF9A42D5C4484E0ABCD06BFA53DDEF" + + "3C1B20EE3FD59D7C25E41D2B669E1EF16E6F52C3164DF4FB" + "7930E9E4E58857B6AC7D5F42D69F6D187763CF1D55034004" + + "87F55BA57E31CC7A7135C886EFB4318AED6A1E012D9E6832" + "A907600A918130C46DC778F971AD0038092999A333CB8B7A" + + "1A1DB93D7140003C2A4ECEA9F98D0ACC0A8291CDCEC97DCF" + "8EC9B55A7F88A46B4DB5A851F44182E1C68A007E5E655F6A" + + "FFFFFFFFFFFFFFFF"; + private static readonly int rfc7919_ffdhe4096_l = System.Math.Max(325, 152 * 2); // MAX(RFC7919,FIPS) + public static readonly DHGroup rfc7919_ffdhe4096 = SafePrimeGen2(rfc7919_ffdhe4096_p, rfc7919_ffdhe4096_l); + + private static readonly string rfc7919_ffdhe6144_p = "FFFFFFFFFFFFFFFFADF85458A2BB4A9AAFDC5620273D3CF1" + + "D8B9C583CE2D3695A9E13641146433FBCC939DCE249B3EF9" + "7D2FE363630C75D8F681B202AEC4617AD3DF1ED5D5FD6561" + + "2433F51F5F066ED0856365553DED1AF3B557135E7F57C935" + "984F0C70E0E68B77E2A689DAF3EFE8721DF158A136ADE735" + + "30ACCA4F483A797ABC0AB182B324FB61D108A94BB2C8E3FB" + "B96ADAB760D7F4681D4F42A3DE394DF4AE56EDE76372BB19" + + "0B07A7C8EE0A6D709E02FCE1CDF7E2ECC03404CD28342F61" + "9172FE9CE98583FF8E4F1232EEF28183C3FE3B1B4C6FAD73" + + "3BB5FCBC2EC22005C58EF1837D1683B2C6F34A26C1B2EFFA" + "886B4238611FCFDCDE355B3B6519035BBC34F4DEF99C0238" + + "61B46FC9D6E6C9077AD91D2691F7F7EE598CB0FAC186D91C" + "AEFE130985139270B4130C93BC437944F4FD4452E2D74DD3" + + "64F2E21E71F54BFF5CAE82AB9C9DF69EE86D2BC522363A0D" + "ABC521979B0DEADA1DBF9A42D5C4484E0ABCD06BFA53DDEF" + + "3C1B20EE3FD59D7C25E41D2B669E1EF16E6F52C3164DF4FB" + "7930E9E4E58857B6AC7D5F42D69F6D187763CF1D55034004" + + "87F55BA57E31CC7A7135C886EFB4318AED6A1E012D9E6832" + "A907600A918130C46DC778F971AD0038092999A333CB8B7A" + + "1A1DB93D7140003C2A4ECEA9F98D0ACC0A8291CDCEC97DCF" + "8EC9B55A7F88A46B4DB5A851F44182E1C68A007E5E0DD902" + + "0BFD64B645036C7A4E677D2C38532A3A23BA4442CAF53EA6" + "3BB454329B7624C8917BDD64B1C0FD4CB38E8C334C701C3A" + + "CDAD0657FCCFEC719B1F5C3E4E46041F388147FB4CFDB477" + "A52471F7A9A96910B855322EDB6340D8A00EF092350511E3" + + "0ABEC1FFF9E3A26E7FB29F8C183023C3587E38DA0077D9B4" + "763E4E4B94B2BBC194C6651E77CAF992EEAAC0232A281BF6" + + "B3A739C1226116820AE8DB5847A67CBEF9C9091B462D538C" + "D72B03746AE77F5E62292C311562A846505DC82DB854338A" + + "E49F5235C95B91178CCF2DD5CACEF403EC9D1810C6272B04" + "5B3B71F9DC6B80D63FDD4A8E9ADB1E6962A69526D43161C1" + + "A41D570D7938DAD4A40E329CD0E40E65FFFFFFFFFFFFFFFF"; + private static readonly int rfc7919_ffdhe6144_l = System.Math.Max(375, 176 * 2); // MAX(RFC7919,FIPS) + public static readonly DHGroup rfc7919_ffdhe6144 = SafePrimeGen2(rfc7919_ffdhe6144_p, rfc7919_ffdhe6144_l); + + private static readonly string rfc7919_ffdhe8192_p = "FFFFFFFFFFFFFFFFADF85458A2BB4A9AAFDC5620273D3CF1" + + "D8B9C583CE2D3695A9E13641146433FBCC939DCE249B3EF9" + "7D2FE363630C75D8F681B202AEC4617AD3DF1ED5D5FD6561" + + "2433F51F5F066ED0856365553DED1AF3B557135E7F57C935" + "984F0C70E0E68B77E2A689DAF3EFE8721DF158A136ADE735" + + "30ACCA4F483A797ABC0AB182B324FB61D108A94BB2C8E3FB" + "B96ADAB760D7F4681D4F42A3DE394DF4AE56EDE76372BB19" + + "0B07A7C8EE0A6D709E02FCE1CDF7E2ECC03404CD28342F61" + "9172FE9CE98583FF8E4F1232EEF28183C3FE3B1B4C6FAD73" + + "3BB5FCBC2EC22005C58EF1837D1683B2C6F34A26C1B2EFFA" + "886B4238611FCFDCDE355B3B6519035BBC34F4DEF99C0238" + + "61B46FC9D6E6C9077AD91D2691F7F7EE598CB0FAC186D91C" + "AEFE130985139270B4130C93BC437944F4FD4452E2D74DD3" + + "64F2E21E71F54BFF5CAE82AB9C9DF69EE86D2BC522363A0D" + "ABC521979B0DEADA1DBF9A42D5C4484E0ABCD06BFA53DDEF" + + "3C1B20EE3FD59D7C25E41D2B669E1EF16E6F52C3164DF4FB" + "7930E9E4E58857B6AC7D5F42D69F6D187763CF1D55034004" + + "87F55BA57E31CC7A7135C886EFB4318AED6A1E012D9E6832" + "A907600A918130C46DC778F971AD0038092999A333CB8B7A" + + "1A1DB93D7140003C2A4ECEA9F98D0ACC0A8291CDCEC97DCF" + "8EC9B55A7F88A46B4DB5A851F44182E1C68A007E5E0DD902" + + "0BFD64B645036C7A4E677D2C38532A3A23BA4442CAF53EA6" + "3BB454329B7624C8917BDD64B1C0FD4CB38E8C334C701C3A" + + "CDAD0657FCCFEC719B1F5C3E4E46041F388147FB4CFDB477" + "A52471F7A9A96910B855322EDB6340D8A00EF092350511E3" + + "0ABEC1FFF9E3A26E7FB29F8C183023C3587E38DA0077D9B4" + "763E4E4B94B2BBC194C6651E77CAF992EEAAC0232A281BF6" + + "B3A739C1226116820AE8DB5847A67CBEF9C9091B462D538C" + "D72B03746AE77F5E62292C311562A846505DC82DB854338A" + + "E49F5235C95B91178CCF2DD5CACEF403EC9D1810C6272B04" + "5B3B71F9DC6B80D63FDD4A8E9ADB1E6962A69526D43161C1" + + "A41D570D7938DAD4A40E329CCFF46AAA36AD004CF600C838" + "1E425A31D951AE64FDB23FCEC9509D43687FEB69EDD1CC5E" + + "0B8CC3BDF64B10EF86B63142A3AB8829555B2F747C932665" + "CB2C0F1CC01BD70229388839D2AF05E454504AC78B758282" + + "2846C0BA35C35F5C59160CC046FD8251541FC68C9C86B022" + "BB7099876A460E7451A8A93109703FEE1C217E6C3826E52C" + + "51AA691E0E423CFC99E9E31650C1217B624816CDAD9A95F9" + "D5B8019488D9C0A0A1FE3075A577E23183F81D4A3F2FA457" + + "1EFC8CE0BA8A4FE8B6855DFE72B0A66EDED2FBABFBE58A30" + "FAFABE1C5D71A87E2F741EF8C1FE86FEA6BBFDE530677F0D" + + "97D11D49F7A8443D0822E506A9F4614E011E2A94838FF88C" + "D68C8BB7C5C6424CFFFFFFFFFFFFFFFF"; + private static readonly int rfc7919_ffdhe8192_l = System.Math.Max(400, 200 * 2); // MAX(RFC7919,FIPS) + public static readonly DHGroup rfc7919_ffdhe8192 = SafePrimeGen2(rfc7919_ffdhe8192_p, rfc7919_ffdhe8192_l); + } +} diff --git a/BouncyCastle/crypto/src/tls/crypto/Srp6Group.cs b/BouncyCastle/crypto/src/tls/crypto/Srp6Group.cs new file mode 100644 index 0000000..dae4ca1 --- /dev/null +++ b/BouncyCastle/crypto/src/tls/crypto/Srp6Group.cs @@ -0,0 +1,31 @@ +using System; + +using Org.BouncyCastle.Math; + +namespace Org.BouncyCastle.Tls.Crypto +{ + /// Carrier class for SRP-6 group parameters. + public class Srp6Group + { + private readonly BigInteger n, g; + + /// Base constructor. + /// the n value. + /// the g value. + public Srp6Group(BigInteger n, BigInteger g) + { + this.n = n; + this.g = g; + } + + public virtual BigInteger G + { + get { return g; } + } + + public virtual BigInteger N + { + get { return n; } + } + } +} diff --git a/BouncyCastle/crypto/src/tls/crypto/Srp6StandardGroups.cs b/BouncyCastle/crypto/src/tls/crypto/Srp6StandardGroups.cs new file mode 100644 index 0000000..371079c --- /dev/null +++ b/BouncyCastle/crypto/src/tls/crypto/Srp6StandardGroups.cs @@ -0,0 +1,159 @@ +using System; + +using Org.BouncyCastle.Math; +using Org.BouncyCastle.Utilities.Encoders; + +namespace Org.BouncyCastle.Tls.Crypto +{ + /// A selection of standard groups for SRP-6. + public class Srp6StandardGroups + { + private static BigInteger FromHex(string hex) + { + return new BigInteger(1, Hex.DecodeStrict(hex)); + } + + private static Srp6Group FromNG(string hexN, string hexG) + { + return new Srp6Group(FromHex(hexN), FromHex(hexG)); + } + + /* + * RFC 5054 + */ + private static readonly string rfc5054_1024_N = "EEAF0AB9ADB38DD69C33F80AFA8FC5E86072618775FF3C0B9EA2314C" + + "9C256576D674DF7496EA81D3383B4813D692C6E0E0D5D8E250B98BE4" + + "8E495C1D6089DAD15DC7D7B46154D6B6CE8EF4AD69B15D4982559B29" + + "7BCF1885C529F566660E57EC68EDBC3C05726CC02FD4CBF4976EAA9A" + "FD5138FE8376435B9FC61D2FC0EB06E3"; + private static readonly string rfc5054_1024_g = "02"; + public static readonly Srp6Group rfc5054_1024 = FromNG(rfc5054_1024_N, rfc5054_1024_g); + + private static readonly string rfc5054_1536_N = "9DEF3CAFB939277AB1F12A8617A47BBBDBA51DF499AC4C80BEEEA961" + + "4B19CC4D5F4F5F556E27CBDE51C6A94BE4607A291558903BA0D0F843" + + "80B655BB9A22E8DCDF028A7CEC67F0D08134B1C8B97989149B609E0B" + + "E3BAB63D47548381DBC5B1FC764E3F4B53DD9DA1158BFD3E2B9C8CF5" + + "6EDF019539349627DB2FD53D24B7C48665772E437D6C7F8CE442734A" + + "F7CCB7AE837C264AE3A9BEB87F8A2FE9B8B5292E5A021FFF5E91479E" + + "8CE7A28C2442C6F315180F93499A234DCF76E3FED135F9BB"; + private static readonly string rfc5054_1536_g = "02"; + public static readonly Srp6Group rfc5054_1536 = FromNG(rfc5054_1536_N, rfc5054_1536_g); + + private static readonly string rfc5054_2048_N = "AC6BDB41324A9A9BF166DE5E1389582FAF72B6651987EE07FC319294" + + "3DB56050A37329CBB4A099ED8193E0757767A13DD52312AB4B03310D" + + "CD7F48A9DA04FD50E8083969EDB767B0CF6095179A163AB3661A05FB" + + "D5FAAAE82918A9962F0B93B855F97993EC975EEAA80D740ADBF4FF74" + + "7359D041D5C33EA71D281E446B14773BCA97B43A23FB801676BD207A" + + "436C6481F1D2B9078717461A5B9D32E688F87748544523B524B0D57D" + + "5EA77A2775D2ECFA032CFBDBF52FB3786160279004E57AE6AF874E73" + + "03CE53299CCC041C7BC308D82A5698F3A8D0C38271AE35F8E9DBFBB6" + + "94B5C803D89F7AE435DE236D525F54759B65E372FCD68EF20FA7111F" + "9E4AFF73"; + private static readonly string rfc5054_2048_g = "02"; + public static readonly Srp6Group rfc5054_2048 = FromNG(rfc5054_2048_N, rfc5054_2048_g); + + private static readonly string rfc5054_3072_N = "FFFFFFFFFFFFFFFFC90FDAA22168C234C4C6628B80DC1CD129024E08" + + "8A67CC74020BBEA63B139B22514A08798E3404DDEF9519B3CD3A431B" + + "302B0A6DF25F14374FE1356D6D51C245E485B576625E7EC6F44C42E9" + + "A637ED6B0BFF5CB6F406B7EDEE386BFB5A899FA5AE9F24117C4B1FE6" + + "49286651ECE45B3DC2007CB8A163BF0598DA48361C55D39A69163FA8" + + "FD24CF5F83655D23DCA3AD961C62F356208552BB9ED529077096966D" + + "670C354E4ABC9804F1746C08CA18217C32905E462E36CE3BE39E772C" + + "180E86039B2783A2EC07A28FB5C55DF06F4C52C9DE2BCBF695581718" + + "3995497CEA956AE515D2261898FA051015728E5A8AAAC42DAD33170D" + + "04507A33A85521ABDF1CBA64ECFB850458DBEF0A8AEA71575D060C7D" + + "B3970F85A6E1E4C7ABF5AE8CDB0933D71E8C94E04A25619DCEE3D226" + + "1AD2EE6BF12FFA06D98A0864D87602733EC86A64521F2B18177B200C" + + "BBE117577A615D6C770988C0BAD946E208E24FA074E5AB3143DB5BFC" + "E0FD108E4B82D120A93AD2CAFFFFFFFFFFFFFFFF"; + private static readonly string rfc5054_3072_g = "05"; + public static readonly Srp6Group rfc5054_3072 = FromNG(rfc5054_3072_N, rfc5054_3072_g); + + private static readonly string rfc5054_4096_N = "FFFFFFFFFFFFFFFFC90FDAA22168C234C4C6628B80DC1CD129024E08" + + "8A67CC74020BBEA63B139B22514A08798E3404DDEF9519B3CD3A431B" + + "302B0A6DF25F14374FE1356D6D51C245E485B576625E7EC6F44C42E9" + + "A637ED6B0BFF5CB6F406B7EDEE386BFB5A899FA5AE9F24117C4B1FE6" + + "49286651ECE45B3DC2007CB8A163BF0598DA48361C55D39A69163FA8" + + "FD24CF5F83655D23DCA3AD961C62F356208552BB9ED529077096966D" + + "670C354E4ABC9804F1746C08CA18217C32905E462E36CE3BE39E772C" + + "180E86039B2783A2EC07A28FB5C55DF06F4C52C9DE2BCBF695581718" + + "3995497CEA956AE515D2261898FA051015728E5A8AAAC42DAD33170D" + + "04507A33A85521ABDF1CBA64ECFB850458DBEF0A8AEA71575D060C7D" + + "B3970F85A6E1E4C7ABF5AE8CDB0933D71E8C94E04A25619DCEE3D226" + + "1AD2EE6BF12FFA06D98A0864D87602733EC86A64521F2B18177B200C" + + "BBE117577A615D6C770988C0BAD946E208E24FA074E5AB3143DB5BFC" + + "E0FD108E4B82D120A92108011A723C12A787E6D788719A10BDBA5B26" + + "99C327186AF4E23C1A946834B6150BDA2583E9CA2AD44CE8DBBBC2DB" + + "04DE8EF92E8EFC141FBECAA6287C59474E6BC05D99B2964FA090C3A2" + + "233BA186515BE7ED1F612970CEE2D7AFB81BDD762170481CD0069127" + + "D5B05AA993B4EA988D8FDDC186FFB7DC90A6C08F4DF435C934063199" + "FFFFFFFFFFFFFFFF"; + private static readonly string rfc5054_4096_g = "05"; + public static readonly Srp6Group rfc5054_4096 = FromNG(rfc5054_4096_N, rfc5054_4096_g); + + private static readonly string rfc5054_6144_N = "FFFFFFFFFFFFFFFFC90FDAA22168C234C4C6628B80DC1CD129024E08" + + "8A67CC74020BBEA63B139B22514A08798E3404DDEF9519B3CD3A431B" + + "302B0A6DF25F14374FE1356D6D51C245E485B576625E7EC6F44C42E9" + + "A637ED6B0BFF5CB6F406B7EDEE386BFB5A899FA5AE9F24117C4B1FE6" + + "49286651ECE45B3DC2007CB8A163BF0598DA48361C55D39A69163FA8" + + "FD24CF5F83655D23DCA3AD961C62F356208552BB9ED529077096966D" + + "670C354E4ABC9804F1746C08CA18217C32905E462E36CE3BE39E772C" + + "180E86039B2783A2EC07A28FB5C55DF06F4C52C9DE2BCBF695581718" + + "3995497CEA956AE515D2261898FA051015728E5A8AAAC42DAD33170D" + + "04507A33A85521ABDF1CBA64ECFB850458DBEF0A8AEA71575D060C7D" + + "B3970F85A6E1E4C7ABF5AE8CDB0933D71E8C94E04A25619DCEE3D226" + + "1AD2EE6BF12FFA06D98A0864D87602733EC86A64521F2B18177B200C" + + "BBE117577A615D6C770988C0BAD946E208E24FA074E5AB3143DB5BFC" + + "E0FD108E4B82D120A92108011A723C12A787E6D788719A10BDBA5B26" + + "99C327186AF4E23C1A946834B6150BDA2583E9CA2AD44CE8DBBBC2DB" + + "04DE8EF92E8EFC141FBECAA6287C59474E6BC05D99B2964FA090C3A2" + + "233BA186515BE7ED1F612970CEE2D7AFB81BDD762170481CD0069127" + + "D5B05AA993B4EA988D8FDDC186FFB7DC90A6C08F4DF435C934028492" + + "36C3FAB4D27C7026C1D4DCB2602646DEC9751E763DBA37BDF8FF9406" + + "AD9E530EE5DB382F413001AEB06A53ED9027D831179727B0865A8918" + + "DA3EDBEBCF9B14ED44CE6CBACED4BB1BDB7F1447E6CC254B33205151" + + "2BD7AF426FB8F401378CD2BF5983CA01C64B92ECF032EA15D1721D03" + + "F482D7CE6E74FEF6D55E702F46980C82B5A84031900B1C9E59E7C97F" + + "BEC7E8F323A97A7E36CC88BE0F1D45B7FF585AC54BD407B22B4154AA" + + "CC8F6D7EBF48E1D814CC5ED20F8037E0A79715EEF29BE32806A1D58B" + + "B7C5DA76F550AA3D8A1FBFF0EB19CCB1A313D55CDA56C9EC2EF29632" + + "387FE8D76E3C0468043E8F663F4860EE12BF2D5B0B7474D6E694F91E" + "6DCC4024FFFFFFFFFFFFFFFF"; + private static readonly string rfc5054_6144_g = "05"; + public static readonly Srp6Group rfc5054_6144 = FromNG(rfc5054_6144_N, rfc5054_6144_g); + + private static readonly string rfc5054_8192_N = "FFFFFFFFFFFFFFFFC90FDAA22168C234C4C6628B80DC1CD129024E08" + + "8A67CC74020BBEA63B139B22514A08798E3404DDEF9519B3CD3A431B" + + "302B0A6DF25F14374FE1356D6D51C245E485B576625E7EC6F44C42E9" + + "A637ED6B0BFF5CB6F406B7EDEE386BFB5A899FA5AE9F24117C4B1FE6" + + "49286651ECE45B3DC2007CB8A163BF0598DA48361C55D39A69163FA8" + + "FD24CF5F83655D23DCA3AD961C62F356208552BB9ED529077096966D" + + "670C354E4ABC9804F1746C08CA18217C32905E462E36CE3BE39E772C" + + "180E86039B2783A2EC07A28FB5C55DF06F4C52C9DE2BCBF695581718" + + "3995497CEA956AE515D2261898FA051015728E5A8AAAC42DAD33170D" + + "04507A33A85521ABDF1CBA64ECFB850458DBEF0A8AEA71575D060C7D" + + "B3970F85A6E1E4C7ABF5AE8CDB0933D71E8C94E04A25619DCEE3D226" + + "1AD2EE6BF12FFA06D98A0864D87602733EC86A64521F2B18177B200C" + + "BBE117577A615D6C770988C0BAD946E208E24FA074E5AB3143DB5BFC" + + "E0FD108E4B82D120A92108011A723C12A787E6D788719A10BDBA5B26" + + "99C327186AF4E23C1A946834B6150BDA2583E9CA2AD44CE8DBBBC2DB" + + "04DE8EF92E8EFC141FBECAA6287C59474E6BC05D99B2964FA090C3A2" + + "233BA186515BE7ED1F612970CEE2D7AFB81BDD762170481CD0069127" + + "D5B05AA993B4EA988D8FDDC186FFB7DC90A6C08F4DF435C934028492" + + "36C3FAB4D27C7026C1D4DCB2602646DEC9751E763DBA37BDF8FF9406" + + "AD9E530EE5DB382F413001AEB06A53ED9027D831179727B0865A8918" + + "DA3EDBEBCF9B14ED44CE6CBACED4BB1BDB7F1447E6CC254B33205151" + + "2BD7AF426FB8F401378CD2BF5983CA01C64B92ECF032EA15D1721D03" + + "F482D7CE6E74FEF6D55E702F46980C82B5A84031900B1C9E59E7C97F" + + "BEC7E8F323A97A7E36CC88BE0F1D45B7FF585AC54BD407B22B4154AA" + + "CC8F6D7EBF48E1D814CC5ED20F8037E0A79715EEF29BE32806A1D58B" + + "B7C5DA76F550AA3D8A1FBFF0EB19CCB1A313D55CDA56C9EC2EF29632" + + "387FE8D76E3C0468043E8F663F4860EE12BF2D5B0B7474D6E694F91E" + + "6DBE115974A3926F12FEE5E438777CB6A932DF8CD8BEC4D073B931BA" + + "3BC832B68D9DD300741FA7BF8AFC47ED2576F6936BA424663AAB639C" + + "5AE4F5683423B4742BF1C978238F16CBE39D652DE3FDB8BEFC848AD9" + + "22222E04A4037C0713EB57A81A23F0C73473FC646CEA306B4BCBC886" + + "2F8385DDFA9D4B7FA2C087E879683303ED5BDD3A062B3CF5B3A278A6" + + "6D2A13F83F44F82DDF310EE074AB6A364597E899A0255DC164F31CC5" + + "0846851DF9AB48195DED7EA1B1D510BD7EE74D73FAF36BC31ECFA268" + + "359046F4EB879F924009438B481C6CD7889A002ED5EE382BC9190DA6" + + "FC026E479558E4475677E9AA9E3050E2765694DFC81F56E880B96E71" + "60C980DD98EDD3DFFFFFFFFFFFFFFFFF"; + private static readonly string rfc5054_8192_g = "13"; + public static readonly Srp6Group rfc5054_8192 = FromNG(rfc5054_8192_N, rfc5054_8192_g); + } +} diff --git a/BouncyCastle/crypto/src/tls/crypto/TlsAgreement.cs b/BouncyCastle/crypto/src/tls/crypto/TlsAgreement.cs new file mode 100644 index 0000000..0635b4e --- /dev/null +++ b/BouncyCastle/crypto/src/tls/crypto/TlsAgreement.cs @@ -0,0 +1,24 @@ +using System; +using System.IO; + +namespace Org.BouncyCastle.Tls.Crypto +{ + /// Base interface for ephemeral key agreement calculator. + public interface TlsAgreement + { + /// Generate an ephemeral key pair, returning the encoding of the public key. + /// a byte encoding of the public key. + /// + byte[] GenerateEphemeral(); + + /// Pass in the public key for the peer to the agreement calculator. + /// a byte encoding of the peer public key. + /// + void ReceivePeerValue(byte[] peerValue); + + /// Calculate the agreed secret based on the calculator's current state. + /// the calculated secret. + /// + TlsSecret CalculateSecret(); + } +} diff --git a/BouncyCastle/crypto/src/tls/crypto/TlsCertificate.cs b/BouncyCastle/crypto/src/tls/crypto/TlsCertificate.cs new file mode 100644 index 0000000..fe507a6 --- /dev/null +++ b/BouncyCastle/crypto/src/tls/crypto/TlsCertificate.cs @@ -0,0 +1,57 @@ +using System; +using System.IO; + +using Org.BouncyCastle.Asn1; +using Org.BouncyCastle.Math; + +namespace Org.BouncyCastle.Tls.Crypto +{ + /// Interface providing the functional representation of a single X.509 certificate. + public interface TlsCertificate + { + /// Return an encryptor based on the public key in this certificate. + /// + /// a based on this certificate's public key. + /// + TlsEncryptor CreateEncryptor(int tlsCertificateRole); + + /// + /// + TlsVerifier CreateVerifier(short signatureAlgorithm); + + /// + /// + TlsVerifier CreateVerifier(int signatureScheme); + + /// + byte[] GetEncoded(); + + /// + byte[] GetExtension(DerObjectIdentifier extensionOid); + + BigInteger SerialNumber { get; } + + /// the OID of this certificate's 'signatureAlgorithm', as a string. + string SigAlgOid { get; } + + /// + Asn1Encodable GetSigAlgParams(); + + /// + /// + short GetLegacySignatureAlgorithm(); + + /// + /// true if (and only if) this certificate can be used to verify the given signature algorithm. + /// + /// + bool SupportsSignatureAlgorithm(short signatureAlgorithm); + + /// + bool SupportsSignatureAlgorithmCA(short signatureAlgorithm); + + /// + /// + TlsCertificate CheckUsageInRole(int tlsCertificateRole); + } +} diff --git a/BouncyCastle/crypto/src/tls/crypto/TlsCertificateRole.cs b/BouncyCastle/crypto/src/tls/crypto/TlsCertificateRole.cs new file mode 100644 index 0000000..f7d81b1 --- /dev/null +++ b/BouncyCastle/crypto/src/tls/crypto/TlsCertificateRole.cs @@ -0,0 +1,12 @@ +using System; + +namespace Org.BouncyCastle.Tls.Crypto +{ + public abstract class TlsCertificateRole + { + public const int DH = 1; + public const int ECDH = 2; + public const int RsaEncryption = 3; + public const int Sm2Encryption = 4; + } +} diff --git a/BouncyCastle/crypto/src/tls/crypto/TlsCipher.cs b/BouncyCastle/crypto/src/tls/crypto/TlsCipher.cs new file mode 100644 index 0000000..4c2147b --- /dev/null +++ b/BouncyCastle/crypto/src/tls/crypto/TlsCipher.cs @@ -0,0 +1,61 @@ +using System; +using System.IO; + +namespace Org.BouncyCastle.Tls.Crypto +{ + /// Base interface for a TLS bulk cipher. + public interface TlsCipher + { + /// Return the maximum input size for a ciphertext given a maximum output size for the plaintext of + /// plaintextLimit bytes. + /// the maximum output size for the plaintext. + /// the maximum input size of the ciphertext for plaintextlimit bytes of output. + int GetCiphertextDecodeLimit(int plaintextLimit); + + /// Return the maximum output size for a ciphertext given an actual input plaintext size of + /// plaintextLength bytes and a maximum input plaintext size of plaintextLimit bytes. + /// the actual input size for the plaintext. + /// the maximum input size for the plaintext. + /// the maximum output size of the ciphertext for plaintextlimit bytes of input. + int GetCiphertextEncodeLimit(int plaintextLength, int plaintextLimit); + + /// Return the maximum size for the plaintext given ciphertextlimit bytes of ciphertext. + /// the maximum number of bytes of ciphertext. + /// the maximum size of the plaintext for ciphertextlimit bytes of input. + int GetPlaintextLimit(int ciphertextLimit); + + /// Encode the passed in plaintext using the current bulk cipher. + /// sequence number of the message represented by plaintext. + /// content type of the message represented by plaintext. + /// used for the record. + /// extra bytes to allocate at start of returned byte array. + /// array holding input plaintext to the cipher. + /// offset into input array the plaintext starts at. + /// length of the plaintext in the array. + /// A containing the result of encoding (after 'headerAllocation' unused + /// bytes). + /// + TlsEncodeResult EncodePlaintext(long seqNo, short contentType, ProtocolVersion recordVersion, + int headerAllocation, byte[] plaintext, int offset, int len); + + /// Decode the passed in ciphertext using the current bulk cipher. + /// sequence number of the message represented by ciphertext. + /// content type used in the record for this message. + /// used for the record. + /// array holding input ciphertext to the cipher. + /// offset into input array the ciphertext starts at. + /// length of the ciphertext in the array. + /// A containing the result of decoding. + /// + TlsDecodeResult DecodeCiphertext(long seqNo, short recordType, ProtocolVersion recordVersion, + byte[] ciphertext, int offset, int len); + + /// + void RekeyDecoder(); + + /// + void RekeyEncoder(); + + bool UsesOpaqueRecordType { get; } + } +} diff --git a/BouncyCastle/crypto/src/tls/crypto/TlsCrypto.cs b/BouncyCastle/crypto/src/tls/crypto/TlsCrypto.cs new file mode 100644 index 0000000..bd003ae --- /dev/null +++ b/BouncyCastle/crypto/src/tls/crypto/TlsCrypto.cs @@ -0,0 +1,181 @@ +using System; +using System.IO; + +using Org.BouncyCastle.Math; +using Org.BouncyCastle.Security; + +namespace Org.BouncyCastle.Tls.Crypto +{ + /// Service and object creation interface for the primitive types and services that are associated with + /// cryptography in the API. + public interface TlsCrypto + { + /// Return true if this TlsCrypto can perform raw signatures and verifications for all supported + /// algorithms. + /// true if this instance can perform raw signatures and verifications for all supported algorithms, + /// false otherwise. + bool HasAllRawSignatureAlgorithms(); + + /// Return true if this TlsCrypto can support DH key agreement. + /// true if this instance can support DH key agreement, false otherwise. + bool HasDHAgreement(); + + /// Return true if this TlsCrypto can support ECDH key agreement. + /// true if this instance can support ECDH key agreement, false otherwise. + bool HasECDHAgreement(); + + /// Return true if this TlsCrypto can support the passed in block/stream encryption algorithm. + /// + /// the algorithm of interest. + /// true if encryptionAlgorithm is supported, false otherwise. + bool HasEncryptionAlgorithm(int encryptionAlgorithm); + + /// Return true if this TlsCrypto can support the passed in hash algorithm. + /// the algorithm of interest. + /// true if cryptoHashAlgorithm is supported, false otherwise. + bool HasCryptoHashAlgorithm(int cryptoHashAlgorithm); + + /// Return true if this TlsCrypto can support the passed in signature algorithm (not necessarily in + /// combination with EVERY hash algorithm). + /// the algorithm of interest. + /// true if cryptoSignatureAlgorithm is supported, false otherwise. + bool HasCryptoSignatureAlgorithm(int cryptoSignatureAlgorithm); + + /// Return true if this TlsCrypto can support the passed in MAC algorithm. + /// the algorithm of interest. + /// true if macAlgorithm is supported, false otherwise. + bool HasMacAlgorithm(int macAlgorithm); + + /// Return true if this TlsCrypto supports the passed in named group + /// value. + /// true if this instance supports the passed in named group value. + /// + bool HasNamedGroup(int namedGroup); + + /// Return true if this TlsCrypto can support RSA encryption/decryption. + /// true if this instance can support RSA encryption/decryption, false otherwise. + bool HasRsaEncryption(); + + /// Return true if this TlsCrypto can support the passed in signature algorithm (not necessarily in + /// combination with EVERY hash algorithm). + /// true if signatureAlgorithm is supported, false otherwise. + bool HasSignatureAlgorithm(short signatureAlgorithm); + + /// Return true if this TlsCrypto can support the passed in signature algorithm. + /// the algorithm of interest. + /// true if sigAndHashAlgorithm is supported, false otherwise. + bool HasSignatureAndHashAlgorithm(SignatureAndHashAlgorithm sigAndHashAlgorithm); + + /// Return true if this TlsCrypto can support the passed in signature scheme. + /// the scheme of interest. + /// true if signatureScheme is supported, false otherwise. + bool HasSignatureScheme(int signatureScheme); + + /// Return true if this TlsCrypto can support SRP authentication. + /// true if this instance can support SRP authentication, false otherwise. + bool HasSrpAuthentication(); + + /// Create a TlsSecret object based on provided data. + /// the data to base the TlsSecret on. + /// a TlsSecret based on the provided data. + TlsSecret CreateSecret(byte[] data); + + /// Create a TlsSecret object containing a randomly-generated RSA PreMasterSecret + /// the client version to place in the first 2 bytes + /// a TlsSecret containing the PreMasterSecret. + TlsSecret GenerateRsaPreMasterSecret(ProtocolVersion clientVersion); + + /// Return the primary (safest) SecureRandom for this crypto. + /// a SecureRandom suitable for key generation. + SecureRandom SecureRandom { get; } + + /// Create a TlsCertificate from an ASN.1 binary encoding of an X.509 certificate. + /// DER/BER encoding of the certificate of interest. + /// a TlsCertificate. + /// if there is an issue on decoding or constructing the certificate. + TlsCertificate CreateCertificate(byte[] encoding); + + /// Create a cipher for the specified encryption and MAC algorithms. + /// + /// See enumeration classes , for appropriate + /// argument values. + /// + /// context specific parameters. + /// the encryption algorithm to be employed by the cipher. + /// the MAC algorithm to be employed by the cipher. + /// a implementing the encryption and MAC algorithms. + /// + TlsCipher CreateCipher(TlsCryptoParameters cryptoParams, int encryptionAlgorithm, int macAlgorithm); + + /// Create a domain object supporting the domain parameters described in dhConfig. + /// the config describing the DH parameters to use. + /// a TlsDHDomain supporting the parameters in dhConfig. + TlsDHDomain CreateDHDomain(TlsDHConfig dhConfig); + + /// Create a domain object supporting the domain parameters described in ecConfig. + /// the config describing the EC parameters to use. + /// a TlsECDomain supporting the parameters in ecConfig. + TlsECDomain CreateECDomain(TlsECConfig ecConfig); + + /// Adopt the passed in secret, creating a new copy of it. + /// the secret to make a copy of. + /// a TlsSecret based on the original secret. + TlsSecret AdoptSecret(TlsSecret secret); + + /// Create a suitable hash for the hash algorithm identifier passed in. + /// + /// See enumeration class for appropriate argument values. + /// + /// the hash algorithm the hash needs to implement. + /// a . + TlsHash CreateHash(int cryptoHashAlgorithm); + + /// Create a suitable HMAC for the MAC algorithm identifier passed in. + /// + /// See enumeration class for appropriate argument values. + /// + /// the MAC algorithm the HMAC needs to match. + /// a . + TlsHmac CreateHmac(int macAlgorithm); + + /// Create a suitable HMAC using the hash algorithm identifier passed in. + /// + /// See enumeration class for appropriate argument values. + /// + /// the hash algorithm the HMAC should use. + /// a . + TlsHmac CreateHmacForHash(int cryptoHashAlgorithm); + + /// Create a nonce generator. + /// + /// Each call should construct a new generator, and the generator should be returned from this call only after + /// automatically seeding from this 's entropy source, and from the provided additional + /// seed material. The output of each returned generator must be completely independent of the others. + /// + /// context-specific seed material + /// a . + TlsNonceGenerator CreateNonceGenerator(byte[] additionalSeedMaterial); + + /// Create an SRP-6 client. + /// client config. + /// an initialised SRP6 client object. + TlsSrp6Client CreateSrp6Client(TlsSrpConfig srpConfig); + + /// Create an SRP-6 server. + /// server config. + /// the SRP6 verifier value. + /// an initialised SRP6 server object. + TlsSrp6Server CreateSrp6Server(TlsSrpConfig srpConfig, BigInteger srpVerifier); + + /// Create an SRP-6 verifier generator. + /// generator config. + /// an initialized SRP6 verifier generator. + TlsSrp6VerifierGenerator CreateSrp6VerifierGenerator(TlsSrpConfig srpConfig); + + /// Setup an initial "secret" for a chain of HKDF calls (RFC 5869), containing a string of HashLen + /// zeroes. + /// the hash algorithm to instantiate HMAC with. See + /// for values. + TlsSecret HkdfInit(int cryptoHashAlgorithm); + } +} diff --git a/BouncyCastle/crypto/src/tls/crypto/TlsCryptoException.cs b/BouncyCastle/crypto/src/tls/crypto/TlsCryptoException.cs new file mode 100644 index 0000000..83c3ef7 --- /dev/null +++ b/BouncyCastle/crypto/src/tls/crypto/TlsCryptoException.cs @@ -0,0 +1,19 @@ +using System; + +namespace Org.BouncyCastle.Tls.Crypto +{ + /// Basic exception class for crypto services to pass back a cause. + public class TlsCryptoException + : TlsException + { + public TlsCryptoException(string msg) + : base(msg) + { + } + + public TlsCryptoException(string msg, Exception cause) + : base(msg, cause) + { + } + } +} diff --git a/BouncyCastle/crypto/src/tls/crypto/TlsCryptoParameters.cs b/BouncyCastle/crypto/src/tls/crypto/TlsCryptoParameters.cs new file mode 100644 index 0000000..008a2dd --- /dev/null +++ b/BouncyCastle/crypto/src/tls/crypto/TlsCryptoParameters.cs @@ -0,0 +1,49 @@ +using System; + +namespace Org.BouncyCastle.Tls.Crypto +{ + // TODO[tls-port] Would rather this be sealed + /// Carrier class for context-related parameters needed for creating secrets and ciphers. + public class TlsCryptoParameters + { + private readonly TlsContext m_context; + + /// Base constructor. + /// the context for this parameters object. + public TlsCryptoParameters(TlsContext context) + { + this.m_context = context; + } + + public SecurityParameters SecurityParameters + { + get { return m_context.SecurityParameters; } + } + + public ProtocolVersion ClientVersion + { + get { return m_context.ClientVersion; } + } + + public ProtocolVersion RsaPreMasterSecretVersion + { + get { return m_context.RsaPreMasterSecretVersion; } + } + + // TODO[tls-port] Would rather this be non-virtual + public virtual ProtocolVersion ServerVersion + { + get { return m_context.ServerVersion; } + } + + public bool IsServer + { + get { return m_context.IsServer; } + } + + public TlsNonceGenerator NonceGenerator + { + get { return m_context.NonceGenerator; } + } + } +} diff --git a/BouncyCastle/crypto/src/tls/crypto/TlsCryptoUtilities.cs b/BouncyCastle/crypto/src/tls/crypto/TlsCryptoUtilities.cs new file mode 100644 index 0000000..757eda1 --- /dev/null +++ b/BouncyCastle/crypto/src/tls/crypto/TlsCryptoUtilities.cs @@ -0,0 +1,189 @@ +using System; +using System.IO; + +namespace Org.BouncyCastle.Tls.Crypto +{ + public abstract class TlsCryptoUtilities + { + // "tls13 " + private static readonly byte[] Tls13Prefix = new byte[] { 0x74, 0x6c, 0x73, 0x31, 0x33, 0x20 }; + + public static int GetHash(short hashAlgorithm) + { + switch (hashAlgorithm) + { + case HashAlgorithm.md5: + return CryptoHashAlgorithm.md5; + case HashAlgorithm.sha1: + return CryptoHashAlgorithm.sha1; + case HashAlgorithm.sha224: + return CryptoHashAlgorithm.sha224; + case HashAlgorithm.sha256: + return CryptoHashAlgorithm.sha256; + case HashAlgorithm.sha384: + return CryptoHashAlgorithm.sha384; + case HashAlgorithm.sha512: + return CryptoHashAlgorithm.sha512; + default: + throw new ArgumentException("specified HashAlgorithm invalid: " + HashAlgorithm.GetText(hashAlgorithm)); + } + } + + public static int GetHashForHmac(int macAlgorithm) + { + switch (macAlgorithm) + { + case MacAlgorithm.hmac_md5: + return CryptoHashAlgorithm.md5; + case MacAlgorithm.hmac_sha1: + return CryptoHashAlgorithm.sha1; + case MacAlgorithm.hmac_sha256: + return CryptoHashAlgorithm.sha256; + case MacAlgorithm.hmac_sha384: + return CryptoHashAlgorithm.sha384; + case MacAlgorithm.hmac_sha512: + return CryptoHashAlgorithm.sha512; + default: + throw new ArgumentException("specified MacAlgorithm not an HMAC: " + MacAlgorithm.GetText(macAlgorithm)); + } + } + + public static int GetHashForPrf(int prfAlgorithm) + { + switch (prfAlgorithm) + { + case PrfAlgorithm.ssl_prf_legacy: + case PrfAlgorithm.tls_prf_legacy: + throw new ArgumentException("legacy PRF not a valid algorithm"); + case PrfAlgorithm.tls_prf_sha256: + case PrfAlgorithm.tls13_hkdf_sha256: + return CryptoHashAlgorithm.sha256; + case PrfAlgorithm.tls_prf_sha384: + case PrfAlgorithm.tls13_hkdf_sha384: + return CryptoHashAlgorithm.sha384; + case PrfAlgorithm.tls13_hkdf_sm3: + return CryptoHashAlgorithm.sm3; + default: + throw new ArgumentException("unknown PrfAlgorithm: " + PrfAlgorithm.GetText(prfAlgorithm)); + } + } + + public static int GetHashInternalSize(int cryptoHashAlgorithm) + { + switch (cryptoHashAlgorithm) + { + case CryptoHashAlgorithm.md5: + case CryptoHashAlgorithm.sha1: + case CryptoHashAlgorithm.sha224: + case CryptoHashAlgorithm.sha256: + case CryptoHashAlgorithm.sm3: + return 64; + case CryptoHashAlgorithm.sha384: + case CryptoHashAlgorithm.sha512: + return 128; + default: + throw new ArgumentException(); + } + } + + public static int GetHashOutputSize(int cryptoHashAlgorithm) + { + switch (cryptoHashAlgorithm) + { + case CryptoHashAlgorithm.md5: + return 16; + case CryptoHashAlgorithm.sha1: + return 20; + case CryptoHashAlgorithm.sha224: + return 28; + case CryptoHashAlgorithm.sha256: + case CryptoHashAlgorithm.sm3: + return 32; + case CryptoHashAlgorithm.sha384: + return 48; + case CryptoHashAlgorithm.sha512: + return 64; + default: + throw new ArgumentException(); + } + } + + public static int GetSignature(short signatureAlgorithm) + { + switch (signatureAlgorithm) + { + case SignatureAlgorithm.rsa: + return CryptoSignatureAlgorithm.rsa; + case SignatureAlgorithm.dsa: + return CryptoSignatureAlgorithm.dsa; + case SignatureAlgorithm.ecdsa: + return CryptoSignatureAlgorithm.ecdsa; + case SignatureAlgorithm.rsa_pss_rsae_sha256: + return CryptoSignatureAlgorithm.rsa_pss_rsae_sha256; + case SignatureAlgorithm.rsa_pss_rsae_sha384: + return CryptoSignatureAlgorithm.rsa_pss_rsae_sha384; + case SignatureAlgorithm.rsa_pss_rsae_sha512: + return CryptoSignatureAlgorithm.rsa_pss_rsae_sha512; + case SignatureAlgorithm.ed25519: + return CryptoSignatureAlgorithm.ed25519; + case SignatureAlgorithm.ed448: + return CryptoSignatureAlgorithm.ed448; + case SignatureAlgorithm.rsa_pss_pss_sha256: + return CryptoSignatureAlgorithm.rsa_pss_pss_sha256; + case SignatureAlgorithm.rsa_pss_pss_sha384: + return CryptoSignatureAlgorithm.rsa_pss_pss_sha384; + case SignatureAlgorithm.rsa_pss_pss_sha512: + return CryptoSignatureAlgorithm.rsa_pss_pss_sha512; + case SignatureAlgorithm.gostr34102012_256: + return CryptoSignatureAlgorithm.gostr34102012_256; + case SignatureAlgorithm.gostr34102012_512: + return CryptoSignatureAlgorithm.gostr34102012_512; + default: + throw new ArgumentException("specified SignatureAlgorithm invalid: " + + SignatureAlgorithm.GetText(signatureAlgorithm)); + } + } + + /// + public static TlsSecret HkdfExpandLabel(TlsSecret secret, int cryptoHashAlgorithm, string label, + byte[] context, int length) + { + int labelLength = label.Length; + if (labelLength < 1) + throw new TlsFatalAlert(AlertDescription.internal_error); + + int contextLength = context.Length; + int expandedLabelLength = Tls13Prefix.Length + labelLength; + + byte[] hkdfLabel = new byte[2 + (1 + expandedLabelLength) + (1 + contextLength)]; + + // uint16 length + { + TlsUtilities.CheckUint16(length); + TlsUtilities.WriteUint16(length, hkdfLabel, 0); + } + + // opaque label<7..255> + { + TlsUtilities.CheckUint8(expandedLabelLength); + TlsUtilities.WriteUint8(expandedLabelLength, hkdfLabel, 2); + + Array.Copy(Tls13Prefix, 0, hkdfLabel, 2 + 1, Tls13Prefix.Length); + + int labelPos = 2 + (1 + Tls13Prefix.Length); + for (int i = 0; i < labelLength; ++i) + { + char c = label[i]; + hkdfLabel[labelPos + i] = (byte)c; + } + } + + // context + { + TlsUtilities.WriteOpaque8(context, hkdfLabel, 2 + (1 + expandedLabelLength)); + } + + return secret.HkdfExpand(cryptoHashAlgorithm, hkdfLabel, length); + } + } +} diff --git a/BouncyCastle/crypto/src/tls/crypto/TlsDHConfig.cs b/BouncyCastle/crypto/src/tls/crypto/TlsDHConfig.cs new file mode 100644 index 0000000..8ec7030 --- /dev/null +++ b/BouncyCastle/crypto/src/tls/crypto/TlsDHConfig.cs @@ -0,0 +1,41 @@ +using System; + +namespace Org.BouncyCastle.Tls.Crypto +{ + /// Basic config for Diffie-Hellman. + public class TlsDHConfig + { + protected readonly DHGroup m_explicitGroup; + protected readonly int m_namedGroup; + protected readonly bool m_padded; + + public TlsDHConfig(DHGroup explicitGroup) + { + this.m_explicitGroup = explicitGroup; + this.m_namedGroup = -1; + this.m_padded = false; + } + + public TlsDHConfig(int namedGroup, bool padded) + { + this.m_explicitGroup = null; + this.m_namedGroup = namedGroup; + this.m_padded = padded; + } + + public virtual DHGroup ExplicitGroup + { + get { return m_explicitGroup; } + } + + public virtual int NamedGroup + { + get { return m_namedGroup; } + } + + public virtual bool IsPadded + { + get { return m_padded; } + } + } +} diff --git a/BouncyCastle/crypto/src/tls/crypto/TlsDHDomain.cs b/BouncyCastle/crypto/src/tls/crypto/TlsDHDomain.cs new file mode 100644 index 0000000..1184412 --- /dev/null +++ b/BouncyCastle/crypto/src/tls/crypto/TlsDHDomain.cs @@ -0,0 +1,12 @@ +using System; + +namespace Org.BouncyCastle.Tls.Crypto +{ + /// Domain interface to service factory for creating Diffie-Hellman operators. + public interface TlsDHDomain + { + /// Return an agreement operator suitable for ephemeral Diffie-Hellman. + /// a key agreement operator. + TlsAgreement CreateDH(); + } +} diff --git a/BouncyCastle/crypto/src/tls/crypto/TlsDecodeResult.cs b/BouncyCastle/crypto/src/tls/crypto/TlsDecodeResult.cs new file mode 100644 index 0000000..84b911b --- /dev/null +++ b/BouncyCastle/crypto/src/tls/crypto/TlsDecodeResult.cs @@ -0,0 +1,19 @@ +using System; + +namespace Org.BouncyCastle.Tls.Crypto +{ + public sealed class TlsDecodeResult + { + public readonly byte[] buf; + public readonly int off, len; + public readonly short contentType; + + public TlsDecodeResult(byte[] buf, int off, int len, short contentType) + { + this.buf = buf; + this.off = off; + this.len = len; + this.contentType = contentType; + } + } +} diff --git a/BouncyCastle/crypto/src/tls/crypto/TlsECConfig.cs b/BouncyCastle/crypto/src/tls/crypto/TlsECConfig.cs new file mode 100644 index 0000000..156e59d --- /dev/null +++ b/BouncyCastle/crypto/src/tls/crypto/TlsECConfig.cs @@ -0,0 +1,22 @@ +using System; + +namespace Org.BouncyCastle.Tls.Crypto +{ + /// Carrier class for Elliptic Curve parameter configuration. + public class TlsECConfig + { + protected readonly int m_namedGroup; + + public TlsECConfig(int namedGroup) + { + this.m_namedGroup = namedGroup; + } + + /// Return the group used. + /// the named group used. + public virtual int NamedGroup + { + get { return m_namedGroup; } + } + } +} diff --git a/BouncyCastle/crypto/src/tls/crypto/TlsECDomain.cs b/BouncyCastle/crypto/src/tls/crypto/TlsECDomain.cs new file mode 100644 index 0000000..74567b3 --- /dev/null +++ b/BouncyCastle/crypto/src/tls/crypto/TlsECDomain.cs @@ -0,0 +1,12 @@ +using System; + +namespace Org.BouncyCastle.Tls.Crypto +{ + /// Domain interface to service factory for creating Elliptic-Curve (EC) based operators. + public interface TlsECDomain + { + /// Return an agreement operator suitable for ephemeral EC Diffie-Hellman. + /// a key agreement operator. + TlsAgreement CreateECDH(); + } +} diff --git a/BouncyCastle/crypto/src/tls/crypto/TlsEncodeResult.cs b/BouncyCastle/crypto/src/tls/crypto/TlsEncodeResult.cs new file mode 100644 index 0000000..963e456 --- /dev/null +++ b/BouncyCastle/crypto/src/tls/crypto/TlsEncodeResult.cs @@ -0,0 +1,19 @@ +using System; + +namespace Org.BouncyCastle.Tls.Crypto +{ + public sealed class TlsEncodeResult + { + public readonly byte[] buf; + public readonly int off, len; + public readonly short recordType; + + public TlsEncodeResult(byte[] buf, int off, int len, short recordType) + { + this.buf = buf; + this.off = off; + this.len = len; + this.recordType = recordType; + } + } +} diff --git a/BouncyCastle/crypto/src/tls/crypto/TlsEncryptor.cs b/BouncyCastle/crypto/src/tls/crypto/TlsEncryptor.cs new file mode 100644 index 0000000..53f1973 --- /dev/null +++ b/BouncyCastle/crypto/src/tls/crypto/TlsEncryptor.cs @@ -0,0 +1,17 @@ +using System; +using System.IO; + +namespace Org.BouncyCastle.Tls.Crypto +{ + /// Base interface for an encryptor. + public interface TlsEncryptor + { + /// Encrypt data from the passed in input array. + /// byte array containing the input data. + /// offset into input where the data starts. + /// the length of the data to encrypt. + /// the encrypted data. + /// + byte[] Encrypt(byte[] input, int inOff, int length); + } +} diff --git a/BouncyCastle/crypto/src/tls/crypto/TlsHash.cs b/BouncyCastle/crypto/src/tls/crypto/TlsHash.cs new file mode 100644 index 0000000..4732fc2 --- /dev/null +++ b/BouncyCastle/crypto/src/tls/crypto/TlsHash.cs @@ -0,0 +1,25 @@ +using System; + +namespace Org.BouncyCastle.Tls.Crypto +{ + /// Interface for message digest, or hash, services. + public interface TlsHash + { + /// Update the hash with the passed in input. + /// input array containing the data. + /// offset into the input array the input starts at. + /// the length of the input data. + void Update(byte[] input, int inOff, int length); + + /// Return calculated hash for any input passed in. + /// the hash value. + byte[] CalculateHash(); + + /// Return a clone of this hash object representing its current state. + /// a clone of the current hash. + TlsHash CloneHash(); + + /// Reset the hash underlying this service. + void Reset(); + } +} diff --git a/BouncyCastle/crypto/src/tls/crypto/TlsHashSink.cs b/BouncyCastle/crypto/src/tls/crypto/TlsHashSink.cs new file mode 100644 index 0000000..6449674 --- /dev/null +++ b/BouncyCastle/crypto/src/tls/crypto/TlsHashSink.cs @@ -0,0 +1,35 @@ +using System; + +using Org.BouncyCastle.Utilities.IO; + +namespace Org.BouncyCastle.Tls.Crypto +{ + public class TlsHashSink + : BaseOutputStream + { + private readonly TlsHash m_hash; + + public TlsHashSink(TlsHash hash) + { + this.m_hash = hash; + } + + public virtual TlsHash Hash + { + get { return m_hash; } + } + + public override void WriteByte(byte b) + { + m_hash.Update(new byte[] { b }, 0, 1); + } + + public override void Write(byte[] buf, int off, int len) + { + if (len > 0) + { + m_hash.Update(buf, off, len); + } + } + } +} diff --git a/BouncyCastle/crypto/src/tls/crypto/TlsHmac.cs b/BouncyCastle/crypto/src/tls/crypto/TlsHmac.cs new file mode 100644 index 0000000..7629548 --- /dev/null +++ b/BouncyCastle/crypto/src/tls/crypto/TlsHmac.cs @@ -0,0 +1,13 @@ +using System; + +namespace Org.BouncyCastle.Tls.Crypto +{ + /// Interface for MAC services based on HMAC. + public interface TlsHmac + : TlsMac + { + /// Return the internal block size for the message digest underlying this HMAC service. + /// the internal block size for the digest (in bytes). + int InternalBlockSize { get; } + } +} diff --git a/BouncyCastle/crypto/src/tls/crypto/TlsMac.cs b/BouncyCastle/crypto/src/tls/crypto/TlsMac.cs new file mode 100644 index 0000000..f92d946 --- /dev/null +++ b/BouncyCastle/crypto/src/tls/crypto/TlsMac.cs @@ -0,0 +1,36 @@ +using System; + +namespace Org.BouncyCastle.Tls.Crypto +{ + /// Interface for MAC services. + public interface TlsMac + { + /// Set the key to be used by the MAC implementation supporting this service. + /// array holding the MAC key. + /// offset into the array the key starts at. + /// length of the key in the array. + void SetKey(byte[] key, int keyOff, int keyLen); + + /// Update the MAC with the passed in input. + /// input array containing the data. + /// offset into the input array the input starts at. + /// the length of the input data. + void Update(byte[] input, int inOff, int length); + + /// Return calculated MAC for any input passed in. + /// the MAC value. + byte[] CalculateMac(); + + /// Write the calculated MAC to an output buffer. + /// output array to write the MAC to. + /// offset into the output array to write the MAC to. + void CalculateMac(byte[] output, int outOff); + + /// Return the length of the MAC generated by this service. + /// the MAC length. + int MacLength { get; } + + /// Reset the MAC underlying this service. + void Reset(); + } +} diff --git a/BouncyCastle/crypto/src/tls/crypto/TlsMacSink.cs b/BouncyCastle/crypto/src/tls/crypto/TlsMacSink.cs new file mode 100644 index 0000000..58e65c7 --- /dev/null +++ b/BouncyCastle/crypto/src/tls/crypto/TlsMacSink.cs @@ -0,0 +1,35 @@ +using System; + +using Org.BouncyCastle.Utilities.IO; + +namespace Org.BouncyCastle.Tls.Crypto +{ + public class TlsMacSink + : BaseOutputStream + { + private readonly TlsMac m_mac; + + public TlsMacSink(TlsMac mac) + { + this.m_mac = mac; + } + + public virtual TlsMac Mac + { + get { return m_mac; } + } + + public override void WriteByte(byte b) + { + m_mac.Update(new byte[]{ b }, 0, 1); + } + + public override void Write(byte[] buf, int off, int len) + { + if (len > 0) + { + m_mac.Update(buf, off, len); + } + } + } +} diff --git a/BouncyCastle/crypto/src/tls/crypto/TlsNonceGenerator.cs b/BouncyCastle/crypto/src/tls/crypto/TlsNonceGenerator.cs new file mode 100644 index 0000000..00cadc7 --- /dev/null +++ b/BouncyCastle/crypto/src/tls/crypto/TlsNonceGenerator.cs @@ -0,0 +1,12 @@ +using System; + +namespace Org.BouncyCastle.Tls.Crypto +{ + public interface TlsNonceGenerator + { + /// Generate a nonce byte[] string. + /// the length, in bytes, of the nonce to generate. + /// the nonce value. + byte[] GenerateNonce(int size); + } +} diff --git a/BouncyCastle/crypto/src/tls/crypto/TlsNullNullCipher.cs b/BouncyCastle/crypto/src/tls/crypto/TlsNullNullCipher.cs new file mode 100644 index 0000000..082dff3 --- /dev/null +++ b/BouncyCastle/crypto/src/tls/crypto/TlsNullNullCipher.cs @@ -0,0 +1,55 @@ +using System; + +namespace Org.BouncyCastle.Tls.Crypto +{ + /// The cipher for TLS_NULL_WITH_NULL_NULL. + public sealed class TlsNullNullCipher + : TlsCipher + { + public static readonly TlsNullNullCipher Instance = new TlsNullNullCipher(); + + public int GetCiphertextDecodeLimit(int plaintextLimit) + { + return plaintextLimit; + } + + public int GetCiphertextEncodeLimit(int plaintextLength, int plaintextLimit) + { + return plaintextLength; + } + + public int GetPlaintextLimit(int ciphertextLimit) + { + return ciphertextLimit; + } + + public TlsEncodeResult EncodePlaintext(long seqNo, short contentType, ProtocolVersion recordVersion, + int headerAllocation, byte[] plaintext, int offset, int len) + { + byte[] result = new byte[headerAllocation + len]; + Array.Copy(plaintext, offset, result, headerAllocation, len); + return new TlsEncodeResult(result, 0, result.Length, contentType); + } + + public TlsDecodeResult DecodeCiphertext(long seqNo, short recordType, ProtocolVersion recordVersion, + byte[] ciphertext, int offset, int len) + { + return new TlsDecodeResult(ciphertext, offset, len, recordType); + } + + public void RekeyDecoder() + { + throw new TlsFatalAlert(AlertDescription.internal_error); + } + + public void RekeyEncoder() + { + throw new TlsFatalAlert(AlertDescription.internal_error); + } + + public bool UsesOpaqueRecordType + { + get { return false; } + } + } +} diff --git a/BouncyCastle/crypto/src/tls/crypto/TlsSecret.cs b/BouncyCastle/crypto/src/tls/crypto/TlsSecret.cs new file mode 100644 index 0000000..8aea34b --- /dev/null +++ b/BouncyCastle/crypto/src/tls/crypto/TlsSecret.cs @@ -0,0 +1,68 @@ +using System; +using System.IO; + +namespace Org.BouncyCastle.Tls.Crypto +{ + /// Interface supporting the generation of key material and other SSL/TLS secret values from PRFs. + /// + public interface TlsSecret + { + /// Calculate an HMAC with this secret's data as the key. + /// the hash algorithm to instantiate HMAC with. See + /// for values. + /// array containing the input data. + /// offset into the input array the input starts at. + /// the length of the input data. + byte[] CalculateHmac(int cryptoHashAlgorithm, byte[] buf, int off, int len); + + /// Return a new secret based on applying a PRF to this one. + /// PRF algorithm to use. + /// the label details. + /// the seed details. + /// the size (in bytes) of the secret to generate. + /// the new secret. + TlsSecret DeriveUsingPrf(int prfAlgorithm, string label, byte[] seed, int length); + + /// Destroy the internal state of the secret. + /// + /// After this call, any attempt to use the will result in an + /// being thrown. + /// + void Destroy(); + + /// Return an encrypted copy of the data this secret is based on. + /// the encryptor to use for protecting the internal data. + /// an encrypted copy of this secret's internal data. + /// + byte[] Encrypt(TlsEncryptor encryptor); + + /// Return the internal data from this secret. + /// + /// The does not keep a copy of the data. After this call, any attempt to use the + /// will result in an being thrown. + /// + /// the secret's internal data. + byte[] Extract(); + + /// RFC 5869 HKDF-Expand function, with this secret's data as the pseudo-random key ('prk'). + /// the hash algorithm to instantiate HMAC with. See + /// for values. + /// optional context and application specific information (can be zero-length). + /// length of output keying material in octets. + /// output keying material (of 'length' octets). + TlsSecret HkdfExpand(int cryptoHashAlgorithm, byte[] info, int length); + + /// RFC 5869 HKDF-Extract function, with this secret's data as the 'salt'. + /// + /// The does not keep a copy of the data. After this call, any attempt to use + /// the will result in an being thrown. + /// + /// the hash algorithm to instantiate HMAC with. See + /// for values. + /// input keying material. + /// a pseudo-random key (of HashLen octets). + TlsSecret HkdfExtract(int cryptoHashAlgorithm, TlsSecret ikm); + + bool IsAlive(); + } +} diff --git a/BouncyCastle/crypto/src/tls/crypto/TlsSigner.cs b/BouncyCastle/crypto/src/tls/crypto/TlsSigner.cs new file mode 100644 index 0000000..ffd05d9 --- /dev/null +++ b/BouncyCastle/crypto/src/tls/crypto/TlsSigner.cs @@ -0,0 +1,19 @@ +using System; +using System.IO; + +namespace Org.BouncyCastle.Tls.Crypto +{ + /// Base interface for a TLS signer that works on raw message digests. + public interface TlsSigner + { + /// Generate an encoded signature based on the passed in hash. + /// the signature algorithm to use. + /// the hash calculated for the signature. + /// an encoded signature. + /// in case of an exception processing the hash. + byte[] GenerateRawSignature(SignatureAndHashAlgorithm algorithm, byte[] hash); + + /// + TlsStreamSigner GetStreamSigner(SignatureAndHashAlgorithm algorithm); + } +} diff --git a/BouncyCastle/crypto/src/tls/crypto/TlsSrp6Client.cs b/BouncyCastle/crypto/src/tls/crypto/TlsSrp6Client.cs new file mode 100644 index 0000000..e2b545a --- /dev/null +++ b/BouncyCastle/crypto/src/tls/crypto/TlsSrp6Client.cs @@ -0,0 +1,24 @@ +using System; +using System.IO; + +using Org.BouncyCastle.Math; + +namespace Org.BouncyCastle.Tls.Crypto +{ + /// Basic interface for an SRP-6 client implementation. + public interface TlsSrp6Client + { + /// Generates the secret S given the server's credentials + /// The server's credentials + /// Client's verification message for the server + /// If server's credentials are invalid + BigInteger CalculateSecret(BigInteger serverB); + + /// Generates client's credentials given the client's salt, identity and password + /// The salt used in the client's verifier. + /// The user's identity (eg. username) + /// The user's password + /// Client's public value to send to server + BigInteger GenerateClientCredentials(byte[] salt, byte[] identity, byte[] password); + } +} diff --git a/BouncyCastle/crypto/src/tls/crypto/TlsSrp6Server.cs b/BouncyCastle/crypto/src/tls/crypto/TlsSrp6Server.cs new file mode 100644 index 0000000..75dc6fc --- /dev/null +++ b/BouncyCastle/crypto/src/tls/crypto/TlsSrp6Server.cs @@ -0,0 +1,22 @@ +using System; +using System.IO; + +using Org.BouncyCastle.Math; + +namespace Org.BouncyCastle.Tls.Crypto +{ + /// Basic interface for an SRP-6 server implementation. + public interface TlsSrp6Server + { + /// Generates the server's credentials that are to be sent to the client. + /// The server's public value to the client + BigInteger GenerateServerCredentials(); + + /// Processes the client's credentials. If valid the shared secret is generated and returned. + /// + /// The client's credentials. + /// A shared secret . + /// If client's credentials are invalid. + BigInteger CalculateSecret(BigInteger clientA); + } +} diff --git a/BouncyCastle/crypto/src/tls/crypto/TlsSrp6VerifierGenerator.cs b/BouncyCastle/crypto/src/tls/crypto/TlsSrp6VerifierGenerator.cs new file mode 100644 index 0000000..238de98 --- /dev/null +++ b/BouncyCastle/crypto/src/tls/crypto/TlsSrp6VerifierGenerator.cs @@ -0,0 +1,17 @@ +using System; + +using Org.BouncyCastle.Math; + +namespace Org.BouncyCastle.Tls.Crypto +{ + /// Base interface for a generator for SRP-6 verifiers. + public interface TlsSrp6VerifierGenerator + { + /// Creates a new SRP-6 verifier value. + /// The salt to use, generally should be large and random + /// The user's identifying information (eg. username) + /// The user's password + /// A new verifier for use in future SRP authentication + BigInteger GenerateVerifier(byte[] salt, byte[] identity, byte[] password); + } +} diff --git a/BouncyCastle/crypto/src/tls/crypto/TlsSrpConfig.cs b/BouncyCastle/crypto/src/tls/crypto/TlsSrpConfig.cs new file mode 100644 index 0000000..e31e4a5 --- /dev/null +++ b/BouncyCastle/crypto/src/tls/crypto/TlsSrpConfig.cs @@ -0,0 +1,26 @@ +using System; + +using Org.BouncyCastle.Math; + +namespace Org.BouncyCastle.Tls.Crypto +{ + /// Basic config for SRP. + public class TlsSrpConfig + { + protected BigInteger[] m_explicitNG; + + /// Return the (N, g) values used in SRP-6. + /// (N, g) as a BigInteger array (N=[0], g=[1]). + public BigInteger[] GetExplicitNG() + { + return (BigInteger[])m_explicitNG.Clone(); + } + + /// Set the (N, g) values used for SRP-6. + /// (N, g) as a BigInteger array (N=[0], g=[1]). + public void SetExplicitNG(BigInteger[] explicitNG) + { + this.m_explicitNG = (BigInteger[])explicitNG.Clone(); + } + } +} diff --git a/BouncyCastle/crypto/src/tls/crypto/TlsStreamSigner.cs b/BouncyCastle/crypto/src/tls/crypto/TlsStreamSigner.cs new file mode 100644 index 0000000..8f79346 --- /dev/null +++ b/BouncyCastle/crypto/src/tls/crypto/TlsStreamSigner.cs @@ -0,0 +1,14 @@ +using System; +using System.IO; + +namespace Org.BouncyCastle.Tls.Crypto +{ + public interface TlsStreamSigner + { + /// + Stream GetOutputStream(); + + /// + byte[] GetSignature(); + } +} diff --git a/BouncyCastle/crypto/src/tls/crypto/TlsStreamVerifier.cs b/BouncyCastle/crypto/src/tls/crypto/TlsStreamVerifier.cs new file mode 100644 index 0000000..9d18a9c --- /dev/null +++ b/BouncyCastle/crypto/src/tls/crypto/TlsStreamVerifier.cs @@ -0,0 +1,14 @@ +using System; +using System.IO; + +namespace Org.BouncyCastle.Tls.Crypto +{ + public interface TlsStreamVerifier + { + /// + Stream GetOutputStream(); + + /// + bool IsVerified(); + } +} diff --git a/BouncyCastle/crypto/src/tls/crypto/TlsVerifier.cs b/BouncyCastle/crypto/src/tls/crypto/TlsVerifier.cs new file mode 100644 index 0000000..ad2ddbc --- /dev/null +++ b/BouncyCastle/crypto/src/tls/crypto/TlsVerifier.cs @@ -0,0 +1,20 @@ +using System; +using System.IO; + +namespace Org.BouncyCastle.Tls.Crypto +{ + /// Base interface for a TLS verifier that works with signatures and either raw message digests, or entire + /// messages. + public interface TlsVerifier + { + /// + TlsStreamVerifier GetStreamVerifier(DigitallySigned signature); + + /// Return true if the passed in signature and hash represent a real signature. + /// the signature object containing the signature to be verified. + /// the hash calculated for the signature. + /// true if signature verifies, false otherwise. + /// in case of an exception verifying signature. + bool VerifyRawSignature(DigitallySigned signature, byte[] hash); + } +} diff --git a/BouncyCastle/crypto/src/tls/crypto/impl/AbstractTlsCrypto.cs b/BouncyCastle/crypto/src/tls/crypto/impl/AbstractTlsCrypto.cs new file mode 100644 index 0000000..0a634ff --- /dev/null +++ b/BouncyCastle/crypto/src/tls/crypto/impl/AbstractTlsCrypto.cs @@ -0,0 +1,84 @@ +using System; +using System.IO; + +using Org.BouncyCastle.Math; +using Org.BouncyCastle.Security; +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Tls.Crypto.Impl +{ + /// Base class for a TlsCrypto implementation that provides some needed methods from elsewhere in the impl + /// package. + public abstract class AbstractTlsCrypto + : TlsCrypto + { + public abstract bool HasAllRawSignatureAlgorithms(); + + public abstract bool HasDHAgreement(); + + public abstract bool HasECDHAgreement(); + + public abstract bool HasEncryptionAlgorithm(int encryptionAlgorithm); + + public abstract bool HasCryptoHashAlgorithm(int cryptoHashAlgorithm); + + public abstract bool HasCryptoSignatureAlgorithm(int cryptoSignatureAlgorithm); + + public abstract bool HasMacAlgorithm(int macAlgorithm); + + public abstract bool HasNamedGroup(int namedGroup); + + public abstract bool HasRsaEncryption(); + + public abstract bool HasSignatureAlgorithm(short signatureAlgorithm); + + public abstract bool HasSignatureAndHashAlgorithm(SignatureAndHashAlgorithm sigAndHashAlgorithm); + + public abstract bool HasSignatureScheme(int signatureScheme); + + public abstract bool HasSrpAuthentication(); + + public abstract TlsSecret CreateSecret(byte[] data); + + public abstract TlsSecret GenerateRsaPreMasterSecret(ProtocolVersion clientVersion); + + public abstract SecureRandom SecureRandom { get; } + + public abstract TlsCertificate CreateCertificate(byte[] encoding); + + public abstract TlsCipher CreateCipher(TlsCryptoParameters cryptoParams, int encryptionAlgorithm, int macAlgorithm); + + public abstract TlsDHDomain CreateDHDomain(TlsDHConfig dhConfig); + + public abstract TlsECDomain CreateECDomain(TlsECConfig ecConfig); + + public virtual TlsSecret AdoptSecret(TlsSecret secret) + { + // TODO[tls] Need an alternative that doesn't require AbstractTlsSecret (which holds literal data) + if (secret is AbstractTlsSecret) + { + AbstractTlsSecret sec = (AbstractTlsSecret)secret; + + return CreateSecret(sec.CopyData()); + } + + throw new ArgumentException("unrecognized TlsSecret - cannot copy data: " + Platform.GetTypeName(secret)); + } + + public abstract TlsHash CreateHash(int cryptoHashAlgorithm); + + public abstract TlsHmac CreateHmac(int macAlgorithm); + + public abstract TlsHmac CreateHmacForHash(int cryptoHashAlgorithm); + + public abstract TlsNonceGenerator CreateNonceGenerator(byte[] additionalSeedMaterial); + + public abstract TlsSrp6Client CreateSrp6Client(TlsSrpConfig srpConfig); + + public abstract TlsSrp6Server CreateSrp6Server(TlsSrpConfig srpConfig, BigInteger srpVerifier); + + public abstract TlsSrp6VerifierGenerator CreateSrp6VerifierGenerator(TlsSrpConfig srpConfig); + + public abstract TlsSecret HkdfInit(int cryptoHashAlgorithm); + } +} diff --git a/BouncyCastle/crypto/src/tls/crypto/impl/AbstractTlsSecret.cs b/BouncyCastle/crypto/src/tls/crypto/impl/AbstractTlsSecret.cs new file mode 100644 index 0000000..cc07f97 --- /dev/null +++ b/BouncyCastle/crypto/src/tls/crypto/impl/AbstractTlsSecret.cs @@ -0,0 +1,105 @@ +using System; +using System.IO; + +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Tls.Crypto.Impl +{ + /// Base class for a TlsSecret implementation which captures common code and fields. + public abstract class AbstractTlsSecret + : TlsSecret + { + protected static byte[] CopyData(AbstractTlsSecret other) + { + return other.CopyData(); + } + + protected byte[] m_data; + + /// Base constructor. + /// the byte[] making up the secret value. + protected AbstractTlsSecret(byte[] data) + { + this.m_data = data; + } + + protected virtual void CheckAlive() + { + if (m_data == null) + throw new InvalidOperationException("Secret has already been extracted or destroyed"); + } + + protected abstract AbstractTlsCrypto Crypto { get; } + + public virtual byte[] CalculateHmac(int cryptoHashAlgorithm, byte[] buf, int off, int len) + { + lock (this) + { + CheckAlive(); + + TlsHmac hmac = Crypto.CreateHmacForHash(cryptoHashAlgorithm); + hmac.SetKey(m_data, 0, m_data.Length); + hmac.Update(buf, off, len); + return hmac.CalculateMac(); + } + } + + public abstract TlsSecret DeriveUsingPrf(int prfAlgorithm, string label, byte[] seed, int length); + + public virtual void Destroy() + { + lock (this) + { + if (m_data != null) + { + // TODO Is there a way to ensure the data is really overwritten? + Array.Clear(m_data, 0, m_data.Length); + this.m_data = null; + } + } + } + + /// + public virtual byte[] Encrypt(TlsEncryptor encryptor) + { + lock (this) + { + CheckAlive(); + + return encryptor.Encrypt(m_data, 0, m_data.Length); + } + } + + public virtual byte[] Extract() + { + lock (this) + { + CheckAlive(); + + byte[] result = m_data; + this.m_data = null; + return result; + } + } + + public abstract TlsSecret HkdfExpand(int cryptoHashAlgorithm, byte[] info, int length); + + public abstract TlsSecret HkdfExtract(int cryptoHashAlgorithm, TlsSecret ikm); + + public virtual bool IsAlive() + { + lock (this) + { + return null != m_data; + } + } + + internal virtual byte[] CopyData() + { + lock (this) + { + return Arrays.Clone(m_data); + } + } + } +} diff --git a/BouncyCastle/crypto/src/tls/crypto/impl/RsaUtilities.cs b/BouncyCastle/crypto/src/tls/crypto/impl/RsaUtilities.cs new file mode 100644 index 0000000..83782a2 --- /dev/null +++ b/BouncyCastle/crypto/src/tls/crypto/impl/RsaUtilities.cs @@ -0,0 +1,136 @@ +using System; +using System.IO; + +using Org.BouncyCastle.Asn1; +using Org.BouncyCastle.Asn1.Nist; +using Org.BouncyCastle.Asn1.Pkcs; +using Org.BouncyCastle.Asn1.X509; +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Tls.Crypto.Impl +{ + public abstract class RsaUtilities + { + private static readonly byte[] RSAPSSParams_256_A, RSAPSSParams_384_A, RSAPSSParams_512_A; + private static readonly byte[] RSAPSSParams_256_B, RSAPSSParams_384_B, RSAPSSParams_512_B; + + static RsaUtilities() + { + /* + * RFC 4055 + */ + + AlgorithmIdentifier sha256Identifier_A = new AlgorithmIdentifier(NistObjectIdentifiers.IdSha256); + AlgorithmIdentifier sha384Identifier_A = new AlgorithmIdentifier(NistObjectIdentifiers.IdSha384); + AlgorithmIdentifier sha512Identifier_A = new AlgorithmIdentifier(NistObjectIdentifiers.IdSha512); + AlgorithmIdentifier sha256Identifier_B = new AlgorithmIdentifier(NistObjectIdentifiers.IdSha256, DerNull.Instance); + AlgorithmIdentifier sha384Identifier_B = new AlgorithmIdentifier(NistObjectIdentifiers.IdSha384, DerNull.Instance); + AlgorithmIdentifier sha512Identifier_B = new AlgorithmIdentifier(NistObjectIdentifiers.IdSha512, DerNull.Instance); + + AlgorithmIdentifier mgf1SHA256Identifier_A = new AlgorithmIdentifier(PkcsObjectIdentifiers.IdMgf1, sha256Identifier_A); + AlgorithmIdentifier mgf1SHA384Identifier_A = new AlgorithmIdentifier(PkcsObjectIdentifiers.IdMgf1, sha384Identifier_A); + AlgorithmIdentifier mgf1SHA512Identifier_A = new AlgorithmIdentifier(PkcsObjectIdentifiers.IdMgf1, sha512Identifier_A); + AlgorithmIdentifier mgf1SHA256Identifier_B = new AlgorithmIdentifier(PkcsObjectIdentifiers.IdMgf1, sha256Identifier_B); + AlgorithmIdentifier mgf1SHA384Identifier_B = new AlgorithmIdentifier(PkcsObjectIdentifiers.IdMgf1, sha384Identifier_B); + AlgorithmIdentifier mgf1SHA512Identifier_B = new AlgorithmIdentifier(PkcsObjectIdentifiers.IdMgf1, sha512Identifier_B); + + DerInteger sha256Size = new DerInteger(TlsCryptoUtilities.GetHashOutputSize(CryptoHashAlgorithm.sha256)); + DerInteger sha384Size = new DerInteger(TlsCryptoUtilities.GetHashOutputSize(CryptoHashAlgorithm.sha384)); + DerInteger sha512Size = new DerInteger(TlsCryptoUtilities.GetHashOutputSize(CryptoHashAlgorithm.sha512)); + + DerInteger trailerField = new DerInteger(1); + + try + { + RSAPSSParams_256_A = new RsassaPssParameters(sha256Identifier_A, mgf1SHA256Identifier_A, sha256Size, trailerField) + .GetEncoded(Asn1Encodable.Der); + RSAPSSParams_384_A = new RsassaPssParameters(sha384Identifier_A, mgf1SHA384Identifier_A, sha384Size, trailerField) + .GetEncoded(Asn1Encodable.Der); + RSAPSSParams_512_A = new RsassaPssParameters(sha512Identifier_A, mgf1SHA512Identifier_A, sha512Size, trailerField) + .GetEncoded(Asn1Encodable.Der); + RSAPSSParams_256_B = new RsassaPssParameters(sha256Identifier_B, mgf1SHA256Identifier_B, sha256Size, trailerField) + .GetEncoded(Asn1Encodable.Der); + RSAPSSParams_384_B = new RsassaPssParameters(sha384Identifier_B, mgf1SHA384Identifier_B, sha384Size, trailerField) + .GetEncoded(Asn1Encodable.Der); + RSAPSSParams_512_B = new RsassaPssParameters(sha512Identifier_B, mgf1SHA512Identifier_B, sha512Size, trailerField) + .GetEncoded(Asn1Encodable.Der); + } + catch (IOException e) + { + throw new InvalidOperationException(e.Message); + } + } + + public static bool SupportsPkcs1(AlgorithmIdentifier pubKeyAlgID) + { + DerObjectIdentifier oid = pubKeyAlgID.Algorithm; + return PkcsObjectIdentifiers.RsaEncryption.Equals(oid) + || X509ObjectIdentifiers.IdEARsa.Equals(oid); + } + + public static bool SupportsPss_Pss(short signatureAlgorithm, AlgorithmIdentifier pubKeyAlgID) + { + DerObjectIdentifier oid = pubKeyAlgID.Algorithm; + if (!PkcsObjectIdentifiers.IdRsassaPss.Equals(oid)) + return false; + + /* + * TODO ASN.1 NULL shouldn't really be allowed here; it's a workaround for e.g. Oracle JDK + * 1.8.0_241, where the X.509 certificate implementation adds the NULL when re-encoding the + * original parameters. It appears it was fixed at some later date (OpenJDK 12.0.2 does not + * have the issue), but not sure exactly when. + */ + Asn1Encodable pssParams = pubKeyAlgID.Parameters; + if (null == pssParams || pssParams is DerNull) + { + switch (signatureAlgorithm) + { + case SignatureAlgorithm.rsa_pss_pss_sha256: + case SignatureAlgorithm.rsa_pss_pss_sha384: + case SignatureAlgorithm.rsa_pss_pss_sha512: + return true; + default: + return false; + } + } + + byte[] encoded; + try + { + encoded = pssParams.ToAsn1Object().GetEncoded(Asn1Encodable.Der); + } + catch (Exception) + { + return false; + } + + byte[] expected_A, expected_B; + switch (signatureAlgorithm) + { + case SignatureAlgorithm.rsa_pss_pss_sha256: + expected_A = RSAPSSParams_256_A; + expected_B = RSAPSSParams_256_B; + break; + case SignatureAlgorithm.rsa_pss_pss_sha384: + expected_A = RSAPSSParams_384_A; + expected_B = RSAPSSParams_384_B; + break; + case SignatureAlgorithm.rsa_pss_pss_sha512: + expected_A = RSAPSSParams_512_A; + expected_B = RSAPSSParams_512_B; + break; + default: + return false; + } + + return Arrays.AreEqual(expected_A, encoded) + || Arrays.AreEqual(expected_B, encoded); + } + + public static bool SupportsPss_Rsae(AlgorithmIdentifier pubKeyAlgID) + { + DerObjectIdentifier oid = pubKeyAlgID.Algorithm; + return PkcsObjectIdentifiers.RsaEncryption.Equals(oid); + } + } +} diff --git a/BouncyCastle/crypto/src/tls/crypto/impl/TlsAeadCipher.cs b/BouncyCastle/crypto/src/tls/crypto/impl/TlsAeadCipher.cs new file mode 100644 index 0000000..ec76e98 --- /dev/null +++ b/BouncyCastle/crypto/src/tls/crypto/impl/TlsAeadCipher.cs @@ -0,0 +1,377 @@ +using System; +using System.IO; + +namespace Org.BouncyCastle.Tls.Crypto.Impl +{ + /// A generic TLS 1.2 AEAD cipher. + public class TlsAeadCipher + : TlsCipher + { + public const int AEAD_CCM = 1; + public const int AEAD_CHACHA20_POLY1305 = 2; + public const int AEAD_GCM = 3; + + private const int NONCE_RFC5288 = 1; + private const int NONCE_RFC7905 = 2; + + protected readonly TlsCryptoParameters m_cryptoParams; + protected readonly int m_keySize; + protected readonly int m_macSize; + protected readonly int m_fixed_iv_length; + protected readonly int m_record_iv_length; + + protected readonly TlsAeadCipherImpl m_decryptCipher, m_encryptCipher; + protected readonly byte[] m_decryptNonce, m_encryptNonce; + + protected readonly bool m_isTlsV13; + protected readonly int m_nonceMode; + + /// + public TlsAeadCipher(TlsCryptoParameters cryptoParams, TlsAeadCipherImpl encryptCipher, + TlsAeadCipherImpl decryptCipher, int keySize, int macSize, int aeadType) + { + SecurityParameters securityParameters = cryptoParams.SecurityParameters; + ProtocolVersion negotiatedVersion = securityParameters.NegotiatedVersion; + + if (!TlsImplUtilities.IsTlsV12(negotiatedVersion)) + throw new TlsFatalAlert(AlertDescription.internal_error); + + this.m_isTlsV13 = TlsImplUtilities.IsTlsV13(negotiatedVersion); + this.m_nonceMode = GetNonceMode(m_isTlsV13, aeadType); + + switch (m_nonceMode) + { + case NONCE_RFC5288: + this.m_fixed_iv_length = 4; + this.m_record_iv_length = 8; + break; + case NONCE_RFC7905: + this.m_fixed_iv_length = 12; + this.m_record_iv_length = 0; + break; + default: + throw new TlsFatalAlert(AlertDescription.internal_error); + } + + this.m_cryptoParams = cryptoParams; + this.m_keySize = keySize; + this.m_macSize = macSize; + + this.m_decryptCipher = decryptCipher; + this.m_encryptCipher = encryptCipher; + + this.m_decryptNonce = new byte[m_fixed_iv_length]; + this.m_encryptNonce = new byte[m_fixed_iv_length]; + + bool isServer = cryptoParams.IsServer; + if (m_isTlsV13) + { + RekeyCipher(securityParameters, decryptCipher, m_decryptNonce, !isServer); + RekeyCipher(securityParameters, encryptCipher, m_encryptNonce, isServer); + return; + } + + int keyBlockSize = (2 * keySize) + (2 * m_fixed_iv_length); + byte[] keyBlock = TlsImplUtilities.CalculateKeyBlock(cryptoParams, keyBlockSize); + int pos = 0; + + if (isServer) + { + decryptCipher.SetKey(keyBlock, pos, keySize); pos += keySize; + encryptCipher.SetKey(keyBlock, pos, keySize); pos += keySize; + + Array.Copy(keyBlock, pos, m_decryptNonce, 0, m_fixed_iv_length); pos += m_fixed_iv_length; + Array.Copy(keyBlock, pos, m_encryptNonce, 0, m_fixed_iv_length); pos += m_fixed_iv_length; + } + else + { + encryptCipher.SetKey(keyBlock, pos, keySize); pos += keySize; + decryptCipher.SetKey(keyBlock, pos, keySize); pos += keySize; + + Array.Copy(keyBlock, pos, m_encryptNonce, 0, m_fixed_iv_length); pos += m_fixed_iv_length; + Array.Copy(keyBlock, pos, m_decryptNonce, 0, m_fixed_iv_length); pos += m_fixed_iv_length; + } + + if (keyBlockSize != pos) + throw new TlsFatalAlert(AlertDescription.internal_error); + + int nonceLength = m_fixed_iv_length + m_record_iv_length; + + // NOTE: Ensure dummy nonce is not part of the generated sequence(s) + byte[] dummyNonce = new byte[nonceLength]; + dummyNonce[0] = (byte)~m_encryptNonce[0]; + dummyNonce[1] = (byte)~m_decryptNonce[1]; + + encryptCipher.Init(dummyNonce, macSize, null); + decryptCipher.Init(dummyNonce, macSize, null); + } + + public virtual int GetCiphertextDecodeLimit(int plaintextLimit) + { + return plaintextLimit + m_macSize + m_record_iv_length + (m_isTlsV13 ? 1 : 0); + } + + public virtual int GetCiphertextEncodeLimit(int plaintextLength, int plaintextLimit) + { + int innerPlaintextLimit = plaintextLength; + if (m_isTlsV13) + { + // TODO[tls13] Add support for padding + int maxPadding = 0; + + innerPlaintextLimit = 1 + System.Math.Min(plaintextLimit, plaintextLength + maxPadding); + } + + return innerPlaintextLimit + m_macSize + m_record_iv_length; + } + + public virtual int GetPlaintextLimit(int ciphertextLimit) + { + return ciphertextLimit - m_macSize - m_record_iv_length - (m_isTlsV13 ? 1 : 0); + } + + public virtual TlsEncodeResult EncodePlaintext(long seqNo, short contentType, ProtocolVersion recordVersion, + int headerAllocation, byte[] plaintext, int plaintextOffset, int plaintextLength) + { + byte[] nonce = new byte[m_encryptNonce.Length + m_record_iv_length]; + + switch (m_nonceMode) + { + case NONCE_RFC5288: + Array.Copy(m_encryptNonce, 0, nonce, 0, m_encryptNonce.Length); + // RFC 5288/6655: The nonce_explicit MAY be the 64-bit sequence number. + TlsUtilities.WriteUint64(seqNo, nonce, m_encryptNonce.Length); + break; + case NONCE_RFC7905: + TlsUtilities.WriteUint64(seqNo, nonce, nonce.Length - 8); + for (int i = 0; i < m_encryptNonce.Length; ++i) + { + nonce[i] ^= m_encryptNonce[i]; + } + break; + default: + throw new TlsFatalAlert(AlertDescription.internal_error); + } + + int extraLength = m_isTlsV13 ? 1 : 0; + + // TODO[tls13] If we support adding padding to TLSInnerPlaintext, this will need review + int encryptionLength = m_encryptCipher.GetOutputSize(plaintextLength + extraLength); + int ciphertextLength = m_record_iv_length + encryptionLength; + + byte[] output = new byte[headerAllocation + ciphertextLength]; + int outputPos = headerAllocation; + + if (m_record_iv_length != 0) + { + Array.Copy(nonce, nonce.Length - m_record_iv_length, output, outputPos, m_record_iv_length); + outputPos += m_record_iv_length; + } + + short recordType = m_isTlsV13 ? ContentType.application_data : contentType; + + byte[] additionalData = GetAdditionalData(seqNo, recordType, recordVersion, ciphertextLength, + plaintextLength); + + try + { + m_encryptCipher.Init(nonce, m_macSize, additionalData); + + Array.Copy(plaintext, plaintextOffset, output, outputPos, plaintextLength); + if (m_isTlsV13) + { + output[outputPos + plaintextLength] = (byte)contentType; + } + + outputPos += m_encryptCipher.DoFinal(output, outputPos, plaintextLength + extraLength, output, + outputPos); + } + catch (IOException e) + { + throw e; + } + catch (Exception e) + { + throw new TlsFatalAlert(AlertDescription.internal_error, e); + } + + if (outputPos != output.Length) + { + // NOTE: The additional data mechanism for AEAD ciphers requires exact output size prediction. + throw new TlsFatalAlert(AlertDescription.internal_error); + } + + return new TlsEncodeResult(output, 0, output.Length, recordType); + } + + public virtual TlsDecodeResult DecodeCiphertext(long seqNo, short recordType, ProtocolVersion recordVersion, + byte[] ciphertext, int ciphertextOffset, int ciphertextLength) + { + if (GetPlaintextLimit(ciphertextLength) < 0) + throw new TlsFatalAlert(AlertDescription.decode_error); + + byte[] nonce = new byte[m_decryptNonce.Length + m_record_iv_length]; + + switch (m_nonceMode) + { + case NONCE_RFC5288: + Array.Copy(m_decryptNonce, 0, nonce, 0, m_decryptNonce.Length); + Array.Copy(ciphertext, ciphertextOffset, nonce, nonce.Length - m_record_iv_length, + m_record_iv_length); + break; + case NONCE_RFC7905: + TlsUtilities.WriteUint64(seqNo, nonce, nonce.Length - 8); + for (int i = 0; i < m_decryptNonce.Length; ++i) + { + nonce[i] ^= m_decryptNonce[i]; + } + break; + default: + throw new TlsFatalAlert(AlertDescription.internal_error); + } + + int encryptionOffset = ciphertextOffset + m_record_iv_length; + int encryptionLength = ciphertextLength - m_record_iv_length; + int plaintextLength = m_decryptCipher.GetOutputSize(encryptionLength); + + byte[] additionalData = GetAdditionalData(seqNo, recordType, recordVersion, ciphertextLength, + plaintextLength); + + int outputPos; + try + { + m_decryptCipher.Init(nonce, m_macSize, additionalData); + outputPos = m_decryptCipher.DoFinal(ciphertext, encryptionOffset, encryptionLength, ciphertext, + encryptionOffset); + } + catch (IOException e) + { + throw e; + } + catch (Exception e) + { + throw new TlsFatalAlert(AlertDescription.bad_record_mac, e); + } + + if (outputPos != plaintextLength) + { + // NOTE: The additional data mechanism for AEAD ciphers requires exact output size prediction. + throw new TlsFatalAlert(AlertDescription.internal_error); + } + + short contentType = recordType; + if (m_isTlsV13) + { + // Strip padding and read true content type from TLSInnerPlaintext + int pos = plaintextLength; + for (;;) + { + if (--pos < 0) + throw new TlsFatalAlert(AlertDescription.unexpected_message); + + byte octet = ciphertext[encryptionOffset + pos]; + if (0 != octet) + { + contentType = (short)(octet & 0xFF); + plaintextLength = pos; + break; + } + } + } + + return new TlsDecodeResult(ciphertext, encryptionOffset, plaintextLength, contentType); + } + + public virtual void RekeyDecoder() + { + RekeyCipher(m_cryptoParams.SecurityParameters, m_decryptCipher, m_decryptNonce, !m_cryptoParams.IsServer); + } + + public virtual void RekeyEncoder() + { + RekeyCipher(m_cryptoParams.SecurityParameters, m_encryptCipher, m_encryptNonce, m_cryptoParams.IsServer); + } + + public virtual bool UsesOpaqueRecordType + { + get { return m_isTlsV13; } + } + + protected virtual byte[] GetAdditionalData(long seqNo, short recordType, ProtocolVersion recordVersion, + int ciphertextLength, int plaintextLength) + { + if (m_isTlsV13) + { + /* + * TLSCiphertext.opaque_type || TLSCiphertext.legacy_record_version || TLSCiphertext.length + */ + byte[] additional_data = new byte[5]; + TlsUtilities.WriteUint8(recordType, additional_data, 0); + TlsUtilities.WriteVersion(recordVersion, additional_data, 1); + TlsUtilities.WriteUint16(ciphertextLength, additional_data, 3); + return additional_data; + } + else + { + /* + * seq_num + TLSCompressed.type + TLSCompressed.version + TLSCompressed.length + */ + byte[] additional_data = new byte[13]; + TlsUtilities.WriteUint64(seqNo, additional_data, 0); + TlsUtilities.WriteUint8(recordType, additional_data, 8); + TlsUtilities.WriteVersion(recordVersion, additional_data, 9); + TlsUtilities.WriteUint16(plaintextLength, additional_data, 11); + return additional_data; + } + } + + protected virtual void RekeyCipher(SecurityParameters securityParameters, TlsAeadCipherImpl cipher, + byte[] nonce, bool serverSecret) + { + if (!m_isTlsV13) + throw new TlsFatalAlert(AlertDescription.internal_error); + + TlsSecret secret = serverSecret + ? securityParameters.TrafficSecretServer + : securityParameters.TrafficSecretClient; + + // TODO[tls13] For early data, have to disable server->client + if (null == secret) + throw new TlsFatalAlert(AlertDescription.internal_error); + + Setup13Cipher(cipher, nonce, secret, securityParameters.PrfCryptoHashAlgorithm); + } + + protected virtual void Setup13Cipher(TlsAeadCipherImpl cipher, byte[] nonce, TlsSecret secret, + int cryptoHashAlgorithm) + { + byte[] key = TlsCryptoUtilities.HkdfExpandLabel(secret, cryptoHashAlgorithm, "key", + TlsUtilities.EmptyBytes, m_keySize).Extract(); + byte[] iv = TlsCryptoUtilities.HkdfExpandLabel(secret, cryptoHashAlgorithm, "iv", TlsUtilities.EmptyBytes, + m_fixed_iv_length).Extract(); + + cipher.SetKey(key, 0, m_keySize); + Array.Copy(iv, 0, nonce, 0, m_fixed_iv_length); + + // NOTE: Ensure dummy nonce is not part of the generated sequence(s) + iv [0] ^= 0x80; + cipher.Init(iv, m_macSize, null); + } + + private static int GetNonceMode(bool isTLSv13, int aeadType) + { + switch (aeadType) + { + case AEAD_CCM: + case AEAD_GCM: + return isTLSv13 ? NONCE_RFC7905 : NONCE_RFC5288; + + case AEAD_CHACHA20_POLY1305: + return NONCE_RFC7905; + + default: + throw new TlsFatalAlert(AlertDescription.internal_error); + } + } + } +} diff --git a/BouncyCastle/crypto/src/tls/crypto/impl/TlsAeadCipherImpl.cs b/BouncyCastle/crypto/src/tls/crypto/impl/TlsAeadCipherImpl.cs new file mode 100644 index 0000000..44e6fda --- /dev/null +++ b/BouncyCastle/crypto/src/tls/crypto/impl/TlsAeadCipherImpl.cs @@ -0,0 +1,41 @@ +using System; +using System.IO; + +namespace Org.BouncyCastle.Tls.Crypto.Impl +{ + /// Base interface for services supporting AEAD encryption/decryption. + public interface TlsAeadCipherImpl + { + /// Set the key to be used by the AEAD cipher implementation supporting this service. + /// array holding the AEAD cipher key. + /// offset into the array the key starts at. + /// length of the key in the array. + /// + void SetKey(byte[] key, int keyOff, int keyLen); + + /// Initialise the parameters for the AEAD operator. + /// the nonce. + /// MAC size in bytes. + /// any additional data to be included in the MAC calculation. + /// if the parameters are inappropriate. + void Init(byte[] nonce, int macSize, byte[] additionalData); + + /// Return the maximum size of the output for input of inputLength bytes. + /// the length (in bytes) of the proposed input. + /// the maximum size of the output. + int GetOutputSize(int inputLength); + + /// Perform the cipher encryption/decryption returning the output in output. + /// + /// Note: we have to use DoFinal() here as it is the only way to guarantee output from the underlying cipher. + /// + /// array holding input data to the cipher. + /// offset into input array data starts at. + /// length of the input data in the array. + /// array to hold the cipher output. + /// offset into output array to start saving output. + /// the amount of data written to output. + /// in case of failure. + int DoFinal(byte[] input, int inputOffset, int inputLength, byte[] output, int outputOffset); + } +} diff --git a/BouncyCastle/crypto/src/tls/crypto/impl/TlsBlockCipher.cs b/BouncyCastle/crypto/src/tls/crypto/impl/TlsBlockCipher.cs new file mode 100644 index 0000000..64cfc75 --- /dev/null +++ b/BouncyCastle/crypto/src/tls/crypto/impl/TlsBlockCipher.cs @@ -0,0 +1,423 @@ +using System; +using System.IO; + +using Org.BouncyCastle.Crypto.Utilities; +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Tls.Crypto.Impl +{ + /// A generic TLS 1.0-1.2 block cipher. This can be used for AES or 3DES for example. + public class TlsBlockCipher + : TlsCipher + { + protected readonly TlsCryptoParameters m_cryptoParams; + protected readonly byte[] m_randomData; + protected readonly bool m_encryptThenMac; + protected readonly bool m_useExplicitIV; + protected readonly bool m_acceptExtraPadding; + protected readonly bool m_useExtraPadding; + + protected readonly TlsBlockCipherImpl m_decryptCipher, m_encryptCipher; + protected readonly TlsSuiteMac m_readMac, m_writeMac; + + /// + public TlsBlockCipher(TlsCryptoParameters cryptoParams, TlsBlockCipherImpl encryptCipher, + TlsBlockCipherImpl decryptCipher, TlsHmac clientMac, TlsHmac serverMac, int cipherKeySize) + { + SecurityParameters securityParameters = cryptoParams.SecurityParameters; + ProtocolVersion negotiatedVersion = securityParameters.NegotiatedVersion; + + if (TlsImplUtilities.IsTlsV13(negotiatedVersion)) + throw new TlsFatalAlert(AlertDescription.internal_error); + + this.m_cryptoParams = cryptoParams; + this.m_randomData = cryptoParams.NonceGenerator.GenerateNonce(256); + + this.m_encryptThenMac = securityParameters.IsEncryptThenMac; + this.m_useExplicitIV = TlsImplUtilities.IsTlsV11(negotiatedVersion); + + this.m_acceptExtraPadding = !negotiatedVersion.IsSsl; + + /* + * Don't use variable-length padding with truncated MACs. + * + * See "Tag Size Does Matter: Attacks and Proofs for the TLS Record Protocol", Paterson, + * Ristenpart, Shrimpton. + * + * TODO[DTLS] Consider supporting in DTLS (without exceeding send limit though) + */ + this.m_useExtraPadding = securityParameters.IsExtendedPadding + && ProtocolVersion.TLSv10.IsEqualOrEarlierVersionOf(negotiatedVersion) + && (m_encryptThenMac || !securityParameters.IsTruncatedHmac); + + this.m_encryptCipher = encryptCipher; + this.m_decryptCipher = decryptCipher; + + TlsBlockCipherImpl clientCipher, serverCipher; + if (cryptoParams.IsServer) + { + clientCipher = decryptCipher; + serverCipher = encryptCipher; + } + else + { + clientCipher = encryptCipher; + serverCipher = decryptCipher; + } + + int key_block_size = (2 * cipherKeySize) + clientMac.MacLength + serverMac.MacLength; + + // From TLS 1.1 onwards, block ciphers don't need IVs from the key_block + if (!m_useExplicitIV) + { + key_block_size += clientCipher.GetBlockSize() + serverCipher.GetBlockSize(); + } + + byte[] key_block = TlsImplUtilities.CalculateKeyBlock(cryptoParams, key_block_size); + + int offset = 0; + + clientMac.SetKey(key_block, offset, clientMac.MacLength); + offset += clientMac.MacLength; + serverMac.SetKey(key_block, offset, serverMac.MacLength); + offset += serverMac.MacLength; + + clientCipher.SetKey(key_block, offset, cipherKeySize); + offset += cipherKeySize; + serverCipher.SetKey(key_block, offset, cipherKeySize); + offset += cipherKeySize; + + int clientIVLength = clientCipher.GetBlockSize(); + int serverIVLength = serverCipher.GetBlockSize(); + + if (m_useExplicitIV) + { + clientCipher.Init(new byte[clientIVLength], 0, clientIVLength); + serverCipher.Init(new byte[serverIVLength], 0, serverIVLength); + } + else + { + clientCipher.Init(key_block, offset, clientIVLength); + offset += clientIVLength; + serverCipher.Init(key_block, offset, serverIVLength); + offset += serverIVLength; + } + + if (offset != key_block_size) + throw new TlsFatalAlert(AlertDescription.internal_error); + + if (cryptoParams.IsServer) + { + this.m_writeMac = new TlsSuiteHmac(cryptoParams, serverMac); + this.m_readMac = new TlsSuiteHmac(cryptoParams, clientMac); + } + else + { + this.m_writeMac = new TlsSuiteHmac(cryptoParams, clientMac); + this.m_readMac = new TlsSuiteHmac(cryptoParams, serverMac); + } + } + + public virtual int GetCiphertextDecodeLimit(int plaintextLimit) + { + int blockSize = m_decryptCipher.GetBlockSize(); + int macSize = m_readMac.Size; + int maxPadding = 256; + + return GetCiphertextLength(blockSize, macSize, maxPadding, plaintextLimit); + } + + public virtual int GetCiphertextEncodeLimit(int plaintextLength, int plaintextLimit) + { + int blockSize = m_encryptCipher.GetBlockSize(); + int macSize = m_writeMac.Size; + int maxPadding = m_useExtraPadding ? 256 : blockSize; + + return GetCiphertextLength(blockSize, macSize, maxPadding, plaintextLength); + } + + public virtual int GetPlaintextLimit(int ciphertextLimit) + { + int blockSize = m_encryptCipher.GetBlockSize(); + int macSize = m_writeMac.Size; + + int plaintextLimit = ciphertextLimit; + + // Leave room for the MAC, and require block-alignment + if (m_encryptThenMac) + { + plaintextLimit -= macSize; + plaintextLimit -= plaintextLimit % blockSize; + } + else + { + plaintextLimit -= plaintextLimit % blockSize; + plaintextLimit -= macSize; + } + + // Minimum 1 byte of padding + --plaintextLimit; + + // An explicit IV consumes 1 block + if (m_useExplicitIV) + { + plaintextLimit -= blockSize; + } + + return plaintextLimit; + } + + public virtual TlsEncodeResult EncodePlaintext(long seqNo, short contentType, ProtocolVersion recordVersion, + int headerAllocation, byte[] plaintext, int offset, int len) + { + int blockSize = m_encryptCipher.GetBlockSize(); + int macSize = m_writeMac.Size; + + int enc_input_length = len; + if (!m_encryptThenMac) + { + enc_input_length += macSize; + } + + int padding_length = blockSize - (enc_input_length % blockSize); + if (m_useExtraPadding) + { + // Add a random number of extra blocks worth of padding + int maxExtraPadBlocks = (256 - padding_length) / blockSize; + int actualExtraPadBlocks = ChooseExtraPadBlocks(maxExtraPadBlocks); + padding_length += actualExtraPadBlocks * blockSize; + } + + int totalSize = len + macSize + padding_length; + if (m_useExplicitIV) + { + totalSize += blockSize; + } + + byte[] outBuf = new byte[headerAllocation + totalSize]; + int outOff = headerAllocation; + + if (m_useExplicitIV) + { + // Technically the explicit IV will be the encryption of this nonce + byte[] explicitIV = m_cryptoParams.NonceGenerator.GenerateNonce(blockSize); + Array.Copy(explicitIV, 0, outBuf, outOff, blockSize); + outOff += blockSize; + } + + Array.Copy(plaintext, offset, outBuf, outOff, len); + outOff += len; + + if (!m_encryptThenMac) + { + byte[] mac = m_writeMac.CalculateMac(seqNo, contentType, plaintext, offset, len); + Array.Copy(mac, 0, outBuf, outOff, mac.Length); + outOff += mac.Length; + } + + byte padByte = (byte)(padding_length - 1); + for (int i = 0; i < padding_length; ++i) + { + outBuf[outOff++] = padByte; + } + + m_encryptCipher.DoFinal(outBuf, headerAllocation, outOff - headerAllocation, outBuf, headerAllocation); + + if (m_encryptThenMac) + { + byte[] mac = m_writeMac.CalculateMac(seqNo, contentType, outBuf, headerAllocation, + outOff - headerAllocation); + Array.Copy(mac, 0, outBuf, outOff, mac.Length); + outOff += mac.Length; + } + + if (outOff != outBuf.Length) + throw new TlsFatalAlert(AlertDescription.internal_error); + + return new TlsEncodeResult(outBuf, 0, outBuf.Length, contentType); + } + + public virtual TlsDecodeResult DecodeCiphertext(long seqNo, short recordType, ProtocolVersion recordVersion, + byte[] ciphertext, int offset, int len) + { + int blockSize = m_decryptCipher.GetBlockSize(); + int macSize = m_readMac.Size; + + int minLen = blockSize; + if (m_encryptThenMac) + { + minLen += macSize; + } + else + { + minLen = System.Math.Max(minLen, macSize + 1); + } + + if (m_useExplicitIV) + { + minLen += blockSize; + } + + if (len < minLen) + throw new TlsFatalAlert(AlertDescription.decode_error); + + int blocks_length = len; + if (m_encryptThenMac) + { + blocks_length -= macSize; + } + + if (blocks_length % blockSize != 0) + throw new TlsFatalAlert(AlertDescription.decryption_failed); + + if (m_encryptThenMac) + { + byte[] expectedMac = m_readMac.CalculateMac(seqNo, recordType, ciphertext, offset, len - macSize); + + bool checkMac = TlsUtilities.ConstantTimeAreEqual(macSize, expectedMac, 0, ciphertext, + offset + len - macSize); + if (!checkMac) + { + /* + * RFC 7366 3. The MAC SHALL be evaluated before any further processing such as + * decryption is performed, and if the MAC verification fails, then processing SHALL + * terminate immediately. For TLS, a fatal bad_record_mac MUST be generated [2]. For + * DTLS, the record MUST be discarded, and a fatal bad_record_mac MAY be generated + * [4]. This immediate response to a bad MAC eliminates any timing channels that may + * be available through the use of manipulated packet data. + */ + throw new TlsFatalAlert(AlertDescription.bad_record_mac); + } + } + + m_decryptCipher.DoFinal(ciphertext, offset, blocks_length, ciphertext, offset); + + if (m_useExplicitIV) + { + offset += blockSize; + blocks_length -= blockSize; + } + + // If there's anything wrong with the padding, this will return zero + int totalPad = CheckPaddingConstantTime(ciphertext, offset, blocks_length, blockSize, + m_encryptThenMac ? 0 : macSize); + bool badMac = (totalPad == 0); + + int dec_output_length = blocks_length - totalPad; + + if (!m_encryptThenMac) + { + dec_output_length -= macSize; + + byte[] expectedMac = m_readMac.CalculateMacConstantTime(seqNo, recordType, ciphertext, offset, + dec_output_length, blocks_length - macSize, m_randomData); + + badMac |= !TlsUtilities.ConstantTimeAreEqual(macSize, expectedMac, 0, ciphertext, + offset + dec_output_length); + } + + if (badMac) + throw new TlsFatalAlert(AlertDescription.bad_record_mac); + + return new TlsDecodeResult(ciphertext, offset, dec_output_length, recordType); + } + + public virtual void RekeyDecoder() + { + throw new TlsFatalAlert(AlertDescription.internal_error); + } + + public virtual void RekeyEncoder() + { + throw new TlsFatalAlert(AlertDescription.internal_error); + } + + public virtual bool UsesOpaqueRecordType + { + get { return false; } + } + + protected virtual int CheckPaddingConstantTime(byte[] buf, int off, int len, int blockSize, int macSize) + { + int end = off + len; + byte lastByte = buf[end - 1]; + int padlen = lastByte & 0xff; + int totalPad = padlen + 1; + + int dummyIndex = 0; + byte padDiff = 0; + + int totalPadLimit = System.Math.Min(m_acceptExtraPadding ? 256 : blockSize, len - macSize); + + if (totalPad > totalPadLimit) + { + totalPad = 0; + } + else + { + int padPos = end - totalPad; + do + { + padDiff |= (byte)(buf[padPos++] ^ lastByte); + } + while (padPos < end); + + dummyIndex = totalPad; + + if (padDiff != 0) + { + totalPad = 0; + } + } + + // Run some extra dummy checks so the number of checks is always constant + { + byte[] dummyPad = m_randomData; + while (dummyIndex < 256) + { + padDiff |= (byte)(dummyPad[dummyIndex++] ^ lastByte); + } + // Ensure the above loop is not eliminated + dummyPad[0] ^= padDiff; + } + + return totalPad; + } + + protected virtual int ChooseExtraPadBlocks(int max) + { + byte[] random = m_cryptoParams.NonceGenerator.GenerateNonce(4); + int x = (int)Pack.LE_To_UInt32(random, 0); + int n = Integers.NumberOfTrailingZeros(x); + return System.Math.Min(n, max); + } + + protected virtual int GetCiphertextLength(int blockSize, int macSize, int maxPadding, int plaintextLength) + { + int ciphertextLength = plaintextLength; + + // An explicit IV consumes 1 block + if (m_useExplicitIV) + { + ciphertextLength += blockSize; + } + + // Leave room for the MAC and (block-aligning) padding + + ciphertextLength += maxPadding; + + if (m_encryptThenMac) + { + ciphertextLength -= (ciphertextLength % blockSize); + ciphertextLength += macSize; + } + else + { + ciphertextLength += macSize; + ciphertextLength -= (ciphertextLength % blockSize); + } + + return ciphertextLength; + } + } +} diff --git a/BouncyCastle/crypto/src/tls/crypto/impl/TlsBlockCipherImpl.cs b/BouncyCastle/crypto/src/tls/crypto/impl/TlsBlockCipherImpl.cs new file mode 100644 index 0000000..7df2ed7 --- /dev/null +++ b/BouncyCastle/crypto/src/tls/crypto/impl/TlsBlockCipherImpl.cs @@ -0,0 +1,40 @@ +using System; +using System.IO; + +namespace Org.BouncyCastle.Tls.Crypto.Impl +{ + /// Interface for block cipher services. + public interface TlsBlockCipherImpl + { + /// Set the key to be used by the block cipher implementation supporting this service. + /// array holding the block cipher key. + /// offset into the array the key starts at. + /// length of the key in the array. + /// + void SetKey(byte[] key, int keyOff, int keyLen); + + /// Initialise the parameters for operator. + /// array holding the initialization vector (IV). + /// offset into the array the IV starts at. + /// length of the IV in the array. + /// if the parameters are inappropriate. + void Init(byte[] iv, int ivOff, int ivLen); + + /// Perform the cipher encryption/decryption returning the output in output. + /// + /// Note: we have to use DoFinal() here as it is the only way to guarantee output from the underlying cipher. + /// + /// array holding input data to the cipher. + /// offset into input array data starts at. + /// length of the input data in the array. + /// array to hold the cipher output. + /// offset into output array to start saving output. + /// the amount of data written to output. + /// in case of failure. + int DoFinal(byte[] input, int inputOffset, int inputLength, byte[] output, int outputOffset); + + /// Return the blocksize (in bytes) of the underlying block cipher. + /// the cipher's blocksize. + int GetBlockSize(); + } +} diff --git a/BouncyCastle/crypto/src/tls/crypto/impl/TlsImplUtilities.cs b/BouncyCastle/crypto/src/tls/crypto/impl/TlsImplUtilities.cs new file mode 100644 index 0000000..dc5a962 --- /dev/null +++ b/BouncyCastle/crypto/src/tls/crypto/impl/TlsImplUtilities.cs @@ -0,0 +1,64 @@ +using System; + +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Tls.Crypto.Impl +{ + /// Useful utility methods. + public abstract class TlsImplUtilities + { + public static bool IsSsl(TlsCryptoParameters cryptoParams) + { + return cryptoParams.ServerVersion.IsSsl; + } + + public static bool IsTlsV10(ProtocolVersion version) + { + return ProtocolVersion.TLSv10.IsEqualOrEarlierVersionOf(version.GetEquivalentTlsVersion()); + } + + public static bool IsTlsV10(TlsCryptoParameters cryptoParams) + { + return IsTlsV10(cryptoParams.ServerVersion); + } + + public static bool IsTlsV11(ProtocolVersion version) + { + return ProtocolVersion.TLSv11.IsEqualOrEarlierVersionOf(version.GetEquivalentTlsVersion()); + } + + public static bool IsTlsV11(TlsCryptoParameters cryptoParams) + { + return IsTlsV11(cryptoParams.ServerVersion); + } + + public static bool IsTlsV12(ProtocolVersion version) + { + return ProtocolVersion.TLSv12.IsEqualOrEarlierVersionOf(version.GetEquivalentTlsVersion()); + } + + public static bool IsTlsV12(TlsCryptoParameters cryptoParams) + { + return IsTlsV12(cryptoParams.ServerVersion); + } + + public static bool IsTlsV13(ProtocolVersion version) + { + return ProtocolVersion.TLSv13.IsEqualOrEarlierVersionOf(version.GetEquivalentTlsVersion()); + } + + public static bool IsTlsV13(TlsCryptoParameters cryptoParams) + { + return IsTlsV13(cryptoParams.ServerVersion); + } + + public static byte[] CalculateKeyBlock(TlsCryptoParameters cryptoParams, int length) + { + SecurityParameters securityParameters = cryptoParams.SecurityParameters; + TlsSecret master_secret = securityParameters.MasterSecret; + int prfAlgorithm = securityParameters.PrfAlgorithm; + byte[] seed = Arrays.Concatenate(securityParameters.ServerRandom, securityParameters.ClientRandom); + return master_secret.DeriveUsingPrf(prfAlgorithm, ExporterLabel.key_expansion, seed, length).Extract(); + } + } +} diff --git a/BouncyCastle/crypto/src/tls/crypto/impl/TlsNullCipher.cs b/BouncyCastle/crypto/src/tls/crypto/impl/TlsNullCipher.cs new file mode 100644 index 0000000..3ca4951 --- /dev/null +++ b/BouncyCastle/crypto/src/tls/crypto/impl/TlsNullCipher.cs @@ -0,0 +1,104 @@ +using System; +using System.IO; + +namespace Org.BouncyCastle.Tls.Crypto.Impl +{ + /// The NULL cipher. + public class TlsNullCipher + : TlsCipher + { + protected readonly TlsCryptoParameters m_cryptoParams; + protected readonly TlsSuiteHmac m_readMac, m_writeMac; + + /// + public TlsNullCipher(TlsCryptoParameters cryptoParams, TlsHmac clientMac, TlsHmac serverMac) + { + if (TlsImplUtilities.IsTlsV13(cryptoParams)) + throw new TlsFatalAlert(AlertDescription.internal_error); + + this.m_cryptoParams = cryptoParams; + + int key_block_size = clientMac.MacLength + serverMac.MacLength; + byte[] key_block = TlsImplUtilities.CalculateKeyBlock(cryptoParams, key_block_size); + + int offset = 0; + + clientMac.SetKey(key_block, offset, clientMac.MacLength); + offset += clientMac.MacLength; + serverMac.SetKey(key_block, offset, serverMac.MacLength); + offset += serverMac.MacLength; + + if (offset != key_block_size) + throw new TlsFatalAlert(AlertDescription.internal_error); + + if (cryptoParams.IsServer) + { + this.m_writeMac = new TlsSuiteHmac(cryptoParams, serverMac); + this.m_readMac = new TlsSuiteHmac(cryptoParams, clientMac); + } + else + { + this.m_writeMac = new TlsSuiteHmac(cryptoParams, clientMac); + this.m_readMac = new TlsSuiteHmac(cryptoParams, serverMac); + } + } + + public virtual int GetCiphertextDecodeLimit(int plaintextLimit) + { + return plaintextLimit + m_writeMac.Size; + } + + public virtual int GetCiphertextEncodeLimit(int plaintextLength, int plaintextLimit) + { + return plaintextLength + m_writeMac.Size; + } + + public virtual int GetPlaintextLimit(int ciphertextLimit) + { + return ciphertextLimit - m_writeMac.Size; + } + + public virtual TlsEncodeResult EncodePlaintext(long seqNo, short contentType, ProtocolVersion recordVersion, + int headerAllocation, byte[] plaintext, int offset, int len) + { + byte[] mac = m_writeMac.CalculateMac(seqNo, contentType, plaintext, offset, len); + byte[] ciphertext = new byte[headerAllocation + len + mac.Length]; + Array.Copy(plaintext, offset, ciphertext, headerAllocation, len); + Array.Copy(mac, 0, ciphertext, headerAllocation + len, mac.Length); + return new TlsEncodeResult(ciphertext, 0, ciphertext.Length, contentType); + } + + public virtual TlsDecodeResult DecodeCiphertext(long seqNo, short recordType, ProtocolVersion recordVersion, + byte[] ciphertext, int offset, int len) + { + int macSize = m_readMac.Size; + if (len < macSize) + throw new TlsFatalAlert(AlertDescription.decode_error); + + int macInputLen = len - macSize; + + byte[] expectedMac = m_readMac.CalculateMac(seqNo, recordType, ciphertext, offset, macInputLen); + + bool badMac = !TlsUtilities.ConstantTimeAreEqual(macSize, expectedMac, 0, ciphertext, offset + macInputLen); + if (badMac) + throw new TlsFatalAlert(AlertDescription.bad_record_mac); + + return new TlsDecodeResult(ciphertext, offset, macInputLen, recordType); + } + + public virtual void RekeyDecoder() + { + throw new TlsFatalAlert(AlertDescription.internal_error); + } + + public virtual void RekeyEncoder() + { + throw new TlsFatalAlert(AlertDescription.internal_error); + } + + public virtual bool UsesOpaqueRecordType + { + get { return false; } + } + } +} diff --git a/BouncyCastle/crypto/src/tls/crypto/impl/TlsSuiteHmac.cs b/BouncyCastle/crypto/src/tls/crypto/impl/TlsSuiteHmac.cs new file mode 100644 index 0000000..9f43f43 --- /dev/null +++ b/BouncyCastle/crypto/src/tls/crypto/impl/TlsSuiteHmac.cs @@ -0,0 +1,121 @@ +using System; + +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Tls.Crypto.Impl +{ + /// A generic TLS MAC implementation, acting as an HMAC based on some underlying Digest. + public class TlsSuiteHmac + : TlsSuiteMac + { + protected static int GetMacSize(TlsCryptoParameters cryptoParams, TlsMac mac) + { + int macSize = mac.MacLength; + if (cryptoParams.SecurityParameters.IsTruncatedHmac) + { + macSize = System.Math.Min(macSize, 10); + } + return macSize; + } + + protected readonly TlsCryptoParameters m_cryptoParams; + protected readonly TlsHmac m_mac; + protected readonly int m_digestBlockSize; + protected readonly int m_digestOverhead; + protected readonly int m_macSize; + + /// Generate a new instance of a TlsMac. + /// the TLS client context specific crypto parameters. + /// The MAC to use. + public TlsSuiteHmac(TlsCryptoParameters cryptoParams, TlsHmac mac) + { + this.m_cryptoParams = cryptoParams; + this.m_mac = mac; + this.m_macSize = GetMacSize(cryptoParams, mac); + this.m_digestBlockSize = mac.InternalBlockSize; + + // TODO This should check the actual algorithm, not assume based on the digest size + if (TlsImplUtilities.IsSsl(cryptoParams) && mac.MacLength == 20) + { + /* + * NOTE: For the SSL 3.0 MAC with SHA-1, the secret + input pad is not block-aligned. + */ + this.m_digestOverhead = 4; + } + else + { + this.m_digestOverhead = m_digestBlockSize / 8; + } + } + + public virtual int Size + { + get { return m_macSize; } + } + + public virtual byte[] CalculateMac(long seqNo, short type, byte[] msg, int msgOff, int msgLen) + { + ProtocolVersion serverVersion = m_cryptoParams.ServerVersion; + bool isSsl = serverVersion.IsSsl; + + byte[] macHeader = new byte[isSsl ? 11 : 13]; + TlsUtilities.WriteUint64(seqNo, macHeader, 0); + TlsUtilities.WriteUint8(type, macHeader, 8); + if (!isSsl) + { + TlsUtilities.WriteVersion(serverVersion, macHeader, 9); + } + TlsUtilities.WriteUint16(msgLen, macHeader, macHeader.Length - 2); + + m_mac.Update(macHeader, 0, macHeader.Length); + m_mac.Update(msg, msgOff, msgLen); + + return Truncate(m_mac.CalculateMac()); + } + + public virtual byte[] CalculateMacConstantTime(long seqNo, short type, byte[] msg, int msgOff, int msgLen, + int fullLength, byte[] dummyData) + { + /* + * Actual MAC only calculated on 'length' bytes... + */ + byte[] result = CalculateMac(seqNo, type, msg, msgOff, msgLen); + + /* + * ...but ensure a constant number of complete digest blocks are processed (as many as would + * be needed for 'fullLength' bytes of input). + */ + int headerLength = TlsImplUtilities.IsSsl(m_cryptoParams) ? 11 : 13; + + // How many extra full blocks do we need to calculate? + int extra = GetDigestBlockCount(headerLength + fullLength) - GetDigestBlockCount(headerLength + msgLen); + + while (--extra >= 0) + { + m_mac.Update(dummyData, 0, m_digestBlockSize); + } + + // One more byte in case the implementation is "lazy" about processing blocks + m_mac.Update(dummyData, 0, 1); + m_mac.Reset(); + + return result; + } + + protected virtual int GetDigestBlockCount(int inputLength) + { + // NOTE: The input pad for HMAC is always a full digest block + + // NOTE: This calculation assumes a minimum of 1 pad byte + return (inputLength + m_digestOverhead) / m_digestBlockSize; + } + + protected virtual byte[] Truncate(byte[] bs) + { + if (bs.Length <= m_macSize) + return bs; + + return Arrays.CopyOf(bs, m_macSize); + } + } +} diff --git a/BouncyCastle/crypto/src/tls/crypto/impl/TlsSuiteMac.cs b/BouncyCastle/crypto/src/tls/crypto/impl/TlsSuiteMac.cs new file mode 100644 index 0000000..6e49429 --- /dev/null +++ b/BouncyCastle/crypto/src/tls/crypto/impl/TlsSuiteMac.cs @@ -0,0 +1,33 @@ +using System; + +namespace Org.BouncyCastle.Tls.Crypto.Impl +{ + /// Base interface for a generic TLS MAC implementation for use with a bulk cipher. + public interface TlsSuiteMac + { + /// Return the output length (in bytes) of this MAC. + /// The output length of this MAC. + int Size { get; } + + /// Calculate the MAC for some given data. + /// The sequence number of the record. + /// The content type of the message. + /// A byte array containing the message. + /// The number of bytes to skip, before the message starts. + /// The length of the message. + /// A new byte array containing the MAC value. + byte[] CalculateMac(long seqNo, short type, byte[] message, int offset, int length); + + /// Constant time calculation of the MAC for some given data with a given expected length. + /// The sequence number of the record. + /// The content type of the message. + /// A byte array containing the message. + /// The number of bytes to skip, before the message starts. + /// The length of the message. + /// The expected length of the full message. + /// Random data for padding out the MAC calculation if required. + /// A new byte array containing the MAC value. + byte[] CalculateMacConstantTime(long seqNo, short type, byte[] message, int offset, int length, + int expectedLength, byte[] randomData); + } +} diff --git a/BouncyCastle/crypto/src/tls/crypto/impl/bc/BcChaCha20Poly1305.cs b/BouncyCastle/crypto/src/tls/crypto/impl/bc/BcChaCha20Poly1305.cs new file mode 100644 index 0000000..8d801ed --- /dev/null +++ b/BouncyCastle/crypto/src/tls/crypto/impl/bc/BcChaCha20Poly1305.cs @@ -0,0 +1,124 @@ +using System; + +using Org.BouncyCastle.Crypto.Engines; +using Org.BouncyCastle.Crypto.Macs; +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Crypto.Utilities; + +namespace Org.BouncyCastle.Tls.Crypto.Impl.BC +{ + public sealed class BcChaCha20Poly1305 + : TlsAeadCipherImpl + { + private static readonly byte[] Zeroes = new byte[15]; + + private readonly ChaCha7539Engine m_cipher = new ChaCha7539Engine(); + private readonly Poly1305 m_mac = new Poly1305(); + + private readonly bool m_isEncrypting; + + private int m_additionalDataLength; + + public BcChaCha20Poly1305(bool isEncrypting) + { + this.m_isEncrypting = isEncrypting; + } + + public int DoFinal(byte[] input, int inputOffset, int inputLength, byte[] output, int outputOffset) + { + if (m_isEncrypting) + { + int ciphertextLength = inputLength; + + m_cipher.ProcessBytes(input, inputOffset, inputLength, output, outputOffset); + int outputLength = inputLength; + + if (ciphertextLength != outputLength) + throw new InvalidOperationException(); + + UpdateMac(output, outputOffset, ciphertextLength); + + byte[] lengths = new byte[16]; + Pack.UInt64_To_LE((ulong)m_additionalDataLength, lengths, 0); + Pack.UInt64_To_LE((ulong)ciphertextLength, lengths, 8); + m_mac.BlockUpdate(lengths, 0, 16); + + m_mac.DoFinal(output, outputOffset + ciphertextLength); + + return ciphertextLength + 16; + } + else + { + int ciphertextLength = inputLength - 16; + + UpdateMac(input, inputOffset, ciphertextLength); + + byte[] expectedMac = new byte[16]; + Pack.UInt64_To_LE((ulong)m_additionalDataLength, expectedMac, 0); + Pack.UInt64_To_LE((ulong)ciphertextLength, expectedMac, 8); + m_mac.BlockUpdate(expectedMac, 0, 16); + m_mac.DoFinal(expectedMac, 0); + + bool badMac = !TlsUtilities.ConstantTimeAreEqual(16, expectedMac, 0, input, inputOffset + ciphertextLength); + if (badMac) + throw new TlsFatalAlert(AlertDescription.bad_record_mac); + + m_cipher.ProcessBytes(input, inputOffset, ciphertextLength, output, outputOffset); + int outputLength = ciphertextLength; + + if (ciphertextLength != outputLength) + throw new InvalidOperationException(); + + return ciphertextLength; + } + } + + public int GetOutputSize(int inputLength) + { + return m_isEncrypting ? inputLength + 16 : inputLength - 16; + } + + public void Init(byte[] nonce, int macSize, byte[] additionalData) + { + if (nonce == null || nonce.Length != 12 || macSize != 16) + throw new TlsFatalAlert(AlertDescription.internal_error); + + m_cipher.Init(m_isEncrypting, new ParametersWithIV(null, nonce)); + InitMac(); + if (additionalData == null) + { + this.m_additionalDataLength = 0; + } + else + { + this.m_additionalDataLength = additionalData.Length; + UpdateMac(additionalData, 0, additionalData.Length); + } + } + + public void SetKey(byte[] key, int keyOff, int keyLen) + { + KeyParameter cipherKey = new KeyParameter(key, keyOff, keyLen); + m_cipher.Init(m_isEncrypting, new ParametersWithIV(cipherKey, Zeroes, 0, 12)); + } + + private void InitMac() + { + byte[] firstBlock = new byte[64]; + m_cipher.ProcessBytes(firstBlock, 0, 64, firstBlock, 0); + m_mac.Init(new KeyParameter(firstBlock, 0, 32)); + Array.Clear(firstBlock, 0, firstBlock.Length); + } + + private void UpdateMac(byte[] buf, int off, int len) + { + m_mac.BlockUpdate(buf, off, len); + + int partial = len % 16; + if (partial != 0) + { + m_mac.BlockUpdate(Zeroes, 0, 16 - partial); + } + } + } +} diff --git a/BouncyCastle/crypto/src/tls/crypto/impl/bc/BcDefaultTlsCredentialedAgreement.cs b/BouncyCastle/crypto/src/tls/crypto/impl/bc/BcDefaultTlsCredentialedAgreement.cs new file mode 100644 index 0000000..863b966 --- /dev/null +++ b/BouncyCastle/crypto/src/tls/crypto/impl/bc/BcDefaultTlsCredentialedAgreement.cs @@ -0,0 +1,112 @@ +using System; + +using Org.BouncyCastle.Crypto; +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Tls.Crypto.Impl.BC +{ + /// Credentialed class generating agreed secrets from a peer's public key for our end of the TLS connection + /// using the BC light-weight API. + public class BcDefaultTlsCredentialedAgreement + : TlsCredentialedAgreement + { + protected readonly TlsCredentialedAgreement m_agreementCredentials; + + public BcDefaultTlsCredentialedAgreement(BcTlsCrypto crypto, Certificate certificate, + AsymmetricKeyParameter privateKey) + { + if (crypto == null) + throw new ArgumentNullException("crypto"); + if (certificate == null) + throw new ArgumentNullException("certificate"); + if (certificate.IsEmpty) + throw new ArgumentException("cannot be empty", "certificate"); + if (privateKey == null) + throw new ArgumentNullException("privateKey"); + if (!privateKey.IsPrivate) + throw new ArgumentException("must be private", "privateKey"); + + if (privateKey is DHPrivateKeyParameters) + { + this.m_agreementCredentials = new DHCredentialedAgreement(crypto, certificate, + (DHPrivateKeyParameters)privateKey); + } + else if (privateKey is ECPrivateKeyParameters) + { + this.m_agreementCredentials = new ECCredentialedAgreement(crypto, certificate, + (ECPrivateKeyParameters)privateKey); + } + else + { + throw new ArgumentException("'privateKey' type not supported: " + Platform.GetTypeName(privateKey)); + } + } + + public virtual Certificate Certificate + { + get { return m_agreementCredentials.Certificate; } + } + + public virtual TlsSecret GenerateAgreement(TlsCertificate peerCertificate) + { + return m_agreementCredentials.GenerateAgreement(peerCertificate); + } + + private sealed class DHCredentialedAgreement + : TlsCredentialedAgreement + { + private readonly BcTlsCrypto m_crypto; + private readonly Certificate m_certificate; + private readonly DHPrivateKeyParameters m_privateKey; + + internal DHCredentialedAgreement(BcTlsCrypto crypto, Certificate certificate, + DHPrivateKeyParameters privateKey) + { + this.m_crypto = crypto; + this.m_certificate = certificate; + this.m_privateKey = privateKey; + } + + public TlsSecret GenerateAgreement(TlsCertificate peerCertificate) + { + BcTlsCertificate bcCert = BcTlsCertificate.Convert(m_crypto, peerCertificate); + DHPublicKeyParameters peerPublicKey = bcCert.GetPubKeyDH(); + return BcTlsDHDomain.CalculateDHAgreement(m_crypto, m_privateKey, peerPublicKey, false); + } + + public Certificate Certificate + { + get { return m_certificate; } + } + } + + private sealed class ECCredentialedAgreement + : TlsCredentialedAgreement + { + private readonly BcTlsCrypto m_crypto; + private readonly Certificate m_certificate; + private readonly ECPrivateKeyParameters m_privateKey; + + internal ECCredentialedAgreement(BcTlsCrypto crypto, Certificate certificate, + ECPrivateKeyParameters privateKey) + { + this.m_crypto = crypto; + this.m_certificate = certificate; + this.m_privateKey = privateKey; + } + + public TlsSecret GenerateAgreement(TlsCertificate peerCertificate) + { + BcTlsCertificate bcCert = BcTlsCertificate.Convert(m_crypto, peerCertificate); + ECPublicKeyParameters peerPublicKey = bcCert.GetPubKeyEC(); + return BcTlsECDomain.CalculateECDHAgreement(m_crypto, m_privateKey, peerPublicKey); + } + + public Certificate Certificate + { + get { return m_certificate; } + } + } + } +} diff --git a/BouncyCastle/crypto/src/tls/crypto/impl/bc/BcDefaultTlsCredentialedDecryptor.cs b/BouncyCastle/crypto/src/tls/crypto/impl/bc/BcDefaultTlsCredentialedDecryptor.cs new file mode 100644 index 0000000..b0e9f12 --- /dev/null +++ b/BouncyCastle/crypto/src/tls/crypto/impl/bc/BcDefaultTlsCredentialedDecryptor.cs @@ -0,0 +1,139 @@ +using System; + +using Org.BouncyCastle.Crypto; +using Org.BouncyCastle.Crypto.Encodings; +using Org.BouncyCastle.Crypto.Engines; +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Security; +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Tls.Crypto.Impl.BC +{ + /// Credentialed class decrypting RSA encrypted secrets sent from a peer for our end of the TLS connection + /// using the BC light-weight API. + public class BcDefaultTlsCredentialedDecryptor + : TlsCredentialedDecryptor + { + protected readonly BcTlsCrypto m_crypto; + protected readonly Certificate m_certificate; + protected readonly AsymmetricKeyParameter m_privateKey; + + public BcDefaultTlsCredentialedDecryptor(BcTlsCrypto crypto, Certificate certificate, + AsymmetricKeyParameter privateKey) + { + if (crypto == null) + throw new ArgumentNullException("crypto"); + if (certificate == null) + throw new ArgumentNullException("certificate"); + if (certificate.IsEmpty) + throw new ArgumentException("cannot be empty", "certificate"); + if (privateKey == null) + throw new ArgumentNullException("privateKey"); + if (!privateKey.IsPrivate) + throw new ArgumentException("must be private", "privateKey"); + + if (privateKey is RsaKeyParameters) + { + } + else + { + throw new ArgumentException("'privateKey' type not supported: " + Platform.GetTypeName(privateKey)); + } + + this.m_crypto = crypto; + this.m_certificate = certificate; + this.m_privateKey = privateKey; + } + + public virtual Certificate Certificate + { + get { return m_certificate; } + } + + public virtual TlsSecret Decrypt(TlsCryptoParameters cryptoParams, byte[] ciphertext) + { + // TODO Keep only the decryption itself here - move error handling outside + return SafeDecryptPreMasterSecret(cryptoParams, (RsaKeyParameters)m_privateKey, ciphertext); + } + + /* + * TODO[tls-ops] Probably need to make RSA encryption/decryption into TlsCrypto functions so + * that users can implement "generic" encryption credentials externally + */ + protected virtual TlsSecret SafeDecryptPreMasterSecret(TlsCryptoParameters cryptoParams, + RsaKeyParameters rsaServerPrivateKey, byte[] encryptedPreMasterSecret) + { + SecureRandom secureRandom = m_crypto.SecureRandom; + + /* + * RFC 5246 7.4.7.1. + */ + ProtocolVersion expectedVersion = cryptoParams.RsaPreMasterSecretVersion; + + // TODO Provide as configuration option? + bool versionNumberCheckDisabled = false; + + /* + * Generate 48 random bytes we can use as a Pre-Master-Secret, if the + * PKCS1 padding check should fail. + */ + byte[] fallback = new byte[48]; + secureRandom.NextBytes(fallback); + + byte[] M = Arrays.Clone(fallback); + try + { + Pkcs1Encoding encoding = new Pkcs1Encoding(new RsaBlindedEngine(), fallback); + encoding.Init(false, new ParametersWithRandom(rsaServerPrivateKey, secureRandom)); + + M = encoding.ProcessBlock(encryptedPreMasterSecret, 0, encryptedPreMasterSecret.Length); + } + catch (Exception) + { + /* + * This should never happen since the decryption should never throw an exception + * and return a random value instead. + * + * In any case, a TLS server MUST NOT generate an alert if processing an + * RSA-encrypted premaster secret message fails, or the version number is not as + * expected. Instead, it MUST continue the handshake with a randomly generated + * premaster secret. + */ + } + + /* + * If ClientHello.legacy_version is TLS 1.1 or higher, server implementations MUST check the + * version number [..]. + */ + if (versionNumberCheckDisabled && !TlsImplUtilities.IsTlsV11(expectedVersion)) + { + /* + * If the version number is TLS 1.0 or earlier, server implementations SHOULD check the + * version number, but MAY have a configuration option to disable the check. + */ + } + else + { + /* + * Compare the version number in the decrypted Pre-Master-Secret with the legacy_version + * field from the ClientHello. If they don't match, continue the handshake with the + * randomly generated 'fallback' value. + * + * NOTE: The comparison and replacement must be constant-time. + */ + int mask = (expectedVersion.MajorVersion ^ (M[0] & 0xFF)) + | (expectedVersion.MinorVersion ^ (M[1] & 0xFF)); + + // 'mask' will be all 1s if the versions matched, or else all 0s. + mask = (mask - 1) >> 31; + + for (int i = 0; i < 48; i++) + { + M[i] = (byte)((M[i] & mask) | (fallback[i] & ~mask)); + } + } + + return m_crypto.CreateSecret(M); + } + } +} diff --git a/BouncyCastle/crypto/src/tls/crypto/impl/bc/BcDefaultTlsCredentialedSigner.cs b/BouncyCastle/crypto/src/tls/crypto/impl/bc/BcDefaultTlsCredentialedSigner.cs new file mode 100644 index 0000000..6db84cd --- /dev/null +++ b/BouncyCastle/crypto/src/tls/crypto/impl/bc/BcDefaultTlsCredentialedSigner.cs @@ -0,0 +1,85 @@ +using System; + +using Org.BouncyCastle.Crypto; +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Tls.Crypto.Impl.BC +{ + /// Credentialed class for generating signatures based on the use of primitives from the BC light-weight API. + public class BcDefaultTlsCredentialedSigner + : DefaultTlsCredentialedSigner + { + private static BcTlsCertificate GetEndEntity(BcTlsCrypto crypto, Certificate certificate) + { + if (certificate == null || certificate.IsEmpty) + throw new ArgumentException("No certificate"); + + return BcTlsCertificate.Convert(crypto, certificate.GetCertificateAt(0)); + } + + private static TlsSigner MakeSigner(BcTlsCrypto crypto, AsymmetricKeyParameter privateKey, + Certificate certificate, SignatureAndHashAlgorithm signatureAndHashAlgorithm) + { + TlsSigner signer; + if (privateKey is RsaKeyParameters) + { + RsaKeyParameters privKeyRsa = (RsaKeyParameters)privateKey; + + if (signatureAndHashAlgorithm != null) + { + int signatureScheme = SignatureScheme.From(signatureAndHashAlgorithm); + if (SignatureScheme.IsRsaPss(signatureScheme)) + { + return new BcTlsRsaPssSigner(crypto, privKeyRsa, signatureScheme); + } + } + + RsaKeyParameters pubKeyRsa = GetEndEntity(crypto, certificate).GetPubKeyRsa(); + + signer = new BcTlsRsaSigner(crypto, privKeyRsa, pubKeyRsa); + } + else if (privateKey is DsaPrivateKeyParameters) + { + signer = new BcTlsDsaSigner(crypto, (DsaPrivateKeyParameters)privateKey); + } + else if (privateKey is ECPrivateKeyParameters) + { + ECPrivateKeyParameters privKeyEC = (ECPrivateKeyParameters)privateKey; + + if (signatureAndHashAlgorithm != null) + { + int signatureScheme = SignatureScheme.From(signatureAndHashAlgorithm); + if (SignatureScheme.IsECDsa(signatureScheme)) + { + return new BcTlsECDsa13Signer(crypto, privKeyEC, signatureScheme); + } + } + + signer = new BcTlsECDsaSigner(crypto, privKeyEC); + } + else if (privateKey is Ed25519PrivateKeyParameters) + { + signer = new BcTlsEd25519Signer(crypto, (Ed25519PrivateKeyParameters)privateKey); + } + else if (privateKey is Ed448PrivateKeyParameters) + { + signer = new BcTlsEd448Signer(crypto, (Ed448PrivateKeyParameters)privateKey); + } + else + { + throw new ArgumentException("'privateKey' type not supported: " + Platform.GetTypeName(privateKey)); + } + + return signer; + } + + public BcDefaultTlsCredentialedSigner(TlsCryptoParameters cryptoParams, BcTlsCrypto crypto, + AsymmetricKeyParameter privateKey, Certificate certificate, + SignatureAndHashAlgorithm signatureAndHashAlgorithm) + : base(cryptoParams, MakeSigner(crypto, privateKey, certificate, signatureAndHashAlgorithm), certificate, + signatureAndHashAlgorithm) + { + } + } +} diff --git a/BouncyCastle/crypto/src/tls/crypto/impl/bc/BcSsl3Hmac.cs b/BouncyCastle/crypto/src/tls/crypto/impl/bc/BcSsl3Hmac.cs new file mode 100644 index 0000000..df2ccd2 --- /dev/null +++ b/BouncyCastle/crypto/src/tls/crypto/impl/bc/BcSsl3Hmac.cs @@ -0,0 +1,112 @@ +using System; + +using Org.BouncyCastle.Crypto; +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Tls.Crypto.Impl.BC +{ + /// HMAC implementation based on original internet draft for HMAC (RFC 2104). + /// + /// The difference is that padding is concatenated versus XORed with the key, e.g: + /// H(K + opad, H(K + ipad, text)) + /// + internal class BcSsl3Hmac + : TlsHmac + { + private const byte IPAD_BYTE = (byte)0x36; + private const byte OPAD_BYTE = (byte)0x5C; + + private static readonly byte[] IPAD = GenPad(IPAD_BYTE, 48); + private static readonly byte[] OPAD = GenPad(OPAD_BYTE, 48); + + private readonly IDigest m_digest; + private readonly int m_padLength; + + private byte[] m_secret; + + /// Base constructor for one of the standard digest algorithms for which the byteLength is known. + /// + /// + /// Behaviour is undefined for digests other than MD5 or SHA1. + /// + /// the digest. + internal BcSsl3Hmac(IDigest digest) + { + this.m_digest = digest; + + if (digest.GetDigestSize() == 20) + { + this.m_padLength = 40; + } + else + { + this.m_padLength = 48; + } + } + + public virtual void SetKey(byte[] key, int keyOff, int keyLen) + { + this.m_secret = TlsUtilities.CopyOfRangeExact(key, keyOff, keyOff + keyLen); + + Reset(); + } + + public virtual void Update(byte[] input, int inOff, int len) + { + m_digest.BlockUpdate(input, inOff, len); + } + + public virtual byte[] CalculateMac() + { + byte[] result = new byte[m_digest.GetDigestSize()]; + DoFinal(result, 0); + return result; + } + + public virtual void CalculateMac(byte[] output, int outOff) + { + DoFinal(output, outOff); + } + + public virtual int InternalBlockSize + { + get { return m_digest.GetByteLength(); } + } + + public virtual int MacLength + { + get { return m_digest.GetDigestSize(); } + } + + /** + * Reset the mac generator. + */ + public virtual void Reset() + { + m_digest.Reset(); + m_digest.BlockUpdate(m_secret, 0, m_secret.Length); + m_digest.BlockUpdate(IPAD, 0, m_padLength); + } + + private void DoFinal(byte[] output, int outOff) + { + byte[] tmp = new byte[m_digest.GetDigestSize()]; + m_digest.DoFinal(tmp, 0); + + m_digest.BlockUpdate(m_secret, 0, m_secret.Length); + m_digest.BlockUpdate(OPAD, 0, m_padLength); + m_digest.BlockUpdate(tmp, 0, tmp.Length); + + m_digest.DoFinal(output, outOff); + + Reset(); + } + + private static byte[] GenPad(byte b, int count) + { + byte[] padding = new byte[count]; + Arrays.Fill(padding, b); + return padding; + } + } +} diff --git a/BouncyCastle/crypto/src/tls/crypto/impl/bc/BcTlsAeadCipherImpl.cs b/BouncyCastle/crypto/src/tls/crypto/impl/bc/BcTlsAeadCipherImpl.cs new file mode 100644 index 0000000..ae05a16 --- /dev/null +++ b/BouncyCastle/crypto/src/tls/crypto/impl/bc/BcTlsAeadCipherImpl.cs @@ -0,0 +1,54 @@ +using System; + +using Org.BouncyCastle.Crypto; +using Org.BouncyCastle.Crypto.Modes; +using Org.BouncyCastle.Crypto.Parameters; + +namespace Org.BouncyCastle.Tls.Crypto.Impl.BC +{ + internal sealed class BcTlsAeadCipherImpl + : TlsAeadCipherImpl + { + private readonly bool m_isEncrypting; + private readonly IAeadBlockCipher m_cipher; + + private KeyParameter key; + + internal BcTlsAeadCipherImpl(IAeadBlockCipher cipher, bool isEncrypting) + { + this.m_cipher = cipher; + this.m_isEncrypting = isEncrypting; + } + + public void SetKey(byte[] key, int keyOff, int keyLen) + { + this.key = new KeyParameter(key, keyOff, keyLen); + } + + public void Init(byte[] nonce, int macSize, byte[] additionalData) + { + m_cipher.Init(m_isEncrypting, new AeadParameters(key, macSize * 8, nonce, additionalData)); + } + + public int GetOutputSize(int inputLength) + { + return m_cipher.GetOutputSize(inputLength); + } + + public int DoFinal(byte[] input, int inputOffset, int inputLength, byte[] output, int outputOffset) + { + int len = m_cipher.ProcessBytes(input, inputOffset, inputLength, output, outputOffset); + + try + { + len += m_cipher.DoFinal(output, outputOffset + len); + } + catch (InvalidCipherTextException e) + { + throw new TlsFatalAlert(AlertDescription.bad_record_mac, e); + } + + return len; + } + } +} diff --git a/BouncyCastle/crypto/src/tls/crypto/impl/bc/BcTlsBlockCipherImpl.cs b/BouncyCastle/crypto/src/tls/crypto/impl/bc/BcTlsBlockCipherImpl.cs new file mode 100644 index 0000000..b51d38c --- /dev/null +++ b/BouncyCastle/crypto/src/tls/crypto/impl/bc/BcTlsBlockCipherImpl.cs @@ -0,0 +1,49 @@ +using System; + +using Org.BouncyCastle.Crypto; +using Org.BouncyCastle.Crypto.Parameters; + +namespace Org.BouncyCastle.Tls.Crypto.Impl.BC +{ + internal sealed class BcTlsBlockCipherImpl + : TlsBlockCipherImpl + { + private readonly bool m_isEncrypting; + private readonly IBlockCipher m_cipher; + + private KeyParameter key; + + internal BcTlsBlockCipherImpl(IBlockCipher cipher, bool isEncrypting) + { + this.m_cipher = cipher; + this.m_isEncrypting = isEncrypting; + } + + public void SetKey(byte[] key, int keyOff, int keyLen) + { + this.key = new KeyParameter(key, keyOff, keyLen); + } + + public void Init(byte[] iv, int ivOff, int ivLen) + { + m_cipher.Init(m_isEncrypting, new ParametersWithIV(key, iv, ivOff, ivLen)); + } + + public int DoFinal(byte[] input, int inputOffset, int inputLength, byte[] output, int outputOffset) + { + int blockSize = m_cipher.GetBlockSize(); + + for (int i = 0; i < inputLength; i += blockSize) + { + m_cipher.ProcessBlock(input, inputOffset + i, output, outputOffset + i); + } + + return inputLength; + } + + public int GetBlockSize() + { + return m_cipher.GetBlockSize(); + } + } +} diff --git a/BouncyCastle/crypto/src/tls/crypto/impl/bc/BcTlsCertificate.cs b/BouncyCastle/crypto/src/tls/crypto/impl/bc/BcTlsCertificate.cs new file mode 100644 index 0000000..d01bd5c --- /dev/null +++ b/BouncyCastle/crypto/src/tls/crypto/impl/bc/BcTlsCertificate.cs @@ -0,0 +1,489 @@ +using System; +using System.IO; + +using Org.BouncyCastle.Asn1; +using Org.BouncyCastle.Asn1.X509; +using Org.BouncyCastle.Crypto; +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Math; +using Org.BouncyCastle.Security; +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Tls.Crypto.Impl.BC +{ + /// Implementation class for a single X.509 certificate based on the BC light-weight API. + public class BcTlsCertificate + : TlsCertificate + { + /// + public static BcTlsCertificate Convert(BcTlsCrypto crypto, TlsCertificate certificate) + { + if (certificate is BcTlsCertificate) + return (BcTlsCertificate)certificate; + + return new BcTlsCertificate(crypto, certificate.GetEncoded()); + } + + /// + public static X509CertificateStructure ParseCertificate(byte[] encoding) + { + try + { + Asn1Object asn1 = TlsUtilities.ReadAsn1Object(encoding); + return X509CertificateStructure.GetInstance(asn1); + } + catch (Exception e) + { + throw new TlsFatalAlert(AlertDescription.bad_certificate, e); + } + } + + protected readonly BcTlsCrypto m_crypto; + protected readonly X509CertificateStructure m_certificate; + + protected DHPublicKeyParameters m_pubKeyDH = null; + protected ECPublicKeyParameters m_pubKeyEC = null; + protected Ed25519PublicKeyParameters m_pubKeyEd25519 = null; + protected Ed448PublicKeyParameters m_pubKeyEd448 = null; + protected RsaKeyParameters m_pubKeyRsa = null; + + /// + public BcTlsCertificate(BcTlsCrypto crypto, byte[] encoding) + : this(crypto, ParseCertificate(encoding)) + { + } + + public BcTlsCertificate(BcTlsCrypto crypto, X509CertificateStructure certificate) + { + this.m_crypto = crypto; + this.m_certificate = certificate; + } + + /// + public virtual TlsEncryptor CreateEncryptor(int tlsCertificateRole) + { + ValidateKeyUsage(KeyUsage.KeyEncipherment); + + switch (tlsCertificateRole) + { + case TlsCertificateRole.RsaEncryption: + { + this.m_pubKeyRsa = GetPubKeyRsa(); + return new BcTlsRsaEncryptor(m_crypto, m_pubKeyRsa); + } + // TODO[gmssl] + //case TlsCertificateRole.Sm2Encryption: + //{ + // this.m_pubKeyEC = GetPubKeyEC(); + // return new BcTlsSM2Encryptor(m_crypto, m_pubKeyEC); + //} + } + + throw new TlsFatalAlert(AlertDescription.certificate_unknown); + } + + /// + public virtual TlsVerifier CreateVerifier(short signatureAlgorithm) + { + switch (signatureAlgorithm) + { + case SignatureAlgorithm.rsa_pss_rsae_sha256: + case SignatureAlgorithm.rsa_pss_rsae_sha384: + case SignatureAlgorithm.rsa_pss_rsae_sha512: + case SignatureAlgorithm.ed25519: + case SignatureAlgorithm.ed448: + case SignatureAlgorithm.rsa_pss_pss_sha256: + case SignatureAlgorithm.rsa_pss_pss_sha384: + case SignatureAlgorithm.rsa_pss_pss_sha512: + return CreateVerifier(SignatureScheme.From(HashAlgorithm.Intrinsic, signatureAlgorithm)); + } + + ValidateKeyUsage(KeyUsage.DigitalSignature); + + switch (signatureAlgorithm) + { + case SignatureAlgorithm.rsa: + ValidateRsa_Pkcs1(); + return new BcTlsRsaVerifier(m_crypto, GetPubKeyRsa()); + + case SignatureAlgorithm.dsa: + return new BcTlsDsaVerifier(m_crypto, GetPubKeyDss()); + + case SignatureAlgorithm.ecdsa: + return new BcTlsECDsaVerifier(m_crypto, GetPubKeyEC()); + + default: + throw new TlsFatalAlert(AlertDescription.certificate_unknown); + } + } + + /// + public virtual TlsVerifier CreateVerifier(int signatureScheme) + { + ValidateKeyUsage(KeyUsage.DigitalSignature); + + switch (signatureScheme) + { + case SignatureScheme.ecdsa_brainpoolP256r1tls13_sha256: + case SignatureScheme.ecdsa_brainpoolP384r1tls13_sha384: + case SignatureScheme.ecdsa_brainpoolP512r1tls13_sha512: + case SignatureScheme.ecdsa_secp256r1_sha256: + case SignatureScheme.ecdsa_secp384r1_sha384: + case SignatureScheme.ecdsa_secp521r1_sha512: + case SignatureScheme.ecdsa_sha1: + return new BcTlsECDsa13Verifier(m_crypto, GetPubKeyEC(), signatureScheme); + + case SignatureScheme.ed25519: + return new BcTlsEd25519Verifier(m_crypto, GetPubKeyEd25519()); + + case SignatureScheme.ed448: + return new BcTlsEd448Verifier(m_crypto, GetPubKeyEd448()); + + case SignatureScheme.rsa_pkcs1_sha1: + case SignatureScheme.rsa_pkcs1_sha256: + case SignatureScheme.rsa_pkcs1_sha384: + case SignatureScheme.rsa_pkcs1_sha512: + { + ValidateRsa_Pkcs1(); + return new BcTlsRsaVerifier(m_crypto, GetPubKeyRsa()); + } + + case SignatureScheme.rsa_pss_pss_sha256: + case SignatureScheme.rsa_pss_pss_sha384: + case SignatureScheme.rsa_pss_pss_sha512: + { + ValidateRsa_Pss_Pss(SignatureScheme.GetSignatureAlgorithm(signatureScheme)); + return new BcTlsRsaPssVerifier(m_crypto, GetPubKeyRsa(), signatureScheme); + } + + case SignatureScheme.rsa_pss_rsae_sha256: + case SignatureScheme.rsa_pss_rsae_sha384: + case SignatureScheme.rsa_pss_rsae_sha512: + { + ValidateRsa_Pss_Rsae(); + return new BcTlsRsaPssVerifier(m_crypto, GetPubKeyRsa(), signatureScheme); + } + + // TODO[RFC 8998] + //case SignatureScheme.sm2sig_sm3: + // return new BcTlsSM2Verifier(m_crypto, GetPubKeyEC(), Strings.ToByteArray("TLSv1.3+GM+Cipher+Suite")); + + default: + throw new TlsFatalAlert(AlertDescription.certificate_unknown); + } + } + + /// + public virtual byte[] GetEncoded() + { + return m_certificate.GetEncoded(Asn1Encodable.Der); + } + + /// + public virtual byte[] GetExtension(DerObjectIdentifier extensionOid) + { + X509Extensions extensions = m_certificate.TbsCertificate.Extensions; + if (extensions != null) + { + X509Extension extension = extensions.GetExtension(extensionOid); + if (extension != null) + { + return Arrays.Clone(extension.Value.GetOctets()); + } + } + return null; + } + + public virtual BigInteger SerialNumber + { + get { return m_certificate.SerialNumber.Value; } + } + + public virtual string SigAlgOid + { + get { return m_certificate.SignatureAlgorithm.Algorithm.Id; } + } + + public virtual Asn1Encodable GetSigAlgParams() + { + return m_certificate.SignatureAlgorithm.Parameters; + } + + /// + public virtual short GetLegacySignatureAlgorithm() + { + AsymmetricKeyParameter publicKey = GetPublicKey(); + if (publicKey.IsPrivate) + throw new TlsFatalAlert(AlertDescription.internal_error); + + if (!SupportsKeyUsage(KeyUsage.DigitalSignature)) + return -1; + + /* + * RFC 5246 7.4.6. Client Certificate + */ + + /* + * RSA public key; the certificate MUST allow the key to be used for signing with the + * signature scheme and hash algorithm that will be employed in the certificate verify + * message. + */ + if (publicKey is RsaKeyParameters) + return SignatureAlgorithm.rsa; + + /* + * DSA public key; the certificate MUST allow the key to be used for signing with the + * hash algorithm that will be employed in the certificate verify message. + */ + if (publicKey is DsaPublicKeyParameters) + return SignatureAlgorithm.dsa; + + /* + * ECDSA-capable public key; the certificate MUST allow the key to be used for signing + * with the hash algorithm that will be employed in the certificate verify message; the + * public key MUST use a curve and point format supported by the server. + */ + if (publicKey is ECPublicKeyParameters) + { + // TODO Check the curve and point format + return SignatureAlgorithm.ecdsa; + } + + return -1; + } + + /// + public virtual DHPublicKeyParameters GetPubKeyDH() + { + try + { + return (DHPublicKeyParameters)GetPublicKey(); + } + catch (InvalidCastException e) + { + throw new TlsFatalAlert(AlertDescription.certificate_unknown, e); + } + } + + /// + public virtual DsaPublicKeyParameters GetPubKeyDss() + { + try + { + return (DsaPublicKeyParameters)GetPublicKey(); + } + catch (InvalidCastException e) + { + throw new TlsFatalAlert(AlertDescription.certificate_unknown, e); + } + } + + /// + public virtual ECPublicKeyParameters GetPubKeyEC() + { + try + { + return (ECPublicKeyParameters)GetPublicKey(); + } + catch (InvalidCastException e) + { + throw new TlsFatalAlert(AlertDescription.certificate_unknown, e); + } + } + + /// + public virtual Ed25519PublicKeyParameters GetPubKeyEd25519() + { + try + { + return (Ed25519PublicKeyParameters)GetPublicKey(); + } + catch (InvalidCastException e) + { + throw new TlsFatalAlert(AlertDescription.certificate_unknown, e); + } + } + + /// + public virtual Ed448PublicKeyParameters GetPubKeyEd448() + { + try + { + return (Ed448PublicKeyParameters)GetPublicKey(); + } + catch (InvalidCastException e) + { + throw new TlsFatalAlert(AlertDescription.certificate_unknown, e); + } + } + + /// + public virtual RsaKeyParameters GetPubKeyRsa() + { + try + { + return (RsaKeyParameters)GetPublicKey(); + } + catch (InvalidCastException e) + { + throw new TlsFatalAlert(AlertDescription.certificate_unknown, e); + } + } + + /// + public virtual bool SupportsSignatureAlgorithm(short signatureAlgorithm) + { + return SupportsSignatureAlgorithm(signatureAlgorithm, KeyUsage.DigitalSignature); + } + + /// + public virtual bool SupportsSignatureAlgorithmCA(short signatureAlgorithm) + { + return SupportsSignatureAlgorithm(signatureAlgorithm, KeyUsage.KeyCertSign); + } + + /// + public virtual TlsCertificate CheckUsageInRole(int tlsCertificateRole) + { + switch (tlsCertificateRole) + { + case TlsCertificateRole.DH: + { + ValidateKeyUsage(KeyUsage.KeyAgreement); + this.m_pubKeyDH = GetPubKeyDH(); + return this; + } + case TlsCertificateRole.ECDH: + { + ValidateKeyUsage(KeyUsage.KeyAgreement); + this.m_pubKeyEC = GetPubKeyEC(); + return this; + } + } + + throw new TlsFatalAlert(AlertDescription.certificate_unknown); + } + + /// + protected virtual AsymmetricKeyParameter GetPublicKey() + { + SubjectPublicKeyInfo keyInfo = m_certificate.SubjectPublicKeyInfo; + try + { + return PublicKeyFactory.CreateKey(keyInfo); + } + catch (Exception e) + { + throw new TlsFatalAlert(AlertDescription.unsupported_certificate, e); + } + } + + protected virtual bool SupportsKeyUsage(int keyUsageBits) + { + X509Extensions exts = m_certificate.TbsCertificate.Extensions; + if (exts != null) + { + KeyUsage ku = KeyUsage.FromExtensions(exts); + if (ku != null) + { + int bits = ku.GetBytes()[0] & 0xff; + if ((bits & keyUsageBits) != keyUsageBits) + return false; + } + } + return true; + } + + protected virtual bool SupportsRsa_Pkcs1() + { + AlgorithmIdentifier pubKeyAlgID = m_certificate.SubjectPublicKeyInfo.AlgorithmID; + return RsaUtilities.SupportsPkcs1(pubKeyAlgID); + } + + protected virtual bool SupportsRsa_Pss_Pss(short signatureAlgorithm) + { + AlgorithmIdentifier pubKeyAlgID = m_certificate.SubjectPublicKeyInfo.AlgorithmID; + return RsaUtilities.SupportsPss_Pss(signatureAlgorithm, pubKeyAlgID); + } + + protected virtual bool SupportsRsa_Pss_Rsae() + { + AlgorithmIdentifier pubKeyAlgID = m_certificate.SubjectPublicKeyInfo.AlgorithmID; + return RsaUtilities.SupportsPss_Rsae(pubKeyAlgID); + } + + /// + protected virtual bool SupportsSignatureAlgorithm(short signatureAlgorithm, int keyUsage) + { + if (!SupportsKeyUsage(keyUsage)) + return false; + + AsymmetricKeyParameter publicKey = GetPublicKey(); + + switch (signatureAlgorithm) + { + case SignatureAlgorithm.rsa: + return SupportsRsa_Pkcs1() + && publicKey is RsaKeyParameters; + + case SignatureAlgorithm.dsa: + return publicKey is DsaPublicKeyParameters; + + case SignatureAlgorithm.ecdsa: + case SignatureAlgorithm.ecdsa_brainpoolP256r1tls13_sha256: + case SignatureAlgorithm.ecdsa_brainpoolP384r1tls13_sha384: + case SignatureAlgorithm.ecdsa_brainpoolP512r1tls13_sha512: + return publicKey is ECPublicKeyParameters; + + case SignatureAlgorithm.ed25519: + return publicKey is Ed25519PublicKeyParameters; + + case SignatureAlgorithm.ed448: + return publicKey is Ed448PublicKeyParameters; + + case SignatureAlgorithm.rsa_pss_rsae_sha256: + case SignatureAlgorithm.rsa_pss_rsae_sha384: + case SignatureAlgorithm.rsa_pss_rsae_sha512: + return SupportsRsa_Pss_Rsae() + && publicKey is RsaKeyParameters; + + case SignatureAlgorithm.rsa_pss_pss_sha256: + case SignatureAlgorithm.rsa_pss_pss_sha384: + case SignatureAlgorithm.rsa_pss_pss_sha512: + return SupportsRsa_Pss_Pss(signatureAlgorithm) + && publicKey is RsaKeyParameters; + + default: + return false; + } + } + + /// + public virtual void ValidateKeyUsage(int keyUsageBits) + { + if (!SupportsKeyUsage(keyUsageBits)) + throw new TlsFatalAlert(AlertDescription.certificate_unknown); + } + + /// + protected virtual void ValidateRsa_Pkcs1() + { + if (!SupportsRsa_Pkcs1()) + throw new TlsFatalAlert(AlertDescription.certificate_unknown); + } + + /// + protected virtual void ValidateRsa_Pss_Pss(short signatureAlgorithm) + { + if (!SupportsRsa_Pss_Pss(signatureAlgorithm)) + throw new TlsFatalAlert(AlertDescription.certificate_unknown); + } + + /// + protected virtual void ValidateRsa_Pss_Rsae() + { + if (!SupportsRsa_Pss_Rsae()) + throw new TlsFatalAlert(AlertDescription.certificate_unknown); + } + } +} diff --git a/BouncyCastle/crypto/src/tls/crypto/impl/bc/BcTlsCrypto.cs b/BouncyCastle/crypto/src/tls/crypto/impl/bc/BcTlsCrypto.cs new file mode 100644 index 0000000..59a3a25 --- /dev/null +++ b/BouncyCastle/crypto/src/tls/crypto/impl/bc/BcTlsCrypto.cs @@ -0,0 +1,678 @@ +using System; + +using Org.BouncyCastle.Crypto; +using Org.BouncyCastle.Crypto.Agreement.Srp; +using Org.BouncyCastle.Crypto.Digests; +using Org.BouncyCastle.Crypto.Engines; +using Org.BouncyCastle.Crypto.Macs; +using Org.BouncyCastle.Crypto.Modes; +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Crypto.Prng; +using Org.BouncyCastle.Math; +using Org.BouncyCastle.Security; +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Tls.Crypto.Impl.BC +{ + /** + * Class for providing cryptographic services for TLS based on implementations in the BC light-weight API. + *

    + * This class provides default implementations for everything. If you need to customise it, extend the class + * and override the appropriate methods. + *

    + */ + public class BcTlsCrypto + : AbstractTlsCrypto + { + private readonly SecureRandom m_entropySource; + + public BcTlsCrypto(SecureRandom entropySource) + { + this.m_entropySource = entropySource; + } + + internal virtual BcTlsSecret AdoptLocalSecret(byte[] data) + { + return new BcTlsSecret(this, data); + } + + public override SecureRandom SecureRandom + { + get { return m_entropySource; } + } + + public override TlsCertificate CreateCertificate(byte[] encoding) + { + return new BcTlsCertificate(this, encoding); + } + + public override TlsCipher CreateCipher(TlsCryptoParameters cryptoParams, int encryptionAlgorithm, + int macAlgorithm) + { + switch (encryptionAlgorithm) + { + case EncryptionAlgorithm.AES_128_CBC: + case EncryptionAlgorithm.ARIA_128_CBC: + case EncryptionAlgorithm.CAMELLIA_128_CBC: + case EncryptionAlgorithm.SEED_CBC: + case EncryptionAlgorithm.SM4_CBC: + return CreateCipher_Cbc(cryptoParams, encryptionAlgorithm, 16, macAlgorithm); + + case EncryptionAlgorithm.cls_3DES_EDE_CBC: + return CreateCipher_Cbc(cryptoParams, encryptionAlgorithm, 24, macAlgorithm); + + case EncryptionAlgorithm.AES_256_CBC: + case EncryptionAlgorithm.ARIA_256_CBC: + case EncryptionAlgorithm.CAMELLIA_256_CBC: + return CreateCipher_Cbc(cryptoParams, encryptionAlgorithm, 32, macAlgorithm); + + case EncryptionAlgorithm.AES_128_CCM: + // NOTE: Ignores macAlgorithm + return CreateCipher_Aes_Ccm(cryptoParams, 16, 16); + case EncryptionAlgorithm.AES_128_CCM_8: + // NOTE: Ignores macAlgorithm + return CreateCipher_Aes_Ccm(cryptoParams, 16, 8); + case EncryptionAlgorithm.AES_128_GCM: + // NOTE: Ignores macAlgorithm + return CreateCipher_Aes_Gcm(cryptoParams, 16, 16); + case EncryptionAlgorithm.AES_256_CCM: + // NOTE: Ignores macAlgorithm + return CreateCipher_Aes_Ccm(cryptoParams, 32, 16); + case EncryptionAlgorithm.AES_256_CCM_8: + // NOTE: Ignores macAlgorithm + return CreateCipher_Aes_Ccm(cryptoParams, 32, 8); + case EncryptionAlgorithm.AES_256_GCM: + // NOTE: Ignores macAlgorithm + return CreateCipher_Aes_Gcm(cryptoParams, 32, 16); + case EncryptionAlgorithm.ARIA_128_GCM: + // NOTE: Ignores macAlgorithm + return CreateCipher_Aria_Gcm(cryptoParams, 16, 16); + case EncryptionAlgorithm.ARIA_256_GCM: + // NOTE: Ignores macAlgorithm + return CreateCipher_Aria_Gcm(cryptoParams, 32, 16); + case EncryptionAlgorithm.CAMELLIA_128_GCM: + // NOTE: Ignores macAlgorithm + return CreateCipher_Camellia_Gcm(cryptoParams, 16, 16); + case EncryptionAlgorithm.CAMELLIA_256_GCM: + // NOTE: Ignores macAlgorithm + return CreateCipher_Camellia_Gcm(cryptoParams, 32, 16); + case EncryptionAlgorithm.CHACHA20_POLY1305: + // NOTE: Ignores macAlgorithm + return CreateChaCha20Poly1305(cryptoParams); + case EncryptionAlgorithm.NULL: + return CreateNullCipher(cryptoParams, macAlgorithm); + case EncryptionAlgorithm.SM4_CCM: + // NOTE: Ignores macAlgorithm + return CreateCipher_SM4_Ccm(cryptoParams); + case EncryptionAlgorithm.SM4_GCM: + // NOTE: Ignores macAlgorithm + return CreateCipher_SM4_Gcm(cryptoParams); + + case EncryptionAlgorithm.DES40_CBC: + case EncryptionAlgorithm.DES_CBC: + case EncryptionAlgorithm.IDEA_CBC: + case EncryptionAlgorithm.RC2_CBC_40: + case EncryptionAlgorithm.RC4_128: + case EncryptionAlgorithm.RC4_40: + default: + throw new TlsFatalAlert(AlertDescription.internal_error); + } + } + + public override TlsDHDomain CreateDHDomain(TlsDHConfig dhConfig) + { + return new BcTlsDHDomain(this, dhConfig); + } + + public override TlsECDomain CreateECDomain(TlsECConfig ecConfig) + { + switch (ecConfig.NamedGroup) + { + case NamedGroup.x25519: + return new BcX25519Domain(this); + case NamedGroup.x448: + return new BcX448Domain(this); + default: + return new BcTlsECDomain(this, ecConfig); + } + } + + public override TlsNonceGenerator CreateNonceGenerator(byte[] additionalSeedMaterial) + { + int cryptoHashAlgorithm = CryptoHashAlgorithm.sha256; + IDigest digest = CreateDigest(cryptoHashAlgorithm); + + byte[] seed = new byte[TlsCryptoUtilities.GetHashOutputSize(cryptoHashAlgorithm)]; + SecureRandom.NextBytes(seed); + + DigestRandomGenerator randomGenerator = new DigestRandomGenerator(digest); + randomGenerator.AddSeedMaterial(additionalSeedMaterial); + randomGenerator.AddSeedMaterial(seed); + + return new BcTlsNonceGenerator(randomGenerator); + } + + public override bool HasAllRawSignatureAlgorithms() + { + // TODO[RFC 8422] Revisit the need to buffer the handshake for "Intrinsic" hash signatures + return !HasSignatureAlgorithm(SignatureAlgorithm.ed25519) + && !HasSignatureAlgorithm(SignatureAlgorithm.ed448); + } + + public override bool HasDHAgreement() + { + return true; + } + + public override bool HasECDHAgreement() + { + return true; + } + + public override bool HasEncryptionAlgorithm(int encryptionAlgorithm) + { + switch (encryptionAlgorithm) + { + case EncryptionAlgorithm.DES40_CBC: + case EncryptionAlgorithm.DES_CBC: + case EncryptionAlgorithm.IDEA_CBC: + case EncryptionAlgorithm.RC2_CBC_40: + case EncryptionAlgorithm.RC4_128: + case EncryptionAlgorithm.RC4_40: + return false; + + default: + return true; + } + } + + public override bool HasCryptoHashAlgorithm(int cryptoHashAlgorithm) + { + switch (cryptoHashAlgorithm) + { + case CryptoHashAlgorithm.md5: + case CryptoHashAlgorithm.sha1: + case CryptoHashAlgorithm.sha224: + case CryptoHashAlgorithm.sha256: + case CryptoHashAlgorithm.sha384: + case CryptoHashAlgorithm.sha512: + case CryptoHashAlgorithm.sm3: + return true; + + default: + return false; + } + } + + public override bool HasCryptoSignatureAlgorithm(int cryptoSignatureAlgorithm) + { + switch (cryptoSignatureAlgorithm) + { + case CryptoSignatureAlgorithm.rsa: + case CryptoSignatureAlgorithm.dsa: + case CryptoSignatureAlgorithm.ecdsa: + case CryptoSignatureAlgorithm.rsa_pss_rsae_sha256: + case CryptoSignatureAlgorithm.rsa_pss_rsae_sha384: + case CryptoSignatureAlgorithm.rsa_pss_rsae_sha512: + case CryptoSignatureAlgorithm.ed25519: + case CryptoSignatureAlgorithm.ed448: + case CryptoSignatureAlgorithm.rsa_pss_pss_sha256: + case CryptoSignatureAlgorithm.rsa_pss_pss_sha384: + case CryptoSignatureAlgorithm.rsa_pss_pss_sha512: + return true; + + // TODO[draft-smyshlyaev-tls12-gost-suites-10] + case CryptoSignatureAlgorithm.gostr34102012_256: + case CryptoSignatureAlgorithm.gostr34102012_512: + + // TODO[RFC 8998] + case CryptoSignatureAlgorithm.sm2: + + default: + return false; + } + } + + public override bool HasMacAlgorithm(int macAlgorithm) + { + switch (macAlgorithm) + { + case MacAlgorithm.hmac_md5: + case MacAlgorithm.hmac_sha1: + case MacAlgorithm.hmac_sha256: + case MacAlgorithm.hmac_sha384: + case MacAlgorithm.hmac_sha512: + return true; + + default: + return false; + } + } + + public override bool HasNamedGroup(int namedGroup) + { + return NamedGroup.RefersToASpecificGroup(namedGroup); + } + + public override bool HasRsaEncryption() + { + return true; + } + + public override bool HasSignatureAlgorithm(short signatureAlgorithm) + { + switch (signatureAlgorithm) + { + case SignatureAlgorithm.rsa: + case SignatureAlgorithm.dsa: + case SignatureAlgorithm.ecdsa: + case SignatureAlgorithm.ed25519: + case SignatureAlgorithm.ed448: + case SignatureAlgorithm.rsa_pss_rsae_sha256: + case SignatureAlgorithm.rsa_pss_rsae_sha384: + case SignatureAlgorithm.rsa_pss_rsae_sha512: + case SignatureAlgorithm.rsa_pss_pss_sha256: + case SignatureAlgorithm.rsa_pss_pss_sha384: + case SignatureAlgorithm.rsa_pss_pss_sha512: + case SignatureAlgorithm.ecdsa_brainpoolP256r1tls13_sha256: + case SignatureAlgorithm.ecdsa_brainpoolP384r1tls13_sha384: + case SignatureAlgorithm.ecdsa_brainpoolP512r1tls13_sha512: + return true; + + // TODO[draft-smyshlyaev-tls12-gost-suites-10] + case SignatureAlgorithm.gostr34102012_256: + case SignatureAlgorithm.gostr34102012_512: + // TODO[RFC 8998] + //case SignatureAlgorithm.sm2: + default: + return false; + } + } + + public override bool HasSignatureAndHashAlgorithm(SignatureAndHashAlgorithm sigAndHashAlgorithm) + { + short signature = sigAndHashAlgorithm.Signature; + + switch (sigAndHashAlgorithm.Hash) + { + case HashAlgorithm.md5: + return SignatureAlgorithm.rsa == signature && HasSignatureAlgorithm(signature); + default: + return HasSignatureAlgorithm(signature); + } + } + + public override bool HasSignatureScheme(int signatureScheme) + { + switch (signatureScheme) + { + case SignatureScheme.sm2sig_sm3: + return false; + default: + { + short signature = SignatureScheme.GetSignatureAlgorithm(signatureScheme); + + switch(SignatureScheme.GetCryptoHashAlgorithm(signatureScheme)) + { + case CryptoHashAlgorithm.md5: + return SignatureAlgorithm.rsa == signature && HasSignatureAlgorithm(signature); + default: + return HasSignatureAlgorithm(signature); + } + } + } + } + + public override bool HasSrpAuthentication() + { + return true; + } + + public override TlsSecret CreateSecret(byte[] data) + { + try + { + return AdoptLocalSecret(Arrays.Clone(data)); + } + finally + { + // TODO[tls-ops] Add this after checking all callers + //if (data != null) + //{ + // Array.Clear(data, 0, data.Length); + //} + } + } + + public override TlsSecret GenerateRsaPreMasterSecret(ProtocolVersion version) + { + byte[] data = new byte[48]; + SecureRandom.NextBytes(data); + TlsUtilities.WriteVersion(version, data, 0); + return AdoptLocalSecret(data); + } + + public virtual IDigest CloneDigest(int cryptoHashAlgorithm, IDigest digest) + { + switch (cryptoHashAlgorithm) + { + case CryptoHashAlgorithm.md5: + return new MD5Digest((MD5Digest)digest); + case CryptoHashAlgorithm.sha1: + return new Sha1Digest((Sha1Digest)digest); + case CryptoHashAlgorithm.sha224: + return new Sha224Digest((Sha224Digest)digest); + case CryptoHashAlgorithm.sha256: + return new Sha256Digest((Sha256Digest)digest); + case CryptoHashAlgorithm.sha384: + return new Sha384Digest((Sha384Digest)digest); + case CryptoHashAlgorithm.sha512: + return new Sha512Digest((Sha512Digest)digest); + case CryptoHashAlgorithm.sm3: + return new SM3Digest((SM3Digest)digest); + default: + throw new ArgumentException("invalid CryptoHashAlgorithm: " + cryptoHashAlgorithm); + } + } + + public virtual IDigest CreateDigest(int cryptoHashAlgorithm) + { + switch (cryptoHashAlgorithm) + { + case CryptoHashAlgorithm.md5: + return new MD5Digest(); + case CryptoHashAlgorithm.sha1: + return new Sha1Digest(); + case CryptoHashAlgorithm.sha224: + return new Sha224Digest(); + case CryptoHashAlgorithm.sha256: + return new Sha256Digest(); + case CryptoHashAlgorithm.sha384: + return new Sha384Digest(); + case CryptoHashAlgorithm.sha512: + return new Sha512Digest(); + case CryptoHashAlgorithm.sm3: + return new SM3Digest(); + default: + throw new ArgumentException("invalid CryptoHashAlgorithm: " + cryptoHashAlgorithm); + } + } + + public override TlsHash CreateHash(int cryptoHashAlgorithm) + { + return new BcTlsHash(this, cryptoHashAlgorithm); + } + + protected virtual IBlockCipher CreateBlockCipher(int encryptionAlgorithm) + { + switch (encryptionAlgorithm) + { + case EncryptionAlgorithm.cls_3DES_EDE_CBC: + return CreateDesEdeEngine(); + case EncryptionAlgorithm.AES_128_CBC: + case EncryptionAlgorithm.AES_256_CBC: + return CreateAesEngine(); + case EncryptionAlgorithm.ARIA_128_CBC: + case EncryptionAlgorithm.ARIA_256_CBC: + return CreateAriaEngine(); + case EncryptionAlgorithm.CAMELLIA_128_CBC: + case EncryptionAlgorithm.CAMELLIA_256_CBC: + return CreateCamelliaEngine(); + case EncryptionAlgorithm.SEED_CBC: + return CreateSeedEngine(); + case EncryptionAlgorithm.SM4_CBC: + return CreateSM4Engine(); + default: + throw new TlsFatalAlert(AlertDescription.internal_error); + } + } + + protected virtual IBlockCipher CreateCbcBlockCipher(IBlockCipher blockCipher) + { + return new CbcBlockCipher(blockCipher); + } + + protected virtual IBlockCipher CreateCbcBlockCipher(int encryptionAlgorithm) + { + return CreateCbcBlockCipher(CreateBlockCipher(encryptionAlgorithm)); + } + + protected virtual TlsCipher CreateChaCha20Poly1305(TlsCryptoParameters cryptoParams) + { + BcChaCha20Poly1305 encrypt = new BcChaCha20Poly1305(true); + BcChaCha20Poly1305 decrypt = new BcChaCha20Poly1305(false); + + return new TlsAeadCipher(cryptoParams, encrypt, decrypt, 32, 16, TlsAeadCipher.AEAD_CHACHA20_POLY1305); + } + + protected virtual TlsAeadCipher CreateCipher_Aes_Ccm(TlsCryptoParameters cryptoParams, int cipherKeySize, + int macSize) + { + BcTlsAeadCipherImpl encrypt = new BcTlsAeadCipherImpl(CreateAeadBlockCipher_Aes_Ccm(), true); + BcTlsAeadCipherImpl decrypt = new BcTlsAeadCipherImpl(CreateAeadBlockCipher_Aes_Ccm(), false); + + return new TlsAeadCipher(cryptoParams, encrypt, decrypt, cipherKeySize, macSize, TlsAeadCipher.AEAD_CCM); + } + + protected virtual TlsAeadCipher CreateCipher_Aes_Gcm(TlsCryptoParameters cryptoParams, int cipherKeySize, + int macSize) + { + BcTlsAeadCipherImpl encrypt = new BcTlsAeadCipherImpl(CreateAeadBlockCipher_Aes_Gcm(), true); + BcTlsAeadCipherImpl decrypt = new BcTlsAeadCipherImpl(CreateAeadBlockCipher_Aes_Gcm(), false); + + return new TlsAeadCipher(cryptoParams, encrypt, decrypt, cipherKeySize, macSize, TlsAeadCipher.AEAD_GCM); + } + + protected virtual TlsAeadCipher CreateCipher_Aria_Gcm(TlsCryptoParameters cryptoParams, int cipherKeySize, + int macSize) + { + BcTlsAeadCipherImpl encrypt = new BcTlsAeadCipherImpl(CreateAeadBlockCipher_Aria_Gcm(), true); + BcTlsAeadCipherImpl decrypt = new BcTlsAeadCipherImpl(CreateAeadBlockCipher_Aria_Gcm(), false); + + return new TlsAeadCipher(cryptoParams, encrypt, decrypt, cipherKeySize, macSize, TlsAeadCipher.AEAD_GCM); + } + + protected virtual TlsAeadCipher CreateCipher_Camellia_Gcm(TlsCryptoParameters cryptoParams, int cipherKeySize, + int macSize) + { + BcTlsAeadCipherImpl encrypt = new BcTlsAeadCipherImpl(CreateAeadBlockCipher_Camellia_Gcm(), true); + BcTlsAeadCipherImpl decrypt = new BcTlsAeadCipherImpl(CreateAeadBlockCipher_Camellia_Gcm(), false); + + return new TlsAeadCipher(cryptoParams, encrypt, decrypt, cipherKeySize, macSize, TlsAeadCipher.AEAD_GCM); + } + + protected virtual TlsCipher CreateCipher_Cbc(TlsCryptoParameters cryptoParams, int encryptionAlgorithm, + int cipherKeySize, int macAlgorithm) + { + BcTlsBlockCipherImpl encrypt = new BcTlsBlockCipherImpl(CreateCbcBlockCipher(encryptionAlgorithm), true); + BcTlsBlockCipherImpl decrypt = new BcTlsBlockCipherImpl(CreateCbcBlockCipher(encryptionAlgorithm), false); + + TlsHmac clientMac = CreateMac(cryptoParams, macAlgorithm); + TlsHmac serverMac = CreateMac(cryptoParams, macAlgorithm); + + return new TlsBlockCipher(cryptoParams, encrypt, decrypt, clientMac, serverMac, cipherKeySize); + } + + protected virtual TlsAeadCipher CreateCipher_SM4_Ccm(TlsCryptoParameters cryptoParams) + { + BcTlsAeadCipherImpl encrypt = new BcTlsAeadCipherImpl(CreateAeadBlockCipher_SM4_Ccm(), true); + BcTlsAeadCipherImpl decrypt = new BcTlsAeadCipherImpl(CreateAeadBlockCipher_SM4_Ccm(), false); + + return new TlsAeadCipher(cryptoParams, encrypt, decrypt, 16, 16, TlsAeadCipher.AEAD_CCM); + } + + protected virtual TlsAeadCipher CreateCipher_SM4_Gcm(TlsCryptoParameters cryptoParams) + { + BcTlsAeadCipherImpl encrypt = new BcTlsAeadCipherImpl(CreateAeadBlockCipher_SM4_Gcm(), true); + BcTlsAeadCipherImpl decrypt = new BcTlsAeadCipherImpl(CreateAeadBlockCipher_SM4_Gcm(), false); + + return new TlsAeadCipher(cryptoParams, encrypt, decrypt, 16, 16, TlsAeadCipher.AEAD_GCM); + } + + protected virtual TlsNullCipher CreateNullCipher(TlsCryptoParameters cryptoParams, int macAlgorithm) + { + return new TlsNullCipher(cryptoParams, CreateMac(cryptoParams, macAlgorithm), + CreateMac(cryptoParams, macAlgorithm)); + } + + protected virtual IBlockCipher CreateAesEngine() + { + return new AesEngine(); + } + + protected virtual IBlockCipher CreateAriaEngine() + { + return new AriaEngine(); + } + + protected virtual IBlockCipher CreateCamelliaEngine() + { + return new CamelliaEngine(); + } + + protected virtual IBlockCipher CreateDesEdeEngine() + { + return new DesEdeEngine(); + } + + protected virtual IBlockCipher CreateSeedEngine() + { + return new SeedEngine(); + } + + protected virtual IBlockCipher CreateSM4Engine() + { + return new SM4Engine(); + } + + protected virtual IAeadBlockCipher CreateCcmMode(IBlockCipher engine) + { + return new CcmBlockCipher(engine); + } + + protected virtual IAeadBlockCipher CreateGcmMode(IBlockCipher engine) + { + // TODO Consider allowing custom configuration of multiplier + return new GcmBlockCipher(engine); + } + + protected virtual IAeadBlockCipher CreateAeadBlockCipher_Aes_Ccm() + { + return CreateCcmMode(CreateAesEngine()); + } + + protected virtual IAeadBlockCipher CreateAeadBlockCipher_Aes_Gcm() + { + return CreateGcmMode(CreateAesEngine()); + } + + protected virtual IAeadBlockCipher CreateAeadBlockCipher_Aria_Gcm() + { + return CreateGcmMode(CreateAriaEngine()); + } + + protected virtual IAeadBlockCipher CreateAeadBlockCipher_Camellia_Gcm() + { + return CreateGcmMode(CreateCamelliaEngine()); + } + + protected virtual IAeadBlockCipher CreateAeadBlockCipher_SM4_Ccm() + { + return CreateCcmMode(CreateSM4Engine()); + } + + protected virtual IAeadBlockCipher CreateAeadBlockCipher_SM4_Gcm() + { + return CreateGcmMode(CreateSM4Engine()); + } + + public override TlsHmac CreateHmac(int macAlgorithm) + { + switch (macAlgorithm) + { + case MacAlgorithm.hmac_md5: + case MacAlgorithm.hmac_sha1: + case MacAlgorithm.hmac_sha256: + case MacAlgorithm.hmac_sha384: + case MacAlgorithm.hmac_sha512: + return CreateHmacForHash(TlsCryptoUtilities.GetHashForHmac(macAlgorithm)); + + default: + throw new ArgumentException("invalid MacAlgorithm: " + macAlgorithm); + } + } + + public override TlsHmac CreateHmacForHash(int cryptoHashAlgorithm) + { + return new BcTlsHmac(new HMac(CreateDigest(cryptoHashAlgorithm))); + } + + protected virtual TlsHmac CreateHmac_Ssl(int macAlgorithm) + { + switch (macAlgorithm) + { + case MacAlgorithm.hmac_md5: + return new BcSsl3Hmac(CreateDigest(CryptoHashAlgorithm.md5)); + case MacAlgorithm.hmac_sha1: + return new BcSsl3Hmac(CreateDigest(CryptoHashAlgorithm.sha1)); + case MacAlgorithm.hmac_sha256: + return new BcSsl3Hmac(CreateDigest(CryptoHashAlgorithm.sha256)); + case MacAlgorithm.hmac_sha384: + return new BcSsl3Hmac(CreateDigest(CryptoHashAlgorithm.sha384)); + case MacAlgorithm.hmac_sha512: + return new BcSsl3Hmac(CreateDigest(CryptoHashAlgorithm.sha512)); + default: + throw new TlsFatalAlert(AlertDescription.internal_error); + } + } + + protected virtual TlsHmac CreateMac(TlsCryptoParameters cryptoParams, int macAlgorithm) + { + if (TlsImplUtilities.IsSsl(cryptoParams)) + { + return CreateHmac_Ssl(macAlgorithm); + } + else + { + return CreateHmac(macAlgorithm); + } + } + + public override TlsSrp6Client CreateSrp6Client(TlsSrpConfig srpConfig) + { + BigInteger[] ng = srpConfig.GetExplicitNG(); + Srp6GroupParameters srpGroup = new Srp6GroupParameters(ng[0], ng[1]); + + Srp6Client srp6Client = new Srp6Client(); + srp6Client.Init(srpGroup, CreateDigest(CryptoHashAlgorithm.sha1), SecureRandom); + + return new BcTlsSrp6Client(srp6Client); + } + + public override TlsSrp6Server CreateSrp6Server(TlsSrpConfig srpConfig, BigInteger srpVerifier) + { + BigInteger[] ng = srpConfig.GetExplicitNG(); + Srp6GroupParameters srpGroup = new Srp6GroupParameters(ng[0], ng[1]); + + Srp6Server srp6Server = new Srp6Server(); + srp6Server.Init(srpGroup, srpVerifier, CreateDigest(CryptoHashAlgorithm.sha1), SecureRandom); + + return new BcTlsSrp6Server(srp6Server); + } + + public override TlsSrp6VerifierGenerator CreateSrp6VerifierGenerator(TlsSrpConfig srpConfig) + { + BigInteger[] ng = srpConfig.GetExplicitNG(); + + Srp6VerifierGenerator srp6VerifierGenerator = new Srp6VerifierGenerator(); + srp6VerifierGenerator.Init(ng[0], ng[1], CreateDigest(CryptoHashAlgorithm.sha1)); + + return new BcTlsSrp6VerifierGenerator(srp6VerifierGenerator); + } + + public override TlsSecret HkdfInit(int cryptoHashAlgorithm) + { + return AdoptLocalSecret(new byte[TlsCryptoUtilities.GetHashOutputSize(cryptoHashAlgorithm)]); + } + } +} diff --git a/BouncyCastle/crypto/src/tls/crypto/impl/bc/BcTlsDH.cs b/BouncyCastle/crypto/src/tls/crypto/impl/bc/BcTlsDH.cs new file mode 100644 index 0000000..63fa00c --- /dev/null +++ b/BouncyCastle/crypto/src/tls/crypto/impl/bc/BcTlsDH.cs @@ -0,0 +1,39 @@ +using System; + +using Org.BouncyCastle.Crypto; +using Org.BouncyCastle.Crypto.Parameters; + +namespace Org.BouncyCastle.Tls.Crypto.Impl.BC +{ + /// Support class for ephemeral Diffie-Hellman using the BC light-weight library. + public class BcTlsDH + : TlsAgreement + { + protected readonly BcTlsDHDomain m_domain; + + protected AsymmetricCipherKeyPair m_localKeyPair; + protected DHPublicKeyParameters m_peerPublicKey; + + public BcTlsDH(BcTlsDHDomain domain) + { + this.m_domain = domain; + } + + public virtual byte[] GenerateEphemeral() + { + this.m_localKeyPair = m_domain.GenerateKeyPair(); + + return m_domain.EncodePublicKey((DHPublicKeyParameters)m_localKeyPair.Public); + } + + public virtual void ReceivePeerValue(byte[] peerValue) + { + this.m_peerPublicKey = m_domain.DecodePublicKey(peerValue); + } + + public virtual TlsSecret CalculateSecret() + { + return m_domain.CalculateDHAgreement((DHPrivateKeyParameters)m_localKeyPair.Private, m_peerPublicKey); + } + } +} diff --git a/BouncyCastle/crypto/src/tls/crypto/impl/bc/BcTlsDHDomain.cs b/BouncyCastle/crypto/src/tls/crypto/impl/bc/BcTlsDHDomain.cs new file mode 100644 index 0000000..faf6b45 --- /dev/null +++ b/BouncyCastle/crypto/src/tls/crypto/impl/bc/BcTlsDHDomain.cs @@ -0,0 +1,117 @@ +using System; +using System.IO; + +using Org.BouncyCastle.Crypto; +using Org.BouncyCastle.Crypto.Agreement; +using Org.BouncyCastle.Crypto.Generators; +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Math; +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Tls.Crypto.Impl.BC +{ + /// BC light-weight support class for Diffie-Hellman key pair generation and key agreement over a + /// specified Diffie-Hellman configuration. + public class BcTlsDHDomain + : TlsDHDomain + { + private static byte[] EncodeValue(DHParameters dh, bool padded, BigInteger x) + { + return padded + ? BigIntegers.AsUnsignedByteArray(GetValueLength(dh), x) + : BigIntegers.AsUnsignedByteArray(x); + } + + private static int GetValueLength(DHParameters dh) + { + return (dh.P.BitLength + 7) / 8; + } + + public static BcTlsSecret CalculateDHAgreement(BcTlsCrypto crypto, DHPrivateKeyParameters privateKey, + DHPublicKeyParameters publicKey, bool padded) + { + DHBasicAgreement basicAgreement = new DHBasicAgreement(); + basicAgreement.Init(privateKey); + BigInteger agreementValue = basicAgreement.CalculateAgreement(publicKey); + byte[] secret = EncodeValue(privateKey.Parameters, padded, agreementValue); + return crypto.AdoptLocalSecret(secret); + } + + public static DHParameters GetDomainParameters(TlsDHConfig dhConfig) + { + DHGroup dhGroup = TlsDHUtilities.GetDHGroup(dhConfig); + if (dhGroup == null) + throw new ArgumentException("No DH configuration provided"); + + return new DHParameters(dhGroup.P, dhGroup.G, dhGroup.Q, dhGroup.L); + } + + protected readonly BcTlsCrypto m_crypto; + protected readonly TlsDHConfig m_config; + protected readonly DHParameters m_domainParameters; + + public BcTlsDHDomain(BcTlsCrypto crypto, TlsDHConfig dhConfig) + { + this.m_crypto = crypto; + this.m_config = dhConfig; + this.m_domainParameters = GetDomainParameters(dhConfig); + } + + public virtual BcTlsSecret CalculateDHAgreement(DHPrivateKeyParameters privateKey, + DHPublicKeyParameters publicKey) + { + return CalculateDHAgreement(m_crypto, privateKey, publicKey, m_config.IsPadded); + } + + public virtual TlsAgreement CreateDH() + { + return new BcTlsDH(this); + } + + /// + public virtual BigInteger DecodeParameter(byte[] encoding) + { + if (m_config.IsPadded && GetValueLength(m_domainParameters) != encoding.Length) + throw new TlsFatalAlert(AlertDescription.illegal_parameter); + + return new BigInteger(1, encoding); + } + + /// + public virtual DHPublicKeyParameters DecodePublicKey(byte[] encoding) + { + /* + * RFC 7919 3. [..] the client MUST verify that dh_Ys is in the range 1 < dh_Ys < dh_p - 1. + * If dh_Ys is not in this range, the client MUST terminate the connection with a fatal + * handshake_failure(40) alert. + */ + try + { + BigInteger y = DecodeParameter(encoding); + + return new DHPublicKeyParameters(y, m_domainParameters); + } + catch (Exception e) + { + throw new TlsFatalAlert(AlertDescription.handshake_failure, e); + } + } + + public virtual byte[] EncodeParameter(BigInteger x) + { + return EncodeValue(m_domainParameters, m_config.IsPadded, x); + } + + public virtual byte[] EncodePublicKey(DHPublicKeyParameters publicKey) + { + return EncodeValue(m_domainParameters, true, publicKey.Y); + } + + public virtual AsymmetricCipherKeyPair GenerateKeyPair() + { + DHBasicKeyPairGenerator keyPairGenerator = new DHBasicKeyPairGenerator(); + keyPairGenerator.Init(new DHKeyGenerationParameters(m_crypto.SecureRandom, m_domainParameters)); + return keyPairGenerator.GenerateKeyPair(); + } + } +} diff --git a/BouncyCastle/crypto/src/tls/crypto/impl/bc/BcTlsDsaSigner.cs b/BouncyCastle/crypto/src/tls/crypto/impl/bc/BcTlsDsaSigner.cs new file mode 100644 index 0000000..a104028 --- /dev/null +++ b/BouncyCastle/crypto/src/tls/crypto/impl/bc/BcTlsDsaSigner.cs @@ -0,0 +1,29 @@ +using System; + +using Org.BouncyCastle.Crypto; +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Crypto.Signers; + +namespace Org.BouncyCastle.Tls.Crypto.Impl.BC +{ + /// Implementation class for generation of the raw DSA signature type using the BC light-weight API. + /// + public class BcTlsDsaSigner + : BcTlsDssSigner + { + public BcTlsDsaSigner(BcTlsCrypto crypto, DsaPrivateKeyParameters privateKey) + : base(crypto, privateKey) + { + } + + protected override IDsa CreateDsaImpl(int cryptoHashAlgorithm) + { + return new DsaSigner(new HMacDsaKCalculator(m_crypto.CreateDigest(cryptoHashAlgorithm))); + } + + protected override short SignatureAlgorithm + { + get { return Tls.SignatureAlgorithm.dsa; } + } + } +} diff --git a/BouncyCastle/crypto/src/tls/crypto/impl/bc/BcTlsDsaVerifier.cs b/BouncyCastle/crypto/src/tls/crypto/impl/bc/BcTlsDsaVerifier.cs new file mode 100644 index 0000000..bc8395a --- /dev/null +++ b/BouncyCastle/crypto/src/tls/crypto/impl/bc/BcTlsDsaVerifier.cs @@ -0,0 +1,29 @@ +using System; + +using Org.BouncyCastle.Crypto; +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Crypto.Signers; + +namespace Org.BouncyCastle.Tls.Crypto.Impl.BC +{ + /// Implementation class for the verification of the raw DSA signature type using the BC light-weight API. + /// + public class BcTlsDsaVerifier + : BcTlsDssVerifier + { + public BcTlsDsaVerifier(BcTlsCrypto crypto, DsaPublicKeyParameters publicKey) + : base(crypto, publicKey) + { + } + + protected override IDsa CreateDsaImpl(int cryptoHashAlgorithm) + { + return new DsaSigner(new HMacDsaKCalculator(m_crypto.CreateDigest(cryptoHashAlgorithm))); + } + + protected override short SignatureAlgorithm + { + get { return Tls.SignatureAlgorithm.dsa; } + } + } +} diff --git a/BouncyCastle/crypto/src/tls/crypto/impl/bc/BcTlsDssSigner.cs b/BouncyCastle/crypto/src/tls/crypto/impl/bc/BcTlsDssSigner.cs new file mode 100644 index 0000000..8a687d5 --- /dev/null +++ b/BouncyCastle/crypto/src/tls/crypto/impl/bc/BcTlsDssSigner.cs @@ -0,0 +1,54 @@ +using System; + +using Org.BouncyCastle.Crypto; +using Org.BouncyCastle.Crypto.Digests; +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Crypto.Signers; + +namespace Org.BouncyCastle.Tls.Crypto.Impl.BC +{ + /// BC light-weight base class for the signers implementing the two DSA style algorithms from FIPS PUB + /// 186-4: DSA and ECDSA. + public abstract class BcTlsDssSigner + : BcTlsSigner + { + protected BcTlsDssSigner(BcTlsCrypto crypto, AsymmetricKeyParameter privateKey) + : base(crypto, privateKey) + { + } + + protected abstract IDsa CreateDsaImpl(int cryptoHashAlgorithm); + + protected abstract short SignatureAlgorithm { get; } + + public override byte[] GenerateRawSignature(SignatureAndHashAlgorithm algorithm, byte[] hash) + { + if (algorithm != null && algorithm.Signature != SignatureAlgorithm) + throw new InvalidOperationException("Invalid algorithm: " + algorithm); + + int cryptoHashAlgorithm = (null == algorithm) + ? CryptoHashAlgorithm.sha1 + : TlsCryptoUtilities.GetHash(algorithm.Hash); + + ISigner signer = new DsaDigestSigner(CreateDsaImpl(cryptoHashAlgorithm), new NullDigest()); + signer.Init(true, new ParametersWithRandom(m_privateKey, m_crypto.SecureRandom)); + if (algorithm == null) + { + // Note: Only use the SHA1 part of the (MD5/SHA1) hash + signer.BlockUpdate(hash, 16, 20); + } + else + { + signer.BlockUpdate(hash, 0, hash.Length); + } + try + { + return signer.GenerateSignature(); + } + catch (CryptoException e) + { + throw new TlsFatalAlert(AlertDescription.internal_error, e); + } + } + } +} diff --git a/BouncyCastle/crypto/src/tls/crypto/impl/bc/BcTlsDssVerifier.cs b/BouncyCastle/crypto/src/tls/crypto/impl/bc/BcTlsDssVerifier.cs new file mode 100644 index 0000000..f2e3710 --- /dev/null +++ b/BouncyCastle/crypto/src/tls/crypto/impl/bc/BcTlsDssVerifier.cs @@ -0,0 +1,47 @@ +using System; + +using Org.BouncyCastle.Crypto; +using Org.BouncyCastle.Crypto.Digests; +using Org.BouncyCastle.Crypto.Signers; + +namespace Org.BouncyCastle.Tls.Crypto.Impl.BC +{ + /// BC light-weight base class for the verifiers supporting the two DSA style algorithms from FIPS PUB + /// 186-4: DSA and ECDSA. + public abstract class BcTlsDssVerifier + : BcTlsVerifier + { + protected BcTlsDssVerifier(BcTlsCrypto crypto, AsymmetricKeyParameter publicKey) + : base(crypto, publicKey) + { + } + + protected abstract IDsa CreateDsaImpl(int cryptoHashAlgorithm); + + protected abstract short SignatureAlgorithm { get; } + + public override bool VerifyRawSignature(DigitallySigned signedParams, byte[] hash) + { + SignatureAndHashAlgorithm algorithm = signedParams.Algorithm; + if (algorithm != null && algorithm.Signature != SignatureAlgorithm) + throw new InvalidOperationException("Invalid algorithm: " + algorithm); + + int cryptoHashAlgorithm = (null == algorithm) + ? CryptoHashAlgorithm.sha1 + : TlsCryptoUtilities.GetHash(algorithm.Hash); + + ISigner signer = new DsaDigestSigner(CreateDsaImpl(cryptoHashAlgorithm), new NullDigest()); + signer.Init(false, m_publicKey); + if (algorithm == null) + { + // Note: Only use the SHA1 part of the (MD5/SHA1) hash + signer.BlockUpdate(hash, 16, 20); + } + else + { + signer.BlockUpdate(hash, 0, hash.Length); + } + return signer.VerifySignature(signedParams.Signature); + } + } +} diff --git a/BouncyCastle/crypto/src/tls/crypto/impl/bc/BcTlsECDH.cs b/BouncyCastle/crypto/src/tls/crypto/impl/bc/BcTlsECDH.cs new file mode 100644 index 0000000..55b8ed6 --- /dev/null +++ b/BouncyCastle/crypto/src/tls/crypto/impl/bc/BcTlsECDH.cs @@ -0,0 +1,39 @@ +using System; + +using Org.BouncyCastle.Crypto; +using Org.BouncyCastle.Crypto.Parameters; + +namespace Org.BouncyCastle.Tls.Crypto.Impl.BC +{ + /// Support class for ephemeral Elliptic Curve Diffie-Hellman using the BC light-weight library. + public class BcTlsECDH + : TlsAgreement + { + protected readonly BcTlsECDomain m_domain; + + protected AsymmetricCipherKeyPair m_localKeyPair; + protected ECPublicKeyParameters m_peerPublicKey; + + public BcTlsECDH(BcTlsECDomain domain) + { + this.m_domain = domain; + } + + public virtual byte[] GenerateEphemeral() + { + this.m_localKeyPair = m_domain.GenerateKeyPair(); + + return m_domain.EncodePublicKey((ECPublicKeyParameters)m_localKeyPair.Public); + } + + public virtual void ReceivePeerValue(byte[] peerValue) + { + this.m_peerPublicKey = m_domain.DecodePublicKey(peerValue); + } + + public virtual TlsSecret CalculateSecret() + { + return m_domain.CalculateECDHAgreement((ECPrivateKeyParameters)m_localKeyPair.Private, m_peerPublicKey); + } + } +} diff --git a/BouncyCastle/crypto/src/tls/crypto/impl/bc/BcTlsECDomain.cs b/BouncyCastle/crypto/src/tls/crypto/impl/bc/BcTlsECDomain.cs new file mode 100644 index 0000000..ab34819 --- /dev/null +++ b/BouncyCastle/crypto/src/tls/crypto/impl/bc/BcTlsECDomain.cs @@ -0,0 +1,121 @@ +using System; +using System.IO; + +using Org.BouncyCastle.Asn1.X9; +using Org.BouncyCastle.Crypto; +using Org.BouncyCastle.Crypto.Agreement; +using Org.BouncyCastle.Crypto.Generators; +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Math; +using Org.BouncyCastle.Math.EC; +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Tls.Crypto.Impl.BC +{ + /** + * EC domain class for generating key pairs and performing key agreement. + */ + public class BcTlsECDomain + : TlsECDomain + { + public static BcTlsSecret CalculateECDHAgreement(BcTlsCrypto crypto, ECPrivateKeyParameters privateKey, + ECPublicKeyParameters publicKey) + { + ECDHBasicAgreement basicAgreement = new ECDHBasicAgreement(); + basicAgreement.Init(privateKey); + BigInteger agreementValue = basicAgreement.CalculateAgreement(publicKey); + + /* + * RFC 4492 5.10. Note that this octet string (Z in IEEE 1363 terminology) as output by + * FE2OSP, the Field Element to Octet String Conversion Primitive, has constant length for + * any given field; leading zeros found in this octet string MUST NOT be truncated. + */ + byte[] secret = BigIntegers.AsUnsignedByteArray(basicAgreement.GetFieldSize(), agreementValue); + return crypto.AdoptLocalSecret(secret); + } + + public static ECDomainParameters GetDomainParameters(TlsECConfig ecConfig) + { + return GetDomainParameters(ecConfig.NamedGroup); + } + + public static ECDomainParameters GetDomainParameters(int namedGroup) + { + if (!NamedGroup.RefersToASpecificCurve(namedGroup)) + return null; + + // Parameters are lazily created the first time a particular curve is accessed + + string curveName = NamedGroup.GetCurveName(namedGroup); + X9ECParameters ecP = ECKeyPairGenerator.FindECCurveByName(curveName); + if (ecP == null) + return null; + + // It's a bit inefficient to do this conversion every time + return new ECDomainParameters(ecP.Curve, ecP.G, ecP.N, ecP.H, ecP.GetSeed()); + } + + protected readonly BcTlsCrypto m_crypto; + protected readonly TlsECConfig m_config; + protected readonly ECDomainParameters m_domainParameters; + + public BcTlsECDomain(BcTlsCrypto crypto, TlsECConfig ecConfig) + { + this.m_crypto = crypto; + this.m_config = ecConfig; + this.m_domainParameters = GetDomainParameters(ecConfig); + } + + public virtual BcTlsSecret CalculateECDHAgreement(ECPrivateKeyParameters privateKey, + ECPublicKeyParameters publicKey) + { + return CalculateECDHAgreement(m_crypto, privateKey, publicKey); + } + + public virtual TlsAgreement CreateECDH() + { + return new BcTlsECDH(this); + } + + public virtual ECPoint DecodePoint(byte[] encoding) + { + return m_domainParameters.Curve.DecodePoint(encoding); + } + + /// + public virtual ECPublicKeyParameters DecodePublicKey(byte[] encoding) + { + try + { + ECPoint point = DecodePoint(encoding); + + return new ECPublicKeyParameters(point, m_domainParameters); + } + catch (IOException e) + { + throw e; + } + catch (Exception e) + { + throw new TlsFatalAlert(AlertDescription.illegal_parameter, e); + } + } + + public virtual byte[] EncodePoint(ECPoint point) + { + return point.GetEncoded(false); + } + + public virtual byte[] EncodePublicKey(ECPublicKeyParameters publicKey) + { + return EncodePoint(publicKey.Q); + } + + public virtual AsymmetricCipherKeyPair GenerateKeyPair() + { + ECKeyPairGenerator keyPairGenerator = new ECKeyPairGenerator(); + keyPairGenerator.Init(new ECKeyGenerationParameters(m_domainParameters, m_crypto.SecureRandom)); + return keyPairGenerator.GenerateKeyPair(); + } + } +} diff --git a/BouncyCastle/crypto/src/tls/crypto/impl/bc/BcTlsECDsa13Signer.cs b/BouncyCastle/crypto/src/tls/crypto/impl/bc/BcTlsECDsa13Signer.cs new file mode 100644 index 0000000..5901767 --- /dev/null +++ b/BouncyCastle/crypto/src/tls/crypto/impl/bc/BcTlsECDsa13Signer.cs @@ -0,0 +1,47 @@ +using System; + +using Org.BouncyCastle.Crypto; +using Org.BouncyCastle.Crypto.Digests; +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Crypto.Signers; + +namespace Org.BouncyCastle.Tls.Crypto.Impl.BC +{ + /// Implementation class for generation of ECDSA signatures in TLS 1.3+ using the BC light-weight API. + /// + public class BcTlsECDsa13Signer + : BcTlsSigner + { + private readonly int m_signatureScheme; + + public BcTlsECDsa13Signer(BcTlsCrypto crypto, ECPrivateKeyParameters privateKey, int signatureScheme) + : base(crypto, privateKey) + { + if (!SignatureScheme.IsECDsa(signatureScheme)) + throw new ArgumentException("signatureScheme"); + + this.m_signatureScheme = signatureScheme; + } + + public override byte[] GenerateRawSignature(SignatureAndHashAlgorithm algorithm, byte[] hash) + { + if (algorithm == null || SignatureScheme.From(algorithm) != m_signatureScheme) + throw new InvalidOperationException("Invalid algorithm: " + algorithm); + + int cryptoHashAlgorithm = SignatureScheme.GetCryptoHashAlgorithm(m_signatureScheme); + IDsa dsa = new ECDsaSigner(new HMacDsaKCalculator(m_crypto.CreateDigest(cryptoHashAlgorithm))); + + ISigner signer = new DsaDigestSigner(dsa, new NullDigest()); + signer.Init(true, new ParametersWithRandom(m_privateKey, m_crypto.SecureRandom)); + signer.BlockUpdate(hash, 0, hash.Length); + try + { + return signer.GenerateSignature(); + } + catch (CryptoException e) + { + throw new TlsFatalAlert(AlertDescription.internal_error, e); + } + } + } +} diff --git a/BouncyCastle/crypto/src/tls/crypto/impl/bc/BcTlsECDsa13Verifier.cs b/BouncyCastle/crypto/src/tls/crypto/impl/bc/BcTlsECDsa13Verifier.cs new file mode 100644 index 0000000..8488dc8 --- /dev/null +++ b/BouncyCastle/crypto/src/tls/crypto/impl/bc/BcTlsECDsa13Verifier.cs @@ -0,0 +1,41 @@ +using System; + +using Org.BouncyCastle.Crypto; +using Org.BouncyCastle.Crypto.Digests; +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Crypto.Signers; + +namespace Org.BouncyCastle.Tls.Crypto.Impl.BC +{ + /// Implementation class for verification of ECDSA signatures in TLS 1.3+ using the BC light-weight API. + /// + public class BcTlsECDsa13Verifier + : BcTlsVerifier + { + private readonly int m_signatureScheme; + + public BcTlsECDsa13Verifier(BcTlsCrypto crypto, ECPublicKeyParameters publicKey, int signatureScheme) + : base(crypto, publicKey) + { + if (!SignatureScheme.IsECDsa(signatureScheme)) + throw new ArgumentException("signatureScheme"); + + this.m_signatureScheme = signatureScheme; + } + + public override bool VerifyRawSignature(DigitallySigned signature, byte[] hash) + { + SignatureAndHashAlgorithm algorithm = signature.Algorithm; + if (algorithm == null || SignatureScheme.From(algorithm) != m_signatureScheme) + throw new InvalidOperationException("Invalid algorithm: " + algorithm); + + int cryptoHashAlgorithm = SignatureScheme.GetCryptoHashAlgorithm(m_signatureScheme); + IDsa dsa = new ECDsaSigner(new HMacDsaKCalculator(m_crypto.CreateDigest(cryptoHashAlgorithm))); + + ISigner signer = new DsaDigestSigner(dsa, new NullDigest()); + signer.Init(false, m_publicKey); + signer.BlockUpdate(hash, 0, hash.Length); + return signer.VerifySignature(signature.Signature); + } + } +} diff --git a/BouncyCastle/crypto/src/tls/crypto/impl/bc/BcTlsECDsaSigner.cs b/BouncyCastle/crypto/src/tls/crypto/impl/bc/BcTlsECDsaSigner.cs new file mode 100644 index 0000000..8b29912 --- /dev/null +++ b/BouncyCastle/crypto/src/tls/crypto/impl/bc/BcTlsECDsaSigner.cs @@ -0,0 +1,29 @@ +using System; + +using Org.BouncyCastle.Crypto; +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Crypto.Signers; + +namespace Org.BouncyCastle.Tls.Crypto.Impl.BC +{ + /// Implementation class for generation of the raw ECDSA signature type using the BC light-weight API. + /// + public class BcTlsECDsaSigner + : BcTlsDssSigner + { + public BcTlsECDsaSigner(BcTlsCrypto crypto, ECPrivateKeyParameters privateKey) + : base(crypto, privateKey) + { + } + + protected override IDsa CreateDsaImpl(int cryptoHashAlgorithm) + { + return new ECDsaSigner(new HMacDsaKCalculator(m_crypto.CreateDigest(cryptoHashAlgorithm))); + } + + protected override short SignatureAlgorithm + { + get { return Tls.SignatureAlgorithm.ecdsa; } + } + } +} diff --git a/BouncyCastle/crypto/src/tls/crypto/impl/bc/BcTlsECDsaVerifier.cs b/BouncyCastle/crypto/src/tls/crypto/impl/bc/BcTlsECDsaVerifier.cs new file mode 100644 index 0000000..1cd6ff1 --- /dev/null +++ b/BouncyCastle/crypto/src/tls/crypto/impl/bc/BcTlsECDsaVerifier.cs @@ -0,0 +1,29 @@ +using System; + +using Org.BouncyCastle.Crypto; +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Crypto.Signers; + +namespace Org.BouncyCastle.Tls.Crypto.Impl.BC +{ + /// Implementation class for the verification of the raw ECDSA signature type using the BC light-weight + /// API. + public class BcTlsECDsaVerifier + : BcTlsDssVerifier + { + public BcTlsECDsaVerifier(BcTlsCrypto crypto, ECPublicKeyParameters publicKey) + : base(crypto, publicKey) + { + } + + protected override IDsa CreateDsaImpl(int cryptoHashAlgorithm) + { + return new ECDsaSigner(new HMacDsaKCalculator(m_crypto.CreateDigest(cryptoHashAlgorithm))); + } + + protected override short SignatureAlgorithm + { + get { return Tls.SignatureAlgorithm.ecdsa; } + } + } +} diff --git a/BouncyCastle/crypto/src/tls/crypto/impl/bc/BcTlsEd25519Signer.cs b/BouncyCastle/crypto/src/tls/crypto/impl/bc/BcTlsEd25519Signer.cs new file mode 100644 index 0000000..c8fc99e --- /dev/null +++ b/BouncyCastle/crypto/src/tls/crypto/impl/bc/BcTlsEd25519Signer.cs @@ -0,0 +1,32 @@ +using System; + +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Crypto.Signers; + +namespace Org.BouncyCastle.Tls.Crypto.Impl.BC +{ + public class BcTlsEd25519Signer + : BcTlsSigner + { + public BcTlsEd25519Signer(BcTlsCrypto crypto, Ed25519PrivateKeyParameters privateKey) + : base(crypto, privateKey) + { + } + + public override byte[] GenerateRawSignature(SignatureAndHashAlgorithm algorithm, byte[] hash) + { + throw new NotSupportedException(); + } + + public override TlsStreamSigner GetStreamSigner(SignatureAndHashAlgorithm algorithm) + { + if (algorithm == null || SignatureScheme.From(algorithm) != SignatureScheme.ed25519) + throw new InvalidOperationException("Invalid algorithm: " + algorithm); + + Ed25519Signer signer = new Ed25519Signer(); + signer.Init(true, m_privateKey); + + return new BcTlsStreamSigner(signer); + } + } +} diff --git a/BouncyCastle/crypto/src/tls/crypto/impl/bc/BcTlsEd25519Verifier.cs b/BouncyCastle/crypto/src/tls/crypto/impl/bc/BcTlsEd25519Verifier.cs new file mode 100644 index 0000000..fb91442 --- /dev/null +++ b/BouncyCastle/crypto/src/tls/crypto/impl/bc/BcTlsEd25519Verifier.cs @@ -0,0 +1,33 @@ +using System; + +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Crypto.Signers; + +namespace Org.BouncyCastle.Tls.Crypto.Impl.BC +{ + public class BcTlsEd25519Verifier + : BcTlsVerifier + { + public BcTlsEd25519Verifier(BcTlsCrypto crypto, Ed25519PublicKeyParameters publicKey) + : base(crypto, publicKey) + { + } + + public override bool VerifyRawSignature(DigitallySigned signature, byte[] hash) + { + throw new NotSupportedException(); + } + + public override TlsStreamVerifier GetStreamVerifier(DigitallySigned signature) + { + SignatureAndHashAlgorithm algorithm = signature.Algorithm; + if (algorithm == null || SignatureScheme.From(algorithm) != SignatureScheme.ed25519) + throw new InvalidOperationException("Invalid algorithm: " + algorithm); + + Ed25519Signer verifier = new Ed25519Signer(); + verifier.Init(false, m_publicKey); + + return new BcTlsStreamVerifier(verifier, signature.Signature); + } + } +} diff --git a/BouncyCastle/crypto/src/tls/crypto/impl/bc/BcTlsEd448Signer.cs b/BouncyCastle/crypto/src/tls/crypto/impl/bc/BcTlsEd448Signer.cs new file mode 100644 index 0000000..06d4d7a --- /dev/null +++ b/BouncyCastle/crypto/src/tls/crypto/impl/bc/BcTlsEd448Signer.cs @@ -0,0 +1,32 @@ +using System; + +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Crypto.Signers; + +namespace Org.BouncyCastle.Tls.Crypto.Impl.BC +{ + public class BcTlsEd448Signer + : BcTlsSigner + { + public BcTlsEd448Signer(BcTlsCrypto crypto, Ed448PrivateKeyParameters privateKey) + : base(crypto, privateKey) + { + } + + public override byte[] GenerateRawSignature(SignatureAndHashAlgorithm algorithm, byte[] hash) + { + throw new NotSupportedException(); + } + + public override TlsStreamSigner GetStreamSigner(SignatureAndHashAlgorithm algorithm) + { + if (algorithm == null || SignatureScheme.From(algorithm) != SignatureScheme.ed448) + throw new InvalidOperationException("Invalid algorithm: " + algorithm); + + Ed448Signer signer = new Ed448Signer(TlsUtilities.EmptyBytes); + signer.Init(true, m_privateKey); + + return new BcTlsStreamSigner(signer); + } + } +} diff --git a/BouncyCastle/crypto/src/tls/crypto/impl/bc/BcTlsEd448Verifier.cs b/BouncyCastle/crypto/src/tls/crypto/impl/bc/BcTlsEd448Verifier.cs new file mode 100644 index 0000000..4492fdd --- /dev/null +++ b/BouncyCastle/crypto/src/tls/crypto/impl/bc/BcTlsEd448Verifier.cs @@ -0,0 +1,33 @@ +using System; + +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Crypto.Signers; + +namespace Org.BouncyCastle.Tls.Crypto.Impl.BC +{ + public class BcTlsEd448Verifier + : BcTlsVerifier + { + public BcTlsEd448Verifier(BcTlsCrypto crypto, Ed448PublicKeyParameters publicKey) + : base(crypto, publicKey) + { + } + + public override bool VerifyRawSignature(DigitallySigned signature, byte[] hash) + { + throw new NotSupportedException(); + } + + public override TlsStreamVerifier GetStreamVerifier(DigitallySigned signature) + { + SignatureAndHashAlgorithm algorithm = signature.Algorithm; + if (algorithm == null || SignatureScheme.From(algorithm) != SignatureScheme.ed448) + throw new InvalidOperationException("Invalid algorithm: " + algorithm); + + Ed448Signer verifier = new Ed448Signer(TlsUtilities.EmptyBytes); + verifier.Init(false, m_publicKey); + + return new BcTlsStreamVerifier(verifier, signature.Signature); + } + } +} diff --git a/BouncyCastle/crypto/src/tls/crypto/impl/bc/BcTlsHash.cs b/BouncyCastle/crypto/src/tls/crypto/impl/bc/BcTlsHash.cs new file mode 100644 index 0000000..0b35831 --- /dev/null +++ b/BouncyCastle/crypto/src/tls/crypto/impl/bc/BcTlsHash.cs @@ -0,0 +1,49 @@ +using System; + +using Org.BouncyCastle.Crypto; + +namespace Org.BouncyCastle.Tls.Crypto.Impl.BC +{ + internal sealed class BcTlsHash + : TlsHash + { + private readonly BcTlsCrypto m_crypto; + private readonly int m_cryptoHashAlgorithm; + private readonly IDigest m_digest; + + internal BcTlsHash(BcTlsCrypto crypto, int cryptoHashAlgorithm) + : this(crypto, cryptoHashAlgorithm, crypto.CreateDigest(cryptoHashAlgorithm)) + { + } + + private BcTlsHash(BcTlsCrypto crypto, int cryptoHashAlgorithm, IDigest digest) + { + this.m_crypto = crypto; + this.m_cryptoHashAlgorithm = cryptoHashAlgorithm; + this.m_digest = digest; + } + + public void Update(byte[] data, int offSet, int length) + { + m_digest.BlockUpdate(data, offSet, length); + } + + public byte[] CalculateHash() + { + byte[] rv = new byte[m_digest.GetDigestSize()]; + m_digest.DoFinal(rv, 0); + return rv; + } + + public TlsHash CloneHash() + { + IDigest clone = m_crypto.CloneDigest(m_cryptoHashAlgorithm, m_digest); + return new BcTlsHash(m_crypto, m_cryptoHashAlgorithm, clone); + } + + public void Reset() + { + m_digest.Reset(); + } + } +} diff --git a/BouncyCastle/crypto/src/tls/crypto/impl/bc/BcTlsHmac.cs b/BouncyCastle/crypto/src/tls/crypto/impl/bc/BcTlsHmac.cs new file mode 100644 index 0000000..485a3f7 --- /dev/null +++ b/BouncyCastle/crypto/src/tls/crypto/impl/bc/BcTlsHmac.cs @@ -0,0 +1,55 @@ +using System; + +using Org.BouncyCastle.Crypto.Macs; +using Org.BouncyCastle.Crypto.Parameters; + +namespace Org.BouncyCastle.Tls.Crypto.Impl.BC +{ + internal sealed class BcTlsHmac + : TlsHmac + { + private readonly HMac m_hmac; + + internal BcTlsHmac(HMac hmac) + { + this.m_hmac = hmac; + } + + public void SetKey(byte[] key, int keyOff, int keyLen) + { + m_hmac.Init(new KeyParameter(key, keyOff, keyLen)); + } + + public void Update(byte[] input, int inOff, int length) + { + m_hmac.BlockUpdate(input, inOff, length); + } + + public byte[] CalculateMac() + { + byte[] rv = new byte[m_hmac.GetMacSize()]; + m_hmac.DoFinal(rv, 0); + return rv; + } + + public void CalculateMac(byte[] output, int outOff) + { + m_hmac.DoFinal(output, outOff); + } + + public int InternalBlockSize + { + get { return m_hmac.GetUnderlyingDigest().GetByteLength(); } + } + + public int MacLength + { + get { return m_hmac.GetMacSize(); } + } + + public void Reset() + { + m_hmac.Reset(); + } + } +} diff --git a/BouncyCastle/crypto/src/tls/crypto/impl/bc/BcTlsNonceGenerator.cs b/BouncyCastle/crypto/src/tls/crypto/impl/bc/BcTlsNonceGenerator.cs new file mode 100644 index 0000000..d33c622 --- /dev/null +++ b/BouncyCastle/crypto/src/tls/crypto/impl/bc/BcTlsNonceGenerator.cs @@ -0,0 +1,24 @@ +using System; + +using Org.BouncyCastle.Crypto.Prng; + +namespace Org.BouncyCastle.Tls.Crypto.Impl.BC +{ + internal sealed class BcTlsNonceGenerator + : TlsNonceGenerator + { + private readonly IRandomGenerator m_randomGenerator; + + internal BcTlsNonceGenerator(IRandomGenerator randomGenerator) + { + this.m_randomGenerator = randomGenerator; + } + + public byte[] GenerateNonce(int size) + { + byte[] nonce = new byte[size]; + m_randomGenerator.NextBytes(nonce); + return nonce; + } + } +} diff --git a/BouncyCastle/crypto/src/tls/crypto/impl/bc/BcTlsRsaEncryptor.cs b/BouncyCastle/crypto/src/tls/crypto/impl/bc/BcTlsRsaEncryptor.cs new file mode 100644 index 0000000..1582ff6 --- /dev/null +++ b/BouncyCastle/crypto/src/tls/crypto/impl/bc/BcTlsRsaEncryptor.cs @@ -0,0 +1,47 @@ +using System; + +using Org.BouncyCastle.Crypto; +using Org.BouncyCastle.Crypto.Encodings; +using Org.BouncyCastle.Crypto.Engines; +using Org.BouncyCastle.Crypto.Parameters; + +namespace Org.BouncyCastle.Tls.Crypto.Impl.BC +{ + internal sealed class BcTlsRsaEncryptor + : TlsEncryptor + { + private static RsaKeyParameters CheckPublicKey(RsaKeyParameters pubKeyRsa) + { + if (null == pubKeyRsa || pubKeyRsa.IsPrivate) + throw new ArgumentException("No public RSA key provided", "pubKeyRsa"); + + return pubKeyRsa; + } + + private readonly BcTlsCrypto m_crypto; + private readonly RsaKeyParameters m_pubKeyRsa; + + internal BcTlsRsaEncryptor(BcTlsCrypto crypto, RsaKeyParameters pubKeyRsa) + { + this.m_crypto = crypto; + this.m_pubKeyRsa = CheckPublicKey(pubKeyRsa); + } + + public byte[] Encrypt(byte[] input, int inOff, int length) + { + try + { + Pkcs1Encoding encoding = new Pkcs1Encoding(new RsaBlindedEngine()); + encoding.Init(true, new ParametersWithRandom(m_pubKeyRsa, m_crypto.SecureRandom)); + return encoding.ProcessBlock(input, inOff, length); + } + catch (InvalidCipherTextException e) + { + /* + * This should never happen, only during decryption. + */ + throw new TlsFatalAlert(AlertDescription.internal_error, e); + } + } + } +} diff --git a/BouncyCastle/crypto/src/tls/crypto/impl/bc/BcTlsRsaPssSigner.cs b/BouncyCastle/crypto/src/tls/crypto/impl/bc/BcTlsRsaPssSigner.cs new file mode 100644 index 0000000..2c1b411 --- /dev/null +++ b/BouncyCastle/crypto/src/tls/crypto/impl/bc/BcTlsRsaPssSigner.cs @@ -0,0 +1,44 @@ +using System; + +using Org.BouncyCastle.Crypto; +using Org.BouncyCastle.Crypto.Engines; +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Crypto.Signers; + +namespace Org.BouncyCastle.Tls.Crypto.Impl.BC +{ + /// Operator supporting the generation of RSASSA-PSS signatures using the BC light-weight API. + public class BcTlsRsaPssSigner + : BcTlsSigner + { + private readonly int m_signatureScheme; + + public BcTlsRsaPssSigner(BcTlsCrypto crypto, RsaKeyParameters privateKey, int signatureScheme) + : base(crypto, privateKey) + { + if (!SignatureScheme.IsRsaPss(signatureScheme)) + throw new ArgumentException("signatureScheme"); + + this.m_signatureScheme = signatureScheme; + } + + public override byte[] GenerateRawSignature(SignatureAndHashAlgorithm algorithm, byte[] hash) + { + throw new NotSupportedException(); + } + + public override TlsStreamSigner GetStreamSigner(SignatureAndHashAlgorithm algorithm) + { + if (algorithm == null || SignatureScheme.From(algorithm) != m_signatureScheme) + throw new InvalidOperationException("Invalid algorithm: " + algorithm); + + int cryptoHashAlgorithm = SignatureScheme.GetCryptoHashAlgorithm(m_signatureScheme); + IDigest digest = m_crypto.CreateDigest(cryptoHashAlgorithm); + + PssSigner signer = new PssSigner(new RsaBlindedEngine(), digest, digest.GetDigestSize()); + signer.Init(true, new ParametersWithRandom(m_privateKey, m_crypto.SecureRandom)); + + return new BcTlsStreamSigner(signer); + } + } +} diff --git a/BouncyCastle/crypto/src/tls/crypto/impl/bc/BcTlsRsaPssVerifier.cs b/BouncyCastle/crypto/src/tls/crypto/impl/bc/BcTlsRsaPssVerifier.cs new file mode 100644 index 0000000..1b14d1a --- /dev/null +++ b/BouncyCastle/crypto/src/tls/crypto/impl/bc/BcTlsRsaPssVerifier.cs @@ -0,0 +1,45 @@ +using System; + +using Org.BouncyCastle.Crypto; +using Org.BouncyCastle.Crypto.Engines; +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Crypto.Signers; + +namespace Org.BouncyCastle.Tls.Crypto.Impl.BC +{ + /// Operator supporting the verification of RSASSA-PSS signatures using the BC light-weight API. + public class BcTlsRsaPssVerifier + : BcTlsVerifier + { + private readonly int m_signatureScheme; + + public BcTlsRsaPssVerifier(BcTlsCrypto crypto, RsaKeyParameters publicKey, int signatureScheme) + : base(crypto, publicKey) + { + if (!SignatureScheme.IsRsaPss(signatureScheme)) + throw new ArgumentException("signatureScheme"); + + this.m_signatureScheme = signatureScheme; + } + + public override bool VerifyRawSignature(DigitallySigned signature, byte[] hash) + { + throw new NotSupportedException(); + } + + public override TlsStreamVerifier GetStreamVerifier(DigitallySigned signature) + { + SignatureAndHashAlgorithm algorithm = signature.Algorithm; + if (algorithm == null || SignatureScheme.From(algorithm) != m_signatureScheme) + throw new InvalidOperationException("Invalid algorithm: " + algorithm); + + int cryptoHashAlgorithm = SignatureScheme.GetCryptoHashAlgorithm(m_signatureScheme); + IDigest digest = m_crypto.CreateDigest(cryptoHashAlgorithm); + + PssSigner verifier = new PssSigner(new RsaEngine(), digest, digest.GetDigestSize()); + verifier.Init(false, m_publicKey); + + return new BcTlsStreamVerifier(verifier, signature.Signature); + } + } +} diff --git a/BouncyCastle/crypto/src/tls/crypto/impl/bc/BcTlsRsaSigner.cs b/BouncyCastle/crypto/src/tls/crypto/impl/bc/BcTlsRsaSigner.cs new file mode 100644 index 0000000..0e741a5 --- /dev/null +++ b/BouncyCastle/crypto/src/tls/crypto/impl/bc/BcTlsRsaSigner.cs @@ -0,0 +1,71 @@ +using System; + +using Org.BouncyCastle.Crypto; +using Org.BouncyCastle.Crypto.Digests; +using Org.BouncyCastle.Crypto.Encodings; +using Org.BouncyCastle.Crypto.Engines; +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Crypto.Signers; + +namespace Org.BouncyCastle.Tls.Crypto.Impl.BC +{ + /// Operator supporting the generation of RSASSA-PKCS1-v1_5 signatures using the BC light-weight API. + /// + public class BcTlsRsaSigner + : BcTlsSigner + { + private readonly RsaKeyParameters m_publicKey; + + public BcTlsRsaSigner(BcTlsCrypto crypto, RsaKeyParameters privateKey, RsaKeyParameters publicKey) + : base(crypto, privateKey) + { + this.m_publicKey = publicKey; + } + + public override byte[] GenerateRawSignature(SignatureAndHashAlgorithm algorithm, byte[] hash) + { + IDigest nullDigest = new NullDigest(); + + ISigner signer; + if (algorithm != null) + { + if (algorithm.Signature != SignatureAlgorithm.rsa) + throw new InvalidOperationException("Invalid algorithm: " + algorithm); + + /* + * RFC 5246 4.7. In RSA signing, the opaque vector contains the signature generated + * using the RSASSA-PKCS1-v1_5 signature scheme defined in [PKCS1]. + */ + signer = new RsaDigestSigner(nullDigest, TlsUtilities.GetOidForHashAlgorithm(algorithm.Hash)); + } + else + { + /* + * RFC 5246 4.7. Note that earlier versions of TLS used a different RSA signature scheme + * that did not include a DigestInfo encoding. + */ + signer = new GenericSigner(new Pkcs1Encoding(new RsaBlindedEngine()), nullDigest); + } + signer.Init(true, new ParametersWithRandom(m_privateKey, m_crypto.SecureRandom)); + signer.BlockUpdate(hash, 0, hash.Length); + try + { + byte[] signature = signer.GenerateSignature(); + + signer.Init(false, m_publicKey); + signer.BlockUpdate(hash, 0, hash.Length); + + if (signer.VerifySignature(signature)) + { + return signature; + } + } + catch (CryptoException e) + { + throw new TlsFatalAlert(AlertDescription.internal_error, e); + } + + throw new TlsFatalAlert(AlertDescription.internal_error); + } + } +} diff --git a/BouncyCastle/crypto/src/tls/crypto/impl/bc/BcTlsRsaVerifier.cs b/BouncyCastle/crypto/src/tls/crypto/impl/bc/BcTlsRsaVerifier.cs new file mode 100644 index 0000000..41f1bb1 --- /dev/null +++ b/BouncyCastle/crypto/src/tls/crypto/impl/bc/BcTlsRsaVerifier.cs @@ -0,0 +1,52 @@ +using System; + +using Org.BouncyCastle.Crypto; +using Org.BouncyCastle.Crypto.Digests; +using Org.BouncyCastle.Crypto.Encodings; +using Org.BouncyCastle.Crypto.Engines; +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Crypto.Signers; + +namespace Org.BouncyCastle.Tls.Crypto.Impl.BC +{ + /// Operator supporting the verification of RSASSA-PKCS1-v1_5 signatures using the BC light-weight API. + /// + public class BcTlsRsaVerifier + : BcTlsVerifier + { + public BcTlsRsaVerifier(BcTlsCrypto crypto, RsaKeyParameters publicKey) + : base(crypto, publicKey) + { + } + + public override bool VerifyRawSignature(DigitallySigned signedParams, byte[] hash) + { + IDigest nullDigest = new NullDigest(); + + SignatureAndHashAlgorithm algorithm = signedParams.Algorithm; + ISigner signer; + if (algorithm != null) + { + if (algorithm.Signature != SignatureAlgorithm.rsa) + throw new InvalidOperationException("Invalid algorithm: " + algorithm); + + /* + * RFC 5246 4.7. In RSA signing, the opaque vector contains the signature generated + * using the RSASSA-PKCS1-v1_5 signature scheme defined in [PKCS1]. + */ + signer = new RsaDigestSigner(nullDigest, TlsUtilities.GetOidForHashAlgorithm(algorithm.Hash)); + } + else + { + /* + * RFC 5246 4.7. Note that earlier versions of TLS used a different RSA signature scheme + * that did not include a DigestInfo encoding. + */ + signer = new GenericSigner(new Pkcs1Encoding(new RsaBlindedEngine()), nullDigest); + } + signer.Init(false, m_publicKey); + signer.BlockUpdate(hash, 0, hash.Length); + return signer.VerifySignature(signedParams.Signature); + } + } +} diff --git a/BouncyCastle/crypto/src/tls/crypto/impl/bc/BcTlsSecret.cs b/BouncyCastle/crypto/src/tls/crypto/impl/bc/BcTlsSecret.cs new file mode 100644 index 0000000..9cd060d --- /dev/null +++ b/BouncyCastle/crypto/src/tls/crypto/impl/bc/BcTlsSecret.cs @@ -0,0 +1,266 @@ +using System; + +using Org.BouncyCastle.Crypto; +using Org.BouncyCastle.Crypto.Macs; +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Tls.Crypto.Impl.BC +{ + /// BC light-weight support class for handling TLS secrets and deriving key material and other secrets + /// from them. + public class BcTlsSecret + : AbstractTlsSecret + { + public static BcTlsSecret Convert(BcTlsCrypto crypto, TlsSecret secret) + { + if (secret is BcTlsSecret) + return (BcTlsSecret)secret; + + if (secret is AbstractTlsSecret) + { + AbstractTlsSecret abstractTlsSecret = (AbstractTlsSecret)secret; + + return crypto.AdoptLocalSecret(CopyData(abstractTlsSecret)); + } + + throw new ArgumentException("unrecognized TlsSecret - cannot copy data: " + Platform.GetTypeName(secret)); + } + + // SSL3 magic mix constants ("A", "BB", "CCC", ...) + private static readonly byte[] Ssl3Const = GenerateSsl3Constants(); + + private static byte[] GenerateSsl3Constants() + { + int n = 15; + byte[] result = new byte[n * (n + 1) / 2]; + int pos = 0; + for (int i = 0; i < n; ++i) + { + byte b = (byte)('A' + i); + for (int j = 0; j <= i; ++j) + { + result[pos++] = b; + } + } + return result; + } + + protected readonly BcTlsCrypto m_crypto; + + public BcTlsSecret(BcTlsCrypto crypto, byte[] data) + : base(data) + { + this.m_crypto = crypto; + } + + public override TlsSecret DeriveUsingPrf(int prfAlgorithm, string label, byte[] seed, int length) + { + lock (this) + { + CheckAlive(); + + switch (prfAlgorithm) + { + case PrfAlgorithm.tls13_hkdf_sha256: + return TlsCryptoUtilities.HkdfExpandLabel(this, CryptoHashAlgorithm.sha256, label, seed, length); + case PrfAlgorithm.tls13_hkdf_sha384: + return TlsCryptoUtilities.HkdfExpandLabel(this, CryptoHashAlgorithm.sha384, label, seed, length); + case PrfAlgorithm.tls13_hkdf_sm3: + return TlsCryptoUtilities.HkdfExpandLabel(this, CryptoHashAlgorithm.sm3, label, seed, length); + default: + return m_crypto.AdoptLocalSecret(Prf(prfAlgorithm, label, seed, length)); + } + } + } + + public override TlsSecret HkdfExpand(int cryptoHashAlgorithm, byte[] info, int length) + { + lock (this) + { + if (length < 1) + return m_crypto.AdoptLocalSecret(TlsUtilities.EmptyBytes); + + int hashLen = TlsCryptoUtilities.GetHashOutputSize(cryptoHashAlgorithm); + if (length > (255 * hashLen)) + throw new ArgumentException("must be <= 255 * (output size of 'hashAlgorithm')", "length"); + + CheckAlive(); + + byte[] prk = m_data; + + HMac hmac = new HMac(m_crypto.CreateDigest(cryptoHashAlgorithm)); + hmac.Init(new KeyParameter(prk)); + + byte[] okm = new byte[length]; + + byte[] t = new byte[hashLen]; + byte counter = 0x00; + + int pos = 0; + for (;;) + { + hmac.BlockUpdate(info, 0, info.Length); + hmac.Update(++counter); + hmac.DoFinal(t, 0); + + int remaining = length - pos; + if (remaining <= hashLen) + { + Array.Copy(t, 0, okm, pos, remaining); + break; + } + + Array.Copy(t, 0, okm, pos, hashLen); + pos += hashLen; + hmac.BlockUpdate(t, 0, t.Length); + } + + return m_crypto.AdoptLocalSecret(okm); + } + } + + public override TlsSecret HkdfExtract(int cryptoHashAlgorithm, TlsSecret ikm) + { + lock (this) + { + CheckAlive(); + + byte[] salt = m_data; + this.m_data = null; + + HMac hmac = new HMac(m_crypto.CreateDigest(cryptoHashAlgorithm)); + hmac.Init(new KeyParameter(salt)); + + Convert(m_crypto, ikm).UpdateMac(hmac); + + byte[] prk = new byte[hmac.GetMacSize()]; + hmac.DoFinal(prk, 0); + + return m_crypto.AdoptLocalSecret(prk); + } + } + + protected override AbstractTlsCrypto Crypto + { + get { return m_crypto; } + } + + protected virtual void HmacHash(int cryptoHashAlgorithm, byte[] secret, int secretOff, int secretLen, + byte[] seed, byte[] output) + { + IDigest digest = m_crypto.CreateDigest(cryptoHashAlgorithm); + HMac hmac = new HMac(digest); + hmac.Init(new KeyParameter(secret, secretOff, secretLen)); + + byte[] a = seed; + + int macSize = hmac.GetMacSize(); + + byte[] b1 = new byte[macSize]; + byte[] b2 = new byte[macSize]; + + int pos = 0; + while (pos < output.Length) + { + hmac.BlockUpdate(a, 0, a.Length); + hmac.DoFinal(b1, 0); + a = b1; + hmac.BlockUpdate(a, 0, a.Length); + hmac.BlockUpdate(seed, 0, seed.Length); + hmac.DoFinal(b2, 0); + Array.Copy(b2, 0, output, pos, System.Math.Min(macSize, output.Length - pos)); + pos += macSize; + } + } + + protected virtual byte[] Prf(int prfAlgorithm, string label, byte[] seed, int length) + { + if (PrfAlgorithm.ssl_prf_legacy == prfAlgorithm) + return Prf_Ssl(seed, length); + + byte[] labelSeed = Arrays.Concatenate(Strings.ToByteArray(label), seed); + + if (PrfAlgorithm.tls_prf_legacy == prfAlgorithm) + return Prf_1_0(labelSeed, length); + + return Prf_1_2(prfAlgorithm, labelSeed, length); + } + + protected virtual byte[] Prf_Ssl(byte[] seed, int length) + { + IDigest md5 = m_crypto.CreateDigest(CryptoHashAlgorithm.md5); + IDigest sha1 = m_crypto.CreateDigest(CryptoHashAlgorithm.sha1); + + int md5Size = md5.GetDigestSize(); + int sha1Size = sha1.GetDigestSize(); + + byte[] tmp = new byte[System.Math.Max(md5Size, sha1Size)]; + byte[] result = new byte[length]; + + int constLen = 1, constPos = 0, resultPos = 0; + while (resultPos < length) + { + sha1.BlockUpdate(Ssl3Const, constPos, constLen); + constPos += constLen++; + + sha1.BlockUpdate(m_data, 0, m_data.Length); + sha1.BlockUpdate(seed, 0, seed.Length); + sha1.DoFinal(tmp, 0); + + md5.BlockUpdate(m_data, 0, m_data.Length); + md5.BlockUpdate(tmp, 0, sha1Size); + + int remaining = length - resultPos; + if (remaining < md5Size) + { + md5.DoFinal(tmp, 0); + Array.Copy(tmp, 0, result, resultPos, remaining); + resultPos += remaining; + } + else + { + md5.DoFinal(result, resultPos); + resultPos += md5Size; + } + } + + return result; + } + + protected virtual byte[] Prf_1_0(byte[] labelSeed, int length) + { + int s_half = (m_data.Length + 1) / 2; + + byte[] b1 = new byte[length]; + HmacHash(CryptoHashAlgorithm.md5, m_data, 0, s_half, labelSeed, b1); + + byte[] b2 = new byte[length]; + HmacHash(CryptoHashAlgorithm.sha1, m_data, m_data.Length - s_half, s_half, labelSeed, b2); + + for (int i = 0; i < length; i++) + { + b1[i] ^= b2[i]; + } + return b1; + } + + protected virtual byte[] Prf_1_2(int prfAlgorithm, byte[] labelSeed, int length) + { + int cryptoHashAlgorithm = TlsCryptoUtilities.GetHashForPrf(prfAlgorithm); + byte[] result = new byte[length]; + HmacHash(cryptoHashAlgorithm, m_data, 0, m_data.Length, labelSeed, result); + return result; + } + + protected virtual void UpdateMac(IMac mac) + { + lock (this) + { + CheckAlive(); + + mac.BlockUpdate(m_data, 0, m_data.Length); + } + } + } +} diff --git a/BouncyCastle/crypto/src/tls/crypto/impl/bc/BcTlsSigner.cs b/BouncyCastle/crypto/src/tls/crypto/impl/bc/BcTlsSigner.cs new file mode 100644 index 0000000..8418030 --- /dev/null +++ b/BouncyCastle/crypto/src/tls/crypto/impl/bc/BcTlsSigner.cs @@ -0,0 +1,33 @@ +using System; + +using Org.BouncyCastle.Crypto; + +namespace Org.BouncyCastle.Tls.Crypto.Impl.BC +{ + public abstract class BcTlsSigner + : TlsSigner + { + protected readonly BcTlsCrypto m_crypto; + protected readonly AsymmetricKeyParameter m_privateKey; + + protected BcTlsSigner(BcTlsCrypto crypto, AsymmetricKeyParameter privateKey) + { + if (crypto == null) + throw new ArgumentNullException("crypto"); + if (privateKey == null) + throw new ArgumentNullException("privateKey"); + if (!privateKey.IsPrivate) + throw new ArgumentException("must be private", "privateKey"); + + this.m_crypto = crypto; + this.m_privateKey = privateKey; + } + + public abstract byte[] GenerateRawSignature(SignatureAndHashAlgorithm algorithm, byte[] hash); + + public virtual TlsStreamSigner GetStreamSigner(SignatureAndHashAlgorithm algorithm) + { + return null; + } + } +} diff --git a/BouncyCastle/crypto/src/tls/crypto/impl/bc/BcTlsSrp6Client.cs b/BouncyCastle/crypto/src/tls/crypto/impl/bc/BcTlsSrp6Client.cs new file mode 100644 index 0000000..de4b9bd --- /dev/null +++ b/BouncyCastle/crypto/src/tls/crypto/impl/bc/BcTlsSrp6Client.cs @@ -0,0 +1,36 @@ +using System; + +using Org.BouncyCastle.Crypto; +using Org.BouncyCastle.Crypto.Agreement.Srp; +using Org.BouncyCastle.Math; + +namespace Org.BouncyCastle.Tls.Crypto.Impl.BC +{ + internal sealed class BcTlsSrp6Client + : TlsSrp6Client + { + private readonly Srp6Client m_srp6Client; + + internal BcTlsSrp6Client(Srp6Client srpClient) + { + this.m_srp6Client = srpClient; + } + + public BigInteger CalculateSecret(BigInteger serverB) + { + try + { + return m_srp6Client.CalculateSecret(serverB); + } + catch (CryptoException e) + { + throw new TlsFatalAlert(AlertDescription.illegal_parameter, e); + } + } + + public BigInteger GenerateClientCredentials(byte[] srpSalt, byte[] identity, byte[] password) + { + return m_srp6Client.GenerateClientCredentials(srpSalt, identity, password); + } + } +} diff --git a/BouncyCastle/crypto/src/tls/crypto/impl/bc/BcTlsSrp6Server.cs b/BouncyCastle/crypto/src/tls/crypto/impl/bc/BcTlsSrp6Server.cs new file mode 100644 index 0000000..8ee79f6 --- /dev/null +++ b/BouncyCastle/crypto/src/tls/crypto/impl/bc/BcTlsSrp6Server.cs @@ -0,0 +1,36 @@ +using System; + +using Org.BouncyCastle.Crypto; +using Org.BouncyCastle.Crypto.Agreement.Srp; +using Org.BouncyCastle.Math; + +namespace Org.BouncyCastle.Tls.Crypto.Impl.BC +{ + internal sealed class BcTlsSrp6Server + : TlsSrp6Server + { + private readonly Srp6Server m_srp6Server; + + internal BcTlsSrp6Server(Srp6Server srp6Server) + { + this.m_srp6Server = srp6Server; + } + + public BigInteger GenerateServerCredentials() + { + return m_srp6Server.GenerateServerCredentials(); + } + + public BigInteger CalculateSecret(BigInteger clientA) + { + try + { + return m_srp6Server.CalculateSecret(clientA); + } + catch (CryptoException e) + { + throw new TlsFatalAlert(AlertDescription.illegal_parameter, e); + } + } + } +} diff --git a/BouncyCastle/crypto/src/tls/crypto/impl/bc/BcTlsSrp6VerifierGenerator.cs b/BouncyCastle/crypto/src/tls/crypto/impl/bc/BcTlsSrp6VerifierGenerator.cs new file mode 100644 index 0000000..3d9e23a --- /dev/null +++ b/BouncyCastle/crypto/src/tls/crypto/impl/bc/BcTlsSrp6VerifierGenerator.cs @@ -0,0 +1,23 @@ +using System; + +using Org.BouncyCastle.Crypto.Agreement.Srp; +using Org.BouncyCastle.Math; + +namespace Org.BouncyCastle.Tls.Crypto.Impl.BC +{ + internal sealed class BcTlsSrp6VerifierGenerator + : TlsSrp6VerifierGenerator + { + private readonly Srp6VerifierGenerator m_srp6VerifierGenerator; + + internal BcTlsSrp6VerifierGenerator(Srp6VerifierGenerator srp6VerifierGenerator) + { + this.m_srp6VerifierGenerator = srp6VerifierGenerator; + } + + public BigInteger GenerateVerifier(byte[] salt, byte[] identity, byte[] password) + { + return m_srp6VerifierGenerator.GenerateVerifier(salt, identity, password); + } + } +} diff --git a/BouncyCastle/crypto/src/tls/crypto/impl/bc/BcTlsStreamSigner.cs b/BouncyCastle/crypto/src/tls/crypto/impl/bc/BcTlsStreamSigner.cs new file mode 100644 index 0000000..158fb05 --- /dev/null +++ b/BouncyCastle/crypto/src/tls/crypto/impl/bc/BcTlsStreamSigner.cs @@ -0,0 +1,36 @@ +using System; +using System.IO; + +using Org.BouncyCastle.Crypto; +using Org.BouncyCastle.Crypto.IO; + +namespace Org.BouncyCastle.Tls.Crypto.Impl.BC +{ + internal sealed class BcTlsStreamSigner + : TlsStreamSigner + { + private readonly SignerSink m_output; + + internal BcTlsStreamSigner(ISigner signer) + { + this.m_output = new SignerSink(signer); + } + + public Stream GetOutputStream() + { + return m_output; + } + + public byte[] GetSignature() + { + try + { + return m_output.Signer.GenerateSignature(); + } + catch (CryptoException e) + { + throw new TlsFatalAlert(AlertDescription.internal_error, e); + } + } + } +} diff --git a/BouncyCastle/crypto/src/tls/crypto/impl/bc/BcTlsStreamVerifier.cs b/BouncyCastle/crypto/src/tls/crypto/impl/bc/BcTlsStreamVerifier.cs new file mode 100644 index 0000000..0848a30 --- /dev/null +++ b/BouncyCastle/crypto/src/tls/crypto/impl/bc/BcTlsStreamVerifier.cs @@ -0,0 +1,31 @@ +using System; +using System.IO; + +using Org.BouncyCastle.Crypto; +using Org.BouncyCastle.Crypto.IO; + +namespace Org.BouncyCastle.Tls.Crypto.Impl.BC +{ + internal sealed class BcTlsStreamVerifier + : TlsStreamVerifier + { + private readonly SignerSink m_output; + private readonly byte[] m_signature; + + internal BcTlsStreamVerifier(ISigner verifier, byte[] signature) + { + this.m_output = new SignerSink(verifier); + this.m_signature = signature; + } + + public Stream GetOutputStream() + { + return m_output; + } + + public bool IsVerified() + { + return m_output.Signer.VerifySignature(m_signature); + } + } +} diff --git a/BouncyCastle/crypto/src/tls/crypto/impl/bc/BcTlsVerifier.cs b/BouncyCastle/crypto/src/tls/crypto/impl/bc/BcTlsVerifier.cs new file mode 100644 index 0000000..dc8d21d --- /dev/null +++ b/BouncyCastle/crypto/src/tls/crypto/impl/bc/BcTlsVerifier.cs @@ -0,0 +1,33 @@ +using System; + +using Org.BouncyCastle.Crypto; + +namespace Org.BouncyCastle.Tls.Crypto.Impl.BC +{ + public abstract class BcTlsVerifier + : TlsVerifier + { + protected readonly BcTlsCrypto m_crypto; + protected readonly AsymmetricKeyParameter m_publicKey; + + protected BcTlsVerifier(BcTlsCrypto crypto, AsymmetricKeyParameter publicKey) + { + if (crypto == null) + throw new ArgumentNullException("crypto"); + if (publicKey == null) + throw new ArgumentNullException("publicKey"); + if (publicKey.IsPrivate) + throw new ArgumentException("must be public", "publicKey"); + + this.m_crypto = crypto; + this.m_publicKey = publicKey; + } + + public virtual TlsStreamVerifier GetStreamVerifier(DigitallySigned signature) + { + return null; + } + + public abstract bool VerifyRawSignature(DigitallySigned signature, byte[] hash); + } +} diff --git a/BouncyCastle/crypto/src/tls/crypto/impl/bc/BcVerifyingStreamSigner.cs b/BouncyCastle/crypto/src/tls/crypto/impl/bc/BcVerifyingStreamSigner.cs new file mode 100644 index 0000000..4d95068 --- /dev/null +++ b/BouncyCastle/crypto/src/tls/crypto/impl/bc/BcVerifyingStreamSigner.cs @@ -0,0 +1,48 @@ +using System; +using System.IO; + +using Org.BouncyCastle.Crypto; +using Org.BouncyCastle.Crypto.IO; +using Org.BouncyCastle.Utilities.IO; + +namespace Org.BouncyCastle.Tls.Crypto.Impl.BC +{ + internal sealed class BcVerifyingStreamSigner + : TlsStreamSigner + { + private readonly ISigner m_signer; + private readonly ISigner m_verifier; + private readonly TeeOutputStream m_output; + + internal BcVerifyingStreamSigner(ISigner signer, ISigner verifier) + { + Stream outputSigner = new SignerSink(signer); + Stream outputVerifier = new SignerSink(verifier); + + this.m_signer = signer; + this.m_verifier = verifier; + this.m_output = new TeeOutputStream(outputSigner, outputVerifier); + } + + public Stream GetOutputStream() + { + return m_output; + } + + public byte[] GetSignature() + { + try + { + byte[] signature = m_signer.GenerateSignature(); + if (m_verifier.VerifySignature(signature)) + return signature; + } + catch (CryptoException e) + { + throw new TlsFatalAlert(AlertDescription.internal_error, e); + } + + throw new TlsFatalAlert(AlertDescription.internal_error); + } + } +} diff --git a/BouncyCastle/crypto/src/tls/crypto/impl/bc/BcX25519.cs b/BouncyCastle/crypto/src/tls/crypto/impl/bc/BcX25519.cs new file mode 100644 index 0000000..c26bc51 --- /dev/null +++ b/BouncyCastle/crypto/src/tls/crypto/impl/bc/BcX25519.cs @@ -0,0 +1,54 @@ +using System; + +using Org.BouncyCastle.Math.EC.Rfc7748; + +namespace Org.BouncyCastle.Tls.Crypto.Impl.BC +{ + /// Support class for X25519 using the BC light-weight library. + public class BcX25519 + : TlsAgreement + { + protected readonly BcTlsCrypto m_crypto; + protected readonly byte[] m_privateKey = new byte[X25519.ScalarSize]; + protected readonly byte[] m_peerPublicKey = new byte[X25519.PointSize]; + + public BcX25519(BcTlsCrypto crypto) + { + this.m_crypto = crypto; + } + + public virtual byte[] GenerateEphemeral() + { + m_crypto.SecureRandom.NextBytes(m_privateKey); + + byte[] publicKey = new byte[X25519.PointSize]; + X25519.ScalarMultBase(m_privateKey, 0, publicKey, 0); + return publicKey; + } + + public virtual void ReceivePeerValue(byte[] peerValue) + { + if (peerValue == null || peerValue.Length != X25519.PointSize) + throw new TlsFatalAlert(AlertDescription.illegal_parameter); + + Array.Copy(peerValue, 0, m_peerPublicKey, 0, X25519.PointSize); + } + + public virtual TlsSecret CalculateSecret() + { + try + { + byte[] secret = new byte[X25519.PointSize]; + if (!X25519.CalculateAgreement(m_privateKey, 0, m_peerPublicKey, 0, secret, 0)) + throw new TlsFatalAlert(AlertDescription.handshake_failure); + + return m_crypto.AdoptLocalSecret(secret); + } + finally + { + Array.Clear(m_privateKey, 0, m_privateKey.Length); + Array.Clear(m_peerPublicKey, 0, m_peerPublicKey.Length); + } + } + } +} diff --git a/BouncyCastle/crypto/src/tls/crypto/impl/bc/BcX25519Domain.cs b/BouncyCastle/crypto/src/tls/crypto/impl/bc/BcX25519Domain.cs new file mode 100644 index 0000000..58767cf --- /dev/null +++ b/BouncyCastle/crypto/src/tls/crypto/impl/bc/BcX25519Domain.cs @@ -0,0 +1,20 @@ +using System; + +namespace Org.BouncyCastle.Tls.Crypto.Impl.BC +{ + public class BcX25519Domain + : TlsECDomain + { + protected readonly BcTlsCrypto m_crypto; + + public BcX25519Domain(BcTlsCrypto crypto) + { + this.m_crypto = crypto; + } + + public virtual TlsAgreement CreateECDH() + { + return new BcX25519(m_crypto); + } + } +} diff --git a/BouncyCastle/crypto/src/tls/crypto/impl/bc/BcX448.cs b/BouncyCastle/crypto/src/tls/crypto/impl/bc/BcX448.cs new file mode 100644 index 0000000..ebeba4e --- /dev/null +++ b/BouncyCastle/crypto/src/tls/crypto/impl/bc/BcX448.cs @@ -0,0 +1,54 @@ +using System; + +using Org.BouncyCastle.Math.EC.Rfc7748; + +namespace Org.BouncyCastle.Tls.Crypto.Impl.BC +{ + /// Support class for X448 using the BC light-weight library. + public class BcX448 + : TlsAgreement + { + protected readonly BcTlsCrypto m_crypto; + protected readonly byte[] m_privateKey = new byte[X448.ScalarSize]; + protected readonly byte[] m_peerPublicKey = new byte[X448.PointSize]; + + public BcX448(BcTlsCrypto crypto) + { + this.m_crypto = crypto; + } + + public virtual byte[] GenerateEphemeral() + { + m_crypto.SecureRandom.NextBytes(m_privateKey); + + byte[] publicKey = new byte[X448.PointSize]; + X448.ScalarMultBase(m_privateKey, 0, publicKey, 0); + return publicKey; + } + + public virtual void ReceivePeerValue(byte[] peerValue) + { + if (peerValue == null || peerValue.Length != X448.PointSize) + throw new TlsFatalAlert(AlertDescription.illegal_parameter); + + Array.Copy(peerValue, 0, m_peerPublicKey, 0, X448.PointSize); + } + + public virtual TlsSecret CalculateSecret() + { + try + { + byte[] secret = new byte[X448.PointSize]; + if (!X448.CalculateAgreement(m_privateKey, 0, m_peerPublicKey, 0, secret, 0)) + throw new TlsFatalAlert(AlertDescription.handshake_failure); + + return m_crypto.AdoptLocalSecret(secret); + } + finally + { + Array.Clear(m_privateKey, 0, m_privateKey.Length); + Array.Clear(m_peerPublicKey, 0, m_peerPublicKey.Length); + } + } + } +} diff --git a/BouncyCastle/crypto/src/tls/crypto/impl/bc/BcX448Domain.cs b/BouncyCastle/crypto/src/tls/crypto/impl/bc/BcX448Domain.cs new file mode 100644 index 0000000..757fa8f --- /dev/null +++ b/BouncyCastle/crypto/src/tls/crypto/impl/bc/BcX448Domain.cs @@ -0,0 +1,20 @@ +using System; + +namespace Org.BouncyCastle.Tls.Crypto.Impl.BC +{ + public class BcX448Domain + : TlsECDomain + { + protected readonly BcTlsCrypto m_crypto; + + public BcX448Domain(BcTlsCrypto crypto) + { + this.m_crypto = crypto; + } + + public virtual TlsAgreement CreateECDH() + { + return new BcX448(m_crypto); + } + } +} diff --git a/BouncyCastle/crypto/src/tsp/GenTimeAccuracy.cs b/BouncyCastle/crypto/src/tsp/GenTimeAccuracy.cs new file mode 100644 index 0000000..400bf6f --- /dev/null +++ b/BouncyCastle/crypto/src/tsp/GenTimeAccuracy.cs @@ -0,0 +1,33 @@ +using Org.BouncyCastle.Asn1; +using Org.BouncyCastle.Asn1.Tsp; + +namespace Org.BouncyCastle.Tsp +{ + public class GenTimeAccuracy + { + private Accuracy accuracy; + + public GenTimeAccuracy( + Accuracy accuracy) + { + this.accuracy = accuracy; + } + + public int Seconds { get { return GetTimeComponent(accuracy.Seconds); } } + + public int Millis { get { return GetTimeComponent(accuracy.Millis); } } + + public int Micros { get { return GetTimeComponent(accuracy.Micros); } } + + private int GetTimeComponent( + DerInteger time) + { + return time == null ? 0 : time.IntValueExact; + } + + public override string ToString() + { + return Seconds + "." + Millis.ToString("000") + Micros.ToString("000"); + } + } +} diff --git a/BouncyCastle/crypto/src/tsp/TSPAlgorithms.cs b/BouncyCastle/crypto/src/tsp/TSPAlgorithms.cs new file mode 100644 index 0000000..928468e --- /dev/null +++ b/BouncyCastle/crypto/src/tsp/TSPAlgorithms.cs @@ -0,0 +1,54 @@ +using System.Collections; + +using Org.BouncyCastle.Asn1.CryptoPro; +using Org.BouncyCastle.Asn1.GM; +using Org.BouncyCastle.Asn1.Nist; +using Org.BouncyCastle.Asn1.Oiw; +using Org.BouncyCastle.Asn1.Pkcs; +using Org.BouncyCastle.Asn1.Rosstandart; +using Org.BouncyCastle.Asn1.TeleTrust; +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Tsp +{ + /** + * Recognised hash algorithms for the time stamp protocol. + */ + public abstract class TspAlgorithms + { + public static readonly string MD5 = PkcsObjectIdentifiers.MD5.Id; + + public static readonly string Sha1 = OiwObjectIdentifiers.IdSha1.Id; + + public static readonly string Sha224 = NistObjectIdentifiers.IdSha224.Id; + public static readonly string Sha256 = NistObjectIdentifiers.IdSha256.Id; + public static readonly string Sha384 = NistObjectIdentifiers.IdSha384.Id; + public static readonly string Sha512 = NistObjectIdentifiers.IdSha512.Id; + + public static readonly string RipeMD128 = TeleTrusTObjectIdentifiers.RipeMD128.Id; + public static readonly string RipeMD160 = TeleTrusTObjectIdentifiers.RipeMD160.Id; + public static readonly string RipeMD256 = TeleTrusTObjectIdentifiers.RipeMD256.Id; + + public static readonly string Gost3411 = CryptoProObjectIdentifiers.GostR3411.Id; + public static readonly string Gost3411_2012_256 = RosstandartObjectIdentifiers.id_tc26_gost_3411_12_256.Id; + public static readonly string Gost3411_2012_512 = RosstandartObjectIdentifiers.id_tc26_gost_3411_12_512.Id; + + public static readonly string SM3 = GMObjectIdentifiers.sm3.Id; + + public static readonly IList Allowed; + + static TspAlgorithms() + { + string[] algs = new string[] + { + Gost3411, Gost3411_2012_256, Gost3411_2012_512, MD5, RipeMD128, RipeMD160, RipeMD256, Sha1, Sha224, Sha256, Sha384, Sha512, SM3 + }; + + Allowed = Platform.CreateArrayList(); + foreach (string alg in algs) + { + Allowed.Add(alg); + } + } + } +} diff --git a/BouncyCastle/crypto/src/tsp/TSPException.cs b/BouncyCastle/crypto/src/tsp/TSPException.cs new file mode 100644 index 0000000..0f29b12 --- /dev/null +++ b/BouncyCastle/crypto/src/tsp/TSPException.cs @@ -0,0 +1,28 @@ +using System; + +namespace Org.BouncyCastle.Tsp +{ +#if !(NETCF_1_0 || NETCF_2_0 || SILVERLIGHT || PORTABLE) + [Serializable] +#endif + public class TspException + : Exception + { + public TspException() + { + } + + public TspException( + string message) + : base(message) + { + } + + public TspException( + string message, + Exception e) + : base(message, e) + { + } + } +} diff --git a/BouncyCastle/crypto/src/tsp/TSPUtil.cs b/BouncyCastle/crypto/src/tsp/TSPUtil.cs new file mode 100644 index 0000000..a176574 --- /dev/null +++ b/BouncyCastle/crypto/src/tsp/TSPUtil.cs @@ -0,0 +1,214 @@ +using System; +using System.Collections; +using System.IO; + +using Org.BouncyCastle.Asn1; +using Org.BouncyCastle.Asn1.CryptoPro; +using Org.BouncyCastle.Asn1.GM; +using Org.BouncyCastle.Asn1.Nist; +using Org.BouncyCastle.Asn1.Oiw; +using Org.BouncyCastle.Asn1.Pkcs; +using Org.BouncyCastle.Asn1.Rosstandart; +using Org.BouncyCastle.Asn1.TeleTrust; +using Org.BouncyCastle.Asn1.X509; +using Org.BouncyCastle.Cms; +using Org.BouncyCastle.Crypto; +using Org.BouncyCastle.Security; +using Org.BouncyCastle.Utilities; +using Org.BouncyCastle.Utilities.Collections; +using Org.BouncyCastle.X509; + +namespace Org.BouncyCastle.Tsp +{ + public class TspUtil + { + private static ISet EmptySet = CollectionUtilities.ReadOnly(new HashSet()); + private static IList EmptyList = CollectionUtilities.ReadOnly(Platform.CreateArrayList()); + + private static readonly IDictionary digestLengths = Platform.CreateHashtable(); + private static readonly IDictionary digestNames = Platform.CreateHashtable(); + + static TspUtil() + { + digestLengths.Add(PkcsObjectIdentifiers.MD5.Id, 16); + digestLengths.Add(OiwObjectIdentifiers.IdSha1.Id, 20); + digestLengths.Add(NistObjectIdentifiers.IdSha224.Id, 28); + digestLengths.Add(NistObjectIdentifiers.IdSha256.Id, 32); + digestLengths.Add(NistObjectIdentifiers.IdSha384.Id, 48); + digestLengths.Add(NistObjectIdentifiers.IdSha512.Id, 64); + digestLengths.Add(TeleTrusTObjectIdentifiers.RipeMD128.Id, 16); + digestLengths.Add(TeleTrusTObjectIdentifiers.RipeMD160.Id, 20); + digestLengths.Add(TeleTrusTObjectIdentifiers.RipeMD256.Id, 32); + digestLengths.Add(CryptoProObjectIdentifiers.GostR3411.Id, 32); + digestLengths.Add(RosstandartObjectIdentifiers.id_tc26_gost_3411_12_256.Id, 32); + digestLengths.Add(RosstandartObjectIdentifiers.id_tc26_gost_3411_12_512.Id, 64); + digestLengths.Add(GMObjectIdentifiers.sm3.Id, 32); + + digestNames.Add(PkcsObjectIdentifiers.MD5.Id, "MD5"); + digestNames.Add(OiwObjectIdentifiers.IdSha1.Id, "SHA1"); + digestNames.Add(NistObjectIdentifiers.IdSha224.Id, "SHA224"); + digestNames.Add(NistObjectIdentifiers.IdSha256.Id, "SHA256"); + digestNames.Add(NistObjectIdentifiers.IdSha384.Id, "SHA384"); + digestNames.Add(NistObjectIdentifiers.IdSha512.Id, "SHA512"); + digestNames.Add(PkcsObjectIdentifiers.MD5WithRsaEncryption.Id, "MD5"); + digestNames.Add(PkcsObjectIdentifiers.Sha1WithRsaEncryption.Id, "SHA1"); + digestNames.Add(PkcsObjectIdentifiers.Sha224WithRsaEncryption.Id, "SHA224"); + digestNames.Add(PkcsObjectIdentifiers.Sha256WithRsaEncryption.Id, "SHA256"); + digestNames.Add(PkcsObjectIdentifiers.Sha384WithRsaEncryption.Id, "SHA384"); + digestNames.Add(PkcsObjectIdentifiers.Sha512WithRsaEncryption.Id, "SHA512"); + digestNames.Add(TeleTrusTObjectIdentifiers.RipeMD128.Id, "RIPEMD128"); + digestNames.Add(TeleTrusTObjectIdentifiers.RipeMD160.Id, "RIPEMD160"); + digestNames.Add(TeleTrusTObjectIdentifiers.RipeMD256.Id, "RIPEMD256"); + digestNames.Add(CryptoProObjectIdentifiers.GostR3411.Id, "GOST3411"); + digestNames.Add(OiwObjectIdentifiers.DsaWithSha1.Id, "SHA1"); + digestNames.Add(OiwObjectIdentifiers.Sha1WithRsa.Id, "SHA1"); + digestNames.Add(OiwObjectIdentifiers.MD5WithRsa.Id, "MD5"); + digestNames.Add(RosstandartObjectIdentifiers.id_tc26_gost_3411_12_256.Id, "GOST3411-2012-256"); + digestNames.Add(RosstandartObjectIdentifiers.id_tc26_gost_3411_12_512.Id, "GOST3411-2012-512"); + digestNames.Add(GMObjectIdentifiers.sm3.Id, "SM3"); + } + + + /** + * Fetches the signature time-stamp attributes from a SignerInformation object. + * Checks that the MessageImprint for each time-stamp matches the signature field. + * (see RFC 3161 Appendix A). + * + * @param signerInfo a SignerInformation to search for time-stamps + * @return a collection of TimeStampToken objects + * @throws TSPValidationException + */ + public static ICollection GetSignatureTimestamps( + SignerInformation signerInfo) + { + IList timestamps = Platform.CreateArrayList(); + + Asn1.Cms.AttributeTable unsignedAttrs = signerInfo.UnsignedAttributes; + if (unsignedAttrs != null) + { + foreach (Asn1.Cms.Attribute tsAttr in unsignedAttrs.GetAll( + PkcsObjectIdentifiers.IdAASignatureTimeStampToken)) + { + foreach (Asn1Encodable asn1 in tsAttr.AttrValues) + { + try + { + Asn1.Cms.ContentInfo contentInfo = Asn1.Cms.ContentInfo.GetInstance( + asn1.ToAsn1Object()); + TimeStampToken timeStampToken = new TimeStampToken(contentInfo); + TimeStampTokenInfo tstInfo = timeStampToken.TimeStampInfo; + + byte[] expectedDigest = DigestUtilities.CalculateDigest( + GetDigestAlgName(tstInfo.MessageImprintAlgOid), + signerInfo.GetSignature()); + + if (!Arrays.ConstantTimeAreEqual(expectedDigest, tstInfo.GetMessageImprintDigest())) + throw new TspValidationException("Incorrect digest in message imprint"); + + timestamps.Add(timeStampToken); + } + catch (SecurityUtilityException) + { + throw new TspValidationException("Unknown hash algorithm specified in timestamp"); + } + catch (Exception) + { + throw new TspValidationException("Timestamp could not be parsed"); + } + } + } + } + + return timestamps; + } + + /** + * Validate the passed in certificate as being of the correct type to be used + * for time stamping. To be valid it must have an ExtendedKeyUsage extension + * which has a key purpose identifier of id-kp-timeStamping. + * + * @param cert the certificate of interest. + * @throws TspValidationException if the certicate fails on one of the check points. + */ + public static void ValidateCertificate( + X509Certificate cert) + { + if (cert.Version != 3) + throw new ArgumentException("Certificate must have an ExtendedKeyUsage extension."); + + Asn1OctetString ext = cert.GetExtensionValue(X509Extensions.ExtendedKeyUsage); + if (ext == null) + throw new TspValidationException("Certificate must have an ExtendedKeyUsage extension."); + + if (!cert.GetCriticalExtensionOids().Contains(X509Extensions.ExtendedKeyUsage.Id)) + throw new TspValidationException("Certificate must have an ExtendedKeyUsage extension marked as critical."); + + try + { + ExtendedKeyUsage extKey = ExtendedKeyUsage.GetInstance( + Asn1Object.FromByteArray(ext.GetOctets())); + + if (!extKey.HasKeyPurposeId(KeyPurposeID.IdKPTimeStamping) || extKey.Count != 1) + throw new TspValidationException("ExtendedKeyUsage not solely time stamping."); + } + catch (IOException) + { + throw new TspValidationException("cannot process ExtendedKeyUsage extension"); + } + } + + /// + /// Return the digest algorithm using one of the standard JCA string + /// representations rather than the algorithm identifier (if possible). + /// + internal static string GetDigestAlgName( + string digestAlgOID) + { + string digestName = (string) digestNames[digestAlgOID]; + + return digestName != null ? digestName : digestAlgOID; + } + + internal static int GetDigestLength( + string digestAlgOID) + { + if (!digestLengths.Contains(digestAlgOID)) + throw new TspException("digest algorithm cannot be found."); + + return (int)digestLengths[digestAlgOID]; + } + + internal static IDigest CreateDigestInstance( + String digestAlgOID) + { + string digestName = GetDigestAlgName(digestAlgOID); + + return DigestUtilities.GetDigest(digestName); + } + + internal static ISet GetCriticalExtensionOids(X509Extensions extensions) + { + if (extensions == null) + return EmptySet; + + return CollectionUtilities.ReadOnly(new HashSet(extensions.GetCriticalExtensionOids())); + } + + internal static ISet GetNonCriticalExtensionOids(X509Extensions extensions) + { + if (extensions == null) + return EmptySet; + + // TODO: should probably produce a set that imposes correct ordering + return CollectionUtilities.ReadOnly(new HashSet(extensions.GetNonCriticalExtensionOids())); + } + + internal static IList GetExtensionOids(X509Extensions extensions) + { + if (extensions == null) + return EmptyList; + + return CollectionUtilities.ReadOnly(Platform.CreateArrayList(extensions.GetExtensionOids())); + } + } +} diff --git a/BouncyCastle/crypto/src/tsp/TSPValidationException.cs b/BouncyCastle/crypto/src/tsp/TSPValidationException.cs new file mode 100644 index 0000000..80f6420 --- /dev/null +++ b/BouncyCastle/crypto/src/tsp/TSPValidationException.cs @@ -0,0 +1,44 @@ +using System; + +namespace Org.BouncyCastle.Tsp +{ + /** + * Exception thrown if a TSP request or response fails to validate. + *

    + * If a failure code is associated with the exception it can be retrieved using + * the getFailureCode() method.

    + */ +#if !(NETCF_1_0 || NETCF_2_0 || SILVERLIGHT || PORTABLE) + [Serializable] +#endif + public class TspValidationException + : TspException + { + private int failureCode; + + public TspValidationException( + string message) + : base(message) + { + this.failureCode = -1; + } + + public TspValidationException( + string message, + int failureCode) + : base(message) + { + this.failureCode = failureCode; + } + + /** + * Return the failure code associated with this exception - if one is set. + * + * @return the failure code if set, -1 otherwise. + */ + public int FailureCode + { + get { return failureCode; } + } + } +} diff --git a/BouncyCastle/crypto/src/tsp/TimeStampRequest.cs b/BouncyCastle/crypto/src/tsp/TimeStampRequest.cs new file mode 100644 index 0000000..f5c6a09 --- /dev/null +++ b/BouncyCastle/crypto/src/tsp/TimeStampRequest.cs @@ -0,0 +1,186 @@ +using System; +using System.Collections; +using System.IO; + +using Org.BouncyCastle.Asn1; +using Org.BouncyCastle.Asn1.Cmp; +using Org.BouncyCastle.Asn1.Tsp; +using Org.BouncyCastle.Asn1.X509; +using Org.BouncyCastle.Crypto; +using Org.BouncyCastle.Math; +using Org.BouncyCastle.Security; +using Org.BouncyCastle.X509; + +namespace Org.BouncyCastle.Tsp +{ + /** + * Base class for an RFC 3161 Time Stamp Request. + */ + public class TimeStampRequest + : X509ExtensionBase + { + private TimeStampReq req; + private X509Extensions extensions; + + public TimeStampRequest( + TimeStampReq req) + { + this.req = req; + this.extensions = req.Extensions; + } + + /** + * Create a TimeStampRequest from the past in byte array. + * + * @param req byte array containing the request. + * @throws IOException if the request is malformed. + */ + public TimeStampRequest( + byte[] req) + : this(new Asn1InputStream(req)) + { + } + + /** + * Create a TimeStampRequest from the past in input stream. + * + * @param in input stream containing the request. + * @throws IOException if the request is malformed. + */ + public TimeStampRequest( + Stream input) + : this(new Asn1InputStream(input)) + { + } + + private TimeStampRequest( + Asn1InputStream str) + { + try + { + this.req = TimeStampReq.GetInstance(str.ReadObject()); + } + catch (InvalidCastException e) + { + throw new IOException("malformed request: " + e); + } + catch (ArgumentException e) + { + throw new IOException("malformed request: " + e); + } + } + + public int Version + { + get { return req.Version.IntValueExact; } + } + + public string MessageImprintAlgOid + { + get { return req.MessageImprint.HashAlgorithm.Algorithm.Id; } + } + + public byte[] GetMessageImprintDigest() + { + return req.MessageImprint.GetHashedMessage(); + } + + public string ReqPolicy + { + get + { + return req.ReqPolicy == null + ? null + : req.ReqPolicy.Id; + } + } + + public BigInteger Nonce + { + get + { + return req.Nonce == null + ? null + : req.Nonce.Value; + } + } + + public bool CertReq + { + get + { + return req.CertReq == null + ? false + : req.CertReq.IsTrue; + } + } + + /** + * Validate the timestamp request, checking the digest to see if it is of an + * accepted type and whether it is of the correct length for the algorithm specified. + * + * @param algorithms a set of string OIDS giving accepted algorithms. + * @param policies if non-null a set of policies we are willing to sign under. + * @param extensions if non-null a set of extensions we are willing to accept. + * @throws TspException if the request is invalid, or processing fails. + */ + public void Validate( + IList algorithms, + IList policies, + IList extensions) + { + if (!algorithms.Contains(this.MessageImprintAlgOid)) + throw new TspValidationException("request contains unknown algorithm", PkiFailureInfo.BadAlg); + + if (policies != null && this.ReqPolicy != null && !policies.Contains(this.ReqPolicy)) + throw new TspValidationException("request contains unknown policy", PkiFailureInfo.UnacceptedPolicy); + + if (this.Extensions != null && extensions != null) + { + foreach (DerObjectIdentifier oid in this.Extensions.ExtensionOids) + { + if (!extensions.Contains(oid.Id)) + throw new TspValidationException("request contains unknown extension", PkiFailureInfo.UnacceptedExtension); + } + } + + int digestLength = TspUtil.GetDigestLength(this.MessageImprintAlgOid); + + if (digestLength != this.GetMessageImprintDigest().Length) + throw new TspValidationException("imprint digest the wrong length", PkiFailureInfo.BadDataFormat); + } + + /** + * return the ASN.1 encoded representation of this object. + */ + public byte[] GetEncoded() + { + return req.GetEncoded(); + } + + internal X509Extensions Extensions + { + get { return req.Extensions; } + } + + public virtual bool HasExtensions + { + get { return extensions != null; } + } + + public virtual X509Extension GetExtension(DerObjectIdentifier oid) + { + return extensions == null ? null : extensions.GetExtension(oid); + } + + public virtual IList GetExtensionOids() + { + return TspUtil.GetExtensionOids(extensions); + } + + protected override X509Extensions GetX509Extensions() + { + return Extensions; + } + } +} diff --git a/BouncyCastle/crypto/src/tsp/TimeStampRequestGenerator.cs b/BouncyCastle/crypto/src/tsp/TimeStampRequestGenerator.cs new file mode 100644 index 0000000..2c698e4 --- /dev/null +++ b/BouncyCastle/crypto/src/tsp/TimeStampRequestGenerator.cs @@ -0,0 +1,139 @@ +using System; +using System.Collections; + +using Org.BouncyCastle.Asn1; +using Org.BouncyCastle.Asn1.Tsp; +using Org.BouncyCastle.Asn1.X509; +using Org.BouncyCastle.Math; + +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Tsp +{ + /** + * Generator for RFC 3161 Time Stamp Request objects. + */ + public class TimeStampRequestGenerator + { + private DerObjectIdentifier reqPolicy; + + private DerBoolean certReq; + + private IDictionary extensions = Platform.CreateHashtable(); + private IList extOrdering = Platform.CreateArrayList(); + + public void SetReqPolicy( + string reqPolicy) + { + this.reqPolicy = new DerObjectIdentifier(reqPolicy); + } + + public void SetCertReq( + bool certReq) + { + this.certReq = DerBoolean.GetInstance(certReq); + } + + /** + * add a given extension field for the standard extensions tag (tag 3) + * @throws IOException + */ + [Obsolete("Use method taking DerObjectIdentifier")] + public void AddExtension( + string oid, + bool critical, + Asn1Encodable value) + { + this.AddExtension(oid, critical, value.GetEncoded()); + } + + /** + * add a given extension field for the standard extensions tag + * The value parameter becomes the contents of the octet string associated + * with the extension. + */ + [Obsolete("Use method taking DerObjectIdentifier")] + public void AddExtension( + string oid, + bool critical, + byte[] value) + { + DerObjectIdentifier derOid = new DerObjectIdentifier(oid); + extensions[derOid] = new X509Extension(critical, new DerOctetString(value)); + extOrdering.Add(derOid); + } + + /** + * add a given extension field for the standard extensions tag (tag 3) + * @throws IOException + */ + public virtual void AddExtension( + DerObjectIdentifier oid, + bool critical, + Asn1Encodable extValue) + { + this.AddExtension(oid, critical, extValue.GetEncoded()); + } + + /** + * add a given extension field for the standard extensions tag + * The value parameter becomes the contents of the octet string associated + * with the extension. + */ + public virtual void AddExtension( + DerObjectIdentifier oid, + bool critical, + byte[] extValue) + { + extensions.Add(oid, new X509Extension(critical, new DerOctetString(extValue))); + extOrdering.Add(oid); + } + + public TimeStampRequest Generate( + string digestAlgorithm, + byte[] digest) + { + return this.Generate(digestAlgorithm, digest, null); + } + + public TimeStampRequest Generate( + string digestAlgorithmOid, + byte[] digest, + BigInteger nonce) + { + if (digestAlgorithmOid == null) + { + throw new ArgumentException("No digest algorithm specified"); + } + + DerObjectIdentifier digestAlgOid = new DerObjectIdentifier(digestAlgorithmOid); + + AlgorithmIdentifier algID = new AlgorithmIdentifier(digestAlgOid, DerNull.Instance); + MessageImprint messageImprint = new MessageImprint(algID, digest); + + X509Extensions ext = null; + + if (extOrdering.Count != 0) + { + ext = new X509Extensions(extOrdering, extensions); + } + + DerInteger derNonce = nonce == null + ? null + : new DerInteger(nonce); + + return new TimeStampRequest( + new TimeStampReq(messageImprint, reqPolicy, derNonce, certReq, ext)); + } + + public virtual TimeStampRequest Generate(DerObjectIdentifier digestAlgorithm, byte[] digest) + { + return Generate(digestAlgorithm.Id, digest); + } + + public virtual TimeStampRequest Generate(DerObjectIdentifier digestAlgorithm, byte[] digest, BigInteger nonce) + { + return Generate(digestAlgorithm.Id, digest, nonce); + } + } +} diff --git a/BouncyCastle/crypto/src/tsp/TimeStampResponse.cs b/BouncyCastle/crypto/src/tsp/TimeStampResponse.cs new file mode 100644 index 0000000..0695211 --- /dev/null +++ b/BouncyCastle/crypto/src/tsp/TimeStampResponse.cs @@ -0,0 +1,184 @@ +using System; +using System.IO; +using System.Text; + +using Org.BouncyCastle.Asn1; +using Org.BouncyCastle.Asn1.Cmp; +using Org.BouncyCastle.Asn1.Pkcs; +using Org.BouncyCastle.Asn1.Tsp; +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Tsp +{ + /** + * Base class for an RFC 3161 Time Stamp Response object. + */ + public class TimeStampResponse + { + private TimeStampResp resp; + private TimeStampToken timeStampToken; + + public TimeStampResponse( + TimeStampResp resp) + { + this.resp = resp; + + if (resp.TimeStampToken != null) + { + timeStampToken = new TimeStampToken(resp.TimeStampToken); + } + } + + /** + * Create a TimeStampResponse from a byte array containing an ASN.1 encoding. + * + * @param resp the byte array containing the encoded response. + * @throws TspException if the response is malformed. + * @throws IOException if the byte array doesn't represent an ASN.1 encoding. + */ + public TimeStampResponse( + byte[] resp) + : this(readTimeStampResp(new Asn1InputStream(resp))) + { + } + + /** + * Create a TimeStampResponse from an input stream containing an ASN.1 encoding. + * + * @param input the input stream containing the encoded response. + * @throws TspException if the response is malformed. + * @throws IOException if the stream doesn't represent an ASN.1 encoding. + */ + public TimeStampResponse( + Stream input) + : this(readTimeStampResp(new Asn1InputStream(input))) + { + } + + private static TimeStampResp readTimeStampResp( + Asn1InputStream input) + { + try + { + return TimeStampResp.GetInstance(input.ReadObject()); + } + catch (ArgumentException e) + { + throw new TspException("malformed timestamp response: " + e, e); + } + catch (InvalidCastException e) + { + throw new TspException("malformed timestamp response: " + e, e); + } + } + + public int Status + { + get { return resp.Status.Status.IntValue; } + } + + public string GetStatusString() + { + if (resp.Status.StatusString == null) + { + return null; + } + + StringBuilder statusStringBuf = new StringBuilder(); + PkiFreeText text = resp.Status.StatusString; + for (int i = 0; i != text.Count; i++) + { + statusStringBuf.Append(text[i].GetString()); + } + + return statusStringBuf.ToString(); + } + + public PkiFailureInfo GetFailInfo() + { + if (resp.Status.FailInfo == null) + { + return null; + } + + return new PkiFailureInfo(resp.Status.FailInfo); + } + + public TimeStampToken TimeStampToken + { + get { return timeStampToken; } + } + + /** + * Check this response against to see if it a well formed response for + * the passed in request. Validation will include checking the time stamp + * token if the response status is GRANTED or GRANTED_WITH_MODS. + * + * @param request the request to be checked against + * @throws TspException if the request can not match this response. + */ + public void Validate( + TimeStampRequest request) + { + TimeStampToken tok = this.TimeStampToken; + + if (tok != null) + { + TimeStampTokenInfo tstInfo = tok.TimeStampInfo; + + if (request.Nonce != null && !request.Nonce.Equals(tstInfo.Nonce)) + { + throw new TspValidationException("response contains wrong nonce value."); + } + + if (this.Status != (int) PkiStatus.Granted && this.Status != (int) PkiStatus.GrantedWithMods) + { + throw new TspValidationException("time stamp token found in failed request."); + } + + if (!Arrays.ConstantTimeAreEqual(request.GetMessageImprintDigest(), tstInfo.GetMessageImprintDigest())) + { + throw new TspValidationException("response for different message imprint digest."); + } + + if (!tstInfo.MessageImprintAlgOid.Equals(request.MessageImprintAlgOid)) + { + throw new TspValidationException("response for different message imprint algorithm."); + } + + Asn1.Cms.Attribute scV1 = tok.SignedAttributes[PkcsObjectIdentifiers.IdAASigningCertificate]; + Asn1.Cms.Attribute scV2 = tok.SignedAttributes[PkcsObjectIdentifiers.IdAASigningCertificateV2]; + + if (scV1 == null && scV2 == null) + { + throw new TspValidationException("no signing certificate attribute present."); + } + + if (scV1 != null && scV2 != null) + { + /* + * RFC 5035 5.4. If both attributes exist in a single message, + * they are independently evaluated. + */ + } + + if (request.ReqPolicy != null && !request.ReqPolicy.Equals(tstInfo.Policy)) + { + throw new TspValidationException("TSA policy wrong for request."); + } + } + else if (this.Status == (int) PkiStatus.Granted || this.Status == (int) PkiStatus.GrantedWithMods) + { + throw new TspValidationException("no time stamp token found and one expected."); + } + } + + /** + * return the ASN.1 encoded representation of this object. + */ + public byte[] GetEncoded() + { + return resp.GetEncoded(); + } + } +} diff --git a/BouncyCastle/crypto/src/tsp/TimeStampResponseGenerator.cs b/BouncyCastle/crypto/src/tsp/TimeStampResponseGenerator.cs new file mode 100644 index 0000000..69a5c09 --- /dev/null +++ b/BouncyCastle/crypto/src/tsp/TimeStampResponseGenerator.cs @@ -0,0 +1,272 @@ +using System; +using System.Collections; +using System.IO; + +using Org.BouncyCastle.Asn1; +using Org.BouncyCastle.Asn1.Cmp; +using Org.BouncyCastle.Asn1.Cms; +using Org.BouncyCastle.Asn1.Tsp; +using Org.BouncyCastle.Asn1.X509; +using Org.BouncyCastle.Math; +using Org.BouncyCastle.Utilities.Date; + +namespace Org.BouncyCastle.Tsp +{ + /** + * Generator for RFC 3161 Time Stamp Responses. + */ + public class TimeStampResponseGenerator + { + private PkiStatus status; + + private Asn1EncodableVector statusStrings; + + private int failInfo; + private TimeStampTokenGenerator tokenGenerator; + private IList acceptedAlgorithms; + private IList acceptedPolicies; + private IList acceptedExtensions; + + public TimeStampResponseGenerator( + TimeStampTokenGenerator tokenGenerator, + IList acceptedAlgorithms) + : this(tokenGenerator, acceptedAlgorithms, null, null) + { + } + + public TimeStampResponseGenerator( + TimeStampTokenGenerator tokenGenerator, + IList acceptedAlgorithms, + IList acceptedPolicy) + : this(tokenGenerator, acceptedAlgorithms, acceptedPolicy, null) + { + } + + public TimeStampResponseGenerator( + TimeStampTokenGenerator tokenGenerator, + IList acceptedAlgorithms, + IList acceptedPolicies, + IList acceptedExtensions) + { + this.tokenGenerator = tokenGenerator; + this.acceptedAlgorithms = acceptedAlgorithms; + this.acceptedPolicies = acceptedPolicies; + this.acceptedExtensions = acceptedExtensions; + + statusStrings = new Asn1EncodableVector(); + } + + private void AddStatusString(string statusString) + { + statusStrings.Add(new DerUtf8String(statusString)); + } + + private void SetFailInfoField(int field) + { + failInfo |= field; + } + + private PkiStatusInfo GetPkiStatusInfo() + { + Asn1EncodableVector v = new Asn1EncodableVector( + new DerInteger((int)status)); + + if (statusStrings.Count > 0) + { + v.Add(new PkiFreeText(new DerSequence(statusStrings))); + } + + if (failInfo != 0) + { + v.Add(new FailInfo(failInfo)); + } + + return new PkiStatusInfo(new DerSequence(v)); + } + + public TimeStampResponse Generate( + TimeStampRequest request, + BigInteger serialNumber, + DateTime genTime) + { + return Generate(request, serialNumber, new DateTimeObject(genTime)); + } + + /** + * Return an appropriate TimeStampResponse. + *

    + * If genTime is null a timeNotAvailable error response will be returned. + * + * @param request the request this response is for. + * @param serialNumber serial number for the response token. + * @param genTime generation time for the response token. + * @param provider provider to use for signature calculation. + * @return + * @throws NoSuchAlgorithmException + * @throws NoSuchProviderException + * @throws TSPException + *

    + */ + public TimeStampResponse Generate( + TimeStampRequest request, + BigInteger serialNumber, + DateTimeObject genTime) + { + TimeStampResp resp; + + try + { + if (genTime == null) + throw new TspValidationException("The time source is not available.", + PkiFailureInfo.TimeNotAvailable); + + request.Validate(acceptedAlgorithms, acceptedPolicies, acceptedExtensions); + + this.status = PkiStatus.Granted; + this.AddStatusString("Operation Okay"); + + PkiStatusInfo pkiStatusInfo = GetPkiStatusInfo(); + + ContentInfo tstTokenContentInfo; + try + { + TimeStampToken token = tokenGenerator.Generate(request, serialNumber, genTime.Value); + byte[] encoded = token.ToCmsSignedData().GetEncoded(); + + tstTokenContentInfo = ContentInfo.GetInstance(Asn1Object.FromByteArray(encoded)); + } + catch (IOException e) + { + throw new TspException("Timestamp token received cannot be converted to ContentInfo", e); + } + + resp = new TimeStampResp(pkiStatusInfo, tstTokenContentInfo); + } + catch (TspValidationException e) + { + status = PkiStatus.Rejection; + + this.SetFailInfoField(e.FailureCode); + this.AddStatusString(e.Message); + + PkiStatusInfo pkiStatusInfo = GetPkiStatusInfo(); + + resp = new TimeStampResp(pkiStatusInfo, null); + } + + try + { + return new TimeStampResponse(resp); + } + catch (IOException e) + { + throw new TspException("created badly formatted response!", e); + } + } + + + public TimeStampResponse GenerateGrantedResponse( + TimeStampRequest request, + BigInteger serialNumber, + DateTimeObject genTime, + String statusString, + X509Extensions additionalExtensions) + { + TimeStampResp resp; + + try + { + if (genTime == null) + throw new TspValidationException("The time source is not available.", + PkiFailureInfo.TimeNotAvailable); + + request.Validate(acceptedAlgorithms, acceptedPolicies, acceptedExtensions); + + this.status = PkiStatus.Granted; + this.AddStatusString(statusString); + + PkiStatusInfo pkiStatusInfo = GetPkiStatusInfo(); + + ContentInfo tstTokenContentInfo; + try + { + TimeStampToken token = tokenGenerator.Generate(request, serialNumber, genTime.Value,additionalExtensions); + byte[] encoded = token.ToCmsSignedData().GetEncoded(); + + tstTokenContentInfo = ContentInfo.GetInstance(Asn1Object.FromByteArray(encoded)); + } + catch (IOException e) + { + throw new TspException("Timestamp token received cannot be converted to ContentInfo", e); + } + + resp = new TimeStampResp(pkiStatusInfo, tstTokenContentInfo); + } + catch (TspValidationException e) + { + status = PkiStatus.Rejection; + + this.SetFailInfoField(e.FailureCode); + this.AddStatusString(e.Message); + + PkiStatusInfo pkiStatusInfo = GetPkiStatusInfo(); + + resp = new TimeStampResp(pkiStatusInfo, null); + } + + try + { + return new TimeStampResponse(resp); + } + catch (IOException e) + { + throw new TspException("created badly formatted response!", e); + } + } + + + + class FailInfo + : DerBitString + { + internal FailInfo(int failInfoValue) + : base(failInfoValue) + { + } + } + + /** + * Generate a TimeStampResponse with chosen status and FailInfoField. + * + * @param status the PKIStatus to set. + * @param failInfoField the FailInfoField to set. + * @param statusString an optional string describing the failure. + * @return a TimeStampResponse with a failInfoField and optional statusString + * @throws TSPException in case the response could not be created + */ + public TimeStampResponse GenerateFailResponse(PkiStatus status, int failInfoField, string statusString) + { + this.status = status; + + this.SetFailInfoField(failInfoField); + + if (statusString != null) + { + this.AddStatusString(statusString); + } + + PkiStatusInfo pkiStatusInfo = GetPkiStatusInfo(); + + TimeStampResp resp = new TimeStampResp(pkiStatusInfo, null); + + try + { + return new TimeStampResponse(resp); + } + catch (IOException e) + { + throw new TspException("created badly formatted response!", e); + } + } + } +} diff --git a/BouncyCastle/crypto/src/tsp/TimeStampToken.cs b/BouncyCastle/crypto/src/tsp/TimeStampToken.cs new file mode 100644 index 0000000..9b2a7a4 --- /dev/null +++ b/BouncyCastle/crypto/src/tsp/TimeStampToken.cs @@ -0,0 +1,322 @@ +using System; +using System.Collections; +using System.IO; + +using Org.BouncyCastle.Asn1; +using Org.BouncyCastle.Asn1.Ess; +using Org.BouncyCastle.Asn1.Nist; +using Org.BouncyCastle.Asn1.Oiw; +using Org.BouncyCastle.Asn1.Pkcs; +using Org.BouncyCastle.Asn1.Tsp; +using Org.BouncyCastle.Asn1.X509; +using Org.BouncyCastle.Cms; +using Org.BouncyCastle.Security; +using Org.BouncyCastle.Security.Certificates; +using Org.BouncyCastle.Utilities; +using Org.BouncyCastle.X509; +using Org.BouncyCastle.X509.Store; + +namespace Org.BouncyCastle.Tsp +{ + public class TimeStampToken + { + private readonly CmsSignedData tsToken; + private readonly SignerInformation tsaSignerInfo; +// private readonly DateTime genTime; + private readonly TimeStampTokenInfo tstInfo; + private readonly CertID certID; + + public TimeStampToken( + Asn1.Cms.ContentInfo contentInfo) + : this(new CmsSignedData(contentInfo)) + { + } + + public TimeStampToken( + CmsSignedData signedData) + { + this.tsToken = signedData; + + if (!this.tsToken.SignedContentType.Equals(PkcsObjectIdentifiers.IdCTTstInfo)) + { + throw new TspValidationException("ContentInfo object not for a time stamp."); + } + + ICollection signers = tsToken.GetSignerInfos().GetSigners(); + + if (signers.Count != 1) + { + throw new ArgumentException("Time-stamp token signed by " + + signers.Count + + " signers, but it must contain just the TSA signature."); + } + + + IEnumerator signerEnum = signers.GetEnumerator(); + + signerEnum.MoveNext(); + tsaSignerInfo = (SignerInformation) signerEnum.Current; + + try + { + CmsProcessable content = tsToken.SignedContent; + MemoryStream bOut = new MemoryStream(); + + content.Write(bOut); + + this.tstInfo = new TimeStampTokenInfo( + TstInfo.GetInstance( + Asn1Object.FromByteArray(bOut.ToArray()))); + + Asn1.Cms.Attribute attr = tsaSignerInfo.SignedAttributes[ + PkcsObjectIdentifiers.IdAASigningCertificate]; + +// if (attr == null) +// { +// throw new TspValidationException( +// "no signing certificate attribute found, time stamp invalid."); +// } +// +// SigningCertificate signCert = SigningCertificate.GetInstance( +// attr.AttrValues[0]); +// +// this.certID = EssCertID.GetInstance(signCert.GetCerts()[0]); + + if (attr != null) + { + + if (attr.AttrValues[0] is SigningCertificateV2) + { + SigningCertificateV2 signCert = SigningCertificateV2.GetInstance(attr.AttrValues[0]); + this.certID = new CertID(EssCertIDv2.GetInstance(signCert.GetCerts()[0])); + } + else + { + SigningCertificate signCert = SigningCertificate.GetInstance(attr.AttrValues[0]); + this.certID = new CertID(EssCertID.GetInstance(signCert.GetCerts()[0])); + } + } + else + { + attr = tsaSignerInfo.SignedAttributes[PkcsObjectIdentifiers.IdAASigningCertificateV2]; + + if (attr == null) + throw new TspValidationException("no signing certificate attribute found, time stamp invalid."); + + SigningCertificateV2 signCertV2 = SigningCertificateV2.GetInstance(attr.AttrValues[0]); + + this.certID = new CertID(EssCertIDv2.GetInstance(signCertV2.GetCerts()[0])); + } + } + catch (CmsException e) + { + throw new TspException(e.Message, e.InnerException); + } + } + + public TimeStampTokenInfo TimeStampInfo + { + get { return tstInfo; } + } + + public SignerID SignerID + { + get { return tsaSignerInfo.SignerID; } + } + + public Asn1.Cms.AttributeTable SignedAttributes + { + get { return tsaSignerInfo.SignedAttributes; } + } + + public Asn1.Cms.AttributeTable UnsignedAttributes + { + get { return tsaSignerInfo.UnsignedAttributes; } + } + + public IX509Store GetCertificates( + string type) + { + return tsToken.GetCertificates(type); + } + + public IX509Store GetCrls( + string type) + { + return tsToken.GetCrls(type); + } + + public IX509Store GetCertificates() + { + return tsToken.GetCertificates(); + } + + public IX509Store GetAttributeCertificates( + string type) + { + return tsToken.GetAttributeCertificates(type); + } + + /** + * Validate the time stamp token. + *

    + * To be valid the token must be signed by the passed in certificate and + * the certificate must be the one referred to by the SigningCertificate + * attribute included in the hashed attributes of the token. The + * certificate must also have the ExtendedKeyUsageExtension with only + * KeyPurposeID.IdKPTimeStamping and have been valid at the time the + * timestamp was created. + *

    + *

    + * A successful call to validate means all the above are true. + *

    + */ + public void Validate( + X509Certificate cert) + { + try + { + byte[] hash = DigestUtilities.CalculateDigest( + certID.GetHashAlgorithmName(), cert.GetEncoded()); + + if (!Arrays.ConstantTimeAreEqual(certID.GetCertHash(), hash)) + throw new TspValidationException("certificate hash does not match certID hash."); + + if (certID.IssuerSerial != null) + { + if (!certID.IssuerSerial.Serial.HasValue(cert.SerialNumber)) + throw new TspValidationException("certificate serial number does not match certID for signature."); + + GeneralName[] names = certID.IssuerSerial.Issuer.GetNames(); + X509Name principal = PrincipalUtilities.GetIssuerX509Principal(cert); + bool found = false; + + for (int i = 0; i != names.Length; i++) + { + if (names[i].TagNo == 4 + && X509Name.GetInstance(names[i].Name).Equivalent(principal)) + { + found = true; + break; + } + } + + if (!found) + { + throw new TspValidationException("certificate name does not match certID for signature. "); + } + } + + TspUtil.ValidateCertificate(cert); + + cert.CheckValidity(tstInfo.GenTime); + + if (!tsaSignerInfo.Verify(cert)) + { + throw new TspValidationException("signature not created by certificate."); + } + } + catch (CmsException e) + { + if (e.InnerException != null) + { + throw new TspException(e.Message, e.InnerException); + } + + throw new TspException("CMS exception: " + e, e); + } + catch (CertificateEncodingException e) + { + throw new TspException("problem processing certificate: " + e, e); + } + catch (SecurityUtilityException e) + { + throw new TspException("cannot find algorithm: " + e.Message, e); + } + } + + /** + * Return the underlying CmsSignedData object. + * + * @return the underlying CMS structure. + */ + public CmsSignedData ToCmsSignedData() + { + return tsToken; + } + + /** + * Return a ASN.1 encoded byte stream representing the encoded object. + * + * @throws IOException if encoding fails. + */ + public byte[] GetEncoded() + { + return tsToken.GetEncoded(Asn1Encodable.Der); + } + + /** + * return the ASN.1 encoded representation of this object using the specified encoding. + * + * @param encoding the ASN.1 encoding format to use ("BER" or "DER"). + */ + public byte[] GetEncoded(string encoding) + { + return tsToken.GetEncoded(encoding); + } + + // perhaps this should be done using an interface on the ASN.1 classes... + private class CertID + { + private EssCertID certID; + private EssCertIDv2 certIDv2; + + internal CertID(EssCertID certID) + { + this.certID = certID; + this.certIDv2 = null; + } + + internal CertID(EssCertIDv2 certID) + { + this.certIDv2 = certID; + this.certID = null; + } + + public string GetHashAlgorithmName() + { + if (certID != null) + return "SHA-1"; + + if (NistObjectIdentifiers.IdSha256.Equals(certIDv2.HashAlgorithm.Algorithm)) + return "SHA-256"; + + return certIDv2.HashAlgorithm.Algorithm.Id; + } + + public AlgorithmIdentifier GetHashAlgorithm() + { + return (certID != null) + ? new AlgorithmIdentifier(OiwObjectIdentifiers.IdSha1) + : certIDv2.HashAlgorithm; + } + + public byte[] GetCertHash() + { + return certID != null + ? certID.GetCertHash() + : certIDv2.GetCertHash(); + } + + public IssuerSerial IssuerSerial + { + get + { + return certID != null + ? certID.IssuerSerial + : certIDv2.IssuerSerial; + } + } + } + } +} diff --git a/BouncyCastle/crypto/src/tsp/TimeStampTokenGenerator.cs b/BouncyCastle/crypto/src/tsp/TimeStampTokenGenerator.cs new file mode 100644 index 0000000..55142a5 --- /dev/null +++ b/BouncyCastle/crypto/src/tsp/TimeStampTokenGenerator.cs @@ -0,0 +1,496 @@ +using System; +using System.Collections; +using System.IO; +using System.Text; +using Org.BouncyCastle.Asn1; +using Org.BouncyCastle.Asn1.Cmp; +using Org.BouncyCastle.Asn1.Cms; +using Org.BouncyCastle.Asn1.Ess; +using Org.BouncyCastle.Asn1.Oiw; +using Org.BouncyCastle.Asn1.Pkcs; +using Org.BouncyCastle.Asn1.Tsp; +using Org.BouncyCastle.Asn1.X509; +using Org.BouncyCastle.Cms; +using Org.BouncyCastle.Crypto; +using Org.BouncyCastle.Crypto.Operators; +using Org.BouncyCastle.Math; +using Org.BouncyCastle.Utilities; +using Org.BouncyCastle.X509; +using Org.BouncyCastle.X509.Store; + +namespace Org.BouncyCastle.Tsp +{ + public enum Resolution + { + R_SECONDS, R_TENTHS_OF_SECONDS, R_HUNDREDTHS_OF_SECONDS, R_MILLISECONDS + } + + public class TimeStampTokenGenerator + { + private int accuracySeconds = -1; + private int accuracyMillis = -1; + private int accuracyMicros = -1; + private bool ordering = false; + private GeneralName tsa = null; + private DerObjectIdentifier tsaPolicyOID; + + private IX509Store x509Certs; + private IX509Store x509Crls; + private SignerInfoGenerator signerInfoGenerator; + IDigestFactory digestCalculator; + + private Resolution resolution = Resolution.R_SECONDS; + + public Resolution Resolution + { + get { return resolution; } + set { resolution = value; } + } + + /** + * basic creation - only the default attributes will be included here. + */ + public TimeStampTokenGenerator( + AsymmetricKeyParameter key, + X509Certificate cert, + string digestOID, + string tsaPolicyOID) + : this(key, cert, digestOID, tsaPolicyOID, null, null) + { + } + + + public TimeStampTokenGenerator( + SignerInfoGenerator signerInfoGen, + IDigestFactory digestCalculator, + DerObjectIdentifier tsaPolicy, + bool isIssuerSerialIncluded) + { + + this.signerInfoGenerator = signerInfoGen; + this.digestCalculator = digestCalculator; + this.tsaPolicyOID = tsaPolicy; + + if (signerInfoGenerator.certificate == null) + { + throw new ArgumentException("SignerInfoGenerator must have an associated certificate"); + } + + X509Certificate assocCert = signerInfoGenerator.certificate; + TspUtil.ValidateCertificate(assocCert); + + try + { + IStreamCalculator calculator = digestCalculator.CreateCalculator(); + Stream stream = calculator.Stream; + byte[] certEnc = assocCert.GetEncoded(); + stream.Write(certEnc, 0, certEnc.Length); + stream.Flush(); + Platform.Dispose(stream); + + if (((AlgorithmIdentifier)digestCalculator.AlgorithmDetails).Algorithm.Equals(OiwObjectIdentifiers.IdSha1)) + { + EssCertID essCertID = new EssCertID( + ((IBlockResult)calculator.GetResult()).Collect(), + isIssuerSerialIncluded ? + new IssuerSerial( + new GeneralNames( + new GeneralName(assocCert.IssuerDN)), + new DerInteger(assocCert.SerialNumber)) : null); + + this.signerInfoGenerator = signerInfoGen.NewBuilder() + .WithSignedAttributeGenerator(new TableGen(signerInfoGen, essCertID)) + .Build(signerInfoGen.contentSigner, signerInfoGen.certificate); + } + else + { + AlgorithmIdentifier digestAlgID = new AlgorithmIdentifier( + ((AlgorithmIdentifier)digestCalculator.AlgorithmDetails).Algorithm); + + EssCertIDv2 essCertID = new EssCertIDv2( + ((IBlockResult)calculator.GetResult()).Collect(), + isIssuerSerialIncluded ? + new IssuerSerial( + new GeneralNames( + new GeneralName(assocCert.IssuerDN)), + new DerInteger(assocCert.SerialNumber)) : null); + + this.signerInfoGenerator = signerInfoGen.NewBuilder() + .WithSignedAttributeGenerator(new TableGen2(signerInfoGen, essCertID)) + .Build(signerInfoGen.contentSigner, signerInfoGen.certificate); + } + + } + catch (Exception ex) + { + throw new TspException("Exception processing certificate", ex); + } + } + + /** + * create with a signer with extra signed/unsigned attributes. + */ + public TimeStampTokenGenerator( + AsymmetricKeyParameter key, + X509Certificate cert, + string digestOID, + string tsaPolicyOID, + Asn1.Cms.AttributeTable signedAttr, + Asn1.Cms.AttributeTable unsignedAttr) : this( + makeInfoGenerator(key, cert, digestOID, signedAttr, unsignedAttr), + Asn1DigestFactory.Get(OiwObjectIdentifiers.IdSha1), + tsaPolicyOID != null ? new DerObjectIdentifier(tsaPolicyOID):null, false) + { + } + + + internal static SignerInfoGenerator makeInfoGenerator( + AsymmetricKeyParameter key, + X509Certificate cert, + string digestOID, + + Asn1.Cms.AttributeTable signedAttr, + Asn1.Cms.AttributeTable unsignedAttr) + { + + + TspUtil.ValidateCertificate(cert); + + // + // Add the ESSCertID attribute + // + IDictionary signedAttrs; + if (signedAttr != null) + { + signedAttrs = signedAttr.ToDictionary(); + } + else + { + signedAttrs = Platform.CreateHashtable(); + } + + //try + //{ + // byte[] hash = DigestUtilities.CalculateDigest("SHA-1", cert.GetEncoded()); + + // EssCertID essCertid = new EssCertID(hash); + + // Asn1.Cms.Attribute attr = new Asn1.Cms.Attribute( + // PkcsObjectIdentifiers.IdAASigningCertificate, + // new DerSet(new SigningCertificate(essCertid))); + + // signedAttrs[attr.AttrType] = attr; + //} + //catch (CertificateEncodingException e) + //{ + // throw new TspException("Exception processing certificate.", e); + //} + //catch (SecurityUtilityException e) + //{ + // throw new TspException("Can't find a SHA-1 implementation.", e); + //} + + + string digestName = CmsSignedHelper.Instance.GetDigestAlgName(digestOID); + string signatureName = digestName + "with" + CmsSignedHelper.Instance.GetEncryptionAlgName(CmsSignedHelper.Instance.GetEncOid(key, digestOID)); + + Asn1SignatureFactory sigfact = new Asn1SignatureFactory(signatureName, key); + return new SignerInfoGeneratorBuilder() + .WithSignedAttributeGenerator( + new DefaultSignedAttributeTableGenerator( + new Asn1.Cms.AttributeTable(signedAttrs))) + .WithUnsignedAttributeGenerator( + new SimpleAttributeTableGenerator(unsignedAttr)) + .Build(sigfact, cert); + } + + + public void SetCertificates( + IX509Store certificates) + { + this.x509Certs = certificates; + } + + public void SetCrls( + IX509Store crls) + { + this.x509Crls = crls; + } + + public void SetAccuracySeconds( + int accuracySeconds) + { + this.accuracySeconds = accuracySeconds; + } + + public void SetAccuracyMillis( + int accuracyMillis) + { + this.accuracyMillis = accuracyMillis; + } + + public void SetAccuracyMicros( + int accuracyMicros) + { + this.accuracyMicros = accuracyMicros; + } + + public void SetOrdering( + bool ordering) + { + this.ordering = ordering; + } + + public void SetTsa( + GeneralName tsa) + { + this.tsa = tsa; + } + + //------------------------------------------------------------------------------ + + public TimeStampToken Generate( + TimeStampRequest request, + BigInteger serialNumber, + DateTime genTime) + { + return Generate(request, serialNumber, genTime, null); + } + + + public TimeStampToken Generate( + TimeStampRequest request, + BigInteger serialNumber, + DateTime genTime, X509Extensions additionalExtensions) + { + DerObjectIdentifier digestAlgOID = new DerObjectIdentifier(request.MessageImprintAlgOid); + + AlgorithmIdentifier algID = new AlgorithmIdentifier(digestAlgOID, DerNull.Instance); + MessageImprint messageImprint = new MessageImprint(algID, request.GetMessageImprintDigest()); + + Accuracy accuracy = null; + if (accuracySeconds > 0 || accuracyMillis > 0 || accuracyMicros > 0) + { + DerInteger seconds = null; + if (accuracySeconds > 0) + { + seconds = new DerInteger(accuracySeconds); + } + + DerInteger millis = null; + if (accuracyMillis > 0) + { + millis = new DerInteger(accuracyMillis); + } + + DerInteger micros = null; + if (accuracyMicros > 0) + { + micros = new DerInteger(accuracyMicros); + } + + accuracy = new Accuracy(seconds, millis, micros); + } + + DerBoolean derOrdering = null; + if (ordering) + { + derOrdering = DerBoolean.GetInstance(ordering); + } + + DerInteger nonce = null; + if (request.Nonce != null) + { + nonce = new DerInteger(request.Nonce); + } + + DerObjectIdentifier tsaPolicy = tsaPolicyOID; + if (request.ReqPolicy != null) + { + tsaPolicy = new DerObjectIdentifier(request.ReqPolicy); + } + + if (tsaPolicy == null) + { + throw new TspValidationException("request contains no policy", PkiFailureInfo.UnacceptedPolicy); + } + + X509Extensions respExtensions = request.Extensions; + if (additionalExtensions != null) + { + X509ExtensionsGenerator extGen = new X509ExtensionsGenerator(); + + if (respExtensions != null) + { + foreach(object oid in respExtensions.ExtensionOids) + { + DerObjectIdentifier id = DerObjectIdentifier.GetInstance(oid); + extGen.AddExtension(id, respExtensions.GetExtension(DerObjectIdentifier.GetInstance(id))); + } + } + + foreach (object oid in additionalExtensions.ExtensionOids) + { + DerObjectIdentifier id = DerObjectIdentifier.GetInstance(oid); + extGen.AddExtension(id, additionalExtensions.GetExtension(DerObjectIdentifier.GetInstance(id))); + + } + + respExtensions = extGen.Generate(); + } + + + + DerGeneralizedTime generalizedTime; + if (resolution != Resolution.R_SECONDS) + { + generalizedTime = new DerGeneralizedTime(createGeneralizedTime(genTime)); + } + else + { + generalizedTime = new DerGeneralizedTime(genTime); + } + + + TstInfo tstInfo = new TstInfo(tsaPolicy, messageImprint, + new DerInteger(serialNumber), generalizedTime, accuracy, + derOrdering, nonce, tsa, respExtensions); + + try + { + CmsSignedDataGenerator signedDataGenerator = new CmsSignedDataGenerator(); + + byte[] derEncodedTstInfo = tstInfo.GetDerEncoded(); + + if (request.CertReq) + { + signedDataGenerator.AddCertificates(x509Certs); + } + + signedDataGenerator.AddCrls(x509Crls); + + signedDataGenerator.AddSignerInfoGenerator(signerInfoGenerator); + + CmsSignedData signedData = signedDataGenerator.Generate( + PkcsObjectIdentifiers.IdCTTstInfo.Id, + new CmsProcessableByteArray(derEncodedTstInfo), + true); + + return new TimeStampToken(signedData); + } + catch (CmsException cmsEx) + { + throw new TspException("Error generating time-stamp token", cmsEx); + } + catch (IOException e) + { + throw new TspException("Exception encoding info", e); + } + catch (X509StoreException e) + { + throw new TspException("Exception handling CertStore", e); + } + // catch (InvalidAlgorithmParameterException e) + // { + // throw new TspException("Exception handling CertStore CRLs", e); + // } + } + + private string createGeneralizedTime(DateTime genTime) + { + String format = "yyyyMMddHHmmss.fff"; + + StringBuilder sBuild = new StringBuilder(genTime.ToString(format)); + int dotIndex = sBuild.ToString().IndexOf("."); + + if (dotIndex <0) + { + sBuild.Append("Z"); + return sBuild.ToString(); + } + + switch(resolution) + { + case Resolution.R_TENTHS_OF_SECONDS: + if (sBuild.Length > dotIndex + 2) + { + sBuild.Remove(dotIndex + 2, sBuild.Length-(dotIndex+2)); + } + break; + case Resolution.R_HUNDREDTHS_OF_SECONDS: + if (sBuild.Length > dotIndex + 3) + { + sBuild.Remove(dotIndex + 3, sBuild.Length-(dotIndex+3)); + } + break; + + + case Resolution.R_SECONDS: + case Resolution.R_MILLISECONDS: + // do nothing. + break; + + } + + + while (sBuild[sBuild.Length - 1] == '0') + { + sBuild.Remove(sBuild.Length - 1,1); + } + + if (sBuild.Length - 1 == dotIndex) + { + sBuild.Remove(sBuild.Length - 1, 1); + } + + sBuild.Append("Z"); + return sBuild.ToString(); + } + + private class TableGen : CmsAttributeTableGenerator + { + private readonly SignerInfoGenerator infoGen; + private readonly EssCertID essCertID; + + + public TableGen(SignerInfoGenerator infoGen, EssCertID essCertID) + { + this.infoGen = infoGen; + this.essCertID = essCertID; + } + + public Asn1.Cms.AttributeTable GetAttributes(IDictionary parameters) + { + Asn1.Cms.AttributeTable tab = infoGen.signedGen.GetAttributes(parameters); + if (tab[PkcsObjectIdentifiers.IdAASigningCertificate] == null) + { + return tab.Add(PkcsObjectIdentifiers.IdAASigningCertificate, new SigningCertificate(essCertID)); + } + return tab; + } + } + + private class TableGen2 : CmsAttributeTableGenerator + { + private readonly SignerInfoGenerator infoGen; + private readonly EssCertIDv2 essCertID; + + + public TableGen2(SignerInfoGenerator infoGen, EssCertIDv2 essCertID) + { + this.infoGen = infoGen; + this.essCertID = essCertID; + } + + public Asn1.Cms.AttributeTable GetAttributes(IDictionary parameters) + { + Asn1.Cms.AttributeTable tab = infoGen.signedGen.GetAttributes(parameters); + if (tab[PkcsObjectIdentifiers.IdAASigningCertificateV2] == null) + { + return tab.Add(PkcsObjectIdentifiers.IdAASigningCertificateV2, new SigningCertificateV2(essCertID)); + } + return tab; + } + } + } +} diff --git a/BouncyCastle/crypto/src/tsp/TimeStampTokenInfo.cs b/BouncyCastle/crypto/src/tsp/TimeStampTokenInfo.cs new file mode 100644 index 0000000..cdef826 --- /dev/null +++ b/BouncyCastle/crypto/src/tsp/TimeStampTokenInfo.cs @@ -0,0 +1,107 @@ +using System; + +using Org.BouncyCastle.Asn1.Tsp; +using Org.BouncyCastle.Asn1.X509; +using Org.BouncyCastle.Math; + +namespace Org.BouncyCastle.Tsp +{ + public class TimeStampTokenInfo + { + private TstInfo tstInfo; + private DateTime genTime; + + public TimeStampTokenInfo( + TstInfo tstInfo) + { + this.tstInfo = tstInfo; + + try + { + this.genTime = tstInfo.GenTime.ToDateTime(); + } + catch (Exception e) + { + throw new TspException("unable to parse genTime field: " + e.Message); + } + } + + public bool IsOrdered + { + get { return tstInfo.Ordering.IsTrue; } + } + + public Accuracy Accuracy + { + get { return tstInfo.Accuracy; } + } + + public DateTime GenTime + { + get { return genTime; } + } + + public GenTimeAccuracy GenTimeAccuracy + { + get + { + return this.Accuracy == null + ? null + : new GenTimeAccuracy(this.Accuracy); + } + } + + public string Policy + { + get { return tstInfo.Policy.Id; } + } + + public BigInteger SerialNumber + { + get { return tstInfo.SerialNumber.Value; } + } + + public GeneralName Tsa + { + get { return tstInfo.Tsa; } + } + + /** + * @return the nonce value, null if there isn't one. + */ + public BigInteger Nonce + { + get + { + return tstInfo.Nonce == null + ? null + : tstInfo.Nonce.Value; + } + } + + public AlgorithmIdentifier HashAlgorithm + { + get { return tstInfo.MessageImprint.HashAlgorithm; } + } + + public string MessageImprintAlgOid + { + get { return tstInfo.MessageImprint.HashAlgorithm.Algorithm.Id; } + } + + public byte[] GetMessageImprintDigest() + { + return tstInfo.MessageImprint.GetHashedMessage(); + } + + public byte[] GetEncoded() + { + return tstInfo.GetEncoded(); + } + + public TstInfo TstInfo + { + get { return tstInfo; } + } + } +} diff --git a/BouncyCastle/crypto/src/util/Arrays.cs b/BouncyCastle/crypto/src/util/Arrays.cs new file mode 100644 index 0000000..86848af --- /dev/null +++ b/BouncyCastle/crypto/src/util/Arrays.cs @@ -0,0 +1,922 @@ +using System; +using System.Text; + +using Org.BouncyCastle.Math; + +namespace Org.BouncyCastle.Utilities +{ + /// General array utilities. + public abstract class Arrays + { + public static readonly byte[] EmptyBytes = new byte[0]; + public static readonly int[] EmptyInts = new int[0]; + + public static bool AreAllZeroes(byte[] buf, int off, int len) + { + uint bits = 0; + for (int i = 0; i < len; ++i) + { + bits |= buf[off + i]; + } + return bits == 0; + } + + public static bool AreEqual( + bool[] a, + bool[] b) + { + if (a == b) + return true; + + if (a == null || b == null) + return false; + + return HaveSameContents(a, b); + } + + public static bool AreEqual( + char[] a, + char[] b) + { + if (a == b) + return true; + + if (a == null || b == null) + return false; + + return HaveSameContents(a, b); + } + + /// + /// Are two arrays equal. + /// + /// Left side. + /// Right side. + /// True if equal. + public static bool AreEqual(byte[] a, byte[] b) + { + if (a == b) + return true; + + if (a == null || b == null) + return false; + + return HaveSameContents(a, b); + } + + public static bool AreEqual(byte[] a, int aFromIndex, int aToIndex, byte[] b, int bFromIndex, int bToIndex) + { + int aLength = aToIndex - aFromIndex; + int bLength = bToIndex - bFromIndex; + + if (aLength != bLength) + return false; + + for (int i = 0; i < aLength; ++i) + { + if (a[aFromIndex + i] != b[bFromIndex + i]) + return false; + } + + return true; + } + + [Obsolete("Use 'AreEqual' method instead")] + public static bool AreSame( + byte[] a, + byte[] b) + { + return AreEqual(a, b); + } + + /// + /// A constant time equals comparison - does not terminate early if + /// test will fail. + /// + /// first array + /// second array + /// true if arrays equal, false otherwise. + public static bool ConstantTimeAreEqual(byte[] a, byte[] b) + { + if (null == a || null == b) + return false; + if (a == b) + return true; + + int len = System.Math.Min(a.Length, b.Length); + int nonEqual = a.Length ^ b.Length; + for (int i = 0; i < len; ++i) + { + nonEqual |= (a[i] ^ b[i]); + } + for (int i = len; i < b.Length; ++i) + { + nonEqual |= (b[i] ^ ~b[i]); + } + return 0 == nonEqual; + } + + public static bool ConstantTimeAreEqual(int len, byte[] a, int aOff, byte[] b, int bOff) + { + if (null == a) + throw new ArgumentNullException("a"); + if (null == b) + throw new ArgumentNullException("b"); + if (len < 0) + throw new ArgumentException("cannot be negative", "len"); + if (aOff > (a.Length - len)) + throw new IndexOutOfRangeException("'aOff' value invalid for specified length"); + if (bOff > (b.Length - len)) + throw new IndexOutOfRangeException("'bOff' value invalid for specified length"); + + int d = 0; + for (int i = 0; i < len; ++i) + { + d |= (a[aOff + i] ^ b[bOff + i]); + } + return 0 == d; + } + + public static bool AreEqual( + int[] a, + int[] b) + { + if (a == b) + return true; + + if (a == null || b == null) + return false; + + return HaveSameContents(a, b); + } + + [CLSCompliantAttribute(false)] + public static bool AreEqual(uint[] a, uint[] b) + { + if (a == b) + return true; + + if (a == null || b == null) + return false; + + return HaveSameContents(a, b); + } + + public static bool AreEqual(long[] a, long[] b) + { + if (a == b) + return true; + + if (a == null || b == null) + return false; + + return HaveSameContents(a, b); + } + + [CLSCompliantAttribute(false)] + public static bool AreEqual(ulong[] a, ulong[] b) + { + if (a == b) + return true; + + if (a == null || b == null) + return false; + + return HaveSameContents(a, b); + } + + private static bool HaveSameContents( + bool[] a, + bool[] b) + { + int i = a.Length; + if (i != b.Length) + return false; + while (i != 0) + { + --i; + if (a[i] != b[i]) + return false; + } + return true; + } + + private static bool HaveSameContents( + char[] a, + char[] b) + { + int i = a.Length; + if (i != b.Length) + return false; + while (i != 0) + { + --i; + if (a[i] != b[i]) + return false; + } + return true; + } + + private static bool HaveSameContents( + byte[] a, + byte[] b) + { + int i = a.Length; + if (i != b.Length) + return false; + while (i != 0) + { + --i; + if (a[i] != b[i]) + return false; + } + return true; + } + + private static bool HaveSameContents( + int[] a, + int[] b) + { + int i = a.Length; + if (i != b.Length) + return false; + while (i != 0) + { + --i; + if (a[i] != b[i]) + return false; + } + return true; + } + + private static bool HaveSameContents(uint[] a, uint[] b) + { + int i = a.Length; + if (i != b.Length) + return false; + while (i != 0) + { + --i; + if (a[i] != b[i]) + return false; + } + return true; + } + + private static bool HaveSameContents(long[] a, long[] b) + { + int i = a.Length; + if (i != b.Length) + return false; + while (i != 0) + { + --i; + if (a[i] != b[i]) + return false; + } + return true; + } + + private static bool HaveSameContents(ulong[] a, ulong[] b) + { + int i = a.Length; + if (i != b.Length) + return false; + while (i != 0) + { + --i; + if (a[i] != b[i]) + return false; + } + return true; + } + + public static string ToString( + object[] a) + { + StringBuilder sb = new StringBuilder("["); + if (a.Length > 0) + { + sb.Append(a[0]); + for (int index = 1; index < a.Length; ++index) + { + sb.Append(", ").Append(a[index]); + } + } + sb.Append(']'); + return sb.ToString(); + } + + public static int GetHashCode(byte[] data) + { + if (data == null) + { + return 0; + } + + int i = data.Length; + int hc = i + 1; + + while (--i >= 0) + { + hc *= 257; + hc ^= data[i]; + } + + return hc; + } + + public static int GetHashCode(byte[] data, int off, int len) + { + if (data == null) + { + return 0; + } + + int i = len; + int hc = i + 1; + + while (--i >= 0) + { + hc *= 257; + hc ^= data[off + i]; + } + + return hc; + } + + public static int GetHashCode(int[] data) + { + if (data == null) + return 0; + + int i = data.Length; + int hc = i + 1; + + while (--i >= 0) + { + hc *= 257; + hc ^= data[i]; + } + + return hc; + } + + [CLSCompliantAttribute(false)] + public static int GetHashCode(ushort[] data) + { + if (data == null) + return 0; + + int i = data.Length; + int hc = i + 1; + + while (--i >= 0) + { + hc *= 257; + hc ^= data[i]; + } + + return hc; + } + + public static int GetHashCode(int[] data, int off, int len) + { + if (data == null) + return 0; + + int i = len; + int hc = i + 1; + + while (--i >= 0) + { + hc *= 257; + hc ^= data[off + i]; + } + + return hc; + } + + [CLSCompliantAttribute(false)] + public static int GetHashCode(uint[] data) + { + if (data == null) + return 0; + + int i = data.Length; + int hc = i + 1; + + while (--i >= 0) + { + hc *= 257; + hc ^= (int)data[i]; + } + + return hc; + } + + [CLSCompliantAttribute(false)] + public static int GetHashCode(uint[] data, int off, int len) + { + if (data == null) + return 0; + + int i = len; + int hc = i + 1; + + while (--i >= 0) + { + hc *= 257; + hc ^= (int)data[off + i]; + } + + return hc; + } + + [CLSCompliantAttribute(false)] + public static int GetHashCode(ulong[] data) + { + if (data == null) + return 0; + + int i = data.Length; + int hc = i + 1; + + while (--i >= 0) + { + ulong di = data[i]; + hc *= 257; + hc ^= (int)di; + hc *= 257; + hc ^= (int)(di >> 32); + } + + return hc; + } + + [CLSCompliantAttribute(false)] + public static int GetHashCode(ulong[] data, int off, int len) + { + if (data == null) + return 0; + + int i = len; + int hc = i + 1; + + while (--i >= 0) + { + ulong di = data[off + i]; + hc *= 257; + hc ^= (int)di; + hc *= 257; + hc ^= (int)(di >> 32); + } + + return hc; + } + + public static bool[] Clone(bool[] data) + { + return data == null ? null : (bool[])data.Clone(); + } + + public static byte[] Clone(byte[] data) + { + return data == null ? null : (byte[])data.Clone(); + } + + public static short[] Clone(short[] data) + { + return data == null ? null : (short[])data.Clone(); + } + + [CLSCompliantAttribute(false)] + public static ushort[] Clone(ushort[] data) + { + return data == null ? null : (ushort[])data.Clone(); + } + + public static int[] Clone(int[] data) + { + return data == null ? null : (int[])data.Clone(); + } + + [CLSCompliantAttribute(false)] + public static uint[] Clone(uint[] data) + { + return data == null ? null : (uint[])data.Clone(); + } + + public static long[] Clone(long[] data) + { + return data == null ? null : (long[])data.Clone(); + } + + [CLSCompliantAttribute(false)] + public static ulong[] Clone(ulong[] data) + { + return data == null ? null : (ulong[])data.Clone(); + } + + public static byte[] Clone(byte[] data, byte[] existing) + { + if (data == null) + return null; + if (existing == null || existing.Length != data.Length) + return Clone(data); + Array.Copy(data, 0, existing, 0, existing.Length); + return existing; + } + + [CLSCompliantAttribute(false)] + public static ulong[] Clone(ulong[] data, ulong[] existing) + { + if (data == null) + return null; + if (existing == null || existing.Length != data.Length) + return Clone(data); + Array.Copy(data, 0, existing, 0, existing.Length); + return existing; + } + + public static bool Contains(byte[] a, byte n) + { + for (int i = 0; i < a.Length; ++i) + { + if (a[i] == n) + return true; + } + return false; + } + + public static bool Contains(short[] a, short n) + { + for (int i = 0; i < a.Length; ++i) + { + if (a[i] == n) + return true; + } + return false; + } + + public static bool Contains(int[] a, int n) + { + for (int i = 0; i < a.Length; ++i) + { + if (a[i] == n) + return true; + } + return false; + } + + public static void Fill( + byte[] buf, + byte b) + { + int i = buf.Length; + while (i > 0) + { + buf[--i] = b; + } + } + + public static void Fill(byte[] buf, int from, int to, byte b) + { + for (int i = from; i < to; ++i) + { + buf[i] = b; + } + } + + public static byte[] CopyOf(byte[] data, int newLength) + { + byte[] tmp = new byte[newLength]; + Array.Copy(data, 0, tmp, 0, System.Math.Min(newLength, data.Length)); + return tmp; + } + + public static char[] CopyOf(char[] data, int newLength) + { + char[] tmp = new char[newLength]; + Array.Copy(data, 0, tmp, 0, System.Math.Min(newLength, data.Length)); + return tmp; + } + + public static int[] CopyOf(int[] data, int newLength) + { + int[] tmp = new int[newLength]; + Array.Copy(data, 0, tmp, 0, System.Math.Min(newLength, data.Length)); + return tmp; + } + + public static long[] CopyOf(long[] data, int newLength) + { + long[] tmp = new long[newLength]; + Array.Copy(data, 0, tmp, 0, System.Math.Min(newLength, data.Length)); + return tmp; + } + + public static BigInteger[] CopyOf(BigInteger[] data, int newLength) + { + BigInteger[] tmp = new BigInteger[newLength]; + Array.Copy(data, 0, tmp, 0, System.Math.Min(newLength, data.Length)); + return tmp; + } + + /** + * Make a copy of a range of bytes from the passed in data array. The range can + * extend beyond the end of the input array, in which case the return array will + * be padded with zeroes. + * + * @param data the array from which the data is to be copied. + * @param from the start index at which the copying should take place. + * @param to the final index of the range (exclusive). + * + * @return a new byte array containing the range given. + */ + public static byte[] CopyOfRange(byte[] data, int from, int to) + { + int newLength = GetLength(from, to); + byte[] tmp = new byte[newLength]; + Array.Copy(data, from, tmp, 0, System.Math.Min(newLength, data.Length - from)); + return tmp; + } + + public static int[] CopyOfRange(int[] data, int from, int to) + { + int newLength = GetLength(from, to); + int[] tmp = new int[newLength]; + Array.Copy(data, from, tmp, 0, System.Math.Min(newLength, data.Length - from)); + return tmp; + } + + public static long[] CopyOfRange(long[] data, int from, int to) + { + int newLength = GetLength(from, to); + long[] tmp = new long[newLength]; + Array.Copy(data, from, tmp, 0, System.Math.Min(newLength, data.Length - from)); + return tmp; + } + + public static BigInteger[] CopyOfRange(BigInteger[] data, int from, int to) + { + int newLength = GetLength(from, to); + BigInteger[] tmp = new BigInteger[newLength]; + Array.Copy(data, from, tmp, 0, System.Math.Min(newLength, data.Length - from)); + return tmp; + } + + private static int GetLength(int from, int to) + { + int newLength = to - from; + if (newLength < 0) + throw new ArgumentException(from + " > " + to); + return newLength; + } + + public static byte[] Append(byte[] a, byte b) + { + if (a == null) + return new byte[] { b }; + + int length = a.Length; + byte[] result = new byte[length + 1]; + Array.Copy(a, 0, result, 0, length); + result[length] = b; + return result; + } + + public static short[] Append(short[] a, short b) + { + if (a == null) + return new short[] { b }; + + int length = a.Length; + short[] result = new short[length + 1]; + Array.Copy(a, 0, result, 0, length); + result[length] = b; + return result; + } + + public static int[] Append(int[] a, int b) + { + if (a == null) + return new int[] { b }; + + int length = a.Length; + int[] result = new int[length + 1]; + Array.Copy(a, 0, result, 0, length); + result[length] = b; + return result; + } + + public static byte[] Concatenate(byte[] a, byte[] b) + { + if (a == null) + return Clone(b); + if (b == null) + return Clone(a); + + byte[] rv = new byte[a.Length + b.Length]; + Array.Copy(a, 0, rv, 0, a.Length); + Array.Copy(b, 0, rv, a.Length, b.Length); + return rv; + } + + [CLSCompliantAttribute(false)] + public static ushort[] Concatenate(ushort[] a, ushort[] b) + { + if (a == null) + return Clone(b); + if (b == null) + return Clone(a); + + ushort[] rv = new ushort[a.Length + b.Length]; + Array.Copy(a, 0, rv, 0, a.Length); + Array.Copy(b, 0, rv, a.Length, b.Length); + return rv; + } + + public static byte[] ConcatenateAll(params byte[][] vs) + { + byte[][] nonNull = new byte[vs.Length][]; + int count = 0; + int totalLength = 0; + + for (int i = 0; i < vs.Length; ++i) + { + byte[] v = vs[i]; + if (v != null) + { + nonNull[count++] = v; + totalLength += v.Length; + } + } + + byte[] result = new byte[totalLength]; + int pos = 0; + + for (int j = 0; j < count; ++j) + { + byte[] v = nonNull[j]; + Array.Copy(v, 0, result, pos, v.Length); + pos += v.Length; + } + + return result; + } + + public static int[] Concatenate(int[] a, int[] b) + { + if (a == null) + return Clone(b); + if (b == null) + return Clone(a); + + int[] rv = new int[a.Length + b.Length]; + Array.Copy(a, 0, rv, 0, a.Length); + Array.Copy(b, 0, rv, a.Length, b.Length); + return rv; + } + + public static byte[] Prepend(byte[] a, byte b) + { + if (a == null) + return new byte[] { b }; + + int length = a.Length; + byte[] result = new byte[length + 1]; + Array.Copy(a, 0, result, 1, length); + result[0] = b; + return result; + } + + public static short[] Prepend(short[] a, short b) + { + if (a == null) + return new short[] { b }; + + int length = a.Length; + short[] result = new short[length + 1]; + Array.Copy(a, 0, result, 1, length); + result[0] = b; + return result; + } + + public static int[] Prepend(int[] a, int b) + { + if (a == null) + return new int[] { b }; + + int length = a.Length; + int[] result = new int[length + 1]; + Array.Copy(a, 0, result, 1, length); + result[0] = b; + return result; + } + + public static byte[] Reverse(byte[] a) + { + if (a == null) + return null; + + int p1 = 0, p2 = a.Length; + byte[] result = new byte[p2]; + + while (--p2 >= 0) + { + result[p2] = a[p1++]; + } + + return result; + } + + public static int[] Reverse(int[] a) + { + if (a == null) + return null; + + int p1 = 0, p2 = a.Length; + int[] result = new int[p2]; + + while (--p2 >= 0) + { + result[p2] = a[p1++]; + } + + return result; + } + + public static byte[] ReverseInPlace(byte[] a) + { + if (null == a) + return null; + + int p1 = 0, p2 = a.Length - 1; + while (p1 < p2) + { + byte t1 = a[p1], t2 = a[p2]; + a[p1++] = t2; + a[p2--] = t1; + } + + return a; + } + + public static int[] ReverseInPlace(int[] a) + { + if (null == a) + return null; + + int p1 = 0, p2 = a.Length - 1; + while (p1 < p2) + { + int t1 = a[p1], t2 = a[p2]; + a[p1++] = t2; + a[p2--] = t1; + } + + return a; + } + + public static void Clear(byte[] data) + { + if (null != data) + { + Array.Clear(data, 0, data.Length); + } + } + + public static void Clear(int[] data) + { + if (null != data) + { + Array.Clear(data, 0, data.Length); + } + } + + public static bool IsNullOrContainsNull(object[] array) + { + if (null == array) + return true; + + int count = array.Length; + for (int i = 0; i < count; ++i) + { + if (null == array[i]) + return true; + } + return false; + } + + public static bool IsNullOrEmpty(byte[] array) + { + return null == array || array.Length < 1; + } + + public static bool IsNullOrEmpty(object[] array) + { + return null == array || array.Length < 1; + } + } +} diff --git a/BouncyCastle/crypto/src/util/BigIntegers.cs b/BouncyCastle/crypto/src/util/BigIntegers.cs new file mode 100644 index 0000000..a618243 --- /dev/null +++ b/BouncyCastle/crypto/src/util/BigIntegers.cs @@ -0,0 +1,190 @@ +using System; + +using Org.BouncyCastle.Math; +using Org.BouncyCastle.Math.Raw; +using Org.BouncyCastle.Security; + +namespace Org.BouncyCastle.Utilities +{ + /** + * BigInteger utilities. + */ + public abstract class BigIntegers + { + public static readonly BigInteger Zero = BigInteger.Zero; + public static readonly BigInteger One = BigInteger.One; + + private const int MaxIterations = 1000; + + /** + * Return the passed in value as an unsigned byte array. + * + * @param value the value to be converted. + * @return a byte array without a leading zero byte if present in the signed encoding. + */ + public static byte[] AsUnsignedByteArray( + BigInteger n) + { + return n.ToByteArrayUnsigned(); + } + + /** + * Return the passed in value as an unsigned byte array of the specified length, padded with + * leading zeros as necessary. + * @param length the fixed length of the result. + * @param n the value to be converted. + * @return a byte array padded to a fixed length with leading zeros. + */ + public static byte[] AsUnsignedByteArray(int length, BigInteger n) + { + byte[] bytes = n.ToByteArrayUnsigned(); + int bytesLength = bytes.Length; + + if (bytesLength == length) + return bytes; + + if (bytesLength > length) + throw new ArgumentException("standard length exceeded", "n"); + + byte[] tmp = new byte[length]; + Array.Copy(bytes, 0, tmp, length - bytesLength, bytesLength); + return tmp; + } + + /** + * Write the passed in value as unsigned bytes to the specified buffer range, padded with + * leading zeros as necessary. + * + * @param value + * the value to be converted. + * @param buf + * the buffer to which the value is written. + * @param off + * the start offset in array buf at which the data is written. + * @param len + * the fixed length of data written (possibly padded with leading zeros). + */ + public static void AsUnsignedByteArray(BigInteger value, byte[] buf, int off, int len) + { + byte[] bytes = value.ToByteArrayUnsigned(); + if (bytes.Length == len) + { + Array.Copy(bytes, 0, buf, off, len); + return; + } + + int start = bytes[0] == 0 ? 1 : 0; + int count = bytes.Length - start; + + if (count > len) + throw new ArgumentException("standard length exceeded for value"); + + int padLen = len - count; + Arrays.Fill(buf, off, off + padLen, 0); + Array.Copy(bytes, start, buf, off + padLen, count); + } + + /// + /// Creates a Random BigInteger from the secure random of a given bit length. + /// + /// + /// + /// + public static BigInteger CreateRandomBigInteger(int bitLength, SecureRandom secureRandom) + { + return new BigInteger(bitLength, secureRandom); + } + + /** + * Return a random BigInteger not less than 'min' and not greater than 'max' + * + * @param min the least value that may be generated + * @param max the greatest value that may be generated + * @param random the source of randomness + * @return a random BigInteger value in the range [min,max] + */ + public static BigInteger CreateRandomInRange( + BigInteger min, + BigInteger max, + // TODO Should have been just Random class + SecureRandom random) + { + int cmp = min.CompareTo(max); + if (cmp >= 0) + { + if (cmp > 0) + throw new ArgumentException("'min' may not be greater than 'max'"); + + return min; + } + + if (min.BitLength > max.BitLength / 2) + { + return CreateRandomInRange(BigInteger.Zero, max.Subtract(min), random).Add(min); + } + + for (int i = 0; i < MaxIterations; ++i) + { + BigInteger x = new BigInteger(max.BitLength, random); + if (x.CompareTo(min) >= 0 && x.CompareTo(max) <= 0) + { + return x; + } + } + + // fall back to a faster (restricted) method + return new BigInteger(max.Subtract(min).BitLength - 1, random).Add(min); + } + + public static BigInteger ModOddInverse(BigInteger M, BigInteger X) + { + if (!M.TestBit(0)) + throw new ArgumentException("must be odd", "M"); + if (M.SignValue != 1) + throw new ArithmeticException("BigInteger: modulus not positive"); + if (X.SignValue < 0 || X.CompareTo(M) >= 0) + { + X = X.Mod(M); + } + + int bits = M.BitLength; + uint[] m = Nat.FromBigInteger(bits, M); + uint[] x = Nat.FromBigInteger(bits, X); + int len = m.Length; + uint[] z = Nat.Create(len); + if (0 == Mod.ModOddInverse(m, x, z)) + throw new ArithmeticException("BigInteger not invertible"); + return Nat.ToBigInteger(len, z); + } + + public static BigInteger ModOddInverseVar(BigInteger M, BigInteger X) + { + if (!M.TestBit(0)) + throw new ArgumentException("must be odd", "M"); + if (M.SignValue != 1) + throw new ArithmeticException("BigInteger: modulus not positive"); + if (M.Equals(One)) + return Zero; + if (X.SignValue < 0 || X.CompareTo(M) >= 0) + { + X = X.Mod(M); + } + if (X.Equals(One)) + return One; + + int bits = M.BitLength; + uint[] m = Nat.FromBigInteger(bits, M); + uint[] x = Nat.FromBigInteger(bits, X); + int len = m.Length; + uint[] z = Nat.Create(len); + if (!Mod.ModOddInverseVar(m, x, z)) + throw new ArithmeticException("BigInteger not invertible"); + return Nat.ToBigInteger(len, z); + } + + public static int GetUnsignedByteLength(BigInteger n) + { + return (n.BitLength + 7) / 8; + } + } +} diff --git a/BouncyCastle/crypto/src/util/Bytes.cs b/BouncyCastle/crypto/src/util/Bytes.cs new file mode 100644 index 0000000..ecde85d --- /dev/null +++ b/BouncyCastle/crypto/src/util/Bytes.cs @@ -0,0 +1,10 @@ +using System; + +namespace Org.BouncyCastle.Utilities +{ + public abstract class Bytes + { + public const int NumBits = 8; + public const int NumBytes = 1; + } +} diff --git a/BouncyCastle/crypto/src/util/Enums.cs b/BouncyCastle/crypto/src/util/Enums.cs new file mode 100644 index 0000000..9e908c4 --- /dev/null +++ b/BouncyCastle/crypto/src/util/Enums.cs @@ -0,0 +1,78 @@ +using System; +using System.Text; + +#if NETCF_1_0 || NETCF_2_0 || SILVERLIGHT || PORTABLE +using System.Collections; +using System.Reflection; +#endif + +using Org.BouncyCastle.Utilities.Date; + +namespace Org.BouncyCastle.Utilities +{ + internal abstract class Enums + { + internal static Enum GetEnumValue(System.Type enumType, string s) + { + if (!IsEnumType(enumType)) + throw new ArgumentException("Not an enumeration type", "enumType"); + + // We only want to parse single named constants + if (s.Length > 0 && char.IsLetter(s[0]) && s.IndexOf(',') < 0) + { + s = s.Replace('-', '_'); + s = s.Replace('/', '_'); + +#if NETCF_1_0 + FieldInfo field = enumType.GetField(s, BindingFlags.Static | BindingFlags.Public); + if (field != null) + { + return (Enum)field.GetValue(null); + } +#else + return (Enum)Enum.Parse(enumType, s, false); +#endif + } + + throw new ArgumentException(); + } + + internal static Array GetEnumValues(System.Type enumType) + { + if (!IsEnumType(enumType)) + throw new ArgumentException("Not an enumeration type", "enumType"); + +#if NETCF_1_0 || NETCF_2_0 || SILVERLIGHT + IList result = Platform.CreateArrayList(); + FieldInfo[] fields = enumType.GetFields(BindingFlags.Static | BindingFlags.Public); + foreach (FieldInfo field in fields) + { + // Note: Argument to GetValue() ignored since the fields are static, + // but Silverlight for Windows Phone throws exception if we pass null + result.Add(field.GetValue(enumType)); + } + object[] arr = new object[result.Count]; + result.CopyTo(arr, 0); + return arr; +#else + return Enum.GetValues(enumType); +#endif + } + + internal static Enum GetArbitraryValue(System.Type enumType) + { + Array values = GetEnumValues(enumType); + int pos = (int)(DateTimeUtilities.CurrentUnixMs() & int.MaxValue) % values.Length; + return (Enum)values.GetValue(pos); + } + + internal static bool IsEnumType(System.Type t) + { +#if NEW_REFLECTION + return t.GetTypeInfo().IsEnum; +#else + return t.IsEnum; +#endif + } + } +} diff --git a/BouncyCastle/crypto/src/util/IMemoable.cs b/BouncyCastle/crypto/src/util/IMemoable.cs new file mode 100644 index 0000000..cc8a2e5 --- /dev/null +++ b/BouncyCastle/crypto/src/util/IMemoable.cs @@ -0,0 +1,29 @@ +using System; + +namespace Org.BouncyCastle.Utilities +{ + public interface IMemoable + { + /// + /// Produce a copy of this object with its configuration and in its current state. + /// + /// + /// The returned object may be used simply to store the state, or may be used as a similar object + /// starting from the copied state. + /// + IMemoable Copy(); + + /// + /// Restore a copied object state into this object. + /// + /// + /// Implementations of this method should try to avoid or minimise memory allocation to perform the reset. + /// + /// an object originally {@link #copy() copied} from an object of the same type as this instance. + /// if the provided object is not of the correct type. + /// if the other parameter is in some other way invalid. + void Reset(IMemoable other); + } + +} + diff --git a/BouncyCastle/crypto/src/util/Integers.cs b/BouncyCastle/crypto/src/util/Integers.cs new file mode 100644 index 0000000..efa437e --- /dev/null +++ b/BouncyCastle/crypto/src/util/Integers.cs @@ -0,0 +1,86 @@ +using System; + +using Org.BouncyCastle.Math.Raw; + +namespace Org.BouncyCastle.Utilities +{ + public abstract class Integers + { + public const int NumBits = 32; + public const int NumBytes = 4; + + private static readonly byte[] DeBruijnTZ = { + 0x1F, 0x00, 0x1B, 0x01, 0x1C, 0x0D, 0x17, 0x02, 0x1D, 0x15, 0x13, 0x0E, 0x18, 0x10, 0x03, 0x07, + 0x1E, 0x1A, 0x0C, 0x16, 0x14, 0x12, 0x0F, 0x06, 0x19, 0x0B, 0x11, 0x05, 0x0A, 0x04, 0x09, 0x08 }; + + public static int NumberOfLeadingZeros(int i) + { + if (i <= 0) + return (~i >> (31 - 5)) & (1 << 5); + + uint u = (uint)i; + int n = 1; + if (0 == (u >> 16)) { n += 16; u <<= 16; } + if (0 == (u >> 24)) { n += 8; u <<= 8; } + if (0 == (u >> 28)) { n += 4; u <<= 4; } + if (0 == (u >> 30)) { n += 2; u <<= 2; } + n -= (int)(u >> 31); + return n; + } + + public static int NumberOfTrailingZeros(int i) + { + int n = DeBruijnTZ[(uint)((i & -i) * 0x0EF96A62) >> 27]; + int m = (((i & 0xFFFF) | (int)((uint)i >> 16)) - 1) >> 31; + return n - m; + } + + public static int Reverse(int i) + { + return (int)Reverse((uint)i); + } + + [CLSCompliantAttribute(false)] + public static uint Reverse(uint i) + { + i = Bits.BitPermuteStepSimple(i, 0x55555555U, 1); + i = Bits.BitPermuteStepSimple(i, 0x33333333U, 2); + i = Bits.BitPermuteStepSimple(i, 0x0F0F0F0FU, 4); + return ReverseBytes(i); + } + + public static int ReverseBytes(int i) + { + return (int)ReverseBytes((uint)i); + } + + [CLSCompliantAttribute(false)] + public static uint ReverseBytes(uint i) + { + return RotateLeft(i & 0xFF00FF00U, 8) | + RotateLeft(i & 0x00FF00FFU, 24); + } + + public static int RotateLeft(int i, int distance) + { + return (i << distance) ^ (int)((uint)i >> -distance); + } + + [CLSCompliantAttribute(false)] + public static uint RotateLeft(uint i, int distance) + { + return (i << distance) ^ (i >> -distance); + } + + public static int RotateRight(int i, int distance) + { + return (int)((uint)i >> distance) ^ (i << -distance); + } + + [CLSCompliantAttribute(false)] + public static uint RotateRight(uint i, int distance) + { + return (i >> distance) ^ (i << -distance); + } + } +} diff --git a/BouncyCastle/crypto/src/util/Longs.cs b/BouncyCastle/crypto/src/util/Longs.cs new file mode 100644 index 0000000..4d675bd --- /dev/null +++ b/BouncyCastle/crypto/src/util/Longs.cs @@ -0,0 +1,86 @@ +using System; + +using Org.BouncyCastle.Math.Raw; + +namespace Org.BouncyCastle.Utilities +{ + public abstract class Longs + { + public const int NumBits = 64; + public const int NumBytes = 8; + + private static readonly byte[] DeBruijnTZ = { + 0x3F, 0x00, 0x01, 0x34, 0x02, 0x06, 0x35, 0x1A, 0x03, 0x25, 0x28, 0x07, 0x21, 0x36, 0x2F, 0x1B, + 0x3D, 0x04, 0x26, 0x2D, 0x2B, 0x29, 0x15, 0x08, 0x17, 0x22, 0x3A, 0x37, 0x30, 0x11, 0x1C, 0x0A, + 0x3E, 0x33, 0x05, 0x19, 0x24, 0x27, 0x20, 0x2E, 0x3C, 0x2C, 0x2A, 0x14, 0x16, 0x39, 0x10, 0x09, + 0x32, 0x18, 0x23, 0x1F, 0x3B, 0x13, 0x38, 0x0F, 0x31, 0x1E, 0x12, 0x0E, 0x1D, 0x0D, 0x0C, 0x0B }; + + public static int NumberOfLeadingZeros(long i) + { + int x = (int)(i >> 32), n = 0; + if (x == 0) + { + n = 32; + x = (int)i; + } + return n + Integers.NumberOfLeadingZeros(x); + } + + public static int NumberOfTrailingZeros(long i) + { + int n = DeBruijnTZ[(uint)((ulong)((i & -i) * 0x045FBAC7992A70DAL) >> 58)]; + long m = (((i & 0xFFFFFFFFL) | (long)((ulong)i >> 32)) - 1L) >> 63; + return n - (int)m; + } + + public static long Reverse(long i) + { + return (long)Reverse((ulong)i); + } + + [CLSCompliantAttribute(false)] + public static ulong Reverse(ulong i) + { + i = Bits.BitPermuteStepSimple(i, 0x5555555555555555UL, 1); + i = Bits.BitPermuteStepSimple(i, 0x3333333333333333UL, 2); + i = Bits.BitPermuteStepSimple(i, 0x0F0F0F0F0F0F0F0FUL, 4); + return ReverseBytes(i); + } + + public static long ReverseBytes(long i) + { + return (long)ReverseBytes((ulong)i); + } + + [CLSCompliantAttribute(false)] + public static ulong ReverseBytes(ulong i) + { + return RotateLeft(i & 0xFF000000FF000000UL, 8) | + RotateLeft(i & 0x00FF000000FF0000UL, 24) | + RotateLeft(i & 0x0000FF000000FF00UL, 40) | + RotateLeft(i & 0x000000FF000000FFUL, 56); + } + + public static long RotateLeft(long i, int distance) + { + return (i << distance) ^ (long)((ulong)i >> -distance); + } + + [CLSCompliantAttribute(false)] + public static ulong RotateLeft(ulong i, int distance) + { + return (i << distance) ^ (i >> -distance); + } + + public static long RotateRight(long i, int distance) + { + return (long)((ulong)i >> distance) ^ (i << -distance); + } + + [CLSCompliantAttribute(false)] + public static ulong RotateRight(ulong i, int distance) + { + return (i >> distance) ^ (i << -distance); + } + } +} diff --git a/BouncyCastle/crypto/src/util/MemoableResetException.cs b/BouncyCastle/crypto/src/util/MemoableResetException.cs new file mode 100644 index 0000000..99554f6 --- /dev/null +++ b/BouncyCastle/crypto/src/util/MemoableResetException.cs @@ -0,0 +1,27 @@ +using System; + +namespace Org.BouncyCastle.Utilities +{ + /** + * Exception to be thrown on a failure to reset an object implementing Memoable. + *

    + * The exception extends InvalidCastException to enable users to have a single handling case, + * only introducing specific handling of this one if required. + *

    + */ + public class MemoableResetException + : InvalidCastException + { + /** + * Basic Constructor. + * + * @param msg message to be associated with this exception. + */ + public MemoableResetException(string msg) + : base(msg) + { + } + } + +} + diff --git a/BouncyCastle/crypto/src/util/Platform.cs b/BouncyCastle/crypto/src/util/Platform.cs new file mode 100644 index 0000000..547cef3 --- /dev/null +++ b/BouncyCastle/crypto/src/util/Platform.cs @@ -0,0 +1,234 @@ +using System; +using System.Globalization; +using System.IO; +using System.Text; + +#if SILVERLIGHT || PORTABLE +using System.Collections.Generic; +#else +using System.Collections; +#endif + +namespace Org.BouncyCastle.Utilities +{ + internal abstract class Platform + { + private static readonly CompareInfo InvariantCompareInfo = CultureInfo.InvariantCulture.CompareInfo; + +#if NETCF_1_0 || NETCF_2_0 + private static string GetNewLine() + { + MemoryStream buf = new MemoryStream(); + StreamWriter w = new StreamWriter(buf, Encoding.UTF8); + w.WriteLine(); + Dispose(w); + byte[] bs = buf.ToArray(); + return Encoding.UTF8.GetString(bs, 0, bs.Length); + } +#else + private static string GetNewLine() + { + return Environment.NewLine; + } +#endif + + internal static bool EqualsIgnoreCase(string a, string b) + { +#if PORTABLE + return String.Equals(a, b, StringComparison.OrdinalIgnoreCase); +#else + return ToUpperInvariant(a) == ToUpperInvariant(b); +#endif + } + +#if NETCF_1_0 || NETCF_2_0 || SILVERLIGHT || (PORTABLE && !DOTNET) + internal static string GetEnvironmentVariable( + string variable) + { + return null; + } +#else + internal static string GetEnvironmentVariable( + string variable) + { + try + { + return Environment.GetEnvironmentVariable(variable); + } + catch (System.Security.SecurityException) + { + // We don't have the required permission to read this environment variable, + // which is fine, just act as if it's not set + return null; + } + } +#endif + +#if NETCF_1_0 + internal static Exception CreateNotImplementedException( + string message) + { + return new Exception("Not implemented: " + message); + } + + internal static bool Equals( + object a, + object b) + { + return a == b || (a != null && b != null && a.Equals(b)); + } +#else + internal static Exception CreateNotImplementedException( + string message) + { + return new NotImplementedException(message); + } +#endif + +#if SILVERLIGHT || PORTABLE + internal static System.Collections.IList CreateArrayList() + { + return new List(); + } + internal static System.Collections.IList CreateArrayList(int capacity) + { + return new List(capacity); + } + internal static System.Collections.IList CreateArrayList(System.Collections.ICollection collection) + { + System.Collections.IList result = new List(collection.Count); + foreach (object o in collection) + { + result.Add(o); + } + return result; + } + internal static System.Collections.IList CreateArrayList(System.Collections.IEnumerable collection) + { + System.Collections.IList result = new List(); + foreach (object o in collection) + { + result.Add(o); + } + return result; + } + internal static System.Collections.IDictionary CreateHashtable() + { + return new Dictionary(); + } + internal static System.Collections.IDictionary CreateHashtable(int capacity) + { + return new Dictionary(capacity); + } + internal static System.Collections.IDictionary CreateHashtable(System.Collections.IDictionary dictionary) + { + System.Collections.IDictionary result = new Dictionary(dictionary.Count); + foreach (System.Collections.DictionaryEntry entry in dictionary) + { + result.Add(entry.Key, entry.Value); + } + return result; + } +#else + internal static System.Collections.IList CreateArrayList() + { + return new ArrayList(); + } + internal static System.Collections.IList CreateArrayList(int capacity) + { + return new ArrayList(capacity); + } + internal static System.Collections.IList CreateArrayList(System.Collections.ICollection collection) + { + return new ArrayList(collection); + } + internal static System.Collections.IList CreateArrayList(System.Collections.IEnumerable collection) + { + ArrayList result = new ArrayList(); + foreach (object o in collection) + { + result.Add(o); + } + return result; + } + internal static System.Collections.IDictionary CreateHashtable() + { + return new Hashtable(); + } + internal static System.Collections.IDictionary CreateHashtable(int capacity) + { + return new Hashtable(capacity); + } + internal static System.Collections.IDictionary CreateHashtable(System.Collections.IDictionary dictionary) + { + return new Hashtable(dictionary); + } +#endif + + internal static int GetHashCode(object obj) + { + return null == obj ? 0 : obj.GetHashCode(); + } + + internal static string ToLowerInvariant(string s) + { +#if PORTABLE + return s.ToLowerInvariant(); +#else + return s.ToLower(CultureInfo.InvariantCulture); +#endif + } + + internal static string ToUpperInvariant(string s) + { +#if PORTABLE + return s.ToUpperInvariant(); +#else + return s.ToUpper(CultureInfo.InvariantCulture); +#endif + } + + internal static readonly string NewLine = GetNewLine(); + +#if PORTABLE + internal static void Dispose(IDisposable d) + { + d.Dispose(); + } +#else + internal static void Dispose(Stream s) + { + s.Close(); + } + internal static void Dispose(TextWriter t) + { + t.Close(); + } +#endif + + internal static int IndexOf(string source, string value) + { + return InvariantCompareInfo.IndexOf(source, value, CompareOptions.Ordinal); + } + + internal static int LastIndexOf(string source, string value) + { + return InvariantCompareInfo.LastIndexOf(source, value, CompareOptions.Ordinal); + } + + internal static bool StartsWith(string source, string prefix) + { + return InvariantCompareInfo.IsPrefix(source, prefix, CompareOptions.Ordinal); + } + + internal static bool EndsWith(string source, string suffix) + { + return InvariantCompareInfo.IsSuffix(source, suffix, CompareOptions.Ordinal); + } + + internal static string GetTypeName(object obj) + { + return obj.GetType().FullName; + } + } +} diff --git a/BouncyCastle/crypto/src/util/Strings.cs b/BouncyCastle/crypto/src/util/Strings.cs new file mode 100644 index 0000000..73a15ea --- /dev/null +++ b/BouncyCastle/crypto/src/util/Strings.cs @@ -0,0 +1,128 @@ +using System; +using System.Text; + +namespace Org.BouncyCastle.Utilities +{ + /// General string utilities. + public abstract class Strings + { + + public static string ToUpperCase(string original) + { + bool changed = false; + char[] chars = original.ToCharArray(); + + for (int i = 0; i != chars.Length; i++) + { + char ch = chars[i]; + if ('a' <= ch && 'z' >= ch) + { + changed = true; + chars[i] = (char)(ch - 'a' + 'A'); + } + } + + if (changed) + { + return new String(chars); + } + + return original; + } + + + internal static bool IsOneOf(string s, params string[] candidates) + { + foreach (string candidate in candidates) + { + if (s == candidate) + return true; + } + return false; + } + + public static string FromByteArray( + byte[] bs) + { + char[] cs = new char[bs.Length]; + for (int i = 0; i < cs.Length; ++i) + { + cs[i] = Convert.ToChar(bs[i]); + } + return new string(cs); + } + + public static byte[] ToByteArray( + char[] cs) + { + byte[] bs = new byte[cs.Length]; + for (int i = 0; i < bs.Length; ++i) + { + bs[i] = Convert.ToByte(cs[i]); + } + return bs; + } + + public static byte[] ToByteArray( + string s) + { + byte[] bs = new byte[s.Length]; + for (int i = 0; i < bs.Length; ++i) + { + bs[i] = Convert.ToByte(s[i]); + } + return bs; + } + + public static string FromAsciiByteArray( + byte[] bytes) + { +#if SILVERLIGHT || PORTABLE + // TODO Check for non-ASCII bytes in input? + return Encoding.UTF8.GetString(bytes, 0, bytes.Length); +#else + return Encoding.ASCII.GetString(bytes, 0, bytes.Length); +#endif + } + + public static byte[] ToAsciiByteArray( + char[] cs) + { +#if SILVERLIGHT || PORTABLE + // TODO Check for non-ASCII characters in input? + return Encoding.UTF8.GetBytes(cs); +#else + return Encoding.ASCII.GetBytes(cs); +#endif + } + + public static byte[] ToAsciiByteArray( + string s) + { +#if SILVERLIGHT || PORTABLE + // TODO Check for non-ASCII characters in input? + return Encoding.UTF8.GetBytes(s); +#else + return Encoding.ASCII.GetBytes(s); +#endif + } + + public static string FromUtf8ByteArray( + byte[] bytes) + { + return Encoding.UTF8.GetString(bytes, 0, bytes.Length); + } + + public static byte[] ToUtf8ByteArray( + char[] cs) + { + return Encoding.UTF8.GetBytes(cs); + } + + public static byte[] ToUtf8ByteArray( + string s) + { + return Encoding.UTF8.GetBytes(s); + } + } +} diff --git a/BouncyCastle/crypto/src/util/Times.cs b/BouncyCastle/crypto/src/util/Times.cs new file mode 100644 index 0000000..99a78d2 --- /dev/null +++ b/BouncyCastle/crypto/src/util/Times.cs @@ -0,0 +1,14 @@ +using System; + +namespace Org.BouncyCastle.Utilities +{ + public sealed class Times + { + private static long NanosecondsPerTick = 100L; + + public static long NanoTime() + { + return DateTime.UtcNow.Ticks * NanosecondsPerTick; + } + } +} diff --git a/BouncyCastle/crypto/src/util/TypeExtensions.cs b/BouncyCastle/crypto/src/util/TypeExtensions.cs new file mode 100644 index 0000000..e2aeae4 --- /dev/null +++ b/BouncyCastle/crypto/src/util/TypeExtensions.cs @@ -0,0 +1,17 @@ +#if NEW_REFLECTION + +using System; +using System.Reflection; + +namespace Org.BouncyCastle +{ + internal static class TypeExtensions + { + public static bool IsInstanceOfType(this Type type, object instance) + { + return instance != null && type.GetTypeInfo().IsAssignableFrom(instance.GetType().GetTypeInfo()); + } + } +} + +#endif diff --git a/BouncyCastle/crypto/src/util/collections/CollectionUtilities.cs b/BouncyCastle/crypto/src/util/collections/CollectionUtilities.cs new file mode 100644 index 0000000..e0c79bd --- /dev/null +++ b/BouncyCastle/crypto/src/util/collections/CollectionUtilities.cs @@ -0,0 +1,67 @@ +using System; +using System.Collections; +using System.Text; + +namespace Org.BouncyCastle.Utilities.Collections +{ + public abstract class CollectionUtilities + { + public static void AddRange(IList to, IEnumerable range) + { + foreach (object o in range) + { + to.Add(o); + } + } + + public static bool CheckElementsAreOfType(IEnumerable e, Type t) + { + foreach (object o in e) + { + if (!t.IsInstanceOfType(o)) + return false; + } + return true; + } + + public static IDictionary ReadOnly(IDictionary d) + { + return new UnmodifiableDictionaryProxy(d); + } + + public static IList ReadOnly(IList l) + { + return new UnmodifiableListProxy(l); + } + + public static ISet ReadOnly(ISet s) + { + return new UnmodifiableSetProxy(s); + } + + public static object RequireNext(IEnumerator e) + { + if (!e.MoveNext()) + throw new InvalidOperationException(); + + return e.Current; + } + + public static string ToString(IEnumerable c) + { + IEnumerator e = c.GetEnumerator(); + if (!e.MoveNext()) + return "[]"; + + StringBuilder sb = new StringBuilder("["); + sb.Append(e.Current.ToString()); + while (e.MoveNext()) + { + sb.Append(", "); + sb.Append(e.Current.ToString()); + } + sb.Append(']'); + return sb.ToString(); + } + } +} diff --git a/BouncyCastle/crypto/src/util/collections/EmptyEnumerable.cs b/BouncyCastle/crypto/src/util/collections/EmptyEnumerable.cs new file mode 100644 index 0000000..a61a078 --- /dev/null +++ b/BouncyCastle/crypto/src/util/collections/EmptyEnumerable.cs @@ -0,0 +1,44 @@ +using System; +using System.Collections; + +namespace Org.BouncyCastle.Utilities.Collections +{ + public sealed class EmptyEnumerable + : IEnumerable + { + public static readonly IEnumerable Instance = new EmptyEnumerable(); + + private EmptyEnumerable() + { + } + + public IEnumerator GetEnumerator() + { + return EmptyEnumerator.Instance; + } + } + + public sealed class EmptyEnumerator + : IEnumerator + { + public static readonly IEnumerator Instance = new EmptyEnumerator(); + + private EmptyEnumerator() + { + } + + public bool MoveNext() + { + return false; + } + + public void Reset() + { + } + + public object Current + { + get { throw new InvalidOperationException("No elements"); } + } + } +} diff --git a/BouncyCastle/crypto/src/util/collections/EnumerableProxy.cs b/BouncyCastle/crypto/src/util/collections/EnumerableProxy.cs new file mode 100644 index 0000000..9eec4af --- /dev/null +++ b/BouncyCastle/crypto/src/util/collections/EnumerableProxy.cs @@ -0,0 +1,25 @@ +using System; +using System.Collections; + +namespace Org.BouncyCastle.Utilities.Collections +{ + public sealed class EnumerableProxy + : IEnumerable + { + private readonly IEnumerable inner; + + public EnumerableProxy( + IEnumerable inner) + { + if (inner == null) + throw new ArgumentNullException("inner"); + + this.inner = inner; + } + + public IEnumerator GetEnumerator() + { + return inner.GetEnumerator(); + } + } +} diff --git a/BouncyCastle/crypto/src/util/collections/HashSet.cs b/BouncyCastle/crypto/src/util/collections/HashSet.cs new file mode 100644 index 0000000..1facb58 --- /dev/null +++ b/BouncyCastle/crypto/src/util/collections/HashSet.cs @@ -0,0 +1,99 @@ +using System; +using System.Collections; + +namespace Org.BouncyCastle.Utilities.Collections +{ + public class HashSet + : ISet + { + private readonly IDictionary impl = Platform.CreateHashtable(); + + public HashSet() + { + } + + public HashSet(IEnumerable s) + { + foreach (object o in s) + { + Add(o); + } + } + + public virtual void Add(object o) + { + impl[o] = null; + } + + public virtual void AddAll(IEnumerable e) + { + foreach (object o in e) + { + Add(o); + } + } + + public virtual void Clear() + { + impl.Clear(); + } + + public virtual bool Contains(object o) + { + return impl.Contains(o); + } + + public virtual void CopyTo(Array array, int index) + { + impl.Keys.CopyTo(array, index); + } + + public virtual int Count + { + get { return impl.Count; } + } + + public virtual IEnumerator GetEnumerator() + { + return impl.Keys.GetEnumerator(); + } + + public virtual bool IsEmpty + { + get { return impl.Count == 0; } + } + + public virtual bool IsFixedSize + { + get { return impl.IsFixedSize; } + } + + public virtual bool IsReadOnly + { + get { return impl.IsReadOnly; } + } + + public virtual bool IsSynchronized + { + get { return impl.IsSynchronized; } + } + + public virtual void Remove(object o) + { + impl.Remove(o); + } + + public virtual void RemoveAll(IEnumerable e) + { + foreach (object o in e) + { + Remove(o); + } + } + + public virtual object SyncRoot + { + get { return impl.SyncRoot; } + } + } +} diff --git a/BouncyCastle/crypto/src/util/collections/ISet.cs b/BouncyCastle/crypto/src/util/collections/ISet.cs new file mode 100644 index 0000000..1f8edba --- /dev/null +++ b/BouncyCastle/crypto/src/util/collections/ISet.cs @@ -0,0 +1,19 @@ +using System; +using System.Collections; + +namespace Org.BouncyCastle.Utilities.Collections +{ + public interface ISet + : ICollection + { + void Add(object o); + void AddAll(IEnumerable e); + void Clear(); + bool Contains(object o); + bool IsEmpty { get; } + bool IsFixedSize { get; } + bool IsReadOnly { get; } + void Remove(object o); + void RemoveAll(IEnumerable e); + } +} diff --git a/BouncyCastle/crypto/src/util/collections/LinkedDictionary.cs b/BouncyCastle/crypto/src/util/collections/LinkedDictionary.cs new file mode 100644 index 0000000..933d38d --- /dev/null +++ b/BouncyCastle/crypto/src/util/collections/LinkedDictionary.cs @@ -0,0 +1,178 @@ +using System; +using System.Collections; + +namespace Org.BouncyCastle.Utilities.Collections +{ + public class LinkedDictionary + : IDictionary + { + internal readonly IDictionary hash = Platform.CreateHashtable(); + internal readonly IList keys = Platform.CreateArrayList(); + + public LinkedDictionary() + { + } + + public virtual void Add(object k, object v) + { + hash.Add(k, v); + keys.Add(k); + } + + public virtual void Clear() + { + hash.Clear(); + keys.Clear(); + } + + public virtual bool Contains(object k) + { + return hash.Contains(k); + } + + public virtual void CopyTo(Array array, int index) + { + foreach (object k in keys) + { + array.SetValue(hash[k], index++); + } + } + + public virtual int Count + { + get { return hash.Count; } + } + + IEnumerator IEnumerable.GetEnumerator() + { + return GetEnumerator(); + } + + public virtual IDictionaryEnumerator GetEnumerator() + { + return new LinkedDictionaryEnumerator(this); + } + + public virtual void Remove(object k) + { + hash.Remove(k); + keys.Remove(k); + } + + public virtual bool IsFixedSize + { + get { return false; } + } + + public virtual bool IsReadOnly + { + get { return false; } + } + + public virtual bool IsSynchronized + { + get { return false; } + } + + public virtual object SyncRoot + { + get { return false; } + } + + public virtual ICollection Keys + { + get { return Platform.CreateArrayList(keys); } + } + + public virtual ICollection Values + { + // NB: Order has to be the same as for Keys property + get + { + IList values = Platform.CreateArrayList(keys.Count); + foreach (object k in keys) + { + values.Add(hash[k]); + } + return values; + } + } + + public virtual object this[object k] + { + get + { + return hash[k]; + } + set + { + if (!hash.Contains(k)) + keys.Add(k); + hash[k] = value; + } + } + } + + internal class LinkedDictionaryEnumerator : IDictionaryEnumerator + { + private readonly LinkedDictionary parent; + private int pos = -1; + + internal LinkedDictionaryEnumerator(LinkedDictionary parent) + { + this.parent = parent; + } + + public virtual object Current + { + get { return Entry; } + } + + public virtual DictionaryEntry Entry + { + get + { + object k = CurrentKey; + return new DictionaryEntry(k, parent.hash[k]); + } + } + + public virtual object Key + { + get + { + return CurrentKey; + } + } + + public virtual bool MoveNext() + { + if (pos >= parent.keys.Count) + return false; + return ++pos < parent.keys.Count; + } + + public virtual void Reset() + { + this.pos = -1; + } + + public virtual object Value + { + get + { + return parent.hash[CurrentKey]; + } + } + + private object CurrentKey + { + get + { + if (pos < 0 || pos >= parent.keys.Count) + throw new InvalidOperationException(); + return parent.keys[pos]; + } + } + } +} diff --git a/BouncyCastle/crypto/src/util/collections/UnmodifiableDictionary.cs b/BouncyCastle/crypto/src/util/collections/UnmodifiableDictionary.cs new file mode 100644 index 0000000..0bdf70a --- /dev/null +++ b/BouncyCastle/crypto/src/util/collections/UnmodifiableDictionary.cs @@ -0,0 +1,64 @@ +using System; +using System.Collections; + +namespace Org.BouncyCastle.Utilities.Collections +{ + public abstract class UnmodifiableDictionary + : IDictionary + { + protected UnmodifiableDictionary() + { + } + + public virtual void Add(object k, object v) + { + throw new NotSupportedException(); + } + + public virtual void Clear() + { + throw new NotSupportedException(); + } + + public abstract bool Contains(object k); + + public abstract void CopyTo(Array array, int index); + + public abstract int Count { get; } + + IEnumerator IEnumerable.GetEnumerator() + { + return GetEnumerator(); + } + + public abstract IDictionaryEnumerator GetEnumerator(); + + public virtual void Remove(object k) + { + throw new NotSupportedException(); + } + + public abstract bool IsFixedSize { get; } + + public virtual bool IsReadOnly + { + get { return true; } + } + + public abstract bool IsSynchronized { get; } + + public abstract object SyncRoot { get; } + + public abstract ICollection Keys { get; } + + public abstract ICollection Values { get; } + + public virtual object this[object k] + { + get { return GetValue(k); } + set { throw new NotSupportedException(); } + } + + protected abstract object GetValue(object k); + } +} diff --git a/BouncyCastle/crypto/src/util/collections/UnmodifiableDictionaryProxy.cs b/BouncyCastle/crypto/src/util/collections/UnmodifiableDictionaryProxy.cs new file mode 100644 index 0000000..0fca909 --- /dev/null +++ b/BouncyCastle/crypto/src/util/collections/UnmodifiableDictionaryProxy.cs @@ -0,0 +1,66 @@ +using System; +using System.Collections; + +namespace Org.BouncyCastle.Utilities.Collections +{ + public class UnmodifiableDictionaryProxy + : UnmodifiableDictionary + { + private readonly IDictionary d; + + public UnmodifiableDictionaryProxy(IDictionary d) + { + this.d = d; + } + + public override bool Contains(object k) + { + return d.Contains(k); + } + + public override void CopyTo(Array array, int index) + { + d.CopyTo(array, index); + } + + public override int Count + { + get { return d.Count; } + } + + public override IDictionaryEnumerator GetEnumerator() + { + return d.GetEnumerator(); + } + + public override bool IsFixedSize + { + get { return d.IsFixedSize; } + } + + public override bool IsSynchronized + { + get { return d.IsSynchronized; } + } + + public override object SyncRoot + { + get { return d.SyncRoot; } + } + + public override ICollection Keys + { + get { return d.Keys; } + } + + public override ICollection Values + { + get { return d.Values; } + } + + protected override object GetValue(object k) + { + return d[k]; + } + } +} diff --git a/BouncyCastle/crypto/src/util/collections/UnmodifiableList.cs b/BouncyCastle/crypto/src/util/collections/UnmodifiableList.cs new file mode 100644 index 0000000..28e49ea --- /dev/null +++ b/BouncyCastle/crypto/src/util/collections/UnmodifiableList.cs @@ -0,0 +1,67 @@ +using System; +using System.Collections; + +namespace Org.BouncyCastle.Utilities.Collections +{ + public abstract class UnmodifiableList + : IList + { + protected UnmodifiableList() + { + } + + public virtual int Add(object o) + { + throw new NotSupportedException(); + } + + public virtual void Clear() + { + throw new NotSupportedException(); + } + + public abstract bool Contains(object o); + + public abstract void CopyTo(Array array, int index); + + public abstract int Count { get; } + + public abstract IEnumerator GetEnumerator(); + + public abstract int IndexOf(object o); + + public virtual void Insert(int i, object o) + { + throw new NotSupportedException(); + } + + public abstract bool IsFixedSize { get; } + + public virtual bool IsReadOnly + { + get { return true; } + } + + public abstract bool IsSynchronized { get; } + + public virtual void Remove(object o) + { + throw new NotSupportedException(); + } + + public virtual void RemoveAt(int i) + { + throw new NotSupportedException(); + } + + public abstract object SyncRoot { get; } + + public virtual object this[int i] + { + get { return GetValue(i); } + set { throw new NotSupportedException(); } + } + + protected abstract object GetValue(int i); + } +} diff --git a/BouncyCastle/crypto/src/util/collections/UnmodifiableListProxy.cs b/BouncyCastle/crypto/src/util/collections/UnmodifiableListProxy.cs new file mode 100644 index 0000000..9d00737 --- /dev/null +++ b/BouncyCastle/crypto/src/util/collections/UnmodifiableListProxy.cs @@ -0,0 +1,61 @@ +using System; +using System.Collections; + +namespace Org.BouncyCastle.Utilities.Collections +{ + public class UnmodifiableListProxy + : UnmodifiableList + { + private readonly IList l; + + public UnmodifiableListProxy(IList l) + { + this.l = l; + } + + public override bool Contains(object o) + { + return l.Contains(o); + } + + public override void CopyTo(Array array, int index) + { + l.CopyTo(array, index); + } + + public override int Count + { + get { return l.Count; } + } + + public override IEnumerator GetEnumerator() + { + return l.GetEnumerator(); + } + + public override int IndexOf(object o) + { + return l.IndexOf(o); + } + + public override bool IsFixedSize + { + get { return l.IsFixedSize; } + } + + public override bool IsSynchronized + { + get { return l.IsSynchronized; } + } + + public override object SyncRoot + { + get { return l.SyncRoot; } + } + + protected override object GetValue(int i) + { + return l[i]; + } + } +} diff --git a/BouncyCastle/crypto/src/util/collections/UnmodifiableSet.cs b/BouncyCastle/crypto/src/util/collections/UnmodifiableSet.cs new file mode 100644 index 0000000..8792815 --- /dev/null +++ b/BouncyCastle/crypto/src/util/collections/UnmodifiableSet.cs @@ -0,0 +1,59 @@ +using System; +using System.Collections; + +namespace Org.BouncyCastle.Utilities.Collections +{ + public abstract class UnmodifiableSet + : ISet + { + protected UnmodifiableSet() + { + } + + public virtual void Add(object o) + { + throw new NotSupportedException(); + } + + public virtual void AddAll(IEnumerable e) + { + throw new NotSupportedException(); + } + + public virtual void Clear() + { + throw new NotSupportedException(); + } + + public abstract bool Contains(object o); + + public abstract void CopyTo(Array array, int index); + + public abstract int Count { get; } + + public abstract IEnumerator GetEnumerator(); + + public abstract bool IsEmpty { get; } + + public abstract bool IsFixedSize { get; } + + public virtual bool IsReadOnly + { + get { return true; } + } + + public abstract bool IsSynchronized { get; } + + public abstract object SyncRoot { get; } + + public virtual void Remove(object o) + { + throw new NotSupportedException(); + } + + public virtual void RemoveAll(IEnumerable e) + { + throw new NotSupportedException(); + } + } +} diff --git a/BouncyCastle/crypto/src/util/collections/UnmodifiableSetProxy.cs b/BouncyCastle/crypto/src/util/collections/UnmodifiableSetProxy.cs new file mode 100644 index 0000000..e119e29 --- /dev/null +++ b/BouncyCastle/crypto/src/util/collections/UnmodifiableSetProxy.cs @@ -0,0 +1,56 @@ +using System; +using System.Collections; + +namespace Org.BouncyCastle.Utilities.Collections +{ + public class UnmodifiableSetProxy + : UnmodifiableSet + { + private readonly ISet s; + + public UnmodifiableSetProxy (ISet s) + { + this.s = s; + } + + public override bool Contains(object o) + { + return s.Contains(o); + } + + public override void CopyTo(Array array, int index) + { + s.CopyTo(array, index); + } + + public override int Count + { + get { return s.Count; } + } + + public override IEnumerator GetEnumerator() + { + return s.GetEnumerator(); + } + + public override bool IsEmpty + { + get { return s.IsEmpty; } + } + + public override bool IsFixedSize + { + get { return s.IsFixedSize; } + } + + public override bool IsSynchronized + { + get { return s.IsSynchronized; } + } + + public override object SyncRoot + { + get { return s.SyncRoot; } + } + } +} diff --git a/BouncyCastle/crypto/src/util/date/DateTimeObject.cs b/BouncyCastle/crypto/src/util/date/DateTimeObject.cs new file mode 100644 index 0000000..793376b --- /dev/null +++ b/BouncyCastle/crypto/src/util/date/DateTimeObject.cs @@ -0,0 +1,25 @@ +using System; + +namespace Org.BouncyCastle.Utilities.Date +{ + public sealed class DateTimeObject + { + private readonly DateTime dt; + + public DateTimeObject( + DateTime dt) + { + this.dt = dt; + } + + public DateTime Value + { + get { return dt; } + } + + public override string ToString() + { + return dt.ToString(); + } + } +} diff --git a/BouncyCastle/crypto/src/util/date/DateTimeUtilities.cs b/BouncyCastle/crypto/src/util/date/DateTimeUtilities.cs new file mode 100644 index 0000000..311ad5d --- /dev/null +++ b/BouncyCastle/crypto/src/util/date/DateTimeUtilities.cs @@ -0,0 +1,47 @@ +using System; + +namespace Org.BouncyCastle.Utilities.Date +{ + public class DateTimeUtilities + { + public static readonly DateTime UnixEpoch = new DateTime(1970, 1, 1); + + private DateTimeUtilities() + { + } + + /// + /// Return the number of milliseconds since the Unix epoch (1 Jan., 1970 UTC) for a given DateTime value. + /// + /// A UTC DateTime value not before epoch. + /// Number of whole milliseconds after epoch. + /// 'dateTime' is before epoch. + public static long DateTimeToUnixMs( + DateTime dateTime) + { + if (dateTime.CompareTo(UnixEpoch) < 0) + throw new ArgumentException("DateTime value may not be before the epoch", "dateTime"); + + return (dateTime.Ticks - UnixEpoch.Ticks) / TimeSpan.TicksPerMillisecond; + } + + /// + /// Create a DateTime value from the number of milliseconds since the Unix epoch (1 Jan., 1970 UTC). + /// + /// Number of milliseconds since the epoch. + /// A UTC DateTime value + public static DateTime UnixMsToDateTime( + long unixMs) + { + return new DateTime(unixMs * TimeSpan.TicksPerMillisecond + UnixEpoch.Ticks); + } + + /// + /// Return the current number of milliseconds since the Unix epoch (1 Jan., 1970 UTC). + /// + public static long CurrentUnixMs() + { + return DateTimeToUnixMs(DateTime.UtcNow); + } + } +} diff --git a/BouncyCastle/crypto/src/util/encoders/Base64.cs b/BouncyCastle/crypto/src/util/encoders/Base64.cs new file mode 100644 index 0000000..ccecd8d --- /dev/null +++ b/BouncyCastle/crypto/src/util/encoders/Base64.cs @@ -0,0 +1,120 @@ +using System; +using System.IO; +using System.Text; + +namespace Org.BouncyCastle.Utilities.Encoders +{ + public sealed class Base64 + { + private Base64() + { + } + + public static string ToBase64String( + byte[] data) + { + return Convert.ToBase64String(data, 0, data.Length); + } + + public static string ToBase64String( + byte[] data, + int off, + int length) + { + return Convert.ToBase64String(data, off, length); + } + + /** + * encode the input data producing a base 64 encoded byte array. + * + * @return a byte array containing the base 64 encoded data. + */ + public static byte[] Encode( + byte[] data) + { + return Encode(data, 0, data.Length); + } + + /** + * encode the input data producing a base 64 encoded byte array. + * + * @return a byte array containing the base 64 encoded data. + */ + public static byte[] Encode( + byte[] data, + int off, + int length) + { + string s = Convert.ToBase64String(data, off, length); + return Strings.ToAsciiByteArray(s); + } + + /** + * Encode the byte data to base 64 writing it to the given output stream. + * + * @return the number of bytes produced. + */ + public static int Encode( + byte[] data, + Stream outStream) + { + byte[] encoded = Encode(data); + outStream.Write(encoded, 0, encoded.Length); + return encoded.Length; + } + + /** + * Encode the byte data to base 64 writing it to the given output stream. + * + * @return the number of bytes produced. + */ + public static int Encode( + byte[] data, + int off, + int length, + Stream outStream) + { + byte[] encoded = Encode(data, off, length); + outStream.Write(encoded, 0, encoded.Length); + return encoded.Length; + } + + /** + * decode the base 64 encoded input data. It is assumed the input data is valid. + * + * @return a byte array representing the decoded data. + */ + public static byte[] Decode( + byte[] data) + { + string s = Strings.FromAsciiByteArray(data); + return Convert.FromBase64String(s); + } + + /** + * decode the base 64 encoded string data - whitespace will be ignored. + * + * @return a byte array representing the decoded data. + */ + public static byte[] Decode( + string data) + { + return Convert.FromBase64String(data); + } + + /** + * decode the base 64 encoded string data writing it to the given output stream, + * whitespace characters will be ignored. + * + * @return the number of bytes produced. + */ + public static int Decode( + string data, + Stream outStream) + { + byte[] decoded = Decode(data); + outStream.Write(decoded, 0, decoded.Length); + return decoded.Length; + } + } +} diff --git a/BouncyCastle/crypto/src/util/encoders/Base64Encoder.cs b/BouncyCastle/crypto/src/util/encoders/Base64Encoder.cs new file mode 100644 index 0000000..7ec79ea --- /dev/null +++ b/BouncyCastle/crypto/src/util/encoders/Base64Encoder.cs @@ -0,0 +1,337 @@ +using System; +using System.IO; + +namespace Org.BouncyCastle.Utilities.Encoders +{ + public class Base64Encoder + : IEncoder + { + protected readonly byte[] encodingTable = + { + (byte)'A', (byte)'B', (byte)'C', (byte)'D', (byte)'E', (byte)'F', (byte)'G', + (byte)'H', (byte)'I', (byte)'J', (byte)'K', (byte)'L', (byte)'M', (byte)'N', + (byte)'O', (byte)'P', (byte)'Q', (byte)'R', (byte)'S', (byte)'T', (byte)'U', + (byte)'V', (byte)'W', (byte)'X', (byte)'Y', (byte)'Z', + (byte)'a', (byte)'b', (byte)'c', (byte)'d', (byte)'e', (byte)'f', (byte)'g', + (byte)'h', (byte)'i', (byte)'j', (byte)'k', (byte)'l', (byte)'m', (byte)'n', + (byte)'o', (byte)'p', (byte)'q', (byte)'r', (byte)'s', (byte)'t', (byte)'u', + (byte)'v', + (byte)'w', (byte)'x', (byte)'y', (byte)'z', + (byte)'0', (byte)'1', (byte)'2', (byte)'3', (byte)'4', (byte)'5', (byte)'6', + (byte)'7', (byte)'8', (byte)'9', + (byte)'+', (byte)'/' + }; + + protected byte padding = (byte)'='; + + /* + * set up the decoding table. + */ + protected readonly byte[] decodingTable = new byte[128]; + + protected void InitialiseDecodingTable() + { + Arrays.Fill(decodingTable, (byte)0xff); + + for (int i = 0; i < encodingTable.Length; i++) + { + decodingTable[encodingTable[i]] = (byte)i; + } + } + + public Base64Encoder() + { + InitialiseDecodingTable(); + } + + public int Encode(byte[] inBuf, int inOff, int inLen, byte[] outBuf, int outOff) + { + int inPos = inOff; + int inEnd = inOff + inLen - 2; + int outPos = outOff; + + while (inPos < inEnd) + { + uint a1 = inBuf[inPos++]; + uint a2 = inBuf[inPos++]; + uint a3 = inBuf[inPos++]; + + outBuf[outPos++] = encodingTable[(a1 >> 2) & 0x3F]; + outBuf[outPos++] = encodingTable[((a1 << 4) | (a2 >> 4)) & 0x3F]; + outBuf[outPos++] = encodingTable[((a2 << 2) | (a3 >> 6)) & 0x3F]; + outBuf[outPos++] = encodingTable[a3 & 0x3F]; + } + + switch (inLen - (inPos - inOff)) + { + case 1: + { + uint a1 = inBuf[inPos++]; + + outBuf[outPos++] = encodingTable[(a1 >> 2) & 0x3F]; + outBuf[outPos++] = encodingTable[(a1 << 4) & 0x3F]; + outBuf[outPos++] = padding; + outBuf[outPos++] = padding; + break; + } + case 2: + { + uint a1 = inBuf[inPos++]; + uint a2 = inBuf[inPos++]; + + outBuf[outPos++] = encodingTable[(a1 >> 2) & 0x3F]; + outBuf[outPos++] = encodingTable[((a1 << 4) | (a2 >> 4)) & 0x3F]; + outBuf[outPos++] = encodingTable[(a2 << 2) & 0x3F]; + outBuf[outPos++] = padding; + break; + } + } + + return outPos - outOff; + } + + /** + * encode the input data producing a base 64 output stream. + * + * @return the number of bytes produced. + */ + public int Encode(byte[] buf, int off, int len, Stream outStream) + { + if (len < 0) + return 0; + + byte[] tmp = new byte[72]; + int remaining = len; + while (remaining > 0) + { + int inLen = System.Math.Min(54, remaining); + int outLen = Encode(buf, off, inLen, tmp, 0); + outStream.Write(tmp, 0, outLen); + off += inLen; + remaining -= inLen; + } + return (len + 2) / 3 * 4; + } + + private bool Ignore(char c) + { + return c == '\n' || c =='\r' || c == '\t' || c == ' '; + } + + /** + * decode the base 64 encoded byte data writing it to the given output stream, + * whitespace characters will be ignored. + * + * @return the number of bytes produced. + */ + public int Decode(byte[] data, int off, int length, Stream outStream) + { + byte b1, b2, b3, b4; + byte[] outBuffer = new byte[54]; // S/MIME standard + int bufOff = 0; + int outLen = 0; + int end = off + length; + + while (end > off) + { + if (!Ignore((char)data[end - 1])) + break; + + end--; + } + + int i = off; + int finish = end - 4; + + i = NextI(data, i, finish); + + while (i < finish) + { + b1 = decodingTable[data[i++]]; + + i = NextI(data, i, finish); + + b2 = decodingTable[data[i++]]; + + i = NextI(data, i, finish); + + b3 = decodingTable[data[i++]]; + + i = NextI(data, i, finish); + + b4 = decodingTable[data[i++]]; + + if ((b1 | b2 | b3 | b4) >= 0x80) + throw new IOException("invalid characters encountered in base64 data"); + + outBuffer[bufOff++] = (byte)((b1 << 2) | (b2 >> 4)); + outBuffer[bufOff++] = (byte)((b2 << 4) | (b3 >> 2)); + outBuffer[bufOff++] = (byte)((b3 << 6) | b4); + + if (bufOff == outBuffer.Length) + { + outStream.Write(outBuffer, 0, bufOff); + bufOff = 0; + } + + outLen += 3; + + i = NextI(data, i, finish); + } + + if (bufOff > 0) + { + outStream.Write(outBuffer, 0, bufOff); + } + + int e0 = NextI(data, i, end); + int e1 = NextI(data, e0 + 1, end); + int e2 = NextI(data, e1 + 1, end); + int e3 = NextI(data, e2 + 1, end); + + outLen += DecodeLastBlock(outStream, (char)data[e0], (char)data[e1], (char)data[e2], (char)data[e3]); + + return outLen; + } + + private int NextI( + byte[] data, + int i, + int finish) + { + while ((i < finish) && Ignore((char)data[i])) + { + i++; + } + return i; + } + + /** + * decode the base 64 encoded string data writing it to the given output stream, + * whitespace characters will be ignored. + * + * @return the number of bytes produced. + */ + public int DecodeString(string data, Stream outStream) + { + // Platform Implementation +// byte[] bytes = Convert.FromBase64String(data); +// outStream.Write(bytes, 0, bytes.Length); +// return bytes.Length; + + byte b1, b2, b3, b4; + int length = 0; + + int end = data.Length; + + while (end > 0) + { + if (!Ignore(data[end - 1])) + break; + + end--; + } + + int i = 0; + int finish = end - 4; + + i = NextI(data, i, finish); + + while (i < finish) + { + b1 = decodingTable[data[i++]]; + + i = NextI(data, i, finish); + + b2 = decodingTable[data[i++]]; + + i = NextI(data, i, finish); + + b3 = decodingTable[data[i++]]; + + i = NextI(data, i, finish); + + b4 = decodingTable[data[i++]]; + + if ((b1 | b2 | b3 | b4) >= 0x80) + throw new IOException("invalid characters encountered in base64 data"); + + outStream.WriteByte((byte)((b1 << 2) | (b2 >> 4))); + outStream.WriteByte((byte)((b2 << 4) | (b3 >> 2))); + outStream.WriteByte((byte)((b3 << 6) | b4)); + + length += 3; + + i = NextI(data, i, finish); + } + + length += DecodeLastBlock(outStream, data[end - 4], data[end - 3], data[end - 2], data[end - 1]); + + return length; + } + + private int DecodeLastBlock( + Stream outStream, + char c1, + char c2, + char c3, + char c4) + { + if (c3 == padding) + { + if (c4 != padding) + throw new IOException("invalid characters encountered at end of base64 data"); + + byte b1 = decodingTable[c1]; + byte b2 = decodingTable[c2]; + + if ((b1 | b2) >= 0x80) + throw new IOException("invalid characters encountered at end of base64 data"); + + outStream.WriteByte((byte)((b1 << 2) | (b2 >> 4))); + + return 1; + } + + if (c4 == padding) + { + byte b1 = decodingTable[c1]; + byte b2 = decodingTable[c2]; + byte b3 = decodingTable[c3]; + + if ((b1 | b2 | b3) >= 0x80) + throw new IOException("invalid characters encountered at end of base64 data"); + + outStream.WriteByte((byte)((b1 << 2) | (b2 >> 4))); + outStream.WriteByte((byte)((b2 << 4) | (b3 >> 2))); + + return 2; + } + + { + byte b1 = decodingTable[c1]; + byte b2 = decodingTable[c2]; + byte b3 = decodingTable[c3]; + byte b4 = decodingTable[c4]; + + if ((b1 | b2 | b3 | b4) >= 0x80) + throw new IOException("invalid characters encountered at end of base64 data"); + + outStream.WriteByte((byte)((b1 << 2) | (b2 >> 4))); + outStream.WriteByte((byte)((b2 << 4) | (b3 >> 2))); + outStream.WriteByte((byte)((b3 << 6) | b4)); + + return 3; + } + } + + private int NextI(string data, int i, int finish) + { + while ((i < finish) && Ignore(data[i])) + { + i++; + } + return i; + } + } +} diff --git a/BouncyCastle/crypto/src/util/encoders/BufferedDecoder.cs b/BouncyCastle/crypto/src/util/encoders/BufferedDecoder.cs new file mode 100644 index 0000000..633cf1e --- /dev/null +++ b/BouncyCastle/crypto/src/util/encoders/BufferedDecoder.cs @@ -0,0 +1,117 @@ +using System; + +namespace Org.BouncyCastle.Utilities.Encoders +{ + /// + /// A buffering class to allow translation from one format to another to + /// be done in discrete chunks. + /// + public class BufferedDecoder + { + internal byte[] buffer; + internal int bufOff; + + internal ITranslator translator; + + /// + /// Create a buffered Decoder. + /// + /// The translater to use. + /// The size of the buffer. + public BufferedDecoder( + ITranslator translator, + int bufferSize) + { + this.translator = translator; + + if ((bufferSize % translator.GetEncodedBlockSize()) != 0) + { + throw new ArgumentException("buffer size not multiple of input block size"); + } + + buffer = new byte[bufferSize]; +// bufOff = 0; + } + + /// + /// Process one byte of data. + /// + /// Data in. + /// Byte array for the output. + /// The offset in the output byte array to start writing from. + /// The amount of output bytes. + public int ProcessByte( + byte input, + byte[] output, + int outOff) + { + int resultLen = 0; + + buffer[bufOff++] = input; + + if (bufOff == buffer.Length) + { + resultLen = translator.Decode(buffer, 0, buffer.Length, output, outOff); + bufOff = 0; + } + + return resultLen; + } + + + /// + /// Process data from a byte array. + /// + /// The input data. + /// Start position within input data array. + /// Amount of data to process from input data array. + /// Array to store output. + /// Position in output array to start writing from. + /// The amount of output bytes. + public int ProcessBytes( + byte[] input, + int inOff, + int len, + byte[] outBytes, + int outOff) + { + if (len < 0) + { + throw new ArgumentException("Can't have a negative input length!"); + } + + int resultLen = 0; + int gapLen = buffer.Length - bufOff; + + if (len > gapLen) + { + Array.Copy(input, inOff, buffer, bufOff, gapLen); + + resultLen += translator.Decode(buffer, 0, buffer.Length, outBytes, outOff); + + bufOff = 0; + + len -= gapLen; + inOff += gapLen; + outOff += resultLen; + + int chunkSize = len - (len % buffer.Length); + + resultLen += translator.Decode(input, inOff, chunkSize, outBytes, outOff); + + len -= chunkSize; + inOff += chunkSize; + } + + if (len != 0) + { + Array.Copy(input, inOff, buffer, bufOff, len); + + bufOff += len; + } + + return resultLen; + } + } + +} diff --git a/BouncyCastle/crypto/src/util/encoders/BufferedEncoder.cs b/BouncyCastle/crypto/src/util/encoders/BufferedEncoder.cs new file mode 100644 index 0000000..5c3b1ab --- /dev/null +++ b/BouncyCastle/crypto/src/util/encoders/BufferedEncoder.cs @@ -0,0 +1,117 @@ +using System; + +namespace Org.BouncyCastle.Utilities.Encoders +{ + /// + /// A class that allows encoding of data using a specific encoder to be processed in chunks. + /// + public class BufferedEncoder + { + internal byte[] Buffer; + internal int bufOff; + + internal ITranslator translator; + + + /// + /// Create. + /// + /// The translator to use. + /// Size of the chunks. + public BufferedEncoder( + ITranslator translator, + int bufferSize) + { + this.translator = translator; + + if ((bufferSize % translator.GetEncodedBlockSize()) != 0) + { + throw new ArgumentException("buffer size not multiple of input block size"); + } + + Buffer = new byte[bufferSize]; +// bufOff = 0; + } + + + /// + /// Process one byte of data. + /// + /// The byte. + /// An array to store output in. + /// Offset within output array to start writing from. + /// + public int ProcessByte( + byte input, + byte[] outBytes, + int outOff) + { + int resultLen = 0; + + Buffer[bufOff++] = input; + + if (bufOff == Buffer.Length) + { + resultLen = translator.Encode(Buffer, 0, Buffer.Length, outBytes, outOff); + bufOff = 0; + } + + return resultLen; + } + + /// + /// Process data from a byte array. + /// + /// Input data Byte array containing data to be processed. + /// Start position within input data array. + /// Amount of input data to be processed. + /// Output data array. + /// Offset within output data array to start writing to. + /// The amount of data written. + public int ProcessBytes( + byte[] input, + int inOff, + int len, + byte[] outBytes, + int outOff) + { + if (len < 0) + { + throw new ArgumentException("Can't have a negative input length!"); + } + + int resultLen = 0; + int gapLen = Buffer.Length - bufOff; + + if (len > gapLen) + { + Array.Copy(input, inOff, Buffer, bufOff, gapLen); + + resultLen += translator.Encode(Buffer, 0, Buffer.Length, outBytes, outOff); + + bufOff = 0; + + len -= gapLen; + inOff += gapLen; + outOff += resultLen; + + int chunkSize = len - (len % Buffer.Length); + + resultLen += translator.Encode(input, inOff, chunkSize, outBytes, outOff); + + len -= chunkSize; + inOff += chunkSize; + } + + if (len != 0) + { + Array.Copy(input, inOff, Buffer, bufOff, len); + + bufOff += len; + } + + return resultLen; + } + } + +} diff --git a/BouncyCastle/crypto/src/util/encoders/Hex.cs b/BouncyCastle/crypto/src/util/encoders/Hex.cs new file mode 100644 index 0000000..0b2a489 --- /dev/null +++ b/BouncyCastle/crypto/src/util/encoders/Hex.cs @@ -0,0 +1,151 @@ +using System; +using System.IO; + +namespace Org.BouncyCastle.Utilities.Encoders +{ + /// + /// Class to decode and encode Hex. + /// + public sealed class Hex + { + private static readonly HexEncoder encoder = new HexEncoder(); + + private Hex() + { + } + + public static string ToHexString( + byte[] data) + { + return ToHexString(data, 0, data.Length); + } + + public static string ToHexString( + byte[] data, + int off, + int length) + { + byte[] hex = Encode(data, off, length); + return Strings.FromAsciiByteArray(hex); + } + + /** + * encode the input data producing a Hex encoded byte array. + * + * @return a byte array containing the Hex encoded data. + */ + public static byte[] Encode( + byte[] data) + { + return Encode(data, 0, data.Length); + } + + /** + * encode the input data producing a Hex encoded byte array. + * + * @return a byte array containing the Hex encoded data. + */ + public static byte[] Encode( + byte[] data, + int off, + int length) + { + MemoryStream bOut = new MemoryStream(length * 2); + + encoder.Encode(data, off, length, bOut); + + return bOut.ToArray(); + } + + /** + * Hex encode the byte data writing it to the given output stream. + * + * @return the number of bytes produced. + */ + public static int Encode( + byte[] data, + Stream outStream) + { + return encoder.Encode(data, 0, data.Length, outStream); + } + + /** + * Hex encode the byte data writing it to the given output stream. + * + * @return the number of bytes produced. + */ + public static int Encode( + byte[] data, + int off, + int length, + Stream outStream) + { + return encoder.Encode(data, off, length, outStream); + } + + /** + * decode the Hex encoded input data. It is assumed the input data is valid. + * + * @return a byte array representing the decoded data. + */ + public static byte[] Decode( + byte[] data) + { + MemoryStream bOut = new MemoryStream((data.Length + 1) / 2); + + encoder.Decode(data, 0, data.Length, bOut); + + return bOut.ToArray(); + } + + /** + * decode the Hex encoded string data - whitespace will be ignored. + * + * @return a byte array representing the decoded data. + */ + public static byte[] Decode( + string data) + { + MemoryStream bOut = new MemoryStream((data.Length + 1) / 2); + + encoder.DecodeString(data, bOut); + + return bOut.ToArray(); + } + + /** + * decode the Hex encoded string data writing it to the given output stream, + * whitespace characters will be ignored. + * + * @return the number of bytes produced. + */ + public static int Decode( + string data, + Stream outStream) + { + return encoder.DecodeString(data, outStream); + } + + /** + * Decode the hexadecimal-encoded string strictly i.e. any non-hexadecimal characters will be + * considered an error. + * + * @return a byte array representing the decoded data. + */ + public static byte[] DecodeStrict(string str) + { + return encoder.DecodeStrict(str, 0, str.Length); + } + + /** + * Decode the hexadecimal-encoded string strictly i.e. any non-hexadecimal characters will be + * considered an error. + * + * @return a byte array representing the decoded data. + */ + public static byte[] DecodeStrict(string str, int off, int len) + { + return encoder.DecodeStrict(str, off, len); + } + } +} diff --git a/BouncyCastle/crypto/src/util/encoders/HexEncoder.cs b/BouncyCastle/crypto/src/util/encoders/HexEncoder.cs new file mode 100644 index 0000000..bf68aff --- /dev/null +++ b/BouncyCastle/crypto/src/util/encoders/HexEncoder.cs @@ -0,0 +1,241 @@ +using System; +using System.IO; + +namespace Org.BouncyCastle.Utilities.Encoders +{ + public class HexEncoder + : IEncoder + { + protected readonly byte[] encodingTable = + { + (byte)'0', (byte)'1', (byte)'2', (byte)'3', (byte)'4', (byte)'5', (byte)'6', (byte)'7', + (byte)'8', (byte)'9', (byte)'a', (byte)'b', (byte)'c', (byte)'d', (byte)'e', (byte)'f' + }; + + /* + * set up the decoding table. + */ + protected readonly byte[] decodingTable = new byte[128]; + + protected void InitialiseDecodingTable() + { + Arrays.Fill(decodingTable, (byte)0xff); + + for (int i = 0; i < encodingTable.Length; i++) + { + decodingTable[encodingTable[i]] = (byte)i; + } + + decodingTable['A'] = decodingTable['a']; + decodingTable['B'] = decodingTable['b']; + decodingTable['C'] = decodingTable['c']; + decodingTable['D'] = decodingTable['d']; + decodingTable['E'] = decodingTable['e']; + decodingTable['F'] = decodingTable['f']; + } + + public HexEncoder() + { + InitialiseDecodingTable(); + } + + public int Encode(byte[] inBuf, int inOff, int inLen, byte[] outBuf, int outOff) + { + int inPos = inOff; + int inEnd = inOff + inLen; + int outPos = outOff; + + while (inPos < inEnd) + { + uint b = inBuf[inPos++]; + + outBuf[outPos++] = encodingTable[b >> 4]; + outBuf[outPos++] = encodingTable[b & 0xF]; + } + + return outPos - outOff; + } + + /** + * encode the input data producing a Hex output stream. + * + * @return the number of bytes produced. + */ + public int Encode(byte[] buf, int off, int len, Stream outStream) + { + if (len < 0) + return 0; + + byte[] tmp = new byte[72]; + int remaining = len; + while (remaining > 0) + { + int inLen = System.Math.Min(36, remaining); + int outLen = Encode(buf, off, inLen, tmp, 0); + outStream.Write(tmp, 0, outLen); + off += inLen; + remaining -= inLen; + } + return len * 2; + } + + private static bool Ignore(char c) + { + return c == '\n' || c =='\r' || c == '\t' || c == ' '; + } + + /** + * decode the Hex encoded byte data writing it to the given output stream, + * whitespace characters will be ignored. + * + * @return the number of bytes produced. + */ + public int Decode( + byte[] data, + int off, + int length, + Stream outStream) + { + byte b1, b2; + int outLen = 0; + byte[] buf = new byte[36]; + int bufOff = 0; + int end = off + length; + + while (end > off) + { + if (!Ignore((char)data[end - 1])) + break; + + end--; + } + + int i = off; + while (i < end) + { + while (i < end && Ignore((char)data[i])) + { + i++; + } + + b1 = decodingTable[data[i++]]; + + while (i < end && Ignore((char)data[i])) + { + i++; + } + + b2 = decodingTable[data[i++]]; + + if ((b1 | b2) >= 0x80) + throw new IOException("invalid characters encountered in Hex data"); + + buf[bufOff++] = (byte)((b1 << 4) | b2); + + if (bufOff == buf.Length) + { + outStream.Write(buf, 0, bufOff); + bufOff = 0; + } + + outLen++; + } + + if (bufOff > 0) + { + outStream.Write(buf, 0, bufOff); + } + + return outLen; + } + + /** + * decode the Hex encoded string data writing it to the given output stream, + * whitespace characters will be ignored. + * + * @return the number of bytes produced. + */ + public int DecodeString( + string data, + Stream outStream) + { + byte b1, b2; + int length = 0; + byte[] buf = new byte[36]; + int bufOff = 0; + int end = data.Length; + + while (end > 0) + { + if (!Ignore(data[end - 1])) + break; + + end--; + } + + int i = 0; + while (i < end) + { + while (i < end && Ignore(data[i])) + { + i++; + } + + b1 = decodingTable[data[i++]]; + + while (i < end && Ignore(data[i])) + { + i++; + } + + b2 = decodingTable[data[i++]]; + + if ((b1 | b2) >= 0x80) + throw new IOException("invalid characters encountered in Hex data"); + + buf[bufOff++] = (byte)((b1 << 4) | b2); + + if (bufOff == buf.Length) + { + outStream.Write(buf, 0, bufOff); + bufOff = 0; + } + + length++; + } + + if (bufOff > 0) + { + outStream.Write(buf, 0, bufOff); + } + + return length; + } + + internal byte[] DecodeStrict(string str, int off, int len) + { + if (null == str) + throw new ArgumentNullException("str"); + if (off < 0 || len < 0 || off > (str.Length - len)) + throw new IndexOutOfRangeException("invalid offset and/or length specified"); + if (0 != (len & 1)) + throw new ArgumentException("a hexadecimal encoding must have an even number of characters", "len"); + + int resultLen = len >> 1; + byte[] result = new byte[resultLen]; + + int strPos = off; + for (int i = 0; i < resultLen; ++i) + { + byte b1 = decodingTable[str[strPos++]]; + byte b2 = decodingTable[str[strPos++]]; + + if ((b1 | b2) >= 0x80) + throw new IOException("invalid characters encountered in Hex data"); + + result[i] = (byte)((b1 << 4) | b2); + } + return result; + } + } +} diff --git a/BouncyCastle/crypto/src/util/encoders/HexTranslator.cs b/BouncyCastle/crypto/src/util/encoders/HexTranslator.cs new file mode 100644 index 0000000..9775b69 --- /dev/null +++ b/BouncyCastle/crypto/src/util/encoders/HexTranslator.cs @@ -0,0 +1,108 @@ +using System; + +namespace Org.BouncyCastle.Utilities.Encoders +{ + /// + /// A hex translator. + /// + public class HexTranslator : ITranslator + { + private static readonly byte[] hexTable = + { + (byte)'0', (byte)'1', (byte)'2', (byte)'3', (byte)'4', (byte)'5', (byte)'6', (byte)'7', + (byte)'8', (byte)'9', (byte)'a', (byte)'b', (byte)'c', (byte)'d', (byte)'e', (byte)'f' + }; + + /// + /// Return encoded block size. + /// + /// 2 + public int GetEncodedBlockSize() + { + return 2; + } + + /// + /// Encode some data. + /// + /// Input data array. + /// Start position within input data array. + /// The amount of data to process. + /// The output data array. + /// The offset within the output data array to start writing from. + /// Amount of data encoded. + public int Encode( + byte[] input, + int inOff, + int length, + byte[] outBytes, + int outOff) + { + for (int i = 0, j = 0; i < length; i++, j += 2) + { + outBytes[outOff + j] = hexTable[(input[inOff] >> 4) & 0x0f]; + outBytes[outOff + j + 1] = hexTable[input[inOff] & 0x0f]; + + inOff++; + } + + return length * 2; + } + + /// + /// Returns the decoded block size. + /// + /// 1 + public int GetDecodedBlockSize() + { + return 1; + } + + /// + /// Decode data from a byte array. + /// + /// The input data array. + /// Start position within input data array. + /// The amounty of data to process. + /// The output data array. + /// The position within the output data array to start writing from. + /// The amount of data written. + public int Decode( + byte[] input, + int inOff, + int length, + byte[] outBytes, + int outOff) + { + int halfLength = length / 2; + byte left, right; + for (int i = 0; i < halfLength; i++) + { + left = input[inOff + i * 2]; + right = input[inOff + i * 2 + 1]; + + if (left < (byte)'a') + { + outBytes[outOff] = (byte)((left - '0') << 4); + } + else + { + outBytes[outOff] = (byte)((left - 'a' + 10) << 4); + } + if (right < (byte)'a') + { + outBytes[outOff] += (byte)(right - '0'); + } + else + { + outBytes[outOff] += (byte)(right - 'a' + 10); + } + + outOff++; + } + + return halfLength; + } + } + +} diff --git a/BouncyCastle/crypto/src/util/encoders/IEncoder.cs b/BouncyCastle/crypto/src/util/encoders/IEncoder.cs new file mode 100644 index 0000000..5887d5d --- /dev/null +++ b/BouncyCastle/crypto/src/util/encoders/IEncoder.cs @@ -0,0 +1,18 @@ +using System; +using System.IO; + +namespace Org.BouncyCastle.Utilities.Encoders +{ + /** + * Encode and decode byte arrays (typically from binary to 7-bit ASCII + * encodings). + */ + public interface IEncoder + { + int Encode(byte[] data, int off, int length, Stream outStream); + + int Decode(byte[] data, int off, int length, Stream outStream); + + int DecodeString(string data, Stream outStream); + } +} diff --git a/BouncyCastle/crypto/src/util/encoders/Translator.cs b/BouncyCastle/crypto/src/util/encoders/Translator.cs new file mode 100644 index 0000000..10bd24b --- /dev/null +++ b/BouncyCastle/crypto/src/util/encoders/Translator.cs @@ -0,0 +1,19 @@ +using System; + +namespace Org.BouncyCastle.Utilities.Encoders +{ + /// + /// Translator interface. + /// + public interface ITranslator + { + int GetEncodedBlockSize(); + + int Encode(byte[] input, int inOff, int length, byte[] outBytes, int outOff); + + int GetDecodedBlockSize(); + + int Decode(byte[] input, int inOff, int length, byte[] outBytes, int outOff); + } + +} diff --git a/BouncyCastle/crypto/src/util/encoders/UrlBase64.cs b/BouncyCastle/crypto/src/util/encoders/UrlBase64.cs new file mode 100644 index 0000000..94195ef --- /dev/null +++ b/BouncyCastle/crypto/src/util/encoders/UrlBase64.cs @@ -0,0 +1,127 @@ +using System; +using System.IO; + +namespace Org.BouncyCastle.Utilities.Encoders +{ + /** + * Convert binary data to and from UrlBase64 encoding. This is identical to + * Base64 encoding, except that the padding character is "." and the other + * non-alphanumeric characters are "-" and "_" instead of "+" and "/". + *

    + * The purpose of UrlBase64 encoding is to provide a compact encoding of binary + * data that is safe for use as an URL parameter. Base64 encoding does not + * produce encoded values that are safe for use in URLs, since "/" can be + * interpreted as a path delimiter; "+" is the encoded form of a space; and + * "=" is used to separate a name from the corresponding value in an URL + * parameter. + *

    + */ + public class UrlBase64 + { + private static readonly IEncoder encoder = new UrlBase64Encoder(); + + /** + * Encode the input data producing a URL safe base 64 encoded byte array. + * + * @return a byte array containing the URL safe base 64 encoded data. + */ + public static byte[] Encode( + byte[] data) + { + MemoryStream bOut = new MemoryStream(); + + try + { + encoder.Encode(data, 0, data.Length, bOut); + } + catch (IOException e) + { + throw new Exception("exception encoding URL safe base64 string: " + e.Message, e); + } + + return bOut.ToArray(); + } + + /** + * Encode the byte data writing it to the given output stream. + * + * @return the number of bytes produced. + */ + public static int Encode( + byte[] data, + Stream outStr) + { + return encoder.Encode(data, 0, data.Length, outStr); + } + + /** + * Decode the URL safe base 64 encoded input data - white space will be ignored. + * + * @return a byte array representing the decoded data. + */ + public static byte[] Decode( + byte[] data) + { + MemoryStream bOut = new MemoryStream(); + + try + { + encoder.Decode(data, 0, data.Length, bOut); + } + catch (IOException e) + { + throw new Exception("exception decoding URL safe base64 string: " + e.Message, e); + } + + return bOut.ToArray(); + } + + /** + * decode the URL safe base 64 encoded byte data writing it to the given output stream, + * whitespace characters will be ignored. + * + * @return the number of bytes produced. + */ + public static int Decode( + byte[] data, + Stream outStr) + { + return encoder.Decode(data, 0, data.Length, outStr); + } + + /** + * decode the URL safe base 64 encoded string data - whitespace will be ignored. + * + * @return a byte array representing the decoded data. + */ + public static byte[] Decode( + string data) + { + MemoryStream bOut = new MemoryStream(); + + try + { + encoder.DecodeString(data, bOut); + } + catch (IOException e) + { + throw new Exception("exception decoding URL safe base64 string: " + e.Message, e); + } + + return bOut.ToArray(); + } + + /** + * Decode the URL safe base 64 encoded string data writing it to the given output stream, + * whitespace characters will be ignored. + * + * @return the number of bytes produced. + */ + public static int Decode( + string data, + Stream outStr) + { + return encoder.DecodeString(data, outStr); + } + } +} diff --git a/BouncyCastle/crypto/src/util/encoders/UrlBase64Encoder.cs b/BouncyCastle/crypto/src/util/encoders/UrlBase64Encoder.cs new file mode 100644 index 0000000..5611a83 --- /dev/null +++ b/BouncyCastle/crypto/src/util/encoders/UrlBase64Encoder.cs @@ -0,0 +1,31 @@ +using System; +using System.IO; + +namespace Org.BouncyCastle.Utilities.Encoders +{ + /** + * Convert binary data to and from UrlBase64 encoding. This is identical to + * Base64 encoding, except that the padding character is "." and the other + * non-alphanumeric characters are "-" and "_" instead of "+" and "/". + *

    + * The purpose of UrlBase64 encoding is to provide a compact encoding of binary + * data that is safe for use as an URL parameter. Base64 encoding does not + * produce encoded values that are safe for use in URLs, since "/" can be + * interpreted as a path delimiter; "+" is the encoded form of a space; and + * "=" is used to separate a name from the corresponding value in an URL + * parameter. + *

    + */ + public class UrlBase64Encoder + : Base64Encoder + { + public UrlBase64Encoder() + { + encodingTable[encodingTable.Length - 2] = (byte) '-'; + encodingTable[encodingTable.Length - 1] = (byte) '_'; + padding = (byte) '.'; + // we must re-create the decoding table with the new encoded values. + InitialiseDecodingTable(); + } + } +} \ No newline at end of file diff --git a/BouncyCastle/crypto/src/util/io/BaseInputStream.cs b/BouncyCastle/crypto/src/util/io/BaseInputStream.cs new file mode 100644 index 0000000..a5613d8 --- /dev/null +++ b/BouncyCastle/crypto/src/util/io/BaseInputStream.cs @@ -0,0 +1,64 @@ +using System; +using System.Diagnostics; +using System.IO; + +namespace Org.BouncyCastle.Utilities.IO +{ + public abstract class BaseInputStream : Stream + { + private bool closed; + + public sealed override bool CanRead { get { return !closed; } } + public sealed override bool CanSeek { get { return false; } } + public sealed override bool CanWrite { get { return false; } } + +#if PORTABLE + protected override void Dispose(bool disposing) + { + if (disposing) + { + closed = true; + } + base.Dispose(disposing); + } +#else + public override void Close() + { + closed = true; + base.Close(); + } +#endif + + public sealed override void Flush() {} + public sealed override long Length { get { throw new NotSupportedException(); } } + public sealed override long Position + { + get { throw new NotSupportedException(); } + set { throw new NotSupportedException(); } + } + + public override int Read(byte[] buffer, int offset, int count) + { + int pos = offset; + try + { + int end = offset + count; + while (pos < end) + { + int b = ReadByte(); + if (b == -1) break; + buffer[pos++] = (byte) b; + } + } + catch (IOException) + { + if (pos == offset) throw; + } + return pos - offset; + } + + public sealed override long Seek(long offset, SeekOrigin origin) { throw new NotSupportedException(); } + public sealed override void SetLength(long value) { throw new NotSupportedException(); } + public sealed override void Write(byte[] buffer, int offset, int count) { throw new NotSupportedException(); } + } +} diff --git a/BouncyCastle/crypto/src/util/io/BaseOutputStream.cs b/BouncyCastle/crypto/src/util/io/BaseOutputStream.cs new file mode 100644 index 0000000..0dbe821 --- /dev/null +++ b/BouncyCastle/crypto/src/util/io/BaseOutputStream.cs @@ -0,0 +1,69 @@ +using System; +using System.Diagnostics; +using System.IO; + +namespace Org.BouncyCastle.Utilities.IO +{ + public abstract class BaseOutputStream : Stream + { + private bool closed; + + public sealed override bool CanRead { get { return false; } } + public sealed override bool CanSeek { get { return false; } } + public sealed override bool CanWrite { get { return !closed; } } + +#if PORTABLE + protected override void Dispose(bool disposing) + { + if (disposing) + { + closed = true; + } + base.Dispose(disposing); + } +#else + public override void Close() + { + closed = true; + base.Close(); + } +#endif + + public override void Flush() { } + public sealed override long Length { get { throw new NotSupportedException(); } } + public sealed override long Position + { + get { throw new NotSupportedException(); } + set { throw new NotSupportedException(); } + } + public sealed override int Read(byte[] buffer, int offset, int count) { throw new NotSupportedException(); } + public sealed override long Seek(long offset, SeekOrigin origin) { throw new NotSupportedException(); } + public sealed override void SetLength(long value) { throw new NotSupportedException(); } + + public override void Write(byte[] buffer, int offset, int count) + { + Debug.Assert(buffer != null); + Debug.Assert(0 <= offset && offset <= buffer.Length); + Debug.Assert(count >= 0); + + int end = offset + count; + + Debug.Assert(0 <= end && end <= buffer.Length); + + for (int i = offset; i < end; ++i) + { + this.WriteByte(buffer[i]); + } + } + + public virtual void Write(params byte[] buffer) + { + Write(buffer, 0, buffer.Length); + } + + public override void WriteByte(byte b) + { + Write(new byte[]{ b }, 0, 1); + } + } +} diff --git a/BouncyCastle/crypto/src/util/io/FilterStream.cs b/BouncyCastle/crypto/src/util/io/FilterStream.cs new file mode 100644 index 0000000..a92dee3 --- /dev/null +++ b/BouncyCastle/crypto/src/util/io/FilterStream.cs @@ -0,0 +1,78 @@ +using System.IO; + +namespace Org.BouncyCastle.Utilities.IO +{ + public class FilterStream : Stream + { + public FilterStream(Stream s) + { + this.s = s; + } + public override bool CanRead + { + get { return s.CanRead; } + } + public override bool CanSeek + { + get { return s.CanSeek; } + } + public override bool CanWrite + { + get { return s.CanWrite; } + } + public override long Length + { + get { return s.Length; } + } + public override long Position + { + get { return s.Position; } + set { s.Position = value; } + } +#if PORTABLE + protected override void Dispose(bool disposing) + { + if (disposing) + { + Platform.Dispose(s); + } + base.Dispose(disposing); + } +#else + public override void Close() + { + Platform.Dispose(s); + base.Close(); + } +#endif + public override void Flush() + { + s.Flush(); + } + public override long Seek(long offset, SeekOrigin origin) + { + return s.Seek(offset, origin); + } + public override void SetLength(long value) + { + s.SetLength(value); + } + public override int Read(byte[] buffer, int offset, int count) + { + return s.Read(buffer, offset, count); + } + public override int ReadByte() + { + return s.ReadByte(); + } + public override void Write(byte[] buffer, int offset, int count) + { + s.Write(buffer, offset, count); + } + public override void WriteByte(byte value) + { + s.WriteByte(value); + } + protected readonly Stream s; + } +} diff --git a/BouncyCastle/crypto/src/util/io/MemoryInputStream.cs b/BouncyCastle/crypto/src/util/io/MemoryInputStream.cs new file mode 100644 index 0000000..cdc5aaf --- /dev/null +++ b/BouncyCastle/crypto/src/util/io/MemoryInputStream.cs @@ -0,0 +1,19 @@ +using System; +using System.IO; + +namespace Org.BouncyCastle.Utilities.IO +{ + public class MemoryInputStream + : MemoryStream + { + public MemoryInputStream(byte[] buffer) + : base(buffer, false) + { + } + + public sealed override bool CanWrite + { + get { return false; } + } + } +} diff --git a/BouncyCastle/crypto/src/util/io/MemoryOutputStream.cs b/BouncyCastle/crypto/src/util/io/MemoryOutputStream.cs new file mode 100644 index 0000000..828f23b --- /dev/null +++ b/BouncyCastle/crypto/src/util/io/MemoryOutputStream.cs @@ -0,0 +1,14 @@ +using System; +using System.IO; + +namespace Org.BouncyCastle.Utilities.IO +{ + public class MemoryOutputStream + : MemoryStream + { + public sealed override bool CanRead + { + get { return false; } + } + } +} diff --git a/BouncyCastle/crypto/src/util/io/NullOutputStream.cs b/BouncyCastle/crypto/src/util/io/NullOutputStream.cs new file mode 100644 index 0000000..13877fa --- /dev/null +++ b/BouncyCastle/crypto/src/util/io/NullOutputStream.cs @@ -0,0 +1,18 @@ +using System; + +namespace Org.BouncyCastle.Utilities.IO +{ + internal class NullOutputStream + : BaseOutputStream + { + public override void WriteByte(byte b) + { + // do nothing + } + + public override void Write(byte[] buffer, int offset, int count) + { + // do nothing + } + } +} diff --git a/BouncyCastle/crypto/src/util/io/PushbackStream.cs b/BouncyCastle/crypto/src/util/io/PushbackStream.cs new file mode 100644 index 0000000..d51e195 --- /dev/null +++ b/BouncyCastle/crypto/src/util/io/PushbackStream.cs @@ -0,0 +1,51 @@ +using System; +using System.IO; + +namespace Org.BouncyCastle.Utilities.IO +{ + public class PushbackStream + : FilterStream + { + private int m_buf = -1; + + public PushbackStream(Stream s) + : base(s) + { + } + + public override int ReadByte() + { + if (m_buf != -1) + { + int tmp = m_buf; + m_buf = -1; + return tmp; + } + + return base.ReadByte(); + } + + public override int Read(byte[] buffer, int offset, int count) + { + if (count < 1) + return 0; + + if (m_buf != -1) + { + buffer[offset] = (byte)m_buf; + m_buf = -1; + return 1; + } + + return base.Read(buffer, offset, count); + } + + public virtual void Unread(int b) + { + if (m_buf != -1) + throw new InvalidOperationException("Can only push back one byte"); + + m_buf = b & 0xFF; + } + } +} diff --git a/BouncyCastle/crypto/src/util/io/StreamOverflowException.cs b/BouncyCastle/crypto/src/util/io/StreamOverflowException.cs new file mode 100644 index 0000000..36d21e2 --- /dev/null +++ b/BouncyCastle/crypto/src/util/io/StreamOverflowException.cs @@ -0,0 +1,30 @@ +using System; +using System.IO; + +namespace Org.BouncyCastle.Utilities.IO +{ +#if !(NETCF_1_0 || NETCF_2_0 || SILVERLIGHT || PORTABLE) + [Serializable] +#endif + public class StreamOverflowException + : IOException + { + public StreamOverflowException() + : base() + { + } + + public StreamOverflowException( + string message) + : base(message) + { + } + + public StreamOverflowException( + string message, + Exception exception) + : base(message, exception) + { + } + } +} diff --git a/BouncyCastle/crypto/src/util/io/Streams.cs b/BouncyCastle/crypto/src/util/io/Streams.cs new file mode 100644 index 0000000..a86367e --- /dev/null +++ b/BouncyCastle/crypto/src/util/io/Streams.cs @@ -0,0 +1,133 @@ +using System; +using System.IO; + +namespace Org.BouncyCastle.Utilities.IO +{ + public sealed class Streams + { + private const int BufferSize = 4096; + + private Streams() + { + } + + public static void Drain(Stream inStr) + { + byte[] bs = new byte[BufferSize]; + while (inStr.Read(bs, 0, bs.Length) > 0) + { + } + } + + public static byte[] ReadAll(Stream inStr) + { + MemoryStream buf = new MemoryStream(); + PipeAll(inStr, buf); + return buf.ToArray(); + } + + public static byte[] ReadAllLimited(Stream inStr, int limit) + { + MemoryStream buf = new MemoryStream(); + PipeAllLimited(inStr, limit, buf); + return buf.ToArray(); + } + + public static int ReadFully(Stream inStr, byte[] buf) + { + return ReadFully(inStr, buf, 0, buf.Length); + } + + public static int ReadFully(Stream inStr, byte[] buf, int off, int len) + { + int totalRead = 0; + while (totalRead < len) + { + int numRead = inStr.Read(buf, off + totalRead, len - totalRead); + if (numRead < 1) + break; + totalRead += numRead; + } + return totalRead; + } + + /// Write the full contents of inStr to the destination stream outStr. + /// Source stream. + /// Destination stream. + /// In case of IO failure. + public static void PipeAll(Stream inStr, Stream outStr) + { + PipeAll(inStr, outStr, BufferSize); + } + + /// Write the full contents of inStr to the destination stream outStr. + /// Source stream. + /// Destination stream. + /// The size of temporary buffer to use. + /// In case of IO failure. + public static void PipeAll(Stream inStr, Stream outStr, int bufferSize) + { + byte[] bs = new byte[bufferSize]; + int numRead; + while ((numRead = inStr.Read(bs, 0, bs.Length)) > 0) + { + outStr.Write(bs, 0, numRead); + } + } + + /// + /// Pipe all bytes from inStr to outStr, throwing StreamFlowException if greater + /// than limit bytes in inStr. + /// + /// + /// A + /// + /// + /// A + /// + /// + /// A + /// + /// The number of bytes actually transferred, if not greater than limit + /// + public static long PipeAllLimited(Stream inStr, long limit, Stream outStr) + { + byte[] bs = new byte[BufferSize]; + long total = 0; + int numRead; + while ((numRead = inStr.Read(bs, 0, bs.Length)) > 0) + { + if ((limit - total) < numRead) + throw new StreamOverflowException("Data Overflow"); + total += numRead; + outStr.Write(bs, 0, numRead); + } + return total; + } + + /// + public static void WriteBufTo(MemoryStream buf, Stream output) + { + buf.WriteTo(output); + } + + /// + public static int WriteBufTo(MemoryStream buf, byte[] output, int offset) + { + int size = (int)buf.Length; + WriteBufTo(buf, new MemoryStream(output, offset, size)); + return size; + } + + public static void WriteZeroes(Stream outStr, long count) + { + byte[] zeroes = new byte[BufferSize]; + while (count > BufferSize) + { + outStr.Write(zeroes, 0, BufferSize); + count -= BufferSize; + } + outStr.Write(zeroes, 0, (int)count); + } + } +} diff --git a/BouncyCastle/crypto/src/util/io/TeeInputStream.cs b/BouncyCastle/crypto/src/util/io/TeeInputStream.cs new file mode 100644 index 0000000..6996f3f --- /dev/null +++ b/BouncyCastle/crypto/src/util/io/TeeInputStream.cs @@ -0,0 +1,64 @@ +using System; +using System.Diagnostics; +using System.IO; + +namespace Org.BouncyCastle.Utilities.IO +{ + public class TeeInputStream + : BaseInputStream + { + private readonly Stream input, tee; + + public TeeInputStream(Stream input, Stream tee) + { + Debug.Assert(input.CanRead); + Debug.Assert(tee.CanWrite); + + this.input = input; + this.tee = tee; + } + +#if PORTABLE + protected override void Dispose(bool disposing) + { + if (disposing) + { + Platform.Dispose(input); + Platform.Dispose(tee); + } + base.Dispose(disposing); + } +#else + public override void Close() + { + Platform.Dispose(input); + Platform.Dispose(tee); + base.Close(); + } +#endif + + public override int Read(byte[] buf, int off, int len) + { + int i = input.Read(buf, off, len); + + if (i > 0) + { + tee.Write(buf, off, i); + } + + return i; + } + + public override int ReadByte() + { + int i = input.ReadByte(); + + if (i >= 0) + { + tee.WriteByte((byte)i); + } + + return i; + } + } +} diff --git a/BouncyCastle/crypto/src/util/io/TeeOutputStream.cs b/BouncyCastle/crypto/src/util/io/TeeOutputStream.cs new file mode 100644 index 0000000..a6c7fd5 --- /dev/null +++ b/BouncyCastle/crypto/src/util/io/TeeOutputStream.cs @@ -0,0 +1,52 @@ +using System; +using System.Diagnostics; +using System.IO; + +namespace Org.BouncyCastle.Utilities.IO +{ + public class TeeOutputStream + : BaseOutputStream + { + private readonly Stream output, tee; + + public TeeOutputStream(Stream output, Stream tee) + { + Debug.Assert(output.CanWrite); + Debug.Assert(tee.CanWrite); + + this.output = output; + this.tee = tee; + } + +#if PORTABLE + protected override void Dispose(bool disposing) + { + if (disposing) + { + Platform.Dispose(output); + Platform.Dispose(tee); + } + base.Dispose(disposing); + } +#else + public override void Close() + { + Platform.Dispose(output); + Platform.Dispose(tee); + base.Close(); + } +#endif + + public override void Write(byte[] buffer, int offset, int count) + { + output.Write(buffer, offset, count); + tee.Write(buffer, offset, count); + } + + public override void WriteByte(byte b) + { + output.WriteByte(b); + tee.WriteByte(b); + } + } +} diff --git a/BouncyCastle/crypto/src/util/io/pem/PemGenerationException.cs b/BouncyCastle/crypto/src/util/io/pem/PemGenerationException.cs new file mode 100644 index 0000000..6b39585 --- /dev/null +++ b/BouncyCastle/crypto/src/util/io/pem/PemGenerationException.cs @@ -0,0 +1,29 @@ +using System; + +namespace Org.BouncyCastle.Utilities.IO.Pem +{ +#if !(NETCF_1_0 || NETCF_2_0 || SILVERLIGHT || PORTABLE) + [Serializable] +#endif + public class PemGenerationException + : Exception + { + public PemGenerationException() + : base() + { + } + + public PemGenerationException( + string message) + : base(message) + { + } + + public PemGenerationException( + string message, + Exception exception) + : base(message, exception) + { + } + } +} diff --git a/BouncyCastle/crypto/src/util/io/pem/PemHeader.cs b/BouncyCastle/crypto/src/util/io/pem/PemHeader.cs new file mode 100644 index 0000000..c6236f5 --- /dev/null +++ b/BouncyCastle/crypto/src/util/io/pem/PemHeader.cs @@ -0,0 +1,60 @@ +using System; + +namespace Org.BouncyCastle.Utilities.IO.Pem +{ + public class PemHeader + { + private string name; + private string val; + + public PemHeader(string name, string val) + { + this.name = name; + this.val = val; + } + + public virtual string Name + { + get { return name; } + } + + public virtual string Value + { + get { return val; } + } + + public override int GetHashCode() + { + return GetHashCode(this.name) + 31 * GetHashCode(this.val); + } + + public override bool Equals(object obj) + { + if (obj == this) + return true; + + if (!(obj is PemHeader)) + return false; + + PemHeader other = (PemHeader)obj; + + return Platform.Equals(this.name, other.name) + && Platform.Equals(this.val, other.val); + } + + private int GetHashCode(string s) + { + if (s == null) + { + return 1; + } + + return s.GetHashCode(); + } + + public override string ToString() + { + return name + ":" + val; + } + } +} diff --git a/BouncyCastle/crypto/src/util/io/pem/PemObject.cs b/BouncyCastle/crypto/src/util/io/pem/PemObject.cs new file mode 100644 index 0000000..41212f9 --- /dev/null +++ b/BouncyCastle/crypto/src/util/io/pem/PemObject.cs @@ -0,0 +1,47 @@ +using System; +using System.Collections; + +using Org.BouncyCastle.Utilities.Collections; + +namespace Org.BouncyCastle.Utilities.IO.Pem +{ + public class PemObject + : PemObjectGenerator + { + private string type; + private IList headers; + private byte[] content; + + public PemObject(string type, byte[] content) + : this(type, Platform.CreateArrayList(), content) + { + } + + public PemObject(String type, IList headers, byte[] content) + { + this.type = type; + this.headers = Platform.CreateArrayList(headers); + this.content = content; + } + + public string Type + { + get { return type; } + } + + public IList Headers + { + get { return headers; } + } + + public byte[] Content + { + get { return content; } + } + + public PemObject Generate() + { + return this; + } + } +} diff --git a/BouncyCastle/crypto/src/util/io/pem/PemObjectGenerator.cs b/BouncyCastle/crypto/src/util/io/pem/PemObjectGenerator.cs new file mode 100644 index 0000000..6f9bfc1 --- /dev/null +++ b/BouncyCastle/crypto/src/util/io/pem/PemObjectGenerator.cs @@ -0,0 +1,13 @@ +using System; + +namespace Org.BouncyCastle.Utilities.IO.Pem +{ + public interface PemObjectGenerator + { + /// + /// A + /// + /// + PemObject Generate(); + } +} diff --git a/BouncyCastle/crypto/src/util/io/pem/PemObjectParser.cs b/BouncyCastle/crypto/src/util/io/pem/PemObjectParser.cs new file mode 100644 index 0000000..91d26dc --- /dev/null +++ b/BouncyCastle/crypto/src/util/io/pem/PemObjectParser.cs @@ -0,0 +1,17 @@ +using System; +using System.IO; + +namespace Org.BouncyCastle.Utilities.IO.Pem +{ + public interface PemObjectParser + { + /// + /// A + /// + /// + /// A + /// + /// + object ParseObject(PemObject obj); + } +} diff --git a/BouncyCastle/crypto/src/util/io/pem/PemReader.cs b/BouncyCastle/crypto/src/util/io/pem/PemReader.cs new file mode 100644 index 0000000..008a035 --- /dev/null +++ b/BouncyCastle/crypto/src/util/io/pem/PemReader.cs @@ -0,0 +1,371 @@ +using System; +using System.Collections; +using System.IO; + + +using Org.BouncyCastle.Utilities.Encoders; + +namespace Org.BouncyCastle.Utilities.IO.Pem +{ + + public class PemReader + { + private readonly TextReader reader; + private readonly MemoryStream buffer; + private readonly StreamWriter textBuffer; + private readonly IList pushback = Platform.CreateArrayList(); + int c = 0; + + + + public PemReader(TextReader reader) + { + if (reader == null) + throw new ArgumentNullException("reader"); + + + buffer = new MemoryStream(); + textBuffer = new StreamWriter(buffer); + + this.reader = reader; + } + + public TextReader Reader + { + get { return reader; } + } + + + /// + /// A + /// + /// + public PemObject ReadPemObject() + { + + // + // Look for BEGIN + // + + for (; ; ) + { + + // Seek a leading dash, ignore anything up to that point. + if (!seekDash()) + { + // There are no pem objects here. + return null; + } + + + // consume dash [-----]BEGIN ... + if (!consumeDash()) + { + throw new IOException("no data after consuming leading dashes"); + } + + + skipWhiteSpace(); + + + if (!expect("BEGIN")) + { + continue; + } + + break; + + } + + + skipWhiteSpace(); + + // + // Consume type, accepting whitespace + // + + if (!bufferUntilStopChar('-',false) ) + { + throw new IOException("ran out of data before consuming type"); + } + + string type = bufferedString().Trim(); + + + // Consume dashes after type. + + if (!consumeDash()) + { + throw new IOException("ran out of data consuming header"); + } + + skipWhiteSpace(); + + + // + // Read ahead looking for headers. + // Look for a colon for up to 64 characters, as an indication there might be a header. + // + + IList headers = Platform.CreateArrayList(); + + while (seekColon(64)) + { + + if (!bufferUntilStopChar(':',false)) + { + throw new IOException("ran out of data reading header key value"); + } + + string key = bufferedString().Trim(); + + + c = Read(); + if (c != ':') + { + throw new IOException("expected colon"); + } + + + // + // We are going to look for well formed headers, if they do not end with a "LF" we cannot + // discern where they end. + // + + if (!bufferUntilStopChar('\n', false)) // Now read to the end of the line. + { + throw new IOException("ran out of data before consuming header value"); + } + + skipWhiteSpace(); + + string value = bufferedString().Trim(); + headers.Add(new PemHeader(key,value)); + } + + + // + // Consume payload, ignoring all white space until we encounter a '-' + // + + skipWhiteSpace(); + + if (!bufferUntilStopChar('-',true)) + { + throw new IOException("ran out of data before consuming payload"); + } + + string payload = bufferedString(); + + // Seek the start of the end. + if (!seekDash()) + { + throw new IOException("did not find leading '-'"); + } + + if (!consumeDash()) + { + throw new IOException("no data after consuming trailing dashes"); + } + + if (!expect("END "+type)) + { + throw new IOException("END "+type+" was not found."); + } + + + + if (!seekDash()) + { + throw new IOException("did not find ending '-'"); + } + + + // consume trailing dashes. + consumeDash(); + + + return new PemObject(type, headers, Base64.Decode(payload)); + + } + + + + private string bufferedString() + { + textBuffer.Flush(); + string value = Strings.FromUtf8ByteArray(buffer.ToArray()); + buffer.Position = 0; + buffer.SetLength(0); + return value; + } + + + private bool seekDash() + { + c = 0; + while((c = Read()) >=0) + { + if (c == '-') + { + break; + } + } + + PushBack(c); + + return c == '-'; + } + + + /// + /// Seek ':" up to the limit. + /// + /// + /// + private bool seekColon(int upTo) + { + c = 0; + bool colonFound = false; + IList read = Platform.CreateArrayList(); + + for (; upTo>=0 && c >=0; upTo--) + { + c = Read(); + read.Add(c); + if (c == ':') + { + colonFound = true; + break; + } + } + + while(read.Count>0) + { + PushBack((int)read[read.Count-1]); + read.RemoveAt(read.Count-1); + } + + return colonFound; + } + + + + /// + /// Consume the dashes + /// + /// + private bool consumeDash() + { + c = 0; + while ((c = Read()) >= 0) + { + if (c != '-') + { + break; + } + } + + PushBack(c); + + return c != -1; + } + + /// + /// Skip white space leave char in stream. + /// + private void skipWhiteSpace() + { + while ((c = Read()) >= 0) + { + if (c > ' ') + { + break; + } + } + PushBack(c); + } + + /// + /// Read forward consuming the expected string. + /// + /// expected string + /// false if not consumed + + private bool expect(String value) + { + for (int t=0; t + /// Consume until dash. + /// + /// true if stream end not met + private bool bufferUntilStopChar(char stopChar, bool skipWhiteSpace) + { + while ((c = Read()) >= 0) + { + if (skipWhiteSpace && c <=' ') + { + continue; + } + + if (c != stopChar) + { + textBuffer.Write((char)c); + textBuffer.Flush(); + + } else + { + PushBack(c); + break; + } + } + + return c > -1; + } + + + + private void PushBack(int value) + { + if (pushback.Count == 0) + { + pushback.Add(value); + } else + { + pushback.Insert(0, value); + } + } + + + private int Read() + { + if (pushback.Count>0) + { + int i = (int)pushback[0]; + pushback.RemoveAt(0); + return i; + } + + return reader.Read(); + } + + + + + } +} diff --git a/BouncyCastle/crypto/src/util/io/pem/PemWriter.cs b/BouncyCastle/crypto/src/util/io/pem/PemWriter.cs new file mode 100644 index 0000000..e85b315 --- /dev/null +++ b/BouncyCastle/crypto/src/util/io/pem/PemWriter.cs @@ -0,0 +1,120 @@ +using System; +using System.Collections; +using System.IO; + +using Org.BouncyCastle.Utilities.Encoders; + +namespace Org.BouncyCastle.Utilities.IO.Pem +{ + /** + * A generic PEM writer, based on RFC 1421 + */ + public class PemWriter + { + private const int LineLength = 64; + + private readonly TextWriter writer; + private readonly int nlLength; + private char[] buf = new char[LineLength]; + + /** + * Base constructor. + * + * @param out output stream to use. + */ + public PemWriter(TextWriter writer) + { + if (writer == null) + throw new ArgumentNullException("writer"); + + this.writer = writer; + this.nlLength = Platform.NewLine.Length; + } + + public TextWriter Writer + { + get { return writer; } + } + + /** + * Return the number of bytes or characters required to contain the + * passed in object if it is PEM encoded. + * + * @param obj pem object to be output + * @return an estimate of the number of bytes + */ + public int GetOutputSize(PemObject obj) + { + // BEGIN and END boundaries. + int size = (2 * (obj.Type.Length + 10 + nlLength)) + 6 + 4; + + if (obj.Headers.Count > 0) + { + foreach (PemHeader header in obj.Headers) + { + size += header.Name.Length + ": ".Length + header.Value.Length + nlLength; + } + + size += nlLength; + } + + // base64 encoding + int dataLen = ((obj.Content.Length + 2) / 3) * 4; + + size += dataLen + (((dataLen + LineLength - 1) / LineLength) * nlLength); + + return size; + } + + public void WriteObject(PemObjectGenerator objGen) + { + PemObject obj = objGen.Generate(); + + WritePreEncapsulationBoundary(obj.Type); + + if (obj.Headers.Count > 0) + { + foreach (PemHeader header in obj.Headers) + { + writer.Write(header.Name); + writer.Write(": "); + writer.WriteLine(header.Value); + } + + writer.WriteLine(); + } + + WriteEncoded(obj.Content); + WritePostEncapsulationBoundary(obj.Type); + } + + private void WriteEncoded(byte[] bytes) + { + bytes = Base64.Encode(bytes); + + for (int i = 0; i < bytes.Length; i += buf.Length) + { + int index = 0; + while (index != buf.Length) + { + if ((i + index) >= bytes.Length) + break; + + buf[index] = (char)bytes[i + index]; + index++; + } + writer.WriteLine(buf, 0, index); + } + } + + private void WritePreEncapsulationBoundary(string type) + { + writer.WriteLine("-----BEGIN " + type + "-----"); + } + + private void WritePostEncapsulationBoundary(string type) + { + writer.WriteLine("-----END " + type + "-----"); + } + } +} diff --git a/BouncyCastle/crypto/src/util/net/IPAddress.cs b/BouncyCastle/crypto/src/util/net/IPAddress.cs new file mode 100644 index 0000000..38c1245 --- /dev/null +++ b/BouncyCastle/crypto/src/util/net/IPAddress.cs @@ -0,0 +1,197 @@ +using System; +using System.Globalization; + +using Org.BouncyCastle.Math; + +namespace Org.BouncyCastle.Utilities.Net +{ + public class IPAddress + { + /** + * Validate the given IPv4 or IPv6 address. + * + * @param address the IP address as a string. + * + * @return true if a valid address, false otherwise + */ + public static bool IsValid( + string address) + { + return IsValidIPv4(address) || IsValidIPv6(address); + } + + /** + * Validate the given IPv4 or IPv6 address and netmask. + * + * @param address the IP address as a string. + * + * @return true if a valid address with netmask, false otherwise + */ + public static bool IsValidWithNetMask( + string address) + { + return IsValidIPv4WithNetmask(address) || IsValidIPv6WithNetmask(address); + } + + /** + * Validate the given IPv4 address. + * + * @param address the IP address as a string. + * + * @return true if a valid IPv4 address, false otherwise + */ + public static bool IsValidIPv4( + string address) + { + try + { + return unsafeIsValidIPv4(address); + } + catch (FormatException) {} + catch (OverflowException) {} + return false; + } + + private static bool unsafeIsValidIPv4( + string address) + { + if (address.Length == 0) + return false; + + int octets = 0; + string temp = address + "."; + + int pos; + int start = 0; + while (start < temp.Length + && (pos = temp.IndexOf('.', start)) > start) + { + if (octets == 4) + return false; + + string octetStr = temp.Substring(start, pos - start); + int octet = Int32.Parse(octetStr); + + if (octet < 0 || octet > 255) + return false; + + start = pos + 1; + octets++; + } + + return octets == 4; + } + + public static bool IsValidIPv4WithNetmask( + string address) + { + int index = address.IndexOf('/'); + string mask = address.Substring(index + 1); + + return (index > 0) && IsValidIPv4(address.Substring(0, index)) + && (IsValidIPv4(mask) || IsMaskValue(mask, 32)); + } + + public static bool IsValidIPv6WithNetmask( + string address) + { + int index = address.IndexOf('/'); + string mask = address.Substring(index + 1); + + return (index > 0) && (IsValidIPv6(address.Substring(0, index)) + && (IsValidIPv6(mask) || IsMaskValue(mask, 128))); + } + + private static bool IsMaskValue( + string component, + int size) + { + int val = Int32.Parse(component); + try + { + return val >= 0 && val <= size; + } + catch (FormatException) {} + catch (OverflowException) {} + return false; + } + + /** + * Validate the given IPv6 address. + * + * @param address the IP address as a string. + * + * @return true if a valid IPv4 address, false otherwise + */ + public static bool IsValidIPv6( + string address) + { + try + { + return unsafeIsValidIPv6(address); + } + catch (FormatException) {} + catch (OverflowException) {} + return false; + } + + private static bool unsafeIsValidIPv6( + string address) + { + if (address.Length == 0) + { + return false; + } + + int octets = 0; + + string temp = address + ":"; + bool doubleColonFound = false; + int pos; + int start = 0; + while (start < temp.Length + && (pos = temp.IndexOf(':', start)) >= start) + { + if (octets == 8) + { + return false; + } + + if (start != pos) + { + string value = temp.Substring(start, pos - start); + + if (pos == (temp.Length - 1) && value.IndexOf('.') > 0) + { + if (!IsValidIPv4(value)) + { + return false; + } + + octets++; // add an extra one as address covers 2 words. + } + else + { + string octetStr = temp.Substring(start, pos - start); + int octet = Int32.Parse(octetStr, NumberStyles.AllowHexSpecifier); + + if (octet < 0 || octet > 0xffff) + return false; + } + } + else + { + if (pos != 1 && pos != temp.Length - 1 && doubleColonFound) + { + return false; + } + doubleColonFound = true; + } + start = pos + 1; + octets++; + } + + return octets == 8 || doubleColonFound; + } + } +} diff --git a/BouncyCastle/crypto/src/util/zlib/Adler32.cs b/BouncyCastle/crypto/src/util/zlib/Adler32.cs new file mode 100644 index 0000000..c38258f --- /dev/null +++ b/BouncyCastle/crypto/src/util/zlib/Adler32.cs @@ -0,0 +1,88 @@ +using System; +/* + * $Id: Adler32.cs,v 1.1 2006-07-31 13:59:25 bouncy Exp $ + * +Copyright (c) 2000,2001,2002,2003 ymnk, JCraft,Inc. All rights reserved. + +Redistribution and use in source and binary forms, with or without +modification, are permitted provided that the following conditions are met: + + 1. Redistributions of source code must retain the above copyright notice, + this list of conditions and the following disclaimer. + + 2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in + the documentation and/or other materials provided with the distribution. + + 3. The names of the authors may not be used to endorse or promote products + derived from this software without specific prior written permission. + +THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESSED OR IMPLIED WARRANTIES, +INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND +FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL JCRAFT, +INC. OR ANY CONTRIBUTORS TO THIS SOFTWARE BE LIABLE FOR ANY DIRECT, INDIRECT, +INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT +LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, +OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF +LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING +NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, +EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + */ +/* + * This program is based on zlib-1.1.3, so all credit should go authors + * Jean-loup Gailly(jloup@gzip.org) and Mark Adler(madler@alumni.caltech.edu) + * and contributors of zlib. + */ + +namespace Org.BouncyCastle.Utilities.Zlib { + + internal sealed class Adler32{ + + // largest prime smaller than 65536 + private const int BASE=65521; + // NMAX is the largest n such that 255n(n+1)/2 + (n+1)(BASE-1) <= 2^32-1 + private const int NMAX=5552; + + internal long adler32(long adler, byte[] buf, int index, int len){ + if(buf == null){ return 1L; } + + long s1=adler&0xffff; + long s2=(adler>>16)&0xffff; + int k; + + while(len > 0) { + k=len=16){ + s1+=buf[index++]&0xff; s2+=s1; + s1+=buf[index++]&0xff; s2+=s1; + s1+=buf[index++]&0xff; s2+=s1; + s1+=buf[index++]&0xff; s2+=s1; + s1+=buf[index++]&0xff; s2+=s1; + s1+=buf[index++]&0xff; s2+=s1; + s1+=buf[index++]&0xff; s2+=s1; + s1+=buf[index++]&0xff; s2+=s1; + s1+=buf[index++]&0xff; s2+=s1; + s1+=buf[index++]&0xff; s2+=s1; + s1+=buf[index++]&0xff; s2+=s1; + s1+=buf[index++]&0xff; s2+=s1; + s1+=buf[index++]&0xff; s2+=s1; + s1+=buf[index++]&0xff; s2+=s1; + s1+=buf[index++]&0xff; s2+=s1; + s1+=buf[index++]&0xff; s2+=s1; + k-=16; + } + if(k!=0){ + do{ + s1+=buf[index++]&0xff; s2+=s1; + } + while(--k!=0); + } + s1%=BASE; + s2%=BASE; + } + return (s2<<16)|s1; + } + + } +} \ No newline at end of file diff --git a/BouncyCastle/crypto/src/util/zlib/Deflate.cs b/BouncyCastle/crypto/src/util/zlib/Deflate.cs new file mode 100644 index 0000000..90f8eb0 --- /dev/null +++ b/BouncyCastle/crypto/src/util/zlib/Deflate.cs @@ -0,0 +1,1634 @@ +using System; +/* + * $Id: Deflate.cs,v 1.2 2008-05-10 09:35:40 bouncy Exp $ + * +Copyright (c) 2000,2001,2002,2003 ymnk, JCraft,Inc. All rights reserved. + +Redistribution and use in source and binary forms, with or without +modification, are permitted provided that the following conditions are met: + + 1. Redistributions of source code must retain the above copyright notice, + this list of conditions and the following disclaimer. + + 2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in + the documentation and/or other materials provided with the distribution. + + 3. The names of the authors may not be used to endorse or promote products + derived from this software without specific prior written permission. + +THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESSED OR IMPLIED WARRANTIES, +INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND +FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL JCRAFT, +INC. OR ANY CONTRIBUTORS TO THIS SOFTWARE BE LIABLE FOR ANY DIRECT, INDIRECT, +INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT +LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, +OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF +LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING +NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, +EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + */ +/* + * This program is based on zlib-1.1.3, so all credit should go authors + * Jean-loup Gailly(jloup@gzip.org) and Mark Adler(madler@alumni.caltech.edu) + * and contributors of zlib. + */ + +namespace Org.BouncyCastle.Utilities.Zlib { + + public sealed class Deflate{ + + private const int MAX_MEM_LEVEL=9; + + private const int Z_DEFAULT_COMPRESSION=-1; + + private const int MAX_WBITS=15; // 32K LZ77 window + private const int DEF_MEM_LEVEL=8; + + internal class Config{ + internal int good_length; // reduce lazy search above this match length + internal int max_lazy; // do not perform lazy search above this match length + internal int nice_length; // quit search above this match length + internal int max_chain; + internal int func; + internal Config(int good_length, int max_lazy, + int nice_length, int max_chain, int func){ + this.good_length=good_length; + this.max_lazy=max_lazy; + this.nice_length=nice_length; + this.max_chain=max_chain; + this.func=func; + } + } + + private const int STORED=0; + private const int FAST=1; + private const int SLOW=2; + private static readonly Config[] config_table; + + static Deflate(){ + config_table=new Config[10]; + // good lazy nice chain + config_table[0]=new Config(0, 0, 0, 0, STORED); + config_table[1]=new Config(4, 4, 8, 4, FAST); + config_table[2]=new Config(4, 5, 16, 8, FAST); + config_table[3]=new Config(4, 6, 32, 32, FAST); + + config_table[4]=new Config(4, 4, 16, 16, SLOW); + config_table[5]=new Config(8, 16, 32, 32, SLOW); + config_table[6]=new Config(8, 16, 128, 128, SLOW); + config_table[7]=new Config(8, 32, 128, 256, SLOW); + config_table[8]=new Config(32, 128, 258, 1024, SLOW); + config_table[9]=new Config(32, 258, 258, 4096, SLOW); + } + + private static readonly String[] z_errmsg = { + "need dictionary", // Z_NEED_DICT 2 + "stream end", // Z_STREAM_END 1 + "", // Z_OK 0 + "file error", // Z_ERRNO (-1) + "stream error", // Z_STREAM_ERROR (-2) + "data error", // Z_DATA_ERROR (-3) + "insufficient memory", // Z_MEM_ERROR (-4) + "buffer error", // Z_BUF_ERROR (-5) + "incompatible version",// Z_VERSION_ERROR (-6) + "" + }; + + // block not completed, need more input or more output + private const int NeedMore=0; + + // block flush performed + private const int BlockDone=1; + + // finish started, need only more output at next deflate + private const int FinishStarted=2; + + // finish done, accept no more input or output + private const int FinishDone=3; + + // preset dictionary flag in zlib header + private const int PRESET_DICT=0x20; + + private const int Z_FILTERED=1; + private const int Z_HUFFMAN_ONLY=2; + private const int Z_DEFAULT_STRATEGY=0; + + private const int Z_NO_FLUSH=0; + private const int Z_PARTIAL_FLUSH=1; + private const int Z_SYNC_FLUSH=2; + private const int Z_FULL_FLUSH=3; + private const int Z_FINISH=4; + + private const int Z_OK=0; + private const int Z_STREAM_END=1; + private const int Z_NEED_DICT=2; + private const int Z_ERRNO=-1; + private const int Z_STREAM_ERROR=-2; + private const int Z_DATA_ERROR=-3; + private const int Z_MEM_ERROR=-4; + private const int Z_BUF_ERROR=-5; + private const int Z_VERSION_ERROR=-6; + + private const int INIT_STATE=42; + private const int BUSY_STATE=113; + private const int FINISH_STATE=666; + + // The deflate compression method + private const int Z_DEFLATED=8; + + private const int STORED_BLOCK=0; + private const int STATIC_TREES=1; + private const int DYN_TREES=2; + + // The three kinds of block type + private const int Z_BINARY=0; + private const int Z_ASCII=1; + private const int Z_UNKNOWN=2; + + private const int Buf_size=8*2; + + // repeat previous bit length 3-6 times (2 bits of repeat count) + private const int REP_3_6=16; + + // repeat a zero length 3-10 times (3 bits of repeat count) + private const int REPZ_3_10=17; + + // repeat a zero length 11-138 times (7 bits of repeat count) + private const int REPZ_11_138=18; + + private const int MIN_MATCH=3; + private const int MAX_MATCH=258; + private const int MIN_LOOKAHEAD=(MAX_MATCH+MIN_MATCH+1); + + private const int MAX_BITS=15; + private const int D_CODES=30; + private const int BL_CODES=19; + private const int LENGTH_CODES=29; + private const int LITERALS=256; + private const int L_CODES=(LITERALS+1+LENGTH_CODES); + private const int HEAP_SIZE=(2*L_CODES+1); + + private const int END_BLOCK=256; + + internal ZStream strm; // pointer back to this zlib stream + internal int status; // as the name implies + internal byte[] pending_buf; // output still pending + internal int pending_out; // next pending byte to output to the stream + internal int pending; // nb of bytes in the pending buffer + internal int noheader; // suppress zlib header and adler32 + internal byte data_type; // UNKNOWN, BINARY or ASCII + internal byte method; // STORED (for zip only) or DEFLATED + internal int last_flush; // value of flush param for previous deflate call + + internal int w_size; // LZ77 window size (32K by default) + internal int w_bits; // log2(w_size) (8..16) + internal int w_mask; // w_size - 1 + + internal byte[] window; + // Sliding window. Input bytes are read into the second half of the window, + // and move to the first half later to keep a dictionary of at least wSize + // bytes. With this organization, matches are limited to a distance of + // wSize-MAX_MATCH bytes, but this ensures that IO is always + // performed with a length multiple of the block size. Also, it limits + // the window size to 64K, which is quite useful on MSDOS. + // To do: use the user input buffer as sliding window. + + internal int window_size; + // Actual size of window: 2*wSize, except when the user input buffer + // is directly used as sliding window. + + internal short[] prev; + // Link to older string with same hash index. To limit the size of this + // array to 64K, this link is maintained only for the last 32K strings. + // An index in this array is thus a window index modulo 32K. + + internal short[] head; // Heads of the hash chains or NIL. + + internal int ins_h; // hash index of string to be inserted + internal int hash_size; // number of elements in hash table + internal int hash_bits; // log2(hash_size) + internal int hash_mask; // hash_size-1 + + // Number of bits by which ins_h must be shifted at each input + // step. It must be such that after MIN_MATCH steps, the oldest + // byte no longer takes part in the hash key, that is: + // hash_shift * MIN_MATCH >= hash_bits + internal int hash_shift; + + // Window position at the beginning of the current output block. Gets + // negative when the window is moved backwards. + + internal int block_start; + + internal int match_length; // length of best match + internal int prev_match; // previous match + internal int match_available; // set if previous match exists + internal int strstart; // start of string to insert + internal int match_start; // start of matching string + internal int lookahead; // number of valid bytes ahead in window + + // Length of the best match at previous step. Matches not greater than this + // are discarded. This is used in the lazy match evaluation. + internal int prev_length; + + // To speed up deflation, hash chains are never searched beyond this + // length. A higher limit improves compression ratio but degrades the speed. + internal int max_chain_length; + + // Attempt to find a better match only when the current match is strictly + // smaller than this value. This mechanism is used only for compression + // levels >= 4. + internal int max_lazy_match; + + // Insert new strings in the hash table only if the match length is not + // greater than this length. This saves time but degrades compression. + // max_insert_length is used only for compression levels <= 3. + + internal int level; // compression level (1..9) + internal int strategy; // favor or force Huffman coding + + // Use a faster search when the previous match is longer than this + internal int good_match; + + // Stop searching when current match exceeds this + internal int nice_match; + + internal short[] dyn_ltree; // literal and length tree + internal short[] dyn_dtree; // distance tree + internal short[] bl_tree; // Huffman tree for bit lengths + + internal Tree l_desc=new Tree(); // desc for literal tree + internal Tree d_desc=new Tree(); // desc for distance tree + internal Tree bl_desc=new Tree(); // desc for bit length tree + + // number of codes at each bit length for an optimal tree + internal short[] bl_count=new short[MAX_BITS+1]; + + // heap used to build the Huffman trees + internal int[] heap=new int[2*L_CODES+1]; + + internal int heap_len; // number of elements in the heap + internal int heap_max; // element of largest frequency + // The sons of heap[n] are heap[2*n] and heap[2*n+1]. heap[0] is not used. + // The same heap array is used to build all trees. + + // Depth of each subtree used as tie breaker for trees of equal frequency + internal byte[] depth=new byte[2*L_CODES+1]; + + internal int l_buf; // index for literals or lengths */ + + // Size of match buffer for literals/lengths. There are 4 reasons for + // limiting lit_bufsize to 64K: + // - frequencies can be kept in 16 bit counters + // - if compression is not successful for the first block, all input + // data is still in the window so we can still emit a stored block even + // when input comes from standard input. (This can also be done for + // all blocks if lit_bufsize is not greater than 32K.) + // - if compression is not successful for a file smaller than 64K, we can + // even emit a stored file instead of a stored block (saving 5 bytes). + // This is applicable only for zip (not gzip or zlib). + // - creating new Huffman trees less frequently may not provide fast + // adaptation to changes in the input data statistics. (Take for + // example a binary file with poorly compressible code followed by + // a highly compressible string table.) Smaller buffer sizes give + // fast adaptation but have of course the overhead of transmitting + // trees more frequently. + // - I can't count above 4 + internal int lit_bufsize; + + internal int last_lit; // running index in l_buf + + // Buffer for distances. To simplify the code, d_buf and l_buf have + // the same number of elements. To use different lengths, an extra flag + // array would be necessary. + + internal int d_buf; // index of pendig_buf + + internal int opt_len; // bit length of current block with optimal trees + internal int static_len; // bit length of current block with static trees + internal int matches; // number of string matches in current block + internal int last_eob_len; // bit length of EOB code for last block + + // Output buffer. bits are inserted starting at the bottom (least + // significant bits). + internal uint bi_buf; + + // Number of valid bits in bi_buf. All bits above the last valid bit + // are always zero. + internal int bi_valid; + + internal Deflate(){ + dyn_ltree=new short[HEAP_SIZE*2]; + dyn_dtree=new short[(2*D_CODES+1)*2]; // distance tree + bl_tree=new short[(2*BL_CODES+1)*2]; // Huffman tree for bit lengths + } + + internal void lm_init() { + window_size=2*w_size; + + head[hash_size-1]=0; + for(int i=0; i= 3; max_blindex--) { + if (bl_tree[Tree.bl_order[max_blindex]*2+1] != 0) break; + } + // Update opt_len to include the bit length tree and counts + opt_len += 3*(max_blindex+1) + 5+5+4; + + return max_blindex; + } + + + // Send the header for a block using dynamic Huffman trees: the counts, the + // lengths of the bit length codes, the literal tree and the distance tree. + // IN assertion: lcodes >= 257, dcodes >= 1, blcodes >= 4. + internal void send_all_trees(int lcodes, int dcodes, int blcodes){ + int rank; // index in bl_order + + send_bits(lcodes-257, 5); // not +255 as stated in appnote.txt + send_bits(dcodes-1, 5); + send_bits(blcodes-4, 4); // not -3 as stated in appnote.txt + for (rank = 0; rank < blcodes; rank++) { + send_bits(bl_tree[Tree.bl_order[rank]*2+1], 3); + } + send_tree(dyn_ltree, lcodes-1); // literal tree + send_tree(dyn_dtree, dcodes-1); // distance tree + } + + // Send a literal or distance tree in compressed form, using the codes in + // bl_tree. + internal void send_tree (short[] tree,// the tree to be sent + int max_code // and its largest code of non zero frequency + ){ + int n; // iterates over all tree elements + int prevlen = -1; // last emitted length + int curlen; // length of current code + int nextlen = tree[0*2+1]; // length of next code + int count = 0; // repeat count of the current code + int max_count = 7; // max repeat count + int min_count = 4; // min repeat count + + if (nextlen == 0){ max_count = 138; min_count = 3; } + + for (n = 0; n <= max_code; n++) { + curlen = nextlen; nextlen = tree[(n+1)*2+1]; + if(++count < max_count && curlen == nextlen) { + continue; + } + else if(count < min_count) { + do { send_code(curlen, bl_tree); } while (--count != 0); + } + else if(curlen != 0){ + if(curlen != prevlen){ + send_code(curlen, bl_tree); count--; + } + send_code(REP_3_6, bl_tree); + send_bits(count-3, 2); + } + else if(count <= 10){ + send_code(REPZ_3_10, bl_tree); + send_bits(count-3, 3); + } + else{ + send_code(REPZ_11_138, bl_tree); + send_bits(count-11, 7); + } + count = 0; prevlen = curlen; + if(nextlen == 0){ + max_count = 138; min_count = 3; + } + else if(curlen == nextlen){ + max_count = 6; min_count = 3; + } + else{ + max_count = 7; min_count = 4; + } + } + } + + // Output a byte on the stream. + // IN assertion: there is enough room in pending_buf. + internal void put_byte(byte[] p, int start, int len){ + System.Array.Copy(p, start, pending_buf, pending, len); + pending+=len; + } + + internal void put_byte(byte c){ + pending_buf[pending++]=c; + } + internal void put_short(int w) { + pending_buf[pending++]=(byte)(w/*&0xff*/); + pending_buf[pending++]=(byte)(w>>8); + } + internal void putShortMSB(int b){ + pending_buf[pending++]=(byte)(b>>8); + pending_buf[pending++]=(byte)(b/*&0xff*/); + } + + internal void send_code(int c, short[] tree){ + int c2=c*2; + send_bits((tree[c2]&0xffff), (tree[c2+1]&0xffff)); + } + + internal void send_bits(int val, int length){ + if (bi_valid > Buf_size - length) { + bi_buf |= (uint)(val << bi_valid); + pending_buf[pending++]=(byte)(bi_buf/*&0xff*/); + pending_buf[pending++]=(byte)(bi_buf>>8); + bi_buf = ((uint)val) >> (Buf_size - bi_valid); + bi_valid += length - Buf_size; + } else { + bi_buf |= (uint)(val << bi_valid); + bi_valid += length; + } +// int len = length; +// if (bi_valid > (int)Buf_size - len) { +// int val = value; +// // bi_buf |= (val << bi_valid); +// bi_buf = (short)((ushort)bi_buf | (ushort)((val << bi_valid)&0xffff)); +// put_short(bi_buf); +// bi_buf = (short)(((uint)val) >> (Buf_size - bi_valid)); +// bi_valid += len - Buf_size; +// } else { +// // bi_buf |= (value) << bi_valid; +// bi_buf = (short)((ushort)bi_buf | (ushort)(((value) << bi_valid)&0xffff)); +// bi_valid += len; +// } + } + + // Send one empty static block to give enough lookahead for inflate. + // This takes 10 bits, of which 7 may remain in the bit buffer. + // The current inflate code requires 9 bits of lookahead. If the + // last two codes for the previous block (real code plus EOB) were coded + // on 5 bits or less, inflate may have only 5+3 bits of lookahead to decode + // the last real code. In this case we send two empty static blocks instead + // of one. (There are no problems if the previous block is stored or fixed.) + // To simplify the code, we assume the worst case of last real code encoded + // on one bit only. + internal void _tr_align(){ + send_bits(STATIC_TREES<<1, 3); + send_code(END_BLOCK, StaticTree.static_ltree); + + bi_flush(); + + // Of the 10 bits for the empty block, we have already sent + // (10 - bi_valid) bits. The lookahead for the last real code (before + // the EOB of the previous block) was thus at least one plus the length + // of the EOB plus what we have just sent of the empty static block. + if (1 + last_eob_len + 10 - bi_valid < 9) { + send_bits(STATIC_TREES<<1, 3); + send_code(END_BLOCK, StaticTree.static_ltree); + bi_flush(); + } + last_eob_len = 7; + } + + + // Save the match info and tally the frequency counts. Return true if + // the current block must be flushed. + internal bool _tr_tally (int dist, // distance of matched string + int lc // match length-MIN_MATCH or unmatched char (if dist==0) + ){ + + pending_buf[d_buf+last_lit*2] = (byte)(dist>>8); + pending_buf[d_buf+last_lit*2+1] = (byte)dist; + + pending_buf[l_buf+last_lit] = (byte)lc; last_lit++; + + if (dist == 0) { + // lc is the unmatched char + dyn_ltree[lc*2]++; + } + else { + matches++; + // Here, lc is the match length - MIN_MATCH + dist--; // dist = match distance - 1 + dyn_ltree[(Tree._length_code[lc]+LITERALS+1)*2]++; + dyn_dtree[Tree.d_code(dist)*2]++; + } + + if ((last_lit & 0x1fff) == 0 && level > 2) { + // Compute an upper bound for the compressed length + int out_length = last_lit*8; + int in_length = strstart - block_start; + int dcode; + for (dcode = 0; dcode < D_CODES; dcode++) { + out_length += (int)((int)dyn_dtree[dcode*2] * + (5L+Tree.extra_dbits[dcode])); + } + out_length >>= 3; + if ((matches < (last_lit/2)) && out_length < in_length/2) return true; + } + + return (last_lit == lit_bufsize-1); + // We avoid equality with lit_bufsize because of wraparound at 64K + // on 16 bit machines and because stored blocks are restricted to + // 64K-1 bytes. + } + + // Send the block data compressed using the given Huffman trees + internal void compress_block(short[] ltree, short[] dtree){ + int dist; // distance of matched string + int lc; // match length or unmatched char (if dist == 0) + int lx = 0; // running index in l_buf + int code; // the code to send + int extra; // number of extra bits to send + + if (last_lit != 0){ + do{ + dist=((pending_buf[d_buf+lx*2]<<8)&0xff00)| + (pending_buf[d_buf+lx*2+1]&0xff); + lc=(pending_buf[l_buf+lx])&0xff; lx++; + + if(dist == 0){ + send_code(lc, ltree); // send a literal byte + } + else{ + // Here, lc is the match length - MIN_MATCH + code = Tree._length_code[lc]; + + send_code(code+LITERALS+1, ltree); // send the length code + extra = Tree.extra_lbits[code]; + if(extra != 0){ + lc -= Tree.base_length[code]; + send_bits(lc, extra); // send the extra length bits + } + dist--; // dist is now the match distance - 1 + code = Tree.d_code(dist); + + send_code(code, dtree); // send the distance code + extra = Tree.extra_dbits[code]; + if (extra != 0) { + dist -= Tree.base_dist[code]; + send_bits(dist, extra); // send the extra distance bits + } + } // literal or match pair ? + + // Check that the overlay between pending_buf and d_buf+l_buf is ok: + } + while (lx < last_lit); + } + + send_code(END_BLOCK, ltree); + last_eob_len = ltree[END_BLOCK*2+1]; + } + + // Set the data type to ASCII or BINARY, using a crude approximation: + // binary if more than 20% of the bytes are <= 6 or >= 128, ascii otherwise. + // IN assertion: the fields freq of dyn_ltree are set and the total of all + // frequencies does not exceed 64K (to fit in an int on 16 bit machines). + internal void set_data_type(){ + int n = 0; + int ascii_freq = 0; + int bin_freq = 0; + while(n<7){ bin_freq += dyn_ltree[n*2]; n++;} + while(n<128){ ascii_freq += dyn_ltree[n*2]; n++;} + while(n (ascii_freq >> 2) ? Z_BINARY : Z_ASCII); + } + + // Flush the bit buffer, keeping at most 7 bits in it. + internal void bi_flush(){ + if (bi_valid == 16) { + pending_buf[pending++]=(byte)(bi_buf/*&0xff*/); + pending_buf[pending++]=(byte)(bi_buf>>8); + bi_buf=0; + bi_valid=0; + } + else if (bi_valid >= 8) { + pending_buf[pending++]=(byte)(bi_buf); + bi_buf>>=8; + bi_buf &= 0x00ff; + bi_valid-=8; + } + } + + // Flush the bit buffer and align the output on a byte boundary + internal void bi_windup(){ + if (bi_valid > 8) { + pending_buf[pending++]=(byte)(bi_buf); + pending_buf[pending++]=(byte)(bi_buf>>8); + } else if (bi_valid > 0) { + pending_buf[pending++]=(byte)(bi_buf); + } + bi_buf = 0; + bi_valid = 0; + } + + // Copy a stored block, storing first the length and its + // one's complement if requested. + internal void copy_block(int buf, // the input data + int len, // its length + bool header // true if block header must be written + ){ + //int index=0; + bi_windup(); // align on byte boundary + last_eob_len = 8; // enough lookahead for inflate + + if (header) { + put_short((short)len); + put_short((short)~len); + } + + // while(len--!=0) { + // put_byte(window[buf+index]); + // index++; + // } + put_byte(window, buf, len); + } + + internal void flush_block_only(bool eof){ + _tr_flush_block(block_start>=0 ? block_start : -1, + strstart-block_start, + eof); + block_start=strstart; + strm.flush_pending(); + } + + // Copy without compression as much as possible from the input stream, return + // the current block state. + // This function does not insert new strings in the dictionary since + // uncompressible data is probably not useful. This function is used + // only for the level=0 compression option. + // NOTE: this function should be optimized to avoid extra copying from + // window to pending_buf. + internal int deflate_stored(int flush){ + // Stored blocks are limited to 0xffff bytes, pending_buf is limited + // to pending_buf_size, and each stored block has a 5 byte header: + + int max_block_size = System.Math.Min(0xffff, pending_buf.Length - 5); + int max_start; + + // Copy as much as possible from input to output: + while(true){ + // Fill the window as much as possible: + if(lookahead<=1){ + fill_window(); + if(lookahead==0 && flush==Z_NO_FLUSH) return NeedMore; + if(lookahead==0) break; // flush the current block + } + + strstart+=lookahead; + lookahead=0; + + // Emit a stored block if pending_buf will be full: + max_start=block_start+max_block_size; + if(strstart==0|| strstart>=max_start) { + // strstart == 0 is possible when wraparound on 16-bit machine + lookahead = (int)(strstart-max_start); + strstart = (int)max_start; + + flush_block_only(false); + if(strm.avail_out==0) return NeedMore; + + } + + // Flush if we may have to slide, otherwise block_start may become + // negative and the data will be gone: + if(strstart-block_start >= w_size-MIN_LOOKAHEAD) { + flush_block_only(false); + if(strm.avail_out==0) return NeedMore; + } + } + + flush_block_only(flush == Z_FINISH); + if(strm.avail_out==0) + return (flush == Z_FINISH) ? FinishStarted : NeedMore; + + return flush == Z_FINISH ? FinishDone : BlockDone; + } + + // Send a stored block + internal void _tr_stored_block(int buf, // input block + int stored_len, // length of input block + bool eof // true if this is the last block for a file + ){ + send_bits((STORED_BLOCK<<1)+(eof?1:0), 3); // send block type + copy_block(buf, stored_len, true); // with header + } + + // Determine the best encoding for the current block: dynamic trees, static + // trees or store, and output the encoded block to the zip file. + internal void _tr_flush_block(int buf, // input block, or NULL if too old + int stored_len, // length of input block + bool eof // true if this is the last block for a file + ) { + int opt_lenb, static_lenb;// opt_len and static_len in bytes + int max_blindex = 0; // index of last bit length code of non zero freq + + // Build the Huffman trees unless a stored block is forced + if(level > 0) { + // Check if the file is ascii or binary + if(data_type == Z_UNKNOWN) set_data_type(); + + // Construct the literal and distance trees + l_desc.build_tree(this); + + d_desc.build_tree(this); + + // At this point, opt_len and static_len are the total bit lengths of + // the compressed block data, excluding the tree representations. + + // Build the bit length tree for the above two trees, and get the index + // in bl_order of the last bit length code to send. + max_blindex=build_bl_tree(); + + // Determine the best encoding. Compute first the block length in bytes + opt_lenb=(opt_len+3+7)>>3; + static_lenb=(static_len+3+7)>>3; + + if(static_lenb<=opt_lenb) opt_lenb=static_lenb; + } + else { + opt_lenb=static_lenb=stored_len+5; // force a stored block + } + + if(stored_len+4<=opt_lenb && buf != -1){ + // 4: two words for the lengths + // The test buf != NULL is only necessary if LIT_BUFSIZE > WSIZE. + // Otherwise we can't have processed more than WSIZE input bytes since + // the last block flush, because compression would have been + // successful. If LIT_BUFSIZE <= WSIZE, it is never too late to + // transform a block into a stored block. + _tr_stored_block(buf, stored_len, eof); + } + else if(static_lenb == opt_lenb){ + send_bits((STATIC_TREES<<1)+(eof?1:0), 3); + compress_block(StaticTree.static_ltree, StaticTree.static_dtree); + } + else{ + send_bits((DYN_TREES<<1)+(eof?1:0), 3); + send_all_trees(l_desc.max_code+1, d_desc.max_code+1, max_blindex+1); + compress_block(dyn_ltree, dyn_dtree); + } + + // The above check is made mod 2^32, for files larger than 512 MB + // and uLong implemented on 32 bits. + + init_block(); + + if(eof){ + bi_windup(); + } + } + + // Fill the window when the lookahead becomes insufficient. + // Updates strstart and lookahead. + // + // IN assertion: lookahead < MIN_LOOKAHEAD + // OUT assertions: strstart <= window_size-MIN_LOOKAHEAD + // At least one byte has been read, or avail_in == 0; reads are + // performed for at least two bytes (required for the zip translate_eol + // option -- not supported here). + internal void fill_window(){ + int n, m; + int p; + int more; // Amount of free space at the end of the window. + + do{ + more = (window_size-lookahead-strstart); + + // Deal with !@#$% 64K limit: + if(more==0 && strstart==0 && lookahead==0){ + more = w_size; + } + else if(more==-1) { + // Very unlikely, but possible on 16 bit machine if strstart == 0 + // and lookahead == 1 (input done one byte at time) + more--; + + // If the window is almost full and there is insufficient lookahead, + // move the upper half to the lower one to make room in the upper half. + } + else if(strstart >= w_size+ w_size-MIN_LOOKAHEAD) { + System.Array.Copy(window, w_size, window, 0, w_size); + match_start-=w_size; + strstart-=w_size; // we now have strstart >= MAX_DIST + block_start-=w_size; + + // Slide the hash table (could be avoided with 32 bit values + // at the expense of memory usage). We slide even when level == 0 + // to keep the hash table consistent if we switch back to level > 0 + // later. (Using level 0 permanently is not an optimal usage of + // zlib, so we don't care about this pathological case.) + + n = hash_size; + p=n; + do { + m = (head[--p]&0xffff); + head[p]=(short)(m>=w_size ? (m-w_size) : 0); + } + while (--n != 0); + + n = w_size; + p = n; + do { + m = (prev[--p]&0xffff); + prev[p] = (short)(m >= w_size ? (m-w_size) : 0); + // If n is not on any hash chain, prev[n] is garbage but + // its value will never be used. + } + while (--n!=0); + more += w_size; + } + + if (strm.avail_in == 0) return; + + // If there was no sliding: + // strstart <= WSIZE+MAX_DIST-1 && lookahead <= MIN_LOOKAHEAD - 1 && + // more == window_size - lookahead - strstart + // => more >= window_size - (MIN_LOOKAHEAD-1 + WSIZE + MAX_DIST-1) + // => more >= window_size - 2*WSIZE + 2 + // In the BIG_MEM or MMAP case (not yet supported), + // window_size == input_size + MIN_LOOKAHEAD && + // strstart + s->lookahead <= input_size => more >= MIN_LOOKAHEAD. + // Otherwise, window_size == 2*WSIZE so more >= 2. + // If there was sliding, more >= WSIZE. So in all cases, more >= 2. + + n = strm.read_buf(window, strstart + lookahead, more); + lookahead += n; + + // Initialize the hash value now that we have some input: + if(lookahead >= MIN_MATCH) { + ins_h = window[strstart]&0xff; + ins_h=(((ins_h)<= MIN_MATCH){ + ins_h=(((ins_h)<=MIN_MATCH){ + // check_match(strstart, match_start, match_length); + + bflush=_tr_tally(strstart-match_start, match_length-MIN_MATCH); + + lookahead -= match_length; + + // Insert new strings in the hash table only if the match length + // is not too large. This saves time but degrades compression. + if(match_length <= max_lazy_match && + lookahead >= MIN_MATCH) { + match_length--; // string at strstart already in hash table + do{ + strstart++; + + ins_h=((ins_h<= MIN_MATCH) { + ins_h=(((ins_h)< 4096))) { + + // If prev_match is also MIN_MATCH, match_start is garbage + // but we will ignore the current match anyway. + match_length = MIN_MATCH-1; + } + } + + // If there was a match at the previous step and the current + // match is not better, output the previous match: + if(prev_length >= MIN_MATCH && match_length <= prev_length) { + int max_insert = strstart + lookahead - MIN_MATCH; + // Do not insert strings in hash table beyond this. + + // check_match(strstart-1, prev_match, prev_length); + + bflush=_tr_tally(strstart-1-prev_match, prev_length - MIN_MATCH); + + // Insert in hash table all strings up to the end of the match. + // strstart-1 and strstart are already inserted. If there is not + // enough lookahead, the last two strings are not inserted in + // the hash table. + lookahead -= prev_length-1; + prev_length -= 2; + do{ + if(++strstart <= max_insert) { + ins_h=(((ins_h)<(w_size-MIN_LOOKAHEAD) ? + strstart-(w_size-MIN_LOOKAHEAD) : 0; + int nice_match=this.nice_match; + + // Stop when cur_match becomes <= limit. To simplify the code, + // we prevent matches with the string of window index 0. + + int wmask = w_mask; + + int strend = strstart + MAX_MATCH; + byte scan_end1 = window[scan+best_len-1]; + byte scan_end = window[scan+best_len]; + + // The code is optimized for HASH_BITS >= 8 and MAX_MATCH-2 multiple of 16. + // It is easy to get rid of this optimization if necessary. + + // Do not waste too much time if we already have a good match: + if (prev_length >= good_match) { + chain_length >>= 2; + } + + // Do not look for matches beyond the end of the input. This is necessary + // to make deflate deterministic. + if (nice_match > lookahead) nice_match = lookahead; + + do { + match = cur_match; + + // Skip to next match if the match length cannot increase + // or if the match length is less than 2: + if (window[match+best_len] != scan_end || + window[match+best_len-1] != scan_end1 || + window[match] != window[scan] || + window[++match] != window[scan+1]) continue; + + // The check at best_len-1 can be removed because it will be made + // again later. (This heuristic is not always a win.) + // It is not necessary to compare scan[2] and match[2] since they + // are always equal when the other bytes match, given that + // the hash keys are equal and that HASH_BITS >= 8. + scan += 2; match++; + + // We check for insufficient lookahead only every 8th comparison; + // the 256th check will be made at strstart+258. + do { + } while (window[++scan] == window[++match] && + window[++scan] == window[++match] && + window[++scan] == window[++match] && + window[++scan] == window[++match] && + window[++scan] == window[++match] && + window[++scan] == window[++match] && + window[++scan] == window[++match] && + window[++scan] == window[++match] && + scan < strend); + + len = MAX_MATCH - (int)(strend - scan); + scan = strend - MAX_MATCH; + + if(len>best_len) { + match_start = cur_match; + best_len = len; + if (len >= nice_match) break; + scan_end1 = window[scan+best_len-1]; + scan_end = window[scan+best_len]; + } + + } while ((cur_match = (prev[cur_match & wmask]&0xffff)) > limit + && --chain_length != 0); + + if (best_len <= lookahead) return best_len; + return lookahead; + } + + internal int deflateInit(ZStream strm, int level, int bits){ + return deflateInit2(strm, level, Z_DEFLATED, bits, DEF_MEM_LEVEL, + Z_DEFAULT_STRATEGY); + } + internal int deflateInit(ZStream strm, int level){ + return deflateInit(strm, level, MAX_WBITS); + } + internal int deflateInit2(ZStream strm, int level, int method, int windowBits, + int memLevel, int strategy){ + int noheader = 0; + // byte[] my_version=ZLIB_VERSION; + + // + // if (version == null || version[0] != my_version[0] + // || stream_size != sizeof(z_stream)) { + // return Z_VERSION_ERROR; + // } + + strm.msg = null; + + if (level == Z_DEFAULT_COMPRESSION) level = 6; + + if (windowBits < 0) { // undocumented feature: suppress zlib header + noheader = 1; + windowBits = -windowBits; + } + + if (memLevel < 1 || memLevel > MAX_MEM_LEVEL || + method != Z_DEFLATED || + windowBits < 9 || windowBits > 15 || level < 0 || level > 9 || + strategy < 0 || strategy > Z_HUFFMAN_ONLY) { + return Z_STREAM_ERROR; + } + + strm.dstate = (Deflate)this; + + this.noheader = noheader; + w_bits = windowBits; + w_size = 1 << w_bits; + w_mask = w_size - 1; + + hash_bits = memLevel + 7; + hash_size = 1 << hash_bits; + hash_mask = hash_size - 1; + hash_shift = ((hash_bits+MIN_MATCH-1)/MIN_MATCH); + + window = new byte[w_size*2]; + prev = new short[w_size]; + head = new short[hash_size]; + + lit_bufsize = 1 << (memLevel + 6); // 16K elements by default + + // We overlay pending_buf and d_buf+l_buf. This works since the average + // output size for (length,distance) codes is <= 24 bits. + pending_buf = new byte[lit_bufsize*4]; + + d_buf = lit_bufsize; + l_buf = (1+2)*lit_bufsize; + + this.level = level; + + //System.out.println("level="+level); + + this.strategy = strategy; + this.method = (byte)method; + + return deflateReset(strm); + } + + internal int deflateReset(ZStream strm){ + strm.total_in = strm.total_out = 0; + strm.msg = null; // + strm.data_type = Z_UNKNOWN; + + pending = 0; + pending_out = 0; + + if(noheader < 0) { + noheader = 0; // was set to -1 by deflate(..., Z_FINISH); + } + status = (noheader!=0) ? BUSY_STATE : INIT_STATE; + strm.adler=strm._adler.adler32(0, null, 0, 0); + + last_flush = Z_NO_FLUSH; + + tr_init(); + lm_init(); + return Z_OK; + } + + internal int deflateEnd(){ + if(status!=INIT_STATE && status!=BUSY_STATE && status!=FINISH_STATE){ + return Z_STREAM_ERROR; + } + // Deallocate in reverse order of allocations: + pending_buf=null; + head=null; + prev=null; + window=null; + // free + // dstate=null; + return status == BUSY_STATE ? Z_DATA_ERROR : Z_OK; + } + + internal int deflateParams(ZStream strm, int _level, int _strategy){ + int err=Z_OK; + + if(_level == Z_DEFAULT_COMPRESSION){ + _level = 6; + } + if(_level < 0 || _level > 9 || + _strategy < 0 || _strategy > Z_HUFFMAN_ONLY) { + return Z_STREAM_ERROR; + } + + if(config_table[level].func!=config_table[_level].func && + strm.total_in != 0) { + // Flush the last buffer: + err = strm.deflate(Z_PARTIAL_FLUSH); + } + + if(level != _level) { + level = _level; + max_lazy_match = config_table[level].max_lazy; + good_match = config_table[level].good_length; + nice_match = config_table[level].nice_length; + max_chain_length = config_table[level].max_chain; + } + strategy = _strategy; + return err; + } + + internal int deflateSetDictionary (ZStream strm, byte[] dictionary, int dictLength){ + int length = dictLength; + int index=0; + + if(dictionary == null || status != INIT_STATE) + return Z_STREAM_ERROR; + + strm.adler=strm._adler.adler32(strm.adler, dictionary, 0, dictLength); + + if(length < MIN_MATCH) return Z_OK; + if(length > w_size-MIN_LOOKAHEAD){ + length = w_size-MIN_LOOKAHEAD; + index=dictLength-length; // use the tail of the dictionary + } + System.Array.Copy(dictionary, index, window, 0, length); + strstart = length; + block_start = length; + + // Insert all strings in the hash table (except for the last two bytes). + // s->lookahead stays null, so s->ins_h will be recomputed at the next + // call of fill_window. + + ins_h = window[0]&0xff; + ins_h=(((ins_h)<Z_FINISH || flush<0){ + return Z_STREAM_ERROR; + } + + if(strm.next_out == null || + (strm.next_in == null && strm.avail_in != 0) || + (status == FINISH_STATE && flush != Z_FINISH)) { + strm.msg=z_errmsg[Z_NEED_DICT-(Z_STREAM_ERROR)]; + return Z_STREAM_ERROR; + } + if(strm.avail_out == 0){ + strm.msg=z_errmsg[Z_NEED_DICT-(Z_BUF_ERROR)]; + return Z_BUF_ERROR; + } + + this.strm = strm; // just in case + old_flush = last_flush; + last_flush = flush; + + // Write the zlib header + if(status == INIT_STATE) { + int header = (Z_DEFLATED+((w_bits-8)<<4))<<8; + int level_flags=((level-1)&0xff)>>1; + + if(level_flags>3) level_flags=3; + header |= (level_flags<<6); + if(strstart!=0) header |= PRESET_DICT; + header+=31-(header % 31); + + status=BUSY_STATE; + putShortMSB(header); + + + // Save the adler32 of the preset dictionary: + if(strstart!=0){ + putShortMSB((int)(strm.adler>>16)); + putShortMSB((int)(strm.adler&0xffff)); + } + strm.adler=strm._adler.adler32(0, null, 0, 0); + } + + // Flush as much pending output as possible + if(pending != 0) { + strm.flush_pending(); + if(strm.avail_out == 0) { + //System.out.println(" avail_out==0"); + // Since avail_out is 0, deflate will be called again with + // more output space, but possibly with both pending and + // avail_in equal to zero. There won't be anything to do, + // but this is not an error situation so make sure we + // return OK instead of BUF_ERROR at next call of deflate: + last_flush = -1; + return Z_OK; + } + + // Make sure there is something to do and avoid duplicate consecutive + // flushes. For repeated and useless calls with Z_FINISH, we keep + // returning Z_STREAM_END instead of Z_BUFF_ERROR. + } + else if(strm.avail_in==0 && flush <= old_flush && + flush != Z_FINISH) { + strm.msg=z_errmsg[Z_NEED_DICT-(Z_BUF_ERROR)]; + return Z_BUF_ERROR; + } + + // User must not provide more input after the first FINISH: + if(status == FINISH_STATE && strm.avail_in != 0) { + strm.msg=z_errmsg[Z_NEED_DICT-(Z_BUF_ERROR)]; + return Z_BUF_ERROR; + } + + // Start a new block or continue the current one. + if(strm.avail_in!=0 || lookahead!=0 || + (flush != Z_NO_FLUSH && status != FINISH_STATE)) { + int bstate=-1; + switch(config_table[level].func){ + case STORED: + bstate = deflate_stored(flush); + break; + case FAST: + bstate = deflate_fast(flush); + break; + case SLOW: + bstate = deflate_slow(flush); + break; + default: + break; + } + + if (bstate==FinishStarted || bstate==FinishDone) { + status = FINISH_STATE; + } + if (bstate==NeedMore || bstate==FinishStarted) { + if(strm.avail_out == 0) { + last_flush = -1; // avoid BUF_ERROR next call, see above + } + return Z_OK; + // If flush != Z_NO_FLUSH && avail_out == 0, the next call + // of deflate should use the same flush parameter to make sure + // that the flush is complete. So we don't have to output an + // empty block here, this will be done at next call. This also + // ensures that for a very small output buffer, we emit at most + // one empty block. + } + + if (bstate==BlockDone) { + if(flush == Z_PARTIAL_FLUSH) { + _tr_align(); + } + else { // FULL_FLUSH or SYNC_FLUSH + _tr_stored_block(0, 0, false); + // For a full flush, this empty block will be recognized + // as a special marker by inflate_sync(). + if(flush == Z_FULL_FLUSH) { + //state.head[s.hash_size-1]=0; + for(int i=0; i>16)); + putShortMSB((int)(strm.adler&0xffff)); + strm.flush_pending(); + + // If avail_out is zero, the application will call deflate again + // to flush the rest. + noheader = -1; // write the trailer only once! + return pending != 0 ? Z_OK : Z_STREAM_END; + } + } +} \ No newline at end of file diff --git a/BouncyCastle/crypto/src/util/zlib/InfBlocks.cs b/BouncyCastle/crypto/src/util/zlib/InfBlocks.cs new file mode 100644 index 0000000..479d9b5 --- /dev/null +++ b/BouncyCastle/crypto/src/util/zlib/InfBlocks.cs @@ -0,0 +1,618 @@ +using System; +/* + * $Id: InfBlocks.cs,v 1.2 2008-05-10 09:35:40 bouncy Exp $ + * +Copyright (c) 2000,2001,2002,2003 ymnk, JCraft,Inc. All rights reserved. + +Redistribution and use in source and binary forms, with or without +modification, are permitted provided that the following conditions are met: + + 1. Redistributions of source code must retain the above copyright notice, + this list of conditions and the following disclaimer. + + 2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in + the documentation and/or other materials provided with the distribution. + + 3. The names of the authors may not be used to endorse or promote products + derived from this software without specific prior written permission. + +THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESSED OR IMPLIED WARRANTIES, +INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND +FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL JCRAFT, +INC. OR ANY CONTRIBUTORS TO THIS SOFTWARE BE LIABLE FOR ANY DIRECT, INDIRECT, +INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT +LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, +OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF +LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING +NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, +EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + */ +/* + * This program is based on zlib-1.1.3, so all credit should go authors + * Jean-loup Gailly(jloup@gzip.org) and Mark Adler(madler@alumni.caltech.edu) + * and contributors of zlib. + */ + +namespace Org.BouncyCastle.Utilities.Zlib { + + internal sealed class InfBlocks{ + private const int MANY=1440; + + // And'ing with mask[n] masks the lower n bits + private static readonly int[] inflate_mask = { + 0x00000000, 0x00000001, 0x00000003, 0x00000007, 0x0000000f, + 0x0000001f, 0x0000003f, 0x0000007f, 0x000000ff, 0x000001ff, + 0x000003ff, 0x000007ff, 0x00000fff, 0x00001fff, 0x00003fff, + 0x00007fff, 0x0000ffff + }; + + // Table for deflate from PKZIP's appnote.txt. + static readonly int[] border = { // Order of the bit length code lengths + 16, 17, 18, 0, 8, 7, 9, 6, 10, 5, 11, 4, 12, 3, 13, 2, 14, 1, 15 + }; + + private const int Z_OK=0; + private const int Z_STREAM_END=1; + private const int Z_NEED_DICT=2; + private const int Z_ERRNO=-1; + private const int Z_STREAM_ERROR=-2; + private const int Z_DATA_ERROR=-3; + private const int Z_MEM_ERROR=-4; + private const int Z_BUF_ERROR=-5; + private const int Z_VERSION_ERROR=-6; + + private const int TYPE=0; // get type bits (3, including end bit) + private const int LENS=1; // get lengths for stored + private const int STORED=2;// processing stored block + private const int TABLE=3; // get table lengths + private const int BTREE=4; // get bit lengths tree for a dynamic block + private const int DTREE=5; // get length, distance trees for a dynamic block + private const int CODES=6; // processing fixed or dynamic block + private const int DRY=7; // output remaining window bytes + private const int DONE=8; // finished last block, done + private const int BAD=9; // ot a data error--stuck here + + internal int mode; // current inflate_block mode + + internal int left; // if STORED, bytes left to copy + + internal int table; // table lengths (14 bits) + internal int index; // index into blens (or border) + internal int[] blens; // bit lengths of codes + internal int[] bb=new int[1]; // bit length tree depth + internal int[] tb=new int[1]; // bit length decoding tree + + internal InfCodes codes=new InfCodes(); // if CODES, current state + + int last; // true if this block is the last block + + // mode independent information + internal int bitk; // bits in bit buffer + internal int bitb; // bit buffer + internal int[] hufts; // single malloc for tree space + internal byte[] window; // sliding window + internal int end; // one byte after sliding window + internal int read; // window read pointer + internal int write; // window write pointer + internal Object checkfn; // check function + internal long check; // check on output + + internal InfTree inftree=new InfTree(); + + internal InfBlocks(ZStream z, Object checkfn, int w){ + hufts=new int[MANY*3]; + window=new byte[w]; + end=w; + this.checkfn = checkfn; + mode = TYPE; + reset(z, null); + } + + internal void reset(ZStream z, long[] c){ + if(c!=null) c[0]=check; + if(mode==BTREE || mode==DTREE){ + } + if(mode==CODES){ + codes.free(z); + } + mode=TYPE; + bitk=0; + bitb=0; + read=write=0; + + if(checkfn != null) + z.adler=check=z._adler.adler32(0L, null, 0, 0); + } + + internal int proc(ZStream z, int r){ + int t; // temporary storage + int b; // bit buffer + int k; // bits in bit buffer + int p; // input data pointer + int n; // bytes available there + int q; // output window write pointer + int m; { // bytes to end of window or read pointer + + // copy input/output information to locals (UPDATE macro restores) + p=z.next_in_index;n=z.avail_in;b=bitb;k=bitk;} { + q=write;m=(int)(q> 1){ + case 0: { // stored + b>>=(3);k-=(3);} + t = k & 7; { // go to byte boundary + + b>>=(t);k-=(t);} + mode = LENS; // get length of stored block + break; + case 1: { // fixed + int[] bl=new int[1]; + int[] bd=new int[1]; + int[][] tl=new int[1][]; + int[][] td=new int[1][]; + + InfTree.inflate_trees_fixed(bl, bd, tl, td, z); + codes.init(bl[0], bd[0], tl[0], 0, td[0], 0, z); + } { + + b>>=(3);k-=(3);} + + mode = CODES; + break; + case 2: { // dynamic + + b>>=(3);k-=(3);} + + mode = TABLE; + break; + case 3: { // illegal + + b>>=(3);k-=(3);} + mode = BAD; + z.msg = "invalid block type"; + r = Z_DATA_ERROR; + + bitb=b; bitk=k; + z.avail_in=n;z.total_in+=p-z.next_in_index;z.next_in_index=p; + write=q; + return inflate_flush(z,r); + } + break; + case LENS: + + while(k<(32)){ + if(n!=0){ + r=Z_OK; + } + else{ + bitb=b; bitk=k; + z.avail_in=n; + z.total_in+=p-z.next_in_index;z.next_in_index=p; + write=q; + return inflate_flush(z,r); + }; + n--; + b|=(z.next_in[p++]&0xff)<> 16) & 0xffff) != (b & 0xffff)){ + mode = BAD; + z.msg = "invalid stored block lengths"; + r = Z_DATA_ERROR; + + bitb=b; bitk=k; + z.avail_in=n;z.total_in+=p-z.next_in_index;z.next_in_index=p; + write=q; + return inflate_flush(z,r); + } + left = (b & 0xffff); + b = k = 0; // dump bits + mode = left!=0 ? STORED : (last!=0 ? DRY : TYPE); + break; + case STORED: + if (n == 0){ + bitb=b; bitk=k; + z.avail_in=n;z.total_in+=p-z.next_in_index;z.next_in_index=p; + write=q; + return inflate_flush(z,r); + } + + if(m==0){ + if(q==end&&read!=0){ + q=0; m=(int)(qn) t = n; + if(t>m) t = m; + System.Array.Copy(z.next_in, p, window, q, t); + p += t; n -= t; + q += t; m -= t; + if ((left -= t) != 0) + break; + mode = last!=0 ? DRY : TYPE; + break; + case TABLE: + + while(k<(14)){ + if(n!=0){ + r=Z_OK; + } + else{ + bitb=b; bitk=k; + z.avail_in=n; + z.total_in+=p-z.next_in_index;z.next_in_index=p; + write=q; + return inflate_flush(z,r); + }; + n--; + b|=(z.next_in[p++]&0xff)< 29 || ((t >> 5) & 0x1f) > 29) { + mode = BAD; + z.msg = "too many length or distance symbols"; + r = Z_DATA_ERROR; + + bitb=b; bitk=k; + z.avail_in=n;z.total_in+=p-z.next_in_index;z.next_in_index=p; + write=q; + return inflate_flush(z,r); + } + t = 258 + (t & 0x1f) + ((t >> 5) & 0x1f); + if(blens==null || blens.Length>=(14);k-=(14);} + + index = 0; + mode = BTREE; + goto case BTREE; + case BTREE: + while (index < 4 + (table >> 10)){ + while(k<(3)){ + if(n!=0){ + r=Z_OK; + } + else{ + bitb=b; bitk=k; + z.avail_in=n; + z.total_in+=p-z.next_in_index;z.next_in_index=p; + write=q; + return inflate_flush(z,r); + }; + n--; + b|=(z.next_in[p++]&0xff)<>=(3);k-=(3);} + } + + while(index < 19){ + blens[border[index++]] = 0; + } + + bb[0] = 7; + t = inftree.inflate_trees_bits(blens, bb, tb, hufts, z); + if (t != Z_OK){ + r = t; + if (r == Z_DATA_ERROR){ + blens=null; + mode = BAD; + } + + bitb=b; bitk=k; + z.avail_in=n;z.total_in+=p-z.next_in_index;z.next_in_index=p; + write=q; + return inflate_flush(z,r); + } + + index = 0; + mode = DTREE; + goto case DTREE; + case DTREE: + while (true){ + t = table; + if(!(index < 258 + (t & 0x1f) + ((t >> 5) & 0x1f))){ + break; + } + + int i, j, c; + + t = bb[0]; + + while(k<(t)){ + if(n!=0){ + r=Z_OK; + } + else{ + bitb=b; bitk=k; + z.avail_in=n; + z.total_in+=p-z.next_in_index;z.next_in_index=p; + write=q; + return inflate_flush(z,r); + }; + n--; + b|=(z.next_in[p++]&0xff)<>=(t);k-=(t); + blens[index++] = c; + } + else { // c == 16..18 + i = c == 18 ? 7 : c - 14; + j = c == 18 ? 11 : 3; + + while(k<(t+i)){ + if(n!=0){ + r=Z_OK; + } + else{ + bitb=b; bitk=k; + z.avail_in=n; + z.total_in+=p-z.next_in_index;z.next_in_index=p; + write=q; + return inflate_flush(z,r); + }; + n--; + b|=(z.next_in[p++]&0xff)<>=(t);k-=(t); + + j += (b & inflate_mask[i]); + + b>>=(i);k-=(i); + + i = index; + t = table; + if (i + j > 258 + (t & 0x1f) + ((t >> 5) & 0x1f) || + (c == 16 && i < 1)){ + blens=null; + mode = BAD; + z.msg = "invalid bit length repeat"; + r = Z_DATA_ERROR; + + bitb=b; bitk=k; + z.avail_in=n;z.total_in+=p-z.next_in_index;z.next_in_index=p; + write=q; + return inflate_flush(z,r); + } + + c = c == 16 ? blens[i-1] : 0; + do{ + blens[i++] = c; + } + while (--j!=0); + index = i; + } + } + + tb[0]=-1; { + int[] bl=new int[1]; + int[] bd=new int[1]; + int[] tl=new int[1]; + int[] td=new int[1]; + bl[0] = 9; // must be <= 9 for lookahead assumptions + bd[0] = 6; // must be <= 9 for lookahead assumptions + + t = table; + t = inftree.inflate_trees_dynamic(257 + (t & 0x1f), + 1 + ((t >> 5) & 0x1f), + blens, bl, bd, tl, td, hufts, z); + + if (t != Z_OK){ + if (t == Z_DATA_ERROR){ + blens=null; + mode = BAD; + } + r = t; + + bitb=b; bitk=k; + z.avail_in=n;z.total_in+=p-z.next_in_index;z.next_in_index=p; + write=q; + return inflate_flush(z,r); + } + codes.init(bl[0], bd[0], hufts, tl[0], hufts, td[0], z); + } + mode = CODES; + goto case CODES; + case CODES: + bitb=b; bitk=k; + z.avail_in=n; z.total_in+=p-z.next_in_index;z.next_in_index=p; + write=q; + + if ((r = codes.proc(this, z, r)) != Z_STREAM_END){ + return inflate_flush(z, r); + } + r = Z_OK; + codes.free(z); + + p=z.next_in_index; n=z.avail_in;b=bitb;k=bitk; + q=write;m=(int)(q z.avail_out) n = z.avail_out; + if (n!=0 && r == Z_BUF_ERROR) r = Z_OK; + + // update counters + z.avail_out -= n; + z.total_out += n; + + // update check information + if(checkfn != null) + z.adler=check=z._adler.adler32(check, window, q, n); + + // copy as far as end of window + System.Array.Copy(window, q, z.next_out, p, n); + p += n; + q += n; + + // see if more to copy at beginning of window + if (q == end){ + // wrap pointers + q = 0; + if (write == end) + write = 0; + + // compute bytes to copy + n = write - q; + if (n > z.avail_out) n = z.avail_out; + if (n!=0 && r == Z_BUF_ERROR) r = Z_OK; + + // update counters + z.avail_out -= n; + z.total_out += n; + + // update check information + if(checkfn != null) + z.adler=check=z._adler.adler32(check, window, q, n); + + // copy + System.Array.Copy(window, q, z.next_out, p, n); + p += n; + q += n; + } + + // update pointers + z.next_out_index = p; + read = q; + + // done + return r; + } + } +} \ No newline at end of file diff --git a/BouncyCastle/crypto/src/util/zlib/InfCodes.cs b/BouncyCastle/crypto/src/util/zlib/InfCodes.cs new file mode 100644 index 0000000..6fcafe4 --- /dev/null +++ b/BouncyCastle/crypto/src/util/zlib/InfCodes.cs @@ -0,0 +1,611 @@ +using System; +/* + * $Id: InfCodes.cs,v 1.2 2008-05-10 09:35:40 bouncy Exp $ + * +Copyright (c) 2000,2001,2002,2003 ymnk, JCraft,Inc. All rights reserved. + +Redistribution and use in source and binary forms, with or without +modification, are permitted provided that the following conditions are met: + + 1. Redistributions of source code must retain the above copyright notice, + this list of conditions and the following disclaimer. + + 2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in + the documentation and/or other materials provided with the distribution. + + 3. The names of the authors may not be used to endorse or promote products + derived from this software without specific prior written permission. + +THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESSED OR IMPLIED WARRANTIES, +INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND +FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL JCRAFT, +INC. OR ANY CONTRIBUTORS TO THIS SOFTWARE BE LIABLE FOR ANY DIRECT, INDIRECT, +INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT +LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, +OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF +LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING +NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, +EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + */ +/* + * This program is based on zlib-1.1.3, so all credit should go authors + * Jean-loup Gailly(jloup@gzip.org) and Mark Adler(madler@alumni.caltech.edu) + * and contributors of zlib. + */ + +namespace Org.BouncyCastle.Utilities.Zlib { + + internal sealed class InfCodes{ + + private static readonly int[] inflate_mask = { + 0x00000000, 0x00000001, 0x00000003, 0x00000007, 0x0000000f, + 0x0000001f, 0x0000003f, 0x0000007f, 0x000000ff, 0x000001ff, + 0x000003ff, 0x000007ff, 0x00000fff, 0x00001fff, 0x00003fff, + 0x00007fff, 0x0000ffff + }; + + private const int Z_OK=0; + private const int Z_STREAM_END=1; + private const int Z_NEED_DICT=2; + private const int Z_ERRNO=-1; + private const int Z_STREAM_ERROR=-2; + private const int Z_DATA_ERROR=-3; + private const int Z_MEM_ERROR=-4; + private const int Z_BUF_ERROR=-5; + private const int Z_VERSION_ERROR=-6; + + // waiting for "i:"=input, + // "o:"=output, + // "x:"=nothing + private const int START=0; // x: set up for LEN + private const int LEN=1; // i: get length/literal/eob next + private const int LENEXT=2; // i: getting length extra (have base) + private const int DIST=3; // i: get distance next + private const int DISTEXT=4;// i: getting distance extra + private const int COPY=5; // o: copying bytes in window, waiting for space + private const int LIT=6; // o: got literal, waiting for output space + private const int WASH=7; // o: got eob, possibly still output waiting + private const int END=8; // x: got eob and all data flushed + private const int BADCODE=9;// x: got error + + int mode; // current inflate_codes mode + + // mode dependent information + int len; + + int[] tree; // pointer into tree + int tree_index=0; + int need; // bits needed + + int lit; + + // if EXT or COPY, where and how much + int get; // bits to get for extra + int dist; // distance back to copy from + + byte lbits; // ltree bits decoded per branch + byte dbits; // dtree bits decoder per branch + int[] ltree; // literal/length/eob tree + int ltree_index; // literal/length/eob tree + int[] dtree; // distance tree + int dtree_index; // distance tree + + internal InfCodes(){ + } + internal void init(int bl, int bd, + int[] tl, int tl_index, + int[] td, int td_index, ZStream z){ + mode=START; + lbits=(byte)bl; + dbits=(byte)bd; + ltree=tl; + ltree_index=tl_index; + dtree = td; + dtree_index=td_index; + tree=null; + } + + internal int proc(InfBlocks s, ZStream z, int r){ + int j; // temporary storage + int tindex; // temporary pointer + int e; // extra bits or operation + int b=0; // bit buffer + int k=0; // bits in bit buffer + int p=0; // input data pointer + int n; // bytes available there + int q; // output window write pointer + int m; // bytes to end of window or read pointer + int f; // pointer to copy strings from + + // copy input/output information to locals (UPDATE macro restores) + p=z.next_in_index;n=z.avail_in;b=s.bitb;k=s.bitk; + q=s.write;m=q= 258 && n >= 10){ + + s.bitb=b;s.bitk=k; + z.avail_in=n;z.total_in+=p-z.next_in_index;z.next_in_index=p; + s.write=q; + r = inflate_fast(lbits, dbits, + ltree, ltree_index, + dtree, dtree_index, + s, z); + + p=z.next_in_index;n=z.avail_in;b=s.bitb;k=s.bitk; + q=s.write;m=q>=(tree[tindex+1]); + k-=(tree[tindex+1]); + + e=tree[tindex]; + + if(e == 0){ // literal + lit = tree[tindex+2]; + mode = LIT; + break; + } + if((e & 16)!=0 ){ // length + get = e & 15; + len = tree[tindex+2]; + mode = LENEXT; + break; + } + if ((e & 64) == 0){ // next table + need = e; + tree_index = tindex/3+tree[tindex+2]; + break; + } + if ((e & 32)!=0){ // end of block + mode = WASH; + break; + } + mode = BADCODE; // invalid code + z.msg = "invalid literal/length code"; + r = Z_DATA_ERROR; + + s.bitb=b;s.bitk=k; + z.avail_in=n;z.total_in+=p-z.next_in_index;z.next_in_index=p; + s.write=q; + return s.inflate_flush(z,r); + + case LENEXT: // i: getting length extra (have base) + j = get; + + while(k<(j)){ + if(n!=0)r=Z_OK; + else{ + + s.bitb=b;s.bitk=k; + z.avail_in=n;z.total_in+=p-z.next_in_index;z.next_in_index=p; + s.write=q; + return s.inflate_flush(z,r); + } + n--; b|=(z.next_in[p++]&0xff)<>=j; + k-=j; + + need = dbits; + tree = dtree; + tree_index=dtree_index; + mode = DIST; + goto case DIST; + case DIST: // i: get distance next + j = need; + + while(k<(j)){ + if(n!=0)r=Z_OK; + else{ + + s.bitb=b;s.bitk=k; + z.avail_in=n;z.total_in+=p-z.next_in_index;z.next_in_index=p; + s.write=q; + return s.inflate_flush(z,r); + } + n--; b|=(z.next_in[p++]&0xff)<>=tree[tindex+1]; + k-=tree[tindex+1]; + + e = (tree[tindex]); + if((e & 16)!=0){ // distance + get = e & 15; + dist = tree[tindex+2]; + mode = DISTEXT; + break; + } + if ((e & 64) == 0){ // next table + need = e; + tree_index = tindex/3 + tree[tindex+2]; + break; + } + mode = BADCODE; // invalid code + z.msg = "invalid distance code"; + r = Z_DATA_ERROR; + + s.bitb=b;s.bitk=k; + z.avail_in=n;z.total_in+=p-z.next_in_index;z.next_in_index=p; + s.write=q; + return s.inflate_flush(z,r); + + case DISTEXT: // i: getting distance extra + j = get; + + while(k<(j)){ + if(n!=0)r=Z_OK; + else{ + + s.bitb=b;s.bitk=k; + z.avail_in=n;z.total_in+=p-z.next_in_index;z.next_in_index=p; + s.write=q; + return s.inflate_flush(z,r); + } + n--; b|=(z.next_in[p++]&0xff)<>=j; + k-=j; + + mode = COPY; + goto case COPY; + case COPY: // o: copying bytes in window, waiting for space + f = q - dist; + while(f < 0){ // modulo window size-"while" instead + f += s.end; // of "if" handles invalid distances + } + while (len!=0){ + + if(m==0){ + if(q==s.end&&s.read!=0){q=0;m=q 7){ // return unused byte, if any + k -= 8; + n++; + p--; // can always return one + } + + s.write=q; r=s.inflate_flush(z,r); + q=s.write;m=q= 258 && n >= 10 + // get literal/length code + while(k<(20)){ // max bits for literal/length code + n--; + b|=(z.next_in[p++]&0xff)<>=(tp[tp_index_t_3+1]); k-=(tp[tp_index_t_3+1]); + + s.window[q++] = (byte)tp[tp_index_t_3+2]; + m--; + continue; + } + do { + + b>>=(tp[tp_index_t_3+1]); k-=(tp[tp_index_t_3+1]); + + if((e&16)!=0){ + e &= 15; + c = tp[tp_index_t_3+2] + ((int)b & inflate_mask[e]); + + b>>=e; k-=e; + + // decode distance base of block to copy + while(k<(15)){ // max bits for distance code + n--; + b|=(z.next_in[p++]&0xff)<>=(tp[tp_index_t_3+1]); k-=(tp[tp_index_t_3+1]); + + if((e&16)!=0){ + // get extra bits to add to distance base + e &= 15; + while(k<(e)){ // get extra bits (up to 13) + n--; + b|=(z.next_in[p++]&0xff)<>=(e); k-=(e); + + // do the copy + m -= c; + if (q >= d){ // offset before dest + // just copy + r=q-d; + if(q-r>0 && 2>(q-r)){ + s.window[q++]=s.window[r++]; // minimum count is three, + s.window[q++]=s.window[r++]; // so unroll loop a little + c-=2; + } + else{ + System.Array.Copy(s.window, r, s.window, q, 2); + q+=2; r+=2; c-=2; + } + } + else{ // else offset after destination + r=q-d; + do{ + r+=s.end; // force pointer in window + }while(r<0); // covers invalid distances + e=s.end-r; + if(c>e){ // if source crosses, + c-=e; // wrapped copy + if(q-r>0 && e>(q-r)){ + do{s.window[q++] = s.window[r++];} + while(--e!=0); + } + else{ + System.Array.Copy(s.window, r, s.window, q, e); + q+=e; r+=e; e=0; + } + r = 0; // copy rest from start of window + } + + } + + // copy all or what's left + if(q-r>0 && c>(q-r)){ + do{s.window[q++] = s.window[r++];} + while(--c!=0); + } + else{ + System.Array.Copy(s.window, r, s.window, q, c); + q+=c; r+=c; c=0; + } + break; + } + else if((e&64)==0){ + t+=tp[tp_index_t_3+2]; + t+=(b&inflate_mask[e]); + tp_index_t_3=(tp_index+t)*3; + e=tp[tp_index_t_3]; + } + else{ + z.msg = "invalid distance code"; + + c=z.avail_in-n;c=(k>>3)>3:c;n+=c;p-=c;k-=c<<3; + + s.bitb=b;s.bitk=k; + z.avail_in=n;z.total_in+=p-z.next_in_index;z.next_in_index=p; + s.write=q; + + return Z_DATA_ERROR; + } + } + while(true); + break; + } + + if((e&64)==0){ + t+=tp[tp_index_t_3+2]; + t+=(b&inflate_mask[e]); + tp_index_t_3=(tp_index+t)*3; + if((e=tp[tp_index_t_3])==0){ + + b>>=(tp[tp_index_t_3+1]); k-=(tp[tp_index_t_3+1]); + + s.window[q++]=(byte)tp[tp_index_t_3+2]; + m--; + break; + } + } + else if((e&32)!=0){ + + c=z.avail_in-n;c=(k>>3)>3:c;n+=c;p-=c;k-=c<<3; + + s.bitb=b;s.bitk=k; + z.avail_in=n;z.total_in+=p-z.next_in_index;z.next_in_index=p; + s.write=q; + + return Z_STREAM_END; + } + else{ + z.msg="invalid literal/length code"; + + c=z.avail_in-n;c=(k>>3)>3:c;n+=c;p-=c;k-=c<<3; + + s.bitb=b;s.bitk=k; + z.avail_in=n;z.total_in+=p-z.next_in_index;z.next_in_index=p; + s.write=q; + + return Z_DATA_ERROR; + } + } + while(true); + } + while(m>=258 && n>= 10); + + // not enough input or output--restore pointers and return + c=z.avail_in-n;c=(k>>3)>3:c;n+=c;p-=c;k-=c<<3; + + s.bitb=b;s.bitk=k; + z.avail_in=n;z.total_in+=p-z.next_in_index;z.next_in_index=p; + s.write=q; + + return Z_OK; + } + } +} \ No newline at end of file diff --git a/BouncyCastle/crypto/src/util/zlib/InfTree.cs b/BouncyCastle/crypto/src/util/zlib/InfTree.cs new file mode 100644 index 0000000..6ed7d19 --- /dev/null +++ b/BouncyCastle/crypto/src/util/zlib/InfTree.cs @@ -0,0 +1,523 @@ +using System; +/* + * $Id: InfTree.cs,v 1.2 2008-05-10 09:35:40 bouncy Exp $ + * +Copyright (c) 2000,2001,2002,2003 ymnk, JCraft,Inc. All rights reserved. + +Redistribution and use in source and binary forms, with or without +modification, are permitted provided that the following conditions are met: + + 1. Redistributions of source code must retain the above copyright notice, + this list of conditions and the following disclaimer. + + 2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in + the documentation and/or other materials provided with the distribution. + + 3. The names of the authors may not be used to endorse or promote products + derived from this software without specific prior written permission. + +THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESSED OR IMPLIED WARRANTIES, +INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND +FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL JCRAFT, +INC. OR ANY CONTRIBUTORS TO THIS SOFTWARE BE LIABLE FOR ANY DIRECT, INDIRECT, +INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT +LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, +OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF +LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING +NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, +EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + */ +/* + * This program is based on zlib-1.1.3, so all credit should go authors + * Jean-loup Gailly(jloup@gzip.org) and Mark Adler(madler@alumni.caltech.edu) + * and contributors of zlib. + */ + +namespace Org.BouncyCastle.Utilities.Zlib { + + internal sealed class InfTree{ + + private const int MANY=1440; + + private const int Z_OK=0; + private const int Z_STREAM_END=1; + private const int Z_NEED_DICT=2; + private const int Z_ERRNO=-1; + private const int Z_STREAM_ERROR=-2; + private const int Z_DATA_ERROR=-3; + private const int Z_MEM_ERROR=-4; + private const int Z_BUF_ERROR=-5; + private const int Z_VERSION_ERROR=-6; + + private const int fixed_bl = 9; + private const int fixed_bd = 5; + + static readonly int[] fixed_tl = { + 96,7,256, 0,8,80, 0,8,16, 84,8,115, + 82,7,31, 0,8,112, 0,8,48, 0,9,192, + 80,7,10, 0,8,96, 0,8,32, 0,9,160, + 0,8,0, 0,8,128, 0,8,64, 0,9,224, + 80,7,6, 0,8,88, 0,8,24, 0,9,144, + 83,7,59, 0,8,120, 0,8,56, 0,9,208, + 81,7,17, 0,8,104, 0,8,40, 0,9,176, + 0,8,8, 0,8,136, 0,8,72, 0,9,240, + 80,7,4, 0,8,84, 0,8,20, 85,8,227, + 83,7,43, 0,8,116, 0,8,52, 0,9,200, + 81,7,13, 0,8,100, 0,8,36, 0,9,168, + 0,8,4, 0,8,132, 0,8,68, 0,9,232, + 80,7,8, 0,8,92, 0,8,28, 0,9,152, + 84,7,83, 0,8,124, 0,8,60, 0,9,216, + 82,7,23, 0,8,108, 0,8,44, 0,9,184, + 0,8,12, 0,8,140, 0,8,76, 0,9,248, + 80,7,3, 0,8,82, 0,8,18, 85,8,163, + 83,7,35, 0,8,114, 0,8,50, 0,9,196, + 81,7,11, 0,8,98, 0,8,34, 0,9,164, + 0,8,2, 0,8,130, 0,8,66, 0,9,228, + 80,7,7, 0,8,90, 0,8,26, 0,9,148, + 84,7,67, 0,8,122, 0,8,58, 0,9,212, + 82,7,19, 0,8,106, 0,8,42, 0,9,180, + 0,8,10, 0,8,138, 0,8,74, 0,9,244, + 80,7,5, 0,8,86, 0,8,22, 192,8,0, + 83,7,51, 0,8,118, 0,8,54, 0,9,204, + 81,7,15, 0,8,102, 0,8,38, 0,9,172, + 0,8,6, 0,8,134, 0,8,70, 0,9,236, + 80,7,9, 0,8,94, 0,8,30, 0,9,156, + 84,7,99, 0,8,126, 0,8,62, 0,9,220, + 82,7,27, 0,8,110, 0,8,46, 0,9,188, + 0,8,14, 0,8,142, 0,8,78, 0,9,252, + 96,7,256, 0,8,81, 0,8,17, 85,8,131, + 82,7,31, 0,8,113, 0,8,49, 0,9,194, + 80,7,10, 0,8,97, 0,8,33, 0,9,162, + 0,8,1, 0,8,129, 0,8,65, 0,9,226, + 80,7,6, 0,8,89, 0,8,25, 0,9,146, + 83,7,59, 0,8,121, 0,8,57, 0,9,210, + 81,7,17, 0,8,105, 0,8,41, 0,9,178, + 0,8,9, 0,8,137, 0,8,73, 0,9,242, + 80,7,4, 0,8,85, 0,8,21, 80,8,258, + 83,7,43, 0,8,117, 0,8,53, 0,9,202, + 81,7,13, 0,8,101, 0,8,37, 0,9,170, + 0,8,5, 0,8,133, 0,8,69, 0,9,234, + 80,7,8, 0,8,93, 0,8,29, 0,9,154, + 84,7,83, 0,8,125, 0,8,61, 0,9,218, + 82,7,23, 0,8,109, 0,8,45, 0,9,186, + 0,8,13, 0,8,141, 0,8,77, 0,9,250, + 80,7,3, 0,8,83, 0,8,19, 85,8,195, + 83,7,35, 0,8,115, 0,8,51, 0,9,198, + 81,7,11, 0,8,99, 0,8,35, 0,9,166, + 0,8,3, 0,8,131, 0,8,67, 0,9,230, + 80,7,7, 0,8,91, 0,8,27, 0,9,150, + 84,7,67, 0,8,123, 0,8,59, 0,9,214, + 82,7,19, 0,8,107, 0,8,43, 0,9,182, + 0,8,11, 0,8,139, 0,8,75, 0,9,246, + 80,7,5, 0,8,87, 0,8,23, 192,8,0, + 83,7,51, 0,8,119, 0,8,55, 0,9,206, + 81,7,15, 0,8,103, 0,8,39, 0,9,174, + 0,8,7, 0,8,135, 0,8,71, 0,9,238, + 80,7,9, 0,8,95, 0,8,31, 0,9,158, + 84,7,99, 0,8,127, 0,8,63, 0,9,222, + 82,7,27, 0,8,111, 0,8,47, 0,9,190, + 0,8,15, 0,8,143, 0,8,79, 0,9,254, + 96,7,256, 0,8,80, 0,8,16, 84,8,115, + 82,7,31, 0,8,112, 0,8,48, 0,9,193, + + 80,7,10, 0,8,96, 0,8,32, 0,9,161, + 0,8,0, 0,8,128, 0,8,64, 0,9,225, + 80,7,6, 0,8,88, 0,8,24, 0,9,145, + 83,7,59, 0,8,120, 0,8,56, 0,9,209, + 81,7,17, 0,8,104, 0,8,40, 0,9,177, + 0,8,8, 0,8,136, 0,8,72, 0,9,241, + 80,7,4, 0,8,84, 0,8,20, 85,8,227, + 83,7,43, 0,8,116, 0,8,52, 0,9,201, + 81,7,13, 0,8,100, 0,8,36, 0,9,169, + 0,8,4, 0,8,132, 0,8,68, 0,9,233, + 80,7,8, 0,8,92, 0,8,28, 0,9,153, + 84,7,83, 0,8,124, 0,8,60, 0,9,217, + 82,7,23, 0,8,108, 0,8,44, 0,9,185, + 0,8,12, 0,8,140, 0,8,76, 0,9,249, + 80,7,3, 0,8,82, 0,8,18, 85,8,163, + 83,7,35, 0,8,114, 0,8,50, 0,9,197, + 81,7,11, 0,8,98, 0,8,34, 0,9,165, + 0,8,2, 0,8,130, 0,8,66, 0,9,229, + 80,7,7, 0,8,90, 0,8,26, 0,9,149, + 84,7,67, 0,8,122, 0,8,58, 0,9,213, + 82,7,19, 0,8,106, 0,8,42, 0,9,181, + 0,8,10, 0,8,138, 0,8,74, 0,9,245, + 80,7,5, 0,8,86, 0,8,22, 192,8,0, + 83,7,51, 0,8,118, 0,8,54, 0,9,205, + 81,7,15, 0,8,102, 0,8,38, 0,9,173, + 0,8,6, 0,8,134, 0,8,70, 0,9,237, + 80,7,9, 0,8,94, 0,8,30, 0,9,157, + 84,7,99, 0,8,126, 0,8,62, 0,9,221, + 82,7,27, 0,8,110, 0,8,46, 0,9,189, + 0,8,14, 0,8,142, 0,8,78, 0,9,253, + 96,7,256, 0,8,81, 0,8,17, 85,8,131, + 82,7,31, 0,8,113, 0,8,49, 0,9,195, + 80,7,10, 0,8,97, 0,8,33, 0,9,163, + 0,8,1, 0,8,129, 0,8,65, 0,9,227, + 80,7,6, 0,8,89, 0,8,25, 0,9,147, + 83,7,59, 0,8,121, 0,8,57, 0,9,211, + 81,7,17, 0,8,105, 0,8,41, 0,9,179, + 0,8,9, 0,8,137, 0,8,73, 0,9,243, + 80,7,4, 0,8,85, 0,8,21, 80,8,258, + 83,7,43, 0,8,117, 0,8,53, 0,9,203, + 81,7,13, 0,8,101, 0,8,37, 0,9,171, + 0,8,5, 0,8,133, 0,8,69, 0,9,235, + 80,7,8, 0,8,93, 0,8,29, 0,9,155, + 84,7,83, 0,8,125, 0,8,61, 0,9,219, + 82,7,23, 0,8,109, 0,8,45, 0,9,187, + 0,8,13, 0,8,141, 0,8,77, 0,9,251, + 80,7,3, 0,8,83, 0,8,19, 85,8,195, + 83,7,35, 0,8,115, 0,8,51, 0,9,199, + 81,7,11, 0,8,99, 0,8,35, 0,9,167, + 0,8,3, 0,8,131, 0,8,67, 0,9,231, + 80,7,7, 0,8,91, 0,8,27, 0,9,151, + 84,7,67, 0,8,123, 0,8,59, 0,9,215, + 82,7,19, 0,8,107, 0,8,43, 0,9,183, + 0,8,11, 0,8,139, 0,8,75, 0,9,247, + 80,7,5, 0,8,87, 0,8,23, 192,8,0, + 83,7,51, 0,8,119, 0,8,55, 0,9,207, + 81,7,15, 0,8,103, 0,8,39, 0,9,175, + 0,8,7, 0,8,135, 0,8,71, 0,9,239, + 80,7,9, 0,8,95, 0,8,31, 0,9,159, + 84,7,99, 0,8,127, 0,8,63, 0,9,223, + 82,7,27, 0,8,111, 0,8,47, 0,9,191, + 0,8,15, 0,8,143, 0,8,79, 0,9,255 + }; + static readonly int[] fixed_td = { + 80,5,1, 87,5,257, 83,5,17, 91,5,4097, + 81,5,5, 89,5,1025, 85,5,65, 93,5,16385, + 80,5,3, 88,5,513, 84,5,33, 92,5,8193, + 82,5,9, 90,5,2049, 86,5,129, 192,5,24577, + 80,5,2, 87,5,385, 83,5,25, 91,5,6145, + 81,5,7, 89,5,1537, 85,5,97, 93,5,24577, + 80,5,4, 88,5,769, 84,5,49, 92,5,12289, + 82,5,13, 90,5,3073, 86,5,193, 192,5,24577 + }; + + // Tables for deflate from PKZIP's appnote.txt. + static readonly int[] cplens = { // Copy lengths for literal codes 257..285 + 3, 4, 5, 6, 7, 8, 9, 10, 11, 13, 15, 17, 19, 23, 27, 31, + 35, 43, 51, 59, 67, 83, 99, 115, 131, 163, 195, 227, 258, 0, 0 + }; + + // see note #13 above about 258 + static readonly int[] cplext = { // Extra bits for literal codes 257..285 + 0, 0, 0, 0, 0, 0, 0, 0, 1, 1, 1, 1, 2, 2, 2, 2, + 3, 3, 3, 3, 4, 4, 4, 4, 5, 5, 5, 5, 0, 112, 112 // 112==invalid + }; + + static readonly int[] cpdist = { // Copy offsets for distance codes 0..29 + 1, 2, 3, 4, 5, 7, 9, 13, 17, 25, 33, 49, 65, 97, 129, 193, + 257, 385, 513, 769, 1025, 1537, 2049, 3073, 4097, 6145, + 8193, 12289, 16385, 24577 + }; + + static readonly int[] cpdext = { // Extra bits for distance codes + 0, 0, 0, 0, 1, 1, 2, 2, 3, 3, 4, 4, 5, 5, 6, 6, + 7, 7, 8, 8, 9, 9, 10, 10, 11, 11, + 12, 12, 13, 13}; + + // If BMAX needs to be larger than 16, then h and x[] should be uLong. + const int BMAX=15; // maximum bit length of any code + + int[] hn = null; // hufts used in space + int[] v = null; // work area for huft_build + int[] c = null; // bit length count table + int[] r = null; // table entry for structure assignment + int[] u = null; // table stack + int[] x = null; // bit offsets, then code stack + + private int huft_build(int[] b, // code lengths in bits (all assumed <= BMAX) + int bindex, + int n, // number of codes (assumed <= 288) + int s, // number of simple-valued codes (0..s-1) + int[] d, // list of base values for non-simple codes + int[] e, // list of extra bits for non-simple codes + int[] t, // result: starting table + int[] m, // maximum lookup bits, returns actual + int[] hp,// space for trees + int[] hn,// hufts used in space + int[] v // working area: values in order of bit length + ){ + // Given a list of code lengths and a maximum table size, make a set of + // tables to decode that set of codes. Return Z_OK on success, Z_BUF_ERROR + // if the given code set is incomplete (the tables are still built in this + // case), Z_DATA_ERROR if the input is invalid (an over-subscribed set of + // lengths), or Z_MEM_ERROR if not enough memory. + + int a; // counter for codes of length k + int f; // i repeats in table every f entries + int g; // maximum code length + int h; // table level + int i; // counter, current code + int j; // counter + int k; // number of bits in current code + int l; // bits per table (returned in m) + int mask; // (1 << w) - 1, to avoid cc -O bug on HP + int p; // pointer into c[], b[], or v[] + int q; // points to current table + int w; // bits before this table == (l * h) + int xp; // pointer into x + int y; // number of dummy codes added + int z; // number of entries in current table + + // Generate counts for each bit length + + p = 0; i = n; + do { + c[b[bindex+p]]++; p++; i--; // assume all entries <= BMAX + }while(i!=0); + + if(c[0] == n){ // null input--all zero length codes + t[0] = -1; + m[0] = 0; + return Z_OK; + } + + // Find minimum and maximum length, bound *m by those + l = m[0]; + for (j = 1; j <= BMAX; j++) + if(c[j]!=0) break; + k = j; // minimum code length + if(l < j){ + l = j; + } + for (i = BMAX; i!=0; i--){ + if(c[i]!=0) break; + } + g = i; // maximum code length + if(l > i){ + l = i; + } + m[0] = l; + + // Adjust last length count to fill out codes, if needed + for (y = 1 << j; j < i; j++, y <<= 1){ + if ((y -= c[j]) < 0){ + return Z_DATA_ERROR; + } + } + if ((y -= c[i]) < 0){ + return Z_DATA_ERROR; + } + c[i] += y; + + // Generate starting offsets into the value table for each length + x[1] = j = 0; + p = 1; xp = 2; + while (--i!=0) { // note that i == g from above + x[xp] = (j += c[p]); + xp++; + p++; + } + + // Make a table of values in order of bit lengths + i = 0; p = 0; + do { + if ((j = b[bindex+p]) != 0){ + v[x[j]++] = i; + } + p++; + } + while (++i < n); + n = x[g]; // set n to length of v + + // Generate the Huffman codes and for each, make the table entries + x[0] = i = 0; // first Huffman code is zero + p = 0; // grab values in bit order + h = -1; // no tables yet--level -1 + w = -l; // bits decoded == (l * h) + u[0] = 0; // just to keep compilers happy + q = 0; // ditto + z = 0; // ditto + + // go through the bit lengths (k already is bits in shortest code) + for (; k <= g; k++){ + a = c[k]; + while (a--!=0){ + // here i is the Huffman code of length k bits for value *p + // make tables up to required level + while (k > w + l){ + h++; + w += l; // previous table always l bits + // compute minimum size table less than or equal to l bits + z = g - w; + z = (z > l) ? l : z; // table size upper limit + if((f=1<<(j=k-w))>a+1){ // try a k-w bit table + // too few codes for k-w bit table + f -= a + 1; // deduct codes from patterns left + xp = k; + if(j < z){ + while (++j < z){ // try smaller tables up to z bits + if((f <<= 1) <= c[++xp]) + break; // enough codes to use up j bits + f -= c[xp]; // else deduct codes from patterns + } + } + } + z = 1 << j; // table entries for j-bit table + + // allocate new table + if (hn[0] + z > MANY){ // (note: doesn't matter for fixed) + return Z_DATA_ERROR; // overflow of MANY + } + u[h] = q = /*hp+*/ hn[0]; // DEBUG + hn[0] += z; + + // connect to last table, if there is one + if(h!=0){ + x[h]=i; // save pattern for backing up + r[0]=(byte)j; // bits in this table + r[1]=(byte)l; // bits to dump before this table + j=i>>(w - l); + r[2] = (int)(q - u[h-1] - j); // offset to this table + System.Array.Copy(r, 0, hp, (u[h-1]+j)*3, 3); // connect to last table + } + else{ + t[0] = q; // first table is returned result + } + } + + // set up table entry in r + r[1] = (byte)(k - w); + if (p >= n){ + r[0] = 128 + 64; // out of values--invalid code + } + else if (v[p] < s){ + r[0] = (byte)(v[p] < 256 ? 0 : 32 + 64); // 256 is end-of-block + r[2] = v[p++]; // simple code is just the value + } + else{ + r[0]=(byte)(e[v[p]-s]+16+64); // non-simple--look up in lists + r[2]=d[v[p++] - s]; + } + + // fill code-like entries with r + f=1<<(k-w); + for (j=i>>w;j>= 1){ + i ^= j; + } + i ^= j; + + // backup over finished tables + mask = (1 << w) - 1; // needed on HP, cc -O bug + while ((i & mask) != x[h]){ + h--; // don't need to update q + w -= l; + mask = (1 << w) - 1; + } + } + } + // Return Z_BUF_ERROR if we were given an incomplete table + return y != 0 && g != 1 ? Z_BUF_ERROR : Z_OK; + } + + internal int inflate_trees_bits(int[] c, // 19 code lengths + int[] bb, // bits tree desired/actual depth + int[] tb, // bits tree result + int[] hp, // space for trees + ZStream z // for messages + ){ + int result; + initWorkArea(19); + hn[0]=0; + result = huft_build(c, 0, 19, 19, null, null, tb, bb, hp, hn, v); + + if(result == Z_DATA_ERROR){ + z.msg = "oversubscribed dynamic bit lengths tree"; + } + else if(result == Z_BUF_ERROR || bb[0] == 0){ + z.msg = "incomplete dynamic bit lengths tree"; + result = Z_DATA_ERROR; + } + return result; + } + + internal int inflate_trees_dynamic(int nl, // number of literal/length codes + int nd, // number of distance codes + int[] c, // that many (total) code lengths + int[] bl, // literal desired/actual bit depth + int[] bd, // distance desired/actual bit depth + int[] tl, // literal/length tree result + int[] td, // distance tree result + int[] hp, // space for trees + ZStream z // for messages + ){ + int result; + + // build literal/length tree + initWorkArea(288); + hn[0]=0; + result = huft_build(c, 0, nl, 257, cplens, cplext, tl, bl, hp, hn, v); + if (result != Z_OK || bl[0] == 0){ + if(result == Z_DATA_ERROR){ + z.msg = "oversubscribed literal/length tree"; + } + else if (result != Z_MEM_ERROR){ + z.msg = "incomplete literal/length tree"; + result = Z_DATA_ERROR; + } + return result; + } + + // build distance tree + initWorkArea(288); + result = huft_build(c, nl, nd, 0, cpdist, cpdext, td, bd, hp, hn, v); + + if (result != Z_OK || (bd[0] == 0 && nl > 257)){ + if (result == Z_DATA_ERROR){ + z.msg = "oversubscribed distance tree"; + } + else if (result == Z_BUF_ERROR) { + z.msg = "incomplete distance tree"; + result = Z_DATA_ERROR; + } + else if (result != Z_MEM_ERROR){ + z.msg = "empty distance tree with lengths"; + result = Z_DATA_ERROR; + } + return result; + } + + return Z_OK; + } + + internal static int inflate_trees_fixed(int[] bl, //literal desired/actual bit depth + int[] bd, //distance desired/actual bit depth + int[][] tl,//literal/length tree result + int[][] td,//distance tree result + ZStream z //for memory allocation + ){ + bl[0]=fixed_bl; + bd[0]=fixed_bd; + tl[0]=fixed_tl; + td[0]=fixed_td; + return Z_OK; + } + + private void initWorkArea(int vsize){ + if(hn==null){ + hn=new int[1]; + v=new int[vsize]; + c=new int[BMAX+1]; + r=new int[3]; + u=new int[BMAX]; + x=new int[BMAX+1]; + } + if(v.Lengthstate); + return Z_OK; + } + + internal int inflateInit(ZStream z, int w){ + z.msg = null; + blocks = null; + + // handle undocumented nowrap option (no zlib header or check) + nowrap = 0; + if(w < 0){ + w = - w; + nowrap = 1; + } + + // set window size + if(w<8 ||w>15){ + inflateEnd(z); + return Z_STREAM_ERROR; + } + wbits=w; + + z.istate.blocks=new InfBlocks(z, + z.istate.nowrap!=0 ? null : this, + 1<>4)+8>z.istate.wbits){ + z.istate.mode = BAD; + z.msg="invalid window size"; + z.istate.marker = 5; // can't try inflateSync + break; + } + z.istate.mode=FLAG; + goto case FLAG; + case FLAG: + + if(z.avail_in==0)return r;r=f; + + z.avail_in--; z.total_in++; + b = (z.next_in[z.next_in_index++])&0xff; + + if((((z.istate.method << 8)+b) % 31)!=0){ + z.istate.mode = BAD; + z.msg = "incorrect header check"; + z.istate.marker = 5; // can't try inflateSync + break; + } + + if((b&PRESET_DICT)==0){ + z.istate.mode = BLOCKS; + break; + } + z.istate.mode = DICT4; + goto case DICT4; + case DICT4: + + if(z.avail_in==0)return r;r=f; + + z.avail_in--; z.total_in++; + z.istate.need=((z.next_in[z.next_in_index++]&0xff)<<24)&0xff000000L; + z.istate.mode=DICT3; + goto case DICT3; + case DICT3: + + if(z.avail_in==0)return r;r=f; + + z.avail_in--; z.total_in++; + z.istate.need+=((z.next_in[z.next_in_index++]&0xff)<<16)&0xff0000L; + z.istate.mode=DICT2; + goto case DICT2; + case DICT2: + + if(z.avail_in==0)return r;r=f; + + z.avail_in--; z.total_in++; + z.istate.need+=((z.next_in[z.next_in_index++]&0xff)<<8)&0xff00L; + z.istate.mode=DICT1; + goto case DICT1; + case DICT1: + + if(z.avail_in==0)return r;r=f; + + z.avail_in--; z.total_in++; + z.istate.need += (z.next_in[z.next_in_index++]&0xffL); + z.adler = z.istate.need; + z.istate.mode = DICT0; + return Z_NEED_DICT; + case DICT0: + z.istate.mode = BAD; + z.msg = "need dictionary"; + z.istate.marker = 0; // can try inflateSync + return Z_STREAM_ERROR; + case BLOCKS: + + r = z.istate.blocks.proc(z, r); + if(r == Z_DATA_ERROR){ + z.istate.mode = BAD; + z.istate.marker = 0; // can try inflateSync + break; + } + if(r == Z_OK){ + r = f; + } + if(r != Z_STREAM_END){ + return r; + } + r = f; + z.istate.blocks.reset(z, z.istate.was); + if(z.istate.nowrap!=0){ + z.istate.mode=DONE; + break; + } + z.istate.mode=CHECK4; + goto case CHECK4; + case CHECK4: + + if(z.avail_in==0)return r;r=f; + + z.avail_in--; z.total_in++; + z.istate.need=((z.next_in[z.next_in_index++]&0xff)<<24)&0xff000000L; + z.istate.mode=CHECK3; + goto case CHECK3; + case CHECK3: + + if(z.avail_in==0)return r;r=f; + + z.avail_in--; z.total_in++; + z.istate.need+=((z.next_in[z.next_in_index++]&0xff)<<16)&0xff0000L; + z.istate.mode = CHECK2; + goto case CHECK2; + case CHECK2: + + if(z.avail_in==0)return r;r=f; + + z.avail_in--; z.total_in++; + z.istate.need+=((z.next_in[z.next_in_index++]&0xff)<<8)&0xff00L; + z.istate.mode = CHECK1; + goto case CHECK1; + case CHECK1: + + if(z.avail_in==0)return r;r=f; + + z.avail_in--; z.total_in++; + z.istate.need+=(z.next_in[z.next_in_index++]&0xffL); + + if(((int)(z.istate.was[0])) != ((int)(z.istate.need))){ + z.istate.mode = BAD; + z.msg = "incorrect data check"; + z.istate.marker = 5; // can't try inflateSync + break; + } + + z.istate.mode = DONE; + goto case DONE; + case DONE: + return Z_STREAM_END; + case BAD: + return Z_DATA_ERROR; + default: + return Z_STREAM_ERROR; + } + } + } + + + internal int inflateSetDictionary(ZStream z, byte[] dictionary, int dictLength){ + int index=0; + int length = dictLength; + if(z==null || z.istate == null|| z.istate.mode != DICT0) + return Z_STREAM_ERROR; + + if(z._adler.adler32(1L, dictionary, 0, dictLength)!=z.adler){ + return Z_DATA_ERROR; + } + + z.adler = z._adler.adler32(0, null, 0, 0); + + if(length >= (1<>7)]); + } + + internal short[] dyn_tree; // the dynamic tree + internal int max_code; // largest code with non zero frequency + internal StaticTree stat_desc; // the corresponding static tree + + // Compute the optimal bit lengths for a tree and update the total bit length + // for the current block. + // IN assertion: the fields freq and dad are set, heap[heap_max] and + // above are the tree nodes sorted by increasing frequency. + // OUT assertions: the field len is set to the optimal bit length, the + // array bl_count contains the frequencies for each bit length. + // The length opt_len is updated; static_len is also updated if stree is + // not null. + internal void gen_bitlen(Deflate s){ + short[] tree = dyn_tree; + short[] stree = stat_desc.static_tree; + int[] extra = stat_desc.extra_bits; + int based = stat_desc.extra_base; + int max_length = stat_desc.max_length; + int h; // heap index + int n, m; // iterate over the tree elements + int bits; // bit length + int xbits; // extra bits + short f; // frequency + int overflow = 0; // number of elements with bit length too large + + for (bits = 0; bits <= MAX_BITS; bits++) s.bl_count[bits] = 0; + + // In a first pass, compute the optimal bit lengths (which may + // overflow in the case of the bit length tree). + tree[s.heap[s.heap_max]*2+1] = 0; // root of the heap + + for(h=s.heap_max+1; h max_length){ bits = max_length; overflow++; } + tree[n*2+1] = (short)bits; + // We overwrite tree[n*2+1] which is no longer needed + + if (n > max_code) continue; // not a leaf node + + s.bl_count[bits]++; + xbits = 0; + if (n >= based) xbits = extra[n-based]; + f = tree[n*2]; + s.opt_len += f * (bits + xbits); + if (stree!=null) s.static_len += f * (stree[n*2+1] + xbits); + } + if (overflow == 0) return; + + // This happens for example on obj2 and pic of the Calgary corpus + // Find the first bit length which could increase: + do { + bits = max_length-1; + while(s.bl_count[bits]==0) bits--; + s.bl_count[bits]--; // move one leaf down the tree + s.bl_count[bits+1]+=2; // move one overflow item as its brother + s.bl_count[max_length]--; + // The brother of the overflow item also moves one step up, + // but this does not affect bl_count[max_length] + overflow -= 2; + } + while (overflow > 0); + + for (bits = max_length; bits != 0; bits--) { + n = s.bl_count[bits]; + while (n != 0) { + m = s.heap[--h]; + if (m > max_code) continue; + if (tree[m*2+1] != bits) { + s.opt_len += (int)(((long)bits - (long)tree[m*2+1])*(long)tree[m*2]); + tree[m*2+1] = (short)bits; + } + n--; + } + } + } + + // Construct one Huffman tree and assigns the code bit strings and lengths. + // Update the total bit length for the current block. + // IN assertion: the field freq is set for all tree elements. + // OUT assertions: the fields len and code are set to the optimal bit length + // and corresponding code. The length opt_len is updated; static_len is + // also updated if stree is not null. The field max_code is set. + internal void build_tree(Deflate s){ + short[] tree=dyn_tree; + short[] stree=stat_desc.static_tree; + int elems=stat_desc.elems; + int n, m; // iterate over heap elements + int max_code=-1; // largest code with non zero frequency + int node; // new node being created + + // Construct the initial heap, with least frequent element in + // heap[1]. The sons of heap[n] are heap[2*n] and heap[2*n+1]. + // heap[0] is not used. + s.heap_len = 0; + s.heap_max = HEAP_SIZE; + + for(n=0; n=1; n--) + s.pqdownheap(tree, n); + + // Construct the Huffman tree by repeatedly combining the least two + // frequent nodes. + + node=elems; // next internal node of the tree + do{ + // n = node of least frequency + n=s.heap[1]; + s.heap[1]=s.heap[s.heap_len--]; + s.pqdownheap(tree, 1); + m=s.heap[1]; // m = node of next least frequency + + s.heap[--s.heap_max] = n; // keep the nodes sorted by frequency + s.heap[--s.heap_max] = m; + + // Create a new node father of n and m + tree[node*2] = (short)(tree[n*2] + tree[m*2]); + s.depth[node] = (byte)(System.Math.Max(s.depth[n],s.depth[m])+1); + tree[n*2+1] = tree[m*2+1] = (short)node; + + // and insert the new node in the heap + s.heap[1] = node++; + s.pqdownheap(tree, 1); + } + while(s.heap_len>=2); + + s.heap[--s.heap_max] = s.heap[1]; + + // At this point, the fields freq and dad are set. We can now + // generate the bit lengths. + + gen_bitlen(s); + + // The field len is now set, we can generate the bit codes + gen_codes(tree, max_code, s.bl_count); + } + + // Generate the codes for a given tree and bit counts (which need not be + // optimal). + // IN assertion: the array bl_count contains the bit length statistics for + // the given tree and the field len is set for all tree elements. + // OUT assertion: the field code is set for all tree elements of non + // zero code length. + internal static void gen_codes(short[] tree, // the tree to decorate + int max_code, // largest code with non zero frequency + short[] bl_count // number of codes at each bit length + ){ + short[] next_code=new short[MAX_BITS+1]; // next code value for each bit length + short code = 0; // running code value + int bits; // bit index + int n; // code index + + // The distribution counts are first used to generate the code values + // without bit reversal. + for (bits = 1; bits <= MAX_BITS; bits++) { + next_code[bits] = code = (short)((code + bl_count[bits-1]) << 1); + } + + // Check that the bit counts in bl_count are consistent. The last code + // must be all ones. + //Assert (code + bl_count[MAX_BITS]-1 == (1<>=1; + res<<=1; + } + while(--len>0); + return res>>1; + } + } +} \ No newline at end of file diff --git a/BouncyCastle/crypto/src/util/zlib/ZDeflaterOutputStream.cs b/BouncyCastle/crypto/src/util/zlib/ZDeflaterOutputStream.cs new file mode 100644 index 0000000..d097894 --- /dev/null +++ b/BouncyCastle/crypto/src/util/zlib/ZDeflaterOutputStream.cs @@ -0,0 +1,171 @@ +using System; +using System.IO; + +namespace Org.BouncyCastle.Utilities.Zlib { + /// + /// Summary description for DeflaterOutputStream. + /// + [Obsolete("Use 'ZOutputStream' instead")] + public class ZDeflaterOutputStream : Stream { + protected ZStream z=new ZStream(); + protected int flushLevel=JZlib.Z_NO_FLUSH; + private const int BUFSIZE = 4192; + protected byte[] buf=new byte[BUFSIZE]; + private byte[] buf1=new byte[1]; + + protected Stream outp; + + public ZDeflaterOutputStream(Stream outp) : this(outp, 6, false) { + } + + public ZDeflaterOutputStream(Stream outp, int level) : this(outp, level, false) { + } + + public ZDeflaterOutputStream(Stream outp, int level, bool nowrap) { + this.outp=outp; + z.deflateInit(level, nowrap); + } + + + public override bool CanRead { + get { + // TODO: Add DeflaterOutputStream.CanRead getter implementation + return false; + } + } + + public override bool CanSeek { + get { + // TODO: Add DeflaterOutputStream.CanSeek getter implementation + return false; + } + } + + public override bool CanWrite { + get { + // TODO: Add DeflaterOutputStream.CanWrite getter implementation + return true; + } + } + + public override long Length { + get { + // TODO: Add DeflaterOutputStream.Length getter implementation + return 0; + } + } + + public override long Position { + get { + // TODO: Add DeflaterOutputStream.Position getter implementation + return 0; + } + set { + // TODO: Add DeflaterOutputStream.Position setter implementation + } + } + + public override void Write(byte[] b, int off, int len) { + if(len==0) + return; + int err; + z.next_in=b; + z.next_in_index=off; + z.avail_in=len; + do{ + z.next_out=buf; + z.next_out_index=0; + z.avail_out=BUFSIZE; + err=z.deflate(flushLevel); + if(err!=JZlib.Z_OK) + throw new IOException("deflating: "+z.msg); + if (z.avail_out < BUFSIZE) + { + outp.Write(buf, 0, BUFSIZE-z.avail_out); + } + } + while(z.avail_in>0 || z.avail_out==0); + } + + public override long Seek(long offset, SeekOrigin origin) { + // TODO: Add DeflaterOutputStream.Seek implementation + return 0; + } + + public override void SetLength(long value) { + // TODO: Add DeflaterOutputStream.SetLength implementation + + } + + public override int Read(byte[] buffer, int offset, int count) { + // TODO: Add DeflaterOutputStream.Read implementation + return 0; + } + + public override void Flush() { + outp.Flush(); + } + + public override void WriteByte(byte b) { + buf1[0]=(byte)b; + Write(buf1, 0, 1); + } + + public void Finish() { + int err; + do{ + z.next_out=buf; + z.next_out_index=0; + z.avail_out=BUFSIZE; + err=z.deflate(JZlib.Z_FINISH); + if(err!=JZlib.Z_STREAM_END && err != JZlib.Z_OK) + throw new IOException("deflating: "+z.msg); + if(BUFSIZE-z.avail_out>0){ + outp.Write(buf, 0, BUFSIZE-z.avail_out); + } + } + while(z.avail_in>0 || z.avail_out==0); + Flush(); + } + + public void End() { + if(z==null) + return; + z.deflateEnd(); + z.free(); + z=null; + } + +#if PORTABLE + protected override void Dispose(bool disposing) + { + if (disposing) + { + try{ + try{Finish();} + catch (IOException) {} + } + finally{ + End(); + Platform.Dispose(outp); + outp=null; + } + } + base.Dispose(disposing); + } +#else + public override void Close() { + try{ + try{Finish();} + catch (IOException) {} + } + finally{ + End(); + Platform.Dispose(outp); + outp=null; + } + base.Close(); + } +#endif + } +} diff --git a/BouncyCastle/crypto/src/util/zlib/ZInflaterInputStream.cs b/BouncyCastle/crypto/src/util/zlib/ZInflaterInputStream.cs new file mode 100644 index 0000000..ef742bb --- /dev/null +++ b/BouncyCastle/crypto/src/util/zlib/ZInflaterInputStream.cs @@ -0,0 +1,140 @@ +using System; +using System.IO; + +namespace Org.BouncyCastle.Utilities.Zlib { + /// + /// Summary description for DeflaterOutputStream. + /// + [Obsolete("Use 'ZInputStream' instead")] + public class ZInflaterInputStream : Stream { + protected ZStream z=new ZStream(); + protected int flushLevel=JZlib.Z_NO_FLUSH; + private const int BUFSIZE = 4192; + protected byte[] buf=new byte[BUFSIZE]; + private byte[] buf1=new byte[1]; + + protected Stream inp=null; + private bool nomoreinput=false; + + public ZInflaterInputStream(Stream inp) : this(inp, false) { + } + + public ZInflaterInputStream(Stream inp, bool nowrap) { + this.inp=inp; + z.inflateInit(nowrap); + z.next_in=buf; + z.next_in_index=0; + z.avail_in=0; + } + + public override bool CanRead { + get { + // TODO: Add DeflaterOutputStream.CanRead getter implementation + return true; + } + } + + public override bool CanSeek { + get { + // TODO: Add DeflaterOutputStream.CanSeek getter implementation + return false; + } + } + + public override bool CanWrite { + get { + // TODO: Add DeflaterOutputStream.CanWrite getter implementation + return false; + } + } + + public override long Length { + get { + // TODO: Add DeflaterOutputStream.Length getter implementation + return 0; + } + } + + public override long Position { + get { + // TODO: Add DeflaterOutputStream.Position getter implementation + return 0; + } + set { + // TODO: Add DeflaterOutputStream.Position setter implementation + } + } + + public override void Write(byte[] b, int off, int len) { + } + + public override long Seek(long offset, SeekOrigin origin) { + // TODO: Add DeflaterOutputStream.Seek implementation + return 0; + } + + public override void SetLength(long value) { + // TODO: Add DeflaterOutputStream.SetLength implementation + + } + + public override int Read(byte[] b, int off, int len) { + if(len==0) + return(0); + int err; + z.next_out=b; + z.next_out_index=off; + z.avail_out=len; + do { + if((z.avail_in==0)&&(!nomoreinput)) { // if buffer is empty and more input is avaiable, refill it + z.next_in_index=0; + z.avail_in=inp.Read(buf, 0, BUFSIZE);//(BUFSIZE 0) + { + output.Write(buf, 0, count); + } + } + while (z.avail_in > 0 || z.avail_out == 0); + + Flush(); + } + + public override void Flush() + { + output.Flush(); + } + + public virtual int FlushMode + { + get { return flushLevel; } + set { this.flushLevel = value; } + } + + public sealed override long Length { get { throw new NotSupportedException(); } } + public sealed override long Position + { + get { throw new NotSupportedException(); } + set { throw new NotSupportedException(); } + } + public sealed override int Read(byte[] buffer, int offset, int count) { throw new NotSupportedException(); } + public sealed override long Seek(long offset, SeekOrigin origin) { throw new NotSupportedException(); } + public sealed override void SetLength(long value) { throw new NotSupportedException(); } + + public virtual long TotalIn + { + get { return z.total_in; } + } + + public virtual long TotalOut + { + get { return z.total_out; } + } + + public override void Write(byte[] b, int off, int len) + { + if (len == 0) + return; + + z.next_in = b; + z.next_in_index = off; + z.avail_in = len; + + do + { + z.next_out = buf; + z.next_out_index = 0; + z.avail_out = buf.Length; + + int err = compress + ? z.deflate(flushLevel) + : z.inflate(flushLevel); + + if (err != JZlib.Z_OK) + // TODO +// throw new ZStreamException((compress ? "de" : "in") + "flating: " + z.msg); + throw new IOException((compress ? "de" : "in") + "flating: " + z.msg); + + output.Write(buf, 0, buf.Length - z.avail_out); + } + while (z.avail_in > 0 || z.avail_out == 0); + } + + public override void WriteByte(byte b) + { + buf1[0] = b; + Write(buf1, 0, 1); + } + } +} diff --git a/BouncyCastle/crypto/src/util/zlib/ZStream.cs b/BouncyCastle/crypto/src/util/zlib/ZStream.cs new file mode 100644 index 0000000..7ff9614 --- /dev/null +++ b/BouncyCastle/crypto/src/util/zlib/ZStream.cs @@ -0,0 +1,214 @@ +using System; +/* + * $Id: ZStream.cs,v 1.1 2006-07-31 13:59:26 bouncy Exp $ + * +Copyright (c) 2000,2001,2002,2003 ymnk, JCraft,Inc. All rights reserved. + +Redistribution and use in source and binary forms, with or without +modification, are permitted provided that the following conditions are met: + + 1. Redistributions of source code must retain the above copyright notice, + this list of conditions and the following disclaimer. + + 2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in + the documentation and/or other materials provided with the distribution. + + 3. The names of the authors may not be used to endorse or promote products + derived from this software without specific prior written permission. + +THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESSED OR IMPLIED WARRANTIES, +INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND +FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL JCRAFT, +INC. OR ANY CONTRIBUTORS TO THIS SOFTWARE BE LIABLE FOR ANY DIRECT, INDIRECT, +INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT +LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, +OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF +LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING +NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, +EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + */ +/* + * This program is based on zlib-1.1.3, so all credit should go authors + * Jean-loup Gailly(jloup@gzip.org) and Mark Adler(madler@alumni.caltech.edu) + * and contributors of zlib. + */ + +namespace Org.BouncyCastle.Utilities.Zlib { + + public sealed class ZStream{ + + private const int MAX_WBITS=15; // 32K LZ77 window + private const int DEF_WBITS=MAX_WBITS; + + private const int Z_NO_FLUSH=0; + private const int Z_PARTIAL_FLUSH=1; + private const int Z_SYNC_FLUSH=2; + private const int Z_FULL_FLUSH=3; + private const int Z_FINISH=4; + + private const int MAX_MEM_LEVEL=9; + + private const int Z_OK=0; + private const int Z_STREAM_END=1; + private const int Z_NEED_DICT=2; + private const int Z_ERRNO=-1; + private const int Z_STREAM_ERROR=-2; + private const int Z_DATA_ERROR=-3; + private const int Z_MEM_ERROR=-4; + private const int Z_BUF_ERROR=-5; + private const int Z_VERSION_ERROR=-6; + + public byte[] next_in; // next input byte + public int next_in_index; + public int avail_in; // number of bytes available at next_in + public long total_in; // total nb of input bytes read so far + + public byte[] next_out; // next output byte should be put there + public int next_out_index; + public int avail_out; // remaining free space at next_out + public long total_out; // total nb of bytes output so far + + public String msg; + + internal Deflate dstate; + internal Inflate istate; + + internal int data_type; // best guess about the data type: ascii or binary + + public long adler; + internal Adler32 _adler=new Adler32(); + + public int inflateInit(){ + return inflateInit(DEF_WBITS); + } + public int inflateInit(bool nowrap){ + return inflateInit(DEF_WBITS, nowrap); + } + public int inflateInit(int w){ + return inflateInit(w, false); + } + + public int inflateInit(int w, bool nowrap){ + istate=new Inflate(); + return istate.inflateInit(this, nowrap?-w:w); + } + + public int inflate(int f){ + if(istate==null) return Z_STREAM_ERROR; + return istate.inflate(this, f); + } + public int inflateEnd(){ + if(istate==null) return Z_STREAM_ERROR; + int ret=istate.inflateEnd(this); + istate = null; + return ret; + } + public int inflateSync(){ + if(istate == null) + return Z_STREAM_ERROR; + return istate.inflateSync(this); + } + public int inflateSetDictionary(byte[] dictionary, int dictLength){ + if(istate == null) + return Z_STREAM_ERROR; + return istate.inflateSetDictionary(this, dictionary, dictLength); + } + + public int deflateInit(int level){ + return deflateInit(level, MAX_WBITS); + } + public int deflateInit(int level, bool nowrap){ + return deflateInit(level, MAX_WBITS, nowrap); + } + public int deflateInit(int level, int bits){ + return deflateInit(level, bits, false); + } + public int deflateInit(int level, int bits, bool nowrap){ + dstate=new Deflate(); + return dstate.deflateInit(this, level, nowrap?-bits:bits); + } + public int deflate(int flush){ + if(dstate==null){ + return Z_STREAM_ERROR; + } + return dstate.deflate(this, flush); + } + public int deflateEnd(){ + if(dstate==null) return Z_STREAM_ERROR; + int ret=dstate.deflateEnd(); + dstate=null; + return ret; + } + public int deflateParams(int level, int strategy){ + if(dstate==null) return Z_STREAM_ERROR; + return dstate.deflateParams(this, level, strategy); + } + public int deflateSetDictionary (byte[] dictionary, int dictLength){ + if(dstate == null) + return Z_STREAM_ERROR; + return dstate.deflateSetDictionary(this, dictionary, dictLength); + } + + // Flush as much pending output as possible. All deflate() output goes + // through this function so some applications may wish to modify it + // to avoid allocating a large strm->next_out buffer and copying into it. + // (See also read_buf()). + internal void flush_pending(){ + int len=dstate.pending; + + if(len>avail_out) len=avail_out; + if(len==0) return; + + if(dstate.pending_buf.Length<=dstate.pending_out || + next_out.Length<=next_out_index || + dstate.pending_buf.Length<(dstate.pending_out+len) || + next_out.Length<(next_out_index+len)){ + // System.out.println(dstate.pending_buf.length+", "+dstate.pending_out+ + // ", "+next_out.length+", "+next_out_index+", "+len); + // System.out.println("avail_out="+avail_out); + } + + System.Array.Copy(dstate.pending_buf, dstate.pending_out, + next_out, next_out_index, len); + + next_out_index+=len; + dstate.pending_out+=len; + total_out+=len; + avail_out-=len; + dstate.pending-=len; + if(dstate.pending==0){ + dstate.pending_out=0; + } + } + + // Read a new buffer from the current input stream, update the adler32 + // and total number of bytes read. All deflate() input goes through + // this function so some applications may wish to modify it to avoid + // allocating a large strm->next_in buffer and copying from it. + // (See also flush_pending()). + internal int read_buf(byte[] buf, int start, int size) { + int len=avail_in; + + if(len>size) len=size; + if(len==0) return 0; + + avail_in-=len; + + if(dstate.noheader==0) { + adler=_adler.adler32(adler, next_in, next_in_index, len); + } + System.Array.Copy(next_in, next_in_index, buf, start, len); + next_in_index += len; + total_in += len; + return len; + } + + public void free(){ + next_in=null; + next_out=null; + msg=null; + _adler=null; + } + } +} \ No newline at end of file diff --git a/BouncyCastle/crypto/src/x509/AttributeCertificateHolder.cs b/BouncyCastle/crypto/src/x509/AttributeCertificateHolder.cs new file mode 100644 index 0000000..7cd869b --- /dev/null +++ b/BouncyCastle/crypto/src/x509/AttributeCertificateHolder.cs @@ -0,0 +1,433 @@ +using System; + +using Org.BouncyCastle.Asn1; +using Org.BouncyCastle.Asn1.X509; +using Org.BouncyCastle.Crypto; +using Org.BouncyCastle.Math; +using Org.BouncyCastle.Security; +using Org.BouncyCastle.Security.Certificates; +using Org.BouncyCastle.Utilities; +using Org.BouncyCastle.X509.Store; + +namespace Org.BouncyCastle.X509 +{ + /// + /// The Holder object. + /// 
    + 	/// Holder ::= SEQUENCE {
+ 	///		baseCertificateID   [0] IssuerSerial OPTIONAL,
+ 	///			-- the issuer and serial number of
+ 	///			-- the holder's Public Key Certificate
+ 	///		entityName          [1] GeneralNames OPTIONAL,
+ 	///			-- the name of the claimant or role
+ 	///		objectDigestInfo    [2] ObjectDigestInfo OPTIONAL
+ 	///			-- used to directly authenticate the holder,
+ 	///			-- for example, an executable
+ 	/// }
+	///
    + ///     + public class AttributeCertificateHolder + //: CertSelector, Selector + : IX509Selector + { + internal readonly Holder holder; + + internal AttributeCertificateHolder( + Asn1Sequence seq) + { + holder = Holder.GetInstance(seq); + } + + public AttributeCertificateHolder( + X509Name issuerName, + BigInteger serialNumber) + { + holder = new Holder( + new IssuerSerial( + GenerateGeneralNames(issuerName), + new DerInteger(serialNumber))); + } + + public AttributeCertificateHolder( + X509Certificate cert) + { + X509Name name; + try + { + name = PrincipalUtilities.GetIssuerX509Principal(cert); + } + catch (Exception e) + { + throw new CertificateParsingException(e.Message); + } + + holder = new Holder(new IssuerSerial(GenerateGeneralNames(name), new DerInteger(cert.SerialNumber))); + } + + public AttributeCertificateHolder( + X509Name principal) + { + holder = new Holder(GenerateGeneralNames(principal)); + } + + /** + * Constructs a holder for v2 attribute certificates with a hash value for + * some type of object. + *

    + * digestedObjectType can be one of the following: + *

      + *
    • 0 - publicKey - A hash of the public key of the holder must be + * passed.
      • + *
    • 1 - publicKeyCert - A hash of the public key certificate of the + * holder must be passed.
      • + *
    • 2 - otherObjectDigest - A hash of some other object type must be + * passed. otherObjectTypeID must not be empty.
      • + *
    + *

    + *

    This cannot be used if a v1 attribute certificate is used.

    + * + * @param digestedObjectType The digest object type. + * @param digestAlgorithm The algorithm identifier for the hash. + * @param otherObjectTypeID The object type ID if + * digestedObjectType is + * otherObjectDigest. + * @param objectDigest The hash value. + */ + public AttributeCertificateHolder( + int digestedObjectType, + string digestAlgorithm, + string otherObjectTypeID, + byte[] objectDigest) + { + // TODO Allow 'objectDigest' to be null? + + holder = new Holder(new ObjectDigestInfo(digestedObjectType, otherObjectTypeID, + new AlgorithmIdentifier(new DerObjectIdentifier(digestAlgorithm)), Arrays.Clone(objectDigest))); + } + + /** + * Returns the digest object type if an object digest info is used. + *

    + *

      + *
    • 0 - publicKey - A hash of the public key of the holder must be + * passed.
      • + *
    • 1 - publicKeyCert - A hash of the public key certificate of the + * holder must be passed.
      • + *
    • 2 - otherObjectDigest - A hash of some other object type must be + * passed. otherObjectTypeID must not be empty.
      • + *
    + *

    + * + * @return The digest object type or -1 if no object digest info is set. + */ + public int DigestedObjectType + { + get + { + ObjectDigestInfo odi = holder.ObjectDigestInfo; + + return odi == null + ? -1 + : odi.DigestedObjectType.IntValueExact; + } + } + + /** + * Returns the other object type ID if an object digest info is used. + * + * @return The other object type ID or null if no object + * digest info is set. + */ + public string DigestAlgorithm + { + get + { + ObjectDigestInfo odi = holder.ObjectDigestInfo; + + return odi == null + ? null + : odi.DigestAlgorithm.Algorithm.Id; + } + } + + /** + * Returns the hash if an object digest info is used. + * + * @return The hash or null if no object digest info is set. + */ + public byte[] GetObjectDigest() + { + ObjectDigestInfo odi = holder.ObjectDigestInfo; + + return odi == null + ? null + : odi.ObjectDigest.GetBytes(); + } + + /** + * Returns the digest algorithm ID if an object digest info is used. + * + * @return The digest algorithm ID or null if no object + * digest info is set. + */ + public string OtherObjectTypeID + { + get + { + ObjectDigestInfo odi = holder.ObjectDigestInfo; + + return odi == null + ? null + : odi.OtherObjectTypeID.Id; + } + } + + private GeneralNames GenerateGeneralNames( + X509Name principal) + { +// return GeneralNames.GetInstance(new DerSequence(new GeneralName(principal))); + return new GeneralNames(new GeneralName(principal)); + } + + private bool MatchesDN( + X509Name subject, + GeneralNames targets) + { + GeneralName[] names = targets.GetNames(); + + for (int i = 0; i != names.Length; i++) + { + GeneralName gn = names[i]; + + if (gn.TagNo == GeneralName.DirectoryName) + { + try + { + if (X509Name.GetInstance(gn.Name).Equivalent(subject)) + { + return true; + } + } + catch (Exception) + { + } + } + } + + return false; + } + + private object[] GetNames( + GeneralName[] names) + { + int count = 0; + for (int i = 0; i != names.Length; i++) + { + if (names[i].TagNo == GeneralName.DirectoryName) + { + ++count; + } + } + + object[] result = new object[count]; + + int pos = 0; + for (int i = 0; i != names.Length; i++) + { + if (names[i].TagNo == GeneralName.DirectoryName) + { + result[pos++] = X509Name.GetInstance(names[i].Name); + } + } + + return result; + } + + private X509Name[] GetPrincipals( + GeneralNames names) + { + object[] p = this.GetNames(names.GetNames()); + + int count = 0; + + for (int i = 0; i != p.Length; i++) + { + if (p[i] is X509Name) + { + ++count; + } + } + + X509Name[] result = new X509Name[count]; + + int pos = 0; + for (int i = 0; i != p.Length; i++) + { + if (p[i] is X509Name) + { + result[pos++] = (X509Name)p[i]; + } + } + + return result; + } + + /** + * Return any principal objects inside the attribute certificate holder entity names field. + * + * @return an array of IPrincipal objects (usually X509Name), null if no entity names field is set. + */ + public X509Name[] GetEntityNames() + { + if (holder.EntityName != null) + { + return GetPrincipals(holder.EntityName); + } + + return null; + } + + /** + * Return the principals associated with the issuer attached to this holder + * + * @return an array of principals, null if no BaseCertificateID is set. + */ + public X509Name[] GetIssuer() + { + if (holder.BaseCertificateID != null) + { + return GetPrincipals(holder.BaseCertificateID.Issuer); + } + + return null; + } + + /** + * Return the serial number associated with the issuer attached to this holder. + * + * @return the certificate serial number, null if no BaseCertificateID is set. + */ + public BigInteger SerialNumber + { + get + { + if (holder.BaseCertificateID != null) + { + return holder.BaseCertificateID.Serial.Value; + } + + return null; + } + } + + public object Clone() + { + return new AttributeCertificateHolder((Asn1Sequence)holder.ToAsn1Object()); + } + + public bool Match( + X509Certificate x509Cert) + { + try + { + if (holder.BaseCertificateID != null) + { + return holder.BaseCertificateID.Serial.HasValue(x509Cert.SerialNumber) + && MatchesDN(PrincipalUtilities.GetIssuerX509Principal(x509Cert), holder.BaseCertificateID.Issuer); + } + + if (holder.EntityName != null) + { + if (MatchesDN(PrincipalUtilities.GetSubjectX509Principal(x509Cert), holder.EntityName)) + { + return true; + } + } + + if (holder.ObjectDigestInfo != null) + { + IDigest md = null; + try + { + md = DigestUtilities.GetDigest(DigestAlgorithm); + } + catch (Exception) + { + return false; + } + + switch (DigestedObjectType) + { + case ObjectDigestInfo.PublicKey: + { + // TODO: DSA Dss-parms + + //byte[] b = x509Cert.GetPublicKey().getEncoded(); + // TODO Is this the right way to encode? + byte[] b = SubjectPublicKeyInfoFactory.CreateSubjectPublicKeyInfo( + x509Cert.GetPublicKey()).GetEncoded(); + md.BlockUpdate(b, 0, b.Length); + break; + } + + case ObjectDigestInfo.PublicKeyCert: + { + byte[] b = x509Cert.GetEncoded(); + md.BlockUpdate(b, 0, b.Length); + break; + } + + // TODO Default handler? + } + + // TODO Shouldn't this be the other way around? + if (!Arrays.AreEqual(DigestUtilities.DoFinal(md), GetObjectDigest())) + { + return false; + } + } + } + catch (CertificateEncodingException) + { + return false; + } + + return false; + } + + public override bool Equals( + object obj) + { + if (obj == this) + { + return true; + } + + if (!(obj is AttributeCertificateHolder)) + { + return false; + } + + AttributeCertificateHolder other = (AttributeCertificateHolder)obj; + + return this.holder.Equals(other.holder); + } + + public override int GetHashCode() + { + return this.holder.GetHashCode(); + } + + public bool Match( + object obj) + { + if (!(obj is X509Certificate)) + { + return false; + } + +// return Match((Certificate)obj); + return Match((X509Certificate)obj); + } + } +} diff --git a/BouncyCastle/crypto/src/x509/AttributeCertificateIssuer.cs b/BouncyCastle/crypto/src/x509/AttributeCertificateIssuer.cs new file mode 100644 index 0000000..32f16c2 --- /dev/null +++ b/BouncyCastle/crypto/src/x509/AttributeCertificateIssuer.cs @@ -0,0 +1,188 @@ +using System; + +using Org.BouncyCastle.Asn1; +using Org.BouncyCastle.Asn1.X509; +using Org.BouncyCastle.X509.Store; + +namespace Org.BouncyCastle.X509 +{ + /** + * Carrying class for an attribute certificate issuer. + */ + public class AttributeCertificateIssuer + //: CertSelector, Selector + : IX509Selector + { + internal readonly Asn1Encodable form; + + /** + * Set the issuer directly with the ASN.1 structure. + * + * @param issuer The issuer + */ + public AttributeCertificateIssuer( + AttCertIssuer issuer) + { + form = issuer.Issuer; + } + + public AttributeCertificateIssuer( + X509Name principal) + { +// form = new V2Form(GeneralNames.GetInstance(new DerSequence(new GeneralName(principal)))); + form = new V2Form(new GeneralNames(new GeneralName(principal))); + } + + private object[] GetNames() + { + GeneralNames name; + if (form is V2Form) + { + name = ((V2Form)form).IssuerName; + } + else + { + name = (GeneralNames)form; + } + + GeneralName[] names = name.GetNames(); + + int count = 0; + for (int i = 0; i != names.Length; i++) + { + if (names[i].TagNo == GeneralName.DirectoryName) + { + ++count; + } + } + + object[] result = new object[count]; + + int pos = 0; + for (int i = 0; i != names.Length; i++) + { + if (names[i].TagNo == GeneralName.DirectoryName) + { + result[pos++] = X509Name.GetInstance(names[i].Name); + } + } + + return result; + } + + /// Return any principal objects inside the attribute certificate issuer object. + /// An array of IPrincipal objects (usually X509Principal). + public X509Name[] GetPrincipals() + { + object[] p = this.GetNames(); + + int count = 0; + for (int i = 0; i != p.Length; i++) + { + if (p[i] is X509Name) + { + ++count; + } + } + + X509Name[] result = new X509Name[count]; + + int pos = 0; + for (int i = 0; i != p.Length; i++) + { + if (p[i] is X509Name) + { + result[pos++] = (X509Name)p[i]; + } + } + + return result; + } + + private bool MatchesDN( + X509Name subject, + GeneralNames targets) + { + GeneralName[] names = targets.GetNames(); + + for (int i = 0; i != names.Length; i++) + { + GeneralName gn = names[i]; + + if (gn.TagNo == GeneralName.DirectoryName) + { + try + { + if (X509Name.GetInstance(gn.Name).Equivalent(subject)) + { + return true; + } + } + catch (Exception) + { + } + } + } + + return false; + } + + public object Clone() + { + return new AttributeCertificateIssuer(AttCertIssuer.GetInstance(form)); + } + + public bool Match( + X509Certificate x509Cert) + { + if (form is V2Form) + { + V2Form issuer = (V2Form) form; + if (issuer.BaseCertificateID != null) + { + return issuer.BaseCertificateID.Serial.HasValue(x509Cert.SerialNumber) + && MatchesDN(x509Cert.IssuerDN, issuer.BaseCertificateID.Issuer); + } + + return MatchesDN(x509Cert.SubjectDN, issuer.IssuerName); + } + + return MatchesDN(x509Cert.SubjectDN, (GeneralNames) form); + } + + public override bool Equals( + object obj) + { + if (obj == this) + { + return true; + } + + if (!(obj is AttributeCertificateIssuer)) + { + return false; + } + + AttributeCertificateIssuer other = (AttributeCertificateIssuer)obj; + + return this.form.Equals(other.form); + } + + public override int GetHashCode() + { + return this.form.GetHashCode(); + } + + public bool Match( + object obj) + { + if (!(obj is X509Certificate)) + { + return false; + } + + //return Match((Certificate)obj); + return Match((X509Certificate)obj); + } + } +} diff --git a/BouncyCastle/crypto/src/x509/IX509AttributeCertificate.cs b/BouncyCastle/crypto/src/x509/IX509AttributeCertificate.cs new file mode 100644 index 0000000..9a3004e --- /dev/null +++ b/BouncyCastle/crypto/src/x509/IX509AttributeCertificate.cs @@ -0,0 +1,57 @@ +using System; +using System.IO; + +using Org.BouncyCastle.Crypto; +using Org.BouncyCastle.Math; + +namespace Org.BouncyCastle.X509 +{ + /// Interface for an X.509 Attribute Certificate. + public interface IX509AttributeCertificate + : IX509Extension + { + /// The version number for the certificate. + int Version { get; } + + /// The serial number for the certificate. + BigInteger SerialNumber { get; } + + /// The UTC DateTime before which the certificate is not valid. + DateTime NotBefore { get; } + + /// The UTC DateTime after which the certificate is not valid. + DateTime NotAfter { get; } + + /// The holder of the certificate. + AttributeCertificateHolder Holder { get; } + + /// The issuer details for the certificate. + AttributeCertificateIssuer Issuer { get; } + + /// Return the attributes contained in the attribute block in the certificate. + /// An array of attributes. + X509Attribute[] GetAttributes(); + + /// Return the attributes with the same type as the passed in oid. + /// The object identifier we wish to match. + /// An array of matched attributes, null if there is no match. + X509Attribute[] GetAttributes(string oid); + + bool[] GetIssuerUniqueID(); + + bool IsValidNow { get; } + bool IsValid(DateTime date); + + void CheckValidity(); + void CheckValidity(DateTime date); + + byte[] GetSignature(); + + void Verify(AsymmetricKeyParameter publicKey); + + /// Return an ASN.1 encoded byte array representing the attribute certificate. + /// An ASN.1 encoded byte array. + /// If the certificate cannot be encoded. + byte[] GetEncoded(); + } +} diff --git a/BouncyCastle/crypto/src/x509/IX509Extension.cs b/BouncyCastle/crypto/src/x509/IX509Extension.cs new file mode 100644 index 0000000..e861e87 --- /dev/null +++ b/BouncyCastle/crypto/src/x509/IX509Extension.cs @@ -0,0 +1,27 @@ +using System; + +using Org.BouncyCastle.Asn1; +using Org.BouncyCastle.Utilities.Collections; + +namespace Org.BouncyCastle.X509 +{ + public interface IX509Extension + { + /// + /// Get all critical extension values, by oid + /// + /// IDictionary with string (OID) keys and Asn1OctetString values + ISet GetCriticalExtensionOids(); + + /// + /// Get all non-critical extension values, by oid + /// + /// IDictionary with string (OID) keys and Asn1OctetString values + ISet GetNonCriticalExtensionOids(); + + [Obsolete("Use version taking a DerObjectIdentifier instead")] + Asn1OctetString GetExtensionValue(string oid); + + Asn1OctetString GetExtensionValue(DerObjectIdentifier oid); + } +} diff --git a/BouncyCastle/crypto/src/x509/PEMParser.cs b/BouncyCastle/crypto/src/x509/PEMParser.cs new file mode 100644 index 0000000..28f28ee --- /dev/null +++ b/BouncyCastle/crypto/src/x509/PEMParser.cs @@ -0,0 +1,95 @@ +using System; +using System.IO; +using System.Text; + +using Org.BouncyCastle.Asn1; +using Org.BouncyCastle.Utilities; +using Org.BouncyCastle.Utilities.Encoders; + +namespace Org.BouncyCastle.X509 +{ + class PemParser + { + private readonly string _header1; + private readonly string _header2; + private readonly string _footer1; + private readonly string _footer2; + + internal PemParser( + string type) + { + _header1 = "-----BEGIN " + type + "-----"; + _header2 = "-----BEGIN X509 " + type + "-----"; + _footer1 = "-----END " + type + "-----"; + _footer2 = "-----END X509 " + type + "-----"; + } + + private string ReadLine( + Stream inStream) + { + int c; + StringBuilder l = new StringBuilder(); + + do + { + while (((c = inStream.ReadByte()) != '\r') && c != '\n' && (c >= 0)) + { + if (c == '\r') + { + continue; + } + + l.Append((char)c); + } + } + while (c >= 0 && l.Length == 0); + + if (c < 0) + { + return null; + } + + return l.ToString(); + } + + internal Asn1Sequence ReadPemObject( + Stream inStream) + { + string line; + StringBuilder pemBuf = new StringBuilder(); + + while ((line = ReadLine(inStream)) != null) + { + if (Platform.StartsWith(line, _header1) || Platform.StartsWith(line, _header2)) + { + break; + } + } + + while ((line = ReadLine(inStream)) != null) + { + if (Platform.StartsWith(line, _footer1) || Platform.StartsWith(line, _footer2)) + { + break; + } + + pemBuf.Append(line); + } + + if (pemBuf.Length != 0) + { + Asn1Object o = Asn1Object.FromByteArray(Base64.Decode(pemBuf.ToString())); + + if (!(o is Asn1Sequence)) + { + throw new IOException("malformed PEM data encountered"); + } + + return (Asn1Sequence) o; + } + + return null; + } + } +} + diff --git a/BouncyCastle/crypto/src/x509/PrincipalUtil.cs b/BouncyCastle/crypto/src/x509/PrincipalUtil.cs new file mode 100644 index 0000000..0edc4a3 --- /dev/null +++ b/BouncyCastle/crypto/src/x509/PrincipalUtil.cs @@ -0,0 +1,70 @@ +using System; +using System.IO; + +using Org.BouncyCastle.Asn1; +using Org.BouncyCastle.Asn1.X509; +using Org.BouncyCastle.Security.Certificates; + +namespace Org.BouncyCastle.X509 +{ + /// + /// A utility class that will extract X509Principal objects from X.509 certificates. + ///

    + /// Use this in preference to trying to recreate a principal from a string, not all + /// DNs are what they should be, so it's best to leave them encoded where they + /// can be.

    + ///     + public class PrincipalUtilities + { + /// Return the issuer of the given cert as an X509Principal. + public static X509Name GetIssuerX509Principal( + X509Certificate cert) + { + try + { + TbsCertificateStructure tbsCert = TbsCertificateStructure.GetInstance( + Asn1Object.FromByteArray(cert.GetTbsCertificate())); + + return tbsCert.Issuer; + } + catch (Exception e) + { + throw new CertificateEncodingException("Could not extract issuer", e); + } + } + + /// Return the subject of the given cert as an X509Principal. + public static X509Name GetSubjectX509Principal( + X509Certificate cert) + { + try + { + TbsCertificateStructure tbsCert = TbsCertificateStructure.GetInstance( + Asn1Object.FromByteArray(cert.GetTbsCertificate())); + + return tbsCert.Subject; + } + catch (Exception e) + { + throw new CertificateEncodingException("Could not extract subject", e); + } + } + + /// Return the issuer of the given CRL as an X509Principal. + public static X509Name GetIssuerX509Principal( + X509Crl crl) + { + try + { + TbsCertificateList tbsCertList = TbsCertificateList.GetInstance( + Asn1Object.FromByteArray(crl.GetTbsCertList())); + + return tbsCertList.Issuer; + } + catch (Exception e) + { + throw new CrlException("Could not extract issuer", e); + } + } + } +} diff --git a/BouncyCastle/crypto/src/x509/SubjectPublicKeyInfoFactory.cs b/BouncyCastle/crypto/src/x509/SubjectPublicKeyInfoFactory.cs new file mode 100644 index 0000000..696f3ff --- /dev/null +++ b/BouncyCastle/crypto/src/x509/SubjectPublicKeyInfoFactory.cs @@ -0,0 +1,276 @@ +using System; + +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Asn1; +using Org.BouncyCastle.Asn1.CryptoPro; +using Org.BouncyCastle.Asn1.EdEC; +using Org.BouncyCastle.Asn1.Oiw; +using Org.BouncyCastle.Asn1.Pkcs; +using Org.BouncyCastle.Asn1.Rosstandart; +using Org.BouncyCastle.Asn1.X509; +using Org.BouncyCastle.Asn1.X9; +using Org.BouncyCastle.Crypto; +using Org.BouncyCastle.Math; +using Org.BouncyCastle.Math.EC; +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.X509 +{ + /// + /// A factory to produce Public Key Info Objects. + /// + public sealed class SubjectPublicKeyInfoFactory + { + private SubjectPublicKeyInfoFactory() + { + } + + /// + /// Create a Subject Public Key Info object for a given public key. + /// + /// One of ElGammalPublicKeyParameters, DSAPublicKeyParameter, DHPublicKeyParameters, RsaKeyParameters or ECPublicKeyParameters + /// A subject public key info object. + /// Throw exception if object provided is not one of the above. + public static SubjectPublicKeyInfo CreateSubjectPublicKeyInfo( + AsymmetricKeyParameter publicKey) + { + if (publicKey == null) + throw new ArgumentNullException("publicKey"); + if (publicKey.IsPrivate) + throw new ArgumentException("Private key passed - public key expected.", "publicKey"); + + if (publicKey is ElGamalPublicKeyParameters) + { + ElGamalPublicKeyParameters _key = (ElGamalPublicKeyParameters)publicKey; + ElGamalParameters kp = _key.Parameters; + + SubjectPublicKeyInfo info = new SubjectPublicKeyInfo( + new AlgorithmIdentifier( + OiwObjectIdentifiers.ElGamalAlgorithm, + new ElGamalParameter(kp.P, kp.G).ToAsn1Object()), + new DerInteger(_key.Y)); + + return info; + } + + if (publicKey is DsaPublicKeyParameters) + { + DsaPublicKeyParameters _key = (DsaPublicKeyParameters) publicKey; + DsaParameters kp = _key.Parameters; + Asn1Encodable ae = kp == null + ? null + : new DsaParameter(kp.P, kp.Q, kp.G).ToAsn1Object(); + + return new SubjectPublicKeyInfo( + new AlgorithmIdentifier(X9ObjectIdentifiers.IdDsa, ae), + new DerInteger(_key.Y)); + } + + if (publicKey is DHPublicKeyParameters) + { + DHPublicKeyParameters _key = (DHPublicKeyParameters) publicKey; + DHParameters kp = _key.Parameters; + + SubjectPublicKeyInfo info = new SubjectPublicKeyInfo( + new AlgorithmIdentifier( + _key.AlgorithmOid, + new DHParameter(kp.P, kp.G, kp.L).ToAsn1Object()), + new DerInteger(_key.Y)); + + return info; + } // End of DH + + if (publicKey is RsaKeyParameters) + { + RsaKeyParameters _key = (RsaKeyParameters) publicKey; + + SubjectPublicKeyInfo info = new SubjectPublicKeyInfo( + new AlgorithmIdentifier(PkcsObjectIdentifiers.RsaEncryption, DerNull.Instance), + new RsaPublicKeyStructure(_key.Modulus, _key.Exponent).ToAsn1Object()); + + return info; + } // End of RSA. + + if (publicKey is ECPublicKeyParameters) + { + + ECPublicKeyParameters _key = (ECPublicKeyParameters) publicKey; + + + if (_key.Parameters is ECGost3410Parameters) + { + ECGost3410Parameters gostParams = (ECGost3410Parameters)_key.Parameters; + + BigInteger bX = _key.Q.AffineXCoord.ToBigInteger(); + BigInteger bY = _key.Q.AffineYCoord.ToBigInteger(); + bool is512 = (bX.BitLength > 256); + + Gost3410PublicKeyAlgParameters parameters = new Gost3410PublicKeyAlgParameters( + gostParams.PublicKeyParamSet, + gostParams.DigestParamSet, + gostParams.EncryptionParamSet); + + int encKeySize; + int offset; + DerObjectIdentifier algIdentifier; + if (is512) + { + encKeySize = 128; + offset = 64; + algIdentifier = RosstandartObjectIdentifiers.id_tc26_gost_3410_12_512; + } + else + { + encKeySize = 64; + offset = 32; + algIdentifier = RosstandartObjectIdentifiers.id_tc26_gost_3410_12_256; + } + + byte[] encKey = new byte[encKeySize]; + + ExtractBytes(encKey, encKeySize / 2, 0, bX); + ExtractBytes(encKey, encKeySize / 2, offset, bY); + + return new SubjectPublicKeyInfo(new AlgorithmIdentifier(algIdentifier, parameters), new DerOctetString(encKey)); + + + } // End of ECGOST3410_2012 + + + + + + if (_key.AlgorithmName == "ECGOST3410") + { + if (_key.PublicKeyParamSet == null) + throw Platform.CreateNotImplementedException("Not a CryptoPro parameter set"); + + ECPoint q = _key.Q.Normalize(); + BigInteger bX = q.AffineXCoord.ToBigInteger(); + BigInteger bY = q.AffineYCoord.ToBigInteger(); + + byte[] encKey = new byte[64]; + ExtractBytes(encKey, 0, bX); + ExtractBytes(encKey, 32, bY); + + Gost3410PublicKeyAlgParameters gostParams = new Gost3410PublicKeyAlgParameters( + _key.PublicKeyParamSet, CryptoProObjectIdentifiers.GostR3411x94CryptoProParamSet); + + AlgorithmIdentifier algID = new AlgorithmIdentifier( + CryptoProObjectIdentifiers.GostR3410x2001, + gostParams.ToAsn1Object()); + + return new SubjectPublicKeyInfo(algID, new DerOctetString(encKey)); + } + else + { + X962Parameters x962; + if (_key.PublicKeyParamSet == null) + { + ECDomainParameters kp = _key.Parameters; + X9ECParameters ecP = new X9ECParameters(kp.Curve, kp.G, kp.N, kp.H, kp.GetSeed()); + + x962 = new X962Parameters(ecP); + } + else + { + x962 = new X962Parameters(_key.PublicKeyParamSet); + } + + byte[] pubKey = _key.Q.GetEncoded(false); + + AlgorithmIdentifier algID = new AlgorithmIdentifier( + X9ObjectIdentifiers.IdECPublicKey, x962.ToAsn1Object()); + + return new SubjectPublicKeyInfo(algID, pubKey); + } + } // End of EC + + if (publicKey is Gost3410PublicKeyParameters) + { + Gost3410PublicKeyParameters _key = (Gost3410PublicKeyParameters) publicKey; + + if (_key.PublicKeyParamSet == null) + throw Platform.CreateNotImplementedException("Not a CryptoPro parameter set"); + + byte[] keyEnc = _key.Y.ToByteArrayUnsigned(); + byte[] keyBytes = new byte[keyEnc.Length]; + + for (int i = 0; i != keyBytes.Length; i++) + { + keyBytes[i] = keyEnc[keyEnc.Length - 1 - i]; // must be little endian + } + + Gost3410PublicKeyAlgParameters algParams = new Gost3410PublicKeyAlgParameters( + _key.PublicKeyParamSet, CryptoProObjectIdentifiers.GostR3411x94CryptoProParamSet); + + AlgorithmIdentifier algID = new AlgorithmIdentifier( + CryptoProObjectIdentifiers.GostR3410x94, + algParams.ToAsn1Object()); + + return new SubjectPublicKeyInfo(algID, new DerOctetString(keyBytes)); + } + + if (publicKey is X448PublicKeyParameters) + { + X448PublicKeyParameters key = (X448PublicKeyParameters)publicKey; + + return new SubjectPublicKeyInfo(new AlgorithmIdentifier(EdECObjectIdentifiers.id_X448), key.GetEncoded()); + } + + if (publicKey is X25519PublicKeyParameters) + { + X25519PublicKeyParameters key = (X25519PublicKeyParameters)publicKey; + + return new SubjectPublicKeyInfo(new AlgorithmIdentifier(EdECObjectIdentifiers.id_X25519), key.GetEncoded()); + } + + if (publicKey is Ed448PublicKeyParameters) + { + Ed448PublicKeyParameters key = (Ed448PublicKeyParameters)publicKey; + + return new SubjectPublicKeyInfo(new AlgorithmIdentifier(EdECObjectIdentifiers.id_Ed448), key.GetEncoded()); + } + + if (publicKey is Ed25519PublicKeyParameters) + { + Ed25519PublicKeyParameters key = (Ed25519PublicKeyParameters)publicKey; + + return new SubjectPublicKeyInfo(new AlgorithmIdentifier(EdECObjectIdentifiers.id_Ed25519), key.GetEncoded()); + } + + throw new ArgumentException("Class provided no convertible: " + Platform.GetTypeName(publicKey)); + } + + private static void ExtractBytes( + byte[] encKey, + int offset, + BigInteger bI) + { + byte[] val = bI.ToByteArray(); + int n = (bI.BitLength + 7) / 8; + + for (int i = 0; i < n; ++i) + { + encKey[offset + i] = val[val.Length - 1 - i]; + } + } + + + private static void ExtractBytes(byte[] encKey, int size, int offSet, BigInteger bI) + { + byte[] val = bI.ToByteArray(); + if (val.Length < size) + { + byte[] tmp = new byte[size]; + Array.Copy(val, 0, tmp, tmp.Length - val.Length, val.Length); + val = tmp; + } + + for (int i = 0; i != size; i++) + { + encKey[offSet + i] = val[val.Length - 1 - i]; + } + } + } +} diff --git a/BouncyCastle/crypto/src/x509/X509AttrCertParser.cs b/BouncyCastle/crypto/src/x509/X509AttrCertParser.cs new file mode 100644 index 0000000..ce708ed --- /dev/null +++ b/BouncyCastle/crypto/src/x509/X509AttrCertParser.cs @@ -0,0 +1,180 @@ +using System; +using System.Collections; +using System.IO; + +using Org.BouncyCastle.Asn1; +using Org.BouncyCastle.Asn1.Pkcs; +using Org.BouncyCastle.Asn1.X509; +using Org.BouncyCastle.Security.Certificates; +using Org.BouncyCastle.Utilities; +using Org.BouncyCastle.Utilities.IO; + +namespace Org.BouncyCastle.X509 +{ + public class X509AttrCertParser + { + private static readonly PemParser PemAttrCertParser = new PemParser("ATTRIBUTE CERTIFICATE"); + + private Asn1Set sData; + private int sDataObjectCount; + private Stream currentStream; + + private IX509AttributeCertificate ReadDerCertificate( + Asn1InputStream dIn) + { + Asn1Sequence seq = (Asn1Sequence)dIn.ReadObject(); + + if (seq.Count > 1 && seq[0] is DerObjectIdentifier) + { + if (seq[0].Equals(PkcsObjectIdentifiers.SignedData)) + { + sData = SignedData.GetInstance( + Asn1Sequence.GetInstance((Asn1TaggedObject) seq[1], true)).Certificates; + + return GetCertificate(); + } + } + +// return new X509V2AttributeCertificate(seq.getEncoded()); + return new X509V2AttributeCertificate(AttributeCertificate.GetInstance(seq)); + } + + private IX509AttributeCertificate GetCertificate() + { + if (sData != null) + { + while (sDataObjectCount < sData.Count) + { + object obj = sData[sDataObjectCount++]; + + if (obj is Asn1TaggedObject && ((Asn1TaggedObject)obj).TagNo == 2) + { + //return new X509V2AttributeCertificate( + // Asn1Sequence.GetInstance((Asn1TaggedObject)obj, false).GetEncoded()); + return new X509V2AttributeCertificate( + AttributeCertificate.GetInstance( + Asn1Sequence.GetInstance((Asn1TaggedObject)obj, false))); + } + } + } + + return null; + } + + private IX509AttributeCertificate ReadPemCertificate( + Stream inStream) + { + Asn1Sequence seq = PemAttrCertParser.ReadPemObject(inStream); + + return seq == null + ? null + //: new X509V2AttributeCertificate(seq.getEncoded()); + : new X509V2AttributeCertificate(AttributeCertificate.GetInstance(seq)); + } + + /// + /// Create loading data from byte array. + /// + /// + public IX509AttributeCertificate ReadAttrCert( + byte[] input) + { + return ReadAttrCert(new MemoryStream(input, false)); + } + + /// + /// Create loading data from byte array. + /// + /// + public ICollection ReadAttrCerts( + byte[] input) + { + return ReadAttrCerts(new MemoryStream(input, false)); + } + + /** + * Generates a certificate object and initializes it with the data + * read from the input stream inStream. + */ + public IX509AttributeCertificate ReadAttrCert( + Stream inStream) + { + if (inStream == null) + throw new ArgumentNullException("inStream"); + if (!inStream.CanRead) + throw new ArgumentException("inStream must be read-able", "inStream"); + + if (currentStream == null) + { + currentStream = inStream; + sData = null; + sDataObjectCount = 0; + } + else if (currentStream != inStream) // reset if input stream has changed + { + currentStream = inStream; + sData = null; + sDataObjectCount = 0; + } + + try + { + if (sData != null) + { + if (sDataObjectCount != sData.Count) + { + return GetCertificate(); + } + + sData = null; + sDataObjectCount = 0; + return null; + } + + int tag = inStream.ReadByte(); + if (tag < 0) + return null; + + if (inStream.CanSeek) + { + inStream.Seek(-1L, SeekOrigin.Current); + } + else + { + PushbackStream pis = new PushbackStream(inStream); + pis.Unread(tag); + inStream = pis; + } + + if (tag != 0x30) // assume ascii PEM encoded. + { + return ReadPemCertificate(inStream); + } + + return ReadDerCertificate(new Asn1InputStream(inStream)); + } + catch (Exception e) + { + throw new CertificateException(e.ToString()); + } + } + + /** + * Returns a (possibly empty) collection view of the certificates + * read from the given input stream inStream. + */ + public ICollection ReadAttrCerts( + Stream inStream) + { + IX509AttributeCertificate attrCert; + IList attrCerts = Platform.CreateArrayList(); + + while ((attrCert = ReadAttrCert(inStream)) != null) + { + attrCerts.Add(attrCert); + } + + return attrCerts; + } + } +} \ No newline at end of file diff --git a/BouncyCastle/crypto/src/x509/X509Attribute.cs b/BouncyCastle/crypto/src/x509/X509Attribute.cs new file mode 100644 index 0000000..248d66c --- /dev/null +++ b/BouncyCastle/crypto/src/x509/X509Attribute.cs @@ -0,0 +1,76 @@ +using System; + +using Org.BouncyCastle.Asn1; +using Org.BouncyCastle.Asn1.X509; + +namespace Org.BouncyCastle.X509 +{ + /** + * Class for carrying the values in an X.509 Attribute. + */ + public class X509Attribute + : Asn1Encodable + { + private readonly AttributeX509 attr; + + /** + * @param at an object representing an attribute. + */ + internal X509Attribute( + Asn1Encodable at) + { + this.attr = AttributeX509.GetInstance(at); + } + + /** + * Create an X.509 Attribute with the type given by the passed in oid and + * the value represented by an ASN.1 Set containing value. + * + * @param oid type of the attribute + * @param value value object to go into the atribute's value set. + */ + public X509Attribute( + string oid, + Asn1Encodable value) + { + this.attr = new AttributeX509(new DerObjectIdentifier(oid), new DerSet(value)); + } + + /** + * Create an X.59 Attribute with the type given by the passed in oid and the + * value represented by an ASN.1 Set containing the objects in value. + * + * @param oid type of the attribute + * @param value vector of values to go in the attribute's value set. + */ + public X509Attribute( + string oid, + Asn1EncodableVector value) + { + this.attr = new AttributeX509(new DerObjectIdentifier(oid), new DerSet(value)); + } + + public string Oid + { + get { return attr.AttrType.Id; } + } + + public Asn1Encodable[] GetValues() + { + Asn1Set s = attr.AttrValues; + Asn1Encodable[] values = new Asn1Encodable[s.Count]; + + for (int i = 0; i != s.Count; i++) + { + values[i] = (Asn1Encodable)s[i]; + } + + return values; + } + + public override Asn1Object ToAsn1Object() + { + return attr.ToAsn1Object(); + } + } +} diff --git a/BouncyCastle/crypto/src/x509/X509CertPairParser.cs b/BouncyCastle/crypto/src/x509/X509CertPairParser.cs new file mode 100644 index 0000000..89a8a8e --- /dev/null +++ b/BouncyCastle/crypto/src/x509/X509CertPairParser.cs @@ -0,0 +1,102 @@ +using System; +using System.Collections; +using System.IO; + +using Org.BouncyCastle.Asn1; +using Org.BouncyCastle.Asn1.X509; +using Org.BouncyCastle.Security.Certificates; +using Org.BouncyCastle.Utilities; +using Org.BouncyCastle.Utilities.IO; + +namespace Org.BouncyCastle.X509 +{ + public class X509CertPairParser + { + private Stream currentStream; + + private X509CertificatePair ReadDerCrossCertificatePair( + Stream inStream) + { + Asn1InputStream dIn = new Asn1InputStream(inStream);//, ProviderUtil.getReadLimit(in)); + Asn1Sequence seq = (Asn1Sequence)dIn.ReadObject(); + CertificatePair pair = CertificatePair.GetInstance(seq); + return new X509CertificatePair(pair); + } + + /// + /// Create loading data from byte array. + /// + /// + public X509CertificatePair ReadCertPair( + byte[] input) + { + return ReadCertPair(new MemoryStream(input, false)); + } + + /// + /// Create loading data from byte array. + /// + /// + public ICollection ReadCertPairs( + byte[] input) + { + return ReadCertPairs(new MemoryStream(input, false)); + } + + public X509CertificatePair ReadCertPair( + Stream inStream) + { + if (inStream == null) + throw new ArgumentNullException("inStream"); + if (!inStream.CanRead) + throw new ArgumentException("inStream must be read-able", "inStream"); + + if (currentStream == null) + { + currentStream = inStream; + } + else if (currentStream != inStream) // reset if input stream has changed + { + currentStream = inStream; + } + + try + { + int tag = inStream.ReadByte(); + if (tag < 0) + return null; + + if (inStream.CanSeek) + { + inStream.Seek(-1L, SeekOrigin.Current); + } + else + { + PushbackStream pis = new PushbackStream(inStream); + pis.Unread(tag); + inStream = pis; + } + + return ReadDerCrossCertificatePair(inStream); + } + catch (Exception e) + { + throw new CertificateException(e.ToString()); + } + } + + public ICollection ReadCertPairs( + Stream inStream) + { + X509CertificatePair certPair; + IList certPairs = Platform.CreateArrayList(); + + while ((certPair = ReadCertPair(inStream)) != null) + { + certPairs.Add(certPair); + } + + return certPairs; + } + } +} diff --git a/BouncyCastle/crypto/src/x509/X509Certificate.cs b/BouncyCastle/crypto/src/x509/X509Certificate.cs new file mode 100644 index 0000000..985ec0a --- /dev/null +++ b/BouncyCastle/crypto/src/x509/X509Certificate.cs @@ -0,0 +1,709 @@ +using System; +using System.Collections; +using System.IO; +using System.Text; + +using Org.BouncyCastle.Asn1; +using Org.BouncyCastle.Asn1.Misc; +using Org.BouncyCastle.Asn1.Utilities; +using Org.BouncyCastle.Asn1.X509; +using Org.BouncyCastle.Crypto; +using Org.BouncyCastle.Crypto.Operators; +using Org.BouncyCastle.Math; +using Org.BouncyCastle.Security; +using Org.BouncyCastle.Security.Certificates; +using Org.BouncyCastle.Utilities; +using Org.BouncyCastle.Utilities.Encoders; +using Org.BouncyCastle.X509.Extension; + +namespace Org.BouncyCastle.X509 +{ + /// + /// An Object representing an X509 Certificate. + /// Has static methods for loading Certificates encoded in many forms that return X509Certificate Objects. + /// + public class X509Certificate + : X509ExtensionBase + // , PKCS12BagAttributeCarrier + { + private class CachedEncoding + { + private readonly byte[] encoding; + private readonly CertificateEncodingException exception; + + internal CachedEncoding(byte[] encoding, CertificateEncodingException exception) + { + this.encoding = encoding; + this.exception = exception; + } + + internal byte[] Encoding + { + get { return encoding; } + } + + internal byte[] GetEncoded() + { + if (null != exception) + throw exception; + + if (null == encoding) + throw new CertificateEncodingException(); + + return encoding; + } + } + + private readonly X509CertificateStructure c; + //private Hashtable pkcs12Attributes = Platform.CreateHashtable(); + //private ArrayList pkcs12Ordering = Platform.CreateArrayList(); + private readonly string sigAlgName; + private readonly byte[] sigAlgParams; + private readonly BasicConstraints basicConstraints; + private readonly bool[] keyUsage; + + private readonly object cacheLock = new object(); + private AsymmetricKeyParameter publicKeyValue; + private CachedEncoding cachedEncoding; + + private volatile bool hashValueSet; + private volatile int hashValue; + + protected X509Certificate() + { + } + + public X509Certificate(byte[] certData) + : this(X509CertificateStructure.GetInstance(certData)) + { + } + + public X509Certificate(X509CertificateStructure c) + { + this.c = c; + + try + { + this.sigAlgName = X509SignatureUtilities.GetSignatureName(c.SignatureAlgorithm); + + Asn1Encodable parameters = c.SignatureAlgorithm.Parameters; + this.sigAlgParams = (null == parameters) ? null : parameters.GetEncoded(Asn1Encodable.Der); + } + catch (Exception e) + { + throw new CertificateParsingException("Certificate contents invalid: " + e); + } + + try + { + Asn1OctetString str = this.GetExtensionValue(new DerObjectIdentifier("2.5.29.19")); + + if (str != null) + { + basicConstraints = BasicConstraints.GetInstance( + X509ExtensionUtilities.FromExtensionValue(str)); + } + } + catch (Exception e) + { + throw new CertificateParsingException("cannot construct BasicConstraints: " + e); + } + + try + { + Asn1OctetString str = this.GetExtensionValue(new DerObjectIdentifier("2.5.29.15")); + + if (str != null) + { + DerBitString bits = DerBitString.GetInstance( + X509ExtensionUtilities.FromExtensionValue(str)); + + byte[] bytes = bits.GetBytes(); + int length = (bytes.Length * 8) - bits.PadBits; + + keyUsage = new bool[(length < 9) ? 9 : length]; + + for (int i = 0; i != length; i++) + { + keyUsage[i] = (bytes[i / 8] & (0x80 >> (i % 8))) != 0; + } + } + else + { + keyUsage = null; + } + } + catch (Exception e) + { + throw new CertificateParsingException("cannot construct KeyUsage: " + e); + } + } + + // internal X509Certificate( + // Asn1Sequence seq) + // { + // this.c = X509CertificateStructure.GetInstance(seq); + // } + + // /// + // /// Load certificate from byte array. + // /// + // /// Byte array containing encoded X509Certificate. + // public X509Certificate( + // byte[] encoded) + // : this((Asn1Sequence) new Asn1InputStream(encoded).ReadObject()) + // { + // } + // + // /// + // /// Load certificate from Stream. + // /// Must be positioned at start of certificate. + // /// + // /// + // public X509Certificate( + // Stream input) + // : this((Asn1Sequence) new Asn1InputStream(input).ReadObject()) + // { + // } + + public virtual X509CertificateStructure CertificateStructure + { + get { return c; } + } + + /// + /// Return true if the current time is within the start and end times nominated on the certificate. + /// + /// true id certificate is valid for the current time. + public virtual bool IsValidNow + { + get { return IsValid(DateTime.UtcNow); } + } + + /// + /// Return true if the nominated time is within the start and end times nominated on the certificate. + /// + /// The time to test validity against. + /// True if certificate is valid for nominated time. + public virtual bool IsValid( + DateTime time) + { + return time.CompareTo(NotBefore) >= 0 && time.CompareTo(NotAfter) <= 0; + } + + /// + /// Checks if the current date is within certificate's validity period. + /// + public virtual void CheckValidity() + { + this.CheckValidity(DateTime.UtcNow); + } + + /// + /// Checks if the given date is within certificate's validity period. + /// + /// if the certificate is expired by given date + /// if the certificate is not yet valid on given date + public virtual void CheckValidity( + DateTime time) + { + if (time.CompareTo(NotAfter) > 0) + throw new CertificateExpiredException("certificate expired on " + c.EndDate.GetTime()); + if (time.CompareTo(NotBefore) < 0) + throw new CertificateNotYetValidException("certificate not valid until " + c.StartDate.GetTime()); + } + + /// + /// Return the certificate's version. + /// + /// An integer whose value Equals the version of the cerficate. + public virtual int Version + { + get { return c.Version; } + } + + /// + /// Return a BigInteger containing the serial number. + /// + /// The Serial number. + public virtual BigInteger SerialNumber + { + get { return c.SerialNumber.Value; } + } + + /// + /// Get the Issuer Distinguished Name. (Who signed the certificate.) + /// + /// And X509Object containing name and value pairs. + // public IPrincipal IssuerDN + public virtual X509Name IssuerDN + { + get { return c.Issuer; } + } + + /// + /// Get the subject of this certificate. + /// + /// An X509Name object containing name and value pairs. + // public IPrincipal SubjectDN + public virtual X509Name SubjectDN + { + get { return c.Subject; } + } + + /// + /// The time that this certificate is valid from. + /// + /// A DateTime object representing that time in the local time zone. + public virtual DateTime NotBefore + { + get { return c.StartDate.ToDateTime(); } + } + + /// + /// The time that this certificate is valid up to. + /// + /// A DateTime object representing that time in the local time zone. + public virtual DateTime NotAfter + { + get { return c.EndDate.ToDateTime(); } + } + + /// + /// Return the Der encoded TbsCertificate data. + /// This is the certificate component less the signature. + /// To Get the whole certificate call the GetEncoded() member. + /// + /// A byte array containing the Der encoded Certificate component. + public virtual byte[] GetTbsCertificate() + { + return c.TbsCertificate.GetDerEncoded(); + } + + /// + /// The signature. + /// + /// A byte array containg the signature of the certificate. + public virtual byte[] GetSignature() + { + return c.GetSignatureOctets(); + } + + /// + /// A meaningful version of the Signature Algorithm. (EG SHA1WITHRSA) + /// + /// A sting representing the signature algorithm. + public virtual string SigAlgName + { + get { return sigAlgName; } + } + + /// + /// Get the Signature Algorithms Object ID. + /// + /// A string containg a '.' separated object id. + public virtual string SigAlgOid + { + get { return c.SignatureAlgorithm.Algorithm.Id; } + } + + /// + /// Get the signature algorithms parameters. (EG DSA Parameters) + /// + /// A byte array containing the Der encoded version of the parameters or null if there are none. + public virtual byte[] GetSigAlgParams() + { + return Arrays.Clone(sigAlgParams); + } + + /// + /// Get the issuers UID. + /// + /// A DerBitString. + public virtual DerBitString IssuerUniqueID + { + get { return c.TbsCertificate.IssuerUniqueID; } + } + + /// + /// Get the subjects UID. + /// + /// A DerBitString. + public virtual DerBitString SubjectUniqueID + { + get { return c.TbsCertificate.SubjectUniqueID; } + } + + /// + /// Get a key usage guidlines. + /// + public virtual bool[] GetKeyUsage() + { + return Arrays.Clone(keyUsage); + } + + // TODO Replace with something that returns a list of DerObjectIdentifier + public virtual IList GetExtendedKeyUsage() + { + Asn1OctetString str = this.GetExtensionValue(new DerObjectIdentifier("2.5.29.37")); + + if (str == null) + return null; + + try + { + Asn1Sequence seq = Asn1Sequence.GetInstance( + X509ExtensionUtilities.FromExtensionValue(str)); + + IList list = Platform.CreateArrayList(); + + foreach (DerObjectIdentifier oid in seq) + { + list.Add(oid.Id); + } + + return list; + } + catch (Exception e) + { + throw new CertificateParsingException("error processing extended key usage extension", e); + } + } + + public virtual int GetBasicConstraints() + { + if (basicConstraints != null && basicConstraints.IsCA()) + { + if (basicConstraints.PathLenConstraint == null) + { + return int.MaxValue; + } + + return basicConstraints.PathLenConstraint.IntValue; + } + + return -1; + } + + public virtual ICollection GetSubjectAlternativeNames() + { + return GetAlternativeNames("2.5.29.17"); + } + + public virtual ICollection GetIssuerAlternativeNames() + { + return GetAlternativeNames("2.5.29.18"); + } + + protected virtual ICollection GetAlternativeNames( + string oid) + { + Asn1OctetString altNames = GetExtensionValue(new DerObjectIdentifier(oid)); + + if (altNames == null) + return null; + + Asn1Object asn1Object = X509ExtensionUtilities.FromExtensionValue(altNames); + + GeneralNames gns = GeneralNames.GetInstance(asn1Object); + + IList result = Platform.CreateArrayList(); + foreach (GeneralName gn in gns.GetNames()) + { + IList entry = Platform.CreateArrayList(); + entry.Add(gn.TagNo); + entry.Add(gn.Name.ToString()); + result.Add(entry); + } + return result; + } + + protected override X509Extensions GetX509Extensions() + { + return c.Version >= 3 + ? c.TbsCertificate.Extensions + : null; + } + + /// + /// Get the public key of the subject of the certificate. + /// + /// The public key parameters. + public virtual AsymmetricKeyParameter GetPublicKey() + { + // Cache the public key to support repeated-use optimizations + lock (cacheLock) + { + if (null != publicKeyValue) + return publicKeyValue; + } + + AsymmetricKeyParameter temp = PublicKeyFactory.CreateKey(c.SubjectPublicKeyInfo); + + lock (cacheLock) + { + if (null == publicKeyValue) + { + publicKeyValue = temp; + } + + return publicKeyValue; + } + } + + /// + /// Return the DER encoding of this certificate. + /// + /// A byte array containing the DER encoding of this certificate. + /// If there is an error encoding the certificate. + public virtual byte[] GetEncoded() + { + return Arrays.Clone(GetCachedEncoding().GetEncoded()); + } + + public override bool Equals(object other) + { + if (this == other) + return true; + + X509Certificate that = other as X509Certificate; + if (null == that) + return false; + + if (this.hashValueSet && that.hashValueSet) + { + if (this.hashValue != that.hashValue) + return false; + } + else if (null == this.cachedEncoding || null == that.cachedEncoding) + { + DerBitString signature = c.Signature; + if (null != signature && !signature.Equals(that.c.Signature)) + return false; + } + + byte[] thisEncoding = this.GetCachedEncoding().Encoding; + byte[] thatEncoding = that.GetCachedEncoding().Encoding; + + return null != thisEncoding + && null != thatEncoding + && Arrays.AreEqual(thisEncoding, thatEncoding); + } + + public override int GetHashCode() + { + if (!hashValueSet) + { + byte[] thisEncoding = this.GetCachedEncoding().Encoding; + + hashValue = Arrays.GetHashCode(thisEncoding); + hashValueSet = true; + } + + return hashValue; + } + + // public void setBagAttribute( + // DERObjectIdentifier oid, + // DEREncodable attribute) + // { + // pkcs12Attributes.put(oid, attribute); + // pkcs12Ordering.addElement(oid); + // } + // + // public DEREncodable getBagAttribute( + // DERObjectIdentifier oid) + // { + // return (DEREncodable)pkcs12Attributes.get(oid); + // } + // + // public Enumeration getBagAttributeKeys() + // { + // return pkcs12Ordering.elements(); + // } + + public override string ToString() + { + StringBuilder buf = new StringBuilder(); + string nl = Platform.NewLine; + + buf.Append(" [0] Version: ").Append(this.Version).Append(nl); + buf.Append(" SerialNumber: ").Append(this.SerialNumber).Append(nl); + buf.Append(" IssuerDN: ").Append(this.IssuerDN).Append(nl); + buf.Append(" Start Date: ").Append(this.NotBefore).Append(nl); + buf.Append(" Final Date: ").Append(this.NotAfter).Append(nl); + buf.Append(" SubjectDN: ").Append(this.SubjectDN).Append(nl); + buf.Append(" Public Key: ").Append(this.GetPublicKey()).Append(nl); + buf.Append(" Signature Algorithm: ").Append(this.SigAlgName).Append(nl); + + byte[] sig = this.GetSignature(); + buf.Append(" Signature: ").Append(Hex.ToHexString(sig, 0, 20)).Append(nl); + + for (int i = 20; i < sig.Length; i += 20) + { + int len = System.Math.Min(20, sig.Length - i); + buf.Append(" ").Append(Hex.ToHexString(sig, i, len)).Append(nl); + } + + X509Extensions extensions = c.TbsCertificate.Extensions; + + if (extensions != null) + { + IEnumerator e = extensions.ExtensionOids.GetEnumerator(); + + if (e.MoveNext()) + { + buf.Append(" Extensions: \n"); + } + + do + { + DerObjectIdentifier oid = (DerObjectIdentifier)e.Current; + X509Extension ext = extensions.GetExtension(oid); + + if (ext.Value != null) + { + Asn1Object obj = X509ExtensionUtilities.FromExtensionValue(ext.Value); + + buf.Append(" critical(").Append(ext.IsCritical).Append(") "); + try + { + if (oid.Equals(X509Extensions.BasicConstraints)) + { + buf.Append(BasicConstraints.GetInstance(obj)); + } + else if (oid.Equals(X509Extensions.KeyUsage)) + { + buf.Append(KeyUsage.GetInstance(obj)); + } + else if (oid.Equals(MiscObjectIdentifiers.NetscapeCertType)) + { + buf.Append(new NetscapeCertType((DerBitString)obj)); + } + else if (oid.Equals(MiscObjectIdentifiers.NetscapeRevocationUrl)) + { + buf.Append(new NetscapeRevocationUrl((DerIA5String)obj)); + } + else if (oid.Equals(MiscObjectIdentifiers.VerisignCzagExtension)) + { + buf.Append(new VerisignCzagExtension((DerIA5String)obj)); + } + else + { + buf.Append(oid.Id); + buf.Append(" value = ").Append(Asn1Dump.DumpAsString(obj)); + //buf.Append(" value = ").Append("*****").Append(nl); + } + } + catch (Exception) + { + buf.Append(oid.Id); + //buf.Append(" value = ").Append(new string(Hex.encode(ext.getValue().getOctets()))).Append(nl); + buf.Append(" value = ").Append("*****"); + } + } + + buf.Append(nl); + } + while (e.MoveNext()); + } + + return buf.ToString(); + } + + /// + /// Verify the certificate's signature using the nominated public key. + /// + /// An appropriate public key parameter object, RsaPublicKeyParameters, DsaPublicKeyParameters or ECDsaPublicKeyParameters + /// True if the signature is valid. + /// If key submitted is not of the above nominated types. + public virtual void Verify( + AsymmetricKeyParameter key) + { + CheckSignature(new Asn1VerifierFactory(c.SignatureAlgorithm, key)); + } + + /// + /// Verify the certificate's signature using a verifier created using the passed in verifier provider. + /// + /// An appropriate provider for verifying the certificate's signature. + /// True if the signature is valid. + /// If verifier provider is not appropriate or the certificate algorithm is invalid. + public virtual void Verify( + IVerifierFactoryProvider verifierProvider) + { + CheckSignature(verifierProvider.CreateVerifierFactory(c.SignatureAlgorithm)); + } + + protected virtual void CheckSignature( + IVerifierFactory verifier) + { + if (!IsAlgIDEqual(c.SignatureAlgorithm, c.TbsCertificate.Signature)) + throw new CertificateException("signature algorithm in TBS cert not same as outer cert"); + + Asn1Encodable parameters = c.SignatureAlgorithm.Parameters; + + IStreamCalculator streamCalculator = verifier.CreateCalculator(); + + byte[] b = this.GetTbsCertificate(); + + streamCalculator.Stream.Write(b, 0, b.Length); + + Platform.Dispose(streamCalculator.Stream); + + if (!((IVerifier)streamCalculator.GetResult()).IsVerified(this.GetSignature())) + { + throw new InvalidKeyException("Public key presented not for certificate signature"); + } + } + + private CachedEncoding GetCachedEncoding() + { + lock (cacheLock) + { + if (null != cachedEncoding) + return cachedEncoding; + } + + byte[] encoding = null; + CertificateEncodingException exception = null; + try + { + encoding = c.GetEncoded(Asn1Encodable.Der); + } + catch (IOException e) + { + exception = new CertificateEncodingException("Failed to DER-encode certificate", e); + } + + CachedEncoding temp = new CachedEncoding(encoding, exception); + + lock (cacheLock) + { + if (null == cachedEncoding) + { + cachedEncoding = temp; + } + + return cachedEncoding; + } + } + + private static bool IsAlgIDEqual(AlgorithmIdentifier id1, AlgorithmIdentifier id2) + { + if (!id1.Algorithm.Equals(id2.Algorithm)) + return false; + + Asn1Encodable p1 = id1.Parameters; + Asn1Encodable p2 = id2.Parameters; + + if ((p1 == null) == (p2 == null)) + return Platform.Equals(p1, p2); + + // Exactly one of p1, p2 is null at this point + return p1 == null + ? p2.ToAsn1Object() is Asn1Null + : p1.ToAsn1Object() is Asn1Null; + } + } +} \ No newline at end of file diff --git a/BouncyCastle/crypto/src/x509/X509CertificatePair.cs b/BouncyCastle/crypto/src/x509/X509CertificatePair.cs new file mode 100644 index 0000000..fbeba4d --- /dev/null +++ b/BouncyCastle/crypto/src/x509/X509CertificatePair.cs @@ -0,0 +1,123 @@ +using System; + +using Org.BouncyCastle.Asn1; +using Org.BouncyCastle.Asn1.X509; +using Org.BouncyCastle.Security.Certificates; +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.X509 +{ + /// + /// This class contains a cross certificate pair. Cross certificates pairs may + /// contain two cross signed certificates from two CAs. A certificate from the + /// other CA to this CA is contained in the forward certificate, the certificate + /// from this CA to the other CA is contained in the reverse certificate. + /// + public class X509CertificatePair + { + private readonly X509Certificate forward; + private readonly X509Certificate reverse; + + /// Constructor + /// Certificate from the other CA to this CA. + /// Certificate from this CA to the other CA. + public X509CertificatePair( + X509Certificate forward, + X509Certificate reverse) + { + this.forward = forward; + this.reverse = reverse; + } + + /// Constructor from a ASN.1 CertificatePair structure. + /// The CertificatePair ASN.1 object. + public X509CertificatePair( + CertificatePair pair) + { + if (pair.Forward != null) + { + this.forward = new X509Certificate(pair.Forward); + } + if (pair.Reverse != null) + { + this.reverse = new X509Certificate(pair.Reverse); + } + } + + public byte[] GetEncoded() + { + try + { + X509CertificateStructure f = null, r = null; + + if (forward != null) + { + f = X509CertificateStructure.GetInstance( + Asn1Object.FromByteArray(forward.GetEncoded())); + + if (f == null) + throw new CertificateEncodingException("unable to get encoding for forward"); + } + + if (reverse != null) + { + r = X509CertificateStructure.GetInstance( + Asn1Object.FromByteArray(reverse.GetEncoded())); + + if (r == null) + throw new CertificateEncodingException("unable to get encoding for reverse"); + } + + return new CertificatePair(f, r).GetDerEncoded(); + } + catch (Exception e) + { + // TODO +// throw new ExtCertificateEncodingException(e.toString(), e); + throw new CertificateEncodingException(e.Message, e); + } + } + + /// Returns the certificate from the other CA to this CA. + public X509Certificate Forward + { + get { return forward; } + } + + /// Returns the certificate from this CA to the other CA. + public X509Certificate Reverse + { + get { return reverse; } + } + + public override bool Equals( + object obj) + { + if (obj == this) + return true; + + X509CertificatePair other = obj as X509CertificatePair; + + if (other == null) + return false; + + return Platform.Equals(this.forward, other.forward) + && Platform.Equals(this.reverse, other.reverse); + } + + public override int GetHashCode() + { + int hash = -1; + if (forward != null) + { + hash ^= forward.GetHashCode(); + } + if (reverse != null) + { + hash *= 17; + hash ^= reverse.GetHashCode(); + } + return hash; + } + } +} diff --git a/BouncyCastle/crypto/src/x509/X509CertificateParser.cs b/BouncyCastle/crypto/src/x509/X509CertificateParser.cs new file mode 100644 index 0000000..ceab311 --- /dev/null +++ b/BouncyCastle/crypto/src/x509/X509CertificateParser.cs @@ -0,0 +1,188 @@ +using System; +using System.Collections; +using System.IO; + +using Org.BouncyCastle.Asn1; +using Org.BouncyCastle.Asn1.Pkcs; +using Org.BouncyCastle.Asn1.X509; +using Org.BouncyCastle.Security.Certificates; +using Org.BouncyCastle.Utilities; +using Org.BouncyCastle.Utilities.IO; + +namespace Org.BouncyCastle.X509 +{ + /** + * class for dealing with X509 certificates. + *

    + * At the moment this will deal with "-----BEGIN CERTIFICATE-----" to "-----END CERTIFICATE-----" + * base 64 encoded certs, as well as the BER binaries of certificates and some classes of PKCS#7 + * objects.

    + */ + public class X509CertificateParser + { + private static readonly PemParser PemCertParser = new PemParser("CERTIFICATE"); + + private Asn1Set sData; + private int sDataObjectCount; + private Stream currentStream; + + private X509Certificate ReadDerCertificate( + Asn1InputStream dIn) + { + Asn1Sequence seq = (Asn1Sequence)dIn.ReadObject(); + + if (seq.Count > 1 && seq[0] is DerObjectIdentifier) + { + if (seq[0].Equals(PkcsObjectIdentifiers.SignedData)) + { + sData = SignedData.GetInstance( + Asn1Sequence.GetInstance((Asn1TaggedObject) seq[1], true)).Certificates; + + return GetCertificate(); + } + } + + return CreateX509Certificate(X509CertificateStructure.GetInstance(seq)); + } + + private X509Certificate GetCertificate() + { + if (sData != null) + { + while (sDataObjectCount < sData.Count) + { + object obj = sData[sDataObjectCount++]; + + if (obj is Asn1Sequence) + { + return CreateX509Certificate( + X509CertificateStructure.GetInstance(obj)); + } + } + } + + return null; + } + + private X509Certificate ReadPemCertificate( + Stream inStream) + { + Asn1Sequence seq = PemCertParser.ReadPemObject(inStream); + + return seq == null + ? null + : CreateX509Certificate(X509CertificateStructure.GetInstance(seq)); + } + + protected virtual X509Certificate CreateX509Certificate( + X509CertificateStructure c) + { + return new X509Certificate(c); + } + + /// + /// Create loading data from byte array. + /// + /// + public X509Certificate ReadCertificate( + byte[] input) + { + return ReadCertificate(new MemoryStream(input, false)); + } + + /// + /// Create loading data from byte array. + /// + /// + public ICollection ReadCertificates( + byte[] input) + { + return ReadCertificates(new MemoryStream(input, false)); + } + + /** + * Generates a certificate object and initializes it with the data + * read from the input stream inStream. + */ + public X509Certificate ReadCertificate( + Stream inStream) + { + if (inStream == null) + throw new ArgumentNullException("inStream"); + if (!inStream.CanRead) + throw new ArgumentException("inStream must be read-able", "inStream"); + + if (currentStream == null) + { + currentStream = inStream; + sData = null; + sDataObjectCount = 0; + } + else if (currentStream != inStream) // reset if input stream has changed + { + currentStream = inStream; + sData = null; + sDataObjectCount = 0; + } + + try + { + if (sData != null) + { + if (sDataObjectCount != sData.Count) + { + return GetCertificate(); + } + + sData = null; + sDataObjectCount = 0; + return null; + } + + int tag = inStream.ReadByte(); + if (tag < 0) + return null; + + if (inStream.CanSeek) + { + inStream.Seek(-1L, SeekOrigin.Current); + } + else + { + PushbackStream pis = new PushbackStream(inStream); + pis.Unread(tag); + inStream = pis; + } + + if (tag != 0x30) // assume ascii PEM encoded. + { + return ReadPemCertificate(inStream); + } + + return ReadDerCertificate(new Asn1InputStream(inStream)); + } + catch (Exception e) + { + throw new CertificateException("Failed to read certificate", e); + } + } + + /** + * Returns a (possibly empty) collection view of the certificates + * read from the given input stream inStream. + */ + public ICollection ReadCertificates( + Stream inStream) + { + X509Certificate cert; + IList certs = Platform.CreateArrayList(); + + while ((cert = ReadCertificate(inStream)) != null) + { + certs.Add(cert); + } + + return certs; + } + } +} diff --git a/BouncyCastle/crypto/src/x509/X509Crl.cs b/BouncyCastle/crypto/src/x509/X509Crl.cs new file mode 100644 index 0000000..9acebf2 --- /dev/null +++ b/BouncyCastle/crypto/src/x509/X509Crl.cs @@ -0,0 +1,511 @@ +using System; +using System.Collections; +using System.IO; +using System.Text; + +using Org.BouncyCastle.Asn1; +using Org.BouncyCastle.Asn1.Utilities; +using Org.BouncyCastle.Asn1.X509; +using Org.BouncyCastle.Crypto; +using Org.BouncyCastle.Crypto.Operators; +using Org.BouncyCastle.Math; +using Org.BouncyCastle.Security; +using Org.BouncyCastle.Security.Certificates; +using Org.BouncyCastle.Utilities; +using Org.BouncyCastle.Utilities.Collections; +using Org.BouncyCastle.Utilities.Date; +using Org.BouncyCastle.Utilities.Encoders; +using Org.BouncyCastle.X509.Extension; + +namespace Org.BouncyCastle.X509 +{ + /** + * The following extensions are listed in RFC 2459 as relevant to CRLs + * + * Authority Key Identifier + * Issuer Alternative Name + * CRL Number + * Delta CRL Indicator (critical) + * Issuing Distribution Point (critical) + */ + public class X509Crl + : X509ExtensionBase + // TODO Add interface Crl? + { + private class CachedEncoding + { + private readonly byte[] encoding; + private readonly CrlException exception; + + internal CachedEncoding(byte[] encoding, CrlException exception) + { + this.encoding = encoding; + this.exception = exception; + } + + internal byte[] Encoding + { + get { return encoding; } + } + + internal byte[] GetEncoded() + { + if (null != exception) + throw exception; + + if (null == encoding) + throw new CrlException(); + + return encoding; + } + } + + private readonly CertificateList c; + private readonly string sigAlgName; + private readonly byte[] sigAlgParams; + private readonly bool isIndirect; + + private readonly object cacheLock = new object(); + private CachedEncoding cachedEncoding; + + private volatile bool hashValueSet; + private volatile int hashValue; + + public X509Crl(byte[] encoding) + : this(CertificateList.GetInstance(encoding)) + { + } + + public X509Crl(CertificateList c) + { + this.c = c; + + try + { + this.sigAlgName = X509SignatureUtilities.GetSignatureName(c.SignatureAlgorithm); + + Asn1Encodable parameters = c.SignatureAlgorithm.Parameters; + this.sigAlgParams = (null == parameters) ? null : parameters.GetEncoded(Asn1Encodable.Der); + + this.isIndirect = IsIndirectCrl; + } + catch (Exception e) + { + throw new CrlException("CRL contents invalid: " + e); + } + } + + public virtual CertificateList CertificateList + { + get { return c; } + } + + protected override X509Extensions GetX509Extensions() + { + return c.Version >= 2 + ? c.TbsCertList.Extensions + : null; + } + + public virtual void Verify( + AsymmetricKeyParameter publicKey) + { + Verify(new Asn1VerifierFactoryProvider(publicKey)); + } + + /// + /// Verify the CRL's signature using a verifier created using the passed in verifier provider. + /// + /// An appropriate provider for verifying the CRL's signature. + /// True if the signature is valid. + /// If verifier provider is not appropriate or the CRL algorithm is invalid. + public virtual void Verify( + IVerifierFactoryProvider verifierProvider) + { + CheckSignature(verifierProvider.CreateVerifierFactory(c.SignatureAlgorithm)); + } + + protected virtual void CheckSignature( + IVerifierFactory verifier) + { + if (!c.SignatureAlgorithm.Equals(c.TbsCertList.Signature)) + { + throw new CrlException("Signature algorithm on CertificateList does not match TbsCertList."); + } + + Asn1Encodable parameters = c.SignatureAlgorithm.Parameters; + + IStreamCalculator streamCalculator = verifier.CreateCalculator(); + + byte[] b = this.GetTbsCertList(); + + streamCalculator.Stream.Write(b, 0, b.Length); + + Platform.Dispose(streamCalculator.Stream); + + if (!((IVerifier)streamCalculator.GetResult()).IsVerified(this.GetSignature())) + { + throw new InvalidKeyException("CRL does not verify with supplied public key."); + } + } + + public virtual int Version + { + get { return c.Version; } + } + + public virtual X509Name IssuerDN + { + get { return c.Issuer; } + } + + public virtual DateTime ThisUpdate + { + get { return c.ThisUpdate.ToDateTime(); } + } + + public virtual DateTimeObject NextUpdate + { + get + { + return c.NextUpdate == null + ? null + : new DateTimeObject(c.NextUpdate.ToDateTime()); + } + } + + private ISet LoadCrlEntries() + { + ISet entrySet = new HashSet(); + IEnumerable certs = c.GetRevokedCertificateEnumeration(); + + X509Name previousCertificateIssuer = IssuerDN; + foreach (CrlEntry entry in certs) + { + X509CrlEntry crlEntry = new X509CrlEntry(entry, isIndirect, previousCertificateIssuer); + entrySet.Add(crlEntry); + previousCertificateIssuer = crlEntry.GetCertificateIssuer(); + } + + return entrySet; + } + + public virtual X509CrlEntry GetRevokedCertificate( + BigInteger serialNumber) + { + IEnumerable certs = c.GetRevokedCertificateEnumeration(); + + X509Name previousCertificateIssuer = IssuerDN; + foreach (CrlEntry entry in certs) + { + X509CrlEntry crlEntry = new X509CrlEntry(entry, isIndirect, previousCertificateIssuer); + + if (serialNumber.Equals(entry.UserCertificate.Value)) + { + return crlEntry; + } + + previousCertificateIssuer = crlEntry.GetCertificateIssuer(); + } + + return null; + } + + public virtual ISet GetRevokedCertificates() + { + ISet entrySet = LoadCrlEntries(); + + if (entrySet.Count > 0) + { + return entrySet; // TODO? Collections.unmodifiableSet(entrySet); + } + + return null; + } + + public virtual byte[] GetTbsCertList() + { + try + { + return c.TbsCertList.GetDerEncoded(); + } + catch (Exception e) + { + throw new CrlException(e.ToString()); + } + } + + public virtual byte[] GetSignature() + { + return c.GetSignatureOctets(); + } + + public virtual string SigAlgName + { + get { return sigAlgName; } + } + + public virtual string SigAlgOid + { + get { return c.SignatureAlgorithm.Algorithm.Id; } + } + + public virtual byte[] GetSigAlgParams() + { + return Arrays.Clone(sigAlgParams); + } + + /// + /// Return the DER encoding of this CRL. + /// + /// A byte array containing the DER encoding of this CRL. + /// If there is an error encoding the CRL. + public virtual byte[] GetEncoded() + { + return Arrays.Clone(GetCachedEncoding().GetEncoded()); + } + + public override bool Equals(object other) + { + if (this == other) + return true; + + X509Crl that = other as X509Crl; + if (null == that) + return false; + + if (this.hashValueSet && that.hashValueSet) + { + if (this.hashValue != that.hashValue) + return false; + } + else if (null == this.cachedEncoding || null == that.cachedEncoding) + { + DerBitString signature = c.Signature; + if (null != signature && !signature.Equals(that.c.Signature)) + return false; + } + + byte[] thisEncoding = this.GetCachedEncoding().Encoding; + byte[] thatEncoding = that.GetCachedEncoding().Encoding; + + return null != thisEncoding + && null != thatEncoding + && Arrays.AreEqual(thisEncoding, thatEncoding); + } + + public override int GetHashCode() + { + if (!hashValueSet) + { + byte[] thisEncoding = this.GetCachedEncoding().Encoding; + + hashValue = Arrays.GetHashCode(thisEncoding); + hashValueSet = true; + } + + return hashValue; + } + + /** + * Returns a string representation of this CRL. + * + * @return a string representation of this CRL. + */ + public override string ToString() + { + StringBuilder buf = new StringBuilder(); + string nl = Platform.NewLine; + + buf.Append(" Version: ").Append(this.Version).Append(nl); + buf.Append(" IssuerDN: ").Append(this.IssuerDN).Append(nl); + buf.Append(" This update: ").Append(this.ThisUpdate).Append(nl); + buf.Append(" Next update: ").Append(this.NextUpdate).Append(nl); + buf.Append(" Signature Algorithm: ").Append(this.SigAlgName).Append(nl); + + byte[] sig = this.GetSignature(); + + buf.Append(" Signature: "); + buf.Append(Hex.ToHexString(sig, 0, 20)).Append(nl); + + for (int i = 20; i < sig.Length; i += 20) + { + int count = System.Math.Min(20, sig.Length - i); + buf.Append(" "); + buf.Append(Hex.ToHexString(sig, i, count)).Append(nl); + } + + X509Extensions extensions = c.TbsCertList.Extensions; + + if (extensions != null) + { + IEnumerator e = extensions.ExtensionOids.GetEnumerator(); + + if (e.MoveNext()) + { + buf.Append(" Extensions: ").Append(nl); + } + + do + { + DerObjectIdentifier oid = (DerObjectIdentifier) e.Current; + X509Extension ext = extensions.GetExtension(oid); + + if (ext.Value != null) + { + Asn1Object asn1Value = X509ExtensionUtilities.FromExtensionValue(ext.Value); + + buf.Append(" critical(").Append(ext.IsCritical).Append(") "); + try + { + if (oid.Equals(X509Extensions.CrlNumber)) + { + buf.Append(new CrlNumber(DerInteger.GetInstance(asn1Value).PositiveValue)).Append(nl); + } + else if (oid.Equals(X509Extensions.DeltaCrlIndicator)) + { + buf.Append( + "Base CRL: " + + new CrlNumber(DerInteger.GetInstance( + asn1Value).PositiveValue)) + .Append(nl); + } + else if (oid.Equals(X509Extensions.IssuingDistributionPoint)) + { + buf.Append(IssuingDistributionPoint.GetInstance((Asn1Sequence) asn1Value)).Append(nl); + } + else if (oid.Equals(X509Extensions.CrlDistributionPoints)) + { + buf.Append(CrlDistPoint.GetInstance((Asn1Sequence) asn1Value)).Append(nl); + } + else if (oid.Equals(X509Extensions.FreshestCrl)) + { + buf.Append(CrlDistPoint.GetInstance((Asn1Sequence) asn1Value)).Append(nl); + } + else + { + buf.Append(oid.Id); + buf.Append(" value = ").Append( + Asn1Dump.DumpAsString(asn1Value)) + .Append(nl); + } + } + catch (Exception) + { + buf.Append(oid.Id); + buf.Append(" value = ").Append("*****").Append(nl); + } + } + else + { + buf.Append(nl); + } + } + while (e.MoveNext()); + } + + ISet certSet = GetRevokedCertificates(); + if (certSet != null) + { + foreach (X509CrlEntry entry in certSet) + { + buf.Append(entry); + buf.Append(nl); + } + } + + return buf.ToString(); + } + + /** + * Checks whether the given certificate is on this CRL. + * + * @param cert the certificate to check for. + * @return true if the given certificate is on this CRL, + * false otherwise. + */ +// public bool IsRevoked( +// Certificate cert) +// { +// if (!cert.getType().Equals("X.509")) +// { +// throw new RuntimeException("X.509 CRL used with non X.509 Cert"); +// } + public virtual bool IsRevoked( + X509Certificate cert) + { + CrlEntry[] certs = c.GetRevokedCertificates(); + + if (certs != null) + { + BigInteger serial = cert.SerialNumber; + + for (int i = 0; i < certs.Length; i++) + { + if (certs[i].UserCertificate.HasValue(serial)) + return true; + } + } + + return false; + } + + protected virtual bool IsIndirectCrl + { + get + { + Asn1OctetString idp = GetExtensionValue(X509Extensions.IssuingDistributionPoint); + bool isIndirect = false; + + try + { + if (idp != null) + { + isIndirect = IssuingDistributionPoint.GetInstance( + X509ExtensionUtilities.FromExtensionValue(idp)).IsIndirectCrl; + } + } + catch (Exception e) + { + // TODO +// throw new ExtCrlException("Exception reading IssuingDistributionPoint", e); + throw new CrlException("Exception reading IssuingDistributionPoint" + e); + } + + return isIndirect; + } + } + + private CachedEncoding GetCachedEncoding() + { + lock (cacheLock) + { + if (null != cachedEncoding) + return cachedEncoding; + } + + byte[] encoding = null; + CrlException exception = null; + try + { + encoding = c.GetEncoded(Asn1Encodable.Der); + } + catch (IOException e) + { + exception = new CrlException("Failed to DER-encode CRL", e); + } + + CachedEncoding temp = new CachedEncoding(encoding, exception); + + lock (cacheLock) + { + if (null == cachedEncoding) + { + cachedEncoding = temp; + } + + return cachedEncoding; + } + } + } +} diff --git a/BouncyCastle/crypto/src/x509/X509CrlEntry.cs b/BouncyCastle/crypto/src/x509/X509CrlEntry.cs new file mode 100644 index 0000000..9660a70 --- /dev/null +++ b/BouncyCastle/crypto/src/x509/X509CrlEntry.cs @@ -0,0 +1,232 @@ +using System; +using System.Collections; +using System.Text; + +using Org.BouncyCastle.Asn1; +using Org.BouncyCastle.Asn1.Utilities; +using Org.BouncyCastle.Asn1.X509; +using Org.BouncyCastle.Math; +using Org.BouncyCastle.Security.Certificates; +using Org.BouncyCastle.Utilities; +using Org.BouncyCastle.X509.Extension; + +namespace Org.BouncyCastle.X509 +{ + /** + * The following extensions are listed in RFC 2459 as relevant to CRL Entries + * + * ReasonCode Hode Instruction Code Invalidity Date Certificate Issuer + * (critical) + */ + public class X509CrlEntry + : X509ExtensionBase + { + private CrlEntry c; + private bool isIndirect; + private X509Name previousCertificateIssuer; + private X509Name certificateIssuer; + + private volatile bool hashValueSet; + private volatile int hashValue; + + public X509CrlEntry( + CrlEntry c) + { + this.c = c; + this.certificateIssuer = loadCertificateIssuer(); + } + + /** + * Constructor for CRLEntries of indirect CRLs. If isIndirect + * is false {@link #getCertificateIssuer()} will always + * return null, previousCertificateIssuer is + * ignored. If this isIndirect is specified and this CrlEntry + * has no certificate issuer CRL entry extension + * previousCertificateIssuer is returned by + * {@link #getCertificateIssuer()}. + * + * @param c + * TbsCertificateList.CrlEntry object. + * @param isIndirect + * true if the corresponding CRL is a indirect + * CRL. + * @param previousCertificateIssuer + * Certificate issuer of the previous CrlEntry. + */ + public X509CrlEntry( + CrlEntry c, + bool isIndirect, + X509Name previousCertificateIssuer) + { + this.c = c; + this.isIndirect = isIndirect; + this.previousCertificateIssuer = previousCertificateIssuer; + this.certificateIssuer = loadCertificateIssuer(); + } + + private X509Name loadCertificateIssuer() + { + if (!isIndirect) + { + return null; + } + + Asn1OctetString ext = GetExtensionValue(X509Extensions.CertificateIssuer); + if (ext == null) + { + return previousCertificateIssuer; + } + + try + { + GeneralName[] names = GeneralNames.GetInstance( + X509ExtensionUtilities.FromExtensionValue(ext)).GetNames(); + + for (int i = 0; i < names.Length; i++) + { + if (names[i].TagNo == GeneralName.DirectoryName) + { + return X509Name.GetInstance(names[i].Name); + } + } + } + catch (Exception) + { + } + + return null; + } + + public X509Name GetCertificateIssuer() + { + return certificateIssuer; + } + + protected override X509Extensions GetX509Extensions() + { + return c.Extensions; + } + + public byte[] GetEncoded() + { + try + { + return c.GetDerEncoded(); + } + catch (Exception e) + { + throw new CrlException(e.ToString()); + } + } + + public BigInteger SerialNumber + { + get { return c.UserCertificate.Value; } + } + + public DateTime RevocationDate + { + get { return c.RevocationDate.ToDateTime(); } + } + + public bool HasExtensions + { + get { return c.Extensions != null; } + } + + public override bool Equals(object other) + { + if (this == other) + return true; + + X509CrlEntry that = other as X509CrlEntry; + if (null == that) + return false; + + if (this.hashValueSet && that.hashValueSet) + { + if (this.hashValue != that.hashValue) + return false; + } + + return this.c.Equals(that.c); + } + + public override int GetHashCode() + { + if (!hashValueSet) + { + hashValue = this.c.GetHashCode(); + hashValueSet = true; + } + + return hashValue; + } + + public override string ToString() + { + StringBuilder buf = new StringBuilder(); + string nl = Platform.NewLine; + + buf.Append(" userCertificate: ").Append(this.SerialNumber).Append(nl); + buf.Append(" revocationDate: ").Append(this.RevocationDate).Append(nl); + buf.Append(" certificateIssuer: ").Append(this.GetCertificateIssuer()).Append(nl); + + X509Extensions extensions = c.Extensions; + + if (extensions != null) + { + IEnumerator e = extensions.ExtensionOids.GetEnumerator(); + if (e.MoveNext()) + { + buf.Append(" crlEntryExtensions:").Append(nl); + + do + { + DerObjectIdentifier oid = (DerObjectIdentifier)e.Current; + X509Extension ext = extensions.GetExtension(oid); + + if (ext.Value != null) + { + Asn1Object obj = X509ExtensionUtilities.FromExtensionValue(ext.Value); + + buf.Append(" critical(") + .Append(ext.IsCritical) + .Append(") "); + try + { + if (oid.Equals(X509Extensions.ReasonCode)) + { + buf.Append(new CrlReason(DerEnumerated.GetInstance(obj))); + } + else if (oid.Equals(X509Extensions.CertificateIssuer)) + { + buf.Append("Certificate issuer: ").Append( + GeneralNames.GetInstance((Asn1Sequence)obj)); + } + else + { + buf.Append(oid.Id); + buf.Append(" value = ").Append(Asn1Dump.DumpAsString(obj)); + } + buf.Append(nl); + } + catch (Exception) + { + buf.Append(oid.Id); + buf.Append(" value = ").Append("*****").Append(nl); + } + } + else + { + buf.Append(nl); + } + } + while (e.MoveNext()); + } + } + + return buf.ToString(); + } + } +} diff --git a/BouncyCastle/crypto/src/x509/X509CrlParser.cs b/BouncyCastle/crypto/src/x509/X509CrlParser.cs new file mode 100644 index 0000000..f0bb9f9 --- /dev/null +++ b/BouncyCastle/crypto/src/x509/X509CrlParser.cs @@ -0,0 +1,200 @@ +using System; +using System.Collections; +using System.IO; + +using Org.BouncyCastle.Asn1; +using Org.BouncyCastle.Asn1.Pkcs; +using Org.BouncyCastle.Asn1.X509; +using Org.BouncyCastle.Security.Certificates; +using Org.BouncyCastle.Utilities; +using Org.BouncyCastle.Utilities.IO; + +namespace Org.BouncyCastle.X509 +{ + public class X509CrlParser + { + private static readonly PemParser PemCrlParser = new PemParser("CRL"); + + private readonly bool lazyAsn1; + + private Asn1Set sCrlData; + private int sCrlDataObjectCount; + private Stream currentCrlStream; + + public X509CrlParser() + : this(false) + { + } + + public X509CrlParser( + bool lazyAsn1) + { + this.lazyAsn1 = lazyAsn1; + } + + private X509Crl ReadPemCrl( + Stream inStream) + { + Asn1Sequence seq = PemCrlParser.ReadPemObject(inStream); + + return seq == null + ? null + : CreateX509Crl(CertificateList.GetInstance(seq)); + } + + private X509Crl ReadDerCrl( + Asn1InputStream dIn) + { + Asn1Sequence seq = (Asn1Sequence)dIn.ReadObject(); + + if (seq.Count > 1 && seq[0] is DerObjectIdentifier) + { + if (seq[0].Equals(PkcsObjectIdentifiers.SignedData)) + { + sCrlData = SignedData.GetInstance( + Asn1Sequence.GetInstance((Asn1TaggedObject) seq[1], true)).Crls; + + return GetCrl(); + } + } + + return CreateX509Crl(CertificateList.GetInstance(seq)); + } + + private X509Crl GetCrl() + { + if (sCrlData == null || sCrlDataObjectCount >= sCrlData.Count) + { + return null; + } + + return CreateX509Crl( + CertificateList.GetInstance( + sCrlData[sCrlDataObjectCount++])); + } + + protected virtual X509Crl CreateX509Crl( + CertificateList c) + { + return new X509Crl(c); + } + + /// + /// Create loading data from byte array. + /// + /// + public X509Crl ReadCrl( + byte[] input) + { + return ReadCrl(new MemoryStream(input, false)); + } + + /// + /// Create loading data from byte array. + /// + /// + public ICollection ReadCrls( + byte[] input) + { + return ReadCrls(new MemoryStream(input, false)); + } + + /** + * Generates a certificate revocation list (CRL) object and initializes + * it with the data read from the input stream inStream. + */ + public X509Crl ReadCrl( + Stream inStream) + { + if (inStream == null) + throw new ArgumentNullException("inStream"); + if (!inStream.CanRead) + throw new ArgumentException("inStream must be read-able", "inStream"); + + if (currentCrlStream == null) + { + currentCrlStream = inStream; + sCrlData = null; + sCrlDataObjectCount = 0; + } + else if (currentCrlStream != inStream) // reset if input stream has changed + { + currentCrlStream = inStream; + sCrlData = null; + sCrlDataObjectCount = 0; + } + + try + { + if (sCrlData != null) + { + if (sCrlDataObjectCount != sCrlData.Count) + { + return GetCrl(); + } + + sCrlData = null; + sCrlDataObjectCount = 0; + return null; + } + + int tag = inStream.ReadByte(); + if (tag < 0) + return null; + + if (inStream.CanSeek) + { + inStream.Seek(-1L, SeekOrigin.Current); + } + else + { + PushbackStream pis = new PushbackStream(inStream); + pis.Unread(tag); + inStream = pis; + } + + if (tag != 0x30) // assume ascii PEM encoded. + { + return ReadPemCrl(inStream); + } + + Asn1InputStream asn1 = lazyAsn1 + ? new LazyAsn1InputStream(inStream) + : new Asn1InputStream(inStream); + + return ReadDerCrl(asn1); + } + catch (CrlException e) + { + throw e; + } + catch (Exception e) + { + throw new CrlException(e.ToString()); + } + } + + /** + * Returns a (possibly empty) collection view of the CRLs read from + * the given input stream inStream. + * + * The inStream may contain a sequence of DER-encoded CRLs, or + * a PKCS#7 CRL set. This is a PKCS#7 SignedData object, with the + * only significant field being crls. In particular the signature + * and the contents are ignored. + */ + public ICollection ReadCrls( + Stream inStream) + { + X509Crl crl; + IList crls = Platform.CreateArrayList(); + + while ((crl = ReadCrl(inStream)) != null) + { + crls.Add(crl); + } + + return crls; + } + } +} diff --git a/BouncyCastle/crypto/src/x509/X509ExtensionBase.cs b/BouncyCastle/crypto/src/x509/X509ExtensionBase.cs new file mode 100644 index 0000000..aaf6695 --- /dev/null +++ b/BouncyCastle/crypto/src/x509/X509ExtensionBase.cs @@ -0,0 +1,82 @@ +using System; + +using Org.BouncyCastle.Asn1; +using Org.BouncyCastle.Asn1.X509; +using Org.BouncyCastle.Utilities.Collections; + +namespace Org.BouncyCastle.X509 +{ + public abstract class X509ExtensionBase + : IX509Extension + { + protected abstract X509Extensions GetX509Extensions(); + + protected virtual ISet GetExtensionOids( + bool critical) + { + X509Extensions extensions = GetX509Extensions(); + if (extensions != null) + { + HashSet set = new HashSet(); + foreach (DerObjectIdentifier oid in extensions.ExtensionOids) + { + X509Extension ext = extensions.GetExtension(oid); + if (ext.IsCritical == critical) + { + set.Add(oid.Id); + } + } + + return set; + } + + return null; + } + + /// + /// Get non critical extensions. + /// + /// A set of non critical extension oids. + public virtual ISet GetNonCriticalExtensionOids() + { + return GetExtensionOids(false); + } + + /// + /// Get any critical extensions. + /// + /// A sorted list of critical entension. + public virtual ISet GetCriticalExtensionOids() + { + return GetExtensionOids(true); + } + + /// + /// Get the value of a given extension. + /// + /// The object ID of the extension. + /// An Asn1OctetString object if that extension is found or null if not. + [Obsolete("Use version taking a DerObjectIdentifier instead")] + public Asn1OctetString GetExtensionValue( + string oid) + { + return GetExtensionValue(new DerObjectIdentifier(oid)); + } + + public virtual Asn1OctetString GetExtensionValue( + DerObjectIdentifier oid) + { + X509Extensions exts = GetX509Extensions(); + if (exts != null) + { + X509Extension ext = exts.GetExtension(oid); + if (ext != null) + { + return ext.Value; + } + } + + return null; + } + } +} diff --git a/BouncyCastle/crypto/src/x509/X509KeyUsage.cs b/BouncyCastle/crypto/src/x509/X509KeyUsage.cs new file mode 100644 index 0000000..e0a7b49 --- /dev/null +++ b/BouncyCastle/crypto/src/x509/X509KeyUsage.cs @@ -0,0 +1,59 @@ +using System; + +using Org.BouncyCastle.Asn1; +using Org.BouncyCastle.Asn1.X509; + +namespace Org.BouncyCastle.X509 +{ + /** + * A holding class for constructing an X509 Key Usage extension. + * + * 
    +	 *    id-ce-keyUsage OBJECT IDENTIFIER ::=  { id-ce 15 }
+	 *
+	 *    KeyUsage ::= BIT STRING {
+	 *         digitalSignature        (0),
+	 *         nonRepudiation          (1),
+	 *         keyEncipherment         (2),
+	 *         dataEncipherment        (3),
+	 *         keyAgreement            (4),
+	 *         keyCertSign             (5),
+	 *         cRLSign                 (6),
+	 *         encipherOnly            (7),
+	 *         decipherOnly            (8) }
+	 *
    + */ + public class X509KeyUsage + : Asn1Encodable + { + public const int DigitalSignature = 1 << 7; + public const int NonRepudiation = 1 << 6; + public const int KeyEncipherment = 1 << 5; + public const int DataEncipherment = 1 << 4; + public const int KeyAgreement = 1 << 3; + public const int KeyCertSign = 1 << 2; + public const int CrlSign = 1 << 1; + public const int EncipherOnly = 1 << 0; + public const int DecipherOnly = 1 << 15; + + private readonly int usage; + + /** + * Basic constructor. + * + * @param usage - the bitwise OR of the Key Usage flags giving the + * allowed uses for the key. + * e.g. (X509KeyUsage.keyEncipherment | X509KeyUsage.dataEncipherment) + */ + public X509KeyUsage( + int usage) + { + this.usage = usage; + } + + public override Asn1Object ToAsn1Object() + { + return new KeyUsage(usage); + } + } +} diff --git a/BouncyCastle/crypto/src/x509/X509SignatureUtil.cs b/BouncyCastle/crypto/src/x509/X509SignatureUtil.cs new file mode 100644 index 0000000..6a6c0cf --- /dev/null +++ b/BouncyCastle/crypto/src/x509/X509SignatureUtil.cs @@ -0,0 +1,135 @@ +using System; + +using Org.BouncyCastle.Asn1; +using Org.BouncyCastle.Asn1.CryptoPro; +using Org.BouncyCastle.Asn1.Nist; +using Org.BouncyCastle.Asn1.Oiw; +using Org.BouncyCastle.Asn1.Pkcs; +using Org.BouncyCastle.Asn1.TeleTrust; +using Org.BouncyCastle.Asn1.X509; +using Org.BouncyCastle.Asn1.X9; +using Org.BouncyCastle.Crypto; +using Org.BouncyCastle.Security; + +namespace Org.BouncyCastle.X509 +{ + internal class X509SignatureUtilities + { + private static readonly Asn1Null derNull = DerNull.Instance; + + internal static void SetSignatureParameters( + ISigner signature, + Asn1Encodable parameters) + { + if (parameters != null && !derNull.Equals(parameters)) + { + // TODO Put back in +// AlgorithmParameters sigParams = AlgorithmParameters.GetInstance(signature.getAlgorithm()); +// +// try +// { +// sigParams.Init(parameters.ToAsn1Object().GetDerEncoded()); +// } +// catch (IOException e) +// { +// throw new SignatureException("IOException decoding parameters: " + e.Message); +// } +// +// if (Platform.EndsWith(signature.getAlgorithm(), "MGF1")) +// { +// try +// { +// signature.setParameter(sigParams.getParameterSpec(PSSParameterSpec.class)); +// } +// catch (GeneralSecurityException e) +// { +// throw new SignatureException("Exception extracting parameters: " + e.Message); +// } +// } + } + } + + internal static string GetSignatureName( + AlgorithmIdentifier sigAlgId) + { + Asn1Encodable parameters = sigAlgId.Parameters; + + if (parameters != null && !derNull.Equals(parameters)) + { + if (sigAlgId.Algorithm.Equals(PkcsObjectIdentifiers.IdRsassaPss)) + { + RsassaPssParameters rsaParams = RsassaPssParameters.GetInstance(parameters); + + return GetDigestAlgName(rsaParams.HashAlgorithm.Algorithm) + "withRSAandMGF1"; + } + if (sigAlgId.Algorithm.Equals(X9ObjectIdentifiers.ECDsaWithSha2)) + { + Asn1Sequence ecDsaParams = Asn1Sequence.GetInstance(parameters); + + return GetDigestAlgName((DerObjectIdentifier)ecDsaParams[0]) + "withECDSA"; + } + } + + string sigName = SignerUtilities.GetEncodingName(sigAlgId.Algorithm); + if (null != sigName) + { + return sigName; + } + + return sigAlgId.Algorithm.Id; + } + + /** + * Return the digest algorithm using one of the standard JCA string + * representations rather than the algorithm identifier (if possible). + */ + private static string GetDigestAlgName( + DerObjectIdentifier digestAlgOID) + { + if (PkcsObjectIdentifiers.MD5.Equals(digestAlgOID)) + { + return "MD5"; + } + else if (OiwObjectIdentifiers.IdSha1.Equals(digestAlgOID)) + { + return "SHA1"; + } + else if (NistObjectIdentifiers.IdSha224.Equals(digestAlgOID)) + { + return "SHA224"; + } + else if (NistObjectIdentifiers.IdSha256.Equals(digestAlgOID)) + { + return "SHA256"; + } + else if (NistObjectIdentifiers.IdSha384.Equals(digestAlgOID)) + { + return "SHA384"; + } + else if (NistObjectIdentifiers.IdSha512.Equals(digestAlgOID)) + { + return "SHA512"; + } + else if (TeleTrusTObjectIdentifiers.RipeMD128.Equals(digestAlgOID)) + { + return "RIPEMD128"; + } + else if (TeleTrusTObjectIdentifiers.RipeMD160.Equals(digestAlgOID)) + { + return "RIPEMD160"; + } + else if (TeleTrusTObjectIdentifiers.RipeMD256.Equals(digestAlgOID)) + { + return "RIPEMD256"; + } + else if (CryptoProObjectIdentifiers.GostR3411.Equals(digestAlgOID)) + { + return "GOST3411"; + } + else + { + return digestAlgOID.Id; + } + } + } +} diff --git a/BouncyCastle/crypto/src/x509/X509Utilities.cs b/BouncyCastle/crypto/src/x509/X509Utilities.cs new file mode 100644 index 0000000..461a545 --- /dev/null +++ b/BouncyCastle/crypto/src/x509/X509Utilities.cs @@ -0,0 +1,205 @@ +using System; +using System.Collections; + +using Org.BouncyCastle.Asn1; +using Org.BouncyCastle.Asn1.CryptoPro; +using Org.BouncyCastle.Asn1.Nist; +using Org.BouncyCastle.Asn1.Oiw; +using Org.BouncyCastle.Asn1.Pkcs; +using Org.BouncyCastle.Asn1.TeleTrust; +using Org.BouncyCastle.Asn1.X509; +using Org.BouncyCastle.Asn1.X9; +using Org.BouncyCastle.Crypto; +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Security; +using Org.BouncyCastle.Utilities; +using Org.BouncyCastle.Utilities.Collections; + +namespace Org.BouncyCastle.X509 +{ + internal class X509Utilities + { + private static readonly IDictionary algorithms = Platform.CreateHashtable(); + private static readonly IDictionary exParams = Platform.CreateHashtable(); + private static readonly ISet noParams = new HashSet(); + + static X509Utilities() + { + algorithms.Add("MD2WITHRSAENCRYPTION", PkcsObjectIdentifiers.MD2WithRsaEncryption); + algorithms.Add("MD2WITHRSA", PkcsObjectIdentifiers.MD2WithRsaEncryption); + algorithms.Add("MD5WITHRSAENCRYPTION", PkcsObjectIdentifiers.MD5WithRsaEncryption); + algorithms.Add("MD5WITHRSA", PkcsObjectIdentifiers.MD5WithRsaEncryption); + algorithms.Add("SHA1WITHRSAENCRYPTION", PkcsObjectIdentifiers.Sha1WithRsaEncryption); + algorithms.Add("SHA-1WITHRSAENCRYPTION", PkcsObjectIdentifiers.Sha1WithRsaEncryption); + algorithms.Add("SHA1WITHRSA", PkcsObjectIdentifiers.Sha1WithRsaEncryption); + algorithms.Add("SHA-1WITHRSA", PkcsObjectIdentifiers.Sha1WithRsaEncryption); + algorithms.Add("SHA224WITHRSAENCRYPTION", PkcsObjectIdentifiers.Sha224WithRsaEncryption); + algorithms.Add("SHA-224WITHRSAENCRYPTION", PkcsObjectIdentifiers.Sha224WithRsaEncryption); + algorithms.Add("SHA224WITHRSA", PkcsObjectIdentifiers.Sha224WithRsaEncryption); + algorithms.Add("SHA-224WITHRSA", PkcsObjectIdentifiers.Sha224WithRsaEncryption); + algorithms.Add("SHA256WITHRSAENCRYPTION", PkcsObjectIdentifiers.Sha256WithRsaEncryption); + algorithms.Add("SHA-256WITHRSAENCRYPTION", PkcsObjectIdentifiers.Sha256WithRsaEncryption); + algorithms.Add("SHA256WITHRSA", PkcsObjectIdentifiers.Sha256WithRsaEncryption); + algorithms.Add("SHA-256WITHRSA", PkcsObjectIdentifiers.Sha256WithRsaEncryption); + algorithms.Add("SHA384WITHRSAENCRYPTION", PkcsObjectIdentifiers.Sha384WithRsaEncryption); + algorithms.Add("SHA-384WITHRSAENCRYPTION", PkcsObjectIdentifiers.Sha384WithRsaEncryption); + algorithms.Add("SHA384WITHRSA", PkcsObjectIdentifiers.Sha384WithRsaEncryption); + algorithms.Add("SHA-384WITHRSA", PkcsObjectIdentifiers.Sha384WithRsaEncryption); + algorithms.Add("SHA512WITHRSAENCRYPTION", PkcsObjectIdentifiers.Sha512WithRsaEncryption); + algorithms.Add("SHA-512WITHRSAENCRYPTION", PkcsObjectIdentifiers.Sha512WithRsaEncryption); + algorithms.Add("SHA512WITHRSA", PkcsObjectIdentifiers.Sha512WithRsaEncryption); + algorithms.Add("SHA-512WITHRSA", PkcsObjectIdentifiers.Sha512WithRsaEncryption); + algorithms.Add("SHA512(224)WITHRSAENCRYPTION", PkcsObjectIdentifiers.Sha512_224WithRSAEncryption); + algorithms.Add("SHA-512(224)WITHRSAENCRYPTION", PkcsObjectIdentifiers.Sha512_224WithRSAEncryption); + algorithms.Add("SHA512(224)WITHRSA", PkcsObjectIdentifiers.Sha512_224WithRSAEncryption); + algorithms.Add("SHA-512(224)WITHRSA", PkcsObjectIdentifiers.Sha512_224WithRSAEncryption); + algorithms.Add("SHA512(256)WITHRSAENCRYPTION", PkcsObjectIdentifiers.Sha512_256WithRSAEncryption); + algorithms.Add("SHA-512(256)WITHRSAENCRYPTION", PkcsObjectIdentifiers.Sha512_256WithRSAEncryption); + algorithms.Add("SHA512(256)WITHRSA", PkcsObjectIdentifiers.Sha512_256WithRSAEncryption); + algorithms.Add("SHA-512(256)WITHRSA", PkcsObjectIdentifiers.Sha512_256WithRSAEncryption); + algorithms.Add("SHA1WITHRSAANDMGF1", PkcsObjectIdentifiers.IdRsassaPss); + algorithms.Add("SHA224WITHRSAANDMGF1", PkcsObjectIdentifiers.IdRsassaPss); + algorithms.Add("SHA256WITHRSAANDMGF1", PkcsObjectIdentifiers.IdRsassaPss); + algorithms.Add("SHA384WITHRSAANDMGF1", PkcsObjectIdentifiers.IdRsassaPss); + algorithms.Add("SHA512WITHRSAANDMGF1", PkcsObjectIdentifiers.IdRsassaPss); + algorithms.Add("RIPEMD160WITHRSAENCRYPTION", TeleTrusTObjectIdentifiers.RsaSignatureWithRipeMD160); + algorithms.Add("RIPEMD160WITHRSA", TeleTrusTObjectIdentifiers.RsaSignatureWithRipeMD160); + algorithms.Add("RIPEMD128WITHRSAENCRYPTION", TeleTrusTObjectIdentifiers.RsaSignatureWithRipeMD128); + algorithms.Add("RIPEMD128WITHRSA", TeleTrusTObjectIdentifiers.RsaSignatureWithRipeMD128); + algorithms.Add("RIPEMD256WITHRSAENCRYPTION", TeleTrusTObjectIdentifiers.RsaSignatureWithRipeMD256); + algorithms.Add("RIPEMD256WITHRSA", TeleTrusTObjectIdentifiers.RsaSignatureWithRipeMD256); + algorithms.Add("SHA1WITHDSA", X9ObjectIdentifiers.IdDsaWithSha1); + algorithms.Add("DSAWITHSHA1", X9ObjectIdentifiers.IdDsaWithSha1); + algorithms.Add("SHA224WITHDSA", NistObjectIdentifiers.DsaWithSha224); + algorithms.Add("SHA256WITHDSA", NistObjectIdentifiers.DsaWithSha256); + algorithms.Add("SHA384WITHDSA", NistObjectIdentifiers.DsaWithSha384); + algorithms.Add("SHA512WITHDSA", NistObjectIdentifiers.DsaWithSha512); + algorithms.Add("SHA1WITHECDSA", X9ObjectIdentifiers.ECDsaWithSha1); + algorithms.Add("ECDSAWITHSHA1", X9ObjectIdentifiers.ECDsaWithSha1); + algorithms.Add("SHA224WITHECDSA", X9ObjectIdentifiers.ECDsaWithSha224); + algorithms.Add("SHA256WITHECDSA", X9ObjectIdentifiers.ECDsaWithSha256); + algorithms.Add("SHA384WITHECDSA", X9ObjectIdentifiers.ECDsaWithSha384); + algorithms.Add("SHA512WITHECDSA", X9ObjectIdentifiers.ECDsaWithSha512); + algorithms.Add("GOST3411WITHGOST3410", CryptoProObjectIdentifiers.GostR3411x94WithGostR3410x94); + algorithms.Add("GOST3411WITHGOST3410-94", CryptoProObjectIdentifiers.GostR3411x94WithGostR3410x94); + algorithms.Add("GOST3411WITHECGOST3410", CryptoProObjectIdentifiers.GostR3411x94WithGostR3410x2001); + algorithms.Add("GOST3411WITHECGOST3410-2001", CryptoProObjectIdentifiers.GostR3411x94WithGostR3410x2001); + algorithms.Add("GOST3411WITHGOST3410-2001", CryptoProObjectIdentifiers.GostR3411x94WithGostR3410x2001); + + // + // According to RFC 3279, the ASN.1 encoding SHALL (id-dsa-with-sha1) or MUST (ecdsa-with-SHA*) omit the parameters field. + // The parameters field SHALL be NULL for RSA based signature algorithms. + // + noParams.Add(X9ObjectIdentifiers.ECDsaWithSha1); + noParams.Add(X9ObjectIdentifiers.ECDsaWithSha224); + noParams.Add(X9ObjectIdentifiers.ECDsaWithSha256); + noParams.Add(X9ObjectIdentifiers.ECDsaWithSha384); + noParams.Add(X9ObjectIdentifiers.ECDsaWithSha512); + noParams.Add(X9ObjectIdentifiers.IdDsaWithSha1); + noParams.Add(OiwObjectIdentifiers.DsaWithSha1); + noParams.Add(NistObjectIdentifiers.DsaWithSha224); + noParams.Add(NistObjectIdentifiers.DsaWithSha256); + noParams.Add(NistObjectIdentifiers.DsaWithSha384); + noParams.Add(NistObjectIdentifiers.DsaWithSha512); + + // + // RFC 4491 + // + noParams.Add(CryptoProObjectIdentifiers.GostR3411x94WithGostR3410x94); + noParams.Add(CryptoProObjectIdentifiers.GostR3411x94WithGostR3410x2001); + + // + // explicit params + // + AlgorithmIdentifier sha1AlgId = new AlgorithmIdentifier(OiwObjectIdentifiers.IdSha1, DerNull.Instance); + exParams.Add("SHA1WITHRSAANDMGF1", CreatePssParams(sha1AlgId, 20)); + + AlgorithmIdentifier sha224AlgId = new AlgorithmIdentifier(NistObjectIdentifiers.IdSha224, DerNull.Instance); + exParams.Add("SHA224WITHRSAANDMGF1", CreatePssParams(sha224AlgId, 28)); + + AlgorithmIdentifier sha256AlgId = new AlgorithmIdentifier(NistObjectIdentifiers.IdSha256, DerNull.Instance); + exParams.Add("SHA256WITHRSAANDMGF1", CreatePssParams(sha256AlgId, 32)); + + AlgorithmIdentifier sha384AlgId = new AlgorithmIdentifier(NistObjectIdentifiers.IdSha384, DerNull.Instance); + exParams.Add("SHA384WITHRSAANDMGF1", CreatePssParams(sha384AlgId, 48)); + + AlgorithmIdentifier sha512AlgId = new AlgorithmIdentifier(NistObjectIdentifiers.IdSha512, DerNull.Instance); + exParams.Add("SHA512WITHRSAANDMGF1", CreatePssParams(sha512AlgId, 64)); + } + + private static RsassaPssParameters CreatePssParams( + AlgorithmIdentifier hashAlgId, + int saltSize) + { + return new RsassaPssParameters( + hashAlgId, + new AlgorithmIdentifier(PkcsObjectIdentifiers.IdMgf1, hashAlgId), + new DerInteger(saltSize), + new DerInteger(1)); + } + + internal static DerObjectIdentifier GetAlgorithmOid( + string algorithmName) + { + algorithmName = Platform.ToUpperInvariant(algorithmName); + + if (algorithms.Contains(algorithmName)) + { + return (DerObjectIdentifier) algorithms[algorithmName]; + } + + return new DerObjectIdentifier(algorithmName); + } + + internal static AlgorithmIdentifier GetSigAlgID( + DerObjectIdentifier sigOid, + string algorithmName) + { + if (noParams.Contains(sigOid)) + { + return new AlgorithmIdentifier(sigOid); + } + + algorithmName = Platform.ToUpperInvariant(algorithmName); + + if (exParams.Contains(algorithmName)) + { + return new AlgorithmIdentifier(sigOid, (Asn1Encodable) exParams[algorithmName]); + } + + return new AlgorithmIdentifier(sigOid, DerNull.Instance); + } + + internal static IEnumerable GetAlgNames() + { + return new EnumerableProxy(algorithms.Keys); + } + + internal static byte[] GetSignatureForObject( + DerObjectIdentifier sigOid, // TODO Redundant now? + string sigName, + AsymmetricKeyParameter privateKey, + SecureRandom random, + Asn1Encodable ae) + { + if (sigOid == null) + throw new ArgumentNullException("sigOid"); + + ISigner sig = SignerUtilities.GetSigner(sigName); + + if (random != null) + { + sig.Init(true, new ParametersWithRandom(privateKey, random)); + } + else + { + sig.Init(true, privateKey); + } + + byte[] encoded = ae.GetDerEncoded(); + sig.BlockUpdate(encoded, 0, encoded.Length); + + return sig.GenerateSignature(); + } + } +} diff --git a/BouncyCastle/crypto/src/x509/X509V1CertificateGenerator.cs b/BouncyCastle/crypto/src/x509/X509V1CertificateGenerator.cs new file mode 100644 index 0000000..c571d25 --- /dev/null +++ b/BouncyCastle/crypto/src/x509/X509V1CertificateGenerator.cs @@ -0,0 +1,207 @@ +using System; +using System.Collections; + +using Org.BouncyCastle.Asn1; +using Org.BouncyCastle.Asn1.X509; +using Org.BouncyCastle.Crypto; +using Org.BouncyCastle.Crypto.Operators; +using Org.BouncyCastle.Math; +using Org.BouncyCastle.Security; +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.X509 +{ + /// + /// Class to Generate X509V1 Certificates. + /// + public class X509V1CertificateGenerator + { + private V1TbsCertificateGenerator tbsGen; + private DerObjectIdentifier sigOID; + private AlgorithmIdentifier sigAlgId; + private string signatureAlgorithm; + + /// + /// Default Constructor. + /// + public X509V1CertificateGenerator() + { + tbsGen = new V1TbsCertificateGenerator(); + } + + /// + /// Reset the generator. + /// + public void Reset() + { + tbsGen = new V1TbsCertificateGenerator(); + } + + /// + /// Set the certificate's serial number. + /// + /// Make serial numbers long, if you have no serial number policy make sure the number is at least 16 bytes of secure random data. + /// You will be surprised how ugly a serial number collision can get. + /// The serial number. + public void SetSerialNumber( + BigInteger serialNumber) + { + if (serialNumber.SignValue <= 0) + { + throw new ArgumentException("serial number must be a positive integer", "serialNumber"); + } + + tbsGen.SetSerialNumber(new DerInteger(serialNumber)); + } + + /// + /// Set the issuer distinguished name. + /// The issuer is the entity whose private key is used to sign the certificate. + /// + /// The issuers DN. + public void SetIssuerDN( + X509Name issuer) + { + tbsGen.SetIssuer(issuer); + } + + /// + /// Set the date that this certificate is to be valid from. + /// + /// + public void SetNotBefore( + DateTime date) + { + tbsGen.SetStartDate(new Time(date)); + } + + /// + /// Set the date after which this certificate will no longer be valid. + /// + /// + public void SetNotAfter( + DateTime date) + { + tbsGen.SetEndDate(new Time(date)); + } + + /// + /// Set the subject distinguished name. + /// The subject describes the entity associated with the public key. + /// + /// + public void SetSubjectDN( + X509Name subject) + { + tbsGen.SetSubject(subject); + } + + /// + /// Set the public key that this certificate identifies. + /// + /// + public void SetPublicKey( + AsymmetricKeyParameter publicKey) + { + try + { + tbsGen.SetSubjectPublicKeyInfo( + SubjectPublicKeyInfoFactory.CreateSubjectPublicKeyInfo(publicKey)); + } + catch (Exception e) + { + throw new ArgumentException("unable to process key - " + e.ToString()); + } + } + + /// + /// Set the signature algorithm that will be used to sign this certificate. + /// This can be either a name or an OID, names are treated as case insensitive. + /// + /// string representation of the algorithm name + [Obsolete("Not needed if Generate used with an ISignatureFactory")] + public void SetSignatureAlgorithm( + string signatureAlgorithm) + { + this.signatureAlgorithm = signatureAlgorithm; + + try + { + sigOID = X509Utilities.GetAlgorithmOid(signatureAlgorithm); + } + catch (Exception) + { + throw new ArgumentException("Unknown signature type requested", "signatureAlgorithm"); + } + + sigAlgId = X509Utilities.GetSigAlgID(sigOID, signatureAlgorithm); + + tbsGen.SetSignature(sigAlgId); + } + + /// + /// Generate a new X509Certificate. + /// + /// The private key of the issuer used to sign this certificate. + /// An X509Certificate. + [Obsolete("Use Generate with an ISignatureFactory")] + public X509Certificate Generate( + AsymmetricKeyParameter privateKey) + { + return Generate(privateKey, null); + } + + /// + /// Generate a new X509Certificate specifying a SecureRandom instance that you would like to use. + /// + /// The private key of the issuer used to sign this certificate. + /// The Secure Random you want to use. + /// An X509Certificate. + [Obsolete("Use Generate with an ISignatureFactory")] + public X509Certificate Generate( + AsymmetricKeyParameter privateKey, + SecureRandom random) + { + return Generate(new Asn1SignatureFactory(signatureAlgorithm, privateKey, random)); + } + + /// + /// Generate a new X509Certificate using the passed in SignatureCalculator. + /// + /// A signature calculator factory with the necessary algorithm details. + /// An X509Certificate. + public X509Certificate Generate(ISignatureFactory signatureCalculatorFactory) + { + tbsGen.SetSignature ((AlgorithmIdentifier)signatureCalculatorFactory.AlgorithmDetails); + + TbsCertificateStructure tbsCert = tbsGen.GenerateTbsCertificate(); + + IStreamCalculator streamCalculator = signatureCalculatorFactory.CreateCalculator(); + + byte[] encoded = tbsCert.GetDerEncoded(); + + streamCalculator.Stream.Write(encoded, 0, encoded.Length); + + Platform.Dispose(streamCalculator.Stream); + + return GenerateJcaObject(tbsCert, (AlgorithmIdentifier)signatureCalculatorFactory.AlgorithmDetails, ((IBlockResult)streamCalculator.GetResult()).Collect()); + } + + private X509Certificate GenerateJcaObject( + TbsCertificateStructure tbsCert, + AlgorithmIdentifier sigAlg, + byte[] signature) + { + return new X509Certificate( + new X509CertificateStructure(tbsCert, sigAlg, new DerBitString(signature))); + } + + /// + /// Allows enumeration of the signature names supported by the generator. + /// + public IEnumerable SignatureAlgNames + { + get { return X509Utilities.GetAlgNames(); } + } + } +} diff --git a/BouncyCastle/crypto/src/x509/X509V2AttributeCertificate.cs b/BouncyCastle/crypto/src/x509/X509V2AttributeCertificate.cs new file mode 100644 index 0000000..1ceba10 --- /dev/null +++ b/BouncyCastle/crypto/src/x509/X509V2AttributeCertificate.cs @@ -0,0 +1,280 @@ +using System; +using System.Collections; +using System.IO; + +using Org.BouncyCastle.Asn1; +using Org.BouncyCastle.Asn1.X509; +using Org.BouncyCastle.Crypto; +using Org.BouncyCastle.Crypto.Operators; +using Org.BouncyCastle.Math; +using Org.BouncyCastle.Security; +using Org.BouncyCastle.Security.Certificates; +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.X509 +{ + /// An implementation of a version 2 X.509 Attribute Certificate. + public class X509V2AttributeCertificate + : X509ExtensionBase, IX509AttributeCertificate + { + private readonly AttributeCertificate cert; + private readonly DateTime notBefore; + private readonly DateTime notAfter; + + private static AttributeCertificate GetObject(Stream input) + { + try + { + return AttributeCertificate.GetInstance(Asn1Object.FromStream(input)); + } + catch (IOException e) + { + throw e; + } + catch (Exception e) + { + throw new IOException("exception decoding certificate structure", e); + } + } + + public X509V2AttributeCertificate( + Stream encIn) + : this(GetObject(encIn)) + { + } + + public X509V2AttributeCertificate( + byte[] encoded) + : this(new MemoryStream(encoded, false)) + { + } + + internal X509V2AttributeCertificate( + AttributeCertificate cert) + { + this.cert = cert; + + try + { + this.notAfter = cert.ACInfo.AttrCertValidityPeriod.NotAfterTime.ToDateTime(); + this.notBefore = cert.ACInfo.AttrCertValidityPeriod.NotBeforeTime.ToDateTime(); + } + catch (Exception e) + { + throw new IOException("invalid data structure in certificate!", e); + } + } + + public virtual int Version + { + get { return cert.ACInfo.Version.IntValueExact + 1; } + } + + public virtual BigInteger SerialNumber + { + get { return cert.ACInfo.SerialNumber.Value; } + } + + public virtual AttributeCertificateHolder Holder + { + get + { + return new AttributeCertificateHolder((Asn1Sequence)cert.ACInfo.Holder.ToAsn1Object()); + } + } + + public virtual AttributeCertificateIssuer Issuer + { + get + { + return new AttributeCertificateIssuer(cert.ACInfo.Issuer); + } + } + + public virtual DateTime NotBefore + { + get { return notBefore; } + } + + public virtual DateTime NotAfter + { + get { return notAfter; } + } + + public virtual bool[] GetIssuerUniqueID() + { + DerBitString id = cert.ACInfo.IssuerUniqueID; + + if (id != null) + { + byte[] bytes = id.GetBytes(); + bool[] boolId = new bool[bytes.Length * 8 - id.PadBits]; + + for (int i = 0; i != boolId.Length; i++) + { + //boolId[i] = (bytes[i / 8] & (0x80 >>> (i % 8))) != 0; + boolId[i] = (bytes[i / 8] & (0x80 >> (i % 8))) != 0; + } + + return boolId; + } + + return null; + } + + public virtual bool IsValidNow + { + get { return IsValid(DateTime.UtcNow); } + } + + public virtual bool IsValid( + DateTime date) + { + return date.CompareTo(NotBefore) >= 0 && date.CompareTo(NotAfter) <= 0; + } + + public virtual void CheckValidity() + { + this.CheckValidity(DateTime.UtcNow); + } + + public virtual void CheckValidity( + DateTime date) + { + if (date.CompareTo(NotAfter) > 0) + throw new CertificateExpiredException("certificate expired on " + NotAfter); + if (date.CompareTo(NotBefore) < 0) + throw new CertificateNotYetValidException("certificate not valid until " + NotBefore); + } + + public virtual AlgorithmIdentifier SignatureAlgorithm + { + get { return cert.SignatureAlgorithm; } + } + + public virtual byte[] GetSignature() + { + return cert.GetSignatureOctets(); + } + + public virtual void Verify( + AsymmetricKeyParameter key) + { + CheckSignature(new Asn1VerifierFactory(cert.SignatureAlgorithm, key)); + } + + /// + /// Verify the certificate's signature using a verifier created using the passed in verifier provider. + /// + /// An appropriate provider for verifying the certificate's signature. + /// True if the signature is valid. + /// If verifier provider is not appropriate or the certificate algorithm is invalid. + public virtual void Verify( + IVerifierFactoryProvider verifierProvider) + { + CheckSignature(verifierProvider.CreateVerifierFactory(cert.SignatureAlgorithm)); + } + + protected virtual void CheckSignature( + IVerifierFactory verifier) + { + if (!cert.SignatureAlgorithm.Equals(cert.ACInfo.Signature)) + { + throw new CertificateException("Signature algorithm in certificate info not same as outer certificate"); + } + + IStreamCalculator streamCalculator = verifier.CreateCalculator(); + + try + { + byte[] b = this.cert.ACInfo.GetEncoded(); + + streamCalculator.Stream.Write(b, 0, b.Length); + + Platform.Dispose(streamCalculator.Stream); + } + catch (IOException e) + { + throw new SignatureException("Exception encoding certificate info object", e); + } + + if (!((IVerifier)streamCalculator.GetResult()).IsVerified(this.GetSignature())) + { + throw new InvalidKeyException("Public key presented not for certificate signature"); + } + } + + public virtual byte[] GetEncoded() + { + return cert.GetEncoded(); + } + + protected override X509Extensions GetX509Extensions() + { + return cert.ACInfo.Extensions; + } + + public virtual X509Attribute[] GetAttributes() + { + Asn1Sequence seq = cert.ACInfo.Attributes; + X509Attribute[] attrs = new X509Attribute[seq.Count]; + + for (int i = 0; i != seq.Count; i++) + { + attrs[i] = new X509Attribute((Asn1Encodable)seq[i]); + } + + return attrs; + } + + public virtual X509Attribute[] GetAttributes( + string oid) + { + Asn1Sequence seq = cert.ACInfo.Attributes; + IList list = Platform.CreateArrayList(); + + for (int i = 0; i != seq.Count; i++) + { + X509Attribute attr = new X509Attribute((Asn1Encodable)seq[i]); + if (attr.Oid.Equals(oid)) + { + list.Add(attr); + } + } + + if (list.Count < 1) + { + return null; + } + + X509Attribute[] result = new X509Attribute[list.Count]; + for (int i = 0; i < list.Count; ++i) + { + result[i] = (X509Attribute)list[i]; + } + return result; + } + + public override bool Equals( + object obj) + { + if (obj == this) + return true; + + X509V2AttributeCertificate other = obj as X509V2AttributeCertificate; + + if (other == null) + return false; + + return cert.Equals(other.cert); + + // NB: May prefer this implementation of Equals if more than one certificate implementation in play + //return Arrays.AreEqual(this.GetEncoded(), other.GetEncoded()); + } + + public override int GetHashCode() + { + return cert.GetHashCode(); + } + } +} diff --git a/BouncyCastle/crypto/src/x509/X509V2AttributeCertificateGenerator.cs b/BouncyCastle/crypto/src/x509/X509V2AttributeCertificateGenerator.cs new file mode 100644 index 0000000..f49eea6 --- /dev/null +++ b/BouncyCastle/crypto/src/x509/X509V2AttributeCertificateGenerator.cs @@ -0,0 +1,202 @@ +using System; +using System.Collections; + +using Org.BouncyCastle.Asn1; +using Org.BouncyCastle.Asn1.X509; +using Org.BouncyCastle.Crypto; +using Org.BouncyCastle.Crypto.Operators; +using Org.BouncyCastle.Math; +using Org.BouncyCastle.Security; +using Org.BouncyCastle.Security.Certificates; +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.X509 +{ + /// Class to produce an X.509 Version 2 AttributeCertificate. + public class X509V2AttributeCertificateGenerator + { + private readonly X509ExtensionsGenerator extGenerator = new X509ExtensionsGenerator(); + + private V2AttributeCertificateInfoGenerator acInfoGen; + private DerObjectIdentifier sigOID; + private AlgorithmIdentifier sigAlgId; + private string signatureAlgorithm; + + public X509V2AttributeCertificateGenerator() + { + acInfoGen = new V2AttributeCertificateInfoGenerator(); + } + + /// Reset the generator + public void Reset() + { + acInfoGen = new V2AttributeCertificateInfoGenerator(); + extGenerator.Reset(); + } + + /// Set the Holder of this Attribute Certificate. + public void SetHolder( + AttributeCertificateHolder holder) + { + acInfoGen.SetHolder(holder.holder); + } + + /// Set the issuer. + public void SetIssuer( + AttributeCertificateIssuer issuer) + { + acInfoGen.SetIssuer(AttCertIssuer.GetInstance(issuer.form)); + } + + /// Set the serial number for the certificate. + public void SetSerialNumber( + BigInteger serialNumber) + { + acInfoGen.SetSerialNumber(new DerInteger(serialNumber)); + } + + public void SetNotBefore( + DateTime date) + { + acInfoGen.SetStartDate(new DerGeneralizedTime(date)); + } + + public void SetNotAfter( + DateTime date) + { + acInfoGen.SetEndDate(new DerGeneralizedTime(date)); + } + + /// + /// Set the signature algorithm. This can be either a name or an OID, names + /// are treated as case insensitive. + /// + /// The algorithm name. + [Obsolete("Not needed if Generate used with an ISignatureFactory")] + public void SetSignatureAlgorithm( + string signatureAlgorithm) + { + this.signatureAlgorithm = signatureAlgorithm; + + try + { + sigOID = X509Utilities.GetAlgorithmOid(signatureAlgorithm); + } + catch (Exception) + { + throw new ArgumentException("Unknown signature type requested"); + } + + sigAlgId = X509Utilities.GetSigAlgID(sigOID, signatureAlgorithm); + + acInfoGen.SetSignature(sigAlgId); + } + + /// Add an attribute. + public void AddAttribute( + X509Attribute attribute) + { + acInfoGen.AddAttribute(AttributeX509.GetInstance(attribute.ToAsn1Object())); + } + + public void SetIssuerUniqueId( + bool[] iui) + { + // TODO convert bool array to bit string + //acInfoGen.SetIssuerUniqueID(iui); + throw Platform.CreateNotImplementedException("SetIssuerUniqueId()"); + } + + /// Add a given extension field for the standard extensions tag. + public void AddExtension( + string oid, + bool critical, + Asn1Encodable extensionValue) + { + extGenerator.AddExtension(new DerObjectIdentifier(oid), critical, extensionValue); + } + + /// + /// Add a given extension field for the standard extensions tag. + /// The value parameter becomes the contents of the octet string associated + /// with the extension. + /// + public void AddExtension( + string oid, + bool critical, + byte[] extensionValue) + { + extGenerator.AddExtension(new DerObjectIdentifier(oid), critical, extensionValue); + } + + /// + /// Generate an X509 certificate, based on the current issuer and subject. + /// + [Obsolete("Use Generate with an ISignatureFactory")] + public IX509AttributeCertificate Generate( + AsymmetricKeyParameter privateKey) + { + return Generate(privateKey, null); + } + + /// + /// Generate an X509 certificate, based on the current issuer and subject, + /// using the supplied source of randomness, if required. + /// + [Obsolete("Use Generate with an ISignatureFactory")] + public IX509AttributeCertificate Generate( + AsymmetricKeyParameter privateKey, + SecureRandom random) + { + return Generate(new Asn1SignatureFactory(signatureAlgorithm, privateKey, random)); + } + + /// + /// Generate a new X.509 Attribute Certificate using the passed in SignatureCalculator. + /// + /// A signature calculator factory with the necessary algorithm details. + /// An IX509AttributeCertificate. + public IX509AttributeCertificate Generate(ISignatureFactory signatureCalculatorFactory) + { + if (!extGenerator.IsEmpty) + { + acInfoGen.SetExtensions(extGenerator.Generate()); + } + + AlgorithmIdentifier sigAlgID = (AlgorithmIdentifier)signatureCalculatorFactory.AlgorithmDetails; + + acInfoGen.SetSignature(sigAlgID); + + AttributeCertificateInfo acInfo = acInfoGen.GenerateAttributeCertificateInfo(); + + byte[] encoded = acInfo.GetDerEncoded(); + + IStreamCalculator streamCalculator = signatureCalculatorFactory.CreateCalculator(); + + streamCalculator.Stream.Write(encoded, 0, encoded.Length); + + Platform.Dispose(streamCalculator.Stream); + + try + { + DerBitString signatureValue = new DerBitString(((IBlockResult)streamCalculator.GetResult()).Collect()); + + return new X509V2AttributeCertificate(new AttributeCertificate(acInfo, sigAlgID, signatureValue)); + } + catch (Exception e) + { + // TODO +// throw new ExtCertificateEncodingException("constructed invalid certificate", e); + throw new CertificateEncodingException("constructed invalid certificate", e); + } + } + + /// + /// Allows enumeration of the signature names supported by the generator. + /// + public IEnumerable SignatureAlgNames + { + get { return X509Utilities.GetAlgNames(); } + } + } +} diff --git a/BouncyCastle/crypto/src/x509/X509V2CRLGenerator.cs b/BouncyCastle/crypto/src/x509/X509V2CRLGenerator.cs new file mode 100644 index 0000000..d16178f --- /dev/null +++ b/BouncyCastle/crypto/src/x509/X509V2CRLGenerator.cs @@ -0,0 +1,277 @@ +using System; +using System.Collections; +using System.IO; + +using Org.BouncyCastle.Asn1; +using Org.BouncyCastle.Asn1.X509; +using Org.BouncyCastle.Crypto; +using Org.BouncyCastle.Crypto.Operators; +using Org.BouncyCastle.Math; +using Org.BouncyCastle.Security; +using Org.BouncyCastle.Security.Certificates; +using Org.BouncyCastle.Utilities; +using Org.BouncyCastle.Utilities.Collections; + +namespace Org.BouncyCastle.X509 +{ + /** + * class to produce an X.509 Version 2 CRL. + */ + public class X509V2CrlGenerator + { + private readonly X509ExtensionsGenerator extGenerator = new X509ExtensionsGenerator(); + + private V2TbsCertListGenerator tbsGen; + private DerObjectIdentifier sigOID; + private AlgorithmIdentifier sigAlgId; + private string signatureAlgorithm; + + public X509V2CrlGenerator() + { + tbsGen = new V2TbsCertListGenerator(); + } + + /** + * reset the generator + */ + public void Reset() + { + tbsGen = new V2TbsCertListGenerator(); + extGenerator.Reset(); + } + + /** + * Set the issuer distinguished name - the issuer is the entity whose private key is used to sign the + * certificate. + */ + public void SetIssuerDN( + X509Name issuer) + { + tbsGen.SetIssuer(issuer); + } + + public void SetThisUpdate( + DateTime date) + { + tbsGen.SetThisUpdate(new Time(date)); + } + + public void SetNextUpdate( + DateTime date) + { + tbsGen.SetNextUpdate(new Time(date)); + } + + /** + * Reason being as indicated by CrlReason, i.e. CrlReason.KeyCompromise + * or 0 if CrlReason is not to be used + **/ + public void AddCrlEntry( + BigInteger userCertificate, + DateTime revocationDate, + int reason) + { + tbsGen.AddCrlEntry(new DerInteger(userCertificate), new Time(revocationDate), reason); + } + + /** + * Add a CRL entry with an Invalidity Date extension as well as a CrlReason extension. + * Reason being as indicated by CrlReason, i.e. CrlReason.KeyCompromise + * or 0 if CrlReason is not to be used + **/ + public void AddCrlEntry( + BigInteger userCertificate, + DateTime revocationDate, + int reason, + DateTime invalidityDate) + { + tbsGen.AddCrlEntry(new DerInteger(userCertificate), new Time(revocationDate), reason, new DerGeneralizedTime(invalidityDate)); + } + + /** + * Add a CRL entry with extensions. + **/ + public void AddCrlEntry( + BigInteger userCertificate, + DateTime revocationDate, + X509Extensions extensions) + { + tbsGen.AddCrlEntry(new DerInteger(userCertificate), new Time(revocationDate), extensions); + } + + /** + * Add the CRLEntry objects contained in a previous CRL. + * + * @param other the X509Crl to source the other entries from. + */ + public void AddCrl( + X509Crl other) + { + if (other == null) + throw new ArgumentNullException("other"); + + ISet revocations = other.GetRevokedCertificates(); + + if (revocations != null) + { + foreach (X509CrlEntry entry in revocations) + { + try + { + tbsGen.AddCrlEntry( + Asn1Sequence.GetInstance( + Asn1Object.FromByteArray(entry.GetEncoded()))); + } + catch (IOException e) + { + throw new CrlException("exception processing encoding of CRL", e); + } + } + } + } + + /// + /// Set the signature algorithm that will be used to sign this CRL. + /// + /// + [Obsolete("Not needed if Generate used with an ISignatureFactory")] + public void SetSignatureAlgorithm( + string signatureAlgorithm) + { + this.signatureAlgorithm = signatureAlgorithm; + + try + { + sigOID = X509Utilities.GetAlgorithmOid(signatureAlgorithm); + } + catch (Exception e) + { + throw new ArgumentException("Unknown signature type requested", e); + } + + sigAlgId = X509Utilities.GetSigAlgID(sigOID, signatureAlgorithm); + + tbsGen.SetSignature(sigAlgId); + } + + /** + * add a given extension field for the standard extensions tag (tag 0) + */ + public void AddExtension( + string oid, + bool critical, + Asn1Encodable extensionValue) + { + extGenerator.AddExtension(new DerObjectIdentifier(oid), critical, extensionValue); + } + + /** + * add a given extension field for the standard extensions tag (tag 0) + */ + public void AddExtension( + DerObjectIdentifier oid, + bool critical, + Asn1Encodable extensionValue) + { + extGenerator.AddExtension(oid, critical, extensionValue); + } + + /** + * add a given extension field for the standard extensions tag (tag 0) + */ + public void AddExtension( + string oid, + bool critical, + byte[] extensionValue) + { + extGenerator.AddExtension(new DerObjectIdentifier(oid), critical, new DerOctetString(extensionValue)); + } + + /** + * add a given extension field for the standard extensions tag (tag 0) + */ + public void AddExtension( + DerObjectIdentifier oid, + bool critical, + byte[] extensionValue) + { + extGenerator.AddExtension(oid, critical, new DerOctetString(extensionValue)); + } + + /// + /// Generate an X.509 CRL, based on the current issuer and subject. + /// + /// The private key of the issuer that is signing this certificate. + /// An X509Crl. + [Obsolete("Use Generate with an ISignatureFactory")] + public X509Crl Generate( + AsymmetricKeyParameter privateKey) + { + return Generate(privateKey, null); + } + + /// + /// Generate an X.509 CRL, based on the current issuer and subject using the specified secure random. + /// + /// The private key of the issuer that is signing this certificate. + /// Your Secure Random instance. + /// An X509Crl. + [Obsolete("Use Generate with an ISignatureFactory")] + public X509Crl Generate( + AsymmetricKeyParameter privateKey, + SecureRandom random) + { + return Generate(new Asn1SignatureFactory(signatureAlgorithm, privateKey, random)); + } + + /// + /// Generate a new X509Crl using the passed in SignatureCalculator. + /// + /// A signature calculator factory with the necessary algorithm details. + /// An X509Crl. + public X509Crl Generate(ISignatureFactory signatureCalculatorFactory) + { + tbsGen.SetSignature((AlgorithmIdentifier)signatureCalculatorFactory.AlgorithmDetails); + + TbsCertificateList tbsCertList = GenerateCertList(); + + IStreamCalculator streamCalculator = signatureCalculatorFactory.CreateCalculator(); + + byte[] encoded = tbsCertList.GetDerEncoded(); + + streamCalculator.Stream.Write(encoded, 0, encoded.Length); + + Platform.Dispose(streamCalculator.Stream); + + return GenerateJcaObject(tbsCertList, (AlgorithmIdentifier)signatureCalculatorFactory.AlgorithmDetails, ((IBlockResult)streamCalculator.GetResult()).Collect()); + } + + private TbsCertificateList GenerateCertList() + { + if (!extGenerator.IsEmpty) + { + tbsGen.SetExtensions(extGenerator.Generate()); + } + + return tbsGen.GenerateTbsCertList(); + } + + private X509Crl GenerateJcaObject( + TbsCertificateList tbsCrl, + AlgorithmIdentifier algId, + byte[] signature) + { + return new X509Crl( + CertificateList.GetInstance( + new DerSequence(tbsCrl, algId, new DerBitString(signature)))); + } + + /// + /// Allows enumeration of the signature names supported by the generator. + /// + public IEnumerable SignatureAlgNames + { + get { return X509Utilities.GetAlgNames(); } + } + } +} diff --git a/BouncyCastle/crypto/src/x509/X509V3CertificateGenerator.cs b/BouncyCastle/crypto/src/x509/X509V3CertificateGenerator.cs new file mode 100644 index 0000000..bc619c3 --- /dev/null +++ b/BouncyCastle/crypto/src/x509/X509V3CertificateGenerator.cs @@ -0,0 +1,344 @@ +using System; +using System.Collections; + +using Org.BouncyCastle.Asn1; +using Org.BouncyCastle.Asn1.X509; +using Org.BouncyCastle.Crypto; +using Org.BouncyCastle.Crypto.Operators; +using Org.BouncyCastle.Math; +using Org.BouncyCastle.Security; +using Org.BouncyCastle.Security.Certificates; +using Org.BouncyCastle.Utilities; +using Org.BouncyCastle.X509.Extension; + +namespace Org.BouncyCastle.X509 +{ + /// + /// A class to Generate Version 3 X509Certificates. + /// + public class X509V3CertificateGenerator + { + private readonly X509ExtensionsGenerator extGenerator = new X509ExtensionsGenerator(); + + private V3TbsCertificateGenerator tbsGen; + private DerObjectIdentifier sigOid; + private AlgorithmIdentifier sigAlgId; + private string signatureAlgorithm; + + public X509V3CertificateGenerator() + { + tbsGen = new V3TbsCertificateGenerator(); + } + + /// + /// Reset the Generator. + /// + public void Reset() + { + tbsGen = new V3TbsCertificateGenerator(); + extGenerator.Reset(); + } + + /// + /// Set the certificate's serial number. + /// + /// Make serial numbers long, if you have no serial number policy make sure the number is at least 16 bytes of secure random data. + /// You will be surprised how ugly a serial number collision can Get. + /// The serial number. + public void SetSerialNumber( + BigInteger serialNumber) + { + if (serialNumber.SignValue <= 0) + { + throw new ArgumentException("serial number must be a positive integer", "serialNumber"); + } + + tbsGen.SetSerialNumber(new DerInteger(serialNumber)); + } + + /// + /// Set the distinguished name of the issuer. + /// The issuer is the entity which is signing the certificate. + /// + /// The issuer's DN. + public void SetIssuerDN( + X509Name issuer) + { + tbsGen.SetIssuer(issuer); + } + + /// + /// Set the date that this certificate is to be valid from. + /// + /// + public void SetNotBefore( + DateTime date) + { + tbsGen.SetStartDate(new Time(date)); + } + + /// + /// Set the date after which this certificate will no longer be valid. + /// + /// + public void SetNotAfter( + DateTime date) + { + tbsGen.SetEndDate(new Time(date)); + } + + /// + /// Set the DN of the entity that this certificate is about. + /// + /// + public void SetSubjectDN( + X509Name subject) + { + tbsGen.SetSubject(subject); + } + + /// + /// Set the public key that this certificate identifies. + /// + /// + public void SetPublicKey( + AsymmetricKeyParameter publicKey) + { + tbsGen.SetSubjectPublicKeyInfo(SubjectPublicKeyInfoFactory.CreateSubjectPublicKeyInfo(publicKey)); + } + + /// + /// Set the signature algorithm that will be used to sign this certificate. + /// + /// + [Obsolete("Not needed if Generate used with an ISignatureFactory")] + public void SetSignatureAlgorithm( + string signatureAlgorithm) + { + this.signatureAlgorithm = signatureAlgorithm; + + try + { + sigOid = X509Utilities.GetAlgorithmOid(signatureAlgorithm); + } + catch (Exception) + { + throw new ArgumentException("Unknown signature type requested: " + signatureAlgorithm); + } + + sigAlgId = X509Utilities.GetSigAlgID(sigOid, signatureAlgorithm); + + tbsGen.SetSignature(sigAlgId); + } + + /// + /// Set the subject unique ID - note: it is very rare that it is correct to do this. + /// + /// + public void SetSubjectUniqueID( + bool[] uniqueID) + { + tbsGen.SetSubjectUniqueID(booleanToBitString(uniqueID)); + } + + /// + /// Set the issuer unique ID - note: it is very rare that it is correct to do this. + /// + /// + public void SetIssuerUniqueID( + bool[] uniqueID) + { + tbsGen.SetIssuerUniqueID(booleanToBitString(uniqueID)); + } + + private DerBitString booleanToBitString( + bool[] id) + { + byte[] bytes = new byte[(id.Length + 7) / 8]; + + for (int i = 0; i != id.Length; i++) + { + if (id[i]) + { + bytes[i / 8] |= (byte)(1 << ((7 - (i % 8)))); + } + } + + int pad = id.Length % 8; + + if (pad == 0) + { + return new DerBitString(bytes); + } + + return new DerBitString(bytes, 8 - pad); + } + + /// + /// Add a given extension field for the standard extensions tag (tag 3). + /// + /// string containing a dotted decimal Object Identifier. + /// Is it critical. + /// The value. + public void AddExtension( + string oid, + bool critical, + Asn1Encodable extensionValue) + { + extGenerator.AddExtension(new DerObjectIdentifier(oid), critical, extensionValue); + } + + /// + /// Add an extension to this certificate. + /// + /// Its Object Identifier. + /// Is it critical. + /// The value. + public void AddExtension( + DerObjectIdentifier oid, + bool critical, + Asn1Encodable extensionValue) + { + extGenerator.AddExtension(oid, critical, extensionValue); + } + + /// + /// Add an extension using a string with a dotted decimal OID. + /// + /// string containing a dotted decimal Object Identifier. + /// Is it critical. + /// byte[] containing the value of this extension. + public void AddExtension( + string oid, + bool critical, + byte[] extensionValue) + { + extGenerator.AddExtension(new DerObjectIdentifier(oid), critical, new DerOctetString(extensionValue)); + } + + /// + /// Add an extension to this certificate. + /// + /// Its Object Identifier. + /// Is it critical. + /// byte[] containing the value of this extension. + public void AddExtension( + DerObjectIdentifier oid, + bool critical, + byte[] extensionValue) + { + extGenerator.AddExtension(oid, critical, new DerOctetString(extensionValue)); + } + + /// + /// Add a given extension field for the standard extensions tag (tag 3), + /// copying the extension value from another certificate. + /// + public void CopyAndAddExtension( + string oid, + bool critical, + X509Certificate cert) + { + CopyAndAddExtension(new DerObjectIdentifier(oid), critical, cert); + } + + /** + * add a given extension field for the standard extensions tag (tag 3) + * copying the extension value from another certificate. + * @throws CertificateParsingException if the extension cannot be extracted. + */ + public void CopyAndAddExtension( + DerObjectIdentifier oid, + bool critical, + X509Certificate cert) + { + Asn1OctetString extValue = cert.GetExtensionValue(oid); + + if (extValue == null) + { + throw new CertificateParsingException("extension " + oid + " not present"); + } + + try + { + Asn1Encodable value = X509ExtensionUtilities.FromExtensionValue(extValue); + + this.AddExtension(oid, critical, value); + } + catch (Exception e) + { + throw new CertificateParsingException(e.Message, e); + } + } + + /// + /// Generate an X509Certificate. + /// + /// The private key of the issuer that is signing this certificate. + /// An X509Certificate. + [Obsolete("Use Generate with an ISignatureFactory")] + public X509Certificate Generate( + AsymmetricKeyParameter privateKey) + { + return Generate(privateKey, null); + } + + /// + /// Generate an X509Certificate using your own SecureRandom. + /// + /// The private key of the issuer that is signing this certificate. + /// You Secure Random instance. + /// An X509Certificate. + [Obsolete("Use Generate with an ISignatureFactory")] + public X509Certificate Generate( + AsymmetricKeyParameter privateKey, + SecureRandom random) + { + return Generate(new Asn1SignatureFactory(signatureAlgorithm, privateKey, random)); + } + + /// + /// Generate a new X509Certificate using the passed in SignatureCalculator. + /// + /// A signature calculator factory with the necessary algorithm details. + /// An X509Certificate. + public X509Certificate Generate(ISignatureFactory signatureCalculatorFactory) + { + tbsGen.SetSignature ((AlgorithmIdentifier)signatureCalculatorFactory.AlgorithmDetails); + + if (!extGenerator.IsEmpty) + { + tbsGen.SetExtensions(extGenerator.Generate()); + } + + TbsCertificateStructure tbsCert = tbsGen.GenerateTbsCertificate(); + + IStreamCalculator streamCalculator = signatureCalculatorFactory.CreateCalculator(); + + byte[] encoded = tbsCert.GetDerEncoded(); + + streamCalculator.Stream.Write(encoded, 0, encoded.Length); + + Platform.Dispose(streamCalculator.Stream); + + return GenerateJcaObject(tbsCert, (AlgorithmIdentifier)signatureCalculatorFactory.AlgorithmDetails, ((IBlockResult)streamCalculator.GetResult()).Collect()); + } + + private X509Certificate GenerateJcaObject( + TbsCertificateStructure tbsCert, + AlgorithmIdentifier sigAlg, + byte[] signature) + { + return new X509Certificate( + new X509CertificateStructure(tbsCert, sigAlg, new DerBitString(signature))); + } + + /// + /// Allows enumeration of the signature names supported by the generator. + /// + public IEnumerable SignatureAlgNames + { + get { return X509Utilities.GetAlgNames(); } + } + } +} diff --git a/BouncyCastle/crypto/src/x509/extension/AuthorityKeyIdentifierStructure.cs b/BouncyCastle/crypto/src/x509/extension/AuthorityKeyIdentifierStructure.cs new file mode 100644 index 0000000..006dc00 --- /dev/null +++ b/BouncyCastle/crypto/src/x509/extension/AuthorityKeyIdentifierStructure.cs @@ -0,0 +1,102 @@ +using System; + +using Org.BouncyCastle.Asn1; +using Org.BouncyCastle.Asn1.X509; +using Org.BouncyCastle.Crypto; +using Org.BouncyCastle.Security; +using Org.BouncyCastle.Security.Certificates; + +namespace Org.BouncyCastle.X509.Extension +{ + /// A high level authority key identifier. + public class AuthorityKeyIdentifierStructure + : AuthorityKeyIdentifier + { + /** + * Constructor which will take the byte[] returned from getExtensionValue() + * + * @param encodedValue a DER octet encoded string with the extension structure in it. + * @throws IOException on parsing errors. + */ + // TODO Add a functional constructor from byte[]? + public AuthorityKeyIdentifierStructure( + Asn1OctetString encodedValue) + : base((Asn1Sequence) X509ExtensionUtilities.FromExtensionValue(encodedValue)) + { + } + + private static Asn1Sequence FromCertificate( + X509Certificate certificate) + { + try + { + GeneralName genName = new GeneralName( + PrincipalUtilities.GetIssuerX509Principal(certificate)); + + if (certificate.Version == 3) + { + Asn1OctetString ext = certificate.GetExtensionValue(X509Extensions.SubjectKeyIdentifier); + + if (ext != null) + { + Asn1OctetString str = (Asn1OctetString) X509ExtensionUtilities.FromExtensionValue(ext); + + return (Asn1Sequence) new AuthorityKeyIdentifier( + str.GetOctets(), new GeneralNames(genName), certificate.SerialNumber).ToAsn1Object(); + } + } + + SubjectPublicKeyInfo info = SubjectPublicKeyInfoFactory.CreateSubjectPublicKeyInfo( + certificate.GetPublicKey()); + + return (Asn1Sequence) new AuthorityKeyIdentifier( + info, new GeneralNames(genName), certificate.SerialNumber).ToAsn1Object(); + } + catch (Exception e) + { + throw new CertificateParsingException("Exception extracting certificate details", e); + } + } + + private static Asn1Sequence FromKey( + AsymmetricKeyParameter pubKey) + { + try + { + SubjectPublicKeyInfo info = SubjectPublicKeyInfoFactory.CreateSubjectPublicKeyInfo(pubKey); + + return (Asn1Sequence) new AuthorityKeyIdentifier(info).ToAsn1Object(); + } + catch (Exception e) + { + throw new InvalidKeyException("can't process key: " + e); + } + } + + /** + * Create an AuthorityKeyIdentifier using the passed in certificate's public + * key, issuer and serial number. + * + * @param certificate the certificate providing the information. + * @throws CertificateParsingException if there is a problem processing the certificate + */ + public AuthorityKeyIdentifierStructure( + X509Certificate certificate) + : base(FromCertificate(certificate)) + { + } + + /** + * Create an AuthorityKeyIdentifier using just the hash of the + * public key. + * + * @param pubKey the key to generate the hash from. + * @throws InvalidKeyException if there is a problem using the key. + */ + public AuthorityKeyIdentifierStructure( + AsymmetricKeyParameter pubKey) + : base(FromKey(pubKey)) + { + } + } +} diff --git a/BouncyCastle/crypto/src/x509/extension/SubjectKeyIdentifierStructure.cs b/BouncyCastle/crypto/src/x509/extension/SubjectKeyIdentifierStructure.cs new file mode 100644 index 0000000..4c7b79a --- /dev/null +++ b/BouncyCastle/crypto/src/x509/extension/SubjectKeyIdentifierStructure.cs @@ -0,0 +1,49 @@ +using System; + +using Org.BouncyCastle.Asn1; +using Org.BouncyCastle.Asn1.X509; +using Org.BouncyCastle.Crypto; +using Org.BouncyCastle.Security.Certificates; + +namespace Org.BouncyCastle.X509.Extension +{ + /** + * A high level subject key identifier. + */ + public class SubjectKeyIdentifierStructure + : SubjectKeyIdentifier + { + /** + * Constructor which will take the byte[] returned from getExtensionValue() + * + * @param encodedValue a DER octet encoded string with the extension structure in it. + * @throws IOException on parsing errors. + */ + public SubjectKeyIdentifierStructure( + Asn1OctetString encodedValue) + : base((Asn1OctetString) X509ExtensionUtilities.FromExtensionValue(encodedValue)) + { + } + + private static Asn1OctetString FromPublicKey( + AsymmetricKeyParameter pubKey) + { + try + { + SubjectPublicKeyInfo info = SubjectPublicKeyInfoFactory.CreateSubjectPublicKeyInfo(pubKey); + + return (Asn1OctetString) new SubjectKeyIdentifier(info).ToAsn1Object(); + } + catch (Exception e) + { + throw new CertificateParsingException("Exception extracting certificate details: " + e.ToString()); + } + } + + public SubjectKeyIdentifierStructure( + AsymmetricKeyParameter pubKey) + : base(FromPublicKey(pubKey)) + { + } + } +} diff --git a/BouncyCastle/crypto/src/x509/extension/X509ExtensionUtil.cs b/BouncyCastle/crypto/src/x509/extension/X509ExtensionUtil.cs new file mode 100644 index 0000000..5f65ebf --- /dev/null +++ b/BouncyCastle/crypto/src/x509/extension/X509ExtensionUtil.cs @@ -0,0 +1,91 @@ +using System; +using System.Collections; +using System.IO; + +using Org.BouncyCastle.Asn1; +using Org.BouncyCastle.Asn1.X509; +using Org.BouncyCastle.Security.Certificates; +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.X509.Extension +{ + public class X509ExtensionUtilities + { + public static Asn1Object FromExtensionValue( + Asn1OctetString extensionValue) + { + return Asn1Object.FromByteArray(extensionValue.GetOctets()); + } + + public static ICollection GetIssuerAlternativeNames( + X509Certificate cert) + { + Asn1OctetString extVal = cert.GetExtensionValue(X509Extensions.IssuerAlternativeName); + + return GetAlternativeName(extVal); + } + + public static ICollection GetSubjectAlternativeNames( + X509Certificate cert) + { + Asn1OctetString extVal = cert.GetExtensionValue(X509Extensions.SubjectAlternativeName); + + return GetAlternativeName(extVal); + } + + private static ICollection GetAlternativeName( + Asn1OctetString extVal) + { + IList temp = Platform.CreateArrayList(); + + if (extVal != null) + { + try + { + Asn1Sequence seq = DerSequence.GetInstance(FromExtensionValue(extVal)); + + foreach (Asn1Encodable primName in seq) + { + IList list = Platform.CreateArrayList(); + GeneralName genName = GeneralName.GetInstance(primName); + + list.Add(genName.TagNo); + + switch (genName.TagNo) + { + case GeneralName.EdiPartyName: + case GeneralName.X400Address: + case GeneralName.OtherName: + list.Add(genName.Name.ToAsn1Object()); + break; + case GeneralName.DirectoryName: + list.Add(X509Name.GetInstance(genName.Name).ToString()); + break; + case GeneralName.DnsName: + case GeneralName.Rfc822Name: + case GeneralName.UniformResourceIdentifier: + list.Add(((IAsn1String)genName.Name).GetString()); + break; + case GeneralName.RegisteredID: + list.Add(DerObjectIdentifier.GetInstance(genName.Name).Id); + break; + case GeneralName.IPAddress: + list.Add(DerOctetString.GetInstance(genName.Name).GetOctets()); + break; + default: + throw new IOException("Bad tag number: " + genName.TagNo); + } + + temp.Add(list); + } + } + catch (Exception e) + { + throw new CertificateParsingException(e.Message); + } + } + + return temp; + } + } +} diff --git a/BouncyCastle/crypto/src/x509/store/IX509Selector.cs b/BouncyCastle/crypto/src/x509/store/IX509Selector.cs new file mode 100644 index 0000000..75358cb --- /dev/null +++ b/BouncyCastle/crypto/src/x509/store/IX509Selector.cs @@ -0,0 +1,15 @@ +using System; + +namespace Org.BouncyCastle.X509.Store +{ + public interface IX509Selector +#if !(SILVERLIGHT || PORTABLE) + : ICloneable +#endif + { +#if SILVERLIGHT || PORTABLE + object Clone(); +#endif + bool Match(object obj); + } +} diff --git a/BouncyCastle/crypto/src/x509/store/IX509Store.cs b/BouncyCastle/crypto/src/x509/store/IX509Store.cs new file mode 100644 index 0000000..e5c3a46 --- /dev/null +++ b/BouncyCastle/crypto/src/x509/store/IX509Store.cs @@ -0,0 +1,11 @@ +using System; +using System.Collections; + +namespace Org.BouncyCastle.X509.Store +{ + public interface IX509Store + { +// void Init(IX509StoreParameters parameters); + ICollection GetMatches(IX509Selector selector); + } +} diff --git a/BouncyCastle/crypto/src/x509/store/IX509StoreParameters.cs b/BouncyCastle/crypto/src/x509/store/IX509StoreParameters.cs new file mode 100644 index 0000000..aee3036 --- /dev/null +++ b/BouncyCastle/crypto/src/x509/store/IX509StoreParameters.cs @@ -0,0 +1,8 @@ +using System; + +namespace Org.BouncyCastle.X509.Store +{ + public interface IX509StoreParameters + { + } +} diff --git a/BouncyCastle/crypto/src/x509/store/NoSuchStoreException.cs b/BouncyCastle/crypto/src/x509/store/NoSuchStoreException.cs new file mode 100644 index 0000000..28b1889 --- /dev/null +++ b/BouncyCastle/crypto/src/x509/store/NoSuchStoreException.cs @@ -0,0 +1,28 @@ +using System; + +namespace Org.BouncyCastle.X509.Store +{ +#if !(NETCF_1_0 || NETCF_2_0 || SILVERLIGHT || PORTABLE) + [Serializable] +#endif + public class NoSuchStoreException + : X509StoreException + { + public NoSuchStoreException() + { + } + + public NoSuchStoreException( + string message) + : base(message) + { + } + + public NoSuchStoreException( + string message, + Exception e) + : base(message, e) + { + } + } +} diff --git a/BouncyCastle/crypto/src/x509/store/X509AttrCertStoreSelector.cs b/BouncyCastle/crypto/src/x509/store/X509AttrCertStoreSelector.cs new file mode 100644 index 0000000..24255fa --- /dev/null +++ b/BouncyCastle/crypto/src/x509/store/X509AttrCertStoreSelector.cs @@ -0,0 +1,375 @@ +using System; +using System.Collections; + +using Org.BouncyCastle.Asn1; +using Org.BouncyCastle.Asn1.X509; +using Org.BouncyCastle.Math; +using Org.BouncyCastle.Utilities.Collections; +using Org.BouncyCastle.Utilities.Date; +using Org.BouncyCastle.X509.Extension; + +namespace Org.BouncyCastle.X509.Store +{ + /** + * This class is an Selector like implementation to select + * attribute certificates from a given set of criteria. + * + * @see org.bouncycastle.x509.X509AttributeCertificate + * @see org.bouncycastle.x509.X509Store + */ + public class X509AttrCertStoreSelector + : IX509Selector + { + // TODO: name constraints??? + + private IX509AttributeCertificate attributeCert; + private DateTimeObject attributeCertificateValid; + private AttributeCertificateHolder holder; + private AttributeCertificateIssuer issuer; + private BigInteger serialNumber; + private ISet targetNames = new HashSet(); + private ISet targetGroups = new HashSet(); + + public X509AttrCertStoreSelector() + { + } + + private X509AttrCertStoreSelector( + X509AttrCertStoreSelector o) + { + this.attributeCert = o.attributeCert; + this.attributeCertificateValid = o.attributeCertificateValid; + this.holder = o.holder; + this.issuer = o.issuer; + this.serialNumber = o.serialNumber; + this.targetGroups = new HashSet(o.targetGroups); + this.targetNames = new HashSet(o.targetNames); + } + + /// + /// Decides if the given attribute certificate should be selected. + /// + /// The attribute certificate to be checked. + /// true if the object matches this selector. + public bool Match( + object obj) + { + if (obj == null) + throw new ArgumentNullException("obj"); + + IX509AttributeCertificate attrCert = obj as IX509AttributeCertificate; + + if (attrCert == null) + return false; + + if (this.attributeCert != null && !this.attributeCert.Equals(attrCert)) + return false; + + if (serialNumber != null && !attrCert.SerialNumber.Equals(serialNumber)) + return false; + + if (holder != null && !attrCert.Holder.Equals(holder)) + return false; + + if (issuer != null && !attrCert.Issuer.Equals(issuer)) + return false; + + if (attributeCertificateValid != null && !attrCert.IsValid(attributeCertificateValid.Value)) + return false; + + if (targetNames.Count > 0 || targetGroups.Count > 0) + { + Asn1OctetString targetInfoExt = attrCert.GetExtensionValue( + X509Extensions.TargetInformation); + + if (targetInfoExt != null) + { + TargetInformation targetinfo; + try + { + targetinfo = TargetInformation.GetInstance( + X509ExtensionUtilities.FromExtensionValue(targetInfoExt)); + } + catch (Exception) + { + return false; + } + + Targets[] targetss = targetinfo.GetTargetsObjects(); + + if (targetNames.Count > 0) + { + bool found = false; + + for (int i = 0; i < targetss.Length && !found; i++) + { + Target[] targets = targetss[i].GetTargets(); + + for (int j = 0; j < targets.Length; j++) + { + GeneralName targetName = targets[j].TargetName; + + if (targetName != null && targetNames.Contains(targetName)) + { + found = true; + break; + } + } + } + if (!found) + { + return false; + } + } + + if (targetGroups.Count > 0) + { + bool found = false; + + for (int i = 0; i < targetss.Length && !found; i++) + { + Target[] targets = targetss[i].GetTargets(); + + for (int j = 0; j < targets.Length; j++) + { + GeneralName targetGroup = targets[j].TargetGroup; + + if (targetGroup != null && targetGroups.Contains(targetGroup)) + { + found = true; + break; + } + } + } + + if (!found) + { + return false; + } + } + } + } + + return true; + } + + public object Clone() + { + return new X509AttrCertStoreSelector(this); + } + + /// The attribute certificate which must be matched. + /// If null is given, any will do. + public IX509AttributeCertificate AttributeCert + { + get { return attributeCert; } + set { this.attributeCert = value; } + } + + [Obsolete("Use AttributeCertificateValid instead")] + public DateTimeObject AttribueCertificateValid + { + get { return attributeCertificateValid; } + set { this.attributeCertificateValid = value; } + } + + /// The criteria for validity + /// If null is given any will do. + public DateTimeObject AttributeCertificateValid + { + get { return attributeCertificateValid; } + set { this.attributeCertificateValid = value; } + } + + /// The holder. + /// If null is given any will do. + public AttributeCertificateHolder Holder + { + get { return holder; } + set { this.holder = value; } + } + + /// The issuer. + /// If null is given any will do. + public AttributeCertificateIssuer Issuer + { + get { return issuer; } + set { this.issuer = value; } + } + + /// The serial number. + /// If null is given any will do. + public BigInteger SerialNumber + { + get { return serialNumber; } + set { this.serialNumber = value; } + } + + /** + * Adds a target name criterion for the attribute certificate to the target + * information extension criteria. The X509AttributeCertificate + * must contain at least one of the specified target names. + *

    + * Each attribute certificate may contain a target information extension + * limiting the servers where this attribute certificate can be used. If + * this extension is not present, the attribute certificate is not targeted + * and may be accepted by any server. + *

    + * + * @param name The name as a GeneralName (not null) + */ + public void AddTargetName( + GeneralName name) + { + targetNames.Add(name); + } + + /** + * Adds a target name criterion for the attribute certificate to the target + * information extension criteria. The X509AttributeCertificate + * must contain at least one of the specified target names. + *

    + * Each attribute certificate may contain a target information extension + * limiting the servers where this attribute certificate can be used. If + * this extension is not present, the attribute certificate is not targeted + * and may be accepted by any server. + *

    + * + * @param name a byte array containing the name in ASN.1 DER encoded form of a GeneralName + * @throws IOException if a parsing error occurs. + */ + public void AddTargetName( + byte[] name) + { + AddTargetName(GeneralName.GetInstance(Asn1Object.FromByteArray(name))); + } + + /** + * Adds a collection with target names criteria. If null is + * given any will do. + *

    + * The collection consists of either GeneralName objects or byte[] arrays representing + * DER encoded GeneralName structures. + *

    + * + * @param names A collection of target names. + * @throws IOException if a parsing error occurs. + * @see #AddTargetName(byte[]) + * @see #AddTargetName(GeneralName) + */ + public void SetTargetNames( + IEnumerable names) + { + targetNames = ExtractGeneralNames(names); + } + + /** + * Gets the target names. The collection consists of Lists + * made up of an Integer in the first entry and a DER encoded + * byte array or a String in the second entry. + *

    The returned collection is immutable.

    + * + * @return The collection of target names + * @see #setTargetNames(Collection) + */ + public IEnumerable GetTargetNames() + { + return new EnumerableProxy(targetNames); + } + + /** + * Adds a target group criterion for the attribute certificate to the target + * information extension criteria. The X509AttributeCertificate + * must contain at least one of the specified target groups. + *

    + * Each attribute certificate may contain a target information extension + * limiting the servers where this attribute certificate can be used. If + * this extension is not present, the attribute certificate is not targeted + * and may be accepted by any server. + *

    + * + * @param group The group as GeneralName form (not null) + */ + public void AddTargetGroup( + GeneralName group) + { + targetGroups.Add(group); + } + + /** + * Adds a target group criterion for the attribute certificate to the target + * information extension criteria. The X509AttributeCertificate + * must contain at least one of the specified target groups. + *

    + * Each attribute certificate may contain a target information extension + * limiting the servers where this attribute certificate can be used. If + * this extension is not present, the attribute certificate is not targeted + * and may be accepted by any server. + *

    + * + * @param name a byte array containing the group in ASN.1 DER encoded form of a GeneralName + * @throws IOException if a parsing error occurs. + */ + public void AddTargetGroup( + byte[] name) + { + AddTargetGroup(GeneralName.GetInstance(Asn1Object.FromByteArray(name))); + } + + /** + * Adds a collection with target groups criteria. If null is + * given any will do. + *

    + * The collection consists of GeneralName objects or byte[] + * representing DER encoded GeneralNames. + *

    + * + * @param names A collection of target groups. + * @throws IOException if a parsing error occurs. + * @see #AddTargetGroup(byte[]) + * @see #AddTargetGroup(GeneralName) + */ + public void SetTargetGroups( + IEnumerable names) + { + targetGroups = ExtractGeneralNames(names); + } + + /** + * Gets the target groups. The collection consists of Lists + * made up of an Integer in the first entry and a DER encoded + * byte array or a String in the second entry. + *

    The returned collection is immutable.

    + * + * @return The collection of target groups. + * @see #setTargetGroups(Collection) + */ + public IEnumerable GetTargetGroups() + { + return new EnumerableProxy(targetGroups); + } + + private ISet ExtractGeneralNames( + IEnumerable names) + { + ISet result = new HashSet(); + + if (names != null) + { + foreach (object o in names) + { + if (o is GeneralName) + { + result.Add(o); + } + else + { + result.Add(GeneralName.GetInstance(Asn1Object.FromByteArray((byte[]) o))); + } + } + } + + return result; + } + } +} diff --git a/BouncyCastle/crypto/src/x509/store/X509CertPairStoreSelector.cs b/BouncyCastle/crypto/src/x509/store/X509CertPairStoreSelector.cs new file mode 100644 index 0000000..2796971 --- /dev/null +++ b/BouncyCastle/crypto/src/x509/store/X509CertPairStoreSelector.cs @@ -0,0 +1,92 @@ +using System; + +namespace Org.BouncyCastle.X509.Store +{ + /// + /// This class is an IX509Selector implementation to select + /// certificate pairs, which are e.g. used for cross certificates. The set of + /// criteria is given from two X509CertStoreSelector objects, + /// each of which, if present, must match the respective component of a pair. + /// + public class X509CertPairStoreSelector + : IX509Selector + { + private static X509CertStoreSelector CloneSelector( + X509CertStoreSelector s) + { + return s == null ? null : (X509CertStoreSelector) s.Clone(); + } + + private X509CertificatePair certPair; + private X509CertStoreSelector forwardSelector; + private X509CertStoreSelector reverseSelector; + + public X509CertPairStoreSelector() + { + } + + private X509CertPairStoreSelector( + X509CertPairStoreSelector o) + { + this.certPair = o.CertPair; + this.forwardSelector = o.ForwardSelector; + this.reverseSelector = o.ReverseSelector; + } + + /// The certificate pair which is used for testing on equality. + public X509CertificatePair CertPair + { + get { return certPair; } + set { this.certPair = value; } + } + + /// The certificate selector for the forward part. + public X509CertStoreSelector ForwardSelector + { + get { return CloneSelector(forwardSelector); } + set { this.forwardSelector = CloneSelector(value); } + } + + /// The certificate selector for the reverse part. + public X509CertStoreSelector ReverseSelector + { + get { return CloneSelector(reverseSelector); } + set { this.reverseSelector = CloneSelector(value); } + } + + /// + /// Decides if the given certificate pair should be selected. If + /// obj is not a X509CertificatePair, this method + /// returns false. + /// + /// The X509CertificatePair to be tested. + /// true if the object matches this selector. + public bool Match( + object obj) + { + if (obj == null) + throw new ArgumentNullException("obj"); + + X509CertificatePair pair = obj as X509CertificatePair; + + if (pair == null) + return false; + + if (certPair != null && !certPair.Equals(pair)) + return false; + + if (forwardSelector != null && !forwardSelector.Match(pair.Forward)) + return false; + + if (reverseSelector != null && !reverseSelector.Match(pair.Reverse)) + return false; + + return true; + } + + public object Clone() + { + return new X509CertPairStoreSelector(this); + } + } +} diff --git a/BouncyCastle/crypto/src/x509/store/X509CertStoreSelector.cs b/BouncyCastle/crypto/src/x509/store/X509CertStoreSelector.cs new file mode 100644 index 0000000..f92a4ac --- /dev/null +++ b/BouncyCastle/crypto/src/x509/store/X509CertStoreSelector.cs @@ -0,0 +1,346 @@ +using System; +using System.Collections; + +using Org.BouncyCastle.Asn1; +using Org.BouncyCastle.Asn1.X509; +using Org.BouncyCastle.Math; +using Org.BouncyCastle.Utilities; +using Org.BouncyCastle.Utilities.Collections; +using Org.BouncyCastle.Utilities.Date; +using Org.BouncyCastle.X509.Extension; + +namespace Org.BouncyCastle.X509.Store +{ + public class X509CertStoreSelector + : IX509Selector + { + // TODO Missing criteria? + + private byte[] authorityKeyIdentifier; + private int basicConstraints = -1; + private X509Certificate certificate; + private DateTimeObject certificateValid; + private ISet extendedKeyUsage; + private bool ignoreX509NameOrdering; + private X509Name issuer; + private bool[] keyUsage; + private ISet policy; + private DateTimeObject privateKeyValid; + private BigInteger serialNumber; + private X509Name subject; + private byte[] subjectKeyIdentifier; + private SubjectPublicKeyInfo subjectPublicKey; + private DerObjectIdentifier subjectPublicKeyAlgID; + + public X509CertStoreSelector() + { + } + + public X509CertStoreSelector( + X509CertStoreSelector o) + { + this.authorityKeyIdentifier = o.AuthorityKeyIdentifier; + this.basicConstraints = o.BasicConstraints; + this.certificate = o.Certificate; + this.certificateValid = o.CertificateValid; + this.extendedKeyUsage = o.ExtendedKeyUsage; + this.ignoreX509NameOrdering = o.IgnoreX509NameOrdering; + this.issuer = o.Issuer; + this.keyUsage = o.KeyUsage; + this.policy = o.Policy; + this.privateKeyValid = o.PrivateKeyValid; + this.serialNumber = o.SerialNumber; + this.subject = o.Subject; + this.subjectKeyIdentifier = o.SubjectKeyIdentifier; + this.subjectPublicKey = o.SubjectPublicKey; + this.subjectPublicKeyAlgID = o.SubjectPublicKeyAlgID; + } + + public virtual object Clone() + { + return new X509CertStoreSelector(this); + } + + public byte[] AuthorityKeyIdentifier + { + get { return Arrays.Clone(authorityKeyIdentifier); } + set { authorityKeyIdentifier = Arrays.Clone(value); } + } + + public int BasicConstraints + { + get { return basicConstraints; } + set + { + if (value < -2) + throw new ArgumentException("value can't be less than -2", "value"); + + basicConstraints = value; + } + } + + public X509Certificate Certificate + { + get { return certificate; } + set { this.certificate = value; } + } + + public DateTimeObject CertificateValid + { + get { return certificateValid; } + set { certificateValid = value; } + } + + public ISet ExtendedKeyUsage + { + get { return CopySet(extendedKeyUsage); } + set { extendedKeyUsage = CopySet(value); } + } + + public bool IgnoreX509NameOrdering + { + get { return ignoreX509NameOrdering; } + set { this.ignoreX509NameOrdering = value; } + } + + public X509Name Issuer + { + get { return issuer; } + set { issuer = value; } + } + + [Obsolete("Avoid working with X509Name objects in string form")] + public string IssuerAsString + { + get { return issuer != null ? issuer.ToString() : null; } + } + + public bool[] KeyUsage + { + get { return CopyBoolArray(keyUsage); } + set { keyUsage = CopyBoolArray(value); } + } + + /// + /// An ISet of DerObjectIdentifier objects. + /// + public ISet Policy + { + get { return CopySet(policy); } + set { policy = CopySet(value); } + } + + public DateTimeObject PrivateKeyValid + { + get { return privateKeyValid; } + set { privateKeyValid = value; } + } + + public BigInteger SerialNumber + { + get { return serialNumber; } + set { serialNumber = value; } + } + + public X509Name Subject + { + get { return subject; } + set { subject = value; } + } + + [Obsolete("Avoid working with X509Name objects in string form")] + public string SubjectAsString + { + get { return subject != null ? subject.ToString() : null; } + } + + public byte[] SubjectKeyIdentifier + { + get { return Arrays.Clone(subjectKeyIdentifier); } + set { subjectKeyIdentifier = Arrays.Clone(value); } + } + + public SubjectPublicKeyInfo SubjectPublicKey + { + get { return subjectPublicKey; } + set { subjectPublicKey = value; } + } + + public DerObjectIdentifier SubjectPublicKeyAlgID + { + get { return subjectPublicKeyAlgID; } + set { subjectPublicKeyAlgID = value; } + } + + public virtual bool Match( + object obj) + { + X509Certificate c = obj as X509Certificate; + + if (c == null) + return false; + + if (!MatchExtension(authorityKeyIdentifier, c, X509Extensions.AuthorityKeyIdentifier)) + return false; + + if (basicConstraints != -1) + { + int bc = c.GetBasicConstraints(); + + if (basicConstraints == -2) + { + if (bc != -1) + return false; + } + else + { + if (bc < basicConstraints) + return false; + } + } + + if (certificate != null && !certificate.Equals(c)) + return false; + + if (certificateValid != null && !c.IsValid(certificateValid.Value)) + return false; + + if (extendedKeyUsage != null) + { + IList eku = c.GetExtendedKeyUsage(); + + // Note: if no extended key usage set, all key purposes are implicitly allowed + + if (eku != null) + { + foreach (DerObjectIdentifier oid in extendedKeyUsage) + { + if (!eku.Contains(oid.Id)) + return false; + } + } + } + + if (issuer != null && !issuer.Equivalent(c.IssuerDN, !ignoreX509NameOrdering)) + return false; + + if (keyUsage != null) + { + bool[] ku = c.GetKeyUsage(); + + // Note: if no key usage set, all key purposes are implicitly allowed + + if (ku != null) + { + for (int i = 0; i < 9; ++i) + { + if (keyUsage[i] && !ku[i]) + return false; + } + } + } + + if (policy != null) + { + Asn1OctetString extVal = c.GetExtensionValue(X509Extensions.CertificatePolicies); + if (extVal == null) + return false; + + Asn1Sequence certPolicies = Asn1Sequence.GetInstance( + X509ExtensionUtilities.FromExtensionValue(extVal)); + + if (policy.Count < 1 && certPolicies.Count < 1) + return false; + + bool found = false; + foreach (PolicyInformation pi in certPolicies) + { + if (policy.Contains(pi.PolicyIdentifier)) + { + found = true; + break; + } + } + + if (!found) + return false; + } + + if (privateKeyValid != null) + { + Asn1OctetString extVal = c.GetExtensionValue(X509Extensions.PrivateKeyUsagePeriod); + if (extVal == null) + return false; + + PrivateKeyUsagePeriod pkup = PrivateKeyUsagePeriod.GetInstance( + X509ExtensionUtilities.FromExtensionValue(extVal)); + + DateTime dt = privateKeyValid.Value; + DateTime notAfter = pkup.NotAfter.ToDateTime(); + DateTime notBefore = pkup.NotBefore.ToDateTime(); + + if (dt.CompareTo(notAfter) > 0 || dt.CompareTo(notBefore) < 0) + return false; + } + + if (serialNumber != null && !serialNumber.Equals(c.SerialNumber)) + return false; + + if (subject != null && !subject.Equivalent(c.SubjectDN, !ignoreX509NameOrdering)) + return false; + + if (!MatchExtension(subjectKeyIdentifier, c, X509Extensions.SubjectKeyIdentifier)) + return false; + + if (subjectPublicKey != null && !subjectPublicKey.Equals(GetSubjectPublicKey(c))) + return false; + + if (subjectPublicKeyAlgID != null + && !subjectPublicKeyAlgID.Equals(GetSubjectPublicKey(c).AlgorithmID)) + return false; + + return true; + } + + internal static bool IssuersMatch( + X509Name a, + X509Name b) + { + return a == null ? b == null : a.Equivalent(b, true); + } + + private static bool[] CopyBoolArray( + bool[] b) + { + return b == null ? null : (bool[]) b.Clone(); + } + + private static ISet CopySet( + ISet s) + { + return s == null ? null : new HashSet(s); + } + + private static SubjectPublicKeyInfo GetSubjectPublicKey( + X509Certificate c) + { + return SubjectPublicKeyInfoFactory.CreateSubjectPublicKeyInfo(c.GetPublicKey()); + } + + private static bool MatchExtension( + byte[] b, + X509Certificate c, + DerObjectIdentifier oid) + { + if (b == null) + return true; + + Asn1OctetString extVal = c.GetExtensionValue(oid); + + if (extVal == null) + return false; + + return Arrays.AreEqual(b, extVal.GetOctets()); + } + } +} diff --git a/BouncyCastle/crypto/src/x509/store/X509CollectionStore.cs b/BouncyCastle/crypto/src/x509/store/X509CollectionStore.cs new file mode 100644 index 0000000..9217314 --- /dev/null +++ b/BouncyCastle/crypto/src/x509/store/X509CollectionStore.cs @@ -0,0 +1,51 @@ +using System; +using System.Collections; + +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.X509.Store +{ + /** + * A simple collection backed store. + */ + internal class X509CollectionStore + : IX509Store + { + private ICollection _local; + + /** + * Basic constructor. + * + * @param collection - initial contents for the store, this is copied. + */ + internal X509CollectionStore( + ICollection collection) + { + _local = Platform.CreateArrayList(collection); + } + + /** + * Return the matches in the collection for the passed in selector. + * + * @param selector the selector to match against. + * @return a possibly empty collection of matching objects. + */ + public ICollection GetMatches( + IX509Selector selector) + { + if (selector == null) + { + return Platform.CreateArrayList(_local); + } + + IList result = Platform.CreateArrayList(); + foreach (object obj in _local) + { + if (selector.Match(obj)) + result.Add(obj); + } + + return result; + } + } +} diff --git a/BouncyCastle/crypto/src/x509/store/X509CollectionStoreParameters.cs b/BouncyCastle/crypto/src/x509/store/X509CollectionStoreParameters.cs new file mode 100644 index 0000000..7fd047a --- /dev/null +++ b/BouncyCastle/crypto/src/x509/store/X509CollectionStoreParameters.cs @@ -0,0 +1,60 @@ +using System; +using System.Collections; +using System.Text; + +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.X509.Store +{ + /// This class contains a collection for collection based X509Stores. + public class X509CollectionStoreParameters + : IX509StoreParameters + { + private readonly IList collection; + + /// + /// Constructor. + ///

    + /// The collection is copied. + ///

    + ///     + /// The collection containing X.509 object types. + /// If collection is null. + public X509CollectionStoreParameters( + ICollection collection) + { + if (collection == null) + throw new ArgumentNullException("collection"); + + this.collection = Platform.CreateArrayList(collection); + } + + // TODO Do we need to be able to Clone() these, and should it really be shallow? +// /** +// * Returns a shallow clone. The returned contents are not copied, so adding +// * or removing objects will effect this. +// * +// * @return a shallow clone. +// */ +// public object Clone() +// { +// return new X509CollectionStoreParameters(collection); +// } + + /// Returns a copy of the ICollection. + public ICollection GetCollection() + { + return Platform.CreateArrayList(collection); + } + + /// Returns a formatted string describing the parameters. + public override string ToString() + { + StringBuilder sb = new StringBuilder(); + sb.Append("X509CollectionStoreParameters: [\n"); + sb.Append(" collection: " + collection + "\n"); + sb.Append("]"); + return sb.ToString(); + } + } +} diff --git a/BouncyCastle/crypto/src/x509/store/X509CrlStoreSelector.cs b/BouncyCastle/crypto/src/x509/store/X509CrlStoreSelector.cs new file mode 100644 index 0000000..4be2a1e --- /dev/null +++ b/BouncyCastle/crypto/src/x509/store/X509CrlStoreSelector.cs @@ -0,0 +1,282 @@ +using System; +using System.Collections; + +using Org.BouncyCastle.Asn1; +using Org.BouncyCastle.Asn1.X509; +using Org.BouncyCastle.Math; +using Org.BouncyCastle.Utilities; +using Org.BouncyCastle.Utilities.Date; +using Org.BouncyCastle.X509.Extension; + +namespace Org.BouncyCastle.X509.Store +{ + public class X509CrlStoreSelector + : IX509Selector + { + // TODO Missing criteria? + + private X509Certificate certificateChecking; + private DateTimeObject dateAndTime; + private ICollection issuers; + private BigInteger maxCrlNumber; + private BigInteger minCrlNumber; + + private IX509AttributeCertificate attrCertChecking; + private bool completeCrlEnabled; + private bool deltaCrlIndicatorEnabled; + private byte[] issuingDistributionPoint; + private bool issuingDistributionPointEnabled; + private BigInteger maxBaseCrlNumber; + + public X509CrlStoreSelector() + { + } + + public X509CrlStoreSelector( + X509CrlStoreSelector o) + { + this.certificateChecking = o.CertificateChecking; + this.dateAndTime = o.DateAndTime; + this.issuers = o.Issuers; + this.maxCrlNumber = o.MaxCrlNumber; + this.minCrlNumber = o.MinCrlNumber; + + this.deltaCrlIndicatorEnabled = o.DeltaCrlIndicatorEnabled; + this.completeCrlEnabled = o.CompleteCrlEnabled; + this.maxBaseCrlNumber = o.MaxBaseCrlNumber; + this.attrCertChecking = o.AttrCertChecking; + this.issuingDistributionPointEnabled = o.IssuingDistributionPointEnabled; + this.issuingDistributionPoint = o.IssuingDistributionPoint; + } + + public virtual object Clone() + { + return new X509CrlStoreSelector(this); + } + + public X509Certificate CertificateChecking + { + get { return certificateChecking; } + set { certificateChecking = value; } + } + + public DateTimeObject DateAndTime + { + get { return dateAndTime; } + set { dateAndTime = value; } + } + + /// + /// An ICollection of X509Name objects + /// + public ICollection Issuers + { + get { return Platform.CreateArrayList(issuers); } + set { issuers = Platform.CreateArrayList(value); } + } + + public BigInteger MaxCrlNumber + { + get { return maxCrlNumber; } + set { maxCrlNumber = value; } + } + + public BigInteger MinCrlNumber + { + get { return minCrlNumber; } + set { minCrlNumber = value; } + } + + /** + * The attribute certificate being checked. This is not a criterion. + * Rather, it is optional information that may help a {@link X509Store} find + * CRLs that would be relevant when checking revocation for the specified + * attribute certificate. If null is specified, then no such + * optional information is provided. + * + * @param attrCert the IX509AttributeCertificate being checked (or + * null) + * @see #getAttrCertificateChecking() + */ + public IX509AttributeCertificate AttrCertChecking + { + get { return attrCertChecking; } + set { this.attrCertChecking = value; } + } + + /** + * If true only complete CRLs are returned. Defaults to + * false. + * + * @return true if only complete CRLs are returned. + */ + public bool CompleteCrlEnabled + { + get { return completeCrlEnabled; } + set { this.completeCrlEnabled = value; } + } + + /** + * Returns if this selector must match CRLs with the delta CRL indicator + * extension set. Defaults to false. + * + * @return Returns true if only CRLs with the delta CRL + * indicator extension are selected. + */ + public bool DeltaCrlIndicatorEnabled + { + get { return deltaCrlIndicatorEnabled; } + set { this.deltaCrlIndicatorEnabled = value; } + } + + /** + * The issuing distribution point. + *

    + * The issuing distribution point extension is a CRL extension which + * identifies the scope and the distribution point of a CRL. The scope + * contains among others information about revocation reasons contained in + * the CRL. Delta CRLs and complete CRLs must have matching issuing + * distribution points.

    + *

    + * The byte array is cloned to protect against subsequent modifications.

    + *

    + * You must also enable or disable this criteria with + * {@link #setIssuingDistributionPointEnabled(bool)}.

    + * + * @param issuingDistributionPoint The issuing distribution point to set. + * This is the DER encoded OCTET STRING extension value. + * @see #getIssuingDistributionPoint() + */ + public byte[] IssuingDistributionPoint + { + get { return Arrays.Clone(issuingDistributionPoint); } + set { this.issuingDistributionPoint = Arrays.Clone(value); } + } + + /** + * Whether the issuing distribution point criteria should be applied. + * Defaults to false. + *

    + * You may also set the issuing distribution point criteria if not a missing + * issuing distribution point should be assumed.

    + * + * @return Returns if the issuing distribution point check is enabled. + */ + public bool IssuingDistributionPointEnabled + { + get { return issuingDistributionPointEnabled; } + set { this.issuingDistributionPointEnabled = value; } + } + + /** + * The maximum base CRL number. Defaults to null. + * + * @return Returns the maximum base CRL number. + * @see #setMaxBaseCRLNumber(BigInteger) + */ + public BigInteger MaxBaseCrlNumber + { + get { return maxBaseCrlNumber; } + set { this.maxBaseCrlNumber = value; } + } + + public virtual bool Match( + object obj) + { + X509Crl c = obj as X509Crl; + + if (c == null) + return false; + + if (dateAndTime != null) + { + DateTime dt = dateAndTime.Value; + DateTime tu = c.ThisUpdate; + DateTimeObject nu = c.NextUpdate; + + if (dt.CompareTo(tu) < 0 || nu == null || dt.CompareTo(nu.Value) >= 0) + return false; + } + + if (issuers != null) + { + X509Name i = c.IssuerDN; + + bool found = false; + + foreach (X509Name issuer in issuers) + { + if (issuer.Equivalent(i, true)) + { + found = true; + break; + } + } + + if (!found) + return false; + } + + if (maxCrlNumber != null || minCrlNumber != null) + { + Asn1OctetString extVal = c.GetExtensionValue(X509Extensions.CrlNumber); + if (extVal == null) + return false; + + BigInteger cn = CrlNumber.GetInstance( + X509ExtensionUtilities.FromExtensionValue(extVal)).PositiveValue; + + if (maxCrlNumber != null && cn.CompareTo(maxCrlNumber) > 0) + return false; + + if (minCrlNumber != null && cn.CompareTo(minCrlNumber) < 0) + return false; + } + + DerInteger dci = null; + try + { + Asn1OctetString bytes = c.GetExtensionValue(X509Extensions.DeltaCrlIndicator); + if (bytes != null) + { + dci = DerInteger.GetInstance(X509ExtensionUtilities.FromExtensionValue(bytes)); + } + } + catch (Exception) + { + return false; + } + + if (dci == null) + { + if (DeltaCrlIndicatorEnabled) + return false; + } + else + { + if (CompleteCrlEnabled) + return false; + + if (maxBaseCrlNumber != null && dci.PositiveValue.CompareTo(maxBaseCrlNumber) > 0) + return false; + } + + if (issuingDistributionPointEnabled) + { + Asn1OctetString idp = c.GetExtensionValue(X509Extensions.IssuingDistributionPoint); + if (issuingDistributionPoint == null) + { + if (idp != null) + return false; + } + else + { + if (!Arrays.AreEqual(idp.GetOctets(), issuingDistributionPoint)) + return false; + } + } + + return true; + } + } +} diff --git a/BouncyCastle/crypto/src/x509/store/X509StoreException.cs b/BouncyCastle/crypto/src/x509/store/X509StoreException.cs new file mode 100644 index 0000000..ea7e51e --- /dev/null +++ b/BouncyCastle/crypto/src/x509/store/X509StoreException.cs @@ -0,0 +1,28 @@ +using System; + +namespace Org.BouncyCastle.X509.Store +{ +#if !(NETCF_1_0 || NETCF_2_0 || SILVERLIGHT || PORTABLE) + [Serializable] +#endif + public class X509StoreException + : Exception + { + public X509StoreException() + { + } + + public X509StoreException( + string message) + : base(message) + { + } + + public X509StoreException( + string message, + Exception e) + : base(message, e) + { + } + } +} diff --git a/BouncyCastle/crypto/src/x509/store/X509StoreFactory.cs b/BouncyCastle/crypto/src/x509/store/X509StoreFactory.cs new file mode 100644 index 0000000..96f22be --- /dev/null +++ b/BouncyCastle/crypto/src/x509/store/X509StoreFactory.cs @@ -0,0 +1,62 @@ +using System; +using System.Collections; + +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.X509.Store +{ + public sealed class X509StoreFactory + { + private X509StoreFactory() + { + } + + public static IX509Store Create( + string type, + IX509StoreParameters parameters) + { + if (type == null) + throw new ArgumentNullException("type"); + + string[] parts = Platform.ToUpperInvariant(type).Split('/'); + + if (parts.Length < 2) + throw new ArgumentException("type"); + + if (parts[1] != "COLLECTION") + throw new NoSuchStoreException("X.509 store type '" + type + "' not available."); + + X509CollectionStoreParameters p = (X509CollectionStoreParameters) parameters; + ICollection coll = p.GetCollection(); + + switch (parts[0]) + { + case "ATTRIBUTECERTIFICATE": + checkCorrectType(coll, typeof(IX509AttributeCertificate)); + break; + case "CERTIFICATE": + checkCorrectType(coll, typeof(X509Certificate)); + break; + case "CERTIFICATEPAIR": + checkCorrectType(coll, typeof(X509CertificatePair)); + break; + case "CRL": + checkCorrectType(coll, typeof(X509Crl)); + break; + default: + throw new NoSuchStoreException("X.509 store type '" + type + "' not available."); + } + + return new X509CollectionStore(coll); + } + + private static void checkCorrectType(ICollection coll, Type t) + { + foreach (object o in coll) + { + if (!t.IsInstanceOfType(o)) + throw new InvalidCastException("Can't cast object to type: " + t.FullName); + } + } + } +} diff --git a/BouncyCastle/crypto/test/UnitTests.csproj b/BouncyCastle/crypto/test/UnitTests.csproj new file mode 100644 index 0000000..00f8eb0 --- /dev/null +++ b/BouncyCastle/crypto/test/UnitTests.csproj @@ -0,0 +1,1456 @@ + + + + Debug + AnyCPU + 9.0.21022 + 2.0 + {D4EB669D-7C88-48C0-A480-C5CC73A7369B} + Library + UnitTests + UnitTests + v2.0 + + + true + full + false + bin\Debug + DEBUG;SEPARATE_UNIT_TESTS + prompt + 4 + false + 219 + + + full + true + bin\Release + SEPARATE_UNIT_TESTS + prompt + 4 + false + 219 + + + + + lib\nunit.framework.dll + + + lib\nunit.core.interfaces.dll + + + lib\nunit.core.dll + + + + + + {4C235092-820C-4DEB-9074-D356FB797D8B} + BouncyCastle + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + \ No newline at end of file diff --git a/BouncyCastle/crypto/test/data/PKITS/README.txt b/BouncyCastle/crypto/test/data/PKITS/README.txt new file mode 100644 index 0000000..00a124b --- /dev/null +++ b/BouncyCastle/crypto/test/data/PKITS/README.txt @@ -0,0 +1,3 @@ +PKITS test data from http://csrc.nist.gov/pki/testing/x509paths.html + +For more details please check the website above. diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/AllCertificatesNoPoliciesTest2EE.crt b/BouncyCastle/crypto/test/data/PKITS/certs/AllCertificatesNoPoliciesTest2EE.crt new file mode 100644 index 0000000..6c40491 Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/AllCertificatesNoPoliciesTest2EE.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/AllCertificatesSamePoliciesTest10EE.crt b/BouncyCastle/crypto/test/data/PKITS/certs/AllCertificatesSamePoliciesTest10EE.crt new file mode 100644 index 0000000..41b6d15 Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/AllCertificatesSamePoliciesTest10EE.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/AllCertificatesSamePoliciesTest13EE.crt b/BouncyCastle/crypto/test/data/PKITS/certs/AllCertificatesSamePoliciesTest13EE.crt new file mode 100644 index 0000000..9210106 Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/AllCertificatesSamePoliciesTest13EE.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/AllCertificatesanyPolicyTest11EE.crt b/BouncyCastle/crypto/test/data/PKITS/certs/AllCertificatesanyPolicyTest11EE.crt new file mode 100644 index 0000000..a7f9d22 Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/AllCertificatesanyPolicyTest11EE.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/AnyPolicyTest14EE.crt b/BouncyCastle/crypto/test/data/PKITS/certs/AnyPolicyTest14EE.crt new file mode 100644 index 0000000..b5961c7 Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/AnyPolicyTest14EE.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/BadCRLIssuerNameCACert.crt b/BouncyCastle/crypto/test/data/PKITS/certs/BadCRLIssuerNameCACert.crt new file mode 100644 index 0000000..6afe5dd Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/BadCRLIssuerNameCACert.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/BadCRLSignatureCACert.crt b/BouncyCastle/crypto/test/data/PKITS/certs/BadCRLSignatureCACert.crt new file mode 100644 index 0000000..bfac8a4 Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/BadCRLSignatureCACert.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/BadSignedCACert.crt b/BouncyCastle/crypto/test/data/PKITS/certs/BadSignedCACert.crt new file mode 100644 index 0000000..abf7f31 Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/BadSignedCACert.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/BadnotAfterDateCACert.crt b/BouncyCastle/crypto/test/data/PKITS/certs/BadnotAfterDateCACert.crt new file mode 100644 index 0000000..d8babc2 Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/BadnotAfterDateCACert.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/BadnotBeforeDateCACert.crt b/BouncyCastle/crypto/test/data/PKITS/certs/BadnotBeforeDateCACert.crt new file mode 100644 index 0000000..9b4cd82 Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/BadnotBeforeDateCACert.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/BasicSelfIssuedCRLSigningKeyCACert.crt b/BouncyCastle/crypto/test/data/PKITS/certs/BasicSelfIssuedCRLSigningKeyCACert.crt new file mode 100644 index 0000000..4188114 Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/BasicSelfIssuedCRLSigningKeyCACert.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/BasicSelfIssuedCRLSigningKeyCRLCert.crt b/BouncyCastle/crypto/test/data/PKITS/certs/BasicSelfIssuedCRLSigningKeyCRLCert.crt new file mode 100644 index 0000000..7c1b139 Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/BasicSelfIssuedCRLSigningKeyCRLCert.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/BasicSelfIssuedNewKeyCACert.crt b/BouncyCastle/crypto/test/data/PKITS/certs/BasicSelfIssuedNewKeyCACert.crt new file mode 100644 index 0000000..b4ccbe8 Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/BasicSelfIssuedNewKeyCACert.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/BasicSelfIssuedNewKeyOldWithNewCACert.crt b/BouncyCastle/crypto/test/data/PKITS/certs/BasicSelfIssuedNewKeyOldWithNewCACert.crt new file mode 100644 index 0000000..336a1ca Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/BasicSelfIssuedNewKeyOldWithNewCACert.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/BasicSelfIssuedOldKeyCACert.crt b/BouncyCastle/crypto/test/data/PKITS/certs/BasicSelfIssuedOldKeyCACert.crt new file mode 100644 index 0000000..78953d6 Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/BasicSelfIssuedOldKeyCACert.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/BasicSelfIssuedOldKeyNewWithOldCACert.crt b/BouncyCastle/crypto/test/data/PKITS/certs/BasicSelfIssuedOldKeyNewWithOldCACert.crt new file mode 100644 index 0000000..853dc06 Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/BasicSelfIssuedOldKeyNewWithOldCACert.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/CPSPointerQualifierTest20EE.crt b/BouncyCastle/crypto/test/data/PKITS/certs/CPSPointerQualifierTest20EE.crt new file mode 100644 index 0000000..8bc7036 Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/CPSPointerQualifierTest20EE.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/DSACACert.crt b/BouncyCastle/crypto/test/data/PKITS/certs/DSACACert.crt new file mode 100644 index 0000000..a1f9e05 Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/DSACACert.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/DSAParametersInheritedCACert.crt b/BouncyCastle/crypto/test/data/PKITS/certs/DSAParametersInheritedCACert.crt new file mode 100644 index 0000000..7eae486 Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/DSAParametersInheritedCACert.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/DifferentPoliciesTest12EE.crt b/BouncyCastle/crypto/test/data/PKITS/certs/DifferentPoliciesTest12EE.crt new file mode 100644 index 0000000..6aa6ae5 Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/DifferentPoliciesTest12EE.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/DifferentPoliciesTest3EE.crt b/BouncyCastle/crypto/test/data/PKITS/certs/DifferentPoliciesTest3EE.crt new file mode 100644 index 0000000..8cd24ec Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/DifferentPoliciesTest3EE.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/DifferentPoliciesTest4EE.crt b/BouncyCastle/crypto/test/data/PKITS/certs/DifferentPoliciesTest4EE.crt new file mode 100644 index 0000000..6af794d Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/DifferentPoliciesTest4EE.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/DifferentPoliciesTest5EE.crt b/BouncyCastle/crypto/test/data/PKITS/certs/DifferentPoliciesTest5EE.crt new file mode 100644 index 0000000..4315046 Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/DifferentPoliciesTest5EE.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/DifferentPoliciesTest7EE.crt b/BouncyCastle/crypto/test/data/PKITS/certs/DifferentPoliciesTest7EE.crt new file mode 100644 index 0000000..8caf46a Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/DifferentPoliciesTest7EE.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/DifferentPoliciesTest8EE.crt b/BouncyCastle/crypto/test/data/PKITS/certs/DifferentPoliciesTest8EE.crt new file mode 100644 index 0000000..f49721d Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/DifferentPoliciesTest8EE.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/DifferentPoliciesTest9EE.crt b/BouncyCastle/crypto/test/data/PKITS/certs/DifferentPoliciesTest9EE.crt new file mode 100644 index 0000000..49a38a5 Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/DifferentPoliciesTest9EE.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/GeneralizedTimeCRLnextUpdateCACert.crt b/BouncyCastle/crypto/test/data/PKITS/certs/GeneralizedTimeCRLnextUpdateCACert.crt new file mode 100644 index 0000000..c22228a Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/GeneralizedTimeCRLnextUpdateCACert.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/GoodCACert.crt b/BouncyCastle/crypto/test/data/PKITS/certs/GoodCACert.crt new file mode 100644 index 0000000..5aecbc0 Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/GoodCACert.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/GoodsubCACert.crt b/BouncyCastle/crypto/test/data/PKITS/certs/GoodsubCACert.crt new file mode 100644 index 0000000..09c98aa Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/GoodsubCACert.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/GoodsubCAPanyPolicyMapping1to2CACert.crt b/BouncyCastle/crypto/test/data/PKITS/certs/GoodsubCAPanyPolicyMapping1to2CACert.crt new file mode 100644 index 0000000..2540cd4 Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/GoodsubCAPanyPolicyMapping1to2CACert.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/InvalidBadCRLIssuerNameTest5EE.crt b/BouncyCastle/crypto/test/data/PKITS/certs/InvalidBadCRLIssuerNameTest5EE.crt new file mode 100644 index 0000000..749f7cc Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/InvalidBadCRLIssuerNameTest5EE.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/InvalidBadCRLSignatureTest4EE.crt b/BouncyCastle/crypto/test/data/PKITS/certs/InvalidBadCRLSignatureTest4EE.crt new file mode 100644 index 0000000..3c4d2cb Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/InvalidBadCRLSignatureTest4EE.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/InvalidBasicSelfIssuedCRLSigningKeyTest7EE.crt b/BouncyCastle/crypto/test/data/PKITS/certs/InvalidBasicSelfIssuedCRLSigningKeyTest7EE.crt new file mode 100644 index 0000000..7919115 Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/InvalidBasicSelfIssuedCRLSigningKeyTest7EE.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/InvalidBasicSelfIssuedCRLSigningKeyTest8EE.crt b/BouncyCastle/crypto/test/data/PKITS/certs/InvalidBasicSelfIssuedCRLSigningKeyTest8EE.crt new file mode 100644 index 0000000..b242bad Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/InvalidBasicSelfIssuedCRLSigningKeyTest8EE.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/InvalidBasicSelfIssuedNewWithOldTest5EE.crt b/BouncyCastle/crypto/test/data/PKITS/certs/InvalidBasicSelfIssuedNewWithOldTest5EE.crt new file mode 100644 index 0000000..e75d978 Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/InvalidBasicSelfIssuedNewWithOldTest5EE.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/InvalidBasicSelfIssuedOldWithNewTest2EE.crt b/BouncyCastle/crypto/test/data/PKITS/certs/InvalidBasicSelfIssuedOldWithNewTest2EE.crt new file mode 100644 index 0000000..ed30001 Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/InvalidBasicSelfIssuedOldWithNewTest2EE.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/InvalidCASignatureTest2EE.crt b/BouncyCastle/crypto/test/data/PKITS/certs/InvalidCASignatureTest2EE.crt new file mode 100644 index 0000000..8d337bd Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/InvalidCASignatureTest2EE.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/InvalidCAnotAfterDateTest5EE.crt b/BouncyCastle/crypto/test/data/PKITS/certs/InvalidCAnotAfterDateTest5EE.crt new file mode 100644 index 0000000..6f6748d Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/InvalidCAnotAfterDateTest5EE.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/InvalidCAnotBeforeDateTest1EE.crt b/BouncyCastle/crypto/test/data/PKITS/certs/InvalidCAnotBeforeDateTest1EE.crt new file mode 100644 index 0000000..e7b01de Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/InvalidCAnotBeforeDateTest1EE.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/InvalidDNSnameConstraintsTest31EE.crt b/BouncyCastle/crypto/test/data/PKITS/certs/InvalidDNSnameConstraintsTest31EE.crt new file mode 100644 index 0000000..3f86eef Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/InvalidDNSnameConstraintsTest31EE.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/InvalidDNSnameConstraintsTest33EE.crt b/BouncyCastle/crypto/test/data/PKITS/certs/InvalidDNSnameConstraintsTest33EE.crt new file mode 100644 index 0000000..805205b Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/InvalidDNSnameConstraintsTest33EE.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/InvalidDNSnameConstraintsTest38EE.crt b/BouncyCastle/crypto/test/data/PKITS/certs/InvalidDNSnameConstraintsTest38EE.crt new file mode 100644 index 0000000..eff3779 Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/InvalidDNSnameConstraintsTest38EE.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/InvalidDNandRFC822nameConstraintsTest28EE.crt b/BouncyCastle/crypto/test/data/PKITS/certs/InvalidDNandRFC822nameConstraintsTest28EE.crt new file mode 100644 index 0000000..7c1dd9c Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/InvalidDNandRFC822nameConstraintsTest28EE.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/InvalidDNandRFC822nameConstraintsTest29EE.crt b/BouncyCastle/crypto/test/data/PKITS/certs/InvalidDNandRFC822nameConstraintsTest29EE.crt new file mode 100644 index 0000000..bdf08ad Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/InvalidDNandRFC822nameConstraintsTest29EE.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/InvalidDNnameConstraintsTest10EE.crt b/BouncyCastle/crypto/test/data/PKITS/certs/InvalidDNnameConstraintsTest10EE.crt new file mode 100644 index 0000000..5ff84a4 Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/InvalidDNnameConstraintsTest10EE.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/InvalidDNnameConstraintsTest12EE.crt b/BouncyCastle/crypto/test/data/PKITS/certs/InvalidDNnameConstraintsTest12EE.crt new file mode 100644 index 0000000..11ec10f Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/InvalidDNnameConstraintsTest12EE.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/InvalidDNnameConstraintsTest13EE.crt b/BouncyCastle/crypto/test/data/PKITS/certs/InvalidDNnameConstraintsTest13EE.crt new file mode 100644 index 0000000..08c3050 Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/InvalidDNnameConstraintsTest13EE.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/InvalidDNnameConstraintsTest15EE.crt b/BouncyCastle/crypto/test/data/PKITS/certs/InvalidDNnameConstraintsTest15EE.crt new file mode 100644 index 0000000..28ab465 Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/InvalidDNnameConstraintsTest15EE.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/InvalidDNnameConstraintsTest16EE.crt b/BouncyCastle/crypto/test/data/PKITS/certs/InvalidDNnameConstraintsTest16EE.crt new file mode 100644 index 0000000..56e42d0 Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/InvalidDNnameConstraintsTest16EE.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/InvalidDNnameConstraintsTest17EE.crt b/BouncyCastle/crypto/test/data/PKITS/certs/InvalidDNnameConstraintsTest17EE.crt new file mode 100644 index 0000000..f9f53b9 Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/InvalidDNnameConstraintsTest17EE.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/InvalidDNnameConstraintsTest20EE.crt b/BouncyCastle/crypto/test/data/PKITS/certs/InvalidDNnameConstraintsTest20EE.crt new file mode 100644 index 0000000..15fbe8f Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/InvalidDNnameConstraintsTest20EE.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/InvalidDNnameConstraintsTest2EE.crt b/BouncyCastle/crypto/test/data/PKITS/certs/InvalidDNnameConstraintsTest2EE.crt new file mode 100644 index 0000000..8daf2f2 Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/InvalidDNnameConstraintsTest2EE.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/InvalidDNnameConstraintsTest3EE.crt b/BouncyCastle/crypto/test/data/PKITS/certs/InvalidDNnameConstraintsTest3EE.crt new file mode 100644 index 0000000..52cd999 Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/InvalidDNnameConstraintsTest3EE.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/InvalidDNnameConstraintsTest7EE.crt b/BouncyCastle/crypto/test/data/PKITS/certs/InvalidDNnameConstraintsTest7EE.crt new file mode 100644 index 0000000..799760b Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/InvalidDNnameConstraintsTest7EE.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/InvalidDNnameConstraintsTest8EE.crt b/BouncyCastle/crypto/test/data/PKITS/certs/InvalidDNnameConstraintsTest8EE.crt new file mode 100644 index 0000000..d874621 Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/InvalidDNnameConstraintsTest8EE.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/InvalidDNnameConstraintsTest9EE.crt b/BouncyCastle/crypto/test/data/PKITS/certs/InvalidDNnameConstraintsTest9EE.crt new file mode 100644 index 0000000..18314bd Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/InvalidDNnameConstraintsTest9EE.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/InvalidDSASignatureTest6EE.crt b/BouncyCastle/crypto/test/data/PKITS/certs/InvalidDSASignatureTest6EE.crt new file mode 100644 index 0000000..bcc900c Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/InvalidDSASignatureTest6EE.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/InvalidEESignatureTest3EE.crt b/BouncyCastle/crypto/test/data/PKITS/certs/InvalidEESignatureTest3EE.crt new file mode 100644 index 0000000..e21461e Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/InvalidEESignatureTest3EE.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/InvalidEEnotAfterDateTest6EE.crt b/BouncyCastle/crypto/test/data/PKITS/certs/InvalidEEnotAfterDateTest6EE.crt new file mode 100644 index 0000000..46269d0 Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/InvalidEEnotAfterDateTest6EE.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/InvalidEEnotBeforeDateTest2EE.crt b/BouncyCastle/crypto/test/data/PKITS/certs/InvalidEEnotBeforeDateTest2EE.crt new file mode 100644 index 0000000..f1bf1d1 Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/InvalidEEnotBeforeDateTest2EE.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/InvalidIDPwithindirectCRLTest23EE.crt b/BouncyCastle/crypto/test/data/PKITS/certs/InvalidIDPwithindirectCRLTest23EE.crt new file mode 100644 index 0000000..31965f6 Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/InvalidIDPwithindirectCRLTest23EE.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/InvalidIDPwithindirectCRLTest26EE.crt b/BouncyCastle/crypto/test/data/PKITS/certs/InvalidIDPwithindirectCRLTest26EE.crt new file mode 100644 index 0000000..b9b87a6 Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/InvalidIDPwithindirectCRLTest26EE.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/InvalidLongSerialNumberTest18EE.crt b/BouncyCastle/crypto/test/data/PKITS/certs/InvalidLongSerialNumberTest18EE.crt new file mode 100644 index 0000000..1c84dce Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/InvalidLongSerialNumberTest18EE.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/InvalidMappingFromanyPolicyTest7EE.crt b/BouncyCastle/crypto/test/data/PKITS/certs/InvalidMappingFromanyPolicyTest7EE.crt new file mode 100644 index 0000000..49aab72 Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/InvalidMappingFromanyPolicyTest7EE.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/InvalidMappingToanyPolicyTest8EE.crt b/BouncyCastle/crypto/test/data/PKITS/certs/InvalidMappingToanyPolicyTest8EE.crt new file mode 100644 index 0000000..0a56c5e Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/InvalidMappingToanyPolicyTest8EE.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/InvalidMissingCRLTest1EE.crt b/BouncyCastle/crypto/test/data/PKITS/certs/InvalidMissingCRLTest1EE.crt new file mode 100644 index 0000000..7af5ce5 Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/InvalidMissingCRLTest1EE.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/InvalidMissingbasicConstraintsTest1EE.crt b/BouncyCastle/crypto/test/data/PKITS/certs/InvalidMissingbasicConstraintsTest1EE.crt new file mode 100644 index 0000000..f5d8703 Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/InvalidMissingbasicConstraintsTest1EE.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/InvalidNameChainingOrderTest2EE.crt b/BouncyCastle/crypto/test/data/PKITS/certs/InvalidNameChainingOrderTest2EE.crt new file mode 100644 index 0000000..9c40a33 Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/InvalidNameChainingOrderTest2EE.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/InvalidNameChainingTest1EE.crt b/BouncyCastle/crypto/test/data/PKITS/certs/InvalidNameChainingTest1EE.crt new file mode 100644 index 0000000..f7ae3b0 Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/InvalidNameChainingTest1EE.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/InvalidNegativeSerialNumberTest15EE.crt b/BouncyCastle/crypto/test/data/PKITS/certs/InvalidNegativeSerialNumberTest15EE.crt new file mode 100644 index 0000000..2d323b4 Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/InvalidNegativeSerialNumberTest15EE.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/InvalidOldCRLnextUpdateTest11EE.crt b/BouncyCastle/crypto/test/data/PKITS/certs/InvalidOldCRLnextUpdateTest11EE.crt new file mode 100644 index 0000000..858db72 Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/InvalidOldCRLnextUpdateTest11EE.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/InvalidPolicyMappingTest10EE.crt b/BouncyCastle/crypto/test/data/PKITS/certs/InvalidPolicyMappingTest10EE.crt new file mode 100644 index 0000000..ef227b8 Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/InvalidPolicyMappingTest10EE.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/InvalidPolicyMappingTest2EE.crt b/BouncyCastle/crypto/test/data/PKITS/certs/InvalidPolicyMappingTest2EE.crt new file mode 100644 index 0000000..58ace91 Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/InvalidPolicyMappingTest2EE.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/InvalidPolicyMappingTest4EE.crt b/BouncyCastle/crypto/test/data/PKITS/certs/InvalidPolicyMappingTest4EE.crt new file mode 100644 index 0000000..c0dd555 Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/InvalidPolicyMappingTest4EE.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/InvalidRFC822nameConstraintsTest22EE.crt b/BouncyCastle/crypto/test/data/PKITS/certs/InvalidRFC822nameConstraintsTest22EE.crt new file mode 100644 index 0000000..d8134e0 Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/InvalidRFC822nameConstraintsTest22EE.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/InvalidRFC822nameConstraintsTest24EE.crt b/BouncyCastle/crypto/test/data/PKITS/certs/InvalidRFC822nameConstraintsTest24EE.crt new file mode 100644 index 0000000..b71c6a3 Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/InvalidRFC822nameConstraintsTest24EE.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/InvalidRFC822nameConstraintsTest26EE.crt b/BouncyCastle/crypto/test/data/PKITS/certs/InvalidRFC822nameConstraintsTest26EE.crt new file mode 100644 index 0000000..0ffdf26 Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/InvalidRFC822nameConstraintsTest26EE.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/InvalidRevokedCATest2EE.crt b/BouncyCastle/crypto/test/data/PKITS/certs/InvalidRevokedCATest2EE.crt new file mode 100644 index 0000000..65a0a1a Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/InvalidRevokedCATest2EE.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/InvalidRevokedEETest3EE.crt b/BouncyCastle/crypto/test/data/PKITS/certs/InvalidRevokedEETest3EE.crt new file mode 100644 index 0000000..80ea4d3 Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/InvalidRevokedEETest3EE.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/InvalidSelfIssuedinhibitAnyPolicyTest10EE.crt b/BouncyCastle/crypto/test/data/PKITS/certs/InvalidSelfIssuedinhibitAnyPolicyTest10EE.crt new file mode 100644 index 0000000..21c32e9 Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/InvalidSelfIssuedinhibitAnyPolicyTest10EE.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/InvalidSelfIssuedinhibitAnyPolicyTest8EE.crt b/BouncyCastle/crypto/test/data/PKITS/certs/InvalidSelfIssuedinhibitAnyPolicyTest8EE.crt new file mode 100644 index 0000000..d57f0cb Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/InvalidSelfIssuedinhibitAnyPolicyTest8EE.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/InvalidSelfIssuedinhibitPolicyMappingTest10EE.crt b/BouncyCastle/crypto/test/data/PKITS/certs/InvalidSelfIssuedinhibitPolicyMappingTest10EE.crt new file mode 100644 index 0000000..577998c Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/InvalidSelfIssuedinhibitPolicyMappingTest10EE.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/InvalidSelfIssuedinhibitPolicyMappingTest11EE.crt b/BouncyCastle/crypto/test/data/PKITS/certs/InvalidSelfIssuedinhibitPolicyMappingTest11EE.crt new file mode 100644 index 0000000..621c325 Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/InvalidSelfIssuedinhibitPolicyMappingTest11EE.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/InvalidSelfIssuedinhibitPolicyMappingTest8EE.crt b/BouncyCastle/crypto/test/data/PKITS/certs/InvalidSelfIssuedinhibitPolicyMappingTest8EE.crt new file mode 100644 index 0000000..98f8160 Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/InvalidSelfIssuedinhibitPolicyMappingTest8EE.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/InvalidSelfIssuedinhibitPolicyMappingTest9EE.crt b/BouncyCastle/crypto/test/data/PKITS/certs/InvalidSelfIssuedinhibitPolicyMappingTest9EE.crt new file mode 100644 index 0000000..b802772 Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/InvalidSelfIssuedinhibitPolicyMappingTest9EE.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/InvalidSelfIssuedpathLenConstraintTest16EE.crt b/BouncyCastle/crypto/test/data/PKITS/certs/InvalidSelfIssuedpathLenConstraintTest16EE.crt new file mode 100644 index 0000000..9fba63a Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/InvalidSelfIssuedpathLenConstraintTest16EE.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/InvalidSelfIssuedrequireExplicitPolicyTest7EE.crt b/BouncyCastle/crypto/test/data/PKITS/certs/InvalidSelfIssuedrequireExplicitPolicyTest7EE.crt new file mode 100644 index 0000000..a1b58ff Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/InvalidSelfIssuedrequireExplicitPolicyTest7EE.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/InvalidSelfIssuedrequireExplicitPolicyTest8EE.crt b/BouncyCastle/crypto/test/data/PKITS/certs/InvalidSelfIssuedrequireExplicitPolicyTest8EE.crt new file mode 100644 index 0000000..108f38c Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/InvalidSelfIssuedrequireExplicitPolicyTest8EE.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/InvalidSeparateCertificateandCRLKeysTest20EE.crt b/BouncyCastle/crypto/test/data/PKITS/certs/InvalidSeparateCertificateandCRLKeysTest20EE.crt new file mode 100644 index 0000000..8671cc6 Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/InvalidSeparateCertificateandCRLKeysTest20EE.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/InvalidSeparateCertificateandCRLKeysTest21EE.crt b/BouncyCastle/crypto/test/data/PKITS/certs/InvalidSeparateCertificateandCRLKeysTest21EE.crt new file mode 100644 index 0000000..b8faa4a Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/InvalidSeparateCertificateandCRLKeysTest21EE.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/InvalidURInameConstraintsTest35EE.crt b/BouncyCastle/crypto/test/data/PKITS/certs/InvalidURInameConstraintsTest35EE.crt new file mode 100644 index 0000000..5313fc9 Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/InvalidURInameConstraintsTest35EE.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/InvalidURInameConstraintsTest37EE.crt b/BouncyCastle/crypto/test/data/PKITS/certs/InvalidURInameConstraintsTest37EE.crt new file mode 100644 index 0000000..81fd01d Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/InvalidURInameConstraintsTest37EE.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/InvalidUnknownCRLEntryExtensionTest8EE.crt b/BouncyCastle/crypto/test/data/PKITS/certs/InvalidUnknownCRLEntryExtensionTest8EE.crt new file mode 100644 index 0000000..6170dae Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/InvalidUnknownCRLEntryExtensionTest8EE.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/InvalidUnknownCRLExtensionTest10EE.crt b/BouncyCastle/crypto/test/data/PKITS/certs/InvalidUnknownCRLExtensionTest10EE.crt new file mode 100644 index 0000000..8c8dfc0 Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/InvalidUnknownCRLExtensionTest10EE.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/InvalidUnknownCRLExtensionTest9EE.crt b/BouncyCastle/crypto/test/data/PKITS/certs/InvalidUnknownCRLExtensionTest9EE.crt new file mode 100644 index 0000000..83c1b6a Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/InvalidUnknownCRLExtensionTest9EE.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/InvalidUnknownCriticalCertificateExtensionTest2EE.crt b/BouncyCastle/crypto/test/data/PKITS/certs/InvalidUnknownCriticalCertificateExtensionTest2EE.crt new file mode 100644 index 0000000..65c7a68 Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/InvalidUnknownCriticalCertificateExtensionTest2EE.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/InvalidWrongCRLTest6EE.crt b/BouncyCastle/crypto/test/data/PKITS/certs/InvalidWrongCRLTest6EE.crt new file mode 100644 index 0000000..206892c Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/InvalidWrongCRLTest6EE.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/InvalidcAFalseTest2EE.crt b/BouncyCastle/crypto/test/data/PKITS/certs/InvalidcAFalseTest2EE.crt new file mode 100644 index 0000000..25b925a Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/InvalidcAFalseTest2EE.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/InvalidcAFalseTest3EE.crt b/BouncyCastle/crypto/test/data/PKITS/certs/InvalidcAFalseTest3EE.crt new file mode 100644 index 0000000..5d8f863 Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/InvalidcAFalseTest3EE.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/InvalidcRLIssuerTest27EE.crt b/BouncyCastle/crypto/test/data/PKITS/certs/InvalidcRLIssuerTest27EE.crt new file mode 100644 index 0000000..1cb9f59 Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/InvalidcRLIssuerTest27EE.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/InvalidcRLIssuerTest31EE.crt b/BouncyCastle/crypto/test/data/PKITS/certs/InvalidcRLIssuerTest31EE.crt new file mode 100644 index 0000000..7e08a55 Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/InvalidcRLIssuerTest31EE.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/InvalidcRLIssuerTest32EE.crt b/BouncyCastle/crypto/test/data/PKITS/certs/InvalidcRLIssuerTest32EE.crt new file mode 100644 index 0000000..ec020a1 Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/InvalidcRLIssuerTest32EE.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/InvalidcRLIssuerTest34EE.crt b/BouncyCastle/crypto/test/data/PKITS/certs/InvalidcRLIssuerTest34EE.crt new file mode 100644 index 0000000..b309b80 Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/InvalidcRLIssuerTest34EE.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/InvalidcRLIssuerTest35EE.crt b/BouncyCastle/crypto/test/data/PKITS/certs/InvalidcRLIssuerTest35EE.crt new file mode 100644 index 0000000..257daab Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/InvalidcRLIssuerTest35EE.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/InvaliddeltaCRLIndicatorNoBaseTest1EE.crt b/BouncyCastle/crypto/test/data/PKITS/certs/InvaliddeltaCRLIndicatorNoBaseTest1EE.crt new file mode 100644 index 0000000..30e49a4 Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/InvaliddeltaCRLIndicatorNoBaseTest1EE.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/InvaliddeltaCRLTest10EE.crt b/BouncyCastle/crypto/test/data/PKITS/certs/InvaliddeltaCRLTest10EE.crt new file mode 100644 index 0000000..d60e4f6 Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/InvaliddeltaCRLTest10EE.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/InvaliddeltaCRLTest3EE.crt b/BouncyCastle/crypto/test/data/PKITS/certs/InvaliddeltaCRLTest3EE.crt new file mode 100644 index 0000000..27ce111 Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/InvaliddeltaCRLTest3EE.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/InvaliddeltaCRLTest4EE.crt b/BouncyCastle/crypto/test/data/PKITS/certs/InvaliddeltaCRLTest4EE.crt new file mode 100644 index 0000000..a7edcf8 Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/InvaliddeltaCRLTest4EE.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/InvaliddeltaCRLTest6EE.crt b/BouncyCastle/crypto/test/data/PKITS/certs/InvaliddeltaCRLTest6EE.crt new file mode 100644 index 0000000..0e247f2 Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/InvaliddeltaCRLTest6EE.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/InvaliddeltaCRLTest9EE.crt b/BouncyCastle/crypto/test/data/PKITS/certs/InvaliddeltaCRLTest9EE.crt new file mode 100644 index 0000000..e5b34e4 Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/InvaliddeltaCRLTest9EE.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/InvaliddistributionPointTest2EE.crt b/BouncyCastle/crypto/test/data/PKITS/certs/InvaliddistributionPointTest2EE.crt new file mode 100644 index 0000000..c61a646 Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/InvaliddistributionPointTest2EE.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/InvaliddistributionPointTest3EE.crt b/BouncyCastle/crypto/test/data/PKITS/certs/InvaliddistributionPointTest3EE.crt new file mode 100644 index 0000000..5310332 Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/InvaliddistributionPointTest3EE.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/InvaliddistributionPointTest6EE.crt b/BouncyCastle/crypto/test/data/PKITS/certs/InvaliddistributionPointTest6EE.crt new file mode 100644 index 0000000..9236346 Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/InvaliddistributionPointTest6EE.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/InvaliddistributionPointTest8EE.crt b/BouncyCastle/crypto/test/data/PKITS/certs/InvaliddistributionPointTest8EE.crt new file mode 100644 index 0000000..3520f6a Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/InvaliddistributionPointTest8EE.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/InvaliddistributionPointTest9EE.crt b/BouncyCastle/crypto/test/data/PKITS/certs/InvaliddistributionPointTest9EE.crt new file mode 100644 index 0000000..5982bb6 Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/InvaliddistributionPointTest9EE.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/InvalidinhibitAnyPolicyTest1EE.crt b/BouncyCastle/crypto/test/data/PKITS/certs/InvalidinhibitAnyPolicyTest1EE.crt new file mode 100644 index 0000000..b6fe661 Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/InvalidinhibitAnyPolicyTest1EE.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/InvalidinhibitAnyPolicyTest4EE.crt b/BouncyCastle/crypto/test/data/PKITS/certs/InvalidinhibitAnyPolicyTest4EE.crt new file mode 100644 index 0000000..e6a924a Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/InvalidinhibitAnyPolicyTest4EE.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/InvalidinhibitAnyPolicyTest5EE.crt b/BouncyCastle/crypto/test/data/PKITS/certs/InvalidinhibitAnyPolicyTest5EE.crt new file mode 100644 index 0000000..20c40a4 Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/InvalidinhibitAnyPolicyTest5EE.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/InvalidinhibitAnyPolicyTest6EE.crt b/BouncyCastle/crypto/test/data/PKITS/certs/InvalidinhibitAnyPolicyTest6EE.crt new file mode 100644 index 0000000..03c8a32 Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/InvalidinhibitAnyPolicyTest6EE.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/InvalidinhibitPolicyMappingTest1EE.crt b/BouncyCastle/crypto/test/data/PKITS/certs/InvalidinhibitPolicyMappingTest1EE.crt new file mode 100644 index 0000000..f028a76 Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/InvalidinhibitPolicyMappingTest1EE.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/InvalidinhibitPolicyMappingTest3EE.crt b/BouncyCastle/crypto/test/data/PKITS/certs/InvalidinhibitPolicyMappingTest3EE.crt new file mode 100644 index 0000000..3393af5 Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/InvalidinhibitPolicyMappingTest3EE.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/InvalidinhibitPolicyMappingTest5EE.crt b/BouncyCastle/crypto/test/data/PKITS/certs/InvalidinhibitPolicyMappingTest5EE.crt new file mode 100644 index 0000000..3746814 Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/InvalidinhibitPolicyMappingTest5EE.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/InvalidinhibitPolicyMappingTest6EE.crt b/BouncyCastle/crypto/test/data/PKITS/certs/InvalidinhibitPolicyMappingTest6EE.crt new file mode 100644 index 0000000..9f7eafa Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/InvalidinhibitPolicyMappingTest6EE.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/InvalidkeyUsageCriticalcRLSignFalseTest4EE.crt b/BouncyCastle/crypto/test/data/PKITS/certs/InvalidkeyUsageCriticalcRLSignFalseTest4EE.crt new file mode 100644 index 0000000..888f7e2 Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/InvalidkeyUsageCriticalcRLSignFalseTest4EE.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/InvalidkeyUsageCriticalkeyCertSignFalseTest1EE.crt b/BouncyCastle/crypto/test/data/PKITS/certs/InvalidkeyUsageCriticalkeyCertSignFalseTest1EE.crt new file mode 100644 index 0000000..43b0d95 Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/InvalidkeyUsageCriticalkeyCertSignFalseTest1EE.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/InvalidkeyUsageNotCriticalcRLSignFalseTest5EE.crt b/BouncyCastle/crypto/test/data/PKITS/certs/InvalidkeyUsageNotCriticalcRLSignFalseTest5EE.crt new file mode 100644 index 0000000..fbfb4c4 Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/InvalidkeyUsageNotCriticalcRLSignFalseTest5EE.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/InvalidkeyUsageNotCriticalkeyCertSignFalseTest2EE.crt b/BouncyCastle/crypto/test/data/PKITS/certs/InvalidkeyUsageNotCriticalkeyCertSignFalseTest2EE.crt new file mode 100644 index 0000000..a9da414 Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/InvalidkeyUsageNotCriticalkeyCertSignFalseTest2EE.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/InvalidonlyContainsAttributeCertsTest14EE.crt b/BouncyCastle/crypto/test/data/PKITS/certs/InvalidonlyContainsAttributeCertsTest14EE.crt new file mode 100644 index 0000000..60e0f7d Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/InvalidonlyContainsAttributeCertsTest14EE.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/InvalidonlyContainsCACertsTest12EE.crt b/BouncyCastle/crypto/test/data/PKITS/certs/InvalidonlyContainsCACertsTest12EE.crt new file mode 100644 index 0000000..c0ada12 Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/InvalidonlyContainsCACertsTest12EE.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/InvalidonlyContainsUserCertsTest11EE.crt b/BouncyCastle/crypto/test/data/PKITS/certs/InvalidonlyContainsUserCertsTest11EE.crt new file mode 100644 index 0000000..acf1199 Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/InvalidonlyContainsUserCertsTest11EE.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/InvalidonlySomeReasonsTest15EE.crt b/BouncyCastle/crypto/test/data/PKITS/certs/InvalidonlySomeReasonsTest15EE.crt new file mode 100644 index 0000000..45460ee Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/InvalidonlySomeReasonsTest15EE.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/InvalidonlySomeReasonsTest16EE.crt b/BouncyCastle/crypto/test/data/PKITS/certs/InvalidonlySomeReasonsTest16EE.crt new file mode 100644 index 0000000..b82e84e Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/InvalidonlySomeReasonsTest16EE.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/InvalidonlySomeReasonsTest17EE.crt b/BouncyCastle/crypto/test/data/PKITS/certs/InvalidonlySomeReasonsTest17EE.crt new file mode 100644 index 0000000..d29a9ff Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/InvalidonlySomeReasonsTest17EE.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/InvalidonlySomeReasonsTest20EE.crt b/BouncyCastle/crypto/test/data/PKITS/certs/InvalidonlySomeReasonsTest20EE.crt new file mode 100644 index 0000000..431d600 Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/InvalidonlySomeReasonsTest20EE.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/InvalidonlySomeReasonsTest21EE.crt b/BouncyCastle/crypto/test/data/PKITS/certs/InvalidonlySomeReasonsTest21EE.crt new file mode 100644 index 0000000..68bf8f9 Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/InvalidonlySomeReasonsTest21EE.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/InvalidpathLenConstraintTest10EE.crt b/BouncyCastle/crypto/test/data/PKITS/certs/InvalidpathLenConstraintTest10EE.crt new file mode 100644 index 0000000..788389d Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/InvalidpathLenConstraintTest10EE.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/InvalidpathLenConstraintTest11EE.crt b/BouncyCastle/crypto/test/data/PKITS/certs/InvalidpathLenConstraintTest11EE.crt new file mode 100644 index 0000000..01ea4d0 Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/InvalidpathLenConstraintTest11EE.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/InvalidpathLenConstraintTest12EE.crt b/BouncyCastle/crypto/test/data/PKITS/certs/InvalidpathLenConstraintTest12EE.crt new file mode 100644 index 0000000..2316416 Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/InvalidpathLenConstraintTest12EE.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/InvalidpathLenConstraintTest5EE.crt b/BouncyCastle/crypto/test/data/PKITS/certs/InvalidpathLenConstraintTest5EE.crt new file mode 100644 index 0000000..7164f04 Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/InvalidpathLenConstraintTest5EE.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/InvalidpathLenConstraintTest6EE.crt b/BouncyCastle/crypto/test/data/PKITS/certs/InvalidpathLenConstraintTest6EE.crt new file mode 100644 index 0000000..eec5f9d Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/InvalidpathLenConstraintTest6EE.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/InvalidpathLenConstraintTest9EE.crt b/BouncyCastle/crypto/test/data/PKITS/certs/InvalidpathLenConstraintTest9EE.crt new file mode 100644 index 0000000..6a063a6 Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/InvalidpathLenConstraintTest9EE.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/Invalidpre2000CRLnextUpdateTest12EE.crt b/BouncyCastle/crypto/test/data/PKITS/certs/Invalidpre2000CRLnextUpdateTest12EE.crt new file mode 100644 index 0000000..634a08e Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/Invalidpre2000CRLnextUpdateTest12EE.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/Invalidpre2000UTCEEnotAfterDateTest7EE.crt b/BouncyCastle/crypto/test/data/PKITS/certs/Invalidpre2000UTCEEnotAfterDateTest7EE.crt new file mode 100644 index 0000000..88916af Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/Invalidpre2000UTCEEnotAfterDateTest7EE.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/InvalidrequireExplicitPolicyTest3EE.crt b/BouncyCastle/crypto/test/data/PKITS/certs/InvalidrequireExplicitPolicyTest3EE.crt new file mode 100644 index 0000000..38f98e4 Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/InvalidrequireExplicitPolicyTest3EE.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/InvalidrequireExplicitPolicyTest5EE.crt b/BouncyCastle/crypto/test/data/PKITS/certs/InvalidrequireExplicitPolicyTest5EE.crt new file mode 100644 index 0000000..ca3ea17 Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/InvalidrequireExplicitPolicyTest5EE.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/LongSerialNumberCACert.crt b/BouncyCastle/crypto/test/data/PKITS/certs/LongSerialNumberCACert.crt new file mode 100644 index 0000000..6aaf3d0 Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/LongSerialNumberCACert.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/Mapping1to2CACert.crt b/BouncyCastle/crypto/test/data/PKITS/certs/Mapping1to2CACert.crt new file mode 100644 index 0000000..a458115 Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/Mapping1to2CACert.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/MappingFromanyPolicyCACert.crt b/BouncyCastle/crypto/test/data/PKITS/certs/MappingFromanyPolicyCACert.crt new file mode 100644 index 0000000..812da59 Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/MappingFromanyPolicyCACert.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/MappingToanyPolicyCACert.crt b/BouncyCastle/crypto/test/data/PKITS/certs/MappingToanyPolicyCACert.crt new file mode 100644 index 0000000..42effeb Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/MappingToanyPolicyCACert.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/MissingbasicConstraintsCACert.crt b/BouncyCastle/crypto/test/data/PKITS/certs/MissingbasicConstraintsCACert.crt new file mode 100644 index 0000000..17ebf25 Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/MissingbasicConstraintsCACert.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/NameOrderingCACert.crt b/BouncyCastle/crypto/test/data/PKITS/certs/NameOrderingCACert.crt new file mode 100644 index 0000000..6b744db Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/NameOrderingCACert.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/NegativeSerialNumberCACert.crt b/BouncyCastle/crypto/test/data/PKITS/certs/NegativeSerialNumberCACert.crt new file mode 100644 index 0000000..57fc933 Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/NegativeSerialNumberCACert.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/NoCRLCACert.crt b/BouncyCastle/crypto/test/data/PKITS/certs/NoCRLCACert.crt new file mode 100644 index 0000000..acd908c Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/NoCRLCACert.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/NoPoliciesCACert.crt b/BouncyCastle/crypto/test/data/PKITS/certs/NoPoliciesCACert.crt new file mode 100644 index 0000000..5e2a3fc Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/NoPoliciesCACert.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/NoissuingDistributionPointCACert.crt b/BouncyCastle/crypto/test/data/PKITS/certs/NoissuingDistributionPointCACert.crt new file mode 100644 index 0000000..bf4f814 Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/NoissuingDistributionPointCACert.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/OldCRLnextUpdateCACert.crt b/BouncyCastle/crypto/test/data/PKITS/certs/OldCRLnextUpdateCACert.crt new file mode 100644 index 0000000..c9fb043 Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/OldCRLnextUpdateCACert.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/OverlappingPoliciesTest6EE.crt b/BouncyCastle/crypto/test/data/PKITS/certs/OverlappingPoliciesTest6EE.crt new file mode 100644 index 0000000..56d136c Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/OverlappingPoliciesTest6EE.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/P12Mapping1to3CACert.crt b/BouncyCastle/crypto/test/data/PKITS/certs/P12Mapping1to3CACert.crt new file mode 100644 index 0000000..f9ed7b7 Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/P12Mapping1to3CACert.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/P12Mapping1to3subCACert.crt b/BouncyCastle/crypto/test/data/PKITS/certs/P12Mapping1to3subCACert.crt new file mode 100644 index 0000000..2029d6b Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/P12Mapping1to3subCACert.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/P12Mapping1to3subsubCACert.crt b/BouncyCastle/crypto/test/data/PKITS/certs/P12Mapping1to3subsubCACert.crt new file mode 100644 index 0000000..50e7fcd Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/P12Mapping1to3subsubCACert.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/P1Mapping1to234CACert.crt b/BouncyCastle/crypto/test/data/PKITS/certs/P1Mapping1to234CACert.crt new file mode 100644 index 0000000..d7b3028 Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/P1Mapping1to234CACert.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/P1Mapping1to234subCACert.crt b/BouncyCastle/crypto/test/data/PKITS/certs/P1Mapping1to234subCACert.crt new file mode 100644 index 0000000..8648dde Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/P1Mapping1to234subCACert.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/P1anyPolicyMapping1to2CACert.crt b/BouncyCastle/crypto/test/data/PKITS/certs/P1anyPolicyMapping1to2CACert.crt new file mode 100644 index 0000000..85e39fe Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/P1anyPolicyMapping1to2CACert.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/PanyPolicyMapping1to2CACert.crt b/BouncyCastle/crypto/test/data/PKITS/certs/PanyPolicyMapping1to2CACert.crt new file mode 100644 index 0000000..5abbb78 Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/PanyPolicyMapping1to2CACert.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/PoliciesP1234CACert.crt b/BouncyCastle/crypto/test/data/PKITS/certs/PoliciesP1234CACert.crt new file mode 100644 index 0000000..9a5eb5b Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/PoliciesP1234CACert.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/PoliciesP1234subCAP123Cert.crt b/BouncyCastle/crypto/test/data/PKITS/certs/PoliciesP1234subCAP123Cert.crt new file mode 100644 index 0000000..9b38545 Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/PoliciesP1234subCAP123Cert.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/PoliciesP1234subsubCAP123P12Cert.crt b/BouncyCastle/crypto/test/data/PKITS/certs/PoliciesP1234subsubCAP123P12Cert.crt new file mode 100644 index 0000000..4990a9b Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/PoliciesP1234subsubCAP123P12Cert.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/PoliciesP123CACert.crt b/BouncyCastle/crypto/test/data/PKITS/certs/PoliciesP123CACert.crt new file mode 100644 index 0000000..03509d1 Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/PoliciesP123CACert.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/PoliciesP123subCAP12Cert.crt b/BouncyCastle/crypto/test/data/PKITS/certs/PoliciesP123subCAP12Cert.crt new file mode 100644 index 0000000..0009819 Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/PoliciesP123subCAP12Cert.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/PoliciesP123subsubCAP12P1Cert.crt b/BouncyCastle/crypto/test/data/PKITS/certs/PoliciesP123subsubCAP12P1Cert.crt new file mode 100644 index 0000000..669c181 Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/PoliciesP123subsubCAP12P1Cert.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/PoliciesP123subsubCAP12P2Cert.crt b/BouncyCastle/crypto/test/data/PKITS/certs/PoliciesP123subsubCAP12P2Cert.crt new file mode 100644 index 0000000..faa7516 Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/PoliciesP123subsubCAP12P2Cert.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/PoliciesP123subsubsubCAP12P2P1Cert.crt b/BouncyCastle/crypto/test/data/PKITS/certs/PoliciesP123subsubsubCAP12P2P1Cert.crt new file mode 100644 index 0000000..44346d5 Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/PoliciesP123subsubsubCAP12P2P1Cert.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/PoliciesP12CACert.crt b/BouncyCastle/crypto/test/data/PKITS/certs/PoliciesP12CACert.crt new file mode 100644 index 0000000..27bf524 Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/PoliciesP12CACert.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/PoliciesP12subCAP1Cert.crt b/BouncyCastle/crypto/test/data/PKITS/certs/PoliciesP12subCAP1Cert.crt new file mode 100644 index 0000000..9a24328 Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/PoliciesP12subCAP1Cert.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/PoliciesP12subsubCAP1P2Cert.crt b/BouncyCastle/crypto/test/data/PKITS/certs/PoliciesP12subsubCAP1P2Cert.crt new file mode 100644 index 0000000..49cc0ed Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/PoliciesP12subsubCAP1P2Cert.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/PoliciesP2subCA2Cert.crt b/BouncyCastle/crypto/test/data/PKITS/certs/PoliciesP2subCA2Cert.crt new file mode 100644 index 0000000..ccbedc6 Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/PoliciesP2subCA2Cert.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/PoliciesP2subCACert.crt b/BouncyCastle/crypto/test/data/PKITS/certs/PoliciesP2subCACert.crt new file mode 100644 index 0000000..ce66a79 Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/PoliciesP2subCACert.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/PoliciesP3CACert.crt b/BouncyCastle/crypto/test/data/PKITS/certs/PoliciesP3CACert.crt new file mode 100644 index 0000000..90c4d26 Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/PoliciesP3CACert.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/RFC3280MandatoryAttributeTypesCACert.crt b/BouncyCastle/crypto/test/data/PKITS/certs/RFC3280MandatoryAttributeTypesCACert.crt new file mode 100644 index 0000000..fa0e1c8 Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/RFC3280MandatoryAttributeTypesCACert.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/RFC3280OptionalAttributeTypesCACert.crt b/BouncyCastle/crypto/test/data/PKITS/certs/RFC3280OptionalAttributeTypesCACert.crt new file mode 100644 index 0000000..973373b Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/RFC3280OptionalAttributeTypesCACert.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/RevokedsubCACert.crt b/BouncyCastle/crypto/test/data/PKITS/certs/RevokedsubCACert.crt new file mode 100644 index 0000000..edbd547 Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/RevokedsubCACert.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/RolloverfromPrintableStringtoUTF8StringCACert.crt b/BouncyCastle/crypto/test/data/PKITS/certs/RolloverfromPrintableStringtoUTF8StringCACert.crt new file mode 100644 index 0000000..658f20c Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/RolloverfromPrintableStringtoUTF8StringCACert.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/SeparateCertificateandCRLKeysCA2CRLSigningCert.crt b/BouncyCastle/crypto/test/data/PKITS/certs/SeparateCertificateandCRLKeysCA2CRLSigningCert.crt new file mode 100644 index 0000000..67135a6 Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/SeparateCertificateandCRLKeysCA2CRLSigningCert.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/SeparateCertificateandCRLKeysCA2CertificateSigningCACert.crt b/BouncyCastle/crypto/test/data/PKITS/certs/SeparateCertificateandCRLKeysCA2CertificateSigningCACert.crt new file mode 100644 index 0000000..c05f92c Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/SeparateCertificateandCRLKeysCA2CertificateSigningCACert.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/SeparateCertificateandCRLKeysCRLSigningCert.crt b/BouncyCastle/crypto/test/data/PKITS/certs/SeparateCertificateandCRLKeysCRLSigningCert.crt new file mode 100644 index 0000000..8c7200f Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/SeparateCertificateandCRLKeysCRLSigningCert.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/SeparateCertificateandCRLKeysCertificateSigningCACert.crt b/BouncyCastle/crypto/test/data/PKITS/certs/SeparateCertificateandCRLKeysCertificateSigningCACert.crt new file mode 100644 index 0000000..10deedd Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/SeparateCertificateandCRLKeysCertificateSigningCACert.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/TrustAnchorRootCertificate.crt b/BouncyCastle/crypto/test/data/PKITS/certs/TrustAnchorRootCertificate.crt new file mode 100644 index 0000000..21f520e Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/TrustAnchorRootCertificate.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/TwoCRLsCACert.crt b/BouncyCastle/crypto/test/data/PKITS/certs/TwoCRLsCACert.crt new file mode 100644 index 0000000..c6389d3 Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/TwoCRLsCACert.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/UIDCACert.crt b/BouncyCastle/crypto/test/data/PKITS/certs/UIDCACert.crt new file mode 100644 index 0000000..d852bc0 Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/UIDCACert.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/UTF8StringCaseInsensitiveMatchCACert.crt b/BouncyCastle/crypto/test/data/PKITS/certs/UTF8StringCaseInsensitiveMatchCACert.crt new file mode 100644 index 0000000..c59715d Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/UTF8StringCaseInsensitiveMatchCACert.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/UTF8StringEncodedNamesCACert.crt b/BouncyCastle/crypto/test/data/PKITS/certs/UTF8StringEncodedNamesCACert.crt new file mode 100644 index 0000000..68d49e0 Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/UTF8StringEncodedNamesCACert.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/UnknownCRLEntryExtensionCACert.crt b/BouncyCastle/crypto/test/data/PKITS/certs/UnknownCRLEntryExtensionCACert.crt new file mode 100644 index 0000000..8c81c37 Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/UnknownCRLEntryExtensionCACert.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/UnknownCRLExtensionCACert.crt b/BouncyCastle/crypto/test/data/PKITS/certs/UnknownCRLExtensionCACert.crt new file mode 100644 index 0000000..db7d39e Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/UnknownCRLExtensionCACert.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/UserNoticeQualifierTest15EE.crt b/BouncyCastle/crypto/test/data/PKITS/certs/UserNoticeQualifierTest15EE.crt new file mode 100644 index 0000000..e912cdf Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/UserNoticeQualifierTest15EE.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/UserNoticeQualifierTest16EE.crt b/BouncyCastle/crypto/test/data/PKITS/certs/UserNoticeQualifierTest16EE.crt new file mode 100644 index 0000000..ec04e1f Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/UserNoticeQualifierTest16EE.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/UserNoticeQualifierTest17EE.crt b/BouncyCastle/crypto/test/data/PKITS/certs/UserNoticeQualifierTest17EE.crt new file mode 100644 index 0000000..f78a47d Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/UserNoticeQualifierTest17EE.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/UserNoticeQualifierTest18EE.crt b/BouncyCastle/crypto/test/data/PKITS/certs/UserNoticeQualifierTest18EE.crt new file mode 100644 index 0000000..cc5cf5a Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/UserNoticeQualifierTest18EE.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/UserNoticeQualifierTest19EE.crt b/BouncyCastle/crypto/test/data/PKITS/certs/UserNoticeQualifierTest19EE.crt new file mode 100644 index 0000000..3df534a Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/UserNoticeQualifierTest19EE.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/ValidBasicSelfIssuedCRLSigningKeyTest6EE.crt b/BouncyCastle/crypto/test/data/PKITS/certs/ValidBasicSelfIssuedCRLSigningKeyTest6EE.crt new file mode 100644 index 0000000..034de7f Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/ValidBasicSelfIssuedCRLSigningKeyTest6EE.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/ValidBasicSelfIssuedNewWithOldTest3EE.crt b/BouncyCastle/crypto/test/data/PKITS/certs/ValidBasicSelfIssuedNewWithOldTest3EE.crt new file mode 100644 index 0000000..199afb7 Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/ValidBasicSelfIssuedNewWithOldTest3EE.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/ValidBasicSelfIssuedNewWithOldTest4EE.crt b/BouncyCastle/crypto/test/data/PKITS/certs/ValidBasicSelfIssuedNewWithOldTest4EE.crt new file mode 100644 index 0000000..d432316 Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/ValidBasicSelfIssuedNewWithOldTest4EE.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/ValidBasicSelfIssuedOldWithNewTest1EE.crt b/BouncyCastle/crypto/test/data/PKITS/certs/ValidBasicSelfIssuedOldWithNewTest1EE.crt new file mode 100644 index 0000000..b54a8b0 Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/ValidBasicSelfIssuedOldWithNewTest1EE.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/ValidCertificatePathTest1EE.crt b/BouncyCastle/crypto/test/data/PKITS/certs/ValidCertificatePathTest1EE.crt new file mode 100644 index 0000000..26985c9 Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/ValidCertificatePathTest1EE.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/ValidDNSnameConstraintsTest30EE.crt b/BouncyCastle/crypto/test/data/PKITS/certs/ValidDNSnameConstraintsTest30EE.crt new file mode 100644 index 0000000..ec7d43d Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/ValidDNSnameConstraintsTest30EE.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/ValidDNSnameConstraintsTest32EE.crt b/BouncyCastle/crypto/test/data/PKITS/certs/ValidDNSnameConstraintsTest32EE.crt new file mode 100644 index 0000000..ed88860 Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/ValidDNSnameConstraintsTest32EE.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/ValidDNandRFC822nameConstraintsTest27EE.crt b/BouncyCastle/crypto/test/data/PKITS/certs/ValidDNandRFC822nameConstraintsTest27EE.crt new file mode 100644 index 0000000..73759dc Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/ValidDNandRFC822nameConstraintsTest27EE.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/ValidDNnameConstraintsTest11EE.crt b/BouncyCastle/crypto/test/data/PKITS/certs/ValidDNnameConstraintsTest11EE.crt new file mode 100644 index 0000000..1af47ba Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/ValidDNnameConstraintsTest11EE.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/ValidDNnameConstraintsTest14EE.crt b/BouncyCastle/crypto/test/data/PKITS/certs/ValidDNnameConstraintsTest14EE.crt new file mode 100644 index 0000000..ff249f0 Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/ValidDNnameConstraintsTest14EE.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/ValidDNnameConstraintsTest18EE.crt b/BouncyCastle/crypto/test/data/PKITS/certs/ValidDNnameConstraintsTest18EE.crt new file mode 100644 index 0000000..b658d67 Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/ValidDNnameConstraintsTest18EE.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/ValidDNnameConstraintsTest19EE.crt b/BouncyCastle/crypto/test/data/PKITS/certs/ValidDNnameConstraintsTest19EE.crt new file mode 100644 index 0000000..f4e2b84 Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/ValidDNnameConstraintsTest19EE.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/ValidDNnameConstraintsTest1EE.crt b/BouncyCastle/crypto/test/data/PKITS/certs/ValidDNnameConstraintsTest1EE.crt new file mode 100644 index 0000000..4c86f9b Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/ValidDNnameConstraintsTest1EE.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/ValidDNnameConstraintsTest4EE.crt b/BouncyCastle/crypto/test/data/PKITS/certs/ValidDNnameConstraintsTest4EE.crt new file mode 100644 index 0000000..beb4013 Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/ValidDNnameConstraintsTest4EE.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/ValidDNnameConstraintsTest5EE.crt b/BouncyCastle/crypto/test/data/PKITS/certs/ValidDNnameConstraintsTest5EE.crt new file mode 100644 index 0000000..b68b6f7 Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/ValidDNnameConstraintsTest5EE.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/ValidDNnameConstraintsTest6EE.crt b/BouncyCastle/crypto/test/data/PKITS/certs/ValidDNnameConstraintsTest6EE.crt new file mode 100644 index 0000000..9aff6e8 Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/ValidDNnameConstraintsTest6EE.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/ValidDSAParameterInheritanceTest5EE.crt b/BouncyCastle/crypto/test/data/PKITS/certs/ValidDSAParameterInheritanceTest5EE.crt new file mode 100644 index 0000000..8fe2af4 Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/ValidDSAParameterInheritanceTest5EE.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/ValidDSASignaturesTest4EE.crt b/BouncyCastle/crypto/test/data/PKITS/certs/ValidDSASignaturesTest4EE.crt new file mode 100644 index 0000000..5b1cbc8 Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/ValidDSASignaturesTest4EE.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/ValidGeneralizedTimeCRLnextUpdateTest13EE.crt b/BouncyCastle/crypto/test/data/PKITS/certs/ValidGeneralizedTimeCRLnextUpdateTest13EE.crt new file mode 100644 index 0000000..a22f2e6 Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/ValidGeneralizedTimeCRLnextUpdateTest13EE.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/ValidGeneralizedTimenotAfterDateTest8EE.crt b/BouncyCastle/crypto/test/data/PKITS/certs/ValidGeneralizedTimenotAfterDateTest8EE.crt new file mode 100644 index 0000000..15689c1 Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/ValidGeneralizedTimenotAfterDateTest8EE.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/ValidGeneralizedTimenotBeforeDateTest4EE.crt b/BouncyCastle/crypto/test/data/PKITS/certs/ValidGeneralizedTimenotBeforeDateTest4EE.crt new file mode 100644 index 0000000..385bb1e Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/ValidGeneralizedTimenotBeforeDateTest4EE.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/ValidIDPwithindirectCRLTest22EE.crt b/BouncyCastle/crypto/test/data/PKITS/certs/ValidIDPwithindirectCRLTest22EE.crt new file mode 100644 index 0000000..6706cf1 Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/ValidIDPwithindirectCRLTest22EE.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/ValidIDPwithindirectCRLTest24EE.crt b/BouncyCastle/crypto/test/data/PKITS/certs/ValidIDPwithindirectCRLTest24EE.crt new file mode 100644 index 0000000..bea72fe Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/ValidIDPwithindirectCRLTest24EE.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/ValidIDPwithindirectCRLTest25EE.crt b/BouncyCastle/crypto/test/data/PKITS/certs/ValidIDPwithindirectCRLTest25EE.crt new file mode 100644 index 0000000..994c90a Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/ValidIDPwithindirectCRLTest25EE.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/ValidLongSerialNumberTest16EE.crt b/BouncyCastle/crypto/test/data/PKITS/certs/ValidLongSerialNumberTest16EE.crt new file mode 100644 index 0000000..11ba787 Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/ValidLongSerialNumberTest16EE.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/ValidLongSerialNumberTest17EE.crt b/BouncyCastle/crypto/test/data/PKITS/certs/ValidLongSerialNumberTest17EE.crt new file mode 100644 index 0000000..75504db Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/ValidLongSerialNumberTest17EE.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/ValidNameChainingCapitalizationTest5EE.crt b/BouncyCastle/crypto/test/data/PKITS/certs/ValidNameChainingCapitalizationTest5EE.crt new file mode 100644 index 0000000..5b63387 Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/ValidNameChainingCapitalizationTest5EE.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/ValidNameChainingWhitespaceTest3EE.crt b/BouncyCastle/crypto/test/data/PKITS/certs/ValidNameChainingWhitespaceTest3EE.crt new file mode 100644 index 0000000..2aef73c Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/ValidNameChainingWhitespaceTest3EE.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/ValidNameChainingWhitespaceTest4EE.crt b/BouncyCastle/crypto/test/data/PKITS/certs/ValidNameChainingWhitespaceTest4EE.crt new file mode 100644 index 0000000..6890cdd Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/ValidNameChainingWhitespaceTest4EE.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/ValidNameUIDsTest6EE.crt b/BouncyCastle/crypto/test/data/PKITS/certs/ValidNameUIDsTest6EE.crt new file mode 100644 index 0000000..3cddea4 Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/ValidNameUIDsTest6EE.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/ValidNegativeSerialNumberTest14EE.crt b/BouncyCastle/crypto/test/data/PKITS/certs/ValidNegativeSerialNumberTest14EE.crt new file mode 100644 index 0000000..139a086 Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/ValidNegativeSerialNumberTest14EE.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/ValidNoissuingDistributionPointTest10EE.crt b/BouncyCastle/crypto/test/data/PKITS/certs/ValidNoissuingDistributionPointTest10EE.crt new file mode 100644 index 0000000..bd8ca38 Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/ValidNoissuingDistributionPointTest10EE.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/ValidPolicyMappingTest11EE.crt b/BouncyCastle/crypto/test/data/PKITS/certs/ValidPolicyMappingTest11EE.crt new file mode 100644 index 0000000..9d19ad1 Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/ValidPolicyMappingTest11EE.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/ValidPolicyMappingTest12EE.crt b/BouncyCastle/crypto/test/data/PKITS/certs/ValidPolicyMappingTest12EE.crt new file mode 100644 index 0000000..76b9fe5 Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/ValidPolicyMappingTest12EE.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/ValidPolicyMappingTest13EE.crt b/BouncyCastle/crypto/test/data/PKITS/certs/ValidPolicyMappingTest13EE.crt new file mode 100644 index 0000000..7db3305 Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/ValidPolicyMappingTest13EE.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/ValidPolicyMappingTest14EE.crt b/BouncyCastle/crypto/test/data/PKITS/certs/ValidPolicyMappingTest14EE.crt new file mode 100644 index 0000000..57bf426 Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/ValidPolicyMappingTest14EE.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/ValidPolicyMappingTest1EE.crt b/BouncyCastle/crypto/test/data/PKITS/certs/ValidPolicyMappingTest1EE.crt new file mode 100644 index 0000000..436cb9e Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/ValidPolicyMappingTest1EE.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/ValidPolicyMappingTest3EE.crt b/BouncyCastle/crypto/test/data/PKITS/certs/ValidPolicyMappingTest3EE.crt new file mode 100644 index 0000000..c835b0b Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/ValidPolicyMappingTest3EE.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/ValidPolicyMappingTest5EE.crt b/BouncyCastle/crypto/test/data/PKITS/certs/ValidPolicyMappingTest5EE.crt new file mode 100644 index 0000000..faaeb9e Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/ValidPolicyMappingTest5EE.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/ValidPolicyMappingTest6EE.crt b/BouncyCastle/crypto/test/data/PKITS/certs/ValidPolicyMappingTest6EE.crt new file mode 100644 index 0000000..2cd4433 Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/ValidPolicyMappingTest6EE.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/ValidPolicyMappingTest9EE.crt b/BouncyCastle/crypto/test/data/PKITS/certs/ValidPolicyMappingTest9EE.crt new file mode 100644 index 0000000..4debc29 Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/ValidPolicyMappingTest9EE.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/ValidRFC3280MandatoryAttributeTypesTest7EE.crt b/BouncyCastle/crypto/test/data/PKITS/certs/ValidRFC3280MandatoryAttributeTypesTest7EE.crt new file mode 100644 index 0000000..c3e9776 Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/ValidRFC3280MandatoryAttributeTypesTest7EE.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/ValidRFC3280OptionalAttributeTypesTest8EE.crt b/BouncyCastle/crypto/test/data/PKITS/certs/ValidRFC3280OptionalAttributeTypesTest8EE.crt new file mode 100644 index 0000000..f33c9d5 Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/ValidRFC3280OptionalAttributeTypesTest8EE.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/ValidRFC822nameConstraintsTest21EE.crt b/BouncyCastle/crypto/test/data/PKITS/certs/ValidRFC822nameConstraintsTest21EE.crt new file mode 100644 index 0000000..743e9eb Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/ValidRFC822nameConstraintsTest21EE.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/ValidRFC822nameConstraintsTest23EE.crt b/BouncyCastle/crypto/test/data/PKITS/certs/ValidRFC822nameConstraintsTest23EE.crt new file mode 100644 index 0000000..f8703ed Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/ValidRFC822nameConstraintsTest23EE.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/ValidRFC822nameConstraintsTest25EE.crt b/BouncyCastle/crypto/test/data/PKITS/certs/ValidRFC822nameConstraintsTest25EE.crt new file mode 100644 index 0000000..e89ae7f Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/ValidRFC822nameConstraintsTest25EE.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/ValidRolloverfromPrintableStringtoUTF8StringTest10EE.crt b/BouncyCastle/crypto/test/data/PKITS/certs/ValidRolloverfromPrintableStringtoUTF8StringTest10EE.crt new file mode 100644 index 0000000..924d2f6 Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/ValidRolloverfromPrintableStringtoUTF8StringTest10EE.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/ValidSelfIssuedinhibitAnyPolicyTest7EE.crt b/BouncyCastle/crypto/test/data/PKITS/certs/ValidSelfIssuedinhibitAnyPolicyTest7EE.crt new file mode 100644 index 0000000..2e7e995 Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/ValidSelfIssuedinhibitAnyPolicyTest7EE.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/ValidSelfIssuedinhibitAnyPolicyTest9EE.crt b/BouncyCastle/crypto/test/data/PKITS/certs/ValidSelfIssuedinhibitAnyPolicyTest9EE.crt new file mode 100644 index 0000000..7640247 Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/ValidSelfIssuedinhibitAnyPolicyTest9EE.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/ValidSelfIssuedinhibitPolicyMappingTest7EE.crt b/BouncyCastle/crypto/test/data/PKITS/certs/ValidSelfIssuedinhibitPolicyMappingTest7EE.crt new file mode 100644 index 0000000..b4b282d Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/ValidSelfIssuedinhibitPolicyMappingTest7EE.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/ValidSelfIssuedpathLenConstraintTest15EE.crt b/BouncyCastle/crypto/test/data/PKITS/certs/ValidSelfIssuedpathLenConstraintTest15EE.crt new file mode 100644 index 0000000..0bad35f Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/ValidSelfIssuedpathLenConstraintTest15EE.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/ValidSelfIssuedpathLenConstraintTest17EE.crt b/BouncyCastle/crypto/test/data/PKITS/certs/ValidSelfIssuedpathLenConstraintTest17EE.crt new file mode 100644 index 0000000..1535ef8 Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/ValidSelfIssuedpathLenConstraintTest17EE.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/ValidSelfIssuedrequireExplicitPolicyTest6EE.crt b/BouncyCastle/crypto/test/data/PKITS/certs/ValidSelfIssuedrequireExplicitPolicyTest6EE.crt new file mode 100644 index 0000000..781ce0d Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/ValidSelfIssuedrequireExplicitPolicyTest6EE.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/ValidSeparateCertificateandCRLKeysTest19EE.crt b/BouncyCastle/crypto/test/data/PKITS/certs/ValidSeparateCertificateandCRLKeysTest19EE.crt new file mode 100644 index 0000000..fda1819 Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/ValidSeparateCertificateandCRLKeysTest19EE.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/ValidTwoCRLsTest7EE.crt b/BouncyCastle/crypto/test/data/PKITS/certs/ValidTwoCRLsTest7EE.crt new file mode 100644 index 0000000..e04433a Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/ValidTwoCRLsTest7EE.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/ValidURInameConstraintsTest34EE.crt b/BouncyCastle/crypto/test/data/PKITS/certs/ValidURInameConstraintsTest34EE.crt new file mode 100644 index 0000000..b554f91 Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/ValidURInameConstraintsTest34EE.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/ValidURInameConstraintsTest36EE.crt b/BouncyCastle/crypto/test/data/PKITS/certs/ValidURInameConstraintsTest36EE.crt new file mode 100644 index 0000000..8b1f00f Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/ValidURInameConstraintsTest36EE.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/ValidUTF8StringCaseInsensitiveMatchTest11EE.crt b/BouncyCastle/crypto/test/data/PKITS/certs/ValidUTF8StringCaseInsensitiveMatchTest11EE.crt new file mode 100644 index 0000000..8a9d0ca Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/ValidUTF8StringCaseInsensitiveMatchTest11EE.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/ValidUTF8StringEncodedNamesTest9EE.crt b/BouncyCastle/crypto/test/data/PKITS/certs/ValidUTF8StringEncodedNamesTest9EE.crt new file mode 100644 index 0000000..c901690 Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/ValidUTF8StringEncodedNamesTest9EE.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/ValidUnknownNotCriticalCertificateExtensionTest1EE.crt b/BouncyCastle/crypto/test/data/PKITS/certs/ValidUnknownNotCriticalCertificateExtensionTest1EE.crt new file mode 100644 index 0000000..6ee8d1e Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/ValidUnknownNotCriticalCertificateExtensionTest1EE.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/ValidbasicConstraintsNotCriticalTest4EE.crt b/BouncyCastle/crypto/test/data/PKITS/certs/ValidbasicConstraintsNotCriticalTest4EE.crt new file mode 100644 index 0000000..543710f Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/ValidbasicConstraintsNotCriticalTest4EE.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/ValidcRLIssuerTest28EE.crt b/BouncyCastle/crypto/test/data/PKITS/certs/ValidcRLIssuerTest28EE.crt new file mode 100644 index 0000000..1448aa4 Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/ValidcRLIssuerTest28EE.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/ValidcRLIssuerTest29EE.crt b/BouncyCastle/crypto/test/data/PKITS/certs/ValidcRLIssuerTest29EE.crt new file mode 100644 index 0000000..ec442e1 Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/ValidcRLIssuerTest29EE.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/ValidcRLIssuerTest30EE.crt b/BouncyCastle/crypto/test/data/PKITS/certs/ValidcRLIssuerTest30EE.crt new file mode 100644 index 0000000..2dc2367 Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/ValidcRLIssuerTest30EE.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/ValidcRLIssuerTest33EE.crt b/BouncyCastle/crypto/test/data/PKITS/certs/ValidcRLIssuerTest33EE.crt new file mode 100644 index 0000000..65b2844 Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/ValidcRLIssuerTest33EE.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/ValiddeltaCRLTest2EE.crt b/BouncyCastle/crypto/test/data/PKITS/certs/ValiddeltaCRLTest2EE.crt new file mode 100644 index 0000000..0d24df0 Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/ValiddeltaCRLTest2EE.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/ValiddeltaCRLTest5EE.crt b/BouncyCastle/crypto/test/data/PKITS/certs/ValiddeltaCRLTest5EE.crt new file mode 100644 index 0000000..2bdaaf2 Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/ValiddeltaCRLTest5EE.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/ValiddeltaCRLTest7EE.crt b/BouncyCastle/crypto/test/data/PKITS/certs/ValiddeltaCRLTest7EE.crt new file mode 100644 index 0000000..3f67921 Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/ValiddeltaCRLTest7EE.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/ValiddeltaCRLTest8EE.crt b/BouncyCastle/crypto/test/data/PKITS/certs/ValiddeltaCRLTest8EE.crt new file mode 100644 index 0000000..6586128 Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/ValiddeltaCRLTest8EE.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/ValiddistributionPointTest1EE.crt b/BouncyCastle/crypto/test/data/PKITS/certs/ValiddistributionPointTest1EE.crt new file mode 100644 index 0000000..487cc2f Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/ValiddistributionPointTest1EE.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/ValiddistributionPointTest4EE.crt b/BouncyCastle/crypto/test/data/PKITS/certs/ValiddistributionPointTest4EE.crt new file mode 100644 index 0000000..3782e79 Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/ValiddistributionPointTest4EE.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/ValiddistributionPointTest5EE.crt b/BouncyCastle/crypto/test/data/PKITS/certs/ValiddistributionPointTest5EE.crt new file mode 100644 index 0000000..07a8c49 Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/ValiddistributionPointTest5EE.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/ValiddistributionPointTest7EE.crt b/BouncyCastle/crypto/test/data/PKITS/certs/ValiddistributionPointTest7EE.crt new file mode 100644 index 0000000..948f37f Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/ValiddistributionPointTest7EE.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/ValidinhibitAnyPolicyTest2EE.crt b/BouncyCastle/crypto/test/data/PKITS/certs/ValidinhibitAnyPolicyTest2EE.crt new file mode 100644 index 0000000..dc61d52 Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/ValidinhibitAnyPolicyTest2EE.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/ValidinhibitPolicyMappingTest2EE.crt b/BouncyCastle/crypto/test/data/PKITS/certs/ValidinhibitPolicyMappingTest2EE.crt new file mode 100644 index 0000000..fc432a1 Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/ValidinhibitPolicyMappingTest2EE.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/ValidinhibitPolicyMappingTest4EE.crt b/BouncyCastle/crypto/test/data/PKITS/certs/ValidinhibitPolicyMappingTest4EE.crt new file mode 100644 index 0000000..dce6927 Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/ValidinhibitPolicyMappingTest4EE.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/ValidkeyUsageNotCriticalTest3EE.crt b/BouncyCastle/crypto/test/data/PKITS/certs/ValidkeyUsageNotCriticalTest3EE.crt new file mode 100644 index 0000000..bddbb9a Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/ValidkeyUsageNotCriticalTest3EE.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/ValidonlyContainsCACertsTest13EE.crt b/BouncyCastle/crypto/test/data/PKITS/certs/ValidonlyContainsCACertsTest13EE.crt new file mode 100644 index 0000000..f35f5de Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/ValidonlyContainsCACertsTest13EE.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/ValidonlySomeReasonsTest18EE.crt b/BouncyCastle/crypto/test/data/PKITS/certs/ValidonlySomeReasonsTest18EE.crt new file mode 100644 index 0000000..7c0e1de Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/ValidonlySomeReasonsTest18EE.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/ValidonlySomeReasonsTest19EE.crt b/BouncyCastle/crypto/test/data/PKITS/certs/ValidonlySomeReasonsTest19EE.crt new file mode 100644 index 0000000..f3a811c Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/ValidonlySomeReasonsTest19EE.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/ValidpathLenConstraintTest13EE.crt b/BouncyCastle/crypto/test/data/PKITS/certs/ValidpathLenConstraintTest13EE.crt new file mode 100644 index 0000000..dcf8834 Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/ValidpathLenConstraintTest13EE.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/ValidpathLenConstraintTest14EE.crt b/BouncyCastle/crypto/test/data/PKITS/certs/ValidpathLenConstraintTest14EE.crt new file mode 100644 index 0000000..66fe256 Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/ValidpathLenConstraintTest14EE.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/ValidpathLenConstraintTest7EE.crt b/BouncyCastle/crypto/test/data/PKITS/certs/ValidpathLenConstraintTest7EE.crt new file mode 100644 index 0000000..5f689ea Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/ValidpathLenConstraintTest7EE.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/ValidpathLenConstraintTest8EE.crt b/BouncyCastle/crypto/test/data/PKITS/certs/ValidpathLenConstraintTest8EE.crt new file mode 100644 index 0000000..2357beb Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/ValidpathLenConstraintTest8EE.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/Validpre2000UTCnotBeforeDateTest3EE.crt b/BouncyCastle/crypto/test/data/PKITS/certs/Validpre2000UTCnotBeforeDateTest3EE.crt new file mode 100644 index 0000000..5a61499 Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/Validpre2000UTCnotBeforeDateTest3EE.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/ValidrequireExplicitPolicyTest1EE.crt b/BouncyCastle/crypto/test/data/PKITS/certs/ValidrequireExplicitPolicyTest1EE.crt new file mode 100644 index 0000000..1039926 Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/ValidrequireExplicitPolicyTest1EE.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/ValidrequireExplicitPolicyTest2EE.crt b/BouncyCastle/crypto/test/data/PKITS/certs/ValidrequireExplicitPolicyTest2EE.crt new file mode 100644 index 0000000..451c2d8 Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/ValidrequireExplicitPolicyTest2EE.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/ValidrequireExplicitPolicyTest4EE.crt b/BouncyCastle/crypto/test/data/PKITS/certs/ValidrequireExplicitPolicyTest4EE.crt new file mode 100644 index 0000000..a2fa2f1 Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/ValidrequireExplicitPolicyTest4EE.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/WrongCRLCACert.crt b/BouncyCastle/crypto/test/data/PKITS/certs/WrongCRLCACert.crt new file mode 100644 index 0000000..4cc5195 Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/WrongCRLCACert.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/anyPolicyCACert.crt b/BouncyCastle/crypto/test/data/PKITS/certs/anyPolicyCACert.crt new file mode 100644 index 0000000..4d9fb79 Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/anyPolicyCACert.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/basicConstraintsCriticalcAFalseCACert.crt b/BouncyCastle/crypto/test/data/PKITS/certs/basicConstraintsCriticalcAFalseCACert.crt new file mode 100644 index 0000000..12a8b50 Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/basicConstraintsCriticalcAFalseCACert.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/basicConstraintsNotCriticalCACert.crt b/BouncyCastle/crypto/test/data/PKITS/certs/basicConstraintsNotCriticalCACert.crt new file mode 100644 index 0000000..8f9da1e Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/basicConstraintsNotCriticalCACert.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/basicConstraintsNotCriticalcAFalseCACert.crt b/BouncyCastle/crypto/test/data/PKITS/certs/basicConstraintsNotCriticalcAFalseCACert.crt new file mode 100644 index 0000000..ca61262 Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/basicConstraintsNotCriticalcAFalseCACert.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/deltaCRLCA1Cert.crt b/BouncyCastle/crypto/test/data/PKITS/certs/deltaCRLCA1Cert.crt new file mode 100644 index 0000000..47f74eb Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/deltaCRLCA1Cert.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/deltaCRLCA2Cert.crt b/BouncyCastle/crypto/test/data/PKITS/certs/deltaCRLCA2Cert.crt new file mode 100644 index 0000000..a99dd40 Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/deltaCRLCA2Cert.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/deltaCRLCA3Cert.crt b/BouncyCastle/crypto/test/data/PKITS/certs/deltaCRLCA3Cert.crt new file mode 100644 index 0000000..eeaaa36 Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/deltaCRLCA3Cert.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/deltaCRLIndicatorNoBaseCACert.crt b/BouncyCastle/crypto/test/data/PKITS/certs/deltaCRLIndicatorNoBaseCACert.crt new file mode 100644 index 0000000..5ec06b3 Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/deltaCRLIndicatorNoBaseCACert.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/distributionPoint1CACert.crt b/BouncyCastle/crypto/test/data/PKITS/certs/distributionPoint1CACert.crt new file mode 100644 index 0000000..1e74bed Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/distributionPoint1CACert.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/distributionPoint2CACert.crt b/BouncyCastle/crypto/test/data/PKITS/certs/distributionPoint2CACert.crt new file mode 100644 index 0000000..a6d37be Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/distributionPoint2CACert.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/indirectCRLCA1Cert.crt b/BouncyCastle/crypto/test/data/PKITS/certs/indirectCRLCA1Cert.crt new file mode 100644 index 0000000..ef079f6 Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/indirectCRLCA1Cert.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/indirectCRLCA2Cert.crt b/BouncyCastle/crypto/test/data/PKITS/certs/indirectCRLCA2Cert.crt new file mode 100644 index 0000000..4bfc0b5 Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/indirectCRLCA2Cert.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/indirectCRLCA3Cert.crt b/BouncyCastle/crypto/test/data/PKITS/certs/indirectCRLCA3Cert.crt new file mode 100644 index 0000000..f0787f0 Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/indirectCRLCA3Cert.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/indirectCRLCA3cRLIssuerCert.crt b/BouncyCastle/crypto/test/data/PKITS/certs/indirectCRLCA3cRLIssuerCert.crt new file mode 100644 index 0000000..f808993 Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/indirectCRLCA3cRLIssuerCert.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/indirectCRLCA4Cert.crt b/BouncyCastle/crypto/test/data/PKITS/certs/indirectCRLCA4Cert.crt new file mode 100644 index 0000000..6ebe43c Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/indirectCRLCA4Cert.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/indirectCRLCA4cRLIssuerCert.crt b/BouncyCastle/crypto/test/data/PKITS/certs/indirectCRLCA4cRLIssuerCert.crt new file mode 100644 index 0000000..0468b08 Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/indirectCRLCA4cRLIssuerCert.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/indirectCRLCA5Cert.crt b/BouncyCastle/crypto/test/data/PKITS/certs/indirectCRLCA5Cert.crt new file mode 100644 index 0000000..90ba7d7 Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/indirectCRLCA5Cert.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/indirectCRLCA6Cert.crt b/BouncyCastle/crypto/test/data/PKITS/certs/indirectCRLCA6Cert.crt new file mode 100644 index 0000000..3c5781e Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/indirectCRLCA6Cert.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/inhibitAnyPolicy0CACert.crt b/BouncyCastle/crypto/test/data/PKITS/certs/inhibitAnyPolicy0CACert.crt new file mode 100644 index 0000000..4749689 Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/inhibitAnyPolicy0CACert.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/inhibitAnyPolicy1CACert.crt b/BouncyCastle/crypto/test/data/PKITS/certs/inhibitAnyPolicy1CACert.crt new file mode 100644 index 0000000..8d35b0e Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/inhibitAnyPolicy1CACert.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/inhibitAnyPolicy1SelfIssuedCACert.crt b/BouncyCastle/crypto/test/data/PKITS/certs/inhibitAnyPolicy1SelfIssuedCACert.crt new file mode 100644 index 0000000..0362dde Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/inhibitAnyPolicy1SelfIssuedCACert.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/inhibitAnyPolicy1SelfIssuedsubCA2Cert.crt b/BouncyCastle/crypto/test/data/PKITS/certs/inhibitAnyPolicy1SelfIssuedsubCA2Cert.crt new file mode 100644 index 0000000..1d24bc1 Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/inhibitAnyPolicy1SelfIssuedsubCA2Cert.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/inhibitAnyPolicy1subCA1Cert.crt b/BouncyCastle/crypto/test/data/PKITS/certs/inhibitAnyPolicy1subCA1Cert.crt new file mode 100644 index 0000000..af02467 Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/inhibitAnyPolicy1subCA1Cert.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/inhibitAnyPolicy1subCA2Cert.crt b/BouncyCastle/crypto/test/data/PKITS/certs/inhibitAnyPolicy1subCA2Cert.crt new file mode 100644 index 0000000..e8590f7 Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/inhibitAnyPolicy1subCA2Cert.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/inhibitAnyPolicy1subCAIAP5Cert.crt b/BouncyCastle/crypto/test/data/PKITS/certs/inhibitAnyPolicy1subCAIAP5Cert.crt new file mode 100644 index 0000000..75bc59e Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/inhibitAnyPolicy1subCAIAP5Cert.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/inhibitAnyPolicy1subsubCA2Cert.crt b/BouncyCastle/crypto/test/data/PKITS/certs/inhibitAnyPolicy1subsubCA2Cert.crt new file mode 100644 index 0000000..cbf40ff Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/inhibitAnyPolicy1subsubCA2Cert.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/inhibitAnyPolicy5CACert.crt b/BouncyCastle/crypto/test/data/PKITS/certs/inhibitAnyPolicy5CACert.crt new file mode 100644 index 0000000..3765f6e Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/inhibitAnyPolicy5CACert.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/inhibitAnyPolicy5subCACert.crt b/BouncyCastle/crypto/test/data/PKITS/certs/inhibitAnyPolicy5subCACert.crt new file mode 100644 index 0000000..f75006d Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/inhibitAnyPolicy5subCACert.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/inhibitAnyPolicy5subsubCACert.crt b/BouncyCastle/crypto/test/data/PKITS/certs/inhibitAnyPolicy5subsubCACert.crt new file mode 100644 index 0000000..f2898ea Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/inhibitAnyPolicy5subsubCACert.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/inhibitAnyPolicyTest3EE.crt b/BouncyCastle/crypto/test/data/PKITS/certs/inhibitAnyPolicyTest3EE.crt new file mode 100644 index 0000000..850d649 Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/inhibitAnyPolicyTest3EE.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/inhibitPolicyMapping0CACert.crt b/BouncyCastle/crypto/test/data/PKITS/certs/inhibitPolicyMapping0CACert.crt new file mode 100644 index 0000000..b4934e8 Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/inhibitPolicyMapping0CACert.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/inhibitPolicyMapping0subCACert.crt b/BouncyCastle/crypto/test/data/PKITS/certs/inhibitPolicyMapping0subCACert.crt new file mode 100644 index 0000000..79f45b8 Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/inhibitPolicyMapping0subCACert.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/inhibitPolicyMapping1P12CACert.crt b/BouncyCastle/crypto/test/data/PKITS/certs/inhibitPolicyMapping1P12CACert.crt new file mode 100644 index 0000000..57dd683 Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/inhibitPolicyMapping1P12CACert.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/inhibitPolicyMapping1P12subCACert.crt b/BouncyCastle/crypto/test/data/PKITS/certs/inhibitPolicyMapping1P12subCACert.crt new file mode 100644 index 0000000..1e6bd70 Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/inhibitPolicyMapping1P12subCACert.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/inhibitPolicyMapping1P12subCAIPM5Cert.crt b/BouncyCastle/crypto/test/data/PKITS/certs/inhibitPolicyMapping1P12subCAIPM5Cert.crt new file mode 100644 index 0000000..e683468 Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/inhibitPolicyMapping1P12subCAIPM5Cert.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/inhibitPolicyMapping1P12subsubCACert.crt b/BouncyCastle/crypto/test/data/PKITS/certs/inhibitPolicyMapping1P12subsubCACert.crt new file mode 100644 index 0000000..f73f4d2 Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/inhibitPolicyMapping1P12subsubCACert.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/inhibitPolicyMapping1P12subsubCAIPM5Cert.crt b/BouncyCastle/crypto/test/data/PKITS/certs/inhibitPolicyMapping1P12subsubCAIPM5Cert.crt new file mode 100644 index 0000000..fe32eda Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/inhibitPolicyMapping1P12subsubCAIPM5Cert.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/inhibitPolicyMapping1P1CACert.crt b/BouncyCastle/crypto/test/data/PKITS/certs/inhibitPolicyMapping1P1CACert.crt new file mode 100644 index 0000000..b3bff46 Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/inhibitPolicyMapping1P1CACert.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/inhibitPolicyMapping1P1SelfIssuedCACert.crt b/BouncyCastle/crypto/test/data/PKITS/certs/inhibitPolicyMapping1P1SelfIssuedCACert.crt new file mode 100644 index 0000000..399bd82 Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/inhibitPolicyMapping1P1SelfIssuedCACert.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/inhibitPolicyMapping1P1SelfIssuedsubCACert.crt b/BouncyCastle/crypto/test/data/PKITS/certs/inhibitPolicyMapping1P1SelfIssuedsubCACert.crt new file mode 100644 index 0000000..cd2ce94 Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/inhibitPolicyMapping1P1SelfIssuedsubCACert.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/inhibitPolicyMapping1P1subCACert.crt b/BouncyCastle/crypto/test/data/PKITS/certs/inhibitPolicyMapping1P1subCACert.crt new file mode 100644 index 0000000..31d9af5 Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/inhibitPolicyMapping1P1subCACert.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/inhibitPolicyMapping1P1subsubCACert.crt b/BouncyCastle/crypto/test/data/PKITS/certs/inhibitPolicyMapping1P1subsubCACert.crt new file mode 100644 index 0000000..13e78f0 Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/inhibitPolicyMapping1P1subsubCACert.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/inhibitPolicyMapping5CACert.crt b/BouncyCastle/crypto/test/data/PKITS/certs/inhibitPolicyMapping5CACert.crt new file mode 100644 index 0000000..86ea426 Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/inhibitPolicyMapping5CACert.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/inhibitPolicyMapping5subCACert.crt b/BouncyCastle/crypto/test/data/PKITS/certs/inhibitPolicyMapping5subCACert.crt new file mode 100644 index 0000000..788622c Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/inhibitPolicyMapping5subCACert.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/inhibitPolicyMapping5subsubCACert.crt b/BouncyCastle/crypto/test/data/PKITS/certs/inhibitPolicyMapping5subsubCACert.crt new file mode 100644 index 0000000..d4a025e Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/inhibitPolicyMapping5subsubCACert.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/inhibitPolicyMapping5subsubsubCACert.crt b/BouncyCastle/crypto/test/data/PKITS/certs/inhibitPolicyMapping5subsubsubCACert.crt new file mode 100644 index 0000000..2c0e6e8 Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/inhibitPolicyMapping5subsubsubCACert.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/keyUsageCriticalcRLSignFalseCACert.crt b/BouncyCastle/crypto/test/data/PKITS/certs/keyUsageCriticalcRLSignFalseCACert.crt new file mode 100644 index 0000000..a50545a Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/keyUsageCriticalcRLSignFalseCACert.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/keyUsageCriticalkeyCertSignFalseCACert.crt b/BouncyCastle/crypto/test/data/PKITS/certs/keyUsageCriticalkeyCertSignFalseCACert.crt new file mode 100644 index 0000000..f6824d3 Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/keyUsageCriticalkeyCertSignFalseCACert.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/keyUsageNotCriticalCACert.crt b/BouncyCastle/crypto/test/data/PKITS/certs/keyUsageNotCriticalCACert.crt new file mode 100644 index 0000000..344f7d9 Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/keyUsageNotCriticalCACert.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/keyUsageNotCriticalcRLSignFalseCACert.crt b/BouncyCastle/crypto/test/data/PKITS/certs/keyUsageNotCriticalcRLSignFalseCACert.crt new file mode 100644 index 0000000..c02d6f4 Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/keyUsageNotCriticalcRLSignFalseCACert.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/keyUsageNotCriticalkeyCertSignFalseCACert.crt b/BouncyCastle/crypto/test/data/PKITS/certs/keyUsageNotCriticalkeyCertSignFalseCACert.crt new file mode 100644 index 0000000..b9c46b5 Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/keyUsageNotCriticalkeyCertSignFalseCACert.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/nameConstraintsDN1CACert.crt b/BouncyCastle/crypto/test/data/PKITS/certs/nameConstraintsDN1CACert.crt new file mode 100644 index 0000000..5379f1f Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/nameConstraintsDN1CACert.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/nameConstraintsDN1SelfIssuedCACert.crt b/BouncyCastle/crypto/test/data/PKITS/certs/nameConstraintsDN1SelfIssuedCACert.crt new file mode 100644 index 0000000..75f1f7e Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/nameConstraintsDN1SelfIssuedCACert.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/nameConstraintsDN1subCA1Cert.crt b/BouncyCastle/crypto/test/data/PKITS/certs/nameConstraintsDN1subCA1Cert.crt new file mode 100644 index 0000000..670291b Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/nameConstraintsDN1subCA1Cert.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/nameConstraintsDN1subCA2Cert.crt b/BouncyCastle/crypto/test/data/PKITS/certs/nameConstraintsDN1subCA2Cert.crt new file mode 100644 index 0000000..a010eee Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/nameConstraintsDN1subCA2Cert.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/nameConstraintsDN1subCA3Cert.crt b/BouncyCastle/crypto/test/data/PKITS/certs/nameConstraintsDN1subCA3Cert.crt new file mode 100644 index 0000000..b31c28a Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/nameConstraintsDN1subCA3Cert.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/nameConstraintsDN2CACert.crt b/BouncyCastle/crypto/test/data/PKITS/certs/nameConstraintsDN2CACert.crt new file mode 100644 index 0000000..3aab55b Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/nameConstraintsDN2CACert.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/nameConstraintsDN3CACert.crt b/BouncyCastle/crypto/test/data/PKITS/certs/nameConstraintsDN3CACert.crt new file mode 100644 index 0000000..f1af18e Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/nameConstraintsDN3CACert.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/nameConstraintsDN3subCA1Cert.crt b/BouncyCastle/crypto/test/data/PKITS/certs/nameConstraintsDN3subCA1Cert.crt new file mode 100644 index 0000000..e40c5f0 Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/nameConstraintsDN3subCA1Cert.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/nameConstraintsDN3subCA2Cert.crt b/BouncyCastle/crypto/test/data/PKITS/certs/nameConstraintsDN3subCA2Cert.crt new file mode 100644 index 0000000..9424745 Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/nameConstraintsDN3subCA2Cert.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/nameConstraintsDN4CACert.crt b/BouncyCastle/crypto/test/data/PKITS/certs/nameConstraintsDN4CACert.crt new file mode 100644 index 0000000..141eb72 Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/nameConstraintsDN4CACert.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/nameConstraintsDN5CACert.crt b/BouncyCastle/crypto/test/data/PKITS/certs/nameConstraintsDN5CACert.crt new file mode 100644 index 0000000..a0d0628 Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/nameConstraintsDN5CACert.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/nameConstraintsDNS1CACert.crt b/BouncyCastle/crypto/test/data/PKITS/certs/nameConstraintsDNS1CACert.crt new file mode 100644 index 0000000..10f0b35 Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/nameConstraintsDNS1CACert.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/nameConstraintsDNS2CACert.crt b/BouncyCastle/crypto/test/data/PKITS/certs/nameConstraintsDNS2CACert.crt new file mode 100644 index 0000000..83fabc5 Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/nameConstraintsDNS2CACert.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/nameConstraintsRFC822CA1Cert.crt b/BouncyCastle/crypto/test/data/PKITS/certs/nameConstraintsRFC822CA1Cert.crt new file mode 100644 index 0000000..07fcc37 Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/nameConstraintsRFC822CA1Cert.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/nameConstraintsRFC822CA2Cert.crt b/BouncyCastle/crypto/test/data/PKITS/certs/nameConstraintsRFC822CA2Cert.crt new file mode 100644 index 0000000..2001bfa Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/nameConstraintsRFC822CA2Cert.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/nameConstraintsRFC822CA3Cert.crt b/BouncyCastle/crypto/test/data/PKITS/certs/nameConstraintsRFC822CA3Cert.crt new file mode 100644 index 0000000..e372369 Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/nameConstraintsRFC822CA3Cert.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/nameConstraintsURI1CACert.crt b/BouncyCastle/crypto/test/data/PKITS/certs/nameConstraintsURI1CACert.crt new file mode 100644 index 0000000..d0dbca5 Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/nameConstraintsURI1CACert.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/nameConstraintsURI2CACert.crt b/BouncyCastle/crypto/test/data/PKITS/certs/nameConstraintsURI2CACert.crt new file mode 100644 index 0000000..bf988e6 Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/nameConstraintsURI2CACert.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/onlyContainsAttributeCertsCACert.crt b/BouncyCastle/crypto/test/data/PKITS/certs/onlyContainsAttributeCertsCACert.crt new file mode 100644 index 0000000..6855fbe Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/onlyContainsAttributeCertsCACert.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/onlyContainsCACertsCACert.crt b/BouncyCastle/crypto/test/data/PKITS/certs/onlyContainsCACertsCACert.crt new file mode 100644 index 0000000..055d8aa Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/onlyContainsCACertsCACert.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/onlyContainsUserCertsCACert.crt b/BouncyCastle/crypto/test/data/PKITS/certs/onlyContainsUserCertsCACert.crt new file mode 100644 index 0000000..f8fc85e Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/onlyContainsUserCertsCACert.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/onlySomeReasonsCA1Cert.crt b/BouncyCastle/crypto/test/data/PKITS/certs/onlySomeReasonsCA1Cert.crt new file mode 100644 index 0000000..26ee389 Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/onlySomeReasonsCA1Cert.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/onlySomeReasonsCA2Cert.crt b/BouncyCastle/crypto/test/data/PKITS/certs/onlySomeReasonsCA2Cert.crt new file mode 100644 index 0000000..3c444e1 Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/onlySomeReasonsCA2Cert.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/onlySomeReasonsCA3Cert.crt b/BouncyCastle/crypto/test/data/PKITS/certs/onlySomeReasonsCA3Cert.crt new file mode 100644 index 0000000..3b09699 Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/onlySomeReasonsCA3Cert.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/onlySomeReasonsCA4Cert.crt b/BouncyCastle/crypto/test/data/PKITS/certs/onlySomeReasonsCA4Cert.crt new file mode 100644 index 0000000..4889d5c Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/onlySomeReasonsCA4Cert.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/pathLenConstraint0CACert.crt b/BouncyCastle/crypto/test/data/PKITS/certs/pathLenConstraint0CACert.crt new file mode 100644 index 0000000..73c9433 Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/pathLenConstraint0CACert.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/pathLenConstraint0SelfIssuedCACert.crt b/BouncyCastle/crypto/test/data/PKITS/certs/pathLenConstraint0SelfIssuedCACert.crt new file mode 100644 index 0000000..f66228e Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/pathLenConstraint0SelfIssuedCACert.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/pathLenConstraint0subCA2Cert.crt b/BouncyCastle/crypto/test/data/PKITS/certs/pathLenConstraint0subCA2Cert.crt new file mode 100644 index 0000000..c5cdea3 Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/pathLenConstraint0subCA2Cert.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/pathLenConstraint0subCACert.crt b/BouncyCastle/crypto/test/data/PKITS/certs/pathLenConstraint0subCACert.crt new file mode 100644 index 0000000..c51de22 Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/pathLenConstraint0subCACert.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/pathLenConstraint1CACert.crt b/BouncyCastle/crypto/test/data/PKITS/certs/pathLenConstraint1CACert.crt new file mode 100644 index 0000000..b1da15b Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/pathLenConstraint1CACert.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/pathLenConstraint1SelfIssuedCACert.crt b/BouncyCastle/crypto/test/data/PKITS/certs/pathLenConstraint1SelfIssuedCACert.crt new file mode 100644 index 0000000..02aeffa Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/pathLenConstraint1SelfIssuedCACert.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/pathLenConstraint1SelfIssuedsubCACert.crt b/BouncyCastle/crypto/test/data/PKITS/certs/pathLenConstraint1SelfIssuedsubCACert.crt new file mode 100644 index 0000000..0a94f5f Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/pathLenConstraint1SelfIssuedsubCACert.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/pathLenConstraint1subCACert.crt b/BouncyCastle/crypto/test/data/PKITS/certs/pathLenConstraint1subCACert.crt new file mode 100644 index 0000000..a84fb53 Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/pathLenConstraint1subCACert.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/pathLenConstraint6CACert.crt b/BouncyCastle/crypto/test/data/PKITS/certs/pathLenConstraint6CACert.crt new file mode 100644 index 0000000..d89052b Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/pathLenConstraint6CACert.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/pathLenConstraint6subCA0Cert.crt b/BouncyCastle/crypto/test/data/PKITS/certs/pathLenConstraint6subCA0Cert.crt new file mode 100644 index 0000000..4b22016 Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/pathLenConstraint6subCA0Cert.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/pathLenConstraint6subCA1Cert.crt b/BouncyCastle/crypto/test/data/PKITS/certs/pathLenConstraint6subCA1Cert.crt new file mode 100644 index 0000000..b25ba34 Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/pathLenConstraint6subCA1Cert.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/pathLenConstraint6subCA4Cert.crt b/BouncyCastle/crypto/test/data/PKITS/certs/pathLenConstraint6subCA4Cert.crt new file mode 100644 index 0000000..ca87ee8 Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/pathLenConstraint6subCA4Cert.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/pathLenConstraint6subsubCA00Cert.crt b/BouncyCastle/crypto/test/data/PKITS/certs/pathLenConstraint6subsubCA00Cert.crt new file mode 100644 index 0000000..2b88eb6 Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/pathLenConstraint6subsubCA00Cert.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/pathLenConstraint6subsubCA11Cert.crt b/BouncyCastle/crypto/test/data/PKITS/certs/pathLenConstraint6subsubCA11Cert.crt new file mode 100644 index 0000000..de511c4 Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/pathLenConstraint6subsubCA11Cert.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/pathLenConstraint6subsubCA41Cert.crt b/BouncyCastle/crypto/test/data/PKITS/certs/pathLenConstraint6subsubCA41Cert.crt new file mode 100644 index 0000000..c6e6096 Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/pathLenConstraint6subsubCA41Cert.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/pathLenConstraint6subsubsubCA11XCert.crt b/BouncyCastle/crypto/test/data/PKITS/certs/pathLenConstraint6subsubsubCA11XCert.crt new file mode 100644 index 0000000..9c9dc4e Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/pathLenConstraint6subsubsubCA11XCert.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/pathLenConstraint6subsubsubCA41XCert.crt b/BouncyCastle/crypto/test/data/PKITS/certs/pathLenConstraint6subsubsubCA41XCert.crt new file mode 100644 index 0000000..2729261 Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/pathLenConstraint6subsubsubCA41XCert.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/pre2000CRLnextUpdateCACert.crt b/BouncyCastle/crypto/test/data/PKITS/certs/pre2000CRLnextUpdateCACert.crt new file mode 100644 index 0000000..1a79b81 Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/pre2000CRLnextUpdateCACert.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/requireExplicitPolicy0CACert.crt b/BouncyCastle/crypto/test/data/PKITS/certs/requireExplicitPolicy0CACert.crt new file mode 100644 index 0000000..0eb93be Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/requireExplicitPolicy0CACert.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/requireExplicitPolicy0subCACert.crt b/BouncyCastle/crypto/test/data/PKITS/certs/requireExplicitPolicy0subCACert.crt new file mode 100644 index 0000000..f96129e Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/requireExplicitPolicy0subCACert.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/requireExplicitPolicy0subsubCACert.crt b/BouncyCastle/crypto/test/data/PKITS/certs/requireExplicitPolicy0subsubCACert.crt new file mode 100644 index 0000000..c0d9b49 Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/requireExplicitPolicy0subsubCACert.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/requireExplicitPolicy0subsubsubCACert.crt b/BouncyCastle/crypto/test/data/PKITS/certs/requireExplicitPolicy0subsubsubCACert.crt new file mode 100644 index 0000000..497d53a Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/requireExplicitPolicy0subsubsubCACert.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/requireExplicitPolicy10CACert.crt b/BouncyCastle/crypto/test/data/PKITS/certs/requireExplicitPolicy10CACert.crt new file mode 100644 index 0000000..b3406b1 Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/requireExplicitPolicy10CACert.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/requireExplicitPolicy10subCACert.crt b/BouncyCastle/crypto/test/data/PKITS/certs/requireExplicitPolicy10subCACert.crt new file mode 100644 index 0000000..1544bbb Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/requireExplicitPolicy10subCACert.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/requireExplicitPolicy10subsubCACert.crt b/BouncyCastle/crypto/test/data/PKITS/certs/requireExplicitPolicy10subsubCACert.crt new file mode 100644 index 0000000..0166d99 Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/requireExplicitPolicy10subsubCACert.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/requireExplicitPolicy10subsubsubCACert.crt b/BouncyCastle/crypto/test/data/PKITS/certs/requireExplicitPolicy10subsubsubCACert.crt new file mode 100644 index 0000000..8018f6a Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/requireExplicitPolicy10subsubsubCACert.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/requireExplicitPolicy2CACert.crt b/BouncyCastle/crypto/test/data/PKITS/certs/requireExplicitPolicy2CACert.crt new file mode 100644 index 0000000..7ec4e49 Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/requireExplicitPolicy2CACert.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/requireExplicitPolicy2SelfIssuedCACert.crt b/BouncyCastle/crypto/test/data/PKITS/certs/requireExplicitPolicy2SelfIssuedCACert.crt new file mode 100644 index 0000000..285a05c Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/requireExplicitPolicy2SelfIssuedCACert.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/requireExplicitPolicy2SelfIssuedsubCACert.crt b/BouncyCastle/crypto/test/data/PKITS/certs/requireExplicitPolicy2SelfIssuedsubCACert.crt new file mode 100644 index 0000000..f29b37f Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/requireExplicitPolicy2SelfIssuedsubCACert.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/requireExplicitPolicy2subCACert.crt b/BouncyCastle/crypto/test/data/PKITS/certs/requireExplicitPolicy2subCACert.crt new file mode 100644 index 0000000..a1f20a3 Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/requireExplicitPolicy2subCACert.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/requireExplicitPolicy4CACert.crt b/BouncyCastle/crypto/test/data/PKITS/certs/requireExplicitPolicy4CACert.crt new file mode 100644 index 0000000..c2a9c46 Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/requireExplicitPolicy4CACert.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/requireExplicitPolicy4subCACert.crt b/BouncyCastle/crypto/test/data/PKITS/certs/requireExplicitPolicy4subCACert.crt new file mode 100644 index 0000000..9f9ea5b Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/requireExplicitPolicy4subCACert.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/requireExplicitPolicy4subsubCACert.crt b/BouncyCastle/crypto/test/data/PKITS/certs/requireExplicitPolicy4subsubCACert.crt new file mode 100644 index 0000000..3d0f278 Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/requireExplicitPolicy4subsubCACert.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/requireExplicitPolicy4subsubsubCACert.crt b/BouncyCastle/crypto/test/data/PKITS/certs/requireExplicitPolicy4subsubsubCACert.crt new file mode 100644 index 0000000..a14f9d4 Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/requireExplicitPolicy4subsubsubCACert.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/requireExplicitPolicy5CACert.crt b/BouncyCastle/crypto/test/data/PKITS/certs/requireExplicitPolicy5CACert.crt new file mode 100644 index 0000000..ef2010b Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/requireExplicitPolicy5CACert.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/requireExplicitPolicy5subCACert.crt b/BouncyCastle/crypto/test/data/PKITS/certs/requireExplicitPolicy5subCACert.crt new file mode 100644 index 0000000..99d31d1 Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/requireExplicitPolicy5subCACert.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/requireExplicitPolicy5subsubCACert.crt b/BouncyCastle/crypto/test/data/PKITS/certs/requireExplicitPolicy5subsubCACert.crt new file mode 100644 index 0000000..99afa4d Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/requireExplicitPolicy5subsubCACert.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/requireExplicitPolicy5subsubsubCACert.crt b/BouncyCastle/crypto/test/data/PKITS/certs/requireExplicitPolicy5subsubsubCACert.crt new file mode 100644 index 0000000..9abe48d Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/requireExplicitPolicy5subsubsubCACert.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/requireExplicitPolicy7CACert.crt b/BouncyCastle/crypto/test/data/PKITS/certs/requireExplicitPolicy7CACert.crt new file mode 100644 index 0000000..cac6bb6 Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/requireExplicitPolicy7CACert.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/requireExplicitPolicy7subCARE2Cert.crt b/BouncyCastle/crypto/test/data/PKITS/certs/requireExplicitPolicy7subCARE2Cert.crt new file mode 100644 index 0000000..d55d884 Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/requireExplicitPolicy7subCARE2Cert.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/requireExplicitPolicy7subsubCARE2RE4Cert.crt b/BouncyCastle/crypto/test/data/PKITS/certs/requireExplicitPolicy7subsubCARE2RE4Cert.crt new file mode 100644 index 0000000..1c9aec8 Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/requireExplicitPolicy7subsubCARE2RE4Cert.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/certs/requireExplicitPolicy7subsubsubCARE2RE4Cert.crt b/BouncyCastle/crypto/test/data/PKITS/certs/requireExplicitPolicy7subsubsubCARE2RE4Cert.crt new file mode 100644 index 0000000..ecd5f45 Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/certs/requireExplicitPolicy7subsubsubCARE2RE4Cert.crt differ diff --git a/BouncyCastle/crypto/test/data/PKITS/crls/BadCRLIssuerNameCACRL.crl b/BouncyCastle/crypto/test/data/PKITS/crls/BadCRLIssuerNameCACRL.crl new file mode 100644 index 0000000..d4871b5 Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/crls/BadCRLIssuerNameCACRL.crl differ diff --git a/BouncyCastle/crypto/test/data/PKITS/crls/BadCRLSignatureCACRL.crl b/BouncyCastle/crypto/test/data/PKITS/crls/BadCRLSignatureCACRL.crl new file mode 100644 index 0000000..b1658c3 Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/crls/BadCRLSignatureCACRL.crl differ diff --git a/BouncyCastle/crypto/test/data/PKITS/crls/BadSignedCACRL.crl b/BouncyCastle/crypto/test/data/PKITS/crls/BadSignedCACRL.crl new file mode 100644 index 0000000..e0ded9b Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/crls/BadSignedCACRL.crl differ diff --git a/BouncyCastle/crypto/test/data/PKITS/crls/BadnotAfterDateCACRL.crl b/BouncyCastle/crypto/test/data/PKITS/crls/BadnotAfterDateCACRL.crl new file mode 100644 index 0000000..1ec2a0e Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/crls/BadnotAfterDateCACRL.crl differ diff --git a/BouncyCastle/crypto/test/data/PKITS/crls/BadnotBeforeDateCACRL.crl b/BouncyCastle/crypto/test/data/PKITS/crls/BadnotBeforeDateCACRL.crl new file mode 100644 index 0000000..1a96d0f Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/crls/BadnotBeforeDateCACRL.crl differ diff --git a/BouncyCastle/crypto/test/data/PKITS/crls/BasicSelfIssuedCRLSigningKeyCACRL.crl b/BouncyCastle/crypto/test/data/PKITS/crls/BasicSelfIssuedCRLSigningKeyCACRL.crl new file mode 100644 index 0000000..fed4864 Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/crls/BasicSelfIssuedCRLSigningKeyCACRL.crl differ diff --git a/BouncyCastle/crypto/test/data/PKITS/crls/BasicSelfIssuedCRLSigningKeyCRLCertCRL.crl b/BouncyCastle/crypto/test/data/PKITS/crls/BasicSelfIssuedCRLSigningKeyCRLCertCRL.crl new file mode 100644 index 0000000..053471f Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/crls/BasicSelfIssuedCRLSigningKeyCRLCertCRL.crl differ diff --git a/BouncyCastle/crypto/test/data/PKITS/crls/BasicSelfIssuedNewKeyCACRL.crl b/BouncyCastle/crypto/test/data/PKITS/crls/BasicSelfIssuedNewKeyCACRL.crl new file mode 100644 index 0000000..7370ed2 Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/crls/BasicSelfIssuedNewKeyCACRL.crl differ diff --git a/BouncyCastle/crypto/test/data/PKITS/crls/BasicSelfIssuedOldKeyCACRL.crl b/BouncyCastle/crypto/test/data/PKITS/crls/BasicSelfIssuedOldKeyCACRL.crl new file mode 100644 index 0000000..dee6183 Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/crls/BasicSelfIssuedOldKeyCACRL.crl differ diff --git a/BouncyCastle/crypto/test/data/PKITS/crls/BasicSelfIssuedOldKeySelfIssuedCertCRL.crl b/BouncyCastle/crypto/test/data/PKITS/crls/BasicSelfIssuedOldKeySelfIssuedCertCRL.crl new file mode 100644 index 0000000..4e7e014 Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/crls/BasicSelfIssuedOldKeySelfIssuedCertCRL.crl differ diff --git a/BouncyCastle/crypto/test/data/PKITS/crls/DSACACRL.crl b/BouncyCastle/crypto/test/data/PKITS/crls/DSACACRL.crl new file mode 100644 index 0000000..46463c8 Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/crls/DSACACRL.crl differ diff --git a/BouncyCastle/crypto/test/data/PKITS/crls/DSAParametersInheritedCACRL.crl b/BouncyCastle/crypto/test/data/PKITS/crls/DSAParametersInheritedCACRL.crl new file mode 100644 index 0000000..5bf7245 Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/crls/DSAParametersInheritedCACRL.crl differ diff --git a/BouncyCastle/crypto/test/data/PKITS/crls/GeneralizedTimeCRLnextUpdateCACRL.crl b/BouncyCastle/crypto/test/data/PKITS/crls/GeneralizedTimeCRLnextUpdateCACRL.crl new file mode 100644 index 0000000..40387d3 Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/crls/GeneralizedTimeCRLnextUpdateCACRL.crl differ diff --git a/BouncyCastle/crypto/test/data/PKITS/crls/GoodCACRL.crl b/BouncyCastle/crypto/test/data/PKITS/crls/GoodCACRL.crl new file mode 100644 index 0000000..2fdc3cc Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/crls/GoodCACRL.crl differ diff --git a/BouncyCastle/crypto/test/data/PKITS/crls/GoodsubCACRL.crl b/BouncyCastle/crypto/test/data/PKITS/crls/GoodsubCACRL.crl new file mode 100644 index 0000000..963d703 Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/crls/GoodsubCACRL.crl differ diff --git a/BouncyCastle/crypto/test/data/PKITS/crls/GoodsubCAPanyPolicyMapping1to2CACRL.crl b/BouncyCastle/crypto/test/data/PKITS/crls/GoodsubCAPanyPolicyMapping1to2CACRL.crl new file mode 100644 index 0000000..9c5d1b2 Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/crls/GoodsubCAPanyPolicyMapping1to2CACRL.crl differ diff --git a/BouncyCastle/crypto/test/data/PKITS/crls/LongSerialNumberCACRL.crl b/BouncyCastle/crypto/test/data/PKITS/crls/LongSerialNumberCACRL.crl new file mode 100644 index 0000000..55f39b8 Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/crls/LongSerialNumberCACRL.crl differ diff --git a/BouncyCastle/crypto/test/data/PKITS/crls/Mapping1to2CACRL.crl b/BouncyCastle/crypto/test/data/PKITS/crls/Mapping1to2CACRL.crl new file mode 100644 index 0000000..36e07e1 Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/crls/Mapping1to2CACRL.crl differ diff --git a/BouncyCastle/crypto/test/data/PKITS/crls/MappingFromanyPolicyCACRL.crl b/BouncyCastle/crypto/test/data/PKITS/crls/MappingFromanyPolicyCACRL.crl new file mode 100644 index 0000000..025b6bb Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/crls/MappingFromanyPolicyCACRL.crl differ diff --git a/BouncyCastle/crypto/test/data/PKITS/crls/MappingToanyPolicyCACRL.crl b/BouncyCastle/crypto/test/data/PKITS/crls/MappingToanyPolicyCACRL.crl new file mode 100644 index 0000000..99f1253 Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/crls/MappingToanyPolicyCACRL.crl differ diff --git a/BouncyCastle/crypto/test/data/PKITS/crls/MissingbasicConstraintsCACRL.crl b/BouncyCastle/crypto/test/data/PKITS/crls/MissingbasicConstraintsCACRL.crl new file mode 100644 index 0000000..f91729c Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/crls/MissingbasicConstraintsCACRL.crl differ diff --git a/BouncyCastle/crypto/test/data/PKITS/crls/NameOrderCACRL.crl b/BouncyCastle/crypto/test/data/PKITS/crls/NameOrderCACRL.crl new file mode 100644 index 0000000..4cd2015 Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/crls/NameOrderCACRL.crl differ diff --git a/BouncyCastle/crypto/test/data/PKITS/crls/NegativeSerialNumberCACRL.crl b/BouncyCastle/crypto/test/data/PKITS/crls/NegativeSerialNumberCACRL.crl new file mode 100644 index 0000000..99514d7 Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/crls/NegativeSerialNumberCACRL.crl differ diff --git a/BouncyCastle/crypto/test/data/PKITS/crls/NoPoliciesCACRL.crl b/BouncyCastle/crypto/test/data/PKITS/crls/NoPoliciesCACRL.crl new file mode 100644 index 0000000..b77586b Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/crls/NoPoliciesCACRL.crl differ diff --git a/BouncyCastle/crypto/test/data/PKITS/crls/NoissuingDistributionPointCACRL.crl b/BouncyCastle/crypto/test/data/PKITS/crls/NoissuingDistributionPointCACRL.crl new file mode 100644 index 0000000..c7d5b1d Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/crls/NoissuingDistributionPointCACRL.crl differ diff --git a/BouncyCastle/crypto/test/data/PKITS/crls/OldCRLnextUpdateCACRL.crl b/BouncyCastle/crypto/test/data/PKITS/crls/OldCRLnextUpdateCACRL.crl new file mode 100644 index 0000000..f121dff Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/crls/OldCRLnextUpdateCACRL.crl differ diff --git a/BouncyCastle/crypto/test/data/PKITS/crls/P12Mapping1to3CACRL.crl b/BouncyCastle/crypto/test/data/PKITS/crls/P12Mapping1to3CACRL.crl new file mode 100644 index 0000000..451d198 Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/crls/P12Mapping1to3CACRL.crl differ diff --git a/BouncyCastle/crypto/test/data/PKITS/crls/P12Mapping1to3subCACRL.crl b/BouncyCastle/crypto/test/data/PKITS/crls/P12Mapping1to3subCACRL.crl new file mode 100644 index 0000000..b063e6b Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/crls/P12Mapping1to3subCACRL.crl differ diff --git a/BouncyCastle/crypto/test/data/PKITS/crls/P12Mapping1to3subsubCACRL.crl b/BouncyCastle/crypto/test/data/PKITS/crls/P12Mapping1to3subsubCACRL.crl new file mode 100644 index 0000000..6dcdf05 Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/crls/P12Mapping1to3subsubCACRL.crl differ diff --git a/BouncyCastle/crypto/test/data/PKITS/crls/P1Mapping1to234CACRL.crl b/BouncyCastle/crypto/test/data/PKITS/crls/P1Mapping1to234CACRL.crl new file mode 100644 index 0000000..70febec Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/crls/P1Mapping1to234CACRL.crl differ diff --git a/BouncyCastle/crypto/test/data/PKITS/crls/P1Mapping1to234subCACRL.crl b/BouncyCastle/crypto/test/data/PKITS/crls/P1Mapping1to234subCACRL.crl new file mode 100644 index 0000000..8ee7799 Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/crls/P1Mapping1to234subCACRL.crl differ diff --git a/BouncyCastle/crypto/test/data/PKITS/crls/P1anyPolicyMapping1to2CACRL.crl b/BouncyCastle/crypto/test/data/PKITS/crls/P1anyPolicyMapping1to2CACRL.crl new file mode 100644 index 0000000..8cf52dc Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/crls/P1anyPolicyMapping1to2CACRL.crl differ diff --git a/BouncyCastle/crypto/test/data/PKITS/crls/PanyPolicyMapping1to2CACRL.crl b/BouncyCastle/crypto/test/data/PKITS/crls/PanyPolicyMapping1to2CACRL.crl new file mode 100644 index 0000000..51482de Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/crls/PanyPolicyMapping1to2CACRL.crl differ diff --git a/BouncyCastle/crypto/test/data/PKITS/crls/PoliciesP1234CACRL.crl b/BouncyCastle/crypto/test/data/PKITS/crls/PoliciesP1234CACRL.crl new file mode 100644 index 0000000..48c6b1a Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/crls/PoliciesP1234CACRL.crl differ diff --git a/BouncyCastle/crypto/test/data/PKITS/crls/PoliciesP1234subCAP123CRL.crl b/BouncyCastle/crypto/test/data/PKITS/crls/PoliciesP1234subCAP123CRL.crl new file mode 100644 index 0000000..aa84263 Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/crls/PoliciesP1234subCAP123CRL.crl differ diff --git a/BouncyCastle/crypto/test/data/PKITS/crls/PoliciesP1234subsubCAP123P12CRL.crl b/BouncyCastle/crypto/test/data/PKITS/crls/PoliciesP1234subsubCAP123P12CRL.crl new file mode 100644 index 0000000..ae1a019 Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/crls/PoliciesP1234subsubCAP123P12CRL.crl differ diff --git a/BouncyCastle/crypto/test/data/PKITS/crls/PoliciesP123CACRL.crl b/BouncyCastle/crypto/test/data/PKITS/crls/PoliciesP123CACRL.crl new file mode 100644 index 0000000..deb3706 Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/crls/PoliciesP123CACRL.crl differ diff --git a/BouncyCastle/crypto/test/data/PKITS/crls/PoliciesP123subCAP12CRL.crl b/BouncyCastle/crypto/test/data/PKITS/crls/PoliciesP123subCAP12CRL.crl new file mode 100644 index 0000000..ecd65f8 Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/crls/PoliciesP123subCAP12CRL.crl differ diff --git a/BouncyCastle/crypto/test/data/PKITS/crls/PoliciesP123subsubCAP12P1CRL.crl b/BouncyCastle/crypto/test/data/PKITS/crls/PoliciesP123subsubCAP12P1CRL.crl new file mode 100644 index 0000000..51f09f6 Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/crls/PoliciesP123subsubCAP12P1CRL.crl differ diff --git a/BouncyCastle/crypto/test/data/PKITS/crls/PoliciesP123subsubCAP2P2CRL.crl b/BouncyCastle/crypto/test/data/PKITS/crls/PoliciesP123subsubCAP2P2CRL.crl new file mode 100644 index 0000000..5d6fb36 Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/crls/PoliciesP123subsubCAP2P2CRL.crl differ diff --git a/BouncyCastle/crypto/test/data/PKITS/crls/PoliciesP123subsubsubCAP12P2P1CRL.crl b/BouncyCastle/crypto/test/data/PKITS/crls/PoliciesP123subsubsubCAP12P2P1CRL.crl new file mode 100644 index 0000000..07908f6 Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/crls/PoliciesP123subsubsubCAP12P2P1CRL.crl differ diff --git a/BouncyCastle/crypto/test/data/PKITS/crls/PoliciesP12CACRL.crl b/BouncyCastle/crypto/test/data/PKITS/crls/PoliciesP12CACRL.crl new file mode 100644 index 0000000..5b090b0 Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/crls/PoliciesP12CACRL.crl differ diff --git a/BouncyCastle/crypto/test/data/PKITS/crls/PoliciesP12subCAP1CRL.crl b/BouncyCastle/crypto/test/data/PKITS/crls/PoliciesP12subCAP1CRL.crl new file mode 100644 index 0000000..d2f29b7 Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/crls/PoliciesP12subCAP1CRL.crl differ diff --git a/BouncyCastle/crypto/test/data/PKITS/crls/PoliciesP12subsubCAP1P2CRL.crl b/BouncyCastle/crypto/test/data/PKITS/crls/PoliciesP12subsubCAP1P2CRL.crl new file mode 100644 index 0000000..bd4cf75 Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/crls/PoliciesP12subsubCAP1P2CRL.crl differ diff --git a/BouncyCastle/crypto/test/data/PKITS/crls/PoliciesP2subCA2CRL.crl b/BouncyCastle/crypto/test/data/PKITS/crls/PoliciesP2subCA2CRL.crl new file mode 100644 index 0000000..774bc73 Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/crls/PoliciesP2subCA2CRL.crl differ diff --git a/BouncyCastle/crypto/test/data/PKITS/crls/PoliciesP2subCACRL.crl b/BouncyCastle/crypto/test/data/PKITS/crls/PoliciesP2subCACRL.crl new file mode 100644 index 0000000..7d7ba76 Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/crls/PoliciesP2subCACRL.crl differ diff --git a/BouncyCastle/crypto/test/data/PKITS/crls/PoliciesP3CACRL.crl b/BouncyCastle/crypto/test/data/PKITS/crls/PoliciesP3CACRL.crl new file mode 100644 index 0000000..9d81c6d Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/crls/PoliciesP3CACRL.crl differ diff --git a/BouncyCastle/crypto/test/data/PKITS/crls/RFC3280MandatoryAttributeTypesCACRL.crl b/BouncyCastle/crypto/test/data/PKITS/crls/RFC3280MandatoryAttributeTypesCACRL.crl new file mode 100644 index 0000000..63ed655 Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/crls/RFC3280MandatoryAttributeTypesCACRL.crl differ diff --git a/BouncyCastle/crypto/test/data/PKITS/crls/RFC3280OptionalAttributeTypesCACRL.crl b/BouncyCastle/crypto/test/data/PKITS/crls/RFC3280OptionalAttributeTypesCACRL.crl new file mode 100644 index 0000000..e088ab1 Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/crls/RFC3280OptionalAttributeTypesCACRL.crl differ diff --git a/BouncyCastle/crypto/test/data/PKITS/crls/RevokedsubCACRL.crl b/BouncyCastle/crypto/test/data/PKITS/crls/RevokedsubCACRL.crl new file mode 100644 index 0000000..c77ffa3 Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/crls/RevokedsubCACRL.crl differ diff --git a/BouncyCastle/crypto/test/data/PKITS/crls/RolloverfromPrintableStringtoUTF8StringCACRL.crl b/BouncyCastle/crypto/test/data/PKITS/crls/RolloverfromPrintableStringtoUTF8StringCACRL.crl new file mode 100644 index 0000000..c7f5c7a Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/crls/RolloverfromPrintableStringtoUTF8StringCACRL.crl differ diff --git a/BouncyCastle/crypto/test/data/PKITS/crls/SeparateCertificateandCRLKeysCA2CRL.crl b/BouncyCastle/crypto/test/data/PKITS/crls/SeparateCertificateandCRLKeysCA2CRL.crl new file mode 100644 index 0000000..a85f99f Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/crls/SeparateCertificateandCRLKeysCA2CRL.crl differ diff --git a/BouncyCastle/crypto/test/data/PKITS/crls/SeparateCertificateandCRLKeysCRL.crl b/BouncyCastle/crypto/test/data/PKITS/crls/SeparateCertificateandCRLKeysCRL.crl new file mode 100644 index 0000000..4d159dd Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/crls/SeparateCertificateandCRLKeysCRL.crl differ diff --git a/BouncyCastle/crypto/test/data/PKITS/crls/TrustAnchorRootCRL.crl b/BouncyCastle/crypto/test/data/PKITS/crls/TrustAnchorRootCRL.crl new file mode 100644 index 0000000..3ba3df6 Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/crls/TrustAnchorRootCRL.crl differ diff --git a/BouncyCastle/crypto/test/data/PKITS/crls/TwoCRLsCABadCRL.crl b/BouncyCastle/crypto/test/data/PKITS/crls/TwoCRLsCABadCRL.crl new file mode 100644 index 0000000..fba92fa Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/crls/TwoCRLsCABadCRL.crl differ diff --git a/BouncyCastle/crypto/test/data/PKITS/crls/TwoCRLsCAGoodCRL.crl b/BouncyCastle/crypto/test/data/PKITS/crls/TwoCRLsCAGoodCRL.crl new file mode 100644 index 0000000..fcb7488 Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/crls/TwoCRLsCAGoodCRL.crl differ diff --git a/BouncyCastle/crypto/test/data/PKITS/crls/UIDCACRL.crl b/BouncyCastle/crypto/test/data/PKITS/crls/UIDCACRL.crl new file mode 100644 index 0000000..0da091a Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/crls/UIDCACRL.crl differ diff --git a/BouncyCastle/crypto/test/data/PKITS/crls/UTF8StringCaseInsensitiveMatchCACRL.crl b/BouncyCastle/crypto/test/data/PKITS/crls/UTF8StringCaseInsensitiveMatchCACRL.crl new file mode 100644 index 0000000..9ee2a23 Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/crls/UTF8StringCaseInsensitiveMatchCACRL.crl differ diff --git a/BouncyCastle/crypto/test/data/PKITS/crls/UTF8StringEncodedNamesCACRL.crl b/BouncyCastle/crypto/test/data/PKITS/crls/UTF8StringEncodedNamesCACRL.crl new file mode 100644 index 0000000..3d7de00 Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/crls/UTF8StringEncodedNamesCACRL.crl differ diff --git a/BouncyCastle/crypto/test/data/PKITS/crls/UnknownCRLEntryExtensionCACRL.crl b/BouncyCastle/crypto/test/data/PKITS/crls/UnknownCRLEntryExtensionCACRL.crl new file mode 100644 index 0000000..efbdae4 Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/crls/UnknownCRLEntryExtensionCACRL.crl differ diff --git a/BouncyCastle/crypto/test/data/PKITS/crls/UnknownCRLExtensionCACRL.crl b/BouncyCastle/crypto/test/data/PKITS/crls/UnknownCRLExtensionCACRL.crl new file mode 100644 index 0000000..de71113 Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/crls/UnknownCRLExtensionCACRL.crl differ diff --git a/BouncyCastle/crypto/test/data/PKITS/crls/WrongCRLCACRL.crl b/BouncyCastle/crypto/test/data/PKITS/crls/WrongCRLCACRL.crl new file mode 100644 index 0000000..3ba3df6 Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/crls/WrongCRLCACRL.crl differ diff --git a/BouncyCastle/crypto/test/data/PKITS/crls/anyPolicyCACRL.crl b/BouncyCastle/crypto/test/data/PKITS/crls/anyPolicyCACRL.crl new file mode 100644 index 0000000..8506ea1 Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/crls/anyPolicyCACRL.crl differ diff --git a/BouncyCastle/crypto/test/data/PKITS/crls/basicConstraintsCriticalcAFalseCACRL.crl b/BouncyCastle/crypto/test/data/PKITS/crls/basicConstraintsCriticalcAFalseCACRL.crl new file mode 100644 index 0000000..15a7e3d Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/crls/basicConstraintsCriticalcAFalseCACRL.crl differ diff --git a/BouncyCastle/crypto/test/data/PKITS/crls/basicConstraintsNotCriticalCACRL.crl b/BouncyCastle/crypto/test/data/PKITS/crls/basicConstraintsNotCriticalCACRL.crl new file mode 100644 index 0000000..9e5ac62 Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/crls/basicConstraintsNotCriticalCACRL.crl differ diff --git a/BouncyCastle/crypto/test/data/PKITS/crls/basicConstraintsNotCriticalcAFalseCACRL.crl b/BouncyCastle/crypto/test/data/PKITS/crls/basicConstraintsNotCriticalcAFalseCACRL.crl new file mode 100644 index 0000000..dfbbec9 Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/crls/basicConstraintsNotCriticalcAFalseCACRL.crl differ diff --git a/BouncyCastle/crypto/test/data/PKITS/crls/deltaCRLCA1CRL.crl b/BouncyCastle/crypto/test/data/PKITS/crls/deltaCRLCA1CRL.crl new file mode 100644 index 0000000..fb562aa Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/crls/deltaCRLCA1CRL.crl differ diff --git a/BouncyCastle/crypto/test/data/PKITS/crls/deltaCRLCA1deltaCRL.crl b/BouncyCastle/crypto/test/data/PKITS/crls/deltaCRLCA1deltaCRL.crl new file mode 100644 index 0000000..9a76c5c Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/crls/deltaCRLCA1deltaCRL.crl differ diff --git a/BouncyCastle/crypto/test/data/PKITS/crls/deltaCRLCA2CRL.crl b/BouncyCastle/crypto/test/data/PKITS/crls/deltaCRLCA2CRL.crl new file mode 100644 index 0000000..36d66fe Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/crls/deltaCRLCA2CRL.crl differ diff --git a/BouncyCastle/crypto/test/data/PKITS/crls/deltaCRLCA2deltaCRL.crl b/BouncyCastle/crypto/test/data/PKITS/crls/deltaCRLCA2deltaCRL.crl new file mode 100644 index 0000000..713d54a Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/crls/deltaCRLCA2deltaCRL.crl differ diff --git a/BouncyCastle/crypto/test/data/PKITS/crls/deltaCRLCA3CRL.crl b/BouncyCastle/crypto/test/data/PKITS/crls/deltaCRLCA3CRL.crl new file mode 100644 index 0000000..4527c9a Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/crls/deltaCRLCA3CRL.crl differ diff --git a/BouncyCastle/crypto/test/data/PKITS/crls/deltaCRLCA3deltaCRL.crl b/BouncyCastle/crypto/test/data/PKITS/crls/deltaCRLCA3deltaCRL.crl new file mode 100644 index 0000000..bfb3c1d Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/crls/deltaCRLCA3deltaCRL.crl differ diff --git a/BouncyCastle/crypto/test/data/PKITS/crls/deltaCRLIndicatorNoBaseCACRL.crl b/BouncyCastle/crypto/test/data/PKITS/crls/deltaCRLIndicatorNoBaseCACRL.crl new file mode 100644 index 0000000..b9a591e Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/crls/deltaCRLIndicatorNoBaseCACRL.crl differ diff --git a/BouncyCastle/crypto/test/data/PKITS/crls/distributionPoint1CACRL.crl b/BouncyCastle/crypto/test/data/PKITS/crls/distributionPoint1CACRL.crl new file mode 100644 index 0000000..1be74de Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/crls/distributionPoint1CACRL.crl differ diff --git a/BouncyCastle/crypto/test/data/PKITS/crls/distributionPoint2CACRL.crl b/BouncyCastle/crypto/test/data/PKITS/crls/distributionPoint2CACRL.crl new file mode 100644 index 0000000..5bdc149 Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/crls/distributionPoint2CACRL.crl differ diff --git a/BouncyCastle/crypto/test/data/PKITS/crls/indirectCRLCA1CRL.crl b/BouncyCastle/crypto/test/data/PKITS/crls/indirectCRLCA1CRL.crl new file mode 100644 index 0000000..6eed456 Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/crls/indirectCRLCA1CRL.crl differ diff --git a/BouncyCastle/crypto/test/data/PKITS/crls/indirectCRLCA3CRL.crl b/BouncyCastle/crypto/test/data/PKITS/crls/indirectCRLCA3CRL.crl new file mode 100644 index 0000000..02be179 Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/crls/indirectCRLCA3CRL.crl differ diff --git a/BouncyCastle/crypto/test/data/PKITS/crls/indirectCRLCA3cRLIssuerCRL.crl b/BouncyCastle/crypto/test/data/PKITS/crls/indirectCRLCA3cRLIssuerCRL.crl new file mode 100644 index 0000000..166a457 Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/crls/indirectCRLCA3cRLIssuerCRL.crl differ diff --git a/BouncyCastle/crypto/test/data/PKITS/crls/indirectCRLCA4cRLIssuerCRL.crl b/BouncyCastle/crypto/test/data/PKITS/crls/indirectCRLCA4cRLIssuerCRL.crl new file mode 100644 index 0000000..b870a7f Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/crls/indirectCRLCA4cRLIssuerCRL.crl differ diff --git a/BouncyCastle/crypto/test/data/PKITS/crls/indirectCRLCA5CRL.crl b/BouncyCastle/crypto/test/data/PKITS/crls/indirectCRLCA5CRL.crl new file mode 100644 index 0000000..25c2e81 Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/crls/indirectCRLCA5CRL.crl differ diff --git a/BouncyCastle/crypto/test/data/PKITS/crls/inhibitAnyPolicy0CACRL.crl b/BouncyCastle/crypto/test/data/PKITS/crls/inhibitAnyPolicy0CACRL.crl new file mode 100644 index 0000000..301f745 Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/crls/inhibitAnyPolicy0CACRL.crl differ diff --git a/BouncyCastle/crypto/test/data/PKITS/crls/inhibitAnyPolicy1CACRL.crl b/BouncyCastle/crypto/test/data/PKITS/crls/inhibitAnyPolicy1CACRL.crl new file mode 100644 index 0000000..ab13645 Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/crls/inhibitAnyPolicy1CACRL.crl differ diff --git a/BouncyCastle/crypto/test/data/PKITS/crls/inhibitAnyPolicy1subCA1CRL.crl b/BouncyCastle/crypto/test/data/PKITS/crls/inhibitAnyPolicy1subCA1CRL.crl new file mode 100644 index 0000000..46c0e0c Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/crls/inhibitAnyPolicy1subCA1CRL.crl differ diff --git a/BouncyCastle/crypto/test/data/PKITS/crls/inhibitAnyPolicy1subCA2CRL.crl b/BouncyCastle/crypto/test/data/PKITS/crls/inhibitAnyPolicy1subCA2CRL.crl new file mode 100644 index 0000000..1ee4b77 Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/crls/inhibitAnyPolicy1subCA2CRL.crl differ diff --git a/BouncyCastle/crypto/test/data/PKITS/crls/inhibitAnyPolicy1subCAIAP5CRL.crl b/BouncyCastle/crypto/test/data/PKITS/crls/inhibitAnyPolicy1subCAIAP5CRL.crl new file mode 100644 index 0000000..af4fff0 Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/crls/inhibitAnyPolicy1subCAIAP5CRL.crl differ diff --git a/BouncyCastle/crypto/test/data/PKITS/crls/inhibitAnyPolicy1subsubCA2CRL.crl b/BouncyCastle/crypto/test/data/PKITS/crls/inhibitAnyPolicy1subsubCA2CRL.crl new file mode 100644 index 0000000..3b6b35c Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/crls/inhibitAnyPolicy1subsubCA2CRL.crl differ diff --git a/BouncyCastle/crypto/test/data/PKITS/crls/inhibitAnyPolicy5CACRL.crl b/BouncyCastle/crypto/test/data/PKITS/crls/inhibitAnyPolicy5CACRL.crl new file mode 100644 index 0000000..07f5e3d Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/crls/inhibitAnyPolicy5CACRL.crl differ diff --git a/BouncyCastle/crypto/test/data/PKITS/crls/inhibitAnyPolicy5subCACRL.crl b/BouncyCastle/crypto/test/data/PKITS/crls/inhibitAnyPolicy5subCACRL.crl new file mode 100644 index 0000000..373bdeb Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/crls/inhibitAnyPolicy5subCACRL.crl differ diff --git a/BouncyCastle/crypto/test/data/PKITS/crls/inhibitAnyPolicy5subsubCACRL.crl b/BouncyCastle/crypto/test/data/PKITS/crls/inhibitAnyPolicy5subsubCACRL.crl new file mode 100644 index 0000000..e56b61c Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/crls/inhibitAnyPolicy5subsubCACRL.crl differ diff --git a/BouncyCastle/crypto/test/data/PKITS/crls/inhibitPolicyMapping0CACRL.crl b/BouncyCastle/crypto/test/data/PKITS/crls/inhibitPolicyMapping0CACRL.crl new file mode 100644 index 0000000..1ebad70 Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/crls/inhibitPolicyMapping0CACRL.crl differ diff --git a/BouncyCastle/crypto/test/data/PKITS/crls/inhibitPolicyMapping0subCACRL.crl b/BouncyCastle/crypto/test/data/PKITS/crls/inhibitPolicyMapping0subCACRL.crl new file mode 100644 index 0000000..e3f4f97 Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/crls/inhibitPolicyMapping0subCACRL.crl differ diff --git a/BouncyCastle/crypto/test/data/PKITS/crls/inhibitPolicyMapping1P12CACRL.crl b/BouncyCastle/crypto/test/data/PKITS/crls/inhibitPolicyMapping1P12CACRL.crl new file mode 100644 index 0000000..5291d66 Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/crls/inhibitPolicyMapping1P12CACRL.crl differ diff --git a/BouncyCastle/crypto/test/data/PKITS/crls/inhibitPolicyMapping1P12subCACRL.crl b/BouncyCastle/crypto/test/data/PKITS/crls/inhibitPolicyMapping1P12subCACRL.crl new file mode 100644 index 0000000..9c155a9 Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/crls/inhibitPolicyMapping1P12subCACRL.crl differ diff --git a/BouncyCastle/crypto/test/data/PKITS/crls/inhibitPolicyMapping1P12subCAIPM5CRL.crl b/BouncyCastle/crypto/test/data/PKITS/crls/inhibitPolicyMapping1P12subCAIPM5CRL.crl new file mode 100644 index 0000000..dc7fe68 Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/crls/inhibitPolicyMapping1P12subCAIPM5CRL.crl differ diff --git a/BouncyCastle/crypto/test/data/PKITS/crls/inhibitPolicyMapping1P12subsubCACRL.crl b/BouncyCastle/crypto/test/data/PKITS/crls/inhibitPolicyMapping1P12subsubCACRL.crl new file mode 100644 index 0000000..9fcab42 Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/crls/inhibitPolicyMapping1P12subsubCACRL.crl differ diff --git a/BouncyCastle/crypto/test/data/PKITS/crls/inhibitPolicyMapping1P12subsubCAIPM5CRL.crl b/BouncyCastle/crypto/test/data/PKITS/crls/inhibitPolicyMapping1P12subsubCAIPM5CRL.crl new file mode 100644 index 0000000..ebcdc5b Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/crls/inhibitPolicyMapping1P12subsubCAIPM5CRL.crl differ diff --git a/BouncyCastle/crypto/test/data/PKITS/crls/inhibitPolicyMapping1P1CACRL.crl b/BouncyCastle/crypto/test/data/PKITS/crls/inhibitPolicyMapping1P1CACRL.crl new file mode 100644 index 0000000..36c2b79 Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/crls/inhibitPolicyMapping1P1CACRL.crl differ diff --git a/BouncyCastle/crypto/test/data/PKITS/crls/inhibitPolicyMapping1P1subCACRL.crl b/BouncyCastle/crypto/test/data/PKITS/crls/inhibitPolicyMapping1P1subCACRL.crl new file mode 100644 index 0000000..1fa7ac9 Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/crls/inhibitPolicyMapping1P1subCACRL.crl differ diff --git a/BouncyCastle/crypto/test/data/PKITS/crls/inhibitPolicyMapping1P1subsubCACRL.crl b/BouncyCastle/crypto/test/data/PKITS/crls/inhibitPolicyMapping1P1subsubCACRL.crl new file mode 100644 index 0000000..3b1ac99 Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/crls/inhibitPolicyMapping1P1subsubCACRL.crl differ diff --git a/BouncyCastle/crypto/test/data/PKITS/crls/inhibitPolicyMapping5CACRL.crl b/BouncyCastle/crypto/test/data/PKITS/crls/inhibitPolicyMapping5CACRL.crl new file mode 100644 index 0000000..a19deb7 Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/crls/inhibitPolicyMapping5CACRL.crl differ diff --git a/BouncyCastle/crypto/test/data/PKITS/crls/inhibitPolicyMapping5subCACRL.crl b/BouncyCastle/crypto/test/data/PKITS/crls/inhibitPolicyMapping5subCACRL.crl new file mode 100644 index 0000000..c3ef691 Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/crls/inhibitPolicyMapping5subCACRL.crl differ diff --git a/BouncyCastle/crypto/test/data/PKITS/crls/inhibitPolicyMapping5subsubCACRL.crl b/BouncyCastle/crypto/test/data/PKITS/crls/inhibitPolicyMapping5subsubCACRL.crl new file mode 100644 index 0000000..45df218 Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/crls/inhibitPolicyMapping5subsubCACRL.crl differ diff --git a/BouncyCastle/crypto/test/data/PKITS/crls/inhibitPolicyMapping5subsubsubCACRL.crl b/BouncyCastle/crypto/test/data/PKITS/crls/inhibitPolicyMapping5subsubsubCACRL.crl new file mode 100644 index 0000000..3ca93d4 Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/crls/inhibitPolicyMapping5subsubsubCACRL.crl differ diff --git a/BouncyCastle/crypto/test/data/PKITS/crls/keyUsageCriticalcRLSignFalseCACRL.crl b/BouncyCastle/crypto/test/data/PKITS/crls/keyUsageCriticalcRLSignFalseCACRL.crl new file mode 100644 index 0000000..6f02f80 Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/crls/keyUsageCriticalcRLSignFalseCACRL.crl differ diff --git a/BouncyCastle/crypto/test/data/PKITS/crls/keyUsageCriticalkeyCertSignFalseCACRL.crl b/BouncyCastle/crypto/test/data/PKITS/crls/keyUsageCriticalkeyCertSignFalseCACRL.crl new file mode 100644 index 0000000..4abda76 Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/crls/keyUsageCriticalkeyCertSignFalseCACRL.crl differ diff --git a/BouncyCastle/crypto/test/data/PKITS/crls/keyUsageNotCriticalCACRL.crl b/BouncyCastle/crypto/test/data/PKITS/crls/keyUsageNotCriticalCACRL.crl new file mode 100644 index 0000000..358e4e6 Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/crls/keyUsageNotCriticalCACRL.crl differ diff --git a/BouncyCastle/crypto/test/data/PKITS/crls/keyUsageNotCriticalcRLSignFalseCACRL.crl b/BouncyCastle/crypto/test/data/PKITS/crls/keyUsageNotCriticalcRLSignFalseCACRL.crl new file mode 100644 index 0000000..707c73c Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/crls/keyUsageNotCriticalcRLSignFalseCACRL.crl differ diff --git a/BouncyCastle/crypto/test/data/PKITS/crls/keyUsageNotCriticalkeyCertSignFalseCACRL.crl b/BouncyCastle/crypto/test/data/PKITS/crls/keyUsageNotCriticalkeyCertSignFalseCACRL.crl new file mode 100644 index 0000000..5e817b6 Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/crls/keyUsageNotCriticalkeyCertSignFalseCACRL.crl differ diff --git a/BouncyCastle/crypto/test/data/PKITS/crls/nameConstraintsDN1CACRL.crl b/BouncyCastle/crypto/test/data/PKITS/crls/nameConstraintsDN1CACRL.crl new file mode 100644 index 0000000..10c7389 Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/crls/nameConstraintsDN1CACRL.crl differ diff --git a/BouncyCastle/crypto/test/data/PKITS/crls/nameConstraintsDN1subCA1CRL.crl b/BouncyCastle/crypto/test/data/PKITS/crls/nameConstraintsDN1subCA1CRL.crl new file mode 100644 index 0000000..9d33b7c Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/crls/nameConstraintsDN1subCA1CRL.crl differ diff --git a/BouncyCastle/crypto/test/data/PKITS/crls/nameConstraintsDN1subCA2CRL.crl b/BouncyCastle/crypto/test/data/PKITS/crls/nameConstraintsDN1subCA2CRL.crl new file mode 100644 index 0000000..7a3949e Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/crls/nameConstraintsDN1subCA2CRL.crl differ diff --git a/BouncyCastle/crypto/test/data/PKITS/crls/nameConstraintsDN1subCA3CRL.crl b/BouncyCastle/crypto/test/data/PKITS/crls/nameConstraintsDN1subCA3CRL.crl new file mode 100644 index 0000000..22aa2f9 Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/crls/nameConstraintsDN1subCA3CRL.crl differ diff --git a/BouncyCastle/crypto/test/data/PKITS/crls/nameConstraintsDN2CACRL.crl b/BouncyCastle/crypto/test/data/PKITS/crls/nameConstraintsDN2CACRL.crl new file mode 100644 index 0000000..da6fe6f Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/crls/nameConstraintsDN2CACRL.crl differ diff --git a/BouncyCastle/crypto/test/data/PKITS/crls/nameConstraintsDN3CACRL.crl b/BouncyCastle/crypto/test/data/PKITS/crls/nameConstraintsDN3CACRL.crl new file mode 100644 index 0000000..83fd3a5 Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/crls/nameConstraintsDN3CACRL.crl differ diff --git a/BouncyCastle/crypto/test/data/PKITS/crls/nameConstraintsDN3subCA1CRL.crl b/BouncyCastle/crypto/test/data/PKITS/crls/nameConstraintsDN3subCA1CRL.crl new file mode 100644 index 0000000..8c6fb50 Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/crls/nameConstraintsDN3subCA1CRL.crl differ diff --git a/BouncyCastle/crypto/test/data/PKITS/crls/nameConstraintsDN3subCA2CRL.crl b/BouncyCastle/crypto/test/data/PKITS/crls/nameConstraintsDN3subCA2CRL.crl new file mode 100644 index 0000000..1797663 Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/crls/nameConstraintsDN3subCA2CRL.crl differ diff --git a/BouncyCastle/crypto/test/data/PKITS/crls/nameConstraintsDN4CACRL.crl b/BouncyCastle/crypto/test/data/PKITS/crls/nameConstraintsDN4CACRL.crl new file mode 100644 index 0000000..ae9f73a Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/crls/nameConstraintsDN4CACRL.crl differ diff --git a/BouncyCastle/crypto/test/data/PKITS/crls/nameConstraintsDN5CACRL.crl b/BouncyCastle/crypto/test/data/PKITS/crls/nameConstraintsDN5CACRL.crl new file mode 100644 index 0000000..46dbb88 Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/crls/nameConstraintsDN5CACRL.crl differ diff --git a/BouncyCastle/crypto/test/data/PKITS/crls/nameConstraintsDNS1CACRL.crl b/BouncyCastle/crypto/test/data/PKITS/crls/nameConstraintsDNS1CACRL.crl new file mode 100644 index 0000000..94fa45e Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/crls/nameConstraintsDNS1CACRL.crl differ diff --git a/BouncyCastle/crypto/test/data/PKITS/crls/nameConstraintsDNS2CACRL.crl b/BouncyCastle/crypto/test/data/PKITS/crls/nameConstraintsDNS2CACRL.crl new file mode 100644 index 0000000..2140931 Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/crls/nameConstraintsDNS2CACRL.crl differ diff --git a/BouncyCastle/crypto/test/data/PKITS/crls/nameConstraintsRFC822CA1CRL.crl b/BouncyCastle/crypto/test/data/PKITS/crls/nameConstraintsRFC822CA1CRL.crl new file mode 100644 index 0000000..a4b0473 Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/crls/nameConstraintsRFC822CA1CRL.crl differ diff --git a/BouncyCastle/crypto/test/data/PKITS/crls/nameConstraintsRFC822CA2CRL.crl b/BouncyCastle/crypto/test/data/PKITS/crls/nameConstraintsRFC822CA2CRL.crl new file mode 100644 index 0000000..2042f6f Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/crls/nameConstraintsRFC822CA2CRL.crl differ diff --git a/BouncyCastle/crypto/test/data/PKITS/crls/nameConstraintsRFC822CA3CRL.crl b/BouncyCastle/crypto/test/data/PKITS/crls/nameConstraintsRFC822CA3CRL.crl new file mode 100644 index 0000000..8f207e5 Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/crls/nameConstraintsRFC822CA3CRL.crl differ diff --git a/BouncyCastle/crypto/test/data/PKITS/crls/nameConstraintsURI1CACRL.crl b/BouncyCastle/crypto/test/data/PKITS/crls/nameConstraintsURI1CACRL.crl new file mode 100644 index 0000000..b19c9de Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/crls/nameConstraintsURI1CACRL.crl differ diff --git a/BouncyCastle/crypto/test/data/PKITS/crls/nameConstraintsURI2CACRL.crl b/BouncyCastle/crypto/test/data/PKITS/crls/nameConstraintsURI2CACRL.crl new file mode 100644 index 0000000..3dbc011 Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/crls/nameConstraintsURI2CACRL.crl differ diff --git a/BouncyCastle/crypto/test/data/PKITS/crls/onlyContainsAttributeCertsCACRL.crl b/BouncyCastle/crypto/test/data/PKITS/crls/onlyContainsAttributeCertsCACRL.crl new file mode 100644 index 0000000..0993754 Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/crls/onlyContainsAttributeCertsCACRL.crl differ diff --git a/BouncyCastle/crypto/test/data/PKITS/crls/onlyContainsCACertsCACRL.crl b/BouncyCastle/crypto/test/data/PKITS/crls/onlyContainsCACertsCACRL.crl new file mode 100644 index 0000000..621dfa9 Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/crls/onlyContainsCACertsCACRL.crl differ diff --git a/BouncyCastle/crypto/test/data/PKITS/crls/onlyContainsUserCertsCACRL.crl b/BouncyCastle/crypto/test/data/PKITS/crls/onlyContainsUserCertsCACRL.crl new file mode 100644 index 0000000..1aee7c2 Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/crls/onlyContainsUserCertsCACRL.crl differ diff --git a/BouncyCastle/crypto/test/data/PKITS/crls/onlySomeReasonsCA1compromiseCRL.crl b/BouncyCastle/crypto/test/data/PKITS/crls/onlySomeReasonsCA1compromiseCRL.crl new file mode 100644 index 0000000..3d5ff65 Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/crls/onlySomeReasonsCA1compromiseCRL.crl differ diff --git a/BouncyCastle/crypto/test/data/PKITS/crls/onlySomeReasonsCA1otherreasonsCRL.crl b/BouncyCastle/crypto/test/data/PKITS/crls/onlySomeReasonsCA1otherreasonsCRL.crl new file mode 100644 index 0000000..83cce82 Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/crls/onlySomeReasonsCA1otherreasonsCRL.crl differ diff --git a/BouncyCastle/crypto/test/data/PKITS/crls/onlySomeReasonsCA2CRL1.crl b/BouncyCastle/crypto/test/data/PKITS/crls/onlySomeReasonsCA2CRL1.crl new file mode 100644 index 0000000..eb408f2 Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/crls/onlySomeReasonsCA2CRL1.crl differ diff --git a/BouncyCastle/crypto/test/data/PKITS/crls/onlySomeReasonsCA2CRL2.crl b/BouncyCastle/crypto/test/data/PKITS/crls/onlySomeReasonsCA2CRL2.crl new file mode 100644 index 0000000..e333d26 Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/crls/onlySomeReasonsCA2CRL2.crl differ diff --git a/BouncyCastle/crypto/test/data/PKITS/crls/onlySomeReasonsCA3compromiseCRL.crl b/BouncyCastle/crypto/test/data/PKITS/crls/onlySomeReasonsCA3compromiseCRL.crl new file mode 100644 index 0000000..6837068 Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/crls/onlySomeReasonsCA3compromiseCRL.crl differ diff --git a/BouncyCastle/crypto/test/data/PKITS/crls/onlySomeReasonsCA3otherreasonsCRL.crl b/BouncyCastle/crypto/test/data/PKITS/crls/onlySomeReasonsCA3otherreasonsCRL.crl new file mode 100644 index 0000000..ef4ee3e Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/crls/onlySomeReasonsCA3otherreasonsCRL.crl differ diff --git a/BouncyCastle/crypto/test/data/PKITS/crls/onlySomeReasonsCA4compromiseCRL.crl b/BouncyCastle/crypto/test/data/PKITS/crls/onlySomeReasonsCA4compromiseCRL.crl new file mode 100644 index 0000000..45fcc0b Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/crls/onlySomeReasonsCA4compromiseCRL.crl differ diff --git a/BouncyCastle/crypto/test/data/PKITS/crls/onlySomeReasonsCA4otherreasonsCRL.crl b/BouncyCastle/crypto/test/data/PKITS/crls/onlySomeReasonsCA4otherreasonsCRL.crl new file mode 100644 index 0000000..0fca681 Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/crls/onlySomeReasonsCA4otherreasonsCRL.crl differ diff --git a/BouncyCastle/crypto/test/data/PKITS/crls/pathLenConstraint0CACRL.crl b/BouncyCastle/crypto/test/data/PKITS/crls/pathLenConstraint0CACRL.crl new file mode 100644 index 0000000..1e52e65 Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/crls/pathLenConstraint0CACRL.crl differ diff --git a/BouncyCastle/crypto/test/data/PKITS/crls/pathLenConstraint0subCA2CRL.crl b/BouncyCastle/crypto/test/data/PKITS/crls/pathLenConstraint0subCA2CRL.crl new file mode 100644 index 0000000..69488c7 Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/crls/pathLenConstraint0subCA2CRL.crl differ diff --git a/BouncyCastle/crypto/test/data/PKITS/crls/pathLenConstraint0subCACRL.crl b/BouncyCastle/crypto/test/data/PKITS/crls/pathLenConstraint0subCACRL.crl new file mode 100644 index 0000000..0029579 Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/crls/pathLenConstraint0subCACRL.crl differ diff --git a/BouncyCastle/crypto/test/data/PKITS/crls/pathLenConstraint1CACRL.crl b/BouncyCastle/crypto/test/data/PKITS/crls/pathLenConstraint1CACRL.crl new file mode 100644 index 0000000..9c06980 Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/crls/pathLenConstraint1CACRL.crl differ diff --git a/BouncyCastle/crypto/test/data/PKITS/crls/pathLenConstraint1subCACRL.crl b/BouncyCastle/crypto/test/data/PKITS/crls/pathLenConstraint1subCACRL.crl new file mode 100644 index 0000000..61d0076 Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/crls/pathLenConstraint1subCACRL.crl differ diff --git a/BouncyCastle/crypto/test/data/PKITS/crls/pathLenConstraint6CACRL.crl b/BouncyCastle/crypto/test/data/PKITS/crls/pathLenConstraint6CACRL.crl new file mode 100644 index 0000000..779c2b7 Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/crls/pathLenConstraint6CACRL.crl differ diff --git a/BouncyCastle/crypto/test/data/PKITS/crls/pathLenConstraint6subCA0CRL.crl b/BouncyCastle/crypto/test/data/PKITS/crls/pathLenConstraint6subCA0CRL.crl new file mode 100644 index 0000000..30fee13 Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/crls/pathLenConstraint6subCA0CRL.crl differ diff --git a/BouncyCastle/crypto/test/data/PKITS/crls/pathLenConstraint6subCA1CRL.crl b/BouncyCastle/crypto/test/data/PKITS/crls/pathLenConstraint6subCA1CRL.crl new file mode 100644 index 0000000..71eafbb Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/crls/pathLenConstraint6subCA1CRL.crl differ diff --git a/BouncyCastle/crypto/test/data/PKITS/crls/pathLenConstraint6subCA4CRL.crl b/BouncyCastle/crypto/test/data/PKITS/crls/pathLenConstraint6subCA4CRL.crl new file mode 100644 index 0000000..8d14b0c Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/crls/pathLenConstraint6subCA4CRL.crl differ diff --git a/BouncyCastle/crypto/test/data/PKITS/crls/pathLenConstraint6subsubCA00CRL.crl b/BouncyCastle/crypto/test/data/PKITS/crls/pathLenConstraint6subsubCA00CRL.crl new file mode 100644 index 0000000..24ecdde Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/crls/pathLenConstraint6subsubCA00CRL.crl differ diff --git a/BouncyCastle/crypto/test/data/PKITS/crls/pathLenConstraint6subsubCA11CRL.crl b/BouncyCastle/crypto/test/data/PKITS/crls/pathLenConstraint6subsubCA11CRL.crl new file mode 100644 index 0000000..51b4ab7 Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/crls/pathLenConstraint6subsubCA11CRL.crl differ diff --git a/BouncyCastle/crypto/test/data/PKITS/crls/pathLenConstraint6subsubCA41CRL.crl b/BouncyCastle/crypto/test/data/PKITS/crls/pathLenConstraint6subsubCA41CRL.crl new file mode 100644 index 0000000..9e4e181 Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/crls/pathLenConstraint6subsubCA41CRL.crl differ diff --git a/BouncyCastle/crypto/test/data/PKITS/crls/pathLenConstraint6subsubsubCA11XCRL.crl b/BouncyCastle/crypto/test/data/PKITS/crls/pathLenConstraint6subsubsubCA11XCRL.crl new file mode 100644 index 0000000..5891e63 Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/crls/pathLenConstraint6subsubsubCA11XCRL.crl differ diff --git a/BouncyCastle/crypto/test/data/PKITS/crls/pathLenConstraint6subsubsubCA41XCRL.crl b/BouncyCastle/crypto/test/data/PKITS/crls/pathLenConstraint6subsubsubCA41XCRL.crl new file mode 100644 index 0000000..217e5e5 Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/crls/pathLenConstraint6subsubsubCA41XCRL.crl differ diff --git a/BouncyCastle/crypto/test/data/PKITS/crls/pre2000CRLnextUpdateCACRL.crl b/BouncyCastle/crypto/test/data/PKITS/crls/pre2000CRLnextUpdateCACRL.crl new file mode 100644 index 0000000..6315186 Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/crls/pre2000CRLnextUpdateCACRL.crl differ diff --git a/BouncyCastle/crypto/test/data/PKITS/crls/requireExplicitPolicy0CACRL.crl b/BouncyCastle/crypto/test/data/PKITS/crls/requireExplicitPolicy0CACRL.crl new file mode 100644 index 0000000..5ac2d27 Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/crls/requireExplicitPolicy0CACRL.crl differ diff --git a/BouncyCastle/crypto/test/data/PKITS/crls/requireExplicitPolicy0subCACRL.crl b/BouncyCastle/crypto/test/data/PKITS/crls/requireExplicitPolicy0subCACRL.crl new file mode 100644 index 0000000..569ff3e Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/crls/requireExplicitPolicy0subCACRL.crl differ diff --git a/BouncyCastle/crypto/test/data/PKITS/crls/requireExplicitPolicy0subsubCACRL.crl b/BouncyCastle/crypto/test/data/PKITS/crls/requireExplicitPolicy0subsubCACRL.crl new file mode 100644 index 0000000..c614cbb Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/crls/requireExplicitPolicy0subsubCACRL.crl differ diff --git a/BouncyCastle/crypto/test/data/PKITS/crls/requireExplicitPolicy0subsubsubCACRL.crl b/BouncyCastle/crypto/test/data/PKITS/crls/requireExplicitPolicy0subsubsubCACRL.crl new file mode 100644 index 0000000..910c035 Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/crls/requireExplicitPolicy0subsubsubCACRL.crl differ diff --git a/BouncyCastle/crypto/test/data/PKITS/crls/requireExplicitPolicy10CACRL.crl b/BouncyCastle/crypto/test/data/PKITS/crls/requireExplicitPolicy10CACRL.crl new file mode 100644 index 0000000..7bfbf76 Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/crls/requireExplicitPolicy10CACRL.crl differ diff --git a/BouncyCastle/crypto/test/data/PKITS/crls/requireExplicitPolicy10subCACRL.crl b/BouncyCastle/crypto/test/data/PKITS/crls/requireExplicitPolicy10subCACRL.crl new file mode 100644 index 0000000..bc4845d Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/crls/requireExplicitPolicy10subCACRL.crl differ diff --git a/BouncyCastle/crypto/test/data/PKITS/crls/requireExplicitPolicy10subsubCACRL.crl b/BouncyCastle/crypto/test/data/PKITS/crls/requireExplicitPolicy10subsubCACRL.crl new file mode 100644 index 0000000..802a652 Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/crls/requireExplicitPolicy10subsubCACRL.crl differ diff --git a/BouncyCastle/crypto/test/data/PKITS/crls/requireExplicitPolicy10subsubsubCACRL.crl b/BouncyCastle/crypto/test/data/PKITS/crls/requireExplicitPolicy10subsubsubCACRL.crl new file mode 100644 index 0000000..6f84d39 Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/crls/requireExplicitPolicy10subsubsubCACRL.crl differ diff --git a/BouncyCastle/crypto/test/data/PKITS/crls/requireExplicitPolicy2CACRL.crl b/BouncyCastle/crypto/test/data/PKITS/crls/requireExplicitPolicy2CACRL.crl new file mode 100644 index 0000000..e14cdaa Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/crls/requireExplicitPolicy2CACRL.crl differ diff --git a/BouncyCastle/crypto/test/data/PKITS/crls/requireExplicitPolicy2subCACRL.crl b/BouncyCastle/crypto/test/data/PKITS/crls/requireExplicitPolicy2subCACRL.crl new file mode 100644 index 0000000..8830917 Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/crls/requireExplicitPolicy2subCACRL.crl differ diff --git a/BouncyCastle/crypto/test/data/PKITS/crls/requireExplicitPolicy4CACRL.crl b/BouncyCastle/crypto/test/data/PKITS/crls/requireExplicitPolicy4CACRL.crl new file mode 100644 index 0000000..c6817a3 Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/crls/requireExplicitPolicy4CACRL.crl differ diff --git a/BouncyCastle/crypto/test/data/PKITS/crls/requireExplicitPolicy4subCACRL.crl b/BouncyCastle/crypto/test/data/PKITS/crls/requireExplicitPolicy4subCACRL.crl new file mode 100644 index 0000000..d1f5ad1 Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/crls/requireExplicitPolicy4subCACRL.crl differ diff --git a/BouncyCastle/crypto/test/data/PKITS/crls/requireExplicitPolicy4subsubCACRL.crl b/BouncyCastle/crypto/test/data/PKITS/crls/requireExplicitPolicy4subsubCACRL.crl new file mode 100644 index 0000000..7203b19 Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/crls/requireExplicitPolicy4subsubCACRL.crl differ diff --git a/BouncyCastle/crypto/test/data/PKITS/crls/requireExplicitPolicy4subsubsubCACRL.crl b/BouncyCastle/crypto/test/data/PKITS/crls/requireExplicitPolicy4subsubsubCACRL.crl new file mode 100644 index 0000000..467e004 Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/crls/requireExplicitPolicy4subsubsubCACRL.crl differ diff --git a/BouncyCastle/crypto/test/data/PKITS/crls/requireExplicitPolicy5CACRL.crl b/BouncyCastle/crypto/test/data/PKITS/crls/requireExplicitPolicy5CACRL.crl new file mode 100644 index 0000000..96848db Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/crls/requireExplicitPolicy5CACRL.crl differ diff --git a/BouncyCastle/crypto/test/data/PKITS/crls/requireExplicitPolicy5subCACRL.crl b/BouncyCastle/crypto/test/data/PKITS/crls/requireExplicitPolicy5subCACRL.crl new file mode 100644 index 0000000..8bb7c1d Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/crls/requireExplicitPolicy5subCACRL.crl differ diff --git a/BouncyCastle/crypto/test/data/PKITS/crls/requireExplicitPolicy5subsubCACRL.crl b/BouncyCastle/crypto/test/data/PKITS/crls/requireExplicitPolicy5subsubCACRL.crl new file mode 100644 index 0000000..143dab5 Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/crls/requireExplicitPolicy5subsubCACRL.crl differ diff --git a/BouncyCastle/crypto/test/data/PKITS/crls/requireExplicitPolicy5subsubsubCACRL.crl b/BouncyCastle/crypto/test/data/PKITS/crls/requireExplicitPolicy5subsubsubCACRL.crl new file mode 100644 index 0000000..8a9c8b3 Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/crls/requireExplicitPolicy5subsubsubCACRL.crl differ diff --git a/BouncyCastle/crypto/test/data/PKITS/crls/requireExplicitPolicy7CACRL.crl b/BouncyCastle/crypto/test/data/PKITS/crls/requireExplicitPolicy7CACRL.crl new file mode 100644 index 0000000..43870fb Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/crls/requireExplicitPolicy7CACRL.crl differ diff --git a/BouncyCastle/crypto/test/data/PKITS/crls/requireExplicitPolicy7subCARE2CRL.crl b/BouncyCastle/crypto/test/data/PKITS/crls/requireExplicitPolicy7subCARE2CRL.crl new file mode 100644 index 0000000..48c70c0 Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/crls/requireExplicitPolicy7subCARE2CRL.crl differ diff --git a/BouncyCastle/crypto/test/data/PKITS/crls/requireExplicitPolicy7subsubCARE2RE4CRL.crl b/BouncyCastle/crypto/test/data/PKITS/crls/requireExplicitPolicy7subsubCARE2RE4CRL.crl new file mode 100644 index 0000000..3808af6 Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/crls/requireExplicitPolicy7subsubCARE2RE4CRL.crl differ diff --git a/BouncyCastle/crypto/test/data/PKITS/crls/requireExplicitPolicy7subsubsubCARE2RE4CRL.crl b/BouncyCastle/crypto/test/data/PKITS/crls/requireExplicitPolicy7subsubsubCARE2RE4CRL.crl new file mode 100644 index 0000000..4ed5b0a Binary files /dev/null and b/BouncyCastle/crypto/test/data/PKITS/crls/requireExplicitPolicy7subsubsubCARE2RE4CRL.crl differ diff --git a/BouncyCastle/crypto/test/data/ThawteSGCCA.cer b/BouncyCastle/crypto/test/data/ThawteSGCCA.cer new file mode 100644 index 0000000..14dfab3 Binary files /dev/null and b/BouncyCastle/crypto/test/data/ThawteSGCCA.cer differ diff --git a/BouncyCastle/crypto/test/data/ThawteSGCCA.crl b/BouncyCastle/crypto/test/data/ThawteSGCCA.crl new file mode 100644 index 0000000..0662826 Binary files /dev/null and b/BouncyCastle/crypto/test/data/ThawteSGCCA.crl differ diff --git a/BouncyCastle/crypto/test/data/asn1/masterlist-content.data b/BouncyCastle/crypto/test/data/asn1/masterlist-content.data new file mode 100644 index 0000000..d462f0d Binary files /dev/null and b/BouncyCastle/crypto/test/data/asn1/masterlist-content.data differ diff --git a/BouncyCastle/crypto/test/data/cert_chain.data b/BouncyCastle/crypto/test/data/cert_chain.data new file mode 100644 index 0000000..00b56dd --- /dev/null +++ b/BouncyCastle/crypto/test/data/cert_chain.data @@ -0,0 +1,60 @@ +-----BEGIN CERTIFICATE----- +MIIE+TCCAuGgAwIBAgIVAIb1Te5/365tZJu71WN94Kh2FpSoMA0GCSqGSIb3DQEB +DQUAMBUxEzARBgNVBAsTClJvb3QgVEUgQ0EwHhcNMTUwNzAyMTU1MDA4WhcNMzUw +NzA3MTU1MDA4WjAvMRQwEgYDVQQDEwsxMC4yMTEuNTUuMzEXMBUGA1UECxMOVEUg +Uk1JIEhvc3QgQ0EwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQCU85zq +Kwn80yW/QZjafyTnDiaPOr8X5u8OwTe+dbQPK2xSdT7d6FqEM8rmY9njGhue5XLH +xKcUweVMt6E9h581qMrf39sldWMyoHxZiquPfs0t3zfMa3hYF5AONH5I3zdTZQj4 ++5SD0mJugeM7YQ6eRs8qBdKLN/FwRWRAWQwDe3gF1gW5mgXfuo4Z3ufVscbJziJr +L9gnYaqCfmI8MaDWeDNkB9biTYPXGh0oacUSpWUHyyrTlzodaKhd+m5FAgDUFlV4 +I9iv7YO4DT9sJmxmNFMrTN+c5HZjl1QL9J74HED1B1emWvxOAQvMuSfnBkR8G70E +D9qd1YnrEmM84FRrYgGtC2POJGnE25Fpvb/DZOuZXpFFTvQ5yuTJqcWLEgPZu45P +2Wigpf1j523dkA15kwhY8+r58HTCULAsqfHedrFz1YXF8BXzecH7SzpXH2hlA36m +oEGjFXrqAQe9YfLGLRnUrNgC12DWX2UzTqMuM5Q8Byj8SIE2oBkKXb5aW1zXkkJX +U2pzzIglljQB8kjpkw4zTzZpEeoJwAMAQ4K73TkkV9YQOEdVJvqWYz5gWQI17qbm +2gwrkYtA50+vhuO0wrIi9cJMZBOm46owBVDcMdDePgC5SURvnNjH+j1sx23IINXV +ipViuv9t+YLNqO+8cPaAz225Yg7snCBnOO3RGwIDAQABoyYwJDAOBgNVHQ8BAf8E +BAMCAYYwEgYDVR0TAQH/BAgwBgEB/wIBATANBgkqhkiG9w0BAQ0FAAOCAgEALWmm +s3Z8cqtzpDJFZAsceNfnhgcYl1xkWbisoMe4K7hXTcp7EKlH2gsVl3YgATR5wWBw +YlMc0rOqwIVdz5a5bY0QYrioxe1KyXZyhp4R/NvDMKQZ/p/wREI4smiAnEDwIN2R +MS42SuKl2nIytJ4mIEAcNipGpk5sHQZqhQyipZ2hN3bEdZAGLH2/PpdaihHc0Jfj +lBRpL1ewwORVbx9Jy6IvZoFfuzj5egalAp+VZlrXU3pBv0a+Zovo/7Q+M5tjBuIg +MLr0R7n0J3FKIHxCwt1CHWTQ8R/QsLzhJDa1kf+SLTztHrUXqGJ/YAfpWDJh9pb2 +boGf7RBT0lFJhFOBpv2cEqTYP+1jWtlwGmUnfHI9bMCwO6B29bk4Xdlh57yGV6RF +3VZ8dlN6ZBUc45vMYcWr1tLTRUzgArztMlEbloRb7n4x/UJpPV8zjracc8PyB/tl +tlI2DZP/f+Gf0/Vv0M+tMu6DHjz1lSR+VNRadZ5yDRNPBh24qpPNSJ15HD26IwX+ +UQ44zVBtDxL0Y6ZMjhdSznz67eoymxYdlNHTYvw/zrg/+txje4M08i5PFFsSYN/m +cEV5nSgJl14AEaXe+pS0hZgvDoLXMrqgruvCp06tO3LwNkDH3oGJOGP19jNCWGyd +z7eQbiXNsCJGoeLKhxLj9IsVWyrLCCNZpojJdj0= +-----END CERTIFICATE----- + +-----BEGIN CERTIFICATE----- +MIIEyzCCArOgAwIBAgIBATANBgkqhkiG9w0BAQ0FADAVMRMwEQYDVQQLEwpSb290 +IFRFIENBMB4XDTE1MDcwMTE1NTAwOFoXDTM1MDcwODE1NTAwOFowFTETMBEGA1UE +CxMKUm9vdCBURSBDQTCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAIim +2EeomY2b5zVgomN5EheGud1NfPbaH5h5MOrsu8c0JyaUIn3gBtJazuD4x2EJNObA +NMigdJebc+yKP3fL8Z0fcj2JOwlrNS8ZcGWRucytYHr0ZEC1ZrkE2AysoXX8inw5 +ABnWzdXAW0WBfa5r1UQvZtU3oldk0UutvJ2Gc4mKhQRVsSf1QxDyZMkso/9DWJG/ +0aDLx7dAdosP7FNICpvJZp7mUoWgNvEBMXlirM0VOmoSaGmy7C75g+GhybpmBT9d +UtDceWzBqH5nfR3vIIthbjdzX8szCtb307RN273zYE1n6RTPNdM54LGO4L6E6R2N +3FMJS8H8zn5HnwjgDlKGG8OzFsmK3o+HvpEDc4p++bgm3Gc9gxjb971qOjlPQieD +3jpmpSMPwg8qMuge16vbSwOOEru8vfi8c1Y9VJEZnD7rRxyDffyd9AZPnB+8sDND +ZZv0Z4vsocSLsJjyqjRhDijbHQx6d5W6y/9ATyIz+sgg7r9B3d4IduxPRCNm7+T7 +9dg9NokwUJwfJrKTXDC/OofBzsGYo9TTmIdjbe01ZD9va1U2VVm87N4+J+xDdsod +0eyp9CJ4z3ivm7NSplt56jYtkZ4J+kFzAIjU13zKxLVGqb0GTjISi1gwa5v5JGRX +RTz7zEv4FDJj5A9XuxDkAVNxeEn5cBqS2xDZQTpDAgMBAAGjJjAkMA4GA1UdDwEB +/wQEAwIBhjASBgNVHRMBAf8ECDAGAQH/AgECMA0GCSqGSIb3DQEBDQUAA4ICAQB/ +S9WHn3nBNl/PkRObDWIYutOI89IQQf9A7CRU2ndZH60Xy+eM59/CXbjU4vG2e9e6 +JcgrtSr6W+v+GLHCoVxOTI7IxM1+gjjLoHFfHNg97bXWRuHPLMSthTmSmiGC2q1r +fJ/cTfs2/+cJ8gzm2CZ0hKs3GrSxQezKZ+ZJBSC1wff8VT+8giALd76I7kvywC+u +4TnsoOzUCAC3mCR+laoIs8kmW+TBnZfgrskr0TjPdu5zCfZmK/SJSa8hOewYvrSc +mUmTQeAhR4NroT9fLrKlsQglIgckhp1KgUedcJp8HmWQcaRSWsAvy9WeQaftv9TQ +lWjEEjgdDwZ21qfl+o3wPAavC3il8pW8r8QWS5iFdzCpljYL3yfB5qbdhHfsEWD+ +oNWE4LCu+tq1PqgTNeSi1ff5RJCk3+sRJXDDK2Z6pCLhzUlmLSWlA1PmL3qLb3EM +dXdPmpsuevs3MFIxfUOiZ65BeKLCKjY87fr/Z4a3cwu9AZebv9K4/Nt07EOhbTCv +uAH7JcHDmRENPxUxrHIb/WIDhnPYUES+Vxr2oGVwSeNej9+22AGYxTgr7jY9A5Z4 +O+Sqfjbz818LTwYM+BTLGmHzRmgr85ygWpBwj9I2U+uEWKge2OksbCPQD9O3WJ+1 +DX9Bnr69S8ddGJVseNNtYsIvkE80HlyO+BqzASvuXQ== +-----END CERTIFICATE----- + + diff --git a/BouncyCastle/crypto/test/data/cert_chain_nl.data b/BouncyCastle/crypto/test/data/cert_chain_nl.data new file mode 100644 index 0000000..feebf75 --- /dev/null +++ b/BouncyCastle/crypto/test/data/cert_chain_nl.data @@ -0,0 +1,59 @@ +-----BEGIN CERTIFICATE----- +MIIE+TCCAuGgAwIBAgIVAIb1Te5/365tZJu71WN94Kh2FpSoMA0GCSqGSIb3DQEB +DQUAMBUxEzARBgNVBAsTClJvb3QgVEUgQ0EwHhcNMTUwNzAyMTU1MDA4WhcNMzUw +NzA3MTU1MDA4WjAvMRQwEgYDVQQDEwsxMC4yMTEuNTUuMzEXMBUGA1UECxMOVEUg +Uk1JIEhvc3QgQ0EwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQCU85zq +Kwn80yW/QZjafyTnDiaPOr8X5u8OwTe+dbQPK2xSdT7d6FqEM8rmY9njGhue5XLH +xKcUweVMt6E9h581qMrf39sldWMyoHxZiquPfs0t3zfMa3hYF5AONH5I3zdTZQj4 ++5SD0mJugeM7YQ6eRs8qBdKLN/FwRWRAWQwDe3gF1gW5mgXfuo4Z3ufVscbJziJr +L9gnYaqCfmI8MaDWeDNkB9biTYPXGh0oacUSpWUHyyrTlzodaKhd+m5FAgDUFlV4 +I9iv7YO4DT9sJmxmNFMrTN+c5HZjl1QL9J74HED1B1emWvxOAQvMuSfnBkR8G70E +D9qd1YnrEmM84FRrYgGtC2POJGnE25Fpvb/DZOuZXpFFTvQ5yuTJqcWLEgPZu45P +2Wigpf1j523dkA15kwhY8+r58HTCULAsqfHedrFz1YXF8BXzecH7SzpXH2hlA36m +oEGjFXrqAQe9YfLGLRnUrNgC12DWX2UzTqMuM5Q8Byj8SIE2oBkKXb5aW1zXkkJX +U2pzzIglljQB8kjpkw4zTzZpEeoJwAMAQ4K73TkkV9YQOEdVJvqWYz5gWQI17qbm +2gwrkYtA50+vhuO0wrIi9cJMZBOm46owBVDcMdDePgC5SURvnNjH+j1sx23IINXV +ipViuv9t+YLNqO+8cPaAz225Yg7snCBnOO3RGwIDAQABoyYwJDAOBgNVHQ8BAf8E +BAMCAYYwEgYDVR0TAQH/BAgwBgEB/wIBATANBgkqhkiG9w0BAQ0FAAOCAgEALWmm +s3Z8cqtzpDJFZAsceNfnhgcYl1xkWbisoMe4K7hXTcp7EKlH2gsVl3YgATR5wWBw +YlMc0rOqwIVdz5a5bY0QYrioxe1KyXZyhp4R/NvDMKQZ/p/wREI4smiAnEDwIN2R +MS42SuKl2nIytJ4mIEAcNipGpk5sHQZqhQyipZ2hN3bEdZAGLH2/PpdaihHc0Jfj +lBRpL1ewwORVbx9Jy6IvZoFfuzj5egalAp+VZlrXU3pBv0a+Zovo/7Q+M5tjBuIg +MLr0R7n0J3FKIHxCwt1CHWTQ8R/QsLzhJDa1kf+SLTztHrUXqGJ/YAfpWDJh9pb2 +boGf7RBT0lFJhFOBpv2cEqTYP+1jWtlwGmUnfHI9bMCwO6B29bk4Xdlh57yGV6RF +3VZ8dlN6ZBUc45vMYcWr1tLTRUzgArztMlEbloRb7n4x/UJpPV8zjracc8PyB/tl +tlI2DZP/f+Gf0/Vv0M+tMu6DHjz1lSR+VNRadZ5yDRNPBh24qpPNSJ15HD26IwX+ +UQ44zVBtDxL0Y6ZMjhdSznz67eoymxYdlNHTYvw/zrg/+txje4M08i5PFFsSYN/m +cEV5nSgJl14AEaXe+pS0hZgvDoLXMrqgruvCp06tO3LwNkDH3oGJOGP19jNCWGyd +z7eQbiXNsCJGoeLKhxLj9IsVWyrLCCNZpojJdj0= +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIEyzCCArOgAwIBAgIBATANBgkqhkiG9w0BAQ0FADAVMRMwEQYDVQQLEwpSb290 +IFRFIENBMB4XDTE1MDcwMTE1NTAwOFoXDTM1MDcwODE1NTAwOFowFTETMBEGA1UE +CxMKUm9vdCBURSBDQTCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAIim +2EeomY2b5zVgomN5EheGud1NfPbaH5h5MOrsu8c0JyaUIn3gBtJazuD4x2EJNObA +NMigdJebc+yKP3fL8Z0fcj2JOwlrNS8ZcGWRucytYHr0ZEC1ZrkE2AysoXX8inw5 +ABnWzdXAW0WBfa5r1UQvZtU3oldk0UutvJ2Gc4mKhQRVsSf1QxDyZMkso/9DWJG/ +0aDLx7dAdosP7FNICpvJZp7mUoWgNvEBMXlirM0VOmoSaGmy7C75g+GhybpmBT9d +UtDceWzBqH5nfR3vIIthbjdzX8szCtb307RN273zYE1n6RTPNdM54LGO4L6E6R2N +3FMJS8H8zn5HnwjgDlKGG8OzFsmK3o+HvpEDc4p++bgm3Gc9gxjb971qOjlPQieD +3jpmpSMPwg8qMuge16vbSwOOEru8vfi8c1Y9VJEZnD7rRxyDffyd9AZPnB+8sDND +ZZv0Z4vsocSLsJjyqjRhDijbHQx6d5W6y/9ATyIz+sgg7r9B3d4IduxPRCNm7+T7 +9dg9NokwUJwfJrKTXDC/OofBzsGYo9TTmIdjbe01ZD9va1U2VVm87N4+J+xDdsod +0eyp9CJ4z3ivm7NSplt56jYtkZ4J+kFzAIjU13zKxLVGqb0GTjISi1gwa5v5JGRX +RTz7zEv4FDJj5A9XuxDkAVNxeEn5cBqS2xDZQTpDAgMBAAGjJjAkMA4GA1UdDwEB +/wQEAwIBhjASBgNVHRMBAf8ECDAGAQH/AgECMA0GCSqGSIb3DQEBDQUAA4ICAQB/ +S9WHn3nBNl/PkRObDWIYutOI89IQQf9A7CRU2ndZH60Xy+eM59/CXbjU4vG2e9e6 +JcgrtSr6W+v+GLHCoVxOTI7IxM1+gjjLoHFfHNg97bXWRuHPLMSthTmSmiGC2q1r +fJ/cTfs2/+cJ8gzm2CZ0hKs3GrSxQezKZ+ZJBSC1wff8VT+8giALd76I7kvywC+u +4TnsoOzUCAC3mCR+laoIs8kmW+TBnZfgrskr0TjPdu5zCfZmK/SJSa8hOewYvrSc +mUmTQeAhR4NroT9fLrKlsQglIgckhp1KgUedcJp8HmWQcaRSWsAvy9WeQaftv9TQ +lWjEEjgdDwZ21qfl+o3wPAavC3il8pW8r8QWS5iFdzCpljYL3yfB5qbdhHfsEWD+ +oNWE4LCu+tq1PqgTNeSi1ff5RJCk3+sRJXDDK2Z6pCLhzUlmLSWlA1PmL3qLb3EM +dXdPmpsuevs3MFIxfUOiZ65BeKLCKjY87fr/Z4a3cwu9AZebv9K4/Nt07EOhbTCv +uAH7JcHDmRENPxUxrHIb/WIDhnPYUES+Vxr2oGVwSeNej9+22AGYxTgr7jY9A5Z4 +O+Sqfjbz818LTwYM+BTLGmHzRmgr85ygWpBwj9I2U+uEWKge2OksbCPQD9O3WJ+1 +DX9Bnr69S8ddGJVseNNtYsIvkE80HlyO+BqzASvuXQ== +-----END CERTIFICATE----- + + diff --git a/BouncyCastle/crypto/test/data/cms/sigs/PSSSignData.data b/BouncyCastle/crypto/test/data/cms/sigs/PSSSignData.data new file mode 100644 index 0000000..ab51e84 --- /dev/null +++ b/BouncyCastle/crypto/test/data/cms/sigs/PSSSignData.data @@ -0,0 +1 @@ +This is a test message \ No newline at end of file diff --git a/BouncyCastle/crypto/test/data/cms/sigs/PSSSignDataSHA1.sig b/BouncyCastle/crypto/test/data/cms/sigs/PSSSignDataSHA1.sig new file mode 100644 index 0000000..1ecfd01 Binary files /dev/null and b/BouncyCastle/crypto/test/data/cms/sigs/PSSSignDataSHA1.sig differ diff --git a/BouncyCastle/crypto/test/data/cms/sigs/PSSSignDataSHA1Enc.sig b/BouncyCastle/crypto/test/data/cms/sigs/PSSSignDataSHA1Enc.sig new file mode 100644 index 0000000..2f7e7b6 Binary files /dev/null and b/BouncyCastle/crypto/test/data/cms/sigs/PSSSignDataSHA1Enc.sig differ diff --git a/BouncyCastle/crypto/test/data/cms/sigs/PSSSignDataSHA256.sig b/BouncyCastle/crypto/test/data/cms/sigs/PSSSignDataSHA256.sig new file mode 100644 index 0000000..114c592 Binary files /dev/null and b/BouncyCastle/crypto/test/data/cms/sigs/PSSSignDataSHA256.sig differ diff --git a/BouncyCastle/crypto/test/data/cms/sigs/PSSSignDataSHA256Enc.sig b/BouncyCastle/crypto/test/data/cms/sigs/PSSSignDataSHA256Enc.sig new file mode 100644 index 0000000..28bb811 Binary files /dev/null and b/BouncyCastle/crypto/test/data/cms/sigs/PSSSignDataSHA256Enc.sig differ diff --git a/BouncyCastle/crypto/test/data/cms/sigs/PSSSignDataSHA512.sig b/BouncyCastle/crypto/test/data/cms/sigs/PSSSignDataSHA512.sig new file mode 100644 index 0000000..eb3429b Binary files /dev/null and b/BouncyCastle/crypto/test/data/cms/sigs/PSSSignDataSHA512.sig differ diff --git a/BouncyCastle/crypto/test/data/cms/sigs/PSSSignDataSHA512Enc.sig b/BouncyCastle/crypto/test/data/cms/sigs/PSSSignDataSHA512Enc.sig new file mode 100644 index 0000000..91556c6 Binary files /dev/null and b/BouncyCastle/crypto/test/data/cms/sigs/PSSSignDataSHA512Enc.sig differ diff --git a/BouncyCastle/crypto/test/data/cms/sigs/SignedMSPkcs7.sig b/BouncyCastle/crypto/test/data/cms/sigs/SignedMSPkcs7.sig new file mode 100644 index 0000000..df9a09b Binary files /dev/null and b/BouncyCastle/crypto/test/data/cms/sigs/SignedMSPkcs7.sig differ diff --git a/BouncyCastle/crypto/test/data/cms/sigs/counterSig.p7m b/BouncyCastle/crypto/test/data/cms/sigs/counterSig.p7m new file mode 100644 index 0000000..7d82b99 Binary files /dev/null and b/BouncyCastle/crypto/test/data/cms/sigs/counterSig.p7m differ diff --git a/BouncyCastle/crypto/test/data/cms/sigs/rawsha256nonull.p7m b/BouncyCastle/crypto/test/data/cms/sigs/rawsha256nonull.p7m new file mode 100644 index 0000000..5d29760 Binary files /dev/null and b/BouncyCastle/crypto/test/data/cms/sigs/rawsha256nonull.p7m differ diff --git a/BouncyCastle/crypto/test/data/crypto/SHA3TestVectors.txt b/BouncyCastle/crypto/test/data/crypto/SHA3TestVectors.txt new file mode 100644 index 0000000..c6d0efa --- /dev/null +++ b/BouncyCastle/crypto/test/data/crypto/SHA3TestVectors.txt @@ -0,0 +1,837 @@ +# Test vectors for FIPS 202 - SHA-3 Standard: Permutation-Based Hash and Extendable-Output Functions +# +# Downloaded 6th August, 2015 from http://csrc.nist.gov/groups/ST/toolkit/examples.html#aHashing +# +# NOTE: The 1605-bit test vectors were initially wrong. Corrections were published on 14th August, 2015 +# (SHA3-512 corrected on 3rd September, 2015). + +SHA3-224 sample of 0-bit message + +Msg as bit string + #(empty message) + +Hash val is + 6B 4E 03 42 36 67 DB B7 3B 6E 15 45 4F 0E B1 AB + D4 59 7F 9A 1B 07 8E 3F 5B 5A 6B C7 + +SHA3-224 sample of 5-bit message + +Msg as bit string + 1 1 0 0 1 + +Hash val is + FF BA D5 DA 96 BA D7 17 89 33 02 06 DC 67 68 EC + AE B1 B3 2D CA 6B 33 01 48 96 74 AB + +SHA3-224 sample of 30-bit message + +Msg as bit string + 1 1 0 0 1 0 1 0 0 0 0 1 1 0 1 0 1 1 0 1 1 1 1 0 1 0 0 1 1 0 + +Hash val is + D6 66 A5 14 CC 9D BA 25 AC 1B A6 9E D3 93 04 60 + DE AA C9 85 1B 5F 0B AA B0 07 DF 3B + +SHA3-224 sample of 1600-bit message + +Msg as bit string + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + +Hash val is + 93 76 81 6A BA 50 3F 72 F9 6C E7 EB 65 AC 09 5D + EE E3 BE 4B F9 BB C2 A1 CB 7E 11 E0 + +SHA3-224 sample of 1605-bit message + +Msg as bit string + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 + +Hash val is + 22 D2 F7 BB 0B 17 3F D8 C1 96 86 F9 17 31 66 E3 + EE 62 73 80 47 D7 EA DD 69 EF B2 28 + +SHA3-224 sample of 1630-bit message + +Msg as bit string + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 + +Hash val is + 4E 90 7B B1 05 78 61 F2 00 A5 99 E9 D4 F8 5B 02 + D8 84 53 BF 5B 8A CE 9A C5 89 13 4C + +SHA3-256 sample of 0-bit message + +Msg as bit string + #(empty message) + +Hash val is + A7 FF C6 F8 BF 1E D7 66 51 C1 47 56 A0 61 D6 62 + F5 80 FF 4D E4 3B 49 FA 82 D8 0A 4B 80 F8 43 4A + +SHA3-256 sample of 5-bit message + +Msg as bit string + 1 1 0 0 1 + +Hash val is + 7B 00 47 CF 5A 45 68 82 36 3C BF 0F B0 53 22 CF + 65 F4 B7 05 9A 46 36 5E 83 01 32 E3 B5 D9 57 AF + +SHA3-256 sample of 30-bit message + +Msg as bit string + 1 1 0 0 1 0 1 0 0 0 0 1 1 0 1 0 1 1 0 1 1 1 1 0 1 0 0 1 1 0 + +Hash val is + C8 24 2F EF 40 9E 5A E9 D1 F1 C8 57 AE 4D C6 24 + B9 2B 19 80 9F 62 AA 8C 07 41 1C 54 A0 78 B1 D0 + +SHA3-256 sample of 1600-bit message + +Msg as bit string + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + +Hash val is + 79 F3 8A DE C5 C2 03 07 A9 8E F7 6E 83 24 AF BF + D4 6C FD 81 B2 2E 39 73 C6 5F A1 BD 9D E3 17 87 + +SHA3-256 sample of 1605-bit message + +Msg as bit string + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 + +Hash val is + 81 EE 76 9B ED 09 50 86 2B 1D DD ED 2E 84 AA A6 + AB 7B FD D3 CE AA 47 1B E3 11 63 D4 03 36 36 3C + +SHA3-256 sample of 1630-bit message + +Msg as bit string + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 + +Hash val is + 52 86 0A A3 01 21 4C 61 0D 92 2A 6B 6C AB 98 1C + CD 06 01 2E 54 EF 68 9D 74 40 21 E7 38 B9 ED 20 + +SHA3-384 sample of 0-bit message + +Msg as bit string + #(empty message) + +Hash val is + 0C 63 A7 5B 84 5E 4F 7D 01 10 7D 85 2E 4C 24 85 + C5 1A 50 AA AA 94 FC 61 99 5E 71 BB EE 98 3A 2A + C3 71 38 31 26 4A DB 47 FB 6B D1 E0 58 D5 F0 04 + +SHA3-384 sample of 5-bit message + +Msg as bit string + 1 1 0 0 1 + +Hash val is + 73 7C 9B 49 18 85 E9 BF 74 28 E7 92 74 1A 7B F8 + DC A9 65 34 71 C3 E1 48 47 3F 2C 23 6B 6A 0A 64 + 55 EB 1D CE 9F 77 9B 4B 6B 23 7F EF 17 1B 1C 64 + +SHA3-384 sample of 30-bit message + +Msg as bit string + 1 1 0 0 1 0 1 0 0 0 0 1 1 0 1 0 1 1 0 1 1 1 1 0 1 0 0 1 1 0 + +Hash val is + 95 5B 4D D1 BE 03 26 1B D7 6F 80 7A 7E FD 43 24 + 35 C4 17 36 28 11 B8 A5 0C 56 4E 7E E9 58 5E 1A + C7 62 6D DE 2F DC 03 0F 87 61 96 EA 26 7F 08 C3 + +SHA3-384 sample of 1600-bit message + +Msg as bit string + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + +Hash val is + 18 81 DE 2C A7 E4 1E F9 5D C4 73 2B 8F 5F 00 2B + 18 9C C1 E4 2B 74 16 8E D1 73 26 49 CE 1D BC DD + 76 19 7A 31 FD 55 EE 98 9F 2D 70 50 DD 47 3E 8F + +SHA3-384 sample of 1605-bit message + +Msg as bit string + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 + +Hash val is + A3 1F DB D8 D5 76 55 1C 21 FB 11 91 B5 4B DA 65 + B6 C5 FE 97 F0 F4 A6 91 03 42 4B 43 F7 FD B8 35 + 97 9F DB EA E8 B3 FE 16 CB 82 E5 87 38 1E B6 24 + +SHA3-384 sample of 1630-bit message + +Msg as bit string + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 + +Hash val is + 34 85 D3 B2 80 BD 38 4C F4 A7 77 84 4E 94 67 81 + 73 05 5D 1C BC 40 C7 C2 C3 83 3D 9E F1 23 45 17 + 2D 6F CD 31 92 3B B8 79 5A C8 18 47 D3 D8 85 5C + +SHA3-512 sample of 0-bit message + +Msg as bit string + #(empty message) + +Hash val is + A6 9F 73 CC A2 3A 9A C5 C8 B5 67 DC 18 5A 75 6E + 97 C9 82 16 4F E2 58 59 E0 D1 DC C1 47 5C 80 A6 + 15 B2 12 3A F1 F5 F9 4C 11 E3 E9 40 2C 3A C5 58 + F5 00 19 9D 95 B6 D3 E3 01 75 85 86 28 1D CD 26 + +SHA3-512 sample of 5-bit message + +Msg as bit string + 1 1 0 0 1 + +Hash val is + A1 3E 01 49 41 14 C0 98 00 62 2A 70 28 8C 43 21 + 21 CE 70 03 9D 75 3C AD D2 E0 06 E4 D9 61 CB 27 + 54 4C 14 81 E5 81 4B DC EB 53 BE 67 33 D5 E0 99 + 79 5E 5E 81 91 8A DD B0 58 E2 2A 9F 24 88 3F 37 + +SHA3-512 sample of 30-bit message + +Msg as bit string + 1 1 0 0 1 0 1 0 0 0 0 1 1 0 1 0 1 1 0 1 1 1 1 0 1 0 0 1 1 0 + +Hash val is + 98 34 C0 5A 11 E1 C5 D3 DA 9C 74 0E 1C 10 6D 9E + 59 0A 0E 53 0B 6F 6A AA 78 30 52 5D 07 5C A5 DB + 1B D8 A6 AA 98 1A 28 61 3A C3 34 93 4A 01 82 3C + D4 5F 45 E4 9B 6D 7E 69 17 F2 F1 67 78 06 7B AB + +SHA3-512 sample of 1600-bit message + +Msg as bit string + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + +Hash val is + E7 6D FA D2 20 84 A8 B1 46 7F CF 2F FA 58 36 1B + EC 76 28 ED F5 F3 FD C0 E4 80 5D C4 8C AE EC A8 + 1B 7C 13 C3 0A DF 52 A3 65 95 84 73 9A 2D F4 6B + E5 89 C5 1C A1 A4 A8 41 6D F6 54 5A 1C E8 BA 00 + +SHA3-512 sample of 1605-bit message + +Msg as bit string + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 + +Hash val is + FC 4A 16 7C CB 31 A9 37 D6 98 FD E8 2B 04 34 8C + 95 39 B2 8F 0C 9D 3B 45 05 70 9C 03 81 23 50 E4 + 99 0E 96 22 97 4F 6E 57 5C 47 86 1C 0D 2E 63 8C + CF C2 02 3C 36 5B B6 0A 93 F5 28 55 06 98 78 6B + +SHA3-512 sample of 1630-bit message + +Msg as bit string + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 + +Hash val is + CF 9A 30 AC 1F 1F 6A C0 91 6F 9F EF 19 19 C5 95 + DE BE 2E E8 0C 85 42 12 10 FD F0 5F 1C 6A F7 3A + A9 CA C8 81 D0 F9 1D B6 D0 34 A2 BB AD C1 CF 7F + BC B2 EC FA 9D 19 1D 3A 50 16 FB 3F AD 87 09 C9 + diff --git a/BouncyCastle/crypto/test/data/crypto/SHAKETestVectors.txt b/BouncyCastle/crypto/test/data/crypto/SHAKETestVectors.txt new file mode 100644 index 0000000..b5c9be3 --- /dev/null +++ b/BouncyCastle/crypto/test/data/crypto/SHAKETestVectors.txt @@ -0,0 +1,770 @@ +# Test vectors for FIPS 202 - SHA-3 Standard: Permutation-Based Hash and Extendable-Output Functions +# +# Downloaded 6th August, 2015 from http://csrc.nist.gov/groups/ST/toolkit/examples.html#aHashing + +SHAKE-128 sample of 0-bit message + +Msg as bit string + #(empty message) + +Output val is + 7F 9C 2B A4 E8 8F 82 7D 61 60 45 50 76 05 85 3E + D7 3B 80 93 F6 EF BC 88 EB 1A 6E AC FA 66 EF 26 + 3C B1 EE A9 88 00 4B 93 10 3C FB 0A EE FD 2A 68 + 6E 01 FA 4A 58 E8 A3 63 9C A8 A1 E3 F9 AE 57 E2 + 35 B8 CC 87 3C 23 DC 62 B8 D2 60 16 9A FA 2F 75 + AB 91 6A 58 D9 74 91 88 35 D2 5E 6A 43 50 85 B2 + BA DF D6 DF AA C3 59 A5 EF BB 7B CC 4B 59 D5 38 + DF 9A 04 30 2E 10 C8 BC 1C BF 1A 0B 3A 51 20 EA + 17 CD A7 CF AD 76 5F 56 23 47 4D 36 8C CC A8 AF + 00 07 CD 9F 5E 4C 84 9F 16 7A 58 0B 14 AA BD EF + AE E7 EE F4 7C B0 FC A9 76 7B E1 FD A6 94 19 DF + B9 27 E9 DF 07 34 8B 19 66 91 AB AE B5 80 B3 2D + EF 58 53 8B 8D 23 F8 77 32 EA 63 B0 2B 4F A0 F4 + 87 33 60 E2 84 19 28 CD 60 DD 4C EE 8C C0 D4 C9 + 22 A9 61 88 D0 32 67 5C 8A C8 50 93 3C 7A FF 15 + 33 B9 4C 83 4A DB B6 9C 61 15 BA D4 69 2D 86 19 + F9 0B 0C DF 8A 7B 9C 26 40 29 AC 18 5B 70 B8 3F + 28 01 F2 F4 B3 F7 0C 59 3E A3 AE EB 61 3A 7F 1B + 1D E3 3F D7 50 81 F5 92 30 5F 2E 45 26 ED C0 96 + 31 B1 09 58 F4 64 D8 89 F3 1B A0 10 25 0F DA 7F + 13 68 EC 29 67 FC 84 EF 2A E9 AF F2 68 E0 B1 70 + 0A FF C6 82 0B 52 3A 3D 91 71 35 F2 DF F2 EE 06 + BF E7 2B 31 24 72 1D 4A 26 C0 4E 53 A7 5E 30 E7 + 3A 7A 9C 4A 95 D9 1C 55 D4 95 E9 F5 1D D0 B5 E9 + D8 3C 6D 5E 8C E8 03 AA 62 B8 D6 54 DB 53 D0 9B + 8D CF F2 73 CD FE B5 73 FA D8 BC D4 55 78 BE C2 + E7 70 D0 1E FD E8 6E 72 1A 3F 7C 6C CE 27 5D AB + E6 E2 14 3F 1A F1 8D A7 EF DD C4 C7 B7 0B 5E 34 + 5D B9 3C C9 36 BE A3 23 49 1C CB 38 A3 88 F5 46 + A9 FF 00 DD 4E 13 00 B9 B2 15 3D 20 41 D2 05 B4 + 43 E4 1B 45 A6 53 F2 A5 C4 49 2C 1A DD 54 45 12 + DD A2 52 98 33 46 2B 71 A4 1A 45 BE 97 29 0B 6F + +SHAKE-128 sample of 5-bit message + +Msg as bit string + 1 1 0 0 1 + +Output val is + 2E 0A BF BA 83 E6 72 0B FB C2 25 FF 6B 7A B9 FF + CE 58 BA 02 7E E3 D8 98 76 4F EF 28 7D DE CC CA + 3E 6E 59 98 41 1E 7D DB 32 F6 75 38 F5 00 B1 8C + 8C 97 C4 52 C3 70 EA 2C F0 AF CA 3E 05 DE 7E 4D + E2 7F A4 41 A9 CB 34 FD 17 C9 78 B4 2D 5B 7E 7F + 9A B1 8F FE FF C3 C5 AC 2F 3A 45 5E EB FD C7 6C + EA EB 0A 2C CA 22 EE F6 E6 37 F4 CA BE 5C 51 DE + D2 E3 FA D8 B9 52 70 A3 21 84 56 64 F1 07 D1 64 + 96 BB 7A BF BE 75 04 B6 ED E2 E8 9E 4B 99 6F B5 + 8E FD C4 18 1F 91 63 38 1C BE 7B C0 06 A7 A2 05 + 98 9C 52 6C D1 BD 68 98 36 93 B4 BD C5 37 28 B2 + 41 C1 CF F4 2B B6 11 50 2C 35 20 5C AB B2 88 75 + 56 55 D6 20 C6 79 94 F0 64 51 18 7F 6F D1 7E 04 + 66 82 BA 12 86 06 3F F8 8F E2 50 8D 1F CA F9 03 + 5A 12 31 AD 41 50 A9 C9 B2 4C 9B 2D 66 B2 AD 1B + DE 0B D0 BB CB 8B E0 5B 83 52 29 EF 79 19 73 73 + 23 42 44 01 E1 D8 37 B6 6E B4 E6 30 FF 1D E7 0C + B3 17 C2 BA CB 08 00 1D 34 77 B7 A7 0A 57 6D 20 + 86 90 33 58 9D 85 A0 1D DB 2B 66 46 C0 43 B5 9F + C0 11 31 1D A6 66 FA 5A D1 D6 38 7F A9 BC 40 15 + A3 8A 51 D1 DA 1E A6 1D 64 8D C8 E3 9A 88 B9 D6 + 22 BD E2 07 FD AB C6 F2 82 7A 88 0C 33 0B BF 6D + F7 33 77 4B 65 3E 57 30 5D 78 DC E1 12 F1 0A 2C + 71 F4 CD AD 92 ED 11 3E 1C EA 63 B9 19 25 ED 28 + 19 1E 6D BB B5 AA 5A 2A FD A5 1F C0 5A 3A F5 25 + 8B 87 66 52 43 55 0F 28 94 8A E2 B8 BE B6 BC 9C + 77 0B 35 F0 67 EA A6 41 EF E6 5B 1A 44 90 9D 1B + 14 9F 97 EE A6 01 39 1C 60 9E C8 1D 19 30 F5 7C + 18 A4 E0 FA B4 91 D1 CA DF D5 04 83 44 9E DC 0F + 07 FF B2 4D 2C 6F 9A 9A 3B FF 39 AE 3D 57 F5 60 + 65 4D 7D 75 C9 08 AB E6 25 64 75 3E AC 39 D7 50 + 3D A6 D3 7C 2E 32 E1 AF 3B 8A EC 8A E3 06 9C D9 + +SHAKE-128 sample of 30-bit message + +Msg as bit string + 1 1 0 0 1 0 1 0 0 0 0 1 1 0 1 0 1 1 0 1 1 1 1 0 1 0 0 1 1 0 + +Output val is + 6D 5D 39 C5 5F 3C CA 56 7F EA F4 22 DC 64 BA 17 + 40 1D 07 75 6D 78 B0 FA 3D 54 6D 66 AF C2 76 71 + E0 01 06 85 FC 69 A7 EC 3C 53 67 B8 FA 5F DA 39 + D5 7C E5 3F 15 3F A4 03 1D 27 72 06 77 0A EC 6B + 2D DF 16 AE FA B6 69 11 0D 6E 4A 29 6A 14 FB 14 + 86 B0 84 6B 69 05 43 E4 05 7F 7F 42 AA 8C 0E 6A + 5A 56 B6 0B 68 8D 55 A1 96 DF 6F 39 76 E3 06 88 + CB B6 AF D4 85 25 D7 64 90 35 7F 3F D8 97 BA FC + 87 36 D9 07 B9 BA C8 16 59 1F C2 4E 79 36 0B E3 + A7 FF A6 29 82 C4 5A BB 0E 58 4C 07 EC 93 A1 95 + 30 50 9D 9F 81 62 15 D7 27 7B B9 99 43 7C 82 14 + 50 F0 75 92 81 CD 8E 16 A3 48 3E 3C C7 52 09 1B + 7A AE 92 90 9D 2F 50 1E F7 DC E9 89 75 98 91 B3 + 37 7C EA B4 93 FF E4 96 01 0A 0C 7E 51 95 99 94 + F5 6F 56 5E 63 3A F6 09 3A C6 E1 E0 F0 04 88 71 + EC 47 78 F4 8E F8 BD 5B CB 80 EA 7D F9 FF 47 11 + C8 1E 24 C0 22 1C 2A D9 74 4F BA 79 35 EA EC A1 + 14 22 4F D1 08 EF C5 AC 74 C6 62 52 08 92 75 B4 + 27 76 73 70 8C 4A F9 2F 88 13 B1 93 59 9F D6 4B + D7 48 4F 2E 5E C3 69 E3 64 64 99 76 8E 58 1D D0 + 53 AA 48 14 D8 BF 1A CF F5 FD 77 45 19 A7 49 BE + 66 75 47 41 EB C5 36 22 12 A9 FE A8 A8 14 E9 E0 + 10 BC 27 20 B3 B7 D9 4F AB 74 BC 7F 92 3E 10 72 + B8 A5 DD DD A8 3B A0 15 7D 8C BA 55 C1 92 DF 69 + 65 CB 7D BA 46 A3 34 0D F8 C3 FA 89 C7 C4 DB 53 + 9D 38 DC 40 6F 1D 2C F5 4E 59 05 58 0B 44 04 BF + D7 B3 71 95 61 C5 A5 9D 5D FD B1 BF 93 DF 13 82 + 52 25 ED CC E0 FA 7D 87 EF CD 23 9F EB 49 FC 9E + 2D E9 D8 28 FE EB 1F 2C F5 79 B9 5D D0 50 AB 2C + A4 71 05 A8 D3 0F 3F D2 A1 15 4C 15 F8 7F B3 7B + 2C 71 56 BD 7F 3C F2 B7 45 C9 12 A4 0B C1 B5 59 + B6 56 E3 E9 03 CC 57 33 E8 6B A1 5D FE F7 06 78 + +SHAKE-128 sample of 1600-bit message + +Msg as bit string + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + +Output val is + 13 1A B8 D2 B5 94 94 6B 9C 81 33 3F 9B B6 E0 CE + 75 C3 B9 31 04 FA 34 69 D3 91 74 57 38 5D A0 37 + CF 23 2E F7 16 4A 6D 1E B4 48 C8 90 81 86 AD 85 + 2D 3F 85 A5 CF 28 DA 1A B6 FE 34 38 17 19 78 46 + 7F 1C 05 D5 8C 7E F3 8C 28 4C 41 F6 C2 22 1A 76 + F1 2A B1 C0 40 82 66 02 50 80 22 94 FB 87 18 02 + 13 FD EF 5B 0E CB 7D F5 0C A1 F8 55 5B E1 4D 32 + E1 0F 6E DC DE 89 2C 09 42 4B 29 F5 97 AF C2 70 + C9 04 55 6B FC B4 7A 7D 40 77 8D 39 09 23 64 2B + 3C BD 05 79 E6 09 08 D5 A0 00 C1 D0 8B 98 EF 93 + 3F 80 64 45 BF 87 F8 B0 09 BA 9E 94 F7 26 61 22 + ED 7A C2 4E 5E 26 6C 42 A8 2F A1 BB EF B7 B8 DB + 00 66 E1 6A 85 E0 49 3F 07 DF 48 09 AE C0 84 A5 + 93 74 8A C3 DD E5 A6 D7 AA E1 E8 B6 E5 35 2B 2D + 71 EF BB 47 D4 CA EE D5 E6 D6 33 80 5D 2D 32 3E + 6F D8 1B 46 84 B9 3A 26 77 D4 5E 74 21 C2 C6 AE + A2 59 B8 55 A6 98 FD 7D 13 47 7A 1F E5 3E 5A 4A + 61 97 DB EC 5C E9 5F 50 5B 52 0B CD 95 70 C4 A8 + 26 5A 7E 01 F8 9C 0C 00 2C 59 BF EC 6C D4 A5 C1 + 09 25 89 53 EE 5E E7 0C D5 77 EE 21 7A F2 1F A7 + 01 78 F0 94 6C 9B F6 CA 87 51 79 34 79 F6 B5 37 + 73 7E 40 B6 ED 28 51 1D 8A 2D 7E 73 EB 75 F8 DA + AC 91 2F F9 06 E0 AB 95 5B 08 3B AC 45 A8 E5 E9 + B7 44 C8 50 6F 37 E9 B4 E7 49 A1 84 B3 0F 43 EB + 18 8D 85 5F 1B 70 D7 1F F3 E5 0C 53 7A C1 B0 F8 + 97 4F 0F E1 A6 AD 29 5B A4 2F 6A EC 74 D1 23 A7 + AB ED DE 6E 2C 07 11 CA B3 6B E5 AC B1 A5 A1 1A + 4B 1D B0 8B A6 98 2E FC CD 71 69 29 A7 74 1C FC + 63 AA 44 35 E0 B6 9A 90 63 E8 80 79 5C 3D C5 EF + 32 72 E1 1C 49 7A 91 AC F6 99 FE FE E2 06 22 7A + 44 C9 FB 35 9F D5 6A C0 A9 A7 5A 74 3C FF 68 62 + F1 7D 72 59 AB 07 52 16 C0 69 95 11 64 3B 64 39 + +SHAKE-128 sample of 1605-bit message + +Msg as bit string + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 + +Output val is + 4A C3 8E BD 16 78 B4 A4 52 79 2C 56 73 F9 77 7D + 36 B5 54 51 AA AE 24 24 92 49 42 D3 18 A2 F6 F5 + 1B BC 83 7D CC 70 22 C5 40 3B 69 D2 9A C9 9A 74 + 5F 06 D0 6F 2A 41 B0 CC 24 3C D2 70 FA 44 D4 30 + 65 AF 00 D2 AD 35 8B D5 A5 D0 6D 33 1B C2 30 CD + 8D DA 46 55 62 8F 91 02 71 1A DA FB 76 36 C1 60 + B2 D2 5E C6 23 5A 2F E0 F3 73 94 D8 7F C5 FF D7 + DB F1 99 3E 55 8A EB EA 6C 61 E9 07 18 8C 61 F5 + FC DE 27 8E 26 4F 95 8F FD 7B 33 82 DC 10 13 9B + 62 5E 12 41 AB 5B BC 2A 1F BC AC 31 A3 35 CF C7 + B2 0E 42 77 12 24 6C BB 55 23 22 59 A7 EF 16 02 + BD 56 F6 56 7D 66 94 2D 4A 71 49 F4 22 22 10 B0 + 74 EA 54 15 4B 38 E8 FD FA 0D CF 4F A3 EC D2 15 + 4E 83 18 A6 57 8B 53 5D BC FC 21 7A 3C AB 52 53 + 29 65 84 6F 89 78 14 57 02 55 63 E2 DC 15 CC 3A + F9 02 BA 2A D2 80 FF BB BF A4 C5 2B 60 FA 41 BA + C2 1F 4A B2 35 36 26 81 19 FC 98 CD 98 2D A5 CD + 5D A2 1E 1B 56 92 D4 71 05 DE 9F 1E 01 32 C6 FE + 31 5D 67 FA 46 49 97 C2 AB 55 33 C7 9F 98 E6 E6 + 4F F8 08 02 A7 FE 96 CA 04 A8 1F 88 55 27 37 0A + 22 06 B1 0B 39 36 DD 81 B8 24 63 53 F4 CD 90 51 + 10 89 26 8D 74 4F 21 0A C6 89 D4 9D 28 75 05 4A + 72 7B 60 4D 13 D2 69 B3 71 90 D4 27 C7 D1 5C CC + DC D7 87 0E 0B 8A DB EB 97 71 11 A9 BC F7 78 1A + 16 13 56 A5 94 1C 79 99 07 EF 9D 3B 1A 44 1F 09 + 51 5F 28 31 C4 FA FD E3 DC 7C 1E 9B 5A A5 7D 3E + 83 CD 67 34 DA 3D 8B 9E F3 FC 44 88 05 EA 29 C9 + 9C BA 6B 35 2B CA BE 2F D9 70 AE 95 80 D2 BF 25 + 15 2B 96 0E 6B 80 6D 87 D7 D0 60 8B 24 7F 61 08 + 9E 29 86 92 C2 7F 19 C5 2D 03 EB E3 95 A3 68 06 + AD 54 0B EC 2D 04 6C 18 E3 55 FA F8 31 3D 2E F8 + 99 5E E6 AA E4 25 68 F3 14 93 3E 3A 21 E5 BE 40 + +SHAKE-128 sample of 1630-bit message + +Msg as bit string + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 + +Output val is + 89 84 6D C7 76 AC 0F 01 45 72 EA 79 F5 60 77 34 + 51 00 29 38 24 8E 68 82 56 9A C3 2A EA B1 91 FC + AC DE 68 EB 07 55 75 39 C4 84 5F B4 44 10 8E 6E + 05 45 E7 31 FC CA 2D 4F 67 A3 BF D4 1C FF 3E AF + 35 EE FB 53 44 11 77 96 5B B5 16 95 0C F5 DC B2 + AA FC BB C6 30 0E 8E EF D9 BC D0 E5 F3 2D 1A 4E + 87 2E 0F 1D BD 8F 8E 00 CB B8 78 69 8C 58 83 E3 + CA 18 4B 94 90 38 9E 46 00 2C 08 A0 B1 6B 05 A3 + 6B 2C B5 A1 CA E0 8E 11 AD 97 2F D2 4A F7 01 01 + CE 47 46 C8 4F 16 71 87 7F 0D F6 C4 15 D1 67 0F + F4 0B 8D DE DD 89 CC 3E 65 6D B9 05 80 49 D6 09 + B6 78 4C C9 D0 5E 60 CC 6A C9 C8 19 49 93 BA 29 + 15 8F D4 DB 8C F2 25 E9 57 4F 18 A7 7F 66 EC 10 + 52 BF 17 99 3B DA 20 6A 17 73 7D 78 5B D4 C1 8C + EE 4C 76 AA 57 35 A5 22 3F 3C 55 E7 9D AE C1 3D + 4B F6 0F 15 62 E0 AD 0F A3 B5 58 EC CF A8 AB 3E + EF 61 47 4D 57 6E 8C AF 4C 11 E4 DE 5C CB 36 D7 + DF 7D 89 2C 1F CA 20 17 BE 8B BD A5 A4 71 95 44 + 8C C6 7A 07 8E 62 8A 2E F7 63 FF E1 DC 9D 9D 6F + F7 8E 68 96 1C 33 FF D9 00 0C 11 DE E7 F7 40 8D + 8D A5 C6 05 B0 B4 D5 6B B5 5E 93 64 C7 7B FA D9 + C8 19 1E D6 E1 FE 7B 7A 93 7C 6D 07 09 5F E5 EA + 91 A7 00 B4 BD FC 17 B4 28 D0 36 92 2A A8 AB 5E + 2C D5 85 84 6F B8 1F C6 93 B8 D5 9B F8 5C 74 BC + 70 0C D2 BC 3E 6A AB 43 7D 93 D8 A3 0F 1C F6 92 + EF EF 43 60 20 28 E0 CE 57 42 EB 3F 4F 4D 5B 02 + 91 58 DD 68 96 AC B5 E3 A7 F6 84 D9 AA 89 14 E7 + 09 74 B2 23 A6 FE C3 8D 76 C7 47 3E 86 E4 B9 B3 + 2C 62 1E 20 15 C5 5E 94 7D D0 16 C6 75 C8 23 68 + CE 26 FB 45 6A 5B 65 88 1A F5 13 BF DC 88 68 7C + 63 81 67 6A BB D2 D9 10 4E D2 3A 9E 89 31 02 46 + B0 26 CE DD 57 59 5B 1A B6 FE 88 A7 84 BE 0C 06 + +SHAKE-256 sample of 0-bit message + +Msg as bit string + #(empty message) + +Output val is + 46 B9 DD 2B 0B A8 8D 13 23 3B 3F EB 74 3E EB 24 + 3F CD 52 EA 62 B8 1B 82 B5 0C 27 64 6E D5 76 2F + D7 5D C4 DD D8 C0 F2 00 CB 05 01 9D 67 B5 92 F6 + FC 82 1C 49 47 9A B4 86 40 29 2E AC B3 B7 C4 BE + 14 1E 96 61 6F B1 39 57 69 2C C7 ED D0 B4 5A E3 + DC 07 22 3C 8E 92 93 7B EF 84 BC 0E AB 86 28 53 + 34 9E C7 55 46 F5 8F B7 C2 77 5C 38 46 2C 50 10 + D8 46 C1 85 C1 51 11 E5 95 52 2A 6B CD 16 CF 86 + F3 D1 22 10 9E 3B 1F DD 94 3B 6A EC 46 8A 2D 62 + 1A 7C 06 C6 A9 57 C6 2B 54 DA FC 3B E8 75 67 D6 + 77 23 13 95 F6 14 72 93 B6 8C EA B7 A9 E0 C5 8D + 86 4E 8E FD E4 E1 B9 A4 6C BE 85 47 13 67 2F 5C + AA AE 31 4E D9 08 3D AB 4B 09 9F 8E 30 0F 01 B8 + 65 0F 1F 4B 1D 8F CF 3F 3C B5 3F B8 E9 EB 2E A2 + 03 BD C9 70 F5 0A E5 54 28 A9 1F 7F 53 AC 26 6B + 28 41 9C 37 78 A1 5F D2 48 D3 39 ED E7 85 FB 7F + 5A 1A AA 96 D3 13 EA CC 89 09 36 C1 73 CD CD 0F + AB 88 2C 45 75 5F EB 3A ED 96 D4 77 FF 96 39 0B + F9 A6 6D 13 68 B2 08 E2 1F 7C 10 D0 4A 3D BD 4E + 36 06 33 E5 DB 4B 60 26 01 C1 4C EA 73 7D B3 DC + F7 22 63 2C C7 78 51 CB DD E2 AA F0 A3 3A 07 B3 + 73 44 5D F4 90 CC 8F C1 E4 16 0F F1 18 37 8F 11 + F0 47 7D E0 55 A8 1A 9E DA 57 A4 A2 CF B0 C8 39 + 29 D3 10 91 2F 72 9E C6 CF A3 6C 6A C6 A7 58 37 + 14 30 45 D7 91 CC 85 EF F5 B2 19 32 F2 38 61 BC + F2 3A 52 B5 DA 67 EA F7 BA AE 0F 5F B1 36 9D B7 + 8F 3A C4 5F 8C 4A C5 67 1D 85 73 5C DD DB 09 D2 + B1 E3 4A 1F C0 66 FF 4A 16 2C B2 63 D6 54 12 74 + AE 2F CC 86 5F 61 8A BE 27 C1 24 CD 8B 07 4C CD + 51 63 01 B9 18 75 82 4D 09 95 8F 34 1E F2 74 BD + AB 0B AE 31 63 39 89 43 04 E3 58 77 B0 C2 8A 9B + 1F D1 66 C7 96 B9 CC 25 8A 06 4A 8F 57 E2 7F 2A + +SHAKE-256 sample of 5-bit message + +Msg as bit string + 1 1 0 0 1 + +Output val is + 48 A5 C1 1A BA EE FF 09 2F 36 46 EF 0D 6B 3D 3F + F7 6C 2F 55 F9 C7 32 AC 64 70 C0 37 64 00 82 12 + E2 1B 14 67 77 8B 18 19 89 F8 88 58 21 1B 45 DF + 87 99 CF 96 1F 80 0D FA C9 9E 64 40 39 E2 97 9A + 40 16 F5 45 6F F4 21 C5 B3 85 DA 2B 85 5D A7 E3 + 1C 8C 2E 8E 4B A4 1E B4 09 5C B9 99 D9 75 9C B4 + 03 58 DA 85 62 A2 E6 13 49 E0 5A 2E 13 F1 B7 4E + C9 E6 9F 5B 42 6D C7 41 38 FF CD C5 71 C3 2B 39 + B9 F5 55 63 E1 A9 9D C4 22 C3 06 02 6D 6A 0F 9D + E8 51 62 B3 86 79 4C A0 68 8B 76 4B 3D 32 20 0C + C4 59 74 97 32 A0 F3 A3 41 C0 EF C9 6A 22 C6 3B + AD 7D 96 CC 9B A4 76 8C 6F CF A1 F2 00 10 7C F9 + FA E5 C0 D7 54 95 8C 5A 75 6B 37 6A 3B E6 9F 88 + 07 4F 20 0E 9E 95 A8 CA 5B CF 96 99 98 DB 1D C3 + 7D 0D 3D 91 6F 6C AA B3 F0 37 82 C9 C4 4A 2E 14 + E8 07 86 BE CE 45 87 B9 EF 82 CB F4 54 E0 E3 4B + D1 75 AE 57 D3 6A F4 E7 26 B2 21 33 2C ED 36 C8 + CE 2E 06 20 3C 65 6A E8 DA 03 7D 08 E7 16 0B 48 + 0C 1A 85 16 BF 06 DD 97 BF 4A A4 C0 24 93 10 DC + 0B 06 5D C6 39 57 63 55 38 4D 16 5C 6A 50 9B 12 + F7 BB D1 E1 5B 22 BC E0 2F A0 48 DD FA AC F7 41 + 5F 49 B6 32 4C 1D 06 7B 52 64 E1 12 5F 7F 75 42 + 7F 31 2B D9 34 6E B4 E4 00 B1 F7 CB 31 28 8C 9E + 3F 73 5E CA 9C ED 0D B8 88 E2 E2 F4 02 24 3B D6 + 46 18 A2 3E 10 F9 C2 29 39 74 40 54 2D 0A B1 B2 + E1 0D AC C5 C9 5E 59 7F 2C 7E A3 84 38 10 5F 97 + 80 3D BB 03 FC C0 FD 41 6B 09 05 A4 1D 18 4D EB + 23 89 05 77 58 91 F9 35 01 FB 41 76 A3 BD 6C 46 + 44 61 D3 6E E8 B0 08 AA BD 9E 26 A3 40 55 E8 0C + 8C 81 3E EB A0 7F 72 8A B3 2B 15 60 5A D1 61 A0 + 66 9F 6F CE 5C 55 09 FB B6 AF D2 4A EA CC 5F A4 + A5 15 23 E6 B1 73 24 6E D4 BF A5 21 D7 4F C6 BB + +SHAKE-256 sample of 30-bit message + +Msg as bit string + 1 1 0 0 1 0 1 0 0 0 0 1 1 0 1 0 1 1 0 1 1 1 1 0 1 0 0 1 1 0 + +Output val is + 46 5D 08 1D FF 87 5E 39 62 00 E4 48 1A 3E 9D CD + 88 D0 79 AA 6D 66 22 6C B6 BA 45 41 07 CB 81 A7 + 84 1A B0 29 60 DE 27 9C CB E3 4B 42 C3 65 85 AD + 86 96 4D B0 DB 52 B6 E7 B4 36 9E CE 8F 72 48 58 + 9B A7 8A B1 82 8F FC 33 5C B1 23 97 11 9B FD 2B + 87 EB 78 98 AE B9 56 B6 F2 3D DF 0B D4 00 43 86 + A8 E5 26 55 4E F4 E4 83 FA CE E3 0D D3 2E 20 4F + FF 8C 36 BB D6 02 A5 76 D1 39 08 9C 75 A8 05 02 + 66 FC BF 72 1E 44 43 DE 46 45 83 29 22 EB 8A AE + 39 D1 F5 72 84 53 64 81 7B 00 33 54 38 99 94 00 + 23 F2 E9 65 A6 0A 80 EB 22 1E B1 9D C5 7B 12 12 + 91 56 4C 6F 69 35 83 B3 AC 7C 6F 27 2F 4F 67 A1 + 9A 76 78 D4 23 4B 0B F4 A2 EB C0 8A A2 35 B9 78 + 8D B7 87 16 1F 66 17 02 28 65 C0 EF 9A A5 33 80 + 2D 13 6C DB C7 AE BA 53 2A CF 1B E1 83 B0 29 5A + B0 E3 3A 2E F6 9B E3 56 DA AF 30 96 87 15 3E 2F + 99 A1 24 36 09 D6 03 12 6A 8C 82 3E 88 43 E4 59 + BF C7 2B 30 69 1C DC C3 DD B2 7C F0 28 AF D5 1E + 44 37 EE 3B 71 C0 C1 EC 87 A9 34 36 F0 C2 47 B7 + E8 C5 0C E9 68 25 C9 70 29 99 7A 74 C3 18 AF AC + AA 18 A0 18 0B C7 F2 F0 F1 C5 E7 EF 1A 2D 18 3A + C7 EE 7E 49 15 C3 B6 8C 30 97 8A B6 C4 28 19 34 + 41 DF 47 05 B7 22 CE 25 A0 8A 1F AD CA 0E EF 1F + AF E8 3A DF 13 02 1D 52 0D E5 C8 27 FF 9A 97 B7 + 55 46 19 3A 9B 92 3F 05 90 38 5D C4 BF F7 C4 9D + 49 15 B5 A3 65 DB 4C 84 DD CB 18 5D E8 F9 EE B3 + 34 96 5A 42 F1 38 1C 8B AD C2 2B A1 F8 EE 4C 0E + 4D AA F7 A8 8E 7F 42 DD B8 14 8F 3B F8 D3 B8 D7 + 4F 09 81 55 A3 7C B4 CB 27 87 6B 85 DA 60 2E 5C + 78 9C 10 E0 3B E7 34 07 BA B8 C4 92 13 F8 C7 4E + 12 66 CE 9B 11 28 6E 67 4C A9 C1 0C 9C 99 55 04 + 9A 66 E9 05 1D 9A 2B 1F C9 AF E2 67 98 E9 CE C6 + +SHAKE-256 sample of 1600-bit message + +Msg as bit string + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + +Output val is + CD 8A 92 0E D1 41 AA 04 07 A2 2D 59 28 86 52 E9 + D9 F1 A7 EE 0C 1E 7C 1C A6 99 42 4D A8 4A 90 4D + 2D 70 0C AA E7 39 6E CE 96 60 44 40 57 7D A4 F3 + AA 22 AE B8 85 7F 96 1C 4C D8 E0 6F 0A E6 61 0B + 10 48 A7 F6 4E 10 74 CD 62 9E 85 AD 75 66 04 8E + FC 4F B5 00 B4 86 A3 30 9A 8F 26 72 4C 0E D6 28 + 00 1A 10 99 42 24 68 DE 72 6F 10 61 D9 9E B9 E9 + 36 04 D5 AA 74 67 D4 B1 BD 64 84 58 2A 38 43 17 + D7 F4 7D 75 0B 8F 54 99 51 2B B8 5A 22 6C 42 43 + 55 6E 69 6F 6B D0 72 C5 AA 2D 9B 69 73 02 44 B5 + 68 53 D1 69 70 AD 81 7E 21 3E 47 06 18 17 80 01 + C9 FB 56 C5 4F EF A5 FE E6 7D 2D A5 24 BB 3B 0B + 61 EF 0E 91 14 A9 2C DB B6 CC CB 98 61 5C FE 76 + E3 51 0D D8 8D 1C C2 8F F9 92 87 51 2F 24 BF AF + A1 A7 68 77 B6 F3 71 98 E3 A6 41 C6 8A 7C 42 D4 + 5F A7 AC C1 0D AE 5F 3C EF B7 B7 35 F1 2D 4E 58 + 9F 7A 45 6E 78 C0 F5 E4 C4 47 1F FF A5 E4 FA 05 + 14 AE 97 4D 8C 26 48 51 3B 5D B4 94 CE A8 47 15 + 6D 27 7A D0 E1 41 C2 4C 78 39 06 4C D0 88 51 BC + 2E 7C A1 09 FD 4E 25 1C 35 BB 0A 04 FB 05 B3 64 + FF 8C 4D 8B 59 BC 30 3E 25 32 8C 09 A8 82 E9 52 + 51 8E 1A 8A E0 FF 26 5D 61 C4 65 89 69 73 D7 49 + 04 99 DC 63 9F B8 50 2B 39 45 67 91 B1 B6 EC 5B + CC 5D 9A C3 6A 6D F6 22 A0 70 D4 3F ED 78 1F 5F + 14 9F 7B 62 67 5E 7D 1A 4D 6D EC 48 C1 C7 16 45 + 86 EA E0 6A 51 20 8C 0B 79 12 44 D3 07 72 65 05 + C3 AD 4B 26 B6 82 23 77 25 7A A1 52 03 75 60 A7 + 39 71 4A 3C A7 9B D6 05 54 7C 9B 78 DD 1F 59 6F + 2D 4F 17 91 BC 68 9A 0E 9B 79 9A 37 33 9C 04 27 + 57 33 74 01 43 EF 5D 2B 58 B9 6A 36 3D 4E 08 07 + 6A 1A 9D 78 46 43 6E 4D CA 57 28 B6 F7 60 EE F0 + CA 92 BF 0B E5 61 5E 96 95 9D 76 71 97 A0 BE EB + +SHAKE-256 sample of 1605-bit message + +Msg as bit string + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 + +Output val is + 98 D0 93 B0 67 47 57 60 12 4F FB 92 04 A5 B3 27 + C6 BB 05 C5 4F F2 34 F0 B4 3F AC 72 40 41 51 66 + A8 C7 05 EA 0D 73 9F 08 08 B0 65 76 D9 96 66 2C + 1F 37 66 94 D9 8F 51 57 19 B6 64 07 72 0D CF 78 + 1C 51 CD 56 EF 8B 61 0C 66 8D DC 1A C1 C2 C4 29 + EA 4D 6F 27 4A A7 A7 73 BF 8B 0C AB 30 6F 1E EE + 2A 17 1B 91 33 4E A0 FA CD 2A AC 1F 51 D4 D5 EB + 0E 63 A4 E6 75 4E CA FE EC 24 6B 7A AF 58 D0 E0 + A9 74 C7 FF 40 58 BD BD ED B3 3E D0 4B 0F A4 5D + 70 C7 C8 4F 3D A1 3E 4F 7D 1B ED DB 53 4D 37 E5 + AB DF B2 9F 2B 44 C4 FB 0D 6C CA B8 31 D9 0B A4 + 6A 00 53 06 62 F9 07 DE DD 47 9E 9B 54 28 E5 E2 + DB 80 40 B0 E2 B1 F1 74 CE 34 7F 32 A0 6A 5A C2 + 2B 19 AA FE 92 7B 88 78 D0 C8 10 3A 4D 2F 19 E3 + 23 36 C6 4C FA DC 1B 9A CB 39 78 A8 29 85 71 DC + D8 9C 36 A6 56 92 81 6D 0C 61 CE 0E D1 79 42 36 + 70 17 BD 40 F5 9D FB AE 34 63 58 27 92 0A FE 7A + 27 BF 56 70 09 A1 38 40 3F 06 B6 E4 DE 94 DA 07 + 7D B4 97 73 C2 35 46 61 19 42 6F 79 88 8D 3A 81 + B4 07 DF EB A8 7E 01 CD 48 F9 0E 01 B6 F9 02 43 + C4 01 25 DE 47 E8 C8 F3 E6 EA 33 88 CB FE EB 36 + 54 1E F2 3D 2C 83 48 45 8E A2 8C AA 50 66 F4 98 + 37 76 F0 CB 2F DC 66 04 9C F8 8A C8 EA E5 12 12 + AA CE 86 7B EA 4C 3C AE E4 4F 14 7A 9B F9 9D 04 + 87 4E 87 22 D0 3D 3F 5F F6 EF 3B EB E7 64 2F E4 + 91 6C 5F 10 FF 3F D6 13 87 D5 D9 1B CD 32 F9 E8 + E4 59 3D CA AD 23 EC CC 05 D2 FC 9B E2 C1 CD 63 + 0E A1 23 DC A9 CB 69 38 D6 0C DD ED C1 1E 1E 9B + C9 D2 68 A5 45 6B A9 CC FF 18 59 7C 5F F9 73 57 + 08 41 3B 9D 84 B9 F4 72 19 37 CC 65 95 71 27 97 + 53 2B 48 D6 F1 A2 D1 72 3B 07 D5 46 0B C1 39 16 + D9 6E 88 18 07 13 AC 33 D2 C2 32 E3 5E 76 4E 04 + +SHAKE-256 sample of 1630-bit message + +Msg as bit string + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 + 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 0 1 1 1 0 0 0 1 + +Output val is + 8A 83 25 07 9B 0F C3 26 5D 52 F5 98 55 CA FE 65 + 5D F4 38 AA 63 9F 6F EC 99 1F 24 94 33 0C E3 2F + A3 7F 7D B9 0F 69 66 D8 E4 A4 6E 50 C5 ED E5 7B + 9B 8F 08 2A 96 62 7F 73 04 75 02 9A 61 92 29 D8 + 4F 43 2E D6 9F D0 59 23 4D 4D 7D D3 58 E8 39 3F + 6A 36 A4 5C CF 04 1F 90 FC 0A 4E 58 02 D7 30 63 + D3 65 31 33 6A 00 90 EC FE 1A 4D 4D 29 AA 82 4B + A4 2B 49 37 B4 BB 98 F4 F3 3A 0E 3B D8 B5 11 E6 + 95 28 D5 95 37 11 0D 75 21 FB 78 AC A0 18 DF 76 + 16 0F 54 A3 42 1B 84 14 92 64 ED 03 2F 6D CE 46 + 7A 73 1A 8E 34 04 8E 3A 46 E9 80 39 DF 3C 32 8D + EB FB E5 D1 BC 8B E7 FF 4E F8 91 7B 01 F0 B7 89 + 36 72 49 2D 6E E5 C7 1D F2 D0 53 1F 8B 68 47 64 + BA 0A 2B 57 EC 6A 4F 60 BA 4F 36 FE 2D B0 E6 5A + D7 AA 5F 14 F3 EF 9F 34 A0 AB 5B C3 3D 48 87 33 + BA 36 BF 4B 2B 4F CE 02 8E FF 8C 6C E0 3B 19 2C + F0 75 CC 9F 00 D2 9C 0E 06 C3 5C 44 89 D2 7F 07 + FA 49 A9 1C A9 24 71 E3 4D AB 77 87 AE 24 A6 E0 + F3 09 EF 0B A5 3F 7C 8B 29 92 52 0A 07 BE DD 50 + 9A 0B 6D BE A5 70 A5 96 0E D6 24 82 6D D8 EC D1 + 91 5C 87 32 7E 74 49 1C 40 5A 74 11 C1 2C 0D 44 + 97 51 26 89 BD 7F 5A DB ED B0 2C 6D 2E 68 47 4E + 8B F3 1B 88 40 40 81 8F 4B CA 03 A4 52 17 EA C7 + 08 3A D3 A3 3C B8 47 7A 04 C9 E3 26 6A 13 34 77 + DE 45 E7 18 30 A4 0E B0 D0 75 AF CC FC D9 DC 54 + 8D 0D 52 94 60 EA 7A C2 AD AC 72 2E 76 78 EF 59 + 7D D3 B4 95 BD 7D 1A 8F F3 94 48 BB AB 1D C6 A8 + 84 81 80 1C F5 A8 01 0E 87 3C 31 E4 79 A5 E3 DB + 3D 4E 67 D1 D9 48 E6 7C C6 6F D7 5A 4A 19 C1 20 + 66 2E F5 59 77 BD DB AC 07 21 C8 0D 69 90 26 93 + C8 3D 5E F7 BC 27 EF A3 93 AF 4C 43 9F C3 99 58 + E0 E7 55 37 35 88 02 EF 08 53 B7 47 0B 0F 19 AC + diff --git a/BouncyCastle/crypto/test/data/crypto/nist_ecc.txt b/BouncyCastle/crypto/test/data/crypto/nist_ecc.txt new file mode 100644 index 0000000..da3c17b --- /dev/null +++ b/BouncyCastle/crypto/test/data/crypto/nist_ecc.txt @@ -0,0 +1,3180 @@ + + http://point-at-infinity.org/ecc/nisttv + +Test vectors for the NIST elliptic curves P192, P224, P256, P384, P521, +B163, B233, B283, B409, B571, K163, K233, K283, K409 and K571. For more +information about the curves see + http://csrc.nist.gov/encryption/dss/ecdsa/NISTReCur.pdf + +For a given curve and a given base point P the point Q = kP was calcaluted for +several values k. The x and y coordinates of Q are given in the table below. + +Keywords: elliptic curve cryptography ECC test vector + prime binary field point multiplication ANSI X9 FIPS182 + + + Curve: P192 +------------- +k = 1 +x = 188DA80EB03090F67CBF20EB43A18800F4FF0AFD82FF1012 +y = 07192B95FFC8DA78631011ED6B24CDD573F977A11E794811 + +k = 2 +x = DAFEBF5828783F2AD35534631588A3F629A70FB16982A888 +y = DD6BDA0D993DA0FA46B27BBC141B868F59331AFA5C7E93AB + +k = 3 +x = 76E32A2557599E6EDCD283201FB2B9AADFD0D359CBB263DA +y = 782C37E372BA4520AA62E0FED121D49EF3B543660CFD05FD + +k = 4 +x = 35433907297CC378B0015703374729D7A4FE46647084E4BA +y = A2649984F2135C301EA3ACB0776CD4F125389B311DB3BE32 + +k = 5 +x = 10BB8E9840049B183E078D9C300E1605590118EBDD7FF590 +y = 31361008476F917BADC9F836E62762BE312B72543CCEAEA1 + +k = 6 +x = A37ABC6C431F9AC398BF5BD1AA6678320ACE8ECB93D23F2A +y = 851B3CAEC99908DBFED7040A1BBDA90E081F7C5710BC68F0 + +k = 7 +x = 8DA75A1F75DDCD7660F923243060EDCE5DE37F007011FCFD +y = 57CB5FCF6860B35418240DB8FDB3C01DD4B702F96409FFB5 + +k = 8 +x = 2FA1F92D1ECCE92014771993CC14899D4B5977883397EDDE +y = A338AFDEF78B7214273B8B5978EF733FF2DD8A8E9738F6C0 + +k = 9 +x = 818A4D308B1CABB74E9E8F2BA8D27C9E1D9D375AB980388F +y = 01D1AA5E208D87CD7C292F7CBB457CDF30EA542176C8E739 + +k = 10 +x = AA7C4F9EF99E3E96D1AEDE2BD9238842859BB150D1FE9D85 +y = 3212A36547EDC62901EE3658B2F4859460EB5EB2491397B0 + +k = 11 +x = 1C995995EB76324F1844F7164D22B652280940370628A2AA +y = EF1765CE37E9EB73029F556400FA77BDB34CB8611AAA9C04 + +k = 12 +x = 1061343F3D456D0ECA013877F8C9E7B28FCCDCDA67EEB8AB +y = 5A064CAA2EA6B03798FEF8E3E7A48648681EAC020B27293F + +k = 13 +x = 112AF141D33EFB9F2F68821E051E4EA004144A363C4A090A +y = 6E0CBE3BFC5293F72A2C1726E081E09E7F10A094432B1C1E + +k = 14 +x = 13B9310646EBC93B591746B3F7C64E05DEE08843DE1081C1 +y = 1EDCEA63B44142DD15F3B427EC41A1EC4FBACA95E186E6B4 + +k = 15 +x = 8C9595E63B56B633BA3546B2B5414DE736DE4A9E7578B1E7 +y = 266B762A934F00C17CF387993AA566B6AD7537CDD98FC7B1 + +k = 16 +x = B7310B4548FBFDBD29005092A5355BFCD99473733048AFDF +y = FF9EAE9EDCD27C1E42D8585C4546D9491845C56629CF2290 + +k = 17 +x = 44275CD2E1F46DC3F9F57636C2B4213B8BB445930510FF8A +y = EFAD8348FDE30C87DE438612A818E98D9B76A67AD25DDFD0 + +k = 18 +x = C1B4DB0227210613A6CA15C428024E40B6513365D72591A3 +y = 1E26B286BCA1D08F4FE8F801267DF9FD7782EC3EC3F47F53 + +k = 19 +x = C0626BCF247DE5D307FD839238D72688774FC97A1CF8AD1B +y = 9CDC99D753973DC197E12778E829C804EC1A6B4E71FAA20A + +k = 20 +x = BB6F082321D34DBD786A1566915C6DD5EDF879AB0F5ADD67 +y = 91E4DD8A77C4531C8B76DEF2E5339B5EB95D5D9479DF4C8D + +k = 112233445566778899 +x = 81E6E0F14C9302C8A8DCA8A038B73165E9687D0490CD9F85 +y = F58067119EED8579388C4281DC645A27DB7764750E812477 + +k = 112233445566778899112233445566778899 +x = B357B10AC985C891B29FB37DA56661CCCF50CEC21128D4F6 +y = BA20DC2FA1CC228D3C2D8B538C2177C2921884C6B7F0D96F + +k = 1618292094200346491064154703205151664562462359653015613567 +x = 74FEC215F253C6BD845831E059B318C87F727B136A700B91 +y = 4B702B15B126A703E7A7CEC3E0EC81F8DFCA73A59F5D88B9 + +k = 1484605055214526729816930749766694384906446681761906688 +x = 0C40230F9C4B8C0FD91F2C604FCBA9B87C2DFA153F010B4F +y = 5FC4F5771F467971B2C82752413833A68CE00F4A9A692B02 + +k = 1569275434166462877105627261392580354519833538813866540831 +x = 28783BBF6208E1FF0F965FD8DC0C26FF1D8E02B433EDF2F7 +y = A5852BBC44FD8164C1ABA9A3EC7A88E461D5D77ABD743E87 + +k = 3138550867681922400546388175470823984762234518836963313664 +x = 45DAF0A306121BDB3B82E734CB44FDF65C9930F0E4FD2068 +y = F039FACE58EB7DE34E3374ADB28DF81F019C4548BAA75B64 + +k = 3138550119404545973088374812479323842475901485681169401600 +x = 1D5EC85004EA2ABA905CEF98A818A8C3516D7CB69A6FD575 +y = 4008F35F5820F66C902195644162E5AA231DD69C9E1ECC97 + +k = 24519928471166604179655321383971467003990211439919824896 +x = F063727C2EA4D358AB02F6B0BEEB14DBEAF2E8A1DB3208EE +y = 427418C015553361769B6A0C42923C4CA103740B6DCD9703 + +k = 46756768218837031708063422466358611246556475572231 +x = DC81D33CA6604B1EFE49386CD492979EF807B8BAEB8566E3 +y = D454247FF478514556333B3901C9F1CCC18DBC9AB938CFA0 + +k = 3138502977207688322901699644928655553044791844086883549215 +x = D932741DF6AA0E1EED24279150436C752AA5ADCFD0698D72 +y = 9759B6D2EF21D885E94CDFF219F17004D8763401DAB021B5 + +k = 47890485652059026491391979477371914515865621847605503 +x = 571477E9D9F2A628780742257F7250C4224C483B30F3A97E +y = 1AD35EE3177D22DD5F01B5A46FFDEC547B6A41786EBB8C8F + +k = 3138549376958826959341570842566593375326996431013993775615 +x = 4C69939642792776C826DB8B4EBF4BD8C03FC9DFA2AEC822 +y = 29BF35BE52A6036E07EBA5741CFEB4C143310216EF1B9A2E + +k = 6277101735386680763835789423176059013767194773182842284061 +x = BB6F082321D34DBD786A1566915C6DD5EDF879AB0F5ADD67 +y = 6E1B2275883BACE37489210D1ACC64A046A2A26B8620B372 + +k = 6277101735386680763835789423176059013767194773182842284062 +x = C0626BCF247DE5D307FD839238D72688774FC97A1CF8AD1B +y = 63236628AC68C23E681ED88717D637FA13E594B18E055DF5 + +k = 6277101735386680763835789423176059013767194773182842284063 +x = C1B4DB0227210613A6CA15C428024E40B6513365D72591A3 +y = E1D94D79435E2F70B01707FED9820601887D13C13C0B80AC + +k = 6277101735386680763835789423176059013767194773182842284064 +x = 44275CD2E1F46DC3F9F57636C2B4213B8BB445930510FF8A +y = 10527CB7021CF37821BC79ED57E71671648959852DA2202F + +k = 6277101735386680763835789423176059013767194773182842284065 +x = B7310B4548FBFDBD29005092A5355BFCD99473733048AFDF +y = 00615161232D83E1BD27A7A3BAB926B5E7BA3A99D630DD6F + +k = 6277101735386680763835789423176059013767194773182842284066 +x = 8C9595E63B56B633BA3546B2B5414DE736DE4A9E7578B1E7 +y = D99489D56CB0FF3E830C7866C55A9948528AC8322670384E + +k = 6277101735386680763835789423176059013767194773182842284067 +x = 13B9310646EBC93B591746B3F7C64E05DEE08843DE1081C1 +y = E123159C4BBEBD22EA0C4BD813BE5E12B045356A1E79194B + +k = 6277101735386680763835789423176059013767194773182842284068 +x = 112AF141D33EFB9F2F68821E051E4EA004144A363C4A090A +y = 91F341C403AD6C08D5D3E8D91F7E1F6080EF5F6BBCD4E3E1 + +k = 6277101735386680763835789423176059013767194773182842284069 +x = 1061343F3D456D0ECA013877F8C9E7B28FCCDCDA67EEB8AB +y = A5F9B355D1594FC86701071C185B79B697E153FDF4D8D6C0 + +k = 6277101735386680763835789423176059013767194773182842284070 +x = 1C995995EB76324F1844F7164D22B652280940370628A2AA +y = 10E89A31C816148CFD60AA9BFF0588414CB3479EE55563FB + +k = 6277101735386680763835789423176059013767194773182842284071 +x = AA7C4F9EF99E3E96D1AEDE2BD9238842859BB150D1FE9D85 +y = CDED5C9AB81239D6FE11C9A74D0B7A6A9F14A14DB6EC684F + +k = 6277101735386680763835789423176059013767194773182842284072 +x = 818A4D308B1CABB74E9E8F2BA8D27C9E1D9D375AB980388F +y = FE2E55A1DF72783283D6D08344BA831FCF15ABDE893718C6 + +k = 6277101735386680763835789423176059013767194773182842284073 +x = 2FA1F92D1ECCE92014771993CC14899D4B5977883397EDDE +y = 5CC7502108748DEBD8C474A687108CBF0D22757168C7093F + +k = 6277101735386680763835789423176059013767194773182842284074 +x = 8DA75A1F75DDCD7660F923243060EDCE5DE37F007011FCFD +y = A834A030979F4CABE7DBF247024C3FE12B48FD069BF6004A + +k = 6277101735386680763835789423176059013767194773182842284075 +x = A37ABC6C431F9AC398BF5BD1AA6678320ACE8ECB93D23F2A +y = 7AE4C3513666F7240128FBF5E44256F0F7E083A8EF43970F + +k = 6277101735386680763835789423176059013767194773182842284076 +x = 10BB8E9840049B183E078D9C300E1605590118EBDD7FF590 +y = CEC9EFF7B8906E84523607C919D89D40CED48DABC331515E + +k = 6277101735386680763835789423176059013767194773182842284077 +x = 35433907297CC378B0015703374729D7A4FE46647084E4BA +y = 5D9B667B0DECA3CFE15C534F88932B0DDAC764CEE24C41CD + +k = 6277101735386680763835789423176059013767194773182842284078 +x = 76E32A2557599E6EDCD283201FB2B9AADFD0D359CBB263DA +y = 87D3C81C8D45BADF559D1F012EDE2B600C4ABC99F302FA02 + +k = 6277101735386680763835789423176059013767194773182842284079 +x = DAFEBF5828783F2AD35534631588A3F629A70FB16982A888 +y = 229425F266C25F05B94D8443EBE4796FA6CCE505A3816C54 + +k = 6277101735386680763835789423176059013767194773182842284080 +x = 188DA80EB03090F67CBF20EB43A18800F4FF0AFD82FF1012 +y = F8E6D46A003725879CEFEE1294DB32298C06885EE186B7EE + + + Curve: P224 +------------- +k = 1 +x = B70E0CBD6BB4BF7F321390B94A03C1D356C21122343280D6115C1D21 +y = BD376388B5F723FB4C22DFE6CD4375A05A07476444D5819985007E34 + +k = 2 +x = 706A46DC76DCB76798E60E6D89474788D16DC18032D268FD1A704FA6 +y = 1C2B76A7BC25E7702A704FA986892849FCA629487ACF3709D2E4E8BB + +k = 3 +x = DF1B1D66A551D0D31EFF822558B9D2CC75C2180279FE0D08FD896D04 +y = A3F7F03CADD0BE444C0AA56830130DDF77D317344E1AF3591981A925 + +k = 4 +x = AE99FEEBB5D26945B54892092A8AEE02912930FA41CD114E40447301 +y = 0482580A0EC5BC47E88BC8C378632CD196CB3FA058A7114EB03054C9 + +k = 5 +x = 31C49AE75BCE7807CDFF22055D94EE9021FEDBB5AB51C57526F011AA +y = 27E8BFF1745635EC5BA0C9F1C2EDE15414C6507D29FFE37E790A079B + +k = 6 +x = 1F2483F82572251FCA975FEA40DB821DF8AD82A3C002EE6C57112408 +y = 89FAF0CCB750D99B553C574FAD7ECFB0438586EB3952AF5B4B153C7E + +k = 7 +x = DB2F6BE630E246A5CF7D99B85194B123D487E2D466B94B24A03C3E28 +y = 0F3A30085497F2F611EE2517B163EF8C53B715D18BB4E4808D02B963 + +k = 8 +x = 858E6F9CC6C12C31F5DF124AA77767B05C8BC021BD683D2B55571550 +y = 046DCD3EA5C43898C5C5FC4FDAC7DB39C2F02EBEE4E3541D1E78047A + +k = 9 +x = 2FDCCCFEE720A77EF6CB3BFBB447F9383117E3DAA4A07E36ED15F78D +y = 371732E4F41BF4F7883035E6A79FCEDC0E196EB07B48171697517463 + +k = 10 +x = AEA9E17A306517EB89152AA7096D2C381EC813C51AA880E7BEE2C0FD +y = 39BB30EAB337E0A521B6CBA1ABE4B2B3A3E524C14A3FE3EB116B655F + +k = 11 +x = EF53B6294ACA431F0F3C22DC82EB9050324F1D88D377E716448E507C +y = 20B510004092E96636CFB7E32EFDED8265C266DFB754FA6D6491A6DA + +k = 12 +x = 6E31EE1DC137F81B056752E4DEAB1443A481033E9B4C93A3044F4F7A +y = 207DDDF0385BFDEAB6E9ACDA8DA06B3BBEF224A93AB1E9E036109D13 + +k = 13 +x = 34E8E17A430E43289793C383FAC9774247B40E9EBD3366981FCFAECA +y = 252819F71C7FB7FBCB159BE337D37D3336D7FEB963724FDFB0ECB767 + +k = 14 +x = A53640C83DC208603DED83E4ECF758F24C357D7CF48088B2CE01E9FA +y = D5814CD724199C4A5B974A43685FBF5B8BAC69459C9469BC8F23CCAF + +k = 15 +x = BAA4D8635511A7D288AEBEEDD12CE529FF102C91F97F867E21916BF9 +y = 979A5F4759F80F4FB4EC2E34F5566D595680A11735E7B61046127989 + +k = 16 +x = 0B6EC4FE1777382404EF679997BA8D1CC5CD8E85349259F590C4C66D +y = 3399D464345906B11B00E363EF429221F2EC720D2F665D7DEAD5B482 + +k = 17 +x = B8357C3A6CEEF288310E17B8BFEFF9200846CA8C1942497C484403BC +y = FF149EFA6606A6BD20EF7D1B06BD92F6904639DCE5174DB6CC554A26 + +k = 18 +x = C9FF61B040874C0568479216824A15EAB1A838A797D189746226E4CC +y = EA98D60E5FFC9B8FCF999FAB1DF7E7EF7084F20DDB61BB045A6CE002 + +k = 19 +x = A1E81C04F30CE201C7C9ACE785ED44CC33B455A022F2ACDBC6CAE83C +y = DCF1F6C3DB09C70ACC25391D492FE25B4A180BABD6CEA356C04719CD + +k = 20 +x = FCC7F2B45DF1CD5A3C0C0731CA47A8AF75CFB0347E8354EEFE782455 +y = 0D5D7110274CBA7CDEE90E1A8B0D394C376A5573DB6BE0BF2747F530 + +k = 112233445566778899 +x = 61F077C6F62ED802DAD7C2F38F5C67F2CC453601E61BD076BB46179E +y = 2272F9E9F5933E70388EE652513443B5E289DD135DCC0D0299B225E4 + +k = 112233445566778899112233445566778899 +x = 029895F0AF496BFC62B6EF8D8A65C88C613949B03668AAB4F0429E35 +y = 3EA6E53F9A841F2019EC24BDE1A75677AA9B5902E61081C01064DE93 + +k = 6950511619965839450988900688150712778015737983940691968051900319680 +x = AB689930BCAE4A4AA5F5CB085E823E8AE30FD365EB1DA4ABA9CF0379 +y = 3345A121BBD233548AF0D210654EB40BAB788A03666419BE6FBD34E7 + +k = 13479972933410060327035789020509431695094902435494295338570602119423 +x = BDB6A8817C1F89DA1C2F3DD8E97FEB4494F2ED302A4CE2BC7F5F4025 +y = 4C7020D57C00411889462D77A5438BB4E97D177700BF7243A07F1680 + +k = 13479971751745682581351455311314208093898607229429740618390390702079 +x = D58B61AA41C32DD5EBA462647DBA75C5D67C83606C0AF2BD928446A9 +y = D24BA6A837BE0460DD107AE77725696D211446C5609B4595976B16BD + +k = 13479972931865328106486971546324465392952975980343228160962702868479 +x = DC9FA77978A005510980E929A1485F63716DF695D7A0C18BB518DF03 +y = EDE2B016F2DDFFC2A8C015B134928275CE09E5661B7AB14CE0D1D403 + +k = 11795773708834916026404142434151065506931607341523388140225443265536 +x = 499D8B2829CFB879C901F7D85D357045EDAB55028824D0F05BA279BA +y = BF929537B06E4015919639D94F57838FA33FC3D952598DCDBB44D638 + +k = 784254593043826236572847595991346435467177662189391577090 +x = 8246C999137186632C5F9EDDF3B1B0E1764C5E8BD0E0D8A554B9CB77 +y = E80ED8660BC1CB17AC7D845BE40A7A022D3306F116AE9F81FEA65947 + +k = 13479767645505654746623887797783387853576174193480695826442858012671 +x = 6670C20AFCCEAEA672C97F75E2E9DD5C8460E54BB38538EBB4BD30EB +y = F280D8008D07A4CAF54271F993527D46FF3FF46FD1190A3F1FAA4F74 + +k = 205688069665150753842126177372015544874550518966168735589597183 +x = 000ECA934247425CFD949B795CB5CE1EFF401550386E28D1A4C5A8EB +y = D4C01040DBA19628931BC8855370317C722CBD9CA6156985F1C2E9CE + +k = 13479966930919337728895168462090683249159702977113823384618282123295 +x = EF353BF5C73CD551B96D596FBC9A67F16D61DD9FE56AF19DE1FBA9CD +y = 21771B9CDCE3E8430C09B3838BE70B48C21E15BC09EE1F2D7945B91F + +k = 50210731791415612487756441341851895584393717453129007497216 +x = 4036052A3091EB481046AD3289C95D3AC905CA0023DE2C03ECD451CF +y = D768165A38A2B96F812586A9D59D4136035D9C853A5BF2E1C86A4993 + +k = 26959946667150639794667015087019625940457807714424391721682722368041 +x = FCC7F2B45DF1CD5A3C0C0731CA47A8AF75CFB0347E8354EEFE782455 +y = F2A28EEFD8B345832116F1E574F2C6B2C895AA8C24941F40D8B80AD1 + +k = 26959946667150639794667015087019625940457807714424391721682722368042 +x = A1E81C04F30CE201C7C9ACE785ED44CC33B455A022F2ACDBC6CAE83C +y = 230E093C24F638F533DAC6E2B6D01DA3B5E7F45429315CA93FB8E634 + +k = 26959946667150639794667015087019625940457807714424391721682722368043 +x = C9FF61B040874C0568479216824A15EAB1A838A797D189746226E4CC +y = 156729F1A003647030666054E208180F8F7B0DF2249E44FBA5931FFF + +k = 26959946667150639794667015087019625940457807714424391721682722368044 +x = B8357C3A6CEEF288310E17B8BFEFF9200846CA8C1942497C484403BC +y = 00EB610599F95942DF1082E4F9426D086FB9C6231AE8B24933AAB5DB + +k = 26959946667150639794667015087019625940457807714424391721682722368045 +x = 0B6EC4FE1777382404EF679997BA8D1CC5CD8E85349259F590C4C66D +y = CC662B9BCBA6F94EE4FF1C9C10BD6DDD0D138DF2D099A282152A4B7F + +k = 26959946667150639794667015087019625940457807714424391721682722368046 +x = BAA4D8635511A7D288AEBEEDD12CE529FF102C91F97F867E21916BF9 +y = 6865A0B8A607F0B04B13D1CB0AA992A5A97F5EE8CA1849EFB9ED8678 + +k = 26959946667150639794667015087019625940457807714424391721682722368047 +x = A53640C83DC208603DED83E4ECF758F24C357D7CF48088B2CE01E9FA +y = 2A7EB328DBE663B5A468B5BC97A040A3745396BA636B964370DC3352 + +k = 26959946667150639794667015087019625940457807714424391721682722368048 +x = 34E8E17A430E43289793C383FAC9774247B40E9EBD3366981FCFAECA +y = DAD7E608E380480434EA641CC82C82CBC92801469C8DB0204F13489A + +k = 26959946667150639794667015087019625940457807714424391721682722368049 +x = 6E31EE1DC137F81B056752E4DEAB1443A481033E9B4C93A3044F4F7A +y = DF82220FC7A4021549165325725F94C3410DDB56C54E161FC9EF62EE + +k = 26959946667150639794667015087019625940457807714424391721682722368050 +x = EF53B6294ACA431F0F3C22DC82EB9050324F1D88D377E716448E507C +y = DF4AEFFFBF6D1699C930481CD102127C9A3D992048AB05929B6E5927 + +k = 26959946667150639794667015087019625940457807714424391721682722368051 +x = AEA9E17A306517EB89152AA7096D2C381EC813C51AA880E7BEE2C0FD +y = C644CF154CC81F5ADE49345E541B4D4B5C1ADB3EB5C01C14EE949AA2 + +k = 26959946667150639794667015087019625940457807714424391721682722368052 +x = 2FDCCCFEE720A77EF6CB3BFBB447F9383117E3DAA4A07E36ED15F78D +y = C8E8CD1B0BE40B0877CFCA1958603122F1E6914F84B7E8E968AE8B9E + +k = 26959946667150639794667015087019625940457807714424391721682722368053 +x = 858E6F9CC6C12C31F5DF124AA77767B05C8BC021BD683D2B55571550 +y = FB9232C15A3BC7673A3A03B0253824C53D0FD1411B1CABE2E187FB87 + +k = 26959946667150639794667015087019625940457807714424391721682722368054 +x = DB2F6BE630E246A5CF7D99B85194B123D487E2D466B94B24A03C3E28 +y = F0C5CFF7AB680D09EE11DAE84E9C1072AC48EA2E744B1B7F72FD469E + +k = 26959946667150639794667015087019625940457807714424391721682722368055 +x = 1F2483F82572251FCA975FEA40DB821DF8AD82A3C002EE6C57112408 +y = 76050F3348AF2664AAC3A8B05281304EBC7A7914C6AD50A4B4EAC383 + +k = 26959946667150639794667015087019625940457807714424391721682722368056 +x = 31C49AE75BCE7807CDFF22055D94EE9021FEDBB5AB51C57526F011AA +y = D817400E8BA9CA13A45F360E3D121EAAEB39AF82D6001C8186F5F866 + +k = 26959946667150639794667015087019625940457807714424391721682722368057 +x = AE99FEEBB5D26945B54892092A8AEE02912930FA41CD114E40447301 +y = FB7DA7F5F13A43B81774373C879CD32D6934C05FA758EEB14FCFAB38 + +k = 26959946667150639794667015087019625940457807714424391721682722368058 +x = DF1B1D66A551D0D31EFF822558B9D2CC75C2180279FE0D08FD896D04 +y = 5C080FC3522F41BBB3F55A97CFECF21F882CE8CBB1E50CA6E67E56DC + +k = 26959946667150639794667015087019625940457807714424391721682722368059 +x = 706A46DC76DCB76798E60E6D89474788D16DC18032D268FD1A704FA6 +y = E3D4895843DA188FD58FB0567976D7B50359D6B78530C8F62D1B1746 + +k = 26959946667150639794667015087019625940457807714424391721682722368060 +x = B70E0CBD6BB4BF7F321390B94A03C1D356C21122343280D6115C1D21 +y = 42C89C774A08DC04B3DD201932BC8A5EA5F8B89BBB2A7E667AFF81CD + + + Curve: P256 +------------- +k = 1 +x = 6B17D1F2E12C4247F8BCE6E563A440F277037D812DEB33A0F4A13945D898C296 +y = 4FE342E2FE1A7F9B8EE7EB4A7C0F9E162BCE33576B315ECECBB6406837BF51F5 + +k = 2 +x = 7CF27B188D034F7E8A52380304B51AC3C08969E277F21B35A60B48FC47669978 +y = 07775510DB8ED040293D9AC69F7430DBBA7DADE63CE982299E04B79D227873D1 + +k = 3 +x = 5ECBE4D1A6330A44C8F7EF951D4BF165E6C6B721EFADA985FB41661BC6E7FD6C +y = 8734640C4998FF7E374B06CE1A64A2ECD82AB036384FB83D9A79B127A27D5032 + +k = 4 +x = E2534A3532D08FBBA02DDE659EE62BD0031FE2DB785596EF509302446B030852 +y = E0F1575A4C633CC719DFEE5FDA862D764EFC96C3F30EE0055C42C23F184ED8C6 + +k = 5 +x = 51590B7A515140D2D784C85608668FDFEF8C82FD1F5BE52421554A0DC3D033ED +y = E0C17DA8904A727D8AE1BF36BF8A79260D012F00D4D80888D1D0BB44FDA16DA4 + +k = 6 +x = B01A172A76A4602C92D3242CB897DDE3024C740DEBB215B4C6B0AAE93C2291A9 +y = E85C10743237DAD56FEC0E2DFBA703791C00F7701C7E16BDFD7C48538FC77FE2 + +k = 7 +x = 8E533B6FA0BF7B4625BB30667C01FB607EF9F8B8A80FEF5B300628703187B2A3 +y = 73EB1DBDE03318366D069F83A6F5900053C73633CB041B21C55E1A86C1F400B4 + +k = 8 +x = 62D9779DBEE9B0534042742D3AB54CADC1D238980FCE97DBB4DD9DC1DB6FB393 +y = AD5ACCBD91E9D8244FF15D771167CEE0A2ED51F6BBE76A78DA540A6A0F09957E + +k = 9 +x = EA68D7B6FEDF0B71878938D51D71F8729E0ACB8C2C6DF8B3D79E8A4B90949EE0 +y = 2A2744C972C9FCE787014A964A8EA0C84D714FEAA4DE823FE85A224A4DD048FA + +k = 10 +x = CEF66D6B2A3A993E591214D1EA223FB545CA6C471C48306E4C36069404C5723F +y = 878662A229AAAE906E123CDD9D3B4C10590DED29FE751EEECA34BBAA44AF0773 + +k = 11 +x = 3ED113B7883B4C590638379DB0C21CDA16742ED0255048BF433391D374BC21D1 +y = 9099209ACCC4C8A224C843AFA4F4C68A090D04DA5E9889DAE2F8EEFCE82A3740 + +k = 12 +x = 741DD5BDA817D95E4626537320E5D55179983028B2F82C99D500C5EE8624E3C4 +y = 0770B46A9C385FDC567383554887B1548EEB912C35BA5CA71995FF22CD4481D3 + +k = 13 +x = 177C837AE0AC495A61805DF2D85EE2FC792E284B65EAD58A98E15D9D46072C01 +y = 63BB58CD4EBEA558A24091ADB40F4E7226EE14C3A1FB4DF39C43BBE2EFC7BFD8 + +k = 14 +x = 54E77A001C3862B97A76647F4336DF3CF126ACBE7A069C5E5709277324D2920B +y = F599F1BB29F4317542121F8C05A2E7C37171EA77735090081BA7C82F60D0B375 + +k = 15 +x = F0454DC6971ABAE7ADFB378999888265AE03AF92DE3A0EF163668C63E59B9D5F +y = B5B93EE3592E2D1F4E6594E51F9643E62A3B21CE75B5FA3F47E59CDE0D034F36 + +k = 16 +x = 76A94D138A6B41858B821C629836315FCD28392EFF6CA038A5EB4787E1277C6E +y = A985FE61341F260E6CB0A1B5E11E87208599A0040FC78BAA0E9DDD724B8C5110 + +k = 17 +x = 47776904C0F1CC3A9C0984B66F75301A5FA68678F0D64AF8BA1ABCE34738A73E +y = AA005EE6B5B957286231856577648E8381B2804428D5733F32F787FF71F1FCDC + +k = 18 +x = 1057E0AB5780F470DEFC9378D1C7C87437BB4C6F9EA55C63D936266DBD781FDA +y = F6F1645A15CBE5DC9FA9B7DFD96EE5A7DCC11B5C5EF4F1F78D83B3393C6A45A2 + +k = 19 +x = CB6D2861102C0C25CE39B7C17108C507782C452257884895C1FC7B74AB03ED83 +y = 58D7614B24D9EF515C35E7100D6D6CE4A496716E30FA3E03E39150752BCECDAA + +k = 20 +x = 83A01A9378395BAB9BCD6A0AD03CC56D56E6B19250465A94A234DC4C6B28DA9A + +y = 76E49B6DE2F73234AE6A5EB9D612B75C9F2202BB6923F54FF8240AAA86F640B8 + +k = 112233445566778899 +x = 339150844EC15234807FE862A86BE77977DBFB3AE3D96F4C22795513AEAAB82F +y = B1C14DDFDC8EC1B2583F51E85A5EB3A155840F2034730E9B5ADA38B674336A21 + +k = 112233445566778899112233445566778899 +x = 1B7E046A076CC25E6D7FA5003F6729F665CC3241B5ADAB12B498CD32F2803264 +y = BFEA79BE2B666B073DB69A2A241ADAB0738FE9D2DD28B5604EB8C8CF097C457B + +k = 29852220098221261079183923314599206100666902414330245206392788703677545185283 +x = 9EACE8F4B071E677C5350B02F2BB2B384AAE89D58AA72CA97A170572E0FB222F +y = 1BBDAEC2430B09B93F7CB08678636CE12EAAFD58390699B5FD2F6E1188FC2A78 + +k = 57896042899961394862005778464643882389978449576758748073725983489954366354431 +x = 878F22CC6DB6048D2B767268F22FFAD8E56AB8E2DC615F7BD89F1E350500DD8D +y = 714A5D7BB901C9C5853400D12341A892EF45D87FC553786756C4F0C9391D763E + +k = 1766845392945710151501889105729049882997660004824848915955419660366636031 +x = 659A379625AB122F2512B8DADA02C6348D53B54452DFF67AC7ACE4E8856295CA +y = 49D81AB97B648464D0B4A288BD7818FAB41A16426E943527C4FED8736C53D0F6 + +k = 28948025760307534517734791687894775804466072615242963443097661355606862201087 +x = CBCEAAA8A4DD44BBCE58E8DB7740A5510EC2CB7EA8DA8D8F036B3FB04CDA4DE4 +y = 4BD7AA301A80D7F59FD983FEDBE59BB7B2863FE46494935E3745B360E32332FA + +k = 113078210460870548944811695960290644973229224625838436424477095834645696384 +x = F0C4A0576154FF3A33A3460D42EAED806E854DFA37125221D37935124BA462A4 +y = 5B392FA964434D29EEC6C9DBC261CF116796864AA2FAADB984A2DF38D1AEF7A3 + +k = 12078056106883488161242983286051341125085761470677906721917479268909056 +x = 5E6C8524B6369530B12C62D31EC53E0288173BD662BDF680B53A41ECBCAD00CC +y = 447FE742C2BFEF4D0DB14B5B83A2682309B5618E0064A94804E9282179FE089F + +k = 57782969857385448082319957860328652998540760998293976083718804450708503920639 +x = 03792E541BC209076A3D7920A915021ECD396A6EB5C3960024BE5575F3223484 +y = FC774AE092403101563B712F68170312304F20C80B40C06282063DB25F268DE4 + +k = 57896017119460046759583662757090100341435943767777707906455551163257755533312 +x = 2379FF85AB693CDF901D6CE6F2473F39C04A2FE3DCD842CE7AAB0E002095BCF8 +y = F8B476530A634589D5129E46F322B02FBC610A703D80875EE70D7CE1877436A1 + +k = 452312848374287284681282171017647412726433684238464212999305864837160993279 +x = C1E4072C529BF2F44DA769EFC934472848003B3AF2C0F5AA8F8DDBD53E12ED7C +y = 39A6EE77812BB37E8079CD01ED649D3830FCA46F718C1D3993E4A591824ABCDB + +k = 904571339174065134293634407946054000774746055866917729876676367558469746684 +x = 34DFBC09404C21E250A9B40FA8772897AC63A094877DB65862B61BD1507B34F3 +y = CF6F8A876C6F99CEAEC87148F18C7E1E0DA6E165FFC8ED82ABB65955215F77D3 + +k = 115792089210356248762697446949407573529996955224135760342422259061068512044349 +x = 83A01A9378395BAB9BCD6A0AD03CC56D56E6B19250465A94A234DC4C6B28DA9A +y = 891B64911D08CDCC5195A14629ED48A360DDFD4596DC0AB007DBF5557909BF47 + +k = 115792089210356248762697446949407573529996955224135760342422259061068512044350 +x = CB6D2861102C0C25CE39B7C17108C507782C452257884895C1FC7B74AB03ED83 +y = A7289EB3DB2610AFA3CA18EFF292931B5B698E92CF05C1FC1C6EAF8AD4313255 + +k = 115792089210356248762697446949407573529996955224135760342422259061068512044351 +x = 1057E0AB5780F470DEFC9378D1C7C87437BB4C6F9EA55C63D936266DBD781FDA +y = 090E9BA4EA341A246056482026911A58233EE4A4A10B0E08727C4CC6C395BA5D + +k = 115792089210356248762697446949407573529996955224135760342422259061068512044352 +x = 47776904C0F1CC3A9C0984B66F75301A5FA68678F0D64AF8BA1ABCE34738A73E +y = 55FFA1184A46A8D89DCE7A9A889B717C7E4D7FBCD72A8CC0CD0878008E0E0323 + +k = 115792089210356248762697446949407573529996955224135760342422259061068512044353 +x = 76A94D138A6B41858B821C629836315FCD28392EFF6CA038A5EB4787E1277C6E +y = 567A019DCBE0D9F2934F5E4A1EE178DF7A665FFCF0387455F162228DB473AEEF + +k = 115792089210356248762697446949407573529996955224135760342422259061068512044354 +x = F0454DC6971ABAE7ADFB378999888265AE03AF92DE3A0EF163668C63E59B9D5F +y = 4A46C11BA6D1D2E1B19A6B1AE069BC19D5C4DE328A4A05C0B81A6321F2FCB0C9 + +k = 115792089210356248762697446949407573529996955224135760342422259061068512044355 +x = 54E77A001C3862B97A76647F4336DF3CF126ACBE7A069C5E5709277324D2920B +y = 0A660E43D60BCE8BBDEDE073FA5D183C8E8E15898CAF6FF7E45837D09F2F4C8A + +k = 115792089210356248762697446949407573529996955224135760342422259061068512044356 +x = 177C837AE0AC495A61805DF2D85EE2FC792E284B65EAD58A98E15D9D46072C01 +y = 9C44A731B1415AA85DBF6E524BF0B18DD911EB3D5E04B20C63BC441D10384027 + +k = 115792089210356248762697446949407573529996955224135760342422259061068512044357 +x = 741DD5BDA817D95E4626537320E5D55179983028B2F82C99D500C5EE8624E3C4 +y = F88F4B9463C7A024A98C7CAAB7784EAB71146ED4CA45A358E66A00DD32BB7E2C + +k = 115792089210356248762697446949407573529996955224135760342422259061068512044358 +x = 3ED113B7883B4C590638379DB0C21CDA16742ED0255048BF433391D374BC21D1 +y = 6F66DF64333B375EDB37BC505B0B3975F6F2FB26A16776251D07110317D5C8BF + +k = 115792089210356248762697446949407573529996955224135760342422259061068512044359 +x = CEF66D6B2A3A993E591214D1EA223FB545CA6C471C48306E4C36069404C5723F +y = 78799D5CD655517091EDC32262C4B3EFA6F212D7018AE11135CB4455BB50F88C + +k = 115792089210356248762697446949407573529996955224135760342422259061068512044360 +x = EA68D7B6FEDF0B71878938D51D71F8729E0ACB8C2C6DF8B3D79E8A4B90949EE0 +y = D5D8BB358D36031978FEB569B5715F37B28EB0165B217DC017A5DDB5B22FB705 + +k = 115792089210356248762697446949407573529996955224135760342422259061068512044361 +x = 62D9779DBEE9B0534042742D3AB54CADC1D238980FCE97DBB4DD9DC1DB6FB393 +y = 52A533416E1627DCB00EA288EE98311F5D12AE0A4418958725ABF595F0F66A81 + +k = 115792089210356248762697446949407573529996955224135760342422259061068512044362 +x = 8E533B6FA0BF7B4625BB30667C01FB607EF9F8B8A80FEF5B300628703187B2A3 +y = 8C14E2411FCCE7CA92F9607C590A6FFFAC38C9CD34FBE4DE3AA1E5793E0BFF4B + +k = 115792089210356248762697446949407573529996955224135760342422259061068512044363 +x = B01A172A76A4602C92D3242CB897DDE3024C740DEBB215B4C6B0AAE93C2291A9 +y = 17A3EF8ACDC8252B9013F1D20458FC86E3FF0890E381E9420283B7AC7038801D + +k = 115792089210356248762697446949407573529996955224135760342422259061068512044364 +x = 51590B7A515140D2D784C85608668FDFEF8C82FD1F5BE52421554A0DC3D033ED +y = 1F3E82566FB58D83751E40C9407586D9F2FED1002B27F7772E2F44BB025E925B + +k = 115792089210356248762697446949407573529996955224135760342422259061068512044365 +x = E2534A3532D08FBBA02DDE659EE62BD0031FE2DB785596EF509302446B030852 +y = 1F0EA8A4B39CC339E62011A02579D289B103693D0CF11FFAA3BD3DC0E7B12739 + +k = 115792089210356248762697446949407573529996955224135760342422259061068512044366 +x = 5ECBE4D1A6330A44C8F7EF951D4BF165E6C6B721EFADA985FB41661BC6E7FD6C +y = 78CB9BF2B6670082C8B4F931E59B5D1327D54FCAC7B047C265864ED85D82AFCD + +k = 115792089210356248762697446949407573529996955224135760342422259061068512044367 +x = 7CF27B188D034F7E8A52380304B51AC3C08969E277F21B35A60B48FC47669978 +y = F888AAEE24712FC0D6C26539608BCF244582521AC3167DD661FB4862DD878C2E + +k = 115792089210356248762697446949407573529996955224135760342422259061068512044368 +x = 6B17D1F2E12C4247F8BCE6E563A440F277037D812DEB33A0F4A13945D898C296 +y = B01CBD1C01E58065711814B583F061E9D431CCA994CEA1313449BF97C840AE0A + + + Curve: P384 +------------- +k = 1 +x = AA87CA22BE8B05378EB1C71EF320AD746E1D3B628BA79B9859F741E082542A385502F25DBF55296C3A545E3872760AB7 +y = 3617DE4A96262C6F5D9E98BF9292DC29F8F41DBD289A147CE9DA3113B5F0B8C00A60B1CE1D7E819D7A431D7C90EA0E5F + +k = 2 +x = 08D999057BA3D2D969260045C55B97F089025959A6F434D651D207D19FB96E9E4FE0E86EBE0E64F85B96A9C75295DF61 +y = 8E80F1FA5B1B3CEDB7BFE8DFFD6DBA74B275D875BC6CC43E904E505F256AB4255FFD43E94D39E22D61501E700A940E80 + +k = 3 +x = 077A41D4606FFA1464793C7E5FDC7D98CB9D3910202DCD06BEA4F240D3566DA6B408BBAE5026580D02D7E5C70500C831 +y = C995F7CA0B0C42837D0BBE9602A9FC998520B41C85115AA5F7684C0EDC111EACC24ABD6BE4B5D298B65F28600A2F1DF1 + +k = 4 +x = 138251CD52AC9298C1C8AAD977321DEB97E709BD0B4CA0ACA55DC8AD51DCFC9D1589A1597E3A5120E1EFD631C63E1835 +y = CACAE29869A62E1631E8A28181AB56616DC45D918ABC09F3AB0E63CF792AA4DCED7387BE37BBA569549F1C02B270ED67 + +k = 5 +x = 11DE24A2C251C777573CAC5EA025E467F208E51DBFF98FC54F6661CBE56583B037882F4A1CA297E60ABCDBC3836D84BC +y = 8FA696C77440F92D0F5837E90A00E7C5284B447754D5DEE88C986533B6901AEB3177686D0AE8FB33184414ABE6C1713A + +k = 6 +x = 627BE1ACD064D2B2226FE0D26F2D15D3C33EBCBB7F0F5DA51CBD41F26257383021317D7202FF30E50937F0854E35C5DF +y = 09766A4CB3F8B1C21BE6DDA6C14F1575B2C95352644F774C99864F613715441604C45B8D84E165311733A408D3F0F934 + +k = 7 +x = 283C1D7365CE4788F29F8EBF234EDFFEAD6FE997FBEA5FFA2D58CC9DFA7B1C508B05526F55B9EBB2040F05B48FB6D0E1 +y = 9475C99061E41B88BA52EFDB8C1690471A61D867ED799729D9C92CD01DBD225630D84EDE32A78F9E64664CDAC512EF8C + +k = 8 +x = 1692778EA596E0BE75114297A6FA383445BF227FBE58190A900C3C73256F11FB5A3258D6F403D5ECE6E9B269D822C87D +y = DCD2365700D4106A835388BA3DB8FD0E22554ADC6D521CD4BD1C30C2EC0EEC196BADE1E9CDD1708D6F6ABFA4022B0AD2 + +k = 9 +x = 8F0A39A4049BCB3EF1BF29B8B025B78F2216F7291E6FD3BAC6CB1EE285FB6E21C388528BFEE2B9535C55E4461079118B +y = 62C77E1438B601D6452C4A5322C3A9799A9B3D7CA3C400C6B7678854AED9B3029E743EFEDFD51B68262DA4F9AC664AF8 + +k = 10 +x = A669C5563BD67EEC678D29D6EF4FDE864F372D90B79B9E88931D5C29291238CCED8E85AB507BF91AA9CB2D13186658FB +y = A988B72AE7C1279F22D9083DB5F0ECDDF70119550C183C31C502DF78C3B705A8296D8195248288D997784F6AB73A21DD + +k = 11 +x = 099056E27DA7B998DA1EEEC2904816C57FE935ED5837C37456C9FD14892D3F8C4749B66E3AFB81D626356F3B55B4DDD8 +y = 2E4C0C234E30AB96688505544AC5E0396FC4EED8DFC363FD43FF93F41B52A3255466D51263AAFF357D5DBA8138C5E0BB + +k = 12 +x = 952A7A349BD49289AB3AC421DCF683D08C2ED5E41F6D0E21648AF2691A481406DA4A5E22DA817CB466DA2EA77D2A7022 +y = A0320FAF84B5BC0563052DEAE6F66F2E09FB8036CE18A0EBB9028B096196B50D031AA64589743E229EF6BACCE21BD16E + +k = 13 +x = A567BA97B67AEA5BAFDAF5002FFCC6AB9632BFF9F01F873F6267BCD1F0F11C139EE5F441ABD99F1BAAF1CA1E3B5CBCE7 +y = DE1B38B3989F3318644E4147AF164ECC5185595046932EC086329BE057857D66776BCB8272218A7D6423A12736F429CC + +k = 14 +x = E8C8F94D44FBC2396BBEAC481B89D2B0877B1DFFD23E7DC95DE541EB651CCA2C41ABA24DBC02DE6637209ACCF0F59EA0 +y = 891AE44356FC8AE0932BCBF6DE52C8A933B86191E7728D79C8319413A09D0F48FC468BA05509DE22D7EE5C9E1B67B888 + +k = 15 +x = B3D13FC8B32B01058CC15C11D813525522A94156FFF01C205B21F9F7DA7C4E9CA849557A10B6383B4B88701A9606860B +y = 152919E7DF9162A61B049B2536164B1BEEBAC4A11D749AF484D1114373DFBFD9838D24F8B284AF50985D588D33F7BD62 + +k = 16 +x = D5D89C3B5282369C5FBD88E2B231511A6B80DFF0E5152CF6A464FA9428A8583BAC8EBC773D157811A462B892401DAFCF +y = D815229DE12906D241816D5E9A9448F1D41D4FC40E2A3BDB9CABA57E440A7ABAD1210CB8F49BF2236822B755EBAB3673 + +k = 17 +x = 4099952208B4889600A5EBBCB13E1A32692BEFB0733B41E6DCC614E42E5805F817012A991AF1F486CAF3A9ADD9FFCC03 +y = 5ECF94777833059839474594AF603598163AD3F8008AD0CD9B797D277F2388B304DA4D2FAA9680ECFA650EF5E23B09A0 + +k = 18 +x = DFB1FE3A40F7AC9B64C41D39360A7423828B97CB088A4903315E402A7089FA0F8B6C2355169CC9C99DFB44692A9B93DD +y = 453ACA1243B5EC6B423A68A25587E1613A634C1C42D2EE7E6C57F449A1C91DC89168B7036EC0A7F37A366185233EC522 + +k = 19 +x = 8D481DAB912BC8AB16858A211D750B77E07DBECCA86CD9B012390B430467AABF59C8651060801C0E9599E68713F5D41B +y = A1592FF0121460857BE99F2A60669050B2291B68A1039AA0594B32FD7ADC0E8C11FFBA5608004E646995B07E75E52245 + +k = 20 +x = 605508EC02C534BCEEE9484C86086D2139849E2B11C1A9CA1E2808DEC2EAF161AC8A105D70D4F85C50599BE5800A623F +y = 5158EE87962AC6B81F00A103B8543A07381B7639A3A65F1353AEF11B733106DDE92E99B78DE367B48E238C38DAD8EEDD + +k = 112233445566778899 +x = A499EFE48839BC3ABCD1C5CEDBDD51904F9514DB44F4686DB918983B0C9DC3AEE05A88B72433E9515F91A329F5F4FA60 +y = 3B7CA28EF31F809C2F1BA24AAED847D0F8B406A4B8968542DE139DB5828CA410E615D1182E25B91B1131E230B727D36A + +k = 112233445566778899112233445566778899 +x = 90A0B1CAC601676B083F21E07BC7090A3390FE1B9C7F61D842D27FA315FB38D83667A11A71438773E483F2A114836B24 +y = 3197D3C6123F0D6CD65D5F0DE106FEF36656CB16DC7CD1A6817EB1D51510135A8F492F72665CFD1053F75ED03A7D04C9 + +k = 10158184112867540819754776755819761756724522948540419979637868435924061464745859402573149498125806098880003248619520 +x = F2A066BD332DC59BBC3D01DA1B124C687D8BB44611186422DE94C1DA4ECF150E664D353CCDB5CB2652685F8EB4D2CD49 +y = D6ED0BF75FDD8E53D87765FA746835B673881D6D1907163A2C43990D75B454294F942EC571AD5AAE1806CAF2BB8E9A4A + +k = 9850501551105991028245052605056992139810094908912799254115847683881357749738726091734403950439157209401153690566655 +x = 5C7F9845D1C4AA44747F9137B6F9C39B36B26B8A62E8AF97290434D5F3B214F5A0131550ADB19058DC4C8780C4165C4A +y = 712F7FCCC86F647E70DB8798228CB16344AF3D00B139B6F8502939C2A965AF0EB4E39E2E16AB8F597B8D5630A50C9D85 + +k = 9850502723405747097317271194763310482462751455185699630571661657946308788426092983270628740691202018691293898608608 +x = DD5838F7EC3B8ACF1BECFD746F8B668C577107E93548ED93ED0D254C112E76B10F053109EF8428BFCD50D38C4C030C57 +y = 33244F479CDAC34F160D9E4CE2D19D2FF0E3305B5BF0EEF29E91E9DE6E28F678C61B773AA7E3C03740E1A49D1AA2493C + +k = 1146189371817832990947611400450889406070215735255370280811736587845016396640969656447803207438173695115264 +x = CB8ED893530BFBA04B4CA655923AAAD109A62BC8411D5925316C32D33602459C33057A1FBCB5F70AEB295D90F9165FBC +y = 426AEE3E91B08420F9B357B66D5AFCBCF3956590BF5564DBF9086042EB880493D19DA39AAA6436C6B5FC66CE5596B43F + +k = 9619341438217097641865390297189708858938017986426152622639500179774624579127744608993294698873437325090751520764 +x = 67F714012B6B070182122DDD435CC1C2262A1AB88939BC6A2906CB2B4137C5E82B4582160F6403CAB887ACDF5786A268 +y = 90E31CF398CE2F8C5897C7380BF541075D1B4D3CB70547262B7095731252F181AC0597C66AF8311C7780DB39DEC0BD32 + +k = 1231307996623833742387400352380172566077927415136813282735641918395585376659282194317590461518639141730493780722175 +x = 55A79DF7B53A99D31462C7E1A5ED5623970715BB1021098CB973A7520CBD6365E613E4B2467486FB37E86E01CEE09B8F +y = B95AEB71693189911661B709A886A1867F056A0EFE401EE11C06030E46F7A87731DA4575863178012208707DD666727C + +k = 587118838854683800942906722504810343086699021451906946003274128973058942197377013128840514404789143516741631 +x = 9539A968CF819A0E52E10EEA3BACA1B6480D7E4DF69BC07002C568569047110EE4FE72FCA423FDD5179D6E0E19C44844 +y = A7728F37A0AE0DF2716061900D83A4DA149144129F89A214A8260464BAB609BB322E4E67DE5E4C4C6CB8D25983EC19B0 + +k = 153914077530671739663795070876894766451466019374644150541452557147890542143280855693795882295846834387672681660416 +x = 933FC13276672AB360D909161CD02D830B1628935DF0D800C6ED602C59D575A86A8A97E3A2D697E3ED06BE741C0097D6 +y = F35296BD7A6B4C6C025ED6D84338CCCC7522A45C5D4FBDB1442556CAEFB598128FA188793ADA510EB5F44E90A4E4BEF1 + +k = 75148784606135150476268171850082176256856776750560539466196504390587921789283134009866871754361028131485122560 +x = 0CE31E1C4A937071E6EBACA026A93D783848BCC0C1585DAF639518125FCD1F1629D63041ABFB11FFC8F03FA8B6FCF6BF +y = A69EA55BE4BEAB2D5224050FEBFFBDFCFD614624C3B4F228909EB80012F003756D1C377E52F04FA539237F24DD080E2E + +k = 19691383761310193665095292424754807745686799029814707849273381514021788371252213000473497648851202400395528761229312 +x = 6842CFE3589AC268818291F31D44177A9168DCBC19F321ED66D81ECF59E31B54CCA0DDFD4C4136780171748D69A91C54 +y = E3A5ECD5AC725F13DBC631F358C6E817EDCF3A613B83832741A9DB591A0BAE767FC714F70C2E7EA891E4312047DECCC0 + +k = 39402006196394479212279040100143613805079739270465446667946905279627659399113263569398956308152294913554433653942623 +x = 605508EC02C534BCEEE9484C86086D2139849E2B11C1A9CA1E2808DEC2EAF161AC8A105D70D4F85C50599BE5800A623F +y = AEA7117869D53947E0FF5EFC47ABC5F8C7E489C65C59A0ECAC510EE48CCEF92116D16647721C984B71DC73C825271122 + +k = 39402006196394479212279040100143613805079739270465446667946905279627659399113263569398956308152294913554433653942624 +x = 8D481DAB912BC8AB16858A211D750B77E07DBECCA86CD9B012390B430467AABF59C8651060801C0E9599E68713F5D41B +y = 5EA6D00FEDEB9F7A841660D59F996FAF4DD6E4975EFC655FA6B4CD028523F172EE0045A8F7FFB19B966A4F828A1ADDBA + +k = 39402006196394479212279040100143613805079739270465446667946905279627659399113263569398956308152294913554433653942625 +x = DFB1FE3A40F7AC9B64C41D39360A7423828B97CB088A4903315E402A7089FA0F8B6C2355169CC9C99DFB44692A9B93DD +y = BAC535EDBC4A1394BDC5975DAA781E9EC59CB3E3BD2D118193A80BB65E36E2366E9748FB913F580C85C99E7BDCC13ADD + +k = 39402006196394479212279040100143613805079739270465446667946905279627659399113263569398956308152294913554433653942626 +x = 4099952208B4889600A5EBBCB13E1A32692BEFB0733B41E6DCC614E42E5805F817012A991AF1F486CAF3A9ADD9FFCC03 +y = A1306B8887CCFA67C6B8BA6B509FCA67E9C52C07FF752F32648682D880DC774BFB25B2CF55697F13059AF10B1DC4F65F + +k = 39402006196394479212279040100143613805079739270465446667946905279627659399113263569398956308152294913554433653942627 +x = D5D89C3B5282369C5FBD88E2B231511A6B80DFF0E5152CF6A464FA9428A8583BAC8EBC773D157811A462B892401DAFCF +y = 27EADD621ED6F92DBE7E92A1656BB70E2BE2B03BF1D5C42463545A81BBF585442EDEF3460B640DDC97DD48AB1454C98C + +k = 39402006196394479212279040100143613805079739270465446667946905279627659399113263569398956308152294913554433653942628 +x = B3D13FC8B32B01058CC15C11D813525522A94156FFF01C205B21F9F7DA7C4E9CA849557A10B6383B4B88701A9606860B +y = EAD6E618206E9D59E4FB64DAC9E9B4E411453B5EE28B650B7B2EEEBC8C2040257C72DB064D7B50AF67A2A773CC08429D + +k = 39402006196394479212279040100143613805079739270465446667946905279627659399113263569398956308152294913554433653942629 +x = E8C8F94D44FBC2396BBEAC481B89D2B0877B1DFFD23E7DC95DE541EB651CCA2C41ABA24DBC02DE6637209ACCF0F59EA0 +y = 76E51BBCA903751F6CD4340921AD3756CC479E6E188D728637CE6BEC5F62F0B603B9745EAAF621DD2811A362E4984777 + +k = 39402006196394479212279040100143613805079739270465446667946905279627659399113263569398956308152294913554433653942630 +x = A567BA97B67AEA5BAFDAF5002FFCC6AB9632BFF9F01F873F6267BCD1F0F11C139EE5F441ABD99F1BAAF1CA1E3B5CBCE7 +y = 21E4C74C6760CCE79BB1BEB850E9B133AE7AA6AFB96CD13F79CD641FA87A82988894347C8DDE75829BDC5ED9C90BD633 + +k = 39402006196394479212279040100143613805079739270465446667946905279627659399113263569398956308152294913554433653942631 +x = 952A7A349BD49289AB3AC421DCF683D08C2ED5E41F6D0E21648AF2691A481406DA4A5E22DA817CB466DA2EA77D2A7022 +y = 5FCDF0507B4A43FA9CFAD215190990D1F6047FC931E75F1446FD74F69E694AF1FCE559B9768BC1DD610945341DE42E91 + +k = 39402006196394479212279040100143613805079739270465446667946905279627659399113263569398956308152294913554433653942632 +x = 099056E27DA7B998DA1EEEC2904816C57FE935ED5837C37456C9FD14892D3F8C4749B66E3AFB81D626356F3B55B4DDD8 +y = D1B3F3DCB1CF5469977AFAABB53A1FC6903B1127203C9C02BC006C0BE4AD5CD9AB992AEC9C5500CA82A2457FC73A1F44 + +k = 39402006196394479212279040100143613805079739270465446667946905279627659399113263569398956308152294913554433653942633 +x = A669C5563BD67EEC678D29D6EF4FDE864F372D90B79B9E88931D5C29291238CCED8E85AB507BF91AA9CB2D13186658FB +y = 567748D5183ED860DD26F7C24A0F132208FEE6AAF3E7C3CE3AFD20873C48FA56D6927E69DB7D77266887B09648C5DE22 + +k = 39402006196394479212279040100143613805079739270465446667946905279627659399113263569398956308152294913554433653942634 +x = 8F0A39A4049BCB3EF1BF29B8B025B78F2216F7291E6FD3BAC6CB1EE285FB6E21C388528BFEE2B9535C55E4461079118B +y = 9D3881EBC749FE29BAD3B5ACDD3C56866564C2835C3BFF39489877AB51264CFC618BC100202AE497D9D25B075399B507 + +k = 39402006196394479212279040100143613805079739270465446667946905279627659399113263569398956308152294913554433653942635 +x = 1692778EA596E0BE75114297A6FA383445BF227FBE58190A900C3C73256F11FB5A3258D6F403D5ECE6E9B269D822C87D +y = 232DC9A8FF2BEF957CAC7745C24702F1DDAAB52392ADE32B42E3CF3D13F113E594521E15322E8F729095405CFDD4F52D + +k = 39402006196394479212279040100143613805079739270465446667946905279627659399113263569398956308152294913554433653942636 +x = 283C1D7365CE4788F29F8EBF234EDFFEAD6FE997FBEA5FFA2D58CC9DFA7B1C508B05526F55B9EBB2040F05B48FB6D0E1 +y = 6B8A366F9E1BE47745AD102473E96FB8E59E2798128668D62636D32FE242DDA8CF27B120CD5870619B99B3263AED1073 + +k = 39402006196394479212279040100143613805079739270465446667946905279627659399113263569398956308152294913554433653942637 +x = 627BE1ACD064D2B2226FE0D26F2D15D3C33EBCBB7F0F5DA51CBD41F26257383021317D7202FF30E50937F0854E35C5DF +y = F68995B34C074E3DE41922593EB0EA8A4D36ACAD9BB088B36679B09EC8EABBE8FB3BA4717B1E9ACEE8CC5BF82C0F06CB + +k = 39402006196394479212279040100143613805079739270465446667946905279627659399113263569398956308152294913554433653942638 +x = 11DE24A2C251C777573CAC5EA025E467F208E51DBFF98FC54F6661CBE56583B037882F4A1CA297E60ABCDBC3836D84BC +y = 705969388BBF06D2F0A7C816F5FF183AD7B4BB88AB2A211773679ACC496FE513CE889791F51704CCE7BBEB55193E8EC5 + +k = 39402006196394479212279040100143613805079739270465446667946905279627659399113263569398956308152294913554433653942639 +x = 138251CD52AC9298C1C8AAD977321DEB97E709BD0B4CA0ACA55DC8AD51DCFC9D1589A1597E3A5120E1EFD631C63E1835 +y = 35351D679659D1E9CE175D7E7E54A99E923BA26E7543F60C54F19C3086D55B22128C7840C8445A96AB60E3FE4D8F1298 + +k = 39402006196394479212279040100143613805079739270465446667946905279627659399113263569398956308152294913554433653942640 +x = 077A41D4606FFA1464793C7E5FDC7D98CB9D3910202DCD06BEA4F240D3566DA6B408BBAE5026580D02D7E5C70500C831 +y = 366A0835F4F3BD7C82F44169FD5603667ADF4BE37AEEA55A0897B3F123EEE1523DB542931B4A2D6749A0D7A0F5D0E20E + +k = 39402006196394479212279040100143613805079739270465446667946905279627659399113263569398956308152294913554433653942641 +x = 08D999057BA3D2D969260045C55B97F089025959A6F434D651D207D19FB96E9E4FE0E86EBE0E64F85B96A9C75295DF61 +y = 717F0E05A4E4C312484017200292458B4D8A278A43933BC16FB1AFA0DA954BD9A002BC15B2C61DD29EAFE190F56BF17F + +k = 39402006196394479212279040100143613805079739270465446667946905279627659399113263569398956308152294913554433653942642 +x = AA87CA22BE8B05378EB1C71EF320AD746E1D3B628BA79B9859F741E082542A385502F25DBF55296C3A545E3872760AB7 +y = C9E821B569D9D390A26167406D6D23D6070BE242D765EB831625CEEC4A0F473EF59F4E30E2817E6285BCE2846F15F1A0 + + + Curve: P521 +------------- +k = 1 +x = 00C6858E06B70404E9CD9E3ECB662395B4429C648139053FB521F828AF606B4D3DBAA14B5E77EFE75928FE1DC127A2FFA8DE3348B3C1856A429BF97E7E31C2E5BD66 +y = 011839296A789A3BC0045C8A5FB42C7D1BD998F54449579B446817AFBD17273E662C97EE72995EF42640C550B9013FAD0761353C7086A272C24088BE94769FD16650 + +k = 2 +x = 00433C219024277E7E682FCB288148C282747403279B1CCC06352C6E5505D769BE97B3B204DA6EF55507AA104A3A35C5AF41CF2FA364D60FD967F43E3933BA6D783D +y = 00F4BB8CC7F86DB26700A7F3ECEEEED3F0B5C6B5107C4DA97740AB21A29906C42DBBB3E377DE9F251F6B93937FA99A3248F4EAFCBE95EDC0F4F71BE356D661F41B02 + +k = 3 +x = 01A73D352443DE29195DD91D6A64B5959479B52A6E5B123D9AB9E5AD7A112D7A8DD1AD3F164A3A4832051DA6BD16B59FE21BAEB490862C32EA05A5919D2EDE37AD7D +y = 013E9B03B97DFA62DDD9979F86C6CAB814F2F1557FA82A9D0317D2F8AB1FA355CEEC2E2DD4CF8DC575B02D5ACED1DEC3C70CF105C9BC93A590425F588CA1EE86C0E5 + +k = 4 +x = 0035B5DF64AE2AC204C354B483487C9070CDC61C891C5FF39AFC06C5D55541D3CEAC8659E24AFE3D0750E8B88E9F078AF066A1D5025B08E5A5E2FBC87412871902F3 +y = 0082096F84261279D2B673E0178EB0B4ABB65521AEF6E6E32E1B5AE63FE2F19907F279F283E54BA385405224F750A95B85EEBB7FAEF04699D1D9E21F47FC346E4D0D + +k = 5 +x = 00652BF3C52927A432C73DBC3391C04EB0BF7A596EFDB53F0D24CF03DAB8F177ACE4383C0C6D5E3014237112FEAF137E79A329D7E1E6D8931738D5AB5096EC8F3078 +y = 015BE6EF1BDD6601D6EC8A2B73114A8112911CD8FE8E872E0051EDD817C9A0347087BB6897C9072CF374311540211CF5FF79D1F007257354F7F8173CC3E8DEB090CB + +k = 6 +x = 01EE4569D6CDB59219532EFF34F94480D195623D30977FD71CF3981506ADE4AB01525FBCCA16153F7394E0727A239531BE8C2F66E95657F380AE23731BEDF79206B9 +y = 01DE0255AD0CC64F586AE2DD270546E3B1112AABBB73DA5A808E7240A926201A8A96CAB72D0E56648C9DF96C984DE274F2203DC7B8B55CA0DADE1EACCD7858D44F17 + +k = 7 +x = 0056D5D1D99D5B7F6346EEB65FDA0B073A0C5F22E0E8F5483228F018D2C2F7114C5D8C308D0ABFC698D8C9A6DF30DCE3BBC46F953F50FDC2619A01CEAD882816ECD4 +y = 003D2D1B7D9BAAA2A110D1D8317A39D68478B5C582D02824F0DD71DBD98A26CBDE556BD0F293CDEC9E2B9523A34591CE1A5F9E76712A5DDEFC7B5C6B8BC90525251B + +k = 8 +x = 000822C40FB6301F7262A8348396B010E25BD4E29D8A9B003E0A8B8A3B05F826298F5BFEA5B8579F49F08B598C1BC8D79E1AB56289B5A6F4040586F9EA54AA78CE68 +y = 016331911D5542FC482048FDAB6E78853B9A44F8EDE9E2C0715B5083DE610677A8F189E9C0AA5911B4BFF0BA0DF065C578699F3BA940094713538AD642F11F17801C + +k = 9 +x = 01585389E359E1E21826A2F5BF157156D488ED34541B988746992C4AB145B8C6B6657429E1396134DA35F3C556DF725A318F4F50BABD85CD28661F45627967CBE207 +y = 002A2E618C9A8AEDF39F0B55557A27AE938E3088A654EE1CEBB6C825BA263DDB446E0D69E5756057AC840FF56ECF4ABFD87D736C2AE928880F343AA0EA86B9AD2A4E + +k = 10 +x = 0190EB8F22BDA61F281DFCFE7BB6721EC4CD901D879AC09AC7C34A9246B11ADA8910A2C7C178FCC263299DAA4DA9842093F37C2E411F1A8E819A87FF09A04F2F3320 +y = 01EB5D96B8491614BA9DBAEAB3B0CA2BA760C2EEB2144251B20BA97FD78A62EF62D2BF5349D44D9864BB536F6163DC57EBEFF3689639739FAA172954BC98135EC759 + +k = 11 +x = 008A75841259FDEDFF546F1A39573B4315CFED5DC7ED7C17849543EF2C54F2991652F3DBC5332663DA1BD19B1AEBE3191085015C024FA4C9A902ECC0E02DDA0CDB9A +y = 0096FB303FCBBA2129849D0CA877054FB2293ADD566210BD0493ED2E95D4E0B9B82B1BC8A90E8B42A4AB3892331914A95336DCAC80E3F4819B5D58874F92CE48C808 + +k = 12 +x = 01C0D9DCEC93F8221C5DE4FAE9749C7FDE1E81874157958457B6107CF7A5967713A644E90B7C3FB81B31477FEE9A60E938013774C75C530928B17BE69571BF842D8C +y = 014048B5946A4927C0FE3CE1D103A682CA4763FE65AB71494DA45E404ABF6A17C097D6D18843D86FCDB6CC10A6F951B9B630884BA72224F5AE6C79E7B1A3281B17F0 + +k = 13 +x = 007E3E98F984C396AD9CD7865D2B4924861A93F736CDE1B4C2384EEDD2BEAF5B866132C45908E03C996A3550A5E79AB88EE94BEC3B00AB38EFF81887848D32FBCDA7 +y = 0108EE58EB6D781FEDA91A1926DAA3ED5A08CED50A386D5421C69C7A67AE5C1E212AC1BD5D5838BC763F26DFDD351CBFBBC36199EAAF9117E9F7291A01FB022A71C9 + +k = 14 +x = 01875BC7DC551B1B65A9E1B8CCFAAF84DED1958B401494116A2FD4FB0BABE0B3199974FC06C8B897222D79DF3E4B7BC744AA6767F6B812EFBF5D2C9E682DD3432D74 +y = 005CA4923575DACB5BD2D66290BBABB4BDFB8470122B8E51826A0847CE9B86D7ED62D07781B1B4F3584C11E89BF1D133DC0D5B690F53A87C84BE41669F852700D54A + +k = 15 +x = 006B6AD89ABCB92465F041558FC546D4300FB8FBCC30B40A0852D697B532DF128E11B91CCE27DBD00FFE7875BD1C8FC0331D9B8D96981E3F92BDE9AFE337BCB8DB55 +y = 01B468DA271571391D6A7CE64D2333EDBF63DF0496A9BAD20CBA4B62106997485ED57E9062C899470A802148E2232C96C99246FD90CC446ABDD956343480A1475465 + +k = 16 +x = 01D17D10D8A89C8AD05DDA97DA26AC743B0B2A87F66192FD3F3DD632F8D20B188A52943FF18861CA00A0E5965DA7985630DF0DBF5C8007DCDC533A6C508F81A8402F +y = 007A37343C582D77001FC714B18D3D3E69721335E4C3B800D50EC7CA30C94B6B82C1C182E1398DB547AA0B3075AC9D9988529E3004D28D18633352E272F89BC73ABE + +k = 17 +x = 01B00DDB707F130EDA13A0B874645923906A99EE9E269FA2B3B4D66524F269250858760A69E674FE0287DF4E799B5681380FF8C3042AF0D1A41076F817A853110AE0 +y = 0085683F1D7DB16576DBC111D4E4AEDDD106B799534CF69910A98D68AC2B22A1323DF9DA564EF6DD0BF0D2F6757F16ADF420E6905594C2B755F535B9CB7C70E64647 + +k = 18 +x = 01BC33425E72A12779EACB2EDCC5B63D1281F7E86DBC7BF99A7ABD0CFE367DE4666D6EDBB8525BFFE5222F0702C3096DEC0884CE572F5A15C423FDF44D01DD99C61D +y = 010D06E999885B63535DE3E74D33D9E63D024FB07CE0D196F2552C8E4A00AC84C044234AEB201F7A9133915D1B4B45209B9DA79FE15B19F84FD135D841E2D8F9A86A + +k = 19 +x = 00998DCCE486419C3487C0F948C2D5A1A07245B77E0755DF547EFFF0ACDB3790E7F1FA3B3096362669679232557D7A45970DFECF431E725BBDE478FF0B2418D6A19B +y = 0137D5DA0626A021ED5CC3942497535B245D67D28AEE2B7BCF4ACC50EEE36545772773AD963FF2EB8CF9B0EC39991631C377F5A4D89EA9FBFE44A9091A695BFD0575 + +k = 20 +x = 018BDD7F1B889598A4653DEEAE39CC6F8CC2BD767C2AB0D93FB12E968FBED342B51709506339CB1049CB11DD48B9BDB3CD5CAD792E43B74E16D8E2603BFB11B0344F +y = 00C5AADBE63F68CA5B6B6908296959BF0AF89EE7F52B410B9444546C550952D311204DA3BDDDC6D4EAE7EDFAEC1030DA8EF837CCB22EEE9CFC94DD3287FED0990F94 + +k = 112233445566778899 +x = 01650048FBD63E8C30B305BF36BD7643B91448EF2206E8A0CA84A140789A99B0423A0A2533EA079CA7E049843E69E5FA2C25A163819110CEC1A30ACBBB3A422A40D8 +y = 010C9C64A0E0DB6052DBC5646687D06DECE5E9E0703153EFE9CB816FE025E85354D3C5F869D6DB3F4C0C01B5F97919A5E72CEEBE03042E5AA99112691CFFC2724828 + +k = 112233445566778899112233445566778899 +x = 017E1370D39C9C63925DAEEAC571E21CAAF60BD169191BAEE8352E0F54674443B29786243564ABB705F6FC0FE5FC5D3F98086B67CA0BE7AC8A9DEC421D9F1BC6B37F +y = 01CD559605EAD19FBD99E83600A6A81A0489E6F20306EE0789AE00CE16A6EFEA2F42F7534186CF1C60DF230BD9BCF8CB95E5028AD9820B2B1C0E15597EE54C4614A6 + +k = 1769805277975163035253775930842367129093741786725376786007349332653323812656658291413435033257677579095366632521448854141275926144187294499863933403633025023 +x = 00B45CB84651C9D4F08858B867F82D816E84E94FE4CAE3DA5F65E420B08398D0C5BF019253A6C26D20671BDEF0B8E6C1D348A4B0734687F73AC6A4CBB2E085C68B3F +y = 01C84942BBF538903062170A4BA8B3410D385719BA2037D29CA5248BFCBC8478220FEC79244DCD45D31885A1764DEE479CE20B12CEAB62F9001C7AA4282CE4BE7F56 + +k = 104748400337157462316262627929132596317243790506798133267698218707528750292682889221414310155907963824712114916552440160880550666043997030661040721887239 +x = 01CCEF4CDA108CEBE6568820B54A3CA3A3997E4EF0EDA6C350E7ED3DBB1861EDD80181C650CEBE5440FEBA880F9C8A7A86F8B82659794F6F5B88E501E5DD84E65D7E +y = 01026565F8B195D03C3F6139C3A63EAA1C29F7090AB2A8F75027939EC05109035F1B38E6C508E0C14CE53AB7E2DA33AA28140EDBF3964862FB157119517454E60F07 + +k = 6703903865078345888141381651430168039496664077350965054288133126549307058741788671148197429777343936466127575938031786147409472627479702469884214509568000 +x = 00C1002DC2884EEDADB3F9B468BBEBD55980799852C506D37271FFCD006919DB3A96DF8FE91EF6ED4B9081B1809E8F2C2B28AF5FCBF524147C73CB0B913D6FAB0995 +y = 01614E8A62C8293DD2AA6EF27D30974A4FD185019FA8EF4F982DA48698CECF706581F69EE9ED67A9C231EC9D0934D0F674646153273BCBB345E923B1EC1386A1A4AD + +k = 1675925643682395305404517165643562251880026958780896531698856737024179880343339878336382412050263431942974939646683480906434632963478257639757341102436352 +x = 010ED3E085ECDE1E66874286B5D5642B9D37853A026A0A025C7B84936E2ECEEC5F342E14C80C79CCF814D5AD085C5303F2823251F2B9276F88C9D7A43E387EBD87AC +y = 01BE399A7666B29E79BBF3D277531A97CE05CAC0B49BECE4781E7AEE0D6E80FEE883C76E9F08453DC1ADE4E49300F3D56FEE6A1510DA1B1F12EEAA39A05AA0508119 + +k = 12785133382149415221402495202586701798620696169446772599038235721862338692190156163951558963856959059232381602864743924427451786769515154396810706943 +x = 013070A29B059D317AF37089E40FCB135868F52290EFF3E9F3E32CDADCA18EA234D8589C665A4B8E3D0714DE004A419DEA7091A3BBA97263C438FE9413AA598FD4A5 +y = 00238A27FD9E5E7324C8B538EF2E334B71AC2611A95F42F4F2544D8C4A65D2A32A8BAFA15EFD4FC2BD8AB2B0C51F65B680879589F4D5FE8A84CEB17A2E8D3587F011 + +k = 214524875832249255872206855495734426889477529336261655255492425273322727861341825677722947375406711676372335314043071600934941615185418540320233184489636351 +x = 01A3D88799878EC74E66FF1AD8C7DFA9A9B4445A17F0810FF8189DD27AE3B6C580D352476DBDAEB08D7DA0DE3866F7C7FDBEBB8418E19710F1F7AFA88C22280B1404 +y = 00B39703D2053EC7B8812BDFEBFD81B4CB76F245FE535A1F1E46801C35DE03C15063A99A203981529C146132863CA0E68544D0F0A638D8A2859D82B4DD266F27C3AE + +k = 51140486275567859131139077890835526884648461857823088348651153840508287621366854506831244746531272246620295123104269565867055949378266395604768784399 +x = 01D16B4365DEFE6FD356DC1F31727AF2A32C7E86C5AE87ED2950A08BC8653F203C7F7860E80F95AA27C93EA76E8CD094127B15ED42CC5F96DC0A0F9A1C1E31D0D526 +y = 006E3710A0F9366E0BB8A14FFE8EBC2722EECF4A123EC9BA98DCCCA335D6FAFD289DC69FD90903C9AC982FEB46DF93F03A7C8C9549D32C1C386D17F37340E63822A8 + +k = 6651529716025206881035279952881520627841152247212784520914425039312606120198879080839643311347169019249080198239408356563413447402270445462102068592377843 +x = 01B1220F67C985E9FC9C588C0C86BB16E6FE4CC11E168A98D701AE4670724B3D030ED9965FADF4207C7A1BE9BE0F40DEF2BBFFF0C7EABCB5B42526CE1D3CAA468F52 +y = 006CDAD2860F6D2C37159A5A866D11605F2E7D87430DCFE6E6816AB6423CD9003CA6F2527B9C2A2483C541D456C963D18A0D2A46E158CB2A44C0BF42D562881FB748 + +k = 3224551824613232232537680077946818660156835288778087344805370397811379731631671254853846826682273677870214778462237171365140390183770226853329363961324241919 +x = 00F25E545213C8C074BE38A0612EA9B66336B14A874372548D9716392DFA31CD0D13E94F86CD48B8D43B80B5299144E01245C873B39F6AC6C4FB397746AF034AD67C +y = 01733ABB21147CC27E35F41FAF40290AFD1EEB221D983FFABBD88E5DC8776450A409EACDC1BCA2B9F517289C68645BB96781808FEAE42573C2BB289F16E2AECECE17 + +k = 12486613128442885430380874043991285080254917488396284953815149251315412600634581539066663092297612040669978017623587752845409653167277021864132608 +x = 0172CD22CBE0634B6BFEE24BB1D350F384A945ED618ECAD48AADC6C1BC0DCC107F0FFE9FE14DC929F90153F390C25BE5D3A73A56F9ACCB0C72C768753869732D0DC4 +y = 00D249CFB570DA4CC48FB5426A928B43D7922F787373B6182408FBC71706E7527E8414C79167F3C999FF58DE352D238F1FE7168C658D338F72696F2F889A97DE23C5 + +k = 6864797660130609714981900799081393217269435300143305409394463459185543183397655394245057746333217197532963996371363321113864768612440380340372808892707005429 +x = 018BDD7F1B889598A4653DEEAE39CC6F8CC2BD767C2AB0D93FB12E968FBED342B51709506339CB1049CB11DD48B9BDB3CD5CAD792E43B74E16D8E2603BFB11B0344F +y = 013A552419C09735A49496F7D696A640F50761180AD4BEF46BBBAB93AAF6AD2CEEDFB25C4222392B1518120513EFCF257107C8334DD11163036B22CD78012F66F06B + +k = 6864797660130609714981900799081393217269435300143305409394463459185543183397655394245057746333217197532963996371363321113864768612440380340372808892707005430 +x = 00998DCCE486419C3487C0F948C2D5A1A07245B77E0755DF547EFFF0ACDB3790E7F1FA3B3096362669679232557D7A45970DFECF431E725BBDE478FF0B2418D6A19B +y = 00C82A25F9D95FDE12A33C6BDB68ACA4DBA2982D7511D48430B533AF111C9ABA88D88C5269C00D1473064F13C666E9CE3C880A5B2761560401BB56F6E596A402FA8A + +k = 6864797660130609714981900799081393217269435300143305409394463459185543183397655394245057746333217197532963996371363321113864768612440380340372808892707005431 +x = 01BC33425E72A12779EACB2EDCC5B63D1281F7E86DBC7BF99A7ABD0CFE367DE4666D6EDBB8525BFFE5222F0702C3096DEC0884CE572F5A15C423FDF44D01DD99C61D +y = 00F2F9166677A49CACA21C18B2CC2619C2FDB04F831F2E690DAAD371B5FF537B3FBBDCB514DFE0856ECC6EA2E4B4BADF646258601EA4E607B02ECA27BE1D27065795 + +k = 6864797660130609714981900799081393217269435300143305409394463459185543183397655394245057746333217197532963996371363321113864768612440380340372808892707005432 +x = 01B00DDB707F130EDA13A0B874645923906A99EE9E269FA2B3B4D66524F269250858760A69E674FE0287DF4E799B5681380FF8C3042AF0D1A41076F817A853110AE0 +y = 017A97C0E2824E9A89243EEE2B1B51222EF94866ACB30966EF56729753D4DD5ECDC20625A9B10922F40F2D098A80E9520BDF196FAA6B3D48AA0ACA4634838F19B9B8 + +k = 6864797660130609714981900799081393217269435300143305409394463459185543183397655394245057746333217197532963996371363321113864768612440380340372808892707005433 +x = 01D17D10D8A89C8AD05DDA97DA26AC743B0B2A87F66192FD3F3DD632F8D20B188A52943FF18861CA00A0E5965DA7985630DF0DBF5C8007DCDC533A6C508F81A8402F +y = 0185C8CBC3A7D288FFE038EB4E72C2C1968DECCA1B3C47FF2AF13835CF36B4947D3E3E7D1EC6724AB855F4CF8A53626677AD61CFFB2D72E79CCCAD1D8D076438C541 + +k = 6864797660130609714981900799081393217269435300143305409394463459185543183397655394245057746333217197532963996371363321113864768612440380340372808892707005434 +x = 006B6AD89ABCB92465F041558FC546D4300FB8FBCC30B40A0852D697B532DF128E11B91CCE27DBD00FFE7875BD1C8FC0331D9B8D96981E3F92BDE9AFE337BCB8DB55 +y = 004B9725D8EA8EC6E2958319B2DCCC12409C20FB6956452DF345B49DEF9668B7A12A816F9D3766B8F57FDEB71DDCD369366DB9026F33BB954226A9CBCB7F5EB8AB9A + +k = 6864797660130609714981900799081393217269435300143305409394463459185543183397655394245057746333217197532963996371363321113864768612440380340372808892707005435 +x = 01875BC7DC551B1B65A9E1B8CCFAAF84DED1958B401494116A2FD4FB0BABE0B3199974FC06C8B897222D79DF3E4B7BC744AA6767F6B812EFBF5D2C9E682DD3432D74 +y = 01A35B6DCA8A2534A42D299D6F44544B42047B8FEDD471AE7D95F7B831647928129D2F887E4E4B0CA7B3EE17640E2ECC23F2A496F0AC57837B41BE99607AD8FF2AB5 + +k = 6864797660130609714981900799081393217269435300143305409394463459185543183397655394245057746333217197532963996371363321113864768612440380340372808892707005436 +x = 007E3E98F984C396AD9CD7865D2B4924861A93F736CDE1B4C2384EEDD2BEAF5B866132C45908E03C996A3550A5E79AB88EE94BEC3B00AB38EFF81887848D32FBCDA7 +y = 00F711A7149287E01256E5E6D9255C12A5F7312AF5C792ABDE3963859851A3E1DED53E42A2A7C74389C0D92022CAE340443C9E6615506EE81608D6E5FE04FDD58E36 + +k = 6864797660130609714981900799081393217269435300143305409394463459185543183397655394245057746333217197532963996371363321113864768612440380340372808892707005437 +x = 01C0D9DCEC93F8221C5DE4FAE9749C7FDE1E81874157958457B6107CF7A5967713A644E90B7C3FB81B31477FEE9A60E938013774C75C530928B17BE69571BF842D8C +y = 00BFB74A6B95B6D83F01C31E2EFC597D35B89C019A548EB6B25BA1BFB54095E83F68292E77BC2790324933EF5906AE4649CF77B458DDDB0A519386184E5CD7E4E80F + +k = 6864797660130609714981900799081393217269435300143305409394463459185543183397655394245057746333217197532963996371363321113864768612440380340372808892707005438 +x = 008A75841259FDEDFF546F1A39573B4315CFED5DC7ED7C17849543EF2C54F2991652F3DBC5332663DA1BD19B1AEBE3191085015C024FA4C9A902ECC0E02DDA0CDB9A +y = 016904CFC03445DED67B62F35788FAB04DD6C522A99DEF42FB6C12D16A2B1F4647D4E43756F174BD5B54C76DCCE6EB56ACC923537F1C0B7E64A2A778B06D31B737F7 + +k = 6864797660130609714981900799081393217269435300143305409394463459185543183397655394245057746333217197532963996371363321113864768612440380340372808892707005439 +x = 0190EB8F22BDA61F281DFCFE7BB6721EC4CD901D879AC09AC7C34A9246B11ADA8910A2C7C178FCC263299DAA4DA9842093F37C2E411F1A8E819A87FF09A04F2F3320 +y = 0014A26947B6E9EB456245154C4F35D4589F3D114DEBBDAE4DF4568028759D109D2D40ACB62BB2679B44AC909E9C23A814100C9769C68C6055E8D6AB4367ECA138A6 + +k = 6864797660130609714981900799081393217269435300143305409394463459185543183397655394245057746333217197532963996371363321113864768612440380340372808892707005440 +x = 01585389E359E1E21826A2F5BF157156D488ED34541B988746992C4AB145B8C6B6657429E1396134DA35F3C556DF725A318F4F50BABD85CD28661F45627967CBE207 +y = 01D5D19E736575120C60F4AAAA85D8516C71CF7759AB11E3144937DA45D9C224BB91F2961A8A9FA8537BF00A9130B54027828C93D516D777F0CBC55F15794652D5B1 + +k = 6864797660130609714981900799081393217269435300143305409394463459185543183397655394245057746333217197532963996371363321113864768612440380340372808892707005441 +x = 000822C40FB6301F7262A8348396B010E25BD4E29D8A9B003E0A8B8A3B05F826298F5BFEA5B8579F49F08B598C1BC8D79E1AB56289B5A6F4040586F9EA54AA78CE68 +y = 009CCE6EE2AABD03B7DFB7025491877AC465BB0712161D3F8EA4AF7C219EF988570E76163F55A6EE4B400F45F20F9A3A879660C456BFF6B8ECAC7529BD0EE0E87FE3 + +k = 6864797660130609714981900799081393217269435300143305409394463459185543183397655394245057746333217197532963996371363321113864768612440380340372808892707005442 +x = 0056D5D1D99D5B7F6346EEB65FDA0B073A0C5F22E0E8F5483228F018D2C2F7114C5D8C308D0ABFC698D8C9A6DF30DCE3BBC46F953F50FDC2619A01CEAD882816ECD4 +y = 01C2D2E48264555D5EEF2E27CE85C6297B874A3A7D2FD7DB0F228E242675D93421AA942F0D6C321361D46ADC5CBA6E31E5A061898ED5A2210384A3947436FADADAE4 + +k = 6864797660130609714981900799081393217269435300143305409394463459185543183397655394245057746333217197532963996371363321113864768612440380340372808892707005443 +x = 01EE4569D6CDB59219532EFF34F94480D195623D30977FD71CF3981506ADE4AB01525FBCCA16153F7394E0727A239531BE8C2F66E95657F380AE23731BEDF79206B9 +y = 0021FDAA52F339B0A7951D22D8FAB91C4EEED554448C25A57F718DBF56D9DFE575693548D2F1A99B7362069367B21D8B0DDFC238474AA35F2521E1533287A72BB0E8 + +k = 6864797660130609714981900799081393217269435300143305409394463459185543183397655394245057746333217197532963996371363321113864768612440380340372808892707005444 +x = 00652BF3C52927A432C73DBC3391C04EB0BF7A596EFDB53F0D24CF03DAB8F177ACE4383C0C6D5E3014237112FEAF137E79A329D7E1E6D8931738D5AB5096EC8F3078 +y = 00A41910E42299FE291375D48CEEB57EED6EE327017178D1FFAE1227E8365FCB8F7844976836F8D30C8BCEEABFDEE30A00862E0FF8DA8CAB0807E8C33C17214F6F34 + +k = 6864797660130609714981900799081393217269435300143305409394463459185543183397655394245057746333217197532963996371363321113864768612440380340372808892707005445 +x = 0035B5DF64AE2AC204C354B483487C9070CDC61C891C5FF39AFC06C5D55541D3CEAC8659E24AFE3D0750E8B88E9F078AF066A1D5025B08E5A5E2FBC87412871902F3 +y = 017DF6907BD9ED862D498C1FE8714F4B5449AADE5109191CD1E4A519C01D0E66F80D860D7C1AB45C7ABFADDB08AF56A47A114480510FB9662E261DE0B803CB91B2F2 + +k = 6864797660130609714981900799081393217269435300143305409394463459185543183397655394245057746333217197532963996371363321113864768612440380340372808892707005446 +x = 01A73D352443DE29195DD91D6A64B5959479B52A6E5B123D9AB9E5AD7A112D7A8DD1AD3F164A3A4832051DA6BD16B59FE21BAEB490862C32EA05A5919D2EDE37AD7D +y = 00C164FC4682059D2226686079393547EB0D0EAA8057D562FCE82D0754E05CAA3113D1D22B30723A8A4FD2A5312E213C38F30EFA36436C5A6FBDA0A7735E11793F1A + +k = 6864797660130609714981900799081393217269435300143305409394463459185543183397655394245057746333217197532963996371363321113864768612440380340372808892707005447 +x = 00433C219024277E7E682FCB288148C282747403279B1CCC06352C6E5505D769BE97B3B204DA6EF55507AA104A3A35C5AF41CF2FA364D60FD967F43E3933BA6D783D +y = 010B44733807924D98FF580C1311112C0F4A394AEF83B25688BF54DE5D66F93BD2444C1C882160DAE0946C6C805665CDB70B1503416A123F0B08E41CA9299E0BE4FD + +k = 6864797660130609714981900799081393217269435300143305409394463459185543183397655394245057746333217197532963996371363321113864768612440380340372808892707005448 +x = 00C6858E06B70404E9CD9E3ECB662395B4429C648139053FB521F828AF606B4D3DBAA14B5E77EFE75928FE1DC127A2FFA8DE3348B3C1856A429BF97E7E31C2E5BD66 +y = 00E7C6D6958765C43FFBA375A04BD382E426670ABBB6A864BB97E85042E8D8C199D368118D66A10BD9BF3AAF46FEC052F89ECAC38F795D8D3DBF77416B89602E99AF + + + Curve: B163 +------------- +k = 1 +x = 03F0EBA16286A2D57EA0991168D4994637E8343E36 +y = 00D51FBC6C71A0094FA2CDD545B11C5C0C797324F1 + +k = 2 +x = 01AEB33FED9C49E0200A0C561EA66D5AB85BD4C2D4 +y = 0530608192CD47D0C24C20076475FD625CC82895E8 + +k = 3 +x = 0634000577F86AA315009D6F9B906691F6EDD691FE +y = 0401A3DE0D6C2EC014E6FBA5653587BD45DC2230BE + +k = 4 +x = 04053748C8CCD84AF888D3E7623F4FF3B75D153F39 +y = 064B0908949B6A838153953B06CD169CC311F5FDA7 + +k = 5 +x = 07205899683630522F4C657BB52764867DA449F864 +y = 0302537FF55DADA096DB01CA79007AF3013550CB9C + +k = 6 +x = 065AD02C42180EA317348FFE342FB1CF2A3E896195 +y = 0054D6F924A2880B5507C59B5B768ABDD6883CC94F + +k = 7 +x = 043EAAAF4BEA5A8C0A3EB105B31A0CF6ABAD87B13A +y = 05FAD8CE53A9D7FD436C988C7A932B0BD27289A17F + +k = 8 +x = 04547BD66270DF7A9601351A616FEF080D44528B03 +y = 019303302D63359036B047497DC2F1BB94BB3D93C4 + +k = 9 +x = 04802FB7306AE7CAA87F08815BABDFEEBBA9E7A7D3 +y = 051887A199573D8C5E2E54FA7FB6859C9F5ABA0256 + +k = 10 +x = 0507E541410F581B0D6914C2183C9313E7CAA10915 +y = 0303C6D2DE69D3EFDBD20961BB97E25F1B22748341 + +k = 11 +x = 0696E27054D49E19B15ED4240AA2F5942A06F25BB5 +y = 0213B6F9C3F5E68EFCAF26248A008FF6009343C77C + +k = 12 +x = 05AA3CAE634590B66A3F18A64E47B1C9B3B509E80C +y = 0258234401076C0E16379AA32DF09503285A1EEBE6 + +k = 13 +x = 07C565F87A02BFBAD2E0F3517F74392AC60036A5EB +y = 02C556E1E3BD22E6A623BF4033B3E3551409365955 + +k = 14 +x = 03566B99AE5EEEB921C9618E514A8AD50506A73F75 +y = 04A1B9E316EF87FF578DF5FB8514BEBDDD270CD91B + +k = 15 +x = 01880F725B918ABA057E6DE329ABDFEEF475AE9483 +y = 0220415EF494AAD1C937EB6143B18090BF4A2E0516 + +k = 16 +x = 041FBD3ADBAB2C4349F5518C8BC4BD531F079DC92B +y = 00611E336597E3A9C3AB428144731DC459A5500F1E + +k = 17 +x = 0714E4DADA0AB682D036AF06DDBA3CCAD123E5734B +y = 06491E8A4DAC775E8E35B3B78172795D6D10EE5200 + +k = 18 +x = 01F2DC4C1A649043F1622F611986E84074EBE3F692 +y = 03F9DC4F698E25F11F007F5176C2E9822346425217 + +k = 19 +x = 01A55C68CE800F55118C74751EE8F99770A65B14F6 +y = 01B16D316F36C3491D4AE8B3AFC1DCCCE4141754E2 + +k = 20 +x = 00AED08C6DDCF8E345006BD2F6989C3F92CB508A82 +y = 0253947FD52A1D327DCAF5224172C24E81BE22C2B3 + +k = 112233445566778899 +x = 04B78128BD2F1E46147BA6AE8A2E96679C6082CBFE +y = 0369576EAA212EE4A82F9113139B242ECA44824065 + +k = 112233445566778899112233445566778899 +x = 04CCFB0246A0B44EDBBA64C3CFBFA5EFE0175B254B +y = 00C7686F7DBB7A03A655A6200FD00F9289027069D5 + +k = 3014303919301082363471676974008142323349532409856 +x = 0206CA58241AD954F6B6499349210DE70DF6D41C69 +y = 04B4A47F3360FC8B33C0FC52B924F140ED51DE761E + +k = 5845660887092509954614822264108743716794242435071 +x = 03F9A8E75A930CE4BD76B1E083B7C59AF3559E2332 +y = 0321A42923F23C7EBFC6215FFBE3736A424BD67EE1 + +k = 37218388952580046387530102177743765472 +x = 059CDB14182D8CC0D721FAE32685C56E26F8941349 +y = 060CD9BA37CC91B795716275F2559722B652AB2052 + +k = 178405792776285083668453598138797165866123391 +x = 01CA424374AD787A77880627B101FD5A03983BCD93 +y = 034DE28FD18358F0ABC44399FB3A95506A00725048 + +k = 5846006375109673349306752832313931793753188073472 +x = 006AC93B0829A7F27E89AD517C94DE9D76AA012228 +y = 05706AE6A918E2C4D3D7014C4E3A2D1571BBD15B5C + +k = 5754662784102716162046055105144722111089719902208 +x = 063DEEACAD43ECB57FD95FE22577203D893003F524 +y = 016429B4458C1B81EAF791DA58F430C0F8BE7BD4B0 + +k = 11417981371511606755217326180000330384402284544 +x = 00C69951B883CA6B9716931DF7478E6F400CE1614D +y = 0792D0662006CA484AA33865037BB579FD98A7CECD + +k = 87091267516532971911250469212156927672320 +x = 049DBF57D4CFEC9B141CB7CDC177405C147BF436A1 +y = 056C13C2827701030573BB9DC074DB66A90E085D05 + +k = 2809981007300141238972830272943674589706190848 +x = 038DEB7A7E42FB8295E9481DFE05FFBA469CD0B391 +y = 07B31564545FFF632486977C41871D18D78667ACEA + +k = 2854409634255779570371480294187805694377328639 +x = 0215294902A8129A363003B2AC87E1FED210EE2BFF +y = 03FDE9AF1734A1C84F53A44169D4750B59FD5ABE41 + +k = 5846006549323611672814742442876390689256843201567 +x = 00AED08C6DDCF8E345006BD2F6989C3F92CB508A82 +y = 02FD44F3B8F6E5D138CA9EF0B7EA5E711375724831 + +k = 5846006549323611672814742442876390689256843201568 +x = 01A55C68CE800F55118C74751EE8F99770A65B14F6 +y = 00143159A1B6CC1C0CC69CC6B129255B94B24C4014 + +k = 5846006549323611672814742442876390689256843201569 +x = 01F2DC4C1A649043F1622F611986E84074EBE3F692 +y = 020B000373EAB5B2EE6250306F4401C257ADA1A485 + +k = 5846006549323611672814742442876390689256843201570 +x = 0714E4DADA0AB682D036AF06DDBA3CCAD123E5734B +y = 015DFA5097A6C1DC5E031CB15CC84597BC330B214B + +k = 5846006549323611672814742442876390689256843201571 +x = 041FBD3ADBAB2C4349F5518C8BC4BD531F079DC92B +y = 047EA309BE3CCFEA8A5E130DCFB7A09746A2CDC635 + +k = 5846006549323611672814742442876390689256843201572 +x = 01880F725B918ABA057E6DE329ABDFEEF475AE9483 +y = 03A84E2CAF05206BCC4986826A1A5F7E4B3F809195 + +k = 5846006549323611672814742442876390689256843201573 +x = 03566B99AE5EEEB921C9618E514A8AD50506A73F75 +y = 07F7D27AB8B1694676449475D45E3468D821ABE66E + +k = 5846006549323611672814742442876390689256843201574 +x = 07C565F87A02BFBAD2E0F3517F74392AC60036A5EB +y = 0500331999BF9D5C74C34C114CC7DA7FD20900FCBE + +k = 5846006549323611672814742442876390689256843201575 +x = 05AA3CAE634590B66A3F18A64E47B1C9B3B509E80C +y = 07F21FEA6242FCB87C08820563B724CA9BEF1703EA + +k = 5846006549323611672814742442876390689256843201576 +x = 0696E27054D49E19B15ED4240AA2F5942A06F25BB5 +y = 04855489972178974DF1F20080A27A622A95B19CC9 + +k = 5846006549323611672814742442876390689256843201577 +x = 0507E541410F581B0D6914C2183C9313E7CAA10915 +y = 060423939F668BF4D6BB1DA3A3AB714CFCE8D58A54 + +k = 5846006549323611672814742442876390689256843201578 +x = 04802FB7306AE7CAA87F08815BABDFEEBBA9E7A7D3 +y = 0198A816A93DDA46F6515C7B241D5A7224F35DA585 + +k = 5846006549323611672814742442876390689256843201579 +x = 04547BD66270DF7A9601351A616FEF080D44528B03 +y = 05C778E64F13EAEAA0B172531CAD1EB399FF6F18C7 + +k = 5846006549323611672814742442876390689256843201580 +x = 043EAAAF4BEA5A8C0A3EB105B31A0CF6ABAD87B13A +y = 01C4726118438D7149522989C98927FD79DF0E1045 + +k = 5846006549323611672814742442876390689256843201581 +x = 065AD02C42180EA317348FFE342FB1CF2A3E896195 +y = 060E06D566BA86A842334A656F593B72FCB6B5A8DA + +k = 5846006549323611672814742442876390689256843201582 +x = 07205899683630522F4C657BB52764867DA449F864 +y = 04220BE69D6B9DF2B99764B1CC271E757C911933F8 + +k = 5846006549323611672814742442876390689256843201583 +x = 04053748C8CCD84AF888D3E7623F4FF3B75D153F39 +y = 024E3E405C57B2C979DB46DC64F2596F744CE0C29E + +k = 5846006549323611672814742442876390689256843201584 +x = 0634000577F86AA315009D6F9B906691F6EDD691FE +y = 0235A3DB7A94446301E666CAFEA5E12CB331F4A140 + +k = 5846006549323611672814742442876390689256843201585 +x = 01AEB33FED9C49E0200A0C561EA66D5AB85BD4C2D4 +y = 049ED3BE7F510E30E2462C517AD39038E493FC573C + +k = 5846006549323611672814742442876390689256843201586 +x = 03F0EBA16286A2D57EA0991168D4994637E8343E36 +y = 0325F41D0EF702DC310254C42D65851A3B91471AC7 + + + Curve: B233 +------------- +k = 1 +x = 00FAC9DFCBAC8313BB2139F1BB755FEF65BC391F8B36F8F8EB7371FD558B +y = 01006A08A41903350678E58528BEBF8A0BEFF867A7CA36716F7E01F81052 + +k = 2 +x = 00845FD61638BAC7D9E109A67A1F7047DC0FD9A5488A8468364BDC592AAD +y = 001B1420774ABBA2587C83900984765A8A85D776325FC39CC7823D734660 + +k = 3 +x = 0080F50A330911BD753A76364595B9F0158C4D02A85CC0E3FB6EA0AEF9FF +y = 017A49033F12EB52675E98E6432CC27104BD5C42BCBE3DAF76901C9B8743 + +k = 4 +x = 0063A1BAAAC9B4861CB6AAC5B38889A57A9629C7B04E7825CEB3FB4428A8 +y = 0132A03FAE14E34053D6CCEACC117BFF8EFAF5F008D32AB626CBF9012209 + +k = 5 +x = 0194ED0CA60C85E59E7C4B69F30C6304A9F485F45032B871C4A23FFEC8C1 +y = 00A52F9459C2FAB39C214061E272E1E115E1E01A98E4F09CD5A85D2698C6 + +k = 6 +x = 002EEDA3493C16230768A46AB073F6A5433FE5617BD4AFE57CC825D27276 +y = 00C0C4C68F81C3BD0202A4EC28FFD13E208F4271701CD96887A5806028FC + +k = 7 +x = 01F7D14C8236367ED87EB63873C754BD8B7EC794D966B02E26C932B29F9C +y = 008F7C01DF764B179486CFC7B5658C1829BAF50AF0DD42E822556F72CEEA + +k = 8 +x = 001113FA420BBE57886A2FC590E99666864D0889BAE81DFA59EF439DD177 +y = 00FBBEE98D579FEFEA0E811284146297E14321159B46700CDF49FFD07354 + +k = 9 +x = 015A95110DBF1D69EC0E724D01D2ACE71A521E9B327B29174E7B457E3D3D +y = 016878BA13BC5F4AD3E2BD7F577BA81A6F2F8622CD99A4DB6773737440B7 + +k = 10 +x = 01729FAFD85626066AF106C12194BAF099E7D8E602418BA81ADE075A2D6F +y = 00819FCB6BCC636E67C36E5EBF48BAFDE6AC5D2997FDEA23FD573A4A0E0A + +k = 11 +x = 01BAB3A411AF6331F6A00C8FF0BD477D597FAD3B400F970432315955C643 +y = 0133DB88896A90825A1D2E4406BC939805C8DF75E210A1AEDB58CFD8420C + +k = 12 +x = 0013C872DC451063747ACCEDE848447DFCE495DE73867EF6E79F79670426 +y = 008F1DCC98B8C4F3EEC9E3C064D5CA816C994D58C250EA3A618AA543D1F5 + +k = 13 +x = 0109164D2F7954F7B787F81801B8F54E45E094B5C3443D8EC38C04F12C5E +y = 0166A9A8F96CBF61332A380119A0249B5652F513ECC1C0225E81C98B60A1 + +k = 14 +x = 0096A33E366B8A983099CBB14A44726048C39E4AE1A5D99BC77A0EEADF18 +y = 006C8ACD9CC4B4304599CAAEF7F7DF596D072F73F88DB0C54BA0B22BC33E + +k = 15 +x = 012D3A4EC04D1665E12062DF52E95902F94B20DEBAB7DCB54E9374563493 +y = 00CD64A68A05153692511BF856A643731097057BEA8CC4A4ADFC3D6E624A + +k = 16 +x = 0089F30BF08A0B5C3535F4F4F6EA289515C7EA63E80162F0770CEBB2C33C +y = 00C2C3140E26FD866B9FBCBF12F97F40B163ECE32394CB6C5FE054B03B77 + +k = 17 +x = 00171F523C8C1F3B27BEF910A1BD799ED5A9F9ACC2DCC32C730E921256A0 +y = 01A7DFF4194648DD9F464304B1FE129F20B8EC6F4E7C0CDC047D66D34196 + +k = 18 +x = 0142D69CBD05F9B5D408AFC974DC2A5D4BB388A0DC8BBFCE5092B2BAC7AC +y = 0102295224C54B2F346029A002554F398E57A7721741E834203F25EB28AC + +k = 19 +x = 00AB5E13DDE6BB314864DFB92B35A000D226C3B57A1B219FB61DEA094864 +y = 006BCCE0C83D40828EA046BA35547595DB8D2B43D2588423DA34427641E2 + +k = 20 +x = 00E585234F3B0284BA0837C16B6A6E3BCA7ECC5F92A58CE32E6BF652D68D +y = 01C230115E504B216FB5759257C9B21A7D7B2743C3A812900BA73452B399 + +k = 112233445566778899 +x = 00D8FF9B2861C3F14D6DE7671BF76F5A9D337F7D4E9D5781627FED6454B2 +y = 01B24217964482CF5052199CDC3B74713BABF38CC5D6E2F39EB2DBF44B2D + +k = 112233445566778899112233445566778899 +x = 00C662895E03F6C21E3E72AABDB69DCBE1750B837D3EFEEDD6C7BD495EAB +y = 014CE29C2C56514912BA013EA43426E3286C881D695206E0ABA84B97189B + +k = 3558661949422509798906317152333164942344057847777634287642572963676160 +x = 01EFF84AE1FAAF5FDD8DBF7D3A3AC5E8E7E0E74F83141827DF523CDB0B76 +y = 00D2B7790F13A233202861A99DCD917A6DDC688326E23417AD2E908353DD + +k = 6901746141905950887442323978500829027888590046973079213348148285145087 +x = 01CB432732150FEC7DBF5BF6F4A1FF8253E8143E7A5FF199D12CD75DCD25 +y = 004FE1FAB0F9CADB1FB5627B13B3646A4B5F876ECBE95D9A72FB4E9AB767 + +k = 6901745536893789481651945119392874544076086901468027196615880039464832 +x = 01875BECAA4CDD6DF9CDE8BFF39290E14D6DE6FE99EEFB6E5573E65672D6 +y = 008CB2F0B77EC049CC2EA2F13A3A826CE6486402C8B2C46EA5085E458EC1 + +k = 6901746141115047990521329431718126281191923701935732818412903868661696 +x = 004A28049F7A26F71CCE4FF837F88634D74F6DC3C57D0990BC7A8046EEDF +y = 00486D68C623B17215F7C834E6F964911B68281E124F49030EAC1426BDD2 + +k = 6039436138923477005518920926285345539548982958859974727795426951954435 +x = 014D82B98E53FB7B06723EB1ACC5FF06EA4B9318E22455AC04AA3B5B1411 +y = 012120B361607A1B59C182D846F31939C96A7A7D8C4FF3E2C4F118235BE4 + +k = 401538351638439033125297969147569374959194963040968487470080 +x = 0070491B062CE6129801070F462172C97F6728861FD888CD3F4106196DD9 +y = 001E7D2A033402DB043A140343B36888334A5ACD4BAFFE389F5936C4A96E + +k = 6901641034498895230271430552465094581031001187062116263138743302488063 +x = 00A3DAD986BD06437E22700630C7C25E568C8DC34E5E1C10A543C24BD50B +y = 000D84CD5CD26316388D26AE5E84BE564DBE55FDAFEC55E7B4827FA0B2EF + +k = 105312291668557185967168602814471958975769865710678392621873758207 +x = 00C3566098C8FEA5BC0B6753698F46C71086788547EB6ACC201A5F06731D +y = 00C727A9D46799F93A2813F1F4E01A76537D1E05AF5B7EFC296E8A285813 + +k = 6901743068630700917194326252590429823569767924282277572924560447127551 +x = 01011E05ECBE460525FB673CFCD11BD83416C09422EC4B551F76A46FC93D +y = 01DBA310ABB91BF9FE38B2B8BCFED269FC0EFB4EE2A8235C98B4893F2393 + +k = 25707894677204793593731297967028170539209583336002051838574592 +x = 00B09FDBCD8C972C345BF345FA44A3707F2622855B229B0B94D227BA1D06 +y = 000D7F3D64D1B962284066B024D18477941DBB04550E139542462C75D2C9 + +k = 6901746346790563787434755862277025555839812737345013555379383634485443 +x = 00E585234F3B0284BA0837C16B6A6E3BCA7ECC5F92A58CE32E6BF652D68D +y = 0127B532116B49A5D5BD42533CA3DC21B705EB1C510D9E7325CCC2006514 + +k = 6901746346790563787434755862277025555839812737345013555379383634485444 +x = 00AB5E13DDE6BB314864DFB92B35A000D226C3B57A1B219FB61DEA094864 +y = 00C092F315DBFBB3C6C499031E61D59509ABE8F6A843A5BC6C29A87F0986 + +k = 6901746346790563787434755862277025555839812737345013555379383634485445 +x = 0142D69CBD05F9B5D408AFC974DC2A5D4BB388A0DC8BBFCE5092B2BAC7AC +y = 0040FFCE99C0B29AE068866976896564C5E42FD2CBCA57FA70AD9751EF00 + +k = 6901746346790563787434755862277025555839812737345013555379383634485446 +x = 00171F523C8C1F3B27BEF910A1BD799ED5A9F9ACC2DCC32C730E921256A0 +y = 01B0C0A625CA57E6B8F8BA1410436B01F51115C38CA0CFF07773F4C11736 + +k = 6901746346790563787434755862277025555839812737345013555379383634485447 +x = 0089F30BF08A0B5C3535F4F4F6EA289515C7EA63E80162F0770CEBB2C33C +y = 004B301FFEACF6DA5EAA484BE41357D5A4A40680CB95A99C28ECBF02F84B + +k = 6901746346790563787434755862277025555839812737345013555379383634485448 +x = 012D3A4EC04D1665E12062DF52E95902F94B20DEBAB7DCB54E9374563493 +y = 01E05EE84A48035373717927044F1A71E9DC25A5503B1811E36F493856D9 + +k = 6901746346790563787434755862277025555839812737345013555379383634485449 +x = 0096A33E366B8A983099CBB14A44726048C39E4AE1A5D99BC77A0EEADF18 +y = 00FA29F3AAAF3EA87500011FBDB3AD3925C4B1391928695E8CDABCC11C26 + +k = 6901746346790563787434755862277025555839812737345013555379383634485450 +x = 0109164D2F7954F7B787F81801B8F54E45E094B5C3443D8EC38C04F12C5E +y = 006FBFE5D615EB9684ADC0191818D1D513B261A62F85FDAC9D0DCD7A4CFF + +k = 6901746346790563787434755862277025555839812737345013555379383634485451 +x = 0013C872DC451063747ACCEDE848447DFCE495DE73867EF6E79F79670426 +y = 009CD5BE44FDD4909AB32F2D8C9D8EFC907DD886B1D694CC8615DC24D5D3 + +k = 6901746346790563787434755862277025555839812737345013555379383634485452 +x = 01BAB3A411AF6331F6A00C8FF0BD477D597FAD3B400F970432315955C643 +y = 0089682C98C5F3B3ACBD22CBF601D4E55CB7724EA21F36AAE969968D844F + +k = 6901746346790563787434755862277025555839812737345013555379383634485453 +x = 01729FAFD85626066AF106C12194BAF099E7D8E602418BA81ADE075A2D6F +y = 01F30064B39A45680D32689F9EDC000D7F4B85CF95BC618BE7893D102365 + +k = 6901746346790563787434755862277025555839812737345013555379383634485454 +x = 015A95110DBF1D69EC0E724D01D2ACE71A521E9B327B29174E7B457E3D3D +y = 0032EDAB1E0342233FECCF3256A904FD757D98B9FFE28DCC2908360A7D8A + +k = 6901746346790563787434755862277025555839812737345013555379383634485455 +x = 001113FA420BBE57886A2FC590E99666864D0889BAE81DFA59EF439DD177 +y = 00EAAD13CF5C21B86264AED714FDF4F1670E299C21AE6DF686A6BC4DA223 + +k = 6901746346790563787434755862277025555839812737345013555379383634485456 +x = 01F7D14C8236367ED87EB63873C754BD8B7EC794D966B02E26C932B29F9C +y = 0178AD4D5D407D694CF879FFC6A2D8A5A2C4329E29BBF2C6049C5DC05176 + +k = 6901746346790563787434755862277025555839812737345013555379383634485457 +x = 002EEDA3493C16230768A46AB073F6A5433FE5617BD4AFE57CC825D27276 +y = 00EE2965C6BDD59E056A0086988C279B63B0A7100BC8768DFB6DA5B25A8A + +k = 6901746346790563787434755862277025555839812737345013555379383634485458 +x = 0194ED0CA60C85E59E7C4B69F30C6304A9F485F45032B871C4A23FFEC8C1 +y = 0131C298FFCE7F56025D0B08117E82E5BC1565EEC8D648ED110A62D85007 + +k = 6901746346790563787434755862277025555839812737345013555379383634485459 +x = 0063A1BAAAC9B4861CB6AAC5B38889A57A9629C7B04E7825CEB3FB4428A8 +y = 0151018504DD57C64F60662F7F99F25AF46CDC37B89D5293E87802450AA1 + +k = 6901746346790563787434755862277025555839812737345013555379383634485460 +x = 0080F50A330911BD753A76364595B9F0158C4D02A85CC0E3FB6EA0AEF9FF +y = 01FABC090C1BFAEF1264EED006B97B811131114014E2FD4C8DFEBC357EBC + +k = 6901746346790563787434755862277025555839812737345013555379383634485461 +x = 00845FD61638BAC7D9E109A67A1F7047DC0FD9A5488A8468364BDC592AAD +y = 009F4BF661720165819D8A36739B061D568A0ED37AD547F4F1C9E12A6CCD + +k = 6901746346790563787434755862277025555839812737345013555379383634485462 +x = 00FAC9DFCBAC8313BB2139F1BB755FEF65BC391F8B36F8F8EB7371FD558B +y = 01FAA3D76FB58026BD59DC7493CBE0656E53C1782CFCCE89840D700545D9 + + + Curve: B283 +------------- +k = 1 +x = 05F939258DB7DD90E1934F8C70B0DFEC2EED25B8557EAC9C80E2E198F8CDBECD86B12053 +y = 03676854FE24141CB98FE6D4B20D02B4516FF702350EDDB0826779C813F0DF45BE8112F4 + +k = 2 +x = 032A728C1F40082AE632CB3814635D8BBD48627F0E88E4B3768C8C8D27BE75237D7499D5 +y = 052D072775B39FE97B97BA764BFEFF90500024077D37A2FD4620E95E89CDA072A45BE1C0 + +k = 3 +x = 00D257A925BA8BBF1A490A06A80D8338453A9A00EED2C51A90467A4283B3A4DF9DE2BC0B +y = 022A7592959069FBBC245BEE792106E995513D5F6837B90F291FEB732B1CBE3427C8E585 + +k = 4 +x = 03CB18F293B4334E75B1ABAE9F52A4CF5EFD216F6DD2601D1E5FDAE28B49040C221B795F +y = 03FF2A5FBD208F68CB1664E4B33BF462CE9954598DF0A7EE3584E14A6CF0C83AA879FC06 + +k = 5 +x = 01953364BD3C81790A86E65FF6E875D73F3CB9FCC149B5A6BEBABB04F00B1693048A7EB7 +y = 05C852E3D437FD874DD2A7553DCF495FDE66A9EEC8DE42A991EE73909C075D0BD7AA7B8B + +k = 6 +x = 01C2637EC3B28939848CA7D5AF774362A3F6E4EED51DAE8AC03A035BE400899876C6D1C7 +y = 07F24D75C77A5BB392C92311F5BBB4FF9D4102D2258A9CD5A271979E6965A7F30B5AE371 + +k = 7 +x = 0118E9555319F8D324705749751EBF36FF59CE017FC226D513D0506DAAC1BBAA1054C3AE +y = 061D6F17AB7A75114B9640077679D259EC5EA2E2101900A4B1B037D5061126ABD80F6D48 + +k = 8 +x = 016EB43667CAA03A1D4E0D216EEE8DC344F96DC64DA7388A6CBD67EC37A6216E519DC49A +y = 00E97D1BF0F0B489E96FB3E621C55D3956FD8B1BB0668265D0EECC2CB17A17C1293659D7 + +k = 9 +x = 0522E9E9F563873EE65D780ADF8594C32224F8B82D603EC4985A2827BF60C7809DF92E56 +y = 054776DCFA6F8C715AE30B70C50A782451E96B6E79D02F32A6C04E8B9F6DA59C67E77439 + +k = 10 +x = 02370154BA926F2E6C255D3066C46044E5956EBC061E5BB9568B59BBE2A1DD26848E8123 +y = 047F96B6AB3F248FBD7A5248EB81EB962C72A7342074AD2B87008E2418F2D49B1DD7FBCF + +k = 11 +x = 02BAA70F624C6B40322D2BCC36555264B0CE79CF6CAD2B7B3640244FA474FBD67ABCD526 +y = 02C53C732A62984D55D73DC96813B4171C2DD4CCAA5C6874E21708DCE310996CEA0C057C + +k = 12 +x = 06352767C28FA14CC1610A4E0AD3181E6DD880AD622E20A2D57AD39C3F9949537FEEC21D +y = 00203A29EEAFE8C0B414B740FFCADF97E67CA8388F5E99C078343C134B65B42A9F56BB4E + +k = 13 +x = 0571A1C5E8E7C03FD9EDF08AC849398269DD6CC126920A7F89482E96E599C2C1CB9CD1B0 +y = 0511ECC1FC4D757F5C2C07B8B4D8E6F369DFE1CDD7D16D56B1F994A359C4066319D7A000 + +k = 14 +x = 02AA2E4B4DBE202B748D055CECB4F553A8014EA60DB2C81A226F3542FC9F406841A52E9B +y = 045E0BC64AF85F3E94054FCDF085F25DD4732688F984CF45FEFA517AB24CD4F59A9A838F + +k = 15 +x = 032DEC6EA13A2E1E01BE27BD6799D8B609EB46B0805FFAE9D01A1CC74F61A3C310EE9AFC +y = 0344D5DA3795D9D6DE0CACD217E114D3D945D30F8452C141AE08F8626E05E9F53F83D6FC + +k = 16 +x = 004E779F8C4EBCFB81CB6B66AD8097CC55FDBE4FDA1DE1818F3274A94C2E1F6F891EE4F1 +y = 026B299CA594A3D9FE9F70153585ECDE48BBD1D1A4892FD549495B91C17A6DED788444C7 + +k = 17 +x = 0267EA0500BCFF3A206EF2ED6672CD5721DB270B91B1D61FC596E72657DD21F9AD481268 +y = 0058E72525619BDD07BF756E224D6451EDDE3FC484395FE79E6D0F11BF79F5E1590280C4 + +k = 18 +x = 00205086EE98F746CA70D508D4B9DEBF0275D0CB68A4B5B998B8D8E9DD1E9DA3F76E2B4B +y = 00D63203F15C6B6B6989836852029DAD3BB104B0777D9A2F34B5DF470EBB6C7A48BDAA66 + +k = 19 +x = 03B147AAC7171AF8C595689059DC16C7AC4AA78A65C2AF0122E6764F2BBFB804862406B7 +y = 006003C0EF95B7F81920A064428FCD8DC227F7F07C3FA7AA312199AE4139A97B13321950 + +k = 20 +x = 01B832A79FCC5DC9D133865CF37CF0C4057A6D901B468DDCB0B5CB8E1E08BCE036AB9B03 +y = 011DF51ED06859622647D22E00FBE361E33F25E994A04087F77980FED1CA7728A6DD65BE + +k = 112233445566778899 +x = 062654F8DCF40FEA1DEB2C08BAD1CAF9EC52071198F983F3C5234224FFF92144374CCB71 +y = 06DE87072927F58683E5ABEF87D8410D35D84D0AF972D6DB37A9AE78B250E1565CFC5E46 + +k = 112233445566778899112233445566778899 +x = 050787A736D78B0D0328035E472B8EEDF1DCFAC9D8984D285F8DC0E58970C7E1C10BA388 +y = 0207F6D8DC78490D39ED7192A9CF520E3B8D07EE33DD6950B4E0375A809FBB26A3428B14 + +k = 4006697157339194503342894281411734673435250926849120153284931175391665359386157514748 +x = 0427C7B017F0805B55B8136F177ED50FA3E79B776181A0240293A443C782EED3B5D8612C +y = 02080DB91CEFD02B19F8562F4DC739EE8FC8EEFB75C9F2A1C59C02DA38EBBCCAA5C112BA + +k = 1897137477041188685780847749163263762493823317937072569701292427936569263076147192 +x = 051207E5D524114F27093266283F21C033A2D57B3E908734DC2D78EB23C38AA88B9AC973 +y = 02DDDCD4BA8DF8AF4591500E01541A6A9F951732B2925981C1178B1E11CD89479C7D69E9 + +k = 7764035583722722529230891178898148230636432433813358844568148142348598093833159311358 +x = 06AC16FB52935575023BF59A012C5B1508370B76B98DACEEF0FDBBC7B22BB3343CA1F28D +y = 020131B520A37C72627F42B8403CCAA2BB60A048084557631E64EAEC967A1CCBBA5BFACE + +k = 7649258878930897440581608972776484934236261044824524284888654125566359589787365539840 +x = 05A3CF48977E995E4FD16184A0879CD82FE319F76C5CCC0B138BD936F847CF6855332738 +y = 0360E835C05360A72A027D47366B10509B11B84A7CE6232FF5509C50B5D15F4C21703BED + +k = 59285493150399819161419024911358234107491260682045488767089861937964072610856975 +x = 005CA303BB029E142D9698FF92F68B31245BF86D7580702F37B0880023A995D53FD6C48A +y = 0620A56110AC05DB932E140A350B3DBAC59059951A6521D70561181420311C8DCD8BF943 + +k = 7770556997803537271920049108018211954904261475845791461076011003340461251441727635455 +x = 000C1C6EB3B70FDC41132CEDB1996517DED810BF170D194618FACB8B617EFE43A3F1EF03 +y = 03DC3B75CD1DF20E696A67E43CD4DAFFA745A447C96AE63A310441924106339F707FF3C3 + +k = 7755498497130418398573564733681070126312906004361358653553648764252660570647949213440 +x = 0206736F807F841D0D08ECA8FC7708865967B8A769E376949AA3327495F58CE0C90E176B +y = 05BB5A5FAD0A75F759CE0A0EF97E06BE871630B53860B172D6C006FC2B89DAE2E2F10920 + +k = 5828065962223343887212851096157116541334667450204325651735176424594932791638008725504 +x = 04A62EDA72AC7BF389F0A672689BE6B59AF7CAD8230FF6FCD0DB5E4C5D66F6FAD0877B33 +y = 039AD76B67D3528931ACE089BC3FBEF93FAB7828E9054ECA696C07265BC590EEEC92998B + +k = 231577549345607610633586323584257699244475830982963489394538169576810040522752 +x = 02AC3980E5D4FF584C5E46BC740E595F2D57CEF18CB3C673281C22766B832F1D8A1C939F +y = 074E1F85AB033BD8D480A19A15B36830DA847F5C2AA3A7A953D32C6D13A04716AA9EC83B + +k = 7770675453110840849851061203488010045905215474231849876581153515345956681115092647935 +x = 056C0EB667AE76A627836AFCAADFBAE14A01111D5DD2BAD21463C4EB7C936B305D0A61D9 +y = 077B5AAB22011E63FBCD8F92CBFC0C19B2166B4B2889142EBB6B1B4F58CC51C586C8692F + +k = 7770675568902916283677847627294075626569625924376904889109196526770044277787378692851 +x = 01B832A79FCC5DC9D133865CF37CF0C4057A6D901B468DDCB0B5CB8E1E08BCE036AB9B03 +y = 00A5C7B94FA404ABF7745472F38713A5E64548798FE6CD5B47CC4B70CFC2CBC89076FEBD + +k = 7770675568902916283677847627294075626569625924376904889109196526770044277787378692852 +x = 03B147AAC7171AF8C595689059DC16C7AC4AA78A65C2AF0122E6764F2BBFB804862406B7 +y = 03D1446A2882AD00DCB5C8F41B53DB4A6E6D507A19FD08AB13C7EFE16A86117F95161FE7 + +k = 7770675568902916283677847627294075626569625924376904889109196526770044277787378692853 +x = 00205086EE98F746CA70D508D4B9DEBF0275D0CB68A4B5B998B8D8E9DD1E9DA3F76E2B4B +y = 00F662851FC49C2DA3F9566086BB431239C4D47B1FD92F96AC0D07AED3A5F1D9BFD3812D + +k = 7770675568902916283677847627294075626569625924376904889109196526770044277787378692854 +x = 0267EA0500BCFF3A206EF2ED6672CD5721DB270B91B1D61FC596E72657DD21F9AD481268 +y = 023F0D2025DD64E727D18783443FA906CC0518CF158889F85BFBE837E8A4D418F44A92AC + +k = 7770675568902916283677847627294075626569625924376904889109196526770044277787378692855 +x = 004E779F8C4EBCFB81CB6B66AD8097CC55FDBE4FDA1DE1818F3274A94C2E1F6F891EE4F1 +y = 02255E0329DA1F227F541B7398057B121D466F9E7E94CE54C67B2F388D547282F19AA036 + +k = 7770675568902916283677847627294075626569625924376904889109196526770044277787378692856 +x = 032DEC6EA13A2E1E01BE27BD6799D8B609EB46B0805FFAE9D01A1CC74F61A3C310EE9AFC +y = 006939B496AFF7C8DFB28B6F7078CC65D0AE95BF040D3BA87E12E4A521644A362F6D4C00 + +k = 7770675568902916283677847627294075626569625924376904889109196526770044277787378692857 +x = 02AA2E4B4DBE202B748D055CECB4F553A8014EA60DB2C81A226F3542FC9F406841A52E9B +y = 06F4258D07467F15E0884A911C31070E7C72682EF436075FDC9564384ED3949DDB3FAD14 + +k = 7770675568902916283677847627294075626569625924376904889109196526770044277787378692858 +x = 0571A1C5E8E7C03FD9EDF08AC849398269DD6CC126920A7F89482E96E599C2C1CB9CD1B0 +y = 00604D0414AAB54085C1F7327C91DF7100028D0CF143672938B1BA35BC5DC4A2D24B71B0 + +k = 7770675568902916283677847627294075626569625924376904889109196526770044277787378692859 +x = 06352767C28FA14CC1610A4E0AD3181E6DD880AD622E20A2D57AD39C3F9949537FEEC21D +y = 06151D4E2C20498C7575BD0EF519C7898BA42895ED70B962AD4EEF8F74FCFD79E0B87953 + +k = 7770675568902916283677847627294075626569625924376904889109196526770044277787378692860 +x = 02BAA70F624C6B40322D2BCC36555264B0CE79CF6CAD2B7B3640244FA474FBD67ABCD526 +y = 007F9B7C482EF30D67FA16055E46E673ACE3AD03C6F1430FD4572C93476462BA90B0D05A + +k = 7770675568902916283677847627294075626569625924376904889109196526770044277787378692861 +x = 02370154BA926F2E6C255D3066C46044E5956EBC061E5BB9568B59BBE2A1DD26848E8123 +y = 064897E211AD4BA1D15F0F788D458BD2C9E7C988266AF692D18BD79FFA5309BD99597AEC + +k = 7770675568902916283677847627294075626569625924376904889109196526770044277787378692862 +x = 0522E9E9F563873EE65D780ADF8594C32224F8B82D603EC4985A2827BF60C7809DF92E56 +y = 00659F350F0C0B4FBCBE737A1A8FECE773CD93D654B011F63E9A66AC200D621CFA1E5A6F + +k = 7770675568902916283677847627294075626569625924376904889109196526770044277787378692863 +x = 016EB43667CAA03A1D4E0D216EEE8DC344F96DC64DA7388A6CBD67EC37A6216E519DC49A +y = 0187C92D973A14B3F421BEC74F2BD0FA1204E6DDFDC1BAEFBC53ABC086DC36AF78AB9D4D + +k = 7770675568902916283677847627294075626569625924376904889109196526770044277787378692864 +x = 0118E9555319F8D324705749751EBF36FF59CE017FC226D513D0506DAAC1BBAA1054C3AE +y = 07058642F8638DC26FE6174E03676D6F13076CE36FDB2671A26067B8ACD09D01C85BAEE6 + +k = 7770675568902916283677847627294075626569625924376904889109196526770044277787378692865 +x = 01C2637EC3B28939848CA7D5AF774362A3F6E4EED51DAE8AC03A035BE400899876C6D1C7 +y = 06302E0B04C8D28A164584C45ACCF79D3EB7E63CF097325F624B94C58D652E6B7D9C32B6 + +k = 7770675568902916283677847627294075626569625924376904889109196526770044277787378692866 +x = 01953364BD3C81790A86E65FF6E875D73F3CB9FCC149B5A6BEBABB04F00B1693048A7EB7 +y = 045D6187690B7CFE4754410ACB273C88E15A10120997F70F2F54C8946C0C4B98D320053C + +k = 7770675568902916283677847627294075626569625924376904889109196526770044277787378692867 +x = 03CB18F293B4334E75B1ABAE9F52A4CF5EFD216F6DD2601D1E5FDAE28B49040C221B795F +y = 003432AD2E94BC26BEA7CF4A2C6950AD90647536E022C7F32BDB3BA8E7B9CC368A628559 + +k = 7770675568902916283677847627294075626569625924376904889109196526770044277787378692868 +x = 00D257A925BA8BBF1A490A06A80D8338453A9A00EED2C51A90467A4283B3A4DF9DE2BC0B +y = 02F8223BB02AE244A66D51E8D12C85D1D06BA75F86E57C15B9599131A8AF1AEBBA2A598E + +k = 7770675568902916283677847627294075626569625924376904889109196526770044277787378692869 +x = 032A728C1F40082AE632CB3814635D8BBD48627F0E88E4B3768C8C8D27BE75237D7499D5 +y = 060775AB6AF397C39DA5714E5F9DA21BED48467873BF464E30AC65D3AE73D551D92F7815 + +k = 7770675568902916283677847627294075626569625924376904889109196526770044277787378692870 +x = 05F939258DB7DD90E1934F8C70B0DFEC2EED25B8557EAC9C80E2E198F8CDBECD86B12053 +y = 069E51717393C98C581CA958C2BDDD587F82D2BA6070712C02859850EB3D6188383032A7 + + + Curve: B409 +------------- +k = 1 +x = 015D4860D088DDB3496B0C6064756260441CDE4AF1771D4DB01FFE5B34E59703DC255A868A1180515603AEAB60794E54BB7996A7 +y = 0061B1CFAB6BE5F32BBFA78324ED106A7636B9C5A7BD198D0158AA4F5488D08F38514F1FDF4B4F40D2181B3681C364BA0273C706 + +k = 2 +x = 001EB8E16DA624068B00C1E75B0C176E7FAD804795C9CCDA32EE3F5947F71F86638D81EB398C8E1CE4024249CDD45D1AA3876171 +y = 0105BEA9950494E2BA93939D280CCD110E82F700722DC06967E6A2ABF2876D267A60628FC0C01560D62DE46C3EB733C06A8F14B2 + +k = 3 +x = 000D5F0E8B27D12D7A9DCEA13A5CFB9DEE62D63376E31F7666BA2AC2BF314B91420749EF549A17E5DC6815A7B044FF458C40C415 +y = 01DB5B78D491E45CC58E9E44BD7E42537597B9ABA85E2E3589F02D466ED31B816235F6D22679690002FCEF2B5390F0DE885E90BE + +k = 4 +x = 017F83AD07F6DCC7C2064E74FEE189D88BAE4437B159A90E449FC23AB79D43C16D1B95E9B3BB35E32450D02419ABA40B18318C17 +y = 009088328FB9A24F7D9ED1BAE65DFC4CD7558BE314A925D7046A11CD8E196D878169352C50DFF0DEAD68DD369E1BEF916EEFA36C + +k = 5 +x = 0004654FED823C1DD4869E734045CBE81C2B2490ECF7FDD4A5282DEB135B35340B9E607BB43552C3982B03ACE3DA8E257964A66D +y = 00A2900F935DF4B06371EFC32572C40C3A85AABDFF94B7050E5C5223AD6A56413C2D5CE9C95832B1B68F59BA29FF878F571DAEE9 + +k = 6 +x = 003A39CD20D0B1865197CE0C3B051C64E19631A9F4E13230E15B1CAB68B3060E26ED6AA0AA8D495C2413DD2EE60BDBE035A0CF7D +y = 012488FE8BB58879DAE5F3F798EF2795BAF09A969AE778912ED228FD7D8830D1CE0542782937AAA34F593B2E5A7120A74F705D7B + +k = 7 +x = 01374FDE9C26F1DA72FE4AC3BAAE876EB15B248A9307F87C5359BFAE5CF1893AAF34B22B46903F022759FF34E6DE38A979768E5F +y = 0187476EE32346BD72D2C3172B1C7F395B101EFB396E4BBCC3600251B18DAAE556F69929F52003FBC7117A42C03548F6E1CF4208 + +k = 8 +x = 01BD32BC1E109875EB9E6842F4E41CE5164E7CB3813FA4EC9D8817282178BA7931B1909513DAE3FC72054BCD951BF7E0AC340CC7 +y = 00D3AA451E8CC0DAEED8CFFB6DD5A9E734017754658F4F8B59D123DC038172770A9E51106A05CD32EC0D562600A870F104104324 + +k = 9 +x = 01C3333293FADF1B3CA15AF5D739B1FE62A5BAC5F6B082DB90D26408B4A9A3D55A6362DF0A13D809E21854C5348D5BD66CC9F20D +y = 019CA85D72C3629DF4985C961DE9033858E3C606B9E1C53C0F2B53A09EBC7CB1E1C56BE258885EEC2B1C17456456D85F408684BE + +k = 10 +x = 00D232B1AFF9D349C4D3232C38503CC46112920BDCD2EC2CE9C89B97B379245F031B910F70462957128244264BCD0AF0D108BB21 +y = 017FC02E234AFFEB0D2113D3CB75255E32266FF7DEAEAB2CF045901BA36975C9DA2515CF956A06728A18E1A542871DB8340F40AA + +k = 11 +x = 00E64395847482748B5A831EDD0D9DAB993FEB112A0476D3DFD44DCABEC97D5599B92671F5A453F2F28E7876E7A0739FEDB90665 +y = 01E130F55A0380571E62871A719B4B7510DA97E7785A134BDDA9DAD295864CBC0E449B90D99BACF1780AAB780804FFBCEC5430AC + +k = 12 +x = 0118F9E535DA270B724E3C9475E80728FBC0CA7E78567426F772FE66B387E56FF98837EB8303967811E7939B5F0FAED35FA17D57 +y = 00DEDCF1E7F0D32E41DFD95B48AFD2AF5CFA4AAE7C922C1A978B2F79D767F4239806A5AA7F505244E47BC62FA30695311FC2C480 + +k = 13 +x = 0116A5CE23B6E636B3F2166058FBA3B6D52CE189769BEA6C16099A307AE37B985293673DE0DACF7426563C3275C900134EDC65BB +y = 01FE36623B4B46D4992A80BDB7BC2DBAF5273AAB6F5EEEB08079BCEC5BEBA103646CC579D504EB7D091F2760D0D91CF5D4CB009C + +k = 14 +x = 01A25B1DD787D5C0D32E43F4E511E3D6E62A9DDDBF3053CDFB5EFFC8C633818D834AEB5D3287F25C92CD3DAB6A3960FE1A994A0B +y = 01FD2478A64C5C3A83C56312804BD15293BCAFCB4738C2A2680A0ABF2E304BFC4E9EAD51077F9E6AD0B578A397453F80F526735D + +k = 15 +x = 01CB32DD79FB8E1615419BFF1FA79F8CA9BB6D22AF3041FF3D1B24F52369BB5367EDB062F3BDCF6FB9431B0FD5CF97D8531D89E3 +y = 00194915A8E85889E0963078739B62D4DD7521933E37C229589D2061A107F7F7F246A18C03AE709D1CE435DDED33595B050CD985 + +k = 16 +x = 01DE233330A9275CD4EAAA1DC60232EB9D2DAC2D2BA136F439DA6D34813A44C1BCF4730AA6646AE666696753F293D72F71E81B27 +y = 01AC8A2ECBCB17B7FB4D46E9ABF41B692F5BAAA310FC9D8D943512DD7D66A09C288EF003981007101223FFE5874962D1A488BF4D + +k = 17 +x = 00D3D98908A5E460E98B2E06E3F83901AB27119750AF4EAECD2554392EC52DBA4CFF28D771B8C58BF9D94E25A318A031975B51ED +y = 00270792F2D0C591F6957E7462D57D844716783D8DE66862BCF4C1D8014809D3651F776C21CCB4C3485200918AECB3E2BD52A942 + +k = 18 +x = 00BB3C76D93DF702567CD3410169ADC8E790E6E5513E9A2028A6B9D016213FD1898AAA3C4470E659B550A8235DB30BF95687B375 +y = 0011BD9845F356B66EF85B19E7A2ABEAC3FA960BE23F0197269040F6C00E3148BD540DEE52EE589EF2975461B1090577AEECD469 + +k = 19 +x = 01AD4299FF100FD54F45B6FE5DBBA9AFE38C70A533BC5E6C38D498E69F8BE88841B8E78B508C694A676F523F94C8B5CC16A024A3 +y = 00A075D6F4A43615515018C73C7568918CC67E265A21C89A01DE0F8DF3D81546C1FAD87730D37E84B07581788FB912B9C34CECD7 + +k = 20 +x = 0160EC836C3BABF524A48E92DD3B78341E3F675978C789101A1FE656C8533D2671A261A763C34242AD51E9BA25AD8403E530007B +y = 00874BEBABDBBF69FEAF7F8CCCC9390DFDB5DEA14B55B36086898152CC0649E6C9CF8343A0551DD9698C58C19C72950DE0FEF29A + +k = 112233445566778899 +x = 01653E7A3C9A0068DF594CADFC75725E625A0611FE8B5D20CD3036E7522AB4CB9BA06548C0F4A047B2D21813E281D1A4EAB79775 +y = 001C16DEC11A6C78894C3D5B640B1652DD39960DC3848E7DF9308A0B0F4D0CB5FD18161A8C6C30ADDEC5B536DD78B6D5F749FE82 + +k = 112233445566778899112233445566778899 +x = 01F4FEE008B9CC92E3E2620E660212EC000D562792D92F424A952497ACA54F4596AD990BE57B921FD1972D0ADEA0E2E59750BD8D +y = 00192B088C6CDF8853D61AE55252385ECC5C84DAA3E5B3899D5601BEAB2FA1A06F524EF2166B36704D6DF4BC1A6CB9CAB3A58FA4 + +k = 340852098058694223443685913328334800122213548009239021458200241058160277582635336605201369860696488190054345165582777712668 +x = 01A3E80ECC8212AA2F1A72D4CAEA8FDEF704CA66E5F757B216FD791FB39E96D693763DCD1CD9FD7B58E9125146DD753DEC2609C3 +y = 00338918172D4975AAF8DBF44499112249DB77986B5F3B911D20A773A7FA77E39D91500B5E6191EDE72AECFA214F7FD766AEFBC5 + +k = 330527984462480500749858696972807698879792322534660716501880931231154514681281102411727819415542070720160772231667899187200 +x = 009CB2064E475AA4255EDFE2FA9C28FC7C835D907AE760E85C5FEC4C9942E0B24782A1C58456474C4651B04C6CA601859D842757 +y = 00A7927E583821224E16D11D296870FDCA88F064CDEB8967D167D03CFBE19D78AB77B2C5DE164B7BDD61DF9E5CB46F3ED38A9384 + +k = 661055811182233060760558114931315270565948285499910728913604948249436316759152571933881271051664002768892246823601969299456 +x = 00136C4713B8E15F4FCDDF4D4263C2F384C588EAA8058CC295EB2AC753D1E5FC980D042DF8BCFAE56C1A1C5640BB68697E752EA7 +y = 0014657C97BC6BF7ADD702AB161EF76E338B1E553DF1109D75BEA53B8862803E3E6FF6C43555F5D64485CC0E82A2F0CB76BD87E9 + +k = 9848124824282581168576223521444032715651745942136631983412404219039088589242936931984329344164443981460845877002495 +x = 01545408F5A8A5F928FC2367D9427A3E8EE2A6835A13CE7BA748994FF2B7FB89DC702DC502B3E30A1949CA59DC961479730E012F +y = 00BB3C942AA1C098273759E3B63F88242FFEDE92CA1E9C96F99F1F6A0D4D196E9CFCE1FF305D81833BADCCA61BBF99A8F54C110A + +k = 10086913586276986608351544571739294570403084902407898531660086380507213803361623017381183141858728018599612953950945152 +x = 00321C5DA47F9FF824B971FC676BC8F5D58427AAFCCC5C5639B73F5E86E77BCD5FE6910BAF9850370FEA30B5D073A8A827910BA9 +y = 00EE3F7A9E00DF8F3800105D60258D7889B0630BB314D7B38AADF841B721A440010DDF8736DAF9A0C62E14D5598EB3888BFD8532 + +k = 2462327122366641588865954442609565192323453982972635204584341326839476766120163136790911611828808243123690150100864 +x = 01CC0FB950804313DB12EC6DA9AE7EED4B67A4E8D1AEFD02EFC4EC08757B94C857769542E127C189C7A9D62852C4963B8C3D7D95 +y = 00488CB558CAF656232247DC6C77FDC51225B2F44447BAEA27DBBB163E365CEF0A3CF833F20325D83DEC278FEA88398A066C1847 + +k = 640710742885930785676298350239571030548930032145759293806080358426382941034832651516667471974860265874548899151847253606399 +x = 0092D2B6B1B182CE11CAAD954012943B9FFC74D5054FCB7C09F70496F210C92543D593A4A526E35CDF704F9884AA3E8360FC4201 +y = 01C94A5F5F01DF1621C4EFEA6E4EAD0BAF026E99280D4413171CF61BC64BB2463490B558B6B0BE12307E85FEABDD8BAB85B6600D + +k = 80537710134754009256181717406251064703843282159661943483089437132405343392699382920096119401995500134444902384941138431 +x = 01741CAEC4DCC03BA602701641682AE9CFE540030DFAC49C4D50BE79925158ACDEBE26F1708E38BA0FB2288B91D77F7DBA339025 +y = 011A8048C3A957F9FCA1E97ADE605CC866DF19D81C4E7C47295EABB193BA6804D5F32B498449793B6445129C0127DC09E468AD96 + +k = 660894893388914215505901749466264478395628661112655794576010620318625406955160868500641531501789507648565583805566905479168 +x = 007E11B9E9314DFF8B2EBB028E3C59BE5F888D7C52E8E0057F44D498E053D2DD4353EF645F884643C1ED4762507EAC203184F103 +y = 01EE8A49805A85F27698CD21A1588A2E3C2E39E42AE8DF61B8CC069AD7FBB3161AF242E4C380680EA6BED19E12BAFD7767AFD5CB + +k = 1291085613994301823816623782127171770656741175318840446952350041399253681237969932398948453917311285196155902941114400767 +x = 01EB416C69C9D03D6705C1B76D08A9F2893525A22B3648DA51C1841E4866A2EE52F01888E917B0870C76C26A82854DFF700F63C9 +y = 00C8A3A6DBFDCBA03F85005FC30EB1E72F71F8EE386827F55ED5098B13014C40567B7966CB377D9703D062C996D71DB39CE27ACE + +k = 661055968790248598951915308032771039828404682964281219284648798304157774827374805208143723762179110965979867288366567526751 +x = 0160EC836C3BABF524A48E92DD3B78341E3F675978C789101A1FE656C8533D2671A261A763C34242AD51E9BA25AD8403E530007B +y = 01E7A768C7E0149CDA0BF11E11F24139E38AB9F833923A709C966704045574C0B86DE2E4C3965F9BC4DDB17BB9DF110E05CEF2E1 + +k = 661055968790248598951915308032771039828404682964281219284648798304157774827374805208143723762179110965979867288366567526752 +x = 01AD4299FF100FD54F45B6FE5DBBA9AFE38C70A533BC5E6C38D498E69F8BE88841B8E78B508C694A676F523F94C8B5CC16A024A3 +y = 010D374F0BB439C01E15AE3961CEC13E6F4A0E83699D96F6390A976B6C53FDCE80423FFC605F17CED71AD3471B71A775D5ECC874 + +k = 661055968790248598951915308032771039828404682964281219284648798304157774827374805208143723762179110965979867288366567526753 +x = 00BB3C76D93DF702567CD3410169ADC8E790E6E5513E9A2028A6B9D016213FD1898AAA3C4470E659B550A8235DB30BF95687B375 +y = 00AA81EE9CCEA1B438848858E6CB0622246A70EEB3019BB70E36F926D62F0E9934DEA7D2169EBEC747C7FC42ECBA0E8EF86B671C + +k = 661055968790248598951915308032771039828404682964281219284648798304157774827374805208143723762179110965979867288366567526754 +x = 00D3D98908A5E460E98B2E06E3F83901AB27119750AF4EAECD2554392EC52DBA4CFF28D771B8C58BF9D94E25A318A031975B51ED +y = 00F4DE1BFA7521F11F1E5072812D4485EC3169AADD4926CC71D195E12F8D246929E05FBB50747148B18B4EB429F413D32A09F8AF + +k = 661055968790248598951915308032771039828404682964281219284648798304157774827374805208143723762179110965979867288366567526755 +x = 01DE233330A9275CD4EAAA1DC60232EB9D2DAC2D2BA136F439DA6D34813A44C1BCF4730AA6646AE666696753F293D72F71E81B27 +y = 0072A91DFB6230EB2FA7ECF46DF62982B276068E3B5DAB79ADEF7FE9FC5CE45D947A83093E746DF6744A98B675DAB5FED560A46A + +k = 661055968790248598951915308032771039828404682964281219284648798304157774827374805208143723762179110965979867288366567526756 +x = 01CB32DD79FB8E1615419BFF1FA79F8CA9BB6D22AF3041FF3D1B24F52369BB5367EDB062F3BDCF6FB9431B0FD5CF97D8531D89E3 +y = 01D27BC8D113D69FF5D7AB876C3CFD5874CE4CB1910783D665860494826E4CA495AB11EEF013BFF2A5A72ED238FCCE8356115066 + +k = 661055968790248598951915308032771039828404682964281219284648798304157774827374805208143723762179110965979867288366567526757 +x = 01A25B1DD787D5C0D32E43F4E511E3D6E62A9DDDBF3053CDFB5EFFC8C633818D834AEB5D3287F25C92CD3DAB6A3960FE1A994A0B +y = 005F7F6571CB89FA50EB20E6655A328475963216F808916F9354F577E803CA71CDD4460C35F86C3642784508FD7C5F7EEFBF3956 + +k = 661055968790248598951915308032771039828404682964281219284648798304157774827374805208143723762179110965979867288366567526758 +x = 0116A5CE23B6E636B3F2166058FBA3B6D52CE189769BEA6C16099A307AE37B985293673DE0DACF7426563C3275C900134EDC65BB +y = 00E893AC18FDA0E22AD896DDEF478E0C200BDB2219C504DC967026DC2108DA9B36FFA24435DE24092F491B52A5101CE69A176527 + +k = 661055968790248598951915308032771039828404682964281219284648798304157774827374805208143723762179110965979867288366567526759 +x = 0118F9E535DA270B724E3C9475E80728FBC0CA7E78567426F772FE66B387E56FF98837EB8303967811E7939B5F0FAED35FA17D57 +y = 01C62514D22AF4253391E5CF3D47D587A73A80D004C4583C60F9D11F64E0114C618E9241FC53C43CF59C55B4FC093BE24063B9D7 + +k = 661055968790248598951915308032771039828404682964281219284648798304157774827374805208143723762179110965979867288366567526760 +x = 00E64395847482748B5A831EDD0D9DAB993FEB112A0476D3DFD44DCABEC97D5599B92671F5A453F2F28E7876E7A0739FEDB90665 +y = 01077360DE77022395380404AC96D6DE89E57CF6525E6598027D97182B4F31E997FDBDE12C3FFF038A84D30EEFA48C2301ED36C9 + +k = 661055968790248598951915308032771039828404682964281219284648798304157774827374805208143723762179110965979867288366567526761 +x = 00D232B1AFF9D349C4D3232C38503CC46112920BDCD2EC2CE9C89B97B379245F031B910F70462957128244264BCD0AF0D108BB21 +y = 01ADF29F8CB32CA2C9F230FFF325199A5334FDFC027C4700198D0B8C10105196D93E84C0E52C2F25989AA583094A1748E507FB8B + +k = 661055968790248598951915308032771039828404682964281219284648798304157774827374805208143723762179110965979867288366567526762 +x = 01C3333293FADF1B3CA15AF5D739B1FE62A5BAC5F6B082DB90D26408B4A9A3D55A6362DF0A13D809E21854C5348D5BD66CC9F20D +y = 005F9B6FE139BD86C8390663CAD0B2C63A467CC34F5147E79FF937A82A15DF64BBA6093D529B86E5C904438050DB83892C4F76B3 + +k = 661055968790248598951915308032771039828404682964281219284648798304157774827374805208143723762179110965979867288366567526763 +x = 01BD32BC1E109875EB9E6842F4E41CE5164E7CB3813FA4EC9D8817282178BA7931B1909513DAE3FC72054BCD951BF7E0AC340CC7 +y = 016E98F9009C58AF0546A7B99931B502224F0BE7E4B0EB67C45934F422F9C80E3B2FC18579DF2ECE9E081DEB95B38711A8244FE3 + +k = 661055968790248598951915308032771039828404682964281219284648798304157774827374805208143723762179110965979867288366567526764 +x = 01374FDE9C26F1DA72FE4AC3BAAE876EB15B248A9307F87C5359BFAE5CF1893AAF34B22B46903F022759FF34E6DE38A979768E5F +y = 00B008B07F05B767002C89D491B2F857EA4B3A71AA69B3C09039BDFFED7C23DFF9C22B02B3B03CF9E048857626EB705F98B9CC57 + +k = 661055968790248598951915308032771039828404682964281219284648798304157774827374805208143723762179110965979867288366567526765 +x = 003A39CD20D0B1865197CE0C3B051C64E19631A9F4E13230E15B1CAB68B3060E26ED6AA0AA8D495C2413DD2EE60BDBE035A0CF7D +y = 011EB133AB6539FF8B723DFBA3EA3BF15B66AB3F6E064AA1CF893456153B36DFE8E828D883BAE3FF6B4AE600BC7AFB477AD09206 + +k = 661055968790248598951915308032771039828404682964281219284648798304157774827374805208143723762179110965979867288366567526766 +x = 0004654FED823C1DD4869E734045CBE81C2B2490ECF7FDD4A5282DEB135B35340B9E607BB43552C3982B03ACE3DA8E257964A66D +y = 00A6F5407EDFC8ADB7F771B065370FE426AE8E2D13634AD1AB747FC8BE31637537B33C927D6D60722EA45A16CA2509AA2E790884 + +k = 661055968790248598951915308032771039828404682964281219284648798304157774827374805208143723762179110965979867288366567526767 +x = 017F83AD07F6DCC7C2064E74FEE189D88BAE4437B159A90E449FC23AB79D43C16D1B95E9B3BB35E32450D02419ABA40B18318C17 +y = 01EF0B9F884F7E88BF989FCE18BC75945CFBCFD4A5F08CD940F5D3F739842E46EC72A0C5E364C53D89380D1287B04B9A76DE2F7B + +k = 661055968790248598951915308032771039828404682964281219284648798304157774827374805208143723762179110965979867288366567526768 +x = 000D5F0E8B27D12D7A9DCEA13A5CFB9DEE62D63376E31F7666BA2AC2BF314B91420749EF549A17E5DC6815A7B044FF458C40C415 +y = 01D604765FB63571BF1350E58722B9CE9BF56F98DEBD3143EF4A0784D1E250102032BF3D72E37EE5DE94FA8CE3D40F9B041E54AB + +k = 661055968790248598951915308032771039828404682964281219284648798304157774827374805208143723762179110965979867288366567526769 +x = 001EB8E16DA624068B00C1E75B0C176E7FAD804795C9CCDA32EE3F5947F71F86638D81EB398C8E1CE4024249CDD45D1AA3876171 +y = 011B0648F8A2B0E43193527A7300DA7F712F7747E7E40CB355089DF2B57072A019EDE364F94C9B7C322FA625F3636EDAC90875C3 + +k = 661055968790248598951915308032771039828404682964281219284648798304157774827374805208143723762179110965979867288366567526770 +x = 015D4860D088DDB3496B0C6064756260441CDE4AF1771D4DB01FFE5B34E59703DC255A868A1180515603AEAB60794E54BB7996A7 +y = 013CF9AF7BE3384062D4ABE34098720A322A678F56CA04C0B1475414606D478CE4741599555ACF11841BB59DE1BA2AEEB90A51A1 + + + Curve: B571 +------------- +k = 1 +x = 0303001D34B856296C16C0D40D3CD7750A93D1D2955FA80AA5F40FC8DB7B2ABDBDE53950F4C0D293CDD711A35B67FB1499AE60038614F1394ABFA3B4C850D927E1E7769C8EEC2D19 +y = 037BF27342DA639B6DCCFFFEB73D69D78C6C27A6009CBBCA1980F8533921E8A684423E43BAB08A576291AF8F461BB2A8B3531D2F0485C19B16E2F1516E23DD3C1A4827AF1B8AC15B + +k = 2 +x = 01F8BD0B0C77369F3C5A1943C01215CAD8C7018C4AF1A588E6EFE81C0A39E0A50DB8E55BB371D956B15DBCB13AB12AF532B1FC6B7DDF0A13D12DFAA76051132B84020BEC72D2F265 +y = 044A9E41F77686550649D5D124021AA477516211625BED15762A0729A0D052C71E99CDCDDE7D245C0AB279CD4FD5B554D1F5F5E4CA912C0051DF85DE732DBC5F672C49F12215103F + +k = 3 +x = 072D033E612CA6DD14C28F1F6689AF9A97BBA7FD88A25BAE969DD1C91E75A9F680442DEA747EAB06E73B746911780505DAB0E03149DE396B1020FBAF55580CF4D6EB9738CE0D26F8 +y = 0494BA50070CA0FC97E89F3EA55DE5AED4D5BD139B3725618DFEB90152230AA53FA37B6E39BAAD54A77771F0DF01BFFEE82FBB0BAD45F2D5C89F704C6EBA6722B1E4433638D87DDA + +k = 4 +x = 01717E2A5C3EE28FE6DB3F13B087FB3E9EFBE38772FFC1F1B03E0F2BBCCC016EDE33153D46B7BA33618C056CB2F35EDA083AF75B17115E138483DC59AD83FE1077A2829E20BFFE5F +y = 00C2A90DA370B1B8963DFE950C975806F6DE5A01E5152B4850B2FF99D1F8B0726D5D2F0BB850ABA987ACAFC99B70C581ABE9DD39E7BFA4ACFB303E76738ED001DEC5032359C3AD2C + +k = 5 +x = 077AAC79DC0D8891F8C383A000B6457A6E29ADB61B6AA83C32F3815F4D0173085599A42D9DD5529022EEDAA849397809B8CE613CD800E1676559AD2DAB43338E7E10C1C768C8D209 +y = 0131F402BF46187D38270BBEA69AC9673A66116E11DD7A08FBC222BF513871A7D58798FC0EA22336961C76BEB380A7299904DBFD62C1D534D232D6DF42795EFA601152D2B57C5A7E + +k = 6 +x = 0557287AC0922872935C3971223112A6345B8DE8C112D37061F6643DE94D758CE34552FDD6B0F21992F06E2E5DD6B3A69028D35C5C8F1C934177D64506EC14212727C6C1FA11EDDA +y = 0295FD54014C36DA83518A23C15F00037200697B8CB38B2F81AFE4843E7954C00DD125AE7D6CCCEBE9EEFA2B2653D8999421E9969544A2A5C534CE63037D44B77C01209AB18C04A8 + +k = 7 +x = 055323D3EE8D3D62CC94055288C2D30DA13F2E74908678C1927A607A0B03AC847B909E3612E916601E3A9B00D69E6DD5FD2CB6A7987F7CC485C277ECCBD2C2EE345B0CDE067075E8 +y = 04E1A011452C7A543B3FD3969720C6B88E92FB1F2A71A8B8BB25B959B8CBD2106C20FAF7C847A038EBBA6BA145C24A4CA0FCF4DBEABB3CE744153F64FFCC2F8894B73EFC11A2A662 + +k = 8 +x = 00D9BAE2A98471270CD81EEC78D6C906D5DB35CDF049F56822B5910FA9B03BFBB07BFF09CCEC3831C4E4B04485FE70A460EF8E0A88F6BE4957822BF3C997F34DBA2864C6CD47E0B1 +y = 05C08664F55B7DDCE2277F251725BC76EA968EF0C4E4A8522EF920D9DCD36D68704B1C7F03DD54154FE741E1970C4CF3BCB055B4938CA787179AEADA021E2D7795F52484CF504837 + +k = 9 +x = 02E28EB85C4DB405E6AF8722219BFC7E0DEE5F63973A8538D539B851F6DF2E141B51043BAC7D67C57A33C159C07D6310403DB2C5AB647673C41EB3A5FE84A85E2795D2D15EA19671 +y = 0639755A25DC91FFF9DD128EEB7945EA9135BA288747D302C1CF2056B2B26E22C31B345F9C83DFB68F2910D6DE27BD07F305A082ABF9B62AEDE66B7EC459AAFEA8C1817E10A4524D + +k = 10 +x = 02E7F80713D6620DFD571EF392E231940FDDF15DA67AD31FCE4808D4C54F955A566BFC1E8A10E481CF0EC353560A7997D1B562B518585D6DB8EC99131A9209D6126A5B6FC54BE8FD +y = 0095B4A8879821FF2B54F9B3ED927DD3A04DB637AA5CD40C727C6EDE3030E07B1B7ACA812118BF9F377CA98A1336CDF6B83A7122BAA1BEE70AC221948FA5E54674A072AF86025952 + +k = 11 +x = 020F60EE1C635708BDEC8F0BD8767372D145402CDC614CECEF0C3033E804E5E5A042D6DC0DD31F93078C883727B711D748FD71B6D60088192DDA285763C0B2F9B2EC2C8EC8E0476D +y = 0050B43DDCAE16670D10B22547810642F38CCE90623CB3A9DD95EA575867C092FF77E17B4216B11CCDF4100D529951B99C6E0C8742BF376B8DCF521961C2A5819D5C579A33A8C025 + +k = 12 +x = 0219AE0B766B17D3B310E1EB4AEBF6C135C39BBAC05C20EED04158A7B39E69CBA55CA9A3F5BD3131B208AC253D693E138941FB391022776B7C0E520AF96AA527CC503ABF2F399C86 +y = 01D2217DAD1F83C99B4C9C1AE426E1CF8A415AE10C9DFC930A0EF13AE9185CDA2DAFF3916988CF247DB6D4215B6DF23F109077D952A6FD60EA17B82095604EC9849934C6D365867A + +k = 13 +x = 0554EF00BC8894C9D60751D6510D6706636C252A8F4B31391AE95B8438FC927B1069C6ECA2C309DB6072A80116F2781FE03DD064DCD0F199FD43F3997B21CB74B21E094A6C3CE7EF +y = 01199F942E4DA8CD55127D8CC18ADEC221FC53E4B94570BABD6C22696520E79A7135727DBBC4DEE1B7162ECBF261427550919E78B555867C007ED8E7001C4CA77ECCCA4E4BD38C63 + +k = 14 +x = 02929E07DB1229E3906CE242C56A9A02208DBB4D6397BBB3CC1C3E53C311CB99BE470ED8B6191B59B5071E84C000428E7B74A456775836C3B58930B4FA20751E6266411F3BEFF3A5 +y = 0343B10B2B39A9905683ABDCF1470DCBA7F76A3F237DC89792E6EB2EFDD1549CF6973ABD69B98BFFB0D4FBB88AF7A644928BE60C2AAF2F690D5945C1792398028EE58F977A8F2BE2 + +k = 15 +x = 038CCBEFC042385C751E02DDAD50ECC57F23FA4235F8A27CCC31C1290380B7478A7976C7395DD21035251AAB28355D665D3545CEC6739F500C739CED2E1FD87277FD5FC7E92ED19A +y = 07C7B76EAE12A050F9C54489AD3F33E6428E5EA5D8AB627E93C805DD805F80210E9FD41B20EA2B6FABA178EA17D22FF1C3011FC57B3800D2EBC59E1DB84A841C99FD299721EA21C8 + +k = 16 +x = 068989557C872F0F3B33EAF57E55F7D5853A2B61C368AE0B602B587B6ED600856DAD98D83FC0FE370FF6F229B3A0AA3A5FC9CE9D05EBF7F8F531071479C643F0F914226DF4A875DA +y = 00069C79079321474FAB6BC7D302EAF60EC2DDE78023A2865F2D428BE48C8C24FCDEF0C049D2C9D6E4F67D37A00B6542813D485D3B3C04A6292513775D4F86D8A288741074D5C88A + +k = 17 +x = 056DB896DA3370648244B873AF7EE95003F9AEA515DD00632EF513EC3C4251428A6FD6BD6A74307060B422957DB1E7E27474E0CAD8397FAAC618EB19D6EF0DF6CA293E1DE7B539A7 +y = 05F79F9D736F7C7E6C21B05486006B51D19D05CA0BA7658AC51811165035DC074454CE7575C37B2CBAC0F27C1D6CB75818AE258DC3D0EBD99821C444BB9EA4B3CEBA3762A80E8413 + +k = 18 +x = 03DA1431DE0ACBD3F4276109E9A4ED3A748245A14EFA7F1DA84FE917073959D8AC6FDFB5DE3F90EF77FB76E133FFCCFABF64309521C84F7529C765FCA9D02D4268219616D8BA712B +y = 00AA944AB72CD18C65866A69D4A70431B40350B2468BFFD2E761BC74C80CF5B0E0EF646FE6E9F7A300DCC098999375ED5DB310C37355656E99A13FB9CE1446395B0DD30E2200646E + +k = 19 +x = 02232CDB414DF19ED46D9EB492B4ED4FAB0AB96918783D44503526598EC6786597CB824412D93B5DF55FA475AAE122AF56FEAEBBE41FD111103AACD235C7E5C055DD1CE0780067C9 +y = 041C3844CE19D15F08E745F62542D9BB31D1E8E6AD0D874CF188753CC1CE8B104BE05B9600A5F74C8B1B5C6398C9F8AB5C79FBB73118FE270FE257F4ED5408E2865E22999F372B10 + +k = 20 +x = 040F4A06EDBF702E8F868A157D6D04C76B47CF1CD637CCA94DA858B2EE52C1FE290880CD513A93E60D16CE2E58C855F9882C259493254162D731A239ADE99FC785FB97FDFC72A4F4 +y = 04802390FDAC1D9B59EC4937F6443EF938EE44CFE96F34987CBBD822226325625A5AF3C629591F2EEB8541BAE72FCCD657F00737FBF80D82C401F8A39B915E160688CFE5AC6F3CCA + +k = 112233445566778899 +x = 077F5D821A238B7AF9C23B5D447E2393D28A308AA3433355B0E73BD23A3A72FAB81FE9FD5A6C8F8891DDD9A7056BB205E6DA1AE42D9713651AD1207678D64D56BF50F5D05F72E085 +y = 0200A5258D53C3A756BFEE3E8DCBEAFD7F781D7C05FCEAFFCE2117E69B4272E92636D23239BB74AEDA63E708F94C3D777E175FFE346C98AF11397F4B462A38C0164D06C438023555 + +k = 112233445566778899112233445566778899 +x = 04BD101FF2D6F621E53D1D63F7011C53E9956D840DB2510E667890AF2B85112B6FB427B5918F5AEA4CB68F4D5AA532A89EA1CC1C22F3EC5D98226F5AABFCBDE5AC3FEBF1F621040F +y = 02164396DAFB6B61FB6957E433782AAA75124BD4280F6458B17B3B07D109FB92EC859C6F09B75B01145F1CCE6974FD6C3CB7DA6DAE5F41402837E8EFE1DDA3E279992B4FB7B7EAD6 + +k = 1992623597601820334275444784098161341414252502647858850477940617876196735335367504892511147225880341545498168999090021223223595237741903315110794472594029953181583356723327 +x = 04FD746F4265664E038357FA540A1517DAF2F71BB8097BDAD93CC9010F25D84C2F0FE9234D6E3AA79A60932892D3CE574A5FB4D4788071E5F21586C5357908EE4839544F1B8D2285 +y = 0728E938B6D100C3A67FE2738C41F9802692E847A1E4FEECAA7D7F21F9DB0596C85A00AEEDA069162C9D96F31B577B047E139342FDBFB93FBF2ED8ED29379A6B41DB637FE8D71ED9 + +k = 3861235304097731366395849020295506793580025501573752466082694720823659889999449120687268962697352252653604400025856795876469657119139444635908785358460460317088877788544768 +x = 04435FC297946D031A28AAB3DA06915A6C5AE07DC1E71B58AF7167358A0629E95A95D795592514C5371A007A6AFB9CE1D87069BD181CFD1457972FA7FA781C4CA008633EABD28AA2 +y = 01FE909CB108F22AD29DC1570606B173085E1FF5710736224E6CB0024A141B9B297665D2ACC15B11E899A5EAC43DC16C71619634BDF6BAC3E7C0009F9C5CAB3AAE803992812515D7 + +k = 29484053325707075925799971880648520225129267203907309744947579482621481989803910526623412325649301163282163977203931103437234275639190412051242172756191821780639287295 +x = 07620AEC44028C64CE94E567A147FAB0E840482EADC69E9AD2764CD396E72A141215167F82934286867A723B1D2B2AC92730276B20247EAF85CE2A77EBE6189188AC89342D13133D +y = 072EF9C9248B5105C4F5182DA464F413408B6C7767C7633DD6858756A885E08FCCA425F84EAF579F58D42CB9CF1AD3DB39DBF1F2BEE88DC927ABE3E7C07C3732EE2F560F21FC6828 + +k = 3856989612564136079392730580999641434043086815740351063506109991771247389759040179364506010801907655119601519159801507707836288138946973600108373332732886149272671889129479 +x = 067C4061E0450C221ECCFEB6FE02B893DB383161904059550BF241FCCFF3F75147E2BDF4A9A2D9D5CB70EB22296E8D012DE972A7776430293A5C70392B62264C4C0C5A104B21B17E +y = 00DD71F5F2FD56B3F686019E390222A5FF45E996859B6222C50FEC153E4D21017792DA948BA4D397F43E68356611C7635BF27F12364922A7A96FE059F8734841379E2EB3861E40E6 + +k = 115168896320404645651432041179098839414378138206812196561404436546770474625174718418325552238695410399889241880699884998980722656882424204062175554372303917066223615 +x = 0729CEFEE07A890F0F44DE052F1E777B54E9BA32125C8824B32F8E1DB97F8637B5EA4B30722F49C7F91BA7D349FC59604E782515C245EBBCF0C32D937ACFE21CBDCE73C6D6A2291C +y = 03C737F717C113818813CA3756E13C2B437ECE0822D9B03A4152D693FCD69CEA3045E07D1156D643EFC4C47255C78E72C0F20D59538A60929C8328CDC9139875EC3724A60CD721CD + +k = 3864537523003199239087417163945278577471667133170388636024057769266287662208867993319214525206175292032772076860100999103054058369004034553550030668101507007173144516497376 +x = 06CFE40EBD84A2497D4DAC409C8C34EB290A26265C1FFA6B4BDDC0C66235D72D23E1804D6E8B516DAE4CD0CAF88D96593510A6870CF507868A0FF447590B76F0867691D8FCDF5E95 +y = 02FA9B7B50184638A15183FC77DA1F1D8FCDC08BDA171084142EA3DF9148878D22D30F692F9D5F53D63B16AB29D4B27C004588D32AB15AA46DA03D7B2EDE6C55DE8104A33F23C629 + +k = 230121197121011964829492956410962317332440724987436349361278165103269765744684971897427792562867723805262067593176384089090183615361873148246784747143625214720344064 +x = 049B52AD292175C56C6DD0A2131E53745E18392249B583D477A2A224A3085C634E540C6AAE202F4A72BF07E0E77AE93C90A20FD11F9590B15D628C4A079EF216FD3111844FE9002E +y = 028832D22775E3124716723417F51DBA494BB8958B217BD169B9C8A76AD5E3AEFA5DF4AA651A02BE35EEF27BF695E506D4808D8A4AF11560B81B004923489BB21C9EDECDE6798B5C + +k = 3864522781876319144444990411489928498745425588762374758896440897920023110585946263236417010936645116291777139009696600304790060614733522620138525597803759712486299307872239 +x = 01E1552C7C69C3525DA7DDBA7DB7715BB847ABC2E0AADA92600E518C17820A51B8EAA322CCE4C090C51C40DA4BCB3F4C5D277E25B1CC1E863D432DF78DFCAD1EA2A75D3745103B17 +y = 0623DD4A4920ED76A5A6615D0DD94BCFBC7196D15DA871BE597FBF99CB62A51705169C2BBA37ED077FE82A3944307AC2F8A021067B97F6CCF4AFAEFA37CE7F6AB3146BCE61BAE852 + +k = 1815275926114215700701028333874259168175794556292427843778276145855757450023893249648446870539448899577350096228970948933440013595519109366285051171291091396578474272488967 +x = 0624C5EF23046534905D62544290F0B3E33D1624BF11EFBE11F46CA1EFCB07019389E6F7BA16CA54AD2D92B4D1C2F2CE4EC230661838D2C14418DE64540F2FB4EB95E0526EFCDA04 +y = 05751A95A70169C074B4FF7670CB2E9EF7C742474C35417D5613CE37183BB2A7E86094C91CF89B20B5E5A2C677CBB6EBF968F8770285E20FDAA6C68A9B3D9F108C642028C1EFC11E + +k = 1287149561276048671542980749585292895031172887885203268478243566010436807420646737938361337191803564987388184003920857755944740028427123811551562332234582015 +x = 0363C4953279AEABA18705B01A9E5254BA7099294ECC1C102DE0AF6042C2DBC1DC958764974D8D23E740E945238772FB0DAA5446F42011C1434BC81899D9BBE58BC85F7E3FB18BF5 +y = 002B9EB340C7ED992F0C23727176ABF49DF09E278EBD66BB80C0BEF98BCB741AFC0F927378CA29167F2999544EBA44E2DB769F86ABCB785B9A1BF0DF0D91D9E65419F8CB5FC8FB79 + +k = 3864537523017258344695351890931987344298927329706434998657235251451519142289560424536143999389415773083133881121926944486246872462816813070234528288303332411393191105285683 +x = 040F4A06EDBF702E8F868A157D6D04C76B47CF1CD637CCA94DA858B2EE52C1FE290880CD513A93E60D16CE2E58C855F9882C259493254162D731A239ADE99FC785FB97FDFC72A4F4 +y = 008F699610136DB5D66AC3228B293A3E53A98BD33F58F83131138090CC31E49C7352730B78638CC8E6938F94BFE7992FDFDC22A368DD4CE013305A9A3678C1D183735818501D983E + +k = 3864537523017258344695351890931987344298927329706434998657235251451519142289560424536143999389415773083133881121926944486246872462816813070234528288303332411393191105285684 +x = 02232CDB414DF19ED46D9EB492B4ED4FAB0AB96918783D44503526598EC6786597CB824412D93B5DF55FA475AAE122AF56FEAEBBE41FD111103AACD235C7E5C055DD1CE0780067C9 +y = 063F149F8F5420C1DC8ADB42B7F634F49ADB518FB575BA08A1BD53654F08F375DC2BD9D2127CCC117E44F8163228DA040A87550CD5072F361FD8FB26D893ED22D3833E79E7374CD9 + +k = 3864537523017258344695351890931987344298927329706434998657235251451519142289560424536143999389415773083133881121926944486246872462816813070234528288303332411393191105285685 +x = 03DA1431DE0ACBD3F4276109E9A4ED3A748245A14EFA7F1DA84FE917073959D8AC6FDFB5DE3F90EF77FB76E133FFCCFABF64309521C84F7529C765FCA9D02D4268219616D8BA712B +y = 0370807B69261A5F91A10B603D03E90BC0811513087180CF4F2E5563CF35AC684C80BBDA38D6674C7727B679AA6CB917E2D72056529D2A1BB0665A4567C46B7B332C4518FABA1545 + +k = 3864537523017258344695351890931987344298927329706434998657235251451519142289560424536143999389415773083133881121926944486246872462816813070234528288303332411393191105285686 +x = 056DB896DA3370648244B873AF7EE95003F9AEA515DD00632EF513EC3C4251428A6FD6BD6A74307060B422957DB1E7E27474E0CAD8397FAAC618EB19D6EF0DF6CA293E1DE7B539A7 +y = 009A270BA95C0C1AEE650827297E8201D264AB6F1E7A65E9EBED02FA6C778D45CE3B18C81FB74B5CDA74D0E960DD50BA6CDAC5471BE994735E392F5D6D71A9450493097F4FBBBDB4 + +k = 3864537523017258344695351890931987344298927329706434998657235251451519142289560424536143999389415773083133881121926944486246872462816813070234528288303332411393191105285687 +x = 068989557C872F0F3B33EAF57E55F7D5853A2B61C368AE0B602B587B6ED600856DAD98D83FC0FE370FF6F229B3A0AA3A5FC9CE9D05EBF7F8F531071479C643F0F914226DF4A875DA +y = 068F152C7B140E4874988132AD571D238BF8F686434B0C8D3F061AF08A5A8CA191736818761237E1EB008F1E13ABCF78DEF486C03ED7F35EDC1414632489C5285B9C567D807DBD50 + +k = 3864537523017258344695351890931987344298927329706434998657235251451519142289560424536143999389415773083133881121926944486246872462816813070234528288303332411393191105285688 +x = 038CCBEFC042385C751E02DDAD50ECC57F23FA4235F8A27CCC31C1290380B7478A7976C7395DD21035251AAB28355D665D3545CEC6739F500C739CED2E1FD87277FD5FC7E92ED19A +y = 044B7C816E50980C8CDB4654006FDF233DADA4E7ED53C0025FF9C4F483DF376684E6A2DC19B7F97F9E8462413FE772979E345A0BBD4B9F82E7B602F096555C6EEE007650C8C4F052 + +k = 3864537523017258344695351890931987344298927329706434998657235251451519142289560424536143999389415773083133881121926944486246872462816813070234528288303332411393191105285689 +x = 02929E07DB1229E3906CE242C56A9A02208DBB4D6397BBB3CC1C3E53C311CB99BE470ED8B6191B59B5071E84C000428E7B74A456775836C3B58930B4FA20751E6266411F3BEFF3A5 +y = 01D12F0CF02B8073C6EF499E342D97C9877AD17240EA73245EFAD57D3EC09F0548D03465DFA090A605D3E53C4AF7E4CAE9FF425A5DF719AAB8D075758303ED1CEC83CE884160D847 + +k = 3864537523017258344695351890931987344298927329706434998657235251451519142289560424536143999389415773083133881121926944486246872462816813070234528288303332411393191105285690 +x = 0554EF00BC8894C9D60751D6510D6706636C252A8F4B31391AE95B8438FC927B1069C6ECA2C309DB6072A80116F2781FE03DD064DCD0F199FD43F3997B21CB74B21E094A6C3CE7EF +y = 044D709492C53C0483152C5A9087B9C4429076CE360E4183A78579ED5DDC75E1615CB4911907D73AD76486CAE4933A6AB0AC4E1C698577E5FD3D2B7E7B3D87D3CCD2C30427EF6B8C + +k = 3864537523017258344695351890931987344298927329706434998657235251451519142289560424536143999389415773083133881121926944486246872462816813070234528288303332411393191105285691 +x = 0219AE0B766B17D3B310E1EB4AEBF6C135C39BBAC05C20EED04158A7B39E69CBA55CA9A3F5BD3131B208AC253D693E138941FB391022776B7C0E520AF96AA527CC503ABF2F399C86 +y = 03CB8F76DB74941A285C7DF1AECD170EBF82C15BCCC1DC7DDA4FA99D5A86351188F35A329C35FE15CFBE78046604CC2C99D18CE042848A0B9619EA2A6C0AEBEE48C90E79FC5C1AFC + +k = 3864537523017258344695351890931987344298927329706434998657235251451519142289560424536143999389415773083133881121926944486246872462816813070234528288303332411393191105285692 +x = 020F60EE1C635708BDEC8F0BD8767372D145402CDC614CECEF0C3033E804E5E5A042D6DC0DD31F93078C883727B711D748FD71B6D60088192DDA285763C0B2F9B2EC2C8EC8E0476D +y = 025FD4D3C0CD416FB0FC3D2E9FF7753022C98EBCBE5DFF453299DA64B06325775F3537A74FC5AE8FCA78983A752E406ED4937D3194BFBF72A0157A4E020217782FB07B14FB488748 + +k = 3864537523017258344695351890931987344298927329706434998657235251451519142289560424536143999389415773083133881121926944486246872462816813070234528288303332411393191105285693 +x = 02E7F80713D6620DFD571EF392E231940FDDF15DA67AD31FCE4808D4C54F955A566BFC1E8A10E481CF0EC353560A7997D1B562B518585D6DB8EC99131A9209D6126A5B6FC54BE8FD +y = 02724CAF944E43F2D603E7407F704C47AF90476A0C260713BC34660AF57F75214D11369FAB085B1EF8726AD9453CB461698F1397A2F9E38AB22EB8879537EC9066CA29C04349B1AF + +k = 3864537523017258344695351890931987344298927329706434998657235251451519142289560424536143999389415773083133881121926944486246872462816813070234528288303332411393191105285694 +x = 02E28EB85C4DB405E6AF8722219BFC7E0DEE5F63973A8538D539B851F6DF2E141B51043BAC7D67C57A33C159C07D6310403DB2C5AB647673C41EB3A5FE84A85E2795D2D15EA19671 +y = 04DBFBE2799125FA1F7295ACCAE2B9949CDBE54B107D563A14F69807446D4036D84A306430FEB873F51AD18F1E5ADE17B3381247009DC05929F8D8DB3ADD02A08F5453AF4E05C43C + +k = 3864537523017258344695351890931987344298927329706434998657235251451519142289560424536143999389415773083133881121926944486246872462816813070234528288303332411393191105285695 +x = 00D9BAE2A98471270CD81EEC78D6C906D5DB35CDF049F56822B5910FA9B03BFBB07BFF09CCEC3831C4E4B04485FE70A460EF8E0A88F6BE4957822BF3C997F34DBA2864C6CD47E0B1 +y = 05193C865CDF0CFBEEFF61C96FF375703F4DBB3D34AD5D3A0C4CB1D675635693C030E376CF316C248B03F1A512F23C57DC5FDBBE1B7A19CE4018C129CB89DE3A2FDD40420217A886 + +k = 3864537523017258344695351890931987344298927329706434998657235251451519142289560424536143999389415773083133881121926944486246872462816813070234528288303332411393191105285696 +x = 055323D3EE8D3D62CC94055288C2D30DA13F2E74908678C1927A607A0B03AC847B909E3612E916601E3A9B00D69E6DD5FD2CB6A7987F7CC485C277ECCBD2C2EE345B0CDE067075E8 +y = 01B283C2ABA14736F7ABD6C41FE215B52FADD56BBAF7D079295FD923B3C87E9417B064C1DAAEB658F580F0A1935C27995DD0427C72C44023C1D74888341EED66A0EC322217D2D38A + +k = 3864537523017258344695351890931987344298927329706434998657235251451519142289560424536143999389415773083133881121926944486246872462816813070234528288303332411393191105285697 +x = 0557287AC0922872935C3971223112A6345B8DE8C112D37061F6643DE94D758CE34552FDD6B0F21992F06E2E5DD6B3A69028D35C5C8F1C934177D64506EC14212727C6C1FA11EDDA +y = 07C2D52EC1DE1EA8100DB352E36E12A5465BE4934DA1585FE05980B9D734214CEE947753ABDC3EF27B1E94057B856B3F04093ACAC9CBBE3684431826059150965B26E65B4B9DE972 + +k = 3864537523017258344695351890931987344298927329706434998657235251451519142289560424536143999389415773083133881121926944486246872462816813070234528288303332411393191105285698 +x = 077AAC79DC0D8891F8C383A000B6457A6E29ADB61B6AA83C32F3815F4D0173085599A42D9DD5529022EEDAA849397809B8CE613CD800E1676559AD2DAB43338E7E10C1C768C8D209 +y = 064B587B634B90ECC0E4881EA62C8C1D544FBCD80AB7D234C931A3E01C3902AF801E3CD1937771A6B4F2AC16FAB9DF2021CABAC1BAC13453B76B7BF2E93A6D741E019315DDB48877 + +k = 3864537523017258344695351890931987344298927329706434998657235251451519142289560424536143999389415773083133881121926944486246872462816813070234528288303332411393191105285699 +x = 01717E2A5C3EE28FE6DB3F13B087FB3E9EFBE38772FFC1F1B03E0F2BBCCC016EDE33153D46B7BA33618C056CB2F35EDA083AF75B17115E138483DC59AD83FE1077A2829E20BFFE5F +y = 01B3D727FF4E533770E6C186BC10A3386825B98697EAEAB9E08CF0B26D34B11CB36E3A36FEE7119AE620AAA529839B5BA3D32A62F0AEFABF7FB3E22FDE0D2E11A96781BD797C5373 + +k = 3864537523017258344695351890931987344298927329706434998657235251451519142289560424536143999389415773083133881121926944486246872462816813070234528288303332411393191105285700 +x = 072D033E612CA6DD14C28F1F6689AF9A97BBA7FD88A25BAE969DD1C91E75A9F680442DEA747EAB06E73B746911780505DAB0E03149DE396B1020FBAF55580CF4D6EB9738CE0D26F8 +y = 03B9B96E66200621832A1021C3D44A34436E1AEE13957ECF1B6368C84C56A353BFE756844DC40652404C0599CE79BAFB329F5B3AE49BCBBED8BF8BE33BE26BD6670FD40EF6D55B22 + +k = 3864537523017258344695351890931987344298927329706434998657235251451519142289560424536143999389415773083133881121926944486246872462816813070234528288303332411393191105285701 +x = 01F8BD0B0C77369F3C5A1943C01215CAD8C7018C4AF1A588E6EFE81C0A39E0A50DB8E55BB371D956B15DBCB13AB12AF532B1FC6B7DDF0A13D12DFAA76051132B84020BEC72D2F265 +y = 05B2234AFB01B0CA3A13CC92E4100F6EAF96639D28AA489D90C5EF35AAE9B262132128966D0CFD0ABBEFC57C75649FA1E344098FB74E261380F27F79137CAF74E32E421D50C7E25A + +k = 3864537523017258344695351890931987344298927329706434998657235251451519142289560424536143999389415773083133881121926944486246872462816813070234528288303332411393191105285702 +x = 0303001D34B856296C16C0D40D3CD7750A93D1D2955FA80AA5F40FC8DB7B2ABDBDE53950F4C0D293CDD711A35B67FB1499AE60038614F1394ABFA3B4C850D927E1E7769C8EEC2D19 +y = 0078F26E766235B201DA3F2ABA01BEA286FFF67495C313C0BC74F79BE25AC21B39A707134E7058C4AF46BE2C1D7C49BC2AFD7D2C829130A25C5D52E5A673041BFBAF51339566EC42 + + + Curve: K163 +------------- +k = 1 +x = 02FE13C0537BBC11ACAA07D793DE4E6D5E5C94EEE8 +y = 0289070FB05D38FF58321F2E800536D538CCDAA3D9 + +k = 2 +x = 00CB5CA2738FE300AACFB00B42A77B828D8A5C41EB +y = 0229C79E9AB85F90ACD3D5FA3A696664515EFEFA6B + +k = 3 +x = 02ACFCFCC9A2AF8E3F2828024F820033DB20F69520 +y = 05729C47F915BADC7B4C17DF14E5804109FFECDFE4 + +k = 4 +x = 00BA8C7E6E2523EF94CBC1E56FACFEDE24F3F91578 +y = 0510F96CBC41CF3BDFA0157E9E8FEE2C605791DB0D + +k = 5 +x = 03799F22E9423EDFF60294E8288884A04E107B6B6C +y = 0682C9197F934512CE56E7D77CA4CC4B30D471EAD8 + +k = 6 +x = 0765470BC65E9AB8C40B297C983B1000BCF021426E +y = 00A58BA7C589659F870A0CB121F76D61122D8741B6 + +k = 7 +x = 07BE052CCAD05B617B11464326A51B7D385C6BA200 +y = 04520CE8604F8021100F0BB33B56C319DDCAFF804E + +k = 8 +x = 03A11E19CC4C0B15CD4C7D5A5CF2D5A8C383287DA8 +y = 0204041306C461A237C8E5D1644D0ACA7D738A1257 + +k = 9 +x = 016576D3F87AAD87D368FBC781E06B8962B642970C +y = 00B640E3E6603226313845E0B99B64F38BA2F52736 + +k = 10 +x = 06CCE478962E01FAFC11E28A80B0E09F15081D3B85 +y = 065DEEB37540F2ACFFB7F2CD28703E31163FD45B16 + +k = 11 +x = 05E9FB531D228B4A54255735DC40CA04D2F7657C5E +y = 029F47B64659C5DCDE8B925DF6C5D7C626B4F94C5D + +k = 12 +x = 06577AF126F23E034E92C90B3859AF99F5A8546BB5 +y = 00AEB4378F9A4C9F3BA900EC563DF5DFBF9C37C12A + +k = 13 +x = 06EDCE85EA33E0710BE697577590C7D87F7698EE48 +y = 01B39439847AA85845C729FDFDD73CDD6A59D9DEC0 + +k = 14 +x = 0515522C9915F782E104D4C6F546B82913773B34F5 +y = 0723ACCE6FE24B0701DB659E760A003758D9B5E9AB + +k = 15 +x = 0661A293E9DF7FA7172DD2A57A7640142A14BAABB6 +y = 02309B696493E3F7A42BA36FA4D99CB69B31071153 + +k = 16 +x = 02E8D15536960EB926E78D9E15CE721DFAE4FE3134 +y = 055FA396B49D7BA95580F552A7613CA5F7CD41594B + +k = 17 +x = 068874B508754AE920DE9A7729F8947CF628A9D461 +y = 05E284A18A1ACFF4CACCE361342B99F1FF1DF8B15F + +k = 18 +x = 00E4DD8B305AEDB5016CE3588057F912B3C76752CA +y = 07329CA3995F6732BD3C089BEBE2C04A206BD7509E + +k = 19 +x = 062975F3C3A8FCFA1FC637258E3D66ADADB190B82C +y = 012E2AAD4E2E1119651C1965649C0607A57BC7C045 + +k = 20 +x = 002B9D67C977D6F6119124A7C9B1689A0B1AB77358 +y = 02CC8ADDF1036CCA6415D17523AC2F22685706E125 + +k = 112233445566778899 +x = 025E375998A309D04E13D0DEDCCB41C4092E10AA09 +y = 0294931E03634C0372A5FD6CA8B5FC8653F05F3BA9 + +k = 112233445566778899112233445566778899 +x = 021F532838BC0DB241EA9E68049601C6876A2C051D +y = 06E1A392C87EBE0AC9FB883919297EAAEE437A09DC + +k = 3014303919301082363471676974008142323349532409856 +x = 05B7FFF5A06250EBC5F615BD6B4B844DE05E0244A4 +y = 02193CA5AC7FA701F6B4A0D9E7E273C8C37615227C + +k = 5845660887092509954614822264108743716794242435071 +x = 03C2E7B8E45F96A866013E695BC46AC4ECB5320E83 +y = 05FCFEC52C7F1275BDA7541EDACD337CBADDDF9454 + +k = 37218388952580046387530102177743765472 +x = 07164DEB48BFF55BFF286C2C30F17816D80B54DECB +y = 0306EA19A4A3E0FA95670AE8C1A01EDA89FF88BB10 + +k = 178405792776285083668453598138797165866123391 +x = 00BB951AFE8422DE591F1CE0BE37AC8B5F8CC6AE94 +y = 00A649E56DF69EF13743190C3B7173BA97500B852A + +k = 5846006375109673349306752832313931793753188073472 +x = 03277C00F7562E1B1C51AA5E0E53B3E7B094B8D822 +y = 04670BC9BC4BBBB7BABF80AF2D72086F5F310F8764 + +k = 5754662784102716162046055105144722111089719902208 +x = 076006FBAA0F3EE615955E01879009C85E7CB6ED28 +y = 00EA137DD20C92494B857B4E209CDA29AC59166D16 + +k = 11417981371511606755217326180000330384402284544 +x = 005122FC1C274735CCFC40380C49785403053D94D3 +y = 046D805F77DA6ECE61D478A60DD169F87923CD8CFB + +k = 87091267516532971911250469212156927672320 +x = 01C14DDAB12BC0D98BF83CE0022F305039F64FC205 +y = 006F9B20200EB3CEA80D1DB6C0FB8E6DED4A3C665C + +k = 2809981007300141238972830272943674589706190848 +x = 01076D1DC455E40137D38EE4F0B2DE2FD489FF24A1 +y = 031D7DAB2611818D11EFC4516E38AF88FE49F8E91E + +k = 2854409634255779570371480294187805694377328639 +x = 05C0DFC924AC5A547D8D8C915376F00EF03A65437D +y = 0590175D02EAD03843AB5D2974874B4AB22D9C5FD4 + +k = 5846006549323611672814741753598448348329118574043 +x = 002B9D67C977D6F6119124A7C9B1689A0B1AB77358 +y = 02E717BA3874BA3C7584F5D2EA1D47B8634DB1927D + +k = 5846006549323611672814741753598448348329118574044 +x = 062975F3C3A8FCFA1FC637258E3D66ADADB190B82C +y = 07075F5E8D86EDE37ADA2E40EAA160AA08CA577869 + +k = 5846006549323611672814741753598448348329118574045 +x = 00E4DD8B305AEDB5016CE3588057F912B3C76752CA +y = 07D64128A9058A87BC50EBC36BB5395893ACB00254 + +k = 5846006549323611672814741753598448348329118574046 +x = 068874B508754AE920DE9A7729F8947CF628A9D461 +y = 036AF014826F851DEA1279161DD30D8D093551653E + +k = 5846006549323611672814741753598448348329118574047 +x = 02E8D15536960EB926E78D9E15CE721DFAE4FE3134 +y = 07B772C3820B7510736778CCB2AF4EB80D29BF687F + +k = 5846006549323611672814741753598448348329118574048 +x = 0661A293E9DF7FA7172DD2A57A7640142A14BAABB6 +y = 045139FA8D4C9C50B30671CADEAFDCA2B125BDBAE5 + +k = 5846006549323611672814741753598448348329118574049 +x = 0515522C9915F782E104D4C6F546B82913773B34F5 +y = 0236FEE2F6F7BC85E0DFB158834CB81E4BAE8EDD5E + +k = 5846006549323611672814741753598448348329118574050 +x = 06EDCE85EA33E0710BE697577590C7D87F7698EE48 +y = 075E5ABC6E4948294E21BEAA8847FB05152F413088 + +k = 5846006549323611672814741753598448348329118574051 +x = 06577AF126F23E034E92C90B3859AF99F5A8546BB5 +y = 06F9CEC6A968729C753BC9E76E645A464A3463AA9F + +k = 5846006549323611672814741753598448348329118574052 +x = 05E9FB531D228B4A54255735DC40CA04D2F7657C5E +y = 0776BCE55B7B4E968AAEC5682A851DC2F4439C3003 + +k = 5846006549323611672814741753598448348329118574053 +x = 06CCE478962E01FAFC11E28A80B0E09F15081D3B85 +y = 00910ACBE36EF35603A61047A8C0DEAE0337C96093 + +k = 5846006549323611672814741753598448348329118574054 +x = 016576D3F87AAD87D368FBC781E06B8962B642970C +y = 01D336301E1A9FA1E250BE27387B0F7AE914B7B03A + +k = 5846006549323611672814741753598448348329118574055 +x = 03A11E19CC4C0B15CD4C7D5A5CF2D5A8C383287DA8 +y = 01A51A0ACA886AB7FA84988B38BFDF62BEF0A26FFF + +k = 5846006549323611672814741753598448348329118574056 +x = 07BE052CCAD05B617B11464326A51B7D385C6BA200 +y = 03EC09C4AA9FDB406B1E4DF01DF3D864E59694224E + +k = 5846006549323611672814741753598448348329118574057 +x = 0765470BC65E9AB8C40B297C983B1000BCF021426E +y = 07C0CCAC03D7FF27430125CDB9CC7D61AEDDA603D8 + +k = 5846006549323611672814741753598448348329118574058 +x = 03799F22E9423EDFF60294E8288884A04E107B6B6C +y = 05FB563B96D17BCD3854733F542C48EB7EC40A81B4 + +k = 5846006549323611672814741753598448348329118574059 +x = 00BA8C7E6E2523EF94CBC1E56FACFEDE24F3F91578 +y = 05AA7512D264ECD44B6BD49BF12310F244A468CE75 + +k = 5846006549323611672814741753598448348329118574060 +x = 02ACFCFCC9A2AF8E3F2828024F820033DB20F69520 +y = 07DE60BB30B7155244643FDD5B678072D2DF1A4AC4 + +k = 5846006549323611672814741753598448348329118574061 +x = 00CB5CA2738FE300AACFB00B42A77B828D8A5C41EB +y = 02E29B3CE937BC90061C65F178CE1DE6DCD4A2BB80 + +k = 5846006549323611672814741753598448348329118574062 +x = 02FE13C0537BBC11ACAA07D793DE4E6D5E5C94EEE8 +y = 007714CFE32684EEF49818F913DB78B866904E4D31 + + + Curve: K233 +------------- +k = 1 +x = 017232BA853A7E731AF129F22FF4149563A419C26BF50A4C9D6EEFAD6126 +y = 01DB537DECE819B7F70F555A67C427A8CD9BF18AEB9B56E0C11056FAE6A3 + +k = 2 +x = 01A96A52534C02824C92539163F2ED13243FEB57B45ADBE4CF7EC61957F6 +y = 01F9D11CCD5FF37C021BB64DFF8DF25AF3EBC5C3F9BFC5CB17B2203703A8 + +k = 3 +x = 004656E0AABBE341407715CA4A7FAC287B41BAA1F789C29BFA27E53A7A46 +y = 00F79A7245FBA513DF787A64C618E97EBCC078638EBAAA562E9862BC00CE + +k = 4 +x = 00C127A0AAB6AE3AE1E4206B54830E8D1DACC79AD742ED00E8FD6C9849E6 +y = 00D9599A0FD42868D6E2FFB9D526B337AA86FCB5134970782F7A901C3D83 + +k = 5 +x = 01E6203D117FFE2C1FACB632DCB11D665F96701728B7854D4D562AEC4C81 +y = 013BF8EF521FA23771C693F0EA1FF0742D0DD725E5F5B89EE35C54D396F8 + +k = 6 +x = 00E15AE1D3E035C8D4653CE24CB569E01A62C9CDA208CC698C4EB3F3C87A +y = 0160F13EC3651671F230B4F0BDAAEF51BFAC70D8E28BAC49D2CB0ED2B9A8 + +k = 7 +x = 01F6A2C4D6B9252EBC579D4082068DF31F4C2BFE28011AE0DC23C5AFEB2D +y = 00A3410A3BB6A0AFD7741D70C26D9C0C423E43A21484A936E640EDB96E76 + +k = 8 +x = 006951B1ED1A11EF7B9D34FE2FD37FEA9384F48B22DAEBBF13D9472B9990 +y = 0170A30301FF57869DAAB42AFE63D82A20C397C1ABBA894455A5D173F6B3 + +k = 9 +x = 00127A261BCB46F13CF46ACB3234867AEC806BFFDBA395AD3531043C4008 +y = 0096BC73AB4DB07A8E7C05C55421403E89E0091A6D04A1DD78780FBAAF41 + +k = 10 +x = 01B1D74DE9D09B478F809E1711B06B5EBBF1AAC472E4797E14C056F9D371 +y = 01936BD4AF0501B6CCCE5A991E7538928445923651F85826EC8F0BF4F76D + +k = 11 +x = 000FCB44858CDAC776F160DA456DF864773043F15FD4C451CE3D89B8AE9E +y = 01247083BCDD8301F4468336368451C651AFAAB038F6A2CFAE21FA4044F9 + +k = 12 +x = 018875E167A6E1733C50A126A3FB319AE6E810B72189256E11930989FF65 +y = 0056D4836F65D58F784A78CB979FE93F9DE1F65086A30E3D91AA586499BC + +k = 13 +x = 01DE706E8A45EA895BFFEA3898E920F39B9D96EC9897888D5CEA206057B5 +y = 01F4BF62B2C6EAFCD07F8D1C2B376DDB6C4BF0D2EED6E069C2E74804BC96 + +k = 14 +x = 01ECE27FDEAFCE970E8DCB068E809D69A3D049E625C5B94C69737766DC1F +y = 01FF2C99937CDCB84DC9646C02F3A29E821FEA38B273299AC0EB0DF503EB + +k = 15 +x = 01F21D16DEA9C7A8B52B949143DB1ADC22BADCD3D1B63998F9C5C6701CB5 +y = 0045CE28219F28504D309C13BF9FAEE3A6E9E30E4AD6D09C4697E1B15C39 + +k = 16 +x = 0007FC2380BC305BB18B43564726E6B677FA2F77C510660D3D22C69FB71E +y = 01BFED5822059BFF93DF5534657E3DD69675577F0CF7AFBE4155F1051EDD + +k = 17 +x = 01371ED41646E84929F618AD015F2C87CA734A16FA67AC223FC36414101C +y = 01D375644CA4CA18197BB6C1F785FF572321D25074A7B2F324F89C803A60 + +k = 18 +x = 00C036E2C561BADCE984CB2DFDDE9A105A3046A6DBFAA9705535A92ED4CB +y = 01F292EB3C8AFBA0242DE3AA3BD0305AC142A82403A0F519EFF1DA2A8C3D + +k = 19 +x = 00AFC9BEC0CE6046B8E0EE79D09A6EFED497D70B952FAF8BD66B4612B261 +y = 005EBE1A3172F3E965FF168931EEE3F21EBC4DC55DCA73648B3768D8B99E + +k = 20 +x = 01112DBC0A613B981F29128690DD072BA01063991B08FC5706B6BAA234FA +y = 0116E0B82E315B89C20601887EDAC58460022C7DE1663E959EBD318168F6 + +k = 112233445566778899 +x = 008DB2F6D27ED0B39866937FE5795DCFAA398AAD7854865170086AADF6C3 +y = 0129DE55EAB34FF9E234C702FBF9C9157041B91E8990489BD32067CBDFF7 + +k = 112233445566778899112233445566778899 +x = 01F39265FDB8D6EF6582321E8344010B94309BD455C46F3FA5B563BDD376 +y = 015E2FD633470552BCB60D4E98A0C74214C0263EBF486F46C6CBCBB4E34C + +k = 3558661949422509798906317152333164942344057847777634287642572963676160 +x = 010366314240212520BA041C60923662C6F367F4A32ED2C0AAA137E74008 +y = 01EAF69135F989A04C79F28BCD8243496B0520115C1FA5683CE1707CBED6 + +k = 6901746141905950887442323978500829027888590046973079213348148285145087 +x = 01D4468AE343D141D7EBB1641548E2FEE0E7A6CED207F70511E47E2D4FBB +y = 00456004EAA3DEF43D3A80CDDB4DCE069AB979659C3132B28377B4277402 + +k = 6901745536893789481651945119392874544076086901468027196615880039464832 +x = 00E0732B911F7298C3E07C641A2CBA2498FDFCE695B79B7552EEBB2602A4 +y = 005942C3A960435FE37A31740C287B0F075E43BAFCB5B6CFE3B190AD0516 + +k = 6901746141115047990521329431718126281191923701935732818412903868661696 +x = 00A643FE1B242FEEBC5D854B95940E946A014F0918A05C2193D9D7EDE983 +y = 01E25CF7D3BDD809BAD7F190760A043FEE592D31653E98DE6BDCA2D10DC8 + +k = 6039436138923477005518920926285345539548982958859974727795426951954435 +x = 003DD85F1556D9DF88466305325F02745B4FA3E807B654DEB31519D6B0F8 +y = 004C4BA5E518A9664716E7E1119BC8A8CDD1A95F59B17FC66B57F461B471 + +k = 401538351638439033125297969147569374959194963040968487470080 +x = 005FD169722577E768280D2C431B0A64872404BC0B5B1138274002C79552 +y = 00E6373687AA36A047134360AABD7B096B3CA5649D23BBC3B5DEED34BAAD + +k = 6901641034498895230271430552465094581031001187062116263138743302488063 +x = 01205DB92118A1B761C598B5D7745152918EA170CC58D3720A8D930591B7 +y = 01177C00C2C28918E1BD41A0D2BD28CA6F894702B7324AEB717CED1D524E + +k = 105312291668557185967168602814471958975769865710678392621873758207 +x = 00CC79976927A04CB606E78302A2AE0A67AE8DFE6D920F1A75D9FC0B75F3 +y = 01F6ADFB186FBE0306A201821762973EB554055427D9A5BF8049DA21D053 + +k = 6901743068630700917194326252590429823569767924282277572924560447127551 +x = 013AF297944FE9394F8965ED5EE5BBCE3847560AD0E19ED2BD04974906C4 +y = 015A927A7E5EA376F9882988387506D3FF7271C4B9E16DD418DCF73002E6 + +k = 25707894677204793593731297967028170539209583336002051838574592 +x = 01202A81324C8376CA51081CE476D5C27953BFEDB2B7F6B79DA3DD60F560 +y = 0173606D643977BBC294839A7E9A65F9E80EF5FCE807E4317A814C4C92EA + +k = 3450873173395281893717377931138512760570940988862252126328087024741323 +x = 01112DBC0A613B981F29128690DD072BA01063991B08FC5706B6BAA234FA +y = 0007CD0424506011DD2F130EEE07C2AFC0124FE4FA6EC2C2980B8B235C0C + +k = 3450873173395281893717377931138512760570940988862252126328087024741324 +x = 00AFC9BEC0CE6046B8E0EE79D09A6EFED497D70B952FAF8BD66B4612B261 +y = 00F177A4F1BC93AFDD1FF8F0E1748D0CCA2B9ACEC8E5DCEF5D5C2ECA0BFF + +k = 3450873173395281893717377931138512760570940988862252126328087024741325 +x = 00C036E2C561BADCE984CB2DFDDE9A105A3046A6DBFAA9705535A92ED4CB +y = 0132A409F9EB417CCDA92887C60EAA4A9B72EE82D85A5C69BAC4730458F6 + +k = 3450873173395281893717377931138512760570940988862252126328087024741326 +x = 01371ED41646E84929F618AD015F2C87CA734A16FA67AC223FC36414101C +y = 00E46BB05AE22251308DAE6CF6DAD3D0E95298468EC01ED11B3BF8942A7C + +k = 3450873173395281893717377931138512760570940988862252126328087024741327 +x = 0007FC2380BC305BB18B43564726E6B677FA2F77C510660D3D22C69FB71E +y = 01B8117BA2B9ABA4225416622258DB60E18F7808C9E7C9B37C77379AA9C3 + +k = 3450873173395281893717377931138512760570940988862252126328087024741328 +x = 01F21D16DEA9C7A8B52B949143DB1ADC22BADCD3D1B63998F9C5C6701CB5 +y = 01B7D33EFF36EFF8F81B0882FC44B43F84533FDD9B60E904BF5227C1408C + +k = 3450873173395281893717377931138512760570940988862252126328087024741329 +x = 01ECE27FDEAFCE970E8DCB068E809D69A3D049E625C5B94C69737766DC1F +y = 0013CEE64DD3122F4344AF6A8C733FF721CFA3DE97B690D6A9987A93DFF4 + +k = 3450873173395281893717377931138512760570940988862252126328087024741330 +x = 01DE706E8A45EA895BFFEA3898E920F39B9D96EC9897888D5CEA206057B5 +y = 002ACF0C388300758B806724B3DE4D28F7D6663E764168E49E0D6864EB23 + +k = 3450873173395281893717377931138512760570940988862252126328087024741331 +x = 018875E167A6E1733C50A126A3FB319AE6E810B72189256E11930989FF65 +y = 01DEA16208C334FC441AD9ED3464D8A57B09E6E7A72A2B53803951ED66D9 + +k = 3450873173395281893717377931138512760570940988862252126328087024741332 +x = 000FCB44858CDAC776F160DA456DF864773043F15FD4C451CE3D89B8AE9E +y = 012BBBC7395159C682B7E3EC73E9A9A2269FE9416722669E601C73F8EA67 + +k = 3450873173395281893717377931138512760570940988862252126328087024741333 +x = 01B1D74DE9D09B478F809E1711B06B5EBBF1AAC472E4797E14C056F9D371 +y = 0022BC9946D59AF1434EC48E0FC553CC3FB438F2231C2158F84F5D0D241C + +k = 3450873173395281893717377931138512760570940988862252126328087024741334 +x = 00127A261BCB46F13CF46ACB3234867AEC806BFFDBA395AD3531043C4008 +y = 0084C655B086F68BB2886F0E6615C644656062E5B6A734704D490B86EF49 + +k = 3450873173395281893717377931138512760570940988862252126328087024741335 +x = 006951B1ED1A11EF7B9D34FE2FD37FEA9384F48B22DAEBBF13D9472B9990 +y = 0119F2B2ECE54669E63780D4D1B0A7C0B347634A896062FB467C96586F23 + +k = 3450873173395281893717377931138512760570940988862252126328087024741336 +x = 01F6A2C4D6B9252EBC579D4082068DF31F4C2BFE28011AE0DC23C5AFEB2D +y = 0155E3CEED0F85816B238030406B11FF5D72685C3C85B3D63A632816855B + +k = 3450873173395281893717377931138512760570940988862252126328087024741337 +x = 00E15AE1D3E035C8D4653CE24CB569E01A62C9CDA208CC698C4EB3F3C87A +y = 0181ABDF108523B926558812F11F86B1A5CEB915408360205E85BD2171D2 + +k = 3450873173395281893717377931138512760570940988862252126328087024741338 +x = 01E6203D117FFE2C1FACB632DCB11D665F96701728B7854D4D562AEC4C81 +y = 00DDD8D243605C1B6E6A25C236AEED12729BA732CD423DD3AE0A7E3FDA79 + +k = 3450873173395281893717377931138512760570940988862252126328087024741339 +x = 00C127A0AAB6AE3AE1E4206B54830E8D1DACC79AD742ED00E8FD6C9849E6 +y = 00187E3AA56286523706DFD281A5BDBAB72A3B2FC40B9D78C787FC847465 + +k = 3450873173395281893717377931138512760570940988862252126328087024741340 +x = 004656E0AABBE341407715CA4A7FAC287B41BAA1F789C29BFA27E53A7A46 +y = 00B1CC92EF4046529F0F6FAE8C674556C781C2C2793368CDD4BF87867A88 + +k = 3450873173395281893717377931138512760570940988862252126328087024741341 +x = 01A96A52534C02824C92539163F2ED13243FEB57B45ADBE4CF7EC61957F6 +y = 0050BB4E9E13F1FE4E89E5DC9C7F1F49D7D42E944DE51E2FD8CCE62E545E + +k = 3450873173395281893717377931138512760570940988862252126328087024741342 +x = 017232BA853A7E731AF129F22FF4149563A419C26BF50A4C9D6EEFAD6126 +y = 00A961C769D267C4EDFE7CA84830333DAE3FE848806E5CAC5C7EB9578785 + + + Curve: K283 +------------- +k = 1 +x = 0503213F78CA44883F1A3B8162F188E553CD265F23C1567A16876913B0C2AC2458492836 +y = 01CCDA380F1C9E318D90F95D07E5426FE87E45C0E8184698E45962364E34116177DD2259 + +k = 2 +x = 030AE969B9792D44BFDAE086DC6FA1039E52A459A545E78B57A1C9D749C1DC6FAEAF80CF +y = 059D726AA1B70C5E9FFA46D6A1F912B31480BC3D8E0CAB1666497F16B970256427B2FC02 + +k = 3 +x = 015DCCC30A8B1F5146412D51FEC337741090321408AAC521391AD36C5912E280124FE3B5 +y = 053FC9BED137312952AD97F6A98C4C7AC1B421635FBAFE28898E9213D979D5B4D279F192 + +k = 4 +x = 03949AFAEDDDE457A6B7F17129776A4EA5C5C671594A553C5F1DFC1C2C6C5D36CC6F7B91 +y = 0286EE1883F14F990BD23310F6212E0CB2578DE1DC43C6B52729D57A5FE072317C1AFB8E + +k = 5 +x = 07879D57C3BD1A1A0F42683ACFC15E85022BAD17D02FF0AB922348199EC2E8F524A2B90D +y = 0745950630769FB467205FC95653FBB4FC2487E22EE749AEB9F1B0ACB848691ABD2D7DF8 + +k = 6 +x = 024C13AB84AD4DAA481ECE8B2C5264EB0E14E66FB919EEEE7CDF66B00A99DD7D749CD1EC +y = 066A9E12C943F9EDD1354B283F88161927C9FA53C38183C8004E8DD69BA1DADE5DA6D837 + +k = 7 +x = 016316C84BE2D17E2A4B035B4DFEE6EB538535B215EDF4C189B5EB2B4C72DD4D641474BE +y = 02119B23FE3B6B8A8F32928F855B4028A3FAA8F6A81488B2B177F000F81CEFD51FA1096A + +k = 8 +x = 0709EA1B81C8627D967299BD1A5A4120645CE3E3104F137D55BA5BD08C89488DBA3A7635 +y = 0080F27925956E3D468C49305268509E2BAAA30CCB1FC63DB8D19396E5FFE7F3A646FDDC + +k = 9 +x = 018C2E3A736C15821EF55E388315456D96D0E33A42142A1272AC4C4CBC4158D78D2FF4A2 +y = 03131B758D00F0B5A682CD161B68B4F66F7BBEC3DC06930E2B8D14D7AFC9EE2836F48398 + +k = 10 +x = 0036DB823B2876225049151ACD1AFA2B63C2254CCD6614987C66048D8BAEF3C63D5D5DF7 +y = 0392286030D0B6022C5D0C2943AB1A101629FA9F8950374D1AA6CEA058513FCA918A78C2 + +k = 11 +x = 04C8AB19D923D855677CB0DA7D5B082D122718469F0C09416749CC2A5F1AC1F398203B03 +y = 079E758DAD4DE2D102ED15B452569F8D2D2B1C7AEEDC5BFAA810597883B9044B65A9F8F2 + +k = 12 +x = 018F481C67C25803E87CAE136B25FF2CDFAAFAF7A43A9599A8CC74321E73BCF8BF6BBD12 +y = 072E578E4B3F8AE3AD2A8F36A3A56B244FBD8C631195FFA0A588066504A0AD074195E8C6 + +k = 13 +x = 0532ADA51C7CEB27A034ADF695130F2266E8D5A1C0939333B6A4320E563C2BD1110BB8BF +y = 01A4ADDB963D2BB943F3CE0754983287B3C40578800DCA0B85955C35BCD048105F37BC32 + +k = 14 +x = 03514B5324B8367A7E8B94BEA0DE5E7A31A4DE34E45D9BC701E42D352845A86C5B7CD6F0 +y = 07AB56889FE5F25D2925DA10E6F9FF10D0C27F389B6C0FE9E5FDEEF27A6236043853643D + +k = 15 +x = 058EEE5D234DB4EAF633A7D4036C5A03B29A53C3100045B074B9C346DCD84E613D99FDE1 +y = 048D3971F5A91831E3940AFA95611D4AB17CC141184ECEA98EEE00B5DDDB986D5948FCC7 + +k = 16 +x = 03534D6AC6CEAA96F2086CA8A59836AC07920F15DE658F0D4CC240952876C3C15E96D070 +y = 0420D2F8F21BECBCD67CCB4B20F9CD68DFA9428D6225ED9831F5357E82838709DC5ED1ED + +k = 17 +x = 005683EAA46E9D63444E253FA3683BB0180B6AF72A341A46C03EEBB52F615D5DAE242D8F +y = 01DE56C49B8387F14F3363E44DBC5A382A78D4924E351454423718366B8B141329355BBE + +k = 18 +x = 0263CFB22159DC7A77286F28EB7D36776189A9E209F652C42339DFABBBC58F0071847E73 +y = 03CBBB814E8E71F0DD584C1F0641AE97E67ECCFB3B4D7AAC7E95E46398013BD3F4DAE46E + +k = 19 +x = 005CA7D76BB258230D85C5E2BFD6A7323DE344312E77A34C7D6143C5227DF7C6C5EC96AD +y = 057532CBE36D2CFD98F6CB321B248E336409AC6C1B2227377FC8494A87C405A0E3023697 + +k = 20 +x = 057E47BE7D0563398E3425AF49106A240FBD5EEC163FC750319CC6908FE57C5C22BA3862 +y = 0018A0BC6BB5E1D23CEBFF554C034C0C038A945934A10A868962D3AEF56719636B3F84FB + +k = 112233445566778899 +x = 02A97071496676C2FF9F345FA007C678FC9D86B423C8AB17AD9A1374936847AFE60611F4 +y = 0034DA6E836869547366E006FDDACBB27ABD7DD5C8EFA4F17CFDCF92C033DAF9D2812FCB + +k = 112233445566778899112233445566778899 +x = 03DBA514F6F36E810554D57421702FF39441B578B211DB49031644B356BD41A49674E4A3 +y = 0055C0FA28CBD642438FB0D2B04C773EDEA14138A41AF9E547E0D6C3283B3F5F22BD6050 + +k = 4006697157339194503342894281411734673435250926849120153284931175391665359386157514748 +x = 01F8E1A18FA7BEA426D38CAA78CB4071E1CC6920E78D4BDC27A78908EEF9E28CC394FA4B +y = 079760B826058C3EB6E9A858ABD05261F497863A921DAB913CE9FC5E032E2049CF8001FD + +k = 1897137477041188685780847749163263762493823317937072569701292427936569263076147192 +x = 054CAB0254358DCBC6578841D875F0C6CAAB6D05A9A726897D6B77984D8139A6BEB78C69 +y = 066EA5D32D0E814E48F0562E09A2AF44D25021894501F2EB25C13D42D60A5E76AF690B53 + +k = 7764035583722722529230891178898148230636432433813358844568148142348598093833159311358 +x = 068400A20022A5BD60B1EDAFFD2BF0E44BF9F338C62BCA19EC4FCD68DA6B43F47F6B5EEC +y = 029B90B64E6E14D6F293590513B0F476FE4A7CDF9143D7F6897FAAA1887DEAF3E9F2C5CC + +k = 7649258878930897440581608972776484934236261044824524284888654125566359589787365539840 +x = 078AE3D89F80FF177573EA7988587EF6E39D6F0D8A367E0A90A52C2B38A29CB2E49F2B43 +y = 00F074EEBBFA613BCA47F853ADCAEE29B924382D7FC7F177ADCA7D35B8C7F61336084FC0 + +k = 59285493150399819161419024911358234107491260682045488767089861937964072610856975 +x = 054C2E62D2C79FF853CB9EC75D113CB064C4186BD620789F045A22633F57FA88D69D5160 +y = 05B86AC2612F9F0F06E0D5EDA9A2524F178D34194DDDFDC8EAA19BC21A1439071CDA218D + +k = 7770556997803537271920049108018211954904261475845791461076011003340461251441727635455 +x = 07D839C077C0028F4E517274E0437C3278D4B7D43F0091F300D6111B498D30235B037F72 +y = 05AFC66A24814D0019809B0CFC77A5EBA4D96070695D6D19A80CD5F134C2BE5673798BA0 + +k = 7755498497130418398573564733681070126312906004361358653553648764252660570647949213440 +x = 00FE2229CD6C51C91D0D747A8F1D09CBA1E23177057CA53EECE7418C410BFF5AD9551A6C +y = 020C2DC8F10779806BCDA219111C78B9B05AFC2E75CB86E0E2903835A1C69428F051946C + +k = 5828065962223343887212851096157116541334667450204325651735176424594932791638008725504 +x = 033A9967DB566008D6B9E7CE2085F07412FFF303F511A64D20F76E927EB5756FAEB0A713 +y = 054869131DF7C1BDA8A44F392907425FEFC856262BD6B6D614ED9CB886475532E0C780D5 + +k = 231577549345607610633586323584257699244475830982963489394538169576810040522752 +x = 079F6B5B3F5CFA420DB708B99A2B84F78EDC7E46B1063E66F8C352262C082EA7D21CDE46 +y = 041D65D1CD1848E0F367A7E1E9CE76AB1BA3DEB4196BE4083273B3C8686CF1B00ADCDDCE + +k = 7770675453110840849851061203488010045905215474231849876581153515345956681115092647935 +x = 066E65F2E6BCBF80BB8DA5E37C3874A13211CF3BBC3C2F368A5639B5A1632C066F0717B4 +y = 0383F15EF61E964AC0ADB59A537EC783BA40F3A1E18462AE2B204629E80A5E30DB43A831 + +k = 3885337784451458141838923813647037813284811733793061324295874997529815829704422603853 +x = 057E47BE7D0563398E3425AF49106A240FBD5EEC163FC750319CC6908FE57C5C22BA3862 + +y = 0566E70216B082EBB2DFDAFA051326280C37CAB5229ECDD6B8FE153E7A82653F4985BC99 + +k = 3885337784451458141838923813647037813284811733793061324295874997529815829704422603854 +x = 005CA7D76BB258230D85C5E2BFD6A7323DE344312E77A34C7D6143C5227DF7C6C5EC96AD +y = 0529951C88DF74DE95730ED0A4F2290159EAE85D3555847B02A90A8FA5B9F26626EEA03A + +k = 3885337784451458141838923813647037813284811733793061324295874997529815829704422603855 +x = 0263CFB22159DC7A77286F28EB7D36776189A9E209F652C42339DFABBBC58F0071847E73 +y = 01A874336FD7AD8AAA702337ED3C98E087F7651932BB28685DAC3BC823C4B4D3855E9A1D + +k = 3885337784451458141838923813647037813284811733793061324295874997529815829704422603856 +x = 005683EAA46E9D63444E253FA3683BB0180B6AF72A341A46C03EEBB52F615D5DAE242D8F +y = 0188D52E3FED1A920B7D46DBEED461883273BE6564010E128209F38344EA494E87117631 + +k = 3885337784451458141838923813647037813284811733793061324295874997529815829704422603857 +x = 03534D6AC6CEAA96F2086CA8A59836AC07920F15DE658F0D4CC240952876C3C15E96D070 +y = 07739F9234D5462A2474A7E38561FBC4D83B4D98BC4062957D3775EBAAF544C882C8019D + +k = 3885337784451458141838923813647037813284811733793061324295874997529815829704422603858 +x = 058EEE5D234DB4EAF633A7D4036C5A03B29A53C3100045B074B9C346DCD84E613D99FDE1 +y = 0103D72CD6E4ACDB15A7AD2E960D474903E69282084E8B19FA57C3F30103D60C64D10126 + +k = 3885337784451458141838923813647037813284811733793061324295874997529815829704422603859 +x = 03514B5324B8367A7E8B94BEA0DE5E7A31A4DE34E45D9BC701E42D352845A86C5B7CD6F0 +y = 04FA1DDBBB5DC42757AE4EAE4627A16AE166A10C7F31942EE419C3C752279E68632FB2CD + +k = 3885337784451458141838923813647037813284811733793061324295874997529815829704422603860 +x = 0532ADA51C7CEB27A034ADF695130F2266E8D5A1C0939333B6A4320E563C2BD1110BB8BF +y = 0496007E8A41C09EE3C763F1C18B3DA5D52CD0D9409E593833316E3BEAEC63C14E3C048D + +k = 3885337784451458141838923813647037813284811733793061324295874997529815829704422603861 +x = 018F481C67C25803E87CAE136B25FF2CDFAAFAF7A43A9599A8CC74321E73BCF8BF6BBD12 +y = 06A11F922CFDD2E045562125C880940890177694B5AF6A390D4472571AD311FFFEFE55D4 + +k = 3885337784451458141838923813647037813284811733793061324295874997529815829704422603862 +x = 04C8AB19D923D855677CB0DA7D5B082D122718469F0C09416749CC2A5F1AC1F398203B03 +y = 0356DE94746E3A846591A56E2F0D97A03F0C043C71D052BBCF599552DCA3C5B8FD89C3F1 + +k = 3885337784451458141838923813647037813284811733793061324295874997529815829704422603863 +x = 0036DB823B2876225049151ACD1AFA2B63C2254CCD6614987C66048D8BAEF3C63D5D5DF7 +y = 03A4F3E20BF8C0207C1419338EB1E03B75EBDFD3443623D566C0CA2DD3FFCC0CACD72535 + +k = 3885337784451458141838923813647037813284811733793061324295874997529815829704422603864 +x = 018C2E3A736C15821EF55E388315456D96D0E33A42142A1272AC4C4CBC4158D78D2FF4A2 +y = 029F354FFE6CE537B877932E987DF19BF9AB5DF99E12B91C5921589B1388B6FFBBDB773A + +k = 3885337784451458141838923813647037813284811733793061324295874997529815829704422603865 +x = 0709EA1B81C8627D967299BD1A5A4120645CE3E3104F137D55BA5BD08C89488DBA3A7635 +y = 07891862A45D0C40D0FED08D483211BE4FF640EFDB50D540ED6BC8466976AF7E1C7C8BE9 + +k = 3885337784451458141838923813647037813284811733793061324295874997529815829704422603866 +x = 016316C84BE2D17E2A4B035B4DFEE6EB538535B215EDF4C189B5EB2B4C72DD4D641474BE +y = 03728DEBB5D9BAF4A57991D4C8A5A6C3F07F9D44BDF97C7338C21B2BB46E32987BB57DD4 + +k = 3885337784451458141838923813647037813284811733793061324295874997529815829704422603867 +x = 024C13AB84AD4DAA481ECE8B2C5264EB0E14E66FB919EEEE7CDF66B00A99DD7D749CD1EC +y = 04268DB94DEEB447992B85A313DA72F229DD1C3C7A986D267C91EB66913807A3293A09DB + +k = 3885337784451458141838923813647037813284811733793061324295874997529815829704422603868 +x = 07879D57C3BD1A1A0F42683ACFC15E85022BAD17D02FF0AB922348199EC2E8F524A2B90D +y = 00C20851F3CB85AE686237F39992A531FE0F2AF5FEC8B9052BD2F8B5268A81EF998FC4F5 + +k = 3885337784451458141838923813647037813284811733793061324295874997529815829704422603869 +x = 03949AFAEDDDE457A6B7F17129776A4EA5C5C671594A553C5F1DFC1C2C6C5D36CC6F7B91 +y = 011274E26E2CABCEAD65C261DF56444217924B908509938978342966738C2F07B075801F + +k = 3885337784451458141838923813647037813284811733793061324295874997529815829704422603870 +x = 015DCCC30A8B1F5146412D51FEC337741090321408AAC521391AD36C5912E280124FE3B5 +y = 0462057DDBBC2E7814ECBAA7574F7B0ED124137757103B09B094417F806B3734C0361227 + +k = 3885337784451458141838923813647037813284811733793061324295874997529815829704422603871 +x = 030AE969B9792D44BFDAE086DC6FA1039E52A459A545E78B57A1C9D749C1DC6FAEAF80CF +y = 06979B0318CE211A2020A6507D96B3B08AD218642B494C9D31E8B6C1F0B1F90B891D7CCD + +k = 3885337784451458141838923813647037813284811733793061324295874997529815829704422603872 +x = 0503213F78CA44883F1A3B8162F188E553CD265F23C1567A16876913B0C2AC2458492836 +y = 04CFFB0777D6DAB9B28AC2DC6514CA8ABBB3639FCBD910E2F2DE0B25FEF6BD452F940A6F + + + Curve: K409 +------------- +k = 1 +x = 0060F05F658F49C1AD3AB1890F7184210EFD0987E307C84C27ACCFB8F9F67CC2C460189EB5AAAA62EE222EB1B35540CFE9023746 +y = 01E369050B7C4E42ACBA1DACBF04299C3460782F918EA427E6325165E9EA10E3DA5F6C42E9C55215AA9CA27A5863EC48D8E0286B + +k = 2 +x = 00DFABB8A338BBB9E94BAEA1EA8FDA3B268FB10ECB0B79C69DF095960C307D9425A244E5661E92871D6E0DFD6521C91C4199F1F6 +y = 0004B7712EB49880C1F24E06D37D2727CB43F0DE154458427F51B2CDD548AB08A92AE5A75DF06E7D4ADF958BCE46CAB045FF835C + +k = 3 +x = 015CDEE83FC75049ADC9AC4B259A4973FC82FE6C27AD22796B0992521EEBFBAE63AACD6CC7DECD27453215A5C92A2ECA614F2FA2 +y = 00973314E9C9E2EB4CF9D70CFC9127619D5D190131A8C8638F96E859976D3B34DB7ED3651BDE3779A5D833A9D05952A7D4D06D16 + +k = 4 +x = 0110264DEC7BB098D84B3A33205704685ADEEEB9902246DDBF5D65C1F01411BAFC4D5B4993B004302E5B4310B743445EF556B3DC +y = 00D1DD621F4AA697C0B3139D18537E8027AF29C10EB978860E1337FE6800EAA6DDD8F03B4A623A3AEA15E1C469434AE83AF118AB + +k = 5 +x = 00147F228D081B0855A5EC01FEDA37A92EC82523D87156646871D5D0E7F5EA482A3347D86DA151B685CBBA54DE273F98E0AB18B2 +y = 00240F7A1C8D15EADCCC1ECB60C311E3E8530509E51D5F23A8E01DB00C2D3F1EED954F618C6D11E7D49160BBA00B8FD3B6A4103A + +k = 6 +x = 00E42A69B5FC9921D3F9801152B140367A40A3D2EEB7DB9AF8DC99AC08DA48BA5D4D914FDD07A80FCD4CDF586B9A9C7D2F077D68 +y = 01258FB34C814C2623DD580B755834D68A7D2ECCEDAF5D10E642346B7A5FDD14B44EE895CE2CD912C211DF49AD92C739B9F0D86E + +k = 7 +x = 00561576845AB818F713128A1248C312C108871456FB0744691A0E9C40E8273D286597832A7F47775F5AF3F38950559385C18CA0 +y = 01C9491C3EBCE20F99FAEDB147FD4EC31809D501EF12A20A6506DC7A449FC5EDA7EDEA999A0284175040E612987826A8D4E54A9F + +k = 8 +x = 002AF2A63B96390026A1231B134B6CDBD1FD35B73A23964F20071B9F3B075A1D6D8458457C26F05F6407CB32A55BC59E40520634 +y = 01F761C6836F85123D9E5A42A4407AEC923F1776D75A0E0CA84B888B149D31BF5DEC38AA399278E394E9B473DFAD0BE071388A6A + +k = 9 +x = 01D0A22CB2908D856092A6357E4D6D7AE1BF0729A268D5369787DCABA3A88580661413CDE71DF6E39F0C40C319A829D91F4480B0 +y = 00F9DEDEA658750557E9B733CF46A1081CE7521348E44B8EAD2899FD854C4B6122EA51473C5AEB9530BBDD3B6B7EB4CEA1FD410B + +k = 10 +x = 01E7723186511F85E669B9B0DCC3B95D8761BCCF3B3925DC4BEF8A2536C1DB362018642226FB2317927559CD78314FD043F84E84 +y = 00106D1D9B6C7AF42E5BD604577BE2E16995CEEDFD367F4D6C7F735BEA24D02818B52252ADA068D8116E60F846D0BBAA94EAD1C7 + +k = 11 +x = 013D94C9C3C6773A595494C0B5D3515B42D06C17FECA2052A5EB78D6E264D2EE7AA174C3E8D9B4B1FDF20B0934CF47AEA5F44502 +y = 0000EAB63E92195036932F3799881355478D676B646FB3BB801E6426E7DFD6AD39346B2CF757A02CEBCE25932E33E2ADFF3E0AD7 + +k = 12 +x = 018626DA37E5E0B5F20C24415B29ABA94200FDDA4CC188AEA42E0808B870D295AC9E6FD7C722C3FCCCAAA178FCABCCCA194FB6FC +y = 01097E5EC35B213148FFA2FA60605137D76A5824DBCFF475C7BFB6B287B697E4413D0A6AC24BEC20539A81B3C3E478FA72E2C711 + +k = 13 +x = 0079B538A232DCEC4E512BBA975578373DA53C9792AAC1BE6AD81A0628816E6BDCF02D698B23CDBF3208F8E9BB181951FCB0294C +y = 0063DB5655808EB579577072D63F874D472EF379CF3A003DB233B97CE4CD38E4F6C9A8FD185772377418F046C0C2E68899605301 + +k = 14 +x = 00D30C7A91F1A6CCBEC3B4498A74673725E267D9AADAB3DB3DFF399BA9099695291D755A4B264334EC829B616C524A2765915918 +y = 01EE93A589CFA2174187F8FE8395E667E77ECEFFDD5FEB9A1E2C09F3084C58A7D7CC86FFF89ABD31D4C7907B90BD72BB9A05CD30 + +k = 15 +x = 00A371773C4D2A8741FEC5C19ED167712DCC9222974BEB4183528CCC35CFB9356C4333D493B3F1BB819408AC856E5C332897A716 +y = 01E26C437D9004544F45D0087201BB3C0213B1123EFA58864C081A48DC12B5025D0962A402AB0303F7159AFA215809778C1AC0DC + +k = 16 +x = 00716CAEAE64067E984CB002EC20C7642320C06F518D24A0B497C6875A84B8B17E61E82CB92037165843B83F07A36CC072CC043E +y = 00AC360F3E5AAEB5E2DBFAD8F25B35780A8B076F1C8DCA6D6D6AAA8A0FCA9B0806572F38721A2382784B76D3AE13ED2E95163A59 + +k = 17 +x = 0189F0F84D70A66B594199C1AFF3B4D5B47059B82ED4F205BED54BAC3D03D984FC14F8920210B0098F04DCDA927CE8AF75484CD2 +y = 00E380EFA6342257B69E59FE8EE086E7CA829C8C09901A54B8540DB05E1E8D98201A23128E11F1529FB147ED535856CABF65B7C7 + +k = 18 +x = 018A87F20927B09566DF736D90249FCE25153E047885F7610249B3A207BFCB16E8AAFE92EF1798F3F662B7D55BCBC557748B929E +y = 00E551373EC47CE245950F9B6E11CFA399A39F031F21A6474E58F67416ED8D2559A717AD782192B9A561F8B5351FA1055629740C + +k = 19 +x = 0152DD675E204D228A750F93C2F619E36EECD0A149E8745A33611CFE0CF22601CF7146D033E107E55F81F00059A52F9034851826 +y = 005D9AA1AE22A343BEC87932428A1CAB9A1C8914D4989CB65E6357E22CE26159D1C299E60579F83211CED2461D2DFCB5AECFF925 + +k = 20 +x = 00F79BC91B04311AB1261B48A0B851E879169086407C6912257268CF00628A34C4B7F634BCD1ACE31BF156D0A78DE97FD514E55E +y = 0068B52478AF93153175490E7C551C12199D4134E90F1286FA3C9A702CD72D0BF6662F143840C3BC1E90CC56358E45A30D42978C + +k = 112233445566778899 +x = 014095C1160FD3A5C72857F05D194EF5A32339344B4EEB7FEA1D121A5356A598E54C9FC05AF64586F655326B74822E78674E57B2 +y = 00533DBCFD4A670D148BD6407096B94013053EDD3B3DC80DC17821B6E49CB97185992E400FA6F112BF6A7E8A06E88F506CA68260 + +k = 112233445566778899112233445566778899 +x = 016F4501DBF46640F21F886D03B4E6F1C58E76DD8CD700AE495661ACA269EC44A4C0431D4F95ECAEF54E06FFF8C17D76387F9F1C +y = 016B0E3D97748527461B94D65C562310C60DDFE939A68C287AA7BDF67CA284DF6B61502BDD5C69E20E942151B12C1BDFAD3AF0F1 + +k = 340852098058694223443685913328334800122213548009239021458200241058160277582635336605201369860696488190054345165582777712668 +x = 006C73887FA13E92EA59FD588F30F4B9B8D1B6D07A6ABC13493DAA6BCA83432164FB13A0EEE07CB1F78D58F4785AFDFD214045B4 +y = 005B6A07C373BD130CC51ABFC263EF97AE2F9B750C6760EDE5616675AA06578BB53166DDDF4B5A9F7AAC2314587EB24979626AFF + +k = 330527984462480500749858696972807698879792322534660716501880931231154514681281102411727819415542070720160772231667899187200 +x = 01C09427E8240BD5631E8883E0536AC1ADEEE9BAE2D6F5FC94DE4DE4CF8627C1D59899050771DA2DEDD29C9B41AFA2760001B154 +y = 019E0710D988E9B280F95531AC758D4FB329B66D5DEB26CC8D9DD2B278A47604F61376578081E256CBFDA69CE96F050453410536 + +k = 661055811182233060760558114931315270565948285499910728913604948249436316759152571933881271051664002768892246823601969299456 +x = 000EA8CDA32914565AF08C785B895075DDC333BD3F17A3F5D91B3D6BD923DF85AB8E03F11E8C767B1113273BC35F7E02F7F60BC0 +y = 01E2F0EA8AC9D84F98FB6F46FAA7509C6F3D16CC9D9E24F390B7A6B3F7EB71069DE4114863CE29B431804119AC4B9DD4A3FFD038 + +k = 9848124824282581168576223521444032715651745942136631983412404219039088589242936931984329344164443981460845877002495 +x = 00128D746936AD2BC08D0C941FFCC4181DB91F8CEDFACC99532D379B6B7B8D7F8545411ABD25D20ECF9448CEE969856D48B9DF28 +y = 00DCA33F5DBF50450C16557A98BF682B4DB66F5FCD244BF29DEF3EA21563B64B543B0A114559BE0024760E0894847F8FBAAEA5A9 + +k = 10086913586276986608351544571739294570403084902407898531660086380507213803361623017381183141858728018599612953950945152 +x = 0171948D8165C3244A5C90D95A17F062A94BBE6D9867BD0F0710B37672819F1D5F105E0BA6A4ADEC643A8F7496CE475D1FB300F8 +y = 0156B0282BC30117EAAFB3F79C1A2286905A46D236FC301D2DD41C9CAE8A4669F8D1FDA7902D4CD61C141B6D84D4CC387C0E2FF6 + +k = 2462327122366641588865954442609565192323453982972635204584341326839476766120163136790911611828808243123690150100864 +x = 009089352DC5AFB05EB464A3F56A9B982FF6A0AAC301CA40A4CE90C5BF2E4B8B8ECDFE1B170D7F09762AFEFAE5CC4343D1C79C00 +y = 01E43E03B559BFC754D04A7C3F5BEDDE4CAE3C5A076F7C9676ED9071900184542A0EF222D2712D73FB3A80F0284C6A7DE4F662EB + +k = 640710742885930785676298350239571030548930032145759293806080358426382941034832651516667471974860265874548899151847253606399 +x = 00A2B68AD0863746320EEF96840CBD40CF49B1420E8E455162EFA90298D3C9367EC496D687AD79050287BD286AE283488DF95D38 +y = 000EDC09DDA90860EC2ECED250BD85C89175FB55E79209B7000C093CB7F445C02D0C2FEC6099DE6BA7957995671526A490A281EB + +k = 80537710134754009256181717406251064703843282159661943483089437132405343392699382920096119401995500134444902384941138431 +x = 01845FDF7BACC88FE5B49775E7B6A69E97E958FAA2FDE4F34DAD1245A57FB6D684065991E3F6E4CB5B0CF0DC37C977A8B5FBD0D4 +y = 007814FF723E49FB8570AAD3F16CADFD45C42C315F17F262E3546AED50E44509A4F6B4FD3206D44C52926E1C5CF9D31775B1182F + +k = 660894893388914215505901749466264478395628661112655794576010620318625406955160868500641531501789507648565583805566905479168 +x = 011C20C431A3D2EE93385469AA4344448E2E3874E98BE57F0657CD9E7039BD1CF608D9508218CAA626B242A671D14C86F420223E +y = 007338EF94D232E6D43530970F645F963B7827B4AF5265015C243D875F9325FB57687CD159ACCD193C0D70459F354D22A247DFD0 + +k = 1291085613994301823816623782127171770656741175318840446952350041399253681237969932398948453917311285196155902941114400767 +x = 012C4BC20276CB898DDA81DB68D854696BCE99A2ADA696DD097284B429EA80CF524CDF1932C2C7CF3DE87F885A63B32866C54CE2 +y = 00FF425D0597E69DB15E96F11475F3C47E02D15F9E6F4E39B881BB9061FAB3A3CBEAD12067A5B6C544FA77F6DDE3B7AC143F9EE7 + +k = 330527984395124299475957654016385519914202341482140609642324395022880711289249191050673258457777458014096366590617731358651 +x = 00F79BC91B04311AB1261B48A0B851E879169086407C6912257268CF00628A34C4B7F634BCD1ACE31BF156D0A78DE97FD514E55E +y = 009F2EED63ABA20F80535246DCED4DFA608BD1B2A9737B94DF4EF2BF2CB5A73F32D1D92084916F5F05619A869203ACDCD85672D2 + +k = 330527984395124299475957654016385519914202341482140609642324395022880711289249191050673258457777458014096366590617731358652 +x = 0152DD675E204D228A750F93C2F619E36EECD0A149E8745A33611CFE0CF22601CF7146D033E107E55F81F00059A52F9034851826 +y = 010F47C6F002EE6134BD76A1807C0548F4F059B59D70E8EC6D024B1C201047581EB3DF363698FFD74E4F22464488D3259A4AE103 + +k = 330527984395124299475957654016385519914202341482140609642324395022880711289249191050673258457777458014096366590617731358653 +x = 018A87F20927B09566DF736D90249FCE25153E047885F7610249B3A207BFCB16E8AAFE92EF1798F3F662B7D55BCBC557748B929E +y = 016FD6C537E3CC77234A7CF6FE35506DBCB6A10767A451264C1145D611524633B10DE93F97360A4A53034F606ED4645222A2E692 + +k = 330527984395124299475957654016385519914202341482140609642324395022880711289249191050673258457777458014096366590617731358654 +x = 0189F0F84D70A66B594199C1AFF3B4D5B47059B82ED4F205BED54BAC3D03D984FC14F8920210B0098F04DCDA927CE8AF75484CD2 +y = 016A7017EB44843CEFDFC03F211332327EF2C5342744E8510681461C631D541CDC0EDB808C01415B10B59B37C124BE65CA2DFB15 + +k = 330527984395124299475957654016385519914202341482140609642324395022880711289249191050673258457777458014096366590617731358655 +x = 00716CAEAE64067E984CB002EC20C7642320C06F518D24A0B497C6875A84B8B17E61E82CB92037165843B83F07A36CC072CC043E +y = 00DD5AA1903EA8CB7A974ADA1E7BF21C29ABC7004D00EECDD9FD6C0D554E23B97836C714CB3A14942008CEECA9B081EEE7DA3E67 + +k = 330527984395124299475957654016385519914202341482140609642324395022880711289249191050673258457777458014096366590617731358656 +x = 00A371773C4D2A8741FEC5C19ED167712DCC9222974BEB4183528CCC35CFB9356C4333D493B3F1BB819408AC856E5C332897A716 +y = 01411D3441DD2ED30EBB15C9ECD0DC4D2FDF2330A9B1B3C7CF5A9684E9DD0C37314A51709118F2B876819256A4365544A48D67CA + +k = 330527984395124299475957654016385519914202341482140609642324395022880711289249191050673258457777458014096366590617731358657 +x = 00D30C7A91F1A6CCBEC3B4498A74673725E267D9AADAB3DB3DFF399BA9099695291D755A4B264334EC829B616C524A2765915918 +y = 013D9FDF183E04DBFF444CB709E18150C29CA9267785584123D33068A145CE32FED1F3A5B3BCFE0538450B1AFCEF389CFF949428 + +k = 330527984395124299475957654016385519914202341482140609642324395022880711289249191050673258457777458014096366590617731358658 +x = 0079B538A232DCEC4E512BBA975578373DA53C9792AAC1BE6AD81A0628816E6BDCF02D698B23CDBF3208F8E9BB181951FCB0294C +y = 001A6E6EF7B2525937065BC8416AFF7A7A8BCFEE5D90C183D8EBA37ACC4C568F2A3985949374BF88461008AF7BDAFFD965D07A4D + +k = 330527984395124299475957654016385519914202341482140609642324395022880711289249191050673258457777458014096366590617731358659 +x = 018626DA37E5E0B5F20C24415B29ABA94200FDDA4CC188AEA42E0808B870D295AC9E6FD7C722C3FCCCAAA178FCABCCCA194FB6FC +y = 008F5884F4BEC184BAF386BB3B49FA9E956AA5FE970E7CDB6391BEBA3FC64571EDA365BD05692FDC9F3020CB3F4FB4306BAD71ED + +k = 330527984395124299475957654016385519914202341482140609642324395022880711289249191050673258457777458014096366590617731358660 +x = 013D94C9C3C6773A595494C0B5D3515B42D06C17FECA2052A5EB78D6E264D2EE7AA174C3E8D9B4B1FDF20B0934CF47AEA5F44502 +y = 013D7E7FFD546E6A6FC7BBF72C5B420E055D0B7C9AA593E925F51CF005BB044343951FEF1F8E149D163C2E9A1AFCA5035ACA4FD5 + +k = 330527984395124299475957654016385519914202341482140609642324395022880711289249191050673258457777458014096366590617731358661 +x = 01E7723186511F85E669B9B0DCC3B95D8761BCCF3B3925DC4BEF8A2536C1DB362018642226FB2317927559CD78314FD043F84E84 +y = 01F71F2C1D3D6571C8326FB48BB85BBCEEF47222C60F5A912790F97EDCE50B1E38AD46708B5B4BCF831B39353EE1F47AD7129F43 + +k = 330527984395124299475957654016385519914202341482140609642324395022880711289249191050673258457777458014096366590617731358662 +x = 01D0A22CB2908D856092A6357E4D6D7AE1BF0729A268D5369787DCABA3A88580661413CDE71DF6E39F0C40C319A829D91F4480B0 +y = 01297CF214C8F880377B1106B10BCC72FD58553AEA8C9EB83AAF455626E4CEE144FE428ADB471D76AFB79DF872D69D17BEB9C1BB + +k = 330527984395124299475957654016385519914202341482140609642324395022880711289249191050673258457777458014096366590617731358663 +x = 002AF2A63B96390026A1231B134B6CDBD1FD35B73A23964F20071B9F3B075A1D6D8458457C26F05F6407CB32A55BC59E40520634 +y = 01DD9360B8F9BC121B3F7959B70B163743C222C1ED799843884C93142F9A6BA2306860EF45B488BCF0EE7F417AF6CE7E316A8C5E + +k = 330527984395124299475957654016385519914202341482140609642324395022880711289249191050673258457777458014096366590617731358664 +x = 00561576845AB818F713128A1248C312C108871456FB0744691A0E9C40E8273D286597832A7F47775F5AF3F38950559385C18CA0 +y = 019F5C6ABAE65A176EE9FF3B55B58DD1D9015215B9E9A54E0C1CD2E60477E2D08F887D1AB07DC3600F1A15E11128733B5124C63F + +k = 330527984395124299475957654016385519914202341482140609642324395022880711289249191050673258457777458014096366590617731358665 +x = 00E42A69B5FC9921D3F9801152B140367A40A3D2EEB7DB9AF8DC99AC08DA48BA5D4D914FDD07A80FCD4CDF586B9A9C7D2F077D68 +y = 01C1A5DAF97DD507F024D81A27E974E0F03D8D1E0318868A1E9EADC7728595AEE90379DA132B711D0F5D0011C6085B4496F7A506 + +k = 330527984395124299475957654016385519914202341482140609642324395022880711289249191050673258457777458014096366590617731358666 +x = 00147F228D081B0855A5EC01FEDA37A92EC82523D87156646871D5D0E7F5EA482A3347D86DA151B685CBBA54DE273F98E0AB18B2 +y = 0030705891850EE28969F2CA9E19264AC69B202A3D6C0947C091C860EBD8D556C7A608B9E1CC4051515ADAEF7E2CB04B560F0888 + +k = 330527984395124299475957654016385519914202341482140609642324395022880711289249191050673258457777458014096366590617731358667 +x = 0110264DEC7BB098D84B3A33205704685ADEEEB9902246DDBF5D65C1F01411BAFC4D5B4993B004302E5B4310B743445EF556B3DC +y = 01C1FB2FF331160F18F829AE38047AE87D71C7789E9B3E5BB14E523F9814FB1C2195AB72D9D23E0AC44EA2D4DE000EB6CFA7AB77 + +k = 330527984395124299475957654016385519914202341482140609642324395022880711289249191050673258457777458014096366590617731358668 +x = 015CDEE83FC75049ADC9AC4B259A4973FC82FE6C27AD22796B0992521EEBFBAE63AACD6CC7DECD27453215A5C92A2ECA614F2FA2 +y = 01CBEDFCD60EB2A2E1307B47D90B6E1261DFE76D1605EA1AE49F7A0B8986C09AB8D41E09DC00FA5EE0EA260C19737C6DB59F42B4 + +k = 330527984395124299475957654016385519914202341482140609642324395022880711289249191050673258457777458014096366590617731358669 +x = 00DFABB8A338BBB9E94BAEA1EA8FDA3B268FB10ECB0B79C69DF095960C307D9425A244E5661E92871D6E0DFD6521C91C4199F1F6 +y = 00DB1CC98D8C233928B9E0A739F2FD1CEDCC41D0DE4F2184E2A1275BD978D69C8C88A1423BEEFCFA57B19876AB6703AC046672AA + +k = 330527984395124299475957654016385519914202341482140609642324395022880711289249191050673258457777458014096366590617731358670 +x = 0060F05F658F49C1AD3AB1890F7184210EFD0987E307C84C27ACCFB8F9F67CC2C460189EB5AAAA62EE222EB1B35540CFE9023746 +y = 0183995A6EF307830180AC25B075ADBD3A9D71A872896C6BC19E9EDD101C6C211E3F74DC5C6FF87744BE8CCBEB36AC8731E21F2D + + + Curve: K571 +------------- +k = 1 +x = 026EB7A859923FBC82189631F8103FE4AC9CA2970012D5D46024804801841CA44370958493B205E647DA304DB4CEB08CBBD1BA39494776FB988B47174DCA88C7E2945283A01C8972 +y = 0349DC807F4FBF374F4AEADE3BCA95314DD58CEC9F307A54FFC61EFC006D8A2C9D4979C0AC44AEA74FBEBBB9F772AEDCB620B01A7BA7AF1B320430C8591984F601CD4C143EF1C7A3 + +k = 2 +x = 01C09F99BDC4EA3FB131DDBFF6E417B20BBB9E90D5611E2CF7A80EE25BB63A23F48CDC08E7570CD9619FB54764E49751198F9EA19564EC87A5DA9ED849504BB73A6931F5C76365F2 +y = 00E2A8B1D841CE2AA5B20CD6EA9D97BE3EA98B322B093BB2418BD8C295B9CF1841AB4CC969EFBA3EBF31AC16BA9434220975542FC5518EBB6AEE65ACAFFA2DF0DDB005F37200594C + +k = 3 +x = 0287B0CCBB649860CCB56F10AFEA9090C8A05A351D2B70671084C563D37C6536B8BE7B6130BFCD60E2111CD8A1283EDF48970333C3906A61809D10BBFD4E016650AD4A749A68199A +y = 02264FC0CB1B83968FF3F8F5689AEACD2B3CC9CE59EF83F0007E2DA3045AC8AB2C0B43F4A2C9D2F29710CCCEE24286C3E4224614EBA64F2F1629FD79168094130F31D6CE787CBD41 + +k = 4 +x = 03A9D929CDF49B600D7658B46EE4106E7ED45E08E45BF893A3C51FABFEF323777611B8CBAB294498F7F1B645F56D11CDE12CDB00B9DD1F245DEF47FD44776C0EF9ACFBF0A493E9E7 +y = 027B63DE81B7A591AB54B6C7A9CB3BC43F6608327019BC1721A420FE00281CA753C735872FFFC907C2EA624304D0B20E7C0BEF2F317E96F13B1354868015A27E897907AD10E51D8E + +k = 5 +x = 02541A1C26F233F751C400F4CFD93E17F77CD429AC196E3E484BEF21FC4D8CC690C372F624913BF302299F5AAF99DF5EA83F15AE6A61DD7E804B5081CC5F4B47C4C0C9BF2B03F581 +y = 04F83758585F9D7FF683E0B7DF6657D72FFB3EC40DAA4378AE0C497A09AA702C82F7D2BF54E7BC50D90A4B9B7D5BF7D514080BC2D0AA060477FFB9EA5E2CC5970508889D4983EC59 + +k = 6 +x = 006E8AAEAA55AD0261CD73AB384BF9D32342BBBBA2A2617F2712291F21AA517AFB18F994B97FA4E22BE78DED410A49F3CEE2A0247A55EA8325971B9A1E0C697A45BBB818100D0541 +y = 04AFE420548ADBDBA0C81CCC2D89BBE416CF6A05E0DC8370BE8EDB7469DABA2020B22BD791E77A97C44CEFFFA72D5532BFA40EE264E45A14707FCD1A28FFFE52CDF83B9F884AC722 + +k = 7 +x = 025CBB972B6DCA6F2D0272B3AD51CB993AB9F7494EE9C9D14010489C7C6E368E2CF648B6D6B3BEE9B2A4283A7E7C574142F75F4B1CF1FEC0AF2CCFEA125B488C9BF415772F9325AB +y = 05755E3F910A7AE060ECEE4D501D0E5BA05A519C0F51409BDF20B976C6ECF2C793B6AEFAABF25A339637E55354550992CF455FA7FDCE9AD7CDEB97004001D19A8B89B11E04320FD1 + +k = 8 +x = 04FE7C86A25F57E351C10E88934B73A0FFB95EB99C4C782779544A73625891B8F048DD85B76763A221AD94CE60207863E1E8F66B89845DB3F8817764BAF7B53634CFDD67B5D96BE7 +y = 07401D8DA83258CF393A028D8420D2C9722837D171B13DFCFEFE41AA68D2084A812F4516C2624B830F74FD1F80C8418018810FC77278FBA01DDD293F520FC90F92ADC888D2B3559C + +k = 9 +x = 00EE7006D88130D14E1CBBC69250EBB26CD8C8201CF04AEEAB89E7894520B06FADC9458CFC68DBE1614B9F3A50C88372725C6BE620D15ED9E0AAC637A12469FEBC9C6148575D66B7 +y = 0644696F86562048E18C8F9C902B48D1425C336DA09E70B8869CE7860788F87E6750F5637BC4F66C61D60DD5A5DE4DD2FF190938440D9D5B2CCC971024253D5AFAEF54E5B759234C + +k = 10 +x = 05B69AD9CDE7519731ADC3E68C5DC5B5C910E672E2FD96E1D7F0969035E3BDB3C2FE412B51DF6D0503D2E61D5444DAE97CCF1A48F138EFF62AEF3A4420CC0676D98ED6035FB70DFD +y = 01ACF04391D73B06BE816D8AA8AAC4BCFB08E57FE5C7B952854E0D8FA6F5EC0DE6523E38EC8015B4D17D910E37531365DD0CCB2429D8DDF5911341487A66F63A164F2B98CF854A5B + +k = 11 +x = 067BE688698D011721580D00BE9A194D3147FBCADDDE8443BDAB8593137CA9CE6CBE7F953C8BCF898025A3A79E90C74372EE242DA16B9EB6572063CE7110F2BEFFDD3C1929EF58A8 +y = 05BE5F3029ADEA31155C604F4335CE77C04FF0FD7FA683F5A4126F16DD3AB4A5283D5B8E5497C7288312857EDA456EFE32D730B0675E515D0FAFE0AB754A345037A2C49390693BA5 + +k = 12 +x = 05A822AB944CB3FEF7D03F34037BF5BEA88DB16FB830E2357C3F4CE0EBE480F65AEA523D7D6F63001582B203B448B8C82372165E98CD4348BE2CD87C2F922ACB0B79DC829F078532 +y = 054512A6C4AEF3C282645F3D506E5DC21B7D1FE99A36B5B7C8175F48AD4425D1CA3745B4DD98DB41422B30CBE9303E139FC3858FD77EE0902AF0B258CBD9938C53042D5BD6364718 + +k = 13 +x = 01A3C1F431D854759F712774FB257158DC5FCDAF0364B00D60AAE6209A3011A0EA16C00E47F5EE61D4A9C11446759B4C624280B58A20D070574293A8CAF96122D4F2780A2039D42D +y = 003A7D03E8D80C59B14BB79384E795030ABF204F4C8FF57A37A8AE8C16815E423562511D0C55A5F5E8D0B1B9FE179C4CF26ADFBCCC4D9255611CD9CFDC1244B5C05ADE4ECC56410A + +k = 14 +x = 02F16CC4BC7EB0B534DB3A39CDC87CEA2FDE36479568C75477155FD48CD610C9AD6A41793C6A19115AD0B290715072CDA91F8CB7553656A86F7BA798951E737FE0043813E42D20DB +y = 06EC7583F8C75B31F11494498A5BB6FB7C95DE8FDA1CE5C9C7A00BA6B55EF429FBBFC0866FB92A1BDE7B10684FC55ADE5FB6609073F968AF3E5CCCBAD90B7587A9E4B31714BD4447 + +k = 15 +x = 000F29804FB396BBD95B2A4A839DD09C9FDE3FC231DEC8EBF7AB020E9A543F6404902F5CECAFB1DA9706A80E58E6458A1CB75024787A9697209D378F4B53669440B8A8775EC4A811 +y = 0675D6B5D5E408FAE3D3C888EBE6C5090D07511B3D5F81C0106EBBC26DC5555AE1A3D772D1003AF206BCF5CA1B0B84224303C3A005298560B5FF51B74D031FE37C864422175BB9AF + +k = 16 +x = 03B2A87BC62D5126EDDC7A6213847323AC5BA9391F49A45E99B643DE45DCEA9F3E5B78B8F20602594116DEB01A5A7070BFA1226ECFFB188AF8E665450A56C10D2166FEA01243D056 +y = 05FE32A9FEB9568A9757C02A30480D7E577F8FE9637EAF3DE90FFAC6780E1D29049D0119FCAF240968AB72F0EE71E20A1CB83CBF2051373F63A9D34EF96C732A37EE8EC924BB201D + +k = 17 +x = 05B8B14B3EC5502E82460B0F2ECF5B8DABE3FB6DE4DED11F53AEFB4F6EE1BCD9C7E51FC43D8DE6C544C23120BE4A67CF0745ADD6DE00A3DA90EC5B2EBA2908A3CE3B33E841438A7A +y = 069569936CBB105E18ED72073F62D852BE8AA7FCA514CF6487AF4FDE453834AD04F0BFDAE2A90E5F1A5F9E8495089A2E7A6F45E184D468304B8632F0163B7C60DD6CD9F864F17C4C + +k = 18 +x = 049F44712BE7CD58CBD8606E38A546C397522C6E1FF1958404DA02C548E83BD9ABDB414595C4BA39E360E8E550081A97700862A1503B58539A4A699029E2079F4126D0120C29CEE7 +y = 0346CF05EC13F66A2A62AF97920CE7E38E23186386DF7612E2D01E88467490A2E55B074DD0A240A162E8943FAE7E7850C2191E269F918DF4073F2E52F2139A53CE2A75236CD18B12 + +k = 19 +x = 04132288CA1000D047390A4F819251393D2E134FCA49B55D124E9DA11081833C21032F705BA1AB110FFB17858D4C55B19012D55994EE6B862C0CB1761295DBE6FD33C7F07B5F4055 +y = 047CD3DD39ACCC310E9C9997A0A6425F0AC3E4AF124FB138FE6DB3D69CFC1CC7EF35F9E7DC8D593C3EA863F82012B8B39BB744C82BA670A2E332FF54EB60B1D8AEE15ED5B9AAF012 + +k = 20 +x = 005E200B536A9964B2E46C7849B7F4A0A8FA41D887838866089F1A572604469CCB7B5F000EDC152EFA0D193AAD39E1E1852B168C46D877D3C64AF3560D264157A8F06CF216C76C1B +y = 044F4CAE6C2D7243842299A214C837C997F833571F460EA005D6722C7F2F83474251FDAB47014E33006A7334DEB84B14B9FA8537FAA5B8C0C32EC9A9F49AED6FC0AEC476745EEFBA + +k = 112233445566778899 +x = 02FEEE38A60E619892830024E4AC47B7992D475E64ACFE57141F7887D11C5D6AD236DD58660CB261140EABB940EED748182439D431C2871CBEA0ACF9165B798A34ABB8C75CDB981C +y = 0123D8ECB239E56172FB6EF2D0E9D7EEADC42C0534400DA569165A31B74FBED26717D1DC535E383864D96FCB2D7583B18DAD9951C3549E36468E0D1D707ACA29F548902A73F6121C + +k = 112233445566778899112233445566778899 +x = 06C22BB855C704F0826450A0F720012569F67BCE3CD4B547801629D27D672ECECD558A5483ACBF831943704463303DFACFAE2C4CCB2C2667E72CEED77FA405301FABA53536DB776E +y = 07700EC8CC827B5A4C391F95FEAB1BA0A105858445F6B3642C670BEC422129CFF52BB4618E399582DB1C46FBA2C22CEADED3B4E15D2E268093AC229335E6FEEAF23FD734A539640C + +k = 1992623597601820334275444784098161341414252502647858850477940617876196735335367504892511147225880341545498168999090021223223595237741903315110794472594029953181583356723327 +x = 03F4A2769B8AD68269A13F6BB1603054E12A18D84D558D0850EBDED4B078BC8841CBA8200882C8538C0D5C7E4365660517A45DB4B500E3C9E8AF5F158386EE254E25A4B12012ADD3 +y = 0643821BC61F91449F815A529C4152A571ED6675DEB0719678FDEB7D0EC41D24B868B7945DF70C276E830FED07FBAEA5F65A4FD8A20471D8381560FC66F96455121BB9D25297C12A + +k = 3861235304097731366395849020295506793580025501573752466082694720823659889999449120687268962697352252653604400025856795876469657119139444635908785358460460317088877788544768 +x = 032BA60C8312D1F5594669DC1DB1163C76A2235433C4D14340C007F37980FC68807021FC55A2295D647CD68CB8FAF5C0ED8F6E4BBFB512A1BB4647618A25C971F1183914FC6BE5F4 +y = 02771822380C0DADB70588467E186BBC83DE1F3E57FC6A6795FCD9C75F93731B176DD8B1B8A4F7ED08444493F3C9FDAA3BB9E6C07B7B9FB8990F69F679AEA3AF14E15691BCC84C53 + +k = 29484053325707075925799971880648520225129267203907309744947579482621481989803910526623412325649301163282163977203931103437234275639190412051242172756191821780639287295 +x = 0084D258DDD36501D0F3226981F73362F8FF31C0DB5256B8BC0669F9BE0274E9D7FA5CAF9132DCE2DEE94093DAF16763AFD8DB6BACA3C22514BCEF6BA32C9C1EE6C364184B0002B8 +y = 031008F9724E0F5E53554C0CF3C88C21B64BEA57DCC1C4F1E6BC4F35E35255B9DCFFA65633669B6548F5739299FB0CE709F27D71CDC4DD0B1D73F511EC5ADF2EFB4C1CC1115AEDE0 + +k = 3856989612564136079392730580999641434043086815740351063506109991771247389759040179364506010801907655119601519159801507707836288138946973600108373332732886149272671889129479 +x = 05299CF8A12FFCB3BBE1FFD804AAA2B0BA30A4F23B4F74CF5059465B1FCD12323260BA20A68A96796599F09B6F0C56EF978C1579B8BBBBFD9B7819396127E2989A5083D7AEDA7ABA +y = 00A741DB87AC6BFD1D37E24B76CA64A84EF0E3C1F54A2D79D810173A7B40AAE17075D648267128B2E82EA2032700D047C5D25DD2F0E6F7C43F5F83824538BBB4133008A56A9CB87D + +k = 115168896320404645651432041179098839414378138206812196561404436546770474625174718418325552238695410399889241880699884998980722656882424204062175554372303917066223615 +x = 07B2F3388543EC3D9272A31B59A708AA3E71214187E0B117B1A9B7AEE4AC0BF5E8A74399EFDC77C5E37FB958434B499EC3DE3035E3398160C3A272071F1953F4825BA3E70C8FB214 +y = 0178AA5EA704297D3B4DE01E39BEEB2FB3F3CC8A2CFE0F2E5DD9275DDAACB90A111B170EB0666CAB41597C30AD1A49F0B75D7DD28B6975B59A60740AA9595594697541E5D6139BD1 + +k = 3864537523003199239087417163945278577471667133170388636024057769266287662208867993319214525206175292032772076860100999103054058369004034553550030668101507007173144516497376 +x = 05FA03062DFF71299A4B2CC23D91AEB60E4283397216460A10854F6F5CCA8A346C77FCD3EBD5F10CE9FFA131C4B07DF6B6CD3C0D25E4EF65B7F163E16A3D031F45F39370C9B94ED5 +y = 04CBF73EFCFF14A120358E286F71B008C7168688C7D6A2DE13A0B6AC2C8399556844AAF20405453DE12170239305C351CDD2D03A74F4DA2063B95D7769DC2958B4E3311CBA997A91 + +k = 230121197121011964829492956410962317332440724987436349361278165103269765744684971897427792562867723805262067593176384089090183615361873148246784747143625214720344064 +x = 04AAC818AC25D49BD64613E9B83A3CAA23CEAA144DCC4EB8B97150B02CF6A87B2D472C45528522DED254FAE4297DFDB413E4F4D3B135AE6E38ADA5C70D8ABF8EDBDE541AA2BA24A9 +y = 02D0488ECCB1944F76EAEED27647FBDB5CC5BDF7451DECEED5DBB706839CE3FE79C6A1799EC79CA600F65D7FF1C355AE37DC055A557EC17D3AB32B437135B6A75286EDE7544EC98C + +k = 3864522781876319144444990411489928498745425588762374758896440897920023110585946263236417010936645116291777139009696600304790060614733522620138525597803759712486299307872239 +x = 01959205027954C735345C8643490346F6BE72E55C0D7FC28192A9C1C0BCF1AD74CA28E2071547AFCC4B665F24DE0F3485E544D173FBAC9D16F0026DD4DC518A303E6F814DC5A7D2 +y = 00A9C8B9B0D15B756261FDFCC20B20F10793124011846079C4482F5A7216DE432D637683D69F8DAD0B7126E2108F5361630879D4005FE9596A4C6C8A7E114C1ED7D9AC50BCF21CC4 + +k = 1815275926114215700701028333874259168175794556292427843778276145855757450023893249648446870539448899577350096228970948933440013595519109366285051171291091396578474272488967 +x = 037E95DA8EE613495B4ED15B77F1C22AD2458B580B3E5BDE4EA637F1068B296E686C8D42519C23DE6EC96CFF6C265CC3177F5623D14191EAE8990BF9EE3F8D25A8D0540923EDDD4C +y = 03EE786A0854C81AAC92F28FCA6ACDAE82B296893EADCBC2B2D1CD7DEC2B40AF53E1744C5E4620DAE97BC4C7AF334C2FD468D8DA9A00ED0745374CABB7403BF0DCFCDF42789F5B43 + +k = 1287149561276048671542980749585292895031172887885203268478243566010436807420646737938361337191803564987388184003920857755944740028427123811551562332234582015 +x = 02D19058B78824936E068AA47953EB524921CA9F1E49E94D3BF1778DE0D1DB86DC071A1A24AA4A84201CCAA4B5913B9A2589B6EBDE31FC64B7BDB038E84CC80439D92F71C1DE75D1 +y = 008139B9243B812661E4299F21E37CA7A9A384DCB391A089F5F3F0A5B9BEF7797D618397386BCF342AFB749260B6684D15DF07F831079E14AF100DCD4319944F7FDED17324A1D6C1 + +k = 1932268761508629172347675945465993672149463664853217499328617625725759571144780212268133978522706711834706712800825351461273674974066617311929682421617092503555733685276653 +x = 005E200B536A9964B2E46C7849B7F4A0A8FA41D887838866089F1A572604469CCB7B5F000EDC152EFA0D193AAD39E1E1852B168C46D877D3C64AF3560D264157A8F06CF216C76C1B +y = 04116CA53F47EB2736C6F5DA5D7FC3693F02728F98C586C60D49687B592BC5DB892AA2AB49DD5B1DFA676A0E7381AAF53CD193BBBC7DCF1305643AFFF9BCAC38685EA884629983A1 + +k = 1932268761508629172347675945465993672149463664853217499328617625725759571144780212268133978522706711834706712800825351461273674974066617311929682421617092503555733685276654 +x = 04132288CA1000D047390A4F819251393D2E134FCA49B55D124E9DA11081833C21032F705BA1AB110FFB17858D4C55B19012D55994EE6B862C0CB1761295DBE6FD33C7F07B5F4055 +y = 006FF155F3BCCCE149A593D82134136637EDF7E0D8060465EC232E778C7D9FFBCE36D697872CF22D3153747DAD5EED020BA59191BF481B24CF3E4E22F9F56A3E53D29925C2F5B047 + +k = 1932268761508629172347675945465993672149463664853217499328617625725759571144780212268133978522706711834706712800825351461273674974066617311929682421617092503555733685276655 +x = 049F44712BE7CD58CBD8606E38A546C397522C6E1FF1958404DA02C548E83BD9ABDB414595C4BA39E360E8E550081A97700862A1503B58539A4A699029E2079F4126D0120C29CEE7 +y = 07D98B74C7F43B32E1BACFF9AAA9A1201971340D992EE396E60A1C4D0E9CAB7B4E8046084566FA9881887CDAFE7662C7B2117C87CFAAD5A79D7547C2DBF19DCC8F0CA53160F845F5 + +k = 1932268761508629172347675945465993672149463664853217499328617625725759571144780212268133978522706711834706712800825351461273674974066617311929682421617092503555733685276656 +x = 05B8B14B3EC5502E82460B0F2ECF5B8DABE3FB6DE4DED11F53AEFB4F6EE1BCD9C7E51FC43D8DE6C544C23120BE4A67CF0745ADD6DE00A3DA90EC5B2EBA2908A3CE3B33E841438A7A +y = 032DD8D8527E40709AAB790811AD83DF15695C9141CA1E7BD401B4912BD98874C315A01EDF24E89A5E9DAFA42B42FDE17D2AE8375AD4CBEADB6A69DEAC1274C31357EA1025B2F636 + +k = 1932268761508629172347675945465993672149463664853217499328617625725759571144780212268133978522706711834706712800825351461273674974066617311929682421617092503555733685276657 +x = 03B2A87BC62D5126EDDC7A6213847323AC5BA9391F49A45E99B643DE45DCEA9F3E5B78B8F20602594116DEB01A5A7070BFA1226ECFFB188AF8E665450A56C10D2166FEA01243D056 +y = 064C9AD2389407AC7A8BBA4823CC7E5DFB2426D07C370B6370B9B9183DD2F7B63AC679A10EA9265029BDAC40F42B927AA3191ED1EFAA2FB59B4FB60BF33AB2271688706936F8F04B + +k = 1932268761508629172347675945465993672149463664853217499328617625725759571144780212268133978522706711834706712800825351461273674974066617311929682421617092503555733685276658 +x = 000F29804FB396BBD95B2A4A839DD09C9FDE3FC231DEC8EBF7AB020E9A543F6404902F5CECAFB1DA9706A80E58E6458A1CB75024787A9697209D378F4B53669440B8A8775EC4A811 +y = 067AFF359A579E413A88E2C2687B159592D96ED90C81492BE7C5B9CCF7916A3EE533F82E3DAF8B2891BA5DC443EDC1A85FB493847D5313F795626638065079773C3EEC55499F11BE + +k = 1932268761508629172347675945465993672149463664853217499328617625725759571144780212268133978522706711834706712800825351461273674974066617311929682421617092503555733685276659 +x = 02F16CC4BC7EB0B534DB3A39CDC87CEA2FDE36479568C75477155FD48CD610C9AD6A41793C6A19115AD0B290715072CDA91F8CB7553656A86F7BA798951E737FE0043813E42D20DB +y = 041D194744B9EB84C5CFAE704793CA11534BE8C84F74229DB0B554723988E4E056D581FF53D3330A84ABA2F83E952813F6A9EC2726CF3E0751276B224C1506F849E08B04F090649C + +k = 1932268761508629172347675945465993672149463664853217499328617625725759571144780212268133978522706711834706712800825351461273674974066617311929682421617092503555733685276660 +x = 01A3C1F431D854759F712774FB257158DC5FCDAF0364B00D60AAE6209A3011A0EA16C00E47F5EE61D4A9C11446759B4C624280B58A20D070574293A8CAF96122D4F2780A2039D42D +y = 0199BCF7D900582C2E3A90E77FC2E45BD6E0EDE04FEB4577570248AC8CB14FE2DF7491134BA04B943C7970ADB862070090285F09466D4225365E4A6716EB259714A8A644EC6F9527 + +k = 1932268761508629172347675945465993672149463664853217499328617625725759571144780212268133978522706711834706712800825351461273674974066617311929682421617092503555733685276661 +x = 05A822AB944CB3FEF7D03F34037BF5BEA88DB16FB830E2357C3F4CE0EBE480F65AEA523D7D6F63001582B203B448B8C82372165E98CD4348BE2CD87C2F922ACB0B79DC829F078532 +y = 00ED300D50E2403C75B460095315A87CB3F0AE8622065782B42813A846A0A52790DD1789A0F7B84157A982C85D7886DBBCB193D14FB3A3D894DC6A24E44BB947587DF1D94931C22A + +k = 1932268761508629172347675945465993672149463664853217499328617625725759571144780212268133978522706711834706712800825351461273674974066617311929682421617092503555733685276662 +x = 067BE688698D011721580D00BE9A194D3147FBCADDDE8443BDAB8593137CA9CE6CBE7F953C8BCF898025A3A79E90C74372EE242DA16B9EB6572063CE7110F2BEFFDD3C1929EF58A8 +y = 03C5B9B84020EB2634046D4FFDAFD73AF1080B37A27807B619B9EA85CE461D6B4483241B681C08A1033726D944D5A9BD4039149DC635CFEB588F8365045AC6EEC87FF88AB986630D + +k = 1932268761508629172347675945465993672149463664853217499328617625725759571144780212268133978522706711834706712800825351461273674974066617311929682421617092503555733685276663 +x = 05B69AD9CDE7519731ADC3E68C5DC5B5C910E672E2FD96E1D7F0969035E3BDB3C2FE412B51DF6D0503D2E61D5444DAE97CCF1A48F138EFF62AEF3A4420CC0676D98ED6035FB70DFD +y = 041A6A9A5C306A918F2CAE6C24F701093218030D073A2FB352BE9B1F931651BE24AC7F13BD5F78B1D2AF77136317C98CA1C3D16CD8E03203BBFC7B0C5AAAF04CCFC1FD9B903247A6 + +k = 1932268761508629172347675945465993672149463664853217499328617625725759571144780212268133978522706711834706712800825351461273674974066617311929682421617092503555733685276664 +x = 00EE7006D88130D14E1CBBC69250EBB26CD8C8201CF04AEEAB89E7894520B06FADC9458CFC68DBE1614B9F3A50C88372725C6BE620D15ED9E0AAC637A12469FEBC9C6148575D66B7 +y = 06AA19695ED71099AF90345A027BA3632E84FB4DBC6E3A562D15000F42A84811CA99B0EF87AC2D8D009D92EFF516CEA08D4562DE64DCC382CC665127850154A4467335ADE00445FB + +k = 1932268761508629172347675945465993672149463664853217499328617625725759571144780212268133978522706711834706712800825351461273674974066617311929682421617092503555733685276665 +x = 04FE7C86A25F57E351C10E88934B73A0FFB95EB99C4C782779544A73625891B8F048DD85B76763A221AD94CE60207863E1E8F66B89845DB3F8817764BAF7B53634CFDD67B5D96BE7 +y = 03BE610B0A6D0F2C68FB0C05176BA1698D916968EDFD45DB87AA0BD90A8A99F271679893750528212ED969D1E0E839E3F969F9ACFBFCA613E55C5E5BE8F87C39A66215EF676A3E7B + +k = 1932268761508629172347675945465993672149463664853217499328617625725759571144780212268133978522706711834706712800825351461273674974066617311929682421617092503555733685276666 +x = 025CBB972B6DCA6F2D0272B3AD51CB993AB9F7494EE9C9D14010489C7C6E368E2CF648B6D6B3BEE9B2A4283A7E7C574142F75F4B1CF1FEC0AF2CCFEA125B488C9BF415772F9325AB +y = 0729E5A8BA67B08F4DEE9CFEFD4CC5C29AE3A6D541B8894A9F30F1EABA82C449BF40E64C7D41E4DA2493CD692A295ED38DB200ECE13F641762C758EA525A9916107DA4692BA12A7A + +k = 1932268761508629172347675945465993672149463664853217499328617625725759571144780212268133978522706711834706712800825351461273674974066617311929682421617092503555733685276667 +x = 006E8AAEAA55AD0261CD73AB384BF9D32342BBBBA2A2617F2712291F21AA517AFB18F994B97FA4E22BE78DED410A49F3CEE2A0247A55EA8325971B9A1E0C697A45BBB818100D0541 +y = 04C16E8EFEDF76D9C1056F6715C24237358DD1BE427EE20F999CF26B4870EB5ADBAAD2432898DE75EFAB6212E6271CC17146AEC61EB1B09755E8D68036F39728884383879847C263 + +k = 1932268761508629172347675945465993672149463664853217499328617625725759571144780212268133978522706711834706712800825351461273674974066617311929682421617092503555733685276668 +x = 02541A1C26F233F751C400F4CFD93E17F77CD429AC196E3E484BEF21FC4D8CC690C372F624913BF302299F5AAF99DF5EA83F15AE6A61DD7E804B5081CC5F4B47C4C0C9BF2B03F581 +y = 06AC2D447EADAE88A747E04310BF69C0D887EAEDA1B32D46E647A65BF5E7FCEA1234A049707687A3DB23D4C1D2C2288BBC371E6CBACBDB7AF7B4E96B92738ED0C1C84122628019D8 + +k = 1932268761508629172347675945465993672149463664853217499328617625725759571144780212268133978522706711834706712800825351461273674974066617311929682421617092503555733685276669 +x = 03A9D929CDF49B600D7658B46EE4106E7ED45E08E45BF893A3C51FABFEF323777611B8CBAB294498F7F1B645F56D11CDE12CDB00B9DD1F245DEF47FD44776C0EF9ACFBF0A493E9E7 +y = 01D2BAF74C433EF1A622EE73C72F2BAA41B2563A9442448482613F55FEDB3FD025D68D4C84D68D9F351BD406F1BDA3C39D27342F88A389D566FC137BC462CE7070D5FC5DB476F469 + +k = 1932268761508629172347675945465993672149463664853217499328617625725759571144780212268133978522706711834706712800825351461273674974066617311929682421617092503555733685276670 +x = 0287B0CCBB649860CCB56F10AFEA9090C8A05A351D2B70671084C563D37C6536B8BE7B6130BFCD60E2111CD8A1283EDF48970333C3906A61809D10BBFD4E016650AD4A749A68199A +y = 00A1FF0C707F1BF6434697E5C7707A5DE39C93FB44C4F39710FAE8C0D726AD9D94B5389592761F927501D016436AB81CACB545272836254E96B4EDC2EBCE95755F9C9CBAE214A4DB + +k = 1932268761508629172347675945465993672149463664853217499328617625725759571144780212268133978522706711834706712800825351461273674974066617311929682421617092503555733685276671 +x = 01C09F99BDC4EA3FB131DDBFF6E417B20BBB9E90D5611E2CF7A80EE25BB63A23F48CDC08E7570CD9619FB54764E49751198F9EA19564EC87A5DA9ED849504BB73A6931F5C76365F2 +y = 01223728658524151483D1691C79800C351215A2FE68259EB623D620CE0FF53BB52790C18EB8B6E7DEAE1951DE70A37310FACA8E5035623CCF34FB74E6AA6647E7D93406B5633CBE + +k = 1932268761508629172347675945465993672149463664853217499328617625725759571144780212268133978522706711834706712800825351461273674974066617311929682421617092503555733685276672 +x = 026EB7A859923FBC82189631F8103FE4AC9CA2970012D5D46024804801841CA44370958493B205E647DA304DB4CEB08CBBD1BA39494776FB988B47174DCA88C7E2945283A01C8972 +y = 01276B2826DD808BCD527CEFC3DAAAD5E1492E7B9F22AF809FE29EB401E99688DE39EC443FF6AB4108648BF443BC1E500DF10A2332E0D9E0AA8F77DF14D30C31E3591E979EED4ED1 diff --git a/BouncyCastle/crypto/test/data/hc256/hc128/ecrypt_HC-128.txt b/BouncyCastle/crypto/test/data/hc256/hc128/ecrypt_HC-128.txt new file mode 100644 index 0000000..fbc2fbd --- /dev/null +++ b/BouncyCastle/crypto/test/data/hc256/hc128/ecrypt_HC-128.txt @@ -0,0 +1,2337 @@ +******************************************************************************** +* ECRYPT Stream Cipher Project * +******************************************************************************** + +Primitive Name: HC-128 +====================== +Profile: S3___ +Key size: 128 bits +IV size: 128 bits + +Test vectors -- set 1 +===================== + +(stream is generated by encrypting 512 zero bytes) + +Set 1, vector# 0: + key = 80000000000000000000000000000000 + IV = 00000000000000000000000000000000 + stream[0..63] = 378602B98F32A74847515654AE0DE7ED + 8F72BC34776A065103E51595521FFE47 + F9AF0A4CB47999CFA26D33BF80954598 + 9D53DEBFE7A9EFD8B9109CA6EFADDF83 + stream[192..255] = E7F8DCC6A1D42ECF6A49651F7C610657 + B1DF6E58FBEF6A246D6D4CAA83858839 + 86325BE2B4185B4D63D4BF766C5F4B73 + 0B89C3CD66018155DFE9D37B6F5C1251 + stream[256..319] = 6D21763B2FEBADB212AC71388FF93586 + 48AA1A0E874D3B6932D7F80A5657F88D + A44BDC16AA21E531E3E473CFE6FCA9EE + 20739339CE4F2DAC793210C8CC20897F + stream[448..511] = 5BB39DF39C64BFA13F2AAE924D3DF4FA + 22899838ADB609806C022C36180A3E46 + A547CFF7F4DE1151A81AED3646B2D86E + 1F0F3C22C92D3459593ED599D1A535DF + xor-digest = 1EFC3423B31F67D397923613A1169F54 + A35193C9A31484D48204A8380D19984A + AB3C53E44D0511C1CA13A3823A0B2C24 + 7602797C533F0D5251CD5FF60D4A4F5E + +Set 1, vector# 9: + key = 00400000000000000000000000000000 + IV = 00000000000000000000000000000000 + stream[0..63] = 80978AC0647C7C5E3716B3B3DD9A3FD6 + EE0EC133F29A0F2F92E3F7AEFFE8CAD2 + 789DB433255F7A9F2A9D0873B8932032 + A7FD7EE6D07C903738B78E88DC173674 + stream[192..255] = E314E449A75D8CD4FB0BF8BB133915EF + 0471D3824CCB9CF828F2086EED1E09EF + 78E510E0D7362275CFECE3F2D79F5B37 + 8C8F21D3817083098E1D3918DC49EB13 + stream[256..319] = BD9BD906D4AC9B0A0A68C1371DDD0BAB + 7D36784577856634034D9A7BAF3A8B06 + 1C29904A896A82526CCAED7899FCBCE2 + 619E6AEDA6D79B55C6EE7C97353486F0 + stream[448..511] = 163E7EDB8F4A866A0E1C991883B2A966 + 0DF6C547BA4C3E2D59AC014170872C73 + 220303B5AB4D7321CA0C25DF3E18D5D9 + 1D6B52A5C2369F4F764B7E4649674F89 + xor-digest = 2F1B2356F1149C6EE7694E217332E4CA + 33E47D0DB237E71D542A4BFDE033137D + C8085B39215AF06840E542E501FC0584 + 257B7F6DCD6297CABF03026A95A6E27D + +Set 1, vector# 18: + key = 00002000000000000000000000000000 + IV = 00000000000000000000000000000000 + stream[0..63] = 94DAB13AE0D2F9A65283C6AE98733110 + 1C4EE45EC812AD67DDF3D1F026B51B17 + 2D366C7E3B2D55E5AE7010A279D35B03 + 83B77E96C6B2434C3E6DDC2401D64AEC + stream[192..255] = 8199B6243A278FA6C07B430B6FFAAD83 + C2A40A1115DEB693B446504AD35615CD + C4881D06F2EC1EC5C189BC37C0F6AABC + C349FD461023A1B840C40B7E96A481E4 + stream[256..319] = A2FF8C499364E1E900EAE72A98399585 + 6C609132B14C83B191D49BF251E73EE2 + 0FC48469A1E72416F803CCB7C933A880 + F8343A8DE2AB9492190E86194680B21C + stream[448..511] = C442F7A0791CCC0F7E8D4CC454829E6C + 26811BE74AF8BC70276C4901277753CF + E44FACC0ECB82E9E5803CD08A316D9EE + 5B0A016185BEEF9FE94A3E64C8BCB161 + xor-digest = 53170F85C0661EBB8E0C595C6405CE21 + B9F19433C791DB8A71883E4E6BA31656 + 2268C2110CCF228AF6634A80599B6A0E + 24106DBA30C3098EE57A10B1604511E7 + +Set 1, vector# 27: + key = 00000010000000000000000000000000 + IV = 00000000000000000000000000000000 + stream[0..63] = 0D3549E38106BC69495957DE0722C36F + B3362CB8BB2ECAAB49C99AA5455C4DC7 + 363E990AE7FCAB1F4648413DDC698D79 + 294F3FF36FD83C299AEE2772D34D057F + stream[192..255] = 3239C047E0DA62024EC64B1D8E8A5E0F + 6E89062774AB24D2B69A17FC7F4C6EA8 + 85F71AEEF1B7A36A559EEE29D422CD4E + 98733C99CF47472F1E4A406EC58A80EA + stream[256..319] = 1B1F13FBB383683E26371ECB23F49D0D + E3B0A224D96A1A87D63A6737614F0415 + DBAA27AE8107DA06E5BB62D96FE4502D + 7B92EB6B5AF180CE8C2373920C77292B + stream[448..511] = CDA9A705E95B0656600EE8CC654127ED + 0A8E362FACAC68B18C0C25CA57929F2B + 1761F0706FCB0E066338507BD04C7F62 + 0FC91BB6AD77D569E30547959578216A + xor-digest = 6D339778DCB212787325D09BA20110C9 + A9CAE09E5915DFB1F74BA59E9C610FEC + 7989F18AF4CE86AC3D135659F46DB2D3 + 59C08FC80B14E10AEC6B6701F661E86B + +Set 1, vector# 36: + key = 00000000080000000000000000000000 + IV = 00000000000000000000000000000000 + stream[0..63] = A4E7B46F89DD8205C71F6453B1ED3924 + 5D7FBB100E7EBE4D1D27E69047AF47DB + 3575B3A580FB9591A5F794306CDFA3E1 + A0A61905827D5ED980F49932A5ABA561 + stream[192..255] = 364556E21E20C5816ED375B9C12C0603 + B680F2A4972EDA77AF198A2F015ECEA4 + 7171028016B99EEABE1DAA2131711466 + 6D3C1558218D95A8068E1780BF738C2D + stream[256..319] = 84F5E62E1E8D4AD21DFE9B3537172D6E + 3F4539DD15B5A55B38373E9787F0A4DE + 5F4D90B0D56C0E1F8A5F9C282A1F5567 + 342BF864960F27E5311A4FBE3B85CDF8 + stream[448..511] = FB062A1FD5E64D97489F24A4F12193CA + 9C6F4711C993C13742EEF14D88009DCD + FA40D295DB8959D1562DE734ED1AEF4C + 90D136852F37A4115757F21F40977025 + xor-digest = FB8B62297F1B5E510091057F075AD348 + 54FD949E9E35712E2F455D25AA7EC559 + D55FFCC3D6832865EBDA17EEF34A2CCE + C6758E6449BDE9D70B5071B2A1D5094D + +Set 1, vector# 45: + key = 00000000000400000000000000000000 + IV = 00000000000000000000000000000000 + stream[0..63] = DFAB6AB2296BDEB8D8B3F6A790F3885F + 093BAD3BE4E0BD63E43F69535F5E77CA + DBA06B447471B03D6A47D6BCB5AE4D40 + 03B8AF7738AB8EB4D5B9C6040A434A71 + stream[192..255] = 9313979FA86022D65C61D902DC0D4F9F + 98C1D026B710B03123812FEABEE5C0ED + 8973F8B97CF7E281EEE0A5135A01F0B1 + 4C6DC27B352CB349273EE5E34541C518 + stream[256..319] = B53E875AA400CB453C7DBF5CEEEE4D69 + 31763C844FEDD960E5410FC3A5E51B19 + 7D252502EDBE71D457461A9D0033E26E + C7F78BD9C39580695914941737645754 + stream[448..511] = DED32F71701CB0AB10C3062F1A15571A + E70F2E3AC7A533CF7C962B2F4C256A9E + 12EA7D7F7DEA955DE6C7CA512A7EB4B1 + 80CE31FDD1F38BD486EF438D52B791A8 + xor-digest = B0EBC9D8BCC2DC7E20BBB7063FA84B6C + 109A619BE7EC9DF5C9C6182AD692DED1 + 0F24329DA2E5C346A659F2DF60BA0F2F + E0169D173C4C75D26363A0D7DB40A195 + +Set 1, vector# 54: + key = 00000000000002000000000000000000 + IV = 00000000000000000000000000000000 + stream[0..63] = 9D5E9AA4795B8B5E97E415BD1F14E697 + 3D5E1D148EC12743699A48DADD6EF61A + 4643E9A7C2D2F88D50A8B9A63E003367 + ADDD8DCC464EB1C0FA6C23D244E725C9 + stream[192..255] = 8DC91C4A6B3E6B88EB7EE1E0F7345718 + 6C80BCCEED7197FC98CB118EE13D9AE5 + 3EC8C6917F38FEE09C5C6F08E475E058 + 51D1E7D4EF0B24AB263F0AB5656E3E82 + stream[256..319] = BC2875569BEA6623C7E16A6A87C972C1 + 1EE3782148A48D51F6D9E32CFB42812A + 2D20A318F0D699C9E760159F591EB9DC + 9EF3429A2613FD30EF2C839FFFAC5D0C + stream[448..511] = 6733FAE7B9AE358748DCD6937D494F21 + 46315B363CC50E362C5F585FD350C462 + BD99DD69F2644043100A9E690302CF26 + 4436B96CC818B659555DE0ABCBCB911F + xor-digest = ECCE54CD5721D18E47CAE60E30741660 + 1F03D46F90A1110614728849445E66B9 + ADA53954F9E8DCB746CC4BCD4D82EA34 + 30767E2CF9BE6BF81E19382DB5A7677E + +Set 1, vector# 63: + key = 00000000000000010000000000000000 + IV = 00000000000000000000000000000000 + stream[0..63] = A88EADE3DE0EB0BA73CE09E995540BF3 + B8DF7485F028B1C3C15D1F813E2C5413 + 5B004E1804EB6FD248505C998B5F2CCD + B3EC043B40FE7A532981F932D107776F + stream[192..255] = D81CAE569DEC3E6D22C83F043B64FC88 + 0B04116A646BBADC38B28848D17028D3 + 11535C1AE172CD85A9B2D3ED4D728FCD + 0A5289DA14D823578E5B8984AEE42671 + stream[256..319] = 18FF81D6F5D7678998B48A51CF0D024F + 5872A5C1084E20182A8C255938339D34 + 6798356AD957663C089939F896330C12 + 747C08E2BF752B4103661B98229FB5CF + stream[448..511] = 9B797430B254C3F4DDB6AA211254ED75 + 13A7403B62D5D1E2452E43DBCC7B50C8 + 266F82A5155D405A5B7E15E921AD8154 + 362799FFE25F1E7ADE3434B0862E9D10 + xor-digest = 983E10E11689266E4569A99855A4F642 + 9094FAEBEBCD68434BD771C8528FDC62 + D357A379A0D6D78B9543E9A4CCAA42CD + DC719C3C880A358B409477D670F55EBF + +Set 1, vector# 72: + key = 00000000000000000080000000000000 + IV = 00000000000000000000000000000000 + stream[0..63] = 7ECBBF2FD6D7E521A15DD022D0988F7E + 319AC64A9ED55C72E2817AD91F778221 + 98A55A9E9BFC9D01C0BF8BCD9828001A + 18AED8C48E3F6633FA541B74A1799C62 + stream[192..255] = 1BC71E27C8EAF24C12E78A4F9FC8E000 + 625AE2FA2AB74483C8EE3ABB69C77B13 + 7DF6C9213A1EA8D6557F0C1688154B87 + BE22F1B87AEE346AF7AFDE02C4C2C776 + stream[256..319] = D2AF220214395745FA09AF2FBBCDB112 + 0A588713476B29479F48B92F278BF39B + 3048630F0EC091D1188E7CEFD4C6F8D2 + 709187581999E5DEE22745D21C03BCA3 + stream[448..511] = 995534950559F7F3D01A718891ABC639 + 3D64688DE7FDA76C1DCF2B81F6934EE9 + 4BE1DE90F720E073DB9E54DC101BF513 + 5ED06CA4684A73A506553CB8713E4FEC + xor-digest = 2E87F43F3622E1A512D0E540939727EA + A035F7D7C136FFD565BF639C00165F7B + 6C33B969DDD106EC9D4CFAB1FA0D5618 + FD17C64CC68E94DAF7DB9791B7DE16A9 + +Set 1, vector# 81: + key = 00000000000000000000400000000000 + IV = 00000000000000000000000000000000 + stream[0..63] = 2AAC5C088CC1EC5D579779B7EEEB7F9D + AEC2DF6224B8E39F9E74511E4E8CAD0E + 59E0BEFCFCFA73DA661B53350A470887 + 11B1ADC5304481515256C94204EAD340 + stream[192..255] = AA9240B5E98DD28D7CC6FDF07C61E536 + 069C5D4B818A96DFF41939A57DF9FE45 + 32F384A624B236064C1AFF1A37C8CE01 + 23B87B7903EBB91D6D83C69C684090B5 + stream[256..319] = FD816941100F6CCA2EFF27C275753702 + 8B371BB985E878229621CA3D0B4E6BF9 + 1F74BAF0C05F661C93B819092CF475E0 + C61EE25FC5FF6CC9BE274834E718EDC1 + stream[448..511] = 0A2B3B21DE9AE621B9DA45091AA26213 + EE2E560D32FA4CB8ADC6DD1AF7EA11DE + B4905EAC39580A5A89A68F85BED6CFFE + 820A79E20265488FBC9E266ADA0C4CFA + xor-digest = 60ABAD1341AA90112B53568014827D64 + A4A39E7CCCD78943018C685D0CC4DEB7 + EE7A203B7C88ED8996EA7B2EEBBECC7D + 86E53A4B5E0646BA59CA88144B032C9F + +Set 1, vector# 90: + key = 00000000000000000000002000000000 + IV = 00000000000000000000000000000000 + stream[0..63] = CB3DF6C584DC8826BAD57EC5B98D644D + AFE6C749F0463744EE1CB03EC81DDEC4 + 4B4948C634552BF4760A0976C67BB2D4 + C53F7A7805FDCC68C3ADB7ADBDF9B509 + stream[192..255] = 0ABC3A02DEDCEE79E8C26D3667B085C5 + 30FD86A2CAB845CCD323075D7D6FD7A7 + 05E7532A5F630BDC205B1DE61DC29243 + A2DDC2750F9AF32EF0CD794EC074AA83 + stream[256..319] = FC4AD0FCAB98C2F3379E3A3D1B35DEE3 + 93B60A327A41BD5147DD17F315DBB5F6 + 625D67ACCF9A460C2CFDAD84403D4163 + EFF59D1356C144E6237A09044BCFF8CB + stream[448..511] = EFDAD499C277519887424DBEFAD5DB2C + 97C97CE5E512871B5CA81D9408F59B39 + 9E23B24AA57DC934C2F539CBCC6A9EE9 + 750B3A5D08ACEAFDED87C325D01CE866 + xor-digest = 7D8E173BD06363238A383D72422F5FAB + 941BA41199C462C2110E29E62350C9AD + 15780C3BC2B9092641A4702B9A696430 + E38F7D0F6FFD1AE59B82787A3A69CA0E + +Set 1, vector# 99: + key = 00000000000000000000000010000000 + IV = 00000000000000000000000000000000 + stream[0..63] = EBF5E178FA8E2E45F53B73AB15C2D54F + A48DEAC9529BDA434E857A809CC7C0F9 + D8F372BAE323FBF79874EC53EAD3928E + DB203A64C601A99BEE4C07473DDD3B23 + stream[192..255] = D461188EA8C5F22E8649B6FA7B68274C + D97EF513C81DA77CBAC826D9D20D9968 + 716FBDA415BBF064DBFCB7D5AE12F72D + 4DD1FC3670A553EE6F23CFDA400F6D9A + stream[256..319] = 031589CA9A8B0C09BD0CB167D3D49C2F + 873AA718E0C9B3A3A515A9D196C5382F + BB6CA5E3190FC20084F5A4D22DD92095 + 8E3A1883E30F7BFB55B40747B495FD49 + stream[448..511] = CF106A7EB0FD339B8EB67F09E2A27AFE + A4117C472AA64CF1A41850062266B48F + 92CB46600E87E811121959B19999BFE9 + 1C68A664A4C28ACC8AE5E6EA477D0A2F + xor-digest = 2480D3C1DCD26EE2B05D964B3CD526C8 + 4E39E6FF48EC793FB82F4AF928073D1D + 80887F9AED832951D4AB2FDB518B548F + EB5A42FE6454C19FCC101019B598A808 + +Set 1, vector#108: + key = 00000000000000000000000000080000 + IV = 00000000000000000000000000000000 + stream[0..63] = 2EABC4033A51B3901B6340BE32F808EE + A319582F21A7CF6633570E82AC879B60 + 3E438847D9E3719EAB71F8E3247FEFA5 + C07B2282AA2FA80CEFFA8E076304FEBA + stream[192..255] = F178E16CCB405A8025FA50215B109BFC + 9CE3A655DAD91BCC64D89BE115D4BC84 + 261DC0E440DAF6028D3AFEA13C9D53B1 + C38E2AA48153CCF3DD9791563E45A98C + stream[256..319] = 284E211A092241828DB7204310536167 + 653D66987537E004201DFF6290CD8C37 + 84AA31D76477908455CD4E1C51F907AC + 69893D7FD3D626989526F4E6891E82A0 + stream[448..511] = 043F1740552381D9A01C882DD0D542B4 + 8EE86ECF6B5D2A23B8EAECCA55224664 + 5702B29F7CAB606417CDCCAFD9B63ACB + CEC56E95C945B72DC457103B2C378A28 + xor-digest = 1A56CC2BC61F1A802CDF26A84BD37A9C + 86F903637E5A1BB21B5829994628B000 + 2A356A4D150DC529907786BAABD0C733 + 4500BE0DDC9D487EC6356B2ACD65946E + +Set 1, vector#117: + key = 00000000000000000000000000000400 + IV = 00000000000000000000000000000000 + stream[0..63] = BA81D9884075FC9E2F9938392EB10354 + 1AD1D4A599A6DAC3E33EEC59235C3559 + 4448E3DAB3B5A5F56DAF7B86B63EF376 + 3728193CCE74807DC7E26087D87BF7D8 + stream[192..255] = 1F91ECF0B6E889D6FD6FA97510D2EE3F + 91552978AC896D69B10A923F6F5CCA67 + 8320765AA5CDD2ABB4A5FB3CAF86C76E + 12280CABB4E74C8543C9D5B1D9B8268C + stream[256..319] = 31BF924BBD38F9FE050E17E50EB66C45 + 081DC5CF49F0F02610828A91F31D0B29 + AAB0D6123D69347ADA5CFB37C8AE5E70 + 38453B5194EA285F798179A875F75E70 + stream[448..511] = 78F5C37A21EEBAB00F7A80656D72AE39 + 5566B8114BA6EC8BCFE8C46D0CEB4C6A + BDE4E4F0F131BAC671F8186821CA01E8 + 69FAB184E938B93B56D1AA3C1D68D3AB + xor-digest = EFA43D76919EF92EED6AA30B4FD2E37D + 461D4377618426C2912493665FBB004E + 0C92A654CB660FB709681F460DD61825 + C7A7089737F5F5DA10023049A0595DBE + +Set 1, vector#126: + key = 00000000000000000000000000000002 + IV = 00000000000000000000000000000000 + stream[0..63] = 23C1F447C5496B37512923D74B61CF71 + 015A25988370C0F4E0E48194E4C3B72D + 0C9519F6A88D8AE9DD319A3C9160A6B5 + 51FFBAF27D374B3E6F624344D06BD06B + stream[192..255] = 019E730A2D0DD92CB417B1FCF42D2352 + 058F3B059E1FA4C489909E0B9B90944D + 9816E45E992893244CDEB5EA6AF79703 + F70CEC7C3E770D2A8310127B3EEA9026 + stream[256..319] = 3BA682C375554002E718ECEAE6768648 + 2442D9643AEB6E4D518A5146263B6BEC + 0577A4A0CCD7995F10B7F1312926C613 + B4BCFA28D37B85C7FE6CC64A26DBCD47 + stream[448..511] = 41D18A4275E2E4DBACDD91D3F79A186F + 6B2F48BBB64D47186C32910E86914BB8 + 74688AEE59998D8CF7635DDED58EA9E5 + C51DF64956C951C1F9123DC1C97A4027 + xor-digest = E7A40A98E52ACDD2CAD780E71312F128 + 8A73CDDD2CABD28EB767A045871861B7 + 680C64DE4986F508E8CAA04B49630B3B + DF931CAF478B2C3470E483F3D2EA71A8 + +Test vectors -- set 2 +===================== + +Set 2, vector# 0: + key = 00000000000000000000000000000000 + IV = 00000000000000000000000000000000 + stream[0..63] = 82001573A003FD3B7FD72FFB0EAF63AA + C62F12DEB629DCA72785A66268EC758B + 1EDB36900560898178E0AD009ABF1F49 + 1330DC1C246E3D6CB264F6900271D59C + stream[192..255] = 76F5E28163A6F72F4AB72FCD90C69EED + EF6D5C73539F14E7CA0BF6A9F229F12D + 1492EFCFDAD11EE26DE44F0E843178D2 + C989D4F21FE9B53C03C12874E83A7026 + stream[256..319] = 3CDC1D88EDA836767090FB77DAE5ECC0 + 0F5BF5CA8879733FAC19E8DE5C725636 + 7E39E8C9C4EFCDD75DFA9660BBBEB584 + B5593DFF4566EAC37E857D9B9E21FF06 + stream[448..511] = 713B389BD7E1651A450C051B77F83A96 + DA277A370FCEBC4303A18AB1C5FF5342 + B319F0593A67F2BE6DE7D256CEC89F65 + 61FF60B8AB8621B6720206975269023F + xor-digest = 4943A339E572249ED48A06F45BD60AC5 + 26F1ED970617DC9DB29EFE99ACEC6C7B + 82C8F548503C3DC16E79C4D7D7B7C6C6 + 08CE84DC170A72286CEA1148D180A7BD + +Set 2, vector# 9: + key = 09090909090909090909090909090909 + IV = 00000000000000000000000000000000 + stream[0..63] = 4C76978E4BC79261F8608B3E5327AEB4 + 4F2F0305D5F6B6326E0127F00C50DEDB + 85F5915ED2D70C9BECA2866AEBE6D154 + A4CCD80AC88588CAF24FC805974C96A7 + stream[192..255] = 5875CA142FA9AC13170031C71A3619EA + ECC3D6E0692AC276E2CA29864643D364 + 56DFA39E1782D487F49402AE32CB739F + AE267CFC438495B292D21E6B4A21774B + stream[256..319] = 8CEB212AE637E8DE29AD64E7D0719338 + F41AFEB1F1022F30BE485B348722B7F5 + A57DE6F253C6B0828C6FB1EF6C59EEC5 + FAC3D7FCBAB8C6BDAE2310CE77ECA503 + stream[448..511] = 4810F2AEA6804ED4820E5B9E7ADD1F44 + 37EF320686F108947B42991ACC7C4887 + 635E57E9AA90EF29F831D7959936DD95 + 0F466666BB84280764F5557582FAC149 + xor-digest = 7EA2FDE204E339B9C85051F22A46587B + 3619F4F9AE11426F5470D9EAA1629476 + FF156BF2727CB6306E62BABB4A68E9AF + 610D50C8034C5D4E23BCAC487F3DCA03 + +Set 2, vector# 18: + key = 12121212121212121212121212121212 + IV = 00000000000000000000000000000000 + stream[0..63] = 38F35C0172088DC537AE80089719655F + E8671884235DB1F6477D776B8DD158A6 + F6914C168E9EDF0B1020C63EA1851D2E + FE1A343C98ED4B4B23E52451B9BDC3D6 + stream[192..255] = E88226EA0CA8B620A68402F83A1475C2 + 54C875FD5D27C935130FDE6DCE3EA050 + 4F121A7EBF6B572D6EB41240A65CD001 + 5007AFF6C2A8827CC0841A6170C08467 + stream[256..319] = 0ECB78E446AB9C763315031C95E570B5 + 5A5D89BA13A228B80D86797BE378D766 + 59B47D48AF0FDB4C3D439311963B0A0E + 1311E6FA792B089EE4797D9AD023FF5A + stream[448..511] = 44C71180BEDC7E3CD29F80B9922C1733 + 5D815207E848FD528572CF61612A42E0 + AD4AEC01D042461A8C30ED194940F82F + A442DFD9061C03A1B72592894A0C73BA + xor-digest = 127E8501304A0632B8FA27A23BB97321 + BCD67F699D39A35A4324D5E8AD368E0D + CF134D13FBBADE2FA930AFCA7D15FEC0 + B2682F0B09AAB3373069F6DAB9EA112C + +Set 2, vector# 27: + key = 1B1B1B1B1B1B1B1B1B1B1B1B1B1B1B1B + IV = 00000000000000000000000000000000 + stream[0..63] = B90DA1C325244BDA08C319AA6B4ED7E8 + 3DEF56BF03ADFB2A46E9041F4498BE2C + 4B9F76E7AF98697B2835F2F4D4585320 + 36844D8FA3F34121D9BF624556A52BCB + stream[192..255] = ED912457955FE3EDB032F4E7C452A13D + 52361DAA3154A756B1C00B0079DBF782 + AD089F2C090691BF7B66695538402EFF + 893D27969913F25177C01F4CA2FF5195 + stream[256..319] = 0127342854571D0640F2C283104FD6E4 + 4FF9B9198492414C1803E36F01A2E79E + 3EF76F350542EFEA11419692B6A708F2 + 0A6D938306E9212B8F047207E7C5782D + stream[448..511] = B297A467A6D2770B2609C7DC1EA505F8 + 3A36223731550282001144B4DF3363BD + 49802CCDF59D22FC7C2CB7913B4FEFB9 + 49128A2BED699B55D24E5B26C52BE674 + xor-digest = 711ED121D562F49A3D3F66FE95540DC1 + A58F5703108A7C484A53EDC9FA7455D0 + D356D9EA792AC30009754E94CF63493A + 8AA3BEADC0E7D671DAC10390C841F9EE + +Set 2, vector# 36: + key = 24242424242424242424242424242424 + IV = 00000000000000000000000000000000 + stream[0..63] = 38D294B5B1ED0A38C5430A355A5A5949 + 0137741305AD7EB6159A1B97A956648F + B27C16F507D5D5FF8E2B779BFF22CFD8 + DB4C7CF7FA78CBB20445D2F94518174E + stream[192..255] = FE70A06921BC304689079DDFB4CD4BBE + FC64B0C8E014A65F6D84A804E8F8F1A1 + 371D470977F033ADCA960346B189E848 + C899CD90446D5074C3C1EE48DD40F0C9 + stream[256..319] = C9B90ED55AD83A8DE0547000ABD0A633 + 653ED5D3B62EB16D2C3E176952786205 + AA702C32FC37DCDB714D8BB81E488438 + 43B805F2FF5ECE2E6C0A4A4BA5746561 + stream[448..511] = 396490C2E87DDA2FC2F9FD4D2E468A91 + A826ED3FB2AEE07DAB6E33EBB5D657B3 + 2488B38BEE6E316DEA6439979112CC62 + 0989E9907AD83A9479DF253A75FC6683 + xor-digest = 5478F54C1B95FFD16C6C873F900181F4 + EE33E5CB58CD28259E19645FF36B4419 + FF92A289E9C355E769D0CF6F004BB256 + E5134627E4E99459CA3916BC1216312E + +Set 2, vector# 45: + key = 2D2D2D2D2D2D2D2D2D2D2D2D2D2D2D2D + IV = 00000000000000000000000000000000 + stream[0..63] = 0188DFBDAB2AA5D4996601E8CBC5AEE1 + 5254491641DCF5DEB7414FC751D52E56 + C253A98157200CE0C142C355AB961015 + 04991380F77C287212145552C000CFA2 + stream[192..255] = 6957E2069E8F1042C6A46AC8ECAD2439 + 0DB5739043E911FB9BBE4A7071A88B14 + 2867E45971D7C19BAAC4333BC176230A + A67A081EA89728380B00F5173E866B89 + stream[256..319] = B47E8222962EDF8B3CF7E4DF469C81F0 + 40431EE27D2CCC1C5D2B048C6E986681 + 9656F8E23714A227341795A9B881A776 + 9434923C01D25B4B2D60D0EA89580F82 + stream[448..511] = 89E48ABDB1A7F5BF17EC7304A951B1E5 + D152EA7EE181DD9866ABD782C7FCF238 + 66871D0B1EA30527CC178D0FBB0E6D8A + C5CDAFB27F01B7B6AA68413B3E7DCA6D + xor-digest = DFB99C93E6B26D2F079414A370EFCA10 + 5468E93AB8983DE0AAA1AEE3F8FCD068 + 3C20753931A9B13F48F10C9F71F99638 + 1AACA39469AD3EC6BC8B2ACB1DB9ECC9 + +Set 2, vector# 54: + key = 36363636363636363636363636363636 + IV = 00000000000000000000000000000000 + stream[0..63] = 6EC768666ADE02892FF522A9422F5B3D + D802727755D64C602C5BE156DCCC690D + D0237CF95B191BD29BEE5E030E1EB4B2 + CA981BED69F2F4FEBA39C9658450D21A + stream[192..255] = D62AED496AD8BC9EAE570843460EFF9F + 8CAA155E3B1619341D43D416A89C85EF + 2186E398467C6763C6B38AE8AC642391 + 39FC7D77C5DE1BF0304237527ECEF79E + stream[256..319] = FD2A2505BC2484CD26A953A460D43EB3 + 500DB0572509C1409AFB25DAF7A08E96 + 8C45901DD9943AC3558FE2D956045AFA + EC7FE93AFA7AC461E348A6FF67DFD8B9 + stream[448..511] = 1A9AAF97AD789E4003BF48E9B723EBCE + F2DB13513398FF8161D929F64C5603BE + 2D0B89D1B94E2C4A91468EF743C2A745 + 98093DC6EB5069213A1423FBD5526B80 + xor-digest = 93DD39B5F82C8B105C9A1D3CA17AEB09 + 21E77AF3235E3DC1F626D690D9306698 + 60DB7382B38C6F3EE0F250DBB67E8001 + 078938ACC2DCDFE3DC5E2F33FB4EEE51 + +Set 2, vector# 63: + key = 3F3F3F3F3F3F3F3F3F3F3F3F3F3F3F3F + IV = 00000000000000000000000000000000 + stream[0..63] = 6D05510EF24AC345594E94F58E6F5024 + 1B40AA1CD6A62F35BC303CACBB263253 + CDDF54462EC606D6969E4CC5FB719A7C + 107DB872A5119566BF72FE37363E60E8 + stream[192..255] = A1626164C36C6AB010B9A2B944ED8839 + 13A3B9522F66429A75F5E30A03961871 + 26AF86AEF382E3944B0414B274859B4A + 93881386E6A3E780802B0E6894739442 + stream[256..319] = CBC22EEB532BE4B8B80D7F10A00FFFC6 + 22A02B7426DBF648AF398444B8F8D2FD + E4265F1B50CB43B003DDB0256D9E0A10 + 99BCDBDE162E8AA37B107B316B9673C3 + stream[448..511] = A7F2D829EF3BEADAE6D84CA26C81E618 + 6F70F3D9DA4E208754EFAA5A0441D87C + 7AE36AF993E7225A9C68764C87B5DA4C + C08B54A245A296EBF399B91331A6F286 + xor-digest = 55A30CB34036E3A22AAE25981272C8F3 + 6392347B5FCE8101A66023C5B324867B + 783EA103A714E749F14375CE64985A0B + 8ACECA137560D12E941228D04A968513 + +Set 2, vector# 72: + key = 48484848484848484848484848484848 + IV = 00000000000000000000000000000000 + stream[0..63] = 89C61A1182BC868BEDA3FE4A76CD679D + A3DF3A656AAD3AF83BB55C0F0455AFCA + 1B3FBAD0B91F7B1F209E5F74FDBD700D + 9417BF9B4A22BD3B7C94317C20ACCFE6 + stream[192..255] = 1C312223B46A20BAB52F110E04AB324A + 068E6DBDB1EABEA92CDC5063E38B7EB9 + A7DB50FC4CC626761CC00B7D821EB0E2 + D40F7C8DD10F5A975A14689151B38B77 + stream[256..319] = B38D45E3CEC551950D662FAE4241E3BC + 5FC8FFA67A472B1048F45D594EA0715A + 5B1DE277264D72251A3C5024C914A0A8 + 14747D714F8CC583105013382518A0F5 + stream[448..511] = 42D47BDA13625C17FC6E972E68F3AA7C + F8F9F12B900AB9E474C0295B48879DCC + 0832FD53C3C90B641454AB4BA90DD7D4 + 1748F4AACC9AB1E1CDA8007B3B18B1F1 + xor-digest = 131A1E29ACA16C3A409ED6E201559CF3 + 3CD05312376DBF6796D39E2877D23255 + F3308D3419CBEA800F1F2E9DF7AA36CD + 03AC3D6BD228A165A885824941D764C6 + +Set 2, vector# 81: + key = 51515151515151515151515151515151 + IV = 00000000000000000000000000000000 + stream[0..63] = 70977581BC650C5D03F1B3A02672C384 + 250692C2AC94EA0F4A43723E88FE587C + 00B5319F87223F6817C36F21FB852995 + 5CCCAE243D65792A55D6F047DDE1999E + stream[192..255] = C00B41DD0BE80054F46ECE559526ED5F + A87E7196A3A20698F5048183F91ABACC + 9E50AB64D437F05375CE78D75469EB7D + 478810E1C792CE3BA0C253FB1E549A0C + stream[256..319] = C95C6CE222392307CABC95202CE59EEB + 160A25C482F4608616C80B50A9D0B771 + 732262DA67BE8319486F73E4B1FE3DBD + 1B7C97516F0ED02F1F4ABE9141329925 + stream[448..511] = 93984394395B47A34FBEDD96E50A1F67 + 7DCFB1845CFAFEB7DD83A9A7BFA35C7E + 48E44C38F9D33B3CFBB763A79048F6F7 + B6F32386329AC979F7EDF8828734A116 + xor-digest = DF2A33DFE7C90E76DB4E4F2D9AE2AB69 + EA16664B5E0031D800913B6572E1E2C9 + AD4A31D6BB088AA082195F8B4DA56605 + D32A19916474C042F755AB11EE56F6E1 + +Set 2, vector# 90: + key = 5A5A5A5A5A5A5A5A5A5A5A5A5A5A5A5A + IV = 00000000000000000000000000000000 + stream[0..63] = A266B810953284ECAD69E960C9AC8FC7 + 0B94798E55BF7D2EF54EE50319574C28 + 7DF798958FD653B5E5BBAC0519D3F40C + 4372DB7204A3FFF89F6E70BE245C30B4 + stream[192..255] = 72979FA8747EC91B68EECED4820CE7F3 + 8EF0F20240D8E04C5004D10880BBE17F + 673A427D0FD62E8331BA633890D062CD + FE584ECEB2884AB4086E3AD04F9C1137 + stream[256..319] = 77E9FD26E216E6F22D32AA89E4D02C33 + 482570BE05C0E1FAD59DCDC5A3F1315D + B2FE99C4863DE4512EDBBF45DDF51CB2 + EF472481D6BB7EF8C7AA09E45B03F45F + stream[448..511] = 0386E999B6EDB2E52F86B3792A8BD15A + FBC40B44D6EAFAA0D562C6FB2BD16BAA + 3F77F968925DA020D36A109A67ECEFA1 + CC278F022B93169006D79C0F56351DEC + xor-digest = 35BCB2796B3AD76E59C2BDA7EBD7B47D + C99236FAF5F2186188114C1A958185C6 + 48BA837A3B839CCCF55FBA67B21DB031 + D7BAB7AF52A98676CFE3EE4249A530DA + +Set 2, vector# 99: + key = 63636363636363636363636363636363 + IV = 00000000000000000000000000000000 + stream[0..63] = 14F782FCF5C88052A93AEF40492669AF + 7C92F72147C2AB2C18217144055C9868 + 3E2FBB80775B54D119A9A06AE72EEFAB + 999E85F3AE12804FABCAE539A8585492 + stream[192..255] = 663FFAE38877EF1898973355FA27E9E7 + 0BC0034A88C1ABBD2847C46335C18113 + 47F42E18C1295D07D5F75909F0B1C0AB + 45EEBED3356A930E018E262655074944 + stream[256..319] = 6ECB3BB43DC1C4A3FFE0EAECE58B07B7 + 1CB5C7763DF420859853C7973778F63B + 10EB1B854BB8CF1DA0D5DCE6EA0D5816 + BA0508E7A1694ABDE04A706A008252D8 + stream[448..511] = A68ECAAD1CF25C78522FB75D08C8CFEE + 561C2CAA9E0D44EEDB121228F4809F50 + 996B9DB89E2E2F8547578F83015C55F4 + ABE82F371A5E02CC97FC35FE7DA49AD3 + xor-digest = 83F0BDBDF9A82287A650BC70A0C8F38D + 92868DF38D150E4268526A0A51D3A9A6 + FDA27D6FDE8A1A55E856DC891B35ECA9 + 1D583E0470419BAB5C0B9ED4886342B4 + +Set 2, vector#108: + key = 6C6C6C6C6C6C6C6C6C6C6C6C6C6C6C6C + IV = 00000000000000000000000000000000 + stream[0..63] = 359B9D751379BECE129238C22647B90F + A849534C9395EDFA5F2121963D2F0B68 + D9C6469AC8A192FACBA7C27762B22D8E + 39171D3D01D6BB41CC4F2AC318407D65 + stream[192..255] = BB4795A89BA6AC0869B2BBA5891FC1E6 + 890F13DCDE5CBBCB22A85014E554BF10 + DCB0873D79A79438F39DB467E23EE1E6 + 2D2A549DC86B89FA3DF53BA5E5195718 + stream[256..319] = 7AD5CF48C01B51572FFE4E0D23FF158E + 46941F1B1BB5D7DED2BFE80BCC48A6CF + 3DBB186AD1D3F911ACD8426B2A1219A3 + 032104E3EE70717FA7D547014FD334AC + stream[448..511] = 6320933C389A66B5BD72DD69BA492432 + 01861F3524C529DC2869127BA41DEEEC + FCA5D5BA7521DED5166E70FCEC72A564 + 545FE45F29A2DA9DCCD5AB80DFD119D1 + xor-digest = 9E1E8A8A4FE661C660DA51134D1C8A65 + 3824DC5A99715E88F17245436F07E283 + E481D9B0A314B2DC9821930C80F8A184 + 2F33F4219525F3DD063CB9C32D9AAC60 + +Set 2, vector#117: + key = 75757575757575757575757575757575 + IV = 00000000000000000000000000000000 + stream[0..63] = CD479075E614524CA0B4A73BA48632FB + 01C8E9DA532912094D14606F08B81C0A + CD7556942CC4FE4900C4419E8F618AED + B53261B5B97603DC21F5FC8D57887F0E + stream[192..255] = E69AFA41D5DCC57CEE46FFF86551AE30 + D7A4B7CD2082BA8B9F446BA1A8E01B55 + D924E0D788A01D7C75B819D8B88C4074 + E97E1781061DDB3AF084A45E5A2D67D7 + stream[256..319] = 27F75AB01FE45DBF6E661D39159A8727 + 15AB7D7CB1275A11AA3C8CD55708A67A + DCBE98FD8E1DF1F787F099881C87A3C2 + A0135088B99B21631AD115A8247BD280 + stream[448..511] = A75C019250930742A65637B2E60A43E4 + 1891CE1252082CA86891A684C19304EB + 7D57EAA4F8DF4686D05E886C5496C37F + C224455AAE45F071FA654FC88CCBE17D + xor-digest = F5C14A26F22546515005E433E1F825E3 + 6395F5B59566C11C79F0435389DD7745 + 793F8C925E68A9836B6E7B03C0639FCC + CCBB3C1758E28E9DBAB1D9F733AEE7DD + +Set 2, vector#126: + key = 7E7E7E7E7E7E7E7E7E7E7E7E7E7E7E7E + IV = 00000000000000000000000000000000 + stream[0..63] = 1AFC41EB0B3A1AE62127B62AE3B7219F + C34C0A9D904D21F071424A7D07A55E4A + 69AB9FB401909372445844A367C2ED44 + 69C12FFED293DE61619AF98FC5F159AC + stream[192..255] = 48080F88453788279BEAAD61B24BA5EE + 28F0044B5AAEBA5DD6844E2F57A0F3A7 + AF19BE8E7F6DF5BA7D74DEEF01CD5B09 + C928410B02532F66C19A3E677B04AFEB + stream[256..319] = 5D493BE7C17B1D6075F0CFF7C738CDAE + 8B5BB6126A1FDD8ED2FAD3A1502BBA0E + CAD26485BD94EC5FA852AC74FBABB070 + FBC0604F69C11F5725F644FD14E5D001 + stream[448..511] = 7D3D74044FEC8DF49C8A505CF1E5413F + A63F53ED43F4B90DB3CAB6EC08E65821 + F1384E84490C6E5631B021145565D234 + 67010AD6C9A5C729C774BFCAE2D43DC0 + xor-digest = E2B8D71D68ABBFA49D04DFC8A3DFC390 + FAFFCED207BCEB9EC4B6C435A9757AF4 + ADAF3E0734268365C82DE978634696B8 + D61EF69FAF3EF62CFCE89672F1CA7497 + +Set 2, vector#135: + key = 87878787878787878787878787878787 + IV = 00000000000000000000000000000000 + stream[0..63] = DFD7B8D57A6AE51A401FA8DF38395B37 + 17507AF28A9A771149C034F3361E0203 + ECE88C484F44DEB8370D9E77994EBE6B + E05CA8E05E3DCF545EFBA53859C2FBF3 + stream[192..255] = 42996981385309DC8884D65CF2103D64 + F76567EC51266A6DE5BEBC362529B782 + C95D92A17CF4567454422BC72D20BA56 + 9DBCCA81DCD694B2B3DD88A988004875 + stream[256..319] = 43C31B1EEAA67D7506A6CAE07CF9EB0C + 838C72494C14012F58B80D0F4D159379 + 68C860E32A029B3B0CA040AAEE262CE2 + 9C50046E1CE83FF36120D3CE81EA3BB6 + stream[448..511] = BA8D089901F2F5C83E1CD485BC178F12 + 88D1B700A7EE749DDA9A96910529EB5F + 057BC8FCBCD0D542FC3781E0FA742C3E + C616578C8ED918E8F104EDC142BC7B7B + xor-digest = C9D6AB2D64CC7BDB01F89F08047749AC + 38856667B53C87F8B501CBB5F18DDB84 + 820D409D5A44FBEF505213981D86241D + 279C6749D1D0B756BAE39390D754AB21 + +Set 2, vector#144: + key = 90909090909090909090909090909090 + IV = 00000000000000000000000000000000 + stream[0..63] = C60205FE3662A0905EA10CE1D17527A2 + 7565D227C895A8C9426069A9F0F48894 + A96AB80039477BD604762F5F2CB2903C + 7642EA714B27B365DFBFAF60A6E249BD + stream[192..255] = 88DC912DB28D5A2700EB74CE8011A307 + E2A0B8FA2E9B50E38899B4AF1A0F3BA1 + 79CF4DFE87DA0BCC1E76D9A56DB789FB + 18E439849D6B8B6850D0CF8A17726FEF + stream[256..319] = 2247A96C32B9BDC5DB41E7670DEC0A51 + 73EFD83F345DE71CE0A2192354395576 + 4101D73BCB2051C08DA70CA5100C7194 + D22A6C3DADF313369CAF8E545E97E25A + stream[448..511] = 83089E1CCDEF294EDAC0006D6CF49475 + E93324D10A6EA635B2C19D285B58226F + AE271B6166A5818C6C567CDDE508B9C5 + 264C2A6D5A8A4C7D6754CD11A58A6588 + xor-digest = 2B89AACFAAFFFCC15076A79EA8D983CF + FA2CBE2BBAB4BC70464E9801B585FA23 + 618864E62E573F51F1119D32E509A507 + 458DB29422896E0A29E44D2A96FC0B64 + +Set 2, vector#153: + key = 99999999999999999999999999999999 + IV = 00000000000000000000000000000000 + stream[0..63] = A6A3260212BC1A9FCD7336F1DEA05D75 + A48B1B1662F61B1CF1589A91AA66EB82 + 25F58E77BFE7DB10AC31F318ABBDA7B2 + FBA88A57CA8AAFB83A3ACD0D78AE9944 + stream[192..255] = C960FEA579A48D263C514DC4D7173B8C + A325A16B02C87086EFC38F3271087B48 + BC51FC4B8FE936BB87336D54D35E8B60 + F8300334D0A78B48D2E97751CA571ADC + stream[256..319] = DB1859630B7E5D59366E95EE9F680F48 + 1EEB9B880A3E82C85046552A844E5784 + 3D4BBBC50923E806A1E2B03499C4F869 + 9035913D5993757A5CE2A94311A22C17 + stream[448..511] = 792B3AFBA5A9EC89C8119FB8F1CD552D + 6ADFCD61B70481760EB52878CB907367 + B2A5082FD963F56ACCD0F5FE6B67ED48 + EE81ACCBF066DD4178D39E001A6A2027 + xor-digest = 45E67FC4B7FCCEE700CDDE0404160E21 + DBFA6280DCFDAD3865FEC930EFF1B3FD + 799161C8812EB27F6A24985298994FD6 + 5605325D0979CD798F0ECE18886C6E8B + +Set 2, vector#162: + key = A2A2A2A2A2A2A2A2A2A2A2A2A2A2A2A2 + IV = 00000000000000000000000000000000 + stream[0..63] = 94DF00B66C81CEF99E47BCB9AA6B2E48 + CCB408E20D878C56A9328D2422F1436B + CCB7C8B04F8AA12BCF1DEE965EF098F3 + F78540213E755C86FA33B6117BE9E81F + stream[192..255] = DB745EADFB31EAE7A699A84FCD41EF80 + DCDC25334225F7B3E5D49FF58503C60A + 2FD73212719EA17F61F60271C9347E19 + 3A894816DBD39A313AEA33F56311309F + stream[256..319] = 75410B6F256D7E9D2C4DEA9F24766E0D + 1FC3EBC67A5EEC72BD45140C41C3ACF7 + C517E9D8BE1B0AA06668012FB1C388F8 + 098FA03173EC61CCF0252F793E42B4F5 + stream[448..511] = E41DEDE3241806F3ACE001D8ABA5C290 + 8C8D3DCC7E33A4031571D6F5BCAEBDBD + 0DA77831AFE34A4300B5677EC615FC18 + 00A2CA80FEC9CB40AA33DAA1D20D80F6 + xor-digest = 8A80F6234BB7430D1EA7C6A6998D03C7 + CBBEBEA27F9C329012E19B0B62BC5077 + CB64AF18099DFB4113C6430B842BF529 + 0DDE3BC0DF45CF836D766D03B6CDD43E + +Set 2, vector#171: + key = ABABABABABABABABABABABABABABABAB + IV = 00000000000000000000000000000000 + stream[0..63] = 77BAAA833D320DD2E8C8D36D4C1025BA + 07DB396F663C2E50CBC43E640EF93977 + 97ABF342CF471B758DC6A1472C817068 + BC7E30B49004DED1F763DE141C33A0BE + stream[192..255] = 018E53C65112E8C3CD374B892B21C1EA + 80408F1A21AF4EF02AC7CA5A6A55D130 + 0B947E0A93D8980BC2070B082EFC3125 + E37F2A7D1A5BF0A8C8D154B84D6FC933 + stream[256..319] = 0EA8A2C53BCFCD5350B3CC2CA07C0041 + 53B4AEC461D18419071470D8F4BC7404 + F34FB030DCBC4E01B98DEEFEDAC031A9 + 41C395538E95867A13EAC71EBCDADBDB + stream[448..511] = 1832583CC5A02147E6CB3FC2E5157A83 + 3BD5513D14333DE552B5E1517527E4BA + 7069DE68F47D7A28CD2DD2808DF110AE + 1F53353B654E4ADD055032D8323FE829 + xor-digest = 14C12CE94857C60659ACC9DB6FFA02AF + 11840A7E2859DB05FA6436D7B3E9779F + D21CA43BBDB9F721B5164485FEBE4034 + 7CA303DF12630D6E967C0DFD7653ABFE + +Set 2, vector#180: + key = B4B4B4B4B4B4B4B4B4B4B4B4B4B4B4B4 + IV = 00000000000000000000000000000000 + stream[0..63] = 1C1BA750879B3BC214CB843962A0006F + 54E3B0F682FBDD7AECC21EDC208994F7 + E738B69FDDE5E90964CCE34D7351188B + B3D788F435747FAA13EE208030893252 + stream[192..255] = F358238286724199C183D8C960D730C7 + 2058248249104960DD2899886625C5AB + 4844D768FB2594F2CCB751280478364D + C78E631B5ED11343A104338AB8E28958 + stream[256..319] = 0AF1A0C7A000092FB1CDA9CE6D145DDF + C37D1078C00008392BE73C2F34DC05B9 + 9FC4954071AAB16AEBA5A0D8498D411B + 5C1DAE961DC2A74B8FC992DAEFBAD292 + stream[448..511] = CF358444795D941D450F2A6F86811CBC + 2492263D5964C4A45A26AEE228739BDE + 3BC223FE507EB5B9AC6983E213F529D7 + 86473A4DB0764DCA5A27AB7B011A5393 + xor-digest = 78714C06C8C4C206EC238D4E679D96CE + 4C258C46C1EAB4E23D2E55A0061CD767 + 9AFC8C85AB4862D39768DFFB3A0FC583 + 0BD203F66B03BE4FD491E1FE0DD83FFD + +Set 2, vector#189: + key = BDBDBDBDBDBDBDBDBDBDBDBDBDBDBDBD + IV = 00000000000000000000000000000000 + stream[0..63] = AA10D434183C285709EC2706371DCE5D + 5F8C6FF0CA2B01281550AFE875413B25 + 14D34846E658F9F11BED0F93A427FD96 + 8C62380A46FE8E3F7E023318E989BF31 + stream[192..255] = 2AB885D3EA66AEDC476DC5C59C3D4888 + 2D39907B51878917B7DCF351CDD30963 + 6AD8614DA701B89EC9B141696F77E815 + F95B15AD77B96513E5ED6C7F10EDE616 + stream[256..319] = 39270D1BAC8A3028E55097217ABAA158 + 1C0B8874A21E42533720F0F4350CAA8F + 1940A83B17D328BF0FD50BF8E62EDBD9 + 5DF959FA4CEE952B6098D48277968AB0 + stream[448..511] = 21DD7B64EBEF256536E95403EE0CCD20 + B062193EBCD72EDDCB1B0DE9308D048C + B3F3C653DD93D01F3B266252B11F32A1 + 59AFE3B00369FDA024DBF392921FD1CE + xor-digest = 1A748746F13675F5125F0151D0AD6349 + 7D23517B99000CB5479645F19889E407 + FC770983F7537AF86564F5B323E0DFCB + FAEAA53AF258F151C871C83B5BEB7AE7 + +Set 2, vector#198: + key = C6C6C6C6C6C6C6C6C6C6C6C6C6C6C6C6 + IV = 00000000000000000000000000000000 + stream[0..63] = D4CE9B9AB39183E530A347FE5B435895 + 4899F18A43A1AD9F249522F7B8243359 + EB61ACCC30BB40203D3B5730736D38BE + 057C15D6A2DCCD005395C16CEF85FADC + stream[192..255] = 459CA305A8F73AA0931A56D914A51CCB + 3C6B22C1C35392464BD2BCDA1FB37050 + E2181510546024C753222E678A7CCDB0 + 77DC88DD7C947210897021A72E437DBD + stream[256..319] = 8537F62AC5AD1CDC7C6C910D45111165 + 5219E461238002391B54E7A8BD6BF323 + 1E2CE93AA581D9A8E755B33A382FE56E + 9FAC3D9F3370226EFB99701B4D0668B1 + stream[448..511] = 192691D070C8E3966467F1DAD89D5D8A + E345230E9828C9BECF681DC7AC0B7AE9 + 88656C7333BE93F103D7EE505F05C5C1 + FD8CEA2D27407EE265CD59F6BB5ED7F8 + xor-digest = 41A75368279FA64F63FC895FDC49DF18 + 1EB48E780AAE9C2F548C825BBB276803 + A4479CBFF22E79E35701B24B47B45777 + 26B5455C804E802B62704655B77D20F9 + +Set 2, vector#207: + key = CFCFCFCFCFCFCFCFCFCFCFCFCFCFCFCF + IV = 00000000000000000000000000000000 + stream[0..63] = 430EEE25DFCA972E12DF2FA3FD1F9A61 + CA16B3EA67C5131D701360C9BBF2ABCB + F2431D01590B300CF462A68FEC3C6E9F + 1F6A5BBB416EE0A098D2995711C9772C + stream[192..255] = 97D49334BC2482B1BEF901BA4A91738C + F6DD9F917862984616DA7C2FA3F9BEE5 + 1329AAADFD5B88A224C7B4EECF1BDAD2 + EE33E2C7060C1EE0E8A4E21D78D08942 + stream[256..319] = 79C06E2806BB38FE558E926E4A2C11DA + 903DC06D384D033984D2F7516ECB2657 + 4D5B5629B79C8D38E71F9A01B9526EB1 + 7E3FDB48B37B6338BCCBC914B7804935 + stream[448..511] = DA2A78E621FE1D105DBD0F7CD45AFD51 + 366533D03C446005EF100DFCD9789C5A + 06A00A7379A4D45AAEC1CC337F61C532 + DE26B1D028E72C399097A04FD7FF087C + xor-digest = F3833AF5AD9FF9AC9B227B1C9D0EF385 + 0B22FF5A0F307EB25654BFB63C61E802 + 2134A69091E5C5DC1E04C56BA2009B97 + DC9D02339578603D8EE4F50D1320247D + +Set 2, vector#216: + key = D8D8D8D8D8D8D8D8D8D8D8D8D8D8D8D8 + IV = 00000000000000000000000000000000 + stream[0..63] = 7960EC96803829CE052CCF5B8205D09E + A417C075068FE91982283DA19533A61B + EAB72F7CC93AEB22AF97AA3B4A5B337D + 36C96BCBB23A073F57F2F378B7309758 + stream[192..255] = CABCE57DB1AFA7127A13498FE1FF87BF + DF1C40DC7F8D69D46EF62996C2AADE35 + 526377F4A09FB10B4260EF7B5E700470 + 1729CD1F0732748CDAFFC14AB6910617 + stream[256..319] = 01898230BE3F6E682480C8333700A2C5 + 1FD38AD27EBBF60CF2DF71B22C827708 + 3A1476E7FCF3348FD5E4E9EEE6CE61EB + 818DED1BA0C09FB96C5B7C799C1656F7 + stream[448..511] = E49D27417583CC79299ECD18751AA540 + C7831C3A0252292EEA8242590714DFF9 + 4833393BCC56403144E68A6BB08AAF35 + 2F71C6AEA9256EB5AB5250DED6366AA8 + xor-digest = E6D998D7F3BF7EEBE45844EFD7EEA371 + 4405D07D6EBF2D5F7F5435E4F557AB4F + 7571015CEBDC2CE0A199D7FF8B0DCAB2 + B9BACAEABE852E667EFD2E82A219FFC3 + +Set 2, vector#225: + key = E1E1E1E1E1E1E1E1E1E1E1E1E1E1E1E1 + IV = 00000000000000000000000000000000 + stream[0..63] = E9AB7EE17B4734823A1522F5D78EBFC7 + 2F8112F67325BC5C12778C6F8302ED9F + BB545EF47EBF2B12380935AD8048B90D + 4B7DBC7759E27C205C94202EB64F8E0A + stream[192..255] = 5B775277917681D67800B3249E7A82EF + C5500F49E7507CFA0696D94FFB021CF4 + EC6955663CC37F9B2FF7A0345A71FEFF + 3712836C66A05C3C6FB9A03EC3D52260 + stream[256..319] = 11ECB0057615CC8244B2251E87449CCF + 0CE7805F669C762F46EF54E8E992737A + BC668204D49ADA49E51E592B79B34BEE + 248CE41C72E8A60366C9951B74986FA2 + stream[448..511] = 3BD82780875577B7ED9C603A240F1944 + 5C3090E36926793F769B11E3C6C8C993 + 697E2A0C1793AC4F39DEC882DACE3375 + D17B72FE40B82FB95575F9B7A17B24A0 + xor-digest = 996E394453A2CDE7CF809216337D1ECA + FF5FFA7414AAACEFFFFFD30CCDA5E424 + 2223AD119B3EA56D50248E7E7C0BE002 + 9640304D08A2B3D44386CEA0098D6738 + +Set 2, vector#234: + key = EAEAEAEAEAEAEAEAEAEAEAEAEAEAEAEA + IV = 00000000000000000000000000000000 + stream[0..63] = 79D2D1270B77A586ED9C3897C2875842 + 16498EA183465A96FA1D783BF1B1B070 + B46091CC3879E9ABF97ED22A72FBFF2F + F8C72DF9A3832C927FFDE6FD43D6C1BB + stream[192..255] = 4CB1C6953204F5F279F9F334AE8BE696 + 26201C8EBD488E6204DCC9823E022A15 + 23DADDA98E6A1A19BD42B37047A2906D + 19EF12702530DF4B7E597367B4463DA3 + stream[256..319] = 51500A31B349274BBF9A6E324773E5A4 + 2E91DA8482D306C7F13EE3E1975F7BC0 + D9006964367F4D8B28B389652455951C + 402AB51A4ABD06262E0E3A7A8FA3A7AE + stream[448..511] = 01F28C4729556AE8227B306930175707 + C75BF589B3711AACAD836615D666A66D + 255B40302E0DD5021EC4A15BCCAACA95 + 565BF3FB68BCF02D265F911ACDF6BA0E + xor-digest = 3B5FF103A75AFD640DEA7B686359CBBB + A888AB60348CE2FDF301267E415129BE + 46D088D9222139E96DA8D804DA3691FC + C546981BF65265FE04366053229BD030 + +Set 2, vector#243: + key = F3F3F3F3F3F3F3F3F3F3F3F3F3F3F3F3 + IV = 00000000000000000000000000000000 + stream[0..63] = D8AA78A091BFB8D90FCA94705DD86B4D + FBB2673A5ACCBDC4F69A21C3B06A0594 + F470F70DCCA273A2A72C167659B7E0A2 + 76CC3BCC20AB889E682D4E2B70BEC4A9 + stream[192..255] = FD6974FE135C1E11DDC82F2DCF5CBB27 + AF0A8A55084407C3315B47FA41D2C240 + 372C7C4B03F8F90C3201B2269D18CFF4 + C70A13722F46FFC34727779CEDD17FA8 + stream[256..319] = 6433E61D5773ECF30ECF8DA06F8F11BB + 717B268E2C283FDC7B2F7841040EEEF8 + 29216193392BA5D99405A744FB571B6A + 71A6EA188B3BF5CDF9D601ABE3312FA6 + stream[448..511] = B238D39267ED812D37AC81E6D2B29D21 + 45F9337A6E2CB426C8B43BC795832FA7 + 8D94B5E1E83C19D40D3C2B4B670F3C1A + D504DA82D6E83A71BC5E431152B485EC + xor-digest = DE1C9B7BAE92989BCDC7AD0D527CC6D9 + 4F138C8C2A1A06C1AE28405C867191CF + 444F45770CC216226ACB13D2A0A2B8DF + FD81B93AAB20EE7C19E631D9635AD0B9 + +Set 2, vector#252: + key = FCFCFCFCFCFCFCFCFCFCFCFCFCFCFCFC + IV = 00000000000000000000000000000000 + stream[0..63] = F61BEE71B1353E8E198E9300CC720C88 + 977F23274ABF7F9DEF298B97EF43FFA5 + CDFEB51DAC7224EE6DE64CE0966B358C + 9786762BE880BF00BD48FB1D3D1FCB99 + stream[192..255] = 019B52D05CEC5CFC74F2D26ADA3D2F18 + B4B44D3EC9359A132AE18B33510C249E + D56D0AA2BE16C6213BE2ED47514B70A4 + DD5FB07C317757F5981009F70EEDCF39 + stream[256..319] = 4221E9421F2C68EC8B59660512EA0442 + 64FF35D22DEC65E1ED18E3D8BA359A78 + 92FB5566DA0DA25CD5A3409EF6A6F020 + 59DD632A793886C0032864F16D827A36 + stream[448..511] = 71330EEACEE6E27994023E212D1B8A42 + 045C29F141E4C696F74A0E7500B45E82 + A0ED1F4DF8C78A93D8D6033B780BC22A + F4D8029B82AB447E0D5EEE3405EB0D22 + xor-digest = AB84F0A0D9D1E8D810E76517E5A0B80D + 0B2832EE12AEC48B5DA48B78DC4D2278 + 710DF7664ADD91B1FAF3F14F3951344F + 08515E7D43F8EB677B5CF18C487A697F + +Test vectors -- set 3 +===================== + +Set 3, vector# 0: + key = 000102030405060708090A0B0C0D0E0F + IV = 00000000000000000000000000000000 + stream[0..63] = CCF2DFC47B94B1C67DA07BE50ECBEBE5 + 9F470BFA68058E55529EC8041EAA2107 + A15DBCFF20B1E54B36ADEDB49356FE2D + 4BA86FA2C6FE08DD1E260D7D20A3D93C + stream[192..255] = E5EE7048E8EC8C7904138C6E355D3956 + 1D8A1B824D62DD5267918237E9225416 + 2A192BD543327B9D786F973479F88DDF + 152974B2FCD44DF9B77E1E9D8595F29E + stream[256..319] = ABEDDC8F46C83EF0B3D159B3A1BC6E1A + 4535744E20D82A2013A3013F864D4B43 + 01C54F2BB0F03C775738875C1116642F + 4E6BC1D551145D40A8F978207F44BF89 + stream[448..511] = 804C09F0973A24FAD6B4E7398C57B11D + E670AB2AEAA63822D70C7109E2E1CA58 + 42E2251424C23525980A7E7132BA889C + C2604FCD9F443A1A194646730FE349E7 + xor-digest = ADBA33559432364C670A33CBBDA0C0D6 + D75C6C986D073C473C96286F5058ECB9 + 5B78052C26C5BCDD6138334201B05458 + 135B363B8ADA8CDB3AE0C565C9235646 + +Set 3, vector# 9: + key = 090A0B0C0D0E0F101112131415161718 + IV = 00000000000000000000000000000000 + stream[0..63] = 759D5A8381CB183CB0A01B4A85FBD793 + EC9580339CECC9BDF7DC52F67D8D635F + 1F590575EFB26F906424962D99880E45 + AF25D68181C9652EFA590E8B1E0FA578 + stream[192..255] = 3FA014E6416459F15B5527380E5B513A + CC38193B9A26CC24C59CD6866EFE8010 + 30C950DC2D55B70495D4C11296D9609D + 670E41CCC20EA01349E28A2651318A1E + stream[256..319] = 675B1A11D7F20A18C137EEEB2D3593F1 + 7D1A284A076E4E18BF8B622738962236 + C3F07D4AB453EB4FF0E3A0BD89E21AE5 + CD17432F149B386CD29011D6864B3B83 + stream[448..511] = C2C4385B74B6A38A18590A5A596DBDA7 + 294C4DE7B15EE36F4481E275AE2C11A8 + 17181DA10309BE5B366852035C227BBB + C61F001560F03F2B361B5B8E0FADE6F9 + xor-digest = 26A33A713972455A92FF0E6D65C7A7C8 + 537BD0D9F8EEC96E03C3B39C5F9307FE + F8956D1EC10BEAF467BA86A26E846ECE + F4F330FBD9D6DAF5306DE538F0F76C0E + +Set 3, vector# 18: + key = 12131415161718191A1B1C1D1E1F2021 + IV = 00000000000000000000000000000000 + stream[0..63] = 27D21507A4F5E2C39050B1D752574ECD + 5BDC31D6E8708D1AD950E3E48C53A059 + 9FE6F7B5CD7A6AB95AB9C3FE0EF154E9 + 68882B10A2613A283C9310579F444F19 + stream[192..255] = CFD6E486D72760DD5FD1D246C5C150BD + 622052B7F1938C3EA510F3D0EE47B494 + FE8854A833EBB2C7E579EE3925B19AE9 + EED77434CF7B7AA00833904A78AED517 + stream[256..319] = C6FDE37C40A1FF7B4EA3A8DD64E7A1D0 + 7C4F25C04CE05A3C09F6EE012B458A9F + 93FF21C9EDE67FF06918CA541DD24C87 + 19931323F1C87EBC38F56308A2F5E076 + stream[448..511] = 1E9D3E112C8CCCE11ABA19E941E48173 + EAC5840A3025A88EE79DF2514EDCFBD1 + 3A581C507EA3769FC0498EFC7447C0D8 + 9135E602E06512D25EC773A20C4D1F2B + xor-digest = 122C8ABB06E644953AE81EF78CF4EF6C + A1322AF81186B8C27EB199B5EA7814EF + E6F0C6EF98781CC12FF7A988F135F3C3 + 28BB53B6D2612B1786D4B24D63BCAD01 + +Set 3, vector# 27: + key = 1B1C1D1E1F202122232425262728292A + IV = 00000000000000000000000000000000 + stream[0..63] = B98764C4BEE54B7CE1722955D29F7265 + 74D3B6D2A7F51847A8A5F2BD78218DD4 + 13BAE5A9B76EB7C2140E6D728D430CE3 + EE77FA5446B53D887A600B8C2A954DFC + stream[192..255] = CA3AD141894C09B6DF333C6C42729339 + 45AA6F7F13EA64C1E3043F2AB64FA18B + A3CF16B35E853FC98A67DEB1A9A60B1F + EFF93767C87E583C8B50BA0B80B69AEF + stream[256..319] = 0D03AEE4BC0E4260B48C43614AE1327B + 4FAA2F0813F188DA28C3CF15C433EE59 + 881DD500A53768C5A1231991386E1470 + 2295243CF3E18638B60CCC4513C83077 + stream[448..511] = 4E190889B78B6CECDDCC675FCD336592 + 8D01D945C8B9737CEDC144005A7E2E6C + 921256F89098BB560D39BEAF700CA5DA + 4F4535ACCE3439D9223E357DAD2983A5 + xor-digest = 2261129A59B37D3C9FA15E35B9DA02E8 + B6044084F0EEDA1A62641BD8BEAE9293 + A57E89120CEF2CBE5594C47F96E46C5A + E6FADA330126A4EDE047E40153D5A182 + +Set 3, vector# 36: + key = 2425262728292A2B2C2D2E2F30313233 + IV = 00000000000000000000000000000000 + stream[0..63] = F8088D4E53936A40E21B3AAC1E6D975F + 13BCA7E4D6CF7D926F6B9AAC562790D8 + E2B66C05A075737B75F8E171C70E1507 + 94437B818F59052FE5ED87BBADFAD509 + stream[192..255] = 19686CA73474C6F626390DA198824970 + 9FE43AD003953D102437DFE11DFDBC64 + 432929F934A0758B2964EC3B7CFB8C1A + BE23C6B12132B155D3922719DF28ACC6 + stream[256..319] = 55EA041FDC9CD8438EB7B9C2C5381785 + 57E53ACC75CA512B88D8531E07DF4C15 + 35F60851AC242CD46F56DD35241D51AC + 6DA52A3BEF555E2844DD4EAFAFE3CE63 + stream[448..511] = FDFB1D76CEA5E3FD0C5EE1FDA1717684 + 2120C48956F28A583B291712DEFC158E + FA26FC4A833D31B0EB59F61D942E99D4 + AF4BB42D0C0448CF8CDDBEB336738414 + xor-digest = E49BAC9E963F83F3AE70026DA7DA496A + 0764267F7F5A8A23F7AB32EA0F54D459 + 32367E47527DF738F7255CC890F15FF5 + 8160EC0C1A27260856A822810AE63F2C + +Set 3, vector# 45: + key = 2D2E2F303132333435363738393A3B3C + IV = 00000000000000000000000000000000 + stream[0..63] = 67F1B4269C402D69FFB8B84559E60033 + 07B153631D650E01A3B265739130F184 + 4F6126FA1F957C7FF5AAD71C2E3BDE25 + 94DB87780773B4A4DB3E44D231D46AE2 + stream[192..255] = 5BF80BBE842FA08B4B2EDEEE74626A19 + 69CDEF41D1E731FDCFC906F320A2CAC2 + 8B79B585B0F70A5AB48CBC5C9478E5EC + B14A387D5DB8E60E4EFC86785274E437 + stream[256..319] = 5DC02CB76EAE6800980E204AD9A315F7 + A65C57E2F38DEFCC29FB1153E7A4586B + E9FB7FEA650E326A5593568957BCD278 + A93FEC168D48372068B9A2E41EE10C61 + stream[448..511] = 61D55EB5278689230193C990EC5E65A1 + DDA93955026C14BC32E80036055A31BA + 118911DAFA9FA9160D4C37524F5EFFD1 + 2D575FF005967C3EACFDCC9D8889A198 + xor-digest = 9B327699C5FB098D15CFF2AAE321D095 + A569B6D87AB1BD20FC8FD94AABFCDF2C + 521D3D5657857A6E197B55F371351525 + 171D23F4DC242408730057CE67BE8E58 + +Set 3, vector# 54: + key = 363738393A3B3C3D3E3F404142434445 + IV = 00000000000000000000000000000000 + stream[0..63] = D9B96EA262807FB3F5A8675D81B1A006 + 1D717D345EB2B91F607B853A5A38DB2B + ECDD26626A33477BF07BF9C57FE95100 + A1F142F70DA7DC86E063A58AEB090B2A + stream[192..255] = 597883FB531AA34A2EDB6D83AB2A304A + FE522A9EA6914C556618B3094874E021 + 2316FA67BEAF7ECE4BCF350A817DEA50 + FEF5B76E72E2596A149D99B6971B069B + stream[256..319] = 6090A1AF397F2BC3ED551450EF28472A + F60EE5F2B4BEC18A8B1ADF21A6A476F6 + 8C11F76405ED62ABB7BC585BEA4B0A47 + 988A09A1D93CE2CE95B82C9C1B60E650 + stream[448..511] = 49F88E9C5E53BF43EA422682ECA42968 + 6D794754E65DCE9306D3D9FF206BDAC6 + 442655D27EF6166CB095DA4C301FB7EE + F1F5FA0225EB84CE61BF3856062A4EF1 + xor-digest = A71B962E13E66A678C5B56E19099CED2 + A15480838832FA6361C3C0B5BF47C1C0 + DC954A7CA8D7484D7889FC760227B418 + 73EB611B5AD62FB622F5FB75FE412A44 + +Set 3, vector# 63: + key = 3F404142434445464748494A4B4C4D4E + IV = 00000000000000000000000000000000 + stream[0..63] = CF11B1510C81A296CB185B1BA6436112 + 832AD2EB68B70E52CD68F9D394F5165B + 94DE467FFDE4EBAB6AFB180EE7A2116A + 1E73AB81AE4528273D0D93DD05025D70 + stream[192..255] = 26E9F1C007EA49793D701F21696FDE8D + B72D317BB958F86A35E7BBAC80D62CE7 + 0879213503B04FEB1FBF3987847745F9 + DDA9310DB36AB8F485FEBE9FA6C1C7FB + stream[256..319] = 25C98B6441F90615C6078D82B5D72F61 + 828ACCFC365CD5EC17D5CEE488A51192 + 8826B334A1D7BEFAD7528BC5CFD32B82 + 87F4EC603E21F528B51999F222817DF0 + stream[448..511] = E2CB68B1CFB640B76DBFC5CDFD192AD0 + A7E8BE14ECDF6E20F1C8FD444D073108 + 6932BFEF0EFBCB7F64E5CE79CA4AAD15 + 846081CB229C74013CA0D498DDC69703 + xor-digest = 4BB7025AEEE0FC3ADE977F13A0853FBD + 9F43393A6A0B7C91534F5F2A47009D63 + 79D0B9440D5A36A82974EE70BCF3634D + 131E754FC6BFB8DA62A05B3F4D1E9FED + +Set 3, vector# 72: + key = 48494A4B4C4D4E4F5051525354555657 + IV = 00000000000000000000000000000000 + stream[0..63] = 0CD34EBF2677F222A589B77FC7284567 + C3CD391D85E3CBD04F43DCCFF830F0D9 + 5C9C97371376B180AC2235DE4EF2E377 + 8242ECD6A257FA02F2055CC7116A006E + stream[192..255] = 0CEA97153979B13DFBFC3F04D311D677 + 9380FCA517161003A82CF5E00CAD8438 + 18341CAF98A5BB7CC4D4E487A5878A3E + F0D490EFD4834ACB92EE0FBAA3144270 + stream[256..319] = 700797B741FF36DD80F72A889696436B + A900033C957BEBA6BB3EE71AE3D79A83 + FB4EF28F39B0B3A0E36719059774E6AB + CDB4447CB3CE6CF78E30EE239F537140 + stream[448..511] = 44EE572970D5AB8C094D434DF6489171 + B657A51C610D370EE9517370780D81CF + 47A666A1556AC7B254DBFCB2D1352365 + F62B950D9457E4E364EA980C3832AF75 + xor-digest = C794C46A6A1C155D6922A7CCF4327038 + B48618EE29326A7555AC2A00122D4E83 + A4F17AB72F9A133F48750BF43344D561 + E71C69844840FE83889B542FC83D5132 + +Set 3, vector# 81: + key = 5152535455565758595A5B5C5D5E5F60 + IV = 00000000000000000000000000000000 + stream[0..63] = AA9A1800F63A3D6EE6FAAE48B615175F + F4EC441EFAADB6273B38087417E9528E + BB3E9A8D9E81C6B7863D26C24CACF50D + BAE956DD15EE335C99CDC981B4182545 + stream[192..255] = 6F8CB1506073F5BF7E656C25BB46A689 + 73EFED2E87229204BDB09910180C279F + 23341A1FBB0C40705C1EDCDE8E1BD8D5 + AF9F503901071A857F8315ED2F963114 + stream[256..319] = 3EB29DC8A63E3B61A6EB1062F189BD53 + 54A7DDBB22A6C3B7857D80E5A761836C + 4A91EC1C994FBAF781AC65B1840DD892 + 2A82AF4D6DCE1004B3FDCDE790018C31 + stream[448..511] = 00A6E02F4DCAEEE2FC77318AB9619246 + 64E1DF835DD62629D035C44A1E147D6B + 809D6C60983B9767B92A10E35A651786 + B0B0E1B8FE8BCBBEF4D02BC625E5B402 + xor-digest = CBF02F452CCC84F5D8D3556876B7902F + 324BB22F3C676D3D5C5FEA182A4582EC + 57BB18419D8F82CC8C43737F3B356C73 + CC9452557FDE07F9CB3BCC06041C4279 + +Set 3, vector# 90: + key = 5A5B5C5D5E5F60616263646566676869 + IV = 00000000000000000000000000000000 + stream[0..63] = E5605A67C46B013408F53D1D8A583699 + 389267A63163901506FDB6150CAB719E + D591787D8CEEBF1EB13E73F6A5D3DBCA + CC916D41738008C5453132A472931D9D + stream[192..255] = 0D04AC34DE63ACD3D554E568B4E423D9 + 76B22FD4C32464BBA143163B225AE996 + 4658EF46C19E5C95CA14D9677098C303 + 7C37E77446E8878A5F8794E00FD2E0F8 + stream[256..319] = 1915755636B9E8CFDF50F532F6FD6C66 + 60CA7E53C6037A532A39E56E61C6067F + 99C864B32049F95CC142B019BAA37720 + 1A0C28D747CAAB42E81073F14818EF1E + stream[448..511] = 820E743AC49AF76E030EACE4D0BD568E + 781B2AB82257DF8C407C159CFFC13D12 + 7B869E6E48C5A6BE72A5F1A9877564E3 + CE22D770D9FFE839BA4BFB8D297D3795 + xor-digest = F98873945A95030C43B22CE430D520EE + F6E4F2FF30F2545693C7765D5EB19AC7 + A096799EDB90D661B1379264D5B42729 + E2CB5479FE63BA9B8D409AB98696248C + +Set 3, vector# 99: + key = 636465666768696A6B6C6D6E6F707172 + IV = 00000000000000000000000000000000 + stream[0..63] = 2ACCA4B94538608F318E142FA9DA9DAE + F2DA0FE10DC27C804C0DCEA927CBFBFC + 4F9AF87F67D962130A2DE073D4CBD1C2 + 70A836BE81FF2EFA6CF910E6F558485A + stream[192..255] = 586AC09D4C7285B3CC8A49BBF978D086 + C628229659DA298476EBED38C7FCD86B + 59FEE45D41F480258A44C0615DBA2DA5 + E64B178A2E7EE3B02A316245152F72CE + stream[256..319] = 1988E499CFD61EC2699181A520C1C829 + 3F0AE76B30C4BD0279C937D53054F646 + B318B13703EA193F63BC83BCD501C083 + D31B8E2DCBCAA5CB4B9ACF15EE740010 + stream[448..511] = 797DB54E1E718B6ECAB6F928C3CF507A + A8E58832933F404CE1331FD469643E78 + 3F8BC3004AC7AFC5EF036F8B5D4DB5EE + 16BA7F94C39A39237EF93BAE10E427D1 + xor-digest = 75197D3AF308890C381051938649CF93 + 157F5E1200E87F7A0CCE920B1A378415 + F1DBF671C49324EF517ACDE52BDDA9DB + BACFB24EB2DDA3582DFF0F0DA9A7CC8D + +Set 3, vector#108: + key = 6C6D6E6F707172737475767778797A7B + IV = 00000000000000000000000000000000 + stream[0..63] = 5B1C1C98D5EC2E066FE163A010AB06CB + D81E8E237F4486C3C57C7DDFE9CC4E2B + 6C0C016EB38630B09823CFE1804D969B + 3CF93666F785BF5EED450D6CCAA1ECAC + stream[192..255] = 5519D71CA1AD10191586664DDFF26BCA + 7CEE6FA4C728BC0487FFF71236DD947C + C7F84A9ADE9ACBDDB04CA4576AA11CD1 + 19F676BC908335BE454957280423AB9C + stream[256..319] = BCBAFB8D31351D748DAEB21A4927FCC0 + D206C0DFD1EF6CE6425808BCBEAEE26D + DF29CD37EF61A6C186E33E432298CB7E + 94A598588A7649C3639D3EEA43A4EFD9 + stream[448..511] = 6FED1CDB9C109AC353D8F0A92B8DE388 + EF089BB8805D6622CBF93F4E70939039 + 536C12BB7952550B4A9F62B8F99A3522 + FE12D79D52456E5E2B58D899CCC0A683 + xor-digest = 9A528A131B2DC7999743397DD1191EF6 + 306AC8B7D333276AA11FC5F952DA12C4 + 890509B6B3324B57117736A2FE462B97 + 3676D4AB0F9EC5F40389BD1631DA30C2 + +Set 3, vector#117: + key = 75767778797A7B7C7D7E7F8081828384 + IV = 00000000000000000000000000000000 + stream[0..63] = 19DD8D2D6FED84E4C8983761323019B5 + 6EFBFDDE9D0DD65ACF8EA7064D876159 + 34CA7A8690CD9B688A3A7E2739C0DD40 + 87E931669B47FAE65582F217B703F744 + stream[192..255] = 118247263D78B35C87001EE80D0855A5 + 4BB82A2538BDC4CE4E0508BA9C1AFF2D + F6E3BD124EE8EBBE9C5F8CFF809B22C7 + EC14FADC932266458D049847E4BBDA57 + stream[256..319] = 3ED5D1F9FC223FAF7C35165CB00DC41A + 948089FE364B824970DB5C8EEB277D5F + E1D7EBE4133BC0B5C9AA277360AB3D59 + D990F5F7F8FB2D4839F8DF8F91BC8CD5 + stream[448..511] = CA652B9B5179E5FD45CDD84F778BCA9F + A5E029B0D5F8F8DC9F6848EC6FB90CB8 + B5D6D1F65BAF94B02FAD8F432901B2C8 + 1DF0A7BE680810CBAC3FAEA492EB49C7 + xor-digest = 1D54E85686E20E556FF40B2C310505C8 + B3E341EE7DB6BEE6761CF0FF87D56DE0 + 3C08007AC388112D542875E0F56BC435 + EF698DE5F550B2E6DADB7CF899C670C7 + +Set 3, vector#126: + key = 7E7F808182838485868788898A8B8C8D + IV = 00000000000000000000000000000000 + stream[0..63] = A865C1EC58AEB098342D771FD9DC8CC6 + 257144135060E17F794154163B5B50E0 + C175DADFE996D8D9EDC24F528B403EBD + 31B181DA7621E80465F5609656D2F6BE + stream[192..255] = 6E369A08D533239B1813FB1E64FE4016 + D5A168E7B082AC17782FD536B1614EEF + 9B96114431A8A20901442B17D359AA8A + 616CDFF610EB376A01A5424443724BC5 + stream[256..319] = A6A4AAC9510367507B3ACD133FF4621F + EF8117A2F74CE892273D852801F6B788 + 3B4CFA27124C42D424131AFFF2890AF9 + B7EB6F70917407991169997C9014C6B8 + stream[448..511] = 54DA1A3C64310F07888F043684AC5081 + B35962F34CF46D8B1BF8CB9079A0CB7C + 3AE2998F6A247D758D7C435F2A509E9A + 164A0CB7F1D9FCF1DFF99D2C7074198C + xor-digest = 44F37D188FB59A4BB0BBD69BE1592797 + 65135A26C7EC258CB2FFCA9BCCFDC005 + E9971F4128215E73D9EAD8C6B0465C98 + DFB9065DCD07E83DEC0001A737CF8DFD + +Set 3, vector#135: + key = 8788898A8B8C8D8E8F90919293949596 + IV = 00000000000000000000000000000000 + stream[0..63] = 0707B0C6C7CFDB502FBA27A9179AC77A + 8EC79404E4DF30E46B0512EAE40876BA + A0129C7C6A7D61A264654AD3C7822B68 + 80AAEF7CEAB7CDC898F11F217BF705BE + stream[192..255] = FE4ED3B451213FDF4847305FEB8E9FE1 + 2C359E24DC7AC0957DF2558D300FB0CE + D38A9983F6CA936514983BD48F80A596 + A2CE35993ACA48ABC500BE4E766699FD + stream[256..319] = C5BF4DC95100E2D7F6792F6AF5F31371 + 53D418611ED358EB8646CC359FF18770 + 93C18CF26FC4DD646ECA8C4A199539C6 + 64C92D30F2F3D652DD2E4CF66A6F1725 + stream[448..511] = 588425C16BD8DDA6D1D34950A40E35C1 + 2CBC1F62542B3D3F6AE4069DA42CFE09 + 8B36BAFC94356A4EFFA655EF8DFC281D + F47FA499717D95FF7CA81EA175E2D6FE + xor-digest = 4F543EF4ACADF04EDCEAB6841B794C70 + B9CA52B336CA4D6696E5AF632271367C + 29815CA30CB0528546FAB08A6AF9016A + 9B25460BD71FC1D00C516961D3A0B448 + +Set 3, vector#144: + key = 909192939495969798999A9B9C9D9E9F + IV = 00000000000000000000000000000000 + stream[0..63] = C95BF1BBEAC136B08DB163D8A12CC5D1 + 53D2C485C257E16BB5EAD3B93BA84D32 + 352DD608CE457C3BBC55864B1FAE0296 + 1180FA7063C3E9AA05A471F89E9E8C92 + stream[192..255] = 112D3B048885FE87290E91C2288A605C + 669795CAB3F78FE8C6E15204E0FEFB5C + 9D0C690C2CC57882AA3C276E94414DE9 + 376531151D9BE1DAC6D784E95FB196B5 + stream[256..319] = A073295F2907C05C3CC3A17B8E404338 + 0BC74C10864FE1EC6F043DDEA356CB48 + 4159EF66A944668B55131F4BE61D7F4B + 4EDA1CCC0CDFBDFFD79B9A37D4E0DD01 + stream[448..511] = 42834D089F1518A4E6167174E844E51F + C31BE2238B7C2F306F1DCC3FF7DD30E6 + E9B0CD089B9F9280EE40D3416339E1D3 + 47F0E29593168593203825261191D02E + xor-digest = 86960034091CFB6A6767B53B66713632 + C6272B95347CB92D8D084E8794984516 + 4AA48669D26826E2C84907C2CEA78727 + B0D3C9E240A361FFA661F00670C3060D + +Set 3, vector#153: + key = 999A9B9C9D9E9FA0A1A2A3A4A5A6A7A8 + IV = 00000000000000000000000000000000 + stream[0..63] = FB01986DB035CCE47390DB060C6A31D8 + 3C9E93F728E785ECECE34E41D81133A2 + 69C5917545B1FF479F4C45BD1F6AA46F + 3F9591C54F3D67A8BA7AB6DD9D7D07FC + stream[192..255] = A056ECB565EEEE24B5C42C501D78882D + A9AF1A9B5BE4DAD286E695A23D516D52 + CA83FEDE7CA0853C01D8043CDEE992FA + 1F71C90DD5C3C95ADD5FED24575A4DDC + stream[256..319] = FBDC6515174B6E51F3A9804AA2C34DD6 + C03F0EB5202CC36D5602D58A2630390B + C9D7A452680F152767F4558B3160BFBC + EFD49175AB0FCF62D2FCB8E78E1CECA6 + stream[448..511] = 774009D68AE972386F6F4D0467963670 + 3E08B4CA05B801C5FC84376343B505F3 + 37B9052F7280733BDCC026529F48BDA4 + 765D1FB436CDB3DA0FB69F148894E8A9 + xor-digest = 41CCA3720EF5CE5F8EFABE447C3BEC9E + DA338E5ED14ED24B21F66BC010077475 + 16C61E91AC9E3501F2E8D9DE2E619ECD + F995AFBA554A8AF21E89EAAD9FBE9913 + +Set 3, vector#162: + key = A2A3A4A5A6A7A8A9AAABACADAEAFB0B1 + IV = 00000000000000000000000000000000 + stream[0..63] = 0DB9C95EF6FA9E4F256789098C2F589E + F5F2C63E8F38F81661A22842C4058E42 + D62675CF0F435C6441A905C46A5E2B55 + 98D87AA7483D5036DBC6DA6F795B95F6 + stream[192..255] = A195496ABF83B1EA9BAC8FD119F0514D + 5C01B2A262090DC52DD00AE0689DA3E7 + D9AD502FA2F3740EA254E8542296A3C9 + DD4D7ED40EBDAF2237157BB197887DCC + stream[256..319] = D5E1BC7E5C9B1F47FE69662C94D2C83A + 8B92217E877379F8BAB56CDBD5406CF8 + C18E1E2F223226EB9ED272BB66F7AD60 + ECEE3CA6C84A5E1BBA1DA733066C0D6F + stream[448..511] = C79F97FE9EEC3023430857F95A1541EC + BEEA487C1C072F81736CF02AE97D1A77 + 2C81A69FD2C58D85976DE47F09958BCD + 4382435A952C27B45EC6E387EB0A0333 + xor-digest = 65E3A3C2314794333A620A28C23D5EBE + 884D04CCEC9F7EC8892535B5E937C9F1 + D2B993451DC35047872F562C9ED5EBA8 + AD36B8B67325032A2C135495CF8A1683 + +Set 3, vector#171: + key = ABACADAEAFB0B1B2B3B4B5B6B7B8B9BA + IV = 00000000000000000000000000000000 + stream[0..63] = 505F4C9084D6F5C640C214EFED9E2DF0 + 8EEF8241ACAE98072B5B3EDB72F1687D + 586B2569DC7F58DED2C2BCD134CB6CF3 + D80A7A879D7878C080A5BAD5ABA1DCCF + stream[192..255] = F38E694DB538EA115B3F765694B7F647 + BD16B1E50C927528B13FA2EB811E8E8A + B7A56FCACD80B1E7861733E0F8289E5B + 3C461080A858FCAFC85748DC11CA007B + stream[256..319] = DEE9825C69B6F6210381ED04A152A029 + A7ABC8D6C23D2895B968142E3A9C4D16 + 8059A067F309C2E9491426BD0953E4B5 + A6E545EE62D4E9363205FA50ADECE92E + stream[448..511] = E2C07AC69B0D646D013AB6129A979A80 + 0977C0B2E3505CD4DB4CCB4C2D02A936 + DDE87099B8F69301CB8A441A1CE6EEB7 + 9EB73A32F54D1B3AA1A5FAFAAEB0BFF5 + xor-digest = 58B7C17AF5B37A6806E8019BBC243F2F + 779B2961C0FF27B78EA54587FDA31F4D + 43AA70643AEB9BA547F814C57107B760 + 8D3DD6B06C6CA5BC0FE55A31274B4B5B + +Set 3, vector#180: + key = B4B5B6B7B8B9BABBBCBDBEBFC0C1C2C3 + IV = 00000000000000000000000000000000 + stream[0..63] = F43EB3DC7366C02A6EAA1BA286589786 + 3A2221D8679C3F0399B2119FB09D2717 + 8C262A1CAA0711E961209288EB03BC19 + FF9FF74773B10AC28295FF3BEF1E2B70 + stream[192..255] = 453BA5A1529349A29B1CC75B9835E642 + 9587A1E06F96A5E575BEDFC7CB6E6C79 + C7174D10F908C1688E9CDF6973971A89 + 2764D7412F054D772BF3B97B194717B0 + stream[256..319] = B2353310A194E71847B541FA5A301E56 + 6678FF7148960C4C2EE2139A338EDC4F + 082A79EC59E094AE01E3D9585033350F + 7E7255838EA448658ACD1D1B56546188 + stream[448..511] = 647B02009ED90BB30849D5136432AD33 + 759097A5BB30DAA7D768FD7F7F5FFCE8 + 513975CE19501ECD4E194A1C172F7A01 + E75BE6598CB0BBE4DEE6E1C364BF9C36 + xor-digest = 890A2D288B3BDE3AB9B9214DDFA6BB03 + 390FDC8925358A0C99C44543C8EAF224 + 64635D46AE1FCE0CA494A6BC7F127F23 + 2B8EC742C518A73F6B2DE22F2F564749 + +Set 3, vector#189: + key = BDBEBFC0C1C2C3C4C5C6C7C8C9CACBCC + IV = 00000000000000000000000000000000 + stream[0..63] = 17638771CE9C92633C8820B9FF9A7D20 + C0BB3ADE5D49E16EE463A6F768D0191F + F624A8E1E36DBE1F35EDB6EBA4587DA0 + AD633F1E6CA8072A3871C580037F202C + stream[192..255] = 36358F7049F57244EEF847ECC80803B4 + A9EDB8B97CF098F87B047D02FAE2043A + B4370B7C4E87777E049A79CA833A2F40 + DF221E8B34B710591A24937D19F39BDA + stream[256..319] = EC6A73C4A816CA1C3D1DC0B2A1AE5409 + AFEA32DD3B961BCE9F27FDF8B46E8300 + 28C2C75C0596D1394E579BB4239FBAD7 + 258C7BC7FB9E1C5465439177E454FA6E + stream[448..511] = 1A5ED8E740246F0744218C31668F081D + 333CB2C4416504584CA1AB6E7C56C82C + AEACD22E01CCC23C1A9E8BE94AF90C7E + DEEE590D8F75C9A1EB2134CC1A44AE0A + xor-digest = 2D664EC9400F9864BFB1CECE43DF3971 + B8EEECEFE3507CE09F6572A9C9743EB8 + 58B433A6FD2DF24605BB505B4D732050 + 8C89F38BAD818FB3893383DE2C1ABE08 + +Set 3, vector#198: + key = C6C7C8C9CACBCCCDCECFD0D1D2D3D4D5 + IV = 00000000000000000000000000000000 + stream[0..63] = AECDF83CEAFC62A35AAE0B56DB5E6608 + 3ED8144A470316E5768F898741181B39 + BE1B44248B79446A2B8551A7F71009F3 + 4BA3799E8967A961169A2949979698BF + stream[192..255] = 1162529D235C48CBA87E0FAED1209825 + 4F0C650835F5A0C44B01FC1AB0A53ACE + 496709D34D632E42A98CDA3A14E033AC + F01E869A8263D0921619C26D3EC150EA + stream[256..319] = 30F569D183A30142A2C85002A7768DB1 + 1B12025C41B0331458BE45DC53608B11 + 63E130EC0D6940C2DA7BCB40881270F1 + 1D79B941B6DBD4B53A093CDB9DC3BB08 + stream[448..511] = 6170D203CCDDB9E93F3BBA8E195214E2 + 485BCD5E96031B5848C433D2BAF4AD4E + 2050902F0E6F0D71D034909B58EF6E3A + D8D72DFF40449A96F9DB8A2691FA02ED + xor-digest = 8D8C29A1126A2C135938D456B61C1C22 + 88F42EA3CC4AE32C2D9AF46A3393EA9D + 13719D95D2EE3F62D261807FBD4B504A + A189EF6CEDF6DE1CBD0C9223DC485044 + +Set 3, vector#207: + key = CFD0D1D2D3D4D5D6D7D8D9DADBDCDDDE + IV = 00000000000000000000000000000000 + stream[0..63] = 03FA3028E50F89A3A26FE0C9A59D4D8F + CD4F6664621464876D0DD0070C3C4A4F + BEA73FCF1858F583277C9A8AB098DBD2 + CE9DC0BD491A0069D48812B45D99BF6D + stream[192..255] = 4BFA1D3877F91E02E7B59C2BA54E80EE + 88FD0217E82EDB379B54F8AAD1B87308 + E908A3740DD0A6BED98D95A89579E18D + B12960A3E8C2DCF39F84BFE48CD9D8EF + stream[256..319] = DF87530FE64F198DE0F5685C24E6F752 + 776A64B5355FDCC7A734A195350A05EF + A9BCBDC50D12A81CB89F49F330EB2796 + F3C0EC3A2AA823AB1787B4AE2E9F4B84 + stream[448..511] = B62D2660AF636D037FF77CB2DA14EEED + 1DA4C10E4C34C3A170F00753256F021C + 6B8058A71680B8AC68F0E7B73D491E77 + 21CB13DA097FBA6630DC814920993501 + xor-digest = BFCA05D3C5A76AF3016B56245C890022 + F173D207ABFA1355C4AC75CD44440227 + 40BDF92FA07711FFFB49C3FE49F63375 + F242014728E308CE8261AB6971D82EBD + +Set 3, vector#216: + key = D8D9DADBDCDDDEDFE0E1E2E3E4E5E6E7 + IV = 00000000000000000000000000000000 + stream[0..63] = 3FF2373E4F64EA27FD8C86D971D6C497 + 9AA558C47B291B686BA3EB4C848320B4 + C2614E739FC890F78FBAF82DDD01EFE8 + D93CF5A5068A0BCC4FE41F87B4FE82D7 + stream[192..255] = 7BD47D4550A516BA255A572D948C143F + 8B46F2FDEE81E80D21E9A64A27A89FC6 + B00BF842251F5094326BA41055D83D75 + 3A7A4DC88643BB8D8207CF4E6B5D6360 + stream[256..319] = 9EC176E21634E97E52F5D8D42BEC590A + 5F4A6D0671BE640B7AC3C790AC521911 + 3862151C7EE904BBA1B1254CA5FF8A72 + 83EE9F0A3CBA3A0A38F3CBCECA7AC751 + stream[448..511] = B87FC33D6F13852603A069DD88143790 + 4922F8B3B98D383B7082257077DCDD01 + 1B2B0390F6B680719D91B815A0421DBD + 5F3687097C63BD0AB1B59EBC12441A43 + xor-digest = 819FEAE72A30198453E6B7E0566459FA + 3A325C59B0B1BEC7B1311FEABEFAFD0A + F7EA6A01603CD81DE8E338740573C01D + 94D57B04AC8F4D5CF26DDCFB7A9A85CA + +Set 3, vector#225: + key = E1E2E3E4E5E6E7E8E9EAEBECEDEEEFF0 + IV = 00000000000000000000000000000000 + stream[0..63] = B378200C66DABE0FB33FFC336DB91F9F + 25F65CE152EC1D11738AE1DFA2B419AC + 31AA2F559A63CE39B8829E2E880437F5 + 7D83E3680EB41CF262A6F8025EC8E733 + stream[192..255] = 739C9F273A1A8312214B4B3FFD58615D + AF751344F8D36BBD79A11BBA93BD0AA3 + 34CA56667A6B4A98B6209F0765D9E4A5 + 163756D6AC6861A8DE65777B9B5F4950 + stream[256..319] = E7C1F35E0596EAAF7954E0C7F0423C54 + 60E23A0106FEC3F1C4EBC571AE016BD4 + B232C2E0A8C079EA1A5DE6A2D18B1B79 + 5E69ED4DE32AE2011805A439493223DC + stream[448..511] = 91D8B977B8BD9F8E84C097AB9454FFE7 + 794908D3B1D98729036CF2DB77056F10 + 582C1D1EB084EC97943117FA428C5B9A + 7ED1736E05BCBB55E9E0ED1FD0113860 + xor-digest = B05B91E712072C9FE4AE5C4BCFF3AAFC + 954380E58A9F264458EE46ACE1194032 + 2B1CAAF21117E26A6B490A1C93761A49 + 92982F4277E36ED3C4B74D31D3BB2ABA + +Set 3, vector#234: + key = EAEBECEDEEEFF0F1F2F3F4F5F6F7F8F9 + IV = 00000000000000000000000000000000 + stream[0..63] = 77D958F664235976A8696CDBF0A3362C + BCF3EA19D524F379B02D403F79F9A067 + BBE8F1365B0BCE68699E0A0DA273F117 + 2EDA63B4558B062EF10743740825665C + stream[192..255] = 99B50E13CEA45209DB8FF0F3FFDB568C + 7EFDB1E021435065668313F23A57DD75 + 0676F550EB7C5C5FDD65EBA84B00AA02 + E41039EBCB5AF806339054EC8E9C9567 + stream[256..319] = 64CAF7DF8BDAA26D9BC8B49F99CAA94A + 0ABCD947E23AD676E3CFC95B4461CA78 + C17DF55D2ED805AF80B24BB57E3372A5 + 4F7BD4B4A1A0F65581BF0D409198199F + stream[448..511] = 98595F685F9884606A085383B2437A8F + 8D8B7536D30C693B13FDE9F19DB847E5 + 22B1C305A9BBDBB1F0D402A7794460E8 + DF5A4E719CDF48986C7E0B91A801742F + xor-digest = 54D02F27FFB007DF1686027BFE0F4978 + 01C265DAFA66F72EA530F37F82E8F25B + 35B6D7E2BBEB36F4DCB98C7526A727F1 + 452296BB074B8BCFB878A5299E052B9B + +Set 3, vector#243: + key = F3F4F5F6F7F8F9FAFBFCFDFEFF000102 + IV = 00000000000000000000000000000000 + stream[0..63] = CCFFAD20ADF1C4B744BC6B2EC9CB29B9 + 12F5577164F188BEAD1B8F5884619756 + 350C6514969354F92C33DBEB3553E546 + D00B7321409CF15C2B1BF1D30E1B808E + stream[192..255] = 5D2AB87447F536F42DC3423A3F5E0C3D + 354B648D49A1D613E741FCA61E450D7F + 4777CB7F19557AFB0E3A49E8005255A3 + EF71C5389A5455AAD803CAA30C75E263 + stream[256..319] = 53764B5DDEF40B7C66414E2855FB5D70 + BCE612CB71A7478D3C8D6B42918BB8E1 + 4B12B5D48BF8C464B60214CE96E1CB2B + 6055A167B6BC4BEC2FE87B4C31441CAC + stream[448..511] = 2E4FCCA6545573B051885454D384B365 + 546DE212F89E14DFF2B27A97FA3D5CD3 + BA797DAE4815E8E01629F4A95321E1B1 + ACAE5AFBB2E1FF74D0FA5A31E09A76BF + xor-digest = 4DCE3E84B2FB36C6A268933805F307D3 + 6B9F8B2ED75BDFA9528F14E96CDCD7EF + 77AD88BB08CD19BEA854C1F66216EB4F + CF23FEC02A128FFBE7219244A72FF66C + +Set 3, vector#252: + key = FCFDFEFF000102030405060708090A0B + IV = 00000000000000000000000000000000 + stream[0..63] = 87E3FC12C86A001AD83DC4B364F49F3A + 331C286890826198B6D4937E6804F17E + A9701A1AE8BD09185C1803649959AF65 + 1726A25C54533924E6112F923056F09E + stream[192..255] = D6E5A2371EC564FD24213259599665D7 + 9A31404C3493E005F611116C7F7B48FA + CC6A949BB1746BC5EFE93D6114A1AD5D + 444A9A0391368106BEC2D5DAB96343D2 + stream[256..319] = DBB63AE5E1B11D8A014CDECDE7B03DE9 + D59A473563285D52DBAD3E7E4C1E99BE + C455E7CAE251B3AF52234CD9DE49BA55 + 2B19E5A721C994EA57AFF2239B42C0F1 + stream[448..511] = 339B85580D35BA903A85D2B45249FC31 + 182D7E1B894DE9584906C2E210319EA1 + 168E2E9C582CEBFCD96BEAD69E22CAD1 + E9C5AD2D5E3B708DC1F6B7E36F6E65EE + xor-digest = B3DA36B9D7E12E6761A1C7F8533370F1 + E1D4C4EBA89ACFCE4F24FAC989A7BA87 + A1E0E61BD5A89895C04513D4813FE066 + 6542738B77319BC7282D3209CE08CEF0 + +Test vectors -- set 4 +===================== + +Set 4, vector# 0: + key = 0053A6F94C9FF24598EB3E91E4378ADD + IV = 00000000000000000000000000000000 + stream[0..63] = B1B7CB35C1FFBE7A34E645B05C98501F + 2364C719BD94186DCD66351EDEDB5179 + 169D2EFD6BF03AE1B149DA229BE5C961 + 37C10C3210F8FF34B51A366E437DE0F3 + stream[65472..65535] = 5610AC7C3006ABADD3E0AB13B3D7E945 + 586A00964AD6DF9939835FD46D8B2327 + 15E447AA5D5CC4BAD03A495DC38BBF1A + 5C86A7D608D397694BCCCB029ACD1883 + stream[65536..65599] = 1D7469F8EC3D021C5FB418A0D46A19C4 + A632A7C1BF298B500ACC2D5C39384F5E + 7837C964465FBF3990602BE3381FF556 + 38114E41DC091B0AC1BC51FC6E70F98E + stream[131008..131071] = 5F1A8DD0D98D377C1378785F9EA7A3E4 + B17C9625EFE2650D845A4BAC7723B193 + A3AAC199A1950D7CB1D66380A566A8BE + BBCEB0DD7A700C5ED74E55E29933FC6F + xor-digest = 3E9A70E4A49AE98473313B957F781F09 + 237A172CEFC9068D4F95CABB57358B7F + 40839FFF4258C8BEB466A975B4261753 + 02BD1F4B9D4621436213703A3B99A719 + +Set 4, vector# 1: + key = 0558ABFE51A4F74A9DF04396E93C8FE2 + IV = 00000000000000000000000000000000 + stream[0..63] = 54182309BD782DEE44FB59B0EC694920 + 2B372AF8D715271A96D87867E65A067F + A5E52B455B76D400537B5D47C4AC318E + EE4C2ABE29F56107C213071C85828605 + stream[65472..65535] = F7D1475B3FA625D86467D4C24915038C + 43D9B81A13E7A08B333B8232D7F849B3 + 1442C014F49EC5814E15B607F11A73A9 + 61C04D305B2F71B7B22DB9D6055B7371 + stream[65536..65599] = CA286F0F05CD6C3BDDDE6108C8A0AECB + F6ED3FE2A39A976D7970FD100A242464 + 42D867162B87DF26EC2B04A990AA7305 + 94C8072994E80B2D6426B90AD0873B61 + stream[131008..131071] = B1FE56B55C9BB460B8EF4F9157B227DE + AACACFAE9009C61C16754EDC913AE3D0 + BEB00C99095C48A12F4485E9AD56BE6A + 6F9C214ED11E94086F32F945C0C3F6EF + xor-digest = 4667B465D4CD7E215B6594B648B05EE4 + 7D2770A69F5FB3A49AD66C1C823F2E6A + AAEAF0680A232F35EA7CAE919F477301 + 0AE66193179E51600ED840D5047F5493 + +Set 4, vector# 2: + key = 0A5DB00356A9FC4FA2F5489BEE4194E7 + IV = 00000000000000000000000000000000 + stream[0..63] = 203C7A9050F5E4F98CB72D913B8E7FB9 + BB2635F8ECCDBFCD231B4EDCA96A24A9 + 9F71BDD76CE42B982228ADCF9385C702 + C2A767488DF42D5DBD8DF2884225367B + stream[65472..65535] = 94E590E29B3A371E5638E55DA4AAA1D2 + F2369CF9EF69EAA0331B4AB01FC1D7E4 + D27A41EEF2C15C51256EA111933BB71B + 5E948DE575258966A03ADC426A3AE9E1 + stream[65536..65599] = BCE13EAD9E39CCB67374B7D845B1B347 + DAF7C440162CEA622CCA3E34E9BFE35E + 10828358DB1F595C19A0A0CD16C127AC + D49903A5159564038BDA4EF156F9D004 + stream[131008..131071] = A4300187C3E146EC1C0F3568C147D668 + D00BAF2EF5E1F71686DC491745C6FC68 + 27F54AFEF7B2DBF9F65D5FE549B96919 + 4BDA10595556840647DD2A4BA22EAB63 + xor-digest = C575DB999E785911A2AEAEA074EA0CD9 + 2BA978DA488A3657341572F1B33E8009 + 07977C738874012CE18E487514FBBFFC + A2E645EB4632862812B7596ABAF1ACE6 + +Set 4, vector# 3: + key = 0F62B5085BAE0154A7FA4DA0F34699EC + IV = 00000000000000000000000000000000 + stream[0..63] = 4A82E7937D7C52907515CDDDC1E8445F + D0ECAD783B25079AEDF9D694CE70B723 + 792E33F6FFFD438EECFD3DF933AB48CA + 7EFBB13A31C1E3E86249B8F9D188B7A3 + stream[65472..65535] = FD302A0A44AE5D3BD5554C508BD70D8C + A1803BE72ED426B8D57CC13F899A846E + 5A7A326AB25645EE27A84973BDDB82EC + 103AB97C16080C5FB117E10A8E252A4A + stream[65536..65599] = FAF43B81BC56F7E44BF5FD5F49581FC3 + 51244ED84492382D28A591C022073350 + 4F7B0267105D68566E9FCE5B52B7EC5F + 12A9131FACDC489279F8AA8E9E8E0A2A + stream[131008..131071] = 37C98A0BB719D5E166BF79AD35EBA109 + 9560BFD07144560F4BB91C88B34C008D + E7665BCA98D7B65562B57CED509684C2 + 6AE9011D0A9D674F30E7F9DC37E680D1 + xor-digest = 7139AAF66BE2A8CF28852D9FEDDF47AE + E1E229905F11F191AD60CDD2E1C9433F + 41F1D4BC92B10C8B988824C86B04100A + EFF77A48980691C5636814E04F1A656E + +Test vectors -- set 5 +===================== + +Set 5, vector# 0: + key = 00000000000000000000000000000000 + IV = 80000000000000000000000000000000 + stream[0..63] = 337F8611C6ED615FC2E7D28C6DAAAF1B + 2382AE24592D1E61218220A3775F529A + 7F050B7D4262E3600940F167742FBE4C + B0C147B3C0592523B890E76F59AFA3A8 + stream[192..255] = 47B4B94D6032E42E28BA280B06863134 + 0E65EF25AAE97BCFF5CA83096477B186 + 352757FAF40E7DC007FAF51484B54651 + 2B089A7BD3359258F3E8C0E3DE07C316 + stream[256..319] = CAC4ED541686A3BA14A68CAE81C0B1D0 + D973129F8FD712F1E344CC7815614B23 + 4412F351202D4FC7B622D905B8AC50D6 + 59613FD8799443F89A8E403EB46F7492 + stream[448..511] = 5C4ED1241AB7210EF543DC2732594AD5 + CC5A18AA3AB2CCB9B2BF17CAC28F6105 + 1152291EB8674493A12C0B3CC2C7EE09 + F1A258C5E078080F5EA70F3F587BEC5A + xor-digest = 4EF4B4DCF35FB72D210AE0546DD4A3FD + 9FE632736122E80559A32FC165E9166B + 59E2BB15A066307C88DD32611EC849E2 + A54DA4B47C5E52AC26375D2585EBE798 + +Set 5, vector# 9: + key = 00000000000000000000000000000000 + IV = 00400000000000000000000000000000 + stream[0..63] = 982727CC7FECD8C15B09E6967B624366 + FC902BBFBF9C608B240626B735C6009B + B6969A8D40EFD0546B056B181561034F + B51A6D7C7BCB34447CF5CC560824BAA3 + stream[192..255] = E8E61B734A6EC0DDCB4DF3248749B14B + 6CCCDADB8F24A090B7E5A49603C475AE + 8B6F8353E12FE7D8CB3EDA81E6DE9778 + 2C52BDA59FCF4CFB2BBAB2D196E08C85 + stream[256..319] = 06594AA97EDE3ABCD9458DEF29A7FEEE + 91965BACFA6A272B31BB644596DC5C66 + 8F93AAF38F1EFA50D88A9517DFB4B409 + 9E91F5A1B07C9CA8F36330840A6FCF76 + stream[448..511] = 32784F6FB85DB3ECA696DD98D75A5031 + B3ACD087ABEB6489F20429EBBADF8D87 + B0D7C4D54A8A80FA835B5FCDB901CF32 + E60269C5DE89409A61ABAAB00B7D8B79 + xor-digest = D696A18B23B0927FCA5B766F8C19CE2D + C98F40963485D0A77D92D0096334B9F3 + 834491F8FB7C5D8BEC499F28A37B7DB3 + 8E8A6291C1A6F73938B7AF2B74425996 + +Set 5, vector# 18: + key = 00000000000000000000000000000000 + IV = 00002000000000000000000000000000 + stream[0..63] = B3EC726B0BD04F969BB34A0DFB1AF9A0 + 880ED66663BC845BEC2CEA9BDDCB0E3C + E6FD6CFE389D544D863AD6B55F45F4BB + 14BA866A72D63E4FA83246498EF685FE + stream[192..255] = 549E7B93702F139AA76FFF7CBB04EAD4 + C091015E6455A9855E3EBE4AB1A80737 + 9E3E9C9418B909CC26E53470CD323FCD + ECE6BAF53D45BA80C4F03A412FF160C6 + stream[256..319] = 9599223B02F81DF5D31CE7FC6FD92D70 + 71ADB8985B61709E6769EF5065905E46 + B0AE83DEF7EAEEF01A49D5D855035AF8 + 6AC78AF9C14A3F8409773252EAC28D4D + stream[448..511] = 2C58AF08679A8AE28AF30688B33C417A + 392A6E8D6658D262EE24B479CBC4BA4A + C5DCA537CCE7B110489817F9D2858D95 + E006D338BA92D7FD664F9CC773AB67D3 + xor-digest = E52013C82C2088C5B76988031F0A0930 + 6322244F357700E3D3BDC71A2385B4BA + F6894A2B177F7BA78D5935521CDB5689 + 31F7706AE3413B10128CB903D7E27160 + +Set 5, vector# 27: + key = 00000000000000000000000000000000 + IV = 00000010000000000000000000000000 + stream[0..63] = 6727DB24106CABD6C3A14001BC9E3B5F + 90A47B78181576CF5398D8F190CEFC10 + 6615BDE30159225DD3E14A2F827DA07D + C230D11AFEE96855EE06FB02D23998D9 + stream[192..255] = 7B9AD4C2472D5816B963BC168F725083 + 0E900C4E4994711DF7FA494A04A7CB58 + C9CAD5513E8C554B47060D9256B4F276 + 2CD9790666A3C831FE1A9250C2C1F1B2 + stream[256..319] = F8B0EF0C84EC8375A17C8C36B9F75690 + 30D6D04687514709215F79B102304807 + 3FA3F284155CD677B30FEDE6EE33DA7E + 5B35636C0F8E981AACF01CFA4E7B00C8 + stream[448..511] = 023E93B9B5A526DA400CA8A818E506A9 + F5B0438F91264727C4FD5CA2FD4A845F + 3F2A6E0617A5619CCB0B691C2AE2F459 + A7F4764CFEBB22D8FC6AE8E28B08DD4E + xor-digest = A6BB0A1FA9D79299B2FCD3AB9DFE04C7 + 9BD7B88BB1A49AA7227E9BBD0A211677 + 283EE5CF808DB24D05227305E67915E8 + 74CB03402736AC8FFCD746B5AA4DD032 + +Set 5, vector# 36: + key = 00000000000000000000000000000000 + IV = 00000000080000000000000000000000 + stream[0..63] = 4BBA6A59AD3C1A7298CB38F244AEB7AB + 431AC1FEC2D091C4952794AAE9DA762B + 0873BEBD04FE1CD68D08654F1DFDD956 + 59EF5E09238984D834F2631D67E16EB1 + stream[192..255] = 945C61BFC21691064FDA05A6162869E6 + 82800A1DB8E19818C2AB13A9280C8CCD + BF9508894CCDE69ABC8A3F0CB2BA545D + 3A6D6E7D6E8B5E53683DC3E0018BE954 + stream[256..319] = CD87390C68404079BCE794A554FC4DE9 + 695AA78E626CF79094CF0374765C1ADF + 8C4054AD4B76535008F8466C806D1775 + 1987361A852DB77F2CDDDDB34D00A15B + stream[448..511] = 319081F4D93C649E6D1D8C4999E0A03C + F4AB23E4EB796B337C84898D6D9F083E + 70038515611FA040E686B893D89E28DB + 862C6D36F791F27EE05ED97AC636E836 + xor-digest = 1B86F56D5C6DDA97E2909873A042A48A + C3C102D22F88E8648C0A7DAB5C34C98F + CDF03CD03B6106095E3BA34969B67886 + 8AB4D93CF24042F52DB659591D72D0C7 + +Set 5, vector# 45: + key = 00000000000000000000000000000000 + IV = 00000000000400000000000000000000 + stream[0..63] = 2DD3C3CF5E6965EA02C31ED6FC539EEC + E0B8D48345113E978230ACFE35089F9C + D8EC821843DBC90E54010C16A8AEB245 + 5881FC16B5CC21032958DAD18EF55469 + stream[192..255] = B9299DC95D2F192F1C53FF23432158DC + 2746F64242CF9368D90FA217289BF31E + 6F08692251CCF86B2DEB7ADDD14D8E37 + 0E4D877637A2D499924146D89CB77F44 + stream[256..319] = A6F9EDFBA2E22CEF8E14BFE5B31ECD14 + 4114A045BAAF0458BF149F073DF191E7 + 022A9E518212876F7D6C99F1DDFACCD7 + 8E0DE69FD43FFD26EBB7E240B5F4B864 + stream[448..511] = AD29FD814401DB358AC8B2A911E743A7 + A594C9781D4F6560E29D8B67AB38D8E1 + 67AC71AA3855D5BE67998E0B797A64BB + 1B26558FD861B845E9B08FA071DDCD75 + xor-digest = 2DE49729E28C8B4585BAFB291E77B7FA + 6CA9E489C437133EABC613D0893822FD + 70A8F88BF6A3D29BA6503F17F055A003 + A42605780A79501BB62C35C922DFB1C5 + +Set 5, vector# 54: + key = 00000000000000000000000000000000 + IV = 00000000000002000000000000000000 + stream[0..63] = 8D3CF6CD521B43CF76A6ACA2A036B791 + 7E06F44E8DE525306C6508C1FE2E3C29 + 50A53F63B11B57596B76E97C1EB01612 + 3D33B57CF93E839A169AC49207BB42A2 + stream[192..255] = C009E0DECD6948B8F29A72F1A2BCAAFF + 04043B6B76B623CF977679D74186BB4A + B1C3529D94A5DD5CCDC20AAEC056492E + 7B9F9A9EE087187C52C7651F890A0DBA + stream[256..319] = DF5DAAFC6D650B0A47AFDD7BEF56634D + 13AC2D1442AA1F082715882F9D303170 + 8D338A7CFB14B100E3D3C645334C5D4C + BA9534475D4BA687956B00E8EAB587AA + stream[448..511] = FB2CB04310DC73C7B7312C840123FB0A + 783F10FB63F507EEBB012E19A0FBEA30 + C324904C02E301F4CE2CC2A1198C0C14 + A725FAB705C5176CF19EB2184DF9825A + xor-digest = 3B3136B100FF460D92A0FDEFE864662B + 324D7B8C7C3DAA46EBF02F8BD0960345 + A1FA8F9B7AB8DF16BC7FDF6B6AA0C61F + FB1C7A599A6474A916A8BB9E4FAB9856 + +Set 5, vector# 63: + key = 00000000000000000000000000000000 + IV = 00000000000000010000000000000000 + stream[0..63] = CF1667BC6BF8ECCC72ED756D4623E979 + 6A8E559E27ECE3DE4FD85DAA60757C33 + 0C33EE95AFEE6A53D730671F695C0B04 + B5968DC2501F48D9A2DB7E20CCEEF297 + stream[192..255] = BE8163A51FB1FD786E1E5197B5F3FA74 + 900AE8111592D24733B562187D399B95 + 79D5F751D722784832AA471C4445FA5E + F2725E23A251EDAE66D60203CB862095 + stream[256..319] = 8592AA7309D37B63AC539BE5B997AD26 + 3F6C38DD169535E7BFB1C19965919F55 + F4502C5995FF7DEF3021D07A37B9E7C0 + FA5E8AD9AECF2B072EE1DE2F2E26DB1A + stream[448..511] = F05E64D5CF14CF99154EF83E27CFA2F9 + 2B269E8E164F1B563F4AFC48C40B5FF8 + F40BFC7E59EF0F0B923F7474F30AC114 + 95EBE3EE8630A214776286D01A20DA23 + xor-digest = 46136E7DE5C7186F1F3D04FAA100B991 + 8FE7E8E02B36C72A92E5650F93F5D936 + 5675B0D3BD84E5C3E7F5CA7E70ED55FD + 027C83E1CB1AF8BDBD1FF1905A6EB596 + +Set 5, vector# 72: + key = 00000000000000000000000000000000 + IV = 00000000000000000080000000000000 + stream[0..63] = 583E7BA16D617DAD9F2A4A6A7BCB630E + 4248E8368A6F45F6BE8CF22C65964D34 + 49A7AC0EDE8957127CDCCD3AFD666426 + B8BD2391698525CD3620558076F61EC5 + stream[192..255] = 8CE8D0EAF9944E68D7EEA0F83ED86CBF + F87B99C8D87C40FBDA48E777976FB669 + CF6A68533BA7875DAD0BCDEEDBD4D136 + DCA8A9C9C1C6B30C5CB7B7C5846755BE + stream[256..319] = 534AD0B12F8CD7797CAC9E23B1618AA1 + B707F28D000422CA73196498C86D51FD + A63DFC791446094F4E146EA451F60B3B + C2711F81B137FF4C0521F94447A486E7 + stream[448..511] = 540F0CF1CAA5D5CA270FB71BE97FCF9F + F1F30C2F454BA29561F7B7C2D8ABF189 + 30D107F71560B26CB7E9E416F90604E8 + 510D29FC0AAFD94EEF254F0F4C0C43C8 + xor-digest = 0986B6D195197767683FB8221A50BCA4 + A375BC5989C24422855F465CE537FDB3 + 3894E7383CE580D8204694DD1E82D623 + 774AD356957E36042735848BBA9649A8 + +Set 5, vector# 81: + key = 00000000000000000000000000000000 + IV = 00000000000000000000400000000000 + stream[0..63] = FF9484C54337D0F0CB2342A7E73B21E8 + BA933A679CAA5549AE6218B7E0FCC88F + CEB6CF2158E19C1D30F4E0B0A2D5E052 + E4C73F2F2FF423417E67F49F45BEA7C2 + stream[192..255] = 6AA4E5586B608D3F0E4A394AC7818949 + E538604293010925AB3D69AFCD1979C8 + A8289CC46776E762452246B54C6C7D3F + E7BA43B8D901D2B55F2F7CE520DF99DB + stream[256..319] = AF841581E66BCB36AEEE07534A83B519 + 60D0DE9740D320D1ED3C542B64FB122F + 506B6F573F40AF29A61DC42FE183EEB3 + A5D55D0272659028B9B5B353A6292105 + stream[448..511] = 3E463ED75242C21811F9C2492A71D6B3 + E5B2BE3E50151A990F841EF0350259B6 + 9C727194154288C62DF02075AEEB2598 + 577A5C0B134EC1206F66AA96233D1BF0 + xor-digest = 0C45BDB39F8C038AC8E2E3C41A80FBF7 + 7B74C948861E7D58F7A89ACCCB4A2D04 + 7D370BD42B65DE42293C58BDFBC003EE + 58D71CA3D01313E8A74C7BEF66CAAC76 + +Set 5, vector# 90: + key = 00000000000000000000000000000000 + IV = 00000000000000000000002000000000 + stream[0..63] = 8C4921B72A3D11BE4DF4E326B9BF85C7 + 351CF85FE98039D5BFDB889DC5721B17 + C02EFE07FACD2F43E95D6EC63F4001EC + FE7355EB565B6E2CEAC64A995324DABC + stream[192..255] = 933FFDF78D118A083FB7CE405D042D3F + 9173B28879BF4A37A878EF2351622F42 + 80D218DE417B8503954E991A31BDF73E + B26903D1F7C7361F34D7F01656243B58 + stream[256..319] = 88E77D9A5FA78C7E348DFE0A66AF1B92 + FF564670DCEC867E24AC78CAC005DAF1 + 5953DEAEAF2C476C2DA514CF79A474DC + D4E68AAA0D52394762953A8A63A0B3A1 + stream[448..511] = 5FF4F24F6BC7585D16582944166C453D + 59A3CA9F9625A5946EE81F561CA183F4 + F6D5258F138E994DF848F532F613092E + 89FD262FA4899091596A1031913C6C5E + xor-digest = 4770E4B7DB5C5FF7F64BAB6334A13E4F + 9DA6686EB2945463852513C770ED64DA + 4A0C3D96403F4CD1E96B7FA6495BE23E + 15506374CE556E7B50D3ED8A92A643E6 + +Set 5, vector# 99: + key = 00000000000000000000000000000000 + IV = 00000000000000000000000010000000 + stream[0..63] = A59AA0661087A6F3498D18BA156FD4EC + E5709F5CF1FF25B006382B250E4481FD + 050F68B95D56E1EAF77C619914F30269 + 4FC8C2461200D9AD357F21E9DA08F489 + stream[192..255] = 941E849E313B8E214DD6CD1C10FD8D18 + 05C1892B15623CE0724A3028F978215F + 7B6264D4D5CBBEFE12920BCCFD204134 + 1AF60D460B73D9493BA2AE7B314CAA41 + stream[256..319] = 2F27FA6FC61D2D84C008DE836B0CDB1A + EB0E62D5E327F88B8A62BFBE70789189 + 9E1335D20E495D2181253647B0333CA6 + 6833552B89571E3BC25190C791341940 + stream[448..511] = 9DACDBDBC8258B52C41788ABA3A7D08E + 5D7919C0B583F6AE89036A4EBFFB3AC9 + 7CD9E9B15E8C811EB6F2BDC7713115A4 + 5291C4BCA5DE179ECC779093B30870A0 + xor-digest = 2C7C5D79F8BC2D8E7B62DCE74340120A + EAEFEA33114403A970F1A51AD9EC9F9F + 63F630E74DD83AE5C6824089982685E4 + 28FF20C49689DAA995D7AF2E80502425 + +Set 5, vector#108: + key = 00000000000000000000000000000000 + IV = 00000000000000000000000000080000 + stream[0..63] = 869923A0917A8FBD8F45FF074E83FA79 + D665A9A44C769CC200A66C254B2D4B98 + 7D34D66E52EF7A9C7ABFDD7548F08631 + 49C7CE742F6CA599ECD0BFEB55CC8B6A + stream[192..255] = 75386882B941CDA70FDB6D02F165B3C3 + B0C7B0A8E4ECB161BBC745EA1AFBF382 + C0C09725D0DAE6316C7B956577EE7F97 + C4A102B04437F24D2090FDB00B78523F + stream[256..319] = 04FBECD2FDE606BC32E46FD0B9950F93 + A742DC2534886A3B17C8EEC5CDD28B04 + 5A03E7C5764EC92C1DC8AAC5F9D5483E + A9890C7322739BC7C73CF8158619F669 + stream[448..511] = FC322AC5E5635C8DC56895BAFD43A01D + 77807CC8CE57DAA306E7DDCC58B24309 + 4497AFBA51F8EA62922C697FC2EE8945 + 4926D4975219A40B2D6C9A9620634741 + xor-digest = D2E239BDF9A2E04082567893D06DCFB0 + 4FE50753793F21380F6A91354836C508 + 837A15527F914190F6F97BA87510180D + 67B13994803013B2E4D4A307D80E8EC0 + +Set 5, vector#117: + key = 00000000000000000000000000000000 + IV = 00000000000000000000000000000400 + stream[0..63] = F350AB2F8E1B96AC93F1FAAED04BFB0A + 59EC1F7B95383E44878AFFBC5CA7D4AF + 2EE76CEFB67906469C9FAA59F4DDD24E + D16796DCAE66011584E8A4B139E016ED + stream[192..255] = 48D1D8F4583937C77BDC1757C3DFF07F + D0CD430F3667E37A6D4CE89217729AA5 + E480DEF30227A363C800A3153617B04B + 50322B06B795B0EEEA039A796C7B6664 + stream[256..319] = 4DE5C06008FBF0D54EE2E2052AF4EFB1 + 94AEE33EE7F133F225CDCF2C504AD2AE + AFBB2A2AC50D7F27022DA8D83D6B44F8 + 4545E8BD15E33CE531C3A7E076B39BED + stream[448..511] = 837C91FB8773A4DE4FE79D163FFBD186 + 2A361B96D79AADDE5AE964A62B3D9CCD + 1DDF29D845EB581C33E3ECF1CAC4AE15 + 3C75E0C5ABAA960389FF0C92205CF575 + xor-digest = 29B708C591EA72969C5EAF624B943D55 + 3A55CD66F13E5E762D6808F5A58D77E8 + 8CE91C0A7EABDEE8F30C05F4D48C0257 + 9B38612376DB9E26AE70591760E395AB + +Set 5, vector#126: + key = 00000000000000000000000000000000 + IV = 00000000000000000000000000000002 + stream[0..63] = 073CD91D0183F07259608257E8267FA7 + 8799B748A5FEDA25FD40B463F15639E4 + CBA06A504C5D4E80A542366DDFDA8EEE + B21BE97CC2FFDFD5FC93792A7CF1C2F7 + stream[192..255] = D310A845416E7E187D3404B763B46BFA + 7EB62B04A06DFD0AC6E9871EB8D74F32 + 73D7488C8D2197515DBF84ED8EBD3F24 + A4B3B69DABB27A3CDA6DEECF2F58EEB7 + stream[256..319] = A8058C140D6692480614EAEE7AD97DA5 + F4423B249C2F0413DF35530CDC40417D + FA6D5007FB9488A073F0631AEC501E15 + A94EEF50A2744693EDF07273C5621056 + stream[448..511] = 44220A7B36E147C5C3F41FD72FD88F50 + ECCC2364563085D3409C5508DEE719CE + 327EBEEF70917036C37A534B764A4DBB + 39B77EDE8C115448096C7E2BF2EC6720 + xor-digest = 07C9AF7BD2DBDE982D011798BCF014FE + F9334DAF537AF14589BF2328C45D327A + 755F902A389BE04970AF515D5718C891 + A77AA50A46D1DD737489E298182BA245 + +Test vectors -- set 6 +===================== + +Set 6, vector# 0: + key = 0053A6F94C9FF24598EB3E91E4378ADD + IV = 0D74DB42A91077DE45AC137AE148AF16 + stream[0..63] = 2E1ED12A8551C05AF41FF39D8F9DF933 + 122B5235D48FC2A6F20037E69BDBBCE8 + 05782EFC16C455A4B3FF06142317535E + F876104C32445138CB26EBC2F88A684C + stream[65472..65535] = 1D92C4EBF6A256F0D0B0365160D72E90 + CA10D7086C58BE13E9325A5088F447D1 + 572466248CD275A736B83674739899CA + 3146963E00E170C6B9DC8B2BE912A5C2 + stream[65536..65599] = 878A21CA440BA0D659F24A5C986D6CF0 + 3EA0DD962337935BA0932FAD9599EF61 + D805800038AFE4208394C73AA044262C + 18490F742A2B7424ED56EF3D1B0F53AF + stream[131008..131071] = 99387AFF42EE8C9D4D8400808322114C + F4DF77CDAA363B0E4AFD0D8FF17D3D2C + 3303984867021922368A76F7CBD20266 + 5A962140C8E6C1336CC4071B38ABB957 + xor-digest = 0FF8DA8AE74C2F194FE35FEA66F69380 + BF1D368CC0282F6E570477EB426F1858 + 204DD9752E48E32C1F40A2ED3BE10FF6 + B5C80216884D0357AFA002E01B7B5FE8 + +Set 6, vector# 1: + key = 0558ABFE51A4F74A9DF04396E93C8FE2 + IV = 167DE44BB21980E74EB51C83EA51B81F + stream[0..63] = 4F864BF3C96D0363B1903F0739189138 + F6ED2BC0AF583FEEA0CEA66BA7E06E63 + FB28BF8B3CA0031D24ABB511C57DD17B + FC2861C32400072CB680DF2E58A5CECC + stream[65472..65535] = A27D9CFEEBB098C44E94F477A5AA9FB6 + 286339533CF62E2781B574B9CCC53619 + CA27303E83FF9D986EFDB5D0AECC93C2 + F249325A37779D894549C0408B6A47E1 + stream[65536..65599] = 36893EF2C9173CABEA2B5BB027938EA6 + 0004121DDD27E79DB469B6402B4C23AB + C08066B24EF0242234F9439019DADF4D + 000A8B68FD539F2B6C8087AAF89C76C6 + stream[131008..131071] = 8FD0EB93722FCD5093AD826167F0F158 + E2A7B86751E85D796D5269866FD317B9 + 523032CBB52F6978DC7E0933A2312E40 + 57E0C9B1366C98941867D2EB0CD8CAF9 + xor-digest = 63DCDFC74EE1C446705C01CF185C7F23 + E083DDD7A70E2685DC1E051F2AAC63EC + 7E64399369B7D1CE49A732F594B6A587 + 3B89E848F70A3AA9B04D219BAF14807F + +Set 6, vector# 2: + key = 0A5DB00356A9FC4FA2F5489BEE4194E7 + IV = 1F86ED54BB2289F057BE258CF35AC128 + stream[0..63] = 82168AB0023B79AAF1E6B4D823855E14 + A7084378036A951B1CFEF35173875ED8 + 6CB66AB8410491A08582BE40080C3102 + 193BA567F9E95D096C3CC60927DD7901 + stream[65472..65535] = 2A30BFDE279B750D56B0B10A79BDA0DB + 21C246D133F4B91E4ECAF80DA7AAC425 + 646523F6BB762D688BFE2DB1852B77E7 + 733BC1005CF3D7CFAEC4BD966DCA6773 + stream[65536..65599] = 991EC57DE1BDFFE2C70A0196A8902C91 + D3CE6C63E4B8D81C83AABE7BF370D1B5 + 4D0B72B0C3C857621A7BBE2B72EBD81F + 50B25E08A9D492AFDDD37B983E9E2E4A + stream[131008..131071] = BC301B9FD7C554C592EFD092A435C2C6 + E74CBBF905CE424FE5872EEFE8DC62BF + F93C3917BD37D142CFCA623B84C2652E + 0E61BB5C5D5387AD95EBA7A5ADF16F81 + xor-digest = F8F5AA473428C00F7F71E4D1BF1976DC + 2856619D2E1CD79BDE2FA1FCE880E816 + 09B8D5AC28691FB90718E0981C3BB2BF + A7E5888E44A0FEDAE7D481AA3AA684AA + +Set 6, vector# 3: + key = 0F62B5085BAE0154A7FA4DA0F34699EC + IV = 288FF65DC42B92F960C72E95FC63CA31 + stream[0..63] = 1CD8AEDDFE52E217E835D0B7E84E2922 + D04B1ADBCA53C4522B1AA604C42856A9 + 0AF83E2614BCE65C0AECABDD8975B557 + 00D6A26D52FFF0888DA38F1DE20B77B7 + stream[65472..65535] = BB599F93F4F244D717CA9818212B06D5 + 6D99AD4CA1F78725DBA89EA1D1F05B27 + 093A17D745396D8CFD0256CD50674046 + 13108E2200A8F1C49075B376A7460515 + stream[65536..65599] = 996C074A7C7C524F539037A8A9F3D193 + 3BC311B548BD567F8AE1B4325C51C5F3 + 4B0DE1B4A4651829108CA92AE23D57C7 + 0EAFA766097DB0539BE77E6500703746 + stream[131008..131071] = 43EF1ADFE8265C46FF7FBA43B78F899F + 22C3B9F069B786982145D601627CDC49 + 2D27BB8D70FF6DA908F2606A0C44690C + 8502F9CFB3BD6CBFC9205470E3ABA387 + xor-digest = B097BF56D79F1A343F61F7B66AC405AA + 6242493ECECBA06876276B36ABDDBFC3 + 76D8C370503A8B8FF6D121D2FFC4959C + 6A96721616782688FFCBC748C9A168A1 + + + +End of test vectors diff --git a/BouncyCastle/crypto/test/data/hc256/hc256/ecrypt_HC-256_128K_128IV.txt b/BouncyCastle/crypto/test/data/hc256/hc256/ecrypt_HC-256_128K_128IV.txt new file mode 100644 index 0000000..6460df6 --- /dev/null +++ b/BouncyCastle/crypto/test/data/hc256/hc256/ecrypt_HC-256_128K_128IV.txt @@ -0,0 +1,2337 @@ +******************************************************************************** +* ECRYPT Stream Cipher Project * +******************************************************************************** + +Primitive Name: HC-256 +====================== +Profile: S3___ +Key size: 128 bits +IV size: 128 bits + +Test vectors -- set 1 +===================== + +(stream is generated by encrypting 512 zero bytes) + +Set 1, vector# 0: + key = 80000000000000000000000000000000 + IV = 00000000000000000000000000000000 + stream[0..63] = F1B055D7BF34DE7E524D23B5556B743A + EAF06AE9076FD2F48389039C4B24C38D + DFC3AC63A148755FB3CF0CB8FB1EDEEA + 63CD484036FFAC3F5F99FC7A10335060 + stream[192..255] = 2541F0EDA5633B4F47C6B74CDCC612AE + CD27E46B2C8FC9036A09C6FFB5891168 + 7A8FAEDC225E34C45B6E081EF5279FE7 + 3271CED417549740EAEC6616C2B6A57F + stream[256..319] = 0C8C0567803E2537804BFA15742D3E08 + A29985688DF3D6B4C3044464C1D1F2CD + 4CBBC470C9A0FB05665CDED63C58E466 + 896F80ACC020F134CB622487D40E0AF8 + stream[448..511] = 1FD448C788A21BD30D4B6BC5D8AEF296 + 2772940557B9434E0FAF636D576B0737 + 1FF3AC12884BB431F396CF7C189D9AAE + D42797128CE645FE841A4CAABA429324 + xor-digest = A3F66A36C20A496A0D4D537B6106662A + DEB5AE1E35FD1486EAB6039F443E5D8A + C6A2D4A2C2E2A9F335E2E468AD8BA51E + 550E41533332E6929EC18CE35BBF741A + +Set 1, vector# 9: + key = 00400000000000000000000000000000 + IV = 00000000000000000000000000000000 + stream[0..63] = 9244D2B190FE8C4BD0E17247C4F1D282 + 3FECA8DBE546637E34BCA99236D09F79 + 5A8905A1E0FA94E6C51F7DC0C90FFAE1 + A8EBD4C99CC96FB3252DE0A0FB03F971 + stream[192..255] = BC0ADD787A5EA52E28B45192399DDDE5 + CEC4E283181408E554FC714586FB641E + B36F3727358BDD8223B5ADC9B9EF1044 + 0F7CD97FCF2ABA75AA9972B277CD6656 + stream[256..319] = C9F6315DA3CBAE23D32685C5549274E6 + 9C17FB2E46746C5D3260FF2E00FB234A + A460776CB0E7AC3AF0D297825C1796AC + 0B689DB219443BF4C0D4D19CD70A49E5 + stream[448..511] = FBFDF6D40BF2DA0EBB04D52C117E9EBD + 6FEF88D39B8EF8B31082EE9B19D50219 + 183DC962391FA4F602A2510BB476EF4A + A44439F61D589933A1F3F633C96E56FA + xor-digest = 49B435E6FA51A0AF8DC94CF1DE09F8D9 + AD76E08C061B54CCD62EF98ABE85969F + 3FC41DB934AF9DBC5F32748623639D3E + B15124F13DA8B008CA5016ED61917563 + +Set 1, vector# 18: + key = 00002000000000000000000000000000 + IV = 00000000000000000000000000000000 + stream[0..63] = 9D74BE686C2DE8B207E8D82E49236A3D + E86F5A7EE231B4239080FC9A55FA44ED + 7737FA7472B318A4F36FB788E863247F + 7067C20DCA632FF051789E9EB99CF409 + stream[192..255] = 4876774DBB886B72E54EE8160D8BA8DF + 6DB032B2A9BA0B79CF82426CEADE421F + EF5ABE9976E909DBADA0442FFC7BBA2B + 009F7240941F0C209853A514B0BE9062 + stream[256..319] = F2499CCE5D3268F4C5515C365D2F4411 + B0AA99ED01E7D5328BF0672584AC65CB + E47BCA14C3EB1F838ABDB7C611677BC3 + 7382E84D05848B9838A166A42E96B016 + stream[448..511] = C855EF5D1CC991D2DDC892AD8319E39B + 734E43E443F5910D03BB79CCEBE70569 + F92BBC63363943BEF88BFA5809B3759E + 6BA4ECA1FAAC572228458A229DD5BA06 + xor-digest = F125B88E0B5F143B836AFD7AC822E027 + FF44B736E32627D90FA05F3DB98576E1 + 9EC41AAF9D61ADE2BF00E38CA4EC2A54 + 49EE0655FEAE777D67EE127E8A5F8CD8 + +Set 1, vector# 27: + key = 00000010000000000000000000000000 + IV = 00000000000000000000000000000000 + stream[0..63] = CC447BF1B5D138025BEA2B269E625C4A + D4451F3851F04F118499040C6E564E38 + 5C5FE17FA7AFAE9FA559CA4835AC1F40 + 1C045AD439B400BB41984DFE7E4D4CC4 + stream[192..255] = EEC14B65E027BC2A96E566BB89218A89 + 31C4AE0BA5C444929EF852EF7E400AC5 + D8B3CFC62DEBBC2B20A7B32E350E3839 + 2953B7839AACC06B2018280770F84B65 + stream[256..319] = 8870B4F9A62B37A1929973D3975D7ED0 + 505AA43002B14B55A541EAE00148651A + 111D6E5A1581F85FFBC2304783EBF5AC + E924CD8111056B1069F13100DE15EB13 + stream[448..511] = 1513F3B7A2458674CBA2B566F3AD6169 + 2BA4EE30687A07AF2FD0D340D92384F5 + F5BFD9B8DF2F7098A209C280F6D5AEFF + BC07D167720DB47B4B649C8593E6F40C + xor-digest = FB5EE30BAE44FDFDF105796FB8A66F69 + 64D502230C191FF9AAF5A4447533D02F + 05A3772B99F9FA2A075DBB8BA59D8D5F + F819784D487C305280DF2F19EEA8BD47 + +Set 1, vector# 36: + key = 00000000080000000000000000000000 + IV = 00000000000000000000000000000000 + stream[0..63] = 831F1DAB278C6226785209C0AD34759B + 9F205B7BC6B987DD145B949336A8FA0E + 4550BC1737DAE7DD7D12E2C062BF9693 + F08C2FB808A1F0A5887A06B93D132BBC + stream[192..255] = 76631E9D4A673D09B9769251433D5EFF + 3114AA59E1A9B7E21B4123DE3E34FBF8 + 4ED6E80EC29B4F75B53A63902C373EB3 + D644B8823789743CA407FFEBA4A1AA75 + stream[256..319] = ABD84B2A5479CDBC5587FB9EEC5DC661 + 5A3CC6136314F67AD2C96803E8E4BE92 + E33DC35F0DBF3C401AA5D7A9F46E54CA + A7ECD68E561BC08E6A5B847A82777E4B + stream[448..511] = 9ED1D44510201727B2E92B55DBE06BA1 + 46762AB34937364B2157292CE68B9D78 + 3D3C3FFD1FDCA836E4C4FEC750B10668 + 600C26AC05B4DED64F8CC2EAA0D22052 + xor-digest = 843D7B97B3316595111DCBDE3DC13DA4 + C14402936D68035CDAF9A1C168120B34 + 0EBA1FC47E957C5F69F369B4C2ADC4AE + 37E743226D72A9F122EC8E00BCAAA126 + +Set 1, vector# 45: + key = 00000000000400000000000000000000 + IV = 00000000000000000000000000000000 + stream[0..63] = D2D629E84843638274ACB79FA257DD9C + D48A08B823DC9F175CD92C5236B9D230 + 5931FDEC5A8F531B1ADF30DE0527AD2D + 0D2B253D008913558E0FECCA7D7BEA4F + stream[192..255] = 6F9322E84D69CFD6A1E589283CD028D1 + E2A114B719FB2E18E732B97629313772 + CD2F2F8AF77EDB5B4360E4B679441346 + 03C59E88C042713C3E403E5D93F9BBC2 + stream[256..319] = EE7BED6C85B20E0A39C103D0B6949F4F + 5F6FE0DF2BCE315CCCEF6E537C488525 + BFC27FD249A6D36548C558153661861A + 78422A563166BBD0D72D6D7876FB4DB4 + stream[448..511] = D2CFFCD4185EB1D8E15B629225B9C278 + 6E7BFEACBFE29D7AF396B3D5917A8038 + 7263018C7E98F49A1D5FA4B64B8E2AA0 + 7192ADE0376388E8295AE5B54CC51389 + xor-digest = A26BEFF2FD72BE47175C1B6F3D749CEB + 0E3472FB0FD5E173DE66A5BB60357565 + 505E3AA44A67651DCA75DFB6F0AFCFE3 + F4C89F064FC42D7C2953694B0CD47832 + +Set 1, vector# 54: + key = 00000000000002000000000000000000 + IV = 00000000000000000000000000000000 + stream[0..63] = DD1649517BE76EFF747658F0ACF5D354 + 2C7FFD52F09FF7DDDFBC48487450607B + CB90ACC3406D0302E84450FC0BFEC660 + 9BD44C7FFF670D69C9B19FA50C62EBE3 + stream[192..255] = EEACF8ABD7D48E285A6658C255A6196B + 66B091773A9F81807A119DC24023D5C9 + 041AF75F2C078C5246BC5F50B622A678 + 64EB7A07DA6A8764437E20C7E1E0E579 + stream[256..319] = BF55E777AC644A0938D438FA374360ED + F842BECB027FA3A0F364B9150FFBEB47 + 09FE2D2056A6CD5A7076172152484BEF + A86EC7DDE657307580BC6F9ACEDA4C73 + stream[448..511] = AB4CF968EC00E7F08553A10270A7D439 + 68B0BC79C2DAE278AF1CB81FD516CCA6 + F5B8A47271FAAC3223F02DB4D0D5945F + 9C13A47906B03B80878CB0596D37CC47 + xor-digest = 76ADECA36B9401DDD5CBDEE821B70FD6 + 65EB9CDB1E3F25C0BE90DEC49C03A9CF + 4049CD34F9550B28E0187B0AD47D86D4 + 88DE4617EDB5F03C67FA2E7B9D20AA25 + +Set 1, vector# 63: + key = 00000000000000010000000000000000 + IV = 00000000000000000000000000000000 + stream[0..63] = C0CEF6E3CA9F0D523587FF47973FE896 + 9FEB08773E3C694FBAC4804B37121B31 + 06B99ECC2A08603EBA72EB3DC650E8F3 + 462119F4685EF4CEA18D5765A6F22765 + stream[192..255] = 79E92E248BA61D72C610876D3078F1CC + CAD662F2423E7EECA813133136A64E54 + A1B6A151BECD2B815EAD959DE8E8DC62 + 8F388D366103296A058CF60F525D6467 + stream[256..319] = 03BD62A0892D939C1C28C4EB490F87B2 + 527536AD6790AAA6C3CC50013E2BB883 + 5710EAB7916FD89896B7983B326AE271 + AF9ECF975CDBBB968D076685BAA3343D + stream[448..511] = 98762E306A2B9D488FFB671D3975551E + A06A6CFC5DB719B888E3164387EC922F + 12BC31A8DCAB8AC0CD6E12212CDA3B13 + 4CF7F870221D6CDAC2B222AF4FD93DEE + xor-digest = 606FA49585621E34BCC3748C06B51FE5 + A8AF320BFB83A4D1D3AEC6373519B28F + 2048A975732BA8DEBDFC5F85B84E7C3A + EC0FCC9B1FA9EBB9D79D6B18BA2D70B7 + +Set 1, vector# 72: + key = 00000000000000000080000000000000 + IV = 00000000000000000000000000000000 + stream[0..63] = 33A81D48866B04388451BC2730A2980B + 5F5BE248369911340E6C024A1F94D4FE + ACFB246F7C0B9E27A40772D68DB36DE1 + 7E87AEF19C8A68854A46B3F654E0AEC8 + stream[192..255] = F67C60413B25FF7CB8647D1E9C361696 + 3B23ECE23A9DBFEC644E855AEC5212F2 + D336E6F074EEC8FF5F8D4FC6398AEB9D + BCAF6C29FDFE6E69A03D906C527FB0B5 + stream[256..319] = 263D512137BAB758F646C71058D02B20 + 3920965D84E52A99B50FFE79305E491C + E0D61EF71F7A07937CEC8590B758F63E + B3EB5890E8678F170C2E95B827FD8DDE + stream[448..511] = 023AD00A87D3D9441D4E8CB603F5CDDD + AE8F3EBFEFB9C5435B72B9B8D03ACDF1 + E4A0FB796FF8401854998015905B878C + 99B3EDC7DD33A86AD4EA6AD208440C5D + xor-digest = 5DAC8E3446BB3B0DCFB3F0A3A3E788C6 + 07FA7436C63BF7AC9FAFCF4A231AFAC7 + 75A3A810EA0FD4E5E6A5B8FE5D165A80 + 798A9F58EE1AD27016E867D2E774507A + +Set 1, vector# 81: + key = 00000000000000000000400000000000 + IV = 00000000000000000000000000000000 + stream[0..63] = B33EA681CA88C80EAD8F2D57C87EA42B + 742550FF8AD2B01BDF945BF160AF763B + 15D6B3BD92E6CF3E6A2B61A7D4BB94AC + E3DAB365E4EA50EBFD2654E60CE849BE + stream[192..255] = E97318BDF61934188A94BCFB4441809D + 36C37D1A43BDBB3EB06FFE143B6153FE + C8453A13387923F434CFC7AAF8CBA097 + 7D796DE95EEFED3B2126B611F477619F + stream[256..319] = 4183971367E71731111D2212520306E1 + 1CBEB05BE6FDB338414C826A8E359C7E + CC680F317C12C6EDE6B443E68B4767AB + 4190E95E1AE4E4FFE61707BE742775C1 + stream[448..511] = 56841724B7D7F95809456EDC1D3A532F + E1C6BA252017DA90EEC71FEE9A639A89 + 4CB7E1575494BC8B44FE4C5DAF90FF4C + A32E03D6399BCB3D9D25B62764A4977D + xor-digest = 3E80587D70A53AFFB96A62F6493B9BE0 + 1C25339CBFF7784F5100A7922EE3E6B9 + 9D17B026C0EE69C5383F63E0E5AEE9DB + 5814E2C526192AEFE17004AAA1996280 + +Set 1, vector# 90: + key = 00000000000000000000002000000000 + IV = 00000000000000000000000000000000 + stream[0..63] = 51A7510726D12FE9574095633A3710E6 + 3EB8196622BC808B8A18800E208648C9 + F7031F8171B71F37613753A5E49B37C1 + CBC7933A52CAD48601E91CA198EC19EB + stream[192..255] = 286EF1C4F74C993A7D783E86527CDFE5 + 213CE4DF7EC72544685291D8108C7621 + 50D488AEF761D819781814F4501553CC + B45EDDA85828C33C4D0608169AD20B2A + stream[256..319] = 89DF5C916612EF0ACC1035EB75752239 + ADE08E0D63B622EA52CC997DC8178C4C + 4E57951FC8C6659A225E88502742B888 + 1F300FC9F278AA3D9C1063A83CF33C44 + stream[448..511] = B2DE3AE2941AFBDB21D80ABB0EB852D3 + A076D98C696F886C302D96D6AD226CA3 + 7B3213B3E641632B728A0AC7131B74FE + F733D1B18666D36A02C148FC98AD2E89 + xor-digest = 01090125BA6C43AAA3910B650D046F37 + E04896E9D2BC276D969A10C1B26FAD48 + 8A2CA5E59044ADDF698588A561557669 + A4EF25E1BB85C0A9D63F69FBB2924F83 + +Set 1, vector# 99: + key = 00000000000000000000000010000000 + IV = 00000000000000000000000000000000 + stream[0..63] = 545E2C75365948B40FFF042EB6919907 + 6E63EE636CB343C51AF6C17BA24E1BF5 + C045B0893B8CBDF6A4068F8574513676 + 80000B10BA11666A546D8DC75374F5BB + stream[192..255] = 9805DCB5596FADF01224553F3A8DCC5C + 909D1A5EC2C29BA0DB86A46ABF70BAF4 + 4A171739309A923428EA7BA8EFCA5CB0 + B0B8A5EFE9A4A39BE0EA6CEA782DD862 + stream[256..319] = 531EE320A584EE1E4E0701400F86DC29 + 69531C2BB1BC922CFA9E0919A05B84C2 + 46495A7C358015724B62A986220DFA17 + 6BF39FE4263A9D27D93F3737CC1D5C59 + stream[448..511] = 92CC0D63772783AF62E642A5849CE7AF + 4D21EC815D644F88887242F4F5F7E1DC + 55E241D72691ED50D59CB3E2FE68A856 + 7696F8B8E3099642D70EC3945B8BA656 + xor-digest = 855CFA62E449250845472BCE9453BA45 + F91601ABA6BB715B079D407E05D94CF5 + 93B5A1E2C12C04C78AB719339AFC11C5 + 213E17ED9DC2B0B9CCF751E0613D4F2C + +Set 1, vector#108: + key = 00000000000000000000000000080000 + IV = 00000000000000000000000000000000 + stream[0..63] = F9748DADA2741A7CA30EFA167ED09978 + 71619682AB68CB400A74BFD642180CC7 + F3499CE2CC86AB7727786DD01AB8D08E + 8774C5A3CFB4738FF1E3243DECF720FD + stream[192..255] = 5AA20B305F5D6363180CDCD4E16427E7 + 2E3DFD73D2C4E2498008F6E0FA9CE3BB + D751F6EB8DD5F48EB42B994688601E3D + 2CEB3DE19BF16C4BD7FD4B331FC93473 + stream[256..319] = 81E3D9BB421CB09A9139534C6E430668 + FCFCB87E48CFA085D4FA1AB316CD5AB6 + 35294E434852C1509C1023A85B26622C + 68BE19944CA3233A4D3272710A791E3D + stream[448..511] = A499D228204BC22C32047DF550E2CCC0 + 260ECB7BA32E8F5CBA2C1D9A09D1F38D + FB30815BA3C9A8D3243CFE7AC4A14B1A + D6AA67D3EC0A5CB617FAD57E41A2A0DF + xor-digest = 0324B7F1BD990F8DBF19C021CCDF741A + 1B4A9C3C3940CC59CD715F0B2CC31C08 + 82E5B93721AC98B00F7B45FCCF19FFA9 + 782B7D7FC048F0756A29B066B472B394 + +Set 1, vector#117: + key = 00000000000000000000000000000400 + IV = 00000000000000000000000000000000 + stream[0..63] = 7EA95775329E2D1163E30F429FECAEF4 + CA177BB4D3C4D1AEFA6B5A01904266F7 + 7D7B7243B9DB1490245EC05129CA2DBE + E3A98885DAD0B43B0E725DDA39B444EB + stream[192..255] = 78ED15A7B4A8151F384C740B844115CF + D4FA31F9BC16E22158B0F896E70C0F73 + F74AA5EF024F6B386ED71239CBD57996 + 4583C37104AD8C7E5C812C378AF00F98 + stream[256..319] = 292FF21E49659AF99AB21753BA2A2B28 + 25DDB156D4F7AFC1888FBE8376AE4C6B + 905D5916121E9F9D76C83FB146ADA735 + 2AAAB6E89CE9398C484D69D1A33F0C97 + stream[448..511] = A50FF5FC20C57F8297C9CE2599A3E6CE + 3193746E8C45FD9AECA0C5A0FB3BF70F + 5981B5BA8D2FA57677EF65B535FC3E65 + 405BECF0A508445E36A7B6DE2BB56106 + xor-digest = D9650FA5D128620134828E1C99D9678C + CFD5BDFADC46A5E79D47AC5967B8A1CF + 32F7DB65B949C88CCEE0D96D960A110E + FF1D09EF5549B88D5B53ED46D4C2F296 + +Set 1, vector#126: + key = 00000000000000000000000000000002 + IV = 00000000000000000000000000000000 + stream[0..63] = 25874CF64ABA4536844F815F486F9DEF + 927E325CFF2FAC48134A4D30824C5BF1 + EC75F8FEFC624AFCC717BF2C8EAAE374 + 0AF399C2653389DBE31F9FF5D451D362 + stream[192..255] = B151A1EDCCB8B4A3CA9BC98F19EFE637 + BE2D6A97A8F794091E7FFF06E7B4E574 + 46B81E8C787BB77E461592160C44B5AB + 49329142D01A1CD5CFC6681F93DF1E33 + stream[256..319] = 29B2B0C04E07D33EC3146E60AA305F0C + 2288913B55DDC18FC17EE836B39193DB + 87089DF2BAC4185A57E910331864E25B + 540BBC968099900F7BF18645A28A419B + stream[448..511] = 286FCC98B40EA26BFCBE5CDEE52B30F5 + 810CFB26E756C628B56B3B5ACDA49E07 + 192592CA2241C6C5193221EDA36CB0E7 + B5C3132F08087DF0673D3101FC559962 + xor-digest = DBF1D7E0AC062FE6BA9834F0AE41ABA2 + B28B41FDFEF914F070007B0A48EE9D9F + E69DB8395BECDBA7B545201318177A49 + 7D343A317B5A37A9DF98DD25C84DF948 + +Test vectors -- set 2 +===================== + +Set 2, vector# 0: + key = 00000000000000000000000000000000 + IV = 00000000000000000000000000000000 + stream[0..63] = 5B078985D8F6F30D42C5C02FA6B67951 + 53F06534801F89F24E74248B720B4818 + CD9227ECEBCF4DBF8DBF6977E4AE14FA + E8504C7BC8A9F3EA6C0106F5327E6981 + stream[192..255] = 30DA9453A90909A5675D6B691CB0990F + C423CDD8222EB47245BBB67BCA2B9C10 + 8D1F016DF0CF8CEAF6829910916DBC1E + 113D11E91BEC3D85C47E3042EC865658 + stream[256..319] = CAFED71B892EDBE13388CEF6A3365797 + E0D88C0D3A5B91BE4CBAF5162F69558F + DBB45CA6F8C8D4C371D62736EC244584 + 60131F54854F3EC804AA9A38E6ADE281 + stream[448..511] = 531A0ED5D2A51DDC6499FE1BB6E2295F + 2C3EA0F56AF46ED93DFAA4E16F5F0831 + 2D77BD0E9122043CD6A202CBA9351F6A + 0E8E6263F4017355136A0C551E6FD0F8 + xor-digest = 023D719F61C193E4CCD87755C87F9604 + C5A29DD7E31637B3DD70D43441D48CC7 + D474013C85EEAB1897C80ED0A0272543 + F951C72E3954616CB5D6B51FC24F4B0F + +Set 2, vector# 9: + key = 09090909090909090909090909090909 + IV = 00000000000000000000000000000000 + stream[0..63] = F5C2926651AEED9AF1A9C2F04C03D081 + 2145B56AEA46EB283A25A4C9E3D8BEB4 + 821B418F06F2B9DCDF1A85AB8C02CD14 + 62E1BBCAEC9AB0E99AA6AFF918BA627C + stream[192..255] = 3B3C6E78A8F381EE2C159FAE1C487C58 + 11FA9BB02CECF7440239FBB0497347EF + D8F1A8AA71AFC70ECCD64E81388E6E87 + 9521C2B47AD84F9CFD9E240D8D2F3001 + stream[256..319] = DB04FD01BC18D91E2D31237AD0FE26AD + 3C8D6A2EFDAA9CC11BFCC61D94F6104A + 4091B3634FA57AB0AB9B209F22DA5529 + 75C3C322DEBE4AE68623BFE1B2BB7F0A + stream[448..511] = 35B290F85EBA78A978750690C4747E8F + 72621951483772E8B89876CC5D55F3AB + 02D9B8FB35C741279FF9B5B571B26329 + 4D011F813CB5B209CA1A22D532BF09B7 + xor-digest = EA9BB65E87C987EA64BC3F4E710CCC34 + F6CD0A795B8347E1441CEBEE35540D41 + 64FC2B95D71FD47A2C4ADF732261EE52 + 8125BE374FA4A90132CC1063971A2862 + +Set 2, vector# 18: + key = 12121212121212121212121212121212 + IV = 00000000000000000000000000000000 + stream[0..63] = 397F8EC015ED573967938D1CEAFE9BBD + BD8853C329B3A881B489090853FE0F43 + 89DA105F0ADFA9CF51DA2521C40FD2B8 + FB0BF80B93E3F2B3D8A8EB1C615E0FA6 + stream[192..255] = 68E7DBF465E3C6994D58B9937A866E4D + 43A82A80DAEDBF29C048639BA38B690B + 7ED11323E3C0A8E77A16356705431EC9 + 9F2CB7F7E1ED3B83EAF2CAEC00B00755 + stream[256..319] = DA51CF3A07EBE7E86E9DDDE5A47E7417 + 376F334E6AEF9C187012C8AD2B94BE7C + 00A876756EB232510FD0798E72EEC87F + 75EC1467C07B3A1EFB0D51A5FA65E382 + stream[448..511] = 0BF3C6FF6794887F2776FD632B83682B + AAFD131432CFD7D2F675E03320395313 + AD4ED96E9052FE6B2D2A17428660A25E + EE642B712800BE3F7E44F21A1E6A03AC + xor-digest = EF4E84DBD66497B142EEAC56B830FF78 + 0465CEE20B9CFAF5727D4B3A588F4D00 + AAF718330CFF35508C44C1ADB8476625 + 2CC3AA6AAAE74F8BF1DDB6D4AADA425E + +Set 2, vector# 27: + key = 1B1B1B1B1B1B1B1B1B1B1B1B1B1B1B1B + IV = 00000000000000000000000000000000 + stream[0..63] = 72BC8A6E1E61E704B142AA00812EE676 + 263C1CB9AB941119B19D15EBA3462F56 + 2F69220595DE5E0E7C595FA40F1F06B2 + 6EC32252AF05310809DDDFAE2E24B170 + stream[192..255] = B29A740B51B4EA1080666337D5551484 + FFED6860A5125DC0573C8F90F23A98E0 + BA7B3E4C28C2CEFB1C33D2C36D1B7625 + 64B9A67240CF174347A4C8D868F00F6F + stream[256..319] = 555ABD5577A8909797FBA9769C03A0F6 + 537C06AFB23354F054E25457B729B534 + CD10B2ABD45BE3E38DAF1B7A9103268F + 4FDB4C0FC9A80A003FCB907E8F249AE0 + stream[448..511] = 3B29A43D9C795DAF1760CA9EB57C0B39 + F62D54311207B617B727FCCE1B2E762A + 060810C4DEF672E7D76083E3E4BED0D1 + 0BAFD27CDFD2C937E660190D36B3FD7B + xor-digest = 0B3B0B3C69F2E4BDA22E25AEF352234C + 18CC5E1E3F6A317ED7257887446EF734 + 65CA15F51AF5E077B7915062391D8497 + 8F437985DD08F5FA3A8D74B3227A6EEF + +Set 2, vector# 36: + key = 24242424242424242424242424242424 + IV = 00000000000000000000000000000000 + stream[0..63] = C845BA29D542FBED2D021C85188E119F + D34967B79D9F44635DD45D2E41DC5AFB + B237AD2FA0E4CF4202D83DF3073C578D + 2AA8A32D30FB45DE28F23CEB85E50FBF + stream[192..255] = 15C910FDD3C590AED1ED7DA2A7969297 + FD12081B4B23F0A32CE5B3196173C7CA + 7EDD03F9637E08CA501C4850C15B207D + 7AA724377396CED2357B572BBF9E69AA + stream[256..319] = E484AF567EF80BAE77461855294E9280 + EF57E7366605785034D639D6DE3EBB0D + E21886D0E1E0679BC2E2C9C2D9201484 + 4A452B6AD3F1AC8B7762FF3C0E405B3B + stream[448..511] = 595D9855200786BB575FF7977509F395 + 7879CA1F19619A99174BF013CB62F85B + FF2C3C4FE724E26DD0C10D7635A2491A + 9E7E868D9DAD9201465AA178184D06AC + xor-digest = 08737B82505F46F4FF282EF42F387AA8 + 0450058F5314389BB73733BC163D75D5 + D32FC6408F8DE5F6ED2050027D605FAC + A7119FC2DC1B6D3E84E8048DCC42FBD2 + +Set 2, vector# 45: + key = 2D2D2D2D2D2D2D2D2D2D2D2D2D2D2D2D + IV = 00000000000000000000000000000000 + stream[0..63] = CA82A689535CA8BAE01BAFEBA6504B3E + 6E6320101999BCE5550C2BBC9BC65D91 + FAA2D72FA4BF46B6EE916244048B1D09 + A115E3AB6C00BAC8EE382B58859E8157 + stream[192..255] = DE787B1CE01B0BC09801D78D1FFA3A82 + 0C18B867C561E96DF4ADADC5A4375E44 + 5A34F9457E5F8C9A337A0C88DF0F723A + D4509F1449DF2C6AEC0EADF4C7A8139A + stream[256..319] = 7E1854FA15DF9D5827F1555F12B292C8 + 452A1A893EF034C51750388D294947EE + 3F505839C69C1708E8323C449C39A96B + FC9EC91B0E1CAA8112057EB0389FDFD2 + stream[448..511] = C85B42B838FB9C3D4956C9E22FBD8FBC + EDD92C4461EFBA5CF1664B9AF54857BE + C3D00319E5E8A89A8322831151EE1D52 + D8585AC79CB60B61ED2C852D04BB0FB1 + xor-digest = C65A6BEBC4FE898DB8D6B8F6E8F3680D + 2363BC12259B0FDB2BD8F052A572ECA8 + D1EF62AA9A48497805A413742B5AF5A2 + 6DC9FF624B49E5D6FE58BBE5251B4983 + +Set 2, vector# 54: + key = 36363636363636363636363636363636 + IV = 00000000000000000000000000000000 + stream[0..63] = 9F6BCFDE566A1B67C608F11B8461E340 + 42D4F07DA4D5EB05554CB7426D65C5EC + A93C2D321175B6F72FCBEBA6E38CB098 + B72534F7D534B1AADD97B77E8513B482 + stream[192..255] = B2466A173F436C8433F264CBF125B8E4 + C10BC81BD46B5C21FA161CB2AE07D27B + F66812A2C2FCB2B14C23E413CEF4E591 + AD52EF810A000B42E5C1B76EEBB17739 + stream[256..319] = ECBED2058DC50223614EB8635B834C3B + B176719C18CA5E3D087A93E5CDF81123 + C6FB819CCAFB5042AADFED5E3C33116A + FD92AA21031165A22F4751C423B8B945 + stream[448..511] = 758BD9435DE607867DA256064C304C8E + DDDF5B64173CF2C98B2842992F8C5FE1 + A37C3227B7F37D49A39F9FF929A883FD + 56DB8B1A174E1E55FCB21C9E1164C20B + xor-digest = 31761A49503946701D35306FBCBE10E2 + 02967E7EC14A328B4DB19FE79F03553F + 13A012B7297B2D02F18A216AD24A682B + 299518C3769123EE86A4937DAA9FC39B + +Set 2, vector# 63: + key = 3F3F3F3F3F3F3F3F3F3F3F3F3F3F3F3F + IV = 00000000000000000000000000000000 + stream[0..63] = 85C7FF83641ECF1C91B2D996D4EAFF6B + 26A4E7E34C0CA9CB9399F655E566383E + 246143F57776C8E08951E87F76091FE7 + 2356CC901F09A07895A890AECF047B3F + stream[192..255] = 4CE0C6606195F7562D485E32E8E105AF + C862100A07E55FB449BCFA2D9BD48658 + 958B37B3EA3565FA66824102A14B5770 + 5E3914E0680E116ED58212CBF61028E3 + stream[256..319] = 3BB772A5A8DE2AB14CAC1ACBF45B1701 + 057710F24C01E680F58090B8E949AF01 + 8970A43A698A04C0C8639FAA665DA3AA + 562B2C5C3A03BCC38FE75DC1821ED718 + stream[448..511] = C73DEA1F7BFE42DF75EA2681BEB31948 + 821FBB049DAD15B988A77C0247868A38 + 2056B66F47B0195FA30C9DB5A2334A9D + CD7C0D22E479FAE1BBCDFFE60F261C7F + xor-digest = 94D41CCAD940CED3C854DA0796DC62E5 + 6B566A980E34F353CFFD0F53AE9E34FF + A6A057645FE66D86BE30F93805D9E2B5 + D78C68EEBF61CE387277A51EB2EF835B + +Set 2, vector# 72: + key = 48484848484848484848484848484848 + IV = 00000000000000000000000000000000 + stream[0..63] = E45194379659D1D8904DB3698AF8B245 + 762910B7FBD019AD1AA20A6C433B4C80 + 308A9EA68697631646BF3A2107C4E7FE + 2235E8F3262A9DFD3F5CC23FEB0B2DAB + stream[192..255] = 012611EBCFF9F839DDABF99D9D4757DA + 4E947598C4757976F6F61DA5F0DAC8BC + DDF72F08BA2F446FA37F9A490F6A2B6D + 79227C93271D6B763DA7B2A907220A42 + stream[256..319] = DDE54F9170D6A4702CAF45CC6F799F74 + A43D83AB8ECBAC5206D108F869561D70 + F151A0037F8E28951B5026643F8B2D6D + 56A62E259F04A5EA304791A9468E66AF + stream[448..511] = F70794C084E6EDC07BA0347413B05FC9 + FC46994CA820CE4FC037ADBA50EAA9AD + 55064ACB7308CFCE3F35AD5C7C628362 + F4210FBC2D3264F734728626BABF5356 + xor-digest = 31815B36BA034BB1941DB1E45A941A59 + 7C3882F34BD3BF441CAE8A9790B05BCA + 72049FD10C09A14AC9DB867A82C38A5F + 524C72F783DFD16980DBCDEB486FAE96 + +Set 2, vector# 81: + key = 51515151515151515151515151515151 + IV = 00000000000000000000000000000000 + stream[0..63] = 3C04E21F6937C4EF472BFDDA89F9CAF6 + FF53889A9979ABA8F23AA51DB1EDB8E9 + D08F696C1100799A7D004DEF1CA94110 + FCF0C054B0C131E6FAE0FE2F2DBF22B3 + stream[192..255] = 9B4ED3EF9639B953186FC7E732E7A9EC + 55A5F3F19C5A10E12EBE46DD84F10385 + 33837693588D584FDAF86E3A217C3CFF + 020278736F1A90CE07F0DCE4329005B9 + stream[256..319] = 135FAD68B5282FE59B28D2DF66463632 + 06CA92E84A73FA131EDDCE89A5C23B4D + 08FA57D455BDB32F8ED58DAF3EF288A2 + 7C72020E35DAE19B446E4C52DCDAC5B1 + stream[448..511] = 7D08FE1CAA0E8A0362669B310B99127D + 18F2111002891D3229102D72605B9BEE + F5DA36059B0DBBA7646927650305431B + FDA4A97570CD0C484BF1E974B157ED7F + xor-digest = 5125E77698C0DAA89A7E47DC5D038D40 + 7B732CE56CEB674CE653A1B6661B2740 + 0C092AFF83BEEE4FC4543B9D725C9387 + 2F89AA338222ED677BF59397200AB304 + +Set 2, vector# 90: + key = 5A5A5A5A5A5A5A5A5A5A5A5A5A5A5A5A + IV = 00000000000000000000000000000000 + stream[0..63] = DA2E6F7FF0D1F1C87A97E028D3E20E21 + 75E9AD91482965B651B495AEE819CC6E + C42AFE2C20EEACCEC4E90710D17210E0 + 4CC6832905985322C8007F872D3E58E1 + stream[192..255] = 09B0A38E19DDDA08F7DFEF7D0FC80560 + D692A020F0A66F609374ABDCD1343722 + 05F19CA04EBDD3009844BC540C1B2B41 + 66D45E8A2E822B906DA34649E7FEEBB3 + stream[256..319] = 6C8E2CE1D7FABA414432E75BA2EFE4AF + CE2CFE99506677A956AEC86BD290B6AF + C5298A448D0DEFA99AA5CD26D318982F + E786D809C713D5A55B42CA6650191DDC + stream[448..511] = 845FEA0A88B521CCB8927C9457AD3225 + EF6E3C21705EC9FB24873916A2C24668 + 963C03FE097DA8224A42A99E5DFFDC17 + 68CF518DE49CCAC8A70216C62C9CBA6D + xor-digest = A46BFD9D2D0BCC688A032F54733AB7C5 + 5FF58B296071D5D39349A531E41F0BA9 + 893A1722B6102740BC5FE394A49363B9 + 6A626AB43FD6A288CD9B23F7255279F8 + +Set 2, vector# 99: + key = 63636363636363636363636363636363 + IV = 00000000000000000000000000000000 + stream[0..63] = CF0E05248AAD82F1C8CD2095ED2DA333 + BCB02E3AD8797377AE1F1B4D6DDB86E6 + 2A59791CB553550E0492FAB42C7A2C42 + 3157C5092D2DD37D46589F17FBD86584 + stream[192..255] = 9E946626F1EAAEDA42E52422B4A84D91 + 4122EEE5736BCD12061C77DF5B0122B5 + 1784E946B4E93470170ACDD7E2779591 + 57BCC9B9F3E11E88BC2F740AA0C10C97 + stream[256..319] = FF22D8196AB3DF662210D12D0FE79255 + 6DCD39611C07F089979CF7D693A30CA3 + 5B795B7F6D64931916E717C8BFB92114 + DB75118BDB51D142CE8133415C6B3456 + stream[448..511] = 971F007EFE17662D95F47F4F28266516 + B22A1E50755EEF19149DE3A3121F5FEC + E0D9DFE7A055026CA44193542D7687EC + 695B97769BF02F92C1EF3D904A8010C6 + xor-digest = D1C4878BEFCE48888A43C6DDE7CC8163 + C8D54A4CA36748C74721C7B6E1649A31 + 4B5B7A4BD43E7C3D2A22F0C8446C7892 + 90D54D421D37CB16400E59CC86215CC8 + +Set 2, vector#108: + key = 6C6C6C6C6C6C6C6C6C6C6C6C6C6C6C6C + IV = 00000000000000000000000000000000 + stream[0..63] = 54F122FC8ECFB176E7F4CF172B2D78B6 + 54BC11ECF0010D2AEB9F899130F4AC2A + 38EBC15C8831D591E6675DC1CE7A471C + 4B869FE83CBF37AC70BAAE5D4AC607F9 + stream[192..255] = 518F298A6008532EEFECB3DCF72103BD + 5E3F84FEB6EA2311E8C19A2E93A9C3C3 + BB1DA7DBA78D5618D1C4FA5B0B202728 + 62645A361E55494D66C9359E41E5809B + stream[256..319] = BAFFFC9206D1D813F3E2768F08D78B2A + 89BB20CCD92E7F13FDD816DD4E4963C2 + C5FC2570CBB8BB5C70848B73001F508F + 47AF179528200F51CDC6E4854EAA63C3 + stream[448..511] = 844B1D15FBFD1264169279ACD525611F + A39C7BB41F1E7A1C09090625F7926E51 + 23A4CD7FE1A3F37ADC67AC437BF0A5AE + FFFC6FB0ABF39D9908145004AA5B958D + xor-digest = EC67596C9DEF4012A2D543842829306A + 4285A3B8038818F265065DC848BD80FE + C27C2F66A57B27F7FA8AC912001EC954 + 05BC6E93D7E555C59060F5D2E294D103 + +Set 2, vector#117: + key = 75757575757575757575757575757575 + IV = 00000000000000000000000000000000 + stream[0..63] = 91D2772A18995DB3C0801DD3740F4466 + F9535E5BECB93DDCA0E94D19C0B57BDD + 0FFBA9DAF0B11D55C852927F8BA560EC + 4999E25848D08FCA7275E7E8571A5F1C + stream[192..255] = 72E64FF10CA9F07CC493715724DA7610 + 9E4358E8B0CAE451348B784A162DF036 + AB9796724D17FDBF356031D080A6631C + D1E8D217B041AD2EDF427972653206B2 + stream[256..319] = 4054F770C93FCAB533143FFCA8E4C0F3 + 344956C29D10374E502C2EDD177ECE5E + 6625BAD9630DAD57976216CD69865058 + 130B132FEC1AB0C350DF4DACE4C7724A + stream[448..511] = 40B4A4DD63F7B6E932482D0E6F5BBB90 + E402466550B518A177CD05985D238827 + BD92EE7EC22C274F19E682F85ABDAD95 + D0EBB3DB6C6134408353C8B0472C9A1D + xor-digest = 9A6C893F2108D13A29373DEDA65386C4 + AC356BDDD4A3178952F9126E322B7AE6 + 83C94F1A131CBEAFF26549D9F84CF04A + 1241FA374B055B0ADE7E49E8EC669E65 + +Set 2, vector#126: + key = 7E7E7E7E7E7E7E7E7E7E7E7E7E7E7E7E + IV = 00000000000000000000000000000000 + stream[0..63] = 87A7773A3514EB7F882F2C491E90DCF3 + 059C5CC575D806B9029CCE3FA45A246E + 0EBD3AB2F2E324FE36ADC3B56AE2F7EF + C710AA964CB87381386C2A88B1308035 + stream[192..255] = 415D6F59DD004944D4E45FECC6F1F06E + 20BEB18D9C84187C347F43B17E0924F1 + 2348F825E106E57A00258CE4415294D9 + 4323A9812D8A71359CEC1001BAA0D567 + stream[256..319] = 8E20F0D03F37EF4B2C5EE12B5F81F7C5 + 32D62E779FA0D2D08F8ABB6B0183A4DA + 4EE0329215F261D953150B9AB9FCBE2F + 568AAE361EAA8636ECC01A63F007977F + stream[448..511] = E7C44F44E06321A20E25F73E2069757C + 90499DB7E60025CF6D2D445E53A665F3 + 08EC96F6FE73C0AC90D7E4A712E18C2D + 3DED46DFBAFA24C4B0B329E52C525976 + xor-digest = 22035341489FA6EEB2A6488CA42F4043 + 57477C3F55569A1224EC39B1019E90C8 + 21D37D78ED4DCEAF6EA70724C3751760 + 38CF25DE4F84BABD80424D83A310881B + +Set 2, vector#135: + key = 87878787878787878787878787878787 + IV = 00000000000000000000000000000000 + stream[0..63] = CEC0C3852E3B98233EBCB975C10B1191 + 3C69F2275EB97A1402EDF16C6FBE19BE + 79D65360445BCB63676E6553B609A065 + 0155C3B22DD1975AC0F3F65063A2E16E + stream[192..255] = 5E12BA9DE76F9ABF061782EC1C4FBBAB + 3373B816DA256CAAC37914B0C161E4E4 + 5F5ADBE444098A5B2A4CFD4251D79918 + 987BB834BB50F0834EF4985F356B92A2 + stream[256..319] = D89642D25DF97D149AE07EA18BA39497 + 8935978AC34C1DF9F444986D7505DB4C + 7E08DB3616B84CD52E7DD7FB108C36B8 + B50C2573172F4D3500B6D62A9D20B82A + stream[448..511] = A2C17FE7371604556F796429C6BE0688 + 8611638B310F3E9FAF484BA9EE29C16D + 2F842EAF33AFEC557B68D2F453569187 + A6F4CD204A0E7A733E81AB7CE9FCAE81 + xor-digest = A7C93087CA70DDFE5FA5F1F2F954320B + 6E3A61977A7C6AC2F033B826AB9A9957 + 66671D2A1025CDF8E2824B2F58CB221D + 2A68679239D90152FF7D0D39B33FAB93 + +Set 2, vector#144: + key = 90909090909090909090909090909090 + IV = 00000000000000000000000000000000 + stream[0..63] = 7118889F6E46A6523BBEFCDB006B3BC6 + 71A6D390BC7099A708D370DCD0E3D143 + A0334619EBD5C7DA9EF6301F29273F85 + 2DFA3C580ED65C6E952F88A0B7FE368E + stream[192..255] = 31D61E133CA1AAE400CB2DBBAE93C75B + 445792061AA0539DA69ED0B77B970C0B + 482156A5DEE4082A61364BF06E692399 + FB9F4411FEC515291F8949B20F57229E + stream[256..319] = 993E815F299D4841518119BFF88F6EFB + F3DB9BAE60238BDE2845DE4DBA6D79DB + C9E42BA5C3C004AE4546FD86C660FFC8 + FD6A8A349669FFE3D9E5BDF8E50A407D + stream[448..511] = 0F9CEAC6BDCBB56B7E97DDC95877B2B2 + 1274F4A6D814B5440C74D53A3FF0735D + EF01B14AE4188E215CE7337C04871688 + 7159695A241BFB9D6B489FE9E23B2AD8 + xor-digest = 0BD5739ED28778023E6303FD88DAABC4 + 0FA0A211A1A5C5F230D9E67DDD9EA517 + FEBCDF0BDBC107291B6CF3ACD8B862B8 + 4BF15400493A54036E97FDEBB9A1DB2C + +Set 2, vector#153: + key = 99999999999999999999999999999999 + IV = 00000000000000000000000000000000 + stream[0..63] = 236ECC5AB83DB1C5CD1C5A888CFEA2DC + BE99E7E515650511FF7016A0EF287ADE + 5A03839C4F83F05FAC3B0B24D4E3F602 + 3251F8D9CC4530A805F8A6A912EFAB1C + stream[192..255] = 792823ACE2C0DDB266A118068AE295CD + 716E424D3B98A9DB2501A3F5DF7DC70A + 3BD2C6E664D5E13317D6F57B8774C903 + D407D2BB6014E0F971141E89569C5868 + stream[256..319] = 2D6ECCF738FC00ECD5475EDA959A73BB + 304C81FA9DDE0C21592247C4098D9347 + 1DA30294DE8C100E5B17A199F744CAC2 + 4E33490FC7F223FD6B4923056117C6D9 + stream[448..511] = E791A6BE7F7593788E5D627F5CDAAB59 + 349AF2BB1DA2BA622B9824F729929098 + BD19DFC05D0D9454F604960C027752F9 + 7812E53DE6AC6CD2751AB331703646AF + xor-digest = B7C5CE0D2FF66533A1C948C425F33FF2 + DC458E7E517637596FC8FB710E2E5636 + DB1F14848CB12793D54ABD0856B22F3A + ADFA8C33AD08B8CC5292DD76913CB105 + +Set 2, vector#162: + key = A2A2A2A2A2A2A2A2A2A2A2A2A2A2A2A2 + IV = 00000000000000000000000000000000 + stream[0..63] = 74490D19F13E7C6D1B25C6408E23F229 + 8A8806402755660C4A30CD216A500BB6 + AE975E08EC62D08425A8A62A71B00215 + DE35E5178902348698528CB82296F009 + stream[192..255] = 51A6EC18829928EE94C37A5CD030CC4C + E4F7E1B3E78C3A5DF07592F45B968BEF + F95B8B257DAF2B468284627AF4481FD2 + 67BE0B164DD86721DC8C1607A0607EF0 + stream[256..319] = 75C565D5A5A240B003273F99BEB3E4B3 + 9C056162B626F383F3E77B5C98C0FBE9 + 119A7C335C333E6490126AC2510CDFAA + 86441C72D1DD9ACBCD3FEFC0D0C794C7 + stream[448..511] = 2D90CCF0B43239D725E3B53C31B82754 + 246C065AD23A8D709161FC74B34E23DB + B918EAFA4465125D3780BF0B5803AACA + 037AA0A14D977141B611A6CA2278B634 + xor-digest = FEFDA1A6E95920B93380CC24FAE214C5 + 6B009ADCB176D519CA4B8538EDFC95D1 + 6CA06B730B28A230F0085FE43CBEE2FA + 2EE5DCD74D66F5CBB59F256CC1ED885A + +Set 2, vector#171: + key = ABABABABABABABABABABABABABABABAB + IV = 00000000000000000000000000000000 + stream[0..63] = 22E1A884ED2C67CCB2977105649B6544 + 367858D1A730AA2FA96703FA406B337A + B2159A389BEF48D8A215D870B2968E16 + B11571F12BEC0A07FA7D3B9790987EC7 + stream[192..255] = 4C98DD259D03A40AF38E0ED0F37CBD74 + B27776E9250B8B063E52E169C7B76A15 + 0D699278AA4124427B5EB6AFC4AD5DBF + 600FEAAA98A88DFF297DACA5ACB4878F + stream[256..319] = 5FC732A26406FF0DBC764ACB05C83484 + 976B640E60CCD6ABFB908583ABEC3E75 + 2878371EBB5374C9B37A63E0768AE10B + D857253D940AC408EF49EDD590E806AE + stream[448..511] = F012E429C44D5DC03B88123855B62C0E + 90E06759306017B5773752973850531B + C480316CBBAEDE6353AD5FB298349AA9 + 16AC0221A4CE1E4729BFB9C230AAF9FB + xor-digest = D73B872315F9052C67C4CFC5CD912DBD + 60DA32FD06D9C8E804968E688898200C + 1D979DFFCE52E1C3B3309B58D12BDBB3 + D3EBA2954D1587D720E004E12EB4A13B + +Set 2, vector#180: + key = B4B4B4B4B4B4B4B4B4B4B4B4B4B4B4B4 + IV = 00000000000000000000000000000000 + stream[0..63] = BEF4DD0101F80A8F880BE0613B2AAF88 + D2EF924014F7445ED922E9C021571909 + D7E6BFCAEE0724F2A9C522C4BDE4BBE9 + FE53FE592C0FEB80D2C7A51FB8BE9EF3 + stream[192..255] = 6B1966D3EE460999FF09001B0ADEC484 + 0D22CDDFF39EB0E3D5FDF74C6E7B3394 + A0A4271D780DE6DEE9AC58B4903EEDD2 + 6DD14E14A4DFE506748D5DCA6DDF4C5A + stream[256..319] = E79D99119996FBB5163335E2F79F0502 + 7AEA5372136E7B3C5BE1F4A673A2DC74 + 60834B81BE6C4976C4A727C8E6046A64 + 4CAF42EEA6A068B7E532581E9037BE9F + stream[448..511] = 5C4F52E0E94884C829DA1FE88EF34614 + 9F3EE55A136EFA3B417DB63D2487DF82 + 794E161B3153DDB2E1E4F385E1A848C7 + 729FF5CB1CB58D5E73FAB1F2DCEEE5AD + xor-digest = 2F3C231B0228C274255F3BD314ECC7F3 + 1B9C49177009AFF2CD88F807092D77E3 + C74C1B9B8650F581EC7603F4D6E70955 + 1B00C3192414C04AB0AD8B0B9BCFE988 + +Set 2, vector#189: + key = BDBDBDBDBDBDBDBDBDBDBDBDBDBDBDBD + IV = 00000000000000000000000000000000 + stream[0..63] = 05AF4F98E9D526CD7912F3E8CAF45410 + DED6D4E331633C5621B94E7EBD15E856 + 04AB202A553EFED55A548C7AFFCD2550 + 60315FD50A305D8BCAC9C077229D34AC + stream[192..255] = 786D24EF3FBFF6883A4ECC4F40E445AF + 3CFD130D5B6A9CE37BEBA429AD137A82 + 44D0586FEB16D086F533D1885A82F73C + F2AD2C645591F80ED09942F0A08D898C + stream[256..319] = C214B6AC700164FA66DE346A27A99463 + C5B6C0E43A9057384BE168E163058FCB + 6E7DEC871C6531EFC8B8D581EF92757E + 219294D39E0C9C8276440BE56C3D9941 + stream[448..511] = 22CF14F5BD70E719AFE76C53E5D611AE + 4C8D2171695C9CF97E2936A8BB320670 + 015825547A508EB43D96F2EE1EE2CB34 + 4E120F001500F8ACC3E19E30455D09D0 + xor-digest = FE5928C74EA21F23E29171E5AAACA20C + DD8571E907763C96B99A8C11F9A1D2F5 + 78F68A6C440996995F7AB6E69B3CCE33 + CF8CE0C16F54355696D47DBF82EA8D56 + +Set 2, vector#198: + key = C6C6C6C6C6C6C6C6C6C6C6C6C6C6C6C6 + IV = 00000000000000000000000000000000 + stream[0..63] = 75559677D7C762F6CFED942D800F2FAB + AB5F3892DC2C79922E96FD34FE511C11 + 251C8EB7C639E531CE08A8C99F62E7BC + F68FBAFF99D62348FF91CCFEC2710055 + stream[192..255] = 149806A4D862EEA81F0208D927339E5E + C98E9C2A6E0DB85CC0380DED7EC5B8AC + 4ADAE76AEB9C7B7264C3834316209615 + 25221D58C0174577110596FF89C8FC69 + stream[256..319] = 137E527A0ACB8B96A9FA07890B60B78B + 3CDD19BF89B31FF75A814F470BF97E0E + 1293B750B769F5BDD750DE5025D7534C + AD541A1F26C6AE9AC2FD3237C156AEBB + stream[448..511] = 0958243E88921B81F04AE63658E52D76 + CF2638495B3A6B970633A7C8F67B8CF9 + AC378082F72FC63BEA02881CC5B28D9D + C8C261C78B2872B5EBFC82336D6E1A28 + xor-digest = 0084D7BED4953402FE8F7FF71A28CEC7 + 0028A08A00EF935C06A8B3632DAD5914 + 84E44E372A753F8E630741266C0F4218 + 4923608103042C70ED4ECC5112B9AF6B + +Set 2, vector#207: + key = CFCFCFCFCFCFCFCFCFCFCFCFCFCFCFCF + IV = 00000000000000000000000000000000 + stream[0..63] = 0C46BF67A3DBA5DCCF8E4A7A65B6FE28 + 98C701CBF5E88F1F3DCB6B873E5CAEEF + 23024ADA678E1A2CA9E25AA8B476CF4F + 9FCBC297FF03A9B94A5A736274EA776C + stream[192..255] = 73B9891D1770289A67D6338909FB6282 + 9A425B7947FC30DC52B11E398E85B1EB + 537E1C02898FEBFC15A9172C254CA55A + AA1B56EA856F47E37E2F252D92D94ED8 + stream[256..319] = 6522D372F90F2DAC155D48F165B6DFA4 + 38B63B9F436FE00CC075C585297B8F90 + E6062358D29641FF9C28EED4A23FC53A + 6B5C60C2AF1E8146DB27CCF5F43BA838 + stream[448..511] = 642541A9733946827D79BBD815C03C17 + 6357BD6E81E9A61FFFD4A0BF6863AC71 + 72AEFB92C1F235641BBE1457B724A6AA + AF9FAC687552A778B034C4A4F8E41ADE + xor-digest = 9DDBC1E7D31379D027B4F3DFD72C3668 + BD0BC5A97655978E79056B3D25DF3E79 + 5D5D8BE5D1AAE877F2E7D03225CB6609 + 6EFE11CBCB728039A243E326437CE73B + +Set 2, vector#216: + key = D8D8D8D8D8D8D8D8D8D8D8D8D8D8D8D8 + IV = 00000000000000000000000000000000 + stream[0..63] = DBD4E866F4E24E7F66816CAF625BD07F + 1F7BDFBB81428FFEE9FBE14DF5F5F3D8 + A044EF53A868D989E16165A0F2B95E8D + 83439BB4805A125AD0CA7994AE11B852 + stream[192..255] = 7CACC4E7B9B1957ABB22ECB9D9D67184 + EE7A7F4B822A1C955A69E238022AA313 + 276C2003E27AEF1B4F94B33A6428685B + F048B357EAB297B7DD98E612F054A317 + stream[256..319] = 286B484FA80A45EE4D5300DFBE173E8C + 978B976BE1B6CB0D15C0324D6B70D265 + 385B615B3EA97A55D94C47F53FF40861 + 4460857AC9568556AE54A52546B41B5A + stream[448..511] = B3AD999394343F6F0BDDD0B1FAE2E3A6 + 5BE2BF56D2B78A401D5761E2F3AF8B18 + A2B1089864999D9B99E5BF6959F8F802 + 975FBF204D6159CF23F3706CAF0D9BA5 + xor-digest = 0957D6887501D4360C430614B67D99B5 + 32849E2F5C69CE8A9F3F707A2B5438BD + 0C1237B5617FB525CC9C043A10DBB265 + 3C3F0A353E89A19838B8F68542E09526 + +Set 2, vector#225: + key = E1E1E1E1E1E1E1E1E1E1E1E1E1E1E1E1 + IV = 00000000000000000000000000000000 + stream[0..63] = A6DF8DEE1EF7D1AF773AA3E9651B645A + 50CF101BF065F69F3E78BEF5D689B1D1 + D306FF41EB3E78BEB75C4200937CFE60 + E89E370680C519B2F64E23516ADF8062 + stream[192..255] = AA30580A210B87727BE17EC52AAAD037 + 3E0DD11FBFC89B37825CA4D6F9E8D433 + E3EA54C37D678B58CE834AFA310F6D4D + 06B4603F12DBF38595AC76511D0B13CF + stream[256..319] = 5F3E1A55116CB67BC91C8E37182EEEEC + 8FC9B09DAA6F418D3434BFBBFF6BFFFB + F93F8A963F2F51CC487BE868F010EC0B + EE17A480542A301E33B36F59BEE13D91 + stream[448..511] = 672048756C221C12DA6178BE711B3371 + 525A92BC9A219CABC5501B0DA4CC248B + 8742E8BCBD6F5A1CFE522F3DF3BED6B6 + 5D60D1AC737ADC582C2CB9751521828B + xor-digest = E7CA739E4DE0E74274E491CAA9BF5CAB + 3F418EBEB69509D69B2594E964759D15 + 104F674CD44681AFECC3B4939CA0A0C9 + DD7AA5726653ED3FBFC833DDB0C87B42 + +Set 2, vector#234: + key = EAEAEAEAEAEAEAEAEAEAEAEAEAEAEAEA + IV = 00000000000000000000000000000000 + stream[0..63] = 2479A8F2872A813D16D15F060D300237 + 25297B812F6F3B97D74D9716E4403A5A + 684D2BFD1E15275470FEDADF1578277E + 44C6C06B8A5FCE3D0CCC5E13BF49947C + stream[192..255] = DB2F9B25F9523FF5C2CCCB808EFE07F3 + 132D4B0065A563288F848E05EB45E48B + D15C069C02F90B4FC10AEBF1AF4BF90E + 2CF7F48C8CD7A8091014131EBC21FBE8 + stream[256..319] = 84FAF79797E25BF2CFD54E58F5C7AC1C + EC170B064429EB832924CDA9C47B5174 + 9BFEF80D96FAE36DDA65659FEA1CC06B + 4EA3A1601A3304AA4DDBEB62381FD4DB + stream[448..511] = 2C8FC8D23E7DBBC37BB0811D1BC71145 + BFBCDBAE19F5281CD0E6AA37419778DA + 64DDF68726DD7F4D78BBBFF4576C2AAD + 93F477A2AB2C3CA8A381F30BB944C7B0 + xor-digest = A6D5F0DDFC0A43491D6D0A17C095C070 + 9EC7E9B89DB8EEA11045ACC5FF003DC9 + CD3318BB6F9675EEF20E15490F525066 + AF8380C663B60EDBAE30663C94C39892 + +Set 2, vector#243: + key = F3F3F3F3F3F3F3F3F3F3F3F3F3F3F3F3 + IV = 00000000000000000000000000000000 + stream[0..63] = CC3701E703946194401D1BA23AD99B5D + F3F856138E142D4B9C23DC9F252A277B + D62DAA33A71A0C61079AD5A20562291A + B6EC92C66D7BE6A17E27D4DDB48EFD31 + stream[192..255] = D00665FC0A4ACC78758EF25B0B0D6903 + D565423614409AD11E821B83F5B35D83 + F26F3EF9EC1766FEA9C21C09E0AE248F + 4BA01E48BCE09D06471593B3466703DD + stream[256..319] = E8B4EEE2C8BBEDBA758C1C2D0889FDDF + 96CDC215EF1A62FAA29A5608C852FFA1 + 18B473C5A7319446F3ED2E8AB39A533D + 714325D1B14E838C9EC6E037DB0DD93C + stream[448..511] = 4FF3B43841B17A279002EFB07324625B + 7E937D480DC73F12836195110ECB4DB5 + CD31CA4F92F612A95E82815328DA7D5E + 4DCC5BB6791603EDA64C57B5A5AAA04C + xor-digest = 9202B874C48D4B1A9E857E645EE8F884 + D971CE97923AC024ABEFB944E34550CE + 31712BB832F9174F86FCD369E75CA9AD + 85095F43A4B7F33AB641BD6912D2C59C + +Set 2, vector#252: + key = FCFCFCFCFCFCFCFCFCFCFCFCFCFCFCFC + IV = 00000000000000000000000000000000 + stream[0..63] = F374DA745A5CF93A567027609E5D3B1D + 5C3C8A4D15203705D978AD42279F6548 + 51FF713F5120CC93D044EF717F5A75E4 + 98DBEF559E5F157A8C819E213E93B3F4 + stream[192..255] = B270F638AAB88DFF69D724F79B70CEC9 + 175AEAA99D55485954B265B5CAB86509 + C810E664766A8E6C90D4BEE3A58B1815 + 9076959FFFA2F30EEB12343E9E7778C5 + stream[256..319] = B2CC84A1127B5333B30EC81CC14307FC + 418DA96336991A27DADA74FDA987B867 + B125C53C0E4E2889FDFEFBFB48797A22 + 2836B2EA42793CE2BFFD568F6234B368 + stream[448..511] = B70F4A10A1B75D499E8189C8B92AFB36 + 4CD2D730DC8D7E183EC55A777C2445EB + BA7E9CD95C8F3A206B73C422AC2E2C08 + 15A8C6FED156FFF93B63DE512EF69725 + xor-digest = 467EDA43B849054EE747A532ED0D9AA4 + 6EA1BF2B6AF19F481D6E3D55EBAA96FC + 6629FE65B5EC4B5EB6A155A6D60FEA32 + F04F8230E26390F1C8FA53D47B68FEAE + +Test vectors -- set 3 +===================== + +Set 3, vector# 0: + key = 000102030405060708090A0B0C0D0E0F + IV = 00000000000000000000000000000000 + stream[0..63] = 0315CE93BE05F88212B413335CA65F33 + 6387BA612421C7BE8276299CC178EC31 + 2143C503A9F2644685882201137BBBD7 + 3A2385F0AD14B690281B54B8DC064150 + stream[192..255] = 8B663563AE31DCE7AC61BF4943466774 + E9EE784644AA761B9D8AA9B8E04D4C91 + 75650DDF130454DD60724864DF2FB6B4 + 31F947F8FCA83F6D3B113BC413D3CC10 + stream[256..319] = 35EE3D4294E5660A99A1A1C9254D27A4 + B42FEA8CBD5C5BD8B902E1B1BFEF17D6 + ADC9B6B924C7C53D44A5C58210989BE8 + 72E532300EA9115CD2AAC8024779B3FC + stream[448..511] = 402F841F64827A197FC56EE9C180F5D1 + 075107622178407B063F70C6C860C6EA + E3016D56F7CDC13A109283F5F4FC9420 + 6C62BC3D1012EA03EE08EBE8C2DC074A + xor-digest = 6815E00D7D3414FCB103EA82B38FD4F4 + 68A453E84A520B7119E9D3A4C938BF0B + AC26F7F73EDA7F3E2F20FBA551C15205 + EBBF2F6BFE6DBAF95061F0AB3988DD57 + +Set 3, vector# 9: + key = 090A0B0C0D0E0F101112131415161718 + IV = 00000000000000000000000000000000 + stream[0..63] = E695E5417AEC9FBFC0EB0909435E79C6 + 76AB8E2F28C556CC2C81CFC5F7A2A6F1 + 254EC0CD2CFAFC257907723557C1DF5A + D81D1E3D201410A12A5FA3A6160F266F + stream[192..255] = E3D590D9AF3869FFCBE2A4B8C77A09F6 + 211193F83B8A43714CCFC02D014376C5 + A44FF7C061471AE208F04DCAA89792FF + AE7096EAC47898C1011095DE9B55682F + stream[256..319] = 0F31D78C0B86D246FE105AA6D9B93CE0 + 257E75CC0D2A0BE96B9156555D8A407E + 01F47AFF719CC894EE111C32672B0404 + B5F26C1DB1D7D0F9E470900AE53B192E + stream[448..511] = 1A01733BB8EACDF2B2F4322FB54FB6CB + C92989248FF31BBAAA8304ECC4AF9A39 + CAB21BB66E0A144D8B77C537BD52DDD8 + C5B0909CC6423D4F243E5AFE6E22D07D + xor-digest = F8C3BF6905A19184D14039E4B7FCFACF + 2EFA004B35B55DD04F56199C6C9DE1B4 + 458C5EFAC45C6062BA1EB726426987ED + 88FA899849CF5F6CEF60119F6A68AF9B + +Set 3, vector# 18: + key = 12131415161718191A1B1C1D1E1F2021 + IV = 00000000000000000000000000000000 + stream[0..63] = 3C189DEDA71E56926CA2C3A2974C4FAA + B7EA3C1250E768CEA797ABD6477B59F0 + E5494635CB4700A95BBD54B0E93D12A6 + 423DF8F34BC6B3BE705ED6704BA33894 + stream[192..255] = F21E411ACF063846BF68F61F7673710D + CFBF8088E2A815F406E17C4BF4E839AA + D2EB9D137B0F7889E68F4B5C8160199A + 7C9C697EA6A1794E954ACB535A72B255 + stream[256..319] = BD7E1C4A54C911E84067AB00F8427810 + BDBF4029E78D424E65F477BEB457900D + 0EA49B639863BAEB1427A161B8C629D3 + 55097F5DFFB24BB97329A73B144DB7CA + stream[448..511] = A4D9A80D0055F2D8C55D2A49B39DCA69 + 9A5652C43258152B42BECDE07F21F8D0 + EAAC565DCDE549CA4A9A27D82F5AF4BB + 1EEB1B0A53A58E50C3E83CBCDCB980F5 + xor-digest = FF451365606D0117E15FC2721F40C9CC + 0FBF6442A771F8FC3B06186C35C6CA13 + B30F65FC84B9A38A6FBA2B6F16541B0A + 0D77BDB4F696894B2B73CCCB8D6FA3B7 + +Set 3, vector# 27: + key = 1B1C1D1E1F202122232425262728292A + IV = 00000000000000000000000000000000 + stream[0..63] = BE4A26D09D47D25416355FB7FF60AA06 + 3B3CDE5374780F2C66514A0CAA07406A + 88490A2E3D6294A799C9BAAAA1B10ACB + 88FF4F6F70EF1F4F67D591040244FEE8 + stream[192..255] = 54F1AB7235B6440D6A7FC7851E3FFDA8 + 6CAF44E3F57E1E9406908064FDDA3A3A + 3C7AA1CB6ECAAF376C5F290EA02844EA + 779A225131F24D2E7D34AD0342399FED + stream[256..319] = 81AC4F45FC40CE7E1FF890F5EFF2B583 + 36F71D1911C7E0227AD8E4DFF7369B41 + A8C266B3468A78773C4C40A3EEA6B724 + 97662462F48835FAC7B6C77CEFD39A65 + stream[448..511] = CACFA9A51224F533C600BEFF1EC03C7C + 7C22EDF93E8596128F8709F0CED4E291 + 997229AC5542FD2CC9B1167C3D2BB57D + 9B08B82C0FC41D93B7CE2211C5E2D534 + xor-digest = 0D949205B6024DAC1D215F2AEA7CB484 + 3FAA9A1719398AB8828A28BD2568369A + C78A224AAD95BAE6A6333C4C13D630B9 + 42AA52099F6EFD6871B1E45C8DC68AC7 + +Set 3, vector# 36: + key = 2425262728292A2B2C2D2E2F30313233 + IV = 00000000000000000000000000000000 + stream[0..63] = 65906EA9CC0080D2044671D22C7DE242 + F764184ABE8DADBCD550225BFD541D6A + 762C7A5268EA0ECE51D18269E71A4CCC + 054AF634616204C81AE7E515719775DF + stream[192..255] = 9ED75834EBBD9576E11DCE8C583ECEDD + 2B8780FE98B44E9F08BBE96922C77BEF + 08DCE0DFD7C77C42236885BE6EDC8343 + 24EAED350AA5A513009272818CBC4BE5 + stream[256..319] = EB1D998260B3AF4472DE59E1C9DD359A + B346B32DCE36C92C9B7BD808BAB76AB1 + EDCA2827557501BE0FE28F6498B33B9A + F4EA48786F3158E8047A32A03AE1CD90 + stream[448..511] = D06B1B9B8110FB9809F5887A35CB24BB + 80EDE203AE648AF9FA348B18D8A15B8E + E98E8AB98A7AC5BF71FDEAA1A6E978F6 + 7D5734AA7FA88E8DA44C861E2F54E585 + xor-digest = E77DF8C1D5F46F8896DD00187C840B0A + E4404581DD053C6F39323815729DCE90 + 0D85C2D8C97D0A3B57CF622F81077B80 + 92988EFFA36CA176F7393D1E38AAB206 + +Set 3, vector# 45: + key = 2D2E2F303132333435363738393A3B3C + IV = 00000000000000000000000000000000 + stream[0..63] = 3FBFE9A391DE0CE5AAEBF9DA3A15EB99 + D6CBAD0341CB78042C89F5D5B0B555C8 + A400DC47FD19F40493B348CB51430B44 + D05AFCA9D399709EFAB8ED2587F72E85 + stream[192..255] = 68969047EE54910C44F8B5718E993234 + D814C27C0B59EE09F0D35B58352AA6C6 + 594F605C25C16CDDC29A354A1C6F5948 + AE497C093E2D41C211E4C1417DFAAFC4 + stream[256..319] = 0DD68E08A25ACA4448DF4B562EEBB855 + 14E41F1F560C479542FE62C2DCBCF03C + 30AF180FB71E65A9A09C551551A33942 + 53558C2440084E6B4CB664A4EAFCAB66 + stream[448..511] = D93B80D67B6484030103CDD72536E695 + E7BAF8B1115109D5D5517BD1E06F4236 + A3551688F5C0D78B2CB080AC072B4C48 + 94A2AF54AD9D816E2068AC569BCD2AE2 + xor-digest = 7C071BF395B48A023A7B708A9651EC8F + 0C9A00DE8BD9D0764C7F1F394AA2B747 + 3EF87BF792D5B89AE0548EB9C1344DAB + DF2E4EC6064D50EE1622160D6DD7ADFE + +Set 3, vector# 54: + key = 363738393A3B3C3D3E3F404142434445 + IV = 00000000000000000000000000000000 + stream[0..63] = 64468807E7EFE78E11B0231D8D7AE80D + BFF3FAE444A60496C8F2DA202941686B + 95C48457C1F9DE1AD2FE581336AE36AB + CA574BCB9619CDDB96E4499409516635 + stream[192..255] = A7DBFEAD9B969D334705B6C53A0CDBC2 + 21E0BB92854B0B107CC39F8C6E4761C3 + EACC8D8C5741AA4243C5BE1A79971A0A + 5A23F2BEDE9F3628CB9099B8C7EA9324 + stream[256..319] = 1A44FB18740973F3124EA805C90C4B27 + 4EE788D43F4B894B01F63C13410EC204 + 2607241E87555B0E1A6FF33AF0DB010B + 8ADF607E6353FCF74F568E0BAF0F4455 + stream[448..511] = 11568B95495E520EB6BE106986A07C57 + 8FDF21463607619E5AAF117D84611E75 + F8979F59E60B43C0A37BC24429892742 + 0D206274DA45EBBA7660422DA45294CD + xor-digest = A70B9BFC683AF2716E17980A49C4F747 + AC25992BA7BCA5E5C2AE162497E4E8BB + 62C837F64EEBE4A55B5705F115CBA057 + C560B1AF0A733B5631E23442601A741F + +Set 3, vector# 63: + key = 3F404142434445464748494A4B4C4D4E + IV = 00000000000000000000000000000000 + stream[0..63] = 35865AF843244DD2F95CDF7C9BD54471 + 9C8432538842C28F93AA21F6E10F8B18 + 31C2AA7EC010A66E539CF65BE55120BF + 090233750995003C7AE414DA6D55F86C + stream[192..255] = 190F215FD14E44CD141E47A2322D324A + A63A7B512A77C20A02D3BFC1EF8273C8 + F65226CBD1BF32A104D1AFEFD6719E4B + DD6355B044EC8D0CE95023C61007E6BB + stream[256..319] = BD02130F7CFDBDBC2171BBDEAB501136 + B2364F5879E6E9CCA7E75AD81105D9E4 + 87E9175B62AFCAD79B23D392B2E9C418 + 437527118797602E629A70CC869AB7EC + stream[448..511] = 1F0DF396B5CA6EC9767B0674B2C7A9C9 + 133CF872DA39DE78F56D41C7F2FF6B50 + 716717E995D42C51D6A2ED66FA6CC7DA + 92E9B3B4D1F130E699C430CFC96969BB + xor-digest = 70291060FEA7D40B5C3FF731FAF7630F + D9BBED1A7FC25A05E6B3F632E6FD6B91 + 1F1010E1BEC69F16D44C5183E38BE8DA + 8949A4D8AA85F5149C203F8C92887875 + +Set 3, vector# 72: + key = 48494A4B4C4D4E4F5051525354555657 + IV = 00000000000000000000000000000000 + stream[0..63] = BFFC0703408DF6EB169656D09A5400DD + 9C4BAF06A3BC7220E45814104B6D9000 + 9585BF9B0CD988E94B8C5026D07AD7F5 + 7D81364775D54D808A5C18453B62A2A1 + stream[192..255] = 5FC95B73A4C91DB20B93319E420B4C5B + A9DE1873C81C835CB455970A90921594 + F9635EF4F411C9ACB4298F75B2CC84F9 + 7F52182F7F001A1EDF72A68FA1ADE313 + stream[256..319] = FB24E97B0CCFE15644BAAFF342C55FDF + 64434708407AA6D73576E842D5ADF4A2 + 6B32D329A2DC9F1451C4BF3E9599E9E6 + 4E5E65F73E09E4F1254BA0DDD8E6C52C + stream[448..511] = E2EB303CD0A67C99CDCEE86BEA581FF7 + 093C9228900B563C6D10B20BF99D3911 + D47C805D1447C8F233D3FDD27CF0DA42 + D42E0389E2CCE99A274AD9D20B9C6102 + xor-digest = F83FB58CAEC8B13BC25C152FCF24E10E + 392A197FDA05A6A20E14093EA0B34C5D + FAE102266465324F5AC07FFCECC8E618 + D0BB60761A26D5FD59D188097A2348F3 + +Set 3, vector# 81: + key = 5152535455565758595A5B5C5D5E5F60 + IV = 00000000000000000000000000000000 + stream[0..63] = 84076D83A841C8C6ADDE3B5D9FDD6529 + 4D0F92B549112F0A6DE05236F732E81B + 3C8E92229C411D2295129ECD18DD08DD + C98BA78D9BAFF6271D95E1F361EF699A + stream[192..255] = 7063A52FB2729433D8A7BF30F27E6EF6 + F17C2A422E60A737270787985508D062 + 4E678A597845CA9EF939F4B8966BD99F + B8633FEA673CE7BFD2ACFB5942D7EDD9 + stream[256..319] = 4FCE866E8C2359C53F0429F569D02DAE + E99A4062246B633D4C502DC897AD8025 + 38C95D49D3B1FA94F4E92441357B622A + 6264F50D5554BBE42191AB3D6073A8AF + stream[448..511] = 2F7C38BD00309FC81D28D84EE4355216 + D97A823CC46FAB9DCAF621E4128F9CB8 + 838BF02E0EF940EFE96860CC0B996044 + 42CACFD3306335241C1B4B65E790233E + xor-digest = 44038A33AF0013BB34CBCFB77F7E060B + 96F5134DFCDBF04EB8F7F29B15C3FDA0 + F766DC940FF548C23712625793851A94 + 294CC7201E1EDC6056C12A46524C6FD0 + +Set 3, vector# 90: + key = 5A5B5C5D5E5F60616263646566676869 + IV = 00000000000000000000000000000000 + stream[0..63] = E811CA3DD1DD0057AD3A1794D3F9CCB6 + 362049B1692D6ACFE1A6A0FCC99C7A04 + 3AB9932A146B4040AC9F8E2F0A227C7E + C60B1F35D60EA14483BAE1F8D1AC7FE1 + stream[192..255] = 865B05E224133AFC45043F05F8082FEA + 487BF63BCFB96DA3EE26960061446669 + B1C92C6BC5905BD1EB57D579CB62A220 + 2F35CEB603658237AF1908132A25971C + stream[256..319] = A84BE383FC852F1BF44130EAD15B3548 + 56737C7EA68A0700A22D357FBA70E031 + BDC0FE8EC36C41790A8B7706A00CA338 + 603E054A83881599D718B1911D1CE9D4 + stream[448..511] = 9286C3479F9A17B51D8749257F59E892 + CE7C3EB8638B29C17D779811F01EA405 + 257062A5F28BCDA1862FE653C7607350 + 9A87D12EDC5CAAFF9E8F9F76DA0BEDE2 + xor-digest = D629CA4708BEF7EED04BB5531DDF9C64 + BA4981C9A705D59C4B2391E94B79CFCD + 058406845D81E7EBC097330C01FCBCF8 + D78940893B4FA38554A32D861AE96D04 + +Set 3, vector# 99: + key = 636465666768696A6B6C6D6E6F707172 + IV = 00000000000000000000000000000000 + stream[0..63] = B89516368AFEEEC12434F76AD1E1ECA8 + FF6FEF7B46D05EDD6041C7B8C1E3A33D + 2818E38113592B615E980304D93435DF + BDD5676225173331C3667F30AA2A3D2C + stream[192..255] = 249528FA392B19B6811711F523D27578 + F1BDE75CA167DDEC08303906B64FAC0F + B2912A7A0EDBEDAF9FEDA420DEA330CA + 7302F5780827CB11B15A4DD333FD7099 + stream[256..319] = CECC1B5077BCB9E129B01D8D75089B41 + 64E76DBC9C8CF2E4D2F17A6248522A51 + FCFBFBC992F75D613307F4DD6472B6DF + C8A5B29F1068FC0F1C3F8964B0E09170 + stream[448..511] = 8B26C436E918B099E4D3A7D4D3395E49 + 056A8A29130667A32C6A2B0FD08A482F + 8F7538ED90374846FFD2E1C733AFFDA1 + 12148C9718F3F208344D5FC20128AE2C + xor-digest = EAA0ACA59CF63BC27082BD52D6757FD7 + 620A7AC5AA2FAEC52646978E2057C5FC + F60B36C09D87419C1D1A64133357DB05 + 6B96C854F38C36DD657524FD09729341 + +Set 3, vector#108: + key = 6C6D6E6F707172737475767778797A7B + IV = 00000000000000000000000000000000 + stream[0..63] = 741C607A6BD38F93B33244C8B7F05D78 + 46F6A05CEE5A87762480DE123D3BEE63 + 240928FFC75ECD9AD1785B1664DCB59B + A12F3B64C93BD4FC8C67C0934E5B0ABD + stream[192..255] = 3BDB31A701DD7F2E929803C3A47896F0 + 9E5F569A32AA829E505E34BB7232597D + B838F543A34CC288F9518BE16A228D42 + BED0CA3CE0C6E7FF9AEE63625C699B9A + stream[256..319] = 1CB7FE159EC1A57043BD142236DC0A18 + 0CEF37316A6E96354AE319142282F19C + 1550EB645DA8F7BEE2ABAE4EAAC0BA29 + 893E722A6F8E0A9B34368DF56C5845B4 + stream[448..511] = B6DF810D69EAFB7F2360F6ECB50C5861 + 7D32B3F495B3E4424045E88CFA0871A2 + 9314121CC78B98B456ADF53E540346B1 + 214AE2ADB65C552273F1FA498FA74101 + xor-digest = D35A8AE5783348824175BD34F2E16FBB + 975E7695DC6C4FF1ED763D404B0D4D30 + 07AAF01E988BC85DB2FDD017691D3BB9 + 811355C3C7A6156197AF57B794DCE85D + +Set 3, vector#117: + key = 75767778797A7B7C7D7E7F8081828384 + IV = 00000000000000000000000000000000 + stream[0..63] = EA9DA2D5BD4B6E070479ABF8CA2D1B3A + 6B968A025D010944FEB51AB2E507F86B + 111F8A351A3F32CE1FBC4A75AC34F722 + 1B5190F2390073084F8153E00BB98D0E + stream[192..255] = 0AE0DC3D0E2D3F5F93E446BEBECC4F60 + 862D190829A209966E132DD029ED6998 + DEF4F613F3D53D0A36CFBA2CFE345DCF + 013B6CFFEC0116FFC1659A57FB42E0BE + stream[256..319] = 5A7FF46C335912389D8B88437CEFD27B + 76706405F45F87C91390273D9B70CC5D + 89FDFA85E20EC82B98A79BFF5FBF6AB1 + 4F61F2C1289CD7B8357126C8E13271AD + stream[448..511] = 9398E699F5AD8FF31A50C8EFB9DF0D0C + FD612B951A203C1BF85C62AB5AF1C412 + 42BFD0A55F21820C6F917EC90A8FCAB2 + E774A93713A99C7900B80A2BF496D0AF + xor-digest = 05D9732FF20A61E19428873830DA7282 + 819234F22FE7DFD8871C21CF10C08EF0 + 7C0413898DB144861B0CCB62992DF40B + 29A0A4688C91275F0A198AF39899E362 + +Set 3, vector#126: + key = 7E7F808182838485868788898A8B8C8D + IV = 00000000000000000000000000000000 + stream[0..63] = 8C4F8495C7231AAEB704E7AB9E79E748 + 6CB5BC85D3622B8A2E2CB778BBFDACD4 + CEF73CC485D8E08406F5986A28706CD0 + 56D085201DEDB875573B57629B8541C6 + stream[192..255] = CC6374A744E9205CA39BCD678074B844 + 16346A7E54F9B87905BADD2FACE7B9F4 + B0A366AA3F632A7A67AD8AAC4827C9BB + A1E801A8786BC4FAC2ADE6A6AD6A45F4 + stream[256..319] = 4F52AAB001BE94A60761CDE0334F8A84 + C617195B084E441070E343CEC3189CF6 + D6D955F9AD649A3891BDFFACA0A6E6E7 + 7291396670BA07469D267EB80E48353A + stream[448..511] = 673AF85AD5A9A3F26CBABCE9BEBBAE21 + E0B6DCCC3256227FC0EAEDF343CC7E9A + 8896023DF073E88EEEF135BE34CF67A5 + 5FB51D3A1754B15A7C4E2CCCB4C8D51C + xor-digest = 2BD4B8BF9B7E79B0EB53318396B03575 + 0AC918A6A05BBA499D81C9EFD32A0FCA + 34A83FC801CD6475A774091F33AE7689 + B9FE28645F545E9A9531F528085926F1 + +Set 3, vector#135: + key = 8788898A8B8C8D8E8F90919293949596 + IV = 00000000000000000000000000000000 + stream[0..63] = BDF2E95B80FDF304C3C4A8081391EDC9 + 7F9553F93C27788F03797EDEBB8F59EC + 2FB2FCCA7727CA1CAEBF5C8DA8719492 + F1369D96B2FEFA23D89400CF7CA667EC + stream[192..255] = 6AB7500D876A4924DE59800345AD69FB + BA1690733713BF372E0108D9FB65B0E4 + 50BB89899AB84198381623094F823FF4 + 8BF9A09F0FCA23684E78654F3D231173 + stream[256..319] = 34ED638D249BB1AB8B16D350309AE32B + 9FB62CAB0EC7AB9D5F3C12C9A6502497 + 6323EBBBC4CF308FFA68A3D4D8D3959E + AFD3BE46E36072FD15A5DC3FCDECA6D1 + stream[448..511] = A8BA33AF6CF545424E607A7FC4CBA593 + CB05B38C836B21D85B6FB1894926A459 + 8D71AB424A5A582A491747FED94125D1 + 08D6C693EC9E4BDE2F418810A921B54F + xor-digest = 84F29F11524741D39779025D792AB735 + 07963EAA0FA8EE220ECD3592E1320567 + BFE76EFC3356860192DDC5F06B94E552 + 43D659D49FB94C30AB69AB5E9C370A5B + +Set 3, vector#144: + key = 909192939495969798999A9B9C9D9E9F + IV = 00000000000000000000000000000000 + stream[0..63] = 1C03A0D6CB75670CD7D978B2E371857E + 27E597B15B905D5F4F4384FEC227073B + 5A56D8C0C4AF767F267DDEFF86AA036C + 41EB6170603AEB3E3C1EF3E176CED812 + stream[192..255] = 6447D1E067550DEC9E8AE89DB02B85B4 + 3DD7E511C8B98438BAA50CFAF7CDBB68 + 757DA1D03A29B9EC6BD633E17BEBC8EB + 2D8D453F583E4D183AF30C9F47C8DD56 + stream[256..319] = B324756101C28D9FC4D1F065F1D000F4 + 1155514EDB30A7FE36C26B18FD93D6D2 + 0470A41B6F8D2E8BE140568BF72223F0 + 981CEB9D100B21C8B751BA6B2816B2D0 + stream[448..511] = 304AADCAE0CE80E91E3558974A944663 + D1E2253977CD7B0D1BFAA138DD81A501 + D7EADD8FC834931A44642BA9873AC1B2 + 47A454EE71F7AD8671BC15E088D01532 + xor-digest = 5980D43A91C09B20B0F3323F1750CB47 + 118550920627B6C512AC5CC53AA6AD25 + 68EE1EFE702FEDE7CADBFA25B32696FA + 12A18CCDE35A1B679F709F28920DF92C + +Set 3, vector#153: + key = 999A9B9C9D9E9FA0A1A2A3A4A5A6A7A8 + IV = 00000000000000000000000000000000 + stream[0..63] = C2083A758037E850A6FE642EFDE59AED + F51F3002BEE2E69DBDB538BE2D93EE8B + 27A1CC89672DC14C44DADE531A88A769 + 5DC730A2CDF3096DE7F4BD08A1ABA918 + stream[192..255] = F4D19950E6365AE6BE8011A24B9D803A + D9A8547D452D8B0B8C51676E207DF323 + 808B5A094A2FDEA5DBC86BFCA576E98E + D0E049834CBE0B3AFAD6892B542EC7AF + stream[256..319] = 8F2A026EB2165F39E27DB86607878926 + 4EC8F42A09E8C80B317FD4F1E32AF4C3 + 73B7F5160C635ECABE495B01A3488E27 + 94D226E2D86C4654810C08B2FC42610D + stream[448..511] = A1D17725577B7A4FD3D1A280BA2B5C0C + 386FCFA09E110F00C85ECA05CC142644 + 4D8EB87CCDC2B23D1CDBBFFF822B5555 + 11055B93ADC9168B7353CAE10551AF14 + xor-digest = 7B4E8A6123216818A218FBD50D8540B0 + A0B62DC114F25DD476680F85DEEA9306 + 4CBC4526C7A8832D4BC534684A403FE7 + B80E7F20D967ECE044085B554C158AFA + +Set 3, vector#162: + key = A2A3A4A5A6A7A8A9AAABACADAEAFB0B1 + IV = 00000000000000000000000000000000 + stream[0..63] = 6FB232154275843C74BB886D09CBE0EC + CCC539DD6DEC1EC6F31578B80DD3BAD8 + 5C992CB1A0B4EA40B3EE0C5174E36A74 + E1CDCAB13830453984E4365A6C599F72 + stream[192..255] = 2682C05E19F6D8FC4DDB15B2F8385B52 + C5A4A70FF5A0063CD696AADBF8505122 + 6F696746D4F8C314543BC3869B1E7F9B + 1C0D004655FB6585723CD1EA7A700A60 + stream[256..319] = D6BA4C5A33B8C2DE342DE48E26AE7B14 + 8E91552D0E05AC9458ED0010E6FF53AE + EDE70E910165B5986876799E60B7E6BF + 3109B9BAF7EE3670497FA7CAFCB14733 + stream[448..511] = 70C4E8AB8E8BA681A2A06F319CBC952E + E3E78DA589369FEEF8A6BC6D976BECFE + E6C7143337758929FCA7E0945892411B + 047C2CC2F2AA284E95733DD94D46B89B + xor-digest = E2D3DD6AC908FF3BAE4791A50F717B63 + FB3F1F380CC738E2B1626FD026C9BEBC + 33957AF4ED6E8B9864EEEAE262FC6168 + 9A34FA14A35BD915B6945F35BC3D5573 + +Set 3, vector#171: + key = ABACADAEAFB0B1B2B3B4B5B6B7B8B9BA + IV = 00000000000000000000000000000000 + stream[0..63] = D25BF02A1BB050E0D15246C2EFB3EB89 + 390BB913916D347586DCDF71D6792CC6 + BF72F6F6A9B779BD8833C468684B4480 + 52E153D11A0CE183CB337450C4482F6B + stream[192..255] = 07980A2C57E9094C5334016A782C830E + B59420086EF9D36542A97220A5EEFE42 + 026B39B1F00A78992ECA17FCDDCEEA2F + 88A15F934A1C65EFB770C2FB9712FFF2 + stream[256..319] = 8C0AF45C68CB7CA8CFF1AB18F2F9659D + E49DB5C4E3609B50C06F94FC01C059B5 + 40E302FA8604F030701FE3C833617E0B + 094D0BBF10580F7C1C7047E86FBF93E2 + stream[448..511] = 4D4BEFAB68D63085A05C729F54468567 + 2C2A9452DF6B4B651A29FBC29513E3C9 + 635DFD75EAC87A5B1362E99033304EF5 + DF42420DFD49C1830D66F4F90928F1AE + xor-digest = 9A7DD8AA5D9E9DA4F34AFBDE9D909CE5 + DEBC05D2F930FF08AEEE4096B2E1E453 + 8587B88E535A217E986F31965C5965DE + 3BF4A7F99B3B9D938D2C1AF7DFEFA14A + +Set 3, vector#180: + key = B4B5B6B7B8B9BABBBCBDBEBFC0C1C2C3 + IV = 00000000000000000000000000000000 + stream[0..63] = 5FB2BFB5B9CC4F84D7641B4555DA4A7F + C07C0053E7AD2CF2187F7F34ED4068AC + 6D5B43A5FA41437C05C65550786D60F9 + A737F44BE450A1F416C1B1A49890C609 + stream[192..255] = 8EDCA89958225E39CF796EE587877A55 + F9B7A7381241597CA6280F7617A11922 + 9268F95BB326585AB59F08BFCE8B5638 + B3A0D32A761C796060DFEBB5BCE859D5 + stream[256..319] = 09601C099BAC574564E4CC6FD659776E + 4726FB22E0025C37873042866B913C03 + 285EA24E37847F9AF6C838B82FE651D4 + EC5FBD40A256E6C765757B6A3CD08C92 + stream[448..511] = CA5AC4ED4FBEF0D754F033B5267B9FDF + 3CA52B131E118174F70CD4F833A5ABBB + 198DBCDF18BABB0B0CC37ECFC8D93AA1 + 5949FBB21974169B46D545F0ED03C71D + xor-digest = 5DAFDEBC75291BA8F55B4A370756B28F + 554FEADDB7888F2834BA1EF221E917F5 + F631D5BD789701282DCF16FA450D250B + 52C627741369DA654E237B8D7F4A8BA0 + +Set 3, vector#189: + key = BDBEBFC0C1C2C3C4C5C6C7C8C9CACBCC + IV = 00000000000000000000000000000000 + stream[0..63] = E9EAE6C4903004A2AFCD05FE2E3E7F95 + FF8BD2888C4AEBB81CDBBCB7488C54E5 + B50467FA82B0CA7EA923C608074E1B45 + 6452821FC36789C8061E99E8A0C0B579 + stream[192..255] = 1EC898A6958F23C186261F833BB3EF0B + 3C185AE8138311B6AB42098E9C6C7FE1 + 0306DADE1DBF2B1C3215DEBD88AF1CBD + 2D805B8006FA0DCF136E225AE3D91AA3 + stream[256..319] = 55566604D1C85FFE1D29810B6C49F019 + 69ACB59765A3FBA2B0B9880064606E47 + 18BC5F08C32EFC250FEE91FB88077A2E + 0840615CCF627C64FBB500B7B800B9CD + stream[448..511] = 707821EFE4119A32CFD99F7ED7CEC018 + C8EE90493FD9268A83E5482DAF9A646E + 8765D8199A56A12ECA50775099179D70 + B72A3CEC8F0EFF1AFD074F04548874E3 + xor-digest = A51E3C9C948B68A1543FDD1F158DD419 + 195AE7662739446D9FD543681A866A6C + F09756FF4E0C59BDEFFBF98D53F193A1 + 77D7BF19320063B8AEEC8A544D5D72C7 + +Set 3, vector#198: + key = C6C7C8C9CACBCCCDCECFD0D1D2D3D4D5 + IV = 00000000000000000000000000000000 + stream[0..63] = EAA9729F0222A16C750540C605974B55 + 4FA622F67C71FBA40236A71AC19706F7 + 9E3792F4B444A39C9C1C902FDBD81898 + 096338F6A8EB7C934B9558D48AC53301 + stream[192..255] = 3B5E53787C050061000E3622876AA126 + 00971A76253833C53B9DABA976169395 + 3944B5050AB17E492E185737D67581B8 + B1C766D50C5B0C2B0D8C78A781E77D89 + stream[256..319] = 175C28764FEAF8396B3CD34C829D0D0B + E9CE0D75E79017A96C4E7B158B171BE9 + 4C906FD4BD4946E6DEEC3C78B34C0754 + 9E85AFCD958AF345E0B432F33C86AA76 + stream[448..511] = 37BDD665CD9D5A8A8190AC3EEF981379 + AD5311E15F853A8A89840879165147A2 + 807AFABB6236CEA9319DB32344987889 + 5744A506CA76CE69D9E474840529D667 + xor-digest = 4CAAE8F441F6EF3DB6971E274181F8F0 + 4D7BC603E040833E77921A393EA13F0F + ADFF07AEC94555224F6204874027106A + 6D7DDF0546F300D3E84AC87699ED40D2 + +Set 3, vector#207: + key = CFD0D1D2D3D4D5D6D7D8D9DADBDCDDDE + IV = 00000000000000000000000000000000 + stream[0..63] = 83AC8C40850F4FCA5452871C954AA61F + 31A9BD276D39EEC03EC5977A71FDAC38 + 368D110C57C1A19F2A7461BBFA88E372 + F78103F9FFAC1361AC2D2AD84C6AA3E8 + stream[192..255] = 48E95C2FCFC79C91BACD0C41F626F05E + F80E076E359299EB5272A2F688F96F6B + 3147C5A19A99D562A11E953CB2A90911 + 205A7760B5C8CD959EE6C183A8C1420D + stream[256..319] = 974A4DE50EB45F6144DAFFA6B4A68E39 + 48838434497B8F9700FC42005F3C2FB5 + A79984CC2E770C5400EA21AA4EC05751 + 80A288499879E50462225BE03D677875 + stream[448..511] = 09823B2D55E26C49E42FC0820D7BA081 + 5A7EA9380637A2AE2C0D29253EEDB884 + 9BF4F54D64677F08A1763EFFD904B62D + B3843B0ADE885C00640D16A99E28DCC0 + xor-digest = E73D8783F926558E0C1E1B0D3FD86CFA + 974CD70EBAACC0CEA2D977E9AFCCD384 + 935584D2FFEDEA813E6234112CAA1401 + 71E99BCFE61A7D0E430D4D3F75AA3E28 + +Set 3, vector#216: + key = D8D9DADBDCDDDEDFE0E1E2E3E4E5E6E7 + IV = 00000000000000000000000000000000 + stream[0..63] = 5DE3EC7E6D724976985B426D722D93E6 + 1F40F5F17EA14B298AC898CBD69F2BBA + 5705E1D0CEF7B7122362FCC0D5106D54 + 25D51F51E29C938C592D9E862DEE9E33 + stream[192..255] = E079C49AC8F160A9D529F30151AAA7A3 + 1D137E03DF4C23F8734AAC3B20BF8520 + 90E3C2529761EB4D67AEF1CC46399947 + 1240DEE8343D6355B5D7377A7934B019 + stream[256..319] = DF574E03ADD1DCBD0712D2748C93CD72 + D8488396AE3D3275E5A53CAF3EC112E9 + 50A79494F25B9EC111FE9A7A68A5AEA9 + 63A4F87B37F822B79D954436368D8E20 + stream[448..511] = CCEF4C93BCEB2494EB4C70F5E301E980 + C494AF8C117F291DD09E3960D2C5A7F1 + 9928C08F2F51C419E734DE9AADD25C81 + 3579A7F0B8B367A49B97DED5793E4DCB + xor-digest = 868706BC1A5F3D0BDF96E10324EC36FE + 01596216B0B8BBFF69C5BDAF69D0F38E + FE89FFC32D34D142F413A5BEA7AB38ED + 22436C62F86C540101DC0267FAF67904 + +Set 3, vector#225: + key = E1E2E3E4E5E6E7E8E9EAEBECEDEEEFF0 + IV = 00000000000000000000000000000000 + stream[0..63] = 45A0736DB4A28A3A6DD181FEF3485F2C + 918C65663597C49F4FB23CA550C77CAF + 7B331B5D183844278E0D959EA024CC21 + CE1A84923E6E782472BA1645BEDFC60D + stream[192..255] = E9EE0DFD717F72FD8899D23E87E77DD9 + F9DA66B4645AAD8D8C3B489B0A637449 + 80020326469B4C6403012B6E315CD35A + 4344934D720467F30B61C8AEE5C3C342 + stream[256..319] = 94A2BA2B744CB83A29004AE21470212F + 67C2FD18F227FC017131D7F4DD0AB412 + 48C59BADAE2E408584DF35C603192E37 + 344C52664DD68B9231661F304F483F41 + stream[448..511] = 6A29174A1099BF8759D2F5F9BA60816A + B290252AEE08339BE0021033DED03C46 + 9C8E28AAFAFDC67A7F2219C8942B004E + 47263842BEBB47EC6B0666ACCC884591 + xor-digest = 7A7411EE5D174907B1138575FCC7479F + AF3437BBF098CCB5D8D25F49E6788374 + CBC9CC5812982CBEAF59111813430BEF + 56D9DEEDB6C935804013759CFAAC40E4 + +Set 3, vector#234: + key = EAEBECEDEEEFF0F1F2F3F4F5F6F7F8F9 + IV = 00000000000000000000000000000000 + stream[0..63] = C430C2A9FC44DE1563B1679C1A2DFA98 + 91D01A302C5165EC13B26F6EE4F25437 + 264AE9E18C98BE112BF560C72024827B + 85665C491C47BB396B5AEC66CFCCA371 + stream[192..255] = 60F3A13B9EBF8784CC81C132E004A179 + BEA0606D4C2C830077A50004FB0487E6 + E179D81FD9784DC3783ABF86523FE4A4 + 68930272980E3B46F865E4729DD34773 + stream[256..319] = 44BC861136F6856B1C74C1CC13753B82 + A75E34EB40C518400B507D99B42E488C + 8A1F2F590E029EF48DAF2674FDB053AE + 5C0967923102EB964602256F70A9CC9D + stream[448..511] = 0EE3ADBC4CCC63A8B67C7812CD294183 + A2E9D4EF0D65F854FE66CF9D76A34F91 + 867B27336F8EEC2E2CD30CCB98AD5769 + 77B07C73C833B51753BB9B0DF08C4834 + xor-digest = 7F848C96AE9310B5282712493AD7E13E + 2B4581545E625A4DCD98576C75835058 + 6C621244B6CD439F8E62625ECD9460D3 + A18BC2F5DCD9FA7E8CF7880CCFD1A44C + +Set 3, vector#243: + key = F3F4F5F6F7F8F9FAFBFCFDFEFF000102 + IV = 00000000000000000000000000000000 + stream[0..63] = B9B3501C75EE296AE858573B63C4888F + 72B18683CBCD6B95602D51E4388D6DD3 + 7129169A5209202E2C6EDEB5026B6511 + 55E4747DD706DDF248A8705D50D38A29 + stream[192..255] = 12F90D1028010D8296DD0D6ECC4F2354 + 89856C315555279BD0A4E3161178AAAE + BD849EC0A90903CCFE9DC7CC821C1CAA + D63A45A1D0C0247F1FB1423877FE9A32 + stream[256..319] = 9F0608162C6315D206B5EFB0E40291AD + E882445B9F34154F6E21B9FA23356DD4 + 79DFFB16482F6A4F28A8A0629E8B1D78 + EAA473CB126FB3727B826B4B3D6175E6 + stream[448..511] = F26FAB00C37C03AE33209E19F865B135 + 115A5E254A6B5C1A4896987EAC35C2F4 + 327822E165AC6BF99F535055ED74833B + C1FFEB32588D8995CEF0708E2D3CF832 + xor-digest = 87243F1D4D08D7EE39213D1A4B9E2458 + 368339A11E364345B4367F84154B36DA + 03A3728A7EBD4237897F9D1A19CCFE92 + B9D67D3A4A755E6EA8382041D4827A17 + +Set 3, vector#252: + key = FCFDFEFF000102030405060708090A0B + IV = 00000000000000000000000000000000 + stream[0..63] = 05A90DAF1A6B6B60CD3B999A11FEEE39 + 6D38983ECDA326EC9229D2A1EC722B0C + 3C0539DDBF6A4CF62B9BAFEA6C60A29D + 4AB63BBBC88987E9A74AE2F71B1E8DE2 + stream[192..255] = 0AE6673D9F99C5EC9A4532B2B9786CB9 + E948A206CB992335FE868BB2271DCA5F + 9AB75995A7E7D46F8EA6693765C93D90 + 9D41C24EF4856252986DDFCBE65D2D11 + stream[256..319] = D8B07A866003059BAEE90378AD5EFFD5 + 2732755E79402B50BA0F26A038B3D9C8 + 1481C19080CB39FE840F8E7313D0C034 + 9FEA4AA4801225630AAED3E522D6F920 + stream[448..511] = DED21140E5A3C0C4615D7153DF9381F7 + 269616817A273BFD984AA5E7CD9D9CA1 + 9C28E51F4C03C262F5BB4175C799236F + DA69AB27590857C0F270CE4BBFE02D5E + xor-digest = 2D47DA3161389F5F54FAB37F391C21CD + 63A748112A1AB415670524B6CB93DA0B + 6B54C541ED59F3A54DE238C3FADB3236 + 3871F6DB1A507B33C1B8F280B0C04B1A + +Test vectors -- set 4 +===================== + +Set 4, vector# 0: + key = 0053A6F94C9FF24598EB3E91E4378ADD + IV = 00000000000000000000000000000000 + stream[0..63] = 114265E078311C062B518148B4530F73 + DC9B95DCC41C214F8C9486473DC46847 + 71819020010586A750426A0E633BC787 + 6E228E2353AC0A68533C85A742387800 + stream[65472..65535] = 196F53D41603BF286D1D11F012E564E9 + 3C7FEEEC9539A015D49475DD8CC73C84 + 2F85521B4DD9789A813A59D444AEC702 + 164F669C59B43B5115202D08662D4EC2 + stream[65536..65599] = 8A7B672621B0B77E8BA8EB9A71DB4558 + A78364244F182519F89D25D3012CF8C4 + E429DD543C8DC56C6DB8FA5E351BF615 + 106B51F9FD00F54018A94DAA91D76715 + stream[131008..131071] = 33EC15BB2C553646CAED9ABD83F37ADF + AD3B3313A074B69FEAD405BAF897C3A3 + E12BFB2F4CC3136ACFDA284DA1E780DA + B3E4D34C053302989FE6A79A1EB0F5D2 + xor-digest = D899BF7CD2972EBB7333D4E57DC809A1 + B717373577B15544443915B36ED162E1 + 25452584F3E0C2B62164092219FBA924 + 31C1FF2A14C8E2E437427DACF80A200E + +Set 4, vector# 1: + key = 0558ABFE51A4F74A9DF04396E93C8FE2 + IV = 00000000000000000000000000000000 + stream[0..63] = 8EA023E23D94434EAA064A4BE52866DB + 57EFB7B200DAFF5AF2AA72D3E55EE5F4 + 5060FA89024F259CD2490C628452B1F0 + 91020DE10263BA86838B2E388F5AD040 + stream[65472..65535] = 5BE1EAE0077FCE5C2C21120EFD560A96 + 27C3DA9462BE42580065C9E51B7D36C1 + D9D717DADF4A3122A08303A8E27721E2 + 1DADC91138A2461713998AEE26F811D5 + stream[65536..65599] = 482694A9797978003DFDA5183F00FF97 + 9F38894BC92DC88418FF68156117A2B4 + EF10D76923A734ABCAD1A5B4224BBD08 + 836E3765321045C3BF6A352371F82CAE + stream[131008..131071] = 614BC8A38C5F9E8507595E8F5A03484E + C9DEC6CF52DECFAB008327527B822365 + A2038FF09411D7B952417C8C7375289A + 244D50703B73577EC272827A21BB917F + xor-digest = CA9E6EC13B679609EA778447EEA1157C + B366A08AC5A96A73D0B5E182DF24EBD9 + FC297219A0AF67591BFD68B1721B5970 + 8EBEB3655791107FD2A0F2F2E341FCC4 + +Set 4, vector# 2: + key = 0A5DB00356A9FC4FA2F5489BEE4194E7 + IV = 00000000000000000000000000000000 + stream[0..63] = 5BD3D0625CEAA75ECFC9828179F7B73B + 288A208D60A2297F2C328DB0789BC869 + 4E50F50E8797F8C7A49E24F72A3AC359 + 796E6188C71A9B3DB88DAEB1BB2C77D3 + stream[65472..65535] = 726C7D7AD756CF567E0E8F812A282675 + 7E75D593C7FCBB45F842020AD59F2B53 + 888354CEF541411B92C3AF6D57ADE7E9 + 273805927DEEBE552B32D10754C9D2E5 + stream[65536..65599] = 5703464C0AED290E65815D8D04098B0E + 22D2FA825ACD4391B56CA64CB8201BE5 + 7B4FB9ED6BB7608BD820436146339559 + E7464BC13A8AE3167AFCDA58E3C017AE + stream[131008..131071] = FFC5787A10E340B07D08160D2C4F653E + 407857845A0D68D1EED8EAC0116CC376 + E33AF8A1120D8DCAD6C86B757AC50393 + 46AADEFF012BD0DAA294DD240D87A98C + xor-digest = B3BAA21AA82617D3BB9C2612E177CB71 + 51A51790D97FE33C3F33C01B32091758 + 5766643C125293E1F75D6BA3C46AB381 + 75A2A4934D4C115A6A1547932B077A58 + +Set 4, vector# 3: + key = 0F62B5085BAE0154A7FA4DA0F34699EC + IV = 00000000000000000000000000000000 + stream[0..63] = AC5DEC8B95C89F4794B7289C69FABE29 + F4AA64476D057873D87BD524666F62F6 + B71B5131BFB897AE64F2D500437E1798 + A742E7B7D06B8089F3DB2453D008C554 + stream[65472..65535] = A2F58800E24BA8B754C64BAD9252BEC3 + ED1273598EEF4C6FE42FE2CADB81F220 + 26A90BC88B43F2F1FD2E054E8EEECF57 + A114D087D5228CB276FD5F4FA3ECF4FB + stream[65536..65599] = 5C67BC8E188170A57DB85ACD2F7121A3 + 7D83F1A708ADC54C14064A9559FE7E1E + 3F9E60B9670EA4394521B11D8283EE42 + 12874323628EAEF0B90FC4653106D68F + stream[131008..131071] = 8AA6F8A20F7D4A0B7EBAF6A7336B6D76 + 731E65DCCD179BD53F6B879E70B8776C + 6A8EA30BFF09BA3026B3827EDB9F9C2C + 0F96655D8B84EF725D0603F8CCE3C2F6 + xor-digest = 458DB66B656320F5F7E4FEB12E748C0A + 59F0CD8A7ACAECC25479C309628EC0B5 + 3B441B831B484FD3180C52F63EDA1858 + 7C232B195356996DC29DE6DF54E5BB37 + +Test vectors -- set 5 +===================== + +Set 5, vector# 0: + key = 00000000000000000000000000000000 + IV = 80000000000000000000000000000000 + stream[0..63] = 04740F92C2470701F289669A25BF9092 + EB4212FEACF66DAB6B1D520977945F8C + 6D350BF26A1CA35EB37FA53B0BA2CBF6 + 6AC07A8C75D494B4B8281CFBAD4937BF + stream[192..255] = 5E47F5F506AA34E7D296C6911FCD3D43 + 31A032269214ECEFDDB492C47A51C4B4 + DE9EF0A63A6EB32AF1DF1C5576A93F19 + 02B7BB89F10D8C7CDFF9C097D3D49148 + stream[256..319] = 015494CB3CC9BDE8A2981B25C06DD18B + 52FA7B94CBE24C152FC60762290329C9 + E58C4E5148585F417733737059E310D9 + 309D0CEF48D2F1589994657A081BA6D7 + stream[448..511] = 3B67C1B37D96E1076595660D61340EC8 + DDE8F492134270951D9D4B260C8E2254 + A7FE8C10DE837A617A8E261FBBF42259 + C636B3DEEA0F373FE7C2CA2B01EE3FC3 + xor-digest = A8CC89F06815EFF6A91CA276BEBA7F41 + 75F842F85BEAE99F4335A3B85FB28394 + 8B7EE3C659274C6B784035B94886BF9A + 5C1483941B20170EE3A374E39006C09B + +Set 5, vector# 9: + key = 00000000000000000000000000000000 + IV = 00400000000000000000000000000000 + stream[0..63] = C25BA6DE4C87FE5360BCDEF864F3F778 + 598A6A584325D5E6C44EEA4464D7580C + 9B8D42B5B3634F739D6A53D15FA41070 + D1DD4621BF87F53F42107618D9742FD4 + stream[192..255] = 4A3808B0619C9D94E19F3AEA0BEF3839 + 21D7E2BED05F1128A82D9DC010654ECF + 65199A645606CC44FDAE763694E6757F + 8FF864CBE4204D45102E465F16CAB8EC + stream[256..319] = 3097394E0CD0A9DAA28EA873566E42A8 + 710C28366C2B41B6BF6687D881094676 + 9970A5BA54D28D7BF772C4FED13A9F5C + 6E7AD3F6948667D6C2DF981955F73293 + stream[448..511] = E685BC2ACD3A67791416E78699C83D31 + 852EBCB1C1AF71B926D9161CB6D894BC + 8C5E85C7E30A0896369BAE50C1112D4C + CC583E44A8275F44B7ED140E9721C7F8 + xor-digest = D9B51AAF4A9B75508FCD02443EFE2267 + 1148C73264776B5513860BCE8547370B + 2BA66E82CCDB15F3DEB0F0728411B765 + 1A098C23202745C19B045C58AB196309 + +Set 5, vector# 18: + key = 00000000000000000000000000000000 + IV = 00002000000000000000000000000000 + stream[0..63] = EE43BB5B79EAFB54B823DE95B71F3BD2 + F2A7CBB6D28E9BED590C20A2C52F9B2C + 74EEB9A1A48474D5DA4964EEE0BB98E4 + 88030E213A4482BD1A8CAD4CF8A962CB + stream[192..255] = 150C4D68BF29DD27A2E6FFDFBD6984F4 + 3AB56AACC08AC0C0149008F0882292EC + A5359CCF4C257ADD4FC535E41D6F67CA + E5210068F77A5D5F32A23B17F79EB7A5 + stream[256..319] = FEA319287C29AB84585D4BF38DCFA71F + A36253AD7F4BF58398731713614D0047 + F85A465C6915E05232A5FE5AE7A559EC + 42733403ECF6B11E4D5E8F4A8288A3E3 + stream[448..511] = 79CE66DD3F77D40889906EAB1F671B2F + 98D9FBF8693C1EAFC89D19209408F3B2 + 7CD83CB3B9F33151DD4A8D79911255FD + 3CCBA14918744B0ACB93A5F96AC9AB38 + xor-digest = E1E3F49B342F873263F585EC34969176 + 2CC46C17FDEE0B32224BB77A8EC82A87 + 816DC612439E998476F50E876481EE6C + B32ADBCF6A5D50FA16355AF63AA30D66 + +Set 5, vector# 27: + key = 00000000000000000000000000000000 + IV = 00000010000000000000000000000000 + stream[0..63] = FB8F4925A4F922119A6F29F8DDC2338C + 0AEF333B55919AF0D0D9B1DB61BA2E5E + 4CFB394E15F6A78E01B5C4AB043225FD + 9C8F50AB1BFDB16F944C2660995AA4DE + stream[192..255] = 87767D451D81D5B40503913508C2448B + 7CC093982642089843D7D9C3DA05598F + 7AEFC5B70ECCE327B20658D6301F4D6B + E58FA5CE0525C9CE8E93FC0B387AE5C6 + stream[256..319] = D146E4312CC11F11916ED9FF8EA8ABCD + E0736DDD0A8AF3E067CDED397E429D30 + 8F2DBF848C5C1653EA969B608CE01275 + 53573C88DDD32937EF6F8B0864C581B4 + stream[448..511] = CE919096A83BF3702D8899787DA7BC23 + 43F1F10833F16E3EB467440B4921BA1D + 96845B6B4141E1CA85364E2D508456A0 + E399DD048E72685389FD7EF3F78B655F + xor-digest = 00333EC3A59AD0B8FCA054A08340BF91 + 906512917E72BED76BEFFE29FC011632 + 082CDCB1A656FB817F968E26063279CC + ABA796307912984BFC267325DB84F621 + +Set 5, vector# 36: + key = 00000000000000000000000000000000 + IV = 00000000080000000000000000000000 + stream[0..63] = 202723F8212AB20D9369C2E1EEF8553D + C468854873D04FDD32641E324DCB4EE0 + 883AC1D40D7C9C7783DF4132093724DA + 113B1CB12144E00509FD5D36957A4E1A + stream[192..255] = E6717FE0A77F9043607A1A7665716225 + C8D417FFE2CD7572083C7C552B79DB6F + ABEBBC2D4D36AB319407982187C248F4 + 83596AC071C0B0CED08686603B024E7B + stream[256..319] = 8C59D97F7A093EA2D0AB890923AE4DBD + D40C33508838A3966FBA360E776670C4 + DEED8BC8CA57592463781550BCFD1E28 + 818E7C33A3AEC43775ED0A984044E9D8 + stream[448..511] = 0A3DC66754E02423C6EC1C1DD26CE11E + FD70C386729C8290DF358C69087CA7DF + D11F5E0D37A313F74B09F29C552CAC0A + 5621556828B0145A6A1D43F563AFF672 + xor-digest = 6673BA5866E8E96FB48FAC88D307079E + 77AC03692B23070EB5BB9D04FA94B9C9 + 6C2F958E834DEB51C6ADCE432BFB9632 + 9B3151E0A89EB72019A4522233B8FFE2 + +Set 5, vector# 45: + key = 00000000000000000000000000000000 + IV = 00000000000400000000000000000000 + stream[0..63] = 95AE241C4E9B6690C319D1FD828BE454 + 52F18F061C1B1E13AA409829E194D70C + AD5BBACA2738B508A5398DF6C2552497 + 6D143DF0405F68037C285A0E19FEC9CC + stream[192..255] = C0E2D5C6B614E4A498F46D5399DCE7EB + 7DFAFAC62794F5C39864C521B8DB574C + 149E35D1F0EA36EA7F24EF8FD855FDCB + 9CCC79F1ABB13EC33E00A9E137809C05 + stream[256..319] = 285907400C1A86AA9942ABD7BEA8EEC8 + BB6AF2F9667D424C1DD56349C99FC65E + 8A00893AE529D7BA492089EB6B525964 + E9CAF15221A342C4F88697D818AC0F1A + stream[448..511] = 13D511737F3A092643E94E74F6C76241 + 0007158FEF40C63B33E10360FFB3B152 + 8BD8B33093D722BDCAC1FA99D16D1C27 + 6E59E428601F256542BD3E7A4A135152 + xor-digest = 1D1352487AB5081A28DF23B1B19D5ED1 + 192F08964E4C0F048AFA9CAA8BF17185 + D7B97AD6003E2FD2DCCAD492FF3FBE5A + 5CD7AAC627DFE7CC6D0972D423B67128 + +Set 5, vector# 54: + key = 00000000000000000000000000000000 + IV = 00000000000002000000000000000000 + stream[0..63] = ECA0F29C3F5C4D62ACBD601C3042673F + 6F8B17C946FE8FEEEB0089059765F067 + 5AF3E5DADF6DECDA20F72AF486E7E967 + 40B2DBF22B57FCCDFE571B2D8989C95B + stream[192..255] = D2BDF6ED912478A3C53713389C9DFA5A + 9272D030543295E8CF6F0929F1A56041 + EA22BD04E0DD810F43D9D28D94254F04 + F73DFF3B766DB55100EFC9697FA844C7 + stream[256..319] = C7CE1CD4D8C42FA36724A49107A78630 + A60E15673A42C57B609740EC8DE78EE0 + B48F2644DC0DD1E80FB8326DDBCC7191 + 5E6C8DEEFCCB1FBE1456532840A89DB6 + stream[448..511] = 337650A0B03D30C9697CE85449B0F995 + 668FB2B73E37E1A550E07632F9F5AA3B + 04D61AC41F8A830299FB8F70FAA0419A + 42C4589D71C965DDB3A9D000667616AA + xor-digest = 7A26C50BA37BD9F38281FD2DA3CC14F2 + E1FFEEC9D7776E87D99053B531EEF792 + 0C0BF834EA9A0065AF38422A40A31BEF + AFAA17AD565F685BD6E505C7E02FB895 + +Set 5, vector# 63: + key = 00000000000000000000000000000000 + IV = 00000000000000010000000000000000 + stream[0..63] = 567919917583CE03DBDA69907CBAE562 + 107FBBABB4DFC81A3A15438C94AC0C28 + 8CC35A91DED9A79ADF4EF2670A55699C + 000994EF33674B578F5D77928A43416F + stream[192..255] = 13D0EC5B7302C0D8AB329E7AADFC3FDE + 1D24A80B751948C4BCEF516D94DF7AB2 + 2B1D9E076BBFE367CBED341B2A5A3BA2 + D48735F83855460F9D9953279BFC2AA8 + stream[256..319] = 5EFFE922E2FE25410E8050A973C3FAE2 + EE372E9686B6E7B35294B52A579CDB43 + 9D5CA7F1EABFEB4303DFD7DFBCC812DB + 9D70CD0698D1ED051E1E32C855EB39EE + stream[448..511] = 91A01C0EF63716515DB8B71273CA4399 + 1654AAEF2AFD4DEF25E21A08D5385766 + D8C29514065FFF00B07DCB32D1A20830 + 3C3402963EF252A4CAF5CA31A50BE591 + xor-digest = 9232F83FB054098FBED8474939476CEA + 5E9FC269E7B248E56B14F56CB396BE74 + C2B2203D1802D9515EEE232FD612FE21 + 11C291A46A89D54B2E5437E643239636 + +Set 5, vector# 72: + key = 00000000000000000000000000000000 + IV = 00000000000000000080000000000000 + stream[0..63] = 507958BFA08EB41F4D18F519E36FC476 + 5BB8DC6CFCA36290CE9AB8B165D7AF72 + CBF49DCF8BA2D145D7935EDD2CD2242A + 7B7FCCB85B4C8625532D84B4BC602515 + stream[192..255] = B2B06A7C3977D4A1A39892E832A32A55 + 3EE6E52DB24DC453835893A55D0FF3A2 + 949B8B96688237E13DBBB2D0C9038AFE + 8B9D18CCAF62019ACB908499D292F280 + stream[256..319] = 1D28AADF7B262A1EEEC11D39F4325CAA + 6181F9FA1A6C65F3BEF4F1614B0DF599 + EC92E5B6B42A931352965CFFC025F68F + DB2D6D0181F259F12989E5FB23ADAE8E + stream[448..511] = F60E3DAD5004E31F6DC89292ECF517F1 + CD18AF7E79E775334F4644A09346AAF0 + F2B4F5C1DD03555A6D27C43AE53EA7BC + 7167F793190071C7AB7B5330A6C6CAD0 + xor-digest = 5A65D44021E67626E62FE87B8547210E + F736490C0D51485A8EF0E1CCBB512DC6 + 0FC18114A29AF923EE3E85655771D6C0 + 7CFE342A52190C540BE3409853F12065 + +Set 5, vector# 81: + key = 00000000000000000000000000000000 + IV = 00000000000000000000400000000000 + stream[0..63] = 2416B634134170CB4F67F431BC94612B + 5F2F72545DAED2356081C91A26554614 + 5FF2526D8D8FC7D02D8BCDD9AE03187A + 9E404C360E115CE949667987AC73624F + stream[192..255] = 4D456233EC7E761891A56BF9F9659533 + 22375C169D7F16DD81D8D69B12092F47 + 09703B85AA3184827935B60C1E5987A3 + C4C2EDFEAD4F777B53989C469B575EB4 + stream[256..319] = 5F9CDDCBE09CD759B346AAADA2436887 + 0D47BD8859CB9225B61AD9F99197FB14 + B5D625F5DBE0955DCBAA5B874A7C89C0 + 07BF926AEE571CCD7E20635ED4FF312C + stream[448..511] = 642391D8851A9BDBDCA37B9587D5D0A4 + 877EDEC31D6EB78AA3F1E068B0ECE877 + D83EA29906D0C0816EDF7EC5BB417A3E + F3DDAA2145CB37CEEAF8C07DDEE0AAD9 + xor-digest = DF93E4E01EA55D18AB8AB1A927A5B5AE + 9ACB871B7493DC283581262771852013 + EE54288580A03B3991126BE8BC20C5D2 + 230F00D8216CFB632271750F4FD2595A + +Set 5, vector# 90: + key = 00000000000000000000000000000000 + IV = 00000000000000000000002000000000 + stream[0..63] = 4981C83E26859DEDB32D84C7BE32830E + 784376A12FA6D0077D4CB47ECBA08A92 + C841D45D6CDAA3F1FB48C6FE747B0F67 + 1B32C2B35BE69497737FE4B98770DEE9 + stream[192..255] = 1FA51FFD0360615EFEB03042AE8E4210 + D3D38B4EF07536BAFE43C0585818F012 + 8F8B3F8CA8DADBDF049688253066C74B + 01849C5BD85DCE27C0138D24E8B8B198 + stream[256..319] = 2D8C58008EE94CFEA1EC545C26466D39 + D7BFD5B226E32F1270B5BD3677818B7E + CFD98BDEA26488248B10418C1F854159 + 8F42C6CC237885A1DEAC5C33F22C27CD + stream[448..511] = 94502058B5828AE4F4CDC0516E5B5143 + 1F07EE1ECAD7CA266C931327BE6BF1B7 + A34810220CE00497D7BB9600FC524999 + CDEB6DDE8919B03064EB56B3766DAFCB + xor-digest = 1DEDBE0B7B6099DCF285B3C30E91AA0F + 7859496E034A1EA1AAE3D3D13C2061C6 + 0878E595B63D849B7DB77BE7E0C08157 + 94232B645BE946E5D8278B14427172AD + +Set 5, vector# 99: + key = 00000000000000000000000000000000 + IV = 00000000000000000000000010000000 + stream[0..63] = B84C72BF69B601FB1804CE333C5A2C19 + 25BC8A5877DF9E574295380611D03FD2 + 46D2EBB58CC6E918F4DB1B1A0E39642B + D6B39DC76764E18108497E4CC4394057 + stream[192..255] = AA84DF8195B3F7564D0715517476085D + 1B40511A72340DFEAE5134C7BB8F39CE + 03E6EE15217986C7E4788453EF054027 + 8CBF6336073092EF661C13C7EA8B4850 + stream[256..319] = A7F0C413EE143F55C6356519AE620A9F + 4CEF8432C51E2677EB5D700CE333F314 + ACA374D86A8FD4A67BDC31C1B0DA2AB1 + B20E6DB91E7F85DC13E348314A4FC782 + stream[448..511] = 3445E08F13D09A1AC09EEB65451F4504 + 0AFFDE94F6C2667BC4D8FCBECD6C6565 + F09FD05EC660DD38307F856AACC95549 + AEBCF31B3FBE84FFB3261D7FEF7A3379 + xor-digest = 360199B22EB28401FB4F621E37800801 + FE69C809D83BE29A50FD1A476B6AAF02 + 54B1F4B048CB6423182C390B8EDFF1FD + 9CE49C26727F0D68EB837C19F58F3F42 + +Set 5, vector#108: + key = 00000000000000000000000000000000 + IV = 00000000000000000000000000080000 + stream[0..63] = BC618F4A557E5B7CB75B3572FFC31CD8 + 4DB96FD22E281C198DD33B5E9E419099 + BE30E84ED61C0EDEC04B1E16E06B40E2 + 372E0EA1A48DC55BFBFBE3355B566AB9 + stream[192..255] = 33372015C7E5749D98A92CC55CC22206 + 90BEC9878D3CA0AC50765D0B4457CE50 + 9BCE196BF0388599E692B99EA8169474 + 546F10891A3FCE22DFF0AF9733C2A2EE + stream[256..319] = 382684F74B0F02F7B987D37F6BAD97F4 + 20B4811FFC744CBB9F00C2855A609FC7 + 7CD24D0137304B95217E25FF45AFA4CF + 28E4335D29DA392D26DBD341A44C082A + stream[448..511] = B0B2B619708435C5DB45FFADD2FE4449 + E603FA9785E1F521E364DEA0B127F72F + 6C8A956CAF2AC9ABCE9772ECC58D3E36 + 2E758BDE3678D4F4C9804CAF11129BE4 + xor-digest = 80FC64E2441F6CA9C0F4C207007FD0E2 + 5F1C0514D203A1B01A6EEFD1055CA355 + 0174FAAD47ED0956A736A9404164ED85 + CBEB31F80561AAFC4ED8EDC9829D83A9 + +Set 5, vector#117: + key = 00000000000000000000000000000000 + IV = 00000000000000000000000000000400 + stream[0..63] = 69FEF0D5DD7CFA6590821B6C12E239E3 + 5DCDE7B218A66CF3C75ED278092A6228 + 143EC00BC16DC2FDB8CD9DDBD802AB56 + A4011F6A8CF432F2D34657AB84DEFA4C + stream[192..255] = 312EBF427B3D22A22EE1F85D89E12AE7 + 07160C9BBF4073E538171365290B499B + 8904B01801CC897FF09A520449A44D0D + 34622DB8477EF1E73DCF15417478FA03 + stream[256..319] = 83CF222FDBEB77FFC6E282C1212D8D1E + 014865E9C1251FC07E901A41A50A3AF9 + F8E130394F621B739578C7E238866431 + 10827799C75F08C47664B09B477F31A8 + stream[448..511] = 4130A8F8015F082EE8712B6D61178CAE + B1D3CF90AC2DB9F2D402F65E8395DE95 + DA0605E8540E553CFFBD029AD5BA8FB7 + 5950C2FB29097E13ED4A1B1818E0D07D + xor-digest = 21FA07F8AA2FBC12F5B2B14E034C2AB4 + 54D7D8DA66EB0308D9AB024DBFA414B3 + 38F36D188D33C71E888FFE1A6AC620CD + 55B33C1A146AB8FD275584589BD65606 + +Set 5, vector#126: + key = 00000000000000000000000000000000 + IV = 00000000000000000000000000000002 + stream[0..63] = 0CF41A77C30118D0931FF3142132A627 + 7A778D3BCF7466EFE56238B166A57043 + 2DB3B222523330233F81836282A27B40 + F6823BD076D84DC3B831DD78828F0FD5 + stream[192..255] = 38A0C28325566FBAEF5AB3D50D54F407 + 91182DEF4FC945992AA0D62134451914 + F07F16E86E20DB119692966E6CD6165B + 79BE7CE6C45D1248F2E0432393BFA726 + stream[256..319] = DE91DACF57B176EF6E59E485DF02A20E + 3A4EE5FF44B1AA3D7F36265221CC71EB + FB9565AA4F269B7DBF3CB9631CCBAAA4 + BBBB6BFABB97E52954958D4E7A283F20 + stream[448..511] = 8FFDC8CCBF864721D6C98E1896FA052D + 15141D9C3DFEB48AE91B2436C5C3D088 + 931470CE951B66C38998F15CF23BED01 + F6D95D84150D482C0C289A8E5B2C7C10 + xor-digest = 03DA7ADC3E5931928D3FD89E1E0876AF + 9D4CE659175E671D6D80EEA78F241AB2 + 86CE3C26DAE267D91DB556AE0CAA60E0 + 2B481282E6470A7A161AC8E84C2311EB + +Test vectors -- set 6 +===================== + +Set 6, vector# 0: + key = 0053A6F94C9FF24598EB3E91E4378ADD + IV = 0D74DB42A91077DE45AC137AE148AF16 + stream[0..63] = 425A5E6F68EC055F38383ADC5CA9C048 + D6455C56A5ACED215E22665185E497EB + 3A2F5C0D45057169965EA37FE19F5D83 + C95C4BEE11E8FA89545A38DD9D18AD6D + stream[65472..65535] = EFFA27F50B0B4C4AB3C7855CD5DD9EFD + B61783161678C9728B9032C2CB09A0B2 + D2578C53BF3C3E67D382BC89D824D63B + 20E62F414E4AC36472A16F4992DF4496 + stream[65536..65599] = 0111EEC218892B446FDFDBA9D0C734DF + C209D35FA86C1BEAC0D266E5DC4B3243 + 68B4263BA7A3517805D1501B36450FFA + 1544812EBC0B9DDED93F5D45C4D83FFC + stream[131008..131071] = D966650E1A27DF3CB71B1E64CD3E7EEC + 2D3EEEA2953E2FC5571B4380EA3BAEB5 + 3F014B4EE071A426E4A518E1AF335BD3 + 76309236760E0DF6184B3E34BF861458 + xor-digest = B234A4CB646B0C2792023EABCD3E974F + 1E5BF1D5DD8E07E5C11BCC47BF1F1DCD + BFFA3605A37008813029BFC32D1EEC11 + FE775D9889560C847C79ABB5C7181E6D + +Set 6, vector# 1: + key = 0558ABFE51A4F74A9DF04396E93C8FE2 + IV = 167DE44BB21980E74EB51C83EA51B81F + stream[0..63] = 5C1C44F155CF8595D52D003B7CE6C584 + F04708B55E3A8B952379A4F03C6C5118 + E0848F52C846BEF459335EEF7033CF25 + AC643ED139A9383B9DE13A5652E2B754 + stream[65472..65535] = C4710CE8066A43B7E7FFBC8190CA79ED + 5E14AEC2C153F83966322553D5D4824E + 782AA1C91400027395D74B3A39DA1925 + C6A757E36B48A8F1FFF12321602379CA + stream[65536..65599] = DF29C91A08AB080662764B01223C818B + 27DCB638FB2535DA034D325DF996F57A + 7F4C67BA94C72EA6C88112E575D55906 + 3C900A87B205A8144FC1717D5ECEB77F + stream[131008..131071] = 63FD83511C8C39ED3968EEC5FD281279 + 70626BB91625CEFA381AC48E166778DF + 63709701FDD99F4A547D8CD6F7324B29 + A9E0C025EA1BA007246941D3566D15F9 + xor-digest = 959850E75A99AA747502E7BA9D19D870 + 5895593FCB7BFD7A7DD4FB218F17DC6A + BC8B96520FE83F287429BE3B87D35D78 + C6F100D8A9561A149297CBC44306E5A4 + +Set 6, vector# 2: + key = 0A5DB00356A9FC4FA2F5489BEE4194E7 + IV = 1F86ED54BB2289F057BE258CF35AC128 + stream[0..63] = 696FF80A8A547A2E215C6E0572821F70 + 201A090460E7B36A48ED5CC976417DEC + EE32E7102AC764805E4A1BED3DF7D786 + 0B3BC625B121B5200629AB58799DC406 + stream[65472..65535] = 7BF69658F0EA9905897C1460D30333D8 + DA83E3F1377FB75D015D927365C7316B + 307CD91A7167B87FB13DBD4739F88A20 + F7878C2A483A4FFE1AB4A60840EF3EEE + stream[65536..65599] = A55326496CDE23F447CA6A4D1BE0182F + ABC30D61C7A9E655CD99273232CA6589 + FDDC8179038B720D5A12CB698FA50B28 + 9E6CF476ECE2DE213F44F9F23E8AB4FF + stream[131008..131071] = FB47C745519AC58C91CA9081B1DB0CA2 + 8662116EE04AC6C4171A4BD11572677E + DA507990B45C145DD21A56E1FD8F7AE7 + 1BC54AC550309631C12A80FBB27187C4 + xor-digest = 3B3E44A1154CA7C4B74A432D0427AA6B + 3B6D81FA45AB9D3A37CF075F57E62AFA + 15DCED3DB08B96F48A12B176ABF203D0 + 922DACF266985DB9D52A9D4AA00614E2 + +Set 6, vector# 3: + key = 0F62B5085BAE0154A7FA4DA0F34699EC + IV = 288FF65DC42B92F960C72E95FC63CA31 + stream[0..63] = 0A12311E99506D44616A24E124676D15 + D06BB6A73EDDA4E9767952E1FF698BEC + 593FF8E2422D80C9C55DD660C6622CA9 + 86140571D0958C070E2A8929C24E5562 + stream[65472..65535] = 6BF87D409915D407FDAA06FED0EDA87B + 8CC4F20760B7669009795EC87DFA6BB2 + 9825706AA3ED93F4197B28587D042223 + 7D1F6761D7F8D8F8B3E0421AE9EBB9BF + stream[65536..65599] = 290EBBC73FA33ED00E0BD9CCAE6ABDB5 + EB5E86C533BF3E69D24AE720D0FE30AB + F92B57C1EBAEBE8DCD0DE7EBBA5E8CB6 + 67669D286E0B8F8A3A53C3192D2DCE67 + stream[131008..131071] = B6082022254F783C501C08370D8F5678 + CA2F08825D4F7D09BF0868CE44DB1F5F + AE8D30C6380C3A20B1EEBD4083E58BC7 + A4EAEAA9D54117253784E4917C3A7039 + xor-digest = 2181364DEDEDCA0C6F51A4634490FD9E + 3E89D0D30AE94F5E75730E4B9E82FF68 + 5D82723A59CA0879C6B80588AD312CDE + 18723B80828EA4914BEE062A68EFDCBA + + + +End of test vectors diff --git a/BouncyCastle/crypto/test/data/hc256/hc256/ecrypt_HC-256_128K_256IV.txt b/BouncyCastle/crypto/test/data/hc256/hc256/ecrypt_HC-256_128K_256IV.txt new file mode 100644 index 0000000..a4784ed --- /dev/null +++ b/BouncyCastle/crypto/test/data/hc256/hc256/ecrypt_HC-256_128K_256IV.txt @@ -0,0 +1,2783 @@ +******************************************************************************** +* ECRYPT Stream Cipher Project * +******************************************************************************** + +Primitive Name: HC-256 +====================== +Profile: S3___ +Key size: 128 bits +IV size: 256 bits + +Test vectors -- set 1 +===================== + +(stream is generated by encrypting 512 zero bytes) + +Set 1, vector# 0: + key = 80000000000000000000000000000000 + IV = 00000000000000000000000000000000 + 00000000000000000000000000000000 + stream[0..63] = F1B055D7BF34DE7E524D23B5556B743A + EAF06AE9076FD2F48389039C4B24C38D + DFC3AC63A148755FB3CF0CB8FB1EDEEA + 63CD484036FFAC3F5F99FC7A10335060 + stream[192..255] = 2541F0EDA5633B4F47C6B74CDCC612AE + CD27E46B2C8FC9036A09C6FFB5891168 + 7A8FAEDC225E34C45B6E081EF5279FE7 + 3271CED417549740EAEC6616C2B6A57F + stream[256..319] = 0C8C0567803E2537804BFA15742D3E08 + A29985688DF3D6B4C3044464C1D1F2CD + 4CBBC470C9A0FB05665CDED63C58E466 + 896F80ACC020F134CB622487D40E0AF8 + stream[448..511] = 1FD448C788A21BD30D4B6BC5D8AEF296 + 2772940557B9434E0FAF636D576B0737 + 1FF3AC12884BB431F396CF7C189D9AAE + D42797128CE645FE841A4CAABA429324 + xor-digest = A3F66A36C20A496A0D4D537B6106662A + DEB5AE1E35FD1486EAB6039F443E5D8A + C6A2D4A2C2E2A9F335E2E468AD8BA51E + 550E41533332E6929EC18CE35BBF741A + +Set 1, vector# 9: + key = 00400000000000000000000000000000 + IV = 00000000000000000000000000000000 + 00000000000000000000000000000000 + stream[0..63] = 9244D2B190FE8C4BD0E17247C4F1D282 + 3FECA8DBE546637E34BCA99236D09F79 + 5A8905A1E0FA94E6C51F7DC0C90FFAE1 + A8EBD4C99CC96FB3252DE0A0FB03F971 + stream[192..255] = BC0ADD787A5EA52E28B45192399DDDE5 + CEC4E283181408E554FC714586FB641E + B36F3727358BDD8223B5ADC9B9EF1044 + 0F7CD97FCF2ABA75AA9972B277CD6656 + stream[256..319] = C9F6315DA3CBAE23D32685C5549274E6 + 9C17FB2E46746C5D3260FF2E00FB234A + A460776CB0E7AC3AF0D297825C1796AC + 0B689DB219443BF4C0D4D19CD70A49E5 + stream[448..511] = FBFDF6D40BF2DA0EBB04D52C117E9EBD + 6FEF88D39B8EF8B31082EE9B19D50219 + 183DC962391FA4F602A2510BB476EF4A + A44439F61D589933A1F3F633C96E56FA + xor-digest = 49B435E6FA51A0AF8DC94CF1DE09F8D9 + AD76E08C061B54CCD62EF98ABE85969F + 3FC41DB934AF9DBC5F32748623639D3E + B15124F13DA8B008CA5016ED61917563 + +Set 1, vector# 18: + key = 00002000000000000000000000000000 + IV = 00000000000000000000000000000000 + 00000000000000000000000000000000 + stream[0..63] = 9D74BE686C2DE8B207E8D82E49236A3D + E86F5A7EE231B4239080FC9A55FA44ED + 7737FA7472B318A4F36FB788E863247F + 7067C20DCA632FF051789E9EB99CF409 + stream[192..255] = 4876774DBB886B72E54EE8160D8BA8DF + 6DB032B2A9BA0B79CF82426CEADE421F + EF5ABE9976E909DBADA0442FFC7BBA2B + 009F7240941F0C209853A514B0BE9062 + stream[256..319] = F2499CCE5D3268F4C5515C365D2F4411 + B0AA99ED01E7D5328BF0672584AC65CB + E47BCA14C3EB1F838ABDB7C611677BC3 + 7382E84D05848B9838A166A42E96B016 + stream[448..511] = C855EF5D1CC991D2DDC892AD8319E39B + 734E43E443F5910D03BB79CCEBE70569 + F92BBC63363943BEF88BFA5809B3759E + 6BA4ECA1FAAC572228458A229DD5BA06 + xor-digest = F125B88E0B5F143B836AFD7AC822E027 + FF44B736E32627D90FA05F3DB98576E1 + 9EC41AAF9D61ADE2BF00E38CA4EC2A54 + 49EE0655FEAE777D67EE127E8A5F8CD8 + +Set 1, vector# 27: + key = 00000010000000000000000000000000 + IV = 00000000000000000000000000000000 + 00000000000000000000000000000000 + stream[0..63] = CC447BF1B5D138025BEA2B269E625C4A + D4451F3851F04F118499040C6E564E38 + 5C5FE17FA7AFAE9FA559CA4835AC1F40 + 1C045AD439B400BB41984DFE7E4D4CC4 + stream[192..255] = EEC14B65E027BC2A96E566BB89218A89 + 31C4AE0BA5C444929EF852EF7E400AC5 + D8B3CFC62DEBBC2B20A7B32E350E3839 + 2953B7839AACC06B2018280770F84B65 + stream[256..319] = 8870B4F9A62B37A1929973D3975D7ED0 + 505AA43002B14B55A541EAE00148651A + 111D6E5A1581F85FFBC2304783EBF5AC + E924CD8111056B1069F13100DE15EB13 + stream[448..511] = 1513F3B7A2458674CBA2B566F3AD6169 + 2BA4EE30687A07AF2FD0D340D92384F5 + F5BFD9B8DF2F7098A209C280F6D5AEFF + BC07D167720DB47B4B649C8593E6F40C + xor-digest = FB5EE30BAE44FDFDF105796FB8A66F69 + 64D502230C191FF9AAF5A4447533D02F + 05A3772B99F9FA2A075DBB8BA59D8D5F + F819784D487C305280DF2F19EEA8BD47 + +Set 1, vector# 36: + key = 00000000080000000000000000000000 + IV = 00000000000000000000000000000000 + 00000000000000000000000000000000 + stream[0..63] = 831F1DAB278C6226785209C0AD34759B + 9F205B7BC6B987DD145B949336A8FA0E + 4550BC1737DAE7DD7D12E2C062BF9693 + F08C2FB808A1F0A5887A06B93D132BBC + stream[192..255] = 76631E9D4A673D09B9769251433D5EFF + 3114AA59E1A9B7E21B4123DE3E34FBF8 + 4ED6E80EC29B4F75B53A63902C373EB3 + D644B8823789743CA407FFEBA4A1AA75 + stream[256..319] = ABD84B2A5479CDBC5587FB9EEC5DC661 + 5A3CC6136314F67AD2C96803E8E4BE92 + E33DC35F0DBF3C401AA5D7A9F46E54CA + A7ECD68E561BC08E6A5B847A82777E4B + stream[448..511] = 9ED1D44510201727B2E92B55DBE06BA1 + 46762AB34937364B2157292CE68B9D78 + 3D3C3FFD1FDCA836E4C4FEC750B10668 + 600C26AC05B4DED64F8CC2EAA0D22052 + xor-digest = 843D7B97B3316595111DCBDE3DC13DA4 + C14402936D68035CDAF9A1C168120B34 + 0EBA1FC47E957C5F69F369B4C2ADC4AE + 37E743226D72A9F122EC8E00BCAAA126 + +Set 1, vector# 45: + key = 00000000000400000000000000000000 + IV = 00000000000000000000000000000000 + 00000000000000000000000000000000 + stream[0..63] = D2D629E84843638274ACB79FA257DD9C + D48A08B823DC9F175CD92C5236B9D230 + 5931FDEC5A8F531B1ADF30DE0527AD2D + 0D2B253D008913558E0FECCA7D7BEA4F + stream[192..255] = 6F9322E84D69CFD6A1E589283CD028D1 + E2A114B719FB2E18E732B97629313772 + CD2F2F8AF77EDB5B4360E4B679441346 + 03C59E88C042713C3E403E5D93F9BBC2 + stream[256..319] = EE7BED6C85B20E0A39C103D0B6949F4F + 5F6FE0DF2BCE315CCCEF6E537C488525 + BFC27FD249A6D36548C558153661861A + 78422A563166BBD0D72D6D7876FB4DB4 + stream[448..511] = D2CFFCD4185EB1D8E15B629225B9C278 + 6E7BFEACBFE29D7AF396B3D5917A8038 + 7263018C7E98F49A1D5FA4B64B8E2AA0 + 7192ADE0376388E8295AE5B54CC51389 + xor-digest = A26BEFF2FD72BE47175C1B6F3D749CEB + 0E3472FB0FD5E173DE66A5BB60357565 + 505E3AA44A67651DCA75DFB6F0AFCFE3 + F4C89F064FC42D7C2953694B0CD47832 + +Set 1, vector# 54: + key = 00000000000002000000000000000000 + IV = 00000000000000000000000000000000 + 00000000000000000000000000000000 + stream[0..63] = DD1649517BE76EFF747658F0ACF5D354 + 2C7FFD52F09FF7DDDFBC48487450607B + CB90ACC3406D0302E84450FC0BFEC660 + 9BD44C7FFF670D69C9B19FA50C62EBE3 + stream[192..255] = EEACF8ABD7D48E285A6658C255A6196B + 66B091773A9F81807A119DC24023D5C9 + 041AF75F2C078C5246BC5F50B622A678 + 64EB7A07DA6A8764437E20C7E1E0E579 + stream[256..319] = BF55E777AC644A0938D438FA374360ED + F842BECB027FA3A0F364B9150FFBEB47 + 09FE2D2056A6CD5A7076172152484BEF + A86EC7DDE657307580BC6F9ACEDA4C73 + stream[448..511] = AB4CF968EC00E7F08553A10270A7D439 + 68B0BC79C2DAE278AF1CB81FD516CCA6 + F5B8A47271FAAC3223F02DB4D0D5945F + 9C13A47906B03B80878CB0596D37CC47 + xor-digest = 76ADECA36B9401DDD5CBDEE821B70FD6 + 65EB9CDB1E3F25C0BE90DEC49C03A9CF + 4049CD34F9550B28E0187B0AD47D86D4 + 88DE4617EDB5F03C67FA2E7B9D20AA25 + +Set 1, vector# 63: + key = 00000000000000010000000000000000 + IV = 00000000000000000000000000000000 + 00000000000000000000000000000000 + stream[0..63] = C0CEF6E3CA9F0D523587FF47973FE896 + 9FEB08773E3C694FBAC4804B37121B31 + 06B99ECC2A08603EBA72EB3DC650E8F3 + 462119F4685EF4CEA18D5765A6F22765 + stream[192..255] = 79E92E248BA61D72C610876D3078F1CC + CAD662F2423E7EECA813133136A64E54 + A1B6A151BECD2B815EAD959DE8E8DC62 + 8F388D366103296A058CF60F525D6467 + stream[256..319] = 03BD62A0892D939C1C28C4EB490F87B2 + 527536AD6790AAA6C3CC50013E2BB883 + 5710EAB7916FD89896B7983B326AE271 + AF9ECF975CDBBB968D076685BAA3343D + stream[448..511] = 98762E306A2B9D488FFB671D3975551E + A06A6CFC5DB719B888E3164387EC922F + 12BC31A8DCAB8AC0CD6E12212CDA3B13 + 4CF7F870221D6CDAC2B222AF4FD93DEE + xor-digest = 606FA49585621E34BCC3748C06B51FE5 + A8AF320BFB83A4D1D3AEC6373519B28F + 2048A975732BA8DEBDFC5F85B84E7C3A + EC0FCC9B1FA9EBB9D79D6B18BA2D70B7 + +Set 1, vector# 72: + key = 00000000000000000080000000000000 + IV = 00000000000000000000000000000000 + 00000000000000000000000000000000 + stream[0..63] = 33A81D48866B04388451BC2730A2980B + 5F5BE248369911340E6C024A1F94D4FE + ACFB246F7C0B9E27A40772D68DB36DE1 + 7E87AEF19C8A68854A46B3F654E0AEC8 + stream[192..255] = F67C60413B25FF7CB8647D1E9C361696 + 3B23ECE23A9DBFEC644E855AEC5212F2 + D336E6F074EEC8FF5F8D4FC6398AEB9D + BCAF6C29FDFE6E69A03D906C527FB0B5 + stream[256..319] = 263D512137BAB758F646C71058D02B20 + 3920965D84E52A99B50FFE79305E491C + E0D61EF71F7A07937CEC8590B758F63E + B3EB5890E8678F170C2E95B827FD8DDE + stream[448..511] = 023AD00A87D3D9441D4E8CB603F5CDDD + AE8F3EBFEFB9C5435B72B9B8D03ACDF1 + E4A0FB796FF8401854998015905B878C + 99B3EDC7DD33A86AD4EA6AD208440C5D + xor-digest = 5DAC8E3446BB3B0DCFB3F0A3A3E788C6 + 07FA7436C63BF7AC9FAFCF4A231AFAC7 + 75A3A810EA0FD4E5E6A5B8FE5D165A80 + 798A9F58EE1AD27016E867D2E774507A + +Set 1, vector# 81: + key = 00000000000000000000400000000000 + IV = 00000000000000000000000000000000 + 00000000000000000000000000000000 + stream[0..63] = B33EA681CA88C80EAD8F2D57C87EA42B + 742550FF8AD2B01BDF945BF160AF763B + 15D6B3BD92E6CF3E6A2B61A7D4BB94AC + E3DAB365E4EA50EBFD2654E60CE849BE + stream[192..255] = E97318BDF61934188A94BCFB4441809D + 36C37D1A43BDBB3EB06FFE143B6153FE + C8453A13387923F434CFC7AAF8CBA097 + 7D796DE95EEFED3B2126B611F477619F + stream[256..319] = 4183971367E71731111D2212520306E1 + 1CBEB05BE6FDB338414C826A8E359C7E + CC680F317C12C6EDE6B443E68B4767AB + 4190E95E1AE4E4FFE61707BE742775C1 + stream[448..511] = 56841724B7D7F95809456EDC1D3A532F + E1C6BA252017DA90EEC71FEE9A639A89 + 4CB7E1575494BC8B44FE4C5DAF90FF4C + A32E03D6399BCB3D9D25B62764A4977D + xor-digest = 3E80587D70A53AFFB96A62F6493B9BE0 + 1C25339CBFF7784F5100A7922EE3E6B9 + 9D17B026C0EE69C5383F63E0E5AEE9DB + 5814E2C526192AEFE17004AAA1996280 + +Set 1, vector# 90: + key = 00000000000000000000002000000000 + IV = 00000000000000000000000000000000 + 00000000000000000000000000000000 + stream[0..63] = 51A7510726D12FE9574095633A3710E6 + 3EB8196622BC808B8A18800E208648C9 + F7031F8171B71F37613753A5E49B37C1 + CBC7933A52CAD48601E91CA198EC19EB + stream[192..255] = 286EF1C4F74C993A7D783E86527CDFE5 + 213CE4DF7EC72544685291D8108C7621 + 50D488AEF761D819781814F4501553CC + B45EDDA85828C33C4D0608169AD20B2A + stream[256..319] = 89DF5C916612EF0ACC1035EB75752239 + ADE08E0D63B622EA52CC997DC8178C4C + 4E57951FC8C6659A225E88502742B888 + 1F300FC9F278AA3D9C1063A83CF33C44 + stream[448..511] = B2DE3AE2941AFBDB21D80ABB0EB852D3 + A076D98C696F886C302D96D6AD226CA3 + 7B3213B3E641632B728A0AC7131B74FE + F733D1B18666D36A02C148FC98AD2E89 + xor-digest = 01090125BA6C43AAA3910B650D046F37 + E04896E9D2BC276D969A10C1B26FAD48 + 8A2CA5E59044ADDF698588A561557669 + A4EF25E1BB85C0A9D63F69FBB2924F83 + +Set 1, vector# 99: + key = 00000000000000000000000010000000 + IV = 00000000000000000000000000000000 + 00000000000000000000000000000000 + stream[0..63] = 545E2C75365948B40FFF042EB6919907 + 6E63EE636CB343C51AF6C17BA24E1BF5 + C045B0893B8CBDF6A4068F8574513676 + 80000B10BA11666A546D8DC75374F5BB + stream[192..255] = 9805DCB5596FADF01224553F3A8DCC5C + 909D1A5EC2C29BA0DB86A46ABF70BAF4 + 4A171739309A923428EA7BA8EFCA5CB0 + B0B8A5EFE9A4A39BE0EA6CEA782DD862 + stream[256..319] = 531EE320A584EE1E4E0701400F86DC29 + 69531C2BB1BC922CFA9E0919A05B84C2 + 46495A7C358015724B62A986220DFA17 + 6BF39FE4263A9D27D93F3737CC1D5C59 + stream[448..511] = 92CC0D63772783AF62E642A5849CE7AF + 4D21EC815D644F88887242F4F5F7E1DC + 55E241D72691ED50D59CB3E2FE68A856 + 7696F8B8E3099642D70EC3945B8BA656 + xor-digest = 855CFA62E449250845472BCE9453BA45 + F91601ABA6BB715B079D407E05D94CF5 + 93B5A1E2C12C04C78AB719339AFC11C5 + 213E17ED9DC2B0B9CCF751E0613D4F2C + +Set 1, vector#108: + key = 00000000000000000000000000080000 + IV = 00000000000000000000000000000000 + 00000000000000000000000000000000 + stream[0..63] = F9748DADA2741A7CA30EFA167ED09978 + 71619682AB68CB400A74BFD642180CC7 + F3499CE2CC86AB7727786DD01AB8D08E + 8774C5A3CFB4738FF1E3243DECF720FD + stream[192..255] = 5AA20B305F5D6363180CDCD4E16427E7 + 2E3DFD73D2C4E2498008F6E0FA9CE3BB + D751F6EB8DD5F48EB42B994688601E3D + 2CEB3DE19BF16C4BD7FD4B331FC93473 + stream[256..319] = 81E3D9BB421CB09A9139534C6E430668 + FCFCB87E48CFA085D4FA1AB316CD5AB6 + 35294E434852C1509C1023A85B26622C + 68BE19944CA3233A4D3272710A791E3D + stream[448..511] = A499D228204BC22C32047DF550E2CCC0 + 260ECB7BA32E8F5CBA2C1D9A09D1F38D + FB30815BA3C9A8D3243CFE7AC4A14B1A + D6AA67D3EC0A5CB617FAD57E41A2A0DF + xor-digest = 0324B7F1BD990F8DBF19C021CCDF741A + 1B4A9C3C3940CC59CD715F0B2CC31C08 + 82E5B93721AC98B00F7B45FCCF19FFA9 + 782B7D7FC048F0756A29B066B472B394 + +Set 1, vector#117: + key = 00000000000000000000000000000400 + IV = 00000000000000000000000000000000 + 00000000000000000000000000000000 + stream[0..63] = 7EA95775329E2D1163E30F429FECAEF4 + CA177BB4D3C4D1AEFA6B5A01904266F7 + 7D7B7243B9DB1490245EC05129CA2DBE + E3A98885DAD0B43B0E725DDA39B444EB + stream[192..255] = 78ED15A7B4A8151F384C740B844115CF + D4FA31F9BC16E22158B0F896E70C0F73 + F74AA5EF024F6B386ED71239CBD57996 + 4583C37104AD8C7E5C812C378AF00F98 + stream[256..319] = 292FF21E49659AF99AB21753BA2A2B28 + 25DDB156D4F7AFC1888FBE8376AE4C6B + 905D5916121E9F9D76C83FB146ADA735 + 2AAAB6E89CE9398C484D69D1A33F0C97 + stream[448..511] = A50FF5FC20C57F8297C9CE2599A3E6CE + 3193746E8C45FD9AECA0C5A0FB3BF70F + 5981B5BA8D2FA57677EF65B535FC3E65 + 405BECF0A508445E36A7B6DE2BB56106 + xor-digest = D9650FA5D128620134828E1C99D9678C + CFD5BDFADC46A5E79D47AC5967B8A1CF + 32F7DB65B949C88CCEE0D96D960A110E + FF1D09EF5549B88D5B53ED46D4C2F296 + +Set 1, vector#126: + key = 00000000000000000000000000000002 + IV = 00000000000000000000000000000000 + 00000000000000000000000000000000 + stream[0..63] = 25874CF64ABA4536844F815F486F9DEF + 927E325CFF2FAC48134A4D30824C5BF1 + EC75F8FEFC624AFCC717BF2C8EAAE374 + 0AF399C2653389DBE31F9FF5D451D362 + stream[192..255] = B151A1EDCCB8B4A3CA9BC98F19EFE637 + BE2D6A97A8F794091E7FFF06E7B4E574 + 46B81E8C787BB77E461592160C44B5AB + 49329142D01A1CD5CFC6681F93DF1E33 + stream[256..319] = 29B2B0C04E07D33EC3146E60AA305F0C + 2288913B55DDC18FC17EE836B39193DB + 87089DF2BAC4185A57E910331864E25B + 540BBC968099900F7BF18645A28A419B + stream[448..511] = 286FCC98B40EA26BFCBE5CDEE52B30F5 + 810CFB26E756C628B56B3B5ACDA49E07 + 192592CA2241C6C5193221EDA36CB0E7 + B5C3132F08087DF0673D3101FC559962 + xor-digest = DBF1D7E0AC062FE6BA9834F0AE41ABA2 + B28B41FDFEF914F070007B0A48EE9D9F + E69DB8395BECDBA7B545201318177A49 + 7D343A317B5A37A9DF98DD25C84DF948 + +Test vectors -- set 2 +===================== + +Set 2, vector# 0: + key = 00000000000000000000000000000000 + IV = 00000000000000000000000000000000 + 00000000000000000000000000000000 + stream[0..63] = 5B078985D8F6F30D42C5C02FA6B67951 + 53F06534801F89F24E74248B720B4818 + CD9227ECEBCF4DBF8DBF6977E4AE14FA + E8504C7BC8A9F3EA6C0106F5327E6981 + stream[192..255] = 30DA9453A90909A5675D6B691CB0990F + C423CDD8222EB47245BBB67BCA2B9C10 + 8D1F016DF0CF8CEAF6829910916DBC1E + 113D11E91BEC3D85C47E3042EC865658 + stream[256..319] = CAFED71B892EDBE13388CEF6A3365797 + E0D88C0D3A5B91BE4CBAF5162F69558F + DBB45CA6F8C8D4C371D62736EC244584 + 60131F54854F3EC804AA9A38E6ADE281 + stream[448..511] = 531A0ED5D2A51DDC6499FE1BB6E2295F + 2C3EA0F56AF46ED93DFAA4E16F5F0831 + 2D77BD0E9122043CD6A202CBA9351F6A + 0E8E6263F4017355136A0C551E6FD0F8 + xor-digest = 023D719F61C193E4CCD87755C87F9604 + C5A29DD7E31637B3DD70D43441D48CC7 + D474013C85EEAB1897C80ED0A0272543 + F951C72E3954616CB5D6B51FC24F4B0F + +Set 2, vector# 9: + key = 09090909090909090909090909090909 + IV = 00000000000000000000000000000000 + 00000000000000000000000000000000 + stream[0..63] = F5C2926651AEED9AF1A9C2F04C03D081 + 2145B56AEA46EB283A25A4C9E3D8BEB4 + 821B418F06F2B9DCDF1A85AB8C02CD14 + 62E1BBCAEC9AB0E99AA6AFF918BA627C + stream[192..255] = 3B3C6E78A8F381EE2C159FAE1C487C58 + 11FA9BB02CECF7440239FBB0497347EF + D8F1A8AA71AFC70ECCD64E81388E6E87 + 9521C2B47AD84F9CFD9E240D8D2F3001 + stream[256..319] = DB04FD01BC18D91E2D31237AD0FE26AD + 3C8D6A2EFDAA9CC11BFCC61D94F6104A + 4091B3634FA57AB0AB9B209F22DA5529 + 75C3C322DEBE4AE68623BFE1B2BB7F0A + stream[448..511] = 35B290F85EBA78A978750690C4747E8F + 72621951483772E8B89876CC5D55F3AB + 02D9B8FB35C741279FF9B5B571B26329 + 4D011F813CB5B209CA1A22D532BF09B7 + xor-digest = EA9BB65E87C987EA64BC3F4E710CCC34 + F6CD0A795B8347E1441CEBEE35540D41 + 64FC2B95D71FD47A2C4ADF732261EE52 + 8125BE374FA4A90132CC1063971A2862 + +Set 2, vector# 18: + key = 12121212121212121212121212121212 + IV = 00000000000000000000000000000000 + 00000000000000000000000000000000 + stream[0..63] = 397F8EC015ED573967938D1CEAFE9BBD + BD8853C329B3A881B489090853FE0F43 + 89DA105F0ADFA9CF51DA2521C40FD2B8 + FB0BF80B93E3F2B3D8A8EB1C615E0FA6 + stream[192..255] = 68E7DBF465E3C6994D58B9937A866E4D + 43A82A80DAEDBF29C048639BA38B690B + 7ED11323E3C0A8E77A16356705431EC9 + 9F2CB7F7E1ED3B83EAF2CAEC00B00755 + stream[256..319] = DA51CF3A07EBE7E86E9DDDE5A47E7417 + 376F334E6AEF9C187012C8AD2B94BE7C + 00A876756EB232510FD0798E72EEC87F + 75EC1467C07B3A1EFB0D51A5FA65E382 + stream[448..511] = 0BF3C6FF6794887F2776FD632B83682B + AAFD131432CFD7D2F675E03320395313 + AD4ED96E9052FE6B2D2A17428660A25E + EE642B712800BE3F7E44F21A1E6A03AC + xor-digest = EF4E84DBD66497B142EEAC56B830FF78 + 0465CEE20B9CFAF5727D4B3A588F4D00 + AAF718330CFF35508C44C1ADB8476625 + 2CC3AA6AAAE74F8BF1DDB6D4AADA425E + +Set 2, vector# 27: + key = 1B1B1B1B1B1B1B1B1B1B1B1B1B1B1B1B + IV = 00000000000000000000000000000000 + 00000000000000000000000000000000 + stream[0..63] = 72BC8A6E1E61E704B142AA00812EE676 + 263C1CB9AB941119B19D15EBA3462F56 + 2F69220595DE5E0E7C595FA40F1F06B2 + 6EC32252AF05310809DDDFAE2E24B170 + stream[192..255] = B29A740B51B4EA1080666337D5551484 + FFED6860A5125DC0573C8F90F23A98E0 + BA7B3E4C28C2CEFB1C33D2C36D1B7625 + 64B9A67240CF174347A4C8D868F00F6F + stream[256..319] = 555ABD5577A8909797FBA9769C03A0F6 + 537C06AFB23354F054E25457B729B534 + CD10B2ABD45BE3E38DAF1B7A9103268F + 4FDB4C0FC9A80A003FCB907E8F249AE0 + stream[448..511] = 3B29A43D9C795DAF1760CA9EB57C0B39 + F62D54311207B617B727FCCE1B2E762A + 060810C4DEF672E7D76083E3E4BED0D1 + 0BAFD27CDFD2C937E660190D36B3FD7B + xor-digest = 0B3B0B3C69F2E4BDA22E25AEF352234C + 18CC5E1E3F6A317ED7257887446EF734 + 65CA15F51AF5E077B7915062391D8497 + 8F437985DD08F5FA3A8D74B3227A6EEF + +Set 2, vector# 36: + key = 24242424242424242424242424242424 + IV = 00000000000000000000000000000000 + 00000000000000000000000000000000 + stream[0..63] = C845BA29D542FBED2D021C85188E119F + D34967B79D9F44635DD45D2E41DC5AFB + B237AD2FA0E4CF4202D83DF3073C578D + 2AA8A32D30FB45DE28F23CEB85E50FBF + stream[192..255] = 15C910FDD3C590AED1ED7DA2A7969297 + FD12081B4B23F0A32CE5B3196173C7CA + 7EDD03F9637E08CA501C4850C15B207D + 7AA724377396CED2357B572BBF9E69AA + stream[256..319] = E484AF567EF80BAE77461855294E9280 + EF57E7366605785034D639D6DE3EBB0D + E21886D0E1E0679BC2E2C9C2D9201484 + 4A452B6AD3F1AC8B7762FF3C0E405B3B + stream[448..511] = 595D9855200786BB575FF7977509F395 + 7879CA1F19619A99174BF013CB62F85B + FF2C3C4FE724E26DD0C10D7635A2491A + 9E7E868D9DAD9201465AA178184D06AC + xor-digest = 08737B82505F46F4FF282EF42F387AA8 + 0450058F5314389BB73733BC163D75D5 + D32FC6408F8DE5F6ED2050027D605FAC + A7119FC2DC1B6D3E84E8048DCC42FBD2 + +Set 2, vector# 45: + key = 2D2D2D2D2D2D2D2D2D2D2D2D2D2D2D2D + IV = 00000000000000000000000000000000 + 00000000000000000000000000000000 + stream[0..63] = CA82A689535CA8BAE01BAFEBA6504B3E + 6E6320101999BCE5550C2BBC9BC65D91 + FAA2D72FA4BF46B6EE916244048B1D09 + A115E3AB6C00BAC8EE382B58859E8157 + stream[192..255] = DE787B1CE01B0BC09801D78D1FFA3A82 + 0C18B867C561E96DF4ADADC5A4375E44 + 5A34F9457E5F8C9A337A0C88DF0F723A + D4509F1449DF2C6AEC0EADF4C7A8139A + stream[256..319] = 7E1854FA15DF9D5827F1555F12B292C8 + 452A1A893EF034C51750388D294947EE + 3F505839C69C1708E8323C449C39A96B + FC9EC91B0E1CAA8112057EB0389FDFD2 + stream[448..511] = C85B42B838FB9C3D4956C9E22FBD8FBC + EDD92C4461EFBA5CF1664B9AF54857BE + C3D00319E5E8A89A8322831151EE1D52 + D8585AC79CB60B61ED2C852D04BB0FB1 + xor-digest = C65A6BEBC4FE898DB8D6B8F6E8F3680D + 2363BC12259B0FDB2BD8F052A572ECA8 + D1EF62AA9A48497805A413742B5AF5A2 + 6DC9FF624B49E5D6FE58BBE5251B4983 + +Set 2, vector# 54: + key = 36363636363636363636363636363636 + IV = 00000000000000000000000000000000 + 00000000000000000000000000000000 + stream[0..63] = 9F6BCFDE566A1B67C608F11B8461E340 + 42D4F07DA4D5EB05554CB7426D65C5EC + A93C2D321175B6F72FCBEBA6E38CB098 + B72534F7D534B1AADD97B77E8513B482 + stream[192..255] = B2466A173F436C8433F264CBF125B8E4 + C10BC81BD46B5C21FA161CB2AE07D27B + F66812A2C2FCB2B14C23E413CEF4E591 + AD52EF810A000B42E5C1B76EEBB17739 + stream[256..319] = ECBED2058DC50223614EB8635B834C3B + B176719C18CA5E3D087A93E5CDF81123 + C6FB819CCAFB5042AADFED5E3C33116A + FD92AA21031165A22F4751C423B8B945 + stream[448..511] = 758BD9435DE607867DA256064C304C8E + DDDF5B64173CF2C98B2842992F8C5FE1 + A37C3227B7F37D49A39F9FF929A883FD + 56DB8B1A174E1E55FCB21C9E1164C20B + xor-digest = 31761A49503946701D35306FBCBE10E2 + 02967E7EC14A328B4DB19FE79F03553F + 13A012B7297B2D02F18A216AD24A682B + 299518C3769123EE86A4937DAA9FC39B + +Set 2, vector# 63: + key = 3F3F3F3F3F3F3F3F3F3F3F3F3F3F3F3F + IV = 00000000000000000000000000000000 + 00000000000000000000000000000000 + stream[0..63] = 85C7FF83641ECF1C91B2D996D4EAFF6B + 26A4E7E34C0CA9CB9399F655E566383E + 246143F57776C8E08951E87F76091FE7 + 2356CC901F09A07895A890AECF047B3F + stream[192..255] = 4CE0C6606195F7562D485E32E8E105AF + C862100A07E55FB449BCFA2D9BD48658 + 958B37B3EA3565FA66824102A14B5770 + 5E3914E0680E116ED58212CBF61028E3 + stream[256..319] = 3BB772A5A8DE2AB14CAC1ACBF45B1701 + 057710F24C01E680F58090B8E949AF01 + 8970A43A698A04C0C8639FAA665DA3AA + 562B2C5C3A03BCC38FE75DC1821ED718 + stream[448..511] = C73DEA1F7BFE42DF75EA2681BEB31948 + 821FBB049DAD15B988A77C0247868A38 + 2056B66F47B0195FA30C9DB5A2334A9D + CD7C0D22E479FAE1BBCDFFE60F261C7F + xor-digest = 94D41CCAD940CED3C854DA0796DC62E5 + 6B566A980E34F353CFFD0F53AE9E34FF + A6A057645FE66D86BE30F93805D9E2B5 + D78C68EEBF61CE387277A51EB2EF835B + +Set 2, vector# 72: + key = 48484848484848484848484848484848 + IV = 00000000000000000000000000000000 + 00000000000000000000000000000000 + stream[0..63] = E45194379659D1D8904DB3698AF8B245 + 762910B7FBD019AD1AA20A6C433B4C80 + 308A9EA68697631646BF3A2107C4E7FE + 2235E8F3262A9DFD3F5CC23FEB0B2DAB + stream[192..255] = 012611EBCFF9F839DDABF99D9D4757DA + 4E947598C4757976F6F61DA5F0DAC8BC + DDF72F08BA2F446FA37F9A490F6A2B6D + 79227C93271D6B763DA7B2A907220A42 + stream[256..319] = DDE54F9170D6A4702CAF45CC6F799F74 + A43D83AB8ECBAC5206D108F869561D70 + F151A0037F8E28951B5026643F8B2D6D + 56A62E259F04A5EA304791A9468E66AF + stream[448..511] = F70794C084E6EDC07BA0347413B05FC9 + FC46994CA820CE4FC037ADBA50EAA9AD + 55064ACB7308CFCE3F35AD5C7C628362 + F4210FBC2D3264F734728626BABF5356 + xor-digest = 31815B36BA034BB1941DB1E45A941A59 + 7C3882F34BD3BF441CAE8A9790B05BCA + 72049FD10C09A14AC9DB867A82C38A5F + 524C72F783DFD16980DBCDEB486FAE96 + +Set 2, vector# 81: + key = 51515151515151515151515151515151 + IV = 00000000000000000000000000000000 + 00000000000000000000000000000000 + stream[0..63] = 3C04E21F6937C4EF472BFDDA89F9CAF6 + FF53889A9979ABA8F23AA51DB1EDB8E9 + D08F696C1100799A7D004DEF1CA94110 + FCF0C054B0C131E6FAE0FE2F2DBF22B3 + stream[192..255] = 9B4ED3EF9639B953186FC7E732E7A9EC + 55A5F3F19C5A10E12EBE46DD84F10385 + 33837693588D584FDAF86E3A217C3CFF + 020278736F1A90CE07F0DCE4329005B9 + stream[256..319] = 135FAD68B5282FE59B28D2DF66463632 + 06CA92E84A73FA131EDDCE89A5C23B4D + 08FA57D455BDB32F8ED58DAF3EF288A2 + 7C72020E35DAE19B446E4C52DCDAC5B1 + stream[448..511] = 7D08FE1CAA0E8A0362669B310B99127D + 18F2111002891D3229102D72605B9BEE + F5DA36059B0DBBA7646927650305431B + FDA4A97570CD0C484BF1E974B157ED7F + xor-digest = 5125E77698C0DAA89A7E47DC5D038D40 + 7B732CE56CEB674CE653A1B6661B2740 + 0C092AFF83BEEE4FC4543B9D725C9387 + 2F89AA338222ED677BF59397200AB304 + +Set 2, vector# 90: + key = 5A5A5A5A5A5A5A5A5A5A5A5A5A5A5A5A + IV = 00000000000000000000000000000000 + 00000000000000000000000000000000 + stream[0..63] = DA2E6F7FF0D1F1C87A97E028D3E20E21 + 75E9AD91482965B651B495AEE819CC6E + C42AFE2C20EEACCEC4E90710D17210E0 + 4CC6832905985322C8007F872D3E58E1 + stream[192..255] = 09B0A38E19DDDA08F7DFEF7D0FC80560 + D692A020F0A66F609374ABDCD1343722 + 05F19CA04EBDD3009844BC540C1B2B41 + 66D45E8A2E822B906DA34649E7FEEBB3 + stream[256..319] = 6C8E2CE1D7FABA414432E75BA2EFE4AF + CE2CFE99506677A956AEC86BD290B6AF + C5298A448D0DEFA99AA5CD26D318982F + E786D809C713D5A55B42CA6650191DDC + stream[448..511] = 845FEA0A88B521CCB8927C9457AD3225 + EF6E3C21705EC9FB24873916A2C24668 + 963C03FE097DA8224A42A99E5DFFDC17 + 68CF518DE49CCAC8A70216C62C9CBA6D + xor-digest = A46BFD9D2D0BCC688A032F54733AB7C5 + 5FF58B296071D5D39349A531E41F0BA9 + 893A1722B6102740BC5FE394A49363B9 + 6A626AB43FD6A288CD9B23F7255279F8 + +Set 2, vector# 99: + key = 63636363636363636363636363636363 + IV = 00000000000000000000000000000000 + 00000000000000000000000000000000 + stream[0..63] = CF0E05248AAD82F1C8CD2095ED2DA333 + BCB02E3AD8797377AE1F1B4D6DDB86E6 + 2A59791CB553550E0492FAB42C7A2C42 + 3157C5092D2DD37D46589F17FBD86584 + stream[192..255] = 9E946626F1EAAEDA42E52422B4A84D91 + 4122EEE5736BCD12061C77DF5B0122B5 + 1784E946B4E93470170ACDD7E2779591 + 57BCC9B9F3E11E88BC2F740AA0C10C97 + stream[256..319] = FF22D8196AB3DF662210D12D0FE79255 + 6DCD39611C07F089979CF7D693A30CA3 + 5B795B7F6D64931916E717C8BFB92114 + DB75118BDB51D142CE8133415C6B3456 + stream[448..511] = 971F007EFE17662D95F47F4F28266516 + B22A1E50755EEF19149DE3A3121F5FEC + E0D9DFE7A055026CA44193542D7687EC + 695B97769BF02F92C1EF3D904A8010C6 + xor-digest = D1C4878BEFCE48888A43C6DDE7CC8163 + C8D54A4CA36748C74721C7B6E1649A31 + 4B5B7A4BD43E7C3D2A22F0C8446C7892 + 90D54D421D37CB16400E59CC86215CC8 + +Set 2, vector#108: + key = 6C6C6C6C6C6C6C6C6C6C6C6C6C6C6C6C + IV = 00000000000000000000000000000000 + 00000000000000000000000000000000 + stream[0..63] = 54F122FC8ECFB176E7F4CF172B2D78B6 + 54BC11ECF0010D2AEB9F899130F4AC2A + 38EBC15C8831D591E6675DC1CE7A471C + 4B869FE83CBF37AC70BAAE5D4AC607F9 + stream[192..255] = 518F298A6008532EEFECB3DCF72103BD + 5E3F84FEB6EA2311E8C19A2E93A9C3C3 + BB1DA7DBA78D5618D1C4FA5B0B202728 + 62645A361E55494D66C9359E41E5809B + stream[256..319] = BAFFFC9206D1D813F3E2768F08D78B2A + 89BB20CCD92E7F13FDD816DD4E4963C2 + C5FC2570CBB8BB5C70848B73001F508F + 47AF179528200F51CDC6E4854EAA63C3 + stream[448..511] = 844B1D15FBFD1264169279ACD525611F + A39C7BB41F1E7A1C09090625F7926E51 + 23A4CD7FE1A3F37ADC67AC437BF0A5AE + FFFC6FB0ABF39D9908145004AA5B958D + xor-digest = EC67596C9DEF4012A2D543842829306A + 4285A3B8038818F265065DC848BD80FE + C27C2F66A57B27F7FA8AC912001EC954 + 05BC6E93D7E555C59060F5D2E294D103 + +Set 2, vector#117: + key = 75757575757575757575757575757575 + IV = 00000000000000000000000000000000 + 00000000000000000000000000000000 + stream[0..63] = 91D2772A18995DB3C0801DD3740F4466 + F9535E5BECB93DDCA0E94D19C0B57BDD + 0FFBA9DAF0B11D55C852927F8BA560EC + 4999E25848D08FCA7275E7E8571A5F1C + stream[192..255] = 72E64FF10CA9F07CC493715724DA7610 + 9E4358E8B0CAE451348B784A162DF036 + AB9796724D17FDBF356031D080A6631C + D1E8D217B041AD2EDF427972653206B2 + stream[256..319] = 4054F770C93FCAB533143FFCA8E4C0F3 + 344956C29D10374E502C2EDD177ECE5E + 6625BAD9630DAD57976216CD69865058 + 130B132FEC1AB0C350DF4DACE4C7724A + stream[448..511] = 40B4A4DD63F7B6E932482D0E6F5BBB90 + E402466550B518A177CD05985D238827 + BD92EE7EC22C274F19E682F85ABDAD95 + D0EBB3DB6C6134408353C8B0472C9A1D + xor-digest = 9A6C893F2108D13A29373DEDA65386C4 + AC356BDDD4A3178952F9126E322B7AE6 + 83C94F1A131CBEAFF26549D9F84CF04A + 1241FA374B055B0ADE7E49E8EC669E65 + +Set 2, vector#126: + key = 7E7E7E7E7E7E7E7E7E7E7E7E7E7E7E7E + IV = 00000000000000000000000000000000 + 00000000000000000000000000000000 + stream[0..63] = 87A7773A3514EB7F882F2C491E90DCF3 + 059C5CC575D806B9029CCE3FA45A246E + 0EBD3AB2F2E324FE36ADC3B56AE2F7EF + C710AA964CB87381386C2A88B1308035 + stream[192..255] = 415D6F59DD004944D4E45FECC6F1F06E + 20BEB18D9C84187C347F43B17E0924F1 + 2348F825E106E57A00258CE4415294D9 + 4323A9812D8A71359CEC1001BAA0D567 + stream[256..319] = 8E20F0D03F37EF4B2C5EE12B5F81F7C5 + 32D62E779FA0D2D08F8ABB6B0183A4DA + 4EE0329215F261D953150B9AB9FCBE2F + 568AAE361EAA8636ECC01A63F007977F + stream[448..511] = E7C44F44E06321A20E25F73E2069757C + 90499DB7E60025CF6D2D445E53A665F3 + 08EC96F6FE73C0AC90D7E4A712E18C2D + 3DED46DFBAFA24C4B0B329E52C525976 + xor-digest = 22035341489FA6EEB2A6488CA42F4043 + 57477C3F55569A1224EC39B1019E90C8 + 21D37D78ED4DCEAF6EA70724C3751760 + 38CF25DE4F84BABD80424D83A310881B + +Set 2, vector#135: + key = 87878787878787878787878787878787 + IV = 00000000000000000000000000000000 + 00000000000000000000000000000000 + stream[0..63] = CEC0C3852E3B98233EBCB975C10B1191 + 3C69F2275EB97A1402EDF16C6FBE19BE + 79D65360445BCB63676E6553B609A065 + 0155C3B22DD1975AC0F3F65063A2E16E + stream[192..255] = 5E12BA9DE76F9ABF061782EC1C4FBBAB + 3373B816DA256CAAC37914B0C161E4E4 + 5F5ADBE444098A5B2A4CFD4251D79918 + 987BB834BB50F0834EF4985F356B92A2 + stream[256..319] = D89642D25DF97D149AE07EA18BA39497 + 8935978AC34C1DF9F444986D7505DB4C + 7E08DB3616B84CD52E7DD7FB108C36B8 + B50C2573172F4D3500B6D62A9D20B82A + stream[448..511] = A2C17FE7371604556F796429C6BE0688 + 8611638B310F3E9FAF484BA9EE29C16D + 2F842EAF33AFEC557B68D2F453569187 + A6F4CD204A0E7A733E81AB7CE9FCAE81 + xor-digest = A7C93087CA70DDFE5FA5F1F2F954320B + 6E3A61977A7C6AC2F033B826AB9A9957 + 66671D2A1025CDF8E2824B2F58CB221D + 2A68679239D90152FF7D0D39B33FAB93 + +Set 2, vector#144: + key = 90909090909090909090909090909090 + IV = 00000000000000000000000000000000 + 00000000000000000000000000000000 + stream[0..63] = 7118889F6E46A6523BBEFCDB006B3BC6 + 71A6D390BC7099A708D370DCD0E3D143 + A0334619EBD5C7DA9EF6301F29273F85 + 2DFA3C580ED65C6E952F88A0B7FE368E + stream[192..255] = 31D61E133CA1AAE400CB2DBBAE93C75B + 445792061AA0539DA69ED0B77B970C0B + 482156A5DEE4082A61364BF06E692399 + FB9F4411FEC515291F8949B20F57229E + stream[256..319] = 993E815F299D4841518119BFF88F6EFB + F3DB9BAE60238BDE2845DE4DBA6D79DB + C9E42BA5C3C004AE4546FD86C660FFC8 + FD6A8A349669FFE3D9E5BDF8E50A407D + stream[448..511] = 0F9CEAC6BDCBB56B7E97DDC95877B2B2 + 1274F4A6D814B5440C74D53A3FF0735D + EF01B14AE4188E215CE7337C04871688 + 7159695A241BFB9D6B489FE9E23B2AD8 + xor-digest = 0BD5739ED28778023E6303FD88DAABC4 + 0FA0A211A1A5C5F230D9E67DDD9EA517 + FEBCDF0BDBC107291B6CF3ACD8B862B8 + 4BF15400493A54036E97FDEBB9A1DB2C + +Set 2, vector#153: + key = 99999999999999999999999999999999 + IV = 00000000000000000000000000000000 + 00000000000000000000000000000000 + stream[0..63] = 236ECC5AB83DB1C5CD1C5A888CFEA2DC + BE99E7E515650511FF7016A0EF287ADE + 5A03839C4F83F05FAC3B0B24D4E3F602 + 3251F8D9CC4530A805F8A6A912EFAB1C + stream[192..255] = 792823ACE2C0DDB266A118068AE295CD + 716E424D3B98A9DB2501A3F5DF7DC70A + 3BD2C6E664D5E13317D6F57B8774C903 + D407D2BB6014E0F971141E89569C5868 + stream[256..319] = 2D6ECCF738FC00ECD5475EDA959A73BB + 304C81FA9DDE0C21592247C4098D9347 + 1DA30294DE8C100E5B17A199F744CAC2 + 4E33490FC7F223FD6B4923056117C6D9 + stream[448..511] = E791A6BE7F7593788E5D627F5CDAAB59 + 349AF2BB1DA2BA622B9824F729929098 + BD19DFC05D0D9454F604960C027752F9 + 7812E53DE6AC6CD2751AB331703646AF + xor-digest = B7C5CE0D2FF66533A1C948C425F33FF2 + DC458E7E517637596FC8FB710E2E5636 + DB1F14848CB12793D54ABD0856B22F3A + ADFA8C33AD08B8CC5292DD76913CB105 + +Set 2, vector#162: + key = A2A2A2A2A2A2A2A2A2A2A2A2A2A2A2A2 + IV = 00000000000000000000000000000000 + 00000000000000000000000000000000 + stream[0..63] = 74490D19F13E7C6D1B25C6408E23F229 + 8A8806402755660C4A30CD216A500BB6 + AE975E08EC62D08425A8A62A71B00215 + DE35E5178902348698528CB82296F009 + stream[192..255] = 51A6EC18829928EE94C37A5CD030CC4C + E4F7E1B3E78C3A5DF07592F45B968BEF + F95B8B257DAF2B468284627AF4481FD2 + 67BE0B164DD86721DC8C1607A0607EF0 + stream[256..319] = 75C565D5A5A240B003273F99BEB3E4B3 + 9C056162B626F383F3E77B5C98C0FBE9 + 119A7C335C333E6490126AC2510CDFAA + 86441C72D1DD9ACBCD3FEFC0D0C794C7 + stream[448..511] = 2D90CCF0B43239D725E3B53C31B82754 + 246C065AD23A8D709161FC74B34E23DB + B918EAFA4465125D3780BF0B5803AACA + 037AA0A14D977141B611A6CA2278B634 + xor-digest = FEFDA1A6E95920B93380CC24FAE214C5 + 6B009ADCB176D519CA4B8538EDFC95D1 + 6CA06B730B28A230F0085FE43CBEE2FA + 2EE5DCD74D66F5CBB59F256CC1ED885A + +Set 2, vector#171: + key = ABABABABABABABABABABABABABABABAB + IV = 00000000000000000000000000000000 + 00000000000000000000000000000000 + stream[0..63] = 22E1A884ED2C67CCB2977105649B6544 + 367858D1A730AA2FA96703FA406B337A + B2159A389BEF48D8A215D870B2968E16 + B11571F12BEC0A07FA7D3B9790987EC7 + stream[192..255] = 4C98DD259D03A40AF38E0ED0F37CBD74 + B27776E9250B8B063E52E169C7B76A15 + 0D699278AA4124427B5EB6AFC4AD5DBF + 600FEAAA98A88DFF297DACA5ACB4878F + stream[256..319] = 5FC732A26406FF0DBC764ACB05C83484 + 976B640E60CCD6ABFB908583ABEC3E75 + 2878371EBB5374C9B37A63E0768AE10B + D857253D940AC408EF49EDD590E806AE + stream[448..511] = F012E429C44D5DC03B88123855B62C0E + 90E06759306017B5773752973850531B + C480316CBBAEDE6353AD5FB298349AA9 + 16AC0221A4CE1E4729BFB9C230AAF9FB + xor-digest = D73B872315F9052C67C4CFC5CD912DBD + 60DA32FD06D9C8E804968E688898200C + 1D979DFFCE52E1C3B3309B58D12BDBB3 + D3EBA2954D1587D720E004E12EB4A13B + +Set 2, vector#180: + key = B4B4B4B4B4B4B4B4B4B4B4B4B4B4B4B4 + IV = 00000000000000000000000000000000 + 00000000000000000000000000000000 + stream[0..63] = BEF4DD0101F80A8F880BE0613B2AAF88 + D2EF924014F7445ED922E9C021571909 + D7E6BFCAEE0724F2A9C522C4BDE4BBE9 + FE53FE592C0FEB80D2C7A51FB8BE9EF3 + stream[192..255] = 6B1966D3EE460999FF09001B0ADEC484 + 0D22CDDFF39EB0E3D5FDF74C6E7B3394 + A0A4271D780DE6DEE9AC58B4903EEDD2 + 6DD14E14A4DFE506748D5DCA6DDF4C5A + stream[256..319] = E79D99119996FBB5163335E2F79F0502 + 7AEA5372136E7B3C5BE1F4A673A2DC74 + 60834B81BE6C4976C4A727C8E6046A64 + 4CAF42EEA6A068B7E532581E9037BE9F + stream[448..511] = 5C4F52E0E94884C829DA1FE88EF34614 + 9F3EE55A136EFA3B417DB63D2487DF82 + 794E161B3153DDB2E1E4F385E1A848C7 + 729FF5CB1CB58D5E73FAB1F2DCEEE5AD + xor-digest = 2F3C231B0228C274255F3BD314ECC7F3 + 1B9C49177009AFF2CD88F807092D77E3 + C74C1B9B8650F581EC7603F4D6E70955 + 1B00C3192414C04AB0AD8B0B9BCFE988 + +Set 2, vector#189: + key = BDBDBDBDBDBDBDBDBDBDBDBDBDBDBDBD + IV = 00000000000000000000000000000000 + 00000000000000000000000000000000 + stream[0..63] = 05AF4F98E9D526CD7912F3E8CAF45410 + DED6D4E331633C5621B94E7EBD15E856 + 04AB202A553EFED55A548C7AFFCD2550 + 60315FD50A305D8BCAC9C077229D34AC + stream[192..255] = 786D24EF3FBFF6883A4ECC4F40E445AF + 3CFD130D5B6A9CE37BEBA429AD137A82 + 44D0586FEB16D086F533D1885A82F73C + F2AD2C645591F80ED09942F0A08D898C + stream[256..319] = C214B6AC700164FA66DE346A27A99463 + C5B6C0E43A9057384BE168E163058FCB + 6E7DEC871C6531EFC8B8D581EF92757E + 219294D39E0C9C8276440BE56C3D9941 + stream[448..511] = 22CF14F5BD70E719AFE76C53E5D611AE + 4C8D2171695C9CF97E2936A8BB320670 + 015825547A508EB43D96F2EE1EE2CB34 + 4E120F001500F8ACC3E19E30455D09D0 + xor-digest = FE5928C74EA21F23E29171E5AAACA20C + DD8571E907763C96B99A8C11F9A1D2F5 + 78F68A6C440996995F7AB6E69B3CCE33 + CF8CE0C16F54355696D47DBF82EA8D56 + +Set 2, vector#198: + key = C6C6C6C6C6C6C6C6C6C6C6C6C6C6C6C6 + IV = 00000000000000000000000000000000 + 00000000000000000000000000000000 + stream[0..63] = 75559677D7C762F6CFED942D800F2FAB + AB5F3892DC2C79922E96FD34FE511C11 + 251C8EB7C639E531CE08A8C99F62E7BC + F68FBAFF99D62348FF91CCFEC2710055 + stream[192..255] = 149806A4D862EEA81F0208D927339E5E + C98E9C2A6E0DB85CC0380DED7EC5B8AC + 4ADAE76AEB9C7B7264C3834316209615 + 25221D58C0174577110596FF89C8FC69 + stream[256..319] = 137E527A0ACB8B96A9FA07890B60B78B + 3CDD19BF89B31FF75A814F470BF97E0E + 1293B750B769F5BDD750DE5025D7534C + AD541A1F26C6AE9AC2FD3237C156AEBB + stream[448..511] = 0958243E88921B81F04AE63658E52D76 + CF2638495B3A6B970633A7C8F67B8CF9 + AC378082F72FC63BEA02881CC5B28D9D + C8C261C78B2872B5EBFC82336D6E1A28 + xor-digest = 0084D7BED4953402FE8F7FF71A28CEC7 + 0028A08A00EF935C06A8B3632DAD5914 + 84E44E372A753F8E630741266C0F4218 + 4923608103042C70ED4ECC5112B9AF6B + +Set 2, vector#207: + key = CFCFCFCFCFCFCFCFCFCFCFCFCFCFCFCF + IV = 00000000000000000000000000000000 + 00000000000000000000000000000000 + stream[0..63] = 0C46BF67A3DBA5DCCF8E4A7A65B6FE28 + 98C701CBF5E88F1F3DCB6B873E5CAEEF + 23024ADA678E1A2CA9E25AA8B476CF4F + 9FCBC297FF03A9B94A5A736274EA776C + stream[192..255] = 73B9891D1770289A67D6338909FB6282 + 9A425B7947FC30DC52B11E398E85B1EB + 537E1C02898FEBFC15A9172C254CA55A + AA1B56EA856F47E37E2F252D92D94ED8 + stream[256..319] = 6522D372F90F2DAC155D48F165B6DFA4 + 38B63B9F436FE00CC075C585297B8F90 + E6062358D29641FF9C28EED4A23FC53A + 6B5C60C2AF1E8146DB27CCF5F43BA838 + stream[448..511] = 642541A9733946827D79BBD815C03C17 + 6357BD6E81E9A61FFFD4A0BF6863AC71 + 72AEFB92C1F235641BBE1457B724A6AA + AF9FAC687552A778B034C4A4F8E41ADE + xor-digest = 9DDBC1E7D31379D027B4F3DFD72C3668 + BD0BC5A97655978E79056B3D25DF3E79 + 5D5D8BE5D1AAE877F2E7D03225CB6609 + 6EFE11CBCB728039A243E326437CE73B + +Set 2, vector#216: + key = D8D8D8D8D8D8D8D8D8D8D8D8D8D8D8D8 + IV = 00000000000000000000000000000000 + 00000000000000000000000000000000 + stream[0..63] = DBD4E866F4E24E7F66816CAF625BD07F + 1F7BDFBB81428FFEE9FBE14DF5F5F3D8 + A044EF53A868D989E16165A0F2B95E8D + 83439BB4805A125AD0CA7994AE11B852 + stream[192..255] = 7CACC4E7B9B1957ABB22ECB9D9D67184 + EE7A7F4B822A1C955A69E238022AA313 + 276C2003E27AEF1B4F94B33A6428685B + F048B357EAB297B7DD98E612F054A317 + stream[256..319] = 286B484FA80A45EE4D5300DFBE173E8C + 978B976BE1B6CB0D15C0324D6B70D265 + 385B615B3EA97A55D94C47F53FF40861 + 4460857AC9568556AE54A52546B41B5A + stream[448..511] = B3AD999394343F6F0BDDD0B1FAE2E3A6 + 5BE2BF56D2B78A401D5761E2F3AF8B18 + A2B1089864999D9B99E5BF6959F8F802 + 975FBF204D6159CF23F3706CAF0D9BA5 + xor-digest = 0957D6887501D4360C430614B67D99B5 + 32849E2F5C69CE8A9F3F707A2B5438BD + 0C1237B5617FB525CC9C043A10DBB265 + 3C3F0A353E89A19838B8F68542E09526 + +Set 2, vector#225: + key = E1E1E1E1E1E1E1E1E1E1E1E1E1E1E1E1 + IV = 00000000000000000000000000000000 + 00000000000000000000000000000000 + stream[0..63] = A6DF8DEE1EF7D1AF773AA3E9651B645A + 50CF101BF065F69F3E78BEF5D689B1D1 + D306FF41EB3E78BEB75C4200937CFE60 + E89E370680C519B2F64E23516ADF8062 + stream[192..255] = AA30580A210B87727BE17EC52AAAD037 + 3E0DD11FBFC89B37825CA4D6F9E8D433 + E3EA54C37D678B58CE834AFA310F6D4D + 06B4603F12DBF38595AC76511D0B13CF + stream[256..319] = 5F3E1A55116CB67BC91C8E37182EEEEC + 8FC9B09DAA6F418D3434BFBBFF6BFFFB + F93F8A963F2F51CC487BE868F010EC0B + EE17A480542A301E33B36F59BEE13D91 + stream[448..511] = 672048756C221C12DA6178BE711B3371 + 525A92BC9A219CABC5501B0DA4CC248B + 8742E8BCBD6F5A1CFE522F3DF3BED6B6 + 5D60D1AC737ADC582C2CB9751521828B + xor-digest = E7CA739E4DE0E74274E491CAA9BF5CAB + 3F418EBEB69509D69B2594E964759D15 + 104F674CD44681AFECC3B4939CA0A0C9 + DD7AA5726653ED3FBFC833DDB0C87B42 + +Set 2, vector#234: + key = EAEAEAEAEAEAEAEAEAEAEAEAEAEAEAEA + IV = 00000000000000000000000000000000 + 00000000000000000000000000000000 + stream[0..63] = 2479A8F2872A813D16D15F060D300237 + 25297B812F6F3B97D74D9716E4403A5A + 684D2BFD1E15275470FEDADF1578277E + 44C6C06B8A5FCE3D0CCC5E13BF49947C + stream[192..255] = DB2F9B25F9523FF5C2CCCB808EFE07F3 + 132D4B0065A563288F848E05EB45E48B + D15C069C02F90B4FC10AEBF1AF4BF90E + 2CF7F48C8CD7A8091014131EBC21FBE8 + stream[256..319] = 84FAF79797E25BF2CFD54E58F5C7AC1C + EC170B064429EB832924CDA9C47B5174 + 9BFEF80D96FAE36DDA65659FEA1CC06B + 4EA3A1601A3304AA4DDBEB62381FD4DB + stream[448..511] = 2C8FC8D23E7DBBC37BB0811D1BC71145 + BFBCDBAE19F5281CD0E6AA37419778DA + 64DDF68726DD7F4D78BBBFF4576C2AAD + 93F477A2AB2C3CA8A381F30BB944C7B0 + xor-digest = A6D5F0DDFC0A43491D6D0A17C095C070 + 9EC7E9B89DB8EEA11045ACC5FF003DC9 + CD3318BB6F9675EEF20E15490F525066 + AF8380C663B60EDBAE30663C94C39892 + +Set 2, vector#243: + key = F3F3F3F3F3F3F3F3F3F3F3F3F3F3F3F3 + IV = 00000000000000000000000000000000 + 00000000000000000000000000000000 + stream[0..63] = CC3701E703946194401D1BA23AD99B5D + F3F856138E142D4B9C23DC9F252A277B + D62DAA33A71A0C61079AD5A20562291A + B6EC92C66D7BE6A17E27D4DDB48EFD31 + stream[192..255] = D00665FC0A4ACC78758EF25B0B0D6903 + D565423614409AD11E821B83F5B35D83 + F26F3EF9EC1766FEA9C21C09E0AE248F + 4BA01E48BCE09D06471593B3466703DD + stream[256..319] = E8B4EEE2C8BBEDBA758C1C2D0889FDDF + 96CDC215EF1A62FAA29A5608C852FFA1 + 18B473C5A7319446F3ED2E8AB39A533D + 714325D1B14E838C9EC6E037DB0DD93C + stream[448..511] = 4FF3B43841B17A279002EFB07324625B + 7E937D480DC73F12836195110ECB4DB5 + CD31CA4F92F612A95E82815328DA7D5E + 4DCC5BB6791603EDA64C57B5A5AAA04C + xor-digest = 9202B874C48D4B1A9E857E645EE8F884 + D971CE97923AC024ABEFB944E34550CE + 31712BB832F9174F86FCD369E75CA9AD + 85095F43A4B7F33AB641BD6912D2C59C + +Set 2, vector#252: + key = FCFCFCFCFCFCFCFCFCFCFCFCFCFCFCFC + IV = 00000000000000000000000000000000 + 00000000000000000000000000000000 + stream[0..63] = F374DA745A5CF93A567027609E5D3B1D + 5C3C8A4D15203705D978AD42279F6548 + 51FF713F5120CC93D044EF717F5A75E4 + 98DBEF559E5F157A8C819E213E93B3F4 + stream[192..255] = B270F638AAB88DFF69D724F79B70CEC9 + 175AEAA99D55485954B265B5CAB86509 + C810E664766A8E6C90D4BEE3A58B1815 + 9076959FFFA2F30EEB12343E9E7778C5 + stream[256..319] = B2CC84A1127B5333B30EC81CC14307FC + 418DA96336991A27DADA74FDA987B867 + B125C53C0E4E2889FDFEFBFB48797A22 + 2836B2EA42793CE2BFFD568F6234B368 + stream[448..511] = B70F4A10A1B75D499E8189C8B92AFB36 + 4CD2D730DC8D7E183EC55A777C2445EB + BA7E9CD95C8F3A206B73C422AC2E2C08 + 15A8C6FED156FFF93B63DE512EF69725 + xor-digest = 467EDA43B849054EE747A532ED0D9AA4 + 6EA1BF2B6AF19F481D6E3D55EBAA96FC + 6629FE65B5EC4B5EB6A155A6D60FEA32 + F04F8230E26390F1C8FA53D47B68FEAE + +Test vectors -- set 3 +===================== + +Set 3, vector# 0: + key = 000102030405060708090A0B0C0D0E0F + IV = 00000000000000000000000000000000 + 00000000000000000000000000000000 + stream[0..63] = 0315CE93BE05F88212B413335CA65F33 + 6387BA612421C7BE8276299CC178EC31 + 2143C503A9F2644685882201137BBBD7 + 3A2385F0AD14B690281B54B8DC064150 + stream[192..255] = 8B663563AE31DCE7AC61BF4943466774 + E9EE784644AA761B9D8AA9B8E04D4C91 + 75650DDF130454DD60724864DF2FB6B4 + 31F947F8FCA83F6D3B113BC413D3CC10 + stream[256..319] = 35EE3D4294E5660A99A1A1C9254D27A4 + B42FEA8CBD5C5BD8B902E1B1BFEF17D6 + ADC9B6B924C7C53D44A5C58210989BE8 + 72E532300EA9115CD2AAC8024779B3FC + stream[448..511] = 402F841F64827A197FC56EE9C180F5D1 + 075107622178407B063F70C6C860C6EA + E3016D56F7CDC13A109283F5F4FC9420 + 6C62BC3D1012EA03EE08EBE8C2DC074A + xor-digest = 6815E00D7D3414FCB103EA82B38FD4F4 + 68A453E84A520B7119E9D3A4C938BF0B + AC26F7F73EDA7F3E2F20FBA551C15205 + EBBF2F6BFE6DBAF95061F0AB3988DD57 + +Set 3, vector# 9: + key = 090A0B0C0D0E0F101112131415161718 + IV = 00000000000000000000000000000000 + 00000000000000000000000000000000 + stream[0..63] = E695E5417AEC9FBFC0EB0909435E79C6 + 76AB8E2F28C556CC2C81CFC5F7A2A6F1 + 254EC0CD2CFAFC257907723557C1DF5A + D81D1E3D201410A12A5FA3A6160F266F + stream[192..255] = E3D590D9AF3869FFCBE2A4B8C77A09F6 + 211193F83B8A43714CCFC02D014376C5 + A44FF7C061471AE208F04DCAA89792FF + AE7096EAC47898C1011095DE9B55682F + stream[256..319] = 0F31D78C0B86D246FE105AA6D9B93CE0 + 257E75CC0D2A0BE96B9156555D8A407E + 01F47AFF719CC894EE111C32672B0404 + B5F26C1DB1D7D0F9E470900AE53B192E + stream[448..511] = 1A01733BB8EACDF2B2F4322FB54FB6CB + C92989248FF31BBAAA8304ECC4AF9A39 + CAB21BB66E0A144D8B77C537BD52DDD8 + C5B0909CC6423D4F243E5AFE6E22D07D + xor-digest = F8C3BF6905A19184D14039E4B7FCFACF + 2EFA004B35B55DD04F56199C6C9DE1B4 + 458C5EFAC45C6062BA1EB726426987ED + 88FA899849CF5F6CEF60119F6A68AF9B + +Set 3, vector# 18: + key = 12131415161718191A1B1C1D1E1F2021 + IV = 00000000000000000000000000000000 + 00000000000000000000000000000000 + stream[0..63] = 3C189DEDA71E56926CA2C3A2974C4FAA + B7EA3C1250E768CEA797ABD6477B59F0 + E5494635CB4700A95BBD54B0E93D12A6 + 423DF8F34BC6B3BE705ED6704BA33894 + stream[192..255] = F21E411ACF063846BF68F61F7673710D + CFBF8088E2A815F406E17C4BF4E839AA + D2EB9D137B0F7889E68F4B5C8160199A + 7C9C697EA6A1794E954ACB535A72B255 + stream[256..319] = BD7E1C4A54C911E84067AB00F8427810 + BDBF4029E78D424E65F477BEB457900D + 0EA49B639863BAEB1427A161B8C629D3 + 55097F5DFFB24BB97329A73B144DB7CA + stream[448..511] = A4D9A80D0055F2D8C55D2A49B39DCA69 + 9A5652C43258152B42BECDE07F21F8D0 + EAAC565DCDE549CA4A9A27D82F5AF4BB + 1EEB1B0A53A58E50C3E83CBCDCB980F5 + xor-digest = FF451365606D0117E15FC2721F40C9CC + 0FBF6442A771F8FC3B06186C35C6CA13 + B30F65FC84B9A38A6FBA2B6F16541B0A + 0D77BDB4F696894B2B73CCCB8D6FA3B7 + +Set 3, vector# 27: + key = 1B1C1D1E1F202122232425262728292A + IV = 00000000000000000000000000000000 + 00000000000000000000000000000000 + stream[0..63] = BE4A26D09D47D25416355FB7FF60AA06 + 3B3CDE5374780F2C66514A0CAA07406A + 88490A2E3D6294A799C9BAAAA1B10ACB + 88FF4F6F70EF1F4F67D591040244FEE8 + stream[192..255] = 54F1AB7235B6440D6A7FC7851E3FFDA8 + 6CAF44E3F57E1E9406908064FDDA3A3A + 3C7AA1CB6ECAAF376C5F290EA02844EA + 779A225131F24D2E7D34AD0342399FED + stream[256..319] = 81AC4F45FC40CE7E1FF890F5EFF2B583 + 36F71D1911C7E0227AD8E4DFF7369B41 + A8C266B3468A78773C4C40A3EEA6B724 + 97662462F48835FAC7B6C77CEFD39A65 + stream[448..511] = CACFA9A51224F533C600BEFF1EC03C7C + 7C22EDF93E8596128F8709F0CED4E291 + 997229AC5542FD2CC9B1167C3D2BB57D + 9B08B82C0FC41D93B7CE2211C5E2D534 + xor-digest = 0D949205B6024DAC1D215F2AEA7CB484 + 3FAA9A1719398AB8828A28BD2568369A + C78A224AAD95BAE6A6333C4C13D630B9 + 42AA52099F6EFD6871B1E45C8DC68AC7 + +Set 3, vector# 36: + key = 2425262728292A2B2C2D2E2F30313233 + IV = 00000000000000000000000000000000 + 00000000000000000000000000000000 + stream[0..63] = 65906EA9CC0080D2044671D22C7DE242 + F764184ABE8DADBCD550225BFD541D6A + 762C7A5268EA0ECE51D18269E71A4CCC + 054AF634616204C81AE7E515719775DF + stream[192..255] = 9ED75834EBBD9576E11DCE8C583ECEDD + 2B8780FE98B44E9F08BBE96922C77BEF + 08DCE0DFD7C77C42236885BE6EDC8343 + 24EAED350AA5A513009272818CBC4BE5 + stream[256..319] = EB1D998260B3AF4472DE59E1C9DD359A + B346B32DCE36C92C9B7BD808BAB76AB1 + EDCA2827557501BE0FE28F6498B33B9A + F4EA48786F3158E8047A32A03AE1CD90 + stream[448..511] = D06B1B9B8110FB9809F5887A35CB24BB + 80EDE203AE648AF9FA348B18D8A15B8E + E98E8AB98A7AC5BF71FDEAA1A6E978F6 + 7D5734AA7FA88E8DA44C861E2F54E585 + xor-digest = E77DF8C1D5F46F8896DD00187C840B0A + E4404581DD053C6F39323815729DCE90 + 0D85C2D8C97D0A3B57CF622F81077B80 + 92988EFFA36CA176F7393D1E38AAB206 + +Set 3, vector# 45: + key = 2D2E2F303132333435363738393A3B3C + IV = 00000000000000000000000000000000 + 00000000000000000000000000000000 + stream[0..63] = 3FBFE9A391DE0CE5AAEBF9DA3A15EB99 + D6CBAD0341CB78042C89F5D5B0B555C8 + A400DC47FD19F40493B348CB51430B44 + D05AFCA9D399709EFAB8ED2587F72E85 + stream[192..255] = 68969047EE54910C44F8B5718E993234 + D814C27C0B59EE09F0D35B58352AA6C6 + 594F605C25C16CDDC29A354A1C6F5948 + AE497C093E2D41C211E4C1417DFAAFC4 + stream[256..319] = 0DD68E08A25ACA4448DF4B562EEBB855 + 14E41F1F560C479542FE62C2DCBCF03C + 30AF180FB71E65A9A09C551551A33942 + 53558C2440084E6B4CB664A4EAFCAB66 + stream[448..511] = D93B80D67B6484030103CDD72536E695 + E7BAF8B1115109D5D5517BD1E06F4236 + A3551688F5C0D78B2CB080AC072B4C48 + 94A2AF54AD9D816E2068AC569BCD2AE2 + xor-digest = 7C071BF395B48A023A7B708A9651EC8F + 0C9A00DE8BD9D0764C7F1F394AA2B747 + 3EF87BF792D5B89AE0548EB9C1344DAB + DF2E4EC6064D50EE1622160D6DD7ADFE + +Set 3, vector# 54: + key = 363738393A3B3C3D3E3F404142434445 + IV = 00000000000000000000000000000000 + 00000000000000000000000000000000 + stream[0..63] = 64468807E7EFE78E11B0231D8D7AE80D + BFF3FAE444A60496C8F2DA202941686B + 95C48457C1F9DE1AD2FE581336AE36AB + CA574BCB9619CDDB96E4499409516635 + stream[192..255] = A7DBFEAD9B969D334705B6C53A0CDBC2 + 21E0BB92854B0B107CC39F8C6E4761C3 + EACC8D8C5741AA4243C5BE1A79971A0A + 5A23F2BEDE9F3628CB9099B8C7EA9324 + stream[256..319] = 1A44FB18740973F3124EA805C90C4B27 + 4EE788D43F4B894B01F63C13410EC204 + 2607241E87555B0E1A6FF33AF0DB010B + 8ADF607E6353FCF74F568E0BAF0F4455 + stream[448..511] = 11568B95495E520EB6BE106986A07C57 + 8FDF21463607619E5AAF117D84611E75 + F8979F59E60B43C0A37BC24429892742 + 0D206274DA45EBBA7660422DA45294CD + xor-digest = A70B9BFC683AF2716E17980A49C4F747 + AC25992BA7BCA5E5C2AE162497E4E8BB + 62C837F64EEBE4A55B5705F115CBA057 + C560B1AF0A733B5631E23442601A741F + +Set 3, vector# 63: + key = 3F404142434445464748494A4B4C4D4E + IV = 00000000000000000000000000000000 + 00000000000000000000000000000000 + stream[0..63] = 35865AF843244DD2F95CDF7C9BD54471 + 9C8432538842C28F93AA21F6E10F8B18 + 31C2AA7EC010A66E539CF65BE55120BF + 090233750995003C7AE414DA6D55F86C + stream[192..255] = 190F215FD14E44CD141E47A2322D324A + A63A7B512A77C20A02D3BFC1EF8273C8 + F65226CBD1BF32A104D1AFEFD6719E4B + DD6355B044EC8D0CE95023C61007E6BB + stream[256..319] = BD02130F7CFDBDBC2171BBDEAB501136 + B2364F5879E6E9CCA7E75AD81105D9E4 + 87E9175B62AFCAD79B23D392B2E9C418 + 437527118797602E629A70CC869AB7EC + stream[448..511] = 1F0DF396B5CA6EC9767B0674B2C7A9C9 + 133CF872DA39DE78F56D41C7F2FF6B50 + 716717E995D42C51D6A2ED66FA6CC7DA + 92E9B3B4D1F130E699C430CFC96969BB + xor-digest = 70291060FEA7D40B5C3FF731FAF7630F + D9BBED1A7FC25A05E6B3F632E6FD6B91 + 1F1010E1BEC69F16D44C5183E38BE8DA + 8949A4D8AA85F5149C203F8C92887875 + +Set 3, vector# 72: + key = 48494A4B4C4D4E4F5051525354555657 + IV = 00000000000000000000000000000000 + 00000000000000000000000000000000 + stream[0..63] = BFFC0703408DF6EB169656D09A5400DD + 9C4BAF06A3BC7220E45814104B6D9000 + 9585BF9B0CD988E94B8C5026D07AD7F5 + 7D81364775D54D808A5C18453B62A2A1 + stream[192..255] = 5FC95B73A4C91DB20B93319E420B4C5B + A9DE1873C81C835CB455970A90921594 + F9635EF4F411C9ACB4298F75B2CC84F9 + 7F52182F7F001A1EDF72A68FA1ADE313 + stream[256..319] = FB24E97B0CCFE15644BAAFF342C55FDF + 64434708407AA6D73576E842D5ADF4A2 + 6B32D329A2DC9F1451C4BF3E9599E9E6 + 4E5E65F73E09E4F1254BA0DDD8E6C52C + stream[448..511] = E2EB303CD0A67C99CDCEE86BEA581FF7 + 093C9228900B563C6D10B20BF99D3911 + D47C805D1447C8F233D3FDD27CF0DA42 + D42E0389E2CCE99A274AD9D20B9C6102 + xor-digest = F83FB58CAEC8B13BC25C152FCF24E10E + 392A197FDA05A6A20E14093EA0B34C5D + FAE102266465324F5AC07FFCECC8E618 + D0BB60761A26D5FD59D188097A2348F3 + +Set 3, vector# 81: + key = 5152535455565758595A5B5C5D5E5F60 + IV = 00000000000000000000000000000000 + 00000000000000000000000000000000 + stream[0..63] = 84076D83A841C8C6ADDE3B5D9FDD6529 + 4D0F92B549112F0A6DE05236F732E81B + 3C8E92229C411D2295129ECD18DD08DD + C98BA78D9BAFF6271D95E1F361EF699A + stream[192..255] = 7063A52FB2729433D8A7BF30F27E6EF6 + F17C2A422E60A737270787985508D062 + 4E678A597845CA9EF939F4B8966BD99F + B8633FEA673CE7BFD2ACFB5942D7EDD9 + stream[256..319] = 4FCE866E8C2359C53F0429F569D02DAE + E99A4062246B633D4C502DC897AD8025 + 38C95D49D3B1FA94F4E92441357B622A + 6264F50D5554BBE42191AB3D6073A8AF + stream[448..511] = 2F7C38BD00309FC81D28D84EE4355216 + D97A823CC46FAB9DCAF621E4128F9CB8 + 838BF02E0EF940EFE96860CC0B996044 + 42CACFD3306335241C1B4B65E790233E + xor-digest = 44038A33AF0013BB34CBCFB77F7E060B + 96F5134DFCDBF04EB8F7F29B15C3FDA0 + F766DC940FF548C23712625793851A94 + 294CC7201E1EDC6056C12A46524C6FD0 + +Set 3, vector# 90: + key = 5A5B5C5D5E5F60616263646566676869 + IV = 00000000000000000000000000000000 + 00000000000000000000000000000000 + stream[0..63] = E811CA3DD1DD0057AD3A1794D3F9CCB6 + 362049B1692D6ACFE1A6A0FCC99C7A04 + 3AB9932A146B4040AC9F8E2F0A227C7E + C60B1F35D60EA14483BAE1F8D1AC7FE1 + stream[192..255] = 865B05E224133AFC45043F05F8082FEA + 487BF63BCFB96DA3EE26960061446669 + B1C92C6BC5905BD1EB57D579CB62A220 + 2F35CEB603658237AF1908132A25971C + stream[256..319] = A84BE383FC852F1BF44130EAD15B3548 + 56737C7EA68A0700A22D357FBA70E031 + BDC0FE8EC36C41790A8B7706A00CA338 + 603E054A83881599D718B1911D1CE9D4 + stream[448..511] = 9286C3479F9A17B51D8749257F59E892 + CE7C3EB8638B29C17D779811F01EA405 + 257062A5F28BCDA1862FE653C7607350 + 9A87D12EDC5CAAFF9E8F9F76DA0BEDE2 + xor-digest = D629CA4708BEF7EED04BB5531DDF9C64 + BA4981C9A705D59C4B2391E94B79CFCD + 058406845D81E7EBC097330C01FCBCF8 + D78940893B4FA38554A32D861AE96D04 + +Set 3, vector# 99: + key = 636465666768696A6B6C6D6E6F707172 + IV = 00000000000000000000000000000000 + 00000000000000000000000000000000 + stream[0..63] = B89516368AFEEEC12434F76AD1E1ECA8 + FF6FEF7B46D05EDD6041C7B8C1E3A33D + 2818E38113592B615E980304D93435DF + BDD5676225173331C3667F30AA2A3D2C + stream[192..255] = 249528FA392B19B6811711F523D27578 + F1BDE75CA167DDEC08303906B64FAC0F + B2912A7A0EDBEDAF9FEDA420DEA330CA + 7302F5780827CB11B15A4DD333FD7099 + stream[256..319] = CECC1B5077BCB9E129B01D8D75089B41 + 64E76DBC9C8CF2E4D2F17A6248522A51 + FCFBFBC992F75D613307F4DD6472B6DF + C8A5B29F1068FC0F1C3F8964B0E09170 + stream[448..511] = 8B26C436E918B099E4D3A7D4D3395E49 + 056A8A29130667A32C6A2B0FD08A482F + 8F7538ED90374846FFD2E1C733AFFDA1 + 12148C9718F3F208344D5FC20128AE2C + xor-digest = EAA0ACA59CF63BC27082BD52D6757FD7 + 620A7AC5AA2FAEC52646978E2057C5FC + F60B36C09D87419C1D1A64133357DB05 + 6B96C854F38C36DD657524FD09729341 + +Set 3, vector#108: + key = 6C6D6E6F707172737475767778797A7B + IV = 00000000000000000000000000000000 + 00000000000000000000000000000000 + stream[0..63] = 741C607A6BD38F93B33244C8B7F05D78 + 46F6A05CEE5A87762480DE123D3BEE63 + 240928FFC75ECD9AD1785B1664DCB59B + A12F3B64C93BD4FC8C67C0934E5B0ABD + stream[192..255] = 3BDB31A701DD7F2E929803C3A47896F0 + 9E5F569A32AA829E505E34BB7232597D + B838F543A34CC288F9518BE16A228D42 + BED0CA3CE0C6E7FF9AEE63625C699B9A + stream[256..319] = 1CB7FE159EC1A57043BD142236DC0A18 + 0CEF37316A6E96354AE319142282F19C + 1550EB645DA8F7BEE2ABAE4EAAC0BA29 + 893E722A6F8E0A9B34368DF56C5845B4 + stream[448..511] = B6DF810D69EAFB7F2360F6ECB50C5861 + 7D32B3F495B3E4424045E88CFA0871A2 + 9314121CC78B98B456ADF53E540346B1 + 214AE2ADB65C552273F1FA498FA74101 + xor-digest = D35A8AE5783348824175BD34F2E16FBB + 975E7695DC6C4FF1ED763D404B0D4D30 + 07AAF01E988BC85DB2FDD017691D3BB9 + 811355C3C7A6156197AF57B794DCE85D + +Set 3, vector#117: + key = 75767778797A7B7C7D7E7F8081828384 + IV = 00000000000000000000000000000000 + 00000000000000000000000000000000 + stream[0..63] = EA9DA2D5BD4B6E070479ABF8CA2D1B3A + 6B968A025D010944FEB51AB2E507F86B + 111F8A351A3F32CE1FBC4A75AC34F722 + 1B5190F2390073084F8153E00BB98D0E + stream[192..255] = 0AE0DC3D0E2D3F5F93E446BEBECC4F60 + 862D190829A209966E132DD029ED6998 + DEF4F613F3D53D0A36CFBA2CFE345DCF + 013B6CFFEC0116FFC1659A57FB42E0BE + stream[256..319] = 5A7FF46C335912389D8B88437CEFD27B + 76706405F45F87C91390273D9B70CC5D + 89FDFA85E20EC82B98A79BFF5FBF6AB1 + 4F61F2C1289CD7B8357126C8E13271AD + stream[448..511] = 9398E699F5AD8FF31A50C8EFB9DF0D0C + FD612B951A203C1BF85C62AB5AF1C412 + 42BFD0A55F21820C6F917EC90A8FCAB2 + E774A93713A99C7900B80A2BF496D0AF + xor-digest = 05D9732FF20A61E19428873830DA7282 + 819234F22FE7DFD8871C21CF10C08EF0 + 7C0413898DB144861B0CCB62992DF40B + 29A0A4688C91275F0A198AF39899E362 + +Set 3, vector#126: + key = 7E7F808182838485868788898A8B8C8D + IV = 00000000000000000000000000000000 + 00000000000000000000000000000000 + stream[0..63] = 8C4F8495C7231AAEB704E7AB9E79E748 + 6CB5BC85D3622B8A2E2CB778BBFDACD4 + CEF73CC485D8E08406F5986A28706CD0 + 56D085201DEDB875573B57629B8541C6 + stream[192..255] = CC6374A744E9205CA39BCD678074B844 + 16346A7E54F9B87905BADD2FACE7B9F4 + B0A366AA3F632A7A67AD8AAC4827C9BB + A1E801A8786BC4FAC2ADE6A6AD6A45F4 + stream[256..319] = 4F52AAB001BE94A60761CDE0334F8A84 + C617195B084E441070E343CEC3189CF6 + D6D955F9AD649A3891BDFFACA0A6E6E7 + 7291396670BA07469D267EB80E48353A + stream[448..511] = 673AF85AD5A9A3F26CBABCE9BEBBAE21 + E0B6DCCC3256227FC0EAEDF343CC7E9A + 8896023DF073E88EEEF135BE34CF67A5 + 5FB51D3A1754B15A7C4E2CCCB4C8D51C + xor-digest = 2BD4B8BF9B7E79B0EB53318396B03575 + 0AC918A6A05BBA499D81C9EFD32A0FCA + 34A83FC801CD6475A774091F33AE7689 + B9FE28645F545E9A9531F528085926F1 + +Set 3, vector#135: + key = 8788898A8B8C8D8E8F90919293949596 + IV = 00000000000000000000000000000000 + 00000000000000000000000000000000 + stream[0..63] = BDF2E95B80FDF304C3C4A8081391EDC9 + 7F9553F93C27788F03797EDEBB8F59EC + 2FB2FCCA7727CA1CAEBF5C8DA8719492 + F1369D96B2FEFA23D89400CF7CA667EC + stream[192..255] = 6AB7500D876A4924DE59800345AD69FB + BA1690733713BF372E0108D9FB65B0E4 + 50BB89899AB84198381623094F823FF4 + 8BF9A09F0FCA23684E78654F3D231173 + stream[256..319] = 34ED638D249BB1AB8B16D350309AE32B + 9FB62CAB0EC7AB9D5F3C12C9A6502497 + 6323EBBBC4CF308FFA68A3D4D8D3959E + AFD3BE46E36072FD15A5DC3FCDECA6D1 + stream[448..511] = A8BA33AF6CF545424E607A7FC4CBA593 + CB05B38C836B21D85B6FB1894926A459 + 8D71AB424A5A582A491747FED94125D1 + 08D6C693EC9E4BDE2F418810A921B54F + xor-digest = 84F29F11524741D39779025D792AB735 + 07963EAA0FA8EE220ECD3592E1320567 + BFE76EFC3356860192DDC5F06B94E552 + 43D659D49FB94C30AB69AB5E9C370A5B + +Set 3, vector#144: + key = 909192939495969798999A9B9C9D9E9F + IV = 00000000000000000000000000000000 + 00000000000000000000000000000000 + stream[0..63] = 1C03A0D6CB75670CD7D978B2E371857E + 27E597B15B905D5F4F4384FEC227073B + 5A56D8C0C4AF767F267DDEFF86AA036C + 41EB6170603AEB3E3C1EF3E176CED812 + stream[192..255] = 6447D1E067550DEC9E8AE89DB02B85B4 + 3DD7E511C8B98438BAA50CFAF7CDBB68 + 757DA1D03A29B9EC6BD633E17BEBC8EB + 2D8D453F583E4D183AF30C9F47C8DD56 + stream[256..319] = B324756101C28D9FC4D1F065F1D000F4 + 1155514EDB30A7FE36C26B18FD93D6D2 + 0470A41B6F8D2E8BE140568BF72223F0 + 981CEB9D100B21C8B751BA6B2816B2D0 + stream[448..511] = 304AADCAE0CE80E91E3558974A944663 + D1E2253977CD7B0D1BFAA138DD81A501 + D7EADD8FC834931A44642BA9873AC1B2 + 47A454EE71F7AD8671BC15E088D01532 + xor-digest = 5980D43A91C09B20B0F3323F1750CB47 + 118550920627B6C512AC5CC53AA6AD25 + 68EE1EFE702FEDE7CADBFA25B32696FA + 12A18CCDE35A1B679F709F28920DF92C + +Set 3, vector#153: + key = 999A9B9C9D9E9FA0A1A2A3A4A5A6A7A8 + IV = 00000000000000000000000000000000 + 00000000000000000000000000000000 + stream[0..63] = C2083A758037E850A6FE642EFDE59AED + F51F3002BEE2E69DBDB538BE2D93EE8B + 27A1CC89672DC14C44DADE531A88A769 + 5DC730A2CDF3096DE7F4BD08A1ABA918 + stream[192..255] = F4D19950E6365AE6BE8011A24B9D803A + D9A8547D452D8B0B8C51676E207DF323 + 808B5A094A2FDEA5DBC86BFCA576E98E + D0E049834CBE0B3AFAD6892B542EC7AF + stream[256..319] = 8F2A026EB2165F39E27DB86607878926 + 4EC8F42A09E8C80B317FD4F1E32AF4C3 + 73B7F5160C635ECABE495B01A3488E27 + 94D226E2D86C4654810C08B2FC42610D + stream[448..511] = A1D17725577B7A4FD3D1A280BA2B5C0C + 386FCFA09E110F00C85ECA05CC142644 + 4D8EB87CCDC2B23D1CDBBFFF822B5555 + 11055B93ADC9168B7353CAE10551AF14 + xor-digest = 7B4E8A6123216818A218FBD50D8540B0 + A0B62DC114F25DD476680F85DEEA9306 + 4CBC4526C7A8832D4BC534684A403FE7 + B80E7F20D967ECE044085B554C158AFA + +Set 3, vector#162: + key = A2A3A4A5A6A7A8A9AAABACADAEAFB0B1 + IV = 00000000000000000000000000000000 + 00000000000000000000000000000000 + stream[0..63] = 6FB232154275843C74BB886D09CBE0EC + CCC539DD6DEC1EC6F31578B80DD3BAD8 + 5C992CB1A0B4EA40B3EE0C5174E36A74 + E1CDCAB13830453984E4365A6C599F72 + stream[192..255] = 2682C05E19F6D8FC4DDB15B2F8385B52 + C5A4A70FF5A0063CD696AADBF8505122 + 6F696746D4F8C314543BC3869B1E7F9B + 1C0D004655FB6585723CD1EA7A700A60 + stream[256..319] = D6BA4C5A33B8C2DE342DE48E26AE7B14 + 8E91552D0E05AC9458ED0010E6FF53AE + EDE70E910165B5986876799E60B7E6BF + 3109B9BAF7EE3670497FA7CAFCB14733 + stream[448..511] = 70C4E8AB8E8BA681A2A06F319CBC952E + E3E78DA589369FEEF8A6BC6D976BECFE + E6C7143337758929FCA7E0945892411B + 047C2CC2F2AA284E95733DD94D46B89B + xor-digest = E2D3DD6AC908FF3BAE4791A50F717B63 + FB3F1F380CC738E2B1626FD026C9BEBC + 33957AF4ED6E8B9864EEEAE262FC6168 + 9A34FA14A35BD915B6945F35BC3D5573 + +Set 3, vector#171: + key = ABACADAEAFB0B1B2B3B4B5B6B7B8B9BA + IV = 00000000000000000000000000000000 + 00000000000000000000000000000000 + stream[0..63] = D25BF02A1BB050E0D15246C2EFB3EB89 + 390BB913916D347586DCDF71D6792CC6 + BF72F6F6A9B779BD8833C468684B4480 + 52E153D11A0CE183CB337450C4482F6B + stream[192..255] = 07980A2C57E9094C5334016A782C830E + B59420086EF9D36542A97220A5EEFE42 + 026B39B1F00A78992ECA17FCDDCEEA2F + 88A15F934A1C65EFB770C2FB9712FFF2 + stream[256..319] = 8C0AF45C68CB7CA8CFF1AB18F2F9659D + E49DB5C4E3609B50C06F94FC01C059B5 + 40E302FA8604F030701FE3C833617E0B + 094D0BBF10580F7C1C7047E86FBF93E2 + stream[448..511] = 4D4BEFAB68D63085A05C729F54468567 + 2C2A9452DF6B4B651A29FBC29513E3C9 + 635DFD75EAC87A5B1362E99033304EF5 + DF42420DFD49C1830D66F4F90928F1AE + xor-digest = 9A7DD8AA5D9E9DA4F34AFBDE9D909CE5 + DEBC05D2F930FF08AEEE4096B2E1E453 + 8587B88E535A217E986F31965C5965DE + 3BF4A7F99B3B9D938D2C1AF7DFEFA14A + +Set 3, vector#180: + key = B4B5B6B7B8B9BABBBCBDBEBFC0C1C2C3 + IV = 00000000000000000000000000000000 + 00000000000000000000000000000000 + stream[0..63] = 5FB2BFB5B9CC4F84D7641B4555DA4A7F + C07C0053E7AD2CF2187F7F34ED4068AC + 6D5B43A5FA41437C05C65550786D60F9 + A737F44BE450A1F416C1B1A49890C609 + stream[192..255] = 8EDCA89958225E39CF796EE587877A55 + F9B7A7381241597CA6280F7617A11922 + 9268F95BB326585AB59F08BFCE8B5638 + B3A0D32A761C796060DFEBB5BCE859D5 + stream[256..319] = 09601C099BAC574564E4CC6FD659776E + 4726FB22E0025C37873042866B913C03 + 285EA24E37847F9AF6C838B82FE651D4 + EC5FBD40A256E6C765757B6A3CD08C92 + stream[448..511] = CA5AC4ED4FBEF0D754F033B5267B9FDF + 3CA52B131E118174F70CD4F833A5ABBB + 198DBCDF18BABB0B0CC37ECFC8D93AA1 + 5949FBB21974169B46D545F0ED03C71D + xor-digest = 5DAFDEBC75291BA8F55B4A370756B28F + 554FEADDB7888F2834BA1EF221E917F5 + F631D5BD789701282DCF16FA450D250B + 52C627741369DA654E237B8D7F4A8BA0 + +Set 3, vector#189: + key = BDBEBFC0C1C2C3C4C5C6C7C8C9CACBCC + IV = 00000000000000000000000000000000 + 00000000000000000000000000000000 + stream[0..63] = E9EAE6C4903004A2AFCD05FE2E3E7F95 + FF8BD2888C4AEBB81CDBBCB7488C54E5 + B50467FA82B0CA7EA923C608074E1B45 + 6452821FC36789C8061E99E8A0C0B579 + stream[192..255] = 1EC898A6958F23C186261F833BB3EF0B + 3C185AE8138311B6AB42098E9C6C7FE1 + 0306DADE1DBF2B1C3215DEBD88AF1CBD + 2D805B8006FA0DCF136E225AE3D91AA3 + stream[256..319] = 55566604D1C85FFE1D29810B6C49F019 + 69ACB59765A3FBA2B0B9880064606E47 + 18BC5F08C32EFC250FEE91FB88077A2E + 0840615CCF627C64FBB500B7B800B9CD + stream[448..511] = 707821EFE4119A32CFD99F7ED7CEC018 + C8EE90493FD9268A83E5482DAF9A646E + 8765D8199A56A12ECA50775099179D70 + B72A3CEC8F0EFF1AFD074F04548874E3 + xor-digest = A51E3C9C948B68A1543FDD1F158DD419 + 195AE7662739446D9FD543681A866A6C + F09756FF4E0C59BDEFFBF98D53F193A1 + 77D7BF19320063B8AEEC8A544D5D72C7 + +Set 3, vector#198: + key = C6C7C8C9CACBCCCDCECFD0D1D2D3D4D5 + IV = 00000000000000000000000000000000 + 00000000000000000000000000000000 + stream[0..63] = EAA9729F0222A16C750540C605974B55 + 4FA622F67C71FBA40236A71AC19706F7 + 9E3792F4B444A39C9C1C902FDBD81898 + 096338F6A8EB7C934B9558D48AC53301 + stream[192..255] = 3B5E53787C050061000E3622876AA126 + 00971A76253833C53B9DABA976169395 + 3944B5050AB17E492E185737D67581B8 + B1C766D50C5B0C2B0D8C78A781E77D89 + stream[256..319] = 175C28764FEAF8396B3CD34C829D0D0B + E9CE0D75E79017A96C4E7B158B171BE9 + 4C906FD4BD4946E6DEEC3C78B34C0754 + 9E85AFCD958AF345E0B432F33C86AA76 + stream[448..511] = 37BDD665CD9D5A8A8190AC3EEF981379 + AD5311E15F853A8A89840879165147A2 + 807AFABB6236CEA9319DB32344987889 + 5744A506CA76CE69D9E474840529D667 + xor-digest = 4CAAE8F441F6EF3DB6971E274181F8F0 + 4D7BC603E040833E77921A393EA13F0F + ADFF07AEC94555224F6204874027106A + 6D7DDF0546F300D3E84AC87699ED40D2 + +Set 3, vector#207: + key = CFD0D1D2D3D4D5D6D7D8D9DADBDCDDDE + IV = 00000000000000000000000000000000 + 00000000000000000000000000000000 + stream[0..63] = 83AC8C40850F4FCA5452871C954AA61F + 31A9BD276D39EEC03EC5977A71FDAC38 + 368D110C57C1A19F2A7461BBFA88E372 + F78103F9FFAC1361AC2D2AD84C6AA3E8 + stream[192..255] = 48E95C2FCFC79C91BACD0C41F626F05E + F80E076E359299EB5272A2F688F96F6B + 3147C5A19A99D562A11E953CB2A90911 + 205A7760B5C8CD959EE6C183A8C1420D + stream[256..319] = 974A4DE50EB45F6144DAFFA6B4A68E39 + 48838434497B8F9700FC42005F3C2FB5 + A79984CC2E770C5400EA21AA4EC05751 + 80A288499879E50462225BE03D677875 + stream[448..511] = 09823B2D55E26C49E42FC0820D7BA081 + 5A7EA9380637A2AE2C0D29253EEDB884 + 9BF4F54D64677F08A1763EFFD904B62D + B3843B0ADE885C00640D16A99E28DCC0 + xor-digest = E73D8783F926558E0C1E1B0D3FD86CFA + 974CD70EBAACC0CEA2D977E9AFCCD384 + 935584D2FFEDEA813E6234112CAA1401 + 71E99BCFE61A7D0E430D4D3F75AA3E28 + +Set 3, vector#216: + key = D8D9DADBDCDDDEDFE0E1E2E3E4E5E6E7 + IV = 00000000000000000000000000000000 + 00000000000000000000000000000000 + stream[0..63] = 5DE3EC7E6D724976985B426D722D93E6 + 1F40F5F17EA14B298AC898CBD69F2BBA + 5705E1D0CEF7B7122362FCC0D5106D54 + 25D51F51E29C938C592D9E862DEE9E33 + stream[192..255] = E079C49AC8F160A9D529F30151AAA7A3 + 1D137E03DF4C23F8734AAC3B20BF8520 + 90E3C2529761EB4D67AEF1CC46399947 + 1240DEE8343D6355B5D7377A7934B019 + stream[256..319] = DF574E03ADD1DCBD0712D2748C93CD72 + D8488396AE3D3275E5A53CAF3EC112E9 + 50A79494F25B9EC111FE9A7A68A5AEA9 + 63A4F87B37F822B79D954436368D8E20 + stream[448..511] = CCEF4C93BCEB2494EB4C70F5E301E980 + C494AF8C117F291DD09E3960D2C5A7F1 + 9928C08F2F51C419E734DE9AADD25C81 + 3579A7F0B8B367A49B97DED5793E4DCB + xor-digest = 868706BC1A5F3D0BDF96E10324EC36FE + 01596216B0B8BBFF69C5BDAF69D0F38E + FE89FFC32D34D142F413A5BEA7AB38ED + 22436C62F86C540101DC0267FAF67904 + +Set 3, vector#225: + key = E1E2E3E4E5E6E7E8E9EAEBECEDEEEFF0 + IV = 00000000000000000000000000000000 + 00000000000000000000000000000000 + stream[0..63] = 45A0736DB4A28A3A6DD181FEF3485F2C + 918C65663597C49F4FB23CA550C77CAF + 7B331B5D183844278E0D959EA024CC21 + CE1A84923E6E782472BA1645BEDFC60D + stream[192..255] = E9EE0DFD717F72FD8899D23E87E77DD9 + F9DA66B4645AAD8D8C3B489B0A637449 + 80020326469B4C6403012B6E315CD35A + 4344934D720467F30B61C8AEE5C3C342 + stream[256..319] = 94A2BA2B744CB83A29004AE21470212F + 67C2FD18F227FC017131D7F4DD0AB412 + 48C59BADAE2E408584DF35C603192E37 + 344C52664DD68B9231661F304F483F41 + stream[448..511] = 6A29174A1099BF8759D2F5F9BA60816A + B290252AEE08339BE0021033DED03C46 + 9C8E28AAFAFDC67A7F2219C8942B004E + 47263842BEBB47EC6B0666ACCC884591 + xor-digest = 7A7411EE5D174907B1138575FCC7479F + AF3437BBF098CCB5D8D25F49E6788374 + CBC9CC5812982CBEAF59111813430BEF + 56D9DEEDB6C935804013759CFAAC40E4 + +Set 3, vector#234: + key = EAEBECEDEEEFF0F1F2F3F4F5F6F7F8F9 + IV = 00000000000000000000000000000000 + 00000000000000000000000000000000 + stream[0..63] = C430C2A9FC44DE1563B1679C1A2DFA98 + 91D01A302C5165EC13B26F6EE4F25437 + 264AE9E18C98BE112BF560C72024827B + 85665C491C47BB396B5AEC66CFCCA371 + stream[192..255] = 60F3A13B9EBF8784CC81C132E004A179 + BEA0606D4C2C830077A50004FB0487E6 + E179D81FD9784DC3783ABF86523FE4A4 + 68930272980E3B46F865E4729DD34773 + stream[256..319] = 44BC861136F6856B1C74C1CC13753B82 + A75E34EB40C518400B507D99B42E488C + 8A1F2F590E029EF48DAF2674FDB053AE + 5C0967923102EB964602256F70A9CC9D + stream[448..511] = 0EE3ADBC4CCC63A8B67C7812CD294183 + A2E9D4EF0D65F854FE66CF9D76A34F91 + 867B27336F8EEC2E2CD30CCB98AD5769 + 77B07C73C833B51753BB9B0DF08C4834 + xor-digest = 7F848C96AE9310B5282712493AD7E13E + 2B4581545E625A4DCD98576C75835058 + 6C621244B6CD439F8E62625ECD9460D3 + A18BC2F5DCD9FA7E8CF7880CCFD1A44C + +Set 3, vector#243: + key = F3F4F5F6F7F8F9FAFBFCFDFEFF000102 + IV = 00000000000000000000000000000000 + 00000000000000000000000000000000 + stream[0..63] = B9B3501C75EE296AE858573B63C4888F + 72B18683CBCD6B95602D51E4388D6DD3 + 7129169A5209202E2C6EDEB5026B6511 + 55E4747DD706DDF248A8705D50D38A29 + stream[192..255] = 12F90D1028010D8296DD0D6ECC4F2354 + 89856C315555279BD0A4E3161178AAAE + BD849EC0A90903CCFE9DC7CC821C1CAA + D63A45A1D0C0247F1FB1423877FE9A32 + stream[256..319] = 9F0608162C6315D206B5EFB0E40291AD + E882445B9F34154F6E21B9FA23356DD4 + 79DFFB16482F6A4F28A8A0629E8B1D78 + EAA473CB126FB3727B826B4B3D6175E6 + stream[448..511] = F26FAB00C37C03AE33209E19F865B135 + 115A5E254A6B5C1A4896987EAC35C2F4 + 327822E165AC6BF99F535055ED74833B + C1FFEB32588D8995CEF0708E2D3CF832 + xor-digest = 87243F1D4D08D7EE39213D1A4B9E2458 + 368339A11E364345B4367F84154B36DA + 03A3728A7EBD4237897F9D1A19CCFE92 + B9D67D3A4A755E6EA8382041D4827A17 + +Set 3, vector#252: + key = FCFDFEFF000102030405060708090A0B + IV = 00000000000000000000000000000000 + 00000000000000000000000000000000 + stream[0..63] = 05A90DAF1A6B6B60CD3B999A11FEEE39 + 6D38983ECDA326EC9229D2A1EC722B0C + 3C0539DDBF6A4CF62B9BAFEA6C60A29D + 4AB63BBBC88987E9A74AE2F71B1E8DE2 + stream[192..255] = 0AE6673D9F99C5EC9A4532B2B9786CB9 + E948A206CB992335FE868BB2271DCA5F + 9AB75995A7E7D46F8EA6693765C93D90 + 9D41C24EF4856252986DDFCBE65D2D11 + stream[256..319] = D8B07A866003059BAEE90378AD5EFFD5 + 2732755E79402B50BA0F26A038B3D9C8 + 1481C19080CB39FE840F8E7313D0C034 + 9FEA4AA4801225630AAED3E522D6F920 + stream[448..511] = DED21140E5A3C0C4615D7153DF9381F7 + 269616817A273BFD984AA5E7CD9D9CA1 + 9C28E51F4C03C262F5BB4175C799236F + DA69AB27590857C0F270CE4BBFE02D5E + xor-digest = 2D47DA3161389F5F54FAB37F391C21CD + 63A748112A1AB415670524B6CB93DA0B + 6B54C541ED59F3A54DE238C3FADB3236 + 3871F6DB1A507B33C1B8F280B0C04B1A + +Test vectors -- set 4 +===================== + +Set 4, vector# 0: + key = 0053A6F94C9FF24598EB3E91E4378ADD + IV = 00000000000000000000000000000000 + 00000000000000000000000000000000 + stream[0..63] = 114265E078311C062B518148B4530F73 + DC9B95DCC41C214F8C9486473DC46847 + 71819020010586A750426A0E633BC787 + 6E228E2353AC0A68533C85A742387800 + stream[65472..65535] = 196F53D41603BF286D1D11F012E564E9 + 3C7FEEEC9539A015D49475DD8CC73C84 + 2F85521B4DD9789A813A59D444AEC702 + 164F669C59B43B5115202D08662D4EC2 + stream[65536..65599] = 8A7B672621B0B77E8BA8EB9A71DB4558 + A78364244F182519F89D25D3012CF8C4 + E429DD543C8DC56C6DB8FA5E351BF615 + 106B51F9FD00F54018A94DAA91D76715 + stream[131008..131071] = 33EC15BB2C553646CAED9ABD83F37ADF + AD3B3313A074B69FEAD405BAF897C3A3 + E12BFB2F4CC3136ACFDA284DA1E780DA + B3E4D34C053302989FE6A79A1EB0F5D2 + xor-digest = D899BF7CD2972EBB7333D4E57DC809A1 + B717373577B15544443915B36ED162E1 + 25452584F3E0C2B62164092219FBA924 + 31C1FF2A14C8E2E437427DACF80A200E + +Set 4, vector# 1: + key = 0558ABFE51A4F74A9DF04396E93C8FE2 + IV = 00000000000000000000000000000000 + 00000000000000000000000000000000 + stream[0..63] = 8EA023E23D94434EAA064A4BE52866DB + 57EFB7B200DAFF5AF2AA72D3E55EE5F4 + 5060FA89024F259CD2490C628452B1F0 + 91020DE10263BA86838B2E388F5AD040 + stream[65472..65535] = 5BE1EAE0077FCE5C2C21120EFD560A96 + 27C3DA9462BE42580065C9E51B7D36C1 + D9D717DADF4A3122A08303A8E27721E2 + 1DADC91138A2461713998AEE26F811D5 + stream[65536..65599] = 482694A9797978003DFDA5183F00FF97 + 9F38894BC92DC88418FF68156117A2B4 + EF10D76923A734ABCAD1A5B4224BBD08 + 836E3765321045C3BF6A352371F82CAE + stream[131008..131071] = 614BC8A38C5F9E8507595E8F5A03484E + C9DEC6CF52DECFAB008327527B822365 + A2038FF09411D7B952417C8C7375289A + 244D50703B73577EC272827A21BB917F + xor-digest = CA9E6EC13B679609EA778447EEA1157C + B366A08AC5A96A73D0B5E182DF24EBD9 + FC297219A0AF67591BFD68B1721B5970 + 8EBEB3655791107FD2A0F2F2E341FCC4 + +Set 4, vector# 2: + key = 0A5DB00356A9FC4FA2F5489BEE4194E7 + IV = 00000000000000000000000000000000 + 00000000000000000000000000000000 + stream[0..63] = 5BD3D0625CEAA75ECFC9828179F7B73B + 288A208D60A2297F2C328DB0789BC869 + 4E50F50E8797F8C7A49E24F72A3AC359 + 796E6188C71A9B3DB88DAEB1BB2C77D3 + stream[65472..65535] = 726C7D7AD756CF567E0E8F812A282675 + 7E75D593C7FCBB45F842020AD59F2B53 + 888354CEF541411B92C3AF6D57ADE7E9 + 273805927DEEBE552B32D10754C9D2E5 + stream[65536..65599] = 5703464C0AED290E65815D8D04098B0E + 22D2FA825ACD4391B56CA64CB8201BE5 + 7B4FB9ED6BB7608BD820436146339559 + E7464BC13A8AE3167AFCDA58E3C017AE + stream[131008..131071] = FFC5787A10E340B07D08160D2C4F653E + 407857845A0D68D1EED8EAC0116CC376 + E33AF8A1120D8DCAD6C86B757AC50393 + 46AADEFF012BD0DAA294DD240D87A98C + xor-digest = B3BAA21AA82617D3BB9C2612E177CB71 + 51A51790D97FE33C3F33C01B32091758 + 5766643C125293E1F75D6BA3C46AB381 + 75A2A4934D4C115A6A1547932B077A58 + +Set 4, vector# 3: + key = 0F62B5085BAE0154A7FA4DA0F34699EC + IV = 00000000000000000000000000000000 + 00000000000000000000000000000000 + stream[0..63] = AC5DEC8B95C89F4794B7289C69FABE29 + F4AA64476D057873D87BD524666F62F6 + B71B5131BFB897AE64F2D500437E1798 + A742E7B7D06B8089F3DB2453D008C554 + stream[65472..65535] = A2F58800E24BA8B754C64BAD9252BEC3 + ED1273598EEF4C6FE42FE2CADB81F220 + 26A90BC88B43F2F1FD2E054E8EEECF57 + A114D087D5228CB276FD5F4FA3ECF4FB + stream[65536..65599] = 5C67BC8E188170A57DB85ACD2F7121A3 + 7D83F1A708ADC54C14064A9559FE7E1E + 3F9E60B9670EA4394521B11D8283EE42 + 12874323628EAEF0B90FC4653106D68F + stream[131008..131071] = 8AA6F8A20F7D4A0B7EBAF6A7336B6D76 + 731E65DCCD179BD53F6B879E70B8776C + 6A8EA30BFF09BA3026B3827EDB9F9C2C + 0F96655D8B84EF725D0603F8CCE3C2F6 + xor-digest = 458DB66B656320F5F7E4FEB12E748C0A + 59F0CD8A7ACAECC25479C309628EC0B5 + 3B441B831B484FD3180C52F63EDA1858 + 7C232B195356996DC29DE6DF54E5BB37 + +Test vectors -- set 5 +===================== + +Set 5, vector# 0: + key = 00000000000000000000000000000000 + IV = 80000000000000000000000000000000 + 00000000000000000000000000000000 + stream[0..63] = 635990D909A80CE2A75E521ABF588B6E + 85320D2C722D1C93B42AFBE6358D6E2B + F2BE933BC961FB50F9A2B55389A08CD7 + A0131F89CF0E61D0C7071DEA6D8DD4C2 + stream[192..255] = 0F92D4DCC222BFC7020CA6BC3D044F69 + 12D9A93668C65401C570A01D6BF6B3BC + A6F00F6FF46AAE3C09C6158EF05A520D + F8D55FF27CDB7AEB5D03C1FFCE7B95ED + stream[256..319] = 664CCED71B27680F9458952173BE0043 + D3C27F35F9CEE7AE9D783ABA671C4FC6 + 8F2815DC904316BEB39020F646041276 + 5BE5500A60DE2209961755C1BF96E1E2 + stream[448..511] = 8F02C1FB389DD1C5F0CB730ADA528D37 + DD778C4782C7B5DF1961F97CC82B63E2 + 9CF4BE512EE27B50781E297D1633D700 + 1298F13FD8AF9D1EA83F831A70EE50EA + xor-digest = 3F9A4D249220E1AC8E559399FCA23DD1 + 1A250DCDA841502F5FEF0F5D4EFE7E46 + D9B1E5E4312903E290D695C2B681949F + 480D45F78FD69597570338049464FECA + +Set 5, vector# 9: + key = 00000000000000000000000000000000 + IV = 00400000000000000000000000000000 + 00000000000000000000000000000000 + stream[0..63] = 8E932D78DCDE35F1E5B8B2E863859A64 + 7AEE8B0867F6F221B09C37B7A78B4043 + D055164B1FF1608EC17F3F148FEBBFF5 + A9FCE4158B33D2CAA4AC5FE5551C788A + stream[192..255] = 7034BE31CED03DEFAB3F69A24E622BDD + 9B202ADAF05D0324EE933064ED6D965B + 937FBC8405F0D7236AC28C320CE66C06 + C5B93EC581FDD59ED40102C651495EBD + stream[256..319] = 37C4EB0E72191FF0F70C8A70F475061E + A0BEDD8A9AF1901FC6BB5482B5A29469 + 06E8C40249E02784896D5D42387127DA + CDF1657A66E0D43E6F69632519D1D3A1 + stream[448..511] = 8CBE98126AE27A51146FE05F40CEA89A + 39781F515D621DD48B6D6234F9AFAFF3 + 6FB862084F5249BCC0018E8FBC090121 + E227FF494BC180FF68EA2B134E7B00D6 + xor-digest = 24556A29026E3CAE101E7112B2FE5BCD + 3D925460B66A9EADDC271E39C317DC27 + 51DC9254491F76F9163AF09AA5372F34 + 1B76D54C09DEC9419F839E5C50F1957C + +Set 5, vector# 18: + key = 00000000000000000000000000000000 + IV = 00002000000000000000000000000000 + 00000000000000000000000000000000 + stream[0..63] = AC05D72564EDC8EB439A95579D04BF65 + 592AB1024152B9B14D71B18FEB5374A4 + C07AA2F58EB2E45F737580241CFB9C0B + 842F8CC9230B540FC50A590DEBDC29D8 + stream[192..255] = 48AB7E018380336AD0CFF37379D9E370 + 5B0C938600C6713FF4CF5C142F640FF9 + 72CF147E7C38389DF426FBF560E7DEF8 + 41B4B1CFE6A4E2DB4A85505C931FFFBF + stream[256..319] = E9C6536F67F4B3053B353170CC5B77B3 + 06A47B759A5FEE5BE45842C01E11519E + 5746B056C86D8A6712446949DFFE6935 + 8E4512E7BBD6E6F544CACA98BDC723E9 + stream[448..511] = 731EF8977E1307CB5FE80BD4F89025A5 + AFEE3E54F7CCEE6556A211097498827F + 6219704F96652420BB9EE830DB3DD940 + 96987BAEC5A43526FCBCD85C9BFDB209 + xor-digest = A37E582543E75640DD988C7FB5579D43 + 9C41669EBCCA5580184743BD54D24CBE + E32F2B1433CDBE51E8208C78FD739CC5 + 4E2A37E16A7AE4F2193ABC4F04C35D23 + +Set 5, vector# 27: + key = 00000000000000000000000000000000 + IV = 00000010000000000000000000000000 + 00000000000000000000000000000000 + stream[0..63] = 0B295517E5A2E100C262736DAE920F2D + 26C40787AFEA87FC34C27D6E0BF98A62 + 53B695751F9095C8766184EA44042F2D + 6DE099A80C75DB1F33F53EFE578A8F0B + stream[192..255] = B54C4F2EDF17A1EC22F536586A5BD691 + 2008DA6642C84AFC8ACD35A7DAE73F79 + C835D83F4C0C3B1E510D1BB42013A872 + 8E4899A8CE134625698CAB31852AA7D2 + stream[256..319] = BBE2221921E73DC79E795AC0AF9B890F + FE88A14DA29DE45FA38F4C3E94E6BE9D + 98238BFB181FE664B4147CDDC125FD06 + D11A65F1975A0D781024DE1EF026DFE7 + stream[448..511] = 83E61FCEEB1367635632B45BC73B8B39 + 165015E7A6B8D9851390D4CA9DCCB935 + F09BDF52883FF37BC77DE94842E39BBE + 0BE530FC9D3B4564E11B7EBAC8083818 + xor-digest = 55242D44DFDB1A747071F1C825DB5620 + EDE1AF37B6D73A22264B14F7D35E4412 + 4A6242C5AD34B54E98738D6CC90FE355 + BB9402DD017B6678FCC0EF27CF5D67C2 + +Set 5, vector# 36: + key = 00000000000000000000000000000000 + IV = 00000000080000000000000000000000 + 00000000000000000000000000000000 + stream[0..63] = B89065FE0B458C64FD6EDC6A893C8C81 + 83578E7D37BE97E6FF82E45110A25960 + 49A817CDE859B67B56CB80768D6DD275 + 6EC368FBABC35C8B51C62AC92F913281 + stream[192..255] = 0E0AB045409ADA1A9540504550404B8B + 2C38384E577F2DCAD5316CE7E806A0F1 + 21D2A3298F71F301340F3C0A9CDD4815 + 936F16B4EC229E63451980646D45E3AB + stream[256..319] = 1DC37BCE039878BA2E5938E4563D2523 + 7350E41C8EF9262A9EF7D7FED7E22F45 + DC3E98EC981D2BCCC1185857C627EE20 + C86DFEF500756B241320798764C3C09A + stream[448..511] = 9A0082CDB35BB3CB1C74CE337D944D3B + 2C833B4F786A92DEA4445A2E5E101384 + AEA834F5E01C1B37EF8291D039875A3E + 21D613FC71212DE686AE52295B773E42 + xor-digest = F94584BB343C6BD6BE3AA1EF799989CD + 93F6DDB6A9AC7E2EDFC92460F0905E6E + AA3E81F6E173C7F9FCE8FB5D7B261A58 + 3FF006AD017A09FBA3B3D084285169A6 + +Set 5, vector# 45: + key = 00000000000000000000000000000000 + IV = 00000000000400000000000000000000 + 00000000000000000000000000000000 + stream[0..63] = 486343B348F2A1726617D6E93989B000 + B41FC9707E2A99C7FE5CE9423DC3004B + 67EB02F45B368F87FF2C4CC0C59D1728 + 9F713E714E049CFD8E5D593255092A7B + stream[192..255] = A1A3127E632EF47679F52224E6D5A16A + 6E0598271F36F4DAA98B115535E77C71 + 84170D2DB4B8C5D804790A666D105108 + 81213A0684DD4AF03DE7707702F4F73A + stream[256..319] = C917B1577463E05F34350C4C7F6CBB5B + D63B2D74EAF1500832132CA1A1F289C4 + 3D93BFDC5E9D91897D2F7E05740F3C95 + 0AD872A93DAF3850A452410FBD706A92 + stream[448..511] = 11646E84240BB95D1B14694785E7E119 + 848855E462DD14176442B8595CF602C2 + D1F4A2E09B8D7DE28382D1DA4DB3B1E5 + 910DAE6ACC02E79FEB07A8E55747046B + xor-digest = 65E9982A725056B8FBC275052EA48C00 + 69A1BA0939831C4014E81AAF14F66FB0 + E01FC0C70A49C4533ACBF304A5309F4B + 60D6B310BC66C6684BD5B9C83F994E95 + +Set 5, vector# 54: + key = 00000000000000000000000000000000 + IV = 00000000000002000000000000000000 + 00000000000000000000000000000000 + stream[0..63] = ACAB34102EDDB67B8A5D8B135BAC15CB + 1CD52AE386364C709C2B9D6BD322D7B8 + 477577B4958D448A3BEBA473D861E592 + CA15371AEA0F500361CBDD865488A7A5 + stream[192..255] = F25DAF77D7D734E5486A1AAE01794FB3 + C17099E01489A5B4213EFAE6D745B798 + 77939C7A178D1FF09EB2C42A8A3CE51D + 59D501B36BF9E4960BF3FC8D50F5A847 + stream[256..319] = 1C9C6F63998627AE1AA7E8F0B2D73A99 + 707256CDB12E3AB239EFA72AEC516FBD + 6DECC9375EAAC634707A139E59B32B51 + 5D25ED6951FF4228A11DC87E8DE61385 + stream[448..511] = 6A997977A25F4E9E0D9AFD8C20B56EE1 + C702C301528E332BF8F5E7DBEEE5CC28 + C9E12E1A8BD7A2118A0F31F800B574A8 + 2FC44FE19B20F1D3396432DBB02DACC1 + xor-digest = 0B2BA364EE76F0549A10200D129196B8 + E2B69667999FADFAD55CA479AE679C56 + 54A453C43898443B9DF2835AE806C2A5 + EF30CB8AC25DBA756A705F66759029FA + +Set 5, vector# 63: + key = 00000000000000000000000000000000 + IV = 00000000000000010000000000000000 + 00000000000000000000000000000000 + stream[0..63] = 4DD010482D0DB2D09D76872D25F73B26 + 749FFE70B9674587FC4CEDBA5966D217 + 489244D0177F676188A1762C430DD8F1 + 5ED9F7BB67F2E8A79F7633DB7B45CFF3 + stream[192..255] = 3587F0A7B9F410D45357626BE10B4EAB + FF8798FECA5F91F3AD2543B301B5C301 + F84404071C7BC77AC31E423E1AB1E2AC + 2CFAA37DBC2A1316D16A5C7BFED1A77B + stream[256..319] = BFC632891511228ADBA0211EF390A7F8 + 08A12AC6BDD7C2E29DF27025EBA1A6EE + 00B9718FF2BC003904C1C28878894AE0 + E5CE5E9F55CAA522EBEF5747C755CB73 + stream[448..511] = 513D9FFA86D8AFC20E4870DE0E9B330D + 76F02E44A6C4D7C5270B89C6BAC9426B + 5A12666244C0CC5A641118B93F72668A + B7C53CD7FAB0940F1B37A85015DC91BE + xor-digest = CACA8BD50E28720128B57B37D45DFB02 + 206D53785FCE81205AEA085466142DB4 + A17F841156916294F3B7CA93CD99CB12 + 93FF593B5105D2822CA9BC3BAF178935 + +Set 5, vector# 72: + key = 00000000000000000000000000000000 + IV = 00000000000000000080000000000000 + 00000000000000000000000000000000 + stream[0..63] = 4DB6CB1D5BA89BA45BA8E3DFCEFC444B + 7D97C73F53EBC50BC46047CD76499CF1 + FAB51AA6C8B24118AC4EC8E49192B41A + 2812AA1A4325418AA6C69F6143F0A6B9 + stream[192..255] = 33FB647044F3918513212D3538C31662 + 1DD9F3A10C0589CB718564CED7ECC391 + D9701C7A23AD48E05A79BE9E32F60819 + 3E57FA8D8EDDF9F43F38BF8BBCBAF52D + stream[256..319] = 79F3525A6EE300764DE481C20A40135E + 94362F56DBF4C5AFD214F9D4039A0899 + F74A7D7C27494B39D1B0145B9F691B5F + F436F2AE8B335EC62CCB0FF506E0240D + stream[448..511] = FFE0E6B8D741377FF1A02764FEE3D681 + 6CD020C6DDA5097989137E9BCFFFD35E + 0E6379AD2ED3D9D298C6B98DEA82DE6C + 2B66529C860DD4ED56265CA09B16A8A3 + xor-digest = BEC66A4FEB220D732F04AE0B98FCDE2C + 0B70613BAD57D7590E007E84AC546B09 + AF1D5BEB509CFE5523254B5FC8CC2672 + 215C67477AFF14D0788DB166C5B4B12B + +Set 5, vector# 81: + key = 00000000000000000000000000000000 + IV = 00000000000000000000400000000000 + 00000000000000000000000000000000 + stream[0..63] = ED4C49EAEBE78999C0DBC4674757D435 + B056A45036DC51B390A6C87B3CE8BCE8 + 2C7DD348C7775D2402EBE359E7895FEB + B9F44DB5D0F7B40AC207A3CA750EF25A + stream[192..255] = 32F897ACB5CE63D1A64781524B1CB4FF + 9E595EEF93A3206A0D1B4E6F4ED7501D + 2DDFCA31B4FC1A33F589167B070FC003 + F67C528B6AB99ED308EC3CEF82B4E2F0 + stream[256..319] = 57CE29261DAB385309C97955261874B7 + 676349DEDF7582B7654D1A8DAA570EA5 + 9745D2167F2AE1ED538F1D0ECE53AA38 + 379F9AE542EBE229D561E34ACB28FA14 + stream[448..511] = 667E22A8BE7BB84CA1B1C0848E5F22D7 + E98E54A79D5A960C33D07357199AF1AD + 53F3F803EA698127C22F75F31C40656F + 8C28818775B3D88460CFD29798187537 + xor-digest = C68E7F4A7CDB68892794933392C1BA84 + 5B6B7CF52B8421137EE0220BA67C91E9 + 81B47F9BFC39FDFF9DD48F3617F2D523 + 0680B87D18A821A09525FDB79DE6FED2 + +Set 5, vector# 90: + key = 00000000000000000000000000000000 + IV = 00000000000000000000002000000000 + 00000000000000000000000000000000 + stream[0..63] = 80FC6D794178A189EC423AF926622982 + 60C44DC5DD5AC91F779D02958366CFE2 + C5551DE2A5D635353757AFDDE68DF592 + A034D87C871D7D871264BB0F89E99536 + stream[192..255] = 0BEF31DBC3F3DBCC5B3D28BE296384D5 + D33DD0AD9A80D4AB8F58274B4397A658 + 94F67376AD8DCEC19BC2C74A835D9F70 + 1F4C60DC256DBA4E83B21D36B66F5DC8 + stream[256..319] = 625DDFD8D922D848380D45D6D7E730BB + 049666B3900E4305218BB7089D059FD5 + 825F9EAA3AC047A006F1353C37AFD11E + 0143DD68CBE9543B959E26ECB4C649A1 + stream[448..511] = 636E6EB97E3127EB703D5170D2C8FAF8 + 63E8C333F5EFEFCF9063E3D770FF9E0F + 2B37396CEC935239797FE430DA4CFFB2 + 9B19D833687318DF01750DD2F3D942B5 + xor-digest = 0865679CB53BC2845A0B71AB820F61AA + 9B99E100AC7F0358D5B610C09EC52C7F + 8C7C5D973CB85B18F8990F3BDBFBDCBD + 13071BB3AB3F329E75A44E80320BF86E + +Set 5, vector# 99: + key = 00000000000000000000000000000000 + IV = 00000000000000000000000010000000 + 00000000000000000000000000000000 + stream[0..63] = FC2DEE44B15BD914C17DADE6645A0250 + 2F40B39C0C6AA26C0250D328112AC67A + 0C55D48700EFE67EFBCED927B62427C1 + 41DB8089774E2DE23C5FDDFD66D39BC3 + stream[192..255] = B6A4D34FC81937580BFC32E04C8E2B20 + 309AF3E2152B98BD748A344D4537788D + 35B16DD2C01444CAAAB8684916705C88 + FE75C53D75713FFFFA2693E91395F919 + stream[256..319] = 9E619BB0045C58C2D303F79E659CF5E2 + 011D619E0CB10CFDD53AEE6812DD780E + 36407CFE9BFC1C73C27CBBD491BB6A7E + 8918023EFD6E2227C0C840F1DFA5924A + stream[448..511] = 2A320747019AE86A59D5422B634448E0 + B43C41457428AC7A4E5D0C9D7327B44B + BBB6F64CC2423299C009E5B24DDF10C9 + F87F2A525ACF803C50837EF6C2FF3D34 + xor-digest = 3737C19DCC04C7C72EC9280D53C17E64 + E9F4B1E47980711DC64FE6D3E7DD05E0 + DEFF339F38868B1F7CFFAD4298127949 + 11EAD4D34047B22B07C397A37F6BD2A0 + +Set 5, vector#108: + key = 00000000000000000000000000000000 + IV = 00000000000000000000000000080000 + 00000000000000000000000000000000 + stream[0..63] = 84F71EA20D46B3802A787C1322DE6A79 + 34587F447AE7FE277362497E4FDB69CE + 129EC4D8D80ABD0C15026EED3DFE2B6F + C48C5DF09CBE035E348A22F8A2AB7DAA + stream[192..255] = 6444791C6DE062EB9A494AEB910A458A + DE3D834BD6F87F26A9D6F99FD970C820 + ED9FE0DF88A924F97945B0EB10E5D464 + 559AA278DAF6A942651E06C66D33F7A0 + stream[256..319] = 1878644E35B3BC562F82647D45C84317 + 769BACDB95DCEACA456727616BC90FF5 + E78FEE1EFB86A714CFCDE79AA9E66FAC + D600B0FC5C471569BBEB5692E7D9616D + stream[448..511] = 54BD56C4F0F3A0CB89A678F2912E5B21 + C2B225030E82A90470EB6040F50A818D + C91F65BFFCEA3F9041BF110A762DE3D4 + B41A8D1E18CAC776063B2DC93BC2D02E + xor-digest = 52E18382B88883C5648E067675468200 + 2AA9AC5C18A856E89175C449A6033501 + 87FA4C17A4D36269340F0877385A35AC + 4B7FEF6E1463D34BCDF3597618FAF352 + +Set 5, vector#117: + key = 00000000000000000000000000000000 + IV = 00000000000000000000000000000400 + 00000000000000000000000000000000 + stream[0..63] = 3F40E9A3C872ED15A6AA296F716E095B + F39153C7C6F4ECE6F550AD35582083A1 + CA0DC3CD817AE3946E43AA9C8700420F + F0DFC21B34F4E5E40B3EA14299EF468D + stream[192..255] = 853C4A895DCBE411B9B2E340B0AB55AC + 8EEEC42885768110ED7E1CCADC10121D + 8DE12AFD0DCA4507A8A7A2650FF68C6B + 5DB1DD670C8C68365E846934D16A46CC + stream[256..319] = 565AEFAC0325093EF87FDC51413BD5E8 + 56AB6C90FCE7D3C6EEB7E58F22AF63D6 + 73BCF3840D611A5E1102E9A4108CB902 + 5A1D837510A971536231CA247965379B + stream[448..511] = 887287B62116FE2A28957ECC71DE5BA9 + CBBC16DBFA4EC141EB617F9314FCD238 + 91C4237FA35871C0C795E2F3A4197DB4 + F81BA4A29759BEB5FA2277CBB9169734 + xor-digest = 78E564BE9E7102E2CB009D7A540395C6 + 188C8499B7E96C0AD709C3BA2C341741 + 6EED55AB00AE5719F25CFA06F1488E83 + 798F18BFD755B9061AFB4EA5D864FC24 + +Set 5, vector#126: + key = 00000000000000000000000000000000 + IV = 00000000000000000000000000000002 + 00000000000000000000000000000000 + stream[0..63] = F4C281D9C88A7FD6B2CBA9EB0366C594 + 59327932DBEF8118A7A680D0F0AA41A3 + 735FE0874F047D2B071B5B9E755A7B6A + 9426353B923A5913C647A88B642B2C00 + stream[192..255] = C7DAC2AE7631D11EB21EF15FDCD3EEDE + 7DC98A7060613A643EE8A944EEB6C7D1 + EDE08538E1BA6092ACDE0C648D29AF5C + 309CFCBC4F40A713FA58D93C954961AE + stream[256..319] = D1647D6453798B7E15A49199134384B5 + C9BDEBF7F859F6460C2666F297410070 + E68307CA78790EF01D160D94B69729D6 + 90A4FE477A27AFF8B254875C98116485 + stream[448..511] = C6D3DCBD0E9D4746B142C819867E0A14 + 8B81FEE3D1007E907F8E9D597EAD63F7 + A87E6F224C67CF8162C4E92FC1BE44EA + FE3715B3C1C432CC660CCF1536A20F46 + xor-digest = 59FDF05B6D16079B7E18F6A8CE0C58FF + AD7C985C01A12C07D1ECEA740A92F761 + FDAC3F96357498B5F5FBA91DE6502A86 + 1332A1B3E85C5E72444A2168C25D6FEB + +Set 5, vector#135: + key = 00000000000000000000000000000000 + IV = 00000000000000000000000000000000 + 01000000000000000000000000000000 + stream[0..63] = 494BAFEFE4FBF2C406F55FFB436105BA + 09211B71DA446A0F5436E6DBF42F8E1C + C805E797C9987C14997083E9004473E1 + B2B3729DE9B483361CD38CC78C982533 + stream[192..255] = 3C04C6633F7D8B714E8549AEA1851035 + A520EB6422F42B2C840C74CF51A13FA2 + 9C1875212E8DC07774D6911415F1C305 + 9826A05DA9F09942273CDB592F7E3A6E + stream[256..319] = 1FF6BEFD79A7E5BA0DF64948BA0ECE7D + ABFB3883BF8A95D3E76DEA30550F5C3A + 2B67FE2AB78DF091E758E498418EF514 + 089283275588A41AD20D53E6394635A5 + stream[448..511] = A4D10D3B6AFDF415D49FB6ADA1245812 + 1DA1365ECEBDB6C2508F1EB92E91E8EF + 90892E6FCC9E70AB9A2EC4D49A11C197 + 68E6B4C154A4D65C55AFD38B2BE3F4DE + xor-digest = 91D4EA4C6ECE28536C415A6AF46DC432 + 3B6DC2DC98C3A3FE2BFE53C8FF556C16 + 0197D655357512A808415BF757AB3A84 + 6BE7865622D32B7DE3867B3B096408DB + +Set 5, vector#144: + key = 00000000000000000000000000000000 + IV = 00000000000000000000000000000000 + 00008000000000000000000000000000 + stream[0..63] = 521913EA655235FA0E713B0DA3ECB98F + 7AB817E70827D29E75E3BF2729EC2AAB + 8747B8FE0FC9489B6E0EFF45EF985980 + CC0189D9D0F2EF34E809D992E7695D9E + stream[192..255] = D265AAD80EC96DFF08859F93B236136A + BE146981E919C0554D64FBB7D03DC9AC + 9021F2A1B39866567D8BA1DBE2C3CD21 + E5C4C94085F7083F4C640E918C4004F1 + stream[256..319] = 7DCD3CF623332365E6CF2D92FD147BE4 + 1E532F51F939C921DD4492E026993E56 + 843ECBF0925CC52D56084E7F2B538653 + 2020DEE6FE7E85D4A89AEEBD5F3EAAAB + stream[448..511] = 00E20611C7ADFC3BD9E59B9E6D7ADB03 + F87FAAB01D7771B89299BDC59E1E2EAD + FC9FDE416B62FEF07AB7A816AF261E77 + FCF79DBEB09323D44B5956CD93AAA990 + xor-digest = 0578B3E20EBF98D89E2DE82A6EA8E34B + 424E526CF419713F0AA662B852E58BB6 + 7ED570D75534E1F23F85F160690A464F + 122CCBFA5CD1DCC0969F2E57D65D64F8 + +Set 5, vector#153: + key = 00000000000000000000000000000000 + IV = 00000000000000000000000000000000 + 00000040000000000000000000000000 + stream[0..63] = 2617095641B825094DE44205319CA853 + 418588D5B6BFC05A2713CF898DC42B3D + 6ABDDF4C287235438A48BDDA49E5ECF7 + EFA235A23BF667289612893708704F08 + stream[192..255] = 04F668517ADC1AF6E31DE6B7007ABAC3 + 59A2DD6DD61755C6CA7053E05FBBA2AC + D9AF682EFC71391EDA4A5872B53D7CFB + BD35ACB719169283EFD9FF9E172269C4 + stream[256..319] = BCBA3F15D83B9AD41317AB9EF7DFDF0F + FF05CDB058AB08D7BBD720723E969CAD + 79F16D26DF0222CFF4249B839EB9F9F1 + 422EDAFB8EC285F27E347B7B4C9B2C23 + stream[448..511] = F15F17F38917DFCA9141314047595C17 + 047F91E4859D849E9A6339F640E3633B + 6A1B62D089B24062BA5987C3FAAB6633 + 99698CDE6FE7A461F127AF67B2C5CFBA + xor-digest = 68B2369B45F059964A1FD3822DAF61B7 + 82A9FBA7EB563F83DEC4D058CA5D8931 + EC74AF4043FEA803B696791C8E0A675B + DD8982AEA862BB76847E1DE12F2A5E86 + +Set 5, vector#162: + key = 00000000000000000000000000000000 + IV = 00000000000000000000000000000000 + 00000000200000000000000000000000 + stream[0..63] = B090CC267B29A95ADFAF6BE3E147D647 + 21ECACBF6B7D0C4061D17FB7DE0A6662 + 6D6F9FC167FB3FFF237C240AA03FAD55 + 13B6DA848F22796DB501A8FB89F2B85D + stream[192..255] = 1CB95ED9AADFA0E1FFE5704BE69CBA3C + 9593746AE87F36A786E5EBE18A1D3B25 + F4785EEF4DB439472035BF053687C5F1 + 0B60EF55A76DD1994FBB482BBD250755 + stream[256..319] = 826BE3D679C872536D55C3F0E49C2624 + D41726A4525A50CF91EB71E7CEC5AC47 + F3834358E2296CF0D04B8D8CE8A701B6 + 6AFBBB8776DB2B75F1CFA01231B365FA + stream[448..511] = 244DB28A98619907AFFDCCAF303A3795 + 3B6D21EE6D22780C4D3C939C084E4181 + 1FFCD8F2DA2E6A2243BD0B5428FB86C1 + F0EA2E8C8B6950ED961F4FA8CDFDCD17 + xor-digest = AAAFCEB42F2EF40C4B5462307085434E + E4399F87B4AE5CA828A952A851F47913 + A51430A8BB9B3CD0A4B2F12E297F51E8 + FE0B1A6FE0F21177EAD9284087D3706A + +Set 5, vector#171: + key = 00000000000000000000000000000000 + IV = 00000000000000000000000000000000 + 00000000001000000000000000000000 + stream[0..63] = 0F4309F63F237DBB51567573126F09E8 + E49990F26E541EF888B9F2922FE9D280 + C8FF4874C0D4FA3F41034B82E2E026C4 + 594A79C2B689BC502C41244DC1AD472D + stream[192..255] = 95DCF9685E429DEC2833E1B5E78823BB + ACD9332D668C4B342B89A290E1CA6127 + B0E5125E44445A1156A70B27966C3E0B + 4E0BCBDD9F4561998A5CBCFAA05C7459 + stream[256..319] = 0886E9887182156005548CA1A08B57C0 + E9FA76C2A694E1CEE22E9B715E99B115 + 9AE064DE644FD580E8356164A45EA1C4 + 3DD85E16158B5130AA103267C8118105 + stream[448..511] = F8AF6F9992781BB09808B7AF404F6546 + 6FA697C2A1BC9BF64F8D6B6D8CA0B856 + 6B64E6BF0500F6D80113D9457855FDCE + 1791C7436F5FF41ADA87562C175942D6 + xor-digest = 8D32FFAA409C8CCDA6892C388D5D654B + 4AD50ED00BA649737BA8F350811A2AE5 + 5C89463C7D63F1F1F16C4007826C2CF0 + E4BD9453A60D88BE86F60BADC3E71E98 + +Set 5, vector#180: + key = 00000000000000000000000000000000 + IV = 00000000000000000000000000000000 + 00000000000008000000000000000000 + stream[0..63] = EBABC8B756971D46C1A5E86CC7AEB329 + 4DEDACFC795F2AE02CCAF68B933DEF4A + 19E96BA64DF14EB6FE67CA48861B49BC + 16052E33C8B47556DFBD96037B7DE5F2 + stream[192..255] = 0438A8CF718F4C52E33DA087FFEC01E0 + 459D26757D5DF55D5D7BC9BA88F57EC0 + 4B84D854374F95317CBDDEE928A2CCAB + E4BA1BBBF47776B29890DF00D864FBD2 + stream[256..319] = BC4A80F9CACFE63D2E54044ACFF39F97 + 2C69015058AD3F81CBBA28FB0987FFCF + 9CD1F6AE4F0602BAE2B828D3FA162936 + 23CF3AC2950BD651F7E467DF8B454BD6 + stream[448..511] = EDC95FB80C9FED4A73D6EE9B2CD74BB7 + E6DEB9E7868D40FC49BD1C52838457F0 + 88DCB29C2107066D55A80908EFD1392A + B4F2F13C0A79F67E58C91A89A5C88991 + xor-digest = BECD7FD2014BB9A25701E69F9788FC84 + 1AA9DA56CDE1CD93DF45D28F29D32E22 + F488B0C2D9FE95B267CBFD35EDB2F6E3 + 05DFA5A2CF09D7E2D13348BC0C9405E2 + +Set 5, vector#189: + key = 00000000000000000000000000000000 + IV = 00000000000000000000000000000000 + 00000000000000040000000000000000 + stream[0..63] = F28A15A90386237127A5682EB09E0E58 + 30709455034A7189AC9710DBB50D5012 + 9EB4E0E9036D4504054B281F3FE9F45F + C80116B8FFC0B42F9A636A399B7A8BD1 + stream[192..255] = 1219EF9BDC250E88BD0A62DDCF9AA1DB + B62E19FBA748DFE1035C6A5B3B94954E + 1370487A455916F7DAB451F79C5E1298 + F549CE005A1321E6B136B59BAD9EBCD5 + stream[256..319] = EBBE81DAE5637C4C7EE6FF9251D5407E + DF7E8EAE384D1E588CAD39AD9F763004 + 9A8E028120B5065B658EF3E2B357E52F + F18891819EEE3EE021BD1AF08A4B1F53 + stream[448..511] = 50086FCFCF5EFFEDC4A52B0212B7321A + 8664F2976493868F13D7CFDFB7583E99 + EBA70778A83CB88850D45B300F7F6A80 + E721860560B2FA642B2E77C7F7AB0662 + xor-digest = 336516670616300FD5FB014C1076B53F + 6637AD0EFB453615924396785CA4D284 + B03F526FC2179FF3BFB0A1A2ACFFD87E + EDC4C8360DFFC132CE6A502EB173A0D4 + +Set 5, vector#198: + key = 00000000000000000000000000000000 + IV = 00000000000000000000000000000000 + 00000000000000000200000000000000 + stream[0..63] = 93261A7231FD030CEAA974BBF8F3A721 + 33334C5F3B25D5831B203C353A566D80 + DA578081A047E28DDF8E4BD5B68BE4A7 + FDE4BB3A4875BA84553AE120ED77C9CF + stream[192..255] = DEC4B603E6A6F911B68E5C1265FA2004 + 71B296A647D20C13E42202C1A3AAE880 + 305F969BB88002C8FC00CC5DBE40AA06 + 4AF85646AA8C7F7191FE26FAA2918A95 + stream[256..319] = 849431145F27957D53CD355501363E4C + 5F191DA666B77364E5866CAA16A9DEF0 + DDB9BC266EF41DB0C2A7642B9E8DD27D + 60DEA6E69052D4BDE9FC83B2578C72E7 + stream[448..511] = 5556EF9874E3150FC539C9BD3BAFD308 + 8FB347D5E38DB318A72AE0C6B6FB4163 + 082545A9AD8872AC383A78230729D083 + 31BFC3F2C80DA20617435FFDF2529A7D + xor-digest = BA9CA5F3C27246F931824A9A425F2390 + E183188FEDE5BE3591053ADCC933E1F3 + DDF5627A94F80F8922F53E951490E96B + F51491ED2D6DA26F3BF69CC41B8C0C98 + +Set 5, vector#207: + key = 00000000000000000000000000000000 + IV = 00000000000000000000000000000000 + 00000000000000000001000000000000 + stream[0..63] = C449AF4CD437641A3B40D0E0E7B5696D + CE973B3B217E02DC20B2F5573FDDF78F + E6E55D75CFAB8EE04C8962376D22A843 + A80BB79C8B8D8B500C4B6DA27748C398 + stream[192..255] = D5C92B62B0818165096551DF2B007F66 + 2DF953742EF0BBE97982FF9D3EE83E1B + 87EC9D710CF1700262B1CAA9C68A897A + 8AB4A162DB0443A43962EECFE5B4C0DF + stream[256..319] = 3B8CC7E847669AC6858B7BB716206386 + 40D8C2DD259EE4970A5F254077101271 + DF745AD7F57712065E2D03B9D7220591 + 5C8C033A4F9146EE561B4179DB465989 + stream[448..511] = BA4ECB7D74CEE56CF1D5AB636BBD6421 + C30A51DABDCED17C8D50F5293424AFCE + 33AF71095CAAD3913A8A3A12286A8E91 + 89DAFCC1E2E744FBF4B526E910B5F2CF + xor-digest = FAD57A608E04CD71B176BBFADED7B229 + D855A8025E963B55FB83EC7311427779 + 490F25D34C6385FE1C036FF0807E136F + 40C10588678E2414163AF1819EF7D3C9 + +Set 5, vector#216: + key = 00000000000000000000000000000000 + IV = 00000000000000000000000000000000 + 00000000000000000000008000000000 + stream[0..63] = 989F302DF6BF8C63F9EB69D2625115B1 + 2CCDA42A2D33BC6F21BD55E0594DBAAD + 9A294DDFD6710E36000C27FEA7E03440 + C8A6E728716D0DF14E825B798A6C420C + stream[192..255] = 3F3140320AA02367512E7C1789F5C03D + 83CC634354237E78E16B1A64DBDFA6EF + 0697B28BDFFAEC311C6E2089BCF64203 + A2EC7BF3CA922080380241A47A673634 + stream[256..319] = 6049048A5307D55D6DB387A6149C7B23 + 0AE33195D53E0026103EB44489BB86C6 + BAEC7A0D920CAE25B1E7B9F07C07C4AF + 6485FF281C7B7FE1D61E660AE55C20EA + stream[448..511] = A6DCBEC85525FA19FA6066470B4CD83F + 17D42DB3353B327BF3DD6E7D047CD752 + 71E79CCBD46E757F3654C2506C2B593A + BC93B8985C491017A8E616D69E8974FD + xor-digest = 55BE97FD8317A47742F8F3BB762160AA + 7FDFBA371864823D93EF6C029D457AC1 + 2D679CB424DA9EAF8E4FE28271C66F06 + 1E91D8F2EF41733AC1084F54330C9786 + +Set 5, vector#225: + key = 00000000000000000000000000000000 + IV = 00000000000000000000000000000000 + 00000000000000000000000040000000 + stream[0..63] = B8989CF76BB1AE894699604320C14706 + E20C8BD86C016B5E2EF705AEC54C6023 + 2A9AA961C10914A8D910D517059A93F9 + 78C537767A057E0E11DBB5C9BBC4EFA9 + stream[192..255] = 83FC232D21D0DB82747D9EDFEDFB58E2 + BB37362FA2B4E1AA0C9A58AE521EFC86 + C512831CC6D2E85FBD96FD3B60D1D153 + E83DDC6C5755899CF96FDF69E3732E4E + stream[256..319] = 201DDE5D82B754341A3452BF7DDDBF6F + 167B2A087900EF40E4268A80217D7310 + F1E9E25C707A1EC05219E3CCFEC0F6F5 + 28CD98534F6C579A1ACD3171D131D87B + stream[448..511] = C2F68B5F03B0045FEE0FC92DA08F8545 + 762F73E553D2F539C64B88D4FAC9B011 + DE0504D66007A115E428F627A667FA2E + 296F222734FA0F905548058897DEA990 + xor-digest = 7DFA65F57FD58891C5576B3CC7002513 + C1A983E9D31317B681604DA09F176AAC + 4FD78CE84EB9427BE8D6A63058582F16 + 148D55B3C2544CF4DB9306699CA74D80 + +Set 5, vector#234: + key = 00000000000000000000000000000000 + IV = 00000000000000000000000000000000 + 00000000000000000000000000200000 + stream[0..63] = 307B13F3D3EEEA4C8FAF34416689F354 + AD26336D6B33DFC5AA004420D2DEAA69 + F69E531EB6D672AD62B2A6A136046373 + F70272E84E14CABA9AEA3102863A0B10 + stream[192..255] = 8E4DA19FEDAD4C842917ECD5E7256097 + C2F524324D8A974D4185D8B11B611C72 + 6C39DDB5E58180971DA181D36A289CBC + 1937E8F020645EC8D0363A58C6147F38 + stream[256..319] = 012A99871D6C4CB7328C1374F37D0BE3 + DCC2232F6484A22C8F330D77316A1756 + 71DF7CB32773F25D772BFE9DED5981B2 + 0C3F0DDB2879AF61E7549F03AE26D233 + stream[448..511] = 47C6CA462D35580BC0C78C6427FB96F3 + BB762662F5B52FB3938CCCEAC35884C1 + 54F5BBF513970FC08F51C91059A757B9 + A8B6F1EFE467FAADA8D4DF68C6AC1942 + xor-digest = 6409F8C255BAE6167686F5F9C7EB2349 + 0FC7BA4DCBC80006B57A5F56CA9F907F + 849C2A0FB0D74CAAFC0E2D4367E2912E + BA6487D8A48DA60E48277A20E326266A + +Set 5, vector#243: + key = 00000000000000000000000000000000 + IV = 00000000000000000000000000000000 + 00000000000000000000000000001000 + stream[0..63] = 543BAEFA799FA0CF5295B92EF3FDC07D + 69B87C1B5FF0A9F25B32F8FCC473D04D + 54B6E467D6183F25E3664A330889889F + A530E354B6E53EBC78354100637A62C3 + stream[192..255] = E15997D1E7C0FA38333DEE2EE2477A4F + AD32F0810E8D3D65EAFB110C2B8D0948 + 59DC45C4AA38B8050A87C23782E1A26C + C193985BB0C3E754A528BEAAE1508D76 + stream[256..319] = A94F1BD38219097B70EC0700A64B0ADC + 7BA8883B5C2C3BBABD0497E80D53121A + 2DC5A5C6A77913330EF5469871BABF86 + 0A09F1474D893ADC28B473EE508F473F + stream[448..511] = A43AC01FC186AB42241ED3729E7EEA39 + F0823D124E8CB696E2F4B047A6B71164 + 5B803623CD0371C4975217B3CBD7D9B2 + FD89D3B6BD23FD11FEC0B03B9CC22AC0 + xor-digest = 792A5EDB6E7FDBE99B7EC2119665C2F2 + 34038F561BB1923F3BF493AE35CE2006 + 55B8EE47490B53EBB481AB7C6B82FACB + 233AD86D74385FA108C94666CD34C164 + +Set 5, vector#252: + key = 00000000000000000000000000000000 + IV = 00000000000000000000000000000000 + 00000000000000000000000000000008 + stream[0..63] = CB4377099B2D7CD6A982A1B1A53E05F2 + E097164EDCB381468C21D8F0615A654A + 45A4D09B7C0218A19496EA71CEEEAE5A + 886307DB0026C96049B60E5154F99AA4 + stream[192..255] = 25FCE0B7E28D5D0D1654D912DBB21AE0 + 288CCC71396CA5AA36AC44AB08EC72A1 + 01E5B189535C1987B79DE4C4E32DB7FA + 48ACBC8F854868FC287E03D54752230C + stream[256..319] = D3B02A39A4E467C44C109E1E25593278 + 2E9B3CCB02D6F107C9263A24E113FAEF + 847A9064E1AD1EC8881EFEB239CAD6C4 + E90ACEC36A7E87E002F35D477CD63F2B + stream[448..511] = 7D4282D7E11439C04ACFF087708DA22D + 236F1A08A6343704DA4D24EA3582253A + 35419183A915B571DDE80C1DEE2B8A13 + 76EE973234FFF6A0DD91D31037F51C72 + xor-digest = D52720D8DF114235D99E5292E14DE96F + 9D8478E016CD40EBA25C4B9D8E11713E + FE9AC151E1F39377FCC07D06E9BF6931 + 6EFD7E27F87E9F76DCBF7831CC3FA98B + +Test vectors -- set 6 +===================== + +Set 6, vector# 0: + key = 0053A6F94C9FF24598EB3E91E4378ADD + IV = 0D74DB42A91077DE45AC137AE148AF16 + 7DE44BB21980E74EB51C83EA51B81F86 + stream[0..63] = 914AEBA9E4BE90FD07AA58B6E2536B59 + 0DD63BA810A2B96BAD5DAC1818722BEC + 61725C75B9E6194F57D3D2BBFE795E73 + 90405CA97249262093234239E35ED9E4 + stream[65472..65535] = 346C1A7D71DBB8FB69EA78F07D60A9A7 + 20D0ED544149AF102C12678D4AE0C5DF + E3521B7344F91977799085008EA00432 + 772C0B4ABEC1DB2C47608F9A29CC76EA + stream[65536..65599] = 6F3B93E808687BE8E37A635E15B13052 + 60ED65488A59125D84726219AEE62087 + 47C6672C585759BA60BFD7F55AB975D4 + B61596A506F8763F715F27A36082DB51 + stream[131008..131071] = C64CAD1578C28BF19F11B14F3D33C681 + A85D28A4B2D547652A7179C31127C306 + DC04BE79BC1DA0279C69F9418311E57C + 0F13D9E993008796EA10607A63BDC772 + xor-digest = A67B88BA16F74643B49BB149E6E214F4 + 624BDC9559CEE75DDCDA01CD343FEB4F + A8F6D62492037A0939B7F745FED8C3F4 + 93102B006D3AF8167E38D1A216B0AE0C + +Set 6, vector# 1: + key = 0558ABFE51A4F74A9DF04396E93C8FE2 + IV = 167DE44BB21980E74EB51C83EA51B81F + 86ED54BB2289F057BE258CF35AC1288F + stream[0..63] = 0B739B0FB68C82FE4120545C8930AB02 + F7C1F08E6C5A1EF913F58148283C873C + 346703A489B00BACD14E9CF30D8EA149 + 14937EEA9074DE932F4847E69D793D3F + stream[65472..65535] = ABA9A96B26DC34C1684B1B9E565D7292 + 0B3467672185FC0C000710265DAD5A9F + FDC7D5D42E412170046AB05591C19998 + F8AA47E5C634E5719B74936526EF6960 + stream[65536..65599] = 286FA01C6BA9498FA55E3AB7B7481D21 + 05D82DBD03CCD59760690DC89EFF5B3F + 9D3FE06CD3E8D9C2C77EA2581AA5790A + 6D1457D534A1090799EA0B1B3BAB059D + stream[131008..131071] = 8FEA40A11790CFB0BA2F199B01F68FB9 + 33874E294F7A08F319B87D0990317915 + C12CE3C47A19001FDAEF72DFD5AE2174 + 72FA2DC47D492393792C407716CD965E + xor-digest = 7362D014CAB8247E7F5A7476238D5C0E + 931B2F9D79D03E773994BBDB93B4447A + 81770D6D1EFABAFFB756ACA945D929C7 + 5CFE214A53F2FE7EF78D76B2FDDC2267 + +Set 6, vector# 2: + key = 0A5DB00356A9FC4FA2F5489BEE4194E7 + IV = 1F86ED54BB2289F057BE258CF35AC128 + 8FF65DC42B92F960C72E95FC63CA3198 + stream[0..63] = E6A0C18EE34238191E39B2DD0F0066DD + D7C0033F82C388043CF13C72CCFB9DBB + 553D782AAFC983F419649CC9B29510C6 + 03302235278AC3F1CE5405829F7E63B5 + stream[65472..65535] = 16B4B4A51FDD9B41DCB8A1CBDFBE8D5E + 5E2F60F7ACFE5761826E68F7C4DDACC6 + 7E0AD9A0B431F089FFE1E5780A66945D + 9E3C32136992ED78B8D8F9E7C38DA359 + stream[65536..65599] = A450FCA398BC87C0079DA4D71E1BF0D5 + 490FDAC094BF45C7F0FE0BF28017DD19 + BD3894BC0E54DEC98F57BBBE71EE25D4 + D96A2E1A003CADC37775CA370DA2898E + stream[131008..131071] = 17D7D66A32B7A47676FE3BCB180CBF52 + C4585015CD9D994C56E6DFA854D9DA76 + 9AB45C8CFE938901BAEE5CFCE73D8604 + A0773736C3336C40355472B6F9208FAB + xor-digest = 9727B576E6090D39333BCC2B993D0F16 + CD0508D7273BE022E907C99E93A17FA7 + 23AB9CDDA9A4D310C8E5A9BAD26767AA + 8FF3C514AD1852DC6749F10FE663C9EF + +Set 6, vector# 3: + key = 0F62B5085BAE0154A7FA4DA0F34699EC + IV = 288FF65DC42B92F960C72E95FC63CA31 + 98FF66CD349B0269D0379E056CD33AA1 + stream[0..63] = 857EB9871D1CB2623103A4D04443CEF6 + 5AED61EAF8264866A7B3276F6B5DA8B8 + D2E7C63E3213CEA9BD3333E4687C6962 + 5D2B980D0E28EA54492148AA16EE6FF4 + stream[65472..65535] = D498F0830A147DF5D15C6DEDC76E0687 + 20D8A1A57F27DF19895CAFDC92846955 + CA942F39F64524E5F70B4B1D3F7B76C9 + 55877A81311CFBE09AA0E9EABF0403A5 + stream[65536..65599] = C850035DB7C0750E015EA60DC1EFD84A + 79C830EFD07675C0664039C90EBA1442 + 5C523DCC60A47E60716F7F302BFD4BF0 + 2A2DBB2CE29DCA01A1AC7B1EE9815727 + stream[131008..131071] = 6D580F0D0C722DA5F901321F57C3F438 + 109F2D2F46ED5572298B40F28C204252 + 6429F5436DC67F15C0427C8EE7FBF49A + 8B5674674E1840E0E664E73C429B36F5 + xor-digest = 65367188C7BD2B0064CCED9E64FB7531 + EFE91EE531F4203B9C367A79B015B4B1 + F79349D68DD316899F5B39A867765747 + 49461826B9511C99C0BB569F7455601C + + + +End of test vectors diff --git a/BouncyCastle/crypto/test/data/hc256/hc256/ecrypt_HC-256_256K_128IV.txt b/BouncyCastle/crypto/test/data/hc256/hc256/ecrypt_HC-256_256K_128IV.txt new file mode 100644 index 0000000..46a86d7 --- /dev/null +++ b/BouncyCastle/crypto/test/data/hc256/hc256/ecrypt_HC-256_256K_128IV.txt @@ -0,0 +1,2783 @@ +******************************************************************************** +* ECRYPT Stream Cipher Project * +******************************************************************************** + +Primitive Name: HC-256 +====================== +Profile: S3___ +Key size: 256 bits +IV size: 128 bits + +Test vectors -- set 1 +===================== + +(stream is generated by encrypting 512 zero bytes) + +Set 1, vector# 0: + key = 80000000000000000000000000000000 + 00000000000000000000000000000000 + IV = 00000000000000000000000000000000 + stream[0..63] = 240146C5EA6C72A8DFC93E54E8811C32 + A85E0BF7291BDDC0DBEAE086D051D5B0 + 5CC9DD5C311ED2F7E8484CC477C68BC8 + C5D3F3450553F5327253768E958C0C55 + stream[192..255] = 26C5976C37B009E57BE86064A99E8F59 + F9536410FAA9BF625D8DD2ABC9AABF09 + DF6B5EFC76CC6200F9E321E327AB0703 + 2C78B351C5F7EEEFF2C6E374521CFF6E + stream[256..319] = 2F72E0E6E710D807D5120AD686DAADC3 + A5C1544557A4BA6B1D61F90FECD55328 + 3C8F91B801DC435C5FFB1F8B33A23644 + 8E21217C367108893D13AD41EA8F20F5 + stream[448..511] = 68320BFC459C78596162EF5FEE2CF46C + 79EAFC681AE91F875672350C59D33D6F + 9E0CEEFE42EA9A0485E3E41C241CDE84 + 9849DEC99219729D91270358B2F83F38 + xor-digest = 19E8083DE3499286788AE3A6DFE90AC7 + B77084682ED86D8039A67663CDC9ACCE + D297F22C10FF7E4FAD773337B008A32B + A7176F733045DE44782F04C1DDF28776 + +Set 1, vector# 9: + key = 00400000000000000000000000000000 + 00000000000000000000000000000000 + IV = 00000000000000000000000000000000 + stream[0..63] = 4B1E2D728E06D7356F151D10DE9CBFB3 + C66A1E5B5ECD926E33F56B14CEDBFCC5 + 40CD6D1089DD8E5CF008E4AAA3C4C89D + 11B136FB5656B5D4818D1BD1E562BB38 + stream[192..255] = D5E6B5482535DB7F9352933242C164D7 + 6528DF7AA013A4FC2F2B8C2D7DC0202F + 85774C16FAF22D5071A875B6A671D4B1 + A8C396AA5D2F14AFF9C4CD6C1DB89175 + stream[256..319] = 3D0FCC3C90DE0328FD0C752458996FF2 + DF822E496CA42A7D7EBF3D958676A41D + 83A16EF3150B8C4C8F1763560B314287 + 54B4A2EA5C4F74783BF8809F3A624664 + stream[448..511] = 2D68526D25483C2A1F0B6F7101507804 + C9619E267F1FFF28C934D19201351465 + 31D13592BC9F1739A0B090718052E4A0 + CAE9E0FA4555F2FAD27EC8AA2F14CC60 + xor-digest = D3C3131E402BCBA54DCE0AD35C5FD241 + 3ED7056BF67B5163CBE6C9EAA9D27535 + 7D2BFB7B2843DFE92709F047675CE06F + 5201611BCB8FF15C76D0E328D46345E4 + +Set 1, vector# 18: + key = 00002000000000000000000000000000 + 00000000000000000000000000000000 + IV = 00000000000000000000000000000000 + stream[0..63] = 4A0CCA5AD387D49DF33FE8BE69FAD669 + 270E3E6CF724F53FC3E509A2CEF1D174 + A67C2EF4B9D2C9B8A8177BBFBAA2C45F + BDD25CBECBDB59A402FE3C4835854CAF + stream[192..255] = CA0F19D9996E6D3518D28D8169968ED2 + B03D118D4BC1C5E1847BA6EFE6A32D6A + 32BAF71A4C27B0BBC9B9BA03FE044D7A + C9785A69E3B0E5B3B26AABE3AB093965 + stream[256..319] = 6FD1A9F1EA228C39625FC0CBB2D4BF8F + 2C0EF1F37D4FAC56D8024D1B4F2AF33B + 8AB0D452F5155ADD5F0FEEED8104AD55 + 9946D2E274ADE44170F5113630200B57 + stream[448..511] = 5DA1476A1CBADD0797DD7EB9C0E563B9 + EEA2C55860C42C2C0A6B38B9344BA0C2 + 345C7143D9A7E5BCDF9FA2606098DEA2 + 142632258F844AA1A77CC9950D5ABD7F + xor-digest = 0CCEB42D4045C09C45CD6C27B88606BA + ECF7F6B30F50004AB2ACDAF89849519F + 61482EC4AAA2CF58C4206A228FA23AFE + DD3BD50BC9C04744940A238966C2926B + +Set 1, vector# 27: + key = 00000010000000000000000000000000 + 00000000000000000000000000000000 + IV = 00000000000000000000000000000000 + stream[0..63] = 77CB199A639DE60664225AD1DB954B5F + 70DC01305D2D4073BE772B0863175EBB + 64FAB80EF324DBC85A9EF827EBAC7A5F + CB088619C246CECE6F92B89A2122B6AB + stream[192..255] = 84C1E9B365F1CD23AFD5711BDF2B6F26 + F988A6CE29450108FD6814802355217D + F6F329FCB3F5997401019BAE0AE43760 + ED6B658FCB4280F5A070728411EDA4CC + stream[256..319] = D0AD4A851E7A60DC789762A554A8FA76 + 77FA610F4D868CFF1AB6025B2ECDECE8 + C554B4C0BDF543F58A1DD7CC68FD7AA6 + 7EFCFD59D55372E85131D6284E7949AF + stream[448..511] = CF7F791090D04350930AA1E1A53B70E2 + 691A231595E83F8BAB9613BDBAD868AB + 197D5E06B3397CC3D81F56B87BC7521E + B0BE346552DABEBA863D5C81D7245C8B + xor-digest = 2C77C0ED1F5AE20A97388ACA5300918D + 6246B04429F298E64A75828EDBD01900 + FC70CC103C31E0BB67B06D04128686AC + 5C5FA63FE714FC4DF18C551BDF81862F + +Set 1, vector# 36: + key = 00000000080000000000000000000000 + 00000000000000000000000000000000 + IV = 00000000000000000000000000000000 + stream[0..63] = 54A5A2E883714170B471C0651D74A9F7 + D51287C89FB345DE0AF7003C3871425E + FC885F033D79BAC9716B1ED5C637BD9B + 0F16FD8D613BFFAB634F0EC2497D7B3C + stream[192..255] = C7FBA70B19B749BBD0C84C7D31A5AA44 + 155623116C44CD53D2E640034211E730 + 277402F62D1FF1578236A2646AFE6108 + 2C958D9D01C065D7335EF9C29415AD42 + stream[256..319] = 2385E2A7070FEC7399BB3CEEA43C8D0F + 54D3607FC1C21BF173642287C1FC2C96 + D37695A7B1310E5E918EBE37113348B1 + 707BB39E401A10FF14EF020CB7C44261 + stream[448..511] = 5A87EF81C2CFA70D86B147E9587467B5 + 22FCDB4EAF0353E11F73F3BCC1EA6C09 + E962A87A0842B9225E164DB0CD1A3BA3 + DA8C02E6746CD3AE0BC4754ADBE7EF6D + xor-digest = A65BBEA2E397048E4714A8AB3C19EE6E + 91B9EB8048F35FA7AB9E003E9359BE0E + C3EDA827AF485C23A941F7D656C76CA2 + 5D12044923E43E61E7DDEBE7D9C87E3F + +Set 1, vector# 45: + key = 00000000000400000000000000000000 + 00000000000000000000000000000000 + IV = 00000000000000000000000000000000 + stream[0..63] = FF81E156907CC2C01EE23F79F936809E + 3F88AC15CC01BDDDA378CC1BD2317444 + 200E4E2C63E15FF07B0B40721970E7CA + 68F748A95A965EEC606318447BB31C2F + stream[192..255] = 4C4C42A330AD444388FCA4009CC0B196 + 84AEC3EE65138A747FE86526A263969D + 87CCDDCC4C9A0EBDE2D088CCCEBE76F0 + 52BAC07636937B1567637ADB498F7F8F + stream[256..319] = F550BCDF67C8E9C17B800487DF83A4BC + 73B809C4F3279D4CFE857780412F0F7B + B838A9F0322BBA84D7AC51E469C5012E + D774E52E3507C7D069F5169F0403C577 + stream[448..511] = 9D92715109A301AD47BF2376D65E2519 + 78E12098B0DEA5B779079A0FAAC4DB42 + 5BA9EB00301A5F964336F7EE9C0D9667 + C4F0DBAE14BED3E49A6A746FCB186C65 + xor-digest = AD2264EC651E311BAC5FB36434773F5B + 4A4777B2B7F811A755269FDA8339DC97 + 7A8C6A5F66E8737DD16A88DAB8545110 + EAE275892A767BCAC0757C396A690F67 + +Set 1, vector# 54: + key = 00000000000002000000000000000000 + 00000000000000000000000000000000 + IV = 00000000000000000000000000000000 + stream[0..63] = 3DC3C1A1A40E721F8A3A66960DB2C0F0 + 6D8B7C07FE90D67C26F86200D6A1A1D9 + ADE4D53A35F7A016A506D9C62D344D49 + 5C6DEAAE053247103B8F202B85A5036D + stream[192..255] = 9B83E56BB5E10B5C6C05C4B450B64FA5 + 9C52AA63E207592999CBB48355517F05 + C93EA878BFAECE58CBCB948E81BEFD89 + AE0C5C13359C6CF5A673B4EDE28FAF0B + stream[256..319] = 388163F9F26536BE1221A46834CC77FE + 03D021C570A9DA36CD528E887ECEB2A4 + 7146A8A930D6AC04694A0B9AE50FF55A + 41AD3B3D3E53F982563B5B458C078C0E + stream[448..511] = 3B0FF94C0C9FA0EB8B8CC1C691D04180 + 5AB6436BAFCE8C16A1351883C88E945F + 8F912FF79CFCEFF7374936E830C9440D + C676A5F00BB50EDB34F810AFFD9CA8B3 + xor-digest = 879534CEDD8CDBDDDE2E2216D55529AC + 1189B1C34A76ECEC179B8A240E890F8C + 640738DC37C14E4B950B9D8C507685B1 + 28CF4782EC424A3712F54F6265A41E7B + +Set 1, vector# 63: + key = 00000000000000010000000000000000 + 00000000000000000000000000000000 + IV = 00000000000000000000000000000000 + stream[0..63] = 12F0A17DEA167676992DFF2E7D812878 + 629579519578EAFD885F212C7E04F035 + AF03732C3DA8CFB7B73054662F0593E7 + E40133706F04B1329BC3155DACD296AC + stream[192..255] = 41BB89D0BE44055E23813783C3EC4487 + 2D102D6EE94475AAFFC7FEB8DE6849A2 + 6B50DE77EB9B0B96EC9EA0216D13D64B + 1264A83D6B571A92948A5E35446B0503 + stream[256..319] = 15E9C9168AF4AEF7F2EF1E832F40110B + A8C08DE71D4F0AAA3A5C2FC59BF41005 + ECA654EB7F316B757FEAD5B0F4BF41F2 + C6D035A88B5477632F34D7F904B2939A + stream[448..511] = 8A2D446044F7930B696DBA896BA6CE69 + 8F8B01E4282BCCDC4740BB6AB6ECF7B8 + 9CA1CFCB5745B6577D0F440AAB7985BE + BEC5DBEBD8B028B15DEA138F09018297 + xor-digest = 89CFE7E84993C6B608EAAECBAECD7847 + 472703F3CD97F9315BA9CA13204B616C + AAC0F37EBD1C58186620710FD6AE5EFC + B7CBADA19AF8C0F7E1FB24913C2300FB + +Set 1, vector# 72: + key = 00000000000000000080000000000000 + 00000000000000000000000000000000 + IV = 00000000000000000000000000000000 + stream[0..63] = 7BC411ECF4AC2EF2C9B8C5B7CCFD791A + E8250119E08C1B7F7A82F576FF66FC9A + 9D9BDB7570EAF276A60A3BC7E7BCBB86 + 7A791A48F9E742D7D7480FBA67DCDA6E + stream[192..255] = F85A8E3219AE1E5F20A4FFC6814458C9 + 5A4ECFE7FE739E151A45247A136E3BB6 + 9C11987BB5D13B1B9A3077C8F4ADC9AA + A555FC9725339E02390B9C9F75E1F38C + stream[256..319] = 8A2E88E0A773EA00C11138710BF12ED2 + 7797AE7863B1EC84801D11B5B3914786 + F1D547382DAA9D5215CD4CBC783C700A + 9B09FCCFED28899D2F2EC148CEFA39B2 + stream[448..511] = 95E3BA3237F370A4E0850F2CA0FCEC89 + E9D832CA6DC6A062BE7ADA8D8AEFD55D + 2BC7A3F46BF81DEA5DD9155E8D8FE918 + B5DFB1926460AB69663856EEBCD4C338 + xor-digest = ECE252DA29D20602D138E13C004D8B66 + 8B09FD764B7D84FB83B8F4D924504D60 + 277BAFC521A8AB0464E4EFC6BBB9E4B9 + A206C38154AE3A57B84D2D39CF45616E + +Set 1, vector# 81: + key = 00000000000000000000400000000000 + 00000000000000000000000000000000 + IV = 00000000000000000000000000000000 + stream[0..63] = 139C2843F0BCBDD32C685F4EE2C7AF4D + E6BC79789B77B1CA6CD94A01645EA243 + 5B491F27C27D4EEB96FEA0ACE65C0D8B + BAA642B5A07245BCD0930588FFC92A50 + stream[192..255] = 5C76EB0D5323A7AAAA228F7718BB6736 + 5B344559C24BEDEB2CA66414B5E81795 + 428D55868611AF9AC7EA0E7424984037 + 3251BF5206C361AA3631DEDA52DDD519 + stream[256..319] = EAB18EFED266D4788015DBDD20A75058 + FA4DE35C1DC774ABABC476BCB0AA2CB1 + 214E5463F4E20E7B999ED475D77DBA9D + 70FFCA0C7971CAEC3B285EE8F9F37C02 + stream[448..511] = 081083D9AC30C9DB4E53597D64249D7B + CCD847495A928CF4CE876237D92ED5E9 + E3D723EFC663CA0DDF34DABB941F42C1 + B48EFD59DDCAE71A1B82358A3328644A + xor-digest = C08714035439EFBE455BAE68EEDDA0D2 + A6968F18827B214A097221C3A77F80AA + E1DD9F3C72FA66C16EE278A76C19107B + 37CC32346DBDD29FB30059A8FC732DED + +Set 1, vector# 90: + key = 00000000000000000000002000000000 + 00000000000000000000000000000000 + IV = 00000000000000000000000000000000 + stream[0..63] = AD897A3C509B66728342A817D745460F + 6A258386FECF71DB95ADC716B8BC0462 + 22C4EE887334718534E719F36454E440 + F9EC44A2DC38345CEEA9425BF5F10123 + stream[192..255] = B32235522391A0BE105A993923760C6F + BBDA849213C628776BCC5364F28EE5BA + D498F186C3C57A8DBE5355C2A38DDB82 + 54B321636EAD186788DF1BFC5B6F85F6 + stream[256..319] = 499CC51B20538B14A05E490B6D5D10D9 + 11079F58E3603A84AE6689293E3AEC56 + 7545823F0B085469CAFFF01D2AFC5076 + C155F8B4B7DB4C49A9A993964928D11E + stream[448..511] = 65983D36E97AEF89C3A75616F7C098B7 + 5CFD9C531AFF8184010E2CFD45163312 + FFBCF5AC70139CF12D97325CCEFD0B01 + FBE571FFBD7DC21B54D4B277A2205E56 + xor-digest = 90CD243B35747378B85B99474EE0BB3F + CE7574CC19BEC5220255523276CDECE4 + 5A16EF44C414ADF1D1CBE264872419CC + EAF664CC74D36072E9B975FF40074006 + +Set 1, vector# 99: + key = 00000000000000000000000010000000 + 00000000000000000000000000000000 + IV = 00000000000000000000000000000000 + stream[0..63] = 26F731F36F626943D4CBBD605CB67FBF + E9301F24AA4E93EDB2D0DBB3FB17E8C8 + 623054B3003BB12E1C8607FB53315AF0 + A139CDC381753A14342AB90AFDF43E67 + stream[192..255] = C3B755D009DE9965D36B4111308B25EF + 39A137E373BA0E90E5AE2748115F29FC + 562A6F6894BFEA59587F991DD105DE1F + 67F62A73A72A4802ACE727335467F503 + stream[256..319] = BA815578D19B3B384BA7AA7B972B1FC1 + 7244FA75A4CFDC8C30ABBFDF6861F356 + 6A9B68A6F60A61E6DC8E046FE75373E4 + B45EAC193127CBA3AC4F22345BFDCCFE + stream[448..511] = 99C68AC554291FCDC03F300D69CE68D8 + C4D4DFF5FB2D4C3079992D40FFCC9683 + DE471E6F2A406DCE03AF8EA17B7AE905 + 12F1368B8EFDA838274812C4F134E2E6 + xor-digest = 01AB73AE53306196763ACB9ACFF9A624 + B83A7B339DB517AEB408292627EEBC43 + FCA6397320F50E96ECC3595B13BFED85 + 1309458EFE35FA1167C2CCCC6A4CA83D + +Set 1, vector#108: + key = 00000000000000000000000000080000 + 00000000000000000000000000000000 + IV = 00000000000000000000000000000000 + stream[0..63] = 031A1BAA02280255F0413D76F945138B + C0835BFE7CA64B16AD090454F098B8CF + 34B1EE138E03C3CCD9FF918A58D06AD9 + 2D7F3FB57D2E161A863A0C25391CCABF + stream[192..255] = 6810368C2B2A091C6FB3EBB76E960AC3 + BFD678F028EB6FC0F5B36C2D386A21A8 + FE46A5AE09DB0BD75359A8482EB6F5DF + ADE199B796520807D60D9D93995EAFE7 + stream[256..319] = 0F2CDD428FF6DF2A4621A8423E09939B + 014BEBC0ADBB8CE71B5E587DA408ED43 + 04A12BD535257322122EEA2840A9447E + CB1B6D3550ED14EE31424F5404B2B5B0 + stream[448..511] = C63FCB06883F3AC65612EDF28C875477 + 1D383D42A553EAFA37ECCE26061EC5AD + C6FE3BF23E06CFDB14EC1DD996A7D4E3 + FCF7A0B9ACC69F37ADF428B434994595 + xor-digest = 463386D0F7A1306E87F3221C4ECC0597 + 9474F620AF3563686ED5DEE291155225 + 56B9372496638BA1631982D6B3F58CAE + 27810BB7AA93351B838D54EE761A8C94 + +Set 1, vector#117: + key = 00000000000000000000000000000400 + 00000000000000000000000000000000 + IV = 00000000000000000000000000000000 + stream[0..63] = AA4E7E8171A8E0AEDA6049999E0A06C2 + FFA43B9ADC5E9DCE4ECD8FC1D27BE792 + 6FBE2ABB69A6B69D8C213A793C77096F + D4DF7BBDBCDF007C914B7C817837D99C + stream[192..255] = FC90E3C82B8E7228C1ADC2F555068372 + 4307902A0750149CE0B2EFD2CCFE9875 + DABE60E1B85CA117D05E4BD4F45B42E4 + 55A9F42C60910C9BFF8DF8FAB53C81E1 + stream[256..319] = 9BD976B88E9E5E23D0D40779644BB3F4 + CE5C6B16FA6D955C32369DFD19D632BC + 7730683D562320E39F75D8D8BD074968 + 9ECAF0DCDCD99FF4C3939092E9576144 + stream[448..511] = 51BE9CC1362669C0F79D2D88A42DBED6 + C3315002380AEB647C8F9C4036590527 + 1D8915B985B8BE9CC1C5C7652139E609 + 651EAC8A14DF661D9869982AE5735E9F + xor-digest = 0B0C84D430687F488F8E45DECECD6D7F + 1947E32AC49BDD2139F5413E08A88F31 + F9AF6599498431F155AA10B7EC09F095 + 8A5AFDAD486D2E6D50AF77FE98E33738 + +Set 1, vector#126: + key = 00000000000000000000000000000002 + 00000000000000000000000000000000 + IV = 00000000000000000000000000000000 + stream[0..63] = 52F49050156E957C605656B2DF88EE1A + 5E3ADA99F9793B65456C4C6C322B8B5A + 28DCC91EE0E711BC33E0C13354542227 + 613665CFA3A825B943444401EFB06ACB + stream[192..255] = D0907F5D5939D7B544476E299605972F + FE422C64BC6343F9C81093AD0E3ACC72 + F4B67314892E36764736C0715E4D3438 + 36BDB105214F5F8925F321F5FD865EE2 + stream[256..319] = 96EEDA75474D65615795185B1BEE8D44 + A687420304B260E4C70FE7F542967325 + 1826EAE010981F6262EE6CB639996467 + 5F6B23825748128617721752283C16DB + stream[448..511] = D926085A441E507207850AFF3008D59D + F7C9D3B69687D18CCFF2C2E09D4E4EA7 + FF0B72C04A86B80923DAE187FFB99170 + DBD4902AF77EEC42866A83B519F092FF + xor-digest = 1E068ACCA6062CF26ECEC79F149BE139 + 24AF8BF44377EAD1550B1560E4A1006A + A6986C61581FF9E47D58F2E52434911D + 5AFCF914DBBAE183D02DDA3210768984 + +Set 1, vector#135: + key = 00000000000000000000000000000000 + 01000000000000000000000000000000 + IV = 00000000000000000000000000000000 + stream[0..63] = EF5BBD7A620E8052F05DC269309AA7CF + 8AFD4AB2B941D905AEEFC721562E00D7 + 04CA70113C8A90FA12A0C9B9CD1B9F9E + 6176602CC08B66410A8BB0F5E9837C27 + stream[192..255] = AB843B43856FC77C1EC09C0DD2248617 + 820344BD2CA0B025C39B0EBD5A750A6C + 7BDCE863C068E0D3A937A5B2C5B6ADFC + 609F6DF7778D88238B89288B2768DE99 + stream[256..319] = 5E6AFBE41F47F35CA9298C973E613174 + 529D9BEFA6D0713A5BFFD96B70D39044 + 413E24FE57B01C426E8988EC365FEFEC + 1422CDFB956B12C6A799F5FDD4EE43D5 + stream[448..511] = AA960C189C0A20870901D4E2F1901D0F + A28AF3D974E14FB70736C191D4C9CA26 + 48EEBA776339F80D57A8B783419E61B7 + 52541CB296B4CD31C55DE3D34CEF0D31 + xor-digest = F163BB7ABD3914204ABAF08B844ECF05 + A36B7B37B8345115EFAA2AB2E7763E6A + E044A83597C023FB41EFAEFBB63E4195 + B60AEA6399DEBC94C75BE883B3623733 + +Set 1, vector#144: + key = 00000000000000000000000000000000 + 00008000000000000000000000000000 + IV = 00000000000000000000000000000000 + stream[0..63] = 9198011FAAD874AD77CD0C98DD99C7BA + 01B75CF9DE1E26321EC6AD293C73C675 + 69A349157FD47672C5326276BA40F4C5 + 0CF8D98134D0BC13879E9EC267110FDE + stream[192..255] = A9B3BEEA161ED996C44F6D3B93431C6F + 54DCD5DB88E62CA10D1067B9CB5D21DC + D7E04C48D88DF54E1370D1C24C871BD3 + BDF9B956315996F95867D1E2494370CD + stream[256..319] = D09ECB5DF5B0526372B57CDF5DCA6AE0 + F005D2E2F27D50398E3D1D7FF2100BAA + D6F2C03E431345A4F41CEF3E8D3F14CD + C76A423720A936D27322559289F13D92 + stream[448..511] = 5E8FE7964B052B6D27216E37C49CC913 + 450FAE159C087E34CF67E8B0B8F516D6 + 3C0B544CA29F9BCB2B48D3894D69DE3E + 1460783E82EB67990FFB7F92DA48E449 + xor-digest = 5515E37A3F274746847F551ECB7DB4BC + 2BC32237050BEE9AF2AD1BD8577034D3 + 4A23AB8A2FFD00C7B8CB7D5CA0AB2421 + E7CECB2801A1B73A44FF3E798ACA8443 + +Set 1, vector#153: + key = 00000000000000000000000000000000 + 00000040000000000000000000000000 + IV = 00000000000000000000000000000000 + stream[0..63] = 02858548ED24761DC0AEC6752076D095 + 7E78EF1FCFFD8E756C747586A3B59C22 + F42A9FCA9F103C3054E0B4F6EEC82101 + 971F2A6F9611F7541152FA3BD7774474 + stream[192..255] = C32ADE80873D1190E9807C25D73EC5B7 + C208AC693D98A664FF4D11205650F7FA + A36B153BC1A3F0EE0F4319F2100F7F27 + 31856BFAE36110C12EF0361259641D74 + stream[256..319] = B8F74AD5930D1F2CEA6B9F7E4E775DF0 + AA97744677E5C96B9E55AD77BFAC5E8E + E9BA7A19607D9EC52DEEBECD185DAE13 + E304743019D831849F111602EE6EC34B + stream[448..511] = 513303A57165287E793DB91F49C9A8ED + 522389F03634930512744884BCA45F4C + ACB60FD077BF2C050D4002162FB811EC + 4AA855793CFF2E30665188471FFE0847 + xor-digest = 7EABCDBDA34E51E3A61D2F3340884BBB + 600E1D30216B7117081B3E5D04FD4523 + 706D4F34C5FD604134DC89F570D6119D + DBB7C5FB7CA90E38AC157832C3C956BD + +Set 1, vector#162: + key = 00000000000000000000000000000000 + 00000000200000000000000000000000 + IV = 00000000000000000000000000000000 + stream[0..63] = 689E48A85A40BD161BEC710F9B2457FD + 276F1156EBC10BB851A8517AFDBD692D + E4827BAAFF218AF886439ED976147EBB + BB1074BD599A80F6324C87BAC987B8C5 + stream[192..255] = D9BA3E74CBAA58CA97DA3D3B1051BDF3 + 29F6CD837B72022D2EAB5D20B02F53DC + 4755C764C50756A7101998C187E4F0F8 + F17A0C6797976C4FF1BA17B3D03C2218 + stream[256..319] = F6F9B6F0F6E1D756C0242B48BC55EDE3 + 3038BABF72FCDD5122C61804996F5ED0 + 86A78B33C517CCED9C34580AA54AC03E + BD0F9698A234787DFE97FCD3D9B7CEBE + stream[448..511] = C31091C4C5AD605BA90963B1D469E501 + 412FEECDE3EA8EE834F188793A98F830 + 81F8C941F11676E007074B40EB15DDB5 + 67D93E954422376F2E3039F4E4115D70 + xor-digest = DF047B3EE7F2AAACE9D5A2B0F6A1EA0B + 97E815E9B9BDD3B7862ECB414E9C08E9 + BA0109B1D6866C9D7D6D3DC9FAE5F51A + 48DE7B9077DA489B7982BA69228483A2 + +Set 1, vector#171: + key = 00000000000000000000000000000000 + 00000000001000000000000000000000 + IV = 00000000000000000000000000000000 + stream[0..63] = 1F8F707DDF0121AE4DF26A6ABDC195A7 + CB9CC8479588D2D436C52483DA54744A + 2880E3DC622180D36B64CC053CC245D8 + 0700EC62ABCA6944BF89C7DE1A532A3C + stream[192..255] = CB2D934DD1414C60550CEA6FFA776312 + 3C9336F99F16F8B5B8E60D5D0CE54A35 + E752A4887A03EEC95050E50B58F5C8C2 + FD814DE76D3F66B907C77C9B646EFD13 + stream[256..319] = 10306DD8B3EA307496D7BEB7A679D53C + 3650ADC53991D0565856F51DA82CEB45 + AFB460D6F90877557E17F534C3375FD9 + F96D13AB77FA3996998F5DC6F5D3C9A3 + stream[448..511] = 42F4D1F669741750B24A44F82990E6AD + 065E7B07B2194C96E7578F7A754E52A5 + 86C820FFDDBA671A7B08D65B51D8736F + D0DA8E81CC69BB8A56565C43845C0AF4 + xor-digest = C0535BC269BB39AC2ADCC50C62F87B6F + 2C9351DAD49813529A27BAEC163A1D8B + 778670F0FF1610A4688F86851050C9B7 + 275B087A0B5CE01B602F8D1D25C29392 + +Set 1, vector#180: + key = 00000000000000000000000000000000 + 00000000000008000000000000000000 + IV = 00000000000000000000000000000000 + stream[0..63] = 899C1C50A80E374AE884F10BBD17D036 + 1632D89938FDB7E4BCFBE1050D5E948C + CF4631EDFEFD2F140FC3FBFCC096CD68 + 1F6C1B0CE9E395FDEC56295AE331D8D0 + stream[192..255] = 2F60CFD4D07E58DBC5127A98D2B1DDD6 + 1F216F61F70AF12427108906AFEDA4AB + B439A99765EB84E43D06EB7B3D984A3B + 53D8C054745A6E3B61F8444C84C7F30D + stream[256..319] = 1A92F3B4F6C4684201FA4AF201259AC2 + 53637B41B734062C298E6F932DBDAC5E + 999FEC21B63539B5FAFC312D0CCE6137 + 04AB3CE65E241A1C34D12ECCC840973C + stream[448..511] = 83A75C2E2C6D40FAEA049322DC1B2251 + 306A8906A37DD30182C328D50E7B7AAF + 89671DD776C9C730EEE0DACEAC7D7038 + 4A93426090F31EB851976B8B2ECA1FBA + xor-digest = 6D85E7DA2069F1308D20A56DB17F3629 + 09E80EA6A045DBE61FB037C3C8B9D448 + 526A37A431A8BE49CE4F10B8CF6A33B8 + 82E6ACD6309BA1B716810715666C6CDA + +Set 1, vector#189: + key = 00000000000000000000000000000000 + 00000000000000040000000000000000 + IV = 00000000000000000000000000000000 + stream[0..63] = F9E151BE5EA0F532E56958F173B8F104 + DC9E73D8FA289CC2F84C4BB10E8EA769 + 57FBC8F539365B9E9518F8787D6CF927 + 55F0C2B2845318337F36B80E22C59FD6 + stream[192..255] = 27FAFEBD2EBCD2B67AB18BCFB7F8DC96 + F54C8A765B0E4B3DDC3013B599DEF791 + 287FF3C0F48F339DA04B667E54696485 + D48751A001B548727338AD6FB82EAE42 + stream[256..319] = 09DC2AFADEECB86278C64DDCA51EEF97 + C10B9852DB5F33A19C99C0D4F36D2959 + DE247E4DB356E67F2951E0309F18D6D7 + 27D2A1BADCC44DC320E2AA80E1834198 + stream[448..511] = 4103D8455B6DAE658915FACFF2F3F1F2 + 856E2343143671565936301E9D1F635F + EA732C9A096C3E955D33770E244ACEA4 + 094E390239489F4D4F0A1F3C26A1589D + xor-digest = 8DF4EC7886C386E5A0D7201A3E731E95 + 5D1E281321C2B592E31681CC95D173A7 + C92E6112197C6A605F494F6E9C4AE73A + 21B966CBAB1628794F0E44202742EACE + +Set 1, vector#198: + key = 00000000000000000000000000000000 + 00000000000000000200000000000000 + IV = 00000000000000000000000000000000 + stream[0..63] = 8B9B0CC804CB353F49564926E3FD846F + A4758692FB110A428FAA3132F4C606CC + A41CA937FDE463D9FEC51F419D60AE60 + 1E8EDB30AB09E0B08D0143D885161B16 + stream[192..255] = DC6DFDC4E36FC1D4BD87F731F761BCC3 + 9837A790DBB766040B4508778C5CFC82 + 8EF9EC4D76BE3AE0967DBC844A2D252C + B942E97A2C6A185ECF4E1200BF9BC826 + stream[256..319] = A9DE78C2204B712A9803594B872F29E9 + 5E8962D7D719702FB3279F053D311292 + 26A14FB06058AEEB6D283EE0A272C6F2 + D392B102E294A7CDF24928D5281D024E + stream[448..511] = EB822D7BDDA456BB6E109ECD330D4FB5 + 1259D7042935BD5DFC787E903758C27C + E9E9B191957E721A7013D36E5A29C09A + 3433205956A55460D1498124B2800423 + xor-digest = 10128D9A5EEA1D93E65462702DB15A8A + 23D0FDFCC5B0871639D704DEB9F580C1 + C88213CA166F3BBB89D0926CAE7E64C1 + 0A24041A42B9D50CB0537A0585EE574D + +Set 1, vector#207: + key = 00000000000000000000000000000000 + 00000000000000000001000000000000 + IV = 00000000000000000000000000000000 + stream[0..63] = DD4CCBD0B5068DF0193F50C11D2576E1 + A70040D6C2CDB98061498891D1791E63 + C4B5103A52146CE27D8F721E147EA612 + 7E5BAE1FCD3DCD9053D5FF5EBA328BBF + stream[192..255] = 541F008D78EC1ADC5D1B930CC99D4A3D + 61BD60AAB9DDC8AF8594FCA129410232 + 92BC44EE064E44E88A07ACD1B742666A + D147F14102D23578E3B7DC00905586D1 + stream[256..319] = 6834D2FB6BF3B46C0552AD83275CE6EB + 9482C2DFE40C6B1FD6F743CAC8F40A91 + 5BA9A90FBE7CC0153D53C444D3F7A23D + CDC3134E237F63E5A07C99C10B8EE87A + stream[448..511] = 9F75BC84091695FDAA2579AF9D34B2A7 + 2B82D39A1E7FCFC4D18D6898A9CD3296 + 0D50AF1B720E1347A0848782BE6AECC4 + 684CCA05B893951A65EB7CB37F5FE240 + xor-digest = 12F358C7C4C697199F9AF17040115522 + 062514A5DC3584BC515AAA4474A1D85B + 47A6A2D8C39E8234A5D11860BC1036E3 + 957920C03E9A47E61AAFB058A9850559 + +Set 1, vector#216: + key = 00000000000000000000000000000000 + 00000000000000000000008000000000 + IV = 00000000000000000000000000000000 + stream[0..63] = C5958694DB1D54B95101A9F48660CB26 + 8EDADED85C6239098248E0867117607C + D5278E5B5D9CDA7BE8A6BBDCE61215B6 + 2A93FFF627B28B271CF2275E54EA1CD0 + stream[192..255] = D9B69B25B5729759F3180FF17421092B + 0740B2E1307FA9141915CB8C30C0C322 + A1E4710674EE715DF3AC89F447442A7F + 845E154393273BA47F2322BC661D1755 + stream[256..319] = 49412E5F3C9B5B52FF790CBE82D6F037 + 217A13B7744740A887F7C1FBE3714DEA + 2A4EA4A5F444B2EC3C0B160A251CB44F + 8DCA914FBB80F72BC8D009F1C7E001EA + stream[448..511] = E1C2BE8C64D6BFE081EDD30681763928 + 85939DD7EBC13E16D83C8E7FF65EDBC5 + 90FA3904068784806E20F0A61CC73839 + E3BACD410F59D3848F5A628EE030FC4E + xor-digest = 54092B3D64197BD598F9050B44D2E785 + 029F29F46822B72ECA40182E8ABDABA8 + 751054FC50250DF5AF5AC75F4C51D1D5 + D2BE298770C353A7C5D608D1149F1452 + +Set 1, vector#225: + key = 00000000000000000000000000000000 + 00000000000000000000000040000000 + IV = 00000000000000000000000000000000 + stream[0..63] = 633A6CAC516B7A84CFF8F5702CD9BC81 + BCE328741675EBA0FD1368190AB6BEEA + 7C8B0256CEDF9E5CC6F9249511AB87AD + ED95BF8E11182B8BEB75FFA279C3F706 + stream[192..255] = C3F700538A4EEA17773E74D10CE4493E + FB0417B380ED4229F651D6A9BE0AC617 + AF66C576B7D06F2210EF226462004D90 + E753D805AB198B73B0CCD752C7E57A2A + stream[256..319] = 30A11289A9E0C854B980BE044F07E945 + 06D772861896D0F75D739647FFB939C8 + 13FE4BE5C8DF84F64827306D0DD82415 + E104F787F30CD097EED7DB9340A0F47E + stream[448..511] = C2134984733448DD577DC48B5EE5D761 + 0A54AB6C32E3BB782849D8E7E8B522B8 + 0D6444342ADD9709D7434F9B4C18C6E0 + 15AE97DF8F3D29FA6D85DA387157E223 + xor-digest = 8613454AD0B424AB6EFCEA96C0802B6F + 47F1E98C52BC68DA25E653431CE31078 + 1658BC45DCC2EB43C4ACF8395727133D + 12A127D4CBAABAF24BA44930A58A87B6 + +Set 1, vector#234: + key = 00000000000000000000000000000000 + 00000000000000000000000000200000 + IV = 00000000000000000000000000000000 + stream[0..63] = 6A0F095C0E23FD6F8DCAEDAE5314141A + 0F1CE1C1BD6A16E81FEFF72F0753A5AF + C1C54DFC0DD6ED99F1D416BE3C5EF341 + 454C18D49729E80EE99F37734817658C + stream[192..255] = 05A4DF5BE8A35DC623D107728F28C789 + 3DE0E75268B3E1F94C07AE50CA0891D6 + 2B1E764CB41062391B33929273CE6B6D + 1C9CEFB35C37AB2FA8EC18749B5292B0 + stream[256..319] = 41C8AF9ADA46F7BE8EA72BB3B8661B78 + 2BE5649F18F216B75A0071A6617200B8 + 463B08F986D706AD140E27C8F4E040BD + 6BFB4872D758363281C62AE8C4B64E33 + stream[448..511] = 58CDA35476767EF58748A504B0E4A38B + 64162AD422A0DEC0434D879898558C77 + 1A8243DC43B15FF996B4C8CAD3C47C6F + 26F00C71ADFB538D9A983B7B624D6E62 + xor-digest = 240A699AF4DDBB56A4C502A9175C0E3A + BBD654D0717A1F6F6847381B978AE8C8 + 0EB7CA07A481DFF8606A31BD6B489AE7 + 89763068D641BAEADCBDA9ECAC465ABC + +Set 1, vector#243: + key = 00000000000000000000000000000000 + 00000000000000000000000000001000 + IV = 00000000000000000000000000000000 + stream[0..63] = B3C91DA5911D7D7A4BC16A66988AFD3C + 8462A9E9BD0D95C9B9884DD14801E464 + C27048FEB5F70B28013099F0A31255A4 + 9EACE528A13CB5DD067E520D183133BC + stream[192..255] = 756EDB0542FE1F11B159C7081D9CD742 + 2F0E5862D39E2CF1517B2F6F39AE5245 + D659A5B93EB8FA8C8FB751B378BB0DEB + 481B874663624C8DC15E6A1A64376340 + stream[256..319] = 436613C9293D5DCB204B46899CF23E65 + 698BCC3003FE064FD1263EEBC59DDBAC + 536566855510FA802128F0A968A2E359 + FB68EAFD6AA89D394B32BF6069E92EFC + stream[448..511] = 033FF40203ACAEDFBF561A674EE74D97 + A535A448AFF94C8C167200E5CA626388 + DB1BD6EBD4A1D83CF352E97CD8F02671 + 18E57B71D33930EC2752D2F262A55F9D + xor-digest = 2CEEE4705688B20B3AF71F285DB9361B + 0EC945296B97F3A050C31C54E9A07CA6 + 498B92917617571928E2663CBBAE21AD + 8DD880A037A024E46B6581974838AE1A + +Set 1, vector#252: + key = 00000000000000000000000000000000 + 00000000000000000000000000000008 + IV = 00000000000000000000000000000000 + stream[0..63] = A6AFA8AA02C3AE7F29E61202B4A5C25B + 6F74BCC176702C9C1D610FF722527A6E + 721ED90B871AEEC71EB62B24A8F24357 + 07765F7724BA03173F51C9B66C9F4BDE + stream[192..255] = 002B8929A54C1370067A36DB9057807D + DB747C2A4CE19BC085DDC517AADE3B97 + BB1B35F2BAA6A18E8154CD80DA6F9F4B + 0DBFD3EA5F69D5ED3B5770C6221A8D66 + stream[256..319] = AADBBFDFC6FCC6072747BB528EBEEF34 + 6DA76885CF1616ECFB89D3A134769902 + 904AA12744DD404F268B0B4B34700928 + E3C4B3665B9CFBAD9C528EA06F89CCDA + stream[448..511] = DD5453BD0D99E7D2CFC558EA969A4E35 + 743AFA96D570026106C5CF40037B1325 + 40C909C1278DAC8369B1AC257FD8D868 + 3648B4F22F7C66282BAC49D8D23626EB + xor-digest = B3F2AD900155FD5D39768B4F4B7F8E5A + 1C557936F2B5F06966DCB884AFF7F01C + 7AFC073C20EAF85363DFF41357E626B3 + B19607224467413D185A05E7BFBC5F0D + +Test vectors -- set 2 +===================== + +Set 2, vector# 0: + key = 00000000000000000000000000000000 + 00000000000000000000000000000000 + IV = 00000000000000000000000000000000 + stream[0..63] = 5B078985D8F6F30D42C5C02FA6B67951 + 53F06534801F89F24E74248B720B4818 + CD9227ECEBCF4DBF8DBF6977E4AE14FA + E8504C7BC8A9F3EA6C0106F5327E6981 + stream[192..255] = 30DA9453A90909A5675D6B691CB0990F + C423CDD8222EB47245BBB67BCA2B9C10 + 8D1F016DF0CF8CEAF6829910916DBC1E + 113D11E91BEC3D85C47E3042EC865658 + stream[256..319] = CAFED71B892EDBE13388CEF6A3365797 + E0D88C0D3A5B91BE4CBAF5162F69558F + DBB45CA6F8C8D4C371D62736EC244584 + 60131F54854F3EC804AA9A38E6ADE281 + stream[448..511] = 531A0ED5D2A51DDC6499FE1BB6E2295F + 2C3EA0F56AF46ED93DFAA4E16F5F0831 + 2D77BD0E9122043CD6A202CBA9351F6A + 0E8E6263F4017355136A0C551E6FD0F8 + xor-digest = 023D719F61C193E4CCD87755C87F9604 + C5A29DD7E31637B3DD70D43441D48CC7 + D474013C85EEAB1897C80ED0A0272543 + F951C72E3954616CB5D6B51FC24F4B0F + +Set 2, vector# 9: + key = 09090909090909090909090909090909 + 09090909090909090909090909090909 + IV = 00000000000000000000000000000000 + stream[0..63] = F5C2926651AEED9AF1A9C2F04C03D081 + 2145B56AEA46EB283A25A4C9E3D8BEB4 + 821B418F06F2B9DCDF1A85AB8C02CD14 + 62E1BBCAEC9AB0E99AA6AFF918BA627C + stream[192..255] = 3B3C6E78A8F381EE2C159FAE1C487C58 + 11FA9BB02CECF7440239FBB0497347EF + D8F1A8AA71AFC70ECCD64E81388E6E87 + 9521C2B47AD84F9CFD9E240D8D2F3001 + stream[256..319] = DB04FD01BC18D91E2D31237AD0FE26AD + 3C8D6A2EFDAA9CC11BFCC61D94F6104A + 4091B3634FA57AB0AB9B209F22DA5529 + 75C3C322DEBE4AE68623BFE1B2BB7F0A + stream[448..511] = 35B290F85EBA78A978750690C4747E8F + 72621951483772E8B89876CC5D55F3AB + 02D9B8FB35C741279FF9B5B571B26329 + 4D011F813CB5B209CA1A22D532BF09B7 + xor-digest = EA9BB65E87C987EA64BC3F4E710CCC34 + F6CD0A795B8347E1441CEBEE35540D41 + 64FC2B95D71FD47A2C4ADF732261EE52 + 8125BE374FA4A90132CC1063971A2862 + +Set 2, vector# 18: + key = 12121212121212121212121212121212 + 12121212121212121212121212121212 + IV = 00000000000000000000000000000000 + stream[0..63] = 397F8EC015ED573967938D1CEAFE9BBD + BD8853C329B3A881B489090853FE0F43 + 89DA105F0ADFA9CF51DA2521C40FD2B8 + FB0BF80B93E3F2B3D8A8EB1C615E0FA6 + stream[192..255] = 68E7DBF465E3C6994D58B9937A866E4D + 43A82A80DAEDBF29C048639BA38B690B + 7ED11323E3C0A8E77A16356705431EC9 + 9F2CB7F7E1ED3B83EAF2CAEC00B00755 + stream[256..319] = DA51CF3A07EBE7E86E9DDDE5A47E7417 + 376F334E6AEF9C187012C8AD2B94BE7C + 00A876756EB232510FD0798E72EEC87F + 75EC1467C07B3A1EFB0D51A5FA65E382 + stream[448..511] = 0BF3C6FF6794887F2776FD632B83682B + AAFD131432CFD7D2F675E03320395313 + AD4ED96E9052FE6B2D2A17428660A25E + EE642B712800BE3F7E44F21A1E6A03AC + xor-digest = EF4E84DBD66497B142EEAC56B830FF78 + 0465CEE20B9CFAF5727D4B3A588F4D00 + AAF718330CFF35508C44C1ADB8476625 + 2CC3AA6AAAE74F8BF1DDB6D4AADA425E + +Set 2, vector# 27: + key = 1B1B1B1B1B1B1B1B1B1B1B1B1B1B1B1B + 1B1B1B1B1B1B1B1B1B1B1B1B1B1B1B1B + IV = 00000000000000000000000000000000 + stream[0..63] = 72BC8A6E1E61E704B142AA00812EE676 + 263C1CB9AB941119B19D15EBA3462F56 + 2F69220595DE5E0E7C595FA40F1F06B2 + 6EC32252AF05310809DDDFAE2E24B170 + stream[192..255] = B29A740B51B4EA1080666337D5551484 + FFED6860A5125DC0573C8F90F23A98E0 + BA7B3E4C28C2CEFB1C33D2C36D1B7625 + 64B9A67240CF174347A4C8D868F00F6F + stream[256..319] = 555ABD5577A8909797FBA9769C03A0F6 + 537C06AFB23354F054E25457B729B534 + CD10B2ABD45BE3E38DAF1B7A9103268F + 4FDB4C0FC9A80A003FCB907E8F249AE0 + stream[448..511] = 3B29A43D9C795DAF1760CA9EB57C0B39 + F62D54311207B617B727FCCE1B2E762A + 060810C4DEF672E7D76083E3E4BED0D1 + 0BAFD27CDFD2C937E660190D36B3FD7B + xor-digest = 0B3B0B3C69F2E4BDA22E25AEF352234C + 18CC5E1E3F6A317ED7257887446EF734 + 65CA15F51AF5E077B7915062391D8497 + 8F437985DD08F5FA3A8D74B3227A6EEF + +Set 2, vector# 36: + key = 24242424242424242424242424242424 + 24242424242424242424242424242424 + IV = 00000000000000000000000000000000 + stream[0..63] = C845BA29D542FBED2D021C85188E119F + D34967B79D9F44635DD45D2E41DC5AFB + B237AD2FA0E4CF4202D83DF3073C578D + 2AA8A32D30FB45DE28F23CEB85E50FBF + stream[192..255] = 15C910FDD3C590AED1ED7DA2A7969297 + FD12081B4B23F0A32CE5B3196173C7CA + 7EDD03F9637E08CA501C4850C15B207D + 7AA724377396CED2357B572BBF9E69AA + stream[256..319] = E484AF567EF80BAE77461855294E9280 + EF57E7366605785034D639D6DE3EBB0D + E21886D0E1E0679BC2E2C9C2D9201484 + 4A452B6AD3F1AC8B7762FF3C0E405B3B + stream[448..511] = 595D9855200786BB575FF7977509F395 + 7879CA1F19619A99174BF013CB62F85B + FF2C3C4FE724E26DD0C10D7635A2491A + 9E7E868D9DAD9201465AA178184D06AC + xor-digest = 08737B82505F46F4FF282EF42F387AA8 + 0450058F5314389BB73733BC163D75D5 + D32FC6408F8DE5F6ED2050027D605FAC + A7119FC2DC1B6D3E84E8048DCC42FBD2 + +Set 2, vector# 45: + key = 2D2D2D2D2D2D2D2D2D2D2D2D2D2D2D2D + 2D2D2D2D2D2D2D2D2D2D2D2D2D2D2D2D + IV = 00000000000000000000000000000000 + stream[0..63] = CA82A689535CA8BAE01BAFEBA6504B3E + 6E6320101999BCE5550C2BBC9BC65D91 + FAA2D72FA4BF46B6EE916244048B1D09 + A115E3AB6C00BAC8EE382B58859E8157 + stream[192..255] = DE787B1CE01B0BC09801D78D1FFA3A82 + 0C18B867C561E96DF4ADADC5A4375E44 + 5A34F9457E5F8C9A337A0C88DF0F723A + D4509F1449DF2C6AEC0EADF4C7A8139A + stream[256..319] = 7E1854FA15DF9D5827F1555F12B292C8 + 452A1A893EF034C51750388D294947EE + 3F505839C69C1708E8323C449C39A96B + FC9EC91B0E1CAA8112057EB0389FDFD2 + stream[448..511] = C85B42B838FB9C3D4956C9E22FBD8FBC + EDD92C4461EFBA5CF1664B9AF54857BE + C3D00319E5E8A89A8322831151EE1D52 + D8585AC79CB60B61ED2C852D04BB0FB1 + xor-digest = C65A6BEBC4FE898DB8D6B8F6E8F3680D + 2363BC12259B0FDB2BD8F052A572ECA8 + D1EF62AA9A48497805A413742B5AF5A2 + 6DC9FF624B49E5D6FE58BBE5251B4983 + +Set 2, vector# 54: + key = 36363636363636363636363636363636 + 36363636363636363636363636363636 + IV = 00000000000000000000000000000000 + stream[0..63] = 9F6BCFDE566A1B67C608F11B8461E340 + 42D4F07DA4D5EB05554CB7426D65C5EC + A93C2D321175B6F72FCBEBA6E38CB098 + B72534F7D534B1AADD97B77E8513B482 + stream[192..255] = B2466A173F436C8433F264CBF125B8E4 + C10BC81BD46B5C21FA161CB2AE07D27B + F66812A2C2FCB2B14C23E413CEF4E591 + AD52EF810A000B42E5C1B76EEBB17739 + stream[256..319] = ECBED2058DC50223614EB8635B834C3B + B176719C18CA5E3D087A93E5CDF81123 + C6FB819CCAFB5042AADFED5E3C33116A + FD92AA21031165A22F4751C423B8B945 + stream[448..511] = 758BD9435DE607867DA256064C304C8E + DDDF5B64173CF2C98B2842992F8C5FE1 + A37C3227B7F37D49A39F9FF929A883FD + 56DB8B1A174E1E55FCB21C9E1164C20B + xor-digest = 31761A49503946701D35306FBCBE10E2 + 02967E7EC14A328B4DB19FE79F03553F + 13A012B7297B2D02F18A216AD24A682B + 299518C3769123EE86A4937DAA9FC39B + +Set 2, vector# 63: + key = 3F3F3F3F3F3F3F3F3F3F3F3F3F3F3F3F + 3F3F3F3F3F3F3F3F3F3F3F3F3F3F3F3F + IV = 00000000000000000000000000000000 + stream[0..63] = 85C7FF83641ECF1C91B2D996D4EAFF6B + 26A4E7E34C0CA9CB9399F655E566383E + 246143F57776C8E08951E87F76091FE7 + 2356CC901F09A07895A890AECF047B3F + stream[192..255] = 4CE0C6606195F7562D485E32E8E105AF + C862100A07E55FB449BCFA2D9BD48658 + 958B37B3EA3565FA66824102A14B5770 + 5E3914E0680E116ED58212CBF61028E3 + stream[256..319] = 3BB772A5A8DE2AB14CAC1ACBF45B1701 + 057710F24C01E680F58090B8E949AF01 + 8970A43A698A04C0C8639FAA665DA3AA + 562B2C5C3A03BCC38FE75DC1821ED718 + stream[448..511] = C73DEA1F7BFE42DF75EA2681BEB31948 + 821FBB049DAD15B988A77C0247868A38 + 2056B66F47B0195FA30C9DB5A2334A9D + CD7C0D22E479FAE1BBCDFFE60F261C7F + xor-digest = 94D41CCAD940CED3C854DA0796DC62E5 + 6B566A980E34F353CFFD0F53AE9E34FF + A6A057645FE66D86BE30F93805D9E2B5 + D78C68EEBF61CE387277A51EB2EF835B + +Set 2, vector# 72: + key = 48484848484848484848484848484848 + 48484848484848484848484848484848 + IV = 00000000000000000000000000000000 + stream[0..63] = E45194379659D1D8904DB3698AF8B245 + 762910B7FBD019AD1AA20A6C433B4C80 + 308A9EA68697631646BF3A2107C4E7FE + 2235E8F3262A9DFD3F5CC23FEB0B2DAB + stream[192..255] = 012611EBCFF9F839DDABF99D9D4757DA + 4E947598C4757976F6F61DA5F0DAC8BC + DDF72F08BA2F446FA37F9A490F6A2B6D + 79227C93271D6B763DA7B2A907220A42 + stream[256..319] = DDE54F9170D6A4702CAF45CC6F799F74 + A43D83AB8ECBAC5206D108F869561D70 + F151A0037F8E28951B5026643F8B2D6D + 56A62E259F04A5EA304791A9468E66AF + stream[448..511] = F70794C084E6EDC07BA0347413B05FC9 + FC46994CA820CE4FC037ADBA50EAA9AD + 55064ACB7308CFCE3F35AD5C7C628362 + F4210FBC2D3264F734728626BABF5356 + xor-digest = 31815B36BA034BB1941DB1E45A941A59 + 7C3882F34BD3BF441CAE8A9790B05BCA + 72049FD10C09A14AC9DB867A82C38A5F + 524C72F783DFD16980DBCDEB486FAE96 + +Set 2, vector# 81: + key = 51515151515151515151515151515151 + 51515151515151515151515151515151 + IV = 00000000000000000000000000000000 + stream[0..63] = 3C04E21F6937C4EF472BFDDA89F9CAF6 + FF53889A9979ABA8F23AA51DB1EDB8E9 + D08F696C1100799A7D004DEF1CA94110 + FCF0C054B0C131E6FAE0FE2F2DBF22B3 + stream[192..255] = 9B4ED3EF9639B953186FC7E732E7A9EC + 55A5F3F19C5A10E12EBE46DD84F10385 + 33837693588D584FDAF86E3A217C3CFF + 020278736F1A90CE07F0DCE4329005B9 + stream[256..319] = 135FAD68B5282FE59B28D2DF66463632 + 06CA92E84A73FA131EDDCE89A5C23B4D + 08FA57D455BDB32F8ED58DAF3EF288A2 + 7C72020E35DAE19B446E4C52DCDAC5B1 + stream[448..511] = 7D08FE1CAA0E8A0362669B310B99127D + 18F2111002891D3229102D72605B9BEE + F5DA36059B0DBBA7646927650305431B + FDA4A97570CD0C484BF1E974B157ED7F + xor-digest = 5125E77698C0DAA89A7E47DC5D038D40 + 7B732CE56CEB674CE653A1B6661B2740 + 0C092AFF83BEEE4FC4543B9D725C9387 + 2F89AA338222ED677BF59397200AB304 + +Set 2, vector# 90: + key = 5A5A5A5A5A5A5A5A5A5A5A5A5A5A5A5A + 5A5A5A5A5A5A5A5A5A5A5A5A5A5A5A5A + IV = 00000000000000000000000000000000 + stream[0..63] = DA2E6F7FF0D1F1C87A97E028D3E20E21 + 75E9AD91482965B651B495AEE819CC6E + C42AFE2C20EEACCEC4E90710D17210E0 + 4CC6832905985322C8007F872D3E58E1 + stream[192..255] = 09B0A38E19DDDA08F7DFEF7D0FC80560 + D692A020F0A66F609374ABDCD1343722 + 05F19CA04EBDD3009844BC540C1B2B41 + 66D45E8A2E822B906DA34649E7FEEBB3 + stream[256..319] = 6C8E2CE1D7FABA414432E75BA2EFE4AF + CE2CFE99506677A956AEC86BD290B6AF + C5298A448D0DEFA99AA5CD26D318982F + E786D809C713D5A55B42CA6650191DDC + stream[448..511] = 845FEA0A88B521CCB8927C9457AD3225 + EF6E3C21705EC9FB24873916A2C24668 + 963C03FE097DA8224A42A99E5DFFDC17 + 68CF518DE49CCAC8A70216C62C9CBA6D + xor-digest = A46BFD9D2D0BCC688A032F54733AB7C5 + 5FF58B296071D5D39349A531E41F0BA9 + 893A1722B6102740BC5FE394A49363B9 + 6A626AB43FD6A288CD9B23F7255279F8 + +Set 2, vector# 99: + key = 63636363636363636363636363636363 + 63636363636363636363636363636363 + IV = 00000000000000000000000000000000 + stream[0..63] = CF0E05248AAD82F1C8CD2095ED2DA333 + BCB02E3AD8797377AE1F1B4D6DDB86E6 + 2A59791CB553550E0492FAB42C7A2C42 + 3157C5092D2DD37D46589F17FBD86584 + stream[192..255] = 9E946626F1EAAEDA42E52422B4A84D91 + 4122EEE5736BCD12061C77DF5B0122B5 + 1784E946B4E93470170ACDD7E2779591 + 57BCC9B9F3E11E88BC2F740AA0C10C97 + stream[256..319] = FF22D8196AB3DF662210D12D0FE79255 + 6DCD39611C07F089979CF7D693A30CA3 + 5B795B7F6D64931916E717C8BFB92114 + DB75118BDB51D142CE8133415C6B3456 + stream[448..511] = 971F007EFE17662D95F47F4F28266516 + B22A1E50755EEF19149DE3A3121F5FEC + E0D9DFE7A055026CA44193542D7687EC + 695B97769BF02F92C1EF3D904A8010C6 + xor-digest = D1C4878BEFCE48888A43C6DDE7CC8163 + C8D54A4CA36748C74721C7B6E1649A31 + 4B5B7A4BD43E7C3D2A22F0C8446C7892 + 90D54D421D37CB16400E59CC86215CC8 + +Set 2, vector#108: + key = 6C6C6C6C6C6C6C6C6C6C6C6C6C6C6C6C + 6C6C6C6C6C6C6C6C6C6C6C6C6C6C6C6C + IV = 00000000000000000000000000000000 + stream[0..63] = 54F122FC8ECFB176E7F4CF172B2D78B6 + 54BC11ECF0010D2AEB9F899130F4AC2A + 38EBC15C8831D591E6675DC1CE7A471C + 4B869FE83CBF37AC70BAAE5D4AC607F9 + stream[192..255] = 518F298A6008532EEFECB3DCF72103BD + 5E3F84FEB6EA2311E8C19A2E93A9C3C3 + BB1DA7DBA78D5618D1C4FA5B0B202728 + 62645A361E55494D66C9359E41E5809B + stream[256..319] = BAFFFC9206D1D813F3E2768F08D78B2A + 89BB20CCD92E7F13FDD816DD4E4963C2 + C5FC2570CBB8BB5C70848B73001F508F + 47AF179528200F51CDC6E4854EAA63C3 + stream[448..511] = 844B1D15FBFD1264169279ACD525611F + A39C7BB41F1E7A1C09090625F7926E51 + 23A4CD7FE1A3F37ADC67AC437BF0A5AE + FFFC6FB0ABF39D9908145004AA5B958D + xor-digest = EC67596C9DEF4012A2D543842829306A + 4285A3B8038818F265065DC848BD80FE + C27C2F66A57B27F7FA8AC912001EC954 + 05BC6E93D7E555C59060F5D2E294D103 + +Set 2, vector#117: + key = 75757575757575757575757575757575 + 75757575757575757575757575757575 + IV = 00000000000000000000000000000000 + stream[0..63] = 91D2772A18995DB3C0801DD3740F4466 + F9535E5BECB93DDCA0E94D19C0B57BDD + 0FFBA9DAF0B11D55C852927F8BA560EC + 4999E25848D08FCA7275E7E8571A5F1C + stream[192..255] = 72E64FF10CA9F07CC493715724DA7610 + 9E4358E8B0CAE451348B784A162DF036 + AB9796724D17FDBF356031D080A6631C + D1E8D217B041AD2EDF427972653206B2 + stream[256..319] = 4054F770C93FCAB533143FFCA8E4C0F3 + 344956C29D10374E502C2EDD177ECE5E + 6625BAD9630DAD57976216CD69865058 + 130B132FEC1AB0C350DF4DACE4C7724A + stream[448..511] = 40B4A4DD63F7B6E932482D0E6F5BBB90 + E402466550B518A177CD05985D238827 + BD92EE7EC22C274F19E682F85ABDAD95 + D0EBB3DB6C6134408353C8B0472C9A1D + xor-digest = 9A6C893F2108D13A29373DEDA65386C4 + AC356BDDD4A3178952F9126E322B7AE6 + 83C94F1A131CBEAFF26549D9F84CF04A + 1241FA374B055B0ADE7E49E8EC669E65 + +Set 2, vector#126: + key = 7E7E7E7E7E7E7E7E7E7E7E7E7E7E7E7E + 7E7E7E7E7E7E7E7E7E7E7E7E7E7E7E7E + IV = 00000000000000000000000000000000 + stream[0..63] = 87A7773A3514EB7F882F2C491E90DCF3 + 059C5CC575D806B9029CCE3FA45A246E + 0EBD3AB2F2E324FE36ADC3B56AE2F7EF + C710AA964CB87381386C2A88B1308035 + stream[192..255] = 415D6F59DD004944D4E45FECC6F1F06E + 20BEB18D9C84187C347F43B17E0924F1 + 2348F825E106E57A00258CE4415294D9 + 4323A9812D8A71359CEC1001BAA0D567 + stream[256..319] = 8E20F0D03F37EF4B2C5EE12B5F81F7C5 + 32D62E779FA0D2D08F8ABB6B0183A4DA + 4EE0329215F261D953150B9AB9FCBE2F + 568AAE361EAA8636ECC01A63F007977F + stream[448..511] = E7C44F44E06321A20E25F73E2069757C + 90499DB7E60025CF6D2D445E53A665F3 + 08EC96F6FE73C0AC90D7E4A712E18C2D + 3DED46DFBAFA24C4B0B329E52C525976 + xor-digest = 22035341489FA6EEB2A6488CA42F4043 + 57477C3F55569A1224EC39B1019E90C8 + 21D37D78ED4DCEAF6EA70724C3751760 + 38CF25DE4F84BABD80424D83A310881B + +Set 2, vector#135: + key = 87878787878787878787878787878787 + 87878787878787878787878787878787 + IV = 00000000000000000000000000000000 + stream[0..63] = CEC0C3852E3B98233EBCB975C10B1191 + 3C69F2275EB97A1402EDF16C6FBE19BE + 79D65360445BCB63676E6553B609A065 + 0155C3B22DD1975AC0F3F65063A2E16E + stream[192..255] = 5E12BA9DE76F9ABF061782EC1C4FBBAB + 3373B816DA256CAAC37914B0C161E4E4 + 5F5ADBE444098A5B2A4CFD4251D79918 + 987BB834BB50F0834EF4985F356B92A2 + stream[256..319] = D89642D25DF97D149AE07EA18BA39497 + 8935978AC34C1DF9F444986D7505DB4C + 7E08DB3616B84CD52E7DD7FB108C36B8 + B50C2573172F4D3500B6D62A9D20B82A + stream[448..511] = A2C17FE7371604556F796429C6BE0688 + 8611638B310F3E9FAF484BA9EE29C16D + 2F842EAF33AFEC557B68D2F453569187 + A6F4CD204A0E7A733E81AB7CE9FCAE81 + xor-digest = A7C93087CA70DDFE5FA5F1F2F954320B + 6E3A61977A7C6AC2F033B826AB9A9957 + 66671D2A1025CDF8E2824B2F58CB221D + 2A68679239D90152FF7D0D39B33FAB93 + +Set 2, vector#144: + key = 90909090909090909090909090909090 + 90909090909090909090909090909090 + IV = 00000000000000000000000000000000 + stream[0..63] = 7118889F6E46A6523BBEFCDB006B3BC6 + 71A6D390BC7099A708D370DCD0E3D143 + A0334619EBD5C7DA9EF6301F29273F85 + 2DFA3C580ED65C6E952F88A0B7FE368E + stream[192..255] = 31D61E133CA1AAE400CB2DBBAE93C75B + 445792061AA0539DA69ED0B77B970C0B + 482156A5DEE4082A61364BF06E692399 + FB9F4411FEC515291F8949B20F57229E + stream[256..319] = 993E815F299D4841518119BFF88F6EFB + F3DB9BAE60238BDE2845DE4DBA6D79DB + C9E42BA5C3C004AE4546FD86C660FFC8 + FD6A8A349669FFE3D9E5BDF8E50A407D + stream[448..511] = 0F9CEAC6BDCBB56B7E97DDC95877B2B2 + 1274F4A6D814B5440C74D53A3FF0735D + EF01B14AE4188E215CE7337C04871688 + 7159695A241BFB9D6B489FE9E23B2AD8 + xor-digest = 0BD5739ED28778023E6303FD88DAABC4 + 0FA0A211A1A5C5F230D9E67DDD9EA517 + FEBCDF0BDBC107291B6CF3ACD8B862B8 + 4BF15400493A54036E97FDEBB9A1DB2C + +Set 2, vector#153: + key = 99999999999999999999999999999999 + 99999999999999999999999999999999 + IV = 00000000000000000000000000000000 + stream[0..63] = 236ECC5AB83DB1C5CD1C5A888CFEA2DC + BE99E7E515650511FF7016A0EF287ADE + 5A03839C4F83F05FAC3B0B24D4E3F602 + 3251F8D9CC4530A805F8A6A912EFAB1C + stream[192..255] = 792823ACE2C0DDB266A118068AE295CD + 716E424D3B98A9DB2501A3F5DF7DC70A + 3BD2C6E664D5E13317D6F57B8774C903 + D407D2BB6014E0F971141E89569C5868 + stream[256..319] = 2D6ECCF738FC00ECD5475EDA959A73BB + 304C81FA9DDE0C21592247C4098D9347 + 1DA30294DE8C100E5B17A199F744CAC2 + 4E33490FC7F223FD6B4923056117C6D9 + stream[448..511] = E791A6BE7F7593788E5D627F5CDAAB59 + 349AF2BB1DA2BA622B9824F729929098 + BD19DFC05D0D9454F604960C027752F9 + 7812E53DE6AC6CD2751AB331703646AF + xor-digest = B7C5CE0D2FF66533A1C948C425F33FF2 + DC458E7E517637596FC8FB710E2E5636 + DB1F14848CB12793D54ABD0856B22F3A + ADFA8C33AD08B8CC5292DD76913CB105 + +Set 2, vector#162: + key = A2A2A2A2A2A2A2A2A2A2A2A2A2A2A2A2 + A2A2A2A2A2A2A2A2A2A2A2A2A2A2A2A2 + IV = 00000000000000000000000000000000 + stream[0..63] = 74490D19F13E7C6D1B25C6408E23F229 + 8A8806402755660C4A30CD216A500BB6 + AE975E08EC62D08425A8A62A71B00215 + DE35E5178902348698528CB82296F009 + stream[192..255] = 51A6EC18829928EE94C37A5CD030CC4C + E4F7E1B3E78C3A5DF07592F45B968BEF + F95B8B257DAF2B468284627AF4481FD2 + 67BE0B164DD86721DC8C1607A0607EF0 + stream[256..319] = 75C565D5A5A240B003273F99BEB3E4B3 + 9C056162B626F383F3E77B5C98C0FBE9 + 119A7C335C333E6490126AC2510CDFAA + 86441C72D1DD9ACBCD3FEFC0D0C794C7 + stream[448..511] = 2D90CCF0B43239D725E3B53C31B82754 + 246C065AD23A8D709161FC74B34E23DB + B918EAFA4465125D3780BF0B5803AACA + 037AA0A14D977141B611A6CA2278B634 + xor-digest = FEFDA1A6E95920B93380CC24FAE214C5 + 6B009ADCB176D519CA4B8538EDFC95D1 + 6CA06B730B28A230F0085FE43CBEE2FA + 2EE5DCD74D66F5CBB59F256CC1ED885A + +Set 2, vector#171: + key = ABABABABABABABABABABABABABABABAB + ABABABABABABABABABABABABABABABAB + IV = 00000000000000000000000000000000 + stream[0..63] = 22E1A884ED2C67CCB2977105649B6544 + 367858D1A730AA2FA96703FA406B337A + B2159A389BEF48D8A215D870B2968E16 + B11571F12BEC0A07FA7D3B9790987EC7 + stream[192..255] = 4C98DD259D03A40AF38E0ED0F37CBD74 + B27776E9250B8B063E52E169C7B76A15 + 0D699278AA4124427B5EB6AFC4AD5DBF + 600FEAAA98A88DFF297DACA5ACB4878F + stream[256..319] = 5FC732A26406FF0DBC764ACB05C83484 + 976B640E60CCD6ABFB908583ABEC3E75 + 2878371EBB5374C9B37A63E0768AE10B + D857253D940AC408EF49EDD590E806AE + stream[448..511] = F012E429C44D5DC03B88123855B62C0E + 90E06759306017B5773752973850531B + C480316CBBAEDE6353AD5FB298349AA9 + 16AC0221A4CE1E4729BFB9C230AAF9FB + xor-digest = D73B872315F9052C67C4CFC5CD912DBD + 60DA32FD06D9C8E804968E688898200C + 1D979DFFCE52E1C3B3309B58D12BDBB3 + D3EBA2954D1587D720E004E12EB4A13B + +Set 2, vector#180: + key = B4B4B4B4B4B4B4B4B4B4B4B4B4B4B4B4 + B4B4B4B4B4B4B4B4B4B4B4B4B4B4B4B4 + IV = 00000000000000000000000000000000 + stream[0..63] = BEF4DD0101F80A8F880BE0613B2AAF88 + D2EF924014F7445ED922E9C021571909 + D7E6BFCAEE0724F2A9C522C4BDE4BBE9 + FE53FE592C0FEB80D2C7A51FB8BE9EF3 + stream[192..255] = 6B1966D3EE460999FF09001B0ADEC484 + 0D22CDDFF39EB0E3D5FDF74C6E7B3394 + A0A4271D780DE6DEE9AC58B4903EEDD2 + 6DD14E14A4DFE506748D5DCA6DDF4C5A + stream[256..319] = E79D99119996FBB5163335E2F79F0502 + 7AEA5372136E7B3C5BE1F4A673A2DC74 + 60834B81BE6C4976C4A727C8E6046A64 + 4CAF42EEA6A068B7E532581E9037BE9F + stream[448..511] = 5C4F52E0E94884C829DA1FE88EF34614 + 9F3EE55A136EFA3B417DB63D2487DF82 + 794E161B3153DDB2E1E4F385E1A848C7 + 729FF5CB1CB58D5E73FAB1F2DCEEE5AD + xor-digest = 2F3C231B0228C274255F3BD314ECC7F3 + 1B9C49177009AFF2CD88F807092D77E3 + C74C1B9B8650F581EC7603F4D6E70955 + 1B00C3192414C04AB0AD8B0B9BCFE988 + +Set 2, vector#189: + key = BDBDBDBDBDBDBDBDBDBDBDBDBDBDBDBD + BDBDBDBDBDBDBDBDBDBDBDBDBDBDBDBD + IV = 00000000000000000000000000000000 + stream[0..63] = 05AF4F98E9D526CD7912F3E8CAF45410 + DED6D4E331633C5621B94E7EBD15E856 + 04AB202A553EFED55A548C7AFFCD2550 + 60315FD50A305D8BCAC9C077229D34AC + stream[192..255] = 786D24EF3FBFF6883A4ECC4F40E445AF + 3CFD130D5B6A9CE37BEBA429AD137A82 + 44D0586FEB16D086F533D1885A82F73C + F2AD2C645591F80ED09942F0A08D898C + stream[256..319] = C214B6AC700164FA66DE346A27A99463 + C5B6C0E43A9057384BE168E163058FCB + 6E7DEC871C6531EFC8B8D581EF92757E + 219294D39E0C9C8276440BE56C3D9941 + stream[448..511] = 22CF14F5BD70E719AFE76C53E5D611AE + 4C8D2171695C9CF97E2936A8BB320670 + 015825547A508EB43D96F2EE1EE2CB34 + 4E120F001500F8ACC3E19E30455D09D0 + xor-digest = FE5928C74EA21F23E29171E5AAACA20C + DD8571E907763C96B99A8C11F9A1D2F5 + 78F68A6C440996995F7AB6E69B3CCE33 + CF8CE0C16F54355696D47DBF82EA8D56 + +Set 2, vector#198: + key = C6C6C6C6C6C6C6C6C6C6C6C6C6C6C6C6 + C6C6C6C6C6C6C6C6C6C6C6C6C6C6C6C6 + IV = 00000000000000000000000000000000 + stream[0..63] = 75559677D7C762F6CFED942D800F2FAB + AB5F3892DC2C79922E96FD34FE511C11 + 251C8EB7C639E531CE08A8C99F62E7BC + F68FBAFF99D62348FF91CCFEC2710055 + stream[192..255] = 149806A4D862EEA81F0208D927339E5E + C98E9C2A6E0DB85CC0380DED7EC5B8AC + 4ADAE76AEB9C7B7264C3834316209615 + 25221D58C0174577110596FF89C8FC69 + stream[256..319] = 137E527A0ACB8B96A9FA07890B60B78B + 3CDD19BF89B31FF75A814F470BF97E0E + 1293B750B769F5BDD750DE5025D7534C + AD541A1F26C6AE9AC2FD3237C156AEBB + stream[448..511] = 0958243E88921B81F04AE63658E52D76 + CF2638495B3A6B970633A7C8F67B8CF9 + AC378082F72FC63BEA02881CC5B28D9D + C8C261C78B2872B5EBFC82336D6E1A28 + xor-digest = 0084D7BED4953402FE8F7FF71A28CEC7 + 0028A08A00EF935C06A8B3632DAD5914 + 84E44E372A753F8E630741266C0F4218 + 4923608103042C70ED4ECC5112B9AF6B + +Set 2, vector#207: + key = CFCFCFCFCFCFCFCFCFCFCFCFCFCFCFCF + CFCFCFCFCFCFCFCFCFCFCFCFCFCFCFCF + IV = 00000000000000000000000000000000 + stream[0..63] = 0C46BF67A3DBA5DCCF8E4A7A65B6FE28 + 98C701CBF5E88F1F3DCB6B873E5CAEEF + 23024ADA678E1A2CA9E25AA8B476CF4F + 9FCBC297FF03A9B94A5A736274EA776C + stream[192..255] = 73B9891D1770289A67D6338909FB6282 + 9A425B7947FC30DC52B11E398E85B1EB + 537E1C02898FEBFC15A9172C254CA55A + AA1B56EA856F47E37E2F252D92D94ED8 + stream[256..319] = 6522D372F90F2DAC155D48F165B6DFA4 + 38B63B9F436FE00CC075C585297B8F90 + E6062358D29641FF9C28EED4A23FC53A + 6B5C60C2AF1E8146DB27CCF5F43BA838 + stream[448..511] = 642541A9733946827D79BBD815C03C17 + 6357BD6E81E9A61FFFD4A0BF6863AC71 + 72AEFB92C1F235641BBE1457B724A6AA + AF9FAC687552A778B034C4A4F8E41ADE + xor-digest = 9DDBC1E7D31379D027B4F3DFD72C3668 + BD0BC5A97655978E79056B3D25DF3E79 + 5D5D8BE5D1AAE877F2E7D03225CB6609 + 6EFE11CBCB728039A243E326437CE73B + +Set 2, vector#216: + key = D8D8D8D8D8D8D8D8D8D8D8D8D8D8D8D8 + D8D8D8D8D8D8D8D8D8D8D8D8D8D8D8D8 + IV = 00000000000000000000000000000000 + stream[0..63] = DBD4E866F4E24E7F66816CAF625BD07F + 1F7BDFBB81428FFEE9FBE14DF5F5F3D8 + A044EF53A868D989E16165A0F2B95E8D + 83439BB4805A125AD0CA7994AE11B852 + stream[192..255] = 7CACC4E7B9B1957ABB22ECB9D9D67184 + EE7A7F4B822A1C955A69E238022AA313 + 276C2003E27AEF1B4F94B33A6428685B + F048B357EAB297B7DD98E612F054A317 + stream[256..319] = 286B484FA80A45EE4D5300DFBE173E8C + 978B976BE1B6CB0D15C0324D6B70D265 + 385B615B3EA97A55D94C47F53FF40861 + 4460857AC9568556AE54A52546B41B5A + stream[448..511] = B3AD999394343F6F0BDDD0B1FAE2E3A6 + 5BE2BF56D2B78A401D5761E2F3AF8B18 + A2B1089864999D9B99E5BF6959F8F802 + 975FBF204D6159CF23F3706CAF0D9BA5 + xor-digest = 0957D6887501D4360C430614B67D99B5 + 32849E2F5C69CE8A9F3F707A2B5438BD + 0C1237B5617FB525CC9C043A10DBB265 + 3C3F0A353E89A19838B8F68542E09526 + +Set 2, vector#225: + key = E1E1E1E1E1E1E1E1E1E1E1E1E1E1E1E1 + E1E1E1E1E1E1E1E1E1E1E1E1E1E1E1E1 + IV = 00000000000000000000000000000000 + stream[0..63] = A6DF8DEE1EF7D1AF773AA3E9651B645A + 50CF101BF065F69F3E78BEF5D689B1D1 + D306FF41EB3E78BEB75C4200937CFE60 + E89E370680C519B2F64E23516ADF8062 + stream[192..255] = AA30580A210B87727BE17EC52AAAD037 + 3E0DD11FBFC89B37825CA4D6F9E8D433 + E3EA54C37D678B58CE834AFA310F6D4D + 06B4603F12DBF38595AC76511D0B13CF + stream[256..319] = 5F3E1A55116CB67BC91C8E37182EEEEC + 8FC9B09DAA6F418D3434BFBBFF6BFFFB + F93F8A963F2F51CC487BE868F010EC0B + EE17A480542A301E33B36F59BEE13D91 + stream[448..511] = 672048756C221C12DA6178BE711B3371 + 525A92BC9A219CABC5501B0DA4CC248B + 8742E8BCBD6F5A1CFE522F3DF3BED6B6 + 5D60D1AC737ADC582C2CB9751521828B + xor-digest = E7CA739E4DE0E74274E491CAA9BF5CAB + 3F418EBEB69509D69B2594E964759D15 + 104F674CD44681AFECC3B4939CA0A0C9 + DD7AA5726653ED3FBFC833DDB0C87B42 + +Set 2, vector#234: + key = EAEAEAEAEAEAEAEAEAEAEAEAEAEAEAEA + EAEAEAEAEAEAEAEAEAEAEAEAEAEAEAEA + IV = 00000000000000000000000000000000 + stream[0..63] = 2479A8F2872A813D16D15F060D300237 + 25297B812F6F3B97D74D9716E4403A5A + 684D2BFD1E15275470FEDADF1578277E + 44C6C06B8A5FCE3D0CCC5E13BF49947C + stream[192..255] = DB2F9B25F9523FF5C2CCCB808EFE07F3 + 132D4B0065A563288F848E05EB45E48B + D15C069C02F90B4FC10AEBF1AF4BF90E + 2CF7F48C8CD7A8091014131EBC21FBE8 + stream[256..319] = 84FAF79797E25BF2CFD54E58F5C7AC1C + EC170B064429EB832924CDA9C47B5174 + 9BFEF80D96FAE36DDA65659FEA1CC06B + 4EA3A1601A3304AA4DDBEB62381FD4DB + stream[448..511] = 2C8FC8D23E7DBBC37BB0811D1BC71145 + BFBCDBAE19F5281CD0E6AA37419778DA + 64DDF68726DD7F4D78BBBFF4576C2AAD + 93F477A2AB2C3CA8A381F30BB944C7B0 + xor-digest = A6D5F0DDFC0A43491D6D0A17C095C070 + 9EC7E9B89DB8EEA11045ACC5FF003DC9 + CD3318BB6F9675EEF20E15490F525066 + AF8380C663B60EDBAE30663C94C39892 + +Set 2, vector#243: + key = F3F3F3F3F3F3F3F3F3F3F3F3F3F3F3F3 + F3F3F3F3F3F3F3F3F3F3F3F3F3F3F3F3 + IV = 00000000000000000000000000000000 + stream[0..63] = CC3701E703946194401D1BA23AD99B5D + F3F856138E142D4B9C23DC9F252A277B + D62DAA33A71A0C61079AD5A20562291A + B6EC92C66D7BE6A17E27D4DDB48EFD31 + stream[192..255] = D00665FC0A4ACC78758EF25B0B0D6903 + D565423614409AD11E821B83F5B35D83 + F26F3EF9EC1766FEA9C21C09E0AE248F + 4BA01E48BCE09D06471593B3466703DD + stream[256..319] = E8B4EEE2C8BBEDBA758C1C2D0889FDDF + 96CDC215EF1A62FAA29A5608C852FFA1 + 18B473C5A7319446F3ED2E8AB39A533D + 714325D1B14E838C9EC6E037DB0DD93C + stream[448..511] = 4FF3B43841B17A279002EFB07324625B + 7E937D480DC73F12836195110ECB4DB5 + CD31CA4F92F612A95E82815328DA7D5E + 4DCC5BB6791603EDA64C57B5A5AAA04C + xor-digest = 9202B874C48D4B1A9E857E645EE8F884 + D971CE97923AC024ABEFB944E34550CE + 31712BB832F9174F86FCD369E75CA9AD + 85095F43A4B7F33AB641BD6912D2C59C + +Set 2, vector#252: + key = FCFCFCFCFCFCFCFCFCFCFCFCFCFCFCFC + FCFCFCFCFCFCFCFCFCFCFCFCFCFCFCFC + IV = 00000000000000000000000000000000 + stream[0..63] = F374DA745A5CF93A567027609E5D3B1D + 5C3C8A4D15203705D978AD42279F6548 + 51FF713F5120CC93D044EF717F5A75E4 + 98DBEF559E5F157A8C819E213E93B3F4 + stream[192..255] = B270F638AAB88DFF69D724F79B70CEC9 + 175AEAA99D55485954B265B5CAB86509 + C810E664766A8E6C90D4BEE3A58B1815 + 9076959FFFA2F30EEB12343E9E7778C5 + stream[256..319] = B2CC84A1127B5333B30EC81CC14307FC + 418DA96336991A27DADA74FDA987B867 + B125C53C0E4E2889FDFEFBFB48797A22 + 2836B2EA42793CE2BFFD568F6234B368 + stream[448..511] = B70F4A10A1B75D499E8189C8B92AFB36 + 4CD2D730DC8D7E183EC55A777C2445EB + BA7E9CD95C8F3A206B73C422AC2E2C08 + 15A8C6FED156FFF93B63DE512EF69725 + xor-digest = 467EDA43B849054EE747A532ED0D9AA4 + 6EA1BF2B6AF19F481D6E3D55EBAA96FC + 6629FE65B5EC4B5EB6A155A6D60FEA32 + F04F8230E26390F1C8FA53D47B68FEAE + +Test vectors -- set 3 +===================== + +Set 3, vector# 0: + key = 000102030405060708090A0B0C0D0E0F + 101112131415161718191A1B1C1D1E1F + IV = 00000000000000000000000000000000 + stream[0..63] = 7CB997D6E1B46DD7C0A9629B441C3771 + 14D6C18F230291FA7EF0B039AEDCC9AA + A4AE05BA13F3931E3F8373AA320A8BCF + 28E825B2084D0FA486BE52C92C3C6F14 + stream[192..255] = FD4DC85E176D76062323B2F5B31E219B + 786596F3DC0A2AFD31AB48C5F911605D + 556399114B0779F43221FE5BDA899627 + BA6498C210D5AEC5FEC8733357571F77 + stream[256..319] = F00E84A92BEA966DC8359FA63B12E8E4 + F5611F6C8CDD04CE9D605D770B2EAE49 + D6976272057CF275EB5B4CC434EA9B0B + 8CD9FEA22D7E919097CBB36C5D239BE6 + stream[448..511] = 110560BCF38CC42478036CC228E9DBD7 + 4C44863DAFC81B528AEA2893FDBAC7BB + 2F68CCDF566E1602623EC9AE283EA69C + C032E90E409F368E28401AE6905BD4F8 + xor-digest = 9CCCCDF3F7D712D6E3931068138F9A9F + 8640478BEDFC3C7CD0802954234DD07F + 99F4B072D9847DEC2E16FAD0ACCB3609 + 16243175C84A317191A98AFF5EFCEED2 + +Set 3, vector# 9: + key = 090A0B0C0D0E0F101112131415161718 + 191A1B1C1D1E1F202122232425262728 + IV = 00000000000000000000000000000000 + stream[0..63] = 0889D6D9E155FC208941B945F2B15362 + 3CE5C79122C1085FC172836FA9B06C0B + 50910CACF399EFC9CD9CC484786AAC8B + 377972E9A90D7EDD40A59FE1B942710A + stream[192..255] = A540BDE9860D8687A45D8CF22E00299A + 36BE590AC92E70BA03B8A5F2898C2D1A + B9B1E5C87C4B10C9B6E08EB868AE3B10 + 3BB95C30831B903A3A9620ED16B96210 + stream[256..319] = 90E2A684D3960A4B1DA5DF19BF569288 + 5A23892F2003AF2319FED9C8D37B8702 + 7E61290E013FDF93683829DB99C177F0 + 222EDD6A0FE3D5F7F903D3CC15C6C6DF + stream[448..511] = AFE7454BF77E3CE1050ABFC2E25F9B15 + 011F33B93660EA4AB5E7BFC513F2D787 + 27F8008ABC1E14B06C36F7750AE88C1D + 7AA2F6EB9F2E925CD6CBDEC5FBA3EEA8 + xor-digest = F1A8C58EA8459686DC5BFA2A81E80653 + EF6141903898D1A3C7298358A79D674B + A971C106CAB035722F246D3E67D34543 + 3E71DD374DAF73036EE55E6C0ECE5FA3 + +Set 3, vector# 18: + key = 12131415161718191A1B1C1D1E1F2021 + 22232425262728292A2B2C2D2E2F3031 + IV = 00000000000000000000000000000000 + stream[0..63] = EB11D29C989FB09961A673D8412360B4 + F4E6DF0169A3CE207656A7C72D6FB8D0 + 95CB3A7A6CECDC2E167CD35F62A00110 + EF09FD32B61A8B405A3F55A1313F0DFC + stream[192..255] = 8ED27EA005A3E298560C829380D4F1E9 + F0C7FD5285F04AE6FD66C94CC07C8C51 + EE8163B7414A52B0594C5F7F80104D95 + 0858C9A52F3C156ADAA025C00B180429 + stream[256..319] = 12DA63247282599F2C50B172CDB4F31B + 20952134800FB8BCE743BBA90E6485BA + 057A9C5E0989A8FDCEF1C88DD54E920F + 7028EB284306FE6A87B0FE063DAB9557 + stream[448..511] = CD447E9F58BAFB77F6E02AB5A692120D + EC4F7BD597DE5C54523A7944DBA6A3C8 + D00000D3E70F7D9292B7135A7F054812 + 4B98680DEF6631D2D10E0E7B08F188BB + xor-digest = 6EF765CB84937D5E829A1A1664EBD23C + B474FEA3C5AB137F2D9B35BBE0816EDD + B26EC14D74EFD0F9768C521A6FAAF122 + B5E34A36344FF0F0DB3CC2F2780D05E8 + +Set 3, vector# 27: + key = 1B1C1D1E1F202122232425262728292A + 2B2C2D2E2F303132333435363738393A + IV = 00000000000000000000000000000000 + stream[0..63] = A71D4189D1338531D3C03D00A480C8B8 + 49C779B7E113FD8D59516164C161EAE3 + AEBF74542FFFDC2FF8C2666FD5AAE413 + 19072673F958F498F8FB9743BE46863B + stream[192..255] = B0B3803396AFF1646369B6FAE62EDBCE + 5254E7C8FEE88F9EEE5D8A7B6D44ADC8 + B89895198E3C147FAE0C9B8325EB3501 + 6EADF77C5D7F402CF3168448D2A59E23 + stream[256..319] = C1CCE6956C8257947C004528F568E3CA + BE9ABF891E2FC2B52D9A1E6EC97A22B1 + FFD1C77E50A17CB47014C9EDA1853AFC + 11526F6268102780ACB3E0F120398AD0 + stream[448..511] = 765857312C8994EF6BC7259673F02E38 + B7E0A764FB70534190033FB1BA86D5BA + 3BC6851DB596970A2F60831EA1A31CAA + 96085680CBCFADD9C5F0330CB72AB5E2 + xor-digest = 30EF19DE0E750BBF6AB3FC924742CDCF + 62B2FE5F25983BB9777C727679CAA39B + 1280AB468051463E7EB287AEEFA5AD0B + 9C9DFCA45A3124D5F41F4B0AF5849E62 + +Set 3, vector# 36: + key = 2425262728292A2B2C2D2E2F30313233 + 3435363738393A3B3C3D3E3F40414243 + IV = 00000000000000000000000000000000 + stream[0..63] = 2B9B987B7CADACD2FA50A53A9F9F44CF + 4ED11B3E25FE57F1372C6D570B470AFF + 5FCF3BEB89D0692D873EFEBD26EAF3E1 + 1B6892913F0CB27F3CA9BA20AF7A98F8 + stream[192..255] = 0148F54B1D24F3D69A2086D6938898F5 + 25BDB1B1F78C5F92BA21FCE803A52591 + FCEC9A1AFB0FB3B081CDB1D79D254845 + 40EB9D624B5E113A4F143716722687ED + stream[256..319] = 271FF1107AA8968E0ADDA5371F40224A + D8E134AF80D5ACDC9803B1B3A9819BF4 + 8ECC3A68B303E1275FA97222F7E984EF + 9C73899433230FD746DA6101DE37ADA2 + stream[448..511] = A66D3BB64C35C71BBAA3F5410F388253 + 2B32897B1CC1AD610F3AA195CDC1EB82 + 0262E817374384BFBE200339B284ADF4 + BFF6960B6A41AFA9D7C9B67B19C14C37 + xor-digest = 3CF10A4A8BA3E0DA3C0B63F1B913B57F + BE47580DF7D90B13459A9BC98B93B014 + 1185E910EDC0A5B37206542B17CAB8CE + F050A4ED3D7097B6A0738095E4BF7A77 + +Set 3, vector# 45: + key = 2D2E2F303132333435363738393A3B3C + 3D3E3F404142434445464748494A4B4C + IV = 00000000000000000000000000000000 + stream[0..63] = F32665A4C73608E133D85712D2CC9A76 + 6D2B83311B3F44564A56A97ACC9B6492 + B282A2E62A435A7B7799073E010C78C9 + 4B7B5BD1B25994D1CE31B51CBB13BE90 + stream[192..255] = C9F24592930A0A9148486D77C1FFAAA4 + 4E4EECB088D6AD38D73B195E576BEE56 + E2CDA968FEB85D19BF89391813501B02 + EAB39A2E78B8CC7456EE60EAC3454051 + stream[256..319] = D8E1D09F074708379189BBFEB1E24053 + E0BB5980FFD0371265320C3047F0ED36 + A65CA8D0DDF20DC25B552E1882811C77 + 6613DBB4297DC6C89E31529DFCD17C82 + stream[448..511] = 8012813E7879B3E99C40821A97469BF3 + 9D2EF3B888E3118275F47F8C78A5F7CA + 19A98B1817D2D7734E69C5ED43773D68 + FA100E2C37F40FF8E018DBA52C5C239C + xor-digest = 8AFB9CD876AF4F9693FF4FF511D89957 + C8BB31D9DE3F21B726667681F805FFF0 + 4B50850696D6C2E5C271D199CF49F1E6 + D366C7824273E99360BD5A294E415F0F + +Set 3, vector# 54: + key = 363738393A3B3C3D3E3F404142434445 + 464748494A4B4C4D4E4F505152535455 + IV = 00000000000000000000000000000000 + stream[0..63] = C72B0F98EE5C2D44260E929C70DBF174 + 02C03543483178C8BC129D67FE2746E2 + E881F8439E2A11EBB3716ADB16207BBB + 91454A71C444445CE64003F0BB1F481D + stream[192..255] = 5590F4278E78AD19293525095C2F76E3 + B35A3858CB5912B62304180225BDC985 + ED955521436DEC441B9C742B3C5F4CBE + 94B99689048AF93E48472980D058807F + stream[256..319] = FBAB34E9F432546EC8C52750DA4D2278 + 4C1323D4E3F4E9B63E65A7E3C8B2637B + AA5D0A3B897113F68C63CCB78B5AB40D + 0A0DC3EF1EB09DF5C4770B343B6B5155 + stream[448..511] = 78B0144CDF2692F0D0F164ECC8621F5D + A00C401007B82AAE7753712FD6185E9D + 7ADC8CFEA6D5BBC2F3EDB8BF2C77718B + 6A424BAFD30C30934FC645FF05704BB1 + xor-digest = 835B5361A9C1F88223DE7BCA09030CD4 + 67065AAE99198645029CC0AB9B9BD579 + 14332392ED7A433A64D95B44CE228860 + 7E029235580276BCAE88F37418FB641C + +Set 3, vector# 63: + key = 3F404142434445464748494A4B4C4D4E + 4F505152535455565758595A5B5C5D5E + IV = 00000000000000000000000000000000 + stream[0..63] = 804025A410EFFBA58647A9F4B443BFC6 + 1CDDC30CA04DA8DAB3EC6A098A830D68 + 2683B59B76C60C09938E67CB41385315 + E2504B024DB808923B0909EFC25F0927 + stream[192..255] = 7A4661190129E3F349DA7B44DAAFC388 + 5E4BEEAC9308844DDA45E8E06637246A + 0E6C8C7D94C5F710CB78CC6E0CA82870 + 8CA77B6266B41E3ED6BAA2940F1977A5 + stream[256..319] = A3EBC22126B6069C674DB604F8C22B54 + DA68FB4390617E86C4FF089344BD0DB3 + 887B3438E8EF8207FD89B2A485C0B383 + 22AEB69750AD054F843DCA7995BB58A9 + stream[448..511] = BAC68211F125B57B8CE5E42E644997F5 + 2FD4B8A7D5CBF89ED2F6B5F4D4C7FA5D + 0CC34212160C6BA536BB7604C184367F + 2E088528F3B3A0A1B20F9249711162B1 + xor-digest = F628E74D1EB94591694631F1B2F12234 + 38B056789D5C2ABD8CF34D9FA7B8C304 + 5A8C2298B7BEBB90C7CC86895693118B + 2A43B7E8AC7E534DA7965EA720F19180 + +Set 3, vector# 72: + key = 48494A4B4C4D4E4F5051525354555657 + 58595A5B5C5D5E5F6061626364656667 + IV = 00000000000000000000000000000000 + stream[0..63] = 40409D9AD4CFCEAEB8FF613D32B59180 + F5DFBBF44C1B7209AD1AD5AE94DBBF3A + 83EAB34D2617ABCC396880BD5F5D220F + F434DD575E66CA74BA32862293113C5D + stream[192..255] = 42D9EDDAF89B93DAB4AA790BC9C45BAC + 5E94575E175C2EB1CC08BB39019E25C0 + 9B0F4F435ACE371BD9235C61C56A362C + B1A64EE58F4938D59073C5A8A1BA679A + stream[256..319] = E40477D1B6C901AFCC4A2C429845C7B9 + 0DF890C317A5B9D6368672C58E0BD5B2 + 7E42DA77BDC2BF47F9AD195F7C192B53 + 24FEF88E6B3DD1669A068E3FCB58B203 + stream[448..511] = 7616AA094DFFD4BCF94E03C9CCF95C31 + 8F247AEBDE281334F8E6F46271070BC0 + 1AC838D8FCFE18865DD30949C68052C8 + 6E93815B4EA9480B2D0B6A5D9888E597 + xor-digest = 1FE60024F188CC243F7D8221D990ECE3 + 29E89847C9BD60AF23061E9C27C4908F + B00D8813E680F00665658CEB077BEFAB + 5DEB41D3547DD645DEDBB3BF5D7B651E + +Set 3, vector# 81: + key = 5152535455565758595A5B5C5D5E5F60 + 6162636465666768696A6B6C6D6E6F70 + IV = 00000000000000000000000000000000 + stream[0..63] = 1B8DA47812BF2353C17C89AAA8695E9F + F553BBA44087D262FA0C710B69765F12 + FFE190625F58DA899B56FA7AB5E0E674 + 4CA2B073517B9577712D7155E16A874C + stream[192..255] = CD2BB4A6C3D7211773421014611B677C + C0A8107544ABF4F914F825891E52DDDD + 76EFDBEE614573FF9674EBC154A3283B + 439ED8197E1EE0705955A8B6C8AFF8BD + stream[256..319] = A626C40CD2C48AAB016C29020096DE28 + F03842E785BCE9D9E385D0B13B63F82D + 789588FFAB07B8CC0FFC62AA86D37CAE + 5CF8FD43B575F9F4D6E07465B700D47B + stream[448..511] = 16A3C84858207E141022D228079D6067 + 2784EBB56E3B84F7DF07EFC69060E27C + D1311E51F5893AE6BFF80D34464DC60F + 61985F8F88164CCA69EFAE568BEB546F + xor-digest = A24EEDA74185884C5B287663C3F5F031 + 2743CCAC657C702A29E0C20BDDE304AE + A54A9292B447039D50479B6CE475115B + 8791854540E15D642859D10561AEF26A + +Set 3, vector# 90: + key = 5A5B5C5D5E5F60616263646566676869 + 6A6B6C6D6E6F70717273747576777879 + IV = 00000000000000000000000000000000 + stream[0..63] = 3F7261A3A4691A73441762D113EB7817 + 4C515A96C5C93C514EE559E7F78A633A + 01F0891910D44A7EBB18768E3B912488 + 6069CB5304E79ACA89F62EFEC4EAC11A + stream[192..255] = 5F11904F72123CE29D1D883AE5CD2A89 + 2AB26C9167A24A57D6F64BDE3A8E1A93 + 7C5347C585226DB44B6252AEBF3CCAAF + 2D5E60C56FBBA6068B35AA6A61C84A44 + stream[256..319] = CD6C5B784854E0121933E77C700D9C1D + 7452999F859798499A339F78FCF84615 + A3190A2F558CC529E636922A1B75A3A1 + AF280FB3F486303093DC1564EA0B6D3F + stream[448..511] = 61B8163A84540727204F0B18D9CAED3F + B5FA87089FF4E721D2EC34D21C59B93F + 95297725780DF04A5FE405FEBAE80AB9 + B8307B9A74774E76063F9218CE243002 + xor-digest = 944EF8435F32FF2A67CDA5FBDFE02C81 + 0997D9C8192633A193D6122A051B801C + 15555BDF410917B9E5DB86F4DE8B9874 + 3E9F92F903543AD14087F4E13A915DE0 + +Set 3, vector# 99: + key = 636465666768696A6B6C6D6E6F707172 + 737475767778797A7B7C7D7E7F808182 + IV = 00000000000000000000000000000000 + stream[0..63] = 71BA7454CF7F6CC93C89EB22B9D608EA + 0FACBB4358DD007421DAC1E65EE99161 + C542DF02611AF497B2D53748D0129C0F + 5B9704C8A6017507EEFB26B6287662CB + stream[192..255] = 92D5D35B2E02D204E68C1AD6C018DBA6 + 7A1C90F563AEFC3D031FD3F7D4F5E2F4 + C47D326A9C49A0B2ADF03D9E7E429AA3 + ABF253E623BFB9EB040B5F5CF1FF68DF + stream[256..319] = D6C22BEA96DF94CE9D5D34E6231CE4F9 + A2D2F6097540F9A9160DE139E2E80D0E + 5AFE08131FE10F0DD7367E43D314D7F2 + 2321B5F89DC64F286576BA599A58F48C + stream[448..511] = 43DC3ACAE02DBF68AB5B65A81630474C + 639FC4DD36FBED518B6471F7C3E70FDE + 23CF1E128B51538DE0D5A47F20A554F2 + 09668FE28B0C4884888FAC438960CE7F + xor-digest = 7B0EF650F3847E3EB15EA1CB64EE7189 + AA5B04F527661C00F4603E48CBE59F7F + 48498D80F6C5ED956ABBF97E6910EFB8 + 341C7BC2E81E66A4B9474BE420DFA5A6 + +Set 3, vector#108: + key = 6C6D6E6F707172737475767778797A7B + 7C7D7E7F808182838485868788898A8B + IV = 00000000000000000000000000000000 + stream[0..63] = 3C4CBA573D803324D099BE1F436F944F + EE506CE77EBC01FAF0060B76FA5D2005 + 05CE94AA15F3C4B1E0194264CF13878E + FD36288EA4C2ECBEEB76828EB460AED7 + stream[192..255] = FFA464FA648309E295314DEF7169DC60 + F63C90AEE9F27B534E11D25AEC454823 + DF6BD39C1F9CB46276C630C129536506 + 187251D638D3867E96A84BD570F78461 + stream[256..319] = 6BE88BD0D2257CF7EBF7100B442F68C1 + ACB94B6F8991C1461D318BB80E59A6EB + 8009DFF46B8E339A0CD4FB285ED1E433 + 5FDBD65537D9CF1FBB0F9F10E17952D0 + stream[448..511] = 909997D084DE4F6C910D57DB89E1EB56 + AB3F9974E3DB5935D59917CACCAA31CC + E009324E52334BDD6CA971AF49982122 + B195229DF0BFE2C508E981D303061B2A + xor-digest = 8B2B49D564662BFB29A9F4E1A3DC7664 + 774D41168EA27505A2A518DD94C2A507 + 0D28E1E69DA2F084DAB024E8EE2D022D + BC73071B8559BE2FCBC2AE3605696482 + +Set 3, vector#117: + key = 75767778797A7B7C7D7E7F8081828384 + 85868788898A8B8C8D8E8F9091929394 + IV = 00000000000000000000000000000000 + stream[0..63] = 6EE8B7E51036B951205064348C222881 + 624E9FF59DFED40AC6CDEA0945A39E72 + AD05FA929F7AB69BE8234567734F8F96 + D74DE6038A463BD8FB86224F5CEA0D45 + stream[192..255] = DD9CD1757A95E616E99590E76620E9DF + 0BF811F73B70C5CE982FC9CECEFFC6BA + F7DCA30517A9BDF44515262ACF297AA2 + 2CAC3F216C12A9D0D6912578DC672D18 + stream[256..319] = 0B7DE245062DCC9B1D8A945CD9A04938 + EB9BB258B4B7BCC263487B3599B1C6BE + 7FDE752D65345F00DF90896DF53244A5 + AB111134B36A99E2D2200B4D2003A520 + stream[448..511] = 2566E8427BBAC7F0A35C6E4BCDD326C9 + D7164A9E1F767038A09A75B5076E05AD + C51F008E9E3184FA4DC6E4764B381944 + BCB96B57FCE2339A01501BDEED46F8E3 + xor-digest = CC16803D36710AFDB1DEBC653DA7DD12 + F45B02349B87C3006DDCAC1635956846 + E4D7D6064D19012724BBF836A7DB7A3E + 3C12E6288F546EF316406D9C5E844BAC + +Set 3, vector#126: + key = 7E7F808182838485868788898A8B8C8D + 8E8F909192939495969798999A9B9C9D + IV = 00000000000000000000000000000000 + stream[0..63] = 4F4169DF51C9865A20D7E79DEFF7B121 + BD61F4C79AFEDD0598F55E9D9A3615AD + 19292095DDD83904B3683722A3337BF3 + 4E98F63EB19927155E176F2E8D5560B3 + stream[192..255] = CF82F8F2A46A898915B3E371BE941811 + 682A8A0A20837AF471B5CAA4B4FB01E7 + F2B0CA9ED3BA70BE305587F1ED995946 + 223032F94BB2ED7D418C95F202887E6B + stream[256..319] = 219C121E08F7458BD657AC4131221C78 + 43DB5817B17344922C54A002F3F67574 + BEE5F7FFC7EFC5615444B51FDDEE8B71 + 981FBFF658D2504BB53C13D0342258E4 + stream[448..511] = 55C2A93F43F260EABBC1A173AAF80A95 + A7EA74CCEF6E29C52957AB2247126336 + CEA5BD0D08F873AAF733B3A11885F04C + 58542B4C8ED3E1BB7F7918C4E92926FB + xor-digest = F69FE6EFBB4A6E65B517445069859EAC + A9C19FCB9C1771E75266E5B4C39019DB + E959AD97F2B8D7F1688FD0AC04AA7C2E + 602F28A63DEAA49A7BE1422B47CFBE00 + +Set 3, vector#135: + key = 8788898A8B8C8D8E8F90919293949596 + 9798999A9B9C9D9E9FA0A1A2A3A4A5A6 + IV = 00000000000000000000000000000000 + stream[0..63] = 3305344A71266B450B2CDEB049A048D2 + 6171B39A88C25CFC0821E4F4EFE378B0 + 702DA31652B5E1BAD9FF4C19C20BF329 + 639D5942DD2209DB1D1474B6A7B41B76 + stream[192..255] = BBD9714BF2C343B11DD7943DD8CDA8B4 + C6A913F1DBE21A0582B3FCFDE91B61A9 + 8863AAC17D07D8F98AE8E71BA5636251 + 49FAB3EA775D3C7735BFC732C3C42571 + stream[256..319] = 473F161607321838FEB9359B0006068F + 9D88B1A073DA14E60AAF1501F3A27350 + 53E3FCC794893257CC3C1D4E1E3CF609 + 975E865CA46C892823C838822AF0CD2B + stream[448..511] = 89F37A53F18778084307D0BB71E5712D + 32F0F3B7C2201D01D892F6BF6068E4B5 + 394995CE6BFACF08587ADA39CC647DAB + 9B12F5505055F372FDC4607F0355DBAF + xor-digest = C9E7E4A4D6782C02AAC4F47AF1D142AF + FAE569B755E880C6B8A5773EFC0E63D2 + 3D7A113738CDB1A0544175861401149C + 753D723CC1EF515A9323DDE4B4A765C8 + +Set 3, vector#144: + key = 909192939495969798999A9B9C9D9E9F + A0A1A2A3A4A5A6A7A8A9AAABACADAEAF + IV = 00000000000000000000000000000000 + stream[0..63] = B7954C45CF301CCAED3F1E7E77DCE45F + 2D41B3B1C1F28F0308B8AB4293B64A60 + AA7936DDF062613DC1C454033D2A40A5 + E99BD975A26185A7F419E7B337028FAC + stream[192..255] = 27AF957AC6C514514C24664AA0C9C23D + B1EE30950177389876FE4FF2E1739912 + A09E20A2098751049C8925334960A324 + 5ABB50F3D333587B67F153DB145B5F6C + stream[256..319] = D94FAF9FCB753E992B898178373A36D6 + 23C6BE2420AC2EA848130073F086164C + 9B4E69B024991FFA8FAE94E3C2FB16F9 + D747320A748DE9FAE4FE9E6A7E7D5659 + stream[448..511] = F664AFD3EDC0FAE88016C8A028E98D34 + A27843372C6BF8F51C7B49B94A11274A + 6A161D776E6C1FF05358F28426C3579E + 053B4137F8C4CAE07B994B80DA06DA27 + xor-digest = 521594487B583F5F71DA10E2316187F2 + 2A4885A69D522F82F7FD0D5F93F69B2A + 060EB60965AC010BC489B401F02C26E4 + FE3F82B83C964B4DB4E0E6BC2CE4B865 + +Set 3, vector#153: + key = 999A9B9C9D9E9FA0A1A2A3A4A5A6A7A8 + A9AAABACADAEAFB0B1B2B3B4B5B6B7B8 + IV = 00000000000000000000000000000000 + stream[0..63] = A5E320FF65811FF5E8934F3AC73B3733 + 77D3AC52446F64646946BFB8F6DEFE3A + 04E859DCCD9F421D2DF541F588B9C204 + A9846C7AA1C017D637D7C5E244602105 + stream[192..255] = BB16A9BDCA0D4BCA589A34F9278AE55D + 6A7711EC87563C9F394638041CBB0E40 + 4CD2149218D501D3B62421CBF81C6576 + FA659C2878839FCD6C8DD1BA38F46E6B + stream[256..319] = 58B4004C53EE64CD45BC4A1F11F700AF + 0EA5ED86C4BBC145C8F588B7F708427C + D2292D76329E4DB1F289DADA687B7784 + DABCCD29B8C464CE021856FD06554F76 + stream[448..511] = 1113D37AB2964AAE6586AEE1B060F0C1 + 02EB3AF048A59CB709792C9080183CFD + 2A1A47277F413F1219B5AAD7C8BC8079 + 246BD1D6F98C11997E4ED0F68E165D9C + xor-digest = 512F4852425DBF91234DA31986732CC3 + 1F9649A1965E22E18CF38979EE6D92B0 + 83333422A92F841C25F827782FD7BDB2 + 8F4B40AD5EE53C37192651A86F03A17E + +Set 3, vector#162: + key = A2A3A4A5A6A7A8A9AAABACADAEAFB0B1 + B2B3B4B5B6B7B8B9BABBBCBDBEBFC0C1 + IV = 00000000000000000000000000000000 + stream[0..63] = 96328CAA099502092359F397972568F8 + EE2FF1C4305EA06FFD8CC125CB10BE85 + 65EA30B621437AD4CF9CE731185720F2 + 0CFE17DD45E6361A8212EECB346D391F + stream[192..255] = 74F26B7A37D673DA0B78B38938C5C1EA + 2AC666612468F63B540EE7B17548F8BF + 60A9845BECCD7222620FDF7BE904FE24 + 7D2B7EA749C9590133CD6A218F6EF624 + stream[256..319] = 8F8AA7A4C64C3AEC5E85581C53E3FA64 + 22CEB927E370C7B0F98F038E7ACF4D05 + B54430D91B0A2CDC001BFDDDCD0081AF + 35B67E5BEE6B8E113F36E3B23CE29F57 + stream[448..511] = 53E20B4B90B2DDAB40DC30643AA5F539 + 70ADB65DD0B64CECF3D3B4C0567DC818 + 0362FE9CDF920526C59725AE861940A8 + A32C35382571F2FF20E7FBC504E1DF9D + xor-digest = 8C7C45F50A151D551E9EC81EDFDD5B2F + E676E14253FF38EBEA12395040643211 + 3254B0B7298AF77F8F9F4203B971EBC9 + B9850152A96C97BD4FA7BE8592670903 + +Set 3, vector#171: + key = ABACADAEAFB0B1B2B3B4B5B6B7B8B9BA + BBBCBDBEBFC0C1C2C3C4C5C6C7C8C9CA + IV = 00000000000000000000000000000000 + stream[0..63] = E8DBC8E5D18C5BB2B152A6AE9487AF35 + E2044F30EE8189659043923E579C70CD + 4A5590968600AAB0F021F7AF283D61B4 + 13C739DCFC22632E1F6CD553D4F21976 + stream[192..255] = 8675941731B385016430C9A157007EBB + E9BD8BBBEC44081C1F5E73C7E783AE90 + 1A7F56A20E5DECD1E94E1C92A07CD2B9 + 91619BC3358AB812D58E0B98EA288D03 + stream[256..319] = 8D09462E5B1154175513CE7FAE1AAE89 + EA2AFDFDF1B39D69FDF60B1954BF81E1 + 62F29468E07C251E2D174E9CE924A5F4 + 8A470D1808C68ECE534CC08204C5A2E6 + stream[448..511] = 60C5FD4C1831F0EFD70EFF86A5D38D96 + 2C402453561D0021A51F07D40A7D3B8A + DF455CE484E89437DFADC52A52741B80 + ED0EFA9AE4FC39659F8300AE9292B9CE + xor-digest = 12E57044A8E7F02EBF6912BB73836FFB + C4A2F47AE1B824AC97C1237B1B14DEFF + 12B5B87DF14A8B5B6C85C0481BD69DDB + FD76FA307F4C1F7D21E60C0BCFECD3E5 + +Set 3, vector#180: + key = B4B5B6B7B8B9BABBBCBDBEBFC0C1C2C3 + C4C5C6C7C8C9CACBCCCDCECFD0D1D2D3 + IV = 00000000000000000000000000000000 + stream[0..63] = 540980C2A3794C04B93696B90E48999D + ED8E1D3F4720918C80C95B9AC0E911F4 + 6593C4A920AB291D98891374EF286286 + 2386B5FE17654278EC413AAFF1C384DC + stream[192..255] = F3E036D7620669F851A1B58BCE57B079 + F5D75829EDA4E68C36F086CBF2E5DD78 + F7F30C1AD9E4CB3C01B7F2FBF53A8AFE + 957786B2D3E9CCFE7D6FB24397803BC0 + stream[256..319] = 1AADB95F07E6268BD82ECF3453DB5014 + 9745CCEEA9F1887B5F257594ABBFFF43 + C3187BD9A9FFBCCACEBD7A21FF90D18B + 57FCBAA64B8FECB56D5A7FE05BF03E3E + stream[448..511] = 4170D41CAC2A7AA5A3C9228BF386B9C5 + 57795DB5D1AE547A31C553F55DE02E6E + B69D76A984F4F1D84F29D5CB98190C01 + 441DEEFABDBFE405F22FFDE734D9497A + xor-digest = CE103B99AA95B51D2D6CC54A15833E34 + A11778F5E05BB7AB61505D473228069F + CB40015BCFDD3E1D0D5E1F832791C8DD + 3184273D1B4C67D800EF5FF004660440 + +Set 3, vector#189: + key = BDBEBFC0C1C2C3C4C5C6C7C8C9CACBCC + CDCECFD0D1D2D3D4D5D6D7D8D9DADBDC + IV = 00000000000000000000000000000000 + stream[0..63] = CA30678AC97B4591E287FF8B5E28A838 + 611D654A4EC592328039E3A1DFE90FAB + BA5A37133E821E0960520EEC850B6962 + B0378E77770681ACC0929D16DD260925 + stream[192..255] = 79FD1893EBF30CC2CA9C5AE92B0C063D + 894EAE4BD50BF462420081D1CAC57A5B + AA92E73D3B3CEA147E1F7127AE1F6FA8 + E9B302A068F26157C904E0AA7B7A072F + stream[256..319] = 6880FCE56677345CF1CFB2D38F890C15 + FE33D377922AE43348F5590B84426EC9 + 0DC2A3863136790EBB7BD9493D2F0808 + CA9287CF95AAF366A11D6E7A556FDB02 + stream[448..511] = F385299A7038DA8A90058C510727F3E4 + 524A2D95D217A1C199552753F253D45D + 81DA40431910DD54B619A15C5C302411 + 613D28D53493AD836251F0047FB911DC + xor-digest = F3D10E261AC596959B4AACBCF335D043 + FFF65E2651F046D300C19510E1677F1D + 45F287DFB8C17055A012C234B6EB04C5 + 76ED2EDE12DFFE6EBA4A39A64DDC573A + +Set 3, vector#198: + key = C6C7C8C9CACBCCCDCECFD0D1D2D3D4D5 + D6D7D8D9DADBDCDDDEDFE0E1E2E3E4E5 + IV = 00000000000000000000000000000000 + stream[0..63] = D5EC301FD496586D54D9B21FA23DECB2 + B25DCC0784BF77DE84898AF96023647B + F1618234A239F63FBF3478FD6EB79299 + 66BA9B670C64118444C95D31405873C9 + stream[192..255] = D455D37F435FD0FDD6E1EDF8BAC28D2E + DAF587F938C49A5F58C32CE8D5B8A4EB + 884B016E54277300D461FA21512E7695 + D2D7489A4560FC7A72A510219DF1C5C4 + stream[256..319] = A7B93D8B7787B6C8F80EDCE72D4D644F + 0C6400C3AD0443FDD19C3F3675083F4C + E5ED87032B1813DDFF758854C8D889A4 + 6FDC61C210058DB72D838A0913D80611 + stream[448..511] = 94232F4284F46DD2E7933F9635C26C48 + 6CB935031095777F59BDAECC4FDB4109 + 9037C38C91620586DE93B66EC7376502 + 6853B7390CA516B694583447DD863310 + xor-digest = 8596C088FA66361FD90A2132CE33FD52 + 34910610DB006D223B0574F21BF1CD4E + C282C67B24AF6DB0DB70BAFF65D5D8D2 + 1C3955D466EA2B49C5E8EB7E07475919 + +Set 3, vector#207: + key = CFD0D1D2D3D4D5D6D7D8D9DADBDCDDDE + DFE0E1E2E3E4E5E6E7E8E9EAEBECEDEE + IV = 00000000000000000000000000000000 + stream[0..63] = DBA2DF9ACC53C3EDBB566C28F689D7AA + EF631CB44EA91610A94685FBD862C9D9 + BFCF512BCECF36E035E2E577F6BF6EF9 + E4B0E7623E0DB23B10055677C7B9F857 + stream[192..255] = 8C78C9714577E497E3CDFE3ADE19F03F + D2DAA3211C1E9E5D9F21FD1ED696354A + B7552BFC7FC675FAFE7A739F6E60A839 + 547F8F15BA5EC6F75BB05606BBF209CC + stream[256..319] = B23F187B1BFB5A728BDBD78B75C3265B + B04C6B350A4DA4EB021D6191263F052B + CAE73E5776002FF05DEC3D341AA20D2C + FA523E6B92329A979BE06CF4F848A1B5 + stream[448..511] = 7E2ADEA91939388D36B3F97DC87C2A86 + BDE7BB4884C40D8A202964ECC7440987 + 1C64B03EAD0F46A3A1CD2CB935DCCD67 + 0B43292D5B852B7A1B3D1F853EF22EC7 + xor-digest = 1AC1E42C2DF9858537D0A1BE3B2AC094 + 54136E53AE56B006395969C7F999B2E2 + DE1DAE62740FF339DFC8769F67AEF352 + C4726B4AD4BAAEE56AB8C55FACE34860 + +Set 3, vector#216: + key = D8D9DADBDCDDDEDFE0E1E2E3E4E5E6E7 + E8E9EAEBECEDEEEFF0F1F2F3F4F5F6F7 + IV = 00000000000000000000000000000000 + stream[0..63] = BB00F8ECA9A10D2B137257E86B455DBD + F9A6A861F19533E38C3C9F54195AB803 + 171D35043FC9C4204AFC9A8E72EDA4CD + 60220B2EDDEBD5482D7833979C15B685 + stream[192..255] = 6CCE94C2BEBFD223AFB7AF1110F0F6C4 + 01AFC533BABD84F8C4A54E8A239A194B + B56E0CAFDCC59B9B5103471DCEB9F706 + 7801D79530B7CF40F2DEC73A169C7481 + stream[256..319] = 5144745E042B76A6B62E78C92FFC1C0E + E59979CE4B2E4B2CAFFDFCC5E75510A9 + 201E8A97A6A1729E35CA81D8645FC118 + 177DA5FACA0293B972AC0957C43BB1FD + stream[448..511] = DCF9B6116FA5EB9CFDBFC8C97EFD89B5 + 268C0D529141FC3C8262B8BE38E94973 + A21919D498FCC3896B0FB4CEB24D9E2A + F728003C36838638888FFF1D0D526B37 + xor-digest = 99EF8A7D0B8D08E976EFBAE56F7CAA91 + B1FFC7428EA56B7A697AA3B621AA8DBD + 52681C7A9A415049AFB6B7D8AABAD024 + 0F9C3112092816F4C69D36B1300ED3E6 + +Set 3, vector#225: + key = E1E2E3E4E5E6E7E8E9EAEBECEDEEEFF0 + F1F2F3F4F5F6F7F8F9FAFBFCFDFEFF00 + IV = 00000000000000000000000000000000 + stream[0..63] = E3DAA6E498609DDC5A31BC0B6ACC880B + 695097D2CE2D1FD162C7802DC0D00BE3 + C0126CF947CEDBA7833421D70A914BD6 + C33B0A77BE8BA10879D664F054C29302 + stream[192..255] = 0015EFCCDC554D042531FD570C6B26D9 + 059F4F4DA675BCD12C038E4A8D16737B + AAB0D7992340F4EE4324959E96930934 + 21234D41F56A995C928F82944B46BB19 + stream[256..319] = 8CE7098F4C64DF2E8A170DA3D02CD99E + 0169B99A261D1072FA116ED39244EDBE + 73EB9F1CDCF8CCDAA9E94C0DA9C6EDC5 + 426751AB8300836435BC6F727F793281 + stream[448..511] = ADF85AF30894BD0207DB4BF72D9DBAC9 + 144EF6B24E515D96475897EADE40A92C + 79B818499B8CC328859561D79D727423 + BA81055F3387608E56173AA27D286924 + xor-digest = F47ABED85910334919B5868D4531FC15 + 24D61CB16C23920750C73E2B08A4B5C8 + C621482F6D9F01EB59763C5F89AC1514 + F6CA4C40216D6385F304E9514B014C02 + +Set 3, vector#234: + key = EAEBECEDEEEFF0F1F2F3F4F5F6F7F8F9 + FAFBFCFDFEFF00010203040506070809 + IV = 00000000000000000000000000000000 + stream[0..63] = 4728A29A2F2BD276FDE176CF4A38BE65 + B84BDD41F065DAFEA8302334CEF92A5A + 306EF904DADFE92E3E975EF9EEC9B3C8 + 4AFC167545A0CFCCB6B1CA688967D8EE + stream[192..255] = 734153A78089B6E6EC0F520D39BC3FAA + E1DBAD30CBDA32395E51E500CE4E118E + 23BC8CFDB08D443F1932EDEC52CDF3E2 + 1D021DB791A56A7C16FDA02912FE744C + stream[256..319] = C511914A4BD9B29488B7FB1E62DBF905 + 01C0D85C5A238448065C188F0A4134CF + 6A1FE1DAE57DB8BDF89FBF7FA66F3E32 + 14CC9658DB292E4562A1761B9EA77570 + stream[448..511] = 946944DF8E41BD585723CA1C03909E01 + 783617D9D1129220ADAE7E5487AF4B54 + FF6593B37BB77AB0025C28727AE5933E + E3873824E46F2209D26936FC5566B21C + xor-digest = 34E04FBDE6E3DF6EE14BD179226D51B0 + 1513510665589CB794C0C08391FA5929 + 37B390E86BB4A72D427F58A1EFE10F6F + D8A14A6F38ADE34331C8AC6AECA5DAB3 + +Set 3, vector#243: + key = F3F4F5F6F7F8F9FAFBFCFDFEFF000102 + 030405060708090A0B0C0D0E0F101112 + IV = 00000000000000000000000000000000 + stream[0..63] = 2AC7F22D838F68107877E90869F98797 + 493171C8A5EC2E51D536A1578659DC16 + BB2F644C290B0F006BFE3FA0FE0CE917 + D32E94643848867B230270F54D0037B5 + stream[192..255] = D21F7FE6E368989CC75E8D9080579385 + E31680302BA8B9B2F56984FD49B01F4A + DD36AE4A28EBE23B5567BF5A539E2621 + 1AA8588507916CCB572611C352E73E42 + stream[256..319] = 25823586A7212D44811C75023193864D + 85DFA17EB7D5A34BD1CDD3260B5D53A5 + 56EE2E2A06F84E95CC7323379FB924E9 + 9E1A3F724F8C480A1F40B2C4A6FCD433 + stream[448..511] = C1DA25F3B4FBF8B2917103E6274FAE81 + A5BF4086A161A7786BBD5A33662E48AD + 6EB9A944CCA57C51AE266BAF756EA506 + AE077AF0AD8B577A5A02F5563FEBA2DF + xor-digest = 6176BC64072356BDF719676CD2ACF288 + CE2DC1272ED9C4685A5CBB7327669724 + DC8BB64BEBA04564A7879F7B9AD5A936 + C4BC1AA4007A0F85A5B5B945B418BC61 + +Set 3, vector#252: + key = FCFDFEFF000102030405060708090A0B + 0C0D0E0F101112131415161718191A1B + IV = 00000000000000000000000000000000 + stream[0..63] = 0854D9B674256934E204484C6D59668E + 1C94891FEAF6E08A92038E41EBA38292 + D19FDBF852400123237BD7DA620767D3 + 43C2FAAEB08A394EFD1E7C1A3776B1A7 + stream[192..255] = 4BBDDBE675E0F9D7DE0BC1B0E0C64FE4 + 52F95ADE61D5CF2EB805894B3CC3285E + 6C6AAB72DAFF826D945B05FC4D4A6BF9 + 37B352262AC12B7E6F92D5FBC4ABDA05 + stream[256..319] = 7BD11CF4273EA16E01154EF9615B88D9 + C52535D2F0C7FD394D94AA7EE542B448 + 9A046F2625011EE75F874641D1C5A709 + B7FD1DDDCCB2A6F1A47B65361A9B0D6F + stream[448..511] = 0AB902B571D11B5F2F24CDC7616143F8 + 45E7DF2050B263D7A841DA170E17C00B + 4A20221D7ACCDCB0E131108D94D903FD + 7E2F7988445A7DB54F653186D69F3CCC + xor-digest = 1266CF54E8BFFC95F1CD3C532BD8EAE3 + BF000577A811DA58A41AAD9164CCDEFC + 401C1B6BD2BDD9E992707718A9802B55 + 33D7A8F490DF116FBCD8C85E9B580487 + +Test vectors -- set 4 +===================== + +Set 4, vector# 0: + key = 0053A6F94C9FF24598EB3E91E4378ADD + 3083D6297CCF2275C81B6EC11467BA0D + IV = 00000000000000000000000000000000 + stream[0..63] = 1C43EFA7A2CA90F5E8F9A4F09D4C9077 + D5ABD79341FD75BB2DF9F13CA0B1CD6E + 065FA86938D971D8FAC8A3C34D08CA2D + 1BA08BE56D633951BD0338A227321CAF + stream[65472..65535] = 428908B703282E38E1BFDE62C6B0D8A1 + BD2AB1F5117C85703E9B656FDEAD2660 + 4B7B8EAAE16423A3BFE542AB13748DC8 + 35D81F981CD344015E0DF47BD180541A + stream[65536..65599] = 9D6D72F46C846D9BBF3AEEB463B9EF42 + F84915D664A20FB78AD94B61FEB7D63E + 5411A81D1E8F32BE3044E109C68B9EB5 + EC0BF180EF18BF3191D933F86045036B + stream[131008..131071] = E462CD92492726928381769FF205DC17 + AE7D31E1B82810F3CCB541B58C5F58D1 + 38DB708C5F5BF07A0432868A1AA40A07 + 601FCD1A07DE3071E8CE082833F0B02D + xor-digest = CDCA2F92BF75499E49B586BDA7D9306C + 12F111D1A9F183A83B5A07549D5F976E + 815F96BD716CCAC7178282CA8BEFF4F5 + 85DAFA9BDDDF8E6420DFDBA2573F0494 + +Set 4, vector# 1: + key = 0558ABFE51A4F74A9DF04396E93C8FE2 + 3588DB2E81D4277ACD2073C6196CBF12 + IV = 00000000000000000000000000000000 + stream[0..63] = 4F7D4E56036A57A303A9C7D978290216 + 297AC26C187E4F07678EC0069C34F93E + 072D734DBA239D81E566D1E6DCD09B5C + A132714291631C227E391EC0385A3A64 + stream[65472..65535] = C508DDD76C070F712FABA944BCB0F5CE + EB645825C520197867623ED5263E22B5 + 6270F0A878AC7FE03145DD2BF528E1AD + 784086FEFAA0D82F0F3571CEEDD3341B + stream[65536..65599] = B10CF49FE9266BBCA007C8DB526E760E + 79AA4D6A3B29FE82B8698C732FBB81AD + 1A27B2AEB06D05F3CF17E875BC0BBAC5 + 67762275EE650D03F62B29529F3C3E23 + stream[131008..131071] = 42B4F20EBAFB2C792006BD163064EC7C + F363DD996CDF839CCE61E739C3817B4E + 36D311A4C94C7918E82F5158D3A75844 + A5603742E33D7FC3AF018660E6B1185C + xor-digest = FB3EDA7C75E0AACEDD95B625F7EEDA62 + 3DDC94983A9B084645253C0BC72FBF9A + 67072228194F96C1E81004CB438D6381 + A5C7E9E7D134FB8B67DEF27462AD3335 + +Set 4, vector# 2: + key = 0A5DB00356A9FC4FA2F5489BEE4194E7 + 3A8DE03386D92C7FD22578CB1E71C417 + IV = 00000000000000000000000000000000 + stream[0..63] = 23DE914D641DC0DCB4F818C687803858 + A6673E284F8323787756DAC9352BE031 + 28BC6149A59785F6AADF92FC68761E8A + 862AEDF29E851BF5422A83EE5EABFEE3 + stream[65472..65535] = D12E0C470A955DDAA7E851F43DA35B08 + 15D442DBBEDEECE3ADE18FABF08B4443 + 77ACFE9F138F8725CEA27B0F0ECCB4E2 + E5D6E476F88CAB4743E8E43CE2D48F4B + stream[65536..65599] = 26635796620003DE67406BF741B93D68 + 318F9A23FE823B2374E8BD8008EDD7BE + 2F750707A3835BBA7DAC45E06537DF8E + 53DFCDB928EA34CC08D2841FE3E492C3 + stream[131008..131071] = D3DFCE281FDC69F7800E765CB0B33D78 + 8BBDC17DFD11F929295C26AB7ECF21B6 + 7D4B4EFCC18ECDB8134175A7F198EB12 + F7913DAF22D73A4139D5B807C18310A9 + xor-digest = BB2C8E7BB894DEFD1D5A7D37C01E8EE5 + FD4E052CDF1DDF5FDA90C9818DE71B3E + 34392EC3858ADF718F463808ABF841B6 + 90F49D35A51BE5067B162E72D0101F97 + +Set 4, vector# 3: + key = 0F62B5085BAE0154A7FA4DA0F34699EC + 3F92E5388BDE3184D72A7DD02376C91C + IV = 00000000000000000000000000000000 + stream[0..63] = 818C35D2FD72D12115F91BFD32F843E7 + ED4D7110D1ADF517226BE797E037AF93 + C190025A5E82FA0341667D68FC09E238 + 49D5A7A9526CA142D60F71C3AEE3A106 + stream[65472..65535] = F011E9CEE99D94BDD4484408A0FF91DE + EFDC8D8C04ED2B86C51F21058E912C11 + F19890E174018308962F5827D2FC1E2B + 82BA65688C111AAB5C749D8ABAEC022C + stream[65536..65599] = EC2EF21014AACB6215083F784E3ED65D + 774124FE60188930E1A90405EAFC8F1C + E75D54AA7D81400E026D799CE06EF532 + 8002BCF5A10D43E6FB6F80A9D72634E1 + stream[131008..131071] = 80BC6F7F6B0A7A357F770E7690D94A9D + B8CBA32EA36E124FDCC66ECE8786F95C + 22263F09645864087FF4AF97944A226A + CB63DAD316F8CFEF96504AD306C512BE + xor-digest = CB8D4C35D79CCF1D741B9DA09EDA305F + 5FA43F9AE9D0E1F576D5C59AFB8471F9 + 7822C6ACAA197FF01347E397C0382195 + 865AFAF5F1690B373AA2603C39A13CC0 + +Test vectors -- set 5 +===================== + +Set 5, vector# 0: + key = 00000000000000000000000000000000 + 00000000000000000000000000000000 + IV = 80000000000000000000000000000000 + stream[0..63] = 04740F92C2470701F289669A25BF9092 + EB4212FEACF66DAB6B1D520977945F8C + 6D350BF26A1CA35EB37FA53B0BA2CBF6 + 6AC07A8C75D494B4B8281CFBAD4937BF + stream[192..255] = 5E47F5F506AA34E7D296C6911FCD3D43 + 31A032269214ECEFDDB492C47A51C4B4 + DE9EF0A63A6EB32AF1DF1C5576A93F19 + 02B7BB89F10D8C7CDFF9C097D3D49148 + stream[256..319] = 015494CB3CC9BDE8A2981B25C06DD18B + 52FA7B94CBE24C152FC60762290329C9 + E58C4E5148585F417733737059E310D9 + 309D0CEF48D2F1589994657A081BA6D7 + stream[448..511] = 3B67C1B37D96E1076595660D61340EC8 + DDE8F492134270951D9D4B260C8E2254 + A7FE8C10DE837A617A8E261FBBF42259 + C636B3DEEA0F373FE7C2CA2B01EE3FC3 + xor-digest = A8CC89F06815EFF6A91CA276BEBA7F41 + 75F842F85BEAE99F4335A3B85FB28394 + 8B7EE3C659274C6B784035B94886BF9A + 5C1483941B20170EE3A374E39006C09B + +Set 5, vector# 9: + key = 00000000000000000000000000000000 + 00000000000000000000000000000000 + IV = 00400000000000000000000000000000 + stream[0..63] = C25BA6DE4C87FE5360BCDEF864F3F778 + 598A6A584325D5E6C44EEA4464D7580C + 9B8D42B5B3634F739D6A53D15FA41070 + D1DD4621BF87F53F42107618D9742FD4 + stream[192..255] = 4A3808B0619C9D94E19F3AEA0BEF3839 + 21D7E2BED05F1128A82D9DC010654ECF + 65199A645606CC44FDAE763694E6757F + 8FF864CBE4204D45102E465F16CAB8EC + stream[256..319] = 3097394E0CD0A9DAA28EA873566E42A8 + 710C28366C2B41B6BF6687D881094676 + 9970A5BA54D28D7BF772C4FED13A9F5C + 6E7AD3F6948667D6C2DF981955F73293 + stream[448..511] = E685BC2ACD3A67791416E78699C83D31 + 852EBCB1C1AF71B926D9161CB6D894BC + 8C5E85C7E30A0896369BAE50C1112D4C + CC583E44A8275F44B7ED140E9721C7F8 + xor-digest = D9B51AAF4A9B75508FCD02443EFE2267 + 1148C73264776B5513860BCE8547370B + 2BA66E82CCDB15F3DEB0F0728411B765 + 1A098C23202745C19B045C58AB196309 + +Set 5, vector# 18: + key = 00000000000000000000000000000000 + 00000000000000000000000000000000 + IV = 00002000000000000000000000000000 + stream[0..63] = EE43BB5B79EAFB54B823DE95B71F3BD2 + F2A7CBB6D28E9BED590C20A2C52F9B2C + 74EEB9A1A48474D5DA4964EEE0BB98E4 + 88030E213A4482BD1A8CAD4CF8A962CB + stream[192..255] = 150C4D68BF29DD27A2E6FFDFBD6984F4 + 3AB56AACC08AC0C0149008F0882292EC + A5359CCF4C257ADD4FC535E41D6F67CA + E5210068F77A5D5F32A23B17F79EB7A5 + stream[256..319] = FEA319287C29AB84585D4BF38DCFA71F + A36253AD7F4BF58398731713614D0047 + F85A465C6915E05232A5FE5AE7A559EC + 42733403ECF6B11E4D5E8F4A8288A3E3 + stream[448..511] = 79CE66DD3F77D40889906EAB1F671B2F + 98D9FBF8693C1EAFC89D19209408F3B2 + 7CD83CB3B9F33151DD4A8D79911255FD + 3CCBA14918744B0ACB93A5F96AC9AB38 + xor-digest = E1E3F49B342F873263F585EC34969176 + 2CC46C17FDEE0B32224BB77A8EC82A87 + 816DC612439E998476F50E876481EE6C + B32ADBCF6A5D50FA16355AF63AA30D66 + +Set 5, vector# 27: + key = 00000000000000000000000000000000 + 00000000000000000000000000000000 + IV = 00000010000000000000000000000000 + stream[0..63] = FB8F4925A4F922119A6F29F8DDC2338C + 0AEF333B55919AF0D0D9B1DB61BA2E5E + 4CFB394E15F6A78E01B5C4AB043225FD + 9C8F50AB1BFDB16F944C2660995AA4DE + stream[192..255] = 87767D451D81D5B40503913508C2448B + 7CC093982642089843D7D9C3DA05598F + 7AEFC5B70ECCE327B20658D6301F4D6B + E58FA5CE0525C9CE8E93FC0B387AE5C6 + stream[256..319] = D146E4312CC11F11916ED9FF8EA8ABCD + E0736DDD0A8AF3E067CDED397E429D30 + 8F2DBF848C5C1653EA969B608CE01275 + 53573C88DDD32937EF6F8B0864C581B4 + stream[448..511] = CE919096A83BF3702D8899787DA7BC23 + 43F1F10833F16E3EB467440B4921BA1D + 96845B6B4141E1CA85364E2D508456A0 + E399DD048E72685389FD7EF3F78B655F + xor-digest = 00333EC3A59AD0B8FCA054A08340BF91 + 906512917E72BED76BEFFE29FC011632 + 082CDCB1A656FB817F968E26063279CC + ABA796307912984BFC267325DB84F621 + +Set 5, vector# 36: + key = 00000000000000000000000000000000 + 00000000000000000000000000000000 + IV = 00000000080000000000000000000000 + stream[0..63] = 202723F8212AB20D9369C2E1EEF8553D + C468854873D04FDD32641E324DCB4EE0 + 883AC1D40D7C9C7783DF4132093724DA + 113B1CB12144E00509FD5D36957A4E1A + stream[192..255] = E6717FE0A77F9043607A1A7665716225 + C8D417FFE2CD7572083C7C552B79DB6F + ABEBBC2D4D36AB319407982187C248F4 + 83596AC071C0B0CED08686603B024E7B + stream[256..319] = 8C59D97F7A093EA2D0AB890923AE4DBD + D40C33508838A3966FBA360E776670C4 + DEED8BC8CA57592463781550BCFD1E28 + 818E7C33A3AEC43775ED0A984044E9D8 + stream[448..511] = 0A3DC66754E02423C6EC1C1DD26CE11E + FD70C386729C8290DF358C69087CA7DF + D11F5E0D37A313F74B09F29C552CAC0A + 5621556828B0145A6A1D43F563AFF672 + xor-digest = 6673BA5866E8E96FB48FAC88D307079E + 77AC03692B23070EB5BB9D04FA94B9C9 + 6C2F958E834DEB51C6ADCE432BFB9632 + 9B3151E0A89EB72019A4522233B8FFE2 + +Set 5, vector# 45: + key = 00000000000000000000000000000000 + 00000000000000000000000000000000 + IV = 00000000000400000000000000000000 + stream[0..63] = 95AE241C4E9B6690C319D1FD828BE454 + 52F18F061C1B1E13AA409829E194D70C + AD5BBACA2738B508A5398DF6C2552497 + 6D143DF0405F68037C285A0E19FEC9CC + stream[192..255] = C0E2D5C6B614E4A498F46D5399DCE7EB + 7DFAFAC62794F5C39864C521B8DB574C + 149E35D1F0EA36EA7F24EF8FD855FDCB + 9CCC79F1ABB13EC33E00A9E137809C05 + stream[256..319] = 285907400C1A86AA9942ABD7BEA8EEC8 + BB6AF2F9667D424C1DD56349C99FC65E + 8A00893AE529D7BA492089EB6B525964 + E9CAF15221A342C4F88697D818AC0F1A + stream[448..511] = 13D511737F3A092643E94E74F6C76241 + 0007158FEF40C63B33E10360FFB3B152 + 8BD8B33093D722BDCAC1FA99D16D1C27 + 6E59E428601F256542BD3E7A4A135152 + xor-digest = 1D1352487AB5081A28DF23B1B19D5ED1 + 192F08964E4C0F048AFA9CAA8BF17185 + D7B97AD6003E2FD2DCCAD492FF3FBE5A + 5CD7AAC627DFE7CC6D0972D423B67128 + +Set 5, vector# 54: + key = 00000000000000000000000000000000 + 00000000000000000000000000000000 + IV = 00000000000002000000000000000000 + stream[0..63] = ECA0F29C3F5C4D62ACBD601C3042673F + 6F8B17C946FE8FEEEB0089059765F067 + 5AF3E5DADF6DECDA20F72AF486E7E967 + 40B2DBF22B57FCCDFE571B2D8989C95B + stream[192..255] = D2BDF6ED912478A3C53713389C9DFA5A + 9272D030543295E8CF6F0929F1A56041 + EA22BD04E0DD810F43D9D28D94254F04 + F73DFF3B766DB55100EFC9697FA844C7 + stream[256..319] = C7CE1CD4D8C42FA36724A49107A78630 + A60E15673A42C57B609740EC8DE78EE0 + B48F2644DC0DD1E80FB8326DDBCC7191 + 5E6C8DEEFCCB1FBE1456532840A89DB6 + stream[448..511] = 337650A0B03D30C9697CE85449B0F995 + 668FB2B73E37E1A550E07632F9F5AA3B + 04D61AC41F8A830299FB8F70FAA0419A + 42C4589D71C965DDB3A9D000667616AA + xor-digest = 7A26C50BA37BD9F38281FD2DA3CC14F2 + E1FFEEC9D7776E87D99053B531EEF792 + 0C0BF834EA9A0065AF38422A40A31BEF + AFAA17AD565F685BD6E505C7E02FB895 + +Set 5, vector# 63: + key = 00000000000000000000000000000000 + 00000000000000000000000000000000 + IV = 00000000000000010000000000000000 + stream[0..63] = 567919917583CE03DBDA69907CBAE562 + 107FBBABB4DFC81A3A15438C94AC0C28 + 8CC35A91DED9A79ADF4EF2670A55699C + 000994EF33674B578F5D77928A43416F + stream[192..255] = 13D0EC5B7302C0D8AB329E7AADFC3FDE + 1D24A80B751948C4BCEF516D94DF7AB2 + 2B1D9E076BBFE367CBED341B2A5A3BA2 + D48735F83855460F9D9953279BFC2AA8 + stream[256..319] = 5EFFE922E2FE25410E8050A973C3FAE2 + EE372E9686B6E7B35294B52A579CDB43 + 9D5CA7F1EABFEB4303DFD7DFBCC812DB + 9D70CD0698D1ED051E1E32C855EB39EE + stream[448..511] = 91A01C0EF63716515DB8B71273CA4399 + 1654AAEF2AFD4DEF25E21A08D5385766 + D8C29514065FFF00B07DCB32D1A20830 + 3C3402963EF252A4CAF5CA31A50BE591 + xor-digest = 9232F83FB054098FBED8474939476CEA + 5E9FC269E7B248E56B14F56CB396BE74 + C2B2203D1802D9515EEE232FD612FE21 + 11C291A46A89D54B2E5437E643239636 + +Set 5, vector# 72: + key = 00000000000000000000000000000000 + 00000000000000000000000000000000 + IV = 00000000000000000080000000000000 + stream[0..63] = 507958BFA08EB41F4D18F519E36FC476 + 5BB8DC6CFCA36290CE9AB8B165D7AF72 + CBF49DCF8BA2D145D7935EDD2CD2242A + 7B7FCCB85B4C8625532D84B4BC602515 + stream[192..255] = B2B06A7C3977D4A1A39892E832A32A55 + 3EE6E52DB24DC453835893A55D0FF3A2 + 949B8B96688237E13DBBB2D0C9038AFE + 8B9D18CCAF62019ACB908499D292F280 + stream[256..319] = 1D28AADF7B262A1EEEC11D39F4325CAA + 6181F9FA1A6C65F3BEF4F1614B0DF599 + EC92E5B6B42A931352965CFFC025F68F + DB2D6D0181F259F12989E5FB23ADAE8E + stream[448..511] = F60E3DAD5004E31F6DC89292ECF517F1 + CD18AF7E79E775334F4644A09346AAF0 + F2B4F5C1DD03555A6D27C43AE53EA7BC + 7167F793190071C7AB7B5330A6C6CAD0 + xor-digest = 5A65D44021E67626E62FE87B8547210E + F736490C0D51485A8EF0E1CCBB512DC6 + 0FC18114A29AF923EE3E85655771D6C0 + 7CFE342A52190C540BE3409853F12065 + +Set 5, vector# 81: + key = 00000000000000000000000000000000 + 00000000000000000000000000000000 + IV = 00000000000000000000400000000000 + stream[0..63] = 2416B634134170CB4F67F431BC94612B + 5F2F72545DAED2356081C91A26554614 + 5FF2526D8D8FC7D02D8BCDD9AE03187A + 9E404C360E115CE949667987AC73624F + stream[192..255] = 4D456233EC7E761891A56BF9F9659533 + 22375C169D7F16DD81D8D69B12092F47 + 09703B85AA3184827935B60C1E5987A3 + C4C2EDFEAD4F777B53989C469B575EB4 + stream[256..319] = 5F9CDDCBE09CD759B346AAADA2436887 + 0D47BD8859CB9225B61AD9F99197FB14 + B5D625F5DBE0955DCBAA5B874A7C89C0 + 07BF926AEE571CCD7E20635ED4FF312C + stream[448..511] = 642391D8851A9BDBDCA37B9587D5D0A4 + 877EDEC31D6EB78AA3F1E068B0ECE877 + D83EA29906D0C0816EDF7EC5BB417A3E + F3DDAA2145CB37CEEAF8C07DDEE0AAD9 + xor-digest = DF93E4E01EA55D18AB8AB1A927A5B5AE + 9ACB871B7493DC283581262771852013 + EE54288580A03B3991126BE8BC20C5D2 + 230F00D8216CFB632271750F4FD2595A + +Set 5, vector# 90: + key = 00000000000000000000000000000000 + 00000000000000000000000000000000 + IV = 00000000000000000000002000000000 + stream[0..63] = 4981C83E26859DEDB32D84C7BE32830E + 784376A12FA6D0077D4CB47ECBA08A92 + C841D45D6CDAA3F1FB48C6FE747B0F67 + 1B32C2B35BE69497737FE4B98770DEE9 + stream[192..255] = 1FA51FFD0360615EFEB03042AE8E4210 + D3D38B4EF07536BAFE43C0585818F012 + 8F8B3F8CA8DADBDF049688253066C74B + 01849C5BD85DCE27C0138D24E8B8B198 + stream[256..319] = 2D8C58008EE94CFEA1EC545C26466D39 + D7BFD5B226E32F1270B5BD3677818B7E + CFD98BDEA26488248B10418C1F854159 + 8F42C6CC237885A1DEAC5C33F22C27CD + stream[448..511] = 94502058B5828AE4F4CDC0516E5B5143 + 1F07EE1ECAD7CA266C931327BE6BF1B7 + A34810220CE00497D7BB9600FC524999 + CDEB6DDE8919B03064EB56B3766DAFCB + xor-digest = 1DEDBE0B7B6099DCF285B3C30E91AA0F + 7859496E034A1EA1AAE3D3D13C2061C6 + 0878E595B63D849B7DB77BE7E0C08157 + 94232B645BE946E5D8278B14427172AD + +Set 5, vector# 99: + key = 00000000000000000000000000000000 + 00000000000000000000000000000000 + IV = 00000000000000000000000010000000 + stream[0..63] = B84C72BF69B601FB1804CE333C5A2C19 + 25BC8A5877DF9E574295380611D03FD2 + 46D2EBB58CC6E918F4DB1B1A0E39642B + D6B39DC76764E18108497E4CC4394057 + stream[192..255] = AA84DF8195B3F7564D0715517476085D + 1B40511A72340DFEAE5134C7BB8F39CE + 03E6EE15217986C7E4788453EF054027 + 8CBF6336073092EF661C13C7EA8B4850 + stream[256..319] = A7F0C413EE143F55C6356519AE620A9F + 4CEF8432C51E2677EB5D700CE333F314 + ACA374D86A8FD4A67BDC31C1B0DA2AB1 + B20E6DB91E7F85DC13E348314A4FC782 + stream[448..511] = 3445E08F13D09A1AC09EEB65451F4504 + 0AFFDE94F6C2667BC4D8FCBECD6C6565 + F09FD05EC660DD38307F856AACC95549 + AEBCF31B3FBE84FFB3261D7FEF7A3379 + xor-digest = 360199B22EB28401FB4F621E37800801 + FE69C809D83BE29A50FD1A476B6AAF02 + 54B1F4B048CB6423182C390B8EDFF1FD + 9CE49C26727F0D68EB837C19F58F3F42 + +Set 5, vector#108: + key = 00000000000000000000000000000000 + 00000000000000000000000000000000 + IV = 00000000000000000000000000080000 + stream[0..63] = BC618F4A557E5B7CB75B3572FFC31CD8 + 4DB96FD22E281C198DD33B5E9E419099 + BE30E84ED61C0EDEC04B1E16E06B40E2 + 372E0EA1A48DC55BFBFBE3355B566AB9 + stream[192..255] = 33372015C7E5749D98A92CC55CC22206 + 90BEC9878D3CA0AC50765D0B4457CE50 + 9BCE196BF0388599E692B99EA8169474 + 546F10891A3FCE22DFF0AF9733C2A2EE + stream[256..319] = 382684F74B0F02F7B987D37F6BAD97F4 + 20B4811FFC744CBB9F00C2855A609FC7 + 7CD24D0137304B95217E25FF45AFA4CF + 28E4335D29DA392D26DBD341A44C082A + stream[448..511] = B0B2B619708435C5DB45FFADD2FE4449 + E603FA9785E1F521E364DEA0B127F72F + 6C8A956CAF2AC9ABCE9772ECC58D3E36 + 2E758BDE3678D4F4C9804CAF11129BE4 + xor-digest = 80FC64E2441F6CA9C0F4C207007FD0E2 + 5F1C0514D203A1B01A6EEFD1055CA355 + 0174FAAD47ED0956A736A9404164ED85 + CBEB31F80561AAFC4ED8EDC9829D83A9 + +Set 5, vector#117: + key = 00000000000000000000000000000000 + 00000000000000000000000000000000 + IV = 00000000000000000000000000000400 + stream[0..63] = 69FEF0D5DD7CFA6590821B6C12E239E3 + 5DCDE7B218A66CF3C75ED278092A6228 + 143EC00BC16DC2FDB8CD9DDBD802AB56 + A4011F6A8CF432F2D34657AB84DEFA4C + stream[192..255] = 312EBF427B3D22A22EE1F85D89E12AE7 + 07160C9BBF4073E538171365290B499B + 8904B01801CC897FF09A520449A44D0D + 34622DB8477EF1E73DCF15417478FA03 + stream[256..319] = 83CF222FDBEB77FFC6E282C1212D8D1E + 014865E9C1251FC07E901A41A50A3AF9 + F8E130394F621B739578C7E238866431 + 10827799C75F08C47664B09B477F31A8 + stream[448..511] = 4130A8F8015F082EE8712B6D61178CAE + B1D3CF90AC2DB9F2D402F65E8395DE95 + DA0605E8540E553CFFBD029AD5BA8FB7 + 5950C2FB29097E13ED4A1B1818E0D07D + xor-digest = 21FA07F8AA2FBC12F5B2B14E034C2AB4 + 54D7D8DA66EB0308D9AB024DBFA414B3 + 38F36D188D33C71E888FFE1A6AC620CD + 55B33C1A146AB8FD275584589BD65606 + +Set 5, vector#126: + key = 00000000000000000000000000000000 + 00000000000000000000000000000000 + IV = 00000000000000000000000000000002 + stream[0..63] = 0CF41A77C30118D0931FF3142132A627 + 7A778D3BCF7466EFE56238B166A57043 + 2DB3B222523330233F81836282A27B40 + F6823BD076D84DC3B831DD78828F0FD5 + stream[192..255] = 38A0C28325566FBAEF5AB3D50D54F407 + 91182DEF4FC945992AA0D62134451914 + F07F16E86E20DB119692966E6CD6165B + 79BE7CE6C45D1248F2E0432393BFA726 + stream[256..319] = DE91DACF57B176EF6E59E485DF02A20E + 3A4EE5FF44B1AA3D7F36265221CC71EB + FB9565AA4F269B7DBF3CB9631CCBAAA4 + BBBB6BFABB97E52954958D4E7A283F20 + stream[448..511] = 8FFDC8CCBF864721D6C98E1896FA052D + 15141D9C3DFEB48AE91B2436C5C3D088 + 931470CE951B66C38998F15CF23BED01 + F6D95D84150D482C0C289A8E5B2C7C10 + xor-digest = 03DA7ADC3E5931928D3FD89E1E0876AF + 9D4CE659175E671D6D80EEA78F241AB2 + 86CE3C26DAE267D91DB556AE0CAA60E0 + 2B481282E6470A7A161AC8E84C2311EB + +Test vectors -- set 6 +===================== + +Set 6, vector# 0: + key = 0053A6F94C9FF24598EB3E91E4378ADD + 3083D6297CCF2275C81B6EC11467BA0D + IV = 0D74DB42A91077DE45AC137AE148AF16 + stream[0..63] = 544B400E28A1A4D9E30A3E5BCB5C9FA5 + CA066389C693177C4FC721937D0DA5FC + AABF39ED84E1FAD63ADD0C9A86749ED9 + 86759F8ACD0A5AF2E17B4E3CD5831B44 + stream[65472..65535] = 6D2242273AEDC611159912EE0EC5D023 + 44498AB4F513AAFB96E8C240C1F13B12 + EFABCDAD424200A53017DA7D34E9AB86 + 9D099D239AFB45D067BF94A92E7D1007 + stream[65536..65599] = 403105F52BF3456E08C2C698505E2639 + 4594A257DC6BCF7E26A9AE184CDC8952 + C34D29E116809C91DCEF4B0FE57D87DD + 9385BF387732E49E265E67BDCB138D53 + stream[131008..131071] = 86758A037E90380C2DF4DB0A7E13A115 + C0F83A664D5B6270306ED5B9A445D612 + DD0F9300603362F2574D8E262650D539 + 708E2FB5D2CFABD3F365E23783271D2A + xor-digest = 8513C47FCA708D9B3CECFEE6BEA39154 + 1843C72A2BB767C926EEADB4D3708537 + B24A36FBF20273487B312095D6C6D866 + C61B0E56F71029E7F71FD091D65C6CB8 + +Set 6, vector# 1: + key = 0558ABFE51A4F74A9DF04396E93C8FE2 + 3588DB2E81D4277ACD2073C6196CBF12 + IV = 167DE44BB21980E74EB51C83EA51B81F + stream[0..63] = 2C832BE30736D5F5514EA4A748E30EB6 + 57F418886DF2E25A739E13B6C1B24736 + 96B44CC2B3A054CE4E6D9817BCE6BE97 + E77D0B984C0F039329ADB559266270F8 + stream[65472..65535] = FD7637AC01D2FFBB5AA389D6E9EE4E39 + 4E81AF774491678E7A0181B1AD063B22 + 6CD1703ADE35B17F1A8D4E8B6E0E0138 + 66A75498C93A19ED37DC0398B61573C3 + stream[65536..65599] = 318AA03B81B6C5C334E80811384A07F6 + BB7D0AB3FBAA1ED873BA2E01F920C1EA + FF35AAB02AE0D4F9612E8171BFE63755 + 421ECDB540189C2A10027D4199E35959 + stream[131008..131071] = 7F688C0421F127D0CF5B773AA1B27A74 + 0ACA0254CABEE4095809FA854A06D746 + AA06E56EE3A6AB471F4C46B0528B5D94 + BBB9E3BB989E01FE459F3190E2942FF7 + xor-digest = 97D161DDF9E98C70E6B63BD4DA8629FA + BA4ACDF112E28FA029DA508F1709E977 + F57F3942997822020307071636BFBEE1 + AC7E3D9C97717474A8092576536DD8DC + +Set 6, vector# 2: + key = 0A5DB00356A9FC4FA2F5489BEE4194E7 + 3A8DE03386D92C7FD22578CB1E71C417 + IV = 1F86ED54BB2289F057BE258CF35AC128 + stream[0..63] = 31B2E5B938120CA131A0635F2A471710 + CDCB494678339BFC7710746BBCDF2700 + A0286EA735766D17E9FA270C63AC1C4F + 405101CAAFACD6C2BC4306E37E9516C3 + stream[65472..65535] = E5AD2ACAE7BF99837475EFEB7C8F327C + 55811CDE424E7A5AFE33086CAFB6A63E + 6607C005DFDB8DB13181CD3FF8584823 + F0D6EC38083DFC3C7A8140DEB47372B8 + stream[65536..65599] = 662728BE1DA1099208BE1BDBE7E5F28E + 8E2F112E527D2F48E2C9AF565729524A + 175A37A38F5CBB1761D21E907CC62BFC + B3A4ADA96EEA24624C501D237F461E93 + stream[131008..131071] = 609AD32104EC8FB79D91299D3B3B2942 + 3E09F451597C0BBA26FA2FE97B9B3BD8 + 0A8907A8236E245E8BA2332C6D027F66 + 12DDE13BF4A149A1A6CE2DFA9F8A148F + xor-digest = B245B3176CE7C0690A7CFB4C61C84E06 + 041650BD4A199986D3AC4DDD80A1C806 + 2FD17F9EA40D25E86EAC53CA4FF8487D + A4379DB9BABAE6109859D9757A992100 + +Set 6, vector# 3: + key = 0F62B5085BAE0154A7FA4DA0F34699EC + 3F92E5388BDE3184D72A7DD02376C91C + IV = 288FF65DC42B92F960C72E95FC63CA31 + stream[0..63] = 8863C707A53A4201F070ECEF33DAD759 + 712F20660A288C80E6E9073CD850CF84 + C96AC6DE9F11F0BA176C395E871C42D0 + 420FE1D3E9E23C8E9EB4DAAD6C677C50 + stream[65472..65535] = C9B8301378C62DC67A932B81147E76AD + 54A93FFDE7B04E82548B6344B8F63897 + 3FCDCCE6F69AA0A25BA0BD527EE7C613 + 5A89C5CEAA4BC69ADE9DDE839FDB47BE + stream[65536..65599] = 7079E98749DF66D72B8BBB1DD7A6B7D0 + 6094E8723BB74D38A7223B2557B8BE25 + 4313AFD06D79814BEED4F40DC9211D50 + 165A8CA279AA2CB8A1393099B72607B0 + stream[131008..131071] = 6C30F5011144AF9AE0D27E2D39E51372 + 783A5BAEFB58F43578D0FFD947457C87 + F138CE84D42891A4BFD1F438735771B0 + FD495DF941B8BCE83C2EE9F11C18C04B + xor-digest = 7E9DD203303EE6807075D16469FCDEE3 + C5BB95A359D4338AD06546061FA12F3F + C24AAE71EE63F3D892AE93E5E327FE7C + 1C168CCEC2BD1CCAF905E5CB2DD75C29 + + + +End of test vectors diff --git a/BouncyCastle/crypto/test/data/hc256/hc256/ecrypt_HC-256_256K_256IV.txt b/BouncyCastle/crypto/test/data/hc256/hc256/ecrypt_HC-256_256K_256IV.txt new file mode 100644 index 0000000..1555407 --- /dev/null +++ b/BouncyCastle/crypto/test/data/hc256/hc256/ecrypt_HC-256_256K_256IV.txt @@ -0,0 +1,3257 @@ +******************************************************************************** +* ECRYPT Stream Cipher Project * +******************************************************************************** + +Primitive Name: HC-256 +====================== +Profile: S3___ +Key size: 256 bits +IV size: 256 bits + +Test vectors -- set 1 +===================== + +(stream is generated by encrypting 512 zero bytes) + +Set 1, vector# 0: + key = 80000000000000000000000000000000 + 00000000000000000000000000000000 + IV = 00000000000000000000000000000000 + 00000000000000000000000000000000 + stream[0..63] = 240146C5EA6C72A8DFC93E54E8811C32 + A85E0BF7291BDDC0DBEAE086D051D5B0 + 5CC9DD5C311ED2F7E8484CC477C68BC8 + C5D3F3450553F5327253768E958C0C55 + stream[192..255] = 26C5976C37B009E57BE86064A99E8F59 + F9536410FAA9BF625D8DD2ABC9AABF09 + DF6B5EFC76CC6200F9E321E327AB0703 + 2C78B351C5F7EEEFF2C6E374521CFF6E + stream[256..319] = 2F72E0E6E710D807D5120AD686DAADC3 + A5C1544557A4BA6B1D61F90FECD55328 + 3C8F91B801DC435C5FFB1F8B33A23644 + 8E21217C367108893D13AD41EA8F20F5 + stream[448..511] = 68320BFC459C78596162EF5FEE2CF46C + 79EAFC681AE91F875672350C59D33D6F + 9E0CEEFE42EA9A0485E3E41C241CDE84 + 9849DEC99219729D91270358B2F83F38 + xor-digest = 19E8083DE3499286788AE3A6DFE90AC7 + B77084682ED86D8039A67663CDC9ACCE + D297F22C10FF7E4FAD773337B008A32B + A7176F733045DE44782F04C1DDF28776 + +Set 1, vector# 9: + key = 00400000000000000000000000000000 + 00000000000000000000000000000000 + IV = 00000000000000000000000000000000 + 00000000000000000000000000000000 + stream[0..63] = 4B1E2D728E06D7356F151D10DE9CBFB3 + C66A1E5B5ECD926E33F56B14CEDBFCC5 + 40CD6D1089DD8E5CF008E4AAA3C4C89D + 11B136FB5656B5D4818D1BD1E562BB38 + stream[192..255] = D5E6B5482535DB7F9352933242C164D7 + 6528DF7AA013A4FC2F2B8C2D7DC0202F + 85774C16FAF22D5071A875B6A671D4B1 + A8C396AA5D2F14AFF9C4CD6C1DB89175 + stream[256..319] = 3D0FCC3C90DE0328FD0C752458996FF2 + DF822E496CA42A7D7EBF3D958676A41D + 83A16EF3150B8C4C8F1763560B314287 + 54B4A2EA5C4F74783BF8809F3A624664 + stream[448..511] = 2D68526D25483C2A1F0B6F7101507804 + C9619E267F1FFF28C934D19201351465 + 31D13592BC9F1739A0B090718052E4A0 + CAE9E0FA4555F2FAD27EC8AA2F14CC60 + xor-digest = D3C3131E402BCBA54DCE0AD35C5FD241 + 3ED7056BF67B5163CBE6C9EAA9D27535 + 7D2BFB7B2843DFE92709F047675CE06F + 5201611BCB8FF15C76D0E328D46345E4 + +Set 1, vector# 18: + key = 00002000000000000000000000000000 + 00000000000000000000000000000000 + IV = 00000000000000000000000000000000 + 00000000000000000000000000000000 + stream[0..63] = 4A0CCA5AD387D49DF33FE8BE69FAD669 + 270E3E6CF724F53FC3E509A2CEF1D174 + A67C2EF4B9D2C9B8A8177BBFBAA2C45F + BDD25CBECBDB59A402FE3C4835854CAF + stream[192..255] = CA0F19D9996E6D3518D28D8169968ED2 + B03D118D4BC1C5E1847BA6EFE6A32D6A + 32BAF71A4C27B0BBC9B9BA03FE044D7A + C9785A69E3B0E5B3B26AABE3AB093965 + stream[256..319] = 6FD1A9F1EA228C39625FC0CBB2D4BF8F + 2C0EF1F37D4FAC56D8024D1B4F2AF33B + 8AB0D452F5155ADD5F0FEEED8104AD55 + 9946D2E274ADE44170F5113630200B57 + stream[448..511] = 5DA1476A1CBADD0797DD7EB9C0E563B9 + EEA2C55860C42C2C0A6B38B9344BA0C2 + 345C7143D9A7E5BCDF9FA2606098DEA2 + 142632258F844AA1A77CC9950D5ABD7F + xor-digest = 0CCEB42D4045C09C45CD6C27B88606BA + ECF7F6B30F50004AB2ACDAF89849519F + 61482EC4AAA2CF58C4206A228FA23AFE + DD3BD50BC9C04744940A238966C2926B + +Set 1, vector# 27: + key = 00000010000000000000000000000000 + 00000000000000000000000000000000 + IV = 00000000000000000000000000000000 + 00000000000000000000000000000000 + stream[0..63] = 77CB199A639DE60664225AD1DB954B5F + 70DC01305D2D4073BE772B0863175EBB + 64FAB80EF324DBC85A9EF827EBAC7A5F + CB088619C246CECE6F92B89A2122B6AB + stream[192..255] = 84C1E9B365F1CD23AFD5711BDF2B6F26 + F988A6CE29450108FD6814802355217D + F6F329FCB3F5997401019BAE0AE43760 + ED6B658FCB4280F5A070728411EDA4CC + stream[256..319] = D0AD4A851E7A60DC789762A554A8FA76 + 77FA610F4D868CFF1AB6025B2ECDECE8 + C554B4C0BDF543F58A1DD7CC68FD7AA6 + 7EFCFD59D55372E85131D6284E7949AF + stream[448..511] = CF7F791090D04350930AA1E1A53B70E2 + 691A231595E83F8BAB9613BDBAD868AB + 197D5E06B3397CC3D81F56B87BC7521E + B0BE346552DABEBA863D5C81D7245C8B + xor-digest = 2C77C0ED1F5AE20A97388ACA5300918D + 6246B04429F298E64A75828EDBD01900 + FC70CC103C31E0BB67B06D04128686AC + 5C5FA63FE714FC4DF18C551BDF81862F + +Set 1, vector# 36: + key = 00000000080000000000000000000000 + 00000000000000000000000000000000 + IV = 00000000000000000000000000000000 + 00000000000000000000000000000000 + stream[0..63] = 54A5A2E883714170B471C0651D74A9F7 + D51287C89FB345DE0AF7003C3871425E + FC885F033D79BAC9716B1ED5C637BD9B + 0F16FD8D613BFFAB634F0EC2497D7B3C + stream[192..255] = C7FBA70B19B749BBD0C84C7D31A5AA44 + 155623116C44CD53D2E640034211E730 + 277402F62D1FF1578236A2646AFE6108 + 2C958D9D01C065D7335EF9C29415AD42 + stream[256..319] = 2385E2A7070FEC7399BB3CEEA43C8D0F + 54D3607FC1C21BF173642287C1FC2C96 + D37695A7B1310E5E918EBE37113348B1 + 707BB39E401A10FF14EF020CB7C44261 + stream[448..511] = 5A87EF81C2CFA70D86B147E9587467B5 + 22FCDB4EAF0353E11F73F3BCC1EA6C09 + E962A87A0842B9225E164DB0CD1A3BA3 + DA8C02E6746CD3AE0BC4754ADBE7EF6D + xor-digest = A65BBEA2E397048E4714A8AB3C19EE6E + 91B9EB8048F35FA7AB9E003E9359BE0E + C3EDA827AF485C23A941F7D656C76CA2 + 5D12044923E43E61E7DDEBE7D9C87E3F + +Set 1, vector# 45: + key = 00000000000400000000000000000000 + 00000000000000000000000000000000 + IV = 00000000000000000000000000000000 + 00000000000000000000000000000000 + stream[0..63] = FF81E156907CC2C01EE23F79F936809E + 3F88AC15CC01BDDDA378CC1BD2317444 + 200E4E2C63E15FF07B0B40721970E7CA + 68F748A95A965EEC606318447BB31C2F + stream[192..255] = 4C4C42A330AD444388FCA4009CC0B196 + 84AEC3EE65138A747FE86526A263969D + 87CCDDCC4C9A0EBDE2D088CCCEBE76F0 + 52BAC07636937B1567637ADB498F7F8F + stream[256..319] = F550BCDF67C8E9C17B800487DF83A4BC + 73B809C4F3279D4CFE857780412F0F7B + B838A9F0322BBA84D7AC51E469C5012E + D774E52E3507C7D069F5169F0403C577 + stream[448..511] = 9D92715109A301AD47BF2376D65E2519 + 78E12098B0DEA5B779079A0FAAC4DB42 + 5BA9EB00301A5F964336F7EE9C0D9667 + C4F0DBAE14BED3E49A6A746FCB186C65 + xor-digest = AD2264EC651E311BAC5FB36434773F5B + 4A4777B2B7F811A755269FDA8339DC97 + 7A8C6A5F66E8737DD16A88DAB8545110 + EAE275892A767BCAC0757C396A690F67 + +Set 1, vector# 54: + key = 00000000000002000000000000000000 + 00000000000000000000000000000000 + IV = 00000000000000000000000000000000 + 00000000000000000000000000000000 + stream[0..63] = 3DC3C1A1A40E721F8A3A66960DB2C0F0 + 6D8B7C07FE90D67C26F86200D6A1A1D9 + ADE4D53A35F7A016A506D9C62D344D49 + 5C6DEAAE053247103B8F202B85A5036D + stream[192..255] = 9B83E56BB5E10B5C6C05C4B450B64FA5 + 9C52AA63E207592999CBB48355517F05 + C93EA878BFAECE58CBCB948E81BEFD89 + AE0C5C13359C6CF5A673B4EDE28FAF0B + stream[256..319] = 388163F9F26536BE1221A46834CC77FE + 03D021C570A9DA36CD528E887ECEB2A4 + 7146A8A930D6AC04694A0B9AE50FF55A + 41AD3B3D3E53F982563B5B458C078C0E + stream[448..511] = 3B0FF94C0C9FA0EB8B8CC1C691D04180 + 5AB6436BAFCE8C16A1351883C88E945F + 8F912FF79CFCEFF7374936E830C9440D + C676A5F00BB50EDB34F810AFFD9CA8B3 + xor-digest = 879534CEDD8CDBDDDE2E2216D55529AC + 1189B1C34A76ECEC179B8A240E890F8C + 640738DC37C14E4B950B9D8C507685B1 + 28CF4782EC424A3712F54F6265A41E7B + +Set 1, vector# 63: + key = 00000000000000010000000000000000 + 00000000000000000000000000000000 + IV = 00000000000000000000000000000000 + 00000000000000000000000000000000 + stream[0..63] = 12F0A17DEA167676992DFF2E7D812878 + 629579519578EAFD885F212C7E04F035 + AF03732C3DA8CFB7B73054662F0593E7 + E40133706F04B1329BC3155DACD296AC + stream[192..255] = 41BB89D0BE44055E23813783C3EC4487 + 2D102D6EE94475AAFFC7FEB8DE6849A2 + 6B50DE77EB9B0B96EC9EA0216D13D64B + 1264A83D6B571A92948A5E35446B0503 + stream[256..319] = 15E9C9168AF4AEF7F2EF1E832F40110B + A8C08DE71D4F0AAA3A5C2FC59BF41005 + ECA654EB7F316B757FEAD5B0F4BF41F2 + C6D035A88B5477632F34D7F904B2939A + stream[448..511] = 8A2D446044F7930B696DBA896BA6CE69 + 8F8B01E4282BCCDC4740BB6AB6ECF7B8 + 9CA1CFCB5745B6577D0F440AAB7985BE + BEC5DBEBD8B028B15DEA138F09018297 + xor-digest = 89CFE7E84993C6B608EAAECBAECD7847 + 472703F3CD97F9315BA9CA13204B616C + AAC0F37EBD1C58186620710FD6AE5EFC + B7CBADA19AF8C0F7E1FB24913C2300FB + +Set 1, vector# 72: + key = 00000000000000000080000000000000 + 00000000000000000000000000000000 + IV = 00000000000000000000000000000000 + 00000000000000000000000000000000 + stream[0..63] = 7BC411ECF4AC2EF2C9B8C5B7CCFD791A + E8250119E08C1B7F7A82F576FF66FC9A + 9D9BDB7570EAF276A60A3BC7E7BCBB86 + 7A791A48F9E742D7D7480FBA67DCDA6E + stream[192..255] = F85A8E3219AE1E5F20A4FFC6814458C9 + 5A4ECFE7FE739E151A45247A136E3BB6 + 9C11987BB5D13B1B9A3077C8F4ADC9AA + A555FC9725339E02390B9C9F75E1F38C + stream[256..319] = 8A2E88E0A773EA00C11138710BF12ED2 + 7797AE7863B1EC84801D11B5B3914786 + F1D547382DAA9D5215CD4CBC783C700A + 9B09FCCFED28899D2F2EC148CEFA39B2 + stream[448..511] = 95E3BA3237F370A4E0850F2CA0FCEC89 + E9D832CA6DC6A062BE7ADA8D8AEFD55D + 2BC7A3F46BF81DEA5DD9155E8D8FE918 + B5DFB1926460AB69663856EEBCD4C338 + xor-digest = ECE252DA29D20602D138E13C004D8B66 + 8B09FD764B7D84FB83B8F4D924504D60 + 277BAFC521A8AB0464E4EFC6BBB9E4B9 + A206C38154AE3A57B84D2D39CF45616E + +Set 1, vector# 81: + key = 00000000000000000000400000000000 + 00000000000000000000000000000000 + IV = 00000000000000000000000000000000 + 00000000000000000000000000000000 + stream[0..63] = 139C2843F0BCBDD32C685F4EE2C7AF4D + E6BC79789B77B1CA6CD94A01645EA243 + 5B491F27C27D4EEB96FEA0ACE65C0D8B + BAA642B5A07245BCD0930588FFC92A50 + stream[192..255] = 5C76EB0D5323A7AAAA228F7718BB6736 + 5B344559C24BEDEB2CA66414B5E81795 + 428D55868611AF9AC7EA0E7424984037 + 3251BF5206C361AA3631DEDA52DDD519 + stream[256..319] = EAB18EFED266D4788015DBDD20A75058 + FA4DE35C1DC774ABABC476BCB0AA2CB1 + 214E5463F4E20E7B999ED475D77DBA9D + 70FFCA0C7971CAEC3B285EE8F9F37C02 + stream[448..511] = 081083D9AC30C9DB4E53597D64249D7B + CCD847495A928CF4CE876237D92ED5E9 + E3D723EFC663CA0DDF34DABB941F42C1 + B48EFD59DDCAE71A1B82358A3328644A + xor-digest = C08714035439EFBE455BAE68EEDDA0D2 + A6968F18827B214A097221C3A77F80AA + E1DD9F3C72FA66C16EE278A76C19107B + 37CC32346DBDD29FB30059A8FC732DED + +Set 1, vector# 90: + key = 00000000000000000000002000000000 + 00000000000000000000000000000000 + IV = 00000000000000000000000000000000 + 00000000000000000000000000000000 + stream[0..63] = AD897A3C509B66728342A817D745460F + 6A258386FECF71DB95ADC716B8BC0462 + 22C4EE887334718534E719F36454E440 + F9EC44A2DC38345CEEA9425BF5F10123 + stream[192..255] = B32235522391A0BE105A993923760C6F + BBDA849213C628776BCC5364F28EE5BA + D498F186C3C57A8DBE5355C2A38DDB82 + 54B321636EAD186788DF1BFC5B6F85F6 + stream[256..319] = 499CC51B20538B14A05E490B6D5D10D9 + 11079F58E3603A84AE6689293E3AEC56 + 7545823F0B085469CAFFF01D2AFC5076 + C155F8B4B7DB4C49A9A993964928D11E + stream[448..511] = 65983D36E97AEF89C3A75616F7C098B7 + 5CFD9C531AFF8184010E2CFD45163312 + FFBCF5AC70139CF12D97325CCEFD0B01 + FBE571FFBD7DC21B54D4B277A2205E56 + xor-digest = 90CD243B35747378B85B99474EE0BB3F + CE7574CC19BEC5220255523276CDECE4 + 5A16EF44C414ADF1D1CBE264872419CC + EAF664CC74D36072E9B975FF40074006 + +Set 1, vector# 99: + key = 00000000000000000000000010000000 + 00000000000000000000000000000000 + IV = 00000000000000000000000000000000 + 00000000000000000000000000000000 + stream[0..63] = 26F731F36F626943D4CBBD605CB67FBF + E9301F24AA4E93EDB2D0DBB3FB17E8C8 + 623054B3003BB12E1C8607FB53315AF0 + A139CDC381753A14342AB90AFDF43E67 + stream[192..255] = C3B755D009DE9965D36B4111308B25EF + 39A137E373BA0E90E5AE2748115F29FC + 562A6F6894BFEA59587F991DD105DE1F + 67F62A73A72A4802ACE727335467F503 + stream[256..319] = BA815578D19B3B384BA7AA7B972B1FC1 + 7244FA75A4CFDC8C30ABBFDF6861F356 + 6A9B68A6F60A61E6DC8E046FE75373E4 + B45EAC193127CBA3AC4F22345BFDCCFE + stream[448..511] = 99C68AC554291FCDC03F300D69CE68D8 + C4D4DFF5FB2D4C3079992D40FFCC9683 + DE471E6F2A406DCE03AF8EA17B7AE905 + 12F1368B8EFDA838274812C4F134E2E6 + xor-digest = 01AB73AE53306196763ACB9ACFF9A624 + B83A7B339DB517AEB408292627EEBC43 + FCA6397320F50E96ECC3595B13BFED85 + 1309458EFE35FA1167C2CCCC6A4CA83D + +Set 1, vector#108: + key = 00000000000000000000000000080000 + 00000000000000000000000000000000 + IV = 00000000000000000000000000000000 + 00000000000000000000000000000000 + stream[0..63] = 031A1BAA02280255F0413D76F945138B + C0835BFE7CA64B16AD090454F098B8CF + 34B1EE138E03C3CCD9FF918A58D06AD9 + 2D7F3FB57D2E161A863A0C25391CCABF + stream[192..255] = 6810368C2B2A091C6FB3EBB76E960AC3 + BFD678F028EB6FC0F5B36C2D386A21A8 + FE46A5AE09DB0BD75359A8482EB6F5DF + ADE199B796520807D60D9D93995EAFE7 + stream[256..319] = 0F2CDD428FF6DF2A4621A8423E09939B + 014BEBC0ADBB8CE71B5E587DA408ED43 + 04A12BD535257322122EEA2840A9447E + CB1B6D3550ED14EE31424F5404B2B5B0 + stream[448..511] = C63FCB06883F3AC65612EDF28C875477 + 1D383D42A553EAFA37ECCE26061EC5AD + C6FE3BF23E06CFDB14EC1DD996A7D4E3 + FCF7A0B9ACC69F37ADF428B434994595 + xor-digest = 463386D0F7A1306E87F3221C4ECC0597 + 9474F620AF3563686ED5DEE291155225 + 56B9372496638BA1631982D6B3F58CAE + 27810BB7AA93351B838D54EE761A8C94 + +Set 1, vector#117: + key = 00000000000000000000000000000400 + 00000000000000000000000000000000 + IV = 00000000000000000000000000000000 + 00000000000000000000000000000000 + stream[0..63] = AA4E7E8171A8E0AEDA6049999E0A06C2 + FFA43B9ADC5E9DCE4ECD8FC1D27BE792 + 6FBE2ABB69A6B69D8C213A793C77096F + D4DF7BBDBCDF007C914B7C817837D99C + stream[192..255] = FC90E3C82B8E7228C1ADC2F555068372 + 4307902A0750149CE0B2EFD2CCFE9875 + DABE60E1B85CA117D05E4BD4F45B42E4 + 55A9F42C60910C9BFF8DF8FAB53C81E1 + stream[256..319] = 9BD976B88E9E5E23D0D40779644BB3F4 + CE5C6B16FA6D955C32369DFD19D632BC + 7730683D562320E39F75D8D8BD074968 + 9ECAF0DCDCD99FF4C3939092E9576144 + stream[448..511] = 51BE9CC1362669C0F79D2D88A42DBED6 + C3315002380AEB647C8F9C4036590527 + 1D8915B985B8BE9CC1C5C7652139E609 + 651EAC8A14DF661D9869982AE5735E9F + xor-digest = 0B0C84D430687F488F8E45DECECD6D7F + 1947E32AC49BDD2139F5413E08A88F31 + F9AF6599498431F155AA10B7EC09F095 + 8A5AFDAD486D2E6D50AF77FE98E33738 + +Set 1, vector#126: + key = 00000000000000000000000000000002 + 00000000000000000000000000000000 + IV = 00000000000000000000000000000000 + 00000000000000000000000000000000 + stream[0..63] = 52F49050156E957C605656B2DF88EE1A + 5E3ADA99F9793B65456C4C6C322B8B5A + 28DCC91EE0E711BC33E0C13354542227 + 613665CFA3A825B943444401EFB06ACB + stream[192..255] = D0907F5D5939D7B544476E299605972F + FE422C64BC6343F9C81093AD0E3ACC72 + F4B67314892E36764736C0715E4D3438 + 36BDB105214F5F8925F321F5FD865EE2 + stream[256..319] = 96EEDA75474D65615795185B1BEE8D44 + A687420304B260E4C70FE7F542967325 + 1826EAE010981F6262EE6CB639996467 + 5F6B23825748128617721752283C16DB + stream[448..511] = D926085A441E507207850AFF3008D59D + F7C9D3B69687D18CCFF2C2E09D4E4EA7 + FF0B72C04A86B80923DAE187FFB99170 + DBD4902AF77EEC42866A83B519F092FF + xor-digest = 1E068ACCA6062CF26ECEC79F149BE139 + 24AF8BF44377EAD1550B1560E4A1006A + A6986C61581FF9E47D58F2E52434911D + 5AFCF914DBBAE183D02DDA3210768984 + +Set 1, vector#135: + key = 00000000000000000000000000000000 + 01000000000000000000000000000000 + IV = 00000000000000000000000000000000 + 00000000000000000000000000000000 + stream[0..63] = EF5BBD7A620E8052F05DC269309AA7CF + 8AFD4AB2B941D905AEEFC721562E00D7 + 04CA70113C8A90FA12A0C9B9CD1B9F9E + 6176602CC08B66410A8BB0F5E9837C27 + stream[192..255] = AB843B43856FC77C1EC09C0DD2248617 + 820344BD2CA0B025C39B0EBD5A750A6C + 7BDCE863C068E0D3A937A5B2C5B6ADFC + 609F6DF7778D88238B89288B2768DE99 + stream[256..319] = 5E6AFBE41F47F35CA9298C973E613174 + 529D9BEFA6D0713A5BFFD96B70D39044 + 413E24FE57B01C426E8988EC365FEFEC + 1422CDFB956B12C6A799F5FDD4EE43D5 + stream[448..511] = AA960C189C0A20870901D4E2F1901D0F + A28AF3D974E14FB70736C191D4C9CA26 + 48EEBA776339F80D57A8B783419E61B7 + 52541CB296B4CD31C55DE3D34CEF0D31 + xor-digest = F163BB7ABD3914204ABAF08B844ECF05 + A36B7B37B8345115EFAA2AB2E7763E6A + E044A83597C023FB41EFAEFBB63E4195 + B60AEA6399DEBC94C75BE883B3623733 + +Set 1, vector#144: + key = 00000000000000000000000000000000 + 00008000000000000000000000000000 + IV = 00000000000000000000000000000000 + 00000000000000000000000000000000 + stream[0..63] = 9198011FAAD874AD77CD0C98DD99C7BA + 01B75CF9DE1E26321EC6AD293C73C675 + 69A349157FD47672C5326276BA40F4C5 + 0CF8D98134D0BC13879E9EC267110FDE + stream[192..255] = A9B3BEEA161ED996C44F6D3B93431C6F + 54DCD5DB88E62CA10D1067B9CB5D21DC + D7E04C48D88DF54E1370D1C24C871BD3 + BDF9B956315996F95867D1E2494370CD + stream[256..319] = D09ECB5DF5B0526372B57CDF5DCA6AE0 + F005D2E2F27D50398E3D1D7FF2100BAA + D6F2C03E431345A4F41CEF3E8D3F14CD + C76A423720A936D27322559289F13D92 + stream[448..511] = 5E8FE7964B052B6D27216E37C49CC913 + 450FAE159C087E34CF67E8B0B8F516D6 + 3C0B544CA29F9BCB2B48D3894D69DE3E + 1460783E82EB67990FFB7F92DA48E449 + xor-digest = 5515E37A3F274746847F551ECB7DB4BC + 2BC32237050BEE9AF2AD1BD8577034D3 + 4A23AB8A2FFD00C7B8CB7D5CA0AB2421 + E7CECB2801A1B73A44FF3E798ACA8443 + +Set 1, vector#153: + key = 00000000000000000000000000000000 + 00000040000000000000000000000000 + IV = 00000000000000000000000000000000 + 00000000000000000000000000000000 + stream[0..63] = 02858548ED24761DC0AEC6752076D095 + 7E78EF1FCFFD8E756C747586A3B59C22 + F42A9FCA9F103C3054E0B4F6EEC82101 + 971F2A6F9611F7541152FA3BD7774474 + stream[192..255] = C32ADE80873D1190E9807C25D73EC5B7 + C208AC693D98A664FF4D11205650F7FA + A36B153BC1A3F0EE0F4319F2100F7F27 + 31856BFAE36110C12EF0361259641D74 + stream[256..319] = B8F74AD5930D1F2CEA6B9F7E4E775DF0 + AA97744677E5C96B9E55AD77BFAC5E8E + E9BA7A19607D9EC52DEEBECD185DAE13 + E304743019D831849F111602EE6EC34B + stream[448..511] = 513303A57165287E793DB91F49C9A8ED + 522389F03634930512744884BCA45F4C + ACB60FD077BF2C050D4002162FB811EC + 4AA855793CFF2E30665188471FFE0847 + xor-digest = 7EABCDBDA34E51E3A61D2F3340884BBB + 600E1D30216B7117081B3E5D04FD4523 + 706D4F34C5FD604134DC89F570D6119D + DBB7C5FB7CA90E38AC157832C3C956BD + +Set 1, vector#162: + key = 00000000000000000000000000000000 + 00000000200000000000000000000000 + IV = 00000000000000000000000000000000 + 00000000000000000000000000000000 + stream[0..63] = 689E48A85A40BD161BEC710F9B2457FD + 276F1156EBC10BB851A8517AFDBD692D + E4827BAAFF218AF886439ED976147EBB + BB1074BD599A80F6324C87BAC987B8C5 + stream[192..255] = D9BA3E74CBAA58CA97DA3D3B1051BDF3 + 29F6CD837B72022D2EAB5D20B02F53DC + 4755C764C50756A7101998C187E4F0F8 + F17A0C6797976C4FF1BA17B3D03C2218 + stream[256..319] = F6F9B6F0F6E1D756C0242B48BC55EDE3 + 3038BABF72FCDD5122C61804996F5ED0 + 86A78B33C517CCED9C34580AA54AC03E + BD0F9698A234787DFE97FCD3D9B7CEBE + stream[448..511] = C31091C4C5AD605BA90963B1D469E501 + 412FEECDE3EA8EE834F188793A98F830 + 81F8C941F11676E007074B40EB15DDB5 + 67D93E954422376F2E3039F4E4115D70 + xor-digest = DF047B3EE7F2AAACE9D5A2B0F6A1EA0B + 97E815E9B9BDD3B7862ECB414E9C08E9 + BA0109B1D6866C9D7D6D3DC9FAE5F51A + 48DE7B9077DA489B7982BA69228483A2 + +Set 1, vector#171: + key = 00000000000000000000000000000000 + 00000000001000000000000000000000 + IV = 00000000000000000000000000000000 + 00000000000000000000000000000000 + stream[0..63] = 1F8F707DDF0121AE4DF26A6ABDC195A7 + CB9CC8479588D2D436C52483DA54744A + 2880E3DC622180D36B64CC053CC245D8 + 0700EC62ABCA6944BF89C7DE1A532A3C + stream[192..255] = CB2D934DD1414C60550CEA6FFA776312 + 3C9336F99F16F8B5B8E60D5D0CE54A35 + E752A4887A03EEC95050E50B58F5C8C2 + FD814DE76D3F66B907C77C9B646EFD13 + stream[256..319] = 10306DD8B3EA307496D7BEB7A679D53C + 3650ADC53991D0565856F51DA82CEB45 + AFB460D6F90877557E17F534C3375FD9 + F96D13AB77FA3996998F5DC6F5D3C9A3 + stream[448..511] = 42F4D1F669741750B24A44F82990E6AD + 065E7B07B2194C96E7578F7A754E52A5 + 86C820FFDDBA671A7B08D65B51D8736F + D0DA8E81CC69BB8A56565C43845C0AF4 + xor-digest = C0535BC269BB39AC2ADCC50C62F87B6F + 2C9351DAD49813529A27BAEC163A1D8B + 778670F0FF1610A4688F86851050C9B7 + 275B087A0B5CE01B602F8D1D25C29392 + +Set 1, vector#180: + key = 00000000000000000000000000000000 + 00000000000008000000000000000000 + IV = 00000000000000000000000000000000 + 00000000000000000000000000000000 + stream[0..63] = 899C1C50A80E374AE884F10BBD17D036 + 1632D89938FDB7E4BCFBE1050D5E948C + CF4631EDFEFD2F140FC3FBFCC096CD68 + 1F6C1B0CE9E395FDEC56295AE331D8D0 + stream[192..255] = 2F60CFD4D07E58DBC5127A98D2B1DDD6 + 1F216F61F70AF12427108906AFEDA4AB + B439A99765EB84E43D06EB7B3D984A3B + 53D8C054745A6E3B61F8444C84C7F30D + stream[256..319] = 1A92F3B4F6C4684201FA4AF201259AC2 + 53637B41B734062C298E6F932DBDAC5E + 999FEC21B63539B5FAFC312D0CCE6137 + 04AB3CE65E241A1C34D12ECCC840973C + stream[448..511] = 83A75C2E2C6D40FAEA049322DC1B2251 + 306A8906A37DD30182C328D50E7B7AAF + 89671DD776C9C730EEE0DACEAC7D7038 + 4A93426090F31EB851976B8B2ECA1FBA + xor-digest = 6D85E7DA2069F1308D20A56DB17F3629 + 09E80EA6A045DBE61FB037C3C8B9D448 + 526A37A431A8BE49CE4F10B8CF6A33B8 + 82E6ACD6309BA1B716810715666C6CDA + +Set 1, vector#189: + key = 00000000000000000000000000000000 + 00000000000000040000000000000000 + IV = 00000000000000000000000000000000 + 00000000000000000000000000000000 + stream[0..63] = F9E151BE5EA0F532E56958F173B8F104 + DC9E73D8FA289CC2F84C4BB10E8EA769 + 57FBC8F539365B9E9518F8787D6CF927 + 55F0C2B2845318337F36B80E22C59FD6 + stream[192..255] = 27FAFEBD2EBCD2B67AB18BCFB7F8DC96 + F54C8A765B0E4B3DDC3013B599DEF791 + 287FF3C0F48F339DA04B667E54696485 + D48751A001B548727338AD6FB82EAE42 + stream[256..319] = 09DC2AFADEECB86278C64DDCA51EEF97 + C10B9852DB5F33A19C99C0D4F36D2959 + DE247E4DB356E67F2951E0309F18D6D7 + 27D2A1BADCC44DC320E2AA80E1834198 + stream[448..511] = 4103D8455B6DAE658915FACFF2F3F1F2 + 856E2343143671565936301E9D1F635F + EA732C9A096C3E955D33770E244ACEA4 + 094E390239489F4D4F0A1F3C26A1589D + xor-digest = 8DF4EC7886C386E5A0D7201A3E731E95 + 5D1E281321C2B592E31681CC95D173A7 + C92E6112197C6A605F494F6E9C4AE73A + 21B966CBAB1628794F0E44202742EACE + +Set 1, vector#198: + key = 00000000000000000000000000000000 + 00000000000000000200000000000000 + IV = 00000000000000000000000000000000 + 00000000000000000000000000000000 + stream[0..63] = 8B9B0CC804CB353F49564926E3FD846F + A4758692FB110A428FAA3132F4C606CC + A41CA937FDE463D9FEC51F419D60AE60 + 1E8EDB30AB09E0B08D0143D885161B16 + stream[192..255] = DC6DFDC4E36FC1D4BD87F731F761BCC3 + 9837A790DBB766040B4508778C5CFC82 + 8EF9EC4D76BE3AE0967DBC844A2D252C + B942E97A2C6A185ECF4E1200BF9BC826 + stream[256..319] = A9DE78C2204B712A9803594B872F29E9 + 5E8962D7D719702FB3279F053D311292 + 26A14FB06058AEEB6D283EE0A272C6F2 + D392B102E294A7CDF24928D5281D024E + stream[448..511] = EB822D7BDDA456BB6E109ECD330D4FB5 + 1259D7042935BD5DFC787E903758C27C + E9E9B191957E721A7013D36E5A29C09A + 3433205956A55460D1498124B2800423 + xor-digest = 10128D9A5EEA1D93E65462702DB15A8A + 23D0FDFCC5B0871639D704DEB9F580C1 + C88213CA166F3BBB89D0926CAE7E64C1 + 0A24041A42B9D50CB0537A0585EE574D + +Set 1, vector#207: + key = 00000000000000000000000000000000 + 00000000000000000001000000000000 + IV = 00000000000000000000000000000000 + 00000000000000000000000000000000 + stream[0..63] = DD4CCBD0B5068DF0193F50C11D2576E1 + A70040D6C2CDB98061498891D1791E63 + C4B5103A52146CE27D8F721E147EA612 + 7E5BAE1FCD3DCD9053D5FF5EBA328BBF + stream[192..255] = 541F008D78EC1ADC5D1B930CC99D4A3D + 61BD60AAB9DDC8AF8594FCA129410232 + 92BC44EE064E44E88A07ACD1B742666A + D147F14102D23578E3B7DC00905586D1 + stream[256..319] = 6834D2FB6BF3B46C0552AD83275CE6EB + 9482C2DFE40C6B1FD6F743CAC8F40A91 + 5BA9A90FBE7CC0153D53C444D3F7A23D + CDC3134E237F63E5A07C99C10B8EE87A + stream[448..511] = 9F75BC84091695FDAA2579AF9D34B2A7 + 2B82D39A1E7FCFC4D18D6898A9CD3296 + 0D50AF1B720E1347A0848782BE6AECC4 + 684CCA05B893951A65EB7CB37F5FE240 + xor-digest = 12F358C7C4C697199F9AF17040115522 + 062514A5DC3584BC515AAA4474A1D85B + 47A6A2D8C39E8234A5D11860BC1036E3 + 957920C03E9A47E61AAFB058A9850559 + +Set 1, vector#216: + key = 00000000000000000000000000000000 + 00000000000000000000008000000000 + IV = 00000000000000000000000000000000 + 00000000000000000000000000000000 + stream[0..63] = C5958694DB1D54B95101A9F48660CB26 + 8EDADED85C6239098248E0867117607C + D5278E5B5D9CDA7BE8A6BBDCE61215B6 + 2A93FFF627B28B271CF2275E54EA1CD0 + stream[192..255] = D9B69B25B5729759F3180FF17421092B + 0740B2E1307FA9141915CB8C30C0C322 + A1E4710674EE715DF3AC89F447442A7F + 845E154393273BA47F2322BC661D1755 + stream[256..319] = 49412E5F3C9B5B52FF790CBE82D6F037 + 217A13B7744740A887F7C1FBE3714DEA + 2A4EA4A5F444B2EC3C0B160A251CB44F + 8DCA914FBB80F72BC8D009F1C7E001EA + stream[448..511] = E1C2BE8C64D6BFE081EDD30681763928 + 85939DD7EBC13E16D83C8E7FF65EDBC5 + 90FA3904068784806E20F0A61CC73839 + E3BACD410F59D3848F5A628EE030FC4E + xor-digest = 54092B3D64197BD598F9050B44D2E785 + 029F29F46822B72ECA40182E8ABDABA8 + 751054FC50250DF5AF5AC75F4C51D1D5 + D2BE298770C353A7C5D608D1149F1452 + +Set 1, vector#225: + key = 00000000000000000000000000000000 + 00000000000000000000000040000000 + IV = 00000000000000000000000000000000 + 00000000000000000000000000000000 + stream[0..63] = 633A6CAC516B7A84CFF8F5702CD9BC81 + BCE328741675EBA0FD1368190AB6BEEA + 7C8B0256CEDF9E5CC6F9249511AB87AD + ED95BF8E11182B8BEB75FFA279C3F706 + stream[192..255] = C3F700538A4EEA17773E74D10CE4493E + FB0417B380ED4229F651D6A9BE0AC617 + AF66C576B7D06F2210EF226462004D90 + E753D805AB198B73B0CCD752C7E57A2A + stream[256..319] = 30A11289A9E0C854B980BE044F07E945 + 06D772861896D0F75D739647FFB939C8 + 13FE4BE5C8DF84F64827306D0DD82415 + E104F787F30CD097EED7DB9340A0F47E + stream[448..511] = C2134984733448DD577DC48B5EE5D761 + 0A54AB6C32E3BB782849D8E7E8B522B8 + 0D6444342ADD9709D7434F9B4C18C6E0 + 15AE97DF8F3D29FA6D85DA387157E223 + xor-digest = 8613454AD0B424AB6EFCEA96C0802B6F + 47F1E98C52BC68DA25E653431CE31078 + 1658BC45DCC2EB43C4ACF8395727133D + 12A127D4CBAABAF24BA44930A58A87B6 + +Set 1, vector#234: + key = 00000000000000000000000000000000 + 00000000000000000000000000200000 + IV = 00000000000000000000000000000000 + 00000000000000000000000000000000 + stream[0..63] = 6A0F095C0E23FD6F8DCAEDAE5314141A + 0F1CE1C1BD6A16E81FEFF72F0753A5AF + C1C54DFC0DD6ED99F1D416BE3C5EF341 + 454C18D49729E80EE99F37734817658C + stream[192..255] = 05A4DF5BE8A35DC623D107728F28C789 + 3DE0E75268B3E1F94C07AE50CA0891D6 + 2B1E764CB41062391B33929273CE6B6D + 1C9CEFB35C37AB2FA8EC18749B5292B0 + stream[256..319] = 41C8AF9ADA46F7BE8EA72BB3B8661B78 + 2BE5649F18F216B75A0071A6617200B8 + 463B08F986D706AD140E27C8F4E040BD + 6BFB4872D758363281C62AE8C4B64E33 + stream[448..511] = 58CDA35476767EF58748A504B0E4A38B + 64162AD422A0DEC0434D879898558C77 + 1A8243DC43B15FF996B4C8CAD3C47C6F + 26F00C71ADFB538D9A983B7B624D6E62 + xor-digest = 240A699AF4DDBB56A4C502A9175C0E3A + BBD654D0717A1F6F6847381B978AE8C8 + 0EB7CA07A481DFF8606A31BD6B489AE7 + 89763068D641BAEADCBDA9ECAC465ABC + +Set 1, vector#243: + key = 00000000000000000000000000000000 + 00000000000000000000000000001000 + IV = 00000000000000000000000000000000 + 00000000000000000000000000000000 + stream[0..63] = B3C91DA5911D7D7A4BC16A66988AFD3C + 8462A9E9BD0D95C9B9884DD14801E464 + C27048FEB5F70B28013099F0A31255A4 + 9EACE528A13CB5DD067E520D183133BC + stream[192..255] = 756EDB0542FE1F11B159C7081D9CD742 + 2F0E5862D39E2CF1517B2F6F39AE5245 + D659A5B93EB8FA8C8FB751B378BB0DEB + 481B874663624C8DC15E6A1A64376340 + stream[256..319] = 436613C9293D5DCB204B46899CF23E65 + 698BCC3003FE064FD1263EEBC59DDBAC + 536566855510FA802128F0A968A2E359 + FB68EAFD6AA89D394B32BF6069E92EFC + stream[448..511] = 033FF40203ACAEDFBF561A674EE74D97 + A535A448AFF94C8C167200E5CA626388 + DB1BD6EBD4A1D83CF352E97CD8F02671 + 18E57B71D33930EC2752D2F262A55F9D + xor-digest = 2CEEE4705688B20B3AF71F285DB9361B + 0EC945296B97F3A050C31C54E9A07CA6 + 498B92917617571928E2663CBBAE21AD + 8DD880A037A024E46B6581974838AE1A + +Set 1, vector#252: + key = 00000000000000000000000000000000 + 00000000000000000000000000000008 + IV = 00000000000000000000000000000000 + 00000000000000000000000000000000 + stream[0..63] = A6AFA8AA02C3AE7F29E61202B4A5C25B + 6F74BCC176702C9C1D610FF722527A6E + 721ED90B871AEEC71EB62B24A8F24357 + 07765F7724BA03173F51C9B66C9F4BDE + stream[192..255] = 002B8929A54C1370067A36DB9057807D + DB747C2A4CE19BC085DDC517AADE3B97 + BB1B35F2BAA6A18E8154CD80DA6F9F4B + 0DBFD3EA5F69D5ED3B5770C6221A8D66 + stream[256..319] = AADBBFDFC6FCC6072747BB528EBEEF34 + 6DA76885CF1616ECFB89D3A134769902 + 904AA12744DD404F268B0B4B34700928 + E3C4B3665B9CFBAD9C528EA06F89CCDA + stream[448..511] = DD5453BD0D99E7D2CFC558EA969A4E35 + 743AFA96D570026106C5CF40037B1325 + 40C909C1278DAC8369B1AC257FD8D868 + 3648B4F22F7C66282BAC49D8D23626EB + xor-digest = B3F2AD900155FD5D39768B4F4B7F8E5A + 1C557936F2B5F06966DCB884AFF7F01C + 7AFC073C20EAF85363DFF41357E626B3 + B19607224467413D185A05E7BFBC5F0D + +Test vectors -- set 2 +===================== + +Set 2, vector# 0: + key = 00000000000000000000000000000000 + 00000000000000000000000000000000 + IV = 00000000000000000000000000000000 + 00000000000000000000000000000000 + stream[0..63] = 5B078985D8F6F30D42C5C02FA6B67951 + 53F06534801F89F24E74248B720B4818 + CD9227ECEBCF4DBF8DBF6977E4AE14FA + E8504C7BC8A9F3EA6C0106F5327E6981 + stream[192..255] = 30DA9453A90909A5675D6B691CB0990F + C423CDD8222EB47245BBB67BCA2B9C10 + 8D1F016DF0CF8CEAF6829910916DBC1E + 113D11E91BEC3D85C47E3042EC865658 + stream[256..319] = CAFED71B892EDBE13388CEF6A3365797 + E0D88C0D3A5B91BE4CBAF5162F69558F + DBB45CA6F8C8D4C371D62736EC244584 + 60131F54854F3EC804AA9A38E6ADE281 + stream[448..511] = 531A0ED5D2A51DDC6499FE1BB6E2295F + 2C3EA0F56AF46ED93DFAA4E16F5F0831 + 2D77BD0E9122043CD6A202CBA9351F6A + 0E8E6263F4017355136A0C551E6FD0F8 + xor-digest = 023D719F61C193E4CCD87755C87F9604 + C5A29DD7E31637B3DD70D43441D48CC7 + D474013C85EEAB1897C80ED0A0272543 + F951C72E3954616CB5D6B51FC24F4B0F + +Set 2, vector# 9: + key = 09090909090909090909090909090909 + 09090909090909090909090909090909 + IV = 00000000000000000000000000000000 + 00000000000000000000000000000000 + stream[0..63] = F5C2926651AEED9AF1A9C2F04C03D081 + 2145B56AEA46EB283A25A4C9E3D8BEB4 + 821B418F06F2B9DCDF1A85AB8C02CD14 + 62E1BBCAEC9AB0E99AA6AFF918BA627C + stream[192..255] = 3B3C6E78A8F381EE2C159FAE1C487C58 + 11FA9BB02CECF7440239FBB0497347EF + D8F1A8AA71AFC70ECCD64E81388E6E87 + 9521C2B47AD84F9CFD9E240D8D2F3001 + stream[256..319] = DB04FD01BC18D91E2D31237AD0FE26AD + 3C8D6A2EFDAA9CC11BFCC61D94F6104A + 4091B3634FA57AB0AB9B209F22DA5529 + 75C3C322DEBE4AE68623BFE1B2BB7F0A + stream[448..511] = 35B290F85EBA78A978750690C4747E8F + 72621951483772E8B89876CC5D55F3AB + 02D9B8FB35C741279FF9B5B571B26329 + 4D011F813CB5B209CA1A22D532BF09B7 + xor-digest = EA9BB65E87C987EA64BC3F4E710CCC34 + F6CD0A795B8347E1441CEBEE35540D41 + 64FC2B95D71FD47A2C4ADF732261EE52 + 8125BE374FA4A90132CC1063971A2862 + +Set 2, vector# 18: + key = 12121212121212121212121212121212 + 12121212121212121212121212121212 + IV = 00000000000000000000000000000000 + 00000000000000000000000000000000 + stream[0..63] = 397F8EC015ED573967938D1CEAFE9BBD + BD8853C329B3A881B489090853FE0F43 + 89DA105F0ADFA9CF51DA2521C40FD2B8 + FB0BF80B93E3F2B3D8A8EB1C615E0FA6 + stream[192..255] = 68E7DBF465E3C6994D58B9937A866E4D + 43A82A80DAEDBF29C048639BA38B690B + 7ED11323E3C0A8E77A16356705431EC9 + 9F2CB7F7E1ED3B83EAF2CAEC00B00755 + stream[256..319] = DA51CF3A07EBE7E86E9DDDE5A47E7417 + 376F334E6AEF9C187012C8AD2B94BE7C + 00A876756EB232510FD0798E72EEC87F + 75EC1467C07B3A1EFB0D51A5FA65E382 + stream[448..511] = 0BF3C6FF6794887F2776FD632B83682B + AAFD131432CFD7D2F675E03320395313 + AD4ED96E9052FE6B2D2A17428660A25E + EE642B712800BE3F7E44F21A1E6A03AC + xor-digest = EF4E84DBD66497B142EEAC56B830FF78 + 0465CEE20B9CFAF5727D4B3A588F4D00 + AAF718330CFF35508C44C1ADB8476625 + 2CC3AA6AAAE74F8BF1DDB6D4AADA425E + +Set 2, vector# 27: + key = 1B1B1B1B1B1B1B1B1B1B1B1B1B1B1B1B + 1B1B1B1B1B1B1B1B1B1B1B1B1B1B1B1B + IV = 00000000000000000000000000000000 + 00000000000000000000000000000000 + stream[0..63] = 72BC8A6E1E61E704B142AA00812EE676 + 263C1CB9AB941119B19D15EBA3462F56 + 2F69220595DE5E0E7C595FA40F1F06B2 + 6EC32252AF05310809DDDFAE2E24B170 + stream[192..255] = B29A740B51B4EA1080666337D5551484 + FFED6860A5125DC0573C8F90F23A98E0 + BA7B3E4C28C2CEFB1C33D2C36D1B7625 + 64B9A67240CF174347A4C8D868F00F6F + stream[256..319] = 555ABD5577A8909797FBA9769C03A0F6 + 537C06AFB23354F054E25457B729B534 + CD10B2ABD45BE3E38DAF1B7A9103268F + 4FDB4C0FC9A80A003FCB907E8F249AE0 + stream[448..511] = 3B29A43D9C795DAF1760CA9EB57C0B39 + F62D54311207B617B727FCCE1B2E762A + 060810C4DEF672E7D76083E3E4BED0D1 + 0BAFD27CDFD2C937E660190D36B3FD7B + xor-digest = 0B3B0B3C69F2E4BDA22E25AEF352234C + 18CC5E1E3F6A317ED7257887446EF734 + 65CA15F51AF5E077B7915062391D8497 + 8F437985DD08F5FA3A8D74B3227A6EEF + +Set 2, vector# 36: + key = 24242424242424242424242424242424 + 24242424242424242424242424242424 + IV = 00000000000000000000000000000000 + 00000000000000000000000000000000 + stream[0..63] = C845BA29D542FBED2D021C85188E119F + D34967B79D9F44635DD45D2E41DC5AFB + B237AD2FA0E4CF4202D83DF3073C578D + 2AA8A32D30FB45DE28F23CEB85E50FBF + stream[192..255] = 15C910FDD3C590AED1ED7DA2A7969297 + FD12081B4B23F0A32CE5B3196173C7CA + 7EDD03F9637E08CA501C4850C15B207D + 7AA724377396CED2357B572BBF9E69AA + stream[256..319] = E484AF567EF80BAE77461855294E9280 + EF57E7366605785034D639D6DE3EBB0D + E21886D0E1E0679BC2E2C9C2D9201484 + 4A452B6AD3F1AC8B7762FF3C0E405B3B + stream[448..511] = 595D9855200786BB575FF7977509F395 + 7879CA1F19619A99174BF013CB62F85B + FF2C3C4FE724E26DD0C10D7635A2491A + 9E7E868D9DAD9201465AA178184D06AC + xor-digest = 08737B82505F46F4FF282EF42F387AA8 + 0450058F5314389BB73733BC163D75D5 + D32FC6408F8DE5F6ED2050027D605FAC + A7119FC2DC1B6D3E84E8048DCC42FBD2 + +Set 2, vector# 45: + key = 2D2D2D2D2D2D2D2D2D2D2D2D2D2D2D2D + 2D2D2D2D2D2D2D2D2D2D2D2D2D2D2D2D + IV = 00000000000000000000000000000000 + 00000000000000000000000000000000 + stream[0..63] = CA82A689535CA8BAE01BAFEBA6504B3E + 6E6320101999BCE5550C2BBC9BC65D91 + FAA2D72FA4BF46B6EE916244048B1D09 + A115E3AB6C00BAC8EE382B58859E8157 + stream[192..255] = DE787B1CE01B0BC09801D78D1FFA3A82 + 0C18B867C561E96DF4ADADC5A4375E44 + 5A34F9457E5F8C9A337A0C88DF0F723A + D4509F1449DF2C6AEC0EADF4C7A8139A + stream[256..319] = 7E1854FA15DF9D5827F1555F12B292C8 + 452A1A893EF034C51750388D294947EE + 3F505839C69C1708E8323C449C39A96B + FC9EC91B0E1CAA8112057EB0389FDFD2 + stream[448..511] = C85B42B838FB9C3D4956C9E22FBD8FBC + EDD92C4461EFBA5CF1664B9AF54857BE + C3D00319E5E8A89A8322831151EE1D52 + D8585AC79CB60B61ED2C852D04BB0FB1 + xor-digest = C65A6BEBC4FE898DB8D6B8F6E8F3680D + 2363BC12259B0FDB2BD8F052A572ECA8 + D1EF62AA9A48497805A413742B5AF5A2 + 6DC9FF624B49E5D6FE58BBE5251B4983 + +Set 2, vector# 54: + key = 36363636363636363636363636363636 + 36363636363636363636363636363636 + IV = 00000000000000000000000000000000 + 00000000000000000000000000000000 + stream[0..63] = 9F6BCFDE566A1B67C608F11B8461E340 + 42D4F07DA4D5EB05554CB7426D65C5EC + A93C2D321175B6F72FCBEBA6E38CB098 + B72534F7D534B1AADD97B77E8513B482 + stream[192..255] = B2466A173F436C8433F264CBF125B8E4 + C10BC81BD46B5C21FA161CB2AE07D27B + F66812A2C2FCB2B14C23E413CEF4E591 + AD52EF810A000B42E5C1B76EEBB17739 + stream[256..319] = ECBED2058DC50223614EB8635B834C3B + B176719C18CA5E3D087A93E5CDF81123 + C6FB819CCAFB5042AADFED5E3C33116A + FD92AA21031165A22F4751C423B8B945 + stream[448..511] = 758BD9435DE607867DA256064C304C8E + DDDF5B64173CF2C98B2842992F8C5FE1 + A37C3227B7F37D49A39F9FF929A883FD + 56DB8B1A174E1E55FCB21C9E1164C20B + xor-digest = 31761A49503946701D35306FBCBE10E2 + 02967E7EC14A328B4DB19FE79F03553F + 13A012B7297B2D02F18A216AD24A682B + 299518C3769123EE86A4937DAA9FC39B + +Set 2, vector# 63: + key = 3F3F3F3F3F3F3F3F3F3F3F3F3F3F3F3F + 3F3F3F3F3F3F3F3F3F3F3F3F3F3F3F3F + IV = 00000000000000000000000000000000 + 00000000000000000000000000000000 + stream[0..63] = 85C7FF83641ECF1C91B2D996D4EAFF6B + 26A4E7E34C0CA9CB9399F655E566383E + 246143F57776C8E08951E87F76091FE7 + 2356CC901F09A07895A890AECF047B3F + stream[192..255] = 4CE0C6606195F7562D485E32E8E105AF + C862100A07E55FB449BCFA2D9BD48658 + 958B37B3EA3565FA66824102A14B5770 + 5E3914E0680E116ED58212CBF61028E3 + stream[256..319] = 3BB772A5A8DE2AB14CAC1ACBF45B1701 + 057710F24C01E680F58090B8E949AF01 + 8970A43A698A04C0C8639FAA665DA3AA + 562B2C5C3A03BCC38FE75DC1821ED718 + stream[448..511] = C73DEA1F7BFE42DF75EA2681BEB31948 + 821FBB049DAD15B988A77C0247868A38 + 2056B66F47B0195FA30C9DB5A2334A9D + CD7C0D22E479FAE1BBCDFFE60F261C7F + xor-digest = 94D41CCAD940CED3C854DA0796DC62E5 + 6B566A980E34F353CFFD0F53AE9E34FF + A6A057645FE66D86BE30F93805D9E2B5 + D78C68EEBF61CE387277A51EB2EF835B + +Set 2, vector# 72: + key = 48484848484848484848484848484848 + 48484848484848484848484848484848 + IV = 00000000000000000000000000000000 + 00000000000000000000000000000000 + stream[0..63] = E45194379659D1D8904DB3698AF8B245 + 762910B7FBD019AD1AA20A6C433B4C80 + 308A9EA68697631646BF3A2107C4E7FE + 2235E8F3262A9DFD3F5CC23FEB0B2DAB + stream[192..255] = 012611EBCFF9F839DDABF99D9D4757DA + 4E947598C4757976F6F61DA5F0DAC8BC + DDF72F08BA2F446FA37F9A490F6A2B6D + 79227C93271D6B763DA7B2A907220A42 + stream[256..319] = DDE54F9170D6A4702CAF45CC6F799F74 + A43D83AB8ECBAC5206D108F869561D70 + F151A0037F8E28951B5026643F8B2D6D + 56A62E259F04A5EA304791A9468E66AF + stream[448..511] = F70794C084E6EDC07BA0347413B05FC9 + FC46994CA820CE4FC037ADBA50EAA9AD + 55064ACB7308CFCE3F35AD5C7C628362 + F4210FBC2D3264F734728626BABF5356 + xor-digest = 31815B36BA034BB1941DB1E45A941A59 + 7C3882F34BD3BF441CAE8A9790B05BCA + 72049FD10C09A14AC9DB867A82C38A5F + 524C72F783DFD16980DBCDEB486FAE96 + +Set 2, vector# 81: + key = 51515151515151515151515151515151 + 51515151515151515151515151515151 + IV = 00000000000000000000000000000000 + 00000000000000000000000000000000 + stream[0..63] = 3C04E21F6937C4EF472BFDDA89F9CAF6 + FF53889A9979ABA8F23AA51DB1EDB8E9 + D08F696C1100799A7D004DEF1CA94110 + FCF0C054B0C131E6FAE0FE2F2DBF22B3 + stream[192..255] = 9B4ED3EF9639B953186FC7E732E7A9EC + 55A5F3F19C5A10E12EBE46DD84F10385 + 33837693588D584FDAF86E3A217C3CFF + 020278736F1A90CE07F0DCE4329005B9 + stream[256..319] = 135FAD68B5282FE59B28D2DF66463632 + 06CA92E84A73FA131EDDCE89A5C23B4D + 08FA57D455BDB32F8ED58DAF3EF288A2 + 7C72020E35DAE19B446E4C52DCDAC5B1 + stream[448..511] = 7D08FE1CAA0E8A0362669B310B99127D + 18F2111002891D3229102D72605B9BEE + F5DA36059B0DBBA7646927650305431B + FDA4A97570CD0C484BF1E974B157ED7F + xor-digest = 5125E77698C0DAA89A7E47DC5D038D40 + 7B732CE56CEB674CE653A1B6661B2740 + 0C092AFF83BEEE4FC4543B9D725C9387 + 2F89AA338222ED677BF59397200AB304 + +Set 2, vector# 90: + key = 5A5A5A5A5A5A5A5A5A5A5A5A5A5A5A5A + 5A5A5A5A5A5A5A5A5A5A5A5A5A5A5A5A + IV = 00000000000000000000000000000000 + 00000000000000000000000000000000 + stream[0..63] = DA2E6F7FF0D1F1C87A97E028D3E20E21 + 75E9AD91482965B651B495AEE819CC6E + C42AFE2C20EEACCEC4E90710D17210E0 + 4CC6832905985322C8007F872D3E58E1 + stream[192..255] = 09B0A38E19DDDA08F7DFEF7D0FC80560 + D692A020F0A66F609374ABDCD1343722 + 05F19CA04EBDD3009844BC540C1B2B41 + 66D45E8A2E822B906DA34649E7FEEBB3 + stream[256..319] = 6C8E2CE1D7FABA414432E75BA2EFE4AF + CE2CFE99506677A956AEC86BD290B6AF + C5298A448D0DEFA99AA5CD26D318982F + E786D809C713D5A55B42CA6650191DDC + stream[448..511] = 845FEA0A88B521CCB8927C9457AD3225 + EF6E3C21705EC9FB24873916A2C24668 + 963C03FE097DA8224A42A99E5DFFDC17 + 68CF518DE49CCAC8A70216C62C9CBA6D + xor-digest = A46BFD9D2D0BCC688A032F54733AB7C5 + 5FF58B296071D5D39349A531E41F0BA9 + 893A1722B6102740BC5FE394A49363B9 + 6A626AB43FD6A288CD9B23F7255279F8 + +Set 2, vector# 99: + key = 63636363636363636363636363636363 + 63636363636363636363636363636363 + IV = 00000000000000000000000000000000 + 00000000000000000000000000000000 + stream[0..63] = CF0E05248AAD82F1C8CD2095ED2DA333 + BCB02E3AD8797377AE1F1B4D6DDB86E6 + 2A59791CB553550E0492FAB42C7A2C42 + 3157C5092D2DD37D46589F17FBD86584 + stream[192..255] = 9E946626F1EAAEDA42E52422B4A84D91 + 4122EEE5736BCD12061C77DF5B0122B5 + 1784E946B4E93470170ACDD7E2779591 + 57BCC9B9F3E11E88BC2F740AA0C10C97 + stream[256..319] = FF22D8196AB3DF662210D12D0FE79255 + 6DCD39611C07F089979CF7D693A30CA3 + 5B795B7F6D64931916E717C8BFB92114 + DB75118BDB51D142CE8133415C6B3456 + stream[448..511] = 971F007EFE17662D95F47F4F28266516 + B22A1E50755EEF19149DE3A3121F5FEC + E0D9DFE7A055026CA44193542D7687EC + 695B97769BF02F92C1EF3D904A8010C6 + xor-digest = D1C4878BEFCE48888A43C6DDE7CC8163 + C8D54A4CA36748C74721C7B6E1649A31 + 4B5B7A4BD43E7C3D2A22F0C8446C7892 + 90D54D421D37CB16400E59CC86215CC8 + +Set 2, vector#108: + key = 6C6C6C6C6C6C6C6C6C6C6C6C6C6C6C6C + 6C6C6C6C6C6C6C6C6C6C6C6C6C6C6C6C + IV = 00000000000000000000000000000000 + 00000000000000000000000000000000 + stream[0..63] = 54F122FC8ECFB176E7F4CF172B2D78B6 + 54BC11ECF0010D2AEB9F899130F4AC2A + 38EBC15C8831D591E6675DC1CE7A471C + 4B869FE83CBF37AC70BAAE5D4AC607F9 + stream[192..255] = 518F298A6008532EEFECB3DCF72103BD + 5E3F84FEB6EA2311E8C19A2E93A9C3C3 + BB1DA7DBA78D5618D1C4FA5B0B202728 + 62645A361E55494D66C9359E41E5809B + stream[256..319] = BAFFFC9206D1D813F3E2768F08D78B2A + 89BB20CCD92E7F13FDD816DD4E4963C2 + C5FC2570CBB8BB5C70848B73001F508F + 47AF179528200F51CDC6E4854EAA63C3 + stream[448..511] = 844B1D15FBFD1264169279ACD525611F + A39C7BB41F1E7A1C09090625F7926E51 + 23A4CD7FE1A3F37ADC67AC437BF0A5AE + FFFC6FB0ABF39D9908145004AA5B958D + xor-digest = EC67596C9DEF4012A2D543842829306A + 4285A3B8038818F265065DC848BD80FE + C27C2F66A57B27F7FA8AC912001EC954 + 05BC6E93D7E555C59060F5D2E294D103 + +Set 2, vector#117: + key = 75757575757575757575757575757575 + 75757575757575757575757575757575 + IV = 00000000000000000000000000000000 + 00000000000000000000000000000000 + stream[0..63] = 91D2772A18995DB3C0801DD3740F4466 + F9535E5BECB93DDCA0E94D19C0B57BDD + 0FFBA9DAF0B11D55C852927F8BA560EC + 4999E25848D08FCA7275E7E8571A5F1C + stream[192..255] = 72E64FF10CA9F07CC493715724DA7610 + 9E4358E8B0CAE451348B784A162DF036 + AB9796724D17FDBF356031D080A6631C + D1E8D217B041AD2EDF427972653206B2 + stream[256..319] = 4054F770C93FCAB533143FFCA8E4C0F3 + 344956C29D10374E502C2EDD177ECE5E + 6625BAD9630DAD57976216CD69865058 + 130B132FEC1AB0C350DF4DACE4C7724A + stream[448..511] = 40B4A4DD63F7B6E932482D0E6F5BBB90 + E402466550B518A177CD05985D238827 + BD92EE7EC22C274F19E682F85ABDAD95 + D0EBB3DB6C6134408353C8B0472C9A1D + xor-digest = 9A6C893F2108D13A29373DEDA65386C4 + AC356BDDD4A3178952F9126E322B7AE6 + 83C94F1A131CBEAFF26549D9F84CF04A + 1241FA374B055B0ADE7E49E8EC669E65 + +Set 2, vector#126: + key = 7E7E7E7E7E7E7E7E7E7E7E7E7E7E7E7E + 7E7E7E7E7E7E7E7E7E7E7E7E7E7E7E7E + IV = 00000000000000000000000000000000 + 00000000000000000000000000000000 + stream[0..63] = 87A7773A3514EB7F882F2C491E90DCF3 + 059C5CC575D806B9029CCE3FA45A246E + 0EBD3AB2F2E324FE36ADC3B56AE2F7EF + C710AA964CB87381386C2A88B1308035 + stream[192..255] = 415D6F59DD004944D4E45FECC6F1F06E + 20BEB18D9C84187C347F43B17E0924F1 + 2348F825E106E57A00258CE4415294D9 + 4323A9812D8A71359CEC1001BAA0D567 + stream[256..319] = 8E20F0D03F37EF4B2C5EE12B5F81F7C5 + 32D62E779FA0D2D08F8ABB6B0183A4DA + 4EE0329215F261D953150B9AB9FCBE2F + 568AAE361EAA8636ECC01A63F007977F + stream[448..511] = E7C44F44E06321A20E25F73E2069757C + 90499DB7E60025CF6D2D445E53A665F3 + 08EC96F6FE73C0AC90D7E4A712E18C2D + 3DED46DFBAFA24C4B0B329E52C525976 + xor-digest = 22035341489FA6EEB2A6488CA42F4043 + 57477C3F55569A1224EC39B1019E90C8 + 21D37D78ED4DCEAF6EA70724C3751760 + 38CF25DE4F84BABD80424D83A310881B + +Set 2, vector#135: + key = 87878787878787878787878787878787 + 87878787878787878787878787878787 + IV = 00000000000000000000000000000000 + 00000000000000000000000000000000 + stream[0..63] = CEC0C3852E3B98233EBCB975C10B1191 + 3C69F2275EB97A1402EDF16C6FBE19BE + 79D65360445BCB63676E6553B609A065 + 0155C3B22DD1975AC0F3F65063A2E16E + stream[192..255] = 5E12BA9DE76F9ABF061782EC1C4FBBAB + 3373B816DA256CAAC37914B0C161E4E4 + 5F5ADBE444098A5B2A4CFD4251D79918 + 987BB834BB50F0834EF4985F356B92A2 + stream[256..319] = D89642D25DF97D149AE07EA18BA39497 + 8935978AC34C1DF9F444986D7505DB4C + 7E08DB3616B84CD52E7DD7FB108C36B8 + B50C2573172F4D3500B6D62A9D20B82A + stream[448..511] = A2C17FE7371604556F796429C6BE0688 + 8611638B310F3E9FAF484BA9EE29C16D + 2F842EAF33AFEC557B68D2F453569187 + A6F4CD204A0E7A733E81AB7CE9FCAE81 + xor-digest = A7C93087CA70DDFE5FA5F1F2F954320B + 6E3A61977A7C6AC2F033B826AB9A9957 + 66671D2A1025CDF8E2824B2F58CB221D + 2A68679239D90152FF7D0D39B33FAB93 + +Set 2, vector#144: + key = 90909090909090909090909090909090 + 90909090909090909090909090909090 + IV = 00000000000000000000000000000000 + 00000000000000000000000000000000 + stream[0..63] = 7118889F6E46A6523BBEFCDB006B3BC6 + 71A6D390BC7099A708D370DCD0E3D143 + A0334619EBD5C7DA9EF6301F29273F85 + 2DFA3C580ED65C6E952F88A0B7FE368E + stream[192..255] = 31D61E133CA1AAE400CB2DBBAE93C75B + 445792061AA0539DA69ED0B77B970C0B + 482156A5DEE4082A61364BF06E692399 + FB9F4411FEC515291F8949B20F57229E + stream[256..319] = 993E815F299D4841518119BFF88F6EFB + F3DB9BAE60238BDE2845DE4DBA6D79DB + C9E42BA5C3C004AE4546FD86C660FFC8 + FD6A8A349669FFE3D9E5BDF8E50A407D + stream[448..511] = 0F9CEAC6BDCBB56B7E97DDC95877B2B2 + 1274F4A6D814B5440C74D53A3FF0735D + EF01B14AE4188E215CE7337C04871688 + 7159695A241BFB9D6B489FE9E23B2AD8 + xor-digest = 0BD5739ED28778023E6303FD88DAABC4 + 0FA0A211A1A5C5F230D9E67DDD9EA517 + FEBCDF0BDBC107291B6CF3ACD8B862B8 + 4BF15400493A54036E97FDEBB9A1DB2C + +Set 2, vector#153: + key = 99999999999999999999999999999999 + 99999999999999999999999999999999 + IV = 00000000000000000000000000000000 + 00000000000000000000000000000000 + stream[0..63] = 236ECC5AB83DB1C5CD1C5A888CFEA2DC + BE99E7E515650511FF7016A0EF287ADE + 5A03839C4F83F05FAC3B0B24D4E3F602 + 3251F8D9CC4530A805F8A6A912EFAB1C + stream[192..255] = 792823ACE2C0DDB266A118068AE295CD + 716E424D3B98A9DB2501A3F5DF7DC70A + 3BD2C6E664D5E13317D6F57B8774C903 + D407D2BB6014E0F971141E89569C5868 + stream[256..319] = 2D6ECCF738FC00ECD5475EDA959A73BB + 304C81FA9DDE0C21592247C4098D9347 + 1DA30294DE8C100E5B17A199F744CAC2 + 4E33490FC7F223FD6B4923056117C6D9 + stream[448..511] = E791A6BE7F7593788E5D627F5CDAAB59 + 349AF2BB1DA2BA622B9824F729929098 + BD19DFC05D0D9454F604960C027752F9 + 7812E53DE6AC6CD2751AB331703646AF + xor-digest = B7C5CE0D2FF66533A1C948C425F33FF2 + DC458E7E517637596FC8FB710E2E5636 + DB1F14848CB12793D54ABD0856B22F3A + ADFA8C33AD08B8CC5292DD76913CB105 + +Set 2, vector#162: + key = A2A2A2A2A2A2A2A2A2A2A2A2A2A2A2A2 + A2A2A2A2A2A2A2A2A2A2A2A2A2A2A2A2 + IV = 00000000000000000000000000000000 + 00000000000000000000000000000000 + stream[0..63] = 74490D19F13E7C6D1B25C6408E23F229 + 8A8806402755660C4A30CD216A500BB6 + AE975E08EC62D08425A8A62A71B00215 + DE35E5178902348698528CB82296F009 + stream[192..255] = 51A6EC18829928EE94C37A5CD030CC4C + E4F7E1B3E78C3A5DF07592F45B968BEF + F95B8B257DAF2B468284627AF4481FD2 + 67BE0B164DD86721DC8C1607A0607EF0 + stream[256..319] = 75C565D5A5A240B003273F99BEB3E4B3 + 9C056162B626F383F3E77B5C98C0FBE9 + 119A7C335C333E6490126AC2510CDFAA + 86441C72D1DD9ACBCD3FEFC0D0C794C7 + stream[448..511] = 2D90CCF0B43239D725E3B53C31B82754 + 246C065AD23A8D709161FC74B34E23DB + B918EAFA4465125D3780BF0B5803AACA + 037AA0A14D977141B611A6CA2278B634 + xor-digest = FEFDA1A6E95920B93380CC24FAE214C5 + 6B009ADCB176D519CA4B8538EDFC95D1 + 6CA06B730B28A230F0085FE43CBEE2FA + 2EE5DCD74D66F5CBB59F256CC1ED885A + +Set 2, vector#171: + key = ABABABABABABABABABABABABABABABAB + ABABABABABABABABABABABABABABABAB + IV = 00000000000000000000000000000000 + 00000000000000000000000000000000 + stream[0..63] = 22E1A884ED2C67CCB2977105649B6544 + 367858D1A730AA2FA96703FA406B337A + B2159A389BEF48D8A215D870B2968E16 + B11571F12BEC0A07FA7D3B9790987EC7 + stream[192..255] = 4C98DD259D03A40AF38E0ED0F37CBD74 + B27776E9250B8B063E52E169C7B76A15 + 0D699278AA4124427B5EB6AFC4AD5DBF + 600FEAAA98A88DFF297DACA5ACB4878F + stream[256..319] = 5FC732A26406FF0DBC764ACB05C83484 + 976B640E60CCD6ABFB908583ABEC3E75 + 2878371EBB5374C9B37A63E0768AE10B + D857253D940AC408EF49EDD590E806AE + stream[448..511] = F012E429C44D5DC03B88123855B62C0E + 90E06759306017B5773752973850531B + C480316CBBAEDE6353AD5FB298349AA9 + 16AC0221A4CE1E4729BFB9C230AAF9FB + xor-digest = D73B872315F9052C67C4CFC5CD912DBD + 60DA32FD06D9C8E804968E688898200C + 1D979DFFCE52E1C3B3309B58D12BDBB3 + D3EBA2954D1587D720E004E12EB4A13B + +Set 2, vector#180: + key = B4B4B4B4B4B4B4B4B4B4B4B4B4B4B4B4 + B4B4B4B4B4B4B4B4B4B4B4B4B4B4B4B4 + IV = 00000000000000000000000000000000 + 00000000000000000000000000000000 + stream[0..63] = BEF4DD0101F80A8F880BE0613B2AAF88 + D2EF924014F7445ED922E9C021571909 + D7E6BFCAEE0724F2A9C522C4BDE4BBE9 + FE53FE592C0FEB80D2C7A51FB8BE9EF3 + stream[192..255] = 6B1966D3EE460999FF09001B0ADEC484 + 0D22CDDFF39EB0E3D5FDF74C6E7B3394 + A0A4271D780DE6DEE9AC58B4903EEDD2 + 6DD14E14A4DFE506748D5DCA6DDF4C5A + stream[256..319] = E79D99119996FBB5163335E2F79F0502 + 7AEA5372136E7B3C5BE1F4A673A2DC74 + 60834B81BE6C4976C4A727C8E6046A64 + 4CAF42EEA6A068B7E532581E9037BE9F + stream[448..511] = 5C4F52E0E94884C829DA1FE88EF34614 + 9F3EE55A136EFA3B417DB63D2487DF82 + 794E161B3153DDB2E1E4F385E1A848C7 + 729FF5CB1CB58D5E73FAB1F2DCEEE5AD + xor-digest = 2F3C231B0228C274255F3BD314ECC7F3 + 1B9C49177009AFF2CD88F807092D77E3 + C74C1B9B8650F581EC7603F4D6E70955 + 1B00C3192414C04AB0AD8B0B9BCFE988 + +Set 2, vector#189: + key = BDBDBDBDBDBDBDBDBDBDBDBDBDBDBDBD + BDBDBDBDBDBDBDBDBDBDBDBDBDBDBDBD + IV = 00000000000000000000000000000000 + 00000000000000000000000000000000 + stream[0..63] = 05AF4F98E9D526CD7912F3E8CAF45410 + DED6D4E331633C5621B94E7EBD15E856 + 04AB202A553EFED55A548C7AFFCD2550 + 60315FD50A305D8BCAC9C077229D34AC + stream[192..255] = 786D24EF3FBFF6883A4ECC4F40E445AF + 3CFD130D5B6A9CE37BEBA429AD137A82 + 44D0586FEB16D086F533D1885A82F73C + F2AD2C645591F80ED09942F0A08D898C + stream[256..319] = C214B6AC700164FA66DE346A27A99463 + C5B6C0E43A9057384BE168E163058FCB + 6E7DEC871C6531EFC8B8D581EF92757E + 219294D39E0C9C8276440BE56C3D9941 + stream[448..511] = 22CF14F5BD70E719AFE76C53E5D611AE + 4C8D2171695C9CF97E2936A8BB320670 + 015825547A508EB43D96F2EE1EE2CB34 + 4E120F001500F8ACC3E19E30455D09D0 + xor-digest = FE5928C74EA21F23E29171E5AAACA20C + DD8571E907763C96B99A8C11F9A1D2F5 + 78F68A6C440996995F7AB6E69B3CCE33 + CF8CE0C16F54355696D47DBF82EA8D56 + +Set 2, vector#198: + key = C6C6C6C6C6C6C6C6C6C6C6C6C6C6C6C6 + C6C6C6C6C6C6C6C6C6C6C6C6C6C6C6C6 + IV = 00000000000000000000000000000000 + 00000000000000000000000000000000 + stream[0..63] = 75559677D7C762F6CFED942D800F2FAB + AB5F3892DC2C79922E96FD34FE511C11 + 251C8EB7C639E531CE08A8C99F62E7BC + F68FBAFF99D62348FF91CCFEC2710055 + stream[192..255] = 149806A4D862EEA81F0208D927339E5E + C98E9C2A6E0DB85CC0380DED7EC5B8AC + 4ADAE76AEB9C7B7264C3834316209615 + 25221D58C0174577110596FF89C8FC69 + stream[256..319] = 137E527A0ACB8B96A9FA07890B60B78B + 3CDD19BF89B31FF75A814F470BF97E0E + 1293B750B769F5BDD750DE5025D7534C + AD541A1F26C6AE9AC2FD3237C156AEBB + stream[448..511] = 0958243E88921B81F04AE63658E52D76 + CF2638495B3A6B970633A7C8F67B8CF9 + AC378082F72FC63BEA02881CC5B28D9D + C8C261C78B2872B5EBFC82336D6E1A28 + xor-digest = 0084D7BED4953402FE8F7FF71A28CEC7 + 0028A08A00EF935C06A8B3632DAD5914 + 84E44E372A753F8E630741266C0F4218 + 4923608103042C70ED4ECC5112B9AF6B + +Set 2, vector#207: + key = CFCFCFCFCFCFCFCFCFCFCFCFCFCFCFCF + CFCFCFCFCFCFCFCFCFCFCFCFCFCFCFCF + IV = 00000000000000000000000000000000 + 00000000000000000000000000000000 + stream[0..63] = 0C46BF67A3DBA5DCCF8E4A7A65B6FE28 + 98C701CBF5E88F1F3DCB6B873E5CAEEF + 23024ADA678E1A2CA9E25AA8B476CF4F + 9FCBC297FF03A9B94A5A736274EA776C + stream[192..255] = 73B9891D1770289A67D6338909FB6282 + 9A425B7947FC30DC52B11E398E85B1EB + 537E1C02898FEBFC15A9172C254CA55A + AA1B56EA856F47E37E2F252D92D94ED8 + stream[256..319] = 6522D372F90F2DAC155D48F165B6DFA4 + 38B63B9F436FE00CC075C585297B8F90 + E6062358D29641FF9C28EED4A23FC53A + 6B5C60C2AF1E8146DB27CCF5F43BA838 + stream[448..511] = 642541A9733946827D79BBD815C03C17 + 6357BD6E81E9A61FFFD4A0BF6863AC71 + 72AEFB92C1F235641BBE1457B724A6AA + AF9FAC687552A778B034C4A4F8E41ADE + xor-digest = 9DDBC1E7D31379D027B4F3DFD72C3668 + BD0BC5A97655978E79056B3D25DF3E79 + 5D5D8BE5D1AAE877F2E7D03225CB6609 + 6EFE11CBCB728039A243E326437CE73B + +Set 2, vector#216: + key = D8D8D8D8D8D8D8D8D8D8D8D8D8D8D8D8 + D8D8D8D8D8D8D8D8D8D8D8D8D8D8D8D8 + IV = 00000000000000000000000000000000 + 00000000000000000000000000000000 + stream[0..63] = DBD4E866F4E24E7F66816CAF625BD07F + 1F7BDFBB81428FFEE9FBE14DF5F5F3D8 + A044EF53A868D989E16165A0F2B95E8D + 83439BB4805A125AD0CA7994AE11B852 + stream[192..255] = 7CACC4E7B9B1957ABB22ECB9D9D67184 + EE7A7F4B822A1C955A69E238022AA313 + 276C2003E27AEF1B4F94B33A6428685B + F048B357EAB297B7DD98E612F054A317 + stream[256..319] = 286B484FA80A45EE4D5300DFBE173E8C + 978B976BE1B6CB0D15C0324D6B70D265 + 385B615B3EA97A55D94C47F53FF40861 + 4460857AC9568556AE54A52546B41B5A + stream[448..511] = B3AD999394343F6F0BDDD0B1FAE2E3A6 + 5BE2BF56D2B78A401D5761E2F3AF8B18 + A2B1089864999D9B99E5BF6959F8F802 + 975FBF204D6159CF23F3706CAF0D9BA5 + xor-digest = 0957D6887501D4360C430614B67D99B5 + 32849E2F5C69CE8A9F3F707A2B5438BD + 0C1237B5617FB525CC9C043A10DBB265 + 3C3F0A353E89A19838B8F68542E09526 + +Set 2, vector#225: + key = E1E1E1E1E1E1E1E1E1E1E1E1E1E1E1E1 + E1E1E1E1E1E1E1E1E1E1E1E1E1E1E1E1 + IV = 00000000000000000000000000000000 + 00000000000000000000000000000000 + stream[0..63] = A6DF8DEE1EF7D1AF773AA3E9651B645A + 50CF101BF065F69F3E78BEF5D689B1D1 + D306FF41EB3E78BEB75C4200937CFE60 + E89E370680C519B2F64E23516ADF8062 + stream[192..255] = AA30580A210B87727BE17EC52AAAD037 + 3E0DD11FBFC89B37825CA4D6F9E8D433 + E3EA54C37D678B58CE834AFA310F6D4D + 06B4603F12DBF38595AC76511D0B13CF + stream[256..319] = 5F3E1A55116CB67BC91C8E37182EEEEC + 8FC9B09DAA6F418D3434BFBBFF6BFFFB + F93F8A963F2F51CC487BE868F010EC0B + EE17A480542A301E33B36F59BEE13D91 + stream[448..511] = 672048756C221C12DA6178BE711B3371 + 525A92BC9A219CABC5501B0DA4CC248B + 8742E8BCBD6F5A1CFE522F3DF3BED6B6 + 5D60D1AC737ADC582C2CB9751521828B + xor-digest = E7CA739E4DE0E74274E491CAA9BF5CAB + 3F418EBEB69509D69B2594E964759D15 + 104F674CD44681AFECC3B4939CA0A0C9 + DD7AA5726653ED3FBFC833DDB0C87B42 + +Set 2, vector#234: + key = EAEAEAEAEAEAEAEAEAEAEAEAEAEAEAEA + EAEAEAEAEAEAEAEAEAEAEAEAEAEAEAEA + IV = 00000000000000000000000000000000 + 00000000000000000000000000000000 + stream[0..63] = 2479A8F2872A813D16D15F060D300237 + 25297B812F6F3B97D74D9716E4403A5A + 684D2BFD1E15275470FEDADF1578277E + 44C6C06B8A5FCE3D0CCC5E13BF49947C + stream[192..255] = DB2F9B25F9523FF5C2CCCB808EFE07F3 + 132D4B0065A563288F848E05EB45E48B + D15C069C02F90B4FC10AEBF1AF4BF90E + 2CF7F48C8CD7A8091014131EBC21FBE8 + stream[256..319] = 84FAF79797E25BF2CFD54E58F5C7AC1C + EC170B064429EB832924CDA9C47B5174 + 9BFEF80D96FAE36DDA65659FEA1CC06B + 4EA3A1601A3304AA4DDBEB62381FD4DB + stream[448..511] = 2C8FC8D23E7DBBC37BB0811D1BC71145 + BFBCDBAE19F5281CD0E6AA37419778DA + 64DDF68726DD7F4D78BBBFF4576C2AAD + 93F477A2AB2C3CA8A381F30BB944C7B0 + xor-digest = A6D5F0DDFC0A43491D6D0A17C095C070 + 9EC7E9B89DB8EEA11045ACC5FF003DC9 + CD3318BB6F9675EEF20E15490F525066 + AF8380C663B60EDBAE30663C94C39892 + +Set 2, vector#243: + key = F3F3F3F3F3F3F3F3F3F3F3F3F3F3F3F3 + F3F3F3F3F3F3F3F3F3F3F3F3F3F3F3F3 + IV = 00000000000000000000000000000000 + 00000000000000000000000000000000 + stream[0..63] = CC3701E703946194401D1BA23AD99B5D + F3F856138E142D4B9C23DC9F252A277B + D62DAA33A71A0C61079AD5A20562291A + B6EC92C66D7BE6A17E27D4DDB48EFD31 + stream[192..255] = D00665FC0A4ACC78758EF25B0B0D6903 + D565423614409AD11E821B83F5B35D83 + F26F3EF9EC1766FEA9C21C09E0AE248F + 4BA01E48BCE09D06471593B3466703DD + stream[256..319] = E8B4EEE2C8BBEDBA758C1C2D0889FDDF + 96CDC215EF1A62FAA29A5608C852FFA1 + 18B473C5A7319446F3ED2E8AB39A533D + 714325D1B14E838C9EC6E037DB0DD93C + stream[448..511] = 4FF3B43841B17A279002EFB07324625B + 7E937D480DC73F12836195110ECB4DB5 + CD31CA4F92F612A95E82815328DA7D5E + 4DCC5BB6791603EDA64C57B5A5AAA04C + xor-digest = 9202B874C48D4B1A9E857E645EE8F884 + D971CE97923AC024ABEFB944E34550CE + 31712BB832F9174F86FCD369E75CA9AD + 85095F43A4B7F33AB641BD6912D2C59C + +Set 2, vector#252: + key = FCFCFCFCFCFCFCFCFCFCFCFCFCFCFCFC + FCFCFCFCFCFCFCFCFCFCFCFCFCFCFCFC + IV = 00000000000000000000000000000000 + 00000000000000000000000000000000 + stream[0..63] = F374DA745A5CF93A567027609E5D3B1D + 5C3C8A4D15203705D978AD42279F6548 + 51FF713F5120CC93D044EF717F5A75E4 + 98DBEF559E5F157A8C819E213E93B3F4 + stream[192..255] = B270F638AAB88DFF69D724F79B70CEC9 + 175AEAA99D55485954B265B5CAB86509 + C810E664766A8E6C90D4BEE3A58B1815 + 9076959FFFA2F30EEB12343E9E7778C5 + stream[256..319] = B2CC84A1127B5333B30EC81CC14307FC + 418DA96336991A27DADA74FDA987B867 + B125C53C0E4E2889FDFEFBFB48797A22 + 2836B2EA42793CE2BFFD568F6234B368 + stream[448..511] = B70F4A10A1B75D499E8189C8B92AFB36 + 4CD2D730DC8D7E183EC55A777C2445EB + BA7E9CD95C8F3A206B73C422AC2E2C08 + 15A8C6FED156FFF93B63DE512EF69725 + xor-digest = 467EDA43B849054EE747A532ED0D9AA4 + 6EA1BF2B6AF19F481D6E3D55EBAA96FC + 6629FE65B5EC4B5EB6A155A6D60FEA32 + F04F8230E26390F1C8FA53D47B68FEAE + +Test vectors -- set 3 +===================== + +Set 3, vector# 0: + key = 000102030405060708090A0B0C0D0E0F + 101112131415161718191A1B1C1D1E1F + IV = 00000000000000000000000000000000 + 00000000000000000000000000000000 + stream[0..63] = 7CB997D6E1B46DD7C0A9629B441C3771 + 14D6C18F230291FA7EF0B039AEDCC9AA + A4AE05BA13F3931E3F8373AA320A8BCF + 28E825B2084D0FA486BE52C92C3C6F14 + stream[192..255] = FD4DC85E176D76062323B2F5B31E219B + 786596F3DC0A2AFD31AB48C5F911605D + 556399114B0779F43221FE5BDA899627 + BA6498C210D5AEC5FEC8733357571F77 + stream[256..319] = F00E84A92BEA966DC8359FA63B12E8E4 + F5611F6C8CDD04CE9D605D770B2EAE49 + D6976272057CF275EB5B4CC434EA9B0B + 8CD9FEA22D7E919097CBB36C5D239BE6 + stream[448..511] = 110560BCF38CC42478036CC228E9DBD7 + 4C44863DAFC81B528AEA2893FDBAC7BB + 2F68CCDF566E1602623EC9AE283EA69C + C032E90E409F368E28401AE6905BD4F8 + xor-digest = 9CCCCDF3F7D712D6E3931068138F9A9F + 8640478BEDFC3C7CD0802954234DD07F + 99F4B072D9847DEC2E16FAD0ACCB3609 + 16243175C84A317191A98AFF5EFCEED2 + +Set 3, vector# 9: + key = 090A0B0C0D0E0F101112131415161718 + 191A1B1C1D1E1F202122232425262728 + IV = 00000000000000000000000000000000 + 00000000000000000000000000000000 + stream[0..63] = 0889D6D9E155FC208941B945F2B15362 + 3CE5C79122C1085FC172836FA9B06C0B + 50910CACF399EFC9CD9CC484786AAC8B + 377972E9A90D7EDD40A59FE1B942710A + stream[192..255] = A540BDE9860D8687A45D8CF22E00299A + 36BE590AC92E70BA03B8A5F2898C2D1A + B9B1E5C87C4B10C9B6E08EB868AE3B10 + 3BB95C30831B903A3A9620ED16B96210 + stream[256..319] = 90E2A684D3960A4B1DA5DF19BF569288 + 5A23892F2003AF2319FED9C8D37B8702 + 7E61290E013FDF93683829DB99C177F0 + 222EDD6A0FE3D5F7F903D3CC15C6C6DF + stream[448..511] = AFE7454BF77E3CE1050ABFC2E25F9B15 + 011F33B93660EA4AB5E7BFC513F2D787 + 27F8008ABC1E14B06C36F7750AE88C1D + 7AA2F6EB9F2E925CD6CBDEC5FBA3EEA8 + xor-digest = F1A8C58EA8459686DC5BFA2A81E80653 + EF6141903898D1A3C7298358A79D674B + A971C106CAB035722F246D3E67D34543 + 3E71DD374DAF73036EE55E6C0ECE5FA3 + +Set 3, vector# 18: + key = 12131415161718191A1B1C1D1E1F2021 + 22232425262728292A2B2C2D2E2F3031 + IV = 00000000000000000000000000000000 + 00000000000000000000000000000000 + stream[0..63] = EB11D29C989FB09961A673D8412360B4 + F4E6DF0169A3CE207656A7C72D6FB8D0 + 95CB3A7A6CECDC2E167CD35F62A00110 + EF09FD32B61A8B405A3F55A1313F0DFC + stream[192..255] = 8ED27EA005A3E298560C829380D4F1E9 + F0C7FD5285F04AE6FD66C94CC07C8C51 + EE8163B7414A52B0594C5F7F80104D95 + 0858C9A52F3C156ADAA025C00B180429 + stream[256..319] = 12DA63247282599F2C50B172CDB4F31B + 20952134800FB8BCE743BBA90E6485BA + 057A9C5E0989A8FDCEF1C88DD54E920F + 7028EB284306FE6A87B0FE063DAB9557 + stream[448..511] = CD447E9F58BAFB77F6E02AB5A692120D + EC4F7BD597DE5C54523A7944DBA6A3C8 + D00000D3E70F7D9292B7135A7F054812 + 4B98680DEF6631D2D10E0E7B08F188BB + xor-digest = 6EF765CB84937D5E829A1A1664EBD23C + B474FEA3C5AB137F2D9B35BBE0816EDD + B26EC14D74EFD0F9768C521A6FAAF122 + B5E34A36344FF0F0DB3CC2F2780D05E8 + +Set 3, vector# 27: + key = 1B1C1D1E1F202122232425262728292A + 2B2C2D2E2F303132333435363738393A + IV = 00000000000000000000000000000000 + 00000000000000000000000000000000 + stream[0..63] = A71D4189D1338531D3C03D00A480C8B8 + 49C779B7E113FD8D59516164C161EAE3 + AEBF74542FFFDC2FF8C2666FD5AAE413 + 19072673F958F498F8FB9743BE46863B + stream[192..255] = B0B3803396AFF1646369B6FAE62EDBCE + 5254E7C8FEE88F9EEE5D8A7B6D44ADC8 + B89895198E3C147FAE0C9B8325EB3501 + 6EADF77C5D7F402CF3168448D2A59E23 + stream[256..319] = C1CCE6956C8257947C004528F568E3CA + BE9ABF891E2FC2B52D9A1E6EC97A22B1 + FFD1C77E50A17CB47014C9EDA1853AFC + 11526F6268102780ACB3E0F120398AD0 + stream[448..511] = 765857312C8994EF6BC7259673F02E38 + B7E0A764FB70534190033FB1BA86D5BA + 3BC6851DB596970A2F60831EA1A31CAA + 96085680CBCFADD9C5F0330CB72AB5E2 + xor-digest = 30EF19DE0E750BBF6AB3FC924742CDCF + 62B2FE5F25983BB9777C727679CAA39B + 1280AB468051463E7EB287AEEFA5AD0B + 9C9DFCA45A3124D5F41F4B0AF5849E62 + +Set 3, vector# 36: + key = 2425262728292A2B2C2D2E2F30313233 + 3435363738393A3B3C3D3E3F40414243 + IV = 00000000000000000000000000000000 + 00000000000000000000000000000000 + stream[0..63] = 2B9B987B7CADACD2FA50A53A9F9F44CF + 4ED11B3E25FE57F1372C6D570B470AFF + 5FCF3BEB89D0692D873EFEBD26EAF3E1 + 1B6892913F0CB27F3CA9BA20AF7A98F8 + stream[192..255] = 0148F54B1D24F3D69A2086D6938898F5 + 25BDB1B1F78C5F92BA21FCE803A52591 + FCEC9A1AFB0FB3B081CDB1D79D254845 + 40EB9D624B5E113A4F143716722687ED + stream[256..319] = 271FF1107AA8968E0ADDA5371F40224A + D8E134AF80D5ACDC9803B1B3A9819BF4 + 8ECC3A68B303E1275FA97222F7E984EF + 9C73899433230FD746DA6101DE37ADA2 + stream[448..511] = A66D3BB64C35C71BBAA3F5410F388253 + 2B32897B1CC1AD610F3AA195CDC1EB82 + 0262E817374384BFBE200339B284ADF4 + BFF6960B6A41AFA9D7C9B67B19C14C37 + xor-digest = 3CF10A4A8BA3E0DA3C0B63F1B913B57F + BE47580DF7D90B13459A9BC98B93B014 + 1185E910EDC0A5B37206542B17CAB8CE + F050A4ED3D7097B6A0738095E4BF7A77 + +Set 3, vector# 45: + key = 2D2E2F303132333435363738393A3B3C + 3D3E3F404142434445464748494A4B4C + IV = 00000000000000000000000000000000 + 00000000000000000000000000000000 + stream[0..63] = F32665A4C73608E133D85712D2CC9A76 + 6D2B83311B3F44564A56A97ACC9B6492 + B282A2E62A435A7B7799073E010C78C9 + 4B7B5BD1B25994D1CE31B51CBB13BE90 + stream[192..255] = C9F24592930A0A9148486D77C1FFAAA4 + 4E4EECB088D6AD38D73B195E576BEE56 + E2CDA968FEB85D19BF89391813501B02 + EAB39A2E78B8CC7456EE60EAC3454051 + stream[256..319] = D8E1D09F074708379189BBFEB1E24053 + E0BB5980FFD0371265320C3047F0ED36 + A65CA8D0DDF20DC25B552E1882811C77 + 6613DBB4297DC6C89E31529DFCD17C82 + stream[448..511] = 8012813E7879B3E99C40821A97469BF3 + 9D2EF3B888E3118275F47F8C78A5F7CA + 19A98B1817D2D7734E69C5ED43773D68 + FA100E2C37F40FF8E018DBA52C5C239C + xor-digest = 8AFB9CD876AF4F9693FF4FF511D89957 + C8BB31D9DE3F21B726667681F805FFF0 + 4B50850696D6C2E5C271D199CF49F1E6 + D366C7824273E99360BD5A294E415F0F + +Set 3, vector# 54: + key = 363738393A3B3C3D3E3F404142434445 + 464748494A4B4C4D4E4F505152535455 + IV = 00000000000000000000000000000000 + 00000000000000000000000000000000 + stream[0..63] = C72B0F98EE5C2D44260E929C70DBF174 + 02C03543483178C8BC129D67FE2746E2 + E881F8439E2A11EBB3716ADB16207BBB + 91454A71C444445CE64003F0BB1F481D + stream[192..255] = 5590F4278E78AD19293525095C2F76E3 + B35A3858CB5912B62304180225BDC985 + ED955521436DEC441B9C742B3C5F4CBE + 94B99689048AF93E48472980D058807F + stream[256..319] = FBAB34E9F432546EC8C52750DA4D2278 + 4C1323D4E3F4E9B63E65A7E3C8B2637B + AA5D0A3B897113F68C63CCB78B5AB40D + 0A0DC3EF1EB09DF5C4770B343B6B5155 + stream[448..511] = 78B0144CDF2692F0D0F164ECC8621F5D + A00C401007B82AAE7753712FD6185E9D + 7ADC8CFEA6D5BBC2F3EDB8BF2C77718B + 6A424BAFD30C30934FC645FF05704BB1 + xor-digest = 835B5361A9C1F88223DE7BCA09030CD4 + 67065AAE99198645029CC0AB9B9BD579 + 14332392ED7A433A64D95B44CE228860 + 7E029235580276BCAE88F37418FB641C + +Set 3, vector# 63: + key = 3F404142434445464748494A4B4C4D4E + 4F505152535455565758595A5B5C5D5E + IV = 00000000000000000000000000000000 + 00000000000000000000000000000000 + stream[0..63] = 804025A410EFFBA58647A9F4B443BFC6 + 1CDDC30CA04DA8DAB3EC6A098A830D68 + 2683B59B76C60C09938E67CB41385315 + E2504B024DB808923B0909EFC25F0927 + stream[192..255] = 7A4661190129E3F349DA7B44DAAFC388 + 5E4BEEAC9308844DDA45E8E06637246A + 0E6C8C7D94C5F710CB78CC6E0CA82870 + 8CA77B6266B41E3ED6BAA2940F1977A5 + stream[256..319] = A3EBC22126B6069C674DB604F8C22B54 + DA68FB4390617E86C4FF089344BD0DB3 + 887B3438E8EF8207FD89B2A485C0B383 + 22AEB69750AD054F843DCA7995BB58A9 + stream[448..511] = BAC68211F125B57B8CE5E42E644997F5 + 2FD4B8A7D5CBF89ED2F6B5F4D4C7FA5D + 0CC34212160C6BA536BB7604C184367F + 2E088528F3B3A0A1B20F9249711162B1 + xor-digest = F628E74D1EB94591694631F1B2F12234 + 38B056789D5C2ABD8CF34D9FA7B8C304 + 5A8C2298B7BEBB90C7CC86895693118B + 2A43B7E8AC7E534DA7965EA720F19180 + +Set 3, vector# 72: + key = 48494A4B4C4D4E4F5051525354555657 + 58595A5B5C5D5E5F6061626364656667 + IV = 00000000000000000000000000000000 + 00000000000000000000000000000000 + stream[0..63] = 40409D9AD4CFCEAEB8FF613D32B59180 + F5DFBBF44C1B7209AD1AD5AE94DBBF3A + 83EAB34D2617ABCC396880BD5F5D220F + F434DD575E66CA74BA32862293113C5D + stream[192..255] = 42D9EDDAF89B93DAB4AA790BC9C45BAC + 5E94575E175C2EB1CC08BB39019E25C0 + 9B0F4F435ACE371BD9235C61C56A362C + B1A64EE58F4938D59073C5A8A1BA679A + stream[256..319] = E40477D1B6C901AFCC4A2C429845C7B9 + 0DF890C317A5B9D6368672C58E0BD5B2 + 7E42DA77BDC2BF47F9AD195F7C192B53 + 24FEF88E6B3DD1669A068E3FCB58B203 + stream[448..511] = 7616AA094DFFD4BCF94E03C9CCF95C31 + 8F247AEBDE281334F8E6F46271070BC0 + 1AC838D8FCFE18865DD30949C68052C8 + 6E93815B4EA9480B2D0B6A5D9888E597 + xor-digest = 1FE60024F188CC243F7D8221D990ECE3 + 29E89847C9BD60AF23061E9C27C4908F + B00D8813E680F00665658CEB077BEFAB + 5DEB41D3547DD645DEDBB3BF5D7B651E + +Set 3, vector# 81: + key = 5152535455565758595A5B5C5D5E5F60 + 6162636465666768696A6B6C6D6E6F70 + IV = 00000000000000000000000000000000 + 00000000000000000000000000000000 + stream[0..63] = 1B8DA47812BF2353C17C89AAA8695E9F + F553BBA44087D262FA0C710B69765F12 + FFE190625F58DA899B56FA7AB5E0E674 + 4CA2B073517B9577712D7155E16A874C + stream[192..255] = CD2BB4A6C3D7211773421014611B677C + C0A8107544ABF4F914F825891E52DDDD + 76EFDBEE614573FF9674EBC154A3283B + 439ED8197E1EE0705955A8B6C8AFF8BD + stream[256..319] = A626C40CD2C48AAB016C29020096DE28 + F03842E785BCE9D9E385D0B13B63F82D + 789588FFAB07B8CC0FFC62AA86D37CAE + 5CF8FD43B575F9F4D6E07465B700D47B + stream[448..511] = 16A3C84858207E141022D228079D6067 + 2784EBB56E3B84F7DF07EFC69060E27C + D1311E51F5893AE6BFF80D34464DC60F + 61985F8F88164CCA69EFAE568BEB546F + xor-digest = A24EEDA74185884C5B287663C3F5F031 + 2743CCAC657C702A29E0C20BDDE304AE + A54A9292B447039D50479B6CE475115B + 8791854540E15D642859D10561AEF26A + +Set 3, vector# 90: + key = 5A5B5C5D5E5F60616263646566676869 + 6A6B6C6D6E6F70717273747576777879 + IV = 00000000000000000000000000000000 + 00000000000000000000000000000000 + stream[0..63] = 3F7261A3A4691A73441762D113EB7817 + 4C515A96C5C93C514EE559E7F78A633A + 01F0891910D44A7EBB18768E3B912488 + 6069CB5304E79ACA89F62EFEC4EAC11A + stream[192..255] = 5F11904F72123CE29D1D883AE5CD2A89 + 2AB26C9167A24A57D6F64BDE3A8E1A93 + 7C5347C585226DB44B6252AEBF3CCAAF + 2D5E60C56FBBA6068B35AA6A61C84A44 + stream[256..319] = CD6C5B784854E0121933E77C700D9C1D + 7452999F859798499A339F78FCF84615 + A3190A2F558CC529E636922A1B75A3A1 + AF280FB3F486303093DC1564EA0B6D3F + stream[448..511] = 61B8163A84540727204F0B18D9CAED3F + B5FA87089FF4E721D2EC34D21C59B93F + 95297725780DF04A5FE405FEBAE80AB9 + B8307B9A74774E76063F9218CE243002 + xor-digest = 944EF8435F32FF2A67CDA5FBDFE02C81 + 0997D9C8192633A193D6122A051B801C + 15555BDF410917B9E5DB86F4DE8B9874 + 3E9F92F903543AD14087F4E13A915DE0 + +Set 3, vector# 99: + key = 636465666768696A6B6C6D6E6F707172 + 737475767778797A7B7C7D7E7F808182 + IV = 00000000000000000000000000000000 + 00000000000000000000000000000000 + stream[0..63] = 71BA7454CF7F6CC93C89EB22B9D608EA + 0FACBB4358DD007421DAC1E65EE99161 + C542DF02611AF497B2D53748D0129C0F + 5B9704C8A6017507EEFB26B6287662CB + stream[192..255] = 92D5D35B2E02D204E68C1AD6C018DBA6 + 7A1C90F563AEFC3D031FD3F7D4F5E2F4 + C47D326A9C49A0B2ADF03D9E7E429AA3 + ABF253E623BFB9EB040B5F5CF1FF68DF + stream[256..319] = D6C22BEA96DF94CE9D5D34E6231CE4F9 + A2D2F6097540F9A9160DE139E2E80D0E + 5AFE08131FE10F0DD7367E43D314D7F2 + 2321B5F89DC64F286576BA599A58F48C + stream[448..511] = 43DC3ACAE02DBF68AB5B65A81630474C + 639FC4DD36FBED518B6471F7C3E70FDE + 23CF1E128B51538DE0D5A47F20A554F2 + 09668FE28B0C4884888FAC438960CE7F + xor-digest = 7B0EF650F3847E3EB15EA1CB64EE7189 + AA5B04F527661C00F4603E48CBE59F7F + 48498D80F6C5ED956ABBF97E6910EFB8 + 341C7BC2E81E66A4B9474BE420DFA5A6 + +Set 3, vector#108: + key = 6C6D6E6F707172737475767778797A7B + 7C7D7E7F808182838485868788898A8B + IV = 00000000000000000000000000000000 + 00000000000000000000000000000000 + stream[0..63] = 3C4CBA573D803324D099BE1F436F944F + EE506CE77EBC01FAF0060B76FA5D2005 + 05CE94AA15F3C4B1E0194264CF13878E + FD36288EA4C2ECBEEB76828EB460AED7 + stream[192..255] = FFA464FA648309E295314DEF7169DC60 + F63C90AEE9F27B534E11D25AEC454823 + DF6BD39C1F9CB46276C630C129536506 + 187251D638D3867E96A84BD570F78461 + stream[256..319] = 6BE88BD0D2257CF7EBF7100B442F68C1 + ACB94B6F8991C1461D318BB80E59A6EB + 8009DFF46B8E339A0CD4FB285ED1E433 + 5FDBD65537D9CF1FBB0F9F10E17952D0 + stream[448..511] = 909997D084DE4F6C910D57DB89E1EB56 + AB3F9974E3DB5935D59917CACCAA31CC + E009324E52334BDD6CA971AF49982122 + B195229DF0BFE2C508E981D303061B2A + xor-digest = 8B2B49D564662BFB29A9F4E1A3DC7664 + 774D41168EA27505A2A518DD94C2A507 + 0D28E1E69DA2F084DAB024E8EE2D022D + BC73071B8559BE2FCBC2AE3605696482 + +Set 3, vector#117: + key = 75767778797A7B7C7D7E7F8081828384 + 85868788898A8B8C8D8E8F9091929394 + IV = 00000000000000000000000000000000 + 00000000000000000000000000000000 + stream[0..63] = 6EE8B7E51036B951205064348C222881 + 624E9FF59DFED40AC6CDEA0945A39E72 + AD05FA929F7AB69BE8234567734F8F96 + D74DE6038A463BD8FB86224F5CEA0D45 + stream[192..255] = DD9CD1757A95E616E99590E76620E9DF + 0BF811F73B70C5CE982FC9CECEFFC6BA + F7DCA30517A9BDF44515262ACF297AA2 + 2CAC3F216C12A9D0D6912578DC672D18 + stream[256..319] = 0B7DE245062DCC9B1D8A945CD9A04938 + EB9BB258B4B7BCC263487B3599B1C6BE + 7FDE752D65345F00DF90896DF53244A5 + AB111134B36A99E2D2200B4D2003A520 + stream[448..511] = 2566E8427BBAC7F0A35C6E4BCDD326C9 + D7164A9E1F767038A09A75B5076E05AD + C51F008E9E3184FA4DC6E4764B381944 + BCB96B57FCE2339A01501BDEED46F8E3 + xor-digest = CC16803D36710AFDB1DEBC653DA7DD12 + F45B02349B87C3006DDCAC1635956846 + E4D7D6064D19012724BBF836A7DB7A3E + 3C12E6288F546EF316406D9C5E844BAC + +Set 3, vector#126: + key = 7E7F808182838485868788898A8B8C8D + 8E8F909192939495969798999A9B9C9D + IV = 00000000000000000000000000000000 + 00000000000000000000000000000000 + stream[0..63] = 4F4169DF51C9865A20D7E79DEFF7B121 + BD61F4C79AFEDD0598F55E9D9A3615AD + 19292095DDD83904B3683722A3337BF3 + 4E98F63EB19927155E176F2E8D5560B3 + stream[192..255] = CF82F8F2A46A898915B3E371BE941811 + 682A8A0A20837AF471B5CAA4B4FB01E7 + F2B0CA9ED3BA70BE305587F1ED995946 + 223032F94BB2ED7D418C95F202887E6B + stream[256..319] = 219C121E08F7458BD657AC4131221C78 + 43DB5817B17344922C54A002F3F67574 + BEE5F7FFC7EFC5615444B51FDDEE8B71 + 981FBFF658D2504BB53C13D0342258E4 + stream[448..511] = 55C2A93F43F260EABBC1A173AAF80A95 + A7EA74CCEF6E29C52957AB2247126336 + CEA5BD0D08F873AAF733B3A11885F04C + 58542B4C8ED3E1BB7F7918C4E92926FB + xor-digest = F69FE6EFBB4A6E65B517445069859EAC + A9C19FCB9C1771E75266E5B4C39019DB + E959AD97F2B8D7F1688FD0AC04AA7C2E + 602F28A63DEAA49A7BE1422B47CFBE00 + +Set 3, vector#135: + key = 8788898A8B8C8D8E8F90919293949596 + 9798999A9B9C9D9E9FA0A1A2A3A4A5A6 + IV = 00000000000000000000000000000000 + 00000000000000000000000000000000 + stream[0..63] = 3305344A71266B450B2CDEB049A048D2 + 6171B39A88C25CFC0821E4F4EFE378B0 + 702DA31652B5E1BAD9FF4C19C20BF329 + 639D5942DD2209DB1D1474B6A7B41B76 + stream[192..255] = BBD9714BF2C343B11DD7943DD8CDA8B4 + C6A913F1DBE21A0582B3FCFDE91B61A9 + 8863AAC17D07D8F98AE8E71BA5636251 + 49FAB3EA775D3C7735BFC732C3C42571 + stream[256..319] = 473F161607321838FEB9359B0006068F + 9D88B1A073DA14E60AAF1501F3A27350 + 53E3FCC794893257CC3C1D4E1E3CF609 + 975E865CA46C892823C838822AF0CD2B + stream[448..511] = 89F37A53F18778084307D0BB71E5712D + 32F0F3B7C2201D01D892F6BF6068E4B5 + 394995CE6BFACF08587ADA39CC647DAB + 9B12F5505055F372FDC4607F0355DBAF + xor-digest = C9E7E4A4D6782C02AAC4F47AF1D142AF + FAE569B755E880C6B8A5773EFC0E63D2 + 3D7A113738CDB1A0544175861401149C + 753D723CC1EF515A9323DDE4B4A765C8 + +Set 3, vector#144: + key = 909192939495969798999A9B9C9D9E9F + A0A1A2A3A4A5A6A7A8A9AAABACADAEAF + IV = 00000000000000000000000000000000 + 00000000000000000000000000000000 + stream[0..63] = B7954C45CF301CCAED3F1E7E77DCE45F + 2D41B3B1C1F28F0308B8AB4293B64A60 + AA7936DDF062613DC1C454033D2A40A5 + E99BD975A26185A7F419E7B337028FAC + stream[192..255] = 27AF957AC6C514514C24664AA0C9C23D + B1EE30950177389876FE4FF2E1739912 + A09E20A2098751049C8925334960A324 + 5ABB50F3D333587B67F153DB145B5F6C + stream[256..319] = D94FAF9FCB753E992B898178373A36D6 + 23C6BE2420AC2EA848130073F086164C + 9B4E69B024991FFA8FAE94E3C2FB16F9 + D747320A748DE9FAE4FE9E6A7E7D5659 + stream[448..511] = F664AFD3EDC0FAE88016C8A028E98D34 + A27843372C6BF8F51C7B49B94A11274A + 6A161D776E6C1FF05358F28426C3579E + 053B4137F8C4CAE07B994B80DA06DA27 + xor-digest = 521594487B583F5F71DA10E2316187F2 + 2A4885A69D522F82F7FD0D5F93F69B2A + 060EB60965AC010BC489B401F02C26E4 + FE3F82B83C964B4DB4E0E6BC2CE4B865 + +Set 3, vector#153: + key = 999A9B9C9D9E9FA0A1A2A3A4A5A6A7A8 + A9AAABACADAEAFB0B1B2B3B4B5B6B7B8 + IV = 00000000000000000000000000000000 + 00000000000000000000000000000000 + stream[0..63] = A5E320FF65811FF5E8934F3AC73B3733 + 77D3AC52446F64646946BFB8F6DEFE3A + 04E859DCCD9F421D2DF541F588B9C204 + A9846C7AA1C017D637D7C5E244602105 + stream[192..255] = BB16A9BDCA0D4BCA589A34F9278AE55D + 6A7711EC87563C9F394638041CBB0E40 + 4CD2149218D501D3B62421CBF81C6576 + FA659C2878839FCD6C8DD1BA38F46E6B + stream[256..319] = 58B4004C53EE64CD45BC4A1F11F700AF + 0EA5ED86C4BBC145C8F588B7F708427C + D2292D76329E4DB1F289DADA687B7784 + DABCCD29B8C464CE021856FD06554F76 + stream[448..511] = 1113D37AB2964AAE6586AEE1B060F0C1 + 02EB3AF048A59CB709792C9080183CFD + 2A1A47277F413F1219B5AAD7C8BC8079 + 246BD1D6F98C11997E4ED0F68E165D9C + xor-digest = 512F4852425DBF91234DA31986732CC3 + 1F9649A1965E22E18CF38979EE6D92B0 + 83333422A92F841C25F827782FD7BDB2 + 8F4B40AD5EE53C37192651A86F03A17E + +Set 3, vector#162: + key = A2A3A4A5A6A7A8A9AAABACADAEAFB0B1 + B2B3B4B5B6B7B8B9BABBBCBDBEBFC0C1 + IV = 00000000000000000000000000000000 + 00000000000000000000000000000000 + stream[0..63] = 96328CAA099502092359F397972568F8 + EE2FF1C4305EA06FFD8CC125CB10BE85 + 65EA30B621437AD4CF9CE731185720F2 + 0CFE17DD45E6361A8212EECB346D391F + stream[192..255] = 74F26B7A37D673DA0B78B38938C5C1EA + 2AC666612468F63B540EE7B17548F8BF + 60A9845BECCD7222620FDF7BE904FE24 + 7D2B7EA749C9590133CD6A218F6EF624 + stream[256..319] = 8F8AA7A4C64C3AEC5E85581C53E3FA64 + 22CEB927E370C7B0F98F038E7ACF4D05 + B54430D91B0A2CDC001BFDDDCD0081AF + 35B67E5BEE6B8E113F36E3B23CE29F57 + stream[448..511] = 53E20B4B90B2DDAB40DC30643AA5F539 + 70ADB65DD0B64CECF3D3B4C0567DC818 + 0362FE9CDF920526C59725AE861940A8 + A32C35382571F2FF20E7FBC504E1DF9D + xor-digest = 8C7C45F50A151D551E9EC81EDFDD5B2F + E676E14253FF38EBEA12395040643211 + 3254B0B7298AF77F8F9F4203B971EBC9 + B9850152A96C97BD4FA7BE8592670903 + +Set 3, vector#171: + key = ABACADAEAFB0B1B2B3B4B5B6B7B8B9BA + BBBCBDBEBFC0C1C2C3C4C5C6C7C8C9CA + IV = 00000000000000000000000000000000 + 00000000000000000000000000000000 + stream[0..63] = E8DBC8E5D18C5BB2B152A6AE9487AF35 + E2044F30EE8189659043923E579C70CD + 4A5590968600AAB0F021F7AF283D61B4 + 13C739DCFC22632E1F6CD553D4F21976 + stream[192..255] = 8675941731B385016430C9A157007EBB + E9BD8BBBEC44081C1F5E73C7E783AE90 + 1A7F56A20E5DECD1E94E1C92A07CD2B9 + 91619BC3358AB812D58E0B98EA288D03 + stream[256..319] = 8D09462E5B1154175513CE7FAE1AAE89 + EA2AFDFDF1B39D69FDF60B1954BF81E1 + 62F29468E07C251E2D174E9CE924A5F4 + 8A470D1808C68ECE534CC08204C5A2E6 + stream[448..511] = 60C5FD4C1831F0EFD70EFF86A5D38D96 + 2C402453561D0021A51F07D40A7D3B8A + DF455CE484E89437DFADC52A52741B80 + ED0EFA9AE4FC39659F8300AE9292B9CE + xor-digest = 12E57044A8E7F02EBF6912BB73836FFB + C4A2F47AE1B824AC97C1237B1B14DEFF + 12B5B87DF14A8B5B6C85C0481BD69DDB + FD76FA307F4C1F7D21E60C0BCFECD3E5 + +Set 3, vector#180: + key = B4B5B6B7B8B9BABBBCBDBEBFC0C1C2C3 + C4C5C6C7C8C9CACBCCCDCECFD0D1D2D3 + IV = 00000000000000000000000000000000 + 00000000000000000000000000000000 + stream[0..63] = 540980C2A3794C04B93696B90E48999D + ED8E1D3F4720918C80C95B9AC0E911F4 + 6593C4A920AB291D98891374EF286286 + 2386B5FE17654278EC413AAFF1C384DC + stream[192..255] = F3E036D7620669F851A1B58BCE57B079 + F5D75829EDA4E68C36F086CBF2E5DD78 + F7F30C1AD9E4CB3C01B7F2FBF53A8AFE + 957786B2D3E9CCFE7D6FB24397803BC0 + stream[256..319] = 1AADB95F07E6268BD82ECF3453DB5014 + 9745CCEEA9F1887B5F257594ABBFFF43 + C3187BD9A9FFBCCACEBD7A21FF90D18B + 57FCBAA64B8FECB56D5A7FE05BF03E3E + stream[448..511] = 4170D41CAC2A7AA5A3C9228BF386B9C5 + 57795DB5D1AE547A31C553F55DE02E6E + B69D76A984F4F1D84F29D5CB98190C01 + 441DEEFABDBFE405F22FFDE734D9497A + xor-digest = CE103B99AA95B51D2D6CC54A15833E34 + A11778F5E05BB7AB61505D473228069F + CB40015BCFDD3E1D0D5E1F832791C8DD + 3184273D1B4C67D800EF5FF004660440 + +Set 3, vector#189: + key = BDBEBFC0C1C2C3C4C5C6C7C8C9CACBCC + CDCECFD0D1D2D3D4D5D6D7D8D9DADBDC + IV = 00000000000000000000000000000000 + 00000000000000000000000000000000 + stream[0..63] = CA30678AC97B4591E287FF8B5E28A838 + 611D654A4EC592328039E3A1DFE90FAB + BA5A37133E821E0960520EEC850B6962 + B0378E77770681ACC0929D16DD260925 + stream[192..255] = 79FD1893EBF30CC2CA9C5AE92B0C063D + 894EAE4BD50BF462420081D1CAC57A5B + AA92E73D3B3CEA147E1F7127AE1F6FA8 + E9B302A068F26157C904E0AA7B7A072F + stream[256..319] = 6880FCE56677345CF1CFB2D38F890C15 + FE33D377922AE43348F5590B84426EC9 + 0DC2A3863136790EBB7BD9493D2F0808 + CA9287CF95AAF366A11D6E7A556FDB02 + stream[448..511] = F385299A7038DA8A90058C510727F3E4 + 524A2D95D217A1C199552753F253D45D + 81DA40431910DD54B619A15C5C302411 + 613D28D53493AD836251F0047FB911DC + xor-digest = F3D10E261AC596959B4AACBCF335D043 + FFF65E2651F046D300C19510E1677F1D + 45F287DFB8C17055A012C234B6EB04C5 + 76ED2EDE12DFFE6EBA4A39A64DDC573A + +Set 3, vector#198: + key = C6C7C8C9CACBCCCDCECFD0D1D2D3D4D5 + D6D7D8D9DADBDCDDDEDFE0E1E2E3E4E5 + IV = 00000000000000000000000000000000 + 00000000000000000000000000000000 + stream[0..63] = D5EC301FD496586D54D9B21FA23DECB2 + B25DCC0784BF77DE84898AF96023647B + F1618234A239F63FBF3478FD6EB79299 + 66BA9B670C64118444C95D31405873C9 + stream[192..255] = D455D37F435FD0FDD6E1EDF8BAC28D2E + DAF587F938C49A5F58C32CE8D5B8A4EB + 884B016E54277300D461FA21512E7695 + D2D7489A4560FC7A72A510219DF1C5C4 + stream[256..319] = A7B93D8B7787B6C8F80EDCE72D4D644F + 0C6400C3AD0443FDD19C3F3675083F4C + E5ED87032B1813DDFF758854C8D889A4 + 6FDC61C210058DB72D838A0913D80611 + stream[448..511] = 94232F4284F46DD2E7933F9635C26C48 + 6CB935031095777F59BDAECC4FDB4109 + 9037C38C91620586DE93B66EC7376502 + 6853B7390CA516B694583447DD863310 + xor-digest = 8596C088FA66361FD90A2132CE33FD52 + 34910610DB006D223B0574F21BF1CD4E + C282C67B24AF6DB0DB70BAFF65D5D8D2 + 1C3955D466EA2B49C5E8EB7E07475919 + +Set 3, vector#207: + key = CFD0D1D2D3D4D5D6D7D8D9DADBDCDDDE + DFE0E1E2E3E4E5E6E7E8E9EAEBECEDEE + IV = 00000000000000000000000000000000 + 00000000000000000000000000000000 + stream[0..63] = DBA2DF9ACC53C3EDBB566C28F689D7AA + EF631CB44EA91610A94685FBD862C9D9 + BFCF512BCECF36E035E2E577F6BF6EF9 + E4B0E7623E0DB23B10055677C7B9F857 + stream[192..255] = 8C78C9714577E497E3CDFE3ADE19F03F + D2DAA3211C1E9E5D9F21FD1ED696354A + B7552BFC7FC675FAFE7A739F6E60A839 + 547F8F15BA5EC6F75BB05606BBF209CC + stream[256..319] = B23F187B1BFB5A728BDBD78B75C3265B + B04C6B350A4DA4EB021D6191263F052B + CAE73E5776002FF05DEC3D341AA20D2C + FA523E6B92329A979BE06CF4F848A1B5 + stream[448..511] = 7E2ADEA91939388D36B3F97DC87C2A86 + BDE7BB4884C40D8A202964ECC7440987 + 1C64B03EAD0F46A3A1CD2CB935DCCD67 + 0B43292D5B852B7A1B3D1F853EF22EC7 + xor-digest = 1AC1E42C2DF9858537D0A1BE3B2AC094 + 54136E53AE56B006395969C7F999B2E2 + DE1DAE62740FF339DFC8769F67AEF352 + C4726B4AD4BAAEE56AB8C55FACE34860 + +Set 3, vector#216: + key = D8D9DADBDCDDDEDFE0E1E2E3E4E5E6E7 + E8E9EAEBECEDEEEFF0F1F2F3F4F5F6F7 + IV = 00000000000000000000000000000000 + 00000000000000000000000000000000 + stream[0..63] = BB00F8ECA9A10D2B137257E86B455DBD + F9A6A861F19533E38C3C9F54195AB803 + 171D35043FC9C4204AFC9A8E72EDA4CD + 60220B2EDDEBD5482D7833979C15B685 + stream[192..255] = 6CCE94C2BEBFD223AFB7AF1110F0F6C4 + 01AFC533BABD84F8C4A54E8A239A194B + B56E0CAFDCC59B9B5103471DCEB9F706 + 7801D79530B7CF40F2DEC73A169C7481 + stream[256..319] = 5144745E042B76A6B62E78C92FFC1C0E + E59979CE4B2E4B2CAFFDFCC5E75510A9 + 201E8A97A6A1729E35CA81D8645FC118 + 177DA5FACA0293B972AC0957C43BB1FD + stream[448..511] = DCF9B6116FA5EB9CFDBFC8C97EFD89B5 + 268C0D529141FC3C8262B8BE38E94973 + A21919D498FCC3896B0FB4CEB24D9E2A + F728003C36838638888FFF1D0D526B37 + xor-digest = 99EF8A7D0B8D08E976EFBAE56F7CAA91 + B1FFC7428EA56B7A697AA3B621AA8DBD + 52681C7A9A415049AFB6B7D8AABAD024 + 0F9C3112092816F4C69D36B1300ED3E6 + +Set 3, vector#225: + key = E1E2E3E4E5E6E7E8E9EAEBECEDEEEFF0 + F1F2F3F4F5F6F7F8F9FAFBFCFDFEFF00 + IV = 00000000000000000000000000000000 + 00000000000000000000000000000000 + stream[0..63] = E3DAA6E498609DDC5A31BC0B6ACC880B + 695097D2CE2D1FD162C7802DC0D00BE3 + C0126CF947CEDBA7833421D70A914BD6 + C33B0A77BE8BA10879D664F054C29302 + stream[192..255] = 0015EFCCDC554D042531FD570C6B26D9 + 059F4F4DA675BCD12C038E4A8D16737B + AAB0D7992340F4EE4324959E96930934 + 21234D41F56A995C928F82944B46BB19 + stream[256..319] = 8CE7098F4C64DF2E8A170DA3D02CD99E + 0169B99A261D1072FA116ED39244EDBE + 73EB9F1CDCF8CCDAA9E94C0DA9C6EDC5 + 426751AB8300836435BC6F727F793281 + stream[448..511] = ADF85AF30894BD0207DB4BF72D9DBAC9 + 144EF6B24E515D96475897EADE40A92C + 79B818499B8CC328859561D79D727423 + BA81055F3387608E56173AA27D286924 + xor-digest = F47ABED85910334919B5868D4531FC15 + 24D61CB16C23920750C73E2B08A4B5C8 + C621482F6D9F01EB59763C5F89AC1514 + F6CA4C40216D6385F304E9514B014C02 + +Set 3, vector#234: + key = EAEBECEDEEEFF0F1F2F3F4F5F6F7F8F9 + FAFBFCFDFEFF00010203040506070809 + IV = 00000000000000000000000000000000 + 00000000000000000000000000000000 + stream[0..63] = 4728A29A2F2BD276FDE176CF4A38BE65 + B84BDD41F065DAFEA8302334CEF92A5A + 306EF904DADFE92E3E975EF9EEC9B3C8 + 4AFC167545A0CFCCB6B1CA688967D8EE + stream[192..255] = 734153A78089B6E6EC0F520D39BC3FAA + E1DBAD30CBDA32395E51E500CE4E118E + 23BC8CFDB08D443F1932EDEC52CDF3E2 + 1D021DB791A56A7C16FDA02912FE744C + stream[256..319] = C511914A4BD9B29488B7FB1E62DBF905 + 01C0D85C5A238448065C188F0A4134CF + 6A1FE1DAE57DB8BDF89FBF7FA66F3E32 + 14CC9658DB292E4562A1761B9EA77570 + stream[448..511] = 946944DF8E41BD585723CA1C03909E01 + 783617D9D1129220ADAE7E5487AF4B54 + FF6593B37BB77AB0025C28727AE5933E + E3873824E46F2209D26936FC5566B21C + xor-digest = 34E04FBDE6E3DF6EE14BD179226D51B0 + 1513510665589CB794C0C08391FA5929 + 37B390E86BB4A72D427F58A1EFE10F6F + D8A14A6F38ADE34331C8AC6AECA5DAB3 + +Set 3, vector#243: + key = F3F4F5F6F7F8F9FAFBFCFDFEFF000102 + 030405060708090A0B0C0D0E0F101112 + IV = 00000000000000000000000000000000 + 00000000000000000000000000000000 + stream[0..63] = 2AC7F22D838F68107877E90869F98797 + 493171C8A5EC2E51D536A1578659DC16 + BB2F644C290B0F006BFE3FA0FE0CE917 + D32E94643848867B230270F54D0037B5 + stream[192..255] = D21F7FE6E368989CC75E8D9080579385 + E31680302BA8B9B2F56984FD49B01F4A + DD36AE4A28EBE23B5567BF5A539E2621 + 1AA8588507916CCB572611C352E73E42 + stream[256..319] = 25823586A7212D44811C75023193864D + 85DFA17EB7D5A34BD1CDD3260B5D53A5 + 56EE2E2A06F84E95CC7323379FB924E9 + 9E1A3F724F8C480A1F40B2C4A6FCD433 + stream[448..511] = C1DA25F3B4FBF8B2917103E6274FAE81 + A5BF4086A161A7786BBD5A33662E48AD + 6EB9A944CCA57C51AE266BAF756EA506 + AE077AF0AD8B577A5A02F5563FEBA2DF + xor-digest = 6176BC64072356BDF719676CD2ACF288 + CE2DC1272ED9C4685A5CBB7327669724 + DC8BB64BEBA04564A7879F7B9AD5A936 + C4BC1AA4007A0F85A5B5B945B418BC61 + +Set 3, vector#252: + key = FCFDFEFF000102030405060708090A0B + 0C0D0E0F101112131415161718191A1B + IV = 00000000000000000000000000000000 + 00000000000000000000000000000000 + stream[0..63] = 0854D9B674256934E204484C6D59668E + 1C94891FEAF6E08A92038E41EBA38292 + D19FDBF852400123237BD7DA620767D3 + 43C2FAAEB08A394EFD1E7C1A3776B1A7 + stream[192..255] = 4BBDDBE675E0F9D7DE0BC1B0E0C64FE4 + 52F95ADE61D5CF2EB805894B3CC3285E + 6C6AAB72DAFF826D945B05FC4D4A6BF9 + 37B352262AC12B7E6F92D5FBC4ABDA05 + stream[256..319] = 7BD11CF4273EA16E01154EF9615B88D9 + C52535D2F0C7FD394D94AA7EE542B448 + 9A046F2625011EE75F874641D1C5A709 + B7FD1DDDCCB2A6F1A47B65361A9B0D6F + stream[448..511] = 0AB902B571D11B5F2F24CDC7616143F8 + 45E7DF2050B263D7A841DA170E17C00B + 4A20221D7ACCDCB0E131108D94D903FD + 7E2F7988445A7DB54F653186D69F3CCC + xor-digest = 1266CF54E8BFFC95F1CD3C532BD8EAE3 + BF000577A811DA58A41AAD9164CCDEFC + 401C1B6BD2BDD9E992707718A9802B55 + 33D7A8F490DF116FBCD8C85E9B580487 + +Test vectors -- set 4 +===================== + +Set 4, vector# 0: + key = 0053A6F94C9FF24598EB3E91E4378ADD + 3083D6297CCF2275C81B6EC11467BA0D + IV = 00000000000000000000000000000000 + 00000000000000000000000000000000 + stream[0..63] = 1C43EFA7A2CA90F5E8F9A4F09D4C9077 + D5ABD79341FD75BB2DF9F13CA0B1CD6E + 065FA86938D971D8FAC8A3C34D08CA2D + 1BA08BE56D633951BD0338A227321CAF + stream[65472..65535] = 428908B703282E38E1BFDE62C6B0D8A1 + BD2AB1F5117C85703E9B656FDEAD2660 + 4B7B8EAAE16423A3BFE542AB13748DC8 + 35D81F981CD344015E0DF47BD180541A + stream[65536..65599] = 9D6D72F46C846D9BBF3AEEB463B9EF42 + F84915D664A20FB78AD94B61FEB7D63E + 5411A81D1E8F32BE3044E109C68B9EB5 + EC0BF180EF18BF3191D933F86045036B + stream[131008..131071] = E462CD92492726928381769FF205DC17 + AE7D31E1B82810F3CCB541B58C5F58D1 + 38DB708C5F5BF07A0432868A1AA40A07 + 601FCD1A07DE3071E8CE082833F0B02D + xor-digest = CDCA2F92BF75499E49B586BDA7D9306C + 12F111D1A9F183A83B5A07549D5F976E + 815F96BD716CCAC7178282CA8BEFF4F5 + 85DAFA9BDDDF8E6420DFDBA2573F0494 + +Set 4, vector# 1: + key = 0558ABFE51A4F74A9DF04396E93C8FE2 + 3588DB2E81D4277ACD2073C6196CBF12 + IV = 00000000000000000000000000000000 + 00000000000000000000000000000000 + stream[0..63] = 4F7D4E56036A57A303A9C7D978290216 + 297AC26C187E4F07678EC0069C34F93E + 072D734DBA239D81E566D1E6DCD09B5C + A132714291631C227E391EC0385A3A64 + stream[65472..65535] = C508DDD76C070F712FABA944BCB0F5CE + EB645825C520197867623ED5263E22B5 + 6270F0A878AC7FE03145DD2BF528E1AD + 784086FEFAA0D82F0F3571CEEDD3341B + stream[65536..65599] = B10CF49FE9266BBCA007C8DB526E760E + 79AA4D6A3B29FE82B8698C732FBB81AD + 1A27B2AEB06D05F3CF17E875BC0BBAC5 + 67762275EE650D03F62B29529F3C3E23 + stream[131008..131071] = 42B4F20EBAFB2C792006BD163064EC7C + F363DD996CDF839CCE61E739C3817B4E + 36D311A4C94C7918E82F5158D3A75844 + A5603742E33D7FC3AF018660E6B1185C + xor-digest = FB3EDA7C75E0AACEDD95B625F7EEDA62 + 3DDC94983A9B084645253C0BC72FBF9A + 67072228194F96C1E81004CB438D6381 + A5C7E9E7D134FB8B67DEF27462AD3335 + +Set 4, vector# 2: + key = 0A5DB00356A9FC4FA2F5489BEE4194E7 + 3A8DE03386D92C7FD22578CB1E71C417 + IV = 00000000000000000000000000000000 + 00000000000000000000000000000000 + stream[0..63] = 23DE914D641DC0DCB4F818C687803858 + A6673E284F8323787756DAC9352BE031 + 28BC6149A59785F6AADF92FC68761E8A + 862AEDF29E851BF5422A83EE5EABFEE3 + stream[65472..65535] = D12E0C470A955DDAA7E851F43DA35B08 + 15D442DBBEDEECE3ADE18FABF08B4443 + 77ACFE9F138F8725CEA27B0F0ECCB4E2 + E5D6E476F88CAB4743E8E43CE2D48F4B + stream[65536..65599] = 26635796620003DE67406BF741B93D68 + 318F9A23FE823B2374E8BD8008EDD7BE + 2F750707A3835BBA7DAC45E06537DF8E + 53DFCDB928EA34CC08D2841FE3E492C3 + stream[131008..131071] = D3DFCE281FDC69F7800E765CB0B33D78 + 8BBDC17DFD11F929295C26AB7ECF21B6 + 7D4B4EFCC18ECDB8134175A7F198EB12 + F7913DAF22D73A4139D5B807C18310A9 + xor-digest = BB2C8E7BB894DEFD1D5A7D37C01E8EE5 + FD4E052CDF1DDF5FDA90C9818DE71B3E + 34392EC3858ADF718F463808ABF841B6 + 90F49D35A51BE5067B162E72D0101F97 + +Set 4, vector# 3: + key = 0F62B5085BAE0154A7FA4DA0F34699EC + 3F92E5388BDE3184D72A7DD02376C91C + IV = 00000000000000000000000000000000 + 00000000000000000000000000000000 + stream[0..63] = 818C35D2FD72D12115F91BFD32F843E7 + ED4D7110D1ADF517226BE797E037AF93 + C190025A5E82FA0341667D68FC09E238 + 49D5A7A9526CA142D60F71C3AEE3A106 + stream[65472..65535] = F011E9CEE99D94BDD4484408A0FF91DE + EFDC8D8C04ED2B86C51F21058E912C11 + F19890E174018308962F5827D2FC1E2B + 82BA65688C111AAB5C749D8ABAEC022C + stream[65536..65599] = EC2EF21014AACB6215083F784E3ED65D + 774124FE60188930E1A90405EAFC8F1C + E75D54AA7D81400E026D799CE06EF532 + 8002BCF5A10D43E6FB6F80A9D72634E1 + stream[131008..131071] = 80BC6F7F6B0A7A357F770E7690D94A9D + B8CBA32EA36E124FDCC66ECE8786F95C + 22263F09645864087FF4AF97944A226A + CB63DAD316F8CFEF96504AD306C512BE + xor-digest = CB8D4C35D79CCF1D741B9DA09EDA305F + 5FA43F9AE9D0E1F576D5C59AFB8471F9 + 7822C6ACAA197FF01347E397C0382195 + 865AFAF5F1690B373AA2603C39A13CC0 + +Test vectors -- set 5 +===================== + +Set 5, vector# 0: + key = 00000000000000000000000000000000 + 00000000000000000000000000000000 + IV = 80000000000000000000000000000000 + 00000000000000000000000000000000 + stream[0..63] = 635990D909A80CE2A75E521ABF588B6E + 85320D2C722D1C93B42AFBE6358D6E2B + F2BE933BC961FB50F9A2B55389A08CD7 + A0131F89CF0E61D0C7071DEA6D8DD4C2 + stream[192..255] = 0F92D4DCC222BFC7020CA6BC3D044F69 + 12D9A93668C65401C570A01D6BF6B3BC + A6F00F6FF46AAE3C09C6158EF05A520D + F8D55FF27CDB7AEB5D03C1FFCE7B95ED + stream[256..319] = 664CCED71B27680F9458952173BE0043 + D3C27F35F9CEE7AE9D783ABA671C4FC6 + 8F2815DC904316BEB39020F646041276 + 5BE5500A60DE2209961755C1BF96E1E2 + stream[448..511] = 8F02C1FB389DD1C5F0CB730ADA528D37 + DD778C4782C7B5DF1961F97CC82B63E2 + 9CF4BE512EE27B50781E297D1633D700 + 1298F13FD8AF9D1EA83F831A70EE50EA + xor-digest = 3F9A4D249220E1AC8E559399FCA23DD1 + 1A250DCDA841502F5FEF0F5D4EFE7E46 + D9B1E5E4312903E290D695C2B681949F + 480D45F78FD69597570338049464FECA + +Set 5, vector# 9: + key = 00000000000000000000000000000000 + 00000000000000000000000000000000 + IV = 00400000000000000000000000000000 + 00000000000000000000000000000000 + stream[0..63] = 8E932D78DCDE35F1E5B8B2E863859A64 + 7AEE8B0867F6F221B09C37B7A78B4043 + D055164B1FF1608EC17F3F148FEBBFF5 + A9FCE4158B33D2CAA4AC5FE5551C788A + stream[192..255] = 7034BE31CED03DEFAB3F69A24E622BDD + 9B202ADAF05D0324EE933064ED6D965B + 937FBC8405F0D7236AC28C320CE66C06 + C5B93EC581FDD59ED40102C651495EBD + stream[256..319] = 37C4EB0E72191FF0F70C8A70F475061E + A0BEDD8A9AF1901FC6BB5482B5A29469 + 06E8C40249E02784896D5D42387127DA + CDF1657A66E0D43E6F69632519D1D3A1 + stream[448..511] = 8CBE98126AE27A51146FE05F40CEA89A + 39781F515D621DD48B6D6234F9AFAFF3 + 6FB862084F5249BCC0018E8FBC090121 + E227FF494BC180FF68EA2B134E7B00D6 + xor-digest = 24556A29026E3CAE101E7112B2FE5BCD + 3D925460B66A9EADDC271E39C317DC27 + 51DC9254491F76F9163AF09AA5372F34 + 1B76D54C09DEC9419F839E5C50F1957C + +Set 5, vector# 18: + key = 00000000000000000000000000000000 + 00000000000000000000000000000000 + IV = 00002000000000000000000000000000 + 00000000000000000000000000000000 + stream[0..63] = AC05D72564EDC8EB439A95579D04BF65 + 592AB1024152B9B14D71B18FEB5374A4 + C07AA2F58EB2E45F737580241CFB9C0B + 842F8CC9230B540FC50A590DEBDC29D8 + stream[192..255] = 48AB7E018380336AD0CFF37379D9E370 + 5B0C938600C6713FF4CF5C142F640FF9 + 72CF147E7C38389DF426FBF560E7DEF8 + 41B4B1CFE6A4E2DB4A85505C931FFFBF + stream[256..319] = E9C6536F67F4B3053B353170CC5B77B3 + 06A47B759A5FEE5BE45842C01E11519E + 5746B056C86D8A6712446949DFFE6935 + 8E4512E7BBD6E6F544CACA98BDC723E9 + stream[448..511] = 731EF8977E1307CB5FE80BD4F89025A5 + AFEE3E54F7CCEE6556A211097498827F + 6219704F96652420BB9EE830DB3DD940 + 96987BAEC5A43526FCBCD85C9BFDB209 + xor-digest = A37E582543E75640DD988C7FB5579D43 + 9C41669EBCCA5580184743BD54D24CBE + E32F2B1433CDBE51E8208C78FD739CC5 + 4E2A37E16A7AE4F2193ABC4F04C35D23 + +Set 5, vector# 27: + key = 00000000000000000000000000000000 + 00000000000000000000000000000000 + IV = 00000010000000000000000000000000 + 00000000000000000000000000000000 + stream[0..63] = 0B295517E5A2E100C262736DAE920F2D + 26C40787AFEA87FC34C27D6E0BF98A62 + 53B695751F9095C8766184EA44042F2D + 6DE099A80C75DB1F33F53EFE578A8F0B + stream[192..255] = B54C4F2EDF17A1EC22F536586A5BD691 + 2008DA6642C84AFC8ACD35A7DAE73F79 + C835D83F4C0C3B1E510D1BB42013A872 + 8E4899A8CE134625698CAB31852AA7D2 + stream[256..319] = BBE2221921E73DC79E795AC0AF9B890F + FE88A14DA29DE45FA38F4C3E94E6BE9D + 98238BFB181FE664B4147CDDC125FD06 + D11A65F1975A0D781024DE1EF026DFE7 + stream[448..511] = 83E61FCEEB1367635632B45BC73B8B39 + 165015E7A6B8D9851390D4CA9DCCB935 + F09BDF52883FF37BC77DE94842E39BBE + 0BE530FC9D3B4564E11B7EBAC8083818 + xor-digest = 55242D44DFDB1A747071F1C825DB5620 + EDE1AF37B6D73A22264B14F7D35E4412 + 4A6242C5AD34B54E98738D6CC90FE355 + BB9402DD017B6678FCC0EF27CF5D67C2 + +Set 5, vector# 36: + key = 00000000000000000000000000000000 + 00000000000000000000000000000000 + IV = 00000000080000000000000000000000 + 00000000000000000000000000000000 + stream[0..63] = B89065FE0B458C64FD6EDC6A893C8C81 + 83578E7D37BE97E6FF82E45110A25960 + 49A817CDE859B67B56CB80768D6DD275 + 6EC368FBABC35C8B51C62AC92F913281 + stream[192..255] = 0E0AB045409ADA1A9540504550404B8B + 2C38384E577F2DCAD5316CE7E806A0F1 + 21D2A3298F71F301340F3C0A9CDD4815 + 936F16B4EC229E63451980646D45E3AB + stream[256..319] = 1DC37BCE039878BA2E5938E4563D2523 + 7350E41C8EF9262A9EF7D7FED7E22F45 + DC3E98EC981D2BCCC1185857C627EE20 + C86DFEF500756B241320798764C3C09A + stream[448..511] = 9A0082CDB35BB3CB1C74CE337D944D3B + 2C833B4F786A92DEA4445A2E5E101384 + AEA834F5E01C1B37EF8291D039875A3E + 21D613FC71212DE686AE52295B773E42 + xor-digest = F94584BB343C6BD6BE3AA1EF799989CD + 93F6DDB6A9AC7E2EDFC92460F0905E6E + AA3E81F6E173C7F9FCE8FB5D7B261A58 + 3FF006AD017A09FBA3B3D084285169A6 + +Set 5, vector# 45: + key = 00000000000000000000000000000000 + 00000000000000000000000000000000 + IV = 00000000000400000000000000000000 + 00000000000000000000000000000000 + stream[0..63] = 486343B348F2A1726617D6E93989B000 + B41FC9707E2A99C7FE5CE9423DC3004B + 67EB02F45B368F87FF2C4CC0C59D1728 + 9F713E714E049CFD8E5D593255092A7B + stream[192..255] = A1A3127E632EF47679F52224E6D5A16A + 6E0598271F36F4DAA98B115535E77C71 + 84170D2DB4B8C5D804790A666D105108 + 81213A0684DD4AF03DE7707702F4F73A + stream[256..319] = C917B1577463E05F34350C4C7F6CBB5B + D63B2D74EAF1500832132CA1A1F289C4 + 3D93BFDC5E9D91897D2F7E05740F3C95 + 0AD872A93DAF3850A452410FBD706A92 + stream[448..511] = 11646E84240BB95D1B14694785E7E119 + 848855E462DD14176442B8595CF602C2 + D1F4A2E09B8D7DE28382D1DA4DB3B1E5 + 910DAE6ACC02E79FEB07A8E55747046B + xor-digest = 65E9982A725056B8FBC275052EA48C00 + 69A1BA0939831C4014E81AAF14F66FB0 + E01FC0C70A49C4533ACBF304A5309F4B + 60D6B310BC66C6684BD5B9C83F994E95 + +Set 5, vector# 54: + key = 00000000000000000000000000000000 + 00000000000000000000000000000000 + IV = 00000000000002000000000000000000 + 00000000000000000000000000000000 + stream[0..63] = ACAB34102EDDB67B8A5D8B135BAC15CB + 1CD52AE386364C709C2B9D6BD322D7B8 + 477577B4958D448A3BEBA473D861E592 + CA15371AEA0F500361CBDD865488A7A5 + stream[192..255] = F25DAF77D7D734E5486A1AAE01794FB3 + C17099E01489A5B4213EFAE6D745B798 + 77939C7A178D1FF09EB2C42A8A3CE51D + 59D501B36BF9E4960BF3FC8D50F5A847 + stream[256..319] = 1C9C6F63998627AE1AA7E8F0B2D73A99 + 707256CDB12E3AB239EFA72AEC516FBD + 6DECC9375EAAC634707A139E59B32B51 + 5D25ED6951FF4228A11DC87E8DE61385 + stream[448..511] = 6A997977A25F4E9E0D9AFD8C20B56EE1 + C702C301528E332BF8F5E7DBEEE5CC28 + C9E12E1A8BD7A2118A0F31F800B574A8 + 2FC44FE19B20F1D3396432DBB02DACC1 + xor-digest = 0B2BA364EE76F0549A10200D129196B8 + E2B69667999FADFAD55CA479AE679C56 + 54A453C43898443B9DF2835AE806C2A5 + EF30CB8AC25DBA756A705F66759029FA + +Set 5, vector# 63: + key = 00000000000000000000000000000000 + 00000000000000000000000000000000 + IV = 00000000000000010000000000000000 + 00000000000000000000000000000000 + stream[0..63] = 4DD010482D0DB2D09D76872D25F73B26 + 749FFE70B9674587FC4CEDBA5966D217 + 489244D0177F676188A1762C430DD8F1 + 5ED9F7BB67F2E8A79F7633DB7B45CFF3 + stream[192..255] = 3587F0A7B9F410D45357626BE10B4EAB + FF8798FECA5F91F3AD2543B301B5C301 + F84404071C7BC77AC31E423E1AB1E2AC + 2CFAA37DBC2A1316D16A5C7BFED1A77B + stream[256..319] = BFC632891511228ADBA0211EF390A7F8 + 08A12AC6BDD7C2E29DF27025EBA1A6EE + 00B9718FF2BC003904C1C28878894AE0 + E5CE5E9F55CAA522EBEF5747C755CB73 + stream[448..511] = 513D9FFA86D8AFC20E4870DE0E9B330D + 76F02E44A6C4D7C5270B89C6BAC9426B + 5A12666244C0CC5A641118B93F72668A + B7C53CD7FAB0940F1B37A85015DC91BE + xor-digest = CACA8BD50E28720128B57B37D45DFB02 + 206D53785FCE81205AEA085466142DB4 + A17F841156916294F3B7CA93CD99CB12 + 93FF593B5105D2822CA9BC3BAF178935 + +Set 5, vector# 72: + key = 00000000000000000000000000000000 + 00000000000000000000000000000000 + IV = 00000000000000000080000000000000 + 00000000000000000000000000000000 + stream[0..63] = 4DB6CB1D5BA89BA45BA8E3DFCEFC444B + 7D97C73F53EBC50BC46047CD76499CF1 + FAB51AA6C8B24118AC4EC8E49192B41A + 2812AA1A4325418AA6C69F6143F0A6B9 + stream[192..255] = 33FB647044F3918513212D3538C31662 + 1DD9F3A10C0589CB718564CED7ECC391 + D9701C7A23AD48E05A79BE9E32F60819 + 3E57FA8D8EDDF9F43F38BF8BBCBAF52D + stream[256..319] = 79F3525A6EE300764DE481C20A40135E + 94362F56DBF4C5AFD214F9D4039A0899 + F74A7D7C27494B39D1B0145B9F691B5F + F436F2AE8B335EC62CCB0FF506E0240D + stream[448..511] = FFE0E6B8D741377FF1A02764FEE3D681 + 6CD020C6DDA5097989137E9BCFFFD35E + 0E6379AD2ED3D9D298C6B98DEA82DE6C + 2B66529C860DD4ED56265CA09B16A8A3 + xor-digest = BEC66A4FEB220D732F04AE0B98FCDE2C + 0B70613BAD57D7590E007E84AC546B09 + AF1D5BEB509CFE5523254B5FC8CC2672 + 215C67477AFF14D0788DB166C5B4B12B + +Set 5, vector# 81: + key = 00000000000000000000000000000000 + 00000000000000000000000000000000 + IV = 00000000000000000000400000000000 + 00000000000000000000000000000000 + stream[0..63] = ED4C49EAEBE78999C0DBC4674757D435 + B056A45036DC51B390A6C87B3CE8BCE8 + 2C7DD348C7775D2402EBE359E7895FEB + B9F44DB5D0F7B40AC207A3CA750EF25A + stream[192..255] = 32F897ACB5CE63D1A64781524B1CB4FF + 9E595EEF93A3206A0D1B4E6F4ED7501D + 2DDFCA31B4FC1A33F589167B070FC003 + F67C528B6AB99ED308EC3CEF82B4E2F0 + stream[256..319] = 57CE29261DAB385309C97955261874B7 + 676349DEDF7582B7654D1A8DAA570EA5 + 9745D2167F2AE1ED538F1D0ECE53AA38 + 379F9AE542EBE229D561E34ACB28FA14 + stream[448..511] = 667E22A8BE7BB84CA1B1C0848E5F22D7 + E98E54A79D5A960C33D07357199AF1AD + 53F3F803EA698127C22F75F31C40656F + 8C28818775B3D88460CFD29798187537 + xor-digest = C68E7F4A7CDB68892794933392C1BA84 + 5B6B7CF52B8421137EE0220BA67C91E9 + 81B47F9BFC39FDFF9DD48F3617F2D523 + 0680B87D18A821A09525FDB79DE6FED2 + +Set 5, vector# 90: + key = 00000000000000000000000000000000 + 00000000000000000000000000000000 + IV = 00000000000000000000002000000000 + 00000000000000000000000000000000 + stream[0..63] = 80FC6D794178A189EC423AF926622982 + 60C44DC5DD5AC91F779D02958366CFE2 + C5551DE2A5D635353757AFDDE68DF592 + A034D87C871D7D871264BB0F89E99536 + stream[192..255] = 0BEF31DBC3F3DBCC5B3D28BE296384D5 + D33DD0AD9A80D4AB8F58274B4397A658 + 94F67376AD8DCEC19BC2C74A835D9F70 + 1F4C60DC256DBA4E83B21D36B66F5DC8 + stream[256..319] = 625DDFD8D922D848380D45D6D7E730BB + 049666B3900E4305218BB7089D059FD5 + 825F9EAA3AC047A006F1353C37AFD11E + 0143DD68CBE9543B959E26ECB4C649A1 + stream[448..511] = 636E6EB97E3127EB703D5170D2C8FAF8 + 63E8C333F5EFEFCF9063E3D770FF9E0F + 2B37396CEC935239797FE430DA4CFFB2 + 9B19D833687318DF01750DD2F3D942B5 + xor-digest = 0865679CB53BC2845A0B71AB820F61AA + 9B99E100AC7F0358D5B610C09EC52C7F + 8C7C5D973CB85B18F8990F3BDBFBDCBD + 13071BB3AB3F329E75A44E80320BF86E + +Set 5, vector# 99: + key = 00000000000000000000000000000000 + 00000000000000000000000000000000 + IV = 00000000000000000000000010000000 + 00000000000000000000000000000000 + stream[0..63] = FC2DEE44B15BD914C17DADE6645A0250 + 2F40B39C0C6AA26C0250D328112AC67A + 0C55D48700EFE67EFBCED927B62427C1 + 41DB8089774E2DE23C5FDDFD66D39BC3 + stream[192..255] = B6A4D34FC81937580BFC32E04C8E2B20 + 309AF3E2152B98BD748A344D4537788D + 35B16DD2C01444CAAAB8684916705C88 + FE75C53D75713FFFFA2693E91395F919 + stream[256..319] = 9E619BB0045C58C2D303F79E659CF5E2 + 011D619E0CB10CFDD53AEE6812DD780E + 36407CFE9BFC1C73C27CBBD491BB6A7E + 8918023EFD6E2227C0C840F1DFA5924A + stream[448..511] = 2A320747019AE86A59D5422B634448E0 + B43C41457428AC7A4E5D0C9D7327B44B + BBB6F64CC2423299C009E5B24DDF10C9 + F87F2A525ACF803C50837EF6C2FF3D34 + xor-digest = 3737C19DCC04C7C72EC9280D53C17E64 + E9F4B1E47980711DC64FE6D3E7DD05E0 + DEFF339F38868B1F7CFFAD4298127949 + 11EAD4D34047B22B07C397A37F6BD2A0 + +Set 5, vector#108: + key = 00000000000000000000000000000000 + 00000000000000000000000000000000 + IV = 00000000000000000000000000080000 + 00000000000000000000000000000000 + stream[0..63] = 84F71EA20D46B3802A787C1322DE6A79 + 34587F447AE7FE277362497E4FDB69CE + 129EC4D8D80ABD0C15026EED3DFE2B6F + C48C5DF09CBE035E348A22F8A2AB7DAA + stream[192..255] = 6444791C6DE062EB9A494AEB910A458A + DE3D834BD6F87F26A9D6F99FD970C820 + ED9FE0DF88A924F97945B0EB10E5D464 + 559AA278DAF6A942651E06C66D33F7A0 + stream[256..319] = 1878644E35B3BC562F82647D45C84317 + 769BACDB95DCEACA456727616BC90FF5 + E78FEE1EFB86A714CFCDE79AA9E66FAC + D600B0FC5C471569BBEB5692E7D9616D + stream[448..511] = 54BD56C4F0F3A0CB89A678F2912E5B21 + C2B225030E82A90470EB6040F50A818D + C91F65BFFCEA3F9041BF110A762DE3D4 + B41A8D1E18CAC776063B2DC93BC2D02E + xor-digest = 52E18382B88883C5648E067675468200 + 2AA9AC5C18A856E89175C449A6033501 + 87FA4C17A4D36269340F0877385A35AC + 4B7FEF6E1463D34BCDF3597618FAF352 + +Set 5, vector#117: + key = 00000000000000000000000000000000 + 00000000000000000000000000000000 + IV = 00000000000000000000000000000400 + 00000000000000000000000000000000 + stream[0..63] = 3F40E9A3C872ED15A6AA296F716E095B + F39153C7C6F4ECE6F550AD35582083A1 + CA0DC3CD817AE3946E43AA9C8700420F + F0DFC21B34F4E5E40B3EA14299EF468D + stream[192..255] = 853C4A895DCBE411B9B2E340B0AB55AC + 8EEEC42885768110ED7E1CCADC10121D + 8DE12AFD0DCA4507A8A7A2650FF68C6B + 5DB1DD670C8C68365E846934D16A46CC + stream[256..319] = 565AEFAC0325093EF87FDC51413BD5E8 + 56AB6C90FCE7D3C6EEB7E58F22AF63D6 + 73BCF3840D611A5E1102E9A4108CB902 + 5A1D837510A971536231CA247965379B + stream[448..511] = 887287B62116FE2A28957ECC71DE5BA9 + CBBC16DBFA4EC141EB617F9314FCD238 + 91C4237FA35871C0C795E2F3A4197DB4 + F81BA4A29759BEB5FA2277CBB9169734 + xor-digest = 78E564BE9E7102E2CB009D7A540395C6 + 188C8499B7E96C0AD709C3BA2C341741 + 6EED55AB00AE5719F25CFA06F1488E83 + 798F18BFD755B9061AFB4EA5D864FC24 + +Set 5, vector#126: + key = 00000000000000000000000000000000 + 00000000000000000000000000000000 + IV = 00000000000000000000000000000002 + 00000000000000000000000000000000 + stream[0..63] = F4C281D9C88A7FD6B2CBA9EB0366C594 + 59327932DBEF8118A7A680D0F0AA41A3 + 735FE0874F047D2B071B5B9E755A7B6A + 9426353B923A5913C647A88B642B2C00 + stream[192..255] = C7DAC2AE7631D11EB21EF15FDCD3EEDE + 7DC98A7060613A643EE8A944EEB6C7D1 + EDE08538E1BA6092ACDE0C648D29AF5C + 309CFCBC4F40A713FA58D93C954961AE + stream[256..319] = D1647D6453798B7E15A49199134384B5 + C9BDEBF7F859F6460C2666F297410070 + E68307CA78790EF01D160D94B69729D6 + 90A4FE477A27AFF8B254875C98116485 + stream[448..511] = C6D3DCBD0E9D4746B142C819867E0A14 + 8B81FEE3D1007E907F8E9D597EAD63F7 + A87E6F224C67CF8162C4E92FC1BE44EA + FE3715B3C1C432CC660CCF1536A20F46 + xor-digest = 59FDF05B6D16079B7E18F6A8CE0C58FF + AD7C985C01A12C07D1ECEA740A92F761 + FDAC3F96357498B5F5FBA91DE6502A86 + 1332A1B3E85C5E72444A2168C25D6FEB + +Set 5, vector#135: + key = 00000000000000000000000000000000 + 00000000000000000000000000000000 + IV = 00000000000000000000000000000000 + 01000000000000000000000000000000 + stream[0..63] = 494BAFEFE4FBF2C406F55FFB436105BA + 09211B71DA446A0F5436E6DBF42F8E1C + C805E797C9987C14997083E9004473E1 + B2B3729DE9B483361CD38CC78C982533 + stream[192..255] = 3C04C6633F7D8B714E8549AEA1851035 + A520EB6422F42B2C840C74CF51A13FA2 + 9C1875212E8DC07774D6911415F1C305 + 9826A05DA9F09942273CDB592F7E3A6E + stream[256..319] = 1FF6BEFD79A7E5BA0DF64948BA0ECE7D + ABFB3883BF8A95D3E76DEA30550F5C3A + 2B67FE2AB78DF091E758E498418EF514 + 089283275588A41AD20D53E6394635A5 + stream[448..511] = A4D10D3B6AFDF415D49FB6ADA1245812 + 1DA1365ECEBDB6C2508F1EB92E91E8EF + 90892E6FCC9E70AB9A2EC4D49A11C197 + 68E6B4C154A4D65C55AFD38B2BE3F4DE + xor-digest = 91D4EA4C6ECE28536C415A6AF46DC432 + 3B6DC2DC98C3A3FE2BFE53C8FF556C16 + 0197D655357512A808415BF757AB3A84 + 6BE7865622D32B7DE3867B3B096408DB + +Set 5, vector#144: + key = 00000000000000000000000000000000 + 00000000000000000000000000000000 + IV = 00000000000000000000000000000000 + 00008000000000000000000000000000 + stream[0..63] = 521913EA655235FA0E713B0DA3ECB98F + 7AB817E70827D29E75E3BF2729EC2AAB + 8747B8FE0FC9489B6E0EFF45EF985980 + CC0189D9D0F2EF34E809D992E7695D9E + stream[192..255] = D265AAD80EC96DFF08859F93B236136A + BE146981E919C0554D64FBB7D03DC9AC + 9021F2A1B39866567D8BA1DBE2C3CD21 + E5C4C94085F7083F4C640E918C4004F1 + stream[256..319] = 7DCD3CF623332365E6CF2D92FD147BE4 + 1E532F51F939C921DD4492E026993E56 + 843ECBF0925CC52D56084E7F2B538653 + 2020DEE6FE7E85D4A89AEEBD5F3EAAAB + stream[448..511] = 00E20611C7ADFC3BD9E59B9E6D7ADB03 + F87FAAB01D7771B89299BDC59E1E2EAD + FC9FDE416B62FEF07AB7A816AF261E77 + FCF79DBEB09323D44B5956CD93AAA990 + xor-digest = 0578B3E20EBF98D89E2DE82A6EA8E34B + 424E526CF419713F0AA662B852E58BB6 + 7ED570D75534E1F23F85F160690A464F + 122CCBFA5CD1DCC0969F2E57D65D64F8 + +Set 5, vector#153: + key = 00000000000000000000000000000000 + 00000000000000000000000000000000 + IV = 00000000000000000000000000000000 + 00000040000000000000000000000000 + stream[0..63] = 2617095641B825094DE44205319CA853 + 418588D5B6BFC05A2713CF898DC42B3D + 6ABDDF4C287235438A48BDDA49E5ECF7 + EFA235A23BF667289612893708704F08 + stream[192..255] = 04F668517ADC1AF6E31DE6B7007ABAC3 + 59A2DD6DD61755C6CA7053E05FBBA2AC + D9AF682EFC71391EDA4A5872B53D7CFB + BD35ACB719169283EFD9FF9E172269C4 + stream[256..319] = BCBA3F15D83B9AD41317AB9EF7DFDF0F + FF05CDB058AB08D7BBD720723E969CAD + 79F16D26DF0222CFF4249B839EB9F9F1 + 422EDAFB8EC285F27E347B7B4C9B2C23 + stream[448..511] = F15F17F38917DFCA9141314047595C17 + 047F91E4859D849E9A6339F640E3633B + 6A1B62D089B24062BA5987C3FAAB6633 + 99698CDE6FE7A461F127AF67B2C5CFBA + xor-digest = 68B2369B45F059964A1FD3822DAF61B7 + 82A9FBA7EB563F83DEC4D058CA5D8931 + EC74AF4043FEA803B696791C8E0A675B + DD8982AEA862BB76847E1DE12F2A5E86 + +Set 5, vector#162: + key = 00000000000000000000000000000000 + 00000000000000000000000000000000 + IV = 00000000000000000000000000000000 + 00000000200000000000000000000000 + stream[0..63] = B090CC267B29A95ADFAF6BE3E147D647 + 21ECACBF6B7D0C4061D17FB7DE0A6662 + 6D6F9FC167FB3FFF237C240AA03FAD55 + 13B6DA848F22796DB501A8FB89F2B85D + stream[192..255] = 1CB95ED9AADFA0E1FFE5704BE69CBA3C + 9593746AE87F36A786E5EBE18A1D3B25 + F4785EEF4DB439472035BF053687C5F1 + 0B60EF55A76DD1994FBB482BBD250755 + stream[256..319] = 826BE3D679C872536D55C3F0E49C2624 + D41726A4525A50CF91EB71E7CEC5AC47 + F3834358E2296CF0D04B8D8CE8A701B6 + 6AFBBB8776DB2B75F1CFA01231B365FA + stream[448..511] = 244DB28A98619907AFFDCCAF303A3795 + 3B6D21EE6D22780C4D3C939C084E4181 + 1FFCD8F2DA2E6A2243BD0B5428FB86C1 + F0EA2E8C8B6950ED961F4FA8CDFDCD17 + xor-digest = AAAFCEB42F2EF40C4B5462307085434E + E4399F87B4AE5CA828A952A851F47913 + A51430A8BB9B3CD0A4B2F12E297F51E8 + FE0B1A6FE0F21177EAD9284087D3706A + +Set 5, vector#171: + key = 00000000000000000000000000000000 + 00000000000000000000000000000000 + IV = 00000000000000000000000000000000 + 00000000001000000000000000000000 + stream[0..63] = 0F4309F63F237DBB51567573126F09E8 + E49990F26E541EF888B9F2922FE9D280 + C8FF4874C0D4FA3F41034B82E2E026C4 + 594A79C2B689BC502C41244DC1AD472D + stream[192..255] = 95DCF9685E429DEC2833E1B5E78823BB + ACD9332D668C4B342B89A290E1CA6127 + B0E5125E44445A1156A70B27966C3E0B + 4E0BCBDD9F4561998A5CBCFAA05C7459 + stream[256..319] = 0886E9887182156005548CA1A08B57C0 + E9FA76C2A694E1CEE22E9B715E99B115 + 9AE064DE644FD580E8356164A45EA1C4 + 3DD85E16158B5130AA103267C8118105 + stream[448..511] = F8AF6F9992781BB09808B7AF404F6546 + 6FA697C2A1BC9BF64F8D6B6D8CA0B856 + 6B64E6BF0500F6D80113D9457855FDCE + 1791C7436F5FF41ADA87562C175942D6 + xor-digest = 8D32FFAA409C8CCDA6892C388D5D654B + 4AD50ED00BA649737BA8F350811A2AE5 + 5C89463C7D63F1F1F16C4007826C2CF0 + E4BD9453A60D88BE86F60BADC3E71E98 + +Set 5, vector#180: + key = 00000000000000000000000000000000 + 00000000000000000000000000000000 + IV = 00000000000000000000000000000000 + 00000000000008000000000000000000 + stream[0..63] = EBABC8B756971D46C1A5E86CC7AEB329 + 4DEDACFC795F2AE02CCAF68B933DEF4A + 19E96BA64DF14EB6FE67CA48861B49BC + 16052E33C8B47556DFBD96037B7DE5F2 + stream[192..255] = 0438A8CF718F4C52E33DA087FFEC01E0 + 459D26757D5DF55D5D7BC9BA88F57EC0 + 4B84D854374F95317CBDDEE928A2CCAB + E4BA1BBBF47776B29890DF00D864FBD2 + stream[256..319] = BC4A80F9CACFE63D2E54044ACFF39F97 + 2C69015058AD3F81CBBA28FB0987FFCF + 9CD1F6AE4F0602BAE2B828D3FA162936 + 23CF3AC2950BD651F7E467DF8B454BD6 + stream[448..511] = EDC95FB80C9FED4A73D6EE9B2CD74BB7 + E6DEB9E7868D40FC49BD1C52838457F0 + 88DCB29C2107066D55A80908EFD1392A + B4F2F13C0A79F67E58C91A89A5C88991 + xor-digest = BECD7FD2014BB9A25701E69F9788FC84 + 1AA9DA56CDE1CD93DF45D28F29D32E22 + F488B0C2D9FE95B267CBFD35EDB2F6E3 + 05DFA5A2CF09D7E2D13348BC0C9405E2 + +Set 5, vector#189: + key = 00000000000000000000000000000000 + 00000000000000000000000000000000 + IV = 00000000000000000000000000000000 + 00000000000000040000000000000000 + stream[0..63] = F28A15A90386237127A5682EB09E0E58 + 30709455034A7189AC9710DBB50D5012 + 9EB4E0E9036D4504054B281F3FE9F45F + C80116B8FFC0B42F9A636A399B7A8BD1 + stream[192..255] = 1219EF9BDC250E88BD0A62DDCF9AA1DB + B62E19FBA748DFE1035C6A5B3B94954E + 1370487A455916F7DAB451F79C5E1298 + F549CE005A1321E6B136B59BAD9EBCD5 + stream[256..319] = EBBE81DAE5637C4C7EE6FF9251D5407E + DF7E8EAE384D1E588CAD39AD9F763004 + 9A8E028120B5065B658EF3E2B357E52F + F18891819EEE3EE021BD1AF08A4B1F53 + stream[448..511] = 50086FCFCF5EFFEDC4A52B0212B7321A + 8664F2976493868F13D7CFDFB7583E99 + EBA70778A83CB88850D45B300F7F6A80 + E721860560B2FA642B2E77C7F7AB0662 + xor-digest = 336516670616300FD5FB014C1076B53F + 6637AD0EFB453615924396785CA4D284 + B03F526FC2179FF3BFB0A1A2ACFFD87E + EDC4C8360DFFC132CE6A502EB173A0D4 + +Set 5, vector#198: + key = 00000000000000000000000000000000 + 00000000000000000000000000000000 + IV = 00000000000000000000000000000000 + 00000000000000000200000000000000 + stream[0..63] = 93261A7231FD030CEAA974BBF8F3A721 + 33334C5F3B25D5831B203C353A566D80 + DA578081A047E28DDF8E4BD5B68BE4A7 + FDE4BB3A4875BA84553AE120ED77C9CF + stream[192..255] = DEC4B603E6A6F911B68E5C1265FA2004 + 71B296A647D20C13E42202C1A3AAE880 + 305F969BB88002C8FC00CC5DBE40AA06 + 4AF85646AA8C7F7191FE26FAA2918A95 + stream[256..319] = 849431145F27957D53CD355501363E4C + 5F191DA666B77364E5866CAA16A9DEF0 + DDB9BC266EF41DB0C2A7642B9E8DD27D + 60DEA6E69052D4BDE9FC83B2578C72E7 + stream[448..511] = 5556EF9874E3150FC539C9BD3BAFD308 + 8FB347D5E38DB318A72AE0C6B6FB4163 + 082545A9AD8872AC383A78230729D083 + 31BFC3F2C80DA20617435FFDF2529A7D + xor-digest = BA9CA5F3C27246F931824A9A425F2390 + E183188FEDE5BE3591053ADCC933E1F3 + DDF5627A94F80F8922F53E951490E96B + F51491ED2D6DA26F3BF69CC41B8C0C98 + +Set 5, vector#207: + key = 00000000000000000000000000000000 + 00000000000000000000000000000000 + IV = 00000000000000000000000000000000 + 00000000000000000001000000000000 + stream[0..63] = C449AF4CD437641A3B40D0E0E7B5696D + CE973B3B217E02DC20B2F5573FDDF78F + E6E55D75CFAB8EE04C8962376D22A843 + A80BB79C8B8D8B500C4B6DA27748C398 + stream[192..255] = D5C92B62B0818165096551DF2B007F66 + 2DF953742EF0BBE97982FF9D3EE83E1B + 87EC9D710CF1700262B1CAA9C68A897A + 8AB4A162DB0443A43962EECFE5B4C0DF + stream[256..319] = 3B8CC7E847669AC6858B7BB716206386 + 40D8C2DD259EE4970A5F254077101271 + DF745AD7F57712065E2D03B9D7220591 + 5C8C033A4F9146EE561B4179DB465989 + stream[448..511] = BA4ECB7D74CEE56CF1D5AB636BBD6421 + C30A51DABDCED17C8D50F5293424AFCE + 33AF71095CAAD3913A8A3A12286A8E91 + 89DAFCC1E2E744FBF4B526E910B5F2CF + xor-digest = FAD57A608E04CD71B176BBFADED7B229 + D855A8025E963B55FB83EC7311427779 + 490F25D34C6385FE1C036FF0807E136F + 40C10588678E2414163AF1819EF7D3C9 + +Set 5, vector#216: + key = 00000000000000000000000000000000 + 00000000000000000000000000000000 + IV = 00000000000000000000000000000000 + 00000000000000000000008000000000 + stream[0..63] = 989F302DF6BF8C63F9EB69D2625115B1 + 2CCDA42A2D33BC6F21BD55E0594DBAAD + 9A294DDFD6710E36000C27FEA7E03440 + C8A6E728716D0DF14E825B798A6C420C + stream[192..255] = 3F3140320AA02367512E7C1789F5C03D + 83CC634354237E78E16B1A64DBDFA6EF + 0697B28BDFFAEC311C6E2089BCF64203 + A2EC7BF3CA922080380241A47A673634 + stream[256..319] = 6049048A5307D55D6DB387A6149C7B23 + 0AE33195D53E0026103EB44489BB86C6 + BAEC7A0D920CAE25B1E7B9F07C07C4AF + 6485FF281C7B7FE1D61E660AE55C20EA + stream[448..511] = A6DCBEC85525FA19FA6066470B4CD83F + 17D42DB3353B327BF3DD6E7D047CD752 + 71E79CCBD46E757F3654C2506C2B593A + BC93B8985C491017A8E616D69E8974FD + xor-digest = 55BE97FD8317A47742F8F3BB762160AA + 7FDFBA371864823D93EF6C029D457AC1 + 2D679CB424DA9EAF8E4FE28271C66F06 + 1E91D8F2EF41733AC1084F54330C9786 + +Set 5, vector#225: + key = 00000000000000000000000000000000 + 00000000000000000000000000000000 + IV = 00000000000000000000000000000000 + 00000000000000000000000040000000 + stream[0..63] = B8989CF76BB1AE894699604320C14706 + E20C8BD86C016B5E2EF705AEC54C6023 + 2A9AA961C10914A8D910D517059A93F9 + 78C537767A057E0E11DBB5C9BBC4EFA9 + stream[192..255] = 83FC232D21D0DB82747D9EDFEDFB58E2 + BB37362FA2B4E1AA0C9A58AE521EFC86 + C512831CC6D2E85FBD96FD3B60D1D153 + E83DDC6C5755899CF96FDF69E3732E4E + stream[256..319] = 201DDE5D82B754341A3452BF7DDDBF6F + 167B2A087900EF40E4268A80217D7310 + F1E9E25C707A1EC05219E3CCFEC0F6F5 + 28CD98534F6C579A1ACD3171D131D87B + stream[448..511] = C2F68B5F03B0045FEE0FC92DA08F8545 + 762F73E553D2F539C64B88D4FAC9B011 + DE0504D66007A115E428F627A667FA2E + 296F222734FA0F905548058897DEA990 + xor-digest = 7DFA65F57FD58891C5576B3CC7002513 + C1A983E9D31317B681604DA09F176AAC + 4FD78CE84EB9427BE8D6A63058582F16 + 148D55B3C2544CF4DB9306699CA74D80 + +Set 5, vector#234: + key = 00000000000000000000000000000000 + 00000000000000000000000000000000 + IV = 00000000000000000000000000000000 + 00000000000000000000000000200000 + stream[0..63] = 307B13F3D3EEEA4C8FAF34416689F354 + AD26336D6B33DFC5AA004420D2DEAA69 + F69E531EB6D672AD62B2A6A136046373 + F70272E84E14CABA9AEA3102863A0B10 + stream[192..255] = 8E4DA19FEDAD4C842917ECD5E7256097 + C2F524324D8A974D4185D8B11B611C72 + 6C39DDB5E58180971DA181D36A289CBC + 1937E8F020645EC8D0363A58C6147F38 + stream[256..319] = 012A99871D6C4CB7328C1374F37D0BE3 + DCC2232F6484A22C8F330D77316A1756 + 71DF7CB32773F25D772BFE9DED5981B2 + 0C3F0DDB2879AF61E7549F03AE26D233 + stream[448..511] = 47C6CA462D35580BC0C78C6427FB96F3 + BB762662F5B52FB3938CCCEAC35884C1 + 54F5BBF513970FC08F51C91059A757B9 + A8B6F1EFE467FAADA8D4DF68C6AC1942 + xor-digest = 6409F8C255BAE6167686F5F9C7EB2349 + 0FC7BA4DCBC80006B57A5F56CA9F907F + 849C2A0FB0D74CAAFC0E2D4367E2912E + BA6487D8A48DA60E48277A20E326266A + +Set 5, vector#243: + key = 00000000000000000000000000000000 + 00000000000000000000000000000000 + IV = 00000000000000000000000000000000 + 00000000000000000000000000001000 + stream[0..63] = 543BAEFA799FA0CF5295B92EF3FDC07D + 69B87C1B5FF0A9F25B32F8FCC473D04D + 54B6E467D6183F25E3664A330889889F + A530E354B6E53EBC78354100637A62C3 + stream[192..255] = E15997D1E7C0FA38333DEE2EE2477A4F + AD32F0810E8D3D65EAFB110C2B8D0948 + 59DC45C4AA38B8050A87C23782E1A26C + C193985BB0C3E754A528BEAAE1508D76 + stream[256..319] = A94F1BD38219097B70EC0700A64B0ADC + 7BA8883B5C2C3BBABD0497E80D53121A + 2DC5A5C6A77913330EF5469871BABF86 + 0A09F1474D893ADC28B473EE508F473F + stream[448..511] = A43AC01FC186AB42241ED3729E7EEA39 + F0823D124E8CB696E2F4B047A6B71164 + 5B803623CD0371C4975217B3CBD7D9B2 + FD89D3B6BD23FD11FEC0B03B9CC22AC0 + xor-digest = 792A5EDB6E7FDBE99B7EC2119665C2F2 + 34038F561BB1923F3BF493AE35CE2006 + 55B8EE47490B53EBB481AB7C6B82FACB + 233AD86D74385FA108C94666CD34C164 + +Set 5, vector#252: + key = 00000000000000000000000000000000 + 00000000000000000000000000000000 + IV = 00000000000000000000000000000000 + 00000000000000000000000000000008 + stream[0..63] = CB4377099B2D7CD6A982A1B1A53E05F2 + E097164EDCB381468C21D8F0615A654A + 45A4D09B7C0218A19496EA71CEEEAE5A + 886307DB0026C96049B60E5154F99AA4 + stream[192..255] = 25FCE0B7E28D5D0D1654D912DBB21AE0 + 288CCC71396CA5AA36AC44AB08EC72A1 + 01E5B189535C1987B79DE4C4E32DB7FA + 48ACBC8F854868FC287E03D54752230C + stream[256..319] = D3B02A39A4E467C44C109E1E25593278 + 2E9B3CCB02D6F107C9263A24E113FAEF + 847A9064E1AD1EC8881EFEB239CAD6C4 + E90ACEC36A7E87E002F35D477CD63F2B + stream[448..511] = 7D4282D7E11439C04ACFF087708DA22D + 236F1A08A6343704DA4D24EA3582253A + 35419183A915B571DDE80C1DEE2B8A13 + 76EE973234FFF6A0DD91D31037F51C72 + xor-digest = D52720D8DF114235D99E5292E14DE96F + 9D8478E016CD40EBA25C4B9D8E11713E + FE9AC151E1F39377FCC07D06E9BF6931 + 6EFD7E27F87E9F76DCBF7831CC3FA98B + +Test vectors -- set 6 +===================== + +Set 6, vector# 0: + key = 0053A6F94C9FF24598EB3E91E4378ADD + 3083D6297CCF2275C81B6EC11467BA0D + IV = 0D74DB42A91077DE45AC137AE148AF16 + 7DE44BB21980E74EB51C83EA51B81F86 + stream[0..63] = 23D9E70A45EB0127884D66D9F6F23C01 + D1F88AFD629270127247256C1FFF91E9 + 1A797BD98ADD23AE15BEE6EEA3CEFDBF + A3ED6D22D9C4F459DB10C40CDF4F4DFF + stream[65472..65535] = CFF0058C45807C1F4300D118FDFC3B21 + 370936B39391791C92A821E1C8E8F248 + BBBF378679468218FF5F6560B79A6015 + 82B81315DC19D8583263958B068BEA48 + stream[65536..65599] = 871A09D393D8888EBEA453F518BD300D + 8233E906A31631D29A4A1834E268C3E4 + F65F4F65B1B9E55606BDF28A571CA4E7 + 59BDE4718E1E13731663F5CAF1CB0F1E + stream[131008..131071] = 15360407DA7B389DF28C08B2221F5E0D + 96B34839325795A70A3F65D9CBB3848D + 8C0793A53E8C4D71D8B53B2923A90B37 + FE412A4485F0CC741E65743C6F1ECB4A + xor-digest = C08A2B344B4A486BEB4568EFA585A481 + 64C90A34752FC3523C3A99D764AE33D6 + 825915067FD64D90EE81175416A3B4CE + 780426A44A4530994A1A8A83A5E9E243 + +Set 6, vector# 1: + key = 0558ABFE51A4F74A9DF04396E93C8FE2 + 3588DB2E81D4277ACD2073C6196CBF12 + IV = 167DE44BB21980E74EB51C83EA51B81F + 86ED54BB2289F057BE258CF35AC1288F + stream[0..63] = C44B5262F2EAD9C018213127686DB742 + A72D3F2D61D18F0F4E7DE5B4F7ADABE0 + 7E0C82033B139F02BAACB4E2F2D0BE30 + 110C3A8A2B621523756692877C905DD0 + stream[65472..65535] = 5989C607133DBC6C0F2DD022D4812ABF + 91111E266BBC8EF91F1759B3CFD73E12 + 432C1334E3549EA54917BC0156672E13 + DBFDE5F0CE6C504EF4AB69A9C311FC79 + stream[65536..65599] = 0D22D9DD0AAC594F812839C7C4D0B690 + 7A19FE4985E1A0DCCA5930E6F5A70055 + 452978828569A28AC62C30274CAAD865 + F4F8BC7E3F058B50C454F3CA360264AF + stream[131008..131071] = D17E6611F2754F60629B7CF29CF35888 + 3765A08C62167AC620C1CBCD1058F527 + 4B2D4335591F7962A0A76D5F430332AD + C16B13E7EEA80188974860D2EE3BE81F + xor-digest = B7163FD0F8A41562DCB10212DB9C97DF + C25C6BEBEB6331F072118F046E508887 + FB82C0A3FF8B0E0B5765131BD58F3181 + AFB3803A2C1C8C70877AE29F74D433F4 + +Set 6, vector# 2: + key = 0A5DB00356A9FC4FA2F5489BEE4194E7 + 3A8DE03386D92C7FD22578CB1E71C417 + IV = 1F86ED54BB2289F057BE258CF35AC128 + 8FF65DC42B92F960C72E95FC63CA3198 + stream[0..63] = 9D13AA06122F4F03AE60D507701F1ED0 + 63D7530FF35EE76CAEDCBFB01D8A239E + FA4A44B272DE9B4092E2AD56E87C3A60 + 89F5A074D1F6E5B8FC6FABEE0C936F06 + stream[65472..65535] = 85D7E59D15760E12C5E8D0D5CD9B46E7 + 00F8E821C91CAC8C37A6200E61A71E84 + 15932834C0A06DC7E5738E11A0F9A9C4 + 38ECE66D8D5A654A754FC5858B28EE21 + stream[65536..65599] = CEC10B6D37543B35CE32B152BE2928FD + C8476E341F23AFB3B404D40EC0657A8E + 95F5CF7297EB1948385A5FB2FBBFAF66 + E252F35AA1DF199FED99DA532E5858E3 + stream[131008..131071] = 9DF7785EB3E69ED977E6DCC59EDA18A7 + 41029BCCC4590A46B8F9FAB96B5C4268 + 2FE49EC0BF79FBB637E6DEEACC068E4C + 93D215555CF876E17F37968576C5D5FC + xor-digest = 0B36039A89999715A7F53207DD60203A + B397397C718C7057E82E36C05E49506C + 911F9596F2A5818E0ABE6BE666086DA7 + 9B18E89A43C64B9227BF9DF65CD55C35 + +Set 6, vector# 3: + key = 0F62B5085BAE0154A7FA4DA0F34699EC + 3F92E5388BDE3184D72A7DD02376C91C + IV = 288FF65DC42B92F960C72E95FC63CA31 + 98FF66CD349B0269D0379E056CD33AA1 + stream[0..63] = C8632038DA61679C4685288B37D3E232 + 7BC2D28C266B041FE0CA0D3CFEED8FD5 + 753259BAB757168F85EA96ADABD823CA + 4684E918423E091565713FEDDE2CCFE0 + stream[65472..65535] = 340CA4A2B985CCB5C07964B36AB84409 + 679FFBC616ECFCC672A0F61BBE94AD0F + E6C065CFC069BCA7D33FF35BB2967D0F + FE84BC6006E46D7CA0C1AAEE279E8C32 + stream[65536..65599] = B5221331961267143AF1A5EC7D1118CD + C96A4B088404F5B6C5BE7320C87C4E90 + F5333906AC759D7747EA06903525620B + D05703033C5F1973809B9D674688461B + stream[131008..131071] = DF8934D8386B59B681CC9146E6EF9A7D + 765366267B4BDE3DE8DD15B714A397D4 + 08432F2B975F6274132FECDA89E0FB32 + 379023ACDA101452D30657E6D5059828 + xor-digest = 36D3E252F992C30C76818B3364613BE3 + 7F84FC4B848272404E7D9E689BCB945A + A85CBA790187A4FAF9811CB0824F2F46 + 6DB05D3F96A0AF233486AD28A593AC24 + + + +End of test vectors diff --git a/BouncyCastle/crypto/test/data/keys/README.txt b/BouncyCastle/crypto/test/data/keys/README.txt new file mode 100644 index 0000000..352170f --- /dev/null +++ b/BouncyCastle/crypto/test/data/keys/README.txt @@ -0,0 +1,4 @@ +The pbes1 and pbes2 folders contain a series of encrypted private keys generated with openssl. + +The password for all keys is "12345678a". + diff --git a/BouncyCastle/crypto/test/data/keys/pbes1/pbeWithMD2AndDES_CBC.key b/BouncyCastle/crypto/test/data/keys/pbes1/pbeWithMD2AndDES_CBC.key new file mode 100644 index 0000000..a765d9c Binary files /dev/null and b/BouncyCastle/crypto/test/data/keys/pbes1/pbeWithMD2AndDES_CBC.key differ diff --git a/BouncyCastle/crypto/test/data/keys/pbes1/pbeWithMD2AndRC2_CBC.key b/BouncyCastle/crypto/test/data/keys/pbes1/pbeWithMD2AndRC2_CBC.key new file mode 100644 index 0000000..40b449b Binary files /dev/null and b/BouncyCastle/crypto/test/data/keys/pbes1/pbeWithMD2AndRC2_CBC.key differ diff --git a/BouncyCastle/crypto/test/data/keys/pbes1/pbeWithMD5AndDES_CBC.key b/BouncyCastle/crypto/test/data/keys/pbes1/pbeWithMD5AndDES_CBC.key new file mode 100644 index 0000000..f54557e Binary files /dev/null and b/BouncyCastle/crypto/test/data/keys/pbes1/pbeWithMD5AndDES_CBC.key differ diff --git a/BouncyCastle/crypto/test/data/keys/pbes1/pbeWithMD5AndRC2_CBC.key b/BouncyCastle/crypto/test/data/keys/pbes1/pbeWithMD5AndRC2_CBC.key new file mode 100644 index 0000000..595ee50 Binary files /dev/null and b/BouncyCastle/crypto/test/data/keys/pbes1/pbeWithMD5AndRC2_CBC.key differ diff --git a/BouncyCastle/crypto/test/data/keys/pbes1/pbeWithSHA1AndDES_CBC.key b/BouncyCastle/crypto/test/data/keys/pbes1/pbeWithSHA1AndDES_CBC.key new file mode 100644 index 0000000..2eb164a Binary files /dev/null and b/BouncyCastle/crypto/test/data/keys/pbes1/pbeWithSHA1AndDES_CBC.key differ diff --git a/BouncyCastle/crypto/test/data/keys/pbes1/pbeWithSHA1AndRC2_CBC.key b/BouncyCastle/crypto/test/data/keys/pbes1/pbeWithSHA1AndRC2_CBC.key new file mode 100644 index 0000000..c724d63 Binary files /dev/null and b/BouncyCastle/crypto/test/data/keys/pbes1/pbeWithSHA1AndRC2_CBC.key differ diff --git a/BouncyCastle/crypto/test/data/keys/pbes1/pbe_WithSHA1And128BitRC2_CBC.key b/BouncyCastle/crypto/test/data/keys/pbes1/pbe_WithSHA1And128BitRC2_CBC.key new file mode 100644 index 0000000..4455719 Binary files /dev/null and b/BouncyCastle/crypto/test/data/keys/pbes1/pbe_WithSHA1And128BitRC2_CBC.key differ diff --git a/BouncyCastle/crypto/test/data/keys/pbes1/pbe_WithSHA1And128BitRC4.key b/BouncyCastle/crypto/test/data/keys/pbes1/pbe_WithSHA1And128BitRC4.key new file mode 100644 index 0000000..efc0c1e Binary files /dev/null and b/BouncyCastle/crypto/test/data/keys/pbes1/pbe_WithSHA1And128BitRC4.key differ diff --git a/BouncyCastle/crypto/test/data/keys/pbes1/pbe_WithSHA1And2_Key_TripleDES_CBC.key b/BouncyCastle/crypto/test/data/keys/pbes1/pbe_WithSHA1And2_Key_TripleDES_CBC.key new file mode 100644 index 0000000..ba349f1 Binary files /dev/null and b/BouncyCastle/crypto/test/data/keys/pbes1/pbe_WithSHA1And2_Key_TripleDES_CBC.key differ diff --git a/BouncyCastle/crypto/test/data/keys/pbes1/pbe_WithSHA1And3_Key_TripleDES_CBC.key b/BouncyCastle/crypto/test/data/keys/pbes1/pbe_WithSHA1And3_Key_TripleDES_CBC.key new file mode 100644 index 0000000..a9098b7 Binary files /dev/null and b/BouncyCastle/crypto/test/data/keys/pbes1/pbe_WithSHA1And3_Key_TripleDES_CBC.key differ diff --git a/BouncyCastle/crypto/test/data/keys/pbes1/pbe_WithSHA1And40BitRC2_CBC.key b/BouncyCastle/crypto/test/data/keys/pbes1/pbe_WithSHA1And40BitRC2_CBC.key new file mode 100644 index 0000000..71dafa9 Binary files /dev/null and b/BouncyCastle/crypto/test/data/keys/pbes1/pbe_WithSHA1And40BitRC2_CBC.key differ diff --git a/BouncyCastle/crypto/test/data/keys/pbes1/pbe_WithSHA1And40BitRC4.key b/BouncyCastle/crypto/test/data/keys/pbes1/pbe_WithSHA1And40BitRC4.key new file mode 100644 index 0000000..85a18e4 Binary files /dev/null and b/BouncyCastle/crypto/test/data/keys/pbes1/pbe_WithSHA1And40BitRC4.key differ diff --git a/BouncyCastle/crypto/test/data/keys/pbes2/pbes2.aes-128-cbc.key b/BouncyCastle/crypto/test/data/keys/pbes2/pbes2.aes-128-cbc.key new file mode 100644 index 0000000..8b8fa28 Binary files /dev/null and b/BouncyCastle/crypto/test/data/keys/pbes2/pbes2.aes-128-cbc.key differ diff --git a/BouncyCastle/crypto/test/data/keys/pbes2/pbes2.aes-128-cfb.key b/BouncyCastle/crypto/test/data/keys/pbes2/pbes2.aes-128-cfb.key new file mode 100644 index 0000000..a30a3e3 Binary files /dev/null and b/BouncyCastle/crypto/test/data/keys/pbes2/pbes2.aes-128-cfb.key differ diff --git a/BouncyCastle/crypto/test/data/keys/pbes2/pbes2.aes-128-cfb1.key b/BouncyCastle/crypto/test/data/keys/pbes2/pbes2.aes-128-cfb1.key new file mode 100644 index 0000000..9b35154 Binary files /dev/null and b/BouncyCastle/crypto/test/data/keys/pbes2/pbes2.aes-128-cfb1.key differ diff --git a/BouncyCastle/crypto/test/data/keys/pbes2/pbes2.aes-128-cfb8.key b/BouncyCastle/crypto/test/data/keys/pbes2/pbes2.aes-128-cfb8.key new file mode 100644 index 0000000..dc974b0 Binary files /dev/null and b/BouncyCastle/crypto/test/data/keys/pbes2/pbes2.aes-128-cfb8.key differ diff --git a/BouncyCastle/crypto/test/data/keys/pbes2/pbes2.aes-128-ecb.key b/BouncyCastle/crypto/test/data/keys/pbes2/pbes2.aes-128-ecb.key new file mode 100644 index 0000000..1a9dbfa Binary files /dev/null and b/BouncyCastle/crypto/test/data/keys/pbes2/pbes2.aes-128-ecb.key differ diff --git a/BouncyCastle/crypto/test/data/keys/pbes2/pbes2.aes-128-ofb.key b/BouncyCastle/crypto/test/data/keys/pbes2/pbes2.aes-128-ofb.key new file mode 100644 index 0000000..0cb9df7 Binary files /dev/null and b/BouncyCastle/crypto/test/data/keys/pbes2/pbes2.aes-128-ofb.key differ diff --git a/BouncyCastle/crypto/test/data/keys/pbes2/pbes2.aes-192-cbc.key b/BouncyCastle/crypto/test/data/keys/pbes2/pbes2.aes-192-cbc.key new file mode 100644 index 0000000..fa9b39b Binary files /dev/null and b/BouncyCastle/crypto/test/data/keys/pbes2/pbes2.aes-192-cbc.key differ diff --git a/BouncyCastle/crypto/test/data/keys/pbes2/pbes2.aes-192-cfb.key b/BouncyCastle/crypto/test/data/keys/pbes2/pbes2.aes-192-cfb.key new file mode 100644 index 0000000..ac21ae9 Binary files /dev/null and b/BouncyCastle/crypto/test/data/keys/pbes2/pbes2.aes-192-cfb.key differ diff --git a/BouncyCastle/crypto/test/data/keys/pbes2/pbes2.aes-192-cfb1.key b/BouncyCastle/crypto/test/data/keys/pbes2/pbes2.aes-192-cfb1.key new file mode 100644 index 0000000..c33f3ea Binary files /dev/null and b/BouncyCastle/crypto/test/data/keys/pbes2/pbes2.aes-192-cfb1.key differ diff --git a/BouncyCastle/crypto/test/data/keys/pbes2/pbes2.aes-192-cfb8.key b/BouncyCastle/crypto/test/data/keys/pbes2/pbes2.aes-192-cfb8.key new file mode 100644 index 0000000..3101634 Binary files /dev/null and b/BouncyCastle/crypto/test/data/keys/pbes2/pbes2.aes-192-cfb8.key differ diff --git a/BouncyCastle/crypto/test/data/keys/pbes2/pbes2.aes-192-ecb.key b/BouncyCastle/crypto/test/data/keys/pbes2/pbes2.aes-192-ecb.key new file mode 100644 index 0000000..0a061a0 Binary files /dev/null and b/BouncyCastle/crypto/test/data/keys/pbes2/pbes2.aes-192-ecb.key differ diff --git a/BouncyCastle/crypto/test/data/keys/pbes2/pbes2.aes-192-ofb.key b/BouncyCastle/crypto/test/data/keys/pbes2/pbes2.aes-192-ofb.key new file mode 100644 index 0000000..cdc4cb4 Binary files /dev/null and b/BouncyCastle/crypto/test/data/keys/pbes2/pbes2.aes-192-ofb.key differ diff --git a/BouncyCastle/crypto/test/data/keys/pbes2/pbes2.aes-256-cbc.key b/BouncyCastle/crypto/test/data/keys/pbes2/pbes2.aes-256-cbc.key new file mode 100644 index 0000000..393f892 Binary files /dev/null and b/BouncyCastle/crypto/test/data/keys/pbes2/pbes2.aes-256-cbc.key differ diff --git a/BouncyCastle/crypto/test/data/keys/pbes2/pbes2.aes-256-cfb.key b/BouncyCastle/crypto/test/data/keys/pbes2/pbes2.aes-256-cfb.key new file mode 100644 index 0000000..7e88cb7 Binary files /dev/null and b/BouncyCastle/crypto/test/data/keys/pbes2/pbes2.aes-256-cfb.key differ diff --git a/BouncyCastle/crypto/test/data/keys/pbes2/pbes2.aes-256-cfb1.key b/BouncyCastle/crypto/test/data/keys/pbes2/pbes2.aes-256-cfb1.key new file mode 100644 index 0000000..9a8e33f Binary files /dev/null and b/BouncyCastle/crypto/test/data/keys/pbes2/pbes2.aes-256-cfb1.key differ diff --git a/BouncyCastle/crypto/test/data/keys/pbes2/pbes2.aes-256-cfb8.key b/BouncyCastle/crypto/test/data/keys/pbes2/pbes2.aes-256-cfb8.key new file mode 100644 index 0000000..84643b6 Binary files /dev/null and b/BouncyCastle/crypto/test/data/keys/pbes2/pbes2.aes-256-cfb8.key differ diff --git a/BouncyCastle/crypto/test/data/keys/pbes2/pbes2.aes-256-ecb.key b/BouncyCastle/crypto/test/data/keys/pbes2/pbes2.aes-256-ecb.key new file mode 100644 index 0000000..293bde5 Binary files /dev/null and b/BouncyCastle/crypto/test/data/keys/pbes2/pbes2.aes-256-ecb.key differ diff --git a/BouncyCastle/crypto/test/data/keys/pbes2/pbes2.aes-256-ofb.key b/BouncyCastle/crypto/test/data/keys/pbes2/pbes2.aes-256-ofb.key new file mode 100644 index 0000000..f47d92f Binary files /dev/null and b/BouncyCastle/crypto/test/data/keys/pbes2/pbes2.aes-256-ofb.key differ diff --git a/BouncyCastle/crypto/test/data/keys/pbes2/pbes2.aes128.key b/BouncyCastle/crypto/test/data/keys/pbes2/pbes2.aes128.key new file mode 100644 index 0000000..0711ff2 Binary files /dev/null and b/BouncyCastle/crypto/test/data/keys/pbes2/pbes2.aes128.key differ diff --git a/BouncyCastle/crypto/test/data/keys/pbes2/pbes2.aes192.key b/BouncyCastle/crypto/test/data/keys/pbes2/pbes2.aes192.key new file mode 100644 index 0000000..6fea76e Binary files /dev/null and b/BouncyCastle/crypto/test/data/keys/pbes2/pbes2.aes192.key differ diff --git a/BouncyCastle/crypto/test/data/keys/pbes2/pbes2.aes256.key b/BouncyCastle/crypto/test/data/keys/pbes2/pbes2.aes256.key new file mode 100644 index 0000000..b449e07 Binary files /dev/null and b/BouncyCastle/crypto/test/data/keys/pbes2/pbes2.aes256.key differ diff --git a/BouncyCastle/crypto/test/data/keys/pbes2/pbes2.bf-cbc.key b/BouncyCastle/crypto/test/data/keys/pbes2/pbes2.bf-cbc.key new file mode 100644 index 0000000..4b2601e Binary files /dev/null and b/BouncyCastle/crypto/test/data/keys/pbes2/pbes2.bf-cbc.key differ diff --git a/BouncyCastle/crypto/test/data/keys/pbes2/pbes2.bf.key b/BouncyCastle/crypto/test/data/keys/pbes2/pbes2.bf.key new file mode 100644 index 0000000..7fbb6ed Binary files /dev/null and b/BouncyCastle/crypto/test/data/keys/pbes2/pbes2.bf.key differ diff --git a/BouncyCastle/crypto/test/data/keys/pbes2/pbes2.blowfish.key b/BouncyCastle/crypto/test/data/keys/pbes2/pbes2.blowfish.key new file mode 100644 index 0000000..2b19b24 Binary files /dev/null and b/BouncyCastle/crypto/test/data/keys/pbes2/pbes2.blowfish.key differ diff --git a/BouncyCastle/crypto/test/data/keys/pbes2/pbes2.cast-cbc.key b/BouncyCastle/crypto/test/data/keys/pbes2/pbes2.cast-cbc.key new file mode 100644 index 0000000..383b6d4 Binary files /dev/null and b/BouncyCastle/crypto/test/data/keys/pbes2/pbes2.cast-cbc.key differ diff --git a/BouncyCastle/crypto/test/data/keys/pbes2/pbes2.cast.key b/BouncyCastle/crypto/test/data/keys/pbes2/pbes2.cast.key new file mode 100644 index 0000000..208cc5f Binary files /dev/null and b/BouncyCastle/crypto/test/data/keys/pbes2/pbes2.cast.key differ diff --git a/BouncyCastle/crypto/test/data/keys/pbes2/pbes2.cast5-cbc.key b/BouncyCastle/crypto/test/data/keys/pbes2/pbes2.cast5-cbc.key new file mode 100644 index 0000000..728de6f Binary files /dev/null and b/BouncyCastle/crypto/test/data/keys/pbes2/pbes2.cast5-cbc.key differ diff --git a/BouncyCastle/crypto/test/data/keys/pbes2/pbes2.des-cbc.key b/BouncyCastle/crypto/test/data/keys/pbes2/pbes2.des-cbc.key new file mode 100644 index 0000000..8c8f4bc Binary files /dev/null and b/BouncyCastle/crypto/test/data/keys/pbes2/pbes2.des-cbc.key differ diff --git a/BouncyCastle/crypto/test/data/keys/pbes2/pbes2.des-cfb.key b/BouncyCastle/crypto/test/data/keys/pbes2/pbes2.des-cfb.key new file mode 100644 index 0000000..0cdba7c Binary files /dev/null and b/BouncyCastle/crypto/test/data/keys/pbes2/pbes2.des-cfb.key differ diff --git a/BouncyCastle/crypto/test/data/keys/pbes2/pbes2.des-cfb1.key b/BouncyCastle/crypto/test/data/keys/pbes2/pbes2.des-cfb1.key new file mode 100644 index 0000000..9474026 Binary files /dev/null and b/BouncyCastle/crypto/test/data/keys/pbes2/pbes2.des-cfb1.key differ diff --git a/BouncyCastle/crypto/test/data/keys/pbes2/pbes2.des-cfb8.key b/BouncyCastle/crypto/test/data/keys/pbes2/pbes2.des-cfb8.key new file mode 100644 index 0000000..c5d5594 Binary files /dev/null and b/BouncyCastle/crypto/test/data/keys/pbes2/pbes2.des-cfb8.key differ diff --git a/BouncyCastle/crypto/test/data/keys/pbes2/pbes2.des-ecb.key b/BouncyCastle/crypto/test/data/keys/pbes2/pbes2.des-ecb.key new file mode 100644 index 0000000..1798e4d Binary files /dev/null and b/BouncyCastle/crypto/test/data/keys/pbes2/pbes2.des-ecb.key differ diff --git a/BouncyCastle/crypto/test/data/keys/pbes2/pbes2.des-ede.key b/BouncyCastle/crypto/test/data/keys/pbes2/pbes2.des-ede.key new file mode 100644 index 0000000..0ca0df8 Binary files /dev/null and b/BouncyCastle/crypto/test/data/keys/pbes2/pbes2.des-ede.key differ diff --git a/BouncyCastle/crypto/test/data/keys/pbes2/pbes2.des-ede3-cbc.key b/BouncyCastle/crypto/test/data/keys/pbes2/pbes2.des-ede3-cbc.key new file mode 100644 index 0000000..dd3579b Binary files /dev/null and b/BouncyCastle/crypto/test/data/keys/pbes2/pbes2.des-ede3-cbc.key differ diff --git a/BouncyCastle/crypto/test/data/keys/pbes2/pbes2.des-ofb.key b/BouncyCastle/crypto/test/data/keys/pbes2/pbes2.des-ofb.key new file mode 100644 index 0000000..d92de62 Binary files /dev/null and b/BouncyCastle/crypto/test/data/keys/pbes2/pbes2.des-ofb.key differ diff --git a/BouncyCastle/crypto/test/data/keys/pbes2/pbes2.des.key b/BouncyCastle/crypto/test/data/keys/pbes2/pbes2.des.key new file mode 100644 index 0000000..3b4f3cb Binary files /dev/null and b/BouncyCastle/crypto/test/data/keys/pbes2/pbes2.des.key differ diff --git a/BouncyCastle/crypto/test/data/keys/pbes2/pbes2.des3.key b/BouncyCastle/crypto/test/data/keys/pbes2/pbes2.des3.key new file mode 100644 index 0000000..78ca4a5 Binary files /dev/null and b/BouncyCastle/crypto/test/data/keys/pbes2/pbes2.des3.key differ diff --git a/BouncyCastle/crypto/test/data/keys/pbes2/pbes2.rc2-40-cbc.key b/BouncyCastle/crypto/test/data/keys/pbes2/pbes2.rc2-40-cbc.key new file mode 100644 index 0000000..6f50f13 Binary files /dev/null and b/BouncyCastle/crypto/test/data/keys/pbes2/pbes2.rc2-40-cbc.key differ diff --git a/BouncyCastle/crypto/test/data/keys/pbes2/pbes2.rc2-64-cbc.key b/BouncyCastle/crypto/test/data/keys/pbes2/pbes2.rc2-64-cbc.key new file mode 100644 index 0000000..1a70f97 Binary files /dev/null and b/BouncyCastle/crypto/test/data/keys/pbes2/pbes2.rc2-64-cbc.key differ diff --git a/BouncyCastle/crypto/test/data/keys/pbes2/pbes2.rc2-cbc.key b/BouncyCastle/crypto/test/data/keys/pbes2/pbes2.rc2-cbc.key new file mode 100644 index 0000000..c8778c4 Binary files /dev/null and b/BouncyCastle/crypto/test/data/keys/pbes2/pbes2.rc2-cbc.key differ diff --git a/BouncyCastle/crypto/test/data/keys/pbes2/pbes2.rc2.key b/BouncyCastle/crypto/test/data/keys/pbes2/pbes2.rc2.key new file mode 100644 index 0000000..fef0f14 Binary files /dev/null and b/BouncyCastle/crypto/test/data/keys/pbes2/pbes2.rc2.key differ diff --git a/BouncyCastle/crypto/test/data/openpgp/bigpub.asc b/BouncyCastle/crypto/test/data/openpgp/bigpub.asc new file mode 100644 index 0000000..a3b0766 --- /dev/null +++ b/BouncyCastle/crypto/test/data/openpgp/bigpub.asc @@ -0,0 +1,15124 @@ +-----BEGIN PGP PUBLIC KEY BLOCK----- +Version: SKS 1.1.0 + +mQENBEGz0vIBCADLb2Sb5QbOhRIzfOg3u9F338gK1XZWJG8JwXP8DSGbQEof0+YoT/7bA+3h +1ljh3LG0m8JUEdolrxLz/8Mguu2TA2UQiMwRaRChSVvBgkCRYkr97+kClNgmi+PLuUN1z4ts +pqdE761nRVvUl2x4XvLTJ21hU5eXGGsC+qFP4Efe8B5kH+FexAfnFPPzou3GjbDbYv4CYi0p +yhTxmauxyJyQrQ/MQUt0RFRkL8qCzWCR2BmH3jM3M0Wt0oKn8C8+fWItUh5U9fzv/K9GeO/S +V8+zdL4MrdqDstgqXNs27H+WeIgbXlUGIs0mONE6TtKZ5PXG5zFM1bz1vDdAYbY4eUWDABEB +AAG0JVBHUCBHbG9iYWwgRGlyZWN0b3J5IFZlcmlmaWNhdGlvbiBLZXmIPwMFEEJpFLOOJ+UU +Ru9cuhECHY4An0TJ8/+RtI5urLp2Xl5XAlpAXaZNAKCSuXpJ3FmkDBDBH4oi7tX1UT9dUYg/ +AwUQREid/vRgfc3qXuseEQINQACeLWYfWgdzGEVqZMJcKipFBh5iZjcAoKh2M24Cpx6I2KLH +i2NBm8F6FoWliD8DBRBESKO12QZM9f+oEAsRAiiIAKDij5LuIuseRDkLbYV8U9gexTvmugCg +qJ+aeGT3inK8MDsTKhFSpR1m8RCIRQQQEQIABgUCQcFACwAKCRDJbLTk91zHQjUvAJ4izcSI +AP00pZdhNSJPc+lt7azCdACYuchxK2dRGDOLxI/U0sgR8WcKcIhFBBARAgAGBQJBwUALAAoJ +EMlstOT3XMdCNS8AniLNxIgA/TSll2E1Ik9z6W3trMJ0AJi5yHErZ1EYM4vEj9TSyBHxZxpg +iEUEEBECAAYFAkHClA0ACgkQwJgS94+SBPxeVACfWt+Sv8b5m0ljkrV13sNfp/atuMkAmIc4 +m8YP7mR5ZScSaHa5lWTjyj6IRQQQEQIABgUCQcKmEwAKCRDPdv69OVZGw10TAJi1kzVZ06vT +XtGQlK5l+07QSuZnAKDO6PK9GrgQBv96dqd8GLSvMBl+cohFBBARAgAGBQJBwupBAAoJEEC2 +xYCC9sJIHNAAoJYlP28UNfqcbXMqMyNWrnmwVon3AJYroo92Kunn54g8c7vvcKW7B35LiEUE +EBECAAYFAkIHc/kACgkQdWvoQzIseVBKUwCXQX6GD+jiphTfSJ9fRUuVQHE9PgCdH21HtnQJ +pwVzeuBPTshfi0b7D1SIRQQQEQIABgUCQ8bjCwAKCRCDZs3xoWLNGRbWAJieIhl4jPQi0tC6 +D7qWy/l7DVE7AKCShNxeoYJjgcqO2JoscCwXZ1AGu4hFBBARAgAGBQJG3mZAAAoJECkt+rJ/ +++ab3t8AliEa5VdLwt9Pbl62y4zV883PT3gAnjn08lDPO8eqpQ6TrAbCA7JPtLRNiEUEEBEC +AAYFAke+o7UACgkQrj/C2lBxHMT9JwCY9wOdaqylMvjfekLT1ChafEOhLACgi+KwMrTqLYAq +EOc4cm3lUEeLZ4+IRQQQEQIABgUCR8D7UgAKCRCNVDDZ15u6eDRRAJ49HHdb+08h5OApsYal +qadszvDhiwCY25b0ooL5izekmoiOh0xxxKcZZYhFBBARAgAGBQJJUWpZAAoJEA7SwqEbM2aw +650AmKXeJ8J3xOA2EMotZhGD16INPBYAoLtv8FbGfakG2fiOPnPjTox+UtytiEUEEhECAAYF +AkHJ8dYACgkQzrlKkepPHdwCzACYwjzxl9E/+PhxPjZUfSZbfsEt6gCfVZgiRKtiHHkVugUt +sORAPLOzpqiIRgQAERIABgUCQfWVCwAKCRCweNc7RiOVnlB9AKCQTSUyyn9SvfIDvx4BH03n +7wbEHQCfa8kgKzIPkIIBqOrTHZgptdlz7CWIRgQQEQIABgUCQbPUCQAKCRCsuxZLz3PsTPIJ +AJ4vNzpU/6iLJ2NZ5pUKB/gq8Dpk/ACgw99rz8vsduvJwfZVp8BhfP5JQRGIRgQQEQIABgUC +QbVj9AAKCRDTS8nDYA+gAa7sAJ965Fi+lfqbX6muHGUvjLMe+N4e6QCfcBQwTmnFPi2SHHea +JPgBqCvIHtiIRgQQEQIABgUCQbd8JAAKCRCMe+1xsc4odKs7AJ9pIsUuB81MDSfBaXU3X3dX +uRpCGgCgvxVEiKhwsD7ZPPKPJrGEaEStNbyIRgQQEQIABgUCQbgYEAAKCRBxFXBoL6FJ13Ko +AKDOn1rzW1tHIW+O556XD6bnjr5SjgCdErUXEZLsQ9l0YYgUn2Yx18rnYGmIRgQQEQIABgUC +QbirTgAKCRCBDhteS5jM/9JwAKDEvWaGLVfknrfthYpdG92tqYwdygCgwsPrpJsJwjIkLozw +UuG/KHu64BCIRgQQEQIABgUCQbirxgAKCRCGNnOtSnVsQkEiAJ0XN7C4JrUzrF8n2OXwmam0 +zMTDiwCfS/scLjrxKl7uGIcPcmKnvAGdKPOIRgQQEQIABgUCQbixBAAKCRBSv1pGvJjmPR2x +AJ93RNFh9beYMKECLEHTuR5E8d174gCfYlieIA4wjYwRJYKGu0VjzEdGjaeIRgQQEQIABgUC +QbjTfAAKCRAUi3MwRZll2NTBAJ9GYO3f98vp07jiqZbLWpKsZ+I38wCdGTXthfFrxPgzZ/Aa +c+b3w0qhd9aIRgQQEQIABgUCQbjpOwAKCRC8Kt8F+eMAY0pnAJ4/DcrtF80fsFxzSDFGfQtM +lckRiQCeKFKn198MCAgYvf1AIQHa9ZRg/bWIRgQQEQIABgUCQbjxGQAKCRC4ekq5fwA95tDq +AKDaptAHgu5fF9snRJ9JxYubRToimQCgxePwQOtBAuzrmD9GC0OwpIA8ywKIRgQQEQIABgUC +Qbj3/wAKCRAHB5LncHmYaUj2AKDtFgW6NLdVhMTCoyXgeL0N7bf7HgCfUqDwnE22eZm63UTC +/MkBS85vOPCIRgQQEQIABgUCQblp3AAKCRBt+kzo6TRK2QsxAKDTbTmQ19bltB/cHPIokEU8 +zwBWMQCg0UoSWaBcz3L19NWae6d/u/M/lVOIRgQQEQIABgUCQbmuvQAKCRATpOum3QYjnP2x +AKCcwT4HhA2qyM5BeiI/TCs7gquN4QCgo36BQxPqNQaBFFbK8YHCeq88zamIRgQQEQIABgUC +Qbmu9AAKCRCEqTsZ+b/uKjK8AKDmMCz+8a0aO2zL6jUAUjQnv2X/PQCfU5fbwEXmv7y5gXvC +IPSuPMrglJSIRgQQEQIABgUCQbmwkQAKCRCCZEeqZiFG4FwBAKCwcYrJqFigtlAZ38PWzfAv +vxSyjwCgleIBrzc2mu8YAEK5zpgjRsFUozuIRgQQEQIABgUCQbnQhwAKCRDJwzyyhrFKOOG3 +AKDeYj1x3eMqcYudk19u2Qssg6qlNQCfQqPb4DzGQP5ZdQUjwGUm2DYc77KIRgQQEQIABgUC +QbnSCwAKCRBxn2JrfAPLeWGRAKD8A0VT+18sifZ4NilTa2AH5U83VACfUVn81tykwKUdUTLY +QF21qhQQBMeIRgQQEQIABgUCQbnUNAAKCRBGl7j7VfnJkH6MAJ9L1Pip0oUgQ/qJKqF1VJDA +bMM5FACeNZTLmazr6YuoxN0mPxPkLaTBLjGIRgQQEQIABgUCQbnUPwAKCRB38V29PDumDFRi +AKC9JsTFWmThWQ08uUfcvD14sGHJuQCfQbCd36+BFxEjrvbIGDQH6tln+A+IRgQQEQIABgUC +QbnWygAKCRDgZedc8wiAs9+2AKCII8Pmqa5PMopqnWgoHvHr4iVN8QCdGRFvJJgp/6I+fpud +7LAML32mG4+IRgQQEQIABgUCQbnW3gAKCRC7FDzwzzFlQTr3AJ44WCKglMbj9amWscGN5Vw2 +iwfyowCdHO+9ueF+zxwAoFPeq8EuLyt0FV6IRgQQEQIABgUCQbnaGwAKCRA0dotniUOypUIt +AJ4n2dStmGMvSPFeowHdcDoGdJL3PwCePMGzC+6az0S9kDBr9+rCPU8iuD2IRgQQEQIABgUC +QbnaGwAKCRA0dotniUOypUItAJ4n2dStmGMvSPFeowHdcDoGdJL3PwCePMGzC+6az0S9kDBr +9/rSPV8yuC2IRgQQEQIABgUCQboGpgAKCRDkE+OjKk17FYmBAKD4amkvV3GuzZHXAq7x+HlU +cY6UvwCfTp0RmcuzVQn7luuMVrYHaNGJQt+IRgQQEQIABgUCQboK0QAKCRCYFRyYkXOl4kY2 +AKD3knCCRCmFGmsSyiHN9TmhBk3g5ACg4PX79EJ4weQqPGJBRPH3KsuQeumIRgQQEQIABgUC +QboYngAKCRDVUYcUJClTs2cGAKCPS1xLjgh/OZ9tSQdez1rsusSI3QCgo1MiLcAtvu9ywoHV +w35Gzuqp64SIRgQQEQIABgUCQbojvQAKCRAiYBKHSHf8TrjsAJ4h3KJip/fOiZiiXqltNjzp +uPHZXgCg7Y7MM/KIQb2gJSMmaZjMWOaQj0SIRgQQEQIABgUCQbouwQAKCRCOIdjkEVFgIH3V +AKDZx4VT4dXM5MbqxFO1Pn8zHqyq4wCbByHcWyw4wMXhviFAWdWU0xJq1lWIRgQQEQIABgUC +Qboy/gAKCRCEF8jlgCIksbzcAKC46YRdwhGbISKZdZGsW/bmJUrP/QCfaFMFjUvhDceBLJhL +gDwIyhW3zAGIRgQQEQIABgUCQbo81AAKCRAOB/VXHhf3YigFAKDOU3szs5ARkJacWv0+qGQQ +Zs+6VgCfeFN2wtlJFYZtCovFNguCN47i0ZGIRgQQEQIABgUCQbo+VwAKCRBnzQfl9Ul8t5K8 +AJ9r/oSJa2M7jxXMHhkklgMDj6FX7wCgm6beKvuC9TsOpvidJMh+C5LBEJmIRgQQEQIABgUC +QbpFxAAKCRAMQftl/Tlq+mKwAKCKv5lKSSnHa8tcyGbuQBWezAPVIgCg/UUB7O07YmJE7JNJ +K0URtXG/uNaIRgQQEQIABgUCQbpUCQAKCRCviAzGkSWEHIBbAJ9Nh0Af2/qIS/sNgtjK/ksG +ec81AACglkDx/ruyrbkQ2WIPwZLCeYEdRI2IRgQQEQIABgUCQbpWrQAKCRDALc8ZBgSYCfXM +AKC60IUHn/83epHkhL1IfIZgTBsxrgCgzcQYYeHp59F3MoktOEl8Y2iCoeWIRgQQEQIABgUC +QbqFlgAKCRD8zcvM0NK4cZ9lAJ0VvKxTfb5+j8h33TIbEuWXxWig/QCg1Ycn9mKc6E91ahCr +NU52DJsfDRWIRgQQEQIABgUCQbq37AAKCRDwsQBK0UOMaDu3AKCKkhdtp9yv9HLz3LMlr6ye +5CdXfwCfegpQ22B3dEQVCejrZ0zOhADlSfOIRgQQEQIABgUCQbrLXQAKCRBj9BH2XRuqaQmm +AKDQAa+j5zXIf2ziJZRF/O5PFPhDXgCg+qcDEiRQG8bbX8Q+Yan31ym6a1CIRgQQEQIABgUC +QbsYLQAKCRBV3aMlKCRO62omAKCMMs1EtN0ChOrReDx/3Vous9kiAACgo85SlJRKaogomgU3 +T4L7GNkZkXSIRgQQEQIABgUCQbsi/QAKCRALXHegbF4jSNLmAJ9Gz7sYPy8R3CbMqDZ/0n5w +jWt0AQCg3OXsOVZfw2USdpmcdIOZvWaKGbuIRgQQEQIABgUCQbskPwAKCRAQVXuDgHysJZMA +AKDWtfC1wxICBCbBkL0+vJIBGObjQwCgts2VKAOh0aebF+zTcqSutG2TRIyIRgQQEQIABgUC +QbsuUAAKCRBim40xNXgjZSzvAJ9ypyIGtgFFXZgOwPTcPTAx1WImrgCeO0N1u51G4NEpCZk1 +l52xb+c49omIRgQQEQIABgUCQbszqgAKCRBl+lXF0P+nnLXbAJwM5RytCM4MvpIFfl7/ZqI1 +1d72IACdGO9S6/eFarK3/tIIoFDkz8kgIXCIRgQQEQIABgUCQbtqwgAKCRARYOF9CSuajTlM +AKDg5VNgxIUATSmOB/V5w+V+wDk5yQCfdhRnQsLvp19hc0+RKVoxeneFW5KIRgQQEQIABgUC +QbtzjQAKCRCgYaxRInARzsiSAJ9WC8lCu+PfEBTg5++5fBPN/6xDrwCbBVxI3PtSTHLwM4ki +KEiuDBZb/G2IRgQQEQIABgUCQbubrgAKCRAcoJOYpSwdOFH4AJ9zxvKzKPx5bP/TJ7E+QjkZ +W4O44ACgi6NrznD7pHf0KwYuTD/fn+tzViOIRgQQEQIABgUCQbuchQAKCRDw8ZLM0VcfRNKt +AJ9Ktmtp5wos+Vt0y3m+TRrjx4OieACbBLyTu1mJV04h5JPGG9ssrCz0dPSIRgQQEQIABgUC +QbvnmwAKCRCK84/Z7NsAPY0GAJ4kd7LRk4AV9XtKMVzSUYTXmaErggCg9LCALRdkytnjx3vy +TGofDVniGVmIRgQQEQIABgUCQbxtXQAKCRDg+RS4031XHuiHAJ9SfXb7odi66P00Iwr20xAh +t1+CwACdEZ40idU+WKd6slNY0WlgjI4Oy1aIRgQQEQIABgUCQbxxuQAKCRCzBn3XhtmkzwGs +AKD+CrzXgHzvS3zL6lIfCpkly3+hvQCfW4BrCPC4/rlJ1XIGZD/LO59XDKaIRgQQEQIABgUC +Qbyg3wAKCRBnDUIHEmTnq4ySAKDblNP4BuIjVhFYsGQskbHh18LFUwCgjapIZmzl5Xx8m37B +DvbboNtm4/uIRgQQEQIABgUCQby5GgAKCRBgQK699s1Zc723AKCP/SCXEpt1ehj3wadWVy0u +6wEOmQCgu/encNL0jUPwqstROldt4ScRvC6IRgQQEQIABgUCQby/kQAKCRDaatARMqCf+Oai +AJkB5vrF6BKG5XWyZDkss5NN9HjHTQCcD9AOIh98auQYRShS5uAR6+/RliuIRgQQEQIABgUC +QbzLtgAKCRDD2isbe/p5nDsJAJ4nl48m9i41ZrEVEsLbw63l4L/tXgCg8dxTEeavmVCq/0fx +/ivRVe547baIRgQQEQIABgUCQb1Y+AAKCRD2qWFME7vtCJb+AKD5lgppt1LUuyoP4I+bAh6T +A26MmACcCr2kZ7l+NU1ZHgn8K7CwEUasBqiIRgQQEQIABgUCQb2LBQAKCRDSmAwLmNZAO/1O +AJ0UOPvwHa1x1zpxgNIxSfCt3729cgCeM7/Fo2eQX7SozrgeuRVjuTGEyfKIRgQQEQIABgUC +Qb3rJgAKCRClI+t2YZIA8++wAKDdusG082gcbKa4V6Ca2/NUseOqkQCfXQ8SbB3qUMcmN3zc +z8bg28tdQ+2IRgQQEQIABgUCQb3s/AAKCRA0lNVTFE+z/bIEAKCcFNFMEs2JT0bMmnYvW5JS +0qnd9wCfdyyFMOk2MRk5e9pHajXuQg0IoeKIRgQQEQIABgUCQb32gAAKCRC91kE4apiUlLyI +AKC+miYazzllcRxROw3vOqqfHg8CNQCfaRBb//xQgmofjHYWtwGFkCTFfrmIRgQQEQIABgUC +Qb32jwAKCRD2owsZMYDdFxyaAJ0RghA9PqnPnLkJwFpPv29GRnxEWQCfdEq9izxEZWHycYgP +mnUQulgoW7+IRgQQEQIABgUCQb4RgQAKCRBCqrGw9L1hC5yKAJ4qsqQhtyD5dXW0iNBxvtkQ +/nI7vQCfff4h/kCmA80+ua9jrVhmyvobO3GIRgQQEQIABgUCQb8lJwAKCRCyvrxAFSkkr8t6 +AJ93m5bv7U2bdcgMfjLS+ilUKd+pWQCfQQiFTE84bwHjjfFlTJLSOtxD86KIRgQQEQIABgUC +Qb9KpAAKCRAsXVlOkcf/OeIvAJ9M5yOezLK1nHUTrgHKc5HAC66+PACgot3eWiU7O91flRsK +bq725lOCgC2IRgQQEQIABgUCQb9O0QAKCRCeSn+XZws1dE5VAJ0Um+/y9YOennFF6G+18CP0 +XxMndQCgwiYZr72vuXOy6m2Q2X9DadLAXGmIRgQQEQIABgUCQb/eiwAKCRCS/rcS4tstwr34 +AKCmp5youTYmOXSTdh6z1FVSwxZ0NACg+wR85OGQ4VGUDrn/Z1GNAzh0gkCIRgQQEQIABgUC +QcBekQAKCRCcvU5zFkahz9+5AKCLJPg31wWWq0DvC1VTB+fUJCnihwCfc9ewm66foLNZthA/ +kqbs1nPZc6GIRgQQEQIABgUCQcC2nQAKCRAS8G+VtoN4oOghAJwLCoDKDI/chr0tnEBe1nnP +RM8XWQCfaJoRF2VVCSEObhyEhfGa0XmruIyIRgQQEQIABgUCQcC3HQAKCRDt0nlfXlmzSJ88 +AKD0+aqgOCkdNN6OU2FEQoN26kEIwQCg+XRGb36EE5gUDeu7hO+AJCyIrHeIRgQQEQIABgUC +QcC79AAKCRBF96RigiJSxOeGAKDJE3mTMJEkRY6abQOy+hRupCU/tACfW3kTOjgWSyS0HM4H +LzriypPaGiiIRgQQEQIABgUCQcC+oQAKCRBkkSIxpisaeqjpAKC9n970xUxsnYLxUmk5p2KJ +97MUeQCg03VTgjLWrvXV+i9L2AgHUVgQtFiIRgQQEQIABgUCQcDAvwAKCRCIs11xG9Vhee4E +AKDzIQhUWVwNavLxkhh07Qj+IcFYYQCZAfDTnH6D0sVxwEi7Uy5NJly3DH6IRgQQEQIABgUC +QcDA4AAKCRATCmFy0MSn5K0jAKDQ0993JeQeV+6kGphJeJQMPMviKgCdE8myOfndlbeitvsn +jEWXscQgqTSIRgQQEQIABgUCQcDDngAKCRAOjvxjPKhDry8XAJ92dmThwKvPxbyLW3dpKmOV +26iFaQCePhqSbYIzkX/Zuno3SUv96o+5/nSIRgQQEQIABgUCQcDK6QAKCRAbEfuRlZvUQsVD +AJ9fEcW1F2jtaxQu0zP70zb2+P0PywCdHfkvVcIxSxcmNeR5PKkgN69voUeIRgQQEQIABgUC +QcDiEgAKCRC9NTZCeyitZfrzAJ41hgl9fOTRf3Kczetgj0LiHPL6yACgogyzumN57cZt8GRJ +yiht7LemuVyIRgQQEQIABgUCQcDitgAKCRC3YpDpnsdfAhpEAKDyq47JT6IWAgcwmTSAzvBx +crc9bQCfZkO7yNjO0crM2LP5Ehk0PeBQpZWIRgQQEQIABgUCQcDqMQAKCRB86Zj5Bms5Cs+K +AJ9+y2i33Xb+2CXbmzrPbKRIkHXSfgCfScUFqlHy2LwGDR+7q0vCNkii1XOIRgQQEQIABgUC +QcDqegAKCRDy8A39XQEnOXqhAJ0Rn43lY/OeYzRxMcmXpqssXdQ6ZwCg5C0TGhDUJMEH2+BO +7W/0yHVLMNiIRgQQEQIABgUCQcDvzAAKCRCyVJ0F+W/5VYGxAKDSNsDi4yQPYOqmls2MgrJR +wvteRwCg4o9boMXUh9oK/z5PX9envZ/zflCIRgQQEQIABgUCQcDwXAAKCRAO/UY1zliImzut +AKDdYuAcD6L4+C9pYcyDOCVrC89CiACfRbZVN3d4AZwmAm4fBdG1y9ZpwQyIRgQQEQIABgUC +QcD1QgAKCRASwBPWYX6hGXLpAKCgpOf20Mtie3rsAas/ZUs8Rp059ACfffgBuU9IjJ+pJNa8 +YjoHvMct+M2IRgQQEQIABgUCQcECxQAKCRCCrKRdHPgfYXC4AJ439hgY4EZROLZC0PEApoCD +VFKLrgCgxjtSP1mfU8w6O0KAJ/QbMGOoPxKIRgQQEQIABgUCQcED+gAKCRCL2tWxHflaga4g +AJ9XesvreDZHcHWZcz/Z2xNABCUZogCeLuT5OLt5dLzXbJY7O4i3nlBDNkCIRgQQEQIABgUC +QcEMeAAKCRBVMgfmo15Ai2StAJ0ZkGbfyzr8McBzjnS6It9b6SknCACgzivMWfXblFrTtmtI +jo2JLzvFYzWIRgQQEQIABgUCQcEMkAAKCRCLjlBqVwvqIZJMAKCkO8rKqeZWaNT7k6FIGKcY +tWfHggCgwVBHg6dAR0fE2jo1q2rCttxXHd2IRgQQEQIABgUCQcEkCQAKCRD0k2Xj+SbiOBW5 +AJ4xcvJJOoCJiSCcsnkMp3DcX11ALgCfU1XnLNtBhuDXymyyQ8ICWY+/79OIRgQQEQIABgUC +QcEqsQAKCRDVVVHryNSM5AiPAJ0b/m8zNs3cYJMuy3X/zuTukV7ljwCbBRVWpbKPr/0Bunra +isMkqIeqMSaIRgQQEQIABgUCQcEqwgAKCRDi6oiHDeGxf6SXAKCQ4Hzk8J+8ZrPiUYFKROUV +7TsiTQCeI1P80LKS2Zcl+ssbqxvxDlLT8vOIRgQQEQIABgUCQcEtAgAKCRCat4fMennGGocu +AKCwqoXr7t+EvyVas6H9+FI3VrxXhwCeLt3cDZ91kP09i442pDLNHw2qIuGIRgQQEQIABgUC +QcE5jgAKCRA7ROyihB5KSwlnAKC68WC7LY+NYvHGT20fgzRQVXRJmwCg1UcB+gpgznS0gtVo +3KaKmKWBUgSIRgQQEQIABgUCQcFLPQAKCRAelgOrH5ZeDri4AJ9aEy6B38Yy0Jmq1D/xN4mH ++4oJtwCg4dSSnBRJCoa5EGlfRUuq3CxIrNqIRgQQEQIABgUCQcFO9QAKCRB5cujO763z+SmM +AJ4ie/MEW60OMcuumj7silbaFn1sQACg8vn7zEdFTSFTA2oEFXqcvqsycKuIRgQQEQIABgUC +QcFPBwAKCRC1W9XPvIJToJVdAKDCEqIeg7farSQD3bRvL+vCddZ3CwCfWHx6/BkOV3SyReIM +u6SSGZT5TTmIRgQQEQIABgUCQcFPqAAKCRCIOfaMVxcsorEJAJ0WpbHmC69Pa1C8X7rTt2tR +Nb6NtACdGp2JM0l+f0zxYHIOR/UWHsVjF0mIRgQQEQIABgUCQcFWUQAKCRDG280qxMGemyDx +AJ0SYWM2qXvdO7UO7GpIAkH3X75cyACg7xSns/BiVlnQNTPZSTGapJj/qnWIRgQQEQIABgUC +QcFWhAAKCRBPkR9upcloXkKKAJ9AJJiYz+RjCMNNjgxj+3I49mIRPwCfVYijXNh+LrZZKkdI +B4QymlNEulyIRgQQEQIABgUCQcFYbQAKCRD1MbN7ztYmwFOZAKCTQLDPQ0ztsgTT8ePxgiKr +e6xDtACgs01Y/9qeHzNg9HuwMzgVg3WtVhCIRgQQEQIABgUCQcFZAAAKCRDxnxJU76WJ2Fqc +AKDdu39jtGS7pNypxK6HJmnm7kA46gCeI5QxuC9XMTaQqtocnfmsGXV7TTOIRgQQEQIABgUC +QcFZOgAKCRBlu2namwA4Pks+AJ4tkZ8HpACe9aIVUbUH2CCFGOlOyQCfX8YpcQYNSFZAC8nd +uoeCrEmuld2IRgQQEQIABgUCQcFawgAKCRA2lKF8TpgRMFb5AKCUK5Pa310QjFFpUERxLHGJ +zK9MdQCgv/TEfaXdAVdOuMJ0rrZs1R2eoVmIRgQQEQIABgUCQcFa+AAKCRD1MbN7ztYmwG9C +AJ0XZcgL6ary5WreotBuWS0Z7X8CDACfYY5nsthKttY/DwlOSFk7X7T3436IRgQQEQIABgUC +QcFkvgAKCRAGW4pwXz5ei2EXAKCBYy7cNE1Pao4JSB03UgbiylkrSwCfWjVeUUTmLJPFhqjf +QqF01yvbqHmIRgQQEQIABgUCQcFpowAKCRAD0eGMT3SeMPIIAKD5mnEpcI/0rCRqrjS167RB +h+vdEQCg6r/PVJs9wCaJ8zm2GBFHCbuOlG2IRgQQEQIABgUCQcFqSAAKCRAULEAeBOPQ14Ja +AJ9bkN3DahjYRo85MIhMxSdvA7wIWgCfdSJZ4sBqwjWizxUEcUFePBGgFWCIRgQQEQIABgUC +QcFqdgAKCRCaE2oo63IsS36VAJ0ZOGvGRmPWJhQTXg9IV9GbG3NMUACfbRfn2IuSDJsCB1Vu +Xk7IhM5WMamIRgQQEQIABgUCQcFvHwAKCRBMSJ9q93vK3K8lAJ9wKemdJeATeOCi670PEbUc +Nrt6MQCgooTU4cTbxBX8L63Bu8lKPtbZDQaIRgQQEQIABgUCQcFwmgAKCRCVm0Ku9KBdR+OP +AJ9WuZKalkmWUAirUk6+JILYY/EVrACbBj0Xrrpeyxhg0k9vwuL6m/Mg+M2IRgQQEQIABgUC +QcF3JwAKCRBELfZqYAupzg+KAKDq6rgR/UNcd0XxaU0ORHHvRifSQwCgoYVIP6RBOz8zrafX +Wo2E6tol4KKIRgQQEQIABgUCQcF3wgAKCRDfRkWd9tDuYGqqAJ42k/ZnzBahb3OqfjM1stRI +tdc2AQCgkFz7/KLkeoRfzvLeltumdCaLm4yIRgQQEQIABgUCQcGTHgAKCRBq5ItcAWe8mpLn +AKCswPqoD8m6qThlUmMG70is3F8SqgCgzXsrlct1kI23H9KEa/kgUYwuDnKIRgQQEQIABgUC +QcGWSQAKCRC4MsjpiO4D4UmAAKDbiD4dwjJEsjSlWzKCSaNuMxhSgQCgmdmsF/mblrzCljG+ +kc3R3oVoLJmIRgQQEQIABgUCQcGdIAAKCRAmZEJJZBU3BdToAJ48XZC4cVZlTi558cQ2xNza +TUZYhwCeL87v6uNKe8Uadm2nKfH7xkohIk2IRgQQEQIABgUCQcGeJAAKCRDut049VdtexILF +AJ9ehGUiwGHyfnwz1Qwb7CUoEMufngCffkqfqm5vOXnOWPWLPS8T6TcxKLaIRgQQEQIABgUC +QcGi+AAKCRAbgLBGQkaFyFc/AKD2xjtO7OSXGe5jPnapM0E1rBbQtgCfZzq3FgHhZgT2WFM6 +Fq+x2rlicVmIRgQQEQIABgUCQcGlhAAKCRBLzEvTYSOu62B0AKDK39iWeBwKw5Bwvdeffv27 +M9bHEACfeyurWoVxoHtAxz61prY550UdLd2IRgQQEQIABgUCQcGyCwAKCRCRkecvw1BHthd1 +AKDDbk2lEUFtLtMj/8biJsMWXxxTZwCgyMsll1G5cTAi+5j9eAZuLX1hFfCIRgQQEQIABgUC +QcG2fQAKCRA74jk/OW0quXs1AKDgG3MaO5LEJAA4M+Dg5NiNw/Hy+wCgqIKzNteoMPr9W6Hv +AT4VzphvxX+IRgQQEQIABgUCQcG5AwAKCRDQUgPfU/EA9weFAKC1u8IaobwFPwh6NElcH+0o +WWzCYQCgq+oduL+nwnyZX3JYKKWKAK3UowmIRgQQEQIABgUCQcG9eQAKCRAUDnOdick1Y69B +AJ9LZ00kpV5ba7m4Nu3zS7SQSYy6pACgsdsgx3IImHuJ6p2lhhhGgqC/++WIRgQQEQIABgUC +QcHf4wAKCRCnSk9vc0QB7kauAJwLj/Rbot6KPOhyQzxLyBQHYU+9CACg4USeVu4tdKWAZ8g0 +OKWxR+s2MXeIRgQQEQIABgUCQcHgOAAKCRADOJwBNctYbAuPAJ0dOrCTB9pVX2OBPmuzD4Cx +YwW+NwCggJwHS0PY81tzDedgM7Pnk3bqUMqIRgQQEQIABgUCQcHigQAKCRCrM9/hz6dOyjtm +AKDjYeNtVOIVF+usFP5zwVZYBLUvDgCgrekmVjnO0VxoXeYYtXq2EmY04LCIRgQQEQIABgUC +QcHkFQAKCRA9ScCu1GEPyoMHAKCqs83Bi7b7TxLBYm1d2ALT9f7K1gCfbK2bslIEMKp9RUAS +deA7kjbTLcyIRgQQEQIABgUCQcHxlAAKCRBqrPpv737lIjaOAJ0dTaObOqi6COvHBWgxdGZP +ldGI+wCeL2YpGr8sMtfzzRG6H7btVsi/7VKIRgQQEQIABgUCQcHycQAKCRC1DNQlEgLalSyE +AJ9IwHTuDYtGljmbWmsM3VNhV14mVQCeP4ZvPzPuv/wFNBCFuBwTWb5+FUmIRgQQEQIABgUC +QcHz5QAKCRBGaBk1donQbEtRAKDJktSav67c+zcV/t3QRI1gIE2C5ACeLNnuClhcUz3maz3B +Yz2vqkqi5OmIRgQQEQIABgUCQcH69AAKCRDtnZmELTgpMEN+AJ43qjBh8aebBmTbYk/8AYIu +MWLA0QCeIBR2SVfSILhyXaHQCKV7irV50iOIRgQQEQIABgUCQcICKwAKCRDsZBMhtkjYmUif +AJ999HFKBT6X80kxRtXLjxA2AtjuDACgxzBPNhLeyIXuo8H6OVnDF8vc936IRgQQEQIABgUC +QcILRwAKCRAboRWPXa027Ao4AJ9wHaC6QWawb7NmGa5B6jFmCbm4IgCfS8d7WmvMtB1WbtXU +DGdD+Q7Nc4uIRgQQEQIABgUCQcILgwAKCRBb4EImE3xAUWvAAJ45jGmW52DqXlyJ+uvFioza +kHU2GwCghGzE/pGFLfLB77ZQUd65Pk2nBDWIRgQQEQIABgUCQcILgwAKCRBb4EImE3xAUWvA +AJ45jGmW52DqXlyJ+uvFiozakHU2GwCghGzE/pGVLeLB/7ZQUd65Lk23FCWIRgQQEQIABgUC +QcIPUgAKCRBLJkstxtoPlwC7AKDBlQyuwWC5iu2uTzEEIHAGiWHWjgCdHiQj/Fvgi7o+2joO +dYAo/HS/Mo6IRgQQEQIABgUCQcIVoAAKCRCIVNbP45rvrRBLAKCtFSLgAFM08+ojWPRUMUYE +8V6WRQCg9U7kinoioCmlJ3xsIklkqZJvQlOIRgQQEQIABgUCQcIW2wAKCRA2lvYWGnhOMdU8 +AJsELtpjR5MCbP8LST8Y6wpyvHvb8ACg2fLfLJhrJF2RS6nPDLQ/4ONsDv2IRgQQEQIABgUC +QcIafAAKCRASXqt0tfdtCaPYAJ90CPo3BbAZbDoyNnt8OFxdj1KynQCfbzaccFlpS1gwqI9q +gTAWd1bgtUmIRgQQEQIABgUCQcIdZAAKCRAZ0SfaU55C8m1FAKCtSp7NJkYVv+le0g+EdGGK +2W1auQCfUoOKvaDiPPlLPEEdRM2yJkoJlo+IRgQQEQIABgUCQcIfRgAKCRAJfnokbJLxciMn +AKCcYZQ7VvllQ29+LobSsrtXWfZKdgCgpEgahu/wcuJJkWkZOcxlmcVz+HWIRgQQEQIABgUC +QcIqGQAKCRCpVJbGgsMe1PbbAKDQ7LRJZsN23Rr5mqCNwFgCTx5A1ACfdXyiuOnVOVqaR6nN +M4exWRZ1cf+IRgQQEQIABgUCQcJP1gAKCRAIyAMjnBGn9mpVAKDnhtkS4Wx3RFioAwiSKbld +lsAoMgCgn3mRsoFI3nF3yHS+oUnmms/1vQOIRgQQEQIABgUCQcJh8AAKCRB4k/mWEfHu2E81 +AKC/PCubW5kSH0iIEEHDt90IubvoPgCfSkCKz3muThHsmbkNhz81XJQZ1M+IRgQQEQIABgUC +QcJ29QAKCRCK9jWj4/ci/F1vAJ97sPDDWey1pfkmnPyMPYB1kJMdsgCfUEwyZ8e/OpLzFZ8c +T9s1OOjPlfOIRgQQEQIABgUCQcJ68wAKCRBV1S9dK6v/X0ViAJ9c2FP3g5950SiBMxweiZrJ +LadlnQCgywxcfO4mnxkmLnlLZGrEXFQSEjGIRgQQEQIABgUCQcKAKAAKCRD2NpEidDO+ay5N +AJ9Zv+RGsVIFoDBpRLY1dXxLhLRW6ACfYnBqh3fgwKlD1yRnzM3sRfEfQ6iIRgQQEQIABgUC +QcKDWAAKCRAYWdAfZ3uh7PsgAJ9WbQjS362nh96ginkWSf7WZYu0gQCfYYwINTn0sU2hz8md +e0Jw6sudG1KIRgQQEQIABgUCQcKDigAKCRCBwvfr4hO2kvTfAJ9amV/AM1NuQ8sCA+AcAFR/ +IfTlmACfaBqDoIkFDnYLO6fQLwi8pu/Y1GuIRgQQEQIABgUCQcKDwQAKCRBrcOzZXcP0c7Li +AJwNccpJm4SPsp1cUFsf1Pd3SP+dewCeP/0bbmv3rwjl3/BOIm8W/0KroziIRgQQEQIABgUC +QcKHCgAKCRAyGtu+Fh+nP8C4AJ0ZYEmTvQMJe3q7M4R7eFzb8AeUswCgiaPvUIVzEHhRKU0F +j/LEzDNWyh+IRgQQEQIABgUCQcKHegAKCRApS1jrwMlPG7HgAJ9n80NOu5gq0va4WS61VP/n +OIFUGQCfRHaZj3+aA//gdG15dFyc0afAsOOIRgQQEQIABgUCQcKOxAAKCRBBzB7cBdg8C6N6 +AKDHj2LN3PGSki5ICKWdPnj5dgLJhwCg/0zE6mKZNnWsXpzkdKcwXj03ovKIRgQQEQIABgUC +QcKQRQAKCRDuTnx2tnTeNwqTAKCWMNMdCKyFXXbBiGyPx+ez2hR8uQCdFG7eIhhwBxZl8ceM +ljbUGILwRmCIRgQQEQIABgUCQcKZhAAKCRANXFwh9wQlIftEAJsHPLOqBQc2Zgfv6sebJmZv ++cOtXACgsG0dTEaX7rheQoMBB+Dwn1XWOUOIRgQQEQIABgUCQcKc/wAKCRBg+fZNkbxJkd1P +AJ9cdeIRA0UXx9WHHF8BnGmZ+VVRGQCfYFfWOhBxTKectlitravi+OCCf0aIRgQQEQIABgUC +QcKgxwAKCRCWtYZyxIQY2I1tAJ41zcp/cAeJhKlzWNYovv8EznRAvACfRHKoOd46zfnuQKRS +cZkOFVdq6EmIRgQQEQIABgUCQcKsxwAKCRA7sBk0BrefKhAlAKD4V9FBvYZN6Gz5NLO/uVx6 +Hl2gYwCdHLflSu0d7qw46TP9GKdvYK0uAieIRgQQEQIABgUCQcK2GQAKCRBOqMTCFe883TXE +AKCH3vhbUt+BV0ZJ+lA+qHeAF8tT4ACgtnlADxlPFfD7AOFTlWBpcRKYFkqIRgQQEQIABgUC +QcK78AAKCRDSKvDJ16tKq+HNAJ9ufb1fvODmMcsy53o+C4+wwcykUgCgmLr6dX7w6WNCe6RO +imoF+PnhpACIRgQQEQIABgUCQcK78AAKCRDSKvDJ16tKq+HNAJ9ufb1fvODmMcsy53o+C4+w +wdykQgCgiLr6ZW7w+WNCe7ROmmoF6OnxpBCIRgQQEQIABgUCQcLJmgAKCRBxyI3M3ijYY9+P +AKCLmxFZCE7SEEaOaBEvU4ymWIcnaACgopbR6+1p2I1/SuDMtc9uVKGJsmqIRgQQEQIABgUC +QcLXwAAKCRD1nHXt++Hn0mhbAJ9vHQkcJfpWLNaubfPR/GCIS0AbQQCfWVCq3hWGOVsir8ED +JtBhx2SpdT6IRgQQEQIABgUCQcLevAAKCRDpuCeE4qXJI+y5AJ9tKO3q4eQ3YciLgbqpa8Sa +TVfSlwCfcdMmE/kG/2LtKvOrIrFbXU0Mbt6IRgQQEQIABgUCQcLiCgAKCRD6hJ+yBmHjKKt6 +AJwK5Ns1XRX69ZDQZHYKqrXSEv/DFACgvvfO7I1b285YPVFoU05QIY/leHiIRgQQEQIABgUC +QcLsJQAKCRB+JG/kPCxNZ+5LAJ9JUxdtqHUC5N672w7f2Gezm05dhACgvzVzovr98xMyKjK2 +8FfNimzJaFaIRgQQEQIABgUCQcL4UwAKCRDzgW26mSFQ4PikAKDBaUl9zaJnYjUY6zQYJ5ml +psCXPgCgzVv45aNtx2ccKWzhGhoTrK5n3k2IRgQQEQIABgUCQcL7dQAKCRDT8rcscr9bnTez +AJ9+W2bOuOA5eOy7xjlmQKQ4qlr5zwCg9VIN+WpqZhkrPyHWMJFVaZqlJ4yIRgQQEQIABgUC +QcMO+QAKCRCgomtt7yqaXsURAKCYad81p2E+xuXtb5hw1HRm+eibmgCgncosAXS4gBd9F1mj +pkBGo7KsB7GIRgQQEQIABgUCQcM8DgAKCRD9cR25gU5quwuTAKDSWifhQ4YPO3HA6y8VtkMQ +Z4XjPwCfaLXcAtFagWvtCiW9QVehKsliIOmIRgQQEQIABgUCQcNYPwAKCRDL3d2pAniaR8/5 +AKCTi97ctVw6q7dweLDYo9h/U6izbgCg4OIuR/0oeh3xAeuhmWLP0LsaTd6IRgQQEQIABgUC +QcNblAAKCRBjVmqq8sYsi62bAKCj/i1ul0W4E/LhTwHiCOtDCYKRwACeKuJ04ThM4+uZw5hK +d3Oc7OmSek+IRgQQEQIABgUCQcNg1wAKCRCh6lMFAcuvpU2HAJ9gSCAlFHkqEA2ug/zHeVxm +HO4c0wCg6/b5XJChDoh9zpao8eDHEUvpG22IRgQQEQIABgUCQcNmjAAKCRC7b5OrpyqIL8eM +AKCHonZdtnQmmgU/87tFZL2oCCsQ6QCcC/IsFPsi5/BN/4otRvCNjVQOlZiIRgQQEQIABgUC +QcN21AAKCRCbNcjgfZv1lX2mAJ0RzfR+y3Pzk7AflisJclbFk8/rlACdHzb/i5rueTJSEyK0 +lHs7ycyAgYCIRgQQEQIABgUCQcOOygAKCRD2244nBEWEteR2AKCFJCNqOPLZEoaEbbBN3NWF +xuPN9ACglblEo/uZJI+wqwOB50EYoCP0zymIRgQQEQIABgUCQcOiuwAKCRBwyu/iMaLcCAjG +AKDoMRyxjO+xgGGgg0sGIolwI1fhIgCdGFfDbwqtAsHt9tsNU5nUCT1bLJGIRgQQEQIABgUC +QcOlAwAKCRBWhHNTS6ROIsVuAKC3HgNzTM7hbo/I0Faa8HWdyaCOnQCfZLSlKEFO+KOTeaXv +hliZ/KCFi+eIRgQQEQIABgUCQcO7KQAKCRBQImbXGUSdGjeBAKCWai1yJ8Vqx4gJoEViB27j +Rf+J4QCeKzaxF/NvxAn+66uDTgjb8bvJkwWIRgQQEQIABgUCQcPXnwAKCRD3SsFAklnOzOW3 +AKDAvyg3uT57Bd1pYmrt1A7QgOqpJgCgtUXyqYdFmOoqTnGTYvvoSwMkVbqIRgQQEQIABgUC +QcPXvAAKCRD1kSBwz2AiNU1TAJ9zavOi2zlxnkVuVEcZeIbnSGXDjACfQJVbWgD1DVNR2rZt +5cfHwsYsykqIRgQQEQIABgUCQcQMnQAKCRDtRPW9D3mZsfH0AJ4rgvA04jdhAetHvpQbMmic +H279tACg608iNgnrMoUwQlr0dElK7IBjtFGIRgQQEQIABgUCQcQNJQAKCRByTzRNulKCej4e +AKC/xFr2ABud4Hkt8yEseWtwDaVg2ACg+JDnazDvT2u2afeE1fCY0ykMxiCIRgQQEQIABgUC +QcQZhAAKCRCdMJI329lLHUXlAJ9lSvIavdWquXFkYgfTtELnjUh9jACg6j+bohoZhYe/lusq +XlLEltxqc/yIRgQQEQIABgUCQcQrSgAKCRAFPIPA62nv8XJDAJ413weAml20tUDIJ0ttGv6U +6TEi6wCfST2M/5e3I9r+thpVgmMGCTTDIuCIRgQQEQIABgUCQcQrYQAKCRAHBBQlOEl8Cfdc +AKCv5yabH5zpNGaKqKgkxWXtYr5jDQCgkNO00OOa/YFNwaXJHaDadi6faPeIRgQQEQIABgUC +QcQxHAAKCRAw78ZFo6VzFIR9AKCybd3WNoJudObZyLUNuUQzjaNSggCffkb59z7CjsUOkf30 ++PPYtipdqOyIRgQQEQIABgUCQcQxeQAKCRALKdcprpSmo0kyAJ9Nmyc6BPOqbtSTj5k8D22N +cGrBkgCgqNVjZwgaEPx5On+DBLuLzW2uBG6IRgQQEQIABgUCQcRF1QAKCRAec/w/dWctTnNo +AJ98vicrzhmtP5nOLI+1KK5g6cvfIgCgw97rLfQ8plDm8QdXx10fJXH/IcmIRgQQEQIABgUC +QcRJmQAKCRASaF8S2WjMzOnAAJ4u6LchvaG0AQTGGyYWqsiqV8SsTwCcCkv7qxixl2wxe/kW +dyBHOC/HspyIRgQQEQIABgUCQcRJmQAKCRASaF8S2WjMzOnAAJ4u6LchvaG0AQTGGyYWqsiq +V8SsTwCcCkv7qxixl2wxe/kWdzBXKD/HspyIRgQQEQIABgUCQcRpcQAKCRAfWQFyTYbDGGmJ +AJ9y34Mg/euBk3rGt0Y9Ul/xcAcGFQCfbUehQoILE6UnU8V0E37HXUDwZiGIRgQQEQIABgUC +QcRvLAAKCRBsARDLx+pqyWcOAJwIMKe6kQSHztB0AbB+FS+nTZUr7wCgstLmUHGjqW3LHtEX +6iYkiex+LF6IRgQQEQIABgUCQcRyLgAKCRC9kjGgsf5Qi4RyAJ9lItok3WsPda7bRArWr7pS +NZHtTACffs1ggY3zxTOCYJetXgrOCFCKy+2IRgQQEQIABgUCQcSA6AAKCRDXsVwyUrsheYDn +AJ0TnDpWdc1TSW65BA+VxAdeNlAM1gCbBzSraftXBG3fFU7AFhLP2yJBJJCIRgQQEQIABgUC +QcSFyQAKCRDI1SeJj6DjfQLYAKD5LvXiKhIrl1Re2OFASQ/l7vU6mwCaA0Sp4bt6obL2vsp3 +qe839JctjF6IRgQQEQIABgUCQcSdawAKCRCS13RsS65QYbqHAJ9J3WIifR3u81koeTGLnESG +Fdw2vwCgiByQ+9HnK4eJhSkT1Lv5tC6NX3qIRgQQEQIABgUCQcS6JAAKCRANpSPU5YW9OF+U +AKDjjb54v5TFtMgagbsB3XQdGvMH+QCeK8iuILaDfp4IZLTOZY1+O8IoMbOIRgQQEQIABgUC +QcasoAAKCRD7LvL0VsXdkJYiAJ9AeBGxeON2B6zoeR88D0cG4sm1uQCg2GFWg6VwvUgzHx90 +2ZWYz8jITq2IRgQQEQIABgUCQcbP3wAKGRDXdtyS76ioF6aOAKCme/Uq6CRK4Dp/A+hp/59j +WnrJwACgsljhgROHerCZvqVlogwmZmbEsFyIRgQQEQIABgUCQcn44QAKCRA8vgFB6XhLfMS0 +AKC+bv77quTHqUIfAw4E5fL9ihdBgwCgkHHWiJQaPwTIUvDVEJRU5xdff9OIRgQQEQIABgUC +Qcn4/gAKCRACpOxNC6q89lJUAJ9MWo7DhL8gQD0SuG0tgG5oCgmeyACgicvwT5aUtsk2FdOI +BPtDES0ucfyIRgQQEQIABgUCQcvnoQAKCRBjzvmIzMOwveGRAKDO/1jrA0dzIfk/cBDD5oqV +0NoirQCgrXb+lwza/RGJz9sUpbDCqhU5EwaIRgQQEQIABgUCQcxKcgAKCRDKnht0vG1kAv5c +AKDI6sm//33IMMzt9fLKIG2QusVRQgCdFm5Y6dSYzGNFGGx5nb3w69LS7o2IRgQQEQIABgUC +Qc8b9wAKCRBgN8/3Dx+PzDPoAJ9bVBl7SHtIxoFj6TC/qbMSqf/7MwCfYYSZ0ADbHWevwcJv +0t5rbwEsNuuIRgQQEQIABgUCQc/ocQAKCRCphKGV5db5haEkAKDdG9dy5yIqNjjjUInp4VSR +VWAEuACg3l7Z9ImBm5a7Tlh6EVWVWvCYdQKIRgQQEQIABgUCQdBaMwAKCRBHtM7MZTj0lc39 +AJ9sp4W7HMCwpGEUtDNAyA2rSVW96ACfeuBUz7Wce5kFq0nSNVrYra5eldeIRgQQEQIABgUC +QdE7TAAKCRCdVY7V1k8gZKfeAJ0RnDcX+sPmp9oD1v1QMB0C2+zXJQCfRxfjqbcOfVWmKyfh +NNqduQWYs9GIRgQQEQIABgUCQdGKkgAKCRCzr8sBClpxW3lIAKC0yMJP78qi/qYD/cr6+Fv4 +V+7ZewCg7vkqOtnQ1iuJLsaMjabHHxCR3Z2IRgQQEQIABgUCQdMtowAKCRCzllwsIpf8X3rD +AJ9dMiC5A9OI9aHjXjMPrKXWFS3jVQCgmv9M/bkS2SHmeTKsCLThVe+X8HCIRgQQEQIABgUC +QdTgsQAKCRCjEpFzMpUAbX25AJ9fVPfmEkvz3bITbAkDh0vlWwuvIgCg/fR11Vn/D9CFMtOs +3TMjX7gJtpiIRgQQEQIABgUCQdbPzwAKCRDHdtyC77i4B6aeAKC2a+Uq+DRa4CpvA/hp/59j +WnrJwACgsljhgROHerCZvqVlogwmZmbEsFyIRgQQEQIABgUCQdbP6QAKCRA1liP6oQ7tWH0e +AKCgu8rsGvT8lL4pwwKR8VrUQ+DdOgCfbUwsvNVn6RHsQLEGKlFV0DFEkjqIRgQQEQIABgUC +QdmY+AAKCRDQvxX1C6YTVT/XAJ9MACdNtnbBoFBY4KArtW1nIBXhygCgvo9BBz7hEQrODcE4 +C3NxNL5LAoWIRgQQEQIABgUCQdqfzgAKCRAimuRzfXVPMl+IAKDXa8SUvNetpjTPteuvsC1n +IXk2RwCgn0sRbvtrAbKY7hpupZiLnqChRJOIRgQQEQIABgUCQdsIVAAKCRAvYT7YQKUZcugv +AJ4l12kT3woNPo3SiOqLySFF8Vrl+QCeM7ZqSkglXlCtnPQ+qfMFil0tsZiIRgQQEQIABgUC +QdseWwAKCRAwGUSWro8ffJfYAKCYW0bQscxoYTgrBtARkUmIeRTY0gCgjHg3EDUac0V1Cc9Y +M2n8soDgiCOIRgQQEQIABgUCQduyogAKCRAPYX6xzWoHy3b5AKCkYmk8O/U45v2JHndXTAPV +UqjIKQCdEZquWZjgPPTsXx8xtrMoOMrBE1KIRgQQEQIABgUCQd1q3AAKCRC4QZXxhT7GUF6M +AJ9X1cQnZGBsX5nJQq5hR4ztugXJMQCg+s+c6VpFM6kGQm2oh4RhPEEm8ZGIRgQQEQIABgUC +QeE1PwAKCRDYogIdMj8ANZ5aAJsGX+ElaRkb7pMwJKyOQiHMhg0szgCdHMFfDGGU2YHqeBqx ++XV1TB8osT2IRgQQEQIABgUCQeOQ7AAKCRAvtV+x/ygR/DkYAJ4+hMmLSGaX8n4tnsYBM3I0 +DQTaCACgkqTX+7/SSl2frG/MRST3wHA4B66IRgQQEQIABgUCQeRggAAKCRAHWlFkCteZYEIm +AKDW/5UhrkgGd82/L8X3KxumCQJzpwCfVhjPnrUXi3LfnC+wvM0qk6gNJi+IRgQQEQIABgUC +QeasXQAKCRDnZ6kqRa/nGzYCAJ4m6PTDBmzBE0l/zL7ecJLconm6eQCeNYePnMkY0GIy4PHK +IlOLGZUra0OIRgQQEQIABgUCQepJBgAKCRBv+KC/4AeL+hEYAKDvgnAZkX956wUJxOunVfND +kc8GQACg3lei+zgsibDfOA2826UuJxsKPgyIRgQQEQIABgUCQezntwAKCRBHXFRP8xuN5Le/ +AJ4wc9v198oCqq43SYiNdJKweL0J3QCg1xk6aOGKPp+21fh0h+TDl+5rdPOIRgQQEQIABgUC +QfAINwAKCRD+XGwHccXRQzyqAKCRMikmEqvo+/PJJB+Y+WP55sroZwCfVUqceGLINX3FXLRT +jNjXIgWxqF+IRgQQEQIABgUCQfUfwAAKCRDKsJF9MoV6BF/mAKCrlEC5/HkzA7CAtmezHiJl +KC5YFgCff32ZdpF5ZMK6Q4rBljuhNHquZReIRgQQEQIABgUCQfWTNwAKCRDryN2F5ImPWbkX +AKD0cXdbRTGOzb3odvYbOptVXKuYwACgy99cCaGKPCkgk5/TsHJzxSOE/EiIRgQQEQIABgUC +QfWTNwAKCRDryN2F5ImPWbkXAKD0cXdbRTGOzb3odvYbOptVXKuYwACgy99cCbGKPCkgk4/D +sGJz1TOE7FiIRgQQEQIABgUCQfWVCwAKCRCweNc7RiOVnlB9AKCQTSUyyn9SvfIDvx4BH03n +7wbEHQCfa8kgKzIPkIIBqOrTHZgptdlz7CWIRgQQEQIABgUCQfW7JQAKCRDij8bWxtiDTuCF +AJ9Gw6Doz8s0Ri0cpPN06+Hs9NEu4gCgzqF90jUCXVMf868qusDTr77CnXmIRgQQEQIABgUC +QfYc2wAKCRA1FgtjC+G6i0NiAKCGHIhoWfJ97Om/UOu+p0DYGyM5xgCg403E3WsIdRS/gnT8 +0CaeEKpVUqSIRgQQEQIABgUCQfhLRQAKCRCRNQxvvFpCXAcRAJwILpcnmRkNtqvS6UrySrIf +i7xOJQCguQq7G8ry6K7BfWdfRjxLodTeENCIRgQQEQIABgUCQfh6EgAKCRCLCG/gUGqRXybV +AJ9T+ecieUvOU9gSoyEoBnFBICFl4wCePGhmDTLInjzC2ffk0ypgaUb7CmGIRgQQEQIABgUC +QfmmpAAKCRBU7IGHdIuCsNf6AKDncp6hDiW6fIqxD3mgqu8zqU3xFgCfT98giXnV5YtVo4OM +chy2c7L2cBuIRgQQEQIABgUCQfuvxwAKCRCB/BYhp9h61435AJ4iPMsTrPmdtJKVSLp3TCM+ +rBCZPACeO2lC0oJeKsMPkm56zu0MYpzMRPqIRgQQEQIABgUCQgdtNAAKCRDURwan/6P8Q8Ek +AKC8k1jGfSJhTaiR7aomO0rpuszhjgCgvEwxdiXsevK5UWN8pAz40yz5fACIRgQQEQIABgUC +Qgd0JgAKCRB3XR9a9N/ytydfAJ9XrsWoMxL0iALCFM98mroqAg9UYgCeJEKyyHuZsIUpXSKi +ZWTpIZsbeM2IRgQQEQIABgUCQhNDlgAKCRBm8NCqnWDHoBxHAJ9oRfdun3GYd7KfK8ryOlvW +zcE/+QCgmJQihteFo9sxi9trxxJ2yR0LHyiIRgQQEQIABgUCQhaLFAAKCRDE0/1+bEx05On4 +AKCHrl6YLSeUqHQcHI4FuGsR0q36IwCg/ADkOFWQczyBkr0RVk70zSNVDJ6IRgQQEQIABgUC +QhjV1wAKCRDA7OK1IB1+RclAAJ9wTuEnhoW6Zs6W/GtLsW17RYl8TACgjTIO9TudhTuidDVi +sMRRCQf5FTaIRgQQEQIABgUCQiLaSgAKCRB9DflY18fqxzBlAKCqhy7YMZgY8fepOLnhA8ap +NwvW4gCggwKnKYbBrQocBS8Ao4iHCVyzKECIRgQQEQIABgUCQiLaSgAKCRB9DflY18fqxzBl +AKCqhy7YMZgY8fepOLnhA8apNwvW4gCggwKnKYbBrQocBS8Ao4iXGUyjKECIRgQQEQIABgUC +QimURgAKCRCB/BYhp9h613PjAKCP8pkMgkjudCH0Cy3q0x9po8jeKACfeMjDTiyN7IBMdJHW +nX2QRmxfxcOIRgQQEQIABgUCQimxWgAKCRBfCOPbdwA8qsA7AKChBcuUhTgf8aUdNirOn1Fs +y6PRgACfXQoEZ6j87j60Euh1M3fQkFLWRsyIRgQQEQIABgUCQin17QAKCRCEfy/QEbJsE1vM +AJ90oyy3HfA4BcbBYdPejpivXoqEtwCgu83dutVL34mtw6esfJY3tF6e1cGIRgQQEQIABgUC +Qis0rAAKCRBem9yOO30QAb6yAJ9HwwRHJ/QY3x/jAPBtNusAJxh9hgCgoLtxDFti+zWN/11H +uMEHsJidACSIRgQQEQIABgUCQiud6wAKCRBj+tcg9C+K4YtUAJ4hdMfGC0vTkA07pvtyEE43 +WOTP/QCgo3WWL6fqI4o6XBawAb8LILR6aYKIRgQQEQIABgUCQi/piwAKCRBQFiHNL3VmCOeE +AKDrGtGod3sBVPNuKvX+J15EJ3ZQBACgyUUHn5WkgUl6Jdd02xfTPRVoXHCIRgQQEQIABgUC +QjH7cwAKCRCeLIfFiXOi/fIaAJ9m4KAkTtGlZFt0xxJCy5ZyJAF4wACdHou7yaJ/EzRNcHPx +zdp6lA3qO0yIRgQQEQIABgUCQjKkbQAKCRA1I5NqhdKyx4fuAKChTrwtqAUKlKmsExKvXHOW +wBoo5ACcDdrmv2eCFfbJU8W583IGruGrhtGIRgQQEQIABgUCQjQk0QAKCRAhEXpzaG1GLC5M +AJ4+aTfuBtkJIaeSz/PyWlEpsAEEpwCePgL5R/jaFPINbOkP6JKTJpYwBNaIRgQQEQIABgUC +QjRQtgAKCRCrk7aYzA/mhnrFAKCBVeepNIo3/zkeQcj8LyMa/hkiIgCgrV26ZXskn+yYGPLE +IKgOx1+PvPeIRgQQEQIABgUCQjY0dgAKCRBjtQEF/2A25atwAJ4hCd/bXJLylKQWnxeS7vQf +BvUdBQCeKAaVJ23L/I6zbjrNY3Y1skTEoXqIRgQQEQIABgUCQjY0dgAKCRBjtQEF/2A25atw +AJ4hCd/bXJLylKQWnxeS7vQfBvUdBQCeKAaVJ23L/I6zbjrNY3Y1skTEsXqIRgQQEQIABgUC +QjbFcgAKCRD+bVSXLIdmJRE0AKCJXA8QbBO8/wvt9J8hXCGrHzqhxQCfVU2Il+F0Rv0cyAfd +QseO6Qavc8GIRgQQEQIABgUCQjdaegAKCRCnm9bitQWPmuakAKCZqiYEjR0jmguSHUZ+V8Jl +AZhiBwCeJ2FYlgJ77GcvA+nN7J92wVdzr8eIRgQQEQIABgUCQjlL/AAKCRCgy9JH8J0H4gmM +AJ9tMoAuvGtgPEoY3xrYAZvZgOk/oACgi8hKVLwk9sMashp6tqyrslOurj2IRgQQEQIABgUC +QjlyIAAKCRAplZZ4CbXOf3pCAJ9r+kVl4ic8XfgElPCHp0LkqrG94ACfX9oHlgwmojhM5Kx+ +z1vTflxxQLKIRgQQEQIABgUCQjnZCgAKCRBf3oLyTYuFT2hHAKDIWrwiMsRUTFoPrrP5iFfE +HQrxxwCg8IZMidGjyAd2OtOo6LNARUHl0JKIRgQQEQIABgUCQj60oQAKCRA/JGw3dhLsF5nP +AKCxLEwkkrRTIno0yS+n5Uknw4m3yACfYdk/LhqbUJZtsWLj4UCBdTPBJOyIRgQQEQIABgUC +Qj/tngAKCRAwGQ6MHyjYrjzoAJ9Eun+xhs5APdTpL65udwSxhmJ1wQCggypoAF/obl27IwEW +EBxtxnyt01OIRgQQEQIABgUCQkCMQAAKCRDQTCX+4OCWAUQDAKD2VN6hXfUiyU2F78e3/AMs ++0IqhwCdHbcMjEago1hxt1QuWOv83B4xvBGIRgQQEQIABgUCQkCQtQAKCRAMNcYEnQp5YGBz +AKDj6KciFcG8brxgDcid4tFXFkoZ6ACdHS956gY7y0w6SMEC6SOlxR6I4MWIRgQQEQIABgUC +QkPnEgAKCRAR5APyddkthV/nAJ9oefPj2Y9Et/I0yM8M+uuUfJQbGwCfRxlMrVa6sCZtnUAP +OZZxpWtNmvaIRgQQEQIABgUCQkQIJgAKCRBsj1GUHA9+vcVkAKD+ZwFP4mnz93S3cTHPDzQr +j42WpQCg+F6di/yZv0vpzl9gyeqTeMwVD86IRgQQEQIABgUCQkcb7wAKCRDOMFMlmIlLd410 +AJwKwduP6D8N6KERKMqzyMoOL0gUfQCg8MPWQGDFKephfeupwuNMxu5URLKIRgQQEQIABgUC +QkkgDQAKCRCgI8u2efhs72R2AKCGK4Mx+uleROtveHbb8OWV3sxnhACfbElAw9YaHvOigIgK +MykmKuImFemIRgQQEQIABgUCQkpIOQAKCRBGnavRkgaPM9pCAKCMIrd8P6EZ6kL+SxWDMFzk +fHf++QCgj2CScM9B5JUzGwXfI7zwvxvuXkqIRgQQEQIABgUCQkrYrwAKCRDI1obxX3CRuq3e +AKCSbKERKlYI41nWWjonl7r4bOm8SgCfSWHWbKtzuX1hGqPG2kUGklTLKweIRgQQEQIABgUC +QkroBgAKCRBvRfjqQjUraEOXAJ0QLCiuhCImGY/Q+1Aknn+WE6ZAygCfbfDNbgdgE1GK19pt +em9fsnfmR52IRgQQEQIABgUCQkroBgAKCRBvRfjqQjUraEOXAJ0QLCiuhCImGY/Q+1Aknn+W +E6ZAygCfbfDNbgdgE1GK19ptem9fsnf2R42IRgQQEQIABgUCQkuwnAAKCRBl+NXtJr5zhfSX +AJ4i1OeymxJxOgiau+YUxlHco/XMuACdH2KEN/JgRHSuuXUr2XTz5YAkPBCIRgQQEQIABgUC +QkzcRgAKCRBhZdlrpuzRUKkKAJ4vBNFW1716hLUwJ5HaglbjzzTqZgCg1wYvH11bRiwJklQ4 +XpQsPEYwEo2IRgQQEQIABgUCQkz9UAAKCRDovtBEZxlR3gxJAKDHaTHRHDIyNrKlxUxAYHxy +OyaEggCglKIH85X6Tyz2+U8OGmHO6ZOMldmIRgQQEQIABgUCQk9TMAAKCRD8uGtRYbpGq4J7 +AKC7elqvwznP0B0ZAeo0LgH6ikknLgCbBI3JJArErzfnNyti5botCk9Q8LeIRgQQEQIABgUC +Qk9URwAKCRC/yU7F02d6WQ+iAJsG49f2DLeR1Q4Fd8jklyjXKBVxXgCg4m4oNYkt2bDGw2Cy +074KIGnFIPiIRgQQEQIABgUCQlAx3QAKCRBIG6A2wAGux3EjAKDp3Uc/Q/4jOpmZ94C0db/p +PvavQQCg6LK6lTiG8rtBZxL4EhQyKxLEZgGIRgQQEQIABgUCQlLqjwAKCRAIzlcYamQZ2amk +AKCuTVNQ2RqGDkzR2AIgd68s/nBU9ACgwQa8eCn+5mgQfKhIxkpgJ9wg0J6IRgQQEQIABgUC +QlRl4AAKCRCDDbbOAEj6+6stAJ4zvuNR/nXC8b0rkOsY8fcBiWguKgCfbymBstyn4aZ2GhHD +JxGaoD5tEkGIRgQQEQIABgUCQlXA5AAKCRCM1WSaL0jiyNZsAJ423lt4rl7zRYLwpttMlqD0 +00P5CgCdFCVfL8F7Wcu83Rg+9Mf+jjLaZSaIRgQQEQIABgUCQlZ1cAAKCRC5OxSrAXfJFpj4 +AJkBpcHiMZKrS/iMSkGiqEMJiI2tLgCfdypjhqLQSDLCbquzzxe/sRGxcOGIRgQQEQIABgUC +Qlu9EwAKCRCElkioEy6zwurwAJ47YZo+NzHWruHp2Tvjgx1IYqRXowCfW7JqJp9D6hHWeQpH +T4KBtr1Q/A6IRgQQEQIABgUCQl0FLAAKCRCTI/CKdbrJ7gg+AJ9Hwd4wkwuz/czXCAmuXNjC +2ykJbgCfVF5zHAO2Kzzx6z1s1iCRNTaOEaCIRgQQEQIABgUCQmADwgAKCRBbFdfKAcPYejdc +AKDWMmkjVQrc9qDqq1on/ktGhRWJtgCeIDX1T/BYqRUR/vVbIMobj7PBFK2IRgQQEQIABgUC +QmIqgwAKCRCfDGtWHxHQrFtGAJ9nxXGIiYECpmgtf2p3Db7y/nhGrwCZAf3dD5Eq5uvQ7xCZ +5kFUVZodLAWIRgQQEQIABgUCQmPzFQAKCRCXckLKon3MbQR6AJ0QKOT3gborfyBC/SKsp+3t +UHS45gCgmZHBvy+Cgszju2He0FlfaMXUM0WIRgQQEQIABgUCQmSjVwAKCRCwr9zNNwuUs/th +AKCATrTNQrOdwpSDUxjeqsWjWC8WBQCcCvrLjQ+uZuI0w1wYEekKX8CosvGIRgQQEQIABgUC +QmUoEwAKCRCu+b0TCL+gxhbzAJkBPWgiYoXhOTq3ZZYr9k+njty8YQCcDoehlG6yGaLIUzYq +/6U6TJJVAJaIRgQQEQIABgUCQmUoVwAKCRBRnSOsjepCL+teAJ0apwox6lk/uI5eqVQUcJfY +zgIW5gCdFPsjr/gReO+iDmBJGs7QnfmgKYOIRgQQEQIABgUCQmXBAwAKCRDDIeGDOHzZb3y0 +AKDScQS8MjGHjVF9Mhj6kj1RaRIgQwCffxjEGFZZrbiABQwWqFd9A/ZNTG+IRgQQEQIABgUC +QmfxRwAKCRB3bhTC3F5Xs0J0AKDdwghn8e/Q598fnJBQFVJbPNekpwCgrW8J8JQzQ/nIZE8R +s0o2eiwOzz+IRgQQEQIABgUCQmf8xgAKCRBHjracWHaPzZi2AJsGQ7zXx+3rt8o45XjX/jyL +CcMvHgCfThOYRdBab5nutcbUIKIAHpVZ0DmIRgQQEQIABgUCQmgdqQAKCRAzNBa/fbsofK1H +AJ0YFybnR97z9GRYFVIuVtX955HN1ACg4jc1Nw87fQLSmLihw7hVddo6uzqIRgQQEQIABgUC +QmgdvgAKCRDfjVUNXRMwuka0AKCa5Hug4oR+sIYYP7l0VcSQud87ywCfeXBIX0RNgdxJX4SL +iZp5j6NJ/riIRgQQEQIABgUCQmpAsQAKCRBzWy4La9wTCuLOAJ9O1tsQDIZiVBLQDYauPoL2 +gsiv5wCeOjKwADKMoGqsC/o2sxV+bECEsKKIRgQQEQIABgUCQm0n6wAKCRCTtSwVdXeE3T3c +AKDOXw1b+jKYJVk6VJ2viBV5Y6FNmQCgnmGyXR0Noa+l25QXHAFXAfAcY2OIRgQQEQIABgUC +QnGsJwAKCRCuiV96Laqcwa5VAJ4131K4krjm1KF5I54iziQ0WjqSsgCfVuZqGTN12x2zTo+o +sXBCgFvfEbGIRgQQEQIABgUCQnhBvQAKCRDp+WIhn1wYJLa9AJ9nm43pDfEg43I46DWOKRfD +RgldUACfWDgN8nrAlfk0nGcUFVNCXGsaz0mIRgQQEQIABgUCQnhDKwAKCRBqa/xmzzO0w7K5 +AJ91/HR/p00e7QaY1Qqxg96F0D8YTACfW1nEfyerK+V+VvnXMsuh6KP0DESIRgQQEQIABgUC +QnuPIAAKCRADAM+d0qftMfqDAJoD9ZkHrfjJLZghvIJllCKmOudkuACglW86wVwI560mFN0H +uCJSAWexvpmIRgQQEQIABgUCQnuU8gAKCRB9N5bqMM3Q8DG5AJ47UYc1+MSXtzZ8q+c6QbCc +3ZPdWwCghN6C9cpYwLr8Rl1NvabISBTu0FqIRgQQEQIABgUCQnwAhQAKCRArEAOI1uBhOT+X +AJ9eTqclyLPx4COoLJvjp+HQByN62ACfVnx7TDs3ot2rNUQ01J6gAeHCLoyIRgQQEQIABgUC +QnzXHAAKCRCd7vArwkeqPg4cAJ45+gHNvglb8js5QMnNzEU569IYYgCeKgWucw7xRWhZyM5Z +Z67khuijIXyIRgQQEQIABgUCQn0DrwAKCRCx3P2KyT36TkfqAKCHbGh3DG86NP1r8bECrvxM +fdJ/FQCdFM4jz9IYFCeDXXcN/2zGu6kRkfWIRgQQEQIABgUCQn9DGgAKCRBPe2o4g+R/AGXf +AKCRftJQEzMxJbWeS0H72YGqsErYVQCglZ20gArdL+zQS/VmoI0Xrdvvrr+IRgQQEQIABgUC +QoCqtAAKCRDtMCOTrz0lz02CAJ9MrbUcmC7umv132jDdcl9ABLNaxwCffE9AFWNZ8H6QmnDD +ergKZY9wI3GIRgQQEQIABgUCQoVOjAAKCRBvS6dZ3gu9SwkXAJ9L5+SoNu4YBohsIRz6eur8 +heqg0ACgqxkK2P2vcndIDvCO6KwtdoaL79OIRgQQEQIABgUCQoWr2gAKCRC4F1QwuEBiFSgl +AJ9eyZY/5BSHir/fqMO6X7hDbHUnpACfdsgB053AKhvI4yev1D2Q+sRNMkGIRgQQEQIABgUC +QofV6wAKCRBYHUP92MGlZFtWAKCgmieb1NO90KTgkHqn5ZweDhSVhwCgs4JmFWNkc42ZFImO +L/FKrK53+X2IRgQQEQIABgUCQofWbQAKCRADIasbt7miy4AvAJ45nVx6ecBZNqvAc55r3+pS +NW57MQCg1kPLUSMd3c7QKXiDXEKg239Hr3SIRgQQEQIABgUCQoijmQAKCRChy1RK9VkH5KkN +AJ9JrttvsYouWMVDwNWOSva1uzmbmwCfUOGn4ZUG6mJmRHtLVJPM++uc7/WIRgQQEQIABgUC +Qo3NCAAKCRCPPla7F/YuJrJrAKCmSSj556x5orZfTpiYjolXsDJWNACfUNqUc7UtYU6prYjb +NuZi2gl5nGKIRgQQEQIABgUCQpHX8AAKCRDUyuMeT6MofEiqAKDPyexgtgODD8lJcZyah+zo +aC6BjQCcDFWnvXnMNUie8Lfy6QnapY1vt+6IRgQQEQIABgUCQpI0nQAKCRBFPfeWV5VTAC3X +AJ9pm93it5DxW9Kq9V3ClTIdmwVVQwCeNDWSuW/xDnwZZt1FTlW9S4y2KOuIRgQQEQIABgUC +QpI0wAAKCRDZoEHC4W+980tXAKDUiolpFzaKJ4/08wb/gWcYLcnScgCgxs5EvhkjyS1ZAk1M +CG01EIz9ps+IRgQQEQIABgUCQpNVugAKCRAbnYrhl+P97fAoAKDJS7qc8HKEJqByJwihBp7p +KbeSDACgmEvOftz0bS43AG0dC7pXuD9GLm+IRgQQEQIABgUCQpNcfwAKCRA5anx9jO6APdyO +AJ9MNzJgOnjeDELMF43fiT6x4XqYiwCg+LukphYFLIB8dNdNR63rTluJZSmIRgQQEQIABgUC +QpNi5AAKCRCREE/fixCYSkM/AJ4oMgNWqtze8pOMKmj/W21VsnPLUQCeO/dYy1BlfEjJSInn +H3aaSpKK2uaIRgQQEQIABgUCQpSsPAAKCRAb6+D1LasCN8TOAJ9EsdT1WgGCK/YrJV5UKXOM +FJHzDwCg3gcqes9sLCevcXno2QT44qlKVrSIRgQQEQIABgUCQpTO0wAKCRC6VL4BcOJtEgX8 +AJ9sQ7Xs/WABsJnMBQXlWhatlPsbOgCeNqYalVfZEZLsssweTjIO+Ajo9W6IRgQQEQIABgUC +Qph3rQAKCRBNtucbgGGoMJ0YAJwJk4+frIlDioBWOCbkCwFLR2DKAQCeKpfSmCDf0YmIdrhj +GMx9Rlv7Ou+IRgQQEQIABgUCQppIkgAKCRBOCAka60RB9JI8AJ9GUWuH7bvBOT++TcJ4aZOY +YEEebQCg2Js4VNjUXvLhuudi0uxsix7nyLqIRgQQEQIABgUCQp9/FAAKCRCdUkf9xxKUjgBt +AJsHST/2w0Jupy+VYksYATF9OMe9lQCfSClKFg+Ex/ZBFlqX67PS/j2ZdY2IRgQQEQIABgUC +Qql8EAAKCRBJxL+ioKLmgmsfAJ98cHB1NeaFxWNHvVLvreRwVbcp0QCg295BlZvb5Sgm+7Yl +ZLCDLhw8c76IRgQQEQIABgUCQq+e3wAKCRD5J26WjsrsG9OpAJ9MhDhKEY1JEcOGpaCAYkHl +exIV/gCfWdukY9N3C8qmYW1YE3ztkGKXB9SIRgQQEQIABgUCQrP/fAAKCRAMAL29j4wIAwAZ +AKCjFTFRrkWw49Z/SnMNLziCuoDwSQCguSodv9XdSDCAMS8A4yZlETHco1WIRgQQEQIABgUC +QrcyUwAKCRDpwyP0Mo0VUuZTAJ90umqnt2wHuniWCnqiK969yIro/gCePX2YYW05lXQBih7z +7biv3Lkc646IRgQQEQIABgUCQrqRpwAKCRCU1q5MDnEli7UkAKCCrh7DmFq7EQBv++yZXgf3 +cbIItwCcDctt5tOQHRCWnvH97Bfo2fGRQMGIRgQQEQIABgUCQrs/BwAKCRBotxO+timqFz9C +AKD3btgytpopqFgT4JwZ1suwNAur0ACgnZyjHtQezQGDA04PdsYGRU9ULpaIRgQQEQIABgUC +QrxUNAAKCRDZcCw7rtnpQEPKAKCOzk60JssW0sJVNqLhPXbstakS4QCgwdyriUgq/8jV+NtX +upfws7fPDiCIRgQQEQIABgUCQsFMVAAKCRAYcMGzNZUgm8CLAJ9Bwh+qC76GWR7lB0yozJ8O +kpyP0wCfcfpCXjUZX04YnGrAHwpnGBWIHNyIRgQQEQIABgUCQsHZCAAKCRAh9cJl7GNUWst2 +AJ9C6LbCxl5No9O6T8IXEeNdyGIUCgCfVVmEKnJQRMb+jcm22MZa5LgRhYSIRgQQEQIABgUC +QsgjFwAKCRBpCnQ6XgPXFuoIAJ9ZFoiV/+m2OnPRnOGXY9uyAQhYuACcDNgqWzEfCGpTyvKE +lOXruVoQFgqIRgQQEQIABgUCQs70sQAKCRBUhfD4MkqqBEUhAJ9i7nXaRGtskQh+s0/FRyaV +fJB6nwCfeePTLVS8cIlMln5NaKzjZinWlb2IRgQQEQIABgUCQthGBwAKCRBIz925KhvvWA51 +AJoDzD4/ZpjUr5zk5d8w4BAmJk00sgCgo6XeG5MGuNWrb1+EUg7gZQaz+w+IRgQQEQIABgUC +QuJX0AAKCRC+CkwBszyItOTyAJ9k70mvYWKfkVubKV7Ul86BW2OY6gCeIpzcymAmHXfOna2H +o7uH+oxCZySIRgQQEQIABgUCQuJgRgAKCRAB2CJqL32xb475AJ90IIRJ1nyXyQNQK2NV/JVw +ei6MSwCfUBhnhfPPOnbU8tJBrsPgXNCm7P6IRgQQEQIABgUCQuO6xAAKCRBokG6Xj/9XPrCv +AKDNqWJn2gWfnWr8KLM9cV5VIskq9wCdHUy25oPqQh1CoxNYLQwxJLNJszmIRgQQEQIABgUC +QuljzgAKCRCoZ20agSjuIIDbAJ9olFEzHqpkiTLLvHphXjdyVQoLDwCeK6WNKfIjpQ0o+z1R +u7czh/SC9nmIRgQQEQIABgUCQu62BQAKCRCEb0OR3M04VK+sAJ47pmObfet+Eg7R40EZSAAc +SY/N9ACeKDZB09lLSzt6VLvGSI03ejrSvRmIRgQQEQIABgUCQu9U0AAKCRAFGbBfl/g3FthC +AJ4tfBEqFLB8HDRInFdEi2FYsy8ExgCgrfdOpo5lMs735yHOW71XclqpDwyIRgQQEQIABgUC +Qu+Q3QAKCRDcvhj/oDVTvPukAJ9GdDTfjw7NhMj3waIjj7UliuX3XACcDEuI0G8QkVS9fOuy +VMHySuZSTc+IRgQQEQIABgUCQvfg/QAKCRBHAqAFS7j7S2EPAKDhiR4haF+blyoP90q48tvG +KoRU3ACeICvEj9XxAotIb/hvcXSQSsuhcwmIRgQQEQIABgUCQvgLBwAKCRBtmIp7jneQjjPO +AKCD4AWGPY6oIenucw6BJGeQFag3oQCfRBtASM9V4pgw/F/VS4FsB/V04VOIRgQQEQIABgUC +QwHEuQAKCRAuNn4aCSlnrZEjAJ4uSjdRDMX7tQ/dzBxF1RG8hjFn1QCfe+z+SdoveuYcWe5o +P7Adc4LR/x2IRgQQEQIABgUCQxbyfwAKCRD5ELGy6C5DvDe0AKC4fKfs6rBi0nZpAbqt4DG9 +SVB62ACghAGzcgrmzVGBgVFjOKnVxK0RuFWIRgQQEQIABgUCQyCpdAAKCRDKdAABl6fFbeji +AKDAYEHeO6Brnx/H+a5OE5JSawtqegCeNi+UxQtBiqa7nDSF8i1+mII/fvuIRgQQEQIABgUC +QyIL8wAKCRA2qOTREDpJNEdEAKDZB3/ZhU4yAmJrCqZQVIL1ldq9mgCgy2x9U3WkWzegpZP3 +mFU8xtOVoM2IRgQQEQIABgUCQzAcegAKCRBXe7drKXCUNRhNAKC4HX6MqSLAbZz+IyWjT0t9 +ev4DwwCfbjY/a2nwNXW+zLdtR9wgDkUs/VeIRgQQEQIABgUCQzA3ZAAKCRD3bnQdxt//cjeI +AJ45fNZRtgSt9MKwx3pvpisF1VVhBQCeIDhXlCYtieOJVZrxvwI0JVCi0riIRgQQEQIABgUC +QzbpMAAKCRCwQlverOt0PPMOAKCHvtg6HDOgMB1UTByjQAwrxrqrWQCglenoP4q3IP3eHGmn +7znuTcHf6YKIRgQQEQIABgUCQ0bNnQAKCRBDXBkuZ93EaD9IAJ4uCf4P39p0VgSHFZ2ouDBh +1gGM+gCfQf8ok4VtuFNg2mY83jWmHa4yuIaIRgQQEQIABgUCQ0thRQAKCRBSPJ0wVNHTRjww +AJ9cZyveWefhBhedH3rPBpc1X5T8WACgrVp9GCg4MFdLw5rEJdVSuC2jBWiIRgQQEQIABgUC +Q067RwAKCRDItoB71rHBMNJKAJ9yiLKUpXC+eEXIAobzziZC4RXV1QCgmj63Of/iQpd1mBJp +sgv1DkqWK5SIRgQQEQIABgUCQ08frAAKCRBQr05y4IQgINsCAKCRh9UeveVYfR62tyjTwnbr +yTZswgCdH+MEUTDjaTgWRJIAilyByyYpC8GIRgQQEQIABgUCQ08hWAAKCRBeS8yAO0wYNAD/ +AKD/OnHXaOW8liMHrDAOU4ml2G2mogCfQyOx64S9QCrVfsZhPH4GRFgtBPmIRgQQEQIABgUC +Q08hywAKCRDIN7cClvhC3yALAJ0aVlCpJXT3yd0SdZYstIuTOLxNIACgkxlBT6aSjh0iWxzB +Br6VHU3du1OIRgQQEQIABgUCQ1BnZAAKCRD7FcuT2ltdiPVFAJ9HrncPFkfboVvwZgc+WY/6 +C9anCgCePzhl/ImcmULN3afjLFTMM4TTV6CIRgQQEQIABgUCQ1DbgQAKCRC1H/dqjQ5W91zT +AKCYoA9/f+nkAIsRXUwwvjaNuR+bvgCgxl+87gT4kW6rdsjdtoi1hXy3JuSIRgQQEQIABgUC +Q2OE2AAKCRAMRBWgEZhIvWtkAKCjeofytsVxsm2s2BGSHfecmFpelQCfa4HUh9+dQPdsaXJL ++KX4wr3A2BOIRgQQEQIABgUCQ3NjzQAKCRCRvEYWgVQGKbMlAJsHxVI38Em/8Rbeo5oUyZna +DvBCawCfVU4K29QplUNpfixjqjRUTN93f1OIRgQQEQIABgUCQ3OcKQAKCRAkoBQYrBW1DL2p +AJ0UDDtPC8ScKaSGJe7KhluHSmeTQwCbBKhHsvFYOFJW7JMvGY0+mPD/e52IRgQQEQIABgUC +Q3PO7AAKCRDGfUDly1bIhxRtAJ0YALma0FGSEJ3tV89b24JWPGuS+gCeJvGm7rJsZi/jJXZP +1xlKtSOXxiKIRgQQEQIABgUCQ4xuggAKCRCJsGx63bqXCfIwAJ9lMf97WO050HmrjIL8t627 +ome++gCfY5WBX8HAemLsleuGDO3VgnLTDcWIRgQQEQIABgUCQ45RNgAKCRDC0PyNXzlAEQW3 +AJ0c6dm0D0k8jLoFia2vnToBbGrD9ACeK7O/SwZN3figvMkGW5+HTHWD1zGIRgQQEQIABgUC +Q47xmAAKCRC7HZDmt9wpRtiPAJ9nOpRAk4VuQqaV+Ua0vrPLJDHsfgCg2l9QM0VJxQCXr59t +O7kB55VJPn6IRgQQEQIABgUCQ49ibQAKCRCqhfmyJtU1IDgBAJ4u53D/K+hDgF/6kLyrAJCI +QufzoACdEI6aht3lXFbGs0txgAdxbkF9oBGIRgQQEQIABgUCQ4+PwQAKCRA1UIWTs+pP7QjW +AJ0bzfGBDRoUYW5M0s5K9r/RtZrWXQCgs2euIGQag87v9wI/ksRbU41LW1uIRgQQEQIABgUC +Q5PZOAAKCRA1UIWTs+pP7SF3AJ9FCsJ7t0n1b4p8ClT9w52brhecIwCaAnfhWCfuHx1M4VFO +KZRDYRsEU4OIRgQQEQIABgUCQ5R1SgAKCRACD7lvk4TDyZQaAJ4hhFsKdniGL9m/I488sp8Z +2+aEMQCfdMd2upYvxXuUUrrpkgTCJqbVIG2IRgQQEQIABgUCQ5UjdgAKCRBOwXQL6NTFeiyZ +AJ98amL4MAC6/UNVjGjt1HVAaE3mJACeLvyGxyilbXL6eiAo9PXEwnEZbCmIRgQQEQIABgUC +Q5VjKgAKCRAIo+eJ8fdlUT0fAJ92UmO1tYYVdT2DLDYzC0Y05y/RRwCgkLx7TIEN3qAuLmkV +kvJh4vDEQaeIRgQQEQIABgUCQ5W92wAKCRA5LzR/xyfWw8uCAJ9fyNId3dqI8huri36feebb +W4S22wCePvDPoRxMu1M+qjnJvb4RQveZ1cKIRgQQEQIABgUCQ5X3gAAKCRCiwhcN0n5wm5WY +AJ4onPv31OndSgz4uMCoqjdKLITQogCfWOBCNseCrZpE5c2EifhFGN6FqDqIRgQQEQIABgUC +Q5bkXQAKCRDZfQYaJbutn7phAKDU1DRk3t3Nf2WB/TXM6nYHc6v5fACghp3M9hGo16Fr6Ci4 +RbolafQy3a+IRgQQEQIABgUCQ5mkQgAKCRDjKHuwykk87M26AJ9MTruZ86P2uITFJiP8iDwA +VWnELACgsPVcOqCVcfz50rX6F9p40N2TcTCIRgQQEQIABgUCQ5sx6wAKCRC1Xz9diSHc7wx2 +AJ9myOe1sb7JBVRRm//1kznehsKemACdFv8YvbuX9pSJSe+9sUr+jjEkcqOIRgQQEQIABgUC +Q51LEgAKCRDGn/dR2avjXqjCAKD7hiE7aBX7VuGdz/k0F2sjkNwh6wCfSLQLXq9LLq3fRcoS +oc/gjbYb62OIRgQQEQIABgUCQ56RAAAKCRDpGIgGVCUXxTuAAKDFECQK+nYQtf/pefnyfVGv +HJBP/QCg549dSIQC/VC73jp4w7gvWc8l1puIRgQQEQIABgUCQ6vXHAAKCRCN8mIGXZmTUJ0h +AJ9tPJD/2W/1nj4PWttWB9AwPX6OfQCfVRTWx1IlSk44MKW/OZbiISmtoCGIRgQQEQIABgUC +Q7NUIwAKCRAXcDq53xXIewmXAJ9mQFCZgdBx+59JPlIhW56mZrSvuwCfRfgayLJbrwSB0Yz3 +aRYWCMjOptyIRgQQEQIABgUCQ7STUgAKCRB6fSZd6vxN9/YZAJ95+BDfbS8f5C0xequYisDa +EPjtggCgxygbWsAZzZJJsGuzQa+1vzKssjWIRgQQEQIABgUCQ7VB6AAKCRCjAqTXLbZhkjh0 +AJoCYXwr+9itpdYbnpebnfTcrCNSuQCgiLYnNXEbcvAHYADlm43QRaYqrguIRgQQEQIABgUC +Q7mB9AAKCRBx8AOAw2JTTz8bAJoDUoSbZVfjJYHvNQr2+m+Yv9icVgCeN3lHdnAHq5nmCJ8x +oj9cPul0QHWIRgQQEQIABgUCQ8H+yAAKCRDR6+l4JZbqVumeAKD+YYwv/RHk41Le4d0BI6s5 +dopkUQCfWjlisph99LlkmBJMZ8I22gzvusWIRgQQEQIABgUCQ8PvjgAKCRD8sLtcXx+/cFiM +AJ9izAjcrbhhFi140MRYZ5nN4UeAPwCgpcE110jp8ZHHqy/IHOnxFZBoAOSIRgQQEQIABgUC +Q8T8NAAKCRBUf4M5GRds7XkXAJ9VrJ2zfQleDH3HSz5YjOgEM0B1HwCeMvlIJEVd2WCJzDkz +Q749j2Mz24SIRgQQEQIABgUCQ8YFgwAKCRCNUaKd8UWPQwQ3AJ99U52r+yfgLKJVkwnwpNlq +D5fwYwCfQ08orXjTdqvrpNcWBwMSEgWOS2mIRgQQEQIABgUCQ8lq7QAKCRBgM/2VgT6z66OQ +AKCMUCfPOymzz3tvAv7QxS6tnqt2cgCfeqJrF6Gt3SHjTBzK2BTCHiRff7KIRgQQEQIABgUC +Q8v1tAAKCRANT3+lTq+SZUKdAJ9Z9/3wpkCoW+U1u+xyhudg2jq68wCdGonNw4K9RGi8UXP2 +amN95wTln/SIRgQQEQIABgUCQ81b2gAKCRCKmGzIoF+Q+Q0mAKClEC2MipZinCtDvCAyo3pC +fXKQlwCeIspvOdpz0/HiaJUjNneW2+/qiBiIRgQQEQIABgUCQ83ytgAKCRBVWTT7XOmO5NTl +AKCz1zEbtp+kaAnmOyHaldaQyGWkEQCggpu0lTIVsWZ7xye6yNUMjPjhBBmIRgQQEQIABgUC +Q83zKgAKCRA4v3z+HezK0cyqAJ95OTy97kKfZumB6W8HASH9xjnr5gCfTVeHszjQCTiFvahn +MxMw/ZSdyW6IRgQQEQIABgUCQ8+oMgAKCRDqDcl5UDDaAk+LAJ0QRWHssEO+6S1Drc50UQyy +rc/2WQCgpD6JjL8Kq+D3WGW1nVQXvIAZl3+IRgQQEQIABgUCQ9S+XQAKCRBdfitf+Y8rEk5n +AKCTTkSLvNzvt9ulAgZZZa3wEQKxmACeLnhkswVHej+yzG21XvvPR8z1x5aIRgQQEQIABgUC +Q9Vd2AAKCRDgjL5qvlLpU9kEAJ9bSDsbyo2RrwFqUo/ImBmYlV5JwgCeKipLDpN4K9stdmDp +bxUfxeMKHSKIRgQQEQIABgUCQ9VfNwAKCRDcAGAM4mufD/9QAJ4oPKlFJikr/2tSHk8oa0Ea +ax9N4gCgnb4Op4BBA4QDECcbme6Lo/nQ55uIRgQQEQIABgUCQ9dgQwAKCRDNRtTJTiTSewsS +AKDD4VilpasBT1yMyfIMWXqDVu1B1ACgpzJLMeFG/88FYfsfAUJL6MXNAuKIRgQQEQIABgUC +Q9egsQAKCRA7o6uFVWclQfX0AJ4vAP1FoLKvYedEeVxkl2jgOkTVBACgvHFw/Sima9Pzhv+4 +XHjPC8wgCgaIRgQQEQIABgUCQ9+5qgAKCRAyhvh6Su1Z65UyAJ9j2Nv8n1LTDM+XuJ3Iw8N3 +cpVKgACeJhFWcrKsgWSyj7TaQVmh0HjioRiIRgQQEQIABgUCQ+C/kAAKCRAbj+tYpmZVaQye +AJ4zLwsWV6Iv46MgGd3q5MdHtvLfnwCdHKDQB43+ZZdeIsOJOFM8efy3LOmIRgQQEQIABgUC +Q+NWsAAKCRAXoLUN46feC5y6AJ9T4dVM5VvRaWmZQk8iNogfuQ5b+gCg/T1XPF3j7+9EY/UZ +LHOUJ5SemMSIRgQQEQIABgUCQ+NqwgAKCRA38eXQVxe/tIh4AJ0TCE2TkzwUPYfR73BeTmgF +7QV79ACghMEuXnNl0B63Nm3mUD3JWZHAhoSIRgQQEQIABgUCQ+NrZQAKCRCtLjWmHh3/i2Ic +AKCdmhMQ8MnSP0Tf3R6zrmLuaV82yQCgvwZ9WFBZuzwESRgAoC9z/q6LeayIRgQQEQIABgUC +Q+NsGgAKCRAeZiAeyWNhVn9QAKCjdkHNz2SCR2CvOL+iiVRXloDtIACdEnKDaOmfkJvHquPn +g2epQMwLgmCIRgQQEQIABgUCQ+fbJAAKCRBtO67R6hYNCwlJAJ47pleK2mBXZ4Ed+1Wosv8R +a14VRgCfa6GHXQaFjTD/u2w/m8q8B54Gt5+IRgQQEQIABgUCQ+rqNgAKCRDbclr7ToSbhfrB +AJ0e4K3QMkswMnTGSYAgJ0IE2AesEwCg4er/BqqhrqtU4XsIM9ZoBFiaadGIRgQQEQIABgUC +Q+rrCQAKCRChs5s0UCNThEilAKDBLoluKGJAbUf1+dxQl3WG7gSUNwCfQ+zTvokj+lDHKrv9 +rHQJfY/IV06IRgQQEQIABgUCQ+5dFwAKCRAbfz+84sn4YyP6AKCRej7G3mgg2DW/YvWOfhxk +H1wXjACgmc46mXqSsgr9ygn8B2uRFMoZf9mIRgQQEQIABgUCQ/H0xwAKCRBV8HJpXSVqyv2F +AKD84TsfUhBEF9dI6t+pdjwjWitDeQCdF7EnQd6lBl8ZmPJ/+RUneHd82LKIRgQQEQIABgUC +Q/H1CwAKCRCqtcZDeiCAjUJrAJ0Ufh8HunEDtJJy+svDU3MgjBiiSgCgl91RXzuz7zdkftLL +eDRPE2QBJoiIRgQQEQIABgUCQ/JoPgAKCRDE1T1VoQKjzXJmAKD25wnYHsXH5nY5mX5m8Kem +LBCJ8wCgxz8ZYxy+/d0U45Y8a0w+7BvJEwqIRgQQEQIABgUCQ/WhigAKCRDd9MaRwHXRJG0Z +AKCWiQHK2wDPGVwKYLP5Ymqcz9nwDwCgq90eC6DdOCwdaztWRW3DiwLLrvGIRgQQEQIABgUC +Q/cERQAKCRDD88LOK2KKBwAgAJ9Jjc0KJajDoaLv0sR1V2mUlT4HwgCeMtqmZFiEL0nPUoj2 +fTwHhtrthZqIRgQQEQIABgUCQ/xCywAKCRDEdZN8DOUy5ZMXAJsF+c0RbaSwhHgi5luBrnLX +TAzSswCZASfQwQGKbCfe145Zl5L1cfWo+GSIRgQQEQIABgUCQ/35BAAKCRBmJ2lMEA1GkkE7 +AKCg0HSkRmScqQ+e5dQT6yTC7AwnhACg1rXKTOgoCM6kPnf41VZ7Q3fXdlaIRgQQEQIABgUC +RAvVXAAKCRAHqDURTFOG9xEqAKCeY/xs0tDrE4+I2VOlqb2LY+sqOwCfSAo5hpnF9krtOXOF +STD3vWYN//+IRgQQEQIABgUCRB3TwAAKCRD5BDwi7qjECaRxAJ9bxgfF9mdJ5L2Ao2JFShT/ +Fwd0bQCdGxvC9x4tESFOlzeWaWlJrQlyZIGIRgQQEQIABgUCRCScQwAKCRBaozZfXpXe/ZTt +AKCDD0TYJeSlgTphnGbVQhg47vLRPQCgnZuziLGhaqaLnYxkd4DoHxba/3SIRgQQEQIABgUC +RCve7QAKCRCcNWPaq3VJoyGfAJ0VYTnRULkL54GrGvROPWN8ELi0uQCgq6P2MRpJlxvMvdu/ +aRe2N/jBRz2IRgQQEQIABgUCRDf0swAKCRA2hULCCeEYbP8fAJ9Lchgrr3VFGurD7qMUoJr+ +Dd10iQCg47DmamVVfJCayN28IIkBv/c+a4yIRgQQEQIABgUCREaItwAKCRBv/xfpXkykBYq3 +AKDX4EsyM3FXhv2nilXiaFNMCVGJAwCeJzWMWCaTSpFY2tMDWvnI8H44kZaIRgQQEQIABgUC +REh/WAAKCRCHeYj2MmghSXMuAJ9Yzd+Qhhf/LHkaFo+pl4hQbTF7xACfRzjCKsp6F4RpOg/8 +GUUPqw2lABeIRgQQEQIABgUCREzqJQAKCRCDGMP2gUKt+tGdAJ4yX2VYn4LIegHUTjpDqrID +5I6q8wCfeF1fwKkqM5X/7eD9er/6XV54EhCIRgQQEQIABgUCRE/ZPgAKCRC9Himw87a8EAd+ +AJ48MMdCbgYus2qer4AvrYGU5ZRquACg/vCjzRXecHcMvLOQHTFMrnYOMiaIRgQQEQIABgUC +RFIqnwAKCRAU2k9xIytnfrguAJ0cKhsfOxh4Gi01ON4V0l7bQ1GHZACglawO/icxdRFnVVy9 +FL4DV5v3QbSIRgQQEQIABgUCRGHI1QAKCRCXs31W/YK3Uyr9AJ4kbDAXRtGb9ejzshRUfm9C +hGauuACgiopP2PUSQIhjoSsJd58o5uD0NH+IRgQQEQIABgUCRGiVKQAKCRARw+2ldQqmIMSD +AJ4iDU6tbMKEadqX+JXWtTAeQF9JSgCgtBQknyKJ6L7ZvVUF6cwKxexCFbqIRgQQEQIABgUC +RG9jGAAKCRBUb793rRVPG8lrAJ9YfbS2i1gi7nkS504BIfQshskfnACfbGRF3JA4YTaBpUvA +kkBKYLu+gQWIRgQQEQIABgUCRH2C+AAKCRAsQb9PSCCAm/GhAJ99B284P6/albk/lLggqiqG +6bNDLQCdFZIZHGVGq6Bn2VKtkriIU+/LOD+IRgQQEQIABgUCRIPbaAAKCRCs4mgf4AB+FCQj +AJoCHc6Mri0S/FyugQLtXkW64Kt5rQCgm7HpDw73/caWrnZ0FNCFP3BVKuSIRgQQEQIABgUC +RI9QDgAKCRBsBVneSEIuLaUaAJ0TFFHQZe5n34tZJcSS93y6hkmx6ACfUEmP2o9s6+y/zgc2 +jzcvTWug2JaIRgQQEQIABgUCRJxFewAKCRD5Ix1tlP7WreOKAKCQT+3R/MqC80U0MfSN4jKq +BhsVYACcD+niOWIK+DIMrtKULD5isCKAAlGIRgQQEQIABgUCRJx72wAKCRDvjlzELhYlsiXM +AKDOb8Tdq/wCaDAzqd26x1j+VEJ0DACgpEnJ4eAu88Ybd13/dVpQbRAL5MGIRgQQEQIABgUC +RK1zJgAKCRA7NzBmiAeY1WfvAJwOII/lluiAV2CYnw7JKcRSb+trOQCeIkC5zTxhkQY8S5sg +i/ALtp6qtheIRgQQEQIABgUCRLeyDQAKCRDUU+WrdheWFMg3AJ45cEP2Uets+m24d1uepINQ +eWzmzQCgnzBrPCWchbCvjz8Y6EjqP1x/DdCIRgQQEQIABgUCRL+nXgAKCRAtJan45HbztOaF +AKD8eVy9ZFT+QS8E7ps0LS8RqZoKCwCfdrdTpGa+MgWeZ2j2PpR/3dMevkWIRgQQEQIABgUC +RL+xEgAKCRB43cOaW41AIv7GAJ9iGH67O3/66TqhteCY1RhEwI8CuwCdH3LkLjBGD7K/iCzq +NnMUAEs51YaIRgQQEQIABgUCRNmdBgAKCRBfnqzF/l53DbiAAJ4+i2u0AKK6zvf2c6UJrAfy +o9edlgCgkMgJlQIblndP8urKUkWN6/S/GhWIRgQQEQIABgUCRODYigAKCRCXtCdLNJ9fUEkC +AKCwadtzoAbCqAPwmYflcGruDQuBVACgkCueg6MjiYvalf7i7uEnd+j+xZSIRgQQEQIABgUC +RPq6yAAKCRCXOLHlPv8mKE50AJ9hqdeuvQFVC1sqXEQKEIT8r/PneACbBPnrBEhP9uMeVuji +l9/KRqrSf5yIRgQQEQIABgUCRPwxLQAKCRBx2wF2fbPUlJgAAJ9oKiOeutMEvEcuX1R6Ci1C +r4orTQCeMa9rUhtGKPVA8q6gy5ojnyKYV6KIRgQQEQIABgUCRP2PtAAKCRCpvxFBFjWjJLoa +AJ4y/k3u9e+9xYVL+5H50Ejri9FqlwCgk5iAn7qJi7722n31CxUllHLNmEmIRgQQEQIABgUC +RP9CLgAKCRCswRR7hzVdtKw0AJ4zZx/hv41x/YchDTcLFZjkWhcjnQCeJV6sdOdwxoRQD5vp +OwNDetPWijiIRgQQEQIABgUCRQWIawAKCRDtwKSWcgNLQP9RAJ9DErC9u/o29ep9mcwDvecN +/dGqnQCfTiBB9MIpmIAiFbyBeB3J8pPmqbqIRgQQEQIABgUCRQha3gAKCRB/e1zkYsyRMfTV +AKCarRTRcK/mJ9yHJ9C9qvY6jKUOmgCgkOYxLtgskCvksh3ztmq8f/qoJxaIRgQQEQIABgUC +RQhlkwAKCRBcpM0pM3Yq5OOgAKCJt/kR0/NXvIsmlpL++R9o+XF5ZQCgrm2CZHh/CmGklXLZ +x+eOC85c6nOIRgQQEQIABgUCRQ6yrgAKCRDzjhs6VNqDry2PAJ9w+DcU8AsKz0GdGg9FliAP +YzT7GgCfXGMN9RmKhWAtOdsqSVCFJs3ZrD2IRgQQEQIABgUCRRKVLwAKCRDd8bTZL7S+a4fM +AJ9U5uU+Y06LKklo2BlxeZAfYJV0SACgp5Y979xO8c8Zwmy2e/ZcGmrE1R6IRgQQEQIABgUC +RRL0ywAKCRCA5VTMrpwbFHGlAJ0SfBcl0KEhhwD4I1+A/Tr7hbeHkwCghe/opNhP/L10pZu1 +Q/A/9HAQdGWIRgQQEQIABgUCRRO3OwAKCRCJDZO1KR1xLYMeAJ0cl0NfHuljRXqbatYbH4ev +ephjSwCfSfohQoSpFMpwMuxXr3FstRrXPUeIRgQQEQIABgUCRRQEjgAKCRAedM75mV6NQPIp +AKDa4BRvdsz8lUqahBLKWMxnl4hxAQCgmL1WVkaiIt+UxPyS+Ov3oT7QUKGIRgQQEQIABgUC +RRWzYAAKCRDQsLCHTgPs39lpAJ9bv3nl7nkha9rU+1axqZZyhu4CwgCfSaA68vZf6a+m2h3v +ehrEGiJov62IRgQQEQIABgUCRRhJWQAKCRBogDWhvQLTxLlbAKCwLCRvLtfTWn1znAAHbuVj +mJ1h1gCfW44Cm4MibRLB9Ugarn1B0zRsag6IRgQQEQIABgUCRRjImQAKCRBk4bNtNd0qwpcE +AKCai+0juQPef8HgwEOCqweHhJD6kgCgnXp5VSvet+EexlotZMDSSu9grQyIRgQQEQIABgUC +RRlCvwAKCRAIJM/3aBl8OH5LAJ9KNItnsYVeb3rvk1us+rqanPXc0ACcDvSaTXNG+IQemA1+ +JpwCF2IDOcuIRgQQEQIABgUCRRpoPAAKCRBMCz3luLdVAHAcAJ9Wagx+ygc7NF6Ye4wbz5tj +jbNmuACgoL0zXH7/3FaYWUwd27LgNGlG4/WIRgQQEQIABgUCRR10ugAKCRBCJU8Bl4ViZaby +AKCakoB93ipDbPzZJfJMaFjAHk4tWQCfWGE8DvW01d7qo9x38ae0kmzneBiIRgQQEQIABgUC +RS1TIgAKCRCKcxAGAgU8hOf2AJ9DziURQzzIlpLsqNbuLCxzfAw5aACeO+klThC6A9rRPmx7 +pkkyWJ6oIamIRgQQEQIABgUCRS1TxgAKCRB+gOM+2aoC3cRhAJ9m6UDwJIi5V/Eu/Byg/vWD +UE3lcgCfSaA32UytfuXJRx2ObacgukUf7F6IRgQQEQIABgUCRT22HAAKCRAeZgB+VsqJCv72 +AKCQiHCKhX4vqcaHWtU41z418IXgTwCfQLKuQRSTmGjrbiCuDojTYK0QoyeIRgQQEQIABgUC +RT4ZdgAKCRAgyjEKU36n/c/CAKDZC7CrpHJ9ZIlVPZrla57qzu67HQCeLNQ+AS9boFUNizcY +cQKvvoz+CTaIRgQQEQIABgUCRUEUqQAKCRACScur4i2whDe+AKDwUygkQcwuKWgmILTxwCTK +aE4QnQCfSReC8CVLUpKH2uKoiy971lmqkz+IRgQQEQIABgUCRUHa8AAKCRCnqsrvbRspoEQj +AJ0bdJsMVARavk1HIGXzWwB/Xo7GSQCgyYgjthe3Mtf40fsfdkpfr0g+p3SIRgQQEQIABgUC +RUOYcAAKCRAVhhcAo5SW8YrGAJ9aIffyJy0zyYxaSc7y6qJYWG68rACcClz5/hzr+Otc1pd1 +4OUbiTwL3ZuIRgQQEQIABgUCRVBrcwAKCRBFtj7O5kZJxnRIAKCZ72tr2YfY0/lkJ4LP0rPu +pW1bcwCeIuRcnA9D1XX1TPBn1iwNM5tb39KIRgQQEQIABgUCRVFBGAAKCRCMLLuNqEZTz5iQ +AJ4ll2gLM5pQ7/pcWgCzGKKKNDEIGQCfdRcENeD6+VJe1/NrZhYsmAP0Wi+IRgQQEQIABgUC +RVFBKgAKCRCTY/9Egre+bc+AAJ920uJXaJIrG1ulOkaTOeKBb5ncPgCgmuZoKU5CXKFpX2sq +HfGgGTW+lySIRgQQEQIABgUCRVrMdAAKCRDJMoB7N5ASVLw/AJsFos8k51X6Rr/f8aLf0xrw +410XYACgmQdINPYcVXEfh41T0QoAlet5+2mIRgQQEQIABgUCRVwbFgAKCRB0PaFCZO4YcUPR +AKCovYwk2E9FyWM7oesfpcGz8M2XYwCeK3gn7sE213bokKWR+LZQ3cBu7C+IRgQQEQIABgUC +RXDnfgAKCRAL/OfZKlePhD/XAKDIqDKXLquxTgE0GKSBr6aTENOnBACdEWP9B+IfDEcZtmz5 +4sXh+uSX88OIRgQQEQIABgUCRXR5ZAAKCRCMnOHNuOq1JfIpAKC5DTgqGfWr70XqPsZWHCay +sk0vwACgoWIi/5DIe2RjwkymzDCwUd+ecwSIRgQQEQIABgUCRX3QDAAKCRBqHToWVJHmg8o+ +AJ9YHYjGfffaLjTEClma2/DnAmVN3wCfY1B/6GpLp5RXkLlvASq8W7aUXNOIRgQQEQIABgUC +RX6ouQAKCRA7IV6pvAR0kc9xAKCfp2faei3K4lHMNNR6+Rbl0mL4pACfcPDG3h9gsi56wnpC +hCpBaxK5eleIRgQQEQIABgUCRYFq2wAKCRDc/QYFlt+I/OAzAJ0Xh0ohCeOF8w/E8sniJdZk +TVXTIACeInkacYyf71lLssCBKNvM2MGTv32IRgQQEQIABgUCRZwYIAAKCRDqvM07FJQdKo3P +AJ9s4rMnJG4qMEsGAt84GMpf0UERAgCg5ZBKsDyTPyzKX2SObcznpWGI3xCIRgQQEQIABgUC +RZwYawAKCRCX9fD3Pv/lps4cAJ9eXj38dP9u/hw/CGr5d1jG8uogQQCgnTWRBCLbgFlp7K/c +BapZceBuS+aIRgQQEQIABgUCRa/7nAAKCRBnkl9lZaaA5Qj/AJ44i21YVF3rELGN+mB4f42B +LqsZbwCeKCqnWQKULSYFgkjdnOGbPYjoAneIRgQQEQIABgUCRblpGgAKCRD8ue7ua3+5Wq6E +AJ9byntjlHmvAK6tLRGEvIbYgYziRQCggFjRbCKshJgi6ln24IMzDCooqu6IRgQQEQIABgUC +RbyOxQAKCRBCVYROt2D2QnStAKCv1y2AUbqUBU+dEmIbgTGyQIyZ7QCg8UKSZ0PVX0Xi3B2S +HFxXi8Y0eD6IRgQQEQIABgUCRbyPBQAKCRBCVYROt2D2QmmQAKDWZq21Pm8qA8HomkjF9fxa +o9KNiACgxdHVCtzggp6MrgxxO3JufihZ7g2IRgQQEQIABgUCRb9wOAAKCRBc6+JMLEyEzMaY +AJ0Wn2fFhrA4DueeXxB7L+VoaEc/SQCffbxNDuL5G2OrCLnU1uW2dxzgUOuIRgQQEQIABgUC +RcOt8QAKCRDS4CWrCdMoIEO1AJ0VCYWjlJ4qaO2A5Mc5MM5YyCP0oQCfU+Kr572HeJqDkpmu +eR+jeFM2nXGIRgQQEQIABgUCRcSu8gAKCRBySsB39/7uYNzMAKD3oSKqN+M1ppyFnVFNFW5o +ywmvYQCgtaJqmwVIlsTICe/o1fz8w8BeJxeIRgQQEQIABgUCRcc1SwAKCRDSl4X5Ssn1QTp/ +AKD5f2VrYonH7zTBlMG5gIV77tsi0QCfR2tP4v21KKPIk57C4qfxsJ/nJuqIRgQQEQIABgUC +Rcc1cgAKCRBxU3Ta5dz4kUkqAKCiEwKDmyg8+seXplwSfcwsXu/12ACgnuqWJS2bboVl5O6j +bLgDOjpb9bSIRgQQEQIABgUCRc9f0wAKCRAoFVf52tGXnQmSAJ47NSMVP+ygoh3OhnkRN3J6 +s0vdxwCfVbKPBTXPc+oRU0u9l6Ifs5C4YZ6IRgQQEQIABgUCRdVnNgAKCRB6vdf7+83zbiZ2 +AJ4ylMIsfq+Mk8npbj6q8R8AlLOlKwCfRyiAlakraRqxCEwmniwvyRRdhBWIRgQQEQIABgUC +Rdu2wQAKCRBHhiBRTmflTB72AKCIlOawYBcTMbTK2MWB/sPowGMroACffZavZqVXiEzkJVag +TqC0yL/qiNqIRgQQEQIABgUCRd3qlwAKCRAvHVttLs7QRvwyAJ9NhJ4eW+affRFNJGsJUeAs +YkHeyQCeNM26EFAkAIdGphOcX4TzplbPcF6IRgQQEQIABgUCReSGBwAKCRAyDF895LmjoUO0 +AJ9mmVFi+UwLpOpWJghYXf9p2ruwXgCfZTIeZ3IL3ZzdnpuXD7wKP0cQuCOIRgQQEQIABgUC +RemY3gAKCRCL2C5vMLlLXJXVAJ44lO2B1oy5S0xyV7P2m4dOKc7QJACgqXfEga3Dyr9x/Eez +79fYTdCFQ2iIRgQQEQIABgUCRfeyqwAKCRApsBKPN4Amth1OAJ4qJsMmnAj4vXXdr4g31mcu +MvZObACgqv3ad2hVyNat6tRswE98lb7rA2KIRgQQEQIABgUCRff09gAKCRBUjLKyYfcNmFlh +AJ44PCxQW9dMQr1v4UQsSXcG2eHT1ACguTAB878H6t/7l9WL2hRyEqq9vjiIRgQQEQIABgUC +Rf3HNgAKCRC5lDkqITLIW70ZAKCDVjj2gBfdUolBAKzWsND6zTIr9wCgkE3gutMZpYfFyJS8 +XYFv2JSoFlWIRgQQEQIABgUCRgDQZwAKCRCkO9RP3sjA9OVPAJ4zeqG+rXlYMvt4uWs2auBe +uDEHqACgyJ/GQHBMoEuNGYccgc879BJjoCqIRgQQEQIABgUCRgDftQAKCRA0ddHyIKztOQXf +AJ9p2eAU5nIV4NsVkO27IDKK1LWPmACdGbDhdP/4NiWfuufP6Tepez2mSFaIRgQQEQIABgUC +RgDfwgAKCRAddVt5xaUmhoXcAJ4wJWVK4pZLtdTTciKTRMLthLhQHgCaA+pH6A5jBztmp6XC +IgI9UMg1p1iIRgQQEQIABgUCRgjDxgAKCRCeJZbTJol4KYIZAJ9ssTbq4VZu0rUVonGyEfHm +LMKxKwCeJKFZhzzJPaoTHsDwEAh4PTLxYZ+IRgQQEQIABgUCRgjZQgAKCRD66pnDm9FZkcQO +AJ9YnADzzGJQ+7obFinZiAq91+Me1wCguK3EDqSwObg5AEIf2EtQHC+Z98OIRgQQEQIABgUC +RgndkwAKCRCbop0FLykXCGbiAKCgj4c2Ocoj1gIIfIoUIcNxwocoKwCfeBkT1dsTiD1PxbVL +pdmmMCTQg8SIRgQQEQIABgUCRgpkLgAKCRAMPxW6prO7mUtDAKCm0/AfJVxfXksexB51W2cF +rEgMkQCgmGdJiIzoyJWqwQTnEhX9Pu4w2oqIRgQQEQIABgUCRgpkPwAKCRBV6hS0kJAboKXC +AJ9MEIST8QVTlbd9SdN3IN9GFve4MgCdEYAs3dFa6s8EPBxuHWUDNDpcQGWIRgQQEQIABgUC +RgrKrAAKCRABvi8oJ8wwCs8WAJ4jooTMwYX9hIVka2NL/UKfqRFOWgCfX8uK44H8RSVQ8llB +/ATWWV2IA9uIRgQQEQIABgUCRgrLggAKCRAKJQvKB9S8Q0D0AJ9DZylNxuJatvLQfpwukdg7 +F8/I4wCgpdd44okm3MrRy/JAq60+O3bDsGKIRgQQEQIABgUCRgrMDQAKCRAB7ETlsr+YeUzk +AJ9RmTSYJdQSXQOQDBfP3diubYS6eACgi1GlKQigeCRwVHDL3d/HNjXdFKOIRgQQEQIABgUC +RgrNbAAKCRBQ/CjThUuktydoAJ9HyavIHmSToH8uVjE4wLvO1brdSwCaAqxDSy4tHJsR+vUq +EPVIYrLmSkeIRgQQEQIABgUCRgrOEgAKCRAo/u/uNBSbfkmNAJ9fo0tzJPHKR24/+s+3Yx0M +L8LKXwCfbg+meI4mq7ajPQ2Wgh3ZsTiHD8+IRgQQEQIABgUCRgrOjgAKCRCoQluC1lL/sxuX +AJwNeIRgzB1YPJCbJvdDIo5c40ulMACfV2AiG0IusOpG/F52aWqz7iMrB0yIRgQQEQIABgUC +RgrO/wAKCRCbNQMzeCHtRQWFAJ9DybUZ5d+xoz3/nrQHMcJDckmSjQCgnHckHCLvcWFhVYe6 +6FybUY66OweIRgQQEQIABgUCRg/bhAAKCRAoYf2NmYNxIYHBAKCL+s6tcRi1D7dLOs+maajm +AyAWCgCfcCiN4rjBB9v/tIAPKzsZN+SmmCKIRgQQEQIABgUCRhMMRgAKCRCoyTTbI12a+Uzh +AJ9YPVrzx6CANkrfIeA6gwDF0OvztACg5oUEO4XQnETXJW5Lm7C3e2Q9kzuIRgQQEQIABgUC +RhdLKAAKCRBzjJy+5vR9Fnu1AJ9fKCRlfrFM5c+McDq0YyTQ6sMe+ACdHuO6DaJUTAnWm26e +07RWy/gVn3GIRgQQEQIABgUCRh1QOQAKCRDQzDNfgVrevcEoAJkBzVIuQSjYnX1fALz6aaYm +tNA8SACfSChXpoTvD4LkAscH3Ci1qNLZE2+IRgQQEQIABgUCRi5oQAAKCRATPwvAyF7gokTv +AKDLh+1tpY4peqeqgpjdkJmVGbEKOACgzCh1/kjBTnrjB/cL37Tr4GcujyKIRgQQEQIABgUC +Rjg3XQAKCRB3A4Ib0s4u1HZ+AJ9Yh2kfwNgLK/9jiT0A0EdJR6pq3wCfUa6HkhW/8EoN345q +TKtClO70+4OIRgQQEQIABgUCRjkA7gAKCRAmUGwBZZcf8op9AKCPqO2Hfvs45tSpnMdFGMXu +iJG4TgCfcBcodsRRGk3p4gMbPxhT2veWhz6IRgQQEQIABgUCRj9YGQAKCRAp0grog6ub74/X +AJ4kKdF36s8fx4NSD8lC5086lKDIQgCfQ2CvHFHj0Ub/1Z6tZ/eKSejUFIuIRgQQEQIABgUC +RkaF+gAKCRDLoD9GeF6iKY5+AJ9FzjcM/JHLweo/iW1P+8+UCyo+kwCfRNGzih1dFxsOu0+Z +7H7CEf7g1/yIRgQQEQIABgUCRkeTzAAKCRBGbtiKA8zXIndaAKDRjcZ2Eosln+ihuVcf/4eX +BpnvcQCfXP+Ibw/4qX1EPXLy1YEQjxQkWXWIRgQQEQIABgUCRkeaagAKCRAfDASyhPQFXQ37 +AJ9n8gJekiPX0ICR1/UXMYh2B4hYEgCgponm3hkArqlpQGKJGVysMR62NvyIRgQQEQIABgUC +RktZIwAKCRA3H/3TcQn06HnwAJwJO8hskBG+e4H3m4yvN4qTRzDkTgCePTwVxHlxjc9b9mFD +J7bojWKKHWGIRgQQEQIABgUCRlvyQgAKCRCn7dxe1omKq2RNAKCCQFHAjMUxsE52QI8zgcjk +ErmuhACgjKeKv2J7sZ+jlQ9k6+Fs/kUPyGmIRgQQEQIABgUCRlv1YAAKCRC7k9i5gXc/V5OM +AJ4o6lqf/nEEc3cjy7AiuyEvdyQTxQCdEGY+sMvTb9YFdVtGtVlz5F2R0+GIRgQQEQIABgUC +RmaojwAKCRCSSaE/xPzHuo3PAKCm1JDlcQaypw6916UOSqHv7CGJYgCglzemyX5PtDXz6UfC +2pD8W01x2mmIRgQQEQIABgUCRmft3gAKCRCmlHVmOysDgVxfAJ4vQ6n+1JSbo5KX03OqzYaM +XeGClwCggIKuiVPvgzqeTnBRFjIF2xloGnOIRgQQEQIABgUCRm81yQAKCRBVjgmCgtIkHCBe +AKCAS8XTV7BPDmOuqtMEvkSKkeeVOwCglrsoAzr37XIcBeokjH/dK1ayHDyIRgQQEQIABgUC +Rnf4+wAKCRBjFrYwNYAy4XRKAKCJBAVCXNXlcQpP8hcjZkK2kDlFMgCfQGpIxy6Nil7mdcpj +VvI71OpfM+WIRgQQEQIABgUCRn0JbAAKCRAoj9TuNmfOdyA6AJ930hMK9ulK73cqlBB9FKfR +EXcdLwCaAqJRDjQyg9YX7lQmyZNgJf6UHXSIRgQQEQIABgUCRn0prwAKCRDhsbSnd3PbQoTZ +AJ9pmILVfGIE6zNkn20SRpzalR9PXwCeP0oSwzLfMQxKulPp5Y5WwrtoEWiIRgQQEQIABgUC +RoAKIAAKCRC1vCBGLLq0aPjaAJsH83/+gVSdmF372G12a2OWPzYEjQCfQYd53udHh/F4a8TC +wtssYA3OS/qIRgQQEQIABgUCRoDGtgAKCRDzwrphsakcnPebAJ4shL3AQAjX/jIvSzjR90fs +q92wYACfcQ39tsYBeB7DugO7ihuQl2RvcHyIRgQQEQIABgUCRoSYXgAKCRC3PTwfPULAxDlS +AJwM6t2ww+/AXFwZj5I0IxeofOw0qQCcDyHA/A09TdtnhJhZVwberVA6iEOIRgQQEQIABgUC +RoV2PwAKCRCJsls4isTWazp4AJ9LH1ezSuW3+CDugMN17w7ufU3dagCfZCkzedh5b5wazFPN +jofGtnyJ2gaIRgQQEQIABgUCRoY18QAKCRDlWhc2PBTCWRB0AJ9+Cslqjj5C22vF+1CNmKuK +K8Y6owCeM6QIipMpfw6HAQVvD7BES9iZpJyIRgQQEQIABgUCRoaPBAAKCRAvGjiG1MttpFac +AJ415ZWQoA6Ykot79CLb65RPIDPWrACdEXpZhMKMSTOhCGa34AnxIvkJ3LaIRgQQEQIABgUC +Rohj9AAKCRCM3yJ6Kh+7iXNhAJ422mJTF8/q+WqVfZbtFoArD9GO9ACguOkrasUF1RczOGKB +zUeiGtsXZ5SIRgQQEQIABgUCRpeOGgAKCRCD7WNAvA48KokNAJsHoQZqZ9Cx/rmtYCQ9P6xa +x23oswCfUGJhY1sUJZI+IH7si5sjwEDg1SqIRgQQEQIABgUCRpjs0AAKCRAVWkMXiM7QCu/A +AJ9XGVZbuGtFQK/JXJ5o5K/MCi3W3gCggttZbX05OSwyBw5wKwiys3I9aHKIRgQQEQIABgUC +Rpj4owAKCRAZ2jGx5/cU2prrAKCIkL6ONUwsKJUZieqXxGfbBO0nywCfZoxMslWiCzMjG/VI +xLx8gw9GkK2IRgQQEQIABgUCRpj4vAAKCRAmOoLJZLrqD3znAJ4oRCrAOT9H4U1DIV6ncrnJ +T1dVHgCghy//UrtayzHwml3fuUl22bRN6eyIRgQQEQIABgUCRqZzrQAKCRACwq9DxPQf7Jhz +AKCO6MpLP8MQHax4SP6iXYdjtI9RlwCeJAQ01Us5PpnCg3wwdsrlwQTq3saIRgQQEQIABgUC +RqpSBgAKCRAfvxnYsqomT2LQAKCBNj1xaMlVB5KLZ7Lmf/XHVKSDdgCeKYb3n9NqhxTheFoN +5sJGEayVbnOIRgQQEQIABgUCRrHK9gAKCRBknFZ7oW3lXFABAJ91lqCraPk8kfIWiX/rFa7G +b2pKMgCeIVj2NMGmrNSofsYUwI+h76CsQJaIRgQQEQIABgUCRrcyGQAKCRCzdmP5BY5gRVLP +AKDS7izt/K5/HwcWPF7t77emLDQmNQCdGkfR6tKUjkiqkJsSauf5fbxNzBKIRgQQEQIABgUC +RruzoAAKCRDpwnbLMWgP8ToEAJ4suphod58dyaA1Xj146sRLFXoU9wCgsZbEnVLSOGYOZsPG +ldHCgInaFM6IRgQQEQIABgUCRrxnQwAKCRC5Kqc3iufb5o/OAJ9Ks3CljWTU4WcnoQ4oyDkH +pyHTeQCfRnwVkPqUzMjL+hh4VOQaMx33KoeIRgQQEQIABgUCRr8dZgAKCRDXwMVDRg5xseIi +AKC06X/Gr1YUN6wrJdtlGyHS8hO0CwCgq5Vvr0U0XDg9+z4AoOuYhe3RCtuIRgQQEQIABgUC +RsjwLgAKCRD4JPx4h/zNptH0AKCAWttH5WrNR+4y1HIFFwOqvTesDwCgtIkVkXSpB0yYxKzT +FqtDWb1i21SIRgQQEQIABgUCRsjwOwAKCRDmM1gqB0UHZts4AJ9zPTJqFTzp56ObZa7xnmFD +d5gZtQCfWihvHWHRr788eNXDfXY+UgtqV4OIRgQQEQIABgUCRss03QAKCRD/Dd+QZsVx3nXX +AJ0Wu5gmp2NsUSD9gJZOElCHm2nGfgCeKYZn8+HpBxP+tNblF2zt2Hg3UT6IRgQQEQIABgUC +Rs9SsQAKCRDfns9DNlEBL8p/AKDL5yJgzzMjYTPjeoppv0B7Vv6CSACfRpc0fQLsB18t+LzZ +vez5OGrn1qOIRgQQEQIABgUCRs9YogAKCRAcZO24je4b/HDVAJ0RFwzG1llMe3XNcv90ZQwL +0tW5ZgCggdNuUNkUFFmAT7xmLZI2zX+4ZV+IRgQQEQIABgUCRtCurQAKCRDHNZ16NQh21RL3 +AKCzwZcZtu4zc5AS7n/bt5sYeYymnACg3IF1ng0F5X+F2CiN9HNwLZi7g0GIRgQQEQIABgUC +RtMKWQAKCRAx+YNrIIH0W66KAJ9AqU/PtPVMYo5+uHemzDkOoHFVLACfVcN98O0EDUlau6KN +JvMRXTDOAGWIRgQQEQIABgUCRtY3MwAKCRB4NVvUpILuJNnFAKCK+4UtGcIfjsF7jcqF8zZG +QfOtjwCcCWRHJJ8EOQZ1LhYQHaU4Gmg7/36IRgQQEQIABgUCRtc3NwAKCRAxAKPKe6pC1/n5 +AJ9MBXL50H3yCNdG9pIgzwbqJcLgpACgwSn6bNur5oOwW/DvlwulG4sta6+IRgQQEQIABgUC +RtnizQAKCRBEf7m6eMQeFj3JAKDKRXWkr5XpqV8watP2BTCHaosxtQCg0ztrp8pvGTvRQkrP +I6GgBqqhEu6IRgQQEQIABgUCRuTBeQAKCRAe/l6liaS8GrzdAJ4u7ZmuHJpvuevSibCyp89y +LvTDbgCdFw4W91/G8sfS16ItLxkVWqARYMOIRgQQEQIABgUCRuUpwwAKCRA7AG4st5usNjOf +AJ0cx5Spys1Cl8rEnHgrCljm6Z3JjACdH851TlyEvHfAnrhS8VBi5zhPHqeIRgQQEQIABgUC +RvE/0wAKCRD/rsnerGAqcWukAJ43T7Yn0xo61W75+F8LEe7xzlr5uwCfa8oZhxwW9iVsuIqw +6zz/Hh3sWGyIRgQQEQIABgUCRvkmNgAKCRAsWOn8lB7vjcvZAKCEWWO2c45/IFt157D8MI9d +WsYwXQCgqoIhcm5Z9226Y6xe1kTnoRfgCI2IRgQQEQIABgUCRvnkjAAKCRAgln049LO87/8h +AKDAMnL2DbleNAkLpuIySdjsdcwnqQCg0BA2GvfoHA3fbHt1FDO9uJmmsVuIRgQQEQIABgUC +RwGSUwAKCRAvBvQcS1jCvOh9AJ0SIg8GugSl1iy2VrnzUmDA/ZqtSACgmRZB926FErnn6ETl +pkvqLEm73SeIRgQQEQIABgUCRwsetwAKCRAwRh+LFHNIN5qBAJ92PYnJKTbqsb0UkEdxMS+P +RkwPrwCfV5HM08yMzIj6fe5d0+QrA0S4RbqIRgQQEQIABgUCRwwKHAAKCRDTJhTHStkFIJ7n +AJ9kZ3FGltevgZUeuX07lX0U7jINtgCeLMFkuZKWspVZseUsxcRHTOusCIiIRgQQEQIABgUC +RxT1qwAKCRBGhA9sbZ6HiLoXAJ9WxEHBZprlEMFu1L+ZHBZmGtc6+ACfSbThY9woxhsnNZYc +jjiMaabe3lKIRgQQEQIABgUCRxT1ygAKCRDf9j7LFofK9XfeAKDD396imoRO5eMmRzdI8EEj +XIbmiwCdF+pkc4iH3k6TUje1egrcacDm2ZGIRgQQEQIABgUCRxT2hwAKCRDzpzvnU/eQIuUl +AJsFCGGirABFuO+VCnUfd7kpRz23+ACcCTQKPucIf3kZdLGw5QX/BHapzjaIRgQQEQIABgUC +RxoXAQAKCRBXMJkNR4YGPuNHAKCisjL5CsUFIi/xJP/GN4Qz2ELTKgCeNqfW2f6iy3By+BTC +JxPcMSk/rT2IRgQQEQIABgUCRySCUQAKCRAgCCpt4iRutX3JAJ4idZQ8HimK9ontpjPrnncY +rMSDIACdH7ux6SCddvSPQqjS7TtDZ3bJOluIRgQQEQIABgUCRyWtIwAKCRAfL4QQdi5edMhc +AKDf2FzMlRX6vFmsR5Em1YjZbCd/IQCgzg05K0vxy2J4fsK0S4Rn0U/UeJqIRgQQEQIABgUC +Ry1WHQAKCRBVHrXXTPqqZBvVAJ9i/07AzGQ3zhwYr2zBdcJWZ1q9tQCgnAQ/PYtEnOZSvzmo +jEf3szFJOAWIRgQQEQIABgUCRy9uGwAKCRCUl4HejpybEuSZAJ9B0qJ1OJgO0egz8MLhtBSy +0JX7SQCdGIqCVR91RXgAgenp6vAsakhFiwGIRgQQEQIABgUCR0gKkQAKCRAplhCpID7KJXzk +AJ9yWK/cB6hW0iFrhDCfNp3uhuS0WACfT4VWhHGE9vJKByAeDfFgDxtMB4aIRgQQEQIABgUC +R0suhAAKCRCLqrQ4oTXG9mjrAJ9I+Q1xXn3UsH6eWYiZaNgMBo/XPgCaAnjqiD9ZThmamsSe +mAhKvh7Q54OIRgQQEQIABgUCR03DOQAKCRB4lpbQfubCV0pUAJ0TiX6rUPkn9R1/4Rsp8bqV +Me24NACeITaaP2M1b2SyZzSaeGtfMeMNbLGIRgQQEQIABgUCR03ESgAKCRARaWMVtk7dtXoA +AJ41NN5ikvwkyj7jJvec11oyxzZFkgCgxWq0q6HXhO1aZZtX334Q5+U7cUGIRgQQEQIABgUC +R03FRQAKCRBdpl4QkzIPaSSKAKCJjhZafPgHi37kQ+tVB6UNaH2fWgCgiQdiRJgWnyXsRe29 +9UeRVE69KjKIRgQQEQIABgUCR03GmAAKCRAqE8sxZyd4+LISAJsF1H3HigTyYq/ahVcPCcMW +osHZjACbBRui788F/Ko3he1wRDLtuq5OZaSIRgQQEQIABgUCR03GuQAKCRCxis8x3Q2N0VgA +AKC8M9l4GmlgNpDUg3o+wHVdr9FndgCgtEAjryzZPBwiknpwDaRBxmRR46KIRgQQEQIABgUC +R03G6wAKCRBo/6XMkbZDGIFsAJ9iI7+3iMgdffwyTnZ9XH3Wn+HIigCbB5Eo7elhWrKFI9Me +6XURQVSHNeuIRgQQEQIABgUCR03HEQAKCRAScP001AGLh5SgAJ0cl3ULXWNvqVMdu2EgGKsE +CoY+9wCfZAelYqAptzWP8Rw/wwx1QIr2MO+IRgQQEQIABgUCR03HvgAKCRAPYDh8tWcvMNWf +AKCa/Lj2Dj7kOeAeQk7TPQWHlL3NigCdFnQvLPex8MdfQA4/MXdj3SPcoDaIRgQQEQIABgUC +R03IAQAKCRAUJNqk1c2Od/fgAJ9tBtUtuACVctdojtxwQsr/9jMLLQCfVCX40b7rGUAmirU1 +1KlGfkNABEGIRgQQEQIABgUCR03IWQAKCRDssTQb8WZ7Oe0cAJ46GEwscoofhCui4IGk2zMT +6xMw4gCeLsoST+SyeG02+frrOHJCLVuBH7WIRgQQEQIABgUCR03IiAAKCRBimKFUJZ4u9zWU +AKCCB0vJSK0ATkNqNQ1wFk/rBYpZaQCdGi1Qdzc7zGwxP3EquFxJrrHUu1GIRgQQEQIABgUC +R03IsgAKCRDix06oTMe4qbiDAJwMQvBvBTCZr/xEvvgvmIp9jQbGmQCg24/6+KeyN5029ME4 +h+EiLX3oPESIRgQQEQIABgUCR03I/wAKCRBftCDfVA1j942jAJ9w7TgsZnaHqTY1YmOdvT+0 +dMhrqQCghEcRyTwmH++3envFzkgLg53x0ECIRgQQEQIABgUCR1RWJwAKCRApK8Y3GyCLjK6p +AJ9troSYT3uLkS1PrHUpT35z1NMW3wCbBJ1XT4c/fPBZAusMwzV0cw/uMoWIRgQQEQIABgUC +R2uKaQAKCRBTcSkeIP+C06xMAJ9Cq76J99O9gczVhTjsfMelfKGcXACfQRZGPrqvpyE2kITP +16hsFOu3ONmIRgQQEQIABgUCR4EKBgAKCRA7IO02d4cWs2sfAJ0XE1HWy0Iz93hYHvSE5pV3 +WTgK+gCgiC9Z8nHhDImkO/8YxqxmVSK8muiIRgQQEQIABgUCR4Yx4AAKCRAacCn0hWrgVNwC +AJ4z5kAm5wYf17JIjoC42kjUmC6zGwCeK0VLMy1CYuSbIgtzoIVTyB7UgpuIRgQQEQIABgUC +R4iK1gAKCRDQJ5sv8TOfhpBJAJ9gZ7gHUAQhE+KRLhF3lOTe9mNirwCfTMVhMg9rGIXfYAiG +28M/7RjfZZWIRgQQEQIABgUCR4jItQAKCRA1FqhRe6RDy1RSAJ4t2vtaRqiBjw5sJINamS1t +hAC5RgCfVUgIC5za1SEQut8JkChzz3SwYRuIRgQQEQIABgUCR4tSYQAKCRDvxvUHMj9il5dV +AJkBALOW+qR/GO7Bqc42RlBErm6B/QCfftZxlCTNu/UiYARatNk2bUFE7cqIRgQQEQIABgUC +R4yy9QAKCRBw2m8a9HK0v54OAKCRq4KhlMdfBdqqsKRTG7G/GEc5OACfVCm8nJ2ZKXf1CaKd +GWRnBIkeSxmIRgQQEQIABgUCR5DFWwAKCRBOm743qy6gWSuvAKC0eVfm/aolDM27PGXc/jCu +eVfgNwCgmRi+nThHmUtGk1OOlogz1/9CGD2IRgQQEQIABgUCR5DFvgAKCRD2qzocV0/ItiME +AJ4h6xFgk6qZ/Xw4GxEgrmccmy9PtgCginnOvP2cULogTg3ywutsmpEmAAmIRgQQEQIABgUC +R5cvmwAKCRCXfRn3eV8rxma7AKCgsjgCR4aG9JexYmM+YnP/oyIKXwCfWNojEMuRYaOP4Npc +l6W9BeV9T2aIRgQQEQIABgUCR5o5mAAKCRC1G0sJU1aqyO7/AJ9KZNbibFfSL/pF5CxChcmo +h8MY2wCfVU4+4sJzJLl5hoHUwTtLnLbqxIKIRgQQEQIABgUCR6duMgAKCRAnKV7MQyKYczL2 +AJwJ7/kdlIgWvWKKOwa1rofmuVyNGgCfVjeeKOexsOjhNXDgTJeAR0JggW2IRgQQEQIABgUC +R6eXRgAKCRDY6aM//1b/Q5njAJsGFBAtOQ5puOvYDXT6lNMKZPTvaACbBa+BMDybmKJbzCNT +Qru+xzVjnuKIRgQQEQIABgUCR6zQgAAKCRDxL+YxPQErs55HAJ49tF52dhDDJ/2c+KDOquvC +Tz17OgCdF9i3BGJ2Femgm3WjlFSiG0GV/E+IRgQQEQIABgUCR6/76gAKCRBVZTlFyN0YopSX +AJ424rDSIJtTb+Uh1ckowDP/cONhwgCfUU/FpaQ/RKBKNSgv3qdH6BaQ9kqIRgQQEQIABgUC +R7CWKgAKCRAWuksWcPQnwwXQAKCMiNNP5loYN4YDLa5GEXrBj9BmKwCff/833ESlZk9AIkmk +KWvIubTm78SIRgQQEQIABgUCR7NqrAAKCRCXh0BnKHER7sdjAJ47lVuLtGLRBqxIOWsrPqW9 +1Iqn+ACeN2njGTWd/qhwM87Dqk89vPLSs/aIRgQQEQIABgUCR7NuWgAKCRB+Ka3AoYfDcgXp +AKCMNlxoyK9lNfNGOSUyn2WVPcP6CgCfXOu6uatZmWwS/ExZmnGrwP15BPCIRgQQEQIABgUC +R7uTywAKCRATqHy3BWJrq+WOAJwPz/8ZDW2PP5P1k+of3M5IKsSV2QCfbEzvzsBu/kzHPJ0h +UpU4x51W+3uIRgQQEQIABgUCR8xKlwAKCRBTjdI58BnsD3lrAJwN0yfJ/Q3xjm2uWOys7sxU +3kt9jQCZAdxCIoga4I7L+0PAhQodonUlqsuIRgQQEQIABgUCR83rnAAKCRBPctJMakK31INT +AJ4lZVi33qrDRPxy1VfuyJuY5XlJ3QCdEuyH3RJ6SQBlVe/nvIN2hofeU7CIRgQQEQIABgUC +R9CcLgAKCRBPctJMakK31IuJAJsGpO9nqh+zxpXrKwrq7zun7iuOLgCfRVRMhYLObadtWqVr +MQD002+1ExSIRgQQEQIABgUCR+1bzgAKCRDw//hM1pqQNjt0AJ4iCaQNtIoGmUaBvEKMRo1x +83UcFgCgmeXcv7HKTNpbKseujHh85P2esZ+IRgQQEQIABgUCR/PNKAAKCRCrmwrttCFNjQJU +AJ4gVN2bbrJkEWa2w3V5EcPApFP0ywCfUOncxxb/uP7cLSK/P4nCM1FqOe6IRgQQEQIABgUC +R/YJswAKCRD2Iim1ZlCmM9spAJ9sPohL3WXlzZZ82YqMndFjlVlvpQCfWfCCqUETj9r3JR9f +DOrMQx6Jpj+IRgQQEQIABgUCR/3RNQAKCRAiXDTq2GP0hEVhAJ0VNU/RANts4Od+7iliDIln +r9ofMwCfScxSeMaGb7vE1tdONACDdsayfS2IRgQQEQIABgUCR/7R4AAKCRDTh/D9jv/zH776 +AJ9qJKFqUx6ELbdb+MTF0hLrembDpgCeJlG8GD0x1i5njbNfOyrPn1lgJjiIRgQQEQIABgUC +SAqH3QAKCRCMrcxkhk+YoqpeAKDDOFfJ3RDjMbbTh1Hhk6aV8CrvSwCffbO3wqQ85BniEMFi +Mp9HpS6MYaeIRgQQEQIABgUCSAz3BAAKCRCR9+OpXDJstlD6AKCPKhvPHTln9n9nIGbeJxUh +wV8obwCbB2LPoGeOEkRuh3r3HY6clSR98cKIRgQQEQIABgUCSBA6ggAKCRDi1+UD4caadhki +AKDDHE5+PFhToEDs9Jc5EPYV3AEJ1QCffPxmbeePKkhvVFyEszINksukicqIRgQQEQIABgUC +SBYXfQAKCRAMGPLOZw4aA6ZtAKCm9+LqR5G2g5UtXZAjmK6987gYRgCgosrk5MeOhmnu2l8f +7wVe46cQQymIRgQQEQIABgUCSB6jCAAKCRA5pf4SyXfRw+X7AKCD84AHqa90tZazCUtEgysm +1IZCaQCfVA4b9Gkw3c7TjXvpf0MUfmXcMFSIRgQQEQIABgUCSCCEswAKCRDqZjV2guTyPPiI +AKCA6V29ovzh1hyLIkaPIEggjuToOACffzQwRKukdm5kWriEfBcZJK6ygtiIRgQQEQIABgUC +SCIKFAAKCRCdNbl22vPujYZbAJwPjvYA5vAi7ZSjAwubwj0HekV8igCfWMGNmigNBcwuA+Wg +Z1GlgUo9wBmIRgQQEQIABgUCSCNBXQAKCRDwpIyO6rfKOHzSAKCVAQ3G58cwrues1PgpzNzQ +76G+AgCgkALb8nKErQsEFfZdH1Ye7qXfTzWIRgQQEQIABgUCSCeuMgAKCRD6qoF1yEoWz2sr +AKClfcD5p6LDn9XlM52HloFir9sdjwCeLkg9n4sqXchnKvUYKgYX/WNwtQqIRgQQEQIABgUC +SC0wXQAKCRCZp9LGMzmISKvFAKDuQN3Kz4V/WbKmf6Ar+pGamivsSACdGkqeHDwS4l/nPpfV +5mKq8fxXk76IRgQQEQIABgUCSC03QQAKCRDwD/VP7uq0WL77AJ9MYf1hJ0QGxgarDHbF5o6V +H0gdmgCeN0sF+nIj7XPCZZDq4Y5kFMp/+V+IRgQQEQIABgUCSC+FZwAKCRClHMSYf3+ZRCed +AJ9Tqa/83h9IttiAmT7VT03CNLW/HACglfRuz9fBjTF2j6wv1WLdMKr+plCIRgQQEQIABgUC +SDBjogAKCRDqI5uFgBI37ObeAKC0R3HNyqT7sviKRLfysYJH9Mxg8ACg49jmlJW4bB3iQT3m +K9ZL1oBDaY6IRgQQEQIABgUCSDO1egAKCRBJHDgE+tWs0KhgAJ45BdX1HWgEZG3THHQ+zuCt +dXzrIwCePv2Jac/xv8rlGSSRNBFVIod6cE6IRgQQEQIABgUCSDSQmwAKCRA3m9JR4L7sYgC8 +AKDWoQVqae14tCp0ZOfsBwYeTSqyVACfUfV+75phC5OiYEyme629MJ3t4JeIRgQQEQIABgUC +SDfeEwAKCRDPxTpMDud1YrPHAJ98fLuOXLNTt3F9iGz+BRtqZGiCxgCfVG0iKeWWewUKaKNw +LPUDkl8hxy+IRgQQEQIABgUCSEFxCgAKCRArNgEAdakGi0aeAJsHWDDTaxgLbbjjfqzX2XPB +F2eoxwCfUuZbkdKiaJ2rhbDfmZtCTBgpVTWIRgQQEQIABgUCSEgWqwAKCRDujqTVZo3cKNIG +AJ4/mzQJuJLNnpUag+0UnUXLhMl84wCaAyOS7EFMBE27oQuONIzO7lNAlSiIRgQQEQIABgUC +SEm7cQAKCRCJLewKlE7D7G3EAKDGIWDn2ixfgsBj2v/6nGTRM5vvuACeMrINhxrZuti2zHpm +POMDQMnHR/CIRgQQEQIABgUCSFA35QAKCRC/UFt4iLb5X+xVAKCgCWu9MICiqTU3PTMtkanO +ZoYr9wCgoKFz+1fxvVATVRMOyul32MMTwtKIRgQQEQIABgUCSFaNcgAKCRByIfxbuoTZplh8 +AJwLAJLkP6kBFlEr8rShhwa3MgxMfwCfV6m8bFlDUYUGQaOSS05GaYrlBTWIRgQQEQIABgUC +SF6NjwAKCRAGTN/yNq4gDwLDAKCagt3WGinDp/OtDIBQq4hocdtxXwCgtlzfX4xDozhmUDjD +PU+jry9XR8yIRgQQEQIABgUCSGIoHQAKCRBnNrHJkt98ukhbAKCYiQPdgoSRIgQrWpFvzNXa +pYPJnQCff7UxKWBF5pVYPSN8/f+L9mc75I6IRgQQEQIABgUCSGSddAAKCRAmiuy2Xi1uqU4E +AJ0SX0BhPRnFlqzCKp+NkUO2OsRMAwCdEz3EzkBvd4UKPI8Y1BFos+qk/uiIRgQQEQIABgUC +SGkw9QAKCRDZNZrjBo9p3HqiAKDV5ITVNUc8dSEnM/xvYfHrON8RdQCaA2eplqZOIPfWd8cr +FxlHgA5ufxyIRgQQEQIABgUCSHGgggAKCRBzRI6XeY68vSIsAJ9wJxb3Et0MmSspnnaVwWOo +Cf+lZwCg3mG4OKECtcwcM53o955msBgwzZOIRgQQEQIABgUCSHNurQAKCRCBSq3FKzmMRRIV +AJ0YA+jYJZkIMx6mV0Zg44z9fypkZwCfcxfqd+BCEinayzKkGMmwEzFAT2mIRgQQEQIABgUC +SHR9TgAKCRChWkFplHwxkw3AAKCYZgPP+fUQKe3vZq1uVAPcW4BNhACgo8pTLUl1rsuIR8QA +p2SjWHbBrRKIRgQQEQIABgUCSHkEVAAKCRAO0sKhGzNmsA0NAKCOUfP8Lgg/AeWMdbGEY/tY +759M7gCfc+u5MPV9GNI6Sfp+j57DSRpXa8SIRgQQEQIABgUCSICm4gAKCRBQvhR5pq9GPjpa +AJ98TMQUvgFP2oFbMSDFMiS5W6SPaQCgj1tMhSXN2JsgJtMwmcp6NQyWNXyIRgQQEQIABgUC +SIHLUwAKCRCppQU1t9yxuIqEAJ4vVzXwbW0wxBUoBBE09kidWap3bgCfdIcEToPUszNCL6kh +VhF0Mx5fvKeIRgQQEQIABgUCSIXzFAAKCRCzbUfJE/+ZfgKKAJ4sf3xYVxZryn+kjcVBWrWO +nGoOFQCgh36QXaxkF9a2sXiQogp1bGY7QMiIRgQQEQIABgUCSI2s0QAKCRA8Vb5xSIgc2gbF +AJ44gZfGwfQLvgjThr/klyaBApRmBgCfXmDvhX6Cb/iWKjyedNHiYsRcHXiIRgQQEQIABgUC +SJATiQAKCRAvQmK/jsPKiI5LAJ9LRGygbboeSmb8Vf9Zu81N3DvUAwCgkyFsAL0WkVL1vDAY +TTCSQRWG/XWIRgQQEQIABgUCSJczGgAKCRDlRTr5DVW/ltfHAJ9ERC3Wbv4Xl5eQLduzjdDu +596sTwCglE/CrJg6VLolYFpFjueieJKX5cmIRgQQEQIABgUCSKQuvAAKCRCgg6j90ueREd7f +AJ9rkBjywWBZpnHNVvXXDcTLeusA3gCeN0qyerRPtxrJv9FsWCR8u7CWlGuIRgQQEQIABgUC +SKerpgAKCRCYF1q91FokTcvFAJ9WQzHUxIWb5wnK2V6LJPgKhoTjeQCgm7JcKdBey1/68kXd +3xC36v8zq76IRgQQEQIABgUCSKsA/AAKCRBj+ev2DHeCX5LmAKCJFCe85xwZm3cOfFV1CXyp +T5bOGACcCimGbmT9sfsPvRLkcb/Ax24jMYmIRgQQEQIABgUCSK4NhgAKCRAL/NxO3MpqZzP3 +AJ9oFzR6bNuARJ5AaJnjqbqycXZJSQCfQVR6AJ++yaXaYkNh428IqACRqPCIRgQQEQIABgUC +SLJn0gAKCRAmbVDNDCgxN0pqAJkBc+h4bgCS9jrTb4lqzk9i2BLC+ACeOSbDPBNbjFxEB7Bb +XTqdCNflEOGIRgQQEQIABgUCSLPaXgAKCRD6PRQ7LpMoYB1LAKCu+fUw22qlrFXk0FA3fPsA +q3xr9QCgoxPkzq6cE6txCEfKwUYOHCRX5CiIRgQQEQIABgUCSLsZUQAKCRDYWo04hZbRWHYT +AJ4wo+oSvs4fm5NoZZscUFRVqRRy6QCeJP6TdI/no7Ht2dEhIWEk2IQQ8tCIRgQQEQIABgUC +SL971wAKCRDcUppnp0ZIBqsXAJ9K4WTM/Q+EIT234YP/k/g+R7+dyACfTQqMHDmZaXygiko4 +U7Fu+e30s66IRgQQEQIABgUCSL+DHAAKCRB+qY2os4YjBfprAJ0S7d9hj2Kbaakd7rOE/Ygx +jAkvqACfRSFFd+Ij/q0zuggkO0GtmfW5JwuIRgQQEQIABgUCSMKlGwAKCRAceNZkRtZo3Ay6 +AKDHHVXTP/zjBWhQyo58kXh9BX3RcwCcDYZ7eUSoeG/jUItSGKlNStB6RYOIRgQQEQIABgUC +SMO1SwAKCRD62I9HePYET8QWAKC/nrrP64hdR39h6YIckUoi+sWiUQCfQ+5LITGKw+1bgCwa +LL74aVHGaV6IRgQQEQIABgUCSMO1YQAKCRCOqaSxfTY4XgWTAJ9Gf8bIHo/Yn01JvZBVzJ2n +nwVhkQCfY/ZRI0S0noOLm4UyJFlJaM6k+6SIRgQQEQIABgUCSMO1ewAKCRAnDmSPTmaV4xD0 +AJ4iszd+Bqc2/p+U+/ppGLUm2fv2/gCg/rqg1b1gqLg7xdjCnBFh2zCDciaIRgQQEQIABgUC +SMplOwAKCRAEtb81V3CDSjafAKDAzQcXwS/gemcCu0nAbRhaSsB1pwCgoYSdpaQGVFteTH90 +aAv+mdpGU6yIRgQQEQIABgUCSM05BAAKCRDaZW1GyAMK24R5AJ9sv3zKd8fj/S26IxHxg9BF +u8r7iACeLOiVSN+mRu3qfNhiedmrdgZqNz6IRgQQEQIABgUCSN5mBwAKCRDi9RekvOvww6cB +AJ4qyGTHV6muwWzzT2pF8FRhz7KJ2ACfRfsBdp7ox92LWSjzDd/KhVRuyniIRgQQEQIABgUC +SN+GhQAKCRCp2LrCXlMb4FJfAJ95mmjVtL859RTSsL72fK7TcUW1KACfdYh6pNbsQcn1E/sa +F7h3tL5DZTiIRgQQEQIABgUCSOP9PwAKCRDvA8aoNVvrgkLDAKCHB7HVzim7VUBzVDlsXfB2 +l5X6vwCfYBXukmsaN3MqY92hsuD145KiwBmIRgQQEQIABgUCSOTjrAAKCRDKhU2GCOPo1aDS +AJ9S5pxaZLdn9MaoReSiF4DIUs/zHwCgqQg1fJl8a1hzQNr1L8wZjxoFDb2IRgQQEQIABgUC +SOkQfwAKCRCEuNUUJWnTC2acAJ9mfa8EQebVqiYb4cTpNVPmW7Ch4ACfaVwgATYZhjc2RDHQ +N/eXAoOGzWaIRgQQEQIABgUCSPXQsAAKCRDUo5+bVENRMerbAKC7II2zqQoYk4G6CpFWxS4v +6/TQgACfat7QrNhNKCs47Rob2P6sj/v9hJWIRgQQEQIABgUCSPXaowAKCRAtFWRDisorhz2S +AJ9F67slOGQW8j28c93CJ/ChZL+QUACgnaBO761uueb+4hn9f5tmae/eS4aIRgQQEQIABgUC +SPj/rQAKCRAF4nB+5uB3Si1xAJ9GSMtxHzfa061h7Qvhs+4i3G2qswCgnZIvyzjrYXPx5Bwz +OB6pqy3AaxuIRgQQEQIABgUCSPmm6QAKCRCvinVEoGundX3OAJ9ycPZjan/i2Fcg5vV9kAH7 +MQhzuQCbBCAZ6Dl8PDv37m45yzCF1HfTQg6IRgQQEQIABgUCSQB3mQAKCRBHf2dXj3QbCoCR +AJ4l1Clrf1oUyMFSWgdCGQ+ngtGosgCfRLmIMZyVLOvqtS2pNn0SqDNGPXGIRgQQEQIABgUC +SQB56wAKCRCW+VvpQUxTqbYrAKC6FksW0wkSRrFXUK8E4dpRnrBHUgCgm2kKLN+DKNt+JmaL +PbuWZfpl456IRgQQEQIABgUCSQDL6wAKCRA1Eo/T1MEZgsT1AJ4jVHJP6SaT0GKjY6bkcYIB +n49+EgCfXOVGSQdSFtWCd8UKZESLoKTZQZeIRgQQEQIABgUCSQeeJgAKCRC9AskUulaydToR +AJ94a0KExlMs5FVOyMgzHjYCG/LjdACdG5OxNjcsBQBlmU1yTsRNXKFfnoGIRgQQEQIABgUC +SQgKswAKCRDVaTcxf/aEj70zAJ47s7NJxh0diolK0Eik3tOxBW2IUwCfUdF5O12GsvBTIA/2 +k637+n69t/yIRgQQEQIABgUCSQvbnwAKCRD0QlCdICHLUD00AJ9Q90TNAWg9S4yvQjEDvzHp +Om+Z5wCfWLfnwg4R5MvifCaQ0mHAv/bTJUSIRgQQEQIABgUCSRQ21AAKCRBTV1SVKk9i4Ftu +AJ9fLOtHRxNTcZOaYG4YpOA0vwI3fwCfRlPuB1cZbZAXo6Dptl89pt8tFKeIRgQQEQIABgUC +SSBDzQAKCRDT5k6sCRGLeuRVAKCRkdxOptkg+oLuSiruECHiXvnH7wCfSVxZxCrB9DsNFtyc +dBQF1vgDRw2IRgQQEQIABgUCSSUMfAAKCRAKEHeM/H9GIdIXAJ9WpYtYPT9vqvNRdlfTD2Sw +Yi4q+ACcDILKKYVZWJCg0hYJDT8/ZANT8/WIRgQQEQIABgUCSSWjkQAKCRASO6WxFvmo3N3M +AJ9Z3VXHhPsEOWlEEeyiGNRuRE/6KgCffRi6KT6lFmNWbCK7Jdz9pPQTu1aIRgQQEQIABgUC +SSkeEwAKCRAMBrjSEl6ZAl/jAJ4qquK3NHciTQpuzxOhLo5GwKCH6ACffGqjiYMGFFd9Ohos +Q1xqvrAF3sWIRgQQEQIABgUCSTAxkwAKCRClJ0IFSN85d5LEAKDIVljKvgIHylMpZsKBojyW +sgjbNQCg40YfrEFcQj+8bqiwgKV9Eq2+0uOIRgQQEQIABgUCSTmHQQAKCRBJ3UVrn/3eygdy +AJ9jJaGM/VYlKLBz0+PoVp1kbKXX5QCeOMDN9QsC6aBRosDUAoEPjV6EfRyIRgQQEQIABgUC +SUqJaQAKCRB8VXLnMxJ7CivOAJ967f/z0jo+h7v/WWf08yqiRLggIQCdGvVyrlQHwrvjAJbk +HT30Deexp7+IRgQQEQIABgUCSV7uhwAKCRC9LLcEM3deHprHAJ9WK132KSzHDT5A1IhRaSUh +QxX/FQCfe9Tum2CMJAqlVnmzY+HY1R9VKMWIRgQQEQIABgUCSWZ/VwAKCRDUqfDz5chOz0h/ +AKCsenDHlwvlYQLZspnhflTjmmWepgCeL2CH/XA1C0fNsiEcr0AEBRouvA6IRgQQEQIABgUC +SWZ/eQAKCRCbp3NU0sTocNVrAJ43Qe5l93L5ZHe0+ABoO4Mmu0myDwCcCmaeikI9qtJ/jWDm +E/B1wQaUBhOIRgQQEQIABgUCSXf+iQAKCRAcRJ8lR55UXiADAJ9VxBMCHBxW5gGRsEVpjJ/t +umv2zQCghE3MpNHc8wkPg9IoXMx3WwqEJI6IRgQQEQIABgUCSYqRAgAKCRDAqpSdtdMAxNCW +AKCPYXSqVIeYBw81yTvH76Fr2W5M4wCgmYW6AgwUQCdzzuUIvG2HZjWdkzSIRgQQEQIABgUC +SY4cVwAKCRCFsHU2yuurjUp2AKCLIgdw9u61xF9O3mUPR6RcrUBQ0ACfcNELHKTl0rX9TBbV +awICYoBpdRCIRgQQEQIABgUCSZFW7AAKCRAvlRUIquYCLvchAJ9SwxKPywIRZGgrBUEjIrSN +jp1iMgCdGXUI7XHmjZEBWRSb4bLClZuTX+OIRgQQEQIABgUCSaBgoQAKCRA2lLkuqwVyMV/X +AJ9WsZ3tszyL20rMU3c/D5v39o5/QgCgq7qZrrnv6qomI/oHZS6N4LrWpJKIRgQQEQIABgUC +SaGQvQAKCRDJHRbeUog33dlHAJ0RHvjIZKd1905trkDeohNSKlkGJwCbB+DugQtFl+QIY9x4 +6n5f89miMIKIRgQQEQIABgUCSaHGPAAKCRBgdgUcZomzkTDzAJ9tJG5E+9k7nR6V4DvxVzx3 +sZH+igCeK0CN0VINpSN4VHapAAoHIxtbCqeIRgQQEQIABgUCSadU+AAKCRAL84id3JoLoZEj +AKCbSlIRVCwdK7HWwXjKmVJZ3wCYSwCfQdIQ+JGUjkOKNUyOPE3LReGDM3OIRgQQEQIABgUC +SbAneAAKCRCPO/HY5ylMBApaAJ4uEi49befi7qvp7wtRt4jOK8h02ACfY6crmjY38g1CyLnD +TQQmF/8CYl+IRgQQEQIABgUCSbKIYAAKCRCWv7hCbz6FXJjDAJ0WR+Sy0q/i3RGDKwX3pcQr +rH8bLACdF5xzuTVwZGl5aCmfLG05IjpBYmGIRgQQEQIABgUCSb5jxQAKCRCJJ5vCvJAjDJ6p +AJsFsS5A7xNnqtnPtcEy50RlDogtsACdH89dPwH7uDIVoi3DOJeBB+M5vjiIRgQQEQIABgUC +Sb/r/wAKCRCsgAcID25iYNG8AJ9MdfD1kZ+6IISitA3bBTdS69GvUgCfcBTK9HEKvlEhHpDo +EAiSeQ63V9uIRgQQEQIABgUCScJcAwAKCRDZlL4/iyqV1pUVAJ9V7BSJcCXo1B8q1miEr4re +o797WQCg0o9ja9sr7pxPsG7PF6H3dnIzGSCIRgQQEQIABgUCScre6QAKCRBuKq+pEoD9NeD7 +AKCAW3P3/FdMaDEd4nrtd8a0Gl3muQCfS9BXieZEHpUAcKYmA7xKB4ZjWaCIRgQQEQIABgUC +Sc0cjAAKCRCMg5erhJH27zLYAJ9aijW8CMskFYpu5SzJRoL+nVhHLgCgs/evqfP4qtEVqvDG +K/KwOl4jwMuIRgQQEQIABgUCSc0/SwAKCRCtBedeAzOuNy7yAJ9uNJedcoZkxGDl87VRbd+W +3KqHcwCfW+pqy5i1uOCV2bCgSRnqN9kBh/GIRgQQEQIABgUCSde6iQAKCRA9Yh4vF0FMji2O +AJ0RlgMfx81xwyY3Ao2Wszcf7vTBrwCbBQwnUuC3/8ms7O2fan+kwCKZyYWIRgQQEQIABgUC +Sd9wOgAKCRCJPHRqviugZBiiAKC3gDwbYRoWJSEeRiESzHleOYzn5wCgj2dwUf60bE6Io6LI +MaX8IWKoyvKIRgQQEQIABgUCSd9z2wAKCRCJPHRqviugZOjnAKCRvO5N+vOWvjO95j8JnEEp +7RsS9wCgmzeRBwV6L9mKWp2gJqJgHUjzzgaIRgQQEQIABgUCSeHaZAAKCRBSmrKnA22Tl4lk +AJ0fRdkjKdHCfKvlT4y9az9klNm3PgCgtiDdxrLLNw6WRJpc21ypzyMJ38iIRgQQEQIABgUC +Sf8pIAAKCRCFwBFvut/x2jztAJwNSFVZuqwYv7cwcUhltKzhho+QIgCgj5I97kuhd34E1VR3 +EQbSytcm02yIRgQQEQIABgUCSgL9zgAKCRCZrcrsPPI/MojwAJ9MvebOoo+Bpdc2xT3wr4xE +W2J9FgCeJF44YkUYh0baLexAbooe4kN+tjaIRgQQEQIABgUCSgM6lgAKCRBYCWPPtEc17f+d +AJ9SwyZNy4AzYxS2jEpVPcQzaMGVewCeL21HVYDy8sBdcSGjMCjykzyi0yaIRgQQEQIABgUC +SgtPwwAKCRDdD2ITyyifPe+LAJwIQwZ11wzr33YME5G2GsGZ8OLf4QCgqZ4gyH1173TBwici +O+rWBz3RwWOIRgQQEQIABgUCSg1l2QAKCRCozVPHBNS6OULqAJ9eSYuMcGzD2+VsMJC/SImv +z3X0ygCgn3pzDqV//mP7R0JOsfSBOk7xtDeIRgQQEQIABgUCShYERgAKCRDv4Uxap37w7bLn +AJ4muh4w2crVkqgDRxG6zWtXCBpFHQCdHzPTNwPlWrPO4RcZfDsxPF/M9j6IRgQQEQIABgUC +ShwPSQAKCRBIoz6TxwZYYn4hAJ92NAktr6wUPDlWIbCK26QduhhC0ACcD6Mxs4eEgXpDYYLe +oWU5FkWhC92IRgQQEQIABgUCShwPhAAKCRAzs6n7A1MIYRtnAJ98mGAtJ6UpzLOhD9p2Mjoe +N6wS3gCgnvGdWsqMBOyimeFYVzTO5H59812IRgQQEQIABgUCSh0YLgAKCRCSNZmBoz+GIoFt +AKCkayPrXhGffxxPv96Xk2HyHIy0JgCffGztzcQQ/TStCcc1A6pXiDYZi/SIRgQQEQIABgUC +Sh8RoQAKCRB4jYJH3AOXWyLGAKCas0Evl2DQKoRALwxBh6CLwo+J0wCfb/etRChLa+D5nhCB +BNxfLMeoageIRgQQEQIABgUCSifE1gAKCRCoE0mnftVz0016AJ9s9TB78IfZLtb1stQx1oII +EGCPbgCglGwSno+vywxlTCLbD+ialHf4+SSIRgQQEQIABgUCSilEMAAKCRCba5QPb/IgtH1K +AJ4lTLsoFx7QOARmMepVrRjIDhReSgCfSkZsUHdtT66WwBF6DFJBt0+1TMOIRgQQEQIABgUC +SmkQVgAKCRC0nbuC6xXGFwYNAJsEU7gHlgOgouB2BCfeFYr/pmkl2gCeJH131egdMugrYE9b +gSRkxqYu0vaIRgQQEQIABgUCSmnkMgAKCRC9StKJliktfCGyAJ9wSOvaY78ZUlnecXyBeR3g +Y128RwCdF4Uy+JH4FUIYGwlSoZANyTBZqA6IRgQQEQIABgUCSnStdAAKCRD3GdvV5LjEafVx +AJ0SZRlQJnGzAmC1O/UZZmlc6UNHygCdEL/CofrazNhKbGFncP8Kx3gDq66IRgQQEQIABgUC +So6rGAAKCRA1z6aVcnkr8quTAKDZojlgkEl2aXkkSkhLmKPG4H3qrwCghShC9CYO3mp1/PAB +Uvu2dXL3KTSIRgQQEQIABgUCSpE/FQAKCRD8sg1iw662VCmVAKCjUMVz+H6DJ1Eg7OH2WH33 +jARQAACghyaeLFZD50LmqI2JEMR9FzrEn7SIRgQQEQIABgUCSpUocwAKCRAu8uiKw5koIC1L +AJ9FbHckpPZNfMj6B8QM510NAPKzZwCgn96y0DObFyeJ+gn4D0MhWH8ndgaIRgQQEQIABgUC +SpmMcwAKCRC1owHfDUmEzs2ZAJ4ulXC+QebDgnr35JKB7d7k+sC1twCfTt79+Rr2metLZ5vf +LhJ91RDQx9GIRgQQEQIABgUCSps3LQAKCRB/v6Lc9fTDcSD2AJ4tnoa2azofnA73XAF23by6 +AhrHhQCeKBOYnsLJ1BrX28v6vknvTIWbSlGIRgQQEQIABgUCSps3rAAKCRA1BQF6zuQfArPZ +AJ9uuajZJcW+6ri7sU323Cwguxe52QCfT7MU5upDbnYxCXRlcwr8swhyTnOIRgQQEQIABgUC +Srfm/gAKCRDPEXTDqniQoTaPAJ96QMr96KgjI9CTByS/yxDGIyjrjACgmRA/Wx6zTENPM8z5 +2BQdnnNA3DOIRgQQEQIABgUCSr29xQAKCRCJR0h0MuSr+KRQAJ98dKsekV9lHvB+ol1tBl0i +u1G81gCg3Z0hCdfX+YWsid0yaEGmeXKfPm6IRgQQEQIABgUCSsWwOAAKCRCDNdEtf+OBkoUV +AKCfo4E9rLWVuYrn72nYPUnvJI9cCQCfSKgAEm3u8or+f2yyjvzSkRw70dqIRgQQEQIABgUC +SsvsgQAKCRDsoP6S8XEptO9EAKDWQvrLcY5UpWKHq/HK2prpq3UWnQCdFaH/ljEDW6MHZkoj +22v6BDYEOiaIRgQQEQIABgUCStkHQgAKCRCPlZOkxBjm7IW7AJ43UJ66xaV2NhGieguIHt2a +OYinjACfSJ/LJDbaMlBzuQ/aXjV/r3sJHOiIRgQQEQIABgUCSuYJUwAKCRB7BxsgooJT8Bqc +AJ45vomaefuxxf5yUAg1syY2uFOo/ACgglxl6lfD0s+Air+7eNAhWZI4eIGIRgQQEQIABgUC +SuomywAKCRAx3nc9jcxMLw9XAJ0XOffgMT1G94UrMbeFJBEqQbSptQCfZDfsDmBU+cpmN6lt +H9dsZLjYlgCIRgQQEQIABgUCSu+BrQAKCRDSxkTWNySKm3yhAJ4pF9jP1vWDqgh0ZSKUMnOU +mLXWYACeIfBBKzDfTIK4/9g2nfHdCKJLA9iIRgQQEQIABgUCSvGBxwAKCRDh3Kvuzo9FiGLO +AJ4uCDZZXLNqgQ65I+CUkWynaLHyMwCfYdLvIPU0TGXLnY3q0JJVdD99Xk6IRgQQEQIABgUC +SvLDggAKCRCDj+NzX5awHBl5AKCpYHRzcqDMw09rqOT6mGAKBerzmgCg0ixkol07wfFM5lm9 +dUX5FCDA60uIRgQQEQIABgUCSwBYywAKCRBurMuGsjMsFk5iAJ48UYVuLZUgIVWBPgBDapjG +GV7wcgCdHA4Ri0US22vc3h9bn7jKfHtFVZmIRgQQEQIABgUCSwGjrwAKCRAdjR5tkYdjl4Gc +AKDWIzVX9BdhpbNH5MZFHJQoPDzqQwCdFxHw8NIKboOxEeA3NbAXXCLfq8CIRgQQEQIABgUC +SwTLZQAKCRBUTP+NzdEeYEjtAKCPAl8qHBS3rqzGAmYUOLND7cW4lQCghX6AxRfyC3/yIBp4 +XeJpll+dIbSIRgQQEQIABgUCSw/AKQAKCRBbbNwlk3KTR6H1AJ4h10Wvu6BdIlnfT2TDg4eY +pDhxMgCgxp1ajijM1OhSuuZCQnQmXbPBZkCIRgQQEQIABgUCSyUfIgAKCRDWZa1/papvugKU +AJ9Xz+dx1RC7afEI84WRZCDAgzsbyQCgx1I/wfnWvB3euB4eCxCZAT8MivyIRgQQEQIABgUC +SzzMPwAKCRCxaXtpO76WmVkKAJ9ZtJg36lHaNxU/ShMicI4xd39tUgCgkPEo81eP2BYjli6m +kmIUP5XnFsOIRgQQEQIABgUCS0zFfwAKCRBQN6GrSytJ1iNdAKC0FTKzwgK/OAL+M0kJAXPP +3CCs8wCgxZ9hv9EYGpB4wIdE3O/9AEnnX3KIRgQQEQIABgUCS1ARUAAKCRB9zafgLjJlGI5k +AJ94K9X3BMYp0qIUGSgkhqMvdeNU4ACfYAt3V3XpB6jAkwtHk1VqGy1oW3eIRgQQEQIABgUC +S1csAwAKCRDAFo1n+5pvCkXJAJ9QF12roQcQJtTFQ/kWuyDasrI1MwCfeEUmmhhIgcybW/sy +sDKTYkadqbKIRgQQEQIABgUCS2nPSgAKCRB0ZhgG+I+cVefWAJ4/jI4TnIkPUoTIPUDmNUL1 +Bk29UgCfZ7rkAjitZ9GyzSJGWt+e1JG+peOIRgQQEQIABgUCS3AAegAKCRDj5Ahx3V8nKo8H +AKCBnj9evmSvhh0f3e1v2y9MSqErTwCfdLYQSNaY6XGC3NYJkkO8y23xHI6IRgQQEQIABgUC +S3+1JQAKCRAbcQ+YkZofvzWKAJ9by2buqtiBW9R70Ft5/aj8nwvj5wCgt4xR0PjG4Y04OUWZ +WyX0J9TMwA2IRgQQEQIABgUCS4WwBAAKCRBw7focv53HMt++AKCT1C8zLmQxNqyeG4WTylfj +EI1iWQCeIw9Lau+Q4eisGt3c0ZteatUGp/eIRgQQEQIABgUCS6eTlQAKCRCFh2jGCBawZ0UA +AJ9Ahil+fYNta1FwtKrkgmRGmMUeAQCfUfk2IghWAobswGLUtkNkKbQSMzCIRgQQEQIABgUC +S6kwNwAKCRDLlpLTIF0MNQqdAJ4o7LDTIfmuE1k8X3BB3Be3ZNJ0JACePYwMnVcPK/tNguu6 +8X95sT/+5LGIRgQQEQIABgUCS7GOEwAKCRA6vrqRVoTP1jVDAKCtL014C4L8qJM5oG8+kE03 +uhVS0wCdHqmNU0uLbz6Lmm5LKqt5LIrgu6OIRgQQEQIABgUCS8+5tQAKCRBF9eAFqSn/w5JV +AJ0XDlvHOHJu1zUWuIbSYmJgbZH+9gCdHS6pWGbFF6JbV7pWVYZDq4SBcqaIRgQQEQIABgUC +S+e2igAKCRC9Sv+HA9UQGgVcAJ9IcKuHqNwqCtCoIxOn8RT3mGhvYQCfSsrrBmHuyNonlJ4U +K0bj/0WA6fKIRgQQEQIABgUCS+w6QgAKCRAYu5jFYoSc3sxoAJ948ZbV3d4HFi3W8mCpHcwJ +unodzQCfWZCXbSDO8/FmbVrEUTaWfiI/ydeIRgQQEQIABgUCTA+4LgAKCRDyZSDs7G8nnSEX +AKCGbWNiyvBsoAh1UgmvqMRa69u7xwCdESY1AP8FCqwjqfRFhMEkydoGxbSIRgQQEQIABgUC +TBfJkgAKCRA2jOhvzwQQKJmIAJ4rUHwOpg3ldOgJixC5wSvuuD+SEQCePYHmX05y4CJpKx6c +HmboX4xAi2WIRgQQEQIABgUCTCOfpAAKCRDPqroTADP0ERBpAJ9So/BsZgBbtjUVYbVuQ5yg +k/gFAQCfVNrDNWDqYhgJSRI/FMpP8ugvVrSIRgQQEQIABgUCTFwwswAKCRBOeimE6Auef0bN +AJ40VYGK13WYr3CKWearutBh2jjsSQCfSoHZ8+YFPirYiUiHsJ8jnfmkr1eIRgQQEQIABgUC +TGJtuAAKCRDOWGOYqFK6rFy2AKCS303K4dK68xb4CcIIr9eKs9bt7wCbBkJEf1r+w4rSwp6T +0DiCNZrskQ+IRgQQEQIABgUCTG1XggAKCRDxNkThBcMBO/bUAJ9JCpwsw57WjVUTvx4X0/9k +Tau0ywCgwXP4GoYaXkm0ltKrKLT7ajiqiUWIRgQQEQIABgUCTIZyFgAKCRApO058YQ7aO+tp +AJwMRUMcw0KQFdhBLyqB4KoAg2MsJACeJeV1k0Yff0Nsf3oVjIZ+A6YBD9uIRgQQEQIABgUC +TLiXoQAKCRBznRzHVDWXK8Y3AJ4yduUz0+6rnPz+m4WuadkDVYRmRACfRdCXDL5JrMgiHuNj +Rp3kIukN3hCIRgQQEQIABgUCTMBzSAAKCRDoJFuJIkTtqV66AJsED1ajhYsLBQ0U8J60yGPM +eIr+EACdFRhcw7pb/INtb0wb/ZM50bf0IhOIRgQQEQIABgUCTMJVwAAKCRAHV+VqctOE04M9 +AKC4qVS1YQFaN5Kqb09xrUhbF6nm5wCfXYZDX26vJztu1kPXbERxKIcjxwyIRgQQEQIABgUC +TM3aFQAKCRAjbXwSh1DSK3ejAKCq+bDiw4MI3WO5MA7Fz2zTEJB8iwCdEJCGvBEM1wTN/JuQ +uozOEFv25CKIRgQQEQIABgUCTNKQpgAKCRAMP31GC/Z5X97JAJ0RUFXe3Z0Sknaw813jFSDI +Mz50kQCdGvCC/eRtFcMqSh77GdVZoOA/dSCIRgQQEQIABgUCTOuD2wAKCRB+7KhJ/tYFYJvO +AKDNfVJOmyeZVduH3kH3uHoLmcUVrACeOZShTEDFybsRpe95vxdbL2ds0GCIRgQQEQIABgUC +TRSIEAAKCRC4qE+JiHTAVowgAJoCzLHagsXySyIVBLX+HdenNGgf2ACdFc4gk0ydRZi4CRpk +O+q/mrluTdeIRgQQEQIABgUCTRps2wAKCRD1bQbv5Y0GhfnPAJ0QkctpLGIiHuhdM61/bsbV +VGonSQCgiPHIg/gZCZJuxl9vDhYDUeVEJiyIRgQQEQIABgUCTS0MuAAKCRA/HFxG/g472qzM +AJ9t4TCTaCnmGUG76Z8zPDYi98CWKwCfTLRMvbPu1EMnJrXc/KmiW7aZP0SIRgQQEQIABgUC +TS18BgAKCRC5rzkaI6Vn4irMAKCOGLh8Zxxx0/Wtj3mYfn2MQsqoQwCfVgX1Q227mqzhLVbq +mvQQWr/k2XWIRgQQEQIABgUCTZH4fQAKCRCsDsNShYIcQimaAJ9p0eIQvv668zxx3jdELcQE +hVQA5QCglwz8nrHPGq9ZqZLsldrFyHjyzkaIRgQQEQIABgUCTbPVTgAKCRBnpz+Ub+7arCuu +AJkBZCZRHW+Nc0r/aEit6cLIm+nM0gCff5Q++9NKcr/JtO69waIetzHOy0+IRgQQEQIABgUC +TdLfYwAKCRApunLlKcqiFGfPAJ49QomFtQ5Rb9T0H4vn9TtWSgkYJwCguVo4ZevV1b+ZYlH2 +4+qPaSwMNS+IRgQQEQIABgUCTd5cdAAKCRDLjqKdynQX/yJFAJ9xKmXeo6LdeleHU8QIi/N7 +uiqrpACeMm4D+gXvyo5gcWnFLZvtqpZPZ8SIRgQQEQIABgUCTiBUnAAKCRBFKRMPSMPEogBg +AKCFED//29wcvTIiKV2KEsaYQPmGAACeNGqu57snjdWYuQqM6rbh7m/1t36IRgQQEQIABgUC +TkHnUwAKCRCnZB4us8nuColOAKCSsDtTCG9UVR4x4gsk3GdqJAqkGACgon0lhnpKmseKIhq0 +R2s2tazedu+IRgQQEQIABgUCTlZf6wAKCRDngINoQDSsHXHsAKCEvGVAMxEbRu5YXErUAuHH +vEIsxACglaBINV7erLFuTnmMGldD0V0BiOqIRgQQEQIABgUCTm7TYgAKCRAi7uBIgIYGDxeF +AJ0SVah36QIh9dQTHfTeHkZl4dmkRACgiWeUvQ9oCIlLeQ6yS/kuw3W/IbyIRgQQEQIABgUC +ToMpjAAKCRBB5sqpdQeVWAswAJ9toVWYL7p6In5XlJuJbWJDtMRy3ACfdFyBnqkuYqU+DEUZ +0LIIH8/hPqKIRgQQEQIABgUCTpd5/QAKCRBjowuaDvHkEDnKAJ9mBLGurQiz5VEDZQh20wvE +a4YXqACgjz4IYj1j3yMj3/t4XExEb3+4qMeIRgQQEQIABgUCTsDOkgAKCRB9lBA/FSIP5YZE +AJwIQQoAsNdC59IaJgIclNYY98LBUACfQASTaOBY9uWPJQnyS9WpJAlwJ+uIRgQQEQIABgUC +TvdPoAAKCRBDvJlIlBhbucAoAJ9NysPAkEeB/bET2xeO+mkg3Ma8qwCgvvkmO9SnTX+8FqyA +TkQq84bnlKCIRgQQEQIABgUCTx8RyAAKCRC+bzHLTzIVMr74AJ9SgcSCRINzzWAxRaVtohpF +PVAT6ACfV3GziJddcTSBEwc7vy9ko5h/EK2IRgQQEQIABgUCT2CssQAKCRADYeMpq1qeHre0 +AJ0RCE1siCcSTSKjhtq4wB+Vt9h/pwCeKxXm2RFIIcIjAsoyCKF47xvaB6yIRgQQEQIABgUC +T8BQYwAKCRCDYam3xVMJq27fAKCuC5rIm1tp5voWSvJo9SXdcE3rswCcDxa0C1nA3554cLPA +t6dcDBF6r9iIRgQQEQIABgUCT8klWwAKCRBvD1nNC/0yU2VHAKDdtu98Lxxj2k5Hw5vIyAtg +WwlWPgCggobQPTaLi23JA8O7diKvEfEhD6iIRgQQEQIABgUCUASfuwAKCRCEcEE9eyFfL2j5 +AJ920xcuhUJw2wi7v/4HZnL5mvRtVwCdFPqKZQ7Ncwh3Jud+ZUqp9B6s7TmIRgQQEQIABgUC +UIXkigAKCRDYeU4T4ZWNkr8CAJ4kJ20fxpPp2iMdRdgvzT40X/4eKgCgvMZa63kPc5ixk05k +jWORGpArZWOIRgQQEQIABgUCUIfjDAAKCRAUx61xhcYEFMbzAJoDvN984NfV/iRrBWVKVHo4 +zVBpxACfZBCtcABEmqe5amLhJMJWhXykWl+IRgQQEQIABgUCUJzvVAAKCRANZyUcxtrwDkWj +AJ9jKheqh+n+zUiVS+cQ0d7jocnsoQCfe9gTTNu/nykkfs+28gn7yNfd35GIRgQQEQIABgUC +ULKOWgAKCRCsbuSVpUW3wr+wAKCOPsG4RdnCk67E19M5OkKHf0IIAQCfTCbfTUE8cN0FnILh +lBBAXDMkfCKIRgQQEQIABgUCUNr/DgAKCRBfB+ZZ38zhokXGAJ9kM6fcYQrIyeuF2WC4jjLq +C13vSgCbBv1Uyi37GW/1TwITv5+3ANkPs7CIRgQQEQIABgUCURbA9QAKCRC+PAOlwUvM9Zsx +AJkBxxLC5Sd6GbG/6POZdYRXB4wDZwCg+C6iqa1IvY4Xnb6G84eCOSqdCJOIRgQQEQIABgUC +UVDDNQAKCRDfz4dFsbIwob4TAJ476U4emGfA9u5nWWlcGSMXD7C0LwCeJgWFCvBVl763rwW/ +P6IO9zLuF/KIRgQQEQIABgUCUZ4RXQAKCRC0j4qbeLOef4qIAJ4jqc68CSlPQGsyrB0/C+Yq +T+xTwQCfcvwHrHIcHsqBg3BrQmcbpGujDUCIRgQQEQIABgUCUaRpyQAKCRAAbBOmjiXTt9AN +AJ9zfFg/q/tetqBUNMHGvXijOJITGwCgg+uKUfyFR5SM+JhPeUauxOGR8fmIRgQQEQIABgUC +UdGcmwAKCRA8AJ5rEge/ujQ0AKC+HaTj3U9+HIp6PSiVOw99IRNBkACeMwDJXSBJUUXAvdnO +JwkLFtXuLgeIRgQQEQIABgUCUd2sSQAKCRCPhqt4UUEodpl/AJ9xWUvdFP1iIaX2oZQIEpha +P1UnPgCaA/FizKCf6vM01mw7l5H3cplIDqmIRgQQEQgABgUCSnjgegAKCRDFNh/fmye4Mu3V +AJ421r8XLXpzQaSu6rmN9eeT0ilmkwCcDQfRspHUxTLvBTG8Uiap3NvNNyGIRgQQEQgABgUC +TId53QAKCRCNY3NgAio5s3HhAKDEdMF5lkgw0gteHyY0vYQoeR4K0QCfdCEwENVkuyAGQNPo +vLkYbFLxDmyIRgQREQIABgUCQbf4SwAKCRCgmk+O5ahFcI3aAKCm1p5PEARFuTjYu/G16AbW +jvlgZQCgviIN+GUgla4HFgN8cMVgh/59arGIRgQREQIABgUCQbmYQwAKCRB7OOehsU6Csdod +AJ95JuWOIO9B9/ILpq9AmHaBo4RmWQCguPysgLjMA13di4RYXZVQK0o+G2KIRgQREQIABgUC +Qbo3EAAKCRBN76M+eBZV3WyvAJwK7kPs92K3FrUZApgproto1aYzPACgtJ9KmND/iVFJX/NZ +Wp3s9iQx+7iIRgQREQIABgUCQcEeIgAKCRCMpSO2gmhWaasbAKDZosf92Gb/w77DW7hr08OS +1qyr8wCgj0s4RO/Sa5fthWx1qKA2VeqYDQSIRgQREQIABgUCQcEmPwAKCRBoZ8UUuFtdaTwy +AJ9J4ql++IEmj9yU1gE74gaaSC1PsQCfbHpyVQ+oUbLjlpYFsqL/yfb+MBqIRgQREQIABgUC +QcIbHQAKCRC7sc7DRDrqgRNKAKC4xXr3CZdzrZ+IO1ZTr994C1FC5gCfUKz5AdDs7CToqacC +QCvqu3udA8mIRgQREQIABgUCQcKXDgAKCRA1vDC+jf0N430xAJ98Dy24sZz1VJWIkuyW8CrY +cUAg5QCgnrWfj6E7LONgYI12StDg+uRutqqIRgQREQIABgUCQd0NygAKCRCkyibMwJxWpSPQ +AKDVAdo8SMfI2Fovv/yqAzV4var3CwCfTJPZvvUnlo8eNP81MJo3EUItyNiIRgQREQIABgUC +QhjYvQAKCRBu3dIH/MUED5lDAJ9jrp+HWU9CeHOAluXekAQMAm7GhwCeKfS3t0cFvarpyidP +klJo6HPDV6OIRgQREQIABgUCQjiaaAAKCRAVTXqsXFtbCRpsAJ42EOYDY6T3Jj33xsv4ymAK +hrBtGwCfR6UT+QBjtgMc2y0sUhtRZqIyfsmIRgQREQIABgUCQmaEcwAKCRBwx7uW7xB7bg04 +AJ9k+v8UdkkinC0UTFh7va/Bhu4TUgCfTWKPxPhu5u5m+0gDpXJhrmg1irSIRgQREQIABgUC +QsEawgAKCRD6PUrqM5LIpXwWAJ9d/9WZ/1nWhoAlqfqxO5saUGRo1gCcCOpiFMU0Sn2GN24j +rQpUISiv2f+IRgQREQIABgUCQuJWxAAKCRBYaqZOptuKSrX8AJ9NX9kKiIIpj9dlDC6Vtfzf +VCDRWQCcDLksK0CTXTkZ9h8wMVdW/aHGTBaIRgQREQIABgUCQuuyXwAKCRAZjvY1zRF6try1 +AKDOo29HgqIdXh8MyYb1kbRnZ6FshQCdHo6n1gswxkYyLW0zdarfr68WenaIRgQREQIABgUC +RAeS1gAKCRBWDQhh7n3HThs7AJ0Y0KqYFR5zFJlHg83sD9Lu5JOSMwCgqva9fCQqLovRDxll +J/KRbUiYP+GIRgQREQIABgUCRAeTEwAKCRDKcp1iYD1PVH8CAJ4njGfatYqklxEs7O/co9Ey +5AhHmACdFEciOrhppVSdE7eZWsCy5o4vtO2IRgQREQIABgUCRKJetgAKCRCmXq+3/nXTT6+/ +AJ0Yl3lf1mfnH4gimLRjIM2G9NkMyACePmEnAl6x3aS9d0aGPQETB5qW36OIRgQREQIABgUC +RWtPCwAKCRABD2xgeFWcPaJ+AKCmbY0ZT6JcIDEEPBwChH2k73cw7ACbBNpvMMMDoIYLDRKT +cNYy/YLQ29mIRgQREQIABgUCR+1clgAKCRAU5VR05MLq1nzTAJ4unlQSxDsTmgO+x3eUmAyZ +pX/g2QCcDxq02+imt86Bst3GoU2t/wjNQTaIRgQREQIABgUCSXxKyQAKCRDLHVJJguD/Mupd +AKDA7g36T2adA00Sa1PTQI7N6bXdOQCfUF80snVacr4OEHp8ZxAMzFJkr4+IRgQREQIABgUC +SquEAAAKCRA8JNO0N91OUMMgAJ0bHPpSwGjgFxWh/H0iPnc7zgzL+gCfTaMVfqcy8AMqhIRh +7fX1uF24reGIRgQSEQIABgUCQbihPQAKCRAgLtQ00Sjntp09AJ9KzKcOxb5v+ipH9WlQotiO +Vvq2vQCfW2hxwgs2yj6jMVzibBOrJmqZ8G6IRgQSEQIABgUCQbivBwAKCRBKC9+lVuyYAnVT +AJ4xXrgg3tbbdi86TfMk6W+Nqzlt6QCfUd8EVrtZ09KpULpb6sofa7lch0qIRgQSEQIABgUC +QbjX2AAKCRBz3mmMxxQFordAAKC3Hk5CVEGnxfVmIVecqh/MbI4YrACfaQ/NWLwyjP5vNzyC +ANXRla5TPtuIRgQSEQIABgUCQbjZvQAKCRCSQClzI/xv6FYZAKDLTqDCa9yhF7VDo6te76nt +y4f4/wCfSBrMYj0WInUYQq7bdCOLK4MNlqeIRgQSEQIABgUCQbjmrAAKCRA8ePtFkXrFQpql +AJ0ZKkeEOUiSf7aY+ByLVseCZ5ldNQCghGRXsw1Hc67ov7e6XPCS/A5xQCyIRgQSEQIABgUC +QbkE8wAKCRC6UZzNhPfoFpl6AJ94elxWuX7a2WIZ5YoNwuvnfjBEkACfei/H+KCcoQJFAToz +uOuh/8wny+mIRgQSEQIABgUCQbk87wAKCRBwN3EiHjJ5zFwSAJ4zYcMBdIXgpxvsSV5n7ZLf +0B07bACfQVwFaa9ueBgORAi4nOK7TmArRvuIRgQSEQIABgUCQbnfXAAKCRB2T+fDdkI3lwQ1 +AJ9JZJSPzwT1vTLqOYeF3cbv0NflUACfanKTOXcNg1U2mMw0dL/JMXOrGhKIRgQSEQIABgUC +QbqwegAKCRBSVUjqL3oEGnz3AJ97ri4/ARIfq9hVS7HjK+aH7iHNYACfZrpoT3iwMrQBSdrE +osq7JcR6ULmIRgQSEQIABgUCQbxE7gAKCRAINMpFskIXmTDEAJ9Oyy6zchAeKWUJ45k9M6JB +eaRruQCgrA7Q7V38OymfyjrxJ3/FobaHmuSIRgQSEQIABgUCQbzMBgAKCRAbYDT0drefICEj +AJ4yAXz1xRk7RiWkxlaBS8vuF80C9gCfSTRYpXuqhvrXcWXZvIl6wxlFNXmIRgQSEQIABgUC +Qb2OUQAKCRDd00q/ZBM43rIHAJ9fHasLVnVBOntuIH72l1m8rbZjpACgnqZlwHHHZVjEAeLL +9CtiDt23lx6IRgQSEQIABgUCQcDAfgAKCRB/qnWdYnoiAszHAJ9IaliYnC7VYWUVYMYk0h7G +U5KVRACfYadwq+V/WYO3onGvWVo7ebuR0zGIRgQSEQIABgUCQcDmTwAKCRBE4H/CU1ZMNsGv +AJ4iTDGLDjAktqmYDKYtmec9g7P/IwCg5IJySOARZKhsqkZxjKHlxsxfQRCIRgQSEQIABgUC +QcEhuAAKCRD7MaQQPCfxRo30AJ0aPpdkI91Nrk1WJ28NW7CRDr2CZgCferE1XjmamRJq/z1g +hBYE6yfaJXqIRgQSEQIABgUCQcGsEgAKCRDxh6PuhbM8sNDdAJ9SAqz6V94+IgfB4I1Qz5Qc +GNElwQCfXjOM9SP2LKcBvYtD4ojREYZBB9CIRgQSEQIABgUCQcH6MgAKCRCXJwKVh2m8CU1v +AJ9lpph8UcIpAlr9RJSnjW8S3YucdACfTv1bfnXTn4bjPGMWPvb2N64U7ZCIRgQSEQIABgUC +QcIJBQAKCRBPl64VrjqEei+7AJwJDblO/3XBCYYgsFmFhvWK7aKUpwCffoB0mpFJ3KmKMKbp +zAJQ87BzY56IRgQSEQIABgUCQcKAlQAKCRBDUTj2HkocBeJPAJ48ofEqQrzSOLlepUCEWRs7 +22ZwGQCeOsoQicmIQnVRtZi+Mm3rhTD/kyuIRgQSEQIABgUCQcLpZQAKCRAJqHka6btaDMgM +AKDD6vjMVQ7Pmr9VZ2tQX0GHFhG8KACfct/i9nmueKtvMmUlIqVTp996SMuIRgQSEQIABgUC +QcNDGQAKCRBlL0JlOLTfeWQUAKCewSdXqbHFVcyowiC4qysslcD55wCgqxqMVo6lVRA3B3N1 +RdsnTcauwSyIRgQSEQIABgUCQcNDNAAKCRBnCz6r1liODkYoAJwM9rrAe5Uo5ev9Q/EeXK5T +nrZH6ACfSVTRc6Oy4YvuTrzRAeWQwtkU9jaIRgQSEQIABgUCQcQ62wAKCRAC2SvqBxxfJeyM +AJ42S0JB901xJGbk7pINUU3wJibD6QCfabdpbklBmhs7pEctec3//q982QuIRgQSEQIABgUC +QceGmgAKCRAWdTUyxs5mkEamAKCpoTugsS98fZDp15198rAocH9xWACgi1otBmBgmD+rV2Pg +Bu6CzBfgog+IRgQSEQIABgUCQcsbFAAKCRDGz6amEstd6CqhAKCqUHpCXzNWnRv9yRwePGo+ +SUvibgCeIUqkqM/nAJ7aex4J6xd0Zu4hja6IRgQSEQIABgUCQemPHQAKCRAbk3BGrFnJeveb +AJ9IxQ1FCd+0kMDq7KhpkZaMI07unACdHqVlfOfa+LMzqhp47uouHO1WES2IRgQSEQIABgUC +QevtAAAKCRAY8eZ2IgXmf8DaAJ0ZowR6lolhVr+kYyMNQR/sthR9CACgtxmgMZjln945Sjzi +ED8WP8z+xKqIRgQSEQIABgUCQfRBLQAKCRCS3gwFaJf4DbEmAJ0c8ZytoYR9wpeSuLZJeeHZ +Kwtz+QCfS2kyvanE5uuhGKkxZ4Znx9H0AIaIRgQSEQIABgUCQhKB9wAKCRBth5YubiYaq7tY +AKCnDMK3NYLWYtPDCezqVqIwQq9xHwCfSFI/Nk3P6D/dnD0O/hSryXBd1luIRgQSEQIABgUC +QirhvwAKCRA7LlydwpXb5V13AJ9LMcm8EUhscEm5n2aIIZTvsiV6eACfbXYgxQPy/ZJp6In/ +h5DbHysXO02IRgQSEQIABgUCQjB8VQAKCRBdCT1M5hHMNZwAAJ91uz3PIsEbHEHfuh758YGs +AHdq6ACfaZT2CCeE1BS6pXiRw3rq+PpUmVOIRgQSEQIABgUCQlHTxwAKCRAoNJPNxTeVTMp4 +AJ9JHzqCBURGqY15rHOytrrW3yjLbACfbF6lVvBQVZ+BaKkxKi43tZxxd7GIRgQSEQIABgUC +QmTDZwAKCRCLggu3ZwB8MEmoAKCLS8429+XwKMI4tJj58OQigALXmQCdG9kbFrpbrVg3j7/L +bmQcDZxxlmCIRgQSEQIABgUCQmYFeAAKCRAS0djz44y9TPdEAJsGWH/1amKF12RuF+npZr/E +hpphgACeJBagVpKginXs4QK778LiVMJZlniIRgQSEQIABgUCQmkdOgAKCRBFNnn5gnVv5kU1 +AJ92zVqOtpqKv3sR9ealhsnQZh8k0ACggZDPQNCgkAo1cZAuAd4LyFylmKiIRgQSEQIABgUC +Qp3vCAAKCRDBMcYOdDbrOMiPAJ4tJfA9Q5SuAlvgj+kcFLsPlyABQwCeORXKyZW5job/+V04 +r9Awh8rd2muIRgQSEQIABgUCQrYQTwAKCRDfdreMaQtOB+/AAKClMRgvk9nTrVOK4zK355A8 +kNRF3ACgxI1t6pcr2JgJt4kLt6ZRF2KknLGIRgQSEQIABgUCQr1tKAAKCRD8T0mOb54EnQZ8 +AJ44kLEx/lJuP/cmny8PpYotTfurHACeMH4j9vHWbi5XtfTdr9gzxVgIhN2IRgQSEQIABgUC +QuuymwAKCRBeOObudi2EyxVWAKCaC1bjvQrrHSMox0TUswLUyLpeLQCgxMoIKfxy8cQ43MSW +X/50Foyo5E+IRgQSEQIABgUCQxaIywAKCRA4yJ4nXonbF03eAJ0cxIHlU2RSPJsoeSNB2v8R +c9rd9wCgrLjJxfciPc57R0OnjbuuOfnu2MmIRgQSEQIABgUCQylAXwAKCRBWDQhh7n3HTvt4 +AJ930lsF/VJWSbZTLbGGCJB5IlQfZgCdFUcxXawUj0AlvE7d6iK+RsyJlZ+IRgQSEQIABgUC +Q1zq+QAKCRDNQ9GeNuAT3d68AJ4tHinE891yisTFC1g3CkWbsY9ZEQCgmVjFbQSbg7jtMO7S +nHJLBa3PQ2+IRgQSEQIABgUCQ26oeAAKCRCTvmWmviXV1iWMAJ9k+8L58oPV5FiuKa5ISHl0 +jvQWDACghhot3mMH2B2b1rIqJJB2GhsPtpaIRgQSEQIABgUCQ5V5UQAKCRCdgXSxG8CifVD2 +AKCXuIfwZHG69gzXxHvB+FqJK/2xngCgsG8UNgZ6HTEz52mNibG01VPatpuIRgQSEQIABgUC +Q5h7QwAKCRBrxtQlKHeHL6LOAJ48yfSPXh/5DJM2mVQRuBRZjqmBMQCghfm+a/k8fvwdnE6A +WITDx6kKn3eIRgQSEQIABgUCQ5h7TAAKCRCE6B9wX8AaIE+xAKCRkHUx7w7WNS3egBXIvbmw +zvJMTgCeLUuz5wrRBeKzH6kx1Kov3c0NofSIRgQSEQIABgUCQ5h7VgAKCRD2oWiKMSVEQuy7 +AKCq2txHuLCK+vlVc9EErPW63nMn1ACghsmd+cDkd9mwiQQ1I+UUHKHC19yIRgQSEQIABgUC +Q59kaQAKCRBWoyygGK+70ICoAJ9spmcuh3tzECvZ+JXO58M5DK+7SwCeLSnjq+foDZhrISBR +kUPyRKfGSVyIRgQSEQIABgUCRAAMxQAKCRDpIPY+2nRzW++KAKCpLwo6jKN+gD/y8mZQ7lAR +P8rRWQCglW/f+PDAcPxZbscTKEegyvxvWsSIRgQSEQIABgUCRJPwJAAKCRCBKEM/weJOVkCt +AJ40OyFt7vOGYdTbVrbM+nxQ5EvihACaAxD4gUGIhcz5KfjZxref7Hd8rjqIRgQSEQIABgUC +RKJT+gAKCRD5Ix1tlP7WrbuVAJ43Dyl/7VLeAtosPzLjWGbo/3UfIwCfUbX0aAB0XKYICsGz +TJ7zsdM/QlaIRgQSEQIABgUCRjq6HAAKCRB7xDdu/dyKa7mHAJ9enQYPyrfnpYUVH3oArt7c +rCshOACg9VNnfiRer5bX8nOP+XJLDnj/Z/GIRgQSEQIABgUCRlySvAAKCRChYzUkuQei7RAS +AJ9amUSujjNgb5LZx9XTfb24WrRjbwCbB68jbKesXPVW6IePIkwIbvxnJYGIRgQSEQIABgUC +Rn/FSAAKCRBzjx3/uJdS3iIrAJ96aS+sp9nOJo369mqxbCHcllpdyACgmQ5710V2M82d4lBD +MULEn+yhBw6IRgQSEQIABgUCRs39CAAKCRD+1dX/38CqZgwEAJ9Kcj4fAk0SAqZG1MCM/BmY +cvmY/ACglM7WsiGyVy9weAcVG+ETs9D+H9SIRgQSEQIABgUCRusFdgAKCRCn+sQc4M5IajRW +AJwJppGhbdGd/p8mXtjQF4pZjtus/gCeMK/2wj24bWwUuXpDlQPDuWkN1m2IRgQSEQIABgUC +Rwfr9wAKCRCgkYpqs2fLxGvGAKCeIa8iyT6ceA4irmaVKHtEbeI2pACgh507HEp0yqZ5thy1 ++rxm1vBhAkeIRgQSEQIABgUCRwvNsAAKCRDFoJg3uqzS/oS/AJ4+afuXJFd35jbpmamxnL2R +H2PAowCeJfqBsf0dIOfd/sl5zJFKvDd4G0KIRgQSEQIABgUCRykC+AAKCRCoVxpwtzy6kCPW +AKCk1nN+ZddxfXUAgDNsQIfCMApa8ACfQ02PWrZMA7GKd1RSHiZwT+ljYy2IRgQSEQIABgUC +R4Nb4gAKCRA8sn8EcEZjBazzAKCuWrPxnCksHPcca544GqV9dcC5tQCcCnz/2aX/D8QGXBZq +jC1RIaS6WMyIRgQSEQIABgUCSGorCAAKCRBgzLEkIToex1F/AJ0UYm6R5MKrTpI9ECK2HHIh +1dS0SwCgpe0LGwCji5CS4V83Qmb55GZFtkuIRgQSEQIABgUCSL8LTgAKCRBbYcIjoDzjzgpA +AKC/9voa/zjRZnB2lsJfxBvle+NK9ACcCm0OppYdp5B+6yY7KPcKcSd46GaIRgQSEQIABgUC +SZUeiAAKCRClHMSYf3+ZRFynAKCM9NtmAcZ7dCaoSVKh9quG3j7ncACfaa+/5RsCkFQ8H4gz +CykxaaxTDLKIRgQSEQIABgUCSadWTQAKCRBhn51dYuGDgSxYAJ0Y2EQVzP4LM/KhHNHY/Var +G4fQrgCffbdyZfw1vSYGZHvlbPttLUb2R6eIRgQSEQIABgUCSbcdqAAKCRB6g68zSpHCI2aZ +AJ99j5UUGhS4nN7HVr9gqKnZooGT7wCfVPIBRvaF5SuosLodF7Y3HK3iHouIRgQSEQIABgUC +SbcyGgAKCRAYI6KM3AZWBYSzAKDXhjMJpHAgHFhJ7ORaKWROik1w8ACeIztIVgXFpujMvpWK +PNigqMITyE+IRgQSEQIABgUCSgq5/wAKCRDdD2ITyyifPaJrAJ4yqx2hQ2GTIkM8KCXBv7ko +qcrvkQCfVNsvB3qzakBJqQNk3WnaVotmI6CIRgQSEQIABgUCSrV2HgAKCRACG1Sn/h3R331e +AJ4lnUQIuLTxGW9M+gT89hcBgSfSEwCfaZRddX1LaZP2i5qah+IOG1oJfQCIRgQSEQIABgUC +SxrVyAAKCRADrZI0O4r4S6cPAJ9Py1yCmTg2J6GY0I8JFFlipY+sRACgj42AJuEchdxaPm59 +Rt7EN9S7hbOIRgQSEQIABgUCS7GM9AAKCRCp9Qz7qs94tUq6AJ9XC6X+7ds36XpFIbLnC5RB +gTugdACgnHuWunenBaIggvG7fQlbCrgCHaiIRgQSEQIABgUCTEtzpAAKCRDty3/Wa3YFP62b +AJ9910hmcMJ1QH8S8yJ5H5BcSfQkYwCfWrbj4KqqewVfCGZ6BjR6104x4RmIRgQTEQIABgUC +QboilwAKCRCDZs3xoWLNGSawAJ48KiEDVHhadFEN4FTXLBhrRq6n4ACfUaIBhkCa7ay7VJuH +YI5C91pu+OeIRgQTEQIABgUCQbxOigAKCRCu/WNrOwxys5KSAJwPSRpdZbmQr4s7CM2mjtmY +lBF5HQCfUvAa2MYYf4JLOnDD/V0NXTUCQAeIRgQTEQIABgUCQb3uMAAKCRCSMV7PIs6jQvUl +AKCe5KVqd5a0iy4dSS4/Fq6pE3oTQwCg1S8qVDoDPtTJI3hm41eG10m2nqiIRgQTEQIABgUC +QcC9dwAKCRAImJ3bS6kyxANGAJ0ffqKiGVS+9fyE1MbS1IdFhipS8ACdFzzJSn1BRaxglbQB +4fo384MKS0eIRgQTEQIABgUCQcHFEwAKCRB2UmXPeUY/8UNYAKCfND1N9wvg89EeymblaUy2 +Yft8LgCdEO4T6hvlQ9nnCPDRcNc8uKUqTtiIRgQTEQIABgUCQcHFEwAKCRB2UmXPeUY/8UNY +AKCfND1N9wvg89EeymblaUy2Yft8LgCdEO4T6hv1U8n3GPDBYNc8uKU6TtiIRgQTEQIABgUC +QcIAoQAKCRDspby3u5ZWsF1wAKCv+ynTRHyAWL5qRFN4xrspzBSRQgCfUJMHnk208c6rwCrq +693qYZEyom6IRgQTEQIABgUCQcIXKQAKCRByUmrTo/lyDN0oAJ4jfnJLMPe55Nng79rwweX9 +kbXSMgCgg64JgFX/uIyiVAzO6JP5Bj6CMR2IRgQTEQIABgUCQcIXOAAKCRCzn136Octqmgjd +AJ4oAknz1DnQjHq4XUCr67QdmMEKjgCfaEBqNjdeXqXtiWu1wjl1Tq7dA2iIRgQTEQIABgUC +QcIXOAAKCRCzn136OctqmgjdAJ4oAknz1DnQjHq4XUCr67QdmMEKjgCfaEBqNjdeXqXtiWu1 +wjl1Xq7dE3iIRgQTEQIABgUCQcIgsgAKCRAUiBtq5F4lpRv8AJ0fxMVQgPBeJ4DX9ENAS3AS +pskSJQCeO+CRLUAj77coBtMDQr138T2BFpuIRgQTEQIABgUCQcOVsgAKCRC9BJIGzxawmyri +AKCsK3o7HJfHwei7hw6EYr76h5zmuQCfSKrbA+Ir7ohuCIRajUsyhaK8ICiIRgQTEQIABgUC +QcWlYAAKCRC6/PcF+eIJBHBHAJ4w1YHthxF4GL6hILm0amU3Hktg/ACfUBaMN8K107F/SPB4 +Yqk/IfbcqSKIRgQTEQIABgUCQcX5jwAKCRB7x8yQ5lzw7hRDAKCKKkKFEEa7EAPErDQow+Av +SuDyXgCgp6o6awXVmmf2tAt6wrg83taoJ9iIRgQTEQIABgUCQcX5uwAKCRDzPJLAG/8vvSsg +AJ9Lt+Ur7elVqRCF8CJz7BojoPCtvACggSrP94eCOwKjTDO7y03bBXUB8rmIRgQTEQIABgUC +QchknAAKCRDj134flRYZkbS6AJ4jrPnMiInpBVeZgHyvyxipb+309ACdGsuFhDhZnGSs8ABW +Ic26Idxm2riIRgQTEQIABgUCQclU2QAKCRDcipiU3cr+5kwhAJ9KFtamDaBj2p8EnRbfkU7A +WTGcpgCfRvwyIsCPXSXwN3tiQIxLEwRsr+WIRgQTEQIABgUCQcqWqwAKCRBqGHjOEnRkPulC +AKDXw1ekbB6b6WwuZHJnvy0uiybVdwCgucXJUQrvhXBY1fWEWOPI5Rif6Q2IRgQTEQIABgUC +Qihc1gAKCRDxZLlO+l8RAMeNAJ0dSFPuw80LgxcM77yaatj3L2Ft0gCeL9/HYrYSGQphu4NG +48275Uie5ByIRgQTEQIABgUCQkqzuAAKCRC0cYm0Kn1xAhFdAJ9TMS9aMrW0hMInMN+AeoId +f1MTrACgzaYV2N7u1oPgNscYtGFOdCUhfM6IRgQTEQIABgUCQk5x5wAKCRD1GG4xdjolNKT8 +AKDDUo1+wwuA23DKE2NTAmqqhgGPrwCgySCslWCpr705gwsZBezE8eZOueCIRgQTEQIABgUC +QljSegAKCRBJnz/0VHkpL6keAJ44Zj1cHJSO3tLPiNsZZbiJ0AxaZwCeObhM7kCBldOv5o2f +HEtmyqQz8lyIRgQTEQIABgUCQljXKQAKCRC068ed1Gr1RqYoAJ9M9sZ1KD8D8BB+Slhc2dAD +T+UA1ACghOj8zVxor7V+sYemxIdOoW2RINyIRgQTEQIABgUCQm2MmgAKCRDr/UCyJ4c+LSbN +AJ4k5apzrIx9yc2Y4F0QyyfwUblW/ACfVSdAE0etAC+AITp9pNvEz7F5xMaIRgQTEQIABgUC +QpdU4gAKCRD+Nk1T9VOyIhMUAKCrmrgF3hGMhfJ9wxodVEtX9lXgiwCeOCKxnHMfHsMr3Gsc +uggPoUhGYryIRgQTEQIABgUCQtVUewAKCRDz94vNnjrg0P+aAKDSXBsOOBzm4INOuJsirwHD +mNYHzACgsZo50Xc7Osm5SM8Emkk7E8FFJymIRgQTEQIABgUCQtz2rgAKCRBrkrxDZcaU95OS +AJ97KRNRl14LykgKwcEQvZoB3thQpACeJIX5F3MLRp+bSfvaJ6CRQtjwQniIRgQTEQIABgUC +QvJUTwAKCRAHBblTt0pbtmOwAJ0ey4IP0DTTHj4QcuXAvLK1Lr5CLwCcDJqWgQtZVh8Nkazx +7zohaXcIWJuIRgQTEQIABgUCQvJdRgAKCRAHBblTt0pbtvr5AJ467QLXkdhrCpCrByCfDP3S +hDgD2gCcD7b/xHqzd9TR/v8X77EuTpw8CrOIRgQTEQIABgUCQy7VngAKCRDq1LWQ9ombwGE6 +AJ4x+Hbx9c1dQ8ei2xnAc8jD2pBSPACgn21CC6EIAYkROxkApajJDwljY06IRgQTEQIABgUC +Qy7fmQAKCRD4p3EKvdrmkZkpAJ9xS15E8eUYwcaLz9McZrRaN/IRKwCfQB5EOQWXP6S+X95o +ro6cKbX1I2CIRgQTEQIABgUCQzBK5AAKCRDPin3ZodTE4LMwAKCKyeEgjYMZUj5bsEjWbWp1 +sYa5dQCg+qtJM3iGWsPag3NU7oK00TyLwO6IRgQTEQIABgUCQzig4wAKCRD8Cb4c5SQpoQSG +AJ9zLineSLJFdkqYInFMwHD87hHCkACeMNX5X0E9ZUlXRrtypIyawxlmkD6IRgQTEQIABgUC +Qzq2/wAKCRAPKHTZL4GI/mtjAJ9SdONmwjBFXwy9iJxCC3EveSxwTwCeJjEKT4Fjz8wg5TIW +hJ+yg3zNZUWIRgQTEQIABgUCQz18EgAKCRDjTG3Fsb8nbrQxAJ4uvg2wk25nIRiHjo+vlQtE +B313JwCfRCnG0YKHKbr4z2Vvy30uWzJo0l6IRgQTEQIABgUCQ37v2AAKCRBizzTwM9IEiSZC +AKC4cwciI8bKgQu2sEqFRlb8F6YShACeKMWwGhRMS2PYsT1kPrE57J5CJASIRgQTEQIABgUC +Q4m9BQAKCRAl8xQK5tOfgbI/AJ4+nuNaFbBffdQMtg9hxnugoWuBuACfU52MqqLDfFyyjbeB +mh0os8gkCCiIRgQTEQIABgUCQ8NpsAAKCRCo6KToudfKOAIVAJwO8pzIwZMtq6K56jnkR5Oo +UXJ+2gCgkYKf5c715oKtr0FfiHZn4ZJs1viIRgQTEQIABgUCQ8gK8wAKCRBZ9b8b6NQC/Nvv +AJ0axHj3jw3r80XoXer3hWe9yVPTLgCggWdH4qCz29TwnPDoTYNOT/aJKdKIRgQTEQIABgUC +Q8rAogAKCRCE9NpOJsBZ1PNgAJ9SEzZLdFPiq1du2MK7Y+u4BaDBfACbBeMWBo307Kk9NALT +31CHhAPkNZKIRgQTEQIABgUCQ9lW8wAKCRDq1LWQ9ombwDY1AJ93pgtd+rxj9toWt5qKWAwP +cp8ixwCeK0/VoPlgtjLj0JSGYgHhs2uvgEmIRgQTEQIABgUCQ9lXAAAKCRD4p3EKvdrmkXpi +AJ90+BVwHtMNhokmmitZg/s+832j4ACePBlm3qs4kHa5PaqymUQ4IfV5ivaIRgQTEQIABgUC +Q9liVQAKCRAFEpZLqlvmg5uZAJ4lZBIVRulwguaVKfD4IFy5r11yqgCeLP6T24So7J6goUiN +VWEnNiAStn+IRgQTEQIABgUCRILn2AAKCRAcF/qRgKv3gEl4AJ9X7jyDsCCuvIeAHubr8jDX +vEzZQgCbBTQBkD97YaF96wqSXTRN8oiWI0OIRgQTEQIABgUCRI43vwAKCRC56Fp+qymLDkRm +AJwPnwE80iM8GuRJHCRVdic166YOWQCdFqSCs2OrDE2LxK/nlmWz9m8rJQeIRgQTEQIABgUC +RI43xQAKCRB+GzsyvPRqSvRwAKDNpoJEjclT2nU1lUWhK/DUGxw+zgCfXRgam+DFU+dl1V4U +LLJ6spHFwvmIRgQTEQIABgUCRI43ywAKCRBXwx4l7r58rmKzAJsFKGRiVs/xcIqSBVyESuCZ +CY534gCeP5Sxcw2h9aKDuDfYmG6TtBbjcL6IRgQTEQIABgUCRJxXYQAKCRDjuz/EjDLujUiF +AJ4pFn4eGAv96etqdDdVpagDFBuPzgCgjB1iX5xSUNnrVyL+Sxlewvr/PqyIRgQTEQIABgUC +RLvujQAKCRCZIuOb12P/os02AKCKXcZFkS4NTpMM2+sM/6VUmM59DgCghAoeHyr2tM/teuVx +S1p5gnKv3OqIRgQTEQIABgUCRTgXgQAKCRDoPQiUgYNuv16OAJ914dLTrroPg0k13gVk4LTv +aPvj+QCgs8VpS9wEXaYOophKdVtatUOYSMaIRgQTEQIABgUCRWgXXQAKCRCIzXnBOsQ20W5U +AKCgoIiPcw1+1XRBwoxNgGoGFJt9HQCdHrNn+md50Fmrz95ra7ubR/oSCGCIRgQTEQIABgUC +RXw64AAKCRC+6504pRele+S3AJwLb44/vUbLveOwHDVIkEX6o/pk+QCdHp5HfcDefvFd1uBA +TeaIWlBkicCIRgQTEQIABgUCRXxV6gAKCRDbxXzUwN7RPphQAJ9taQpqL1L7QwQz+LlTmKUC +cBFfpQCfYyg8hFLUTOA0FMoLa1sbt/lySoeIRgQTEQIABgUCRX/3WgAKCRDbxXzUwN7RPppY +AJ45r6MVrBLgdrEnqxAB6YuNb1VVHwCffis+r3IZsnWmcbg6MmUOA92ldZKIRgQTEQIABgUC +RijRVAAKCRBhLS3J2iHSk69rAJ4xQSZ6wvyptDHB60q1YwdxC4KA6QCg3qEhhX9cZLY78SqS +WkNSfC3K/mKIRgQTEQIABgUCRqpAkwAKCRDq1LWQ9ombwOrgAKCdKTEka/SqH/v/CXcTzLGU +nxuRcACgkXBZVimQDmCUWc+gB7+LaPuTmLOIRgQTEQIABgUCRqpApgAKCRD4p3EKvdrmkX9E +AJ9mfLfJMyy8V8FetcBUnn+iE4/hcgCeOXG8erTDBfxA6Bfy1TYNc8ryRSuIRgQTEQIABgUC +RrEJjAAKCRCKNy1AQAQPIEURAJ4yEYXAn2iV/7qQ793oc53sKZyzzACfdzJ50Hfk6IAs2kR5 +m2V6Ah9Flp2IRgQTEQIABgUCRu44VAAKCRAyzFXDOdR6fpb0AKCw/pW2J4r3/NjaXi++rgfW +qNOLdwCfYhPP12Uxjz8T7OO4WaP8RB7hiqyIRgQTEQIABgUCRwvMkgAKCRDKbJ3GNyd8H6rJ +AJ95Z1eaB6VtwiyGtE9JwKs8dFc3EACfaZoTpX+LIqoFFmIvudKjhBf6DPSIRgQTEQIABgUC +R1inKgAKCRBxCM8BtmtxkOTWAKCOZsw9ZM5Yo0LXgCeC4Xpfs/opwwCfUEar4QDJB2vxoQca +j7Eq/EQE5kKIRgQTEQIABgUCR5bRGgAKCRDq1LWQ9ombwHJcAKCItwG28dsbKBskh4bWlPDo +1MtvdACeJ4sA50DzeyLVgdqCI6DBagbj2GWIRgQTEQIABgUCR5bRTwAKCRD4p3EKvdrmkVrd +AJ9Vb/rmliF4KFHSGqOo4mQQYbSFDwCeIw/Z6I65vzYR+wzAZ0XdeE5Um1mIRgQTEQIABgUC +R6/97AAKCRCdwwVgJMJ+x1WlAJ4lGgaj6kwoJ1MqCXHNo9yfhsFnZwCfTdZB9q6I82LZIigY +3EtRpFz/LgSIRgQTEQIABgUCR//UiAAKCRBPLhGk9hb1g6/+AJ9KLF7UHD44fMphTpuBEN4y +KXmv8ACgi59lg8ZIDPpUBkk455hP55ZBhrmIRgQTEQIABgUCSCFLewAKCRASMUZKjpteeyqq +AJ0Wc9st43P5lTf70XhQ69mu79YAoQCfWwbs6pZYTolMPpvSFyZAdqjhGJqIRgQTEQIABgUC +SFvsxQAKCRDrZweOSbl3Qh5JAKC0odbAyQ3ezjXkpxXqxgUxSbHyXACbB4qxLIswaKn32swm +e7R89q8jvC+IRgQTEQIABgUCSVo2bQAKCRAMz5O7Y8vmPyhKAJ9m80IoxLcmuKhQfHMox5qa +Uhg97ACgqJwWxsjl0L69M0rP042wYy2mgDaIRgQTEQIABgUCSV6roAAKCRD++R/cu4disJlz +AJ4/uvukdMZeoBPbBzrhgXQq7cnkWACghKQVGXmKuAQGxvBJV9ZZd9z/zZWIRgQTEQIABgUC +SW+O9QAKCRCC3OXlq39NjlwpAKCdfmfHE1/Qj1BlAHptSXCfKXuaoQCgu6SygFwRc80ocZfR +2CcrnktZZECIRgQTEQIABgUCSkvGVQAKCRBcIbSBWCxd/MJfAJ9KtTimPG2seu1/iQA5odUA +r7U0tACfWMX72/OYE8t4gMpS62dkSfRQ15OIRgQTEQIABgUCSmDX1AAKCRBF9eAFqSn/w7bw +AKCQzR6OZKsLIkTGqm0v4+BCuPxoJgCdHAOWR/rapMMzKlawf8aULNu1P1KIRgQTEQIABgUC +SthwMwAKCRBgbvc1FKq9K/YjAJ4mZLFnFpFGrHM1J2w10fbgKGnZxgCfbn06tBGgL8mC06Gk +AXk3mGl5pCeIRgQTEQIABgUCStrRyQAKCRBrhHVZkBcgFFc4AKCKZ779IOLLIva+leQsc9RF +N3QfrQCfX6VtC318kCU2h/KvAvJmugY3pVGIRgQTEQIABgUCTF3MUwAKCRCXF6fQ2/qYlLS8 +AKDJHfdf5pacYKc//8rX4JUkGdpr1gCdG0birsvZBSy8/bCIVYH5llLAoYKIRgQTEQIABgUC +TUQnXgAKCRBRJ+fu29qtsXhmAKCDFcfgk6PfdyrngwicD1z6eNQIbACg4jfa2L6uPBF6rzg+ +ORYZsuSKgtyIRgQTEQIABgUCTacJvQAKCRCK260nYqmLuL/4AJ9n0nZGQVQH4g8sNiLBPiKh +b3tcKgCcDNlm77J2bJPu/d5cAslyZUrHySuIRgQTEQIABgUCTcG35QAKCRD492PKIQYvgzOf +AJkBy+gOqFbUBOOs6QNWn3L6iM+2xQCffEcJGFaWIiYMUHMgKdqLDevdn0GIRgQTEQIABgUC +TnmsJwAKCRD8jV+dPrVoiLLBAJ9jmnFmcQTbQvL185KLKxO9XVqGUQCfd3oQe6rY+00+Iymb +G7sd41CCtKKIRgQTEQIABgUCTnmwUQAKCRB+oP3VoKx9ajhmAJ44uUn+X/S6hS8UBcWALFqA +KWMAHgCgx6Te9niogOv202lN9VvtnpZfX16IRgQTEQIABgUCTnmwqAAKCRBAn37IaIUelncx +AJ4ifxlMcqkgRorxqh2d1ZriMe3fPQCeOmVNdYWphbpaoOdqXbWmDXwDhDqIRgQTEQIABgUC +ULTwlAAKCRAdWsxTjBNuulpcAJ4qE9BwtHqx2iM8v+9IkaAT8t2wIwCfSGVf8A2oG9PlNXxI +w7VldD4f1VWIRgQwEQIABgUCQbpN+AAKCRCZ0TqA7p56jCoZAJ4rH4VAIrDAjJplPDiKJLgz +YMT3+QCggDl6YHXcs8oez8XyQ6S2BjAXnBCIRgQwEQIABgUCQbpN/wAKCRBcukY6FsGkaYaI +AKDCJ9GUbmtX3WWW0cxmGQsaqkbsyQCfZdUmWKJL4dScZaMySka2IOF8H22IRgQwEQIABgUC +QbsfngAKCRBV3aMlKCRO6zOyAKDegJqeoR8+eO28V8KRm687o1jvwgCeMWUTKuk6txfauHCA +2vEsjxCEZC6IRgQwEQIABgUCQeU53gAKCRCS/rcS4tstwsVGAJ0QfbfP03LXCQYvJ82Qrx0F +9cIMoQCgo0ta9JsKmOuj5z6ZjtaL5ouheOiIRgQwEQIABgUCQfrICQAKCRDHRjY5std5Xni2 +AKDNvJDEnu1Ma/LiJIaFyX14qwR7hwCfQlSNNOALcDXLpzUkOfH/8CL8lkKIRgQwEQIABgUC +RV3llAAKCRD2qWFME7vtCGtlAKDrgi/Bm1TFHgvhLR7Aq03ygNY5MgCcC35tsYEthEhnqiCf +o+A1i49UFfiISAQwEQIACQUCQpSh3QIdAAAKCRBvS6dZ3gu9S7JWAKC2DZIN+yCtJf1IbfhO +aXLHin1gngCYs+7QM9aB9aH9mF/nT5pp/dkGpIhJBBARAgAJBQJEiVDnAgcAAAoJEKdjQ7FN +efMnMVYAn039s7GHXN/9ucaa82V2Cf+wnLZ7AKCSiX84flV7iQWN4pkYT2jffZAB7YhJBBAR +AgAJBQJEsw+wAgcAAAoJEL7OkKrPE8QamvIAnA9yB2gMQSTGMfTp2WDPyDzhqZuDAKDejlII +UFvAMRZR1bMFGFl9kLTYsohJBBARAgAJBQJEvGePAgcAAAoJENG8xi/bm5qstSAAn3wYvDgw +M/Jp4BMJQGBmvmI2iLVgAKDTfj31FRQZmV1iOH/eWrk+TC5gCIhJBBARAgAJBQJE7v/XAgcA +AAoJECU+G4nf2HGBO/oAoJba/ATMwYOYMHj+B7yNQsPMn3LZAJ9h4DqSJbxvPN06h9FJXYZ0 +x21xVYhJBBARAgAJBQJFYECVAgcAAAoJELNAc10T0vNmSnoAmQEWhKXXA0oOIpwJI21/noQ0 +Eh2PAJ0WXe5/BfxWqVfrIdRb75zSmCtM0IhJBBARAgAJBQJFeeObAgcAAAoJEH0n2KJioiWO +9nIAn1xsRvzcztNUGUErZKay7sWcATQGAKCGnqgs2xOkuN/HLfSKi4871DMDl4hJBBARAgAJ +BQJFnWCrAgcAAAoJEF7es/WiqOLTgXgAoKvqnH0PEWyTX670DNCP4YZKhEZlAKCz0c8NW1uT +1wYubnAo5JhIR3WOUIhJBBARAgAJBQJH88toAgcAAAoJEOWaPKz5ajfrX0UAmwcni7X42KtP +dZrnVKHYaHOouR57AJ0ZhHs/ICbSlLxDmL0EN3tJA4T5/ohJBBARAgAJBQJIBhb3AgcAAAoJ +ENa7qYujSYEezKAAn2raF0A+7Br/4nUWgMf79/tpSRcyAJ9ACR9asmNzlY56oxQ1ZA0iq2V5 +nohJBBARAgAJBQJIHzTVAgcAAAoJEAHicSIQ7QdJVIIAn2j8F8FZbkYZaiO0RrM4qPUqbfxt +AKCOp7RLqywgZCcJGveBAGsMnEHmT4hJBBARAgAJBQJIIVgkAgcAAAoJEMqczfyYfEl/zrAA +n1AyXHXd1PC0Ppz6dOqJRtlcGinsAJ9Da28gbbm+0XY3F3/bP0f23VfJoYhJBBARAgAJBQJI +6lvIAgcAAAoJEDW8uneH+KiYHQIAniWx/9QNXbQF+jI9fZwyC1+6972lAJ92CxjN0yBfPagm +nMECyESXgLPNQYhJBBERAgAJBQJBuW0OAgcAAAoJEI7/T+uQXzlDqs0AoJmpbkupQNDDg74A +cAymZXikC2EoAJ9/c73kiUc6gRW/wIJ9bnZ4Kc7i/YhJBBMRAgAJBQJBukdvAgcAAAoJEPBr +6LpOxtXFkqMAn3mg1I6ycCC3wTslYNQbgrw0TevGAKCztqPdQciozu9CS+3sq3adP8rdM4hJ +BBMRAgAJBQJCsEzLAgcAAAoJECnEDO74tkUk+4oAnjRyaxffwNTKnK+6cdO65Nc+Nh2LAJ9Z +FJ4wPRvoves0PK2QLy8mY1xN2IhJBDARAgAJBQJB1Gl/Ah0AAAoJEBtgNPR2t58gXDYAn0SA +AyRC72xLn6NHMbW7lTL/ZK0hAJ0XRGCpxdTLkUhGoT/UeMHjW20ZYIhJBDARAgAJBQJCHpJ8 +Ah0AAAoJEBZ1NTLGzmaQ+zoAnj0P5UMehl0Tc0XyzeEcXgIp8DqdAKCEuoH67GciGritn1TI +zQCH5bLY44hJBDARAgAJBQJCW4RbAh0gAAoJEBQOc52JyTVjVrcAoLOUUQQ6Nu9nfJrncGtX +z2MzZFWeAJ9ExxIdgrlYzY+l2EMsfUj3vKiJsohJBDARAgAJBQJIQXjQAh0AAAoJECs2AQB1 +qQaL+vcAn2VXvz4QjGyMzo71mrJWL6qTSjI0AJ4iIZA9Rnk04sObwsbdNH/LOqBOKYhJBDAR +AgAJBQJJzUDRAh0AAAoJEK0F514DM643pysAoJIZRNd1w0evZcno58KqsRvSmzm8AJ9GCOmy +xWvKuDPTcWKx2wftt8ljX4hJBDARAgAJBQJJ33VpAh0AAAoJEIk8dGq+K6Bk0KEAnRpmw9SA +qum+g9epz7bZ8YurgmeFAJ9PTBsxsUOc9nFVC4w0rC4+zXTYtYhJBDARAgAJBQJJ33VpAh0A +AAoJEIk8dGq+K6Bk0KEAoJ6Fs7kD59dzAzVZyI2kGkng5JrMAJ4uMk3PkIO2sgjXLvkrZUZc +t1xQCYhJBDARCAAJBQJMh3t8Ah0AAAoJEI1jc2ACKjmzptIAnRUzquhTbZjLit1nw4bPUpBU +zDbsAJ45K9c5Ei1aumcocHccwFlx8al7fIhJBDARCgAJBQJOBvu3Ah0AAAoJEPywu1xfH79w +PawAn0r/JZvBMY6QaxXv0th9j8d/166tAKCpu/krcy2ZFclvRy/Ab4Onfxaov4hJBDARCgAJ +BQJRwjdHAh0AAAoJEBQOc52JyTVjyVMAoJPBGu/6U73BmNXwZbhwnFisyisAAJ4n6VuDg6JL +a68OliL73OWNVB3snYhKBBARAgAKBQJBuNR8AwUBeAAKCRAHPzA5hv8WndQFAKDCX8UpeWCP +XsIiH+OhFXOhSbePrQCg3zOCsKCyhLFBdT9/RWfV5NfjDEGISgQQEQIACgUCQbpKWAMFAngA +CgkQXLpGOhbBpGkyZgCgvxd02immlbnygcEDjScod/DFfHkAniAno44oFGToHjRvsCC0McUE +shgciEoEEBECAAoFAkG6TI0DBQJ4AAoJEJnROoDunnqMvMUAoM90XKQT8A2kijeb3P/cElUr +nCBqAJ9uUc7v3tU2+mGQOQTiIfk9VcWULYhKBBARAgAKBQJBuopiAwUBeAAKCRAF3Cio9EJp +oNUrAKDchFrhV5YY3epEjcA1F6kFeB8RRACg3eXdDN+snkdv3BL7ztNf4pSHC+OISgQQEQIA +CgUCQcDyDwMFAXgACgkQ6ZnFOJq48uXZMACghmN/R+ovCKDu0sG4C89VW0rNFRoAmQGCMOGn +95Nlhi0yXfjCSL4iK/jhiEoEEBECAAoFAkHBAtEDBQh4AAoJEEAW0yJAtvWVPy4AoLvGKspX +IiH4WQGHiT4KiByqHs1DAKDIYzxOGbg/JeOR1a/CvMQjh9id0IhKBBARAgAKBQJBwQLRAwUI +eAAKCRBAFtMiQLb1lT8uAKC7xirKVyIh+FkBh4k+Cogcqh7NQwCgyGM8Thm4PyXjkdW/0rzE +I4fYjcCISgQQEQIACgUCQcL5lgMFAXgACgkQ1XhmiUBontSf5gCgtxfF92Ghl2QJN2p+cwyR +GSj0gSwAnjeSdasVCWg1nUuhGrtPJg2AXh7giEoEEBECAAoFAkHKBVkDBQF4AAoJEPyFPYEt +pdl2r8sAoJWP62P33mQYqxp/tS6JIUltqkH8AJ4i6mVCocH9jWA10g9F2vFWiiVAd4hKBBAR +AgAKBQJB0DHqAwUIeAAKCRDM46zp1NyvGlDVAKD9XyshHMUoi9Orm+RK6t18k4r/bwCg8OJQ +H9RVvefWh2r7PwpbokVgLvqISgQQEQIACgUCQdrmbQMFAXgACgkQBWcdy5xkwdzq/ACffR0w +Z/bERPGMLJPcHqYY57+m89UAnilO4fYNhrxBwL2dJw0XINCvg/HaiEoEEBECAAoFAkI5dR0D +BQF4AAoJEOzJM5XeDdFEfvEAn0zE2UD8uUWcu1HNEzoOMBWRuYmNAJ0Sgs1Oa/SECWubwNGv +Qz1sFkLeA4hKBBARAgAKBQJChNfXAwUBeAAKCRCfClETCh27tkUTAJ9nec6xo8uUHvpo2FV9 +bwDpcg7ZtgCgmyOKJpGKK6Rve2ZTQpsv/a4G3WOISgQQEQIACgUCQ0wUIgMFAngACgkQ18n8 +J6N2pKaFwwCffLGLDgPoQg+a4CR90nZFsuVGKVQAnjc/YbTIuAYIKgl7s9VmoUsgCXy8iEoE +EBECAAoFAkPd2ucDBQN4AAoJEJSlDx/FKuw/jzsAmQH2ER+T8m5E/dL+qEENTRzPh1ClAKC7 +ReSVCU8R7TJKNoPrxPTp8U+a8ohKBBARAgAKBQJEOmqdAwUBeAAKCRDrQgf7Rxv1NfaWAJwP +dgk1n4EkZqJKMLMf8VHVcs+wjQCguPFHJFz970Y+8MXv7qpRGjx804GISgQQEQIACgUCRMDj +VwMFAXgACgkQcSp3Sd4Ff+gTCwCg0F62xx7si7tNpoHMUiHpzSiyNS4AoODtpZbQSx8h+v6y +3A+1ojLr7sDdiEoEEBECAAoFAkZmnPYDBQF4AAoJEM4r1SJ8OlGTBQEAnjkvCN6mKUHNGiBg +Ix5shf/T+/QhAJ9KKr7gFAwkUocAhSWBN9b6DFj25ohKBBARAgAKBQJHVbeCAwUBeAAKCRB4 +3SrzPmk5oxypAJ0ea+a4G3nKJEjMfJMpnVF5SnB12wCgm2xhYHPE+VAyfBhRSU4pmmwG8kaI +SgQQEQIACgUCR//hpAMFAngACgkQPN77l+soTCNRrACfTpkRD7rgEVtptlhEjLC2pUQbzzwA +niALiuer40ynPipy2r+S3UCUOaOGiEoEEBECAAoFAkg9xkYDBQJ4AAoJEG1Qw7ACaGEv6ZkA +oLB0jE+CwmAGOGqbGVPMFWfzwd7wAJ0f3foO4MJu8IZQL7rkMPXUVLJdWIhKBBARAgAKBQJK +dr6iAwUBPAAKCRDU2DsPUXNz+hRaAJ4rm/sOguXlwB3lvdI3YYGtW3EvngCfQ0i5NMT4SLey +xYV67viKHdisT22ISgQQEQIACgUCS9mNAwMFCngACgkQR6Cvg/FPVN05gQCgvfrAGAzGVFvy +L1j1WCxgW4oWHosAoMpGcdlgYo4MvTduVzEz6UX6eskxiEoEEBECAAoFAkzDwFgDBQE8AAoJ +EOGFTwSIMZlywNwAnRhEjzfP5bVT5wzaOJ3GDWGwlnc2AJ9TqRVU970Z4goAyfkVbxAWMIiE +j4hKBBARAgAKBQJQOSbHAwUBeAAKCRDxNkThBcMBOwk8AKCZpTll/WUNtf6p8iW+4NkrANhK +/wCgjgKqZzfa0u+82SfrvKtkiCHgwPmISgQQEQIACgUCUSyMSQMFATwACgkQsuabv6v+pBLC +hgCeJ+PhhMoQZO4siWPyza+bNu8ttHcAn3lZp8fa8nXe81soikkBDe4IcAXYiEoEEhECAAoF +AkTLwDEDBQJ4AAoJEDPUNAgCXXxd2TMAoKZ/KhQC4udeSh9PxPWhmXouDMiKAJ9EPvE/olhH +jy5pQcSIRHwMCyc1tohKBBIRAgAKBQJKgieQAwUBPAAKCRCRVhSi0U9Scu78AJ9tna9Ug8A+ +zHkH6jOhpumxDGXtrwCfezKLcpQuBTjxEfzfkidK1Lr7d4OISgQSEQIACgUCTHuFFAMFAXgA +CgkQfOvN3AkGos4L9gCcDa1P3OX2/2XiSV+V/0dRwRTkW6wAni84XJcuaYRQxZLemz63LDxC +7rqpiEwEEBECAAwFAkG4yr4FAwH/hgAACgkQ76fDRCIqrzKYEQCgzj4J8evnJoLhCI98NNq4 +EDEe5DsAoL7A7Izo4ZgPU8fbfTuK8BzW5OppiEwEEBECAAwFAkG6MywFAwAaXgAACgkQ9/wF +dX73kPwTNACdFW4m4gG602CkyH+OACW3nY3V+KMAoKbTOkBb0Jhbof0nyFiiYnJyt1jbiEwE +EBECAAwFAkJmfqkFAwFRgAAACgkQROD3ndhjcleNSwCgxNyLvo5zQovaRfdQ8uWiqjXM3fMA +n3p4T9ObD/+yYb7smecjn3i9pztdiEwEEBECAAwFAkJmfugFAwFRgAAACgkQiBtllK5afLYm +AgCgjbsnp8Aul96WCTxTlr4gqQIZA3IAoIbsLUV1yEil7P+d6cKHDDMKvkcAiEwEEBECAAwF +AkJmfyYFAwFRgAAACgkQ12igH4kEUUCrxACdH4eswmGXD6tkW+rgUloZ2jvrbgAAn00XlZSM +zKAEnUjkpWPuyXhZh/27iEwEEBECAAwFAkXlPEoFgwGUOCYACgkQk04W9EUFBiAoowCeICcU +68dsxnibGilUp22v0XeuBeIAn1q+abjXJdWN4PK+WGIgQ3Jf4LwGiEwEEBECAAwFAkdDgs0F +gwIXJSMACgkQzipg5mWeO9BCDACeJqJteaLpDsTggFFSDxABXwnOxBoAn1nfyNM3b9RBvcHB +XTb8CDElkGfriEwEEhECAAwFAkHAxRcFgwHihQAACgkQqlob9p8mIRYIPgCfYIZtJkDcHs/w +qL/cCO7pkeSjumUAn3N6HAfE/ktdFhuvvdDZ0P5M0cJxiFAEEBECABAFAkG4wHkFAwlnUwAD +BQF4AAoJEMdGNjmy13leEwwAnjr+pNLD/8APPHRzuqndNi43c0ZSAKCk89fXlNCp1hmgtzuX +MfDi+ofcJYhQBBARAgAQBQJBzjNXBQMB4TOAAwUBeAAKCRA74djn8YyDnFLsAJ48tPliNkQX +4vOaqLegTvORPrgxowCfVp5Ci+Lb8rIKPpAXYBlTFZM8XSKIUAQQEQIAEAUCQe/hBgUDAeEz +gAMFAXgACgkQ/lxsB3HF0UP8qgCbBODfml+bgo5jGhVjTPsFfCWLx48AoJSQEuXVzytZjjNT +wq3jE+fM3P9aiFAEEBECABAFAkH6zukFAwtIhoADBQF4AAoJEMdGNjmy13leXXoAn0Bw9xyc +H9MPfAQ0NzVX9xoSrCWrAJ95j8NB1jp4haPCRMOXwjRUEWdGYohWBBARCwAGBQJFbfS2AAoJ +EBjqel3g/HENPuMA3RmFI/diU3drQ562+sE8taEB5vEYcRJmOZsZsxEA33TohWUbYyD8NKn/ +grx4HcMThDzUFCu3BsNgjMmIVgQQZwIABgUCTu3IUgAKCRAyGBWIciy7KeetAOCWbgrF2pPR +/6EjRF4jCtY1f9gnft5jea098bXyAN4hYlGLXrLTzfuBgvx4KPW3y0WdRipkQH4BGQ16iFwE +MBECABwFAkXy5Y4VHQB0aWxiYWtldHJ1a2tldCBzaWduAAoJEPy57u5rf7la3UQAnAiTeoif +4lsQ9W4LeMEsRJ7Snfi9AJ4gsRdQEANyNvWzmiru5cdBRVgbp4heBBARCAAGBQJJNca4AAoJ +EBjldo44OkDJIL0A/1USMP2uftcxGhhZlK77t71vY+C+SNEe2YCM8Pbf5+hnAP9QxA9XIple +3a7dqYYpbG6ccvlqaSwEq93s8a2fCRKKHIheBBARCAAGBQJLqImvAAoJEGVdM1P2uuXYp6sB +ALdmqVCoI6E+5qsK6dKXlPkR1CLE+/cL0iUkPzJGSYACAP9y7aLd/MO19gvOsYxwQcR2+5ll +H8FFCzD2z+B/TAcYLoheBBARCAAGBQJMwD8tAAoJEKlCxWYTnAnGWhQA/Rx1fPpRa9jgxFpo +H6nkGV/eUcQj7vdBVQ5cwyqtavm3AP0RmHjMakBLwerY4w8RJh84U/il924PXoEoqbVg9AZ/ +ooheBBARCAAGBQJM806oAAoJECJzs6qakwY+EhUBAIV5Ue8K4USUY/GuvKvOcVzKyBeyE1ED +pGUCmM04U0SCAP0QZtfs1WbKV4iqvQPgqunc/T8Csf7N9DPDduZCKZwgEoheBBARCAAGBQJN +A+LnAAoJEAU4JBybGeWea0kBAL3QknDUYajKiSY3n95eUPVVayAIEFpeDcPQfHjetOVYAQDT +vZgwiCJVOCClsLUUBf3LHbJ02YoBEFXauOtwkrOTk4heBBARCAAGBQJNR16oAAoJENMpAdC8 +RahRACcA/2lxtGH2NLQ4sloC2alF2uV50jJvLae+OGq/urb8IBucAP97Di1R2dvzntphz0O8 +KLQ88oHoo5WkU6fwXi1hkOVqfIheBBARCAAGBQJNZtYkAAoJEH+6szYqVoc4WOQA/2BmBXJB +sV1qQyTix+Vp1Vab0/R6Ax+tCWs0wL7IWfPjAP9IBSl8gCuvs5n9Xr8xhqOYpSW7gekn7ptw +WpvrBr6FeIheBBARCAAGBQJNZ4JqAAoJEAyVctKFGYtJsj8A/jiN1PEwd66lhKe3WAUFM37F +2VC5/EvteOId0wqCPzCVAP9p3YGv8bVLEaSFjehBEdIxHpdUEfVokVNvS4qrFx9MxYheBBAR +CAAGBQJNe9EjAAoJEC/yzcQRJKRp6aIBAKwqfYzp7yTJG7azUXgEKAFH1g6YuP2EfLI9a2Eu +1fWeAP0T7j+gaD7v1KT2ljjeR0lHHE4sSHHwwpQjOaSRccizfIheBBARCAAGBQJNiRbZAAoJ +EOBxfHgEF0pADT8A/0fs9OoglOuFoJ+Td2H407MEiRd8MBSvgri+IqksbITUAQCSNYJtmcTo +OUhljKGji60mKJgHjjtDKIqoLwVqmuLC9oheBBARCAAGBQJOYFnJAAoJEGTXBivZ9jSngAgA +/jtuMK51fa2BugANtKnLeWleCoteIMnYduMtrDtbwYEqAPwLEZjlgOSriP1jzxQ98X6EbRCu +ZqH8+diJZtNQ3jr9kYheBBARCAAGBQJOZ4kBAAoJEFG1olD3Qdmw7H4A/iftZQgLugb/Pm53 +CoeqWH8ltWc0ZFLQdqSnT239QNecAPsFFJJoTpd8EfT4u0bQGdhLS92eUzlBAH52dNj2fHeu +m4heBBARCAAGBQJOZ4uiAAoJEJMLIx+EusMg69wA/Rhg2Hwo7nG800QKpxyrDyFuAqTds02Q +LixVe1PxWms7AQCEFVS1LzZ9wSvwr7nZsbfCTMfXyZ9dSoUxUQZKSAmf/YheBBARCAAGBQJO +bKRWAAoJENywI62Bdfc6LAEA/0GYnFArsYYIkgyjMGgmivURRnTL5zaUAHbJj9EfUBDHAP9+ +qbitYfSll0BXpBzEAfUjpJ5N3VbxeeBZxrSTgMN2SIheBBARCAAGBQJOdByMAAoJEL1/HkLV +RItE5uEA/0mdKUQF1eT7eDN3alby3DpLo7PBClkLDm3vPASAlzOSAQCiTkdTOCowEyebAR7B +PanNlPamzaFS1weNflr6fUJsRoheBBARCAAGBQJOdVcKAAoJECH+jv8iLlmLOtIA/RuupybZ +sOmCZTbj6m7iRbHiXnAKvfjFUAGdj+9vqMl3AQC6GdlWGrd0oHI+RVyyL1+2AR3PboVsLVLk +0YspZgXmooheBBARCAAGBQJOog/3AAoJEFei+I/4CJO2G1IBANdw6G7djYvIkyBS4cbH/XR/ +UnbtrmcfHcEmaeDwKfm4AP9si7xOc8pnv2UJxcpNYvmc/Tcg1Sldp+rSNFbjWhxYAoheBBAR +CAAGBQJPRXfyAAoJEG5t6poCPMjhsCIA/joEqgN88b2fK6o+RVPZMCOiojVOqgKcBIgeoVxY +SrXyAP0ROvCo75h166UZEqL09BZi4nzQfn3yIcXWoP6Q2vnG24heBBARCAAGBQJPYKiCAAoJ +EIj6N1vgA10l/6EA/1EvghcSpOoXHoc3umAbZk2aOr5xWPuR96w8iV53U/ktAP40TuEBKg9h +q3ad9N09JgcdqR9833Etb8G6jmzECm5nl4heBBARCAAGBQJPk8FmAAoJECMdc50TbFxxKzgA +/AwIsJDGRA56zzBFWm7DX83re1Mr7pKjOsmE0AyDh9nNAQCvARsPR6srOyGi2NWo2DVwh/2N +leF5eH93wh5fif03eIheBBARCAAGBQJQvJIzAAoJEJQwk+0pTn8KA84A+wVH/Mt0lch2lVT7 +JhLcjcSJBW7CkWnZtuZ9V6d2PUg/AQD1KnvXYF2qPZUhCHQjqsLc8BkARrf1YLNKDh7achnA +m4heBBARCAAGBQJQ4vuvAAoJEJNyt0CyWYTkEnoBAKUatO4D6XXWjVfuwIMnpL6vMz2V74pq +yXi/udFvcbtTAQCDFCOAUwYr0NOJ+PQdYIExB1+LCNcy3qWElRNsIOD8uoheBBARCAAGBQJR +GU5oAAoJEPwmQrHbFcH10VQBANCA3OBBCqwA+HoAxSCCdJ2V6DqhsMLDveTQyjKlkx+KAQDQ +H86BjADkWnlXePCILtAnES4kyBAn64xGBPlp+DXLRoheBBARCAAGBQJRZ1bjAAoJEPOUEFYK +qQCK92EA/jfk8sT5QN9R5x4e6H4nqGEtaHXHQb+Sm/OcjqpfXfjhAQCPscy7MVNuhQ+queIw +U1mJdXmy5jRBzZPRx+aMxWWDZYheBBARCAAGBQJSFcNGAAoJEEpRx/DtRvDLs1oA/AwgWCXF +Z/WIq0r3nezyTYZOkBmpnLOHBHB2tDn8M408AP9CiTuQ7CE0HLN7Uh4FG2qF/Le6E62D5q5S +Y3SueGz2C4heBBARCAAGBQJSKoWgAAoJEMLWMYu392Pfe1cA/3Snvc7rGT3/8tb4O7iIkN5w +f3yOWoidQiSBLA2hNTQlAP9mvVQAwkpcQs82Nb0wrOa6IKWwuPFvohTeZkcDsjZpvIheBBIR +CgAGBQJRQw3SAAoJEDSAFE3gA10lt4gBAIj5ySxpC4+yKDH74LtPOkatwozWAU+OvbeXjFd+ +/RsdAP9KjPnjTUfNniMN/4bt9yWWI6sUMlJES01/PAUt4280SoheBBMRCAAGBQJNr15AAAoJ +EKinkOoiBAO3F5IA/3o1qJjFbndfJ+Qs3v50Tj2pX1wZUy/bzJniNz8QdcO+AQC1V524olJN +h+uqiANiRag+AL997BZGQSxkQWXQnzJq9IhkBBARAgAkBQJEAXzpAgcAAwUBeBaGPFtePl0r +W0AuXXBncFwuY29tPiQAAAoJEFeIDXDz+f3oUn8AoKWMgZUZD3mvNCL+hG2de6+QIJEjAJwI +U52AKVXrWT3GEBmVIPGnG6rXh4hkBBARCAAMBQJREKLSBYMHVqmAAAoJEPeEHnhQkcxhifMB +AKiVdh6OX0Nkj255abr7BzfeU0mulSzQHW/1MXWyKuoNAQC7g30BD0mRvHnIZDSxGTqIKsXY +PENX4TzcOjUQkVPiJYhkBBARCAAMBQJREKmVBYMHVqmAAAoJEIZfeiM4gBZg1ukA/RMR6vFz +cVIBnAxAV9c2PxJ1LcU/ckqzWl53EI/i0j70AP959VcWATi/orTnwMa75uz/VOWzfsYHnexQ +nnIG6pTEiIhkBBARCAAMBQJREKnWBYMHVqmAAAoJENl7Rvm0DvvqOfoBAM8j2P/w7QgPMYqc +dG0bVjxU89EZA4y+XoSDO8YeM64qAP48gwJwbGyRm8vTRg/y5RonGA2kmo37GFNWmwRK+TIH +sYhkBBARCAAMBQJREKn6BYMHVqmAAAoJELd2kSRe75Vpj88A/RFM9hm0LOCCaXOtrx1qoAgC +zXgHgMUIzoOtj+YXYFRYAP9oo1NGHH7/kwpOSzJ55y2QXvvjlsOmqi37pJUkBvElG4hkBBAR +CAAMBQJREKo9BYMHVqmAAAoJEIkE7Wkcojox2WYA/25+///u7fsEVDNcjmlTkEY6gnEAkxQd +P8p0l/IpKU1pAPwITdD4h0paNr4E/xkN4Fiv3H+Prw/M0rKLzbakQFGrN4hkBBARCAAMBQJR +EKqMBYMHVqmAAAoJEPuu4nqTlGVbv/IA/1kctTFLux9Z1ay1uuK9dwUIzWxzVfWS1LgOM4uk +AWozAP99GBj9Q8c6/YwWZeXrGfYGKJJq8ucfXNc18GOs/jeMhohkBBARCAAMBQJREKrJBYMH +VqmAAAoJENmb+2VGlVopTMkA/j7yYfhoIVTB4+Hoxku+fb3M1M3ywyjc+1XBdD2zXPUnAPwI +5KaHgXkQGDicqUALlatw0s/f4EKBqfeQv7SsOlX6DohkBBARCAAMBQJREKr1BYMHVqmAAAoJ +EHMgZye9cOp6qAgA/RzZ6RMnU5496RXnGiZTdSZtSsNlD51z1bcuvS18OtskAP9O4zCb6kPo +wNlNG1ezOLWBTi4WiFKxOj0l+6PfWZlfF4hkBBARCAAMBQJREKtqBYMHVqmAAAoJEBNXkIRw +qeMnOYoBAN6lwufVNh2qKPYRzk5Pg29SsD5hQkZmdsnvLM4qbszBAQCrCCq65UMeOyPFTw+m +Lx4kkMPNb5Zdm6y7LHGwnnPN+4hkBBARCAAMBQJREKufBYMHVqmAAAoJELH/fMFAwseZnoQB +AKfXdvjb3/QqRUIeHMLEx6mhgZywvGc78JM5VkMaMd5wAQCXQmCpbjQvI3SLdDszbz2xii7g +qUNrvkRZz07v5DS3R4hkBBARCAAMBQJREKvMBYMHVqmAAAoJEJ++yR5SxXA+xEUA/RXrYFul +KGD4wKBZgPN7FvXxrcatuERr1+sSExHTzu/rAP44p8DnZOGbieV9qZz+8yUWmQMKOWvGfyLQ +gSCaHIULIYhkBBIRCAAMBQJRn3jMBYMHhh+AAAoJEICU1Dqrdkd9+3AA/1aE7e5fTpcnRxzz +T/vqRn8ZP7f9GI0UvA2gBAgfuzoRAQCP5kYQJoHJov66QdUlS/m0eRswwTZxMerp3jtuTj4Z +zohqBDARAgAqBQJC+KU9Ix0ATWlzdGFrZSB3aGlsZSBkb2luZyBsb2NhbCBzaWduLi4uAAoJ +EBVNeqxcW1sJ4vcAn3ERVGMi6UpBkZ44TlZJHvJOoVyrAJsFvfGdOvNSArCrd7wEHoxmMDTH +TIh1BDARAgA1BQJDAKDvLh0Abm8gbG9uZ2VyIGZlZWwgaXQncyBhcHByb3ByaWF0ZSB0byBz +aWduIHRoaXMACgkQvZIxoLH+UIuZKgCgvA/Be0txtOPZj+XORIjL2+ty7NQAoIQFv2pJySqb +bUq8+B8P0h0WYClZiHUEMBECADUFAkMAoPcuHQBubyBsb25nZXIgZmVlbCBpdCdzIGFwcHJv +cHJpYXRlIHRvIHNpZ24gdGhpcwAKCRDJwzyyhrFKOLZVAJ9LjQ+sFuDIk2ekajKJdGa6IrZ5 +yQCgjxXCS0IoX4fTr1lFYSGgWDHAaGOIdQQwEQIANQUCQwCg/S4dAG5vIGxvbmdlciBmZWVs +IGl0J3MgYXBwcm9wcmlhdGUgdG8gc2lnbiB0aGlzAAoJEF8I49t3ADyqCPEAoM/UfFPGDqx8 +fwgX4E6bcFHqWe3/AKDnMab2YjUkZyWQ5SorQxPEBXmWuYiMBDARAgBMBQJGgTMRRR0ASSBk +aWRuJ3QgcmVhbGx5IGRvIGEgZ29vZCBjaGVjayBhYm91dCB0aGUgYXV0aGVudGljaXR5IG9m +IHRoaXMga2V5LgAKCRD8sLtcXx+/cMwWAJ9fIufE249FIu+9hXdGEYtNqHgPiwCeLTir5fID +sEA3DspaFO2bfrTg0YCIkwQwEQIAUwUCRo9FTkwdAEkgZG9uJ3QgcmVtZW1iZXIgd2h5IEkg +c2lnbmVkIGl0IG9yaWdpbmFsbHksIHNvIEknbSBmaXhpbmcgdGhhdCBlcnJvciBub3cuAAoJ +EFWOCYKC0iQcTIEAnR3e3pOl8M8BKC2ZoqjO/64JLEW1AJ9akHVwIFv+4R72Ti6h4aOtPC2v +TYiVAwUQQbrTnCnYReUHfp2tAQEWTQP/eTYr2U/tgLzbwXuFJcZB1j/CLL33eMiv8YYpsoka +nueGZFxHaR1W72Q08VkNIs/lMh5xxkWgaimD4wP14w3mCBrZTesGAKLHFWDMDXvrBWA5NfTG +PYr4Yb/2Ek3EaF8RmEVo9bFGHyjPD/cm99V2/UcfRNiRyRxjen5/aFFH8giIlQMFEEHCKbNg +WuXggDDyuQEBaawEAK6FlkYemS3hLE6rrWdX+z2DlPuBSp1P/aqjvtXwhhHBpaQyeze5fB2w +YdjpfCXhSIAWcoLeW+Jso2JKxzbYEpuqqkkHSlnOc0WYMX6chGqYqQtIOfC89eUOiKtCi3K8 +6J5HAbTpPOivmwlYbluw0cbVop0qWZBxk5EJDwko+UcqiJUDBRBBw47bmGpB7xiMt8kBARkJ +A/925B3/BrFuLPHnUTDfk7pitLheJ8tY6AribcClGWGD44gcNBob3hkPWi32Fx2TlnAVP/FZ +N7V4aJuPfAGAJXRjaA+Jsj0tfS5G6qeSGGn0FkcIq6pQjatS+b0+vDgnw4Y0b0qiiS5WE2Ev +5csq9ZQlpA2GlLN8MVcPSd/xlG5igIiVAwUQQcOO25hqQe8YjLfJAQEZCQP/duQd/waxbizx +51Ew35O6YrS4XifLWOgK4m3ApRlhg+OIHDQaG94ZD1ot9hcdk5ZwFT/xWTe1eGibj3wBgCV0 +Y2gPibI9LX0uRuqnkhhp9BZHCLuqQI27Uum9Lrw4J8OWJG9aspkuRgNxL+XLOuWEJaQNhpSz +fDFXD0nf8ZRuYoCIlQMFEEHDpQytR66U54OFHAECOecD/21kJd1ZG7QXEx93DWjgCd4rKVKs +B+z2ujl31IaJFl213/Qgfjmb2W7nYmap5asnpDQ6mLIB/W64QlD4n6s5t0YPn/HJyHRwPVjL +2q/qeCYzjmGgY7n64nEbXsxln/kJy3vTMuKDm1/UKjHebM33UB/inygGWwsbro0+WfdBChym +iJUDBRBB2ZjOQpKaQa8SEEkBAYaDBACreaa3+jC6FjlhcmLEFaBCEM3B+ZjlaEPT4wothQfA +YzLmCbTBk/3+VXFYRWBOle8Wqz5KBhAmgf8e6ynskMrOLA888qLlf77/pvyOrkMDk1ly5Dje +i/kUP/krXAFzZ7djF0PwWFHjwA5mMBTTtKprkY08PoylGValN+w4k2miWYiVAwUQQkCMUnqh +VJhZG8KbAQKwHwP9FNVENlgzchctTHkPe/0MoYZD2HgZKhNph3oAwGd6GF+/Dh5gfq+11MnC +p6YtO8aca5Sux4rsP6SP8lPkVyNTpyUznuHASmwQaFE5H3n52c4nt4uVtq9sfHy1rZD+ag85 +ovy2XW2d89nb3HfLVUwSlbxjpriuDa8Wpg/5dRn9TZqIlQMFEEJ9k+Bq9pILoc7PqAECxnAE +AKNnpyX5sH8DvZm7ffRAGRW6dV81z6M7xToiYHNt/L3VGjniYkCdF5gb/VMUwrAGKEA4T69E +yAHtUqiq0FRVl4waW3z0Vb4aDdFyeAL2FHyzbh28EvT18UN4PBZjKptwntZ67NXADFPBUDI4 +q3OTzKhLztjBqYsaP7OZibHcoWTOiJUDBRBDnVByBm1WaVwuSEcBASmXA/9Wnq1gDBDv162L +oaCnZVG1bqYjxhwwyxTLRe4gszEpUWyzzCceCKMeoyf3PPjdf2W+X5rV07ZPCEDv4zizJlEx +yDNk4C8Gmnzw4yBvuCP1TlZk4TCJRqP38WN8e7Yu/FAF5J1QLMZ3nCF3ys30koz7drHdboFG +TUBZV7qA2f0HSoiVAwUQQ51Q68ELehdvEF5pAQH4VwP/cD0m0O/3l0onFPcjOQoGs/Hf/C5w +YqlRxUieZkiJHkKuREi2Ju1YH2mVhOUGFZha8c/JSbWhefiBtqGKU5JcYV+VyiAJIXuk6rrX +lZ89geDZ7a0KKJjdzc0MFjvSxa7BVaboq9tnLA+JYY0x/o46bJNAmB0IUtqb5Fh+8wiXd06I +lQMFEETXnkz6J44/ecVPuQECZlYEAMcgK+HHDzejAyIrbqZI2ffcijMpu2sUX6ySZzPeUHc9 +4Nbfm6uZxp331/FuePWpvqKm+nDRDx1imkiw11+J4QWX0i8lML7q84dJDkiAo8KGZCL6Tmid +34M/GadicmfdZkfEkToYrRD0Vm/hCst1libElZv4xjwOGF0zWjHWI9beiJUDBTBC+j+XavaS +C6HOz6gBAmcaBACxnzvtzYjl5nsAHGaLJMujvPPIOo23ABv4nDw3nR+ZZk9s0AgOzPpJPBHg +4OtVKY79xckSzo4qLGObqJfx/ps6EdTcQGncGjIej5iGZoyU1LGR/xtR7p9qCSnBcw1dqj4l +sEg/4r4csYe+RlHdvsMfmley20jdfnT4XOdaTqudNYicBBABAgAGBQJFvWfvAAoJEA6e4gkg +AtcViJ8EAKIdSy/gXl4RAd9/juZeoXl5OJSRorrx2HfGTfv9+oPEO9zZwt+zaxzOyKYLRcAt +NWY6XEtkdjA720DjKBS/X+n5AAVVh1bRAdBg29WG5Zq6GTbC2GT440uOdKHCPkIQpFvjINWA +zESUtNFOTiUKCgcquJ6zoE7UoFrKMdmyvLBtiJwEEAECAAYFAlAub44ACgkQQuY/n9Pkx1QH +PwP/ZitWBBfzbbbq/+JBOJEtXXk3Nhl+BjZRTRCdYKoH6tvaqZhOQghHW7PdH5u3QmoadmvT +nitLv5EwAeN2FymMdakeybi3WN9FBrXG8LeEK/QHnPXohlLfIfsSodr5lRD+hMnQJyZrXBtp +SYKS11Sp9CxX85sxe3xwqGqVuSABE72IogQwEQIAYgUCQj/yWVsdAEkgZm9yZ290IHRoYXQg +SSBhY3R1YWxseSBoYXZlIG5vIHdheSBvZiB2ZXJpZnlpbmcgdGhhdCB0aGF0IGtleSByZWFs +bHkgYmVsb25ncyB0byBwZ3AuY29tAAoJEDAZDowfKNiuYzcAnj1zpRXdPcNLXmqP1mpCJS6u +Z78dAKCTQsnx4l5r0EqHuEsozpW2YE4lZ4kBFQMFEEHAt7lvdFJej0q5cgECvIcH/RS7pLEb +P1AL3GyqMP6BshusjzEwWJfrQ06NSnPODLcRwbI+bOfimCnxX401D78PYqE5OEaz2xHfkMqS +gdyDCKGCfjv21AQrmifntTY3JeTx8kW9TCirOIUHqtKRp5CVofT1Stou32YJbO/dgeYMUAAQ +Yq0vacx52xQ5Y94qk1TLqIS26LYTn7r6ItSkS9Sz4+KTMJsgfCwUBnAKj0DnRcIh1lhqkL+Z +USbPF1W+r6tDy6tfObOhKWZVdtKeTmJ8iPoR2ptheEMl15tY9KPtHweUYWwdBW9YtTLvIbhD +QtLta/Ia7a+4ZDLVG6jYHiKi2aOdO3UCpVN9QUfktPK4imqJARUDBRBBwU8G3OqEx4IG8kIB +Atw5B/4y0mHWUi+i/J3EDR36OQLsXNTPU3eOYeraC/cZbMFkO0H3KaJiapN5GU08/H1ETqTA +xxFSS8uWTVHvCmf1+/GzyORn60TeumEwe3bb7XZCxybCOccU8xLwkRZNfHM8W1HT6gq3UZlD +qwoChxDNPdFcdgFMSkFe+3k1UMJz/mGcWHcjuM0nWZ62qfo+yU+WrR/qUKOp4nyH8FFe2zQJ +u8uUCjn82KDwuQIZXwj95QYDitz1obQ48PrAz6y5Jh3KWzLKGEsplHuYmuCgSFThGHyZkDiP +FLmK7abNJ7vuInX5SZInq0fndeAISjpQMGzhNXh2+nqqXY/x7+vVnZhBByk6iQEVAwUQQcFs +RBPNLh6xMvPYAQKBWggAoeO/T2fHXVELv+va+3XYvmxMRHVaNbyJErBS3SVqFK8SgaAOFMCA +sJejIT7XguxGXchu98TsNQs9X9SkpiQ8LmjCzuQaQqEJpjFZjYpMtEyRsSzpPjaJPQTWPTry +zLpIFCHooQiWcW6r/CJXaZuBFwk+xLRjFXpE/CNPhzMTR2uNLhuHwOFEZWnuFsp2BpFHwy5M +5rx0UkfJZ3XlAcvaptMz/Ja0ZGtsRFMU/Y7o+6sQtYQu7H/m2KUe76tkZBEu2FuXaywRtXad +XuaFonQqVG11ZMvnnz4cD8lpGjsjmA8HtuThBxh233GFAzV7JjViycFBzvQU/OK2r7/qvLqj +c4kBFQMFEEHBc89veFaBNbRS4QECw3QH/jEPajp6mwPb2eU3zKlr026/aSgapm3i7XnepUts +fhZIjOF0iSyKsyp+l50RwvWcplFeXTbhNsemNywQxf5LlmrzK6ffzaJMgvMd0DAAx56kqKpi +JD3pCcAO545nm7WdcEhknkyKal3WuEa7xYs2bPAi3GtNgWjOgj1InjiPPsOM+tD7juCZkVj2 +pi928Y6j5iNax78YMtIDmLzk6gDe05ZqoeJ71CJjMDr2S6g/lVPDOklJNgz9+eUF6N929kE3 +rv5E9O9Wdkr/NgwagrERdM3ONPwClh0HHM3LdnfI+OCYLt5pkftjtiYQtr2p2AJm55dIpZHu +AXqnCiDdC0S4DUyJARUDBRBBwn29kTGfx9W42B8BAhT8B/9YGHbJEpN2MxypVuJC+IU27zEW +1NU5/Z+gxT38YYJJMPcefQuecMiDAzgmgTp6WtiLt/py3Tm9mcSQQU3acPavjfSFu4XDsq83 +alGKBxhurLacGscvid1tV9F0sblyWAP6TwZwW41/4obAFLiPgq/Mgm4UVP5egzdYkH6UcNTr +977ov0xp0FCxe+lQIAMHSYrrMYsE8rNTZ6FYb8yQCU7vCltZ2r9ZjR/gF4/X4xG1pLbzS/0O +XQSsEtsbKe9RTihTJaL5A27rYnTwpRmhJIxeQHdy0mYeJzZgTlyxaV/NcTvdwonMWr9XJWXl +95wIWZMweEnxAg82cd2VaAnrX/5xiQEVAwUQQcKhX9c4IS+hYWXbAQElQQf+MXaDWIwSF5hu +GTiQgQpTmZO9+cgQy59bwc8w3K5qRyOKSxAvSx7qCATbm6pU5HLWf3sxSXv6ybd+EmX0zQkO +s6wUsl5nHCJIizfuEM7biaWTh6GaiWGz/SBla9aReE04DWPFzVwXYYQiyc+cq8S2zEU15OQb +PPDM912JlEmiiXVbAemLDrMYMosVlm3YzUkJIx8JVxQSOrU8MucReuFFY+v0UMDwNnmvWAOv +M2phAmCsV+TzHp18BoAo8A5B9mZXpy9NiHG9gv6uJGTnp4dVUrKrPXRwnskw7svWqk5HryjI +JL1q5/H424CsLK7yInTYdIA21Rgq9Q1lTXfdjWrDvokBFQMFEEHWz6B3BZ4y3VODogECmmsH +/ivhRcEoM3k5vpocawfqbrgd7gR1jFhpWRlaH/zHi9HeTGHJCkJ2UYzTYiM9ifdZDWNPxzDc +FwwsK5ct+/0PCHwJKfNAY7zcLJNQX0JhhD3I0qEdoO5Jnqe3LtLCT57SNrtQ7fNr+YHC6cOw +UL7vJccsQ0DrPKiUZk13QyPFV8u4bhxiRZC7H0K4PQzvcFrKbXLik29bnUpymOiBAsgiXGCx +YCVpfQ1dbG+gt09TRrL42LYx2yePpxNw9W9T5Mg7W86p4NLJejNM+GNPWt0ytAiYY4TbGLFQ +nAg92kkRyY9X3qSY7br2vk/UuasHKDePYGUMKC23lmEfv6rTnawPvHeJARUDBRBB2ZDhvSgA +c/+ueEgBAozQB/9+iIw6XJNA7PjSgz4yn7SaJKVy2V098gQk7k6GH+i7fsJarZj9Kn/IjDLZ +4q4szDdFyA9qybCa/D9rPd/YPbENVjWa25cvbCT5EP40gpuDLZ+5B99x6DPL9e2icCC6sdG0 +sPGE0QS9jWgw3E02MQElVLe/eoiN5o+aj0Wtw8NeGGnSYnkKpNe9JHlniKYTVN380MWQw/R0 +mnTLgu8ktYrWzPM4wmdURbwRdcTQZZrejaSCStWLp0cenbqfVPNqzAH9p8gpXvG75RHItZok +IUxMg39+nNG2SizFWqTg2Y3yXN7u2v6PrOKudqGSDMl1GyrIP6qsYTBOwcVdF4iU+cm+iQEV +AwUQQdmVlv1NDm0sZIiqAQLFaggApsuSWc9ESq+YfSsA1SHSbMygQuWc23+3wjaI56CzYft1 +4NOSkPBbt8zXYgMaEtWfHEA5DB/I1VMOpp19RwU31GwCYq4grXEIHWoauLLm2lcDlrMivchz ++HjEbjC+lY0HlenMqCRjWTmGXLRXBGWE1DmbVSJIw3ZPG3AqK5CP1IDbYZognajR9xwddhzz +1STWvDy7DIbNq0LotTmQ7J7s5qQrwynu5gv+Hw1PMKZcIMmeynCp7U8CxxedFj3O4cTlbBy+ +DZDCSHvKcW7bWUD4SRuTjpZ1GVhVy8BXEcRP0kLU4EI8GjTcaHKDYHa5S5sqsem7h6TUpHup +b20tGcESUYkBFQMFEEHZl24Lz0fPIO3gMQECOooH+QGRUyZtjWnlmUDBiLcYYSCAIRu2+LkX +3kh4e0n3wxfsl2uhVuOXnc9N1oOmHo3Sb9LGc4Dwqk8r5ZZnTOwoEO4d2Yn9ZO/uaP2uv1gY +G23B2Hrf/bKNDMsm8F5l+emC0Fl2iP+FgdnhljmIMmC1vuOppuy08cP8iTVliYEmrLj/Ut5k +9ObVJeyJOTs880qU42qb/VDHncSQynhKEH9fvdV+oDgTrCUVq1ugX5ESChMmxh1OgMOBQGh6 +OUOCfL/bbamnglImzeosy/BwgQLkMUNz5lEBhshMd46JbtK8yUj1LLR+Ik9KliY+ADVpXDuC +a3+tHjQjDS5k8NWw5J0aH8mJARUDBRBB3jUEhqM6D+NlefwBAgM0CACMGn4Yr2/MOXvUQFUs +LWFBIaprk/JJHMOOzkF7hzTt0ugD1ALu4qLidznHOCW9S6bXbrkRL5PBQJiWf21RV/wYNTfv +4R0RAChFvfFZjLIiQ8VI3LsIctbfa/0+U9jy6BPe3fPvUHnNPAKB1yeReW64ifv+FlBoeKlT +8QZuIu9O8SZAKkQSvopTMy80LPpFEbU4rhbWtkKGdFr+uFJHlxdM/DWNQOGWNwYkSsUuxnNb +Ks8Ni8kivRP8/KZdxQ4cD5TVWsyCG9hyImRg0Ftqa3sblUf/5g/pgKGz0NfLgsdwtle4mFLy +849qN5mjLIimzEvUf3Hq2AvE74wJ+Go1D/ANiQEVAwUQQigpBHgtxUjvujiBAQGD6Af/VAKz +NK2AgT6Nmi/kLhAfjBUvJICx+xb7U0GIb8JauyWgT4FF+M9H+TzAOrLPurx93TMHT5heFaMR +pb18c98bFmerA5kzjbyI/xu5D2njtF//uRmqoXlUJ55F2QTtl7AQJ/fJUTuSpGc9Ovr6dKku +0p+DqK6NI6O2b4hARhSS2EEVPeJkzl1RNS9Nrg9VYDJIG+OQLE+S7cRul4gL/Hfe3tdhWUfK +XYVEFjEfB43MpgKQlGpL0FRKo67nYjXeBL8fxhIXnYV+XhHfC3+ttIgti9/ZVc0DkETPCMU/ +B+Ptv+NTSwJ58OeSrY//3ZQ7j0hsKwRGBFhRD9CF7Yov5ndhB4kBFQMFEEIus1+GozoP42V5 +/AEC++EIAIijVEQGvRCavHVInFNj3FBUm04sjruSSPkMkAWc6g87eLZWEY8RqMbDvpcLxU/k +XGB+i/YIp7U6EzxuTHdlm7sO9QRc8+DCxXdeLsKOOgTFkuUHSwDW1bPPxjAu8gA5fR+S0jIr +6pGqIAARkRksDEVYI3vj9AgNrzQi5WYkD6tkOTdcJhQwp6HnsGtP3ZKIrjkzJjcOEEb95u22 +q8h6juMw+x17807de2vvX2U+Xn2UT35Z1gS/dfQzdZdiJneI/IM0lTrHCX4vNFGL4XZBDoRM +0pTduAFOIigaYzlnOXZzXtFd+XaZKK8wtOc6cWe1jQ03y6vsmwF+P45TAeccjsKJARUDBRBC +eQq2pjV5yboKovEBAolvCACDbV54atVnFf7+waci5Uj7auONGYAlyxX0fABWjEIqy4QoLp+T +csI4ricafs8x7kY0nGHtsNfRzOi44KYJm3oXuAnpZSB9z2SdxYcBRc4n8z/8BIXUDkuLeECn +UHHVgWe8YuLpHFZj4iZ9ZlL6wnZy/ahxcAwin/jtNPKBhkui+ArvHlmG671dGOqU+uYiB91S +FcDDpjbNAHU6P/00GtBIVllby7D4k546R5nNtSEoeA16aYnO8z9o97qLG1RGL2q1JzpQSf/Q +Nfn5eBDkTnsi3nPVPq9wOukzwLQzpohXsFGIHNFocKxSe884ARCjqc1nIXR08wlYXpvBtOfu +jRraiQEVAwUQQojhz7l4UXTQhVDxAQH5Iwf/YTpWiH0KNcsrP+LwHuS2XUu0Qsk+2ZRBRe46 +UOYTbLiUjrCkW43gDgDljkx7d2KOkn1bRkjnADEkm3CCxWchfx8BOELw4clLarOPiUl/uC7v +rrGmfTlw7mRSJO4HfD52GgJlS7OokiJ3VWpU6xTbNZ7vbHqQTirIa92sQ1itTo3ydPiQ4Z5R +pqGu/crQgQdsU99OjNnrGTeSz22eEXHxF6E13jOuLEbXJADydw7tvjN7VBfUcbe6nQ6/fNZt +sDZgCtpTThIIulUmEMQX2fs5CcWI8XJss7KeD7VR721IzlzmsnXIdejU1J+TiVZmY1Eqqs+p +nHg+wYMYmcu7Ka5XMYkBFQMFEELFXW4qxWeLJ+FZoAEClScIALfV1icg71USgTWHVuOnksBR +vyrZCeWPxFkhlLY6JY6eA0fTUcLzjr0TThm8EYFv98eRIeHX935oIOvjWATA6+nWryCjSxJU +CsTXf6EtWiEClnayxPSQyK9ck8s+XZb1crmo342GSBd3ZaCLXAMQhEKksaSQV+yUlgC3krkd +vUVs5bVHLmkgj0MXUrddPUhHC7C6QKMC6eHYs/yhHkdY4ZadKuf81AAUfBb8R/afh3HNDlKt +nwVUnRTTLII4pNba451Bd2RXkUSOaWpT0s/rTdhO5RPGZfX58Dd8/obKsJPk8mUyfuQbrfGZ +yKtxNvm+TedGW9z6iN6a0MaoIy1cUYCJARUDBRBDM02xGXKT+HtJ9VQBAq/8B/942Yjl/R/f +qxLCfcL3RhvuvGqOmCctBFBGcPB6TD+3azTBtObxbrFEAf83dphDm8vweKUHH5vkr+QsVef+ +XgB+IbPIRacR+r7+L7f9aWkY4h/i/iAM8V51QYedcrjbLGShLyk3w9htilItuqg+B56+dWuq +3JNcAhZFg+1f76wmL716crUFJKsT+HI6ovm4BR5nIPKQDX06zrIBFeXis5Ib0TfnY7kiZ8cH +yPCS93O/yfN63hbJa5UqQCzNhglTcxo9uo0DCo8atPDu9S6mMRI2qJmHXZNjFwaADVHWWnVa +QbEcGiANJOUge6Qs10OvhExNczf4o4zTKZBtGuBmYMWtiQEVAwUQQ/H6pHzUaXo2X2mDAQES +sgf9FYwYYVr0UbaVEvDD/OfCsXbDNIySOHyQ6bHSXM8MDIJKpyp/85qq5SwFbLtxFdnbpom1 +AYA+/k58jAVw9Qr3L6uPV5Kf8ReVmp5kZffN44wz8tY/RmlsGmBtA48UZALM9NJGsLNayf0k +DE+VKwLZOPqaPnLuQh4WjtdhlTmwxNgaB2fnmLYn6fpMpgp9Gxrm70eXqfT2hXB7bLhlMWD8 +NwtRSEiyPmu71Uk8kFny5kiZwrBHd8T3k2shT3tuCy2aUaUPgckb+0yQ0RidxiznJQtzGJhf +z9jjxZp6FzBO3TmYefWHviiTWzsGy9WbVDGCju5AhYz7wP+nuciul5i4/IkBFQMFEEPx+wO7 +EOsTGtkMgQECYCUIANHDubya3DpuK3ny3Ubt5P82mIRX7kQubijg2EEIkh3JqiA5ci5nHadg ++6hYGizH/uR7oeYB/c/ci4j1GikNq9wNT4Wn/BbctMtnypoqiejC7usZRAxrSxHcgCMxDJJl +10CTV3EXdLzCCH7MXXyvneiSWzSZgHfww3E+LhS7cFwLowI6jJUk9V1K6040jPJg/SUI8Ky4 +Na53SmQmz5O9+ZN67k4KBZpfE/Ui6dNOYX7I7HpmMUegmpocp9xaEHSGc8rXhLr/QldftVFc +cKYrw1qjy4tPLjRifwFgQrlNHU97Xq16wySgLmiQSW/vOz7XPfibyrlNfghUOLvqT8rQX+KJ +ARUDBRBGGpONp+Eawzal+GkBAnmhB/0c1SAOUINAnIEttP0BI7L876Wae1215Iiqncp/Jugd +XmPfis14lMmYZH6SuWoV4TTzJ54+Iue4dA539CwdUw0gC7iT7KBmVN0ajtA7AcW0FfDPOcIf +hd/pTj8Kwew/LdlF5J2PAQEpFJ2/qK1D0cP7mw5THExf+H0tcYbiCA081xapdVD9jfCRlFUG +A0cNgUM1W6TkFCfz50LuBmtQ1kS5b1fX+OPdPK8DUUnXGefLqYyuqRZzBg2N9THUC6kFxuZ1 +ubWaOArm0TAuw/f7RiiVYysk7z+nfD9LfGiC91GoWot2rM8UZxexQBnDatL2feyWgLgBTNmF +aipSNzc/JkHmiQEVAwUQRsBySgwtq626QKxjAQLB8Qf/QSAzqdjtQs6YJCDGmK0WU82St8Py +b/C3XGZiEKtRa8ju7DYXbNbd0bEECcLKQdTALaQ3dxS3hSg/5XYlKf17KhaD1R3j0BEwg9Es +XwGaW18vQ1/tDjt9yVjDrGZRsDoUItjBlUp+nUVlFVLREpTCH5Vdjr0UV1rJrqw0SOROJznX +XDUPXYTknidha7bw+eDNFdqX1NfcZq+4rvmuOtUQwSCN5Hfy40FaqUxlnWugLQqQj1hSLNDb +6F/So1F6AxNJI1Y2ceu+WRqw0HzS2r6l9ZV6DcqQEeIF3jBV7nenxOktp5NMMHxyKEkLCPG5 +r+H4OBXNUnVH72+cgK//pAOLoIkBFQMFEEeOCvFGa2l4mGdspAECSakH/3rYqvNG6H1jIodG +asjDw6qyGWwOnTJF90Y9N/ght8ilYNBei0v7lXDZaKhn8Y5idY0ZjSc0t0K54Li4EWtr5SvL +R41Dam/4qqiqUg+HaSCl9tSPFeX/yIoXsnXVJ0GfCtrIgusaIi2hegcYltG1PpnwshhDba28 +JY7909W/K47gkPb6NJb+ttva1rMIFiQqjXIezawtaExwao6aRNE4M2QYR0UnLeei2/Zk3VCs +WP23EjV6cIe0D9vFfQ7MKzuG4T2DPEa8fXbT64jv5IPTZ4OicxiUA9ltv2wKc+hIW9dHiSoN +LiRPhMAiLhiwsVf8HkUR1iMzc2WGQBm614V2utaJARsEEAECAAYFAk4CwTsACgkQDTZL/TSJ +p4d/bQf4nx+iBOTwdnbIMvCx3yZ27xYjcE9ovBG1fUMn3qYbnJWbjueAzuAZas3VshuaPkwj +vEarRk5NOVKbJyzu8H6izbH6ppawC9UuPCw9+ot/I8v/dahQS7upESiyQUQdDJbwO3Krj+kH +A4JqMJjpnYd4WfEKwvsrcz1jmm4SO6T07DQznzh9trZbHOTfTczhCtSy7HUJ2o7WJXHP2YDT +4zmsi3Mu3LemCVV6RrB2Cghorn8ZGL89dwVBCM0WtwSvmNbRWIPOoUsVppFvhBaV7xv5Vf+R +fMZLDnkgZrd7fBuMqEFcfATTtr7uU/IYFvZAdKo2URjUkUqHYIPK5bMnOYR1iQEbBBABAgAG +BQJOAsE7AAoJEA02S/00iaeHf20H+J8fogTk8HZ2yDLwsd8mdu8WI3BPaLwRtX1DJ96mG5yV +m47ngM7gGWrN1bIbmj5MI7xGq0ZOTTlSmycs7vB+os2x+qaWsAvVLjwsPfqLfyPL/3WoUEu7 +qREoskFEHQyW8Dtyq4/pBwOCajCY6Z2HeFnxCsL7K3M9Y5puEjuk9Ow0M584fba2Wxzk303M +4QrUsux1CdqO1iVxz9mA0+M5rItzLty3pglVekawdgoIaK5/GXVJMuhmpSGDnikqE9PKA7OF +928mNzjofHG+910CcuytkXzGSw55IGa3e3wbjKhBXHwE07a+7lPyGBb2QHSqNlEY1JFKh2CD +yuWzJzmEdYkBHAQQAQIABgUCQm8txAAKCRBTGFKa9WrpPTNgB/9KKLtEaQvcHc82JNYdKBD1 +EaHIzJGAEKUhn1oKLs0B0qCHfj85Pa+UtcluO23g5di88XSOyeIgDv04/ENnfzKHUnI8fvYi +TnNbFOYnPXxwbbHVIOnqphHKavtguL2SUZkccqMUWIPAfzNoKouArXC0TzfLebu26fYdsgmr +kBm6B3qKLVjbCG7SGrl/ZtjCJmkFOT14je6xJlR/LrR3xCkK28950x13K3quErvqEtlm+vPc +brx/xtYgZ37saAQ8/wGkbpv7/6oKPRyDkVnE/x0vJh2IkqUXPTb9jUF7KrEzpmRe12kzRubi +gZtM/y/VJjbyhV/IQhbl3ADHKDuvR697iQEcBBABAgAGBQJDoSQTAAoJECnZLSEortaNEGYI +AJ24tMN3lgQ3TUIFY8GDn3GrVnBaWJPMhg/kEXBL5gKt56MxEmoy/GKZBtXAGE/bxihmZNFU +naLEm4R3mqSknp3sFURV+OqZPNJWHp7+oxV0KUt7DOt+HJeKKiAarZ+jFgnjZ7OI9KtFTAmZ +J9DsOtPKE2M+qetxJcBD4usd7FsJOIIyLlIzrMo+Y6Gggv6hR6y4mpoGCsfNj/6XtMRTlP8x +Y3oIMKuKvSHMOAPl1tOpZkrVx+yUZB6+uCo42hSbe1eprD0vDoRNGOGs63OJJODwNSBAsJsz +UsVNLSnNFp0lVscgo6TFXK7hc8Sxrpzx1uqx1lLIF+hGqeIs/Mo7b6mJARwEEAECAAYFAkOh +JBMACgkQKdktISiu1o0QZggAnbi0w3eWBDdNQgVjwYOfcatWcFpYk8yGD+QRcEvmAq3nozES +1hNfdTVVZLhkDRkXwa7Z/2meXn222hDnLOCTtfjUYeP46pk80lYenv6jFXQpS3sM634cl4oq +IBqtn6MWCeNns4j0q0VMCZkn0Ow608oTYz6p63ElwEPi6x3sWwk4gjIuUjOsyj5joaCC/qFH +rLiamgYKx82P/pe0xFOU/zFjeggwq4q9Icw4A+XW06lmStXH7JRkHr64KjjaFJt7V6msPS8O +hE0Y4azrc4kk4PA1IECwmzNSxU0tKc0WnSVWxyCjpMVcruFzxLGunPHW6rHWUsgX6Eap4iz8 +yjtvqYkBHAQQAQIABgUCRBfk6wAKCRDkLbL89SJutWoAB/9XqfRzlVrThTvwjDroEpgDZSj5 +oKeHJWNWP77wDCAzwja2PxkK8eUCVbjMeRqgIVHMHzsdN96SIQ/BVVL6SBb7KP3uHQvdDCeH +vOR7cfhJEsdQ7zIs5gKo/9Njqy+fi0Fgv6G/E5+L9s/UZeBqGlPda4KhxK5f8pDpSQYHlpgW +9tcDjgUTcYmGjg/nWcipQtOzFZMP1sh5u96/DRzBZoHH5DcRrCaNiveSBBoRHHI1pUogfvCu +t6Ov7vOekDrXBHwmkqPUbXyFeT2wi38K2oFNrnv5lT0B6UCb49b00iRu/l+kjXWCrw1Nm33Y +I0BxKh2UM7QyvuVraNSdCFSMOepjiQEcBBABAgAGBQJEgK8yAAoJECZJc7D9BKMmecUH/0G0 +ds0Vwed71QkdxG1i3gyBDz7p3HN0obB17ICl1+hCnpB8TQePH3rSrF6rlxMEzN56om40ZvdC +yZ8HU3TUBY1cIBcmJDvSc+fbsLy4uzuCjkLikXMRA51CjziidD0jLPaABUazuXh+8pudLeW7 +E4IORIOdnnvkPYG4Lyd3IeAqu+NEtyOMK0c4BLX/Fohk20YddtZLBieEidfkxQ3mwE6vR0Y6 +x5xXLrxWq0MRgy0U7EBgYc31ybev06lyFLmuGkwS7Ef9XaHBgg+WUm+F+8UiBJ4Iu+k/mRc1 +Ql6bo7m8mxxWbqt5rcXqYG8zXyjo2l/FpNxtMsM804Mmgla5oGSJARwEEAECAAYFAkXDr2oA +CgkQ393l/0mdhI0xSQf/Uc0Yw0vFnqVwNM/eShNLqKJYSGjNGU4DHBgI/MojyN1yMPm82FvE +PNjSMymVDcNTw4Uqn6oDkq+BiNBalBTJQoXlQL6dy+WWLEBWvntUtZH7zcpaPWH/bxilT3p8 +GU2dCUeTcFLNlg1Uy5l9zChjbXXpXiHlx3jlkw384+nNmQg7jLa2w6oG1YNSEVA66Pq6O8k1 +mSMcLk7eZ2DD6iIdVeA1QVoSH+s8f1krIcLp3goDG/CbHPISkGElYZ+nY9gA23BxFpzNQqNg +hJd4fzUfp7UP63DagGo39lRzjo62DjVTnqy1991sCc32WM9Xn84z3wZ7Uw1uLlx4LH8rNoKQ +0okBHAQQAQIABgUCRhKCAAAKCRCDz8ieYyx0v859B/90URm8shWHTHavtDqeWi2dYhvRG8gG +Pxeh/CLzHvsyRI4uriri5yaebuk7zy9Pp01EaBz2mgGRP3pfegU5QiPujJf6EyDI1Kk5qtaL +fdnAdpAIA/YumG1PnNxFyqDsB5cMw0tYh7wLUzH+oKrAMUZ19eYUpcMzSqJk+Do0cJ54ntGN +lBH11i/uiVRbL/KgPJMLHQMiosiv6XzjrrSpturILXw7B9UD9niXqkWyyxbKKeLAXJfRfWQY +E3ZT7XCou+ShGEAj/envYapMl+w4bFBJgDBLVa2Bl4U2Zg4jJtVaUpe0G14Hob+kz5GppN0I +aKCockbDoGOTJcRfjtyVW3VciQEcBBABAgAGBQJGp/oYAAoJEDQuCzwIs/YJTwgH/inm3WwV +KdXmIPPs9xGt5a7RxodYy0v59OxNfVW+JK3IkMkZa672eQZArxIDVv99WQh6TXwFjKY5fpoy +ikDYO1I3wW8qOeu4x9IFVUcvpE7Z021Evjg+4ERI0EoI+fBs0z78A7K6ayI5e6g0xDtWT+Uj +wIiZICnPR8n3XB343PYVtQBK/fXjY6jYHhaVj4C5L4UKFh7+5udv7WFu+OZpwjingQ4vBmAB +KLTjnzN/DZ6T7mxrI/XJg3mrBHUsorKcIBJr/2pWbXJCIUe86FX5hPrf3DQKI83mPRvFkmvx +pQWRuf2wBnr/xwBx4ZvWjtM39+YQFqctydN9xEt9Zj15a6eJARwEEAECAAYFAkdNyDIACgkQ +/L9Sqis+Yjd2FggAjQmlnSV71OJk4y3fxnz6I5jY+ztU8HOME39iSAN3Jd27jHprpz67wm10 +Zd0PiuAGXx1DRRVakIAJnI8kcV2IMHm1eDYAeilpQXUqsPHPT3KmBKx2NZ09IfZ7KUhZAaOR +kSimuSj68tkj0vPKLWCY4S2AIvG7MhLNh01c2zn67/8mBekdOnv6JpQrNj5+egIwPU8nU9A0 +nTMQCgZpreSXM9WjfsuhspFdvyHMBxropRurM7ZWdNSAcwXS6obQ/BgXPfacWzFqxItcxkpG +mz28BTMI+fvlaA4eZq9udn4Us3hHZ6DvL5w7Y2Vx+xKG4VoZPnpgnK8ybq5CAdbpWyvP2IkB +HAQQAQIABgUCSDJsbQAKCRAEAaogRtOX/3wDCACRnLd2kNkZqLDPq0xIj4Uvbn+sFr62axW9 +SBomsCnF8sYxZJhig9LjtBEgm0i17FRMsH6YuriuOVk0QJ6EaAr22OGvzd/Q0BQ/8oMAr3k+ +YQUeK7go5zn3mRArDcOirWe+35YbpWQLip1pN3YZXW4GU5cfIG4sfM+8p1I1aTF51Ap6cFEI +w7J4vrvtF3SgOmxfdTpoNu6+tlVFO5fpx+Ix4qG8UOBWPXP3KgyF0/4d2ob4CxZtZb+Js0g4 +xFupNN2U5L9hBYBnrZ14t3wmJiyk5/YnvINAeZ5wpL+DuK+nhPkq0ZVxdacDE9ctJIAqlSmh +1eHTZ8jQ64BTKRCVlAHriQEcBBABAgAGBQJIvn/VAAoJEOnF3QKdJiZtszIIALEG5F/8JkRQ ++mm64S54D3WqP+ZHR5Ajd6jgvY8JOAE67rzITr8s1xcXW4OC7AeFtmaljtAqot37kjs6lHnJ +/JiRxr9CmYdzv9FpkkzFhhhUTllWiAHY8JWpPKfaQRBmOl1fMQFSJ2np0oADCcxfLz2jYtx9 +8z/VkR7G68SNk+y3DnLMc4Pc+YPUrZtgfOB7iXhxnDmpOFkRPokzbXbiu2e3cQxAc5zga8A/ +AYjNJNN7NjiYeOEx2SKJaiGWOvdifv+0fwp1Yd/wJ50uT9lSU724ZX7Mt8iCoEtKXZrQUKk8 +vcJjPOQo07RJLHiwNphzN36QYvdifUyutQB4jD6MGHiJARwEEAECAAYFAkjL7ngACgkQOnjr +TPFCDo6csQf/YKIs5k1i9KycRDqVZd4XLd3K2AD4EsyGtTGsC+7TA7VRirlJ0Tu15y15OICu +9sRxSnGeLprAmp8h4g707k8F2CeQPgQuv9n1LfwLVyZsBlvEDgIlR6LubeKiRXZmN3dzsybk +AfKrGKXUTOkXiPF9tX3ddGFIdYKlX49TktksAnG6gYDSFwYsLIUNZka9GnOHtcTMq7skPSVT +67TLyB5zC4xO/8QmZLof73sIT5quPSl9H35d7huAfZFb7ymg2ALcLAUu7y43jS8hCm6984Q/ +INT0qYiRM842MDV2cfofJaEhG6GNaYA3PLaJ/zlTCLrrEPwYERl4weK2Xq3xA1I0sokBHAQQ +AQIABgUCSTVKswAKCRBRkI8FP/0GSaZQB/oD0ZrOwJh/e9xecdPEdtsNYRUAYT1ahwFBxNbA +FXLjHIiqGMmHdCvZjlMNbTHc10A8f94uu4FQN16iAb9UHBF8+lO/IqE+LQNnVeyRi5Eb1Q6r +7dVB/Ic9ruudei8AmmRQF5y5RLAFysl20jphTsjewPvMy1sJQniAg4ahzY07VMpAcVJsUehF +E3q9vUScSsSkJI6imgflPQgfQgoQPsuKcbSr1bwjMDj8ewh5mFIR3Ru9yDW3sNXVNG2j6OO3 +CNdL86Dn06xBeT12vA+fnICAi3WxpINvbB0EXyk4wxSRKP3gEX4rIlbSkM+3Mlwl1/mOrmWh +GmJFbHfO3xI0E/1biQEcBBABAgAGBQJJYeQ0AAoJEFyl5OKa21WS0OgIAKLZ5QWGLwz1YN2Z +bBCyWknIdqf+0i8eS4bCjbWGSVFdbFoy+NypnFVTqqhi49BJo2hnQOpImyellJLIn04RDgEe +E6esIt3ZW8tbNSCREB+nlGZ/8wnsqKjLuNdDIJyP3uu2fC1WdaklYnjc+brsYN8HEezRYf1f +JhVxVD3NbgoIbABpeveeb83Ecq5oPGnaOCZ9b/NP0mUNlEKwmOF5YWfltpxw7mcrrDB1IJgS +DkEWHgCUTNoPfaPevBTQv7DqgDvvA0lKqcuU8KOIAzTQd29xllvakBfECT+6AXgiA5UJDwJQ +yiMwGoIJPpcXAmLx8NR05bBWlEUMu3xH6JaAgGaJARwEEAECAAYFAkm7GEwACgkQjBSFwK87 +aXTYtggApjSl0++KDiOdXo+FIPYsu9AnOzT2P1f29RbL4qfgNqIs3a1j9cBzQkN5RYT+zs2P +C6y10u15Q0hL0GT8jfunJaxB65WhYxCDdzypFzekKAwsvYcHKjwx0HktEZ4EnIzWgwqEG1MU +Hfki7CkokUZZy0VqYaNk9wA+UpnMeQM2ZyrNdQ4/eBKDobakiV6KGR5FI+gDdoO3qSOOZgJN +XxTwrh/3OXY336aE1chocQ76Kx0JR+I7A4My+FeuBobYqLVIwR8l4UKT4skh27XzkCbrqI4Q +ihQpHj5P7+X21o+tcwhz0efJkibcPPE/DAyMDVPkZRSvlRB5XUz8sdt1+Uxhw4kBHAQQAQIA +BgUCSb0WCgAKCRBN6N+mun8mrs9sB/9CRV6RBpGap7UU+503HhYbsHda0FXQNdfxlcj7yzH5 +H8sGbYnEaStGO1HwVhYgq8xtEfPMZ5CcA93TWv1RXmIcyUU0TXV2W/+0/9jHmPmOgghLnoj3 +MWku0XgwubfY9J4a86pko+8rH4SsKVZeQ6RkrqeyeYlD2R2MT9KlRqTzRQwB6TGDXCXiGTHE +ok90G2oWYCy8LFFDkuqhTj0vTcLqIWvKxFs2/GjsftRjcTT+ZoKMsLb+CuC0NuwEHlfrBT1p +3709oM8Z0lj4j9t3W73az72dSW4KAdRlgbZJbf8GJIvHjDfW/+8VmDldtfhoZh38FiI0DV00 +kixOf4x6bTemiQEcBBABAgAGBQJKjy2pAAoJEJHK+B1kakmRNIUH/3WvCRHVMtYAkNDdHZcA +xU5UDKDEpUYE94cFKqp84WaMMEbn965oVHyAV+lk1QI8wp5iUOAVkHCTEc8YpxdYyoXEVx2s +dK9G0gnTNlfaDE/4EDNEeuZuP/xgWV22+OnOU8pDpnOeRWUUM0xjSXqzg3mHcmvDOHHnOwdw +1KC0bQRDuy+bVLzrAs4r8rPTDsxSKYw0xtMsDVOjVdHjulfMByxVmkbroX1DlJ4LNCf0HT8a +xvKowfBU9Nu7Pq/aw35Wj1c2e4gKWxUFnY3mPp6P72EL+39rhXGdzYbd0IG7wksw7nDA9CiA +s6EOlrKG0A2ziXeLR6A5mqy+dcKNlGLrwlSJARwEEAECAAYFAkqbN8wACgkQFp6637aC+/tU +Ogf/aVsGaE8PvFVvUOeMzdZzpc08AH7eUObsnWaUJE4AoOAwntmOEoL3nPfmPSYMfk2zdb/l +acvp8oY9rjhTMZzLHZjYlzwCgu7XaduKrRoeVdrebdliC8li8lblHxUNspOA+esGC9y42FC3 +44EQnWunfEJqV3vW3WXYdf4dMFzBjvSgstmKQkgpYfMFSF32JQGtGkkBwftym7qwY8LaQnhU +V8yx4PJoNJUu2KMIXtmpQL+QLIF0F1e2yxPTyUdnuzHaAKd5KuYKAYmcJpndhbLxSYpjHLQ6 +b04DjV0wgIJHkI3OtBoGL9njPfz6JaAZmCs3oP+0OorUxo3qwVtf+0rOsokBHAQQAQIABgUC +Sps42AAKCRBs3DM0v/5/3mTmB/sGJLaQv5UdCat3eW58DMvMUSXpXTru6cCoK+8Ai83Vjl3n +iETXjMFE4uwHHyjbT77udK4kstOgT58uLoMboMEAIgagk1eUFmfTFS+TFeb9lRyEfeP/eRFI +QzaZtXqsy4nEKrSbrBmfyfV6zrkTr5p5qhJsujfO4mEaVQAmCwENdvLwPupD1P/bDE464WMp +HGWwhy0SfgqR5f2ufbS2eO3EAv+PACK4FDkaAClaETbSWDIylIIeTuAqic676hXvz2fO++XD +p+ihmAN6JAj3y/ebSWI2PcE0IWS4YPI/xuITNq+S2oa0d7b69+boWtZ/QbWXCEwwlEDSuf+5 +NGREgp8xiQEcBBABAgAGBQJKmz2uAAoJEAf1UvnxFyrrEFwH/Rs/w1l/tUmBkaZ3WVqAoyPa +iHjqJgdgE8/jVh9cNgZJwmAoHkdrAsDzBH4mj+P2TJY8FqCjOMnY6y+FzOZKRXEb9zjPzTiz +XrwVRLfYXhVZLUZrLrV3RxaFAJt/ozqm0jILzhfPMC1BBf/mpj/F8M97KcaoF2ooBMx89Xbj +3xWVLrXfa7//cSRguGCEV5sF/aMWYcLAq6JAdWYras6PdqgK0H/ZcSATT07h+CoUjOUASGrn +01kfXKdfWz0AuL8afQPj0SYexP8072SQPVcXQwhrow3t5jEDgJ9ai4JX4oo24glLKLuSadNr +/UHExfF9yhTsaY4iu/dN9rHt9sGCbryJARwEEAECAAYFAkqbPhMACgkQHt3DFXKyB7k0rAf9 +GpQU1xyhOSGUM1/fzmqTmAEb6mmDdT9x/9hF7dvREPDvE6VCHHj9Xf0cb8vkP40z3BURLH5r +1YDeGCARpxDDLZcn7r2UlhQkrcGNUpgiNNdKMG6y1Qfsf4LlpdjFomi+ErmY9sveidfGsLit +jGtijuHuXkE+N0NYarwXzqL7/Z1bTKajJ8f2zkDlZYE6YdzYIHCgWZhSTMZXhvK9ei3Ob3Ge +YQ5zY0lgJXAobXB2PFRjEvfNzH4kcAyHkHdAioEOByqEVfKrolt9dNVYLyMGVoIaIXb0RwKS +fVfzTVfJqurnGq5Y1B48Kvsn63OjJfXt7LhD8kYq0SzFqe5ki78j8okBHAQQAQIABgUCSsjr +VAAKCRBsMIg8qaUqeCCBB/4j1+Cg50D3LGmFmDkw8ECjd+ici0NH5zpslfjGmHzcfV9Rum7P +H5lxrfpHrz4/bvKmvIzzraNw1pdkzYRXtMdrboc6a2f7Mkh+/XaPutHhDGudM90uOUR0clBb +TwnSkMD8oI0YPrXCr++PtquVSkaN5KUAQokRtXYOcJVjvu3lHjVqcGKurSckpguzEmFMHHAZ +f51cQAWKN5TV2vvH+IR+K3oIzwEJNz04EhuD0/GRvpiMlKjIQ3aa8FTGhQ3h0TP+UIIjORdQ +dTiKQfppODIjg51vi9RPBWDsiZyrOLuE7xuE+B7rXl91OmarAtCYHdFnT4Gn3s2+M2aB8uIT +UiW5iQEcBBABAgAGBQJK57RnAAoJECFwHpJcEbGwPfIH/1Q/Bb+MiAmzzDVERVLpWQgpzjzR +MwEuLnz4V278qujEWiYwLkO7hXYklfkbgxx0Yr4XH6OUXIOQXas00J/lh3KzFclmCwTweNY3 +rbWxqTF2knd2lCpZ35/IZltCozSuSVLFoDgIBtbaGNp810j8nTJVuPp8/lZV3KAJSro9gW9o +tTF4J86USo7mnsH76OLujlQqye7lGoohvBSsA9uI6uNemjRA/OPhJbKSgv/IGlTTLOJROEvQ +FBFQ2KSjeIHVxGhvZUMXmgg9mzgdZ8m8vSEbokAxARc53e+jBPWq/XwZ1U3z8jpzqx7h1oVu +NVIMeu9+uSHD2Cr/sN3QvoZ5TxeJARwEEAECAAYFAksI7zcACgkQxU2iX9uLln6Zwgf/Upnk +XoicBHJKF56B4hM0gLY9iqiL1Y5amJepn57XA+eXZI55vXdXrGBWY2aSdgNB1Rt47piINEu8 +WZg0cbRuQa/5wHPIXokT2AAmEpNQLy42vz2987sBSh6nawwjOIfa1CmVOExOMWL5tZXDgO30 +XxbK4RN/2sES6TJ6NgCeXKYgtjvLljWB/zQ18wMHhAnF0sH09AfJmYukvJHLy0jFKkmMhdWC +d0557NwUmz1Tm6GzWEPeK4Rm8Lr0XkhgfnjJtw9LaqkQ9B8Bkwusg7GXAmlcEjs41YhZBsvC +ZORliOFH1wihD5EwPzpAG+TP+uKaXr23lmd050YpfLu8pje7ZYkBHAQQAQIABgUCSwkPcwAK +CRDHeSvxFJaGkWfhB/9peXpEKg2fQjDStA29ivmUid0c6zmgfV68X3u9rWvSjWHCsbW4wCkH +khR/xAZR5u1/a7xkzwRVIpnBafiQZmszoq8yDOWWSG92EusxeNijNHfw4CR80eCF1Yg2LuqK +3kvkoVh39YiGvgWArJr4N6OpGOPba8VSLU0Y2VisgSFSR82qEaoHkTTY3rd5z4iCJgnQ+xpT +6njk0U+Uoi41sN099OnL3NPi1keIK9yYsFExjHo6ll/Kre+6rkR4KI8ZxYblChkRzE5Pjx5T +E2kHGkIL1ydba1+puOaZJd0CPgRw2FjsDEwyuoWFiR/iuXqfFR77KlEcf185PFpsmtBjFoB4 +iQEcBBABAgAGBQJLEuB3AAoJEBWI0NIWdnDTAuIH/0NYOg2rHHZAVn32ZXhcRr/9FZfEdG5L +cwBFWSOFHhcL0H3/GrzZzhWXXuO7VYBsoBkzjnkARHMW5HQFQhQY8B6KhN7PpXVZ7GtKYf9L +m5+NLUyxER5rxjU9hrbi4XLRCO32nDu5Iuf9kyH1MjY/iqJ3gh4pIqigyqYZZH1yjnhOrrtg +JyABtfPHxeP9/PKj1BXjzJzdUR3zsZnO2K4ASRTUZalPylHCY4YOTa2kjfVmvrp/94DYsXLo +WErSt1vIB0VZVpgpXsL9XBx0IFEJTdH7MC6voW5tv1N9h3pCtk0HYN8k3CDkpzZhSiXwoGpl +7W3wqm68Y34g+diNLaKBSAKJARwEEAECAAYFAkslHsIACgkQVLP+2sl+x7V2NQf+IfUdmkGn +OmccP4YQm0OtBKYyfVF0wFqWc7xU/1i8NjfJyr3e/Sbb+KE3hgyV+bsqCfKI1ChRrLKtg2V7 +A8dxu1YwWLrzd3Kg52fSNestsoONQGOUVAny3AyOPa8d0FJ2Tuerh+8Ci+PShPMzvkaWPws9 +F0HbTEQIecm5IwxS14CzEEjDDICoNOik60XbDnJH9uvi9bSwBL7dhHX+EioDcmtJMVc+FVY+ +E/8ADih+3VeeaHghNEvETuchGmMqOSAONaxk7iEs9RUDfpM+DHwdKJSvqcOiW8yJHYwlZOBK +4Q1UropwMlwoh2AObMj+1TXBcYyKZlKVUajJ8BblGCb2W4kBHAQQAQIABgUCSywGMQAKCRBm +JAozLe73BCZoB/45u5ZB6Ka3OmFWz8pvvOervykv4or4BfGuU1pWiCJ/8+LTjH+sW7tL/4vR +kzqal4BF9qLJ9XnAlEwLK3kgJ/ZP7ZhDt2Lc8fhwu8GMzaXbRffwyXlC9U2w0CE57XuulLWg +ezxeVdItotg1HXXnuHegXENm5MmMZLQO0GU5Die+yeX2f6/Fc5QQfsv7mpZ6AwhmF3Fkxwm2 +WloNd3ifHx6nA+W1N7ikrtTVk6QSB1niEMneNYgOqykk/l34OBZGepqBROJQWfEbXaYtYAlu +J3xdsY7FBwljT+xc9TmxIn/hZI/0o4DmJTxMtmlBJGpzokMgyPsBVA8YQTLaX9uMIEVGiQEc +BBABAgAGBQJLNpFDAAoJEPgN9wItixQGfAgIAKX9Sis/e/d/lCDp6Y4I+jqKxwmnrIcQgCYr +cdTwC22PcAAPYmKTmoCpvUQ3x2d5JML961uWLC8Vg1TLQ4/16c5gWKGAgyIUBi8A+1vgWb7v +9s/HHsFlt910L2JGndrKb87QM+91sZVeS6ozYXto5cghTw7qXwqZdPbDBj24BROgGWB+tldZ +6fKdz99Tkvio0ekxTD0G+jRdbpHuOizzAb+6K6F0vACrThhCPJ8r7w5pCC/KTKMEW7dGQft6 +1+7xUEKICq9fFVklahAynQTBTFwnagT76BML89YXIZs0nw47RwLvE5+kRAoHW3hAnIvxK9Al +pywohF5VScbUncC8yb+JARwEEAECAAYFAktAjhQACgkQFdq5JRU4Q12JmQf/UB3QT7V8yl7p +9OMCN/v8sUmFZRzunO8mhCe+/5QqSYmcdEO6N0cN3d0qnvKp9D6gbsozlhXXJtxT/lcyLc8O +QwiCcyLrF3Iu/D4MkB/mj4ln3I7qnx3SpbSX2HBGW8062AMGQl53VOK8IyhquMr4Eum/HCsi +rLc+gHKSjV+pqAuRjQC1eYVBa7K/UqFCxiO7nnW2r+Tcpk7E6JXNUUe659Yq9C/PzkuBQccT +/wjJlAN1z7W9rBR+VtEZ6YChanwIxwezWFujebUfwXz+beVCtVRF3+eTr254wu1aL5nt5Gv7 +mNSAsAhPORizjiMm5KlDEvdMBXpIgvrz1jo7OGKsa4kBHAQQAQIABgUCS1ru/wAKCRD623Ps +3UYSIYSzB/4lmuiyzqx4sZCwpFTu+7sXKFfkhv5/8uB3BR5kL0N4n3CIZL6EYnK/G0o1Vtjo +Fu5RtT1L5OuBMZUAgS7AS53vUSZVFvp6iqZsa3wO5cJdxzp8vV29gvvTYI3r0b3uZxa0w0Vo +YvPIe2B5ni+G0rfX6ODvwHdjID8GyweljXWWnH/1zujIOcJUV2BkZiwKViLSUleC42+8fHAx +5W0UzeipUiYeYsHWFPPCIdl6pyPekJ06RbqRirK0ZKjS+z7XKnhJBAnGHrYjNmaNaD81qLFz +RuyFKei0SN/RX7A83lAzCkidSyefjpTynNzLpn10vUv10QmPmUZWEeEXN33rwWcSiQEcBBAB +AgAGBQJLdCZ4AAoJEH49EF04a3+yBggIALIbpMo9DvbyludM7dnWZjFrjmv1LgyFrw6Sb2bX +ek+aGZIAbjQIMz6bQissOLx986q0QcwC3bMZK/UptoFOws3NzOr715+yr7MXeD3ZSSz6GJzQ +AlfN3pnL/KJSNBIfN1S2QNhu5P32f6fbRzV0qlUl+8bbXu79CjYtn1Eub/pc0p6h1P9NH1Z2 +mOSB67pmPx6iPJTB2Wmcn7zTjUQV6yxFpfIQ35HHAgp7NkE0Ud3jxR6ZHT2Og0uMTUGrLl8U +P9nlwqW1JyD6fSdm/md6byC+du20jVU4HaPjHPH6w4hLH0fy3p2lb5K9V90EfpKERpwaNPV4 +IwIfmsBVLYFixq6JARwEEAECAAYFAkupOMoACgkQgo2EZGQSVELN/wf+IwSKGDtUuXL3lPKJ +IXDZRlqYWbL8DrVUwOjpFz9/7WEO3zn+d55OLDfDxDTajXcTuuxXrUsjtum0EgaWznmySebY +6MPcI895hd1wbF4uehGhzL1/kQc82cVzMMtfS8jfWXaPxOWNePSmtkpBln2/P07dieYLldGo +SJJ8OrXEMI11QspvLVv88x+x0ODizWeuYJumGU931cDSPGzfD9h9N0US6FsK4pft9RwgJ0E4 +1bTlhSmXBhH5d3bu3ShNoLK5AnSBfPnhIGONm6knym63KOMc0SXKocY+vQromM/4NXTptB49 +no6vXeIFyxvmfuGs+O9+XlfuKXOxqDW8rydM/YkBHAQQAQIABgUCS7yyRQAKCRA2955DH/tP +YuPuB/4n3fRx/d8eSK4jfCZ6T+HX/ThgJmMDe99DoZmHeMuDiROvDctbcJvR5qqUp7lMsF8c +B19YDznbTMCyKvH5ZsdEpREzp8LFnSzcYtIXvu5gjNwCC/8gMIyArcJxYwG/2UQxuUG/zZD7 +RQ8Pl92jHEb4Cz+fP/mKAtcu2nXPxd3C6NCLdyqhbXJCSuwmMSzbl3K08pvWmBB1wkLyeLDI +3Yr41iFiskB3JGzrvYUi98AVAspd8IeyD/fiteP7MqY300HfOrnN3ApPwFHdVHpuQKWLytvX +bA3AWawmDZlbRvoY4f08mseX+iA3gh8iUWr0CEODMHS4G1jN/cJKzqbdx9+DiQEcBBABAgAG +BQJL3VvfAAoJEMGin57KPrf8xgwH/ixlPhhg5hOjTMBuW6qHScL0z/UPtx4o0Q5f6rP+XIsM +UFNa0895HAYZk2HDJBiSDBv53S3faEhujVVvAzXmyFDhbudZunAOoMkOYMkTVu7oNZQCBIJF +bE7nN/eEfgyCsAQSk+xgr+q0D3OefXfLiRgC44xCSy+nFh0c420ws0GO+jd0a5m8KtxD57RH +i76w2RFu9Hb6R+Mf6WicWahIM2kM1JgYl6IyS7HJ1Yklrkj3U9VTb5E0sI0xQbw+pOzfXaDI +cmBPHub8cgyztN1jgVSvw8EV5WXnvSpOVgca85CarcbgnYZ7BHZVt6kNFaEx6WRkunz6BlFi +3ZFN+piGtJqJARwEEAECAAYFAkviYQcACgkQcTEsuehR0guqvgf9HPY5aNbdIEBZz/r1Nl3p +LJRpCOAFAKFLeyXoxUi6B0YGdm/ozYNLK6CXCD1P16cS/gjJPN3Wp9VqYoGAqvWr6RVYWdNL +t6xEixOv1SbTv0OmUyU0PbRU03Mg06r8+QrTec6JP7i1JgLguhDvAF/9uisjO5fL6LPzCmf9 +UjQcffw9d0eKx+EXGoEHYMqibE3KA/XnL+Z7hBJrC/zAFG7hYb6QimBry7yXBeLLJCK2iE0D +ZRQ5JQAtD5Zrjx8gDW/acnN9Z3sDYr21RUBrNTHtmShaEwU7gUe8L0cK1ZPTcAg7JCDw1iTh +3Ly9fS7fZRk4ymbXuJnbbm138bXBvMxJd4kBHAQQAQIABgUCS/BwCAAKCRAG1xokeFMuksSR +CACdLtYrxe/8BJNmErgmRSC61KE+J+T7/vLddp3ZszUtnV5TUHCZyWgHASo+R+P83cGm5UBb +D0iJIqgsHebE8UWZLBkrp+Ul4QSYzzF4mxBwNRAC1XFzSCuAv+yaJXMwklqI9VufLglUs/q8 +5g8rB5bd1HOqTO720QnWdRlm7bq7Q/Sz+4yUPBG76w3AW3sNTkultMnzMFI0J2jNhkrTEtei +F6mvZBzYkgbbdmI/kt+8b1qH8vTRXZe0dq5nY2sRW4ujvJAlUAHmy2f3amRBfxcBibIrA0Zz +rnTklj9qKd8aC+ptowI49IJ90hdP8MBwAQchb8kujD965rD70/nGAQzaiQEcBBABAgAGBQJM +CopvAAoJEIkIN8ipQjLytEUH/iiyn/N0kpXasuC+sdbPIw2XZd5dXSxWV+BliabcygboGfJw +n3Ada+isjf0WkKOFHA9p1t+6ZQtDlkgpYgh0hVPUrzNqgKYSaxXoCyFa/Vk0TJzkC96m1IS0 +r6fHEDxYGTJhYGNH8TDUBljqQ5gqDwNCUAyevUWSpm7SsTgMrBB7g305XtKd+/3xJbG3NVI+ +bh5i3CUs74Km4ycjNxppvAo0NR35xXYfqX8HH74UNe9En8ObSKhrYjDA/TVeTyDro/EP4VC1 +UpL8KEYTSTqSF6AVqAybTZ78Pc2Lu6HSbjSZcEi9QdXZM5v1K4NHW/6aRdmaN5vnbVVLxzmq +p2/2oj2JARwEEAECAAYFAkwZMRUACgkQ/Cgw27yG79bsAAf+IHWSV6HnvtCDvzuxW+udoS/G +MB/ZFbZn9YdhnLd/WTPoeCySY5wniaCWvhZKtwt/OjPZr0fO8pi+L/k+PzQgpuo6xS7Wl2Fh +Ad1mq+h19AC0a87Huely1LAcBzOXTKk5x3KQqHvQnwmZ4QgvFTZ/ySsRzOZsz8XG2coWQ9b4 +Tyo7RqwA9SK2Apek9BffcI7S84+fJm1bq2/fj2z/dMS0NVnnvVJud32FbRPpCLbGEUBhr9tR +lhbEw80ZzWwfWPoGxouBEPSQp/Wt6URQZb+PMnJqhvaf5l+RMnm5/Qj8TmLwbQ1QgC8EKaxz +2nankbFyUn6f8/mzmPBDdDXEY2zVeokBHAQQAQIABgUCTFYj5gAKCRBrdR/1mboUsnPxB/9g +QNOrbql1d/w4qkZoYF6l7iY4+mW8JA3AwldfdF8fMkYoIqhsfbjsU/CCh/cGxQRJtJC0cOX8 +AftKgiIGfWrjaS5i2a/DFn+xcFUySo7o4r8OAQY+lZpt5OycLwkbo1AyMocoxJfKKWTP9oIP +8rNEls+XBGlufxmACiQ/cvp1v6nqQzgYb6B+NrzH4LHiuG5RMVYYMJgF1RAHg3x8KTOMvAGH +636dp3QUKFl87rYXbBSG+A+RcUtqQeibLaeodJ54oaGbvtJ7jaFryYbEf99TtbzIL+ySFnbH +KeWdplrYnjL+rs6l+4d5LhAttEfgWoqp/Qmv3DyuD2iP1mCZjSYgiQEcBBABAgAGBQJMYN+5 +AAoJEEyJCldSQWdwKhkH/i62XwsfudSSqT9r16tmR4V/5fRcgfpdj0MUhck3kxEYQXl4bagD +Qf/aggeLdYzzI1ODGsV7irL0LcgGUaOwCPJIo04/gzuv24MMw3kpXXXaq6Zkn0LNCRGQuGWq +5+p8yu6WSPpQrHke/gKmlF4UqM4DIFTQDlU+ZqVuFXjuqSXhYZ6lJHsQZrCElEC4aA0Ij3ht +Ly/Q1kY+/1c3YPf5EU4a6DA9wx6B4kENbxHt4AIYNOu5yEbmNgV8n9ArgPrqAmIcDuLV0keL +gmpfhM1xsaQqwqn0gP+g0eaS4Q0uhAHZhfHO1EK4E2/aG3SabT2bOfSZt57r/9BTrks1wO4A +UwiJARwEEAECAAYFAkxybTwACgkQAvwjEeR5oOXbWAgAsirPoDoZ3WdKpfDQzn4UQfy8R14d +sswYLCb1NKzZyYHNy02BHID7sUE1q8m8pkOAYIrPlg22HmHI//pbbRrOnXgSo/Jkv+ChtV8o +8TQU6wjBegwjLnboVfcMF916LqeP8KqtaSkrIAwwEe2hKxZv5epyE5fKtEmLzLrsAr6tyLhw +flnb0g29JZ8qsuWpCSZU27PZEGMIjDdXd/sTUq9Zv5x85uuUJpOHwsYxNq2JXG/IaclJJudC +dljyGhYovpGezSEdLIApTRa7F2BrSZm80viSdzg1DsS8AtBGyN3Xp+WagmpP9e8YLGgJEgFh +95y8FQ9HgGq9RPPCKR19mPG4kokBHAQQAQIABgUCTIIkLgAKCRD3j5/oSuW2EBIIB/94z7po +j7d0o6okzFv7vuzXJ7V42/qBJODgZ4Z/X7nTJ/xYxHnZUqoDZHvFgoGl58L46Qw/MzcxSI4n +QTxjMet6cVW9AA/Yq1ZHKAwiTR9Fd59KBgiPLOgakOCrTi+EPiFuV1QuPgA9O7E/GmvBzgh/ +HMlBoYuLtMu81uDkDU6aKcf2v2CN6YhNqAwVyGXdewsrkjplMVch5YcdevST6bKdIwG96vun +lpJNPWRLk8zX/FPYvJWpASQGspT4Yr2NHMRQZtk1NfFAcbypodqzF90G7swPUax4eQH/ppnm +pBKrCxXcjpCI9zzzaDJ1KWTVMUMXMJ2qdLrMVAtpY8qrqyILiQEcBBABAgAGBQJMijvNAAoJ +ECddKXm5eGlpfy4IAKIR93UJDu9duM/sLELakXL5+829oyzRHdGbptAgzC8ThN8U/24dEYhd +A18z2Cl57j3dzePl/glU0IeWUM08S1gJXYWGm0WCnEUoXiQqtbKDxcGnHfLsaxP4rg25Noq2 +E4VXj/GQPhtVsppGuTZmDsyp0ZbhqSk/8N18Omy+mk+DXRp6Q3kDvB4kTL282jqkCqVxipLf +nAA871OqgRPXA1WDr+hIxmvrBWG3rYcLVN4BwdqhzyFJtOTrJ4oMftJ+2qTauUmoTu6+P9hO +OsOUTwxVV3r25uRrYqyNuL3c2GHCFPOnnRIUesRV+9rnoiWWnzd4pkNhiR+BTpFiTFQBSouJ +ARwEEAECAAYFAkyQ9BgACgkQOKUSo37/2UE/VAf7BH2PmR5DWMO3C3xlUHkeStLm2+gF6iCV +4VIOses9kZqbpRKtUDCbVYP5TbbFLatyZO5H663qu6zUuKli1FdO3EHGScmUnsZD4ijfvltn +qCec/uCff2kitPZROjgeYnSXbqLA67QgzSc/b0NxUBv9OVlLYSVuNN+wmDOuoGe7bGUgWv6j +ydycCCCrBA9pdK0cBLgCS5HW8nzMvToWNC5Y35TKoWv9U62mr7qG15Kbe3wt3+Jx0tdpAPnL +AW6xgtvnjx8Ga8HUb82fLefcSq5WyYzCLsxy5SKFZVofhmOkZaRjvU8ub2zTpDejCXkLgVTr +ZPv4H81WHfG2kiiDAjxDE4kBHAQQAQIABgUCTM3WkwAKCRA9/cacN87JeSh9CACLpAuGyqxY +VEpoGCsWw7JjI2wXgIinyjs/d+WuMg6jkwHlzRCitNPPZTD5xkDxEN/mPYE74RT21neyhTF3 +gsykv3qtBHYI67XiRZbNT7dF+jytdTEEgeZsKqB4ZeTMjo/RafIJDsWaAep0ScQrLwQ7Bz1k +bEnzfVf266Z9fezwa0Pp+1mf+IedfpFdgkN67pUcNYWZ7Oj0nZTTpZv/uCfF6skEeFqXdw2G +9b3Pc4iK1PV/r6R+vLc5jTvqrVqEDFyc2DY7lMRDBpot0LroZP+kIAe+YGcfTqexlaaXSKWc +hNcnOONWfsiFhrfZiXVLoK935BrndVxN3B0p4SDHTAbkiQEcBBABAgAGBQJM2a1dAAoJEMfU +ISciuiZKfY8H/iNPdgfn7qad8j3Mrwl2Q3sBCDFFifxSX07QJZ5hHIj7JYLJR3WbKkRp21VX +YfNtZz4Oy8qq5ouwYu7sc+lN7oW1CNO20bbjAUhXaBirt9TZUh1k8ltjBKFbJoP4uP/CkkvB +KIihDK40rcIoT50LTFY8gxLHtDxTToBKD3NZE8KrHY/Gj4OYBoqw93jmTDab6ZQ1csO0f8Av +zfuIr7RPhGRYKfK9kp4y9mlfnpv6akXhcu/d0rwfZL83Yyv4VOYj1A7uN2uunZyKQGU0KLkL +RmwK2kZIX0KRsB+K1K/7+hUxZMK/YaMK74ty4pBihnHGVv9EeEIoQeEWTnAqp29XxuOJARwE +EAECAAYFAkzysroACgkQOWiovtuGK4DQGQf/b4bRzL1aB2aj53vKpnOwl7N8mCir64DMB0ng +0Azd5GaBTXtwZodVJ9UtgAAFNNU+0cumyHq0MhdQObO6TIwquVqEHdPtnw/jTTvErDjIIZ4U +P0p4vY+yQFH/TOkjQxFCyvBGhWFJL9GRr007rascfwDis9K+XDeKp2S5nmPwJuWQxEPUiqBf +dwl1sQtNOulKh37BuG4W946bmLAC39KTnmwQRq+o7Z6EuHM8+iVGQBiJBkjsOgiyL1C0x6bo +OYEn9m1QMAO12T/wJ7pVR4GqEfOgrCNKZWHIDfqHUJtnsX9TW1CkuD6deu5autVyrG76AuxJ +WyJOv6JMgaDSLZ14y4kBHAQQAQIABgUCTP5IzAAKCRBCsjW0aCN+8LzRB/9iLTUzdNwyDzGv +nOsUwEYBjLmDX2wDZ8j8/+Y7565faN9t9O3+3aP+nO+9pK9zxCzccUjysaWVb3Dxm73khCTL +btzpDdJDsgY+TLroZO3QRaqCzZ0zWlNHaOcfdVi7Uy4i4R4Z4DYW1hptYYMm6DgysKBxMkeW +UldTU1xKGCwap8CeWNZtERCsXNE/fKKOvOLTzJE70oSfp+/19VIgqPeNBzl1NOzrFF/Y/Pwt +MRDyHz1siGxVzw0LwdmetFvqfnllpSbgFRbIEXD1fm95W9qzJnhf2xSestC2VNZjk70LQOdr +3XbCNQZjlDfnLH/FWtQRCEryw/+A39WZFx+kj5WLiQEcBBABAgAGBQJNEB9KAAoJECulqVkQ +h53wG1UH/2aDHv7hx7+rQEXxQabRGQWz+TVn0e2zYMTT2bXdS0EHyrR7eHan3uicWwuwuAtM +kITlX0ALdFG+47SJe5iB1c8sAlRPhNi94pIPzoBJ4GTHSZYtOAoJPgY5eudvtJjF6k+tw3E0 +SEcrBryLLMrqLSTwsJqCDA8dDDJyrF5mkQkWGR9bNhtOcFw/WkeofGcQWuEh9POXTmMsLLk4 +mU445lX92fTm6Oair+S8szqFJ54mBtt8W4Qeru2UtJxNtAGuSO2aeeS+eLh6vjQJQkd/niEf +9ZTOeOpAz4ft1XhPSrF74jTuEgpP4kLsuvZ6/jK6T71ZzZdPFF45ZFxWZbKATUqJARwEEAEC +AAYFAk0ZfsgACgkQM4cFaAKGGJRtCggAx3CMXnoANQmTXYfSq1r0Cen2HxvnmWs6GL3ESeBz +x2MUn5YhaGHJXouq65qg/69kBHr80TPADGnk95bw9WKuo8a/PeR7bD1WZl7X7Cvz3wQg4cqV +SbDncdWlsdHg0mvF5pj93JOmlgaVgvEm1LtTFL8Hf99QfwO4LhmgUUsrbz91+0dQOlttljsh +15wP7tvNyg/WvHT3C9MdXLLkxetolWkX/Cv+Nq/iBlegnaKxYZAo8U924VTbQbf+t1mrpDya +dSr/2rM+joQ4O5qgfSdo1D0uiUgCZLGGBrpzm1SZq2ylH3u1HRa+/OepAdvMUx09j80i10cC +duRjXSf9V36D/YkBHAQQAQIABgUCTSUZYAAKCRBbjy0yOzQXTicoB/9rVG2I/tKdq/aJCR46 +dTum96MvV0GSbjFIy6ThlV5JbvZQNE4nv2tFc3C9lzUo7dl9Q1Z59eqTZg+yyXKpBinY+QI/ +QntbmttcqG/XJFwzt4AnX2WqcPzSCJ/bW1+4gbFhJEctX56HTWvEz/AW38+GXUbnAyNVizV9 +TTuNnqRICr9sCdkB+YU1CCfJNG6161KD2rgLs46isnZez/0DndcNf7hcnPuaRvAOoMkJMiev +HSWYr5Nnq2yAlkPSKhT2AgFPmA/1SnAfs55rfwleSxNU/rkAw4E6yjNG2KD+srCMzDinh/aX +fXkzXTCSGfw5SK1HbHVhPBHWY6aap0SpmXBKiQEcBBABAgAGBQJNJnGBAAoJEJXUidfsGuMh ++IgH/1ydgG/0lhRzowRx8RDub6ZcdRpX3+kK/fP6BkAcBj6C3CB1nZiw/DZy5JWFF9AIG7CU +Pxi+ViGD2bkZLDBH8bTsPmUwYaTjX9tOBmOXn2YjgV1A391TOP0pm6LQKrOqm+c7bhQ017ZM +f2mdbPsCmnYpIWZzue3VETSPCRQ5T7tc3IpVutlRr+rPgroouil4BLvIi2lbZSNDugle1+cw +CoK3sJ3egvG/4uFBKxplIdeyG9RHcvUjolzbBuXhX0zqqY8W/bxVvniQXEQydmuEal/fV3lc +2Lq1HLmZWiVP2RMh1Yf/KuaOW2nI38tfAejmoFtt/lb579IThHaY4j8/nJqJARwEEAECAAYF +Ak1QG5wACgkQo0WcqqOyas4X1gf/eYZ4jvoLaTg8p7cjcK7odfgNhInrAs0AxXhwtxZesjJA +CZzpra+FieAT+Qe++48q6ymxbvbiNTKTEU2mnn7CQoOLWAsJHzTkwk8HGzszExQZ9F6LomjD +oW49CMPPj6XXGeyshP7ugE3ccheRpwYW9+YvNLsV+1QdLzGdXRizzxspt9fTHf9GqKpKYm1A +QRUk7QL4VwAyRi8Be+wEq8etRBuEPM8pzlCOIqR65HZ97U5OBgB+IHv3I/ZrVNNkb1yVGJaG +xnq6n+N6a6ivDv1Pvnr/f624nQZwaATc/6kPLvfi5n8haJ/S9Ak3fJc0P5sctwFddKhGEOp3 +S0Ikzp7OUokBHAQQAQIABgUCTVP09QAKCRDFKoUXoLfYLnc0B/9NLnBeQZJJRDnQUsHsdg1R +h2yqRGFDNAQpfsaPYyZTahHSxMmZC9EKal/sbR6sTyBioi3Ih15t47ZmVcp5OAbUQ46OkMR9 +IpKT85kfbm41yDgPx/LpzT0BjrdXC/ucaymsud9hXBfP9rrecuXE0N2R+o8EgObErcS4wMIi +3+Mt4VoAI08Q2lIpCQBjT1pcxPHMYYpy1X9r01snTQlaRY5KSDoPu6+IFkMZPbJTjDcHOsJw +PazJNuXrERxhWTkrRcPMhxClXECEBTTyoJAohBOx4ZPbznaV0Jy1fWJdVvVqKAfy69OOxqKZ +b6yvEmSfa7J+wVT+gMUs7Q2dTfSpsTvyiQEcBBABAgAGBQJNVCgRAAoJEFVzpOJcXGFhNEoH +/R93iIykbsBW+vdQ9tFNu/MnEol3t6BoLcOD9wHvJvvD+mdoeoMEufDXhL6kua6A/ns29KrK +NlnanHZ0OQP48NislKi47kxL4tOh20M3rTQ37ijuo/+x2kyRrhu0EZcFyxSAR4kCP+BpscvZ +48mWsYCNBZ1RG3e/7wu23DZL3HGrfbMZyjJ5RBxxX8Ds34o29z7PigpjYpQuAiVCKeDneQNw +ykmwxdmeiZXWHSmBQ7WhLm2Xy7qy+ZmTYV9XVkZQV5iVvwdW8vU/HTdu5jjVozgO9FLcRZlb +EvK9HpFZbSUSIaU+P2r+UmPxOuUpflgx1lpdHBchYWAAtd8L6EVI8GqJARwEEAECAAYFAk1X +ND4ACgkQKnj8WGzqmMpxLQgArGIWbBrYpgCQjvXpfDTP4SlShVRC5zRfsw1SCCF2kdBbZKsY +dl/sY3Kgys1ak9LwTSsjGpVJ6SQFytUHpSz/TNW+J8hOpYrRih+7vgqMOn94S7Cwr6pSQd04 +uXp2o17wTj8HTdbdeD71D+M6A9kqn5C2wnCBFTFDwIYwkLlN8lmzMYI+v07Ow/ebLl0+vpwJ +HXPvuHbnkS7GwY7/50xEdfLNAhaKFWAqlkLy4GhYIJ5HaQQJk0WtenW2+/SSg8PPxjaup91J +sRbT3XtNQosCfF4dJtEUCXSsFnCAMSeEb6omA+6rtlTxrqEPveyDSZruLXTy25aU/beF4WYd +W4Z804kBHAQQAQIABgUCTV7yFgAKCRCivuCSi1hE0BUDB/9uydU3aTxqMGim4IO44rOH5yjR +f06Z2n9lXKJ+W6+Kt21rWcLD3h19goTYn9XdoOPHkXgj/pNplhiwRjh6Adcza3ymDN2WOZTi +xojqVXRygjOtA3bNI7X8eHZOnKTXP/7IN44qJzuVIeS6hh5cSWq97kRSuJj+TdT3adF2YVsF +6Q4Sni/a6AXk9Gj0K61TWXZniMl9rH8nqIj3T5ILchR/i3ZzbFLKMaQRfpW4oDj+3+HG6T8b +TAr1ThyAjCziJLxh7qKlWtwdXY1Ml6RmJPh3GCx/x4sBzg9nrkt95XfkorjCgU4kjAGWfylv +agWm7XnNzIh6i2ChqceBmdeLXfaPiQEcBBABAgAGBQJNbTdWAAoJEIHq7RE4XPLs8toH/icv +maO1Bw6TyLm57sBy3JL/DPDd3SDqhOTonFSi0AQIP4Goz3r3iaGuOSQXNIlnDzpCbM4MhGsX +l6iLZ2ssnBS9bUL39ZIDIPK16skv0OZbjlESNdcB5J/rX2c4d8Ao4E8UI92r/jQ1cmeLk86+ +3WsOq9FSqhHjvRaMzu7SscoPUYviNYusgv6n5BTnMb/2o2BfwITY+jYIRBtumoCesWR9atVg +oU46FTjpnDx+Oi4pL24WnZNQygN14DpB1+3ySdZVixqAQoO710nzlMwyHZK4yXwLwF0KBMfj +7NMlTA1Nj5QsbnAQ0Gl7+JPSI65Y7sYTJFhrxKDaO7nRetsl7uiJARwEEAECAAYFAk15BJ0A +CgkQ/wPZeS7wMLeTVwf+OhWAEOfzrO0RP+ZScJpitui5W2WDFhe4JovSO6g3t/BzUkKC4wsI +4akIrek33407hpF3ww52RHkpyjU78qXCXZFmcopefzov277uiGUajqOcUrhMwayrfgFsttfw +616t50dTG/jMtA5CxDrgtwuESbR6zN3nU2leqyFY6jsv5jccSHGRF64nBCkpA+m1NJIu14Cw +HiB4aa2Zey/TvbdodDlQhOGnnybDvPCHJJWuvIR2tECsNPyBLQ3TdG4GtoHaQNnCpMAhE8Is +Oy1E4XPnKpBS8BgMEQTMru2f34QIliqK5YPW3tfXT4JfKscR1aaECGSZUCplrzjzCQCkUYHa +1okBHAQQAQIABgUCTXlB7wAKCRBI29aQMJwwXjusB/9SJ5stvfpfM7+YsfwfuVAXfQ5kXWNI +OGP12mbTaunkjxdQ7gtguWZ4hHRbVAq0KFWICuAWWUiqOUr8hIa8UisrzK4BEjgPprNrqErI +RhojzaK5YbzPJYWbZMI1t7uNnspwpntpr7ix9YqdN511m/UPXcGgmxUGItBlf494BIzm1Ufw +bOGfRJnTKaZQLeCi8PBOVUeaftutojnE2/VnGnX3uMNSzEc1a2VPPDCCL9yDINo1ZaKKFD+5 +Bw387V4WsexWNutTmKi1PIpnrc14Xh9Zy6YROH85wqjFfnQvXOflJbn58mgBB4+YwqRO7dHj +gZorxUQznJMIuU7v1gUDdpZziQEcBBABAgAGBQJNflc4AAoJEOBS8lIZrmJuDXUH/jEFd/Br +61cOo6uNt4IvIEGY2jTqopM1ohATmGJalcHmxcBUi/zKbbpBeZRznmn6CgVSh3RBAMFexiaR +wziKV5wZRlTwV11eXaUSMNm+eIBDJBLVSy9pbmkIKCcasVJ6HR2lmm8PF0K2TuaGKYIGZ+/U ++a6+fBsvQqFyY/mKcLyenaFF318CveYraWuPAfUHE3XawVh/2M8kQlgDFSk+qeC8xRvAmvTV +XwMkx6U9Q0w02uNkFl5/JfuVZN+9CMYRJDCLkCIK5ui0+QMN18wVlbvYoULV3/K5TyAmotPi +PaiETzK8P3PNvDv7W1Qv2dxKzupBnTUL55GeTsoj3B8h+16JARwEEAECAAYFAk2CO9gACgkQ +vap6Rtxc51FTlwf8DkeFVC1zrZTmfaYj2se4kqtcE/YTogi1HynmHeEtUA1xHYIEQaBS2toq +2/gjJvfskFKY9G/dzuWY0JNEVfBaOc3YsrkwkgGx2PNkhTKNrux29ujz3Pkvnzh/ziGwKvin +iARxxAGJ6F+NI6iwVP5HR9FLAvNpb3Bw5nMHm9LttmvorRN3nOyPdgCBOqz8UdTvqwQ9SorZ +NydQ5Fq1bbWlOIXUADYpOzULzHw95m++GFivA6MMW3r6KGlGY6zMV7eAxIzGjZCQP1IYXJbD +lrsDGToOdzyfmPuqVOzIwWGleJHah1FITlbWop0upS3O/EUvnsYxKgTkAkzlOERv75DSaYkB +HAQQAQIABgUCTZOvmQAKCRBEVIv0H3UTFqMAB/9XNpKy7rU23RdGOhbO2XSw6Z3JJiR8ZFvR +voBYyA03JHS9wUYl1dRb4HQGpzdPITOJQzEyuF7iq2w7aPJF530eAHc0LN7k3Wvi+i01uLtR +K136C+Q/P/ofJk8Tts7hQ0JARtdRzwOETdpI0S3QEpeeIt7WRETayeooo2ExFndk6QAyeEty +Wf8/pyIqI/GF5E/F/JOZ3Qh0rAYGfFJ/NXi6LYS1U3NOQ1YxTzaxF9+3iGXY27rCx8jQEFg5 +3ViR9FajvEvyDaOqxZ0C80WQZVUMyRcXr0Thgtg71bSCc1MKpOCuzyuM/MzsJGtpUgoF2gwv +DmsHSRrSuu37ijcpZY4NiQEcBBABAgAGBQJNmNWKAAoJEG50CUA0cgosWKkIAIRj2ahtgri1 +3h8q2FsJ47Nvu6YBGMqi1fTzF4ccPbHmtzCsEgZPHTKSpTw49tfxNftlg9jYu8z/71xAtb0q +/grpQMRSeFV3LxcXTMs+7lCb92OiXBt6yaJsmIlJ6eVRe3k3Hd1FmwRzKiMbQiGw5uO+ntqt +W0GUTIW3sXpO0qJ7fTDxodaqNrXbhLowAd1ftjTJZH25ifrkP9VFzdtq3Pu+rit4TC+JjBHl +QmFLv60HjNWO5CCjC6HcV94dPArsjvi8m79TFzSMJAwL4jtlWaspIYUyMCOLDG3R8Xb0b1ju +CfrMEAw7pgkefBUwcMWZurSXwCnv+/8j/lKZ6z2QWniJARwEEAECAAYFAk2ydj8ACgkQtZRq +HJBc9C8VRQf/R0s1YZkVpGzmqrOYxJtYqHlgURmbWSQyjti+VFGQEjd+wrGwurVYcZoLIa6V +IyHFRVcDgC88q8yxOTPgjuOUiM3nojaLGpKtaf8S8/AIWj8H+ciFQDcYYuLmzt0JNd/y8j4E +PspizPisAUs97i6Euaf1KogfCLBXUbiYM8NGfCi3wvCUVMKskWV+82+WvC7Hfh7HyHzn0HHr +nNAc71labHaXaH+jdfo6O3nwTvlqM/H9Dj9e8oI9I6WavH2ByI6A+wt7xLm/IgOXfaKH6kzk +2JECwmeUcFD7x0DLr4jrGX89SXD48nvjZJiENvqDytMfErfp6WmyDKMO1rDR0MhX3YkBHAQQ +AQIABgUCTbVbAAAKCRAt1TnAal1X6tMuCACiFNnujRa+vL6D718WMi3grpHdfC0zXYbBMrpO +vrm1XvRJ28jhPDH3j/D6KhEPKxIQ28IuRAOFPiohOMV+LpZkGn1YVgC6/Br+yRuT37wTW2XK +s16QZQT4TNJh9NmYXEd0ciC11KuQ0wP7Xm5tTabtHO6Gz0Ofeiwy8gRno+7uOm1k72/3X4i8 +nSF+dxFyCpjPlOfxENGPJBRjuwUiAOjtJ7ZbZ+dSEG+ppA9DL2yrvPzBct8ujH52d77RHJ8Z +bvnJHaeXNWn//Rkw9SR/UYbbPojj6NxjLXmjht+8LR5CVkA/K5wFjJI12pRQtgwxcs5kBDZa +oxA1hrFjwjlwyugUiQEcBBABAgAGBQJN5CfCAAoJEPN7BOnLDI1RxtIIAI27XY2GaF+ulGi6 +IpS9OUWPJ3wjVOXFsve7K7xEmzP22K7NUMp5PAb6F9eROMCAMEHA13aiTec9f2/gqEdXJP8A +yw3H3sqwk/RTMXZTbSib7qbwvazj9RhBmQa4vpD9O6THQLaHjHDUzr2meP5Yv+jhjo/baVqB +QjmNC0q7XFrT/VeWpDCLZEsnzOvOMd1ymD102QyPUA/AIMX21shm1X7Pwx7dM2h0/sfvfikz +Dagn68VnNbdS0BWr+h2AJTxwJ4q5wovvk23KXFN2+WkQoLrbElXaSeSQ5p6I6sL2lP+9ufFt ++RVM1zb9iImGd1Z9UOJYTBXIyLHomBDIvjj/bNCJARwEEAECAAYFAk3qHN8ACgkQgbVCgYHj +5ASyCQf/eD9pz9OJE9nvs/Q2+ynneGu0vu6UxwfPE4rsxJdCFkaau59/2yEET34FEvhX/xkR +haZDIdpkFgJZBAdp5wnyA4BDapTAkKHtUnBlv3ZDwDN0cL4teIfR9aOrw8MDUYa1BLKPj2FC +g7b8mlgkWixVyjss0UTpMnEmNUEeO86sM1Kq6uH5psE1tanHUX5JzDqhYyLYTkqC4Tjt9o2Q +uzdqLE0Ipzdb+M+TUWOZXL3EZl64aY6j7zmaU/fTP7NqDdBoJP3nXwzd7c4XdtfcFKEEWeNM +hHBMK4D6iiGiWf/iIaG+3AX2kusZfPwR7JfyhbdSUXuUzHmKIHDqHSImh9yfe4kBHAQQAQIA +BgUCTgNGhwAKCRCmv+duYCuwhFYVB/9UrCM3kvfx6Zy/qKB+3UfFGdxPEIp0lR2BOhRH1EjB +rZboGj/7Tq84EUdfs0Md6Ey87CE3zC6fOv+CAOT8d0CdEwtf3AtIotufo3SCVYq7CDhl8E/K +rn1NkkknYfeK+IBVnXCA4W0jG/esLfmlPI9VEqZesC22RDPDLH89uh8qpDbZFKHjCHaVV5l5 +L92OBdIKc2ThP2ZSlTwrj4NBD+pjV3mnmiOltdI6Y+0a75mibTOYGK/VB/18JN1pYuvHyiOR +JTT8sK7kKxz0QEkPAlzMh2MR6hgDiHpl4RHaXFCZ3fElKVHT62N4bVxMWcofU1nThoyqBXFm +Xb+6p3RXav9TiQEcBBABAgAGBQJODj+xAAoJELxZ6Kem04bHp1YIAIIo4Cdt+b+l07LrOLvI +g94D+t+c9pA5CxS7WsCwkKd0Q3N7Cp3OiuhJSssYEyQHa0fiqkzP8U9e2zAcNimCNq9+sPVF +QE/GlMUxnXjZ/L6OG5XyAWn30atCFq+4SfjcVbAfIFMr9T4rt/UZgxTCU6Nxtwm16m5Voz/1 +W10Fega9KUTd6p4Jy4YZdDdT9HcK8wEIrDCSoZOu/PkdEtCGBz6el5L9g5rDvkaQllA+UHu4 +BPgkul3DkQHKlrNeEkAruOFz1S4JuWITbraJ3eQzjbGd9A/QVv1YFLjVapBFBhW/9eaklbI8 +C+ftn1TQtCADqT4fUkJ5wz/Rq0UiIGDJqkKJARwEEAECAAYFAk4WU7sACgkQ+2marj4TClEW +tQf+P7zmID5fYtVA49/CSfoy5LcHGzqWuCRSrD7Mygd4L6e/1ovYbZJwYgF26NDlUxHBIzet +8W6lpK66nAmEYP4AKU4swMXwgc8rYCZ3N55TeXhqZ6BOYPmZv+KGtWCsqngMIvvRcRRS0lCX +SgT8tWR9zkgslSjBPYAvED5iYksbh4f/LGntIUnhqWY5P9wGi1a24F9vswiGZx4UfI5wpgxD +EBjHuXeDoXiFyijXA6rcN0COusDS8jLnJHyXXX78y40WPi+OsYAhj6TGTA55iBKcP7psvyOH +LBRKptno1Z4mgnjclkr/TYoQuzWjntVzeZy0uLk5m1Y1Pb2nEzhCS0fc2IkBHAQQAQIABgUC +Th5n+QAKCRA5n7zfcotwdW1PCACRzbvSS7yK6ozUmKeSnBALX1zifea7xgjLkpO/juxGSn+P +hL4OfvVB+wPCuIL6V9/js1xeHzuMIRyGr4i7T5hCASsJPjzikQP6LhzDMNvCUMh0UbMdC59o +ovy+/h4MFzybZBMdEf1SNpebsaNFs+PSOz+d05uSbl2/kZHWVEv+Ft/IBDzXfrH5HlNVbRna +xNGy1WNw3krBFHl7kCmfr8DKPhmY0/pTFU/l4njYpxcNpKfGsXEBcztnhEI8f4EIgRQ6laBO +AGdxt/XB4+ta7boUXLvckAYnkSUGrQFkSkG8zj/N9y90/mAn85eaIVIwX/YrPt763j4Yxfvj +I/YDU0bCiQEcBBABAgAGBQJOJ+xVAAoJEOfAfgBHUfPRU2oH/iS2aX2QyLLFbRSP9qAOSl15 +kTswM7at/evC7tCr93EwuktKBKGDfeU5zLULJiuyyL+Vccp9wvo/JKjPK11VthvtBoVsCkSA +QBTVDv7m5zyReDa5P5PgMtCydEBrMuiDRZ7i8iteMBVuMJaGQBDq3b2+mZ5epUO7ADICqYD+ ++tvyEirDvzBbBDk+J/fXGE6k53ybWDURseOsvJFXnu5waA+O+PNanB34dYzwxPuNTZinOfDk +a5CbZxWOn4l2pg4nOKvXPfE34JkFMvJ1+mzXooWmg9utBYhsEJvp2KDY/H89Gqw73qBRa6Jt +X5a0ny0x1W6SOvpEBe1n2i1nEHpdoDGJARwEEAECAAYFAk4pqZMACgkQkJweG0ia1rz+jQgA +wIwlaLkCmvZLzHk1mkFJwUPl+UkM/NbxrK4xFd2EtPxpYNFbOG46sjHSrhCQLO3ZZ7JcWx+I +DXkJlMMIBahkmyhawLTr4rHycawVZTaMsYb8sPhZkXpQqRRmhnGs6PtereDf8wBiTGpp71Rz +CB7e6QaLHuWn9cz4zF+3tcNIiqohCHw7K544v8dX3I7VQwt95PKWBYlp5CpRj6jYgo6khsBh +9CZf9Dc4+gFqyBqojx7jyxBGygXuYAMdq2umq22hUP3EUO2gi1+ZTtsfoKNRck+hFbQRX5EU +efrMaq72+HXR2wnv5o4mS/+OjKsWWxd3ACNouRKUazOpyhSxVyKIRYkBHAQQAQIABgUCTkHm +vwAKCRCufdOUil+yL0zkB/4wy5mz/7t2OBd0OJdSkLvwn5y/SYiPWtAQxlpoEUbhKgYP+M1V +hoJXZDv4b7/OkjPy2J/UNlOw5Qssi3mY1pHc07Ou/BXQQlh0KTKNJJ/pgh/hn8vTgHHUsQmA +ELtivbWQEzc7pj3RT9zBj8oI65Os84OtJo5Yo5zntt3jQY64aCZXki6y+w14KYWPz2XrSQUW +owPgTa/dM5O7VFR85cI7n6gJZoRS/JzT84o0j3m0Hw3onAZYODKebNqZ6scFnxvZCyYtt/mK +NnFIN0oABty89u0emaTpEel6z58WenerzRkw2hvWGILl8wmQ22e/IUm67WHIRTyPOwt0CQ5u +aCsHiQEcBBABAgAGBQJOSHGbAAoJEH11H55D2pkXKG4H/25iXhaL1rp0EuCOEdFvOKLe6GSO +UD+svxihEJ9oDUmsw1NOseDTJI0qNEtpH86zl7FRA/nRqDCypa/qlp8TaruMFlKIY4rG4kTj +YY8v7X3FVZvdlv/P+nK1DJjjpPLLzFwjR+2f8rjUYgHcCV8JPGyLaYop/mFGjCNQjmJaMOcJ +d36c772fIsgzDP+nDQNuX0CrsxYzMv9Ws4g2xHrojcHCUmoxdJHe0Ze8wsWdWQ7fGbdSzKU1 +GFxzESxuZLUgGCp6TkKJWQBoIgJGIZ4k5yJTUL3iBsx54w6wc1iDQ3jOe7WS/3YdlsUK7HYC +/3JJN/lmdavLIwhdjzNpe4kjOFeJARwEEAECAAYFAk5Me0IACgkQXcufGo9g9ehPhAf/WWjG +wvYK2IVyhwOHrHGgoaMuCCKpilQoeak2RXpYhjm3jIFkD3e66ReDSLzZav8/zk6BUxwRtHKJ +6OeE5U4Rl28H2BjqHwxebvUSMN93z4i1Gs0YFsh5m2lWnjgv3nXLpys14dvr69bYdGLYadq7 +zXwWFqHcUNzodeM4cESeesWZhtet2z+kf+W5UA1tqFA+UFfK9BTO/SlokNGaYcIVXyxnh6wA +qJB5jHYE4LihDrrtsU3arIySCWn7eq7Sqrg8LcUlLm4UvHue4bSqbqiILBEjiEhwfETAx1od +dbxB1dv+ccDv2+BiCVLiAPlHr6T+WWBD3k+0NXI9J0ZNfFIMB4kBHAQQAQIABgUCTmUW7QAK +CRAqT/rubG4mlWOzB/wNoOVP+ae1jIjcPdU2Ex4zlsVfl0Nst2RfR7RVa4lRbPRv0JZL7Z1f +T+Fy+4iLIzzwVhjUq2Q+3kyDrLB5J4mHPrUTxHSIKUjOVHEs6GhNudi1uihBERKcQuFoqXbv +2pqVBn3z7KmunhkbEcsmaRIFToIz1b2jaKbExTH7o95AVFBRStBf9QLMn2tBfmFyZXovktUC +ope+tE3F4V0upQdaR6H/Ce+Zscz/IwmbDmqPizWcHUJgGTYucbxavz7EGxxX0lfOs0+j8aOv +ulAic2yjVsVK9L6M7aNpKSBipZ+LASPXhXNdXlCqTt5k1s1hptPz+HTOe6LM9PlkKS1inW/f +iQEcBBABAgAGBQJOZgneAAoJEMra8zilCRtWIMoIAJcfoV+8iA5l/5ag+SXlpr7k0Jrykh1p +W0BCnj7Voz0Wfz82PlAmovnBQ9QXru7AaxV+Zlcry0E2yv4n31knlyBOCGDb6DANcv5ovNPJ +EtzT9/ViMHCV/1nljZRA55ccHl2RxTJ0uJhMjPI3SW7xizAqHBQx81QP6MG3xxVRMA37E2wP +ruCyrMxT995Xypm8RveWQ4jcGdJLnnqSY3OBxQUzlF6u/g1S5K+5t8cEUUaewy6jinz5LiG6 +WuoONFTVKYGjLTs9qY0ML3HEggJNsaLo17574RHMy5fTfkHlazu+S4jah5W/H1mROk3o5AuL +huOZVGVMDhnHn9FvoXikz2+JARwEEAECAAYFAk5mgzAACgkQE81h9iqsIZBpnwf/dbDcaan2 +t6hDmOj06/DVv0i28sgTlMafThtTobbTUHaV14hXi4wY/ZCzJMzzxDzD2zAQ1kOCc0+/+ZcA +s6RUAwLGRzk/Pph+qx/+fU8d1g0/9tzclGVwM0BsC8qqyHipwJ60MDOlhEQ84cthFUBN3KDt +xu16PNc8p0d8Qyqr900DasHzz/l3OnQJ6dYA2pq6S0fveFjFaN6DDPjGVo+ocibV9X1YpaCu +xBDQmFohYsFOxrn/FccecZmevozGmF6uqNPpspSGKW3TeYW7wcDKMgnWkH4RCuEvT9JzZJ53 +MYylqmpgyo7w/61o7CIc8vzst/+SPhQ7XgaJysWfsWk4aokBHAQQAQIABgUCTnWxsgAKCRAH +JaDFOO6suA/sB/sHg6JEbsjHUPFVO3Rm4Ce07BKylMYPSrK2m0N0QF2bvREPoR47lkOb7Vmg +thU2n/6xiJWUezeKqZvM6LsKBAWDSaBZwEbQiU7ajff3TE/XGsfZeKopGVBkSK3mmOTh2U0h +fbaciFkJ6yS9DOj/KR8ekz8NsNZ/v3r/iJZEsbIHtGJXe7vjiGJSEse21XTihVLSZRWzDHqZ +axsAFgWXGxk/mAsSzkU1IHMbvPNj+GUgv8QyTECM+KiqDSBfAWItC22l4bHgb+kE/XKeUz7E +vw2rqq/BtzRtAiBzCy/IsdSjp+97rgEk0S49nxS5qc7WFKI67/aVU5ZnKBMU6v3JRII1iQEc +BBABAgAGBQJOebKNAAoJELyTxhyFWRfUbvcIAIXhPq9q+kdKRthPCb+tVY2HMsLj9Ghc5f8g +kAlGsiAAvmgPEFRxn7KXL8RWy5lskXoNA9dY/nQGAB28Yw1eGNOq6SlZrB+ORQ5RD3QN3qIE +W5ciC89M2tt5AQL+SdRmLapR2+D6vkij5pob8pmJuQTJ4YG1tPld8pZ42CwXQ2b9BY6fQMTx +o65QfkN2jigcuLZKJWdzBV4wlhwksXsQuMz1h6ynUwj83H61b3wK9SaYngf3r3Z9i+wbG7Ok +PgXzp3HpjseyyIEooT6gE5UmFNY76GMEG5991zfZeZIWKLXpxgzN3ImeqxaBV2pU2hhBK6Wl +qebGZ1H+wFpDLCQnTYCJARwEEAECAAYFAk5+VmEACgkQD8ambWw1lY/Kjgf9GuIu7Vu93Klp +jC8nHHjIdW07TFzoW3571J8S/4DKIXntNhKeKZ9A8oFkZcKamk01tNrpOk/JkOWBgwOsgmhQ +NNU5E0Dikr1xStJTHSFFDUR896B0ukQfFucFF6i1WMA2g8/V9QRpDvL8HSCJMGRztyfcVB/s +LsX7KotkV6oXGRD2wryerx+h6wNHhPmm6dZHSPYyPcp1ibup16sqFBpc5hKsrfI3wW4onj93 +c08qBgPt6hJ8OUbpEXV63byCrsYOln3ssAnFKLjGR0WEcyuXUgkIdDgGEIjZGjqOyP8lBdVu +pRFgQWMPClZPYeITM7PqHA5hL453mCO5KX353KztBYkBHAQQAQIABgUCToYKMwAKCRC5jz/s +VholdUPrCAC5fjuNgjd5Jkl78zMHfU87vQQ2gWBIrFHOWStA0uozX1/1b4QvjaQ8DX2eyGbe ++FGSRQjX1aY3AbceU7A0UJUctPSt42wgg/CsrVTLbzjyEsZxBl+TQm/ldjR2+pLya17gjpOk +tWEUu/sg1/trZEq/zDzRNAEhLfHA23fafsRYeObVldtabjmMf/9BE7trefxUdNDH/6LLZK2o +s96rbbo4s3aWdEPGNLxnNTzTy87ZRLl6OX15pFmk+Cfk3uSU+MKR9aZuOVPQekomL64mk0MT +qHezUZxR4ywXYjMLdeSjPHhknRm/AI/ABWgtGPNdzEZo5DnzZfbDhPtfY0dR7CyaiQEcBBAB +AgAGBQJOhgynAAoJEKMwhjPc7+l7EjwIAJ4zxko0qQjtzbpzwd/8nUbuoaO+L2YYXyntyUZj +eY7fFbTxWJLNc94vnNuGBk1nh4NQhSo0kHAKpchR0bBzRnWoSbm1S/PG9bKFgJ3PxccFD1zM +ZJce60KBye2UI/Ho6cD77S8qzmmPDBINgU0PXScaXJjxX9IC17gW1nM5fo6pCSphYZqiFpMt +l5fnUsj4udQQfgky7in5WSdmkRUCgbk2sze3BvGLoBj6T+TjsFZlISr2eGBC7sAIIi8V7PL/ +CHsaA7bTe0/l7ZzY0ZDC4Wj0tQt0mNc9CGJHlN2bgmzgPd22zRuECiRfpqUweBUWk3ZtGLfV +tpH9P8RkGIIuuP+JARwEEAECAAYFAk6cDs8ACgkQzsWzh+VHGMOBmwgArTZAH4NshpiTUHJM +nOAot7U4Q20u7y+ZGP0jLVW2lPmt0mixlEPikRUXhaOqwJPmUozJIBloTqxomnnzs0fUsddw +8NCFZ/iP0MFntgCBW4QO0matcu4eNzegXOBryvIdjXpJysK9XGKoJ6j86hRYfnPlMCeaHwMn +2DxY01dm42IDLBV400WRFHnJuse/cDDy3ppF1sFv5rRABUw3e6SJsvlh9g7OMy4kMr/1KQwJ +ogfwx0mvVn36Hx5Q9JTgtTzin9CwFOLpB+uTT6FzFz5TUCv8kqWoS38jMf3oxkvzH1psVbOr +DmQrH9TeMETGflxts/M1Xoq3EBgcRQ8D306664kBHAQQAQIABgUCTqIP5wAKCRDcJTETV7OP +0/V3B/9CrwzA4uPVULbf/RxNKCUWsz/WDwNk8jJrIX8knn7u8uIaQ2UK9JH2RO5j9J+xHVlj +uN5BEGI9dEa2LaTUs0yfetome/X4jYNGnu+Uf9DClH2Hwsqvle6Lx003KOkr6YChrfZT+F7E +1zxy/FphxkmgAfr70OnzreD5UpjlMuRFJss6ZUERhhWJuhla1z1XC2UOZMRsqTrhMJbADuQY +gZs9z+lakGga7d31O/2ez8mONwOLAmJ/loYGA4sgTkwQ45Z9peaO/EI4QB1HrIXaJP2FIDbF +orXu21JqH4Ta8QudqjJbAvZOJwXJf5D97095lsRZOlD2VOJAhaGDS67mJBWCiQEcBBABAgAG +BQJOo/QmAAoJEM9PbQftFAEH4EEH/3d0UwnOHy+giuHYBosPUDk4o7sg7Bul45MTqDIt6szR +7/8A7pAKp01pT+HIJPZaP5QzkdaryqSMgER7iUr61TUEJ71h2JGz33u8jQU+SNJRZPJpv0CV +ypEt3ttrtbUnX3TKlOZB7xnZC7qRoTAHnLkfop5aM8+syJSlc2UDbt+Qzsvmih4kwPIlGcDL +Q0gUKM/yf+hxjU5g8bIPlcE+Jug2xPgEE48HbUSsA37WIHn8ZEw66VU6p2ne3FE9BwObL2Gt +GEVwrEtoWAAFxb2k2zoy8l3eg6/IsQWCIzie8fvwxEwA3jlkpKDceDpCKp39TRS7euVJZFKF +lsU/xQUTcAyJARwEEAECAAYFAk6j9GMACgkQOSJ7wLfKUFe71QgAlo46T9MyI8XaOABtVmVt +jzYg3QMJp46F9MiUrP53+6PiNGFureDrb+K0uffATcX/dBQwaPp5aI00P0TBDtpKPPuZqc45 +zvbg5JJc4PCoPCPFiJ9LBM+aQDdGmnFk9dNHS5EqcZkFjauFLYBNBZcKTTBCtQ+EqdaZiByW +CxpGNweASvzaUMGF9eeoWGklvzkugkzZ+LPMYSey5u98S9zTTPQOsLr94eFlDkeELVW0yyPU +79XUp97lGooSFhFBmsyITbudnAj8r1oUDrQmzNHdw8NiPxsedpKaUHCP/InW/0Mxl/P+MuOP +X33qV4AG+hdIUCJEAhFoXFStZHdyliReaIkBHAQQAQIABgUCTqqiQgAKCRC3MQrl8EVprnM/ +B/wJ7iBMdxiL6+V5NKyWR8W592zDKSWN7uRYdgWEipST/LfAJZleqtrrvUdrHewdHdkc0B1B +dxJ6kQgzBzy2JtoqHxCg8Nc5gKbbvevHXsVrai0stizn60Lk4H9n+KMC0bN8pkID2WuSJkZL +psiNZNfC6x0ned/5DAlTwG0hLfVYVDisjPjSqYUPe3QbXU0LOrb89UANUxpPWTMeY62B/Wko +wFQWSvTerNSoKrk/dDsADyQPy9/nQs6myuyGDvXWrKIPEm6PaRYJeyyQWG7ufflw/2g5SyNE +DwvZuJBcWd3Fj6oANLxRnw2/1wYKCBwfachQ1Q5c+oSCHcLah/cUKwZaiQEcBBABAgAGBQJO +uXoUAAoJEL/DIi0V5dqRrLsH/0LTETJJ0z85WlXV/FEJfhXPdcztder2lqBiFZJj6PREvyFT +KXERqhmjZpk0WnZRMPYrlBl5jeVlMHjCi5/H0BsC4h0Papp5r5szxoZ6pkV5y+0hsCFaQSCc +ZVe2KPskVLwjR2ZbpQQu7h1PF9GgLW7e/ewl/grE6lpqz87AUY9gZTW1KfdwihD2pl+FDJAO +hGO+It+4l68fBT3EQg7UHjsb01TPRfDXk/WkEoqLMSxjAMYYVrAD/HgwWyfRO37/eUIJ2DUK +tlpNt/PJR+m4YQSoJu0ozPMpRM6ozK2RKNSf7x94Jb41NE1RIfcqSxPHR066qyAoQ+edBEHA +upd73laJARwEEAECAAYFAk7JE2sACgkQkiPokq9hbfPpKQf9E8Qfh9FSGIVZDscnbEZb+YDN +t22HQZzXGR8LLhlxo1mALJamvoFXodz7YiuiVnX+KkvR0RoTG5iDYb0aPTRoHFwQrUY22QV7 +yR3bIUSbICqa6YtOllquay2F9T3grLpPhRxbCJPxPXk4ZFNThv8kcj5Nao2wmAgEGxJ226Bn +yUfNq3dqelEHYgcKk0tJAr3D2bvoL6hKbaQooRa2yT7ycNfA2cbaEWNepXWxRHKbIIfXB56r +r49qObW5PSMrwngm4WlC20gkkUiG2bh5d4ERh3TjqdxSlNT1A3JJjnpfjMj6ICwoacIwFS5U +hcE12J0ymU4v4Y4yLjMZYl+uXSp3IokBHAQQAQIABgUCTtI+6AAKCRBFdS9sfJMCsU0ZB/9l +wMJcwT9uwy2bacQpWr0c5Y9iqilNBXOvx+P5AiY3WyVjngaCJcq7cPzxkQAisOdaxVDsCJd0 +dxCBj44vyGRLDXORDt6N+bT7vAevvj0tgAuywMEkOWY9OrQd39oOLVii1puX9Xwlv9m2sJmw +PrdO8Yzcd+X/vOOgXlZ9to4AHbjfAJABUE8CM8kuLH7u83JgWTBI5D3KJOfHui0KAyIJxL9F +Ia5+Q4yGAeLv3Zh7fT/9deEtIWaD8UXQeUbDBnq00hca9/9NhvSUj9RiQqI91KG+HZ8bYynr +0sZ7mpo1kGA/9PqvK758FGo8p0AnraLREpoz4DXiRVpJERf/KGV9iQEcBBABAgAGBQJO27ZZ +AAoJEFLWmblcpbYQiwgIAK+uX4rRZ0g4TRy1BLHwzk7tc1O4TFqVJBK00RSfi7iNqJqMi2LH +ZMTH9wLYAnwLFtF3fc1sNI8uJZeqSUcOXN2a+I9TQBB+LCvCrp7cumiOQO66kOv7NC2k1rSF +tb1oHDQXorx8glIFUk6I4Qkn1LKFPSjnCV/8f63IdnYXducvf4kC5Sh9/l8dicc3FxcnFpc2 +pWKtXlnxSufRPbzH4jXwrXmL0HKwRe1s7dKyE/d4RNw29Ml9LPYRjTFjJJZjzg7QYy2ASDmH +WuTM469Y6H93JnFxANmQ1q+AQkAddCF9rHngLtIJXiYtoXOmY8x7A5fWY+CZ3OgGyR0MwXSx +/tGJARwEEAECAAYFAk7mSIcACgkQyuWCweW5CyhqEQf/cQBIMim8ejXPlfIzinN7BatHr+GG +uEfCemx+lR29D4M/fZfUlpYdlXlhRdMemx8kJaHQ7+MHZFI3R51238nDU+t7QRcihFWLBgsL +i3ctReoitte37wMdgD0Dd5DLY2MvsmBPBl14G+Fa3H2jyuF48lMRY8b8vQX/x/HmaCcSWZnq +p0hx+AbAW6VgaT8ZMyaUkV2fq1WYzRuG2OqvMfEdJ4GyaC/leifK0HFTahdGWPQV256EpBhU +PoH7WXRmIFRaNLWUd1qRMjpcvJ/t7H2reAisJIjYQywn4i3He55ZGjXmGEzbJ7KCZMerso0L +SMVVhS2QaUiq8hZmnqMe6pgSpYkBHAQQAQIABgUCTvIMBgAKCRBJMTxQr/2XxDw0B/9UTeJ/ +vi12tpeZcN9l9zW5JdjwQRzoDW7Qfj7s4uEyJDvSrJvohPxuMz768kY1jHaAezjfykPuMj+L +vlPSSBh56TRFD4lPVAzUp4C+bKYpLM2+ZUaiD9TL7ObhToSNJNSY4XE2zJSJs7iqxxxzUQy+ +32Ew2wN2MyHDoi5tzyMqn4ceqiTAUzd8jd01C0IPYS5+EXdLVCxomwZtwP5xls1ntVA32krU +JDZk4o+WWYgLSJ+QIxxHoXlS6bTEJZbT9ie394Kiph1bfq8GD3z5kKVZdgchZzZbsOQrRwDk +gXfdRi3VpWSZ8VdqJlev2RHKnQUhzSmls02Svsdi6hAp/j5riQEcBBABAgAGBQJO+xlEAAoJ +EFE9pukKUb78kp8H/i7EdI2yjTdYgC1Kh08kaG0CHVV2vZM7EezopLLjzjO4lshSibwmOdZo +oFU2JqBxcfUBehBTMUPb1vkk9t7tXl8jSWf9ScMP84GtoNV0PeQ8TAqqFTNRSWHCVt0s5DYE +YH+101zKSARSnDraclcbPvA1pZjd9FyOz/V47pyXcF9fRiXUkWQbtCKJJzLz8Vf6SEKaCscs +heahrQGudA+/Oz8aNf9UKDqWefAeQ6Dd1lggySZO3hmbqmSzQYzG706vl7PFQpH2bcWLdjNL +sTDpIrxt9/j6iMMub8zk6r3TVHmaxeETCsG2TL2KeReMckPGycEvBi0i+7vzBqHGIcoTH7OJ +ARwEEAECAAYFAk8EXlQACgkQPrcz97q/QT+DXQf+NTnGTv7U9cqe/W78+GWoIosTMkGYHZ6l +yv85q+ROJ0cu8AvBS6LQSLnvfT90/sC3I4UJcNDUCEDNV6LC3NQCUr8cMR7F+Zrhpe3gEQpA +1bmTiuydUU871oHJ9DnoL66UHiAs66tcrVss05VQ2UETXE8omDK7vVneVxA/whFCfOn8xxUA +AwSRboNdTYNrmhHDRYuDPUIolXs4AMAzXjnAB1yDhX6xpb0y4tl7hpdxkySLTwAjD6NJ8kun +ftDn5epyoNU0W8ZX0yEC/Ym/Q6cwpohFZvO4yKd0lWYac9x6usfRMKGo1yEOKEWEFvaQsUsG +1pqMdAd+hKUbx+nmlbvEtYkBHAQQAQIABgUCTxyESQAKCRAJJjyM/SZqdhH0B/9KuuE/sd3v +fG6dIHD2CNYDM1lY/tIMQeI12rk8ouE7o9tfzLObosRwBU2U99ma7px5DGU0mqZrQSpPq8bO +e31yqP37es/fTOMvTlnHX4aNtZP9+GgThvJoK8Ua0MAd3g+ChL9QlufcpJowDooWdcnIwHeB +RtGWDV+m6RjI0mlRcv91xv+kUW1FbNPdBV1tjYNIYtlgsWU/ubuczPNcR7qsjS0aW8fLC9KO +YbFESovTa1MwBmbM7yl3z1+yLID8D1maImHcvOOreKuNjdpK/VBi76gv6tVSLbGbqdQlYmJ9 +9mQZmVWdaAKtxYZPVtmW6JNdjY0Pa2zRufWji5PIpTkwiQEcBBABAgAGBQJPH77lAAoJEFtl +UuVAMvN+6RoH/1YDkYYl+Ezb2xVM7uhuIsQNYXhH2qkRfUOjIWr/CbpUspgJL57G09iEPywz +Vn6yweB10Pg8nptlPuUBYsHisrqnbAHGVqWCpEYIjCUbqm/kpJK3KJ46EMyNFjW7/RNHEt3O +0pqVRiPhpWg+Ac9LxjdhGU7mQ/khV6v43lLusuEt4LwSR6o8bKjPpARESM5y8GB+zBa6oLjO +Nq8D+v9NhCMWxje/2UALWr7E5olH92WN4VNgbv9EjU3iCDxr3JvbUuxeKFDwx6goYuTmR3KL +YKPsHu1Zddtrhj/1gCMkx/3Tv4EcfSoGUCyASo/pBDD7sloPA4e+54lJYfqWOYLXYRmJARwE +EAECAAYFAk80fxQACgkQLaxEnyYWtp0YNwf8DHrAK4SJO5yRKvKpvfLU/Ep/0LL/FjvEz7C1 +I3VUzwOdN4YoELTRyadkXtXejSd3cg0gY/uPvhkXSnl/RvDOL7lakkvLig5b8XUTD6tOTMO4 +N3E4uM2xCLtRhj0Hke5E1+UxCw0BVHaKOKdzL8AVvuHTGpeDMp1jpxsvuVwdjeF14h3xcZhX +zCAb6mQDkrtOgApeF9Aod4wVJyOtzpCdxx0M5HzaXV4h0tJ6FFcynMcx4lRhdcDgzIMGhyiL +IpEYPCNxyoYjMFAS+8AAZuyL8/4z52ZlqYVcSgdS1fM1EkI5xpj/evnYIaH983SuyevA0wS3 +BAVf/Ce34ATCeqdraYkBHAQQAQIABgUCT0OBgAAKCRCMvtNAO5mx/7+HB/9DF7apOqUVCoot +NfDza0DupqB+VU319cpzKWN0wM7BcWSvGc+9LCTXt32YV7/vFDNg910VJmXZiGmNlNG0ALT2 +VlOHE3HGgHqhi8cL/udYIgnoOHYpukoOgC00MDhCj3N//66kp7vLLbN08sl8+WXKBlCEvJoa +ugZ1rk2EhzfP1rNnjPWso3tv+OjM9a2Z9bo84kdpHxEWYuVDQ2h8+YHehb7/NCZcJgICL6mc +PY1I4iak7Ch1wOYkaEjRoCcvUOAdWGJUZAz/0QolwRC3g6XQdxI6BA/MLzSJnf4rag2Tc0sQ +fzEd8mEMNd6ezXRy21pIV95cn5pWCQ+WlCII4gF4iQEcBBABAgAGBQJPWK7pAAoJED8u3svJ +65zW9Y8H/R718Tqg/JwipgfOyMLQzs1g7txYa+OG1sE+Q+U9IRkPsj/nP++e2838IJQgBH8F +XOwqqRP7oHXyn0ao00tX3o4mQcSYhxkRjunR2yysEaLd1D6dchHqqaVDfLr03Vx/mNi/k900 +281JurbmJcO7HoKiG3XPNOQTwSkeX9c8VYElGgtayFmltYEqW1t+SAtpYHezF4UU5xALaNRb +gm6Imh1GX9ektSgmKUd6InfBfc1w+QQgMSBpiQ0BXNbjt7ZtgQnUiJRdA9F1QFNUUrWKnEXG +MbJnAnf2RTyPO3Im+knw8v/hvH9NqKnGwV5y7/H3dYsKVwYpka1Ij4Hcq6eaMnWJARwEEAEC +AAYFAk+V6zwACgkQ7vMuMN6SFS15ZggAnwlIf08afvWynA6G5Ic0W3p1V0UhvRc54m+P3mRN +B8AfWtGi0xUjPFAx5QwSw6Vf0h1l6jsPFlBI87RsalgPkFGLpnM5nfHIo7x0LItFSVJr29fX +UZVJubBrx513qIWmZ3LH+ixcKqgjyPH+VgstSiCQ9Wl+ahQXRhOq2yZXUAYn2nsQJ91dkEJH +6v+DDFtXkC9boA6qU4rriWEPJtBavoAasTr91blm75EYtDZNIrvp8tln0Zcx9YKbVBFYKNNq +Arr2oLzKIqWBdUeCOf0Kon93nQgA+/xzAecNftWPQ9xUtqZx4wSww/6H1s4IwiVesX/GuqaF +R8l710lh/7dopokBHAQQAQIABgUCT5karwAKCRDilh6TrBQ4lq6zB/4hsP+uusDUUNqHvvNw +jSCHHIjFj/mGSmAmocUrqvi+9oUMqsAdNHbK5t7LjoJsv2nGEnxzRYgyh7pAoqQZnNUvoyy4 +uuDHWkTfBEkhMDtzuUVm/0EuiXAzynv9lF9zXwZ4Veaa7KsGOO3AZ/OCPE52l0u5KPtQ59zb +mWF5m0jgggyrvZWmcBP3JsnqfbX0iuWsj9pIHfymqrp5OTHxJpctwNHO0TQx07I/WLg3T7zF +z5fIuSQ6GvSB5CZC4TwYxdUouKUIERYHs5o3oLVyTcBAz+sg5D854XgQjk3sbHH2woOs3RhG +mwnYWpZEGfxXD4VRzW6+1b1beyhqQ0QfBmhviQEcBBABAgAGBQJPmR8gAAoJECaAfdB+li5M +Qj4H/2AELXVLnTCbDM9Tf68aBIZJow8KTzMMp/6670BlrbLdFn5yOl3facDJVSpYDQ+qHqQ1 +QO7B7yDA1JIxuf2XIazJ69ATWdaUtRYqJJBglmwN8gEz4yC2WE4GTG0QU+woEEHbE5wOIloL +KIZBzg9Dk/GZ0MXQz1C38aaqIn64wDJm3Yoq5DC3hlv9CabBmh5tLvZoQucvFXl0H3M1Hivc +Q2zf82TklgBFxq72vowlinbNf2oPNIuumsHBqBvEsGyO8RMhOTfQjKwUvruUVBowSUPiVqjr +xe1o9AmNg/OsmiK9NiRKiKdZDWNymAIazBVo/MwWVxQFrdpm66IJWU1KJY+JARwEEAECAAYF +Ak+bwxgACgkQwplX472n69jyFAgAwTNz6jCZt5elrFBr/1IY7kigu1VqX+u0qxmoge32KAJQ +6NH9wzCmKhXq4glvpLw/vUYsT0+gQXzM8bn24cfclBrnqdnpAU3PoJgszPkDQtbvPddukmAf +deb8uV+yLN9rxpN4MQv9BXaSvWPjU4PzofJwGq9+hWg/MKvFgwEOhvU1GmtQpeK7AleSFJng +8IxwIttRWct2EKRPmA/pXtcgphbkKFw5P8WKYXcqLk/3sJatMDB/toh011/7FGYFVqkpFtac +d0x8SJOcesOEaEss0WQ9uAfdjMhaKMmSBsScFwT2E7V7gtv+l6QGwWE3OcNpSKHbYgTp5B/B +hwv/0/WGOYkBHAQQAQIABgUCT6ab0gAKCRCEdLbHZsEP1XGGCACwW1/0o+z3ATUus72fcLQe +WHe/nT/Ef1iBzrSkKnN66UfHYd4NBon+Xbry9dsyIv147Slxx/Qjd+RjwgYP3pv0m84z1K+t +QABrglpbIZmuy5ikJ3giMQjCqYs+Gof0esBeDErtMmXc0Mx6Bw+Uh8CERjvKMjJT/LLmYC6F +RPHq0L0QafLvzP+yeitwl6m/GJTkqUVeylJAT81dGzMPRPnsGdzBDt7vHC4wNNJMbQd8Plwe +QMHJI4hB6iGks1uSPBms8pu6tjhjuVknF3QJniJkboqABh/8hwznb8aKAeA4DhN3SAcN7uq9 +ZNBghvyLul6TbFM3IJW7CE+uuBLUb+fMiQEcBBABAgAGBQJPr8IBAAoJEHZVNcvUwkOPp1MI +AJjGlMtyibkF3SWnUoq8x/KWHS9ffBi3CmUr9o5Ep/0nMzmCMSHH8qw/uDt+jsvHWFSnB++e +Y9F6hsWR/TQw8v2jl7aww160zu3jKq/kLKoRNJ1mSptQ7mY3pLw288hw7mC16v7SefnsZN7b +WWjBmRixYchDAn8WiroexGhpVuL2dYeCMia7VDbMcRwooWGKSae1ieyK/DmsudRE0hiIQgvV +L7/e1SO9yel+239DSAo9kPnHKlp+DQodV746d5hrXoC7zMnUjx6AnUX8rzci5sHvEt10J3eC +PHZDjtW3v0P8okjHWW54IBD4PWBaO9tHGWQDmiOh6dY94ejZ1C+zayKJARwEEAECAAYFAk+v +wkIACgkQC0KrNolcJMMKuwf5AWBvR3rdaHNN4C8iOtn0IcZHinNuYV9PNfLKZCAE+6j4D/Tx +52iwlhP6RU2gRiNJYXDva2InqSMRSkB/Fj7CkkEUiRen0bvuAl5RjcsRDf4AR+KGaOCZsWPA +siV9CFGmS6X1RCK+Z2PWDMnj8KWAnrdqCHUHkZcGwEnC7FjLO/CUQBVRn/r2tZE/TXWFvh3u +WnBJuUXi6daHttIwnIc0g8M1ttNqnVRFEBym2m/K4yAgu2WAhvRdwoT0HZz82rxgYkYM9zZs +Ttb/3xRa4HZgfoK8Grz5aSidzEUDDWVG0O3Y+IS+UovF5R9S6foa53s1FDR5cQivn5+lDZTl +OnL3eokBHAQQAQIABgUCT8KH9QAKCRAq2n4jMZZafVFKB/9raS5RAQ00YVJB3/iwpRF/hvPo +Du2v3AF7cegQctEp/CiSx8tP+tZjn08Mq2pyxGBMUC2RXIlBVhgnCIiBvl1pdccSAPqxdD5B ++Mp7G1CXdIYIlFwtOBGj4BPXUbpf9XqoErZXGUNLwhLJDGOrEayL3nQR4+62pswrlm1onA1+ +MPxzcvsLRyJZcxEhV0PLY6r0DDchyMVTx9vxofC9cSWkapyk3+/B9+ZX4Gfv5dCigrxCbXEo +lSdttiquaX7/HRX2djtW2hWz66X6xrX8oPA9Iw+yH//C2FClVSHxQClSab3eZHAvwGYe0yuJ +uC2c3GMyNtWbW8CHZIuqbAktbvTGiQEcBBABAgAGBQJP6bETAAoJEAkvmNGDnsu4ZfsH/RYc +iFVZzHyOsz9Sb5wlJykxZTwPcXe1Vm1L6CKJHKCm+VBdKSSLGX9thaAtOoVsW4OFS45jshSL +b13kjvD4safqzoJ7iJj7nK3M6wrBGpRk4objyVeQAJZWXAoN1Po73bvV5oilHqSMi/IFlsb5 +G7R7hrg3/cCMvmfp2e1lPH00eh5Dsq7vp2pLtho0/TqQzTm8vQOxgjwsxaQes3rPeRVqghkJ +bVeqXxksdEcAk8Z0hpobTLbTiSB+T3gNgvshDY/JyuZn623Q0OitmeK8wzplGmKnA70LHeoO +FISnQOqmlh/7gINSdQ2dMZFhSDrId4kcFjmNRJNrYPEXVBBoF+iJARwEEAECAAYFAk/vmZwA +CgkQ6KvbasI7JWdiWwf+Ms9pALHsDcC2dxYh5ujVmlc1r8DlDgP0IpnHCZ/q7y0eX99+CEMH +ASj2KjzNgZKM6EpnDFgCzQ68858GRmdUB0IlmzGn7jDsAsmuNZfR2gZSlD2wQSJhZ4MhP9jN +GMeXpH6j++9YO6puINNFg1wkEtZ30DgHeAJmtPLkliD8bacCtmx3YhI1Exrv1tPL6mh4rqWl +ykMRBOUHidKtHbGTMy7VLEntHYpesjiTtutFEqdGyMqvMF17BTzfn0j50eNw3Qj0r124iz1y +n7VvFR80/1NbeYNJXVLstbYbdufpdznGmz9gE2VAr3pLbk+bHzBMqRZ+NpYOiE1frIkAb1ae +9YkBHAQQAQIABgUCT/xHrgAKCRB87t+kr3gpZfTsB/kBpM3lszIGJG9AFDarafWU7slE2Jmh +7QurTAo7HlUXY9kvsYaHKKcWbn1zE96ZtfVCSPu25FY7rg95S1SrIXlBNzmnmqYbS+ypKNPf +yGqY78aXnbmnjoS5vxkEzSwO9AUEqZoobIJWWQ4YGDMXcogXYQc6YxJm862yvzJjoiZMuXCS +dKTy3OM+2gotNFmqM+IAGsrqAD0+8mZs2dMnXtMxnbWWdL+5Oh0nNImAuU3uNJXnz1Z7/+GK +AVhVB69wT3wCt1B55DFhJodj9lLRGluCU+JaGSYMoHMIosstw1Ce4Y+ZynN9quBiS/gS53F9 +HKQtPOBsKPp6ij0Iybn5oa/xiQEcBBABAgAGBQJQCB/aAAoJEFqPqpdImdwJe0YH+wWdEjc6 +3YKCYj/HF1t07EpH/VMTr0xlKb2LjudlgbDlJ6GhrqTtU0IczfF751nLvI1sRlnQ+OKkbEq+ +qsghRXAzNAQkKdBTCs0Q64/dhGhMpNnjNqHMV1qeZkP82m86TNCbsl3igm+x2l8R7Um1uWHY +ZOsiItZ8qjAgHx0mP2+ORMmJpRdzGOKtbPb7/eE8Y1+02GgmkA4YHZn64jdXf2Q+SUCzczWr +e5UH+Qe/Qi97yUKEefnmlxpJyqA+1gNzcV6JpEVKcisy2ePHMJGI7aoV8pGEMGA0X+X9Mwx+ +suVoUwi1uFM/7GoauunlqMX9YJT6xtNxYOws6pltAkj0eIaJARwEEAECAAYFAlAMb6kACgkQ +kpY6JZSYgzLukAf/VG4kJ5kLlas5PfFDPXjkV4e7M9fdmxj7dX+XaZGY/eezfpZtk98aVE3L +DmwlQfYWA/+WunRBg+BExJ+kBx92NYz42M8OqL1WG42aUAw8kHPxoVNpl1kR/PKKlal10cnA +M3nziypVE0XRBaZG1D8ZrbY5CRXvqW3VmF8Uec7Fm4uLBINpFrNQWKedtQxzqWQTxQWtzDG0 +6d5BcrzfU+wVW9SVW6NjjsGselcxBvk5EUeQlDvHJVJI9igcTgNSe1Yn/WZBGoBWxqs6lHbU +/8Mt/fjFcSOzjydAh1UuiVfNjM4W7BpQPqEjPAdvk+yg0MTRZK92CmI8czKfiRcBtr+IaokB +HAQQAQIABgUCUCUAPAAKCRBeELltcU8IWq0EB/9jAtW6FBXzceJmG5nJ8PG9x+GscebTJHAe ++gWHHS6fD/5UD43V4rLJsBbqLPxKvcW1BlLtgtmcTj70jaMkxxEfN79OH2YflXj/kSMVX/gY +x66L1H2ddouPTMNbYfoLqQoFAZsUfGId9mOUJTN1b+flrl5XvdITOUL5s7kkQ28rwDBfSKKm +Lqmbf9UvbwTYlmCO9bmcpoDo/4uJ1O0pWNhJ2dlIkddDBo86Yes369ZLI3LShgLaYTudjy53 +XMtK3+jgXQSjJnRyjGErn5HL9Y8qjxLbiQcUSaiEucHRQGRnBoGLRKSoxiVTPdQXmWXrjmun +WKrAoy+Z2yPWTn7J53NQiQEcBBABAgAGBQJQScaAAAoJEDUQHxZ518nCpncH/RZJMBdfXzS/ +G87yu77pRpb0QoG2LfzXzGELi1sBF9DkRaQ+3aAp4OglGKmgn5S7GXTcvw6KUFN+smqGC9tL +I4CAuYKlzpMzWYe5mzZ7n4m/8qnNpxZuRRo4KXWUijKeo1aEUKqo9QUpGT8ie4ctjze+D9BN +FejqptZSbmfIuEX8+x6JQi3a/ijBGVkKU9Iai9VSLp2P8hSqcpzeiQoxRdX+TyQg/K1ZsDF0 +xuj1/hvgo/9kOiV58sXSeYtfaZ+04xPnNeu8+Ba2g/qpO7HfOW7wsDx8+/zflglAcYjJGM3D +gaL6yYE3pKr8Y8H8NdcfCbgGKgY4GdJhxrn6hdxiYwiJARwEEAECAAYFAlBg/1IACgkQ3TWR +A1XcqsDDbgf/Ywq3OkvAGPwFaCxsSVbNXkK7DDVwKpM7BJXB6NrVm3OjXVlaRUUWSfh8kcal +vB5OFqgh0m40fJXiNuV9MGb7+ntp2q0eOv1wTlZewP/D8LbzE1XWqsEv1n5/IQHgvZaV55yo +8XNIG3ngkFp+kwSpnsltFmyj09nc/X8a/3Wgrc+8Ay157dN5w11FTKUOICqqSkycqp7SAdpM +Sj5EZAV/1Jz5GNDQgUH+ITil0Gp2umAw8quWWSMkbj9Hj4HXB6qikCErZhTWyvmLgVo1mSIa ++qXYOYRLUz1+m2O9p8MH3uJhJjuGiS39t9bmDfVOxqKfsl87Zrp8I98BiG6jmULWs4kBHAQQ +AQIABgUCUHE45wAKCRBNBOnOfOeA3CS3CACApC21zfVGWMnSOzm7a/B6EUPfkbpUw6Fk7bRW +/AvnwafTIppPu7untowFDhaRCaVjrnRTFu1LMRIDSlcI0XfBALZTYNowyxi7riCoDYhYPirD +kdsR25uqloZFyGS/jRnczu7J3hytryM+QoAqtmqzDQ7A4FMFH8qRwKBAstda1Oov4BW/l8QR +mUQCYh7o2MBQ7HBhLuNbqgQXc1Bg96MSbCjFh6RrGAr9FeJSV9rnS+jQk+2sX1sf7uSG9Ofb +WWwHNJRxZYtRPdqeQUv5D+XjYLWhhf6XlJ1LuS1y74TqE+SsaZLKQbUdcshU9E49Vy4N0R+h +J6bz9mJPs8jpBu6JiQEcBBABAgAGBQJQdhE5AAoJEBHXd2iwIfrKhkIH/j6EQ8oEpsyERuLp +tQZyIuOsQv1ix77VgiEydaBOhmgVMbd1HNyS1JR3n0c74bSnxdSJh2ayk61HOBuf2PiNNnyp +/kQP2hcv+OkR5wNx4dJvgbOaHLbuPmAJxrl2UhBp1X7rVH9JckLC5WkoQQexS9K4/jLg3E4W +d6SIMgIUkMjAkjniHU5Sh529l0/GOCa4OmHF3VlrcsoahwjEkHVmCL+blmJU4n2tgAQr6q3i +9QzKJFL0qthQkEiLkUfKpvtSURn+PDwIaGOBeOn0NRD6T7HfigwzZ1sJTZPq2VNZRMy9JvHf +wlKSFOi1ElC/eQW6+oKDURYuoiSNriG6qRb4OS6JARwEEAECAAYFAlB+jYMACgkQrMwX9CQB +g0P6Bwf/bqLD2hHxlcUpUTTFi+QLzLvlEShlu+mhkbRiBfPB5EYWldvgHKzuiFRIcZiAG/EX +Snvv2jIucki+WLd/kHovIFyXmZ6Z/1KZjkfKnsLRHh35UrklL5DL2qvfdOgpZ5nWxPAbiV9g +5bVANCc1/h1eiq3UOIJ2L0qiXVeySR/Pl8p5nrKXninhS6jHJSy2siclJZNS+tG6Zhmsoehi +p54PXuhVX3Sk9r5Qp963eIhPaT2U1Uli+BPBpR6sF9nHcyOfSEk8uJL+lQLYFTY9GXz0WSV1 +bCU+kcj8/iJ3SOmyvWwERC0KkU+sMWayrYU2G+rf1ArUf3y8D7NzZFq+4ZKzw4kBHAQQAQIA +BgUCUImPcwAKCRBwMD6hmgtRHvPyCACmETWYQpheObiHAMzDiVj45Ht+4HNx8RmEiY6TOTwV +63bkL67qMg384rlFwL7DwqDKjxGfzSSUegskGzHrG1RTlJtXbUUyCe+RW9LpmLhkFnifLoeW +pV+ZhCaBpBBNFOJPMpDW6EddjXXMkJd6ADyorrQE2eANLbPGc3bNVo600bK9vN2I+pgGDxIs +dsH8JAPslzd2UoNTCQf6ArOcKJpkskj/xwfmr83q2CESYszHOOgY+0nmhxDIyij5VOL/+0zI ++PQ15XMvOKm/eQkSxZp7vDfos8k2wZu5c6ILEhQUwtSjn2LFTQTQ1mtyTuDrr7o3FVlxri0m +beNp8430wpeniQEcBBABAgAGBQJQpdUFAAoJEOKZd9azSbKm9asH/1B0fbfIWvgBIJgHSASG +K57B3Rzc75maWFmneuftCe6gYyPGwUABcwSnOXiwYtJo8WEgdfoAzVR0nBmCcQzDesPzPnN7 +B3DA91yIbUH1b5qqdJkVD76ihGeXDu8HUmU137M4q492BuapDs0/eE6KjLuApYmADJgPMoF6 ++VeZDWpL1YVgj51xJ9CAwZ+hsSRO+6YNRcmyk/wb0grctlMduvYSCCVlonDW2yuUeqj7Ctvx +ZXipnK/XoX6Cjdm4o7gC5gFIcGLXhRd62xn3A0sdN+vO3MmdW9MKrN69uY0KAOYo0H7u4Kwk +3OviF2zaIrH4cAJUOW06buRP9CwmjAfQ8y6JARwEEAECAAYFAlC5TVAACgkQiUx4Hxyt767T +Agf+P816dEhNO38841cuH7gOscQkLFfiwnhDnmvbvUKBezh9UNlQdT15vYuoElXBLcieYayt +cGGdAnhgHEgmfm9GdY1a7xhZRn5CaioWih/+cJEHecgKT2iXQ0TVyZYL+L9p9ASWuzRM0iRq +ScR1vvPp93bleF/JoY3+km6Ga5v/FTNxsk7Ddrty7vsIYATPKX0wKHOrSNJb3dMTd6R8Wofu +MD8cJGfpG6Y2USpqLYwPY6akqABH0sRogmuzhnCTDuIN7EXDjZ/qYZ7gfvCW1WBGgWwWsWCm +C2hnVTYlnXnOTi4vYO8LVNiNSQg/fx4melnAeMg+FbQ39VC3iTvusPoo44kBHAQQAQIABgUC +ULlNdAAKCRA6yyoZLsP2UctEB/93bI29p69CtASPvgY1OXIxS7jJvun0Do4Ah4RpE3watIPK +IFuKjqvk7Sv296mRNuh+I+gs2mPSpvxvZ2aBTMgK7ra9XmqjgugXk1lUzGtJ7RdNsjQCsLOc +kdmdHsmekXaVuzELtIqA1GRP6GUy6NNAtE8lTIbQCFY0xtYvaViGwbbGBMpokN8VJhh/2edT +AazTqPxAr3hRuM9UNhrqKXCenJiS5RR8dJGRvl+6UI/sY1LoWLBaOa6XfvYltmg5XOE2qfl+ +wzuOGKlL2Gjf5BPZxYRDs2G38wmFG0ou0VBUbPcAzIA43zFpWm36R3YjT9Ecd1xf+IbWJxkf +9J+mAx1siQEcBBABAgAGBQJQuU2VAAoJEKZZJoXQS/QzV98H/iLKj06LxH8sNCd516pOGCVa +ylm+NRwF6JfKeSc2bTVnrtxoq0GtLn3dnArS3930WMsEYSOHeDbwIEe2io6yBATwU6GE7Jcv +MrAhCr1t/ZEWvj3Ig8QEU3WxQwYb/5qlNJgwAVwqZcZBOzlNSjfuO1/+aGsgbmU0YB6ZSRHy +E9SgDfJ3FESDWQqPr38ztLjqL+EZMqdiWblnNYA/y//0LZ0Eh1UoCd2pDL9nXYEWWUzNNTwJ +N5wba64kA0mKCTLC8sULqxyaSclWfIC1qLuVf2qWseO/ysXGc0mJdrWRCH2TYTTRbkS6XEyl +Im11aPQAD+Modz1UCup55M8x7K/VOPWJARwEEAECAAYFAlDLBE4ACgkQ6nGrxauDscMKrAf9 +Hib08DOfmZ48q2wEBczsVTRdCyRxOwj8KgcgStBQzCQ3oWOk6bPRBNhRb7yogKem5WJa27E4 +FAt1O0QsELmOXnMlO1jvyJCvabe/rWDdj/72Jn0uJmH3MkVIdO/KDSaE1oUx4flykTVtDRGi +pJc9W2DBjHJGFurNTGqfBW3BL1n3LgC53Txa38DBrD49W9hNNrXNa55ptuRpdCdth0dc9aH/ +FnYpuSBnjObqx8yHqgzOs1a8ZhKCxB3SJlz4QoK87JT2r7fDV4C+yktmbq7hYGbKdhwenQnQ +YPEzearXFzYezdy2JAZRc/0CDaFyrlAcIKoGIk3TeovuOgrduLYxdIkBHAQQAQIABgUCUOKH +PQAKCRAkhDpWPc/3haR9B/9W6QVG95UK+KJlDkSqWgu3NWAtZD3DY9vvDDDx9oYww2X9tSCD +bsLgEAnbMz+jU1jcA8bXHKkwH9E7nHyEWpDrXx80L9DAyF04qZKbsZSyvwfPervJX03uaEmW +MvFU8/qH6ozPIS+aEMz5PeosLYAKnjt7gtkWVdvtpJXFlOXCCcM1Kqa+JFamX5G6dM9qvNl6 ++k+qB/OgUylrnZS4VI8zDZC8J72y8GGkQg+0fdsxc/WqbTxKUCxSW2Hqn5nBfBZyzr8Ql2w5 ++yhveSVPm0Glhs2k22aUDV1smXHaCWMsxHIR2caKEfLiIcaoHMrUXqyt3hGkZvH02J6whUTR +b7M2iQEcBBABAgAGBQJQ+03QAAoJEMy5CKepk4QrODIH/RvfGg2RE5IkXcfqeILdDDXl0RbM +Ie5wuByY0vr3Bl9h1u6FXAb5jRE29YbaVXPbLdJHXUReMGEKo1FdNu0LjJ3i20rKQORO0Psp +G5xBimdfYdtIEHWpy7ulDrfUGjoXTjwSovW/Hw/NRq3j6sGnAJ26sBijs9Yn0Yj8phchTWIi +2XE6k62/BAZz03EpL3mQzsq4frDC7raqLyWpJeD4GaFBQJSfiMT9C0bT6itiTJup8c1wVgCn +RXbfXEqLz8z1bvshhUtfK+1oQLnv1J9M2QuNRVS6Ghv/v552NHugzXELFHdLMPJp5APoDzGv +lcl+4qn5QyZvnDd2kClQt6JQBZ6JARwEEAECAAYFAlD8Q/4ACgkQpsqrIFRyWZUiDQgArT4o +LyWsXbn2FnR0L3zxZX62uBdlh480eDb9qbp/FfFrub29L1Rd37GTUzTBSqeIOrOljq9Ss/vU +ExkbP0jxjRW2a/p+yzdOX7Lyl7NoEYExj8ypRXW66Kc0fMQXnOEtiv+kksdrqqAzP+ly/e4i +D3msUc1lqz37T9QbNDLLSJhucSIVVGet5bxNLWjbU3mVQys1gKZa5VYQqzUJ90A6Aky3OM5u +ynioONYfCkR3/J5F+i2G/9OxlsSdbrlkET1PDvb1vlUgo2QA+PoGTpJoSKRDc744vWSp04VQ +vzQSEgj8nX33Iy/ajEpLu1nCfL+S/tY6ohstFE3Yakbxl7jPO4kBHAQQAQIABgUCUQrj+QAK +CRBVew4h+GQ+m0O7CACpNJcW8+SfkwlOdcYDBY+1lNoiLSIhIcwlhVPPebUG2ULY/2UvclyS +JPwor3/1vtKiIqGgrRZLMD/XTs01ivfY41GCrrBsjg6cWcfY9I/53mDjliAkWNCQa1aM31Yh +fNev+8s5AbxXtT0blwrF2+Xkl8cxN6hAme/q68JoJ5hDQs/0OQPNmfd6O171XJFMdknBG2iC +UuYXgOQoqPRpvEKCHA3/5ITZzW+AasB5hidWQaCH+X3lcU9xXTbm4Q+apX/qJba1Ag7Db1Aj +gByanmsuZLKMAYJOUOHo0vapxfRKVSCPsaZu5geTAbqYTm7AGbfHblHubu6CNnNS02xSuf1P +iQEcBBABAgAGBQJRC9HyAAoJEHqjltEiMq3dvJAH/0vzh1OwFwirAkte9/xG5M0NheArSwnE +yLTclr59Q6xZUQXMqL6CJE/lUEMJmE1VJYAgB/3mOJmskzng2C3qcp6dAMCNjeOgEJUfZQcQ +2C4raPcJy3H6AswZFGVKJ/uR59jl5RkNf3mfNexIqn989eK0YDPtsuMk/XB/xxZ5Z6v/tmaz +iDoxim9WqO9SCRCS68JP57Bg0l3g6soMpJS9XcO26g4qjEoeATEFVYzASez48xMco1jBEOW2 +tTCTppsZ+qbnYqijDYhRJ+gQv+Q93vCHPB6yPehQ7o2cwQlEdJyPT6sak1ebyg2etWtIV0NG +GiB9NEsCNKlCsbsH8KKY51SJARwEEAECAAYFAlEWm00ACgkQWFxWIBeEyAyCFggAnEbVtMKB +9KSfckqp+bBbbLpgP54lzJNiyMQB0DgLG3oIiZgU9sGtRWZNMGH/e3YMxmVQ1dfaGMbrJPeU +zL4n41RrBt5MN/UIfiggp16qGCelf6uzrUSRXDs6FSvos4fgrJL+VWcKMWMdiDYcdlIfB/Xz +ATjiwHVBrB9io/qkX6FouXXTPLSd6+/B7nZiZFqVffBHUH4twWMAaXUUwMc92Xt9Ar6s2c95 +EsfngnQlO8cooAGT32vk516ATtTW0AOzEXYTtptsrr5oCsR2Q1AWrX+cH/zjLYH5CLp9VC3c +cD+3vDBIOdFI7H96sLTOaIaKv3hWWxQ6TLYFPYTMU3/1KYkBHAQQAQIABgUCURbXLgAKCRAf +zA/3hU17V9SPB/9dVdipSyJ6OFOBczeW7zxiKDaUBmtcWEdc4D+VLxRiQMbu+02/ep4m9/n7 +BYYqK09CRRsHWkG0tyFtIMHqsDmJLvPXY++meGDf5pr86n5uGRuPLLBoeHNU1DzsFh4AnanJ +fRBt6BpeZKecXzhDvO70EmYyR+t31xV2JEMUgki16jN+6rnDX2xtUbxL8/K8NckdldWwL7bC +0CnMACmFdAivIRF+j9f/vR3BmvlNgM3U4NkMdMc7et9X6nZdhKBpuBIQUWz2GhX1rDYiu0Gi +uq5jMaQAJ/HBTwv2uWU3XDHyMYMjv7SHuwVdz4B41+KGRnDfqCgSNqbzQnKz86+XTex9iQEc +BBABAgAGBQJRJjleAAoJEBeh+92WaUVnOdcH/3ZY2hI384jtd/NIUIEvDXBiypnm7iPM0XBD +xuLO6W2yixN7doA+QaRMWv5AL4YBsMBpv20Ayr/5/sALS/oGenPHxFWDK2PKsDeB8593ZSE/ +zsm+UNqUWvTc50VZh6GRb43OuQPc6tcKa8qLm3xVg+8vew6IE1L3Jcsa5D+peyDSrajuPHI4 +zFpJBld29517q+dKRiiwcrHh2/dWFhuZSwtUWQNQ9iwAQ0Lmmtsj8WCud771Zwy67QY2SA3i +Ti/dE5ywlvdutSttPm4e9ILLAtOeaquZa80CXOGTSloMRnD8q20ltvN2zaaFJez1bqaJnCbc +0H+rKYhEctnQjB1gi8SJARwEEAECAAYFAlFB99AACgkQae7qFMGucg2c4ggAun2qNNlxbVXZ +5O1lnvEInn6nxpzcvPqQ6kZh3hMrVee8ivoJmJ1W9zwhkI9SNlda6Hc2NOI+MeQKhDWw84iZ +o0199Utex3OTtvm7OHt+PnNhdSlAW2MLKkoOmOwNAxnkCZ/jK1TcuVx8ROlZefiNn+cgDsy9 +osL/hGcpAxWvlDAv/coMaKdHHM5aX4wJr08nzBzTCjsYLwYH451IIE8KiRElax8r2wwY/XIg +lGD+vxxjtTJsTLSCAwu/GrtOR4bY7fQuZHM4Q1QbFf1uOTJ/CQvXvkHYZ8jpYtyu195xWrzR +goJmqDkQzt+wGupTiZHcun8Lx1YOMGaXH9kWsg1/34kBHAQQAQIABgUCUUJ8sAAKCRDd4hFf +x4SQV+FwB/4hQ2f6+77R+8PgKyK4TWCYty6CqZnJo6AkHlTR6iezMkLFy7UpkDH5w6JZnliy +CVl4q7JaOnxRgqNSpAC3q4PWbZHLmZuNNFwugzLhF4nULWBC1ZpyAcr/9GYIJRoh2MAm2YzM +G6gxYnzTob+XyIjRJSWVKRYIFYkHX6re+j54Ax+qRQB/tSeL/impIGz2kQeCYjCfbW941DKF +wUtunS1vnS/6thCtlbt1YrZzgm6WybPy7cAojJmGPfuHXdncNuUcw8zsWwOcLo/8inIj9PTp +U9CxKPKf+iFiUaceX2flCB2Q7MBhSX8tDS0ii84um5h0b9Fy6kHPJgACWbHgVf76iQEcBBAB +AgAGBQJRSeBmAAoJECZKBfwovitI1gYIAIptKeCd9ASSiqyIM5Xfil6XQDXCa96TXai5Njz9 +jV1HKJdtWyn/Czgh8aVauxm156S0yJkIV6pTdt3Zb05UOAvQcjszKxOD5YNkarcZ3U96osQX +APumjF06ISZOH25/4BzygNxnc6vy4iyAeAUgGVJES4qqen2IiUHOeOmxWriSF/igW0157lAk +qyifhdhDc5DajZrUfQtsg0sKTWW1t+C1LFLrWhtGr876vaS/nvyonhRyj6W2rc9x8qsPNXAR +QQGDvMCAFgmv9ynigS0pQXax+5NzRM9ETtxtpJYBBPqfHwAeWC6o5QZto9QFO5L7tJbpTR54 +Dz0/+t12monM0ZqJARwEEAECAAYFAlFfnTMACgkQ0zImB6Fn+5UBkgf/TDMZgNu4ny8Teh9a +st6B3fmLVWgkT7NjmhWb90fTwX93eUEOBWvClb35qNjtzNbGh5EqTYFuPbHWOm5/jWryGM5X +PmgHdb/1uoASD9buRUcaLjBIjpW0Zq2UiXIdL3PRFoOJQjakT6NUDtbQwRJJN1vrR1YNt+vZ +SNk1qcp/sXzH6pAXRc422gRZw+gOkjZ5gF5MzEXjHnso0+lrXlSE/FPp6dMt3ILtrQjzbKGI +BIY1jAZQKx7zH6GTWEN2TpK3jr+d7L8n4wq9vXHkxbPL54KelM58allGIGj23bwtKBszHwbX +9NoXZl29oYu9YWkykmzH1WrlZJ+ICe0ddkiYeIkBHAQQAQIABgUCUWKP5QAKCRBBg8gUBrId +uKfIB/4+hv3h0OK15L1RcNoozhIkpa3Mu3pBo7kEPrWamptMaYoHrMYPON0Bg2/kkUdWu/2p +tVlh9OF1YSAjJcXmW1mKM6OAOaVR+zOvN6xC1e8khBry04n9Q2ThSW06QNJYsTv/7X2vb0ZH +Ool4hiB39rzRIPW+0fWlXVmO1MZsVqsnnUqLU+FJ67EhNAqqhytzkU7pAJlkuQ0L9Ujwj+be +tGKQnCw0mMrj/cMU6+zM95NlZyOb8wX1AtPDUZW4SuWRmMWgk6I6VpZ1sXd6NTNU3+FU50dw +C/s24mmX1q3Ej0u5eCSrdVY0RP2SWpWFgRtD08tuSk/f0bGjn/iE0I3CUmX/iQEcBBABAgAG +BQJRY+XvAAoJEDuGthDu31umtWkH/3Y/PxNsAfKRCLIHsFYmi/4YtltCkKZaQHBYGriK3w6X +HIVUctmT8Qwlhah37nZmCVpJ6pogdMkaQYEZLNNcPPhJW4xx3dJ9gMaxe4VJSPqUyO1Kpeaa +0Skv8DUEJKZ4vZNxC8xlCvOWt5hifEX+kUJ67jZlqvVxeqXkM2TZJBi8z5o90mzgbD5RG/ZD +mUovkbn1ib5EMNPl3Ku2Q/MPfGqNoZYTbZ4Qo/51th0EgiRkXSaIpmx3P+K1pX0Imyo+h0hM +NEpNTKQFzLT4K03if3KWQvlqfFgv5XrGVME5FQpDjsilrAxfwWhFYFn+W9bVolk8AfaMD+tZ +nEgBEfEfAt+JARwEEAECAAYFAlFlGesACgkQwRuSkxvupLhT1ggAr+14xzOkaYAhN+HPAmql +yWrEMCjD/tcVBGgmq9+J2dTkMCgu35uciXuINKL0Q/8npozDccQ7AoCIw+wRvCK375YAw5Py +iiT7ESiPzqQf2cA/w1j9lzkCfCjeiBqY4GfMZEjUURCpyfyeY7Y8HS4lEbir+IWJIg8vG89p +LYg252RBxlDxMBxSnmg4ADP1Enqo8w4+ffcjWNqMtKQuzdTMtRQmj1IfNzJhYbczO2ZHs9jk +NBiW74LWwMRuUeH6V/7R8XEoTnqhVmvNxt8QL5+0bcUyOrrq4qSf6rYFJ/u0xXKrhHASQLi9 +f73fnOsjwPJo/2l54b7J/HCmjSBCdz/0iokBHAQQAQIABgUCUWs/XAAKCRBVew4h+GQ+m18m +CACl19kmdTdo9qdBIvTCyRMMU2R1ZMuX9uP4O+2puQHaXFGcgbIqrJucj4L+UiJhjiHcg0ZC +OM99Q2MigXliLqavT9nvQ5IHWkF85ykZglJMMkodyXmumvdw0219e3HBWKz7fJ5lg6wK2Ax5 +b0t1D3Sx8BWbJQw2DClfaemhSlkLwbeP3EDy2UOdxV54NhAUDzIQmz9Za9gE9SSgXpP+yIyQ +vhAJQMxgl/rlGKeuZ+ZLF99n/8izIeHNOXbRy1sncv+StVeuMsWmYcBcl8JGRzAoMXK+hujB +Z+yknn0cWspoGFaE8FUhRgb3bfER8Y+AXQDDGYIh+21lO6J6AtjFLsOViQEcBBABAgAGBQJR +bDfBAAoJECk1zCcp6lCSSFUH/jM6er7RzN5EPO/z0VoGnB0bK+awsG1iiAEszENnx0HLHBhW +NfSEjsdFnkymUv76JXpOXE26+DsKmGKIwa+hRw5fN9g9fLOsji6dLtP313rUhRWAAbkeNqxX +gMSM/J7ENV6+83AiBPt4FZkc7JMR+ShDMQi3xWPZGOlKRTf5wmyRfz9Asqm/DPD2R9qveS66 +LEvWpu8g91N1Uwe9ff4qTiDhwuROPtchfq2QEivzxKuFuNep6DvuPn/14s0gQ9lTkz1/l0g9 +eyXi5/ZCUHb2t87LhVEdbfCrpJbmeXLVmYSsUCjUCuwlMmP+yPGHSJ/X+h8OWf18XrtUTSzp +bLL2fZiJARwEEAECAAYFAlF1JhAACgkQCsex80+pdqd2GAf/agEi9aWivHuDLhapTvul816F +Ec+JlU3mmfwJIL3LS8yMbmL0fuSQ223pAKnyQ8Q4B43h+T869MXWjA9ECnBFd0uCLBfpdJdk +sauy+yQmADIhmlcNEXuw+5LqfrlP1u/ww9NXW5ufgwoH4SqAG/eY8dKUlgbpcLSSZ+icrpjc +7oMqA+TtNJDm4xaThki88cb1az8vgVk/Pj6GYy14TmgGFHaYq7UQ/Kud2WlaxEpsMSxAB19C +Z679RYglFq11tKDL2+NhhpfFI0621LeBODejRQPTk3yJVMpVsbK0Q6dCLztmwVXrG+Jg5hcU ++eYcgJcGLqwjYCRkrO2kUp9hsq+TeIkBHAQQAQIABgUCUYE/mgAKCRBlcFa6HPatjbUtCACj +1fbxm5dLFSvNougJZoPwtpZbhjb38sU8qj+W3WgeqKUWeXwhroyDZNWRcYSHWA+YP/0ka/R8 +2GCfO7AJ94jvzfXwDqs1pPFmNI8BtBAxY74IaNgvSjmeMTc2cAOlK6tZhPlWKozUOX01+/oC +PKb43oPoaXEe/YSUCaSldeBYutaLzWsiqoXVaWqzv/MuNXbDaRONcjBOFsISKCnMaz556qbe +eHs89q9ykdABfUrJXaMfBufDG/5qN0j1qXEMZ3hxAg4Jap80+DP46De0EogLYaO4Sq8xg3yO +c+R0k07PRQ99cIp8nD8nH10H4WmRbnMiDHt2Cum061f4XnspNh2viQEcBBABAgAGBQJRg1ys +AAoJEFsSJrzl6SsqT5cIALC52wwHo2vBIFsx2CKsz3DazwgP0HLiSpC226RZeDDouWa6iHKA +ESGQboOddNvuuecZjg6rVFmFUW+vOiesOwQw+74MMCEWZ2LeZSB32bUPFUJheaiy2u/rKm6C +DdcXdWFxLU0kFAikfmdSPl4VESGYeO6e3O+caaQ8et88ym/foROX2ofV+v4W9Th4PXK+9aXR +XxeQHz13Qebe4FD4JPtUdOcL6Ug6ZKAcyQbZwT1Pqz6fyR/M+0J7at7HIUQINscLzAzYQlkI +z3iSTcWr7lSNiikUXlgH4GWp4A1yAk4uK0g3URwfMtNC6wKXmPHpSi+Am2xqAmGneFkoI9R2 +hHyJARwEEAECAAYFAlGDbogACgkQoxOWySzF1k67YAf+IbZxHdPoSL+RMIEgg8A+WBeNuVb6 +jNKZu5/Zb0KW2C7dfxOkDMlDhMF7KBKYxSXPhs72ibLyo7Pcm7TVDCNwA2so6WQvLmH+neO9 +tPGgFmVuLzF/eNi5IBqPdMqSNhHtyAdFly/1PsLHtc6o92wgAFyJstqwH7FhGsVOhxB9UI4Y +jkIrmMmUX9VVv3U4MeQi37aQFEM14C5b0sIVvP4r5lS9+UXx4a3tNnKk7XwWyNYpk8oxTPW5 +tIT3vGxocuB9jOfy4FmmxbgJzhp8MD0i2l5GCCxcWEK/9tDT2qLJ/ockqq/kTbuBSQCZUkfT ++ykB8l2vRpbmMSD7sb87gADBG4kBHAQQAQIABgUCUZ3AygAKCRA1X5ykJ/NwLqntCADgY42H +cNHzXcn6s1eRt95KkZJQinz9SuFbmq1UNjg8+bZZaG5LHH9LIYPT2U8meiOERkKqkzKCTTnQ +P0hCxUv7WEu9dyVBnsckr1l/ys6mZsSWxkcNWwBKQHk3EPsX/ftMDRJkg14laPU/lv93UVaW +70kdeOlEAa5wJskX5EbXlHafGdCYmaWnmW9wxCkWFRRanrDW4nfWj1a3pSRtc47X+THKlSTe +mREZV2l2H6XLdrJ0YIEufNVkq/nVKdSa/4ZsgTtcn+/iVdKGKfjU/Hlfq1QktoBGMDs6d9hy +Dy6MjO/kwfGQuQAQRrGl2Gb0+83L/PRfVUf9mK0pWGjLt7ieiQEcBBABAgAGBQJRnc1/AAoJ +ED9CoAXznqAx4YkH/1NUgd65dpahx4VOcQNZCEkHXAZZHsREddP7ex3FVf8rBMhsLN8oRfRZ +CNtuqew6R+/TpON3T9LIrpyfS2MHPbPHKW+yROcuIj0yPQ2XiAfNb7REqHLbqji4KDLwwwD8 +LIzJpkPQzpSL3MNfAyOs/qEczUWUkH2vn5FLr7IItJix2//9nM0r2j/HQUr2FCh0VY1NvDiW +6DvoJcP/dC1mX/3SiEfP6CUBiXzaH2gAPZB/uEnvnhZwPSlid116/Qp2VlMFsUQWRaczwnbx +ipxgxSpxV9x98UVfkaSEl7mwkU5UmTlzHULFKJbbD0BH6dsx6HXEs3cDK+KzFS+YW8M8K9eJ +ARwEEAECAAYFAlGmG0MACgkQwrMbQ4YWXkuojQf/WgbnnB4QW8mDelKsd8LvIM0APbUAYtHt +TyFy4Nht/dyUMXtcE79my0OpFDIsv2uxDf0Cs9Z4BQ42aQ6p7qpbrJvqJlgIL9D+4KvJ0tvt +w3/2T7KyOQ89GWGnmv4SsjA8b6WNYCSPVfPd7NMt0n6Nuqtkksb8RD1jQAGRurwmNWss9THz +lPD7fs/hOvbuC8MSxftZv6MyKMg2O/GIbXOO9Hrc/7cTxWN3r74tQZ8wBeWpqrtDkgS+jjCr +7Mk9UQdQfeR493oYMZmGU2l0adNygwnPVXZOoTalPkMLByRuB+ToyRwq1tbXbEQzxdKvOf6e +zB+qg9udhXy38PynK+Ohv4kBHAQQAQIABgUCUaiV8QAKCRACGDhZjpW7el1ACACgY4CaJM36 +7N6T5ZE08NJYUBS/0kgZpaXINzmNlBw9ouv1jlBEG3Eo8M8aTbIBgiIozVRMSXXgwXD4G9qn +IxM+W8dDHMb46klQrN6gPJbb4VQD/CeWjdp8AbwCuiTRqHhMu2BVfWP7N4KUBjJgIN3jZ6xG +9FUCPJnhoST2i2IC6vD+TAACn9rpMlpg9FsBfswd/SE8hfZdwbAZ1H6wH6EuZheS0o6bs3ts +sO9gl7oS/WQ/6NOJ4n2ZwuEQ0/2foMkszBgouFkG/EfSHPwVJH7ZCj1+7rg7Bk27+c6WJevr +wKC6H5wqH66D16zFroHD9xmHhm+DLk9G7JeXvqXEHqN6iQEcBBABAgAGBQJRrZXIAAoJEO+Z +G53aU2Xh4zMIAJKz29cXFKUWVevC8GqRY/xtAnWKDO8hOd5gRgXkleTXDOufWstq3F5o7nq1 +FRAgoi09nJmE8WXGagDvlMFIl4fw0W/HrRmxOYmLJen7oswfLtwAa8TaQbn6xbSftoV0qPNu +Ol5pfIQBOefE4qIZzDzFq6blo2IJc6TiSaGnOM3ao7/poGapY892GThoOSUILlxv9qYamNnz +Gt+76NGwqhlwFqpSx8ZaAeR1c531o5YrLqNSPNDUTN8P3bRrfv0Sgzkr8KSRKKcuRVyvlCXN +3v5faBdRxIejG1yvhrazhsKhmWRp153EwtZEnxPnpuDRZRX/hfpw6WGD1aXymnwxQmaJARwE +EAECAAYFAlG0CX4ACgkQKw3FpI/K1Nf35QgApT6Pg45zHLy1lnqHLVGDirDt8IqDOTpI93wx +JsbNDceoE+Ighe2yuQJx7HuslupRRWRR+7Aos/DUJxbPfuUkOgdkiWDb3r9lvfEy9ik17DQK +2j/odtWj589D0vm43CUJrsFuLSFjWJqfhFsp3RppoA8v7ZTMJN0lbF/qTexNgJSoa7sSwv+1 +F1ja32S/R4AEq2J4JQyizsyDbuaoArftvf9Oh10zRf7jNUtVsxEiSwTCqZtLHbVpPoRxeNoN +29jgMgDvSpeFI/DhB50nLGIlshzMaFEDMCIC+67dieW1s2FBMjQMNa4WpkyaFNZoL+5+o5+M +FsWUpm13EShFwxp2CokBHAQQAQIABgUCUbXArAAKCRB05yJqZYXQ6qzNB/9PH+opVsq6l2Cc +yWgp4SOFPFPaRo66Wo5oYOCgOCJPoQ0u/Xu69tyT5NzfIl2xImg/nBLC3dU0Hr9v959Gajqs +PuQmh2nNlRtY+4Cn7A2HeXJ74E/RypsYlPr2JWwQjJvl2ZG+quKi5qERQgvOehZkcatY7J9y +6GvKa4g1h9HF+qHWpmeFhvUYBU5UGyJxMfMI6TNtEniDl0tqkZaYWR7MFiEgTJMXXaQ1QZvD +8IxXTIihaEvaGwQHOAlREEnshFCfH8bFj+1F5JNktLqhhj0JvUqR2HRSeuSHDMwUw6Kfol+i +ka1hA00BIVILvL69KnXbQbyOhNn+2Jug6TZW+Z8GiQEcBBABAgAGBQJRxbHrAAoJECooSaQf +NV00g5sIAIqtUn4mmxiezqvJ53MMKvSvehSW2WquH7oapqrlLCNUd4R4mQB5ZdBrQ4+XYQjQ +JtZVlxNQ5pwZCTqzO1s5V3j/F3/jx4wxnZnyd1+b4PRdRAxH/ZFqXwtSeOnr+ewSja7/uVSh +KE/d0gK/ug4cd18UuyVJB3AlCcVZKi2ZL8kcKELjy6NxLXqo9vBesqpZoWZnUvxgfeJIrOFj +u7opEH6lEwxJp7uqfMFo+GIQWbt2UbUDuGrvEHlT2Nna7B2OoQxBTnNPfbr0bTReayC+85e8 +rjWaXz7J46TC80TuHFoOo6yg50Y0oyqkYUy9T+6XAek+BuwgVhRUFcFC+NvJeg6JARwEEAEC +AAYFAlHIT7EACgkQ4MCqw3k+VflMewf/csH9xF9jK1EV7qhKruLbk1TD2wVtsRdLGUbehukN +YIXrsMRXItqtXrLArgNEZq6OMd5dmg2uuOLOoh+UxvJka1CRJ9ixJ66wKE8A5prpS5ABwS89 +nIHTWYkpGfN8quHX63jtnrkx22p+TOp9cyuhytdrpq7lGhbujV2KXdNdTwvcT0F0hFI3FLdl +DUPtXDKBPyQxQRmZlOzP+Tc1hSgE8yZ2H2/bdlTOX8eOtOBm9sl8RMbe2v9+VGwgybQC4TlH +jJnqjC141s+4ROnlVsrD4QaRKcH0+vwlYT4Vs9XOvp9Ld/f/H8trkm/f/d9ASUpM2x3XgJwA +8bR0BugCr4tUlokBHAQQAQIABgUCUdivfQAKCRCjzz4vOsXV85MVB/90FcsiLiUsrsVmpI+5 +dw8amoiXHxZHdU2NMEsxGPkTw/g9fPNC/aoSWd45+iwJksMwGa33yVoo7847q4QlIWFIlYD/ +FPc+yKtyGp1LtmVrWBprvAxKLqi44d3KSJkKY6VA1C4RDRcM6lrNmj4RYTHBczxeZ9T+YIpx +g3xsz1zbwQyg2Ii26ix9bgWfKCbBNgTROQ6LVpv6+Fe4+vX/f+Cbognajd06KQfndnRNHlZH +HWBQzjZP1bgEyLUKcL8AEhn3Mztq6MEDu0IWlCKvWnBt/GdU5tiZ9jQjpmY52Xgu0/JVpFA9 +27g/JlnXqVW2v/q1DDgkgTf+hBEHlDOU04L3iQEcBBABAgAGBQJR2vflAAoJEPpV1tS96/u5 +cicH/2OeUmMqIQ74hGlzLEAYeKo6Z7lttEJBU1OMnnZpR1kLkNhpOL92B+gKxA12s1Xc+q94 +hMaj1w1dl44qZPJDgCfV8qYmSmW6gn0aMR8SKm8tuKupIbXDwsW1SjP0T7c4nRjImuJAslgh +jac3kEGvB6EelU1badUHdB6Js3hzdv2eWvp5og6TVTTS4LMlxEvI8XVPUsQr3ifst3z+W5kB +qAPfJYCfDrMGcxLYzKjJiE/2aVCVyx2utC4cAMhqMeRM5Fql6OkpSovDg/bbnhFBqmuEasaB +FxagMPP2r7Ad7zMTgW3vluphBk1bYLZZKgqgdShn0S/s6dAy2kwfD3i11bGJARwEEAECAAYF +AlHd3DsACgkQ8tLc9BesrdBItAf9GGRh4EQJRlN9g2Mng/MnXkAMKBYDd3NFePzZdwZAhNa0 +UMEc6NvIJG1tASfLpQJSueY8iCXS2vCgL8uiTXcqXgHw2fcpEgpn+HkA5Nls/uAbUMMSagE3 +dsYRK2Yp0qCaIpG2dwP08mxQBoLkbkjVTveURbCUWui4ojpnvQA5L95qWfLyKrrtqSRTY62M +31K8xIGkJ9k3a3Ru590CsVclFuqLCVWmQesP9Fh0P1mcWq3anttSn80HZeKZPrVx32R+S3Es +VTaTNyLjJmu3fBJqqxXg8DnftcMTseZisjKb5D8Q8pIWUDpayOo1KC9ovor5NgNb9uDB4tts +C5MSVYt2P4kBHAQQAQIABgUCUeBSOwAKCRAanXQ/v/dn8M90B/9nmFPvG3e9dhZw9fKnJCId +YjikHcNGeUQFDf9ihzC1+CBeo2HxZWppgwxBPtg1Bbwv8/GzAIWjVlfmweOzwj+fUMYKAxnd +J5b+mXe4+0EWAFMRLhkwoHd6W7j2rZXxfbfgSbWM+QSg2JfnDi4RLxo8B95bc9xFT9SCn54q +uPOReWD5L5QHvYOHuG8IZMUz0IkxenOtTOztznb/TEjun8dER0GnMXa1cnMiQYmnbedAAfbt +7JrFTK3RZXM2YfGUkXUrvxiu2e0ws7Zt4PaGAMVMv+uz7tDhlISbGwf4HxoN4NNJ2zZmBTQA +3bwLuSNzL1GSmUsxiojSHGXrCs6TXzsciQEcBBABAgAGBQJR5FhrAAoJEFR7AJAV/jtFhBUH +/2nFnA7ROBOW2dlby/u4Bqfwi3HhA123ZrpIHq1Qoy1TWoXFFLkE1kSmYY/WfdL+aQSzsufR +NbCsWGR63qhXW3V3FrCHMoZL8M+ItjiV5+ZGLaw/h2lzIl7XqwNjAC2ygwVLcdp/DRki3Y/U +KvlLFzA6bcnyGLcKKRD6ZLd1d8Xh7uaP5WxK2xCD9+X4FvnXf6YHvHfUj/NfydXqlGHo57hd +X+IHVjCRIazNQ+o75Pi5qhOnXpfl6Byup7Pe7MpMrNhP9Ms29xlJmodTYyDq1HJbtQAAQE+U +bXpFnmUYRHH2IjpacEqsUAb0Yep4mlLuXFm0sYJABJW+r8i+bAicB/SJARwEEAECAAYFAlHm +94MACgkQ7ZcPmWbP4F5tyAf/e0fWvN+xR4MhxG05LsFHG953HWLQzOI4mzdx/0dXpS64J5iv +zamzsJLUMcJ1KrKv0uAHUDIsMQHCGVA31yc0um2x75hJ8KS2n2ApHYKBdp/W5LuxgYK+wkz9 +VJz+fURc57u/H0QttpX4xldO3OiITLp52iA2ibYIVotuZ+WS28ae+sCXN6YbFfoR5kOnePgD +bjBerxSrA6Xeg6FNzA5x8vs3tJs2iIRYjDm4STWItIdlbuvs7kKH/JYnZ6YvcHri0iWgMKWz +/oEgWP33feBoTmwTeFHK7lMOsyuDpOLTfyMjNezeFUDdmEIfS4MnPyB7CbMLz9m9hVALgo34 +g0DqiIkBHAQQAQIABgUCUekK+gAKCRDyZfAAHT7vSjR3B/9qzjQya8LLyiwhzSB8jmIU54Z2 +yqqK68Q8dqKLPlxgBCmc45ChKyJqrbPpqgxhdnDd4TfZtWApa52GJUgykq6QyUmZFs6MqptG +z2zqQ50OOzs7IBSWPHTXZsGCTif+GhnKJrNJgyzA6anTNGxxtFkzjOIp5Acw1I6gJfyVgFue +HzbMQG5m9hLo3maKaNihHKKvZjkJ1u6pZyg2J0iMkx3WQAFDIaQoqsENix0pEnOYjK6FJIEJ +rJXaBf80Ue6XpN+VOtrNTqzkoO7NAeER9ENSz0P/ITK9MrbCq4Wk5st4ei9dd4D1O85d6svu +L9GC7vGPF4XY/k4LXB98yBo8C2tsiQEcBBABAgAGBQJR7XnbAAoJEHT43GBDjSqAEk8H/jWJ +mv/EOEf0s3DnifZBxw6tV7d6U84bCX0rtQioSTkjqdGzVrHl5XfUp1gCaA6mNVg2jM8Cj0+X +GMvWfzqnLTATXhAn+ZzP+dmfOgBkuDQik84MWgiH/Sj7By4ltJgwiY+YpOY6vGWECCFWO4BT +FQu0EL6PoLP7keTrdQ8XtdEl0PT16ovdqEOoCQJhttH8SAuCa94m2tTbz5Zw20p7sP0V9w3S +FahujA74fuIF0CKyI1Xo7EeVlwR4x3FTfs7UmxvFjwn8YmB3JP6Qc0DZX4xvC9aD3rW+a+J6 +59p1bGmvf8q5NzXztK2T+OiFPerdKB2NXHswJ4cpodLBCFzzibqJARwEEAECAAYFAlHu4OIA +CgkQVieLNxEy1mKVvwgArORXlVP/8NFIwtovZJkzj6O2mPiSXTB7W+S6n7VqGr/O/nKexNGS +Yek+59rWJnufetyrGNXfI/6XjytuBbiAVOg651UF7L/tEcXdpCXF77apbITIOvSxIgJXyra8 +q64OCX4QTnjjYRVy98qGg9Yxsd1gf6Qsm7u4IZxksv98ceQjaSGlgZmoh7cEvXhOqMPsiZEs +Fi9ohPmCl1yqBK6X+yXqL7eALTyz6UzNbPZyM0smZZrkjeEwmjdFBWJO4H1a8QhOJxSKlKty +xX6k3e/5pQfK9UBuroWkUKQXb4FBjpku+Nlw+07K4jJ0PV1uPxtCcK6ezXoaOQ/2dgZEk/it +wokBHAQQAQIABgUCUgJF4gAKCRA74uY/uHzdzGbiCACbhjSlPLEyej126Ei3G7YJWFBt51Dm +Q2NDU/07XxjN1vIpLJyHId2BbOdQgnE1M6OTQ54hjuKlKFYoPz55QTpvi6nj+wweOalHON5H +/ZBGx9xZFq2oYNXHaOPQb46qKEyPuU9fSFNZps0DOHfS21TJDFgFGJzFVi8NHNNHo0OTDbKC +p+EVvrXqwG0WGLnW/1VRsHRfvI8CcdLUYrpKRJD3DYSJgZ10VdPB00ybItJHS5St/jjS22H+ +fgivGMPwsmLunrjXs7DY3cY7DhesoCr4mR0/jmszhN0YpRtvTNeK6QYhAas3tOk1gfJQjtZR +3rLD7D+F3lIuPH74ujAOYb4YiQEcBBABAgAGBQJSBfLjAAoJEHTQ/Jkd9Gw2+UQIALHrJHaM +W5c+CS1v350MACQ/rjbsG4yiWk71XDRmuOPFEeG8TeN64Q7PRNBhIPfyUcY10cVK717lkj/y +jbykD66yowN35VBkewPHzZLrznVcBpTpwHjytCH+1/YF4HvNSMHsNRpjLZ/3oy7hblQaqrSy +h0M1X2U4LR3MEck8q+ki0n8Okyj8pkiQ3LfheB7YZowV9dKlw3PUIeVEWp9cwY+9RV1/Lhtd +Qyv4ZGHQYrK2wJ4V9P6ALnuChsdY7cHsHq0bhT2FGGDWyCQPtpzrlkr3311GJXOsapg33/lW +jU+kP0rlCmKHBCCUV+R65inuX8wAVpzm9AGM3kWORN8bNPKJARwEEAECAAYFAlIH7FwACgkQ +oXATbFajGZXuxQf9HRtEEPMM1w1p0CkdLb+5tlJaVu6s74Nw73fhls5qbFRHKi2eRoV4j4os ++rCVOdvDzTBvkFnFlnsaypTErrMNwoieyfc091FONKuNxJORNhl9lNIIOsy8kKsslQzzesUh +ttRInclpOn304DKaRwmtk5bj6nEmqIVdanfW8pRLyZ32aBcNMG9CJyVWLlAy2jYYg3fsIF/G +GkFURJXGoLd7lLCx4o9D6s8XYqJlH4pC0O6F5PnzDMZ7w0rP3R4wgnCbvbwCqZ3FbMNfuM8K +WzUzJIe4TcRGfDw/YGgn/9CUjq2DdTCAH78yZjQ7ZmLDiB3H9G0sd8KDC43e3h/z+Q8xUokB +HAQQAQIABgUCUhcnxQAKCRBwsUi65jRVBQTqB/0XEjPrElnwRpI2zKD7cd2Z/qWfZ2CIY76Y +qP589NFiBePhqTJX2Qsc7OkyAxibdU5YW9gbbqnBO/pK/un0yMkj0wpoZKWiiBx31n3KT1pC +Lf2dbExkW3hRTyUDrv1RYlwBuuj1hAeFJkPopn4eU9C/aW313txlIV77f0wgGPSPZkaA/v3N +AJFLnk3HPZBekq1WOtMbqg3E3RyMWy8LjGXxcxy2KA04cEwK2DKy0WyjKWgWFNt24bjFGwBy +JFsoXaPbBK4NzOmeFLBy9YGHIcL+ILS2s9Bn0I9l0dfeE2xkBgbvBibsVYGuHZLj7+/7yO19 +TO8NO3opuSiQAB09jYFjiQEcBBABAgAGBQJSGQIfAAoJEO6XheIHuF47K+4H/0DilkDI/WGT +C6cGC3cKGWa8+5TmIjO2Rrfl4MXYZnZWcA9pCSEHbBHVqfNTwBuoESL5OQMvt8Eqtlj7rAoH +bN05Ydl95wOkbL5EoPCmicbo5JE9eTfMHn0tq1ZjEBkC2n1neLz1kOKfT6dz8BQVlGB3aybo +ZQ7WY+gmXrsknZIA4rmt5p+EJ0w/n0+MLTWbI76y2SjDhOr2Rehdfs+saCt0VeC/eW+Pwx4m +njNd4Cdrto76qm3DoiEbb/Py7xxM15yG3jzRHFrN0P+4ljdDxKWlmwWGhYihz8hxkn8FNy8C +B/kmMwRC+ssmUcm3RnWkWGydynfxmnd7LhOW9MVOY9OJARwEEAECAAYFAlIdJQoACgkQqMm2 +Gb0uHRjyDAf/ZTJZTTGWAmYwZz+DA/7knngJT8GL8doJvARFhSlmo0xOzCP2ykrLNFL2h6OX +mQIHSqzevvfjv5MVR1MQ/0wwphFsfdC2KcjYHMxTCwOiAzXgCFEMEH3a9fqpVDbxF1ehHAKE +87Bm/6IOfqecrn/jPmfCEEAKbPuwTvP14kipm1y8rYEr5qxg1HRvEzSyFO2nNBjF0Rx85sfN +aj6qk4Vt6lN9qopm3hjByz1OohuWk8niqaZyoWgO7PgJ88UOc+M1c7/3mipISaWfKB+f5Ltb +Vz+9o6cTyU1BMAoEwJ2k71+87o36s+Bs67lpxSoTsSISAV+/2DNFLv+dZI1OSjAc64kBHAQQ +AQIABgUCUiIFowAKCRDOAexgFpkC6n2aCACDghIu3jAPiCoqGc+hlVK9iJC8NK6ZAZ0kQDil +X9+o1lJMoojWLR0TATRZ7NBkS8cP7Za+c4Uubj5RjrBAVmTEr/em6ZwcR0ZNDwhNYe9gd7Ov +A5I9wm/slrTfzqpV+WxPTSVOWoWAW2zpR+mfL55njAqqNRvM1yD0S09IzHU6svhKElH8BEf3 +qvwSreqyw4DGuR+M9QyKnrYrYIVKdUMgqSNd/i6+xBKjuvioVGY1wVpp8dwIdEY6FQxu554c +y5ULw6SIOfA6zVkf0gBt+bVsoqjRDhmCJVzsnoNbjtaOPi146AcCF+vPq/Lkaw+t0D6D+gvY +YB7XrWL/Pc5ReuouiQEcBBABAgAGBQJSIgW4AAoJELyK171eWQw7RUYH/0ezM1UtekdpQrbt +IFUovYXq0v3E+wShR8ALUSmaBbHUfNaDKr/QwmwjiX2WVdiZadDF0Mp9fYLyujPbWf955A3N +eqingMuDNH9nYhZ2PbQnWPyQEn0nORn5OsRkqK6IxsfFUMA4G8qa+cDigCd4IgJtzUqsMaVS +1nnbJS7K06i/OJJ6F70nr3riNANwR7sV6RAfjBW0QxrXt+ElskHFR+ATrRHujSHpiEUrae0z +ysLW/ZLnKE1TrY675DK29f8R5CHv/xTkpBSXSPHTUM2BMjKM/9ShAt7K2HfRX1VnB/ZS8MCj +poL4X36EYMWN4z7igPYC6+u0caimdaPF14zmLgCJARwEEAECAAYFAlIkThwACgkQrdp1AmdY +a3BawAgAtO1fjXrZ828VdNOn8MHNTYT5Y6B8Jb3nyseZ5WIGeH7DmeMB9kcoeaLZ8OrlrAxQ +HZu+1kIAQXAaU9GMcrHbznB4NoG7/5ubO29NeviZeMoGbwzsHWeQIiiCiKQCvNEUGDwgzpq9 +teLMRL08hUD2KEuFgH66GQWK9Spg/g3sYGblw9CL3waHsW1Pwsr33NFxcOPSe8PVJX9PuI7d +E9Od6M8h9COimXsLhCKa+iSauf/tJoIpa4Viv4ShX9yRw7RvC7JeGFYJ75riWJb9k8wMF0UK +GSvB2850yEd2m5/MsyUFotNmRm0mdRPAN+J/cxnQq5y8Teu/xHTu3zdloKKbM4kBHAQQAQIA +BgUCUiRsbgAKCRBjhALaiWq9prm/CACqJgGhEPIrmAG9FuTJo98TrSL0mHJmF1GFrQhcQqh1 +vBYRpCX4t/qvVP+V2yfDnJ2XVaAgweiUnQNexUqSwD1LqJFBnyUmiYc+WCzKnGfo4hsWsVXR +JDXeVENRNR8h9eik8W+D9Wgx7QuM5ZVAmhnxJnhiSPUEDVMvhpKq4kyGaN9C2bo0NpsBMRcl +aqbC65NzzaSpT4P0raWGOynOzXRJn07KF9EnQ+Kle6tLYtrmpR/LQwXDVb7jayCebZbaRZ8B +zPK+Z2MCEXFQcPpAAcg2cerKSaG+py93crDmcjWlGHq7o9FoMG9TKMAKOzeNwEag02oWOrZ4 +fGUer22eaYyNiQEcBBABAgAGBQJSJ68lAAoJEDjCUpDTp+PJEEUH/j1pbzVafhsU4de/Xlas +nBoDTbQy0brhcTFkrz2l2wsBGgqzfbkRGFo8QAx5noKMA408ZeH0z6dDbX8a5W6tXWymBhGA +OGaO4jMfrYR+lJjkJUx1XtdrXAGqQ+HWUxgTbQ0pdiz40iCJyA9cxthOe+zEboVHkMg4RN8w +RvvVlwDfyfKyQgakhvEpirNan+GWWdSrf6mH6OYqI6y0or93CtyEOxHpUOt/YKVUumwz6QQf +1fjrwbO2tjxnWAoF58FDsWxozed/syRkkxt3yp6v4t5LGvby+R36rbh/+7E1sSwn/xOqUp5f +Y0tR/5DnqkfyixFAvUVynLBi+EkU65PnfamJARwEEAECAAYFAlIoCZ8ACgkQDCD/JsAJHJnJ +GQf9En8A5BhWm/kx5fZJpwnlZ7V6PzJU56o7ZWgeERcglEZkAz1uG3vAtsykEnSCpbI4cjUT +C2QQfFJv9rjr23uentC9I5xNoMy6VCMlsEt4bPV09Sue6A3u0oLcs/Wju05mfrYnqrOwo+40 +9ul+9LR2fXU09LIqz1xmRiOgiN+tC/i4q1w4phg3SjXePaXC1rSm7IHZLY4q/yyWciyh8RfS +wvdf20Q/AmMGbhTdbUkcCk+t4FLYPE9LhOWTnHCNwX86gshfBnodUB1LHb/3bVuNs2ln7i1+ +Dtv+m5vsA8S7SzGmMQYGcFjaVaHa6RgwLzg4/xDLN41CJri9bvhLS74Ai4kBHAQQAQIABgUC +UiubpgAKCRDAm/DZkTx6+MBLCACvHOtWf4bhMGpXV3qUWUMJFbXiv4+GeMydAj6GrXILq9S2 +u+vBq4tqeYdtvUzXP9FOdy4UP+ZOoh1i1Im1IWRJhuRmhs2G4p/eIkJjQE7KRXrXwDTEQlzy +EXcSHCCntMc/kDe9C49KsbB1oL70Og5t/hdbMVpqmxVCYDHd/siGua1VEiRhk/X15BllAqOr +8G+BGgt/HkwwoM2gi640IE3CvuvyHRurRwKMMSUkHXyWPT9nQ+RHkbWg6B7ol1hJpHaqBf3t +NWBNknmfwmYwKYgevHEG0ggYnY7vbJLSu6rVV6A4pgaUzKNwh8nW2mz6f4hH+g4uLiinjzUV +O9Vgs9l6iQEcBBABCAAGBQJKBM65AAoJEGjoO1fLiqD/wmYIAIti4ydMJKbEKkni1dkxdLgx +du+sTVzXRPW99tX3r3Zs8sIYSTUZZ0AZCU0ra9+V/h8QT4Fpwsda37FwZB/AFBL61IsNQ//K +he03mkCUGl6gSXJ+R+IeshUmUXVybnU63hr+c0wLMnzADtcwoIuYiWXRWVCfd1TW8QLN5gnO +ERSRx75JVnUS25fsn1cRBgQsw1sthAj+m1nZcby6AsmoJdudyBRSfNFe/NhQXlHdUVQEF8YK +NP1u3IBXFrPC4zbd9PsQqS//exGScKcE0/qzPZC0QDjD0Z4OOR3/LvndRMN28+xpaVAl0aWR +87HjyPt7GxhMkjDLRpf5JM82U1Hvf1uJARwEEAEIAAYFAkomf78ACgkQmwAFc+oKX7L+Ggf/ +fYB4uayHM649MgHGTe2D7bcDlrUNmNQ2r70f4Ad3bgaj1oqqfgq25CWvH+L1rkXEPKIJ/w8m +qZuBKu1k6shTMVX0P5zhFQL3UL+kChbCPlZQL07tPCApGhsK0LOlAdnBRWq15IVktMKdq9R2 +PWOtmS9d0P35tv9RKuiuc+sqezQWw7NeTfQzD3jMW6rgnRysZQue9135KwYweJ25uIcg/nNt +N29o/CisGWyCTg0g8SWqAAV7ggSpqdiEQuyZdkVC5auXLpj5K/44e78CQ4secWn/nKTvwMB5 +GhM6ZCrtjy/eLQ4u8Hsk7zyk9mOIucfOo4YoByp6dKE2B/VZt5IDWokBHAQQAQgABgUCS3vq +tAAKCRDPqH/hU3mWXS65CAC0exrOQgT6Y1fb/lA69kKhi2J/hCL7ytq/LsoTGxZuYQK/V6aK +E49Lu+02cMb8vdrlvJ4avqTYFDi9kZwoD9IKUACI+hbtmXm96pJoODZm6PtD4KFEtBGy0n+U +f6wOVwb1feRDZMuyIOzXRePjHFZIYvJBLGZBIRxkRF0EmSqKAo+d+32yfojS9xuMimdhHQIS +4YGzW3PUfVVnRY/HXGkqqftTUJQMdVjjVpqdTnh8RngjKHC0m444nCQNfpvpB+/X/gnoRmDW +iuiKsDy9ObVK6xW7+tHnyZJxSJulkK7XzD1rx6FNoid+ejrICWfmVP4t8qq5lhMzZgDw1RV5 +YoIWiQEcBBEBAgAGBQJNhF/QAAoJEBJjlUW4oI4v8w8IAIjG4CEKwngPl4Vk1VPJMD+maA1F +2Qxks1Bck3saRo3Q5EqUdgKPJLltzOqfPBfOzoeZ+yuuFLBBSp+OT01eAndQcrFoqtFZvHlx +Dj67mxE8hQgMYMiQtjkD15z1ZWa8B1nhcVkGUS64AVycv+EIkKLi13a4VAsVv9eKkBvaxmPU +rSWk1tqe03MySDKS8HqWN3Dq4+PkZt3Y8zdVSnmseKd2Q5l5bXoUESdGu+er/fEUsXSEIt2T +nYe7JnhfVVmDUCRK/HeCcDV6n/jJ0cj6Q9zMqIouAGh3zizMoPBpudoNcSyH+hzM8p5KBUix +OrIiEwe8KZQ5CetQiFoCvh+15HqJARwEEQECAAYFAk2EYVsACgkQEb+yrRzuPBclegf+IFr7 +Hn+fvmHTrnTvjNFdWB2+poQmvbLpwllwL6/MbK9e4ak9g5Qy2dI4ks+tS5WiPkQliKeny/Jj +cQd1/O8HEcCDq+pWv40wpxdLpRXZ8qqEotEipmI0BmBHVkMqqnPXzYU4lcN+hFGXiu6l1JOW +05K1FUZ9eN4zW/pgRkS8y8TuL1J2OF0UL13hhx9P0ysXjDvaJR7zEG/XCVGtzyWCJPpqx09C +5mscSXw9h9aAmFVer9tWQHDdzGgPbsFW5rrvgQeMvewPHKfjS+N/PF4h8h/zun0ijI6l1zeJ +5Hh3OtmLiw2EkXGjg/lT5NSlsljAdeqWOUORwUOtl7X7SaapaIkBHAQRAQIABgUCTYRvvQAK +CRA6rA3f1MAzrsh4B/4hHGIG3Ly4ncYTNdvUYkfxaBFYpWuyHQ5s+ytIwyxot8KGR+clVYdB +FXmmNrCecapqGAo3nu/E2dmiyDXqaeAVzFY4gJR/11MF4nU3hhnCV0PMNb/KXqRoGrwzEdTs +sNlJG4vUzBC5DRMg/0BAHreci+k/tGdSNUebyR5//j4axUABNPPoWhp51PYOWUKDJldffOJE +h2UeSVyLcb//9gVqTB33gOMaxHvqHuFvqQhsorWkORiOzzgVR0CyCH2qLPQKGVwHlwSnopF5 +mrHBqSFJp99wtpnc7N9Z753/qktQllz0DqHmfJmaW+CvTnZGqobFJX6FxXVHKLBEQ2xqPP2y +iQEcBBEBAgAGBQJOIecnAAoJEIoZZJro27UV4xEIALWJ6Xxl0V9cCSwgNKzjUzLppFx4Lw8o +PJ+DbC8fGSwYaJ34eJbvCby3f0SaBGKTSTHQB34wSznH1rxNGLxkgeRfXr1XvNBGq9cayWl7 +9bgHbplVJYqUsxcJAQUAVj+zaGqUqWNTxKN74eXXof8mKZHVkScGG5VGUMdm/Y22M13kZMTk +ay+EDyAX0n01NOjtoi8HrAQ8xmZxYqJ8+r78KhyxKTBjlMx56R1Gj+2AlTaOMJUt4b4VAIWt +B50kyMfI4Y+ttZ6gXNmwSG7i0Ewr5gz64E9kCzEz9XsU6jJeDuKUcNiUKXkFGCCbIK1c4wNN +owxjC3AgtAGnqWtcVHygolGJARwEEgECAAYFAkhOgiQACgkQryzNxfXa5leUqQf/a2/qlnEr +4eas5uXn+vlBiPAv5Q7v6FOZlwaVuvFF6YV1vFAvMjuMoLjOFQdfDIbFywGy8wN1o+fULzUF +jTdmd0OWS53118WYDEj0UfZjXfplfC0lhdYdIbTnYwfy0H8/riC2UCmmmomuolYY6aV8Ccgj +TFL6xO8siYDFF1GZ4u6FUB1RJ2fKW+YjoBSkMIIs8o3IGmSLqB4mi6ziLZkA5YyAI+tdrzkd +mr5J6OTNj6jprd+QDpscG52D0I62M1BMO0Qxkq+3qectiEYD/Jdz9UrUrpOgMMzJkCy2d8pU +JGZahx4HQw53ymE0rBILvO2OCWfvdYxLVdxSCAJ2SSCeP4kBHAQSAQIABgUCSGGm4gAKCRBB +C4Kjaikikb19B/9+2bbYFLeom/dqEd8iIcfbBNnxevRXn/4VKJ9zyPfymc6yb29NPxPfm+0k +ENgwaVuAuzHr6Qv8yWHAHrr889MUSSnyobi6WIklRIXV0UslLaaUpMp5Szq6nryCdxFzUIRY +z8vKspHD9AyYZgYSQa/YQ/Nm+Nc5fdw5eW3ubtzUpfrBeDTzXXOIfMudC5IusHroJI+9pO0a +vG065fbavuNYKhjyzO+sCAkRizyndRbvwUPBMD04Lq4na8UVRsQrAdwm1WvDbSGT9iYEPiDx +zuN70j3OxczXxZ53TPg4QxA12y9WTE33dIoUVyh9FDKcmKj5lrw4sHSubUhVISQIGMb/iQEc +BBIBAgAGBQJJRmWxAAoJEMVZKsuAx9ZHLqMH/R5rGX5zAl8UgACVQ8yQnlHcA0xC+3BNA8Lb +tfYy8Yn2Vpv33RjL5b5DMHRwoe1EXzHSgakTNysogP5N8Vi3W4n0LTItFBKEYuWHozcmWO41 +6gVY4+QVqHVGKewz8IH0SzolBqQyWKyJpASA0P8McGgf+I5D7VKtnkJkiiwf50/jk42gzqK/ +cnvvUS9mub2C1NqeBNZEVpDIUKlA2y5ITBAgPsXnlQXaRDlC1E+UEVekLm4oCMMWi8C+qGoi +npOcpSIV30VUqiCRBK+WgRJ5r11rFyI2plZ2g0RKjIzHCq5KqsLovXlKb9wGsU6S4VmlgHbO ++gZcM4Wmw1OfvSHTV/aJARwEEgECAAYFAksoxykACgkQAPADH9zusCt0iggA3Aef/A77Qyio +mU4VoTxRx+JCEU+A3njhP47NUtOoH4aSz/CHxxLBapBulFl+chH+pXHpkWugmbbLsBFoksxL +VumYrRHCDkRhr7hRW7lzIucomAcv5hgVim+wgyZbgrbbEzspPZ+wY2EGsnelPaEt7j6NJJWg +YXeUPV2b0eDf7oWN4eaIJVQ5pED3L3td89ACIY1fK6FWwI3KQOugZR8EG1CHZ/GGM4cpDCL1 +GrG5CX5J3LmIAf4uoVFkwJzVDVNaoTIlNnlxZaOxFzzHvkaJQw20zSg47xThTfRlx2xo5Rs+ +B2/Zctcjt8er7Aos/9jDcxxapAQij7dAx9nnWHxT1YkBHAQSAQIABgUCTMqF5QAKCRB8lMCh +SyAdG+UAB/4pIjzl4sWTq+h4LDvQ74nTryJ9MEtuxtvHCKtw1IT2mBn4YLNGcGV9z8KT5XVp +fcs8Z5E/+ti+Q7aVXrGCPO5zp9Dy73/qrHSQK1jklSC6eRJtzSi4FdTxYZdKn3qE5MTXWd8k +I8YQghFdqufTfHrC2nUMitEie7j/JZzgsRAG+uLNEZiB4WtfZHMQb8Kz8orcEGhPtCeAFeTx +eVxTl8C8XqYst57+MCiVQOKPq1OzgicwICzkXfVj8A+6wqWHBiMeHErhEk0VurzovofNUmrD +N1pgg6ZUqhYQ/zE5wU6iiXeYYDLue54dlYB0J0nV+pGBpu2L5bYYh5I5vmXGYBVFiQEcBBIB +AgAGBQJNF3iVAAoJEJTpLfkqqlw7YFEIAIZCe9wquqtRDQGnfdXtBOuE3WbSdOX8z7YCysAV +bdhVTLPttgDiLVU5vFlnSmStzs76JnvSTlTy5EoOntFGO9TzXraGbMVdz6HajCtOungD3mTH +gAqPbc1Z5uxOtsDD33U+C5Od2llF/WQnW74t7ez2P4B35FZ3PJPcCFCh3e92z0vYMC/ZVyC8 +JEnlmodxJ66/nv2gahsFlOWaeLYbhMybrPuGJ1FgvXeKFqt8hJWt0hIqS61ue9c5OQpqtxh7 +re6a4reDvusz1FDccJPMS9N+faS1SrlasVyMwaNLeY2zE9Kz40mgCnvtT95NGOCJ+2m3Jrso +G3EAsunH9QzDCraJARwEEgECAAYFAk9fmjcACgkQzCM1XGLipjIxowgAlRKn/tO+kyHdJE+D +YoTP/VEo8Kzd8h3vLZwIQYzXja2JOT5BrIOLUinSBwPVGrUHQvFNL7swXac6hph3Xhv39kTl ++JNaZ7D/aZnio8jFm47jD2Yhp0vy1Tg/1xmwgCaE7V2A45CtIKX8Wu1OrNmSiRy6EDf03KS/ +P4iAh7TA4mIDhAxwVf/I98RQ9l9zguXS1HEBDQG2iq4bOdxJ2BTfW6eCl9pvLTG0XqEcERlh +xCTJRUIyMyUAOGklihziQ/KEAsRg105A25zlN6YZRHSr/cNCRT9tIsbBapbCLJijXC2fyu6S +XQBvPR5Yy1AH2aHovr0xXMbPCmJePaD6prmhZ4kBHAQSAQIABgUCT/IOWwAKCRAGxCqhKOqQ +3dZ4B/sEn9tCdML6B9qfzI/rcolsS3DpUwdUxnDnFaCQn7QDx59h+K41r4DiGq6cLDZWE00N +sNWVlvJEV78NGXN9TYBZv+JdhcWTWjBUeJOs+m+XOTJMlr/ogY1tB2lV4zKr5jV9ZCv3zGcJ +7TDRCybQbwhI2QAYEHbKOboCUQ+6i2xL4uuUc4Bpw/DshtyjApjX/QxnJgui0ReH+wqjc50z +9HkF0T6SqoSC0ihf2DBQnBzvJei/nHpPe6rOoFICoihDizN2rlq3uHx8NMHDVzpakY9Naiq+ +eryWBP9hWPmBTvVm6n9BFTTgMonJ4BuLk+RGySThsnl+ttvH6ydDjLniscg6iQEcBBIBAgAG +BQJP8g5yAAoJEK5F6wLdrDl7vjAIAIpjbcnbZoe8fVW32l8q1ezbVH4EpNS0WEEJsJkgDdvI +nbTf9O+BkXQ29iZwhqqsHe+mPPm1pj9y2X+gG7CRNc5W6nua29yofMe3fdlPCUqdA25DAt5x +z4j6CXGP/vc3toljfsbBTjt/8TvVkEWS+Q2klP4s/3Y8Vxcnb0zAnGsDbu5hZst4y0JXnH2A +KXGVlz0yvW98/gVyDDGtyABwsGzYNGSRHHfNoKFT0hI7Y+Et577k1EFQpHskgLodLg3geZ8W +Xn2UAaSUNQdp8H3ETs20Tji3Fi230cLaaNoaYWFD9vQlfmGy5S7oisT2OYUeM/d0++9I1/0U +38lv4uuk83WJARwEEgECAAYFAk/+tzsACgkQw5qVypVWCZWJywf/YJH69HEEezPIUrdI+Muu +Tz/uvtuHWCnMT+PIAUjPfn36Bs+oiMJbBWKpuE8xb+EnNWQ+xKcs6cEfQly2643eHmDjAQi4 +9erQMZVXSGZKERyG8sKIA3AlpiJip6GH09rifGlXlounpjrPbOXaxRmagqBWfT3aZcNFQxez +n4E0h6RfBu1XT9QvrW0fFyrTU+iIkwu9bVGHtROd5RQvM9+qaM0CxEormttR2GWoaZF91zQf +7g4MIFNnweGUzE+uBANS1nVgGMSxpdM6HczfkV6TlESV8K1d2UpJrg3dc4Rowsxdgtuj4KbI +E1mnL+ZVs6JCkeZZcopobCukvDep41EQS4kBHAQSAQIABgUCUARFUQAKCRBWGhaUk6V+h3ht +CAC5guYsHZ9tKilTiSUMIAoJwnsvXCr7cysRxpf5A0B3WKlEXK3A8lmF8oZmfSpLz/58AzRN +7flqWqMijbpwDuKD8ljNyh+tqd13IWQ+EWQsCqU0vfxVKs1xG49Eg4clckfLhwO/57/FcOPE +8NeVaYJGLwHSer3qAm5DMqfFSlT4/19EyKXLwN8Qo0Z7/IcPS4pGDywFJxWfAsVKkbWvceR5 +V5QwCFjGRwfLiQEh0y/MB4tiz/Z1cykRtXfMq1A791ChWFtGHDYBXrv2TqNzpRz91nMLp397 +ShuPEwjTfnsFoM8DrOv3o34mRlG435nak4BxlpQfldVXDRtRmnGNrXceiQEcBBIBAgAGBQJQ +MfKgAAoJEAkoCB3/VtEu4CMH/3IPCXWiUBPXP2aF2RONuv6CfxWwazs4IcoZgeKWLIaftXwH +kYPo6hNny3Z2EGrIbckqUSOpzVQCB3+Eypyc8Bb87fYY49CxgS+bpopHKhJPwTR4JK4Hga3f +dqzAeeCDTzaGfhxoapCHE8TBimsF2WU2g2b01jQLlfEw4f4MjyEIHUJOftczR/cNkCQQ/Pim +mopIzEtsc0etNilz4KDNzP6momD6cO5eu3junMq9PHpi+o5wMw1BCLxLVtFynQtVHkgYJDP4 +bTE5WLblgwucNVuRe3P8SnZVANjnIcHqjErd/1iKLv1Q76+L0fOhcYeKTO1kdqXnhdKg2B9D +v0OEHmeJARwEEgECAAYFAlDO2okACgkQp1iYJApv/9IXAAgAho8JlyQNnPdVRJ/4P9JQD3Kc +3RVfuRBF1IHJ0BQMq1/K1Fi+lqqw52V4fGywSTb33WKPa5lLOxNOPn1Lm+AxGD3AV+sK3aIB +VPARvwBdTZeZGCbyPu3n54ZKnIHJne51GzkXpJ91xpP4aXaA02aY0cplbL+Ff+RYFcWmo8ne +Sue4AzYzOOxZajDAOpJQNp87rEFtg0RLPT2G+MUM5AyPAMorstMe1sUAcYDXWsCHGcvg4kTn +TkeHpELSz8QnXoX8LJH515gzScc0uP+lZnJslwdRrn14kt7nc0YyrpkJkRujFLd3bJNShOnQ +06HXePcH6BlzawJ5wdWuWqbRvfNOiIkBHAQSAQIABgUCUWAQzgAKCRA1HskUIDE+xgBwB/9Z +dO7mu9X0MAu6C4uonG4Tg2y7fORhZ9nyDjjD3RIR02lK8+guwQQ1it34Clw9XnerrUwbKDLp +MezHmnuyjnxgKB9zn3tcv5QQaRZ5hlKdpGGIXVzKkf+MvARLkS0PCVxVb+NZvddh+0cnMoEh +PKTVC7RfORSETS8Ip8VVwcwvsI9bjCa4FamfFrDfUxo6itehAr6k890nPl3s12EhLlCyauqU +gmpTC11XyG1jWoFQD/4xTj8oz8DCR7REGPeDSSAVKsrhIRJ1ECOlVRrU52kSHKrdOeoGfw5o ++w4lXFvzCB1cGBi5x4XlWyw+xW+/ss5DpN8r6bgzEehoNQi7/lw6iQEcBBIBAgAGBQJSEuCd +AAoJEH2x+T5dv3XiRF0H/2OkFvAv9/MCw2D0E0eDDUSbL8BAB4vRbhLXQf+RRMrnaXTfrMZX +AF2ZzlXv1BFOmO4VMoYdh3qqkukUdcvjhIoAk+p9JPIflKFKPnS2AxGHtoLUJP6VAEscgLQH +Avh9nimmK+FOkP2jD9d1VeWKB6BgW6Q9UTLWhfvEsRE+M1YPgdA2JZawbsy0VXzwVxmxHcHV +0RqtAlTRBk6okQ9FKZitQg+WB34T5L8vK/ImZ3fBdym9cSKv7vMbbYgQpp4KhH96GHOPeFTg +c5NUQrDvlj4TbTho/1c++7oTZKMNdLqU5FZ2xTonNyBtYlGru44O6xlWywcKzbEeWcuK+TQf +30WJARwEEwECAAYFAkNpHyYACgkQm/9Hnubf1fkv8wf/TbbKbDisvlM+q9rHoKGs3dSKkZ8G +7mr44kN1RVU3RKPXem1XtAu8QpVf3bgXthaRyhAErzaRoJDo+HctfTDzmv6QU/pr+lzbnwfr +35DjvAfvLv0t088IY9LhEHwscJ5YyKKDcqFYjnDeOvCYQi9eXXORPTfDjJjashKHj1DRmBPD +la4On3eo0bH9PWBOF69aIKVXRbPzXvH25Vi4eD+kI0zypIoheC391U/Be4HKTdUd14Xxhtb8 +3UMlLvDRAlENl3tVUsXiEjYWCygmqK9WX7aMpvy5sgBFtAaTr6M0qqYohtCThSmSLPPVk8AF +hjGawkc1wMSp9yFL5BFdtaQSQ4kBHAQTAQIABgUCRWgXVAAKCRDhpJ3uk4CaFYn1B/49kAMX +CWebXcqwwk38omI4li6BUMEBtXN+CfV9I+kF7Mf/syaNHHghGKmcbgmWNToI2NHpCZx1lYpg +kOk+48fHbWyhXNWVVQ4tGHE+jq51fH2TBZmlAzqu24uwMMYQlB/M3+M4g5Yamvpkx59/8wEz +OACAXCvsKAQzsHoyqUGtXvzGVe1UPGp+llhlF2b7qkpy5piqFbkdcssRkizTvYaI5aC13Z1c +we4mAYNcbNzDowxY8Qh4MZcnDkD9NFCtaQkxAe6+bdE3t4hCpJCSn6NLkNgaUQLJTR85GUhI +4eEgEQe9mUUIb+lRClood6YhoAkk393Gab1Gdyb90bmoaGlsiQEcBBMBAgAGBQJLkSy7AAoJ +EPLMJTZMSF1G1NYIAI3fyBRrDLUHg9R2aMXgIAdX3TovbCM7VdpPoCdM23zRoj612mhESL7S +4pLIY8d9z21SmlwLhtrE9v8cCkZ/1tYgG8QJk2zKmjVj+XHQF1Lo1WXAHwtHl53cxRRhQV2f +9nsH7tPs7+6zsMpRD15Kgm63CP1pDqqM60YIEVl8iApECBcfJKvzZ/bq0K7ejkenAGbKxCTp +AB0KUnZU2wquUczg79UR6o6yvZQwJ+X9X7bKXJm2ZxhOuq/yvCZ6FjAhQDPrtVW+qv/WOliq +whdbTTxRCYybs4iwUF42RSqTsKRDPxM3QnkZLreEVaw5m+n723JoBlLuGCL88QeaZXhle22J +ARwEEwECAAYFAkv628oACgkQd8cFRABP0MxuXAf/fVsPITu7CF6AzHvn6bDdL0dgWKAOjYly +OwtJG3+nNaPB3YSvHQUkddh7EwyumF5kigObH5HWEwvfbYCsvtoMafCi87dy/KksKyse9aj8 +GML7L5R/mQR4geLdzTFJGi0KJfiyMOEm03+iwjg142YBLwHlP0NKhVakgLZ8fJGXWAK3TlIL +ht+i81quXmlwQn9x3BCnn1UDwasMHbT2TIzvHSvXtRNsBzu5V+lugdiwi2wdNByfPWdAocAu +ESAWYlwg+ePF3rMG3p7TlGldPP/kkps8iL8GVUlCnstEuScIRU5W/vS0I3P5UDs8X7PgsUAO +2ABjbGWcgrGrbzkikGyvwIkBHAQTAQIABgUCTD3UiwAKCRAwQjNvkc7CrsVdCAC5t7TQV4Pj +HKRXGj5NCbIK6mShyLjxBboGnbjXRdd91SSvFt7uR2CeDR/9vlnZ0viBJCyFFIWoVZCqpr/1 +IiDJkTaxhwFnQt9rFqEk6xzJy5oH0DG6iWeH+TEgJ/zqVvv/HgXW+tzWQ3ZhFMq4ste5TNZd +XwDYyOZ9F+CCqOxSR2A0OfEx+UQ8X3eMy7M47C7lRezZ+vWhlJJgGk2I/NPXnRP2tj6xZb99 +VDQRJoIe+QWri1aNiaTL9GHT59W33hOkxI2F9mN+6dU1e9MP9zr2akDCj7BUUrC7c24LtOpm +6xLAleezXe4xGVXtIXCJ8KMLlpmT0WYiVVLBR0rsUJtLiQEcBBMBAgAGBQJMwdIkAAoJEL3B +aIjmLPfN8xMH/jhp37r0pHdOdzUCWt6lV8QzStKHaY+4xb8x2/Bli248n0DhQJ7qdF2mTmdW +VO3H+b7iHNpJ4IekOdDevHo6vnPjy+L9yLYAFHoXwoG/x0u1tpiUP2K0WH1znPTkFAPuMGGM +L/iu5lDckpKWQDHqQE6s3jhIrTMaf2n1lzKaldUukbYOj9whc5YPJ/2LxFf9LhXlKLqWYEUX +Gr78xjBBNaDcaMqE5WLbmJ8RTdCzsWEfvShwyHvZiKVlMICxm/4gfUGE74stKg6xR/7uI+o3 +sdZx4GSIrAQwEJx6nWJGxXAqkHt4Fzf6ZdIG3SpbY44QHIFtSf1aTsjx9qrbwpQARmSJARwE +EwECAAYFAkzB0i4ACgkQAHqTKeFqiCUbZgf/RP5s6lcE0V+zRx1bQCpkUcz9yBVpym/P3c8X +GT4vc4IkOr835YCJA2naltvUv84oSw9MeB40pdubMd6RgfvF2IrA6UL3M6GrhOTRzbdBaKMZ +SMzxTZC9ruP2Qf0Bk7K0Y5hLxe+1ie7pZMNXPnglb7LCl/xfZNpU+FTqgCoxVz+N0dUZiswu +BIr3hcUr5vIe32IMOwY6bW/wpPYikywcY1fUpHcSU4sqfEy6zMUwzqXBiNRGwyYJdkT25Mvg +mVLJmBVA502VisWuwiYy12cmDs11zXXKBWbEPswyBHAz39MZRiItiEW7mjsGYhv6B7A4z1wq +ptcxEKK+0GeEb2+RhIkBHAQTAQIABgUCTRf/FAAKCRCSPPtEotKT0Ws7B/9xvLqx2l3fNMLb +yvq0NXaMV36W+vhgLvHpjwdOsPVHCF7iX360s+fwc2PxitAGyuuw1eAtyvSFSOdx4o+fEdDC +OnnkEGnLwvOz6ugH8ffOx12b+3eVp2aUGeP6v/L2AE12FO5nt+1YMcoyKQnfhIABB2EMhiPm +65NTDOKL9HAAGpL/tUARxoVHOrUMFFGunLHpTwVZCrEU0NTtqF15/jGZf3wROl5/JesSS9I2 +ehHoZlF4H9KQRAFfAltA4RsExWemtJGdmst3Mt67nV/MQMgQkxnzuu9RVVyFVrXtUv/K45jt +4lwY97SsPIMRizl0vOy7VrlqJuKaZLx87+JYaxpPiQEcBBMBAgAGBQJNJnoGAAoJEPx9Wmqv +65+WaJ0H/0mPFzKF8BhXv1ZGbIdukJQFlvVDJtYYBldXeRcp69WBYy211OnBVQoh4UNdbFig +sO1cW3Csk1s0KSBXIFdBhyIibrghjWmzSghrq7QmUA2Jdr86TgrqsuAMqtUp7D8PB24kOQCZ +xq8i/v0SfEYAukyQjYU53lBYe3lq1zF7vVfV/XXjzXiDNyuFsjQ4JWBe7NfQtHucvZ6pl2M/ +8s9jBFmq6IMGPyqf9h8i+RaU6zeyfxebDCuKxGQSanJ9BdQxlUa+Y04+7T8Cbjlx13b7jJtI +xgvQz6H9pGRU7FtKFqtQY+GuVGzx1KEJXX+QV0yoCFWlJmzhv28MYli4maYTZ/eJARwEEwEC +AAYFAk1zjskACgkQ/atkx/V6NLKt3gf/S+snl3aY2qIngCN3XhbUbIesoB8Idyq9KxwXmBvi +MXqYDOMy7I4oSQDNwGgXkThQfkkOlnVPKPMSJTY/+6NvyOoDewg9GMdMxQ5va0GTlUxqt/yQ +bJ/Nm8WvYhE6OEV62yHka5857uI4KGAtKrm4BZpij9HRPr8V9kty+RPDtuhqtYN1Ai+BitHD +Rshes5NXLUsTG93VA0pKV6fkwdhbScyLIm6W2Iu5s1jXuv8EU8geVlK1jVD75xU/LNn3nMwR +FPOx7iKAiXFOurOA49WTmO9V7fhGvHeRjzBUbABuqRrY7pSxORaQOCAcGlTP+7sxb5UujAHb +LBBX6qpEI4j2eIkBHAQTAQIABgUCTXOO/QAKCRBmbopdk3T5c9+jB/9J92uSVfoXTxr4tKLh +fuLRBhJWM1KUqrrZvrjtptu+z5XQmN7etDOh7Dpmu3teJjthXfRxF8LMUjtGYhzmNVGmKsPn ++tbSkG6CIEPJwrkVTzTOqLW/ltMadD/CF8G4JBEMJNqA6Jfpw6wqX+20xY+jbuLCXWTBn6eV +e0iMPMj7IUbpa9mz+wc58r3sCG1IaC/4e9A0qdHVoxz5O8vtYsoF1zn4XjcoxjYBgGaqclV3 +Kq43MoRsbkTIXyfftwaCFrilWal7hbrxI16njTmWJ46MGfN7mEny7a+jEckNhpSgjtd8XzlL +L3Pmiiha+lrCR08/WxnwW6X5VP+I4ZfEoGNYiQEcBBMBAgAGBQJNc48mAAoJEJiXBqY+3rVz +C8UH/jkwpv4XjraLbFvfMRvLi+iPASeApTVjBGqD1YQDb8DT6ho5MJyIAgl/vKhsRWGKS0V/ +pxBhSbzLF8UZRx5zfACGRT+srk5NFLvkyvdXAh+70AQe345dtWI2r65chsjevbUWhWknJC6s +yUFvzRvXfiuOra9AyJFqUdHtipwEKhZ2T7/B1Ph51qqbQiQGdEbQPYsHiAYMdZkuNnN7Ufdr +/UO1hnpQxXtqFbhROXMf7TKAu9F5l8WA4RkxaPx7Vy/L+F2e8l/5JIhsQcbmsIJhpQOEu1NY +37w7i+26Xs/8c/Sz3zbRSk7tajOrEPMRpxCBSAd7cTQzZYBqP+UKFeTSihqJARwEEwECAAYF +Ak1zj0sACgkQX7EGuoKs4Nw/Qwf/d5wINyTEShrx2ZfmXc/3H1Ahqy7nRFruODU986g+Jpu0 +8GbUdui2qf7ZXq2wMGTdkziLdTfBitM1rmEfLASRX06RxaeUaQKWSv2Xca5ObcdEx6oFqkD6 +K8HoB31ej+HouHQLfRmpqLS7p8kdBO4b9Rb7OIYpGk/q3980ruPdjvftztRSSDYjzgfwB39x +VK2ccK53brNu2gxwkznsrs7TZloGp1OYX3IcSJmsX2Fo7iN6b9YU5wjSlda/Sli8RfuEUb21 +AYgqy1fGYHXE1u1Xy4jAYpm5CzvGzNnv31rBccgVRhf9BVJr8Tm7yjupOGnisDi1CyIKSOWk +Hf5B2vec7YkBHAQTAQIABgUCTXOPgAAKCRBU13SafYdHawM5B/9DzXxKogJvy3+fmq9MW0H6 +W+P7y/X07iCgcq2FBCMnnYANHPy4CAWds1bOW5Un2oNJgAi82P/iYkUIo+UYqSIWIyEy8Vyv +kA6Pnvu6eNekNAKfxkjJEfqqXOWknr7ALJWPmpdHJR9alln4CQF6jivua8csVVpZ7G5lCRda +7rdXDhLNvOSV7jxS8TJIrwm6o9lru+2y4VMzRHCaiqh+hluLUCh/1JF6hRLi3jUxidkA+7pE +WM7dxXoh4n6pO8KYjQibwP+V+6E4dKFb68nWCubrgyCJNFzFpJqHeTwCgFb7n5Tf+kIJpQGu +UARI8U0VHffIbICPBGx+9CAwG3dHOIULiQEcBBMBAgAGBQJNe3U/AAoJEAwylwsdBIl3QrgI +AJA4u3jBZXyy4KnfejjmRKXx08f3iNMzB39UGNN9vGfl4kWNkq2i5I68YEpHX6ar7P6VrEi2 +D0ZuDbpQA6tqJ/1OT0N8R76eAruxkowkBOa3dQL54oraHY1Ax4hcXczL0wMO+TsP7UL/4JcP +Z+9tK5CEP+IYL8VKXP/+6CjusNyB/1GBzkQKEe6Q8Va+oe88IJkhbuAc/D/boTwyKbtUOwxo +YsZOqcgPMYSiAWTKofiCLO5Z8UmfTstcL5K4GKltE8WyRaP1JJdznhTR0VTHIZlG7/4F0P3q +2C/gw/n5vYG4Cmu68a0L4EVbOJDT1o+6v1d00liJt6fqMD1Z+u53H9WJARwEEwECAAYFAk2N +hGcACgkQQrtOAXstlLnN7Af+KaUduaYv6dSHzIQnqTstP+VxanSIg53qbutuqDYi0emGEpqX +d5BHuvrv3Bb5f8u+XTjOvR4IS89dsQ2Eotx9sBV5hAYj9UUpsxl4ISHExOhzrW8i5cGnh0/X +GZzGPc+lkpdtUiOvruA/ghBZEHSAxZAdmCOu8V+ueLGv/aCnKDpw+qGjIjC6dHc5W0igH9yA +EL+QVcbGW0Yaki3wnODm8uoA5UpvPO24hoVojths3n4b6Z5Lfx9XFLs9Gvky7sR7Vvduv9CY +vkcEU3m6TQjtgmQKY+YfMdb5Nb2W9pF+KVpe50QCqvXBzb9mxSyvdQVgNdC9HxEcrT45ioxt +HpH3uIkBHAQTAQIABgUCTcNQHQAKCRApd77BrG1Nun7eCACvs8MBf0gJ3BxlRo7Yij0dO4jn +tvGM7FzerTaw3MvUVz5zQkJbk0YA+3SXEGMsOquQMgbua/RffoJ0002Pn5CYLtnSk7N9wzeD +gPYZoICkLdOB/ji8pV7qItXf+hCwDwYbaNA2myn0D+gDk3u760K8HYBOtO1aLQ7jEHYeQJA6 +d2nbwYt5WDpWSeEzDo+Fcte9B8CsowEN/xCOPpuIGOg++Yk0dcy75tKR8g6PlYQ2Kf9LKJan +REbckRLaFYB3kzvnZSLcRt+92LQ8rHesQltsiya8RR+E56ZsqCbTFeGfxP/iOtwGJYHKnVlU +b7oqcI2Rjjl5KPAcJ4jmdR21Tv0ziQEcBBMBAgAGBQJN0V3PAAoJEMN8gF0WSwUsrSEH/RRQ +87uTN9SIhmgpj+0jXOYLt54eDFZMWD9wkuvoqQpePhPFcADZdv34gQJICwWN3T244Lz4RuA6 +y6Vr+VUBGj71XuVhfevAzyAMIRVLB9JhO+8fuyPTxGDioT1K+KcLyhK8+bwl2x/jMfwW8mPV +aI+4gT68LWus5tJ2SpYj6W/xA9FDDs/9jwT2QOiM/77kvCoTc48Fk9dFkdmU63rImEazV604 +b7He5oGko2idB3xwCH6A+IGdzS0jhYZSs288khDZ3sdyCHTJEIJRqPTMaZCaIiDD7QhG3F1+ +bOKcMJczB5Pl8hinJHOGZtTNkL/EFCRvKxc1qA2+owqnxH6wy5WJARwEEwECAAYFAk3oLuQA +CgkQYfMUo3LH+FW4Ogf9FPxmKiEswQ9dQgjga4ECnFwCzyGkYd6v5gCum17uzYpygYRfXi3B +fgdEOyWc5UdU0m34JXJPSzra0/iATviuZ51uwcaUNDfbnqxBnCuZ6b5nU16Ija1PLFzACJPN +tLvJFyg1PPJXa/sW3uQmJAgAbx/o4EZIcupEjj9T0MB6KgUOjI7Ah5dklUSrl3LYlfOlgn+M +aH5MGH7fQW9fTCHYuvmuVz4YTUji5uIIvGckrAcikR1eob/8D1bUb4uJMc6B6+Vkhisamahd +glEH1g7iZQpWHn0Z7C5HTYuFuzBoMyHr1h0tZKgsFR0VGJq3knupu5w5dC5WJxvvQ3EPdURt +KIkBHAQTAQIABgUCTkREjAAKCRAeZ8FK8Z0evU7vCACmy7bDWzJF3P3ZhkI1XNl1JEEttUBv +hpr/DxiTxoPQ7t/YDaz/4yL2/+wiUblreAwkK0MbCEyx0RMWMbqHX3wDxudiMYD9rPBwt5Ze +EmnPcMTYU7Bw/zv/E0NEkt4CCjgbr3RbAxX9zopurLPe+Wd8D6mF5iiZT887F9HZjYsApdiG +cFZY6T3XtLWHosVhyrpKSdnZZ0O8ZbVy8XyQEtXvmY45CSw3nhsI4TBLTdJ/yu74SQ67D/Gm +1aa+mzS95DJYMDpH878nr+VCiljTV/lnTXlw6E+Rw5DKCNpsc1viQpWYP/jSz2gJHcLkr5Ca +8h62Ap5oLpv3MHcp+O0cwzHxiQEcBBMBAgAGBQJOcOYNAAoJEPlzTqmNLDx+CMYIAKpQTPq8 +0BOuX/MBx+dCcsX0KOmEP/2EIha8Zd2gEJDm3AlXJThIp1qVl7wqLKjyY2vNVVOKrOlO7TRz +vWU5aagywmkum3vI072+GL+Rz8Q4QQqbLHKaBn0K10ByVZ8y8yIHwMWZsMwhAp9R3QkV6H9V +8sLI5d2XeVmpYFtJb2eY9O+/kyQ9leDmTJox33MyxqMGJqO9/jTeh3qAjgGSGtSBrBsS47qC +HmYgrjYMXyv7AP9YhnX05m7Pwet4cmH7dnOfnkIcfu+7y6J4CbMtVyIHjC8RDlfWrISW03Sn +kvdo07VWbDTp/v1MbMpR1lILDfZ9PUJksrilqzAgFJMWFCSJARwEEwECAAYFAk6FMVAACgkQ +wJTtyMVbRJP2MggAvI+c81HZOu6zbP7ak89SF83HXBRtBSpNEFd1OHwmIV97ejPIvJvv7X6R +t6KpS/l0ay/7Ii5p3BBGuqnZ8xNXOGff4IZ1sDAiQ8JEisD1avJzC1kfPUR0E5RAdIDtxq1R +S46UfFUNpxLPKa2di9jQRS7NC4az8wyxEPS6E0t7FTeh48bdnTqOHvMRIRHeeWeV0QQGCVwR +5v+OotI5emO2GGp9jc7O0p047ZwiDANQL4fHs4OIM0CCQjA4CSQAmiH4L38FdzAL/tnYseJD +vdTSXQY9INIVzBcH2VxHtkV3r6mzFf0XcOfYBqYL99Ne46GuEat0nB7XpfNdrNQ2U9HZwYkB +HAQTAQIABgUCTvRSVAAKCRDjE+87fLYx8LcfB/9lJZieEuVFdHJKfUyxlIjX0s8u3OMcU2YI +ibWTLmdqf6CA2rAP7n/vYM7RbV9SM1zRQGlssJeYAuYrp55j6LerLdsd1NAYxmVwAi1NhmJT +Wm8kjZwdlDeJ8xjtHjwb28XO7mwADdh+3IznEoVgk6qruyaOSQ8xhGNliU5F7yPc2esrLgoo +dkYqpEr8jsJYKFaUaXsQHK7sfxQ49sIz0ii95g2o280GgXl30vtUSF4HobKMouG9h4Uc2ZYh +WekXENkYhEnrJYqZBZwDk+gXC9pyOvDFNFGjoJrfl3t33pPFTspUmoc3k2x2pdkrhYpKqUB6 +FmqN3UvpyFXtz+M0mlM8iQEcBBMBAgAGBQJQMEUMAAoJEPyYJ6tXZenp3cYIALeiBWtFEfJb +x+qWmegGPN8N2ULKmP1J09SdK7wiTxFL4LhAAHGqrfeN8+L8gNDnOw+P0QYvWIjXCjEuKyyq +MPkFwHj0vxvKf093VpahPV2TMudZvrqKe8dzJULLkeXt88veVpC7DyPVdLvjuupZArOTO7iL +/ziLu7pUCvxc9VmMNQlabslSn5XehoMfFv86SWxCauqTNtttchquQILlS9r31dVbhQi1pPJC +CjyZqowYz7hJcw6eaFo6T06NwZl0GorkBFOAcL//gVNAfGj/W+nw3MUMOwfR0Fh7S9M7UTQn +sPx8B1YQ+aTGw9AdWU7/UG4bz16HoU+tEiBzrngDujWJARwEEwECAAYFAlBRECoACgkQc1hc +LOM1Gs1mJwf8D0S6ck2NwGq+FFEmSIzJcfCB8avEbMfrpu+hcH2A10VL8prIUH5EgkZUI0kY +MRNQ9y5dVCSnZB6pRR1EjElnNO8fx3Ig9e0SjLa9R7b18eCa1UQT2ppRV30rd9z7MUHzDPhn +llkLCLLJOqloPCjAzP/1R4yqbA/gFUEabcyxfP4vqO47fZGA+4/J1D6edu61ODJFRIulH4/K +ly2r424KGqYyAl7T7bZX78qgf3nCwHuz8dXOZWRrwvibnju9YvmzEnjMNlUG/9CvdTzzAjmv +6xzK4YnBTYnsoRKEDpRp7mdpmmyXwWVPRoG2Mp3YG53M8HIhp7TWaTVLTUSNR7J5lokBHAQT +AQIABgUCUHgNkgAKCRC/2kAUTWCWc1SrB/sH7O94KFOXZqjlktE0ERQi4izwP5kF9EBWVLZ5 +hVyeNIcI2oldf4jfX2VjYLt9l9FhkuRJGdM7sPvIF2Ye3pLuMoSHpPYGvXMIOyj19YtdyMAT +/OrjfxSCNxjROVycLU8mhPP3a42VA57APaQ4y3qob7ZUpi23WnTbNv7vfI8/wJ9aOwiZimmr +5wtvWZfDGcJrqnm4rtFHKP9vnejIAGlJaiGIqwQRa7EYVnmUq1BJjlnRZx9nmvmp6UyaT758 +41EZD0ZjTT3Y5hq1uwtqeLnXHPIoXu5AszTWtazIsYZZfaKH1yHrZmOmnm9DpEexzJAfXdNk +xKKDMhLj0UrJ71G3iQEcBBMBAgAGBQJQ1AFHAAoJEJMW1dpgiyj07x8H/RPmYZgeryvbzVjr +9sK17aj4GYKZKqfQQO8p6z8NqdY6+lna83CPVkeznBcE3qHsJKz/aThzip1yynCMa7VF5GWl +6SQIis2izkI/iZUhkmMLAWwIwD0Dwgico+inJ/d+CE5JFXuARzZFot0ZTipbCbpGYTbrGUm/ +k3ABssH1RMSlm1EfqS5UsOP+8l1m5T/6qmabKS7B6oe8cfSi8IJ31vocpVWWUExw1vqV7Pe3 +GSoYuGAeXBo9HZMQaNeidL2ybpv6JD/A2pCu2vuGoWKzYHAyEfOkyn0oUr97EcbdM3CedjCd +FcFZZl5t06M1nGwN/2lcOILj1p7f0DGz7zRaKj6JARwEEwECAAYFAlEL0CkACgkQ3wAxD2Vv +y3/TQQf9EOSlpbunRD7Urx3y5cPJT8YLIurb1bLIKJG4ZMYasOLGKebPbQ2N3AqIV55vzFR1 +SPOK8M6ClCi6KLVkCm/Nd0TLSwGJZBbNV0mHbMMQRoAhOFvFonAJQWYpLJTQvzaJSsMI85wH +CvuQnYTIlbJNtLW2hUzH89SzvYLICKM5zUsn5/hq+W+fPyh4Ap+afZqGflSszn2h70ItLPPZ +8iwzysqN+7UyumUUNGrBmcII2T6bJLDQyrs3WdOpL+ONq6PCIlt2176fGgsGx4pdBI68Axss +DOgn4LNdhUQqPqJGiqj68gc4cnvrU2Kv2cXcwBTsmG1T97R1Y5UECPRWhAL3VYkBHAQTAQIA +BgUCUaruoAAKCRCJvSxwVhtTDNakB/9PpCdVjw9TFHopZ52TXCEeEzVnXIU3ebFa37YuN4aW +WOUmBKu3sYaQhnr5qQmWNuvH8mUhnZ562dcFpNr9ybJ7bJsUilx/ZLo//hhxcusBcRvbEPdK +wEjbJXrA/EgH3pjsnqazCL6qoxIm3GB4pFdVzHXA33SvtcItgv81BnkMmLoDngJ8YkOPrnP2 +wefwNU8WHFWm+slyBZ5FCKQKuLrxlBoafjcNC8hIv/R1B5aFazjbY4RwzIFiWS0ILx+e+Vzq +KHt95CKP1IODqupMmeEdVS2SkkbYIxuo6VQ9i0dZN78G3ECJr8T2xA/TpM4x95HMjMwMt+G+ +8i7WEokKT2LliQEcBBMBAgAGBQJRsJxsAAoJEANwtkGsTx9yv3wH/0p0Ajwc4oPeDlgTsLwq +zfn+mDNu/4yUWi4X6JaosRGjccSaFXuV7mE7nBO0d6HCn5z7c830ydo3jJUiqaXbzhYzzpSM +MvSF2zt3nElR7daT2OhVAKLO0bk9JQORBz4TUR0ykBHJaV2fATafzZLb5zj1/+YD71ae6mBz +bktZgfITj/8QK+G/pXnaq3BqjEYP17DC5l2RAjtD8HmMiEM/kTu1FlNOM69YnLpr7jW7Aztx +1uAJUlRGxx451DaWtq5aIuo00eMLhbbOwnA5ejw6AGbZel9NUbHDVQPcTdGNFBFMsR4Rioul +8pHcPQB7zntC8HKH0t0qRZthiy21jZqEBUSJARwEEwECAAYFAlHDltQACgkQh4mxm3K/L0oi +sgf/cqmASfW43kyltm3phw3ZZ7upz/I/S1/gnWYaUN+dUEBXf1P0KWe0aI/DFfByIKfW/arb +CEtGPx7Wp8F5tp4aDGM38ylGHdXdxIGgNZzvDHwC7ytZ2b/OoLqGcUW9v+knBHM4JWIno71l +7p4sjleyUEMRjwNPIuqDnIFoV3WJ60cjSqLpnk8Pd6KmmP9fr+AQqqJ9QQwgfcuMp/0FbMb/ +iKArFvuPPivYKlmIrHroSJULUe7+Iqojk8t2tAQiXjr/CxCIW0zwsEw5HrkOqui1LEB2M1CO +CyKS1MoX0wLG7Edm9Ey37yidgG1/cTIYrQ+zqAwUmV4BZqWy3Uu6vuA/CIkBHAQTAQIABgUC +UcOW7gAKCRDm5BTmntDSjsh+B/wJSj2R0Fhw6N3zlhJ//qBFVID48iamnFiIuLhu5taTEogp +CipTGW2me/dM9GU4+QF4PhdHw0L1wcNUaquK1EJ+m5plrrI1mQKlI9d+Ln6cvrIaOqIKFxBC +Ra5sXo09Nns0ksj015idiYvrgGg8QrT1Ac0lzDMD8zXCs7VIsUa/ocvYw2twc2f8752D+e/Q +OCmgooFANB5iYo94bXMDZ0OUqNdIe13fPZJ6jZN2NhmY4uWQ1SVlN3HS+01vEI/eIdT5MqTo +WoXjebCuY2yKQIu2XX78S9S9pKfyKzaXIBphh432s8dHkAm4auzvFpJ0AymV3q1PYG74pGPS +Qwe2GPYXiQEcBBMBAgAGBQJRw5f/AAoJEIiNBn+goRHea7UIAJS67gkI1dHBL0YvsJPa41i4 +D76h3NpJZ6LAUIQyw9toEZYg1IR1W89dAV6b29ARPz2ETTuhRDTOj85+0kvyS+ZsVkOG64Yl +aT1w6eE2syyUXg2xbxmUhIc46DhHLenJBbBtUcVljPoVK8TztdolrdjyCBrH4sBRVlvFsWzP +nfYf5wGiDY5UBr7lc7QdocRlImIDUHcWIa+0qY3dQTpNLOZdCCQcnMhnrrWxrBLfAHOTAB/u +tPI1RKFjRGtkgJFru8BUbqEBsb13Isvooup8VHuFON0JEnGNnerEmd40Rf8wpIRAP7INQ+Be +SCuGzgPah+XiBK7LTFyiatHe19k9zqKJARwEEwECAAYFAlHDmeQACgkQiI0Gf6ChEd4VnggA +0DOi8FQH8GYvBF4vfeO61QDl7yGTMe7APg+EmSyrR2WT6ftVwDIPkgMGnwa4h+hqpIHTT0sc +r0BHwy2s7h4eaCgHcn1uzbzS39GW57jDo2jW0TpSRnaUFVP7g7MxXeQAprwIwZmP1LKN0dDR +cKheJjL0/yW6h+0wCJzrZeScP8GtRDWBIMTXg7VcDQJEvIaSCynXzMbn+FXvxQ0mwGMq+0Eg +EkIX+ragCajQjACnvrI2AJnjin9RBnjiT2/TJ/hnaXBeNAcwDo9WIeDgeygBzTIAYQupUwi9 +oz3gM3++QVNQnvNEoP9vhY/zjXGLyxvynYAmWwzLmen2tF4nC6TwaYkBHAQTAQIABgUCUeoG +nAAKCRDYdi7Ot5Eef0wOB/9dBNC1y8eh0JsNPoVxPq7mzZKhFu0Var9L1BQIn6y1SXSLWVGY +zYns9aifQQJzHeV5jdMJs5a9BT/Mj8rIB+pB12ZkCnKBpqlqQLZ/6Rj5nplnyA/p3RKIHwLC +yXXdaHnaNuJyppfHx4NMkFrKZ9UL8wwggZ5m6FD1NgM3LSoRGtH8Pv8CVV0TpoZeZKSVvaf1 +t5dqZvlgWu6SPGoxZRRjUtQg8iUspkFhmaPj5MzI3yEjBPsEFfY1+QNEng6+TcfPlJBKuvs4 +xo8rsmiI3xo6G7W7zsJ+JLcxeARQzd/uyxY61w8AVqp0qrbYWxqWyY9ME87QT1lVqRPI6jnJ +EpDZiQEcBBMBAgAGBQJR6gl9AAoJEAShI4c+Vp2eWVAIAKIz/KVexp2Fhrg/MSv+BPEIbpOG +D8M9m6dcHRUXGaRPKbbfwEnCEiKVrpKb3v8uP7rBp2Az6fnzXa8PdnjE69F7NZKDEUA5HLfd +NfFNKMxxuT5FtmbeaqvHOv2W/ypX+g3VgegpSW4IFVIjEv0nltipiWjSj5r45Vazfxuu4krW +W8qCzQ9zTISymnlLcJyBoemnm9gmUm+OKOvV/fcrOdIL197efRLdVKSgPdShBfqYAhAPXgVw +tw2xRi1GsGftkFrulZ3oA52JHvPtOS3j5kjtVPUW0rrIiy5Cvp/LbZAu/hL+cnec5chBOUe+ +td9jO6GujbD5XD+I50KPoS7863eJARwEEwECAAYFAlHuiMIACgkQHEN/Yspl3pnDOggAmOr6 +/hwSnZ//TRwGSqlQe6tmw6VdymAlxRjxrfUKely33vaZy6f7/ppO1Pv7EhSswBU7616ChpOY +aghSRaHRrNdysRjZTyFdus9M3TPQHbBFEbf1Li0aIL+PLyS7UWxY21Aj7v9Hr8JXU/NJdfQJ +CpnAh6m/C9St2cZCRXVid6aUuRKsTPTE9ssvHVZTDHFDrPh7tK+fomb45k59oFDF+t5DAuck +qgbUMGdJGP+tzqM03Ceh4JZOnIEitcJ0/ebyVWrBSbChbWpv2SCFvBrKfgOF4LQGkoTRP6OS +VylYpiZC9arTj9FrSkvUkGZlIQdm7uY8YVwgwt38QiDwp8RfOokBHAQTAQIABgUCUhaUrwAK +CRDx4bM5bbNV+urYCADMMw445AmJDhgy1Ss+cRCbMMGsaj7ZwwMfkHK5yjqDri++5WtI4aK4 +vVsnk/FFlJkO778PwwO3Fk5AC/jban0M+yzzWz6L9sA57SkNS1HnYpvV3Vz7TqyYdB53dNq9 +1Qfj8/+35OYiChzB9BYfBO1hFdGhHSsx5GXls3Q/c2Jb79kYH1AdCzck54RPgiaShh0Zd2AA +iuWmS27sUz9hliVG10xgpZgaxZKYyQYYpjxQ84fI1CYzpkH/P58OjL/sLT8DTIFfsf50hrO8 +fdmB1qZdlw012OSctXFS4NB3uFgnkGHWneffHv02GaJnz3K0BUm74qu+eU4L74bq7hnKafIK +iQEcBBMBCgAGBQJR+k6GAAoJEIqpBEt+uqLL9+gH/3BIpzCoqBLLz2fzn26cI8cQB7i95YQi +f07KUSCtxmrPL6keh5N5qwK0Be6+6AxB9MPll+2290SxmHD2cwti2q9yXOCfLXJEdFqQshTp +Lo7gRFH55f8cJxM2QiQijslQD6VUkmwRstFEw8v7NIEo1d5rjwYUofFs1nF5jJwjyCS90A2K +l+FMLn2B1VJxEY9JKvGT/HwnYMQkh2YeiBp8encZGrG8w7vRiDInZLNi8W7EexbCafNJO3R9 +ygSsdmSYF9iBN3ZFnlc6lqROzEwNG7gy/ZHGYClvcrB+SJstocuk0U+FFzG4oZjCBNzBpjFk +JaHs81Mpvz3RVsL9vcYaiRqJASAEEAECAAoFAkm3fQ4DBQF4AAoJEPaHiuyrru5mfdgIAML7 +HNXkO9l0i/SrfUiNwYCG8eisJCVs6wSpmcFBdVKqC+cicKGDGYrTxii5a8AJi2ijJqc43GeC +47/V0SjnunET4ZRsWamUFlbvH96JG41NDUxdWAM2WcHysZeRk7tcosYvi0J3YyqxeLnXS4cJ +/dRa6RI5LZ/qmKMJHYaXMIcFXxXsoRQ4l6ZJLY+cO1IeRTuk5L8qVB1z47GAXCi54NuKXjqK +38bmR8wXa9scHqH/7ewYW301QC5FEYK30Qa2dgWdAqC7tN+Aed3U83mTEmYKWAMoE9GWGmoR +MjjGQQtPA2/e0OBWO4kJ8X/y8EnmA62xJKHc/RCib5XKIWhP25+JASAEEAECAAoFAkm7LIED +BQF4AAoJEPaHiuyrru5m0MMH/inH7YRFs4PLIMroWr+lBHNpCXZuj1qf27a34fcyt1UQopzj +elCgagQ4ydKh521hAuQHpu5bGy6ub0bgf1DIxqiSZ8zOTY+SRfyoQ/5iL78bkWqZ66FdDn8Z +Kh94PlKm4Zdt/2VsCk7OvfvXSGJjpjiNTlRG6gLu5r2lneAXnG7h53NltpY5dZam2TWYqCzA +tWH3fhYvUVQOR5EW+81lpkZb3OcfE2lHXVLnSxCdcjU/WModqqFDZcnv6x/aO6GuYCReu8cB +jvyUoZ/hYOhIgDBmk7xzC9dF/qCQ9obH34wbEAJzBQhktE/XjDxcNZY/s0TXrznci51+Gr5k +lws2ZYCJASAEEAECAAoFAkuznZ8DBQJ4AAoJEFP1iQSrzmXkMcYH/3TbJPup7v4OKQvxfeR4 +7hYp+WlPB2B8mwkxAv7sBft8/GoNrDKiM/gIxRnYb30IuI51ThaC7hwOps2WtowD5Y4PLgvd +WiSg48zaFHv5YPLMGKZVCOJ80t9/aeMAdoY/ZZyXBvPHoYy3isAZ9DY5ZUyg4Z3T4wQzNtM1 +plirNWTQlrv4zTxTBBtK4lgFhVgaNDVxXlsH9agsLKKLHXAIgAyFFP3N58qG4gsIUpiG63BH +j/dEEqZfcsMhWzIkL4O1d7+4eC1TAbv3V6TvwUWclfaWPMypcRh90G5P7PBbb3CweGlfsEd6 +v6dGaq3K9q0e//diyY9yr3MpD6oe7hb5VkCJASAEEAECAAoFAkxXAMQDBQJ4AAoJEPtn1svB +8QoV6BIH/iFyIBoNCMLZcAszCgdmXc+NY+2vXYFyM3Z0cleGAUXFOUcqVDCELcsVM2YmwgGQ +FbNVGG+kZPm/SMkh5aerVWRlNFb3vUgL1+Uf2H4v2xBabW+84ArVliItxmrUMHSoSVgOMk8P +vALGeifU38aEyLrM1kvSyvRvqvMpzL+G8Ui99Icg0ov6BnS6sET1BbvU5ltMayA7AdNZP3s1 +eCHxYID0eGmOJDnxgg+lh1XxXyAQEESTQ3cfpXCXU9vrQuwSYieaZXK1rZbLXHxGbm4O6bjg +zZzLIDqnVQA8WlmRDAUqVVU3IBoroV/tzvDeeWWFjyZPH6x5tbzI8w4X4i4odX6JASAEEAEC +AAoFAlC3X9YDBQE8AAoJEF7B7PpSrpzuY2wH+wfBEbkBxEp0NyDtMMVyI/+Kb6lJVN2XcLGZ +gYWOiSzniiZacBcnO9+9asa8aQOFORNlozYqQP0brnfX0QlE6EzeUeU33oiBMLI3fRReQNjO +llrD13qQZXZr5i9sBiqkr6kiE+hmiVRtzmaQCq/fhG0AWxCih887lHt7sBla6V1XO26PJslG +/P/I3BoQ8befGnZZTgQ87lzNmrYzbt0C7jtMxQBZHi+t3skgdvptbtECqN8n0m0i6+ZWgOi8 +K/W/VPFkSfuIXLhdZtV/lJEs6BrsfovUL36LsOr/i7T5BGVuqtVo6RtxMk0v7eWUVCjLSjeV +IF2eh1OS6z3brtaauL+JASAEEgECAAoFAkl/HBADBQE8AAoJEG7uKETZYb7rzOcH/Rtsanap +Cn8l+Ak/5HYS/o3YHt2eTH2Q6KOzv+7PRp+LSs2Yp7U7FnBDyg5ya6AeOFXeInHH1rN8d2AJ +ItTSGZAsKQpNeAhQH0LQFZFQrXz1CG9RFuICAxczMtFBhViXeHL/QBNXpFf+49jm7SW4W7MV +YJJ1ondg10XdzN0uRTL7g8zAZYivyR2fbPArUo5CNKTxkge5BYioMKd7iHVGRc50pF/FbCOJ +4b/f/yUNQXCixYAHUtLJgs6iKNq5Pax67GtmUHFTtSK0z1lezpEgmbZ3XnVd64eJKMVSsPjR ++CltxsYBsYGEqkgTgmcsP+DZzsR+Z6n7CH2TcXcIbsFdDwaJASIEEAECAAwFAkHCCr8FAwHh +M4AACgkQxjx2prH9835Cxwf+L97BC2UebKrKiTztJ6RXVBJkiuqjheQrWbH8vfJNHN8mSGuE +Pa3vTNxUFCxWSmQvaoG+gTUEah2m49Xyf6RoiAyHgBo5beEr3KwhoR2Y540LDSpSc9AyB/cm +nzwEUQHAq4cR//wrTCXQhMy5oBxRO6HDYqRon0zyG7tPsuIrb+5NNM6KT21QMh78lCpjaw3F +0nIJIlF8iv2VQ+nP3Gox9lw4+tV/Nkv56DjMAt1NrAy6NptmF0qGAVjAJwJKFFU6uiYpBVTJ +419kEm5/4jiHOEUVDfH9Uk7S2oufDoiWBYnLTRl5jWELq1HhDWmwPmc5DkPE054oAWKfJLi/ +uKHkvokBIgQQAQIADAUCQcIKvwUDAeEzgAAKCRDGPHamsf3zfkLHB/4v3sELZR5sqsqJPO0n +pFdUEmSK6qOF5CtZsfy98k0c3yZIa4Q9re9M3FQULFZKZC9qgb6BNQRqHabj1fJ/pGiIDIeA +Gjlt4SvcrCGhHZjnjQsNKlJz0DIH9yafPARRAcCrhxH//CtMJdCEzLmgHFE7ocNitGiPXPIb +u1+y4itv/k0kzopPfVAiDuyEKnN7DcXCcgkiUXyK/ZVD6c/cajH2XDj61X82S/noOMwC3U2s +DLo2m2YXSoYBWMAnAkoUVTq6JikFVMnjX2QSbn/iOIc4RRUN8f1STtLai58OiJYFictNGXmN +YQurUeENabA+ZzkOQ8TTnigBYp8kuL+4oeS+iQEiBBABAgAMBQJP+stgBYMHhh+AAAoJEHko +UFIjawAvxhAH/RQzy4h5anNPOnwVrsdmtR2R1o5Z9Gv6AauGgCW8qTSnI6dL9XF2Lj2xEL8Y +EFrTWsKzCNghiZ2u0NS2MK8WzWqFVl+opvq/Hw/FidBaBr0MTodylLJg2rzmuL62i1YSYIxL +xIbWRlsve4dAj4MSBdy/YlLmwjvWVzmf11sidrpUd8PyY/AQfRtsbsH6TOUYHG1lXE4OYY0n +7NliQjCmuMV2pIlQ9+m2DpthJ5QIGRZUArX8iKmFtKP8uBEhm7JdHvctJSXWJdTl5N3UUw89 +1acm/TJsENp3dLAoaaJejaVYn8MwnKBNPhmV7Pc0IUi9WuDypQK9VAOaB920x1RHU1uJASIE +EAECAAwFAlBgMEsFgweGH4AACgkQGIIg8JPUj6PSXQf/bMFpMX/VO+TH8Glk42cWhQYVuggf +te30kqA+PeTLOclQaOXtuPT23h4cypJofvMkXLp/PJeWk80fftAgVjmpz4NNen4empSgHngu +W6EjvJyNonH1ZREaYukHRekXohnq8V8YK6W9uyailLp90krSnbdrHcEiXvH2q9ZWXxo7V0UZ ++WRarZ/rvvI3vvD4iNEis89456BROzZjHO6VUzmCBS+O6Gj8qSfYXPAITmQ7MylMXJ805Pjl +rS3XVRlmMwxz4pyt6IKRUfZGNBDmE8pKjwBUjfCeVO6hmdvl8MC2u+nBbIr3+fdGWFhC1TgV +Fnp97TwS58ZbtBWiI3I7HSXi54kBIgQQAQIADAUCULvBXQWDB4YfgAAKCRD33+VcIwwqlWpv +B/9KQdzBza6ntUUHfURYLVVat5OMB2f5d1bWDjhPIvW7AjLdg9JLkL1UzK/niHAmzlU/2oRS +6ODxhwD6YQK6dm8sbiDNrNDXRswo88B6hKR/8YjKcMa23MWF4TerjHicmeI4rb0dvP3x+LDw +nDc/dPLIzaKiQws41e5FZRJw4aEAbSDi5B6clQwJO6xk4UKeBH02SEvKKF9kSI1P0ZuzJDQw +o//nK6Bn3z8KJFdYM2LB9khYvB+PlhbfBX+Qa9lo0UuO/lhD3YiqlBcff82dhSHZccEhqve7 +a0/T1/tgTstHfkFY+UnRrZ2yH8J8H1ZL6w4wItM1zosDsdIIaJlTQX2uiQEiBBABAgAMBQJR +ENSfBYMHhh+AAAoJEN8AMQ9lb8t/M+gH/2odVcIxqnbycqTchWlmZ3cnEJ6/OWdtH1P1AGkZ +mNhJgiT4IUPJPW3lNBEh84t2vKCqjYU+HbFLUXW6KBUQ+sx2wRZxDoLhf+s7jgQWfaStSC6/ +AxJKy3BID1+4XX8e6Hffk9zrpvoDwhw6KfjEQyOl+jrUR5ddlqMSXaTkCvQFUOanSshZrKH9 +cbTudmJw6CodqSW7fHdMHVEVUyYCtrJZ8SVQdAdHPeZWbJ+Dxr6Pfxz4NPCIJuIxNlhhuMCY +FX3t1nuYRIvqEbxT1C0GlkBkffeMnfDWq87PPtq6B3Zt3G2NNQWQOr0cAVGh9kJCZGJMPasU +UpVVIQZ/+3kUR92JASIEEAECAAwFAlEt7OgFgwCfhYAACgkQqwon7kl7c00J3Qf/e14/e2tm +WF4EWvMJC3WOzEKc4u2XbmNGcX1Gg5nqfCGZQ2Hsf9uOma6j+06LMDt65vm+tvvSEWeKQiGE +J5RfHTJKzlwq3kndTFd7Y9n5WainzYV0XOv078iG0V3XD0Pov978HeNIetuKj6pbUuYE28Hy +ClIf4h/g11zNfyuKqx56q2Jcqp/g/QgSlEGU8nyLj9jua4rR3eWjaKAyfehLxk1R95N0mAeQ +CttUERVB2hsPP6+FaB/isQH+h/Ul4FWqa2IDt3i6uKZSZXQiHY/97+c9pkXcYC/nY7bvADxU +Cbf37plybty+m44u81EeCB4cGADuff1qO+ylCBcbZ0AQPokBIgQQAQoADAUCUgDAUAWDB4Yf +gAAKCRC51y9qPN7XPSQxB/9YbIw45drCfcipCR2bW8sB8eidAPl3RrJBY0K6QQTPPfiXfCa3 +Jq/YoQfvZcgF0Iqp84zP4H0CLJbK45wmp/s5+rLdqAtIqVyl3AxvmSlMBo9rxvQGHe+7adyT +iAld5NZ9KJu2jNeOy1iJfipxLwL3WboqyH5q6AJHk8cm0Xk+MrMrtG8QtHAbF2CjuAzXvp1P +d2zieMbc3ejsHM2uc4dXb49lfDv/5BQ31dtctTcDyupMZoel8ZcrKcRXi0oK0p8ESwmNEjmh +L9u2eCKGzF5GOQ4P7chqUUBFKDLj6ZEw+JbF7kLLcc7L0c3WW8NaexbzQut9FVQkWD0Hq3UL +4iO9iQEiBBABCgAMBQJSHUdFBYMHhh+AAAoJEMAoupHawhiOTnUIAIAZgltm09xfvYZz3lKe +quTJVwyoaWP92+pQizbKcYPf3seuNjhF0BwPNcNn1iZV2gaO4kxIREbDthmeswX/rr8aH9cb +/WNZqWwWo0grglWPkwGlsF3qXBwdSt+L18fD4scB2b8fdbBU+MCHUYKUqNMYJpSpiAmw2X5G +QTYXzjDDBhDZCK2ULQx8hC6B2xS0uMroWzmf2p9xHtqNFvXGBIBh8UkDaryYFjQd/SjFFl3u +SjNFu8mGEK3DKka+ONpeP+iK+Rc+8r98f3Ec6ojm6VzScXk0wXQ+XbvVT7CAMLzwyNgF7Vtm +eFU94tS7zhAmg9RmVr5U3LSL7ESkrXUq26yJASIEEQECAAwFAlBX6psFgweGH4AACgkQEQTf +sDyQ34dIEQgAs3qBPLSTbW+yFUZ2/54rrObBO85uZ+dp0b/EqEY95DkMycB5Mh5kweEEUmIX +EpBAVctDsrHgV4J/TM2wJBD4ceEOCSW9YGq8Uxifk425c4W+k7ALgS8iQOADbZenOYELvZzs +F1CElsIpjdwS1FFSMf8JFqHYYzbBpWG3GND/H/Azg/8Md/jx2BDaE53sgnvgPRU4w9gj8W+c +UxlvYJ+BdunPwK1MKq3nSlyG0vFtaaAC1pJbI/2ZvmRV0z7g8nM5HyDoSfwDym7glyhFgPH9 +67OobPWMJNsn0CDX/saOSf09wQw+hqblqjIfz1PzuCAmZfTWvwETbeQfkK1GXzfyT4kBIgQR +AQIADAUCUdwkswWDB4YfgAAKCRAq1SB2CEitd9bsB/0WFPO0bGrCoAuiH3kISIdnpUc5Yl58 +R3vBAT6OR/vVI8xkVQduoSFn4wDwVj2mTKhys+2wBOzQMXdD2prNUJloFBVwKB1yAQrOlcbs +wiCd7y7u5tKVWMksyJ74ElCryVoAGokMXJ05gux1WjbUW88dRUJcvwydYD0K/Fktw94XuUjw +yETTmND9vBhr6U16+sHCkGZnexzKm20uduldC5GzI2qtcVvjRL/Xi1gFAW8MCrvcigLiW1cI +5/YforkwMzOfFgxynkf/+tFDmlrCE8G+Vc0tS6Z9PpJNzelyf/Njjdtll4Sa47JFpfEL6Wph +pRFKZddEGDW3W8LSTYKg02L2iQEiBBEBAgAMBQJR3CTIBYMHhh+AAAoJEOYzmqCkWMKdl/4I +AL2KrCvSwPDrCk1mB/WUWHRkunOTQ8rIbtd4huAsCfVyWHnYUGRjn3hhDZ2CZohVW2tICVPF +GiUECImnhLQOiibb+28eHbK5BZ9uBsmdJkRFn1KRoqcpIbw4FOeJplHJVSUQFXcGfUpU6jZY +GaeTXUQzM7KaGD1v4yj/IbaINvZKMpBJyvM7YambDjUCLhCc851iVBi6O+S5tumVnEK4if+f +YrKTeoje88YnUwlFImytTArDwYLG8qCSLEJbrEtSmsQpn/+wsUsoO4C+q7fGXv3jCBHOiEoo +edOOkhqzJ/n+DM1qimuHIHRwuuiwTKnao6M+1Y1CM/hrrWMrSw3BfYqJASIEEgECAAwFAk8Z +xtkFgweGH4AACgkQFl6M+YakCBdidAgAoX/5EexmHyflKRePrv5/57JQtq9XvDnd2M6mm16p +P1+Vf0amdxbLrXHkeWphVp6TbErcNEaoC8IFS6FzEkUikfe02O4HGJEvSs0Z0GIX5F1JEvvD +UQhyHwr53C0fIUTrPA4vrNHtcuU78NhlBR2Qc/brczYdEk52toJAmS933YTdzQTLJ8BEFCQj +YoRNskYFnmYRLRHssp9oIdE5mF+122k0dK/25W+juxHJ2x65YQp0DJfWwqNv1O4QPv0Nl3+9 +bY7yMkKkPcM001wfVpgsJlusd3DHwn1bQloorYqTK9Z+iyxJLBBfEt4AiEvLD179B4sFQfga +pl8IimEibeqsaYkBIgQSAQIADAUCUCXEVQWDB4YfgAAKCRAjk5T+f2pwQV7fB/wL1C21Vu/3 +mZDWShVYI2lMFVzDGIYJa/ptJ0jJwZrPGZn2/Ai2HLZczLN8y6H9I4jBJJ/Rs+aiGJuEGUnM +yfblLg6kH6X1I/95R92V2HUzEtlNu7wna9xupsdVPWIc5L1oWAdhtAKW8fStTpBno4SwoUIM +HnkAC00YrbBZGFOD9N17ocyVJrGRSl2HKq7+SDZmSBIWBcPpGbyeUuZclPTK+A/bjILcWUsR +B86yx1CiHqy38m8OPg+mS2MHrk1OJK4KrNqCC/Qin0RNmqMAUs0oNFVhPuwKz6/EeOXrI7zi +JsLSZb27ffsKjEUjPim+it0yx2Du4pnDV+3BYHtZF1wYiQEiBBIBAgAMBQJSBUGUBYMB4TOA +AAoJEE8wqSYxzf9vLhEH/3aGv7o6xjsSiChC5DxWcJGX1ajropQdRxYZf5gUhf2y4XISBi0B +pfCvd6XSLKueUTQqJoesrPqO1a1KEVYj1t0BdaNEDM9/4IRg2v9gi4DzczyuDDFutz03f9fi +4qZzASgkm4xZcP4wxoT8gTtrqhE6wW50bhvOQRjdwleYHpJfAncCzY94P777fd9NOTgPHLdX +1W/Gvdt8DrzgXSMEbaTl7RCD9ApAU3sN6cJ4dSZGF1R1nZaa3l02DqiurYhnBNWJXShIvJzg +9Kg9Xf+VughfV/NlppLG9MRm7eOiENb7d+dKV9QoLt1fXdjd03TiPSYT5lJcfBUmnakRwwAE +EeiJASIEEwECAAwFAk7np8MFgweGH4AACgkQCk0btjR8pxUp7gf9FAx/oa9WxmUaxvMLwmmv +i0C8rzq62C42bCtJcbrt87oMNngXu28i+HWvMMBobLtWMj4p4ODkLyML0xoJhDYpooSJXZWW +5TSl+K1M/5iCyn9358opgZzVd+n/clCsQo48a6XkZmKo2R3R8qL6kP0EQPSsAIZA6HjeUFrN +V4nhNTrZIytAyqOtABXFIb8UW18NCFpRTHeUffbE3Cu7jg01sFQZ8LZV/GYteqRm56zfXSfr +ADTKXQTus942N+0v8tLYdeIl1gjBFdTbDDsZ4ZhZd8rdrAzHhlWb5OwVdtAd+RkikfnIm369 +WfPQ7L7IKg5VvuPRBTVTmm8idSZWYKM4xIkBIgQTAQIADAUCTxDzagWDDvsbgAAKCRDTdP1/ +ziXyd/KKB/0UiYslOVUAfK56tV3Bw87rtyHJDukRTCMKWg4+5bFrw8rUM9rjuOunJ4N0Qyr5 +Jd3gBxH3cyn3CEvA2b6G0Cuka0jl/sO6NIamGw146F9392rQEuqXwoxeJdyqIWddNS2pXeAi +NSnd2DKFW3xrKMubi1UgJ91dP2bUp7b2nYT5g5M3oa6zUgld4pdELDX2H1RA2QMsw38I+m/m +cAwdVSpXcQNDAv9dQ9tXaVsLjd+ii6FbFczIvPQQ/Px5rxcBmdE1lSauADatmOBhdleyeDeR +POXcYOWktxfM3Esg3u1hvgR1O9tAnybrAVmwqq4ingyzuiQCM7xSHRHY2a6vBl0liQEiBBMB +AgAMBQJP4i6UBYMHhh+AAAoJEGM8WVFkHEUOVr0IAMN/tj7Ne54lQs5TOUCLZy6XP/KAuruZ +IPE0pKp3RdUF6qe0DmHAZ2e4GpvXAWDgUQFSTR/h3MeIl7kXQMAHdRuysW3/ELgjjUUs59p8 +koc23gHrxLkHS7XQEg/vIRPXKTcCUnUEeCLfxo4rILnI8gZkKEydum5zLNDA8I8jrR1fO6Rn +AJ92G/2W2DnMWQnKxD5OUBkKH/ThREuXoFfL41RLBrsvUPdq9xVbYLVkU5yZnzY3zx3ghccY +1aIw4ZjKwxkm2aoo7fio3wcfKq/ElciUz6Q5mPYGuICK/KXnyfbtZnGqU1jSQNQUc2E5826f +lm8QqLfW4jY1BFgAYZNwp1+JASIEEwECAAwFAlEt6poFgwCfhYAACgkQ+tt2nMRpeF1siAf+ +Ju/M1QceVfeyhU1J0UEnbyQJU/3khQg61Pihh31X6Rz+bu1Wi0EPUYYpLNanUxzZYQajX35r +jvmGCUGjtY9XyBaQDJsTaOBqNlIQBYd6c2qxSynPPcYY7kqLXWJ5qAZ1ESu/YCfKjt/U/mO9 +H4o+TsJ+u41Qm8g4XOItLXcqd5UKXEMn37Twe5LtwdtE8MkYMgbItZzvPIYRzk4gNCqUvlyK +BtYqW/ePPRzdUFW5ZMCf9lzfbZHJlNwKvthyjEFrL7Q6YceuYD2H2g4GyG4dVkJyUn028Taa +YYxdJ72OIceTdYNqJJ0EHVea/zKYFyVZaujAez+G16cJS/e0Kkg8P4kBIgQTAQIADAUCUhxe +lwWDC/FGgAAKCRBfroP/tdjwjF7RB/0RdEew8Nz/vdX4NI3z+7eLS1dHhhHKxo+etqe1ybP1 +jQe4PaLOY52wy+h5Ba2VJL8kkuHirta1ompb2IVxVV4jaZfuNO8rwFVhLsLBN9WIWPwXwW1N +V1atzoP80uR8r8ImHh+2xpinhXTOadfExvRSVp9h1PiLNOAmz02INFqlwFjZRVrrYER5TG1W +1VciczAfegBllLk/U74KeFgZGlTJmvZyFfNdmq8nHn29E046LrErVc8s1YC9vg5B5J4Yr4gc +4nIMBSFsgUmZESm62eBMUupFgs2QZbrJPwgxE4efrQHjkjTIjP93i+9JlxiWlIT+zblnvGCX +jeyqslTB8M6TiQEiBBMBCgAMBQJRwRPyBYMHhh+AAAoJEB+5sS3+29fTFaEH/Ap0NxVph43M +8R6qWTyla70NcEhvHB8vhOkY/P9dFA+J2Us/Tb6tBF/w67GVT3COjtSYu6VYAwa6D6dG7/b/ +T0YCmNHPo2pJ0zM9+KxJlxQIgDXfog16AqtZl6a2fNOfgwYWgsvqcgF5i+x8vZTGMG4gyhrh +6CccsODgrZDsvNZvcJsZzHZVxvYCDUDanNwoNroth2D+xLqcKe+Y+68lhuz7D3ByXnz3qcA8 +wIa2YoY+K9EEN+kcREPwZ7cLo7cGtEORywAozDL0cF+m7+E+Oc6s/4RWXWrhGHwY/LZR+8cJ +CqAEya2cZFksNUjjtkl5cKU+X5+c78X8X6M1j8Zl67qJASIEEwEKAAwFAlHbzhcFgweGH4AA +CgkQDIXPyQKTJ9J7BQf/ZL9Bjv4gK19yyFlBwOupP1xAodXL9TJdppYeVo2Z3L62bAlv5vBk +TpxYkQsKcVqlEFgXnySCQGVCdSHfEwp02gjB4Cekh2qBLaiFMKQTKwAfPScxu/H8KkP0bFTz +jSTOJNPmjqDs2AtrNSA2PhU94H/fCflzqvHYaNK6mpdclt/fXntRFeI9B6YvbGQkx4cQWDzd +KWmY8UAdMgsuFXLLLpBpOzYoNPNBH3/p5y8C3Et5EtEzWONhb5zXdJiHcqddK+/EDDI3mqAY +t70K9aD4fs0Q9nHFOaaCCNierVzHqg3kPoK//VeP6/OCTD2luKKRaZhFBhIQtmm/oDR8L048 +m4kBVgQQAQIAQAUCQlG0cAcLCQgHAwIKAhkBGRhsZGFwOi8va2V5c2VydmVyLnBncC5jb20F +GwMAAAADFgIBBR4BAAAABBUIAgoACgkQlxC4m8pXrXz35ggAnVHdAh2KqrvwSnPos73YdlVb +eF9Lcbxs4oYPDCk6AHiDpjr2nxu48i1BiLea7aTEEwwAkcIa/3lCLP02NjGXq5gRnWpW/d0x +tsaDDj8yYWusWGhEJsUlrq5Cz2KjwxNQHXRhHXEDR8vq9uzw5EjCB0u69vlwNmo8+fa17YMN +VdXaXsmXJlJciVHazdvGoscTzZOuKDHdaJmY8nJcCydk4qsFOiGOcFm5UOKPnzdBh31NKglq +w/xh+1nTA2z5orsY4jVFIB6sWqutIcVQYt/J78diAKFemkEOQe0kU5JZrY34E8pp4BmS6mfP +yr8NtHFfMOAE4m8acFeaZK1X6+uW54kBWwQQAQIARQUCQbPTrAcLCQgHAwIKAhkBHhhsZGFw +Oi8va2V5c2VydmVyLWJldGEucGdwLmNvbQUbAwAAAAMWAgEFHgEAAAAEFQgCCgAKCRCXELib +yletfJusB/41PL2YVOzdS4gTSGAln8vWUn4I/+E5W1X4sPf2N3cH4PbZxN4+hZe2Vm+Ki0ZW +RGsNUtYuOhfuQFhJSTRCGKOL6DdEHe0ASs4uxHW4E6/IwZ/K81E315zFb682ywBRpesckmyt +QAmp3qJTZSrDeUQ+ZqoFLGY/jcsRc+ty9wfAphAwsDYtehSydnvTXhdb8U1voeCC41Vihvvz +i3Kl0GNy56m/WZ+Jf5pqTJCHFdjI5iCsDLVAGQhmw6EYsV7WywpqJ/uAQf/w/obWIQXoKfNT +kBLR1otiR9Ib01KkbW4lm9Rcs8WEsJ5C31TKEWdczsWWvyJyjFbXoTfrTi5szzutiQFeBBAB +AgBABQJCUbRwBwsJCAcDAgoCGQEZGGxkYXA6Ly9rZXlzZXJ2ZXIucGdwLmNvbQUbAwAAAAMW +AgEFHgEAAAAEFQgCCgASCRCXELibyletfAdlR1BHAAEB9+YIAJ1R3QIdiqq78Epz6LO92HZV +W3hfS3G8bOKGDwwpOgB4g6Y69p8buPItQYi3mu2kxBMMAJHCGv95Qiz9NjYxl6uYEZ1qVv3d +MbbGgw4/MmFrrFhoRCbFJa6uQs9io8MTUB10YR1xA0fL6vbs8ORIwgdLuvb5cDZqPPn2te2D +DVXV2l7JlyZSXIlR2s3bxqLHE82Trigx3WiZmPJyXAsnZOKrBTohjnBZuVDij583QYd9TSoJ +asP8YftZ0wNs+aK7GOI1RSAerFqrrSHFUGLfye/HYgChXppBDkHtJFOSWa2N+BPKaeAZkupn +z8q/DbRxXzDgBOJvGnBXmmStV+vrlueJAZwEEAECAAYFAkPL3o4ACgkQL/HwBAJGLuJCSwv/ +X8kSD87x1ui6unx8pSkBA2NDv58yElx5g5JWFR5dmVIrhnyz5YCO6akItD7jpwpOrn5bum/D +6vBDv72yZ6r9JlBhiT5kiGTsI33leGTLC/a51iBJJLUHVVHZcCTiAnYevdBzaRqXwhmtHOcL +ELJ6FH+QFhD2aSmYQNiCNqGFUvBg/tIsrINv/Mgldj0Tdh16lwNTWErZ0kWx193cHDMbojdu +KxboiUCRE+XSWHnYPhYSWUeK2Zf2OwlRE7bQ/L0Ai2nDUfjAhr4RijFH5lG35PsyTGu8et0R +0EkU4fgRWb9z/rsTWijc0+D00/aWcSPTxUFZdaneRBjeDsmxTbywNySL5Vgs2oHlfnlSKlNo +hsVUJzhjQuRJj3pVLhpN5u/I0HIvu4xr/Q6XKWMb4nNIp96//4CNBcc+KrajDPVejRMIftyF +vhwtJKEAl2QaekIwH1OHWRGKPgdZuNAqkLf/Om0lQIrsNCinz0cHSAiggcwcbV3Q9Qp9quQu +HOLEF/0HiQGcBBABAgAGBQJK8BMKAAoJEPyHUjbfiPV2nooL/1IbmljfeuTkx3tIWDhT+v8e +QZXY0F8rvOb97k2RP9Gd45xrkCE4CM7A7QoEYr/yzwwflNtU/J8xuvXEQVnDZZbS2xEM5tJy +vchlC2QbtcsCRGBbn0fBqasb4vf3kbmPU86lXFEyp4ssFNBrFX0V5kGDYAhEzM3Q5R3CPzPO +BZvoFmiLKKekQ5l+I3QS+l0iUlJNKQqja4jaHFjSkMMnznfKKPldK0Dp9VJ8WGvpEi5RkFvT +U9OEf5P2+qsNTmjQoi7JXo/OpR7xLvfgIJetCOpTz4GZcz8Qn1QO8iC2KAvNO3ans1GKl950 +XRqN0Ehy7bDoJmDVKVz7RQopGW/FDiNAP2MGxZXtX4kKCfbcVR+kzRLuYvLG6oVYhKUxJUap +hgF1ejUifQwuGwUn8A0f9kT65vwe94L+cCngbSYcJ8VRtTKZvz1li/5QEy5EAvKc5yfDMojO +OMJXQsT4Vl4QNeNUQYfognVDllpHRU0lkkwazbi7MTXiqqNxIxoNlshL1okBnAQQAQIABgUC +SvSuggAKCRD/lAOxg88U+Z8BC/0Tl3d9+rOi+1xOsq1x71iFGOg71nTS8MH435UZdjp0dDJM +083RcPqiiYVqMD3pMUjrdSIlqU27WRujdVfHt9R/Nu6susgkLT4spxkiOcfc6CCgPRi7/LPa +SjuEkHg+ZKNVE6vjtBOY7Or+iNAcMvAtjiJqgPijYjxthwklyuohO+UONqsLsr2ohD3vFQ3M +KlfShyozDjuvb9rXJ1L8C7JoyyMmhl+ZxjSRTXyTPUTbzJ77I+xSh2oERlkF7hg0jtccZCC9 +8RtH7Sy9lE1Fv4eGOaJuTB4/Y5v9GnJWZLxPDkvIIur7BoAJrdeKWRhqSAm0SANhkGW3AdNx +Y9tBRzj1DkGzmFo+TBq8OrLs+E1zhRuV6z4j6/ghKlezAe5/iOpoUr8KLUAu4Q561qcXixiI +l0QP/a5iC1PAhH7MMDy0mu7p5yGls/iUj1I5rcknRMfj/aEFXG8a2trOOoqmc+8ysg6LABXQ +hVpq7BKfgZBPKo2UM7Pb4ozQA5UWN8m615iJAZwEEAECAAYFAk11KPcACgkQJ9oR9nbSyJ9p +RwwAoqJcVBfbdKlqzG9X77OQ9CUN2IFHsxLMlJJ9gNWhQxZmU6pPybrwn9u3Hzh0WwVCKTyk +vyKp54D0QCBskpoy5jnETykmZpNQd/5FmG5vGBwMXvvryUGAM+C0z6PCbNCcuPCyiBuO+QlK +Otigv/4dn7br2YmcX8L925uTYCfd9g5hmy2uasK+1Oru1xnmws5c6DSr6inVFKi97bDEVWO3 +/Imb3t0jOeEHlI+vW+8UZ2LgGr3Jq+TWAiaFeaofE/cFXe4FL4zYJ8S92FZ+HhY8Pl2JBqeq +BNrxrTI+pBAEJsFk9f1bcRhvy636plCMavBxGmL42wQz6ACEYIfzDFLhG6HaPObaVBEwJ7CB +ecxrnZ0310zL1V8vyI1KLamfubL4kiy3/OQlr7OB6R8I/yS3PidnetOw4yS0cXGGczx31/XL +PGj9N8CPKmYZas9DJ4MD8Qkiv+G9blA8x1BDZXB8Iit76AohfQ48X3LjR6wCXqSkrWlI0+Cu +hOqhe1QD5XKZiQGcBBABAgAGBQJNxrhuAAoJEA1BNKKs35Hm8/gL/1q0uYm7Fb5M5b1f6S4/ +vlH+eVDkYQDv2XECTWIY6l8paht7h7A0WNL7BNG5PCY3ab8TYoxywSDN/CCtGBGNM2izmYuH +PeZcqSMvJEcpCnLDVcz8sjhdN937sktvy7Iat3P8wtEia2Dp6HOkac/y/OSzkmogcPmJ7ul0 +bJJnFlyh0ONCmayuZPINeZx/+lhs6fwpURerjrvzxhkYtzRH0RtpaPUNnLiJAm8G9tzBn6E2 +Oe2Ib19qwQvjXtFdbEkfVpR2GKsh0IxGqb06oC4PJNyLmbPOCPw2IudmcEMlqdRFKg9UoYrV +fCDCJcV8gbyvpYgci/7jWmRg8aS6sQD3LxXpEi60USENWzGqEUTHRC840lrCVqPzWGAyatTO +ApWtj6L7691OihXRysI5GNaqShR/9eJ1gvruA1Yous6Vnq0a3BAwOX8dWX5qx3NT0UhU0Tw9 +qn4ajHx+uNPV2ZseICoyelibUOaCldAK/rksTttxcSCD28YKlsw9slEXcfu8OIkBnAQQAQIA +BgUCTin2pAAKCRCu7s6/+NjxKByMDACPfcAv7dn+hd3T98Pb/eP1imEEAS189TGx8GR/NbcT +I3vvleIMTZkK/aqDpMlmXq+tp6qMq3lIWMI+tDhOyb4R5GqyglfxzCYZsK3ajGoKpl4CYcBC +JGGk/Is4Ae57fU6UboxY4YjN3IQzj+rcI2MvXABchjzeSFBc7UdknvJkrC+Ih1GIZ8AWCxto +W37vOT+Lxvc32qnu/N7oZjznfYXTqyBDYHTPToIZPLNmMl8+M5/9ZEe5J2hsgW4DBv9LbTmz +0c1BQgSqkXNUPmrtA36CTMD/WHK/ivGfCN3wIbeGJi6fvypikfvky6KjVjOW4uRfaNJ5ssyP +l6oHx9nUkV8D05yB2oHFMAHN+IWs71CFTVf9nUNPg3XOSk2A5HvSf8KhFX4AwEYl/+PAaJCK +QV81B9b9hgs16d01b5XB/9oiWmfgX4Txf91qvwkQWxI+19CeD10XLCqUOVCFbvNmgT7JBDx1 +rhrXWWB9lxWo9mViVwuLygihya79fw5pwqhxDeaJAZwEEAECAAYFAk54DA4ACgkQH2ytYtIu +JEQi8Qv/czOSZm2G5E+vNUGpvYA8Jxhubba6szTNVJpsBFYORX5G7wVj+RUoV3MnkBZ35fPs +xt5sAGTXM7kJZEUsIvU2DRiX4XDTf6gFfrULkbIhY0a2Zm0N5gtQsjXBJ3rsh6KyhrAyzqFQ +2Nmxbe30BhL1CsQKSaYh4dsX+2kKwoB9oOGGi4SpYt1uTPWhkPFFLWj+IrxTWzt9jEogENfu +pgx7MwmpVY/bHvhPo3pZ7uHDPEufRX8fuhHqWp4M7yyQL5JOjfLle9nqplkaClSsOMDyedrL +lReS2lsIwShJqCR7C703tgkWyO5EZyq+17n00fc+4fQ1cP92rvx6b/RHpUeD64bVPvjaWA09 +leTUVfkJYhFoJkzJYFYjUMHzsOQwU8YnGeXbuTCIJ1ZrDR4ZPr9UEGo0P1Win/Jq4KdQ6HTZ +VIs2KYG68GXjqZHg8u7tS0VNyxBUSBDVv4Zvf7fvHhVQuYet90G7WBoSuOgleNnk+hmf0c4D +fUM4Ih72acSzj9XmiQGcBBABAgAGBQJOgLAzAAoJELoWe8g0SGOj0ncMAJwXFKmAqiUtCGM9 +KUVu4263wIv6UcJ3Fh/toOGb+/FoFTyur/PmteAkAx6USLGkqHtplkMZcJrLDbIP3oBmMyXb +LewgtJXN6EA/V6odM6jLKgFzPvR6azwgswD9k2HA1utbp4XamekvXHmLeVZ9XkgFfco/0tF0 +fcJxTqyf4gtu4ujT2EEtxNrvoJsBmPW/WVV6qmsgwZ8S1hBt6SECzygI48uzbfHkt1ClsQmW +MfpzTZkkgFl8mNP2YwfDoLtNCK140WJlNxWVBbk4AbhA7UfNzca02g3IBaY5jGRtdCuDmBG+ +akNWjs//wwmFZk9gJ6Sm0lRZFwwxJk7QxSoNdC/MzZB/z7DdnUwWwaLm9db5ZiYFVRpDYAxs +MtqTwqQj7gCj8xg8osC4krmuhicvDfdxJB1TSA4eXeJV3Cmzh/rP/EmEqVaVCmEK9D7JAMS/ +T9an+Xw3PdQghc48yqoRzjBM3y3TGKunSHx9xUwPLQrWbwmjpKKaj+3lHl88DD0EAokBnAQQ +AQIABgUCT5qzcwAKCRBXRYXjSTKuAQSfC/4mNf6BFBzLotFfnYcDzmsUe5XYudWEEnwBj4Vl +af7/ncB1XKJYS5gXRFjPUtYBp4EBRYoWw2qVDVwJ89xsxIEcWyye0kDZAtjFM1BlU4c3yErC +jNDQIE3jefHkVlBJi7RHDoRfGPyMZYW2nLtZvtSu6u/wHOT/UyzVOfDieBWyzPsxTbLNdBJj +LWKW/THzusInk/UipmUaV2oiSPueBAM6/Kd5oz+LanzOw2CGN9+BUNE61kWIPOJA8poCEKVl +gvIo8kDRaP0Q7w3Mt1K09DydplXK3fgPp0u+xhH+PskvnCnaL30U2qOI7k/8P8qDELE0Fyfi +KEE3ZAKjXIcVtNF9SV43nWzysuEhYRkG/8Gdtl6Ij9wqfPWSSVwiOdiOREdPr7//JW3u2gp6 +aX2eBRZ2HIp7Y/c0kMKSB8eTREun9Ll+nHDAnT3sYhficUBgynncN5R0ixJhsaIaqVoZ3kKp +Sw/kzCpPR3KN/Y67whviRyaFzTG1ZLgxPCjcpUX9NCiJAZwEEAECAAYFAlBVLTwACgkQ54Ny +jqP4xZiNDgv9HkvZRV/sPhGAlscQkAXFYIQzNUTJHFMNRfgtsxRdRLb8xNbAjIx3m720JfMb +rUxf3SP7ovyUrWji5NkF3z7PUSzMhoBjsBSz2TY72TWaxmg7kMgR5A03bIiljgrqBOdFIuRg +jSps2aP0tBnCTwFOPvSt20kZZ4JH2l38iPvEMdg+C3gRTeN4N+6JKI8WOHe8kLZ+BEPRVlnH +SGzyhHHKLfYjOAG7FEgCj/grLK5QlRJ29jGsmZhHCjw6HsAK7g+K3lqzYo2x5LwGYpN3vfUG +FN5p4Ssar5cMSD/mPPWPXDoak4J3MH/lthEoZ8CSVl50q8DWY7YDSGaX2uUm45gMLt4uKCId +kByMuXiQLXcT3Q7G8fJXXnD3ec2fjfOGD39E5cs9sLh9st7LG3ltltoc1oSrV/SRQHOiR3HO +1FGzky8oLbt5hnaEr2aHmjV9yHAB3B0gX6u3XUCoinnQltKHzV6+S1KaVQv/qv+sjp0I0v0K +69vbD6zTawsQcI6SKqd5iQGcBBABAgAGBQJQZpFmAAoJEPCQYB2qrYpyMi0L/0x/IPC/2CAu +DmnzGkgAXgFBhx6PPNVXRyO15FgUIXSr+DfQpWXycB6EyGPyqPaAWHTKYgYNEZ5o8TM1NYWH +hePh9OZ2AqX99X2UTzApWM8jIkHphTuGicZs18kSOiw2MpP/0uoGmFkmWW4Aq1w2GwqzdqiA +plllRWUUG+YuW4K8V68Le/IryehKtAdEud8BqwvUHHlW+vNdkQrbCKEzGJy66c+8wkJq2UAf +f9zl6Glahyz5wBAKuokDPflxh3zhLcuvhfE0r1t7MfGlEzJk4yxhi0Fb1KASqaJ31g2Q9CD4 +KA0t56fICbqnMm0/BEU2EdfItpKwBKOPBBMMl4/vJPnD2KKxOEeVF+hv5O4IKLOXkJ/jAPnv +GmoVMVYlYFxwjL2/PZvwEOisuxFKMqSAO2WR6alVMwNDUFmOe6ThkquJ4oTLPwi9Db9AY3Fd +vnswiBzEBeDHyiB4kODWG4Uz7gQBFBgF8/AlxfaGLNutKKUducfhKje2E/UcwYFfHLsCfIkB +nAQQAQIABgUCUc2T9QAKCRD9Jdzqcag0XESSDACXf5bgsc52nKKFreFULpQ1GPRwqHAvw0FY +iwypdT66FB/UY7PuPBobQNAxmGFu0QSbr65jiwGC96VzJ8x3WjYaCXCVlj8e8DGOaq4WedT5 +o0yOwsif1YeoVysepjgQA//EAagGnV2wMDU8Tm7zcZelP49fD8TTrmyXh/4hb0MgA5+tLFUs +90a83dJXy2qOS1F5+/rrYnYFJOGHxEX+KP/nRte/0QmvWM9r3W5Oa0Wm5EHC0HUnFf6k5yav +IcqXyBFwbqzw9ODfvCjBdx3AjoWqWv+aRtbIqIHWBmueZqYeWqKSkpUQK7JZ1g9zPZqZ5OSD +R4n1+RXFX2F9G7mCYWpMk8CQXsCXY40Sm1pfN0K9OCLFE2RqBaXG6Eh08GabaArKW8WnUibr +fX6o1AjO3E4UW+cUl4BYkceEsAAfjgzZgXN8f7stilTevIgtM16fJtvmeYLlZAaoC1tCfAul +bAnWhAfNBiyO9+DWnjbq4cmZJza6s2B+kWGlEIwZVikPqnuJAZwEEAECAAYFAlHO0WEACgkQ +F35mgTrEpmgjrQwAr2kG3jhUEB3fWGoX2DbhwHp+qhx7BRpN/yuZnxbZwPgp/6kZDFk29lI6 +uTyiqOyKGa7TZutpBD4k8FtNXPqD3iKiC/+3GJz8d2gkpY286c4VRAXU14QSWp7PBD0peut3 +asJsHW1o1dCZ0uJBHa/nY+AIlDAmB5zQA1fB82Rcq1AxK5fuqotKjnYzwvIU+gyc97QHnXhE +QoMGSWl8JjmEkMaOFcbo2aYupH1AAB0nk11zFnc1AtKnM1JSW5XJAMaBPa9oJSj55HjkM6oJ +oietqBistemAtbIqdjl45Y2ShpizRnpS2nOu4gFqu85pzQu6ET6PmFW1i3XjN8GD1rYY5+bz +zixMdF1Ben1HXuozddUsLwh+aNEHwgULTbOgbCpKL9fpWj0r70DbNlKcC6O61oy+wsj9WfCI +UeaoG/9GyKyz4eeatzRSHx1ueORsRPVqEbquHzAiva0Jhol+hcAqmotK4FOE0kaZaFBXDC9q +xJ/kmA8RFXMwRafD/JLRhcGoiQGcBBABAgAGBQJR7XijAAoJEDBuNTCPH9g8fAwMALC7alwa +b2nCaSQ9+vRR/A3xS/q0Nez5k+yykoADGxF09sU9WnB41iCXySJnAlISInQfjG2/FXmbWwEK +e4wjTbshQPjSkS7kexZFg/nnafGbxVdUchTo0bVggodlrrOWP0vgyGWYHwmsregsd4U2MHLq +eT35fdNyJnmGh0RHJcV2JHiCKr/peHvVE1xPk3kZhj7VGbtz3w4UW8cLPBmNDEGIvEe/UoSe +RJJVO97y7cJNqyjg3ysHmOr7J02sBzXBrhPZmvaWWhyHLVlrwy8HQYuFktecvbW6OMK2DQEk +SGwVRyQvGis2zs9/rzeXXCNHJWMEc1zlgYyAL0m5KbhpC77/Vy2T18BLMfVgt4e63xGT52BS +wn0caAEZTtM27kR9QJSF7BbRmuqOpoP4fhLrrx6Qwu17mB33QXfvKohRrwf3Si2+UT6Uj5be +kq2vsPOizyd91VidltMXRRd4/cm41ogEhG7hJvBzhmH/z5L8ptHPt+CZy84bIGYKdTy+wc9n +DokBnAQQAQIABgUCUe15HQAKCRChne2w4KRJMkYPC/9GtOJAIPCdvmVWDsjMfitreJP0UFMG +BXCrZ3eP5xlyD2OElel52PFIWF1deumE2fmNFCrbs3bu8fSCMTYc/Q6wjnfv4kpl6KWh/xeO +cDNzmnxaYj/CI7jfFXVdrTHce3moMFuDrMOxEyvRxduTz26YhBy6zQ6WUS04k1x41jsMrN3N +bfM8iPOyTiyd7MFfvJZbSkZHs86T2c9B20NaEbC7SJ7AZBtZRMP4WSrPz/tWKovkstulzyjS +itBVKu19S+s44aU99XNeIPHGUzVV4noJnZkPyk9Ma2I6/DA5ja1fBAmCC0rwOIzLYzTyUJ97 +K7y0AnfAvc/3l8dH0BwQ2Dq0OdAXd/Cp4itZgxYsNvyjnanyHSv7RZb5FpjW1BVRjTSJkkFl +f7xF/PnEpXCW8sftoSP/WC6SWChJKqy6DX2dxmYdBKqM+6BTYgEkhgMmU/1P4SteWDeffBUl +rJBFjCs6FMvrDvssmhAX4/Ululm8Ny+3XJ/6Wr69lzrBOjxKn12JAZwEEAECAAYFAlHteXkA +CgkQVCkFaggZ/AOq2Av/QRTcdg58SdnnT6waT7YKD9QroUeWio1zhlxGD03mUyMUB6k0SiIc +3Wkb+O8xH23F38ox9VGAgtEyrGBAOIf4HhnviDve4aF1ph4ZF5/W8bZkVUoIqp7V/K27ZWsq +yeWrhgcaa1txRCWhuYUBqGYXG+r+drjW4evevozRmolGMFvLRSwveexPdtcfa/4FN6/A4w1c +lo16x8zeQyuVQLKJVXZ8iywah7X3mAhF+8EuAOXvNC7De1HkRPveTcD5pvwYpGwfuoxdtqVu +o2GQINx+ufaVxic8y1fdHZ2xvWjyRpaGVQoEY5z/SanrFDfFKLRV5lZDE//MNKnsRTmPKVZs +q3JU7wPUTOOpwnS8zC01MwxzX+RX+hjKgGBhn3Ez4X7bb53rPC6Plap9/s3PbYfd4qhhapwG +2ztLkS49JgSDI11iquLvYRqGdp+aBOf8oKJR4ZBKb6rT3gzPEmv6+2D5lB2TFuXsQ8fefgwh +54mmqzGCFDLeZXV+AvGqST6NlgI3iQGcBBABAgAGBQJSLmzLAAoJECrLnuugPRVQt0oL+wYY +kWa8/gk/+OEzN8yQaq1tksIYe5xtk2MoZ2cX7ABB432umRGo79OMPU56Oqwo9kl/eeLS0/Vv +nfnFsPydYzBoYTIX20WDqspYDelh2Z4Ks/ChpoMk2+k+ezsQZKUxyE5XtX5dgULzkOR1+P53 +kgvzn03UDrot3XD20+vdnwaeRbl32hMnwPErstVTOVgnTzV32OFp/Z2I/wNHMGz9iZ8G0KsX +k4RedDLqrxLelsUC4tU7acCp4JxJ9lhSqngZtJ9dE0n4fuE8o+4DAxo06iC66YSMO7zXOOfQ +k92XxWTp1xM5YKfaZ8UhseUujWMDR26VuFHWNCw6aF7q0Ni5P13wHKS5v59jdBtyqkmWZ4Xu +Dx0FIt6O7Zdy5E6ZHaIR7JQ0MJSKweWRxVTjVzuSUoPDCq24TLdsqUZ+w+h24o0apaeNdIVm +aqWNrr/KIPNbrbth37pKzN1GHKzZS4gJcYMrWzPdZp5rku39KeX4rGPDm+Ua2uJG1+wPFbYx +v982f4kBnAQSAQoABgUCTqmjNwAKCRCg8hPxRutYHy41DAC5ccTJOHEcbWzcYE2BKm7+vS6m +Qsp/GxZ69dzy2K90m+f9q2Ey+WkQLOBanj789NaQffJaflf9GOMEQwZbciDi2Cmy0pN5u1Cd +2KzDBESPNRtc1jN7Ixe2zEsmDFsSDaq0tJfTUOvNaZ5fYHYlnRg6w50+PlD3cYkqpTWweMK5 +oIIS3Qg0Rv3LvsGDA5RXHZf100iURSHc9MiIPkIlM3skZ8g93/HomWm6yt6o4NY1KlzZhoZz +RtQ8W5mAza0ERoYdqAe84/Fhbm0SzJ1QTBXIGDbT74IaCx9TnpBbumSLEVak2yFRq924kWCH +eeF5LF2cqLko9jpUlQPyRMYjuFRfFIm6wtmlT5oSNkMg+03J8PXpAMsEWBi8Km31rKYVvMyr +wybJvk3AzWZBN4Bi8BypgQOX2Xfmw9aZ/8OfNCk9klYQipCkZ1tWSSHNxsCFo/cBfiAd7SsQ +g9aZeDrmRwiGi3civPtNaISSsrUQMi1FDrIMPKaAzORZnmuKYaFrRKqJAaAEEAECAAYFAkvS +yPoACgkQNfM+8Lbf1QxQJAwdFabrUyA1+NMeaLe3mzCy24G1BtWhXvRvvdRKIHDN5/BRIv37 +oWpfMnx3Y7BuBt6s8EWRQDvh0lJBXaApghkUDORm5ozoRePiVHL2UVhLgVfVh3QxVgMEoyPV +Mq+L00pJD87lYl7oGAMvAQyEmeir46bqYPVvhhjZQahAnCSXs1R5+2CL/DMMrE6CqN2oynlx +YzmeOXr4f0RzWtxDjk7Fq05hqIi19P+k50VUNVw2Qwny9jvtjVTbeEHRzzHeaDcragJNtF37 +T8rwJ6lvthJ3iIaat8NAxxLQa4s1Yz2MShsdm5dxysmwX5CnLknXb8fUBmMHLq/wXyW/tT1k +07BT0MMWsy6aOBRXKhg03QAVkmOk6fNhURmXRsSh1EU7WUaXRsUNT/uiD/ny5B80hQz0iwut +ZyjLVfnZVaU0MVP0QZC31xSvpIfi6CorNLA3BW9SygRp8AoOm6f0Ljp+doA7TcCwP4FMJaKw +31ORJaIZVlthbsnPEvVvawad/ddPDsy2bTLx+IkBoAQQAQIACgUCTin8GgMFATwACgkQru7O +v/jY8ShAwQwAuHNF76WlYZt+RgP6cfDDdi5moyPuGuW8yFXfsvnozDkyCLKRThQo+uME2mWP +wUI+4Dlend60BwGHhVlbLWUBbDLybQpQq9b/Wo+9zJTzJhKhz6XmV/cT2ZUx8dTAMLf1l1DQ +eqNuN7czJcChy00r04xfb9PtcjJixjftBNzWVRAlJcdNDMwuNyGx/sJ5hzOpewSrrYK8EZnn +SoNHaVhlAJbnXiHj/rcYsFxtf22fiJj2/kgC5aiF8arkO3I3LdVf9scRUSkcCXUQ0G2QEaoL +LHUcRuVJM8uOY8ZofpKsCgjx+UY7vS9bD31xm8g8ReuERK2Bo2X3jLuXQUgqQxMixsYOlHYv +BU0tQStMtybbFqW8P3X7IZQHeB01bsmlaJc900VxvzER9faNG1jpZES8FrLxKA0khaP8N3Oq +vA1I5h3BkBmu+2f1X2j7xFGGRsvGGKTIcHbMsSbU1ateiF5joc2aQQ8i60kvUqs8y7Bnw0+4 +SRRPPt0B7R/xI1EYOjvriQIVAwUQQb9QFtxTisjDr23uAQJD2Q//U4RkOChlQadeIPWaMhj2 +81KZQfzl3E3m44r4d1+Vp46PXOXbDlY3enIYn0I4HFUb6KWY12wgbMBNHlLBZt0TlsDwpyD/ +wHS9cUnBK16JdPvpWlHkI6VcX8Vt+p+w4avUt8QZt7V1iVEpniuQHorUFYcRQdHn1UT5vTZl +2Ph6tEyHYo6MLv2WT5fNQ7uICjpY+KFhXIjsOkthmmus2MNq27faQLAIhcSCr7tLU1GzxSFL +M9wvi5ZWS3vyPHSTTFZH/sPTlfkPWHRtjinWhXSJp4H9aT/NdyKtpNd8SO6AlXAMBl5SqWGX +sjEGHUdzQS5/wSiZ6v1NDXPHLBvXa2Zwf2ovQUrPNVU6L6gGEaNWlL1NnR09esLOapVcxVwL +jUFGIrTc8moceOuDyqxaQV3P43QXQeTCf//XuKaF/LVcP8Hc/T7TM7cbHhIllRQFCCdnWxOa +L7Qz+GuuDSzhh0njb2wwI5j/LuvW5rz96YfX4HLhdHiLxbmgs0MG/enRqpX0wv+ZwTHdgAiZ +Q7IPt5ApjykRqxlhllsI5q9AwJOw2GR5lBEwHndy8Y2z0eVOx1SSqy72yz7Nsg4KTbOIlJjM +vm77MYBn/kt50c4w/wP5gxpwh3mb6zwcoA/SllnikG61pdwoz4e2BdBCZyCWQ3ENysZK5/9D +vmi86RyV/XbDjLaJAhUDBRBBwLMthux6FGOytHwBAm2dD/9m4mToRUKxjcyn1Vz5uiW9Som1 +7De+mkbIBSV4DqJlgnfjB5yNZ0fNDXY0+OM6nSQjHYDeHGgU49N44p1llyTGgE1pmpWLxV50 +mXd/Vg31QZySBFb+AfgDUIg/+h6BQidQ3rK6r25G92qCDWg68z04vtygOxAwcVaPQF2eyfsS +aDZRN2cFjymzRudhCLVrKGE0EYa3quB2m/DbEqIEr9ubcRRltrYY1bsKG20bXBLvmGFLUk5i +XiaZtpeaomELUzl99Zf6uwg0V1nilv7gAFF3dYs1wioPDyC6hdEtqm7WVDo+RbmuXz/jZAzX +R9j8uUyuLyfEyZO7GwRRK3nJeTl1j9J20OZlb7/vvY0yeZJiMvryKgAKhIMQdItvaGDoTbhN +L3r8+MqXgqlur/UBt+IYVtKGu34ONUcTVzD+BRjme+1SEmI1AmnKfJjMurDacSWtB7cG8KpL +mxdSRF7EobyO51BUCekxgRVxkOF9byrvq+XnsAizvogWE82Hzqpj+kuRCfq2HgMSiDXKqZrY +BwicXC6FObF12nM3SbzRLwbTxZJzn8aT9kHal4Cab4u0c7XqYTJ/wsD0eUDrbciMxo2xcjjY +Wf+47ygGIt9SV7tTnEW7iFMLoB9RlhVEgWygLBA/eV5NY9+8baM/WTy9zqTVpyw5765O698H +bzalc/NFwIkCFQMFEEHB+Toccs8+8pExxgECVp4QALYTWNt3NLVbRSvi9VNeoYfWUB272+Ia +fhaYzxwzJV8MBjyl87B4KKw3+FPqYS2ziJL2UDva0r6jbQ0X6rqBGuuSJJrVVum2P93/faUy +X7X+WIg8w3oFmRgW/LMkNN0fl8290lt7d8KtXWNjjeGt2VCm0yLt6a4vgdEOrfq8Lm6w5Pqb +7ZBqPo8DIY7qDKB650GkF/wXdIR38IDdXru3Y+hCIQROhp53w8O5QGEjcZeioj432o4cQICg +6bEnZo2UCH9B5363oxY0mdCc3C+pICquBNDcmimYgNeF/6+vcLFixBHeo8+UiU3EhvscX5bg +/UgmHSu57q4a0wxptz89LenfugKbTCfvMcRZbi8Z41i5A77dLwAJUQ1CX/K1+PD1E37qbBQt +0Drg/JhCZXzASvg6pl7D+oBcyn+VnIO+MIGgN62T56Ldq0oEKsf0eUu+VqxwEuCptiXWdiLx +VsqJgSbjhQksd6SrgOeCLAOJm0nnlXFKBc2LXn/klmwBAUxiuITI8P/m6AHM2pAhizpx7jbs +WW8Hucr9XGOPg2Iml+upfrl5uKyzvFRaV93Qs4me1V4++dzyfWJGl0Zp7tX5xt7VLI6Fj4Xx +qYvZBMk7jRh6amVUHcK2Iswn9stbeNfq4wAKl9FaCxHay/e5kHAlIUZmihbp6Z8rBd7tkOIp +cxugiQIVAwUQQcIMREljPlxiKUvBAQIlXg//cQc5RMAZ2yo0aghmp8AzRW3fmYF9Qo0QqYV7 +ByRZfb1M5az0VvmN7MkTCrAoNxYCgD5aJWK96+SA0oBx6Yf9AU942XjkNhnacm2u0ny1WYZi +gb3R8c73YJtR8oTQ7QIV5pJdoOiPKPIedKv2QKynlat2Axhm/TeHSsTpo/rwIbLvgCqMV/ql +822AnIDfiUnfztvhbFctNKJv7NMKDI9fNo2LftnwyuCbPu3QeOKY/MEKKTdQ7/5EIeyv1pig +P7pwoolLbFWCGH1ytB66w0uSUSyd9bfJYKXPgKJWsJUkQz4boav3XmaTwtqr5+tj+e9vO8Z0 +K7MpQG3E/GzSSe3/5+3jGPZW4QqAus2mtppPxzehxOkB8Kbj5MOtImirvu/JZQ9If/NT+L+4 +dqgUHI1v6/x6bTexbwBXsqGVVkrZByn0e73IItgazXYs5ZIbDBt9Fk/MJJspWLhcPH59cqQk +6TFd5clmA2FeazmKDEm1xz7J+ijOmc2u7DHQ6ZcnHlsbs4eRdHIaZvoIQ3kSsq01QVcHaHaY ++gh13HFcleoCsgrvhU1mI0tX9veT+7yzv5wwSt1MA133RRN7zE73frMSa9GRC2gHYU3JkWUa +fyCJuPA3kVDimEKJpYtdO4BFLsSYRK8JmvWGipQ4ROJMXKD39y9dSIj4IgZETscdUn+j60+J +AhUDBRBBwgxYtSskcsdHgjYBAqBoD/9J3w68fOYp6bpalS8co0ABqjZUdgI3mBVQgsGikjVn +CTFQMmORjtnoxpztz19qJ1K7Jz9J2h2M2sDamsLwKHAW8Ni9PISoOzIg5uYBOAdf8K3zPVjg +Zttkae5qyR8diC6eGhvDnxn99x46q3lE6qezd7ORTiMHSZt/k4l8NIQRuxpx8HIBID6GxgfZ +zWxlL9nBc9Hj764h++I+K5f4StqLWNKKe0mmJF4WT3SNLPIOmERqwrmhBgcFHAr+opzUCUBm +VRBXKHiSHscYlKrz5ap8Oux+b15A5Ybxhwxdp1u7hmoY7Mz/VBEd1NagDKG6S4hL5uyxv0WL +QwyBsvECyYHfVlNE09Q5iuy164LJUspa9EM+aC8u/e9uY7JOAEwPvcddTFUKMv6PSX2JOItJ +82nM6+xIlBiWDL4jSjsnudjJvQI6ez6nbimBkgbykasafHEfcVbnHD0vzLyk+fWGt/KAjPRy +ZsLeWateQ7tU/YdqaWD8jha7kpe1fqPasWBHYvwtUcAcD57US+o+4F0iXfWliYnfkOqir77+ +zMmpvPWHEURzl4yuOGQEq7lcCHthB04xhUUdRyL9AchQIb9o8rb4t05u1MUlxVq2sw3DVPcb +Qj6FNfWsVMcsa0m6ze4M//AwyrQQd+7RKA2/OCenO0d5JOfV/eNRkFfkQ7ASX6efeIkCFQMF +EEHCDFi1KyRyx0eCNgECoGgP/0nfDrx85inpulqVLxyjQAGqNlR2AjeYFVCCwaKSNWcJMVAy +Y5GO2ejGnO3PX2onUrsnP0naHYzawNqawvAocBbw2L08hKg7MiDm5gE4B1/wrfM9WOBm22Rp +7mrJHx2ILp4aG8OfGf33HjqreUTqp7N3s5FOIwdJm3+TiXw0hBG7GnHwcgEgPobGB9nNbGUv +2cFz0ePvriH74j4rl/hK2otY0op7SaYkXhZPdI0s8g6YRGrCuaEGBwUcCv6inNQJQGZVEFco +eJIexxiUqvPlqnw67H5vXkDlhvGHDF2nW7uGehjs3P9UAQ3UxqAMobpLmEv27KG/RYtDDIGi +4RLZgd9WU0TT1DmK7LXrgslSylr0Qz5oLy79725jsk4ATA+9x11MVQoy/o9JfYk4i0nzaczr +7EiUGJYMviNKOye52Mm9Ajp7PqduKYGSBvKRqxp8cR9xVuccPS/MvKT59Ya38oCM9HJmwt5Z +q15Du1T9h2ppYPyOFruSl7V+o9qxYEdi/C1RwBwPntRL6j7gXSJd9aWJid+Q6qKvvv7Myam8 +9YcRRHOXjK44ZASruVwIe2EHTjGFRR1HIv0ByFAhv2jytvi3Tm7UxSXFWrazDcNU9xtCPoU1 +9axUxyxrSbrN7gz/8DDKtBB37tEoDb84J6c7R3kk59X941GQV+RDsBJfp594iQIVAwUQQcJs +AV8OhxiKiG0qAQINrA//X+Xs9TVhkM9kgaR9e/rQmYvQF8NLrmsI9qjMxVZpwbJ2U8l1kYa0 +QE4WlO7A/Ct5fQ+Hji4fNZ6GOl8EjKKBJKj+fuvNptPQu/fOq+uBPHPhXUpX7D9zj7+B6JFn +uWTD+TUXO1hlD1qJ3vDDF/LdNpwchiKHDV+/eR+NcCS3jd5T50ezI7UsuwsTobjRkPJjk5bM +DgmhwNKMh0tYfw/JmlBkgp654r0IvBCa6iHfYu35Q3pW+/81t4LIwzPotHyPSo2xOnhCzgPZ +jMujnG4MkFFeLLAhz/sq9mHvawS4PsizI2bgSVY5vmzeVN6TD5hVec0UAgvP2jGMMSw8LTHU +dYqD6hcYwxYBMBOV7KLTFzHZXZMX8PZ+QpxfxyTIldaG7rEm8ASLasdMDHse8YxQLszm7IGj +sKKQ42vn1BhIkcx/I27U5PFLnieGB7jy3byJYhLNfHEFGYkraGcFYS8csH6GMhX6VRxDZqIq +8chDu2FUgnPSfmV1ZkWAAr23m6Y3FZuhpnunCcTYsijvUGvt2fs11ncfCzLh/dUCOmO91rlt +3yJLqhmQ1lEP1qkMYagBmC9WnEGfRcyuf22Nxhqhl9ey1dC/YwVeHIWBvRgdb2ykxPFQ7pTa +63aUWxW9iX+/FWaZGAhmIHh475NBYHXXYBYeYN4unYbI+KEyhV8QOKeJAhUDBRBBwm9lvjCx +8Xcb7ksBAg30D/43YONSAi5a5yNRDikGC6nAwRKXYxd/29ZqpJMczZTMq+14Z4L72xpn0u9h +6LmzCoRaOxUcYJNzlTEQRFJzcLbTqhypi7ktL0DM3r2kp9b+hyBNa/M9jT/YnQcPE+joMJtO ++ZxHXa4A4vZ1hkASpg77TiORP7oSx+TjkkGrEJF4Uvlf72/nqEmUrUBQ77OFPLT6EE+FJ3cB +uWOVgQQnoqAyNZXmVOLxJd3fFjf40vEn0F/+24C4j0rHUFYByuyHyw+rmxCnjSStUzPbuNDq +W8BKHNQx74AdkqD+otKDuvjYoJiYOicocVaDlWWr1yapeWmYSwS5a0waUkS+G44R0TyCIU6d +gy91rIr7AMB6cLGWNJSOTKy6ZNX3Bhh17qUW9if5/7WQrGe7sn8hEKJWB+Wt5uhbKDM+I3qi +lUX4hrlN4nM2+Eid9rf05+/oK8RP9WmeH8axPOpw2Fm61vTTVU4Y+FMHMQUFfW/liRxCwhr5 +ZOKfqg/XDXwfLI/n/D7duydB/ISbnud+xcvNn9afPIXjyni2mHEQh8aszoE0qzsS4tdo/z+f +rEapfyUsYHGCoD9J83p7bYnGky+u7yYgZjxsgh+002Hd3mQ52kTEklNOgKJYU32Q4WDLqZLX +j8FIsort61JC9dLtuK0wSY0a9dKkR9yk96Zps/Cr5Fx+Ezxmy4kCFQMFEEHDJKQdTgL6WBFA +pAECl3wQAJp2M7MBz3ItjSEe2iPp+rN5bERxXPzXTQmQHuCcJJdZpmalS5as5bdpk+3Jl5K0 +aqWS2Q+vMW84Phv0U69zp/TAX8wGyp4+jcAW5dI3pum/yQXPwwb9Tj8ZxHsifXc7nV51ooik +eGvOq4tYCcikw1caSpeuqZNYqCeW5/F4dgvGh4rUgjD9wfWzrHtm+M5OWUryuIP9pt322Ggr +xyjb6jlHQqoo0qAmAkGTjp4Aa5Z9xz4QkHomTHlKyl8bS2i7MR8302to7zydtWII9qM402RD +A82D9PRSGl59f0b9DKtLmRTXvPjsefGkdmin/bFyKZCcLc2KvXhHJ1/aXwMlM2cYG5TjO/dp +nYKEd4naE4x4qklPdpLPFB8G//wO8bTD9NcEEFzl4WpUUZPohiT8NY5g+VPU2fAIRuvBTRVQ +eLApGAm8Nucoi+lVlXosG/2mfHfwpzdEA8OWzVtJ4EugZb6j68G3WA1DNq0SOkRKMbqvzRFX +UNyjPx84NX/F9SXBZn8xZcmSJYtYZQ7uPT3JKP84tpJolmwF17SwYGGYs+DTUeH2riSjoZsM +3IJyvPW8JTZ69dOXdNCPA8Epa4rszGgWa5WGWJM5f4NXobVMHWXIwCwcejwF+lT9OaFfkRS/ +xLUUNoEU2hgQxegYqXu2/mkkF1c2adUYirl/V6dI7iGYiQIVAwUQQcNjVImkvBtYMMYnAQLn +kBAAvxkjHtEg86rBWtrpoaMifoikWqBTMT087nq7Ov7b8NZusq8kKMq+o5o8PEdMo7fQLB22 +K+JuXynAAi3aRQCf8VW3XD0en5wlMAq3m0Cj40EKwYMSP/695pwbFgpynw4TIoFzWAR2o0+K +6RM2yLqLO8VeNGW7L/jcaQmYKumOxHAX6A1e5ocCsxfCB96bZRIzt6TT/zSbiFfSoaTUu+hw +yePEuQhoqgK2Ys7w9TbB1zinlGsbV0Y7qu2+ZhlkDbY5q1JPByShmboDtWEH9HlBDERaS00Z +u4KyhiNeoDxrA6x181XohmsVTtreqJbrdPNXwgOyvX1HgfKA9Pj1RSLExvb8vGkMQTmMV/wp +9I9fjhlCSg9bFxwmhjx7fb8xyC0drLmPDaXI9KlJxJp/fxs0W2k9rrPAU5DDOgMJYWmnVMh3 +Av9+snLdxBBhyFPxsLCymTpY5LTYYFIAAvO0ksuN2EIBsJmKlFT0CqD2BSUS6Uvy0FuwvQqN +I2rxbXOqtZzsJCx+uL6Aj+U2TCG8L+yY920kUxwJSc1ytm7U1eBU4T8BE/FB57DX4lQd+dVB +HosdigPDvBm74u1fZUgmUWecLts9hlZEHXoyMsGZEtTTXv+CgkoRjTEIDnsAPsIUAgsQPv// +//////////////////////////////////////+JAhUDBRBBw2NUiaS8G1gwxicBAueQEAC/ +GSMe0SDzqsFa2umhoyJ+iKRaoFMxPTzuers6/tvw1m6yryQoyr6jmjw8R0yjt9AsHbYr4m5f +KcACLdpFAJ/xVbdcPR6fnCUwCrebQKPjQQrBgxI//r3mnBsWCnKfDhMigXNYBHajT4rpEzbI +uos7xV40Zbsv+NxpCZgq6Y7EcBfoDV7mhwKzF8IH3ptlEjO3pNP/NJuIV9KhpNS76HDJ48S5 +CGiqArZizvD1NsHXOKeUaxtXRjuq7b5mGWQNtjmrUk8HJKGZugO1YQf0eUEMRFpLTRm7grKG +I16gPGsDrHXzVeiGaxVO2t6olut081fCA7K9fUeB8oD0+PVFIsTG9vy8aQxBOYxX/Cn0j1+O +GUJKD1sXHCaGPHt9vzHILR2suY8Npcj0qUnEmn9/GzRbaT2us8BTkMM6AwlhaadUyHcC/36y +ct3EEGHIU/GwsLKZOljktNhgUgAC87SSy43YQgGwmYqUVPQKoPYFJRLpS/LQW7C9Co0javFt +c6q1nOwkLH64voCP5TZMIbwv7Jj3bSRTHAlJzXK2btTV4FThPwET8UHnsNfiVB351UEeix2K +A8O8Gbvi7V9lSCZRZ5wu2z2GVkQdejIywZkS1NNe/4KCXeJyK1q+UjT+CKKGec7TOYEdSIZR +V2xAwk/DivnQIkuagMiaLrmX8GuzmhflT4kCFQMFEEHDY1SJpLwbWDDGJwEC55AQAL8ZIx7R +IPOqwVra6aGjIn6IpFqgUzE9PO56uzr+2/DWbrKvJCjKvqOaPDxHTKO30Cwdtivibl8pwAIt +2kUAn/FVt1w9Hp+cJTAKt5tAo+NBCsGDEj/+veacGxYKcp8OEyKBc1gEdqNPiukTNsi6izvF +XjRluy/43GkJmCrpjsRwF+gNXuaHArMXwgfem2USM7ek0/80m4hX0qGk1LvocMnjxLkIaKoC +tmLO8PU2wdc4p5RrG1dGO6rtvmYZZA22OatSTwckoZm6A7VhB/R5QQxEWktNGbuCsoYjXqA8 +awOsdfNV6IZrFU7a3qiW63TzV8IDsr19R4HygPT49UUixMb2/LxpDEE5jFf8KfSPX44ZQkoP +WxccJoY8e32/McgtHay5jw2lyPSpScSaf38bNFtpPa6zwFOQwzoDCWFpp1TIdwL/frJy3cQQ +YchT8bCwspk6WOS02GBSAALztJLLjdhCAbCZipRU9Aqg9gUlEulL8tBbsL0KjSNq8W1zqrWc +7CQsfri+gI/lNkwhvC/smPdtJFMcCUnNcrZu1NXgVOE/ARPxQeew1+JUHfnVQR6LHYoDw7wZ +u+L///////////////////////////////////////////////////////////////////// +////////////////////////////iQIVAwUQQcNjVImkvBtYMMYnAQLnkBAAvxkjHtEg86rB +WtrpoaMifoikWqBTMT087nq7Ov7b8NZusq8kKMq+o5o8PEdMo7fQLB22K+JuXynAAi3aRQCf +8VW3XD0en5wlMAq3m0Cj40EKwYMSP/695pwbFgpynw4TIoFzWAR2o0+K6RM2yLqLO8VeNGW7 +L/jcaQmYKumOxHAX6A1e5ocCsxfCB96bZRIzt6TT/zSbiFfSoaTUu+hwyePEuQhoqgK2Ys7w +9TbB1zinlGsbV0Y7qu2+ZhlkDbY5q1JPByShmboDtWEH9HlBDERaS00Zu4KyhiNeoDxrA6x1 +81XohmsVTtreqJbrdPNXwgOyvX1HgfKA9Pj1RSLExvb8vGkMQTmMV/wp9I9fjhlCSg9bFxwm +hjx7fb8xyC0drLmPDaXI9KlJxJp/fxs0W2k9rrPAU5DDOgMJYWmnVMh3Av9+snLdxBBhyFPx +sLCymTpY5LTYYFIAAvO0ksuN2EIBsJmKlFT0CqD2BSUS6f////////////////////////// +//////////////////////////////////////////////////////////////////////// +//////////////////////////////////////////////////////////////////////// +//////////////////////+JAhUDBRBBw2NUiaS8G1gwxicBAueQEAC/GSMe0SDzqsFa2umh +oyJ+iKRaoFMxPTzuers6/tvw1m6yryQoyr6jmjw8R0yjt9AsHbYr4m5fKcACLdpFAJ/xVbdc +PR6fnCUwCrebQKPjQQrBgxI//r3mnBsWCnKfDhMigXNYBHajT4rpEzbIuos7xV40Zbsv+Nxp +CZgq6Y7EcBfoDV7mhwKzF8IH3ptlEjO3pNP/NJuIV9KhpNS76HDJ48S5CGiqArZizvD1NsHX +OKeUaxtXRjuq7b5mGWQNtjmrUk8HJKGZugO1YQf0eUEMRFpLTRm7grKGI16gPGsDrHXzVeiG +axVO2t6olut081fCA7K9fUeB8oD0+PVFIsTG9vy8aQxBOYxX/Cn0j1+OGUJKD1sXHCaGPHt9 +vzHILR2suY8Npcj0//////////////////////////////////////////////////////// +//////////////////////////////////////////////////////////////////////// +//////////////////////////////////////////////////////////////////////// +//////////////////////////////////////////////////////////////////////// +/////////////////4kCFQMFEEHEK3dWL3RV6ir3SwECB3IQALkhb/fDBBhTKimR+5Qzcj7z +zSZ2TfMNBwq+Wr6p5X7mU/1w2SHYNmOLGDs4Eaqto5CTJ2jS4U4B/Clow0LOTViY7pg3Yrzf +gQPT+omA1aW+if7UNCmEYvUBSLSJXOWUAdMfsurWPuRbbnjczurpevoZCvl1RwN0wPRehfAC +Fyw0FlJoae+lBGUGgpF9kJyZ1RdguNd0AneCCr+XsbeGJ8sxpxYyLci3A2Am5pioxDbz/l6f +dKV/RwjdmOjdlD35k8vUCoGZQTjbB4hLpWkfZecmF0TXPqT41+UZoRfx4dsG4146qEsGGDQM +KGFXd8Rm5yNvbmgso+gDI4QKLukLCkq2ZoZ0mYb5QeMbAcQ9iUMnspFaIn7K9yyBqNCs55Qu +3fKfKbMnBnS4GoYojU6179wlFkKJV6cO92NCkNvv2Do40ucvGqpfaa4nDvQf35dkj6xukN9R +13d1RmAnmBxdx8e+mpThUB9lwwhoIRUwKFaSFGoVncMaIfqw5tj9DBm8wAGN9lmJakM12C8v +VA2zKH0L7KPxb2u036yBPxPzFJfUATmioUhKHBky9xhGfBUSS8DHr4hBygvCYLcyaYdh9cyV +juTdM8IYdVxFaaWhzxhNdK1G/iZGxFq/CPS7MgfCrQhwg57/rpWonaM3pRc8dGYp4VC5c96X +5yPOIk5Yxr6wiQIVAwUQQc9h1wRVjUj9NCi0AQKfvQ/+LCqte1ajVbLVGp5u+Q5bAxTO3nb2 +s88MYOmprZ0sDXxNT/vPrNCIx0sjbPo/tPdBrVMrVPA/VaTCMRpuWVLcBlqOouk6OfXMMRbu +7uk46p0dJyIrbgdQOesruIMtdG5KBeaBzfFG6lPdiG2y6a+38BOwgyqvwjUzeIyucqq6gq+9 +5ufi58MzBPi1tK776loTdNYWOJBJhf+ue37UNHirtThYzEpk+NdA/k7VVp2919DfrDdQsyok +vyCp2OzryP1IgMeJjtGZ1+yB+4cWXMcJ3idLcNmnPmE4xvI33r5myKULD71ooU7cIFa8MbE8 +ABGRMSKOZhOTdsF0oBzkPDcVljOjDCy2b498ThCYNKG0SFKhPXjB6yaWNhL4hkSIZLYq1emp +aNNZcgQ/TVWmJOL2kMEtQiW6yk85gOS4+l6JpDQDK7/w5NlvFbL8tO4W/qZiMpc8N4Guklmb +HaNiQROGnyxmas9ZhAV5ZaYALcKiKfI6OAmmlvOb3xEybrdtYLFuQtPdBnwjHo/5o88EmwV7 +YRf2FF7cwD0zy100sBchZxBL+wm3UB/+a6Nlk+DFkGOqp+JsFTaK2o4iUnX5IiPpNPC/5chF +FqQ5YDCgFo9X4DY1A9bXmLXvw05kH8DF4VhbxZn6SslH5MjA2jETuEbB/9zXYjFM+ysQ9D5z +CxToMf+JAhUDBRBB1tAyl1IjhnySjoUBAh9ND/9xWGS8AgG0faic0vzr1XvmCGGjrTW+I3YL +r7WhJ5oU/RKSVgpOKfoHj2vqRdvVKCRuzi3+dYhro4vaeLn8i/oNBTbG2D4Xjv941PS7N01g +FT61oJwTpdkr9EZkPEsbT1fm6qYgLe0+Z1vf8QKfJapO5Bs05NWm9AgTm2R7oNB2fBndkbLI +TiDFtKWlMc1VyZWMN0e7zWsN4Y47K41HBBm2cpXO2mL81vi2/hygHXxk3g2U7psKlyVacGV3 +b/fs2zaIxeLOA3uC87LfEGqZhr3v+G4GvJ3puwbi8PompeIdRGm0HmIwwK49ltF+69Ej1/Lk +OD5uXCMGnOoNOdAGaiIEWjmEQeTB9ONMYZbqqfAsMtcf6UEE+tVd+fj89PCbpMU+YJX7qFlv +hOCiI9GIhPftKyOsoSpzLXAj+kuBMSq09qAb77kHiMOzuRNlvpkBjkWKl2nHWUzSi/8Uc+4+ +7yajKQDTs/eqvMYfsb/MBVf4f9Te07Jep2VP9SWVht/Tniza+VErrwNJejDVci035uEV7A+o +M4w2ACee5kFeXjZj4/FOwUmCyvx1RslBpK3aWwy2auvhJV4By8/WUs2UtnGapb+xF7TvviOD +87XSiTFYEu8P3X5q5CgqKXCbHpkncyXek8rqpqONXj6/P5H4JFAUGkhPZ3okSsgCV72PJ7/S +TIkCFQMFEEHW0DKXUiOGfJKOhQECH00P/3FYZLwCAbR9qJzS/OvVe+YIYaOtNb4jdguvtaEn +mhT9EpJWCk4p+gePa+pF29UoJG7OLf51iGuji9p4ufyL+g0FNsbYPheO/3jU9Ls3TWAVPrWg +nBOl2Sv0RmQ8SxtPV+bqpiAt7T5nW9/xAp8lqk7kGzTk1ab0CBObZHug0HZ8Gd2RsshOIMW0 +paUxzVXJlYw3R7vNaw3hjjsrjUcEGbZylc7aYvzW+Lb+HKAdfGTeDZTumwr///////////// +//////////////////////////////////////////////////////////////////////// +//////////////////////////////////////////////////////////////////////// +//////////////////////////////////////////////////////////////////////// +//////////////////////////////////////////////////////////////////////// +//////////////////////////////////////////////////////////////////////// +////////////////////////////////////////////////////////////////////iQIV +AwUQQdbQMpdSI4Z8ko6FAQIfTQ//cVhkvAIBtH2onNL869V75ghho601viN2G6+1oTeaBO0S +gkYKTinqB49r6kXb1Tg0bs4t/mWIe7OL2ni5/Iv6DQU2xtg+F47/eNT0uzdNYBU+taCcE6XZ +K/RGZDxLG09X5uqmIC3tPmdb3/ECnyWqTuQbNOTVpvQIE5tke6DQdnwZ3ZGyyE4gxbSlpTHN +VcmVjDdHu81rDeGOOyuNRwQZtnKVztpi/Nb4tv4coB18ZN4NlO6bCpclWnBld2/37Ns2iMXi +zgN7gvOy3xBqmYa97/huBryd6bsG4vD6JqXiHURptB5iMMCuPZbRfuvRI9fy5Dg+blwjBpzq +DTnQBmoiBFo5hEHkwfTjTGGW6qnwLDLXH+lBBPrVXfn4/PTwm6TFPmCV+6hZb4TgoiPRiIT3 +7SsjrKEqcy1wI/pLgTEqtPagG++5B4jDs7kTZb6ZAY5Fipdpx1lM0ov/FHPuPu8moykA07P3 +qrzGH7G/zAVX+H/U3tOyXqdlT/UllYbf054s2vlRK68DSXow1XItN+bhFewPqDOMNgAnnuZB +Xl42Y+PxTsFJgsr8dUbJQaSt2lsMtmrr4SVeAcvP1lLNlLZxmqW/sRe0774jg/O10okxWBLv +D91+auQoKilwmx6ZJ3Ml3pPK6qajjV4+vz+R+CRQFBpIT2d6JErIAle9jye/0kyJAhUDBRBB +1tAyl1IjhnySjoUBAh9ND/9xWGS8AgG0faic0vzr1XvmCGGjrTW+I3Ybr7WhN5oE7RKCRgpO +SStlG6Jr3/X4FJXiTx3sy0rcpTdysyyUHOENlgUptwcXjv941PS7N01gFT61oJwTpdkr9EZk +PEsbT1fm6qYgLe0+Z1vf8QKfJapO5Bs05NWm9AgTm2R7oNB2fBndkbLITiDFtKWlMc1VyZWM +N0e7zWsN4Y47K41HBBm2cpXO2mL81vi2/hygHXxk3g2U7psKlyVacGV3b/fs2zaIxeLOA3uC +87LfEGqZhr3v+G4GvJ3puwbi8PompeIdRGm0HmIwwK49ltF+69Ej1/LkOD5uXCMGnOoNOdAG +aiIEWjmEQeTB9ONMYZbqqfAsMtcf6UEE+tVd+fj89PCbpMU+YJX7qFlvhOCiI9GIhPftKyOs +oSpzLXAj+kuBMSq09qAb77kHiMOzuRNlvpkBjkWKl2nHWUzSi/8Uc+4+7yajKQDTs/eqvMYf +sb/MBVf4f9Te07Jep2VP9SWVht/Tniza+VErrwNJejDVci035uEV7A+oM4w2ACee5kFeXjZj +4/FOwUmCyvx1RslBpK3aWwy2auvhJV4By8/WUs2UtnGapb+xF7TvviOD87XSiTFYEu8P3X5q +5CgqKXCbHpkncyXek8rqpqONXj6/P5H4JFAUGkhPZ3okSsgCV72PJ7/STIkCFQMFEEJNLwqz +ehAe0Bxe2gECQ1IP/i6isJXK7LsXl9/u59aUtB2IRi5TtaoPLVfSvsIUFYaIRpSIlqJaog8P +usTJSpZjn25dLxfjgqL1kZMQ5Wl5YII3lyWPcDsXBrrfS5kPrXhQqjpSFpnvK8wNxP617VeE +4xB4+3WlzZos6hQch1x4xyI4HqRhQqp/QvETJejjLkPqWiXCs5wEhfajQ8TuGPLFulv9mo3S +j+Un/bIm8OBfQXsKI98ABS03pw6IysA7KhN6ZbmokB3x1BmPWJDf65nxDsAnig8UZm0tHW+j +ooX934e3e2/Y9qdYsWwtFgw/NYCbYj7UI2rSnXKgX9xEYYwUeBFSBztgxIV5xZs/SrSVNqLn +GwoKm9Bde4kPLBSh/wTJhlXcyVJRgrLjpd9y73GoP69LVzSkDO06dbyOAAZidhV1kzs7c1l8 +I0MK/QSaldIs7wcWYIfxNBz8lZYewlcH5frCmc9UignVc4MnroY67fSkgCzgaJiIuAz66Vvt +UQ2Pcu9yj0yX4bpNJ4SL4IeNJ9Zym2vHXsC/6bDx/NhZSZ8yU5Jd3bcTTddMGJvgTV3zYKCN +GNZY3EisEWkRVU7JebwSdQU15s3XjgdqT9APOrmPA5qtlFlxEFzhwEHxvFjYMfrWCjw8jYAn +/fQyW5xBUvcniD/ECDiRFBVSaJZVyHd1MEVEKaFPVlwQvxjxn2J/iQIVAwUQQl/3I8DP1jt6 +xA1oAQKlFw//XFXd3Lp/KPVOYpKqHychHXgNkUX9/9gUGopI9Um3sRGkCCPaEOBexOX04N8d +nWTYTTfWTqGE7crtsFB+3UkWzHzsbtimDXPeFMsifJ/qv176kYTLU+fuXpj92cGkkvuuRTq9 +ay3XGZW2dNajUeirdmvfzhAY4wNfzW1665bqNiJSDNg8HvIqlBwT4kC/12VlNZfeTH+1FXRE +4db0vtI6FWtNDfI+9ASURUprrdQlVZCubVFrnDE81/FiR7lY17UC1sSQVNb9suLhvau3HzX6 +arvZd7PNX2rLgNGSZ3ZxhLU/k3kaI1YAdqhLdwl4svxXtNFGexyE0DW/8zJTqsSLUw33JDHW +q0ZvqCyZbZmkHEILhB4qKRJhH3YRVPQ1FCcgRZLSC0hp/GWWUdaCNTYxhMcstW689v0lP8jM +HUpoLq2h7Ex11/T6kfUpNGcGaBTuGORLEEJaQpAc7L6NNul+4PlDx53fi7J4VtdWQH4/NChH +Q+fp7g1cStH8d+iIMISKvUTdtMnobyTdS9BMmoNRj2hlUh8cEVWaJsfHfgBBe3uhpfDHUPLN +jWhaQma9Ikzgy2RTm8eAGTdlY7wJsvRkIFoaKwiriNRfFZ5WHzpxT6FNL74/Q3dK98z4GxMh +yHlFjU0yb2E1mzlH8C3dydxND5Hopz5+ukVGi6R1WhjEZ6GJAhUDBRBCpvDjQKHxvXNCKjwB +AogvD/9CdpWgYufKgrUjsWU0pRWLBpJlE1ihp6Q5tEfSHG0jfr1hrfbcPvgONDzFEB0VIbzA +tfClpv/zP5NK18u5mNA4uwxPBxy6eECebahKaHZKVRzdHCI4jtDCHtIykYci31MGZxN6v6ew ++E94KogCSIggtaIpOiMVSJi4C8A3STKzPT4AgV6Z2NU338BWI1LG1q+KB9R3zKMUxEsxbqZr +pW70qFKug/Gi4l0padl5X3kV3Y90mnXuGv+Ahe3r9UqC/K4GEEshR3c59QtRFoZsyIBJppg3 +r18a+TCpISMn0lRjGz5s/vePWDkTgQOi7ak+IWb2C/eYfc8eNvR8hUGwKTl7/Rk626NER/qu +pHxuX+YmtFxGsnvI7fyvxxTR6C51z0XbTAVpLLKlRWOwX0yrbdZZTTRrFTSfAuHVMWQn1jxx +3tW73f/t+OO/RpK0xAqIRctZtXMvWD8syid+OkKzLBpV/5ELcoSzTeDdPpJDEdLfKBx2bULG +3irtNrAOh9Z8CDwH2g4ldOHwB+BKzTaQ4les1xjGd5rxhOxSqu7JDyAvG6EWdbvmvj5G7xQg +BNIJIHfoVv5YD9/HX+Gd2pJS7b/3cF5ztgikAX8ANjoFVSpbzniRMcxHPSPY1Vx0L3nIfhUC +3F8y3Nj8CMe1JWekv52LOQBvNkfA/z3E48pqG1zcwokCFQMFEEK6kpvpsJZTSEc0NgEC4E4Q +AL5Tdml60YkepLrCsESwo8C6QNsLQOiCpQT7hh3Yxshigkw4vqwSlg9QOD9aQCP0GaGLHyVU +fy3ttypWULrbGP4GUYcKIsqpFUs23dlc8Icu85Ugy/WfVmt5fZaw/GSLzApuAmV/jboKycfX +aO7NM9ueTsEhlgPrPHWKzBqrAcMHX7kowHzaQGPfccmE89F7/vhLPJCeqh1mcTKZ18m3g/bZ +4EnRUWMK3eWj9X/0b2DIPpq62V66mUCstIbVjeb017IRnFR2g6MYmoHHQ0fmHfm7afXq0KEH +cAhrAWuEdTNr55yOYIiMh+OIy/JlvrgQAopgCySoEmJ/if70uu/wRd6ZCGTokxS1lzx3h8NX +C5IRBjA8+fRhl+JSi0KSBui2FGNdMORN3CPnnGLBxM1knuRQv2KPHplx8fx0zv9vmruUFbKd +QVyz2QU7/OnTTIJhaNjGG1QOdTV4r6UU5DJ90Yid6SVjgtpeVtIa7OIBF0gJsDNHCxYSoVpq +0M0fB4XzL2r/1qTjj+hy2qpGM47izPuDDOPstcRzm26ovLUDN11tHJ+CDEJ8ydblo9UoigST +Lnnde2SEF5xNFeoDR0w9rctVVqiRkLP3Rw2tsluWVk9B0zyyyus+9vlavB4C9TQ8pq7jdicH +AN/MQyZUy5Jh1VgPlxvoZ3pWm3zhCS4TxGSriQIVAwUQRAEEBQadcfKmMTy8AQIKQg/+PVAy +mP73lBK4W7Boc7jYn1QqNZiYcCVzERaZgbmQLf8egOF7neDBb8t0n99foXc/GVoE4Mm44GHD +d03u914KsQ0z6bV4zdgZLuhT2xKIGFvjCgMFgdsWps+ytNb19JqiZZ/heSsuqoW3xXTNVdG+ +O/TUy6BMmlIibEVMSfiJb9oHXJFmFnErr4fT8o+/VhIilYEdyYTEjiGaxBCEhPS64nglp9tG +y+okfZplBt4PwDEKVqAMa1OjHIADCLnk4+8OU8BSYT48NWbVcjF3OhYQFXgm8et5j2KWD5z1 +uOij3eDDRtgMHGtsBI7WmzZDMFqhH7AQkT8EB2Ss43rr35Psn1Y15dU3Z1jQIl4aNkCa5vCl +pvzy0/L8xIC9ltfiizvl2WjBFt1vTTpOk0vE0qRykvEQ2VMVc1rmX2277c8uE/+UHPKXJyOi +m1mcDzmrIN6S05jGwyXitrBTTziz4Iw6xUHytKjZ2FID42sOjYRsg6Brz6tnVbB2YnqrU/Bt +cdPErp0BSrHnZaA64qiw+84klc7VGbfT/M8GOQRGluVuQ+ju4dj9jyzndi70/0tvzToypSch +czoIgHCFH12WvSB50O4zr9j2keOuR22Qi1SDjVQ6HmX2qjefEuKlJpMInuDBan/5YS8SIyJ9 +K20h2kZeKzQHFMp+gjFu7NJwSrvrIVCJAhUDBRBFQRQ9wb1Y5xKHpjEBAnZNEACFeGLZ3+u4 +QBIo+9Kthua10BxAxw56zEWGc2z0xFS/LF1LdPHpenUsufeGVu2kAMZHWz1+hSuiVzJ3cX6p +CVNQhKlS4+kIpKZkegHPtXiA6/YhRm0lrmDTrCHpEQVU0g2GcXtCmhuxmEsGH6OEsVB2IZKV +nE58CNRNtWl2F1iTySCxB38qArEIFrtEb7bSwaOGxQjrFFFkju6uQTmNCT9IEB5hDZoahYFW +rMKa/aZWU+CdPCJe+Ms5GW0wjn2YTRn6IQSLyjFZBGtMAYJt1Pem8rKhH6VF6mINOR/q02FW +K4zMG4Lcr6ZdYRNCxOrqQyVlzdv+BKYgsx1YsBG8GXkBN8x5Dc8pTYa5TbD0MrxhJcJ2jfep +EftW4yCXtlnDn2mDkEvMRuFe7ehOH7yr5LEMwa19T1ZuWw5LIySnuDlfQtLFaKPSN5tAales +6jstAn54lHRCt78tD5W5xamVkNyl2cMAgtfZtNTE2h18av4wXN5Aq/6Eh8TXJ8UbyDqbtATn +sEIgIiL3OKLC7OFoB8rRvawG2XqMJ1zBB9qnnoOytn5jM1sEhz+oWi+bw+w6PtIs7dpFnbjq +Z/0kV22WSbu/zaG8Dbpn/MtDLBWmXjegXiQ8Azou6aLapyfIjdL6QsrjpXbYuiBKJP2v3rUp +7lcPFujEVas0kxyHlcFkRRH644kCFQMFEEguNQ1qrbkXWzMPsQECpiMP/RkoYkwMzsYlw6gC +Hs8zS3n8LGP2XSc9KOVIjQJLehVYTlOYP3/FkduZMRZnQYIar483hB5OmEU2feW442f0Bh6v +0mutOahdT8WkcXkYXpXAGUVC6IoRHOmUvG39RY4uhGd8c4kzPI8MUnVEp0iauHQr0uhlL+d9 ++qPJr66srhB40MyUkliS7TyfkBKWgGlroD8c3ATs5+WbJ1qtipjpA77kMCH1VBSN4d+g1PMp +2mvUpEUu9ey7OWWryCNxOED7YMbgOIGV1hbTWI4r6xoKwNXWFsojlLUO2opmM4AUzWGh7p0m +TeCntAevJkqAX86IvUTJUWZr0cTGjWIOsPEmzq1dBSeB2lb7Q1eIIHQql8leIWbYpvKNm6RJ +cEoBoy4+qPg9sT0DklgopvS/SKPZThXXePruldCbiLJBE76v+FLZIXe6eAuyH6iymPhXG30C +JJIXHxXYjtbuhn57My7KVZHcQeFTuBJ9q027QbP4PqBCoOtFpGQ/lF/4H66L+cPpqKc3Xmfk +M2EszAdf7GTi8ZjeG95Uebe3y2+/0JGaJdkCWXsKq/G3oMfotQv6Mb/vcr5HpkHNbLnCF0U2 +H9Rnk2c5CABVQETO8gYOkmCYmvREnrKqW81wvJtm2QSupmSQvRZu3PikrnbV+9Jkul45szr9 +/vxnK1Jn6qmKkuPTKNJziQIVAwUQSMO1MesAAE/sXDRLAQJIyxAA0d0WXGiQKuLIb0OEWSGt +8OzK36PyIBwwFccbbxkU/VQ0jtnEHFgg1wGWtcb1izVZnOugcZ9uDJ2KegbKZ5I9VHijWUzM +wILiE6u2Ewgk2816RoRmljTKpqbUE0ZKvDczGadY4rKKJWKFiTaH0zWBNwFiRLrXQWmsjxZT +iYMIbRz5HwNT95eqZHY3MU828CuYZZU6fDjG89PgtGSyv07aJJb5UnrEYI1BZF02yQfMM0lo +C4EZ36Ultge026T5Zs8U2ujYjrWYfEb+uUAjMfw8sKsqoLfYA7V/M0BhFt3clzgfJ9WwU2om +CPNCVRNsIEok9QDC6WvH30NlpruDpZRdx5UvyYrCePKxdm37ZGiSD6UnAUUbjF7SPeu+rVQ8 +HyvLGWd0hLr6O1ltp6ZTLustEFNXMQ9Ubhlj4ojy/a2Fwa7rI0j2gUWYNQw0rf3Q5gdLLfnW +Qge/nd9iwePuIBls605TM7YJRrSNlxyu/6Cd+0xCW0NPSZwHCC9nKqVPYU+HHTQQf7qPdK8R +tv2LOs3zNePDckdfQb4pe6bSwbFamUc6um7FeME0Sua3MmMCO4Q0uWL5on+hlGD/0kAUF5Ri +WbHx1CB5yFHdowbd+26DvaRNMzLQO34+VgY0CtBNeULa0o2wOBlnBU3e1Mr4RlnOvSnCOpsQ +ofbfjDJWpyMphceJAhUDBRBJuMR7daXaSgV0VK0BAiCZD/4odPhOr3MzGvmUoxpWj5If4A3y +wHoe0tjlXsJbS8Co82e5TJK7unfJ91vt8jfemkda4WfDXMpixaVpQ7Le7IGhgr3wPcgCizAm +NB1rFrZPz1N+V7tAsoVTNT5PMr3myhzGCfRNrilYXhwYSCplnJrw5q1u2tygvHMvEIlDEuW3 +Y+CpCiIz3myJ6yYAZeth6rypcNeyT99wZJzha5HgRvX657sPy+gqzkCjsO8abPqxaZ/svJWh +X4EdJ8wZl+8sac9RAFADEzgWf8AeiXa0Ud/e5ZoKvOa4Zj2BaqlzkY8Kh0FTJbXhwTvqHQQt +ITlYQTMBoO5TIxZRXGkkUBNE6MAMnaUA7QD6nj2Pk5C7RyZDvaSKWuzBj5yUCCKBTeBkc5fK +LLH6ZStoV2bvNmiSjReAseFgnN7jeGRo0xYI/UnM8nnyht4H/UVAmzF0EFM51FO1tnwdCE5T +t0qcdyXRKYdMzYJDF9dEutpkulEq4x7jyHN+kSIOYEHMo+bffPcJ2QAd1OI0d55PC+Nu05r2 +lt2OyNZMmCQ4FyvgbT4BcxVUC6hICSV6DYgIzShbT1CqRqCovl3RzaZN/vyo40dJQvvCEaza +VAk4lXvPNy9vFjWKwD7vGIZ5AT6mfep1lb+3FSY+tpZCSkTlFPBP/E93XutoAPFQYT0Q6J/7 +QoUU7XL7N4kCFQMFEEoDQxDDhDbnyzazUAECw3kP/0nrAkFVwIQPouEB2EGVkl0uUjTKLUtU +0sO6+h4jS308MqoMEYrA57BOpIkS0CcCSqVeacLJqU1wlKhVxEtFpOMkjeKsfozjMHKuNnrv +maOr1kpXzSsoFIcjuxu9fc3gEp/LFD98PxuxMKaoIYT41mKIxf+WC4f5djicUv5okoBxPEqw +jWK+z/CP/D/MPj91c2LjoJ1eM64EuQucc7hCy1RE3T4jGgmEN4NPAOUpgKXb5BuHhak2tJSv +YfOCETQKlaiF1VVyli4Ig02qw0J+GxdqO8jagDVB/hBZMD9AHT4AKZ8tvnlOG3QE0FAtKPJb +UK7aUzIYvOTMi9n8zaMzd2KlwxnmETNcOgf4A5qfC7B+LtUQngGw7TY2kXvEZAsOhvw2Mdoj +UyCrZN8d+XlrqVZiXMLPfF/v7LDF05q2afh6bUMlOcoHvuL+YsGBhCUcYJ82+twKByHgsNzR +MFQffyFHEagDItyR/Rra93jxXbV57xESSSnfZnMwkor4G1ijpA2fk69SXAyBSCAf0w7uSzN2 +zQa7729Clq4DYdyKFRfgFuJA//iysu5Xaa6Js8MXhyyCRO27nhEPxpOestLH33Y5WSK0GL0N +idxDbiJcjlkXoa4G8pzvDcTqXHTPTqC5UBG7ndN6HOLDkVyBh8D04fDNnahu7u8ZupicPFhp +VupiiQIVAwUQTL08NqjES1zIUS8PAQIMAg//fpVYsDLSu8gYL7NMiSHoL1ISMoiN8erizVE7 +ir9mXgrLIcQkNULE3qkUa34jfzX4b6NHntICZyF5OpBqmSIYuTe7IhJIkkig7FsqsLhd355Y +2hthJAziXttdGuFu2UBXKVaLLGRMNg9URY8BlzLpSChMU2Xw2QBL79C1Zggp+rozp2qciBem +ZC8Y+cI5vQy5Wl7sATfVKfnmghma3cWu+MOxS1sgK5+ChDhuhTSh3Z8uw/MKzXE9K0vpgVGe +NklPVcOiZ2zdienCbygRwKA3N2YIard5JBM8jcF55R3S74YcHT2pE4RgboHty7uNk4QXoZ0g +nclYucf1FnlexyGkeMLSOwM29b1lrwohBfL3ustjOLNGGa3GjgGvhGC4Mw22lPA894tSJ4uk +lEa5no+nxgNNnyL6SAdC+Pse7V9JQGZ1hgm0oxYa4xETbwqz9TIXYVkdDv422va67ATNRMPv +xI2gdxCsjK7aXM21ayHX0IxvTFpvnCeBU+eewLiO8iyfC1Xw/Nhzlx9WiGZFSTGifHoYDNJ/ +YfDPngDEh/4XEboV4WsMDtfa0H5ck2kwt7RcwGP1LvapxLsNXETtdt1JQRh4wGUA7orIECdy +6dneqeeNa27PWRtBJzHxCVfRTICjTiaC2nu4bq7NwUJ9/7x8ew87nsLXa0wBtvfzEbw78FaJ +AhUDBRBMvTxyvQLhMiRygzQBAhaPEACYZkei6vIVOwzJGgL3fjRRprSYnO4L76rhZcl4MCin +MJw0iL+9izFMdd3gvlbl7iuYadDlNys4ab3BcqI0UlymVywczWCmrRke9bkrOCoTdoAzV9hf +azGiRfF2VR9PJTXyNKlnzXXGjy4A5XFxXqCGYUuzjhvHbXpdRm/uIJPT3ksOkwJLMm/g76hU +ip13ivXgta8t1ErKXir+5z+0r7DK8ewHqIf+PUALPab2oMMAopzw+HymaFNu+KxzJXbgu0tF +F64h9Q52/RkN3onWjqOIo2RYDVnpz5NAVCwc2THmzl65Q09AFfMcKd/BsNgFIZM43tiieXQ0 +zlKFQqdSOr7Tc00wfpYlDYMTdPgmDwNAk1casPyfZ3pjIMQpiP+sMLt/AgP0r5uSc57U+Is6 +L/Q8GGzI7X/1tJaOtG2vKj/nW8MQKAuK7Er0aR9QqpFpBI9JTYfkVct/4gsY9DOQbom7VByl +KEqO27S+muGpjDYZ0OFloz9gZbsz0xFYDD4zVWU2WjSk5vJXXiSXP3qZls9LN2oTahwaRm+D +Y7Uv329WG7uP7w53QCyWYOXyt2oEZx7NOjakND8f2LWgT1nEEIb2v4Iux22D8pclft9VgV3T +eeNIjD0rJqZ3PdKg52j51J7g6zlzRQn+8M3KKFJhqMCRFP2Hr4QrHsKFN178jMiui4kCFQMF +EE0xNthFwNk9KxpHqQEC/ikP/0jaQ4My1esaRI0eSLZJEq4lKCbgqksi+HAWs30uW+xfOTVH +nzP5CZetAaoR4hU+/r2uPTMoV1ey7ydqbCZ0OUQH4k5qBaboeAtpw8fMRjE5AmVzzHeBcTfF +YlU15IpI/GqBGxtUn3WdJkVFTFtW4BP7qjLzga3dcmw4y5MQUY7NN29MPNhGyT47/veKJqzw +FzU3Mp5QrMwsDMRdEgbb+7AJMS2vJeEp9Kxa6l0VnGqMv4fGwzLK6G4nt58nyEcihfeNNsHJ +jKJ4qx2BKiybN8tNnODrKdHTENP74eVzlwSBpTOZx5i5Mo6L+/wxQe9bguE13CeveNZE/opg +1Rbe5WDZARWtRqWf3M0V7S7AkTPqE62GPBNN4b0fEYD7itQwYJkidNN8aK91gF+CLMEIMLe1 +eVwnP6H4LpodjjJonsHnRdmwIkeKKv2cqmC3/w9kZLQDmBo5wGvDEVeM7+mB3e4/KrpSfbOl +bBuu1V+XFooWJlHsnoDjXUW7++m5mlzUQGm6YqWA/BLw31qY1b/cKNwOTQ/zHfZNU8R7zcz8 +31HQMpts7Jpwh2Fj3mFtZzfSaE77e6OaJmQOnc1nn8G0jx6m5SjCPj8+y/Jcm0Ekh8PUaU7Z +nc4s63DPEzAVYQyqfs4qZSFjIlw0WOfYIMSTO977mznPGaEZF8GH4n7M47l+iQIVAwUQTTE2 +5tSa7ii3JRN+AQL2Sg//Z3Ey+OiieKWNSCDCtPPxl5ttyg53rc/4X90eK7z6bcMBhXGZMDcM +6kum8sb8ixcgse0j+WbQi+LIVHgV4/IeFiGk+pddDG6JfUcMi6P+1oyBKkVySMynf913Wqaw +b27t0KAmRubLo768iInK8jgYZHpgLreOGbqvmLFPxMX2Eu/QpIzR8RSz2h5AlIHeO2qRaQYQ +Sd0Y3kqOD7fqCiUPe7mMIpWtfQRQb+pCeFeThXozyyTFG6jzqcbDeqaS8YS4Tn4pqmv+8lQD +0/cH4SA3xcI2Aj902ToElL8vo51gQGkg8t90gD11Yd9AAJV6z1dMqgyGFkigpoDcR9/vcJgG +MvPHZppwTGwG+DIb8NnVp6bAwZ0lxWuHIpdx5Hbejet4eXiLEGa2zE29ElckE4X/fOf8xWtC +1RF/j5Q194x3+uW3E4Cgf27j97dO4kZ9Ac1lAH6ERUu/0Oi/VO7s1pAuhPFHiZNTmbCtdwY4 +VfiXm4A+r19dUsqV4YcQblRkaVhYHve+47USA2Ijxe1eE+SSqjTDXRGoFTgYWEKGyiOCyFtp +S0/F6gvZ/ZT7aGPkOEOUG44N7byuqsFnYzVrDWvqejj90Y1QidVy+1XrmMuvWia4ZSwiEA2f +Ely9tk2Q7fOgcmmXmsMFbK6Z1Ii826NCHJYDxjTWuaaMw4xEYx9OVUKJAhUDBRBNMTbsQZFI +d/nBjkUBAuBbD/9086StS6T9bJ7Q4NXYB5hvhDtp3/55Y8vcPDr/M4SAGf3emGyjbKwsTWx9 +RO1xDJEGCK5Y/9MkZWillr6lXgGZnebphvvaJPsVl0xsOdcFzgKqkDGcjqSgnNmb5TDJBWWG +djPtERvKQM8RlW1Bs30K+sJ8yRq2pkDsrDFRNmIY2ZWKYdTX7s0ybkU17t2ALsJhS4OnFk8K +7dmSgfsYMSYDueYc2ynH9YRnXVmniqUf8d4Bvtc+g5FS2qajFcy6Mp8LkbiNbfArVeui3zO4 +LZU2eTaNQr3mpAlZKBUa2QFVUBK2iSPIf6v8P5InEJAb46+277Kdfys5Up442dUJRSw3aXaz +u4ozsFC3xYFGUyclRXAboY+1ZNDSBe+BEyFwUkI0EBouc396gyloblqmY0kIve44w7d+wUMs +sd/O29yf6pQ6iXZieDMVjDGS3eP45yEvxmrxuvpugTInuV+UCFjpMfjBOkDvhepniwDAqwZl +6c3l0xM0shSRqqg2jimAOmBRG3/qifZpFDJGe8D+tjrBf/M/ghQrHMIVdgARi6xEvdFgZU9D +XvudcX0TPDmQir9dr4reou9ZBeLiLG1nQPI//M1kb2gpnvztqs9NKccqry6yJPP5lESc6j9G +fzGaLUkX5vMqUFrI+L6ryDH+RqrwjqoBnsa4rrHDK0uMZSSjdIkCFQMFEFAyK4E1GL3ErEkG +NwECRoIQAI/3IHt9P+rJpCmtSXnJclZW+VMchh11CkLzkmHdUJnhRSUpKIyTLt65KWHWvRw9 +66csw6vzjl5TLWyt9q9hVTHAQ/F/DOUVeb2A0NJc93ahEVxzLSGeVGpigL1qzGoG42Pe+twV +KewfrH5vfuORsE+7hIBcXQthe4hAt+xIIwUtD+AwTukwdfMNvE/n5cloTjX1eMpODiww53EL +Jyx320XAktN7f0whyr3q/MuCN1/JmrmL1xiKcj77icD9X5LNtgPKYDkbdLOV+x1cv8azkm/C +Cz3TNs1M9dFXn9CQsw4WQnCnqd0e/52/LO421bLiPRhUrS0n5v/AtNzD0paDB9Hef9em0Ej+ +OJvuMNzFFL1MeqjHvtOSWuRLtfsPGxx3KZ4e92O3HkaIYGgLB7AsfSFxCnTaRc4A2ShMQQZy +yF9SFSDLZKCp+1IjLXy24+PpHuDfwZrIJr/FJ6bmUbQhJkSzA1PBHTKnLmXKcH4cF53HSe5d +VYjrw5YJY1aFnBXhntiKgzRFUBAHxSxQshMS7S8Fdjx9ZU614f7nz+T2zLUQ0/fKOI4CcIKO +zwfpr7UUlE/Uz37N0zt7F4w0or2v5uvtVsXDxRJgatRqqHQPtJLI9Ez2WMo15pku2A//u/qL +TQVpuuP3bfksb2r6P5dXTDkJnlJ4KaKTIg4kG6duxDINiQIbBBABAgAGBQJRS2XWAAoJEKGZ +nSd7Sfnvow4P+M9S52jgcJb0GTbYTOGg34tIYck9mdU5Wtoh5xfbmWUPqve6bp8JlQyW8j92 +Jsn9eh+/VUUcN5uWwYtqa2rNK+V7PtucV8QhSDH5HDcvFX1KB4gjfRkB/mgYVLhe9cnmL7q6 +qxeJ1RPO8CEgeSWdt85sP01rLGoxKIvpS/OLEUsbCLSl+HQnLuuNpdUjvamNYVjQk89y+yHq +ijI65yu+3Yw9fNsm+ER1bsgy+gz2AcfCfkZGB0BJ3fkyuX5EIdSG5ybYIAmrA/gvd3ebQ/6y +H0Bt6ZTC/SyNaXDyjJyAuVC2/Vz2YoJKDBvy8CDUiae69xFvFPjXsMkAyiRk/a1OMvuo8upe +PlkAtDNk1GTOuAsCjYWMeYhUVVf0zRnp4/Yrl8Or95l/oYLHGOaVW7lJRH8N/S/UivxgV2Pr +ueti9L6A68KxA3i7cRlnm1EQq6Uv7vvKVJYIlaYZ/Cu+lCLFGOZL6Hbqp/a76Y/WOm2PnnI2 +AexahpjDXLAAc+1iDJk0Myz5LXh/KjqsbG7bUpwq6fLGB3XV1qq17A9BVFANRcF0AIibQthz +vlhWlGZllESvBA233IjwdSz1iW5stYjp8HUv6U4J7HJUfERFqWvE5mqkBS0Ur6twpOxgfLup +nCRFEEZVNZzG4xybm/jecGRZSvq8Z5emyxHM/yjIWHXazYuJAhsEEAECAAYFAlH6pyAACgkQ +d939yRG3vMuzgQ/4hb6pog5uZYTHdyaWTxFX0ku6fW301dmUWfC6oDLZ9tUb+WDOUHTtz/LO +IuWlkUKhRxpH83uHBS19bfQfBtlQw2KrfQh+x/buIisishEB3RczRzrleRCyEoIbtdrzjPF8 +1DAJcOZ90OMuM79GYnGMMbmSxfgGDo/V+XEfqfbeq3uLSwtJvJ+xq/I7JHZO26tHYDj/7Kj/ +R3IMUKbLiEKiyamxEXTKlun2EEKq+jU5foXX7VBmzgdiooBRPTHYVgRd6spGiGrrONns1I7o +JRynOPgcpOv9BntA4a/64xTY9hBftfXfhLcZox0iH8H42TLyNhYjmd0h45kOhB7UjqWPU1Q8 +vXhUhVSRQzE/TrzJEwBU1jBcxx4vqaNC4biDfPHroUjDR3B8YPgXIT0ur/0wAXeu8DSlDpv6 +acPYEvJkSS6CcUCldDhVAKcCt6mugobPPeu4Y4EN/22fnADL8nxHqiF/nw8IoGFFzEt0Zo2D +871KpWhT4YAboPbCv7prAbeaHgQG5plItUyKj7nN9xLWcP6Kb/W0pcNVJPcb6WVslTBLRx0j +MEbc+pNH85DUCxxpmt94Ci5VIj4yaqN9psOYLo2mlLJcHWtFfGFYnEgfkq3VzoapcEq+ymOa +yfW9ITfNZKfxQnzO7QqI0YcYAxncLwZB2WN5AQFAAEEp7XEadIkCHAQQAQIABgUCQcKD5gAK +CRCq4+bOZqFEaKp0D/0TSHb4YvZ2fp10qyvRRaP5pRldo0JNViSD1uhmYMj4Loi9BwodcPo4 +45UYFDvATeEk07vE2yJJVLpUjEByoHAAYv2diE5q5/wEcYxpX8hxqPCblCJ2rCLhQqFtspzv +aJiIsW2KL51ZTdN5JsqHLeyggdAhFhxm3nuFuIxgdOzV7gjkeGxxENAxqEVcApIGX3GrCblp +duRh6MeVThovbRoqCT7tMY8WpOsYbwS2KBAfMe1pgpXqwI9m4i/VWP12c/OZEIhdOBjdgvP5 +lwlaJ2GxBGNxFqMoEXjG0Ir/3ORNn44cXoCv2ZA/I9p1TIfYQuOCnYff2lF5k8+0F0VwH6PE +6Eha0xkYMj6FVoQEbhBcAc1+o8JgxWur1viXexLlpyWIl/mtg74voZZL00kN5gr9LCSbikas +4JnuAWXP6RDf3ZsCngRvJGDwz0HCql31Wz0ipf+7uzSfCGMFUKfaJKdScIVI0Lvn9Gr5Ld8E +rXg7pC3u8SgxrQhzjexIwGPOyC73r2nPkQTye2HiaEzTkpTDm241R3iaOscmrAZUA6P4m/37 +81fpSMbuTsMsIJBKp4ktsnaE2tKdPpgDcJGT0v3SqdLgfom0tEh/J95TsMJVgQZFvFm/oopO +bMHoEhExoFUMV894OJaYJaqvsRVUDraDxuY0S5b5lUoBkad4IPCd44kCHAQQAQIABgUCQkQM +9QAKCRDcO5tBqsVPo3kjD/4nWTL9gOjdGYVSzMDsahvPSugYC1VodoqsT3Vx4CoaCQpGQ28o +x5qS0ZhKNfH5DEtNWd4C6pF5zu1dfMcsqOcyEBGU4YcjOB46CTXaFTZDIAc1CfxFTHPKzpBv +2kc2QzIXhYvx39/d/kQdcX1OTtw90XHmQqn+JwVRZI5i+w87FaQsG/SxMf3sznuw56kYMomK +etkzgcButLejlnZHL1t5I0jpN+IAHHhjmkrFp9hp65UElFkIStuFUS2hseO+mg53Oj8CIt7g +lP0+L+cViY+iC8mJgQUrCx8741rR3/RZ9N3nHZHaI25EH116m3xiJgtFkokCfT9SdfTw9m/o +FP6qFfy/oatzkwCIgg61qSE3EITFts0co0TTLTO37XSOIwVtxuwZzuAIiuKL7YVWuLyQsP5K +gZabuSzvKbsx5FRSBoGM4zxcgTOiyeSzHNtXheSdws7K6Biwy2ZxZhOZ5Yun4Gh3jcracn7Q +GYFMyziN7HpRrP+c9PauE3csz7xRKGci0oj8eD+6sPJBtdrhnFkb0ghxoiNDi/MLWyUxZtAu +hQRNh3JS6GbQ1tsORCJBgknMq4IFO74dt/SlIUi5/2nw9jKCUIMQqecD4LufMojv7IM9ZfS8 +qvlb7oyTX2Zod9jIruxRODwraR0rnxOpsay+qQmym1PTwgp6Ckh82JcwRYkCHAQQAQIABgUC +Qpte/QAKCRDO6l9ytVN84afHD/9yI9pxFvWn3qOQ4T8DWlzuLpN/N+RZfSaM2K0qbAvsOT3Y +WwB38+pbn4yTmSUk1965+eiK0gkS9yYU9ECJ3jIRJFXeua94h3rdzAvzsQ2c3qevk4hM40Hq +NxTY5A0jVsmugXhdAENQ4rUZpTP3n6InqZoup4rOGziaaoNbR8KW8/kz/Xaa0GJPIacNf4bx +jIhEZExOF6GqNPoNIebPCCM4byzeRIo3vL18OzkefT4hOkwwDQ4ITDOYIvv+8dq1acARHV4/ +P92R7DEQp7ca3fy1hL7e1YifPPnSV7iLIN6xSj52yLFlkvu3RBTAHozXhwR+rHRtTpyWSBvY +FbkqbZFRwWKY+dPYT10/tGUyjlW2Ph518OBLK/jz3PWbqi2+Ha0GGWZV9VytIMIUXtK7DoU9 +eOE7BuxdYil9hudk5qVAGQOQDgngquOm964/SQEuBjPBtF0ZLSph2pPWUxR4Rwl9P3SNJsBU +uwsRkRuszZL5zuYUVFIkrvlUp9s7XoGRkZHKXdrd1i8s3eYLg50L/xli5iy0T/xz/fqLl9l+ +x7acI/RbDtIWaNQaa39Oxxar7AamcpUFtggh9mdre0UR9JX1fNcLaRFlpL1y/5Mu2KtI68TT +wniz5ZAe2wz5btVz5ma785ucIcj4+peMyW9TMW+7rPJOTNwSWOy57P8F3k3PmIkCHAQQAQIA +BgUCQvF1agAKCRAIeL6M95ASakJSD/9LRPB2WZpt1rKSD8quwjUO84ie/WaLFGS4Cme8NI65 +GfglW6AyGjnsry3LyubZeGHytzD4Q9EcmVY3RSTwD5h+Ppya4drbiDEI/77OUuBj8qERnyJp +NGhSn7ug+w1Iu7nkPkGU7aEQtTnKvsNksXDQb2OiH4hboHsbS/aeCYEHPdnmElKSmK4uRPgk +a4WworGk8nbD2IpRwhlSugmSOWCHcDgItnKe75+ereCUDBWMNUHLKmO0gsMyag4Q5wnhA+zY +83QTaTYAEPTOLGFh94dUV6fuweg/k+j3N+aoMCSBnHrQ1ZcxZExdt21UHRda981Jy5dg15ar +svZ77ZRQXeTWS+t899g9zf78f6Y5A3lVnwtqyxAHx8/BgQoViZJ2Kq8q3ouod2FlWdWQd0mH +A2D2Famyxj10rQ4PEdArB+CAK4IjVhfBUHV2cU1HHRYAElPM0ntByMa6JcI5KDcdxaULuFLt +zKSHJbrGhcSqtAh1GfN7CzxtwcI1ejnLaDEP7sEexgvegGwrcklz904loC2FVFmC1I+b2hNr +RqLP93kxsWzK1ynuWv2Wz6J+SXkWWz/70YydXrLqLmv5su2yQg51d35j7kDjBU1Vj9RriNza +dmB7PGSB48RYcjswsZw3CFNojrfK0gl4eRlUiEkHyWX60gb68eO/vVzz2lisoorD2IkCHAQQ +AQIABgUCQvF1agAKCRAIeL6M95ASakJSD/9LRPB2WZpt1rKSD8quwjUO84ie/WaLFGS4Cme8 +NI65GfglW6AyGjnsry3LyubZeGHytzD4Q9EcmVY3RSTwD5h+Ppya4drbiDEI/77OUuBj8qER +nyJpNGhSn7ug+w1Iu7nkPkGU7aEQtTnKvsNksXDQb2OiH4hboHsbS/aeCYEHPdnmElKSmK4u +RPgka4WworGk8nbD2IpRwhlSugmSOWCHcDgItnKe75+erf////////////////////////// +//////////////////////////////////////////////////////////////////////// +//////////////////////////////////////////////////////////////////////// +//////////////////////////////////////////////////////////////////////// +//////////////////////////////////////////////////////////////////////// +//////////////////////////////////////////////////////////////////////// +/////////////////////////////////////////////////////////////////////4kC +HAQQAQIABgUCRHORmwAKCRC/tlXydUU8WCHtEACkvnfnBsV2yC9xElTs98h5fbiFgYu8v7R6 +toPlg2NEXUckfl7K/uVf/qq379A5uQeYdCf1gDAXBXjdjHDKrkx0my3GOMCU1W9A04GaD2j/ +2ogNqbE8yRF+PNsrS3wZvOqrnT0YPT9yICuBaPusv5JEtpniqStu8MlUWx8kWAUmq0V3Yq4y +3w+m0EXuS6on5kfFqjv4DIskYwsxjUsY3I3f4ZdnGGWuQZYYHdXw6DOVx0dPk4eczBb5VJ6O +h9GK8a/0yHoNzlg3hsyi0kadHHVNiwDb4qnKXJmGg33i1Qa1bpgD5v2SIV5N+DmaX9H3PML4 +KlmfOQSC1MXz2vSt799BOkgy0tz91BdP0XPSCr+id3lnsy0JogNmSusRdZq/vB4odjBhRKf4 +4x1Gs7+7FIP9Vt6eMpHeFUQy4Cdp7lNOA65baumYHCs6hDcZ3kGkP2MW8IX8turbpxmwUYBn +IeWWV1UIpN8xIKZIxSsDJ5RYzCf4bXusWB395EuqTBerUky1cjdbNE063tBmGMipwKFauZHa +DNxmyf6RKndcxJ5nrEFWPy2lHKJnDByTKr8IXNcEWcoptb9n/8/+DJkIZxDicZqrzswh9ex3 +J9wLMrTVdH+/OlfWBOqLI4r32dn3T2nHTQ+QkB4UACPtAR72zRJNf3gs55UgXrHKhDILZOFQ +HYkCHAQQAQIABgUCRrFdDAAKCRATgrFP3Os7fxtOD/9ActAuD0t5dVrOcs+h4/6WjN01vwTs +6IptEVpbOyxtJvJFRf/Sdotl/+84JcolbN2FsyYVUjYlq+fub6htXPHiu1opNHrEHihpxCav +80MeOtSaywDIVZKA8qF2Yf0Up6iYNjQc8rpbbXFYNHpESFcwiAPq9gCyerr1eRP3IO/bh2xP +tyS8QDYyDPO8a2u0VP0wTX9fZc5Fpz8JyZdOK3zLETa0xD0zkTCTv0E5j4Ffu/TPmJD8o3EI +wBLNyQL+6a0MVhwWqNCM5wV44GivSFZ3ywscQ7nWkubISZStrKdf1EnRIT/tkKEFOP++T6xC +OC5Wx0FAvM+9ehRLhJBMJSY1lKWyS0CEyiMi0X1wxFciSpKjKV/xcMNDqympp00PSUWjqRfq +pO0U27XL9a9jOjU4aGMDh4Elye4OaKX7zKUer4omVyCBJnL3idHvbI8NRYyj5pf7pl1uMQpo +1J1vhWR7vf1IrS+rHRMahy/AE4PXY3VRohJw8wABncOeeszn7ZDK0A8T5i2xfQRDHpr6H0ia +/rJOc1JL9VhAvFmbikAWh5qulksc0NdztjrwOXYNNk3HSc7lGl9l+LZwU6/vwUSP9uPsHdVv +hgTzpNkHvsfciLFG71y1R/IogxnZbWi4DGPyI1iY9C2xCmIM4/0R/sW4zEOgyAX+DEjI/sbi +sFXF14kCHAQQAQIABgUCSgQB6QAKCRA9H1hZiW7q7sA1D/wJE/5E3KKzldlNabdvmrhVXCt2 +Nq1d0izV8huCbjtfQ8XYpTd2CEQg0PjUg7lYhSCLxJFpfnaY2M/dQLZ9+aldse2yu9O8boLQ +vwYmX+mOIIus/RHwR0wb5HkmIErpMJ7uzNzwhRKfXPV4kTz8btbEmlT/gN9kzFpLgeefGqYl +nmAShVTvWNMvx/+Yaj0/yyJZYSA2wmbZz4RLd/x+QJVy0Z6U6IS/b1V8zteTUJznKIMAgb5q +HuU/UYVix7TNY8T+IjzF0lljI3+IMN4/7fZlbW9P+jSmhDM1KDFHhDMfClnQEHLyJYBnifOU +MS/cRZYZ7yKL31UfEuqPMFtak1YBGMI+SSdCsbIsQpocG5BcmJkexWG83V1cpYVi6aoVve3c +7l+9LrhZoqimRDHwmPzcqeZNGeSVgHmiJWCWmQJlvQgWHYfwxt0dMqBnonA4PRDT/fpqjhDy +hCl+fvvirreB8h0s8FTLyVRivGXKupVxbg5re4W4D4Tb5Wu5QWqEycbt+N7yxmmMkTw0btDj +ixK1QEdjJZRTGPvSqu6b+ZkfUi+Q9xnyYL0pKQLaCXsrLOkeIx4/w1NkAEv+EYQOeuG4ARgL +lpsQ7eBT//BztR492iZvWKXycu3VG6SAVXC1T+7BBh4dVBlJuTtcNUx/U08wLn1jN6TP1mJp +/g5SCtifT4kCHAQQAQIABgUCSoG0ZwAKCRDHDUFs2H2y7GshD/0fJtDSbrXLrTDqZoYo1zmN +a6A9RF/oCTOhizZK0u3KJzIUClDW8OtQnjaHh0/aWa44zbCSkeKtKBM4n5x0adZS745CDfz/ +E5iawP91GdOSmGkJxQdgQ3I+EY8sqejonADqKL79NFgJED+luzjhFWYcKtVV5SXH/dfvteZT +aQKXFTzxuOF8bes2zw65eEol2/UlUlYHaUymF6Ck9BvzABAHSu5rZHuw3Y+/4zV3LXKXYPB5 +X+kZlA/va40qlSc/+YvlUMg/JB4CFrO0xlivX7p5VNhtNUKmOt7mDcmtTol26Sei6/anLAlB +lOR8PUEqOfWJ7YV1EyDj9YnH/00G7OvS86W4SrQYQms7X9CxOZcqCIILvbuZRIKNG1olvq3t +82roiYn5/IeIQRfkqGK0VGKlmvNf+suVfkMINv56sg0gT6M8FBqDN/ZonVfc1sDqpHNevghX +G2LebNnlhquGFppXkLrx8K7iYv4gJgp5y/kdWMOZbxEO+uBErzgQhgV3i8BoPi/tkSKVMDQx +IK2rS03IUR3ZUCl9xRM4TpYATStdnbZATMCZldp8ZD2MYAtN60dq3uhnT/PsEv4rA7mliphG +fmzNnNHTakYxdUShIy1peJWDnjJxtiTXVg2IjMTsi3nfey8CQEbo7ndtyP7Bp8R/T5siLaP4 +qClvuhnkQSPqookCHAQQAQIABgUCSqPcTwAKCRB04FmmNBWC5dRaD/4nHEKXVXo/ym5671Qx +1ZfodbzER/danb0nrHoIs2d/g5q3M3/nQ1+5slIxd98jnf6dzWD+Fhf3X1o57174XJlLm6uW +r1evKxyqD6Zpvl+bRuyjJK6zp6YYpIvffR210e0Zl3o0WdQbBy59dZwv3Tjw2xEzSNyzg338 +x1GXbf+U5nDN5h+gyzOCUDw6p/WNp6BR6wW9V4eQoM8j+yLVlBRgJi1d0undf4HtL9ysL7ZN +DxhX8Oz7FZ+ogOg8x822XW5UCxTcl2BsrNsE6ieHv8hhZJLJS8/Llj27AYfAKvJw1Mg8Q7wD +/qo4BWfxAbkRlnZSE70YF86hetSA/hdQ0pvk/aO4OgCGszq2jV8q/LNz7+1ATTm+iDIMt+vf +Z1mecVR3jYbN/Nng4MTM2Lgsimt+fBbjV3twpvUZGBVpVw0PkYqG8rItv3nzqjWfWeixXJ0O +lwgEGkSxiKJnZh8ZE+Ujo/GJ7RXvKjnnEgO4A+2HUpqvGxGDQkPR9u/ZimdcoaCIzNlfcJqo +6bBJ+TO12Yww8B4mRbjii7p44bBuRPRIubeWmvYbVqdSsNohNHHcvBvAnOQXgKNuFtw6XHbh +Howd1GhtfSQtE/qspH+nQTiyynY+4yG1JKQl1H+LxvgkHo7YcV0a5Oc/JDSdJ/p7JiKpe1Vj +7nm9WYBN8v/527+dF4kCHAQQAQIABgUCSwZO4gAKCRDWCwxmNt5Q7qDcD/wLMkh6M2XtbHQY +lovuHfx6I12kVUqa1W1UzsesmFTTfUhtxnM8K44HxM4ytdXlG+kj6zbGkFKIihwnSoIdpwgG +klx//ffpQH+/0Y7KVZfktnZIfd0xWfRm/3KcPxs2MUjvidpK1gFOA3C+JJHFussQtaKyYKJB +vAMFxbrnhpAHnbaaGOQGnCAszKsmJoWGVTstcD1zqUBGaqVngbLqecN4gMtx37plrisSBfS7 +HU/iPbSVCfdby+dE6MhcBqIxk8NyVU3MJ0nBguBDXZnuF17VrY+XsL62obu/yCTXpSryFuMY +2mTEWoL8lrrn/5TUmC3yyGlN3rZzjiRd9lORFjCWoGF9hbT+XuB/1yo2a58bcm5lSz+dxhn7 +eu1VcqYCmCV06tu4kSR5NYflFw0aXNpoBcpSqU4sT0AUFiqahwG+VTZOn/rlCZL2fGRudjD5 +rGs92gjWSwwVkWblwmaiKX+roh7Vt6TgXpSKCCo3K6c3xjHY9U4Pb2u2zUi1RMRf3ez+4hYn +/uwAL/JL+ypK+Fwnh0RBhYRJiW58KS26+/NE+BKfUi3LT5NhqIm7cK8fgGY3xjjcMZfeXwuk +eIyHJ1dWplSZCiqN+13n5BKrX3GLLdo3aT4/j2iEzia1J6gfu23I3dCWXCDwsESh3r1dTdbQ +nfNKhTRnTcqZviFk7I0UMYkCHAQQAQIABgUCS+IpigAKCRCvVaJhx8ds44AsD/9CngdyFOl4 +mGKHSWyi0jS20zpgCXGmBgdy/1wbBmw3NzrkSd/O4tcvllcko9m6JGMW3uKg1uHigK8ePUKN +5rwat1cX0zVC/7a4mJc88HRWSA2599+utt5BVRb5fqPnwMfrxFF8jIQHtZ4HiyXPVStJh9x0 +GiT3OvAjX1qw8wQZl9fzg+OmCL36ogfmjLbg8k+nHy+p0MQmk3n+TEvX4iYj0vubFPuNbcmz +R39y1Y1a47NzrqOU8qFnxVkZLXKNCdN2UTohy9b1bsy5Sd6PDzfk8nMpX99OrelpfHG5yuwr +r8fvFeE5IKz7zwkT1g4+SdNog1JdpvoZ0c7VhYK+P3WFuUwBIzK3U45OAQheQdcr+mg90Iwy +NX3xBj/3J6D0wlk3alD2tBPqNcBPp2k85587eVLan1CGiY86Kv2PRomGgGRY9mN4tfFbeKWs +jLivxCeO7bgm46IkAeDu60Iln+3s2h9FQKpUX/glRRJG387hDg7Wram4OLohNRatFYN2k7U0 +2y0IYUTd9fpbp9qMSR54cxCcHrfk+QZbxYCB+hjdDnMhFViYfoMzSUHCviPt23P4BZcK0eX4 +X4ikALode7EwHC18K9SwxMRFk0tEpFMYGyw79pfCLDML5wnrm6VXaC1m2u22Zsh7EPkHthBx +8BwM++7dQdGvEw5v2lw9+B7E/4kCHAQQAQIABgUCTAwMSAAKCRB85bB6eyCEZTdZEADBLF7d +2FoXFz8ufcTA7UqZ8wfqobr83GZlcPqdnyLUqkKz502Im+F1y6seqvinBEZ8saNRnKvsBCFb +4djJXAZFxASvl4vAEurqhnq6ksc5NFmC9OnDLrSHQt6Wb4FFPIa/FLk26IPOwa9CNq0lTAxS +d3bbtnrR4sd/Pcpn+OiSlBeaVXfaaqBgRoUzXdNeMRW/wl0Ihw9njlFaQJzb3H1SQ5dyTRHZ +UUChdeAwmwlF2PyslV4YzG2Sxvatp3LgbTwy251zFsYHGl3RnKCkW741E2og0SSrl2/ixli0 +QjPhTU/ghMKQ18OLjhbBZlUmOFZE4vDlEEkc3WvmKGQr5AHa3zbP3VSBZvn3cvb6ofK7MEpe +yPe9RDXeTSwHs4ZUpwAfz6QukoxSdngurdKwkBOx8gD5Euh6msu1AuksutW6F6ZOOPxYOOR/ +v9zGLZk9DqZDNU8JKW3CdweaSiJhdBRO9fxsoIAs11H3IVEeI0ubNOopJBi/I8Q6Ao8KChGQ +19LJYxPwKIsDPo2KqxaVc90KCazysOlTWSCAbHE40BtWvw8hJurA8sYPTeeo3dgJEGQhwjAF +NdadPRT6SL3RcJH/+8URXuq5FRd0Qe43znXUnFyaM/ahnVvDwNw9eEgNlnpbckcPCqqtN0A/ +XpHsTyP9tYq5JBsK4pkv1gZW7vPfaIkCHAQQAQIABgUCTDpJYgAKCRC2xKe+vEfeEXx/EACo +jvBwWfRaDxxUIArgrmu3kf1ZTT62WZTYYkJPGDXP4ZEJqlve14OCEm+VgvzTwvErxCCKTTIG +DLEqiPf7DlMjm3CNUhuSPcWgSyhMW+sts4LJsNGc5bRk+3KH+usbb1FLmmP9tMu/BVBmE+9S +xc20I2yRLfCXrnbGkUhbE7Xv0gqK2dSlleDQnRwb/+UEkqQIOgid29EsEz6bKJ04zoWPGRqq +kAoKVn9mCxQ2ZwDt0aLiIyDAUwy430Cn5Gc+3V45Ps5062UNumxubqZzfOReavzj9CYnhknV +QBlFawvmup6QLSqtBpicDQMWBeQeKtPYiRRorFlUOOoL/viTSf0HRoir/ayEonIM7GlnrWl4 +IyHYJb0uxTVtXEAdY8MRUIBSkl0kPv/6gC8Kt0ndpiy0+XTsdsMUkt+D+8P3cGU3K7fe9YVp +o/sFz9bFt+SUNLn917RJtHaMNu+PxtvQ76k9EzqHCB+KUvaLKJm0SZIZ6QgvMOIU1WwElRpZ +Yu+6SJOSclYBEi/EL95gp6D1vDJ+GS06T0ePZOCHa+/54FmuYtgitWQEhQXMXYoJ6n8G1Jiz +Jl2FsYDe7lJ6hD7psWY18kYCgLvT91POtSRuexIYNcdapvTJegekckd2i1vxBd1dhJB213yT +0O25M+yntLD3Fik2gyhbMiqt5EzJTf0SnokCHAQQAQIABgUCTIYODgAKCRCJCSF9w07sV+Dy +D/43X3w/EsnWKIv67oO7Iv7bp6/iNB6zaCwGsO7KHEbRx6HHA6xOEzpxq3j28EppTzdIMzKm +olAkBSD+++ts/71TIywMaBMecjeO7BAxWHWA68f5TKBZlA3iIR80kTBZwpbOLBwQKsUW96JY +35Z7T52ru2UAHUlZKXWDEXZqIFywLJW8OHaKyI9JI9WOyfaGmjAXqZ8cPatR6OF1IE1IHJkz +ejkShp1zxshcx8S/d2y2fHMfcOrE2Ujg5PYvyA1dWiP6/hOVPOPHI/BN9Y2Q7DnEFsuZ1Znk +EZ/1ZENLw8GS8S2azXu8XDU0e36q0TpXJ8yERyDpSgHEEtN/PNpPkFS/ptaV4yizHj51ohYb +S/YX+zzhUpIB2n0XtCmZ+SpAE+jX6WTzuZzfy1yWFwVUgzRVm3Va9ziTVfe1ELOG/DX4W3B4 +1ys/O2Ez5wXLxhy1RWfNFBUf+5EKXHLpC+adMeuA1AbUIALuXPtWS93g6FyYHDRSqHmFRV2W +J63pxD3fY/HH29/oQO8Q+HJpLlIzovkPIXZ8SbhHea1uJKjRgSw8aID+udfewMJ4JwNee4gE +a9Hwayh/WYY1Gd2Vmokli+zZFFmyJelLQyJC8LJpjD3xIpOyt1uFjSX5rvNOKzTg522VoWi3 +2Rj+JlFYS4+Jp5qmmLIjp1iEVdWxtyjKOg3va4kCHAQQAQIABgUCTJDa3QAKCRAP4+rmMEXW +VWV9D/9kBEO4AqEsddMGjBnGew/33ecrcijJH03NNI0ipC+SxNb9thVE3ZCqg4lrFzisEGDK +DLp7l5s/lToP4JKNqU22olpJVx2N+nw1nGDRZ663Rfl279+R8tK2d4MiEGaCH9Q1gAxbDfbT +kUqpt4mlsNZqUvhPYBmM3TyH41FSWVjU6rrZfmn8Uu99jVkGAmZPh1JR5qSErNaGHDveeQm/ +IaeYcAwMDp/swJ6iUqyNtchBNBdduGJDJohFX7wIGGPUvK+VhiSK8Jn9iJT6TItz5/U3pzZW +WmkBdAOgIfOSY6jaxLhyUhYhGV1FlEpxosDBG2HbV+ituNrI2BKLLRz7C+wuYL00c/SgdgMr +6SyBpSiNrf9nU3a4gmZ8EJgXlqAcwEMYPArSE0/c3V7Ww9E6jGdEvRrYAXg+qzOdirpQdgXj +f+k12KyDS/86v0kNqIfcgiaXxbCv81pGMqVTajv6jep8KRMEdkjAoJvNAE+INjUxWLfNjeD3 +HJz6Of3a4hMIZeKCCEg0vxJGJSyLNcHkx/8+RPHk4uMj5QMjJ1aS5ON/u+QC31wc0Q/gXpT9 +iSFtM8x8aIsGed13jpFA6sUUQ5jj1ZyFGWcSalIKCHtwCHfr2v/fDX9V/sYIUG43Zn0gGnE4 +qJYJXHMXXOb0qa2ZIms/ZGbxd3SDjXWzbtlr471hi4kCHAQQAQIABgUCTOUqcAAKCRDWYVma +gKlsSM5BEACE32+kBaFYDjLdJLeRyjItCXga7b4x2pZ4xsy0Oxa6T2wEtMz+z0ailn/fEmew +UWLhdjJVHqOeYbRcdwrIkJ6Q9Wnk2u0bLC/Aqs8WqH4e63oee7mQdmMjSPz+zMNHtC64mir7 +RdBDP++qMkxZ76C7uh6/fcU1Wsb2N2yj0pDxU+MrcuP4y58n16Tl5jP0130Fw+W+cGQD/Lao +q1Ql419YVlJTs049fAWGi9XieVo4B8C3AjeZ8g84HJCOOnINetbI45JF3l0Q9mtdEi7rMdbS +7xtAq8iLVYp/iSKxjlrx+f/nkL07hwP07ivE3ZOjIXx4KJLQ41xsv+7oA5ypnOLh72S7mM+d +0KktmVT8u2gJQAQ2yYVNkfv6mwv2xTIwBzdSK/cWcjOkrWX+ArXHbjEsi5MARtHbICZX/+m5 +PlJeTv5M+NB4MFdlSawHho9zH9kxlwsiySv8iFs1hqBLC48wqk4BFkvmSxlV81NWmAKlNYuh +mu4/w0KsPXJISsUFXaIUg6LcwQFjtmDZXuSFkgKgP0oXEVwr977X3K7RuuboqSCi+DVk0G+V +qw2WVZgOa1f6mWMZo/CW3Sy4rUWOTxL3exbYw0Nw89aABpQSKU9zYCl6T1ETwtGhYyXYe6gY +X8u5azX5YWl14GG88ovIuyZxkuHurYYatbse+kazAcqd4IkCHAQQAQIABgUCTOes1gAKCRA2 +Gffm8mK6rIrmD/0QTzgWRqWn9uuyx8spsxgVoPGQFAejJ8wIAYcDBKzwrC4oKmTctVo6kw3J +4R5eeOHDTnQloE7piVQI5hlGpwG0aM4fqIDfmRQoj9eKzyMYyombasy26Af0Fbq50eR8rxXt +V7pNJ6SuFQsMCdDuj0HQXpg8yXnQ51M8cMXNmOmc5FMqCuU7qodJKXESSv+1FANrEtT9sR8n +BvwdIsMfcPUlr3RCt2XLoeXWYLDEOWhyNNeX4mGgkTYKrYH02W5PuxtDe9pG/FshZ1taIC2X ++XzevYKH1B2DmpA5wp21vDG5Nesp1ra/K2UCOxbYMWpcyqiMot1k2/M/DWOQU74uTAkD1wS8 +aB1kM3etSraNYvCDTNZFqu0IckrFyJiL4aIcdUsd0qOUq/xJU4Rn/xWn49E/2kRJ23SmITwf +/0tc2FXc//FyIBn3+AJWFRFYlYq5CJxzlWHAJgy0Av5x7UPu3qg1piWolgyxGJ++hzWnmR6Z +hGWeyPk/Lrb/jG10GBtbKP7VYgHkSMTJoO56b6C64rAU9FyaRiitxXShbw62WhJTAPaUfZ/d +JEGP8OX9/nsEOb2x/a8bCNsTzu6MOHDCw9nrKYqygHgXVsF1Su6SZ5WcrPzEsvmD1T76WUMH +boAq70AP8mPpSF8/hxjKA1+PPa6/+OfFh4Yb1MPJn8fLg0/W/IkCHAQQAQIABgUCTOes5QAK +CRA39NXVa2rxYo+8D/0Sst2FHSI8s+4BJQTafa/uucd+S8J81HSf6tzlUJkUvvQstV6EkknZ +DaC/0UnRom7pMmeFtI21ban+o6aceSIUN4/MPQx/Si/1VNwqSmMsyDlC93Iw96EopxlS7Rne +BUX3FOVCNKf/5zRjKaeXwEnDj4sVAFn6g1+KwP7oFH+P0V18+uhbqQU+Yf19FxeHvZW1W3PU +WlwYj4yhpn/MpLsSw2haPa7pnqmR+FcF0OtC1gIyerxUAbApT4OFp4Sonn48GAAWT9yKgE/Q +6tYHS0YfLOyNz2/yq5t22lWExjBxRM4GvEuzm+zA5Zkd21yk3s+UjNTDc9/XtpZuEA6cFFSB +iwlRFEKHvQpQxem72Mf4owU9BF/Ya9ITUuWFJINfRXd/0cD0MrDboJ1GzdR4ha8K/ff3Xj19 +H+WviVd6JEd8Y8mahmv3XyqstXiXT10xbl4Di9PJ8EZpHh5lA4AS5QpDqxOJdUiDHmf7T5J/ +pp0buOMmmDNycfVClYzLgUsVypXysnXBQBjnAphkyN9cXSE9l4FwdNf93QdQFyiwtE1hQ0Uu +IM5FVJOr2MDVTq0oWGtQeH1lyLgO17wiptK3oR+SK0ES27cEW7GomwY2LyUXfqzjt4Tv0I+i +/YCEP4P58oWGPc+P9gfSNMj0SC2Qbyn6viD7WgR91us+2LyI1H23B4kCHAQQAQIABgUCTOet +AwAKCRAuNO9thRYmntmND/wMcbKGZVTb0ptF7CMlNINcAJXh+PaSjNH5nRoHAR9bYNBd6PiV +qgHm+VfIXQNkjo4gpz2nCVQB55KE8henNNq/WkXK5VEIa2uuWQB2mle5Vpudia5bZWhqRhdX ++2pPuR7xDtBwhz6DDDDVMB7JPnM9Jkx1zfH7JlF88owR8sp/yCHqVRbYJDuC4eKbIKkUVFqg +NxRPRyek1k/+eVk7bH2vNnRwHBMpzYEg2n7j4udyU96Wj+s6zFFB9gIAbeo0VsAB/qUwqb6X +6hxGqw8DHNo9O/8Uxuq3Sa0bzwvQBIcQCTCe1vr4DcmPud6/T0HYeJW/Q+8fERxqx0l6xZ/h +Zklf3MTtVNgQ7Lysdfh359aS2ehwnppJ83lqbw/Hjg9CnqudEQKCvvp9290SDl1UQcUAchoF +MruUFRiDnTVt1RzNlKPWS8AluiXHAUGjL8x34HEW/AU+D4RauczAJYTl1vV2PHZfjnJyPJBV +9I7MPWCemDsMkHGIYltAq8NWbvF7D+VECDt94GS97diNp5uyGDdW2XmjmnelOfDGHw2kfBy9 +ExVV0eVruRmDw7NTMXtfT27bdtuTlbW9CrECaXH0CDlUgp78LwqQA8ad1Apj8BuIG0YJhMzX +dZmO7T77W0zuHJYCGm3dL+i9TFQltDXeVdTlZW7Ybx4QzJ/8OixGp8hotYkCHAQQAQIABgUC +TPA6yQAKCRBxIX0c/q5WbpM4EACDXDI85lLZydlpCdRA/azIHi/fJr0sadavb0tpImK7ykTv +wf1UVWvjZo7F5Bt2Tc/oZXjaFasN30iqKlF2GG6EObWDyU3ynARME8fujGVW2Pc5DHXBAEdr +jzw0qaTcG6HQsJGrZtwVBm1ub7pVn011qCGq14WKaZKBrP9DgNYWyavBe3ofvAZtsSNLfyIe +CdZnbUom7lYZbI1auvsWI581l+waSURhMcHH9mI6+IG5osylIUXR4HnSySO5FzpXAJeCdlT7 +gMqo2roTxGZw3acVlhhRMBPgBfyOFZF1sQqkDyq8Dt1JSapMhKbe2AKdK2U+vxk1vUJ/vcBB +KuVOaItaJXgh1LZ2m3rLh3+n5oeMMigwp/5S491tQ+gF+f/NEj8O2gJXjo7lbIN+7kKjvEvY +k/R9MX7v2gYAq7MUTLXL31woWRgaWQnRgvO4Mroe3MSAKDX9l1GThuQ/JEyRhfa6eCvmhbNh +gtE50PREtYJdcWDaGrhjmJbmOTYqxirwlWSgjZCPq1TUUsiZmHTPj3GUgdtPxKPuJg9qpEVC +Q48MeftdrEVF0xMwLGjsg0cP30cYlYYPnxLf9Exe6q39bp19bRgqEc7diXknJSzS31ABDXxW +czT1CYHWkK+nehq3u42e+Cdkryn6dx7D8YQTnGKSdMF5OM4488dwYCWHIAyvPIkCHAQQAQIA +BgUCTQ1UvgAKCRDF0jGh4JNOmOh1EACkwCXCzQtOjEK7SPczcUwiOqR3KyCtF9idROzTyoIa +H2EflGsNk/pOzjrE0oWKQ2vsoV0gyGfwGp4qoGh1u366M0QBHRWAbX3vu5Gm/6ZRqRoXaJ9/ +NKmJwzYS+U8UQgYCNdubf0l2IHwifmebeEzX+eI+w8ZxpNb8MIuGKxKXXHiCDyhUPS3B1wP+ +ilGF47x4C42Ut33l4WzFmzqwKmC9UomeQGfFrtGMmbjLADTEI9edx9sP7GKxuOW7bvzvFtLb +ThogXPNYH6GaiUUtoFFwO0j92ofg67WnPZsWDlKNAkZAFBDgXH63CYhKwuW4jCuOSDjqysJ8 +Zajk1aTX3HTD0Gze2pqfSNuiGDu4XnjSMQTcpFvgDd0Po0FUH/nU+neXqhnzGmBLp+4Tgudx +thIEHj3ufAbXqsIKcQ9QB2ZDbPr5NmrTlqgDTfofKYLHzVQFudwZzGtysi06bUFRMnchxu6j +AhAoPqK0YxgsdqbtuJAfUcbOSgNonHRVGwbkxgbZ40PBDVPZ+3iDu74tFxvpYnP8lmlIdxTR +qXd5nX07gkhtYAdJhvNcKSuLSZDwV2Ru21mq/vU53SMAZmkHKzTojuixNUKdw8B/9Ke4EQu/ +gl/JESidlMEHMrmA5Q+CdUWLNTMGlIk6XxhA6qzo/VR00U4UXJSGamTSca+0S5tQ0IkCHAQQ +AQIABgUCTQ50awAKCRCTZPt/6Jb0eNdbD/42nutGw6A6qkl8RJ0Xet+RH9cwX5RuZePOM65m +UobjJWUSi0WA3GhNu43H4W5jvL6B1AV8epZYJIQcl4/8K8d6YYz8tBox55fjL1GmfHIwjZAV +c4touBwvwGlVre8ScZ2w/t0LWiR/9u+t9tPdNiz+X1a53jLfwakXyw6wwK1GxpqwHLj8vlj+ +mIfi2YcLMpVuebtTGRhiC75st2uO6hTSNqpCRGbzjUQDylD795+I6ABx3212qTS/X1tpDGZy +uVwrm6LDNqzASGr6xyYtllAiGYoDNFjmaO8kjm1c1kehw08Rf3zobsFKSbiSuHRHCcjHSuJ4 +K+QoAQSwuuUpgYCuvMvhisqnOnRjTWud3WfuwRVAmRVKI09LbuSpRI0dMQfoE0KiimhPbmf8 +QekdKGlHJpwtJniACKsETprxaK5qX8I7QZgXwko+fnbuuHY55QLn+LSfQG/j4zyjTqvOz6+S +SHoW0W+eS9T55BgqkAllHqzHxjGbAzspfOaFZ9V9YT2zgj+QHmeVlicpLls2biF6gfI7WhqX +2S+ZD0oOckgZf8QAUB6nO1DsAtczWSRFB8euTQnCWdmu58pnQO2+LMiolgXei9ACsfucAPrA +mX4qzFb+5WKi9f/xBAvaznbiU8/X7sm3ZqlBpWX6QbzDn2dM88ei7+GloqsNINal4/9sv4kC +HAQQAQIABgUCTTCHoQAKCRBougpH57HcJC0JD/wL/FJlIIern/eXf164cX4MxrzMqF4lQF9a +OgFgljEHBSrpFYUOGjeHMut1GkRMXB1RuIXo0nG0XmPibeRCFDf/dqVqZ+KRr2BigrXt6H5M +ULg1uUTB43xrkQKHSwndSklUhBIB/0ygOvOlxYY+Afls9pZ9SrUi9hVc1mbLWtswVLTayGkd +tfIKOGl5XMGImruYwO5RuGO1qti7gAWCiUGlPcjRrGYCO7+305rXktIQC5NQV2ce1VH8Jed8 +LDBztbOCFHuZgXvJ4ac4e9HTQmvPWREtxmptPPDKGkhzoEWd7etf+v+2ViAm94uke3J+JTd7 +DLk2QogZoAxM9zln+wUo5E+8hhZwfzyKvNYcwOyBnOZYvIFoshWav99OeRUFIHdZBwOLFYEo +4Bk1Q4+CLXPmwEw6qDS8pfWigre1/Rq/lck6756tgN2fPAsLL3bSJaGZwOXrJUTaDiamAPEL +aHKejFZkjiARFJcBeYJPSvu17s5WfR2xdbQzGFB8X6tAb5B1mkmhG2uG6zWw7Rbq+PlnArpH +F6rG+y0Vv5h4sEDRx+rjHGrnajVhkCyZt0DD9tVz/Ul7DpnDU0mXSQDFeEYcCmu+9lUOTSVO +meN1fB5WDUp+BzrJmVmsrfxM30QIJhXTpDahNiVw6DYfjd4znZi4J2I00mV3wg6TSAaY+cmH +1YkCHAQQAQIABgUCTUJuhwAKCRDeP5fn7iJpXCohEACXLGL5YYN45N09ULtBPwxgec0gPT+X +eBF2/TIgJgADl1J59r4kyUQjh+8Kv+P9BFDaTzrKGykR3Z0EFg6xEp0Ucg7eKw/QoMR48PEZ +lUSiTi+lHi8qDeB+NAVl3y0Z6wj9HCMpRQXintctYDSKSPqQPH8iIdZaxgkcJGy3CFEcyYJP +q7iyKtA6aZfzPC4aJceudmst1/5JdA06mzpNxmsddR13das4vlVMuxshZ+K4nbaBi6mZHW3U +XAOKmMEvBp8UTYY+coDH0vSoO9c+OyV+Z5aChNCxgUues+8cRG9CjNYShRAg9qFvMqR4Gwyc +iLKX1NT8pIGEAQi0yfL2gvy8ds6oHSoNtFlpiXAvSbKukN/ewfxsX/tzLGKPnXYW9qmStegl +LaATuBGRssRnQNAEk9E3K761L2ToIUTEOrIk7Jyyqvk4HU9WS+riUpNsf/ri3wicHpiDtv+8 +82rWCn0S/1zJBcOt1LY4cocsgbZCmnSmNNHeElbrUfO9cIdrl2RHgXXlHfoZ9WzcZO7K295z +YwfXTOGbuqAwrYzaw1BPEPfGNnsPUjlk9mE+X82VJOmDJZ+mYCYBzhzm9Y2AWD7SPFDeZ/Nj +scbN+ju88WrJv4qxMo9ZB89urHa+gQbgtkeHkjFzuW98VC4ETtLBp/NZ3d0QPFr/Mg1y7oHf +e3fKLIkCHAQQAQIABgUCTVUwogAKCRC880RXMAFtU6GjD/9cVDXDdq9ugGiQN3vlAo39PJf3 +lT67jhJ0zXylYBcLc9q3hmoGfOEPetFHviiRvED6CIsQq54cWNHfYn++81C38VL+DKEDRUe6 +WIBaPMp6QXzBFVj+F/uYeRknRN1axIZ6kdXBUtHtRXnb+O0RRCIwQ9XfiFpAaTluVXnYvZpe +J7pR5gD59dQY7HTM96pvhag9CXkNN2WLdlHjvxlrzkZMki/SYOsqlUBPy8TJ7WE4lheh0mxg +44bDeUdLD6Wsi9gPGLG0R4z7FM+Rpyc0NfVWfnTYi015Zom75r1lEryZ2ag1ytnvAKU3nDU0 +Yewb2zpv3pd8ergfWoAciuL4mNzzKfeop5HY0f6qrW8GpO4UseWZ4gcDLaBTr0o83Q/sjhRJ +v3l448KCR7kMEHEZs2zRLnmfI7w388WwdDnQP5jsVJI7htKeTXB4uw1x4n3riX/6XFRwAZ5c +3freBGSAofHmhRoYM8ZL3MP2JRc4S5RHMkzNSw8SRXHbj2gHUcMa0FqRoA22UnIzTbiVJujU +4w0+Tnb3T+Am07svYMrAs/Znjp5+zd/fAraf3UtE7VIPjXHuOkLpqSSDJCRrXsO3NEdMOrFZ +pMnVqouXthkK+6V/2rIyDFW8455wQOMkP4i6se+zANw6hAoxfl5VczVrTmicCiQMydU+K+f2 +KmUEWomaqokCHAQQAQIABgUCTVUw5AAKCRC6dnbW9Cu6oP9FD/9M47GPuAv2wjEuvO74o4ko +pTGkmGBjaUNfFvB7vl29+jVOhN4ei4j6NAnFr98W1WE1bRmKa4pLQ8CvJRxaOOFXxYHXEkPV +yLYoZmKjPcXrpVVaAWixp1mboSqiWyuEDyaGiGT9l8gVjbUIBo66Z0Ci/S8jgw5LdgG1kYUx +vHdqrBL6/TqFt0bi2PJNLuO59TwUZCSvvMZHbDlwSAHhHgbN3svHBiIueXKYexcQ+0OyLFfe +j6MEMlW3q5Z+sSVnGr48a8vFEeURGd5L1G0EEmL25Ss1UjfdEA5C7FYxP7RmycqCfRkHI5D3 +Ls5YoCjbjd+humBC9Vv07Q43wXXXcdlLLZK72TP6T54lOFIcf574WG5UNLQuerl61yCdCFxg +RKwWqjNqfyFah3kJ9y4vy9hmb0AYiTN/DMiZoxIYlKnXToG3j/LcvrQ703kZpamYkFQ2Aq27 +jkNFcAw5GRMccgH+ywlB1nZHxsr1A5JLHAqNGYmBQb02sgJj2/YbmPOVVAoYy1R6NznA2WHa +Um8Zjl6c2lCMAGG9rB6bJbIGcBAzrHZpSYUVbDgWBUPEnm2+9zeTKUAzvr118tDfLVr1uqbr ++8dzDOQhUROaSPlm+oYndxVdooA6U1bfdaAgtjQThROG1+yyPz6JjI2KGNS5paZxXUnzYHEa +YMbbbedUPNVaH4kCHAQQAQIABgUCTY/TnwAKCRDsO1uSsBP9YBjwD/9LtQzjHKfvEDe/HY2Z +E7BWX0NCl/bY2GD/eGZJ0FO4fJyzyO5sK6bbKpH2wWlrdV5070N4yC6rMtlMcpqdO5XAckwK +YlXZufuoEdSCP1/gqv4yyG7jgFVHtOP2pSvgSFMfxY6Nt7snKyx893pZqBagulwcAXmDSc/F +ghG5q2Qf7q/04ZnZ36rSsNon5caXuAMySt96I0AkGHsPjNxStDvLxa5i8lby3BBfRj1iwq10 +jQ+/hrV4BxmhX7ItUWE5gAyqjmU2nVYIdvC9T6MfEnB3s8RAf1C3c2Sr5RJF3Db+Fp3A3zlg +wnt0Ticyq5Pio0uGdRlEZBVUwrYIUPyE+nomabQJxFJ5rC8yw79Ap++bOj4uWRBaGKhGdgZG +zpYMhc/J9ly7L7mfcNmLi4bczvvZ7KF+/ZE3EA8wKe47uXF/Pu1wqIkogZjS5oIThctbP/C4 +L2PXNv6BLhJfRWmb9DU4BRLFyzpKsJBCGsgKcnZ9xShYdtO4H3HT2HSZQRzXMrHBxTlANdNJ +rjhX0+N5neI0/lRwv8a6Z4YBws0pWt7kd05/M4VJHbNtLwHkgW4u0/hRVLf37DNvSc3663J6 +2PIFwke2s7NCtBYirjKurI3vtiEUJPei7E4VVrfhhibQqS3Fea08v+6pU6AjFfLZCEAsJ+eQ +BedSH5mxnrEkq+bAvYkCHAQQAQIABgUCTeMlPwAKCRC79WdrFd38WHwxD/0fwRaQprKk5L19 +nNhM6Pr2UNhAiXl2Bo6dXOFxE7yERFpYm6mulHtEUKB9UwHFZbPin4zgkyXskC4gW+M/PffB +baabFfbK/a8Pv4LLQ64+se2ZLSH356SAolM59TuDtfrU9TMqZrqfzRAApe6B+XGlNEp/GKAP +IcM3FJpnXa5lNCbrvdB9q0AQl3MOizJsTKjmWbSRtSJBlw1BAczlz93616frKFq3ipReEgST +oTgqK+hSIvb0DyhLo/p09Bs6azr7wVI2GMspaXmuIQ8VmnukUdjIl5eCmvTL4mb3xVt9rM+a +Ahk3GeiEOskBC9hb9DKrsz0qcqSMX+LCAJoIWmGR8t6+PzQ8JZmE3oLwNNCKmRLBw3A1gjBb +yX3fHJQL/Cv5NRVpqW/JZ7WeZj5MjVuwgTwDcnaTSu9oFuzFtLQV33mEgIZtMaEbSqoYrcrB +aAo4obFJSBbtSZpVbBcLga3Z9nRYJXCmMs/LtQVMnHWtvdbWEny164Hjs+hpZ049frSrB+wn +XDXfPXTfvMrdC9V6Ab1MwHqxoHawEEG7gbvgE+a4qrtGsiwwnuJGm9bVxa1nuYh2BA7m6y5w +jPoH8U5LrIlYmnIi8C7Y5qv7RPjS4NX2gM1Slto0fmnq14WwZWhj3OC4zLJe7jVfvVKjdxN0 +xdvWllJMmbIztIhqlzi5R4kCHAQQAQIABgUCTf6qzAAKCRAYuG+OyFz9v+6sD/9IJ9T8ujy3 +oYoTm2bjRJaCwiWQpBOKRSmWgPr6wwBIJgvIWFfAm4o2O/ZF7DvY70ZVeYzIR+/ndTVwhrBf +zuks1DZwEhSQ9b1rt1h1bTp6dF5BGcUlv5hTcCafNAiuTiewo2BKUJFe6X31ZwwPbBWov4uq +pDKx3EPEb7QL3hL629xkvspcnN3zTRty7ACyCvgCHfl3wkcSgs80bdJ+b/f0fRmFdYlv0Vxg +EEdKe8on/A7Jf1iyal5CQCzJYsw4vzhxfIGrrANX+DemEP5WgCT1D56lVkVcH0hQek/K06mH +bK3XPmfNQ5LnbHyXjLP5W8geJa3xL8dZ/I4CWs8Ina4gNVlnGkQErFATRuigSLqXOsivYn6D +C2iUFLriFc97TN4ltfbPG6/cnCd0yzKdggpGk6tfzvyjzRCvyc5vHpdCaFmm5xk8Jou/Sj5+ +d1YdXAhSSriPoHJQVzTJ4UQcertmntykJiynzr+mkw9a+VZL6dMF99SMflC8O42W4UPMlpFu +2dQsrozy9LBqkzSkOHKos21uhk58Q5Vh5pmP+bQjPL1BRBjZA8r5sAS+jcaR3GF66ciDInpm +hNj34IeODZWqzJ239fR85TDqzRAqFTIBwBwcsSW2ZVbgnYcLCnwx10SxPifT4c5L13Q/3Ooz +NXZii9R3dyBjpHg8hJ9mpwJ0cIkCHAQQAQIABgUCTiBMVAAKCRDGtSm6kRYhjBg0D/9HWoh1 +6qj2GLl5y7S9yYKE/upnOzJ/LqcFFjvLL/sMrd3czxaMgqPI+B6cu1CO4C40TnClz3aMnjsE +DbnjD0V6AQxJtuUvZ3TDJ9+6PKo6Lr0HM9FpPQHORIMrdN5iVoTgB2/idJOt0Oep4P5/kbjy +5Xnnpkno2lgUEtBRH1npa9vcXKRGacaVUN8zf7tr8Hy3SqIWu5GQz/Oz50UtuNV6F/a9HfHN +KeJAgztNkCAuD9UOGNYqtobc7/cLYNfndd0uccF1o6MA4wmzvQRda9mm5vGEZI/erdllzIQc +rMfdg5SI+3rvRx3krD8WKSI3UANNpBPf0LJd166pDEG7iznanWrQID1Moea2mGSW4+EUq3s3 +CyMFty/+c+dp1QfvRqYas1bOrGHUtNQlBU4LMIRFYieF1SOZNj/sbC+y6X2S5KBz1oBd9l2e +RC+r4klYQZyJJIMQF8n+7pWW/NM2E6nimZr6o1NnmIbQvidB90HJK0sGMlkBAtYgQ4vfSBde +aMHu6fPjR4dGN0mu67iMVfXgHExgyLzdsHGJLS43cUh9YqBtdqFvXOpAabnc+7fCVFdZ1ykd +2T4DuVlYSxKv7aGzIHT6aSpJ3YaulJ+7i4Swxo4IUIe1R5H5V3gOnLvMUu59UlM8LqFXvoJm +lXt438AmbY2Ia9bBKp7tMflB45I08okCHAQQAQIABgUCTlZdDAAKCRCFnDptopMh13QDD/0R +uv2Kt26w88kPT6KQb6wPBd8PVTKlsQO4o43lufH08+PySSmCqoH8k6TZGr8HUBLeMbLrpvxC +262PcVc8mcsDnX3SPYIQhRwfK/5EiYwmKg219IArdjFWQ3YcC8Cf/toi7692CE3IobZ93QDD +PfbAtRCBlLBPVtvCDJNJkDi8PTp4/NvZSukzBzzi8QG63ifuJmxtL/OfLrFMoPmlaAihFQmU +PC/CN7DYpujX7MqeRWJYHxJ3ltEklPpaGICZTDIvMWq66aUny0C54PmtIBmyplmHkxU8XSHO +Xg72h7y4BcuCtFgrmec8fYTfBfs5khmynFwhPUxYOYoFGCauGlrO3mzEWh1YEao9RAK9D9nf +87NvlHOCwRaWmmOm1dnFYajPqrtQzrccC8xDawlzWTMub8nfZvrJXhjnoaOOgFmgQfP1Cr9h +DYorBMyZJzKf0xKn03G2zHiMkKexrfbG+EWgdGZtJ4C2PJf4zcgEo8OH41TzWTrg/rRczvUR +ui78VvtllXzi9XWXLbtmXa3zi6aR8UddqnBaRvWqG1kyJ74mXA1dX8yfxTN9VOWWbOQzJbtc +ShXRYdClsBcfzImNrl4lnEJ7zrvMB0pQv26xMX50K0crD3C8PrlbB1W/ZDeQe8V1Ip3VYhGI +utH3JEr3OiDtwv4W9SPZpo/2LZjEfqyHbYkCHAQQAQIABgUCTqwEmQAKCRDcaQ1XhbtIj2Ol +D/48CXEschh3xTL5epde3vGjFv6bPMdki5xPylivGSoZTJYjecfxubBJx/RLhr4EkNKe1eLP +z44kzJGewAYi2i/GuNdmqpqh2hL3tOGza1Rie01al/gHUl7uA4uyDoroL5wxBN5ZJYX0jGSC +PtqCdErAgf11vnj1EjD/KchdFRlRhZu2CtNA76iVhXq0sZyo1DVplYC5N5O1Pa10aacS5z/R ++OQEcQkgb7KzorIqrGqJzPH3S5duHkvyGWVlaUpvc15XuX8/pJWAUdbKw/LIdRJE14kMz7Zw +rZQZuyZ2ZpBirmfBac9mCe8xx6NbleClsSD0N1SsGIPB6xbjYNzvXqdm9s8boxvLgQMHIUIS +ynOZ/WdtVm9yVe1j9RD3qNAVurJAmHlKw/q0PBwPEjr7XUteVlqgbDqcieNqAZeb5RvNPr93 +cbNQdk6GItGicYkJEI9BZZoNp8aaMi+RsFtijptvwG3ioO/BiKlWDvo/2SDbjf4bSJaJn74K +aSEomEO60lmvHu5ALnRT6YEcf1gbJwRyiey2AQlPO1/GgTnb+54hDC+6lT3UjuV1oPUjS/gB +ySbCoQeZ6sWtsDia/P0AEXNS4mIe7en0FrI9yQKP47uZ5tsxKG/xjwidAvmDdDfAB3zSQ7DL +2eqNVwrIE+AWYbLYVuFmsV03l6jQ71ScbTvpVYkCHAQQAQIABgUCTsB/mAAKCRCQFB7i2ry4 +kyuHEACWJXouEPu/2uEWnlnDMcKhaDFnPVCQ2ViNMvt4qRVr+WHAZknnQmDDnA09OgCkxx8a +uRoZabfwxexJdoiU8BONtECpni9i4ybFmS37ZfPNhM2pvqcs/HOggSgyXGlOUJeiXayMfutb +SknuSXgLrnfVVRu9QbkbIu8n56ydvAv2eUtZDpIY5BIbMPihubH3gUe6fn3wI7RJDRysIF/G +EYs24pztKdmActSPcY9CqDN2koA9wsr+g4wc5CCheKXp/PxC1K3zh34uNUnfdUSWFBHeMXLD +nSupyCtHNKcaYDd4jZjrStGaMsdkBnhscd7rioC1b4wXNugOppwGJKDsVoeFyIKj0WGHp/uH +wP1Tw8AlU/0P5DF5OFw8GbmUWi+qOzmYot3ShWPNzF2nroKLcDdUOF0X541Tmzw3GjUpr6Ai +gybaoJncdv8dixDMObgMj+uwROQlAR5DTyzaRsXZTZO4SvYXKPiDxNFN11gN2xTbNa+jus5E +Q5W0ugXRlYjJWsUHk5TiS5qeBZIuP3QAg8X86+6kkrWOTePduHfZFVuYqrtOTmWlF+yR5fz5 +8WhWrM81kwVmShxum+OpHpJSrfMT6sqh2GoaHsdi8t+HkY8P5TY0M57NRzDHtegCRNSmUWPT +5dBmvSiwhtLo/Jr9xpzD1FPTdJmfTstzGWF+geasQIkCHAQQAQIABgUCTs7VXQAKCRAE7wIv +DBi5zD1cD/0W2WI/PaFXgGQxOZYI3eWmyiaKOxazX3T20vNrK8B8QQhkl5hY5CZ3UXCDMztn +mVHWjGIjXk1N5Xm1dAVjXkTa6HJ3y6S/sFZXT+aUV4TT8jQxACRxihrVQoubLsjN1/Lh91M5 +L8v6VhuJeJaAJQ8kLnj9lIjpf1SJXiLEboP/TMR9PNddb8LRLOn5JDr8G26cxXGZsSPrmd+a +LxfiIgJWN9sf/4+wQmHqopEWyDyVH12iM7fP1YoNEsU0V0nRYRNhGUUf6Sa8qMzYPOeUDEiD +oEJoSdEpBA6QNLw2/qgwWKJFyjfaleGkPo4FZ2iwoUYqUy/OojtJ1rlHsbxef9zU4CcwjhkY +YN1vf1f4+Uuc4oFL9GS7PJ9N7lALzJSzfAxocr97Iw1+WprI1gIeOIKI4peIkS/ze5FnJ8L9 +Jm0gTlYgBov5JdGVgmzqfByc5UfG6UwztDrFKN4chwWf5Crv7hl+XtXRlTBPgh7XzmyE48o9 +3KsPotoy/SgehixC3NIZSh18Jrm443lOnhPoM9e9wBiWM+fVc2Yu2sXoxFiO1NmZBCZEor9K +nM78laZIU89uPEOUdpTA4Qj8TS0ccIjQ6Bb8X9GmLo6QFgkyVQvgGi8lwKWEpeEGuBqOS8+v +4wko5fJ2FpuuN7rbmiILLBPJsIX9awsnFMOC+FgUM+5JiYkCHAQQAQIABgUCTs9XkAAKCRAM +m5uLP24UINZiD/9PAwEuT1DuumBnuUBc9SfzlS7vGrlI/IEz/Ad1b3xc58c9+qKm4aV+FAeO +GDdacrYk15/SVAC8+wkvdnHmrF1p6s5pRpbHUP4+ZQz1L9E7Hxji9+cCn7G6R3dfOp2KO8VV +XYTZFfnOj1xVmxwxGXVpdCtkbvbK0n0+z0HaNATvss7riLYipngO9xkP879h2SLYwlU2HJJy +bFEATh26PWbZkwJw4t7bAuwvcpwo1X9jrKvDfuL1wUUUoCAJ5fWgpS5Ab7XbQ8Je/0luEH5O +TJO3sBKJTZLpBEQu456UMrLicpUhC1MJ2R+tq2ShLuZFz+z2Czr5PiJUNK2EMJhL9bPUou7P +1RK8x6f5vWDkXyMjCtbcskXGIW5VoBFX2/XQnkgooj77LaFBNsTmEqviiYgRIguytZZQlJRQ +x6rYYbaXOFLSqsWStlCP8DaJg9FGWtl7WKRZC82OrbtHlMgcntnDHSQuAP2i5qokvow9Pn+Y +2nG8zMFjJk4ml1I0NIjs6rRRsW+ZbYrtkIodP7Q+HWL0ybx8o7oP6bpncejRCoigVzvyTS4d +hrUMucqLJVpluD2e+cznD+1zpyKvGnEG9QJS7Ih97Tqri/d/Ilz0RInKgrkwIt294RnEDujr +t11ubqpSu+N7OWhcPnZU+tIF8Y6LV3Nq0nengmSpy0AKFhEoO4kCHAQQAQIABgUCTt871wAK +CRBZeIn2zl348uOIEACqDiZEsPa6Rdanc9+w4Uer6OkWJbmapoFY9f2XHyja2K+xpxXpVXVV +Qie2DHnTfgZZlhNMqIMQqYrFAmVA3C2YXMr3GyAo/D3ampkaNjEatcyJG8bbqaREv+h4Ejkh +FOFNqhNZQlXSoE3UOpvVJkEeUHJGYA7pTkIwFzaFE+a3Lt87I+CkVdgGlrYJbCNdnWguD5aF +oTflAucjbU7boKHFbf1W3RnD8gYV3YphdN6AgzrVWQ4n2H75uAURTlCWsadNOYOpNkSa+MGb +AgsGbvRtQW2qfqRgAr9Thma5FoTV+8+3Kwc5MJnHiSkHGqsT8EKAUEeXNT8SwGeNBkG8RYja +f9c9ogIVuksj8z9GS6FFGK0c8llKlTDk3hZY/R3B51/do+KnY1S7Fjb0JWGID/JoBMFUoyJT +2d6ZvDKjAzN9teYmBpLBsCEhwJRVOZ8YKOUqLHMLO2IoZvLHtXKzW0tbjSrIn+IKCKcwNERG +zaK18xxlbdDZGfqEILYpeAJPVMJZRvniZTb9Cy0+YAPVgtpMxSTiEaZY4iUUmyL+9sP3UCPp +foYFWjp+qgzgB5d71Nr7pFv3M1IeGR5mx1M5ymZyeW4xQxru24OSskwIt/qeOPm3s4eSmHTp +79i2LJ9alhCOF8QBfrQtyz/wepynE5cY8HQ6RWh1+/We5MsxerazhYkCHAQQAQIABgUCT4Lj +LQAKCRBkmO6VkbEf6F0SD/9rTsI8NKKnBrY7XNHUFCJUcxhQXaZa4M5Y91eCuvDURyJ9pX/H +W2hqabFAKUfArEDz8YufYM4nDsLxhGxy4iDJsU2hxua02IbBXgXi7eV1Lc83aCR4/h43TBd+ +cCk48majKfxTv0SF/FQv3QP9jFsm5PYCOkGox3U/Ht20la6hMlHnC9zHgZpkB2eNxUxiIWEV +fo21w8fJxnQneisbRJmaO+lgeS229PcsfVxb62qN0ZPamvS6Kyp045FTdUb2YF2kM4cG4ymP +9vuFU8BOROrPJMMzckagIbnYWdw0C4pPmw9CVGxgQnEd4IkfCSF9+JfYpcBd/vhPb16chCgn +rawB6CJo33MhyH3XWnxUlhPNsNm5EiYzpCtcKBQIWOo4Str+ULpWYlSxUZeENo8DGeuXmEhV +CMp2tOU/pHqgN7+xIfHfrsiGMd//9G8r0mWZn+UTgyOxpH2lfutA6Eysn6oB5NFoZwr2vYov +7XljfaJsPF8Fw9KmV8thioZzobb/60T7ktw29hl4cKd50Ckgbd//OE5bUrJLtZLwIAoY0//d +qUcefPlaDcmimxm6k6SEB6pznLhNd89a+YedHmMWyw4g0+0aJorUh70fvWf4fxsLhSC0kx8a +GOFpb/y2ooBLrbmiJjsDIAjzh8r1IfiLure+GjxGPaz2mdB37WjxVO6Iy4kCHAQQAQIABgUC +T6AFZQAKCRC7NqAoAHiN1AavEACeSB5YHAfSfRT/8z+a6zvCcdPb+dJLzJZp4XaY3/WZiU7t +a2SlSD3T93Xpgsj2AHIXXIJxGGwAP5hO9Q7zpdnbWr4NFHK35TMGBy7F4N0WSVenQBTosJUK +qXyyTzrggio33eLsBKF62EMTeY9cO+BeYrpx9EJ6b49hVPQ3CAaqvLP+xGf5mbxf5Mcpu/Ro +XeDHumjdCalVr/L0L5ZNTrcFWFwBgqg/9IPZD569FFNsXB6WSEt55ptDEFF6RaycTz9OcuJP +qTCpfa2m9Drd/cKZNkZ5LFXdeMSk1a6JnnXvmnalSKlqW+l6NGVbAZpOkhSqiFX6XS1NECYb +EZbYVxThUn7hLz4C7notRM1R+wf9S5DhCs66X3vq8FXwt38NEI6G3EyHR4WzztTh1xMaQ0lz +6IlSeG/AnWykjztsr7O3UK+IggMySIvVxVy55Pt7FWnnt4XIDBrCQvdQKyWKB1yj/AoAwgo6 +eG7AIsz/vj1LNHkhDFx7V3/LHT+4bVIdUdjNVpa7989B9nOjlt3SKU/7NRicw0T8q2eq2NXl +X5LN+n4JL/pawrjCE5h9UexqiG9QORc3k+pTERYvdHlL4hDuAKR0LKh7fGW1E/mZdzIxqSzf +VOG6QC7/IbBivoQ4MZQRY0ucv9/E6hOB5UuIeK7C+/8+BUi1aLL96pGAgOKh+YkCHAQQAQIA +BgUCT7JvTwAKCRCcIvRVoM0n6Z7xEACcMcyaRdj2WwAaMskVhn9Plj09RmpDAhFjr2WA3skT +kjOAuCXK8mv9U2RLGebEbdla7QyMUdT5+JxwRkvKY6CSJ+UTckT3asYmsnrA9lsKlxu9oTv6 +GZOUpdrPSFCm/Q/8E0j+cAMF/FsCEDqTDU7E/FOgLCcODk8anlcoj+ZNacFADU66MON54yCq +5gy3dY2ETVAfVMik3UhKxlT/n1U3SUgIT9b1b1DIS4yvno+UbU8V1txDyj61abDeupCoSGdm +klOb6ri22NZVQR8ckhnZ4ypgT+2S92buWnvELlxxUUCJuNU4XYeQihfFXkJ02UvrwpBOzbpo +61xDxqBkEqcqSWK5rb8mzRwjVCKJvdsW5zKav3GWKr3GeQM0fBnU9pjPUGj97sQ2I3BmzxGh +8O7HbMcf8pPVYnuXBL7l7lhkoA/tfgfhWk04jjDhLma09x0NJOy/3WC/k8PIfkl9bVC8hL8m +B+nmXmWwa/356tA7JDDY42WYGZt07b0IdYOOaYPKEMm0nmkGklzyQc2vUSVcdedzlv+gHjNH +REVtvARWZUwT5F2/mpLIrGqqCU+tq/94+TwRyj+ptxqFmE7QDozP2fTdH2xUuC25JyZ0YOjO +BTwtAHBGnisUsJCXA/n9DHEoP1O4hxPXSb4lmRA3OqM/SLlNCW0z32ulURZQCITH1YkCHAQQ +AQIABgUCT7fLdwAKCRBixKdRBOlYNtVpEACXa0Aoa/4FgrN27O/jv4u2FN6NMHueZJ9PZN9f +srLxT4PtAVP03q1pqwOJLph/ZbX9huboXreFofLOmij80r1GYKdud0NRJjCZq+hxBAIEZtth +T/Mqhwqla/dKoiEILxmKodcv4a37Q9ou8ykT/GtvZRWZhJbhFQiiq7/9wwagHEhi30vjp/By +6DuQ5av++1qrYUgO7y+R8pa6iDwIoqc4hRB9O9jTmoVNda0EzlMDrMcGXMvbkoPCeaoskkJE +sXrMscIxSMz8SdKmOArVDO6ccXDbwrnmuIf/k2+9ACUfDFxnMccDyAW8ZQfkzjK0GM92Xiqm +KvipRjEaI3zYLEF61YHxjHS6Cc3x62e9oGvtoh1z7G8udfSzUM4wU2HyiWcyBjtVIgp+kp4C +YXqUPokD3yUTyUmeYa5GNZQ0FnRhELJMKfLc4f1leQh8VLKhShxZY4a9wAofBDQwjaORH4LB +NOnPpVcN6/BCXbD6odJsjRJxsEmwPMmbVWuIR/19SEqm/xe44muUpS3YQyUJ7tjz8zeISfjy +3wnHYpugig3+z+N8XsdpnSpmxlFol5sSPVLFzcnUAFcj6DZJq3c3i3qR9Nc10TKGw9HJw0zP +8Lm+clQDbSdwauHuRMWVCWf+MqbIA71GIerDNVSK2vIRLA5UpICEcYELoPI4Jt6VuJIla4kC +HAQQAQIABgUCT81HhAAKCRBV4tQRB5YuAjV0D/9DoYTISu+5IjSPjCI5aYmBtlHKxrv0Rc7W +byjbhfb1a2F+/i7ROLNf7Ys35hIMZTAvhSoD0f/nhk5lGitNVuVFbpSMZqXM/PuiBb7vVNYg +HYazJs+iktpE8U/sxaZt3t9+MxwdaeuGM/sn6jdqaYVopEDG3vNg3TPVtSwYOU1DNoSHxNdJ +tv6q1RkGMei9qHikzXs9IFQUxVZBLLRo5ONAYgJrYkzrXoj29V9rUfrUp6IxY/3v/Ann0XYo +ge8IWHxP8zlZ8aykmi4h3gWBrPHgCgKGNxZ7hhXdxlUYg9bqN0uBZ7ZlzZIAmJjo+mVj5Y30 +yE3UghLTJSZNulUKymp2LYXeKfD/iW1TsUiXX8qTsmj8pSlHPrvsPWu6S0ele4q+zmefQaex +T0i10KZUhyAA1LaprgAfY/R2rqd+0TK99Ze1tachhm9pCttdTMwA3qhnBXvEuEdsChIFqykR +Lhg4Rr5+5aXIa2GFACNuOyKf66LOJh3Wv78g0ADlLcHsPS20ZpZAXSAbtiMt5/BHLURDK8DZ +Awzx/YZuNTlN45zyQdNEbJi4Ombr4KzKeSc7aepOsoZjA3qpKa7sqq86bThoFuDHN/N+XRPk +rTMwjC1kqtZxqv8azUu4uZxLkhGzJ6GRlKUsMCEzhk6ZHxdYJlb6ek2DzT2tIaMXaNE6H4Du +sYkCHAQQAQIABgUCT+B8/wAKCRDEshpLvtshFfYXEACSaRdg/zTYk3ybpLN62aErungURYFE +ogSrmNDWZxDrZML9eBb4I6naWQnYtPTUeauMAWG/hGBoQJUbXParrYA3EDhJo2ch+faoJlrl +YgVKSp4PiaGpxNkEgRBseyGLkTp7s+4nLJqIO2YbGVS+aw6OmPnM/sAQGnLF5nMF8vC1PVcF +YoNW9nPV3vAfZy8VFC1AlPzmTDae3vThF8sp9BO8d04kH0jQ+akCbSjoqtg7CXIS26BXXvYD +ym5gtAJAaqpROuYP7os23Fefhsn2RFm26phNZ3TNDGBekvlYoJi/IwZUtcRYPzkRKU7vHHHI +yl4f3Pt62hUbeL7rlhDMryK7zwbQ+CsRrIj/TZQaAm5tg4oQuWDpTEckIw5KxdFf1OxiMtCs +B9S98uje2vI767Y2yuuyJ+NeOew1LohYuMVIlP7fkcFU5civOWUIsVqE+5DJFONno5Egurx0 +UdR9FgVtPkDohyXOTOW39C9ISfuOiZe5nKllWGyVObCfoWayTHZp2B2P6kPmO8XiXDuXcgvv +Fn1ACZ+gyzY1zKrVQ4dtp48hZh7ooIXtSP5rDeOLQdvZ0CWW+pBsevmOnnVpPgmIjPFjfIN0 +d+mCHcFo+PzM4E6//o8/aX7zrNFP9VtYfc57rJbkYFL8awa+PJe78dhWQ5VTYdkiAHV326tX +5Y1PRYkCHAQQAQIABgUCT+DT2gAKCRAmUD00mzszSw9oD/9PQDDBYN0+33R2P641JEumhUuK +JwodPyonyLTFrvr+Ht7MbEDPgsVPEUqBhh3Sm3y4pDxEHOV3QW3NTVbkuvi9FPHOvtcxkUvP +ys6ioPTKfXXlidHlbUVrciqjSIQKHZdM+sylwwF+ksuYU4nrP3ByXqPUIabTwi4gWvZCzOxD +LBO4ujSlOzrj+qi8jXoyZ17QZIw64h4xC65KAKPYCYykLKg2bh0cugN5lkkXpIgATgsMuQm3 +KYMYtSfz/K3wg+RO9Dxjf/jjiJZkIUfs4WCv6CUGlYuZzCMd1mx32csrHiRnv36UIJ8VGBJy +ztXNBnRbiR8vgcgtjXZ/gs3YtOj9PppioCYcGE7XgAow/IZbiOgC8OAz9G4rveMztix8TpOO +OJdwsp0eMCRTxMqYF1lPO2e5T3uwOuUyGDlrPqs/WWIBWvbofRjZFHdgxGODcXZ1mbOxKQ8o +3NyRsbKoLA6wWxdkcPNcv3YWpg77d8iL+MghOMPUXr5hLnNmmuuN27jFaMU41n3gwWVZhFa0 ++Bii3CyvdGnqRuFJPmMmO26xodAAVKv78ZqimWFiNUMXO4e3PSX2JJWNQ5iSEKlNIYtEvo4U +s7KGGIZ524S1XkKBqSdg4O8WZPwj77iCSL4FBk/iQ/klTn8vXMLRyU4mxH1Weu2DzfyeaSTQ +LecdTxVOeIkCHAQQAQIABgUCUCXsAQAKCRBNtTz+gqRnKCNtD/4pZNR8EJCQnzxKBRPWcNVD +NmuEuAe3G406gao6I2tr+oSgIBPdCc9jZz6guh0sUmj3MzlnJs5L/xh2+QnvFBwHGSmYmsJh +XAWAan8OREEfMHPmXKGvSjSFf19tNlzgnckJomeWB1VcevR5edfXoOm85/BPH+RvpC+2F3PU +/X8FSSHo1mdN0NJ5B39LNHjvkFSEcXacMgeJSBXyDnD7tdgcWZkwdct7WoD43xrlRkRV5yjo +HgJOMBM03BbsUFJNwI4Du4VU4zI8tmE/2920jJ6t6zSFroFKe3+By4tEBvFCg/Mf+8zhOllf +oco+AOtexpz5LzUqGlHHJEy62pbqnHPV3HDqjd/QYAmnpBoneVB8HvOQIgxyIT+5AWAEYypf +72BY/8I1YpZ74L2w0By4ziaMJ7dGrm1Vc05Nce4PsJ7vGyGWcwmhTeRO5CsOFyLABdpmwL7o +/2MYaqWzcnLtjIYJb/Uw0gmZudmKdUq14CDyYOQ5kr3iJoZzga4nF+w+Jt5ZWr6TKzwhL0az +EGrVKdz4Uax5UKEZZgPETNUo2Q3Txq5fswdsp1UPenp894P4JpwwBynnJiR0Oec5UQLfEvBv +hZJseYvDbnkmZJtibbpMIKI/OqlrMzuolmpK0jIQqhTtI3b3g2O4q03JwAPEGFsvKSstCCLv +JY55pnaixORnOokCHAQQAQIABgUCUCqKnwAKCRAu6g2Zz1YtSLa/EAC9Ab1VZdMbR/MnPueP +lQb36ZrGokR9CS7hVfjQBvtfFHPU3Rz3VOy0jeMEMUPOL5HKqmFVVYlqztKHdv+ux/vA0DC/ +KV1NWn++RbyYQFctIy8uCVHoBytHhK94fyGXBbUQ6BXQ41u/rSpSsaKFxMsqYKI6Di/Da80B +3AJhHA3r3vHRsD/75PZR/c1fjC9/orrQU0KBdTsNLia5Vz/nrzOHwRphu3Ua01sJZIk78ULE +wQcg+0+Tw+CNf8WBgf4ouJEzr3Uxr28ObWeeZ82FYr1eQSBjDkMzn1C6pjhrZvoMO8vgzT4R +ojVlPSFpGNgncD+G4a1t6JH1GInM1ByxIOZnFgw04C9E+891oVNMqDRA9qEFuphCcLHvg4ps +kDPYDuUz17YhbLGzNwJ+R5Cbm7IIIxC9bsObVqz8XiDVcSBH1YlGONMuJUsBeeOAtROK1K+f +LFdwqeaVx9TD67MPzjgYV+M1X01iHJD6Gdg9iCX1fOfZtvnMcU6x7euQ5E3HDgov/l2mVwiH +LQvaA8+BdYf3HWHxwJWWanFysS40jsNxC/3N0PD4/KLStMPZHa9zTlsU3rQHjwDKooQT32Vy +jddEYS8h0WvqQKhpb9MZGA/iALgQFrRFdg6DV8y6Hj+ST1Mtpz9unm+XmNw+ZN+F7fx8oNCx +D4lg/D5IAkK2Ix1s7IkCHAQQAQIABgUCUD/BpAAKCRBYweiR8NgoigJ+D/9S1Vb/CzXaH1aF +lnFVXBD5OOceB32LKsBGNAjYUVqlxTamEXR2awF6U3qt4Y7RxUXbUOCjMw0znLW3WlW5V1bk +vxTI4JjlGfrV+qJAdbWCNyCXWCH8eRpD1qAw92YJIde4pZOMtAV1e6adqeaKig2l9QkqYVRp +8yn3b/lnsRwHqwrMVuc/vqX1Mi1zTB6W0sZlB+BH/CWVvL44O0sIotxNny3psM0i8YX8erp9 +PyjJxqOc5/zj+vDn8kBN8+Fsi5Ifc5iYv8K2kPJKgE6qHw0DjqES9XfQ79PY36bA1JXwDlJQ +qg+mBNOVTQiH6Rqw+FJKb4glegeGG4tcrPn29j4+8Vhs71vMR1x0Y4jyhtzAV7xE5TFEnb+B +P+5vbvjDWpaWTRWGnK2VVcQG65rwo+ByAkeOhP/251poDufyEf6KgB5te7KVFyh9YyclN6CN +Twc+ZCf2nosVrOZ2m+zm2jeQeHtin725+bNdnN1YH6d3R3An5w3Z9ee8lpHFEeqrneE+3T4I +/ekxwbLcmJMCowUomTrxfpPYGbFhXntWJnwh7Yx8R//M1j/hyOOa7NUE0YLA1nzvMPRfVUZj +sxyFY2gBbt8Cq4wZz/2KAUdKFpwie6ODMSdN7fwrguG3qRPoHcHho3eHl42v4fGw90ZJqrcF +zFLbeo6VIGy5OWCsVaJnfYkCHAQQAQIABgUCUD/CMwAKCRD94qPLgAzfxt9wD/sF/AAI16B+ +acDhIRAfl3BadrlmYlLbX92D0/V8XbPhKLU4pqhBgkp0iI7W46mT+GUOVxeWjPp0LVxkCsFw +QysKps2j/7UEJJxY0T1Hm+Mz+SWvjo6MAsd4bvdp+02ErdQLkMs59GbdvWp9jxTtsxiqRqon +E1Kj1fli4CBxZG4Q3rmjGX2SwocDldt6Iyx3ysAuD+el1eqjRwyXn9DYRFJHIvm3D+seMv7A +rUMb3RZv5uqzojwjyIYLfSKX8tIx9d651UllJuMvyARCL8LSOGcU1hBX93349EhbsZCI2XGt +/yE9fw0w9WKdOZz7K5HkknHkIWqGLo+sYP/S1NWg4BWK35Xc8y+5ARRs+GgsPrnnTniLa+vg +OGAl7bmaGydspy07CBFg+asAan5aKF32jttcQ2WnqBVEnn/sOcjsX3PDXVWvMKDFIdS5ND6h +6BNUZq54x2GjMZJEIPSwZKOCUeRzkd3t7SKdNIsfksDdlVGjhwFOxFXUsh2xtb19zixfLVoP +LRxR0CyvDzyT0fvdw5LEyoRViJT4QMXVdUehUoja6PC8aMsKA80txGvEQ03zhN2+0hJRHTYE +XRDX+JBXyvrDnhPXJ5DoKawam+/uNmDpWXHrfhgBf2TQ4hOZA4DzT7LPnyvapBtDjg/fpjBk +5oQTbwv3/pbUqtlOIsFFbcy09okCHAQQAQIABgUCUFmD8QAKCRDr0RS4I0FR4U2LD/41OsGU +E4oF46vswXKSQK6BUGueopv0/tYVSGNOptrlzQVIEMwCt14O6/3KYFtT2kRcMYQxCG7KNlWX +wLFvKI65Vl871l8vrOfWNCnlr3PtZtA1UQ/cO4O6zgkD8GIy67TmpWtR3bHnXyxqB2V90W8l +yRrTc+Gh39V97SZYI3YK9AUzMLNjO9clNhGZUYbgMFkaBsWPTkHz9uaPXM7I6Nyb/MRkFuQc +u9gijhvqgQjUP11vWESL6OkfKL81P+GZNQbMwJJvYIuDJ2KpODT46xsa6ScZPhjqFmijxFNu +1dC+aJZvF+9kze8B6hHWdbiw+VmKsBY+xueeawafs5T4QI7Mvja9T8lDwR0buY3R6fcihkxS +HooIE18n31sWfjt5md6zyaXlN9m++T5dqF+3HN+uAR/dDI938LhTPNGJPC08rkjN5apNxyzU +o9jiyxh+SLB79HXJhyVu/9OXTYWAkcNcu4XB3QEH4o0Jnl7mdHjnuWBMt3pHPu3ji+ztfpWs +Tb3mG2KxvImGEkZVLosZFL6UZ5PUeLU9oTDys/Q783T7Bnhl5ZKbrGOAr2KyTt83hxWA+Gs6 +gvUthC45aXLWKrlQpY8JFLokUNWsMAbEuT5oAjRHx4OpO/InYKjt0j/FRM/ynad9OduL1cPz +fot/QPRyp++CdTs0dWRjEIH+IWR2OokCHAQQAQIABgUCUHge7gAKCRAsdgqbdk2abBpHD/wJ +71J+ceNpAOnHbHYGxb++/OTWQ80UG6NQoSLdOf5pora6BHjWzNsUmt7VjuzcTXVpSywPZJPo +hZd01tYUVxeZ1ho5VyyP56TCUxTloLUFI2ZW2Ksp0XIjpQkaINM4hVrtHJ24cApmVvf6/gzv +GdYv8bXCfXE8BUYExddz2FJzOwVW7NkOP8er2V+bQ7xKG3ZVEJ/OG/NtmxKupOGeP8z1+GvX +8etoSRjjucqPNECbgFEESJopYctkjlIsrjMpSIkn1/ojZb+kvyNKCkz0bEjCCurtbYIoVkKQ +ECf/Uw2GPn/lQ8qDojnzztrPJCAapFlknORtVFVODIiFl1HQyb9HLZam3ndH79iwBcIGFi45 +qv3mLM2hLq5gXLBlI9Y6P+U5M7E618jwQ18NIEzlLFeokx/YMq/C+gB+gTHr52ZT+JMDe/Co +yjPQMML41xt4pZ9HiKLW9VdJeNzcW+56gSDNXepTfDmDl2MI0Vsce3Tu4Lgax4+qdZArT49S +7Tk8c6dvWp2zkeuvenuwHJwAQaQgucUBiYm3KQIWW15Ow4VSaNVQfnJgbT0wgpF5aNx+WrvA ++HxivSUwSEXYlL631u1kJVPh8KWeydvFatqGlMNJmdQa/65WbBO51awElW292dDgQY/6zJvV +xjqi/luoFgCuxSGCX9shw34pBMR8mB1eDYkCHAQQAQIABgUCUIqZlwAKCRC8pbsQKCJa8/2g +EACeTxo4PecVAXS9/l9pN7iQxueDijRRw62NVKyC/NyKNWnq/M3cjbm3meCTdmFgzO8SYS/c +h4m+Zwp3lr/ExR5HSEmgiWrBqxfl5oaH/SMlz/B+PZZiqKhZeQ+Euu3hivu4r0TmP5C2qaa0 +o2kzZN6iZnEVW2h1mEZFy2FVJSLpCV9oQ2VCpSqI4EXau2L4pF6OfbI+7U34C/vKJjiP6c5e +iMtjmcX5NzEAVjqXKwwxdlqHHwFSKzaioqMm1C+K59EfwVOnLRQ9Mx9V7jqMQwGh45dJbo+S +GthDyjEwVex+7llyAv5dsl0XJIBOPvjyGOwyQLmtEzJu8jnnRBScA01T4sF5O2IGVrGz9I8k +vSwCMDRngGK9VN4WVGv2Thvmok4fhMmuUC5HUqIhDK/hK2N1vwLPx1ZcCrHMHh0DAMNHC+rb +6WrI2e/OhnVIktj1WNDHyi1NOkVY2XaAA/AYGc/aeK2lY4U5kZsuFJdjO5gV6jld+uTl5igd +QgqLrLxh5oRvmV+zQmxMV8Qx7q+OEaYAcyvsJbOJtn85Pj4aMFSrKtJjZkpOvGs4zvYUQtoG +JzIhQ796yd652nydm8oJoyTPgRtMoZ26MHjcLnCSXTyJoq08A8a6bHycZTOPdiRmvtlYQHyv ++GYd4U4jva/Cyfqtak3zywNzDXo4Q3IRNefRQIkCHAQQAQIABgUCUJzjAQAKCRD1fE3RpH1R +t76SD/46UJtgu0BoXvKvUB/5sDqLhkNfqL571kKvoA9T/l38dImPqLykSbTSGmLj0mwc7Eo7 +5M1nray2zbzxICaFL0bOkJxhnvILQr8FZkPpPP8OHGHWlSdx5JePbNbREgikFq/Wxv7oxIbU +emURPGktDnP5cWOn99MBCkTLcUdIh4ZlT6q1D3w5gPnqHOrXJM2+ylgaU/ckTAbaUaDmhPqF +iLjD8gQ+mCWtKuZAZhGOck2hk1xnAbvEUUx5PXcJ2VuDGBuDaJHcT0yFIPmFndVbzjF9jW3A +NVgLQJ5RjeKRbEUfd2ofB2CSvuobh1RicsAmZ32OSTOYBw8DCmgmEMtno9LW7rYz5tENm+uf +xrIYwIdEV0YfdCPUOO38rYMjtlBW4rFch4GdcARJsd1Z6D91rEDqrg9MFOKOf+o3HUBn/FBf +SBTk8RGKIX7dI7zk8Set8PM64UpfVuxOTuP9nnv4I8cR5tnwquG5WKLiLuldK01Tbv0bCoYu +xyUHLnTIJNMokUt4nPNGqJ3M00t3Hd2+36R/2U/vP5SXDhFl+kGsVpztuoYifcVVJK4syzME +f4idc8OQ4EfSud26rdtyRagPYgg4GCtuIaHmg5U+10TmZ25Ln2IChwJzhMG3uuZOPm6R5A1U +Bb1tJKT7Tv50PNgB0XXhH0cdx+q5eJACNrTczPC6dYkCHAQQAQIABgUCUKniywAKCRA+1+PY +Oo5DNpD2D/9q7oN05ZDc/ICYhSIX9SXKFeUJ0OhgZ42imzSd28Ikn07bhSxI4Vd5dZC6cSds +WtnCYp7lMPysk2uat3wjiyEwnEN57lPdJfaou7oNaqPnpSW3CjZRpsHh9AzAvQ4Q5kXbfj3n +LrFJkqIDsK2XDXhJq356mhgKCskHyn42Uibbwx3xsPXhS4U6h1wbDM7kWpMKcCuRSTkm4zL8 +tSZDfhRJafcCWwRgrRxje+hriTclW+t/RoF4DzWLCrqeZFAJNQ7BL4y4nHqAzN30iPXAOyBy +pCITFbWHtKwmWd86F+cduVzvxcLX3+V0zQvtr3oAzIqGZ+5RL/5jXxUnZImZnjeQUOcNYIaS +HE1E9poO/rFJJuwvuCs8TV4GjoeHTwqyyMFEIQgrPtsSdC2hDVpjklHwQSB6YO6gdBrH3/p8 +qHIspMgpULpIrTR22XWYmlnt2nRySfUVPJpZ9GdP8ioQMhNQK0xClQWYDcM1Zyz8K9tgXz3X +QuYRkVA379e/0lrECaC/viPtG11yHhSwjC8rgLcrKnVtecgqhphTIRuruanhBSgZtNKqFVZ2 +xgK9uitS3WGyFanAGX1htH/DR47ihNROu3cw3cEWFPdnSAxbE4qY6A5FWPj2nh5iXfLVCNXM +LVAk9ePjlHQNPwWwgSVwFKtpFJFXgqjrolY8lKQrYkMnmYkCHAQQAQIABgUCUMPwFwAKCRDG +xdMPfC88uedfEACJwWqGxOIVomvQeHGuZEtxS4/RS7/3/GOhYKoRl6j/d78PjW0WsG4Co+pw +ptywKOT+2pTKPk26ny8WQc2+yfJKYYmrXOI8FOUlHQLjft7/Mx1pvJ2GdYLJA82WWv7kgUaA +9fQyiDGla87nAxBz4mW60lnz7VUcghuyvnAbZ0VJoFTIbooy/Zc4rVt5cTwCjjElS6AYZNwB +UgKlrSC392L+HYqqBbfDLkqMkXfEnYyStUFknelAUeEdyZVDha2RrBBCUTgIRZHpHD2eerMp +xrQEJbujXZ8l1PF1N5P21yr4eahIhHZpqKM43aABR4LH81fIpul9Rs9fsT7liOXc9i6kcpjn +dVp04OvpcbwxtkBDbWHywwVl7cEpcqx7+yA6llJHmHGYJBSpciebLIy03F7sitW/yicmrMTW +EOMGad659FeRWvlW44PUbuBCu1tMuNAU8RnHM5LK1fWB4Ez2EovNuvQwa9s80rXFnrlC7z5V +54YpyogEQHdbkW3ia68L/HwX1AUwDCpXvxjj3g67NfwpRr0yI2PkshguV0mMehVUOaT0ThUy +nF5W8zesrvY128eNs6EOI8dl+RRA6jBaC9grMs9wpCKfNT3RKG0+Cs/Zh1bOO5x/Rc31hsZP +m20NcjUxx9Gk9Yy95TC7eDuDjIfBAEa09pO7kE1b8o/L6T/zEYkCHAQQAQIABgUCUMQ8swAK +CRB7OkqVr2NnVXmeD/9M974fv26/OpINY2Cg5QP7ldgwaK35Wwjr4a4n1TGkMMnjfmjGcEIV +jRBBtYXOQ6uUNjd/WrH9IyhNTqCjOKbYAMEU9do9LZpST+BdEdM6jQI2lNtOePBPcukU1Klr +b6qSgsqnpAgkR10ZuUlgfHbaHQJIab0t8ZZA1Yfg6KaGqRt11wy3m+spGe/UWJm6pIRukbQ6 +G21cgtcu9RZoIVGW4olESy7ARHouYzNQ/PPrfT2zSKdDYuRURcIMtzHlDz/n6rIDIYr1fR1N +kNFoa6XVYpYS6Wffj/kO3xIhEVB1y8OHW0tlCGREeqyxOGzqZZUDHyGQFXkedSN/ELMrdPdz +yOeWHn4bseIseLkxYBOFWuWfBfAOaZOp8HuHRMbxMKUe7pOKT5k9siA637qZ5g/zX3GrT5GE +/dDzcSgRKGc0scyVh0JUGncCWfnr0SOY5WVxf0ymRscWq1RJpm35LmxjiuePyCacj1sCWx2G +VXMR5yc4xGv4K6CX4J6F+MNuin94o9iD8sWFkGqLqd38TkwNEDquB6Tq6E/CUT/tsN/5+hhf +yGBzmFeM3pcv9bB0p+zl95JIzyWP6P9X86edP53D5wTzSo8UkG9tt2QSAu6eGxE3WAhdcYis +LCjeXMkFI7M+GfZyFBeazF9e00roXB4VFoOxBa0MutrWqTPIAyCkg4kCHAQQAQIABgUCUMYl +rgAKCRDOQW4fPEJbG6eMD/9RNoLUt8JWyEubGgf68KNI6BKHEP6oZj6BkITMhNliTX1SokeY +2nAXQX/aBzscrwKQV2ViQbumEEyP4k4FXujCDd6fsUgqB/yTyd4lQWx/FQyvxwD/Dy37Ux32 +vkLC+DEKJ+sZoI5GrdMCRX6HlmScJlmd0aq0+ejZYkQxL6eZSLilfjAfW8mNCMNWwix82bY9 +2hpoEAtoRtutn8gApLwFZTNIeRNunIgMiPWuWbQV5nHo7eH/KH6Yjwb4YwRLhTkhijbT0Fcn +VJu5DG6XT4owiPqAQB8Q2z3sTW4FvoEKwUYJJMf1Bd0fqaxz/LfWm/1p+9Mad/gWFwTYzy8G +8I0eNUBjyMe37gleeWVsN9N52mfl70gj5No/Di/Q6lAgJRdviGBDvwWKi82IF68eXFcosePj +SjbOJ0Js4/u5X8tUyOFmEh+vXzwqXTRQoP6hQH5xxKv6xOlZCajlGwkYM7XJ57wpCe+xxNL+ +7W/fkG+xkwH2p5R+v88uBfnwGiFcmiMfoWQ3eYcFie/gzd4GpZQUnu8NWgY19J50xq9m2eiv +O3BTboRof70uPZot0xsndREvPi/Y34IpBdbJIQ54mxraY78xV+QOwjAJZZXpst7NgL/mxJGV +infSxvH/LJ4An8bmtkE5Kd86VaFCbIYOIzrIXHdQKwaSXuXTSmMBwQe2QIkCHAQQAQIABgUC +UP3tRAAKCRAGmdKigxpB1Z+JEACimqJ25dFy6sC+uTdbqFyYPXWSIKZg/EokAFsjdJXhkwQd +vrjAGrvfkuQ4JSJ3NjLAgldWdpzT9L+H+Vnj2lwq3Stv1J1t9EUba9zxGKn+Rf2oZRd3q834 +IzdkbdNRNPzUMG6q3a1PsEWdQB63NEJslBwo2FFCr2SFeIV3rgy+fo1xVyB9j2wfZHpbNcEp +vPvCCYXFQv5lcz/aEYFzyy272T2p48eqvCwtjIPZu5tgAzO3FR2Z8kILc9aBZZ1qYUEifNBJ +oT2FEmVxskeWmbzNb9+kIf3s0ncbChRqwwNXYUJmgrSHtL0AinOlbeljvke3dUX1KcesZm/3 +f+2c/3JQWNfTTclXRFUUFzI0NMLl6K4EaXBkBIFYCrDqpfIcQ0jcpeLRzDJmA50nkjorUcgK +yQyVMkPWbnPkfhtAcznB/fI78FCTtndtwG7y5W1zPBAEbkUBpaCyeUGyN7fffaBSm8477s0O +ETOOxh5L34TTbszuioWVyEaElfjbhgg1WpKuiMAXhH3rdN7FZJSOz+sJWZWxVm6RKJEngXjr +t0ssq6cZpVyJSrO5Ybw5LbG8TmhB17TIMHK9nuVX7D4hyqEeF/mtVVjA88eWuTt8r5a5B9eQ +Kpem+WTo/QHmRybTiYFQuyeYrJGyZV8UasGIhsgFL5Lznotv/V4j7rE8x1GGVIkCHAQQAQIA +BgUCUQEFRAAKCRCqOe8VomBW8i4+D/9NArXDEkgJi85fvOSz/1bDmtmH7Oc2eji/hUFPrlcy +gPNxxkqWsNci2fco3MWniL1bkiWKpHvSYWQO9qE5GE1XNlK+f1Sp9SFqopoWimoC1kko+M46 +FQy9INQQ7AJLq3z/Z2lY/ZzpvgU6HUdzWAe4pg6EGB5htgSaXpaI8YWbKiR7kxtqNDlXy6vs +HUrj/CioAEKj+o3N31eaiPZvNUM1E9jBEDsfnDvstcZKdQ/SVQkTaUChQCluSkaqRcgF6G/V +51lTO549o1xiwwVdkrEqq7lPl8oV+TRYBQpaRdSYhWELgkJ36uUJCG5QhqdHJFmQNyB5yCd+ +w6uPOm6orsOm45NdvwQ3Vggx86fcr3ffti1S7bPFrWiVoXYhUbBxKc12l3JRH9+vaeSCEnvT +y1hMfGfZGq+ZjRvt96PE8CkjmGh4s3PyDvilpbCSP1ObFafqFGzOd+sAJrX+18dIoLJRfLNb +lbVOxGVS2Qza7udaqe2gMpRVe08wKWC2KzO9/Oe+uyFPnHd0gjqB1XE/Np/MTxP8agyJ7Srj +xOw4ZPJOWAeN9CTAherhPkSimoFa8FETHZEKN5C3ZCLHVr+esaDdz4E/cm4rLGg2COaKHU4s +1bT1+SDDMgJ9KuW4WoT8o7dfIYrZ+C1mjhSG6CNf9fbRtRNUIsyDjSx/gSZKK48zKYkCHAQQ +AQIABgUCUTfUtAAKCRAV4DVDSd3cA9qREADCwdnF8NsWqKpniLaTwZVBZki97iyDIB9kf+j1 +Ap0i+tz8jcaNJ6acZLvdZkf1veWyV1hwDGDm5uaGxTvECW4Uix2/ncLJQE4Y+mCThOh9WQEM +QBKxleh9b1/tgMArz4S4zD6X1RKa6QySZaCXejHwiHZIXW6Jgdtl0m19ElWJtFXynI5plPB5 +8lSh5y/5qTxrh3denpF8I1ZBIDeVdnyoV1VHOSZsLmub1kDgbzvuxn11VBfM891xePa4MM31 +4eoTNtsXEbf9MpzUzovoa8G9MBkas3FsjLDkHgjDXS8SKaGZSb/3/T8P0Azy2HaXCxDu833U +99t2S0ZgrQt8OI1q5mLCQeMwbHgR+QKhxVhm4zl6sgqB1GZ33AAzWuVnFREvKiyxuGDegHvx +iU7parn75Qyh7/HbtCgutL2zETLli0wWzhV2SXDGbfZw6KQ5e235bpkd3VApHT1zGaf2gQKQ +Z7K+9ILCW9QECu/ldZlNbVnkxNZsx7CVbPO16YrWJudrSgOUgYH7PVmpLkWrzXT2TIbIzmdi +8hzBaSE1qf9A51kBXhqnRVfLR0E8lSOUQcHwu3um61s/E/lwIuwxROs9vEEgw7AG2623e4Bg +0CTFZadPoZDzdiwV7oS8YY0PR/B4vvRHKgIO38yO+6DYx4UbeAR5Up8+MCsOkbHDWaHp5IkC +HAQQAQIABgUCUWmpfgAKCRBqoEDdUNdlQZhID/9Vx1SKs4rXZykrE3y9IkcyVrNozqvHARjf +e06PR1XmGcxo1GBTlNy3cEiT/pYy4GJHy2cXcbkbX3+aZ/7nmm1VnmhmDsDTMlSfPLCDSGNf +xGpSmCd5HjCNi5w6ZKwf5Q4fOefoIxtJjAtyJx86HV/d1rdgCy/TcNYNi/kDrSD1itxZGmjq +56mlChQ3NRk82zl3cHA2O427lJtydwz1APkQGQqrL7CG7gARoDN3prDg5T7Obe0Ye2SBBYyh +Ajd277k+CWIgnTqU83DUE4u0EjAM5v0SiKFrEB+plDOCDcNXKUtJJINhjvG6ehjlJhXBUwwa +y8PO+ndDDXV21dIS9si9etpsiMdRx1+MrdRaPskTcFVx90sdLFmtj7bV+d49blrhdppPQGcE +S9uaBQIyziG1M0GScbHvXMWBmOQtOrdlqSCVl1uEp7vwn10dFjYpMbVeqfnXc5ziMwDDl9pZ +z7+XwXXav87GWDBKzrcl6T/iFPak5y2vYFmPoJ054t8pWYGx+pt21z6PQZgJIVl912aTei+H +HULrTGAJ+s8rPS1Q+n2T1BZ0h6plv5dtq0DKT2+A1I/YObZlEZaYeF6p08M6xQSipNRoHW6t +P2BQ8yFe36Cmdyjp1XCyrHFh30fPygy2XUotFSf+4Cmg2RCbC+6IZtX2GxLmYum1Fk2JCNC8 +ZokCHAQQAQIABgUCUaEEFQAKCRDmtFbK8VRH1UACD/47QTewG7U14NtO/nad+1B73+0J51P+ +zeoAsJaCOTZbRfP6RwjKIaCC0k6QO08qyfpYOgztmMZb9+FdlI1411OcqYJ931DTb/5kZfHV +41HoPQc9USV4BGj0UAqTRGhMwZnO5TnS8w0yRB8EUJb7NIUwfpd83KyWBqnXc6V93RTgQlsP +71KumR32PXUSHJ7ilqy4N4YpHD+tGWWdnn5p/FWF/8GAHfkgDY+nyu+fGVyT454VABw5tzuw +sfOLUVJ/v/3SZxQWfbEOKFnZEZEnqkUFD8lEXN/drZxPP9lOASl+VsmMcM+v9WJb+Sq8nu6A +jZr98Oq8wRfY0N+7bnE2Wu4c8C0R/gGSa28+4Q3xDv8OnIqDUIsdPXzMRvQF3+vi8rBb13fG +B1K5TFJXL3T29kQXJfPgGI/l70wBw/ENWyQVZEW/iSrOvadJe1/qzg0bUElxd0XA9IIpmGqJ +TsF4MdR4fgLZdEEILcK1JKSxWP+YHuq1T6SQNR28eRc81JxcK+0bqve6LfauGrpTFNXEV6oF +/j59BjAPpB5vjwCl4Ck3yx5ktoXUDK1lZEvXdTPXmmqeNzsnXw/zRdHTXwKNARDsTFztIMpB +Ow7+iyNwzvdNEelcCGbBppeEUE0sbb2O6j68kLl2hY3EblqFsyTHg7jR7zeU06ku2TvSUaE6 +YPGHbokCHAQQAQIABgUCUaEyLgAKCRDPnwj/ArhommZvEAC0lvELkmEnmHxxh+aqSLVgGDpK +v3Y+vH7dGnOhc9dSxA/9kTlm1/UQpnSV+/C93WDs6aV83h6BEhuKPe7qlCc2BmhIQt+IQE+P +kr9GfyTBKqywv8z/d4+6sG51c6L6m+eEnF7G+xL2kKywGra7BvqTxVNqD7lJR5IdPkvM46KJ +RgWBXui1q7TAoC12eBQEcBCZps5tK35M3W+vMN8aJFB95V4BQinMEel8wayAQVYzBrl44geP +XEkB567qL9pFO7f2Cfuk8TPKS9/trYYKJNmDSBb3m6wP3gltH0haja3Xnlndig/qXzHkHbyF +qSNlH8Z0uL8rTr6jId2SAYerjbt4kui43AbxMwzNCoe4wBwADJBmyocUvQwCv1ZhAuTCSEAE +IkFk4jGRkClwwvPqKkJlgioLRPfC4rbrmBa3lr5qyZEutQPr3PJKil9tMqvK/kclquWfwqq4 +iucODY6qYVvXyP0lR6eUPjdh0sTd0+nEXVNqVKzwGB+B/uc75LOChjLURSG9c53wWjAvBk6d +77c1QFOhYlUPoCddp4FkK5TPVO/wj/7Y8RyEqOgxiktarL8qtS7ptuXfzbJpp4e+tpSIGFvw +3ZYmQaqoFkfxzDk8NwimHOXKphMoJgxvy+SwG0DILeO2nO32DwT1zUXrIeU+PFyG2KuhWAZ3 +8tOK8RmE/4kCHAQQAQIABgUCUdrrdAAKCRADJIQ+Ymt0AMiRD/9BMN2UmwJtLubzF4HEo79O +o0t1slj/bfam3Fh5feoZ9LHlnE5kPNU8Um0wU4gzSpN1/qIgMwFe8nU/XKe0AML8cO6WGod9 +30IhYo06vz8vsrTID5FJh+t5VJ+Dc2MvFzSbi1C73VecM6c36sZYv5tKL5iUzwTLij9/nit4 ++MGbMLkeHXU0+USqL3oCfGybGN+YUZoOjpMz8WCZUwmfqbxzZolHq6TIhUy1uwoBKa9gPVoB +VZZyXZ95HQjGtj4mFL4lK7RNImN1zv0L4oTA65arsMYFPhnDqxHYE7ZDysLUzzH4+P9evn8m +uOgfrZFOhCoKY66VDbDclONzj9yhrNLjNjQ9cogU0Z0ByxAihRaj8vFUMtdrNaGEua5bo+wH +FlDlwMSbML1Fn0iVQxiu/rSZi27EsB10HaFxISfAEuQuaG9RWagrgTxU41tncjWYMB8FCT7V +K3uBslciMRoWV784vF2DDRj9+DROrLuDYGF1bluJDzsRTg/1cc739ZQsC7OeUySABgNAIFjn +8Cb4sv6J11WyKrX5M9X7f2ouc5Fq6paT+XwscgS3YT4Y/sD8yiWC1lzl1OhQKoCqvWy6m9uN +r95AKeQiVAzRSXzt+ad3pcMcB3zL4INE44B5N4OLagi+l1czaejOBMDCggdan2Gx8u+Ye8ix +RT4M3qkr06ea0IkCHAQQAQIABgUCUewKXQAKCRBXwTRmKdbsA1XZD/9LmJUxuVxMBNfUbhjb +wmCjYTgyoBr6oBLFV5+VO/VVtlg2W97tyThNUDPDJr3Mdqjh8B4m4kQdyn/1tPHWXNYFKhp8 +tDyTolB5qAyI8V8+wloAYBVJCfuDI0RwuO0hRNw5/JA/yefemk4Q7SNA8sO+tefZ1+waNYqn +5FHk0xKxo8uZqXUAUuLOD2OmA9gFHi2kNIc5VMhCVC/F9W/2Mgpouq4rVCWIPAWO3Jhc7dNC +a8tEwn8cVoTn+CBzpE2XHJ9OFVlP1V6fnmSrFKXo6Mov5HfZw1226JqQWZm2Sk+keDQCtOw6 +Rn82D6OTc6USOO5NMq7MmnSY/gsnuTXLqlkpn5t4MB27/huP8sRgV95CDqsdIrZjuyMQNsDs +KDYu9Rt7vhEi1+r08cI7429xGV6UBqxOptCmB3vskS8CUHESxDdtmjSEkPxTSnF2yaPUPnU9 +Dk/g5cFT75njAr+wjfPhN0nK82mvOF5dnuEQQ24yCtA7rmSnOpAEoEFNZSIf5226+O/sh88I +tnY5CcuRVyUHKIF+Vp2CxLdJZkH6CzBthRvVE5UiPt0yVApChZggdsqDWvI7ol9c0rnhegBS +7PMttW/vpEQKn1hEvC5esb8fL+4x9txHU0Rc4WqU+trDJ2RwreBeJA7UAZOgtYAyK+TUfwvj +tDL0g3H93sT9qb7IJIkCHAQQAQIABgUCUe13vAAKCRDYfLU7eiZPeOr4D/kBDfQXRowut5ak +aKqxWjQv2JgReHkmKRat5hevGECEdW2ovqBwZj28RVdx725w/1Lk2oG6tr68oHOdNFxRsjMz +zxwM5X9QTFBaZyzwiXHG63R15JOiEe90tzuwMD628tROP0pRY9E7uHG6gK+BjLRNV5dmlMwn +3bBtj4eooy9vYgSc1vkX/n2TZFPeFLWR+iWMDujrcfHy1rvpPAwJx2A05SdiZkCYjurTOJVl +wttd4bFQvwRowhNx2dUVCotVBk6rGpsr0+CqcVduzjDLFIJ1WiuUsEA7w6sDqdybqSm4jRhK +GnUv4AH0M5Ls/mJVLfmTQu1U5zljIwrOZJwPwTMx8oTBjt18y+PI+XQ0FG3HB86KaQHFIe2U +0GjcmtT2AoI5yawqLPKXlQ7VKAHljmPrVpnZrDei/Gz3m8pC5IAAG3Bt0CLDoiFloTEnM9gZ +XhJcurvNHCu8lPiYSnoMdAKEBru1dJg0Lx26o3PmTZRqbNzX9tExPU/Md+VIf6HVzxSxeJTJ +lXqHXzWJWTjzNeN9rNgbKMoLe3lx8AZRtXD4cuVD/ibOWiyTARAqUCD/O9nN1uDzFUesC4r4 +CKQ1c667F30EpnP65060apStuprl36aO+jvcNyqKLvH1/Qf+IFF7revVQdXwh8HBHqKeGLqp +UrtGSJ5fiekKX5d/x9+kJ4kCHAQQAQIABgUCUfkfwwAKCRDYhUvRE9CGk0QDD/0UZndvVFiq +Xn21ivUscJfpZiA1P32+diTHph0F0qcebJDrfYQpujA0fTgZq9aaIIUQCuAVBV2gP4vvmpRX +KEUMWaZHvLNTmWGRkjQpfVaU4ZIW9GM0ot7YKXulv50X+797YEmzURh3aTeXKe3lLdKlnoyD +L/zliunfXoMOafvNm1Ye9rqUequ/GjOUtpm9xwvIV/U3fiIDVRIANfTWZCZjv1bzVsu0xT5n +Yf+1U8YLGREbHR/AHEb6tuC93Fu8XmW4BnJazd4EvpL2uimnnKbbaJp5nm63SRnyxdN0Kh4k +tt+aU4SLyc9gQd/7cHPE3hO2ntjixbMw+9I99dJr9tOt8fukUpE79hkwxIpFdbG1j9yx23sI +eD3KCncAYwPf0boGTtczVXDcINmllGo1Y5SqnVqG3KJC5KwblEGMGfrGN2PWFfPMnme2aoka +JuuP+Egllixny+bT6wOfkcR2sm85154ojrCzrmsgkBfsuuruROVYtOubTAduL9x8axFiXWv2 +GDMcHwGmCOauOml5UOtJouKWscyaxWlye5bYReDTsd8iutcK57b3KQmnsHI2oYhr7MBZcYfp +Ydadw6mqrFuyGbW0w6QabrPrTfN+vxp3S35jzwUnTFJlaMWu8o29d+ICAvWoTepk7JVX9bru +fkqSWoVdipespnauTcajt6IzvIkCHAQQAQIABgUCUgX+zwAKCRA8/nqw4w2alR+LD/9y90WS +UJ/bJcJkbb53T4M7BPmKJC8g3XW/kD6V22iuVBM+sore35y6eqNUdlkSlJWX98+xITGGzJSW +fZOtgivbHWzspraYWbacuVR/AlGB9jCOMT1s6T0U+vSMdlJQdlzjHhrpfp7QvclCOVDfs7b3 +DpR3AKRgsGeVHcXL6/qSgn5yFjGoYNrnIioEFkJ2pfpV9QTxkaRiGvbeT/q5xvBWJ4vOghYy +UcMzcQZPkeRoOLw0LIvnbu5tA9L+4FL3j1y1kZqU/Ok+OGZmZY6+FrjcnxJ310iej5ztZAfV +awBHwZh9fsQPSe+g2FgCoBOI67nqqh2ZS3C8AbL6Xd4Imi9hV0/bh/PnJqsXoI4SLjKpMOTP +F4T86aQw8mkiM3MTfSbxdy6F9+x9MdSYNHmfFogmXphCG0fzkUlKNlElcfAiTwThZgj7S3wY +65Bg2d66pXdyfqAQnRgZACcMN4cEOsXvGiJiSmlI5bpk1OCi0Y8THIjHcFQN1hJjCJ3PzNSY +I4acKi65fIL7aLEpZ1WbawBw6TK7j/KmfdNU2C7fFeQYRRfFsGkdrD/hNn/8NNPLAxD4m1r4 +IeaE9ebnLr1Lh0l+FxNC3JAjOv2iX0jxboWmIhvj0Octg1E31QhX9drIA1NciRorNilRTV2P +rgix2c2YH+4GWGrEi+MQ80jhXKibPIkCHAQQAQIABgUCUg2P6AAKCRDPbMMy773WwWO4EACl ++Jj6s39OBpvJ4jRx3ueQdfg+St7iGwuZu2TkUH1fCj9lBrPS22AYWtksPSLiJlgAhgraiuIN +foFlLZpJHlDSE2r2VFXCmsBo1zI4wx0k7RMhIBbs0m2ZtmoC1FiDAC9MiTKyVtqqlJQM3yY9 +SFgb8iMUNeQjd1qlAbE7RN2Fo8KNDvS504Jfj8xyzkLCUuodw8c//0GnshMXQ4WzpRHfQj6f +1vynDoxAeJ/hVH6SAwAmNLF5gl08O+coF3rkhe6JPpQJatDKuL1r0N1CVWzNWwi760rc+xin +y31YzPlVwqakMJAD0UK/KAYDEx4QV4s6ZPuAObYoV4iCAZcM90ltYrMG5rwE6HoYSMSxdJK1 +RZRaQr6L8n0sOxp6U3HG2oVDAYtrUnhCXbhRQu+VwARBmgUh4szqRWR5gm8mIpjQPS0vr6Ap +iQiNyQU0bv7I1Ot84YowdK04LKxpw6iQWA393p/GK6+9KBe0h7+b7Jxl4i3PmPBC6I/Kvl20 +m1WXh8sb4NHEw26ewy3M5ebPECU960QtB+82zykfoMfnDwD1dUM2u7I1CpenXjH1hsrSlqFR +9BVbdlIpTyjpMI+SgTppmZ1wZ+QgX+spBMY5XgMcGuMmTgBCsd+gmqo4s6rEAl7ppX0YUUNn +bwhdMtqnxEjIKB2+FMfuRit0tov3A4QbE4kCHAQQAQIABgUCUhAgfgAKCRD5pF59UuMFRa5o +D/40JQle3u/0Lp/IZH1+UCxYLIGlW4um16Ey6UUxGv2hWI4gizYnujfsnGz3UFKH179lDkd2 +6TsY9hBCfp/tN+gl3VSHfek6hw9dJsc2f1UGKrgRoboqzAMtGP7gnkSspM9vcDD8f+P0e2QP +wmhdZPB9yytd4WdrliS+0p2pozRR2dPYhousSZwthfvm73hsUR2xuTHo0wweWnOpAZHbb7nT +sPgmU0a9ssfeVVdvIPJ/2rFZ80q5JR9S1f8u9ctqK7K5Kz3tnAu6Dy1qrDD7JejLLh9sAery +21XbM8myDuZ8M9E4A+H/w+euDc7HRwu0TFAvt+fry6G95IurIRr2aHM70LftRaJJn7mJtrbw +hEMCNlumYIiOSREah+uC8TjhPpDZrZlGPfAowUVdhroRw2y1FAb0FsvvL18X46qhxfcrXxW3 +owGkyYuf0EHs+pie06WU3mCGwYXIrNV5sR3UMdX5EIAnRs2uVfutoO0suoiAP1jZuJLr56Nx +cqtSPPvAbuhmXNwXBs5O38+IVJFwPgi9LkhHK7phSsjzpYfC0sJWXm0HEQ/qb3jaYrnMvKwM ++2i4S7bayOP3+nBHd8P4iF1N/Jrc1VZLM2I7hOW54QVpoP8kgCdSeqTNTu1zeKo56zeW4X4J +Vfcml+HLuS/P+eaSxKFAr11fZEQH06DvlwPqvYkCHAQQAQIABgUCUhAqPAAKCRDmeBX59clw +r3JKEACIhSnZQAaWoTMjz3vQk4kqX61FbWZHzQaN8IZV5W0guT86tIsj1DObG2P1L/4m6FwT +Bbq6OaNScP0G34myghS8X4dK5wb0Pf3fyA6syZOAWmE1D7sGz4JLY+e9JU3Mz9O2tQWrgpUH +HC2OFLgXXxNSvfqeGZP1Mdk8Tur/gEOrUS9vgJwnVzBBorda9XuJWbbfGM7gd4g8epb7Wk4s +b+bSwVkTDztkeEbWe6TP1ty9LJJhzgb0MXpoySdN2X9YqeHzM/1Zi3Ydo9yO1cIUK//EoIEg +MO1LSvL8xqlAAyCKFOmBuoIgikvhgk6QFPMCwN1acqUcqTCc/iUmrWsv04i1a1rodVvmLMh2 +1kcczz7sCYuzwkVIeOMFVhZ4b+yd6jEk57x3Xkh2SFyxwElE+tFVsuiL1h3BlOoFFXs1cUmG +M/xqoeLk6yGgZI+/bgocC8ZSHHBI4RaSZC9lXMW8eVSgJ3bax0gtx66HpjATw/YMhHFS0tPD +LptZoy2lvU63+CzPTsfRAznJsucTgG+y2gN79H3yAIZJ+gxC1O6tyBL6ou8hTdmVZ7qsGTj0 +f7BIAnZMYBHuhBCzarRp+i7XedwnGIAqY1J+H5fFvxJ4+yi1RlV/uI83wAwUmjH0gmUrIV+U +k+IlcwG7ZPZazyi7b4TfZIeSFmBOerSDCb+XrnBQa4kCHAQQAQIABgUCUhPioAAKCRA4273I +YJJpPkQmEACJIyywTzVSVWiuDgmsa3gA8jZAFvlah+ygOU4nSNTfIdw0BPEMBUYXvNEnN8dI +Gm4YR1e6E+rQ6+REZUNC7bPeyB/T7mAYWMmYEhc22uegESxhNQldK0N3I5evymkSp+v63w9V +676zBu9pmzhnRhDz7Lih7cyIqJf+R/SV/Gmp/bJ8tHocmX6+IYnXdVBsIpv/97pXJz7iUaiU +qk96Fvefx9mwEvuIs4sPaAt7crjnOfaIUqrWc9THf3x4tqquCUseblJkOGbNf8S6mLjc7VsN +AnGPxPu/9C7kwWQpFPagAYDxNV1djdOVOl3qaRvEKUGUSCt7Q5AOLvPDVsL2yRAPGQ/+9oT5 +dF843ZM3dlQ5zQ8GrQT7Y32FrwP265WVSNgpid4vKIsPJmAw0zs04nqYj2GzXbRNXWYL7KYi +wT/88ZFUJW4XU4f4t9wZqs8TpQ74c3hh9rhPtIN7QMEHQymzCXImhaxBVWUNDGIlexFdGQsR +d0h3+JahjAPTNXUc0eptU9sU/Qk9iuJB2xoLVM0MTMWuhaYIOWEe3l80i1nh9C6taA1GDB/Q +n3V/nrfIxiXJxYmq/94UvRlZR/u+yT+njiwVMPOjuXHSiuql5AGBXN25SYsmKQJCn2pPCHqu +rk/JLI+4AFISFlp6z4A2fImxRgvvhPbyHgz2UlYGi6/abokCHAQQAQIABgUCUiBkZAAKCRBx +ADEoSUgVV9i7D/9plurCKQ1ku9r3w3TqXI0q9uXykvnEVR5lhyOuQf4/ylgoUChpBMxbgomi +Th5CJmX4QGy2Y/QclVkXV8JkOGf4gsbNvFD8Tovr9VXqFo7C22BfhbgWsHfuzGzL47XanSX3 +aHKb0YMOXAcQTEtw6yFw8gOmgEX0OZ030CahLXMn7P2QeFlAkwsYeNs6tdnlMMF3+aOpbqn7 +G8wav2PWrTfmSO/SaKyUQ5nFxzQGg8iIcAL33CK/765Ybr9N7EaclKtBzHa8ebed6LmZQVDU +uYphG0IKpXrAhjtah73X3XIGD3fmyHFoYtOuhAryMmCoD8Dqs6WXZSHh6r5KTVrDT8xH0V5y +ofL5evVJ7NNWOPvr7nkMpD9zKmtKIGehinKsKEqC5DrEwhkSPyxsQnwhfJsmDUAlReHkzkm+ +ivWoaibEpROoGk4WBoAvr8QYHsVo2elFFlAisA1steooF09bvAAxnNR9FJLV4LvWVX76iiRA +SIU4XroZ+MM1TsXd1Iyxo6iy/xTOWedJXWxVdk0ei0rtJOZwwhm+4CILk+iqBH47bokzlRtQ +2xeRW7Lykt0rx+zWP44G7YbnTzRsiUI4UCwdaCOJyWgT6iHk4xI3zXhSa3d9rBxfp0hzuB6U +6sQfqu+8GjHaX+4+0oVG2XQ5V/SXK3aMqk9NKZ8oVWpqoLcqEIkCHAQQAQIABgUCUiCiWwAK +CRCi3FajfHGK7nawD/9vq+FeWBlwGb+DWoUxMfArygzHU0hKErx2WWBHcgkgL9sVr8iiaAz1 +7+uWpbQRMo1pV8UmLjWNo0eJvLRmwvRal91qnf64LHT2nDRcRe/SXrmjEPdPiHgCHcuHlRv1 +a2yk2a/J4Z09JBUY7adoDQkeUmZSwJNJMwuCySZYzf7qM5uvaTWdXxWXxIIIcJCrJrMcZYWI +I/gkCoOId4vsIAo6aqB9VMrLqbdf/LL2eY7BWzUmlBgpO0elZwjX3gT3XolAcz/u2ppsnPW4 +vrpYDSYDUulQ3N0c/99ec+CH14cNl9KwwtZCq/sQQzgz8zgsN3xA/QQWtGXy3nxdsSD2PtJG +efXp05BytthsNO61pr34X2y36KCRgNdRhBa7ejhRE0I31vZqh72DwsmgnTiSp1iz4OdcrOLS +XIBYnj6P9VbUDzPFfiLZbIRA1HhyVdmjbUKydX3EnNAso/9ef4tUz4lAIJKtTRHu3YYXY979 +nAcGCL1QmQ/hAEI6/H2Q0TY3ECLqb/FJ7An857pYPEoElNiOgFfy3aKcBzZjt/A9nXvGMXDb +do2O1XWN+LqI1Aqx+VA+wC/TlQm8j8fIvAqOSOWdRW7LofuMhFhEPxCflrnskUeuFeERXFRD +BVXvpuX8/jYls5iOQ17iowORBG4+q4UQaf05TC7ewTC+Lb9OLodbEYkCHAQQAQIABgUCUifN +SwAKCRA7lRdqJTy03ouoEACvj/B0HL2gXOGgmYhmVM8kxd8OobO3+BLLdRKHYCNSR3IlmVXV ++k4p1o+p/KGtkOzLkKWBK8HlGnj2jtI6TqO+P/zZT9WXr0qPh4lw/sUk2KXFfxpOhyRsfI55 +JLjbpKGAfX2DpY1/dx+cve0bHeTlatuwejNWsodFrogoM59nLxKgL2OIdkg5jd7QOiOAfPrL +16oyomuxAM5Ix2I6b+6t2M1TRjDUVZ9aVvC2/zty3o3pY0TrPN8Oags2FMiprkt/+r1zA6F3 +ow2Q1uEoZ0u+smOewgrkXnHwhgvaA6hcA5dXtYqBlrtE3A1f5ZhYhU/XC7dPD5PVg7iwQ86k +2gQsoaeLWZ520DecBzj11sDDoiTNipLd459zHkU5DWxC5VKCnfmWtYKEGWZ/OWwUUaFtvO1z +Tt3HGVbX4DFAzbxNSD1t3DQsvDIzpfOegC/yEK+o8I/jx4Z7rTzqFjyd9OzOSCI9gCL8w3oC +GYi9fmL15kK5GlGxi7seTu09tVSHtSwMxc5CW+YMrBqfSCqlC6d+/6s6sWVXcQvgOy87KXrb +FQ/iU0631ZT56VnIztF5KtoPBPEtRQ8SxJpC5wSuAFZgCVmF+/YY/tdAdW+xcpH90u42vDqu +f1IoSCsntjmS6rkGaVxDqeEqqWwfc0ldK1mrl1jMuQAbTKBaLKLE1BqtKYkCHAQQAQIABgUC +UifRoAAKCRBwW8lMsAxJDIGXD/4zvlrwHo9Ba0W54V0dLRwobUIRQkhzMcdYNT+RORZAVMcQ +8zOt4kWQmhGX+3/SdCZkdKV+k3U8fL8BGhn06dNcwyqkksuR7XWmZR0vqyFPmRGCx7Jk8V9k +vQE+BPEuSB8V/kRGq3t32dr9BlZuGxrnzLR/m3QDTS1l0jl3m8Z/XApuZPBe3kTzQOjfMrJx +UbkpHAuE8ViD9J1kecbCmvAwP+Z6VNIBOeCf5fUHzg9yDP7UXulQklss+W+0QlNIjbNsg5Vc +Y8d3YdLVY/f0RQC/1dWCwTp9+kkDnXyv4nuoC0p6T3BFX5emj5RY06n8o+njx/shDtgJ47qa +LI77tD7FQQJWULmrPBQf+MtCsq7r6XYRh6zCHTY54eUyv9CFzH5WF7BHVQ7+EDPN5RTTG2eX +lUd2Ub8qtVNNi7N5jwHD6yyP7C2r8CE6U/HIrHDye+iLSfkn9XnQ/0qtivg/rs0svMbEyY3C +tkiBDpwvjCyYzWuS+TJG6SnNwwBXt1xpaFtiNpFqnIVlSamcOkJ+FgTD0r49UXjXJHgE23GZ +OOUCcrqQkaV34+mr7JcuJtC7cMvcxY7SuDl20csd8T/KlwSFLmFoHwPxOB0F0VV4eN9kjNXd +j0RCgKXDvDPEm893RbGEYqLS/xG4M8pIUmttvRYC5LX3FUmejwg5ciSR4KULWYkCHAQQAQIA +BgUCUi3DrQAKCRD3L+qAyjDJzQBLD/91BTpynwT0Kvt6HMSTHXYQi7OEAt6im8yCJOn7cQDE +buCphcuXo5mjvzCpUCu2XEHjJa7BkbDTls75wzi05JPDzJzEPlc4WJCtKSSjHT7BuCD1n/Br +xZ9BqCe0C1BNbYg5e2LQBd6ocR8IY1n6iHqvPOxGgGl5qV/hfI9ON0b/p8sCPC62SyKKl6EO +Fw2nJH9Yifg01DDnVThSyU+hsl7JOtYkQCwUr9ikAXDoVJ+3SzWl3TMkZWJnF+1kyme2rw0a +GOy44/lrmXE+ak/k7864PH9VyYQ4o4QDc9qY5XdL4zZp3PaRSbUJIyYCPlddPSM93l4cWd+Y +b6H9paD8i8UP8K2cAoFaRIsNRRJRdFjSqFMdOpK+mj9gD+X53EEYcjqRNtyMIrNKg4E4w4SU +tKlSO9ptbeTaUSLq+kB73NhKvyY31uckf/LG/N66CWJhx1inV1jWjniF1u0rg28ETFKf74ry +1DA/ysVAJAgPRQr+3KPVPe0viSymHZs6S7reWuFHCjyLdq8uDZyY5FehOqiMNPwJ1s2BFcvs +4wPEK/g67XZ8K3ryrLg9zPpyehmWeLcph/bs6vHDdgmnkT+zIxO/+xva4RJBG/ASrUYx4P2m +tfpVr/mKMcotb/t5U+6HJV/qEH68cVwA09OO4+PncyTGlN37OVAiNBx8vJ303d4544kCHAQQ +AQgABgUCQ9o+qgAKCRDt2ZWk5pdwHH87D/9bGwC3i6ye2JI/GGcM5oQIQXBr5k75r6iFggRF +ntueBGPbNxBCXSw8NqtkpZtCgS82RMTmIOE/NbiCcxrMLSEA7Y6/mAHC/2l9cQizZisoAkMm +Q+64WKqsS0Lbzt+uyNuQ3QJaoMUmtbKUoUCNE5+fOaCS4zwJ3/cSxJXOxB5Wv8c69jRNXIzE +dLgcdkkkD7hlN3awUzvS0yNO8rLwUJsSkFGeljQfmTvoJQWu5ymqFT11mOx/Ihb3nqT7D4/k +x5mDk6jj+0+yIl759QsWWzZPEdl7/KsUSPQ7JfdBccnC1I+MWTcrvbG36HCZREp7KuoHEDNz +y4xDc4g0tvh1Fseztv8MWVzwu4eCdfLUb+8wBLXAJWMoEKJRrmS77iOUm0CPYpe01DXjbINf +NnXkkcNY+4EOIDdKKcv0qIFPo7RJxFHMhI65AKE0mM63mYMzGICkwBqjMpsEimrWQu4maT7a +G40A/WZrFJQAXItwC4u0Bs+aGHQMdtZXFK/rSk8M8je2ynjWUntfm7KYzTkaBhSIxJoE/5lB +IsU7Tl8OOdEYtG/PTcDFiC8YvUNSpcVDf/s/BwT7wS3whl4bxZc2oZ8nzGWTFbqXtSwpP8SO +YV0dSchteE34XBIV9fsvAYRKu97ZfhCdnhDIi/Bm/fW+SkbKb9REt6fI3yIKAo3pm92zxokC +HAQQAQgABgUCSg4eNgAKCRDBVsqV8AjDOiDqD/wIzufvRKYto83lZdU/zJoW8qIEUrhGfl5/ +Ghw96J6a7bvPos9ZUHBtjef+6rLakdVfp9k3C13p5EcFHRXoxtsb+hn7vEi3G8Msr0DrhIaf +SJ7lNIDI3+ThgZFwd9/pmv2E8M2uQNj0y59/foX8wglapE3ko24FGIrRkYrnEKfwZnvTiCQH +Zm8U/FmHJSQBBoeuOrRxYMGyKAx9OCCk81V/w/jxS5nY52ha6qSZPtwrIf+vhE3kTe5ffvqw +52JO1320kaNARX77gngpKnawyaaUqL8EmobCxqK8d9nVbQ3d2SoLjTA/tP/Js9gUveQQbpb6 +nAM8CzXROATnV1yiwtqd6/sEUh7sbzTAsSWFf90lW3vkhe6r3MzmDvTm1RWMSDgWaFrs204g +PB4FxULhwLFpdGJRD7c8g9nWrzNWYep0D16YP3XO7tt1uVFQwUHQ39T94i1i/dEd1LO4uhC4 +0VRGFfX96sTJ3M1ev/V5dMWFnDP7CUlLSur+X/gq5jntBYUzTq/4qwfprm3JVKtdigZmuifR +NfiK3lDpBUXmPlC8iBSQcgcPjs7EvMwEciee9eOSixhFk8MtkZHUgO2yHFgG23I8ZhINR9tU +YnjIBd+EFIj/CHVVJiYQpILMr4faigvinnMSAqiWecKxBwbBlX5P9rnVbz+XgWo1enEsHs3Q +4YkCHAQQAQgABgUCS4lpvAAKCRDthSARn+lZzF0HEACYyYnTzBawm5L794ERrOur2e0/Dac4 +EKC7rFp7lFKgzjKlUvhyQSKUtr5P/PpDekqehbY1xjuvf9Mgt4MAU6QRFUP9YV5p5yC9CpyE +8d/f/D/k9qjLThTycykGu7SSbgj6rAJeMahQLjOva8fMS0wneGkw/0WPLC23+HjCRMl5PWBD +y+eHg9Odt1ZN9Eb8iKZW00ZuU02mvVZRH+Q7b3POv+QPOGcgEOxlVqc2aFBeuSwCWPh5tWHc +yKZ0yF28Tp5V577hpP05HDb58Ma+dAiphCZ12ymJ6/Q7RJuAwFqyvSKuNHrQ4Q3RrVFATafH +gSu+dUq3zb7Dk8sUZbmNQt6/uSZAAZVz52u2d03fjHdznu5N+vfnjqoX/dJkZlc45wRPF98V +EJJUSQJUltw8Cb0pi1ijaqt+myvB9GsPlMyn535Oe1bCWPk3I0bq4WWjxuC7nNnL10hSmW8T +Ki6hCng6JH7lRRQsbUiddbkGvoQexrbMhnr7ECqBGjCNWkOOJKpLI8Pss5W8aEz8C50emitk +skNe3lXZsFll/wsTXNuM4BfsXxIsg9h39+cUDr5Ud+Fg6ElQng4xmae5OMld0i74QBGHxlNc +404kMo2j5jUK77SDDbRyjxVpExAk/CRM6lyoVDh3e73CroffvR4uDnDaToHDkYeyYKFA9QxC +5MBYkIkCHAQQAQgABgUCUPEFXgAKCRBSPdXTTo5I2VEED/450kB5TZZ+4n+9YkpwFT8VsJ7f +7WT7N46VRd4t/Jt6YhczdoUrC1GSjpU3IfBNBy83HNMV66dDhDGMeI7aXRqzWg0oMLdJB0mY +Y5ld/ps3bGpgPgnackZWxzNPRJ7CB5/4FUTI62fZrYsOV25dED5bKr0Yr+sLNKWGpUx7lQMU +qSD2G5d7MYLrkpOHejte6adE1JGB5NgQBH5UIP8Xs1hgW74B7DxNmFpVwEJz9IuSGxdieruV +Bi2hI7TuDAIOguZ84gThhe2oclASFW2v+ah1RoQap1Cs+4JImabkaszaTnFpeaHSQh1tg+Bj +hk8voGDw/7zV4Vt/WNT+5ZUh97mHet1TwzD4RuMX3AIqqF/HwhUOCKI/pgMBxN8sHpJBo/7L +nplXljIky8dKe7zLheIE1R/+2MknF5iygyyWE4afZF5elKLMyHxfKU084FE9lv9dB8dBQgX6 +7Jn/Sun5VbPAqoJ3gdULUBNzbyKs+8RUDlO+gUqn3qJHhQ/OWcXZnizthplHPI4M4zVuvH7T +5pe9zyH+BgPH+V4aio4tJ2QjdXYurxt7fWyBRjhV7gxZeHvwVRDf91IXdsGyoh1ooYNs/1KL +/Pv71vB/J2nubDzVDZGPCL0z4Z5S62uqOwHXnIM1JPcAA218No46y1WaAtKOFN6whLWS/NH1 +xgqy0hOLbIkCHAQQAQoABgUCShGSaQAKCRB0h6SV1bzzY0KDEACWDROz+kH9jAoUoeH+E0cQ +CfMGQB/HLkzHY3eLaMxXtWz8wMYa4Q9zGG5U/4KDywxlAnbD8TCf/DDRVMOx9YayZYPTwcPd +T8ckwe1nQn2PjmjOdoBzT3p7ZQ9BpEtGT+wkDRGyBoUiDkLPZGpDupqbhrtstgUO1/ZwtMbq +m/M199kzU8WhasgkKnwFLiBFTaJLrXVBxS2irn+pgdw2JUHn1Pr9sF/HORF4eBReckPKZ1ld +CS9mK4lMlMSC4CCbK8xXZTTBVTKtgT6FxXs/OLxAe2wQcWLwgaw+MROvIrzhXMmVo37cIzmJ +4DqfWe1ygT0W77vc1lde50D0JI0Bol6UGp9Gy9H/gXfDYFGDmYvH6zjHUcLcYR5rIF+pTqCD +54XbYIWNJg58oEDwk1mhCLBi8GqyBzzcki7KR4AuaeLicvkrA8GfxSM9JdHF7BuFg9qiQRkw +w7Q2xLgQp31SaCix6Am/VLMyvCvILCxWIGBe2fvLHPCVnPIBiAS+OmMjAX7EqibtrIf1T3UD +jL8xp4CHtCSA6C/rCqJXGSgi4xaAmtRCozFrQfpY7MoKjDNIb9Jq7e/1SBpCFGSe7sz/GDR7 ++D+aGBeyyjWLeRMYMLOrlSg4JL2LBTmZNg4xBVYdZlsyus6FQEixWnE1FndRSy/NJKCJRnaI +st7/l0bsQL5YQ4kCHAQQAQoABgUCTg9x2AAKCRAmkChboNlrLBZnEACBb4HtxhkQzNoPbX4k +sL/jmx1WxzKS5DGam+pfF5tleE8eOgJcrZ5d/elzK6mXcuZRnkwPEZYmtHKjg3D9i3kyzwnJ +uXu29upGxAptDBTiyN0SGB+0hjYA50mqkUi34tePxrK0TBgcwar1nhwJkE7HbUMp3IkLrZoO +xQa0OciHjRiQzQT+xCWchEQWu7oYjCL2Wptd+EYMhnVAzOdixFRTX8JLjPw7p7LZWXw0l/xg +PSN4x3z67GC6HCksAqA4Bqk52ula8B2/22Wao07CvctsCZ2JDunIy4mDPxPvkoGGqYnnZ2Ll +J/pAuEf5GLGxNq/64p+CqmrXVE+wBnwLC+Q2l/pfQvnV/oI8QaRC4rZzdbT5yK7rRy3k9d2C +Kj6VO+0CqDj0pJp/VjkFWOQFTnFty4zmyLbMen6M/O8OjvKss6GHHDUKIY3yo8MgCwi8NuUQ +/XzAZSge4gl2L+0n+SUMchD1y4v/cxU55jTdt7+gZczi+jZmTby05XeZWnlIlxWWMYLLmkxM +haCIrnFGv70HwqkBZ497tV1iTSylF49Q/O/23Qm/8mUiBPWcqdUdhkUwAr6YAwXLQXw0yTkD +xD+Lj8D32hMN7BCeK/VGrclgRv1xx3zwyuXnzJMJOtZgtDd8+68+DXKnogAqTPTMLhi2w8r1 +zl19uCfADYeWaVpxSokCHAQQAQoABgUCTysDywAKCRC//I3TwG3WsEEtD/9odKCddwRMU7Oc +apbucngV15QwuSna9DeCJLznR6m/GJ7GySHDg0f5rpZsOP0YosIEYGgP0aYf2FZeIBW5M6yA +tfQTE+wPda9BC8jGCPvgN845SPATr+zUbLcLTU3y64zmYj9UuxVH4qFMXfa+Nx5z6RG490tR +/9uC5CEZZrLe4ELYmIwpBeBaKlBRrIYap6hIWU4kgJbvdTzzHIp/9Dt7J41ooEWYMvGOao28 +vBngfQK00Kge+JKJD7IicxYtOj75ob01rvaGwGz2m08GGf4ExdK+QnSx8juy5fD42UPLx+K+ +CdHpEz0teIl2MnIzn7gOOB6Lql89uYt82EX+Mnbrdfr/DU+JXQZ6u9fDxLWSlzN7MxqxER9B +UCGaOE7knyXP0eYB+XikiYsO6PSog/T7CngpjAFuHq6T/Fj+UGHHNLbOaRppfFyM05dgKBYQ +EDBMEf4GG2kWtyk4pWQMfwQImHCL4wuJDCebAJF95IhOCeqlNzO7CR/uPWIpwq5VD6ozruit +LhZlnc7w4VuZzwl2BiqbLktqlTsRg9vWROCoDaFtb3IQHvM9gUqsckVuRfdVqrF2kmsxvOKC +pX93ohcerv3Vp56yGD0qPICdOuf8lWbCrXtYUZKd3vBMUS2SOAyv+wrj4ZkrMThG5kh32Md2 +dWAUIOCHLIqOm0q0qdBX7IkCHAQQAQoABgUCUDeq7wAKCRB7H9SitKLBWFRlEACI7ymRrb2E +GsnoiMJ/wNsMMvWAhx6txXdjukZcbbhkbSPNqFoNW1WF3vwLtGok4SeF0407BhzU42xx0L3w +gW9pfbWpQ+CMGRFfCQFnjdQi/1bAXgMx8WX+8JT2vCwcQSZy1R5kaDo3qHiOTu7I5ylPX1nY +MGs3Vx3lDiCpavilcxQ9dphrMytfnHiRk5bHHq8BmVUdvhZ4fw16W5duzWIdxd8/GQy5Oisz +794EMRiA4W4F3rFnle6zOFJdk7awOApBrGk956FUGgYaH+xWFQt9XMaTeRpUgcoC0n6B2vAe +dnOsNhzipocjR5v1G6fk2trLC6L2Qq5aDshY9eRdbetO/cdADQeAcWehC5nmEgEgYEzP+/UV +ODuEyMRB77/5M/Kagc9+iHrU50G/adXiHuA5RvoS7WApqG9w/PtIb5UGVpwTKI6ajTRTKXaY +iC2wFgkUllb0w7yBl8mNPwXl/PPY8jnIGqjwNv7wsYnkzwCR0X42GkHKrZaXOwq08u1CdnYC +7AfSlbK9bMSCHZ9keaECTeHztYCJYFCD25qLMMRXHaL7tH1eQ+Wibcr9lz+DGqGKTxOE3vX8 +9z5tJDVH3UNjvMWZyvUutizVbBzF9wMwt+UcUKBJ1mkf5bExa2d7AGtlRzmTALGOGKIevnqP +R+1s9Wds0k0BLHB+QRyCarIU7IkCHAQQAQoABgUCUaocXgAKCRBWhCfpSAGWpK9TD/0UcuPJ +B1URFp1dpRIxeIXb4X9FA7he5cJeMWU+er4a24nqGP4QgSTtW1WC8PlUeeEdjIZvdYQoi/bV +TeeIumPkA20I7QTMa6fZ46/WU/4b5IuTRCsWKWi5nV2CtOz8IbaShUiay5tE7HXGtE6HYqIt +TrQ9QCDPy65knEK8waOPfUfdztjLtGEKnO9e25Ia1sukR7qJJx4PiLN6kdZM2ygnjor+3y5C +cKHnSWx9ssu7vGyqbi3UF2PdtFk5qYiLIMH2ae6AIchNoxWnjDkxa1IO3NKQ1+ecU2k0WwLh +4O+6HPiHLyIZ/bzNAonBL75PWlKeC+jRNKuzuElNeJoYTFgi0fA+5obioDrMMcLbSWJLbsV9 +iFbrisqzkHPLMDlA8/gt3jRCT5gVLrZLYJatoGKMf71v3oxNg4+GmYLMaYjWma7Onmj7zBL9 +TnZNhTBQSjkyt1G3hxfrbP2RTpZtEwAVpxUnqt+F8rHLJnKnXEsFo/eDAXnHht8GLLOw+7c3 +rTwm0hodiqEloNQJui8lQNCGYtJ2NGhBsQvKxRNKLq16TEXuwNTax3MmaE4IWGN9d9ucX8P/ +wHzItjbwgkZ9AhRJ0aa+qg1Rf3soLeDUikyXXiZKVPCCxITOeW5R0fXFcWRMe/2soBbkvL7/ +/RcEdwDjLHMtD3PcJSc78ouHMRSit4kCHAQQAQoABgUCUccbKQAKCRBo16lLTIWsgTdLD/4j +8VGgVO2jBMNnLn1UDpkJyW/GI7BpHJ0wq0nt/i67NSDUYvR829I9nV96P+P65e65I327YFag +0/CRjS6XqVygUSxhMlcNv5Hb5f4qac1KjV79hWIpQKVTC9tVcN1YgT+QtXaKhdezZSidqGii +M19YAL6Cr+JMP3NNcVbgSWMFsBa5l2gDAWJ/JrbBU2kMDt2rKGSHbuCVlhvmLSQOb05biS6b +0On3uaAmubixf50SpyKkXGsLriwy26HaespoweRchMLysHZlnzozcV5P6VR6yrvWdGp4M7D8 +VdR7z0LB7/xaWyg1mK5fB1EEZKXoDywGXTLhAx6HEjqrNGbY6D9uEIRDQDo+R63cVBWxaHaR ++n/09OQmqAzRspIYYMJZ6LppIJOkExkvL/KxENYaiTpzWMDJAVLsaLSgoKLC4SrUnV7ZiSol +bPdin0X9KrsMu02eMUsNSdpQU9xQR/lQYIQonKXsUG55KfKi58w2AvfnYp65AMoTJOZkNBBp +/izIglp3SEOXSL5f5v+JMdzdfRX3qHyPCcbe2o/o0TXBeTHlFG5f7EYzXATon40IA4LQ/VR4 +20exC2sTsfD/WCZZ3l986S/nC4f+s0vr6+7Tx/tamhH1o4W1JBhfOnacNoSYhK7AtOyv9hFK +jaop+y30UG8UufGUPRuEpR3JdXvXwUlakIkCHAQRAQIABgUCQ5h7aQAKCRDbwbccbjHPwjyL +D/9l6vr4+ifWC4iIWMkGQSOixfb3b9SKNefybMev8bk+TQAA//+x4P//seD//7XIAAAAAAAA +AAAAAAAAAAAAAAAALZa/nMGMlFzcXfTj7w0eAy3Mcs0heBUyd3ZT9OuTUCz4vly1IpIaZ80D +mfYaIItwvwlDit/r/QwGKtJjL3Uo4qCUEwBCxey62lECKTH4qr1BJ/9Q9aVYXNRUREMTe6bl +anSnk8JsUs9YJkdw6SWsMPPU45ncklT9HfsjtGuA6qDfCPLAuDuznGTVHN8d63+440DGhjWh +11KphhbBzsQFoDjq7M2sg8ysMDcceuWs/3to4TwmfHzzJUDvZ1KYKutktKUCkLe6QNB/8fgq +yd4EYrsveFLwI2jynUMW9nLLmBKbN7Pwp82CHkj9k3SZSoVQS3Q6uxVpUojD4nSlFJUVakkA +BNzwHpNHvuL7YFYzpU2Z/iDFWZ4A9dbIry8wdaLns5uUvSKB1cqJrGN/ehc3waMWhoiLu1A9 +8M9+cOThmd8umXIUax8br4dtfPVvs2V/5w/5kpGWljJvBD11BbNeMUHmI2zaSAdIrkZkZ8jV +xVJ+PEBn23lKekpJqIqIToJPev8RXlXZRNwe5nuoXZ0ijG64G1brOh7IHB1qlxVkeqLi0WG/ +1HeQDj0+FH+aKq08nYfZgD3nLAwdP5CX79c7n4kCHAQRAQIABgUCQ5h7aQAKCRDbwbccbjHP +wjyLD/9l6vr4+ifWC4iIWMkGQSOixfb3b9SKNefybMev8bk+TfV5G/QS9maf45V3EtZ1mDxc +uJtNQEp38ljI9I2lyUCDLZa/nMGMlFzcXfTj7w0eAy3Mcs0heBUyd3ZT9OuTUCz4vly1IpIa +Z80DmfYaIItwvwlDit/r/QwGKtJjL3Uo4qCUEwBCxey62lECKTH4qr1BJ/9Q9aVYXNRUREMT +e6blanSnk8JsUs9YJkdw6SWsMPPU45ncklT9HfsjtGuA6qDfCPLAuDuznGTVHN8d63+440DG +hjWh11KphhbBzsQFoDjq7M2sg8ysMDcceuWs/3to4TwmfHzzJUDvZ1KYKutktKUCkLe6QNB/ +8fgqyd4EYrsveFLwI2jynUMW9nLLmBKbN7Pwp82CHkj9k3SZSoVQS3Q6uxVpUojD4nSlFJUV +akkABNzwHpNHvuL7YFYzpU2Z/iDFWZ4A9dbIry8wdaLns5uUvSKB1cqJrGN/ehc3waMWhoiL +u1A98M9+cOThmd8umXIUax8br4dtfPVvs2V/5w/5kpGWljJvBD11BbNeMUHmI2zaSAdIrkZk +Z8jVxVJ+PEBn23lKekpJqIqIToJPev8RXlXZRNwe5nuoXZ0ijG64G1brOh7IHB1qlxVkeqLi +0WG/1HeQDj0+FH+aKq08nYfZgD3nLAwdP5CX79c7n4kCHAQRAQIABgUCS+WWVAAKCRAgnCoV +rJrIQf95D/0ZklQykN2UDGYZnCipeYqwbxjSzqNYW4h1Yk83Qjqx+71kfHOo1VbwDrpOaa5P +8PvT11fm4AjUuauqBLKfY42JCEgRH0CoQULzdFng6R+g4/+FhVTrdm/4KqujRHGJ2mWNhpWb +WdpJ5Xj01gtKxpmpGmXn2iLMjZ+9togiFmJW1iOZr6c4TcSAiBJQi0cK1USExapOJo+SSdDT +agmXtxpt97nHUdFmi/4ndPlxOgtFP7LIYyfOSJ1fJmqzg6NiX/qmwlX4tDhlN57BbuTbmkuE +fNLf8ipIQWN4pcSW7dB+bDSfx98TxhMJGoNY37gHBEFtiA3CZkYOep3iIHeTH9LXO+r+RsOr +oC7zg9DvqGDJx8FXXmK4Oa5sv0h7KollSc3dZh6B5+nBGgtvHSzWcUz1f6bFSwpJbCBNV9dR +elRnIsBm+4w5Z8hcfVzS9/jhRnsguhx1nzxb1jCI4Fy3+AJlX7JVRA/mYUEmNIPZ/RrKiPYw +F8lUNWv4biE/mLDas6Y3yF7mJ2TWda/bz02IXSciqUmLDVMCdS14aEje6vxfHRfqBTduVJxP +jB4DMoZP3FDtfEEaFQu5rBQmIzqbL/FViWKLSokAhkU+1coKRQ4qpPFMMPdW9Z9yGo+69z9Q +kSeZ5TLLsGyE3BlYMjK2n8F3/x/7AF+BKnzbcEaVOj6Wj4kCHAQRAQIABgUCUIWtFwAKCRAi +jswSwI+RwXBxD/42FYAQ/uw4rDLbaLOggaDI6X8lKq8dI1TyHofXNPLmuWMcrhpDJt7m9P0/ +aQArnj0EI85kCf/MsfGr+vs5U+deC7CjGajwj8uWrHz7j8D/KZSLbhHQo05sMxAfmK0VVWRb +EYy7vDQPxBDyLACCacrtR3/x13fAkzDOl6X1Y3f8qARejG4eE3mLqTm+4X+puMGUL35B2beA +0Gs5QlO5pTJG+IBZET2Si/XAHUM+5mnD3qWAbBofW0uf4j8r9YR9PCXESTB8RCQPjANx5Mez +a/54p82OVgoBBTWGyjTRvcA+oGEJ3FQhe4CveRqeZbGOz0G6dwDnsme5uqsWzdZeooCynwMg +zIMQ/Z11poK8mgujiRVJfp24Q+o4r5k8pDzQ1dyCrUZ1WLIY7H0fPA62PEacK1GQjgk7eif7 +UgLfTYq2v946ASjKIDp2IOg3RrMRYExqNX+NamPeajV3gZsGMz+TSmUnFsvddGFz3xxpVRUK +qLnLRpZE11TPTwYmkJe/qKqX+S0pRpTOPBOeeP89CmYhY3NmBuPszd3OsfhajJu2aOijZO3E +iL5S4V+gae17QX6MuX9NPfoM6hJcZXXbsywYTWzarBNqsXzq9wvJya14TUy9fEwsuAvmgD71 +UT9qbX9+5WoW5g/O5DpsAizNRkxu0UhhQ79r/jVCwTF4BesYnIkCHAQSAQIABgUCRT3bJwAK +CRA/d1Fg7kG4LcXVD/99m4//5IazEjHWPWPrz2GRJ6YYAH7twm2BbiaFSYUzZJJ1QkJM46KQ +BN80XfsLAkHc6JO/cIAcjA0hIpE3ZjFP73YjyFxO5xa/iwSXVa/EozjUqG06n1RaHLjTAjVe +YZxzM4dlPmp4LMMIvbz9HbF97yvBIcchH73c03GvZaGzaHz64iSMLaUWsc+gC9ebuanv7Bws +gLYJaoDAGu8ebSoRBcHPRUQZxJJyT9JcGzFt89UuUEszVSMR6JtOgeDs1f9AtM0NtlZicici +shWcDl8tD+G6TsyfOdBxIO73zzSOl3JuAj4XBDRLVIGKa9pJ9HdtfCToHG9PfeakB0i57XZb +S+WZN4zfKrMkmawKTgWf6Iy0NBFWIFkVKhsCkb22+wM1+qttj3I2uokVORVKzkP5YZUff1SB +qwzM34Vh1Q/KRNxb+murTGA/HpgnMmAwkva9LZtnzEwMtZTYWlcHn8QMWZAprQyR/amfso5M +0VXkfdVJ7MA8XsedX9Ca19jTwJiXmq80Subfh5gP4kMbXjcSmmmD2tyiKOenR97W1GZtNkt+ +sQdelCsFvL9Jkf5VHfCXT5au3w+dCC0SToKN2+eWhr2NSLmnSBB5q8flGky61Xt0aLytCdLt +ab4L+J7SyRSAhwuMufQrJrqfqD/rRM9qmYRpArxLsM2jezQJdiqAM4kCHAQSAQIABgUCR3Oz +lQAKCRC/xlKO9c4h6OTOD/oCZCZL4NlJP6oNVqa5atn5HG4/uS+U4mZZ3sH4WtgabrATFoT7 +S4bUBF35RNI49qS3CpLO/u0Y6jWlHCD2NvfSP63BWzQXEp7cT/YycCt1sQoYbTU99pRzeMXW +peDh1SxQWzHHc8esn7VDVL0ge7BPc0V0TMHXgAH8BoqeUlbsNn4YxeVat0/O2LngIq7mqRhe +D+vR9M4QiWBMfRGNIZtvSccVFiJTQctcZPOLr+8UCoN0fSRbeplaBdBOClmtMgdniLNZCLzf +3QIHdniiNLf0KJ6IVXSn+MZ/uMU5eHgpiNcltafRLx5+1MiNaLgOYLQsEAEYBMWPH9waSy1h +7ZJKVNe9A4s48kTyE3CeL34v1xmbQCAr3RMCrvQrRR4hnj/A3pLUg6EsLBwrr4XdyMgMvoo2 +D58iutK/YiCcyTd1E2di2MwgvALc3UN2SYpM9BTowtuQ74zhFycZLDL8EUQaaaBi5lEl+hkO +r7cM9dwv9ilMp2duQUW3DBbKxKpvqPwz8SYpDJLckvDI4ArGK26OEF7Gz92+5GtJbr5Xnvaz +y7Hib0iv9y0Ri+BBiyhTqyynPzSNpaHqTRiwIz24vLP1g58M7FGw1+lEFhaGPaBPy5uaWLLp +p1uVxrPMwAXfnwoSUBuD3gmZsxCzIWvFrXeVKLdE7fjic1kpvJuxh52ufokCHAQSAQIABgUC +S1fV+wAKCRCZkx4l2R4BLA8iD/sEJmZlU4lKEgmB019aiBzERy5xaIzENzsQ+2Z/qtShOEJD +RiNQUsK6HLc8cNdBRhYNiOlyGNZxtK+LUN4SKnaFe4T9316to+TWEkQ/kE2XHgZ/yOYT7Yky +uxBA1Cd6n6bTU2wkvXyZgqXVpHbl+Wh+JHjfMqDFCkyQilCZJHlFQpexW28yCrqaU4Mlvi62 +P5Ll2SJq0FQIWcMxkq4s2qFLBSFmXCwGsTcThymJVyGoANnzBMdsbZimYeaL1JEeic+DItNv +Wv9jLdcQUTQDwh2WoTrHfDENQfZjFa1PY/3D/bFwOI1H39J2zABSu8J6N+Wg94UZ2fXumOx4 +zUl8vlXGgSWqXwvGX2tX5cyL7LTvPxWXL1CQpH0ye5gI/DyF8HvUcsThVyWskZp6BBWlXjOo +F585quhk0/OpYmYSTGXAc+JwUtWm6EVeYceg8vo84RFCa87/tbx3M2UAKq/tyKt6TKQOl2Ua +zg8ObVyeQ+lqjtaxreloo4OU/3sY+I2vu4ssNxRnSLcFeAX5dpJTEvNtlstZIzD7Kvhkd2IZ +iyW9Gyku1gw2uM+EF0+uHec2cYKWmXKOooN97g90J4x/95A5hKTSsNxhOqH4EyCxoGmw6VbG +Ol3TuEYJmAgj2USzB1LqBnn1fkk2JRCKos+KQpz/MN+McDnVtGencfAYZy6alokCHAQSAQIA +BgUCS82o3QAKCRBuZbWTYFchykElEAC+l9MBU72v+FJqLE1Ju6Q91zfT6b/XUkrPAvotzf29 +5yeuBhS66G55yZ+YkSbQ7qxqKPVqsNemVFZ7ZWk8Uolxqnrg+4mlhniNlfqPqinog98QXI7h +5JkkMgjI4uDYL0Goq5n9yP4mWeFU6eRgyKfay7bFl8icg/yXtHR9Idsy684R7PrmgL6v997x +hP0spFHKDRF7LqdJumxn6CtZPpcgvWIn6tYc43Q4hFYJWVCbCOSSHRsci5PGFaDRdzzcKS7G +mnREaz5KWvSwE81OQefNnmCgTMtZUI8lRs2lMK7C1tnFyDa0SBvg+/B9KKHuKuTt/WAr5dzd +faIxPzwKjdE15ESSaPpAzX6zWxD2gTTtWPGYd/7YezzW/+wrlTfo1oEJqHfqEt+55KkL+S7t +SmDSN/OQ69hcJH9JK6UF+rFppOIFi1c5CcOCLXMvQco945aOyWLGN45oJwZ0elgwmdPrN1FQ +jMIO/RPaa0uDHVl8YYUj6VWSnUEs6BTHKF+oKUM3SMEqpcWBBz6Ny0VnzfhVzPuG1iW4fBCC +7NvgnNaUiUW4VRQexNQwAUsZzp6+DZo+HMypk2SQcqEwnKgitc77GXKPsdNEpHwHxLdGozhP +L1YVf3V+/AeUg+caNOVMb3yJ2pTK3bbvgs4ahfKoe5Kafz/dopJrxD4Dqzt1mVvNNIkCHAQS +AQIABgUCTclA9QAKCRCcqg5j8k8ptZktEACN1q9YXvKzPzgvggCXSBoaEVeajRHOLYNmwosK +iyc4gc9IUMbqGmKU3dVu6xjlxpUBt1YfBSPnXHktIkIg+0QNBR3L3FsmtocTSFoaZi0Viv1L +iSMFV9Pe1Aqak1WHVkuOje6e8V15FS9ttGH0OIv7F3wP8uoJbSQJRJHFf0B3DP8lNzbrCrdX +YqozzSk6fQ2geib7wGZkHxjy6T0DXe2ywFWPA3kAMxNbz8FG4/5qZQ2RfQPiHuoCl7KJdk4D +VphnOkjAGNQpfbz1zMy7FwYkC3Y6QwHeSbeem2KllvceIzQlRFjgwlGdqxIUY+WamGYjJDvW +BDoVOJaVoJaoFmdM/Sf3/ZgF2O9BuYZVsOGRUd9tolg0fAFSOJVUvAS0+b6JeNzxK1S9kwgj +KkaHXp0xAAkr/kR7RuqH63s7cOxu6l19fCQqqPVhFhDKw07NPgOjPddCrOILMUp3EHitxWLL +k6Es52tRav/l+grWBFrT20ys4Yv+OJJ3YKOhiJsO8v+gPLY6P8nxRIHaRT2crMi5joMuH7bh +fceMeTcw2tvOocTBEQFuHLW6iZcEse52GFyjSs/99mVhUTmEHdp0JNSuuEi4URke+fAZAwZP +dn9DZVZApS9LZZxKrJuVI2sn5CD2Lx3n+mpSSX088ZjI6WTjgoL3zzb1vg8bnxFsh0w1HIkC +HAQSAQIABgUCTsrCKQAKCRDm2n02KoEYt0x5EAC9OKXsF9N58gIKwd8aKAmd05xo3G3BLK44 +snJnNlbZbPaZYEKOTY/xOdQsVqx4+eupJzSHdWK5xVgOUpG9fqpz62yZMo/TwxFBtLL/Pqf+ +wIoVgB5/uz/9mY2OYX1v6wJV4FB+4fk7UzySDSyiTU5+NzgKd60qhd9EKLe4i2fg3qnesNBq +4JG0QqJ+ZYejWheCvNfobpytX8fbZW/WGovcbwFTTdBxpCG0x1WFdbqpmaELFLdMlagDT5Sf +n6jV/DK8x0gi/iWOZ2STQs0yQ1A1WEw5RnIKaCviekZAkJ/2ji4BN0TPre6Y/ZEgOAXJwdQ/ +gEOS+qAvYX8CVlxpFS5dMs5wSSqmjoDGLjQJqZIx9bTQgNyPEr7wFxucCU+nAGKGDWx2dEqW +IPDeJoVSOuKrQmTUCB+Qkrfo/VFP5bBp9fsPpmArO1ldvZ6ewiqbuqqIt0TBBe2SFdYSKcUL +nQA8A/J2xtXExM3d0VoddXyUAHL/zYVTSCMtKqKtCY5t+IyvXiFIabOgGlw8zjtSgnG5XGTz +ma6ZzRLI0rxeLhZ/dcQ+uxLWbOqN5IMURnXWeitzpUj6D+KNUaev3Ff9c2B4OH+SAeklhx75 +qRf17P/3h6zByKtGGYpObEpC/quUQmvIRVpU4CucUmcXGkmeSq4aiNWSImvsCTNYc8Kc+V2b +C4kCHAQSAQIABgUCT3Br+QAKCRA0qAIWH7cF5Xz2D/4rGQXp+/v+a2i3ZI8VD2VSFqk5APyt +kT04yO+Ajpn6LFL5YDJGdLIw3swCLTqicdPhSpXskfPDFVaGT7Cz5sd7N/D55zZGXxQw/3T2 +Y4ZdNnOhrVkv4dE3KUCX9KN8baxuyu7zcuofIh4M9u52ei5n88OJwtPdukbo6BxyeYbgwqOi +58Zv8oY7CTFfaRgslkMgDqbj+iMNiKvJk+EcCU9VVM3uwtjeLMTwHvWaYDDZLGVAt76XL4/N +YfqsTK/IyxEoGxMq2Y2qnGbXVHKGGF6icq7ovvhZxqq2ywX6KiFpMIRaSqnXwf34mWabVdAR +L2/oybF1Rlrq8p5G3x8bVNqA6id9JczvOPfb/bc4NGmhMSFMhdEmWtJRryfj9bluL2oncCAa +tDgQ8JEk1ZUUPFgq4KbosG49dqPeGeaDT87U+lLvDtJpRVF20E+92yUMyguO51fNa1fmuofH +yG1rPCADDWS87Wjdp8DHTxV6uGtgJ2YpnMGs2nUtR0cL87LDL+UPWYMPbCPqVB+TNi5e2KRv +g9J1LryBo07xsh71X0WFZBaTvYNipIn+c4J7tnwKouF+kko+7QcHr29YQKq4Fk0IVyGEKFSb +CY+Q+g5aYmNe4HSLA1snpeaQyIQu/orfYwhAPJrEf6u5wezQqg/aOJqSLoVgjiewBQpG9uBL +Ne9nkIkCHAQSAQIABgUCT5/OCAAKCRCav9NJG+YAIg3kD/0X2MSRlU5T407z2DBczK5+GUSd +O0p/z+ed199JkvFd10z2Fd75bGSMk8tqHaj4E+VeIMmvpf1o9QAa+ZEP1KxBFwKgwZUJkn49 +hE3T6Xgca6Z+1jFE8WZfqLhrU84n3JtXTSImLQ6FNQnWt7wRH5C5Sh/Bt1ptt4WMxQbpFWS4 +1TR+2cClwcFHNYhUPGrYuGMEL7yp48BrSu2qcc9+YO4+ZsgAr3v8s1DHzLqVgdD4CEJsVw+a +7xR468XALW2qkeuIpvVeXRm5PCVjJkmAZu4VpOTtgpFpdluvIJkkNo+YH5+bev8H0ynfkCUc +Ed2g1Ue1BbFnKePEiAc76jG3Pug0gT+ttIQKlXcDIybjeWlmVxkA6tUYSvwsErd21YB+u5Ut +eUt7gfcCS4g50c5jmeqUQys5U4aJhn3++npxL7ZEVKq7Z9PbOFzlFUx6JOGhuWNNl2eaemeo +sezEH+ygyE33XzXZbpnVsEsLzclSUij0fvZmUAtOp9/kF6B87AwQd63m0zt1NEs+3PoU3BIz +BG0DKzYd2IcDDEc8xSAxYVEnIVYRUutsziGkCeC0Sps6cVhe+cZ/5RmUmWaIAitd97wDs/Vz +bj8nnvwoUr4E/8tgQs4Lmh111Q3Sti59S5BtTt9kSs0FnK0u0rmrzAKRTowFIJcSf9+se/SN +a8KW+t20K4kCHAQSAQIABgUCT9wpogAKCRCo8sRx4sAmLRvlD/9RmtHR32M500/P7ZnZi53t +zGo6nd1MLw2JVmsvHMS6hda6ICrQbBRrQZcOJUj4r1vIOdWl8Muf+/6RAloPUD1hhAlJA4m6 +ibiACCKLx325BF8ixEYqYzCXROr1R/jTUboC3IhZfstA2WIqx33suZ4KY/0mNWZQLz8eWmwI +WzRHbmDYlBhvjJdQXxatYpqdDCxEvdTYn0az25XOJJ/sVxtqSLQ72imNy/7jUonWqdwVhQxd +r4MbPTlLEv9LP11Kz2gqF8gqt/F/46MBlrQf9Ual0tSSiNvSITdc4dgWmSXtnrO1UljjFa6E ++i+FdDdM1NL330pVx1tb7/zv0gd3cHJCXd823DSOJKN99HyrtiLEk/GIKwCjo2ibiLiIwp6C +yWyU4NQLaRtyef8BMAMpvAFikWj2HqX5ge1qq0bZJJGg21K3+xQIUA5ADTLwfixVTKGX2FDH +JHqwLZOiAHDWjX5mpXICo74bTHSAC99LhzYYnT349t9HA7Rd9nbdY9pkrJkX8P0sNDX5FW2A +6wxuB7I/jLPHQlzUkvV680WlTmbQbMfVLOj4WtetIOC5sd8rA99BApQxaaIfTTmJac+3Tles +Nzid5MHL1MlpLoKeXBMWnivujS3D+QAJNKVQKhSrk5nRaMe9EDybL1UxUQjidKrifn6elR6m +A6bpnNSRfuSjvIkCHAQSAQIABgUCUVNf1QAKCRAuhYDll01Y+U8sD/989NZxCJJFefTqwRpk +p3VXl8vqz8/YyO3KEoDMXR3XpWTjdp3B4k9XSp2Vt4ltJylM9qrDUi+PCFdKQACjAuKZMnJZ +iJ290yC+KBmDVl/N5LsCeuToLJ2P1FSY0EzuJ3+oztdvBcalRcn5Op4GhNxVMFn6EiZW2CyJ +GPgQee247z9Bn8eRWNsjGShMDyHBxNpx3ZajhZTJwfmfPAQ7urHK0lJEriGmnl+OAnfpBQ+R +eG3/WNAbL2nQhTjk2JUsjWFfpRBQpB0QJREXfBKllkveLqv9rdwQGHZhP1w6ygksIKrF5BEK +6Y20ZDO2R2/LOoQukOdUmQh+mcm83YjpPhYpfUJMN8pNrewJMZL+dP8QBGvCmhk7Hw5TRBrm +EXRaLq6w5jYsUAMO76+r9Y6GEVTTVpJV6wBzB3lltJofU7Qc6RhjVbPUluOw1rqx3htdMU/G +PndVf146OuO78N6vQigziYIMfm5z1QTiI/+fFEiC7jnvjHz25WjEyQ7iAyYzVJx1dqVSytgw +f/9haQLl6CklIMQQQVUesdTu8wtCLtg8V9E6ckZRu1PnjFIjaWHro1WQd89vQDuhMqRlKDio +yv9bQDDEaf7WwQFArTekynE3GXT1tgwC/0CFrxI9i5UuDFQR+hkvnfYBYj3RHDpsk5mdbnGw +oLO3RQEiutx7xa0wiIkCHAQSAQIABgUCUdH0nAAKCRCw3cc1O4BFRj89EACwhh6slCQlhB4h +Zq3DFbz8UmeoyYNgx998GU5PJDfEFB5b8MkEqwANGpNMuRWwaQnKqROb2sclVwrlspaxjuML +Z4N55tuWg4tW3oXm10/JyS6sBtjhlSQxbWpITI/qSsTjxW6oDFXENomP37mWuxmJv80FS6jy +TEu3+lMVuezf4vaiK/UGQG1m9yLZonOwOgjGE63AUK6pZ6/B0eiN6WXPLgwRhyz+qNqN8WWW +WxVchtFZqfzmMbaEItGymhpOn9p9nPJ3YtWoObJzWJEzVfi7pTjjk70W7OpXSsX4QadqXgo2 +BnWfhMA4kLDXHKx8i6TOg3Pa487REsEBwpo5HYZvXkw0IpEwtQOIDlW8/sFIZniDISVRbyXq +viFW5OpzfQgb7dzG2z4LHcXR2Rw8SVXpQHETzCuUxeO4mYtOIcuykAsaRC1BJyRUa5bNQNw5 +IBmwLQIYQquGEpBxt+egLd5nXdpKfH6T2Vx4n3igcCgzp2tdwXJKF8/6NNpmp8jyjtbNPHY2 +deQ3BSpi2IlbV3/oIggN9+t7DGDbzl44LpYvk2R/jJXDH7mnO6hlhqUYg3yFg27vp3ljoZVn +0vrdQk2W4NllyIrj0tPlnFELTeRB0gwSk4k5Uaqkrs9ytyW2pujzktYaCIQ/C9BvAgmZh4Sy +SZyto4r+nx3INKjT7D0SLYkCHAQSAQIABgUCUdKd4wAKCRCeVk6lMHomgW/gEACaP6dPDlAz +rO714rhHXpCS667hOInm2EnZzBFXjLLSiyb8dlMbt4X91uORPKXBG7PHf1TxbS2usEpWZpcq +QzZ5gzvtCjCaM3Zz5yUYNeIbEbfk+yY3V4KId2OBTM7gAFoX3mN2K6bbk1+z/fHeKmn4cf51 +suu+LgH4u84B9s9PLVEJCxH/oGudT3AiBG6l9oCvz0ST9ucUDe14SPhWo9liSEMmvECNRxBN +v1l1vlmy5cgG1ou/EjMb/r0cUVnytWjjrR/fo7rKJlZ2u/BAi2pYuKdx0jZwF+itPjTF6CQh +9+sQ/tM3zJxJCWxj7Zf6izlZi9T3JYBzcvbdsHzHJVkdiZazGoD+E1Z7SLCIntiHldWycooE +mKjAzLy2i/npYoyhyMYR2+GxmbR4xec/jgXEPW2iOz0MYdh9pokZzz7RAb4QRvn4Z+bFYxQ7 +gQsRDc08VFGc4Y7zwEvF9jQk9aE7j7oXbXHA98JOAN5YZitjkz0iJ8DX7gUueNRWt8ZzhVg9 +03PiDusBBH2JVU9pSra3q8zPrQdy1pnASDFDfywLe7c+iGvMabPucljss1blA+WSC9Or+QOu +WOooHJxPJJY445psCBfbQBod5SoypQ0OOqqbCOgnYXa0wAvD5awsBQUGRoTMRBrAj8R5QoIz +ckDu1RYwEGUC1afcd6XRt9/ON4kCHAQSAQIABgUCUhs6kwAKCRARrGPgjqpj92Y2D/9GA3Ww +nTx2VHIDttdWb4Sj4CFB1JpknTgnZ2Qyl1B3BSur338CxQ5JlDuj7cSLVYVR05h/FN227SgD +8s6LOASA0tj/F256KOiLEhv7wV7oKZrcz0yjZJWNFvq4Kx4hpNcXNJE8q5Geyvl0Q+32vJ9X +SYK0vxkMHXOB5cp8W69OTBFoYCdsG3RUPXQOGwLABhpdlNpHpLlfQofCbnBeAujzqRxYa3pk +NhTx/qmxKUjhal0opYaS4Nxhm1FlU45KTDRZPUBsLDgX5dmYcnzevvPc+vckxjhQMUcWLTfE +Q2I6G5AOgOsIw+Xc9T25YTVcMwAOryrxxOplWZhHipwevbwd08ZOHUOpJ+5WSGGoHwqkuAHy +fDsnR4hf9HVNPKp1EYiUX3bYUCFUr8Hkndm/u7T6fHyFhQ8zEFRoji3GaHkb+lxY2IYJm4Cf ++14G9+AwM0piJRTHBXCU8TWg8CJPKW8qXvpWSiOEaErEAV3SkPzF7YXBvcc3L+NDRQtQhTsC +lyXqY7GlPtPdvYo1U8xOkgsa75hdrqlVVPADuNoNd0CLL/s+f+h9ZCGbQ7nRtyon9YzwKK6q +K7H4BQFzQH0NDUvb0FYcrfyIWD28l+j4eYS0EIRpALBr3pw28rwLu3cMDRhV3P2hfZdu8PQW +QKTuVGJ1vH+eogt1+9jAij1UJeU9t4kCHAQSAQoABgUCUUMN9AAKCRC0FWuXAAAAAG8xD/9J +1/PHTdpB0XBGqd4L534Rh429U2bJbaHws+GJx34bpcdDzf7Cvn4xJWzkuebcu02ov/WFIBY1 +apjF7TX71SceAKIRjTy975CecET+cyVD4CqcJtKeGHjRxAAqNHnINw2pZkAdtG+mxS4UK+ew +L7VFvGiVyvm3HjsyJzjdSYRCgpoo7ghzWvsDo25pYBtb4BVeDHPt1W+/bz+yFyj/ZU32P3av +BjIPT3hEZIy35T5CX0zApg2GNsBFlvu+IXQ3m429s9vBXPyYjdN2/MuSjbJc5drINriPlbOI +32UrQAGnyqzClvFSlrMBF1adOzFLj0OCCMd1EKM4cSrRXAvymXV5pD50Xlbp8J77Y1YpG23k +lrRBKoIj64ZzgrrE1TJW8YLd2jnPcctQO40sfVDzfPAjMiqZxEVsXLD2pOiUfh97YRcOCED+ +eJZRpPMC+wSxYA+tPJW01qoZGXzyrwkQSJNrc4RAS96Ln8ZWv/BZJLMQZJacpkStjiW7fQBW +Lfc7dPnX3XPvSxDhNSWSXzJNw2CjdKC5Mw64hiSX5+PrFIfxjBRfskuZonhvfKkGFUH4RPhU +r789OSigoMbb+UClsWBlRXREw8yv4Mkr3B+7YzHyVqYNWhPyNcRLX+IbTNA+Rl2dC1T5JNNN +2m6D/aeVcaeIliG2O7/c0n8CFU5n30/LwIkCHAQTAQIABgUCRms3fwAKCRBpIeXkNW7baBzN +D/9I6h05RxBB+QzrpyvaFcnt1nUh3ZEpIgi6t269hYpKs1g655yD55xmf2pV3f8Q9nOJ0Y/+ +J8LJZt7lg9GgOQphSPWQi5O+gB6XfBbe5XqeESgt4yvhKAV415PWqpaY/GYtdlVw3pf2qEre +j3Y8N5nb3dq4JotZWflb9NvAhQ8bVOm4zirYDZ1jZxvuOJ03AUOLkoD0yla2pAoHv4D0j9ac +70uRkVJVRnIh8WsF9B5dCyzdJQjAOgDNHmbqdkE8GW6c18slw5+NhPuMkAnNP4fTF4/vtHs9 +5JhBGfx6fClc8oRZERcXF7CE66VmHVWNt/xwaeNzImk5VYemDopcCq4hFbzFukoGLPBieoM1 +4r7Bs152uWOAkQdIBTKg9W9LUbSlSAak3EMmp0G1gQOmh9jC65eX0teSR4LSz9nwChsoNvef +6zBjENJ9iyU8KFVVxi/X03F4HtqJxZt6pv4mccEHyhKzgiPnNIZaSoj+Z5SvGDld/vpnMbLR +vcUq20iEDKlH4CprUi2dTOHmDAlK/uLrD61muKglVgZpOOjEEZyW9BFWjKpsbpjm+1o3Uc0H +84vtR1FC89xsvyyLwOH+xnVsBqaegj4wHh0MOkGi6KuEY6tHnwpYkR3Adv3E5xqwpO6r72tb +guViwwer7JUQiXb/fpujSRdzVciZ/o9i/WCuEokCHAQTAQIABgUCSS55gAAKCRDg38WRr7c4 +6PveD/0dF3+Arx0CyWOEYJY+9RVkCecuvcP/fEWtR3lfD/WhRx2ZsP+/54s/qSsdLj7P6yvg +sT19cGGwvNWU/xlZiV7NzQQ+N85LaOc48RobLXe2Xbrzqbz98n4xNEQWjB8i9DfYsqPdqOhc ++Z+z+a7nFflEVU+Sw9vs29g6QSoqulBFZMrZw9zPpaORDFSK7VNSDmzxNHzwHTDQcFYWs7yh +aFSv151epnuM9yg6XX6q1jSwnw4KIM05fT6gqfYWoRMUJlAvcFbdszz/4lKAX1svB8pDLNAR +K09nVff7pwgbMiWMr5+qJygWiUYMg+KegDc90Oq8dTZNoBbbkSdffeojiGdFE5Y8scAjoTgD +JTC1KjVawUYcew6m89F3+CtayFSe7jW6LCyWu6dv9Q4wLB7ayDP8daQeyC1mtAwaJEidwMXL +mO1ILEbePz63VBxCVG2w4Pz0Oqj5pTprZMqqCEMzhc74yoI4HQUpzmFRIRhRtpsKtJcifigb +DLfkO+JpVxo2KSAvHmapai1xEEik0Pgw8ZuvpI4kct+GyiW36zz0U2LeFWx2lzSdyIRtsNx4 +haUE3B2AolI+0qgkku9gR0gStg/CoXbSfkBR6zCQMEoQafpDEdM5rP6GlV5M2hqhBUex9sCI +iN9CsnQMztmBJVbI4e1iJakv5/3paAXKkCnHrowepokCHAQTAQIABgUCSolqTAAKCRCxrddj +HEAOuJd0D/9LVSUb4Cb4an1l92HifKfGErVpZQH8QWaUv2QhMKGstl2cnHlgcQUcH11jLT+7 +wIp+QaXaN3Z9dA7mbc+Ov9yzoGfoQx38VJNevB5TGqCspor+54JYgZ+4yVFVZVzniBvdIXaI +0dL8lRquqqcaUCnGXT29eRMCLtcWIkx33U4/wqSupgt5GJzq9/w5yVcR8Tshu41fhByMsMLi +7gO7FvUiyeutlD7RGNu//bp+Sd7RErEypaSS+uzC5qGR39xA4Rmo1iAdBCItHpv5yKBqqleu +txA6eLQ2T0vc5z1msZYyT9Fk47H/r54Zi7ANxdLTAxPD8dGUzx47OQKrjxqNU8CHbBekUmYK +InoUzgYr+1rFwMyxZvlUQS0FDhgyhibT02gvcxgqT0Ld1ayq4bh+TIWt8VzeenaYVdBQW5uw +rf+kAWXmPu/xFtBeVuJjuuyiH/V5eJcgdrfmvor1gesNUJWZUDOUb+YKca/ZWJGmk4UaG3fx +WfaXIWaXyDh86TR1l26FaVdyoX2FjAkDjMXp/Eiu+L++Vh8yEFfu8NjpG6gZzdKVb4ETUIxL +xkPiHRkLBrEfUoIHt3djamgCu0ioaB8TZjthHWcCiWKJlMhExcaSf/Cx1iHjSOEKJ7aEA5K0 +Zp7GVpHEomxp8cMXdztWXygFY0D0JPDa3jvYmh1ewmFZB4kCHAQTAQIABgUCTFx4WgAKCRBE +qjSA/7OWobfvD/9m+3+h1uDURGyqtBofyDd5nIIfWmhAOfu0tIywGPQ+Tfo5zybEfbdnXHbF +dn6Nph8oSQzuVr+hhFCxBtcfrPMtkRojR0xWLA0dqbl9je+IpywrEUOgBve4etUtC92wBBTU +UNd9EpHm+ANzuAzq5qfktdwzuC08Cp/jv7nmQaf6UvafZf4W/JYBdasuhOT/tn9MZGrGqXns +VK8LFiEHJaYyF2Kn1u9UOMZR31ds3kaCSAJCJT6/3/gSklvHPx/m0ZtXrcW9xq+P0AMAEhrv +vwgibdFXzBeg5Dh41CLUNt9Agfixf6cy2FTa9PIu9uTnSAvp+/PRy7CIDgzgrIshrqI4ITJk +hp2bGbJdxGuTyEQhRpix8uUItivspRgIJagu20LjKvuHTH6NrbkL8KnqWbEwFlZp+pzCwzyW +lUHf7PVDT3/gfB1Jn/kOeVwAjeL5prGkwZRmyLy36VY5F8a1ifTByvE8DWT8nOINBCElLxAh +rSOVg1Xns2lCtAQ/wojaT0MQStMGSNGQAXnU2eZZakBE3JgsthM8kUFduesM+DJPyAnHwQWD +za9dvXR01ViG8ElNr5RSbH724jYWzVnndyoPYwKC8BhqlzwsHWUBYJ7iTKyQr9CUb/O4rxYW +fcXo1yxY14MYbDLDMpFJbR62Ds0lZkeu4erCPd4RB+8B9iQxAYkCHAQTAQIABgUCTHVe9gAK +CRAbQmWHgHHa4CE+D/0Tv7ZKv5gkI0LdNUHdpfb9P2EjKf4WmhlCDVsP7Dot1DRzBXTFX+2f +eQwLHZJuuzT9QSNEzJAbiRWieTlSc/1MLijTuRgkFy6wCdsTapYBLSqz9JVh77Lp8qSmKtGg +nrFzX3fKjc5ExWx00HLv270qVmcdfTxiB73KV9T/gqQecDoBZcyiiLxrqn5Fa1FaSfct945o +9jZS/XDQLKSF2FFw7y4uKL3qjO5D/3ITDseZZwBQC3yAIjmjzCzG2NSdS+pQs54cV6JXURTx +UiM0prcB3Wv90U+/rtBpyOnWIG4AKUaGEkFr3raZ8fedMldAtmlShI/wgFbjp0HyOZ2SUWeD +Ru4+UntpeC2Bt/WJeFn83lGud4DC8NXPF6apGQBWWGnurS4zjvJ2715SeZk2nErgmOZVSiw/ +7DcpDD0fNnTtgZHc+wISIH4YwVKATFvBEMiDsnKwvbHe1YE7SNFoAg5z2Q+0Nu4BkRuaPCex +71IjbTMlNl4T4vXEo9ajwtQ46nPjaQ9KJEPNprNRUpsS5nW/ancos4TsunoiUSKvntyefwZT +OPljQeV7Z6c+J8QpsdH6dEmdrfHLGcbRDIWy1OgQ8YC7RprCPmiKo1C6YxzNKfqWSFt5Ng5z +EVKxJcjOoTOlxWwMovdtRzTzkw2Gs+jhBnKoUaYa/KdszIBSptQErokCHAQTAQIABgUCTHvc +EQAKCRAFXCweLWwm+ViGEACj/iYL3EcZVdplgQEf9hkeMZqUVtRk2OQysqbpOn5/e3e81v2m +9vqauaGngCFqPRjb4qjlX6H8YlB3Hu+nQWRykdo2SWQHDireOJ/3IjMSGv9oj9WTVpK7KUPB +4d+7/shLFjBfTCmwFy3EMeOWLgWLJXia6S/UGuIvUYLg1W6JMxWEVm6GFepspvwE2QgGBaHi +gaI88mnScw54hsWLzFdVhN4fHnaovXHbtya7Db5DEG/gNPNtwwEBdeL/E89oqIMlUGP2rw5b +oF6QXQKLixCybAJVywDgLWmHPO7/sCF5L196ylYCcGvZZXKA5yNxJHR2xtk/+FV2YYtjd1Ut +F/zk0z5iRXLgDngrmzn7rxm5lrwylyJ54Spz1ltGq/9Nso7uFALQ6x4+mzHkacGBjUCnC2TO +3vBV5dVXQ8pdOuqJo4Ik1pDydVhRfut5ibpvso4MDBJwG31zigJ3yp3qSikiI/6B9LpuCar9 +AEosVl4WTQqrJbkk9n7Osmif2Sr1H2zOa4+yFThb17el0pRX4FsQq/yTmY/S/Oatp3vWnm3V +dS/RPT7JNjeFfwRiaVcuQnh1N/bbAf3JpeGcIMLRALk6SXHupi1G2f3BculkFqEAiRA2Bvim +kLzKp/V+x9oICDqQmOYgIA4Sbw0zwOZy76hhjPLHgJf7bZ3OStyAYPvRYYkCHAQTAQIABgUC +TPglewAKCRAy5nrarOTt1u4CD/4qBHAgxN8BrgtMgRZGM/r8cEMN7exZZUDLNH3sJ8gcSGtC +AfTtOy/CkQI5RRZExXWOr4kpnnFT0lYCESRKBjvlQUOfHYsYXmK2Nj3vQ4b5u2Dnzbg4IBO1 +biQHPZiBZZyngjgFPH2KfaSE/Xc3uly22a4cpY6n/zJ0mOZ6lSVa5EBxZQ4OB8ue3CR7pPrZ +DLG2E5rulMwYGbunl/tt6mShvCwX4vZcz29y5e5MTnrMtlNQtABrU1q6GI2duYpx2Vn/b4ti +IX9BIR8MNOq2UNiwgUiL7rwUc7z4pUJI43PBN6VBbtIPVoIA2MGK8ongoPDLl/+qTw3vb2H5 +crNszsNValMHqjHUoMMYXltqwEUH70i60KykTd4XEV9FzSaLoZO+Nk1ARpOwlOpuqGtUA9GA +0DPCKjr8OdhRnoyIEo1gZYqSTa1Hw+bQuBQny2Yv/mWreSeeVTMw7myoF+UAUvRJ6bKEpPii +q2bv+ArJGTfcMHWztGAwN5iCEgDlO3zxD7zTCfmY3u1bcYMuJchAPE1lVTOG3luAD0bIAYNi +kG8GVpd2Ajii3QEio4gZz4W1nm2oQo8u8uvYuxykDFmDdkhMfvOjZv1tm7N1Lxfxykynw1+Q +rfGorRwoXmwaGd14m0juhpmNMxEcDY58yQemb5GN8GqzUzzVTnvEZCciW6gutYkCHAQTAQIA +BgUCTPglewAKCRAy5nrarOTt1u4CD/4qBHAgxN8BrgtMgRZGM/r8cEMN7exZZUDLNH3sJ8gc +SGtCAfTtOy/CkQI5RRZExXWOr4kpnnFT0lYCESRKBjvlQUOfHYsYXmK2Nj3vQ4b5u2Dnzbg4 +IBO1biQHPZiBZZyngjgFPH2KfaSE/Xc3uly22a4cpY6n/zJ0mOZ6lSVa5EBxZQ4OB8ue3CR7 +pPrZDLG2E5rulMwYGbunl/tt6mShvCwX4vZcz29y5e5MTnrMtlNQtABrU1q6GI2duYpx2Vn/ +b4tiIX9BIR8MNOq2UNiwgUiL7rwUc7z4pUJI43PBN6VBbtIPVoIA2MGK8ongoPDLl/+qTw3v +b2H5crNszsNValMHqjHUoMMYXltqwEUH70i60KykTd4XEV9FzSaLoZO+Nk1ARpOwlOpuqGtU +A9GA0DPCKjr8OdhRnoyIEo1gZYqSTa1Hw+bQuBQny2Yv/mWreSeeVTMw7myoF+UAUvRJ6bKE +pPiiq2bv+ArJGTfcMHWztGD6/HBDDe3sWWVAyzR97CfIHEhrQgH07TsvwpECOUUWRFuAD0bI +AYNikG8GVpd2Ajii3QEio4gZz4W1nm2oQo8u8uvYuxykDFmDdkhMfvOjZv1tm7N1Lxfxykyn +w1+QrfGorRwoXmwaGd14m0juhpmNMxEcDY58yQemb5GN8GqzUzzVTnvEZCciW6gutYkCHAQT +AQIABgUCTUpkDgAKCRAWUhROG4HPXrPnD/9eT4PUVREcDKT1mW7aK1RJJsNS2rqrHnBglWKb +mfTTJXW0mzRoCh2i+cXad5JpGmrM7bvfO9wkNFdF7OGh6YL7O2nHQcQIv07mFcgyDSdz3k2/ +tyExbtyISkNRDPye6A5rX5hMH0DbU4TOhxfG+Aqjin6dS5Y4FJlWZx48r4g5QiyTZgWDTPl1 +otpTWKMLEe2pW5rCxu/XdFIr6KNe/7tFobZ18BxDRYfUHSADIKOZM+ESx/53KLwBSHAlSBXs +2BDbjdFcT+/i8+Oz3YXtQbbyNbwzgtlRMXRTcU9wJo9MyaBgTKXZRwDHTTjeuTYWp7SDZYhn +qJ24aFcqwYdtImWMx2eCXg5boD+GEzwNtOvPDSuXWjYkkEEHN5KOkXyqkN3nMm1X3j/1PsEk +Q1PKDHWuRTL50DZfGvcvFuygVkfQLMs30TpdjO1LNFQ2QsiBqdbhN+BcmDDbcEUu1O/JvhB1 +Ll1LB3MxxZhfQfS1C5vTlRo2N+atW1yNFUn2X68y182+TZNT831JnxaR4imP1ybhVlJxOnlV +BBQH9xOSd7Ldb4eLBwr8fR69KiYkOHl7tKBPHAUtIzuKre6FeyiFhWJ6XxW6jgOyh6exHO7P +ha3PUFk6VFWk7rNJx+D1/DT6Er0NSWSQqP6qqIAcDcuqMZU+EB1819b0ZlVpe/b6aebGhokC +HAQTAQIABgUCTcINowAKCRBrorXMtsyjE1BVD/9btxRBqt5O23EU6QgMrAkNJcM2VU2pBs2H +19zUhxmh9olGj4DQRRq7l+t6qTjqZ8Jnoswi9tt7WLxfVGLhhNIbfjhGcp0D0XBND9OxuAGJ +zIPzLNFO1yvTlQtzcanP/uoQeZv10gybAfm8UJEzAxhr4r+mMlBn48FsJO+nKv8zJgRjJgZB +6HyiZYuz25Cq1zAJiUDuWRwGZiEInJPgNd05sHK8BceSVp5H8dkc3zTbeCwlFRHgfJeyUAzJ +r+Ph4XTWOvnv0o/Kj/rBLQNIpZlAOaZqWPzj1Uli8eTuF8/jdENzDtSyr0u3PLrSDx7IpVug +BzpgMqZs9/X4nQyW99fzuh/77ukBhZ+bpyQQc7OTjA/JneDzI1l0/PdLF9LhdHkmC9X6A/tZ +bvA5jzCe6MYkENrpgWoEZsOsChnyB1w1ZtovZAAOfxXdXFZ/X4QNlQclTnkgXODPk0YiZcwN +j8Bgn+GTUGJ4vlYliINSpotPOrfOX0g2fX7pQ/oZebayIZ5KbKNoVWSf29HG9QPQ5nGsif8m +s/YcKMkCCnYAQl0cIWiRPaslL0P1Ve7jWSViICh4r89+tXulLkxFlyih5+TDvSkUQnD/OgNa +WDXhh7b8fBC5COCfkGRP0WcvQ9UFWfiKae10huNq+8R5T0ZbhJ7HtOu1JUkXJrcin0cKIITE +bIkCHAQTAQIABgUCTtGoOAAKCRAE7wIvDBi5zEKTD/416WZ8iPmTDslF++fxLync6B5mTEzN +ttosqOsmZqnv23f8tpzXuN0kKSB22k0545FalyCTODjd2geQMMXi9iQZ+rtdAqzog0eTaxM+ +Sa9feO2o6bNWlzHoOcz22/+4UWwowf1h9OxOuQ68Qj5x0cXJr33pByDRrW4kOK7Gk/0RFWB4 +e4RausVWDsnY/rOWFJpRwWbpHsvgg2PdlXFflW/xqJFpbtoujBdtwWMbhh9p9vyT1stcINDc +KfmffG104ecpYFG0VcfQdSsJ7XTIsqavHZ843uz9HR9Uz0RkXNUTk1rz3LqVjHbPeuJi6Vkb +HzjRDNR6rR23Ir2/RuAJiowHYsUR9xnHkZGF0b2hjdmqWGWIXb5TWxwlwn1fWAPSPIH5vRLm +mdKfzz1BYVB+g3YNHhvv4A36pFumNnvUtDn9KDTIqQrkJBgloc0VIJXOOpEhz/WtvbbEOYdi +zovNwZ9KqZNcd5ZEc8S8xCmYiSMluShFPAU5pYCcKdyjcmH67eHFrNd29YMKk0N/wYAuPW/Y +EK5zIww/CPy61I0RPwVaYavafNZJqQJgQBwrvPwIaW3jDsTbaPzj5ShX2rGSgdsaDn723j/A +OrG9chjLM6DrEcFCDDvk2kLckCTjWfJh4cbFuAIsQ4B4fp2nwpI+S614x1CBWJL6nxAZk/Jc +rzeAaIkCHAQTAQIABgUCT56umAAKCRAfNlZlF5PsJ8zqD/kBurs9vq6NKRFFRhZhl/dqILtf +GM29OodvmRRCPxcl+0/eLIdLGkKn1UjRV62cr1dd/wDh3qhHKcFE0+9oQkVCc/rk2yviepxT +ffLnMHH+fvhNkyi3F7tiEycIN+zjAJOqzsWeubjtuyS+Q8f0WP/7FwMtG++Ro3gbYVI2kWzE +W3miUyryoLmkxDz8jAo6iJB+Gg6p6Zxq89svb+Oyo7uF8TNhahc/NdLXU6M4ltgJa3g+5LIP +5aihkZbG038Ctnpaytu+4lhJg8nIzypcdOd/3Rv+DtnnmKecLXR6HpAlrXCPkusx/mGcKWTa +2phGDeKBVHRx9xmymiModhS545SI2yzK/GwGR7POb7x5PW1k1i1yRYc9y0MPoytt/BcztpJ5 +ayAZVXHljxlGxc7z7vxC4anVjcX2wZogyC2rWquf21RFrh72SXXd4sPeUrxAv/x+3p0whoUU +rEEKzpreq4Tfa/qCB8TEwkbtAUVz1KbM5+lZfFfXrRe5TpXbf9Bwgjx+GK61mL5PE86XFrSq +/zpwo9pkGbbvD1F/5+NH+6jenYHklIWwcKvnpPsUvTrYoihUY7lXgoRIq0VLDBZhLPrLKkPZ +EMDQVX1SJiPTgdjrwh4TZabuDx7AFj/YLtV1B/ZNofYR2HXzwAoGklCw74m9ezTUysJJarjJ +yDPjVgos9okCHAQTAQIABgUCUCfp/AAKCRDbkXthzQzRbn0zD/4vgj9itx07d2hGnS8zc2h+ +KuejAUWjrYtVRoJL477caqOks95DBIyW2ZT9dPX8IgodadLu/akh3Jbn2gQPOSDVQPZJoYld +EzFLc0wBT574nBWjfMmQYaNxYT1i3KghcH1G+XFl7A2p+ozvtCcbLQypXYqWwsHGKyVKO6+4 +4ZTeYjL6EX5Z/VDvG9uUpKKGSbVA3dPxPswdJ/6SmncYVn5L6ClV/SmUTQ1tXXyuf1nWR2eW +okY6LrXBvwy3SiI7USiW5DIqKCmXaO3ide1/jChfle2ZInuXvxBJZ3U0hFu3t3wT8DlY/GPW +zSGgb92uJBYE2XHu9apEwQNwqUxuLGHS4g0OMLa5gHuOY1eOr0tuZg05X3iIBROxOGSpxWE8 +aC05hxRuY96rDA7PtnT7ftWcZvrqxBrOL/B8kDCbWB5hnrvePm6k2k7dT6XSEtJ+1R95hWPr +FpSa0REG7rfQV/Xcu+rbknuYbzwoeHFRE0uHe5T9cLL8BReZulI/BlDwNAMVSJ/Zp7lwDDa+ +JdZNY9ybb/NvnJc002v+WvHmwyEd8mC7m9fwALXoMja2xRt+XvscPF+P6IpysgMgOKpflPqx +e+RYWkDBOD6f4Mi4yov1fvcc7PvGxH0+cb5tUJqjkmsELbVjGreX/pCkLd7jRgCXlxIcc94z +54rZUP/756Dhk4kCHAQTAQIABgUCUGiF5wAKCRAQuqbK+XgZ+LM+EACwrKzs56yfnvO8qxtA +kD7pYhzJbD1ilG7WXMn2Qr/7jDhEjXJLBEyGbiQfUBPzSgLuzTlYRH8nafG75IuXwdv+CKDn +7zKU5Fi+JQ1mGzSiOn+ddlI4FgC//TjazAptueCZzT0B20tyeAjRTijwNajhKEYGQ12zs97P +k4qe4Wmx8CGHXvwdh1aBxkOa7IdSxre/gMkR0jPxzXYAMn9b0PQI7/fK4IZk7Bfp4h9cPH1i +krLXDXIcVNG6ur+w3mtHB/PXobk4qIebsxT1CLSGCgNDlSHlnzhCmfMIrXLwteOO911lS1jp +2UcXm6XAp/120ViJkfBpxMJsv7m5Cm62UqzVo8CdgSr73VAFtJdd8A1Xf3SZ3jGvBsT6V8CG +6LNlNmUQN5jV42iFWH9tuMJ00ic2uyZNswjmnd+26miawsx33EQTeR48F9Sb71ogLWvSX5AE +0GKVY30mfENe7P8zJcuwKo0osMELHbmsBOmgdXlkXcp+gVi1BDJfVPi2j30n6LRpGsYxljOS +bEy1kGnWMTPUZDPlJ9sgiyibHsT5ka1a1hRP/20eeKxeCUPwHwFomVW5k0k6pfzLXGrJgU+S +dWMMGYz/DDqWarPRYifhIlci3A2y9TNgHz/wYfW7gOK2PfWnMIwBRzoObfcVnFlnX8iIRhKy +eUW62PSIWXgFfd1rMYkCHAQTAQIABgUCUGiGHwAKCRAnsc7i6ZtrTOXHD/9NB1d4mmYyf9uY +r0ITOH36Ev7mPeKqRWLs4i3ls/FbjuU/zrhXfEIkEpln61o+EBy4mZOTtYFxwZhQ8KzENtko +HxydSYDgqlVcEk/lbGu0c7dVPLogiK2Y1XIu8w1QRYLIiFt0lQrz6aj33qOzoSLXjI7ICdsa +r7+TRe+9iC9NE5oAVnT5xGJDdfb7D7BWuZFsCNkY8AgM1epIV/On0Z+koyQDO13LPNWKEwnp +oaTtfETDLJg7GPZuTJPI7enz0DCKVdk1V6zJdfq8smovVCVq9yvCCjDvpGVCumqgIv+mQKyE +44eEBxESO+O1HVxC5tzlsgU8NvzJHSj3snHKmy4ypmdUiHRan5Rgwwx959I66Mk4/XEFAJct +VIrQG+cRp4ssX0Xg8P0BhlhEPWvzA2hEk7ga6YuBQaRwIOtQu4yN7FOXy4seZpLX1wDpEzQV +IJ89ZV8I4ITbOL/rvFf0RIEqa+gIkbcyJH2kdOFmekx2cH7X+6NQcasaUa/fu0o1+RbGS9LS +6sQqGVGLsQecZ4GSsdVyiPAZ91nTIRoOWRTvWqTtelmUWlatxZyrnUiRK1+DYj8YYH30r4+l +IIdEuSxHy+bHz8LwvHhdH9V7bebPl0ffIfys5KiQ2CYGlLMx8oqgGOTuibSxg5UJKGcqx+6Z +NCwU2ewEdN2NE6dNixxko4kCHAQTAQIABgUCUGiGMQAKCRDgWyX6S6G7kCKmEACEfMLkiVca +x6duR2v+289tJSFIpPJyqOql2S6zinEBv7jY1mcArZ83g8F0hJnF1867HhSSl0F65y6J9ZYx +co418cm5GUVJp5orH6UrXNE+CwsypMLL7Mv2+u8MQZe9RZDOCJFqj3TDsA0XgegF2z9zNssA +yYrb9zhjQlNcXKvne8MURt/dzyTlh9rWbvgz65QFZQzmNXEORJNPnL2RtLAzlDjeSpC8RR5u +k1fawEFIFalGy+6mdTnHYoBNldKRKnOjgsxq9wH2nIf/kgio48cV9Ys1klufCMOwVYNzai2+ +Vydfvsq9w2nEKPOS26C+K2puFWaA3iURy2Punm8pA/hXa4pkLaf/spQXwEjqMaM2x1uu9rEF +uVDQGCjGIApeauPXRbY2OHYBMjJBet9w9WijHJsOoJQSdJy8BkS5/Rv5m895apK8PSDCpjfl +jD2C8IAEJEf6lboXnDUd9hIjKRsM9mJ11wQQYSnhpqhOtPvvVKl+jfQZFkucCdgTBEM3oj3x +LFzsnfVzNtVODgsh6aNlTA3jky8UtQNio7il0Iu835dOZHNL+uRKLeXe3riwU5INWn3+1Rn3 +oftGw+bgaw8vgvK9AxkPAXKm09dtYFc3kRUGVYtEQBTR4L0T5IcvoxWelD46cm3l9WLRcInw +w1Mdoj+PdcDe35MND/HUPh40SIkCHAQTAQIABgUCUHhvSAAKCRBgw4EvY7/zenWxD/wIy/lq +9+ArfAmQ/dYNYDvc/4lH7YC5MBAW7QK/TmvIdu9KMC3zafsPv+BM9y3S10d20uSg63TI8FTI +F/3thaKpM7tSuhhTL5dagKzYKh6wnPWqwNFaXCdbdzmIfomSdKo0Lgns/2xi+VFe8iDhUt3y +BBYjdxBDJY7lGnpS00t5V8/sQksrEC6wytzhI0T6QrRcAx5jJNnGThAhAYLfd204NwosmOFQ +H9YdpcZay7CW0/C7KkBi7FCsqkDXmsCD32jdRmwGtWd4jZDjzJZdOllEWquZZCgAb+JPoVpQ +Kvd87cDyu1DiftRZCjMfrVdkOpiLCpr/tJRQ89CH2c28+PW1oPh4AFUM90sLb/T8duy6aBNo +Hm7xTqDaWtLYL3jo23XHAQB6MyaXEFlggGB9Ls46UG+l2KA7bY4oKpLqc0gBxSKuyuozw4Cj +4Ux6/1RWZ88cKwICOcYbxw3fnTYr7QbgA4PM/6jygF6Z/pKNJmeL/k/IEiGmprF2TUGnj9VC +Zl6d4l0ujAE9LxpBu2pfvXTfRZPxoDcMwEsj7yhdjyfVKM0PEfQ+I6/nTDFFDifVL58y3faA +HN+lzjLQWWsuCgHUCENdZdT/wscYJpo3aVvVurEb/I41LLQxxIWck83NTnV20Gp/wyuWRpgn +2u+GCYL7NFwoAw081jY4xzzlrO8TFYkCHAQTAQIABgUCUH7uGgAKCRAfNlZlF5PsJ0uBD/4l +2PPZf62TdLiz6K5tfpWF6+L2rBSmsC0JpK3L9uC7kG6TZ8rOvtn7NAe9gjn/ALSqDiK2vc/X +/ibIkFNkDL8lCBjdRMmXE2DF6Af1nI3vnp4NYCx7M4tQO5GOfSzLglMOAHAcE8kdNeVokOLU +8HB4SJPVP8TxqJIYf1kc7i0krW/DWBrcIYfJg5eCZk3On1KXbKiow9eu+bkJd8bCZEJzgTqq +HvIvc5AE4xeeBiYAQ2znLjOOtQYF1F02b7Y0ss9Z5ub7DGK4bMI8bXkDpIs0Fdjl2WDaSptj +acZeIAirjwU1m+PFrqt8sz549b4tzSsaP5U0i0MAlHOdX7ZmCrAynwsdi6LtyHBderomP6qg +Lliu/UjHcNSiaX5/CJ6wMfiWakxdSMPN9QVpig004BgBIDXVtbv645Eh3j3Ezsp4RNKbOX6R +Ii2kqOJMH6Qn35Q50799ztKTFKNHNhNlkY6RdQGQsHDpNtq4mAHT800iQYTSQYhFOXA1UcQt +BKBsw40eWFX+/QHV+0lPhYv3YI4doll1GCoXxVZLvnCsc3SqsQAMi20ieJ/1WgC8cQDXRZUC +qlLRdLB1whwNs0QERlwSZiXZKwMppl+afE19DYSdV7y+QwVDBBtqSkA0SmrEvGB4tPsvzoKO +eGGg+2nnXzux/6xlcZfSZyE++aCtSTA47okCHAQTAQIABgUCUMt/8QAKCRCQWnebPOFgwGjJ +D/9z9s0e6XBai5g2dfHoPD8/z8jAeZbITm98MjhCS+Q7ZFclSQoHF32JkPG9dfkGolw8A337 +ehxuPrB3XhKT0L7pF4T3mk1PdmyB64UETM+s55s9+vqBvAqPfKh8He0DbzRzd2tB4OW7OS+K +alfMu88W7/qv5een2PuNjNPqKWXbsvkKRhyWtaneSXVHFbDtaCQ8tFUO30B7IpA+C5d4ShPG +abblXbmdL6Dl86v3adJlHA0N7YJ++PXtmWMbTQzbeSDnkQwqT/rBgKbXIOupGOds2cjuxdpd +3JvlSnzthuDdPy7br022p67+i1gorx949wj7BDODHlQxX3C4FkyBABP8C0jiB+zap/dIdcKv +nQtdSn0ntowpGc+1oQE4UauvgyNZo1Lj/okIFNNPX42XqYTp1LilayVJQIhYwYaL+N7Kv/iB +6UM39amxfnQsf2p2vpiXYCjYgR/GMFjWQsqbRTR9Fv26xI/x4F2Z674kfXuOCvacLEKWOa1s +wjmOvTLHt+ZVi6lSsqO7YfMQILO92mCLOm//mfdWicMPpM9aS/cG5U8N9YJ8wlNLu+P3LIok +OZU3geAW3O5hILxFpoZfeZvMkZE6r0vgv2HktEKPiMdfcBbh57o3U5qcqdSsyI9rzkfjCbch +cGj+dUoBDYMmQEfy2EW/B30wHh+NiKIlhdre7okCHAQTAQIABgUCUZtODQAKCRBE+e56dhTP +hNJLD/477yKgMFIY59EEFOxi3MjEZ2WbjkHx7kzMjrXXNvzMcImO6hY0bghGo+qEEK7yeLjY +mvViI+aAq1eJTObl+cYVdBQ8Tr3wXQ6B3pf7hwmU2nF1PiSbl60tivPpH6doNmo8ngJKbvt4 +79m2HXI5d1sYGt5o/J1zGegO/ODzHXrZOJyZ3VI0XDw9NZdGwY3boEJf7AGtsoL1fLhwxiL8 +rG/T2VsdSNenEybJsG6sKp0jJqOgSo+4ASMzkwZypHnXKgWem2wi7Bm86FvC1kXvXyw3Sb7E +ipEpI9kKPg+iMDJVlKcWgviWUNsNfNkdBs1LFUe1E8Kcf1YM++96eUzCFyGHx7SyPYVqQKJL +KSmXiRy6fGiK2lgFAwc646mT8kOMbxBdQ0MZgyBtzFjz7PsoIKI/TV0MSuPZ+HXBTPQAf2Uj +T8gyLnmHcgCR7VPmG8Ij5ll7tMrUIbe6E3dXgWqzZaQytUQgM6jwOE0nQS6TSagz4/6n/ewW +zHpNcbPK9pL18pzpIA5MG1TwwzTi2g1LQYpM0f5uqGXubGXEBY+xxXUmsq2zWQlG/Tfk08Ab +q5wx+MXY9OnhQeL9Mts4hvTxqrGdhrmL0ngwp8TNNLPaVC3k23raUCtAm2D1lLsmH89woeCB +BbowU8v7nNrEvFGb1v33ZoNhmcPKNFT2l3WBTsVET4kCHAQTAQIABgUCUcRUwQAKCRBBokiV +7lbwKqT2D/4gxY14oZlAthbdkFRZZymr1WEqbf572rtV0ZEjnFX1+rhCi/8mj6T+J2clIOWp +ATzDct2DFrQYf2RmHfgqI+WQX6eqX5OlvEszm+ydWhgREDtDhpa1nV176iInqSR+r36alNwc +kqeUV7XEZWpBiKQnIvgT0KwSP3FRWsSWBuVmKMW3NCParyV+xeBFXMuBczfgvVzuqJA2ixdP +LG1EVeGZUMMnwLi7SapA5KGypjHlusSD702eqykgsvsakGt8HfKJyINtMeRBYXXTeNx3AfFK +q6qKt/b9IM1p8HmtSmjSxrKOORUoCPQPh7uImhLxYuBaQyX0yc3Eu1mbf06O9a6xVLRMp2DW +taRW8XA+wVwOpEWX0kv5Z327VSa1vB13sINGsNeKzkFr2LzQHQwSK3rQpA96YWNOYxlwqgzD +Xx1WhfFlf87dqmIi82m6pZxOS2g+6ZiyDUS8FFgBto716NedkHcRrpmx41zj42c5BQgWd1fM +dM0ioYMJQs8cOrPR4gsXkJncHTDmO4ZFEApfSu2DdNlq2PkXdekRjjpH2YWbLBCVoEJudKtu +/gNI38Nwb4umYAeHxbLrUJ5GAiP/rnuYQiki90ICyt8s8xYghITicZ1rY0QNtHmEaHlblh30 +hGWPeo1yuGSDzrqLfJWqGtKlQfAgzWhhKJdvGQ99RetVSYkCHAQTAQIABgUCUcckqwAKCRD+ +ITon1w8NvPuwEACY3BAxWlKmaZafDhN0wtoL7srEmYZ5qiMGQkHOl98XdTewvxMtzg5hRcX1 +xs/ekUJd9Mcx8jqRDBzuC+K2iNnn0EfJbpucHK/Oi+255jsRxhRWoG3JdoiU7HUkCIqFkMk1 +hQn9xbfztYctmduV2vJY7NuUB1gn0K9yCFHMKw4WtnE+LJP8+j0K0bXymg8hll5nkli/NYv0 +UE8wXmQ2nYUlcjoY69Xnjyxl7Qi95D9n1gmi2xqonYnarHOWrOctN9Hl3jMpDLPve4Al9Uzz +/Cr+EGy5hXipxy8DCtnQq3x1/AIQ3EOQ4Uff3jwoLSQ2FRhaZb1F5ZvfuB75APm3bw6eiotT +w4LuQ2geNzBjbp/j09A9T/CpxCwbPMvNjLZBzZ0DkgFtStZLC2Ije9YC8K9nV29z21Vrkb3g +3KczoWd0y1FgIBbCdHL7IkHS9UJ2iiaHFNkjqTwvV3apiv9xDkdIBr+GeP8fkLwG4v8TZWpO +xhryHsZ/dsFxCDeED8CDJDtJwphl2Unc3F70GRI9AXcxoOnqcO24ey5qtw0GJ/0J7DtnbaS3 +/kiRBS22ieKMzG8/tTMCBz+eNq/1/tXQbP9bnPgbMHfJET7kxT4Aj/u6JHF8U85s1omowrc5 +0D7JdkGXLHs9UDiqUI6q1UGIo8ZixQFjoSDCiV7SKSPBuIIXQYkCHAQTAQgABgUCUI/fyQAK +CRA5sU1qmXLUhoxRD/4teQJlxwtfZEGV4Kr6kb0Nu+cl1Pu2oS2dm+qhTPxh+UkNQL/jqf5Z +GkMuKCyFK1ySaE6aWyrUFqzMKleyeUBDyaHUyD5jlGe/VjYY92HpjNmaPOnkfT0GIb3XKsKR +f2G5RWI1O103AecdCy5ZccY1Ra1zwZq0zhAL2igoO+lUePmNBbwQR6MR692/fDo1325+afzp +W+DK7uXIkoeoYMA+wFe11u8cF1gIcarxhBqqQzmQj0zzrenqk24tRTdi2rLQkT+xKo5zYdng +moLqn8Pg+XmUaII3varF9+8p+I48qh5gQh8vFMsbHTRKYRGrhbyhtztlfAMnARpfFp5O4Bfx +xGIAiOSnbDNy6yy0Xx1WAO8zsHYc20CibKSib+oshBnS1hL26rZDXLTRd6QOJdd7Rs+RvaiK +4uOrCOU5Kz6gFrMkpmEc2M9EnKToUFizt3a8lXC8V4wGPCfGyQwriO8oa5edsbrHe45hiSuc +dAHvrqeSP0DrnODrCEU6fGe1UQTkM1KChhP+GR2746WZQsYjz9Ci7GxfjgVe53kWZpGMLUOc +PdjcQjgkphYeulsEtjAYeSkkJvsdpMnoHkHlqaAVyBWpPbFlpRcw67dgQZSYnNTMel6OLGZ7 +ocgH1tZDySV6xC42WLsiKlckk+YZ4j0qNb1xaTGBF0Zr8fGgSy6lZIkCHAQTAQoABgUCUTD4 +lQAKCRDHfUWn4oNGKx+yEACWB2SlB5wYt6do0CUm045TRsdkBm0eUNYZKvX+IB91WBMzVKBp +TCInQs2BTL3XEw/GiKfpi/6xMg+crVrUevOOFCfjj1ygjc7Kr4i0rQ3ihCusDJasd0XoR/2h +5P6cxb99e2qhH5ATyT1oym95ROX0kWtNosPy+Rz8ncPINjNBDoMPFA0oQdhOGarqGS3ToG5V +AJJvm5oFXLHV3CzYuyFb8R/kdfez5WBN0b9t5VTVpKfn181ZNXKsKGlwMjBEtE/90Hp4C8Y+ +U6RMtiocec839nbn7rgdRG1OsOKKfFdUyXDAUrfQdW8AgzBHOl+edrUp8qxo+voRspYgbgLd +nLDCqG/4+ULWJ3lqxEDI/qCH3nfuwkkjsuGXCyxmEIVXpdyhjCAWxFpEvDQlqaN2Z/Vk6+Xy +GGT7NpaQKOtaIOkPfHjMka3WrBKmc3YaLbYrIwil72EgNjDAuMPMJQpisH17M2lR1ZWpxsjS +mwbqapDnmQt8Uc9ophVJWQ/prdYAycDuZXw/+fhFMIDcqO55P3GXaDARQMRJkmbIbKmDXCC+ +2+iMUB6wqroRtfyEz3vUADHI84r9vWA59dXqqKAth6yBq+RAMsr/To0HrmtElq6XsZPUZrSP +PJqKV5MRNrmfnNWSRbvUxV/Ed6Fwq45Uc+MnyNQYSSME/wsMG/UAiVaOXokCHAQTAQoABgUC +Uf5+yAAKCRAgCYIIDXZWp3nSD/9JU8LWkuOXUOeIo6CfNzvtwdKpghomWvHHBjrNBo96uDW0 +BMPNwiYRdMAfLwieef+Xc1T/45q3L+b/2XjRVpYSadclnSwNmATCY9xRDNbX3TEvXDioojia +jHoenY6wWcYVkkiLScgDy4t8MY6/GfauR+BT8Uv+4s+o0cCEvDZgCoy3wk76g3KNhrhWE66k +dF57G5CwBwq25HYrnqzl/Tzy3lmWo9ZUFzIsTGBjNImScMJ7h41mNajBIfPnPNdFCgfyhLiK +CLmpcd7gocZ09Eh6nTRh5m0ltzYLehpNUGkbtUdr4enhqrZCQtTr3S0GxyfiKAMe4GKj+AW1 +UXUnMw2hsUZar1a686H9rA8byO5ggq15oGHCZ0RHTt3UuueiydOMF+BSExAmkPjJHif8vW2D +cTC/1lTL7au+n936y/YlvrgBJxu8YO10Tbo5TU43lnPDIbqbMZto5nqsjJPVKneTM81ywCck +tegN5FNTUlZyMsQ+1vH6n9BARighNU+RGD+oEHYLj5Kpj33uSu8ZzUqtyO7CvQT201rSe4Fo +HGGc1vo0An947VCKaqSu5gT2usHCZ4dHUoBpyslZwZzvnopZ2nOzh9XAtrW81R1FDKQCTnJs +zorOc7SgwyBQlgC2ndrc1rhOWUVlrI82jTrxHgOKpxDs/ofId/HlrH0doOHpwYkCHwQQAQIA +CQUCThmWGwIHAAAKCRBbnqFhZpDPlGeYD/93y7nCIDUoETVoeVaqv/NQMntwhoBjcbfLOQjO +lJy4DAfqRplK5hR9krjEHyNwGq4LxMo3oXsOkMr1NYmN+al/L93Ym/6GP2UXnt7cY8wH68vd +jp7HZywiDyo03A5iaDj6HtJ8cQL5Bv+g0aYKnmHmynz6t59Ecaj6RZDfhDIePp2p5UKqCmQE +YupkSZVoA8SMvbOfs3aNDsnjq+Rl7EWutZJcJcTzCYtXAWq1+O1uFCv0lHReRIeFIEcaQkfv +umgWYX7l1pxHiPDiGYLMJeraypia1WpqIUfhRicW6V9qw4GbnVgdDawXKy2AXmxF96cHxmEo +CCV+mHIqdpspl2Wsiq8WQh7vMysPqCc7AtXRq04gEynsT/aK1XmZNgIt5Kdf3D5IPPaYGuSp +YGeYSQfnxxrsEk7cf+EaqWwH2SJiAdkDbn25H2bZoz1OiAUYg+okjCThv9FdZXdwzG5g7Slm +ZW8RxTDNNib+ofUPTD6IMit9iydM5MF4A8xO87yBUQb21iQVRxoiN0165hgsWrKH1Yc+SJcz +2E1t21rQO7ivS5SLYXOa4II6EJlBLYaxFE036rpriqTrbEqvpRGAWUmIGuO3xLPy4/swlfuF +jK7+4OVgzGSbF6xaIOYJFHa2jhaN6t9YIlCXpgzONiTdx18203zsICLVZEH4PVOKLI+VUIkC +HwQwAQIACQUCT+DQzQIdIAAKCRDEshpLvtshFblcD/4qVy9bALjFgYE2rSgS2/KOU9oyTD4a +ftV95PxFy8CMtP0Umt5avQ+CNYpMRkKtchwS5UIfnK9IJHLzTQtODKWaAlEHly/no1Ech2a+ +VeZA8kBMyEPyFiBduIZFwkZagNw4DTpR077PGWFOYpl9jQmr9MdbYZQm8MI8vuhJ9Stp29Cw +Zon74mTEumVV0nIIYYgqYu6UjyEc7806+6KdSpyyIcZ5Id0BGOTLAiYHQr/1PUd5Ajs17KNa +uPnKnTiRS23fTkNYQ6DtD0no/E4ri5+ZyPiJdGiGa5z/LgcGxJRcbK7jbuvtlppmQIDLKVSJ +LtGdA+zXNL15s8vhSdrAmHyWZcb1iL+39iTfbwmdMUf+oJW6CluuePITHC7hmSdsUxPZkgHN +yValC525tlU19mOjAdvKI3zX6stwbr8/psZPpM6qBR2BFqTad+TLt87FuqwT11ua41Plw40v +xAQKL/u+YukIEnw2+rRMRP6mWzb92CIhp/nXcSGAkM3KvLB85/tUgPiff4UhAZt5GveP84oF +zSbQj+eNSzYY637W3NiqUyvPPyA/OQptB9jwlXLqjwamdStCYyzK9oWf9iLS9UMr1kqCt1m7 +CxYpeQ2l89r4rqDTA7x+3FNzvm5nmeQe9XIJlj9s+mQFl4QCVHyVybyd5IOfxugS0RiN5A5n +FWF8C4kCIAQQAQIACgUCQfa+ywMFAXgACgkQowA1yTHZ4o2eDBAAikc/IWxDsfG6wzfJ6T/l +NIf92MDb0BH8TP89Lg+IKL0z3YIxYBj9BLAetBof5FFttJwHSQO2WCACUrSqsUv7ivn2s9Tu +yl1q9c7STbmnc5J930JHOQcmhW88ogCBYFEu/Y7LZ2shojjJIyvtLi9uDAF8cJsPUcQu3asU +7skY7DGO5xQxemQhetjd62Gfz0UtKtcBJd0PksJ2svzi8UY1F/BoseLGYhNQEH5oppUbquSb +PlEcMY/F31dvGONha8Cd2i/uUC/dcurT5+J6YFsqTIAH9BLVR4YlsWtmUhKzD3g+BAbdkC9V +zAlb7Peb3DwGRmrMHX/GgKUkZ8zZUHq9VYKt4fRWv9sit/lhXjk+jhQjDNRgtGMqsO2iWIG5 +2y2ldyhVwdEFKq93GYENetKBPp0HKgESCNMY62lQKLSgFgzELIwodKi2GI72O5cKSVUVxmI4 +aAZe+FX9qYvRFRuKLtD1JpmLSMG8HZcHEtzBGPx5Cv51C3DfSrXt/aD/X7BTEHj/kuQXjoFr +9/lwPOL5yMaLCf0Mmxh5AyPgChOISGK3jJaRzEMBFLbJiquNfDrfPvXSddkv37HTSyY1oc4b +ByNjXG5fT43+SxUN4nMbz4IeFwJ7Srr548kBpBWPlOxIDLLg2gWxbex0cSYhGO3G0IKuu/9S +YESP0WTFTN0n1SuJAiAEEAECAAoFAklovPUDBQE8AAoJEGtVgnL48VGB1kAP/2ytGvzHcU79 +L4s5TcGFbYETTO5fTYfgwyrlRoUQPNc/Pk9/Xuy2t0cjiyn/OOpT3um8Iej6dyU8lpqgcoR9 +TbWPspIjSHvLgq1Y5XmXAQufC0DUMMXs/lh/b+wL6/jdb6odFOQg23RipzkbIGjngueM+3Td +mmuAtgvg3OufJSQFC/W8b5qUPDz4t5w4NzCRuiwMPZl31mI1O/74tiJZ0JApuZREzZ/UlJtw +uji6x2WrlmCWR4fb47KHG8Wj67AjKaWZYZlXECnG5kLgTg0isqzKHr7dZLIbjdJ2Ku7MQ+TX +6yLRA5T9vZFyMKyDGnqz2I0CPMuSckSrzOn2qUGD6Ia9/2Z4IxqyZfC+GvSTgwKqrN+kuC1f ++o22iZdylwvG2XR0eNmbTYD9DHH6Rx4XP98/oXJ7COQfY8u7LefDdVZ9S5CltUDQ8C97FDKr +FtwuKzdKtE+Y4ybqM5PsIIC9cBwwuYP654hRDrfBuQtThI9Sl01dRw2dYQn0G4fxNnBf+Cp7 +e/3Ut9xEiHdYlOdmkSwfOOinZRsXKvZyCwj/7HgunxdxIAd1mnOHg6JuUaPfR8UYBdZI++iC +1yjc2TV97EY/Nfe31rM1s+n1UUYcrHtHUbuGx2VzzSI3Zfc56gU0zz2R8/S8UYsVmqb5d6Bj +Tk2+T2F8Bks5vZ0+7gT2vE/kiQIgBBABAgAKBQJJuiMvAwUBeAAKCRB1pdpKBXRUrbmaD/4s +rWP5Xwiy1BIE3+BNLvc7RGMpOEGAo3LNCr3xWnIMOlsh/EM3EE8iSmyddUFTKyEcAEDdh0gB +nuE7/Ed9QVVS1KFS7Pqx/PYTRP+F0rmwZ29ex4yFmZ/KTCgLbEOK2wmkTwunlohMahlfgf1U +rJCFhir/Sz0AkC9u8NtUXKyveESBmq2jqzq3wiLbSSpoORzYha7pKQVv73LIzcOHxbKgvXX0 +/CPjdMWli1Bx3jcmxWbQvKZiXD7q6pjVYOJFhyiO4dDFc5c4h755mWtOIFXrZc5KWYaSYWYU +Hq1FeVcKTsmu0ODFEkBMEIIAWM12BuSiQcccavvZXJl1bW+fNlfLx2cBmFmQIj1gOPxgV9LM +ampm1m4Hj7rIofyKhrIiaI9jXKFx+DUKcC5Fm18CfQ11x0ck+QNEPinNiP0qu7F9h1OcY00A +1j5gbKfL/pc+5z5JgbLZKVuOvo3J74j5mP5EpxCWt1e9v6x5b1nLPpIAhFsHjG76eD/YfYhi +FKzRWb+itM0Lla557ukFTMiR5aaSft3gicFe5lPlgJBXVRQ+il+PM1JFMs02++r5M58XKHd6 +KmJJvCpQ0ldeTjna2RK9WI4HPRj0HXl/Fjiy2Mt48epO+YAKHPK2OzYNSsaH40CVNpbYw/r/ +f9EDVpScB6BMo/KIzybGuIJS31+iZGAr4IkCIAQQAQIACgUCTBaYuwMFAXgACgkQPFMY+Bh+ +BkxN2xAAlr8ClOdaYzDCLB1laZYmyE+OAryDNhsvCzaL81FBdmTGeXfYK+dAcB5dBvI31Kqs +SWHyZZy6iBtWZ+6HP7qH7vTvXQQG8BaEJzfEb86+ewz6Q7DvrPL8WdO77WR9eUj5G1oxcs9D +BdgOXQwDs/5fvjTyUdeBHRiHgdSyiS+mke4dR7OsynnaJUljRo6qZAM0DEsWk6Rd+VaQHucY +g5sBvpzbvifWkpXg2noqXnuWqttjtAPgGAqskJpv8uDflBW26hNDucTxD5UPOXdNdCVQ6CRF +zhqJIi5QJHz5npmnLip0GNXVdt6l0IQxSLE7XeKrugkmdAaCQQjvHS0Mu+6rOZNpoKm2W9QM +sR6ORlpJ6hyQzep2VjsslJuNWMVg1Y5oGi/lDF9WaCE4O6UPNs3LOk4ZrdfEwIbBK2xYHcpy +QFG+GVSNg+iIJjmvp14Abr3/ZRwoMfALn3rfcoCfaiaIShKa7v+SiYQrRFSQQfboVLbGxzYa +/fsFzGZAUv0w9rcGjLGgZICLJ2v3vFlF772+S5kqo3o6/jM4bprkQ2DtSkkjftTpQYXM9ezw +NhIDhmBYUAYE4N7sh26mQAxMzLTmiKo8bkM4ZiVwiOgh0TyZzkmo+KLK95tosTEzPe+xubhk +/bl5zoasitrV3PrcdA1O4UeR0BEYQb5NCJY+O6SYspyJAiAEEgEIAAoFAk3d4doDBQF4AAoJ +EOTRKq+79JMohL0QAKRsDRSDCr02LvzwmiCCkTxdpBcE3IgXA9t4y+jYUni2I0rSRaJjZ0A4 +YPNDWAQElJGjFxDz86gE3gblu7vx9H2immFT/VW6Rfwc3KeNZdItmn1NCBdNPOpLQ1wEJgEt +L/Rpd+RGEkQ1KaOLKVdw6KA+C/nmOoaFutFdOI2o07rGduBLzpkybo8H7WQb2JcE+HpDLOjy +UCSccu0Ts5RHXNXS9ucaoYWDHC0kW5AOq/mkwHFHL96Sj3EnGPO8NiteKExo4Zi+8x7GSW/4 +md9JFdlBOyr1AP/oeTIBT7+wXVN4D1gkw5DqGr5ggSRY5OefQdtxBH8PfIL4fBc8tSZcLy3R +bJSPWMa3URM7angdJKMvhX+hh/L/lQYPwmt+GxrgSRy/Vt542zG/Ic5sJppxW4e/NZORmxvz +DX4vNqZf2khKx+T+0/Q8oCh3rJZp63jjjpN5iDofLm+7+3NQ9BdXouE4bQFjtj7P1gEbSzeO +rSWHqcgGmciI/mDdDpTYwqVapdnENfAIHUqQwPokQhsPhBtGj/HK7uJgktWxcuiHIcunN8wg +azTFk3HGb5yk+iIDFbtakSTROFLLEIcIHZx/ZXi5lQKzoqRl9tZAYK8wKmPQdXkYvzy8IePS +LNVfCuhUmMVjIqOLU27k3HBSMDze5zQ5/OmVGM6lZOLIKMni3bLriQIiBBABAgAMBQJCY57S +BQMJZ1MAAAoJEIxiLNCCMKkid44QAJz6BkQ2BGX9chTR88TRrQLoFM5sCSkjWEfJ16ciY+AH +aFNEa4d/xtPvCS/KtuD9+LpDJnznjsNKyCqy4HOkcbP1Vu9FB56AgenXlCKCVhmm623aD76y +El5EpFxh/rHaGHjBVTkM7Vj5SX4LrNT1VBqymcAW3kODoTlMa8wVf58UhHFCD3quh2K37sOK +kOSVHGU2ClgjVN0bWECY95h5H4UHwcwDAQLb7kKFK/oKSAc3ckMMZhrC3S7ustYstCaz+t+6 +AEvkK2LEKEBNn6KZ88lWnNyzOdty8ErmUxzm4zoE1jpxZ3N97JF/ohwjNwnhgT/RldBeSrrc +H0m+r0BUvqWrhlBR3IkhEASzk/p1rKJWNjGoVH+8Y2LxdiG3RWVrtEto3Ty2vnezkW9r06bJ +TO60wRlp679OHfgLIAgJB0dORcvUiXsNr+1EB8z7ZCQNfFHqLBOH7r17x0IL0HtiFO3ulng/ +96TXlbDP/s2rLyk2LbVh3ae9Xwb3StjteBdwHZTfh3ngIH/fpZ8xfGSafVy6SeZvz+enWosO +ntNawVs9NEBQL5j04j7SicTlWUePjAGI2s+LTFbI4Vw2jlNRloVyRGFBqVnvGOmWxeCmywqf +uT6H6HiHXzof6XX1yD7dn7jNXWiaHFos1NPGWZ+iFWxOD+ttPjfzvbHxAsjhZr2FiQIiBBAB +AgAMBQJPU2JeBYMHhh+AAAoJEMgTCgswFICavuYP/2F1wkSyyG+aNq5p7BfFzC4uvLKcgfxx +SMryo5C/Wfzm+iUaDQtJnXJDgWpmmHAF0eoY7/z7g4uZqgf6Ukr2OruglB8wUJX/fFoFUImE ++LuDydD6B1YhE2BY8MFKgsn/dNt5fXNk9UUzw/I0MDrrKsQjFeGNt0bz2aE4iWdMEoN0906w +UTfMHCIzSu0VaY/97aAsJNRpOYECnFcfZDCsw9JwkFaOO6m4otPbK5Xlr68hIcCSEa3SoFIA +wj++eUyUjC6Gzsh224XN1aB0CAXEhAw+D5HjYDWxYouGVuJOI5z9UhvO2PGYdyY0AZgmxuwy +TqyI4bU4WxtpitWML81fRJXiF9oIayh/1JzxJSV5Zy9Ml3KlAfT15Zb/zhAuDM4l3fVhjlqg +v9qUDsWi80qa/YoXJWJVTLkgVkU1ycu8sDmT/XZcLJcFZxJVEOArSf0yeVd3E9MWfijCKVrS +Q7XltiuxBQVVPrSvut4VusjBxT1RNb2yT78e4q4dz4ZgBvI6nnAfSdKZz0gNLebR/zwuvU/X +xFPZ+vlWxMU/P33ifuNuLxIWuMksXjMUT5cvsg3nbhcv1qWxkggQRT5syP0Ic+G1XaFKm/9g +Y8dE4juxsOa8sD+tbCy56vA/lnFhVb7pmn37jNdrD9JNwBmoHTiT88psWlgc4q+Uorm2rfMe +RctMiQIiBBABAgAMBQJP9Gr1BYMB4oUAAAoJEGPK8nY+x3LUl2cQAKhkG9Vl2cYC9dO2eZhp +T7Bko5t7zGGxTY9NBxVBuAFLDKvUJaWFpw8RhSlrhDuvku6ppGDk9KxQ9xJd2QDZUw+xv9lG +ee4HNKeneRQ0biJ0+XYcIVxJ1d3J8/m2c2G+zikik+VFjK5YFdKtFONKEK9BS55NAvOlGw/z +mmarYsQphbTY2UkaEeN9g/hki/tAXSDF9UxndntHCWHr2iJB/0uzRfYopUUZ9GL1V7yHM9h3 +S2ChzawG1z/LEjR5bcUb5BEqovOqiBVtbxYTDm96Et4Zi6FsswBASiuJr2SXFKd6eTXdrxFP +cpJ+l3jLYaAASIsbP7+t8av6OeVEXbqWHXDFXNFB6YSEohBsFUj7Jk5VjVtfguLYwFvUXhj+ +q66T2vBuQGo1OiCvHfKlbjA1ilapaHIQ0neNp/O0iMwAx8bscSZqJRubU7E4q5eXY9gSbDpj +vkyMAuFy3yNBvSaSkEqyp2lbRxXLvVfVVrbw6U3EVjrghKqU2O+C+CmRsTYX3KmexExc/BDN +TVudjDCCnCDIEH3Kq7zjvmA3tXQxBDE18aVtyegyMp9SRY84Mgqm1c73DP18bR1AW1wCUjUF +h90CIsKQXt8QPb19JSw4h10QqcoKubj70s8ZqULPP58CqW9eIAw73HlG27WNhTmx57CUTTgu ++s2bZ3kRpsb5G5X5iQIiBBABAgAMBQJQV+qzBYMHhh+AAAoJEL/cZe6EUQW+T2UP/RsP5muK +7Vc/wCG77YqcISAeieZ1hwrF3Ev79ai0r2l3jNJofF8tb8gRTKE/O9P2vlc+4YSFro7rukmY +mo/Q0HBk+WnzdN2F7dPxc6mf3Vhjwa/yZVHj2geN4yAJANqWslHHZaKg0uAHZOKJu2+0+E5K +xVuzbtX45wxL24IioyjvX04y7gPV+rWwfFsyyarDFPeqX4IYGqgRuH0t63zX4VKOVR06vuGh +Q5ZtZ1f+m8Wde2fp4SZR0FR/LLw6dqShV7LxF84YVyE4/29BmX9sGemeArmcmY7Myrasdmy8 +lZ13H3nAuu9x4+QLGgeCQ+U7tDn24Cwj8rdN71sUEoTARayU5OLvFiVOOYBrNlmYdoIH7k5I +xsE54I4I1tJPdmIvQ/eWV07gt10vHyRVk85GEJmRkR8QCQjyl+t2rabTosr4oqoFQnnWWE0D +SHrHhXenT+EEe22F3LdhRa5Y9BJ55wpYzb/A6iLzcev6Nx+uXQiacvnE2+3lNLBvaj0Ihifu +10kbkCSyosujUL5wVkjz9nGDyvcaIUWQHxLvK9FH6WwVzbpq/Rt/On122+T9/ddG+89CxT6K +gcoORBoYuDk1RPYauqf6afKikXSNjxWMCoiEZtTFUkqkdaVfjyzZxCJIrhmc/xQZ81WuPwoY +5R3gn8AdJO2zxjTDNtJg5HkWwqpKiQIiBBABCgAMBQJR1dT2BYMHhh+AAAoJEJRTSBDyww9J +UUsP/2VWxswSqErUbhNGpbRZcVAAkItOQLvWznfturlB24H2iMXCYR4V2eGs2SElOFEx0rDi +N3E7Zpi8Y9GsdmzhRvnOUWRh+H+B6PiAPIEsVrMp4G/dIwYvjN0S1bZd37aMWCiV47FBLmKD +kuQEGKVnf2f4LSgGsyQ0CABPexB4LXckIwm8oKOcw7KWmmB2DH/Kqb2xRaOKJ1Q+aqjCIBB+ +LiRoNIZZI0LHB2wDmq1wjY/JhwNMJgVei1JUOPW9HnOpPQ6KCfXIoYyLjHpRPQqPYHv6S4J6 +1l3bqYw6FmRHw3c9i/PFGt+XNyB885RHo9QsrBu+Um1OF5Tvqh63adwod+2YlCQzMn6qu3cs +qoKjU7LpDSAoRKFjjwSty/wK5wfQze7yv5uyziG3Wx2xvoAOSC85OYoRVA8KMV9JuoJs84uZ +J1eDEJ1nby2aZZbjBjwNMrzjuVmsFZMs8de+dvZczQL9RlKv8WUnjNzceD3bsw8krvkJoSSS +WNLcxZUHBal/LtR7hSTpXbSMfqHRvXZQtF5lwGyrCjCQpQyHkRab8BL+rpl/zgq7p3Kuyooi +i4+0waPWeYEew7Cb5gXrS4o7r1IWvAITw21u3J9Re03dvK03BRSlkZlam/MSEUHAYQEfiGyD +S8Ld1gwOweKK0wdBsKvSs0W2d9X0amyDhUHrVmEYiQIiBBEBAgAMBQJQV+tzBYMHhh+AAAoJ +EAod8sZte+sU0p4QAIY6hPCeVrSJIk0zkZ4rU5lPd57bBVf2hWGu8NtQNinMkDbhXdwaBmHw +TfN0FQacGOmMPzPG76SfVNCvZVTY2EtFwr0V4UNw+1LofPd6nP9D6LhScBQ7T0fTMj10vuBB +nFereKIYia2xoYxj88zo4W+WpYiGnmiZx6j3k22AiY0PrjbaSu6WYE08pePq1PobZ1wFEMYM +QSjFZp9MAok/c9odHPaNY7DmWFD0MCkDj8CWHFrrk/JntZ1VXNjeTI00uBazyBeQFTXJ2r0n +OF4vqoKhMidyCIZ099YjhM+x2E0El7pOz6FAWLanApeLec59nTqpe9eT2/z4oTfjR2sN+UVS +5ZNk6SPSOXDz1DcZ4XXAm6XcSWd//QhHTU3GVGlA47k93WKRSEw/ioyHwusfATq482VV8Hb0 +fmkLXhBmDdRoObl5whYPE4XTR+1zUikWa3JPZakD5VsXDP4gEpTZ0codqXgn2Bt1pNl88h/8 +IxSjrUukXfKIKUpk88lfN718JgAw4KmB5UGWpSk8INTOT+OKPkordlsOm4SmFtopCX2y4Lpx +D1x2kAQRhCtAPdsQZAY1RUBStDwcmwItI/bWESQLuFXWv0wuKTJ+vVhmZBA5lDykf1MXR3fW +qUIonU6IiY5hQIcch3UcKCybArGOZTPEtV+UQft+KGpbcoIriLwEiQIiBBEBAgAMBQJSCQyn +BYMHhh+AAAoJEC+YSniPMQjQqicQAKbvAODL2sPhjuaUWdRRn5jv3VbUwOQg4SHLPk6XTiaG +vtYhi7fcBdZmBY8XS5eIKWASl2mGu9bEpaCQXvg6kInWhIYM2rD2ZUcWwn7lH9MISbzIMegG +tP7Ke6mYIsbkCLa2J2OqHSpccQRtX9JYLiBrF+xkOhJIcIvv6fprtSOqlltdQ6bX1BWLMtk1 +oKWvHoFAcZXzavRBa6YV4hnzi82G1AtgPchEeob1Abh29gDiYQTtkeOns7muepjNI0Zs95He +jCiarvNxBkVX6Upu1cJavNbhumzjEglk37gR5uxUtXEb4yA+A4lB9PKkwoKDAGJHybymBtpS +MXW59FQPEJ1SUVpxxzfW9O5qQ/bAuYkW0DHIingQp1/ETz2sTM4C5k7lEYOI0xnNdn6TN8GQ +GZHBrQuI89atZmBZgFRKg7/jf5x6fqeYMmb+X+N25VlDBsa7j5hVFRncq9KZZz74YG3Oxecu +c315YEEK7in1+o368LWwkSQpKRTOUsLa2Awp/06hDTq04q0ob3SjmfvqspBNyEoDL96liPlj +GkZyYKOU+1Z1Bhf4BT0CtVsNUInVJiFFpBg/qHvRbg8PBG6XDc/w/ig8BvkPEbrSX2HfW3uG +dBidC4vNkfowhsc0Xxcp8z4zvg2C+HPP1yprxtBvRPZHQTujXFhnBRQtg8xpvHiAiQIiBBIB +AgAMBQJSAUQwBYMHhh+AAAoJEKuf18Kl0I+rULUP/2UswTgsixXgFT0yj/51Lrg+xbrYK0IV ++zGN/Lbasv/1bVUNA21V1p3Wfw+8409ttrjfxD5GoQ9OItycbPbT/Hs7QxK+J1kE20ou3r7M +pmXOrhahXvCInI3JxRmCKeIkLl0URYkPQSoAQyi/dIlxbjF9CSeWoH3mJPEOkpOR71taERAO +aWW9c449Cqn5K8uMx/jxDqycKxno6216/XOmKeVidba1SoDzAIbGAKiHHODigN7zRIns+I7W +hv0Mb3hmDscY1jReN/82F/OgofjjEsXPno91P16h+S+o0nh58jeXdxOX/hBdG+RbuyYMjC9U +tFtuWo+O8f/tkhfExx058LaTvUbeTOfSFeXLf1B3H9keIN1pAGHQuQ0kxRd5pq8/SJy8xHG5 +VaV6+TT3HrR+KCj9QJx97/7aMz92hzjymZe+s5ueAl7l1eTMBfxMfxsk8NDMMQVmpTo9/vjc +kvw5iYYrlvE3gajex3+i+kHmJJYtdEvfEfw4bNqoGmbwx0GbP0QVJ5/gdpBPTrdsUKEd6vOn +k22ZZYe4vTv16l2z60za32edJAs7kuJnnDEvQkFWBBxIOHEzpOPiXWNSBkGjWk3uPlsG83o4 +w3JIntGCMUvdL9CqbrlSfc6jJHAPe83DHI1yQNcHQZ5voMXjaosNOe0q8Nc1LeN4zy6whbLY +2jp8iQIiBBIBAgAMBQJSCQlsBYMHhh+AAAoJEC+YSniPMQjQTgkP/jry0kSyPoeVjRy5fiwM +kfyfIZjzObKRdYRW9gz4AY81MVuUt0dRGhhgNoelhDbYSF8gU7rFuPsAw7pF3YTG4wRHXkju +V1eJuAoa9Pp9BO81FzllBmO3hTxoqLxhLHin0oDKUOXI6B6ZHDy774k+qyZ9QqePCRPkebcI +dj0k8u7BFhc2J2Ip7+FEwyFT/+4N3JeT1bPmIgQxy5vhpV5Hi0/PgUvVhjTvxr2NhvwuY54P +/Q1h0ZdgGmoDIjcL7vq5pJk02mpQJ6WoBuGHu9RygpWA5yyGVXMC98ayOCQRURXDTAPHYb0P +OMQJo9/OXyA3JFS8MCOeDDZ7Y5debj5rRtyRAoKRgghJV49CqmPJVe79/Np1YNExRB33M84I +qfVfD7tdgCLQ5zz676eHdvMeGPpA3ckGYZfAth5DRh5H17qHz5g8/I7PsjutSzzlPJQTu7Di +xeYj8uSy1bmFS3MuPab34sN6dBRjL32ExJgOMLTPcJAa/VkOsL/hkbNJ7YCT/n1JuKGFqT20 +g3EZVl5qnWIU8A0gXps1yep4PYDB0OzcH4D9krNMWjOvkfFlNU0Y7ZSDARdCeQ+XCRxETFFL +7Fs2oUBy4tOxePxo2tLz5nBaiMme1yI3RXQySIW5qllcNZvGmo6oQQm5shMZlUBONZV9PMw6 ++HbescrildzjrIYGiQIiBBMBAgAMBQJRfnm5BYMHhh+AAAoJEGfnL+uuo37w5TAP/jBRfn5C +w18YCSZGTZlBi6vd9ME/JknMj4yS29L0t4JNkY0byqkQ6TsQvHeHpHm311EhBopBvDCEDUsG +Xt0vdaxt3ug/quQUpeth/W550UcnT/arQ2nmfClnqd9qRKx4s160ouGwSMt/cpzRDogsM3to +q/QFkqaR1jOUjIc7ZtqQd5huABTF5GTjyuGScNsJKeUYXbXzNAwlKzaLKqrpDF2+HcUom8eV +D0IhEwYzdphKNSnZ8dQ2wevkeqx83cSsS5kOfAD4eSaXVUhl3jN8DqXR6wvt37xUbfL8M6xI +Df1Ii2JPdeMmW70bjxd975kyLEhkFtnzjy0Vv/kDFITzzdSTjLxoJuJGT7iS9jsxHck54FAw +pKA9pzSkL4GK5LZdjvnL06P7oiK97tV6BPFgf8VlGw1Twi/sERUKIPnJFtqZPXG5F8YwH4lV +aa7SIgo0eOmJTIkqWt8+6iOcHvAoXbj7X3EgUzTs68OZ++ZRi8hJY95NEDg0ruMeFZxAyFd8 +uiVRZJDvmi2ol7h9iGroeAmkTe17hkvEIFxgU8AHMeQiuIwhuSyxKZmefnSqVCYo5+bYQPXg +DED1WbtPMp9W8tnC1Gb4zj8CAAsBGVlnUvxNCN19dGDdmIc6AYPeABVVFGsJpJwsxR/+XZam +XVv2pL39ru3F/HPjIyBmep9Zs2SUiQIiBBMBAgAMBQJSFRGNBYMWkl6AAAoJEJGd1KmX6o+t +hBwP/2fAzB4ivvCQa7tx1KUXUa6ND14Y8Y4mxUhgOsfatYnBSR4WtKvmDnv8hqYoarAClTXj +7wK21qIURM655bqQ+wuQqR+cHNFUyc6HTYSpwUgsd8c5ZtGz+6aYazU0RwUHDJl6G1PlC3oP +KiCGbFCrUnw5Iz7MrUIPlge3XEFTRlDetEqD6mER2iIA+BBD0vDCNwz82oYAU+aTP5Yedunt +pvOGcLa7scqOtdh/NWRL54inpIG+9jaejod6ACZOVhHyb7QQ6kUM6wNAcRx3t2ronSa/PL7I +B1SmeynhcAolg4J5Yir7CeVGJa2VKDN7wc+x7E4rbN8xyURh+/q7RfnSH/Hr5aZOf5oCNDCE +8YVMlAYhBSM7oRUpazFHOFYGDd0h5+6+LV4gukpWuwcc0pV4ORh9jWAtB4cnd/RbCv31HfN/ +goXYb7qGVCszkTEHnFHqUMrAHp8A1UuDmTIdUMiW4SUgccMrP5BLqMcOEG5u1UWJZx92nYXn +9nQpsEfghhGaml7CJo0jwyzPkXDfwZhYYqnl2r6t5EpEX04uR8xQt1BV2ZXzcpQAlSQE+hzc +h8n2vRSDlfV25MkDERFF/R/aHYmRGtGn0Dd30nXuotBArEAUMdKy0eSqgpMYRjZ/VUUOwUuQ +G0GiIuxHRk31bDk8l/cDr4jAyN+fW/EGvmFujpLCiQI+BDABAgAoBQJM5ViCIR0AQ2FuIGNv +bXByb21pc2UgbXkgdHJ1c3QgbmV0d29yawAKCRDWYVmagKlsSCJQEACEhvkHK3twMheSkB6e +3IYmyazNU905bojYBuaz8Dis0mifWMepLV+U8DbcwXjQVclPM6NiDivZrYnqTLk6LGBUv7am +b0QQCB+K8+AO8BczGfLFzE0xLk/xwwHssg0vl8YpRYVQfhDvATmkGZBBsye+pfpsFGP2Ozip +9zhCrMQ6EcUtw4Ek8MM5wTGtBhCyi0NWhrP2/IkjCS1wOgFc482BKF7hgX9YEaynsnLlGeL5 +xLWSce5dyPfoU+I1KzOiBx+J2K3JYPBTYqeh9KV3/5gy7VBYGRXbCg/U5cTlWs8+LOizty25 +0QQbNs6XTpCmRApxA/238B4Gi4TPOpvhxGJF6mCsQs6HqN1spF/9riDEFDD8kBm+1jToIfLk +ErdfeYRv2PfNFZY3bbGOSTo362rwGrLk4t4zUiFccrjnJpRdc0eoZ20VXqIWV31w0i/jJ6L9 +ggiGr8r5VR/pjKRDOCGgCQv/GMFzA+C/rnO2Z8tv5Tczkus9YQTh8x3psbL++oW5dNkNmeMA +fwg024H4oxqHy12o6ITzGHh/QAXu83Jt8KPbWKm2AKewXOWeJ1bENqVDveiYq71LEDGo7qQQ +Sz0R8P7qhIaO/OeGDgOmkcwt/5Akkg9OwaDvLR24Q+g7MK7moM/MbffaVFObXBhAEXKD7TBd +Up584MoBPNCTSemalokCSwQRAQIANQUCR1ATWy4aaHR0cDovL3d3dy52bGFkbWlsbGVyLmlu +Zm8vc2VydmljZXMvY2VydC5odG1sAAoJEPrrJveEQ2IKXpoP/3ntYoRqdDoq2kFwzMstrmgy +3hW0eq7bVnI7tHlJWY5QwzaixpqFIoTC1D4fJg6/JxaIocU+5WmkRuIixfyZHSo+kicQ4oMW +TdGRawPam9QxjR+K3WhFh4r8jjoTuIiPakx8L/jBwGnsEAV7al+KWF2HAXl9swENORI360Fm +zDyxnaWz3Iv0y8KcDh1MWoGnh1Ai/mmEMShGYxSg0mL1yEE/sVBX1eJnc1b7c77w1Ssj+Yp2 +fXzr++WE4c2q+lqb2/3Dq/Rume5U+QHoc4u6hlZn83Iiewe44IEE1B4zvFZrcxcLQXTPeCx5 +JL9vfdxDXFFPeWH53OS4piIJUP8YyVW3EGBoDnVikdNuSVhJaEyeNviWWzgB3M8jS4dgCKd8 +bDXWnpilzCD8ttzrONNPayBr604PqUrd283Mjba9HaYoL7vGRs6tPRvY5wVspAu7+kuMV9Ld +Dc+gsapJanTPN207XRrqOoxtscynFKrZluDY7eEl759W4POJk9rdbWhnb4djdqar5vop/oo4 +vlJGtpCD9DGPwmCWFaQ1lk/03gj1RiXnfzsHsNsHMs140Gzpb4LPugvvHmuju2OEYH92P2ty +1+6+BS1oSVZwN0WMKNIhelwykmvw6EFStbcXBJYpeDCqasVgLACuvunw3ulQvTy4rXP0n6Zx +wBXYSVQ72llBiQQVAwUQSBG9HPypQOKlasYRAQFvtx/+MGVOYhyvHDdMBrJZUNcwTu3ZZ8on +vt+3d0S7nfGdozbx5Vq/4Q71RyCYuzVd/w+dryqczWEhctX/ix1lfxG4pB0CsGwh4IvL8UI7 +N8m2TYzG/ExcZ2rW3bavT5Aysv2ZRPl2qOREmJSu15uCt1s0TZ99Oeo4MJmTKzV1uppoy15k +mj5V1KJxvTqpMNFTLYDu76bR403b5uCiiXHrh1IImRsQxhwilY0ULS1WCDsWLsT/JHqS5GQM +WTiPd79A2zvPbBGCH6iUv6+ByqbApvNUt5Kpi0WrJYJr+0od0Wa4EFHQu6qcz1qH3kLEpoAm +9ikKNFpsUtVK1lk7JXSvM1YNtY2fe7mbjgRPC6/QeWDk86LdgDNKUZ4X4UUpH/vxN08Gj+QK +jyTH1foMQlflS1CHUFPeT8RnRLxLkAW7DRyp4fHnBwkQ+E+1iHQfef/h6q5zWoT8g/HEf512 +Ogm4+I3XM8Yxj2hEIM3vAA1+Iouy02+B5Q03As+UNQDgzifIpOJmhXFgvjA/3SFJ4g8uolVM +j9CMYlvLWWZs9oRhiZUcKgtaqlCAhJ27ap22BbJTQMfhsxokyXA2nBi83lP7Ub3fFj/BlsIG +a3FOH+SAO30OsImmWx4fzIXaJk+8rMskxS3VAbBcs86dF43KnkzF8VnPKzPRRJSNUddRxxmK +zTaPb/1X0Oc+XhYUhwyaQw1haliPCxN9S5FTT7+xnb0fYWwI55t5OrCXzho55kX90WurCyW0 +rhgzy9F851lU1i37Nu0pyCmfIh7qvVD8V/1nqphkhUut7GG2KCw0kgW2LSUm/I6NC/nKJcSU +qonNRI2oIya6sam6xMzv4jc6sHugbGU7o7T1O79Dn91pDfoTGPqUHMYUZZlYSs4v86lyUhQr +GD7Wvj9V9cZqTNqWgTsaIKTAuUxlQRNuGt0o4llJNRJalqqrs6WBus9evABKSXQ30wtEahj6 +V8PTziPDebBmtaE5UVD5U2NTHeJl/TCcPWXVwDi8o+WPbr/6vBS2VSBN5fI9gYEeseinQgbl +tftc+okfQL4Nv1/SyrwHsrrezewpYWJsU5rC/pGU9upmlSdpVEUCoJcMfJCvjOcl1SIxR4O/ +m+OXwPL+KnFJ2o43c3yhJk5eTng13DezGd6GwXpA7ghw1JZdk+fSrDw/O8cCNEQHtNg5kJ9v +2t+BkAHuW7FaXNrNicvzMjuiXLPBGyrr9whr2GS5KILuaXnHOx9BwdsPDefjaCmjg/JwcM5z +MZulS0qsSiwfxUH11laSq8t2phBcr5b8lEEOYtZnuqwLoZGjqUuFop4kw6HWHKqAdU9IbTgD +TrQJ+hDApeDe1c2zby5OsjJBFWcbYd+7aqdIBkOL6okEFQMFEEgRvRz8qUDipWrGEQEBb7cf +/jBlTmIcrxw3TAayWVDXME7t2WfKJ77ft3dEu53xnaM28eVav+EO9UcgmLs1Xf8Pna8qnM1h +IXLV/4sdZX8RuKQdArBsIeCLy/FCOzfJtk2MxvxMXGdq1t22r0+QMrL9mUT5dqjkRJiUrteb +grdbNE2ffTnqODCZkys1dbqaaMteZJo+VdSicb06qTDRUy2A7u+m0eNN2+bgoolx64dSCJkb +EMYcIpWNFC0tVgg7Fi7E/yR6kuRkDFk4j3e/QNs7z2wRgh+olL+vgcqmwKbzVLeSqYtFqyWC +a/tKHdFmuBBR0LuqnM9ah95CxKaAJvYpCjRabFLVStZZOyV0rzNWDbWNn3u5m44ETwuv0Hlg +5POi3YAzSlGeF+FFKR/78TdPBo/kCo8kx9X6DEJX5UtQh1BT3k/EZ0S8S5AFuw0cqeHx5wcJ +EPhPtYh0H3n/4equc1qE/IPxxH+ddjoJuPiN1zPGMY9oRCDN7wANfiKLstNvgeUNNwLPlDUA +4M4nyKTiZoVxYL4wP90hSeIPLqJVTI/QjGJby1lmbPaEYYmVHCoLWqpQgISdu2qdtgWyU0DH +4bMaJMlwNpwYvN5T+1G93xY/wZbCBmtxTh/kgDt9DrCJplseH8yF2iZPvKzLJMUt1QGwXLPO +nReNyp5MxfFZzysz0USUjVHXUccZis02j2/9V9DnPl4WFIcMmkMNYWpYjwsTfUuRU0+/sZ29 +H2FsCOebeTqwl84aOeZF/dFrqwsltK4YM8vRfOdZVNYt+zbtKcgpnyIe6r1Q/Ff9Z6qYZIVL +rexhtigsNJIFti0lJvyOjQv5yiXElKqJzUSNqCMmurGpusTM7+I3OrB7oGxlO6O09Tu/Q5/d +aQ36Exj6lBzGFGWZWErOL/OpclIUKxg+1r4/VfXGakzaloE7GiCkwLlMZUETbhrdKOJZSTUS +Wpaqq7OlgbrPXrwASkl0N9MLRGoY+lfD084jw3mwZrWhOVFQ+VNjUx3iZf0wnD1l1cA4vKPl +j26/+rwUtlUgTeXyPYGBHrHop0IG5bX7XPqJH0C+Db9f0sq8B7K63s3sKWFibFOawv6RlPbq +ZpUnaVRFAqCXDHyQr4znJdUiMUeDv5vjl8Dy/ipxSdqON3N8oSZOXk54Ndw3sxnehsF6QO4I +cNSWXZPn0qw8PzvHAjREB7TYOZCfb9rfgZAB7luxWlzazYnL8zI7olyzwRsq6/cIa9hkuSiC +7ml5xzsfQcHbDw3n42gpo4PycHDOczGbpYjCvKnSzwo9LKZb2EdypDRKrUotD/2QRAMn/TdZ +0pbbo6lLhaKeJMOh1hyqgHVPSG04A060CfoQwKXg3tXNs28uTrIyQRVnG2Hfu2qnSAZDi+qJ +BhwEEwEIAAYFAk72OPsACgkQJJv37rGBfaDZwy//QKHvOSJ3SHA3mKypEXPsneubsgYNFXkY +cVCNvs0NbopvwBRaWDW7NulRgD0YFuvvxFHudeiChns1QjMs9NoXFdCaJWzQ9FpvA1bILUPE +4GmRp1C5oKLYQaoLpK73pHybD/TksIj9DV1WSzzmdOCyXFgqB/f4QtfqNCvHrmmRqIiSr77X +/onO6gBZv8QIz/s/48goWZco3bntGIJJJZIQN0yt+VRk4WonaIirPlQqXez+hjmr+OOjZqum +ux5QSzp1t2jcDyDUM/y/+LT7ZI4HK79nXFOFoWqlFG3m7XeaHpwALdaiH6Mcsk5scnKsezyH +WHV/DGhpiNWC7XmegwYD/QjXvWE9pk6UihSOdvTTHPa1LxRwu38Nm6d9CHPm/NwzUG0ZSvHB +HOwV3/gf6whzbXgdcwsV5DrkV47SvvHsPFKnMjRuGT0YP+oRYhbmq4gqNDbfEWnHXAsMqOd3 +3xyMHw/H8L+kryRwHI7piG47+ftNvsgXxBVTAVTCV3/xi1tCuIjHF0gWXmzJrIjHSzjilgei +LxSXaIzF0u8lYYBtrdk+bVbcouCUSFXvjs6z2xAU0wR5cke2FXhemuhis9T3tjBIoaTO6FQ/ +6h30R2AtEzqC9PIy3x4bpAMzLwTfYeDUNqdAgzs/mrjleTgmBZA+OWZH6Xguze625dReLH7z +k3C8jbRcBYdsktvakLdXj7BBvoZ7EdHT22UEMvfL/tYvwtgqUpG3XoOivf92KNL8xdMvDmeP +IHSsH8YS4SdXiIrpZWHMDeoblc0gmUNZ7zC5S9MVPPwWZtGcxqT6ajdg7eMkHBRpRjfQb00O +dsvol93jsXIDINCHwHarAkZ0SOQLs0lyGMPZ/hBdwsbkwNtLH8TQQprYcuFS9RJ4tClfGe3h +rQV1K7baCs7vZbiCS/zx82JXpdGm6dTd+cbPYXcgx5ZPMee1yROL/xfXSg57Dsy38deCxO5f +GY68KgUNmz9T9Dsv6CH43kZ5wf6fWXYFw5oXcfvsq/oEyjw3Bvfff1v6itbiNvjV6dVC8Ns3 +/9mT9L60YFdt0i3qj75VvpN0DAVNNhfbhMR/3lELtEkzzvx7ouxOcei2AUFiaPlgTpwoY6bw +oikcg/w6i9SlTK9GTJCfygrDDsws3ibvc43mwgsHQFKCJvJMNqDrykQ6t0n6IO+QUABRH8my +tw1M0X6Uz+bW+ph7Jmxcu34QqejgqYQOpaeGzL0+TLzO+2mSeWxBxYyob0/WpWl0Bz0fKEhc +QI1861PHOv1hlypr+nukzVGQ9jgYyc27dUbPOewXU7DW7qQARijK++fLet3ehuB79P3zanMq +Sy0cp5mhlu/3vZ/Xr+sKmesRCpt8zb2Qm3O5vcPt/3LnT7IGl4vveNGy6bJPf+Ds6NzJyEB4 +v6a7XuyrI+4M7WnH/yKb/Pe2n+Jv6sW3Js0iY+RR/bgvtLdaGTinhL8szyAJnOBjWc8DSuwD +mBrdILdoGrHh4IjbaR12XW+pK4aVGnBl1aoVBw5y6Vd6lidgFXJZeH+izx0TsvJmlr4t7Ju7 +GzFkukMoyDnTcXuPz2meAY+7lka0pyuUNHsBXyvnChQYqcEvNlvaK8Q8szdK4CzTlxq/CBLA +7sPGMt9WcKM01ubMvWwrbE2v5gUtWNDLeBLSvu+CGkz8WIPcDEo6taYkhCvyTt/r08NCCz3B +uPPVxBUz1orfW70OcGD49D5g+ejby9jFNVeTFpHKW8qNpmjoKe7tA9dFssfumg0Eoee2PNoD +aIE5QLuhcFc9DsOC7F4UxB2ZenR/6OjIKvO385G77q1MTBKy8wc4NYuuoSTGlCx/3vsqI23n +wbbNWcJDqfBCz6xdcsaB+Qj7kQ94yG2W4PzWlxqjGcjv+8sFTjTSegeIDrWya2v9e6pYc1NG +Us4pTd26p3wmWYkPhxT8hI68H3/MrP2Yufv0/20p1232l7SzbKtbdxMJyiehHPgMlKorL6pv +28JpYZyW9onG/W58RGRQ9TPaA/pTv+S0n169zk57aYXhu7ZKfgPZUc6lgJcVxp/mLQwnWKgk +iQgcBBABAgAGBQJDopdoAAoJEIDsrKa/hAOezKE//1iWWvvtRvWD7ZWFDbROT/4qdWNcgmpN +pSTONeKz275UDQtHyaACOZprOf4Mf+CzTBPSSA0pGSdwG0Vkd+1OWhp6+8La2N4whU5dkZ21 +x4SrRq/maO6aL6XnwktC6kzJZYYnM5Q49wyBaGPk/V52PhgEPvg9WR/3jeLJ+xOHnBRpLY6p +SWyQljbsGVag71G/5KXLXCHQSbJIptHbEGyFzrt4IT+0HDXSKHXn1Bg6kyRnSBaMDnFT/Ykt +SMsctzgsO3ieapL6/3Pg1AOexcJ85I7XlH2i+C+0YyZMUPLqZZ+CQvXqy+a6IF4y9br/8/AR +nVFRhCPWAmjrwR+MFT/42dkeUhbshYI0RoUnckYOhJF7UG95oSbQsqkVGFbB5B2du1+71c4e +dmkUIzLnq3NAb+fNwF35yLjIB7u/yV36vN9F+cQGMKELlFRoPMbhlFI8L5ynoW3ZxT3E6nGK +7IbF/H98tsY+HHhEutoPkeM/GEWR6GEJPmUI+EqX6wkNX74rkymRVSqssy75MpLEB9EClh2d +MosR2v4njzxh+qBnvj6XZBkQu0BQNDcPIyGyxhzlO60vzN+0TmzWq6KzkuXlvV5hKi3MS5Oe +aHzgW3pkWCaY/kJ7aHEb9y9d+wJAabK7gnmLtclizS3Prg2c4nMzM9eZGOyaAS89w3QGUHNb +CuuY3cMdmsVB2PEtlKmz6DsxsKlpXYNOpipsDFsAZ/1jyhmO+XiDZrvdUPpQwOcXwJd3Gj36 +CSI4RZEnKursj5H6NKe9ntxUU3b3LkBAtMDuMX5yAXqLDMmN89soxor8CVfWXGw5w4dLUV8h +Gl+JF4LHR1Mb5Oa8cge23QASr64DHtUn+4ESX22RxRz8XUgUWdZHwuCzT91HdqcOdb2Osh5K +7mP4QE46vpvVoiVkxzoRFZpeh1qbI8sLQ8mwAnMzgpAqYdUQ3eeLUzIK6j9TVAfIzgyjvR0J +yNPHlL1ibeoIciyIdddSWd58yM9orgyuyXJRTt7C1R9793CtM1Q2B69VDWGzIA0eAvnQBTax +EimhL0xmduKfQ6HZ3gV8gBdGhfJgCquRvqGAFeQVoF9YDF7QAukyq2iZRhT51KIf4FKvQDtT +Gu1XEOnkb8H3xSFHG63lyHBa5U10yHfpj9xHmvVc89Ttim+nefVDCaeEdvcyPFwQTFGUQMgV +fi9tYWsiCrsKSa3dnP0XGaXKnFWg9ciQgfnLBPc38aqWoKmGlnugwVvqt6wM+l8bdODo/QUT +ervJ//QQNDwfNij8R+NTGf5fsth8ghfQnM3QBhslJld5Z02TW3+qxH77pr5wPknAUdtS2tCb +d7hGmVsUgjYw3CCBwAUKiN+id9v73mLzTCXko1lI8ZGS+ikAbmLFFVxLAP/yu5G69o/X9vPz +mPa+6YuuGa+wsO+gE/WGmV5JOvjOyHV6pWTbLOYw22610XP/YWlOAzE1QaloM4gVbC+fZV/Y +t+KvwMpoRTbYMQXwPn6wgMg6xD7g3DwGZvdZKq1TELzM6vqEVSb4igxeYszU2lmLAfsRbcjs +fH0ykEEzAK+vTP6KOMRuoSR4TsththCX7kDDhb1rTj0c4kKqWrssig0Oi4XD462YK5VlG8kg +VZoiYEJ/kcR1fsUrOPuylS4LkwAoplTwujJMzQRG/M/ieRXjxl+7BnYvZhhAkK73Y/uetqz0 +Z0HXAckt08JWqnlK6v0jO/7XWjqqIbcOIHbjhNJkWlzTUy0ZHIZmP77wPRjv0tgmT6q3vmuV +FKXFN43xFeAlZEupcVtioRRV42YXH9KdGhXpsgtEz2QLH7WkzmzEI/wbjwUfVf1TFv2UAEkw +m+NUnafGipdYECI6YuqQKi1+xw1MJJMSTo+ffgvJCEDfGy0gpYFYvZY2W9grcR3QMPa7r963 +DzFxZbLZTJ8BKpsXLnObI8K52A2SW7/IxBeJcM6pJ+ZJplCiQ/q+6bu9c6nJoWRaJt8V1x2k +mxMeCWkwIIZproLNB9Z8zoZK0R+lkKArxHNw0V6NojeFWxNE6cNizRN/KezhyzrDqOoPCiCQ +TZ/r8HFv87OMZcteYOtGuSvdoUMATCV+r2xarNTpvz6Nrk7t7QvGXWhGw72nctEV5O5P8pc3 +Dl2+KmJXvGhDzeHwo4FiqafaLOs3nmDeNEVMGerq9JNDlfPEQWoksICVgtq6ypPveL9ZPlN1 +RnvqmKwk1kzaWgmDPN/nGmGe710So3Dd+DdFhwiwsB68lgB/+E21YB1K43LIkqEsz7A5p7Tm +tpO9zAgu/lyJ7BXYnNmf7QCinzuVSCVunE7I3c2i5NLbJ4JMoekunoTxjRcw9nlaLhaXD7SA +YXg8Z55nL1ih3FXzAlPZbw72eBW6EqV6IlRiWIOUCuubiQgFB8jtL6w6nV3JQdIi8B5YjT1+ +CipBrsQKzU69tQsbXp5ssmv/3L8xQkqG1fbIQ+nAOQs46XPDj5aQU5E+X043mTUcYoJIBZ+m +jC8WpdI8xDNihglNCfPg2Z9t0+ww46w1DfGYLyI+84L9fKtR8iv+m4f5Y8zQLzY8F5NHtD4i +VrbK2RTaNQABi3Ikktaa53oMDBmgcOBh9L57kMb0M1sKb6JUR7MckFwVTiKl7dNksxA5z5BM +IzU1CTSTXGlUT/Sh8Sq/v0iXRtKQl8Rw7YeFT/rO8/3A0A4k0Gc0+ZKnZ7oDybnEVb5MyqBn +zjB7rSiJy28U5j6n3uEJnnV+9p/2FCyttAIIiQgcBBABAgAGBQJDopdoAAoJEIDsrKa/hAOe +zKE//1iWWvvtRvWD7ZWFDbROT/4qdWNcgmpNpSTONeKz275UDQtHyaACOZprOf4Mf+CzTBPS +SA0pGSdwG0Vkd+1OWhp6+8La2N4whU5dkZ21x4SrRq/maO6aL6XnwktC6kzJZYYnM5Q49wyB +aGPk/V52PhgEPvg9WR/3jeLJ+xOHnBRpLY6pSWyQljbsGVag71G/5KXLXCHQSbJIptHbEGyF +zrt4IT+0HDXSKHXn1Bg6kyRnSBaMDnFT/YktSMsctzgsO3ieapL6/3Pg1AOexcJ85I7XlH2i ++C+0YyZMUPLqZZ+CQvXqy+a6IF4y9br/8/ARnVFRhCPWAmjrwR+MFT/42dkeUhbshYI0RoUn +ckYOhJF7UG95oSbQsqkVGFbB5B2du1+71c4edmkUIzLnq3NAb+fNwF35yLjIB7u/yV36vN9F ++cQGMKELlFRoPMbhlFI8L5ynoW3ZxT3E6nGK7IbF/H98tsY+HHhEutoPkeM/GEWR6GEJPmUI ++EqX6wkNX74rkymRVSqssy75MpLEB9EClh2dMosR2v4njzxh+qBnvj6XZBkQu0BQNDcPIyGy +xhzlO60vzN+0TmzWq6KzkuXlvV5hKi3MS5OeaHzgW3pkWCaY/kJ7aHEb9y9d+wJAabK7gnmL +tclizS3Prg2c4nMzM9eZGOyaAS89w3QGUHNbCuuY3cMdmsVB2PEtlKmz6DsxsKlpXYNOpips +DFsAZ/1jyhmO+XiDZrvdUPpQwOcXwJd3Gj36CSI4RZEnKursj5H6NKe9ntxUU3b3LkBAtMDu +MX5yAXqLDMmN89soxor8CVfWXGw5w4dLUV8hGl+JF4LHR1Mb5Oa8cge23QASr64DHtUn+4ES +X22RxRz8XUgUWdZHwuCzT91HdqcOdb2Osh5K7mP4QE46vpvVoiVkxzoRFZpeh1qbI8sLQ8mw +AnMzgpAqYdUQ3eeLUzIK6j9TVAfIzgyjvR0JyNPHlL1ibeoIciyIdddSWd58yM9orgyuyXJR +Tt7C1R9793CtM1Q2B69VDWGzIA0eAvnQBTaxEimhL0xmduKfQ6HZ3gV8gBdGhfJgCquRvqGA +FeQVoF9YDF7QAukyq2iZRhT51KIf4FKvQDtTGu1XEOnkb8H3xSFHG63lyHBa5U10yHfpj9xH +mvVc89Ttim+nefVDCaeEdvcyPFwQTFGUQMgVfi9tYWsiCrsKSa3dnP0XGaXKnFWg9ciQgfnL +BPc38aqWoKmGlnugwVvqt6wM+l8bdODo/QUTervJ//QQNDwfNij8R+NTGf5fsth8ghfQnM3Q +BhslJld5Z02TW3+qxH77pr5wPknAUdtS2tCbd7hGmVsUgjYw3CCBwAUKiN+id9v73mLzTCXk +o1lI8ZGS+ikAbmLFFVxLAP/yu5G69o/X9vPzmPa+6YuuGa+wsO+gE/WGmV5JOvjOyHV6pWTb +LOYw22610XP/YWlOAzE1QaloM4gVbC+fZV/Yt+KvwMpoRTbYMQXwPn6wgMg6xD7g3DwGZvdZ +Kq1TELzM6vqEVSb4igxeYszU2lmLAfsRbcjsfH0ykEEzAK+vTP6KOMRuoSR4TsththCX7kDD +hb1rTj0c4kKqWrssig0Oi4XD462YK5VlG8kgVZoiYEJ/kcR1fsUrOPuylS4LkwAoplTwujJM +zQRG/M/ieRXjxl+7BnYvZhhAkK73Y/uetqz0Z0HXAckt08JWqnlK6v0jO/7XWjqqIbcOIHbj +hNJkWlzTUy0ZHIZmP77wPRjv0tgmT6q3vmuVFKXFN43xFeAlZEupcVtioRRV42YXH9KdGhXp +sgtEz2QLH7WkzmzEI/wbjwUfVf1TFv2UAEkwm+NUnafGipdYECI6YuqQKi1+xw1MJJMSTo+f +fgvJCEDfGy0gpYFYvZY2W9grcR3QMPa7r963DzFxZbLZTJ8BKpsXLnObI8K52A2SW7/IxBeJ +cM6pJ+ZJplCiQ/q+6bu9c6nJoWRaJt8V1x2kmxMeCWkwIIZproLNB9Z8zoZK0R+lkKArxHNw +0V6NojeFWxNE6cNizRN/KezhyzrDqOoPCiCQTZ/r8HFv87OMZcteYOtGuSvdoUMATCV+r2xa +rNTpvz6Nrk7t7QvGXWhGw72nctEV5O5P8pc3Dl2+KmJXvGhDzeHwo4FiqafaLOs3nmDeNEVM +Gerq9JNDlfPEQWoksICVgtq6ypPveL9ZPlN1RnvqmKwk1kzaWgmDPN/nGmGe710So3Dd+DdF +hwiwsB68lgB/+E21YB1K43LIkqEsz7A5p7TmtpO9zAgu/lyJ7BXYnNmf7QCinzuVSCVunE7I +3c2i5NLbJ4JMoekunoTxjRcw9nlaLhaXD7SAYXg8Z55nL1ih3FXzAlPZbw72eBW6EqV6IlRi +WIOUCuubiQgFB8jtL6w6nV3JQdIi8B5YjT1+CipBrsQKzU69tQsbXp5ssmv/3L8xQkqG1fbI +Q+nAOQs46XPDj5aQU5E+X043mTUcYoJIBZ+mjC8WpdI8xDNihglNCfPg2Z9t0+ww46w1DfGY +LyI+84L9fKtR8iv+m4f5Y8zQLzY8F5NHtD4iVrbK2RTaNQABi3Ikktaa53oMDBmgcOBh9L57 +kMb0M1sKb6JUR7MckFwVTiKl7dNksxA5z5BMIzU1CTSTXGlUT/Sh8Sq/v0iXRtKQl8Rw7YeF +T/rO8/3A0A4k0Gc0+ZKnZ7oDybnEVb5MyqBnzjB7rSiJy28U5j6n3uEJnnV+9p/2FCyttH6h +iQgcBBABAgAGBQJKxQGAAAoJEHxJLFtJE2LxBb8//2VWv1NylAr3ldMB5A8sg83ybY/3IAVg +Gaf5e+Uu1taGmzwkNMY9d+v4ztar/H4GiMTcO2mlfxAEgamURUaSu+6P90ZaifFH6lXgqjOW +Wa0/IUDzSVfeCS1EAl1Dt6NJ4fllLf+oeOWjLoEUQYZPNmCCbo9GxaASOddR9X9MSLqe6nun +OsE31jPWBD3WmcGzzNvhXhBUXmTTl+cZlOlBd7/i5wT1zNWeA2v5khVGF115DMrBRA98SXEn +S1yWmd2UsM1K/qLGTbfstOQ8Z5OGA0N9PUW8XukuciqkJvAkv4Gf2cyPhY+20RMrQnFptCf5 +t6w2x65XVvGKUHCBOxmEr876c2PFLW860mJNztOVmHPgizavdam2sLWQEWF72Mr1sOoGoTyu +uAI7BwBApfg1Oobr3j95CT67u9B0B4xM44I75s5rGZUHf3oojwjtOKr/b+yl3omyU0NQF2h2 +lw8U2TWN1AHzWiLe9tjY1wjH7MpGX6WJliJRvNAbEwcxsO/3d898mcDQb4z62WFvXoQWAgMn +wRglZzxt3SuMp41w+DE6cYpAIGOuLlsWyCcEp1JJU2B49zffQ+0/kWxdBzF7IOvl0jD/x/jo +dWhQShWsYQFCF+UOSQhqYkIcJutEqKsBAGqxQEGIhWa8lWWVxvi3AVFIEL18K3LSeU2EewGd +YP61VgydtZ+UZJvuPI9vsjssDCM2yOoU2b+QZ8uxD1lr2ZDUIYhHA40C88Fg3TjbJXdFrHg2 +Ou7SbD/fM4ATQItb39FwmKFQuMLgJQWYVQ3A65cA3fcRCJnHGhM9vJFPo1+qF++14yXwzOEI +vNevQKBv63gMFok/BaqVHHl6QQ9OlBu20HiD0tWVd7h8hJDXX6BCKtKng1h7iVbrnQFapk7i +5Q7MybNEPMu/RgoEJlpXFnBonFutHfYL1H5lG+LIAmQD+NV665EKJBEibFZ3PueEy7l3txaq +0EHgGnU0lRQfuXj80lxkn6XR5mjgrBVBnVdoDyDNrkrQwKwjw3CakJmo3XSt+7rDtHYcnXMU +1+WsqD1+tK+bMD/ttlVqPBhM6SDNVcRZvpH0ZOaUCx2o1J9YChfOid/dsP4ZF4ss5DdLXRoy +AMlsWXXXJA+g814wmXKaiU6fDE/XBCR6MYO98xMBD2VKriAwn+Uew1eGq8KiJozqmkH0Ul7c +wvtQpdOueRB6QVEtXC1iAL69OuwTzQx2vFgpji5wYoSa/tAjlum8iZLxND4N4UB45BXSSBUW +YR6uARJAFbpBkhJClItQZTHqZezDGU6ch0ILdyWU3KsCuX7yl4uQnsatPl3/iuNv4x2KkemR +rabckb5IYdTpO3JO0QQ+jMLQbPItxEGN0sjlKRWKKCoPIJealPvvII/6AyIj3Y+43o+6ER8A +qbpAGP0kmhCgkQ8bX6cx5Z77TVIQ8mj/37iQew2NSNdd4fIIfNSvuU7u4ykLsSkK4fhRklqy +9WFf+gpSHb/EH7mDXZsUeWCl6OHvQjX6EZJG2fynVs3WhpAYMK/5i58yu5oKve+eIWKBI/FB +Affexh6TLTH43q/GAy5HUaLAt01dKC514DJTufWxKCmSNE+3a7t/aMWUTiKgX0usiUkPmZMO +o3HPKbJYD6WyfQ9nK5mz7G1VazLRsEe/eV0hKbo1iJ4MKHFLWHRoY7ZAnmJM/VAwg8KwxYnv +d+I6iRnYX5JULJCjPF+LhdZDuEquNXb6IR8pv99w51VXb9QJo1h9hnI11BULTDzPC7MxJL4i +Z41fxr4xsqlvrqRD4ZNPPgZ/uJYdvSgtUaMoh9FoCWbE/XIMbk8CyvtYGYBt/Bv0SfgjFjkZ +oLQFvcce+3xFB4bzWiujuJtZmIyWcICWHgW0VMN0+HISS4SUBS0wJsPwzWkn1BucBDngX9e6 +Rpq5sBRvOUe+jLw4V3wPZJSfhGSuzmR9sEEgAA7mNDCmne77c08OZYAPemfATDL2LtGzHH54 +vRlhv+JbYM8sgvd8Dx58ea2MC5tKJt1v9N8xE1Rw5mcMNGVOFiSfdjaLXHp27CL3c14HOIyS +vJ7uHG9kvCsoDJ05uah3CegD22I1MSq2RUnhNbTlg82HqMpIxwLpnXlZIM3G27ZUT4yOKD8B +WQmBiAct+gFCWhacpDpi9Fw43WDPR/wlA257fSyhZR2KAy0TeQDHLJrG6tgzaHeIsvv7VvIL +d6B9j/30X4+Wdt/JacuY/DItEivnFObuArScYLs9ijQXwxMl6rRZuGTRU5tAyyoZ4AaS9g6F ++5OwBd0qGFUSGqXtwiy8elR9KCbVnBffrThpJxuaBOLdG+pc7068+OS78OV48Sl9Cz/WzcHW +iSyXL8j4s/1nuZcq5rOC11giDHpfvVmXW2GDRW+/GjTE000BOgRZmhd/Dgvk24gSETnFTx02 +XuQs5B3oWohJ3E/TQTS9bCsi2ZEFve2pZXamkYltNI/yHQlC/jUo9+sU8Y2VSu+oj8wtdUxe +1mwSol6gC7biV8nlgjUzQQ7uPKjCnqv/fHwgvCOrhD2sTosM4Uy2fJVg/DT1ETHCqFDrCOmt +8/XXZJvfst1G0CfyJ+uwqTJLukdDp0KRN9XIG9B9yRja6LPYmNZVXUsBTLdDqE2AkKwlAyvR +3gyOc1jBHZgFU9W0Yo6XLx4xlDh7jiyR+pAfQ8e+OQbvdru969xGQEfn02BZ/iHR0DU4ICmY +CIVGYTdhJ+zIHuDDWRJUfyeVw9zTAT5mHWNbtClETlIgS1MxIDxkby1ub3QtcmVwbHlAa2V5 +c2VydmVyMS5wZ3AuY29tPohGBBARAgAGBQJJocY+AAoJEGB2BRxmibORVy4AoI8xjV1XW/9U +NJG98eGIWDN8s1VGAJwNMZMNg1RP9Z7zQjOPL/9nKqR54YhGBBARAgAGBQJJvmPFAAoJEIkn +m8K8kCMMAUwAoLwcawmxf9Z711JkrAAfWNp3b/4OAJ9JkZ7bnT3NH6NotOzYhIYZ31yZV4hG +BBARAgAGBQJJwlwDAAoJENmUvj+LKpXWaDAAoLt4UyryPJJRB/V4GAuvojzSbCucAKCHQWeo +kBbvk6B3Wy3Q9xvcMPuNCIhGBBARAgAGBQJJyt7pAAoJEG4qr6kSgP01La8AnRLKEhQNMFLV +XmtkEmUtQ2sb2sXlAKCRLX4S0+kzdJj8GXJEtQg+PF/EjIhGBBARAgAGBQJJzRyfAAoJEIyD +l6uEkfbvTccAnjINFxPwwr9RsrPwY9hK7j9myZuqAJwLSv8Rj8WhUgEl56hdTXA+faHCSYhG +BBARAgAGBQJJ33A6AAoJEIk8dGq+K6BkP9wAoJmS/5UuE5mjWWD/9UUg2N3JPJKCAJ4m0stJ +P+YpxHBHQhrpr2msM5z1X4hGBBARAgAGBQJJ33PbAAoJEIk8dGq+K6Bk6RAAnicWvo/YrDCp +1LQsg/xkQ5rN2s9uAKCPeHSTmdkETPnH1/JTm47f5ZdZdohGBBARAgAGBQJJ4dpkAAoJEFKa +sqcDbZOXFG8An2aGpAT7naGrQepAOJ8lEDvx/N5pAJ4zspmDLdcCfjnUMgyslW6Hw4QSPYhG +BBARAgAGBQJJ/ykgAAoJEIXAEW+63/HaED8An3JgZZ0mjS17z/2yFxS9vQBqJ+XbAJ9q2+Wu +Ernkv88vfxXnrTNbN0LspYhGBBARAgAGBQJKAv3WAAoJEJmtyuw88j8ymMwAoNP2Tws2cbwd +EzfmrguEUrjW/nYBAKDmWdqe5wX+hClRUCc0VwHhGh6KiIhGBBARAgAGBQJKAzqWAAoJEFgJ +Y8+0RzXtH/kAnj1DV0eMhr5c8R3klVmcjr6I+gd5AJ9Zu6E4k7ZkoKr74SED6q/fyCBZjYhG +BBARAgAGBQJKC0/DAAoJEN0PYhPLKJ8961YAn0LJknDuzVbk7sIO7N9WXYwM4yhuAKCBOxoF +lLr/xl3+BMumNFuR59r6+ohGBBARAgAGBQJKDWXZAAoJEKjNU8cE1Lo51ScAnjXP+95WQUSy +78owFqNftTzRI+pSAJ9GKYpJk48lmV96wvnhYVqMnxj4hohGBBARAgAGBQJKFgRGAAoJEO/h +TFqnfvDtdisAoIO0tjFvkWnnxs6oYLzBdn7UDCsKAJ4kOjRZpoIE0+/ctJyr2u/Br+h3VIhG +BBARAgAGBQJKHA9JAAoJEEijPpPHBlhi+W0AnR8Fg12YdAaffBeEqjgCGHGwaImeAJ9qVvYR +uI3DS2oGHcWsj/VjICbldohGBBARAgAGBQJKHA+EAAoJEDOzqfsDUwhh0d0AoIIEUuTknli9 +IEruYwE4ze3k2BfRAJ9kKPb4mUygwwcFKH+rC4LqP/GfA4hGBBARAgAGBQJKHRgxAAoJEJI1 +mYGjP4YiRjYAoK/crUzk2K7snIlkpQ5o0Use2gGPAKCu0MFEU9DIIlzeCP5CMXtEwIFOW4hG +BBARAgAGBQJKHxGhAAoJEHiNgkfcA5dbL/YAnRKpl475ULgnigW+Yupz4p47bZfBAJoCM1IB +4je10X6UoI9OJvvUJ16Fy4hGBBARAgAGBQJKJ8TfAAoJEKgTSad+1XPTvOoAn2OrqSZqWHYU +fxYKV2M4S3h+pgJJAJ9RJaTUb0o680oo+wHeN+Ezh1vL9YhGBBARAgAGBQJKKURAAAoJEJtr +lA9v8iC0Yu0An1/m6jM+xKkn+xLUvnajMtJyZ0+3AKCFQ5NjhfVGtNENzXyOIVxniXZX+IhG +BBARAgAGBQJKaRBWAAoJELSdu4LrFcYX4/0An2S5HGgOTromCxLvZu3RPwAIEekaAJ9dp8HE +chUZ9mn98yhmfuAvgpSj+4hGBBARAgAGBQJKaeQ2AAoJEL1K0omWKS18tNsAnidZ5ORK0qgI +65bCOU0z/nRUP4vlAJ9TQZByMVYi3FPjWvyOruf6AGbXQohGBBARAgAGBQJKjqsYAAoJEDXP +ppVyeSvyZvMAnjiEyXdMO6Fh0tOz8H5kR08LzbB1AKDLtMbFkr8/L8nWxmOhmv8/nTiNY4hG +BBARAgAGBQJKlShzAAoJEC7y6IrDmSgguHwAoPEPVm4uEAZD46Gweax711DULj2PAKC6u7Xk +B3j3+ZUWrL9M3pW/FqlIoYhGBBARAgAGBQJKmzctAAoJEH+/otz19MNxqRkAn1I/TZJy3pd7 +WCcjn2r4YctaQxLzAJ4+5UM8JIaM2F9neOFVjs8YxCFOmYhGBBARAgAGBQJKmzesAAoJEDUF +AXrO5B8CE3YAn1UisLUeoaKPO7HsOeVngTBeWENhAJ46imJeXQFbNoZR1STYt8OLkQ8ixYhG +BBARAgAGBQJKt+b+AAoJEM8RdMOqeJChdAQAoJGrZtCZbC47jvPJGamVf8tdp8gKAKDOxeVB +Hzx33guvriZC3DgrO96n6IhGBBARAgAGBQJKvb3FAAoJEIlHSHQy5Kv4uX4An2hvXQhAn0X+ +beetV4wLOQh4jN7xAKDqNb9382dDWw+ZXLwPLGLuHA29XIhGBBARAgAGBQJKxbA4AAoJEIM1 +0S1/44GS+TIAnjYeBw/91/o/ywaCU8QDWO9D0bX5AJ42UwvunwYU1gsoJ5Ef3HbyNOiuK4hG +BBARAgAGBQJKy+yBAAoJEOyg/pLxcSm0ttMAn25gq4pGH8aJPsneryBspM+nhABQAJ9MbZHY +N8IjfGJCK7PF9MBo/AEyrohGBBARAgAGBQJK2QdCAAoJEI+Vk6TEGObs/2sAn2CuxxUPdpV4 +acPRtc4welROhM6PAKCDwfCg9+Oo5wCorIhCIw8JskQ+RYhGBBARAgAGBQJK5glZAAoJEHsH +GyCiglPwXQEAoMm8Bp/ulY2Groc1DV8L5FhGgalZAJ9/Tyn4J10zjA3TLyMH+w0vP1g5nYhG +BBARAgAGBQJK6ibLAAoJEDHedz2NzEwv4UUAn0Yoyf2xH5AHuTRcuqazTcZSRI6HAJ9uA2a8 +r1F10gZIMj3mbAlGOrkqqohGBBARAgAGBQJK74GtAAoJENLGRNY3JIqbLecAnRuZ68zJxuAb +NFYlOkk2gnmizYZFAJ0S0RzTWum/jTIB0D3VFSmeKsTUtYhGBBARAgAGBQJK8YHHAAoJEOHc +q+7Oj0WI4kYAnRR1QsltUGTwbyUpUL4w7Vqjr4WUAJ4u7UQDhHK+D4eovUmkzvn7eHYfwYhG +BBARAgAGBQJK8sOKAAoJEIOP43NflrAcHMMAnR8f4c12v9IsXVY7+8I1fODIWkQTAJ9HZ21b +47SGbeqfyLg++XF0xQcyk4hGBBARAgAGBQJLAFjLAAoJEG6sy4ayMywWTzgAoO7qWqn9hbvW +rm+d+qk52LMCDsS4AKDMjN+1wJ6IkXnq2sJkbrU22SUg5YhGBBARAgAGBQJLAaOvAAoJEB2N +Hm2Rh2OXJjEAn37Tf5/p61ApzHUbIEvaE582Ner0AKDaUXvarPwZT513V0pVeqp3UCeh64hG +BBARAgAGBQJLBMtlAAoJEFRM/43N0R5gi2MAnil94cYi7ozYnM4RqlkerWdLrJP9AKCsjhUI +OT3MTv3uTxd+BNQHjK2jo4hGBBARAgAGBQJLD8AwAAoJEFts3CWTcpNHZ04AoKQ7pM0cBhbq +qZSiHfiaKYVqlfiSAJ45YYsO5NUjSOn2/omHeyHncqv/DohGBBARAgAGBQJLJR8mAAoJENZl +rX+lqm+6mK0An1lF9gsuzqq3kXt/phrC3wjDiewFAKDMhw9ax5XfNIuq90Qqbtn+3SVrEohG +BBARAgAGBQJLPMw/AAoJELFpe2k7vpaZR6sAnjQSL5ulKUyL3dR6i8AuO/nlobmYAJwNR9AK +D38esUX9Rsi/BBQHDpY7rohGBBARAgAGBQJLTMV/AAoJEFA3oatLK0nWB3EAoJoTED7b4ufO +Oz4FbQ9yKZFrdZxxAJ9vRBsHimuszgOWdedJqOiupo717ohGBBARAgAGBQJLUBFQAAoJEH3N +p+AuMmUY3LcAn0lg4l0fQfJqL4ogT9TCODtgJW/PAJ9dT+Wo+z2ycjD+yjdncbpebcjCAYhG +BBARAgAGBQJLVywDAAoJEMAWjWf7mm8KxQ0An0ETMxG6XCw/lA5nAYG8IZiUqxqWAKDhMLdN +NcBz4XXAfA/fejN7JPtnFYhGBBARAgAGBQJLac9KAAoJEHRmGAb4j5xVhKgAn0xyKp8p96Zn +pF+Cq4/PFnGQrgZQAJ98iS8tAlS2QLbNXLyeL4/WAO9Eb4hGBBARAgAGBQJLcAB6AAoJEOPk +CHHdXycqELAAn0+3n0Q0M8O8e3dDbsFesTHBO0lfAJ0U+Z3PCslcOIf5nhbW4Vv45+P1e4hG +BBARAgAGBQJLf7UlAAoJEBtxD5iRmh+/iwQAnj93bmIFD8Yr/SI5Yv6FYCLEWBetAKDAOTaY +5nEZXN7cm4jSeS5MY4znSYhGBBARAgAGBQJLhbAEAAoJEHDt+hy/nccyJwAAn2FuxnHRuEU4 +MicuW/iAF4vkkH+AAJ94Akr0zcidd1pcrUyHbrFEPsnuEohGBBARAgAGBQJLp5OVAAoJEIWH +aMYIFrBnQYkAoJGEE2KCvUOqiEXPcGDqkTfT/QVWAKCbQMvMbfiCwSLQxjE/TqdyqJLFEYhG +BBARAgAGBQJLqTA3AAoJEMuWktMgXQw1MwEAmgIjKM/biN83C7l6N15BOJheZWkqAJ9IoxrM +1nUnFkDFvDAMHL7/EJHrt4hGBBARAgAGBQJLsY4TAAoJEDq+upFWhM/W+asAn3X3WjxcqjS1 +fTj2uD+swiu7qSZLAJ9gVOEuDuMc1Yp7h596jkxympbpgIhGBBARAgAGBQJLz7m1AAoJEEX1 +4AWpKf/DeBEAn1VfVVlhd6iSnYrhwAMzRGLy2pKbAJ4p3G7IOTFUbI9dELK2PkeyEQR0y4hG +BBARAgAGBQJL57aVAAoJEL1K/4cD1RAaPagAnAzfx5Y58XXKsBPBZiLNBS3MEh4wAJ0XjUgr +GaR+2pmM52pwR8/EldCMgohGBBARAgAGBQJL7DpCAAoJEBi7mMVihJzeYPUAnRd0Y0xZf0Ua +AN3+sgn9PWZJWVAyAKCJ3eI/m++q8n+Z1rwVPf6rQGEU5YhGBBARAgAGBQJMF8mcAAoJEDaM +6G/PBBAoetQAn1JfBhy9xflt4lPXTnHsffnxI+8uAJ9vpXM3oVtrjyX/+yJDZ62aOITQT4hG +BBARAgAGBQJMI5+kAAoJEM+quhMAM/QR2YoAniQxBA2kIa1P+4WPPzGjO1uZ304pAKCWvPlJ +ANcsM5XQM2GnksBvvLiM0YhGBBARAgAGBQJMXDCzAAoJEE56KYToC55/ESkAnRAzAWPTxvU/ +/sfu9AeKRNEV3hfdAJ9xYv8aKjtwyEbZaXRrmvdLVKjTmYhGBBARAgAGBQJMYm24AAoJEM5Y +Y5ioUrqsNVMAn0VZMSJpSruR+4zPZbkQcl8esyJfAKCrco8u8mhEd69E+LYH/A4CIbgdNohG +BBARAgAGBQJMhnIWAAoJECk7TnxhDto7iy8Anj90yJuhAWSmniODsMwaB10Fa1IpAJ4yoCwH +UCJpOhwIm7OlnPluk2Y/mYhGBBARAgAGBQJMwHNIAAoJEOgkW4kiRO2pg/0An2jf5fWl3E58 +MnP+CEbR9SnfZ1kMAKCvL/Hha8KvpaFbZ8xvZ3zDjLFriIhGBBARAgAGBQJMwlXAAAoJEAdX +5Wpy04TTCHoAmQHHIFC75onLenNs/vLEtAASF04bAJ4u+GC+mBevu8EzAwBsFSZDgpXbQIhG +BBARAgAGBQJM64PbAAoJEH7sqEn+1gVgvnQAn0swwzSpLWyResHEi8ciU2+B4rz3AJ4kS0tN +3uB7vcNmSZvuUhgFpfXFu4hGBBARAgAGBQJNFIgTAAoJELioT4mIdMBWn2EAoKrH6RiAJejV +/Jza8bAwE6LWMDHVAJ9evMScuKaW3EncwYLVIuTVc1nsfohGBBARAgAGBQJNGmzbAAoJEPVt +Bu/ljQaFgb8AoPKXy5rj2ODQAeFu0lJfOdWmEhEMAKDdc1ScYDWqg1lCgXNAMKrK7ZpL3IhG +BBARAgAGBQJNLQy4AAoJED8cXEb+Djva+uIAoLw5id3qCYqenafO5MXB+Q4NQRf9AKDZe3oY +pNvP4ZA432NUE0aOxQ6LAohGBBARAgAGBQJNLXwGAAoJELmvORojpWfiRCcAn0dgx7X1Y7bl +NLlJjVXCxEXw6pbhAJwOFqYkOt/lO5c7QML6PLt8JaG2+ohGBBARAgAGBQJNkfh9AAoJEKwO +w1KFghxCP8gAn0AmWIvJqVfrqzmt0OgK6/Q1bsqUAJ0bSkVFQgMgmLfpdkAzkSUhFYANkIhG +BBARAgAGBQJNs9VOAAoJEGenP5Rv7tqsrqEAnA03N8fKLn7Py7AOQFPuvxjkMxTTAJ9qJQrX +ovg/+DBj6kJkaJGC6iSrzohGBBARAgAGBQJN0t9jAAoJECm6cuUpyqIUV4YAoIr7JarXplT3 +hRDvlxNmIcM0pUk4AJ0XDsxDdSAhBn4/NHhg3QDZFtWgTYhGBBARAgAGBQJN3lx0AAoJEMuO +op3KdBf//igAoJGtTaxI3qiXsHxcFF6j1/8CCNqpAKDQcNkjcCKZNG+DdDFNq+U/5lqTA4hG +BBARAgAGBQJOIFScAAoJEEUpEw9Iw8SiA1MAnjBfQIHfMphdbx2LdDBd2WXIbbMKAJ4mc+EI +IdQS4ZLOa2GGchz1f1k81IhGBBARAgAGBQJOQedTAAoJEKdkHi6zye4Kr4sAoNCyepKhI7vL +05bj8HpL8A9zi22tAJ0UyTjxWRGiPGCcf2hRXP4Olr0nF4hGBBARAgAGBQJOVl/rAAoJEOeA +g2hANKwdcqUAoKJxTEDjAZ+x972h74t7Mne1AOZBAKCcTx6dyfcTSZ2AQMq6qZcaJJs8WohG +BBARAgAGBQJObtNiAAoJECLu4EiAhgYPYkQAn2OQyjI3KadaQkxta1ysn8JKoR+qAJwPCqj2 +ZM65qKrLhIL4EUyaQyiBhYhGBBARAgAGBQJOgymMAAoJEEHmyql1B5VYw8EAnjdZuwOB1iX/ +Vjv2/o9sKFf+PlQSAKCReEcURH81ffYwpdYPdM+Vum54J4hGBBARAgAGBQJOl3n9AAoJEGOj +C5oO8eQQZ1MAn0c4/w8vbhDFzR8eSeTTRufFtDrcAJ4yt+p1aM4NmvW8n1QvJVatqu8cjYhG +BBARAgAGBQJOwM6SAAoJEH2UED8VIg/lS2UAn1jRGijPH8Or2GLwzWjBoXFTgHE2AJ9IWshb +fONQtj/FgSMrxxRHstBl14hGBBARAgAGBQJO90+gAAoJEEO8mUiUGFu5/6EAn3DKEs6cw+rV +bIGPI2V9Y4dVCF0jAJ0V80pwR1XHvia6DTvIDfwmeLzE0IhGBBARAgAGBQJPHxHIAAoJEL5v +MctPMhUy4FgAn3A9U/BLlmO4vY4B/+KKze+Kl63QAKDEIN4iid11TgdUEbUiQIDhnEG2NIhG +BBARAgAGBQJPYKyxAAoJEANh4ymrWp4eJ8UAoLH8OwmArmW7R/NlggadkqruannOAJ4xrGxe +9Qx/GVlTBAG3P3496D3VTohGBBARAgAGBQJPwFBjAAoJEINhqbfFUwmrIC8An1iPLPmulws7 +/GsvAmS3IMXfilpwAJ0UmpbJzviWczX5EEfk7s5ufTcwGIhGBBARAgAGBQJPySVbAAoJEG8P +Wc0L/TJTV6MAoM6NUqXDz6r83tPMyE5asltHHKThAJ9Y/IFOBR5SaiomUdS9BdzoudlGYIhG +BBARAgAGBQJQBJ+7AAoJEIRwQT17IV8vMyQAoJp4qgGxzlGiQbWzN5l3Mju3I7eSAJ0bFC+q +mKWCz9YgUp1JyauAcRIZ+ohGBBARAgAGBQJQh+MMAAoJEBTHrXGFxgQUeTAAn26+/5Cdzx8f +jLTLkwMvifvDriy6AKCJa2U3Ajgq6uOiksmLPGI8PyLVGohGBBARAgAGBQJQnO9UAAoJEA1n +JRzG2vAO75AAn0VbbBcpSkRHvzJTvQ6SYCtUc37PAKCHh6vp9jUwnP939q0N8BXDse9Cm4hG +BBARAgAGBQJQso5aAAoJEKxu5JWlRbfCwDQAoMhid6h8KHt6bqRq5jHo1ataovivAJwNT1Yc +zsrkdUsrUnuNg4Edl1pBMIhGBBARAgAGBQJQ2v8fAAoJEF8H5lnfzOGiEAsAn1R0nY9WVWzX +SviP4gDKdHep6toWAJ9PYUsXLfRbuDUgUEUR1CPbuAa0dIhGBBARAgAGBQJRUMM1AAoJEN/P +h0WxsjChX1gAnj8Qo+GjXfQCi1L1xeCy03sY9+3MAJ45L+cJ5hpMsbXrqWeYOsaq1Bv+3ohG +BBARAgAGBQJRnhFdAAoJELSPipt4s55/tUwAn2oT3Y2BH1f6fWC7W+dL8d0MCEOIAKCVafJu +2IV0rXBMBELfXlAZY/TyRohGBBARAgAGBQJRpGnJAAoJEABsE6aOJdO3mIoAnjWBVhzZqRrV +YBTrQdpQw5RO9kdFAJ49jTSivjWwswKAFwFI2gDzL7/RjohGBBARAgAGBQJR0ZydAAoJEDwA +nmsSB7+6+d0AoKkEjuRmh9RHFQfk6gEO76XV+FR2AJ43yMw45yULm1zdwGyyAdPzS6bM/YhG +BBARAgAGBQJR3axQAAoJEI+Gq3hRQSh2h+8AoIh0eIeDsCCTXB5UCLp9xpl6exYeAJ4uSwun +phh8AAvm3iEJd0f+O5JKCohGBBARAgAGBQJR4FIwAAoJEIR/L9ARsmwTLFQAoKVCt876borV +QmxI1VP5kJGOkhcaAJwM0zgtQyp5JIKikIXeCzJQyqY0hYhGBBARCAAGBQJKeOB6AAoJEMU2 +H9+bJ7gyxiEAn30RjduJuZiZEJNedb/6Jt2uGDnNAJ9Tb4djp7Ayrse3f989a2yZ72un2ohG +BBARCAAGBQJMh3ndAAoJEI1jc2ACKjmzjU8AniKPv8sQ4YWmvEoHASmuQJmv20ZpAKCK1tBj +xr1m+en20rBZpMjAUVuZuIhGBBERAgAGBQJKq4QAAAoJEDwk07Q33U5Q6nwAn1T7v/tFPLAH +t902RCf6/fgpRlY3AJwOCwoGVxO0XhKoJY1gzOhE/6hg/YhGBBIRAgAGBQJJtx2oAAoJEHqD +rzNKkcIjy2UAn2eB6odcA5V7sOCiXc/HZNG/iPyeAJ0depOBalciPNCoMY+SgVjrxgLXS4hG +BBIRAgAGBQJJtzIaAAoJEBgjoozcBlYFAgoAnjjQ8qZxdmszXHiRvi/qqwp0JqffAKDCTNgD +hhcIYqs3xb15i+QGYMbApYhGBBIRAgAGBQJKCrn/AAoJEN0PYhPLKJ89l4UAn2UgWa6zb4EY +HEwFQSMl1CV7gfKpAJ9Mf/lFgWMma3OoIHKAlyYQYJqcfYhGBBIRAgAGBQJKtXYeAAoJEAIb +VKf+HdHfexgAniNQ4jNEhqxDb+Eq/5Sg+vMDgU6FAKCzcHdiYsOf8CrIbeQKLMYHFI5FtYhG +BBIRAgAGBQJLGtXIAAoJEAOtkjQ7ivhLh40AnRD1iU5HbeVgGc+CV2WNcGnq8cchAKDGyTS/ +CMGB19qOUj0llBOKoo/G54hGBBIRAgAGBQJLsYz0AAoJEKn1DPuqz3i1DGwAoIj7+6UD08jV ++coyjJOj3+G+yx83AKDFx65YGqlx1wPx4CUQa41AmSQIo4hGBBIRAgAGBQJMS3OkAAoJEO3L +f9ZrdgU/wz0AoL/fw9us2zMzTv+/PzSJNKQLSMcwAJ92mz4NzrZD+xOtpL51cAV1ZcBsA4hG +BBMRAgAGBQJKM67nAAoJEOrUtZD2iZvA9iwAn0tCBr/iwe9pdFRBfghgx4nxco7XAJ48WLZQ +fClEGJ+X+yVUgNW0PL/qMYhGBBMRAgAGBQJKS8ZYAAoJEFwhtIFYLF38tI8An3bWqj1ob7DV +zANXBQh501bL8UP0AJ0ZXDN8z5VcdYM0AZ+kVBHvECOjnYhGBBMRAgAGBQJKYNfUAAoJEEX1 +4AWpKf/D6rMAoIlJME7W0HHqF5r3ennI533rnH+PAKCO3dIpBM1/01v74AC260LcYBljQYhG +BBMRAgAGBQJK2HAzAAoJEGBu9zUUqr0r0zoAn0Zm2VuPo96ex43Q5Mi6+7T7oWiyAJ9F9Z/U +bx6B4gKuXziiGtmxEEe6AIhGBBMRAgAGBQJK2tHJAAoJEGuEdVmQFyAUC54AoM6015c0l9j9 +W5dxWSyaOTnN4aAdAKCQhy+2gaKZEVOVF9oJiofTKXeB6ohGBBMRAgAGBQJMXcxTAAoJEJcX +p9Db+piUkhcAoM9bSf3O8MkUOGp8Vi5YIo3TVfL5AKCjHvgPg+VNViMNPcXgz4cZrglk64hG +BBMRAgAGBQJNRCdkAAoJEFEn5+7b2q2xCbkAoPXZyrN9TO8A3WKGK8DPp9BBOUqSAJ0Zjv8A +KjrLwORKyZMO3q8bZKn6X4hGBBMRAgAGBQJNpwnFAAoJEIrbrSdiqYu4cfAAoPJlhcn+9G0d +rtQVNxJbjWvHn/KRAJ436pXU3MK7bYn5beD+X+JtffMPsYhGBBMRAgAGBQJNwbflAAoJEPj3 +Y8ohBi+D3dcAoI1N1yWN0K/YSXF+L//sKFcVtjzTAJ940i1H0VMX3tZI509Sbfp4v8hlS4hG +BBMRAgAGBQJOeawnAAoJEPyNX50+tWiI14YAn3rrS76VzfBRVmLECVa+qA3l9fRbAJ9ngeEU +Cwj1oijYioA2SwIpP/YptIhGBBMRAgAGBQJOebBRAAoJEH6g/dWgrH1qXnsAoMV/DFVzpiIJ +Qn6A8OgStQLKoU2cAKCrpeVsLsdtSyim405FKke/mhZis4hGBBMRAgAGBQJOebCoAAoJEECf +fshohR6WJQMAnR3XmFeAsvRoHJUfCDgQ2zNQsFMtAJ9ftL+wpizihbzQIH0C3mJDtGvW74hG +BBMRAgAGBQJOneBsAAoJEMR1k3wM5TLlEwgAnimpqMKP9m6FnvVvaQs/GZgp1zcpAJ4m0j/u +s+aBKtf2/L7bEtgrJCYY+IhGBBMRAgAGBQJQtPCUAAoJEB1azFOME266nJIAnju6qSX4LmQ7 +nC9dCsdbol8hSJrPAJwIP8dHpMQxxFwSqDIsRoOz8Z9ONohGBBMRCAAGBQJLJSX+AAoJEC+V +FQiq5gIuBjwAnAvoQfvOlqN5EpPuIa5rqxU8lSnHAJwNe0sbPZx/bQuRWAmPLlZz4jcWZYhJ +BDARAgAJBQJJ33VpAh0AAAoJEIk8dGq+K6BkgZYAnR+VXxywydU48HiJ3A+6H2r1P1IDAJ9A +MS2n08aQ0rjAIvGApgoc1BvDeIhJBDARAgAJBQJJ33VpAh0AAAoJEIk8dGq+K6BkgZYAnjf1 +dhRAPKyOeZmFIiPXY2C/YVz8AJ970rV11j6Ldfpd1Whq5uUTwmYKOohJBDARCAAJBQJMh3t/ +Ah0AAAoJEI1jc2ACKjmz9HgAnR3ZAb5sOVkac78H9r2VAKP7woS3AKDARKC56HYwIhAFE2dj +hLm88Xwlp4hKBBARAgAKBQJKdr6iAwUBPAAKCRDU2DsPUXNz+oYMAKCXpuq76wPrHAEyxNxU +9vm6SmIGTgCgu/6wBvwt9+HF5HkNt1dE4C4XXrqISgQQEQIACgUCS9mNAwMFCngACgkQR6Cv +g/FPVN0rTgCglhX8KCcvc5IxC59itIg3U5H3OxUAn1STKYgzaTvq7jm8Af72ASYC654giEoE +EBECAAoFAkzDwFgDBQE8AAoJEOGFTwSIMZlyRMIAn3Ta0oznTVS5Amll63Gv61zmgUZJAJwI +LWpuEvcEp3YZOlnCZumOAUg8H4hKBBARAgAKBQJRLIxJAwUBPAAKCRCy5pu/q/6kElnGAJ9R +6XkqE61pEgcRun6B+8NeFP8/fwCgkIizbwHuR4JwU+5Y2xcPsPEemc2IXgQQEQgABgUCS6iJ +sgAKCRBlXTNT9rrl2JtrAP9sbLd3bMDmsHALDz4nUJphho/SHsaFXAxFvo3J56hXVQD+J/Im +ZsRMX4shvicFONz2CtxELWE3RVQClkl9RDhAtQCIXgQQEQgABgUCTMA/LQAKCRCpQsVmE5wJ +xnA6AP9thgyxIb9OYy9Js7bY/68Kz+t3L/qqFF2xFkkGEkoa7AD9H9PGSnvneHw89m5ndVl4 +JXb3en3SkPaf4ne4NSHUIw+IXgQQEQgABgUCTPNOqwAKCRAic7OqmpMGPuK3AQCQlJLy9WDz +kR7Dwu/6/dftRDr2XI7g9wE3jtcdtopupwD+OlxlQQUSDfkzc3koMxm5Aq4trrsG2TXI/AqN +/YJkRNOIXgQQEQgABgUCTQPi5wAKCRAFOCQcmxnlnuDKAQCI/sf7179WoB0I3l4fbouNtkWx +3DTDxb9ANQJeFp67KAEA2DiIx1XPmmNzVMd2hdQ5aHWUK8jWwQUmDGzIhae0qwqIXgQQEQgA +BgUCTUdeqAAKCRDTKQHQvEWoUUitAPoCXGCbzXATncCGx2vrBYpTqWY/EfOQXm6x9FOrlgpJ +iQD/QFue76ecLUitmWkjZu9tUp962FX7j/SE6Qlw/5Dyx3uIXgQQEQgABgUCTWbWJAAKCRB/ +urM2KlaHOEpmAP9+1AE5XBGZtUL2FsuJ7BONz1aMhgfuC55MFxrb4IgZVgD+PCpK3sl86iI8 +lHbDAfrSZ0etCWSjMoLksYGFF9hojSWIXgQQEQgABgUCTWeCagAKCRAMlXLShRmLSe7xAQCc +HBJseOzOLOrmFJy4laAv8X9aAeidL8I7tondE4GFOQD/Uf45jo6D5YUhfnXOAC46GobfWIaw +97YK3kfxnxznfKeIXgQQEQgABgUCTXvRIwAKCRAv8s3EESSkaWT6AP4wYjeXuldaY/Vel786 +IXBbrM0g6fP0Dp9rTl3UAXfkdwEA6z5fgxilajr4tK0NVInItsgsJ+avgWj+vkz3c18b0m2I +XgQQEQgABgUCTYkW2QAKCRDgcXx4BBdKQIvuAPoDnnY/pzPyYuJr60hzm/oRfi60w34Lx18d +FcE0xfZrhgD/fVX6cGDOWKOiww1UO35MYxEK+evHG9lwcKPiGMNFMjGIXgQQEQgABgUCTmeJ +DwAKCRBRtaJQ90HZsAD2AP4y5G6VvuyI88Tig0d5WOepXqYmig+Zro9serZuphDWFwD8DhLT +m48j4u6EU614+Sp6buJ1E5w7qTWpTynrH7J7Q+eIXgQQEQgABgUCTmeLqgAKCRCTCyMfhLrD +IK/PAP9piFYtUQ6lALGAkThhMScz9T5fwqLfKZnwcaOgelNzYQD/Y3KL4Z6PaOkUjhi34o63 +ZG9mN577POnMLvWP9cBAXGiIXgQQEQgABgUCTmykVgAKCRDcsCOtgXX3OsT3AP4j/zgz6/kX +EZTdPNz6ok7LxH2HjFKOXpJqEwtqbQYGewD/V0upY/nqWNs25L+AdvgaeRRuLl8QGVXVsT/6 +RdIOUj6IXgQQEQgABgUCTnVXFAAKCRAh/o7/Ii5ZixqVAP9PTx/Avlst12jso+czREfeCzIJ +DM5JLqaL+Rp8TQrCcwEAj4Sla+iMmm7VgTo8n6SrYsp4EJGyQGRlrkUXtaquXh+IXgQQEQgA +BgUCTqIP9wAKCRBXoviP+AiTtiH8AQCgOXW9co+mO7cRFOOynrZqFmU+BAdrBSsAf+QomYnA +7gD/ZqT6FucmV2pEBAwupUKFdizu623HFi9hoHtn0obx4jaIXgQQEQgABgUCT0V38gAKCRBu +beqaAjzI4ewUAP0flHLWt7b7yHZ7FUoZGjvEDnGurwdBr1oB8grDgNDFTAEAy1wJCi0WVH6b +tw48lN5sigfuNTu1lj1Mp5jj4RGpBZeIXgQQEQgABgUCT2CoggAKCRCI+jdb4ANdJWU/AQCB +QEU99LLdypqaV8ltowo3VapXYV8a2zYAENSaCMpUowEAnWyPnNOrgHerd8Szwyt6GI4MJchh +2ohD36LqQqfLt/2IXgQQEQgABgUCT5PBbwAKCRAjHXOdE2xcceNZAP9rU/vszKrtmE0nbl2p +yPk+jYzitgrJW5R60FBBKO8MQAEAimIw+M60+w+qkwPRgAcsecxvSkrpM0KNUm6HvQ1ldcmI +XgQQEQgABgUCULySMwAKCRCUMJPtKU5/Cq2gAP9N3+OnHryxJpE38aQ+Bo7pbQl3xIIjSNui +j6ojcF1yTQD/VAyOn/rR+2KyFjYdZcM/0M6GwxyOzAn2wZppEuPByaeIXgQQEQgABgUCUOL7 +tgAKCRCTcrdAslmE5KacAQCjv4336jo0z8mErLBgSzA4S8lQDQOSlBXjQbfKU9GYwgD9H6QD +ZsPYQb1oqDH+6W3/r28zulaiY6jsYsBgIt8jYPuIXgQQEQgABgUCURlOaAAKCRD8JkKx2xXB +9WofAQCwekuR87azqCgDPu8S4iaFDMSjxXG7M/6eMlU3zHYI3gD/YRWEc5bv7ynimymcaUSY +5GE5gbSVrdbf+JFl75buA8KIXgQQEQgABgUCUWdW4wAKCRDzlBBWCqkAitKsAP4h3jJsmr5+ +t3ZZZAzah50arXhQmp/8toH+OGj856JOrwD/RMui/FKP7t8JU2rtj/7A4p3MmmorvvuJKL6Q +/UEnks2IXgQQEQgABgUCUhXDTwAKCRBKUcfw7Ubwyx6vAQDU/FfFVFf8qoFGZMiO2JFeWLCg +Mlyh6VzEuQnna1azywEAsrfa+RJMyYsoZ48atzfF926dRJmq7VUM94CMw1QLJn+IXgQQEQgA +BgUCUiqFoAAKCRDC1jGLt/dj30pDAP0coaykN8LOcTpzkXnijdLIQtCsKO8u/0xbN8eEhB5j +xAD+N81U+f0ttxzDqmXPu9c0G/sjo2VXQJxbrDf6ZOcZ+viIXgQSEQoABgUCUUMN0gAKCRA0 +gBRN4ANdJRZhAP9j7TW1rp56yfYVJ65cKoOL3daoHQeUEPbqbhiANQkfSQD/W4TtErA6oZyk +ou7wnFKGu8yJZHAdZONmwSKDn0t7DTaIXgQTEQgABgUCTa9eRgAKCRCop5DqIgQDt0e3AQCI +CmuNkFt0bor0b1iUueCzeBgL5ia3fxUGEnkLblCp5AD/UNAldGVn9ZSnaeNgTt5KHkkt4lfZ +NEcIbSk5hxm4qQuIZAQQEQgADAUCURCi0wWDB1apgAAKCRD3hB54UJHMYVeMAP9TQ84HnT80 +CXzg8nD9/OKCfFFDPGmMWbB5A+EfYBabnQD9Ecj99XUPKaGKvUZa+jyOPJXuEn6EEN2lxvWf +7v7oFdSIZAQSEQgADAUCUZ941wWDB4YfgAAKCRCAlNQ6q3ZHfW9QAP9UPpgaNZRDBad6N4ym +4ZirmpbA8PPZJ7ahTZ4+z0tpPwD8Dzi6MjlHSMNHrE1sarr3oFndjbK+uSHgRLvP5EXUku+I +nAQQAQIABgUCUC5vlQAKCRBC5j+f0+THVNBpA/40C5armB7l80gi+Y4x0NIPHdimESrHuq1+ +KilGzaLQYC0pgD+0c9z1f4ajkoYujdg2r5LvQrYXNNpAXEqIQ7I3XFb+kS42xMvkUX5G4mgD +egyg3El0ELb249n2AQP5gWCPfN7SJNJO7gQlrNBtsdJ2DSxas4REdyTbYdRRCLxc1okBHAQQ +AQIABgUCSo8trQAKCRCRyvgdZGpJkWkDB/43nHvUZIfmIqLvo0uTX2ptCGe0bPuvlZRE3tHz +7voGEdSr6rqptn6ylGVq3GvUc5ZQJXomk2Wx/HJysU3xRFv1AXf6IisAlr0+u4bm4ycxfq4d +sl90JcssKisUPFNZkyKW4iDGqf8qPc1LUT6nkUnfJwI8INyb1bCHmPt74jIDWhGJyYJo1bIn +e5+4OO3Tg7nsdRMbzGfy6fQo7vWGNfr4giKMOlC4KC9x0wtKaoa+iTG7y+hL6NiBU9K2LY20 +91DsDEmpZjzNot7zFW0cD+22t+d78D/8YYFhPBngUZYaPtr5gsRyi5/ggzxJPsQnkknRqUKG +zV5vDR53q6DhidIuiQEcBBABAgAGBQJKmzfMAAoJEBaeut+2gvv7SZEH/36t+3K5zGITRnfe +qtvd3Do6a15sM4QkCf+vWy/ZFLsgCFCXnH2uHnwkZ9IMgtLvlcOG80TPCQwignmPHUBV0pk3 +PA2US7YmlGy239uU2QJfdHs3qsFMpvZgixF/5EC1bMS4P8RrhVomZALO7xl0EXzdSv516UYJ +USe3ChnntLJKSGr6SJaf9owReLG4eH5uRwAmjz+W+1WaMDyF/qbkAugvyKR+pXoxwgdkirxz +fZaiotmeBXe+/XVYj62GSvsmsUf9sws8xJrqsuhcF07/wKlIzgbAu59ESa6IjIVzIOMh5wLp +44emMGQKDtEREpadk8YANbLPZjdUKE1LRqebTfeJARwEEAECAAYFAkqbONgACgkQbNwzNL/+ +f94ilAgAkY7t5wFCXFTIFr4TrtfiITZp1Y94lqCXeFGhiG5d6qaeydLTOPEyq6ZuVfzZhARo +1KI8mE4qJjnO4oGis4g0wVEnoB8rcdbwwxlO7ZnCTi6fzlBUZI0NVqNcKGtLC7p/61P5NWP6 ++V+hWulWo85X02QO9FhlJDRTs3hZTzmGkYdEQFFGqnrCJTQqgSIbu73e0DQ2EKhSAu77X7aZ +47loeESEU1jbXuOioPf+nTLc0yZM2XJ6AzHg2AjzZyVjPCOOzAS43qYbDkn/bhvUhc5GWAMU +omTy1oF4d4jC/julwYQm/QOm19Jnk206pvBcVWtzJkRaI2g+RCSSL+rbuKDePYkBHAQQAQIA +BgUCSps9rgAKCRAH9VL58Rcq68ZyB/955LS2IIYW+remoKTiRHQvHJ86b6iJOsK8TIweM6zK +CEBOOWRPgXZ6MgD47hYD5TJvxmdH257KiKtFCIHi+W4sI+k7cc+wf3YV+lpP9LD946Fto/0s +HLd5rHo1VF6N7pXVRotQdBhg1j1v6VqaPwDe6uzjK55/6XT9ONX2YWqnepFGYjXDt6iD35Gn +uzqaq/Xp9wXOSMqCMK9IMjDckSAZydACl3JUH/Z6TNymtovCdC6iza2Uy1RpxB7YJqLhGIla +osvk8e1gazL/mfFt7LJir91ZZE4iYKVe2l6fk8Z6UNM0emA+5i0SNNFP87egRkfBFyj7SQKC +pweAf7KqaRxIiQEcBBABAgAGBQJKmz4TAAoJEB7dwxVysge51VcIALYNKuFPss1ifaj23TZN +Rpk6SVUdf6vlxORNnz+i6YNKEueBb8BonGzJWU5KKSXTH/YumVO4jHE4rU6PiO/tEnwMd89Q +s/iF5e43rOySAX1A47hjkUg6iBhtBAUU5qU2uIsohd1Hpuu74T65M1bECeGWK2mqSpceu/c4 +y5+Zu0Le8ECOxCeobymTF96XqFJvBPFpMwgwEx5y7DEF3P2W3EoHf+kbSp5tqpRfsQOUbHya +U/8LzIjvNpGIK40Fjy4F/o2grbfG08ahZfJwizxlxEKUnQSkLrvR8okmRdUfCPmTXieUSiE4 +vCcHGj9l1VsLcH1TtQX7/q6P6vuwOc8do+6JARwEEAECAAYFAkrntGcACgkQIXAeklwRsbCr +9wf+JyJP/O8ZipGd13nUBtvBa2TRxbhO3e5opnmO+ziooKhBlz+fi3Zln/0CcGoX7StCkAdj +Lxh5CCXBcyMFAQFSkMGyUu5rg1+WTIet6ELXQ/RYqx7emNqSOk7gzOT9LSUZdWJqcD88Ne7I +7YxmITQaJR5C637iOSGYEqEW/qENm0AQ7+vjFA+YL+3YxSLiqji2tH5JB4NeaIwA1E8yyEl2 +zc3U4NRqGYHZxcqa5mVBMKh0VvqhSc9EHY7RnMLYPUSWCQ2i9yWRjG8O9p8QRDHItErFV0ub +x1lepuDjlt+x6cjsDOSfh1kOXYs5SzsOFZU57tkPR6whtP/YQ7XABUn/PIkBHAQQAQIABgUC +SwjvPgAKCRDFTaJf24uWfneFB/9dcYYm+coXFz0Y1es9vKy702mX5vx1XaFokndy8kJKNZ2Y +LRh+krqdOA4mBtHcn8tF+yd87A5kvhKPC9u7NgnlH4MtmqJ+gvXR5SVWAskvzvT0eaiSiGaI +jMC1nO91iV4BdHM47W8jpFPYZRqseoYW6jrBplvCEkPTcVrcbV3XF7Pfp81QWArUD89XctaZ +fAyB4kJWbkmwOW3Uv6r/ORKpvsXQv4/rK8bKX21vT6nco72G4YVN15FpWaGEavN9g8sAvZqZ +cwXrk/Rh8y3FkMx5Lx9344l/JCmDFQRw2sidsDt5lfz3Uzbpr9jOaHmmRCob4DsGgw6M1Eyo +fjYyyOaPiQEcBBABAgAGBQJLCQ9/AAoJEMd5K/EUloaRkjgIAKZjxY9B4KYviy7sa7WbdbdV +oIDxApmqn8gB5v+l/IlRRjqK1DH6M1GfEW+c/8WOD3HaPY68R77J/rdnO5MBcHgzjp85Mil/ +7tqRoxZIdkFIyJcRAzFLvLEQL/JtMxD6HYDlAx5ITRhQacllJbvsMq7JPBglCqKdOSQhmzcA +YoNeiT97fuY7ZcHZDa6Vmc6I5zZZPkzlnppMhpOgg4wuA+5anjTAKoqzyZcbwjagEmkJI2yn +7sHi7ZUOyurRuLuoVWyLZtZxZqmux1292LXCnyTvQsrkJPztKl7Ci7Md5freYT6Sx+nZzrFH +gaSSkXOSRYUSUjHhIAZ/gZrdHVkQiCOJARwEEAECAAYFAksS4HcACgkQFYjQ0hZ2cNOlxggA +iBAJAXaQAFWxOm0ewWAdZhX8nhqtq/D2jsJM+HhhlXZR78Y+Mim7YWNwwite2C0zwVCg6isw +G/nYWfStjKH17ZHh53lymsXpiZB6gYfrNYscb1QKT00Mk2UihGXg7msMyveC16ddYgQbDf0i +koWuFyoHnxeyD8tX61HoMaWjlzQ1RuPiScdd7EIR8mGei1XcW281BCMJd40EBF4OKWC+WMuN +jWAgPi047A8OhFUYIjWlMX7GRugWdQKskRkHK3qrjspdC8jcsI+MdhGAO1BbtawVx5jM60Nz +VhNsmhNHrAJMVVezq0mBuj79cbviyrZQZ0/qQ7LwEm7eH+jDZaqss4kBHAQQAQIABgUCSyUe +0gAKCRBUs/7ayX7HtdoAB/0Yp7tKvNpVjsGSPPvz/Kp/2v1MybPsYbvbYzZx0n+4v9s6G03t +I/kgFm2XthutHjKkNvnlWAN3+n1D3u1izKgtXW2QFO2qe/V5DPlLMqfu8A5uQPK0VlARtW2p +fJKJeI9Vk5sEFsEwKsderFXqajVfXaHDNsTyDxJR1BAbbUmg+wXwjdY4WYQdSEiCucpoWxsn +FQTl7Mc/kPWjyzDedDkRHQD+lmZyhWWFMcS4HXRgAo+Q1pbC4fUTABMmXpTMbC3efcZOdly4 +cKTyPVzBhid9c+GwUDvX/7qnkyLEMv0htoA3qOeMiMYi7Lt2mlOskWlLYM6OfdRwp+KkvJ+q +lf5JiQEcBBABAgAGBQJLLAY3AAoJEGYkCjMt7vcE/kkH/1UXAsqsFugXXSES4pVj6JsJvFVT +aGIrFIuPHm008Hb2fLQi7zkhHGJw7fUXhcbwTT8L2VQUPU3kcDf82SqbO4me8YYF/WJ0NnnG +v73GPfvK6YTtQT1/Li1zsNeTw2n692l047vBMaR13VtGwgcjj1xd6QUBCgZlay6aozHG8bMD +ZCE095xZtpbNNzBCiZXAu1OeKE7QGnoKusyOQf3xN+71SP45vzb6XW+QPPrT3F1JV7eaBtcd +HY0R6nLC715Eec6BArbWZcQdyZZ1Q0YYSSxPKGTQ046ipom3n1zH2Ly0OJCK4UImOajwwWHo +dxDSUAuXZ4kaNKbV9PwUOSNhkSiJARwEEAECAAYFAks2kUkACgkQ+A33Ai2LFAZmcAf/SYi3 +RBsQTRg+6V8nTGxqdl8ayu6XQFIZTxjTK98PbEdK1axLBbmHPSUwW61k0DxUJj6DjYu3ViJM +55wsL+6vR3T7AAAAAP//seD//7Hg//+1yAAAAAAAAAAAAAAAAAAAAACUpcr2Zqk1RgBC+DkW +lQdLiPP0ZHBHJye1LT6EAKwEvaEeqBBb54/buVgGvlKaP2gg8FEvOXNwAAhqeMHMUiBTJpvS +MPw9QGej3j5kVGTuYysTev1Jmogyagmsep+csC6GQcoVEsa47FzSJz5pU4XhUurBibncKbkO +1VxxOakdFjpHTanrdvOnzhwKbDoipVDCsmgt+x54icPCwmOTGIkBHAQQAQIABgUCSzaRSQAK +CRD4DfcCLYsUBmZwB/9JiLdEGxBNGD7pXydMbGp2XxrK7pdAUhlPGNMr3w9sR0rVrEsFuYc9 +JTBbrWTQPFQmPoONi7dWIkznnCwv7q9HdPscEPl2Zaak+Z2Rj8gb7Ezvm3DEC6nD7suxdPrY +jCEWP5SlyvZmqTVGAEL4ORaVB0uI8/RkcEcnJ7UtPoQArAS9oR6oEFvnj9u5WAa+Upo/aCDw +US85c3AACGp4wcxSIFMmm9Iw/D1AZ6PePmRUZO5jKxN6/UmaiDJqCax6n5ywLoZByhUSxrjs +XNInPmlTheFS6sGJudwpuQ7VXHE5qR0WOkdNqet286fOHApsOiKlUMKyaC37HniJw8LCY5MY +iQEcBBABAgAGBQJLQI4UAAoJEBXauSUVOENdxasH/1mNGQswXQpiAxf703Wz3lex8cDk7nOM +bVupzBjzBtQigREcZaVOkEfAoJMOQfn8SjAd8y8glsx0xa30aIM9xYD6/tiTx8RhYjURorJA +1MRYnTYh9rhB2lOk6EuuRqyYRay1GsFC8ArkJDrVNczvkwz0vMb234wFZJ4GqyNyJu8sYGBY +mokhggmhArjBzlaaXOo9qyYH0/qZL1zQRoxDB92/zftj5sEJovwGX12Z3z1qUdKvHjNrj9BU +4S5WBgqq5mE14foSbndF7BHKRfvDAnLrf2/GxfifgM7By0kflNCUw+nB70LSEMLybrgkLKqM +aL7LoD1wFzI2U1v6B/Hf2ByJARwEEAECAAYFAkta7v8ACgkQ+ttz7N1GEiHxaggAhOnAKS7a +GaUTMvKak5AByxWjMFXFZ178KrZUEwWzBt0sZ9Z/DL6KnRLePmEHhcT8rU3Xp+g6WtTSW1WK +LBfxQgBlgy15joFpmmjXZzL9+3qoQPhig0EsCK8jWa98PjirhL7/0O0fSrk/P+87bZzoh0VL +TNoI09LC//YW+O2MObhdox0PHRFI6uEiBOPZjIRHoIBpdY6qozSejHCpz2I//dn9ntRxMIQO +xG/ERJPbsgMwo6A+V4c+UqPkAy5rZwcaoboa8D0SmVltZKxDGpYdOv8s4f8nEbFrMgRDIZAH +yXOcLLbyagusPR1NZMP/pxvSOs/IiHsiGY+pmNy/QP53M4kBHAQQAQIABgUCS3QmgwAKCRB+ +PRBdOGt/sihmB/9y15VB4HiGQLw7T5Mpew9g+Opl1aApoPixHsOyHqZZbcOyYORLXA0XFMoW +/QJxeOtwZ2kdpoy57CvMGWW6b07tFq2i9YuppwjP+7jME3mUSJcq+z0RowvPvanCUU9Wo4RK +nyerzyCNf5ZrpvytZjgi5J5K8wpOBSj/3OlArBWkdQXcNb7C+DyRs6NTtcK2tyTQg3Jl0OkC +iWsDDL34B09zTMo97sFToUDM8jOrcZTVvEEZtmCwGiC0Go6wpLSOEzbocxqFg9bGMHQbB7aU +N/6GBDGYuvYfPoqWN+ELxfSVVmJC/8RqZA7Jn/Y5ceQwW5nyG1HoUjexbM/5LZzck0z/iQEc +BBABAgAGBQJLqTjKAAoJEIKNhGRkElRC1w4H/RLgQj7s5lDrEyEbzlvH8lKUt2+YU1Pc++uL +BAZbW4DkIAofXmr5j+aQ0ndspCROs77050U0IvE10gsXytFiKK6NyhR2FdFnPBU+K1ZxGyOK +0tg4aGLB4qzq6fD3Aq2V/CALHcuk1341ollmc+oEfS+xW9JQIFn1/1H5fSkc/T5Eqz9BVjou +woQGO5QGjSgYkC0xM3OdYPJ+tJCQyy/1+t/4fXbPiGJAAlpVHZDs+uJEkk6O47upjtZIRcj8 +koFmvPjB+Vuxfmn33hbS+RLMRzBeycWTbWwqgO0e+9sNfZabQKnuuwVL5JeRzam7JfL60qrU +NeQy5pWKgPdtTfqWZVSJARwEEAECAAYFAku8sksACgkQNveeQx/7T2K2HAgAyt5C837pTTPU +f5WRiRXtZfoIabI7CO0CflFGwXmeBA7MICybQ5AjwvmSlMP6AEnQTcF4lH1fHPlRpxTvDZSm +8ziDBqXM6+xIuxArmL5qZqEWJNsKThAd25PkDZlvaCh2NLjXXHW5UPp192SMTNcdc8bS+DFG +zEtEspzQCPj8+/27YG1aEEbvKb63qM811dheS0kOuLAJlyNxo/8+pbxpr2NZKI8cN0KhG0BA +J8X2Xl+yR9X07FNO++Y+rfOa9KO7rvzqsm2wp0G7rldrGuYIdxpOHVME6NzPNC/4fQQDeLAS +VMTwnyLJFnwUzYFF7/fX+CvRzlRlFhBI9Q5Ua3e2F4kBHAQQAQIABgUCS91b3wAKCRDBop+e +yj63/D/4B/4lq0slC9LDTR++nQyCtKm64Xnx1q7j1Svo1zYO74YDnrsnk1pf99W3d2Oloo4i +BaqWEbHgidvthd8xp3/s9nMLnM6j5faCosAzp4CxdmbMNhLQkKpKsMsMR+762iYA5TEZcGF4 +sjl1bhsGEkQxIsKB/2RZ26e7P7fUQrrmrHlQUIOQD5n8a3kD1mqiyOlB9BUATt6nzV8/mNF9 +iYOxFukqIO4qtMzLupJtDTOBgAYOrLSniX9gpvZf6hb9ZuG87t6fahUSoSxMHPbcvc76b86W +Mb7dpRpM1QAmCJHLPe33ecLp72MyhW5Mi6s+Fr/3RuyLqu1J/l0SmXNimPOioR1aiQEcBBAB +AgAGBQJL8HAIAAoJEAbXGiR4Uy6SSMEH/jlB3sAmBebxJcKyF5JVER4B7la0HkGoo8Eg3jTE +dg3B9PJEREBUTG8IC7xlOZ9Dmfm8WQVXtp/L4dHEMSdyqotoIHlQ5M9DYkdAmG+pQu5vb9pU +IBGfq3mfR5igncmBvA12DpAQfFz3jf6twLUIlb7YJtmtOVe7buROOv1+Gh66EPq9Nji1iuoj +E8WgOqweQevhVQEtS8jTM1SSD4R4y+wKtLY4IFFe6uhy20qonh754/43TLZY1pjqrkV1kE0f +Qd67hEE1aKDUE+khEigs/B6JVQGXS3QKkHuxilVfUjAwwCBR9v9+B4yVGB8f9EMDjZGyQc+m +Hysd43LXL23pLfyJARwEEAECAAYFAkwKim8ACgkQiQg3yKlCMvKbiwf/SqEnUkXir02bURBh ++0vlC8Hp6FZWzzvjzAAC7cCDcgjLne1ETBusvhb85N1/EAajJVHU/JP9MG6AGz9+OXObzwXX +uXAIcq3FniLOuXrlSBkuiqIJXSTViNbEavkt8G0/vWYMQbHWvsII/+YaAKcbqRSphnsGEp7B +y+GXhRPA+5n9SslT5hkM3/NfGEE42iaMU5ebaG+JOB8IFuBM32pIBcib3BqW3VFoRFdpdPam +7nACMyrKUJYE7yYMaaW3tP+gfMh7A/WP5JbzUX73C/PoIBTksHPuKPf+La4gyVz+Gl6D4hTs +MV+1D84Pvc27CIWbYfS9CBXFboprYNVeKu1Sx4kBHAQQAQIABgUCTBkxFQAKCRD8KDDbvIbv +1mJqB/4+a8Hym6dtI6Ub2fWQPIS97pgNgbZ8ifNyGJ2/gj07H4G3t9WLShoUzLIoTROXC3iP +sRCsJlsYf7BsueM45/9EG6TX4oSA8TgPocmibhVSzLHsSb8rNvgPYJEor/nb85z3KGpvpQHS +r7nCarytO6+1uzNRDLvghJmh/835JV7s9j8V9lqpWIlT144ZcQBOkwDy7tYYws/Wu0V9jAEZ +Yuk2CX/O9svuJkZGeOtxnsGGW1ay6776ph0nW4YUKVTMGdmmYzcTF+ig5rQYS479LaD1jTiz +CfSQpsoy2JUY+bPdtZIrIA9Qsbamh/RjKsv6S6rHmvHByhCASVb9gCYitLCeiQEcBBABAgAG +BQJMViPnAAoJEGt1H/WZuhSythAH/R3aTY+h+94DpKFXzBxgSwjC9s74M6r+ZkskBQKe5JVx +MMCORR9V0lmoGJBqIUSCnv0cCDELhANiBoYPpw7xJ48VNtD+B9ToQC7mIDveEACxCrPPd0lz +lasQuquWXV71FOMTPYMd7gqFFN1M4ahztkowb7Q3BXKKDjLyOE0DiG4jFDPznaKnyMZzS5q7 ++3uzC3xx2w3eG4r8WF+yEF7JDAnWc0SE9qV3WY4tsBOc/dAB258muqcJnk/JJrxOHrGYCSSR +6Zcodo8LLCBinLmz20OZX7K+3ruRwteb/HyxEQx9VMX5CvNu7YMevduhKIJOtuV2SueXEypV +XQZ0yJaVWNiJARwEEAECAAYFAkxg37kACgkQTIkKV1JBZ3Do0Af/XUUQgJwX0H586TkI4H58 +KWIItN9P1T7OIu8cYlpWOopvsRx+s+p5ntrjT2WUIvnnLnGUkK9id2Z8yCx+Hu46uZ74uF7C +XeNVZFcptCIrFku2vU9fbl148VakzPAYQ83d+/7/2YGpQjCOe0mrSZRBEibyblUdIEVe68Vy +4WtYs81hDUgHpMHOjI9gAg2pt6JwQdttz2VEbBPXUGabqovHBWC+9IZJ98JiXZuKWRWGM8B/ +jT3InYuny6+rnYT7BBUPWKGBVvYxN6PYhR1B+JjdKhKZa7JpHtrLp1/cRbnyyrTVZNeq/Enq +nkVly39UWAFv3mBfVtf7XzeKc2EydgmfpIkBHAQQAQIABgUCTHJtPAAKCRAC/CMR5Hmg5ZqX +CACRzCsyeBYxF1ULF0poTAJXBIWKaY3EhKxTQOoj/ZLDTWFBZ968ZqRrt5e0xbvSxK7zo13b +cwYn+Dy6EiIYQG+/rC+14DyZ/SD9W9/6hdZ2xO93fv3bZjNFH5aFOs/Oal4cWEMz10xJkUft +McyyNroFuyC7MINOWC2q7y089520ubCgQFLjGxr0pCrERY1tIGVslSnjgeck+PDY7RxrFqng +Qd4fQ9fhHwg7ZjuMZc9PYI/ls/ouxSJhHOVQ9k0tFc655Kpml2xVZSzl5H4Dj6/w0wOf6W86 +ofzyb6pOHZEvcNYSkkDZMuYdlYTIFJS1CD/fCpRi6Ifsabw0KsqeS08LiQEcBBABAgAGBQJM +giQuAAoJEPePn+hK5bYQtrIH/RkCaiHXl5VipZcDe2KIq4SaVeWwCeCDwZflX8F5gxh9Kl2g +AsVJ3E1BLjpzy31aWBGA5Zbz4xTXecce1z8zQLw0cnZk0s3iEQma8uGPpHAZ1pAeg9+6cgJ6 +07v73lRUlxhqcoF9x82wW6p8O+GDY6/+BHrXIsdR33fR2WkOJkU445Oq9ahJpf/JSglmZOq0 +NSZuRTLDbmm1iiLYYA3cmywFTzj1hA6C48i81S995nzdcM5AqLyQoKGHMMFKhsQPd3ThINik +ZOJG/en/DdrZoSX8vf02vL2mBqvP+rsgn1vSm2+Wkowt6Mt6qgOxfR0il4mrTdkevZ7Z4DoW +ub1vCIGJARwEEAECAAYFAkyKO9gACgkQJ10pebl4aWljAwf9GydcvcBjhqm+AkBxV3q1TyHQ ++fZM+jqUcJ3US+Eug72bA81Y+f1qyu4GiHr2fnT3i04SLRWp0T1tC8s7wiETmaPqGt2YBpaD +LGYQWN6sF8XIqHgzcfH1KWXiOXkjQ5IVYdxi7xsCuBJd3bsO3/f1/aslvBeIDTGP3lef8Rvy +twt6QM4XDe1tkhcUEr3XkniEdU2fIliyXzUfen7s0yGSg6rMz+RGQQb8Lce3+MVyPj47WTJX +ccoSugt9dIgJppFt0HYBu69iY0BXoZqN0rWACwErPU8NMC2KxLTcZZOvEc9y/m/or7s9CDYU +tMt99FscmP7eW8bcU9WeOXK/m0k5t4kBHAQQAQIABgUCTJD0GAAKCRA4pRKjfv/ZQb4oB/9X ++F1C/0UaoSPcEdq8u4XKNE1E4Wm3kGueKd8/PejTX3/jm2EeOMhXIjglofD2HwfeTFf0mGQ3 +xhIcOXvK1zmGXPMAPLA7p5LBy82j+SWx4eovfOtHQvwmHKFySggOFNzyWjLnuli8kcHjHKSP +UjyBb1OWBTO3LMnpHCJ+29K2hjH7m3To7Vtvb5Sa4lfMY5Tk55Nd0VqrrhecsMcmrGpyiRRN +aAfjx0gHZYVT0Ww+cQzDwYSa5dtODDu9n4VUUyL3ToRs0NXw0gfL5XmrXheL/B4Nmadoo6qL +X/XsGSY41rPUdSL+znPOmx7OpGkVXriwztwWUcWlJXmP4N90qIjGiQEcBBABAgAGBQJMzdaZ +AAoJED39xpw3zsl5TfYIALIJP0Yh4ejqWoLXyVxp1adXIdwCaDZcuiZLVmfcjwsnXiSuzhGS +LLYKhF9bCcIe6B2JWObdlDyB7nxAP6ucZBdOVA5VZbHm1lurZQqkhNh6hScmiyzr+jPjqAXJ +qPPeK8XYIQn4X1DRvb5pTurKd8CXuewYFia8QQC0LVSWSfaNpvhvKbY4dg5ab1Ie9jg5irXB +QPSb0eVCkUmwPc2w3ncUOVwdZO8+tm3IEgOwlzQ0/+jzPjdmPqUc8thcwbO1OqewKTMQbGwZ +gDFXs0JIjsh28UTNDACqNW0Mrclji67aVf5jFi8z4sTQ9yKx0tIs2GibZ1dGaRzV0lAmmU8S +0+GJARwEEAECAAYFAkzZrZEACgkQx9QhJyK6JkolLAf9H6OL2ayatUvN8aXIdYKJHR+HfVSW +SnYHfURkMYBXCahwfr4oxlhalKO4uDONxKQyymR0PFoIgdow3QcXhKAsxw/XVD48G+7UaJJb +JKnIVYad4P+NsizrUKlNgiYqOSjwvwy6epPVmCGHN5Sqju8BCRgg8rJni6V5NNi6C2zBTuvb +tSIezsne1gDsl6wePN6ZA+07eKAM43/uOkIawHA2r1LudgreCH63p5cHCRUR+meUnz+m/BBm +joqbvcuwh9p0hpTPm1bBYvUIf1ng7Swgsn8MzTYjNCEYexfibkebFUhxuALtJZBCqY7ziJWR +1TTHkZG8xv++Xl1aTTsPXwe4F4kBHAQQAQIABgUCTPKyxgAKCRA5aKi+24YrgJIhB/9zwgUA +iMrexFYY9t0JTf5Qz6a+73qz9I7iUN4WsYRtdhvHif17wMjhP63lQmw+qraelaOzhQ4ms+U3 +zq8Mo2anbo0x/R26iWMA+EH3Sjf9M+6oANdn6tD1coZ3VmosqHo5GbroWcPkw1FM9xrVHkQn +o2gTuZAxCzvM1pIt88hTljufDcba2zkz6l3Kl3pWepqq+qETrKRPAMQMH5gn0sJyYN5Fzh5y +tbLTTw7FSzSn4XAJ7K8P8glVX5ucW9cqnfuFYioD3roNDn3FRAqnnd69RB8cKcBdHVON4O+X +Rw6o8gKFsgFkGodWuBKnoTysMLaLmrTzImx/fwIjgY2k6V8OiQEcBBABAgAGBQJM/kjrAAoJ +EEKyNbRoI37wcmkH/1YMDf+yRiihgTUqzXwnnEI1TUMnR13O1dw7gu9vdfwz+q2lnOK4nhFH +tHSQuMHQod9ndoeRRRTaWjUh+dbitCOM2WS8Au1r8bHEGYzOZ4KL7tZvuKiCKx7vl28renRu +1TKCaga0Uz+nsyJ7CYGeWovmZtzkgsXBYQoH3x4JHzCsjzd881VnrG7DSwY8K7L7+b2uBzdN +qNzxf+843ZxizqjYblXgTP9iA7byQH8snOZ4WWYBo6o6vAMxxVNjp48Cik7mmkmfMkyn6xAh +SZGnpBpTa83BJmB8LbGcZnvGu/1E7XSXXvF0y/k3PDrlW7T9/d+IXrX7KDj6FmAaCS1IK/OJ +ARwEEAECAAYFAk0QH1YACgkQK6WpWRCHnfAsXggAq7Ld+UpgjqqpRK19QJXaPpHZDw1BNuNe +q4qcck12/p9dWw9MBJeqVj6UMf3B/PoEqhAhQaxOn16XJrZoDr2cTJVf6+P9VWqXI7x7VISG +58XWQpwn3rsTyhP1aCQ1FR7hHw45Dg6WqC0tUH4sW5OlYlDep7ZYp1by1cXaLH3UJXzA5oCs +gfG5+e34Yz8ZLLZ8lyO0FwjndxqYsNGT1lpaBWN2j0MSsRlKZrdYcuNrldOdSLnZ2ITyLSQu +oxEvviLoiFjByyoNdRDZKJYwY+Vm8hNPtrjzJZd1KfEtNLxs8upf2X/CextV5bUqRhB8ll0L +aFze2WD6iJOOsiLMT6wFrIkBHAQQAQIABgUCTRl+yAAKCRAzhwVoAoYYlCW6B/9UnL95Rg37 +EMcIG+2p/0C0f5SSaeFKFgHFDfbXTYT5ft3TrRJnM01DUnChX4cf9+AehLWgbg7dbeC8N2Z5 +BuJUmHfe2GGoiP0RJmE12hv3xk1u87fQG7a3xzrgDYnJeZYvq3gRjyoA8eQ3UrYVbdNN9t7Y +thqlJPuJaWNKgvXDHFwj1fd5EFPn8VH/4ixmrwJzEvtDktY7z2AQ6hd7Ga6R8jAkLUW/Gj59 +6ftAtI41eAdBnfhgkknfysf+P2Cvj6Y/xPh6ggf+58mwDy5R/6GfUPzqdNBTIe2N3Yz/7+D0 +JZvC5frsY67IPpeDaUyKDRh/Gigp+yW+RhuAlhSEax9HiQEcBBABAgAGBQJNJRlqAAoJEFuP +LTI7NBdOIvEIANYVAyHS0NcZry2JHEMYsCa+m8v44ytV61qWRDbeLbJ/0UTdmzN+klq3BuEK +0S11cQUylFMaJYmi2QRbYwFhrNS+YIrnD89dkQ9Mnkqr7tC7zGOx/GcxntTy+8dRBh5zpGIH +XFY7BclgpVRCQ+scD1qgY8jXNar7MlioFJ1xoaQAYddrGQr4S0eswHcL0i0fLqeSCOkxWe+8 +aYAMaU4VTi5Zu3hBjS5IlyAPNwcK8+VLynbTbs2QOfMvXlK8YwwvVabawmUa3YEQ+EWkI+vy +JTEymlXbkV1SnTf5s5f2ZWt1eohKAkAVXAA4iuFU5lTpj76F/0VrPChmaiphedKap+2JARwE +EAECAAYFAk1QG5wACgkQo0WcqqOyas76jAgAmXDW0G7X6jpxjtLYCJVndT7Pp1vyBwa/yIYL +iZgtO64MeTMCBZoI+ETw8poQQW4pJnBwCpiorXR5K35HZOP2mXhg2I/BBHWsI6CAUTV1FydC +JywceD9Buc6jm3gLrxKU2MJXgKCRAQLbAZwr2dtzTPTolFHdd/hNAwh+c5PqtEWxHwKVYBxt +UMFayop/FrBt83t5G/lSEXoHpE2fnjxhiS8tQaNEsMZC88dZ+lG+uIg4Wqonmt3PVJ/gOWKu +AE9tV6HPG7bsqc1p8e+l44qrDhWmmsvtR15vx4ohtUK9cb07fwiAtD7EYk32Wv6xKNQ/nfWs +9SBdpoRABBGsEzJtWIkBHAQQAQIABgUCTVP1AAAKCRDFKoUXoLfYLn87CACXjTJP4zKKZ5Dw +1qWm1zHcF5k3eWHZvfCO7ev7GhB6Jqp+LKfNsLct1bqza04WTNfI8dYh8UIJ7VNVwbIMkoTu +DpoRxB/0dnc1OFS9zoS38Eq5U6sTgcVXwhiSqgdP5Sh09WltJQqN15HiO6cKucb9FKLZ5xri +WDksCIT7y4hG7vpmlFLUALBFtRIOdnWPordB7gSEjpA1LrVsdfbTIp6pyrIxjUcQsJoU0xTU +iLCAJNxtrM/8PuVggl1BYuxV/LY3PImWvhbPSF2KvFG5QXBRtrxnAzUBELjMTTdWh7K545A4 +2zcmb+aeiTmK8dWzGab6p5b/OiqKA37YnCyKqfVQiQEcBBABAgAGBQJNVCgRAAoJEFVzpOJc +XGFhnPcH/19lPKb8TvAjT4B/cHjr83PQ+hStFKjpNs6YijdcCPOnMDk/PXlIgb4+D6h/Alm8 +qKi8Eiw+y8++RHhXaVNNkiyDElJNDIGPG5uAzHofwQxlapRfkTld7q0KcANIOUAFc8KZ+HU7 +F405lHmCr11BH9KNmhZPXBqsJMRtyasub7niU4oEn6rwOVWQdCKAM5QtRkPZGRHrYEe5PYw9 +gvMnHnZHsDDNO30vW3fbkkg83zzBZdDhyL5+daelhRGQ57qHoR2+X0w2t5menQ/iSDUrxeV1 +sBQZCqDUqf5FOmYsKhUJ/LBg4ZxMlQAVgw+kBKF58ZzBRQhKmcwK334kr74PK0uJARwEEAEC +AAYFAk1XND4ACgkQKnj8WGzqmMqRtgf/Yd7Id0A7JJagMz82Lfc7ebT/OBsDvSO9KyC3BAr0 +sX5vqNZHlS50pZUU/D/gi4Ca4fvyf3rg88YBpwWcbwpq184Y1gI8eDOHRnq1xsP39QToxuk5 +V96g6BeDsb+6sC355zeRcZEYSVFUbMetstS+ZdfeDcFyVeGaG01CPUVW8cCy/rOYdBz5Yf47 +jJqAahcOVZipiiDvnMStYKElEaiue86KyQDQPIBankjFqITtYcSfpaR+t3/TkOatdRDPrVg8 +5pVqdiR08sItAQR2YUYVThw/l1e/D+k03ZiUKGN/03CL6G2ZiVsdLDqUfZaRX4zVCq9Q5UdD +hdqfS6lGyaPqkokBHAQQAQIABgUCTV7yGwAKCRCivuCSi1hE0JjbB/409C31ke57ClwIOS6E +mlSKqdKWZrRnBbm4L4w+OjDgYVDYXd4Is651v5AzAvMRya7rXc5fDbeQHu5dRTuJmPovWXTL +N+vUKco5GB/h4C23FKJ/m666i00btBgvLb4rtNDyrUm4vqebUL13bZKYDy9YAgVHq/wiSO1m +A65mF6yGs5Cn/GREhKHrNC1FeDperbeKWyEr62J05R3GvzGPAlID4JyQs9S45coFBe7QOzbb +w5F6mLDvwFXPP9Erx8YoV8d8yD2C1jmWZTEuomegjceuqfItqqGWyhC38RecouA5G1idu3wm +biYn+9ncivgCKg1Ku5twhyKs98Wmi7QYDAO9iQEcBBABAgAGBQJNbTdWAAoJEIHq7RE4XPLs +kCEH/17Pf5B4CMqOYratxvoTwIhvpl1+Os2whjB4tu47EmymoJB5fKSVgmW5ge1SXA1uYwwW +zt2lA7k7kqcOAGAz1CXErR4zb4+3AJAF6UPeyL9Gxv2t/mg1QZR7W4mu7hthgHU3j2PcrSIC +KokDfRJBEYOQVgi5brHti7FSW92SMaNIi5znrqwLTzXwhGJXH6vop6xjX1f/mU+D1DvkksVs +oQTWbrAPeVIGQ06VcoCvbhGCBAKODemFmAPYU+EiYcy/FD049RpPdIBm2hYlCiJyFejYWNDW +nfpWijdbqhq3BW6k0SnLKo0gEHPU1Kz6t0Dic5Tk3Dph8+JJwNPWaazk+oOJARwEEAECAAYF +Ak15BJ0ACgkQ/wPZeS7wMLdSYwgAkQK+5jCisq6JzTGt1NnycOqNkdHRT2A6gfSgJgSpZRJW +xclQLx0H6iFpe0FHQB5q/oFlUSJ0zGtuj6OZk50FfcDouO/KKAHkAEVKDdPLRTeLCmGqS7Xz +AyBLzTpvQ8jvFr4cDfWn3alaNb9o0jfT3j8pyOtF8EMTmjGPK51OjSiXAAwIbycXUrYkKxK9 +oG5PSDWR7pfJqicT/OHX0Glfu5paGxQO14OAsc1PibvxOYLviGWrv2k5LlnM6mRKZulMD0nv +aKqCwLq+fm2j7ml8inj8P2za7Y8C4OT67HdXuIYbEv9rAzNI9mvQqpGTS/+3BHm+z8RZG6mR +1xTTXjGeH4kBHAQQAQIABgUCTXlB7wAKCRBI29aQMJwwXhHjB/9kzpt94tvnAG6AdpAvPnd+ +xoJKG0jMNpQV8XUM7VV+gniDrgHudBY/258MNYunRue3FByMavQdkTrWlmc2XHwPgEMbuG9u +f/I9IbEWZH+NOdoVTLCfhDk/n2LSlPr/Qgs1ICXuP3gobMGk0N7C51mJGzZbbaCsZ6qEqgrD +vuRUFkemmKE84Fux2F8cDSNAGzlrWJep9FtB5zkafRdT7PS3J65MG/dXvQ5TezG4EafJr+hG +8acjoHBDl7Ykml/lXt2amr3FiHFaxh1xy4pBp2K4i/JM2iPS7nHgGD4RUTLC0rSfZkt7Zwvp +BvQy+YZMOdo/xFy4lTKKg6eAbbD1nrrliQEcBBABAgAGBQJNfldHAAoJEOBS8lIZrmJueNIH +/i6wRStdwNYBWnfte9ly/MNkHgrkGx/Vp6TdmBZjkwgnrli9CSsiRKKyalzVQkdFwf3mEV0Z +jURt7KYG4xbS+EfEhmJZ8K5uENeT6i3tgiGj1XM5s7SVJWaRCDulZqrNP5YdWDPBMjuuBvSH +hPR+LLVSmDiNvVvqaKeLw9EzKCGuur0dNujCnrx5Pj7KTh7TDIl+MTwEzDlrzfGkUeGoVvop +LWp2cL5lAM/jzDgyLsy3WGGBoDjcjP1ZzJsk7LN/mHzXrPuIX+NDoTauqGkAnVICUiBjcsdf +hIkSibsMkbHYxWOBYhOfDXTrAmd6WGTHxOlOb4AEjmGve1psev4+j2eJARwEEAECAAYFAk2C +O9gACgkQvap6Rtxc51HJ3QgAhRWJnkP1SjEN1vxD9B9bWXW8KCFlNtBU5e2Q4mm4HwrYk5Bn +K3oH1x2wqE9NVPvH1y2nnmbmG/2Ffm45A3CbFBZYshcxGiX9oWl76S36gRxIsvKEciYs4ST1 +snJfqvBzERdYvCIsxG3SWICjnD5KPK2T/BlX4yFEGOocqLg5k7CfmXCkfKWeM1IpAmnuX62Q +MYAKDL8f+v9Iwe5uc7zmZWGPdCLtzzq/kzA0fSyZmghBOTKbVOroL4fNy0YdgfEUOrtt7pNf +0/+MDict/gXtS/u9/KDNJ2k1ZHB9QsbZNQ+ufYAYLhr31QLzKCUkj6xGD5+rgrddL9cNThpo +bpn+kYkBHAQQAQIABgUCTYy7/QAKCRDyzoJFhJCs6waEB/91/s3rCYk/YxtnGUdxFHSCo1Ze +DAvfNKPXuscwDiysrW4/+YzDfVZGt4hNoPrQ90OzDa4Ad+KWo6zpD/zO0FU731VufW8HeXf4 +ccxPrGFvAca3ThlyMhaOuqLQjEK0eM0H2osqVEcWEloMDRscvecDbCDX1E97o3Z3DZoWvGh/ +kcP9mZ+ecbs7IkgctIU6sDGhA9bYoDdhX2Icv/v7XCyYdKP89pSiC8RdQ0oncYvka7N2lCfF +FSbFW4hIrRTPVnBZxhlWXDiLlLamGVNhHTTx27o6nOHE2JUx5fzxNFttDCxmo8peDKmlw9US +G6p6AEMXE2oAsh2JDI3hr0YVzEKgiQEcBBABAgAGBQJNk6+ZAAoJEERUi/QfdRMWE70H+wVu +H+jdSa7WyH2XrsBR2LSizUpf3C/Dnwf2TUSuAUZrTG64IVM2bmK28KhVCjj9JqFz0woHsDCD +Rb5SGF5s2abc+iM9EswrYGl98HbkA0f+ZKzJuzxZg4JKM7qJlr/kwxEnHLULpbNeusY6lajo +9U6P4bB5JNy71ShbwFboKZTf+LdPfRddhU8zN6KMscF/N+LEilJ0yRd1dp0zMIfJ+iLo2F7P +zxEoEYVZnLTRa1YEvHUUyxbs/zAYvYDjpOFaoG8kZkuCGjnH3LQyRDsrgz+8ldN6SLO97mvg +qk9KKHL1BMKddoTEixF7Prb7Y/d8Hq3J+sLpLTbD0oQnByTFsW+JARwEEAECAAYFAk2Y1ZgA +CgkQbnQJQDRyCizHRQf/eMSe/BhJaenrdcl5GCeVooKRwhGAEzHXUAPjyFpx+XMlpeypNt6R +9QpNeXt3hOEvo/81EY6s9tjG3EnL9wMUj/FSH9Hb1JNafHpkJ0AS47oBEfZxhfb6275kLQsH +VVpkSQ86TsIFMY2PbSl0eBiNRkOjuqS6UXZ0X5kQ3Lz0P3bKreAK5JhpOJ82Y7+mVW/8QHP8 +WdIZjpKFTjoZflQOPBVDA2P1GgouyAaE999s1Bm6CPcTk+ePX8M87GlCxjq9EQSruSPN6bK9 +JukFMjTPjL2S5CxlNkLM3fNrjySC3s7x6M9v2xHeAGm4C4KLpIXps1k4/alDZsGqurnrbyov +JokBHAQQAQIABgUCTbJ2RwAKCRC1lGockFz0LyDPB/9JFNM0xVpTgiGoxyBibBKk5OdX2igO +DW4FnIPue/jPaIOJbdtKEP6Udpt6UInyoak5MSKNv2Gcj8nTdeAMn6y1NPqImdBAB9pqZ8ls +ksIV0jqEXCoWwzIugewPh1xJp/XOilRXaNoKnBmAVhAzPjgEO+tNnosTigjJaRAdtyqkRa/q +msoo5KGrpg/A8e5Peywckrf9Mfvgi00DuOEMpsfNVVrvc+I/1Q03mw4qP3ofnVEQBmj21eOC +7M4tbyiiALXbicgau1eVnAM0z9Xls+gKbcuGYUoCk+3qY1f6W1e0OPp9fvhtqgYPrK9aec9G +BX/H/Nzhz3jz7M+vpEwse0g2iQEcBBABAgAGBQJNtVsAAAoJEC3VOcBqXVfqH1sH/34wBXvf +ktCQJqyp5vDBY46CexFIYoK9AHVqB4+2MptZ06dhEw5irTDTlgx2nneN2Yankbf3v50IltpF +7hLvGD+YMamCDRYYPuq6lOpn4Jsul90apO+hAJPKo/UTKdXPCRQRPECgnhrrTobuQnw4+qql +u048nm0JbFfPHK6jN0biuq44CVaxh04UJ7Pj1mEmWCC2DRbITBC0/ZsB/xNFOk2DPRK2q0yq +QYv7KSPZNR6harDLf9EB/6zuopMBaC0RxLfJYK+S9+/ceqdYqM28oGr/ZJ/WK20mCmb5tmF3 +aXgjcVFMENFReVnea/R8etQgVSo6KIF2/yHFA2WSnKyfNy+JARwEEAECAAYFAk3kJ8IACgkQ +83sE6csMjVF7Wgf+NQQZVexvZWgtGmxfQVS0h9u8iM3NitHVwWZZ4FxdlTfB+UK1WaoxDse2 +w8l4ntV++1rUEhC39RQVObkilGoHRZBYeQi2wR5+c3CcBLYV76Z3GK2nHtqE71aVGnlnGMdq +ljfAIweLXAUNxSrt6NvGKKNi5ONnRnTgZMbjt+ODbYF7/cvHW9T00e0lg1R7d7I7Fm38cF3Q +9LWBoCHnJ+cg7iJ5qvyCA6EnVfsBZGxuxrWBpXaWWO5jC9OdysIt9uTE/2yJFVSEkCi+/R3D +W231qok0QQxQxg59gAmhGe7ri7D9cS6kElyCD2nnQieOMixlzHWovJMIBXhaEpTpJgvjXokB +HAQQAQIABgUCTeoc5QAKCRCBtUKBgePkBI9MCAC/bYkqvr5kO211weNwYYt5kwgm16sOXhod +GRDf0HSYVAFjTeQnJCSx1STEf7e2fx81lg86HMOufwwkaK6QhzJJ47Aw7VdMJpN1gLzfiIuv +Pm+Ayaner5FY+/OwIKRDeIdiU4zbfIRVorDCvbYz0GbRzuatODGQX6yqM1ekxMC4oMQKL6Nm +zM+wlv43yOW6Q0SSJQEPBaddl+w28I8btJFPtJ71MD1U272PkTQFFrJZLEd39lFvC+p6TXI2 +0Qoq8xrxtmOcOf0hP0tGyUzaCUQCExRAt5ClPk3+EDfiQf1S/D2SCHgQdmFh9nLRoPGtqep8 +UQhDQ0mSrJ8naDeCubWUiQEcBBABAgAGBQJOAsFCAAoJEA02S/00iaeHL28H/j8bVeXrTTtt +nlTkFdU8D+IP9BfP0CDVAUhTsYoJ3Q2pI2aXN0MqONV0a/cSNT8My++o5mH+nATkPCuiufSb +J6YAG+Ct6VqgIOzNmkUgViyomZpc4j3QylJU6dsjI6nQF2ox9G95D1j3FU9aCGfKCsSGXsbC +NR51pVnrfdn4v/ws0k/QjJd1iTqaETDUs+AIJURpKOGHz/uGzLitbYZ39ba+sg31WKsueO51 +qMMaLZVSDHr/2upm/zkvb3krR4rS4nu9gji1in4XgEIAhBMo41QkAqGJ0btEEQhvVOeMKbo6 +omgr44N9G8vfjsGW9HyUDM5Fs+Lc8KUaD6WR5ZQwGaqJARwEEAECAAYFAk4DRocACgkQpr/n +bmArsIQ6yAf+LMuHIt66pZQbZJTya7K7ummrarLnV7DBf38FJ8y63zVicRSKZBveBBzBEn+k +lw0/4lrxEyu+FqckKYG+IYyzcmFFDD7JxtZut6GQPcIIicwdQYKiNJ+E3Q7UrC+I1SPeK06/ +51EIGBJv2Zu7NgZxcZZXGzMGPmPZJI2e2Cm9eoCd5aQfSi5O766VTCZA+CCCJ+NqHFaP70aP +bGMVGo0IP7uAar0mE8jKqz62PVSfmCYN4Vw1N8WLAm3H3VnINRgwnTma4v9PjyORKFxcwRto +HpGurdT6KP/4Q0wb02Jxeqe+JwiXzWU/WWvVQW4Cqzkf9molYlx/dVCw2vEqPQANIokBHAQQ +AQIABgUCThZTxgAKCRD7aZquPhMKUT6ZB/9D18aNsVKMbJd5QnX+PwYKN4SqhD38RZuPa+wE +/Nkbc5xhpGyRPFT6rZ70i9Wygo07BI6zCVb+2SgnhSHOvA1IDFF41IGP3PsgO8FTeejQwZ7f +EaSF1q0k1fjmNoUXjM6ndT13XPVW8sA48vLGGguVjE7MJzn5GskjjrXMyfHLOQYRsCB8Z58l +ukNSqkz7XY13oX9n+HkyZN+hWXODHqHeB1N2aCKTBUY5ZK43wkx/4jfKo28bLr4fpnl7WLxa +LtX4s7/lDxmzr4UvBWHOthGdUE+TJ13hhlJF9Q/64dLK03nGIST2Pj/PxLu5YbbAD7hk+dHg +6VpOp/qVB/kNnEbciQEcBBABAgAGBQJOHmgHAAoJEDmfvN9yi3B1VHAH/1FLZ/WJ6Ld6n0VX +kKX84OcQVJf7a4aKcl6y3bAyYoovrMJYZL3RkdYfYJzNE9ZqYplCn7OW/X6uBhFReJlOHnme +avqdHIj3uwfU/5LivPHKyExwpgB0hJ1pz5QRYMxo6irGSt2wG9FqHUAHC/odNQY2aWDOATxG +SV0ox64d4Ru0morwwj/ij8AXRx8t5IuNDFeRiJXHNGQ1UWzre6XEDsOWs0TRitZVN6zMKuW4 +elhgbwiQuxY9ZhV3YvJ+TSL0yQnbdIFotHo0qzD0d9pSXJQPkOMY9lo58jRKbPa2TDnAKiLi +zGB4vOpZwkDOjANevbXHBu/Qxmu5NF2eZnm0Cs6JARwEEAECAAYFAk4n7FoACgkQ58B+AEdR +89GYxQf+M3tI0QyCTb5ZKtX9neuDiJ1Gx9FrmN95Ymjks59tmuJBzBQsveE0UceFsDaZkOKJ +wX6eywKzkJf6rzNMKTn548D91dd7RS2nB+ND7fpKyC2EfBXpjCVrsGG+7N/Hi9rqnVsBeZtv +ms9pYEm7Hi4Y9dZzIPpRiwAsqmmM94u3MAlaDUl1YGbR7lJA0i84OJUYVqkxpUftg/y9aPMV +ySDy+O4l9gzjVK7CD5vlj1On/MFnWCvvYQFkQ6ZHx02UfsL8pShyHAg2vvcU9TlCYwVNRlk2 +5mdTWh2Zw+ChUtyoWilS+n8SyP8ttnoq8jiJrxHQ4IVuNUxWqC+uQz4j64AKVYkBHAQQAQIA +BgUCTimpnwAKCRCQnB4bSJrWvLlFCACmcsS3/aw1QQj18UEyIrjLDtkCGhFdhpPC9miRIUtr +7kLTeVitC0rdDGeVPCjDhYoDGp39KfsTxR9E+tYhkH3S3D++cVAGHRyxE/FcYZyHi/UKTXw7 +dhZB+sJAsaL3fLAZjmB65jOXtqvderXU0HCoDqhbFB2E7SNB+llKVlFdOAD8id8jIkNnt4AI +4l2CSalKVa/fOhcjRA4ygktXBnyUD3GA/l5szCcCwae7ZqaSB85jt+HhIqXODTI4WqqSRoG5 +ytyYV9zmUw+yhGjtB8/IZHI/BqCjfSZ2F1Dmxy/Bc+70Z86QSrODPSAcVzgcmoarSEkm3p7c +U/1cOTzq3Ib/iQEcBBABAgAGBQJOQebOAAoJEK5905SKX7IviL4H/1ELnrg6hjcuZea1Sk1t +NG4P6m+nQG4F3C7OaLxjtvhbXsVkkroJBhe6KV/jKf12QQ5QQ7EZtpqMd0/eVqV+asXCRzSn +XesSjBxHSul0oa9y3Hoz22QpkRDm/7UxTlvb0QJ1J1tKfuRSWp+rOhRMYEd6IYbfzAUZaLgV +rnk+VjQRgDRUrNcNvZBhDq0MPdZnN9MhZFzWFO6dCzUOEBNFkX4tbBeU8YAW9/ZJ0zcRUoVj +MCA1vhMhZthEJZ9GvbW6qGyVIGldEHb/eJqkp6E2fXOMmbzQGtjxzVY74o7f5PBFKGA+DXoL +DWrIm9PxS+auZWAzTgZ2s3jW/I8DccffQS2JARwEEAECAAYFAk5IcZsACgkQfXUfnkPamRdw +Tgf/TUJfUzeCAm6XUVss7o4xvCHcxOZs76QF+McXx8xVwrlJIzalVz5a3TPbge+Lk0cseOt8 +WYBzyd5YBMF+LJ1AOz0vuOyRjWCDIssJdof3zy8SJERCENvx/emm2eLz+kfq2XVwVjHaPEAC +35HSe3bSs5oBAA47vCO6OqZvoFtYNuZ8l0tY8ETEpD5cJeANfl+vcVySDIEbW+sDTuk2PUjA +BUBcq1gezuNrI0+bctkiwDMGh+WR1xx8YI1YZdUO0+n+Ngg9LEY3IlBvNzwOyRi/bDXxMWwF +TG4KZB0D7ssZOw7232dXl+3pcVndhifhbVlawWjc0evmMU0qrbS1cdtkJIkBHAQQAQIABgUC +Tkx7TwAKCRBdy58aj2D16G24CACfYbfE4fx7Kf7wAceqX2f0US2RPQD4ioUK+bOl4JSh77MA +V8uNS2FslF7yYX3skAT/qPBJPgT7bpdmFghcRtQUFLpvZ76fcBtRUW090x/mkL/SpO4wwIS3 +/BZqlCBl7mtHUwYyl1k+yFbxWOYHPLCdzOJ6PUWAop3k/QDN42+6TdeG7qViCQiiUFHZ8i/D +wScUNuiqjGiBoN92RaMqjobh4Juv2FJYa+y8b6byeV4ELNGIbnAZ+VUshrq/K1gmrRfZnzmY +umjfbc74IBcNPRAxx6KlNPbbcWKRFBsULbxsiFGWu4GME+bNyO4uHt5CDv12UAwMUQZ2TRXy +6gA67PaZiQEcBBABAgAGBQJOZRbtAAoJECpP+u5sbiaVV6gH/1ZzAQqB4UZMVTpEoL+BC8XZ +zcrEiMWp4LaAsXj5LVrp4j9Yp6W64Unz6T9B9KKNyB+85PcRgfb1wNbWSyNfQc2/xjfF7H0l +GATCS1Wm6l1NgyixgcKMS+b54WkAFH0czuToNITqDouRVuLtJMZujg1ItkUFjN+FgOjVW+tC +xwWc+MHS4JzWA4Mgj0hwpLKjo4faksTWHz40fOOktZOnTxnj0NfndciL62/8ueuu2gg9YgEm +Pce8I6BEgBQ8FD9Y7U0yfQ3IekI8kCYNxn9h05JpiDnw0vVP8WcEgBv2PXLhI9XL5ABXiaL0 +CcVHpiGORIau5fVc7S5S0qSQy7Xtn/2JARwEEAECAAYFAk5mCd4ACgkQytrzOKUJG1azlAf+ +M0X8kOlCUZ8Z7D22VrEBKa7ETCXl3pSp2AjVVPElWTbve6Bk0Rp730RPxXwGyPE+Tgs1ZF/Y +iOHEeuN+OB0hS9qgLs+AfaqSL7wcb0eWvkwFVJuAbOQ1ucV8cCJtkMELv/SL7ngw52qrvoNW +erSRphq3kKEPtfzy+cU7i3GjvyMxKoxv6AFBGz5VNEwXPgiJ30g+U2H7nNhd9VCFYYI/FUyb +pg8S2AWNZQf03Rh5pMARXcEK56AmsotxYH09VQOlYNVZZdLwS93X/INzPpUzmFLp8Bk7AFKf +HPVvZNiCCbrKbHpKelPKKQKgQMM1iM3hMcSvdCs2FiYESwsMADMsN4kBHAQQAQIABgUCTnWx +vgAKCRAHJaDFOO6suPliB/9QdF3DEPowKdEfr6qPhSOd0epNsd/UYrzXWCX2Et1grTQ0nIGD +5PnrsfcSr7GKdAqCL2ByLNT2V6GUxpo9M5mpQTTDR7HZLCfmRdwSXDZLfDMxB55Dl0zNIV9t ++C17f7Bs4W60MuIiOjMF3fHBiBYTEuclJQk4iGvca2kK4jMxixKe0KTxgnnMsFv6MDrDkIdn +5CwWsinDvjM0PnitlgHtW1QhnTCWAeEtdSHd4otSWc1GikelEe+GG7O4jTMZvQdmmO/I5T9z +2V+R+4y6E0wK03WFqfB9X2JVCueDNHdCsnuMBd1QPD64kYtYWRDgWu72u4pzIk4fRILU4lX9 ++hy0iQEcBBABAgAGBQJOebKZAAoJELyTxhyFWRfUf3EH/1iwXoF2dLVoWixbp4BWXzDAbjwl +SQMcRL1jlbLso385LXwEiJJJOKus424KXlCRDJRIDvU/l/Ugjcta/KZ5ngzQieRNbSxxSybj +u09ZD9r0+ICy+B/TUMDpXNnrRDm804O/BHNh5uRc5uA84NADwa+2n3mBQGy/17iuOE9+k2Qb +foTlQ9boc0jYuXoVMmPuul24aMqd+r18azgPyWKQO85wwc9SMDZJk/5yrHOUIVr16XDBIZxT +Rk6GgXrXpDyinh+wHbGvRiQqTt9pqXJGJup0Oa5vkt1/4MnYFQmS/KBNOjJlsXp26FsC6s1A +7/Hptr8og2hPuKg0jsEYp+ZCkieJARwEEAECAAYFAk5+VmgACgkQD8ambWw1lY89Xwf/QQ0Q +zsA+dBTpwDc6JdCGUGKDpyDpcCeuUDqh4udGeayeMLai2PP3rBiTwRJGdOG2rHMUSai7STe9 +cj8CnkCJHrCoTtDRV7KMc6/47dCZlSs5GDCJ9lw7s5lIEcxcaAfop7Zsfj/LTu39i8t7175x +H3tMN37MxEUh3yBKpXb+AIEq1oVgk7WiQmkjPLsY/3yelxH9k2oC1RNktLph5wgEZpqg4aOW +JA6NYc4lt3XC2aemFKoEgv8amXJTnSCjYFmaWc/CKBQc0WnXWHa+EqIGESTUbubVXg+dXuf9 +AwIYituasHzPMy4qrd424uCVAnOBCQNUhf3mwOhZHeLmRnMu4IkBHAQQAQIABgUCToYKUwAK +CRC5jz/sVholdXxTB/95aw1SnNiFRiAGVn7cmr2QAXXKT/Gg2iBGqRiDHZbBCzCCGEBE6zzT +hwtCECLyeTPlst51YAZXUP7DpMYZlHsaboccEyb15J+yFhRSJRkR5uSHdnPazUGXgeAUfk27 +F0WdtJ540mi3LGrYOQbbHjJRdi4jPAifnA5BowW13tSu2SHaiRCUr6hhLUmfdqPE0cd+OLMK +RVaCH7kEFrZdCvZH7zcq/X02qIQuNR9F8iH4IfqFqXJeb4ogVCIyg1AlhJMUyV7AFkJczRkG +pqL4s0MzmzSVbSLgrhENdu6fXYRXJh5/cfZisL6ZFiBRKxibM3jL3qfKwZEMp91FfvNgNF1C +iQEcBBABAgAGBQJOhgysAAoJEKMwhjPc7+l7yL8H/139uuiXoxxiR+cOl306gtRE1F0kZMMi +oEc1xPABm6zHaFa71+QMrj2kbiPKor+Wlq14XFcwQPJLI05oFe9WLgWH102hMW6SkBBq0xbk +EG1g2T4ysw8mmbkZDKrByjr1mOyj8pjpAEdaJ1mMtkhlfZZOu3M1QLheMnRbJV/i//mUTcwC +Eo0FZVc8ORgiR4jFeH3CZyXajlm2SrY1FlobwHyHTVo2vTmJA7DjwJ1uX40KoqOxIP+LHj+z +3pIhW7V9MpCy4pyUMnDbkasePW8ifJfwUTBNYrzpGuxLWAgPlksND+2QcclB2x4QLTHyEkPO +IzlA2OKzWUGI8vrw/M9iA3WJARwEEAECAAYFAk6cDtQACgkQzsWzh+VHGMMS5Qf/edEvWaQp +7s/tfwapsMfOIbvt73MwOiml47UN9DS2+CyZ/opAkIuCItQ6vWXkBFrH5ug6/HkHcKlZ5ok4 +FSv8lq0yN+GGw1Wo3tCNAF7ERWvQNnAn2HVigs6P+fjhOz2IcchYNP6ULiJ3VnP7JyE1Mwwi +rscrcK+gp6944oLTu1mI73WNMeUgqbjTsq8HC1dz0I0N4b6G2+bSyz2I/Qu0OsAqZyA+Wlog +sKRXkk1JWNv8FiWdBLQPiIeYOdt1d2Z5QxdueiBWFogb4AYhpLXfJ4q3M1bzZbOcW9vkdlhv +HiiOGHAJxCPKxKLlTIXftclPku8JqEuprb9XurQy83Ff64kBHAQQAQIABgUCTqIP5wAKCRDc +JTETV7OP0+iMB/wLy49T5h5kzFHc3xbdgQEDiYEAhm7KKA4lDYDlLfkt3JZKBman3USwUbEh +HBCj5EjDsVetjg7nIy8YyYB8my0lBYxJ12i9KBWi/bfjL2vobuqB8KsnBNh4s6tefvT3VsKV +0JX9gZLYgz6kd99MggB7wXkSOazaDuDLBuj/JX5o++sSy3m+O904FCiXe1aufZXhL6hPeL7F +UXn3Rku7qGN46XRMPVF6VkuJ9CrosYn6gERFcjIgamY58WAWdawH8GA7U4LQBsnrZvKiwqED +fvE8IM74tvaFDNjOEjwULZO8LFpR3Vpr1VrZ9OAiBaoJryXK+iZiXrH3Y/nlupLSMJbviQEc +BBABAgAGBQJOo/RFAAoJEM9PbQftFAEHfD8H/jVvPy7Omf87vG92k51iB+/BT4lxg9WXaLX+ +9XJ+VYvUq5SZQtZ5RMAVbiCH2hxNXId2nNqkrJH/4scYc79oBslEA4FK4+4ZiV8VIaFVQ1uB +K0rEaTRmqc394cren2v23ThMxpo2R7mE/gco5lEK3VAMKkOezKKzCWVyMrMHjoi46zcyoxVm +kKD+Rh1lKCRCc0EtkAFdRTQs780Bfh663vpWkDZ+x7d5OACFpxqkC5bZLx4VB73K7dfYBHMU +kMpYIM7jIlCvZKmFPmUvIBc+BywqSCxzIppHDk+vPblgfrcA/PT16cCGQw54Ueo6PuMLM/Z5 +8K4xHKwvYBgEiF/kZSqJARwEEAECAAYFAk6j9HwACgkQOSJ7wLfKUFf2Ygf/Rmwuo+6RXwWl +CfvDOQBTemXRrYAki6vcBTEhQMIrpUezwZfcpVFkZiloN+FcRQfutvpg2UerRAx3ihC+OnCZ +RZO0/AAWOIueWzCJV39lxeXkxjUSh2FsmKJ5fWaOBDcF491QcreI7egJ376YHaY8NjuAHIVF +dxYCQCYBtV6Y/ShrtxyQTL8Y+zQThL8VTR9fmruDZW39pg/B0kLLsZctdsDX66l9M9M7J7KJ +5XEJe8VblsLELXKZR0L3OgTkjIa0tg6Ivvhf/GcQfHE9HEDDzX7v9cVj0YJ29sd8jLN4SM8m +eLXdVKZf/VB5dnq4Xab6zlbqXNRaTPYrXpWnYhn1lYkBHAQQAQIABgUCTqqiQgAKCRC3MQrl +8EVprsFzB/9bYMb3liAT9DgIyvLVgdCpnfoRXfcJ2mM3Dj1c0vvadFhLbrSFmCDzz4lnPpfa +/j8rO0U8R1J6V0seZlRPD5Yb8dB0pYAxojHEgwi4xzcMiUBrwCCNTijE5BwcbLO4a+K0jUx7 +Qva8jt6zMcCcQgbTs5giVbJckwGE53J8oTtM+fGJlJvrZG8tsMD0lb/Q3LJZY3nxnOJ91thw +b6K7/3LD36dzwLajBmLqbN7Un7JXueHCegwiKIKLzPMpN56UjqBlZjD7vqFAeXuZ2GOOuUBD +P049BhMWTD5nC0cbjqDtLN+ZpA+mfV4eFvQEzGTYZNCBnj8d9XxtaMXtbpJQH/MbiQEcBBAB +AgAGBQJOuXodAAoJEL/DIi0V5dqRSNsIAIg9Q9yLs7Uo6bE36R5bLkBWKi08ZT7PU9yq4hN4 +Dx4YP267kTRTXBW4u/+6f4GyqW0FRO2aWWdC/7R+raKb2JVtqCIyGImUgHs8+gfMF3c9jbrV +F0T5FNuRSj9mCkw4pU/L1H/WRp1ucCOr75T7Kj+AB9U0HWunCYGlo8SzNRuw4ds1DcCmFbwI +RTeyqv6But7e24QdqlyZKbrLR3nfrbyMiWNod3DCCgrOXw0gihizEtKzyFWMKQTqHumZWrab +Zt6E3drZFaQyc5UQDrKngOVxAk12pkH2y4uiz/DjFoy1fs+JVSqx8Ro977vFuj1ViFAJu8nO +dsJwsowt6wmW5zqJARwEEAECAAYFAk7JE2sACgkQkiPokq9hbfM0pwgAiWSwfRUAvTXtUo/k +N2GCt0iHORFHDRdzkpHkYJxDAvcNSQ5Erg2xKZrPUB3MVeE3KFQZkMZnCTXx6hrvEIS8sVD7 +o+E6OKrFIks31CXHamGWA9glc3z7oSmkdbigqZXTACQTfe3GG+EnmLKbXok8qT0okGttSECw +DOV8SfpR0+9YFeAzeyT5buWoXEOMQFc4TkzwfF0oqyNuBqL1IdbBbbfrX7fKbj5oQ5UP092U +0OfgPR+Eg/Nal01HfwjwFUGzH7uF7cgQ8qMejj3szCOQZAHrtymawJP3LHxj0ludpiMvmzkz +DVY5gJrrUzA/kyrMUkcpRBDR729ZrW6ildmgn4kBHAQQAQIABgUCTtu2WQAKCRBS1pm5XKW2 +EEVvB/4zmxP81JDQ8KXBuWK3KQQdN5keUsrwzDx0+FoN8oB45gKo1HHrVDPmsumBP/zCVdjc +SbLg9C2+bsNT0zP6T4S5atubEKGYLm057DIOodiwAC+9ib0QGEotSeBB0mCD4yY4BmFDKlVc +3nWuSeFUWT8TXbBy955TzVJsf+RfTkkfjka6ytw2+6X+jJOKJFNeLENCTRoDA5YrPVrWZMG1 +P97QGPTJwlMAzBLkqGUad2g13kW8C6aumzmLFE3ioF7ALrhmcMZP9XNn1tfR595s8H38V1yT +f/MeIb+2xUM7bga17Yv+cBzly+TjoT9Onsj2ORQVQaqaZcu0MPRtxyQc4krdiQEcBBABAgAG +BQJO8gwGAAoJEEkxPFCv/ZfEkikH/iaQ/xy4rR2rMObHXL1pQbFZt0CJUPatQKVat92nsI6r +7Ko2VfV3TFbYS82c4VsgeBilWbD5tv+mN1gxgfqJ9A+MUCqeti3DbGXiMWP3Af8Y4m4fmvGw +59RawZjP3NGNBDgEivK7TNuBGAFWDCJpz+0a3AmmdotvfRmDwdgRNjAIGRRPueX6NC59F5a/ +dVtqvs0S6j/9AUK3OhALNcze5hquXZKPMLyF0rPQmOtJsViSs02a50R7MJtsEJ3bjXQzO6H8 +G8Bw75hahp6ebUgUMsqr6u38JnkWZrz8T3vjKwCGSeVhd9rFA+1fgETNdtRdmcXs8/6s1A8E +6Gxl+mqiczeJARwEEAECAAYFAk77GVIACgkQUT2m6QpRvvxiBgf/cBZBE3R4uSl9IIWV5K2p +K0TnnEi4UboGNANp9AgnHLbIpTuWPbRs7W/nFvECL7+f9+ZoJbQcG08dtKzZ4aLGrYJx3sRa +m73CQv6myLsY45BRoEd3JfnLBazbaJw+FMpEi5AJ05nuZtHcIERgrL3jCApV0uXYDW3mhbW5 +5vDdpmxKzfCWcNN22Jj/DBhC3YY2JrHmURB59FfHKTgXk1MhZkXqstt05sVFm7xmKBYl6un/ +iu/bk4atvWgzVkC75H09PAiJuArpZy/Ew9csfhAr93uun2dOkBzOUsczzs8LBHAAPt+9CtFq +UgXtPPMMrAKB/69nXf8B4ssWbkhyXzGZHIkBHAQQAQIABgUCTwReWAAKCRA+tzP3ur9BP1Yw +B/9YITU8po0GpTAmhm9500KKOE26NSj7C/HRaw7L+KPWLPmAyhoEyHZ0pi79z6cdDsZG8O3g +ga0SaD8xSExFiu1t+F44NECfu3/QYgzhxdzjkVmpQ11DK93+FXhuyXkLJdnCf9+K/MFG3on/ +q1yJWA7XDagRrYKVq+CMWxfrNsVpP4plhp0VkIGoyxmwN4kc7ZLLd+PS0SSx7OheB5uJHNDj +8fXl/bdwx+2Ni7yc0fhJ0uGqPpU0Y9BadedLUzW8iIqusUnLfJ/CGbsIBHmAPeT0LAw3+fga +U+ndNM1F1BuuMLQ9xb4YHnWIF8L57aP4yxCcAh/mLzasIvsbl1EkGnpiiQEcBBABAgAGBQJP +HIRJAAoJEAkmPIz9Jmp2wQMH/RhI+kCEviO7DwEEtgwEIHEzW6Y+jlpxnomVqJmHDzJpVydd +JMMq+iEry+4DcmYaDHlTrCN1hq9KSHBuCugtC0YHM3m3HwUaMoXNh0uFO11X0n0eRPyqSrxp +RwOo26bC1I8cH5gnCjzIfWqugaj/jYDLaZb58jVC9lcp3bcvkkbetXHAd5mn5ewR8xckgbSZ +ye8CU045AUoXwQcYkBWaIvMc+SUgFAY05wpkXQlfqQa/YRVJePODL5r1JnAIbmWDE1rHlxvq +qwEbr9d4yBOWYd0J2UdeGgPiVJ8tcc6ZfQxuPNsooRk1TprtYvDgQLQgfTIi5njsBFM44mQ0 +hFuWCLSJARwEEAECAAYFAk80fxkACgkQLaxEnyYWtp0MeQf+JRhtkHMHXDoDf+JzmcljqYzi +dzk6w+wV2q7U5R9erxD3kMqsIwffQkvfEJybIyttOKUPWPJNtHOiaKNlabmnAHHlibXXszo/ +7QBD39GrWA3xMr3ntRA4EhLRvb3NouFxmhU4e7opOrUOUyYtThflzpuCm/YMGxqcbMUDxFQh +IRlY+wBkQC8+u0VCaCCwh4FFhC+X8sADu504ZT8UwHxW+OWWhooVAIosifObHbzRNZbtFLBY +ff6epzIYrsHwJWLNy+nLIikxyzaIDi7Pda8lu8Tf3tERKkMdjLGW8uMG1I6TPJi3iP1EJ4ww +5EM+bN16g4e29R3rvThUwTM3OAFLHokBHAQQAQIABgUCT0OBkgAKCRCMvtNAO5mx/4gOB/9g +RJU3VdXPG0xqVq1bdk+wE73xEsV1jHZP1sWft1ghKiw2z0AtgJw8v0OjbKKwfcM+otttEkDP +CCRP65zdt3hVZj65GdiFPViD4r5evu261OofRVk5NASoKhxnq1rMrSKGUmIPKKfqiuZsg8x+ +qDRzxxtX+PL0a65rmo9PycFXSbfax/ELVmpB91AH+2Ox7tgayo80SOrOZMvLBLZdkfWprLxB +dy0NarPWs7Ao5A0vT6SHtw+gFeVkxb2B4e/JYnNZCyB8A1VwRrmABmGeXPBZkkYeOgNEOYza +YO1BiOg3PNRNVo7EdHPWhdh7Jg7Fq9eg1hVo3woHzrNExGCU/AvfiQEcBBABAgAGBQJPletU +AAoJEO7zLjDekhUtTYoH/iFtXKuXA8VT0oImkX9zgLYH4uXudQwp9r6DCS+rimcrqEIgA8pN +3i5TkTk2/hOIEtHk/RHY8w504Demh2gLhApHSA/4jeDIFAhnbSTRSy5IZ4I6gpIiNKnXPSOl +lkPO3W7CqXPyznJI1UZUkE+86roU+vcqS5YR8jfrT3Zu9R2U01vcak0oL2giO48rsp4rr5X6 +j4pr7ym4hQrI6YrIjE2Ygy+UyhoExysR//PP3ogHwr07bW0l33rkd7OZeL5s0PQMM0FTlNGW +wpxeRi1SQZ074OfngHhND1bqBj/RQR95UUeS7/MQ9gI5UF0ZSKczpX75+mfKz37HuXeV6Jm1 +jcGJARwEEAECAAYFAk+mm9sACgkQhHS2x2bBD9U+aAgAgre0CHwUGgMna+Ti+8KVWZ/wQ0yf +1BqfogSK2oBhbwjfvlUTVyMkqkfFY2uYLKvh4Wir7XHFjPvesqT5m3/QEyqmn7NNGVZ7Iom5 +MOnT0nee4WuR1zrpKso+All0qXEmjqED9NXFAcZjrqZEPqU2IAEDu3gl1922YMrcY77vGDje +Xot8rHmypPO8JaV7vfIlzMvj9Mbd3yeSJHK8sYVpZLgWCHV3yr2NbcHzkKvEN3sb4ukFG3rX +Hv3t1Wpm7QMqxgiGmkxoP2TCACmPMI8gx1SCv2WNCrkwT4HJikHB/UV5q6cY1j5vXgrviEHh +6YYcFMf0AIo+jtAO6y4Ubu138YkBHAQQAQIABgUCT6/CAQAKCRB2VTXL1MJDj0VBCACytQR7 +A6cVI63eN591jxJv6kKagOwtewktgK1YPyWF/Z3rPRvus5TTqQC0tYUI+mJ9Sy7WMbit/BIr +p/8bL5CQPcx2nuVDpp2KS3oWjCYCEPI0BHk8FyaDRf2/Lom2tKTV+gI4vPjwoX6VUTLh0CNz +acJAYW69uqjgJcPGIgN9AJQ+I/4xCbIOwjKNGUV4G7QolJm9U5jnPotjUcpLMljPN1sR8ZCa ++jA2EiGEuyiauUoiKlvdWGvOefYmPLprJQaxmEYLMlIsGLAndzGYGxb/G1hK5FAbdK4VxNz6 +DE3lvvgdjEkHze24hzOkZXHZyCLL1xg7evUE92tBmbEErsdciQEcBBABAgAGBQJPr8JCAAoJ +EAtCqzaJXCTDxWEH/A4/sJutLXZJhMnakUUitp7g+EBf9YaSLCNFCxlNHXTqVyXh05HJOIql +lWGUAjVndopjhZnbtWQJ7g1p3QoSIFHbZPne7vxLEOq4Ii5jl4++7VPS398QoynPhkRcUJDh +xoNuyiwy513H/Xd8QwFoijsuXZfJsrbeGvWOE1rqbZIDhsJ7jBJ3NeO030/vqV7c/CUKFhFa +XbtyWsiOKs5aPRZLglIl1n2WK06T3qCCjRHo8SwNr5Fe6T4ZgFoticv4xci0Dgoe2qCTJc+w +V60a7dBTZSLRiua6u+uRXfevM1DNN84u2g6JrzAUp2mGsv9I6gSaOnAMEizC5686AI3Owj2J +ARwEEAECAAYFAk/Ch/0ACgkQKtp+IzGWWn2jcQgAgOb6tjAxKbuXn21vvtATNyUI/MQM4i36 +6n8A+vGYsy4yyVy5twEDWhXp8clftuNzm16TrRnIvNqWZB0dYbaI6cLTjncYeXuC+00ZR7gq +Rvfa/PFL8P9wHSawTx1KxbGBGp0J6QbObo75JIWIPsjt3K5JK7dvY6keEK5i4AK0ZdEF0etn +qnEZzB0BZklBsopR9fkgPkv02KQ6KAvR8aGpYzxnDajzhaK6makg4YCFOO4Xtw9+Tn460iRE +pJMGQT3rkK2tdVkkSRl5Csps/YWilNlbPFfeRPVHeTEWtuzqf554f3C+Fz6NvCZh0hiJCAiy +bBUY1ZWhQI7ph/HPFi/MrIkBHAQQAQIABgUCT+mxGwAKCRAJL5jRg57LuBftB/4oevWo1Gic +W9oJ/ZpwDXtWQfhL+hIzyTOJzb3zTRSgIUYud5FqQ/8R1l3NpuvFIbvHLmZ6LQvwhgrGTfsr +QSrgh68fnF3tO2dVEa2nZGmZwUrVbOy++YJ8shteVz5TwoC3H1zh/nJQu2b3ofs84axaKylg +Ww0/OUQ2xcjY9mwcRxlSos5bm51Qx3UQE+tavO+xhRfnVdMsaDyehDpfjDdIec52RvMg2LXU +2ThvSvV2TCmWx10/9CcreDrNO0kQBy05qDp2J0UyoI6nIwlDwBuvJf9toJSBUqcmPU4O9jY4 +/bXLqQaH+NOQaJN2OTmV9cyevaUDYgq00um128zSA5tKiQEcBBABAgAGBQJP75miAAoJEOir +22rCOyVnnF0IANU9JEQ2flt10wzKLJddElBk4Tag8pVRdNJaIFZlxqkkmDzF2NKq5skHFTB6 +sPpEd+eltAmxpl1Mfr29k/CGPUgKR31B0Onbl8rM+XRr/5frdTmV2ZMBKsQkbMI148VAZmE8 +0bzte8JDJBd1459xg6cGkApCITmTLIj9S2Ye4cXjUOc8Y3bqfr1rU5zne2kqzruKv6mUNVM9 +D+YYPjk+ax066N+/4iq9YCi6rxB+5ohhYFKUmdhPgwtGon14optFjvtaYnMKhTH5oPLWGlYx +VJLKG66QZzh1jglqSkC/3m3AlHgCEfQnAa8czSwaDQtARKxq5U8KuW37i98fSuFwreeJARwE +EAECAAYFAk/8R64ACgkQfO7fpK94KWVmzgf+KB6A38AmuzHS/qeyBtrQ7naLW8ngQi9gd7tv +cL0UZFZtEXcOBK8oUTBkPEcgzBDMPeSJYjAts208NjgQUyA0F+iuobVXTZqokI3deui1Jeve +AUFDqOENODVztw2Kunq9tiqk7xU1JnvwSNl5/MjM0R7qAhaH/6d1QY3xNWxi4I/bgP2ldrN+ +VS7ablaFFaDUj7YKUwDFQWRUgTqvZyEkxAQ1gzzYog1zE2GdRlBrkwVeJkYZeUUDQptenf4W +IejEadIHV/2yU8OMWMTalCCAGPCs2MiRO8N5bmAY6eO6JtGQev/d44JqlgldQOPloNl+XYHt +JRYIsNE54hOABdjJYokBHAQQAQIABgUCUAgf6AAKCRBaj6qXSJncCRRVB/9hr7u+3oRyqYW0 +9d6yz/NHJ3Dzq1aGNl1FTr/uh5yrhzjNeh+C22Q6o6qAZgD1EPvTznllnODw1b/JdaW+cP0m +UvuX82lrAU76ZADwDdkvmpVsvjGAgoFoSXASmQNwa3zHrG3MosffA8Tp5a11gD3TCLvQQbje +2GMxvq/Gl5FFReQf/9eUkYhuTRE6knDqg12rpy+P4LMKG6o9YwoyppH1fND9a4qUGBihP8hS +RFFNkSvn9Wtsk+1Zcjm/xRKDRrsGPxoLc/hedUCF4WLmPYCp16Xjg/sa9gTnPcUbJA+OZTRS +/SMKY1QrlCWJKclO3ItS0h0UOTs3fURK4xsfCdgJiQEcBBABAgAGBQJQDG+9AAoJEJKWOiWU +mIMycYwH/3JC+n4jXs1QkXFZSQ/kKNQLPgKa3H+0klZWA08hPnGSbobvdLJOKx4/njr7I/Uw +QWP5YqAvMBiHDeP26jyhPOA/vy/eMtnb0/cGj7E1IfxoipWWv3KFIdYroA+lKPi9CRFSoABx +wqijqgW3NcFwLAGY4W73MoZxjvGI4rVF41j9ERvV4k9YQXKVLl0PZ5ikdQjVDff0n+cb30GF +AGQobbeCc8vk52bpvi85u0f1aUe/E/iIIxP0hVs/X2MXBlW7JFjgNH+bu7/Ps9YQ2YuzzN4e +8UkXeaUWc7YYuapkELTApvHxx7fOUcrY9un/obs/MLspVNT1Q/ip+EvUhzECE9+JARwEEAEC +AAYFAlAlAD0ACgkQXhC5bXFPCFpD1wf+MoS72Ps1SPrpIzSItk1tAfwyHwakjr9fG4Yyfvi8 +OmOC01rnHR5WkuwChjILqW+c2huQ/krWbXFqjjFXcEK7rf4ebb6eWdVroe/Se0e8VpT/fJQm +1G2phEfzL9W8CUyYnLnyjfbilUqvYAirZWDH5XaV2pP7wyzbtzgdylXUohj9rKtJI2+2CLTP +unCt6VLkujHyqL9Nxn47FGfav08RbjpH/UGOpp20h488UKDc0ieQYD1HGl6hlhIbB5qpcMt0 +OXgXGL6PavZQdOP001xLlAZ4bEkY8k4cOohYXNysaGnGnPA8t0+lGuHYmoHlCXRPrUTjbFuW +SAu0imioq5/LfIkBHAQQAQIABgUCUEnGhQAKCRA1EB8WedfJwtAsCACAnzi36sne6nGYn8LT +vnmSf/Cf7dZ0WiSea+Kjuky0Ld4dVsFtFgHHTA3AGfOj5skIa6HbgdZ5bPCfd+Asgx9F+C8P +ZWGAokudgt9OiH2S7AnkzOgXYJ6xp57qFIYTvDm/EzpMim7UWywqHeMCBuEEetBtneKdctYQ +NpFKZ2nnYx9uJ7sdwJDWIeXfrezpWqdyDDCQQE5mzkN4EIG0ZqXQ8mUZEuju0WFSwOzg5pt7 +PgqUBm9zX9G0nWIn1me3aXoMSCBtQmY7K3xrDNzgAsgMqVGIX1RpCtG6yQgFI71g7JzB55HZ +KSS1CdrlRAGYTRyXGGfVHJ7dOXLkD5eUF5XRiQEcBBABAgAGBQJQYP9WAAoJEN01kQNV3KrA +Tr0IAKBxFDd3np1YmfHSw9+ojGkDQDbwb/R3VZ6r6g37hro3Aipugpu+tmt5nNzYGEL5rhnV +lXTuLa5NeclY8plHkmFBswEbDEu3YS2luVHYSt4tgQMBhd4oJczdhWaARXEdNw2Pgr7VHACz +qgpbV/hLUV/f0YPZH605Bqs27ju154KdgvmcTIguTWeHAAb9QUeWyqRrPjGpqJgaFSPBYuDg +Ye+P0mkmVvvQmf5ePeaQQaDKOtbOPk1VVbnx2Mo6d4WbRpsljzRh/WdIhqcFNHVaxZgkP9/l +QGCdkOF7ZGC/4sViFd3ZtAqShvTkypGzhwkq96AT8EtebHxuUfER9tPOQ+uJARwEEAECAAYF +AlBxOO0ACgkQTQTpznzngNwviAf+MEbkK3j8dwVCD3w3HSTFeZmGmsy1c0ZZEYFpYb61Fx7g +rrboNhUlDc7Jk5LHzclqI9UUzYbPNBSqZuuS93IsITIUkzUQevyDU8XMeLjT7gLga7nv+CN/ +a3afGPay6DQiQhViBVZJZp/CMSLLAYgvwUUfF/MH+BRVkSlZoAjC1v0feAd7ez2d8rKPNCIU +Qb7TfkTo48n5VJlSWNZ4UO+IvlQQIw87CQ8M7oa1wLp9/xmQGp2AACiGqqYdv1XF+PUMwglt +T3U9jqDchiTuB5HUpWj/EHyT9JbcVrdG4gobxwcapDbYEZwdlW5cxjCAhgEllVTsttwMGMRT +5du6ovmHlYkBHAQQAQIABgUCUHYROQAKCRAR13dosCH6yqgyB/9AqJMG9kx4l1dZ8/oownXT +bhuqGuo7e4pGGFu2XQpVONzQqGWXm75q04n/fiLYt6FVhwTp6PtqNDu5EfJRylDeAZ1GB2H3 +K1SH9YlQF0GS0IvA7G8if2UBr11TZL2/RtO3oAMqShcsfhVTS1XpDHvjECVcfYrSVDqk4+Ws +vgQYFqUk7sdxbWoHlLjmrwDQHb4CGsoFe+8WocyypH4nq/UNWoDdd9pTf/rPNBVCzjkk+hdF +UNBwd3H7xZUNgskSubXTw494Vn/Pg+toPyisXHkV/unvpF8jfuQP5fNsoaHQIYvQGrPn3cYg +e9j18jyC371R2nwzYB830BEZ+TD8zEJ3iQEcBBABAgAGBQJQfo2LAAoJEKzMF/QkAYNDtcEH +/1PT2ooKxl78wGOMwTFhYMNkTBv2ObZmMJQH+ismWC/CWGmTUjm+4Td00AmnnuAXjp/jVFy1 +mth5a/Sy+XnrnvpGKutjDt03fG0W5qJajou8TCsQtWJZNwCjPjtw9AyrmVzL17twb0/RF2/v +4Mn55HuPmUAopFiAFOSQsdDwlTY92eqzjbQnfJ1FjVVQcKGjWGqtRKKc3BC8+r59l4jFz0uu +16sOSlFsgjaoU7mNAMvRei5y95OlW8+pHFobGvZWST+AnjC4ZA7xdnhQDfZVcoQuMjNxxEvs +Wjn8jdfKihkMOeKcLvFrZGSIuNsM5Ncte0cTHNuQIEPaj6vPABgl6JiJARwEEAECAAYFAlCJ +j3MACgkQcDA+oZoLUR5JBAf/RJbBCnEqK/nDDPuSXEdlttprzcCH320o9N7EtpDt83FjwCmT +pqRHLe5kpxI7bc02Q7CxnJ+GXHiwfEUogk/oGmXoWGYimJuUSZFWjHvxtin/htAS38n/Cs0d +R0ADbxxUrpOW7cK1hzL6cJlJkG7InMD9Ai+jqzYc4CfnZUdyM2u75/vJVJY/I6KUzLXd3ZN8 +v9y5yjTMDDOmxVRZMAq/kPcb7R2SS/Se8joVkdtpTyJj4Zpa78UDOGVp6NYPa0ufJIFwqHJL +2Ipa7s6lQ2jE8+OKeD50jTbgKhuWjska5HTv22IYWawOT/KxJu+mfrPoi4YRdATBxx8fh/jx +CvgUO4kBHAQQAQIABgUCUKXVKQAKCRDimXfWs0mypqrgCACAXi3J+F3qvE6Wp2zKJCaTetNi +vsUQDC0QYx109jcEXZwUj3TA8+AbafNNkrNNBxlPgY1IRffimQZ+f2zUe4rna6yEwR2/9IKl +iFAou2MTSZ8u0Lvtiwi450wQFnE5zhpdXSiz7y4EuJTKAzuKlZxe2YCz0yn+ypGAsc/eV6BU +ynW4EEpJCNsQw2g2jwJB5+cpd5kP2PnqDhcu66hnI4qybJaTyNdvk/4KVZ+3gE+06a4POpe+ +vZ5nJYXC5KetJqOXgmze0v9b6jKNReE47toJTGJk7lahQoUiK26bEUTEW2ggm/o/6AllUjVv +GPzNSvyF7moD2B32mm3spOxlE80KiQEcBBABAgAGBQJQuU1QAAoJEIlMeB8cre+uqW8H/3eq +uLpPmUHtNQSYuT/hXMSQM22ooGfyH2H663YYANPLKU4dS8TaazHmy8CVcFj7jmCMlidi42Mr +vJzJxW0CWg5/gCzPEBZ3h4eLQcQ2aGEQDSvhkkufkigHW3DWZUYooXmvQbkX65+X5SaiPAQ7 +4AdHwGwh6XN1VXXo3Fdlje6AFFp1zzC1x6bVyiXHAOcdOvQtlGvLYnDMUVp01acOSqjnVPSb +N6yBXuxatrP/3wLFhLLzmJFC+7sZei3N5Z+7KiU26bWoI0V4yOhKDbH/a6Ilid/HCum6NUWH +c8UyRIhXoN/oeimxbQtrNg/oinfNFuGFqTzvNH+YKzj4u4fa2QCJARwEEAECAAYFAlC5TXQA +CgkQOssqGS7D9lGsmAgAydk0EeQ7HSJNUoJo2ODUjVLAc/lPd4/kTuKZ8+UxQwqyUtGUI38Q +Nl4t1g4eWiPgPm+UBnHKZdyWuLtyPnrEAhZNoc0WuKXRYDzwMIX1vj/6gWWU0VxyjYs1KyuR +vq32GHpyfeCcTRkwYKwQwQPDWzKVeISiBxvFqmrOP7SxhTLoiyaayZcMVkqe8guHcvu91+ZZ +Ic+hP039zoWY01EC85ksyF0m+tpxbwMLbvcyoSKKXNr4PzbMhkQaX1v5ovXM1mgaw+Pr2K31 +ZBs9m+pgqiMHH5mPhTFiBDylON1G9Vf8axuiQZEmPEqbHwleje2REvyvzHmPMFNeRTSNzufm +RIkBHAQQAQIABgUCULlNlQAKCRCmWSaF0Ev0M0hgCACJ6OWqZ7gzfcOy5xJLi0g+nmrmxfHX +AoErtakeIjpP2xa6fyBcQrNEmQQC+mI7KUJQTi4LE7a7Z+jHl1+3xp0zoC1tb6sDAYaUSPYT +b4n1o4s3xsL1xjGdBfZkJt1s3Xjf+yag0zEuC33dbtVlf/PBR4Y6Lz1CgOO3Z/jl+SQwX25l +QFsr4+L2T3PiMAFWlgXy5fcwfstmezgyUosY64v+Da4XE8LMbH4NdvTfFCkCbc09271IFCOo +VAZZ9jJMbveKgWVsbs/8Hz0vvcgQPuIKfpmGfdww7gRYqfNwJd4V6/c2TAmvIu3NjEAwpPCQ +0eNlxBZpAsauQInSdMSHvJJciQEcBBABAgAGBQJQywROAAoJEOpxq8Wrg7HDducH/idQJBng +/egsBqlgmZHKideA/zrWSYHBiXX/MCoc0eaacUfJ2IXU85BgF4424ZTPy85HfYkXoIteuL5O +QWty2uPLIZLGJ1LSRtLf7lGKPJbhbVWttM+u45FfRjoKk7xlbPWeauD6OAPDwj5rovzokK9e +H90jskqw73jzOEvRmotB4hNqzs6srQLzxfahMkeYbaHCW153BCUfOQMl/Y4ISZ6rGibnFpjs +/k741QSZKfxNi+/+3/2T8jcHPU7f3xqIlZrqZALS793SO247fOhZe/lpVM5cZRZFYzhZYydF +aj++vZ9MWSeR5BeRBnuFTO0qR8jFflAjw575k1LFLVcQx12JARwEEAECAAYFAlDih04ACgkQ +JIQ6Vj3P94UVggf9EHtOMaTUSUArH/Ln+XdsCd00/QCGWoOcmHSvWZ2ZuWFUEQ3QmkSCxPY+ +FM2ILJQWRZkfaj6r8NDPWN5vlreThjm7sMYvAWZ0nzZOFekuamvdDfSGZu5OmN4lRDKHmVdD +7LoEDXUJfaGnqFBCnzng2BcZnPAN3ML70SLc7txJyxDuL+Rms+jQWp/6iWluz/MLAlb/rPnK +XUbipNfXLavJupaN4TzU8KZz0QlatMXtFHDpV5F2a9tWWRmZf/vymeYfSHIwQWmUd1cQ+WAv +fTuYYbDI06GPLnFUS4cGBjMluphD+SjHVcSAymC1tDbY+D458hQy90kTNjoom4rUzEx6VokB +HAQQAQIABgUCUPZpswAKCRCX7GSvt7m+TCv1B/sEqsfU4MhUReuEcyEWP0mRcH3RCtcqcEEu ++2CrhrNd01UtVfhSCe7azTTUmRhg05FyqjEq35nPGxPw2+KfI259w88Kyg+48DBSeDi4uaN7 +7/uUc1Chq4fWfp2uTEZ0kUpYNmRbohn2McCoGl4aMbzNeU7G9RXrPO6fep7e1Sp+A0BeiBAj +C4SBeUM+4IkG1R3BlbMA2uHGQGF8gI1iOH+zqVUyeHFsM8ucGKUNNKWfvs9Wk4uBSor+qU8x +vwZiJdrg+ZdS1zN7F5m5Pq2J8z9fpcTzapzAP5SobjuKcni+a9CBPOJ9H7MI5ZTuY927LVID +WfLswl98hoIcZHeH0FZViQEcBBABAgAGBQJQ+03eAAoJEMy5CKepk4QrVdIH/0AB4AXPu/W+ +yb942sMKJwfoXPHZpRs1ZVc0J8w6z3PR9F7SGcVY9YbmTBMzkavsY7/QeUo5B6IVo4dhFVRz +mNPY91vQ/KzgmP+xttE71OjySpmXWNVKV4RTssETIbIoI3h58wQm0OSFefC2jEiWIE3bRZLI +mDB2dA+xe4ofypQD/vdxB3oZmEINLqZc0BHIG87xdqGQp7JdG8b4MFLTchLUrgSRw2SSduEM +hlXNkgJPaUQkThVi3JWuk0zdxX1XgeWA1zthOJSbFOgttT8CpKTzZVdBiiUT+nIbjmLjAl31 +udBo9LoGpvd6AATmyfR3rvzY3Fuk46nxEG7OZKfPuGuJARwEEAECAAYFAlD8RA4ACgkQpsqr +IFRyWZU9dAf+Li1AxymiUnoS8STiBC1IT5P0pHx5gJYnUDhs1qQvg7UP8L79JgwjeKe22wwg +b3E2552qb2Nl/JqwDyMD5Bk6igkAxCSOtsBLf7BvkqPYRLWfE8PyQOAik5luVfLqq4Y0bNQr +8YHS+SQCRKdjuicKb+UTvUGf+zXf3MjoiOVt7bmcEPdPYfQTrdbiQmwW9HSkJ3xnQ+4pjBOB +M/8RpVFubriGyV+J/DNIEQEwRFiykaW+gW7580m1sqtSy/RWmZ0qbtLCDhfVSjcIWSRTKqTE +mdd6iOZMoDXf4Y47uXanmP3MnGGQSO3FBN19F2OfgiW6R97dcrpzEd77Ldqd8w2AlIkBHAQQ +AQIABgUCUQvR/gAKCRB6o5bRIjKt3f/XB/wI17MN9k0y+A/IbUAbLmR8Nw/bfneU9keiOF6Z +cVndxQwp+ooh0YLKUsMnxSh5zCV4DmpDxwpOdSZh3MnDNQxI+E2JZI2WNXn58xEByJdx/fxq +/YXovLASvJBMNYNeazmhsPoIeQwaNke/NoG942gSZpjYzNyeWYFiuAx148LWV8l0podwqu0H +8CbYCJhBpIxSdnjdrTCvksTFwcR7mUCOUqj7WyuC0LpmCoWgbAmxln6UwEMDtsFq9Dz37a8F +wC7/8yy0AmZPv8FXUSav3i+LJPUDGGaUpSBrH1RplZfK5Y3Aaz7yVcotaIBT4XOhL+ugcteu +rm8xr4GvF8Ye+ygkiQEcBBABAgAGBQJRFptNAAoJEFhcViAXhMgMOGcIAIw+FDfQ79JzMDW5 +dTxr6OBcen8X9lFwAAiww6NZYFpbVndNmSVVbpam8htN2DDEKmPWE9wxR34J1Z6g8KA21UiW +7We6e4Q7CnDzW/ygPYzKQf/co6wenNktVMKII/0g6T5Iqx8SjySXV/b6jyU+VCBG2vDGy3Qs +s942ChPWbROJ1m/nY7XCRQppWu4HfXCFKiQupBiyNLVn0hB1YvaFZUO1SADaixs2Zt5VgU18 +6A1yJr08864yW64wJ7DYT2NHYqe0Ahh7MDLRbGSiWEhkSScfR9knXFu0+8NXJSL68iPEvF6y +xF6cfbM8D/W0dBV3/q0MmPUI9YPRFNrMTKcU8AiJARwEEAECAAYFAlEW1zIACgkQH8wP94VN +e1d96wf/fHoAPWfASjpn0zMtBc0R3Qsta+pFJARY4ONcZ3/NY9UmyNydfOElREEPUrG+sKIu +8x5Cnrm5/GrdxA7dfzDmM3JZeJcKSINqXSpFlO+vr48oP4ohUiYUD4rsoF1i2TiCa+IX9rN7 +bhLQz2IDnIQtHM5Q920eYzdh/6Pe3WWOT+MDTmG6RK2DrjFvXQC3/Itbws4YNPod/zBw2IDz +KF/fGq3EN47keLbEHoJ5s0nkMV9pDV38hRIazMze2eWyL0uedCqLvNZPtxYCjFqzoDDEaHGg +UI9Dj79HpUp11ISt9uJlahnESeIcaH4kkYa9nW3Rrnup4ZpZpL1c58g7NaDKu4kBHAQQAQIA +BgUCUSY5XwAKCRAXofvdlmlFZ05xB/9bAMPyPglvApl8bWYeWxU9jCpU8hUzNVHYGL8YyYEO +kVUyZc0KfuNOFww2+YuzTMsmh/TOZXl9UpABbCOkTXuw5ToxoblsOvpR8Iax2YqgXnxyqfCI +MnQ2Y9kYHFKHQoV9bGAu7O1cZMVsThW3A1qrip5caUtHH8kd/QkOUfEBrnBNWjijCMOELEt0 +LEt/BXe6doqUxKKI7gd1VKL6usGMjyBMSDr5f2iP5QBxSECnBPDDV5aDsGLQd/Pg7pr65+F2 +hHLVDsJsDS9/nI8K28zVL4n+ptiGbOOeLd6RSgcJUMPCy2EZTRlJRIft5wQ7YpGM/wo1f+dx +mFEXOkLjBD2niQEcBBABAgAGBQJRQny0AAoJEN3iEV/HhJBXH8YH/1JggbrsqIMYNAVHmowQ ++pp+KESnfXixDU4v5Vgyx9wdiMM9VkM+B8L0mQvUHdWXmQwzz+3xGIXRSWpCIV8Xb5zZVd8H +BSeKGU8ErRI9doXvEl7snj0jUIRuPPgEN4TQZ5dmnUURUbPSIZZfvTefDS58pfEULp4pVqd1 +1fToIHrz2+WYf/NHkAUso6nPpq1Q5e/nFAfTm0WtebCj1zpsNF5rUsDkJQXFSYW+CB35MhKY +bEIXV6fCLeblFgDWEQbnyucCKs16a1AZuuVT5LwZy3dRA/xHTgJpJk0EZnxvo679mJnkYo7E +9Pvv8fZyOaNFGZKJ5jFx7t8gZuBPWjqlYIaJARwEEAECAAYFAlFJ4R0ACgkQJkoF/Ci+K0gJ +YggAt8OCmt6xIis2hOiBW/HvMZVmKGBKnXSSz4H64MfEN4lgGCzXAwhTMx4vGCyGxNeDu5Ga +xYcDEpFAjyfASGMhrpEWrwwjKSdbkhz7Fak2R/IFjXRrNxPlONX/lPpDVumGHV1Ll0VYgcIn +B3WBb5ONHA59QR6Z/rZ74gqBIPmE73FVQul6PpvISZ6CFYb0MeRyfHYeVg/L9xnqhQz38sWH +vKO0Sp9MZW3ygUEhuzWX8ZEkZFzPXkYWomnvETL+zXX0DxMgiOhLbd2l7XG+lL99VrvjM7XT +EGqmGTXLx3TrIDkCTcA0InG69Kmh50nG0IsayKoQJ7loSgwa2D05rH8yfokBHAQQAQIABgUC +UV+dOwAKCRDTMiYHoWf7lVO1B/9OQ/EA5GKbMXIjEtQVdpvLXOkIdf47igMrKmtAYfVuPEFC +xJbzn0BvBS8I8ZzdzN8KdztchtuhKNwRT+g4F8FpeMs6E/bxFVWSEZP+Fx+HwshVNNcSemnU +OWsQMssNqBzanaN9Gv1eu/B58gm8/y1W0xzXDLf8Ot0ztpsE47r67N4kmUjucOj8zAI7E1K0 +Fxh2veoPZRKBu3bpKoHt9nQ/GGRBXz4noJMWa0G7xZGCG+krBypIJI+Bw+A7vMmny2Z24/ts +LAtNoEolUpZjLhY2TfYDjDrO80KD1cXRMgb1gh7oJ9zwWgi3vDC/mEW1wHoB5ee9blrtQ26x +RzoCAzE7iQEcBBABAgAGBQJRYo/qAAoJEEGDyBQGsh242FYH/jr3PQIhLwq5lFlGqFU/Hh1/ +9tftIhO1pvx7DjiI2rI1naoL+RgvMBqGQFbYyQaVtMOIrTUfasOvt93uvzbTYeklvCzvA5Xm +t+kNadQm0xsMSgF5xkXYgw7gHDwm0/B+vBClBBirFkeYmj1DXU3Qx7i61QNx6Sp4GJW4wm74 +3dEC9d0p1uNZTJoG4OBx4AR9dDIYYQqgNOTgdrUefR8BMfmvnOb/JlBKJt+v4rMgKdrAgM/b +ymLfVelbBdVZz2PJonUOP1LlO91cVaWTqKsTyQwb59bZ4hzkWgkU85CsLaCH6iwIiSI63PuV +iFTxK2xeBKDz3Uo69g+/jqNHFNUdlAuJARwEEAECAAYFAlFj5e8ACgkQO4a2EO7fW6aU+wf9 +Eq6U1FoqY10GWWDjUE8C8pljweEf4wepK5bs45c6qGZKTqUHqaPW3tmGkvwFvtgYJbE4+1la +8mzFqx+sjgACb792lzuHy+m9iaZGIYwgsW/iBKmUqK7+zwVOopbLBUAkxyQkhjUNnsu3kBKA +MtQ2XPx845jm3IkI86ctVAtFTRcwpdedowt76qDgbMifcZE1f5AAW+Iipmirp/c4cx1BT8Bg +nFVQFAYOJIjI7fuaaNET0pgD91ufsaF8+DE0MIp8+Or8HMqe070OQYgpFM1XFQS2R5UbJNcm +BB1g81GCUDv84KWx5ExYR+7r6UiGmdwG771rxYNBnpEvAPuTvP0ydokBHAQQAQIABgUCUWUZ +8gAKCRDBG5KTG+6kuIAgB/4gWGm9knoPEQVBUjpMjJZkUF4VWWC72FMosl91SfgAYzoB75yX +udwxTLLmdGWX+hyp64oSsQcDl0mdYZnYCR8GD2wSWD2is4ZHBKzc9e1/IHyiK3dzBw984EZJ +gbPfB7FQ0bFDWQXzgNRKmhw9TPqXAOiBcOi5w05kn93Mo+eNicrHCYJmVqbJ7h8JPaTxw/2W +GLYIrHYHZTx3k9iXxMW4+VfB8xCK9aeFJ+CWNk0lGKPWojl2RnX1Zczd4FdpD0zP9LkFBfgH +D0lw4Pji+5nF5mpoKd7xBeX9hpFhBlWlRF+TU3fYUpmTfpZIniH0saW6m/MiTJiGfAJwjFwV +P1DgiQEcBBABAgAGBQJRaz9jAAoJEFV7DiH4ZD6bUI0IAJUDnGEq48+DL8ajFpiPRSZg3/QL +2HEjxjgz6PJm9j8iY9VgjhZ8dme4qGAMt5e983u/B6s9bSLt/9w5VSFcQ5yqvO6jIi+F+jUN +By0dveo9W5EB8LlPFXk89AC9fA04GGW512WH6SXSFjRljJ8CcPez89O/SQockendwoOaW7Dv +Ny2rBGC664PwhF72yCGwmWafUT5zuXD9Bil+bka195P4QLwpnM4HV6D7IhWwXm2P4nr2uXpf +q6giq0+OOvU/y1ssReqbS54Cjjj2URQ6adXvGjLJ72jprxRNIDHgv2q/4OYpkv8myCv6En2Z ++47XqsKsE4OLLH2fR1YRf7ZM9J6JARwEEAECAAYFAlF1JhAACgkQCsex80+pdqey3Af/fPPi +o53FnrXXyDVIBBVVU6WKSytQi2p/F/s1Y0eWAabP+4ITVjyPu5OOxQOAOVYZox21UGKSsgsZ ++67g3JZUFhnMpLovj6hF+DhZJg/OuABxWKhKIgLc/Kexy/F9rdavuGPvRbukXSnkxZX/bMpY +WNi51i/xKVgoGmFGCJoHKuddCG7ySoGmzaEmfxT8jF5d/aVu47ejTYbag7nbgvP7VR3qrRUG +kW0l/DoyBKR0UHwXNfVUlpPT34zahfwdWevP9CDWYKOWTo+n1joqzWRqanFEKsQAGk1kGTDq +9guLwDPfMCovzwChgbMdJ1/4ofBkmCWseFAdlEvzdYQWsUyhZIkBHAQQAQIABgUCUYE/qQAK +CRBlcFa6HPatjdRUB/0S9F9JHycuuI6TMY2+fiPOtSa/2oWBjCcHI2WZtqs/b2MiStckI0pQ +fJfj+CQg5WHHFL6O5WKg1+LH+ulbydQC6Jbd3LuhSgwTxwtaGYcWEqQEf0ZWbFTXpe/r6XsL +HwLNcs5aArxry3OS3JUikTaOwritjEzMPLC7/mBOBTzd1Xm0YnRMxfibha7cLnZgQ/IS4TGr +IRwDrn2IjHr4+xFYxMGqiqK+aVu0WaM36G+CfbHth60MVJO0nLJ/DDeQwp6FKGkXR8bOJRrl +uihON/uybLf1/dVr02ey+wybYbOsxQhFKdlhYBgarHIvDCft2QsaBit2wNbiQfvvb0TSKUnG +iQEcBBABAgAGBQJRg1zBAAoJEFsSJrzl6SsqLYkH/27aFu1DJ3fWU36MjLInXvkEKQgvwhTk +aHx5AMBVqbrXV1Czmy+CVQb+8MnrydetlQlXaPi2RyPO+yypxgz6c8B2gwfNhjC7lkFJakic +1VtJ0WWq76G87SOGuKNHhuGIB2AMso0vq8vDPSmZzWADchGgH2hy5xjomrw6HLnk9WhuuTDv +pr2XYvYACmQLP3zSZEFwTVrU13O0AtgtTKXfnCKPqRwF45xOh9wMU9xkHr1SnMkgYMbAWvFl +Tcz6YBJDzumNLFSudilCXr/NdVCLe+r6Nt9ieDXsc1Dwxstc7LvweAuGK/9ZNFF4Hco50KwM +nGopB8+nSIFx1BW3M34S94GJARwEEAECAAYFAlGDbo0ACgkQoxOWySzF1k49CAf8DmDb84aH +bJb1Fjy8ClIcm6nog2uDaIvFF+oWRmyr44e76dvTigf+yDQ06BUs0/Gk2QEM7efLSIP9PGGt +4XZiTZm9bEcdPhHO9xZoShRIu0iiSL3DsYPxVdGbXG2JWOTK3fVtdyRRAqRQb+KiI7qyoNWf +mXJ8+X9NyLtDQI7hLQmQoT/7HgjcWVpopSl0Mhq4rDFTrja7Jg5xucpef4p3Sxx7d3zpZ423 +5EFwDcRi6Cz7ErLJL/GITMvV7Tzemb1GK1eMfJQiItfc48XITCBNjcBIFbnZg6Rm/iyUCaRa +uYYntJ03ZpHTdiXTGi3AV59OexwBDhwiVZ7I3Bttxb89dYkBHAQQAQIABgUCUZ3A1gAKCRA1 +X5ykJ/NwLgBNCADIePFBcNxq1hLQ9BEeV5rt3DqW78q11YTR0O9zU1XfoodjKL65qtSTyimx +fvEraTnWzSGLD4nrW5EEtoquz6LcTDwY8oeMv5wjpYJNkcllxbbZzuNqjeWQgim4Apc+bwIG +l1nvDRh9AzsyPNaffUZSzxvOJ4036npzqMDnsjm+ETlaCWxyccfHuklz6L097ndnCacdH5fy +CbTsf1kEYtlMVYVsz+r2K52GbapX4BzXk/Za7CyCrgnS5QIdXv9UIkutTBlytULvZ2COQMJI +LB7crNHVFHj34yQ7lfu49TZrdQFmPbgyspONxnkWBZRQSRSyPwP/8LVNpLPC9ekc1fXriQEc +BBABAgAGBQJRnc2DAAoJED9CoAXznqAx/QYIAIw5MNdDk5n4gqdi1uE3wCoYDPvJb2jBrQeY +RRgMxe8JPOPy1F7zJs9fd7KlyWN8OT3hzd2uP8XbSx8Esj2/hD19dE0c+dvNUAqXgnXYwddd +CgS/n9sBTuFdujWpBL1+awO1GHddxgljcJLzMXFYk0iTr5EqkcLlqwBcVq1l96A2LnEXtZ8k +ELi8nQ+plzPg9E6XuT7QCq4iKGKJMJ2JIfzUSCk00Y/dF6Nz+lGS1jm1OFbjQenxwYBHWf1O +CpCDdmwHKLC9FqCy/iBM8gk7SIot4QAq9vA0u4HkzFGJ4zs7LFUcN1lccJAgQsAKDyuTL2OR +dgH6UmB1x2LT7s2HxL6JARwEEAECAAYFAlGmG1QACgkQwrMbQ4YWXksrPwf+LL3of+zfze4Y +C34Y8HlXiQHk1ykMVrdDvttLJQ/zbRrB8HA2hCKZdltgnEd+KIMNr9sVriFdPywZCTMF50JP +noGDPsqgOx4szwWlDjMVEN/gghh73bSTGNruAQ8TdR6D16w8VJnYODw2awgBoE9m/bq0TNdt +KqJ9ZJdKnlZYxVz//PUvNZJ6gJCzbnjJJRdxEwE/9+sKF/GzjWRbgqWILN/NiYzXIIz6af1x +WVaMW9qEvxbKgnDYaCxlU6nxoiAVgo3NQdL+EMV2bMMx2yyehd2M9xz0wuT+GuHIPaAHfJqA +vEbLpbN5gfGkISlU4M7oxr+6eauc9yejoAyDGGnEsYkBHAQQAQIABgUCUa2VyAAKCRDvmRud +2lNl4VrtB/9E8WeUcaEDqvLSRhKw+wb3lOxE56/uZrs1uf87sLSUUpGnWm1v2UpcIfjdnULY +jPebSxmXGcMcvN/p1Cr5qOv81c2/UpZdJ0z3lseMY5iDnfYI2McoeR/OF0CaocWsGoRQB9BM +Ut9KQW8Ndl9RibyeqyBcHruyKvGlb7poavKrHtFDJbKXZyzMCGwEf9rq6S9DScsSILu5h6fp +AFztRl2rsL5jPT3XqzwfbGJTMsRDO0EtZC5rrnNb04s21dxrhIMva9QPJoAGAy+q4Zf4vgjK +mTfb1p/Ofjy6bmGIYJ1751R0dLbWrC8eeKeCaiWUDhIgua43SvFUU45lA8qPWu7+iQEcBBAB +AgAGBQJRtcCsAAoJEHTnImplhdDqaYgH+wdKAgb4GRrHj/O3V/v0EPkXufZkwYxJTo3Ajkut +AoAqOv7qsADRnuTcYzorfxnzF8Cvx1E7uUVzAe3u5NIJz+dUi2x/GgLaatuONgZ3x+pQeik3 +INFADS1ntsKmbVl+sApuTuBAxqjVSLwv7KDkb/0VEoWAEORdhXCLwcHaPmBSamt5UNSEzYc7 +NhYAeUaG1me4GNMeEPg+2N3O6Pee33Ap/6x21os5khv5GkCtnKTA/eywSL8xE/0wQkAQC7pl +7jyZ0oz0k0k5XfM3Wx9fF6bComRe0Z4RbtsrBY/0iWh4+4dKulP6pjpBIXYxc4IRYGG8Ijyw +3P6XtVlyhMaNFk6JARwEEAECAAYFAlHYr4EACgkQo88+LzrF1fNirggAkUeN1aliYD38VzZs +PrZkK2IBUF+CoG5suVehMLBozsTk371uhS3TQjAFY6f7ys9J5BxsvPU8M+T4m2d5MXGpK0Mm +CVSVdbnOAjGtZQOfMBWKTYXuXoD764L7nVt2IkDTHyVzpU2yOxjW2iJnz/lNXbol9LxI6r3O +yShVn8URu5Yhs19owu1QsKKvGUfCSAZpjqPPdfseVfV8U4bfJHTUwIejCPAFeCsG1PJZ54JM +5OQaOMiCp/1OnuSmayGwy9yH0GMDvrDkOOelgZ8yfkibtCYw7TCOIuAtNSbCxFxgotXzCbvN +ZKLORT6KfiNtvsUBL6T4XsXN1NGYqgCAaUWMeokBHAQQAQIABgUCUdr35QAKCRD6VdbUvev7 +uVEUB/0ZZ37k6aBjfPgKYpVt7V5vEuI/O8yglIvADybBDoY031Yzvi1NSz0MEHXM4kK6o66X +aZHUl/0OR2FqDG1Y86N2APH4NaVUs6dZQNWSeThriMOe9lSqstJZiT2tb8J9nr0FTygDPsfX +Rl8ArMdpGY/vqs8B5+/soWz5ES5wE0tLh8SK3DADno1kupBPuIekwxkaxwenRYqynlsxDqsW +gO+RvFEujnzAU8Rfd4X6CGNR2NXoyUyNy4hNbksFDaMyOW381c2h9SIUqvndHyijKu9fNeN4 +4fMLN7NEOAeBIQsI3/RMHSISF0MxmMx1Uc3mArBqZGVit+9ms/M+Msqi60j0iQEcBBABAgAG +BQJR4FI7AAoJEBqddD+/92fwoaEIANHjzCNF3WC//SrKKS5k3uDpFAV6U5Vi3SkPLNHbQHlP +L1OC4QfH6UCVBXSjXIY6hfvZ5kpCkV8ebmiHjqzjrvvMtQkAI1pvL2FBHXSfk46heMWmAvFC +h4oH4ZPIPaz/cG4whiiYy4XHGGM5O1kavTtlxm02PMsizPUXJEo0OP8A0ojHKE4GvROOakP3 +eq/8HWOEs/PnQ0WbnaVQ47eHHyb2k+xKVlMwA+rnQiJBUKV2zgGXb4Gp4v4cnrKbRVaPaDsW +V0sCR176OT/n4sYMSx1nawI7CKR4x7qi193HMv1aa4ccLWS0Yc0GXej2I9qfCNQtIRlDFvTV +PyY6/KobVj+JARwEEAECAAYFAlHm94MACgkQ7ZcPmWbP4F6mzgf+PlGgroOrbfJLLPhcCXBf +HiiUgxnvo0doXZwa1FyNT+xn3Z01NE7qea0U5sN8yMjjjtoJg0Ccqfd2ZB5Y4jrvEpS4QVew +d4y7Q+vPB+8baXU9aB/bJ/wt/Qgs8PrZH3XK/aVvIFhVpiHPWZ9KwvqipYSxRLkXDQ9VreeZ +N+6ZsBMPbrhzVRUlclDmLqQXqE1WJnTuGfF/3Xcrk0iAlv9GULIQrVrLxahDgH/OswoupAJ6 +Axe/GWdG0k985GHOOs0J7S4EgaSTzttGx5qTJd/obSLcGbCOHj38pU32Sq6P2w+n3kkRRgrt +nVviFGT/b8OBEIgrd2ejMR01J9BbDtFtBIkBHAQQAQIABgUCUekLBwAKCRDyZfAAHT7vSsHR +CADCUIrFQq/3M0KsjRm7tioh1+yFR9RI3aMlT6Sh4MDjLAPDEqRPH/IIvmlDIEyVI4QwIccv +LmKO2yjBuK3is4yNsErCPTIhwSr0qupu771DXbM+lKcJQgXgxLSRA9Wc+JfBgDe2iofkwa/z +YXFnPwlzLXfEV+Q4Jy9Ls+BL7ho9iJ2BdMOQjpFQkZ6dfQ1C6ge1PiKXBaF3PVTJIIIST6ac +UfIsD6EeXICOwVpJBd5G4mVPiGawppT6/uH4ZmfZh/29Uq02M4joFgY4f13nE8g5J5p5Cer6 ++Mii1Fk9mr9QIKxG3PpMoBzCY3JyFaTKhg7r9H3DBaUqmbcw6QvzyV+uiQEcBBABAgAGBQJS +AkX1AAoJEDvi5j+4fN3M9F0H/jQcMheIvXGohi54+L6lz4WAorYS7A7gj7Sd7LR1lZHkba8B +7qrv+eRYzgi5uuWQtZTPwH3HNhZkBi0r7TvcCBWBldwsAMw7DZhCTSgB7GumcjyNGs7m6hF8 +vjNY90/on1zXbZmq8M6NrOvAgrtbZ/hsIREQc+40LOcm5Nxo0/8In15B1eC6l29uncNVJDJI +z9jA61Ge4qXgTnfQq1zpe6ckN5ul9ljhQlsW+3dzVZgicLvTbdA65C8JrYm5QAstpZGkaL92 +7H7LcVNHRY7vFlprhnRE6hSaGRHbiwYQuMvM88pcOVUGDyW/Nb/M8qSUP3+wIUHS2TQEI0Cy +/KQZ3R6JARwEEAECAAYFAlIF8v0ACgkQdND8mR30bDbaMwf/Yu46NmArSqMLLp0aKWkAnjI2 +rF1V+oVNPlWSnjUBEbkNtHLotgP+hmqEuxGwGL4myXdmnemlH6IQIA3IjW1Q5dyLoYhB+Zrp +LCFtQtBU6hMh0PuBwnkhd8Di1mwdl1SSqUtq2Q1GbN8TgQULHLv0H4oVA2HTvJCIQ3OGajVZ +InjApo+3arTSoSEgYYUaw6JwhWnE6mV1SjPfSeZpUwCSqh4xKa452DWomqMLQR6lh2JmKqgT +yW/XIUo7Jz079GrQ0lKlAUREbHih+Tv7qVA6l3/Hz8Zy8M13AeXK5exO9OB9qr9RnyGfvPht ++6R8CUWIC+t4BpSZkftEx3dZg9OShIkBHAQQAQIABgUCUgfspwAKCRChcBNsVqMZlc5zB/9L +iJw/P8l20l1cC/hLhyOVCOxVkgCaMCcaDc/bvukkp5kZGQvJIL2ywmaThCciPlQcyKNLGLrE +TawRgbbeKC4LQsBWkOl1dzGOw8Hi4I+P9/TY9urjY2uhYyyF39hcCa1ytU8he30yS9T6acLr +y7l3SCUcCqtX5dA3QLc42WX5b+MqSraOx6vfJax5jSVcT5zYZtnCBh94CvdAgN8fIZt+nDyy +Ek6bKJEoA9ITheXwigmdEyWrUNuhA/Qqky5NVCKDp+GSblckkTW3e4MXVd4hTat9btR0H+HL +FWr/F6kocZUlXbFdUCZkM906A/BAcRrKB0jO3Nl80iyaGNRZROimiQEcBBABAgAGBQJSGQIf +AAoJEO6XheIHuF47L3sH/1hQ8VtfClZIhT5zdt+a2UDlhA+EkCSHVYh02DXq6jz+7aThEx3v +j98gf8DsUvaE0EaFC61NHvh8pK2aycOm9wYSP1cU+6kOrDcGtPIOhNEtT0FdQxa/h4JCj+V7 +KhKeqxw7ahGIQ0N1KzE3jUSuY0QsvdtUbNk8dq0AdxOPZlZS0+SN20vTv7gbNSNk3kj+XQBq +zx/arkr5R2Yna8x3dFLc0Lq9SAEwx8HPxmnmaAw139V1sLBmYyGYdoh19lEiTkfdt9LeK2Z0 +l/IyJoYI1BUMYidbrHVXda7bpXK0o1tZUgJN5963sLFE40ft93+2vPWFVskwhtOuSiHCs1Oh +JW6JARwEEAECAAYFAlIdJRYACgkQqMm2Gb0uHRhr+gf+MP7Jb3IChB/1W817Voq/z6AtBbut +M8SmQ5ds9EixVWsHAvnPGLxNQP+XTbvXDa40vvT3NfS6OfK/QJTBmVc5YCyyxOWgRPxQ5OC/ +OuxzWvtquJkF1WGRcYlD1wyjiNIFJhf1ua61816ge1GLVqSukWgHwWhxX2FQHEwG0ZpZHgHf +gRjvMraAHwaSrcMq5Nen4el+TN/ZuHzcc0xjcF1Wat0757Cb+sEKfWqBsFbEqGcXKPSFg50I +EOUQTSnjsUQtprkFKF2ljCeMlrsVRjrYY/gMu7jD9QbIV/OJNY3SImOl/LCqDB8teA3UqHs7 +/68fz7AJGUYOgEg80mjtz8LPq4kBHAQQAQIABgUCUiIFpwAKCRDOAexgFpkC6tejB/9IPLv/ +Zmmvp8I0Jf3wbDEGA+zeimPYACs7+c5ey0cLYXYd0351x5grZEN3r6/w6BXt529QNKfk5mgf +Edpd9dnDLIoMfDYU8gGp7TzM/3y3KRriOzeDthEtwjlsyyuSevylDxdbd3f8FG/TQ52VOaP0 +Yta3jYCCQZDjZfflX77xfDCIhc7hdfMRUi3uPpUo5PHQB4wkxsSsFI1gmAmOanJAbOORGeWM +1uCJuH/zadxZLS9xeh1SuQ5c9E4zcPjlQ5JiOjh6g23441TpnwH6buzASbJCMFAj30xFh3bJ +KUubqglNYl4JxxzebS5a4w81YqGOV5nTDIJPHUQaL+ddnSGBiQEcBBABAgAGBQJSIgW/AAoJ +ELyK171eWQw7DrsH/iMnPVSJTeVhQnDNdL3A9dUUmnHPqjNCXjL53/jJV2ZPVdv/DweqF9wT +NzL4OMiejrGiBkWm8mOgn3mtGstgiFmTKxO34mCxjgUYeF1Yqw8AVOfwkjB+qnpIO8m7rDhm +jDqVJBgJYGZfEJFRi5cY3nuXs3En0Pplx+xmoXPd3lCV8Xy5d8jbwI4dvsR6TeIa/d5+9Rco +/9ERfjpAcCWr2WMs5tuNIWOcQwCZHuvucM2uoktaL+jmuJ8HpZivQijFCFAESvW4go0KQtaV +xStBr3XaWDmHWZ2+NWgxvbfOK1bYg3PnaGQ8BElcGnGtp7r0AfeToP/AakXyU5WSg4/vjEWJ +ARwEEAECAAYFAlIkbHoACgkQY4QC2olqvaZK6Af+JBnC/tq2sR36J+PxJf0K/KFlgcYBWpBB +Z59ViiEvTOSr1f9cxyMLarPLzkqgGrjr8yUCO5ps7/uwxoinObZkkl/c5WTG4kBYsHMBrZK9 +tyoYy67estnhV3tWYs+fjo7JR7DsmrNwAjgIhKjXgfitOq49CoN/pYdyI71DAYVkDwr8dy5O +YqcoyDicOqgj+7xct6QOhQsK1LAatsl2Gig7cunIvToKU7PVBDVmPq6hq9olww9LIMjL8iWM +pz7HrzRzIkFUW/s1UXUOhZGHfvrzFF2UPy/sgeDHrUOPPYiksI8pg19Vm//8GW2ZkcYcYgib +EmYSgkAxNELsAfwiHyE52IkBHAQQAQIABgUCUiubsAAKCRDAm/DZkTx6+KpwB/9YXg2MZHW0 +7HBij5YrPDaTH3C1xCPVumTMBNNGG7YjpQdAD45qLnJJZcv4YVehgaXX88/vs7qQ0Xo5bBqU +jxS7Ri5+0kK4FKdZ9pw30KvDaA78u2n/2P/0gMhMizkDhCRVggZHWl42Ypmt0qHcJLuZaLQf ++xjKv8TRNBtM5xEAn9QI63qwnzFB8++kRA4dAE3IPJrCStZBu81CiRJdjF4crt3EN6BdwNu3 +WyHc6xlap0dOsfz/OgnJ5yVfiExp6gc0WwLtz4Tu28fGaaMqd/7UHQStgQvK6z9VbuRXc7zF +ESOx2Llycchx1mCkbJXM5XkZoqHwe8AjEULwPURKr06xiQEcBBABCAAGBQJKBM67AAoJEGjo +O1fLiqD/mOAIAMPt+7tiuuEWbJtQSfPMaCLU1wBl5hdet1Cf5psrn0cY7uJsayy+8H+dKelE +kb8gScLHN9ETNIKLsEMyM2zCQQZjg0BgUD+mt3fQMrznMw/GCIVQ7xXleAkGdWSTwbcGqCiZ +NfIgSp+SX5pbUYFS210Q06QEKrVTplNDR3YBfBslr/B989MVspkJvmTT88xd2qCcXKFYQ1W2 +XG05zYQlsjyy/e+QwRWkKFJsvsFUSHsvLX4g2fwUSlnGgIIw1lyQIjDLs/q1ln/Q91GKvk+q +B/NcPgyB3bpkv1navY8MRmndFOqTVGwU97JIBtMYpe2z3ypJbLY/Hih3XqyBHeFLfkCJARwE +EAEIAAYFAkomf8kACgkQmwAFc+oKX7IONwf7BngM7J6BRbEMoWtGXxOpA4nZLss2gHNVStk7 +hDAYbCMITtmvOd93hUeKajupE59Zi8LtjrJdmAEnALgUCcAMBUnX9t+9mUHrfETQGglJ8GOq +thCn+DrrXUJARTYXi5EycKjgcQHmC0AmbX1smk5Y0h1zm59Tjf2o1bzUHVUqpX0QXstRWhkd +n5lS7dHpBDzEBOihOYmOrTs2j/ggGFJnZ/K8tOzJv3Gfii0PvBIpJ41AvwOvZGvN04RymOQp +KFRPDPNF8CM5KlSDvku3LMq63w/wye5DzSG6i+/v6T2dVg0XqIssXnV4endK2rYSJ178D0fc +pKRBC/6naePVR8R3g4kBHAQRAQIABgUCTYRf2AAKCRASY5VFuKCOL9pnB/9qLEsgYfraYJa5 +2ukW2RY/v6t+rHQQofU4/n+NIXQkV8KnDsgA3/rNqGIj2X703YUUxj9kwF/xU7/UXnwqf92a +zhtatwU1uaFMi/Y5R2Y0D4zqHJ61ocOCkzJtDm0A7yt4CWHU1bh008ZQZKwAGPhGSMmB8NjY ++BkjM2IdHtM/u/0lDtiCBrmi0w1goD9T14dN3fW2H2HS7C8Pptt4f5BFPyZ3DhryBRvLM+of +0OraKp7m4m+W2wJM60DdEWizlZJRz3OOyaNqOezbm0WyRBSndpYQWS9K8/eVwdpdPMPTz/T7 +HWzPRoFrNaBHkb3ELN3kw0VluBurP3h3dCxfV28ziQEcBBEBAgAGBQJNhGFgAAoJEBG/sq0c +7jwXFM8H/3R2TH+JuqqkPc0zLFECARwqYQBIV8/Um0CYmnOA3H0x4tTvz6a6i7H7XV4qPKqL +YeVeNQpV3JDWiSnaG+xjwgSw0QdGQRtwclJmaAjAWrJzsIaysY01GQ8Sq+7Yk+CTSMPIWJyh +mWd7S51K0/GwD8L6tfHXsL8RHlWs+FY8dKuuQ+Nlirkgq+ZXUrna27SzdElXUeNUzQKssnT7 +ba29IdnN1ZqReq6ZIuKs01z2x56Jsj9tU4j2B184RoeIsHrIUsXozFXnEkQZf1mYhCL5CACY +J5XIdIzr9eYrM4L0r72+f9H8ioTnDNF1T6+Vq1yBqrMEhGu26ALMfA8ChRr7g2KJARwEEQEC +AAYFAk4h5ygACgkQihlkmujbtRU6XAf/YH5cnCMHa7busYY5CxhdNbSqbagK7fMsHybUm3o3 +O5mINNQHVbhn+Fk/jpHw3ceYRGkrtLSIgiBMwxJHfb373hmDCKsratPw9Y87KO26S5rR1uDK +7catDm2RHxIusTGs/jdNl4eOXxbZGyis2VVBzAKCdB3qecC8iSMnvOGVsO5+oGCq4QskvQvO +aH7r62Di/ZyXATcFfn+Y3gLCnWmokDR253wP54tEDr+E4L7GjXQSSKrYxARybAhJ9lW3h33Z +ZzRNzDmw5N7CrupeNj81EWtqEfb888yq4ZmnYWybnxaSM+aiGEjoS0ms2CMikuRhwaXekUXN +avBQTjgEMz5Eq4kBHAQSAQIABgUCSyjHKQAKCRAA8AMf3O6wK0/tB/9oF9ZnEM2fOZEolFGw +uTwk/+MsYN4gYNBFCTCFOFk9Ty6LVYG0HEUlDuBYJjq52I/Q+ERjD9vSiOi7Q7+dtRgdmqwV ++if9aK4t1AaKYvPObbr5IUH5XUW6Jgk7QN2NZy0UYpA2VpVh5G/m0AWOBjDqWSjnMyzVkRnk +NssdpCd5gXtN5J4HOOxYgV+/Pqt0ACeffRATNM0JJrizlLwLtTbBGt3E9WUlXV2u+PZRtL5K +Pl6wigBYjdjAc0rgkao3SfT+YGCBUE0LBIysgPp+WiXd4S/o+A76vUKRB/Wm5pTs3xWQbEMT +R74E3gQ3l5SYreZbZsCYMkcL3thkGAuhFFh3iQEcBBIBAgAGBQJMyoXlAAoJEHyUwKFLIB0b +yioIAKqudPaK7BtYMm1OnlWx/l3HqeW2BcBfw2iWfBzTNScwclMLiQ1fjuhX7BV/aQJGrwzw +wbG0mFFytg0VccWFyDTFQIbMI3YGP4IqmCsd0Zjd03aMQuKTcqK6wrq/gBppNfSaVq1Hc79d +e4P8o974bkyIcArS27pPwqA4uQr38KoTiKcKsvN0Rq4kIYct3GGTSlRqITgaubpkY5y+2qxH +gD0wIyJUrq9LFUR69z1FLzvogGqGDY+nEqrDZx0SGG6YgRRUzQJNaiOwJeiErU+7ahRRJogi +8FhGwPBZm0JJ1BwBJjq6wz30gLXZs227P627Za9y0n8WOL+FQP/gHQclLLOJARwEEgECAAYF +Ak0XeJUACgkQlOkt+SqqXDvMZwf/YX/NCKrZTy9HHQn5LZm5hXmqLJgEfWcF55kADyVPLfSg +3q88tMcU5qh5yYZ4t1ca6yIQwmqTpfxbo/bjolASAnetJVzfAGgYoL8xR1CQhCttFQzl6daE +Nx8VFB5qQSaUYEWICmc1l5uCHTwNqww9D0PPcjM8oPuriQirhIWaIUovBeQ9EJ0wHwmtxCtN +F1OKNjXK3DYgirmGziYPVBVSkKHUTZrcB1VhWRPWmhU7LNNhX+jfzDWCZ+F1S3UpGTlmAvan +Lt10w9SLdhCALiWVi+eSJweG0E8k2iyk4eU95isSIHz9M5DjpHzq5UiGMIrRzGZk07UHp2g+ +q9bBTpDqlYkBHAQSAQIABgUCT1+aNwAKCRDMIzVcYuKmMm7LCACX/BI6dEYAF6uVfCZs0pNF +S/Rtl2NkANNYSfasAhgJ2y40cPzeQTY2HK0+TSH8QbaYaWcu655r7NoU9ccYoA/pyTS8cW1c +TTrzpAQKS8t+oLMptGZNBODf+Tja0/g0zKa89/oH3Qx0PLJ+SfJXAWPHIlOkaFkXZUvgpew9 +tzHHgMvOkbV1DLywxt/OLMpDbSzq5qLljw0po3M8lkUr07Q6mH8IvhaLKSte0ULxheCAkGYv +EdVYrNRUPGhJ/udrUde5GJBd4my3NvtSOLMgtdUq/7G9wrM7Uo3LImsVlNgHkaHIajejg76Y +1HRKwNAEJZg/fmbhdYforDO3iSiO2TfviQEcBBIBAgAGBQJP8g5bAAoJEAbEKqEo6pDdGioH +/1gaE4JD8S4A55b0Dnqz6jfY10iz/mEtu7cg+TELTxT0bsibxFFPDG9i6s3NgwUQ6/VKy5/f +CjcmV6UgkARj5/rrQsUMfyLAeXKifbEHmvTyRYp3skKWzNWTUKW3csT5wEI3BWcbRrRtoh+3 +68FnlJp5MPzT3Zt11wdjLEiJo609Bj7Zp9knCl4OADVzQBSX8MmdsDe21V7ZQSVSfBzHmccL +lrbZ4ElJBvpkAAfOl3j9y9xra0UWV1Vm5xJIlB3cgdpYAR9YiwNDcxiQUyw+BMv1YgvQ/bpv +p3SzGv8rzN3YWFpibldW0HS/OK4QfMSKCvC6kkvN04vThoXaqitsd1mJARwEEgECAAYFAk/y +DnIACgkQrkXrAt2sOXuQzQf/UdUMcKuc3/eCg4fDyBH3/JwX2g9hLjvGhI/aVsKj1CqRaoqu +ZPIPWHpwqdpHqytEj6rUtp3vtgHDdz66pOq3dBd1YJ3HSyP+61Cj3oei+tsVWbWOJFM+TVuN +RgqZFbOH5MoQAHelREaXvVBv8MDpStxs2p4N2nBpkbow5J3tWsCOH04elKszQXnCPPSwM3vf +ClQ7JCjJZmbBqnFl2bn+jS4sNUPaj9UIP+1rfREUcjyTuemT8rPkdq+6oCzW+rTmWc6hp7gg +KZlLwdmRWQ1y8tZhwQ2xPRsUCc+zEdBGEnXAD63eMQ7s7nTJTE1xNJeA9FvqntitMLbzhxLH +Ut52ookBHAQSAQIABgUCT/63QgAKCRDDmpXKlVYJlcxiCACXZOIC1pGUj0K0NVAEZfpP7iQz +fdMSP6gg6AQNMOaEak/ps1HliZXdEt2UlsymSVCy1rcoYLOMjxkofvaLL8xq9N+UGifuZCGj +4+uovf820Ct38xCT6INa74uSES8MqTah05a6hx2jxRm46OKQAYkrbTKE+kqHvBqpdNyOtNMi +yesdxZlyIQscgPgoKrhghKW1Ebx4BzKi1sKp9/LqRYmdsWbMIeL4X0E407GseoxX7OPr+zLb +7MqNblHXjTZeeb8qT/VszYXRkVe+xdBu5cqZtQAXvkAAbWhoL5Kx8SjmwyiAlk+daE/1dg94 +C7Qy6on3RvZTAcKZxeUpF4m0xooZiQEcBBIBAgAGBQJQBEVRAAoJEFYaFpSTpX6HlpEIAJff +nE1GWQbteyssu7yxurX5qPPeV2gWWnm1SZ3NETqC2TclEVd+Qk4SJSONhXTWveL/lXzf5N4w +0XbMo9AaTsKmwPAyyO8Zu6Qj85lkucsjhVWDAAw13Si/6SG/37vp/n0v+SXcOrl3LQ6M339N +9vU78BoI3dQUNkTYNMOZP6oECYhUH8+U4A16HrtKNMzzPSe2IjANu6rENTP3EyHqvLabrWrO +5bTMrbsTobSTGzbchxCLg6ty+0VV5VbTvrlBNu3C06KZ+rFk/4AHSYzEp7T7wsJEa32vMygh +XVyNgPEhP1LMpygMrkw2Q0G3YAT5NO/ID4UxjtpKT79KNVGvTMiJARwEEgECAAYFAlAx8qsA +CgkQCSgIHf9W0S4uyQgAmNU4XcXgtU/RauqtQx2e2e0XOGceSTFgrqh1qD4wU/H1bupXSDku +9j2v+3IKkvMVJtmHRkQDlqmksDaebP7jpemUpeVPvlIWJmpHg8yNf7VVZe+L/l2zfGxFORMX ++u1JzMjE7HJR1OXaIlpiRGf8hbMQmY77TccaGEaw2nopm51xBHeLNFdW5gL/yWSDOMxIpZfe +7CLlvg4lowzJ5RKpHlLdOI9Kx81x5r3yeW/GoV3K3Pn2AXTkkrt1AfKHzPZTXym149bUu+UZ +hVSgAB6om34tidlIu4PCS5DPvaDaTLekqZON3MxDnewPTq+0UiRH+i1mHPEWR8iBlGL0Skr5 +tIkBHAQSAQIABgUCUM7aiQAKCRCnWJgkCm//0l9ICACsLnCVDKEyFF48AiSglpy91mpgHbIg +IyLvzPLS/YVRaaa4efoBKzzbWvXflnFZksSPGjFvQ00rK6LSr1bPYnb1ZmrUJYMzq8U0g3Wk +aP2aApibkuIaEgz1hgtosNAyMMEhMCvhmdrHTGalMC1IVHQCIBx77kM3gCUpxA1a3hcHkTvm +KAnP1x62zW1NrfjrJB0ce1vRNaBaApfr+7Xw7a7WapP4rJxArdbqQMtAtJe+sLdOCmdOeXMK +ZpD7TAy65TRoX6ffq0jSXtaq5MTKW3Ut1qDLiYF2R8R4bOws0wlfb6x05+npLUrKhXq0vizO +kstyH8DD/HWEnzON6+lAWRrDiQEcBBIBAgAGBQJRYBDOAAoJEDUeyRQgMT7G41cH/0gMUsPz +N+bgDWDfTrISD3H/UClB0MnEXUGmv4jy4ueb91qgXeVO6xHIrEpQbOwVp90az+mnz+SRpBq7 +5DxCBMSCtCZBR14CZ8UCgdvq5x6C13xBv0Wu/6TuT0t5biwtQu4nfEFcBT6qYwrBTTSU9zxq +50V+ZO9YqIP4FeF7gOHVda1q8vtvHlnDtL5UhtsAthyRO0FeOiFUeySLBWxK9PJjwklmuEhy +UN3gBG3X8cI9TtnEsq2bCz/Vml0h9mBsQnWQYxHtuXMlxWsONvqHz98YSNttDl69DVc2jiwx +JmGP6D8x8/g49QoImDUfohjyYm935cTUvkWrOOFk4vJNsL2JARwEEgECAAYFAlIS4KUACgkQ +fbH5Pl2/deLrWwgAjrLdRaFy1XrOImNwOG+gKp/pLBdiReY331OsSxspxLdtmQtJB/3bWtTs +zj59Ezlx0YDpm7iRTgmQY7Wqec3MSfOQpEPm5UuQqNG0uMd4NHafYHjqnNfWgzUi+WdEE0Uk +EInrIyumplY7g97RC0PnsdFosfX2i9k6rvMvoR91FEzzNght8m11IbDdX0Z2yLqxfc5HTJyT +tC32TP3QPRiaUjSVFoZRFq463xBIAQ9U3ZstrlXyi0Q5PFffPladFDAMl1uv9VA9o6bSCmVR +pGXKCro9xzqbPuP4BtmGpYNdl9xymhyL3RYSXfeqVbU9ak+gILk+ruOCQnRi/aZfU+Pdq4kB +HAQTAQIABgUCS5EsuwAKCRDyzCU2TEhdRiGGB/9d/BLVfv0ynOGm2Yjf7IvfES4JuKHz2jUW +Cx2LDccDK0FpJwvgcKDH+u8RjxbcwFuOPPJuFqp6Dlnx37FX8MO/ZvL3qFQ0vXYxnoDtmyDo +iLN4RoahLNLjjP42ufVrwZAFqr5gbxxPbZUDyEKJlJcBeXb/2kAmWH0HlU1/2uIM2L5F4tao +gJi80SLMwCjMDzt4OthCMgtQ5dHD/ixQwf6Vyv62/uBgZk8Kj28AFqqzJfwShxl5qW1Emu0U +Oo7qz1OM84HGkNbJLObup+GMezlzpWp7OzFcBlTefJKpr/2LfH+QhsXJOwMBZm4NAcmwsDWy +Bwxd6mCztk2SPYTBgahMiQEcBBMBAgAGBQJL+tvVAAoJEHfHBUQAT9DMUF0IAJWWkhCSZUk2 +Lw0TILFigovxDWK/QTd2pDCdsRE+rImSMexCyFqz36SpMFmLtBsh4xIY0/2dk1HVdJMO/Rko +GjGkhbG8kqyglRk7TrmH4RzhbU0GdAFI/uK27eeKDZKYltDvfv7ms6mMjMFWI46++JM+L/X1 +yCYbD90oiIXV6jrBuqkydgDj2WF5VSb9M99LJnCJCIMYB2sCQYEGGfCKeSz82bdDONqrLG8E +eWin4kaG6QOi8XXbgVT9N227idS6TkwSq2VD+JVg21sY0wUP98v/QlKGHaZNvRyitnh1jof7 +/XfTCQYQGOxXEI04McEmB0m6cLUme09zhRh+TkLM3amJARwEEwECAAYFAkw91IsACgkQMEIz +b5HOwq6TVQf+K4nttXZEzGq056XRjvZkYOXdED4CAyPDfajRQ44cgh94kCs5g419xeID7lL2 +r7LEVW/tsHcH7GP9TdXL/Hfqr6WWMP3/yTtik3wNTEyHGKLmlzkIGvhFFN65wbPm7lSfHTG+ +HnNtkMsuzZ3XudZJA/zo0OoipOX303Jp1z75pKLlXq3Tr/9kESMgMQPAMJJ9rYSM2+sfRys9 +BZrE5admT5d4NRVj/ySIa6OjyjLJ25Yqw6E+uGkOda9vpUtGt3idI7LuxPr/guq0M/Q5yCEY +wZ/peplYlauRTt47fLmUbBqBw1RYyP+05GTLVTz+yvK9VxQQZBvhg79czTjspoBPfIkBHAQT +AQIABgUCTMHSKwAKCRC9wWiI5iz3zQ+gB/kB3Lv/TO8zb4Ot24e6kTTc/bT4SpUmGYvZjv0a +WSUqxuEAXZBtlPPNVlgs/zPxqR/ZFhgrseSQKpsTIl7oeOfVqOtzjWm9jteamw6huqLuiMCW +W7yAmqPBzsb72mnVfQBX+lkxxtj6ULW2IXt3WeLzcQAopEhDEq3Ko8gCsFzLJCklwWl8ZER8 +idLyQmVG7LXyMujtBgOB4F7OiySumJhcdUJWIn0aXGuGOt43x45We4JVPSOAyZ3tnNmIZVtx +VHSkIzGPsguiGKf6lFsqd5QxN1XDLkwwZw20FiV5o3WXBpPHZTf49SzU9mz/lnVYkNP/UIRY +reXiP+KeeDfey4cliQEcBBMBAgAGBQJMwdIuAAoJEAB6kynhaoglNCoIALSWyMl8wVRW/wz/ +rY3FZNfcBqTcHi39gZeVrWszfufp31eYn5fiT4LGk4SvmjP613uwsobJl8UhGtv0dZ38/KdU +SorqzWbtVrI4aWeK3kPrMHeut1jloNBGK0DLUOiPbRgZtKNu4/YoTXBfWh2koZqqceDpw/Ak +qAbawKj6a37nkR6uThF6t7Phr9sq+bgP5u0rqBE5NLIdMSkSDNPDk7BSQSLssmOJ52ktrmT+ +koUqp15Spat72Af8WV6iQBB1sMqCJNGOTqSKIREpCTMEAbB3ss2Ln1ScFM2C0Be2ArIZR+5k +iJ+fwZ7WTBOg/vePu0XnqqUBAmy9HiRNA13EuoaJARwEEwECAAYFAk0X/xUACgkQkjz7RKLS +k9HyZAf/Sj1BY8CcnNLEMe/q6Shx49N6HaTohhiQ1YsQlcZRRYdxMJj1Sn4fLUJ4SzPQmFYN +PRkSzkiP9JurUEJQ/RBqDfrNv7KEi0M/D8tJeYeNfbJU/6Q08YPaH9+zYCY8C1dT4Cb/4dcv +dRZeMCUpnO62yODM6np6sFdpZblis5k1sBxF6klwftGbpoRwekpDW4Wu31WoI7zSZR56UHAH +ZwmoekkEu+6UmKwj5k2O0Ej6E4czSeGPbde6Tqkud56GKve76vnIqhZnIs/ycjr/XRQeN6KX +r/HbwCpjbIImal6rHiKB4h47f10yPQxHMUZSW92njH3dw1nW7uni7RIA8+qy3okBHAQTAQIA +BgUCTSZ6BgAKCRD8fVpqr+uflu6qCADdX46NUFTqNzs0cPIm/uhgx/pVpFqdUMoyReBMj28r +zjquw6m43yAFEa/MF94zJEeYP3PKRycDEukwS9IEMADss0iL7ZtgT9kM6LOpeBa72ppmzq5d +PffEnieEVxMP9kPaKIsPOeBAhHN3aKWDitnO5Yf0Jf15+Nfoje9yWmDn1rPqN/QRGBnVVKWp +aR2EJryDI0W6NMSkmeZAcMxEn2jcYAL7/pfrrCMKHGsciTkIPnZjuG7WwCK4bfd2VHz7km8Z +evi/qKEhF49CfW+Vskg/u6zwHzf2jW1epuTBu/6MRcIP5A82oP/goEue2y/+sRBuzWOygeGF +Fbm9+hj48P9SiQEcBBMBAgAGBQJNc47JAAoJEP2rZMf1ejSyKVIH/jCe0SzMrBmG0/aqRsr4 +mtt8ExwZVs0oiBaVIBn7g/afylTAKUW5+7bRXxKMotn+e7xtniiBjnEIQjzwbJ02+hYa8HDD +oRPCDGYUK/pg4zwf75QAjQ/2TYkZtZhnSDdUzQ9rUrg7vv+jPdfYAB/cS2vmEKSyAA1u829+ +7kLECtrjtM9tqumXjWD6XYHogDsrh1IeIbz4/gSBZB2UZ4Ucv5KIyVoid80PdhFm3hK3sB5o +pJ1Rk0JGGf8Iwu5OQGDnvBFEuxQ2Lnp2FAtST0RgtyX/vAh28aw5Jkh10ecLT0bdDAspfpdi +mBfVggJPU3GjR3pe3voqBQi8LJr7FdxRwrCJARwEEwECAAYFAk1zjv0ACgkQZm6KXZN0+XNf +Gwf/cA9DXMlO0zIMGXdb7sv6i459OPVZmv+l06B+7JTAnNpe04nRG6Fmr8W0WpC0YGeM+jQp +FG2xv6awa18jmfcTrmNfs5SFl4y1EgckfhajIuFPJllNKIGfIGZHva5q1Z5dQ3fZXVsECBey +CMjot8tTH8eQVZmGPwxLQrubM33jPrqHpPvIhZgz0AAAK3lVqP2zjvSJ2syZ0VmtdDYu06Mf +8INdXKsaL8u/2o7n/TAbkwg4glLh1cjWoDrxAqWHMuHGumwdMwyPfM/JRVtjGUWiiaWEWKuJ +dqSBfRvS98+lGHpeZ1sLNEDu8yE+vzWL7ObyVrrrslfs/E8PdE+5QYj1F4kBHAQTAQIABgUC +TXOPJgAKCRCYlwamPt61cyxnB/4mQWhW6rpFnsTQogUBc8X0TP4g4H7g3ES9HtR4q9VQFXJT +t0/YEr8Z7M02Yv9vlfSuxKOGYfneNu+jMFwap5K6d79aTyZwTgwt9WDBG6g49U7fepJdKPcG +gzNHP3OsQlj+H7WgkBZaVC70bE0T/kC99WSgiN2yaZJ/qKIaqPco9p4gbOV8gMtn1dLAzGlj +7k/mlzekUFc+tNmgjgtrYGWb1mS5022qFW8uMFPLvH9EM6drscerbtkcGtnhZ8zZqYR6+jgh +CYhcLKzCu7CSnXZ+IrxdkHB5gI8hBRVNo/ORAkEtaQiZKR5VPeMHHefcpacVpmOHSpOK+EUh +QsdNbm+giQEcBBMBAgAGBQJNc49LAAoJEF+xBrqCrODcwO0IALh1XE+BgO21TwO2PUOI4Z+f +KVV5qKJ7ogTuyu3Pkf1G5WtfXeI5wPgmMzZdWg0+ucUJBRyyc0DVrPUsn13ShEN/7uE0u1sp +xC9QdfDzY6mtRZxwlCWg3nWu7HL1ye0a5JNU5rJil86V0Bo/8gJYuQ7yisq6fdXs28fDtmaC +rQFVWt+6Hu58Jv1mz4F64YMDcnS4oiFlRXZqJQSc3ll5I/TuJWNUl8wRfA/XlXFAay5mPS4X +9E5FNr+JwcunDS2gAhsPhRsdazFbgR4WKl8cDmdcdwofpHCx8UXJxL93AvFtuXWGb8ZjL0dh +ZJy2TFiRLlMtm2yhdYSBvkd6uf8qQZyJARwEEwECAAYFAk1zj4AACgkQVNd0mn2HR2sVawf/ +W0kyc2sbKX+NsxvAFTPEwF0aVtmGIWJINcRQ93LQdrsTSl9AhyTtNqLDccHtgR2ZAIBcI86N +1J+CBIA4JDK7p8t8HEVIDPylPNSSzW004q8BIrtgXij95E8aMlZBEqzwDALRVBUX6BSazbp5 +fmgwryEdvEHSNfBZsA5CQ0pSFAONSF+nQuMSeYHSCPk6Z2hQc/2kaBDK8BwFSULiwo3Xr5BQ +sBOn33X6uv3BlqGtaZBeoCKW3/NAPQttQOocMUDcEXMJjA1ESqzTiR7rbzQn/ESK1QlUg3xQ +6ep/rEKlymg4qCVuCyiYbxmS1wvbYP/KbSVtKYWTNS6YhMZkJUCmgYkBHAQTAQIABgUCTXt1 +SAAKCRAMMpcLHQSJd8EQB/4klpbeLTovWEBf4tSwS3ACessKVf4M0At+GpSE1cvJI3+PgCVZ +UtEiX7HgIBNoEJnJlFq8PkYlq3jZkbrPP0QJy9xLNzR4tkgnJJtajrOtujAH6PdKq+baoc1R +qTDNn5HtizNCJFSUnSG25wPgecCuuX9eJAsYHl1G/aNnB2za+Yo4DCbF8Snb9jx8bksiL4sa +SMSqM8WjvOdDNu+vhpmBeFVvA7+OfTj/bleWBzFPeucSSPE3Ani77TeApbjQQNfoyg7LYXYg +X+HmiPXC33JK7225ftc8YyxLaD+BJcMkdGuIeEa8/P0BqsSHCY1JOuzu4uruM4z751cS91KW +uPRoiQEcBBMBAgAGBQJNjYRrAAoJEEK7TgF7LZS5Xm4H/A8ueTji1dhIbZ2o9urejGJbYigo +7zgsJ5bo75a4Q3nEhXaZXS+LosBnFNmtbwOX1u6WufRCzNY1DCnpMPG5U+0faF9WD1PXPNRF +vR+ZkrPm4IK4XVc4IUdTCPNIo4ca3YkoJpBzG0ocwi/3rLoqaZQSa2tjxJ6VIbfrlaQT81gH +NcExmU57Pzc+uHq8vXV8EthRGSOm8nIH/fE8MXGYD6pJoIXSTj2Gr6N6mmV+LnyAtdsbUOl6 +8VRScySvMCDzGvrtSWZtwUV0+7OCJvPk5sCQTxGIw80UWVIQY7ANkdN83sG/ia6/gKBHGsNm +/06zg9Je92bHUfeKStrgUHDB2PiJARwEEwECAAYFAk3DUCUACgkQKXe+waxtTbrMzQf+IdTX +YUNB1R6behi5tx5XJkOKrsLktOJxwnUcV2P4Ybs/mlUG4KCImRWPoETJzZlbgU0nT8kZHGnC +9D0sn0+GN7WzXKVUnbXqtffE9tDM5xUtq9m1eE8/2r/nZS1tnYpPj1Ogfi8B2nIJjWJNtvuX +frPSaDlzg9P6TvhVk6VCPhsRtenu2XEoFacfjbrIHQTUYAiBrUwLrAJvQ348EwKhzYat6pou +iOIdU3AEsiPQy3y+KGM7BvG9/t689VgRWjok6Qylq/UaSc5M1dx9yEXpXO8a/zAoWsZOvd7v +zHgQtGbA3ax/iBpAlExgEk1Bn8n7N0ELXHGY9qNI8ve+U8uVx4kBHAQTAQIABgUCTdFd3AAK +CRDDfIBdFksFLLscCACSUK0dfjwOvYjZykW8KDdxTWALyRVe9MNfSWuBimJZfgsHlBhgI/8k +k/SSHBxEOiLy4Tt/wuiynbS93nrSA2bYdP8lXRxpmw/epCHu5ab9KUE/EQULAJqhfhZ5ub2N +o6T0ryDDLTV9Vw5WKSet6AB4MuOd0r84Q76KITjMjwN42ziB2/IuVaH+lEMtYkCsIOu/mdFf +iI7i6qGZU9ILiijRIcPQG4XV+hRZ77f0Ti5TAHBeWSgqUk/WsG0meVCaoye0YQfD/j9nAWVD +kJlyDY/wmtyYb4g4Jg/LuLOFx5FIxEuJ35NO9sTR1rJl+Bl/uZFUaqBAZpHrDiPPU8cK35fi +iQEcBBMBAgAGBQJN6C7pAAoJEGHzFKNyx/hVXLgH/3l9yY6VA+24q9vhIS5gE9JwCexu3ZrM +kSrdCx9anen+v5CcpPDNN4n6dWMLf1xxUJOQHo1Lz3/glYhoMPjJX6eE8kL8YUVMmCPGyq83 +YhwnfZSeR5I4ZEg36+gq7nivM0vU5bnXyyMiw5rTMySyLjTNvj9IkGMphOjaXtvQmkQM+JFI +Hh++Dh3okCMT0008YRC5PziT65cKLezKnXP+1wCIKGeVCMKPcQySN5yBiFZ1vkudD6U8i+lq +Tq/CQpI4KCaRm8PNC7V6/pk3qUpL6w4dUBVp0Y/qUnJYaXsDZrL+HCOQkRoSZ7AnZVzGLYjS +5QibosNJLqYjYUKXz3EtdVGJARwEEwECAAYFAk5ERJYACgkQHmfBSvGdHr0jSwgAh/JIATie +lMugnZLXELExZnvQ69or/Mzcl4Vka3OnQBBZ4A7qubTIgIFVz7EiwNz/9KGhW5+Mg1eMFwCG +144DsDVXEa1JO5WhzjqSj/+9eGqQuJSLtwPEdCr3ZC2amIMhqLK7YLq3MS0prGpE1cFfeyFr +xe2Q8RnjcbNrsNWJA4V1JE4HzHiE7GCZFrv2LrHk00BZmhoINKdAYBKLYZ4kiKnguWsz21c+ +1wkNLPDZomgij9ftKTkrRVIiEZym6larTfCh93iLPTYoSd35M3laaW4WI6FpnEnpV+1OyRLt +h/VARUnqa8rnz+bblKOdR+40b4lKAGaPsezoBzli/bfL64kBHAQTAQIABgUCTnDmFQAKCRD5 +c06pjSw8fhCBB/wKGrQiIdyU2K0PoAzEuNjl31+KVxYGi+VjsQ6q8SrmbV5SeC+btQeNRTYP +nSd4c4pdkJfCJ2yAUAkOiF/DoRs4tpCZLHIL8JX/VLyEYyeHvhA4oqx1+jKHkfHCXiop4M2s +Dd+q9IEJLogC1xDtEloyeh1TPtJ7dSVkzwXmc51e7QC4Xt3M43wqyrHgL+IYuFi1sFdDbWw7 +88lRbnpfFpQYPbbL3gyAa3jQ8cVmKGN8bG/BYlCDrkiVz0rRdy+uGyd/vkwinJbYZLqepbJR +fW2hT3A3b1H1mNXZPUJjpG2n1fJMmb2PXF7ashU/uYHoFuzy6SXzji/+s1XvOCDNbFF6iQEc +BBMBAgAGBQJOhTFQAAoJEMCU7cjFW0STjMgIALMsVKvDPDyWaJzxV8x9I3J9YbDFN+Gmm7Pg +JVWS1WC+QiXZC9FXd+jsX2Y36nC0XC+Zh80mTEDhtE6+RwJDfMyhtlOTyaIlwObk3IpvGtUf +K394ytTeNpnapUkf4ORknIuj0561RzLUpQuFYcqWNpe4QrMlKFpYlPFiOmxgJyGVbDsCV6TJ +XPoo5MoEkuind1VJ4TGC4VY+ZfN4cxDWmN5NfxFbmy2e84R7boUla7GszNcrBpPHVNOks07S +YqVwCTh2LQETKE3RMNHVibh9e1ZiaGuAtM69JPFjbXNsO5eCd2gBZhTr2TdQaJp7gky98MhP +Ky3Y+rwmqOZKMwtAfOmJARwEEwECAAYFAk70UlQACgkQ4xPvO3y2MfDp+wf/QnMN+/5YNhze +tFORfBXFXE6c4t5Z3jjJCtrElyKUFgukgTwbglEMpm0eS1gK9iizYd+27ABpD6cHTygStYtD +oPqExR0Q85k+9kwycWhgMalscIin9i0h59kf2yKMT6gO8GYaO1JmYuRbziwSLd32ft3wYecc +SoNsmcF8CL0PAWYJL+ckrepOHnt/Fy3kb9P8Ot2xEUSoQCaC3YFZ1oBuxsiy2GLkC56UZsqp +P/84ZKbHy7eLCkbKsaUZW0mKalURS+mAK4D6GM87mMECZjnkz72/OBDidk5GRFIlwcIXDVDg +hx2hpidymuJKdn0mUEt8FuyI/BlYU+we0c+NBvp81okBHAQTAQIABgUCUDBFHQAKCRD8mCer +V2Xp6br8CACxQ0NCeq+4loARfpIRHZLuNbWIM2zwvEtwpW4ucfcZbB2vS9WGHPzgjmBFaqDP +LuHVMDlamnKp0Wy0pcNOT+RrzocrTSOS+QLnz0Su/iq1oftbGU8iLJkfpSwKl2jhH/zvx6m0 +IRTHFhWq/Ni9VVe51cEC0M261YLgmNRd3u4EplkGEXFt672VrRXkq3iB3WfwE+NYm4zo1UqF +Y7bfR0aHRszdiWZflu1dgakCvS65dXr4gVpI2JgIsdFCSP/756e34ATMHUJJjYQURUeiYt3t +eC9y39PLYs3cEzCRwadC6KUCZJElEcnf8mzHMh42vVmzUAO76wwq5Z4ws+DpHPQqiQEcBBMB +AgAGBQJQURAqAAoJEHNYXCzjNRrNySUH/A5iRtMC+GY7pTFlKT6k/RQx4N5LwYX3wRUJncYE +Eh3mZsseo5A4oB8aqaLH8ba5QfXenydyUXr1nJZfqmoge7iPI1XkC3kq0RJ72ACEM3zUIOh7 +8YqNjrt8nAKubsPzUoEU9gWRqKGYx55lwLzzVNGYhhZiw1CLdmW0ihsvm+OikfuHmL09JGAJ +rHf9j9qvCxrMLRS+tdXYnaTNUWCaZa2Rmlv2sBw8e7dFOPb2ynSENuwK31nIsZgCMuzyyFND +ObUz6zV5AKv2EsMwbzF06vxWKsA1oaYfme2YDv6Ayj/AjepbQpzjvEgBbyajMa+b1N6x3gxq +GnRyd/itWVXd1QuJARwEEwECAAYFAlB4DZIACgkQv9pAFE1glnMAtwf+IlNKTQuKmOcjagWX +E/Mll7AcMu0kHkmqHWjr5rpvtzk7oFVyo6R6qGoRBTE+ZnVFg7o39K9K/K0o3kjKO/azD8As +Fgh4m0EkBdTlytKvdgytd8tkzEqHeRAC4Nv3Bk5A8Sc8kCKcslIqAUEfOZEpWZZn4eTXCTd1 +hnTbX7F25ffeLhWUq8bvmuaj+NV6VK3p/o5vqbCYJ60GZy05zSzOCygJss8pFRkR2wZuZpHw +tBQVL7PSQahzgpwGQ4iFaRD7fE1E6ksN3KJ9M0ZrDQJzqe+moEPg8nKhRyyYc55kmhjxdMCk +foeYOm8Zr24UAM1Cuc+n1Wn9BmB9FtdKpC/lzYkBHAQTAQIABgUCUNQBTQAKCRCTFtXaYIso +9DmBB/96sc3EH1d95I8RukfOOe/rRr/68EwWrVXQWpXeU9EwCdhXhMoRJgKkf9/hms0Wbf1T +Z7eDYbApnooqjnyd29bzW6SXatUX76rgyDOc1ZlDKw46FPi01y6ZAbW+FntnJ27lj1Vo1BK+ +d6CARV1FeviVLABCLUf7BLyMXwEa9LWsUuDiOOrIjoQZ9y8bi6+nwJLdseUYudawHfvNResk +jlpOMTxxeK1RmV0xs4xWtyAJp8x2MRvGBnjo4u3y5DXlSZaI7J28DfYIckiPT9hyjLZUZhSx +EOqpUKQqZJzOnE7aNHMN368Tc/4TBsOzAcLaVhQESuirVtw7n0zA0GAXGdQviQEcBBMBAgAG +BQJRC9A2AAoJEN8AMQ9lb8t/sTEIAINMmxrdd0GAELAxb+Y+sZqJTLmwsBfaR8acDTBLbp3l +k37UXkGQ48FD6JO/PjjBGRxNP5oGsJEy4RRPWJtEmC4RkufcgbjD5vHuiQpNCaar+NUgzsJF +RQQA4gGa+O4XDmMVv6PcWPep+CrNlyuJqe0AdFVMKn21AFTcwsH6Gg1dEKfhbGj/hz5PTw4+ +vXKz/AHmQ/P0s2N/A+AXaIOnxNWYNk8a1KXFM6AiIsaqHY7WndY+31q9tcRSmB3B1FOyynn8 +pY3zKJO8BRtHqSuEZpSTkH7JKPW2OyVzp8TzF9x6eHbw3LUdi1E700en/J91Wk6ddXSPWu2F +j5Ghn/KEmVyJARwEEwECAAYFAlGq7qAACgkQib0scFYbUwwXWwf+PiXcHiTTSx3OZD2q5T49 +dyf2e0tS+kc472GNbxnHQIIiwmL6lJx8eu5h2B795jE58xXVWN+zio34WP0KlCTmnoNUZYxQ +FiWY0kzDp/niugoHsRADfibud+3wF3r9faccp47qh/+L1yOqV6d7xINmjyaanpGGfnum/POH +hBUv0E0sbJOf36g7olvyCkLD0gyRGRK+MltqWX6XTHeKAuk/SYsK/VIIVQ8Lrt/r/XPL/PPT +yT5P4cu2Cb7EYyfc7I8YfRuPyh3IrdPsKQGW4QesFGRBiY1pSyBX1TDQ3mYKMNIlY8gwPHsQ +5DSbo6qhV9fjeWnpQBjk9PtQuSpUkh50cIkBHAQTAQIABgUCUbCcbAAKCRADcLZBrE8fcnWy +B/4tLx0e5OJcJ8UL+y9fIkJDOBFcQjT/FRpRKWPSXbwDpgal3vPL2ZLa419Zj1+kD8jqcaX/ +HcIV9TTPvO2HR4LXFY7Cmwghbz+tBZb6XOIvWmg1JH0wrGzs1f0JJ0+L0VCnWcAQ8Ps31fWt +r3MCAclYu5M3542vnWOuQgaaaHL+B7o2oRBoF1Tv9sHCYxfOfNHv9YLCLNG8/R0fxNUs3nka +nLvyMsNYpCzgUfMSYfFuG1aFYsvz7YBxXhoDZn1fhT16f+cbOz5HIgGjiV7waHlzNliczuiY +mvUjQgSrFJgja//iZ7bqeDWTMarOTcJptDmB04sLs/8TJ8X3IrE6vGDkiQEcBBMBAgAGBQJR +w5bUAAoJEIeJsZtyvy9K56oIAI8dhtf3Zc+w+boYJW2i5TIOqSLj7vjzV2BpwNnv/ICGFe2H +5WQ48Jsk1vgs9B/PlBNTDTyXJp8o2Cv5ZeRLL1RPZnda8EoJskEEZoNz+w6r1D+oiOwkK9de +Wgrc7dfb2US0o5MfQmgTZg7mm4Ztyr2oZAx5qRLCmHnPMoEEySZCGobR13kg2iXf71Q5mEBn +Z70lpd+p1TEhMC6QDxYLmpbHXFh7wpmHZP8E7YIaL0Tre4a2IH4qfx7Q8q2p2yeF9EONqDuT +d6SLB3jTI6qo0AZruouVZw4o9O5Jh6bEg1bqHBk1C1iLYo2WvLJcn6ZIu8SwTZtn/Qam94vW +i6sI0/CJARwEEwECAAYFAlHDlu4ACgkQ5uQU5p7Q0o47RwgApR8HeVreRTVvtQVCuT9Q+otO +lPYWGJ7r29JgJXDo3ejfpHNmQ3Gc4aTnvm4wVHi+vTB99TKh5vdbmJVLfuGufZvnR9zwZxaW +g/d/il+yNbFtld52ypRUDG0dytYyaHQr71h8N6J9Svt4ECiF3TaOPIWGxHrV85m0FzomNM8j +g4vowxahkRdfdJadoruvivVO9ngIadqS6UccovBae4u/XsLw0dczcd3HEhZJ0Cg3QMPhhaEF +DJVXozbZfr6iEDGY/nxUY1Tj5vQy8xD+STU9Hmrv+n4AQDgAdvHmvUFAIla9w7UteXsEOlRF +V9YhWqCCVBhXnPvqOh1ZT/qoR9b+fIkBHAQTAQIABgUCUcOX/wAKCRCIjQZ/oKER3qPVCACZ +oYwFR+yN77E0cc+ntvfDe0L5zT0boGHJREylfP5uYPmIuvUt20f2PPWy1bmZiRwK+LYkGbM7 +I5tl8NmllXmHI8bUxLq5A5pH1gvjsXvK9tqds4HCUjBAFUEdjv4yw9siJVetRVteMmcKXoHc +q01/pdVYtL8rd0JZBFOwcXknn03vgGHds2kmSpSc9Fb+uKuzoE1GdjYnIf8EcnDQq5p59ScL +hawSTl8LU4180NzY7bA2jsFVmaOZzDoeACaIrgaN6ygLC7NjsSI1wUljkjeeGkRAjjugBLtV +J47ACMQedIR2Dz1oc7RBoCOCHQLWpgVGr4Pw7tQFTc1VHwHmH7m1iQEcBBMBAgAGBQJRw5nk +AAoJEIiNBn+goRHeaJ0H/Am/1wyP2eC9PYyXDZqg3pToSKwV9UYKjZ8WWBM9Yh/TjPR5p7MO +nX3zQlsFwXlr1A9oj8uFCf5L/QJBnTGzP0satbr/XHbTwVWR276ChqlW8UKd/Lbp7bc9OVJB +tXj5KZOms3WdLRsLIPRra8OBnJdOo7oDRue3Z51xe1hTCLsQmT48cXnUIvJRN2jDKLvYe7s6 +QFwm1P8MEsfz+EyWAo5uqOqiYhxpl7iyI1NNecquptwe+7PMvT9W1FHyy3B/cGGRLeTgn5P+ +BquFqJCxKsQhsGshkZ8pDqOfX3LnZFeCZ7TDQoCtkbeqETJXCtV04x5OUKn9sEpaav+3G7VM +AkaJARwEEwECAAYFAlHqBpwACgkQ2HYuzreRHn8gKwgAr4hdyky9fh6IOhMWpd+eR/w7DVRp +iPGvP/Kfpd27Rp6JCrnT9sH/MM9tEYidDTMPwemYVU2k5LmHvqqBRybNfXEJTMaFAnxDM6oo +9it4PhSWUppvSdUR+pDGt7OyhZW62fxURNm6hCadFMW+FbhvQtFVtbFj8R+MTTZNLBq67gxF +FjbJZSooCZcWQKihW7q1SZeF1XIP8XnP4UCG8fS1Cp48UBjIMOlpYekV4fzF2WnPISKjtxHK +JOvCYoViMpj/9/sy/oxjmUOzYGwcmG6OI7KF8VGv5D35/DKnpMG/HEB5d7PfkkPicO0g6Umm +X6F+rgv/U2DHIvpCklBxB+fIHIkBHAQTAQIABgUCUeoJfQAKCRAEoSOHPladnvwjCADEbZ1L +fTkzvdkwLWgYd1qIXckd/kh1MRaVue0TL9Av1ILP7SfqFi4PW4RQETFIHVylaEvCz90+qe3a +YPitja/pa4cMTVg34IaY3tS6hbzSwcKei6EVzi8qVXkyg/xBWFeBQlWXRSjPeldB/V9AQhzb +JW3usgTpXNk8MMujKXprwtgIvj0iddvaRu6/joSEh7WN7e2qgggqdL7w/JwmXmiqKF8nrmOi +5nTdaAH3d8+ImQbIdzgmznzScOpPHiMzMo1GU1c3/TO06gfsQ3AeYfs+FDXwYS8XsbnyXyYr +ZrFloI3fm2Jivsj6VrI/lLGeoThYiupaK9r/+XszRDhYFouCiQEcBBMBAgAGBQJR7ojCAAoJ +EBxDf2LKZd6ZhsUIAI1lIm0f6zhHsJN6oP7aBRuPega/5mHV4Fxq1UsOEwgfPFMur76dRuK1 ++AqZJW5SUW9X4IJ+V2ALVt+Mvuf3I54RuHxVjrGDAaWy2WeNuyKfSjAzb03MYraxjf+/tDoi +a7FQPubbDVfQkEETFjKZ4Gy2MtvlpAn8cAtXv3r4BhXZvIzFjhySYSQ7RDSaEiEMvLctPJma +KdfVT1JV+vG4wMTO/BI+qov3L/5/u3DxMqmqXaizO7S2zShzrhnO868tVy+B6Rlrmo9qtwKB +301m6gLarXT/exmy5OA/X2PHWWAck5O4PYhoTpWkgex9wSk64+iF0QgkeJLnzDanVdhBhSSJ +ARwEEwECAAYFAlIWlK8ACgkQ8eGzOW2zVfpzSwf/TPJsVvNfvu6fPoofYvFzqxI1BZ2j+AYG +pO3ARKAge7+ymJYzoMY66z19TDnahTpHGCAbFM2zP8Ho/J+vPgqp92CcOcTO9nKcdrw9/xBC +myvnSUgIkT58OjvQoWsQcB6sONmkqJmQ5MjiGFb8/Ix/VBmuZFLFHSULvdtZHhLI4hipEGCx +53anlilg+Cj0OCEaVeNIgIrsi7fcMIwjQTU6U5Iub1Ikbzi5bIVqgPgY8P+OFhPF/oLOQsE8 +eplEa0i2BnhI2eOSSM8eJaa56niQ/IptBUK8vKhJ53hhWXHF/uW4jlLDOw0QetxH2k90diDL +AOoOlGtQBRn13q+nZ8Uk1IkBHAQTAQoABgUCUfpOhgAKCRCKqQRLfrqiy/uGCACewRprCciI +ZJVFsixHIDimlh06ydJ9g7DgyWMd5IsZafSJ04ks4ULNFJaBon8I/UWVMstN0pi4l1UJXPqh +Zjy93ZhPGipAIMfQd3UTxm7qZk2DJReeF39srrUbo/fbcUZtY/iCIM5Ta0mzUXIeMhhZB6+V +539Hlq3Cg1gdqhsAseSoSfT6w6I1PyAYhhSIf3SeBfz7JkY2RIRMEqwwLYseHJi2IxeAw53a +zu4aCetgOAMvgY2zGWUnwVkXACLduMLG9P7yfucrsgKq1/ZcliulmT8K9IJ/UTBNNNOUVcqH +VrhDm93XhvJciG7UYFAzFrIRmWvpK5ZPDKS5VZeCK27TiQEgBBABAgAKBQJJuakgAwUBeAAK +CRD2h4rsq67uZmsUCACwndGv4+OOh0dt3ZS0h1uxxdPq1KI87NP7xS8ScMHhpbEy09aS5MgS +ZlHoIfFqnTGg+r8TcwGNbJuKzxLuW88pSOA5wOSlu6tkyBTNwZAMNtKyLvOOsVK9tcHJg03Z +GVa0lKZEsBZo98sKlLD1SczL6q3IDzlQVAsuj8kifVN6LOiM58+jYviPrqa0BNwKUq5BNvgq +EiuYb7IKzgCMUTy6dXhhEMLYSagQ4nRzJ/hHfPCi5IkBzwQCTsefdDanGr2Ur5NWWIBRATeZ +EUbp2gKJPSrG9U0pd0ct9pzeDZPY8dSMpP0DHkC3lEv/QV1T8LerxLZPniPhXxhzLFalfNas +iQEgBBABAgAKBQJLs52fAwUCeAAKCRBT9YkEq85l5EFCB/9V0/UrfOq10Zd9PpmCHm+z939x +HYZB0hc7OKPmS8DMYcM48P5L65pb90VdxEjCyk2FIKgSqKJMwm9UXBW/jKAqqlZrlT7t27oU +IDvZAZrSgc5vAFnv0crJle2SceyGcBMxuUMamJHhFfozaPDJiwXL2FDnGMrLahLsRv9EN3om +ovW1IUMWoU13Kly9eJq7bhumQOhDUzUlQxUzkp6dYAySGqQLgt5Ed8Zli35sIqjNG0YKQmSx +TJFPLa6N1nh852Z3EPCPPDZw++qzVj8K0sBkKYN7r0ie71Rf2JgDDa6foMtrp0rclyYzp/wH +DOMBNMczSIsI0lBwyQUqPFhzVwyeiQEgBBABAgAKBQJQt1/WAwUBPAAKCRBewez6Uq6c7tkd +B/9Wpa93LWkSa6ytkwIYfkjqCfAt649Ymk4q3eaTzJLp+PtMxZ5t67KZBNMxhF/23aPjn00w +H9pYqDOvXDZluUie8Fd6j+dW3HtxSqakxvmfCdMzTuA//4y67iZ3z7SZ64W8LtuV/VEyomd8 +rP1XlNXGmgIJ2OITEQ0MAYyXT++VYZFHKI9+F4maLDXwMspUC0OEMQFSdNTnPepS/FrRRdoO +a58JcbEK/f/RitywQAkdc/hCPv9BWYRIJ+WlyU7BTajt1l0Prys7igRppQqeoxZRO/+LYUFw +d7wHLMBAmUbnXg5tcxZvLMJHpwCbYY5N8qDMjaiCZidgqJM6RBxdPDRCiQEiBBABAgAMBQJP ++stgBYMHhh+AAAoJEHkoUFIjawAvO4gIAKE7RuThXim/eZfCn1kNwdJ6PhI5GJBS0sHcyXTA +Lu/ZnrIALyqNL1PFib+EInwOedNmwBJchM0zSodkWh7L0GzLLY+YXAlRBIigQcKrlw3+Y7rb +PkPtRTAHXIWKi1QHv2bxkpDziLlk7RQ/CSA+7dWGXDi5kNEx2JQdFh51Mi8vCgTWEjgz1Y3C +R7rtIQJWPKc8HkvpcHWjrkrC1rYJ4bRt6zhlIOqsNYzzaKrl1xi98X9KloahWicY8uAFqVsi ++UnMV7rbVHyV1p1lXOzhhmELZam9R/UadK/lVxjfVfmQoMPjgee6OmOYrjedjS6T8/8HLz/Y +Hlu+mOHmaV9yjsGJASIEEAECAAwFAlBgMFIFgweGH4AACgkQGIIg8JPUj6Oppgf/S3Ec8/+1 +O0qckAsHLXqwG5Yxyrm5h1E7luyW7G4z2/ILmsYGb4IewvxEIXtm0dn0vo0qXy8O0J1puwh+ +a13TYfUlDzAAF5eSluLVIocgN8juGpxwNpu1yXgYjJT5IM7iNMqekZT5wwckGNPWINKlhASz +ooZLcgwg7ldlPoAxf5INVNT3w4Hh3+bImuH0fTd+t2cw2MVlZju6BtgXE2m2TaFELnDRIg69 +sJlwPInGgt0tfoK4u1qaNS2tXvJme4SccrEZ3YNoAV/semFXB4wslvA4O3U7pejno9s6cVo5 +Zinrcdb3hjAOibKBrPgFdM/drPBd5d5RrZtBDnCls538JIkBIgQQAQIADAUCULvBXQWDB4Yf +gAAKCRD33+VcIwwqlXp2B/92ILjUi3ndahmkhM5SCQNZ8PmNQC/ArtcmbPRgvKp8PR9H7qVq +DbgRMAg0XusxZ005QFr15NzS/iDJVrSmq94KBMO1Afp56+X95FwPAMoqctWGfpmFL35IqG0o +tsh4IJVqjqHbd3GKwSm7ksfgw+vqRH5K0aTyuJ6E9EwZWlkHgEhB4gXiQdq3Cy+aFB6luNme +ufBZZwf/hQmJaWuVlRyoOc+ikWuPiuB5AszJMiPz2lWhee2LqEL8E8Mz5/OpCSCqG6ET1XG+ +KShhNCznpS9GGK7qeWB7Y9N5IKq28x/25DyMJQJGu03k8n/Oa13gycS9wIlL/edl9qNgJJ8n +yP8MiQEiBBABAgAMBQJRENSfBYMHhh+AAAoJEN8AMQ9lb8t/7g8H/jzB6AX3dHMiRGwz8qOV +zFMmMtRdCBTFJc9tA0+JXTZsUgTm8NjMaF1BCp4lEVxDzqe2go+O9tKSv2RU0B1PiUc3XJpB +uOkD4amvcszwnruyV47PMS5J8JASiXlV7xJ7mwqGVQZmeRwR50GeiQM1Mvfqn/115Y0mmHsR +oia3xMCkDaRVLot0Hhwt9MRbhBXRs+UnChh9QIFX1xt8secc+ANaOOCM3DJ4mnW8Tw1jNj1u +8xPpMLnaeHHnRDh0X1VTJ7TDH0wpozBnDgWMLLN/kbJJpIEeWVqFJfKEg/yJyCWRKT37Veow +W3vUGMf/sxGwchwBX0Iwy4MEljc7wNKBtqKJASIEEAECAAwFAlEt7OwFgwCfhYAACgkQqwon +7kl7c00AJAgAuzmMJDTzex4uwhVvmd8oOboLr90gTfrVHum1ASHvouO++YDVphR2tBjJDndF +eFDfLHBmR1m5HaXnhZrzCgtc+jsgXCKF9iJj0Kr2VG1t36SSPnYghZFPcHqfYYz1lyZ/LdZQ +nItfsBEo86mKAsSSGnY6jr1M4TeGVWu4gcc/oGsxOl/xPayYyrCUrSquIYc22Q5oHDQ/5V6E +mi9KOJ52I3EVQld0bqLDz6fi5QbIp5aDR5ljv7hRjeq1fHck0GYAEQdMOHUMm8eyobmbjDds +/mmIp1JTzlkDQwHhIrj+f62O0EbCOUvlR9KKqPwq3NVznzBRva4rpaiHMhSSzNVICYkBIgQQ +AQoADAUCUgDAVgWDB4YfgAAKCRC51y9qPN7XPRLWB/9TUZJky8FeTvIOxLYQY3FxM3Fxg7xV +o0humsaExXRwWxnLvBDre14hZTO12zrWSb/YS2DC0/Euz8wye+IStZwjMRNO5Cn/HQIEvrsQ +Vq7FNDNJaR2ht1fjo8y9aDPNIfGeCiA4gonZq99qTRKqhBlyn2CejRWt9c6YkuCi8JjRLnHt +rfm5pjTzWiWg5MGE9MeN+o6XDi9hZGQWU4PVUeta0TZBh6Z+OsFlLzcgjMF4fUViAWbyP40o +teVJY4rfKUKerCCz23y2Yeb3MMILccsCLkEJDfibq6++Xy3jtc4W9aQICh982ZiPqCfzwdP1 +CfnwbbkIxNxIAUdk2gmAvFOBiQEiBBABCgAMBQJSHUdLBYMHhh+AAAoJEMAoupHawhiO6nkH +/i36gUYGcwnxRvytdKfkwKencZqtAJ3biSfrzCtlMIlT2N6vZjh881EEZ5nAP4JS9CtDVKPy +EsnZQaSvlkb2uL84/Zmv7Zx4iwcLtSuBsArtbQvWT0W5U3gGZfJDee1HMWmBBppP2OeM0KYR +Hg9DBT1LJRLiu/wUFovspuQXFAAw3RmglJq3KM1tPNegbEhPtNo9m0XUz3PVph7DI+Bqbaie +o9laO/g3Me3h0vKAD7Ry5vVkf05pKjB39L8jm6Fupk/F2VkGIb0vJwbF2vXDKcL+z+m1oE2N +1RsF2JWFTUOsa0RE5vx4aA5/cnDy0ItWgvBX6UZp5sstBpX+ZEPfXvOJASIEEQECAAwFAlBX +6qUFgweGH4AACgkQEQTfsDyQ34d4nwgAusYczm02/+fS98391eyLHBV6d+x5NGrn9SOPZ4tv +whiELC55RvfmEk+GwCibrvXlylwl0gifODn9EXEgaEfJy46GFA9poWJlq3RchggK2ypcYrUf +K/+yxIzqS4rUsK0rENoRyi0eHhkb2k5TQCEz8hnq82FF1sNmdqsuav6ABkv25XKBIqJhLo1i +Sl+gzQizsDUmNthlqxK1R4kgjIlSwKT58RuZTAMQKTMnSwQFahtTQD/Cs5mgwbyQrXeFcXmd +W6vEW+7d/DpkjTpbaVYMMEk/eye9hblzLvVjbz0+yhVBLs6XSzynUzw+ajQj8AijthH2eCTl +h67To3jip8LoU4kBIgQSAQIADAUCTxnG3wWDB4YfgAAKCRAWXoz5hqQIF3g1B/4sDIHru6/+ +gdwMbtpe6PhT9aSDG/vAKJKKqH3aEfaQU45s6iOXEilc76uAIOdti3/8B+1WjXtASfeJm6pd +ciu6hUfQaMPoP6YLnfqfe3jQ55y0RHiJ/F43+Q+UkpsJivJcDOsdpOhuaHWFjWajPtUHXVu5 +8IPtPEUZ/x2rvEEWa0TdtsXyRTWThhaixJwhLJgj8ohmKVaUvzl1L1z/vToYKgj3j2Jpqrxm +1o4BZzoqN0kXZZNpVZLQ5hhVYMmm45xYpAgL6m/tdvBdoUW0D2TBVcjC2NYns4ZU7e/e9oN6 +hKY8KFQ5KkVcAREgk9RuqbHri35l1D+f/tmbox3Xs+NCiQEiBBIBAgAMBQJQJcRbBYMHhh+A +AAoJECOTlP5/anBBoLUH/1TUwHuVFNEZvL1DbH1ZEgNDOYqGQ2d7iupJm5WniocVik57PLFN +/3ngpxLYZdRNWkvbx6E5HfYyhZGiLJk55DqGpuDSjljDS2NQQZowvMkuvj7WXP2R9A88glVi +RNpO/194InLAfPP64fwkaprMOG1Y6NYNe9JEOIsG4j/bd4JPB/dCT2luT8zZfcbxg6GPGSlC +ETZYPbDXZrUG2zD0kn3lumi9es8rc2udeUYJS8MHZFbD4VUZRnUVsMivwxatpOJdCbDc+rkE +BnA+QKctyx6j+/+60LX56gUm3PVFUwZR+rwOyjSr4J8nhUWDpVvawxxXeRQcn2FmpEoyf5e3 +cbuJASIEEgECAAwFAlIFQZ0FgwHhM4AACgkQTzCpJjHN/281wwf/UYX4JnQd7xHdKBLTLuUZ +XjhJzjEMXePR61z1x4NOYztIY3rrTJZHZLnfEOnc4vMfUSMRp8nG2GD4inMgO0TsLl8YW2AD +1ZJGfW3vLDXdazENgBwA/Cg/P1mlhtUgTbLg/hFPTF5dRuvWBb36+M7AaxX6xwOPP6u5neSZ +2EaUjutfZ8fa5ioFukDVhDsvLbh+MQKF9EIzlkE2So8oYi3W6gl7jdSfxB3nbmiQ5IRsOcRQ +iJGddSXkYnvL9qMtDPGjp+1lcN0PJ9+8aUpUUyDBwgzGQR7ErR7Qi/SQ1S1CIfVwzdYhEtun +jWNRBlNShyER8JQqETrl6sK5A/otskkVOYkBIgQTAQIADAUCTuenygWDB4YfgAAKCRAKTRu2 +NHynFV0vB/9JZnH6GGGoctmavsu+1DO1bKbn8FEzb9PUfjTfvXg/vV6rhBn6N+Gan+2Kkfht +xmk2ORRg1OpqqKZvV0L12heeQjT55uObclaZwXsdWiHHpEF9Nx+BX6frmwDdSdaYSav5oRqi +FOG1i4VtypMeEckCqVpP4vmZCTHElU4HmJbei+5//9iHpnDCkLjh0UdT3oPZHM7saGnP6OAI +fGKFvgO2LGUtiATYfc1SAjIlSFlws1UdMjSfVa92+WxpCtVRwGSp1PXUyTJmIv05pwBEEIH5 +UWk+Rr+0q7cR0/h6EOkCrETvWRHsibpS2j0uAqA1tpA1Q/czoOZiqwEFpIibHtoRiQEiBBMB +AgAMBQJPEPN5BYMO+xuAAAoJENN0/X/OJfJ311MIAILXNHElsfj8/ecWiVw+IwqGP/POo7/p +WCc7fsPjsUh+VS5tsS6PJV8pU4n3WeKqeGGiIl6mAEj7+bdcPJ+oJ/2WC0R0FPHnqKhQEn1v +zPVmDif/DPqPKMrXYzOA9OPVd1EMyx9PKpzijqTP535SjnBMSLzwiWaRaOgQGM9Q5q6N+ZS6 +bGgYhlsRIaVzXFj5nqpmCLwqcQ2FdEC7hH1K9t+ZpDpYWPtNyTK9xvaE59/Z3O6fl/Udi6mL +MIRpVHJZCmw0Sg/giVKTeUA9aahjGyE9jMQlU8azpcPPEVp6SAnT7Evm8iK0VSVvOl2lsqyr +HxFQJiPVQjVgPj2JLNZH3oOJASIEEwECAAwFAk/iLp4FgweGH4AACgkQYzxZUWQcRQ5sWgf/ +fxbW2TpW1m4NTC3klqtnueYTjowHhIT//OX2/4lYNc80TngM5g42Al57RHs7ArGXSbnTPJEu +8iMxXH1o3qy+CII+HkN9ZOUX4F2JR3LIfblaAHbkMeHi1venmSrjAOUT0SG/yF4LK5mg6ypp +hzT41PqLf+QyglyDdHf0D7Tlxkn1AzcasxwpCJj7Hr3ENnGtQiqX3cyFCFCFbd/uCNAPaYoL +Tz1EIRRD9f9h+E00vJeH0b0Gh4aex+JxOofzSk0RBgGlXv6LSV8LG+r/EWMN9GP//4EOgWE5 +BcbcIdH883jeZLsS4r0u15AJfdkj/anva1erLySeYysv3IdvCteE94kBIgQTAQIADAUCUS3q +nwWDAJ+FgAAKCRD623acxGl4Xc3gCACS7akefDjopPkt8kSFS3Lb/0Q4H+rN8ur/XhRvIL0g +GpqJVwYwPWwowPN2umUBb7mz7vCHIa2Qqn0Qu1vLJy6A6/UHLhGWtgW7ja1E74eyclofw6U7 +3S2RQxk6SBBMS6QrBJilZMOixI23sIKdeh59XjKSz0VdW6aHuKwLdDWBqiHIv/+ffAl71D4P +m/r+QJxC7ueL9cGR9FcgbJR3I8aieF7p4cbWMpaGV3khDd0plw9v5YP/16IDPV0u+4dNCd+K +6ppxkfpUg58hpMoelSbuavTfwCb9n+i07hVRvscFocwkksXoxbtsJF6IQOltw65q8LJKhyMK +r1s+s3dU0L7jiQEiBBMBAgAMBQJSHF6eBYML8UaAAAoJEF+ug/+12PCMG0EH/0sA1vySdRkN +phWX/g0bmZTo7F3gNaoZOcYcXJFpmXrwPU7OXC9004vq4pgoupH/PUdqfaoBAZ+WoYDWqKug +HLAeiAOyPEi3eZPZxq3UEkG9aSgn/HqwSy33w05LgkmwccaZbvSQA4wnWBCc/p/lr5y8qoas +8lPtaUZPmP7NBBnxzxNvat9r2mPUKWOqTjhzTu54ToTjYAxAq+qgS33jcXRHGwIOnBme+czv +3RrSps3HfC+izs2Rc0IJ3EAuGc+2zLHd+cj/C34VJ5VSwFmJDOiavjVhnGrkbybD4zuLUpAu +sx9XuWEAtlfsC8JNMxkL8WFYdpozC8Tcwu/QZcSLUWaJASIEEwEKAAwFAlHBE/wFgweGH4AA +CgkQH7mxLf7b19OeNQf9FRDx986s+c8Xj3x5fkgZyOuUU7qRT7P8PaCif9LUVPIle3QJY4IU +WAfPyrDEoy7iZsTWKtiyRKbD8XVqaUU03NhnvKzQ/w6b8pHN6GK1WTnrtghslzp4aEA1jv35 +FRGsc00Cb6mx9NcE2EzaII2cWYOOdZg2HDrFRhlRjNDq1H/a2kN0NLRj93ViC6vHVznyOCNY +Iz7QUdCdOlR4w5gCY7z+Gt7RfSqsjnwYrqWvaliMeTT/Jm1I9TeQm4WjKF2qCSaAbS4faqmL +T11O60/5ll/pjOWDyN8TMsgh3WJk1fiY4Oa0PGhDfIyRmkix4kRaxlcR3loT3zOeMjawisTB +xYkBIgQTAQoADAUCUdvOFwWDB4YfgAAKCRAMhc/JApMn0vQHB/9RozZBr/cYrxgkKZQzOuBM +sA/63ygPg/DCvV82fVfHq3FngcSw10GNd82nwDXIX2vbQY3rr5BqWw5aBFwDYRctRlvU9ikt +ObAeMv2gm7Xm2o2bVWXkvka5mO8mwbcVbalLhTFP5CNFg7s2S7jmIUR2bdc/8/QK35vu2ifY +w68/E/TK9x1EviDWtmzwsVSuqDFnwBNkHeHEwoe7V0iSqM73p5/qHjWhV5lBO94BYIzE8dDT +uOcMixMlNa0qnd3WG2+8hqEGnMBMRg36T4GrxKbo/9t6A3iDTJqSgd6FIKCy6SKKUnzEO+sM +D9G4NyDEgsgJMFvJsbz46of9cVnpm3QEiQFTBBABAgA9BQJJoFaCBwsJCAcDAgoZGGxkYXA6 +Ly9rZXlzZXJ2ZXIucGdwLmNvbQUbAwAAAAMWAgEFHgEAAAAEFQgCCgAKCRCXELibyletfLes +B/9URU6fWe0FGRUeYa/HhxVoT6HkwjFxd1YpIMNpmbIzeN2cs6cayHVMMB0TkF59QcwLzktK +xjYg7HzjpkBbpc/jnNeMcRqMdk2W3Zw51xG/EXmZ4pkAlmBEX6UbWOhkmO7lszYxtnSwdct1 +37DgRvkKk1C0iUmakWA/tiKcD5QHZeqp3KkbxcxnD1zyKdEUup76DyX3tLtrBEw0QFA8Ir6+ +2VP8QgNdrcRC4XLLzED9H8tAkTYDfqUNm+ogS9sdZYx4Ehta94N4EIxxJN1AkxCh6vfphYXf +xotEV8+otQJq71uKSoW7Te+lq13hfhV07AdPX9cSp1ouHN9NzLNbSCUAiQGcBBABAgAGBQJN +xrh1AAoJEA1BNKKs35HmS5MMAJ+rpOPGpEXErFTf5sEPcY3RoHUSr1jfCY1rsulWVGWVBbm9 +CXnPmF4wSxPrYUQo0iQV5YnWPt8l6qZxsKYl7zdDktriwHvJLTJZ67ea2F10OpjxpHM1QI9H +HcxvViZj8SDK5tq2SKnafzB1obMunXVc3UE7sPNcbswGz1IEpYelRw5hwR/epaTQ//1eE/pG +QLKuIGfTx4FbhEh2BJOpXU2GOXOPjjuEl5SmPC7o9HA45CqmmvRBaOS5yYC5Is0H/nXYSEW1 +xvR61cUbxb3tIANW36ngTsWNN7Dqacgp+adLczZJmOBs+2y9n6N4zxI0s6MEiJBqopagOLXp +ICnIvnRGlMvB8PVV+OQ5zj7F+0BkedVCAgDHtx2YjyJsNbCB72l31GzqVwbvISanf5eNI2cT +wYDKfpz1bwaBD9YlgHjVLQHw1ycPWEhvne7yPmIynW+9Ts9x316DDOlsPPD6qYgPVSjidG6P +LdqDmJsOp/XErnpAfFEdBi7HaH/Rk9KwIYkBnAQQAQIABgUCTin2sAAKCRCu7s6/+NjxKK/7 +C/wMmWqwT1Ug8MwdBjbre4EJx6ghgjFFt73cjHJqoOrzowkXWUoy6G2Ergz1txq7vdQWV3da +flkQ8kfq22iiwVQH8YIUojzgieilFg/kPpgciEN0FAlsrlAIqJ2+b3GORfQddxqbFiFA22wv +s32sA3X8X99Dmor5nfZfErDP4YCYTqIdeFlYFbcbudCHolsKwLT9er+2X9sHnH8SO1F715nE +zQaavGm0lhNR/9nJiM5pjE5089wm7p70Lbg8IQuNhaQ2tkpiHfl7Zh/BbvYKYm2hwaehxNx9 +zzNw0Fa8+qVLh1dareQaTyevyqSZ8fW8XzHYMkI4dclk/zN+sb3VW9rDaOBCSqcTqYr+5kec +OlIl1rlLnf+GRr+5LvskDMNqu4xAg6WeYmBMuDhJD7ubiPbgoh9raMzvM6e/YwKSwiW/I5OT +Ye3lTqbu12n0cKdsKvWzsgBRf4CA9sLKISoY/G2PO/06h+hCiBh0t98noH0QxA5LF/eRXfRu +AfoeiQ0bZbOJAZwEEAECAAYFAk54DA4ACgkQH2ytYtIuJETjgQv+PriUEDzLTwoNXuz3ZBWq +5dFGK9JSD9EOrDCGpMSLzpwFQ7/D/kAHCBD5ry/CspifRjzTHz/PgICnfR3KMivDZaPdkfL0 +NmEZA2W/uF2p21mTtULpnutiA+BBy7UwSR6qh46g4XmobAxLh4HucrT8oc1xIiZCHG3H+ccn +4L7DSHy6zPowgYw3OmC0xAv+jsYJbLHcdh+tUDfmV3iCRh329tOmkJGjny84K2xU651YNHO+ +/2ysKOlO49x9JwX1SfT3t3KyFe+EIyR8O33mEoIEsIYvsre/YIBKAi4/uV/XBIFuv9qN5Ypr +YI2HiXO71sUvAcN7vEwaOuq6V7ctsjwee6aTrtV/CsC2epvNxMVxLAPthugpVbDZ7yoMAC2o +zrnCrVu2SVQqsIGhnQycD6Vt12HfRQ6Bhisg5GlSKi3Nah2KGG9yZp+SWsDJ9z/jKLmQqKAs +2M4E5LDfFD0qOgQ6rU/Hudc1dj/YNAr7GAe7QCNyhBdorsIDspmCxMpQrTeZiQGcBBABAgAG +BQJOgLA5AAoJELoWe8g0SGOjbZkL/i7dKQRZpoLK4+4cIz25hqfKiD70cw1Uc7hsfg4CWvnD +SxFQNm5hZMG9Fu1jD3h6vmOcVxXCKnIhQtaI5wdpO9uPEc3vwAQJMXj2vkvAlOukSrKc6vI5 +8/OwnEga3oiJG+CBxuAky92ktNAsvItyt33k5fhT23LBW4fDSRL2cNSLizwHKBF+NBjzs+rR +nMu/42OM8DK24bcPKuNpX5HJYBgtVOchKLZLaVenGgO1SLzZ/etBbwtPFei2n5M2cReArkvK +xHf/zpE2fRH1XswRFYdyQwGTlvSkgfKj8x/YrG6cY9zo7Wq4WAkxhJvtlJSsl9hvVP2zzevB +2O4rfVDacyzMK+YEEYEPj4HBByfSGpTbulnK3J9CbhiTuFbZO4ZHXDnPbAYYn1s37HqVsqxX +g1b1qY4i/hjpb8qEApQ6zLgUM4UR1T68gE8E/FTLtH5fIgfkO3b5v3NoYgJLNcUX74fYsZNT +GKZV7g8QYLgAuimdzJWd7y+u8q2RRSZXo0Q8DIkBnAQQAQIABgUCT5qzfQAKCRBXRYXjSTKu +AajiC/9AQajdDqAD2ud04YZesuoM+DDNg/XmRl8T79v9sQUDkTaCU6+mYXG7KMws1FOUArt0 +Jcd1I9WZBQkIfj/PnwL4AhD6qZQg1ENKthAcYYXbS9oxf4FNxT8nikvqCUAq2Q+PFoyrYnuS +NIVnBCtMYfFknSawbU0HMDCASKWO1+LfehOeQyaL1pwAfc8nhUeX55vJNxWE2FgNmx2NldxZ +IuknON05awTa5Yam+SewSX9h9wDo0es6CTR3GwKTA/tL761N/bu3DylR79ut38zJ6NDAw+xh +Cxn6p/P2WiCusfaTFOF7sXbL2UQZaD4W7uctb5jGdKTnswb6JtXGiqLkNpj38o2kV56BVDWU ++uLUDM66K5kVTfwIuX3dH5ChVB5k5t3un6J596jx83kIxah7SCB9JolCiZct0W7AKP3OQnIt +dCyI5QfHHKK2DoDbz0c1XOyF/ZeqXGnvjelIPHbJlqsWnIb0/OSqSZapCxNQCa2Sb8dFTZRC +YAjFDzpWAvTkuJGJAZwEEAECAAYFAlBVLT0ACgkQ54NyjqP4xZgkQgwAkbv+BXVjrS1DVasS +zENEzPHFVsEy3pX9l9oP9ymvofnCxnqRnsdLwpBMMe/b6lPg+h7mqwusdwWVmw/DD6uYy9pd +A2+9f+07VJj33r/hhq6N8z6AbsaXPKby68zfsudRHXdIPQykk81Ix2qYKM4laxXZ0O1MAivp +Hi6LpkeUA4luJlb6K+aRP+SmAsjr3trVKsvL3R866M6qLKWOrKnX9sUph15/D7E+v3UAYZJG +RbuvohnkzUhTvi0w79xJw2nX5gVJNi5gnB8/GcVejHa973zMO+6Z+IxySJVA4TioWsn6QqRs +Acx7Kf8lJ1lDFJX1aAbAQpGOynfQ/xOAxJq/1pqI6w7T0U1HTxB1ZettKx/TAgrHy3YuHGuU +OvhuxaUAZ5NWiJjD7bsOTwynefalLKpB0geZDdV+6GNoH3Mgs9Ar2Ukk3cdnbtiEwo7udhNL +aKpIRzcovuVYXvuA+NIHGtrs4OiS0eY6xXy4MqADaJjgcwSs8fM7RVOwzNRAhIQZiQGcBBAB +AgAGBQJQZpF5AAoJEPCQYB2qrYpyBq4L/3fEXpvb9E5DjVCCAzF0EKi0+QbGL24XBgX9xPEI +TrR3blV8YkI6EPrR2iSq7jqvy4kJKbthxWXYq5i4L/HDQ8pYuz0CurBd8Olt2MleBTObf4NP +g08CXDeU2M5P+UW/9EMQv4PI1l0yWfwwbZOVcGY9OmHlb23EDacd0t4SgzII21QYIComoBUg +/AS0cps5OGsalEo6Z82EAp1rUHWvH5cryITy0UdoFV8cwg6/Bp29VTJ+zu1P5xLXOpj4UGyb +pLVH6GhG61LNpBGdeS1c9dER+Asy7GnH0o6JrJJLABKiGpdNoyAQGKHDs3bPOLKvCusgnHir +yq3hzkoY0BZX5IFhICpqgiczFVOFmVAHok5ruovjVMxLEBhnBzLVoXRXVlEHpzr7/kUx5UlQ +JKYYlMAft248QjBSGxxH8lNKaUSUh7935yykZpYMLjLunxWzCF8vny24TF/jLGcFY4K1r8ji +LrgFzRlQEfj07QMUS0c+Ikb5sr8knyBK+wkx7y3QmokBnAQQAQIABgUCUc2T/QAKCRD9Jdzq +cag0XJA7DACJCtPslBfchjBebD34X+wvByU7uRWSmIO91JRptjKzme2RSrb0Cmy/F5NRGH4J +rLF56qlr2KB5vnlKoOfKM0d5ma2MX0qMIt7YQKskGgEjPP+PreTbQVwVoaOQ9omUP+cINv3f +6fHgN5vNRlHMsyyBOr0CaDXZd4iyhupBb/vljrUy4MrnL7D9B95DlK5PXXQMFOGAXJ+k8Ykg +AS8seJWjZG1ZPbweKY/d37+CIfgXiOMbCbEVkhQFTnOtHdjOaqClc9y5WCG34jMzrPsSG0/S +yK6ig3LAn7Ff7hj7NO99elxHyHylvPSaGNpoQyI9QPvsT6DUxqrABtd1XFFS8fh13LSMypUq +lk0d+CkRanc4ZbV9S4hU/Osx/33bQgvIrMNGRek2kaiszan2XnN5xa8edOnzJzC9jISnRvj+ +8s26c6+mq5cm9KUTi8xfZnRyOu2aIfFowEeT+BDV4daSXXSEG4kvm1lXhPBNx7u0xIce1+iu +aJ2hcpsc5sJlfSUE7QWJAZwEEAECAAYFAlHO0WcACgkQF35mgTrEpmjl2wv/dtmy/LYUEUjU +vxTRPfi+V88Cj3p3XXUktifYAqRd0ZJIEx0Z2HK5cdP5g/GbKoL8MrUyUKKE2P3q6kabuS0k +hhKwvJaihrCcrTdgclzWD19y3HGGvaPGHLr2SX99mt+g+GDgw2WL8MfelXRGnRN50WGAvMBb +krG9i/Za3u1Zoz2Y+501eayXvvZ1+FvHtA5h4D7sjcZhdbBW7YgXC0FM8ROX1nm915yGZgkp +1NnDx8ZE3oxnUtmwkSxZ53gzD+YNDxmNRHAmC34Rv7sfIIMwabExHpdFGfPSfxwBf3wsJiza +3FhsrpfcAmXMKD0yLIiC27LCiQ7k/hkPAUSi56PmK1KWhp8SXT5ZmbyiNt1j7qPTG13+g9mu +iT6bpiQPQx0TzVXeQZDkm9q+TOpypfcgBFtGPMlajFMyg/vswia0lyezrZNes5QZMq0TZAOi +Yac5QUmCxE1QLD1aG/olNiYUCpPKtKf4MW5jujI5saz8esH8JvOCi7swGXa4ABpRTDDyiQGc +BBABAgAGBQJSLmzQAAoJECrLnuugPRVQhDgMAJpfnu4ty+wFN8IqBG0r71YFDODpVpzcsNEs +IppmawaCHAPwxSnEWFz+5I6UZCcM3W7/57j3/OBXQHtipU6ArP+8gScFLL0BQU/TwwHcCvHv +iG9aBjPno8cwOHRcLohScyEDYdmo90IWbFFs+IKMQ9dKMz1X5AX949L6Y+6Mho7h1gwSj7Ec +t4oxZB2gNLRaLPrLWI9BABCkyoXOlPwsSiAmv4MsUmlLm8jUAVUmegaakcDMc+uk0DiM5XJu +wTMfqgGnGsTHKvfet9GWJJBeJLMhOahfD1oS62/cuWuzT3fvdl3MSZVWAtIDHn/znn2N0BIK +JwZx7uBSCRbTwl60F9acwHhqW9H6o4Z7+lRvSfDDPqDxUsjtEMZpVZGr73rvu2czAJHFab8o +8+Mgk8G9bhpkkYmttent1+9wbNvJa+tEM06i6iiBAQ1qTTf79jXz727WjeLN05tPj1FM+9k1 +jtFNpWZ6jAvEazC1TndcYYC1iPtYy5np3TnheJdpdDFotYkBoAQQAQIABgUCS9LI+gAKCRA1 +8z7wtt/VDAhQDB9UAkSh5lgpjTsQy1FSqgaBHsQxF7Egalv2r1eEfRH1V4cFiF1UCuA4a3PS +03EfRx/hCo7hCOAgVHWJSozB1+PbK/h1DxDy7ZBhLnkhsFh5OlzR+Rxce7pqicJWhLjsmRO6 +4hb1QUgGkiKsZ+5fORlRXfrZUfWUCsa0ZLMIJLHySHjkPG0+N5Mh6QWsbUYKVdG5SaYuZchD +sXr2fnSmpF45EwDWMkAyIsx9zw41pXPILYQqLM+Fu41vumyVXjQfFmxyLJoZXC25UFou7bGi ++/I1F5UNmHd1h8LUkVFI69OdO0MlzoU8h3LUz5ttA3T8tkXKl8IEskA4Ybqdf0mUwFRRph8v +Lp2PqsPSLuix9Iapjwz6uf/n/5NnVyCb5McxeQ4xCQ3x2DSCwT/hEZSf74L/bhcp+oy+F5zc +Y87SHvCTxspCGpyP/fWDST8MNoPh0m1ci9oK28x0j326ImEs2PmUFrEUQmEHcUU1xK/j/6Rt +82xyeSW3fk703q2QJ3RlMEPiLhUOiQGgBBABAgAKBQJOKfwaAwUBPAAKCRCu7s6/+NjxKLAp +C/99LLeulBU5iCOEzCG5YoPTB9cRlaNwh7wvHKbbhPtJ11TL2LeEP+SesXZLj0l8JjDHH2QK +3EYr4Joux2RP3IqVhAz81FyX1lxUvTcEnAXtRoUR5UjjyfRHEj36qT2nggBLRgnzr69K4XHc +JFXsEUcNlodTyQWE1RyryzIW0OLEQ6p/rgkHABJdjoJSEDnUA7wyUxq4M/RExfqBf2Nw7hBp +6GxP+Ug5joHUqRuEwT+HOT/vXbJSlSD2RhH+4Rca+7/fO85z5yA6T7u7RwpLeGnNxBN4z5wM +HsquFagiWyamnA29d1kBxvUCO9nj/9pVa5UxzeKMFpCu3NK3zzKA7KMnsDRO/Uki6+a30O6i +DzNKRPizQAlqpFU83V2SiZpfxSVQD2I0SYKJ7Ka1x840U+1c+h3cieqFyAh8aFUThp9WHdW0 +C/syqdIAtesuVaFnE3CMBGOJRIf21OUxX2grzL95SVJIBx0lYR6wMDIrOE1GgLID+/5QpWsw +JOPXEkwhfvqJAhUDBRBKA0PFw4Q258s2s1ABAopKD/sHL2EKftD/joRHoLyIuzNhkxTyBOy0 +CgB7Vvhs0RIqnc0RakdoMg54Ym57rxfwQ4AnCQZb2gD7GEM3LMvHtrJZ1dqAEjJiVP/g4Ngd ++MGXVC6smj7lUcCgMPleCPYsnjSVGRt8H26MB5cBgpdAH2X2UMzakLqrcyJRaOi4VMsDnjY5 +XcgSm4Jd13J8w4awgVtN97jkbiwKUNyeFh3ltZR+UmTqV5m1+pMCsVat6qFYEwa492QuQEjX +NGu6xUKwdiN/4sZbFKjfRDr1PyQw6X2uR8lx/kx/TnjMx3clPGFqlqRX4aQvM8Aq8SfUjr0J +y9h9DvkGsTEPXj25TROQ5JQUJJykwtYFa9KuqTJCFout6OFQCnlbQOV1wAZ7B4JnX3RV/KYV +lbiLJfZq4ZHzAOzyOvL+XIvoyjv0jlIAfe4lnxdiEr0SW0EknP513O6rxmsKEei+6i5T3cRE +7Zix7VG64RbXqpdlBxdtTXXMgsNPuFPuARySK5s7JFh89y+GthHZIvBRWBMJBGXVmNtNolOb +eQPNP93fAbsm2fEULxMpUsbLKGaSogXqp3ESHuWxNNBL9EwZsFWSmTSReltqH0HPGSZJ1ZbB +q/YxPqIKbIGyo1JCvnozGUPSnEv7Ytoog6YVBhDHgaREneJfYv2ga2xqnuoKaaEBlxPLoYDu +FTJtg4kCFQMFEEtXtuwt8aNVzkzsxwECV/UQAJ0LQzLdaH5oSphDn9MlXlueuR3Pvfe4cNbn +uB6mesdj3oJaOrE74EhKGaxO+K0t5RaXBrzd8Qhi36K7FpEC/2VRX5eVNbEdyxZA1Zk/M7t0 +n/RP/HhhMFHLU3GsK+a8JEGJTdgjRgPkiG62ndMnwJ8MjmloNAXrWyE6v4KcAhig6NCggKKf +VRuawBui8MM1SB6brLGkf6i98tu7X4EFzNRhPseWzYuTnNdxVU1jtDEAEEqwFStLkvyYlC4j +PQxES+7Qxwgr+Ugyzy3vDkSedlCs1VVyy0HnyOfhL4MerpNkiCerBGb6qQumStu9B321t/sl +rixlbDfqO80z/ine8PpTqq8kAIl56M3eyixKhAB/jzUo3lRWDtI2idi0F8GRAb/FHQcspTYd +m1puca1n7O5ssol8X9r/WlGFDbN2Cxk5athSRY7va1Yo6iGav6S0hPKvSJRA2DGYeAwQKLUx +s1klsVSqu8f0iU3eVm24bJMAG/AOq8rCAuBUGvD0/ES/fZwH4qC8Ps6MHBobUY/yKfNfAi0U +pRGBDHaJDVJcPsrLuZJw/kz217sr4SMNc9+9nWZXU6qgAIac0HJsrleU0QBy9pnnVs7hFEsO +zvZxHXV0PrKEQ2Y+Gi8XyIlgynNdocsaPIAu98h3y/CDEeLtAhB3Ss96Zmw0SKiUMvwE7PMQ +iQIVAwUQS1e2+05VPl3aaE+VAQLKiQ/+P1MhKL7Ihi7Wv0nMZ1DEJ8Z/1Eco+jH4ZfPjQhg3 +Ar8UzpL4Pq5FaZyOZiDxHoYZ8VilYShezf4KjN5XeAbBF9Vo9/id8ROQrVc4Gl6pPa1dMzHl +SQyVOMfrjOtXgsuuKeK1OyIMUypDbKwbM9OyQrmXq912aI4JVsrFBhS8ETlfMGGU4SFP5nZg +JojkVixsBwu9PybwsXgDEuIZPVTeMllBaj5lFdvgAEJOHQJe6+0czKUdDMHX2lI697EEnQ8d +TIRxLNZm8guHOpacnOE4BTgIpeJsPpOMKZfo8bEYNGeNDRqDNAVq1H+ScFDWT2wde4+yVIYT +thGjO9jYLM8MJ9nWC8ndCe+ZUPC0gNrMqCcoTuClEOMD9it/1Fue0Ruskf6m/eaawPmLMibr +Y4cWDYCQvvbljZWBbdgs7n23gfvTmYx5pgk7AqeanTNROcTkLVGzH85iiPp8g/t90/ztz93H +ss7W+ZbLCY2mabROE0llEuHVJjGBm+AkbIaBgLwOjV5wJa+jF8fYB/2qg1gB//afy6N2Xcb6 +jiG/fWhN/GG4oThp53ouf/Mj9GyyyW1cRdCW4tKBnlBCVZU5V1UMCIUMQ5+bYYVL7hAhWDq/ +wNO0E2wXXgOwougv0yuhK58AoTPgxoPF1od4uL9XBolkWl8CuLfhNapR+XecJp0G8YGJAhUD +BRBLV7cJBVbIZR1aExgBAho/D/9rS88ww2y2Asa19Xh7HaI5ZkBMcUbC97urn/nkBtGfsFsz +H+9nRP28sjz4jZ6Yjo6l4PAL/5flviqsGTVIlT3Y0nmZ+P3XHjRlMIRS3BPdose+4LbGWLxt +UmMb5nTAHza7aMz7xRSK532rPJDlDSHmoasu2M+0/qHolsV7odRHWaVg+dUjPtvjZ492Ngrk +6yGELZNAsjOX0xi9QG8jTQKPk3i+a5CGOUKux2Bu0Ul3ShOzt+kqBJ0IljFOCVBHxobGthA1 +kvy+k0afcpZ1HoqGZ1Ov6HK4uBceaoi5CNYNHw/cn1bwkw70dEF/icNuPh4WgRjYGg39K/P6 +5YkooOsj4QIoar3LfDLsR1AkmfOgIPdkzryjwjnB+TlX6K6LqP1EQ7RJtrKPtS+XKonpSAsm ++uXtx+HkgacoZUeO/sVx+NmKJr9jl4odkfSG8U/4+lEfaUFow/BM4uR82DdI6oal3sEHdB+C +PH4QVcHamM0wrdZEn4LS3+a0V34Suxn3ln5397u3CzfgzUYv3sI9mflxUg0bf6yaNnV7TVUL +2+4j6uJXaca4XlBPiFGhOTZGx7i09O9dqxE7du7YpBAC3rRCtpzbBa1kjYU/i98iGohufSOl +4OKqf5vQiKU9ngp603Q6fvb4PuZBhM0Qe+N8r1OKeucQ6E8F31cQYmH9LxnbPokCFQMFEE0x +NthFwNk9KxpHqQECWhIP+QHEddGDZUfMAH+1vy8ZBlI6P7VXuSXa3wV3W3H7usP9jWG4pqsE +HgkQaUnTOffDS4rfbi7IKU2YvswEkZeva0wmwXzqpeeY9Ibl46aW6V5ik4ZcoesOWVi7k6Eh +/VsU7l7bYJuS0DB+Rm7964RB3M2SmIfZMAz7ZZDsx6ihPbqWxtTJ7/1iqogOCCef21/oKx4N +fbkl5xbQXuDwF27aYNtjqM810rcEJ/cljdzKtjDoluFQ+HuHOub8hnZ0NJfTdHyXCwi9cyiQ +nBz8K/hZMLYgaZUvjjDpEoYZj2V206UwcS0bKYDo0Lzy0HRJQ/dNNSBCA8CUadvMOzEgP6fk +yNCgZFjhvhdptm6vSVvjMR03GRInk6BLnYfj+jEgCgoKfZAfWmhXIdXxeEvncMTnjaMSIxpC +UKUsRKLyLTM9qXjWW/UP66TI1/H3ntpSy9g6fzVWWsAanVTtT7xC3m9M6bXwH+N8uWht96Ox +ZkHy9LZS+muP0B58Hc7O5eL+j5jTTRnfC+1B8edDrWcaUxetIloafJCIh+k/hSTz0xpmuEsw +IUpKrP7VTeBr7NPJCp+WtfOVEzCJraReeh0JzX+kAmc78gwNdckKOYea+UIEZESNF/BqHQbe +D+6vqzGC0bqTyzVaWCKDSh2A0wI1N1sOA8Vw28IVfEoghjgeeSRvHjGsiQIVAwUQTTE25tSa +7ii3JRN+AQIEihAAnPOi+jDxa8R08LQB6vR0eXQylP8rgLO9ckijuTbVM4flpJFbjwb8nYwb +EArT5wp+RS19lLpINRrN4QfrCDcjF+KVpoNL6FS/IDUHNUOUZnSAot38VoFr6Fbd60078ZmK +7OqfaF/dreQr9dvKz7KQUhlKgsk6en8/0ukrhs9X0nStcuYkFaiK1oiBFWI0Wg7DAKODOypt +ZOxsIC3IlhdniW5AwQjY7T3XRORUl1jUp8LhyyDvaCYo8Sa9gASkg2Rp8c8BSW88RfTbhaqX +BQV95sGDR68HS55jfXXUReaqHrwc9UAxLKhOgTQ0zM5mZ4qpmbYiNAONpFB8Hj+j5Cp2zY4S +RT0nOrB4k+lBXR1UzZX7+g0V1Q5xAozYZ1fap5TzmPKyAbokt4tUkjOJteO9hOMFFfLr5SGu +cn5XteRNSJ7lbcxVJ8cJQQ/my+QLSO9ib2qeRBSx+fkfLLirCRh5mG2dXF+frAlmtJiTy46u +t46Z44uA+bDVinDVbapuOptj+cEg6k9h9b07fDMXa08L+DFvbU7UynEb/5SapDakJJYzQ30F +a4u0wyXBTz64yn7hVxmqHW7/sfXugN4ja8RQVP9UUtayOvAqu5R65S94rX0hBFMCtBb1yWfz +2UGf8wVepxMNyQo+BeMRgjHC8Tjy+0nnjICaqSUdfUlL9Ha9nOmJAhUDBRBNMTbsQZFId/nB +jkUBAgLgD/931bkrwk0i6871ZQuZiiBo4I+9dkP/sB5XfP+TjpcyNvxLzNahc59fQIy0ySbm +BwR5feh24JBD3FY3Gcoqx+qu2kNnDOoNjmO66bOzgpPi81oXuEszfCpAw+pRgZeXXcoy1wtC +nNbsOrbPuQGDG3mzrekZpcMdb2U9h08tWtzh0TkTS485V+POTeoU4W+HksKe9pqr/Jfy10mh +wEtorXEG+LxCKNxGhL1upFBV015ZRGA7Zdxuhr8e3tLomVgsDJsgNF+dF6AYCe7gkLgcI7sg +dNfg47i1g/xd39oAWAYe/5wtTaqpbl/OZJx2+g+2s85H3F8GkSx3PyijucH6CopQvu5QqUde +j1pgvmyAsL4H1EdFVN4CG8Y2cq86L+ryQd4TOR9YCUqbd9vOYXsI6JyMyw0VfABaLESJWcaL +sfFevfPGWDjC0Q21SGAJLfpUlPJdbbiGfM1SnQ1iBYvko0e4oK78hKjs2/xirSHOadarEHlk +M8L4CZAdPPidNcAlRBy4GmS7MxcvaK6upn7XU115bWHK4omebMeC4lRTJGYVdTae/zSW3Q7Q +mmexZgTkr78ZKYAuFbO+QPlZ6PKpjI3ycKvkOcwNj9J6h2doMElwgefum11S77loVr2z4OXf +VESR6EYtPArN8j/Lo1vbEPKkDLhR8kWr9Y9Kv48WhRlFGokCFQMFEFAyK4E1GL3ErEkGNwEC +CeYP/0ZhHR8+K+FvmmgDVj4vzK+duJVTfHvg+oQdOqS4p4nd2MrqErb2ybJCbLgFtMb2Oo0q +iEWpJRXccjyP/1PpePBrBElr58MiCJ34rtjRuMXYoQ3wFPf11H3zc/+PwvRS/4448Mjezxy6 +bFLByTjQnwX5WiJNRRzXyJlrd2HH6/ifSwYBWesgN5+MR7tGCt6QbaG8fqOJq7wW3fa1A4Jr +CvQQWKrgdjb1O20J7KA7vchBZaZEysG5FNKdIZbior02zsdV2YCG/cV+iDhG47ief31ZBDpN +iZ/kSiZVVvA2Hmr5GeLaiTusUDG5LpxE6uWUPT5WK+cDic/PImBJo4u2j1/YG9n2k2daUJEZ +TgIt4m7/91UkKUPzJZh2leNJHk+cZNyqN7HZ90GdWuCNEJk7XMQ5kwobkYDVg8AhSMHl79DA +cbALTE22uQdCwEfYHlpW8FrexMbD1HrubIcpm4MW6GQo+qavjrba33qK/5HXCE8AEeGBaWqo +s4HLLZ4uHoZTMcov+Kh6DV5WOFu1w4EP3gm8yp9U67chQG16L12FJSI5l0/uYExhaYoFib4r +DHvzlL5bruJfv97tImDyiFEF/CZGp8JWpVVMDsQA0fRVvOrgdMKVx7jAA5XhUAhax1TT0H/f +rqgwWCLKTab2sNXOOhlJ7r3ltrCOpgjdGt7M+cj0iQIcBBABAgAGBQJKBAHpAAoJED0fWFmJ +buruN3AP/iMI9Hodp254cv+1lVXxUFGn4hDNpK4Pg0gm7nR/BtMW3mrJcr4AYLf61TEonkYZ +dK94nb4oyC8Tc5Pu9L4A/j+Tmdrj9DZdLKv8RP7nsNTiOMghyUHqDW3JKAuS/TKjZKVfbRxN +70nyhNfpg9diPhMaq2R1+EO1KzuU5VeCujF40O+nEYK2Nbu1raKCuOxgcsMqVsb4KZaUxLtx +DEpdn0vEweyKqK6MwJtSAdlUPRBOihhc2RSSNH3J7hUtMFSptjV1gqMGTnt2UnGeM+0McB7+ +Y1ilZUSY7CCITUaYE7BD+uGBciMbuFBOxJLAgPTpCkArbrIF+SXOhxcDedUq+ErfydZruMr1 +SFxtErVbQnRkoXwWCctQC6yR/hu7fp2nZaN2XyAHfyguwzB66PF2k72Wd2zEjt+5Cbiettvy +O7O8TriDYhH8th+h7QkbhzkyFjRASJPVU/iZUtx6Qihh+TRiR7GFrYnUYZ2CbmHGY8Ufn4ef +QKpCc1JNfJ6ai9rfIf5I5//k64u0WK5yuYuvccXbGjEEocrzjzrvgRTF3LPEuGh6IhqdVvFj +SxY9OGaSFOgsFaFeJqBT8FUAw+7z0Zy7skxCzCAWPHyR+IQohTrXgLzAeAJ0pmdalVjhsTKk +j3wjWcda6p8Lnx4CohYj82K58fgxNSFqF7heph6P4HmxiQIcBBABAgAGBQJKgbRnAAoJEMcN +QWzYfbLss8IP/i7evAqXGUN1i058Na2vw0na4IHWT+cLw3jM2+oq5je4NxxH8HhaaKmw8bcH +IiRYgxiR9JsCG8haj0p5hqKmul+cigkBt/W5nmKXjC/5P6F0exufQw7H7el4HCw+0a5svEAm +Aatw/DxhLOJyBgLGgRBbQdE3uqfdgcH2Efy2EP42TDzhch86mx8BkYtEQ/fMlzrXmlySZO03 +4hD+qs5/9M/+ogZ3oRDCZdBywmNlp+e77cuCkRiCxu1kmIwGxBJlbzHnnRy+WUO3+2t/vhu3 +iTfpgkC8m66C7ph01ppu29Ge76GePtNybnitu+/pF5Zouu9WWJQJdHfL7NoEc0z6mZMjnojJ +1xP0D+Cy7DNI1H12o9rBkmdSpXXB13hvlkmLXmX8MvX3S51xMQMLbwwVIe4Kny/JdbTZ5RlG +WNMoQ4yaLHFEtlRLa48szEkGXax5E5U25EhnFz98rdmsbzALrmIbcPO496gaO82wqurSX/ks +YjwAT0II7XoBgI41X2ObMLZr8JJysrUaSoAurlwkx/w9wAeeZLKYPwqcbkRpCIpaZgAnoTQl +5hF3yxxx8u2IyxL+L7FDDlxTXIyL+oKKXOpMLf/p5Bk252kye0Ouw8npRebnduBRmdt+EBUX +iAVuRb/0cgSDYhhgK/0b3K3wwfzsO0o0n73LAzIXXVuepUHHiQIcBBABAgAGBQJLBk7iAAoJ +ENYLDGY23lDuG9wP/jqEgmbDJvV59RfxhPiD8A974tr8ZnshYQrDqntK6EGiDiIkHZL6a+Rx +o3pS1AEES8Ap8AGGC7uqXP3+B9cz9aKHb81aqztdm3C4pSrrlFnXAueet2w9DYe8kaOV24+w +5czaytg3KwdWcX5HfnTR6Gy+RnlrfRf7/Gvk0vXHE6Ll4o2GJCsdzhaw9Usd0V0usncHO6IG +8T8Zhupu7Lix6eaiPURN5xkh3es+qFaWYjH7SFKbVwBWM7dokpmyF5Vfk96051JEFrLrffzG +X4+YUcBTACW6Hxc2lvGp6Wu/9t9tLok2YVrAIhKSkUCfD1L5y6L4TlIiPDbU6jyWPgknHBiO +y4/8QSVVEG1gVMiqoqvUH5gwmDI24imEeDJjZT5t6Sli0y16wy8Ki1JN8fHD3/sOvMmIk3Xw +V9efsX+0mmS3oXwRcfWJW7U/GXkW9myrQFKkF7AD5JHS+uehhFN7a749tjCYGfCdqJNCJwH+ +LjEohpX/DuT26RxOwn3R3Zu3RUUzzYyAVQmQqyHidOT3czf4NKKeUlUiEX27cThOfaYU4Mfk +2XxXBYg5cSI4E1BJytUsWGn3/Z8O5cXYiJaJzaU7GJR6n9gHqAPwZFfkMwAcpOKKZIHhJwHs +Kd5mCivxTLuiWvF9rm2SkbNiITVUTvISJEkwbGwhCS2GeRBsaUreiQIcBBABAgAGBQJL4imR +AAoJEK9VomHHx2zjOE8P/3R/mYHN5csWuRP275PNqBNaeK74Lzhyy1ChTzv7HiYDMLk89DeC +ZDXrpgQB4rgVnv6MAuyaJ8N64d8NBtpdvuAGT+I7+qHhYJHSRbq5OodQsSnl1bYaJprlqI2n +nAhzwrgP2Htpl7uE4/9MzHTLopHojilximlwQGAv8IIBGgMiFkOVbRJq/OFcY21vU25Hv5Z5 +TlaLi31S+ayHuSjMDYCn4GWuMB3phLdD04+XBJj60i22XC529Zokb17A6wat3uX5UqiaysXv ++Dmeus2h0wJMfEQE+LrN9bdjwzhNjLYNir8VT+q6h/JiKEKhmK/syhg05mKCFO3zUac7gESc +s68BnJ6K29lS2mskMxyQdr8JBu6gb0RTlpkYJslOf75GvPCjDajkBbw2193eV4pP63wQ/KQk +gNJsjzZaZ9z3XvfyVkhcTbz+XrPCtwDr71JchsFryatrVS4We0vZCmoc80CBLHKITWCB1ItP +QQh3gupf/DytyxP6paqQLoiLX7+7w0AbK5JFMylth5QEv5F1vcxOPLib6Mk0bp9k+AFgNfuH +YObBoPseCPis2xa5z5wFYGEO6GzbJQ5PbvLKYZXu6A5uqqStmFC2n9knHVnPD+VFJfBDeE1T +7lq62lu7YbKeU+i01VB2p0q9sRxr9GuXS7m1t6RqoP4MWk0o+WfXNzsuiQIcBBABAgAGBQJM +DAxIAAoJEHzlsHp7IIRljGcP/RY7POSMaZgwe2LcYwtNqKPHQ9NcJojBrCkn6s2zebFH2+4s +VsgRGoueTBZ8/T+4uZ3XEkogiylESZx7UI2+GDG++Dct6S7rYILpj7j7O+gS/oJu6ro/MOPC +z7R9rleO0cwytVP/NLMS8YJiCk3Nfj7mXovH8JBaPrcW3F/sKfTW5F8Nv3q/moBcUh3z2kfd +qveq/UaIN/YniblpaRdHTWVxl9V02ncXDhUKWgeeliRyNCWcVn7X6Ti+HZA2Ttdzu+rIww6f +LgNmhSk4FYASJ9UGdXRdr5Rul92wqQb5vRc1SdgW0KL9LM5S5ln7YIKZV7CSPvHWdszqAEo9 +ewjd4ur+vr66js2KQWnyze+eP1Zr0/byVaZuQqb/G2OBIt1vqwUmujawAcVo1OD11khAvVwD +1N11c3chwMT9rURr627Pyr8f3hhHgjPiON098JoWlxMCvdIADGDXj9kEjGpLvlL1ZYZEURZU +gttfrYd/NlekJjKVRWdm4wBypQb/S95lL3Sgq+bG+xDgqIm85aj4rgoRvZzh6HKfHbiNoyD4 +cJELnI++eSrnmKopNYILqNpHBZ4Y14owZQbdy2A5gHjSnxPpQ01r+fQowXnpZeiTTxhHn06p +RZ7S0xHm2GyfIZUyDAxlUMtQLl0xqp7U3b8+GL37fKwRWRLU5xBFFNh7DlBmiQIcBBABAgAG +BQJMOkliAAoJELbEp768R94RB3oP/RDwfrQL2G9aHR1VXN8McDdNKa3VzCdfqrHg/8MVzFZz +NhBIY/dC5k9GaNAzLP20Ll8pCUpLcRr92vR0GdcUMkmwTXoILAse7uiQa2lhsYy1OxyxEeMp +tLEdWmd6Kz7Qzl2qn22ISfyMI4AdC1+De+kigV3Cxs7l3eufucliky0/oK95FblqHvrwsn+c +wXDDlZnQixVY0fF1uicbbLhozZF53hRx+HvuFkNZbfAz1fPUx1v/LZitZvB28X4oNkDNHYjh +c65eorWyWxOlcgcU1YlhBbkbE4zh2mTWZaHyU/m4V+SEAcLSl8BtOppRWeBwx4z9wY4lTZcf +/m5VoSerq1DbsaZSs3qk+C7ELKmEzwqnPmnEIHpCo6AOViKRZPkV9DAstx0xp7RC/Dgm4Q0V +fPaeHMUNh0FKC5cYhtxxqtBtyu5a1dXHhydZzJ3ZnUcCkCAeEl80V406R4ccHmALg8fCIhyw +tIeNsk7oD6vsXoxdjHkJ2VhhX5utsuWcGQe+i7Ft2dkpmAPkLT0tonL81HtDtFdyz9vKo2dV +yzJN0wYAp9YsrmCF1bItwrqleBtt0JndFlUWcfApzbF5WS1qvdJN15J8MRIjABfSzGZmGN/L +yKp9uQpZpD7hoOl8Sda5k13HJWdFg66DxwO+fxlX2SbDUw91Qfp+9o3EvKVkD05jiQIcBBAB +AgAGBQJMhg4OAAoJEIkJIX3DTuxXkpIP/1DWeHzT2PCywrVxo3BhXVnE3ed5JOHMqNl8CvRX +NyOedVe2dkf3z+ZEGmxbOkT9n1OHr4EMnkWmirx4ToR8GMokVCHe+AWLPfZQefb0NiLtpown +bLqhVPLVeHDdOulkPJp6yApHQqNEGf9CXNldguXfF3kS64x5O+bqftEvOK8vB0oMqp7GTh3K +1wIbCdRGkKsb4spwSBUxtRAdhenw0wFIgzIl/ng7BJ6Xa7Ct/+K0fU6AevcULP5YWBEaEian +mcQHoQ3XoPM4nbQyWLQ+AIC+T7QbEL2rJpa/fxv1xZxT2wlDDk4RMIBjBXbUFrzcHaCoPhBV +a9cXjSM5Qq9FauEYyrFXV/OujDPfzgDwI+s1fd3/ArRwKkQyz+CGXOxHLaX+pj+vBo/CNzw8 +YpeIDCoy4w0BOw62mA4ayapNTIQZxRrbCAiRrF065uCRNBDBFQe0vASeCULQiqza0cKkCjE6 +CW3boc1knOeW8HkChNgHDpYijS1nLAFyabJbDXHBZNHP214I8SLnmtNtupSw5gaPQpnMXLGm +uXp/J+4kbK46khYp6CWrAy4982GPoMBXLjq9t/7fjoayA7YRh49YtBJhC8KRGLFz4QTvL8+s +SC0tUMZ4rqGTGtauPiUz+5vMlYv4joL30ncr3BiFpn6I2LDIhMl9CCtPVZMazHGP2k71iQIc +BBABAgAGBQJMkNrdAAoJEA/j6uYwRdZVbi4QAMjyyrYNb7o8DaEs1bNROux4doRWOl321shi +2w7b/cipJlP1H1nz9YAaNFz+36QFGbHXfSv+YIaUNdh9jmxeFVG3jxVJuetV+Lh0VDc5hhjK +vQMNJG5ZjglhfvfQDkztyoODzQRMvJ0TBnSHDfSUfQv4KSKhuE9BNCPzB4S7X+T5zlWBCiAk +Po8kYiG+Ejsv3M7lxrMT20ihp4ojiZh4tJ0Ovmc5J7yo9YOo7m+op7iAhm9GlrxYv9WMjIk0 ++xnhhIisRMBJsZgRlHpXcF8fHoYQEwSWR8pYWzJpeM2KeVkAiUrZCXWAq9PQtSQjlSZdLVFS +3JxviaGw6G7G7Rii94rsCfrxVUv8ur2U0w+/QdjnZyKb8jOAUmJxXoeHAHBoCQL3gsbCAn4d +UyItF983s9xX0ciqNg0yw5UwqUHyJoI3dgiB09R2MqoFfTfx5ig7bndsycpIlTRVexM/Y69a +xdXsilem5B6XrMzRxv49QGV8lzDl3qDWOg7dWHOqQrQF4p+sQQlDrTZM4/eaflA8++zgQy+j +qbtICNtsMb9SY66Q/jc+A0IB5dmn+C7Y0a+xbsNj3sgqoeE2tE/1P8XkfkH7yuDqxqjRjj2r +ZCvkruVRGTEv1oEas9ljqavzPR/Qwl4BTX2SeEens996QvvL3d9zOCGMkvyzpV2vwxH0Aaom +iQIcBBABAgAGBQJM5Sp4AAoJENZhWZqAqWxIKJ8P/0cAJycKWuOW9JyCyhsDcFsQ3dvzn9uJ +oSrsQFXUe56feWuJu/ujcS/ysaLRBFs+aAPmtmriZVRGRCutxTZ804c4aWAiNBvZLtaDnkYS +HjoZZ4ixE4SlSj/V6qE/pXZEweUhBF0//WC8kIxwHiiilPmgy5bnR/+0yI1UUJJSEl8AHHQH +pDuzAeyyOb3v4gj8owuDAo50LAFAq1hBOkRbZs8B/l3LMKHEsqrJyAi/GG6KAZG/PMTiCVVO +hrrg5LC9zJBh4e+qLEAD2KbAbBEOacvJTfxAEjk1tzJLvmDPBU+WWHbWkHneIlO7tctikhyS +/cwesW+Qn6z0CPl+xFNNg9vpv4qK6RTecW8UVhPaORuoso52pPNYDNS2H0tGwwG5WxB7ZUhQ +GSheCPNlWBjQpV5rbro1fG0Q3+16u2hoASVrXsKu5rho6E1CWDFIhUV3SzTtMO7/pgfKLox7 +Q/8kn9N7WTobQP0hvJl5YIbsimr3+8N2eBkLi1/8OxKWpoUYWAGg9FE+A8DCrIVXFpYeTR32 +sTo2wepCP+XShe28Q6jNcE9+rfUwSiSNDD2MWUM11lpnif1nymC/bgIl1hMf9x7AwMDG4OwZ +kJTAN9YX+h1dAuwEKsiPes36Hrhb991ez+MyXrY9WpZJ301/mdnXJ3wWB2pgygwcm7Z0vIa8 +SJU0iQIcBBABAgAGBQJM56zWAAoJEDYZ9+byYrqs268P/1QLHmWB/3ZwboK2OcWf7gDe+Ac+ +0oY8rknqTQiGhAN80u9iBgv/53Pw7i1Nq3W/o1OHqWp068w9EHMUiSHHCHQX9bs7W3zCbDqp +p6LVT5HybY3hKioWAR5UVMnDh34rHwXjJRptthTXarLPsWHtwsYxAJ26tY+PgiunYLfiLBLc +Bx/NvTEQRIEWpOKaoB1JdGwVoDTYY1PYUrKm7CuDjKgz+TnCQXl4V0E6v5iPWQKHTX0M0FHK +sQMEogYjX5tpKc+9V3h1I8ZHQdvEmMGtv9u75gC6kGENbi5OY5mp1HZ3TdM/M9acw9YmDwNF +6A6rizloe708wEtqJhijriee3JLABJo6Gb7HTHK8u66If2qyGB0m+RmInw5iQWsrNntQSbui +uGwbBjpDs6yA1MI8wb0rJx0rsOhDg/pLn0NtizUe/K2ZmWCGwpOy1rYnps2WzLN2CH37JJ89 +znm0VLrdBlhMYq12141+KxBQUYB3jbH6a2EcNKowgE6qZSPk+tywqjQjiLJh+jZOaGEoz1CN +WurI5i/e3SG0q7rnwf09hvIeNTXmvmTbZF17VLp71XMS/kXOdy91Y7jOWpI80xB/kuCN/bCU +JjhXrS/UPyv0BrgRmdsRJhWEpo2YwjKLOyuUNamG6cACT2s7JO2thAiRU42G4MLBLMS+qj3B +03NScOZMiQIcBBABAgAGBQJM56zlAAoJEDf01dVravFiBWAP/2BrILWTncMMath2ethXyk2r +J5HfxxSPaMRr0FcEfOzXDRrL7FDjjaYhskmTxzkzTpmZ+yyCE8SOEhM7B0Ul2g/BAAwa5DJk +HXj8nvj8Z9rQnTatJF6k1WrlIc4pP9uV56/lPvsgAzOtf7oviZEC4M7UYw4kukyVa7Lfqc0Q +kFD4WMYkaBVPO5KZl/jydhW4UubyElV2Ir4fIJBkm7rgy71VXFIhwM2YN9q8dMoCFmx4/rcZ +JCKnInVKLxHRhHQsDpQXMLWhwBlWu69CNJwgf3mQAYG/EBUCJhrRZrr4O9ukn8XCHEG9nY1T +fr9J1b9jw3QmjkmqJmbGNyPvqRP8sntNrLFsZTL7Y0HkRcoYjsBGjKN8cf/GuRy1QM7an/bY +mK92iCppSD8qDDSa6CxgfrveAs7znhtke0HENMd5dZRmtwUclJ7lk+NkEBY/REj2CHNVB96E +3iBKDQoQgTSnZzyJs/7EbUAGvv7cRBeWwMCmiV1sXM4WqbmpuoTIHcHBMUA/OtZvt0hg36Zc +BwjqeVrFHpnxSHxyJ0o/Vxi3nTPipfrqTSZRLIaYCEmFDk0rmiJW8iZHD6iBFe22rBBjZvf0 +ZnXrMSkTamE3EeghFz0uwMW+7u6y8Qc3RRntRcHH30llS/8YKo3EMNthjI+MylDJXT/L0PE0 +tFQhb+Sh3XxyiQIcBBABAgAGBQJM560DAAoJEC40722FFiaeXRMQAJFRDB+ZfdyxYedUMb2i +I4TjLasqpq99bKhuHxp0e4AIYoB+r+enZJ/gqXwjhL6H94oBulrhnEjrF72PTv00TuDdaGAw +jfssznpKHK0smLT6Q5ofD0IUld1wVO3Eu65QN3rnz7ogDvs/13gJQkVpFN1QqNFe8/lF0xTW +eq2MMdgk2ifQfzxs0blCZlUfE4/H1fGpyx+EkVRUEHaxbz9rxAjEcJAJQgpZvZOVEs/jY+8v +4CfAfUQzTS56Kpi79lWQC9VAc9wBTqr+W2j0hkmi2bN8nCesvBqS40tP8nTpP/2cg2IfaGY4 +F6QZ1yOtzUd1R/LniLKAoonDlpoz1OfJShy7Ol7FEvQV3bH7hq3VNQK033ARFqCS54Xi361B +FKbPja2JECH/9+ogmh1i5XVV4silaBsXANZr1Cj0G/n/YOCw8UPiy9xab3rREKBLbU1Td+EZ +Q0cVGUj6h6XapyoiIsEfzxPo5UhOdspO6XER9bjFV2qF4g3O+neqKpnXPAVNVJvVhYts5Tfw +Itnfi9fLii5quY30qYE/6NcIRWFzCIg8JRsvPvn+SGSoUMZMsstTgrH3ETAlzNXv4jkKU0iU +pLNCqSAo7+W04VuD3hVHXZ5/+aTOUlLnNSSEilWQwqBfR31/JxlNlmMmRTdsqcE5GjRLQqRe +BUDkhklDmj0GXvb+iQIcBBABAgAGBQJM8DrNAAoJEHEhfRz+rlZu7SYP/itsQarIXe5oM1Oj +kflqNlbAFJU0onV4Wx/ZX/rXRvegpDKWQEpZqL7fFhqls2vmMBxKaSxI8aLHDRP5Y6qs0JvE +dHHLQMdiCrVinp7YPhIjiYLRanwlN/QHS/QRKO4C/VeNjV1LkzXx+pCqkNLgWyhjP0KZipI2 +gcagD3/ZiCU+f4TW/B+Qkps/qGMaflL9ouxi0Suvot+w652GPG3F9FQOy0riaY6rCxf1t108 +Fky4au4jaA3AITIU+EF01PIDCGlJuhcoyOj73qAVO/goKMfLWtdmY0tm0DVKnd3a4CZepWaP +pa+96yX8QrwKyKjbX7LwWsK2k+1JYxaY7XPIB5buHM1MtyCelxg8PLC0l+ziYBmOlwuYiNMz +wM4aSrI/+ylFGWe/OGoMRCgSelr/NzIhdI1TJPJUqIRUfshFx25Mo6MdDiBZ1AJ5dSHVBPWj +1nKn+hstrXYEtN5yvy1ZHhDX1M3KZGLxb3uUB/85aPSyAcBYqWU1TAQLIQs6bLOOaU2d0t9r +Q8MfgzcQbMRL9OujIl6P4gpWcvg0IQzmAmhDVVrQZrbnW2O0tT6Fwz8HU1fp/f63aBdzBDV3 +GIHcWbQlhy7Ia6JaHoHrdc/es8jLk0nd2agtI/UdC2NDWdBGWbsBUzxRZOvWF9jRMkJZyWi0 +nEUogEAGhFXU1dRtTBWLiQIcBBABAgAGBQJNDVTLAAoJEMXSMaHgk06YbyQP/3SF7pdG9k+6 +g7DsvNYxoqm+iwMMk1o22UeyhpoSn9l2sDCYr2P7k+U069Sg+MQOQ35MZDgwNPZ8B0mY2b6H +WYx59dHnokwrp4S/GAuegvWQ344TuZ29NIxPfqOOSpNbn46pZIKY93RuXAWJC8U1cnAtWofx +R9YQKuW06SOzNg1VWcDqiLkSIFBlkApJaBHIPEB9rEYQ3FTDjuGmlvW2k8xX52rucbsl0Gz8 +qxO7rasn1GXxq3Z4hG5wz+GH5GiVDP3zt9nKWqGf8+VYwB37CZ23GZ7p0f45Aha5DT2PNtcx +8zkqPm/98BESGInNyMW3Z5p0b9SJwQkRGQ7TXNRqiHNqKuGg920O3T1R+tI2LGhosDU7OPAR +ef8xLIBSJtM38MOrjGhGOKJX/p7KMMGBxdGjntNpyE4FC33MVwTAeOwAdFCUIhzO1CITGiud +BAHiHZ8hCV8hCTo1eKu8rLA9YI21qwl6LXX6YWFadbUrLPod67wjoQV1SPcslCi82AsT/x4P +dhGYmNLX4nbNdwy7Dtm5cN0tHjROQhgY5UBjtU75EHdUrmfxrbD2OGqZ66AnUJCoxd4pXDCx +IQaJBZZX52F2Ds7VepZ0d2P+oP39/UTlg8LcmbrCKzvON15UI+JuSGIJBk+VeaYBKA/WIYVz +aWlpy2lZB/b6ZCW+ykEA9fiGiQIcBBABAgAGBQJNDnRrAAoJEJNk+3/olvR4nasP/1T4sqRq +7Q60bAJKqvfJz5Bmih0Z54HSL5tX+o2LfgudYzP5pnkr6xk1THl/iGHex+v25q6Euey50MhW +RWuIXybs1F+fJIs5T7a/X3TzcB/tw3IPvU4c3iOO+bmshKKCsbMgFjvgjttBCettjjCuCFbx ++JHeQADBB0K0myA8uTUFr3vO5zFi4BgJxYHMt0GjtdxkNW+z5ubHflnvJ+KnDQqOv7nqeQ28 +4mIko+rmLn24CqDfL3mu0NueyHJ4nPoCDCUKw389eTRmEoAbnBJodh78R+EaDY/BdCjAcZPa +htZzgdd5aHu9xEICbzaW7sbpAcEOOTBNjAaWt5cHPr2Zbd0/gH18l1Lu8E4zwBQW2gdsRoxI +TuTmI8eEXhARNbLmayoHuIRylDmt66G194yGJaGjfyU8w/0FnmhXji4TtjvzlPAIZBuBe6H+ +NLuEGnaC2/vvFdV4MqC3OwQme7GAdrvV1ITe2FZjjzvGC3BzG9M4PhrcQ0CQxL4b+KtI5j2A +bgJrrCH//Ze33hRsJom5U4zEFe9zFUnS6U82UEbZjqZ2sPcSIqkD32iac2QCRpABo7UF3G+O +aWKn0oiIqskjAkatLC+QbQ2c5DYPm4KB3FIon5e6oxFwymb361eVl0Y5nt1sfbjCR+NyGeLq +6wqcT6xvv7lJCmOwoCE2a1d8JVP2iQIcBBABAgAGBQJNMIenAAoJEGi6Ckfnsdwk/KoP/RG+ +4ZqwIuOg/bHZ+UMI5sZ8suEjQze6QMA5SIrzoiT9mN8e17gaew282yU7CyWehL/ewxkTCQMa +KHgn4x+fRhdQq501c1DwLlPUIDYF22z6R8uFU9Fx//W3Tn9U0ifoLA4lmWKgNOsP2wv5B62F +xpyqNhf4GqBRiTg+2X/c87BCHCnIcK06nD5QD+1EgrOvMofZCE/VZm/nlYOCkhQ7e7dJsMWu +Cv7zBFTVt5iHWUFfr9o7eoyhz7BEwOc4Tpg5KC9Kk1SptIOt7QXCM+dWD6SLRj9LPZ1S39aJ +HFVnYFAyCICa59AGJ+dtWSlvR96FGASNZpik8J+ZuFfLWvlXkpF8+6ZSLp5AYVzh67YrTbwC +GDzzzOqyhTqg9V7Zl2eoxHS+g6tojI40GX6BlKxjfQXT1f+kVswUQcapUkUckX82S9b/btuW +sb4mEGoZRpa5H4nWVwyQIxU8ejktaUvzolxk3itrMQzKIO8AnOwwPheKAN5Fho9quW7ipXiS +Yt4lBvEv+HmrzKuyOA9rfgx1Xy94q4fV3Z4wdFQI7ocXMhG+53A9xqJFZ6ZW+YWuvwr+nQse +u8vABpbP7xvLaRZJ7Rn1ATkzkHSKvCibpGKNvluESeTajA2r+C65xXYB0YwsKdg3xQVxE1Sd +j9pMB81epffaP04SUuu+zmdgZtiRkcwViQIcBBABAgAGBQJNQm6HAAoJEN4/l+fuImlcQRcP +/3V+zUAYpkGR0Z9ViKl7NI4uIyNihMVlCSQ3NAOQ4gxBgvPdO6ydpj3DOzR6zuMVmZo6eRVB ++3FYu0GZyLHv5Q2iXSAm/H7mSnTKBQViF2xWPBGxKtjj44TTnwD8Ss6HfKTe4t6IttSYv1H1 +M0qJKaq1nOIZkQB/GVL0cc8HAepWiWd+4wMOtL8asPh4+MEmWiLVV05uREhqbuABb37NxpdG +Y6pyf3GN+fkTDHEtmCDjYHHq48IrU2gVSWX5/SZtrv4I/RnM8B2Y+UzwbTH8z196W8RvEhcZ +og8wbtd5fKfWcuS4zjsS0Kssy0lduHc9KOWgUaDDv369id5QF50OmYGsVQOTJ4w8h9Rs0ikt +df3O3V94O8dGd1tij4UPI76yW073QT4UjMF6j3pfR8Mznw/wsJ5YfjV5Uvqz/zguAEYJWXz7 +Li+9es9WZXWqTHdvK+1KpA32zr1kFgYY5Xk5L5OSv1R+gnF60NtJeiURisYwGUMhpE4IRTNY +/Vw49AgYabaViBw2A/5J+K//mTCL5B2J0DPDLnL46vNBUy4u4qamOQEMVEn+7bfPJG8ct8eg +Lkr05vZcStuSyanX/i2yx7DvUgZf4q7ZCP8cuaFnu9Z/NnObEvHPVNt2Yfsxq6Ur9Xpt9CJz +DV1c18UxGtYC33ymQrdcG0bPN5woMrVfq52viQIcBBABAgAGBQJNVTCiAAoJELzzRFcwAW1T +tY8P/18SbO2tk3dEB4M6DoH+XmzB2QOPHeNrWDeN9btSu6EfvGQ3M+AP7gnZ26I4kO/whqAA +cbV2K+5WcBoKjDcC2EUrCIrt8IOF/KyRLRUdeyRw4iLML/Nxlx7d9IblymWdE4Wc8nizlbMs +WnjT+nWFR4vn42gqi9OSZgqLU1ocoykZLJRdTq0QYVqUXBlfyb9qZFkq1nznJNcIK7KQM6T0 +OzEcGYGy6zbGFjVgoBFhMJz98KAes0Ud947wWN9o3YwOLEUTmUYoSk76wR1XkjTyFErM/Ba6 +ctrn+QrcaKQHdIuhh/HU4urJSzIyNOlAW0HcrVtBm68VdcqQxGelOUsEwfTPbnkujSRC+Yse +vQQ6Nentt6U/mJeYa9h9ax+L0LgNqFqPqI4hgx5HxZiB70vFQliwQgSGXZGYBozHaW6KdHJg +ealZ+iQmaykyx2lI0u6TQqzqkPqzkYci9Rzd57H+FjymQ5NoD81ErO9OH/QJyC37cSXBtGtj +MBOfgClbbuMVWzGxpNpXcBMSIvnycREtyM11TqL4MINcjSSq/KbLF127HteoOqw7oQllM2wf +dzMbSLgL5WYWhxsVfLLc8JEVuRw/oTJiuJ1yLUgJhpb2jRgaFrt0Opr9s9QrfBRpdKEGksiI +X8aJbZdiiZ1UwBO2ZgIihedsxl2a7PuAJAb/ScZbiQIcBBABAgAGBQJNVTDkAAoJELp2dtb0 +K7qgu3QP/jaFxuncYtnsbpQ5+Q5BFYcgYXRXoFA8V6Q4yaLe8JoQJ4TgcDxaVkz2IU1SlB0d +1IimfLe5yr2wyIYt+Dzh963zj/Wwb2nmTXDJq4kbyQ7HT18DVAnHrbVm6HT91Osasg0d8+rn +Vx7zY4AzAqC8YmEnqelQ92H1kXFMyDVhXshQHMRdENJSTCMEV5RPNH+B99slYArQMX7b0uc8 +sMkv7KCAPNRJUhvbPXwfJuTj2dHh/qzO1vxHnf7fYowhonGU9jCSb0a1BCLemwkosQzyyoBj +v30AJ7kyGAvCFU2GMKcbI8E9I6SlPcnPX2nZUdiUzj6E+1dmc3SaIKAxMCNdke64eC09XGc1 +ZI9KuY0OYfMtsIARNExMZutl7SyrDITACmzesXM7FPYpZvkestfZddtK3aLAittF5sTxJ8aK +JgMd4foZcHODgCj4t99H6B+FzliKtODwSP9EoRhjdIweau3yfs1L1uMjJbWOS7nh0bkJKASR +ODbMocZVmCJCOccKoopPwB9EQeOtYHi5ceLBTmsgyT74ovoAj17aolbdcMSbSFgtFh0S6PKl +qZIUWUg0l3TcbO/3ED1aY6ngvtwDqFZDPVRIVswUyqG4hbMPHtYiw6Gl1L5SMns7NX+nSx/a +LIvnh5MVi+1513WS7ch2fGRiRdaFyUdPvjdHuKctYl6WiQIcBBABAgAGBQJNj9OlAAoJEOw7 +W5KwE/1gNUkP+wTP26HpCdeaDb0HoHs/Yx6NpO72bbtPL+Wfx5AXwAeeLxy3+rUcXadxL48V +1MnieWq08UbbJMwfHdrpcp+HiCpDRMdHU9XMOUGE8GS5N3ih+T4OHEohrwXlzoCBzfMME4UB +Gcr29DKxWDrAOqhqrtA8HmH2w39opmojJEZGo3IFYHYd4dNb0FmR4tgOaJDvCGk5n2/T7vd/ +AJYJ0BNlJ/cNqrog3kukMlce9GOMBwrbWNxQVkazNH01xEmMdoLL2kLDEqw6xnBMcX+UQGO5 +kdRnxTazToUGRFslF/xjUOS2bS2t+8Ojm92WHzXxDR2lbHa8oWzbYmJSX7VPnw//WiH3OZ+Q +Z4pCxb+rT6GZvvT0rj6qILo3wSnB+jvOj0KQnMWRRC5N0rJNNHdJ81xwCC/ha47djAP8padL +gm5j3uSEYbB6JexRwnGD6onZg1h9pEJKVNsFKJZON+zH2v3ymX1plxTMnLUkrvK14fRtg4lW +/M9i2Z1iEvV5l2BCYm1InmHjPI0aFv6Of4Lfg6pUIqwI01xkOZyXLCbbpcOQe5R2/xr4typ1 +xsXZOliXURkcLKgtJk5tcXo6mfR0Ssl9NqVqGJMqp6B++2z2ByeR56cgqyVaMgD3M0Qc+2SH +78jLJQ4xFBYPwbyYNWuANnaS0yc9tq5RpcV8etc6um+wAUbciQIcBBABAgAGBQJN4yVHAAoJ +ELv1Z2sV3fxYiAUP+wW/fCKIbA4vXLkBUHg+tzlS61ZY6F69q4+U3EgOdRkEh3usoHKhhpfD ++t63qsJ7pGOhqpIM5M8T5/KV8PiMhFuSo9P/T3eEgFcVdxTJX6/kc14jbLoRCE2WyfGDmFJE +pYB/sxqxX5eYvyaVTRkZWT8C6/riG6wRRRvMGfh0LHL16bybjBtUGSagUNPtBPAoO8VzIP+6 +BnIGZxcoVwoO5Ctnr+dqQkK4aWWf1lJde66c4aRE6Uz0w9UDNrRtyOHHbQir97R61YYEbon4 +8mKImJeJVbWYQdd3qVwfiMzXP2oYz9EIsUrhDd8RdAqR9OG+8BukRDGUO1HSA+v9Gfy1RkY6 +TNI4nXYCystgLh4QrXBXAoHJC6IiVaYT3UyZmhDJTiDDGgwyVbeIDUlrPGKt5qaU7OT3gjmF +5+tT8/2mxZgO9+8ZxfAn/SnHjFb548Ae76vb0huDSFTecw7LGxP1CqysT1d6QPuzBDhTMpcH +g5WcVbf0EcxcLDClz8vDTVCsmxZP7fuAe7ErR5oUOGc3VEp1avXGBi3nyIwaZiOWvfoxIn+I +pf7kTPFCUQ0q9F7Lfzycsywuxd+JqDqqbM+gZ2SnuJgZ7gtJHgD4qmAGpmECaeeB+Kmm55HE +wkVZaUEQTbxRWneyIfg8n8lsjCPRqJEhg+5ZLk0+qoxSPiJhDm1OiQIcBBABAgAGBQJN/qrM +AAoJEBi4b47IXP2/OzMQAJoZZrZvWTm3//c5g5FJZ+tZ3vBsLTzwjDxrB2UAIkK27Xkz9X+E +6issmHSoxc/wtm8YTw7ctp82G0/h+hOG1Xi3nWKQZ9Goh2vMZtGiuh3LPhnxdktcFmTs8sEn +s/8GuWe5kvC2MXQPZjTXzoGB8G+Iq9woYZ8ISmAuEXZSu3bBaCb6HPJ7ZcYK9o6v05ZlcOpA +b/O/R2F0JH7VCuAfRDopq9gQafvdTL7c9/UQSdfUlzFIwj1VB2ymy/vlx9PrVJ53wKjG8kg5 +Dlr4R29SK1gZGM8WF6WQnZpu4suGmlyFT4LeGgfISBA7lzl9lDq6KRee/bf3TL+GDITF+LfO +nKX25ieDCU5cB+3KfdLLYjmIKWsN3RasYI0GpSGfQYpEuoHR2Xi3OzRV48G2u3tcRZDs25+o +k/k/IfqrI0FrPzBG17UyLfg2w0yY523QUcz/x30oeYX0JJsFMQ84qjT+SGgByYbLb6tT8WGv +S+F0+webFH9M/DnniCsDvUbchTB95sbuErJGQOktGe/E85lE4RadPrqw+mKbuatWR8SD69Wu +5Z7vDgkdQpg/6Jg7DIJOELnSjAxKuumBYYyr6Xka3Dg/xkfa1ETMa0mxH6boi53ibNpfwMOB +Wryy511M/zvpk2u1v7BnlfxPxYSO6gEoIWL4EZQiCKc3VfGiFloYoHjDiQIcBBABAgAGBQJO +IExUAAoJEMa1KbqRFiGMExYP/2piNa7W5z3jWrOjX6C3/Rg+Ky4bGs+H/Nq3xkvG5sbY/9Yq +It7Au91i9neSxpxTqMG9FeyEsST9TvpNKCA0qNIqFFTqZmIdAZneU5+xDKyRFMhnhl68lcUy +NrHUjy+vw5aK1o2u/hyuBgv5cHlfuU/+xGpyl4ibDDK9C3qg+ehBkLabWnaJhEzFtKI9trto +Lxws2rMHFC+CZ95gRmfMy9wmQibc3e5m85FaXSNKvwmBM+u2fJndbYJYhuSOjlHljw5nxPje +s/n4TkPYi176Ejm8bi5mGTYH04mVohFq/Wq1ZCuxExTl8DZyga6SrX4slqoCU8FRBkHPOS2D +8rpKvd6/6VnV+m0zamCWh9ICvsmXbvd9hbB1+H/TyZJqbWFXy+2omEtDxT9qV7thWNm2iLha +d+kF7b9Jgjv1V8I66tXwgzheQlRyIrPDDabwY9G1a8BlVOP4PfjRyqFiuS3pwhuugmjHyezn +GKOpYoRQA57bgpbrm034YBxi5wPEQuYkYfKUFdNa/RvysF/QIx9pAFOnA0IxUwaSxMY5zUgQ +15GxxaZTYsipWhxj6ikEaBL7JJV4hrLw6MUDoEfa4MgFKr6304BqmLuWOm8EoClyY8mvqm8R +ZcUYnGGGgziMpzyx3pCEWhkz9JKT99nCyA4Jsv6cWeP29nzDNw2E3oBjkW+viQIcBBABAgAG +BQJOVl0MAAoJEIWcOm2ikyHX0Z4P/icfl+PQFG4c/gKe1FSBFaV4r+kwRSOAwNgEb7rRV2Pb +b3WcrWyJwaMBpzTvPvAh9dse+gdc3wk8Td26iphm4Fw7TiUA+Ip1BavOnMjlQeh9IX0woDKE +/DTfEHi7TxlJlJQuzOkxWjKpY7EL+nvcbGFsFltOiC6eKYmuPwSWvl585C9YfRmoKGNBNYTE +ROxfpE3oGvPXgoR8XJli8DS/ZSC/kUAdepQ5FtPCnVhunji1D0aEA2Apa4rOTLK5HeLB+P+L +u2hUavTeqUSYB7hkj8YqN3luOPpUmZ8h8e0DZs63ZdLqHHdfdVM6ng2GJYf8Iqjo921jITEz +MXxuOrIENNbW7o0eXziBYDjOYY1ScW2Z1qrxro0P0HuMDXMc/3Imtczsx54fb5Uayl7F0enU +1Dx/MjUfidfIjG9AtXaWR3S776O+JHZmH7RnUXwnRJX1PIr+HO5hW0FnlGRR/47nOFalOq5s +YVfIVgeebGGhNYUKWXutzgAgbS9sAPYAPcRlBo6+KK+0dysrk0Q1XECir9kA/eTGQYM8/0Hf +isYJdWImHUG8R0H5oFVL+zyuWFIhw6LijU5om3ZKzfPJjnoAWEHV7JzUqV9br+xTdso6PcaS ++dXVGNygUP7vHs4aMRb08tCWdUJKKR/v8G+P996fXoJRwuGIW7v8U9Yo7fyFueS5iQIcBBAB +AgAGBQJOrAShAAoJENxpDVeFu0iP4AEP/3G9Lv2oUias4M1rwuHdQ6ZMHqBRquz1jfSpAp2R +dSLIHNPQ4czTUeiXi5vyyMAZWuTKgXdv2k1/16UWxEPovjKa5iYsAnNN5mFDn/731jAS+CdM +5DebKuHR5vnYHyjRgXA+vdnweG9gRC1P4acSSvVEfxtlUgW7mFpQvWQ5+B6hdg97o/8XeMxM +W5rzoFiLx2MEMBrCEq/yeaa5yNbDQA/F3Iw95SaFo3n3vQs60XTvEfotRFQWf1sXDmyQn/B/ +YQcqngZ6Tibrg5/l6GxqIbnK1ZWPOlsvMDCc3/o9bODN1n/MyZ7A5/IGtrcNvnNrumZXgbtw +iLF8tTM2rhbMV8bkXFd72HcsEvIjV20yGvWf8HOUTgNeiN6dwhvRHNjwD+EhABqmfI06f3/G +IEB4X3vCCa0t4MBpks7poLSPkOwhov0GSNXdF3R5f96ESCeMAZh9ehNZqgd85co4k4iavRUl +RXvY8+dUBwmEc55Ap4OjLH8WNRqp4M338Tij/nlXaDUFl2oaiPkyv9Nxak0lZa/yaX949UYp +x4LeGceI+TTk9pKA6VaBz33Vb0tVyjs7M+qjVck77PFwPPnh2D+YfFWLF+3GH5ugUZnt0vIT +Oef1EydQicdVanL/9qzR+b3v2Qo5T1nNvvsStvDbsyeih6Yk5ker2LH4HeGKxOI/1bx1iQIc +BBABAgAGBQJOwH+eAAoJEJAUHuLavLiTrY0P/j4A8jui95hftopj+5utMPZLfb9ZP44j3US8 +QV0+YOunyL7Ap581/y+vadSBbTfAABJjJo7jvnM/RNC0Si8oPNWISa7ycFt+9ryqBoKdHX+y +adeBVH8RfQ0Xg8iBUkjbMY8n20S4r9Vke5VSQ5hNkUyymTGLJKjkjQ7+TWAYjTwGwv/YUx+7 +MJ7KpJJ4XXNyahN8g73/fK3l4Qua1BRnczzNApnq6uNUpDgQqkMorSo+eKwdm4V4bD9pnqQs +GHJv6YzE9SCtTfPhqbfXkal2k77mVlj2BbbJyFvU6PjTI/wOBpSDkIUSQor8ngA0CYBNuilW +ESQpRbsYW1rJq5VkUEt4sOy4C68oftgbBFCm5x/87gLLxjhVb55P2NSvmck9ikmnsA3T1mFo +DeKPvflHWJbc8U+tSmvyt4LXRI41yB/jyI7rWDQauVXOX/Lm0V4kjcQIhe1eiSQB3fJY36Ul +PI7h+OThXLry/pIZ8T0jowJmxJtX8QYY9MhY08n5OjkV9xDWOoTjGAAs3/B/zpsnXwBpkZ5L +N2to4J1HM/n4UHxjMBiEMFtlpG9Wn4lvFlHuXB/61DGkiwfFOHzaNLqX7rz66t8CozKnkGYd +9Yr8LpdlqfWnCLPE3fZXIXdPgGZVEgrap8M05MIvI/fruHP/xPCOCKnWxBN0OFKGQjYo6plV +iQIcBBABAgAGBQJOztVdAAoJEATvAi8MGLnMspUQAIfBKRuJJ00Vxq0sb/6bSEN3fqjS5AVp +G/L0TIrX5y+XZRMt8jtXaWo459dika4F0pXgURif84dZgxrh9kTCRTQL72ZC7fxUnsshnCpZ +g6VZUWK37LrfFzkEFEvz2yQWzCA20b1pfkX6B7gzRJuvPHyclsRS6mcu3LCYcOQsgnPQPwK7 +dmPGQ7vxgQ/c+tPhGlAd4jQoZSUuJSufJch/m4cI5AybE2qA/Oq3S/ybgl+oRJVAMhjDaFGp +yqQLoW9evzoa/Cvi1lSOTEFmwgIKYC8B3b8OR590FJFfKOGSp32WamFtGy6potT3sEzm3wJ2 +gSaUrgBmTLqQeHkv57ULDA0KAxAQTLgNSr5NS/qiSbfnT8W/AmwoGTMUOiCxTVGMCenLZKVS +NCE+42qRcILDHJzThiDzczuE202zeu1OBmeleDkOS6N7oWAgVB3ZojYUya69ZQyAPWliEV/3 +c4C37lA6wfhVbvXaOmzXUHrvy1Ep9+JZiAs80pN3rRDcEiqg5nIrRbjkLsC5ZzOI3pB9VKXE +wCZSiMi4SFapSNykd7xOmbL9hwH9u3i3mBmgHXVZNB79uAHPRxj8Hqw3KYaK+VaNj4Lrt1eg +4HXv9RWUOHHEAODuox0g6ixQjy2pxMyDtugad3BSG6fkM/6M97jSJ8QLX19Al8HUWcOeS6vi +WJTbiQIcBBABAgAGBQJOz1eQAAoJEAybm4s/bhQgR8AP+QE2gd6WQLS/nHQos9Z2T0ZuOwv7 +0GStfpcJcEHXAL5FfQkSbFQH+ypHHI6gMsRythC1y8/nY0tlXWu87S0dGgQAkaXiEeqbCl9P +tbMnhQDbaYnx9fK7rMGaD5yreFa2n2iVVful5Eg3Dsjbbll8M8Rn/+cCsu2/d1zesl9UuH6B +NZg+rWtcBQK/8semEIyDpxVabYmZVUG7Q+Kfv2I/bt64Acny5wVViQDCp9w2KkzUSz6aNTfz +e4w5aAI3QT0PQadvhqkS0slQckKbS1FZcIhKYHM6K47dmecKBjQSbbo8CWRZbHUUICVm3XGC +N3SPO0Rw35sDqodWT6zcXr6KqwhIZQZsx3wxXvmejaZhrbYxK2RGNbJr8s288LK9up69ZgyO +8dLacytaLx6RhiOt4FI7o7AG2isMYvkTQKjBHTdf4sUEn96aohdGM++9XtGWkjNUxgT5qSXB +VBucJY5JOEZVFcoMOiNTy5300ukjPMsQvCuDcmkc4b0whR3Fi3GmYIhEa0Gok/KIyvJZ3GBZ +KxVPx0CY0hi8WqlwKAR0cSjJUidFQqoC1M4usNp0IRBtd/J0Ok+MGw9rP4rRgvj0ZGnQxVjU +NXkJZ+UZ3JR6uVIQHb+frTjZ2SpBqjCY+rIgRomgtBDjoAXutjEUQ/rsl0CprIc+0IHaqR5h +gxWyIqvniQIcBBABAgAGBQJPguM8AAoJEGSY7pWRsR/ogXMQALUHtmqIBHnOonEyBEgZ9wzL +fgRwPMuEg9Q0vMrlAbWfwQVB6C6coL9gFCo8LSy4XX216Vkm+eM4HFF7Jhx9Ltocwg3LqGod +IYNoNHGYKHC+N4F4sRa6neTr1sr/bgjnEIO3OWYzjv/vbplQ3A+8kX6Zhbpy4b0vgbUknqbh +ouYNI0FU2jOLe4Z7n5PNg9891H/ezqMQP1+LN3+nGweyUq8/uGjrCrGGEs4scCNI3vOUYGZp +Ks4SCPztMejWS/bbIvhXmIvTJ5cd7bk2llY+YOf6sHNwRdsgwp+hufYfeH4Yl7+p9TLOT4vu +Rd6tUlk/R7byWSDe0IldrNiJhSn1nGViHu6zKHQ2lP82zdmk6otGFwZ0+9eQrcJnTv4zC9Mh +ebeGlRUJAQWLKQnpjtkBgdGgz/29wsbruXiYcY3xYEqmvef7NVwARRUjfA089Vd4zYA9ZFzl +AZuTeHf0WY+0PVwTTxqvTqjDCyR3felQjXstG33bTUI4JUZRhB8TbZuzECg38vC3m95oI+aI +nh3lLcylVnS9iusj0Xtc17jWXuesPukjJ+iFEdvJVF8DOTN3h/S0z6lKneIsjunFKheJ+KN5 ++e8/OHxFt6X5xDaGJXC4xHbCwOABrShWCw+e7WSkhfDCDShKgCt3OjsP6GZKTbx/5USqyz09 +p7dWgnIkiAwCiQIcBBABAgAGBQJPoAmhAAoJELs2oCgAeI3UKKcP/1JMSfQ9XjpvLtDU1EYF +EnvucoUiRUe5QhRRZt3FCFH2KCPS+5kpvAXMWgNUSei5NRnDwlXp2zUaPOiOXOWbWGtzSP4K ++PUdYAqqLsd7//CElwyn2SMVPZHvh2jS1ZxNDpr3Stn/DrymbdluChMY4Wx0qCi14Bsj7BgG +4hIeIC7UObtAdndCvBUDRMN4/6Y0c9D9KJ1/3aPXfXkvaRLENOTRobwc90FVTTTjmJXmCkn+ +iX5XDcgEelCzTpnYUpaxnqHoOvP7hBPBpGKotMxw9bk2rjdplHXU/rU7ejI+oePj6yT3b0CJ +CuT57pxdjAOCfb7+U6W8XcepT7AuB+ITR3PD50yfLC/379ZAgtZxCJivY1n8ZT4DfJp9GRs7 +xf1OOUjLbJB1ddB1TsN7VIUqAY+rQ+xbnssZ16oOifP3FzK/fN2mdKCviSRPLMCzbENoQ4hs +W537i8gDS39R8jmKCM1o+PPWit19bDxCjsh7wMcYncUUVWvDrm2yexnEtr0Q+UvR9KEkRUlc +GoBkaLxEpMGDoZNamsyI38CcSZd6+z0ntGnnCYuE449Xgtu0MVQuQD6wp+rsr+hHIj2JNaAC +nMlWRvUY0D9I8NtOMxFvsuVR0eEPEIygWgWhuFMS2jxgJJ51uLWfr1/cYLv3SO2xEGQT3EwG +5C2epHW4Fl/K1El5iQIcBBABAgAGBQJPt8t3AAoJEGLEp1EE6Vg2pKMP/1gGYQ2o2QuE2u24 +SwjCQ8/QvgkKSrk1ruVGzHhsqYlcwkYdPGiqtjqaNO38g6KK5Hsy/NYl2dRSf0MGDaoKCZ2h +bd35yWNnhEOrzO7kzIwU4tmBmbCFdhzFXTp9dcp5YJ7DW06wgjn6RF3EQbW78AsiV7Phinoy +Q7xGtPPDCM4f14Yas/eHtWooQNKYj0lWQMkPd41sSOLAuycLRKMU48uL8kyeWRIb+wNsar/O +WE7XnHvHIQXwVy23jMNJA+sRatJrROht5psyemlJcpIS0uiI3asfXyvQmQNooO1U5gwFGaLo +wwRtRypmbN9jMy3OuSFtXrkdcubD6LZpSjpkYzcDQv+lhhA6KzlpK5DJdRDTaUQyQW4XxU2t +mIaPld9GxzTgQCnWpueXwNePcfXQluwCUmYim+Jp0MC2TZZKd2ryWYwr7nTsweMvRsENf9k5 +r42AOE6Wf15Xzj3aPe+X4bHlI0VWBRZT0Q5xc2po+ob/WJ/b8aQjamTIhVoaz7wzgG92NX/B +guAUlb0sSWskyBWWIfmGCl3PqjD3ipK/E+sCMtWkAKR4U67HTTgKWHd6YILe+oAu974DXSz5 +OsluZqVSvFLLJuAAdVV0eidJ20+13IwvwGdlYq7sJF1H/QwqNHY2BOkQXG/Zi+8idOlyo9tF +PaoGrerGj9Pi+o5yYN0uiQIcBBABAgAGBQJPzUeEAAoJEFXi1BEHli4CbfIP/2MdQqGVD1Tk +8ZysMkDvXGMRtIXdj5YAZBkxe9i5yi64e021JGmD4TUmEdxeGBvVAuZ36CU0WpVWrBSNoXQo +bN+0mDlrOW7n1taY94BDrwKaa5cRN2C7yassFBEcUJps4ZU/TCkMhizeZurt7aVMuQfc5XJ8 +zFoCusWywYTVW6nfDlgb1QNKqi5Ae+WOBMEWDtAI2cZ5UFwQr2V15TvCYvBlec3YSEj6Nxpm +xIIuTIp4e5678d7kyu6ilRba3AgIous2wcEC/s/tv04/K84XgRBCv+vROKN9DDGbPnRgm0Kc +cP9p1PCoDFDs9IHWHkZE60S5zhoahPzAn4ePQ7aaQoJw15fgn8QBseA0a2s9vve0YH2Vjp6I +bnUoGVAlnQe0lqWYLwTVDe1W+AGztKlkPR9ECz+mimOjFY/OSRqfcI9J/w/ZA0qcfR/XcGZe +wwqk5q76VCvYzcOQy+OAbO/2XQMbOLecq61g0uh90ZJzFrn4ojCM40FerTOsQvC44KqM9iQU +f0ijPboa1EcsWsmJX+M63UPms8YsfUk2WT7o9CRdaj3tFP2ZzNMiyGiTt6y/4vumwQsfY+jJ +GGATiQApauEa3KAFtBRYDMk9FG1gkTn+eHnusPI4Mwn2sS1RTy0Kr50QMNeEMqHi/hOn906F ++0LF1Ca6FFCoKmmUd7bwsJpGiQIcBBABAgAGBQJQJewBAAoJEE21PP6CpGco9QsQAJMFFNF3 +fo5V1PatGuNwJBDhbIpdPDZjLdBNOHVDgZfB7gL/uwsKuTwhdMTVhsdbp09/K/YP3K0DIUag +w4mppnFMIzIo5hMEHpnKUnVeudx8z0G9K0HKkXtl7q1HlRKi/uqyUt/a/EJ7TlzXgL2U7oOB +Dxm/aGZPoD9PYmr+MiO05k7DTLB7TQwADgFK9eU7Z8tgBKAO9m9HYXQEdQQ4tA3q9b7eAmCB +6AoRnslXEIV3+pB/YXiudcf5DcKy5/pPQlyXKshi5awaxO79VlurfCGlKlcKM33YG48iP1VB +tazETZpTdaI5oBchzPpee14SAA5VPSxnAUB861vDjkd61Np45jgojqi7jRX045qVZvijOWoa +0kmxn1epkc+iaVVAXbBm5ecCSOy3n5N4ULjPo1pwvLKfogLr3mi5eJQtvFPQfNL/IlCOuIV3 +glnMuxt+/RjB8qYP1lMRPDF4nD7DjGcHay25ADrpnHe92TbaK8aAJMHHcrWdsunqzkiqK45Y +ZkcNBfN9YCqFYJH/4J1hkn7dzLPko3V9DI8J+3pa5CLSlQuPyOLGn7+YRss5QB9sYHrjXB3Z +YzQ3I5lxclnHtdhw+uF03DqNcVDgx22u45Ffi5oiQeuE3P5aMR5MvD43v1z6YWnZnDEGjr6A +DUJodrqIeMDJb8xYoYEwOOmZUzMHiQIcBBABAgAGBQJQKoqiAAoJEC7qDZnPVi1IfM0P/2PO +yAnXWWMqUiqnwDyU9ZI4ZCFYBWFTzUVPLBHC9LOye3fOmLpmBNdpkHLvKsrxhc2CZppKzBhq +nBsrRlmZGUvF+Cy6PynzrKLotDicNXFsnxpYZ36xPmUd3RwGfHoXeV6FyfNT1zJN19OlzkiO +DWwFmpvH9QR9Svu87S8h3SJve8u23LxTFFgiuJfh27udm2n8OoCGMUQD+Kj3p8baMayBFu/n +NmatNE2OD+s/e6oFJQaaJd0qmD1NeOwnXO56r5HLJ/7gW2yKha/k8Qpvl8x1HAL/fgTMM83y +doXT3OG3mwDEEMF08dBxj28/FQY1qywEwA5uzhVYXuFQgablXrlsoc8Q+3OLmWzQzzgS3k3V +ewwSfuY0m5dX+4mLmMlwpvGR9wvcGyFfq0HrVQoQ/puUaoPa36VYys2d7UnBdV5YkQi9RbP1 +jIaxoVIy1rmo96ADE8Qcttv2iLuViQeGDHqGdK6d/28v6tLOJ4SAhDZ9YRPljLzV9St3JLTG +kgWT10kQTGi6DZbMIjxLiYwIJB4KFBVQu1zIT+xicWyXa79GlP9JVx4i2fdGh+gzgvizoQgG +fsZWkq/STO4z3tNPMmVTsvuM4CArQO0EgO8hUB7tGGzVCDAB8KO/YUkep039FHTH9OfFJ8FY +04zsWIFCSBzGI2CSPjEdbh94IM22Ctd2iQIcBBABAgAGBQJQP8GkAAoJEFjB6JHw2CiKD8cP +/igEb9ZDLsUTznq9DjatjfUNcg4nQcFcWaCCxoSKjjHQ1in5k0hQmQE62XlmxnUS4MUE4vDX +/n7wJRsp8JUbexQhtlB/1Oc9FE+ViZzW7bbAJihde6+avJ8BdMVszoScgzlBKaVO4WtFoSSw +fwe9CK9xtETDxVshILoaxHUSslEku8RJuvxpUkdS6ojSbdlU30l8CshHbGPHB1W8q2RdrFOt +kjbPV//D1ic1pRZgT7ePWMSCwX8PCOcC4RZdvF9z4FdInEe7ZA5etqZGiRsUnRqZjLH1otX8 +CBgBJnLFrca3sYGZus8mxZOm9hu31f71P6Lcl7hTozonjgVXABFzmiL/XaSvXGw+byYi4jvm +v79oKqr4u7SldY3KJtFp8AJEVJ5zIJIL5U3UTSuZh9LBNond6x9l1l5NrgIu6psa7L9ZcmVu +Gp9elkClaCcb6wnsW2lH/bRkH7FOxeFUHukY2qAutpSFLwvDBm206sLyWx1wpKQb8hgDoxsx +CfjPRnClETG8XbsKsxPSodjACs67v2HIXlVawGN9QH1B7Lc/nB9nYqGpOXw9cDpnagQHhGx5 +/IAta8ZHgniyzNKtwZ8MweT1zIfiiBkbCKekIz5roU90tFwVLrPcSqiA0IpvHkVuMc7L7Lr1 +8rBwfExWkFIbdMvfBNV6U5svNETHWEclt42TiQIcBBABAgAGBQJQP8IzAAoJEP3io8uADN/G +T60P/jy/cs+aJToSzc1JuPgzIrucRtVxmUuF+8d/cTPCVkb1LYJhxeRM084icEUvrIWU2erl +sgZYMgIEcFD4LEtoffHGSilGy7cAjVRiVzNCBkrsANiCiJMSBqSAWAuCu1ToSeSZwUbFUtO8 +fw2vTVgsgRvu3RJmRF92h1xm3IwjCWseWk0yE3zLo6pyZj8d4/t6+eLJkO9NYyEB7h4Rm8KC +tiY/lUWCWIwcAxi3ENzgJnlwuDr5ErvKJEaEuUqBWYqv0lVgcIImRq4RmmZdQfyWSFRIgPz2 +vhahsGMX5V3IuPSY5v4WWi0wYYp3mdyUgaXdpo9/+xFU+gAzUDaUVYY5UY9pcwd0t6e/+0xa +ofMfqx6+QAy1Fq+3I2nSOVHk7zuM4BobklnTDF2gQkL+YVXruZoqSIl3amhl4zpxwvMeNKqz +8e7cpvl3SZsCxX2+mxLHbFU2+UIiFqg0Zn6LONOwL+95NtxccXNNgqvS9D4hwscPmgtgX27O +huXFCs6lKwMk1izKe+ugyJbOMTKLsfQvD2UtwOv7X21gA/KwkyDAS145l9dQcUU8S/Q4B3QW +DCeX2bnmy9X/H7EbJcljd78Cu6Xf5uL6avFPbtSUEKfLN6NIQ6OQqO9i6+29mEWhsPqz4fXF +rAPlLsTRg8j5+tAfNh9Bpv4btPlCzQeaVeFqiw6IiQIcBBABAgAGBQJQWYPxAAoJEOvRFLgj +QVHhWxAP/2TJvoG5SNlFEosuSkx5j92ysjfhVistA3T6rZStmXBeEhGgs1EucKC3C0lnCkpq +8Y1BgEKxWem1phAFXBpALT6j4FOa414gmpMamT2UzO8pplSRzN1v+6NpJ336rNk642TPjajj +baI9gLG6ARloCooeEyH3bNlfF3TMQU9xeHictSU4TFPFLtU+j0TyVRNR3rm2T4fKvRQmBRxW +5EUJVM6ITJ98xAQPmKX64BkcmgVAcbJbnP+zoK+/t9S+7Wbw1zVBo2NEBciwP0EO3NUXhTqS +h4b0tYHNQ0K5S5OTPs/yHqboMf4ikUo6fTfOfiBvraII0MGqDtsjQ01rAW8yS133orCXl3yN +vgS0ghR27M7pcHyEfu9Xm9DYANHt3fpJ0lst3QS0mUoJjM3UTsxuV6xqGofPo1Oc/p/jS2Ip +G4nK19+CtMdURcOsA9MmQSV8vdNNsGn/nBNJclgjfCetJgmeQJcjaS+Q1HLqzY8Djq3kHXX0 +TbiECDYpwXbEPpR68YMIScQIU2xTGenfI5yTq3+cf9D92/rVRR8yDCSmVMrz2J5wFtTFPxBi +ugqBDfVnCvLPqKYJIN11QVhrk11sxRKlWmzbZjn18zKDNefYDHR469gDf0f59ABXMB+kK3nw +P8pF/pphnsJ37KL97ZT783ZzqOgkvvE3CZ+1sGxz8PJhiQIcBBABAgAGBQJQeB7uAAoJECx2 +Cpt2TZpsQKEP/0Yl3V5K2qRO+Y/bgfK0UikRnL9AFWN+kb7/YyBHcsCZkmtLNVIcHgtrOHBM +8etHC9TGknNZC8ZG9weliIO+YRJ5RjzUkDAcli8qh9cQP/C0M3AyTLZRC1pm3tE+GBIEP2Io +31cLJ6gtg1+M51EaCRclMD4wyvcxzW8TOTPRQDLjAEfhftCWnh/pYWP9MhQJrqcjQDzKqrzN +02T/YSD8IBw3viq6uKwCSvAUVnOzMoxj/rZc3tezal7s7NydeTzyCzG4yGRpPzWOA5tLZ0Gt +NOKV0hi/mbtln3UW/pLsdD3LmMZ8OgpPi5s1GShO7sViWOpFMvb92dCnoTN2t2h8brhNwk1F +/xM3+OGMyltAlMr2ZaJ9s/JnN5g70wfw0Uoi3Ged/xlzcnvhPTMDMrYEvSur4Nzr7IlLP3pN +GXx8Uhwqk3tzZR5+YLrZaRkglSDw0T66x+DD2DsIep5rLXrMIb+6KP9VhVbQdrK/u21Xikbv +kD26RlD8vZ8BDpOzUnFmypGiCl8yg72MAfiEMNy27DcvA1DTpzA7/2Uh4nQdWyh0m+C8sQDY +i2IdBl2+f/GNw0Df12Op/SiiXfH5B4Hf+yXuwUZWFGwQCboYfgBzH3WLbDEkp2nyQc67nQwO +ufy0f1dAJOT/m5z3KkepDX7Ig4XCJjqmlBARmmsbyOvj9TR9iQIcBBABAgAGBQJQipmXAAoJ +ELyluxAoIlrzBL4QAIkwZ3TzPrCE63r2SpY+6bzYt9e2CkNQHlnqRjfLpHE1qIJNQaYl6tMx +vJxqIrD7X73mAZzCr1EKYkrwOtUNvvAhnKHDig9JruFGTY1LVGjhPOeHZqF8l/Onc/EECom1 +1WwRuD+PrSluevAzHPXvD6EWagEs0oMfHGHRVFZjH5llibHMmBtSPmL+LF7BASCjA1jyb0I7 +9YKpNxm6NIpuWMoSRhcEDiU9wiLQ8lXHpT7qqUjNKXgBChjtQPi3rOsDJwXO7O5G58DUnKZU +Evf+YLbAqAB0Gti9sHQzOx976kan66xSyXdZJDiHw8OZfhMQXa1wdrLMJonrGT2uArSQ+mQy +7nVZfl3CRlGk2BS10od7I5WKLKjagoWfYrq57Fhnb7Ycdr6Uu7FHepBxTqzdj38u8KvYlTw8 +6X5Ns6W4Y7PpdZaDuV1d/vvsKCQtqBMrKEL9J8vCQ3VoJQwPon1t8z5+GDRwKuu7rh3KqCus +K2/9mIGiDUHyE/XPR50eIfQKJDdi4BZWDFmT/tYJ7VhOepl/jsOCQnu+2Ps0dLvVAunaYuHv +zeng1cbiCGtNx2aVoqW3Vx1mjRMCZfU8vkEJte2IOFB1VQ6IdrcNk7bZMFYhQOriVplUeCQD +JNABpGmInGFkOw2TOCoGND7WXN4Ql5Pkggu4/ub+CpEuX5BeFBJLiQIcBBABAgAGBQJQnOMB +AAoJEPV8TdGkfVG34GoP/21+noRWnwOeB/RaHfyIT4Jk6MafJSN9vgHpq5p0nxmSQ1GgIluO +bI2+tggA6TtQtm0mAhwlPIPhmT9IWrvolZ0obzaDk9OZ1kkN+v5n9C21fnf/xWRIArzVVfRW +RNS6+6qHfTjfnPn20d10oLj5/7ApRvX9mMjXAyiGB4gt8LX1Uiulwk0EBpO3OmxASBQR6HII +G+kzjqGehniULqSrF/D8huC8QOIDdUqiT5fAZLmx7H4QeDL33SLDq9XFl9FGLXyjWJwI1pDh +t2njna+47KvlPrYYDArrVd8AYhQifPYYVAvLwsVw2Bs5gpCFcYJk9YQQGCoocZoVnfJzDZjw +mA35a94qynFhrvrfBZkC0DEcWqYF5VtJahvn+nlQCeNgmILnJ8OTk/OhQTArG/T9+minA8o1 +RJf19TX8flRHLP2C52NsG4ANagbqiyYjxfn8HWm4ZUB4L4B48cxwNv0XMsTI7dV8tRfNj6Ym +2iU65tydieE7VlKu9QaC/IIe/JSri+8y+76fsxR5jcEtdAgv+zgcpznBjDxgpEo85m1RuuS3 +VYGEcvluYx13dv/uvWTrYdWGXMEb8fVrzVMA+Lb+80caUuO6XNQKk5nY4yGY0RgrsC1IVqPH +zxNsTJiJ5LxiePcGY9ZmT0Of6mU7eZUdK3CwK0EnjPWlYbEkMQdhzyMOiQIcBBABAgAGBQJQ +qeLMAAoJED7X49g6jkM2VhwP/36Q3HxbPk0MhCMd9WhJRcXKLZ0GS17jc49Pe5hagNZi/wFz +XQOVqktbslSPzXx4TjiEF2R2/AoGOkrA75FCuORRbVeKxe3gysPHgXGimoSl29la0ST9lsKq +HlLvlHGb9AeyjBr12ohcC5QNp5m6iCjc8+GMyIMkRQTg7+guVpfkXzueqwt5v4G9GB/Jll8J +XJ7dw0fEdfAtPlj1gTlZd9vAHnJFqwamP9AAljrq1jqPUiaxkv8eGAx5Xg/NFSfrAzGAjWY+ +7d3lKECZPsYW0Gglh4oqNeuNQCxnbm49wyIKAkCBS+Rk8MmW8o5am006dn44JEzz5CUvi4CB +HGxyw6mnnsRxCH1X6dWhlPXcOZ/xseoDpGsbCsTQZEINPUKvx0901bhx6bCz93S3AOuat6w0 +8+wmSMaizTZX9wW8Se94mpze7RVJplIQjQr7qDvLSvjtlPt9G2CSavzFxUU8C0NHPh/C6fn2 +ZD21mju47Y/l1cFy4P7Z7zHVwP67W1XO4FQ5ob1SL+bAI5bn/LzcOmnqrW98XpF5fv2YEJOx ++E9xfSL6I0WFbmYoIOzMQcCkDC2HSfot4/RS56CjOfFp2I/KnU689nI2MMU89qPKGnJwRRDS +BHvf2km8byiaEjFoUxrmO9UlPIXQP+5dyhFdChXOKKT9jSkQidqjoCw8btk/iQIcBBABAgAG +BQJQw/AbAAoJEMbF0w98Lzy5J0EP/1gEtBwke9ifQAlv8KGvneKW55S+INwGbSmdKC5sROCl +w1uFIAEcvLNX5L5IxbVejqTLAs6rTZ13hhs4TTZy3tpFyQoAzUPXt1XseRoCs+An+j4c70S6 +03EcjF67BU5N5yD9eWFHhoxqkLm8DGVgZCvS+nfqIpiD9onbwYfs8gJAesqqaijOhKbQG5ou +bjteMq+qThEUIPQY/8CSz00DXyFy7l6rOlclgx7rLImzJBJ3DQJ29Sqd4pG572csdIovrsJn +Qv0nJGcgcBnwj96P7DL9+74GKJZxQO2OMndIDRHD8U49Y5dHTC4h1Bg2z39QkaPb4yoptq5g +PNwQ88HCJVJF+ITD/ZQICN9Ucgnj3JbKB/LAKc0XaqCPQt3xCQ5Vk3DMOZzZ6zAR7DxMzdkt +QEiHXI6kRA5jk2dROsVyDxra4DU5Qe/xw6dQkrKbXRS/uNKoJgqk/IhLN/vd9pz70N1944fO +uA6Yy6WevW1bPmiID0GPRCfoty0u37JZniJCYHO0yZA/MLiJap7PgS0wUG8b0dLGWJ0jX1St +o31U3haeUjeA2cenAaB+XGOPPBqGDBphkpnymdKgfY/LnrL5GP4Z35g3c1UssOL9FOxUrSuV +ndf82SYwuW3NzSwNtm6aKzamOvXRtt+S4tsvN1rkMNHMrP3KMyiw5JOrvpAF7WGciQIcBBAB +AgAGBQJQxDyzAAoJEHs6SpWvY2dV3LEQAIDxIEPqr1UbcODMMnXgLSyiA3FwW9EBra59b4Nv +OH4BsCS3LRvbvONXRfYkAaOjIutiSPxJ2ZhkqMj+PI6VNBHVe+K5p34nB+uGVHe/ux5xyEVW +47GIpK/3fRJmSSRcARMAM23dkcrZSm0Gkx+Btln9v5KMVNcklPF8W5QfXuxR50JnkaEX2M5n +/dwQlF+ouWLmhf28lSfeiFyaiCe3jaiyawdvt2k6a9MhMlQFwNgGC1MgZxdgjTxN421SY910 +TrLOfECd7i7RMmX5HJiz0ZvPRDmvvSRaP0gANaJgdG5yKorTKQq31aC1cCJnLfe+JRWdmtf9 +GzAQexROkWyM+t0UqZw8fsdxMSEKScirfh2mKNt0dSyUpBkSHaM0+D2CukDk+yPB3RbLF5Sp +sX6lZ0XqB8tuJx8VEBihKVyAAgvPnBgyVDRk1uV7cjsJRDAwj+EYJbi9kWsL3tZ9JUAMhxAM +gFZ73DtrokxIuCWxs+ahTNBI9xdavebB5Hf8ItM/nMFodYcHZsWJrApNDP/b9qAowqjt995b +3cvyQGvg372iwOpVXZu3qkzYxnFboeM4uk+2ZzEUffoTW/RWGjRf/s95w2kxAyyFvwzl25P5 +HCSfP5PiQGX1OZM6M1N8TcAyEVukPCuYcxdXX5jNqVQz0y8gWEfFhIfGQYnAespl6YDPiQIc +BBABAgAGBQJQxiWuAAoJEM5Bbh88Qlsbg14QAMcZ7bo/0j94gUVgYzOH9ZoG8AQV023eLioG +Sw1YMqhgZi2TN7JNYTG5amsnFNhsehsTWPV2CIcOKdziw450lPiUV3iorM41N8Fh9tDW/ccG +KfjgYf72wePuyPTYHsFzIzx+g64acd4RzNhpCkMT9UQCsFrSZlbMsHCbWpfwRnAnbgYvROyO +s9O7TZvdKfeejgoKxqSJkpQAPMdT9NY3BEAiFepzBILfgZ0RWRbYsWt9jTBeMbCovsLzbRg4 +bQip8Fy+MCFAU0/29T6dAjLrWNpqxoTjtBE4WrlX3W9V12M8STk5GoN5OKSH/SgupvdmS5vP +I3pVdL3WACoRfx7TsT0r0aJ6HkTA5ZWV5zT0Aelw6TyUI3l+i9C3czgZSgCrXZhtNYwx9Un3 +nKUD4mz3kAc9hY5ft8r4vw5dAz7luA7/Sk5J5UWCprZXHnZX4ESH0fH4EQvaP32RsFj7EIL2 +34vC3Hor0+GFmzxjJ6GTnbUiZCmGvKxM6PMFBAaSnUEG46Ms6Rf1XGWzs2LVio+SlYKla9TD +VDn/ivPC2/u5LIy5yTSp7/9fNr43BPXucHKq80rb0fSKD3LvZcL4bz93KCUYgZU829KgV35l +WVIvC+cMPH62Ntem2aBQSzL/wGboMY+OLLqzLS+PRVnFgD/JcjxfJyPSJ7zGwF975hSiNdqP +iQIcBBABAgAGBQJQ/e1MAAoJEAaZ0qKDGkHVchQP/0ryZEmDNcp+HfQ/peh007d8f2fz/e8T +u8VTcMBun9gBQbhCR+14ndqBQR0uH7NcQ82Zz7/1z/KVcNPLNqec/TT+WSiJOT8mJUINvHjG +R9gOo/+4s1ZiNwNpjjqndjQOlpps/xiByuiH7vd3FttlMxtt9KcspJAPhc6eMr46mdAoOPVS +/vaRZOGP/RQQKJEjsnSM60GeqIvg5t+MDDh9EMm6ITDwUtKFzKqP74SoprSTIG3Az8DnjxY9 +uMHtB9PSfPrWo9J8G9fA1fm9DElWaxcxs7yDOI7cP4A095afMhwkPyzm+xnl17lHHJr2oQdA +e8dj7d5JE5pspD4LSW/ZbHWGsP7Ie31LZ69e37rk0BsjRQjfr5prfPNGJkQiz/HI+YToKRHH +ImcDLQqeICSy10yr5zb1+cXfwiu51hz5kgqUVAaMqQ9IwHsU9gSIE5ijGSg+wYE/G8+w3jlK +IdAPIQE6kF8Zgj4dtS/iDGJF4YpPJJrzEwVlrk7bb9545DfxkwgZrGXvOCvoW1Mneg+eYBSn +5IHHvLr4OFnuUwWqmT17FDXGwOk2CZ+lPAt3vokFM+O+Qh/qS1ByEp82/wW4Xc5ENmy8rkwu +r71qHqf3uaGsR/7lRp4TnB0dUJIKJwcquCAmkL8UBF2dNQpGEDuwXFq5myMCNbKC0XHYXNIf +TngdiQIcBBABAgAGBQJRAQVEAAoJEKo57xWiYFbyj2oP/0sps3a8nkemH6qhvSwqBm8l3rHc +i2h/LYNWvLrRa6DmQDR3QRsKMAv9cecCrzlXnGhjFZHzLPJbCD/g+fjvW5UAmqmPrmksmQEq +oE7Ea3guWNnDpHfmRT3vA9UGu7lVqVDtB7Pr2YCNVuLU9+ZUVFTGSlcXiABOUtELLBODGrkx +WkESgU+84wk1NQjhWa0mL1hA88kcYr9tFsLA76VFm58SfWsAginn5Uzh6QY5SYCur3j4qD42 +plw08HDZkBxUAyb1zAS0rzv58w2KuRubkS5Csq5I+z3j+C8LylRnnH+mqwYG1adkrBzDOzGy +cTKs9MdHkteVBAXqRdo6VmmLE81/TFpY1JZmLQargJYsyhg7+Lv87q72SmVnDOQ7vJBHjDSQ +F6/C8WF05yW/Gg7R4FBCLQThIhwi7aPBw82GJYh2gsADkJrajPt2i1j6j5UGdPIt6FN9Zust +ubnleoLUQlBJoaDPCAYEVqdg4ii8QUS5CnOIPR//gvApiUQrCTGH8PsfgTvt6iLt+KrWLTyJ +h6fOHQrd5iLfDB4SgktVctguCS88oGoRI2bkEUqacfSklDhOitBQGjC4BpUlSQbx8xRoilWE +2mFOy72OzszWNQ2akyA+IB6IYvssLmKziWLLk+wYyKEeauDLjmY6WMcXS6tR78laesif3tPN +C1/Pc2faiQIcBBABAgAGBQJRN9TDAAoJEBXgNUNJ3dwDU+8QAJ3yNkWHPZHcDVqnQCWxqL0/ +osELOPpyFnzykE/JB4eb7feRKbxPl1AcTeBCFMUX/WcBOkGjMWcc6Uo6r4D4f8VY9cTlP7/Z +GnVjO/ewDQrQAEUxv9hS2cCPuzo+tcrmVOh/AYjDHLYdY7YR51yy5vwD82kjTggnzltjssjm +v0lIJpmR+plKHBwotevXVbwFoPeP9/6ozOKnImnNKNz2sI+8Uik1IQ6VBnzzCtEy17djgYjx +ADJlB6CkGDnr8bTAVGG+ASdINIBIL5ED8KMK94ZTrIlxYEL8cgpLp3rF7c7WsJBhtmR6DKGT +vSUV3QnI1jj24v/W5aDqnvztuXUm7Yn2gm8HN8hGkh3axaSdHQTz4nPB6kh4WAQbV1WW59H9 ++oRC0vX8BK5V3122z8K41nrKzpdfPG67EkA/YfPOnnMk1SH1QPsX4+ceo/GGGrj1sPLPl+Ae +7Eq0ilmJqloG/2YMpnt/+OAd2BwA6FolcqFqg4GPZpoUwZJjRZDjlLe8hX6a9AHN3j5frCOu +vsMxWKx03oj+eb8dm3RBhEo4HVeLI6fse4s8mhRmevuGppWsCYu6RpxI0FNOwPpK38EZF5M+ +O8wYj6xAsr6hQuWdn1D4aXi853lKVe60R03Ky1F2t/hU6rJx6AeV0yqgmRr73c/8Xkzjm4bA +e6lZ3y0PqMBaiQIcBBABAgAGBQJRS2XhAAoJEKGZnSd7SfnvnKkQAIeTUbsRXvlNYFiAQF53 +Rg28LqB5wmYPLartXp8iadb/MNtylQGf3Qp+L5bADKfvbn+8/hWrmilX4mupqe2RAj0Vhg7/ +fs2ndonRkxPBqTZcLLlp5wlTpme73hzFU7L48TpX1cg522a9OQ3jVmZ3ipgxsUw7ALL1lowC +YvHSsrPC9SMURcCVXB/IUyx21vN5h4h4kJEXOjGmHVx7t0bWSiw7Cgzv0vOQ3fcjGm/7E72M +xTVbDUnv7q2OFRk4QW7EhvfkYspyk8zVRCbRxlJn9ocMHDsCeQjioaigMPU0a61JXp/xLusK +E+qWRhVnsOg/Qtzva7dLJoVjIy5Cx2xjCQ+RKsYsTfSQp9fuLze7Xg0P7TQt+UEdzO02DqrW +oR60mM8cXM5j96iln9aRcmu45PEcyV2QzQKNz5fENXNir556JHe1wAJQsgiaEBb7ZxYQ6rsl +1SHHaXIhfq3RlsuP/CsLd5xqj55JBO/FZ3DOZ0vZHvXPeK6aFVcM+fve0QttcuhjOaU4HUuB +SisI0jzAPloUfDnaYHY3Jd/NO+kbAKFHONii2c9W8bDScAzmGjMAwPbsK4tlGXiHX/ME90fU +urzpn17sohWLl46aWcEQi2v1DBua4CNPOUzWdg6I3qSEQbl3cycg+Gw47pQJ+zGzfzxAkcYN +QTjNpTzac6G3JgPpiQIcBBABAgAGBQJRaamBAAoJEGqgQN1Q12VB1L8QALnBNEpLHMraGIMy +L0R+JNFoAxYsE5E41G6v1hI5s7IGnoOzzU5++FG1e7luzMu++DsbYYnTWvpjifJi6f/zq925 +FeBgXHRTpDaJCE2cL4cXQT1JXEstGeeC1CGHzEhq7/3xiJmWwH7MQ9Rdn+7ECteikeq+M2nh +Umlajk/ZokLtSSevUSTxiylbm0+UxFvb665lMl+9GlpMrcAnfliF63NZaQXN/KMTkqD02C4j +5DWKgfThCmfOL3JrRb6kTb59qFjVA+OFhGP8PtpWAVl6p8nvd3IoP6uaoZ1XXfBl/yPpeJrB +xuUKEVGWlxQ0k+qNpCBb0FuGwxteK8R9NU/6z/ZtIKr0IaNxSiS15IjEJ0BRdy7Tjvc01qIk +hOrc8V/6M8QnoAd63PXjOp+Jfo9aMtXvV4HQyyJvpAfeSe7piWknvbneGyfK2eY7tL+zls/I ++FJAhIwXk0ITqN5w16S/7Yqas+f07QMFr7LNBgM6rTCkzkRPXTiIkme26DnPUVJ7Ezb1+TmS ++4dXzuewxKBHvkBpwLKPmLjBDgt6d6byUX7tqSj0CLJtkn9xl+hFLhyjNoDujA128XHvGPIT +zmQQ5XvH5Pe3ESpNdnOPbfdndTo8a44zTbaznvxjKen+JFp0Yjj2/qLfYsX5E/mE0HkSl1Sv +1cEamXKlHfY79QjWLM1qiQIcBBABAgAGBQJRoQQfAAoJEOa0VsrxVEfVRDAQAJqd/+R9F9HH +OdeEmXCaDzbGU1gEbfNen9XJBXXqf/SHh7QAJXK9hhXTqMSol0KIw9ZPP7SSQrRSx2eVLt9U +g8KUn13QJUrhrvr5pyD5WAg0LOBZDTKg0eUxxK6GkT+wwNZkDDUn2WOmyfk2S95odJekLwiP +LBvNBdc0N/nZlcGibnadrSdNKdfBjvisaEvM+obmTvgP+HJ1QZzeHEftbAq0QE57i+ljohSE +LuXwmEIwQ3ERKkrIFpauoXq/1EoeAMcVVSi49JYWeAF8xDqRmHbrNzjD8PEH19mrogf4qe/E +aTHjIf4vPpGNiPV2QGceYv4ocZrnO5Hgmzm5tHk85AcCL+aSLq6ZLmZraXtXThDyFj6Fc73Z +25LmCtsMfsAcU8czKPJTv6Zfl5cYz3Q6XO3jLvfYnsxXRPg9slAQvC763aA4yS9dw6wQgaDN +ZntWsVwAGrWJC+sFHpgq5+gfkO7fdGIoy7aPPhPqFVTosl49CP8FiTKEfZOb755oniiURHJo ++zMMF0XbPkNTppdYCF3M3j5WQ2qkF2AOHAL1q+Cc6cdQLLafNLQY8+eLlRZNI1yDY9Ilbcmt +UJ9vXuMsAeoDV62Alquv6MRcCDBJVvWxzrpJ0AF1cDU18fRshOSXHFlMoCFa24+vyvD8dBfs +dH7UcmkUoOVs0Tm1ZRGXltrPiQIcBBABAgAGBQJRoTIuAAoJEM+fCP8CuGia0UYQAIx7mAfZ +eY32KErZsv1K/6tg4XfFYZ6I/DmHBv8YMZAQE9CLvXznS0kGIk/Iw+lSgKMw8IEHBVP9qmcs +zYB0uE4dPOCGi/sYXzrzQ+0XnXsxePeLqCHk0A+TujJhp2bsmCafnAmtjc9vlJLpvp31n7/g +/G/VYTHgSo4nLZR3x+8hYmx0ZBmgdA7+Gfmhr/AarSOlxwx1FTDEd2prkPN2f7E2/itu6mB8 +7nJ44BPjuOD/SN/RFl6nf2MU5qPFJnSmj0OZj/i6NvzWrtCcBBfmTFActzOz1/Yf0O4qNxpz +0ZGiBU1Rwpxp4gKUBwlCzrwl0uKphXYHrou++haXBLBv78WeFbi46o7HrAcuXpmCbZvI8Ytx +wJK1CgdSASiL+rWsvic0LViXd2vKFXGwkJPG7cO8Yeok/EZyfzoMk84nUdiUbz5Xx2Vfu7Lu +q1SYPpxBrCTVDgZqyvC7JZadUgB8zlGmN7xyFgZFhSPNNt4K6KpruQ3MolXh1406L3y2v4zP +rYUsWrR2adtE2io+uN7++81nGTCgk4NsryRrqC4deOS/9bgAagxcaRnvMN8TzEpiYDsWXcXp +YFnJdfMGNXUnh5uYFBcWcxrE7Wv6VqRRU+7rQBYWoQcWiOZRJXk241LPIHTXdJDmM4YlhHY1 ++OMqjmW1L6oprw01C7JzwT7PufqbiQIcBBABAgAGBQJR2ut/AAoJEAMkhD5ia3QAVZ8P/ie8 +IaNvkJnAQaoy7ehnBUWcG3jDMr4n4OG4dN8vhWe1z/KC7nEVum7ZmPuYjVoY5XlIFzf++Gfh +TZ7zR1s4UVyOXy8yk5IeCTW3bNpBfHo2fVPf6/CooLPg8APY9GcEm1OYk+hKuvxuxlst0UQy +jLWFHFPFCcxphD9BMCwhXdeUZIO6G1udgK283YxAqS+vZhtTRmr0/Udh/Yu2razDf3Yf/TR4 +IOJwV7PPgB5RB21+sHrMXgVnuEVRZMS2KNbsMxiW3U41KZEXut7igFLb0ASpZDVxJJFkb077 +KniJPsTgskldHXiMv4UFVoQaN78fOKIvGjOZypp3Hq1iKoF4JGA7Y40nhgFQIHi3B1ZZRSbs +NUc5N6IFwCmitQYkH66O9XorGpuzIxGK0RIJ4gagQ/HMn0t4h40SrdLKezmYRLvpwd0GjZEl +RKydqdw78RLpy5Fxs7rxzgX2QvXb67YhP5kZpVa4d9LFEeZ96wD47/KiO6KIkB41SymKbl5o +irU71EHSLfpSVLrKu+H9IyLncV/FiZM2i+gLRHve3jU8LatJYXZ9EyC4ZeWX6hhc4XL7RCm8 +FDqW8XhGgOiRbw5vMOUKF2jCQq3tr7CN300cINFuNSIg1NgvAFhBU4rWSgVLLP6kUTzK/NKJ +HJu/jLp1n/PO/s9ldMqkkdDIKzxdCP3ZiQIcBBABAgAGBQJR7AplAAoJEFfBNGYp1uwD5ckQ +AJ6unrj+yJsj7z+E+Q1EQynDe5/71busM5BqiE6fztPHVBWQmnJ68taGn70Vd82VRVgqDkOq +QsJAgqiTZ5zc56KIabvIiTPTC2XUTRmsMBwCg/EYFiMes1oIF15a6LJ0OG3aPaU+f644/DA6 +giqs2vwZ5E5+lzSmWVJlyfX/ACmXL+H0KWlsW/YYwYUcuCFGZR7kUS5hFFqnqQc9umsNWnVn +EBlcN/asqz+9ckaVktr31aUSLMpfBe8n9oVQBQb1JXQhOC1oMe4NEqLtVhdrJEwi8Xt1xvKs +yu9piFa6TB2uWnOMC9OFiQ2z3pAJ1bQ0MWbnrxttCNNzFzDHj1Cbt4hlcqMdNgGHkmakRkDF +OFavjc+w3Rf3MKFZ6wJgLZlUE6RFWjRoUklpWOBxaMfIzVMa+KexYqfp9wae8Ic6H1CB362c +wr1fpXdlh407VQzfmy1+XNM72Ww60oTETZfHeRno+gha5II/PyPMHiQ1ZXh4p+027kwN6PVF +0kPqkOrtQ/IFWZjqa4TXuOaj4rN8IGBSa5r6Z/DBnA1SD2cv+S3KIHVuvmGTh/O08nyFEJay +wThMDKaYJD+rAEwx3tZC2XvIA9uVTF76YRNhmIl5czqCLLymX8QSI7AZL0HY1hNbSjU4bqUq +eX0Dvq6wLgz5+D9C6C7RdcV0mWV2QLx9SC/iiQIcBBABAgAGBQJR+R/XAAoJENiFS9ET0IaT +k+QP/2CK0LN/pK884Nw9cnfZ/wXpSKV0bHzywSGbFShTGzfcDOOysikpvUAe+njLvQ8SfTtL +QNcf4epwXosMXvrxGAqlJRxZjPDXP+atUEaCkm0IWup2JW7cCHhEm1iBaH5IT+A2B7TdhVsv +tecIzg4XLPx9b7kGlYH4O47aEysleoQUtpP394K4pE09jwJtkl9KdLIOITbmcDDdV+ipc+XS +/KDfHVFSkALigwDGY/KH9rOYc/zc36yjOgKphhVkJGIOVxUdGfAJ6cXdO4Wu0qZvWm2NtU45 ++G/tCp3PZlUhMPseZ+pL7nu/TAiW53o2XDnS4G1PIyC4KEG3piq+MoskXVy3V1W/ZbJ0ClUZ +GjSm8S2RTbOaOe74hggyNS1imBbHuI2CQLS3Wd3tfkn37wGNKjJhevjvxApVJdxCAXeAZo0x +1QqWjr45oCouNeUl/y3/oT3blG85x1U9K8MS+WVvPPJGTf0LMISqBE9qSZUppKhfbiB4tEbO +W50AhJG8vjpT/dedfjT86oJUk2hoZT//0HzpkGZFgjXJCHFmkiV7lTXSCs86SdGpHuthd/FY +z17/mE9Kzve4BuNX1c4lEKQkgkthdy16bD31NWr4tYPuRTuO/uD8yJwbFViSwT5f83l+hyfn +PSNg6Pd+DbECUGdYuxrKQyL8jNREfpYW/ILKXGO9iQIcBBABAgAGBQJR+qcgAAoJEHfd/ckR +t7zLZkwP/2+HwoGdYLlV346So/zOQ1PDCVF4BS7hjCrsnmRGmKV7LI4iELLqtUC+TvguZAuP +eyNYdT/ZNjRum9gpWitL28k7fyL+SmGIpTyE4Gr5HYEyEb3p/FR405UJJw+QZI9RNU7aJKD7 +iiRQvbSbTwNFHvJb9TAHNl8bgbpygXn1p4s12cDY5zFOjjh2DgltVtf1L4TQ7zTeCbu4+DX2 +NCDtIMvptDY/7FyUyjLGQTPWhLKoIJl4DZ1zMEsgG2YDoOqxy3HWQeGzshEUf4GKyj1TUaMd +dxlyIogkX7A5xzrR9x3/2FWyefXGOp/28x++aYSCgpTjnjzVm6XTaRifFpUWQfueTPcTZN4A +2T0dfk6IGxP5NEpwrPES7SYSoHLYBbw/f9aNgn4hLmjSPaYLSsLfC7SSqv2QnW1zDOXL6GzQ +r4jXu4qKD0jxRs7G+QQ7h69l4jToIZ0CfrBZ1QZ+ix7Syr5QZGPdHBVxdj4V8WNoqwXkYThj +qqapcyZgW8jHpowklkCMxaxPLzpQmJfnEFP6nRli5TJwNyBmBvQU5iTUs28K8J3g+wlp7E0y +jZ5l5Ok19bSm3EE0oKNKAlSSHwcI5A7folrhzsFYjGVy0yK/jB8i9XfNF4kS9JG04RezeNVX +vMs47wMjSP/EFIEVktNY6bI7iil3/MWr0y5661SUiuUoiQIcBBABAgAGBQJSBf7PAAoJEDz+ +erDjDZqV5ycQAMcsIXQRYaDHBqRi+WrvE5HrbgJvaN5G7wsZZsavFSny4zKpolLHpF69gPK/ +QUYyPiE2W3y4HO1GnQuah1ijggs36+xbX0kifoqIwdEd1gi9UzEYHa/KudnMsdbRzt22O1zA +NjvnuX2PyTs4mVIe9IiEf8qDjgJs7d9hR/500tNQVIdV5zka+bMkVd+kWv/NAEkh5Pm8cBhz +Uah/JcBQQ3HhF5ULvV7WulihawwWBzP8RldzFISSJeP+srVbkAPpHo4iCWEOq+70EPyyekwB +FguKhdoYLwip+zsM/t5iBWKrjyCZcXNZa+EI2TmxkEgJjHvv4lrcQFgbKu8eR2AXlP7cWCqX +CvUGKiX3GMkkyN8qfsU+rVek7YQN2YKlHOvE4yDXw4eO9bdmiVDSbo7ouJTZFaDP7n8pGnBC +2J/fcF07SNNXLJytndLqHeCC+d+4IecOLo84CNjvXy2IZjl3LSTpoDcejpJLzAqrb0DdkIYm +I7AaQf/5MF4q9P5dmZLxpDM/WK8E8ZA869Cu9myXNLLXff3mmTtVZocZ2tlK+HArQ9xlUIu/ +sPiYHzxrVl4WpGy67nPBbRr1W0iO1x6f1sVkDVZCJDj8USK2oqKcQSIFC1juRuZih5aEvvmn +w+6isuxa0snJwxorObIKiuurL63IrC9g7S+tWNJajxmX56mXiQIcBBABAgAGBQJSDZADAAoJ +EM9swzLvvdbBUN8P/jwckyiNfK50HeUlxhAynaVATyrNYGzCw+tbB1eyPR7rpiA2BCgd/JBJ +9zrPQcaP0tTyDSJusAGcbah3GJjUkjCaPNx/JUhCAtftXOwTHr8QZS1vGJIfiB5SN9X9GPEY +f3xQzP+VhxklXCvjVSO6BiTfFk7GtRv+Q5VuEmEEsyEDT/7IrBJs4GGA6yLhKzJtlAhnAukT +adgsjjPP6dmlDTTBXvvGfZCrK2sKxF1pMY5YsnvX0GqMTJ9Tf9eO9V+MC2MDcWeUQneN/Vj1 +xdcnkImr7TbWWbBzd+V5tJit0K2k8AjgqL+m8+QBRzrhPVRYexMsXCVQ3DuQJLkL2cucfgIh +QmXIG9Kyce2BI7rQbhdkaw2y7AOS61+2dX1vIlJvn/u2+E58teyDmBoIeGeNCabr8ZUm8agd +9wjOpYmpz2dx0q7iH4LYs+XvJqRRNUwjjomDCEa+oTCocBEjoZLqyOLVN4ILX1VWy5fSMn4l +8amidf7AqCBVzWUJBBfBzQpySpdl5Jj82fWxNuoHsuZfonAsYu20MVi3ekNUMyuFfTku0NkC +/gXmFAPag4tEgWdPWlGZ4OxJkToPTiH6m2TJ2ETqI9dmP4QcYHrdR0Wjs4jGqKdPCUzU9byl +SPxP9Idih+8V0WXN+AIW9mKRn4E4uTYUoNw9B7kVp6TVNg2HFynHiQIcBBABAgAGBQJSECB/ +AAoJEPmkXn1S4wVFD2MP/j839nkQd+meEY0aaDh1U/HXcpAIDQgklz3rY1/VSzFR31grCKKI +QpKF2NDLkLu0Phu5C3dIgdvkMgfTYMXWRdyWQ6O5B0zjwYHcwOG3m7ph5kGMgmHLmzzfBaKV +Yl8PDKTKxT86C7Qa0785lDxeBxGx58SynET6VN2bmywPml3PYeQ6/kOVBxyPRBTvIq9AqvIy +yi5N80wVIRpHWO5i9TMrcZjQv9wn0a0AUr9nGbKzBIqshOH/4WxSNt6OHCIA6ClWJsn8VTNh +oUpOLSjVyTPvyj1752q0k9y7QFl1NCuHUZ2B+BUyxZihyxe1ZuAqjY9fAPTiaRGesI2j9M/T +SyjVPQHPNss7uJ0MkoqiBaCF0RYAinM9QMloTkqkSdhkxgZcoQmTP0K5FJROzJLlxdctQtls +viEpludvshfGIh2Zw8jMmuQCLtkmPlsSTRhOyawrg5GfUMYydi4Rw3heMQFKgrpF7tEOrukP +cXiM9n0pLnBRXhMBtQwfhgND9KN6nn7X4HUBcnjiSStcadTEk4kmz9DQfDiWY6qdxOngRJJl +3LCLR49X1euIWg810NrAVs9KSf8n7Rsd4yhVAcPQAM90Av91+avhcNyeOq9+FJdxeTa1Rjuw +qaA7ryjZ627onzMFlxdgLEL4OXP0Gzs98ba5Fx4/ca/ihCSehzfMKzztiQIcBBABAgAGBQJS +ECo8AAoJEOZ4Ffn1yXCvjWMP/35HtUvC6HwQO6YrUutAt8lLgUpx/Beemknb2jgsC6Ak7+vv +9TyygRXCPAAEo3NWAPJhWsGFO4WSDhPF2mN+y+PWLn+jhMxS8V/9i2PVHfWwvrJW698lEfNF +C3MP/waqA4e+dN0fkyKUIVRa7pioqZW62sTFBOXcrjdPuUKGVJc9aKt0ewa59ZL8MZcderHH +S2pgOlg+zsLEskadmp6zxKdl2dlrOd2h8QmbXlmSCHyRe6+AjKx9AmQwTS3qn/e8WbEkP2HL +46vOjWSAfUtvzT2sKP9GpxLlmqG4dcwVPyNk38fmfcma3Bzo0uir87/KF31lvSavzDkytJ5s +qEmWs1wbYE32ZO8LHVFizPyDv+5KQsjgDNtqEsnnhfBCWTyDuJiFSvE2l2XkMWodN52Shw0s +3/2/XW47MeEbLkWBB6z2AXch8YevJFHFx1+g9w0ES3qBIJ34CczYn/VxFYsG0GlzVqzL03ue +PMx4SAnSkKwJ3PC8k//VnUDWFbbHZ/+ZDYGsA+N7IybK4L80lz/5zxRkdA+QDJ8f6alj2Bb5 +yMZ5AWQv7CB0lZNrUId/Mlf5Wm7+KYrFVGhWoinYpOhxr7hpv54pjKtkeBseGLXH8Yzdvp0e +KZH5T7w7v7N0/aJrBg7doEB+bBqz13ATYx21xKfN9vWzanUHaJUDjn79DuvviQIcBBABAgAG +BQJSE+KkAAoJEDjbvchgkmk+r3YQALGt6mULaUHL3w34NlY1UPsJSMBwcwfLA1ZGEnv7zyt1 +md6PnoEiYP+yyXuLY8Ihggh3RPunD9mja5poVNCthYR5plVMV3Bfj19J/e30b+WYc7jDRE8Y +9k/OPDnXKzaF8JnKEag3mxAZbVahpWUAXq+WlAV01EWhRLrDD0xlAAO0J9YNHJJgrJj4FNvC +Ek9XTFgxgewe+hMr8VWDbuEfONDcfNqAd4PzykFSoWLOCE4K1Fmm4BdP6l8qygDUd1E3ycC4 +Q93klJwJ2TtXW10bu5zv/PhXCtQkgRps7KajXcGIdYDJtIRsHbczBQnRH4/hjSgTOObIXtx6 +Cau9AaI3QvJGoipwhPhgAQGJVQPV9tDcKT5VpESvGMORj490Zyet1F0Nlz5e9RMKHDe3jKly +iQgPkWaY/EJLfNEDAAvVX35KRt5NYQNadijSU7CtZkAhRhEn2/tpDGPxYdENOaVtj1ZuHVOb +sr7o64Wsb1KrfBd+anjjwD4fhfHaIFigKx+c7Bpi5PJALW1X/Mi9BB10ugPiA4rOQGUhLa9q +b4X7dfcZHqL4f3WANDz/JWbKoewy8G4P6LiXVuIfhmQcjTNalujVq3P8k+VY5daIDGtfvV6N +PEPg2AlYw5Zrf5+gdpLWIHZZu69Q0uPnDpYlBfOdSP3pMc5CKypFcR5e/QtrWUrjiQIcBBAB +AgAGBQJSIGRkAAoJEHEAMShJSBVXjPIP/0O/qVVqjufyRYOVeGMjPlLyTlYEYlUoQIN9K7vt +YtXpfiap7VqX3/WmCNTbRDVDoFOeIZWDDKt1R13talXraNa5XJpH5AqbnLzupPeALkXfB3qz +4GzNfV8Zw5b3+ajkSsADEp9BXvOXCBROaP1TRm8bA/XGOUsedDPyDYryOkVrr6oX2RiQedlj +vhGlP2EMtLicNrCRSZnVTn/J//E7BdsrksO0SQBNs3WJ806NJeeaOLRpOJufuAW6Lz0l/EmT +0sWg3EOOwnIGISIt7cSfRJGXrtca1LevOokKNm5Fk+Tlx1nAPnUY2FcIRCZ8o9B8H7O1Ihdr +kNqMw+5VYpDKAMzV7noG8XaV1twCdnz7IHXh4v6+NCVLVhgP2jgiP8MhgrM4WP5UBDqkU4ze +rtJUYj+bg1yZUndRIAskn5nCZJGQ4XHMHkSFLAz3osFdG4wmN3SXsC8hNwBL9frzQaGkhtYE +AuV3G3PpmoEwNi7WGELjF+lKVIriJzV5rYHXkXS96xPyA3Gv6SpF5Xd//PQBS+V6nCsGga7E +NRE2WKh82VpY2hMlfxuPzgBx3JWcYOtVsXordb2Y1qt3gBNxkWUnf99DnL99qzrPhVWwUUaF +TEIpejHm5hNp108mCFxhCbkI6e4mznf9cqyRFU9zAk+gPq5OS3zQ56yJe1NQOJA4kHtjiQIc +BBABAgAGBQJSIKJbAAoJEKLcVqN8cYrud2cP/2H2DQI8csyxq4/0nnUBnK3d+vwD/jhkGFcz +pEOUFRV58hdC4zHiuQfTMkMNIxqq99YLIJwNGOMLL7L/nfmzrc+8SyB1EQZEi3yKTYz1g+OG +VB3m4fJ0ZpafVn6HyR6eN57WCYoxBWQUuIMXALm2l44cBKHy3xJ3EWwbCLvRUFXRVPKoY+5m +uH/vHXAZre5GdN8cvYM8ngqQUPj441IpAImfrMCYoE0Hsp2gbuZ280By/FjIGS6jmwjGYb6C +5rFrQxfGsVEx32SUn1Az2L+f7gJruGfrKg+0bE3Z6/mPSpWcj9WG1gWhCO2u1jOVWstnVKu2 +6hmu0pWXmh1QGEC29pqbQe/w2AicUlLVGpm0wdRMZAXsVbDVcDe39qSNCTYD54sCa/TQKC8Q +OG1ec9SYNJpTSst0cf3+npblkASaZR0rGqTtPAql2vX7e24/YkGj2wGiI1WxOXwSDU/MDrMY +wp+nCfEWgQ2lBxvv0jy1e0iRJ+1NuVZLvWZkCtO4Gj5TclvrqAwepFSO7yplGL8/odbjKu3z +JiSTLhL7GcNJWVOyuCL7HUcZj8KV+xlmvD7eKZOviMT2KsS3RdBTLExHQZAowJqELGbNw+HD +No6LJ2R/tZdz3nNZpCZSIJHmZAsCWt7pOOxRn3HMWlI51pm9A3EQ+Oi13TRnV3d+G3KM1A6S +iQIcBBABAgAGBQJSJ81ZAAoJEDuVF2olPLTeofsP/RSYHSaNwfnPg7slmo03Cw4LCiT3uJ6d +R4kzzgvJJwPuZJcYJu/KH58+onIqcHRYC0In4BpCezG24V/kKdrCoIpv3dTBELVQ29f8C6Di +0JCapEEaiVrEKC4BsDGB3CuejUYDH/4/C9Q1TSOJ3rTbIU2JyGdGr13OpPsvwZybuHYzq+MN +B/llFeVC+RntAiKqD1U4BLpaE2a/UZ59eItrUQ8d/DVnFUKRUPkE6MWFA6X/urDNab6qQnAa +z6ECAbjQJY2uO75rpH1ClVLwThuXxa6qUeOqDHHwlKe9trtolxDoUuCirXP3lYZlsEqbI0t4 +Jx7/aydg5Ue6eOKToAtwj94j9XbyWJMN2/QQl5IBhTjHA3V+vSPCeYXRnsMjk1vLpDYc5RbQ +gxIP//T4VJ0kRgkJTVGtPliCOdVowwbqVRrZF9rGbOA0AtMbrgF/B0zjUn1QPcYvuPlAXzNs +sFS5B+a0/9VWH9uJfJMP4V56EbGl8lk731gXLTcqD7NyZI56JL+sLtZUJcB5S6xe5RZSBwPk +ehfBJk+klYLpdGFQWRMdR4xCAaqkx5DoeAlZuVDtqZxBgy8MTiFi1KJ1ISrYwu+2etvd5yH5 +13jDj6PSg5dugsY4D+jXaoi68ff+vCba9ftpCQQnavSBbqmgjfgxlJvUUyefWpT0f6ASjKpE +27MHiQIcBBABAgAGBQJSJ9GrAAoJEHBbyUywDEkMc7EQAKKlDeojkBu629w7fSqcCBYBHvA9 +/nlB+kN+m/Bl70v1XGkPsoJUEhbm/Iwk79pjBmJSUhoUbNnh73IM7yCCvSnilqUzvA8crUq0 +NRU93txG7TteTVkPeLUcOwCGj7R5fhFUaxK74ncfz8e8+mxzblAaa+Jle6m8ZUr3OR+4fP3I +ObQkb6VbgH6d9vImT6761tqRWx4kRPoNWF90YWvS9gWBgPC3LzNe8uNhkR7O3nogt+iOhLM+ +dxhkXV+NfXsUkQnVzstqhIAoMEtKJlT0zwWLsuoPnCtwTuaQy69BPqQ6G3CEGB98a71n7x8N +CfpCvbl85UEGTaKRbVK/qeFJRIUvG8UyNyNd04QVLzlD5krWMfhWk/MDQREHA5g09OL1d/RW +MYPNSR5rRd4tdThsq9jQe2Mh4WZJ9O97YYp4wnxmZCT4FH9HwRELDg2PHKhC/ptyVS73+mM8 +EfoFM9KdiSJWOa1RGaU73RUj6egx9lvriKbyeExrIW7iCrisgcfZliTkQuFOV0elTfsIhQXE +ADYA0e4j6THWUTKW4cVXqTzs+yC75nkisgQdHIwE7Qtd3ANvjAIqJqF8Y7UjYxrGYfMLEdYP +GtShTfJsFZ0/nwaFKP1Ggtz0C4bDmCV93nEp2mXtt/SDcss0hG9J+gmk2KyX+/lY1T92G92i +tobCgc00iQIcBBABAgAGBQJSLcO2AAoJEPcv6oDKMMnNa0kP/0BfFZoT4Qwa/JvBPQm/qGIa +9u8LNvNwWfV3pxbVGkiuIHbthu7QNWm5ZBzBL0AUtkZndwqupjMmcscnhWBOuvBmKdVHapT/ +WJwiOMaat6GuIARMy399Ro+11dKDrow66UJmBD/f/AejwCF/dOGzX0oXGpIeXWl/7srza1NE +vd4Ml/N3pbm9LrqIFixHqWin0vvv2iIKv4ptyM+CI85OV2cbhr1bGx58Re2WRhMW/r4U89wV +ciZ4UVZbIILodbG8rZ9it92Dczt7ooEVE99EZDyDRbSW5Z3DeNpMYe+rUXp0WriT2diUYYVa +fRsGhh06UNx0EhTCuP4/j/jhO6VNosPonbt3TyMA670SpG3cXjtWGwWPBMT4NFOtJGUlGQSe +WOdVfEsZdmvuGd2yEXA01JipiasRKZ4huQJyXUjTsCcAtBRqAWPkBJVei7519n1rH2X3LuVr +/ME/ZiAGFvae22Cf3fMDch5IZMdYhMZl+3zbMQaieyNjKipTiEnN1lqogOebkOTxpJIb4pBv +L8a+rKb4T5T5wr3BNwXaRN6iacPK8etEC6vo2wXodt/Cbdbf85ILou4EBv+cfzOc2cB+2dol +GcP9IwWvf9N/4d8kM2plu2Cr6sn0meKv20UnRwtHS9g0lGrRZylO7cx3XbEgWbdcipkKDhv9 +e17hR0R/mrqniQIcBBABCAAGBQJKDh42AAoJEMFWypXwCMM6zQ4P/0VKTdivWyPY5QR/0x5N +dVcHg1IS1+AEuGR+hZGmeVHvJtXKMeyvutfE+0YASkGtxBpsoRUQBX+sRfqN93LztYQXeoG4 +xDLEix6ALTXu+xNPeCHVi+OlKL5a55eGOjS0OYLYqhNRU1qX9phPcMNgiXl1iWhPSgswbkf+ +KSLhbHgYhsgatNtO2yWW3zg33vplECXKhXpw/xWCQIYy7vnEiAXXeVJHK3/x3rl6zcw09u0b +SNRNT2LLt1mAS0RGvezi+asdIse1Ck3q5ZizTByXWxfYD4Uyz/LX6R5O7iDI4zmPNsMs6hFZ +ShnCphgMEunf4eUsL/hbmN8arnzPqcacfEFTVtaXioQYdMJyrfNpGXBmhIXEhIlJ1Cws90aj +43LPFkGUmIhpUxzljR1CTcsRRtv2qkWbNGODb7titq9qdH4Az6pY/lOddNepEWpffJww5ZiN +PZfNOZjpfcW9eD53VFq9AQnm3+stZ2tq1G+etylaOOBHbmL1WOSum1jtCIXNGSjInhS4vDH7 +oyjFrWxN9rvEc2jhDWWGWqoqy7RikeWz3x4reGL9ZsZbbUILhP8V1EcC1P+wX2m3TThklihT +ktP53Yv2XQDebskqSjqDHuW8zIM7VWOlywP2jMRNZ71s2z+kbYLVkKOCEexqNAXp5/bgvpPV +qTw4KU+vZKYNcbS4iQIcBBABCAAGBQJLiWm8AAoJEO2FIBGf6VnMGVkQAMGsbH3QcwTjs6g1 +Y4PZYsJ08HmpqVh5/FeLUSBSmnRD3JuJmrQDAbD6Qc9z0vLyi+S15tv2uOcLGxPf8ZzOmh5Y +BnGqGn1OABv9Br+DcEEkHzm+t41PV75Hy9B1VicLAsf8Ag5/kCzHX3gdpjshnuA/t5pbIOeY +u2pXCB2VGOrbW8u9xUqfwLk500QjQY18fE64JHBW8DOL7XjNeC0WTtFwzcVB9i+Hmb209GFP +bEFmQ600+lU8+k67Z6QgjzQuEKahRrVRRjHOShvem8nmGrPrXdF+zvt1wvi/ruYasK/5AYu6 +c3Ofz/p1so3kO6F4L9Vi6SJ07uZ9NWoWN5PlZru97uOfcgoP291DMjsFqRiRoCsQmtBnA8i8 +fLjOexLzwvM9qmWiyvzleYI6PrXvQj6gwcze/6RkM4oEfgTHT7dil+1vSlI6xqD2/e32lgqu ++txij9UoeUP0/pc7wKNlL5GRoDH4OCcECn2L9GiU2K+ttnUoDZmM82wRygDDJfNWa04BP8Ct +LW8sL5IAilqOGatzoZ7tcc5Al/AkoP9tQZCgCZMrI/rTqxgylEy2AmGF2Jpi//EQ5xsnXTF1 +DMpO4jHYlBt4EH2VkmusDVPnzcxW/3YAjiSu4hqUc/OEaGvKZjtC67IhzD9LG+ueTKHfuxOI +/J/Okx9qhYsFtO1pji7+iQIcBBABCAAGBQJQ8QVrAAoJEFI91dNOjkjZ1UIP/0A9taUOokeL +aA3PptMEXsgnHmPq8+3kN4jieqjNHvmdQJZ2iSKE4dMeA6LIbysrWEnGR8zQJDaIQJwKbUc4 +wD0HtosN4hxB3bS8/H9NBEMxLDisoRAJQOy/1qr4wW4iTvDMQ2StT0UarFBLPKf+QeyQxsXU +xvlBFwQLqIxMM+21yFU5RoWHioCNPQFd8W76RRI9SScgNwUSz+zFiE4E7WYr9baxg8i1vGr0 +TFn98cWrml5QKFwtbAdSzJktR8JO4+c5rzQvBH1gplGXvajlMlLf7P4Ck1QKHk8SuViY2MM4 +9WHLUjnXDxwZRlfnF6XYq3GggVvLRFVWaFvkemc50n3KnLfXZ+QL0FeFtFvBbBfUpE/YTCRE +u9f60phJGlZWaBklCCidp0HAUE9PIeTFtGU+FZK+3nFE6btNGDxreHSOedcBYnj+bVnfoh6D +3mgYCpvTE05zYs1MWUjuq8jF+BUWxC5cCXknGd4nlSfrwLbAZSq9HuLJFZm5b1ggRGrgUcv4 +QD09rvtvGvEShRIniejhCs1ZQzsgvKWZiyOtRWy5rala7gghWcfP1SJ15W/ejNRUuwvH/Kud +76tymFcPlYu3wWpEAb/L6cQIWJajNHIcgTXDVp5OMnYRYljD3fZ6NMPrUopVLdBVD2rdPMN5 +/kx61LRwnVj+prB8qSobFOmziQIcBBABCgAGBQJKEZJpAAoJEHSHpJXVvPNjPacP/R/cvwD7 +yOXyBWHpoe2c0tNdTXgV+d3BGA1rBZi0aOphZ4IF8LvjTcDGmtEU8eeKW/1vDhlZlgMkzC1u +MJGDIfGClURoKMHQGemKjWAQA8kanviPws3etDsDIiR+DN1YQv6+mbQ91pX4vVfsxMBJhTrk +H1wy/67CV/j9pQ0VKdx0dHTQjp8nMKScIIPaF+IrMIH9/W2rTx2hTPxIbxz9E3pV0PkBk2sM ++mecL6KoAebXABw5TJQFzFggfp51T18YzgJRjuSeZtLv0LvYGnce6y9++36WHQsNKfAZTKv3 ++oILAJoeBeErCtA4q3eNr+6bZnJ0vNL00WsBn+G2muMt7vzFdFeQEGYb4reZghgVOasmFXbk +fUxUvl2bvt5no0k1o2KySxdJTi3580WOqDHWIBX3q4TNL0GRcUW5QJAqEbiRikF3xawDhP7J +RE9JRS5j9meHdf/+u9VVVE8ZIQKj0iKiuwE79XXJitv0n+XfVIw5pXX0TY82IGkTbPPk3K5n +pmGP6urbAaPSRN86qerWSpcXqnnuPTv3Gku4zw8ktyhKTecOIRBg6bBqcJWGUNlhvUJprMkr +j/+X7Zv1xYfHIuj3rKtegHDnTMz46AbsB5nvgFOy1+WnvNOW+sHHWjopjrwWT8woxMH/NUOR +nNytYaI3djn60sr36I2iWohVX0IDiQIcBBABCgAGBQJOD3HYAAoJECaQKFug2WssFG0QALkG +LcED8x69uEv3Pk3x9UTYq6D6D4UPCSizrAKgJJ1NbNXX9jAKTrFbA2M6mozidASixoC3Pxj3 +R6C7m9ZNEiD6n3AULTt9hpigXXJETjPLGxi7twPmNApczjIZ1XHgAI1FIJ3GzQKr2WnGEGHE +kH4214bcWtKhhwrp7AQlAF4UN1TovCfQxanT2SQfVRjU9nN0txgrpRpsXqonOAYH04AuY2ih +I8WoCALmkDtiPAHqDvb1gMLQkf2qHmfqi+KtRcB+JVF2ZNi6djxi12DjpCI+7yc16HOxbwzm +67bFLhleKzbzV88wKtvseKgmzuG9HbvOVh3dKgEM8/DUGWByPByCWhrOsT5rO2DRUlVFAeLU +HhAnZj5Dx3ofEdxqtFmYGBnZqJ31gdjugU61waH0QzSW4/eDvaQI67lU5d6bCKqg7NibYsof +075jT03ve5FCyBw3jiG5fqmUpxcsxtguj5QgQkaUfu0VeqDKMXcod4syA4BOakEPrWfgNBfH +ar5Z21O0gSlkGf8RZFODZPKOfzkcGUcyEcyN58j5KIZnetLMoVrs6FjFGDbMQ76tM94/nS9R +vHD/CKxaZtCIW8hCqao8LrGr1VfdtaWnsl+JPDJyzh5h66eS1CS/J7SjKrJuMIXziljOiUhl +vVuxdB0WaW4fcd5NS+JTXI0mazxbAzNLiQIcBBABCgAGBQJPKwPLAAoJEL/8jdPAbdawel4Q +AIzvMM+MOwdVGcjqDVNpnM/Ju3+FTqz4DcWSq8nys+//7JuY5lCT7B4drcAZdr5O2AqYSBLW +zKv3Avd6veue80BMXWHVTGmMtAYp6EWnUELIs9u5Tp0AvvcKH5OIxVm3IlaAwjSHv2GF5T+b +5D/FsUp3vFkZILek/g2bQCdheFaEirLwcGmqkjOmGix2et02mjAQZsw/QgazpqQ82aQ5vSFd +zOCMwI8sltfETVu7LZF9ClhWP55/MDGdK812ymchOXasL1225fim8dpToFVf1a85c/PbpNIq +00CWk/4njR+ajdB+nlrNzTGm1psdTraNE31Lxlpy2DHt5OxNwBZkXVVQWnNf7a3UpAwCpDYh +lV2t8DiF3BY0klg7TNwquMXTY+YBNl4DDX3vk7SlSkZvJTBUV4O+vvoOzWUHVKRhdCXUGrGR +jLPmVUEckBkVFTy1dabCUpeYgx1tVv/LIr8Mx6X8t1RS8gODFpBz6SDDmq/qNGzNMbrMKrE6 +qokloedLsCuV8RZfEb2M08DEvq7ed3soMD7tx6Ex3j+ZKRYBd6VoZfFH70/ZN6bHv53U52o1 +7Ac3+FntoHhcfyCa0OIWsAnLJrV475SDEoutWS0r7sqPuW8ORUsiv+n7CKE8jas/5rbb7UaB +ZJkMhbCzf4H/gMqv5lg+Ru5NwEDJhCesu1BKiQIcBBABCgAGBQJQN6rvAAoJEHsf1KK0osFY +0LEQAJ13CIe65L3ED5n71zEtx4mKfot+NA56FCA5vO8aaaeNnP4/9FTiF79sWW0vz0/nm+uR +UD6KG8W8x7FN8zFVYaCQwm/Ah17QPpuHElDWv96bWOpr4T1zuJn5bhfr6yXJwSqIYkODo2Nq +MPDrfpVCACWSx6PAdKCrofNDf+b7rllT8lK0ux3w15ZJ+D18l4xplvu6wGsq4Fr1h8Iyid2A +utlp8K7CIRpkN9ScnPoJ6qHaElR4ndbfz8nIjKb1YgzuhMw/MCDrjg4dDAFivjEzhpya/hZh +DZdQRmPBV4gPd0wUJIqX6iEqZI+RhYxZDm/YEyQ8Bo8SHlMH5NLP+4A8fQvhQXne7fl01qMK ++3Apd6P71rgDOqEqXFBR/vTdyEUrnMvywHdQkVSsdcHI8XtAiqasH5+xqprhKpfj1o+vIsSq +8lMt59Fd08S3v14w2BvXinY6y1sZWCZZ4SFQSyvxH8YyJ7jWRjo65KV1AclzI4bim4pOnpTv +Jtsnm8jlo8oehvznR3IV1FoIYUfzfLp52umYTa507hpO64FGkRtjeJ+2ENqTmcoL7qB/4w3R +Ci8TSX2iFtU/9Ldcg6nL4S+4RsaM3J2BpxGvbc0GohoGbI07VccVswb0sXUcwzN1YCw1NQgP +HcVJz4KSc2FYUjJApcXvSQ97w/eHjTWcExW+XmENiQIcBBABCgAGBQJRqhxiAAoJEFaEJ+lI +AZakSm4P/0yW6DlyNPmEro9gMAtLmBT9Pq8ZVr2xmWrRGN4b8gaXwepgp0PIISSQkI0SuBsf +f4cHqN25N5VUKWgRAnwf5b5KxQq5MMuacchBj4n/McLijV/xjUOllpKhtQ/bPC4FhnkZ+uh/ +5RCS6qqyhncW82zAgHu7fqsiT1GpRmElDT2pNEGeB/EWprWB2LtO9Pm/Cn5lX+PRPfMQB0xd +CwvXx+hs+cD+nOabx4evfcFLQFPV9Va96y4ld+sJnXrPnnuvJOK4v/C27DuE1suMJ2CwM3VH +DJM0dADsN9Y8KlQdGrtaI2p5peOit9+bFqMWS7UZP1wro18+kNNpf+6kjZ3XZdMNPJP0cmYq +R4M8H5W/6fVgmxKjhcbSaPigfsaAavsRc4N4YgUYvw0ILovkI56sGPnEMy3vzzuYpBlwfUKb +xaT0wiMP/pmqv8tWCFufdiRrQ4qy38gNxNm8V2gC5yDj38fnwi+cRa7gQZPKGJclhexsI4V0 +/QRXbxoBt3OrGZxkLxUJLEDyFZF+cvxFZtwwK91HACiSpnzdrP5xv44hBy35l3m2QLjwCX9D +BB197SaVdrMBcK6J4P5IDoo3Z/pGxkQUn9cWAti9UGEelDZ81WWKoJtV/5o62ooHmz7Zp4VY +6LqiyRSsW5at8rdiARWJPFCiHuJIyzBbIv5zDJa5PSf1iQIcBBABCgAGBQJRxxspAAoJEGjX +qUtMhayB3IcP/AnrwwWWP3VX1Bf/7v9KX+a7hTFxdtaROhjAdLOw+py+gRDH9fcOz90DKmi1 +iukM+SqSr0sNJ+MJPNFtikw2UGHHrNRw/YlfZkyx+KXsht2P5sAXVShNpfsc418PBXTJ9YR+ +wuyONMWpesEoix60eE45dV/7D33DXiWzy/frxeBwEM1/DFXov0iczA/6DZk1jvYmWD3+l3zE +cBtR10jn5V5RikLXaeWKBK3+wbFufnWpww7Wgmt1Mq+XfTb/zP4136MhUxIMkTFG8dZvpMCg +iXyDBrA7TjsHLcUsUSXveeBnVAfIUHo4GLbzviangvlwv5G1+iwfFqWIw12kEutZiCNyHivq +ics9pXDOBzkfiWr0lZ2qHa+BCclb1YUFEveY6PuKRCTp+uEeN/fjmG7QaLVRMYwramUoFHmY +kM8U/z1yYml13eRMOzSEvC1953JIGa4DcuFgm8lWBv+Xb3MjXachiMur92Y736S4OCDEWUEm +kz3we149qKju1BPMGaYXr+6NMMhLNjl6yIB3wqaWJcSbnDMbfyjvOveNB00wGpDPdyslRo+9 +OcZ6Xn6vmT8WcLw42E33x+7I7WTkludg/z9jcSrbLRIOBzm9YC3uiqo4MAsYtCANM/iyPo1y +2rKcjwrwUH12j/rP5gTpERG7Nfaq67KFcWd4wp4vmGvWyB3tiQIcBBEBAgAGBQJL5ZZUAAoJ +ECCcKhWsmshBvl4P/i00N+BPJBhp4QmMzojBw13pU8UHiEHEEryG/jPwa4Cer+OZuTPRwigp +VdsuHNJeZnN2EHKZ0NuIZvp5fPX5mqtxQVKbft6XCte9HbHw1hwvWUnSKu+969SfxrshcDUC +M5AGcsQO3m46Sz2pNnL+f0rx2sGvSIWcRdukFy54VDJrpUrHcQUAiTdLtP3kzhLR3u1XwUVp +XmjmXWAPgM7O+LthZzcIzxNtQiw+l87QkoKSK2G40fLf00rts3Ocd2srKZoyq7bgDtbSoX/W +pRNyVRA3Q+2yHM8p3PfUAIRQC5woLl827UsPfh54OxFlVZk/Ku7IsmgTWu6q8nGBIlOqP9OD +ULaumOrVt7NIrxg8OfcwLsxrD+bowpGVB1MQQhBYnQLUznJ1tyT6+/UloE1RenlptbuEdpd2 +Xjq3g0s8zWv4WiGRfk1WnjXStHQJA6MaXo7hNN7jUSMApJGmo5PAv4J302axbZmIWl5XoXbm +pHkW+ntAO24oFdCn8tCrCEY8xZKfHkz0Swpvza0waW9qYHlCsU4WDDUsl9MwbRNLo8L1aL7H +4dmQiK8NQV+36h+YOuFzw2N4IUpKdDxxoz6Hx2WUJRSzrpRgyHWP5PyT6Ysu4sOHvi7uZUQk +V9c8bDgveAY+gS+dUyV+ltMqDl4aJcdVRpNWr2mL9ngJugMWHK05iQIcBBEBAgAGBQJQha0X +AAoJECKOzBLAj5HB7MoP/2pRTAG0RS8X5yfOa4q5t9Mfcd/9qK7/6cKQSS9I1bUq8G/7kZyV +N8G/xfRU6T1l0ZzR7SZl4KeCpA+ReE/71qPtV69/hywY+kTkextwAhN5771RU/parOFMVcas +J9YFCKhHneJHYZH7M6HEBFRLrJbEigkBIrm9sJ08hOXWE/iqy1zqLlmGjD/vIWRlDVneZ5mh +NY65ZC3htkyrrFvaIgc9IYk7kxVjQCtKrENioYwfJEX2QmTIkribHbomSykvmjZ0qBfh1gDK +eORlZUXvfVuzrgUSLOJDofM1fhVBzUuzSd5AnvkKRkRBAl1zRsRLSeH3fx2z6lflRa3gsJQe +cHIH/GdBylSnX0M4n/rS7mFpC2yP+cIRrt/wnjxgQEiS0rsToJjCmACMncqTJbMy5iDlWONU +6EfqOAtMgGlP1zjhQl8WQ7SA65eO+0m7CavOZUpxZVutnkXLlhagoDyGM7nH/0tFW9jk2u6R +uVyYaDzwjEq9T4SeXY9y7vv1agulc0vlZ0dO/e2N7oA//5ADnMVLxjFBs2h0ta+f/e/MouxX +V+pq05MRiWqdqbLWQFWmGSAYN/e0yjgVZ/6eclxlOOYQgp2aLH9cd+qTIppGPWJsr3JxEIIK +j/kpg96/RG7FmZ/PuocSAMakQJfFvRiPgwR/lrRgeiRvsSMB6fobargiiQIcBBIBAgAGBQJL +V9X7AAoJEJmTHiXZHgEsnzkP/i27X81IU4XfsGJYub56vbk2BNIfw+RSoZwGEae3HOmJ2XFo +VaPWjCkyQhR0MlOvHv02xaiOwx2bJaVAwi63bLxIdLJAeDShWDt2B3A3vp1puOsoCFERNHeF +xqrsCw/VutLXSzYfvGp9P/2uv8jgQZMG1T5j+He0oSN8NVWbQEfwD2j+edanwb4aTUT4Uz85 +tCeKykv9YR0nW9CaIthNvLeFexvBSLUbDoYdIag8QtzOGYES/sF6hreFHLOUgzBQvlZyP4Vv +C2txQ5iNEi+rGK+Er+vf/owlg2HtldW/9ekMo8x5V5aimMYerZ5ktqKndzUVKn69IPcJVG6B +AtexaJTvewMxj/3IcApRPhoA3wGLTOnTU/6C7sH9aeyiuRWZoQm+r0XHTCwBPYZJkSMgbSmB +BISnU1NVRi80lgRGyulIb8KFjctClpEJTmcEkFelBW6749QuywNVO2sQyBtWxyR/MLMU3Lhw +8CG26SdHXonOVivVOhK/ADr7xpgLayC8eFVOYh8RkcK4uWhOmp1AEM+vpSK3ePKWt8j+hbei +zudkxdMkNmySMhv1D7jIhMOpBZKKGp+xCbmwvTF5pJddhGIn7PY4Ne0UChlxryZ03BMnthvc +DOud2Ne+5XSel8O3HHuIhEMRuUnuveLeuuEb0q03XCklG9VQLkBjuD6xLDuHiQIcBBIBAgAG +BQJLzajdAAoJEG5ltZNgVyHKP78P/iefPNTwAsijV+2+e7USZQ+iA568N4TOg/EOfebHT5fl +JrHOeO2YJpqO+gBfQMcKkARex1oGxwiu7k2LgJFKgCX6LD9rzAWquPq7ibqBBvPGfSYbj/Hs +XOFb0UzhkJ18gtbYbiMrojixhKE1Qy7yCbus89Xp5JacnWJgIb8KcXYvBp3fjEXkUyKKN0ld +zivRmiUPN92nUbOvniKjjb9WhhrRUEz+OPpe1nM+mw+hocWvuTkifKPr7WiUYTybZssRbYpu +t9kktzddJ1A/ALi6GCWimH7ZiQFZBYlTNWXyQm0oDoQxnJzt/NAo6na4i6FkacJaDRrSpzwQ +2/0zBdFCTIbcvzalXaftJQ/IgIL8bjoiyhuqG46UQS/HGDDA9HB2TiFkfmJxQPDYF5wX/B/P +IoHOPNcTFK8s7b86MMtBYs/965Za0Pt6La7Jc42eaS0O1+qewtz8N9yK1bCa957TruoajxYC +ra9Ivs3tXQm4MNbAIOBY86BFd/K+Ph0twPna9rUMajZhgSVm7cP62V6mCUfC6wRyrUgcWpgF +fabudzTrKUxc5pTp4lGn6KMgZ/+9pReyy8BJGm/5rLmzMR3AXihVOB9kIMypDOWoch8N1Reb +aTad6wA94yN2uPHUZfYTwkLHgLoBzEQ2G5F+beVFzzmkgytDhPjslcztkwRC0NEmiQIcBBIB +AgAGBQJNyUD1AAoJEJyqDmPyTym1nxAP/2ocx4fwcSGqU+EHuE0i5zKgKNKSjFnLeP83GH2H +fgB0sgJfazXsw6ZxaQevSjOzAndF7kRZKhjJOWCgqeW1XdmnmkDeoTiOfsr8Xws1XqKFjwge +6I5b+4pc4aWRX9aOjaIqwvSPAQruCwuYHP0FsuYiHrsh9nykwsHhIzAfI8BD0AdTJap2e4U5 +47AxdMLuIhAHOFxNg3NLXV9xevYfJlrXB+1PIsnJda0Xpxprux0PicSjq6pg5Khb4pCqQFbL +xDu3ZDZgoerTK4Iz0TAbeH9vkzx6FtNAOWdNQytoVILo9RtrACSxrYzM2cVAVe9lVs6KrRnl +d9KO3dz/mNx7b4RuJO58THilB//0JFqRLTgEOPnVWqRjjlDT/cTdpASt3Ehh9J2Zsa4gMp9M +BQbQn3I9E/NX6i3I3hscEtu9vlCVYSBgDJ35GnmtZH/DTswxqGh0/It2n+ca48Ak3kTLVX22 +tkBl3sJACSo1g8ZZlybZR9KzdcK7gby7FPkkVlO4kxQl567Fp807JMu52nUs1ZN9FajLRDKh +QR1cSpdcmSi3lzMERntUOtjanqoGQvHU0yoAfwAqNmWxdrPSJ3KmDAap3tTDmHnDihoyyP5u +BlhBPsJ55euIxdEdl/86QPFeP9NEDyb8eWqbItnayVfeJKcwxLhNiJInwRAZjdRvydX4iQIc +BBIBAgAGBQJOysJkAAoJEObafTYqgRi3AuEP/Rc0Bmq5LI81t9MLkXMrs36L1glZX4040+wg +cBYG1ezsVvzz3P501Lp1tHQik4TXtS2sWn2Ynvo1Kk1SYvDQ3GIJPp47gSHDKTNZS4AJQtN/ +Te9lmYzR2z0W5sEkJQKL3szcZ9yxOmM8hlAimfWU+ajRUDSQcLdLYKjZjwyWPpZLPOtzA6ir +lhZP5igRxAeV2ZP/6DZBbzYDuIi4sky0/zzoaefyoAm40+pMtsBUYXCcl66Xd3lx4PFF47UC +OsIqUzLNpnwrYnBNcfkfqv2wRfEiPedfVhUiZUwpRAWDeAnwqu3dXU5wM1YUnF5Bbahk7nCn +DKLF889zMvc+AjkGdKJcpktcMouDjd6Hip2DrvJsXlh+si/YFJFTXQTr5lMnNXhq2hIg3kFN +1rudiorvHJqPPds9mUMblKlK3kQ5x/7+yJV4ISUXp/Y1k8fOzEIppECQ7WNz7eII0cOC2DBz +bynqUA8rCTWvjL9fOJfCIth0vbTjv4kAj9PQ8soIU3rfJD9oPyJ0rOjJl50auzatiC2FQKIa +jlV6fq3mahZStr4ccPgrV4jwwqsE4yD9c3LEwCqyy8jJl9o0/7dO2dS72MdCwg4bzjWZsKZu +oqRIMD8dgn5ea5AZECycLqJ1As5DvhJaC6MEvlMy8QfWmUk6vCB8/P+R3x5/qjm1eZDtSknH +iQIcBBIBAgAGBQJPcGv6AAoJEDSoAhYftwXls7EQANn7CoZlVDGf47Wc48CWHs6JG++8ehi4 +RAmGdXv7GtLH1Yi7r4XKTd0isBhWLH6JK7qQkPqv66/1BiMdbJQNvV+JEoAHkgOBMRuED+bp +JnR0bqOIJEeaMus5MtPXYqUc6hPkvWe+tcMoYoN4xF1vd4As4L8dTAUI+QgWyaOLLJUPM9Zv +hTOLdknkhTkoUYuBHDGWn6SzYXUZUNSqgvJP1ljxWiTzQxAODFopWEBND7z0Emacmoj1FWEZ +jjPsP+iFUqgzhsgBJVTXTmnU+PzyjqgkMpfsPPhK+cTjCp0TaoRNQD6WkjpiTiPvKAGMzcu9 +cZCU7FGWSDvZ0IsmvTr91fp0JLxuLrm4eVhx6n6ZP8H+aaWE6YnciobluwkU/3Avi+VYcigU ++VJTSIgbHNa/36WK5LLrD4foG08E5UVya/7S23xwd8LQ50udKFlx8qA53uzVZNZGVHA9H7cG +EAB68smu3GDv6WT4RWNNDAZ82cg8iNtS46DaX9tXgMH1qIePSgxKNAdDuO/kHsa8QBzvKRwe +bif+AtZpsWnFrOPNxg5Ur5DtqkrtkdiZGuOR7jo63LKwadsJL0WRAsmw0Hsn0WCHUDovpgYe +rtHtzPkJRcRUGTksRIb27CyVL5mLTwosGqjWgNUvZglFgo70gzUBjSduvmmyWOV3O+9kmapv +0KFiiQIcBBIBAgAGBQJPn84QAAoJEJq/00kb5gAi7SAP/iDgOiwHGYjPUo9PobLQC2s/MAb9 +0uB3W0JJaeBjUVA1jQariEU4Bocr7aObQyKyhede8OmazBPiGY5dpS5ePW5bEbqc5jjaxgk+ +ccnCXQNBj3Bfdf1JXKB3o3cLlp3nkIZANwSDhUW/HymvltOGLvz4oG9+KScH9/tbfpN//WyB +65mDfrV59Cj+dzqTE8qqnP4ejRIeJ5kXrGzW3hEqf2TU1FcL5Rj5OtxzOgGJVIqQTojqeier +G7LeboTMzA0ix1EVtvqQnvQ9HwA39AW/wwzQRWegdFqFM32zN4NHMpsmbnS0SQ2mQwSbUVhJ +vyNuiDZfTYxWQTbeFjr5WYcWY6ylFJBclNcoeFv1QzWDF/qfej0p73U57GNV0gTGIuZa4HD3 +ddGPZPcaKOOzbCCbyRSIxfOflffVfd3+pvhrHCe4k+e+ETBLlqnAjk5IkZ4S/4SD17iJ/tq9 +XeoL3mX8/FuQdaddLo/E9dwT24SAgMkdsuLbuGBVz1YrPyEJwU42Xq8PX22oO6FwAOpoeVjB +nOLjvqLW3CWzpNERr+Huzwjy2RrN3dDoGvlbmLxmTSrDnVbnDWsj/MGIsItFzjQoYMOa1Tn/ +XgeK6PbcPL49/E1tQVdEgL5ywjEA0LQ/lMkDkwtmuuNaH3MgA3r5rb6HaNMto9m7Mq8SmCvh +kbmZSepPiQIcBBIBAgAGBQJP3CmlAAoJEKjyxHHiwCYtGhUQAKbn2Ex9kAhojxGmUQieTVyl +oGVe9yW+4rYNutqZF0i9sEwTxDwNaCHus+z8YOo86FIcmAlICiqZbIYuKDnKwJR6pTD6Kwq7 +kqvjopRXQK0v48kx8jyOZ5aoncY9+5+NUrGOKIZ+WgM0VvBnz8TjAEANLnJ13b8MlTdy+NBc +KHwghBRNSS2PqcRh79tJ9AM5/gNXH/MRZoUi+lg3jR7T5LavQRyBlrZ++/bIAE3iXrFUcNga +Gij/+wD4ZrMvkNvpRvTs7jdaSCFyx8kQ6bT5bj8C/gHEb/P0mIgsGD5Jea7LezUtGei0foAg +Ie3vvwRxefm8Sak2MXxyAr1sA02ckbOl1cUwk9pOJsjSEYe23yTCiyqqhGfxPlRaocRq0yQM +xr+/148hiB649TyaG8wp3SBAoEme3cvgrQUzhA3KjOKivh7QMcmniXbPuhm4RzC0qY8Z/AmF +MjQMaj9sxlTzfdkIb5/og44I74gPWKQ7H9Ece2Kk2cKlxxTzngdsWcnwmvsghdsmhUWu2v0d +wC9LdcspndKghoEb6zH2uncGDEuoFEZX7xLTLrlgsrZr6OFYUeqiKKgBG7r+srXQX0IOjyRy +1dvqEGAHzdVh/os9UUsZ6qTq+FUTJG8bfqm0c0CnQosjS7XYoA0ANy3HTmZqzkvyktk8fzr4 +Zn9duZNeLMVMiQIcBBIBAgAGBQJRU1/VAAoJEC6FgOWXTVj5xoUP/j9LISaPHatWFTFByY7K +vv8IOaeHi+1bNSJo+HK3HZdDlshlZI/c4p98Kp4POoTAqGAKTuo7Kqt9DU7PzrGjdAgVV7JZ +fl5yuEuz+QRMFLTACX6emLrvz1j8q005Fym7wyIqTEbJoshO+c+P8OcS+vGNPsheURpvRKuZ +juxnVe55K7+CuRh3f/sloSSIojr8QoB4M/aPdXVxIFuLlXJs7eKASOJQlqJYErhRUno3jDO0 +PDKh8cRmIieOdgfMmKcZbCN0PHftD/lUdxJObiRsPMRaA2+k9I3W0druGknx+fdEaVuw9HAg +AGvDAOw51f2qpwTK01bHE4WB+TN48bRJys9vBYEq6feGxjhhm4vc5nv4Fqw2VLt+2DZszfk7 +TAuuxTZmiuqlPAtXzTqV32QeDvnZwL/X2byEAUcrew9ulf2Sk50C2DmEbQe8cuW7S0TlKiDX +5b/uxt0NyJu3NIHlvaWxcp1aEZU0c3N87gx/jHVDW/YCzC3Q9DOenzGxwNzBCeFOUMYhNOpc +DMhymHyPiixIgYe9Ie0h1nm9a2lWh02D/QQoQ0T0RtoGyyNlN5h/wkUe/lwwGXnWabcUQd06 +QVVnBzYGDpQWTFMz4vDLMOOHOkAVSYhFIvFk9hBM4D2EsWP0Ed5vIEFF57Kqi1bFPKNObVsx +sECphOSdjZt1DhkpiQIcBBIBAgAGBQJR0fSkAAoJELDdxzU7gEVG2YAQAJf5GuDvADVt9duo +LKqrMALd3r7FivMGSpHMvVh8hN2impbTaseAFO9zHGbhiXOzZIoGualRJYpYYIRCTDbvnR9U +dR3mUoObCKGlPNHBWKmGobqnYTMmiFK0fp7eLTUF66kXbi5gDgREXWKhQZhFE5LU7NndtQCi +0Ov+NpHZVdtKo3TvMdxQHlmGUSxtiahdUmwnWwpUDvD3i5E+Pd7x1EXEgEApaXUAN9/3RVT3 +TU6RmcJRS/JwGqZ+PhNP3z6joNV07Iwjt3sg4a8E/nOfz4p1d286PerSuD4gTvAPBbd2K8ov +dt2fW5wPQ6L+Wr61W0Yfsm0kReTRdsEuvWuqVJEwBL05+Dt4vwy4feqFtHJ1jrOrfxyq/r4F +x7Dsw5Hu+EwZTQxQz/ic/s6TtHL1bjlhJi0NcUIlQZ1k2GrRgA377SRcTPzoG9JE1pl7wrA0 +0WHX8MN+WK0S3RL3CzZSTYUs9wnWDvjyvG0h4TL19JjGAxeRbBFP6hGbstiCuONc18exzPhG +G7Qis6+x5MOsH8klIi/UsP1iqEz9L+g6VWVDmA5/RyvqMbpnm4p+cRrsgpwdD+L2ldRj4yET +Asqe95kVvAn0n8MMC6USbEoFxa06UN6FUVKskaddaHgdHkhmkYXv/mh4PUP6+Ac6CMYgr5/b +aoBffcKyxtU6BKSBVS81iQIcBBIBAgAGBQJR0p3pAAoJEJ5WTqUweiaB2PwQAJ4QmhhljB0h +fptjsr1w3i9qainOwfdETno8oFi9ymv2d5y8u4BgD89KTCOTpdNm9yXZ8k9+HYgkbvw2Ev31 +nR2NVS2fYWM9mVLfJAZpbx9WHuR86DSngMzAwhmchsHJEg4LaP0Sd3+jG0MFgDAX2XFPoi1x +nTraEWxgQmrHV8dQbKG7UbYhrBP8NHVX0IqpN6kHJByV+l4AVXFNG1f0Rt0tv6dIjgE7QQPe +NTjnBG2zpJcBSl9ackZE0sBj+W1flIYFBCPhRk6k6r8nZqfXzEnC8/y7jkGGDLZ6l6yGY1sq +/HJlERIIBO3wRqJx87Nlpv6nrRBbHIdbwcN9xz/GhlpmOb8r5HOt5e5WvwlrQg0KHaP5p2H4 +NRvyB9ZeAFoZ9JQeqz3Cvnx1o6wOvxBAvdJBLCPTCT8mHLgOpp03TaNHMakc7QxFvwU4EHdh ++mtS8PB3/t5FCEZ6lFDjKQsppO03IYW8iwUdFhFLBw5gFHMuKYckq/bznmNQwSTgzDl0MLHl +r1jQKh1VBucYPVM4W5oFpiopVEu4Xq4g2mtJWEZ2O+7UGYYPJ7hgXrNXNEFbzQ9kgzK3Fy5g +ey9O6IbeOxIQrGfX0CtCbq5ZkC/ApBWgAZizPnP6ARUX34zhwLiv2Hw19SOG89HWk5/mvQna +v5iIyLroPS3I8o8ZK7lCbRQ8iQIcBBIBAgAGBQJSGzqTAAoJEBGsY+COqmP35ZoQAKSG9w2/ +C9JsQELX1LG86lquddeAq1gUXjBqpztLlahVWI7/WPsAp3IDhhJod5zswDilxUXoGp6GWzLL +tu1+yfBtQseHVyMbaqymK8t9V0Xu7eSEmjFSo3wQh6R2OoDRYGadQcKjph67yEqA1dxQPERb +nF0kioyCOicX8r850Qex/YKTul3SYYZvtbOrUfWJ39YSzHwNYl/VCe4TlVNhyjovXwe8yiNc +ivCdg4svr/ao+ZRiAXATNN50AuL3Cj8SpP4/gRbxWJ0DA5f6EApmQGg6xG0uoC4ETlAnxGH9 +j7+xsLdw2CMDz6IwYcRn+Cq77Md6uu6+IFdgdB9za6ghrdQvp1Q4CtY3Sw/7m5noPYIE5Qqr +dFSASMwiQOGF95BzHopDtshTi6BvTXjho72rOqWph2i+6GJJEdfYP0RgGfcxlqYG9O74WC0s +E5dlBb4Siss7NRTgnTAec1K4tLQ/MQD7TMvG00KJO6Upk5BdTGrNk6nlcVnh1oPDz7oBPVkD +KWYyERFLGD6Xo8+FbDOjGAzEpXiDWNJjoMJ8CpMQ25stSPpMyeHPy+v7mJB1aa1/uTzKetkL +L+O8ZC2N1tS0C4y1nIvTsCg/Q2Dt7eWD8g14R5UaakQZQ8/RQR4T4Vf1Jhg6al00YsI7Rz5I +4o8D/ioAd75PWwECZPQelbyJa5MhiQIcBBIBCgAGBQJRQw30AAoJELQVa5cAAAAARx0P/j7L +CDdx4GXZ4FEWQ4I5MFSZgFoo5abIw1672K7Xje3BDyRNoF8c88QLNEChOcLDsBvSrMZsCyLv +sWjq3FYbevkhicsf7lR2ri+r9K32gsSXjZZE/FdP/ujYaGr8QdZfyRBStPbznsBxTHpkbPlz +efohGb5Z8EnBEi9O0SI6qyIbuAbMoPTpOQVCj7dCkxJh8Px4XM9jSzCo4OsOheX2QuPIgVMA +yr4B3Ng1puskytBKfmOpa+0LSKm+71Ukt82oCjtjzYCv2my1x31lx3MkeTWoTHYd1xhFTaKT +Zv4GkEXc95B+Z9DEHvwXl3opFfoEvOAvZnMR5YZdcevPd5b9j+1yfKqrQN20QoUeyYZMRJs6 +3S8ga7GXrFf+5o5KzUv0yaWh6pcm7usNNJvn9A/fiu9lMysCDOKUJbxJAOV+Aa/RRcb7Asxw +WYFM+El6TGlvgxHtNmG+qrZZM5RgNwQsc/p4SzzuPKFOzLKm+QdN1MnnN/GtLof+pVgwZEbs +K/GTP20zsGV7X04uS/SJMIWrfxzs4fJajN4Fc4FsQpHEbS34XQmfDpfNa9dNCJmc1+0dy6gR +Im/c6xzFe4VZjFjWsoZjwkDsx/Fmd3/grWKhmC+6rbcvoDOK/D+MMyqdqWCKgJFU1WEDXPVK +y+oPAE22ly104dBiJbo8L5yQK2EasQN5iQIcBBMBAgAGBQJKiWpMAAoJELGt12McQA64osMQ +AKVunsl7Cyw2ZP0p0lTMPPeNEL4d8AMPS36b+CzZi5VQX+yLewYHL7afFH0Q94LjD0nFOwsc +cHQJWZiiz1hSXIKPUyVxMe+SL1Ph472Dw24QP5EMge8ESJ9s9/aXiIHA0X9zc15LANjXWvYU +cF3BnPeAYMtKW2HGpFGPUTBPVzHM3RASk8HJ1cRB2VWLFsMxOeA9aqwmD6KQjwacK1C3nLFL +csWjlsNaf1NwyuoL7oetw43gN3niZDbzTMw0et7eLA2cSOzeKk9sNFiFQNBUnrhZg28jneaM +bxtCSYdP+3EH/XGMGw0JTOw+pt6y7VSZxYoXprQ0LzASP0S8W89aDiX3tSzoxJamML7yPLbt +HZ6L1qvmt5pC3oVJlie0An9y0XqPdDz1ODJgu3BBTT4trS4DioCZ3p0pJ1Sz67wdxM+/B63y +bHKSGlvuH5IGrSXTUACEyxww16GBN1E8tSWd5t70i474O0EMvNDySOoXNH2v1WPF80UvO1zh +R6Yx16BkkOweCc0tRkxER0Bn3KtXyYbyvOJ/4ipwkCMgeVOxrUqRO2gwPDgyQ9Zkdr/vd3pP +nq3RTjKMp5zwK74BIXszR67AgdCW3mugKGQyMWs70sK7vC0tjaR42uDxOclFpfkq20w/S6vD +t/dmq4AeMVtdPToTLLsDpmkceQdlfUsW/qbniQIcBBMBAgAGBQJMXHhaAAoJEESqNID/s5ah +weEP/RqynpYC4MBpxHaa0CihwDBd5SHFdSpMWS6cdJrNj3cRh9ZegHtTLPfIe6fqwJGV2jFu +NqXTsySzCtfjAN8QeYKidpmZByBP4r2XtMMuzy49AZq6oHkLjMN8QHwRP1Dx8RSc6PKqK0WM +20URPofnDuALy3h6wjrLdt1Yp/rGvnhHKii/lOQIUuDhVKUjTnKAP6hDRHk1QlQj2X0gXzlE +24+XKoFcFTIpwlYQfI+ktHSq7wWos1V2P0+M7NIMSITLaIVMGwBh4/Iiei+t6P0zaC8OyhQ0 +WFB2TogUeuaAM0PZxAnRMneji89lbLXltYbqdR+HPHLg+czDy47MljHq2nO9LKb1zE+zir47 +JWyUsy5yvGi701YSRZNjTUJ11QKIca/KCXajU6OmAHOp8KEqchndb1HXH9TU5LzaXijU1JlF +xTSey1k3GbLZegcdpKiZpJDihpgDscP6sSf54pho7/ldvyIeeJRB7mgbtz2igc9hSS+SCL9x +2iwQhDH1/sH9E/iirrDqa7TMTXgNMgcxZB5zpNVQkp7+KGvhJZrHhf9NXWu6ZaxYfo6PpWIK +0tc1H+iBp42z1e7a0HuwTAtteMYwPGR/pD/3rR0Ca3lewViFtPPRUhfxIG8KEsfBrrFH3fzS +GIS9AZi+jWsB9vpDNdPT59YYgxe1Hxj14uR91XKwiQIcBBMBAgAGBQJMdV72AAoJEBtCZYeA +cdrgGl4P/1sKQ3mnwwJ/kNSB0E2B4KMX7cwjodJFDb3FhTMy5z30dRR71go+7OHezOogzuRK +rPyB3PlXga+NDeEYyRQrwyPh7IOAhLCPgwUOfq7wDnXjf9Q3DEDMgPSLSpIT3lPmIj7+8/b4 +EIttRMbZfWFZHIvMmAGZdVQSxmWP6EXW/ZUvLzr3/IBcb+jIBbpcUUiySonjPiEFJpZdEyj8 +LhDjADzGx0yMt3qgCt3PPQhCyVIQCNtjtb0CdETlWbeEhMssncgDBcaJzG+NCc3eKvTduox2 +M26VxpokPSu55LaeDIdKQAKzUNr5XZwDQ4vBIJalTe/mpIxoJudivD4HfD4J+WKBJE1JiyNI +SGwDD+qR6V7NIO/XGlQNJtZ8jeLikQvtFP2W4p0tusZWk4pMIuMritUyMsISpI8nvOAu82+F +xoAcft2TC2qTWLrfb6dHcSmBOIbC5EjKIYxPladH0KzUe1zHrKtFuJRxa9zehtOv0LivbvWS +X8vvaZjLHYMzVzHlKiR3el6kp6oJu889ECWsCadsC4UQBakPzMWmSjUVb8daQxDJsQqiWfgj +oH/wrdxs8PDlniL+v4OCIM2ANjABKLY0zxxVkQK8X89oDWOaccchy5Ai+knTmra9VjEVPnXg +ZHfgMk43ZGH10YvturEbgQc+I9uSptXWwhhbDP9lrT63iQIcBBMBAgAGBQJMe9wRAAoJEAVc +LB4tbCb56xkP/RrM1pMMM4AyT0mlMgOJ/HvIk8ynfk6uq7M5UQF+oXxEfhGBtnZ4m/k8ujup +6EIo/JXwTLJ529bThio4Mv5xWJDb/UkjMe6n3xIyizHtE/ux2cFODMq3bjy44ImRq8Bm3xtN +PBDNr/QA63ie6I7Flzi56X8vXEg78SiqxbQ8p0LlK/wqAKum9Djd113AQzS84lxDgJt3QtyC +Euz/FwDYZPR7JBsynMZdDL65KWg7quMUeG9I4YPscnl6vbuG0GRX+yWdK2PvVqAtgzMHK772 +B7qTFhl1xzZkG8IvolXBAlf+sCTzCcnr1yaBuOSB4DLCOwbzlXtGtIvB/eRxDJiY/4S+N5Jr +vDaJx7mN+nOYu7OMoIkMtyge37TGrKZiyIxK5vg8sQy/tEvq1PuF6MeQrR1AfYHAMxAcDJqL +A23VDTzy+eNOcofXV4KiV/5WTleeluPQBA60y18BpN3HDgppJnBr7RfYpPfj68c8KJ+mLuv6 +TInlKHyKIkkuhPHSdUT5mL98TAFmi0dgtzonn+0LxIu4AjJAh+Cuys0cvP6eBHfrL6139PNG +6rUhWZ2tP+9doZejvGvEdMnSHMKr9npGPbDUJnLft7HLuII4pHQZJ/hSDu98FxemL8hT9Sqo +yOB6+oxQYogyS6fpt0Fbwrr73oTnXnq3Wj8tK9d1bIDBpqHYiQIcBBMBAgAGBQJM+CWBAAoJ +EDLmetqs5O3WRYIQAJkh//hlS1txVVOTrabBYEdGlEwK//Mojl82hlw3zcz6RsZXI4zQd2b/ +uyLfZ8VSHsTUXu5odBJHCxkhGHiiD/sRwnZLYd/Y8HLg6qA6kHKC5VAvRvTRV43oywd8rPqP +TCz4USi6F79OEx/nUA4nbX8x502ZES/yV8DCKhWNOhwdBXCVVH2mpG0kfYoXKiU6kWGheYrz +JfDv1iO4WXScUj86RjKEY9gqyUKxm/RfAvSlBgBYwtfhZWIArNoiC6t1dY9YRY58jjzzASPV +FOFjYFYJLbtQpPnIyAXkiRAoeWjLzSNJJdiOS6tCXiNoKGzYMMdGxgCINvzW/U8ET/dXSNJX +sVLTDCU1/yVJP/HM2T5iXaxabePQahJ820gMRl1BVio5CDjB8S357w2fjL+2TB6oxYDAiuom +Dy7GxeMwweeKgMTEmoIxAmlo3CBkiCV+MN5uTk3ui5vC+OsTmRw2zwG8vAGZpBY57fQCVT0s +sGPSG3UTi1D6rGkjm81ixQ5D3GUQVXvgYBfIkMWkhuhfp13jPN8fjO73oMEtBDxdNT70RJM0 +38Nhf0K9z5N8DbPxbfJ5/lcmnZrwRIKrmPLtbUiHjMKGbVeI4WxdQvbIWk0BmxKIYm1UN4CD +/hsk6l7Lkw0fUihTEX1ZteUX2T29ap8eibPuA4Zp6ZmJdIyn1+FliQIcBBMBAgAGBQJNSmQO +AAoJEBZSFE4bgc9eo8sQAKBPcOeoqnv33yjkhmDsYWcvbREfxGCWOTuhS9tzlDL7v79JO5nc +L3unjEDT455CzsuAnuqOpsuOwY+japDsf5bq12z94Hd/4T3mdp+udydR/khRXWLQR50KCL69 +UoLhzizVZWKjAE8rMvkynp06wwn3ooN50hMCre3Zd0QcYT8DgxlDl3EgtsCc9Kl0vovhJUkf +E2M/Hnvs0W24zk/c35mTcrRSA4NNGvPmLxHNfvpi6V4j0UNw6Ua/RA/MJaeHao9lS+pYvDvW +I/cJHp2X6leP527EQICAhyySbG9ksPjLoFoCaSIUaKTA7xcayfd4FpAzj8onIJxz8RjTp7RN +uwUIZmoK7eClYOlcTHOHIBFe0y7elb26U12R3n6sZZhPCPzl+afoxgmj4ozJkUXaZJuqhXer +cpD3b0qcz2cVMprQKIh4iSRbVl81V8872EBaC34g407auo8UHdKA50TGJTlUOAIiX7TC7f9b +Zq5qPzn8XXSSDDFxM4/Y2oiU5XzzHWqSvN8myHMVcrhPZEv/lKhocfvuJ7LKJSH0IZZF0s++ +lEAypMe8f2yuZr2fUZBIlI2qEyxxSoM9xFGtcE+66LmGMpqt6n0b2PGQi9ddxC7czb9c6P9s +djFH/P5ZTtxg2A92pRr9tCgPlx4wmoNqBcZ1Vn4BoNLgvxwI869TvqpZiQIcBBMBAgAGBQJN +wg2yAAoJEGuitcy2zKMTWScP/iVvcl+WCG+Mvi8fT7V2ZyY3EK6Gyhvwks/LDB1K2VCD728V +oY7VpS/kYjhGPrk0syISEwdI8x7u9PPhhkodap55K/VKx8GRXIWy1m2JCY0sA74kjrVDL/G5 +PKB0srvG8V7UPQPnNXK/IpzlllEOTK4I2rudQ3guXeGOJzzop2rM5fbBSyCkn4nUq/MCqJb5 +GCaqLRH75UJXa4ibgH6lwdfjDsZQ0N033ufAvivEqv8HqTiPs8v7XBxs8M6qT+O/eJlvCVug +xgM1jqBsuH9gpiyXpu/ZLj3cvBJ0Ai9ImGR7SNf5hPry/8PDes0oKrSp86Op40bqW1YClfcv +tCgaFwu7jiQwFZ2EGaKBNjrQtwKrO9QuGql1ydVZwcyuIVmthboyNftijvvExH1IZSR87Sle +IJu6sDunkcoIKsr78/yuVAXaDVPnntUyBEFnVd7fcaj5Otvw7bkp22LEcCLunXtfWOCXevhZ +dAsNmlMeg8VAGiAorgFGHDv+5KJYv35stJVt3khckAytG5n3ttbYEIPjK2Q103KyD8pljk41 +SOM4o/+sO0wxAZfxWzmfC7AFu9tYjwx1eZSKFFzI+Dqjc9oD/d2EtkVkZzro/xEZ/k8LX1RK +LmD3y/Vv7EBnXRm1MATKM5lhqtcYQXekA66J5eJ7n+b0/IdeKIhrHo5BA95viQIcBBMBAgAG +BQJO0ag4AAoJEATvAi8MGLnMeesP/jBZFjpcGQxtuoZGpkQpgNGtDjTGxjwEVYfqjWNcl/Ie +bu9s8RilVPcZK02zQLSKhrZVaZ8oZEKAaZHAWKaCQoXYQkKh/TUZBEEvj80zuytW0MiwQacn +7RP7V1+2fkpEcORhtixdAQmnYsU9+Nr4XLSg0ZiBtd3nTAm/Vv2YMLUlpdaZu7RKqfByW6u8 +1o04sxDfIjeCRb7u5p+xLqYvCH6xW+MEZ+aOQmpOEWRc2igSYsmfn6mO1i4N1zV1vIURN9PD +jtcdkWx7wgTqN91ba3/f1z2FKbXFK5rpYlNq/yti5zU+Ot0ieEkUw8vlRGEpVWDVQElz66YT +qL3Fr7XEg9obOBayHk3hJHkDKKDWkIazonGdWQ2uIBF+nk65V1kDmVkdGPU0VzqwdBmiSpL/ +xarR+tjdYnkr5yudB9cEWmOlorwzskcM6gDwkPJEu7axMiZqGXGomDduWmh0fvkrFjyX1WOs +Cxp95MI3WPZqKO+v/dGRwHV2aWxT10tPFVr4hN1R7wIz4GwR1790mw+pQDPf7/eQ2vD5v0Cb +Apz1rSAFL3gNKZyIf7L/WFmOvHFLlpebdUQBatv2gIvcjb2sJD5bJLApIk/+6G4eVJTcq7dY +JhsUnbtBzqM7jmkwALFBhO8dFwdEtRixtSEW9SwVR8E/QClaaTUjqKtMR3qooUeUiQIcBBMB +AgAGBQJPnq6YAAoJEB82VmUXk+wnNtwP+wcaugLlL0Gq8wDauKaB5g1Sh5bxjRzDlmI1/qK0 +mcS16xMXAlUwddD3mbgyya3elqaF8TP0wt5krHiQ1ISPPPMXe750sXuv3TpsxqXdAB6t9DGi +NLMwTaqlsTufiQ06WcO2cHl/IM64sNwVH/0Jom3aLpx8hUDrJl0uDO24RBdo7f+/3JEHXSjI +nk1DCwqshXzXr9kZ5rNVVDXIhhQqjiLhLmW8g067HdXlHDiiLovlgUk8mEO+Ai14G7Laz5KA +M5UCrVugly8fXLugEzmNC1sOykE6Dl2P+27hkg4rIahKQh0dwXBxAWVPC+Ty8D+tM4hyjLMS +E4iGay020vO0rbSTWL/96W1JL2IIegi7Gc9zSMsytwsz2wzPljmwIyNXo8OKufIc7AGBFZjR +8ej9DpYLol1bAndN/ifVczAgXY4by5smFDnP0dVNi6TZrSz5GZeztBaS4Jyikbps/75BYwXJ +PHDzyvE0bse/R8fhMhIyCmflyT1KYjoMleEm+/G564yp+HVajmMY5GHtkxo6BfyC91CA8Tjr +ErynS1BzlHInAfS+o90Xji+13IygSNYpfzlpx3ZWk3RWjzp2X8s7t5HS4WLZomJFTC7pwwY/ +HpOVhl1R/wB/f57nYDNmE858Qns7749jOUHHOtRd/fIa+0DJpHeYhHAfMvswFnDy9CINiQIc +BBMBAgAGBQJQJ+n8AAoJENuRe2HNDNFuCrsP/infQw/lRNxoX+ukI7egQXH9o0RI+/fj0u6p +eyh/g+s3azATZM7Cb85OyENuUqwxcIITMRviqzkKbvgGbqdMdW1xXsz59bxocKmkzQmL3pz7 +Iaxy1599OXilVMHrgZ8sCInb/jC1Us3FamS2lrooII1SRVdhL6ZTKgsaLqryyih/T3G7Hwob +CiFVAply12wQh5osoLJTyNIVKx9/6EI3YRr0HA5QjSeD02kpb03SxZ6kzBSgCh+3XN9pGKcS +uzwp5Syo4Qnlm3O8lb43Ciqb+RSaPD7xgaIWtI4QbQVN/XGQYGyyEv5hTiHqepgWN227aZwK +WyFPoNIeZzbP0FsPrGw6FRJ6KZjaiH2W0p7EM6cz+IOZm5Ym58tb1s/2a+yBnGLCrTpFUX/g +zovzf3680VwF+CXhrmQHySzjYGZQNa4SS7jxPxoPIh8EugL0zkfRdQ2fzycbPqSVrHVAuwKk +9XIchBNY/L0B5X7+KuCSj2zPGxRF5wUKIFgiuFpw9qbhvQ8mVCto1wnw1gNFqAo18tvCA2eD +nw1mkQizEcSLE0PqIQanEyVAjpR7smWXBFakhUFwTUySKRshGJDy92/Jg4jaATa6RjVolRM5 +lnlQgPfjjCuiUWMXkSUgzkbXwRFClrY4y7TJW/EuWq5x8hQ30mQedIxuDs0OQQTaXJqXlmBJ +iQIcBBMBAgAGBQJQaIYLAAoJEBC6psr5eBn4XZcP/Rfug100Oy3BFBFO3ytt8EVTeUvuiYo/ +kwT0RiMu0BKhkpMVY5ADVu7p8aOFpIiDIca07IMA1AQhsTICziaZ0cw9PJSQSApN/suKkY1A +W+6fw5hGEGPM6ywsQC4ycdQvn2z59wbEhU9LbNUWOlHMSQAMunQ8HaEfw/UCQprII60PsS9T +6zwRNpQSpokKwckt+wS9NsRJ+77s07DgvFS8f2fZmEq8lP6JtEZA1WCrRi8CwZAP/w4coI4x +J3MpcXv0FpSF7Nu6gskYZ1zEOg78qxhp24jzIhK5hN/vKM9lIY80CsVp3gpkR3U0LRaOt5y/ +kmYMsT9Nt8vcFbF2wupY2F1kffY6t4s46reZDnbZqZ+CDDHqwxvpNyw3kDr5iRXELA3v/4Yu +3id5bOBT/Q6fbox20fBc+7vRxe/T/SkEKb3x2HX+ZU7eL5PnVIfJqqhTllu6jEC5p9RXd7b+ +Gf/6yrBLV62/DXgATBwl/b5HKxzZbkFwMehkFUIhRuwkf1EqnkSGIOcuk+giJ6aTnBklb7s4 +ByCk1OSifjr1LXl5KZ3Zy2uOL0Uzl1xPHP8KMuTj0YGA5pt14Hc+4qQHSVYhgamYhviUXTW2 +HsiGB6wpmc5qUoZ+lv8XcLuikjO7f+uRef2CPiuC8NFVk8BsWQZMdHfx599Pmp4VrDNP9+1w +J2iPiQIcBBMBAgAGBQJQaIYnAAoJECexzuLpm2tMwE4P/ixEdB74IkTTtYdekKOK9Dm495Yj +GUAl1Za8rG/JzGBKPJeiuQjsp282sIInOKr2lqI9QjGikfb6nS3Pf/jc+v+LxmeDl+rnxh3O +BmatR36/IAUJyNv8rDYZUNnM/g1PSizCqg3B7V0wKkoJnsFgRialKCtz6nEj3oZQc/1Da7YS +IM4XDkHVCrVjJHWEcFlivsk6x1UOYuVlShROPsC3YpX9dE72ub0kQaNXtH2svmE7Zy9dxSPI +rOI25phozShKWq7ZRsIgEMFYwheRHuPU8IpwzNeI5fbZjbVLa4U1wAVy7+BtKVyXhc7KCKx1 +W0AZ8QtsUaLEUzqmRNzrr+oRdd17RKcbJnPc3I6TxGem9j5G97SkQ2LfSP6ScmdPfi0NQV4e +Hoc3lmFdMzIheL8P6oJ9nePX7YwO+y2BMeDrVq8HlziyVAJX3fWUQBnuPAJl4JCJK1YG/z9y +ezXp6hIVhfVA4xLFWjQI49QENNDbOUO7woTZvDfunKrBTNGALaVudryP/BmG0uqkPpjpK4sH +lJStMrzSeNOF4mtgGQBXzYmVZwyMv8baG1H0sgASyfeaBr35eitPiej6r1zS4q6AlO04RJo5 +u7UFX845W+vTN8CLHYfqvzuruwqa562Ih00c0vD8mO3EMUnjXUPnBUUKHvfITAlpN5MOjwr6 +quX2bukoiQIcBBMBAgAGBQJQaIY4AAoJEOBbJfpLobuQ/wUQAMcpI0UKL9pABSmn2F0WLDEG +DcuGAHZOEOHkWYlACWeZ8OfAP60fhON2MBrrbZGTi4w2Vk2Yyr2JeD2/4ZYwZcwOf7qay28E +1MwjGjRKjppFXoKCPn66ZNg1NlqD+yIMHQ3JmRZBicdqNntOdk8kw9/ZVEvVBrSekAz2xUgG +aq1Xe4Ym2a6xXRXoCbqiKmSy8fe60EYRgSWDgAT5elB3jRe1wkV7JHyE+XQ/uQlzzhHeVjNo +W7U0bN5HzHPTrcoDUiJ0sympYEwuMP6khqOyQ6jWMA+NEJjmtr4qMNpGM/xNC9qTCqhaZYtU +Tmpx6uvPJSDM55M7ZlxyHQz+KVIS5BdgIKWeOMvjBG7pNCI5tVQgeDaWStY9PckZDKie3zvb +kj2AjG6BnAT81flJcbr6SsuzZmCPkyLlDfKZN4w5QXHQox4tSIeJeXMS5P/LRTMdEmlCUs4x +jyb2n9YxTgtHvSM+pvpFLucRcHVgbYrB6VRu/dOHa/9TptbZB1BY07hgb2YKXfvOWsOsvXuM +QXTknqo2wHm/ddiPUS4wzwpjq2Yzw9UOaR9k7bKV/RatO7VCNIZ5+ivnQCoxfeuu5deCuSC/ +kY2e/gw9grrm+PEu/x2056OV3PMM1czCsDVqzNwDHDiDA602cvxZ5834M6GIVrftSuExRwAw +faAOEuO/2nryiQIcBBMBAgAGBQJQeG9IAAoJEGDDgS9jv/N6L8UQAKVXBM7Frd7/Pmgd09Dq +ZpXU9IH4lC5zfjiWHSnbU+vxVK4/7cKN6vb+WGIN/ui9ADem1lwrqhe8/qKjEqiMNau+m4bp +IUUyy7/ltrW4QRMOJWuUu7canbPUB7hF70JqP5i2+tz9K3fS1yVJlU4wbMLcpOAVniQjkm/K +EpOrSXC6raeYfcsvtaY64kaWzTpXhinUmhWnQuCa/VopEZJBrNsNL9pOfT2QnBYoeXtXv/vj +AXnrhGoFzzhntvRI7758ilPBpKV8ey/1NoJAw/llCSExZUxXL1JlDUDQqF5H0LMNgl4IC7Jn +ELSewRRPNXxfs6lLkwmDh1DBrfSXAtEDLZNkkd3Z6FkmSAxvGXZAmcndGy+aYbs81ladAou5 +X303GTLlvVBE1ZQJvDM2+x+4LJm4sVyl9Hbmb6NnB1VOAvZFpMXiRWxQpg/zBWbV7yaTkL7Y +po6cV5BJG/4reJEd1z72gO0/pqU5d6OqBdlMKNXjZ0VxseRJ3IImVB0dYw/6x291R0Uqdr4M +MPDqw49xe/FvznqkT6lpQUED0XW4ahTjVs78mDiEhMosE5JX95tIKzuP95mO3PkNNO0WZB5g +BbQIis6ZwLORAeUqd8W6B6M3m4YMJ0yRNbppKOG0abX1nOfnDtR2RcbUVxCAvpI0sOpWL4xp +XoePRuyDae34qPFLiQIcBBMBAgAGBQJQfu4aAAoJEB82VmUXk+wnIH0P/3efM4yAXJY8eyEz +LEvilTof655JkabwbWkBmqhKmVQ6gZP4FvlZMtFDsYxQdTg2BSLBuTZACC9HeV1Ew4e4nfJ3 +vRS0qjqW3cinaVX/CTVqluR6yFM7o5bjvMJbV80HG/KeHQewMXBRhABFdrHY0FH5P/MXccEq +gsuFVGbID97TyXQXBq79pKB4b3eNwBnwV7MWZwAB/DXhwabxMar8Si7mJuXTyVTylpM2vU9V ++6HqOvevApbHDcjga3XApQ8heD05VZckUnUvm1khRn5UFoEMXC5A5GjhE8ShlArK1gh+7LLd +eiB8vpr0g0NIeSQuhYIqzSPtKw973M3KVBRKk8KF+tbU/XI43TQ2JzAI8LhuriaZYA+5lRIJ +rbhNeASYrB/im8EOnblutFiRVTaWOySnuWYv9OAyWHi9hrhO916Hhj1yJ30WHDEzHSaPjf7e +nTML5H9CuGCnPTz/HX9za7fLKjSEBkBh9zYFVHzIyszXvoTGsDXmng8mUviaLWc7UGqogg/b +TlnImguw0EdsyBACoo8zNEaRAogFL5w7e4EikktXZj1ifsLhGAplwTFdUidPwBdbBoNTh6ae +6z47bo8VALZddD4jjz+Dja5qYDp3nia4uvfgNSLdYJbSwOuQHsZWY10YJqMVTMtXXQt8ztCk +8qfjZnrFDnVJR7OJzQr8iQIcBBMBAgAGBQJQy3/1AAoJEJBad5s84WDALEAP/jk6YFVCMGTP +7mDb4QWqU2KCgzkrWW/Nv2Vvex4y/j4yO3c47bFsvMqfbAvU0cvzKQzMsgldMBmEiK5IKC39 +uR5+52MtJh6mP1sr2rFk2sfeCNaAcRu0aotK6fACeX00iPP+bGmX4D0LymkIlUgpfqKtnIZD +bhk9/wh9N46kXlCiNt2MI/oK/QEkCOhSA11YC0s7pyT1QcYt4U+XQ8MS7pfGhHLt4RENiPrX +triimuirGX5azSAhN2f90AV1f38kJyvixYxJMVMmwkJIKqC8vWjjvQSDeI7X7P+2RF1DfDyF +Pjz+8rF+RiUewI/2fn4WtANsWdvb1nTZvCUW2yIvQNykCRAB0yQEuDlwHlouobk8JtCe6CKh +1AGAxq8S8h6t540ICtDqitL0C7KM4knzlOjwhM1apCd0hsQ2NUWr7Ken/uEZmy532B1QCdf/ +7etTrI2B7jktfI6UN/y+W/02dC3KBzB2XSr0w1CzfZcywgMFkvdihk5sQ5EU0QsR/jMQhY2I +ihDAIwj9VFxG1R/lsWIBjNQJHGTbQMuqCfeS8PeoWileGbU+4nRpPPMwBjLd2MUkCtMHkWud +Fp7WWpPCawN1ujhCftTpreXZeLw6tbZQAF3A/N/Irf3/mIt/t291Sb5Rk+CaIyRmH+2Txu+A +z3Hpzwwo80lgtWvbBaVybHSFiQIcBBMBAgAGBQJRm04OAAoJEET57np2FM+ELM4P/08YHWhl +8e9/4UE2Fkyhe4aoF9bDhRrDzUeNrlgJxbrSRHBY/HaN/65SjxEIXLaJmsPj1sx10IEYFCLk +Tf8M/Fk447jH/YEEBJSr9EAsnwCa53OqjLBPDy4VlRL0uVbOwAkZIoB5+hO2aWdNqq3zLg4h +GohkatedMlwSOb4dEE+dXcMQbS7fd2+4Lid9VXVd8zAqlFJANUlMV8j/jccSavz5r3eITCOa +ACuTU355fy+VLMSubuh9J7mZ/RMCRtx09NhMCa78hrS8TN/4ThuVkTdIbT+AN7Q5UINcT+zu +kqJ8G6YTxBdbzBBViOL7KzkFscl+BfIYp6tSIPobczCVaodUsIgK+mcmkQwrgO7wEPT5rLoh +bMlj1FlGNg3f2EnKJSy/7A6NBOjfDgrbfclpThYXzIImsi+w9+M0hIcRBwWWCjW8YLo3qJgq +AFtSA+KjHy1E4UgkPv+pFbNqTIZZprcY/E3rwRlFek9bVN340Rf1xlJjPRzNks2UfTPJA2Yr +tQp/EF0hv43pJNjUML5jFCK2N6Kl0RWUfIpqbpR3srDRi3/y6O6ZYorWtSglIZME4+w+RZmG +DHySiQO5lXFEB0BO71RZ6xGCBIFQe2LXmXOUV/nnDfPwl4PAUHD/s/ncgG071pSVwDnr3Y5H +CnFaM1YDkWR8pGXNIiL7HY0hCDEfiQIcBBMBAgAGBQJRxFTCAAoJEEGiSJXuVvAqONUP/RAe +1mDxj+DivJlGAODTCjfOkDqhCUTaT5YZ07p8a3arInzy7YiiJYl2DBv65xWx7M3jBO2PLNqD +FloDCqqyw3Eas21hswpdUvj6G0icC7hI3AV+ccxVToAcwaKxppso30L/Jz2ogQcRSawYiMCr +2JUZ5TicC5TXHwVNTK0bvB+Fr3h2pMknwaGKOMV8whLCtyyjcihRWujGgguMMexc+LnJtZHf +zJIqdV2iQDSANeMCyhz6lIxr1kRN1WT27lZNKwfRZoSF/euWmPLYwwIiL+LFwaNTrMyAF0ce +XIom+mir39iijtzzRB++UllqS7UJCFo7X45DK6Mlxnf/nQVnQFZb0yju3HogmHvLd9vS26g1 +y+xg+DfHvYi5IbfrwXeYuof+qooqU1nJ27WIjSIVbZmho04DQKr/hZdHCFWMoGMdCcFyIaqB +5R3GCaNDLEBVq8FsGOVL8JPq2NBTmDf8V1DNK5cXINbAHZBYLIgo+p6ijl6IUW2vMg+MiGyq +x4S6CrF3pMoJjYhmSRAjOlV3WNWFXHRTefQ4kl92lIduH4ZjuUCow3KcZVlOlyaBf0G9yiap +GmxBtx2LuBwTAEW30z7vXYJ9bIfAmxp06/ybdpxCA+5DR8KiqobvZqjt77wXpCLT5DWWkxm1 +Ae7HoC1BXxKeXsfdIwtyGQRa8jKafe6/iQIcBBMBAgAGBQJRxySrAAoJEP4hOifXDw28GP0P +/A7Bi8oEn+LkDEBL0+Ae2i0XrfpJRy6CLEjZmZIgKkY/WoEb0LaibCpbMzKIhccMnyWEIXyz +E1oqLussGNM4E0FqclUtgWOm0Xt5Iq24+19vVOraDDYmffC3+QfSXJolhG0Lo8lXSbFX/Gzw +iOw1D5m8jewbBxLmvNTDkcEYFFXaLHFrYx8RrpAqU9W3KQw9VO3xfll4hadhVO/OOusHzr1g +aBiXQVIN46ycRgqyt4+b+DN33bvpmZxumY1kqiXc6hzDJzHC6E1EtUaX430xAbntNP52y3+n +qasQiP13sHtySOm8FdwEcIYLSl6bvAPEdXeRS1ea6a9gNPojrSLZJjdBuhNKZBBQMtyJ3PwB +lG5Q8E/2n81vT5HfJEHqriNJD4GNnrMotUk32rpJmh8snTpTa/FTMtLt8TEqL1if5qs6Is/s +DO+laHMNXSzStJIuBh85WG7GeS3qPN0lbxRtH2/PSUMCLCZbap8/UHHdrabZYPg9/Zyrbqcw +cT4j8mZ5n0ym+q0dVO3wOj2NmiCfXxrU9CMssbCFg3UDNFyWr1oQaTpvsNzpsOr2MSjmCAHc +9MlN/dv/bDPlcDR3KrZfaOg63D4hvbqbMYDVWu/+q3gnJqVphr/gMkL6sObtFbGJpsBOmpkH +3pHp6YqyEuutIEF/sjHDBGywniOM3SBIxLUwiQIcBBMBCgAGBQJRMPibAAoJEMd9Rafig0Yr +x/gP/3JHlvC+qRyZgvGEbvF0JsRLrvfvvI8g8vkANx2uLkV3ksqqRmEQ7LtTUoPYqCgjTb4g +JOQ+tfGmaPNhh81KKkIrlBhTmy9jVlYEpYlREcSo848LA3pKuHY41IFybMuHGCrP7CEL8hvK +J8uewx5V4CwpULYmaFk4GTC0pinqNaNc1cRuDO0gDDxGq+Rpp8LnjIInSyKhxHYjW6d+6+M2 +4X8pwgaXFaxL0sXTuItgNtE3BJ208W79R25BeD8NptCwwjxUGDWZMApyAW8ZZrOu8SUzF6hu ++CiYCYaurDBBdlDXoY2FfSKPoUi+W9RbEygSfmGvCTpGMS3paKx1PxgVLzoUW9vL/cK+394f +nsw8/xzCuEjPrLTEBqxt3MXaEsmp0bLkHTB8vKNQtGzeenKuCDRelHuQ7w3ELAl3vKEEhm2B +6tZwtP7D/zyqqzPxWvBQC6UJ4JcZ5Fs0bxLH2xBRwVnW6S2Gmt65yX+Ax1xnlNE1kLW0U62D +/HTl9QQTHWnQB8CRYfr/+ZAuzgBWztXc65uZZ2fhDMfl2nXLX8lb/8CAkRJNrMOhzMeg/m3b +AyyRv9ssdvEfDwJY0/GQCgupKGxb59UvaYYff6c1K/JX+pqGn+n4C0GsvsJeU3UTcFNW6zwB +xsRxiVQ3L32C15SePH6aRs1mfHhnyB+0uD2TkScqiQIcBBMBCgAGBQJR/n73AAoJECAJgggN +dlanMxAQAKxYCagf86Q2b4xeO9f9mMfwQ2RFVZm2zgcArJ8VdcYJFsVsBNB+WP+O14F0tGle +9uOLVrqEpYWcpV86sDMnTTI5J+PGJ9HRGyrlhDXa4pDDJ8zLZhc31mkRhICx+JlTw1JpxrQi +JqXJiAmjDSs0rs2u+N4AGmLhjq0LivSwEHB+nW4ZY8M3qChvigFE8xRdrsLG7V16gPdcf9Ix +3goZ4GtQyJZXfG0tTIzw2ICqv0AnwvnTokz8ZMLeQQOd19fEv7WG+zoqKefQxuwgsVR4tgCh +4AD9NJuxV2dIoZQU+p2lMWSmXEES1CdnPKPdP34zisuRZm9ssqVrkCtKyZhmXP+u5CjQLHAM +pqEkjhmmVWU7hA+KEv61lUSQzmAMkgxQOzOjTdNVKy9uMZ6oOnWxkc9xYlFMvRAngpYMuRG+ +Eg4NmCEQKD2baOfXDu61R2xUR2ST0hYXVEXlvFnHYMs4BfAaj09D7+0dpreiWmnhjWQSLawN +4eQfQMRAp/oeGUoBwX/qOZPj5lz12rkDJaf7xqC2rlOMJRqvHrZdW1k2uRlkA36bEj5FLp17 +NX9z1DzoUQz6tfRpmpS528lbhxGbCJS8fJdXziZOWOhlv3Bk3CfG9RyXOtOSReIwolDWTVKZ +r8kPvRpMN0OzrpBWqvU6+txdzEsqWTbQdM/4zpUBMAi9iQIfBBABAgAJBQJOGZYbAgcAAAoJ +EFueoWFmkM+UrrwQAM6XLXe2BY7Pxq8Je3Nzxvmov24Ft+JdktSImCQGTTMxVM2P0xC59GAO +8px1kjGJS8yAQahZ1r1pk06mrqnWy86EDnjcepVpf3rlKs4p2dVyQ/aGiCxjCBCZ35i8MoVL +dMz2Mlb8VSacA4FszzgfXo41DK5Ou6uqyPmqJbJ3PV3S6tM9WBsYw7Z1t6x27ZLIc0HD8LJs +VPzLM36lXh8oHCWaV1Xcb3+GunjGOYXSxaYs60Jzt2qrvx+E/eLiqdkuxplHaFoqeQ+oYUmg +cO0Nn1YmS5q2kb6/rkC08Tzamd4y27Xop3cll07yuIulqba1xHpvbpJjKf7r6Ij4tFoGJw8O +RbJpGegS5oNao4RDCvqAC+y1xWnWL3z2ubJh2knjSkiBpRna6wT2T9PnTCBViTFTya8jdQcp +OpOuZMApHf9rRlWCVmCXkmeFk7dd7IA0dERDIzMiryx06dELa4TAEWtdCCvU0PAnpyx1Gktv +yPQYrwLAAmGNnaNGzGxynYtrQo39Xd3kfKCr6X2M+JsYA/VPsOrNBZmNMDHbcE0QVtYTqxEy +vRRoHBdlidWK0efh+OaAbcmQ9hTIAiwXpqRg9uNE5BO3nYbNyG+IClFVnLJIMEUAIBcM8kl2 +zxQMV+vhgqvWMmrEwpsYq27zbLAgFahJ7y29IRDSPi44qy9MzlJCiQIgBBIBCAAKBQJN3eHa +AwUBeAAKCRDk0Sqvu/STKJMNEACmJeiLmtpbwcYAWlb+WgLn4gAc8eG3+YwXK0lNaLbUFpq/ +8NiJuRSmuZhzjXm5JC56XBKCmv+Yvnks677sjzD9vrTU911XBgY+VobefDjO757go+sP9+Lk +ppfFM22qzhobKDUgVnINxGFjGolhSrR/zAwUqEjR/pbDOkuJtHejOaadETO9qrO5WFzTDXrj +9UO5lZw4oXo1PWyGIhkJCaQ7WFu5MZE2+hi9bZuJHx7A2JdevegXOMvlomuc2BKapAnmcYOE +oGmcV6mOJUgNrLSCde8IsDd6aF2H9GBJ/4mOctazlK+PqQuZeVlwfqxp98AXzPzdXtD9HCA9 +8dxOXHnKDWJP53SwUK67VbyWJ/M5yM7jaH8XpQKNgnhLPaCsHIRUn0IqRL/6EJVJpPgWsIhd +kRrCA0UPEwSM+r9DGQPFRuTcIJYSqM8b2St4QqyhlTIpCWYXAqu+eF4wuJCXTYsqdTSY8rpi +/4DB4FLdMWTKqza70CUD17IjMj3IMD2dTmoH8E3r1PRFyz3Sqwgzf6F15qgXajrcmhgr4FFh +KD7PWb1SXpw5/nWdmTDPW2l5vFssKuAid7OtXF7fW0bZSHnrbXvJ19AHiMWf5C/iu9UOz6BY ++Kk2WmCnBtpkximLrGU1lJ7UR8UjDIo00ZfVUwnEJ5vuZJST+s30Lk3OQc1GnIkCIgQQAQIA +DAUCT1NibgWDB4YfgAAKCRDIEwoLMBSAmgwjD/9/C4l2O19OyraO3QjGdz4iAgYXIxdBxcKL +sk801GSj0FZPYaoeZgMD98WpaFgRtH/tRs/jfnYG97EtH4d10yq+KzfTqODSSwXCFt3quFSq +pYS8YZHVktUdHa7aZ0RvZY4lWY5zOrygwYLd8LItpN0CBDA7TFTyM7cs4jHMeX/3Cd/75UJj +0ce+E1/lPjl9pi7z0dYBybuRDZJluOvRtKFoaYtuHRyYPqjZotBhF5n1UoZzN69iiUTuS4Av +ZIOXtToJD5QZcpzY5qB5663Skxtc+ETgV0wqgGtj5nwnPRB3BwQYfe2UzHtu1f/tYlxXCgI5 +qA08Yl8WTJyKtn2Rby09H5H+tZs/KOcO4U6s6psIL+G8SjLeDK/0yRYfVwmBUjV/3BnFBBqT +ZYkbvctd9FfgECAdkR8fSbrWjVGY3Bkb3zNU+wkwdD+QgZN/3Yf2RpeXdz6MK4R3mXD48zMo +cYnEvEgyeQRqMMVA5B98RUcrFm3+H0Th6OnCxI0AzmKxb3OTrls5ZwwTwjx3XXCzfIuvA5gW +XzOLbFehlmOKeV0cd1hEvhG9U1Pjl5DoGi+F/mvxG81HLg5QM4EkwEbvu+4PQdvm6/KT4Xq+ +mHoG0GvwAj4Yer2p826en16sluA8ZKhkdIE1pr9+eX1QUZaliyCgjSAnbB2Z8CpyuSZKXk8d +X4kCIgQQAQIADAUCT/Rq/wWDAeKFAAAKCRBjyvJ2Psdy1JhyEACQIu8GTOlY8/TcWyKpoDk3 ++CktN+0SRt6rveoPkEV1NWRYX+WrP+2yNd3w+lqnbyNBJp/HPwAhJTqszRVeviben5oNqzf3 +v3hibBL4ld4QvQ5RsxHGdLeRSZSRR39XBuDK574l3hqvkyfHgl16gxktFVQONT9sKqPyBcbN +WjsPKTEtY9Pb+cF+ZEpBazv2gJ18ChOJVuxl0m6UL7O/OD7DmVFKVf0KtWCtMcCNj7Hc51U6 +3/25EZHlto+qV5DIeWOYmbLWrrxEF9bgzuqk1+5VvGTQcqoOJ+EyZNqYbyP2jTLHWQw/GYV7 +30wfNLloQC3Rp/wsBIdLiogCfLawYYDhQh9275HLe2aq0tN4jmfiOJr6yzpwaEuTkixJ6GcN +oGpj/iZ9ii+g7LfZIRhNlCeYcBJRrdvyfbBGRfiHDT03v98cBmVjiIUdwFTc7xwzxbKUF25w +9G1CyZAvL3unLP57P7m5RCbLHKLO1KoITYp6ySjeHHwvg6RzmXgOvdpaoFcxuPZxxHWvZx3y +8r/GDXrtpEq1KX90LtZx3O2Awfx5T+0mcyIYeebP2po9tLJodlvJuBrci2h0zaon5XO6Vllw +TF4Hl3Tv03R57JzH1BQz3c2iX6Een+kRr/BSQ+yH6knExNPMZcp9UIQoDwcpm7zSXrhnBV8W +IEXp9Z5R0OM4j4kCIgQQAQIADAUCUFfquwWDB4YfgAAKCRC/3GXuhFEFvphmEACYC2yhIFmk +AiIbTv0aHl4f7D57BvtdRHercSrSQY1wsesmf3NTLcx9vc8xo6BqPQiZdQ7BGOFOSodFAt8D +piQdjQ6PjMCHswR76yZRr7IqjDI+Fq+zFcybe7xPlxLbSt5wsHhdCIWQSfBdBfVhD0Fgpcmb ++OM+/1gmjxECL/fT/Rg9Bms0vSjwDNqEglT18lLmmvudpmGIMc2X68g51un8RWVLAnWKWa1D +fywspy/+BkV+lt7AIhL3BxLz79jXib7mWAH/7Zfu3xtTe51yhSJqT7qEhgjzPM8fSWuriF5R +/88RKji/JWVd1twIURtiyq0RAQaRYi13Te8Fpo+ASkGb3ZUAHoyMRDEWoMFFtD7jazpS5sOs +XSG+joze3C5HbwYuaJLe7klle2LI1lV52lzyCPqJECrvN7d/f0ljBFSFa1qb9C3XeopFuH51 +y5ThMC7QUIOXIqfVRTl+7dmadamG4hIK3Vf//KjWWfvtIJz1vcvKeQ3uxhaxZ+KSd6QUdE0q +uI+uEEvAQRmsY8Jyw8m/bvWnd2BjZPf7Wi1053CwpK9NE+Wv2ADfKwXa7lbt/jl40M6dvFGD +qbT3B9vw9gZ+/q7gRD1DjJioZEbr1lKNSXAoSQnZ/PqsE4aSwBoANgkzyfwdVq0SAlE/RnCR +OuAjPy/FVY3jkdHmYLcnkXoEe4kCIgQQAQoADAUCUdXU9gWDB4YfgAAKCRCUU0gQ8sMPSYR1 +D/wIlZP/Lb4JOARtkh591os18hSOwF2G7qhpyHCMCB5rU8omK458sNJp5102YJMvYiiSE9lI +mj6mxAe0t5+NOcs6bBuoYVqTB6kXm7JTUh5NP3830RRunHDjXLKgVkNWhKbQdx5Wsv7Vmcow +1WJgMs8T9IzmBEfFzZQQILOtWsjriKTPN8HE0T/B0ke8vUAtG2/s/UNL0cd0uUlsAecw5rY6 +3yq3A9FoOvlfv3rhnTIJwCHTkXf/W7GIaLe8cWg3dNu02jbIT138iX9u/5Gs2Eumclo29kRD +Mtna0+Vwm2NOmeV3YpArKXEIfHL4Pse6bt56kYZWh+S693OFKQfnWLorK0ijsZnMaHtnrVRL +YVvtkNfd9YVwDyGF+mccZJdwzr4sJ7qKpsZ8VnsUUrsk3kAHDBv9WYKk6JnxmvK7en9yERgv +ipLm7U49sdgtFqR7tTmG11u8qrTjlugYHvlEP78ZNcWemLXKr3VgRS8Je5GDI+2uOtT/Sl6h +qeNiTcbVdYq0qTwcdNCOKwXZgcXmsmhU0bDgN2bZjXLyGobNdQ+2EmykUlKU60/09O9NsJJs +t8DjR0+0tMtVzrPHHQbGDyFGwxJYKR0mBOk9WkXerAlxrMnSJtUhaNhG1edLZTIuhUY1XAZr +RnblZjkdzj66LrGUcYIB32E+fcRES/QvlTj3K4kCIgQRAQIADAUCUFfregWDB4YfgAAKCRAK +HfLGbXvrFE1cEACXJSV7yZbXwUoPdvL+mlo7YumndlbfRlxC8RHyk4Oaxoxwa+SAQjTa+W0W +Cu/cSlmT16UTFJmH/0QIhoHR6HPldb4RNVWfL+mLyAupkgQC7WRCKOr69lc5Z0UATnfrksMn +IgJu3Yu5aUfkwEUPG5hfBXQjPhG7B4Db55kMoZnyc7Ws8LyHkciWuo96rQ0sxkkjkfJhFaUm +jN9tcysZfwc5uqMN+wSeSfHd7PcqObva36V7FsJXiydhGqqTSvUcj7DmXu2f5MW5b7cqjkWv +1Lq3og0BkAx/Mt+eFLS/E2xAQf3uLLNekWmn6o4IfDUZ6RW53A8kcSNf/Zc9tCSpZjdvhRhb +L2BfV76xW8hlzxacvNOvErMXGO9By9MdlY4VkuYVQUVZDUAg4h+Jd70DQ+VIL2WaxkEfaqmF +gdnOqaL6K7P1+Ti0SQPyWnUkm1H46oQUvW0Vsw6QyMsuwo2CAxIvq1PmH3c8Z/Cl+RusyF/4 +gkuO4GF7c8rBTA3mb9IltPLtygi0oau/ZMwUUjK2x7CbMmll4AfrUUP7tTn1qSyMduiziXNc +Zs59pcgpftC1IcUfKjUcUdSLbZc6DFiccw66CmcoVqPiRFK5PHwbOnfmRBR1DK2+Lzj5nGAt +S6nuc3CFb4Xz53V5o7v4lrx280VpMaClI0xzFURBzmC4SnNMRYkCIgQSAQIADAUCUgkJcwWD +B4YfgAAKCRAvmEp4jzEI0HJPD/0aecd6xIRCLBc+AW/gmUBiXr9yQPnHQWisyES+Bw40wMhy +P9534ptdJ7wh2Zl/u2V/7V6Imcqi4d50CZmA0TkW+a1STh8XnbLGqiK7MISmrpCqdJB6AV9B +7Sm7aRatGyQqEVvZN3JzKD02RyO+ksRvRqK36c/8cd7lR+LiB7GxHX5oLFb34Lm52zs3N4ga +eFJdl3om+lL9FWPn28NFw8HpC0JCkmBRo6otXlbcBqRn+fU+kSy69Ajmt2TP9dlf8CM7L8hd +Kp6gLCb3kDRCfFUlp4uVbyllEj6Zag2d5L3STyTmX/y9Ciq2kEoy0hoGXe2eRio1mgIu6skB +JPptKb7+WiuJg2IgmsNf97sYXsGi4e+X28epy55FrlkAFK8M6CLQ/u1W8CUpOyl7Wo/Y2hsN +P4fcZi1a0ejqhChSQQDszJoOMGdiK5dCO8vVI5nfc5sKNZmW1DkQY7HwS2dAdOIBsy68ZxXI +b8meIYvzf45q7RRJsoQq9u7OuguoWDj3jNaqW2qTgHjHjwgAjdvmsNQpHShkka7i2AvyIAud +UoLhmmVg8BNkdaVqUhvL013n0FjoErcpfLZuQ0nMGlRxptnE5b3y3uu6Qb6X1aRaO8woZM+X +mXIkgu7fuaiyzR5gsvPTgVWR3DX2vr0kynyCYVf1oSDICWVrrexZmwdl+Dm+vYkCIgQTAQIA +DAUCUX55wwWDB4YfgAAKCRBn5y/rrqN+8JEID/wNY5+zPpV8lY2pnoagDlns1rbSABpqEitY +V1eBdTqx7A7Mx0pRwSs+mPJvfDzY0kxfGaAvyqKGGYbu38VDBvm+zu3tislgdyxTR8Pl9FHP +oWC4iFbfm2cAC0dTGEnFoyHtDwqXneZLVaD8w+90LDISct9xghJpOaYug2paRloPIXaKSpqz +Fa8Nwco3HPYicP+mCHpx18D7BhDSPCOnYC+jXHvkvvs0Pe9se74DGTBNI4vbGsQcraHEOEZ3 +0/+cn+ScE+qEQA63JJ851TFFUH2T3DP7A/xxmmFNCt0ab1u4ToFnpDtX4DaLjaK+E8rwxfwm +jRJQ2hv8QAHNJ8++z6tXDLKd0EqZZ7w65+Nisn+qk2O5sQlW4m7dXKN91ZCWUSt4l/f0PIcp +lWW95BVTqa4IkbWZaoLOaaE1Se8Y01ZZKkR1oZdpM4Gp+kWOdNJtL3oKgVULJJU1UHzstW4n +tYtjgw0NK701X2508NrutcN0ec1pSfAQaD7Od+8kR/n1qCb+5+vw/0E5tVsfdYVV2H1l1u4h +eHc4OfJKF7xGJEy8trqHNzPSJQ3emy3TCyrccaYyLQ2TZVoIE8yi0xwQq5b2rDIVlF5oliCH +zV0MppD9fS0NF7imb+aj7ZRprLl7XOMzfOyIQhR/Cfv1nH7cSapU8Plrta26jW9JArYwlwRZ +2okCIgQTAQIADAUCUhURjgWDFpJegAAKCRCRndSpl+qPrTD9D/9+Az1RdQv/zxeoeWzgcVVc +rlXlTHub8n1QDwBnxRmCoyQ3UW/xiXqXjVZ7lT3FHBbggyn4kFmI2Aw/YbEzhzK9XQ3X7eC+ +4u2Umi6blrxKbH7vH5p8igQqyecu/P60chS00v7MbN68oJ5SFmR7K+qVg9xmMZrtS5I0iErO +64oDjnT8GGH2Fs1ps1oMn6HBE3tYHl+g/kvA06RZFGox1L/JG6JbjhHOuNqqJMg5SNjPWI5C +p++CBgee0Lxkwv/DIx6ZJM9tSXLho4RZb+vCF7l/mRd6IYLlJdvahqNwCFjaazbKqRSoxDK0 +C2OwUwgQkDsf1U9TfZRHASSlbmULW9sTaww2s7ncKlBG/sUAz+lZLBbtvER0eAMxf+U+JVy9 +H7WsQB/6Ft1rXtfNcI3T4yZQvrTFBgUFmuOngleb+Qh5eA7h9A5QHi4pxmxyfMoQ4nFR1t6J +7q2bJC/v/ww4UySngQ6pjcCJSQHQVuEu08NH1JOuOp/0cqAiDUvKYqGilnHCwgc4QCxpJAHS +DKYsRtrRgMxUWZXJfO686Dsei2xnzrop5EekpaftprXbxmInSotXNidE61X0pCyVKwZziUrw +HNsHc5Ra8y0/l991ZSXReW1ZIEzQ9IV03Z6E7Y4nyMzTU8gEpPlBAAoH/izylDYTObwibMoR +tUk17vQ8u6C2uYkCPgQwAQIAKAUCTOVYgyEdAENhbiBjb21wcm9taXNlIG15IHRydXN0IG5l +dHdvcmsACgkQ1mFZmoCpbEh0RQ//bKFvrumKQ+Phjo3qjf4C3s3QA9KDMSG4EJCU7lFXSKZ2 +e3V0u3w5tp5Tx1h4v4/ZJkjjg6KaKiF+OPTIIkT6P9S6CvaRW7+yS1SUGhbxFUo9l2+ds48z +44iwGQhjAFNgBoNRvwVegERLMJaTVJMQnUAX0YF+4QqHaPBh5AI8bU6mWvb4TLKBk7yFMEBI +aR9aArrb2OO8ohOIO7RU7Tj/+5NRXMGkO28aSu6Z8nUcOVIYcVsEPHrvvwlulwwC5sSbjjsb +YKtOSlcpTQfI3Z2QIhCWHAT1muZDJ7VNxaCwC8IVA3nz3FtocOQ2yesn7Eja5VNqqy1MUmxR +ZSi4HnudgB/SIBX19yDKzcyTNyJAxvuzqFU/syyeloIMBkZ7tSnTs0DIrsVAJ8D5wSeca6nQ +dVSWNnueo56owBelcPdmaUenIFKFZ0wT851F1KU6rgl507Nm/tZm3FOqfrRVCRIwmn4KApMO +dII2X0Y6YgWfMoUEzwlkX0ETn/LTB7doWc8qPPx5b0kvcr2S74XOBl338pP603VPhd3R3sUW +fBm/Uu3Q2ITVTimofHvJBRSq4D6X00OGqWoNLmxIiMr4723zgUbb4dQPyS3glq8mjru7lGNA +hbXm4b9Nckn1M9d36W0YfsGn9JmbdHAxitDnWe3ygj++lF/2MmKKi5Aa+k8k23OJBhwEEwEI +AAYFAk72OPsACgkQJJv37rGBfaA7LzAAvehqt4TQlrvwL+jlW7aSPyEoX88HapHCB3jXlSqf +NcVImx2DDLf5bsh7R+LW0grXyWsdet6bIv0hLrFFerQuVijh22nK/E4TRNHQU/g8AfMKMUGz +D+uEsojr7P8gm+E3w4S/uN3z5HO1zfGKceksrcpRPQmloukYb5JyyDMiX6BsfFXlk2zxUKLr +5kuYgoNFlboAgeAhKHyWiLxLdHiwvv5DzE4c+Ta13O9VAnHNzji5XsKZ9RAnZBUx9ShJMAu7 +koT3loiafOHGf5fRXMLxgyqaXyBEoiIhBk3cZDBDL6RufV6JmVDJrbxXJaVKESDY2c4dSQlM +zUNqq0oA1cFMYQsJ+m/qAhUxtRiAg6sdZXJXDsxAgLowlRAL8QZVBPpCkjRb6d342/Q6MpyG +T22Iaw8DvUM7fvdx0CM36PyuZ39htC6V8Wo4NQzmafbAJhfjoNnYMfPCzKQlqx9s5XaQXJ5n +LbhL+ulfNgE3BVHKBK03X9QWWSr+HL1MTTApsBGB1hIfoBl2MixzbRfTyDt60r+Txt73vVD3 +kflgl4y/6ZkVDtOztIS6xGBC1HPLUO3Px/kXSkF9ztxSwqBRS2MUStODSVVSMRvduNdnfgRe +PuoH+VJ9rm7e+7ZvmDCnshGXTB9dx49EQpuk/R5vb1Kera0VaGvy15eG9K4PLrwU6u/n9IVl +R764SMl/WQWf6wVqqu82Pwd/x4JhwmrtSj3M+IRXaQpqlMLfA+siarwilw61R3LX2fCNKylC +NBClZEdZP09C7TgrJmld8J31sJOu/tY05iydJI/7lDoCbvjHCZwgxPHJKHhLKp82zRFcMcEo +Z8/lrd6DuLnM8k9fw+DqfHNNE75B3EhVpcVSVvx3xj+Ft/1NNS9aOLossefvKuJUre1llxio +yoT6DHQlZV4LKtzVhB8WqtHwbO+eNoM3ExDehvUJ9rfVlmIlqzMYzBuH7o4m0cWV3KOz+QJI +6+arNhY4fZ/DRrx4zfRMB5y0vKbIEwqkYt8LZBIXXjXYXgNQ3sMCLjYKabUW4ZMilSPMy2fM +McefZxSPnfXALKQbk4xrjBovreO4EKguBFIS0Fm6RQe84ZCcuW8zMUr6Kov9fb1CpI6b9vKn +fSd1v5xAXXVl7HdVliBtFVGDuhu5UMoOtVlBqzspujnfezXo9KO2yEBzvLhqHMGR/qCJawbg ++hewEZfHXxdvD36k5sjXNuIvXyrVgtg48ViA5hhvaJUYYZ3w4x3XENflpriYkfH7vhxrkKr0 ++85YhWAegwt5zZrVw76vXFDEW0IojtZpQz2srZIqSLGoqOlnphNxkn2WWeWQI2JA+3rE/g9I +da5Ne6jG1KUxPWap0GiFw4pgu7YIX/vy18zhf4q7qNFWVSawXHA/OMCl7afbHxQQc1YlMIYg +YxQpZ7FPfydonoUBKgZfUQar5ouJ47ShowNq19AO4sH6a6lq+CjSFOBSvbYFjCHTNUDulSGt +tNViuDBWCgwwmgSeKlKr+eEA723ebgokjs2qkmLxduItW3JSRbUowf6c/3bCHJqnJfczOicU +vkYlB4hmyjM2dskfIzKO0BhghWEaA2s9juRKYM42Vm01ZeKxuRE7ZiFxm3jfPLbLjhs0chuC +ddoU2KwWHQ3/0iQywMFeeVeAxbTBgExD8kV18CuJ4ob+iBJX0as/Fjv5bVm3jc0XQlMoQpUl +Tn9xkKu3C1MpTGc2/64w+GFKC/CIaEzYVDl003/h/N0zrpY6GIVF1JbyHE/+MwJ9xE/UggXL +UKuQmyPoF4D6tui5EyHpe/fy7l6521fpCAFn5h8p6qpRLoy5TpX68lOMdXk/WcxOxF4/Bl0S +4ZW3KfX/x5W9MJVNkmmV9x8PabJJFUu90Fn0q2p54DMFHcKJJphZYs5S7m0Y9Z6axY0xBI6X +Ey+zP/9m+0s/2ClU2P0pYVWM+xFv4Hvc/9lZqjyByN9uM2EhDlGDtPXVF7pi7eP2KZFGjeg2 +RiQX357L51kGEIWFnuDniJkuuldRTECnhccACo1ax2Rb5usuhtab9NlamSFotzY+tClETlIt +S1MyIDxkby1ub3QtcmVwbHlAa2V5c2VydmVyMi5wZ3AuY29tPohFBBARAgAGBQJK8YHHAAoJ +EOHcq+7Oj0WIZkEAn2ObiDaDuDjKka1jRbbkfEpRRB3iAJigEV01zhHlgRWT6M+nYnjiqO5n +iEYEEBECAAYFAkmhxj4ACgkQYHYFHGaJs5EvJgCdFkDUSFqwPn/LtLM16hdPRrV1rZ4Aniwt +gZ71qdjmc3XAbE2XPE/xt4aCiEYEEBECAAYFAkm+Y8UACgkQiSebwryQIwzJMwCgqTUXXbT0 +Vq2L3YTq1x+emnGAxy4AniX2xByLtL7c1GbexMeJEh84yFfLiEYEEBECAAYFAknCXAMACgkQ +2ZS+P4sqldZYDwCgm3iDOH1oD1GcWi5sXMcwT4Cr//YAoL6MCLGzorIkSFlswTdZf7zt5+jQ +iEYEEBECAAYFAknK3ukACgkQbiqvqRKA/TVfPQCfU3K6fNpii5XNbM1BxhjIEHPxrvQAnj28 +9FaLb/f4Ap6dEH7vc+3TzUc7iEYEEBECAAYFAknNHJ8ACgkQjIOXq4SR9u8CdwCfeb+enFri +VxZPZCt9F1JWAFdp5TEAoKBdim+s9goeZgDCGew36fBbmMMMiEYEEBECAAYFAknfcDoACgkQ +iTx0ar4roGQ+hwCdHsqNZnYZ7Usm77RKFurLdSz04kAAniO35JJegqku/jJxx9HZv5wmqzK6 +iEYEEBECAAYFAknfc9sACgkQiTx0ar4roGTChACfZNfOjyPk8JSSRbEqs1P6LLVoneMAnRZ7 +wOAXryHd1AiNojQrNojh0nHqiEYEEBECAAYFAknh2mQACgkQUpqypwNtk5cf9wCgwqbCc77b +okipoALY9nffH1GHqf4AoJDM39tITNJ2KLTNrYUN+TX/AB4FiEYEEBECAAYFAkn/KSAACgkQ +hcARb7rf8do1gwCfe+2deFyjmX6sI4eP1466me7Yv0AAnAvsaxrPLG8FEC4EPMXAdP6W95th +iEYEEBECAAYFAkoC/dYACgkQma3K7DzyPzL7PgCdEth85iouuzdFGfqEdG4yJn+e5nIAnilS +v90vZ1vGa+VbOT0t2j6d/LfkiEYEEBECAAYFAkoDOpYACgkQWAljz7RHNe1v5gCeL75wvS5L +gDP9dF4zIkPppA01nkgAmwTdfBnCMX/uQV5Xctzq7dlVKZruiEYEEBECAAYFAkoLT8MACgkQ +3Q9iE8sonz3S3wCfdkfvqPPDx3yp5EbxzcwlzuzeX6IAoJENx2i3v4jePUPIOEr1WoFEBWkB +iEYEEBECAAYFAkoNZdkACgkQqM1TxwTUujmW8ACfbi6IC3khE2N4gO2R3NRLaEGwfU8An3eR +dHwqgPtg2d+CtOTwIN6WLrUaiEYEEBECAAYFAkoWBEYACgkQ7+FMWqd+8O3gOgCgp5yrO7yD +J4T0MpCHOcPFUsmg9hQAoLE7fP6PQc8Qo0Kf6OgrpIxVse3IiEYEEBECAAYFAkocD0kACgkQ +SKM+k8cGWGK7UwCcCto8IR3T4NJjE1NB24DmX1+bHhkAn3QXo0Uque4MW0jatnJ16GSZOYE0 +iEYEEBECAAYFAkocD4QACgkQM7Op+wNTCGGgtgCeNV5YmXTPUrc1/AwAxMt++tigDUEAni2J +r4FzpPIH3letvCSPgjtwYnbJiEYEEBECAAYFAkodGDEACgkQkjWZgaM/hiKV5QCgirv9Yl2t +UKPUoAaArIqXcWK3MNcAn1OJCgj7m+Js5VJyxWY9TNrmrPGLiEYEEBECAAYFAkofEaEACgkQ +eI2CR9wDl1vVFgCeI0uP3D1db1ljHQdFrs5/Lj1gplsAnRHPu0kqYp82RpFn36S6DrbIzizV +iEYEEBECAAYFAkonxN8ACgkQqBNJp37Vc9N6pwCeKLtLo0PxOjeCjoe1HbA8VhskMugAn3uf +ba/wc23/BkIb33tqFc1kKUiriEYEEBECAAYFAkopREAACgkQm2uUD2/yILRNTQCfZ0238cQh +e+RkftRUgIHztRplDDoAn164aZ4IZlO9gcd4Z9r/u1i4YRPPiEYEEBECAAYFAkppEFYACgkQ +tJ27gusVxhccJACeIHKCzgvVTpN5uV/yCIDpUQR/fTgAn1OwlvktUvArVYrnSigE2Ax1DtJU +iEYEEBECAAYFAkpp5DYACgkQvUrSiZYpLXxqawCfVDzSUPAIJm9NpIpSFTVkMdewu7oAoKk4 +alEEgO0sVnY8xHfKK6ngOf/JiEYEEBECAAYFAkqOqxgACgkQNc+mlXJ5K/KP4gCfW04X0RQR +1TXxw///H5QCJGpQeEIAn1xEnQ1iMvrVSQwxnk+FUQSYfbspiEYEEBECAAYFAkqVKHMACgkQ +LvLoisOZKCAKqACfcBVZQRtQ1BsadKdkejCYs6UVnfUAn2pWmfnaPMNFxqDcNhb79VSUZBGG +iEYEEBECAAYFAkqbNy0ACgkQf7+i3PX0w3EgrgCeLItiKGAoNobo5NTBrvfuuHZCsbUAn0im +K7rTEtdo+KsTERD4MT4I52eHiEYEEBECAAYFAkqbN6wACgkQNQUBes7kHwJmqwCcCW8SpuSa +WOz85I/DkfqtPuyIq60AniRONYTZbwJ50wsdIZYAhdpyo/fjiEYEEBECAAYFAkq35v4ACgkQ +zxF0w6p4kKHLkgCgk5XxtbLbrZnHXWoEzf6n14K6MN4AoK7VvBTqBgtw3m4eMPX/V7JbgVLs +iEYEEBECAAYFAkq9vcUACgkQiUdIdDLkq/gXEQCgt5manCpyJsa9Yl1u46WZ33P0avcAnjZS +NO2miBG0QJ9Jo00l/4ha6ECpiEYEEBECAAYFAkrFsDgACgkQgzXRLX/jgZK1ZwCffldQuUc2 +SD75Q2Hm6XT932woW10AoI0921prbJ3jBV135eHdAXJy+cQKiEYEEBECAAYFAkrL7IEACgkQ +7KD+kvFxKbTp9gCg1lz3vx64jqsfgMKsGjGmV4v+Nl0AnjNWLY8zWUFVcJe/t31CaVFnvau/ +iEYEEBECAAYFAkrZB0IACgkQj5WTpMQY5uw5bQCghlGb/0D5PVRlz33vj6QXSktiouQAoJ5v +3U5BMCHQOXNv1v1qo59vDhvaiEYEEBECAAYFAkrmCVkACgkQewcbIKKCU/B1vgCfTjG95E4c +JSpbQRwlQulo6jRRx84AoIXCrBjLDNKX8pdBsfQsEQqef8JFiEYEEBECAAYFAkrqJssACgkQ +Md53PY3MTC9m8ACfQXAIdbYKAFYhb5t0K7kycd0V/yUAnimhu8JHCNbF5Kvt9PVRZlTi9UFS +iEYEEBECAAYFAkrvga0ACgkQ0sZE1jckipun8ACgirPXujxXjcvaz04h4N70Im+8OcgAnjpJ +sttyZLW/ru5QTMSMIVEMLkpuiEYEEBECAAYFAkryw4oACgkQg4/jc1+WsBwhuwCgt6J2mBNi +g9k7OKTTaiwRz7U8gCEAoIVGXWCtjF2zv1q1fiSf1ET8zSo+iEYEEBECAAYFAksAWMsACgkQ +bqzLhrIzLBb85QCg1EcIes5G9cYWberd+3DyjlQGpWYAniZYk6xvjMrHj3++cRfBWDRaGd7P +iEYEEBECAAYFAksBo68ACgkQHY0ebZGHY5cCMQCdFSj0MURTQc9DVXUQ4cDsObRjzxwAn2iz +px4iREsaP2Be/wjXgS6MXbcuiEYEEBECAAYFAksEy2UACgkQVEz/jc3RHmDDxgCg9QkDER5j +khxfJbTI8EIpLqCkXXMAmwW1oGMy9FBVEFwOhE7ClZIA0gBpiEYEEBECAAYFAkslHyYACgkQ +1mWtf6Wqb7o4zgCdEDgMSF6veI56a9TyMrts2iKbiC4AoImFoICn1F0XSWT5zXh6cs6H4d7X +iEYEEBECAAYFAks8zD8ACgkQsWl7aTu+lpl/EACeIhJcgaaCNAFoXD1o0Eybd5Y97KAAoIu/ +j1XMeOUA3iQ3IN7xjNGxs3oriEYEEBECAAYFAktMxX8ACgkQUDehq0srSdb3TACfbTGmP4fn +aYHkZ2/3WjqC3UcN3twAoLTY502eGdXAJEo2W3mPdYZTS4uoiEYEEBECAAYFAktQEVAACgkQ +fc2n4C4yZRhoBgCdEXJl81K4KN5Ex+rdW58REgakA9kAnRmEFDIUoU150krXcRXuXO2xWigX +iEYEEBECAAYFAktXLAMACgkQwBaNZ/uabwr5ywCfZGpfqLxp2Gz+jdoAobdbkpMYXuIAn20c +J/pudT7Ss9GxESA1va77X6OhiEYEEBECAAYFAktpz0oACgkQdGYYBviPnFU56wCePzIrIQpp +1eaoY3T2IxjXZIH23cEAn2+CmT/uaMVx2ImkqAIv83Uu904wiEYEEBECAAYFAktwAHoACgkQ +4+QIcd1fJyrkGQCcCNabdq+cQcQOC49AJUr/FQGYG7UAnAv49pIYnPpjR6jk6WhLKN9ojwkO +iEYEEBECAAYFAkt/tSUACgkQG3EPmJGaH79UZACgyW5UX/te2Pz43+nwGX7SGnXTC0sAoMbh +W74OY7yIm6U2VzlL0ktJLpsziEYEEBECAAYFAkunk5UACgkQhYdoxggWsGf4AQCfWHQvsdEc +Zk/n7WAGYE4KkNpErqMAoJWg7v6qAvbV6Sb1cVoiK3a4ebr9iEYEEBECAAYFAkupMDcACgkQ +y5aS0yBdDDXSfgCdGfaqMV68abpcuWhKVBvTsw28yV0AnRqMq/qqjY6ZObhCGu9Me5ee4iXA +iEYEEBECAAYFAkuxjhMACgkQOr66kVaEz9bibgCeJH4WxtGoBU/K5LyafXIQc0M9gr4AnRQk +OlC/hm2EaWMYFgEgJoEcdo0TiEYEEBECAAYFAkvPubUACgkQRfXgBakp/8OMaQCfTYt0KkbR +23Xck2ckmAh/A9aAslkAn02d/ts/Qjh0NzlsZpn4aGCV/8uniEYEEBECAAYFAkvntpUACgkQ +vUr/hwPVEBqxnACfbOsk8EyZzR+SGmnEGk/rPcwktREAoIMFboNDPgXj785OQ9gKuDLWpbH3 +iEYEEBECAAYFAkvsOkIACgkQGLuYxWKEnN7iOwCeJXKBFaP8MhrhPXdUxcRWbHFJCtYAoJHJ +nm/1Kqf1pspzBENs2txxnrYxiEYEEBECAAYFAkwXyZwACgkQNozob88EECil6gCfZNY5pNz4 +9GOBAUGSHNkUiSllRdgAnjceJziku93x0Xg0CajrLgZUv4a8iEYEEBECAAYFAkwjn6QACgkQ +z6q6EwAz9BHnWwCeJG0V7fR0lNbZ0Rm44QhaCe40i44An2TPG7qD7f+1ajRwIIoNCf+gvwfU +iEYEEBECAAYFAkxcMLMACgkQTnophOgLnn9iiQCggc7enblzUbOAFVkwQ4M43FHYVpAAoIpa +vsvsSzWO+TnenrNv/JL3+ZUIiEYEEBECAAYFAkxibbgACgkQzlhjmKhSuqyPYgCgsb7zsmF/ +yVRizzVSW1pjl1SrC4kAn1SrJd9UCD2g5vlFv8QaN7cCaPEoiEYEEBECAAYFAkyGchYACgkQ +KTtOfGEO2jvWGACdGdb/I82WmaqXBEyHgg/rvc36uTQAnRbQhh6hmyuX/YvEaIG4mVNSVu5q +iEYEEBECAAYFAkzAc0gACgkQ6CRbiSJE7amzwgCgncpbk3rvHGdtfzkDlAbVkXyMeKUAn3ys +ooSavry+/T4bgg4xxqOmjCuQiEYEEBECAAYFAkzCVcAACgkQB1flanLThNNbpACdF7FE4/GW +f1q25zaVUXJSXy7I9ZsAoJt/rlY8zKZ1rOZGn1kFASliW559iEYEEBECAAYFAkzrg9sACgkQ +fuyoSf7WBWCtGwCglBODTAdQtA/E3Njg8uFtKDxHzg8AoJd5SfwZtKITKUFjfCIzk3vd953L +iEYEEBECAAYFAk0UiBMACgkQuKhPiYh0wFa2PACgsu4VB0MvhT1poIoIXf0qwnqXhW4AoIBu +TTwMwkdL3fKoRtWYy327wpociEYEEBECAAYFAk0abNsACgkQ9W0G7+WNBoXd8QCeL+5RWzI9 +7A/8rf6nvPtoj2KnufcAnjP8ZRgbmj1cK0+eqqwnbIIdbiH2iEYEEBECAAYFAk0tDLgACgkQ +PxxcRv4OO9qqQwCfcFe2HYMzTuDwo08Unbt6SAW70/cAoJN6shzDB/PenWPM6ApFTilqWxGx +iEYEEBECAAYFAk0tfAYACgkQua85GiOlZ+KU5gCgoESKDzi2ALUL8cklmk/O3D+CkzoAoMYV +SJ9uW3lM6DqovyTPDdumfH2biEYEEBECAAYFAk2R+H0ACgkQrA7DUoWCHEK2YACgiU7M3L+u +H6wbqr5pzaC9QhST5Y8An30/OZ8kRXbIGGiKQqiqjKz1NNaziEYEEBECAAYFAk2z1U4ACgkQ +Z6c/lG/u2qzRRwCeLbJjwE6AvZgLG/BUkz0rvKEa+PEAoIRNflozBlA+YDdnoQKZLZs4E3J1 +iEYEEBECAAYFAk3S32MACgkQKbpy5SnKohQbqQCfdzj6wezSsTlW87oDIL+njx2LTiQAoLXz +iph6r4LMwtjjQOVCcxlne3zKiEYEEBECAAYFAk3eXHQACgkQy46incp0F/+ASwCfTPhaWLJF +JDaEu/YeHTTTL+YnFxoAnjtqewP2EDb88xrlWrIFxalXyUA5iEYEEBECAAYFAk4gVJwACgkQ +RSkTD0jDxKKAywCeO7dv8IR3UZfIxhblVasXhYuThKAAnjBzOYgt06RgZ3tI0sv68kDaiVQo +iEYEEBECAAYFAk5WX+sACgkQ54CDaEA0rB0DVgCgoA5KP4MDPYFuBXvv6WsocGS1XNIAn3kw +iC3Ycaeszolr0Fz9hUVuD6OXiEYEEBECAAYFAk5u02IACgkQIu7gSICGBg9jUgCfUSsM0s+Z +s9kToae04EMrIhwkLPgAn0iXe96xYHkrn85oZ3nhaWEUg003iEYEEBECAAYFAk6DKYwACgkQ +QebKqXUHlVja3ACeIcj1XNJvl+PmeX9v23XUVZ8owoEAmQF3J5Vt6ccRPU1Y7uRZDk8AuHgT +iEYEEBECAAYFAk6Xef0ACgkQY6MLmg7x5BBdxQCgsU/0XJ1gg72SrImuObeEx1YwNi0AoIaT +hvfVT+s5dLpzfciY2ucw0D1yiEYEEBECAAYFAk7AzpIACgkQfZQQPxUiD+XBNgCeOk5pEBan +kIxHXrjS1PO3EmfgctAAnA2nEle+fDOkbIInhjl1btzJ8GhRiEYEEBECAAYFAk73T6AACgkQ +Q7yZSJQYW7nI7QCeNw+o+qGFg/wOLk/blD3i5dr1FXAAnA6BOKAUjxd2OBbgeCSAa4f1h4/8 +iEYEEBECAAYFAk8fEcgACgkQvm8xy08yFTLLJACcD3QQt84ovL1sVX8GD+dS1PpH99kAniTa +uYRUMCEuB985yV1SiEbnAsAJiEYEEBECAAYFAk9grLEACgkQA2HjKatanh6oSwCggDHknQfW +NXKkPx9YwcThg1W9qewAn2gMqvk9A0/SMs56bl0V0WP1spQLiEYEEBECAAYFAk/AUGMACgkQ +g2Gpt8VTCauQfgCfZdC5UIcCxR2DtkLcvrbaHyUiN9sAn2cGxYGOuKgqilSvZm0VvbpD9f71 +iEYEEBECAAYFAk/JJVsACgkQbw9ZzQv9MlNElgCbBR2h4kkAd+S5k+AhiKns0pIaxQQAnieb +K6JmRR7w+ZTXelgmuCNSY34siEYEEBECAAYFAlAEn7sACgkQhHBBPXshXy9exQCgsHJj/ER2 +zgmRohtKiAnFLhnJntoAn31um6tZpNKBI/dbfqy5vCw6/cbgiEYEEBECAAYFAlCH4wwACgkQ +FMetcYXGBBR7QACfehhbWjlsc2RG6KDmaoyWf89NmwUAoJfIWJbTTEWSc9m2Jx0CvbgXxwl8 +iEYEEBECAAYFAlCc71QACgkQDWclHMba8A4RbACff70REF0FntX97xbOpAqq5MVvZbYAnR2b +0D4wBvjhkhGzyKOd1XMsBKtJiEYEEBECAAYFAlCyjloACgkQrG7klaVFt8LD8gCeL6ma8+PM +gEm2OWrbp5r4X0O/16IAoJgh4FYEQmRnB7V5SxpYRi6btfUsiEYEEBECAAYFAlDa/x8ACgkQ +XwfmWd/M4aKnZwCfcUWHNz+YH4ri+L2qmG38p2AzF88An0YRIwcTIIo8cN94atELP6eKk5fB +iEYEEBECAAYFAlGeEV0ACgkQtI+Km3iznn/YnACfasdE5iDBxb63+RsTZ/JV828JI6kAn23U +1EXoCsqDHqYbvqZtJnFXz3jQiEYEEBECAAYFAlGkackACgkQAGwTpo4l07fHiwCghTJPF8Fi +ZvaM6PhJS6NpjFrmBlUAnjpMcFQnnSV369hZHwUUk0tbizJDiEYEEBECAAYFAlHRnJ0ACgkQ +PACeaxIHv7q75ACguatO57cz+pf7GLOkpA3loxC+3AIAn3RpaobHUATfsPHpdPs4ySIe7398 +iEYEEBECAAYFAlHgUjAACgkQhH8v0BGybBPT5QCgipCU10u8QZexieLZsar5WugLvmQAoICM +jtRgkrRyDaCJ1qyUU+l+h0tqiEYEEBEIAAYFAkp44HoACgkQxTYf35snuDJfngCePjs79/eU +C2ijKWzaHS46jdPU/sQAoIkCGsbEkvtLszbrmzZsS3UXUMqHiEYEEBEIAAYFAkyHed0ACgkQ +jWNzYAIqObPK2gCfV8cuYTJyvtUlqY9PyRz/X8+pXVwAoJroUZxkV09LPndHipH4s9CcDfgD +iEYEERECAAYFAkqrhAAACgkQPCTTtDfdTlB6uACeLHWn1tPKbdspchYloUAvGneGG0UAnjL7 +/xAJ9NAfxgFXx7idpVy40ueeiEYEEhECAAYFAkm3HagACgkQeoOvM0qRwiMnFACgjds+SbBm +p0n3eI7as4nTPmfyNcsAn2Iur2/Rm1/9wwSj+1hT1JEVt3wkiEYEEhECAAYFAkm3MhoACgkQ +GCOijNwGVgX/XACgrU669aYYDNqqQ1RUB/iX9d71tpkAn0Q0qIngH9eiGnTy2kF0wO+dw/i+ +iEYEEhECAAYFAkoKuf8ACgkQ3Q9iE8sonz3o5QCffJHvmTUz66NclQevbNpkwOsCJd0An3UW +zymv6agITHdr57uXKwRPLD9tiEYEEhECAAYFAkq1dh4ACgkQAhtUp/4d0d8UWwCfdx92oH/a +7ie0anEmNfP/xdlJv8cAnRj+gRcp4pJZc38d4AL7WuUDNbR0iEYEEhECAAYFAksa1cgACgkQ +A62SNDuK+EuJQwCfXgTJT/S2Vy0vrOZYM3L7Wlpp5WcAoIMkBSnNiabh5BVA3gNASJ0iQQpl +iEYEEhECAAYFAkuxjPQACgkQqfUM+6rPeLVbGQCg0gmPdaIoMCVeTP+3I4CiI7eZf7QAn3tg +UA+XPOorNeJnY31yUUblh008iEYEEhECAAYFAkxLc6QACgkQ7ct/1mt2BT9dwQCgoJ0PmNJ1 +0zhyxm9eFm+r4W5dsVgAn2XnGYewRiFRG+Kic/DPtCrxw+VKiEYEExECAAYFAkozrucACgkQ +6tS1kPaJm8D7ggCgi/Pg0s3pd3DSAuUJo2RYtVYn4wgAmwVpw5IzdrxFa9b4vHWoVk4D+HpN +iEYEExECAAYFAkpLxlgACgkQXCG0gVgsXfyI+ACeImgQboJtJ8dho/cLrr+c09xfYzcAnA18 +i7+9OrFr5fWktnyx9yPAU/CWiEYEExECAAYFAkpg19QACgkQRfXgBakp/8NMPACeO2fMTd7P +O57aMXYKmyS3yLUtqU4An1Ofz5cOoav3dson21dMzwWU2NM4iEYEExECAAYFAkrYcDMACgkQ +YG73NRSqvSs3HwCfTC4FGWZjWmGb847VAIH9j8l9G3MAnRMosNvxb3LtfmFrvWXW1FGkNQW2 +iEYEExECAAYFAkra0ckACgkQa4R1WZAXIBR5egCgs6ZFQVj/QHBSvJJ6eMyfxIQB9QQAn1HQ +XGswa5Y9YT1HnspBoorE04RkiEYEExECAAYFAkxdzFMACgkQlxen0Nv6mJQqfgCg54IGxEoR +lTZeOeVqDFLZJ3Hx36EAoKDz3ulKAbqzROa9OGB+YTzO7HCSiEYEExECAAYFAk1EJ2QACgkQ +USfn7tvarbE/ewCcCbUaqLsm+Ow1q6V84WFj2X1hd+UAoMCXT02si7Bigek3+irhxQ5elxJo +iEYEExECAAYFAk2nCcUACgkQitutJ2Kpi7imiQCgnPws4UzaTU7xVjLpzIEF2CoxUHUAn1R1 +6jQlhmsHMrxsV9jT95zyvPvWiEYEExECAAYFAk3Bt+UACgkQ+PdjyiEGL4Mq8gCePaHunYF2 +qfEgwmoPbg+xLifMsZkAnR19aROed1wkiFDc9DNe1mUhNx6FiEYEExECAAYFAk55rCcACgkQ +/I1fnT61aIgolACeL9TLy03VnYoDMVX+dJYOEF0ZFxMAoLdS+zxn+eeyOFXSHuYeKX6eIfDF +iEYEExECAAYFAk55sFEACgkQfqD91aCsfWogzACgsSCyMATRg9+/7pWJVrmb5+eCbyIAn3/p +1gK6GwV4r72JsgkQJdDTl+ZOiEYEExECAAYFAk55sKgACgkQQJ9+yGiFHpaokwCeOEd0Ip2V +r+ASTPsHFrtcd9vK+ukAnRoNUBaUSe01UDC6pifs5jwUxEljiEYEExECAAYFAk6d4GwACgkQ +xHWTfAzlMuW5SwCeIKYwHNH7es+ow7TT61+6Vlo1TXQAnjNHb3GTLjsPEioJ1Fz+HfivEs04 +iEYEExECAAYFAlC08JQACgkQHVrMU4wTbro/vgCggDAF5AlVKxyOOwRuEkBGmXwIQ14AnRMb +28b44h0wk+UAT2NmtkGsUeeHiEYEExEIAAYFAkslJf4ACgkQL5UVCKrmAi4wwgCfVUxGrAZ2 +MsgHFjfXz/uXwA9kQoMAn3VayQEgONbeJtemqUAcYMhL59mWiEkEMBECAAkFAknfdWkCHQAA +CgkQiTx0ar4roGRgdgCfa7Gqr7wvENZaWzKf1B5CgFWMzz8AoJNHqABgmQ9j3FChNjrgHLxK +WV9YiEkEMBECAAkFAknfdWkCHQAACgkQiTx0ar4roGRgdgCfc1G/duExdYZsO6Y57GUvsw68 +Y2kAnRtN1MulQQnmCmjVPJ5Hhu+AKlYviEkEMBEIAAkFAkyHe4ECHQAACgkQjWNzYAIqObPh +KwCfYPUvCBOcUcn2l3TnHrbh9/j9t+AAniPkg4ai0q5A1H5i+i4DWWd42PZsiEoEEBECAAoF +Akp2vqIDBQE8AAoJENTYOw9Rc3P6uAgAnj6d+iOoC3e+9DNPr81NCmktaXXGAJ43y4ACtLw4 +fStE5P6RySYMIJ6SJIhKBBARAgAKBQJL2Y0DAwUKeAAKCRBHoK+D8U9U3Q2DAJwKYzOjZ7rq +4QBMEwBaHDqLCpnqVACcCpwyYncYioalGS/FeTFPpQT420SISgQQEQIACgUCTMPAWAMFATwA +CgkQ4YVPBIgxmXLQeQCdFUjtcoDjMJTd0zmGRCwW+vtHDZkAoJZ9fa/990Y0ws6KLnoGfUJy +VHkyiEoEEBECAAoFAlEsjEkDBQE8AAoJELLmm7+r/qQS+P4AnRH9E+RfPQPgYYf4ourZOiSF +aJyHAKDQB7giziGkTjEM4IhiXwxQM+Xjh4heBBARCAAGBQJLqImyAAoJEGVdM1P2uuXYWdAB +AKlyFP9oYoCkoTScROWkQ5JiJz91X3AXDSnREXKvcc9qAPwISz05YxCKi8jmxFOBqMa/kH5m +CW5t8zmIBkWeHLZBqYheBBARCAAGBQJMwD8tAAoJEKlCxWYTnAnGOe0A/3ZCJB37Xs5WrGxk +jhoyiUznr9vAAeTE5QuRdw7JHy1yAP4+MRsArTLnjLg0UE9BJ++jXMEs0yhY1LmJ1BaE+7o3 +KoheBBARCAAGBQJM806rAAoJECJzs6qakwY+4YoA/1koOTr578WTDD0eKu1w8Lem4cJ+mHfk +rZSuzgE/wjb+AP4i5NenO+wIWwlarOSju2U1CsPm9ER5N6he2v8uWfCViIheBBARCAAGBQJN +A+LnAAoJEAU4JBybGeWeFjQA/RI6N+m4zF7kUdhC1gGaImIXaAuxJxzsijbog5oqouJWAQDe +7qARMzgkseXjPCAtJdiIdjfH6q9woeSOnMzJAx0stYheBBARCAAGBQJNR16oAAoJENMpAdC8 +RahR3yYA/1Nak/XcakJBFdbFsaVIttGLRCThrNS+3Pe6PLQmri+oAP4h0eCbdRag8JaLY+hv +T81132MG/1cC/ElfNvwIYbi8kIheBBARCAAGBQJNZtYkAAoJEH+6szYqVoc4L0YA/2JEZr2+ +qBNAnyKJxMe5CmS981pyzQPbUVO/MN3UDjXYAP9Qtkus29Fl8LCloxEbA4rySUSeouE40/PY +TTYXu3PGq4heBBARCAAGBQJNZ4JqAAoJEAyVctKFGYtJKIIA/2GrhjA1cbkJfwoWMb6tD/eu +M5tbKmxzOd0MlTaGn2kmAP4hjlX1LSe9zjc3OL/GmMs/h2NKow+DaU40u4Rtf717eIheBBAR +CAAGBQJNe9EjAAoJEC/yzcQRJKRpQdsA/iHaRszpB80EmBcWHQzzDqwXTn8D7A/j84m+AvX+ +9tGaAP4ze58hJ9JelytYd4mBO3D7//J0/So/qp3Q2kAkHeSytoheBBARCAAGBQJNiRbZAAoJ +EOBxfHgEF0pAqCcBAL8mxwoqicbJzRPJqIdn+4pGP7Q3YdEF9YXqQL5AvlNOAP4sqoi65fjb +Qgj/FozE63If2b9CJFasNujWMRt1De7ewYheBBARCAAGBQJObKRWAAoJENywI62Bdfc6YBwA ++gO51X3BRdiLQHyebM8KLx8A7elghQBMNjOXcXjjKYQYAP9tajqDjCFiyLQp69782vK+w0Rh +4+XYkRxYf8kNZSY4Y4heBBARCAAGBQJOdVcUAAoJECH+jv8iLlmLpKMA/0WW1+KDPF3YduEi +trlyPONKaKvtm/OA0VF2RXy0mgT4AQC9vPkLOJrHpgPNOFX5JT64eJMbokO60q5kX4KyFl1M +koheBBARCAAGBQJOog/3AAoJEFei+I/4CJO2xjEBAJZuXK83pG3W/VDxzyCG3j0BNjBrx+xZ +uLc1epPY+VpCAPsFCvHM+XkGhRhi6/TXfAoN5AFhNmGGRXCfkM8aVh+5wYheBBARCAAGBQJP +RXfyAAoJEG5t6poCPMjhTAMA/20GfPXqNR5E6usw9HHxFoSprcw2a62D3J8p9ZcOdvWGAQCf +/QVPqnyMIgfluXDKTBYRU5zkFeTwYBQp/8MHGw4MHYheBBARCAAGBQJPYKiCAAoJEIj6N1vg +A10lo9IA/3dqhEdhf2Iuv/w3WXtMObmIofFwSM/gZjcmNW2y8lPEAP9hvkJAa4REhddC1orJ +UfydpCIGau+7xepGBeRzH7nsVYheBBARCAAGBQJPk8FvAAoJECMdc50TbFxxXvoA/jiy3TmJ +ZeX7eOV+miDMsTEYgDbx2a5InLtnpyHkFfTnAP9CJ35VQsxvGpStVGY2qK4Eo5mgZnFWj6w+ +7c9sKOICF4heBBARCAAGBQJQvJIzAAoJEJQwk+0pTn8KldMBAIJDq43ej8UM8usKBd0i1Wx1 +tDbensGbEJ0j3R6nHIEEAP96U6E1hJZE7yn3AKfWtUqTMQ96CWPn9AGX2ogNEpaWAoheBBAR +CAAGBQJQ4vu2AAoJEJNyt0CyWYTkvrgBAL/7P6b9/Cn8pXuJUCnXjMA+yA92lBOLMFCoTfT/ +MCxCAP9944DKX+42GafsTbmHdWMXs+Nrtv34fSPpNlEvbd59KYheBBARCAAGBQJRGU5oAAoJ +EPwmQrHbFcH111QBAJKusutGGdU25kthow6IE5KUUsHbg26cfvy6Sm8LY+aXAP4xTenglnA9 +BOmEP8AKAwoLozebB/jS9hyPU65+/LMp3IheBBARCAAGBQJRZ1bjAAoJEPOUEFYKqQCKftUA +/i2R17h5aiYxdQcv8OfPy6fShVmsa2vAtkGF2hX3hDZaAP4jOzNdHOKIE2BgtJRQ4zdvxR2+ +eTX757Dm+gFTYWiKZ4heBBARCAAGBQJSFcNPAAoJEEpRx/DtRvDL80gBAMNJSJZIEdCTiwLx +B3ybMSMaezrZDUDtmq+0d/Z5TPyzAQCinX8k60d8o0LErGcgYyiMvyHPf4QhtiFVGjkncoZe +ioheBBARCAAGBQJSKoWgAAoJEMLWMYu392PfS6wA/ieFZ7yWkYdKDC6+FNbZmTuKWTyQdlOV +/GpnbEVDxLP6AP9PunZrZntDClCU7iqEfN3b7j5SZao1u8MOpCH+uI8Mw4heBBIRCgAGBQJR +Qw3SAAoJEDSAFE3gA10l/2MA/2XfymgYbv29zNphUvzzZSlFvH7ffHbTPXCdEkJRUQPHAP9i +WuNYG5jDMYtAtFgpuwj2NRGVcA+N/uyhlzY3aCxiB4heBBMRCAAGBQJNr15GAAoJEKinkOoi +BAO3RSMBAMde4H9PkaFkpmlykV7BxR9LoKkdqpIWxkKAuPnk973EAQDNqje4FnLLMrhMpswj +9Um1i7rfwCksnYlf/vZY1cCDhYhkBBARCAAMBQJREKLTBYMHVqmAAAoJEPeEHnhQkcxhQK8B +AIyCM00P/j2AM+UpihkGk0k/DidHhv2KYwMEtfeYPT3gAP9kpuzwzEi2wD1DKP1Gx2lY8sEl +OeUpg5ByEwL4UJFIu4hkBBIRCAAMBQJRn3jXBYMHhh+AAAoJEICU1Dqrdkd9aaMA/37vs3Z6 +XuwHX/6w00vNzTjTsMGUhZvRFRyQZn2g9qV/AP90i6QnW2kqlcVcf5ySUweSH5oS/HYnCloR +PEcEoRBZLoicBBABAgAGBQJQLm+VAAoJEELmP5/T5MdUDi4D/2T+jNcoaj434yLKhGcLi5wS +uODNMRVBnyRGYRIo6+YPNQZgt4M5qR6U+z5BZeJtrVE5Pdy74z533z993ADVQYtXCZthGyiA +yzj+GUPxiKtgMPTjdyEH6JuEU6fDjErwOvtI/BMpVNlzO29++UTJTb/FCQeJMmKiYFV1X6pq ++Jt4iQEbBBABAgAGBQJRg1zBAAoJEFsSJrzl6SsqaTEH+Ip2zIaysC+NsfdRGCVQ2dY/mzfu +vQ5xI4a4fTp/DwgcYmx4Ox89ztajgyY81R9uZwsDUV2atOcMTuuwWwLHyEwB2Gp3ONh2T9kz +zzpLmuXR20sbGPUkiOn6WcIIftItYIsEiaOX3OIOX6VRfIuG102Fa4q7T2VDf5h2YGDynz3o +3AFvXChLmfWbzVzXobV/b8Irs1awDrnEcgw4gKwXW0yBPKXt1LHG0lLrfc38Gp0p1GxUs6XY +KuXN/BRIm3McZT7R9Ewol/lwwcAPzAK6CgujH+wgKZ0ZeFWJhOsNqxd18+Sm3jRNrZ7mtCoH +YvMQ6clE7goebMOoWQkXX9GWzYkBHAQQAQIABgUCSps3zAAKCRAWnrrftoL7+9m4B/4oOvfW +CU7jxjrO3RmdNS0qw1ciPfj2gSd85W4wcPOlikBKyFtztRWejiCmlyVk7goyDfeSY56/YA4h +PmjmxA2mtfvMxqUUhka45bwoOYmLgs3EilZLuXi+E50zgXUoOo8QU73zgRhLI7PeykMxYxEH +2kFwuQiBKCC/yfizb+wlA9AF9nOMIl7AkjkeiBo2QhvWDXziPIK+w3PGXGuMnznxbqETgbLW +jVVMEeNp3iVIBOI7+NkNL05bmWCAbNgmWTE+0xUUeAGHNb8+peaeFcy2uJ2RLPo4IklXHf2X +iMo00A3g7zWGSgtLsjBuzIA7CDjTKJ/YiZTsOekD8Cw0EGFViQEcBBABAgAGBQJKmzjYAAoJ +EGzcMzS//n/eNScIAK2XlHBxw/XLXbGp0P9+dVbTqYNcV86h7o0VgWyAWZk8gW/Fg+lvMcMX +gZzovTSKsfbGMjpetvUYARGaJdCeqsSTpDic7318bydI2POFTTmxMeG8ONAsisfs+cw2YY0q +NGpKSnOmnaq3dtuzBTFRd54b8elJuTFsHgX8YwdOIHJ/JAbZNk1Y4d6afPl4DiPGL3bdrPro +hj74P4VsKLpFRHwHV9uAdo+EpPM8i1oczNktRpoG1OpYvqWfMEHnsZJvBxuhE/W7ekUhwnjx +k9I4m5t1PDka9ykUwdsXrHdHiv50QfyA3Mp+iRGtWugSsN3M0HSfnEZ0kS2R1sdHIlwgeSSJ +ARwEEAECAAYFAkqbPa4ACgkQB/VS+fEXKusMCggAn7YBbql524k2nZVoSTPX9WXPul9W95SD +HucUeePjOj8s3SxxInWHCrhtlYcWEhQ50MHhkdYXzZxHhFnIs6J7xCiiCuxeGyFFWlshenmC +K7XzePgCFPjdwJ5it1m2pCkpaE002zTL4/3XtSy3tpDFuy304K3mp7bi8pUfPF9mAVdr95RS +WZaYDYgQVKAk2aZc8sYyOj1DsoZWoImF1g7//4r/bEnQkAZUD5Io7Fryaz9Fi3tcK3qOGgNy +xFiDCVRNgCH1aBpO6MwCVyFi4lu7RPujevE4ilQCA55ZqK5Dikz5cJXO7YHm4srgAb/YkzK2 +OXSK4TJTnUg7YFrGGFyeoIkBHAQQAQIABgUCSps+EwAKCRAe3cMVcrIHuQ7fB/9BVZONvnlG +FZ230W7GiHopI7eZBLIpgTjmMVzRVCJqN2EApB/8gx9DrAnVesMYWlaPllGBdz3Xcpf5li4y +aGU9eTM3zjrLStkRTXdMMHaLsvOFYXcXofhHa0P+KeEFUjoDpbX0T1p1ZJbtNGaBGg2YpeKU +0V+doTQrP3p94bt3NAB6/Gzh2lPtVyVQ6NTsrG74uWLujc4XBAsqj4PRDTrAtvta2c2zGzSB +lCAwjV/YuWU9aawNK0y/0bKZSEwGYsEunK8WkBTrF6Byzerm+ryvXMRmlm2w1dVWg9fdm2Fi +PBptIi2UHf21qgOImNSoYnoq9sfhe4VAEtVnXq1idQ+hiQEcBBABAgAGBQJK57RnAAoJECFw +HpJcEbGwW4kH/Ahpo4gNwAlhZPTbLnOOFp4Y/7TfmBAcP/Gj9glyWjlSDKsUFKwxr5FNhvbc +1NNIdkrEUyPbDf3TfQaeqrZ1k7iMc8O+OnVI2TvYCKkl2w3qoGwAQs/AaAeq9BJL89vbhsU5 +eXKA/rIdC22kGXCKfbNnQwmatN/zP10YRexpzSzAi4KkbG0VCHVNZqHbG1j92ib/vXem+yx6 +E0N5HjL6korfYyUnNb7oRrl3dYKDTSkKWQLUEQrvmlJ6oFqRDFKZ4Ao6iInogdSGL86YXF5C +K7w850q/urV04hMTmmCwlZJLj1LObhVkD5DqsijNeinVTZl2SD/OXkH2a8OuL2XEPv+JARwE +EAECAAYFAkrntGcACgkQIXAeklwRsbBbiQf8CGmjiA3ACWFk9Nsuc44Wnhj/tN+YEBw/8aP2 +CXJaO1IMqxQUrDGvkU2G9tzU00h2SsRTI9sN/dN9Bp6qtnWTuIxzw746dUjZO9gIqSXbDeqg +bABCz8BoB6r0Ekvz29uGxTl5coD+sh0LbaQZcIp9s2dDCZq03/M/XRhF7GnNLMCLgqRsbRUI +dU1modsbWP3aJv+9d6b7LHoTQ3keMvqSit9jJSc1vuhGuXd1goNNKQpZAtQRCu+aUnqgWpEM +UpngCjqIieiB1IYvzphcXkIrvDznSr+6tXTiExOaYLCVkkuPUs5uFWQPkOqyKM16KdVNmXZI +P85eQfZrw64vZcQ+/4kBHAQQAQIABgUCSwjvPgAKCRDFTaJf24uWfhS2B/946iNav6aPuQPZ ++YEJJwkK4ISicClbzNMWceK4QDZirY3Z/ySFGGsfO8YB8zjZGoNvmnvgnwugto+JLpdWmA7Z +ZH2IworUcj+8ZehYA0rdGGawawY4g/k1tyDqdxqL86tP2XItOLP3hkA/UtTFnuHmeBh+Pbfk +ZPM/IazzgrPys72E2G5GNSiztYiO44Zj66U0zl1sozg49YoyPagenethItswRX5SZT4OzJdG +HTwC8j1MR/9eFrLUf47HTV8fC+fPD0lfoMdPlBVD9+mPF7P+lkMUMyOqqj3ANT9YEB6Hguog +5cAmCyXQvEuLVGGBgbe3SzPaPH/N8FHGbUhbfh50iQEcBBABAgAGBQJLEuB3AAoJEBWI0NIW +dnDTa6kIANvxj5aDRURLkeiwEVy8fCpZCBeAOQDSu1fhgp2oPDMBjhy6DWD3rhL2HN0x8iu0 +20E9yU/ZNQVL3iQW3s5DWA7I00HSGecsVx2iYWIhYd5CZIJt74PStUTPZGGo+MH/T7ByoI1b +AyRPsb+zU5Za6nmIUC7adSPs1rfgt3r2AYNBVOeg0UtZ1wrPPO65xxs0fKrMepVgC0UC4VSd +bPyyqqlhP2oyzRpXWbagCscMq9rZmZ5at8AkPdR2J5glYb5xWuKFSVdz2T3CGO28p2fXXfb/ +WjQKbNh9HRFVBSIuUvsfe9PW+qV1ur6c9BPOQ3OnFS0LRc+WBdRlDOeyTJAy8xuJARwEEAEC +AAYFAkslHtIACgkQVLP+2sl+x7VD2Af9EH4XZoKDCcJ0KpbrZlTZmUvamIt6TqG66zBF7wps +khuTz3zvlI0bAJ3GknOtlqSAs33jxB2qSU2OGaWWtG4e3313bKv7NSv5STrIk2EG+TySMFRu +1D0mp96kKA/yCcoMvnQixVhRney7lc3EPBG0kOGxD/az2Tb/9tEsmtERIlBbjo2AogIZzyF4 +E+qvG16vD/PmuS4D9L5cn7nPG8PxU8+NiMIvWUbh850DUcl9p9Mu3hJyEHwCIlkJMZoQmB8z +QGkmCUEPxflsf0I7rOn0G0QGhSHQORTgSyIC2+4oLTRt6mYwOw1oeKli5TIvwjBa6g8C7w9d +ZBlMx1k8ppCUsokBHAQQAQIABgUCSzaRSQAKCRD4DfcCLYsUBk00B/9FuARdXZmqF8zNb+fq +EB/hatZxmtExQKnUpZBv/Oet2/T4UED5oitlrTQEl6+w+h8aKnGT4z4vNTIcsLYrIxZkbuJY +Y0FHFIeSPIALNsVQNgH3mW6C1TkR/QAA8Y/QHmjWyRaxb3iWAYQC8tLMdyy5AlSGvPRFB5Mr +74FE/Xty6Av2jbv3akq3qvFSGx1ikcPLqxYLNOgaQ96XrB4lOXbJ0EwnQMarJft1SCNg0bXy +jOJ/Yp9l08oJ4jY2OCfTrTnbKUCY5k+TwUIyTSMKfmkS52P1WkybLrqSEfAJKRphZ30tsOID +aRaAmUO3U7+HLwqMVMPams8QnuDz50KkXuYpiQEcBBABAgAGBQJLQI4UAAoJEBXauSUVOENd +qtYIAKTk6GTLrRmGgzAmNfR4NZPdXyuA21Lz7I2mPtrX69iDVihT1QzWO8OeXQ0ry4AMHVLJ +LtZE1uI0IIwO3uHHWbWY3b3MNG5HN5xVTP3UC+ZfpWDbGrjz4ATa0GZGhJm0J6vs8a/BsUOj ++dQ0Fi6gv+kHJ+Jp9zIvRvgHUmcZiDsusV2qFI5AanO63PZlbVnn4oPqezwB3FHKdE4pCKAo +M1OjTzOhsobCtjGYuhj70TQVcF4VhsUx9eCLKx6JwgogFkGTb5XiunMSdBaOHvM/0VVxDTl6 +Ims+pM30rHtqyoflIz9BgOASafVckPAnK7s8qFK5RevAPhOdh51xqdAqQrmJARwEEAECAAYF +Akta7v8ACgkQ+ttz7N1GEiGBmAf/eCnX7uuqIEuWx5j2sVCDFz1toFY+KDfe2c7kXOe8BiU9 +tTLClOmFrYjb3eyDMGnr6cSURpLCxzNYAZOafNkC3zmWq9nDwdRBV0/on3WeQA6loxIo65gG +aR5YgbtQ0WjAk3OPEMVPjh+fluVNCIEd5YnorDZLtsMVUmQpbUtIZQcLL3E6W2D+ETsV2tkf +Neh3Lj1JapbOyikIcq82o7dq9A4BYb1+WDlbkxUWQVMXSiA+js+QLAZ1Rj3T3DFY/etGk5BM +p8pTbkdUfdP8Ton70S/NyzDCTUC8yzccLl6eSnj1v8ZwNmT0zev9gt9T25/j3IrIalDgMoUZ +F3KxErY2CokBHAQQAQIABgUCS91b3wAKCRDBop+eyj63/EfUB/9+7b/r+yckv/Mu7pmlWx1X ++/3Felj5mMRv6gxLwTs5P62RWeZfnDZUZ0MQZGCafpyzwKquADW2GGn0mXIbg7qUChojS/WS +5kdRDumqUbPrgE2nLpEkeLocH2Tcfsxffzm+8gjp820AgCLbYii35v51W32D5V2L9blS7x+2 +SH7CnO7C0jhIPG9yDLQA1WJDHPEKlrUyenj/PWwrYAvJUNyhCRydBZ2v52RY+rmA3aYOJ5EV +gId6XhE15mvlXiS2iX5hDXG09ynz03U3PNOBxMxWW3wbDihQ4cihMMgITpWZYHo5GDvTJRWm +3J/LpmMQRWlWf3hdMumCgXt3OzmQoHELiQEcBBABAgAGBQJL8HAIAAoJEAbXGiR4Uy6S8O0I +AIKz6AD2/OrFOK0gZ1ELQRQPk6ZJH/HSTdEycvEhngPLyVDK25viZUfkcnKHKzVAQmMWfwqS +FJrRBb2IylK2I/fL9KDVC/pf1ejn/w0RRIeKps4jiFPuCIsnvKxCTwgCtDEJL4eUrA/SX/7g +nWvJgqCbQVaOXKmjJJ1YfH77MszYzpwMHICvRLGCgIMkOEDxlu1hXQ15FuK6RlOcs2elAmn4 +6AyEZDwBGUW9PFKiffWWJTUsJxd8hDflD7NZfP7pZuWCfIxpeh8FJ25raOLdtDhL/8H/HJrE +q07aFlnjE0vQ4hCkeebZe7WXdguykk9Hw5vWiDAyB6Cc1GVLiAlMexGJARwEEAECAAYFAkwK +im8ACgkQiQg3yKlCMvIjLQgApx3zB9Or+lsYP+WWcVoHt9VI4UoV7lDfV0Hi+iQdbVmUi/9u +zyktPtLPlBMd5O40u+Y/QSc/oxSFoGriNPEYtm+Y59qOG4ksd5wWlrf3D93fCRdnG2nMI9T4 +7kPwBjiYl4p9x0NtV7h+gocBCTuBqI3HW12YLKamoXcyUIU0Sryo2wK0OLP9hEGJqLIAZk/j +tbP7sLzjXYudG2QtnbkJ2KNjczDIkVJ3J8UeObGAZWiGT6ZoCH7Pb31ZOIonkkVc0Ut7tSVW +9rFKdgPo5zAEKmAT4kUT/6rni1sx9S3fOfLG7dTK+9eg2/OZxWQCDdYd6IDYuXdPB6tscJhX +M2fwT4kBHAQQAQIABgUCTAqKbwAKCRCJCDfIqUIy8iMtCACnHfMH06v6Wxg/5ZZxWge31Ujh +ShXuUN9XQeL6JB1tWZSL/27PKS0+0s+UEx3k7jS75j9BJz+jFIWgauI08Ri2b5jn2o4biSx3 +nBaWt/cP3d8JF2cbacwj1PjuQ/AGOJiXin3HQ21XuH6ChwEJO4GojcdbXZgspqahdzJQhTRK +vKjbArQ4s/2EQYmosgBmT+O1s/uwvONdi50bZC2duQnYo2NzMMjvv/Rj37jDsi72dtIvG3tl +qKb7k7ad7+7s5DzZHrNoe1b2sUp2A+jnMAQqYBPiRRP/queLWzH1Ld858sbt1Mr716Db85nF +ZAIN1h3ogNi5d08Hq2xwmFczZ/BPiQEcBBABAgAGBQJMViPnAAoJEGt1H/WZuhSyYFIIAKxT +d5qx/mkFQhBERUJue6fQg0jg5zXacRXTIgk1+QmZvUNmtcOyYPdhL+6MAXTv7BaQijOp+Q8O +e766cIWSx+tjFrOLEstCQa06wg4EDKli557Cnhdh6+90zGjNu7nxhQSM3VH5izbs/fSOmSS6 +52B+FCsmvKb9wx65Jx9N0tqp3UqNuwzE0EZLuotanPCfYsd2WTRLjcxwbDIvw9uHHyktGMzJ +QJsIMVJxXm3JYdBtGIFsVh5g1O79U1L9buY/sF34z/EBRp0gyjeasPELcMObTJ9mhP2alm/6 +YhCDfz1E1yHhpStOP6MN2+mJvBzH12tMx7PoFZdgDkU1O0q/6f6JARwEEAECAAYFAkxg37kA +CgkQTIkKV1JBZ3BLlwf/awOKib4VwDgWQa/4ZPReH5CV1YNsvlLRq2B5JvtHR/dCxrMMekCm +wQkq/irCPcLIG3B2qOG7VFUbNevXMP2epIoc49544s5dI/9BCXLA9BMCfdtpWHBJ+FjZIXkc +D9rGy/mYAfr6Q7ZoqNVx7IDIH5PtvlB9BYplZKP/M6bue+OKOJ0sxjjulXZdk7XPbh1STBI8 +vACqs9ia4tt0wIUttbQv75ZXquozsPSGp2LGtOanPDSurf/v8ZSQQzJ7FhZvH4vwADGlM+ys +mIt/rN0cWYXojvt9fVufW29dMgvoXQGOWWV+4zku39CMwL8Cg1h7fdtOi5L17Hh6Q08AGQqA +AokBHAQQAQIABgUCTHJtPAAKCRAC/CMR5Hmg5SmcCACornHJUqGtKIXSwli7fjM9ooN/hSwR +IALYdAvErQ+DohMIZoe5x0mf6MrT8U4t3PAAXuOHxcjV7BRx/KWy5tDMsuddrZN/zDJfw+UZ +dOKE6Myn9wk04+cqUcPz36d77jWFBoXhFJonxixlBnAz0XBg9RylXt+8tkk7nGvUr7IKuHy2 +XWn8DzyFM91AsBqRpbGk+x9WDZmTH7IGJSo0T/i5L0HDHngGX2zn9QLzKe0YruOkXoHauMYA +AIxj4WWHOVxh6014skodR56WwdAgzq4AqPUCQFZ4sdI6fT+Bgmng90od6cmrxobqsmhwNl1f +uEoG5uuc/QGVcjWTY6hMu1qYiQEcBBABAgAGBQJMgiQuAAoJEPePn+hK5bYQgMcH/1OZAW8B +yPmu9MxHrYTJGxZQiAUkHvNuWvIRn+Ns2mtKkHnTBF4KxtVrcd7n+076LQNypPPmxOEBm0ne +m7V+P2NxLXsf6JdRtWNV5mFcGWGbARcWt4DYs65RnAVmuXbqZK69dUtUQJDdfxqpHsFlQW+R +t/TVNK5uL2UkHMBA43N3661ShtWB90dfPl2w5vvLfjbMGjueBQiIlymEh7FVnuPzAiZFjYul +tOuMy/l3imY1J8W+pzoigmIy7CIF1IZVOQMrcK40l4yrmH5LKVONfTJTKCLdy6EbayN4YFlQ +/HvTDV2qc/Vf05XUBtzOWbTwSCamxtgNndFdkZcdB2bqCHSJARwEEAECAAYFAkyQ9BgACgkQ +OKUSo37/2UF70ggAzRTRSbEa0MxHKslLD7a+bAv4aQ01qYkXDP0AtQRbAWZjbTlC3oSYXz3Y +SI7bV7r73ZiPOM7KlvmIFgKAjOL801N2OIiTt9m0QVZTtabExMaZcB6Frdyq1xSIWpZO9y3R +lugdVOXujbFhLR37YsjymnSbgwb7PxdHXqElACOOmHXxgw3oJ5lAEvXT0DldvKnXGp1jy2mc +lPt6q1Ov48lKvyLfy24m0mZ2jFJdMdzQrJxM86K/RAMvDWmn0hXrTCRA/jmRE4dodghG+kW5 +uLamsv64PVHTaoAUs9VbwYtMjHb78WJzs96t6Z0MHA86J1SP6z1Wgajg6S5C2SF2PpcofIkB +HAQQAQIABgUCTRAfVgAKCRArpalZEIed8AbGB/4lV9CPC19aKNJVvTe10L4GfsHnRlsNLfgO +p1hVoMMHSsiZjEOdTFTUtVIod3QRU+Av8SfhHgCs/kTAzWbaKKNnzFg15hQQvJrtVemZ+JhQ +fsdO2Ay/NtdoLtmOU+1vDfn60CuJaVZuFTlDSuc1WeRUw8XAAiIXPtSNz8jYWV+iIqhbJY4e +SJu3n3q7kI1jdliAX8Zwu0i5hmH2RME5VV85uMwxtyhpJ1f6D0Mne1puu46qPOZIufzeY5ur +OKPRHJSC18q62xS2bm2eiIH4vCfoI+Xeru8U5tkwYD4mBPTg9ehk8czmOI+l3g9+Fm5TuBW4 +K/acMjoOp6PdxaH1yZK0iQEcBBABAgAGBQJNGX7IAAoJEDOHBWgChhiU/N0H/1LHAKl1qGk+ +Ky12688269W0zKMHRuhpA+Jf6Kn0EYYSmnC1WA8CrLvUyxFy/ej3BTJY+2CYy53LwWdqQUH9 +5Bnal46Zf5ExFRoV1rTKD8FJKHw9iUZ292tosL7D60C1gs1WFA+mYzrBK2tsIzCDhEacB6ip +ORJfkns3EH/RHZDGCew0cX7SaJH+KwLgqNdvkC6EfszZ0LXlszu2HQ8SWb8RSLUOOoSUmR5+ +gCDmpKfGDO72rK1B7bB4F+Rln1vZu52x0DsSjvmnvuSXdnG/wlgdbeGYr8d0Au4Cw5pShK7N +8H3McfQiWRV3mSm/Cv4iITlmAn24kzouV0N602j4O+WJARwEEAECAAYFAk1QG5wACgkQo0Wc +qqOyas6/jwf+JKhe9DRlqRScaPZRbDepnupUgH/xSobvJySaOtoSaJYpmRbr/QehRfDV36+S +Ph2++Lt4Bpm3EUWwSPych5g/FrQvki5TigvMqrBsXqtgv3eMOOijq7ck17rB5jvpnln6F3Fp +w7IlrCJzfCTvZH6LuWcR005V85s3hLttcsVoto5uzJ2PAHxLO1tiw3dBlY+Sjar5W8XHwPlh +Y5nqoJzvhL0cEbltvQ3mR9Ioel7pRLCjNX8S7NHVafHW1EXAVAyMUcJAswjvkrhvrYRcfm/s +Ua5xiGvPa6gd89STW3chfF7eLFrDVm+6ZpMjO2WZ5ElWY4hvqRGNaIwsuv4k2hxuiokBHAQQ +AQIABgUCTVP1AAAKCRDFKoUXoLfYLurYB/98yEPOuse/T6FRPVY5B7Dn08/N1iQuwiAL1OVt +2ZBSc+KlS0ZZhmyH7V6kZTwMwpBHRc/csPgKuyn5dU6U2zdNrEX1kiBGkD/ZelpbDItnKTJY +yDJKpEz80rbHsiqjIZWMhs8btYGX/PS7kaGPHNXz5hyRwh+c0xMN44MmRF7kWKCPrRlw7oUf +luU1Avh0ex+pmKTuTDMm0iVPPI0vr2bNb0HvgCR/BjecTclGplFQRdfASKbm9WlOmgdn0IFy +GuMrK7m7tIQ3xDYIFHuyafagiM0TzEf6H6CFJzBHC0Gb3cs9DASLbeXTL+cCZZF1M8Zpdavb +zc1Hkzpxnsnp017ViQEcBBABAgAGBQJNVCgRAAoJEFVzpOJcXGFhs0IH/R+uLSoXMJZ3lRUY +aZ7EAYJRZyYGW596gAn+0rrwDNFQz2OXcDNmGtXjz4otiU0+LAIIAfdVU1ydRmF8YF984Q3p +k42w8XntTKq5OR3ayQXWKDRlbDnfmvXLq4XWYyzH9LxGy7PvrYMTua4gnOSjmhJS17vciuLM +jNhvzgxxC+dbNumr2LF2K0rlD2sfXt1vVfLWsNO74mQkZy8K3XyUXsVCmqqcQiiISikyz1YF +Ud9VMYwG6tUd8aRdAfNmpXDRocWPf1/hvUaHncoAAGVPJk3NJNitbF5f/egHsxDS2qYIsey0 +6ilaPulswfZr7n2crGzk82yidHvk2WGePvfAFhyJARwEEAECAAYFAk1XND4ACgkQKnj8WGzq +mMpozAf/QFeFaWEo85mlDeAiYE+C9Jcu18GOGILFqU+EJ+SEZ/AIwQ3C4bR7YmcWgSRB/Qtk +YAUqoMenKKoysfdtKR1tQmpCaoBjDVnChhCdZ5hU71j7xw+sPnpvGjWgZUbpX1fDUyWY4alv +NZW7jva8pNXxvNsT8pe1/+TPAVtim83SpdsGIGs5WnBGD/8wo2/u7bJqWDNMSJTYiQssoKDI +6j9to3pwqviT4AVyDsH0M9LaJnJCdnHpKB4qtD93PKayLkgUoluP29HAeO3qnepFcYXSIupB +Dn8EscW/kQvZOjBV0IfgUIpRDup3mOELpxx6jRBzezE4/PptM8mzbLcv4sfUAYkBHAQQAQIA +BgUCTV7yIAAKCRCivuCSi1hE0Ke1B/0Wo418HBLhuEfWEMnwmAXhJ3v+KOMXlq6FpnOZH1Hu +wR+YhrukD3M100p5DJhl0s6vVqU1UZCTNoIqsxsVEZjl9RG2sInxzt+nK8xrG9PCPsU+HjOk +uVXRdsaP0ytjGjj8f3f0UNlAPjumpq42TKK7X6FScEKk83IFUAIxRWrLklx35p64nisdkvXR +6YkuD3eI6mBMwKrTQhQecyWiWveRsSBVEv56XVbv5OHOXDuyTk9mrkSYfn+6Yj7hwrRgGsCq +UP8ETqsc9s37I3tcAyyTG6O/BrNdLb7F/G7aGjrXGEpoceCs1ZD8E9dxw/l7MLaJTmVKju61 +nc95+PLC731OiQEcBBABAgAGBQJNbTdWAAoJEIHq7RE4XPLsw64IAKGWiStTA71Yl7zzmgcS +zGP1A1VTHnS30dB5n8Z53ylFACZhKoHTNn1UVw5AnRMNOrHR+aHA2WIh3OMarn6+qJYGrPPc +45JAMC/1Df3X87nVber98zBqSFRfENuXOsSZhFvNOgUs8GRHgleMyCWLwlG+MdhatX+/YyEa +o1U+p7F7eeQiopoAG8A8C+mAt4L4oJX9dP2Bt01bkKJtmfR2+VvN6gxp9Q1VwSW9yAVBYeF/ +1wEyKGaKyTb2U/fsLIxxoNlpVJfuI28QaixP8CNfdw5bAT7cq71skt2jJEjwbtQzBL0fZoQX +8t1GMVTNPv9TuPQlF/hjunfR4GtgrT9exBKJARwEEAECAAYFAk15BJ0ACgkQ/wPZeS7wMLey +7ggAvrl9J8dHoPTM3UzKl7Rk9rXKbVGmxZspYRllsRQ6bNZjkT8zgeorCvuMKNNhsKZvHn1h +9kQIy8JkPrhLGPspw3Xczp6lNDf5PHuwFfFOqmwvI20y3cuZVU+lW0CpYxix2DGfi2VrKIP8 +PQtCyid7sTVwUl4obq/FydGWHgbLErMXs0dmr8JWWMDeFbB8723bQJ327hmbnY1aww0ea74l +h2fo98C4sW0HfQrxfBpDxkZxDOb4WSwbDpbrJHO9/xEh7B/EVe0HVfwt+mpzkmIDzoTySiWr +a3qoVhNIoYA+AzDVPRag5btAPdE1On3SN+jbQlv4GI9I/tXhFBF+H/ZSVokBHAQQAQIABgUC +TXlB7wAKCRBI29aQMJwwXg0iB/9BPLe7FsX27hKz42P6tB2HujN3VtQYl2gafNokqKQWKL80 +sySVdEh33aIea1ErLWy/3swdx4lgBbYVk7GNPxzQAfmsdz84qlLNmvK/2/4iMprP9nPIJbgT +27y7DKXpvqCE8F4y/R/645W5+2GC/1GXa1wr0plZxKUAOk3r/aTOZ1BHi45X3XP90NsEzV55 +8bKZgNE5E6Z2OJ7jFbSq/8ji9YBoC22Z/vxtvhk5iSXw2JMnMk84+mcovDYbvMHnPkQXrKVG +xzopGfyAkBcynY+DKerd5PblQYr99+sew9zkEceyfS+ZfGDjP+zYhwLkXUqRl/JztTWbR5jE +3RfoCVXliQEcBBABAgAGBQJNfldHAAoJEOBS8lIZrmJuA1gH/3xO4txq2PLRlCzqU63iiEt/ +so2088yi+In1vrbAFyTrlDRbcfeDVAY0kaXTqL+gNbefXECbTQWbOv68LHDNZ3HnDJtVaiEj +3A1go0pklknwaV9gA44UbESkiRPO+NZrkrIVruCj1VL7E66tdz1fZRqZyGYUq6FgIeMsQ5KA +faUyN0xvoXJP4kQHpFwimecOfzfa5mdxMezlM0yWhOpXb82+52E1uVw5NPW8mz4MPsVHPWs9 +arlgcWIMGHqxKL3EvnZ3wnOMuFofm3BYBkFQzP8wWOmO8FWPhUZMSG72vH6mxeiTL/dxJzb3 +HZUdMWGsDYuiP3aKGU+s+chezbQOjoyJARwEEAECAAYFAk1+V0cACgkQ4FLyUhmuYm4DWAf/ +fE7i3GrY8tGULOpTreKIS3+yjbTzzKL4ifW+tsAXJOuUNFtx94NUBrlezsHft1PrtmC1wOqj +3yq2YLJZXZCI3eQt9+M3EGikDWCjSmSWSfBpX2ADjhRsRKSJE8741muSshWu4KPVUvsTrq13 +PV9lGpnIZhSroWAh4yxDkoB9pTI3TG+hck/iRAekXCKZ5w5/N9rmZ3Ex7OUzTJaE6ldvzb7n +YTW5XDk09bybPgw+xUc9az1quWBxYgwYerEovcS+dnfCc4y4Wh+bcFgGQVDM/zBY6Y7wVY+F +RkxIbva8fqbF6JMv93EnNvcdlR0xYawNi6I/dooZT6z5yF7NtA6OjIkBHAQQAQIABgUCTYI7 +2AAKCRC9qnpG3FznUflSB/4oBB9fXVuhIxix+Ssmqw/C2sjy4qEp1bCEhz0C+L1YYQU4qnsc +3PHJMwU4vRH1AUzIbV4jj4lfudQfnmP2WQvrzOgnwpGXVv4heYW3zIfMPMABHh9bxSdmQ4JR +bRkTIThz50P8Xc0aEcSl/Q9V8IQhfrDOremPUzzrr8e/EU2cC0FXyqvbv65DxjWVXz1hHLHb +4q+RvvsdkYiPeCZntkOXtpNpgeJikN4s8wv+LfeXIMsEhmatyAbBZsclGXwr6mN8/PphsopE +7WVdjZEc59B/zv/GTJ5rrZ/C57FsnQoka5WZPgwJeMpcVHqMUW0SZth2DvwhsiSE6ScKrmOj +6qYGiQEcBBABAgAGBQJNk6+ZAAoJEERUi/QfdRMWHqEH/in8EYyaBMyeR3lx8pfhKibqbf5v +0E6eYwNb7ORK9F+BfZ2JqXfSlhBl4ad1+BEgpqd7CECQo1590Q3HSgoEYrwenScacVH3xawl +UMsTqlMwFIys6EVZRy8RnJPLdEgW+yqYxF9zJu8l3l2lnJUN5sDmoXAWOlMVhMcv2KI5OViu +nXd6HLL1Uj6OabED6YH5zP/wImcEtSsXbysD1Vjcx/Yk25s+vq0XEeNf9tutKBX8Eh664ds1 +m5+NcnlzXMgwL6LvvtwbvLEnuyzp4k6PdAA46xeJBnkbO4wR/LTZ/sB3SpaImUIf+SNHDh26 +ZXwtOauVSK+5Cn/iqBGjCBxddraJARwEEAECAAYFAk2Y1ZgACgkQbnQJQDRyCiz19QgAt8bp ++vjGY/w0JEfTWt0Faj9xuGWSd3MSFEBLEZtaweVGDkEaroCDqqw5d80glaCGr2PoAjF2aPCP +C/ip2RMHaFwSM+rQ4+CHC7qm5wdkkgR9dN19gXsrHQmVl34Vo7Pox4pB+3K8wDz7SngJrvtV +23Inwr2r+S0t5eDSSI/NDSQk9Sn+4aCQx4vJS3+Xi002rLEGx5T/PFbmmTotKVInkzkC9AJq +kx/R1BudjCAKhqv2rPjRAcwhOeBC9u9QLS1BUdDfTgX0owcUPSXHH2HtrA6ZGB7LmMUHYxQv +1Vru7UpUKN2oj9l9r/qgrMgNUp8oHePr8OEeS6Sxz8KejAVBNYkBHAQQAQIABgUCTbJ2RwAK +CRC1lGockFz0LxzIB/0UmbRJ9SSxhH78tgPlGR/IldYZPJKL6Et1T4FGAZ5A9vjP/CroEF74 +YScZVUS7qbIHJ2thgj4YU3rETkyARVy42PtQvuy0ci7MeFjf2vjFW+GhmUIGJB/k0+h6xWV7 +IvZaddtwEacm/uPn3BTR/c5Wm1LcaWojt3blDfeMQB8FyAdoVEMrV50rC6CGCkSzk8nGHVle +zRm9HDMmEpLKGhzQExwBfG4ZJSlWzFKBc+I8RsRQs69yy3pWevC7Pk4FA45InG+cmtIwx90S +OP0CJjIVZm3DhuVGO2vTcAgATok6un43MRCYBtUtASozPHYFR328EzgPwRNrAGYRfQY3TqDl +iQEcBBABAgAGBQJN5CfCAAoJEPN7BOnLDI1R8t4H/jTf4ti73tMm3KY3P/byT7bh/RIDt5Nr +kznok0J62cmkdNMFMlbSrqbqvOltWIxaryTwbL87GmyHKd6W0bS6vN4bz0ldwFXrJATtzJDk +bH34dhrqWur12BDVtOKRUBfGyf0n+DJLuA/H+qNIl4HfLyM+FaAYWlR2MiurxliYRppnfEVU +8kHIku/herxaEEghivE9hqpoFV3SqxZIITLZrVIOWjPGrL96sHIn4K4FVWe72B74kLNbOl64 +tkE2NorxStg7N7YZTtNkp9txUttTLKu10lANT0odViDMUioUNMvnDXASSGL3cOa6H0lGzQi3 +HlNbtLB1KBJB0LvZBuXDwKCJARwEEAECAAYFAk4DRocACgkQpr/nbmArsIQp1Af9GXZl4vdZ +GvHq79tDMIQLUnTtNtIz+5UAnwE34Duyq6IaeWG3jb2Qouze/wWV0GhubZB8Vhe07HtJDZ9q +elIfiqLZwAkyQ1+X4vix2LOl4Ojgjuzi/Brg1EJsSZBJE/XpUE597wdn1lA7vghbRONcFQAA +HiU7f+YWc0nPMspo0me3Ej/2xJw7hG30yY6htY6PvhpCEtiniWq+h+5guQIVNBc+XpY9Zdp+ +mwMmKKApr63yHSiiMhIgPKE294fngGEFBru3Webt15PlfgKsBObWTPiTeRB6I/VcBRhe1rkQ +ZtcvaGFhs49xjYMLP9DOyrfNf4s8sRcShXiUEDQRmzGEN4kBHAQQAQIABgUCTh5oBwAKCRA5 +n7zfcotwdcSaB/45q3DgrMVa2M3JxUzwHIivpFQ8KsUPPSDW/yuxZi3fQSBBFehzYWqAvCw4 +BlXJ7B3B5mQ/bOFYAAAX9/5RFLhV/kadwsTRTGx8SunQg7lNK1IsTo8ZWp0Nszt6sBWdQEDv +Dnwn27r0ui7R66ZyQp5Dkbp6c07iw5mF3Jg2FhAbLl8jD4A4wTC7+8TFlkzx9mfLsl442X/A +LFVhd+dyPPclaaf5iGQbT+NnysufIUkXTSC+81hy+7cYDnb4dshBOfMtz3UhhKg+zxbSrZmr +eaw+phLfjaF67nz5EezKZBC8GTX3AGXDa531mJwRpzgTkBTj1tjBYWI8A2LC4eaMBzz1iQEc +BBABAgAGBQJOJ+xaAAoJEOfAfgBHUfPRNdwH/iPzaYtsp2A98hJJXwxyIkDgEH6Un+oaKkhv +AGP8M/vhzSMqiWZfdYHOa79a2vyPJERBKsRWDOlePrV577hCcJInAjSvrGGvKfIltwzuaba0 +42LoOVkAaLIZbuoXP0zUV2Enmw/BQGPAED/zqM7FbwBrsNmpT/wzf0SKjjYO5c+g7UCnruEX +sVcy1YDEOZS+6xNBXoYNityxkBwp2OUbJwh9Mf/vzGtiAA51exA8vq6NWnrPRZ5zxpzv+8t/ +nPJX2lLTPViWgXTVWNfssIyq7nNYbeSHIuLqldMFK6z3eKrss7mJttdRuC9IUuIkmNcbgW+I +5WxFmC92by73xZUbb/SJARwEEAECAAYFAk4pqZ8ACgkQkJweG0ia1rwuBAf/fnqMt+sG/fuR +bcGTEf7VHlflIsbICoY+Ux4scPuRro8Fz2su0i6ANvMjv37eYrDYy8AKGQFgG5fLfz5tmpWP +ombY6ixClowv5zWtZ7SrlH0aX0/1wKeNdRP8uYyvo7Onv+d3IWr5zM1jF3fsef8uF8h/x7UI +kk0+6LZmmN8p1+hnHACtf0L09JVBZjm/tK8Kd20PnXW6OXOxATnHyqgN0ePufS7RTNI8zbOE +9rIVfeYD1N/gb/83358EGTePLo1a2uKsPVGh9aOlTRUS6PPZJv0MQHLR55CU6p7LfyR69rXK +NfHtoXOpK6gM/o4dATWnsg6VgpK61sawH+70OqEiX4kBHAQQAQIABgUCTkHmzgAKCRCufdOU +il+yL37RCACbJwIZSpnEtA5gOusEBVxMHPHpOhTP1va2Znp1hUu+aomc187RoCpnR8I02V4o +k5a6G5hBX96az0W1mnCrRfVPXOQ/qcuzgNroTxC5J8JdGg/zg9nPAlz4H8skIj3fCEUvT3qx +pQMifkRwdldofruGuY7vYIOp6CUBG8HQum7fBFrwbhzTilmxCK4vbsS29FGNYB9MO5FNkC76 +nG6ktC4ThjDwllXzY1G8RGGA1DQlnrBtCPhpIxl/Nf+E/PpBg8pggbwTAMP6Rn/fD0q4YelA +xiQjWBguVYUmOBrwdF1zmOOv7r5I49zSf+czyZntLxCw5XnpWjW92v2sr+G2eIHaiQEcBBAB +AgAGBQJOZRbtAAoJECpP+u5sbiaVe9UIAJRUHW2o2j4F4Ev/S300CPRMi8DVplfm6LbKYvkQ +nMnIXUzG/pMqPGU9uvhVHtN1D8vwKEBa0v5RZDl/juuY6R8IgOOKGHAa+xpOOJw/6NtEvJQL +W9egTaRhNEUY9CyLqHDBpWiFV97ao5IhJTqsbLg/Xle25ex/ztbgnxBoLq2ZAY1UvhVm16UI +G6lgslpY1m9Yyk8cwY3Xk77lvjtvwN1igfXtDPpVsxFtApZ3dh4i6ZJTy9Y84XPFQRTacnRE +HIEozan9rPmPNQGzGaKY7U8I7u5yNqwPxBMDcb1WVy6hhSTA++H2bHSGfjjRI46RFgeeV/hx +/v0taCwywBbBQdSJARwEEAECAAYFAk5mCd4ACgkQytrzOKUJG1b25gf/SUTy+AYHs46l1K22 +Wh0zF2yBRwcG4Gn6KXIAzifYL4hKBTWxYPJOfyJ4lYTC1oMT2+a8qqek+powyp/KI54UzWig +kWLV/PUguK9lkl2qTDlAqmD007bukHVl6YPoBUCPj4OK36S5yo4QNz3n7h508b+3dkJItp7p +yLNKXojB0X1zdoIE1KsCD6upyCgZIbh1/TVYK/DAbVfGlJIf1vltrRX5amltUzY2Z2WquEAZ +oNyRsoOlUWIqDmR9FA8IB6pzq0K8+D/c4Z3RxhTiCH0cZhFI73T/dRj6gwFfBwHRUT/u3R+q +u1v4EgvZ/ndYTDy0Rfhf75rOa+HFZO2M0yopuYkBHAQQAQIABgUCTqIP5wAKCRDcJTETV7OP +0ww3CACsv4XdsaGWXq0+QC403+hV1bFT7vE22mNASwTt6gWxJ/LlVCz/4hfVOZOyfWD7RBH3 +5y2RX4d5tvZzCzrUwjocTkLqD75zGGuBN/pho2OJFXLGeoQAK86gzXnetmDCR4PhC77gSpTy +fbnKlrJNs3ZFD+KODIG94BUh2gy/9ft+0Ft25mD9rJvTa0ZACzqbJ206v7eC02J3PrHvTzT/ +O+xaVSjcbuEBweaD574U9ula19ombdNsLJCz0czrWxtxxkX8SdgnLYBqrHi/r2DvLpjE8Ai2 +bqLuG5JYyiN9s8QSAubrosGwWTQDXxxEx6Hgv/F2H7MsJDlpEbISVxz8uVayiQEcBBABAgAG +BQJOqqJCAAoJELcxCuXwRWmucqkIAKT+0jGpzK1hLUsdKtSqphKJ97VONcmTwoCIPL20sr/C +BW29R8lC3YPMQJ7StPYwOHv2c00Htv14v16TuNAiWltd6eCVhpluUMMzNLyNBZMuaOx6+f0e +4Ro9kuIGIcPXlmcPfnxHfjbV7uJHONURfuOn/RZ63yBY8tKXPQsJgl1zvAxM0pLKcX1JhiIp +sAIkmYh2T0UmFeL57DukfN3Q/zBllAa/Sr3E6khOqw35+yMM74BEogDjSyYGiiI41erYk55I +rr8hgpro6NCZGBYO9PyffzxAqX/6eQmEE0j7+VtGG9zK7S7EbGGqXKBCNBOnny6B8MCnbtH6 +v75VdsuS4z+JARwEEAECAAYFAk65eh0ACgkQv8MiLRXl2pGpNwgAx1YUQS6adEsIp5408XdD +is/w4kM2y31Q7ZdTN8AGXu06pplhngt5PRRZFo26mGlmHuwBNWsX7xE0jRj7l3kX5JokE9NM +xrYc9WE4vW02eajELhZzxJMmfnCAuppQAwX1Imig79y2C1YQ2a8BA2I33frBBTPOCDJQ+4gM +zUhFHt6M0+RKnDfCK+0pjOCzW6+o5iCODsoBr9yNIAIENwWQMTKXLOkvPMvl02UU290hckhg +KnG8BYm7TDGST/mPVVAdYpvczR5o7h2suPfMyh1Qj4948lq7oAfu+NFVtMgLliofLfqw1b8D +cAzd4i4ZWTajL0TmpI8dQRDkp+l38dQf34kBHAQQAQIABgUCTskTawAKCRCSI+iSr2Ft8wix +B/0QyIDaT7VnCUUDLgkgt5WdbpkuxqiwnobhayFukIbTYPsDCs5wDMoZDqcvInCaSFPNuZZa +t7vG5V5tp5c9s+N55AAOGYajBP9d5YywrswjreUamzbXjq3im9WapguJnrVEbx3lSiLYuwvC +aD+12Dp+RC0skqSj4E0IucDNBjTwX8ByCrkJCxNky0hj8oXC+A4zeIUXeZXxznbJBZ+Yzdnk +Yg5P0jykaSfRv7tSSgB179RSdxncpswKohs2F9fMkVh0ZXIbZctpEFRoKmQmdNJdS5xo1zim +bk1Du2jSbNPa6eGNivIBptd1AXEc6WtGY3iFPy7ZLaPPNg7cKIXjMLDNiQEcBBABAgAGBQJO +27ZZAAoJEFLWmblcpbYQZqEIAMOhHn1glxJSQqL/h1lVEO+KSXLAVKOh+y0+zUHtB1Ta1zy/ +x3Pj0tJXJTKhAQBeUsvpFvZP1jE0wYyeq2ZjZ0EjeWqz/bFAsb99LXIYwb3fZHxNT1lPJbxD +uoL2S/kA8/GKthHC1SvZ5CAPv/bUajR4IJte+6UviXEfHu4XBaNQT0YQ+kPVcLELiXAq1/OW +AQ4VgV52+rhEZ1+d5L8TyyyRk1udxMzX/D+3Dfx6QWbathpmofWMS+puIU5878mBVITYbJw/ +MjSSpUpfIPVm2WW6cwXPch/4wLOZ9Bt8MaHxvXQn6HH2p5mR6tqL8trdKhtNJepSoeVzKDRq +iVVmnKyJARwEEAECAAYFAk7yDAYACgkQSTE8UK/9l8TvCgf+NPbxgejjBEEQoMbtAndPEWD1 +Un5w0FyZqb59XlxdX9PF+VhhRkjhqtD26Z4H/bgBNtA4HKu+cLwXluQQJ3zsSzUH3AlY2mNI +pItzeRezR/0T2St3DzeQnm0XpxPE5CRSk1Dxiwsl1fAFBBBMQ6IbUD9L3+wuz6jUUKD1WvoH +B6m68p0TGgmAX9tG/n4RvRjKSRty9EPSvUq1qxr1FCdLhvX7xoFMaCFEHe7hY13jV0lZYMUb +96HR7LSp84rMK/mLoOhKk7U3gyHZOAaLpfzSCB1GyEdcQH/XtnZRAu7/7ASW9ybhc01K+e+w +PknQ88KJ/XyHbiCjq328t7b1BBz8cYkBHAQQAQIABgUCTvsZUgAKCRBRPabpClG+/G5uB/92 +y6eChcXKXNC/vxBKycblm2+4X+m6fOHq64iOS8/+OuR7Ok9Aa7QH4yO3p/Ke+0RuM5Mx7Ac9 +XEkFVUCmo6XQ34YkRUcm1pgRjBQxxZ0sGnpPp5Js9Wdp5ksuK4FoVE4j/TgwNiCU/ZXOMMu/ +lNwCGKEbYI1E1+6UdEAWkoboleqKkGUjQtPvmpqofYU1oCUc/wD+UtrR1y3x+gpKJSzQ9Ltk +oauCIW59zBE4f/CN2nt4pCn/Z2zXajU6U9EdRIFcQ92yCAQREaIpvf6xRe9bNlr03iNt2ApD +5IXcs78TV2kqmrj7dT1fK0kg63RHduAMNQn6JRvV7ZQaJY0rXjA0iQEcBBABAgAGBQJPHIRJ +AAoJEAkmPIz9Jmp2BDUH/1CI2TpXxFlvnj8ptZbb6ENtX0X5PaGdKmQ3OxP0FGDi2bPo3h+h +ZKTWc92MmM0SpoeO0Lmzb0/Zm/D+rcZftlM3VKgmRf01IlBfPpOEkkLgeSjDICCQ40n7wQmW +d61dOJRiTRW2DcS8EaxyX2ycbt5ZSdBpDnn6/qr1QqCHxtnlZD6KKwAdWbMbDmnt0VJSZesr +sNfSaKwh9idLaiYVkssgay3OVSlx5TbSTRmV8Z2f4zGKWnpGa85nU48keSHr1EyjOcyySkvE +IoXhSX3qjYto+ixjSedf33UpwYi5hmu3sXjDKG8eXXGOtV/2t2He+LKZ5ZQxApLINuT24nph +tAuJARwEEAECAAYFAk+mm9sACgkQhHS2x2bBD9Vn6Af/Qo7S979S3WTw27QxeFmj0JKIm5D9 +ATrlozfXsSmQ4eFEjS0kLMu7UTPlvvoOANAAmWpIsoc76nUlKP1QOndR2IQPDRPz9kfVu2lJ +6agZmxnTvJnCbUL+fwPj0Nb3YVY9/qR0ztrsGJaP0wPgB3qEVtXWbmcziNEfbDKcM45JDLbQ +Rh8jHWYj38nttdr7wU9EXMuXhV4VWJAL7QVaisjWPkyLAeM6O1uag3p8Hc4mm0NlVCrUXGNk +T3cSXMLV5LOoekoqPXZuDqSV9LePs+KGj0we6AIjOR92HphHwSatE6QjRKTZSC2IvYc6986q +8Fb7/oCckogc2EN/asP4fdd1aokBHAQQAQIABgUCT6/CAQAKCRB2VTXL1MJDj9BICACEnZyF +P6QGbk7OJv/1E1096+DQGjXUoW70XXxr1OsYY9yoeVaCrPUcNma0HLeCboJH+1CkDnxgfM4n +ATMMFVmZ8T8+nVhwH/xfRTHYee3Iz94iWRRaPcQCAS5XdkLMUY1lNaIowS7+AkYEESicnU31 ++tHIGDIY2xjCdzgn5v0aUhCL2LuwK/81PVr0aZk4TrFpAuEzU+/RJGAodgG4yj4x1WdUJ8WD +kSvF6cUv4V14t/eSCW98K0QWNttcA+TeFLjfnd8shcpjJHrSY2nlu7tS8n8wnh20lnVZ0+8V +bYnuqh5e/pytvlgDSOS0y/tyf5RF/C7ULdb8aEoRrWEUdMAziQEcBBABAgAGBQJPr8JCAAoJ +EAtCqzaJXCTDl2AIALyaYjZd4GaDAIp7kM7zE/OCC0C8DH/9x/S12F5jfIE/a/RUkiNkSXDF +Xjc0oNrDeFPRILrXmRNrxuhY5VP0wA2YJewBSg4+ZvcdkearPO9sTIWAWqCzmyCcWL3EpPLX +jnzxPQNaCGWiXKsg/zv5C/wD7S4aF7yAYbf09lxsesECj2+Det8m4ZDNOaoowQWcVncVt7w0 +WjIVcxsGJLDaCDeqW19UNGiv5gLtsEo9oqvdOG1F0AOXHjfadNzf+V4bfYzRDkzg9McSRLk6 +lH6+Pac7txa3x3sx7EiOA7sC6FanMWV0kVBdSwMw38oXASrNXnwTexFEa91XbOVJQZNi3WaJ +ARwEEAECAAYFAk/8R64ACgkQfO7fpK94KWX0lggAoCRtG6GqIly9vpSNFDA9TgQ9Nzn5cZsX +EJrFmRjlE+WDyhl0yAiQn9ejjm+fbyUYSwTboAy5HhT1TMTSvHktIAIZbI0TzHTCkK/oy+DM +HwF3o7wXc+VmEPkMZ0mBlcE9lVvuk0IzidGzC/BM1wgMxsOLaRkKscp1Wsn8seLpF2N1f00P +gxB3BLOIgLrtKxved2zIkVm6cJHUyUrErDwyLJEsIIOwW/6Vuoe8AJwby8UXSF4sD3NcWLSf +0MzHNiUQOEguPGcFuzuAtdwmoK1qPtxpgmpmWBkU/qYGdl4sp6brJX6/5wKPJxlbXWyluiHr +/meHWUo5Vg8wlR9ek076QIkBHAQQAQIABgUCUAgf6AAKCRBaj6qXSJncCccjCADGSwsLPnMy +e8vl6mgEWM5B0rQElKo6vWQYlXwrcHt+z2m7jxfILSIfkccbYQfO/7wV9FDM/nLXCMLT0QtX +2BqBctkdw1BxgeYosOYTGtOmPP9gfyk6zy+6dpi49oGzNaBenO8q7BTqYcVl48mEy075wW5M +Khs3KMK9ZgBufW1vIZ4/mvMhGzvnZrBuMQvJezkH690K2ljhOPjLIN3Z0DtoiQH8opK7yA62 +k088S4CUrlp+2YwALhFaAj70cl9zP9jaL/+U/hsvN7JpGdvnlmSDiS/gUDqvKGmBAduuTvqk +A3YahM12xam/9qp78utL9d6OgEI72z0peKdf5XX/RSfCiQEcBBABAgAGBQJQDG+9AAoJEJKW +OiWUmIMy4RYH/jdMDUQEUe1h1DvY2t0jfTivDMbK6/daIjZKuvsCjnA8GaBqehYFccnETzKB +Bp7KAzIOnOscPopY20GnBSihcxF1u9buPWZuEUYZ4NAmIUQSvCn/ySbhcszezLJCVpxq5jAB +X2kbhHJNpZGW1wldNXL66Si7v80mxWmeaeevTcX2wBrwzFzSeAy8A/ETC9scRiE0CGk8L1QD +6vuMYfPwzbrdOglJyMUOcHIiq76nZYsrveRxOIN87MLOKv5h5OZjYMYUOVpFn2p6bFlJQFZT +5Htjg5WsEAxuaIfPQBYwUtctPXfC0/6z5mChkz1X1ewmg/Jh1yuG9XKH/kN4GOyZSvWJARwE +EAECAAYFAlAlAD0ACgkQXhC5bXFPCFrdgwf+JS4BvQ+8co95mv+8XAwqmknCWeYpuvnPbqGL +qQ6yAiaX3ucgveLayQsyemo9G5Hgdz4DvICaAndXJCytceW0ETjHYUyBVOHdIzCkBpQq+E6X +jwhnjwg8otX9RuwjikBoqJckKJnWfBu/obceHz8zxhNbTtasldJC4elISckeJv4kZwhp3H6w +IX6LxLu2oqdALKA2dWqVBaADJ8SIrIW4g7Yl428AF7X0vsoXfbAGN6AaHqPgB74UpGZGJAAm +f6hPduDQ6P+5l/rYylWuWZPZ9h+c5rHCYHaoCQu65/VXXJdMvyumIG1wif4FIi0UQPBiJxHw +JI+ZbPkSZr4GHIqHlokBHAQQAQIABgUCUHE47QAKCRBNBOnOfOeA3EL6B/9QOSu5qbGQCTPL +T/fM67XtgcftDRkTdb3PEOgiUjDZpqF0GZjR4gkv7VIxmeRjON5YQehCZTH/fcpUMaPEYV4Z +T5pr2EKqpOj3NjqJcdKgfpd1Jf1ALw83+0cadzzIy0/u/SJteqRHujtwlV6sOjH/t4151T2U +tWR1PHT7mWWJxMy7Ouux8xFzpyivdsUhrrZLn5E7w17CfxVjaVewLBpBrm3CKcNIO8A70zG5 +3J9W/ls5Iiok4wMtZrtq7gDpaMSQpmCXID9LD3FyfSbiJ8ymJwiQB9t4jsxQQbCJFWPq2VPy +i2FDitrCqwPTgnVMoaOOCYkKe+JvKeMPcsDN6k3tiQEcBBABAgAGBQJQdhE5AAoJEBHXd2iw +IfrKzZ0H/RCU0jm5hUE+tCxHFk+BJVzV7Tkydkc1pOPKycvwUlOQG0T0Y/ouv48nbpdXzjHx +YFb/iYhA1YMW81zZS9voRRy9MfXanarzjRtRRhcP9UZ8c0O332PqbVHr/vbApUI6RvV1rRx7 +Nm9bUfndB0D8KtDpf8jAut5A0UajqWBOWwbYO/r3/Sux4KJ17C5kI91RnRUhCPxzRYt9gpJq +m7ucB1PVPZPqTIJQBjQLUMplrSIq8W0QRR2a/thdECe/h6BSRvYJy3q46JGPBBAwTQynqUvO +wIezeA10hO/fR380YRZYRoEaljWlZfA1x2E2pSSw1RhI2ekfAC/EPgGgir1/n3iJARwEEAEC +AAYFAlCJj3MACgkQcDA+oZoLUR691wf/aaGz+BUfaUsKJZHoGHyDPmNLq3sy9NXz0vlihJF2 +u7+gEiMH9UZQx16i27SDlsmYps3HdV1fT2CThjk4b1FgECE7Rh/TKSClj8exPeTjMS9ixkfh +rUd7syMVHCIGdy67aLN5QPrE9TAcFSwLo2CjhZDS58luAqhuE5IZmDLNJGx7K26vOispp+sX +kYDetm6y+SosCO2LT/CKfYqs3I1D4MYh0y5E/x6k9U1D1vIr2XIvNXU1vjKf2KmYPVs/5gz/ +siDce2brbIhpr1VXNhh5+qTZdtfbiK8Ndz1zJAP3hPzBCY0kIFYvrCKLZ2ygOYLYlDIL6OCR +dTj06J8EphRMaIkBHAQQAQIABgUCULlNUAAKCRCJTHgfHK3vrtzTCACq+uFVvYsq1aSRtSgS +OKwSpTxy1cV1x+VDCh8JynRJTXqr0mpPCPZI6fkNY2tdrtRZLFKkA7NEqbWJiBw7k4pRyP/d +pwgMTpbCdFu7Tqrg1LIUSMMgQSHluC9qm47nSMD0CqBj9ZLashbiwLbOh0/lak1z/mGMh3Mu +GIEVvxLOzftfT0KsM7W9r/VVVXObY2VppRaeVOjeBURn4CDfom6xUc67eBL5lzbgfVUX8hRd +M9ZTiLc3Fd7lM3cekOOZEGG61S5dKgGjRXwPHvcJERVHgNuhOVmQwnFpcYtIqhyixaZOsV8p +Sl2Uu3Ntdgm/aSzgMU+8N0LWhk4h7iFtuMh0iQEcBBABAgAGBQJQuU10AAoJEDrLKhkuw/ZR +KZwH/2kbUvJ7ZEOaQOe7yp4YPYHDcaAy8gvUc/iE817AinoPUpS6wMzY1BIUjZfVz/vXbfMn +TE3LfJXVFZ30+LayCw5f2nulbm9bBZur+u3WbPLIjhvpeJ8AsClxtHjZdG7PsueJJAquecAY ++Tw7LZUc6vr72HJbi3INcCyrf4BF4oS1BAuMPIvI3kd4uyU+WcDq1aT6CQOnvDgH3ZHKm4/X +OO3vvqgjeBtxI+M4TCxz3/TAkptuDPWJsDMDJW+dh7jVYkzlqY4WW7FgMtd3SKp1wZYTFMEE +x0Gnhsvu00e+hd23lZE6+Br7SpX2T0BlarcCMKSmfgN4C0/Fax+Y/vicR+aJARwEEAECAAYF +AlC5TZUACgkQplkmhdBL9DOovAf+NWmbv3kk2hqP6UG1djOLviOeyAGW0V4/qXkR5ORSJM6N +ltfWJY6w/130n/DibX+TvgTBqD+0paAW/yoOde54bMbd2rpa9LbC1CAA5XSXyAwxupfOJ7W6 +T81BbZCG/46wUz5/TJw1ctQLMurIV7iFmWcfmMbfWu+gf9gpPvcVAM2ggDAnJi4jQEi4K/Wu +5rCiGCsdbfNnA2zyQeKm4necHQ7Q4E3SnZMxthYd2mQmmG8ejSd/XWBWDc4vInl5UbQiTyQX +tYYOrL0/yE3F3e9f+mlLqYTmudNNxpS9Wg7cI8AQeXkb4L97Blt/CascAwge8UAnKVARZC/6 +n2doSfGpy4kBHAQQAQIABgUCUMsETgAKCRDqcavFq4OxwzctB/9OiitLLvoYduukSeeHkiwI +6+3o+n77V1Rahyfle2T8thNDple/90FQcvs+54tOBYfbh/B5ZYlrEa9sZ3SFZ+Deih02Ca6B +yuvxlRXV0CJH+G8/IRXloOc4dUiSU8eC77M63ZLkjw07TkAE0s5aoa6H+jyKhDcAlvhit6kx +aPtkuM2JZqHqrsWXtJ3X4S6IKMPeXbmbhQzcrBbhnMRQEN0hF8xVauZGE+qRZGEis01Bta8R +LpaWDpmw983zu5gUaLOp3cPYIqAywbE+yv3vusyYkoZHEfK6UxJWtcJaveH2V/cBcTjhcAU+ +OFMlRVg0FGVvs7vRPdST9JmK0/bJOWZXiQEcBBABAgAGBQJQ4odOAAoJECSEOlY9z/eF9vkH +/0zj04MPr6nb/eBlUTSg8sZJ5TbjPKmnQwbf1gV916pLwXqGO7ZMPOahUwV5IJkgOhxVIiPa +Yd0fC9zn0i3c6R8gOHjAi6MxUE4E9hbOQS6cwXwnspoSoRNQxVwzmEST+Z2tOcAZ2JDyq+cD +P7I2f6jmYOWeMcIeRuHb4iE/UtZRY4baZE6qxA9wvKAN4DtZh+SeZp72E3anW4ptu/VatVkj +7tYmM/OrHeHGuyGjcODJUfHJcJe0UPXxsVuJtfckIy6DW3/xnaiUCtwlHI2Kg9JxegJxkJFu +CqNrfJfoKwiPCUvto4KBZeGibLDJY/Eak9egK0fnziwxQDKe6RnPTVeJARwEEAECAAYFAlEL +0f8ACgkQeqOW0SIyrd3G+ggAobHnnlEOmkQp1PH8wMXU5ivnNNex9JK9YGpMEvIhlFkDqKb9 +yJrFKAT2ebQBb1twGYcAoPk2ohMPev7wJ0J7czBbypVS4gWfz02eTM1d1xWb8WAxC550kpKH +Uy1SLGc1dzKd1k5Hj5bTHzKjfF7EFh0TOCjGLSicKHpxsnkTySL2Y/cRcVsz2MhueIJp5kmW +slq4osw/twFiAPuRl28FS2O8j66I8y+a1VloJfhMSHdiQsZPML+MS0+r2IjdImuzjsLwbiTI +2PNvbzmR65y09zZ4tkqlnwl+7S8wY0fBVBMNUqgJQ++FMcGOzpcbJw5VBzq/4UHz2I6XDOJr +Uqusa4kBHAQQAQIABgUCURabTQAKCRBYXFYgF4TIDB0CB/9jxaHDMFOPqKDNSGyAnUZrMMOf +nQnKx4pAyzsIEl+B4louuCcv5g+Q1t+pgWwkQJMGl2YqnqYNl5dvdkCzOy/s90mA7gtOnXFr +leFhF8AehoIh+Y4FChjMVLY0/NaBTj8eIBXRS+v/hsab5Ilc+cC+mRvpMJnrTHOCDuU3hP9h +0AoZNzn8YGm5BumiTVEZWiBVH5HSRbrJq71meRcq4ciMMdh0tUDROPzjp64Yzi0rsqtDrM2h +dWBmkvhpjAYM8UBo2MC+jMPh4smaLcFqOEfOPPe2WG1N3zYxBB2w+vylJEym3wjeDqLeNJB5 +YIAjiLusxPB2AyVJJHHdDriA8Hi7iQEcBBABAgAGBQJRFtcyAAoJEB/MD/eFTXtXU/kH/RDC +mVYBWrmSFJr9LABGm82+3RMDbv8jrpXriLizmzaCDWragXBJcrkgtU7KaDEObUzI5VmGTWkx +mjZ7NjSW9KR6E95EsSAMvXzvRpcvllbqaU0Az9cPKOPSETthv23d+B4gaCYxubHhSOXHqagJ +QEVFhbObVK9xBPjhmkkOz2n730Z4VQoJshfRkUxKzhllGu4DCdVBID0izkIHokxm98dYyREg +xs7y4dCPrWmFNFcRaJzRmX7GPmTufGjbXUr8wTCmOCTfshLntTaTVP/S8CpWmav9yjERwEdB +9bIOwxl/qBMEr1Bfac8DtWo0drF81haSHsLvcY49U7snhA9RNrKJARwEEAECAAYFAlEmOV8A +CgkQF6H73ZZpRWfF3Qf8CqncS2L81HXxyWwke80jlADN4H4+vLe0ag1ddWXh1l4UH74hOOn2 +1CJha21YTfY3Hs1WHONiwzDntpCwEnqSu3wloaDnk+0CPGQBWwXu2pjBldnMZMpHBx7xnZnv +f9Z6XPNe5UfWxCiDQqbkEurE3IHGAYprYCJjCqQpZl2u3gMdyzz9kyMSqcFD2aj2QC+HAcx4 +YInb6G7mn7/qlfi9/s+5ZMBNYyI6gy6cms8a80MXUk8FuOQCu8D/2oVGcmjiHPWnm3WwyXjY +Xv4oecKkMWuoIcDaC4+cvCmutqRzSvH3/JP5DfNoCZ6ads2dCEEfMP2KYnD8TTnaq0aAvKrP +wIkBHAQQAQIABgUCUUJ8tAAKCRDd4hFfx4SQV1zICACYDoHgM/e6iCymXwyB9bAQNsBfHT5c +BdNw8Vkw6xztt9/9o+sMjlMz7j1cky/sr1RjIPdcLsrpQ3+I2juK7qEk4Tbi4id1WO0CPhqA +gfXI0IVY9iydFziq0hFA8rQRtufgr3Gj5UYpAgapBze8d+ugMgya6o0sP9Y1oUR6sy3/wzMI +2rfbLQiX+1MVWv8Qq3WmIztgKnfU+OmBhRizhYMpTf6hXj4TCU/76XRl52aXkP0j6DxsGG6V +8vpfQAtY7ZhGtnD9qn0V2YGPGJ7b2+1W/N8YBDUKN9u9n+PghkQduyt28JL4pMhn3t3xTdSy +ndlG5G8Ewn+yArKmLYNeOlT3iQEcBBABAgAGBQJRX507AAoJENMyJgehZ/uVF4QIALV15B6n +0ooUItYJNGetiubpXrdVP6E94HVLp0oZSA6A4njPYFPQBG5atXnRl6AxaRc5pMJqR0cEszlH +/mbx2FSE8MV0pguDoTk4bapiozqy8NnYt2ivhDlblaqVFw/OqTXW3lwOLPTQQv2q2bJlH+0z +1aTVUQfLgOsNQMzPm0aHsatFwERaSJOLkpazSIwSSb7VH4KKCTKlmVFA+OhsRUGl4CdZgihQ +n9sYE1z1dmGK7SfOUkyCdfkVWdUfgxRWx35cBc6OCyjCtM9OCaYl1k1k+Mk+cWiBnVBST6Cm +9hy7UkeT9EnNC4CX1R2Q0xU+bhKjcVvUA/2J6pLqPC8pmdyJARwEEAECAAYFAlFij+oACgkQ +QYPIFAayHbiKdwgAind/ODJqB3okwuoEWk8tu/4a4BxBoQ4mgGeHg08P3E7X5ovYE/0TtCnk +hgltlEe+tdG7wc62Lun7EjcRVRWEDawXp0WV21R1712RH/uBDKRYLWATaxa3SU83CoNr0PzY +GCC7Phz2A9OUEr8jype4PmAfAEqqI+i9vkKg0eocz2xbtp59NqPJB9/z8XGAGqmv43fWCXSh +SCdJbvACGqz0TwVGup3h2dE9K1V3NgudQG1FHhpGAXhY/FfVjDhtMiuT9yBD6ox2XKbScwQv +i0TYBWKCXnbIkit+opGHOj3Thp04lJo/fWgVk+Z/I7PM0MtycswHIHbfiBi3ywIrfD/ANokB +HAQQAQIABgUCUWPl7wAKCRA7hrYQ7t9bpi/BCACtxSBJO6U45+QnZMMJNKlvcKk39iuhfSBP +10EvYdEENN8hEZBcRQpIJcu+mw/+YGOd5i2Wo++bm9V7xqJGB4XzWiwJGqBqKgzrREVx+IyD +krft6H4wmIK/RBpUh/FM22lxxfMHyH5i61SS25ghhhh+w4TLK1jg6V07JMOrkbOJ6qD+TCMt +k048bx2s5yrUV0zwHyNff/UdvFFIaa+GBAAalYgTQz2594Yrnc9Jg54JBeZ0h1oJHadnaE3O +GOGqUb5Ne+/skP289sFyrF6qnzovS/QcUYkk/3YcV68Rd6KRTPJJK8rt1NLSdj68XfwAzlmX +r4maWtmtEXyCEkIqwdrkiQEcBBABAgAGBQJRZRnyAAoJEMEbkpMb7qS4uS8IAIXAXIE7ZcdG +y7oAbW9EznL7pd24LMk116Yx5r7Qo0Aneg8W5zRN/vsMYvrvewrP65zAUPu/JJOLmW/8JPmP +5bV/j5uqjq6kknrwh120UluUGrpodOkYntn4h/PgJEiX67RFS2w7LNMdOWWIAsdaB0XNSvDK +udMIPj4+ui59FcgXoiO8te+jZqhc3GLMdt45vlTSDO4uNZ4yG3g6gEXjgB1t61XIqOZd/WWj +Ml/3KbpQlspM0tIzW5/VfiEsuT2dIy01sIyCUFpl61vWnT0NC5Lg1nq1WUDwTk/6LHUFt18H +PPHaunlikb9uAa95IJdC71jiNtku2d9KGpCtbhADNC2JARwEEAECAAYFAlF1JhAACgkQCsex +80+pdqeUBAf+MN8OfG/6bBwP89mXw5kNTrH14USKYTTigDR+sC/8FukDAY5vw4ujdx65JMQy +TvQCzWGXfi2ct/6EpN7yE9gjn2OJvnel2kqBDXub/SajXzN6eAZH0Z5ZYaGwsyzz+cMcyLUV +PO9PpqpFfv99dT3qsjjcyU7mcWCvVhyq/jJAVgaw7PUkONZ7G2iV1eaU+4yt/FR1ephrRlSv +L4ldla1L+Ec2wMXTfyJhEmThHxATqPxAcAvP1UQVzakirbUzKLpcvxUqij3sCxX+CZBhXs2d +bR+4O7gmnOtlkvOK/EWqUrl9CS1jQgWhNc4Gv17WkrzF3X/jbC6gJ7lgYvQrXU52aokBHAQQ +AQIABgUCUZ3A1gAKCRA1X5ykJ/NwLvb+CACOrAH5ZFlmZmsjlaY5p96I2Ged9zB2oWqj3vAz +cTiSZSdsDGGnXn+RITV86m393ht+DNtvLWQSAe6R9v8211K8veC3Uol710G02JaUgwgoFvSK +SuX6DPDg6HwsoCWf6yQUttgrmI7rL4ioCYXD9v2qF9zQW7JADyPbB1hkGU0fh3+1rEXVIDes +J4p4//NxXaH8RMqofqO7rpf5porSlDH52wxQw7HpHmxE2jk1TjeFdH3YfdI7Og6Rr59hcl56 +Y6EkcfOC8QLf8HsoGWAFRzQ68RViB3IZka34u/q2G5Oov3m1GmLeBIgSbjM971q/MsRT+2Lt +PNvnQTlsCUMprdg6iQEcBBABAgAGBQJRnc2DAAoJED9CoAXznqAxoXgIAJ7E8PCH4L1f1MTq +bFd0Sb/JY/CpBHmu70HCEVTDJK1or2W0eEWRPoo4SrbDrt7itairfV32dS8DSW/h1O2p4uzp +3mJWK8AzuFnJdIpM2LdUKf8ZN/Z5hRP1vYymIxFRlutYAOiCTKHUEm0Ojr50cuiuAaF3usqX +nubxOn+EOsej9YKYrq4XOvrITtrlZcn2gdlTRRBTqnZ1BZxlrqZwHw7CRoIRntpr1KunvH5Q +sEQcvAU1bf7wtYqgHfXq48KtCePQbfUxeYsHSJsfYBCiW+Mlp/LKRP4ZL8tllGu21zuzbh2S +ScQI2aH+M/ow4CHo4xbnsqtP+fWsC2WAl+hEfeaJARwEEAECAAYFAlGmG1QACgkQwrMbQ4YW +XkuCYQgAgkFE7ThBCxZYEwZvibmF40Du0JcKRegLTOKfc2LTrbKhYQaRdgWoYds8kecJ9AV5 +/qo5Z7cDt21q7r3U3KoT7oHW0nsT4RRm6NWOE5WEGljTlW9vtc8rAROPsJJOwxt2bR6EuCDj +GRPb4G2RXgyp0VMwZM+2fRAdNk+k/k05pXqUwGe+/ixtEmUOXdeMsZZjgFJiS5xvZoB/3UFl +3tqczRSSbTTlHVr/lQ1l0h9H7PpBnSeBECj0srhmk/cKOeiU1rOVe895Xl+vkj0tBItlolcV +nYFkZ0pN3WkzHIxlHnVrILBQgoM/xfPkwA4W0YJAKyB031ygQJf0d8wvmpIzPokBHAQQAQIA +BgUCUa2VyAAKCRDvmRud2lNl4X+rB/9fGhU+0XdsCHrE2HqD1p9hHE6BgHWV8j2UKNS6r6sv +NdXhBAwqp2b+v6sPaApdki9nu9RdGiSyZLNRaunrbrVJ7xa1h5PvvTbl6SIgpKLICzcwo3eZ +3revshoeFr5lPQTKoWILq/QiE0qDrI2OzwNpMqgUrxZCBMa6733p7BkLqrPH9Vo9hSXFcrcG +Zro7Wzp6yLRGcMTQs5hKDP/KhlIhENqDjOg3xE4SAWQKRj70jLGwW/QgBEpXMrbDXskR2xZU +su3Axfv73ESlkD4dS9pMEFeaaLG7af6139RkP0kcXK9tltaPxjRztJjG6XKOLFlL02/+nh8d +ZLXTLIGcX8JviQEcBBABAgAGBQJRtcCsAAoJEHTnImplhdDqfqUH/icp+vqchi/sPBi+kAi0 +6qqFqdE2NE/aCKMYsuXwLE7KwMbd2s7lgJ3a4cGwJv/uc4lW1+oteHj7e+O5T8H8PiOYkgvR +VI6qUihn+78fN8Bj6TwdhIFvUs6Nb8/ktvjVeBrylqZROfLGwi8xzohpgXsLW5v5qiAC8p8s +vok78y12OnWF3cQFDt4lTxB8IfcIpNZOYlAbaxTZMMejO4rSMkVZpJot7d4X3CCJkzvhhWjy +rn7j9HNvQuf19+pmEirYdxtQh71Dl4IhvI9s0WTMsIBlPDdja56xJcsynYGyioMYV5ZovMc2 ++hEpvnxTAaC/r7SWd/Xseckl7yuoqIoAV8CJARwEEAECAAYFAlHYr4EACgkQo88+LzrF1fOP +Hgf/fY7ZQdih9FDoj5ZFDyeLxPC4zCkb3jlkRp6ePc5UiQK699YG10UJSwOUJBT+pvJ7oG6f +qj8Amhkf9jABajpbhmz94BZIqb/nACOrqGsaQ1EMF8bLg8+YTPlbTnv/zSGTKvGEHaGvX6TK ++UM8oqSuasajRjxA3Dsha7Hfw0RNOJWPMXASdPydwK7E7IUwuATv8wC68gBEPuvMb/X24/fL +dIAcmQHuDeKY+M38SNigqYel0nE6OKYIgaJeZygsK8doNO7FxE+3nCcUJ5IQlEAS5XDqnkSs +xmgZoZEokDvWAJdmuNeKWWuoVqCzliA+c/9uM1qyfEVy31ChGbsc7h5QK4kBHAQQAQIABgUC +UeBSOwAKCRAanXQ/v/dn8CtEB/wMAeWkrZmeYVA6piCySCWQWl1bvaawAeE5xjs1WuihTa0m +5m9EymaIKxfsYAbLWl1H0prwsVfpuaq7TOSlmbbA3ouWhkIA2Cb0VLwtB6uQ0VFHuLYg2XQd +GWPcYHyFFhxtrt2nUak04Pmx8psNSGiIQS/VeadPDfx9WvGFSXv73gMSZnSbzlA1xxgncgTW +fXRriRwdjC13Hsc2p5jliCeJwzsU+kadbvbbWvCposh97bVCF2FlMJHWwGRW23w4DonVaf2o +xKINQItDBBbAZRbySFufK4eShmAyUgS5WPY+5N3HeCCwPZ2Iiy/WtWOszeB9v0eNARg4fMYj +AlyFEZYJiQEcBBABAgAGBQJR5veDAAoJEO2XD5lmz+BeiqEIAJstV7JzjchclMdj0m6EAQu/ +INm8Z4OFEuNBQ5+PG8DoBgd5NG0pk8K7vyJoAt21ofCLsQJLn7nuVVwu1nQplGyo7PfqK0JO +3Ylh/fNVN/zV7+zkoU3DEoSCL+yyglhJkeKCLTrPnNwGuFTQTjEE6JGX/xHHDB+0gHWLOESJ +p5w51/q9ZYrnm992+lV673JbYrrpv5a3vzP3nnvkqZvme59Bq/iup8AfBzwj/DBqpO07+nDE +QGIci9QJ8H4JkkBvfhvcw768o5mjCu4s9/lCI0Zvf2Sh1LrwJjXJcWvjHvlWfkHiL+pw2+6z +ZZCWdpj8FEfvHK1oSD+MMO9pxvwTv3uJARwEEAECAAYFAlIF8v0ACgkQdND8mR30bDbHqwgA +hx10ylqoC41cgaSli5LtC7ot7T5damf+juKGyk4aXLrGDhvvXCZfYkyr7zuwboQXw2FtoKiC +UZvgZFMGpjIpJrrgjVu2CMNsZ5nXQ75MRJ/LWX5qTpr1h6nqFA32fn8jfimcXvKVY8x4RenM +vHYoGnmOUtZk4hDjit1ATMT8VueQoLjJWwm/MDNmmOd7vr/XAFQJq6rUuNLcp2GGcwjE8rjq +uv8mZ0tTrl/rI7MJvFlvGfmtj7uY9dLgLZaBLAUU6kXtDax6uKtMxUL0w8hU75v+AfE4HKqb +F+1bNRmKTL2+Tx+o4yrmbN4SchD6b9YfuOGYud0EA41U5G8C25CNTIkBHAQQAQIABgUCUhkC +HwAKCRDul4XiB7heOzdqB/96iLbarOKdNAtlVtd0t8oka4HtKQKKYmwdnOnJ1cS0a4MZ98jY +/rOh7ow82nsRKNKRcK09Vc90LwbIXKHtPQLBlhjDAAh+mu4jldEYePrcTKJu50JZijDmkaR0 +f5gvX1BrCEROIBegUWZQh8HTuIRUPHYG7pHO+jWjKwGj9pq7Qqo8pCYxGARZLHS+uagyB8s9 +dLI2JDEhDmWcJI988ZzVqesJqLJtnnnFPSvgK9DWciI9skYk7zNJ5HNX8LVevLwUiEOvyvRP +pk+BQKMcqy0I8kEn/v2u2L6rdhHvWQQOuUkkOeNAGFxCP3iFmDAsX9ZUWTk+UoyIe5+1kn3A +WekviQEcBBABCAAGBQJKBM67AAoJEGjoO1fLiqD/yfcH/jIg4NY6K5qlsnMlH5xCJpZw6WwJ +rItX7MP6iflEHHJaT7jypmH+5yXTHz95jBfQtxRRcbR0cMsFLV2sgU90Cm2/ts6z3oUHKISy +2gQJcE2OADHYGYO2GqU+M3AWLzCAk2Dqgj5rIbZ2g1xP35cSMMZnXTsJlU2wcX8UIXFV0+A7 +IRM5oYkRAABeOlOYGsPwlEQ+JUcsj1OkBrIKKvsPeCpFibO7rNjGvTdNMpPw5jdS7KHkWQbn +9XnjThw/JDEUsk2lxxo8M/5mkakYv3fFGqCB1Zks25SIKgLEtSKGz0fwll1dya0VcSyGncZ5 +fhew0eSaXovnrApg+9O8cYTD42aJARwEEAEIAAYFAkomf8kACgkQmwAFc+oKX7JDZQf7B0xN +bO+HayIzkvtdNqqhJm54fIz8jW5Iu8fUGeNdKgm2ZNfVaYp69f8L6wfG7nd0mq5k3yvvrrml +8gGsFOB9rVH7hJ8aBaH9nfr4ygfRb80+/mthaeZq8h612ffBUiCPYgUHa+zyfLTWk2E4iiqa +tMgH6MONVBMiP8C+SMLIfl1gym/Lb9Fly2gcUIalKbiycd5lJssGUJ7VlDrPhORw8OB+FA5Z +78cj/Zu49bOcSWOBC0jZkjbmy/iiwcR0vdHysKmUGCmn1QBOaw6RRARlD4jQf5Xf9DNEmAWU +xpNF0hYU++fa3ipjQX9LU8gu51jlzWDPcjrVK3mEckVErkF364kBHAQRAQIABgUCTYRf2AAK +CRASY5VFuKCOL/ogCACmj5aG8QRefM4bgcCtOH5Nrfy5YBOacLENbNp5flaU0EFXyOKriLDW +kPge7LzkwwARJKTXZgm/OX1VdyVpLyiO+ZrXD5ihb11U/xdoG/Z3uSHVp3piYhuoASNBfMiG +RrDLq4U7MPqFNowg+TEDftgYbKEq9DCr+dJm8yNDvdamo8P+hIuN1U0KlJqjPzDhOnBCrPz5 +0raec6UQW+oN3v2MTdnGcNScrJOfuJRHyadx+HfpUXpnwkm9axUKL2xPRO6JFM0wMCZHN7AC +jbkWXtr8ZwLxNff9uFLiswbYT9Rh6Es+PrKZoPNUpNsa18z2tQn77gpV9ONgTRFBZ3St2zPh +iQEcBBEBAgAGBQJNhGFgAAoJEBG/sq0c7jwX4BsIALquPm4Bo4vh9dIhWAQcsFMgIM7szRd1 +ojZvoPvu8v7leBK7sJugG6WtjRsKAMtQaQYVNx4lL1rgyXo1sCnqBxPcw/Bdc46/O37pm4+g +t3IJrn6NLYQ2ZFH8GkxnowGMInxOBYsCSEVzARnQBnUq9UjZliezw8DWulwge5Jr9YSxjf86 +pCsROmxB/1qXEvucwBm8CzLbNqcbvQwvvFn4q/uMQpz7GvH7iXYAGmqtAiRbnE330MklKHb4 +Xb0Hv0ToVP5PclTFvWjYrutYvkx8spisYAjMhpML49s0J3tIei1wUpSucVMk5G0dIQGm95UD +PL6wIMBGryK3X0rK+6wOo1uJARwEEQECAAYFAk4h5ygACgkQihlkmujbtRUTtgf9H7uxIi8d +8jKl5yIJqehTY50Yq0VAIn84KclkDqnUU3DCYkNbdce9sz5HJW/FrlkLywV03033cvohyo4K +Q+xe0+HzJbWUQdIvl0ziB2TeBofo28ZTUu8ZDnWrGXBdCMRRZAUB4FyN5jDg2UDlYrsgro4H +AtnSMuhWDKjAvyodiuIPv5maH8hYg4kQkdTYpkyvzAwxZ9uqE0Q/5hZm54sySATY5yMjqMBj +zFn895g1QnDWyBft61RTUVNeXxwG8cdSZLrRnReWILOY9e87m71EouMhSo5jzvJi6U8XcR3z +khF9GyIb3POakYYcfqDfxZpIb+MULluNRR5+J2iQgfxDeokBHAQSAQIABgUCSyjHKQAKCRAA +8AMf3O6wK1+JB/0XxcZ1bWbs8tQ3XHGQdugVQ1lND3Ptt5K/6EyfzcFlGzGQorciEVS/mmVO +wO2gmXF2KCsziirZMG7EwnUF1DBfRJQ/oB5oL0RWFqvUhwaUAaDnrcXlOwTYDXhAPhenpsMQ +NTb5iHEuabcQxOZ1WDWLiAwu1Ic2RJEFDATzLc/7yAkDVqmGt1N4r6FlgH6wTbpRewVYMnNv +OrIQcCnb/t66CvNx4g2L9oXv4vuU64pbDOmByt2RgOPuC1+lYJ3W7qlna/TbFYXYPG+L3G6v +ghHHmmlxbowSR7iW7UwQX0N0Q2LGTPnMB+rQxBK5B31Cf6PQHHe4fHuiTZqCXecnr5EWiQEc +BBIBAgAGBQJMyoXlAAoJEHyUwKFLIB0bkSsH/RIue6XgCPjsmH0g64F4OTXR3deBikJjRsbW +fS42nNo7f/nsDG+ndw0wb6h5rq0i2IvtWfuwXfEzDqUKrzVamj+j6lWQETDOBbJ5qqwqxsPa +ODU8RvQgMCzeU54e4IHpDdqrjXhIQbUp0BPDQjtraq22V+yuKqI1lp7Hy6E1HFJ9A8l4p9NJ +2TQURMw4CjDf9T2pdErKrGbL8T7qQPMVygHQpecHs3oJcJQkrQ2+/RZTC7u7at9DLRZLqUus +0SoLXXkKqqp/N7cN+tGONFEAni6fJUbkumDjO3N1ocwmkV8Qy9jgzd2uoK+Bob2DOETU8m/X +bo6Uuan+WX+xTXMvRfyJARwEEgECAAYFAk0XeJUACgkQlOkt+SqqXDs18wf7BEm1V5JCrI+C +yxgMWczXQxRaCVhv48KYSgVH4bFdijAsSeCojzqGLXiC+jcDplx5u1Kli/PLL6EnBMnA32Hc +n82mXzp7PsPVhmBt83LPwI01vo7lEvmmXLWTukZqA2JZE5AVjEbWOUSR9h0YjKwWRv0qUyhh +67JOfY8Yn32pn3FFDrXX/qcoJiqNWHnPP3uHoSa3ftStbxUI1pnYRWR4Zus8JYG1YlrcCtoB +cDCZJasR85ddiGQ3J0sPi4rldd7PdWNv3fYiSge4mdAYE7P2NyyBU3/aKqG3Afx3u+Pe/H4p +dGRbRITnduHTKEk/CCngBVHGKxkoqlhR3PgG4T7cmYkBHAQSAQIABgUCT1+aNwAKCRDMIzVc +YuKmMhkpB/sE+V4etA0Lj0KQDk9qDtMBgWH/4m+mns5r293PzHQ8QXG561kWoTIyNqAGfGys +qy3FcjNYTJTc+YymmrTAroF5CA8ZoO7AUs7IhRIrpMUJNYPJCIm4yyyR54ZqKnpk5tCyFlcl +HtPoDOaqVBkjarUCva7X3AySoFn84k9ddWgAh+UM6cgTJ9Egt1LXWmtZ+Kb2zyRDkv4acDow +SQI0arB1stmfP9R+5LSCPICe1Oxe8PeZFLSaa1OszsGANfe0QuV7t+yWrDvSYsaG7adZbHr7 +mK9vUSxrXSZ2OOBK0aDyXM8aTZZVuUDDt03fCIQZJpaByJp38PTONVpO/RpRt6ibiQEcBBIB +AgAGBQJP8g5bAAoJEAbEKqEo6pDdHKcH/jY47LNGzlJ5STW+jHDdFDvG9TAlhlSQprVxaKxh +MkfRVa6iUQJgdE7W19IA1lngt5d+PJAEbPtZxXSnWMk4BMU1e2rva+5maxPhQuo70NTFCVL6 +5o6V3HSDKa+iew/XieLR1JsmwA6ZKtJfuVGP9mRUoimg5iBkUimnJFwpbL1X/l/SqhBS9md6 +n7tX8VeMbLzKyxF6sxkG+ePLC2unISHb3QtxF2b5/QP9Wzfq6tOEdB3wT08oXPNbPeuk1QFz +EdKZFgt5vCKfTCi7/D8+UIqI6uZoCPCDM3W36igDl7zMmG5Qlh4S3NQvBkJ9dRJr3fnzhhUO +fYDf6bBWZSY07VSJARwEEgECAAYFAk/yDnIACgkQrkXrAt2sOXu9ogf/Uxj298lKuxEfpRZG +w6udu10cUCIqJ9z9aaCE+T/hBbaWFTA6SQ7SH3oPMdAl4YlxKKs9toCVvZTWqW1DCK/lEemw +vftr9jFcEuCaN17rW4DX0sQatOhGKAo9mIf4tKcSUvN48ZTGQ+2FsstkTf1gomYCyGUJ6bWA +7PGzuXNdhKSSqqnI+n6acTwj1SS44uG+v6Dz0O68E7AqwONnF5IR6zw/vDCrt+QxMKUv9sin +cFEpgbg/hHonK3wnZSi52zMlAy6TrpcsWVgWxGtYAevAZ83nsNw7qVq6ZDYCerbce4rV2wfG +ZtAbTUgRJaq3ULAdkAdczAIp8ZE6LgBmaZfMI4kBHAQSAQIABgUCT/63QgAKCRDDmpXKlVYJ +lWVgB/sF6BnV8dwz0YAMpIf/nvUEJcqnQ7fumMoKCqEARjmEPpz1FsX7PJImgd9v9uxLUq+l +555D/493TJMex7c1U/xUeGjBlirbdCsMBdX0rFrMcdU/G3fkS2706vjH7WgSP0uDboc2hvma +8R/z69wkeh35UFvLR1Ch1Ip3WvS0jAzfgVAPb9NN5E1wzW0kzuiFhMfhsr9WctBpU/9zDItS +iYw1RYeYNetrh2xv0/W5NQJBTkATvw0XMGVG25KH/mzIFwSlL4Zjty9hIvsdx7q+rRs9ljqC +bdz0QhDRFATY4EHHAPUS87YvveBUvgBWOpg7wiX+OmKR9jvU2qKqMytmUAl0iQEcBBIBAgAG +BQJQBEVRAAoJEFYaFpSTpX6HYqUIAJVeYsIJNG36LVoOWlR0Aclwdu9GIRtDq0uwm96pyFlS +0cYWywuN2aFR7toALB892FojUVr0qJMKEVgoFUu6+YYLzDa6mtL6USHZ5E/tbVUEjeZp/xHL +1nNS461QpEMwnXUkDV+XalvW+lEmuDNtBYpmHAsjmpBkTGB3kj0deqrWmnhD5suArD4KAtoi +PCigWMTGpsDdw9G4xOVWgDsUQ9vk19+9KETEH1uoVbcYnWL5tLe7+x1B1UAqAGoE9RlEXPLl +V/k6mtvYZxGtkreovbhS5yqFI2yB2E1IfG0bIKQTSI/ifASxhXeUdoxVVsQ+gAQTl0oWIw44 +XPt93ta6ri+JARwEEgECAAYFAlAx8qsACgkQCSgIHf9W0S6qRAgAsgxZyE7OOxAvfYj2RW3r +T+PKs2vUx+QYAyvGHMCZItTCVp8lau42TIgJ5zrUcgIqhonDQFSUlSoT/g/g1bUUvAIgla68 +yclYJ5bgRVyjw9sRCL95ke20BiVLw8n/KUgGqfcad7C5Ed3h/M1f/2pspYIzhgr38t6GZyWp +AuQnOGWFK37yCLhrM4XTUFNQniF1x/M0nlRopdVaYnkpJO3gJ6ji04lyjNDJ1EPJuYuFBX1A +MvNMk+eKNocokpSe2plDgWIcIGB2TCAFzC8DzCmjqGSYpc8JqfQnnnKMKcYkxYCUwWI5olxk +mw66RtNgqsoKDweKUKwzF8XIV+RSgJh9jokBHAQSAQIABgUCUM7aiQAKCRCnWJgkCm//0goI +CACjauAgHFk3JbXIC/jaK3OVZKaVil/TeP2TX6qcPV8avTrZbtpu8em0ALZg6Qu3ftUBa0nx +sgd5EWPafSZ2xfGODIzpyZ8DSK4u5PDXDCcKHtbUBCS7XKOiqlVwPCXhQhUpjSlk9Ymm07Uj +vjXKpGPZ9nXEiwjVmhUT9A08D5XuvNuk9couGr2V6oOxRjVEvaKhNxxEOZ6ywhmeGfn+pG2W +SuWafgzmrCr9bjpOh9Mya2I8+YBwAYeqOT5RlDvCeoFD+0CRjt6siDJWcFnPgUYhKGx/DCE1 +eEUCIx0zDWA1Kyonmjtb1T0FBfdsryGSbU0LONw5gMPOywyaJ4OmGGOZiQEcBBIBAgAGBQJR +YBDOAAoJEDUeyRQgMT7GodsH/RvKthNGbOV3ABCD1gJABaDaFZRyeewH4FDevm8VkKy9picA +Jlh95sjTL9xNrePiB26z0P0w6U57dHTYWGd9F/NaQWUms+f+9t4APgMfCMtkKhjss0kvfVNi +vVHsoeEQsZVH70gV+xtDkndejorgGRf8ysKL+AvdtvxwcF6Wp+ebXx+WYEZ274iOgScmPlNo +acHKxkwKno5dzE7oahNfv/llnCWV7prbKHZnSdwYCIMrd4uC8XyfHvNgijqSWJilE+T0Xi3L +JmCP+5rnbBNx8iidTj5iD5/m4dQN9xjPbyOQoP8nFQhi7iuyL+PjS2jgNFpqF+nGY9wn6/lT +FETJVLCJARwEEgECAAYFAlIS4KUACgkQfbH5Pl2/deKYeAgAlNebZfrqxzCA8vxFv3vxdT+n +mWaWSsAuXjvxpJPi+cD9F/ahtpcaSgM1iIUwIPaJKACvTwsWQyAlj2sHXhuvPJk05PFFy/Ri +Qlr3XOxN/G6rzByxPaFMKyAhA1ID89jVq843q1KIaWvfOTBKpXCJ7AJrVp2ibl0IEjEUWvUP +EigUOeAZj6ztgu6ryLukxFNtn06lBnYoM0KBeMCsUQMx/fVbGJMoBBDFP7riVcZQhFGPjFVM +Q+TxyVOR3qzbMfMlJwnGr1HIUXks/UpisszX0VZ5qf575i4aci88GmD4WunfhCm8HHs3+MWu +GMj9EdQUrWgIMukG/qczojT8OfVVTokBHAQTAQIABgUCS5EsuwAKCRDyzCU2TEhdRvqXB/0X +YjBumcJojlvFHrFLHaqILrGBVYmQern2qJQVDdRe+RnUb26g96MNYwkaa9gFh7t9wlImGlvu +L7rehq1qtCHSqraPI31DWmRUHf5faufS8duFtXAXVg+GB9SRd9tBW5uBwA0h3yMnK0VetdsD +aYf7nJfv4QVIp3dM7zgP+gDXejILaKFUDeonCt9XF2i0KYMu5qJFk1/3hGOJ4Vjd1d6IrtrF +4667Bq2a7NHeoKSSd6B8lggTaTWuvWAIWmwY/KQjJVHUWOVdpNOlmnNdMsgKzVA1Kc12BE8n +SAN5dj6/eWtX8BNa9fRp1nK6Ywm3MaHMQ5A+mNwVYyPu6da4GhtdiQEcBBMBAgAGBQJL+tvV +AAoJEHfHBUQAT9DMby4IAK68KvlMN0fiUX7dnOVBCABLR2FzlscrxA5drC8DNnXaMbPr3iHL +/ItX9nvQ6wZE0uRzSLg9MOI72r2vkeVsznrJpTxotsESirIy0D82QG0+SkudelTbHDesrmvk +79n88kM5Iz4HXW3cV+nBc5Fc5hyjnnk48UIJu1GhVb86b+Tt2MjgaoT3c2jXjsbD0dxlC7xp +okClcUcnXjDDJzNb2jr4fMbHb1MmMoa5WfjG335N7dGwkiRctMvSgcprGn4ZG87417OShPfS +DNc+2J9wY1gQPOcaN0kvTQQ+NqW2iRIHBzeyJfVhJ7osVk7wEmxo7CicefGnYmmZpcOJlTJ7 +ObOJARwEEwECAAYFAkw91IsACgkQMEIzb5HOwq6e/ggAuejZOjp+VDfZ6mvuZogDuiM1LPq5 +rJSiL7b78tI/HfE7pUh2NuS4KV+GZ7fjrguIKP3CED8gfk2K6q88laeOZ1BPx8u9Of+mI0nV +UDi1ohHICiMqtTPMfw74TcIo/mNgoRO4MgVbRPKUp0itmMb+3JikVohJ9V9933B61xCjVWdb +tVAMHFkeE7Q1PWJ2KphM5VxPUXt0krgmarWr8ANEXmoivGUBrdPp4m8+5w8CeFd2+JV13kAB +1Q8ye1IZLWqO/9wUwumv0byYOAwfgiWPtgvyQTmIXnt0ZVf8vzXzgO5i/Wl2ohdHSM2da/br +f1AB40xVETT/D+3arPfQouX61YkBHAQTAQIABgUCTMHSKwAKCRC9wWiI5iz3zbCmB/9rZZDB +wpOJepfFrSiJRkLd+3Pp8+PyAuW2u8AKngmF2dQeM0MGgf2XvEVirTX9Yy2YCWCJql4Hm8LD +BeSsy7WXlQ9sQPX56/FjDmNS8UQee/6dSQyTxBzA3WM9xXcAaN3cxEAdHOV0Wg7AhkMFs5VW +tQDpzYf+sd80oyGgDFbUijt+dwyqiBhxC514KkC+1vv/Y5m3/3kurxicMH9jVwlRSAR71Snt +DAcdNsIJkv1GRmoRyLdVIvhQLpmI3YRdDmsxz83w6g+fVgftQ5YxpbT7IANneh83ASYvvCky +OUwNkatGpMCGK84xUauwHt8WT1FQfAsH7i7LfjIt9pphiaUFiQEcBBMBAgAGBQJMwdIuAAoJ +EAB6kynhaoglWIYIALUP8GgEUNDnnnXw7TRRCd+ULlAqhwulhz04J2H0vdGMtSPfjhcOdYZQ +GBiMhArim8jnleoIaR3APJ/asMGTS65hFYHn9I6vCaOBN03MYKSQ9t7MgygJrVSLHVK286Qy +G9sVMCOtE6M5osfXBOrfqwyWNWXBifnxRXkzdRy6L/nkJEQHWKAP+pavnVuNd6lTjj5HQ0EM +bLIInVwdFrybfQIxGxrO5VlUjMrmrqj9MpnmwVhxNdStcuEKax7UN/hF01kZ9S2QBI7CmjxN +BW9sNKiOIa0BANnleDaUgO0UcjM9/i+noL92wT7wrHiaeT7XOZnIQy2mf/aVSmjgRPIypsiJ +ARwEEwECAAYFAk0X/xUACgkQkjz7RKLSk9FlJggAw/F+TIn1JXyCNNrhudb5T4n6HryrXNJL +pfqFpORDCLmWHSrbrq1iKri62sc0n1QgjrowzkVsnxQvOiNLLFyTnFo/mgK6uPi/KTRsb+vx +KtLQV+Euiq56G/KS+IFFWyUpfd1txK8rdMVTsRSf/zX7n19OaOz5icoFgMUwvtCRmD/UMdqx +ThskNdZqy5NX9f9hQZSNlP6MgHJ9/+P5hkxpYferV3qBqFfb26daF9s3t9xTaGrEAsCLMT7H +c4CAdlIciqvok53nvUo0AjYclqE6XgAyxQe9xKsaFK1w+LHwYn4IC43hPhg94lyqjVqypxBq +rx0bYQQqlGLIoNrw6s2gXYkBHAQTAQIABgUCTSZ6BgAKCRD8fVpqr+uflofbCADXRqxE8Vuc +xNdjgM1gJV2xKluaHmpSarn1OSNr6FJacXGk/6TRG/P2fMHa7kg4A9yyJeQteFACd+AtrFn9 +ApH8RGxtzQApm7JswR16Q+40wHh+EghS+Cf1Mw+2O7Wef902x0dpmdaMW1wNLNBnS0TGioqN +k9oRr4hrsR9Vkbq20cY7G2PVdVCHvV1fonLOJJIQVcyvQJo4rJFlMtTz3FWQVcml75R1Pq9g +mKaS7wOEGHCxbxS+FP21rhQZjIY5WvqWl9nUmij9t+uv/BaVjRmczFvnYen8hg5aBmv6TZd0 +0bumXmBXe7jIpPGgwOskmF1N82xg7WL8X29OrkDC3IxXiQEcBBMBAgAGBQJNc47JAAoJEP2r +ZMf1ejSyIPAH/3P2PcfQcw8aqartfoe8C6lofyyHoMVaIo4+6EH9knNNpm4Xore4RWdIQV2F +RMBe88uPiY3CvCdc5GfBpSDI0f/UCJC7cT+sWvYRdxYDNzGSm7NSF/+/NlantCMrQNqeTbLm +3cFmUjvzL/Zh3t4oWVvspe7G+VraBVKwjXZv+p9bxbm2RH+zuzNyInfVWl3WmPtG5jGRerwk +UjcdL+rynpf/p1G7UjhvDmkHm7cpz7Yr9dnG00NuZWYlpOid0d7FtgKkzIu468+ks/4tLS5i +JuscfzcNjh5fvGNDXC+9FW5V5unU1D3w57yLlEXFCuXBUBvwBuzqf1pUhKi9cCSNz/yJARwE +EwECAAYFAk1zjv0ACgkQZm6KXZN0+XPDNggAy6lgIlpSPXj7Ta5Hnz3kaTYzus2SLYX2Yvmv +CstA7rxnUrWjn+BVE/wQxNdt27k8ddUyp+JOiTNtHQSeQ2aacPOvCwH4qLuRTLZ3+rPi/DeB +Pr4OxmRO7xeE0fiABTEwFd1z1kZhRWX3xe5b98QdAfPxoCv+tz79phbyAYosm4d/xtQjdhhE +qevQdeYhnv2g6kAI8oxsLfTaCdAMoxD0wRu1sR4kvGAv1ZRA8/jvBx+x2t57yKZHrKZKTcji +GrV4x3+/7LQj57WlpM1Dtixzi9U2d6oVcRdfMJg+5/cFKE5AP0u0Cd7NGHRW9/eVvAtbV5f0 +aexJtzUFjOakuXe4HIkBHAQTAQIABgUCTXOPJgAKCRCYlwamPt61c8wJCAC/p6HOfq20NdhZ +FnQLlk4ygulXDoQZEJQ1dKO9vDoBQfcEAqhjnDjes+L2EyweBJ2RiYPcVqu+m3cn+f/FVAhr +D/sbia4XiL6XHMnK1fpT9CYYF3GzGP70AJg4OnLPsQZjanu930LHJaQpvXhGGNH5UFbUiPUz +OJygUp3ITx+/kEmQFjmBeZ7VYTQLjVurMj3cMfGC1nmFS5ufcJknhStSBrmD2lH/KyyHfvdH +cyjpDe089G7TeKjXCpx4W3drHg12LM60KF3uv2b6URNzehjxqmbfKZStjbiXhu+FYk9HpMZv +HS5Tvo9dbVX231osNp5vG6zxpvPj2JxFUlXF34YTiQEcBBMBAgAGBQJNc49LAAoJEF+xBrqC +rODcYgAH/2j/UdneVe0RrxRoO4J5ucbAhENDGtw6lUiLs3+qeWXX1IYyvGOofJM9a3YTu/Wc +p+R1w8gPg/TM/Bt5pkrHmXOGM2wdIBle7yc3XlBSiA5YgMB9BTpCSq6sai+lxrTTNjxUDYEo +g+kN4KxoDF0IBX3RyRGaOER/9sYYQDvSiRXZOZLm49nRywy7ETpMJA3ZgUqXWiuOT8ZiFb57 +Gb6Up0I7B5S3KwBNSexWTUxAkUq3YR6WYyY7YE+f2VHQg5CgKHUPO8/+pf9701+sC9GcT10t +r9fIB1Fc6ptNwcbqVSEEDWB+b/H/jjQonaMIThAU8xZhr2e2ZSOIblCn7khvPPWJARwEEwEC +AAYFAk1zj4AACgkQVNd0mn2HR2tMCwf/biwXPnuYhU05V7rx6uk9qtUnvIP2PdOjeG5b1jCF +Cq3umWUQt2L4Rd4gb1wayNFNEnSQCBGcLGSiu+ue1v9A9yBfIH2rvdPOOmpLJdla4SwCb97t +jPxYcw9zTQnLan26QVycM6NnO5AGswJA9K7G1YmvDwg+GIp6dhFCP3Y4AEJ1JDaalFsBIbOA +sGFhyTE2HiawBt0oj5eJCZOTt3biDYAWIzPgWGoSqpHh+CmkkJK0wqJm6fT61R4zV/X0NP3s +2WGrC/8QTkAojt7DI535p8PsuyAkP9GsKHfcSmobj1f0eTKSPolSnWTHvMfWPG+P0Ug9EnsF +CFAyrIxUAMbOyYkBHAQTAQIABgUCTXt1SAAKCRAMMpcLHQSJd4SqCAC0n1LHxXaaxrWOL0r9 +CFrFHIjMYbyp9hVFeITF/Ja7T09zCYW6kLecfCjFNLe+yuXBVc7P3sUj9TYRjMXDo09whhgQ ++A1CLfx4Um02M0a2ANA7dV40stFueLxMJ9eDn+0H5EXR1XrYGl0UBWl4Ujd/EQhK+Ycr5z0h +0AvdVZilTEysa2l0mt9LjpCb1f1gYMcIFsEesHqhriLn8qdNiZfnzyI+azWf/GtsE5aqhlnM +nk6jRAXdI+4sFkKdKnCL/TMNg91jeMJMi0z0YNryoqlUqMzJ/Er+Hnbd5lDo11Ihobh8sgl1 +M6bc3Q4/nLDQxN0uHKhcH5uK1XJ/rE6kd96WiQEcBBMBAgAGBQJNjYRrAAoJEEK7TgF7LZS5 +r9MH/jj5NmqItrDXcd/g3q2KkCb1lFOeayYIkz4J7V5F2pJjUYCOYrbw3oIf09a3Z1vqO5j/ +rwfckpc9ltI1BQW+zD65IwpP3X0fdzYnxer9vM166B023PbVVN8oNdXlE/iCq107zORA/Q00 +1PX5SQ1/xS6T5Z8/KDiYZgvvVWEmB0tp8iQetRFy8pxN6d33X4NPodaEpLUxVoHT84RNtQtg +BKuLnBYbkhgOG2d6Feh22oOA53phfJcOBqK+c4Kg650+Td6a24ea6PxNs+TWVD7uW5ten33Y +aI6AiUtaKU1/M0HdLkSoeP0wmw1HBMP0q1mje6tmCxvnG6b1LtjKafp8LViJARwEEwECAAYF +Ak3DUCYACgkQKXe+waxtTbqX0QgAmT8YmoERpl5cKdTwdCR1UfyL/flSO3iJRDyDx6jdCAPE +/HqFfz2MjmCRFvAyF6e0mkgTPTU6BA6kmXUT861d2Rt4ijMVKZp+aq+klGFfXi90kSSHd7H4 +tY8AmmhBLu3kfB0dlaUY5dmrEY/+oEv6LHEXwrkSZEv5g59FQ7IplpdQsPu254hd11fAwfnE +pWuLurKEEO5PyyHJluykZDniXygx/gEn1UeOpsbnyR/qJcBrr1guLJi1Qm23tKdmOEgaCtvo +QzUbpAZuMCuGjIKxUXAqA+N7cfK9GGKZhb7ETFcynOBiACEUyo8xQE5oTj8Wg7+XbBh2PVHN +bgKNk/FUYokBHAQTAQIABgUCTdFd3AAKCRDDfIBdFksFLG3tB/sFpv0XENk3Smh9lLqjrFbY +yNg8DzKU2l5u3nghFfpsSKPrk+75T3vlLsJ8pWtntwxHp80pxqNl37kX+PIvbHni2m0jyLKe +u4fn4/c3xTkVjKmpAErB8y9omm39Gt5Lt83ahB5aLA4VlyIfvgsum6+Ql1yZXROnBXIPmRFV +Og99u5Qt9z6HNCqL0toG5QhJ4R+9PjSWcAAmsYWomIInMSa5YXxQBIjA9RdOkUpFKeIygBAj +ESKsLexm6yfcNH18Eqc+XIzmsbMqKlicu3tXo7dZg3PGspGTFsh2Wj7JFEl1F0NneteojZ4N +6en+31LNHk0XeWxuzSxsEN7Pi1Gsa/AOiQEcBBMBAgAGBQJN6C7pAAoJEGHzFKNyx/hVDjIH +/0ACXVKWm5XHWsAiLDPBCRTjr93CXezjPanHHzvoIOR/uBmXsIqx2jIs98NkhHtSsMuy1/vB +ufgZXHq3RcLqx8OVaocYHwQ1YIEQPhmc4F+PIHS+GPiL/H/X2FRK1zssfgXfn7B7D06oqrlz +uIXRryaPzciBsWN0j2jKeufqju7y1DNH3aQcji4A8MT10WmRksqC6imouzy/bQ1kR4rYY2BX +4b3RXOft0gU6b48H2A2hInBzVr76yCv73q5rMp5OJG9UsCHnWlw+jwJC6V6o2+3j+ryKPxKR +yttLIcw6vfJzTIqExnXeQ2MKwn2wk40LOo984i8C4kJTcUr0Yq0wTbiJARwEEwECAAYFAk5E +RJYACgkQHmfBSvGdHr1CNQgAqe/OeNVSYDjMn/rGgRTT+CAwons+EoUyu99fXSfAtSPgdHPa +P9iSjWAUMJBkwUnYbO9QYi0jtYxGIOVSZ7qVIaPiQj1LcOLh/mWenMUHfOiC/JH5Qznf7p/1 +mNfz7hHlo1v7kPxROBJmig0axdoecGLULLIbJ9uZ4d8yqRRQcHOsHOdfxrobtS+Xz6QZLKRe +zeyYrajM+C7FS2wF/VO2y3SH+Mfrniln/Z+LwSXgzBMNbvNY0R0+Rcpiqxl4xoLXrsQFf/gX +i02XybZvmR9WbmT+idFFDlxG2Kh702OakiqaNi43Kch8uGTGF+AhSVgJGcNhAR3bTW10Xos7 +LB68eYkBHAQTAQIABgUCTnDmFQAKCRD5c06pjSw8fjNzB/9M7yDt26Hqi+EDLBYQaC5QVuoo +CncvhB1JBXsc6iVbEsv4gPRunQpyFDz2sORUl6u66sFUgh9NnepiW18RDFEA02uNDwmJiwLo +pXoTxF0AMePlhadw0NuCXL/eC51/K5wUDmffalkNnJc3JYs0Q9AeeXcp3DGCOsjBAXwbmVlv +Cxv7fx6sAX6REU8ZR8CWHOsvRp/6CrHcTgZc+u1+J8EvwtclwNn2utTZLy6CzdMQsOmRnLUZ +nC2B4X5gB2tzWja2u/kRTufD/m0ey2zhtBJMJZFDAnaGDbOPX1BffgVjFYFuVSXYgYUN6F/+ +Xiy5d461SZeVYwGgA/1jq+bCe8owiQEcBBMBAgAGBQJOhTFQAAoJEMCU7cjFW0ST2eoH/1m9 +lv7eKbA/LGyKsaZjPUKKJUL9HyV7aNnqLIH61Yeqtutbic9bJ4mhU84DmcEP/dBcmcflK74X +n7qQ5vGkMWxcbM/U5cOKXaUwR4SR+cw92DeOV0Zbt0BnFBe2MBVXY78Px8FsQOvQ2ixfGUH8 ++D0EihTKK/PBTYqHl5SxRoYFA4atsvvIMnjp1obxcG5wywz8464BLUB5pTRimGl+SX/RJcVd +oZLtuZ1DH3wVnJiiMj+vOgZHZKjwM2qfaRU3+92s/FiaoQ12m7KBSYyR/oQmbpVnJP7uulqd +d1TBsPoIWm1N0uEe27QWkQd4BEg0k/bYYMNuT7vhvdTYD+huioOJARwEEwECAAYFAk70UlQA +CgkQ4xPvO3y2MfDhiAgAqud+sPNhPy/Zr9PKjGwEeb8DgwgHaIGIbuKM8Z8xfWljPl/mkRyk +aGdOOwypPYcb6nt3EU0O7D5TgVTllWksiqiVj7828n0SOLdajIeCQHYVdg9vmMAUY5VKC++/ +cfzhrtwPIOyLkf0n5NK2DiUemlP/5usk1kBcgSRfFVBw1pRfRPcHS8THAcUbwdGweLM0HZok +DngAogIS7rRzM0QtKFQ7H58zg9Dks93FZBrAJBy6oP6niG23btacuRYgFw/Id1rVJiRPDH6D +mrmfskVp+YGZ20eb2FtUrqoEajLRTMRDrhNhvm/zmaS5gP30kshu4AaWT1uUwnpFRCpNnE5Y +8IkBHAQTAQIABgUCUDBFHQAKCRD8mCerV2Xp6RUjB/43j0x+qvReGQDTiFaK8aA1UoFXl+fb +OH5hDUpt5NHn2pkAL1gz4q2SjjLZeA+2CW/fXipCbnqOncwLjqJAxwSB7WBznYFEr7ft5MaK +hmLW+jcBJIiA3Go51o1V7Tow/NoIamLiQky8lGvQo3PGETnzk+QGBT42TZaPIL5GqPMkb3JC +dgJNy1fMV8TlEY8cqcstgyPB2ptyWNKp0xAso3cvbpBwK7ANOTAb7o8+7fb0Wgh8EdwzdvOF +cEfG3NEF85B7Bo6SfLbxPQghfSxhEjQcxAtAglgTOX09YzmCnCFKf9cWxyl3QboCng5PVCP7 +zsWRziGbGxw0zo5iFw3ex4sUiQEcBBMBAgAGBQJQURAqAAoJEHNYXCzjNRrN07cH/0KfJjlS +unS/keUXG/yOJf7vSGe9yff3LWXn66ypYx40BJYtkt9uPqRdPltAV+WMXifo5rF6F1G64Lnw +kY4aQKC5aON65AxFfAKTRBswjyuEyZj1jSCThJZriE+yfSGvLn2SD8QMLxf3P8VftC1PsOLN +irQxNScMv3w+hThW7ZAcuIKxLmNsJ2oEQEy2XRnkjVWdB8mqQQ9+rBVHQ0vjbjwSCa3qNmRT +8siHelT56X5RKXOBN24mOo40Hde0PTfX3nYC72LYQTVT6SbCM8I2CcKFB7sdLrjC+AeytiUA +Qw5sGSshwzleCXUXfpJUnPL6ARxDQvYKOutlQ0dG4Mr7EeOJARwEEwECAAYFAlB4DZIACgkQ +v9pAFE1glnM7Jwf9Hy6P5OPXZw4q0nA/JeZahr0NzXXF7S/Wicu3dwDRduTSB4+ymfGbfIX/ +9j1qBNRmOTBuolQCevzDVHvd0386sovb4YDHhkDZQEm+H46kNcUL3IeEOkM0Xsi2LavlLB/S +KtY55qmBNmVAZhcScEZFfseLG7i1c8xln8RHNUbUE4/cJB3+djiuXv6hPblhNOvGpT7UTR7R +Q4Oltxa6FO2SinbZF3/kbrXJR25c9BmyMvBpR1VswP7D28WbMDLItINn4Y19h24MwiUo3Dql +j10a8ajT4RCj1lOKr9PaszAay6d4RfDIJ/lPOEDenI3Q4CE6G6TSh93bMpuY1N/9QRjjPokB +HAQTAQIABgUCUNQBTQAKCRCTFtXaYIso9EkTCACq5ia2yg3KfG0bXYlE47FL5XiJ2GploJfF +ArrYjopq0KcUIbPn1mQHBdzXWaKLHbjQ9gACMbfTlocSSmptQv6CRNGbG00U6OlN/MjUTGLo +nANCLI4QvNjYAYeHl47rne4Cjn/FpEX1yVXxMDLF1cDL3YsqkHUfp0XFWY04h36jC4uT6ZCy +t7dflNw+Opz6ZPB5HnwPyW8NmDuOQLFADTTH+mGp8HoZGIonrjZmMhi+DE0LWyvKfBecvJ75 +SKYGUkX0dNPdX7Q4D4YyYWnQ4QO2A3CDMalXkTkMpFgyMYXAu0BUa1gTxTLVpux+GVMBG9XK +BiF1fMleGUo5WaaxUoBdiQEcBBMBAgAGBQJRC9A3AAoJEN8AMQ9lb8t/Rt4H/18HPLA6SraF +Zwvm+WJFZCVHiZLmEMf7fx/HypKKKKmMTY2LwlPv16BG0Bs1u7bzLEZYrKMPWVRdqTXQ6b/A +trj/0BxXF04+OZNLZ5993qsntXMEAhjTT390/SYk/jo6U8bbK/rkiAR/OtF4LtAXB0o7yqLg +kSaYjLNFAmcNnqVqPB+5CyiRJkkfMtq9Th/fkH7NlwUi9tegOyTAuUR4OiSW3a1bMEdQwAGo +O8UW8nL1hPUNIOfZ4dABdzpdOAnhCciizFTnAWmpzeKKGO1GsgUvydYuNBUjUPt5i5GyIe23 +i0AW5IH2qA4dxxgSvk3c889NkgqIu4ocIu0iB5eqgbKJARwEEwECAAYFAlGq7qAACgkQib0s +cFYbUwzauAf/WOwhvagT2K7zZ5Dl34REAoBlNC7O046ERT9UeFHv58avg15n6OBxmcg2VJhA +NU7MZcctB+mkVYCY0HXlSKqzg+ZSDnOxA7LM1rEWX7WaQw7bhpb3LbWdxo0R7hh6TkPJy6a+ +WLLYKIvG6iltS4J7ZacRq2PTItYdIY66fsDwJz/lWTNfoHvmkzqfc7eSiosxGjSGwYNJA4Pk +caUis84KdlM1zBQGmWhMo2G0q5P0RV9JnE5lX8dySumOxAl/5koz0JQkazzbQ13AsEfrnWe6 +Xu/pR1bMFYlY6+OUkxBsdeJ4+PpYqhvzaIIfDqf1OGELmBsIybiHFnqkqQ8WPHVYSokBHAQT +AQIABgUCUbCcbAAKCRADcLZBrE8fcunMCACBRPYC6dZzMYk6m6mZVddWEBoqSYpeezUoZkmb +qjbZPJbhlqRDTB6Sk0lPz8bkWVCwatzCi1CPFg5fw7CqccpOYZQKvkRY4qaXt5ehuhQrxrvX +fN3oMBLyzP/TlP5uKUVO0msZZLgSTHT0qCcgZdhjlJ7NOhcivg05pt6RH2ZGrRH6CK4ivYXk +MUa9hCzfbUroZFadNBn8HjRn4Iu5zuoQReFmuhfC42bNFdiNcuT7ArJ5yiKy6uRPzjmWIkE5 +ArQ22UVVnfNBRUhqmZBsIf4ZKbr4HFPWu36vKv6awEfVNlP3jqrg74p6Btc+tSEIBSm2ucel +BS2oRdcUkDhk/deviQEcBBMBAgAGBQJRw5bUAAoJEIeJsZtyvy9KeIsH/jnErwv8vRVSrTNO +XzEfadA446AHqw2TQ1LF5iMdkHrwv8zEWaGKJj4sgwoRHqKO2pwsl8zsqXjZc1yobv5vRbYM +iYeIDBXQ/SzfUPc8MELJmPvPkacF/KOgs2NEF3Ig3lBpO8ckptssG30b5TAD27kFQppAhb84 +fnU9ML5JBWnh9FUSR6Jsp032vgxe6C8KXUNLFnD0l2iJJT77fvnFk9m+fw5Ggtp/u4FjinXj +6kx/ICNcUmXUBBbn8Oa6VuBZzNI1iEBA35Z/47pxyyD3PLh9onBOldH5GPHnzvsqjfaxN6ls +kTgYMmsVGsZ/uBJQPfRe5+d702Fh1DP02lRq+8+JARwEEwECAAYFAlHDlu4ACgkQ5uQU5p7Q +0o5WuggAhk1YAicMyLJBxo/MIyIOlNV0pZ7rivbF4YpsiDHwLnzwxZuD9hzPPpAMIi6U1C8M +eFRx/IJxbvsiaecgE6rHHcKEehR99CfRUH+tuClBj0qqFkiLxfPWTmcf2Pg85UHzBSIA8TTR +23fT1xQoyLQhuF+R6YeAGW/zhMgIVDxwBf2hW5Dql+CBYGawmQHQN6ud9J84JGUSZrLAt++F +ctW/cgqjiiklIFKuvmfFyecRhUiBtlPhIFtrvzUXbXVoml0YImDiZsev0Z//O2z5qdSjzLCx +J9SZ7SM1Zdv3wNE86XQdMcFQWt/l9qE1MXFw6WEcxaVAZ98BFui6dEmfRnxnAIkBHAQTAQIA +BgUCUcOX/wAKCRCIjQZ/oKER3hCrCACFm/lW0QLgn+BcHYY4rWTF6W74Pd1+ofmyBtuK8T8U +S5T/BVeZoNApn7pEJIrqQXpLi70xF0a+SnpuB8MLdIh/3yNoYuf3l9rwge4tZx6Grj8IW/Ws +dugUxo4BQWmpyMpQoGgXUVulGOFQ56pBRSevETeXOExUAsLyg6lO/HnbrKW4Ywmfia8szftq +gqKSWyLQX7Kl9RzXn+yURbwpYExze+4d7VKkg+o7ltI6SEVB3vc7lAePFzUY1eJhZGxSIDqC +uqhNRC+LvqF8/Kx00tqaKPnj+HehwOy6Pna7S0IaKgiggxpQ/yDquAAvIIf1gs/oA7pFgSp8 +RoErQxgLT9WMiQEcBBMBAgAGBQJRw5nkAAoJEIiNBn+goRHeeWkIAI78R/Wk8MOCKT8IztEu +/Kp+K5VP43+TrOOsWMB+cBLNdKqf9evMa8Dip/iIzUmDpB/O8U1i48i1CsI1NanyoIX4m1pb +YWb481mFcX6DYh7BriPldbVtlQ3O75u1LpoIdL30VidM+VEWOYecVpcWbkwcg9HW5Vj+zJP0 +O/TEY1GQjV78hmKedmaEFmv3Rb76rgxvPyMcgKV+L3imdLHte5LkxZf4uFwdC7yr2yQ6GwgQ +SryRSOGswvpMJmcIfBbc3JJ0N2OAJrOAeaiTbjVzch9JwqjF69paOREpazHTD90/9YrObw46 +M6cKPBkNIcPljCL0JM0wz/YxtpBnYTVJIl2JARwEEwECAAYFAlHqBpwACgkQ2HYuzreRHn+E +2Af/VMr3HrD/HG0Zdi+IoZih5flryiOK4MIhyj5dsJqQUBCEdoeRIZf1QxEZ/BaLR0wse3w8 +L37w2Ud7VPF37HnYxAW2W7DLNPdThoyUA+eSPGejg4t/6y1YZn7QMbagk3tYW0hzzlHQQDGC +vywR9qGzWXizGAmGSB2oCHiSCVerddXQbS2P3WMDdFgCoNuUHWqp1q2JKud2zQeNVNhO6d+5 +C5e1Uwm3NEjNw2FLAac6yJvUlvmEiWR+H/o/Dedi5OYumG9KO6lr2dXh+2gXBuWYfY3zotdc +hqiNJObMwiookVpYomHOz6WZGgsdS3COOdApQaDyuxuHrP3uPtvW0MJsYYkBHAQTAQIABgUC +UeoJfQAKCRAEoSOHPladnpKMCACVPvsEW7ajkca+Vqqx0gp43hYed3NyN5KCi51WYrUWA7QT +oJ/4LBVfSb5yTRdh53JBGZtSxAMNxSVorOBaaJ2sUQyeUXe+HLcD0om0WKXA1BbXrs+iRGUT +cqR7hZ1mFWo8AjBy+RT3UAnnbTYqjelp0xD0idfAbKMCX9C8pXcEu92J4dA0FIgutYqj3asZ +Q4vE1LWl9sRlBN5xkzb1cZM4sdA2i+DrOA83uVBi8sq+zvwNLr1q536pWfTqn7KAtqBRptyV +FMka2WoaM672IgDDcdCkCkoiEhSoU/V4Krt2WcfkIVp7dKP4xyq98dd/V33YC/L3WxvhKEhb +ue0kp9eCiQEcBBMBAgAGBQJR7ojCAAoJEBxDf2LKZd6ZMPIH/iDKbkTmpj4M7kh7/OMCro9Y +Xh6qKeUUbEH810vP2NWeqMyBIpKCCnvs88pjDHs6wKS179MSrfl5q2148h/E4qltUig7b5Vh +NZBhFTsxa15f8UoPZuLjdJnXwM6Gg1DLGoDxhPbAXHvATvoR62d/pOJvUYQPAPp8MNdygaNv +7gTrHyffrNt0PCMq8VPiNyzhRK7pVKQxp/nmBGQTI1sLVCLZCKXb3TU2+ChKOr+5VpL/lNug +2/RFKSVuQhdPnj2FpRxGfhb7bKbjNRisbsqn4ipkCTOZ8SRG1gMqGIlu2wfK/iqRBJBV7mt0 +9DQQbPWTbUcM7zod4LkWwzFqcAbZAoiJARwEEwECAAYFAlIWlK8ACgkQ8eGzOW2zVfoOtQgA +w3p/kB5cmOUPC5fNVGgxd4R9yTtFogrNBF14KP2OPzHqLa3T1YeDTdi2Ov6pnsINcKvMUg5i +Qi9n7LSnNH20azQ6uqT/HZJYe700UQixA/VKBZFyeYmlM4CODpmY2Vi1EF8aZddvfAiuZ10L +hkQN7IkTA+qrwpQfaHkxf3X8vew4xmmLP8w64/2wd3ObXppq395z4lFZSXpZ2Y0ilH7U+t2d +r898UVgSVtLNKoQfafY7uL43oRjXo/RyVEKyJe5YWP2ilDKlZuWGojnYXcbQ9sbJsZDMz0R2 +GqY/I2gHIvc/MYUm6a+x5JI7xwrmiaN2YPM14b3P4Syvky6uiQFy74kBHAQTAQoABgUCUfpO +hgAKCRCKqQRLfrqiy8DqB/9ThyNZAM1/JYMqGzPtlK5P70qcC5y7pznPMDqAEG+dWBApZLeF +9+PEX08cxohErunp9OZUlipvtkDEQFA9ky7HmDrD5WAvK+gG8avQK5h6UKhcyUM8LdGMT3Vo +ee1GLBgJskGgfE4AGslkRXHUCNejES4YK/wSjWFgFaqCZf9y9C7PyNsXNF2NuZ35Y20ob97H ++HpgOt57Otl0l7wnY3lRROEs7PtY/3RmtuaqqQFOVgrUJo+B3QQAeJ8OgcHHMv0HmKRNIzDO +D1hewVUF2YMHiGcUT84fZE+P6Mv7FirQ5ETENF0mVlNzyglnFiGLZ4+AZ7T7xgCc3RMJjPZ/ +1T7fiQEgBBABAgAKBQJJuakhAwUBeAAKCRD2h4rsq67uZhtECACLBfMv/JnZXRhFxfikC3WJ +4fECmYgURWSONKdfUZMCIssIePSWZpjUOsrhJ7Bc71UzRKxfz+NMMHk7BhJbH+8caDdc1ZbP +yuIhpOOcM36scx3SHEiZMM7uVFtP7EiyEQ/z64QEoQT2XA+LAi8DPakrdGimY4cOCSXZV4iO +a5y4GdX1imhnP27b2zxEAnkcJe7E173EeQcsJT0HQWS4WP+u3K8km1m416BxdzLSSwt4cz1h +ddYZ40O79tBPmJdTJPCu/qCJBIIDn9sxly/O+kwGAgqriOk2puahiWemWZpTi8KyUVw+WbGG +/sJ51H4a58xr96jvTpQ18vavsunQ2gEciQEgBBABAgAKBQJLs52fAwUCeAAKCRBT9YkEq85l +5JDaB/9DxAyRyqxM7z7pIYiWYmwwn6ZVaeRxrTwg0xrgn0YDSpZ9iVSwFYmv3CroCat0uyYz +C7ftKxCNIM6cBNL60jFHv5k7EPMIX4Va8lDsOtx8KegSi0BtGb9wlFLjTnZnysG6I2/jr1aL +6t9XUlvt5vwfpjsST5JAlFPgwRG5VlPyqcdeL10XL+MHlaamIIFCxZFN3khribjpdO7GNXjB +lAKofxHzdgJCHpmuVAvT7RUdiSdPqxQPd71gIfu2jMP3kFMpq9nx5CAlYx7LwT5VYaLLwdOb +G/JKgzBYYZd25bJMerx47jzgqZOOSL/ptoliyRzXY8wxyuYY5TOrErKc1+tbiQEgBBABAgAK +BQJQt1/WAwUBPAAKCRBewez6Uq6c7iG2B/9get1zN4A+HWa9VlBwedMlpdKzZ8fz0wyL+fuZ +8MMU7SPCumNt8o5n66IfkK5Rg/bPW46XY62mw6PulHhNv8S+EmrE7VAevCAEe+Uy4PLQX1WW +5zZnjhXXoc2bWIG+wWkhMea6rRo/NTWtaLLSRFO9hgC+Ym38jKK95fhLUgq8EKIE0sSYij7F +XARZmGvDVpaPUeMZlhtQ+8vDQR4QrxJk+BDpO0CTTaUfTe1BMAicNYCvgEuk1R6LbPKF+pde +ueGk7Kuf63EUPCEJaOUH9SOYgyXgVngSwYYxoF/uhBlfloNp0dUWQf1ZRoheOfHPsQZyWKrs +CVheCEUzZCmbOK/3iQEiBBABAgAMBQJP+stgBYMHhh+AAAoJEHkoUFIjawAv1+cH/RLGvumv +oelTelgMxIhHuhz0ZXtppOkUl0vJi/xv/37ktLNZq4rjZxJxGqcMGlMZtXmPToWyfLe2iuAA +kS12uIounEaxuAExHluvM10XvQDju+4uiNwQJbKh2Chq5LpDiyFa2jtztI4QAl/nsVoq5Z3V +37zrCqyjMjCdygRg0i0kzbbkPQlK5PiVzswxULOgjbsme0WSrIm1uQm9+l/xYfbGVRrC4vUD +81qZDvnilv+XUaEQoJeieAzpzjT3k1sZJCkeXiEWXrgd0MdgUQRTjVUFrDaskd50xViApq08 +hoJhLa7dkb+jOCYI3X0PAtU62apJD/Wsh+rrWEGeOM6XGhWJASIEEAECAAwFAlBgMFIFgweG +H4AACgkQGIIg8JPUj6NKMgf9E6KLRvBmyZJ6gbU7spxxR62ls+YJKzUZb3f/iao03E+YZsHI +rmcs0viTlOp9SRtslh1eKjNnuplOnhMS2qd7Spdl9nJT9aVcmDTZtyPRU0LrBMcpljljbQPO +4dI1xwbSa+/kW8Mg7J6hjUeHkxNfuqcPgEkihqIoI86HEBdb2vs7RGaLC8Sys06o+QsS6rlJ +maJwHMi79h6hUocf45WqVfEYnm+khYvct3bqk00Mp62+r1cgin+dPCnM0bglUHepCl+i8sI2 +IAazrKe8H6WJPn+jzNaDSdzEpMgjHBBuMUI4FTFKG8xWxmI0BgGcx+Srb6zRCV2BmlKDveCw +fmhOTYkBIgQQAQIADAUCULvBXQWDB4YfgAAKCRD33+VcIwwqlRcJB/45AZJamUIeW6yeLcTa +c/6beEfv/KvzBrL8N8256VOOvY6RqOfCqBCb+bjvnnwHWu6Gvr+zpA80WfeCJjAyJhSP4lKE +0GfPsBbXsZkeoI7wsviJ3POLA3FQ2B6aroZgWhCnMPtWa2kJNkrlFRT15R2+iBfap6T0F/Ul +CXWpnqLu0t0f8RCA1fmrVsXpum527HdLMe4pSmHnM3vGPY2o8k8/Y2C1/6Y2Mgd/lh2WEp+2 +pwCCNmm5fOMFM872JIAJbOwTDzqpXRS6hUyJkuctEwtVg6fMXr4Ft1zyA7VwHbQuxIyx20cv +gPTfaBZeHYs+ZPuyoyviEfchlRI/+dszm01giQEiBBABAgAMBQJRENSfBYMHhh+AAAoJEN8A +MQ9lb8t/wfEIAKcOZg2V4/lUgFkLmcdqIPEuR/seLc86pkzsRG+7yApIjoAgaocO+4DE4+w8 +SzkgY4Ce1Pv3rF2vgVQQIlleElOfiAV1oJSOYQ2ErST93Zzny4AM5BPrRmjBs3cJen1vF0b0 +anFZrYE5yRJDsve9BrLeYmxkQTekqPkiXY0hK+6zv6C1coYxlTNHRbNJ3/bpmNI7I2mmeMic +OcDY/uF/SjNSv511MaIMj9yZfXD3lCzYpaeyOsqvr3ttlerIDBAi/dJhPkvRAZw58tay8x/o +N9bkG1h2nSo80+Qm/WUqJvrzOFq2+3i2nyLKqgnKpF8aTBK3iPsalrD5Ebky4YHyih+JASIE +EAECAAwFAlEt7OwFgwCfhYAACgkQqwon7kl7c02ZFwgArHplSFKC5/FBHnb6EKRxF5yknVc1 +cALBXEotRdoZvsNxR216cReFuhPYlCsMIK2ioZpcDATw0EpExu+bvIDpiRpRsRLd0ydPG9HM +VI8RvJPPVKWawt74m+MZvLZD4FDmNIdOJhKslVOf9H6LDWDg2obX1rtrjyE85Q+DdRNE+vc6 +cQ5IlgP3LeSZtiEZlM3mBsMQGLm4Qv3n0sYqjsZUL42D/XR1Kz/qdDTLFqlinGmNaRE/wI8V +jstcmC8FiU6ql4qJBFbUP6qDxidiwcorgSjf+lpBE1PRG5q2ZtAe5+fhD/jlSeOImDWhtXWj +SBn/OvktNeBqCoWspbtLb65oDYkBIgQQAQoADAUCUgDAVgWDB4YfgAAKCRC51y9qPN7XPdfb +B/95GHKUvxTQiC+IKxd9q5NKas+FbnYKYO68ApZSiO1jIzJQXKNLyFjFDsGYLCy/ONHb0SHx +G15Ihbk+5PGAlcn/bU2BxzS5ZvH1sVxI+FS1bIv7ExVIa/IRQABRw0p5+aun4QeeK0Xmi0fY +DDicguITo33wRjRzrz3op7Ml11DmncVjzFzr+zfao2Dnic1ot3aCU/bGw7Osnp9ElyVO0tS/ +v8eSdXy5jGLS6LdND2IBnzRKI5XdrdurGs7iiu+BZe5eJ+5ogdE7zgJKHmMrwGDs2Y3oXN6I +mOGoHAlyLoilcBKtEOXEG5KiM5bRLew5x/QTiXP7nzwtgxPliB5CpCuWiQEiBBABCgAMBQJS +HUdLBYMHhh+AAAoJEMAoupHawhiOdVoH/10B2ChqbRb61/Z0ZdGYxULX6qhL2AMKcgU0SgyG +J72ByvMHLVcZJ8LJXYwOoTb8cOMsh0gq1DY8A+6cjgb//qQCyY7MJrlUSR8P2f5tb0zRZuAu +wGj2/UPi1dx9A2PxPUYFzrqmAtiEilEDB+NjgVHTxtzbV9qfBNqFMccMzDrPH+I1l0rS92yi +n0vkCt1etOoQGh6kTp6+o6oPOJqv2aGLAy0uEtmYX0tNqxnKpPpV+nyet7MW/dHKcZsBLAJq +24EgD8VyR9pNDTfs3xlOr5hSweEMguGnEv0OHHX2H4AnJvGNzLvfdqLK458DK9ZQlSlm4ak0 +l3MAQamvFaZO0MWJASIEEQECAAwFAlBX6qYFgweGH4AACgkQEQTfsDyQ34eFoQf+MKorOIhw +PABxGhSAGRLDLKvX3UG1FAu98VYiXL3mjJoeZx4HOZe/+CDaAewmkQkK1CpS4bZ+SeDzce9w +qUBWJwRx/tOGLCKIlez4Ef4k5hlkMhBuuIHWXyijqmSIFc32RFtc3LcJptMO0kN1vNQJ/KbK +Ex4fLFO+Rcp7xxr4+jlMrHf+0aiLWDDGi7GCx41buc+VD3YfDXtWvktv7bhPk6x04QIn2Ji0 +CpL+woENT+UHTYnl+P8y5zxvj1+3KoP32I2IcN+7YbrkqrG/iJMO8pPnsS4wlBTs1j2io3nV +wE/WG4ypLhcPEZHj5V/gE/edMulPp7GDAV44vxwKKe2De4kBIgQSAQIADAUCTxnG3wWDB4Yf +gAAKCRAWXoz5hqQIF2pwB/40uBOhUFJrTXMtUqrfZgdFO4p7cOX+JpjVazWhK0RmJ1iD2QW8 +9cTlavMly2ZRCjnLWQRWpNzGBh3jYvCFXWYI/FikDnd1hjFdng2ipU0LhgMIuZdDzSEoQ9v9 +NEub+PR3t3aULZB3CeRW5lNX96QxxOIPV0wIwpNbrPG0ZUWee73Q8v6AvjBjq0/JEXf3Emvn +YFD994dFyheQ6CKZgdg8kWccmTCGbNoOSy4stYt6ceQg/k+s7A+vdjv5eq5tuGtH20uVGX4L +LQ87B7sTZVU3H030pM7nMwlYJPs874+eYsU08M+fT401lYTQ3sfKtzr4dA3189rZsekq1QIs +/+5HiQEiBBIBAgAMBQJQJcRbBYMHhh+AAAoJECOTlP5/anBB7FQIAJCsmoFvoW9n8JFZO64k +EEjhbp2Q1zo8Oswu9V+CsvhFKKGf/0HnAcab/P7E33hL/6LCuo3KmWMiQAS6N16Nkec23Wk8 +4yEIqM80OYVgKIr2yOTKmGLLGzLV0jjSN7dQHpUNtoSMgE69ry3aVtSKaFw5X99bq+GLHlkB +K/n6uv9I5oEaDOl69O/CfZkY+0HsCemIHlgwENkS0mpo+PzoIkNk9rasESkEA3L7PFAp+Btk +kVjoOwkkFSVz+TS/3WN4bsMR6CufMKQ90h9500NOUuhrQAmRv/ZSzf3m09o8tOlca0vsigeF +x2LRNJYNyxMOrO5r4iL5WK4suFYpsaJNPx2JASIEEgECAAwFAlIFQZ0FgwHhM4AACgkQTzCp +JjHN/2/4tQf/XWHZhxrV3iSruYq/SuhXt4g5o5BEdIu8FIK/snTbITczP+e+S4t4gMwn3LuI +31Gs7ENNvPUnATYvS7acCg+Y+fWD7cHpiisze/fmY+1YeJrSKQLLRWhVfpZ/bsuXIr+Fe5YG +6ZmbRcfws1vORvVhFwkNcSUB+IYu0WfHjI+t7tn/mfqHLkhUmxm84jJKjPfQjvBkOVSIT8Jc +l4CVkJ6al1qX94XnNpbZL75rs9n5sVV+tAq9CbIksTuzQYml+q5dIj85IihkISx6FjlS6goK +QhburgCLwGF3FzkXto2s4iYcTfTiVUsnjm/4gd2erKfMwmCHvFmbqSbK/z7Lsk5A9YkBIgQT +AQIADAUCTuenygWDB4YfgAAKCRAKTRu2NHynFVqVCACFl5PIUoc0jyLR/5LRpcD0GVQpNDnX +Kc//sG/gykrBntGFKOaZgFiU7ebZsaSO+dEfcjpRt1hR1DnIDXhkTz/3XueB5PeB+TU6bjV7 +LA0v1EPLatwj8LGrAQAYgg11YSxT2BySR+AvmmXETngAH/oc42ZzJTwGAQ6AwKRhSkgxR3uJ +8rbMVW3VDXmIn3bDUPRg0/fmOScBC9X47D+ZkJurKPS5Rt3XKEYQw21bK5JwUD3cZGbI5J3Q +ySVaFuLuKlyDlI27VRPpzeMP6vwLPUNYjwuNM7FoEPtTa0d/KYZAJvk++5mIraK9upn6L9xq +kT5LGKPl4VQj1jlprayAE3xAiQEiBBMBAgAMBQJPEPN5BYMO+xuAAAoJENN0/X/OJfJ3ZLIH ++wQDaqwKvqQ611Z16iwdGHqH4VyXxWwJSHNQFt7aj+UpNLvB3JbIl2aRK6AKdV3EGyaGlAnW +msoya0HtivoKfjrPXGPtETwngZiaJeTuh1BulkwwyND4b4NwFrZKq+0vLByGCiclzMbhkmnP +6E8LCuO7jzBXOmjD2EygHXxCdwqAuAVs6a1JSQQRzjdDKi8R/FiLiBTJI8GnyZEAIl6sgS5b +oc6p7+aGkUw8z5ri+xK6dW+fWo+j7Fjf8bXMIxo92LoJN6AmpaBYfnBRltt6mqF3LDbXaR38 +9u4i1Flcn7bhzcaNa/umUB+XQg5vcKWwpPfsctYbBoX8ZxHtvlhHYr6JASIEEwECAAwFAk/i +Lp4FgweGH4AACgkQYzxZUWQcRQ4Fcgf/frjHl90ac/lTtbBMZamD1088Ks/MBcXtPLMVUA6g +IDNkD8++AHdOSWi4x01aYW9FM5RXgcf4tDhPq+GZFBnDRMb5ZlNx8EzM1OQ8NmIClt1npd+8 +QY0TTskm7IOQPdXFQLBxxcterP63OsSaGkKyes0Xc5rI04G5Waml0yFsYAsHgru9EZt4+XlQ +WcL7ZL+65bPiL/l0fJLTddQzEHyGtO5HWudaQ55/JPmDUcTzFrShrrt8l0fK2ulIYFoB6XAS +KagtUgcXl/OeBYsCavqqg6cfEDDSzi+Udzsg4/3JluDaYVtBKN8kBEGZqxTOyZOPxupgruQK +4Dbyxjh3vpwD/YkBIgQTAQIADAUCUS3qnwWDAJ+FgAAKCRD623acxGl4XXuUB/94mJpqDNYL +pG4HCkHjaqhB8i+T4Xm4YBhuPmBVQbSfK1fdoqCuudY2WM/BJhbWRYAimDPwP1u6unsD+0ha +Ev58/VA9JPuJZNsS8i/OuEDPoOpTC9wwVyMLtRG3mrQkSvPAgoHlvhoXyjkF50/xLsU+2V8r +wR/PY3JTv3SRtdvF79GVekWZLdeDyhGD9FT+ifomg7eSsePKqA1AUlQarLyrNSJZgAmai7fB +O8dti2pe1YQ9vDiaYS7hRkYg4zZ/Wyt3XzRF74Avs5SfMAbZ9Potc/RgIRL5kzlJpkZ7Shsa +VhIPBxOHNmFnipJYoZEAwL72Qsl1Ozr2OiH9yJHRBPuuiQEiBBMBAgAMBQJSHF6eBYML8UaA +AAoJEF+ug/+12PCMv1cIAK5lzxVO0nu2gCaJ45Nh0pxsqY5/idpC8nY+OnbW+fyyjKLrRtQz +swqYeduhCQRzyHLFhTOlSqSkBES1m6QFybsBzlEEqRgjP5vC2I7pnpXoSAwzIZ915Fq6Bl5Z +7hP6HSkhsNlVlc2OGAvmlfum/MmrsHeQt+JBZckrBYnkoX3tbyAeTrnE55/cYaq2kGlRrIEX +tljJsx0Y8LvMZEWexP6dbByZ2PAet/mn7YRBKkcEe8w89RLKnQxAE8vTjFnyU6wbR5wK7wwO +Y0qs1MtzgoeEjRzoQMjFP6upln1ELpIxQyX8i6Uesx5KsrpoelnmVa0DjN/yjZ/Ac7fqZd8A +aFKJASIEEwEKAAwFAlHBE/wFgweGH4AACgkQH7mxLf7b19PlPAgAhPmuuADu2VZPDoi/7Saf +320Mbtghf1jaSExu4McZAQPlaTUNr6FhSaS+i5YXHZFHDrVu6mdskL6e6SuvmuEYdKwODEiL +7ovmdQe6AM1qjdvtWRe70bij0d1qYqgkxwnkQ3tW3PaL/g3Hegjufadr8uep76En1r8H2Bam +rcuhUP3YmdR8eq5XyfrhN60/zmcyfJ+w/a8jFstZWZV+QPQFnWhR3Y2D1EhnrhPmuD3GrJmr +3AiLRRfCUswT/K+qTA3/MylX0FscU2Shi1bBeZU4PNzzyGF3bjQ+7LPd+rUsH1tVW+2vcuzA +uyGYPEcJoAqA0JEQivQbWYdTPzvbN1NveIkBIgQTAQoADAUCUdvOFwWDB4YfgAAKCRAMhc/J +ApMn0jTHB/9Ylw4zKWqR66nbx/j7e08EIIRDNFC7eqKJ6iM9wncmPL/5nLZiFjxp/zYsr5rp +QgiZnChcZypxyoPFt4zbQZwY+BbsMBXHtCQTYXraM2bGIFq1AYiDK7QkN7LEmnf1BQn+NUBL +qvLiZm9DP5zvI/Pq1lLacV7OiffUtrdWHpOVJFQjePVb+47M/f8dW5PxDwtmElvuVc3DjLuf +i1K81qxpGhrH9/wrrmsn2Q01qw3ovXSYqKY/iHAAZQWa92BzyK6SsOy+aVHT0TnlQpbNS8Ct +tFdsytxDxwstgUJVcOLIZ8f6Sq8TApm7dlb1jKZ/L43i1xjOMptNJIchZ5hB+m27iQFTBBAB +AgA9BQJJoFabBwsJCAcDAgoZGGxkYXA6Ly9rZXlzZXJ2ZXIucGdwLmNvbQUbAwAAAAMWAgEF +HgEAAAAEFQgCCgAKCRCXELibyletfBwzB/41/OkBDVLgEYnGJ78rKHLtgMdRfrL8gmZn9KhM +i44HnlFl1NAgi1yuWA2wC8DziVKIiu8YCaCVP0FFXuBK1BF8uZDRp8lZuT3Isf0/4DX4yuvZ +wY5nmtDu3qXrjZ7bZi1W2A8c9Hgc+5A30R9PtiYy5Lz2m8xZl4P6wDrYCQA2RLfzGC887bIP +BK/tvXTRUFZfj2X1o/q4pr8z4NJTaFUl/XrseGcJR2PP3S2/fU5LErqLJhlj690xofRkf9oY +rUiyyb1/UbWmNJsOHSHyy8FEc9lvlSJIa39niSQKK6I0Mh1LheXNL7aG152KkXiH0mi6bH4E +OzaTR7dfLey3o9PhiQGcBBABAgAGBQJOKfawAAoJEK7uzr/42PEoRH4MAJoiMWTJvW6Wwuyd +hLJmvu6J9FevJaygnHmlGhZWRy8aG7CV1DTDH3yrXvQjtpXVBAY+VgDGiE1fcQUpl5R9IRsN +fKMQEADz6wxvTr61ihBau8swHDmlgKtpvoeyZsGGUitPlxtq30DqR7/tFZT4gduY8IqU4Naa +AKju3y/GiD1OkgSbtZP5ZlROd5LARt/YjZ/97ZVF6gtFstDMHAmnRQQp/nWijqgkr+ITaRPt +lwN4nhlh86kZCnYm5KNHd729OK1kTqT2kLJr09cM3tMuPq8uou4Ox8uE5OlLmpbmrQXWxiNC +RW8w8R69MqnRhdtY6vLyW5RdDdv1Frbqzl1QUHlAJBuqkp5TMkGJ0tzIAjK6ryF6MjpDa0u8 +KKgPtXlC7MSLVQCeDt3bPTtaVofcDMNoNKY5SyCFMbFHAXsZ793mx4tKYSoJV3zVSleBB0/7 ++YvHvvzdlDZe5AsdnkqlxM0ZOShwBQwJ5c+6Vu1eFdldEbuOoPwJyBhK8ttFPjR0Q4kBnAQQ +AQIABgUCTngMDgAKCRAfbK1i0i4kRIBvC/9RP4f+TYrJyBc1dA9nfGCSg5uCTNUTQ2tqcdUZ +SMONX1Z+1T7gCAYMQvzJisTyhY78WNrp6cYjA7jZmWmt6dfxXIT366jdH3JIvcTwVT7DZ+HT +y7lje9FuRAnQujiyVojA5/kbcpQGlbaCh5TXKAIX4ktCP7z3FX7/DIIQBYhqMFZv93ksQy+e +SAdU2vXw3oZ8brXRYc5UI0z4FDg/X1pDXcY9gdd00vQbb4cdKkK7wX3zIDXr+e+523eeB5+U +rGf3Q9SdG42ZJVMVA9C6ZsEX1MoGyAjmvfv/HyZnoFn52BoBvt8NeuF+SaxBEQqF2/S9emxG +4xessZPtXCA5hQrSurDEg/jFEzYMVHYk55+/Gs6wdgM/K5HAOh1JscoGMyamnOJDR5yifBHJ +l/b9p3rn5FdemNb4r3hle1Af20JMK19TQCAyxSdvYFCMBcxEwPe7GAmhdfAXZVQmA4es0xu8 +RNDvSr3QrwruBH3XiCD/uc0Le7SDGaIDy99HRCH0GUmJAZwEEAECAAYFAk6AsDkACgkQuhZ7 +yDRIY6Ph5gv/cIVtzxlPpp8EPPcNJcIl6X6szewfI/diAIFua8nqG/95F3Kj1psVJnGifsdd +HaY4J3pRpPjdhDH2eb5o1trKyVCIxZ44EOQA8aNGVD7I+1lKpj3GOdcqkoydUiN44o8E/LdB +dGB4gVkEsxh6Gco4WQzEVViRtFHov7pW49VCnCf+IbuC09Rwv35X/PQTe252l5SK68qQ0TD1 +W8cVGYvO6yTz/QwmcLY5xu0SttRCrKCR59Wx5VTAKKgUpNZKhZqa4JBWaPPkYlUawLGBVwJB +RNPUbAjuMC0PbbxwV6c8WVsnrYZAge570XlrDknuurVkYta1W5Zyk/NZErlziTmTrO3Bz5Ux +U8xMgL/tTk9tYBC16CP/lmGs1yciSUv4fWsWkDsUqkdZvIdM7lBFZwE9mNEomtXZsdogkxs+ +JB7XDNNIaOHZ0lCm1XR/MTYW+PQcMT13gBUGnQb/CzX4b9Jg8vc3Mqmyv3ocIPAJFrj0nIaB +1oiNyyRab7cdz5WMLHyKiQGcBBABAgAGBQJRzZP9AAoJEP0l3OpxqDRcnhYMAIa22r6KdTix +e6G1F/6kz4Ad51iJr68no7pBaUMYXmj5uyKxqQ+FdfHXbMdPeq6UqyVGuSTfKXEqn82eSoNf +LkZhY9wGCHC3dB5xOIt0d8nqyifNQaE13VJ1DD4zlz2SJJ56ZQ/8qslDFG30Vz3xQqnf+pe8 +KedRDvOfYQaGWW3myq42AjZHBIxYlmh0SaLtRub7kZ19Xiez2f0w7LLs2wiC2xjbmCcPLqyT +V4981hT4IhiViehkoYsKXJtqK6i7H36SIuyUfuVaDz8t/MMQDEzHLAc/N+GdCv3P0KkCJe29 +zvBWmdw3QnZOmyk09VcEqD3V8xe3JYIgUZq7zY3tq9QIMDnZwy7fD9N1f4JnRJn3ZFPeaBCU +rn6yQYTMe7K25qLmx2AWAN1hlkaEeMtT8jvy5DQ6OjG9PwGV30yrYcEX7VE1e1YhpL1NqLKj +OA0QFs4Ow9Olu8210jH4lj1EuuUlejS/C/Qw7Mu41tdjQ0tvOas/56FbmrYxXzty/y1S44kB +nAQQAQIABgUCUc7RZwAKCRAXfmaBOsSmaGC3C/98Et7zIVsOg8lIavQ8Vxqsyydf128Jr8Xq +x/3RhKnWo00t1yWHVea+58cTgtESqLZTQptunl6X4JenPedmhitVMn9zTkXqHDondupqDKor +tQyqpZVHsfiY5E/zhWBcwfqhNmV9/iiGkzRneQLipPiYrOyo4gJyX4UkVCreBD6UqhbW6kDL +1XZGffeeuw/vEI92/B9hRMSr5rpXL+nVWjsEkeH9K5N1M2KRBSWdCNrOXphaB7OgfpCyvVrM +paQ080U4mZ/s7g4skgi20yMeSnL14+g4Q602RHczci4VfCrxtwnLP1pyAc+yvIYlvKgpv1gg +icMrm0YM43XxvXj2aa2yMIpP/+3eWC8KPQ5rRNFujNZMVmPvnst3k+8HsgVpLTYoFzwKYaxD +hNmj6B1HHRHk4B7EKYQ0JJgal+qvBgFhEC7Ey7qTDxjc+5PwwXSHlikWf9ZY9Kzhv2mFawG2 +H84voaTdym6E38dvehMMASZfK/L5GWzPbR88xcC+Dv9q4l+JAZwEEAECAAYFAlIubNAACgkQ +Ksue66A9FVDd/gv+I04vk5zku7VUL3nFfSxjXHfu3VbCk7+JDDWWPVWC13o0xysFG9eKNrIt +yew2X1vQCNR2JVmuxVzlZD5stwPHZh5K6hK8/54UQBAc9KoCDP8XN4roLY3zEkb41sZOGiRa +DoSx2SfmrpXXkhrTY0snaRfwhQ3g3y/Twks73r14z0V7Fl8Wng6h/X47BMXg+zluEBAQERxH +MOKKYgXpqRDjhm1+SBOC2X62yL/kDEZ3mR+IHS/JmLpm+5AoLD+WN6q5k1vKGOpnftHzxMeo +F5AW7ZSR4Uf06zm3bLACDDYJKaoE5L8jW6QEZjXiiyn1n5+oZfLxRUnhaK+r/hRTA86zeo72 +LiG/M7spDWYI6ZNo+gD5ERAcGdC52QDwtCdvrolN20kFfxxY1yqCN4vY4t+bWOjf7l5fkCZ2 ++3rs5nqoMubfI9rKdg6hD9aoWFLxdWMToIKHwX/m0nwsYYjRM5BSCepLTGafl5MiGusB2OOC +oz9RkWUnSv8W9IMDRcq4zUY0iQGgBBABAgAGBQJL0sj6AAoJEDXzPvC239UM3qoMIIeALmK5 +SWyWj+MO1rUlfT+686t4h8oU0lieOw/+cRo7k+Ahx5Z/FUrEqNlQ6O0/zykckKU8WE3eTEKX +/6itE41rK00AOBYPkzT0mREv4Otb/h8Rg6lnXFxWA2vaWvI0OUK1AMLWXqp2aRhSfT0Ni89B +e5QuTZyJiUkjwmNZbkjaMWlnZGtx5SU9bIi1eMUPNkuOKwHgcGi2CGd7jH18Nf7aDmMDZ9Xp +wPelXnjCpt23PKPWat/YAxqeqKn0pbWspCz3IRm/2oiadeEzDQdHceWdp2/tT4jg7qnO+tTx +gS7PmMAtoYlfsiNJtcmXktUqYI0SNs3iqIVLYyqBB+1MQKMcKEJFJM4fmNeS0bXviTK2539F +NwdQen5W9/I4y+Ng2h/rF/c41GTmAJsTt29jt7nA5P7ylqsqOVhRv3Ua0s6F1O1Opkm2Dr5y +RxNOdj6QrmKo1NOsPd5KZsWahxacZN8d58cJa7W6xCPWpFLsAm2ciGrux3xeJO1rWNAybs9U +FEy/F3yJAaAEEAECAAoFAk4p/BoDBQE8AAoJEK7uzr/42PEo4UsL/jlU4hyZLIQ7asN2Xex/ +T6daDvFBS7oUJyrO1HirGKEyobdtUnVLOTIbJLZ4thYYvInZTnWn6SnizhY2XnYaeCgwF6GX +SO5RHLiB6HuzPDcxLUuwuzwJhcjRuSfLmapM4Ckl5Hqqe0PZ+19jA9Nshgd6LSZds9ZTsjwO +cZtrsprMsDwy5VAu2tGQWQoD38Ggyce2KLvbIGwUBTuLwnEDcLWR++0IF+a0WCxNFnlUxSSZ +xwLQlmEvRYjGxeQXWM5G89kTZ9ygKRc37Sir0opA38AjscsAuQMJmHjKkcq5s5KihYTMZE/a +y8MKBEGagSBSS6VyQJhJEnsTcg36JdI063500crrxzCgBOUcd5zKmlo6ZIbvdOc2bQbpJ/FL +dEhAD4gVRhbPtLxmgbV02TD2AgLpMaIF+IYonO0MIWETIec69qlNdIpmxCFW3Adu6XCs98zD +Y6p09NeT18QJCczxmTqixXKHRm/SuZvNdouSY5svPE2k4OH2nJV1+Yw2NRdxJIkCFQMFEEoD +Q53DhDbnyzazUAECtjcP/jMjQN9SWoiZsGw7EaS5/jOpet+m6audV7vUBRAeg03urzOiq6Gy +sgjNVA9kOxlh2gpBdUQQdepjHlWSlgTVUUqTXaWhoy9xEuFSYhZV//fvqKZYPD4YqxnqMUaS +mamgXjwqDreZ7l5JOt1CLhmnemLT06CFOTaHWRpr8bS57RWxKwsSaIy7lYTeIx8NAKE1DVgD +2eIt/KKtCGQ2XvonJhmj6jYM5ueyNKYH8RolTzmfPrN//lTtNirw9wHTLpZOL3DglHvUR9Zw +9SBTXp3T7AGVQD7IOgvOg58rfbRPYJPOBDCtdxDWqnaLbXywCpDCnFzZQS8xsBxSKxJEEY8d +PiO+FWfSXI5soCFT+YVrKHfBJOWw3zvR18WZwm5FMLmuiAfYKNtWJUJS93c3re0t1rB2RpVX +q26ra+iCyqmNBdilNodVO/NKriFC4tBsPjmcC8eC0z1yGhzP0cw1cNKbdD/8mO/W3SLv8jFl +an2NbgkBYPk6Ret96HkKJQnSx4E4Ol6LM+3zTcl/5QOEHRTpaL1Xk0O+nBW9Bz24NgZRsaqd +tEGJoBVw9iJGVUpzlliCN2ctnrL7feOD4kZ8hLaFWUazXrY2uxH93v4KiOsli2Twi46WQ0/+ +C7dXBeK/j+OOUnnOe3MNCGaw+JsIi+Nh1JoDOvJu4XMlzRjDEk455qiMiQIVAwUQS1e26y3x +o1XOTOzHAQIHZRAAt0+51jSALf44P2Q0XQ7esvfEiXDZs9dvjkTRg6PjCNmB4APavuw/0c9n +8qQ/nvc+a8J/r9/U9dQ1czKlMiSlYJFpicYR5YmLeNSi8QSGPeV4i6UEirRR5jHa6gyyZ3jX +YjlwGYgqNg5xst5CwVODvgp0KvTE3g6+yP32jpeDBvprZUHkFnGY2Of6GlGhLHdSwuys72W3 +Jjd4i+lYa0umUGujidek2GZNJ0XzotUurRzWH0HRl7/4uuD0gwLnH/ld9kvm5mYlFZrVNAZH +tSaqxeaadSlDethwyBKU0TIHsCtnSBqZi+wYS+C06SxQzdGBuqLkRkVcXYaUUP1+Rxc+FszM +j87iUUhHg0cLeDeHDYvopyOgSrmpKHBOyTmfEN+MEUYkndxrm2YJKwUhE/yYokiH5snrpYVe +22BMRG+WFTd6UjhL0kbgknZrACZS8+0N6My2YzHy1Ns0cb9aVA3maqiCCLR4FpE/ReGB9EmX +Ra9Oye3lRSV7p7zL/6cESfV/pmiF7tI4Hb/+J3Xfxw3o15xJUs9Gntzu8SF9lbIQ/w+MuL+2 +taMMt6QQZeRZUVCP5XF5DhdA0UQVM2g/lS1sp5ALvf88OMo8hESr5YSp8OSo6wwB6u/Oe+CH +4VYpp36kO6gDXtnnxXejLSQ/M6XiX9OrmK9R8wqG5aibeGncf1OJAhUDBRBLV7b7TlU+Xdpo +T5UBApftD/4zTUQkDvkH8DHUergD2ieptFvd/GMvhIQacsqnpGh2aHQrWr2ewD/q8LmLrIMC +XC0PkNNzBDJvCess4OKT6qg5vX+U2vCQMYzzRI5XnxGerQTDT5tnMJg1fPIwca0Pnuy+tN/i +6hv4o+b58HsBv801d8C9P2fXbdPtPeBWz9DxufFyUbiGeUi6l26W0xZbSPdefKdJTSO9mBOx +DVurLc2lLcR+90mK/6YtyPcCx4GF7ktvFPhsUq9FjrRAaSIHeftPGZxTkdmczVOX4xrpWbd4 +OlqWyyks2UYEmml2cItN0QSvT7eOE3zZk5wqLIHFkhXY8WljxvknECApZpc2+pv+4M4HpO+u +l0FnHHmo3AhixCloUMGimYY81NzWunt8WXTWHH6goybK7T3ECXXStrn33e5YsUnMNvgQ3Spd +DmYJKM8Ay0Or5C1M5nXR87V/UnXCMWSh3Mm/4AJWYy0VaB+Fk+WpRa39ubT04etu8T1LE+Oo +ENV9Dz7cENBpREAP4Mebey49ZYglOHoehLw26i6pmXpdmyDQ02dwZPgLJ58S5AfV5k/bXlCN +SOSkFKIfxGFOy1KqLzDt/6F5s8cxZtOvlsH036CtGc/stV/PyYJUx2EfZCaVp1c+Wrl7vQu3 +2102OeOHmMEwkN0zKQTCfvMUMJDa9/o/i23fEX6TNnxYRIkCFQMFEEtXtwkFVshlHVoTGAEC +dYwP+wcYA88cZFFKh1hOtJjxLjnWcvEy37rAjj+5fFdwsgYDuWA0qO/ihCOSdIZyJBYdoSk4 +4ZnX/2BeWJuP1EzLCcp0gkQcp05oHfcxdQvS8dFa2eQ33hw5IoCMaGpMXpIl591Gbw1PC4cH +b/G3wIDtu7rM3CPYQNZ0J70Edzxqy2tgGBFk+ksvXpbYFIVASvaXdaehkk+hsVuWKJR2BT1S +VqiXMKNFrTlJeyGmnWdwxVQWmZspJGRbyLVJbH1N9TjlGINrQu/+IqnbHoKJXfWAnBt7CGbF +Snl/AHpRRy4eJKv3KuMfdLlqiZxqIDCV2FGyLel8GJtp/HtAi9zaTtdEGOhQjHGgoP6pF6QW +I828C5M9chMTBsN0SMwOHoaUGGkRB04c9WpxdJV66H5QCVAU+cILzrLVaPCZ+r668w3PYT3r +tBvQpr8D1Zl/UiXMSN9Sm4hPOZjnksl3B7eYRxcC35v8LtSPStmshQ8stcY2fRJHyNuMhnGM +1bk9ZETNqpuejl8D4uAM2jN1fgJYMD96bBoYepGzgM5Ipn3vRmhZcSipIhzqyNSSZCpGd8O/ +AvTfWxuRKIVf6YWSwKhXPJiuO6k6wrPoiR/UyUoF2vSykRGW3E2HC0LxJ3ZC4KuFanwkZIAt +bOQTxYmaV1c07PQFVc/gh+KdZdRrtENWStVfEcOaiQIVAwUQTTE22EXA2T0rGkepAQKlYhAA +mBznG2FYnKsCLTpTCx/1Wc4G/cSdhCLItD5ubBpuWJK1+2LSlnI97xR9y9kA4jacPIMAiews +d53BXIyhEY1Ec+/NpX2hPZ9spWukr5+U+MyeqKpBa6049/cvYup9VA7EgEKUyCF1TbeBE8sK +coxPkOXjXs0DhhVBl6eYeJUsBHDXG2/urQ2AmU8KzFpVBLw5AG7VLMfa8KxhrlpGxLAJ46tz +bLB8emt7iSw6TA8/9OujzWKoW5azEVjUuIQSpXJzRcE3pv9Pr7JqqqUYSxZDfGqNOzoHydwR +mMqFb64RtVcCd5qvxSLZ63VZG5BIgGQ7gcw4dPKZWWBEoakCCqLuy+aH7NeAz0bXkzey99lZ +0IXeULfyRnMTQ/4WJOtFs6ASFxILap3ZOWV87p+2IYomoHenJw39ARyQvnVsSYJYWr2viGP7 +3wpwo8Xp1O1kHY8L8LTPWLKToTYy0oPuI4ii/ADP/hF4BFIuFQIN9EQs+lT7ADTIlj3bvouT +y6yHnZB3ywaDXsGih695aN5hD/8JU0HAcOoeoU90cJ3IYwm1ej+5LhGP+WTaSq3NfO5e+KOU +8vpmJE1QMtFkUHKb0tPZZM/7TzhM4WOIIpRUKgWaPFJS+sqJc6v+YfoT09CpThkYSK7Nxpfx +nsG0eVaqvmZgx2DYj7wewITtJ+btlA9rk22JAhUDBRBNMTbm1JruKLclE34BAtKFD/0U8sNw +vqvU9E5DMhjSOzIWlva1aPJOHLyYAFF1zx+tBW4c+IiBmZMYxL2a9abm1B3ZUxuehgoVb63a +oyFi282DZcSezHcpNggh9oIfs7socRf2gxtnj8DtseBfgICM0sFaEeUurU8JOOlcglQolAsH +5y3IAbf6DY/PsxpvJvAyqUEUXN4riLToDOuGNJLdWNxGBhYdIb3bFLu+HZBkAhWWW6VStc1D +xseKKA2gLEt/gaqnbXSu5kR5N73DU3Sbs7ViWa672MwWt/KxjrFuF2ZeblgI7Z58B03CLcMI +yTkrwpP/Y1FB8IMW3ArzljV0aG7EuoBuhEW/UtEL3KohZhvyYQ3D99AgHB22VaHe1qfTKxMq +MxYR/w27Q8ZWD1k5TeJLqP3QoG8mUP2UlwF176g2b2TcDhNhOT9xLSCq/fhdYWo90gAwwO2H +iLxM116a+P98aA9CX2PvbRJR1/1gvCJpiCloZEYqTsCwKfwmPCplAQGa7xJzu0atorqYUY6n +IajF9LPzAQVWVI+it5zd4iqqsCumBJ1QR4/djBCZG4B2jAJzY8dtibC4NdB/clatuCgaQx9M +IsXPD8waziDCxtlHw+B4GGgMAsUKbM1+QeQ+xq/ETLI1YmuAwuAKDXYA8G2rMhWMw6iWdCSm +tOTcM7TZGCiX0PjqKabgghms3050QokCFQMFEE0xNuxBkUh3+cGORQEC9sAP/2q50+aPA8iU +WVRoRHQZx8uruN5fLcxqIzursdaWYnbgKDIcasBMAmkrOuve1aAyOZ1GxVIujCjYN2jPoXrx +czl8/IeuprioEc+HP5U5wUkl72RJQhtlaiVr/DF0qmdfphnPT/x5u1scOx/oyZH7vpJvwoWd +mCeTPJt0moI68PLYRTAvLJFYTVhN2c/N920shyaB/MSQsT9HI4w7oWQhUC7cno1/slgaF2fN +LSpGs38dnhDnpaCq6+NE7nGsixR/lu1+TFU/QNyNlLkukZJ1krfvAf2hAEd7YbTN49VsEyMY +Eb+Z2SKSsKGRd8Kxh8gbEFlpypN2cUf077zfmAgTdbeLnSAx1Ygjn0r2zWke3zWhLb4443q7 +HzPNkfxDIy4efLh6sIsIrXAl3Kb7of4yW2v/8zkkSx/4XbmAZQ7lUx0VHiDAr7L+Vxds3HwG +oYf7g2tNmnmaUdOVu3OzoDH8+FbGhGE/WHKCJ/HmzMS/3SUbihTFL4sQwxcUPPGrZJN7hdoo +TTaNPUIBpjYWnmtjHkOuSAqn7nwMCrWSxWdCLkxrRVMJKbRej5gHZqnVToI6S/JSQVqp7kP7 +u2aMmYj6AMsTaj5jaNL/HAl7V5OpAGL9R+5VIge2eac3/abQeiw/mtAvvekPSailsZIrB+VL +EroBiVdQObqjmfoFGu4flus7iQIVAwUQUDIrgTUYvcSsSQY3AQJYNA//fmSNT9oVrbEZ6SBG +lkzYLjMGVHIDQs/1r2HXXPE+Z34CGCbkIhrADaCXNAIC2POTP7ew0ZElU/9F+j1fSs1yKdju +Pj4YVyEu6AXn0lCKaYPF5Xs3WjYJ5LRM2KuayASYNwh59yTbQWzTE8XhdlUb421C2JEJ+2ro +a7Bcuqgvs+13RlCN4P7UX89o3/fB/csFMk/gRFla7DusrcJ7PxuyM/YPMF4XQp79YBtAGybb +ssqLWaBg95IJLq7ZiMPISAOh8BI18VGssIeYEXYnSADvKDAKJB/FFkHlIT7EyVUwwicL2sNb +h6ktKDnfWeW+YbkYFKe2ac80c1CPl0N+FJ1pJjYL8WB9y8c2VGwBoRYvG/jilB10MX8Bekkb +z95utJ5XZz3ZWHIiirfDar0pBOkPpQl4Sa4s5ksqMghkWKvsOwGcMvMfglPxIZm2PpD3WxNg +CamEkl0WVuV22ITk7xis/ZTClEsk77MnyadWLbM3dX31dTW4SU4PPxTscsrFH9c+59XC3eEW +8cUeuOKjkXq3aD+XbBifgh8fZqZ3DrtD8x8jmJB1DC/G8F/o8/t0ws57bXJK66uh68ZOjE5J +Y6XeW2B4EV0Ix7dtQzxo+GC5asM3I0vXpAi0phCskOmgSznn/846G2Gpl/DMGvgNlwu9l+Ge +JjtVjkr+NDICdXELNRmJAhwEEAECAAYFAkoEAekACgkQPR9YWYlu6u7X9g//bfY9XkQUteO4 +AjihDczy6SYgaNjiPw61lLSInvSMUlE3fWO3tfSnt3pFYImVqh8qY7jO5Hoz7pC7UpSPDeIn +rXOaT/Q7oczmk7wBGyGwkl+mrkXK0y+V5SpZPV+vK3vVzrTwJYFAs4lyS6G30/vyUE+F2jmq +XqTAFHjEkPHVc2fkzQvrQc04VR2+HUofi5oTjV+0//8tv4+7HLWTTFOK2pPMuTxLBimZxQ7n +i6ZOE9hWUNMp93khJEcqf3pxJhWyvJRkH6/ifLNeuS89Fo+es0tPUabUH7Fpqhyk/7MSxfhw +nWxksIxPojK3PoGunypq+wEMvnCeoapoIEib9OcMliZ03vtpa3HK46wIu5EemSMO9J+VFoUD +U+no10nfE7plxgrOj6g7jqZjuQ1eEHofQx7OgfVIe6T/X+h38uJyhNKehqrZ6Lr67P7dkwFn +3smQV4LPsElZNSPB/Cw8bWtUNcs/cCxa/kvmBHnNo7Bh0kLVk+w550qL8HXfM2IRjX3u7fb7 +xEM3MRzZ+tXCzIAq1LrctgIJmGFy0Y4rMrZ2f7iDxbB57TnLuZu0CdUkXLgmDgNFdSjf2hcF +kHrdN2+d1siD5phcALTVYnOOdobeaQBbYYi9aKcsBlWPlDHev4ltkb+nt+f3ReYnKR1BXsPy +mp2XziGIGq7mhnqQSUD2fyCJAhwEEAECAAYFAkoEAekACgkQPR9YWYlu6u7X9g//bfY9XkQU +teO4AjihDczy6SYgaNjiPw61lLSInvSMUlE3fWO3tfSnt3pFYImVqh8qY7jO5Hoz7pC7UpSP +DeInrXOaT/Q7oczmk7wBGyGwkl+mrkXK0y+V5SpZPV+vK3vVzrTwJYFAs4lyS6G30/vyUE+F +2jmqXqTAFHjEkPHVc2fkzQvrQc04VR2+HUofi5oTjV+0//8tv4+7HLWTTFOK2pPMuTxLBimZ +xQ7ni6ZOE9hWUNMp93khJEcqf3pxJhWyvJRkH6/ifLNeuS89Fo+es0tPUabUH7Fpqhyk/7MS +xfhwnWxksIxPojK3PoGunypq+wEMvnCeoapoIEib9OcMliZ03vtpa3HK46wIu5EemSMO9J+V +FoUDU+no10nfE7plxgrOj6g7jqZjuQ1eEHofQx7OgfVIe6T/X+h38uJyhNKehqrZ6Lr67P7d +kwFn3smQV4LPsElZNSPB/Cw8bWtUNcs/cCxa/kvmBHnNo7Bh0kLVk+w550qL8HXfM2IRjX3u +7fb7xEM3MRzZ+tXCzIAq1LrctgIJmGFy0Y4rMrZ2f7iDxbB57TnLuZu0CdUkXLgmDgNFdSjf +2hcFkHrdN2+d1siD5phcALTVYnOOdobeaQCb4TrGdBHinfSqepuB5rSLizSO+fsZZNlnzrzE +49gE3Z2XziGIGq7mhnqQSUD2fyCJAhwEEAECAAYFAkqBtGcACgkQxw1BbNh9suzChxAAgS7N +DF5XGqWrLKqzT6fiZiU8fz4zCCdGnK8P/3kQJt/hn551p/8pnvwMD7FszoQugnFZGyGYzpBa +60CADNyTs5VhbknzXFyjMQl2wU4LxiUVAefVRaFK5rBn7C7axE0x9bUUPIX1yS25OD7VZMT+ +HiiE7GWGavDWnazTrmiZWsZWY+XJdfbh7Kt0S3FBc3aqo6TcNx50NDvZ1Po3y/lKlSDCaENU +nm9wz4Ra18yowW6NjvRBN7QYjszVA2a7Z7c5Zd23CummfcojwJ3AcVqV1FENOmppDeFvSfN8 +dfM60xv3M7uGJHbmdJbkOta3kXAYLOmI583uwpNpPGqK/+tpnTd2t0WqinCWHHINRysKphx7 +hhiSeUkTmgqD6xejOktyCnWMsCqS1E2e4hnBc938jTGEPqbC/uHRo9APaMJenqFkM58IH9pf +WppC42nf841RJGQ66Pkf/6CPh7gtYPho/GOtHDMDdOzP3Ju2cYBUfSqfvLSl0dIqtOzKKMi2 +OPFGSbXsK4VxfipI0d1Wb5nqqE4mbw8L3Ql9oVPi1YhTMsSqr81TYwUdrLVfzeVk9nR6QgGr +9PgQJCMRYa/n6jJ2je3egpBNiHuU7FZbAMxbk/r1IoK06sCzOhPwFMeSdAr08uGGfp4rmap1 +5q2CYEZyHZuNcTkrH3AWdcCJNdWVVkSJAhwEEAECAAYFAksGTuIACgkQ1gsMZjbeUO6oxw/8 +CPrII+ltA34LmQAF5XnbrOItltzFK/UY2T5mvZzZZ4xwyy/KTS7vVlL6vsztmvkl0R4QpB8P +WxGkElc2bXc41ka8NuPDgxLrNMaNX1nRFCmLGXuJEihQD+AxvO1zgwJ4uGLxSvml0GUTn13Y +TPdg5HKQQ3EZuT3aOjKOOZedAGr//l1wvJWtcmir2iBPN3NkcTIZGJnV/47hgqON5u47iuXX +aDZ2ZnzOCb90MgLzOxfq5zhvUxLvrDNWIKiT3CWgVW35NASmfMAA1RjS2OW7FeRasMSIF4Ww +DuDRXV3FMeaVoI9xziwFw2SpqxTe6lhOskN1/w5HkayuBY2XgehDbwQYShekK1tnoCbttEuy +tcBokYsG8bhJboku6bEMF9mh093omCeK95geQNGY3P1BEZ6JgMsrJKYoXeZJVY9OooyraGGg +HdY38pE6lKWghmTN5qOXTKYLBvPkDdgYDPTbUJMcw4ZRP88m4JxjV/8koUHAqXdLYeiv91cL +lEBvCO82I1lD7JJ84Ic7smX/YNPPBIF+CuuTZ28wImPasDuR2bWZoUD3VQScVVl+CvjPcgOZ +/quJBI1iJBLDBAQpOlMwLciQ0JAz6bDtXZJnZ2V1IDoSQcNDlvnhPyD65AtzNBszOKUpzsqn +IsBcV9dC5NrveESkDWyOov0wd3g7Auz0wuGJAhwEEAECAAYFAkviKZEACgkQr1WiYcfHbOMV +chAAsX+Km0SJ+8ZFefJHNJg3UuH0GY63e1HTjH6QWWNjZ8A3HomGNOUtCZsZZ6iSIPlSwALb +cRol3RRWTXGjmu9OINXI41xD/f31HqP6OqxAQHKJD3PwDYsZuC9uHzLk4Rgcax0HRSaUi5no +g0H57ZrxAsfqfNHIXejJs99dWGRBOrzgcM7EIhZ/7l9lg6udwvHf44q/jNw72GWL6VFf6LKQ +hNF+r+PhYmF3kwHfoClZ6Ca0723sNw9w3cTr8mYkcicVsnuSyom3XCFW2Hgm+UM8VqvvQ7tI +5X1yfB0iIGVss2fvSx1o2k18bDw+ZzaETmrdf5eIzIxcFyRQ9M0awVFRXv4wnHbAjCdLvh51 +YcJV7c0/qnw1JGQJ000n9bQ9WJouWsSbNWIW/AIWRdGbRmmZiUWDFshDAba7tcIje3NhDYxl +dp/nsim5RKugDNW3Dc2d0oI1g4TtGVNz3G2FJ3+z7Ho2i51gBN6e//6ORKgxsd5PDhi28peG +JOCXUsFYl1oluCanLqxNn2WKdoXPHkBkdkFYeXO83FAaom3lPopFeTXLcBzXezLF25AtrhdX +N8f9AZssXrlIY0TXHwI0l0lhgFXHA5awjm9zhbr3zVGcjXjurSdLN+K/qohCKvdbx1Og5UQi +dcutffLt5QHAlQ0U4SO04cBH+lqLfupfOcmkj1GJAhwEEAECAAYFAkwMDEgACgkQfOWwensg +hGW1XQ//bJ/5E/0Oh0OG8S3akOqZiv1miGJAk60SAH9rBfeQV/A9x2pczqEl12kPXjziineB +x1wOZVMlQu/xsRBylJA4hlfneawANBvcIWnip5sqtpU+WwmeLeGO8Iaidm49/ZW4kY3vjEtZ +SvDJKn4iDYGxkZv/EJLIVXKyBBZF3V/p61GsDbrkYDZAJ0AOGukr3TA/oMR6dDH0hgzA8mUo +ArKpK3H26COVIQree1XCWGZMCMV30HRrCMt1nQAPUNcOJEA69DN62Nffeo9Ejcrdom+Y/G2b +db5+dS2bv/po9cRPJFIve9UF2JJ9ufXZFvmvPNo2UkOakGkpvHlUimowDiliRhXmN52uYKA2 +lKoQdT/0D6ebOTQhp80bAJmQNINz1jneHtB7ETlXbLq5Y45xUopMWl180cL6LOAx2y6VYuIP +FDd8oOdbo1OVuJ96eAtYXbxNxIovTSrR/8eXuOnLHAgveKrYqj8UpfxsWNhvGIQNMVZdS65F +H/O1EsiiLODVHjab3Evhum+mQoSc5xXFb96qoLvTuifGcrOZKeyjyNbqgG9QeiELWfXchSwa +h0ZpTDJYXXPxxZ6w1fuxw0LGx8bQe13uydGVAFMohwJmkM/dQyoCCwqcfVFaDhCTN45uHqak +FCDNR7CZTx+S6kiwcRNoMq8zZJMV24cOApMOo8pYF+WJAhwEEAECAAYFAkw6SWIACgkQtsSn +vrxH3hFkHRAAxxiLHr1AnAx0JZMFeGlHAYTCSgLhp5lPKOxMD/HgW5ZQTBhNnH6XPeOhfiUJ +Hh6tvdrX8pyqkIFgTMyQ7Sj4CFE3fs4Ky/oAaBD7Pkgx/TqZmbvJqQRs93EAr6PaKn8cvsPY +fnOF78PJ2O3nAtvr764yNOeBS8FyCGjr1Sc0uDSKZGcqt61BSA32Q0WRljSsMGX310BGQW22 +U7l5xRJ63OE/x80OnzEhhGKP2Wo0L1lqMwQrkRGUOq4P76tfNRQgnwDC1mq1VVDnhnmS92vO +CQSpJgsQPIrE4eLWMy4IX2Y9odTV/1CAvj2HBj1GRCmsso+G17OCmDA3sasGlnOqPcjcV/V4 +fHcvMFng4DiHYeGAgOqg40BHB0XiQ4kD4iqc2IrjmqkK4ifPJXlDuSi62vtsXi4CWGEQLsfx +5wcALh9HWIARL2UfBWpSNRLKy+3zRHn5RWIjWN0Cdwtnp67HOlZN/xTw3gbT4U4hwuZafesZ +F6wJoTuKff8bn2lX4lvtRhuJO3X5o+s6ZkqUgoC5JBokYmSsN90+fK3P3zCOLrXDU7ilJtIm +4Awi2iwUJkByF1acza36CNIo8FN39UyFSOZOiTu9sLUzon5TmUkIdp+4z4JTv/jqkaWhF516 +p3mDeoHhRKZIp7ZmKBH1bZIncB74um/NSke9vS7gv/QyTSKJAhwEEAECAAYFAkyGDg4ACgkQ +iQkhfcNO7FcyVhAAxwhyQAzDTqV7ieKn+yH2qgwYB1ry8IXz+haCE0kIafOBExXTZIxsTORi +d1rgteAgbCy/FLyJqbA94hz6o56xPL0dVnL1hQAvyiuKqBxWCrEkBt57MwQnUimz/X8+AYrH +oxUubv4HJ3lYnKpo/Z9piBMnvhEjxf139OHBlmq28qg54rQ64iodrUFmYwynMtp8V1onoLyf +f931tv3wVylVbNjM6JLSlx0ser1CJlHhsHByHgAr10grSQrC+yJR6XeL60/gdnRwf5xbNcpy +oxdx6E+e29Er1YYjMXueBJgMiStt09nVmZdqt5NAiRwKe/Z8IP5pkUoFqUGKhx6djipCJjB3 +mfKdk/EXGAO5c/ushDC0bLVZeMq3zaJXuHyUP5d4vqXmxuzG+BRqBSsBjktRkN4/QVYHYp/N +agvMlYcfK6b6ApaTyu6YZEHa44J/E4PNeNQZtSA+A6ZxSTqo3Y9WePlV34nUMvII1TiQweIS +uwThow2FJVcZtHswIJy7BrE0Uq9eOy/oMSHDIlvvtfHmh/97guM0lR2KzQrHEvw8MQH/JbPT +cqW8X1xku5B/mEIGi29hcFvum6JpLzQKQkDMINX+1ZsBItqRdQuFf9H2l4ynzdN3QBrJrTvj +NkkKOG8DelaDZXf3Obf5cxUUpToiaKQ6ZNwtNsiPpQi729gLgtaJAhwEEAECAAYFAkyQ2t0A +CgkQD+Pq5jBF1lXtvg//eyWKpF3YYU9W8WtrXhoonOk0uVMNI9pxKXDiC2rvsQCFqePfHWBR +p4aR+XlXmrooKXk5dKhWGWa505GHgsVBLZgmG9YYyG7rQvR15IwF+K8tCLsO0DB8DYsJiU6W +e3vhl7fnkFvWKTDhtWYAlsEojfQLpcUJScta94E4bJmVAbgWYEg/9PQ9/GH0sNJwtXpaADFl +gaknDfoO7VcVVYW+lGhuORdSuhkHRIaWxxJDOV4JYNRCiSGYUfsjiwZHF6iKi7WtaTXLJI7P +MSJcUpubgBJceJJpKWAYkESds+Uz9svOauNstqZ+Py+C89gx1NfookOzCyHsvLHXdtAaniDf +q9Pj7RSHwJ9I2TBhatsZzi1qIZOm0VnnQjCPhIayZa9MZJsyuhHX4PqyiRx4FJmx1wvw0Le9 +gBQ5H7MT7qgcZNF/ZtI0WQbSjIwjyitPzTE2kvFY6dCl0L3tHcXqGjEDVJ6svFhN7nNv4xjW +60c4yAjXpS2RFswShUBYJ6p+fD9/2n4C6X6rkXyVXS7IR5hEcDItneavUonlfqSRoeBXoEbO +KzAqPJEserLQxwWvK3kXE0EwXz/9zqWGs7u+IGuyBZfu+e8RfNygKd85Djy4plAH8Cnf7l1a +Rj9Co4rcnXS3mpXPHhdzt25qd4I1fGJlx8fdrFtdgb8sKUyffge4G5uJAhwEEAECAAYFAkzl +KnkACgkQ1mFZmoCpbEh3bQ/+ONPjFTDjmU1e8mMzyvujvBiUWIiNKjo7+tzHOzeY+G9VYRlE +Gwm+e+h+bL90Ax03DcWZt+kavOqoErJ8Jir99BknBsbLpHjQus1qQUWa5tkQU5SHJc9XPREX +8zBKu+u4hAwqnmMkyMHgWEfxzsjb81s/uEKzEW7DtGZ+vwyKAp7OWvbs0wOu7XnhDtmz+pYR +HngYYri7V7wLQxJvZabvAtS2hUO56TuLNOIyGJH3FtxAScPMxQ6L0NSr5b9cKT8oxW0p3F9R +4LFMw9LYSAXh7y0MZgyoUkJPgsr91SD1w+PrY3ckPH2zncystoof8qn+G5RGbiNLN/Okwa/6 +OjI0a1aDIfuCxZA4i67iM+3RA5+v2oa9aBypXlYpiNnHJ+dBf/OlWfGPica/zT6dTecJdqs+ +bq+wmW/S7LXKx//XwiXWNnWfjzGCyWg/buCqsTl9bj+qrLESFgsjbILGrItueFBF4UJVAUqG +vMXl+VKIIqEGGdB49cfBGgpgRL2PyUaI4D8bic4svnduJ3o73joqPCtuf6uWjdvsIJ8PVdiw +nMhYEHj5KEg+ammUE8pYQez6mYWzvqpRMc97dji2wz9q3D8EHBCr003ct5qhuyYFvXpxqArb +bhEpJ0kmDaZkUVi1zXL2ruSzMALTx8bDDjCCvAMXOYcCbMNNQwpRsI7Kpg2JAhwEEAECAAYF +AkznrNYACgkQNhn35vJiuqy9ZhAAm83XwFCGDeUOA9EAdzJDqvHMgROuZ98/2og/Yu3KWLbJ +5fxDGk+By0PM6rZvBP2HhKTojKf/v6NF+yeDLf5OKA9bQ8TT7Byk+MaZWyAtFmmqxl7vxiKA +PhqTwplGbM3Yy69GhHORBAf0o+wYUcrt1US70VTAw457vTt4ZmhB+MvIAVXejKQ4u6M8+5zH +0vIWuKToSBJLQQ10Zt7FvHKDkyiBgu8zxI8/tbs1PtD53DDRYjvwRPKm/P9QFJ7J6/bAb/gt +ZH0KKJB7i8irlpWIm8yR+KSc8qxdldybGjKkKlVPu61hk9EtHjIkJpZJXjJ6N31wklkGO6AY +p1Z5/gJOyEPjupvwaITZFGeBc+3lBY6nStOBl7VBREgVG/M4nbZAkxLVMhalyJOF1cGdlDx5 +R0QpuqbSQxkflCdbcjAu/Vrs256Vo2JVwajPdv5te4DZ0vHf5cObKaMrRbGgMCujAVsqEs5S +eTIH7ZDOMEslkBazAu8GaLTsuv9xYjOaYAteEMEajbCwZBGoFa3yqDEl9bc4BPgMFtCtBDr1 +VA59J6qjp8ZSDk480Zwyq3I1XaoPnQskyog8Or3RnF3kEVFrsGjD7LmOxZGRc3IIXkCzU+4F +jbVJU2C1L6Oaw2Ibn957QyOqGy1m31uWroMbWdGB2agqcRIlYojmTQOoCBDIyTKJAhwEEAEC +AAYFAkznrOUACgkQN/TV1Wtq8WJ/aBAAoxiuykzPTJv47OnvJlzAosjDzw+0WawBFylBZ8E4 +k9rySv6Oyw8rp1rwpyavk0OYjO7dwIt52ZEaPsMt+y5BbTAN1GVgydCajyq6yAWvH57PNdYi +aZyLMWvgqpupjyCyGMHqFocE9AB3YzPpCg8WJCXhBJzy8meUmOFzcxz/VLLKNWHSMdNW2YBr +SFMn+u0uyYUnWLkyFJcWAEe7vJAcXIM028guJWfPye2Fr1fbOx3NsbdHr39eU38Hq2YjaxKD +JBoYgV7v9AKuG+G8exeZg+DODb7m1REMhBybdE4wh1EdYgQF7iQJCh8wt34tQQn4yUqlkrzM +Zymsd9kPzYQDh9oAIVbDIY36hVmO7WsBrJHLOO6IOGENZRPDiqgfrX2jLw+0sJ904usqIYId +5kw9QRPzpGBQw5nKD5KRk6Qfr5zu9XWfUovYI8QLrUVT7/IcbB3x6986gQG/JGaj8OBeIMHF +zPPa1gS+RS1VBZdBgiZu1vdeapBAv3B4oZYM9jAS4XRU9VbsDn3lwOMdFybY+bWUz8j70Z0t +lH+qJmVdmuL2oK1f7e3Ey7wzCYC/olsar/AwMhMUC4Y/VCIeL4hqXo7vnL3rzQp94EfFCAXr +Yq5BAl9iTb/f+nRpf698z++b+aX1svQ4o6uHuyu4nVcvFupM05k+UY1OvSorBVClXt+JAhwE +EAECAAYFAkznrQMACgkQLjTvbYUWJp4jcBAAraOiAjkF+WFlicyMe3fe8pmWbxXjP9fP564f +YS8n7kgnHG3tdXq4BHOG8DpZNvo/9BdP3dorNrYiBFudZjefpDITIv1WTmby1EDRx9NCKn/e +k8Sam5iA3BDX3vZx15s4YPoYn66Lv2WCp0X3fJ1+5On2BKTbiRWQtIRb9q+CBv7ZtN/Kt+um +eCTmYYRWrzu4KweGcZMkaYdRK3g1i4hf5/6lsA08P8JGUAJu2fYXmlVe4bRMsiLqdvlKpNAL +ckDGuOVJaDAq6Nv8iMwnmIfDlm2fUHVq4p9DfI63VJWvW7NcMCmnkF31zl7H0v8Sm+OenlId +FXHv3A7obnvIFCzP+cMbVu6mgQnkOifO8nSa4OLAcYGgeiJl8LLRFwpOYyoIaQBe/Z/WIdTZ +vRaaxPW8MW/lgXzAfvxjElzWABJXRlnvGNoPgsRLxvPiK/6kBdilgtj3L3i1xUZgqBFKX/XB +l89rSlvnIIb9wczOWA4wzyjsPOI/IPkU7VHT87RhRaHle48KW++KLZzv8SM6eGtgV+eZ1qD5 +ppPda1gXg1v7hHe6HMEnTi3A+rGjMiF90f1AQf+UQG1alzSxMCUqYruwr/CDuva+OgNj+ASn +PLeHp8B7sqoeCKwzO26QbQDwjabZrekOaGp+xqaOvoYjRe3loOmU+CVMPvoKmXvIV40a/GqJ +AhwEEAECAAYFAkzwOs0ACgkQcSF9HP6uVm59Mg//ZyDlxja0pEYNbL4t29TrjaE9KlUn3khz +eg4OjWWKLQgg7DEGRGnuUhuq8BOAnBDnLBlLfRd3XMWxjOGYAB0RY1NyUKeu9Jv88FMUVsko +vMUAFbvpsvgzUK5ULKTwE2eg9s97/i0WjeYsBe3h162WWis5dI2iSqdLKAOQ0f81hhDT6p3N +q1Ae4UKTdfMAaRVyuyEY/Co0O0nr++QD/rOfUK4ac8T/pQGyhxq1SxY+t8i6F50aXVIHpolk +T98kKWKbtDQhEVWpUtQznIT4wvHqgYXAY94swYZ882eRTlgsqQ0Eh2Ix0LIiiMOp7aXKX7wQ +ZtH1bT0oAzQ4piUuSFgbpq9dy/v8MIDTF2v8avBmhchPgFRhgXiLoIgXx2ddA0nu/i4c5w2N +OS22cU9qItoUZo0VfN1L/KL3MKy6MpDCNFj472VrKj9iHBN5/8oO25XHkmmvz1p/+vTRwDjO +ZVqO2hkFTa+TwxJPWQtJiSgy4igZ3TqkRSIGXCsgKB8D4kvrIPEdStMMutikVxWpl0dh7CR0 +cEjeN4Xp9jHkWvANyNp00BumyNMf09iO7TZ6zhcswooR8OnETIashE6gKbtDoMKBIyP8KHMj +OWboOOyFObJKB1s7KQAQiKqW87ECFZSmAmMjbBXZVg8BRrYOyQuhxNuBQ0BPPAcUJi9Rg10k +5o2JAhwEEAECAAYFAk0NVMsACgkQxdIxoeCTTpjqSA//TfJS4nXoPh/ICOyi505vPGCtYxDz +7ZE8Y6rxnUOqLi4Uhlp7X2DxCfS8PYF3Ve01wz7JgBHNeJKT690DZFhl5Salm4M42nWzy/cl +QKEnBpwg+3Qry/SEAgtMZW1Z42rG7jqv1d7Dns1yihlCnNdvA7urZjcYTK+ZTG2TH8h2Igp4 +91soDaldx0Fed/bl62kk/OnBShXJQh1j07G7bZHCWoVLscWpDF1yqmCBAUQFhZkgddEUja8L +78+dXu9FMOsiewhUDg96rjOXJ4CV8kVSjiE9r0veq/uCAz1UkHERa3AwioAOsZ5CzXMYR3jN +56Da7QvkBY4WF6sEdF7tS0wyJajxYYuHfEKufbcToOlD6iu8O5CfTANnUY2MVe0S4CcJffwG +M920K6C0LPXkGWFDgn89yJXXaF6jNKEeVRCRoD58ZeL7MzR9mQ4mHGZxPUM2Ttf03ETmHrJj +Eki+b/gnsOlS9+vpOgmIRwcxSu+/TxhopyMs9I1+zU8dIglEio0Aznt9imFxtO+NVvPqszMg +8k9cKElJ6UP08xx/1NKZTedpQ2HscZHPI0OWjTzJe2cPb5iQnBpEQU0zR3vyBNq/gxHKCbeR +ZIg995246GYS1WxcJLLsUcpo0WKhbPMZgKj6IaxgGHb9unFsIdnSYChGrZzTpArb1oBvY8NH +ioHjaLCJAhwEEAECAAYFAk0OdGsACgkQk2T7f+iW9HjTRQ/+LDkMl0pqF/iQN6O+noOUHZRX +00kQBTI1/VAuN/tTYy49MTwqNkDz7iE71HozjxqUbQrSoO5n6cy+NuQTht/iPiqxJPtUTyTV +lIT7L5WFidrNOw4fUPl9rLEike7kq+1XobpcHocbuLgjD6hG7QqwRfCjpXC8chZRIdEs7zdZ +9kP+5pAA0pvwyN/tsontvYeD6zpcL7U9BMghWpBLQD2huJM8w3xh5GMe1wH5rD4M/SkytUqW +vLgqaxKgzPsXlPeZBPFODVbmsxTt6+Um1SdLx4xICw8+lKmsEs0lvJf0eEMv1ebjkSWirQl2 +yP0ozFw6KC46/pUjWWvntufOPLyeYuxQa6mJdteUieizqS0P552EpF3z02TGATmfbWfnOfel +0S+0WSjFgBAqnV3oIbrDnt0rQqwDcyBmVVXdFW1P6pzPV+Wj86AFlabzLenx8W6GF70m8ifK +A+PK1Rr2aGmi4SzF/Jfyta7VIOig8rvgloPaJApIiH2BWYEjUm0mkCPvtzDte4Egj706Q+P+ +d0150KT/3tM62yZZd9NuBVs/YLuKu0JGsuqS3/HlTEMkxslQjmU7BabTGC0T0uEbYGd9d45I +oCYzbSPRnL+WcQQEwzNF9LLjEOlyeoL2v9yXXbzFY2EiYcQaQy3w7bBJAAbGVqS6lMB7VRsI +R/hfL67BLVeJAhwEEAECAAYFAk0wh6cACgkQaLoKR+ex3CRLaQ//dQ7ywZrNcpgW3LCyasNF +oH86cU8idhDo1FnrAXz9Yt34MGTAE6DhCIL+414rjcK3fgCGkj6+eCUdD60QkEzoEW3EC/67 +yfH926rKFA4V/dAO0OJiJaqREmEOpLFINV5n5gefZo2QaaLak2B7rbXWtfEZsY6x+H8FD0Wy +aVn0tX+u/+KRouWS8k6NrrgHfy6HAfZAUFtFMThA5G1vkqP4YpEgoiKGM3K0+Nh2NUeQXLLN +rrbwyGedC+BDybnFGW97ObLFMD+LfIebClQAMddNb/0Zs2cupodsgiTC6Gp8zMO7ppe+9dmQ +lTi2JXW5Nu+aNvlcSIBnSdqJu/Gl7U9szHcIzUgkJCpV/D3G3F1hcc3u1YItERntN7ob8LXh +gA/L6mcjmEVBBR6aDFNlo9LSi8AX1MPxjltTn5Bhl7sXV9t331BAokza776UN+9zN1nJCpoQ +5SwsXtgmuJSnwBoxOwxjhM1FEW+N/Nc174S4f470Lefxz4C5jLf9CeZNZIBE47VhGm/a77pj +hcxEiPpdZn4d/p8TMcFauDvJA1jE92nGKCtgahW8D4El3sC+q4wVOGr84edc3/BpNAO+ALdL +xfKIz9zemTYiBUvsPgNr6ZDV+pmbKRFD6Oyn1bKzRKTok5g1ePqLqYQnW81v82M3XFahfLwA +4C+G8sRguAZhDA+JAhwEEAECAAYFAk1CbocACgkQ3j+X5+4iaVyvDRAAisz3SZNsdtNIJszB +vXA4dur9MqN8GhdvjAJ8D9DRSbWk1Nm6BOWR5W9kgpbVO+14j486h33XzdCUeIe3CMyJW1rp +lYxDcxvMNk9JukGKTcQfZZP/bYgDAfDJ1A4Q6llVOQ0TuqBZQoMVYEd3hcrY9pP8rAGsS/Hw +UOlbDa+CcA3GxqEUA0smKY3GETnNkV2xVOi0QzJR4TBwhvbwfznRCut2Lfe3ky1iuaYF30B6 +jhY2rMkqV/7Ocu8aIfpfzpTMUJhu1mqrU4tmCb1YbfC4qJBw7NLwJreI1M2ZY/9AfR8zmbRc +TPcHHoi3YJ/Iy25/JU1m5uc9t499b1yzzLLYHzRnSvzC0n+noOaKzkMa/ecUSz+s+DsUS6WU +GioZIdyp5JhhfCfGHMGEK+NAaT7z51L7uPh4FSL3kF912tFNYkYr+oYIi40zaHSPMNQEIQjY +cPbjGt4m8nN2uJLVZ2/U/43QYMwaZfo71LGHk/sDvfYlKt5mJLiVoxZqKcvk91kzMhGyDPSE +xeWgol5bKc4R/EMc/IoZfU4tn8QGcm+xBMe/F16DN9wniYOY51iMVrb+jZTA/MT3gpFJp1xX +oSNY5kVkBMxG73NlGcKFDHtNyskkMM5vItvNcI3djSi5pjK/xPMMdscIocL1boCv7n/jgqO4 +e688M+tNMIg2dTPPlRSJAhwEEAECAAYFAk1VMKIACgkQvPNEVzABbVPa7BAAg/Rf3Pbje4rC +kk23DhTfEp87vpOIsSOXhWQ55DM1Zy47H8iDbBoMDv0+REz6AcraTUXTfD4kArD1Z6uDVk47 +WKNWmjgEYcNX/+9xPKltwF/syDq0hcVXdV7dBJofdH52LxM9mQMGybfUDJD0oR5eY7GWVHBZ +0xDH6ZBqltG0B5eVN6QAxQvhrsApXoWGkDKsuseKdJgUseEM4QqZ3L6/R+tIZ+pX2y160dma +K1lzkIFqbgdbu1XlD+NDawDuxI1rdMcHy20CAYnW1RpKgbAC5BZ48DABWsu1R7utAtLqx+ga +qG6+btt/Adx6HhFhtVy4id4p+MBTMfEc+LNRbDKK99M+nemnEB+VmKNLC9r9mzPutfu8xvIR +VDVMleB6pMkHB0fYMnxoH+9jqJnNsiWc2ra/nn9ucsg3LxS/DiddkhcpMhR3is7s/vMiFUPe +DaZiIBYCXLI+k9c1nFUrynJNXJhuygXpBW532PuCARCHD5+FYzB7olFK/wtd7pcZcAHchSGp +DBedP7KWKFEUz8jWmwQCTZIeHf/XPRGD/R00H0N2gVJL3OVkrS/c6/pW0XJrcT1J2iBSKfXV +yeCFwbCIUVoD7qrObZYs70YEDN7d6NFpa6uzSiINTPyXqj2IsP+1Wtkpn7AQx746G5gJgrTr +RrvGm9MKyPx/PQJVLZPAKKOJAhwEEAECAAYFAk1VMOQACgkQunZ21vQruqBtQg//aSX+ule7 +Hh50aEpORSsgAOYYNVgjiBUkLck0k+R7iaO8VnB60Gz7LZ5J4hvUswEWOwpept6CgkIzUKzJ +A5FdemDhWGzGryRDk3G1Fye3hKzXzS4biK2/xdicgJhlgaaRgVrrfbK0IeGAs4lXberDvYq0 +8JTi7EzTSgyWKNR/JO2NKcuHvnl0P30jNLZ+MDjVRpTO1GLMrJqqPRPFqWiY1d4iIZQ1rVXr +J4b+ZXO9W3dfi5JIpUtLi9kL+iMQnHupGNI5IeM+S6Zj0ZZsdSXRo4t14O4wrfG5FTwfsttR +NX5nid1bRZzL9P7VlE/tOuSlCtpkWrFdM2ifi9tXhq8pdCRTDPiT3Ir93gYlGQ6HMNj7PycM +OCmwtKL9KEgt2iQg1XkI1CuQwpwVyoShDr1Da19KU6XcJArwRhTV8jKYX06KPeNrksDQMC6p +E73BDG0QtT7ksXuBnRBCmEjiWxTG8sV6dHN0pu58qmNSP76ihs9Z8Q+e4cdgGEv+IWgGS3xj +WWD6+9xZUbhgEc9Fjobs0GkqfUiqKnt6uE0Q/RjGJlBnA7h41fk8xC1J/31Y3rNwulBtpqf5 +2n5fLav2BUlkUu1r7s1xvmhRnrO2u0Km9zEVw84g4aKVBEfVl5SGTGNVMZ2E7LQSmtC+EAfZ +TUsv8cw9ynr9LKhlaSGPComQbOmJAhwEEAECAAYFAk2P06YACgkQ7DtbkrAT/WC2cRAAsMZh +eHntMBrVYxQQoNaOq9wTF/PQDe2pvnv0rFPoB0dnCQwNnX5vpJBe/aRQ/hdhvtdCtOg3rj7R +ZUja4OpEcQrFpF6IvBDct+iit/TFlonp9NBcJ4PjU0p//+9xsI01nCDHUxTj9HBmXxOGcDf3 +ivMiYzgCc1VKYz8lbyMoVdFnT5W06DfRFqk0nILj1YPQIa9xD6qJq+aI58zR7M0PgnPR9QuS +L3fIusf0uEQPCUIbRGT69JZl1ongK54Hi2FWP3cuOeuW02OJ57MMf1XRQrd3h4CEfmXW66D6 +y0C0wM/xANmx0EGnkin8KZUpMj60TIPpVI3kcKbtMv2qjwvf1VMwhs4OqZh1EIuosrLuk6Pd +0++9ylaDw2IyOuw5BC6oQ+O1S85nA5GR3q44778OCu9kzQumGE7dLn9T8OqhUtk8IITfK536 +5rsMdqDnoL1TKf/vMi6fpbXc5PVSPksXeArHENRsxrGEJa9QJxpw9FXFP6WF+LTqEBBLgF/j +o1Yjm7oP4KEpFh/Vq2A8HeYKCUAw74rnaoLrdH+106oNhACOdaug0skiH6coQnxgLOzQYRMS +YoQSIoadKEZn9v8MS4bvdItS1IKJg2RRzy40PstBt+hN7/DmWjqepTYq+vgUY7DSI3HlSHpd +KNRaDaVKLeJxOhwFHaUHRvqkMuSW7QaJAhwEEAECAAYFAk3jJUcACgkQu/VnaxXd/FjnZRAA +1iRARwHLSo2CaiUBM3KptRu4sztzt3tKKfRltI4RBwSKnsAiuax1lYmIRpULnnhxtYbDXYJ2 +kqDgUVun/izTHwQxj+Kjdbxj0V6rAHeaYhNt716TgaY0Qcj5lxHg9G2RwMbKKAxqMAQJIVmL +9kzXkx79POuTavplFKYMqsM0+P6e1XBWU8D7eit4LMlF9YuSmj0lORQz56T4d1WJ049v+sde +lJx8XtfxdHBFC3aSOthaWmg4BCTVXXBGGmimCEF5hyUB/6aXqam9KmQzPS+e9PGbsGBG+sMD +0acIPotYoI5mSwTh6GAK9Q8LNARIs6ALpyoL6yNxP1YcGzhDy62RQG4deTSPhbYm3r4mrYTX +wDbeV+hamHgUl1vmNzxLL+yU1yJhC1VN0UUzYazChoNvF9OzRLUHw0SobUsojiY38vWGeQ0E +QVWkXBR4r3LJmMSsSNpQguoWPwzmN4bueerPko2ieHMSP9qeCkM5LdxSM6zX09IEyV/VezCz +GD0Wo4nwgr2DOoDJQJmRgZckd5kGNmmhdPrrjSkB8fqCMIa7FSbZxEEriaVMobCGnzT0eyIs +FHKZQ/N9UFsWdwAF8KRONFK642QE+QG4bTxJGnlyVLbYE36gZHbuWvah8wEapDX6w2DdoYQY +N3OAMG14kvk70IKsmMb/mnb8ACYrtYqWkYGJAhwEEAECAAYFAk3+qs0ACgkQGLhvjshc/b/r +pw/+M00EqQGaXqKevIslSvb9fTq6hKJgwVl+Qa5ZdXamZXPrZNp/8/cDj/bsh1W+zYPLS0+t +BwFIXZStHjUwOZt3Z3JZIrube3wvhkRw8U1wb323Ib0tm4VTGtMqCfSGQPhMtXLn8Bn/pdl7 +G0Tdk92XlM2OfHqVqf9AKj8NwHRJ3SxwrF+WhFZZp4V56j5uAlJ9BeomYSa44BNuHvpVWoiA +nvv1XzsSwaN7McFt2rjhnktNCzNkPdo3kPsj4Dy6xJKAcykdgdmS+mJJXMo06LVkWXz1odDX +LzmOLWpicXtn7e43Rw+d4EqQiDqEsaFJvOFJAz30TRVBo8nu4cARl8aR3XXuFD4XhTVo1iQn +827KwyUg5nPmR27/CjdVaCQcvtU2OvFol/vrbvpf/927fWPfU7poP9WPZHpjQjB/oY2CWnEK +l1T0MgBuq6CGaFLCO773MRw6+xvPDYlhWdViXvrqGfc0Wlzign+Ye9km1GKn1uyQnXrckoo3 +PuOD0UWUaQoQ/mDN36/i/EF9yGQHxsb344Ze0easiaDvoslGKc5Xp9jSO/3W9E7S1xDPtmHp +t0HGwcyVkjLfG3LgauItmBS/MvdZF4xmaLmY23C2T0O7GVz1T+1CiYUWaXlL6m2Akk2eWJt3 +sMaYuYHolzb0+s0hVY0UzV6XDX9Ts+LeCnq9eRuJAhwEEAECAAYFAk4gTFQACgkQxrUpupEW +IYyNbBAAmVsu9cks4SanzCDVDuEoKaLNUnxQCaisIvzD5WnlQ++XlUPpIEtFXrbutjPc8zEf +vrycKAZUZl5cArKAGQrKkPWNM0bSOR3S5AYR1yu47uk4pfPyGY0A6TeWjrwG2mfpaacTQFGc +H0ChTcc1eOKdqWV/DIZnKWO5JolCFf70oYMlhj/JERCZpIfVH440d2BtzxOnYBxIco21Nb3+ +kL+CFI9J6Hd1vA8V7qjB/Ds6GtODNRTNhnJCVCETECFinrcMhxTtszImoLiQGprzywArjbHi +e96hHFxDPc/EatxGpfr+GgGngW5oCOVkBPAX/1ZjuB2myiNLEpVdqvLRLGNFYVhHNFBwdN4G +MfthM84WojXdBNgL0EZ+RmQHYlU9OpLoh8HUJZc5wbFe4zAchjGfFu24BnJkC4rOeQx3qiXD +77CaQgihtJiJ0XMLTcfeSlMPXt7HRCH8W2MyFPsYgs5l8axMz0mlU5wzI2VcD7BaAwsLCgRk +48n9diIPmkkl+j+1k3sfwPRzOHR3kZ0DbQqC0Q67DxhIHrORGrACinvo2VWCv/2oHOaaE3dL +1Xzn8In3Gc5zSvHa9bL8dKXdckYKAIPFoUsS7JMDg0vRewQnHWXrJ4j2IvinEYJxq0v4kEAF +6CrnzwAXdsdsFOF3nXIP6GFBhR36ao5h9AS3D7k1HwqJAhwEEAECAAYFAk5WXQwACgkQhZw6 +baKTIdc+yA//eXUyK5yLsnOUKHSMKKbAP1hOldbOTXwMiW5DA1aeRrvijcmw/SDcg+V6gdMR +1g6fGgqqsCdNGw7VZpu8Nu5gK93Q0lOA5Fg4aXzv3AD9y+wVnc5vCwQNxdBfwgu+Hkazvv4P +BewtxYUiNjR8wev6T315wqJl48Axy8PiGiVv4YkGHsgdjO4SGHKof0Pf2X4gCyQwrN8DzON6 +yfPZq6fTkUBh+ul0MziNzziYyv/bzR08pk/6XWE9GKAyM1ZxAIAPR0Pp7F5m/k2Z2bB/jW72 +FeS+mqzwqTS9mVodBb1pfM414teNZArv4jslGm69HHcC/jMLW4LWMXpB6nhDVcUPMOuV2q+2 +CbaJIRUED6nw1xmznht0BAyD31KINQBvDPQuLv//p7oLx6Ng0Ce0L3z8rxylarz/WHWkGBiI +W8Ff94VebyWh69lUPdi8sLgtDcBmMYC1Va1v+vUqJ3U10jhKbql3T4qt22r/jdHdH00uaYQn +drB7vk/rGBGnAU0hHS8029tV+6bzWTF1tygIE1mVyU4iaMfKVaeZrOWIGcbSXsIW0m0oaQ13 +gFiJinTHomL0HToOZjzpRH0CAKdxxHR5asQgU4i7vbSHSIBO5aORixV0OHmJ1ykuG13MfPBI +b4KrJXoQg0sjDpT1AN+VkQBRMO9QrGFpuWWBoDpM/QQ5aDKJAhwEEAECAAYFAk6sBKEACgkQ +3GkNV4W7SI865g//QMqK3igsQ4V6scTRTkDyGqkcoDeRcAZev3IEUWh7NJ/LhHc/+J6XS9L2 +6Lr1+FBPiEDhEUrhg9HWUKHh+uRg9kFw327V+XdTtrYE+DSAtOIPSNZt0D3gZZFDo+DgjKe1 +D9vpXUFqFwwiQlFx4al+Z3bFOTZpGM3Gm4M4m2rttkXnOEqmTTCJmR4rgHRbBIb0rhXZNoPG +2pskUBAOUd3W/PZloKE3lXHtGatE76hUL6JsJtW2wX+VgxjkwY5FXVy08ch1+wIr91k2UCXd +yjknXcQNghwyPQL5jrEw2dvQTiZueUomnA8xft76TS+g1pVolZBuSYOIm7eQVJ37b2GjY18G +eZ3BMv/Ka0WkRFlaQHGEZuLdKs3zWxZlbSyG8rJpxnKcX5fuBWp+sb/262AJS3ncEY0NmPkp +4s0wcNM2TWpwdvJAsZ1qt2JtPO8Hd3bsE3pk8tAL0BH/0Nk7dKtvBq43cYvHv6PImVowvf5b +DLM+Ibp+NOURiCxCdjqhvtDKlaH4DzmvRwk86Yl9wzg0X8tdkP2s2ywR/bMwVcne0lgn3J9k +7HSRIvN48Zqly40o+hZSuRB92CY6wCEVu8bVjBcLFDXNogOK7t0qF1bee8lC0cSHJV32ZyHh +UwHw3I8i3X0TWLgrTym9J/lh4oid2KRJb8JlgSS4rlqa8nWxP4mJAhwEEAECAAYFAk7Af58A +CgkQkBQe4tq8uJMKkBAAjBL4NxYgm/1EWrTwTtdoSa0e/o7NecJ4adILreRGCw3EmHNJnPjE +je1+ZMqJzj01RQ/9Dw5lJ68IVhBXMgqig6H7zpHJwDXJvogwYfdOSo2vmp8orEK5egupRavJ +H4GUZ6tVWP6inQX6NlNNFS0qaLy77swezP9YQNQbloEZOKD60N6mdj6mlDnR5jA48XBaN6JX +SgHrnJOKqQCtHtKVQ99w1BG3u0pn1lGWqvzui1Evgs3u7c+snENvHdIPlFCW0H6n5RWeL8kF +1ObVXXcNJSsrxCmLbAz22PKPe24qdOnNWNX59KeJVZyS7VdMY91MAYzufVo+WkqUowUWYVk4 +A3C3dF/4c0Ah1oLWQKkvw97U6NbVAv6huB3ScaLIAantcaIihdiC7IaET2ger26fNg/i3xK3 +cQ7gwv/pTo3bBzoEzfRKvYwzzzE50M274vV1bcUJMJEMx2y7rKkxeSE9iPd3Gf+EvO/R5Qby +3IHQc8A4K6leaNPABdj5pBOKVjxEmDAZwspYcht5DCjM5iXZUI8FWSvSHZ9RtiXF8pfnoyxU +hOZTV2JE4zoHEektbushZ7Ev5uAHp025tdISs3X+I/h1cEYu7U2Ff44bfNnsEBWezilUTVIc +YY8J4ccayKTG6UZUElYNYbp1iq7cmZtQO1KL/BYcxLkNb5SMQoGZmyaJAhwEEAECAAYFAk+C +4zwACgkQZJjulZGxH+ixsA/+KQydku2kQGWYKrODm8Nd5KFBiUTDj4GShR8SH2frDgVfKVgh +1tJYK9pabRo+QzhtcV7/tk9XhPoHnHqdU+R/3optcFZ5JPbylOTzOyWZCDvenqGKfOX5AyKw +osTmk6OvYejjWtJGr75s2F5cAZysSZPBzP7iDwJKzstxrn9ciN9L6Hi+oDLnq+Ati0NobTte +owFVqrEKOwIL3Y+NQzyAO99pSX74pfSKaWI0S7+Pe7ICTldXv0Mm1ZVe+lnEAX3jqeyRDyAQ +azih6lfIUoLX/xQwIKwnRnTzYHDC2H0a6ZDP+xqFAVfoxBMHVJNGrQ0L8bifqFBt9TreZs8h +ZM0KxaL6do0SdkTL8nUYq5JUKatDCjupeml25ozKrrwdZrU0XqiJ/jucdMyMoXRuCSRl+jhk +M1yxCAoa/rdPx7b4/AQ+vItesWZnhFpN2jCbaBYStRBfv0EJ0y6B1O2tLz1Svj080r6FoAXW +MQHDbV3zF5prFnIzWxTzzHG9ngFfoFRQpAoyT+muO8CpIa4EYIgE39NZpVSZAilbP6xBXSSf +oBQKFpk4bp6nQlRIbdJBRAV61KtLtkNb8Onr7wu2yiwvrfK4SQCA146wgK5AIexSUCZdbJlE +8SOuILx5kpHfKwOJhymgrgXcSqGLMEM3gP1RszuAP9ijHsZHSWvGCUV5//6JAhwEEAECAAYF +Ak+gCdIACgkQuzagKAB4jdTIfw/8C1jQWn5Z4m/9oXHOSrhufM6O2gCshJ6Lakx8gwYaQqiL +Quh/+zzWq4G5w3SiFilw9WNBswyvV7DjjtcEuifRT6gLto74911CP4EyajAR9kL3dFv/Kofp +/Vo5chFHMpiwFps4tvQdAK+q6UMo5EFodHkcEGHuejizmPDsNcG+TnmQMyljVdugHdx6HBe1 +OdoTUgubhpQy2jgP/DYytF0kT9UhF1R39F4URZp16GAmCcUWQ+M8ryzqIQJpdkx8GT62Wc2I +NPV4f3631MeTFwcZWPIam1WGjv7M2vWGz73hNOOcA9iGoqhARQXhLlILVz2i/mM4Bak8ZQHa +0Ppz7Lm1TIEYyWJVE09cCCDRrf0+/GCDPJtTXDDpjrdiZbcI9qqGLfwAChLFFO33ne4PtXf2 +YgjAyR5393m2M205o0FMpv6W3qcgd3+yAbhflDreGW4gNadPmdfxNre7mL3jZ6F16uXtfdC7 +5TYFRAcXqUeTVgP2Q/baB1ub3yKEE9GmY+ajmtvpxFMRlFUTCxGK0ZSAQgBsLST6zw+izWVo +QbChXeQPqtwa/0R1qB0QBKPN3C0+AO5fCUrDjzcDbX8D8DRwgaq1Wvc960OdQSYRNaPTbjcK +L1fN+PHo8njRe0a7VIKglk328SJTsnlJ6QrruvpZcdyG6XDBJ9CLnYmMfHMfqliJAhwEEAEC +AAYFAk+3y3cACgkQYsSnUQTpWDbvixAA1BoRFdgbFvtVOGktI/XkmUlwNQ5MMSrSuiQr/o09 +d6+9DQep/bVSZVn+mYYZniNJJNSVqMj99PCjuUXMzZ3iN+nhwJrMrWv1NQyNCGFzOAsVVehI +IIzNaWuL/KXQD9XBc4gnVuykv1+0Vs5yAi9Q7ot9OvQLuD+Zz04RFHcWx8umPPibl/fX321v +CczuUbdpWsGti12h2Hdm4EY1NsprYcxdaBPKou3thc+5WzSVavRyPKREJMp0a5OJrAd8GECc +7pVu1Mc/ocWTZr3UDoiDm2HznO14ZKHtDE9zdACzYrnnnI5qm8ukH4wtta7vdlDfKtPbNg34 +cRgk53zwFnKIeBwI6yeUjBGpv7A/pnmFwNPiJ8aP7iA/2TleArQ8/OdWBSLqsLq0MD/f6GYG +Pr/7T+nZJV0cEjpOBoPErn0WnDIG65QEpecWxm9Ki6kTzOLDkOUUYWH7oW5gfnUgd/QsM+ST +3QC1Fs6ZJmWCl0PyORv5qsftyafMSvHMYaVB+a5DpE3H+JC58TJXgvY7LIIl9wONtHra7lPQ +RZGf+wZUy5QKnL/IDwgk9upIwKV8FmVO0v7QTXaeiKAPgoSRS6bmnHLA17P6HP4dcoRqKnIx +oCEFaZ6+xQpoRs5sVF/SKt7niz2OIxO9Vc7g3JkhhedLR+IC8CgK9uHZIGktBYHfeT+JAhwE +EAECAAYFAk/NR4QACgkQVeLUEQeWLgKF7xAAh9hj7qVWMA8QWwE1wI9CpZqgLBwfGJcLwRO8 +nC1kn5pkS7MgROJe6JaYTIxyy0dbaC9uc+2fKhxFKYnDMryUT5xWK5F/qOd/dUrh5FrHY3gT +kxIAm8i/0VKSOzhkjVl3X5556F3T0bNrbnVV1REpYkCYFFW/w5qAB4arEP7DnKmskapS043F +wHoaDPut7RBwnnleWe0uqnk6SEnWf6CYb7FS+s5iKDWcB/6IjSaJZKpCJTXfEo+3CSV6GEYL +xGKJYA7bgGMqpIDjU1XRocbTZRoSWHX+J49mIWdD3fbDirnCLtSKExe0Wq4mGmabaURHO0VF +0QkOvSXYNaBQeOKm2hVO83asFgif3q1K4lzxFXH/1cnE9pr2hGR6E2IkNyvR5bE4YKqvUHbG +MLav/DZ3Jb8TKe4G1T/L9glprTUvqG8EMEi55pZv3irpgZw5IzO56Eizrf4SL2/gyIrGO0BP +BNsRYq8esN2eJCwfdXKJXLrVukfmGRyTespNbJkiV3B7IRY8xwnPTKWZO3xc5W0aJ+ObldsC +fvMwlkLGWMyPqfUeWQc0VPvlVX+dTDZaoR3yT6kkCBNcfO1PswzPA0FCGTzXktzzu2qmnH+H +5NKU+Rqm4QnDncELh0qHmrfk9agFaRkwh9dbhFc1AurKHV8jp1Ch8/79xjO754fDFXWxgHuJ +AhwEEAECAAYFAlAl7AEACgkQTbU8/oKkZygLJA/+Ouve5vxrvQh6FNDng8Sg3FL0chSnkpG2 ++rjMdGJD/kFPymXYCoTTZEgA2wOadbQETxPGm1ACHCyl/193ofoW7L94R1iVz5fp/hCgOlcn +/U9xirM2mbKEmrfKaE2AII2RfYskExamXuza32ougSuPE12q91q8axJgZaSMwjFHUyez2pmW +EY/nVSuId7JpQaz2Js/UZKLVSnEzYHjXdotbUD2fR0wVIugMWV0A7sxBCwK8H/AmCat8+Ziw +RJS6Q6pm1oGePmqwv7RP+U7yCOX7zlFI9+LhlMw6eFVSQkfdlr3FRSwWT9ePCGiqDsxit1S6 +lyiEHefcPaVv6Smt3e5nDCdc5FtAQGfUNlkjjABzy1kCPfXf2/KP5pW5TyJuFflAl+RsWN5q +fMzKopv6dEg8+qi3Bduq2Oj8XncakE8NdndOI0tPhh0GwzQ7t9kEabZVyTxuqsk+LIrQcOT1 +tru3ZWj4PqYL2i7PneoGQgzhkO7u/qII4cldBtzM7L42OzKxbxvSeEUl7M2LovNwfMLS58cA +i43j06ixFCTdel70UQ/dPZWXJr1KssVlEqiHpxXuPiaWgqyRheB+5haeeOEd5rKnpVwTb93t +z02VxclS4RiucQ8/WAKH1kFfJmLdqukfR2EgxDyWiYGz1hCdMpbjWVz0cxr+JG+vgFdNPbxd +c86JAhwEEAECAAYFAlAqiqIACgkQLuoNmc9WLUi+cw/+K/BygGSCnE4KT+pw1SZZM4lXh0qx +S74+DOsA2u9RCoTpqclbp+wZ3ia+Wk6PQtDF0xaXu0aNoqHoyKsO6OY9umh9z22QwqAryi1V +GmpU73ni1h9yCl29FL7zW5saOs9iQGAMqRiMoCq5J5q5EK7h0ZsQOAZ0XhMc4bg233gy3MX0 +2Hi4pMfy20Owxcuz3O219e6FRFuIhynIIq1uQ8CwaK1IOLjWPO15+xL+nNrnfiGkyXniC0us +eAHvzNR1GdjRX7q4L/iF8S300VR2tn/7/xheQl5ms7jLxq6B2f9hGKWtMXdOjv4/SuMAMggl +HSHUR0SaOdg2LqUWbjp2B0K7iK+FeMHzStZinimsA3kRjXqqq85wjUcAcQRcdgPlHkcWNXSs +evX1N6FWGBfKKES1hF2fxJNucG3m6rcMgrE124ZKn3grlmuPXzsP1wHPOIsBThRjdkWchXgC +5dOXOHKdg9dKTvzHW2gI3Sp/mVktwox5d0F4+re9P7kazc8zLbXTWvYGLje4L3mkiJe/1Rqt +NHGMhSjTLOQK5P+BXdRFf39pXatf6BcBcDVLf0H1Atj33x+KFe2xd9u5j+dQrZ1BCuxdoW3e +gtbB4C5UYcrb4BGyK5HrkRabXKrLyNv7zyDxmvT4BceXnvT84u1ugWJvf00vWn+SEJkILOIb +CdbyUPSJAhwEEAECAAYFAlA/waQACgkQWMHokfDYKIpynBAAg+v0j6Yx+X1Rx7H4+qXBh+dM +snTd/Oz3GPL1qlvPQbsPuaae3XJolnC+vZp2dJzkmhDJoNg3X/fsndSBG/rOfvTPSoLS5gRq +iAyFzArQGCEqOT+Zu1kbCixj79J7cFn8VjbN4qrprEQudpCMDcSC1SpOoCdlyfCEmIOCBT6Y +s2gjlPlXNwWcWfrB3vGFLxmJYh3k8c2VC0ch0NeDUNgaJaMu4qS2NEGow2DL1Cg0ElMQNbMc +slEUngyuY/xQF2Cu5fsdMtnGVQpizjSw8UW486njWaJXIYly3Exm8NeZ+XJwGM45fPWsM+OI +jbQbfyvC0hWxUmFa/2gNc55NUiE9aIk3sNsF9XXI6GALUPXQUfOL5lZUW6Ip6e+ZkxEZmpWD +z/ZazXMzNEP7GYuYyw/6gMUGg/PwcbTvSqNberYz01ewhb7DvuHMuVZfdmx816jh3RvuYCrt +wjaCuiti72qBOm7PfX5VkzlG4w4rqsgfy9li/8buNS8WI4iikMSSRjFWuRuIXccwXcqRy1sB +bLkEmkPD+2l3A91P2+3j4CGzC3DTzBMRq6uyTCFNnSl68/26vi0f+hK0GrFHNok8AwIj0MNe +ZLUXiRlslJSu8K7vujyTRv1FwgVSSL6iGsC42TXMctXIheRvumzYzl+DprFHFuz+Mj7iyPzg +FJZJqlDZG6iJAhwEEAECAAYFAlA/wjMACgkQ/eKjy4AM38bDZg/+P+6JlDKypeZrHQt7fq9m +A96Onn+2Gdp8WDoLX6oFnY9gtoBz7ILkvFccSC0rYRQNtgTaTRW3JgC7NEqbVBpvecYFWLk/ +XJh3AFymu7bdsppDlO9ww+M24hZ9nVpWf2ywM6kkPKRwsgnvSduy559gx6lC84wnw+ruGkBp +NW0jkgzK6Li32Ij1HzaJlVwKFKmfzb50nSlHvf1FqBQbFgWSlR9edbrLSIv/ExJeI+6gQLec +ek4qEU27jRpKsvc8LSuoFeUl0hgHx4Lr/v48SBJtTgHguUdXE/iqBVyVIoiK1YmU28oMHUTk +TKQc1a/4qjtjrRIczM9tBwL3u7Aw1O6Q1/xylL639qHsWn/O0YoI+vCiDvDuHdpwB5jNPHDg +OifIjTN5NPIXSneROX98ceC+wSMaI3yhLMe1UTG4Dp8aYccZ0R+cg79kV75mS5MHTX1R4R5M +mt+1kgUM9qgUIqjhDULKjPI013oKL4OSFvU9ZZgKQPZJKuK2ujInyV5cb9Ei8AiKrbHdBL+i +ZctPLFjnG05V34mI7JNWh3B2AEEjLMaCM8NOHb4ncrBAnWKeJ8ch2K48tmeIOLGIHQzkKqQb +yOjiMTo9ByLT31YFnFTKHkHjk5LFgs5Sc04up0PRO1TtEg17AOLuuqjSuYSm4ilyxvrQSpmk +Me+hIHkntClJSkGJAhwEEAECAAYFAlBZg/EACgkQ69EUuCNBUeHYPBAAm4fdqRAuVyIN21+Z +wbiZY6+kxt0Ub6PVG3VexQpFufvxFmPCSu8zFqxs/4A4hL5qtchxMhRafntQ4hcb3sfZNq0M +dR06ftfNJn9f6Bhs1mvoNnH9b0zIdUORlsZqeqUANZ9nIbEGZT5JC2selx8ZwVgEeUEm56Jj +FZQMTPmwrXoLChPCmve75z/C6K6vWQt/TYMOc2Xd+UEvOH55LBBHlnvwOVCdjPgunmkwQsel +H0x97fEPG/kE9BbIGpNoLxuhJihMqjGoun4BKRernPVcR88uhNHDLdq5qUSWJ2QHpriNjy3V +Ed76fhof/K4kaHeowpRV70Sr2k62Zgr8sbT95P8UcEltLurNet1yPtI9G6zFVkCrhaLKsIe0 +hA27APMICUquGZX17lm+Oe6twrnUJHWOQGxbVofFFC6UJnoLrZ/1yCDm/SK1RuLAX4wDwnUm +Lz8wKwQipA4LEC+lCDR9zROwwgPdkUiaus1BqrEqY+ISzLB5htNBEs2rh3Eg5IOWMdd5OgE8 +JRTRGlgftGzAr3tYlms8dhTLJe1+WJgcNpa2IQ1yi9kt+d1wav7XywEiaBZXMgCi+H/4buen +lAKoH2Pe+mHIrAZV2tgifkjLyIiRAIUo1j806WBQwH4A/KGBDgtD/kzaQmebPzKAXTsZ/qMF +jxxNeO8UBmF1LKNDMEaJAhwEEAECAAYFAlB4Hu4ACgkQLHYKm3ZNmmygBQ//bxK6/PCC7Lan +b4Z2R7eBl5d/keKO/3ND8luQ4oC7PJJ4N0/JcnVWam97LRZY75t7ZQ8/kyOdSi8zxF01xNlb +L+m1MB1Mv6xerijARhzbzMe5btnTPDUwQ6w8p8diFSacUpw2qpA1nhZ5f+XILpm8gp2EAdO2 +xkQkk521MGB8ImWAjUK8ItH6xj4IX90hIdcHgJ7qBDnRxwEF5myprngZhUr4+aY8T41g2maw +Udl3YK+WqdIuKq58Jxeqw++klgDhsgdnsHEq0ZTztgeUHHmmXcSZ/Di9yFAjC1Go+Qpe3qUb +eTSb9AUvglDqICpGSaCmM+owbi1O33uSiKcDASTK28k3NWJEBD8CnOcAzEhvu8igdOroFEye +LIaRsM9WgHxHLoJR2jAps6d08IBEXFaeZdw1veP9oWl2BSx0GfS+nY4vBxC9+UIzYNe/Q99A +0WqKJEsbM0jtujieaDuA0SPgKyrgLZfTH5Cujy7wx/zSkt3m/UaQ+SP+2Bra/alOMTXSqD0V +QwJWlKf8oMlazZhREdq2CnkF2jm+VXDFaFp++1ksmUasmr/3ODKkwmU89DqdMpNF3xHK6i3F +h8SOmoBdG7PrVULEwOcVY4Kvu/v+FRzD2Axiu6yNKsEk97cSeHXKB46Q3K4DIdTerfZN38mI +yN0KIFlcHZ7L+XMVPqchcxmJAhwEEAECAAYFAlCKmZcACgkQvKW7ECgiWvOp4RAAyKPgYjp8 +iKSD5BkfPZYBU0ONfU1Obd9dqxASnIl/wivaUQUiAXD5PnxnHYZDgmokNk/oQFWXf6Q4bEOo +48AEQMe+WHMb8jcTL1GJG6ag5ihUzVJWOlEu8tHgjJampiLTbPDEyV3aLmQjJXF0mNaWkhBR +3GMRlzx8Xl9igbCxbwflLigTeF6iaeOBt9og9lSwmiAd+uw/EERzypnhOE3jbmuBOzLECFcU +P66BtAshwcjLPltInax5Y2wue3btadSO4av98CuwaTrV+BwGz0+Y28gP2q7cycDGrOJWZV6f +OVpdWdFqyMErbgJAfay55LUsNO4zJcg2LAPjk8UcSoHgfEiLcC4dv+lyWl03qtAfwFpN1URv +4vYJcJYRCIzTPoXR148yrpHK2Ls6eUko8F98K+CKtU9xHXphXnJpttKFm051VuRjx+ciSTZo +PDqlm0ye+369AaAQBwtUi11obZlPnxTVblL+7NqeKEnHhzLJHbDX5pgAsK3JSk3/3D/MWGku +VI9MTGEdMQPj/1cDnm2XCBxSiSINpKJ4cS2CqgUmnw5B9IASjWyeCjWWUb1x4NDEAy7hYffA +Gk4nqaTqNVtriBWZelLYdtIJuMBadfim8zw01Dsk7n63qy7EGH6fEFTdbI4iTj7Qa3iRlQGs +BuijJ96gG662UQNOfimGwCiIWMKJAhwEEAECAAYFAlCc4wEACgkQ9XxN0aR9UbdfVg/8CPRG +BCWqaa4czlIYyaJO9chW5qH+GOWsLz+sHcEZNbzlBPHQL7ZAZdMwssZsPSf4VstvOmlWd4md +mVzFUgHR9DrWEtLBOLZvF9xN1emQKsgMFlCU8tY7R4d2cxu+4BIQpnwPDgd7axVKEkVxNqu1 +46LaivOUmtmFa72usPzmUVU2nHZ0N9BMzS9EUGpdyBbOUl0o/YCDZV/Xrjrk90/aFyg/kVXA +1+AO70aR1nsgApnJ/k3ySI7W4GapAY3hyZ7V0wOHlU8Ffo2wB1CgbaCXZR9TX5fxBWZR5L4Y +3hveBREYCvla5Amf0hyDBcf7IumT8ttjoPtd9a+1PYNB+YQzmf39MaW/1q19hRa1nXqHG4J/ +DRwccuyIInb2Se75VVXrvANTyONagi0+8M3zUbsVggzjPhfM9Ox07RTtznToZ5Efcbj7YOAx +mFm+8mv6eLidplsZpxySjhWkwV55NScdqFL1r7XLOTbEzTUI6Fo+SMBmE0uA9ezq4miCjwlY +WT2MnH3ZXF6K6ajCD12w9eWfYzcHCmIgreb25mfW/LaryICrGEGQN2z+CFIV88Dmvi4o6g2+ +1461rWENQXbhitFDVkXPZk1BhtZJjc/OQTypkf9XBLVmuLxO4M42cJpzsSHNlSE1pkq9jDfB +CxsABY1Q/qaHjmF2SVczZbdUOfjWbA6JAhwEEAECAAYFAlCp4swACgkQPtfj2DqOQzZSFg// +Xg9R1eFl28TibuwYUfGMG8fVU1LFEnM0nXQRZBZoqljyp5qxuvvmYjMiat+Wt8ehXHJjVjn/ +NRcVfX/pEhfNKT2cudD6ZkAyozFpZcoRivUHgRtDMsJmQHrL6UGXB8Nr4eDV/elcdx2KH8Ez +p7SkrsUZnQ+1d40bjRfZH9v7RUWwD/hmPVVzto4txNBhfbWxhNGit86PDovCyu54PYoa0dM3 +T6mQvHWBbi79MgZWEVjTpWMKIN0VnieP9r19qcdFH4Fr3K9jcqsQ3gGFoat8Ayv0PhVBrpkV +VoDG+xtWCdc3TXYLdSylQ6rgOD0VCwiaqzfPF7mN3a62S+wASSdC9EIrmtPcVPQd04JDhiB5 +viI8impVwco0GjGbPbRy8A7epZ1nR6091+6TH+YeWdxyWZV12Z6O54p1pJmI834NEEyX+694 +9rQLT7uQ88Kuhg3CyKx+4iL6sUv4fTWbHwsijQaWi5h8GDhk1ki6lcoizFtnvNaLj0NkHxst +Vg8yCjS814KBM9EusGgfUzDEoBdChrRajzUsnwx5twQ7bH+muDOQ5IiyIc5JAvXiYbhjPEyc +MYirqqi+w7CY2pxn5nIg5jlEip7ZAT1z/wycCrj4+9YOfkT9NrkThR+P5jWb42aav9+evtf+ +poWnMmkUTZXg1jWl0rWBYCQ/uCv9/jDJQf+JAhwEEAECAAYFAlDD8BwACgkQxsXTD3wvPLla +eQ/+KLW3xi0SWqQqs9CcIrUPV6TJ1fPo6Z4puNluaxi/MYxn/8w0EHvL9fKYzDkTzbb3CZns +Ja3qDUxjI+2y9zmkz+L4MxNjO9LlzvVkCA0UBX95fWv4ZreuclpQAELKKXJuQIgh3H+rU6nc +9bIadA8RoEljbSQpPZVDuIBYEtB0Tt0eafY1DHwjPaS1GUF07pu2U0WDJnv+sVjM5MFyzzbF +qcZGWllNbzcpGYuyhEP2i2OGsNxDpDq6dFWZ12xGcW1OucPnOBgtJm82CTdFSbaA0Gr9TnEO +ZdNmLnA8y90AOq7DbvCzD+1mcn61fU3Xa6zje5fgxplnCWh6dUjpuQuSipsqSkuVmyvAnkJp +rR5NXVm2+Jef02JSX4nMJatrJ+tpUTtCGYHk5IZdPjpKdbsPj0+5zyN+bmGUPRoyA7Jg4B5n +6cabQDiqfBSFWL+4kHycwvg3I07P3Ozz2F0p27+IA19MBkLxlHn127iuECEMJtHbg/pJocXg +z8X33iM2VOi9lvSZWypfMmRrSMrWNb1X13mh/yikV6JQT6VCM1HLwY4WsIa7+xM2HMuu7viX +YaQfWnKz5AoY+aFZJfe18AJsBtFaUR1cADrO18GmYPBaKyG8OM797dMbYOovr0uTnhIZXZgN +93Sdn3+kxZQmWSKmKGzLazy1rlm15MrtLLMinW+JAhwEEAECAAYFAlDEPLMACgkQezpKla9j +Z1UlEA//c43nMs10hHwXl6MxCDVRPYG3VtG+N7UyBs48RSRh01LRL2O1glp4Dy2izGeuYrAE +MTq1hllOrpBKVIZFGsrT8HXnIJYcYtzUZP0klUZUI0WzguKvc7FTDItaAKtP7lYeLx0IKAzo +lbz1QDP9Eom8q8PnaywcX3QssZ5q/f2/SolpsVeDu14F+77eNz2oD+fjm/q6+5aNh9SjJP4R +kS51+i95x7xrrQjGRth70eISfh3DxeJwrlohNxyX4Ewi2vXaJ5KYkrrIrLgbZ2n5Xo2ypCHS +bodNwcO2rbuPDy7wpbSCIwwo12SEj4gAKFP4NTs4NgPGC7l67YtAIv+atbwAk4eETAOnBEID +h95O1urxaoQdyTc7PFnCW/1/VFcbV09jF+nxTMCCtFVI+CdDUdo0vUl34IysFulqjxQz0AWq +cv2KUfNMwtCYyqMa2XMuSMCF1wCg8aFgzd8hSH6BKSuMhcnLEbxRRhjkfy5byHDE8srBejFb +eTscXir8bWfpQFKSAhc6alu5Be4mHQYgdODwap5Ya8Yg+s9Br0tVQcetIHStVG2SC5aybdD/ +Prf5fvRVU4r+Q8MlBoNzkngoVrxSQROQCePj/bQhAAMmYQyNi4clpK47p4yxATiQkCRyJIDV +LVab5FIYzv9+l+R2Xnib0aYqCTyeeGG7VtPl4evoe42JAhwEEAECAAYFAlDGJa4ACgkQzkFu +HzxCWxvxKg/+MtlCR54gVRRdd10wcYMW4B3SYP1QPcs5vdXtMn7rinByqqoD/5u4+rzJmUpR +g+s3Tv7/GSk0EoNiCRpgZ8fsCuZpUpJL01UXaIls4C58lwfVL2yEfOAj+it6VTm6+Gi1EkRv +TdFu5424fWw4lWRoDPKfwob8HUzIuYIXfbUKLObI6wkNF9HxOFEfzpkx29KIp2nvMykQEQlk +kj1gsu87QHh5tjYIVavjtFTwHzs0YM8G86m+P5/nygkdP+B2V9h+2Xic28hJ07DRcD/V+1WU +vMMBBqqccIXpUoyIP5Fpe/kd/zQoqyq2RuqfGzNKmZelXfhyU3FxEOKW821BDAIHrKBQCTsp +Wt9CNnBsu8m8EwYB8GdDR0CCPRsQtjJPe/OjknBMHF5djgd+kwVkHzTZfY+eIZ+bPubJpMQa +XCJIqSTAF00yXHAKNj7mBTjC41LxwzB0IelkWZ1zeNiJ5LxDKtHPFCwat2kg5X4YR/WFKaPQ +Fces4oRaAVr6ShIPC58wyVjT5eb0tix2mJor94GvYbti1qXxGHR3UcwMF1gR2yffyoaG+ibl +Ph4q00sLH1I1dvXSsf2RXzoATpW0pEwp5Dn7PlUFpVpvLTB22cDoWfzjV8nfugHWcFxGm/r5 +353kZtkcCHxClk4bsJTAN8K0nolfV3uVlExykuyFt+JkcCmJAhwEEAECAAYFAlD97UwACgkQ +BpnSooMaQdWAmA//SEMaSaAy8cvet8eDXlXJFWViqYXgkqyA/SforvZPP9+VKdlmhKa02/5X +lD9gMAJhEppkY0sF+d9PchAhJuoSLAXfSr5fEpOtnFzlJslTLKVRHikQXYsx5yCWV9qK1T61 +tQ66RYLys6O4s1B+p/fjGR50Ttw5yIb0yplEm/D3dTAbYhOXdrzoWybB4v0of3w2T1rd052G +TuGvgvsIZX9gkUbtUkLbg3v/htPWRt3tBXSfYCO5scn46UDaL9kiT+KReqzntJ8A6LucKtd6 +bC0ERPUItaAAYtPdfqYrFaDAjTyPFt6kVlOSELFyHC9cMpDk09p49pmdg0xET/DRAICXWdRi +A1nMXnr0/NK07Prk/IZ9mrPf4usm7uToSmgodm1PiK5NDJ9VXJwDo00d7zN9gwjJ42iEue9q +rZKD5WRoW2HpB1zAYgQumWq9AjR7LdO7suhevY22P38mzdta5w+QZ01lqZnDe4pNwCC1DoME +G2DKf3iymKZD9ST3gTBHXc68/VrE9qzOjXmgV8L9vsaA9rWiNF7A8ZW9xRyb/4fWus78su1u +L5bNtjk+GC93SoqjQfvKWbXnBNI363DJlDr8Kmr7qg1bdNntUzNnd2ffJo0br1YCQiXS3pMO +aJuKxkvRyRrAgK9TQ5inXXUyBowkYG8zzPr5EyCCLvjtrF5vitCJAhwEEAECAAYFAlEBBUQA +CgkQqjnvFaJgVvJUyA//biqhp4W2UuIH7JiX4is+SBqz3vFLUw2AP+zPHWnqcbj0Zsm3R3Y9 +goiHj8Kd+feXrY8vqGjqt25vxTRYZM6QwpoBPrvMLLtR5I1gUvjpzYKWpi5sXdCSXvf1aWxq +97KMoUL4+mswU7nFXtKLOsTlMUPRTFWqgt9OW4QScknLnbAkCH5X/hZIfKjm7lBVzENQA9rb +243YhWAQ4ZkjhngwqzjvMyD4CLLEFpKH+NPwje681dlSUmtQrlS7dU4BFqD3fRg6+9EnBE2h +VboO5X6jLkfc76JioSX7l3Wyb862B54lL+0nXvn1iy2mfSbw2Vk2NrDFIu3f5+TTQF9M2XOD +o9tYXbCnUmqFbngusEisXQSJExlT9xueK9YgCYgZ+xeRwcfH20VxN9JDolw8r+CZG1kFKi/d +nxC4nOINk1dvmZl9HGlNgl9yOaoqy4IPDCbni8pk3kuXKC+PLB8BdqHSLWWRT4SdVo9PnYD9 +60uyFm+GXBa6j3ifVZKWkfKVfgEXH/DUI4TbpfG6nfiASDfa+HQf9hHWx7UK+BeHYJqEheIu +6l5Qt//nXwz5yusjGRfkN0Ap4jCtyFRGiK8JRDAMZdRrG1BUklx6W539ly+yChQCcWUWoOoO +FYn2FM8DgE+YFMM45XEhE20+aSu4Am21VFNAHX8uG9wc3tVfVNctbHSJAhwEEAECAAYFAlE3 +1MMACgkQFeA1Q0nd3ANcWA//cwg7/wm0BHJMZMNeTgPEC7ZBToU8ffbQzYTYW6+Iq/ev4ssn +kS0AC5TbrUk9t7BV8pEPupcwUpybHz7Ll5uimFJjFHQxsdqWMw6qBQFABfXRdCJxyifhoOVg +3CPy+FwAEdUww5I6DZpTb1NsFG4gm0zvkr8L4ftFRwQu2BDGge+xZBoO6ESWrpq/NXD3IewX +ac0S540Uhki2b/cACi6/By3fv/vKzzv8X9KWcuclZtWjEAdVN/92pMg59AFyiWe+CsaWvssC +qbNYD/EWd0kpK+V/9l/vozQP57gUQsVKyjbcS3hS4DpjZHACooSywhKebqxqFnPfPmS4rC0q +YZFAH0wp6Bwg3NUgg99G6PtvUCdWYmQlSTCJ6rXBYGc1GmrU96H7SsWhHSAYS77UdrxN/zid +uExSfqkypUTwE1CoN6SrCh2dw1sLLjSqkd1+qyL4e39H9yj/tgbC5Saz3KtTLCPrjLWlmIAR +whld5AoS8RGqA/XBCwzGySA55s/ndCy766tT+ZsKp7AYWefg7KWgMeIeBEATDyRGiJSgd4ff +sWfv67eknxqIsI4BWgQ6eoKkfoFMArvba/SgEJm41p9zyMpmxIQYFDuRWR5e288C4ni8yeor +DeCRJw+MqVH0ETHlZjQQIo73SblNYjdZPb3XkFWteekFJiQc2zkfUgW8H1OJAhwEEAECAAYF +AlFLZeEACgkQoZmdJ3tJ+e9gohAAnAAlUE0hNVWfu6KBqO7mUGfCY4YzGHb7SUW3jj0p2xbh +q6GR8v8fSBIH2TwRuT2LgpuPEJWJxDxrHqW8cKCflp+2lFiqu8cbBNXQIDZKM8MmFdCLeOhs +wTgHt2q0qklkVMs6DdgOsC8gbX7ZDBENOW4GjJ3iIc+gxYas499qXKTjlhWDanKK6wQijZSq +vsD9TyZFIiQqma4OQcGeCPz/xHGzH7DTNJmYYElChp8DLk6qRf2SCGEokLVdgTHlMzAM8tCY +TekXyC+On5tAOa1nEccxGc6pSFsB3MNsFwxIDTs2NXnrqYb+HE2gV6Qd/DTOR6EDHB0mU1Wf +YuaicPZNLKZ9l72QPPDtA2wVA5KaZ4dsirf5YSYw/2+lzHyoPDNlGGUoO5b0NVI2BYEi4yxe +o9xZKDxYlPSAW1Qk4XUwnieoS24/FAfEj6+cztXL0U72TwGtOUz1PgcBxqvTAPuoDonfMRpT +i9yL7UuBLiKNC+TiJAkgiCHSzIdnBj0JQin+iQZJnjaJE31yGp+Lr88chcvZMFgd+CVCfBAN +Qh70v9m2ByKIADOKTvGxzf1LXu2g0rXSNzy4xvoDVCX2as/HQThnsS18L1GhS+Hu/IFutwgd +dMp2At/BvddwGAu8lTzPySxzPjlXfUb+d8wVwofgxvgepqpxkTDwfOI7kipQajyJAhwEEAEC +AAYFAlFpqYEACgkQaqBA3VDXZUF2iw//U1d76cWhyJMzNgXwPP6WG4iE/CXv6IZeBU5hXOEC +rH/8rzfKHbGMckmUP1yVeny5ju3bRn34/9Yvi4nHOKtKqjF9N1ZXFCqIc5qUaTbsHlEu0xF2 +4e4lN0QM5yasfYtrMWbK90GRNZ5iQUhApFc+g09SBOFsEgPITD9eklJOYAL5xMou57kGdL+j +lzmeM9+OPY9MYFtFTj9BsCp5uajolqahKwgzoVI0UHTJByZAxJX2YKzop6Os0obx0UBwm7Sl +08vfqqZw1VJm/AIoSLDFSdBuxTL2lKUkHp/2l+AGI+sGjXmNVD9wXedevfmiX41YM5si2Toq +/wrzuA3Nc3nSdzo5l4Pj0sj7nW9Ua1ACbN+53raS4s7Q02ttMiagpCCnPvunKY4cdGN7yl4P +4IUiRbw0dEXfUKb1CLkcVtwIIruD2QHZizhzMEgjXAwjQtxMcQplx/lgaUtUX9AqQPkk1sFs +qdCTbMIL0ouEWAnYJUOnh9LIT0SXJDTW6s9303BAfLblHCEfO1L4YBkgwJM2otUIt7gTcKYO +WGJDcNxDlh3GLIH/LascfS5kBHaYLm+lTEnzpe5DeHOd6c7gA3/YtM+prN3JiUYWUwbWvTwk +yIk5bhdAiYip+916/N2psDEy/JHVBMIXPUlY6kK6uq1sOW6ilsDZl5RFyqIFM6t4htSJAhwE +EAECAAYFAlGhBB8ACgkQ5rRWyvFUR9UpSA/+Mijvr0pz9uD1jyIRrRcHZw+PboRYgbaeCi1D +MZ8sDS+jWqigZpbuB+Rowa5lNj45Ox5C0l558T/JTInCSNYnwTFDCWnj1RsWSZD2sPvsVRBp +wrXWKcw6uzZmK5Q+o7aKuiU6ve8zLVZqjsxkfWxJrmT/XidTDUcOVmlJ4/zlouvhQoWsnCm0 +rehnc6gIOKno/uPqIbWriYjQhvTaKRFyCzccZ1MvPK7f36epZ/R/T+TOnHiIhj1InIMTYbxR +LQACokTbKr8XCS0u7bffL49jxdNtwcQ6L3EK2j8yCwAlfHxPvf+ssRwmOuGsumct56oP8vHf +WH+JuNcMpt99IgUTGRmxMKPuPothVqGuUKpSR1JBEzcC75/Qy1EUTFDWPsZWuvVc8HdyzEHw +FEkcoEXtxpu67iVFQ858I4/dGraPbgiDzRKj3JjiqQKDUvYuMMBp+1ydNh7KSTAnfE+GNpRz +mAvx1PDUl8/NzdIDsxAvBDJs6DU2iGS68Oi/GSzwIwWSpeZZNZJ2+jUx4EVJAMze/4JnyUF1 +nlLNrXkSGBG61rK8eaHl6/eWZFs4ZauJm7dfeeOnfDx2YgR0OFisiUuYYMJel4QDy5aSWRBf +AMMb0GicAV7fJCEZyYoVqazxfk0O8wN7TAmQM+7r1pGxaNE3tRcvGdz0C0ER6RUksZ5uv9yJ +AhwEEAECAAYFAlGhMi4ACgkQz58I/wK4aJrPrg/+Ll0/CsEWwvUmaThgFVp2RDtysYc3hS7k +k1szGap+t41KQbqJj+U8UNliKw87R0/D6TVrAxBL9+ApkqT+AetajYOSwoci7S30EuoJf4sz +IwUAB4EmcrSLfAg7+hCY2M0LktsBVQZQaiv8EshFeVxPQfceHURPAomuykHxgnYMFKnjRT41 +IAeEzbzVxEd4sAvlofqrUhBHZYPgc0XJX4e/nBilzvbN0d2Gj1nIQvvslIZn5EPxaHoMEBUh +NHnwDAiz/QHvkkgIMFnOmCdN73nFgvKVTqa16T6s4RkNhelDCLL9DKkN6mNDJ1UYPdpZ40y/ +2p0SRxa+HeRpjzXnWbg/9YGsbueuXfoXEW8jgIVdTcpc/SdSymW8cDBzNUeIbTwIDal1bI9j +lTPhxkZga/5vi5V6yLK2fXPP3t0oxG+tTUIE7eF/gPYtR7fgo3Tde9Md3k8NaO8HGkVTX8wd +tzyaQO+xL9wkRSPb62A9+0QhdKjKAKhrpo7JxXmDpEIXCIP8QITVO9wYGfbainrv7uuA8pVe +nRphxIWj7NBremgTU8MDZeOp6JQq6Ht1AcXaptuQ+O8Erkf7rGGL3RhW6EufiS9nHgRFv1JA +dtdR3QpGETsfFKvMJkyY0NifCP6BR5xxa5jpltSKA41dnVwfssZKiGaEqVXOz2SY56FKRQH0 +qUuJAhwEEAECAAYFAlHa638ACgkQAySEPmJrdAA3JQ/8Cs3fBMYos0Ta9cfXVHQlgNl/DO+J +pD2H1DfM2GXRSXbtPeoJt/Dki4EQJmRa5JNCNJFwC0qilpfZU+3qq4r+zUBQI7cGLIO/wLkw +MKmO769Skbi0/3EvUotjrueBVopHCp5RkQFZp0kFRhVhcGgPl/P4bNjh1YBrVn8xZsL3Mgq5 +3yizDx6D7l11J96XKKW4qI96zahVCwCkQgH9bEqRdTGjaS8lmppLS1JKQRv+b7nHmj0dD2pq +ViVEdcWbDLodJW23QuQXWLrvvd1/0RVLJixP9pCk4NUzlZ8IoyxV8WDBrkmNRUOnFOqTNgjV +UW9VIh0xpyA+JlMFc3ase9TjFFoCnJXpSiJv+I1F8TLl2dv8z0uM3xbAZRyu+oE1SXrTQjmq +8jeh9x5SZLUchHMtccHDlLlfm6P2LPrR7h67OgJ45JSgv7A7OmeSCXAqAiyhlyoUnj8E2R+9 +u/7mon5oZDMk84bw9GM85lefuZ46v6Al626gH8q98pDyTnJAyxXhaCZKfQD8P/jV88kztsyN +USW8I62dKG2iRIp1FCN6GHL5ZiOW61BuibGz2BUbeO3RShZfuuZEiCojdwCFhIC8BBVVbUqH +lvoV4XqBHBU2zsXDrf6XL5nY4uHdL9utzVnJ/lMmxlEOSQCVXOlzwtnO62qBWKLTGN6ZypPb +a5WMePyJAhwEEAECAAYFAlHsCmUACgkQV8E0ZinW7APKWRAAvotSoBnGMXX8eDL+/Ohm76ib +0iDumcySMC8DBVA9syVNXLxrsuktHlXy7gR48FkaMzetyWR6oT7EFAprFCDf62rzHU/OXTpD +Z119gjd9I4ZebtMhY4Xba/aSCVNQaMKdNcKaMt0MWShdGv1wLaTSqu1JZNa8ycdETOK2K8IH +9Hud1p15SaGZtrsxXUyM/7c23UetanYhc7ZgIcb7QgI1/H5XDHBa03ddnVV8PEOF/e7Hdaio +R2P/+YgcP8kI1Fd37uMBbLyE78sX8aUpBM3tGBiYxxe2VvNlV2XOVkWeSRon0vxQdB8xy6bk +cV+X9VL9DczT6whQ630pXcL0IUn3/8H/UbzS4pN73rv4Z/5jBx/RcVerdCshURui1wKBFzmk +T0+m8GuQ9W+g6UiWSY+w83hJZpk7ESzU920DOt+jaamwUh+gSoK/h2w/yF1iqZJXQkgV/eRD +wzF9YdGvLPWIltk0g738T+29ejRGJS2Tre2ybpiNaRHB6TOOh8Ac3rbmsUPXXKbHudiUzbxr +WF4/sVIK7SO/tArAWuf5qFTujUUY4QEnorXsenEBK9D4S3AZfKTyFf2o/1JMq5RWk44/binS +uGshfk8M9oJbUC/e3mqVGPf+e/BnCjvljjTLK9muzTMd95oj5sel642lBzBS9y9WI7LVbExy +PKHK0fSCe2yJAhwEEAECAAYFAlH6pyAACgkQd939yRG3vMvc9Q/+LF5HddBKIHfKLgW0MQIj +ooe1cR+fn+aLmCeXXXZEm/AMZ+z4SIJSfT9PE0IujoO2S2BZmsvAcufqVT/G8lUcWgDIRleD +4s71lDToUNhOa1K+Yh7KrxAmHGNLI+8Fu91edrFJIfzCKM3rdiCvjnY3/+4tP2B/yghVOWTx +8erZIymiKHlnUQXchUabf2c8DRo2LVqiEcl1/suFj67J9GXHIfTkzu8RnAthf0G6twwbGKHX +Hy6CDWQMAFbB31hrecqVD5OaiDBH3to90YbB3nFwq+GvuPuFDpSfjcOiJvZRQYBuf+h73BZU +YRkN5TRIr97+i2ZO8d2G72mKk1dBI+0V/rnA5BecyMtAab34QuKZ/pP7GgXMTiNOH3ugqTQK +h55BUCr2zojr1r8v8FWDh+I3AYmEcWHtFgcIYzcS4vXNZh9+5U5Po3nE+sqUUsEiJia+68+j +CSuF2B+1m09FKZoIQPgT6DGHxyHUrpfgkqeHBuxR9qTvPpVy2uXgqHZ6M9APEgv8xz3uT1C3 +LL57a0gwReYHHGP1EloXRtiCWDTDQ0zmifl4WGR+/QVBWmT0847B9D1hsYmWM1/HWpEG79B3 +1l2/0b3pH2IAVSQvboA+amo0MRNikX398rNsU5G6zKpSzeQOtR7Ot6OTrNragn0IV1DD8M8f +eb0Kxr+KFD2SMp2JAhwEEAECAAYFAlIF/s8ACgkQPP56sOMNmpUShhAAuQMOTSnpJYD7FjGq +F3J2WJksn071X9sHNMePiiM/MLUk7oKnB3jUlNC5UZ3dHx/QkceFmZyFfe+fEumpk7NAn2Oy +QVCXm3di6oFcJ7GFjSDqEjxDSXlH7yTOTtpurLxEjs0NSBE//DIegqAM9lBPJc5Ppo4AYgDl +5ngAO6Jy5LQHiI9GDXVYy63LGkzEnlQll9c3BUcZZsr3ufUcKikaGhuXAic+uTbRQND89d5R +DfwgENYwHSLuPKN4tZNa4ZwTh3B2m2mFwymBOMzcFIT7bFI6CeFthnKze/VvKpG/5bwBbwfR +WEYE6fcc8LmB2aj3s18JX1jWMUuowZ6mHzhR2yzUsLQlgxRh06nNiDeaL50bp0i7Xubjjoks +qX/zXKc0l2i/B6+m5/x09JdoXKsnV11HBjpHnsG3gBfFJKyD/9XecrQmO0aY+jdMKYc9S/9n +zOm6qQFJflPAkwiFQve82Nq94ks3asYVycl6rbL6uDaFLgiFBIUiAf74+oLf/5Z57Y5UCjYB +cyCjMIzhRfejIbttzvxGklMhsfgsO3kZbiwG/PJO1CXY/zulz4HwtPKAKVRbS29P8en2sIb/ +My9WHBrkqNlU8tDE5MAJbNoGPMTTkHMdZnaloZWZhhxuqIlj7+4iO4Rx7VrAYhi/K1xG/9v9 +MVA6WLS0sD0w8+YI7FOJAhwEEAECAAYFAlIT4qQACgkQONu9yGCSaT45ARAAz4cSX+ADN2TD +MFQH2Hj1Z34oaXvpRTxaCdHvfyw5zkb94eAReDt+x4maNGa68if0tHHzlv6wAuWMTwwjU5v5 +EPEMSoQUazTMlI649XBntxtf3DNgAG3lN0lxX0lIJQvsb2JIY/ddd7Cz8DPzSntEsQfGfm/d +rDb67RqBE5/QA1rvcOY5h69Mq8YOtT4Zvw6tvJen9aA2Q/Ae6072EcamrVOBLy9xgf8R1ivA +/Z97xSvI7GbJPiO9ggJ76c+zvSmC/KLEbbGtPFlw1zVBB1uZQ6aBjyP4TKxCJMnU1i0HBbRT +AAkd3ThAVu/EG3c7bURnkDWSSge8uHmH7kYXdZwaggDLhr/axl5V15bTmRFJlbOCTWrnbVGM +5Cb34ALu4ncTSzn2pcrlgZuTtyUKuEkuNy42IfWduvi9yRknUJPmQMvzxdUlJ1L1eUA+5Jpc +n79claU8yWc+EAh/sHyifzGYcYzih99Ahwozx1w/AxSarCIl68JZQ45/UTvXQkwylTg15Q73 +306tP8ChJQwGI4VGAoFHewrU8NShMD5ytxc3Xa3v2G6ndAL2NC6YNKVphHA6TnlFSeMy4e+Y +mCbnFOyYfBtc+1mmcKJriqzKZS/X8sj8g1AiRmL79ealXgfnScY7+DLSH3DpA3lKR0ThYS/p +jD2coHh0xlni4Iwgy+1YLpeJAhwEEAECAAYFAlIgZGQACgkQcQAxKElIFVdZDA/9HZnYZv3R +wnViRw3gqpOvkjQKqY/PobCvcWP+OyTfgQIcXQhvHh3Qr7yVOks6wADzI6/uslVOuVhF9LSt ++7iUdAx8vm7jWs742vlRk2cu4dcbxy/NN1vYl81gkR/tXk5lr8F4A+9M52rLE6CA8CL80jeG +sX27A1nWt52fAnsRmNGNbxizRMVPdpCuPzUjuoUjtq4qx0CK1DuuSD1JFbhkVyVV0pQ3O40x +x+LnwGnZe/Ti5to/sisYPguP8rrqY7KsfVJvesySwKuXw5z2+vTzbMCi4CojL7xSvoOm+AAO +mU+l7fHyXg66BTk/i7BiOxPZSpnIoM0UGQAFVneU+v8frSwkdCNFOB8ZlzJVijQBsMkkd77S +HiPqPKr/pFj5mviJgorhOYJEmhxGF6WDzD4U6HkPBCWrXNs72y8Ey0+AKa14AAT3ecA7ZvEB +1Mk84hVrppJz7VPal01mP6Ec3aIkKJI8mUJ0w2gmFY4UuP0tfQgiMNqk7h9xBMHv4cNyNPv0 +016hpnupoK7W4gAMWZF/jsrVB96uNTUKT6d/N1ZpoREXyzsaJcQUc0R0KRO4tj8DBtGlZre7 +YbKU+2IbaSrnW6OW5WYIo63ErrhoB0QUqprHG4aKtRgIvumf7hugVDOkJjfdpKu/e8p9GorO +mNsN0mHbpgEQDL/D8wXLPUCNY++JAhwEEAECAAYFAlIgolsACgkQotxWo3xxiu40RQ//QNQg +2voP8R0781Bv0aR880o5g5pSrDBvcLbzqrGDhxL2bEZTfWNvn4M8gmvuqlMTXGnr+CdmHg4T +4BkUyFpXjWTGhuAhSwC2FTAZs4xux/kgyrDm3ZtuPGAovn9dTqECxeq+TPz/TMagG9CX4iTT +Dosknj2fLL0Zl6lR2cZTw6wEYsJWGxQMu4TTSeYAOcq9J+Le0b+b7QnY2jQ654PVyIduciqt +Or/pcZGljcL04fa+NqU4ivupr/yE2xg7e49ypGtYunMe9b40Cy0U4Gy1arqHhtumIqtGkz6Z +3nNjzXCDGVDcwId9eCBVq6bc+a63NoUW4bJBCKLYbTWor3mdoxKPDjzQ0k+wjm4nA1tTKwyT +NpnFpRDLV3rVHOIW/qSj4XG5zvF0I8woCbNPQjN39F04IW+xNTttCj8/AQ5/15xOuj0fzonI +wbpe2MRXq35dgS/EvcAMqhu/6gqPkoPUn5wdXNyiYof+XuoC96vJr9BGdeM/CY78GHRD4ySL +BelAu+zgx978KMg19UNxeRyMM0DFzj8SrnpxxvAek+3neDr1YjS1pn9+Wvn6KIlDDWFwNeNK +vS2l4HbroPyCvioL1Ua0J/79VXkCUX3Lwzo3euz6hCAzai6j0mQPyfRdO1O5+7F0PbChPkzU +GrzKmu33A4BhC8ZKrSFLFxUuw5c/dAuJAhwEEAECAAYFAlInzVkACgkQO5UXaiU8tN7cwRAA +oZ7zWFJf9v3+6S5vHA1aYoQGD2g8jnyPRIGO1YdmT3LV+KwdK4ENCrCBZWoYR+KiP9Px0Tk7 +ppQkW7vtQ44kAKvtR0H6mYgw+87DNjIGTaj4xAEWimjj531Z8P7ry5qA3+SeNmE3rGdCBLrF +VMrN0Mo3XctlYdMO8r2AeCLPJcOLXhhDuOaqIfqiGJ7efMxp1jqPPO/JfVxJoN0+8G0oJe+E +JhGYMDT/L7taaYOclMl4VVPgiKDn0GaAdn72lypmjt6vasHgUpzCAMyWPC/Ee+LEQ/L40/aO +vGPsomK0xI4UgERX6h3xf0Udy/wGryDXpB6NcKplWsYYY0yVlt7PWBtdOSnXxzK+EaYbcUZg +MkZwhxat9mEAYoJkoZ0J7hywdjFyobVgf43BqsDBZOBPQ30+BsVk6fz4h+0im89ostshjo99 +DdPcyeGf4gmUmCvxDtyRAMODstmfsFD8/B6hJAqIRt6Jo5b++BytoPl7qPhFUeY8qmyVrwrA +aN/T2fVJZTzx2vXStrj8WNt7hePQUcCkrvwl9eggUYdQBJ55h56v6vX7oDj7YrOqDmaKa0UQ +BtFNX0L8FJgLr3AJpqhnF1kYgPhkLp7lwF0LRD4ZPwmJjqKMRI0388pznZybsn1nR2xeKVNo +3ovI2W1U5U4eM40PfwsTUg1n6rmSl5zu/++JAhwEEAECAAYFAlItw7YACgkQ9y/qgMowyc1t +oxAAj5UREgDrysXntWMM+clF6nsS/FHq9qttFLGXRqY7ZsnB2ykIP4lpV9NgCRQqca+pdzt8 +1+nrChggaYorW4c6FqlE4KtYDl5efZPlzz7SUO2GzSXKVXDt40HxSxShOtJLmRZpEKuSPzlE +KBlZeTrTqqNUHu63CJO1qHRq/kw0TcpvTk97Gi/b4LZSk1q2nIXBvgi9z+i+qtSj68hgVf0c +hA/jq5bU1SS+YzBpIEqjb5c3OShePb6kRHMSxJ9MVIg8cU+Iz3uUTLI8pBbMIJu+S7zLrWM4 +ofkQDmdrCvdzHgMoNiVN3LguNmcA2axdxfGxx4ikSAUV9qLqtMha+Jzkk3MmbRIi+ikdcffj +eiXQdobhvRmObgORKq+slNUczi0oZXeO9Ee6SQuaBeyHZW4KRZewDF6ygwmYjmEwOsX++K9A +7c2lBIdaz4m8CliZKwo6Bd+ClGYAtul0to5H0MZ1ph2oshGyEWtXz38U/E4Y7baSKQtzYmAW +mWHe1r1Cq+31mTTUFPu7vunX0fG/elwgK+Piz9EvdGo4uKE8aZy3l8SLWqaoyVAVSo/Nut/V +u5ExOm6gS3jttpSAEjFkSjBzsGbBoUm9WIkt9zQlalLjFN2Hh9XUPayylaqHqIoAsBz05hIK +GL+vfjXtxReM/hvHr6A2qqEjfJM4qK8SNZbvy1+JAhwEEAEIAAYFAkoOHjYACgkQwVbKlfAI +wzqIAw/9Fjqkpkq5xrGePgeaPmEixNZ4T+wklsT+F+nVdjYkxm7SyFGYT0rS0rj2cLA3Emul +p2QHJbwEr98XFiOVtr/5EHObB6rDYH8clFnowBCwvNGJvZvNOrZduID255KbaXTf6sjosPR1 +Iv3KXN9Qa5biNGVgyKpTUHYBhzRx+AWrSpsgbW+l/WJb0PxRrGnyQMS9U7FVJgGa4/qLrww8 +ok2el6jxfhWVI/gR/dB9490myhTsqM44i+qoiUTUr6ob0O4hqGmt4sdUzokG4fO3lEkSV6xd +eLGKPMoLmBQ2+3BmqtB1/kVIJecxYIrguCbxQclBzTgFt+2FirJ2Zfmh7Q049M0anWvaSSDE +KtQIFG1IQMkWZogVkuBD0851KLHmZZKRhvuU4F7A4kETR8mC81OL2ROPrd3JzYKKALs0opNn +J4iyimLBhlu9dJQmkh1qz84Gg4T5mRrzcsL774fvGTmJOycN99JzEgIhqI4mVeTEuQ/WZmNm +ms4/4KAyzxe/fHMirxtb9bT4FqZwIeB6Ne/Bn/JXhvqzplLOhb++NuoXYls7gQmWo/zBv7nS +GgaHD7xWbR8cSVwsM3PFo6IdX6zwXbn52zpAECqfs2mE3NqMzUasJVhbfYGKu7gf/K6uvTcc +4I05DnIYT8aZni5MHFEOyMkTY4thfZ58bNIqFZGtgM6JAhwEEAEIAAYFAkuJabwACgkQ7YUg +EZ/pWcw5fw//Q3Gkx8WmEg1RC20iISWt85naTzccuugTazZQfbH9Wwpa6SA9uC9dWsQRvEKW +R/LOXX7kPwp6laqr5RaN713KmkFICkb7P3T5HxJb3txfG4NXv9J4Y1JB7Ec29+PRpyccBCVH +mGDia0W/dSvIZutl6TzWI/x7W7fqgGVY0jDzVvXNyvYE6Uf0G2LuA/IlQag6afo8jIV65rAX +2T8l/lDTYXmtp+wRZflqtvs8T+kiTr8AUjZcHQnrnR9ER1RBlE4ryLua3gzw/VBiVwH9nWbp +Iy19xLjaRRaH4RCk1gd4ck7iH/etYRuWAGZO1YvyGb4m3Tiikh//0d6cTxPp2uhZT6cHiBPT +wL0m/PXYhc73KdG5oTDljwsCc/sTDoFDptzE1NdudGvnixE5eGRmmyRspTeyUc0qar0Goona +fr7j7G9PCJFZjJTkdHjLxBdyhe4uJByTP7Ez9caweLYwp/So/TKB19Kg0I3ZSYsxq6C00Pox +F/KB9p6Q3D7LH1QPjKKckX9B4oy7DHi19RGxCHduA2QiO/MAMsgzbc5cXCugWXbVqNpPbllK +76pPd4byH8rrSHU+HVx2YdB6eSPbjNcvK3p6VlLOzlgM66bF9jE68XKvas/Sr7vqWNPhqxGQ +JN3NQcEeXWEPP9lAdtwEZS5d1fnKVpo17gHGqiG/VwOpWPCJAhwEEAEIAAYFAlDxBWwACgkQ +Uj3V006OSNnq1hAAlKNFNl6ENvAkDiW+PtngwjWJXSqOKblsghF/6nhraXrdxUwYMB50WkGK +kjX5UctXMn6MqDjOi4tc3jFf1H10sa5Y9lxQoF6Kj+3v373ZPdTWXWPJMZgpQ+Lt0ASiUQrl +pHwJ1llMefmFV16uiSrGmPaF8ZFiR3Y97uAWCM7KwCzuz+wsTz8yrzUjtv7zVqqYrRGPyZ4j +insPKDcS3IccpsDtfqKNKoJlC97iEP7tMTHPPA4irdSdGnGrMqiBfIaVoWr5F49niTt66+ya +ixQ1x62XyrtZwJeyzhbVbYyq8/k8NQz4Uw8y/UZSv36CXcNptsd+inoYh2zGZLZQAneIroxD +I2rOBg1S7/xaDeT4rZ50FHAMhVoJb1dFXu5PuloAGfMQ4CcuYeUOTir027pgxNfF0va5/EUd +42V8FIqG11KS8OKnCQg3z+Y9xrjoXJ430UZbnwPJRMAdyX7uOs/7QUfvHCgYFQCHJ2Rr9P/n +FQIVkE6XEk0iUUAtcn9k/h6zKk2iUd0HSeb8i1LxA3ljJa/b1hgoGaFZa0vUxMNT7lAQLrR7 +m9clgETfLxQ7Nq75LycYUnjoTwtXN7LV1/iWpvjI4WA0PhX4Hou4i7DiGSYoq58bPiNNZtxP +KcevmpUSMWK3Z6MMMTZ0+9aJyDyl2gSIZbMosbn2MJTQQjoE+NiJAhwEEAEKAAYFAkoRkmkA +CgkQdIekldW882Nz8hAAkg/Y2sm6nzTozx5MVBlfpu/3HqOOAOSTyiSYofUzcIKTJ2Cw9bG5 +PYNP7DUr2sSmncMOqgyIhbaO9LVvpKF/lFSEK/dsXov/1HdVxQTUTDLg3FuHdYKiecb4xuLh +QRsEC4shLS4uZXgKpAsTs6H0eruePWM/twFK4AnPh8JMM44ZNmxHu2rwxTM8yVOV06b5Dj5E +F5MqeKB0aty6bPRJrlGiMZs+reqNcPLyCAH9Fv0+aVGUle1cwb1PCTlWbAysfTHvsaqmTDyv +0hSEBLzWZZhh5PTh3ZsWjAdLbITMldPvyaX6yAI7yVHD8VwJQc5LK6dnqdgSTrsMIIwIKsUC +11+W3GT1hbsSLYU36yVLnDhgB7nHmOZtqDfhAZs3KiHoZwJzhyTZ0xkaZ/nN2UHqjLgBiAQU +lvQJwrrZphAcAFtq0f1L69C53zMp6JFed7QW8IZ/ZRaCR9m5A20rdj2RLT6xWjUKyjYoIrOI +hjlHBteAO2Zl4GsbHNB6hthQfw2P6ujvalCOYHtRQS1R2rUuQqqTKJX9HYvupR0sQRYDITrP +vnD+3tGYZFpPFfFwn0l5+n94UCxPQf/uvTCbw43n7lHxRfFUPzb3Bm8XmjXAO0s7DNNbhIym +iB3u6sbT1p0VHYKvhYoRCySx2dEDMkCJR75G6ffXX2pXer7qwly4lGaJAhwEEAEKAAYFAk4P +cdgACgkQJpAoW6DZayxWwg/7BWpaQtabmZui6NSsxEae/4FyiyYd5kQghdYSwnTNSYbl02Y6 +l99AXAj3+dX/Dc/5wBXK7KkAjNW6FCpHcdsYVZ5g9FJXsWzBJnJYp2CEm9uKA9LLYmCxNELu +RYZ2zkoLIStrzGKcMuWwuE35C3jWUZNjYx8S9cX3IT94U2K0qA7ioaVYVIe3lnuLz0UgW9x/ +21AhW4D3qzjMw7LpIRtAnHeZbQ7RYzaqlfwlK2He8cAuX3ARCzPcE6Hf33xk0rSXQjubtViN +2NbhrpWLpUAvw104cH/nEAT81GmV2AR8NAxNPbVekswK9gkbXACGGol2UcoOy/QxVqKVlWKE +VlhObq2jHFqFXmS+aHcYzOLiumkq7VC9K2MLtVBMnoXSkfHYolVpaDW4piQkkVi6/0AINCjg +csC+UZsj1gJ0CVhLUmHAW170XPyBLqR0byVXavsRa1LswkyouD2ra4lTp40qLSWaxB6WluCI +DVdPQu1vtjdXkO95MeWWjFRwIOWcU0+pB2I0E1+1CQBUBEoneVLlXpgNulHZqYcHLmdlk1Eo +78cunWbLa4595tspv69LRlbeGrwhewctltoY+XIg3OIeT/Xu0AcTWk5CMdbcJGce+EWfWRWO +7suP+8W9HWfY9Hmy2++FZNxUpyU5uX4gJ9qccxr70o2smguVGpzfPNQKUK2JAhwEEAEKAAYF +Ak8rA8sACgkQv/yN08Bt1rDuSA//fgoYmPTfm85bCbTf5cNfCREhrAFOPfj+P8stvcP9s5bC +XfYM2bUg64umf6jYBOss7WgYK8la2fJZ9qX9sB7xw6ftYbNU5GYT4drGeU7xuarLkF/gRlSl +ULDs7z/qg8XubMM1fd9UjWUQQS4IgmPOyoJgV0tT5TrtdEZo48wMNbzcoinFsd0fRRKQ+ZeQ +dxL/jZRrYlrb4CKkK+MkA24m9gZaJ/Qe8jMi37JZYr9HnH4p7HZglHPIUTqZ6o9DWjP4Oooh +Wv19eaADDNlhLFqVCYxfot5M6LYYmR2o4XUjEpXiWojQMUDLspBNuW1uYs3zdc/dyucc0Kld +ogead1Ut/HlsgDCXiI9BeddcbfKKT8/QioNNd1w4v9d1n0/fMufWp+SH7jctCIYGTlxZqXw3 +reY35F/amnoTtX4F5HuDXKh+8jEJ4GMA/xju6xwV+30aKWw2hGQ40XejhE2U3vVie7dhH3Gu +MfW+2tlpz/aAxz0yR2vyR/OPe9Y4N1F94gdWmQq5aVgE2MQQdzZV59diguPOduEVkmBW+Tmh +LlNq7b20Tmga54E11Dj21jg4zO/b4v4U0QEuTQg6FMu9GLx4u2OuTqCifEYtMHvzwvZ+gEsR +s1hIiWg3gcUSXjbLrT+CKfXgbnbgyfVa+DmNi4m6mhqBPAog6jDAEVIZ3JZvTSeJAhwEEAEK +AAYFAlA3qu8ACgkQex/UorSiwVhG/A/+Nrx+0AqxoH74BM92elmX1Sa2Sa2KEy5Ztnz2DQJE +a3yJ+oNgXdQ6rjp1rbeuNL6KveMVN+sl7ks3ctZjKTL9GlK1G5uU5D6QV5VgdMd88t0a/qLX +bnSwte71ZzjMkdVRhm0czmjTGeqscDtucyR17+8//SW3GFcLCivZm2eKo2SioM5VM2PEguqd +ckqgyvmvMBRNTMmpbpe9KKpnd9ytqKO4sae9iL3m1fR1qXISjSI5aC+cFIBzzho3vLI0aJIm +FWga0rJ4kON4EufVE8F+x93X8FNfYiwt8CvgK5Q3+U2CDttOgBlNJUbxWqKEYcCjbYugtkQv +texkxeayyilBEeLjLQFERqGLDcR2lMx3vKhL15Drr6y95k/gEzAplm+vQhRy2WWXnwL7AAWS +XNhMdXYzcCHBfMJrNWF8iWzl2sAedyEXgF2h0XGkjuFaO2nxRdE3gNRv8tzR+ppLsDRyaQ1g +EyIxBa2s5t33DYhHFrb1f1S7ZiNbQgTP4exKLWOn1F5lBURwr1SOEBQ/u+eUNdK0x4aMeDZC +9gut4E3Cgn1b9IHrNSxGHSuBfX1RgboSJbiK94QbOnCpbdZRjPjJat/E2n4ZFEHr5RY5a31O +JaTWtMiEyBgIrRVEGHn25usANCdIsXBnT99sTlp08ZjV3OroSrzV5hWzXcyL4NNvnT+JAhwE +EAEKAAYFAlGqHGMACgkQVoQn6UgBlqQKsw/+M5PkZEE2Jh5M9nmOsC9VwzK/Tj96HNA1kozW +17TY9PKcErVw97gr3BH7B0QiExMvrbIJvVhjPD4plyMYI9hKmf6qBnx33JkgLRyLL80T7lfi +UdIMXrtZV9hBgwdWx4hJf4os21azmMlLdxBpzfDcSOweuQyf2l3kbkuntgtZY8MMQBKCBD6t +06uGfeFl3jgjOCxXgv/6/neyEbFtZ6vt4qHuvVi9cmUbXfzMfO88ieh0HCKldNMAi/I4f0pE +/VV3ZrFiQizG+306bUpZSvXziPghH+bvV7HgVv1HqIfRXcLMy2A8rtkxL4R6rABLhQfbrXiM ++fBnvWfc7+QaUjIUPMoxEkreWP7Ne159zCIwKmxym8MH0mIdvXMMBNiavV9NYuRcfGD4Pcy+ +e8whI67Ded3k7u6lLeQxRwIWsu3GqPm4EV3NfdZKanz6+M+UZM2SBjGf2+Ez3yKez+j320Ii +znpGMnmGED6nDAwc1JGVrjEAWOF1jCQSlXExBhQk3jQ48KFyuu9y7p3WA7ZNrIqu1PvE7w0H +Sktn+3mUF+9XCSMh8OANfh0McsCRWD0Q68L9gRKwvtxv7YdEc69Wjwv7gNOEf1MPuKZV7vxQ +Zbg+AR4egYxh3iIwit0S6VhnOb5XRvMc+X8HmIv0sR6gCRS7ZpxWgGTwGhdyGK7970dFOjaJ +AhwEEAEKAAYFAlHHGykACgkQaNepS0yFrIFxeg//YLOkB+H4nFSDqaKztWEC+VxqPhHVVjJY +8d2uwAysW/5WZ1Ype1H2/R3LBAyhg3TAiELYkflJ18PW+aWHCvVWLbBEDfWnKAItJ0GZB0hI +lW1RdeOVFNCHevCMKUGz2om5mE6RL3AtkEw5GtKW8oD2VZAwgHrVHLKwdAuUgRVe2iaXRZz8 +EWbXjS2hANTTM5HkcG+X1OccChmSi7rnV6AL51pAxPk4wKpmp7VcohEzhD0z7N+2tjGVDiBq +GOB0DrZAPNqkYC2LGiDe+o5p3wX+q4XB/f6fUmHygVsUbPNgHDKHd8kefRw7FPCTYPi/dFXx +i50SWcESNyWCLw0yy4G9+upYIoDt4BdvfLhY7StVKrJEilEH2T3n22rxEMHfJPjHNvoSrulh +mlkXdwGxVqLqBlIgiQGXtDabU+w9JU9xWi5bwXQI+AIflCwBp4Rh/6f+sqdeTEXCHoY5bA6k +LEjXO+0QhN2I6YLgq02efoKlK4XMZXVAP1p+PSdPnj/P6Ew65ALnHQlTBn6XbnEt+FVuGmTw +HiTYeSCStgrrzu3SaAcUr4boZeulRFDEXjHj8mylVfIvjLuZVk7l/DmY3c7qVhn1U0NBKQgr +cPmU/6rmX+g26UJugYHWVgYIacDJD+gO70A+oggLom0PKpesBTgzFpuWcG9JrBiopGKmuh5P +9TGJAhwEEQECAAYFAkvlllQACgkQIJwqFayayEEtkQ//bC+OdCk8fHCxVTjZt875NQXi6Nbo +QjAvAEHvYCY3PxMvPIddeZbBlDudXC4oLlgcVNo3s9dYiKZrPLroUDlMKD+MlpYQYKFcOm0W +tNgh2yHPw1unyurpuXqNHP4+xP1BDrklHzuSK5HQDzDtdf1kuqpwkJ376j6sxtXTAqGeLyue +yB5S6PwdJmgjPJFSB2eNTHYERBNv3Qkauc5GPwL71kXq7Ol6wsJHCt0/d1ar2tHZ/UiYSBRf +GD43y14PEtXsc3J++6vjSIkR/uWVD4A5yPHssU+HemH23Fp6mUd/sj9/uwRA1ApauReWLfGu +pY/hso9kR1iezit1zZ3DG8nK+HoBVOhErlJJe21RHBJB82/9hsI4ZOskMrJaAkb2nDjW0SBg +X5E/TwdRGhmgyQfA2uLEPypp83rVuPl28YJpmGER/8i8tphvElnFm9QqnVcmUrpwVsO3SE2P +usXcmx7+y601zUtbMy+gbV67+Iv6p6AY5iBTPGbF0G+ZZCbq+3r9oYCCtx0dvxP/5VRLNGmW +W7lIhi0MO6mF/j84UaQfxxiJIHVApmSaR4GFo4nxb2EFhbqVmDYlOE7upy/agk6xnBOAL8fx +9dBR8vWGBKRCu7LsV3McwhAI+D3dSOe0r43tEIfT1d2SRkTTE/Qx3GqGMELHie0MQxJKoZfS +DTxBvRmJAhwEEQECAAYFAlCFrRcACgkQIo7MEsCPkcHzaQ//VrYjQwcMU9iK/6Vzkrou4S/Z +T5G/fXfH00kv6SOo0TtdrgI0/96fmn6VmrTp7UZtOlT5getVu0IFff+cw4iSOTToRdKdQH9Z +RAcYsFAZobZsmGKs6ZZ33wO7itlSnmIIPwZEq313ggdu9vW0TrHH0oKgzvTgi3sMw7sF63qU +5MMQDZMFP0KQ6ixEWiV4to1YFQwJN46iJZR2f5NT4Glxn4ktyg+uU7zcc2OsA2U/qn79hR5Z +2Az++9pAfoNybJCGcE4E/Mz5QXjDZ2aZf0ajMF918v7gAqm4lfpVoDcNAxYGvurhtlCSfAaR +OIuPwAxvPDQNIHVvItBhPZGFzVm0DSM4EcY0aZ8KOtGJ06YD4C+8To+wGn9qoJUaru04qn+Z ++7/CRYpgAgKjUt+4MxqpU2T+AgG3r6JUlNQXfy/J0Gx4aAQ9LR2aStArhi/RsQXQ8qmZur/A +z6xx11X9/t1u+7VciZgsgbZt6xff74Vw6RyER5g5wGsQGM5smXODyCgvmBMGr3WY402/+6Zv +KHghvYR2zL/qMsIYLLniftAx6EzNrW15vPHqZe8gN+wceXE3iILW8/VseZZ4ZBX/azNEvudU +76pATLIxwnguhp7IMzBViH1YrolQMLwPOKSNAn8SE71LC1m9NC9jxJEyPj/QUQ2j5Q5zQfrk +iz7AUhY45UaJAhwEEgECAAYFAktX1fsACgkQmZMeJdkeASw2LA/7Bdc9Mbaq+32piTAqrwld +b9mugXWV0/HNImpefmyiEmAq96UrkPAOdsF1rkoPcQwFav3ukqbCBo9IA0wYSY9DgAlaYamx +7bfnywK75thkKHviXjpEER/Q7UPKUfaSBk4yGDb94JPGLnmQdK3aodFX6WcgsAbLx4D0D22P +yvmCx15LF6RqB8NAaBPWR+XQ57xwLitutJWIt6SV2+BOV3Es6u0OBalGigMczfuZbPvQFnFx +OujE427R1fHsVO8AaiNf/jFqGVWc1unOmiDy8fMAulH1HC1SMcMAX8uaSvtzjrHmyYsO1ybw +UgQv+/ZM/bTtHRDCVnz25jXo3nIZXbZfEzPQYQb+N4sD5j9Apv8KhkkK98Nuq4oqfUOhSfEk +8vBUvwfuYJsRcEB6lxKw+zHV60rxrLU6JFnEXLgGtQExptN1k5q9DJJjJqtFZf2c2060/ito +wZyno7hERaG0CgwSCjYWJvmOHxAawwYQViC72usHW4uiQT08RBh5/NeW9ksPFofYjegT7T5I +zsKp0VC3J+cD94Xw592Kn7rT0ZuBsNXYiH4BYaZzLFzXLcuyHZluF3G74+yMHOnEQWYNT3LI +2WtT5qsfiP2mqR3q4aD/wDZiMB3kENZKC6DsM+sVI0GVMy/nsCN79KiD2SBRg3hf4UL2jUYx +t6Tq0eFxPHLQYsaJAhwEEgECAAYFAkvNqN0ACgkQbmW1k2BXIco2uRAAz+F3IRQEmpGEGKK9 +nGHquCmibgg70EV3oAoqCaUuT9xmPVSwwzWLywghOiHDLgDP1XiNzJA1X4QVAMgJAcT89MXp +A8T7Br/rzqFY5r3nT9f+iVNDawk5EWh5YbNiPz/u6g538VBb8paSAl2OgeLbIVPYhgu0X7MB +XjylKMn15Csgwzs+2DkuYjV5MXhkX9rAxZ+NvpUx84SU+4KiAQAZHJTbZkHZ6E37peKBHwmN +bZ2WdI9uoBcBk0q53WENaQgMjJVz2iS9O5Mur/kTGDx/ZgF6VxO0EnMpE5njTz2IOD5AqGU3 +QiwMwtLLadDa5hZxAazEGW3+TMV6nARqA5OtrYxwzrgbpqe3/GUMJM5/YEaN1bxfmTdKV1sx +BfK57B+SjiwDTJH3yr/A4oYcbYaoGnd9cc4VOgvHCXiv5BdmQ4xOxwMq6cW0HmfKh5qdlfaJ +Mds1nEQU/Amwuv6WBHhMCFOwJgc5mQ4hTPkCqbUdGrWn1ER79k/LoBEFabP1sSufid9Fd9FG +GhVFwc3IE5LkQTASDced2YkmOTgUCsiMkahYn5a2T9Mbxi4XzsqWwjJAceRTlKNZucWASw2T +GmyKKjucx5xHoOLPYVUj7tkEKXcGkJHmPQIxHyZqmq4nQDjdYj6I9SuUxX8yHRsfJjNrCOQI +FF65Gm8Rf48wOBwmKVOJAhwEEgECAAYFAk3JQPUACgkQnKoOY/JPKbV26BAAjLzYHfVALi6q +BQoqVxQw8q6ni8AIhmDNCnuNtg9XO0FTS5ISA7ZBo4TWzCkdmi+z96VWM/BuzHa8TBMeEYyi +pPJzTxUYM19uXFsdxC6MFZCLNtGkFlSNSKd2NQFc/dvKNqQmCuBwhEvXcCGKTU9H5f/lRzj/ +8bZhfjsgabY/bUYMwFsf4rPgtnEwpV/YmXq6myYeHrdptHbp+CPGqdXl2wq8F7rwXGNeG2zl +48ipnegH7QMQAPf99N4hZ8vSVFOdiqTedlXxo01boorTLzaLaHdeV0knda/qHyLxgwjdWh+P +Szt77SmkGHC1Y4sfB0OcWRNxK820RHfH3VUHy/eE9H/XmOPnu5Qf20LolihlETk7mOxi8lYE +dfYG7bekSVlD08xFcQN2asYO7UdwnSBU7e0REINIDTDGrU1j3jtRAMZnP2CwgOun5lqs8nj+ +9jOl5s2FMF8rSxcXmF266XRSUmuVxOlvyddVXNmeQagpBc7aU/iXpgqMI/XlvnPlLGTUHviS +MlU3L2AKxR/jBUbpDAHD1XxLqIVSZwQVEQELjshrVL/iuy+UGTZ26xMOfDreQKoRiGE4nJ3p +OzQyo78uI16BS3gvS4WmOdeSsmSUKoqQQaq8y7IU+AgGeIDpDzDUTBwgNXb9u+8lxQAb9IgN +F6DAmhOEtprsIqhyipTpIXaJAhwEEgECAAYFAk7KwmUACgkQ5tp9NiqBGLdTvxAAtDCucfs9 +CN7B+84wocezB+Q4hsAshtJhxwm1z1eYsgNFsYqzRqmlJR+NUkt/0kU7AJ5tqLCGiih8E/Rm +hbOMRYL2NGVjXSDChKmhcVDkGY/Sg2hrKHaHJ+jE31blZuY45YOADKNzOioEeS8Xam/WSu9b ++xn6FOP4rqDkCqL5EY0y2KxQ1UgJc6jmTotm9v5tdx+oIwlkV9Q3ywlsjsz0aFTZ/UCmYvVf +ALdn+NB8nkvM9JPTgGUyAY7spp9WYwSeHiLnP5VxmxJegr7bfDFEScI6ILT45BeMtOyEdWju +7O+1VSBjC6UEuBnHawWvPHdOCe8fz6DcI0otxkjvGTYsHZu7dpittc+rpnA1He4JtEXQOUKy +24rH8aQnRJp5JlZkArdnvwIDfhG0ltPMBQntYPjiuwGrEJ3esocpOGUxRN/fmcAQGmRsifov +zSGiZ24JvcNnEAzApsdIYz2kpDy15MDFLBODeeTxgQiGaqntKh6Dy8LKsHOi8N1nEna59wEc +dBrQl/VlqhdxWdiQiCqXA7CSEycUvhoyxaNDGg+4EQrn0e7u3uEdWlnFj9HhxGoNbqE7VAKz +C+YdG3F9GsrEJNx0HwXGc6mwjnFdq9uBxF5hXg71+rZAZMd5N+ZPFs+rfHqC050JgRLH6Jp5 +vhEt8lFRJemN1TdQauZ/dLRhYrGJAhwEEgECAAYFAk9wa/oACgkQNKgCFh+3BeV5VRAAxrwe +aPLq89bTJ7Jjgc3rxmOq4VbDlE99TSKlQV46dWKxGNqLNODvqG6r+beyJKNVVcbB33Afm0OD +5lWghTqI1YTwiuZoPegL2mfiP/MaFBz/3OVlPDcJsVWKyWBKu/24hchWPjKJ6putk6EnWQoV +zRiNbQYrydQ9CNAMcR9PPXQfNI55wKGNnESfV4fscpiP79yNiGzsRsypUfPH1BRjqhtgoU7g +F4d1An9gxcV66JhGqK2LhUxrxk4Fg7YtNmQjl6KlLj7cbEfVa/hvO/ioLEselkzXD2Qy1O/g +RVc/3fGlq3NnfJHSbrTzSh4IQpCV83PR88Ic/RZX2uJFOFKSDLqqSsOn/jyPp/WEf8O7MD4L +AAc4IN2qcfGpA5ONGzx8BLPSzCOBRApJTzXXq7Hjk6AllGjrIr0fcSGyznlrSXEA1v/N9Toe +TwYqV8pqqrLHnQgwlqvA6/rtb9IzANUdgeXaO5AqF+4qOlX1B0IPNbMfj8+aS63UfqiEHfCT +bOahshfrCa9OmTgSax7J1wwt8MkhmR8kfBQ8xRzT8yyV3Rq0cnt0cbsKpXIm3pSdekvwxp5D +g2ysaPZnyUIj3+HEFAjFjAHy40SzNemGQZXgdJw/9Kk8SrEJPEYhp3wOqUDldaEvcBD6jxve +qqKasab85KrNXdNQ3S/fXey8RQCSfIaJAhwEEgECAAYFAk+fzhEACgkQmr/TSRvmACJ+YxAA +sok1behaHzVBpAumknI44Om7bBDxB4zk5qelR2n2Ske3sC7xk4zv9tCjMsxHMnPnty+1RT4Z +QbEPHwi9jwpZ5zRePOkNTI6hrgG4weygvtm6P+ZB+meiUPc9okVhaf26/3ODbV0EzCwbbZN6 +U9ZfNHwWikgNoV7ax51jMfD0u/RgJfY4maQduGYTjpSyjZkQii4QHW5cFfDuotovmz9CKuBM +djsEtcXrYZz5VCQ9sdOwvyyvCH5L+E1kaRdDxhwDNMY2JiKH9WxhL67AQLaOygdaWQL1TLPW +0+rPPZYpdXvrk3nNE6Xf5jLA1i8KJzppYA52/xtEcP2diz0l3GB8YDM3hihF0AJ4wlacMPZW +6KTLBOXP0SHKpRVnxnOUK+LnsN0tqZFCa3eAr5r+xSq4lwjjObLVkOo34MLfQVVa8dv6Wult +UPOqxp0I8biMZdfaUer83psguAl73N1LbIDET4OfHEibugguaJs5goy/KX/r+4J2phHSC/bE +fUEbpo42kC9ja/jn0rOH3lP/ZWkminrpzfZ2OsGUqUTZhEkjgiY2pUWByuSM1p39JCbPBr+a +SKZz7HNIt3LqFbhkvm+S2sOw0dru8wFCC/XmUWRHXh7TX3xw/i8qT2rrVlydHV3ZfiiCqRXp +jmZgHfBkh6KkvKZQL44YvmmOZtMEX2VmbqiJAhwEEgECAAYFAk/cKaUACgkQqPLEceLAJi3j +ExAAhl81WAPc9UV8gk9IonKNzi/xmUT2jIYP89mxhBIpM0rtCdCjN+YqlhHQTamF4yvTpt02 +qDLyKyDqgEUzZ5TdpjGKJJU3o4mISScBTv2Y3QQHxThiUUkAYs5SeSDjYLKo+m2BFWtO0KU4 +qSrgspLSORMuVpb4IKKVwCeiwycz29cofJPMneJ4zU3JpO0/A3S04RsPay5XeZVJeeuV13lR +LhF0ZQgT4y2VV1mQVkP71nkK9qKF8Jy4ZqDIx86vT69mf8JMOYtcZ+8oswqS7wXWcco8k2QP +iumuoB6LjbkdGUZzYczeswoCud8IPK+Axrra6FqZzcGMpgrw1qHKUeE42k0porLgKp8/SPih +CBRbZJXTAINLYygtHggHevOOuq+NerzkMB/8bMgo+Yc76vCPwfB3dhg4j5s9nIwoeVgoHxEt +fLzIbiGB9J/JidFRpSx4uqMt8MXx24+MTZK20r0SrZf7g+xZnC0rIumZjQVwoM0ewYZDUz0f +3P9IblrGqP/u4lk6TAEdW5H7IROPqsVDDw7+c3/Ynxgo8VJ6cZnDMJTdUG0NOSXLQpMI7/rM +gbIzD/4vWiJ/GCfQT8erQfe1J9iPNBF9zLW6GPVd95us4bl7TIys6nK7eGWmOyB2c59Z/Z6g +skewGmvpSZkH0+6QaeNQl+6rM/y3oeSYwmz3jDKJAhwEEgECAAYFAlFTX9UACgkQLoWA5ZdN +WPmZiw/+NGQLfHjqI+vxkA7u5Jz8tyUtQezAXtPSBRUS8pIvgDcWDPyYAAfp6yp7QxvYV94e +qf6mzX3qI9SA0ULvMKE4wle+1D7Hj9iego9qLEt+EDFqWYpNHXhRUAQyjBEgnC9spbDCgKJX +1gnmIpkYL4+VWpLKVEFur62GxnpeZal0PJOkJxfdEv/SvJje0zN5Jx2n+DUIZ4ii1Tn2z/SL +1VN+9txrL3hcSXWXLGErFaaDpzG8Kuleal3ReB1OmzdVa0IY+FFguKW6IQ+AaY3ImOt8KoDQ +ng9g5BEA4z7wGJVkK8+dqljuwBppbBVV7X2OR4N6eonrBYbmhrLGbwSHMdBr0aXnv9hjeztD +JyJa6UeistlknYJ6uEuel+2eUS/1+6oiotdZBdjWdCd5daHR5qlNBSGnoEGgIslKcuHqWZ47 +kL1kSmQbT3I4JWhijMRRXPLyCp3of+5WvBP0ksZzHFXM58YM6eYIHAOUZSGo8jl+UV6GFk8q +1rHbOcuqqQgQPUqi46++Cp1vjebkUv5CTBXI1TdyslHK6EajIt5xhTDyfeNhVUKO0oAAOS3Y +q1gBC5j4AuxVbAC3anHRdxxUSypRVPaVcP17roPR6vtISvQ4ZwaE7yLQ1xG70sJ20dp6HSJX +8wNCYcrEPEADwAHAdsCD0KcLx1yzQs+9xQlXEjjX/oeJAhwEEgECAAYFAlHR9KQACgkQsN3H +NTuARUZ/oA//fdN0/KOut+bQvAKNkonDD/IQn1mn4PdMFAwYMgCBRfD8EKrXfM5/8nIzvfvh +082y24TjujqD0aG+BYqHk/dJeoRXeGFHsxWKZ99j6MXdGD8EuxiMQHlFfpbE7UCYx9soxbku +2uweH2xHLN77bqqZuD5LT98pOglgcxOou+GVmIsSUidw5GxDQy4Ldb/tKoJklNWyr+QhA1fh +SbPexA8Nm6YfFUfVp5WPpkHKEYYnGzUd0GSKExefaupL3YM1vKmu4NEjseHUp6jeHr/oLsL4 +8Tq6P4adcnva8/OWe22FzajHTgrcQx79M3+5d955iZUWrZv9CHIPKnHg8n70vfk8Ala0YROM +5qErgf1bIohddUioZ/1hkx1DrlNRTvmZK13MqOXJrelFe4UI+SIl8J150wZQDa3+ukWytDFh +oTBeQg9rVjUp5BWCYFUV/LM6iHmOG4paxF+dEmj507qpT1n+rFfduWbqqdpFrN5Nf8sqR0Ka +ZBnIC+sRuCJJmtrYWDjMxmHeKJSpb6tujsAnLl7nrj1qFKJxaWXXseDktpSvHas+Qo6zCmtV +d/9uKwAMkjFa+7tmAT2heGdAPaMV1neUDpKBhADs8D8yfgS4AYSJHvTI4+ed9Hm30n9QCEdu +/sovq0ucjTsPV5lrIoscYIhVy9uMT2vNONobNwsy1Muo59WJAhwEEgECAAYFAlHSnekACgkQ +nlZOpTB6JoEudA//cy2hl7HD0J9CGxXXeXmclYXNV3Ns56XCD+v7egV+2Sqi7PWRbqtFaBVd +rES7ESrku460X5A9+Ey+kcsRiUuBaP5F3lFLgzaIePgJ8kT9t/GXnyoKX914PgM4Qu/iv/Ql ++i9eNDInKXwcG8cGPIqyQVq4By8l5efywF/8oazpHEovqCsDFWsJaePRFjN87TWitlec1ZQ5 +ErnLNO87cenpJUVdqHZl6ZX1zU6R5u4eREDeCWEVA5tMoDn0jqcryUef0toarqxZC47CPYO+ +u+Y/zsU8A3dMP4mg94ie0ycxiJM34Wa3/uH3bu85uKgoxXjFH7Y/OS/F1pIuwfE/wY9NuR1r +iPTU6CsSp1ZWk/IH/gxtTn9AiLTwQFKVLVq2s8KC4qnmMofTSgmeUOF9Z/MuMppOcV4jmkRl +L8PEJbO40u7tXqRa3G8mkvyc/s0KhVf48Xyjrt8eSUA9wrAMyr17BAhxED3LMzM9UFaCx+fJ +PvhG4N9HYN/2eoCzqhQldp6z8pDky0IwvEsaiUu4Mm9fnbUmgbfhQbpbk0vqNSC8xYTzffa9 +Ih0sLc4MLqNgKGQVenn9g7uPcdR62VohqIpchQ1C26YoRhMxBs9P+RWk2b8hr6f8z4U2YrlV +CcGvCigrG85Q3+Uk2My8giWgNk5ArkwvJqRN+e2a+Xri6eLXFsKJAhwEEgECAAYFAlIbOpMA +CgkQEaxj4I6qY/f10xAAg5q2vE0NeUMsiuVbpVvPDEFcO/CHSE5hjx+F+llqaHPx4r+TpvVf +aOQSwZd4/S44cbypyqLLIXOwBep7/H2Z/q2PfbKEPjpJV81f+Bc80ol9HorhQrBBva+hJ9ty +FaeSgx00quLA53zR/ZKCimQmxHDRgwdHKjXfLXFvbDzj7WkK91bAp3FthT0VZRNfhyj98cyz +6s+k2OwLGDKaPI5h0nvUVVN/2bqvx5x4S0a4lO990mxuEFhm2q3Qq7ZKcLOV63bagVfeEM1R +lF+TEGSUw0eDwaqfrD4MHtNU/9s+E/IA0Rc85lFVBp94FebJ+sFgEpJERKVq6ZjXL9NFy9MV +EcODGwWQHcK4tbX8k1X/mbu52uqKrtSxXjbZRb7pR/wxSHW9v/V0xikllib2ZSccPtge3tAY +Cn4+NSScUSt5Y/PDfI4/9YnD2bYtOs4UfMN1dcTiDsvwQgoLnKf/cD16oQ3kmLKbT7wSJyJB +07pcn+PtZblSWCGFyKGP0ve5MU8hsZU5DW3J9iSRf1i73z+eXHYDxlPr3oqBIg7153PmZvQ3 +/aRVYcYriInYbXbYahyX2J/GM/NV7TK7fAaXktyuR4unWlXnBOdLr1Zj9XjuCaiPvzU96OTX +Dzk49ohQ+R23E0c86vSt8tiv9qdMIGGRNihUthaeH2WHNLur9aKfaACJAhwEEgEKAAYFAlFD +DfQACgkQtBVrlwAAAABoIA/+PANRepmxZFk9yH/vaBSy8GBzpUYciGr4BcU9aIbLt6gYYdkK +04Ei2iD0o1nhEYCsB6POTqsDaPHL/9C/CEyA3N6r1lIUxmtXfa7Y2n2DQFBQZDUhqqQqeC2d +gF37uWdkWvnAm7Ma7ZdF0KUtbbpZRLX1yK6EoV2l9EI5rJYKkyKoZmp6tRA/EkT8uI7VJWLw +rVEwfOvLVpgffUYGz7fWp1D2mMd06/AuXukXeqek1DnnoJG5h9hjrP+Fu+3EP9gcbd/LZmKr +NiwhVTt2B0dXulz0RBlmLMMtVso3G+RFwuc4oILJDKQKYanRwV0EkwI4WGZyYgoLtDjsxrRT +n3w9CjamIW3K7xBK8hgB6ME5qSN0OUeLxMG0fA4a8c2qPXiVMeRZn6wkm5hWntBC90rAcUTq +iiZXBUf0NRl1vYNNUtxbKtQIGgWcuH41W8dMrMOht1V/ua8Ye35UDTcmuPIjcNUYkQvRRMB8 +E+kJ2bcq1cMuZY0M3UM8ME74WQAa+Fo48aBZW6VgSnjt0IEsCGkwh7BCEy+r3RIdO/GqGn4A +AR5U5Td9wF09+oao/EtoaSWTrb0TADHnoUg0WKQtbP0DD2poXpjKFyy9pUVdN/ytGlVKttyB +wTDlwmMAp6ygG1235zHrKDpRDi4erltmekKs7a/xA290edEkA17/50a0aISJAhwEEwECAAYF +AkqJakwACgkQsa3XYxxADrgvcw/+L17IWyIOuZhKPolVPoeQ7GBbkDv9OhBjsiHmbhe4LHl0 +SkvUmr6eeJruamXlxiFqglNa5ITOXGG+GKO5lQCUGanbZ3vTlfOGv9Tu6hI5uJOsLaHDqGvf +XjjbOCox4QmdiS+SD0v+JEnt1J0xbfkH76uXqWAZRf6AJsqH8JTO+Iq8bhzrdWh/bXHDvrO/ +RQAxwyWplpxQhY70W6K3zgH6dWETqmZHgUXZ6dGq+7PydHAdV+zyff2Cb4zbimpV0+c4ltI3 +YbzKzSnOX14gmweEICZkxNVqGFM0Y3DFUBCyohYDcNWdkCUB/s4uMXKn/a1teNRyyrdurDD2 +C4cgV41mz7IYdpN21yk678uOF71lHuMuQeho8TMKkEUdpVQkHRCpB8XubRmW8Uz0oK3C4znv +EblYsl6MY23b4ejW4hG8TSvkaseISSlaOK6jam0x5qYxqBbDJBCdEFMAri8e1eIcpmqq0lgR +usIVg8I0pkbdz2sVYxcFKtm2lucCeX5duymimZ6TGmYsoAYjnEC1nk/5k6/mAtKLj2UCX07e ++KgqH3b9Q1PxrqjnL7fl861Qhy1iRiP2bJibEm/9Q3i463f6RV/6QyTMMho+d7l2RAl0pCJ4 +P2+8TzsDyJU04YTfLcjz7Hs1MQsyueJsxVFJt4+WucugsDFNT+FvZ9Y7SeR0LrqJAhwEEwEC +AAYFAkxceFoACgkQRKo0gP+zlqHStw/+LTwDfACeFzc24f5pM1GbYlZwh+niQbNnMIvxdH0n +CiTh6jYDWTYdWJPFjS1Gw8NdHmFLSN3BWUj/NR3AO2OICAelUBUF7sSCwIFXtphABiMhsxBk +zHccFOrlGYMFlCIzwFx6DyrANG4L9PMkDKbbp3K6SUhTgqa3PwwXoHVyzy+d62U4oE58vYqM +JhOlyj7yq4iH/HSr+52Cm5HuyzoJ70BfR2/1GlQbacBMnG5b+CARdnx1AzlXT8H2mZH5kONG +fGzLolS0iBEjBHnlKwV01iz0NOLUmfF/z12ZyReBY4JDH/HNtaUBRdE3Jv+paMhr7CS4VYO2 +BAHe9VgTDEe64TUUo4rOaSccGRNW3DoW8M5KBbNah70h8lukcOOtB/7biZpVZHviRkm7F9uB +gQPdXfOVoSLcbDnUKNQxGEEV9Gp1nA3yvAXTs59tT2XusGe4+KB6l1XsOiPsZhRtD05onRWw +3B4ibLY6RKrzURSen/5Iweuuxh4lttxgDTQBQW8h2manERvsJxovx8+tfsPmrftSSuSrINZ5 +eJKn4hq0q4YswoVGnRsEHffUr1oSHU9nsjwDhWoy/DCo5LFiSlLQBM2Q/3yyfs1SpQnzOCCU +E7ShYaz26bJP8l6VuO0a/4sYpq1ejGXuWXMRDVZ7jSwJyA28ygNc6OtHaom9KX1Q3Z2JAhwE +EwECAAYFAkx1XvYACgkQG0Jlh4Bx2uBmQw/+JtAgv2yGNeKIJIOrZtjmenKuT+cJ7pGVA+wy +RhEBiEpfinLXYUxdwCMz4QuT2m+2oAgV8neBiUrgAy8aQFDlYCA18DDfrXyXRiUkSazK/kZf +8QeZwF8rKtDzDnc2MnIvVq+4f52geor1agI9O0B4S+DXyXDrqqR6SU8DBPIre/ojlfxEVS85 +agZvUMdmzLttohD6RFWJPNXZJUIhyNVx69ntPBOnlQBuJnICoH0L0f7ZhlxWqQH+YbVyL1gC +1z5xPhq+fJXmH4htrwhd8lOA3+P+7TSdO3mvJInLDJURI40ibkyXHCID55/0A3MK3859zsH8 +0TSQZFUgQvyH3g4mOc4TfxYqqw1nyfb+EQu0vXRfzpIEOb4g/vPOHzGxA2/LXyRoFOI3qHxL +lC62o2R7w6rnri2bpFwlnf6xjxtUqejVTES5oNFZuXNivsbwBieLhBn8DCFeinjjIjnwh/il +H6Ar19LbbuHUkvOwuJz46T/EUCWZy8UFXG5qTRlWH3LrJcWPa/HaKVLbFmYUl0afwXv9Gk1L +3XnHUIVtnUaOXV99yf4t73IO8DkAxFoyonXrd8gtXi5bAVkDLRjszrzNGLZ/SLnKrKc3HmuI +ezFti4buxrqD+9ARM4+c1cJdmDkprbe7Ak9IQLInTHiHmaFzxY/+IUtgM5wUkd5/DHC/VnyJ +AhwEEwECAAYFAkx73BEACgkQBVwsHi1sJvlEPhAApr08enJqEgcxpcjpg5k+caicxdZjEaWH +/Z09HMrKkG1XZ8Yn4/lIGEeKeeJPtQJ68DZOcEoXbW+6Y9qfoa++erS1wSy0ndWEerPNh4zp +YrWjv1Tekx8ltkEJ5fuZFN4xiG/wpBgDdVqIqCi3TjDdjODwlzN6yL76cCCGmd8zU9ncDvRA +/ZPj82pyXehsSDXmHshAk7Xv4pmkwimAlvfOu8wjQ4Q6iAOH96bIDpH33gajLZlNiizRHVAl +M8ULH97Srm/uVp8rQodRM3kNTYxdewSC7Isy8My/BBXj+zJgkoBzBFZINdrXk1MyKEeaFY8e +T6NSeEk2CKfuZQE7VkC1nlebt6MOko7gQubbs6eIteNai29mQwkd0WOsKffv48goeD8mzHwV +8x7oauFMI13/eQeFfejGezhALfOVXShHzeNp+HbIPbTYgIenDG5YLh0ibvQeNBsCPrfb9W1Y +9w021bizu4samMKOuDhRjpkrsj14Ce0lGScoZNf53KgVPkBnemaLkDgtnxDkq4e02/eORcAL +0fov+I9iVT7AmWvWIZHE0C880BUE+AXuFNhh5VprFTBa4CR8EZsjahRia50/3WZ9xm4JyTFE +KAtZruKBM8NVeRMl6XgqdpIdnYHwHb1MRVHvOg5HrwrKlnJqq/O8mBj32k31lnCO8uIIQUGh +R2aJAhwEEwECAAYFAkz4JYIACgkQMuZ62qzk7daU4Q/8D+mdL/s01TTPYjrfZ0/evarPuFc4 +sDEX6XWdf9Mw766f3ay88bo2M+NW0+gatnr36BdzRpMwqOkQj8WQuTrxS2iAYVCvD4MufQGD +yYYgXXJwH9pP89J4zwTH6zm1mRrkjaoPox3zvJ2JoQz2TTtqEw2RaXd2xOn/0aeeLx/J23bq +7YF93mteE2wjIhz+saS2TozLGJGBoggqIhhgFxnq4x4pK4m0JIh3U2pjJzzqBVwzHNo85Ujv +gR6t1Iu0KO1qAVn5tQ6f2t+Vit+MLxdifgzGv8xADNHQAYXExUYnaQhMdOcNzZGEthKLuZ1V +53TXi/1o+f6LtiNYxQ9JXIVj0IBNanBG6xKDvDMmDGb6QOqCPZtyxwbbLlyQsX8ocHGt69DE +KX+Q8Hy+es+PDpmWhYoUN0fXg0i9oRJtwpV9JJEk4++TkIyW4rUrQoxbJK9NRYNtC7ixlcwu +bOZJAgHr+L01HJNW26puldPefjAzNv/0xCmB3JSBl6ZgcM8kQkGoH6WYqSwhwkWlH4w2Q42h +2pzUhBaIuXa55/0m1fE91njhdkLPNd4CBNdMIcHeiztR26t0VXFjqlWiBA68jVXdakCci/x9 ++eZ+oKc5KNh1BBENYIB9QvXX9cyT/XevxWO975rrFGjRUj1x7RGnNZq1n2JNsMWw/C7rV2yk +M+CLQ/CJAhwEEwECAAYFAk1KZA4ACgkQFlIUThuBz17pfg//c94hgw8DqoacUdzJFKFo7ZVE +fb95FkQrK7Gva+/AmvbjCQghi6XYwFgaP6OO/ofnAcw/qr3cQqmEggLNdyMCaJoLBY2eTUK1 +10dpP0OYI8WGN0s10vTrrA7kP6h8os+hm6nOmwTBskJLWkwPKMpCE4wGb59gm6fOFWFIBnjD +cbSGGDEqxCdTcL/PTMFR9YhhmtjsiUTd2MELkiA+VdKKfjeXc2X4q68uhbDw2apaxCaJHH7/ +wexh5zEud2Uj7gYQNUc6s38uisX8Loz2HeX5QfuuoelHavFLsQmq8T/gt3LsWyozMRz+dCJK +JzYYr2BzfR5drBa7aFexs+ZPOqCPl2R/J/Oy65QQ54O+K4PSJpoW7Deojcigc/qtc5i32Ze1 +K6J6Ufqx9R5l0w2J8eRzXCNp+nYxSRoutaj8mM+sPzmB8job/wz05EQDlGP57AAVtvM0xf6t +YrSPQfV0cj1tti8GHPlwB/qgaTuBjDS5VU1BUIKabQ5haukIRdK+3FzLPWzJzlo/YcfPN5qo +vE+/yzWc+z7YmIptdDBSwt/RmAkL/8/JvcfwuG9wdvQHnghG1u2LBlGRkwSI99C6mRUfNFCl +CZnTHKsXD66RZ6Xv33ByzPnkwflZ03hTS8XTiKW+PnKBaX/ZR/xyl7fBDX4+v8TFEq2QjZF1 +/SFJx/g/MomJAhwEEwECAAYFAk3CDbMACgkQa6K1zLbMoxPgDQ/9GUooHlozFne7jqcWtXQX +WORIIAR9qo9SpAlYFeJ/DF/lpviWHZxxMJc01iBLe8SZmGTD3UqOc0X8bvl/hN1QJtB+pyhr +ycA+vf+rB94DRf3USgl/Bbs7lsFx8cVzviTzXJoIHeIDOTRvJXNL9OR2IDWlgSWfpJyQOnPA +RUz1t8uN17X6PhEKz6zmklUCPlOIF05v82J8q6LjIFcsFYUC9YtC04VB0Hkj/YZLrjrrf7qK +WLLcJCHTZuyfnfdFHeLSSwqYILSJRMWKVm33T6XAFAwigif70AojckZjo3H4sqYp2LkW1X+b +xm5rtXVswrr9mgashXzEV0JbVHeT4HSx5by2XBZaIfS7Krh0kHIKEv9YWgmA9XrWzmLxOJvv +VlkW5TTHYP9/fPmOVsuUcwOIJ8iTxeuCRHGy5u6Ywalo/D16pVEm+go+51jlVxyZzXL+sJzG +ufId65xvDcESwCb61MrR4KlJQO8fr0ffUUDMNFWDlLON8JIBKsG+UmaQoOaF03XykbOATD4d +Ep+7ORoodvw+oJOxQEA7rIuJ5wEtBXzt/3RjU70pSKqDAF9pvAuJT/hKdR3xUkq5m0rQoB+V +Ce/Ua0Bu4fpYfk+X32ATaFAqqErXuBOxiwJq8Vr0acOukKWSia3TMxgZGNK8SdWwC1XXsF/4 +lwW23aWdbkJFcCWJAhwEEwECAAYFAk7RqDgACgkQBO8CLwwYucxmkRAAoti6kc3ofy6Z2lHR +uEFJMumYI2U2M2jOyZFkYe7YYAbOTSHPsc6sJqrngI4jwXdaaJbDOKm/AT3PMBJJ4WQCnaPj +dz31bNA9o6O4R4tusT5QXsC5efp1Fe0jZXMsj2RRD8NqLqqaAyPxftQ1FL7b0KoSYQ/etswf +CIUty0Ys2eAxxiLcG8vc2s47ExUaEOgUQQOqSXA5oTG/PeLoDHifr8tw9Bpc7eSS7Xuk9ajv +s7Ah4TMwIUF7mrk9hPK4SqVIiW3Nyo9Urn4ioi1yR+2z/jf9CxtVVAFqKPas0Q3W31ShyKUk +ELo9jrOkPsL15Rqwl+h4t1AyzBe5H6i8+QabpksBmfYyNxeJBGbsR5xHB05/llVkLR3vzgtL +h/Hwz+06ynyl82s6R3OUnIwRoI7yrGANjS9gtJNpmfYyeosTq+LJhp4BYNt4WxdZbfMj1dig +VgU7zAqiOu5Nv51tvXQiM1MdjMObGiAVH7NonG/o0rPBtktlpDNgypDXRaSosVWB8gr9XlJ5 +4Wqwil3MksvXWvWWCO6cBYDymbCrhroS/g+hwGvLck+hZ1FHsIlKh8qtWQKWRBXyZlAm4j6f +6lj5gOAguek1mVzWP0pFY4gYcmnD7uiyuzCEFqlERKAxrJsoCjpX3MMo38dqbyuJ3SOW5AW1 +9XBMYEcp2KzyRNtZSnWJAhwEEwECAAYFAk+erpgACgkQHzZWZReT7CeCTQ//XRIN+lMnEng+ +/1qkvinv8FzYjmaeAgA2kqZF0y8tz9UtsuyvhBlvmplRc/Hb+JgrgQrZtumgRZ/PsulyxBF3 +FbZ2p+IUWo6XpAL7ehEWBTvRQq7kGMBgRyBsPqVtgJ7KfQk6MWgKqBRe/FmYoMOE73SvRWw8 +w6NH/usYkLLc6AbBw31WeTu9dYYw4ADE/oRNUB4se8AjXVVdAaDCqjcfQgaddK/sUHx4gELe +af8tsnt+1a05sqNOFqG6qJy5ouVF7cSO8RWC3RUPzaQZJdfDhaOtBa3vYQNMotUlHJmouzgZ +9tmeWn7lMMbAE0XEGRVWi5BncE1Y+iF+JjdLDy5qbbPMQOpZ0jklDcj4626JoRVAqojRkM/L +n984mkL/ISX0peGsu3B8FNzQjwr6BwiBkSg0zCj+pwz2qne313eWU23fTUEf0GbQN7CraixZ +wAWb6B887su/c6kIpvrQylGIeKMZvcJi0dVIywpwBXczKxyti8M+rXI3KT3qmtxzW1UidLGT +bh30rgMZvScCdkUj4lusX17jE4YNNqoNOOubMbBgnY+q7KikN2tb2bYPkAMqF9JOvEToLHuB +xzwzZ4dOcWL0KneVVPNt5q4HU5usndza4VHvsJfcrxu4z6nw7I5hZsSGd9gzl+FGMeh2RxQb +mLNyy5KlKyJeAQn4poxpqImJAhwEEwECAAYFAlAn6fwACgkQ25F7Yc0M0W7VPQ//cZ7YUula +N1Nmak5c/B+9qLyAn7QM22+YKLt0oVChsNoBc2WnIX3D2oCRkZ/fkZhYTP41SlgLB+Oiw1jH +4A+2jmyM+Yptwv7XoWiRJYpwhIFXgf/f2e3xzu4bPCsvBr3B4xmALENkpde6X5i9z22BQIH5 +76A3tbtH+U4BOSxjL80JuGPyG7PTxXNhA91F1jItrjA+r34rsPiDW8l5J0cVV55rn5Sbzw6x +Isil9ptDApBvdKyMsfNHj3G5eh1bRv1kraRn9pjNSXxPxsGVe70pul8l4Iqgs3WJnN0t0uaM +Y6sg30Gtg5wcooaXBidFN0B8XXF2mOmgJqe1QGiFhGlnWGLc0lPZURxpEdWO5flmM8daNS3s +A/gNPPrJ5Z9e3MXZTBUApPr2tZghtXR7kHAE64gfQ97JVWS6UXeM/1geLsKw1KpgArJj12mn +l9+ydY9J+hWeICdmWoxZjPtqNpYs8EvS+IyDozBl0iznH5q8z3meF1n1mqGieURPBbM9nHiF +2vF/O0ebQ9+rq4VKcVr7yS2awRZTlx6h/48wqOURoW7ogXwGn1bgUm/RsEpsUO+pZQBvWELC +RLgOTggBeKsXK9Gddv8uT4hG3FEQBjX5kQADUx1Xpga2NtnRqIH0PBJkgsxXG4yGlmzbEnT+ +Dp4xKgNZipOik4NT3KwwGtYs/AKJAhwEEwECAAYFAlBohgsACgkQELqmyvl4Gfj2wxAAs94h +3qiIkBqdwnidKZ0cw+27auES5VnfN0utha7XuH0YVhuaWANDYx9n/Diom21JyYLrci4P0MRi +z7hxPFts0zK/31Esphl4C+TAAnZXMBTptKUd1mlKXFaLhJ0IxDqL/VyfNon7zPbnP1b9STq1 +tBajR/wQZP/nRoVtvoIrcQxpz0BQv2m1ulczFIwnRsyaTgYq2VO/uHow8MT+vBYHLHVBY7wO +3Keqpb5oVIGqNq9lHOyEBjGW3oVLiC/NAeKXYn8IRGdA1/Di/XgCe1lP+2KaMdJIiQQapZUc +hQkj4S260HVPryzIqCxeJbMxM/oZaHiopNpQUplumaHkD3R8Y8MJJERYQ2lYtzC6U5yKvm4h +s1czkljRIbcCQu0NtBJJZgt5adqF3SBGAzh6ZaYk6SUJzE4btmfLM1ZUcy+Ly0TbVApUwlUg +JikY+bbABqRmxvO+e071sEV0mQSBPpBvHURrdggqQtLNoUTUge3+/cpWWccagesSTwmLqQW8 +cy8S06I6xT4yHvpsZ+dnqLwRo0jXKY+ZKx+FBCrGNRUSzIqA/y76VthlhvOGV4Pap7rD/LvY +rXfqrH4CBHk5ixC2C8NixYwf7tIoF5USEfaC0vJwAtqh1DaACsX11X3mfF/Zmh7+lAC0UCC+ +FtF/I9pfBKVElwitcd4CK++IyIhV0AKJAhwEEwECAAYFAlBohicACgkQJ7HO4umba0zPkQ// +VkhIZ/Bz3+CwrkXLOJM7itDGjWCTNQHw5EEpXbqzwuVyBgWMnj73Dk1dpY80H5rm/idJfLJH +A9SuMMM1QMqK2U9rx0b70EPZV/agpy71jaFhZIn2RzdTzmc7dBrbuDuMVFd7aV2AXivqGkBT +QpnS+/tpjYQwC7kfnfzn2x23Cxn2RHQt47oA5+QoPnG6aeZ3hBv5l7dWEULM53uhzXqG3ZSx +uxTGjg14dL93JwN6MNSUi3KJ0YHbRUDq8l8b31paUOzr/nbw/FX6NofwV100XE+DfMh7zBTV +NwYLJr3p5T2XTcxB3AggAr5Pg8BSiGHvcjlxu04qS1ebEDZhaYyeqDZXwCutuJ+Kz6mrTTJR +GtlIcWrolzZ5+1ffJMcXH4H7hY9EAd6WInB/B5Gmsbl3r150WE0WL2K9NhOZHh11FwXuFziU +Jb33msqSvDznmT1u0eTL+hscP8lgD93fOeR6zWVDvTM+g6uzDKU3gnRIlhtMbfToDzsEA/PS ++6E5GbPB7pkTAJUCEVWLeehv8iHvEHMhGm6/1xQ+ZPgY4hm6MWqI7dlxOOIgDz0KjRF6L66M +Z1Cumsu+lhDOyUjZXJlasgZuNmxFgT+jEjFee/BJHMQ9/L6APqkVVqJrly9xT3xNeM31LxeR +Ry2pAxD9Gm+U1xe2kSK2in9bmZq92L3zegiJAhwEEwECAAYFAlBohjkACgkQ4Fsl+kuhu5Bl +NhAAky4eFhqH6lcyOdk2H5pYKBGKIlSYOeif7c4M+d33u5piZIaD6noOmF6MXNgMtXzZj1gc +/6E4+R3fcE3oJtK30SqZRgSwk5vUe4P4bEc6HwaTUueNjG+Xsviq5Qun5rIm6l6BeGm9s0mf +qy3+OkpTLLpEBNpXEThaTHuRdw86qgK65H92nbtSRlxwWe4+2CtYSqwSzmq4fMuVb5ELwykL +bBX/NbaYXxpCkFaqBD6r3oeSo2KJ94MZSRKJgpwI/hCdDNUBwGP4fqo8+0OPlfGI4wbwvUYq +mOg6y8KpEOwon/J355OmWIuweO7GDId+gFWWfiP1/lqm5Ry7OM9fQCYqrwY8LwY2hlEM1Yvq +Nwhh7ff3wFJPnusmIgpFOEet7DsT3X43Gzf8XkI1ju86AfSqUj+/Np7NBkYlwJcd7K0ut/L8 +XrfmjyPkqPH45rivk01zj6yzjeNV6WSEPcfEjBm1KoImF7TgtDUBtiTROwvPxVb+07DNYbgC +bvzZHsSqPhq22EtYiuTfZo2XoFyjiH4GP2p0Q/ke8Zt1qlnGQmjGAw9Lh7Ru4sLNWCAzK8qJ +ZsWGldLZUsvQWU4x/MYhKCSaNoKLSJgvhvf3lDsVjl3q0VxwmHga61GccOwkm+Y698MzbhC7 +zgPo55te86aAs7gNcp/prw6v0N6o2KX0mA7Z/ReJAhwEEwECAAYFAlB4b0gACgkQYMOBL2O/ +83qIRg//Wek0VuPI6j5zuKhC/z4Bwu6ke227HjFmqfiLDNuPEWNq4ZO33yQO/BonbKtObYYd +jixAttvebXsG1yNJq6f9OoqsBYewIhnYw7GIEQVwziTLEJCRNovC8PMB1zxxc85hFIJrNJa2 +f6asA2uxKEcQsDK9ke7w7grJ8xTHU8/A6qLUEF311Afy0XtzWi3xwowHCabU3DWgCo/ESSBn +2iTrQ2yusozJXBk3QqAfsi8B3rLkesVVZEZoH+c9Xw3J8Dze4HQjH0EPD90Vwr4iw50OWk61 +wMnbGDqwXmnZkmPpsYnEmdQeevvDItBVN2GH1qHy4qmZkAiXqRIcL+qmpYdGl72cA0qpo+gL +NmKDr83kpPnv/U/2ng5L9DrEE+EqSChalgYqGUtOf8P1a8gzlKoe118osY0LmCE0dK0XFlbj +5g2fUGR62jBf0WYASj94tO4IpCNid09tF+marH+dsCWpZkmiuvafMXBFRpR3dFnzaagz9IXZ +jImqHPsnabr0PcSXZKeZ4dRtcW/q3mAdI03Xeoicjv4B4IJUY1G4bw0tclPo9dbeZefjMDzD +rsctig6y0f/JjvKt5lfjg3JiU/EGuAjbLv+Gxud9QKwW5/48ZPynGIn44xRQz6HSATEIBSPf +RKcbJuRNeHYvDJ98GW2ng1UAuJz5hlYiHnlcd1uf78OJAhwEEwECAAYFAlB+7hoACgkQHzZW +ZReT7CcOhhAAiajCBLCOBjBVZWaBk67bkuYGmFlotHZixp8UZdUc0a0A3UulKgpLbcagPdqK +m+PKizQ6vFcZL+IaSFTteZMlcX9Txks427qhpmJVTT2wVto4tppO4UVQYllT0hnwohGwkeDD +1dgI+cAcDss/HPd3q8aGrUSbAEjNcWPJDb2JEt+A3vpXjd9XUqg7PZ006SYfqNdwDnaCiLIw +EOzy5OGTvY3CsjPjNRjPqLoutktSsJPUDAk2jco00P/Scej4IErr1bIt6TEpvVKGpM8d4Lgo +wMPbmltG4++pfPxI5JTfqNNagbXIQ8agbHQiz2pPUgpOgF6PUQVA1F/AAQrhKmx9XmFIyMsr +MbGxsNoIPwsTfkQzZ81IPfMw6KIVm3vvn3zZ+2fhKlsdLN8wmQuWH75h7MBxCB192h4X22z9 +v+k0x/Df0LrRXacqM7vbW7xCAtLzX0x0bzxzNc301aoL7WjTB64+uOZ5DmQeraQRwPnivEaJ +KuSHae0eLEuQPj2zZn6Vq8LxFmU4NSxovolK+Q99fY0s1UMch7NDTtuemQSLaqGyaGPkypd7 +ud2qEWk/AMxmql1RpBQoYlvm+jv3E20C9k6+HeD8xDGAbLslaSUt0OVCrtu/SLPsI/6avICs +HvTAxbKkhVZCKD5w4cmoZvLfZiTf7CXG8ovL/YFv7H/vtN2JAhwEEwECAAYFAlDLf/UACgkQ +kFp3mzzhYMBn8RAA1joCLF5Qe83Lpc3XjfCdO1Xd2DsCA2rDH6rUxbIW20Jg82lgHqgfQXkW +pnXnq4CG7CT9KqcPE9hHhH0kgm9Qd/ReAujANR8ZWz+rXE1kEk4Gu25bHzL1D40AGdJHLflx +J29nNvdS3V1IfDjrnJ8htYMzzaqKlzPY7/+PilBVwqIEoAEXYXQSP9ndIRgHFn31b/u9/dRj +Wht85C4c2yqP27dw45bYLeGH0Zy232sfn+rfVE7GVfOP+3K4fE0+EYvkjRrt2L/u+QSimWns +PlbSpJRuT82eUOe1HV7HDe8mwChoStYDeqb7xRF1LsvulQnBwunvy7lhlPTfEO3GAeUATU6E +SPj+MuPbdapRBv9fLtZGfBSrL57y9YIcUm8q4/hXCGrtC/+FP3h1N3AsYz5TE/NP9ojIopkn +bZkg0QaZPXduHNKw3ZQr8d+icN5iGi4dB4e4lZpQxO8YQrn4I7OfubpM2YyESrI1cg39FeSg +fYlgwBXzoUgcvn03Z1EeihwEgYFXkzt5W2s2pVer0okwNDlemfpBrDel6un8NCwYyeVsF4JR +floZ7W29CHewkUQieSj0RS8vTYkMcK4t4GkBGeD+mMHH5elIpoE2acDU/KezCfEL1uU1EbZ0 +6OntHO+UvEGJhltI8Wl3iZowMV8bfD9M5HOwN2yoLYRYUwMr09WJAhwEEwECAAYFAlGbTg4A +CgkQRPnuenYUz4S8gBAArX2hFsjZpDXhZ9yl0FVg03rRWRhgTz2C5Xoct+jCR4v0fynwhFg1 +yeG0Z+zTemkS8BMksGKN94kOAhC//QJwJoiIaTwDSzALkmCJd2RhBN1AUpEa3AMii4wji+y9 +08UuQ0PdxH2Nn6wFZjS+ktzbRpoUuXa0d+vzVJbW3O/X4XF5MVAWSrmmzu3KJ2aDlV6kuGA4 +dCvwV7sliYnOsNPqbpeozznm6UrRsb9pIjdEeJR/kYH5uG2yWEkNTmThkqPIvtAzuFV/US5D +yIuE9aoGj64+vx78akbNRb7GYAyL0sK7l6r3cVJxPJePLHwsaJiwAj/DEHjkb0hVHTUzOdX8 +/7YO9vRQwuPHhEiosmCNeyJssPErDIzgizyMg0IPH2RwLXW88fko+kow37Zz3VCXxqg0VM7R +Nb4uknXIWC7wbDnDLJ2i9PBLptQfi+m8UabgUcq3wHYDEGS5T8CCuAF+6PGguwEwgb2IMN4d +mwoCvxjRVzWV9IzOz9KF5jIWCHy7p9X7LAVozBc7UsP5eZ1Z0wJneY8UOGSFdPrObF5FaXCS +SpOWhrMjezyKORCCa0uHuDRoYcCM/lhOxwqeG3buj1NZAivwu/VNXkSvuaeRuDyIXBjzXQ0I +MHrnOz8i0/yYKvBqJ+HHPwep/hGuoGRmibU6cs9GxfodL6ZEQY1S0w6JAhwEEwECAAYFAlHE +VMMACgkQQaJIle5W8CoEtg/+LXr0qA82syhwjSUBWA9NzPwj5Xh0cGmYoSj8sHYFe2W/XI6N +VTr3dRl5bsytE2PYTS2nJz8FJgNtXcuZvnZhCGhLJ2bpcWeCozcTdOtHzBizuGjIV96al9rD +PFqFlTz0yLJC0/aoKOUJ3iV63dLDN01tw0pT/8CVmdBdrOTDLQ/VJoTqqfNwA2wyH+aW6XEK +iK4KdeAwipBU+818mg2850tRihQZrZAzQ38nPgdAMHWL+zom7MQIol6dZFfrW2ynZ4emocF4 +x06QqoUwE5jBqK3q7YJNdcVhYRorP3vi6rcKEjFCBovQBD1mi1W9zl3FYLhE8Sifvfi8WJmP +rwFpMjEuAfSK5v/b5Rm1RNfqcfrlB8w8ywT8NY7IlULnP+3rCPeSaMGuj7Nf/WhUzZnijCk8 +/bNwrhsbjip4FvcTrPga5yjevMy/Kokdq5mQOFQk40qLGeld81SsNq/jWqZOb5DIhePylD3A +o7VCNIarlS/weBA4l2Ify5OS3LAPEP4EzXlRBIU+YyHoXInUdf0HrS5ndG2xB9yLrFvZdqUs +MhSb+wE21ax0GgTw9YCKXgLN5/V2JVUYhbOLdzR68JKEPSh8tmt3XESiwJK8c3jLa1QWpIFd +l8G8YbCOxqVb2BMj5tZLjcDtSVn4MczfeRCNDBExakvAEcIq5YhtfFvnu46JAhwEEwECAAYF +AlHHJKsACgkQ/iE6J9cPDby42w//eLUFjtLlc5zyIogVo5f7e8HIZEbu59zkTkP4V+3efrkW +/WjLOR3lnKwhvw1kzAbGvGtF11cJD8QnYKPDFvdV55PS7OKiL8amnDdc3xn7TQxGMgNWfLz4 +3zTt83pYtvfFKL7RHCQL4PASs0vRLF+73kph7rFgP7shN9qerz8w6cgGpV8d21lwcqsVeHC3 +MJnqHP6cAfeAn1oPv4yX/wXIy9begCwBYzUvw1QCuxOqT9viXcFIqy1E885QThOHPQ85eDoU +kF2kxcblIF82NSnptOxVhh2HO8ZiOOkGqyiCQPTXALWE7pqEDroGBtLPfB2jZ1mSyYn6LLtc +S7AElrdqpvjLd3pKnGX/MSUFX9w3+5dOciPqFbBKdeOAJ9EQOP0Vmigx2Y3O4vQd6HoVgNLm +EyU9JOdIURVAEvADpkyQeV+jKzxl0xwk5BZD4ESHA3CNAS0z6BX1g4O7Kf6G1xq+1APVZwrp +koEX8kDzGjB9IK92i0JjKWhwh88kDLFMK6JOennIR9d2V36EHfl6jzamK5aMhfFQp/UZgOVR +h7ke3wCw4+SIFATth4nNs2RjRfFZrMtI2NpD63fZag1HIc2KwWsCf/29FEgL4cEJUGABsA/j +CYUzj0ZlwatKlDLBy8pDKdEfpCL1yejPvFX3hpGPXPWn34x2dLy4hIdplwncJHeJAhwEEwEK +AAYFAlEw+JsACgkQx31Fp+KDRisnpA/+JMTbZZNvCrQ8yuotmGUzEsbopC9DcWYxT4/ZI5kt +bgxohNHI7VTkiMCulnkWjLFM2oXeFv9IYm9/QCbI3smQ6KiWQp4+mcAm3+DGksCqSB4rif+C +3VOqrJI+Vh+OQAcVg6gVNF1xdxDymzAtJNpFjeIBn1vxS1aCTrkP466uOkeaag6Nsu/25Kha +s+SY/qGwxRlLnvVteE4nGsYFefGCI7dOxJO8yDTU0Ll0u8HcDv4GhkMBkR7xPQtvsjuipjhk +PbaaghCTVP/1f/Ztr0rqH6ktnfMm2XjbDoWEvgEKHHAKijyQUOfQRNFJ/SBUI7KrUlEg4X2D +WHfyiN7t/BhCmRrja+Zmmd21lGkn/52CUAZbn28BCHYs7NZUf2s1t91o24sVE8NhoVUT+hdq +kGxo4edq3GWjvriQyLULdYEEsRmFjCHfz76CsZGswzOal8MZvvoVmGGGBpowzo/qfCCFU0UQ +okcNue4BpKWb5Z0DwlcFHZlPG04MSr9boV9x+l9CRIPPiPDShV6QFKhaZMB0cC8CYIvR67hg +vpYx7ncXiMvPjlNn7hMUoLQop5fQr72gf5fK02xLeZ/u5q2RWMUW4mBSNiFpgJ4TDPdHOzG1 +D4A0yzcbECXFS5x6vunb6cz10IsAJExBbsHmaqMrD5Y0XWFCubMnO+StVZZAL8YApN6JAhwE +EwEKAAYFAlH+fvgACgkQIAmCCA12VqfN/A/7BviLZ7zoQyDKKaGBL7o8cUF9qQvg/+Q4/5mI +qnfEXztYX3RxL9oWNsY+TzxgDWdyhcX+RulLieFtf4HeuHVKdONvfmA2+HsJHhBPOau3hZZx +swnOaYS8qufDJbc+uyt1Kd1vsSop7eLuA8aEhlkUosHoyfDNfyPOJMxKF2sniZNzuU7p9Ai1 +HzUdpXjOzbQUHDl+FPwy9lKiHxZ8BqfkytxjBjfgLFgiZafLWvU9Dmnra0LfBE2rgbAVexT5 +9sp186TGTCsJzH3kqGr8wV6X4uSSoRlb4D9xOEpTs5fVN6U4jA7llvpAot3cGj+q2tFsUR6W +p672Mnlru1hkGi2GMSQJAiizx7I2qh3WmGA6UwTKYq4wIYDlHFrJf3pAhGiM1vpCaM8teQIp +zENn4SLqbiGFtX/uayzuumCkv7WcFBLOZL8g/n5fu5DXCW0Kf7MYG5RjMD6jv/8Ymh4zMwVK +9GpZ/ytedo/WN37uKYBu8bkEat+xUK2DqKRb+RnRyNCemCOXTKt4+6LLMYAwvH40elWbk01h +taKX9Ik1knFX8z6FI+1QmLYLV9jRN3BDzd9iMTaAGwHdhB64JRyrOdnqQB93jrLa/caMPOAx +N37+J0LSEWpn44RrYxSP8O5ZwyA6ap4o+nke1Nj65GTVubfgmyQhZ53oRxT9NLuCfqhUkZ2J +Ah8EEAECAAkFAk4ZlhsCBwAACgkQW56hYWaQz5SN2RAAsgQOVOK0KZdGGdY/ik7Wjg3c/fE2 +xpMGlD5YD65XJcH2dPMnVAbZwbmhH6/M0hRHXPIioH01Tzk6y3hoOLAbTMtMqsPlFTPCH4Cu +9y2JKtnXENdF8InGLkrGtTaJmNXxNdhKHpZ08eBIauo/48Nf/b8uKLkl97xqIUpbGjTchIH3 +IwpIRPsXJnp3wmwt7hqGz6RrOUNLhjtotieNgqCDfGkwmXMh+Tr26IHWgtGianYs7WE8sDjP +b5kGt9917Z4t4O7PARejjCvULJnUCD6qtiS0TXrQrGPJiSts9BBs226mCHK6Bpc9zp6IZHjw +mkZ117+W8Wj3Q+NLoHIy2yqEu8CGrrT2N5L549YKMeEsmDXfQpfhUO5GbWEQdONYEHJIMBX7 +apE2xfyCMAF/zKFAY8FTNPJU1uQcugqzte+jKVwGnt4omCiDi0ywub/M7NJ1QH2K3VrUadLb +mg6U9grtQhySpYSMz0M8PZo8mJH39S9ydEzGGt2Nyu2fS6YM6yE2q0GVYMHwhAHVLUcBTBEs +1dE/b3EgxL76RIK3Wre2G7XuijipTOvHBWzNPI8huX89Wi6+V1TwrjsyfLF50EWqrBmfkuWT +uaJAyDx+IhbLaeh5iaP1BIP0xoAmVKW4WFuH6RaF0givD7BnRT4Yej77W7d0mkKJ/ILMO4uh +jnwXvMWJAiAEEgEIAAoFAk3d4doDBQF4AAoJEOTRKq+79JMo/CMP+QHDw/4ovGhORUDPsAi3 +7KbVun3MUukk87oMo1He2i3jao9+TftVRpZafW9ZzgE3Oz3Bq7P7mJ2e4eVqAzTZ5YRDHmIj +IJz5Qoep93t50caTX7yGby+OqU97QmBKyhAhNifXEa6ypTAlvTHK/TV8ZwWorFFvTFQzxEJZ +qldjpd7tHtHEZVafQSJjM8SLe3ZZ3DlLeVZx30X1gtnmrs6Th+p15u7cjQwMwfHcHIyw5DNY +ujwirM5BX/GV+gdY1QpYmcUfjjkxE0kk9cpw1STnC9rqqxO3f79gE0uKT5aSXlVo4dp9y1nB +RvVQdl+5QZLf9rD85Ukqb9wyIJqeIq1BA4K0P4rjE5Pm2rsBKc01AGr60DHFYMowDRnXKok1 +BsgVHYx8T0f/IaMEQwGMM/EeZpgGs5FN8rk0qjaYHMBp4r7C/w0f+wYqypzW+NkgVHzKfgwB +QyqGU3Xfy3oCBE1mpHn6UcC/a8M3+wdWbovchD60ZKjHYLewfjp4NNUvvHNV4suvLwWoWZWi +tGQ1jsLx+zwGmN5WF/Lx/HaWhJbzwSIgoTGfEKLCHfnb0jQSXnpiJA2IhLBi2m4BOOlUvS6H +cqE3CxkaZjzG8pTOHT+PiDD9pmIVtI98FBEuw3PKowAmwbfLYJfsJXN9/UxLGx20bQKGLuB1 +EDuS7kOfuZ2/pwG7iQIiBBABAgAMBQJPU2JvBYMHhh+AAAoJEMgTCgswFICa9CoP/3a0G1Hh +nmvZwYX7aN8UHzXLuSR6+KLc9eIwr5qvxRHYtuXI6qqz2ectUSgEKJulaCcw7RGFv/oSK601 +5cKNQJxPxr+UjYMaybR831GgtV64N5JbGJVjmsN4AdZAZKdrIYqfY7Pf5saun10x9Ha2Z2bF +ZQ+7spC4zEyYfHyHRwtRqQ/Tlf78BfZbDZFtAoKX96/9pWw4pxtc2dipTepB7xOAKv5MiZ2Y +Ef5As6F5pSZeWhSUxm/eiaufCY4wwnBgn+xLtpq/joX2rGhzikRg2QgtHo7fu13HNo174ZgP +U7CuXUgFt5h7UitfPThkIiLZHP3l5RsL/gstNq1oUdbkPOFQsPHeE1xFNSV7hNE1dYgrvDcU +fAekKNAGEFkLDl4loaaZqYnVS8Ku5dzOHbMV75DPn0gMeDNypjxPDTNFkSLzbVDwHtXfgkRl +0tYdFN5Q267oBVQi9NlCNzD2i6I75OpgINu/RVTBucAkRBcPoHWQMlNqQjJSVyUhssnZqYjG +WFuTGgDvuohhrcdLNdrf2uTv1tf27dG6YYWIDzfDjeetMCh2PuhRZB9E3fnILP6VTe4moqL+ +gzl3UHyEeNXBoLaasX6UvJ9uxffmAEDoLbEknq784nqAotWzhf3mmPtdWQy+5ZzyOtu/kxy5 ++jIzaYo/srV3wBvecfIkVQ5uKbaLiQIiBBABAgAMBQJP9GsABYMB4oUAAAoJEGPK8nY+x3LU +y6MP/is/Pl8lhP2RwkkbBc12rQUCsZxLRtq9Lfd3TEVOizElK5ZiIAOHz22bM6x/hzZgJJ2F +AU6vXCVUsFRrz5KFgSwWqp3w40ly1FJYK2i1Uzpak3rmkC/BIf54fhQ9joLcjBGK/4f/2apv +BteAZftm56o/nVTHL43qqR2wT3s1Y62X5USArSrVU+Xl4zKOrFAlaXKJib0roLwFxWAz/Xih +pzOgJXatXFk3qYn30JXhPYAc42pfPLPW09gKyT11E42N/aQpryz5I0grf31JDWiiMPgSlFHm +LURHH/gaBuj+3p9QuHl2Ij159/czdYUCJVMOxrsyWybGwJvDgAGBQo/7nJJ9Yk6EeFwBQJ1u +9mdTAQbRkXPvQ1Clj3PVWWl/WZdTHiokTnhsg8FWkPHpIWUV3yb6feajAXonXFbTughysBTf +Vpxe2aTkmRXUxY3viNCvNqCE1RJzPNWHf76VERbSUC/3v4lFxv+s6UqS4y90s98iKB/jOO/C +i0VDN07wVRAsIlizDC6S5GHdPnxPM2r00H5qKEKl+PUN+qyHpixxjpuiwPh+/U40wKo4Z19j +G2PTBpV+JQvIAEBOA00j3FxDzyB/Xr10C/hIBcwsA1otT0C0TYcxVsLJQWVYp34d5QRjYyZv +Flm/jxK/idUYy2VPbrFXYWdp4AzVwLptvqLtl2ZOiQIiBBABAgAMBQJQV+q8BYMHhh+AAAoJ +EL/cZe6EUQW+92sQAJVViCic33+D/r1WXbNdFkS1r0Jrx5+dFcBzuKa4MYDdbRgEMrtcNQ3j +ps99u/50UZNmQas+q6Vf8oIoPmr7rnl6JinEZ8O4Np2h92bx6TuD1UdsRe1diRlO9Y2ZkH6T +FaPtZE50JvabUT2gjbo6ShZnYSyD9yARev0XptYBLLX+pxysviHn9OqGVMr6sHi+wvnUFs0S +uJUngyF5S1LhaB/zDbeARCvJGU1hsv416brK6UYcUmH7yyKxhJREDA0rQwLyhsCHcGxajsTe +aJJ2JBYvj8+PUQcuIS5lfWiTFhGwsBUX9r6Ywr8GGKufW0a0JlZ63HnQJjXxiWU4ubyA8mTq +b9pmyM/JiJTq3ZhYy1bxQvrCe+CPiZ7bVRvbl/yn6TAXx3u9DTiq+Od1p6DXRSxB2JSzX/54 +QmlEfE7Z7kcgZIXROMTWFQMKPctiGBb8F1qrOwar9/GF0tm/XCH78eNbTkzDqgp42iVltTgu +xABza84CxA7+Id+Q3eyfuQCcPOgip5yVxVfKUiS2GGZpgxdVk1gPG3NTqBZIDeu6HGM8LpDc +exy8m8xqpGqqVwm4tMrHqnU6hryQwdfh8UOjuDyqzkWLMBF4lXrNrCiEBrljeDTk37UM1o5H +I6Ai1V88blIBQShxHXHkbB5ZnCf2Wa7ihHYKc8a86gOXgvLao9SCiQIiBBABCgAMBQJR1dT2 +BYMHhh+AAAoJEJRTSBDyww9JyawP/RAE7O/5k162d683jExI7u40605yQxbGRZ7w35NLmOCp +J+ZyLNTRKvf6ss8FbbX5CwHX9qFWRlXU0bC/hxo8DXhPlRn28k9FHKe9xLEwBqq1GxsNVqe8 +aQG6KiQlquPCQhwNcbEe5gp7Gd131Z2Cc4cmYXbdNaJBCndkWFTIs61FMZTrbHNUXHrRM4Se +3bZAt0BLmb53vjEZv60p+ve19M2apmYJCbP23ZXRxJWtrGf0kngpeJ2R85RwB0ha1j0rxbvU +qtgOmM0QIhG3iTd60GkXtXGjDiU1wUTtfuPNpFSD+FzD9VsKzUKMEijwqc3HBLbQhBXy/6QB +ZYvrG5lB8yt6xKCwFS+E+U7WWozYtIwPDUNUKCKuRWe/Tkh1swSZuZoPgY1OWu6O4AETDLao +yUCUhXU2G0ErLt9zAr8NJMC2gyuJIP0nwaEGDyixAPm5Jpq7sQTkQ0CBEARdH586xpnjVNXh +7lAIwXevVuN80V2tPbYPMYBhyBJTM2fGmmS2Tovrn3Oze9evK+KP+ZQG+BCp5Wl/NUISCSH+ +CmWxpjctmHu1NtKl9dG8c3uvbCC1fHyXkZtYA1l1HFMHn0ZyIG7Tv9cNnx7vsU0ktjve8tGk +np5FH59MYlxN3u04lRmPJTrGe9PO/1AE8QSesF6qTbeoZIFqYdBXM8YF4jwEXgMyiQIiBBEB +AgAMBQJQV+t7BYMHhh+AAAoJEAod8sZte+sUXEAQAItcS9SxwHRcNWG3flBYD5EE9tJBEKj3 +guGA/JOatTCnLQuRuffo6erYxT7AzOfoyP4z24vg5vTrwxyL1blZo6TiTLqQsu16yilKnHLf +DLidy4fefROioJyhBoNB8t0DBnbe4HQRQrEjSKohH+qOGZ3Mes6GgqTCMKYkY13aCFkKzerF +UCnn9ICgvtfSSSpYDra9+l6molsYhBrEn6JSKIVvxLoGq50twe2V3BPL6S5mp9tfElzSTMOq +X7hYF1Zny88AC56WxsgtNU0sXDPEzROPX7vACS9VqsAKaLhJqzhzEXAylpMakkVFVwdS5nfB +PII+w/dxhKGySS5fNPjSseRE6nTgkpqUIiyoZIPzXXZ4nOU0yxnUYTt0C4/s2q2V+w2AwtLK +Ze/pYoiXHUuYI5BLmlN0koNYaXxLklE1IHo3xOZSIv/BK+Og6eVgmB/uXTZehUqgmh64PLkO +57bJISBPJuWSAASSGiEeRb9B83yIk2KRT9DeqaxE8ackO6jh/BVe0zuiZoQ3f3yVcGI2StjV +zwHo5alvUIIjmz49tjuUB/73Kt7yVWlLEojuIfhhBF0zQHT7Pnndz6fDcTato1IT/IeUxgmp +PDeblBEKnm/HBCa4otb6poQNpT9iwVVOrbEtRRgbzgzpcIxp+3iRGjfIe0K3qyVeHFeCX2uT +MQtPiQIiBBIBAgAMBQJSCQlzBYMHhh+AAAoJEC+YSniPMQjQKZgP/3uZUROKoPPIf0C9WCKB +2uK84qmgqetqXG5n2Y8vdinIG08m0gAdY+DsHRWciToDc1yU8oFD3Xr6P/9crm0s57vm7cU6 +nrojzReslxBg78MxMsx892571F2YyLkfhJI8mZDwdZxqiokq+DsdHgIx+ilI3LUWLBzvxr4t +LyiDalRqcM+XWj615jW3RUmxShgK6xiT3n6YdbSlKbIXAVVbu31XkYTIYERcluGC6MTuizwE +FAIyOqqgmUryTMuCAEf4EL3J+tCnD2og8Q+ihTB8CsNq2hwKZvTUAUgubVWiE6MINv6CFjbg ++y4mBe2UxXEOc2vZshy2RWwMVCAM5M1rVEdqZvVxSe0/QREBiqKXgX0H/f01A1XZeG3KKnvF +qijT6TAldAFOiVrp1epsaK3rmdXHMHtVs6hmo+i5X/z8ZonLscDWoC+XJmojMh93WwFgS9UO +rV1Dz+1L22pR5R5UY2LSkF9G+XMM32CnAwI/KowxtxLNP5yriZkR8wu9c0CVAHEZD+jhaRuc +OCtAYhOMemLohhUgBF+CEADe8XbYtwZo3zvIDf+l7SQcrpqLA/c6H8JknWKZzaR/esNgeLdi +QMV+rNTKqTP6r776rnyMsF5qRjoJhLYFcs2+g8+7IDzJPjVgUcBFsAjq4kuddcqdoeA6Tgfv +pugYKu/QLH9RKepMiQIiBBMBAgAMBQJRfnnDBYMHhh+AAAoJEGfnL+uuo37w7ZwP/ROw207Q +Hw9SVLRdmrvzcSrNtol6EDyAwI3bZIHe9eGhLLbt1pkY9nDBftL5Vh46FvG9DhIMZAQ9o+mv +UWtAsQyOrAtFFZRDbh78BR09RpgulxM20LIuQw4Zl1Z4vNaOPWKWLrbUn6UCAp+Sb2BjyBtC +6w5oCFafdU2b89DbxaF4Qph2KwpNe73Z2ONTLTE6RoRYjzQ1b3jmtz9a5HCcAvihhc99o5Te +7PMUitsuFZE7uk5PZi1SSuwgvqyg6AI8J8xLe0h4tFEIxLZCM5+IrlCDV36Ua/m6NWpJZrzu +b2jhIC9D0DwaCQPRc6F50loMZ/TdBYV77CR+decfJ3gJxL2E0vzv5vX/phenob/aru8G6fDG +m+C2xbtDjKuPOSLEROMj4TCKnULRbNdPdCBQwvxX7z7MMveyFxR/bRcL/9aa8YZWzLnpKqJW +41BH/uAedRULcCPSaMDTUW4E1Ku3KQnex+TVtaoyPLnpYLcPVVolvXLfrjDGUA+BNUVXT/0v +2rzWbLtaN/nLKDpjvJpr82hJnKVAWf6EecAqGsiF8/Xzz3IhwtIm2n0nKYiClal9mPZhrKzU +FhCETE4psiddirVToc0BFf93RSv90+qIaZlngPAPtC7VNddEcWRGqIvp2ofLh4dWXF8kLu/f +300NzFlX59bMkHz6p6Itv55U3vKkiQIiBBMBAgAMBQJSFRGOBYMWkl6AAAoJEJGd1KmX6o+t +A44QAKRjjz7yK6POJFOvOz+Wr9aL1/H8EQazn5GvMiXcfqBhcQYVG6SvxLhGi5h3Y4wJr+9w +9oi1Jz2Jzv0wjvEKLVAiDusOdjJr3+I92DJMiIxEcNPrRHXSLfkBP2xUsFPcqhfjnXtti0qx +JtffFeWwyUPIeLYO2RDN8wKiLMKQpxhc+XSVqfg4DeaK1475nfuN/iT/aAQpVCm2Eq6GeQge +48OPtjMcXY/PwoPaTV0KxMZk0t/TzciVZpaslf2ne1X8TTYkdVTl/Xyz72EqCTw62aQ4iwXO +vnSVjj3oZ3acbuWdkqwTIb1ye2wvDhlMEwdHMtvxKTGj6jdZuXQbRVtlZboKQID/s2WpRoTV +KLphYG73pNOTIOm70EqTH/2Yki9s0jYJKO42RqQVOnfFUc2HS6bPgDiV7wBuVWq08AYtuHGg +cMzstrcyMgTm3J8SM//l8OMsbZhkzTw1/f+W+bkzLVZvrXdZMlN6TYZPICinlJkW17QNtfxv +kSSRwyRTOiabwhp9nU1SRHM1flVdeBy3TQtVDFpht6ZKWShg48rf417DgMid0mqhGzni06NZ +O+nrqWAr9uvK8/TsDtamhSgxcFKNwfylIeZuadMQoAUOelgJ8gRlREcEWd3i0UffLhE5qQSd +b7l+4Edrb1AagXvZUYCY+M6o/u7aRDnGO9weEWiFiQI+BDABAgAoBQJM5ViDIR0AQ2FuIGNv +bXByb21pc2UgbXkgdHJ1c3QgbmV0d29yawAKCRDWYVmagKlsSFdyD/9e0WFgLiy7V8QODsFN +1mjCbB36u/hYEmlANXLic/2j6kr4mZzSMmq/ITosB8HXv99pSLinzs1l3HpEYBJpYe/q4dac +Ge5krNwfW85lDePuzxBNe5AjBjb+TFYNXA78dhIAtdRGkr2HdLeJ37GSyhuYky2YHvhC+PRh +EAQ403DeW8XOPpNQZqW3GQlKsxaasykjyCouwLNXMQanfsttaWyTE9cTQNMsWs0LaC4z9yeV +7sbumsaN6kWHXOY9VBj0Q8ZWva/O6cGpoxN8XlKR/PtgU4goUTo0Isur1NG8LO3mZQb1SZwm +r0lBJ5oDkLOQFwHiNr3yK0p/WidN3d/enbLEbn4iB7zf28Qro9TM8i5A5yeIio4l0o9iKG+V +ElCqwmV21PY9ByHyDZuRc0V5vVdUJxXdB696+B0KFGbwfmQBxBJk7TTL8vza9d+RKTX+UObN +Grlf3bpAA2kWNjFfY0e/6nmNUcu1xba7s4stmZFrAWxw2iRJVCk/5Kc11kSeH7qT7BA2KK7b +6r4LeheYijWSSNjUj+B3+D3gWwrvXgNv+OuwLIcPj7WjnuWsWHMAw1pGkLiEfe4oj9UVcjw6 +Fh3jGN5/LpnwhqT/Kst0omqyQPDiZsohB6XagUVORhYmo1wL9AwOp7PkEptSEDV51aVxllrS +5wmI3J/Ji5qNQ8kAMokGHAQTAQgABgUCTvY4+wAKCRAkm/fusYF9oC3VL/9sWbXBK4GCmNmX +KaH/bwEUtJGpMac8mYRrEA1HDVet1F4Oblf8Zx0sdNneINVH3qN9DrOtGi/0WuWTlm5lN9Kq +1x+jLr2o4mTgAd2anWgLQERuxHD9ZlZ54OM8KVS0hoqtl8u+gD5hA2s1+jEYWyrxwgw5ZAXV +V4LXPjvf4GRZq0xlQVZ9egFIzlqDJnCh830IrmjVOQ8FZkuxVkvnnT4BO1dPAGhXkK+UBaP3 +EeMEI9YW3lIB9fVtmz4Oup8Ct9q06DWY3anEQvCBY9E6l1lGPwULHASliasPOcfNQbafW2ht +z3MwrYREHaqAGIinDD2gCP4tNZb3ErytWbLmoerWvJdGtzkN8I1QGa9r4Ji0/2wMOs0l53Lo +YCSEJhYKQJi5+rw68m/sKhOz8H9CtQcM6zgxC3twqAh3SaUZD4hGYEgOOlInLM+MaSzfC2+h +yimNhHKz801sWLjcjspl480cNpgaxNLZ248jIWfTnDj4AC/IzUQA8GNUuiz4HFzB2dsj+fPE +rscrU6+hOBPGdM6DBSGp9mBdfuSoErRL7gwiJcHol0/vcmsnNJNdnJjyd2iCIaTR84u+RlEd +/XkgShx7xlCkhFHCZhqB+lC4P1AMhg6Bmt7IMF7hDxpWQ45+N7sct3khOWl98bkAuxmVnzat +OyOQQkB6C2KO3Wdxsu0G/6/4m2D8n6+CNyy6sbl5FyucSNPTXmZ1+bNx9Cji+SSjQIc3dse/ +SLNxytdvWEgpe07e3pRDXe5D/YI1iBC6KZefKas1ZhBt1W11YNNUlH4yOLIa6NxubafJwlKk +IeP5K01Oj7feGW92zPsKAtLQzyrSsIUaXtkCWz5l5TmrEEI71omOwvigchwnMW7rkoP+yYbM +UVmhoTP7Ru0fIGE0czrRRntV/DqCfQ7UaX1jfvAESXoErlqXFIqex9RJzSdKPMgds04GM7lM +hF2phE924GLdEQQnHt8ouPPtSp4pW1YD+yWZETkjARD/hNHFdne3FFxHOPNhBmj8OF9ETkMz +C5g6/VK/GsKz8FtKiuqxbR7aOPwgBmFeKryiWyQw06o6ga7PuX0ptiK7pGro1ykITRp/ohPe +SvBmNyNh3k/p82mFybeU/YSXW8VeHKRtq5/8rfknR2ooY14pVXVQjqUlIBscKROW7D1tNzHk +vLsMYKcMIatlsh4FgbLifDp9z/Ffa5pMGoeXQ+Jm/4C9oiUuDrKaujNdNGDLUoLO8Z7L65gl +JyfUBOtgSw30v/m7Lgmy/9sLzS+QI74BuzAHPcFeNit1cCVn+mY2YXNMAzMMeE2Bdgc959dz +3TSjZKmg18RpVraC+6OnzuSW6/AZltUHGcX3MweB5k0xu2R4wGqldqq0Q/RK942cxeLLZBYA +lj8bNYuQ1N34vOUK55DGplaOaFSbcO9HxXRtRXHaxCRZzUZfDwA49Cz9cy3jk5E9263rOlly +/9yJpGqlQsW/03TdCb/Jh5IXCwCd4RZMSGWNcaLQMOXNtpJiS+wThVLdS6LEmYDYrvtfmzEE +MoAP/leQe8XPO7DwoukTlWZA2PGsu9jx04+gRy1zTp1psVrbVdqzbOPCpH490c2Yxeheci+E +pMG5iXiEE2VREXEdSY45T7AM8n1KmyoS2zPILYmotV/vvgG5qjuU+IP+VZj0VYiXL6MxYmjw +sVGOaZVV+HnWD0QPd+OkYxiHEHjfJhnBoyGrQhSV3FMJ4PRKrJKy93CxMuA9dEEOARnQGLt2 +TfccI4Tjsew1u+ugBTwGEWuEz+zEc8Dkyg+uZwDjWwJqlOZEtmQVWR3zTPbWz4w8lxpf0pp8 +Ql6Fm39TyPmzM7wLGzlb+pynhiMFX9KK5yNQCVmtBIzvjZ4sFrzF9uCS0tXghKdZvEf05Z0V +X7L77ITYokMp32/fvxt04EVf1xTuAGBi10xvzsimixS9zpm83f4SzdFqM0mbJi0rFnUlSEFo +oRJKC0gV7AWNhAk/oDp8yIZHHeB9Fxpu6eMekKR6orw2bAuXeDMQxX/8uD+nTkzwbvG3sPKm +4aFsukTb9RVj0s8PjVrR/wAADVvMmQEQAAEBAAAAAAAAAAAAAAAA/9j/4AAQSkZJRgABAQAA +AQABAAD/2wBDAAoHBwgHBgoICAgLCgoLDhgQDg0NDh0VFhEYIx8lJCIfIiEmKzcvJik0KSEi +MEExNDk7Pj4+JS5ESUM8SDc9Pjv/2wBDAQoLCw4NDhwQEBw7KCIoOzs7Ozs7Ozs7Ozs7Ozs7 +Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozv/wAARCACQAHgDASIAAhEBAxEB +/8QAHwAAAQUBAQEBAQEAAAAAAAAAAAECAwQFBgcICQoL/8QAtRAAAgEDAwIEAwUFBAQAAAF9 +AQIDAAQRBRIhMUEGE1FhByJxFDKBkaEII0KxwRVS0fAkM2JyggkKFhcYGRolJicoKSo0NTY3 +ODk6Q0RFRkdISUpTVFVWV1hZWmNkZWZnaGlqc3R1dnd4eXqDhIWGh4iJipKTlJWWl5iZmqKj +pKWmp6ipqrKztLW2t7i5usLDxMXGx8jJytLT1NXW19jZ2uHi4+Tl5ufo6erx8vP09fb3+Pn6 +/8QAHwEAAwEBAQEBAQEBAQAAAAAAAAECAwQFBgcICQoL/8QAtREAAgECBAQDBAcFBAQAAQJ3 +AAECAxEEBSExBhJBUQdhcRMiMoEIFEKRobHBCSMzUvAVYnLRChYkNOEl8RcYGRomJygpKjU2 +Nzg5OkNERUZHSElKU1RVVldYWVpjZGVmZ2hpanN0dXZ3eHl6goOEhYaHiImKkpOUlZaXmJma +oqOkpaanqKmqsrO0tba3uLm6wsPExcbHyMnK0tPU1dbX2Nna4uPk5ebn6Onq8vP09fb3+Pn6 +/9oADAMBAAIRAxEAPwD2aiq1/fQabZyXdy+2KMZJrhr74s2UZK2Vm8pHRm4FaQpTqfCiZTjH +c9CoryC4+KesTNiGGKFfzqez8V+Jr9fMSUlQc5Xj+tb/AFSoleVkR7aL2PWKK8w/4THWrf78 +oLDqCKng+Jd1EQLm1SQdyvBpPCVVsrh7WJ6RRXOaF4107XJxbIrxTkZ2t/jXRA5rnlFxdpI0 +TT1QtFFFSMKKKKACiiigAooooA5j4huV8I3WD1wD+teHV9A+JdPh1TSjZ3BcRytyUIBGATxk +H0rgn8AaQp4mvfxlT/4ivQwuIhSg1I56tOUndHni/eFel+DdR00aasc8yxOg5z34qtB4F0B3 +ZJLu+Rh0+df/AIirLeB9GhOFv70Y/wBpD/7JV1q9GrGzbJhTnB3MfXri3nv5XtceVk4I6Hmu +fmfk12snhTTEG3+0LzHXqn/xFM/4QrS5FDfar0g9/MT/AOIq4YqlFJJidKbdzn/CM/leIoXL +BQOpJx6V69Hr+kJHiTVLQMOo85cj9a88uPB2mWlu08b3MjqyjbKylTlgOgUetbuk6ZFakSKp +XK4+UcfjXFiakak+aJtTi4qzOpj1/Rpm2x6rZs3p565/nV9WV1DIwZT0IOQa54wI6nG1h7c1 +hahpskk5mtZXtXXIV7VzGcfUdfxrnsaXPQKK4WDxTqumOqXY+2RdMyAK/wCDDj8x+NdTpWu2 +GsIfs0pEijLwuMOv4enuMiiwXNGiiikMKKKKAKWpcpEPVz/6C1Y8sWK2dR+5Ef8Ab/8AZSKo +MoYUDMCYXMbusaEAknIHrThe3MYaN4C4PcZHbHbrS3V9Ml/cQKECwsqj5c5yitk/99VCbyU9 +dn/fIosIkM8gGyNSMgdR7AVahhZLaMMMECs83UhBHyj/AICKt29wRHC7fdliR2A6AsoJx+dF +gEvR/wAS+bPrH/6NSrFvPIIsIqgL3Y1FqIxYuQeGaP8AH51NaVqu612ghcjrihARNcnbkxsD +0OyiUIRjjOOlWzAvlBeAwHXFZkxEMjLCgmfoecBaYjNv4ZnLIiKwPRWXg1zkjS6VdI7zNC2c +xOuQYz/vV1U2m5+cySbs53B+ap3kIaLy25AHRvm/nVITN/wz4qXVCLG92pegfKw4WYDuPQ+o +/Eeg6WvGbkNE6tGTG8ZBVk4KkdCK9I8J+IRr2nHzSBeW+FnUd/Rh7H+YNEo21BM3qKKKgoqa +gP3MZ9JV/U4/rVCtS6i86Bkzg8EH0IOQfzrk/EmtXHh3TnvJLSKcBwiqrlMkn6GgCpeD/ib3 +/wD11T/0VHUJFQaVqf8AbsVxqX2f7P502PL379u1FXrgZ6Z6VaIqhEdW4h/odr/17Rf+gLVU +isi38W3E0awW2jGT7OghMjXOFYqNufu+3TNJjN+8lIsAh6ecgH6n+la1nLiFea5BrvV9TMaG +2t7WNH3bQxcscYyT7ZPp1rWhlvbZQszoUPAYKQc0WEbM2oJuMCZeQ8YXtUkUCQRAcE1BaQxR +xAjBzzn196kkl4600hXIrhuDWNeN1rQuJODWTdv1q0SzGvepqLQtYOg69BeliISfLnHqh6n8 +OD+FPuz1rIuhlWzVWuI95ByMiisLwXftqHhWzeRt0sK+TJ7FeOffGD+NFYGpvV578Wpgum6f +bg/6ycsw+g4r0KvNvi4pC6ZJ/CXYfjiqjuJ7EHglAdHAIyPtDf0rauhFFdOSo8tTyK4Hw0WX +xLp+12CtIcjJwflPau9vxva5qnoxLVEMlxayrthQK3rknisDQVQIcqOHb/0I1h+MNRKRLaWy +SuUcNNJH/wAs+OhxRofiaxS1WMIzSovKqQAfxPIpIGegQug6AUl/dWghMVxME3LnjqB6+3Nc +zpGp3d9qRZp3KKCxjDfL6AAfjXQ788NkcdxTsTctadcQPZILacTRqMbgcn8akkl461iXFikl +3FcxyywvGQT5LBd2PXiqt/qOs/bZIrS3hEWQVlkxjH+fxoA2J5eDWZcydaVrmUpEJIwWYHzG +jPyoce/ODVOeXNUhFO5brWXczJBFJO43CNd231PYVdnfNZ9xGk8bwyfckG0n09D+dUI7v4OX +j3Ph/UEkbcy3pcn/AHlX/CioPgvC8Om6srjlblVP1C0Vg9zVbHpVcN8WLQzeGYboDm2uFJ+h +GP8ACu5rP13TV1jQ7zT2/wCW8RVfZu364oWjBnjPhlt3iHTj/wBNG/8AQGrv5Pne5+tedeF9 +8XiWzglBWSKV1YHsQrA16HCd8twP9oVctxROEazlsNSliuAVZnZ0YdHUnqKnnsLS+hEdxCrq +G3Aj5SDjGQRWj4wnSOSytgD5m4yE+i4x/M/pWdDISoqo6ol6MyZ9Kv8ATw01vMLqGMbtpBWU +D+RxW54W1H7XYyulx5qCTgBt23j+tSIx455qpLpSG5W5tJpbKbG12tsL5i+hHr70WEdE9wI0 +ZpGCKo3MWOABWbJr+liRl+1KcfxBCVP0PeuZ1t59Pijso7qd7eTL7JX3EEH16474rDaZ+u40 +CPQ5by38rzftMHl4zv8AMGMVWncgA5BDDIIOQR7GvP3lb2+uKu6VrUtjKI5C72zZDRg9PcZ6 +GmB0krZqnO3yGi21CC/WTylkR4xkhiDkZxnIqO4WSQpDEpeSVgqKOpJ4Ap3A9S+F1t5fhma6 +2kfbLt5Rn0AC/wA1NFdJommpo+i2enJg/Z4grEd2/iP4nJorB7mqL9FFFIZ5p4n8PHTfHthq +9uv+j3rt5mP4ZAjfzHP51d0999zMPVxW74vOLS1PpOP/AEE1zejPuvnHq4qugjA8W3kF5rMV +tAoZrUFZJB3Jx8v4Y/WoII+BTf7KmsL+W2ulxKrE57MCeGB71ow2/TitFoiHuMSI1JIUt4Xn +lzsjUs2OuBVyO39qW7077XZTW5JQSoU3KOVyOtFxWPPNUvptTnEkiKiqMIijhR/U1QMR9K2J +dMuLO4e1ugvmpzuXo69mFNNn7UrhYxmhJ7U0W5J6Vs/Yz3FPjsCzYVcmncVippSm0nZ9m7ch +XBJHWvQvh/oUeqax/bDxsLeyOEDYIaXHb125z9SKwdD8OXOt6iLC0+Xbg3E+MrAv9WPYf0r2 +bTtPttK0+Gxs4/LghXao7+5PqSeSaiTLii1RRRUFhRRRQBznjI/6Fa/9fAH6Gue05PI1tI/7 +ziuz1nThqNqq7trxuHQ4yMj1rk7qC+hvfONkC4PDI4x+vIpp6AQeNlNi9rqpXzIV/cyooyy5 +5DD24Oar6c9lqEYktJ0fPbPIqxcQ6lqDILghY4zlY06Z9Se5rG1Pw04k+0Wga3m67o+M/hTT +E0dLHZuO2asLan+7XEQ6v4n0w7WxcKP745q/F471OPibS8n2NO4jT1zw2upRq8Z8q4j/ANXK +Fzj2I7iudOhX8D+VcIjnGQ8YIUj8e9aEvj3UGGItK59zWXqGteJNVlAgAto8Y4XJ9zSAfNp0 +FnEZb2dIUHJ3Gn6dp8+sSKLRGs7I/euZF+dx/sKf5n9aj0rw1cSXQub4vcSA5BlO7H0rtbSz +kGBg0XCxs6Da2WlWKWdjEI4wcnuzserE9zWypyM1k2duy4zWqgwtSUPooooAKKKKAEIzUT20 +bnlRU1FAFY2UXZRUL6bE/wDDV+igDHk0OB+qD8qgbw3an/lkv5Vv0UAc+PDVqD/ql/Kpk0G3 +Tog/KtqigDNTSok6KKsJZxp0FWqKAGLGF6CnUtFABRRRQB//2YkBTgQQAQIAOAUCQlG0cAcL +CQgHAwIKGRhsZGFwOi8va2V5c2VydmVyLnBncC5jb20FGwMAAAADFgIBBR4BAAAAAAoJEJcQ +uJvKV618SBIH/j+RGcMuHmVoZq4+XbmCunnbft4T0Ta4o6mxNkc6wk5P9PpcE9ixztjVysMm +v2i4Y746dCY9B1tfhQW10S39HzrYHh3I4a2wb9zQniZCf1XnbCe1eRssNhTpLVXXnXKEsc9E +wD5MtiPICluZIXB08Zx2uJSZ+/i9TqSM5EUuJk+lXqgXGUiTaSXN63I/4BnbFzCw8SaST7d7 +nok45UC9I/+gcKVO+oYETgrsU7AL6uk16YD9JpfYZHEFmpYoS+qQ3tLfPCG3gaS/djBZWWkN +t5z7e6sbRko49XEj3EUh33HgjrOlL8uJNbhlZ5NeILcxHqGTHji+5wMEDBjfNT/C6m3R/wAA +DV7/AAANWQEQAAEBAAAAAAAAAAAAAAAA/9j/4AAQSkZJRgABAQAAAQABAAD/2wBDAAoHBwgH +BgoICAgLCgoLDhgQDg0NDh0VFhEYIx8lJCIfIiEmKzcvJik0KSEiMEExNDk7Pj4+JS5ESUM8 +SDc9Pjv/2wBDAQoLCw4NDhwQEBw7KCIoOzs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7 +Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozv/wAARCACQAHgDASIAAhEBAxEB/8QAHwAAAQUBAQEBAQEA +AAAAAAAAAAECAwQFBgcICQoL/8QAtRAAAgEDAwIEAwUFBAQAAAF9AQIDAAQRBRIhMUEGE1Fh +ByJxFDKBkaEII0KxwRVS0fAkM2JyggkKFhcYGRolJicoKSo0NTY3ODk6Q0RFRkdISUpTVFVW +V1hZWmNkZWZnaGlqc3R1dnd4eXqDhIWGh4iJipKTlJWWl5iZmqKjpKWmp6ipqrKztLW2t7i5 +usLDxMXGx8jJytLT1NXW19jZ2uHi4+Tl5ufo6erx8vP09fb3+Pn6/8QAHwEAAwEBAQEBAQEB +AQAAAAAAAAECAwQFBgcICQoL/8QAtREAAgECBAQDBAcFBAQAAQJ3AAECAxEEBSExBhJBUQdh +cRMiMoEIFEKRobHBCSMzUvAVYnLRChYkNOEl8RcYGRomJygpKjU2Nzg5OkNERUZHSElKU1RV +VldYWVpjZGVmZ2hpanN0dXZ3eHl6goOEhYaHiImKkpOUlZaXmJmaoqOkpaanqKmqsrO0tba3 +uLm6wsPExcbHyMnK0tPU1dbX2Nna4uPk5ebn6Onq8vP09fb3+Pn6/9oADAMBAAIRAxEAPwD2 +aiq1/fQabZyXdy+2KMZJrhr74s2UZK2Vm8pHRm4FaQpTqfCiZTjHc9CoryC4+KesTNiGGKFf +zqez8V+Jr9fMSUlQc5Xj+tb/AFSoleVkR7aL2PWKK8w/4THWrf78oLDqCKng+Jd1EQLm1SQd +yvBpPCVVsrh7WJ6RRXOaF4107XJxbIrxTkZ2t/jXRA5rnlFxdpI0TT1QtFFFSMKKKKACiiig +AooooA5j4huV8I3WD1wD+teHV9A+JdPh1TSjZ3BcRytyUIBGATxkH0rgn8AaQp4mvfxlT/4i +vQwuIhSg1I56tOUndHni/eFel+DdR00aasc8yxOg5z34qtB4F0B3ZJLu+Rh0+df/AIirLeB9 +GhOFv70Y/wBpD/7JV1q9GrGzbJhTnB3MfXri3nv5XtceVk4I6Hmufmfk12snhTTEG3+0LzHX +qn/xFM/4QrS5FDfar0g9/MT/AOIq4YqlFJJidKbdzn/CM/leIoXLBQOpJx6V69Hr+kJHiTVL +QMOo85cj9a88uPB2mWlu08b3MjqyjbKylTlgOgUetbuk6ZFakSKpXK4+UcfjXFiakak+aJtT +i4qzOpj1/Rpm2x6rZs3p565/nV9WV1DIwZT0IOQa54wI6nG1h7c1hahpskk5mtZXtXXIV7Vz +GcfUdfxrnsaXPQKK4WDxTqumOqXY+2RdMyAK/wCDDj8x+NdTpWu2GsIfs0pEijLwuMOv4enu +MiiwXNGiiikMKKKKAKWpcpEPVz/6C1Y8sWK2dR+5Ef8Ab/8AZSKoMoYUDMCYXMbusaEAknIH +rThe3MYaN4C4PcZHbHbrS3V9Ml/cQKECwsqj5c5yitk/99VCbyU9dn/fIosIkM8gGyNSMgdR +7AVahhZLaMMMECs83UhBHyj/AICKt29wRHC7fdliR2A6AsoJx+dFgEvR/wAS+bPrH/6NSrFv +PIIsIqgL3Y1FqIxYuQeGaP8AH51NaVqu612ghcjrihARNcnbkxsD0OyiUIRjjOOlWzAvlBeA +wHXFZkxEMjLCgmfoecBaYjNv4ZnLIiKwPRWXg1zkjS6VdI7zNC2cxOuQYz/vV1U2m5+cySbs +53B+ap3kIaLy25AHRvm/nVITN/wz4qXVCLG92pegfKw4WYDuPQ+o/Eeg6WvGbkNE6tGTG8ZB +Vk4KkdCK9I8J+IRr2nHzSBeW+FnUd/Rh7H+YNEo21BM3qKKKgoqagP3MZ9JV/U4/rVCtS6i8 +6Bkzg8EH0IOQfzrk/EmtXHh3TnvJLSKcBwiqrlMkn6GgCpeD/ib3/wD11T/0VHUJFQaVqf8A +bsVxqX2f7P502PL379u1FXrgZ6Z6VaIqhEdW4h/odr/17Rf+gLVUisi38W3E0awW2jGT7Ogh +MjXOFYqNufu+3TNJjN+8lIsAh6ecgH6n+la1nLiFea5BrvV9TMaG2t7WNH3bQxcscYyT7ZPp +1rWhlvbZQszoUPAYKQc0WEbM2oJuMCZeQ8YXtUkUCQRAcE1BaQxRxAjBzzn196kkl4600hXI +rhuDWNeN1rQuJODWTdv1q0SzGvepqLQtYOg69BeliISfLnHqh6n8OD+FPuz1rIuhlWzVWuI9 +5ByMiisLwXftqHhWzeRt0sK+TJ7FeOffGD+NFYGpvV578Wpgum6fbg/6ycsw+g4r0KvNri45 +C6ZZ/DXYfjiqjuJ7AGglAcHQMyPtDe0revhFBcOSo8tTyK4Hw0WXxLp+12CtIcjJwflPau9v +xva5qnoxLVEMlxayrthQK3rknisDQVQIcqOHb/0I1h+MNRKRLaWySuUcNNJH/wAs+OhxRofi +axS1WMIzSovKqQAfxPIpIGegQug6AUl/dWghMVxME3LnjqB6+3NczpGp3d9qRZp3KKCxjDfL +6AAfjXQ788NkcdxTsTctadcQPZILacTRqMbgcn8akkl461iXFikl3FcxyywvGQT5LBd2PXiq +t/qOs/bZIrS3hEWQVlkxjH+fxoA2J5eDWZcydaVrmUpEJIwWYHzGjPyoce/ODVOeXNUhFO5b +rWXczJBFJO43CNd231PYVdnfNZ9xGk8bwyfckG0n09D+dUI7v4OXj3Ph/UEkbcy3pcn/AHlX +/CioPgvC8Om6srjlblVP1C0Vg9zVbHpVcN8WLQzeGYboDm2uFJ+hGP8ACu5rP13TV1jQ7zT2 +/wCW8RVfZu364oWjBnjPhlt3iHTj/wBNG/8AQGrv5Pne5+tedeF98XiWzglBWSKV1YHsQrA1 +6HCd8twP9oVctxROEazlsNSliuAVZnZ0YdHUnqKnnsLS+hEdxCrqG3Aj5SDjGQRWj4wnSOSy +tgD5m4yE+i4x/M/pWdDISoqo6ol6MyZ9Kv8ATw01vMLqGMbtpBWUD+RxW54W1H7XYyulx5qC +TgBt23j+tSIx455qpLpSG5W5tJpbKbG12tsL5i+hHr70WEdE9wI0ZpGCKo3MWOABWbJr+liR +l+1KcfxBCVP0PeuZ1t59Pijso7qd7eTL7JX3EEH16474rDaZ+u40CPQ5by38rzftMHl4zv8A +MGMVWncgA5BDDIIOQR7GvP3lb2+uKu6VrUtjKI5C72zZDRg9PcZ6GmB0krZqnO3yGi21CC/W +TylkR4xkhiDkZxnIqO4WSQpDEpeSVgqKOpJ4Ap3A9S+F1t5fhma62kfbLt5Rn0AC/wA1NFdJ +ommpo+i2enJg/Z4grEd2/iP4nJorB7mqL9FFFIZ5p4n8PHTfHthq9uv+j3rt5mP4ZAjfzHP5 +1d0999zMPVxW74vOLS1PpOP/AEE1zejPuvnHq4qugjA8W3kF5rMVtAoZrUFZJB3Jx8v4Y/Wo +II+BTf7KmsL+W2ulxKrE57MCeGB71ow2/TitFoiHuMSI1JIUt4XnlzsjUs2OuBVyO39qW707 +7XZTW5JQSoU3KOVyOtFxWPPNUvptTnEkiKiqMIijhR/U1QMR9K2JdMuLO4e1ugvmpzuXo69m +FNNn7UrhYxmhJ7U0W5J6Vs/Yz3FPjsCzYVcmncVippSm0nZ9m7chXBJHWvQvh/oUeqax/bDx +sLeyOEDYIaXHb125z9SKwdD8OXOt6iLC0+Xbg3E+MrAv9WPYf0r2bTtPttK0+Gxs4/LghXao +7+5PqSeSaiTLii1RRRUFhRRRQBznjI/6Fa/9fAH6Gue05PI1tI/7ziuz1nThqNqq7trxuHQ4 +yMj1rk7qC+hvfONkC4PDI4x+vIpp6AQeNlNi9rqpXzIV/cyooyy55DD24Oar6c9lqEYktJ0f +PbPIqxcQ6lqDILghY4zlY06Z9Se5rG1Pw04k+0Wga3m67o+M/hTTE0dLHZuO2asLan+7XEQ6 +v4n0w7WxcKP745q/F471OPibS8n2NO4jT1zw2upRq8Z8q4j/ANXKFzj2I7iudOhX8D+VcIjn +GQ8YIUj8e9aEvj3UGGItK59zWXqGteJNVlAgAto8Y4XJ9zSAfNp0FnEZb2dIUHJ3Gn6dp8+s +SKLRGs7I/euZF+dx/sKf5n9aj0rw1cSXQub4vcSA5BlO7H0rtbSzkGBg0XCxs6Da2WlWKWdj +EI4wcnuzserE9zWypyM1k2duy4zWqgwtSUPooooAKKKKAEIzUT20bnlRU1FAFY2UXZRUL6bE +/wDDV+igDHk0OB+qD8qgbw3an/lkv5Vv0UAc+PDVqD/ql/Kpk0G3Tog/KtqigDNTSok6KKsJ +Zxp0FWqKAGLGF6CnUtFABRRRQB//2YhGBBARAgAGBQJBuWnmAAoJEG36TOjpNErZOV0AnjmD +/0oD6ApRMwZwANaQXXPytxQmAKDLf4JwijgCyJKSKFZkn2aq4vX5IYhGBBARAgAGBQJBulay +AAoJEMAtzxkGBJgJtHsAoLCJ/IjkqG5koRjj9siWmL6wbsHVAKCyKNrpM8DgHFBzn92+/D9B +15KD2YhGBBARAgAGBQJBuyREAAoJEBBVe4OAfKwlccEAnA2ugDcQzN8qascwUxKchNvTw/7t +AJ9UFQdPvFjdkQx6iYxda6q4P2XHx4hGBBARAgAGBQJBu2u7AAoJEBFg4X0JK5qNCogAniP/ +fhucCMQ7JO6PEbEPMqP0OlO/AKC2RLVmVhZtWvG7l55fs9cTYa+2e4hGBBARAgAGBQJBvYsO +AAoJENKYDAuY1kA7pPYAn2EH+OdZ5U/UZOn+f+dFJ31xon7zAJ9tEGma1j+vViEPoKu7aWms +9wNmrYhGBBARAgAGBQJBvesvAAoJEKUj63ZhkgDzvDoAoKpmCAFz47IVS3yEY4c/8Jzt4BPv +AKD5rqfglFK25WdXOb658PRLYwrODYhGBBARAgAGBQJBvezxAAoJEDSU1VMUT7P9YvgAnRZl +rj5pe4mTHkuAw+2vjkfHZnMsAJ9pRYy6kGG8dkBeQW0kJf8/CVLUI4hGBBARAgAGBQJBvyVf +AAoJELK+vEAVKSSvIk4AoKVRBeEBKUOk9Y/mp/dlpwUjqdCxAKDqbxdrxYRzZrbjpZIhiaij +W5LVkohGBBARAgAGBQJBwMDyAAoJEIizXXEb1WF5YiIAoOclPN9NRT3Urm07WXMTDMm66PFi +AJ9IOz/QNRiC3rbTpAr8xMafrgez4ohGBBARAgAGBQJBwMD8AAoJEBMKYXLQxKfkR0AAnREt +7AHlIqJJ8Knr1h/DyswXXViPAJ9cF4M1wExGBLst+Gj2+AzATRB7/IhGBBARAgAGBQJBwS0K +AAoJEJq3h8x6ecYak1MAni24ke1yO0qswn7Kq8W0Z2vYloOPAKCLHMdlqMNUD/UFLv1FOUOF +un+Hp4hGBBARAgAGBQJBwWBxAAoJEMbbzSrEwZ6blIsAoKC/8Rv+JKFKW9/PiWiKbLIPbeWC +AKDPYPlfn5/Ng5VpFB0JmDgBNm21LohGBBARAgAGBQJBwWTPAAoJEAZbinBfPl6L8eYAn2Qx +AmJBBKhu4mgnBqrhcVZyZ1hnAKCIuPIFggxAZp+Upx/93ZGbGS8nfohGBBARAgAGBQJBwncI +AAoJEIr2NaPj9yL88kwAoMZjtNjM/4HcSwHKWhSqSI+qsZ84AJ9f68wS7VaJspa/y4aD6kKG +9TBvHIhGBBARAgAGBQJBwnr7AAoJEFXVL10rq/9ftC8AnR7GHKkKiu/8mz/ZvvzhirgMZlLL +AJ4mIYbMBre0lqfCJNUlmvey6JQqCohGBBARAgAGBQJBwoNkAAoJEBhZ0B9ne6HsltEAoInD +puKWCLaUe0n6bdo8IVSCHh3zAJ4tQ2mfLc7A8l2tYvsFOBb12cHMkohGBBARAgAGBQJBwoOS +AAoJEIHC9+viE7aSEDcAnRQyeLZMxhBbhW6bXCS60q2aJHf4AJ9CneWcub9p94n3DrfEg1L3 +xEUb5ohGBBARAgAGBQJBwoPJAAoJEGtw7Nldw/RzhEIAoJ/sBH/dx+kDrXAIdQHrjokeoY06 +AJ9upRLuj6A3idFMxIK5e2CjNZ/UT4hGBBARAgAGBQJBwpBNAAoJEO5OfHa2dN43YCQAn0bs +nQW+kd2zRURiDZFQv2APD2KIAJ4rfFeFMZd7Zf9AP3M1qHtrxrOAyohGBBARAgAGBQJBwtfA +AAoJEPWcde374efSisQAoIdktWxGcSwBnyhSHb16bzLDqB4nAKCpe6yezy11LtGkwFFVgaSt +divqLIhGBBARAgAGBQJBwt75AAoJEOm4J4TipckjTwEAnRsaDlpjTE5O35i8esoGYnfOs+N9 +AJ9HmXvS8Z230az772nyu/j8eOlZBohGBBARAgAGBQJBwupEAAoJEEC2xYCC9sJI+3EAoOJT +0aS11iNy5faCvJ6PtPZuYsVoAJ90VauRR/bbZ1xa5H5I8PIUMKxmR4hGBBARAgAGBQJBwuxt +AAoJEH4kb+Q8LE1n8EkAoO1mQTLR++29B9yV3jQsZW9gXqwUAJ429/XeoV+KWDnDrjU23X+h +5MHHv4hGBBARAgAGBQJBw7s/AAoJEFAiZtcZRJ0ajtsAoMMsXQApYYniTs+YiQk2flxeACF6 +AJ9w4SWpnPnN+KUc9PgM2ExGZ2FboIhGBBARAgAGBQJBxAz4AAoJEO1E9b0PeZmxElUAn1k2 +opdDHo2Oogb2bU0HEkSQlU+MAKCjCwoHW+VKx1QXkB0/XSUx/4qz14hGBBARAgAGBQJBxA0T +AAoJEHJPNE26UoJ61KgAoJ1CHy1mTEtjqegETdT9drwv1+ghAJ9UP235ai3X7q816onsN62o +whf/KohGBBARAgAGBQJBxCuvAAoJEAU8g8Drae/xmtgAoImNOsxezhRk9irP0qRw9eYmKR1l +AJ98RxryzKBqT7J2ya/knAlz6hynIYhGBBARAgAGBQJBxCu6AAoJEAcEFCU4SXwJtPQAoOky +pEcRW+HF2VvxZqcxAx27wx4/AKDAY4apdD3Lt7APUebt5r+VbkAQmohGBBARAgAGBQJBxCvC +AAoJEFRYJUcc+EYsGZ8AoJESdIGH37eR8S4UIIFpUxRrW5IbAKDFcJsVvRUw8zg5zcrx2yWF +d5tsTYhGBBARAgAGBQJBy+emAAoJEGPO+YjMw7C9FzEAoLCr0kJ/UZCpZhdWdOGMtdofFyzw +AKDb5cakIgfYDEt1YVXlOfrjhYk40YhGBBARAgAGBQJB2qXSAAoJEBQOc52JyTVjFIIAn3uq +h2LcBMrEpjrBEPi7pC2iPaOSAJ0b2yf6rJ1OFVUD5ll/4vT0m9IcI4hGBBARAgAGBQJB2whU +AAoJEC9hPthApRlyBQEAn3X6ZxbjotF71SI8pyHcOuE13fm3AJ4zOjX0BFHKbipzw6uRUKjl +sK9J9ohGBBARAgAGBQJB2x6DAAoJEDAZRJaujx98FToAn0O9OaKgJW262Me5hiu/yOSQb0T9 +AJ0WZUMhSp9sRb0E3lR/Q+++uFclL4hGBBARAgAGBQJB8Ag3AAoJEP5cbAdxxdFDEZAAn2nL +OjTdQlyXcmT8C3hl5C0R/6sRAKCUwpzTzW4eeZklWbO3G3DEhCr0aIhGBBARAgAGBQJB+6/H +AAoJEIH8FiGn2HrX+FgAoJGBF32/N8oYuiH2sLjSemoYyi8DAJ9qQxWqBanTKENfaFy/Vpp0 +QlhUgohGBBARAgAGBQJCB21fAAoJENRHBqf/o/xDuqAAoKekI+j/iidbclTORGR0hDQyJDeX +AKDThLb6SB/SBBuUvYTWhjnz9BNtY4hGBBARAgAGBQJCB3RAAAoJEHVr6EMyLHlQOYwAoKfk +4o7+gOv2AsXK89mA9gVBQISmAJ99JhupBuepLFTCvaR62bo3x9KhO4hGBBARAgAGBQJCB3RM +AAoJEHddH1r03/K3DYkAn0SfjTpAUdqXMTlARPRnw/p6uJ4PAJ9OZuRvOE8yZR/8oWBny7af +gUx4WohGBBARAgAGBQJCE0OaAAoJEGbw0KqdYMeg+igAnAl53Rbedqtg2ZJy7diUaa5MUj2B +AJsEzHnsxy5Ux60WsBHR+KBsZPZr8IhGBBARAgAGBQJCKZRGAAoJEIH8FiGn2HrXmfgAoIXr +y1JrF1BBIi6SdbVWD5R7ELd6AJwMzZ9oqAZuK5M4AD/OkUULHgtfAohGBBARAgAGBQJCK53v +AAoJEGP61yD0L4rhIPgAn13hHO7mfub4q4Q3ArQDms1RHlDeAJ4sHIK/S1q68BK3tyGED2rq +8Ebx+IhGBBARAgAGBQJCNCTRAAoJECERenNobUYst+4AoJYUXx/0wrSDx8VQYM1m5mLuFDVG +AKDcM/zwAdBTqD/CAKFGYknnDpNxa4hGBBARAgAGBQJCP+2iAAoJEDAZDowfKNiuDrcAnjBt +Rlawy0n6ujH9C0FxjK3r6SEaAJkBFY7KjO6GF976bUYdZENkhfhPj4hGBBARAgAGBQJCQ+k3 +AAoJEBHkA/J12S2FnZEAoOvNrj2WdpexZrYjhojl2l2Ui8GNAKCgZ8fif36Q6ftn8HnGPLak +tYf4fohGBBARAgAGBQJCRAhFAAoJEGyPUZQcD369J54AnR9LfQ39kiWzJ2gzfpfY6qUXVP0Z +AJ4zbEXorQPxEICSl/BKfE3nfSAFlIhGBBARAgAGBQJCStjJAAoJEMjWhvFfcJG69V0AnR0x +GxtEyDSSFPcz3vAlQGbiOtULAKDKGOilCiHzjD6vFCi1Y2mbr/wZ24hGBBARAgAGBQJCS7Cc +AAoJEGX41e0mvnOFfIQAn2APAtzwk+vGKqp3erCpqPj6V+2BAJ4kKDXQS8pkrpkte4YYF8KA +NUYEkohGBBERAgAGBQJBuZhHAAoJEHs456GxToKxkX8AnimrJkKjwlWjsfE2Gqs2afWFg7+m +AJ98yyZFiF/sVGE/NuzPT/vB0O6MVIhGBBERAgAGBQJBujcdAAoJEE3voz54FlXdYTEAniVA +2knLi5dZ+t+258trUSfaaxFYAJ4jYwvc0HY7QYylTxEVFcVrPvMSbohGBBERAgAGBQJBwSZE +AAoJEGhnxRS4W11pgvoAn0aNbbWfsys7CUamVTFirOU+ImcPAJ4qiNRh4g1o47MirwyQwL6s +pEl5m4hGBBERAgAGBQJBwpcSAAoJEDW8ML6N/Q3jT9sAoJ3jtY+GSDFKDJVVbuEEiNaveUe0 +AKCjmqAZdsFOvswuw3TxChQJ7IGwzIhGBBERAgAGBQJB3Q3QAAoJEKTKJszAnFal8XkAoMIT +dQqfCFEc75y7sf2JE3tCt5OSAJ93Eqg2tw2aURNGHVXpAvLCWMdqXohGBBIRAgAGBQJBuNfm +AAoJEHPeaYzHFAWi7tsAoKXQkNUBolAEBDqpppu+ON4suXWzAJ9hXov7aGVQMn+DZMAUg8+k +XrpZjYhGBBIRAgAGBQJBuOasAAoJEDx4+0WResVC77wAn0A2djHjhUl8foMZqhtkhfe1a/KZ +AJ9xiw1+kHQ8Vrm/W/58WTH/TIiFl4hGBBIRAgAGBQJBuQT2AAoJELpRnM2E9+gWqNEAnRrg +tMNoGSDlzlbUjM99CTku3yhuAKCQcSzAw54I9Or1+dMmOBZR26QB4YhGBBIRAgAGBQJBud9c +AAoJEHZP58N2QjeX//MAoIABOABi1CFrQ0gWnF0iPJBmAQ+ZAJ9JyKqwoy0GXpgpbV3pFwbO +KCmBTYhGBBIRAgAGBQJBurB/AAoJEFJVSOovegQahBsAoLCWvuv4YUbl20vyUjdr0v98lZFk +AJsECQ9YUdbazd6FpBk9dr6KcAIhDIhGBBIRAgAGBQJBvEUOAAoJEAg0ykWyQheZdNEAnjVL +doFlhPaObEviz3ejWd44xgVWAKCxamhtKZ/QB7EZVXOWgrEsXrKpKYhGBBIRAgAGBQJBvMwJ +AAoJEBtgNPR2t58gaa8An1AmYHarYHH3sW5YrVG/9GB8Zr/KAJ9osfEaxpdAEtYRTMPCXCGC +FQ/K/YhGBBIRAgAGBQJBvY5UAAoJEN3TSr9kEzjeMbUAnAvC3eTvG4SlgTZ+eXyH9ATwFJ6I +AKCUQl96TAi3QCjPJfzBHSGv9NfAbIhGBBIRAgAGBQJBwOZWAAoJEETgf8JTVkw2E7oAoJWi +X8T9JB4zQYsGAJmmOUG8ALQvAJwKcjzs8wAiEVeW71DEKf0CmNsGvYhGBBIRAgAGBQJBwawS +AAoJEPGHo+6FszywA7IAnjJ795ezCPWba2ClWxXZPmjTwh28AJ0bZSbs0IYrK/BEl8Y7Cwxp +g3XG5YhGBBIRAgAGBQJBwfo4AAoJEJcnApWHabwJhoUAnj2VSy0GA1EBw+T8oI6PzQgd459l +AJ9ZZ0OdZxaPTml62VlnJurhjMcf8ohGBBIRAgAGBQJBwoCpAAoJEENROPYeShwFDVkAnjcm +4Ia8z8HGCOLStc64Zt4c4nd2AJ9eVh+CQURL+psJ/WwSzPZQw7p7AohGBBIRAgAGBQJBwulq +AAoJEAmoeRrpu1oMsPYAnjjEe1b7/N4PVup26v2W+o61DLMSAKCoMV3wGTBC7h6uQPprV5nq +swVpAYhGBBIRAgAGBQJBw0MbAAoJEGUvQmU4tN951l4An3b4dWdpj78TJghb+C7OPALFJua4 +AJ44DUtKbeehJLAqiaaThJjn4TjKNohGBBIRAgAGBQJBw0M2AAoJEGcLPqvWWI4OoD4AoJ03 +rWdIfrVdCdSd+xvYI3yYvbrJAKDurLH9ARRnI0GN4KibMl1zadrSAIhGBBIRAgAGBQJBxDrf +AAoJEALZK+oHHF8lgfoAn0ax5bRUMJWVwW8tyfE6NEBj2CryAKDWg/Wh/LOXXDhi01Sk3L8F +QyPm+4hGBBIRAgAGBQJBx4agAAoJEBZ1NTLGzmaQtoIAoMxhv7qc/y4CrVh9Mb9PiJeHlQ+a +AKDpbqiimhICYbQcMDw10HZx5pOY8YhGBBIRAgAGBQJB6Y8gAAoJEBuTcEasWcl6PrMAn1lM +7jBO5rhD6AWHZjQGN3UkniqeAJ45UhwwwkiTvhpP6z7QN0Nhh4at94hGBBIRAgAGBQJB6+0H +AAoJEBjx5nYiBeZ/OgkAoMaQGsEDffvpew7zTxElHW2kcotzAJ9iv1cL6GuyhkqRivsHmX7a +R20SyIhGBBIRAgAGBQJB9EFCAAoJEJLeDAVol/gNL3AAmgPId3vt0lotA1W/gPTZjC3FkT/6 +AJ912qDtS0TAGHS3VBDOAahx573n/YhGBBIRAgAGBQJCKuG/AAoJEDsuXJ3Cldvlb9IAn3XZ +dPYwNKr+Lg+ETZkeCoNyG4HPAJ9eakg8mQ3+QEf7Gg+ihmmDhHFEUohGBBMRAgAGBQJBuiKX +AAoJEINmzfGhYs0ZPXwAoK5FmmMiRt0Oo2PalwAOUIW+dSMpAJ4oXrJNihnHHztPzOKdPZo4 +fJIJEohGBBMRAgAGBQJBvE6UAAoJEK79Y2s7DHKzIH4An3Ca1qke8X5+M6B1KOOi5j/+eRjM +AKDdg0IsLVYoBs5M2jeP2AwMNvlW0IhGBBMRAgAGBQJBve44AAoJEJIxXs8izqNCdDcAn1Sr +6XvgEGWgDU45uGpwC3a8mGj3AJsGWQ2Uxih3KqH5FNgeNMZVG3nlOIhGBBMRAgAGBQJBwL19 +AAoJEAiYndtLqTLEbe4AoLOIZvSw/AihYZviqXuhwyWe8SIqAKChLNahQVshDdd/eCK5U56s +/G+lAIhGBBMRAgAGBQJBwgCoAAoJEOylvLe7llawpQkAoKsYYKjTW74k/T4xUVot9Cy90j/p +AJ4xI1YmF5PePyd/MLpjBm4knij5DIhGBBMRAgAGBQJBwhcuAAoJEHJSatOj+XIMnwMAn1jw +s8tB9fNee3Fza9kzhDZ5R98FAJsE1aJT3M3nfoAxqtqLqlMUYmIVOYhGBBMRAgAGBQJBwhc8 +AAoJELOfXfo5y2qa8aMAnjfCHb17xKpGjHOm53O0Jx8RnWtOAKCCqjq9LVoy+u+ioNhrgZ4y +3dNAcIhGBBMRAgAGBQJBwiC3AAoJEBSIG2rkXiWl1IgAnirkXMAaYxkatIFqY6aX/3sT8e15 +AJ9ysmVNp3tIMy5ZvahcgwKHZZXTt4hGBBMRAgAGBQJBw5W7AAoJEL0EkgbPFrCbBOIAmQHE +NMvtMbioH3cfRkkQiDDEIAJGAKCwRsSzOz7izotnme1cg4WZSGCUIohGBBMRAgAGBQJBxaVr +AAoJELr89wX54gkEkX0An3gAqyJcqZ78Q8zBGhBBSEdSYCSuAJ48yzQUAvUCEnkzTH95i4Lv ++mI1TohGBBMRAgAGBQJByGSgAAoJEOPXfh+VFhmR6nMAn2Ov69rEPfDWRtOcsgvEujC5RN8/ +AKCA12RKe7nxxQ0zFWw4GcKwzul1P4hGBBMRAgAGBQJByVTgAAoJENyKmJTdyv7msxoAoLf7 +AO2mFWjSpEaRx67MT7gt/kLUAKDsFjZ47kX+nisZCnyU+XrHpSTjB4hGBBMRAgAGBQJBypaw +AAoJEGoYeM4SdGQ+TZ0AoMIRetpZWmKouJWs8ctxFmvqGLSRAKDQWD1YXMenuqw3Et98LVt+ +rksMuYhGBBMRAgAGBQJCSrO8AAoJELRxibQqfXECPgMAoLP4XBD1sQKyxoXqjguVqVHP1ZFP +AKDWZB7GBelp/wErAanmOqMdJdA1m4hGBBMRAgAGBQJCTnHxAAoJEPUYbjF2OiU0X+QAn2+F +qX+5kgIEaRW3mykszBviLpCwAJ9ijQBH/lo/ws/T34jfzbynsfyQ14hJBBERAgAJBQJBuW0a +AgcAAAoJEI7/T+uQXzlDqDMAniI/vkkv8u79jF1yWbvI+LkOOJ3dAJoCoiiPknu+sSZ1DUXd +tkuJD3HUrohJBBIRAgAJBQJByx34AgcAAAoJEMbPpqYSy13od4EAmQFCVE+8XD4JKPOVvJxc +peTSze7hAKC4CxsSsJVg2ToRjxYBGvjfXx+02YhJBDARAgAJBQJB1GmEAh0AAAoJEBtgNPR2 +t58g+W4AnRb/4iBOf/zKN/SAIMFcAx6Nqe1rAJ43N26naDOy8obJW1kjGCrXgCYoOIhJBDAR +AgAJBQJCHpKCAh0AAAoJEBZ1NTLGzmaQcNIAn3rcCvIi2uTrdmFzHBlQjfS94ZLqAKDjJsl/ +bXZjlA4wAMRqSVx2Pk1PRYhMBBIRAgAMBQJBwMUXBYMB4oUAAAoJEKpaG/afJiEW0KsAnAmb +LoJLf/n6CnFQd0M4T3wFV0jnAJwNJxNetaAWL6Xqh0eYizPqdGtkVIkBUwQQAQIAPQUCQbPT +rAcLCQgHAwIKHhhsZGFwOi8va2V5c2VydmVyLWJldGEucGdwLmNvbQUbAwAAAAMWAgEFHgEA +AAAACgkQlxC4m8pXrXwRGwf/TbSzPXG0NIt1QFE3z95k33YFcx1R/fxM5Jv3pwdVjVdTZfV0 +NT8HN1FlCn0BmQ/1iBS2DYIyDKp6Sxo2y9KYHUL3Z0kPlVHOtfZfLu6B6qQOfMieYxtQuXqM +MNeY7hRkPMSK+HAzbShzDHwEXr1boRq/stGgQ3atUBbxCpUc+h4NvyFafCFImjUXJjuaOb5z +hplsYHqwSpkfSl7DjklOV5wq/WWj27I38IBEQGQT0tUOy51bEtfy7XYdMM++UTmoxer/M1QW +SzPz1nblp/fPNYD4AT4QkcpKJzuhKmuOJLHS3Eo2RadFFEVlx7YOZVlIjxL47LdB1zdJ1tgg +NUAPuokCHAQQAQIABgUCQcKD8AAKCRCq4+bOZqFEaDKtEADINSsH2euET5sYGISy/GXl3nL3 +PHE2MAUK5y2Lch9XtNDGQm0YSLPNa7pER/3UZJfn4TINcesu5LFUOIG4o7No3MolN952be46 +BY7FQ8U3f2y08LOyyb/UqHzRxhg90iIXZIXIV2touFN8WGLdUzUwK+L0skrprc7e+op4hdUU +U7lTOQtlRQGQ6DIS79t/Uf5YJKIo7B2JVwTpVqdNVVkfAOMf22TWbDLdkOUn2OTKU8qdkYkm +ggSdDHTjoAs8vE9WONCCBifQ2Zx/LX647xTpty2v52gWZ+8IgIWex68XGTwxSDk7M7U7Bpa+ +1ZXYKUHyBwWk0+ZgnuCosrFltHEGm/RA5fKbZc6IyB9Iv111xBIQz9+rHH0wcSQzf8Y9wQME +QP3hmY19/gJ6imAz/EhFB1JGLsx5Uf9A9vkAecL1JWgoc6ccIouOrBK95d40DLL51zeZF6G8 +d3kdRveDh02bcZJVDNeJk38+B3QyjJmfoeVLAK0MEIeBQS9ej9oK+OBksmeumcT1VpAaaiQf +Ja3GU76wi2ey8sRqRv6QAFee2PIwD2rhJWQkCpXgNuevYaRFl6dTrBfOizIqxEoLnYHVMBnJ +95tqaSyyINdGXnNrFKHSNa+AHzz7/YamXgDpN1hEKfh/Y8D9ZyvVCbnPLTjYMyLYamd9GoPR +yYaKJHCFRYkCHAQQAQIABgUCQkQM+wAKCRDcO5tBqsVPo19CEAC39tmTO0cmvcJn1vXBC/fE +UkJC9kC5bV+tGU3aKf42gr0VurJASi70v5rpKsJ+GC3uTbrmVX8QVrYRi4mpAPgC+gO52Wz2 +WUJ1AmbLW9c3o/+weOeAg3gUT0R9ukrGWg8LBbQXL3KT7DjWwDuqFD8VN8Zdiux1YnVouKzD +nGzbgo5xdqEUha6jQuqNhIvAFnel8P5G5YTt6sL+iIEDMABvNlQZx3JbhgYegY9Bv6rrGWzc +VU/bhJLQLiD/JGAxjz9XjU4JVnn9UtVffkQgAhZuWvH41pi1cvUGCUbVM1gskL2lkmnDnG+j +nVRksVGw08NZrP7H/FglGJKOOa9OSSoW/10iGAJBJ1PYGivjcKBq4MlIs4F9zb4lvldjTwCg +wbSuZG66sna43NSavCNZO2YEZMqjAG2bMxlOLqGD/nC+RGfovKTcMSzxNH9IbMDx7XVmWg5T +149TkRpBCj989A+G2N90TJEEM5afmBX1r/PDhaqXT4s4WrIVVA5Rldde6khZubuJkV/yQrgP +kIHkx8q4HBlF3gBjn5HaEJHBYarlNTphTp54GHyGL7OMqEdRFlBqlqnhtc3G8fYGnuyDcy1L +sldTZ3OTzNQsXknU4d8Y+Fqd3GGcsDO+QP6j4h+34N1Tuua4GL2PKvmGe3T51+7t98IqFDs+ +7btT5miLdwV9jNH/AAANXv8AAA1ZARAAAQEAAAAAAAAAAAAAAAD/2P/gABBKRklGAAEBAAAB +AAEAAP/bAEMACgcHCAcGCggICAsKCgsOGBAODQ0OHRUWERgjHyUkIh8iISYrNy8mKTQpISIw +QTE0OTs+Pj4lLkRJQzxINz0+O//bAEMBCgsLDg0OHBAQHDsoIig7Ozs7Ozs7Ozs7Ozs7Ozs7 +Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7O//AABEIAJAAeAMBIgACEQEDEQH/ +xAAfAAABBQEBAQEBAQAAAAAAAAAAAQIDBAUGBwgJCgv/xAC1EAACAQMDAgQDBQUEBAAAAX0B +AgMABBEFEiExQQYTUWEHInEUMoGRoQgjQrHBFVLR8CQzYnKCCQoWFxgZGiUmJygpKjQ1Njc4 +OTpDREVGR0hJSlNUVVZXWFlaY2RlZmdoaWpzdHV2d3h5eoOEhYaHiImKkpOUlZaXmJmaoqOk +paanqKmqsrO0tba3uLm6wsPExcbHyMnK0tPU1dbX2Nna4eLj5OXm5+jp6vHy8/T19vf4+fr/ +xAAfAQADAQEBAQEBAQEBAAAAAAAAAQIDBAUGBwgJCgv/xAC1EQACAQIEBAMEBwUEBAABAncA +AQIDEQQFITEGEkFRB2FxEyIygQgUQpGhscEJIzNS8BVictEKFiQ04SXxFxgZGiYnKCkqNTY3 +ODk6Q0RFRkdISUpTVFVWV1hZWmNkZWZnaGlqc3R1dnd4eXqCg4SFhoeIiYqSk5SVlpeYmZqi +o6Slpqeoqaqys7S1tre4ubrCw8TFxsfIycrS09TV1tfY2dri4+Tl5ufo6ery8/T19vf4+fr/ +2gAMAwEAAhEDEQA/APZqKrX99BptnJd3L7YoxkmuGvvizZRkrZWbykdGbgVpClOp8KJlOMdz +0KivILj4p6xM2IYYoV/Op7PxX4mv18xJSVBzleP61v8AVKiV5WRHtovY9YorzD/hMdat/vyg +sOoIqeD4l3URAubVJB3K8Gk8JVWyuHtYnpFFc5oXjXTtcnFsivFORna3+NdEDmueUXF2kjRN +PVC0UUVIwooooAKKKKACiiigDmPiG5XwjdYPXAP614dX0D4l0+HVNKNncFxHK3JQgEYBPGQf +SuCfwBpCnia9/GVP/iK9DC4iFKDUjnq05Sd0eeL94V6X4N1HTRpqxzzLE6DnPfiq0HgXQHdk +ku75GHT51/8AiKst4H0aE4W/vRj/AGkP/slXWr0asbNsmFOcHcx9euLee/le1x5WTgjoea5+ +Z+TXayeFNMQbf7QvMdeqf/EUz/hCtLkUN9qvSD38xP8A4irhiqUUkmJ0pt3Of8Iz+V4ihcsF +A6knHpXr0ev6QkeJNUtAw6jzlyP1rzy48HaZaW7TxvcyOrKNsrKVOWA6BR61u6TpkVqRIqlc +rj5Rx+NcWJqRqT5om1OLirM6mPX9GmbbHqtmzennrn+dX1ZXUMjBlPQg5BrnjAjqcbWHtzWF +qGmySTma1le1dchXtXMZx9R1/Guexpc9AorhYPFOq6Y6pdj7ZF0zIAr/AIMOPzH411Ola7Ya +wh+zSkSKMvC4w6/h6e4yKLBc0aKKKQwooooApalykQ9XP/oLVjyxYrZ1H7kR/wBv/wBlIqgy +hhQMwJhcxu6xoQCScgetOF7cxho3gLg9xkdsdutLdX0yX9xAoQLCyqPlznKK2T/31UJvJT12 +f98iiwiQzyAbI1IyB1HsBVqGFktowwwQKzzdSEEfKP8AgIq3b3BEcLt92WJHYDoCygnH50WA +S9H/ABL5s+sf/o1KsW88giwiqAvdjUWojFi5B4Zo/wAfnU1pWq7rXaCFyOuKEBE1yduTGwPQ +7KJQhGOM46VbMC+UF4DAdcVmTEQyMsKCZ+h5wFpiM2/hmcsiIrA9FZeDXOSNLpV0jvM0LZzE +65BjP+9XVTabn5zJJuzncH5qneQhovLbkAdG+b+dUhM3/DPipdUIsb3al6B8rDhZgO49D6j8 +R6Dpa8ZuQ0Tq0ZMbxkFWTgqR0Ir0jwn4hGvacfNIF5b4WdR39GHsf5g0SjbUEzeoooqCipqA +/cxn0lX9Tj+tUK1LqLzoGTODwQfQg5B/OuT8Sa1ceHdOe8ktIpwHCKquUySfoaAKl4P+Jvf/ +APXVP/RUdQkVBpWp/wBuxXGpfZ/s/nTY8vfv27UVeuBnpnpVoiqER1biH+h2v/XtF/6AtVSK +yLfxbcTRrBbaMZPs6CEyNc4Vio25+77dM0mM37yUiwCHp5yAfqf6VrWcuIV5rkGu9X1Mxoba +3tY0fdtDFyxxjJPtk+nWtaGW9tlCzOhQ8BgpBzRYRszagm4wJl5Dxhe1SRQJBEBwTUFpDFHE +CMHPOfX3qSSXjrTSFciuG4NY143WtC4k4NZN2/WrRLMa96motC1g6Dr0F6WIhJ8uceqHqfw4 +P4U+7PWsi6GVbNVa4j3kHIyKKwvBd+2oeFbN5G3Swr5MnsV4598YP40Vgam9XnvxamC6bp9u +D/rJyzD6DivQq82+LikLpkn8Jdh+OKqO4nsQeCUB0cAjI+0N/Stq6EUV05Kjy1PIrgfDRZfE +un7XYK0hyMnB+U9q72/G9rmqejEtUQyXFrKu2FAreuSeKwNBVAhyo4dv/QjWH4w1EpEtpbJK +5Rw00kf/ACz46HFGh+JrFLVYwjNKi8qpAB/E8ikgZ6BC6DoBSX91aCExXEwTcueOoHr7c1zO +kand32pFmncooLGMN8voAB+NdDvzw2Rx3FOxNy1p1xA9kgtpxNGoxuByfxqSSXjrWJcWKSXc +VzHLLC8ZBPksF3Y9eKq3+o6z9tkitLeERZBWWTGMf5/GgDYnl4NZlzJ1pWuZSkQkjBZgfMaM +/Khx784NU55c1SEU7lutZdzMkEUk7jcI13bfU9hV2d81n3EaTxvDJ9yQbSfT0P51Qju/g5eP +c+H9QSRtzLelyf8AeVf8KKg+C8Lw6bqyuOVuVU/ULRWD3NVselVw3xYtDN4ZhugOba4Un6EY +/wAK7ms/XdNXWNDvNPb/AJbxFV9m7frihaMGeM+GW3eIdOP/AE0b/wBAau/k+d7n61514X3x +eJbOCUFZIpXVgexCsDXocJ3y3A/2hVy3FE4RrOWw1KWK4BVmdnRh0dSeoqeewtL6ER3EKuob +cCPlIOMZBFaPjCdI5LK2APmbjIT6LjH8z+lZ0MhKiqjqiXozJn0q/wBPDTW8wuoYxu2kFZQP +5HFbnhbUftdjK6XHmoJOAG3beP61IjHjnmqkulIblbm0mlspsbXa2wvmL6EevvRYR0T3AjRm +kYIqjcxY4AFZsmv6WJGX7Upx/EEJU/Q965nW3n0+KOyjup3t5MvslfcQQfXrjvisNpn67jQI +9DlvLfyvN+0weXjO/wAwYxVadyADkEMMgg5BHsa8/eVvb64q7pWtS2MojkLvbNkNGD09xnoa +YHSStmqc7fIaLbUIL9ZPKWRHjGSGIORnGcio7hZJCkMSl5JWCoo6kngCncD1L4XW3l+GZrra +R9su3lGfQAL/ADU0V0miaamj6LZ6cmD9niCsR3b+I/icmisHuaov0UUUhnmnifw8dN8e2Gr2 +6/6Peu3mY/hkCN/Mc/nV3T333Mw9XFbvi84tLU+k4/8AQTXN6M+6+ceriq6CMDxbeQXmsxW0 +ChmtQVkkHcnHy/hj9aggj4FN/sqawv5ba6XEqsTnswJ4YHvWjDb9OK0WiIe4xIjUkhS3heeX +OyNSzY64FXI7f2pbvTvtdlNbklBKhTco5XI60XFY881S+m1OcSSIqKowiKOFH9TVAxH0rYl0 +y4s7h7W6C+anO5ejr2YU02ftSuFjGaEntTRbknpWz9jPcU+OwLNhVyadxWKmlKbSdn2btyFc +Ekda9C+H+hR6prH9sPGwt7I4QNghpcdvXbnP1IrB0Pw5c63qIsLT5duDcT4ysC/1Y9h/SvZt +O0+20rT4bGzj8uCFdqjv7k+pJ5JqJMuKLVFFFQWFFFFAHOeMj/oVr/18Afoa57Tk8jW0j/vO +K7PWdOGo2qru2vG4dDjIyPWuTuoL6G9842QLg8MjjH68imnoBB42U2L2uqlfMhX9zKijLLnk +MPbg5qvpz2WoRiS0nR89s8irFxDqWoMguCFjjOVjTpn1J7msbU/DTiT7RaBrebruj4z+FNMT +R0sdm47Zqwtqf7tcRDq/ifTDtbFwo/vjmr8XjvU4+JtLyfY07iNPXPDa6lGrxnyriP8A1coX +OPYjuK506FfwP5VwiOcZDxghSPx71oS+PdQYYi0rn3NZeoa14k1WUCAC2jxjhcn3NIB82nQW +cRlvZ0hQcncafp2nz6xIotEazsj965kX53H+wp/mf1qPSvDVxJdC5vi9xIDkGU7sfSu1tLOQ +YGDRcLGzoNrZaVYpZ2MQjjBye7Ox6sT3NbKnIzWTZ27LjNaqDC1JQ+iiigAooooAQjNRPbRu +eVFTUUAVjZRdlFQvpsT/AMNX6KAMeTQ4H6oPyqBvDdqf+WS/lW/RQBz48NWoP+qX8qmTQbdO +iD8q2qKAM1NKiTooqwlnGnQVaooAYsYXoKdS0UAFFFFAH//ZiEUEEBECAAYFAkKH1nEACgkQ +AyGrG7e5ossNZACgx9k5Syngc8UtsCCAKEJTW4QsfNcAlA3wLfYAgC/K4RTpXZZjo3nNZBqI +RQQQEQIABgUCRL+nYQAKCRAtJan45HbztOI3AKDxmT2bk2Gi+2zwBxKYk69kaNI/uwCXX2Gf +pgM53MhoduQdIIL6tEqI7YhFBBARAgAGBQJFFbNkAAoJENCwsIdOA+zfoXAAl1SBhimkp133 +N806tzoVS2AgM5AAniMRFa9YpD5MNkRwIjPG369m7QtNiEUEEBECAAYFAkkpHhMACgkQDAa4 +0hJemQLzrgCfTu6O/aCYTDjpFZMtJ9226lDigkYAmL5/b/TnmLJMgWfXAHNbdwkqNd6IRQQS +EQIABgUCQuuymwAKCRBeOObudi2Ey4GYAJsH4cSREdQJjW7WaxsdSbmSw6U0tgCYzfpxPRLN +N0noJ8TQV9NpH99V5ohGBBARAgAGBQJBuWnmAAoJEG36TOjpNErZOV0AnjmD/0oD6ApRMwZw +ANaQXXPytxQmAKDLf4JwijgCyJKSKFZkn2aq4vX5IYhGBBARAgAGBQJBulayAAoJEMAtzxkG +BJgJtHsAoLCJ/IjkqG5koRjj9siWmL6wbsHVAKCyKNrpM8DgHFBzn92+/D9B15KD2YhGBBAR +AgAGBQJBuyREAAoJEBBVe4OAfKwlccEAnA2ugDcQzN8qascwUxKchNvTw/7tAJ9UFQdPvFjd +kQx6iYxda6q4P2XHx4hGBBARAgAGBQJBu2u7AAoJEBFg4X0JK5qNCogAniP/fhucCMQ7JO6P +EbEPMqP0OlO/AKC2RLVmVhZtWvG7l55fs9cTYa+2e4hGBBARAgAGBQJBvYsOAAoJENKYDAuY +1kA7pPYAn2EH+OdZ5U/UZOn+f+dFJ31xon7zAJ9tEGma1j+vViEPoKu7aWms9wNmrYhGBBAR +AgAGBQJBvesvAAoJEKUj63ZhkgDzvDoAoKpmCAFz47IVS3yEY4c/8Jzt4BPvAKD5rqfglFK2 +5WdXOb658PRLYwrODYhGBBARAgAGBQJBvezxAAoJEDSU1VMUT7P9YvgAnRZlrj5pe4mTHkuA +w+2vjkfHZnMsAJ9pRYy6kGG8dkBeQW0kJf8/CVLUI4hGBBARAgAGBQJBvyVfAAoJELK+vEAV +KSSvIk4AoKVRBeEBKUOk9Y/mp/dlpwUjqdCxAKDqbxdrxYRzZrbjpZIhiaijW5LVkohGBBAR +AgAGBQJBwMDyAAoJEIizXXEb1WF5YiIAoOclPN9NRT3Urm07WXMTDMm66PFiAJ9IOz/QNRiC +3rbTpAr8xMafrgez4ohGBBARAgAGBQJBwMD8AAoJEBMKYXLQxKfkR0AAnREt7AHlIqJJ8Knr +1h/DyswXXViPAJ9cF4M1wExGBLst+Gj2+AzATRB7/IhGBBARAgAGBQJBwS0KAAoJEJq3h8x6 +ecYak1MAni24ke1yO0qswn7Kq8W0Z2vYloOPAKCLHMdlqMNUD/UFLv1FOUOFun+Hp4hGBBAR +AgAGBQJBwWBxAAoJEMbbzSrEwZ6blIsAoKC/8Rv+JKFKW9/PiWiKbLIPbeWCAKDPYPlfn5/N +g5VpFB0JmDgBNm21LohGBBARAgAGBQJBwWTPAAoJEAZLmnBfPl6b4eYAn2QhAmJBFLhu4mgn +BrrxYUZiZ1hnAKCIuPIFggxAZp+Upx/93ZGbGS8nfohGBBARAgAGBQJBwWTPAAoJEAZbinBf +Pl6L8eYAn2QxAmJBBKhu4mgnBqrhcVZyZ1hnAKCIuPIFggxAZp+Upx/93ZGbGS8nfohGBBAR +AgAGBQJBwncIAAoJEIr2NaPj9yL88kwAoMZjtNjM/4HcSwHKWhSqSI+qsZ84AJ9f68wS7VaJ +spa/y4aD6kKG9TBvHIhGBBARAgAGBQJBwnr7AAoJEFXVL10rq/9ftC8AnR7GHKkKiu/8mz/Z +vvzhirgMZlLLAJ4mIYbMBre0lqfCJNUlmvey6JQqCohGBBARAgAGBQJBwoNkAAoJEBhZ0B9n +e6HsltEAoInDpuKWCLaUe0n6bdo8IVSCHh3zAJ4tQ2mfLc7A8l2tYvsFOBb12cHMkohGBBAR +AgAGBQJBwoOSAAoJEIHC9+viE7aSEDcAnRQyeLZMxhBbhW6bXCS60q2aJHf4AJ9CneWcub9p +94n3DrfEg1L3xEUb5ohGBBARAgAGBQJBwoPJAAoJEGtw7Nldw/RzhEIAoJ/sBH/dx+kDrXAI +dQHrjokeoY06AJ9upRLuj6A3idFMxIK5e2CjNZ/UT4hGBBARAgAGBQJBwpBNAAoJEO5OfHa2 +dN43YCQAn0bsnQW+kd2zRURiDZFQv2APD2KIAJ4rfFeFMZd7Zf9AP3M1qHtrxrOAyohGBBAR +AgAGBQJBwtfAAAoJEPWcde374efSisQAoIdktWxGcSwBnyhSHb16bzLDqB4nAKCpe6yezy11 +LtGkwFFVgaStdivqLIhGBBARAgAGBQJBwt75AAoJEOm4J4TipckjTwEAnRsaDlpjTE5O35i8 +esoGYnfOs+N9AJ9HmXvS8Z230az772nyu/j8eOlZBohGBBARAgAGBQJBwupEAAoJEEC2xYCC +9sJI+3EAoOJT0aS11iNy5faCvJ6PtPZuYsVoAJ90VauRR/bbZ1xa5H5I8PIUMKxmR4hGBBAR +AgAGBQJBwuxtAAoJEH4kb+Q8LE1n8EkAoO1mQTLR++29B9yV3jQsZW9gXqwUAJ429/XeoV+K +WDnDrjU23X+h5MHHv4hGBBARAgAGBQJBw7s/AAoJEFAiZtcZRJ0ajtsAoMMsXQApYYniTs+Y +iQk2flxeACF6AJ9w4SWpnPnN+KUc9PgM2ExGZ2FboIhGBBARAgAGBQJBxAz4AAoJEO1E9b0P +eZmxElUAn1k2opdDHo2Oogb2bU0HEkSQlU+MAKCjCwoHW+VKx1QXkB0/XSUx/4qz14hGBBAR +AgAGBQJBxA0TAAoJEHJPNE26UoJ61KgAoJ1CHy1mTEtjqegETdT9drwv1+ghAJ9UP235ai3X +7q816onsN62owhf/KohGBBARAgAGBQJBxCuvAAoJEAU8g8Drae/xmtgAoImNOsxezhRk9irP +0qRw9eYmKR1lAJ98RxryzKBqT7J2ya/knAlz6hynIYhGBBARAgAGBQJBxCu6AAoJEAcEFCU4 +SXwJtPQAoOkypEcRW+HF2VvxZqcxAx27wx4/AKDAY4apdD3Lt7APUebt5r+VbkAQmohGBBAR +AgAGBQJBxCvCAAoJEFRYJUcc+EYsGZ8AoJESdIGH37eR8S4UIIFpUxRrW5IbAKDFcJsVvRUw +8zg5zcrx2yWFd5tsTYhGBBARAgAGBQJBy+emAAoJEGPO+YjMw7C9FzEAoLCr0kJ/UZCpZhdW +dOGMtdofFyzwAKDb5cakIgfYDEt1YVXlOfrjhYk40YhGBBARAgAGBQJB2qXSAAoJEBQOc52J +yTVjFIIAn3uqh2LcBMrEpjrBEPi7pC2iPaOSAJ0b2yf6rJ1OFVUD5ll/4vT0m9IcI4hGBBAR +AgAGBQJB2whUAAoJEC9hPthApRlyBQEAn3X6ZxbjotF71SI8pyHcOuE13fm3AJ4zOjX0BFHK +bipzw6uBUKjlsL9Z9ohGBBARAgAGBQJB2whUAAoJEC9hPthApRlyBQEAn3X6ZxbjotF71SI8 +pyHcOuE13fm3AJ4zOjX0BFHKbipzw6uRUKjlsK9J9ohGBBARAgAGBQJB2x6DAAoJEDAZRJau +jx98FToAn0O9OaKgJW262Me5hiu/yOSQb0T9AJ0WZUMhSp9sRb0E3lR/Q+++uFclL4hGBBAR +AgAGBQJB8Ag3AAoJEP5cbAdxxdFDEZAAn2nLOjTdQlyXcmT8C3hl5C0R/6sRAKCUwpzTzW4e +eZklWbO3G3DEhCr0aIhGBBARAgAGBQJB+HoYAAoJEIsIb+BQapFfVPMAnjXhyuG/b8RTXsak +geWOBvPWLvydAJ9aCelbTJqMw0oDZC7I19wss57NPYhGBBARAgAGBQJB+6/HAAoJEIH8FiGn +2HrX+FgAoJGBF32/N8oYuiH2sLjSemoYyi8DAJ9qQxWqBanTKENfaFy/Vpp0QlhUgohGBBAR +AgAGBQJCB21fAAoJENRHBqf/o/xDuqAAoKekI+j/iidbclTORGR0hDQyJDeXAKDThLb6SB/S +BBuUvYTWhjnz9BNtY4hGBBARAgAGBQJCB3RAAAoJEHVr6EMyLHlQOYwAoKfk4o7+gOv2AsXK +89mA9gVBQISmAJ99JhupBuepLFTCvaR62bo3x9KhO4hGBBARAgAGBQJCB3RMAAoJEHddH1r0 +3/K3DYkAn0SfjTpAUdqXMTlARPRnw/p6uJ4PAJ9OZuRvOE8yZR/8oWBny7afgUx4WohGBBAR +AgAGBQJCE0OaAAoJEGbw0KqdYMeg+igAnAl53Rbedqtg2ZJy7diUaa5MUj2BAJsEzHnsxy5U +x60WsBHR+KBsZPZr8IhGBBARAgAGBQJCKZRGAAoJEIH8FiGn2HrXmfgAoIXry1JrF1BBIi6S +dbVWD5R7ELd6AJwMzZ9oqAZuK5M4AD/OkUULHgtfAohGBBARAgAGBQJCKfX1AAoJEIR/L9AR +smwTrCgAn2ONGIpdmH4Pmt//W2+rKCCoj2isAJ9PONy/foViPrgr7cgpj25q2x2904hGBBAR +AgAGBQJCK53vAAoJEGP61yD0L4rhIPgAn13hHO7mfub4q4Q3ArQDms1RHlDeAJ4sHIK/S1q6 +8BK3tyGED2rq4Fbh6IhGBBARAgAGBQJCK53vAAoJEGP61yD0L4rhIPgAn13hHO7mfub4q4Q3 +ArQDms1RHlDeAJ4sHIK/S1q68BK3tyGED2rq8Ebx+IhGBBARAgAGBQJCNCTRAAoJECERenNo +bUYst+4AoJYUXx/0wrSDx8VQYM1m5mLuFDVGAKDcM/zwAdBTqD/CAKFGYknnDpNxa4hGBBAR +AgAGBQJCN1p/AAoJEKeb1uK1BY+aY8IAn15TPTrfw38IKBqCvPGbxt0NzeK6AJ94OuuAWopa +84TITkBDdpDyF+wvU4hGBBARAgAGBQJCPrSrAAoJED8kbDd2EuwX0WMAoJJYBP6DiFO2v6Cu +NRhB3bztsnDLAKCKSIYA5MecQ8of4Yz1vFwxDGMFe4hGBBARAgAGBQJCP+2iAAoJEDAZDowf +KNiuDrcAnjBtRlawy0n6ujH9C0FxjK3r6SEaAJkBFY7KjO6GF976bUYdZENkhfhPj4hGBBAR +AgAGBQJCQ+k3AAoJEBHkA/J12S2FnZEAoOvNrj2WdpexZrYjhojl2l2Ui8GNAKCgZ8fif36Q +6ftn8HnGPLaktYf4fohGBBARAgAGBQJCRAhFAAoJEGyPUZQcD369J54AnR9LfQ39kiWzJ2gz +fpfY6qUXVP0ZAJ4zbEXorQPxEICSl/BKfE3nfSAFlIhGBBARAgAGBQJCStjJAAoJEMjWhvFf +cJG69V0AnR0xGxtEyDSSFPcz3vAlQGbiOtULAKDKGOilCiHzjD6vFCi1Y2mbr/wZ24hGBBAR +AgAGBQJCS7CcAAoJEGX41e0mvnOFfIQAn2APAtzwk+vGKqp3erCpqPj6V+2BAJ4kKDXQS8pk +rpkte4YYF8KANUYEkohGBBARAgAGBQJCTNxOAAoJEGFl2Wum7NFQ56YAnjH8LROgSLhvy1KH +4fBKa4p33gOIAJ0QifSgm3Oj6lcs8ny/2TG8woEtYIhGBBARAgAGBQJCT1NAAAoJEPy4a1Fh +ukar5+oAn2JARpl7QW8itgRLJ4N4v+2TG/YJAJ9AjJonehBlAsX+c7gxzqF/4kmOfIhGBBAR +AgAGBQJCUDHjAAoJEEgboDbAAa7Hf20AnA/UKL4bLroUbIhtWIEKPEeOBUtAAJ98xgUpyu3c +LuwGaLvjaGdeE/PSvYhGBBARAgAGBQJCUuqPAAoJEAjOVxhqZBnZiXIAoKTiQWNXZUHLcfjg +YdV8KRyTxBMPAJ9/ayOb8b/zJKQZ+4nrmkz5NYGL74hGBBARAgAGBQJCXQUxAAoJEJMj8Ip1 +usnuRK4AnR+KMpAM2c74RIjsvi9HJrWH3UVAAJ9sz7tzaiE3ynOu2Peuj0jjlXBQeIhGBBAR +AgAGBQJCY/OFAAoJEEQt9mpgC6nOo0MAnj1L5foKGjYuUTwG7m5PC0x32GNiAJ0WPhaqsc82 +N8EyAZkpUm1J8foEq4hGBBARAgAGBQJCY/PyAAoJEJdyQsqifcxtvQMAn3yE9TiMe7rZhRP4 +dSHFk64MtdHCAJ4utso5u/swzD5nYT2ouiDeHk54j4hGBBARAgAGBQJCakCxAAoJEHNbLgtr +3BMKSBoAn3k3UMDKvsmE0Z7lPcCbj/p9KbsyAJwIoEUWaeceTfVLH5hbx+OsENz86YhGBBAR +AgAGBQJCeEHDAAoJEOn5YiGfXBgkiG8An1zAafTs8FroqVIvrKMXIuhhFGRTAKCYZuwwp23Y +kwAeti9NxKoveOFw4ohGBBARAgAGBQJCeEMxAAoJEGpr/GbPM7TDJvMAnjAMRgCbmlQGON50 +9TbUZkB6bFOPAKCfFe7+dOouayjP6Zgb94Exl5i8kIhGBBARAgAGBQJCe48sAAoJEAMAz53S +p+0x7mwAn3y2/Y5bidEjotJ5VIsKfRdK4gfFAJ0S2sHwaj1JTHxFDvDBa8rIXmsylYhGBBAR +AgAGBQJCfACLAAoJECsQA4jW4GE5WHwAn3rbzJrnzA5pEjjHIeks/4S2jF1QAJ49w8R4MWBJ +QAhQh1eWYuRjF3rLN4hGBBARAgAGBQJCf0MaAAoJEE97ajiD5H8AZyUAn3CKNVLtANzIGtBD +hDy5khbNQus+AKDuXHU/MPs4dA9DAeRNQPZe/OWe84hGBBARAgAGBQJCgKq7AAoJEO0wI5Ov +PSXPsSkAn30BQeb2M2VCy73W3rRy2J7SKtiPAJ9N/PQix8y+xXd+ccfdl68+rG5ImYhGBBAR +AgAGBQJChU6aAAoJEG9Lp1neC71LNqMAn2ZmcFRUdG2Dwvm/KxJBiM3fQRLRAJ4o1C5bs7FK +O77zzA2FiGrqFXgtH4hGBBARAgAGBQJCh9X4AAoJEFgdQ/3YwaVkAGQAn2YGDGVsZcI3VmNO +0EeKYsJEfj1CAJ9n7OipR0qScsjchfOWWgQS0Cf+XIhGBBARAgAGBQJCk1XVAAoJEBudiuGX +4/3tdeYAoIRiOwUUrSHuRZhBtyKmDiPoleyMAJoDs6d7byW3Fks3181gQx8y1kU8FYhGBBAR +AgAGBQJCmHe0AAoJEE225xuAYagwS7UAn1udG1KKWLHwuReYRBUXsQbEuzA4AJ0ecCAc7woe +BLByJKEYj87zA7h98ohGBBARAgAGBQJCn38iAAoJEJ1SR/3HEpSOOeIAn32zZAab3D+xVdGe +aLlrBpJjGPvLAJkBUSLB0QKneg6Oto/DOxqPwq7WZIhGBBARAgAGBQJCupGnAAoJEJTWrkwO +cSWLST4AmwTHKxbRkYpea8fdM9hlYIz+5XiEAJ9Tn4jHAEEVpkrFiAgxc2kPaOOowYhGBBAR +AgAGBQJCwUxUAAoJEBhwwbM1lSCbSmsAnR8MWnEUS8siPK424wsni+igLScpAKCdFkex9xo3 +NzhSI1VaeM6UWOD+johGBBARAgAGBQJCwdkKAAoJECH1wmXsY1RatQoAn0eAxTCutVyNK6pS +A7EvtJimn6WKAJwO1fTxmy+5JW+zb2xTpHLiGi8/TohGBBARAgAGBQJCyCTiAAoJEGkKdDpe +A9cWTzYAnRDU0AE9is4iM57+ZIqZN7Ac4m7hAJsFsQYf2agvEpKIOdUCK6Hyzr1VG4hGBBAR +AgAGBQJC4lfUAAoJEL4KTAGzPIi0dGwAoNsDaBNiRKgBGvPCS2/T4dxYCgShAJsEO3cX69c4 +ArumWvRF3Zb6nVgpj4hGBBARAgAGBQJC71TUAAoJEAUZsF+X+DcWAdIAn27Ss1YwvU7pHzIv +bENaZi/klSXSAKCr54lvTNrXdSD0xUljde+DXtemJ4hGBBARAgAGBQJC75DfAAoJENy+GP+g +NVO8y/gAoK49M6xZ4TAD966SKY0cU9n2VWbGAJ46VVyN+O5/S6ytxCb8UvJXdHzhEIhGBBAR +AgAGBQJC9+DsAAoJEEcCoAVLuPtLnB0AoML8jKrMTOvUWw6Tn2AY9jVfnhH0AJ43rlou9fTK +AToSd9BanezPxCV3xIhGBBARAgAGBQJC+AuKAAoJEG2YinuOd5COb0EAni4OywTVojwSYq5E +N64gx7QYaEcrAKCQNGZXYY7QwShnWqevJRm9GXOHM4hGBBARAgAGBQJDAcS9AAoJEC42fhoJ +KWetylYAoPY3D3eGdGSue17JB3IO+V6dU66qAJoD8ULIsJqRPfmupLxDKP4Fb0dnkYhGBBAR +AgAGBQJDFvKEAAoJEPkQsbLoLkO8DBUAoMwtHW0A+O4O+FTsG5YlSN6CLOYMAJ9gfPi5ZzJw +RAJIHD27sZz1vaEU6ohGBBARAgAGBQJDIKl3AAoJEMp0AAGXp8VtqvMAoLRQgDstBvRqJ7Qc +Ni1AoM644czaAKCiLg34QTg9tpy2u25P37XkU3q6xohGBBARAgAGBQJDMDdoAAoJEPdudB3G +3/9ySisAni2lGaQpdASdK8lZGsCdTZiz+l8DAJ9/w9rICtaDf3l5cMBUZ4vHPajdAohGBBAR +AgAGBQJDNuk6AAoJELBCW96s63Q8Tu4An3+BJf5S/sPwcWEZiyEbCEsj4XwFAJ4/XTr/PwU2 +wFsy6hWBT1IJ6aa9XohGBBARAgAGBQJDRs2gAAoJEENcGS5n3cRo/0UAnRBhNc0DqxKCeFSW +HiotnXtx59S5AJ9fzRLScn+48P0eRQybM6gCKh3SB4hGBBARAgAGBQJDS2FLAAoJEFI8nTBU +0dNGy2gAoJyHxtYX9TZdDrGDrqXITQp4Gm2hAJ9SoJOexjN5GBgwNhUe/CZ5WWDEBYhGBBAR +AgAGBQJDUGdrAAoJEPsVy5PaW12IpzQAn13uD5B6D4PePRcesMWHdKTrPwS/AJ92B3s7usXk +Pbx3TRhS4MyTZj3tC4hGBBARAgAGBQJDUNuEAAoJELUf92qNDlb3JgkAnRh25iz5Fo4hgHaE +sl3It9cV9BoDAKCQ+DXsUUrHXIBf6VE5ji8PJM188IhGBBARAgAGBQJDc2PPAAoJEJG8RhaB +VAYp7IsAnRlPfcj2QwOg0F50VqaUAIyoHDI2AJ9Gnud4/udmgeGmioAk4NOGrLRQXYhGBBAR +AgAGBQJDc5wwAAoJECSgFBisFbUMVRcAoIJZAlKPPAasxYsbUh6MEfIcI/VKAKCD6WxWYfX/ +dRFVOAKw1ehUmOC9lIhGBBARAgAGBQJDjG6FAAoJEImwbHrdupcJm/4An3D8BCC4mVDYkOIk +nF+L1Zt91+dGAKDONTbKJqJP50cMB6DwUB0PlF6fKohGBBARAgAGBQJDjlFJAAoJEMLQ/I1f +OUARO14An1fKTDSD57Ywla+JbIztw/JC7x5wAJ9xkIARApwSCddDV44TunbqHqO1i4hGBBAR +AgAGBQJDjvGfAAoJELsdkOa33ClGDT8An3nIoaMDzGjS11ej+cF7fHp+Cn90AKCornEVTmUb +fGD5uYiMoW3kRGpQ9YhGBBARAgAGBQJDj2JxAAoJEKqF+bIm1TUglF0AnjanXYKnEjm3MHfo +/SknnjK07FBxAJ9/ervWERBw4cCtObTvr8f4cQ0hOohGBBARAgAGBQJDj4/JAAoJEDVQhZOz +6k/tkV0AnA3DnLi5NLVJd1mW2PXQzhSuUhHnAJ9e44x5TDB3ygxI8zIhQqVpAuK/BYhGBBAR +AgAGBQJDk9k/AAoJEDVQhZOz6k/tdK0AnjOxjX5TVYrloR8bqWKh+YQxJ6okAJkB4CBl/4bT +Qr5RO0cD9SODAuNtfIhGBBARAgAGBQJDlHVPAAoJEAIPuW+ThMPJ+GAAnj0CJ7hR/Dl36wLN +8JHxK8wbzDGQAJoDnPo5DqQo2R8QdJAeuTTbgcOaRYhGBBARAgAGBQJDlSN6AAoJEE7BdAvo +1MV6u8UAn0tUWrJfwhaZgVS8H4oPmT7tMrMuAJoDxoTDh1e7VDLQerlzSRcbWlQYeYhGBBAR +AgAGBQJDlb3fAAoJEDkvNH/HJ9bDcMgAn3T3hogMgNPwZXgwxIT2ruyTD9XlAJwKUmskjZXn +DvLDcupmgXxoDYsDW4hGBBARAgAGBQJDlfeGAAoJEKLCFw3SfnCbmycAnRYe+f/+mao56Cqw +2BmEMRdlfWXOAKCJUVEJ3D7s6VEwizIdL4Kl8D/yYohGBBARAgAGBQJDluRkAAoJENl9Bhol +u62fukkAn16hHwGPEcZROenesU3vwjE0WfgZAKDOZl9kdiHAyAIxJPzr2W8NtkEivohGBBAR +AgAGBQJDmaRIAAoJEOMoe7DKSTzslTIAoIal/QCZpkew7MR0o8xPZMhHMraVAJ9up6A1E59H +2QPSeihh2qrW2uzqU4hGBBARAgAGBQJDmeZ8AAoJELOR8Szpgc4IRxwAn3h8JhDz+/JqtKaj +UTYqgp4Qa5AcAKCXHCp8R6J13c4BD/nOgf70BcOwCYhGBBARAgAGBQJDmzHxAAoJELVfP12J +IdzvhVoAn1KoXHrx77b8h32TZYDc9NEzvksbAJ4yt0uLHGgzmZoD5mMjIdbM1ttF1ohGBBAR +AgAGBQJDq9ccAAoJEI3yYgZdmZNQGy4An1OZl3lGbw+uH8WDjBLP4IW/Q0pHAJwNLvcW9zPR +8OgoMh7ZWibs+jpFHIhGBBARAgAGBQJDtJNVAAoJEHp9Jl3q/E33lRMAoNYc85rIaR2r896H +hQ4VL8DX9PQgAKDWVJdTc+SeB/1RjlrzDeNnboCKVohGBBARAgAGBQJDtUHoAAoJEKMCpNct +tmGSEjUAn0xw/qYN5Ohjmx2xpaBnhnfeZW78AJ9EgdleWuoEq7u8qXjBMF9yljy5eIhGBBAR +AgAGBQJDuYH7AAoJEHHwA4DDYlNPHs0An3Xt2S8kuHbes9h7/qZn9Bz+QGc9AKChVDO0++EO +W4qfiefyABPXxezv1YhGBBARAgAGBQJDw++RAAoJEPywu1xfH79wgW0AoKPHF0cHMtEEzDSE +8277uDWjE/lGAKCcTriGg3JIJqw5L7oHk7q7fdKy14hGBBARAgAGBQJDxPw3AAoJEFR/gzkZ +F2zt/ZwAn1DlChau3oSF7YCVzZEDEOINxph2AJ9SeWkj+kl/SMov0xTg7W3QDswdPohGBBAR +AgAGBQJDxgWGAAoJEI1Rop3xRY9Dlf0An0LHA27Cy31gle35/ffCdjyIDBU6AKDQ+g0Xq0DQ +XZx1I3XtFPAwSsOUrIhGBBARAgAGBQJDxuMOAAoJEINmzfGhYs0ZnHIAn36X3nD7udCkgEqi +vaoIHAXXVUcuAKCvlo1iWSp69N2VNgiyRoAkHguHK4hGBBARAgAGBQJDy/W3AAoJEA1Pf6VO +r5JlbLUAmgL0UxBNbCdr4YA7zUIJfEEPmi9hAJ9nIppXbd+0dzITM2d31oZnqmw5P4hGBBAR +AgAGBQJDzVveAAoJEIqYbMigX5D5rgYAni/ZJfeDEhSauyRAlnJ25dqs8qJ3AKC3GrSUKaPs +tedxOFNV12cfYoMCO4hGBBARAgAGBQJDzfK7AAoJEFVZNPtc6Y7k3f8An1yjXI/9zUE9fAHZ +rTT0km5TZf27AKCfmy2VrBHoC1YSyb/V7Dj2VfWGeYhGBBARAgAGBQJDzfMuAAoJEDi/fP4d +7MrR3ZIAoJtTe1XoK4SgETgaJUWZa5pG0CucAJ4lFM/YH/LwA5SweX1tN3t375GNuYhGBBAR +AgAGBQJDz6g5AAoJEOoNyXlQMNoCSAYAoIk1a4iHfNPWJXeaTuayib7cHVS0AJ9fHMVpFOZa +SyUOLfYXwQ91JGBQsIhGBBARAgAGBQJD1L5hAAoJEF1+K1/5jysSoyAAn2uTtY2oKrRs+HTl +MgDb6W4GhgopAJ4y8QY7ADK7XVNThOTukl6/T83ECIhGBBARAgAGBQJD1V3YAAoJEOCMvmq+ +UulTymIAoIlWqBdB9xlLWLBnQ9LdTBUHSGhXAJsHk4OhEPENf/V5xIjZIlh7LEUW+ohGBBAR +AgAGBQJD1V83AAoJENwAYAzia58Pi30AnRr4kI8ExWeWVVk7Sz6zx48KPDjmAJ404OtmMt2e +q4fkzx4ZoRSHmouAbohGBBARAgAGBQJD12BLAAoJEM1G1MlOJNJ7rxEAoL7ly31DOREhSPuj +EmCybEmw/Yf4AJwNCYCPF4KFCvD9KIqf3BoFjehyoIhGBBARAgAGBQJD16C0AAoJEDujq4VV +ZyVBhdsAn0s8EWW7NuGMjz57+hX0vnt6Qw56AKCXhmluPW3SM/7MfQ0HixpvAESg5YhGBBAR +AgAGBQJD37yjAAoJEDKG+HpK7VnrEToAoOZvjO9o0NqyCgUmPgnPBYET4kVEAKD2PGUZI/b6 +WgOQRtIkGhbtOehprIhGBBARAgAGBQJD4L+RAAoJEBuP61imZlVpxToAn1GPhJV6OygumdK6 +kaPjPV/fXgASAJ9TSY9VE21uA5E2MGIVPzEv+PN/R4hGBBARAgAGBQJD59soAAoJEG07rtHq +Fg0LecIAn00VbeZ/A88mJSI22+7QDikQyiqyAJ95DitiaK/nPZn7o+Hr4eoFZxkyeIhGBBAR +AgAGBQJD6upBAAoJENtyWvtOhJuFXVIAoLndQrOY4BW0fMG69WnZUxaJPGtPAJ9gLsgLgz5z +KuSaF8axM5pIYXvaYIhGBBARAgAGBQJD6usJAAoJEKGzmzRQI1OEuFwAnjt+dXf50ZGmi2p5 +qPqviAtQzD7YAKCM+gboYnJtvbsZjnmlqVmfwUu3FYhGBBARAgAGBQJD7l0ZAAoJEBt/P7zi +yfhjXZ0AnRRd2rTcZdglkJ0MAZ4O7pP4SdZRAJ9E3pvHj9B1ZzK45Ke8sTaSogcVd4hGBBAR +AgAGBQJD9wRHAAoJEMPzws4rYooHvnoAn2DIwbpm+QPUkLIgH1vYg0xkNPayAJ9x9XO2R3Af +y3iy2JfqPGtYez+0n4hGBBARAgAGBQJD/EL4AAoJEMR1k3wM5TLlwgoAnibfLCzKaV2154Vh +8cjcUtUAAc8kAJ9RFAH6dYXqOLWWv4RlOQpEFA/OkYhGBBARAgAGBQJD/fkEAAoJEGYnaUwQ +DUaSFqsAoMwUJ3oRPQ2uo+nqlimvGnFJ1l4UAKC5CmIjAfD1pb6METed6+d2IzzH3ohGBBAR +AgAGBQJEB0kyAAoJEACLtRHMlOnFzCMAoLSt5Z31wb+xi36KlCD0rTGNbpWiAKCp4ymSmTK3 +GIbu4Iy2yyTbvMu04IhGBBARAgAGBQJEC9VhAAoJEAeoNRFMU4b3FfQAnRv50wVAHAcjgc3h +AeOD2JV2oduNAKCMxMX5dVmwy6PkAGbVX8KPXGXQiYhGBBARAgAGBQJEHdPDAAoJEPkEPCLu +qMQJzbsAn3EGd2P2YTyCVZMJ4X89cruPB2ZyAJ9BeNwatzjAi1ahfA6GWYdqNRBn2IhGBBAR +AgAGBQJEJJxHAAoJEFqjNl9eld79O+UAnAvpC4d7DW4C36YFXtxl/6Y1KmIrAJ9R7IeNjD0A +FHMp21F64RxGX0o++IhGBBARAgAGBQJEN/S4AAoJEDaFQsIJ4RhsAXwAoJXnT/Oz4M3nA8bX +/4ZHryNU35sTAKC86M3eHn1oAIrc+eeradd5/kOD+IhGBBARAgAGBQJERoi3AAoJEG//F+le +TKQFk0wAniYhWKl5fVkYQfV2cs6j1Ya7ZT+TAJ9abVzSxGkQmzOsSJRQ5YtExmFhhYhGBBAR +AgAGBQJESH9/AAoJEId5iPYyaCFJWbQAnipr0wA95MqlrEFiw7Zj9mMJlXexAJ9OxF/H0A2t +tcRuwkLSI/fAirm+kohGBBARAgAGBQJETOovAAoJEIMYw/aBQq36QnIAn1uYtQAysPomZo7c +gTsKIZZWi9NZAJwOnnfUU/1UI9uoN2ny6MhsXhwM94hGBBARAgAGBQJEb2MYAAoJEFRvv3et +FU8bu0wAnRA6I0yJVfrq1OjNjwFl9/UgJnOZAKCCDYWtbzqyTJO9shAkIygBItyFdYhGBBAR +AgAGBQJEfYL+AAoJECxBv09IIICbawoAn3J4nURoIYzg9siqCwBcHP2DW4NiAKCcTKrksznP +Pyq3e6vSgkmU6udkw4hGBBARAgAGBQJEg9ttAAoJEKziaB/gAH4UX2sAmwYH+3thBSGTsI17 +TW1m2pGOZTaRAJ0SgJ0z9IZc4vodCcZ/B1XpVoJSmYhGBBARAgAGBQJEj1AdAAoJEGwFWd5I +Qi4tYqsAnRiz7IIpSjJ0HbYpHSeDmc8GBKLgAJ4pH7S0Olc7KSe43oKGgwSO1W8jhYhGBBAR +AgAGBQJElxv4AAoJEKMyeu/hx2HjuKEAniTwaitiLCDlTlHdwDU7H4QEQcAlAJ9IkoMvPlGO +ZqeJrlUZ9dfwe5kSZYhGBBARAgAGBQJEnEWBAAoJEPkjHW2U/tatWA4AnA06781nVrUusRcK +xLcMgWUlgRbOAJ0d1x6tRu9ESSHbftioSvXHRItKQohGBBARAgAGBQJEnHvhAAoJEO+OXMQu +FiWyNDMAoLFH5zdRZgAnMFH7dfagQzCZ/tcXAJ45YAolS5Pqe2tilA9+rWBSFcP0DIhGBBAR +AgAGBQJErXMmAAoJEDs3MGaIB5jVyYwAoLZyvh3PwRHvykXnTda+ykV9s1FdAJ4zc7z78URG +7TZeeBiJy7xi4Q+ne4hGBBARAgAGBQJEt7IPAAoJENRT5at2F5YUEn8AnjB7AxqxzAdq3JPZ +VuxbxH4/g1cRAKCMe3dOLFKNIkOPliQDSPnEJZqRM4hGBBARAgAGBQJEv7EYAAoJEHjdw5pb +jUAiAzgAn0jLhKFJEcEvG1L/SkLl74M08DC2AJ9HzJDDkzLIT1ZXJkOFQmCOR6MvD4hGBBAR +AgAGBQJE2Z0JAAoJEF+erMX+XncNWgwAoJYIUybQe4xOQSHGLSU+W1E27SCIAKCbxtJyQC2H +9hrKpmR4mNiJzVOvsohGBBARAgAGBQJE4NiKAAoJEJe0J0s0n19QUAQAoLFKQS0gmEwV8t7Q +uEs5oz5iIYEGAJ9oIWpzgPHONqsqmcl6IVaNuOZwX4hGBBARAgAGBQJE/Y/PAAoJEKm/EUEW +NaMkA8MAoJYfvgCQl+CJbjLJpS1u6xsSUqj4AJ9x+m8tOJlwISoAdGiwF78AuR3yg4hGBBAR +AgAGBQJE/0IzAAoJEKzBFHuHNV20uR0An3l4fWiHMZIYESVL2Stcaq40HOVPAJ49oOGA8+Ip +LtlTzyEnV4TgVacXg4hGBBARAgAGBQJFBFFFAAoJENVRhxQkKVOzufsAnjSHkUWzCZU6SEcV +3e0nBnCOdVzGAJwMMKEWR4E47ajbw2lVaogGc80Rb4hGBBARAgAGBQJFBYhvAAoJEO3ApJZy +A0tAm68AnjOZA7osk6u3g55OLc99DM4BVmT2AKCXm0b2XTb94JGK8f5leISzDkk7IIhGBBAR +AgAGBQJFCFrkAAoJEH97XORizJEx24cAn2oFqNGkLE/xwKfy5rafvPjk+aNhAKCazxjlhhGX +h9Mv9z/7z6ZudX2yVYhGBBARAgAGBQJFCGWZAAoJEFykzSkzdirk0X8AoIsIP+Yt1hP92LXw +2sbbFH+93oYkAJ9R+NaSSYIZuu6fwp+A225xeBCag4hGBBARAgAGBQJFEpUzAAoJEN3xtNkv +tL5rgw8An19JkUj07wl2r67BQAwocb3+7W0IAKDRLhlDuA8FF5iDe5/0VhOJoYndD4hGBBAR +AgAGBQJFEvTLAAoJEIDlVMyunBsU5qsAn32CqUnPLdjM47YSmYzoQhA9vgX3AJ4nTn9DoEqm +3Ffvzf2ixTYUOlc6YYhGBBARAgAGBQJFE7dAAAoJEIkNk7UpHXEtqn0AoIAchAxDaTRMz8q8 +wRavXOI9016RAJ9RbbDQQQHhhymCmjn64EjV8rZjVohGBBARAgAGBQJFGMicAAoJEGThs201 +3SrCgv8AnRNgZFPRXWa3ArcICy53jSFghH2dAJ96TMQRsaWJc17lVDfl0RQkhc4CV4hGBBAR +AgAGBQJFGULFAAoJEAgkz/doGXw4xjsAnjz6ZoEV6koE2VF0QpYjTNL7YVTeAJ9UtLrJZJIE +myER0bUSexHnOKXaI4hGBBARAgAGBQJFGmg/AAoJEEwLPeW4t1UAPUAAmgLeG6nime5hYcIG +84wREAfA/ORGAJ9djbc+RAW3q4NithcIsnnsUQ3zUIhGBBARAgAGBQJFHXTDAAoJEEIlTwGX +hWJl5bEAoICqU9O2ZYSLqjB6nkwWUKw3uBCtAJ0a/SEk1h7t+YrZ33tpoKYqsbt5oohGBBAR +AgAGBQJFPbYhAAoJEB5mAH5WyokK7voAn0w0w3XaqOYDAngqeDF7b/mOWnEgAKDuavknIOk5 +1EcxXhbZu5uWmybkwohGBBARAgAGBQJFPhmAAAoJECDKMQpTfqf9x/wAoKEKSIr6y+Tek3/F +Ir0uIk29sHSwAKDJoXreWKsGm9LPPrbR0wfAYIhn9YhGBBARAgAGBQJFQdsGAAoJEKeqyu9t +GymgAoMAoI1kRsUdTEAD5VGZGPHsNsLdwM4PAJ46406NrLBvG2CXO1tjDK2JDigpf4hGBBAR +AgAGBQJFQhoIAAoJEKeqyu9tGymgvnoAnRgya6nj0K+6HT8wWb6v1Vl2cypTAJ9ylu7cui9e +8ZK+Ppj9JV7IPEui+YhGBBARAgAGBQJFQ5iCAAoJEBWGFwCjlJbxLrMAn1TwVQSjTehYM6uN ++qA78W0ptSG4AJ0ePMNcMfPLjKFr4R0VzYTtKseD+4hGBBARAgAGBQJFUUEbAAoJEIwsu42o +RlPPfdUAoJC5nd1dVWIDrrcOJbkeDKIlw7o3AJ9A0kV/hb6LgA0/OZ70b/A+MmSCXohGBBAR +AgAGBQJFUUEtAAoJEJNj/0SCt75t1QAAnR1M7nrK/iM4E3qeGh15dmG0RMDNAKCcYsiFE2do +XNYCVF9nZYcvYYPxaohGBBARAgAGBQJFWsx3AAoJEMkygHs3kBJU3g8AnA89ETMEU5xZ9DYG +dalb47SdDnHjAKCJ1LgB+kJNyPgj8OK8n7Ws1U/H5YhGBBARAgAGBQJFcOd+AAoJEAv859kq +V4+EIoMAnjypKoPAuPiFEKUl+xpOUM2mStjZAKCNtyJ1vypClJN6z+M0O4wq6h5vJIhGBBAR +AgAGBQJFdHlkAAoJEIyc4c246rUlHwoAn3kYcEwxK9pOQ/HJ9OvDA5vtwjsNAKCGzuRKtGjB +r2bKGENhjLFoX+872ohGBBARAgAGBQJFfdAQAAoJEGodOhZUkeaDzBsAoL//gGxRZkvBhAwH +ZAT7f3r7RqdPAKDyxfFvjmuvKS/olY0o+RAt8JUJe4hGBBARAgAGBQJFfqi7AAoJEDshXqm8 +BHSRM/8An1jh8rxU9mT9KnkZnZAAyEU8+rN1AJ47mRerVXfwNojz74rfhCgDHj3sqIhGBBAR +AgAGBQJFr/ulAAoJEGeSX2VlpoDlADYAoIXEDmRILKOgh9zo3qyjnMTUm3fFAJ9gYdv5eT9I +/CAOTiJ09o/svjFt5YhGBBARAgAGBQJFw630AAoJENLgJasJ0yggCDMAnRUvSi4ttSLliz85 +TVyiyOWrhpm0AJoDlcJ9fSd2KyVS21dMSLQqKtRftohGBBARAgAGBQJFz1/TAAoJECgVV/na +0Zedn3IAnjrX18lQubzAjzSG8EFcf9jLzpD1AKCdU21Z9GSFKRt2dOt5hLX5zA9vrYhGBBAR +AgAGBQJF1Wc7AAoJEHq91/v7zfNudxsAni1Bo8L1HGQ4iSX/qVhRPyK2TP6lAKCJvMw5SVO2 +7qzdYbmkHkoa3cqdFYhGBBARAgAGBQJF5IYKAAoJEDIMXz3kuaOhnTQAnAyZbehn/Of6+Hsc +r2LpsBxJisbxAKCMCfBXKYn8XTgfs+MRuHH8sUwXmohGBBARAgAGBQJF6ZjhAAoJEIvYLm8w +uUtcdusAni+5KAuvMWm1WsfomXySL5Glp5wkAJ0Yg9DbIPI7DA9vSspmE+jSYA74I4hGBBAR +AgAGBQJF97KrAAoJECmwEo83gCa2q90AnROYLTfnZ3MbYAI1wcaodFei7opxAKD8wTdbHejn +A1ywsvdKphLqCtyrr4hGBBARAgAGBQJGANBnAAoJEKQ71E/eyMD01bQAmwRIpJSPzjHcvDf+ +KaDAm29Mq1RgAJ9AGLjAJWZaCkp9I1hAivuwT5vPgohGBBARAgAGBQJGAN+1AAoJEDR10fIg +rO059IgAnivjNsZtFDsH0i+BZITsNBclkkkZAKCKSaojhpi58Kee/eVY374V9PvCyYhGBBAR +AgAGBQJGAN/CAAoJEB11W3nFpSaGx0gAn1xOx53v3nV0AKVduQiB6bKTRwZEAJ44QTtiEiPB +6ccbrv79kPMgmYfGPohGBBARAgAGBQJGCmQuAAoJEAw/Fbqms7uZmP8AoKpllUUVlcH+jvOa +uxOv1Q2QU5CIAJ0aDdBOMM3/0bVMyouxTZj6bsAf+IhGBBARAgAGBQJGCmQ/AAoJEFXqFLSQ +kBug0pYAnRPjda9yUwnDJcS7qtKkoB1mRAqLAJ9Al1hb1DYNa6LtW8pOp8h9McZsz4hGBBAR +AgAGBQJGCsqsAAoJEAG+LygnzDAKFRoAnjSR0fmCpo3bObRmfwiLH1QRu+3FAKCIA+Us/ILg +rNkgUcnLuKWA+d9XBYhGBBARAgAGBQJGCsuCAAoJEAolC8oH1LxD63wAoJOeUftUz6cUgo3y +85CiauSp4edYAJ9zr7ZYLwH73Mw9VHmQ4YyTA5CQq4hGBBARAgAGBQJGCswNAAoJEAHsROWy +v5h5zaUAn3nwzJUpFIacHmxy05k2rsU31yGxAJ4xIn9vCl90Gwhk5LVibjedVqxVQohGBBAR +AgAGBQJGCs1sAAoJEFD8KNOFS6S3lJIAoOrK6qG41PSGH4pivKRyiC5KM1E2AKDOlJIoiULA +yu/5Q3oQRrmMKMHUkYhGBBARAgAGBQJGCs4SAAoJECj+7+40FJt+hgUAoKk1MWMxaiiXI0xR +uJaoXn1pgzJwAKDrrNYGGXr+kSacRWoRwOGS4IYtf4hGBBARAgAGBQJGCs6OAAoJEKhCW4LW +Uv+znGkAnR27CNJAmUAVVGNbbmnXTL0uEW9mAJ9x38YFIfyi4jjU/jYd9ExQge1/VIhGBBAR +AgAGBQJGCs7/AAoJEJs1AzN4Ie1FXGEAoM7aSqZW3Jlu71OrLCxx8mM3j4eYAJ9ZPotAMqWE +MXBQeBx+O5YQAF4WiIhGBBARAgAGBQJGEwxJAAoJEKjJNNsjXZr5ussAmgJ4crkNFAhrvl6t +w8VR8YUpI6YFAJ9tnwYL69TloV7R6d1cT9IHtQh+S4hGBBARAgAGBQJGF0soAAoJEHOMnL7m +9H0WD44AoNinoUkBc8C8awUL2N5hixtE4+1oAJ0QDgvi6Xzy2SFO/Nywi7j/EBGR74hGBBAR +AgAGBQJGLmhGAAoJEBM/C8DIXuCi7ukAn1UTt9ftAf0eKxUifgsv7dRAaSBQAKDPMIA58olE +wkGM+jB+twu9mviiAohGBBARAgAGBQJGODddAAoJEHcDghvSzi7UnuAAoM1GQPntmAiv4fZ4 +fag0+UvcOBwVAKDBoOdivM+oEHKZj0asdQdP2fPWk4hGBBARAgAGBQJGOQDxAAoJECZQbAFl +lx/y+AcAnjSu3G8+2byVtgVjrWAhCYvgYjbtAJ9mIEysfDxack7q033WL/TZLOwuCIhGBBAR +AgAGBQJGP1gdAAoJECnSCuiDq5vvyxAAoK8/iMuxBvbvsIWK2fPf5k8Iv4o8AKCTpzczPkJF ++85nNupMRdbstE0CHYhGBBARAgAGBQJGRoX6AAoJEMugP0Z4XqIpjuUAnjyIUggOXQgg2wqm +URIgFztgXjyVAJ92CpZjOnGiAYjbfg6RkSTiMB4ANYhGBBARAgAGBQJGR5PMAAoJEEZu2IoD +zNciMUIAoJd4QARhg3Qre9IVuGawF2+yiwNGAJ9FYagj4acohT/FbXIBJtAa4Q04zYhGBBAR +AgAGBQJGR5pqAAoJEB8MBLKE9AVdyecAoInK3rbwuOcV1MdpUP74e4wckNRzAKCB529cB5t6 +dhHi8BYCyzPyvaiJnohGBBARAgAGBQJGZ+3eAAoJEKaUdWY7KwOBK90Aniui4UGn579pDLax +HwKw3fsf7FQAAJ9EwqG70SOjnmVqdmH8/U+xlzorrohGBBARAgAGBQJGbzXNAAoJEFWOCYKC +0iQcdEwAnj6hyK9t5btyaT2ThHsaJ92lkf3nAJ9sogjzqOX2Lpllui7zErD+bqgLgIhGBBAR +AgAGBQJGfSmvAAoJEOGxtKd3c9tCs8EAmwfTFtoDHq4Q9aczLbWYs93yQv0jAJ4qNpxr+fSR +7BkfaCNfPW2sXxree4hGBBARAgAGBQJGhJheAAoJELc9PB89QsDESNQAn3kM0T7w5PCOCtN4 +4QAuzRUo5zImAJ9Mfo44+1UDMbDXKN/UEplE5J99LYhGBBARAgAGBQJGhXY/AAoJEImyWziK +xNZrJCwAn29ciJHj4O9q5IjeM7sUDbCGZgXJAJ9n8OvlcFXDZGTquVAJutVPO4qUWYhGBBAR +AgAGBQJGho8GAAoJEC8aOIbUy22k9ikAnRFmCj8WRvedOm5bo4YLvyqCwTHzAJ42/piW2Lu5 +dr2I5TZ8kpXm0lctpYhGBBARAgAGBQJGiGP4AAoJEIzfInoqH7uJx0AAnixIZlU4oRSPtnxA +iIWa6I4GRa01AJ9bBW5FEU0vdj9BP0e5YC8y+WBMw4hGBBARAgAGBQJGl44dAAoJEIPtY0C8 +DjwqcccAoKmjH3HyztFAO7iYDbHc/QcwKda4AJ4y8H3+/0IUa8++RnCXuSFjT45v04hGBBAR +AgAGBQJGmOzQAAoJEBVaQxeIztAKbiwAnA7iWwRV5pln6z7jRQYOKD9KT9rxAKCaL+C6iIq/ +RkdXOgI1UtLheZd8+ohGBBARAgAGBQJGscr8AAoJEGScVnuhbeVccZ4An1+/apZrkNEXeOhq +CisB58HurnKXAJ9ULYlq1+ef9zeJXPq4c3grLp1gE4hGBBARAgAGBQJGu7OgAAoJEOnCdssx +aA/x1QsAoLVvSLEkt9vR8ew76Me3mKsoXXGIAKC8+tM3f6UCOLk3HULrzJBgAvYkfYhGBBAR +AgAGBQJGyPAuAAoJEPgk/HiH/M2m6a8AnRR5uzTLS+YH7rREMFwKtt9zDdg3AKCBFHSBsGHz +FMvv//R3v2HtAAfE54hGBBARAgAGBQJGyPA7AAoJEOYzWCoHRQdmmGMAniboSyepx1ugDCSL +hKI7/BKCRhyNAKCC+Q2QibZKX8Iugi0nLwLxV0uXXIhGBBARAgAGBQJG1zc8AAoJEDEAo8p7 +qkLXplAAnA6FY5NRyOe8WV58ffeE0K9HY8jHAJ9pR1rUY7fxtBqD84mZzvuNa0OtOohGBBAR +AgAGBQJG3mZAAAoJECkt+rJ/++ab4VMAnRJ3+/wk3m/hpcWZ1EwfYs+P2DHwAKCQSsK+yo44 +s93QfRPdsM8M56n2uohGBBARAgAGBQJG5SnLAAoJEDsAbiy3m6w22oAAoIllP1UA/0uCE73/ +cV3trfbM+QWSAKCzwKT6ukcUKn8DlQJ3M2lF1ezUuYhGBBARAgAGBQJG76SrAAoJEBHD7aV1 +CqYgGuYAoLZRLvvuCF8X1uCw2+BzxLX6HPKHAJ4lC4+t8Xnw+jFDIIc9FMpb4IxZ5YhGBBAR +AgAGBQJG8T/XAAoJEP+uyd6sYCpxka8AoJPLXUiTd6Q2YLNeEb8AIG71drxdAJ4vpLT2kwu2 +NAs3yvMSGahyPP6MLohGBBARAgAGBQJHCx63AAoJEDBGH4sUc0g3PZEAn1O0HxUXr2lFU+7v +FFg3RIzhYKyRAJ9+YJz00mF4YJaNC/Hgpd3GZgBv1ohGBBARAgAGBQJHFPWrAAoJEEaED2xt +noeIUgcAnA+m+1UL/od6LPP9g8GUWpajCa74AKCKYvIin4kXuCkU+MJV7Nqbytoj64hGBBAR +AgAGBQJHFPXKAAoJEN/2PssWh8r1MDEAoIbCXIhMRmCxC54rvv5pwjOJoGYcAJwMY6dG6tI8 +qeX8NRJWxPc5yyfyV4hGBBARAgAGBQJHFPaHAAoJEPOnO+dT95AimZYAoMwPOGv1WleQFtfy +0NLGSfJUmbUzAJ4uWxA6kQG3grN/A4FFiNqv3amSoohGBBARAgAGBQJHSAqUAAoJECmWEKkg +PsolPN4An1jq0LMeZpcRaiIg44LeY/4rVnr+AJ0Rql89S0BAM8iwCnI4LLqI51OBwIhGBBAR +AgAGBQJHTcM5AAoJEHiWltB+5sJX9GUAoICEoXSbm+MAUPq74lOHcG633pRkAKCHgGxBXf7U +kIPQDjPW3J7g98XLfohGBBARAgAGBQJHTcM5AAoJEHiWltB+5sJX9GUAoICEoXSbm+MAUPq7 +4lOHcG633pRkAKCngGxBXf7UkIPQDjPW3J7g98XLfohGBBARAgAGBQJHTcRKAAoJEBFpYxW2 +Tt21uo8AoJGSSj+8vzaN1/ADpqCCAM+LiE5kAJ471Kh8DyR0tq6eHhOt8L0n1C3eXohGBBAR +AgAGBQJHTcVFAAoJEF2mXhCTMg9pdNAAoIxEUv3f2HIfaz9oi7Al3JSjv709AJ9EgHAC7twy +lrNvz85TLk9OcGoN6YhGBBARAgAGBQJHTcaYAAoJECoTyzFnJ3j4FmwAn3NAK5Nu4VtpgE3b +axV+sinQpbksAJ0RIFMC1vPYyDDxsi7Iqi5QZhrWbIhGBBARAgAGBQJHTca5AAoJELGKzzHd +DY3RRsYAn2GKxmZa8WQTtGgGV/IyQB9AYK3QAJ4vRkHcxAEmxyx6N81GDi9hxZSMhIhGBBAR +AgAGBQJHTcbrAAoJEGj/pcyRtkMYhvQAmwbJJQWR2Z92sSilTO2gVkzUDjZAAJ0byTOn9qvZ +KYe/ov0qr2K83iOeGIhGBBARAgAGBQJHTccRAAoJEBJw/TTUAYuHL6UAn2GMGDfpruCdRX/W +hRdrkQ3Da/MOAKCT94uD0tJfOF659L58MrwgCIDwrYhGBBARAgAGBQJHTce+AAoJEA9gOHy1 +Zy8wTcMAoIzVWbpFSb+rLLvICKo8NnLp5juIAKCBM8FDesrgtDpM6VqReU9E2J5bvIhGBBAR +AgAGBQJHTcgBAAoJEBQk2qTVzY53UbkAoKX4tKb9aEJXalZDvpH2NDDG5k20AKCbJ84g7BH9 +14p71lcbsMaZlpTXZYhGBBARAgAGBQJHTchZAAoJEOyxNBvxZns53yYAmgLecnC7uNX8W6HC +B4fT4BCkOWp4AJ9gxuddzDgur5RajAI2BMXCmwZuYYhGBBARAgAGBQJHTciIAAoJEGKYoVQl +ni73fqUAnifqjhsP2HnEomaH1KYP3R72h/10AJ0c2jFYs6ybIEPm/QE3xx5HrTz9gYhGBBAR +AgAGBQJHTciyAAoJEOLHTqhMx7ipB6wAn0zPFrm098DTSN4lj9oxNIpjucePAJ4u906eSR1W +PCiYEjRwwtm6UK8fj4hGBBARAgAGBQJHTcj/AAoJEF+0IN9UDWP30I8AnR0X+lOF9LjdK+Zj +qmskH3WQS8jOAJwLjuyXbNSLto2X8rO07ddaOHktPohGBBARAgAGBQJHa4ppAAoJEFNxKR4g +/4LTjoIAnjnIW3IqIsYD/M8YvYL2jTiFLpmHAJ9QNS5cP9+cKMhIiPmWXWXCMbxJp4hGBBAR +AgAGBQJHgQoNAAoJEDsg7TZ3hxaz3dAAmwdbPKFq7pCkZe/XGiKCnD2eghvxAJ9JgoGOcq8E +1kWb/OONbGAF5XZM8ohGBBARAgAGBQJHhjHgAAoJEBpwKfSFauBUgeMAnAqcfQDfSr9sr8C3 +SBfF+6rlVUEQAKCfh8EKQclgZhyu/oynWPGvgwHj9IhGBBARAgAGBQJHjLL1AAoJEHDabxr0 +crS/ICsAn0RxpO2y0BL93cBpbIuGjols4YiqAKCWXJw3rv8LjiZbScdIUjhp3/uCSIhGBBAR +AgAGBQJHkMVfAAoJEE6bvjerLqBZBKQAoKpqoJoj1A7iTf0hdmyX0gG7XLpOAJ4lsGDvJ5Ds +awjTHmV+NFC2aHEJuYhGBBARAgAGBQJHkMXCAAoJEParOhxXT8i2N9gAoLcvflxZAxrOMt1z +hyPoczsDfepBAKCWNBenDnzhlWCEcORjC6GqIj16F4hGBBARAgAGBQJHmjmYAAoJELUbSwlT +VqrIleAAn0oN0sWLOD+ND/HNeOpTC57yGTB/AJ9Ia/bz9UXzt8dUIYfoOEGbaRTs/4hGBBAR +AgAGBQJHrNCLAAoJEPEv5jE9ASuzlvgAoKWS2OyR8On0pDhF4/LIajlQem2NAKCSg5vAVQNY +pnlvVcxky5chLFOxbIhGBBARAgAGBQJHr/vwAAoJEFVlOUXI3RiiGqcAn1snU1qR5R3NFa48 +Tuvx4N05ti8BAJ0euiDApZeKfCXcRpwAh++FKgXpyYhGBBARAgAGBQJHzeucAAoJEE9y0kxq +QrfU+A4AnRgOllp4uGoJh5Tj7W5pHm6ucvJAAJ0dGCKlSljbZAhGBjsqUypxtuG0I4hGBBAR +AgAGBQJH0JwuAAoJEE9y0kxqQrfUybcAn3RmFw4hBgfBD0YYkB9SuY8Kd+JDAKDFQbTFrD9D +6GflvJfkI3cxQQhOpIhGBBARAgAGBQJH7VvOAAoJEPD/+EzWmpA22lMAoMIYTSKEVlioJiN7 ++wqWxGd/6h2uAJ9SvQvRrePPKf+czUog162bB493N4hGBBARAgAGBQJH9gmzAAoJEPYiKbVm +UKYzrzsAn1Yo3gPjK9Wd/mBpinHaiHwu1VCAAJ94jImR1+VsB7QELZhN/JJFbrAOdohGBBAR +AgAGBQJH/tHgAAoJENOH8P2O//Mf3CsAn2/iX1sVlXi8VzQ4kVa3s/bp9y3NAJ9JlAz/bFcR +7aBz9kGPfi1vSE6B0YhGBBARAgAGBQJIDyd4AAoJEJw1Y9qrdUmjbJ8AnRhuEmc4WeRdIBZK +PuIgYosf2WB8AJ40QxMgmPlYLs29MYNKXUXYG7hbj4hGBBARAgAGBQJIII1lAAoJEOpmNXaC +5PI8/CMAnA6dibwLZumb/HMRXco6AAmaqYZeAKCI2z2wuXweecb1TRPIcxjnITLwc4hGBBAR +AgAGBQJII0FiAAoJEPCkjI7qt8o4dlYAnA/yPkxOX9pXkHVNRuYMvbjJ0Em8AKDI/Sn2wqp6 +ub9Hf+sBQmJXDaS1EYhGBBARAgAGBQJIL4VwAAoJEKUcxJh/f5lEPp0AoJqG8Aj0g8GvnLur +AUNcS4VNL2gBAKCAx/gNuwFSpndjhUht4Uga9MTwgohGBBARAgAGBQJIQXEKAAoJECs2AQB1 +qQaLhfcAniOOzPBVeGw6uoDNpstl1m9h4ZSWAJwO8IokYPDgJpxsmQPqy+x4pyNhIYhGBBAR +AgAGBQJIibMAAAoJENSjn5tUQ1Ex9A0Ani8bBc9uw40IFThCJ6KXAcQrNQnJAKDMvzF+PSVH +3FD1ENTWfqVuVN1BW4hGBBARAgAGBQJIjHqMAAoJEGAz/ZWBPrPr1bIAn1xoCu6J2+2ISj8L +ejLixJopU/pAAJ9g338FaM5XzcD9fz9vg+3I6HA0GIhGBBARAgAGBQJIp6umAAoJEJgXWr3U +WiRNcVAAoKaJ/VWETgjjJlnWMtdWB7iMnkafAJsEfUonAf2KdlzCT0U8igIC0aVvqYhGBBAR +AgAGBQJIsmfSAAoJECZtUM0MKDE3JUUAnimCcueImio3ZHNfZ1F+kRV/l0yyAJ9ASjAq3P08 +QJbuOvekI5q7Fma5fIhGBBARAgAGBQJIuxlRAAoJENhajTiFltFYJjAAn0U7FlZRm+Yg/TDv +ZzzXUQJ9tG6pAJ4gid6uwSJGTSS6+a5I6D2CEtogQ4hGBBARAgAGBQJIymVDAAoJEAS1vzVX +cINKBb8An2c+P2XeWZUs23gvGgSY0csxDI32AKChep9L4nXhNNozmz/+K3k82B20johGBBAR +AgAGBQJI3mYHAAoJEOL1F6S86/DDiS0An0vzP3ZClEi/nCFQC1s+yXxNRc3WAJ9njOjayqWa +rX3ugwOpgppcSFjLnYhGBBARAgAGBQJI4/0/AAoJEO8Dxqg1W+uC6fsAoLD3QHf8bktEu/JP +aFUrweY2z69GAJ9OMcetieh42xOclFIWiFTX7KG/FYhGBBARAgAGBQJI6RB/AAoJEIS41RQl +adMLfW8AnA2E7u38rhywZg8P4EMev6q5JG9DAKDk3m3HnPeJILmsviHMs30E5Sd434hGBBAR +AgAGBQJJAMvwAAoJEDUSj9PUwRmC+n8An2XPVA+w8qMHhnwAOpPcF8+P42rYAKCZQZrM+CBN +7oxDLhL2J2T8h2qSW4hGBBARAgAGBQJJFDbUAAoJEFNXVJUqT2LgWA4AnihTutqO0bLKnjHb +uqaZH439C6cIAJ95KMhpz5tig8OtxaZTrzO9GjwrVohGBBARAgAGBQJJJaOfAAoJEBI7pbEW ++ajcmdEAn0AtycUoRr/clAzjtQyj2aTgoQsaAJ9ZbZPY4FELlIZRsL15MAkm8XPwQohGBBAR +AgAGBQJJUWpZAAoJEA7SwqEbM2awunYAoOPswKNgdsXnTrkH6m/FDWLNlniPAJ4iRmTcWuw4 +QVjUw2aktone69m95ohGBBARAgAGBQJJZn9XAAoJENSp8PPlyE7PeeYAni5MKOFKd/653Xal +iArtqjd9NCBTAKCB3yj2KCnT2EDAsN3HQSesMbBEVohGBBARAgAGBQJJZn95AAoJEJunc1TS +xOhwCNkAnjSi8JPIBaLY+/rygV8o9pYb+qtrAJ0U79yAt4YFwaQc9KMf8ffsvkRsTohGBBAR +AgAGBQJJd/6JAAoJEBxEnyVHnlReFIYAoJih0X16JpbEwCZZTy9HFJU7C7e2AJ4oMo+OTaAZ +v0SWKp7LMZdVy3wZt4hGBBARAgAGBQJJipECAAoJEMCqlJ210wDE7u0An1mBkfj9+RoWPe/8 +ViUAm8JgJ0IkAKDaub17I0yTHAkydMu/9tXHimNH/YhGBBARAgAGBQJJkVbsAAoJEC+VFQiq +5gIu5B0AmwaywI9DLvj9VizpRYbX99fskXkXAKC96UolCn6d+xiS0BmYMiCq2mhoT4hGBBAR +AgAGBQJJocY+AAoJEGB2BRxmibORFNsAn1WFP6FcWCNuNLV1k4MXCD9KkmhxAJ0dLjWwU9zO +vRzc0He51u6BuuIyW4hGBBARAgAGBQJJp1T4AAoJEAvziJ3cmguhv+4An1ivZBjOLpNW2OVS +MaDsMeewSEnBAKCS2UBFuynpERBlJNvwMtQ33hnFdYhGBBARAgAGBQJJsCd8AAoJEI878djn +KUwEDJsAoJ7GhX0RTcrIYl0lROGaYg6xBmhQAJ4psAR2vCclI+wf2hQm9vPLJ7vAI4hGBBAR +AgAGBQJJvmPFAAoJEIknm8K8kCMMfuUAnAyCpAcTTGSSxjLWhd24NKmGqX9SAJwP3bVQKCo7 +AYXqAvmD2WRhaPAuqohGBBARAgAGBQJJwlwDAAoJENmUvj+LKpXW1kIAn3mo/yjrQ1DIcH0n +quVieglHpiUpAKCVcLY6pktZLCH8/4mvboNMZYF/C4hGBBARAgAGBQJJyt7pAAoJEG4qr6kS +gP01PigAoISbpAgnXYYiNaD3ikis1j9t2bGNAKDKg9AKOgjB5qIYc/GBFuaKNftNDIhGBBAR +AgAGBQJJzRyfAAoJEIyDl6uEkfbvFSYAnjbvSwjhmmpNCC+SU8MSSuPOxpoSAKCryc7XBZgM +EFW0IhMp0J7KbFGtT4hGBBARAgAGBQJJ33A6AAoJEIk8dGq+K6BkgG8An37DWQ52u5caB7wl +eU5v7JEaz9s1AJ9VxYHwI5dNN5+PRXOQzzPhDRzrQYhGBBARAgAGBQJJ33PbAAoJEIk8dGq+ +K6BkpesAoLstE344HY4DPOeJU6h0Zyev4EhLAKCMKR8Ou4HNaM75xhSSEGZzYdkFjohGBBAR +AgAGBQJJ4dpkAAoJEFKasqcDbZOXL8UAn0aQTOgqGiKQpu1MLmz0YBdz3iAwAKCP79jRDhWl +q+gQJvm+0xD/xTsf5ohGBBARAgAGBQJJ/ykgAAoJEIXAEW+63/Ha7k8An3KBYCR3gxUNIbEy +QjtIJY58SsMfAJ0dWCoch3uzt44g+DdzhoGga5Rk3YhGBBARAgAGBQJKAv3WAAoJEJmtyuw8 +8j8yOCAAn2BetzWSfOhWwiXBjRkQYRqowhUTAJ0Y2pMQr1ElXl5Jpd2eERsUHJATIohGBBAR +AgAGBQJKC0/DAAoJEN0PYhPLKJ89Nj8An2GWxTukqTSlojANSV7n6ThumpAwAKCJe9G9Hh9T +eTI7H0a0urdgzM7k6ohGBBARAgAGBQJKDWXZAAoJEKjNU8cE1Lo5yCcAoNXyHYOLdQlk/KpB +pbtgHBpTBOGpAJ92eSf2l+MsxtA7jTsjsb7t9iuyNYhGBBARAgAGBQJKFgRGAAoJEO/hTFqn +fvDtoJIAn1YwIbffyQ1OVX0y7XBzjPROL6vVAKDBiYVXhgnPR13xkKFlVUKQKfn7f4hGBBAR +AgAGBQJKHA9JAAoJEEijPpPHBlhiIvAAnR6hnCkCBue6ZKqEdiZ2KcQG0aDFAJ9G3mp1s2DL +tq0dVemuZjq3pRzjpIhGBBARAgAGBQJKHA+EAAoJEDOzqfsDUwhh/+AAoKNN/mGwL0L/OZPN +Og4pet8kjqtqAKCa+Z6qlKO1l4Jw/oJ3nqYSq09JTYhGBBARAgAGBQJKHRgxAAoJEJI1mYGj +P4YinQgAn3L790m9/z/ZKatnReg6ONJlq5wJAJ9gRS/m5ue9yexOHAqLze4YBCxVrohGBBAR +AgAGBQJKHxGhAAoJEHiNgkfcA5dbzfIAnRCuU+GzzPrX8/TzsgApqa3foaciAJ4+0B93FhfK +9NHP/z1Os30oWthJDIhGBBARAgAGBQJKJ8TfAAoJEKgTSad+1XPTSYQAnRZY57rA40BDcoLG +0M0/z2CPFrOfAJ90onIOPvSpXE+VgB9iUczu08YveYhGBBARAgAGBQJKKURAAAoJEJtrlA9v +8iC04YoAnR9P2O2UFLecAIN6MKlzTxZ3RewpAJ9h3CGLIegwwhP1zqC5BW+Vq3cMjIhGBBAR +AgAGBQJKaRBWAAoJELSdu4LrFcYXntoAn2142kBCfcMVBovwa9j5zzyZqa2hAJ4yPGmSIijb +uLbWGRBRWHziUx07TYhGBBARAgAGBQJKaeQ2AAoJEL1K0omWKS18lgUAnj3YWs5Km10wCzu5 +YXZQ98PanNctAJ9Kzr2v/JHetlRAoxbIxMR/lQJWrYhGBBARAgAGBQJKjqsYAAoJEDXPppVy +eSvyhB0AoJPW3do7w16c8LPNazshi9gQjUDzAKC/ypXwbV2mL+fSphUkkBoCvuIGbIhGBBAR +AgAGBQJKlShzAAoJEC7y6IrDmSggNtMAoIbW80M6QOVhiPa2GGcXroTIuC1aAKCKNf5Dh0G/ +x2uOrYv71Z653dxIiohGBBARAgAGBQJKmzctAAoJEH+/otz19MNxZHoAmwaSdPWPwcI4vRgT +EwmV+8ujAhsYAKCGn1lU6H8X0UVPg5OuoSwIsBnppohGBBARAgAGBQJKmzesAAoJEDUFAXrO +5B8CT1sAnieX0FfZcLWZu/IaUnk1XGVc3MFfAJ9ZC43EXFWhZowj4fk1q1qurwXkkYhGBBAR +AgAGBQJKt+b+AAoJEM8RdMOqeJChibUAoL4cXsVGAW5tlovkRP+EtaUevX9SAJ0ZymdmnCUg +2EF66+2HB16xPn9pcYhGBBARAgAGBQJKvb3FAAoJEIlHSHQy5Kv44yMAn0PfQhs+QlYaDtUe +WUVzQ0SBRdyTAJ47ODoD4QLYnbAR4ERatlGZ1x80dIhGBBARAgAGBQJKxbA4AAoJEIM10S1/ +44GSBR0Amwc+tEh0ARbrVpJmGQjksMDTXfBpAKCM/wPtsIak0Z5C7CXkmOATrSys2IhGBBAR +AgAGBQJKy+yBAAoJEOyg/pLxcSm0RawAn07lEUANGumNUaophkEm2OJ+94XLAJ0cUjpimqqD +m4fcT4BkkfrUXkaXNYhGBBARAgAGBQJK2QdCAAoJEI+Vk6TEGObs+8YAniX40MLT/RXBip8H +vpSFD5nhh5giAJ9i3FLU/ac2uowIt8pVLYrSlCycaohGBBARAgAGBQJK5glZAAoJEHsHGyCi +glPwa5oAnjUmZrbZ4QNnc3oDPZGsDXikFBlqAJ9OBBs/t+X7IUBGVsc7ghEIK37wVIhGBBAR +AgAGBQJK6ibLAAoJEDHedz2NzEwvNDcAnA4mDqGQU7ZUM/NE8GmhxPYG1mmsAKCoF87I/KFM +DCGRnroM8y3QO4wda4hGBBARAgAGBQJK74GtAAoJENLGRNY3JIqbDOIAoLYymaqp49XDwnoH +nHOyhuQk/6ufAJ0XhfX38YgwdAlwZramAQW1W69jvIhGBBARAgAGBQJK8YHHAAoJEOHcq+7O +j0WICu8AnixrLJBfnAurklsfMcfgojV9qolyAJsGsgzmYke5OgM+fKErjT9obTvySohGBBAR +AgAGBQJK8sOKAAoJEIOP43NflrAcXxUAn2Ip7b+0OP3ZyzggfWRNNIjxK15pAKDHj71R35+J +R/LXuzxrIjHqCb61p4hGBBARAgAGBQJLAFjLAAoJEG6sy4ayMywWmY4AnjXHTXDcBjTfS64/ +EgKWVp4uK06OAJ99z74DqPNV7TeTHUl/4c6kj+RyiYhGBBARAgAGBQJLAaOvAAoJEB2NHm2R +h2OXzoEAn3nGtP8RqRRV+YxP/8c+D4GiX4lZAKD7tp7qou0cECI2JeTorMWUkZs+TYhGBBAR +AgAGBQJLBMtlAAoJEFRM/43N0R5gZAoAoJ1B/KFi/m7Fl5LiqN+f0fakHI1UAKCPqOF1rdSK +5DchizKY7Wblxomgi4hGBBARAgAGBQJLD8AwAAoJEFts3CWTcpNHvdIAoIz31l4qUG5Uzrn4 +eQSDVfX5o817AJ9wt85lM/IlLF4f7d6oESe5TbRUfYhGBBARAgAGBQJLJR8mAAoJENZlrX+l +qm+68C4AmQHkeQxrWx4USQ5Fudt33FXcXeiyAJ93I7yGyPI6zfeNO6QNrCbu+lc84ohGBBAR +AgAGBQJLTMV/AAoJEFA3oatLK0nWYFkAn3kZogIow8gstceO0P0RfUFQoyGYAJ9mwIde66CC +vye6XY5ueOu1X1ffPIhGBBARAgAGBQJLUBFQAAoJEH3Np+AuMmUYni8An36mrE0DeJGY/G6w +kJWAYIvN0qB/AJ9gLlbkWrk8T+l7gS5zpO8Pi8/ZFIhGBBARAgAGBQJLVywDAAoJEMAWjWf7 +mm8KFo0AoMrMa/q2DbSgATgRWQpXhhqxkh3IAJ4uAxxLMb0BKEzqvxy1GzFbrUDhc4hGBBAR +AgAGBQJLac9KAAoJEHRmGAb4j5xVQFsAn0gv0M2g08i5i/zT8gZYcAjv4KKaAJ9TOxslNVNO +6HZWc0xXMgjLfK22N4hGBBARAgAGBQJLcAB6AAoJEOPkCHHdXycq8swAn1fwVk8jg1mZBf3Y +MHU9x34dfAXWAJ0eyGgOzpe9r7Er/W+pLcPMwvF5DYhGBBARAgAGBQJLf7UlAAoJEBtxD5iR +mh+/FiEAoOPClnGCXEg4A4S3jucxSQENmXsCAJ4mgat0zk/t1Pwnl3V2bSgMd5mqHYhGBBAR +AgAGBQJLhbAEAAoJEHDt+hy/nccy0+UAoIId8dkNBNBDMtFjgtLsjnfB2Q5NAKCyx/qSUxo6 +3YUQR/tWacqM4m84I4hGBBARAgAGBQJLp5OVAAoJEIWHaMYIFrBnkKAAn1iSLVAlWmZWadCn +sfq/IeU1a+2wAJ9yxgL6zmk8BizdsCWP2IDqSBLezIhGBBARAgAGBQJLqTA3AAoJEMuWktMg +XQw1zEMAn0YFDUABIjrvULXYhmkUoyt6GAaZAJ9Wo2v7gp82ipbPDMWkGqy52Xl2MohGBBAR +AgAGBQJLsY4TAAoJEDq+upFWhM/WPoMAnApT4C9GzgZMvnIpG7Am2XmK5YpsAKCtttFFaO72 +gUYkbkbcW5KLeI90SYhGBBARAgAGBQJLz7m1AAoJEEX14AWpKf/DcQ8An0hZgu74j4zgX4QS +qDwki6yhfZxJAJ93KqaC0cOdDG9PtgYCqyMiXyryk4hGBBARAgAGBQJL57aVAAoJEL1K/4cD +1RAaAxIAn3YLZt1zAQp5KribGWtdRMZYpa8MAJ9kK1Ib2vEkcuQjLAe/m0/FdnOPUIhGBBAR +AgAGBQJL7DpCAAoJEBi7mMVihJzev3UAoJP8DVcpoLR+JsgQ4QPBwqXN1RwTAJ48d/b/anYS +8ddLEzpum0ksNT9Ue4hGBBARAgAGBQJMF8mcAAoJEDaM6G/PBBAoPxcAn0O9UxohKpcDF+Yw +NqKaUaVj4gBQAJ9x4oczkr0V2u6H4ObaBRxDoH32a4hGBBARAgAGBQJMI5+kAAoJEM+quhMA +M/QRytIAnRDOusQc/PmcuQQDcly7OOBrJAqvAJ9bWbw5Tje+aUO85eKYrpoIIYDmt4hGBBAR +AgAGBQJMXDCzAAoJEE56KYToC55/QNYAnjNTz0+y9TFLWnssfguv14h17enGAJ9yxvPoi1iX +/vOUgP6U5JBj9s6CSYhGBBARAgAGBQJMYm24AAoJEM5YY5ioUrqswZcAnRA9tDkfF+uElHa2 +yGV+fwClJvIVAJ9gffwZr4JhvyUZGu5n7EI8NFNJuIhGBBARAgAGBQJMhnIWAAoJECk7Tnxh +Dto7LjkAnA/986wJgZWTGc+fYdl/hpHIRcEAAJ9nFClD6jGjmXZ4RknH4fsqkMJG1IhGBBAR +AgAGBQJMwHNIAAoJEOgkW4kiRO2pVT4AnRL+hjmHYrJ2RVU6WISFccmDQLHYAKCNXLS7snsD +VbsJUQoiDs8yhgPjjIhGBBARAgAGBQJMwlXAAAoJEAdX5Wpy04TTWBUAn3bAJ+BqFA9CT1vw +HHH08245in3tAJ90l3b8zyY43eH8IhH113buYZtGLohGBBARAgAGBQJM0pCmAAoJEAw/fUYL +9nlfJAEAoLT1qlFbQkEhBdHctL9f4x5NP7SSAJ9O7PBB7sexmRenoReVrdiwl4+tpohGBBAR +AgAGBQJM64PbAAoJEH7sqEn+1gVgsd4AnjMltViBtLgGDCzQKf8E6VxaYsEEAKCbMyrsfBqR +bXyzA++iMwycPgNapIhGBBARAgAGBQJNFIgTAAoJELioT4mIdMBWrnQAoKAiPLWaVVobGSVr +EeYO58U36VtgAJ43j8QlZQ0xRRQ1uhdFtLj/7bMuD4hGBBARAgAGBQJNGmzbAAoJEPVtBu/l +jQaFrvEAnjmu3i5Ag75CWXL5IHkJtDLac8v/AJ0S5XO3v36VhZHrEVm/IvomtuNyh4hGBBAR +AgAGBQJNLQy4AAoJED8cXEb+DjvaHSAAoKkF12YzNTLbsN0hOmblxuzis9V6AJwOi3ETGRWD +dElzx5K7ZhwfrfKP3IhGBBARAgAGBQJNLXwGAAoJELmvORojpWfiSI0An207LLbHWbV8eGyU +qPHyoJ00DmzJAJ0UVozGlPc24hEBIwpHZH221vaUrIhGBBARAgAGBQJNkfh9AAoJEKwOw1KF +ghxClTsAn2XGXwssdffs7KKg+lF7JM8kS2B/AJ9a01oHVeLTHx2E62TyKjcwiEmzcIhGBBAR +AgAGBQJNs9VOAAoJEGenP5Rv7tqsqW0AoIXYNFjIPMPEeNT9uZ4w9DUuHGl6AJ9/mp9nF+je +gAGavF0BQ2E2gFKE94hGBBARAgAGBQJN0t9jAAoJECm6cuUpyqIUeOAAnj7V2Cc7x+q33Pv4 +GFWsDxvhJ51uAJ0SmLf8TFFpLMUz2UkUhg8OXooiVYhGBBARAgAGBQJN3lx0AAoJEMuOop3K +dBf/iOIAoNx4XATXar9VD3AKVk+kx1+irN5dAKDgtBl96Eg4MX4xCRE0hbDFspkatYhGBBAR +AgAGBQJOIFScAAoJEEUpEw9Iw8Si288AoJPV/x5tO/lkLrFxHCcAK/ivt0bEAJ40kZgL35wI +M5MpQLj2e89KEbaddohGBBARAgAGBQJOQedTAAoJEKdkHi6zye4KO+YAoKXnpsCJTCAW2Bj+ +JW6fg3O8u/EJAKD5yfa1G1w+B0QYtWP1ApZCQJx7t4hGBBARAgAGBQJOVl/rAAoJEOeAg2hA +NKwdBiYAn3mr9pVkgsP49gJzuulXq8dYzUbjAKCFuRLPr1oPKOjTCQ4I6Kk9yQjkrIhGBBAR +AgAGBQJObtNiAAoJECLu4EiAhgYP870AoJvgM7FKVk1LkRTccGNitrjKycT/AJ9AuuGsHiO9 +I0+sw3Pfl8OLr6WKS4hGBBARAgAGBQJOgymMAAoJEEHmyql1B5VYynYAn1PRtXbLHaG/CYaO +qXtZKWdfZP/VAJ9p4jltq2LNav6ipYJlnnZEzIM6SIhGBBARAgAGBQJOl3n9AAoJEGOjC5oO +8eQQAgoAoJXnN4D+4wvwu9l9DTnm2FjnTuFnAJ9B/O4X/uVoFUscbJMLxsnPExGnfohGBBAR +AgAGBQJOwM6SAAoJEH2UED8VIg/lAvEAoKHN4VH7M/bk5ifdD2dPpaQfnSAXAJ9PE3NRFmUn +rsYZpELqiuDh4l5tZYhGBBARAgAGBQJO90+gAAoJEEO8mUiUGFu5zQcAoI5xf4HCMT4WKZ1X +BMysALB9QtimAJ9Yykspg0zq6khkm3XgYm0vB8HHpohGBBARAgAGBQJPHxHIAAoJEL5vMctP +MhUytVwAoN66OKzD+MaMoBzQZ3tRdbKfjnA8AKD4ulWJQ/vvzCNcsP2ZvzDJJsq3eohGBBAR +AgAGBQJPYKyxAAoJEANh4ymrWp4ekeUAnRsx8yw+lQJdLllXlq041khaJljVAJ0QuDr8j6u4 +oDAIK1KcG0F+T9kWyohGBBARAgAGBQJPwFBjAAoJEINhqbfFUwmrX6IAoK6a+k+kxHmTuJzg +Pa1w+xBWFcs3AJ0WQ8elnUryRla63pDcTKiIrZsjXohGBBARAgAGBQJPySVbAAoJEG8PWc0L +/TJTPfsAoKjM89y49wdmUzUORE1K/9JClC4kAJ9EHYINHiFBGR862noh4DZzBk2bNohGBBAR +AgAGBQJQBJ+7AAoJEIRwQT17IV8v5MMAoMe++bq9H1ZwE1TPBxl0AUWWuQI8AKCbZGmW/jos +djD71GlopwzJx6aKMohGBBARAgAGBQJQh+MMAAoJEBTHrXGFxgQUFusAn2LCX4EGRpHOpeQV +X5xjQXKbbNqXAKCK54ADc0K8vEsr+bLgDihIsBaly4hGBBARAgAGBQJQnO9UAAoJEA1nJRzG +2vAOAV8An2z3tX9IGvf9nGV1jj5ffJl1BVOgAJ9uzbTp+GAulsS/DaM5vkMAPq1SA4hGBBAR +AgAGBQJQso5aAAoJEKxu5JWlRbfCjG0AoLhwWhlwjn/UePHl98jTZ8if9F0MAKCgNXQZpPLC +TENLW2BIk3m9va3I/4hGBBARAgAGBQJQ2v8fAAoJEF8H5lnfzOGiwxYAn3bUl4BE9BOl6m2E +COxvfYzLzU1sAJ0U8pEvlgDj20ZNIqj8hqOsXAYD84hGBBARAgAGBQJRFsD+AAoJEL48A6XB +S8z1vwQAoNpWXLLLzDG+ENUgG9878eoPjSkBAJoC9QLPe14/kN1V1FTCVoCfgQAyeohGBBAR +AgAGBQJRUMM1AAoJEN/Ph0WxsjChQkYAn2shM+hc0zI60uzHae2w8e3BonldAKCjNwNfLyzE +RKFkHWvbaeli6xpuDIhGBBARAgAGBQJRnhFdAAoJELSPipt4s55/CDEAn2WDL8XUSp/q6iRu +TGm0JugpVl7hAKCP3zyTxT8hWhytLi9V0Fb1xPJnpohGBBARAgAGBQJRpGnJAAoJEABsE6aO +JdO3k1wAn0eyLc5WfK6oQwvRDVUh/3PJGUKrAKCPuUFhV9gc1VimgS8+KB6mz+7HvohGBBAR +AgAGBQJR0ZydAAoJEDwAnmsSB7+6eBoAoIJcXKWgrRxjsLMNAEshdJ+fMdFxAJ4561VibwZu +Xznw52PS0NXw/OLOEYhGBBARAgAGBQJR3axQAAoJEI+Gq3hRQSh2MJcAnA+OXwLBATC370Xt +GYV9nedxjHvfAJ0WGV9EtaMFet7XsuKW1c7TsEjD2YhGBBARCAAGBQJKeOB6AAoJEMU2H9+b +J7gydbIAoK2gHZoznJVoy1tFHYGCP5lC1tYuAKCFYEvz5GgfyOLex6XYaWziUZAzeYhGBBAR +CAAGBQJMh3ndAAoJEI1jc2ACKjmz3cIAn21ThAxe2iMADF9lub/cv5vOcgYXAJ9qGznhnPVk +iglmk+xgaIC77FT5vIhGBBERAgAGBQJBt/hWAAoJEKCaT47lqEVwDkkAoIMn5BfZRN4I6ewP +peFp874bDsXaAJ9XnV8PFwJZj5pbsmLS8G1wU1Q8fYhGBBERAgAGBQJBuZhHAAoJEHs456Gx +ToKxkX8AnimrJkKjwlWjsfE2Gqs2afWFg7+mAJ98yyZFiF/sVGE/NuzPT/vB0O6MVIhGBBER +AgAGBQJBujcdAAoJEE3voz54FlXdYTEAniVA2knLi5dZ+t+258trUSfaaxFYAJ4jYwvc0HY7 +QYylTxEVFcVrPvMSbohGBBERAgAGBQJBwR4uAAoJEIylI7aCaFZpAI0AnjcgbXgtw1L6fXrP +k5O+NiKps1qOAJ9GZYmnlDrxNCne6iPfre+sbSYDOYhGBBERAgAGBQJBwSZEAAoJEGhnxRS4 +W11pgvoAn0aNbbWfsys7CUamVTFirOU+ImcPAJ4qiNRh4g1o47MirwyQwL6spEl5m4hGBBER +AgAGBQJBwpcSAAoJEDW8ML6N/Q3jT9sAoJ3jtY+GSDFKDJVVbuEEiNaveUe0AKCjmqAZdsFO +vswuw3TxChQJ7IGwzIhGBBERAgAGBQJB3Q3QAAoJEKTKJszAnFal8XkAoMITdQqfCFEc75y7 +sf2JE3tCt5OSAJ93Eqg2tw2aURNGHVXpAvLCWMdqXohGBBERAgAGBQJCZoSAAAoJEHDHu5bv +EHtuligAn2pm4F+kp3FBx7Zjp7JIfwkC8fI0AJ9pMXQKQT4lU/v659I73YHdAzaVKohGBBER +AgAGBQJCwRrCAAoJEPo9SuozksilgNgAn3vUkbqQ8vvmYNzoT/lwuM1BFGEcAKCRaGg+fCMK +pwY3jJupAmdSKX18/YhGBBERAgAGBQJC4lbIAAoJEFhqpk6m24pKHm0An2tWpu7/XCUSLR4x +++x73V/safGiAKCLf48e6Cus3IPDJsE9twZ0BH3QdIhGBBERAgAGBQJC67JfAAoJEBmO9jXN +EXq2RLIAoJcsHWG2Hz4Nmx0XJja2Mc6jUw8oAJ9r9+vS7+ccfK/7lUV22jNDzkNy8ohGBBER +AgAGBQJEB5LYAAoJEFYNCGHufcdOtOUAoIHZc5sjMAYLguLwkbggzmW0845GAJ0S+PcAYdZY +tX1xBx/hO81H3XdYLYhGBBERAgAGBQJEB5MWAAoJEMpynWJgPU9UWMIAnRnr82xlX6hUkx79 +B2YCToxYE/nVAJ9oAB6E/dbMtvxprLv4/4D94cuxqohGBBERAgAGBQJEol62AAoJEKZer7f+ +ddNP8sUAn3B0KGq0h1KjtkJisu92wFD8ZAGGAKDWfz5W1bQ0XvtFNYfpUExt03tu+YhGBBER +AgAGBQJH7VycAAoJEBTlVHTkwurWwJcAnj1IKZt6hDbF9Q8zcC4bssp1k8BKAJoDw7tBXM0i +z8LvcaE3gEkgZJOSMYhGBBERAgAGBQJJfErJAAoJEMsdUkmC4P8y1zcAnjbs8kugoeIBShy9 +QgwQnlt1IFSrAKDWVeQq9aSrco7SDCEqU0p/W/a3YIhGBBERAgAGBQJKq4QAAAoJEDwk07Q3 +3U5QA3YAnRIYqCUbXNUHXeFXhgOa0uG/DAT6AJ9tQTlfWQncr0XqNRxm3FMO0My75YhGBBIR +AgAGBQJBuKFAAAoJECAu1DTRKOe2pM8AoKNaYDHvm80/FiYrOnx+yadKVxnlAJ94LmnwZ4dc +Qb64Alb7qQDzS/zYPIhGBBIRAgAGBQJBuK8JAAoJEEoL36VW7JgCJK0An1H22taqfFHTQzQk +ZdyWkqkNZPrWAJ9cI3f/Q45+8oCoFIW1VTlP2Cthz4hGBBIRAgAGBQJBuNfmAAoJEHPeaYzH +FAWi7tsAoKXQkNUBolAEBDqpppu+ON4suXWzAJ9hXov7aGVQMn+DZMAUg8+kXrpZjYhGBBIR +AgAGBQJBuOasAAoJEDx4+0WResVC77wAn0A2djHjhUl8foMZqhtkhfe1a/KZAJ9xiw1+kHQ8 +Vrm/W/58WTH/TIiFl4hGBBIRAgAGBQJBuQT2AAoJELpRnM2E9+gWqNEAnRrgtMNoGSDlzlbU +jM99CTku3yhuAKCQcSzAw54I9Or1+dMmOBZR26QB4YhGBBIRAgAGBQJBuTz2AAoJEHA3cSIe +MnnMw+4AniUGfdhgA6r1R7RYf+DGObSmuGXjAJ4zbdeXTyXSyk/uX3o2jTSAblE5XohGBBIR +AgAGBQJBud9cAAoJEHZP58N2QjeX//MAoIABOABi1CFrQ0gWnF0iPJBmAQ+ZAJ9JyKqwoy0G +XpgpbV3pFwbOKCmBTYhGBBIRAgAGBQJBurB/AAoJEFJVSOovegQahBsAoLCWvuv4YUbl20vy +Ujdr0v98lZFkAJsECQ9YUdbazd6FpBk9dr6KcAIhDIhGBBIRAgAGBQJBvEUOAAoJEAg0ykWy +QheZdNEAnjVLdoFlhPaObEviz3ejWd44xgVWAKCxamhtKZ/QB7EZVXOWgrEsXrKpKYhGBBIR +AgAGBQJBvMwJAAoJEBtgNPR2t58gaa8An1AmYHarYHH3sW5YrVG/9GB8Zr/KAJ9osfEaxpdA +EtYRTMPCXCGCFQ/K/YhGBBIRAgAGBQJBvY5UAAoJEN3TSr9kEzjeMbUAnAvC3eTvG4SlgTZ+ +eXyH9ATwFJ6IAKCUQl96TAi3QCjPJfzBHSGv9NfAbIhGBBIRAgAGBQJBwOZWAAoJEETgf8JT +Vkw2E7oAoJWiX8T9JB4zQYsGAJmmOUG8ALQvAJwKcjzs8wAiEVeW71DEKf0CmNsGvYhGBBIR +AgAGBQJBwSG9AAoJEPsxpBA8J/FGG+0AoLm/BYWEoetR6+Jkw9Q1jL5Bh9yXAJ0VrfictfUh +c4COx2e0b13rJwoGe4hGBBIRAgAGBQJBwawSAAoJEPGHo+6FszywA7IAnjJ795ezCPWba2Cl +WxXZPmjTwh28AJ0bZSbs0IYrK/BEl8Y7Cwxpg3XG5YhGBBIRAgAGBQJBwfo4AAoJEJcnApWH +abwJhoUAnj2VSy0GA1EBw+T8oI6PzQgd459lAJ9ZZ0OdZxaPTml62VlnJurhjMcf8ohGBBIR +AgAGBQJBwgkMAAoJEE+XrhWuOoR6tUsAn2DTtZCpxSjqZxk1z4+faJElbXxdAKCUHzQraz9B +pACoFjZ+1lccOVXRBohGBBIRAgAGBQJBwoCpAAoJEENROPYeShwFDVkAnjcm4Ia8z8HGCOLS +tc64Zt4c4nd2AJ9eVh+CQURL+psJ/WwSzPZQw7p7AohGBBIRAgAGBQJBwulqAAoJEAmoeRrp +u1oMsPYAnjjEe1b7/N4PVup26v2W+o61DLMSAKCoMV3wGTBC7h6uQPprV5nqswVpAYhGBBIR +AgAGBQJBw0MbAAoJEGUvQmU4tN951l4An3b4dWdpj78TJghb+C7OPALFJua4AJ44DUtKbeeh +JLAqiaaThJjn4TjKNohGBBIRAgAGBQJBw0M2AAoJEGcLPqvWWI4OoD4AoJ03rWdIfrVdCdSd ++xvYI3yYvbrJAKDurLH9ARRnI0GN4KibMl1zadrSAIhGBBIRAgAGBQJBxDrfAAoJEALZK+oH +HF8lgfoAn0ax5bRUMJWVwW8tyfE6NEBj2CryAKDWg/Wh/LOXXDhi01Sk3L8FQyPm+4hGBBIR +AgAGBQJBx4agAAoJEBZ1NTLGzmaQtoIAoMxhv7qc/y4CrVh9Mb9PiJeHlQ+aAKDpbqiimhIC +YbQcMDw10HZx5pOY8YhGBBIRAgAGBQJByfHdAAoJEM65SpHqTx3c0HIAnRH8+qsEJQhH6MoV +TBJH+Btyrp7sAJwIbvhMP0SGO/MpynNMLLQTAwTX+YhGBBIRAgAGBQJB6Y8gAAoJEBuTcEas +Wcl6PrMAn1lM7jBO5rhD6AWHZjQGN3UkniqeAJ45UhwwwkiTvhpP6z7QN0Nhh4at94hGBBIR +AgAGBQJB6+0HAAoJEBjx5nYiBeZ/OgkAoMaQGsEDffvpew7zTxElHW2kcotzAJ9iv1cL6Guy +hkqRivsHmX7aR20SyIhGBBIRAgAGBQJB9EFCAAoJEJLeDAVol/gNL3AAmgPId3vt0lotA1W/ +gPTZjC3FkT/6AJ912qDtS0TAGHS3VBDOAahx573n/YhGBBIRAgAGBQJCEoIOAAoJEG2Hli5u +JhqrXsYAn1b66k0GcQZ0tKhNLTLl3Ek0AuIiAJ4oXdqoOzgWVvFDpK4yssR++pP2/IhGBBIR +AgAGBQJCKuG/AAoJEDsuXJ3Cldvlb9IAn3XZdPYwNKr+Lg+ETZkeCoNyG4HPAJ9eakg8mQ3+ +QEf7Gg+ihmmDhHFEUohGBBIRAgAGBQJCUdPJAAoJECg0k83FN5VMF/sAoImdOT9p7vccKfpC +7gIsYytg6ML3AJ9JsddRm5kggSFrIR3lGtob9C/LxohGBBIRAgAGBQJCZMNrAAoJEIuCC7dn +AHwwhecAn31jqIHKaAWUxNoU8JCrpyEE16yVAJ4kUqRn0N3ehb1jfPBNUeKzXjjKDYhGBBIR +AgAGBQJCZgV+AAoJEBLR2PPjjL1MGS8AoNe79oHh+LW+EZBFfRGCzk+23RhyAKCO//j5/VbH +X5SzQVXhcYsjInrJ3ohGBBIRAgAGBQJCaR0+AAoJEEU2efmCdW/m+JsAoI9FLDkWVfqI34WG +9ICjYLcuYuCmAKCWiz6GqU8dz0aocfEFr3FOoEMAu4hGBBIRAgAGBQJCne8MAAoJEMExxg50 +Nus4tMcAoKFACkxObFV/MgCck7v+K7UJJLlMAJ4/+ZIZxVmR4DK4JBlkzz3KsqXfp4hGBBIR +AgAGBQJCvW0rAAoJEPxPSY5vngSdzUUAn2tqcz40EhdoOpK987h20sy0Aa26AJ43Z+BBJuxV +tIJTJDQC0qsBOU3nOIhGBBIRAgAGBQJDFojLAAoJEDjInideidsXFX8An2OjNAWyYSL1UHoR +v2HKt6WK0+IcAJ9b09zITp21VKDZqc+++aK163fRzohGBBIRAgAGBQJDKUBiAAoJEFYNCGHu +fcdOwJ4An0rq/VOSOBpfQlGb9owFWpy8UIajAKCsmPxgGzo4CzNmmboGg0Vlq/2rJohGBBIR +AgAGBQJDXOr5AAoJEM1D0Z424BPd6/sAniAThXh1o/ldLpEp1Xe6C4Eus/IzAJ9xlmpLAUgR +px9oGresnNIwj9J6sohGBBIRAgAGBQJDbqh4AAoJEJO+Zaa+JdXWNAoAoJsX8llg1aTh/QKM +fvz90mWMlNTFAKCfW60W4wzCqnZ9cKnX+dtDQeGCzohGBBIRAgAGBQJDlXlRAAoJEJ2BdLEb +wKJ9biUAn2a48p9DZiXY6EnE++ZjgBa63PSbAJ0bnW19aFQF78t+ryATHYzVth/z/ohGBBIR +AgAGBQJDmHtDAAoJEGvG1CUod4cvSpEAn3piPU2cPkfN1mElfTk34QV08zohAJ4hG/Sz02v2 +CpYqLe0KeqQm8LHZ8ohGBBIRAgAGBQJDmHtMAAoJEIToH3BfwBoggWoAnjU/kNY3oTuUua90 +5cqwa9ifWSZ8AJ0WqtkmrBYrCjIdG+Arh3zIKQB8BYhGBBIRAgAGBQJDmHtWAAoJEPahaIox +JURCzDQAnjvj+/z2UDOGk7oSHf+auTqOSdiaAJ9cbQoKWeHkr9v4i/ohgwOBjJOeg4hGBBIR +AgAGBQJDn2RpAAoJEFajLKAYr7vQdVIAn0U/ie81hDwfUzP/CqOqxB85bk+6AKDCFWk2t7bJ +7pln3ykV0WQ9DyM6eIhGBBIRAgAGBQJEAAzFAAoJEOkg9j7adHNbs8cAoJVRYOZgkznrrWC1 +37h87k1fB71mAKCfiSpBv4xN7baHUbsiyoGWp1CsiohGBBIRAgAGBQJEk/AkAAoJEIEoQz/B +4k5WxcQAoI/IW4Yc6W3JjxpKFjVY3MCHHd+zAJ9sQDVyfvIt6Kj2k0e3e3V2O87cXYhGBBIR +AgAGBQJEolP6AAoJEPkjHW2U/tatJosAn1FXFpHORcHY9KejQd+emRTx/FrqAJ4nXgQy49Gz +090xwgwCtIXskWj9XIhGBBIRAgAGBQJGOrocAAoJEHvEN2793IprtXkAoLKYC0Nrrrrco/3Q +kmIouH6GP9tEAKDDLaFjcUSkzueKFoKYW5Dv1ioi0ohGBBIRAgAGBQJGXJK8AAoJEKFjNSS5 +B6LtyqQAnixRFoCUKCA7iCRIZyXa96+FsVmWAJ93jTpagyjVWkQEMNFgFmQZ5wn9nohGBBIR +AgAGBQJGf8VIAAoJEHOPHf+4l1LeH38Ani15wUY13LlmO6NncdwUjOTarUHPAKCjqIphvjSA +5sxmgUFXqrH+fblET4hGBBIRAgAGBQJGzf0IAAoJEP7V1f/fwKpmlwkAnA+6av697TYbJDcD +O1qrJcQ//k4lAKCVWpzOBeDwJFmWo+AVgVEfI/BHb4hGBBIRAgAGBQJG6wV2AAoJEKf6xBzg +zkhqz0QAn2XxNQ6IFUrYqAq3yvwO+AYh2WdeAJsEE5+U9CCb4toAaYtEdl8gtWxC+4hGBBIR +AgAGBQJHB+v3AAoJEKCRimqzZ8vENG0AnietrcCV3039Qc7kPN54llYpvNLUAKC80AAhZ4tb +YPGo33OzGvz1+LsMDIhGBBIRAgAGBQJHC82wAAoJEMWgmDe6rNL+7S4An0riW1P21+0abJyg +tLhDg3xTwnVUAJ9RqCUotanpnCBRXHTZ1/iHCSQdnYhGBBIRAgAGBQJHKQL4AAoJEKhXGnC3 +PLqQyJYAoLZX46f2tglWQYqtMFSjXItyVlGgAJ9noiEMwn96rBcY8eLvN1S0g+jo34hGBBIR +AgAGBQJHg1viAAoJEDyyfwRwRmMFrI8An3WRiLFArmO4Z9H2I+inEEt3DEO8AJ9MKSzmGWJ3 +cycyF0Z0+DwPNvPuZYhGBBIRAgAGBQJIaisIAAoJEGDMsSQhOh7HtTQAoKAPdwqsv01bfoQ/ +M5zelgOLJQ8UAJ4+oXYtwJI4BnWs7Tal+yQL59bch4hGBBIRAgAGBQJIvwtOAAoJEFthwiOg +POPO/aoAmQG4kWz/B7Y7Qc6EvuCx3EurDY7/AJ9GCTuMmwW6UjxIu5xlsfMM6rbdy4hGBBIR +AgAGBQJJlR6IAAoJEKUcxJh/f5lEWSgAn3U1pxuuerTDc4Siko97MqE5MxV7AJ4qxOlflUyW +6kM9ppUdG3KOwD54pYhGBBIRAgAGBQJJp1ZNAAoJEGGfnV1i4YOBTYAAnA1GqU0ZHbUokNoK +ca0HgKlVSPRFAJoCmH+FOSW8bNyPNDyeV7S4HkPnpYhGBBIRAgAGBQJJtx2oAAoJEHqDrzNK +kcIjQJoAnRs7KsBMVS5PEfEeZtQ+o3/RR2OVAJwNYkquuiQRRtZdN681SGW6PpIM+IhGBBIR +AgAGBQJJtzIaAAoJEBgjoozcBlYFDMgAoN5b/fZELSqPSgE0GVIbdnc2mWKlAKCg/uVuO/7J +mlgyqBNJSRyhG+HzzIhGBBIRAgAGBQJKCrn/AAoJEN0PYhPLKJ89cfQAoKMnpeOFj/vdA5p6 +Y6EiBgMJBHbSAJ9NX/hA22NUlJBcjV6NnkBZGiiUTYhGBBIRAgAGBQJKtXYeAAoJEAIbVKf+ +HdHfs5wAn3ldwq3mNQ2+OM4iPtCR6ZPCRgQSAJ0Ss2MnJA6GjNbrJdWn4cDh5uP+JohGBBIR +AgAGBQJLGtXIAAoJEAOtkjQ7ivhLBAcAn0FS2gtTDAgphbu/5ll1sdBetNpxAJ0Rt18U0u6I +zbnrVQ17VsYKd3AhoIhGBBIRAgAGBQJLsYz0AAoJEKn1DPuqz3i1RVkAn1VJ93rD9RPRVmqb ++LNKwWU9Y+GEAJ9Ew1X050VH4Q9zzz1BKGMmtA2l6IhGBBIRAgAGBQJMS3OkAAoJEO3Lf9Zr +dgU/uhMAn1nRnM0LuRGGiO5KGR/j41Ju7ewdAJ9W2dS1wt4joV2FAitZq3PuBxXCv4hGBBMR +AgAGBQJBuiKXAAoJEINmzfGhYs0ZPXwAoK5FmmMiRt0Oo2PalwAOUIW+dSMpAJ4oXrJNihnH +HztPzOKdPZo4fJIJEohGBBMRAgAGBQJBvE6UAAoJEK79Y2s7DHKzIH4An3Ca1qke8X5+M6B1 +KOOi5j/+eRjMAKDdg0IsLVYoBs5M2jeP2AwMNvlW0IhGBBMRAgAGBQJBve44AAoJEJIxXs8i +zqNCdDcAn1Sr6XvgEGWgDU45uGpwC3a8mGj3AJsGWQ2Uxih3KqH5FNgeNMZVG3nlOIhGBBMR +AgAGBQJBwL19AAoJEAiYndtLqTLEbe4AoLOIZvSw/AihYZviqXuhwyWe8SIqAKChLNahQVsh +Ddd/eCK5U56s/G+lAIhGBBMRAgAGBQJBwgCoAAoJEOylvLe7llawpQkAoKsYYKjTW74k/T4x +UVot9Cy90j/pAJ4xI1YmF5PePyd/MLpjBm4knij5DIhGBBMRAgAGBQJBwhcuAAoJEHJSatOj ++XIMnwMAn1jws8tB9fNee3Fza9kzhDZ5R98FAJsE1aJT3M3nfoAxqtqLqlMUYmIVOYhGBBMR +AgAGBQJBwhc8AAoJELOfXfo5y2qa8aMAnjfCHb17xKpGjHOm53O0Jx8RnWtOAKCCqjq9LVoy ++u+ioNhrgZ4y3dNAcIhGBBMRAgAGBQJBwiC3AAoJEBSIG2rkXiWl1IgAnirkXMAaYxkatIFq +Y6aX/3sT8e15AJ9ysmVNp3tIMy5ZvahcgwKHZZXTt4hGBBMRAgAGBQJBw5W7AAoJEL0EkgbP +FrCbBOIAmQHENMvtMbioH3cfRkkQiDDEIAJGAKCwRsSzOz7izotnme1cg4WZSGCUIohGBBMR +AgAGBQJBxaVrAAoJELr89wX54gkEkX0An3gAqyJcqZ78Q8zBGhBBSEdSYCSuAJ48yzQUAvUC +EnkzTH95i4Lv+mI1TohGBBMRAgAGBQJByGSgAAoJEOPXfh+VFhmR6nMAn2Ov69rEPfDWRtOc +sgvEujC5RN8/AKCA12RKe7nxxQ0zFWw4GcKwzul1P4hGBBMRAgAGBQJByVTgAAoJENyKmJTd +yv7msxoAoLf7AO2mFWjSpEaRx67MT7gt/kLUAKDsFjZ47kX+nisZCnyU+XrHpSTjB4hGBBMR +AgAGBQJBypawAAoJEGoYeM4SdGQ+TZ0AoMIRetpZWmKouJWs8ctxFmvqGLSRAKDQWD1YXMen +uqw3Et98LVt+rksMuYhGBBMRAgAGBQJCKFzWAAoJEPFkuU76XxEAYtkAn2nOfmgsPZKCH6NL +yOLT1DWTCWyYAJ0ZT6xY/Cn7tXSUhS+YrZuSuRsmV4hGBBMRAgAGBQJCSrO8AAoJELRxibQq +fXECPgMAoLP4XBD1sQKyxoXqjguVqVHP1ZFPAKDWZB7GBelp/wErAanmOqMdJdA1m4hGBBMR +AgAGBQJCTnHxAAoJEPUYbjF2OiU0X+QAn2+FqX+5kgIEaRW3mykszBviLpCwAJ9ijQBH/lo/ +ws/T34jfzbynsfyQ14hGBBMRAgAGBQJCWNJ6AAoJEEmfP/RUeSkv44EAn1L99lZy4fCOfpQ5 +38khs15MDS92AKCGXLu+zF2JeU+/I9bwUGGUTdnbTIhGBBMRAgAGBQJCWNcpAAoJELTrx53U +avVGOfIAoI+3yZgXy53AMKA7Qd4JmnfFSrr8AJ9DcV8HkUevXHKPnoHC8RjZKQzVYIhGBBMR +AgAGBQJCZo5pAAoJECNovXIhc0+VzokAoKOljwsHOOLp0DqMEKVpcAnN7wtIAKCMmkKUtegk +q6sFpxQDCdtnhQU3m4hGBBMRAgAGBQJCbYyeAAoJEOv9QLInhz4tl2IAoNtVPfYNBruEgHFx +oyFhM3iaj7tgAJ9UvG6tBCr5BQ+k71v2ov6v6TmWD4hGBBMRAgAGBQJCl1TiAAoJEP42TVP1 +U7Ii12wAnAggBa2Qap2AbdWh70XzlGHP7ZbGAJ9+cFC6YV9MfjhX/l+fJEskeCHI24hGBBMR +AgAGBQJC3PauAAoJEGuSvENlxpT32p4AoJ9ywCjjnoPwOIaPfV86ZS/O3+0eAJ9RyNGC7q9+ +GNPlYpW+mhS4Sc/YW4hGBBMRAgAGBQJC8lRPAAoJEAcFuVO3Slu2hmEAoIxUVVo/1+2StGmS +46de7p8MjX+9AJ9mzBt35jb3DLv+UH4Z3q0bIMymb4hGBBMRAgAGBQJC8l1GAAoJEAcFuVO3 +Slu2t8kAnjunHDhnPyVRmkLZGy/dhnUE7pAjAKCUlMBQqqPMv1fVohXQbrDhN/iiMIhGBBMR +AgAGBQJDLtWeAAoJEOrUtZD2iZvA3mYAn33uokfIhlSTF4MOiDNCQuSqSlBQAJ9jJMudinAa +HU3b94ElZwQhYWdcNIhGBBMRAgAGBQJDLt+ZAAoJEPincQq92uaRRMMAniV0T+TIS1/V6RZ6 +8MZraJH+HmQGAJ9LDepmNqA0nT49uXpGovHfq1cr3YhGBBMRAgAGBQJDMErqAAoJEM+Kfdmh +1MTgRAAAniVtjL65Sz0dORFzn0Awj+sMgnqiAJkBtCt5/8Vss0FraEUb12lO7ByAgYhGBBMR +AgAGBQJDOKDjAAoJEPwJvhzlJCmh/BoAn0SFpmYClGxkuuAWP3Aut0x06FiCAKDWH8rQtfn2 +9zLdhtAlQUfR09EUcohGBBMRAgAGBQJDOrb/AAoJEA8odNkvgYj+GXwAn3L1MMKDucI9hZTj +hL9zuo13JWX3AJ9VCWCbeS8Pj7fkcyT71bBOZkRLa4hGBBMRAgAGBQJDPXwSAAoJEONMbcWx +vyduRMUAn09Tqc+dnAUxeAA3L8GCzGAAEn9hAJ9Lh6eOT7hpO1lUjE/mqoTerU9xsYhGBBMR +AgAGBQJDfu/YAAoJEGLPNPAz0gSJngEAoLGFFhlfXpyY5bmoTrhqX04yMRHrAJ9kvWcjg+j0 +reKZFf6jcQDK3WwIEIhGBBMRAgAGBQJDw2mwAAoJEKjopOi518o42nIAn33Fmh0Qkw3Gk8FP +4WKRtSOq/LROAJ0UEMIc2HF4FiBXI30ZVNJo0d9xpohGBBMRAgAGBQJDyArzAAoJEFn1vxvo +1AL8jo8An0RkL63on1osRs6qhWxif2788iwZAJ9kG7G5+RluQ5JuMp6ePbFIxJOc14hGBBMR +AgAGBQJDysCjAAoJEIT02k4mwFnUQ28AniHRCS2/VMhs2WnmpXO/Hn9Cj68FAJ9RhAICNKZ3 +qwGuZa1rMl2pe3y1nYhGBBMRAgAGBQJD2VbzAAoJEOrUtZD2iZvAC5IAnjOKj6RvrVQrmu5N +ZZYEDFbSq1g4AJ4+3u0B5YHOVmYJSIgkbhh/Sacc54hGBBMRAgAGBQJD2VcAAAoJEPincQq9 +2uaRdqUAniQ0nuKcbSR+WRCF4ZDX7Prkc/NzAJ4wlP+c5xAmrmIlC+a39ZyLhMS1W4hGBBMR +AgAGBQJD2WJVAAoJEAUSlkuqW+aDUWEAn2eicfqSeEP+n7fqDvwG7PBYHcGSAJ9eDk85vGNR +HU8OdGHMHcTUN/KEg4hGBBMRAgAGBQJEb2L/AAoJEDDvxkWjpXMUOGIAoJ7VaZXmpnNfCezW +fOzTiF70zpWxAJ94mZwd5rpWlK4mC9nOahVoUmAszIhGBBMRAgAGBQJEgufYAAoJEBwX+pGA +q/eAsTQAniWuDx62Hegy1GqOkC13d/ywlTh1AJ9XOP5SiqjZmfavTNuvM+MwEeJ3yYhGBBMR +AgAGBQJEnFdhAAoJEOO7P8SMMu6NpfQAn2XmZNbrIfH6gxjA4N/Fjl24sw7hAJsExU8IvT9/ +u6xBaeh6vGNadibDuohGBBMRAgAGBQJEu+6RAAoJEJki45vXY/+iAGgAnRJ+KzU/spwdVd6E +hfE4QiYhw3grAJ0dQ7qmC64GFzeA5Z3+kUK5lf9kiYhGBBMRAgAGBQJFOBeBAAoJEOg9CJSB +g26/LrEAn2JQHdZBBvyQg6H1QsmUW1NmD351AJwIrbnijgZamMDXtGLmdK3COfMLuIhGBBMR +AgAGBQJFaBddAAoJEIjNecE6xDbRqFIAoKMc9/vQ4Mzro3Qf0vjRE8i+mef8AJ9jLBA75p+Z +y+iMd4SgKfMuUlSSMIhGBBMRAgAGBQJFfDrgAAoJEL7rnTilF6V7+OoAn2CaV79XSFYKTysJ +CckSaWZ4sJL6AJ0RAUHtGEli0AiesMi8MttlXChqX4hGBBMRAgAGBQJFfFXqAAoJENvFfNTA +3tE+WXwAn0oSbtAR17ypY46HatyT1O4vUHFnAJ4v5zqETy89Yq61r+3QmrOTX9RtaYhGBBMR +AgAGBQJFf/daAAoJENvFfNTA3tE+Nz0An2xADqMrOw6fUxYPWyNR1CdfxbtfAJ4spVrQs37+ +ZRjyzXgwta+kCFCkT4hGBBMRAgAGBQJGKNFUAAoJEGEtLcnaIdKT3lwAninYs0DNfOhgftpa +hHLOu6ZUr06CAKDbDr8kAL3elMwpiSdOooa8R5E0pIhGBBMRAgAGBQJGqkCTAAoJEOrUtZD2 +iZvA7PAAn0BW7aF5xZxWml8vaf6+/dK5fodJAKCCNI0C8gLTTz0Ga89Ma6vmTPpbpIhGBBMR +AgAGBQJGqkCmAAoJEPincQq92uaRv7oAn2GGARPkbq7WcPY0QpsRCLhLteCmAJ4mk16NJgm2 +3zgP3c9tluBhOCBTvohGBBMRAgAGBQJGsQmMAAoJEIo3LUBABA8gOuYAnjX1TPsaMQzqYVTb +Sk47i0epHZNsAKCfJpSQa3nwrd+iKGsyQBRs4BI4qIhGBBMRAgAGBQJG7jhUAAoJEDLMVcM5 +1Hp+sc4AoKlUfSwNefrFyxwi9e1Lyj/NkBOzAKCmJZGD8SKdeEAXeeQSvHnJ/izIsIhGBBMR +AgAGBQJHC8ySAAoJEMpsncY3J3wfChcAnAyk3ZI6cXamubQWRWcFofr44j2ZAJ9XNmBHtD+N +gSPLlT0HUeU9IDd4G4hGBBMRAgAGBQJHWKcqAAoJEHEIzwG2a3GQ8DUAniOYrRwFWu8QotJN +p1PYBuxwjHhYAJ9Hm53QqfRW56skjQEY447BoYs/FIhGBBMRAgAGBQJHltEaAAoJEOrUtZD2 +iZvA7oYAn3AxErhyUHRwwvgSpPPtgS1JoDkzAKCJG5q2T28AO0KUSVnzDij1az0TlIhGBBMR +AgAGBQJHltFPAAoJEPincQq92uaReTUAnRQ7OwfBfQva0FKCUm4Q/gUmxETSAJ9yo3XQfRdX +aWo4KuIsaQpyREEl7IhGBBMRAgAGBQJHr/3sAAoJEJ3DBWAkwn7Hf3UAoMPQIORE+vnTaKcI +msU50+AfIHxpAJ9R4tzh4nISiZr5qT/tfYpceVaBwYhGBBMRAgAGBQJH/9SIAAoJEE8uEaT2 +FvWDjTIAnjpRjh/QdFNK2p4Q8ll5wh6UxA+4AJwM/B/MYzEpR27JQv6U+LbHCFhAgohGBBMR +AgAGBQJIIUuCAAoJEBIxRkqOm157zwYAn3js2Z5sCQ420ZjEx2u2BKh/PVhqAJ9eGtgKfHWv +iYXspidxKF1B7xTXcIhGBBMRAgAGBQJILVV5AAoJEPAP9U/u6rRYJ+AAmwRvOHFLh9y79+uo +30oEk1UQXPAjAKCf/zo7iuz73vYT98qc1KOxkZg5xohGBBMRAgAGBQJIW+zTAAoJEOtnB45J +uXdCDB0AoM3CD7RKr5gWrEb14PSyY/LloPmKAKCt4Zw6tXQ8FDhtKlv+9G+Hn2LYPIhGBBMR +AgAGBQJJWjZtAAoJEAzPk7tjy+Y/+dkAn0IOJywHKDCpE7cUT1g1Q2yP6Tw9AJ9aOwblCSBb +a2D+F38rbmUe+z6n+4hGBBMRAgAGBQJJXqugAAoJEP75H9y7h2KwA8wAnRtStj9ajVNe8SOB +C+vSZGipefuKAJ4pt/mrP4fIwB0n9p68IVZTDQtKJYhGBBMRAgAGBQJJb471AAoJEILc5eWr +f02OrcUAnj9MFP12QkSo4pov3BwWkkQudrHlAJ0aVbOOaw43oyNVLA5cxjRVX6GREYhGBBMR +AgAGBQJKS8ZYAAoJEFwhtIFYLF38K6kAn1IUz/Y2geAQsAcriZ9u3s/sipCPAJ44Fgcki9jv +JELEW5rwsP/EcK5+eIhGBBMRAgAGBQJKYNfUAAoJEEX14AWpKf/DhVoAn2pIqf1mKeKyXdqT +ncwZZfHAPzVPAJ42SAIUd6iCi96rQIPqFNQRMjUVZ4hGBBMRAgAGBQJK2HAzAAoJEGBu9zUU +qr0r7vIAniNBh0Qe1/Ro2HI0APza8d4m2VRzAJ9MJoJmzP2Sru9kUHdOdEq4Am7TxYhGBBMR +AgAGBQJK2tHJAAoJEGuEdVmQFyAUWkoAnjFTqXoS43kMVPG1qXgyUsPQLz4bAJ0eAliA+pJx +WHc/yghelLPAmomav4hGBBMRAgAGBQJMXcxTAAoJEJcXp9Db+piUHIwAoLxHOeL4W069P84O +CWZdrQ7qZLFLAJ0dmm8oDXJVG204NCZ3ihSYiTfOjYhGBBMRAgAGBQJNRCdkAAoJEFEn5+7b +2q2xQZgAoLf1XnE/sHCav8LweoCC0m7YHmTtAJ9NGueqbAu88E9NtEurIgr0OT/EtYhGBBMR +AgAGBQJNpwnFAAoJEIrbrSdiqYu4imMAn0BRTE/F/WxI/ft95VKD1xl5NTaTAKDvWrCtVlrS +YVZMpVlpkxjg/v0gkohGBBMRAgAGBQJNwbflAAoJEPj3Y8ohBi+D0u8Ani/BcQ2SGjFnnfhX +xT2MiEAm0LhAAKCLjg3yysMF2aDq6Ov0PCARxO7Lt4hGBBMRAgAGBQJOeawnAAoJEPyNX50+ +tWiI4xEAn23YlMlOdbjLvClpM0BpmZ7rN6RUAJ9iDzXEz2swEm/dxbQZ+HLhngP8XYhGBBMR +AgAGBQJOebBRAAoJEH6g/dWgrH1qLtQAoJcw4lQUGp2G+iXGcAO9w2t9n9olAJ9QY7jZ1TDj +b/G7EMdwt9bNz2rp8IhGBBMRAgAGBQJOebCoAAoJEECffshohR6WtaYAn25J2VAaNOF4YJSK +qT8Art4fPmEUAJwIBEDFfm4G+Q4SLVf+JbaCKB1UcIhGBBMRAgAGBQJQtPCUAAoJEB1azFOM +E266cU8AnAp+gC2Hoems8iSGcz1/uj8tnfNmAJ9neDH3cZRuk3LN65Je7lWpyJvIzohJBBAR +AgAJBQJEiVDsAgcAAAoJEKdjQ7FNefMnEUQAoI+vfb2mDjA/THja7zhNr1j7+UkAAJ4/pIPS +aoF0lh5ZR/UHoRhfkH+ccohJBBARAgAJBQJEsw+0AgcAAAoJEL7OkKrPE8QasD0Anj0m8g0A +ZksKpusFtvhqrZVsY+8iAJ40+GKt0LC4OhRDcQYIS8rgyY9SPYhJBBARAgAJBQJEvGeVAgcA +AAoJENG8xi/bm5qsOHwAn1tzv2OU7TjvFsqdxuLFdNJxmmcTAJ903eWjBjcXDq7ZlQKp/rgf +vEpxc4hJBBARAgAJBQJE7v/cAgcAAAoJECU+G4nf2HGBZpwAoMe2UeMd5HBYQ/OT++dC1oER +bnVhAKCIy8asOrtPz38RFkytG02FD2plhohJBBARAgAJBQJFeeOhAgcAAAoJEH0n2KJioiWO +XQAAoItWdNon+gMOGNn8r8IykBFWgNefAJ4uOc7B38IC20DRbDe9LpyLC31VCohJBBARAgAJ +BQJIBhb3AgcAAAoJENa7qYujSYEeUHwAoI+NWTc0zogTe2+FS5f6lIqGtRnBAJ9h6jO/Rt5a +3Zfjh+SkOuULuaoI14hJBBERAgAJBQJBuW0aAgcAAAoJEI7/T+uQXzlDqDMAniI/vkkv8u79 +jF1yWbvI+LkOOJ3dAJoCoiiPknu+sSZ1DUXdtkuJD3HUrohJBBIRAgAJBQJByx34AgcAAAoJ +EMbPpqYSy13od4EAmQFCVE+8XD4JKPOVvJxcpeTSze7hAKC4CxsSsJVg2ToRjxYBGvjfXx+0 +2YhJBBMRAgAJBQJCsEzRAgcAAAoJECnEDO74tkUkI38An17ixKibYP9tFixJl7N75C8fncqM +AJ9xTaiaaCqDtJSGrN6jRZDTpm6QF4hJBDARAgAJBQJB1GmEAh0AAAoJEBtgNPR2t58g+W4A +nRb/4iBOf/zKN/SAIMFcAx6Nqe1rAJ43N26naDOy8obJW1kjGCrXgCYoOIhJBDARAgAJBQJC +HpKCAh0AAAoJEBZ1NTLGzmaQcNIAn3rcCvIi2uTrdmFzHBlQjfS94ZLqAKDjJsl/bXZjlA4w +AMRqSVx2Pk1PRYhJBDARAgAJBQJCW4ReAh0gAAoJEBQOc52JyTVjVlsAoLJ5ONPVwjKk0U5D +OS+4Kki3WT7VAKDCvZnnUlc5mtS7YtJ/ivajHhOzY4hJBDARAgAJBQJIQXjWAh0AAAoJECs2 +AQB1qQaLrr4Ani5ZhiQHD7Am/7Qu0W8sDa884sqrAKCGi2ds/9WfbrqRRV7m5Ov4wjaOyYhJ +BDARAgAJBQJJ33VpAh0AAAoJEIk8dGq+K6BkiVIAmwenkjSBgaqiDN687qUUI/gOALXKAKCg +LPTttFmuQDRW7ndaGYYM+PPhgYhJBDARAgAJBQJJ33VpAh0AAAoJEIk8dGq+K6BkiVIAoKEy +8wNKBQfYlFuyFzXfJgOPD9rgAJ9sJjZ1KJP/LuinWrsZNZdv7mduPYhJBDARCAAJBQJMh3uD +Ah0AAAoJEI1jc2ACKjmzTBcAn3ooOQCPRDaGItSwk7ol3exAoNDNAJ43/dsZdDZQQ9Jhx31J +PRYyQL8Vc4hJBDARCgAJBQJOBvu3Ah0AAAoJEPywu1xfH79wBv0AoJ8e/pX/y9nOMnZyP2IW +0em+p6GeAJ4xxzp/BIJN/WTjksaFi0RMZ39MbohJBDARCgAJBQJRwjdHAh0AAAoJEBQOc52J +yTVj0u4AoIgdygcLHIsjAg8tuMZiXTUikQ+DAKC97TZcpdunF2/BuvZSU5+dH8ZoDYhKBBAR +AgAKBQJDTBQvAwUCeAAKCRDXyfwno3akpvsqAKCAKmkCRmUGMzyjf9KqD0buz9x+ngCg/y3e +z9ZDEKDMxHJJ2zEtX5Gfr+SISgQQEQIACgUCQ93a7QMFA3gACgkQlKUPH8Uq7D9v0gCgnKN4 +Dk8C+pT/PYlYw63UQHnSGT0AoIgbsm/2+HKzZu6bib25v90aFd5QiEoEEBECAAoFAkZnoE8D +BQF4AAoJEM4r1SJ8OlGTAekAnA19lGPlHdNeeS9PQ8v020UFq60WAJ9965+8PyDJ03gEjZK9 +IhNmGgQxyIhKBBARAgAKBQJHVbeCAwUBeAAKCRB43SrzPmk5oxsyAJ96wv+YLTeigWJEw7hY +v2kH6kt+EACeJ9NO/JDV/ogGU9+3XPwnYGKrsR6ISgQQEQIACgUCSD3GSAMFAngACgkQbVDD +sAJoYS/BnwCcDoEhM7wbsQrr0IyDsMNI6xn/Jo0An17tzB9jQBCMfIf+wwc6rtKFxTwciEoE +EBECAAoFAkp2vqIDBQE8AAoJENTYOw9Rc3P6AdoAniI/XtfaJv7g2LRFgnRUAetQht4LAKC/ +f2PUyP4SFfmQyJTJfDNXDfL2Y4hKBBARAgAKBQJL2Y0DAwUKeAAKCRBHoK+D8U9U3QOsAKCA +Kg5lS9lA1yFnWu3ROCthfPogzQCgvPTkbTudS+6eyUgY47AfL09Fq2eISgQQEQIACgUCTMPA +WAMFATwACgkQ4YVPBIgxmXKQQgCdEcHYD1N4PORNH6HR6Esz7l2yp54An2UNiqXJeLFIOnNS +alkDRvqLTnyOiEoEEBECAAoFAlEsjEkDBQE8AAoJELLmm7+r/qQStJ8AnR1DH1jAqWZVwFpw +mFJF8aNELk5JAJ4w+4Tjjw6uG0sQtkIc43l7ZKuouIhKBBIRAgAKBQJEy8A2AwUCeAAKCRAz +1DQIAl18XbkiAJsHffQ5NUDN4qWgmRyQUpRmYfVphACeNUCVPwFrTm64Q/JotnCtP8CtSXmI +TAQQEQIADAUCReU8SgWDAZQ4JgAKCRCTThb0RQUGIIfxAJ9zinWClv7ko276kdSAUQxjBu8c +UwCggrJ01CB/f7BIbvthaKW48FlaVGiITAQQEQIADAUCR0OCzQWDAhclIwAKCRDOKmDmZZ47 +0AC0AJ97lknCDywdw5iShqkXoAwcdHjyLwCfWTukAKvQY4uJxzaBILDae4A3BgKITAQSEQIA +DAUCQcDFFwWDAeKFAAAKCRCqWhv2nyYhFtCrAJwJmy6CS3/5+gpxUHdDOE98BVdI5wCcDScT +XrWgFi+l6odHmIsz6nRrZFSIXgQQEQgABgUCSTXGuAAKCRAY5XaOODpAyZ7oAP41QXJhHWTg +9NtVATtseAoitweFCgbRQuK0S72YSwlOugD9GmfH9Iogp4YMZuaxry+E7IX3cmQzhgPOG/w8 +PLQihBWIXgQQEQgABgUCS6iJsgAKCRBlXTNT9rrl2Lz+AQDCnCXsJeoMwokqaVvEJs1/tY7K +xwvZJBkaw49z5R9OuQD/Z6odDhkfvklVTCIpndO5BNkVAlcawnTduEmHKYR50cCIXgQQEQgA +BgUCTMA/LQAKCRCpQsVmE5wJxqAUAP9Dgd989Rg8HyYEDAFkiRSznl00u2t5vwcWh9HkwDAO +EwD+Im05azzEPK6W7HKWQbq4Llb0K/OlqjL9Mva0EFCy0xGIXgQQEQgABgUCTPNOqwAKCRAi +c7OqmpMGPvB3AQCRpbbN6h/3QhS3VIzUI30/o/AvUVloYFlzifCDlu92pQD/aAMsDM0+KqgR +vkPB076bIsUA8ZGtvB/DcXVcvKMvTheIXgQQEQgABgUCTQPi5wAKCRAFOCQcmxnlntzTAQDb ++S8nE5z5Rfsua2C5vNMZWeuuM5bYQO2eSHYMxf1IBgD/YwC3HxgMkAI7NMa5qhCMFxYmrsVg +Npokx8IsyGn9aCaIXgQQEQgABgUCTUdeqAAKCRDTKQHQvEWoUaJNAPwKCyhTtPZKm7ICmrF6 +gbOOFkgBuMqKYsqTdEmZUvcsqgD/UaviIuQdx8r8mlU/BKhEAtYs9rqn6y9K6DjGpsuxGTqI +XgQQEQgABgUCTWbWJAAKCRB/urM2KlaHOD31AP4uZ1apnBpeOo8akYvCSfpBlqPvqVQlVMBo +LYfuTn5TnAD9HNmiowIt123JrIPFulgHoVmq5x486H6NBy9eHKbwhqWIXgQQEQgABgUCTWeC +agAKCRAMlXLShRmLSa5uAQDE8u+XGw9PTBrVDs9bW5B3c0GI4OO3x894FVxbtX/SBQD9HyI8 +pbag+OD5eAykzs/JMWXCRA8w4IS9FuCSgIlP1KKIXgQQEQgABgUCTXvRIwAKCRAv8s3EESSk +aeZJAQD6bWOfQxg0DjPxdjpfyI2BqgkBXhDAp09W+boxYIXlrwEAu3DE4Aapses552yh8jof +0qlHquHqERxBBrjy324fnrOIXgQQEQgABgUCTYkW2QAKCRDgcXx4BBdKQD0YAP4/cB327Eei +fiwH1rLtEnjQIJeZ88EKVNbroGJ7uDghaAD/alHs9IJW2jnrDi8wVX1iSrdeyEeSOFcXWWkk +rws2SNeIXgQQEQgABgUCTmeJDwAKCRBRtaJQ90HZsPu2AQCmInrvIS+4kw6A6wahGhemhYkQ +qKzTqZ5LryDH7B++NAD/fJu+XMPBGhFjoXB07E+lkGs8DMjcYhXzOrTv+TYiqRmIXgQQEQgA +BgUCTmeLqgAKCRCTCyMfhLrDIMyUAP4t5L4UlIv/zWVxEudIJ++LQLtUQF49Qq0KlblWq2fD +wgEAjFzPlTTHrJtkTbublY2jUJ6jMAV4XQDCOj6cPKQKr4uIXgQQEQgABgUCTmykVgAKCRDc +sCOtgXX3Ok+4AP4vNa1Qpob1cvxJM4PaZg/f3Wdhho2XUuCEmyfGdaKrHAD/a7+25EtpbfTU +0pioy8LrBRZYGHLayQwKmNFQdCHpZAWIXgQQEQgABgUCTnVXFAAKCRAh/o7/Ii5Zi4EaAQCZ +fJnmCt62r7hZmE/dAFoODR3KEDoon5Ei3jHeBwk+oQD/XRigRxfqAnKTY0nx88AFJj9Qnm9L +SsEG5NP/eGkYh0yIXgQQEQgABgUCTqIP9wAKCRBXoviP+AiTtsY/AQDKAyEhCRYs6Tobkj4p +eBhaaRELV4GxuOaWiSJzqdJL3gD/TQj7BDsdEua00QMsWDBhxM6IDrvpWk3uN/Xf1hoMQWWI +XgQQEQgABgUCT0V38gAKCRBubeqaAjzI4bpDAP95Em0MJcxfLcWghK8ArK8dUo1yb/mOAItX +5uMnmeNVVQEAwcQSHBzZzd+6IpMk9ismZL1DqUPQGejNPJNLcTJ10nqIXgQQEQgABgUCT2Co +ggAKCRCI+jdb4ANdJTxIAPsE9uVOD6WfFV8nQKgQ/7rEX4p8+srSxKcXLinXKhagsQD/a3gf +WeojteYjKUGe+07umLEPuU3ZjQZNMauGH+PHzZKIXgQQEQgABgUCT5PBbwAKCRAjHXOdE2xc +cby3AP0aQg/d+xnfN+d+p9AWR76vKS0U1jLsWCO8fAwkBlSWEgD9FLw8i+dd9HahpTc1wskf +xjgyyLSTz+qvJ0smBQcXDFiIXgQQEQgABgUCULySMwAKCRCUMJPtKU5/CvWwAQDg+PrNw2rx +059uH32IuztQB0e6R06PmJ1h4TUZ4uU6jQEAuGTem9hwqLOiHlrTGqU7S2IUUFx1ZR7FU2lP +U3tqBciIXgQQEQgABgUCUOL7tgAKCRCTcrdAslmE5KHXAQCQB8h/f51ss2ZhrbY3UFmXq1h2 +MqQ8uRidNz6d/2BjNAD8D+0LKPByVIb+Uk/lO01mBsUChRAPqXkeXrgNrgjJErqIXgQQEQgA +BgUCURlOaAAKCRD8JkKx2xXB9a4CAP9wHBdEVFw83M02hLRkrB8NAghJJnkiq0U57qtsM4BQ +lgEAompQScm6lC5LSZbBRtgkxd3z4gaI98GKmlqTw68ko1CIXgQQEQgABgUCUWdW4wAKCRDz +lBBWCqkAigK2AP90tMPNXAiqnXjOKvTn1l9/7OXSidl73dYMKQjLSqpw+gD9Hj8D7cYaVnth +QVsebqKOKwwsn/xcYNeFOymmcinq2mCIXgQQEQgABgUCUiqFoAAKCRDC1jGLt/dj31xfAQCB +EtpxqjHi1vBSrSKtGOn9sCSzkVTc1VSJ27P5qdxNywD/VdLEeDR0klHvyl+1o2142pfEmcH7 +vymD4IJcnmJT3oWIXgQSEQoABgUCUbbqLQAKCRA0gBRN4ANdJbtMAP9kg8oxEWRKgDtBAIDR +6K4Xa08U91H6ilevmw5guRlmKQD/QEM+4IQyT40xuBWtYyUyQVSQSpc6kXle4xirwqg5YUuI +XgQTEQgABgUCTa9eRgAKCRCop5DqIgQDt2M/AQCe3dllN490GRoyyDQyt58aphmGgtRS/WjT +W26v7YZ1NQD9HZiE5egoUYVwTL5ZbdmixrdwkLF8Q9onTXeoScb8VT2IZAQQEQIAJAUCRAF8 +7QIHAAMFAXgWhjxbXj5dK1tALl1wZ3BcLmNvbT4kAAAKCRBXiA1w8/n96DpFAKC56SvxD5lZ +E8MdKQjWMFyx8JSA4gCeO4wPCdFH4W94XWk8rHaFNUM+6JOIZAQQEQgADAUCURCi0wWDB1ap +gAAKCRD3hB54UJHMYUQVAPsHqeJPcdDCnnphZQfuN7LpKCmHHL7PaLKXtuWMy9kyZgD+OxSP +XEmvnCV8jHqWwQcPIp738YWx7uUXKeD3c/JJRMqIZAQSEQgADAUCUZ941wWDB4YfgAAKCRCA +lNQ6q3ZHfdW/APsFH6fcoWO7ppGEzUHEee7thGHVM3A8GmxHRGU4s43QsAD/fpHhn6e52HKl +2seDy39+2WVG9/Guxgmmn0IpBfVSl4GIjAQwEQIATAUCRoEzEUUdAEkgZGlkbid0IHJlYWxs +eSBkbyBhIGdvb2QgY2hlY2sgYWJvdXQgdGhlIGF1dGhlbnRpY2l0eSBvZiB0aGlzIGtleS4A +CgkQ/LC7XF8fv3DPZQCfZ9qhpJmT1IPzF/Ag4/LdDS+w/qMAn2HYZ037ah7ddgS/gzLausNL +EqMsiJMEMBECAFMFAkaPRU9MHQBJIGRvbid0IHJlbWVtYmVyIHdoeSBJIHNpZ25lZCBpdCBv +cmlnaW5hbGx5LCBzbyBJJ20gZml4aW5nIHRoYXQgZXJyb3Igbm93LgAKCRBVjgmCgtIkHMWI +AJ0QIVAUAGN4y7U2wf/I2o0/yCwKowCgiBXY7Or3H+l1zRFuQLYoeYV76fSInAQQAQIABgUC +UC5vlQAKCRBC5j+f0+THVJ/CA/wJBe0Og0AfQf/uHKm8J44he6vmcrstjEos/JmtoFfFQ+Vt +8Yij6L4XMGDZ0eBAkF9D9ND3d7fc3B8IVZJ2uU4lx3qTNqiSCTBBhzGPqSr/ekTeRoIf42f5 +Yyx8ln4MLMZCAO4MHmHRiNwNm1EEJXhQU2+G4eY3Xk+oXwLXtJw2v4iiBDARAgBiBQJCP/Jk +Wx0ASSBmb3Jnb3QgdGhhdCBJIGFjdHVhbGx5IGhhdmUgbm8gd2F5IG9mIHZlcmlmeWluZyB0 +aGF0IHRoYXQga2V5IHJlYWxseSBiZWxvbmdzIHRvIHBncC5jb20ACgkQMBkOjB8o2K5CMQCf +RFPNmaGsRmYp2CbgpRMLvhlJPHcAn1iMZQKf+lrIyauTce8ucFlGbgx5iKIEMBECAGIFElIv +4mRbHQBJIGZvcmdvdCB0aGF0IEkgYWN0dWFsbHkgaGF2ZSBubyB3YXkgb2YgdmVyaWZ5aW5n +IHRoYXQgdGhhdCBrZXkgcmVhbGx5IGJlbG9uZ3MgdG8gcGdwLmNvbQAKCRAwGQ6MHyjYrkIx +AJ9EU82ZoaxGZinYJuClEwu+GUk8dwCfWIxlAp/6WsjJq5Nx7y5wWUZuDHmJARsEEAECAAYF +AlGDXMEACgkQWxImvOXpKyrWSQf4nTn1E0TJN+LD8dDt2C4BEBi22TDX36Zm3oqsH3UbwjE+ +UP4NcbDxCSyrLINJzha+l95N79tXBvMjONibJefs34iUiRmIbEm4XCMCl55eQmVD3rNujZEX +V+TQ1Y1jKwr/ZIueNCd+k5sqlwe0Glt5vOtCopkdYMZ7bC/HcvKdcd+D501dydRVutotVHTg +qAwu2DsHQi2wGXboQ3TywqofJj1UsKYhz6mVNa3030h7PiIDwHfbzMmAABNPS93gBGY7Fitk +rO1WoGAmwgGvDcVBs8acz1tcYmGJ3WGwePu//nYt7ODqyo3hJVXiCPN/KEv3YhL8Hl/CppqW +MQ4bKQAhiQEbBBABAgAGBQJSIgW/AAoJELyK171eWQw7yv4H9jOV6tKrMuhibTemD6gxJEgw +UKu8G8poyb1x6UMZ585uxVh9tE0H1sjrz5EI+3IIU6XBUgY5/do9a7cPqBQOKxjTJ+CJeY5T +Lx+P5ygPghGqekoIVf9/XXiw3en5jEkxwtjvyrZ7syIUNF7qysLsAMXKmShyMNz63GN1bJHx +kZUjwDr4wuK5UVzbAiL3dyhCqw4R2TsNAvycANle9+2g6psH0FQld2zE/LYT1TNlnstnxf+E +SaV44pMMx1kCmnVN56wbT/81UX4/K7obcDTafzH+86TGUTrUoxUoaOP8JVUqSY0QPqAy53se +tSY/RPZPGtq0qUUY7wcdudsD7oTiwIkBHAQQAQIABgUCQ6EkEwAKCRAp2S0hKK7WjdCRB/48 +3ftQAuPYrO5TBC3OzwkrgZPkv1TMmtaOhbNtLc8IyuK9mrijnoyYeW3AsGlwlK/uScLrHu2Z +UzhYKms2NX7jhNtAMpiiwgJyLnk4/2pimSa0JKeiTwkXcAZ0pX+LgbjAVfiYrDu7/iXVz+VH +0mc2jwnNdxH2hTezr5p5jw5KpCPqtlQMM5hRP1sabsbGvD76hewKuTID2sjLaORbX6R4f38i +ju/gJ3+q39X6RkMqLUOVGas6s1usxtPypfvVQdiZg2z5k6U4LWS7aXUXLVrqjaozBqn9UBy1 +SNk6sXwAZpF3TJQzoord64gJ/tt4Dj36Uh8Of28fSZ5GX1kygK0ViQEcBBABAgAGBQJEF+Tu +AAoJEOQtsvz1Im61iuwH/11vqbezqv2VrNguDdQHb6QoUqyp+EUQWWIkf5Fx33OzEb/DYtKm +aLkSZs230JUMUS4PBygC6iVtxBYr+b2+oBAuZ6mfnSnWO7x9Cux3RD+lXHFynWbSIK+zRfUq +gyekMjYkInx6Yov23ga8WnfM8N3ndl1TB+V1caYyDzJwKNk19wbQFwyUGmqNJ71P3MtYzBz+ +Kgz+9STyKUcffMTKj0ACPh7kbpRaeS0cUCvkyo5x8hBdSdjBc+TaYAu+5X3VukR6aB+LS7zl +cEL0Jxn1beTVK3LPhDjYB9tFnAefio7yiZFCkilbpSzBd+YIQCcfQnJ/rkuJPI4zHEgSpYbs +zR6JARwEEAECAAYFAkSArzcACgkQJklzsP0EoyYgaAgAgVwCMJ2tOkQQ4bxlv8ktYFsi207h +TtYtAN0SKWMcF1aRwKAlqvqaHZY3xviTMttIzDEbta95akWcd3DqBnBGhzp/8caDlMto8Os5 +jayREvjlJ1yr/56GQkuydToTVdB9kN1QagH+7h8L4GLEKPqWm3KDE+/00ibHoMLwG4UE/2+C +8UaFehr12j0b0YpB8dyFHENJcQsNYIJNWUIe8d9VsVczcE9XFbHzPE/SFMcROBqMOWsnvqjR +LoAkIHV4vUBvqScJ9KENHf0ZXJzhitbux5j7X22y+C6ynsIvTd1ucojoXePpKzjM80ly+b/t +moU/VW4WW8gPpqQUa9juU2JFIIkBHAQQAQIABgUCRcOvbgAKCRDf3eX/SZ2EjbbPCADAqbd3 +wsHM5fMaped8bbWg3jkTnjXdDbIUvfm3kO1cXRiDx1+E0BsTbSW0TOFu9xElciCNs0rA94fH +YPxkJnlN498mxJcFs6Y7GKbvgvr0hJI9G3Ed/mykOZOEIb6D1nAZMAZ7ajNCQexb0QNHIrhS +djodvkwrjS5shEVffUyPc+o9YGnKb3+NI1Vd9RLotK2Z7ZzCqjGdEIldn5SGW+6BMqS/SNFd +6Zsgea68iCq4FCyRuiJzmtEfSquOOoOgQ4YNbaCprZA2iwD7s70M+PDMbFToTzO8+9jqVuEa +DlwlOUbQFp7VtDJk3kVWVvjuhICkxexwKCP0W37YTyhZn5LJiQEcBBABAgAGBQJGEoIHAAoJ +EIPPyJ5jLHS/SicH/239amzCcc8un3Y4xKw2Cb4stB1V6z2MnLFjRyEr+SWjGxQiPD/KyUOh +q9Z113RAo2jmKScAplNLXL9C49usvY/44yyAmUaLSk3l6430rCPtWCTw6TeSU8QL08aAvwHT +jN2/a9sWihrBBp5KfSIRkuQmUkIFkaMA6KPiO5UwmCJsdpF3SuYiF5V+2+MPCl43IWPainVH +ymn698XumjnBFmdRPszo53XK/mysshNdZQEWtssQLvTPNzHHNwPnFCUGFmIHjjAYHvSVT2Q7 +CLlgeU2O7PzTflwq/9uUeGbZJXHF38WjHt4NWIY/kaKloTySetmgnl0B+k6czu1qvxMIJdqJ +ARwEEAECAAYFAkdNyDIACgkQ/L9Sqis+YjdcRAf+OG9vZR8EzdElzChJsnAe5D1LdEWylkbP +VwNSmYtYFPc/Y562cHBP0x/i7gvrayBAljxg963U4AHP71nFeWcd1su5bUNoIH6WYtH8gUnn +KgZwXebZ3n5YRwDApUuO3XD7HbSfm6CYSryVkx7s7jdcunqsXnYk6Q5sjkoQzB6jluSi6UrG +4hvYlqIsthbC4fAQuuWjdzBPLF/r9M5MAEyjn4teWLVxd/uRcALwtjt8xzZn46mHjeo7KTnz +A1jyVRzz0lK/pyMjLJKlfJLtK3G0JMbXJzDsdO08AErtT93+UvWxBshygyrIWuLbpobGXieO +Dhk1lTTXkO37XPFBAHx6/4kBHAQQAQIABgUCSDJsbQAKCRAEAaogRtOX/yn5B/4vk7um2z4y +fSBuQz0nlkH1ptiI4Y0r6PqDMpeE3C1U7CxNy64+Igp8kWMKbd4N7oFNYL431GLqU5f8FsRF +7lDA5cZ9cG5NIkVLKX+Ho6fxmk/HdjkaWp9TDG3znMMVlMMfCfjzixCcD1C0+YgmEyOMP+26 +lZu90CsgkkdrHEWOxBSgdJfUvWt8VMSJK7GizJ+vN+PhdlXm5V8+N3U0E+mfEe311n2VllYo +0DgUQnkiC2tuuUrfh1nkRzQwbVodQvVpTHv+CEsSugDCKgFcIgEQGq3FRhIN+X/daiui1kou +YwRoReDUEbCtd0Vi+O0YctDhonqIRZwmejUeXCvHaPNMiQEcBBABAgAGBQJKjy2tAAoJEJHK ++B1kakmRu/QH/0e2FI0DydoJY56F4y1GdWLgAqWNA8BaVAGKtUlhWfMM0KkwgZwTQQgUTpCQ +LdrSQMRTCs7eW3qI3i2AnLqc/1luaUPyRUln65oyDykTmtGLJDBCO9rpmSzjeJUlONkQFaJE +qChuDmBvJRrJvmoxDCwE7D04zucIwP7+znUEIbtn5+rYKev1CJRjyJWQHNy3OCZ2kuyJ5JJ5 +PbnsIx7bwhfErInfHx021SrBWyrofTKwH2z1Iwi1Hk/+S4E+cOtzCcR/A9Qm6g3SRhrZcylo +Ik3ZPchioUg1Zfg+TrahtFriBDGkRi/pHH1sZeWfMnsAm6MhgVOZsmuZtfVwllLNF6qJARwE +EAECAAYFAkqbN8wACgkQFp6637aC+/vNlQgAh9PtLd2FVCkPMXcZuLWgW6GT7jmijQhDOi88 +GcFU3L5aqD1gH+ZnjBsC77/XVXYl3yP2THXJTbuleqxoK6/lMT98BBQZlcudtL4YUtwImJ3B +jY27zJZeC/GoS6jbxhecyMTVMb3tla6BrG6P+tbL7wdwsCgF0xAycQXfcmQT8O4zhtZbww+c +iWPtiDvQlidwakSIJt9LzVQgQZ13XXYMPzX8knd7n8rCH7Y7ZFKAx0D5VRXk0RLjvGrCXXsb +Vvakj+NcbG8Be4/8MtcCCVo6gJxdUFE9JPA98rpBT+dfhGC80Cct4GfTdqgs9eH2Eo/hhWS3 +vAlUmbxWhUO4kr+soIkBHAQQAQIABgUCSps42AAKCRBs3DM0v/5/3oz8B/9QDTENwliP4EJA +xIAkK8Lc+8w2A3lIZPzne/NMVMBee4r+uvnlZUYlb+nbjUjD64nSfbJe184ETZwv+eQzMJwg +xiHUhevVU+UR4z5WvIjXkGxcdKPSKMUsKfh7nG4fCV6p2TzxElCGHzu9BpmnMDDlSEaF4xna +Joo2lvFhR5gPDmS9urQgdzovaxoDTQOCi8zZlI+aAssrw9Ja2GS/LMTARYTmpE2N6Lxcn3NE +WwAKLoD9wzx2DiJpCZE8yuwRWxnD6OCoq0JWGUtNzJs5U825Qqt6H3NuddcKTgbIT17fL3/n +yTcnnXrws2zorsL1yjQRVRsZVd5zqbVLg1n5QlEIiQEcBBABAgAGBQJKmz2uAAoJEAf1Uvnx +FyrrJlgH/3H3Qr37+6xH1XQuTNGfWrCMVzZmRh32aPSzXi7BAitbjr8lHKxy0p4X+1a02QYD +KIZKYSLRzIKGp+YQbDCuZzQH9SIY8RNoXzk6Tqo+jTvfsgkx/z8WlQ4ff4Jhd+lH9RHdLr15 +b2c0DGPUH0sQUKiSBO5DaXtak2yaThlsEZfien1uNXHHKxOswSw/kqwXzoqVa9cpg6sbn3vq +KP7Zuu7GBoMuW1tgh8s/oVTQ6Q0Jhu0pMltOWiAN0XRWyYtEiUsr/P3ROrAxGu19R/vZDjYA +nhxfeEa/KsAVK99bvUOBb6wlpxQsWPkktbWPaVvsL9fmomDCcKKC+z1hLV7M+gWJARwEEAEC +AAYFAkqbPhMACgkQHt3DFXKyB7kjYAf/Q1a7/fAx0HKJ2P6rjY9nxxbF0U+g+Z3srjHc2MfL +HgyvpGFcCn015XcB+NkWyowcYzhWhGMaJvlYaLxtPiXFY/oe0rd3hJhb2Vj++ejp0XkfdIO0 +jlxrcN7MAh+dsgumSgZIv/WkR2JaTOYeRh74I3YYDXkoL/UP1bSn+GQlz8U+JZtLIXxt9DSp +IKlcRzqKfW74lNaQfTfqqm01pRRS2tpxBFGzX23vgxTXqN4htwk9BX4Q2Cf3IIYD6JrR5MEg +VnwfaEq/BShffGXjN6KvChqnizVpfbhsWzmYsTCz/vFZqPsM1i7VpDBeXUQJPvOgfyypA7ij +y0ckRpnyFiNBqokBHAQQAQIABgUCSue0ZwAKCRAhcB6SXBGxsCTBB/9Mx11KFr5ueYr8qKul +Kmq/tFjXzl3ITPG3dARovSDJLoTSEWOB3hnbgJNQS2jb9+uvoGaX1BbJqPr5QpDh99VdFXcv +dcDuCLoKokZUmgS0eLpY8sl+2uRniac6hEFWz5//lAfpYb6EITd7UO2uQNPRd4jDEnMXTJ7i +JqAgYrO4B+Pd2OJWcRB3k7/UKwirXn8TMvYDQtF1WqlQPQDCnl4iqBkfqRDAy7G3ngP4z+q7 +NjEQ3W0Vtg4mNlmCfWrT6KKXHi3PNxMaymd/HSyx4YOYP8QOTI5zx44TceqvO4P7yReZbQKD +iK9CPs6bie4WyyGNpGWHRPoVK9i59woAyZ7IiQEcBBABAgAGBQJLCO8+AAoJEMVNol/bi5Z+ +yrsIAJPnZDkeTp0OZeX/eRDTvc014LDzoZ1Z/uIeNCoB1KorawNU4NwmQJkV5VZxuI4qp4MB +rKe+3gkNrqAn/0XZCRiYZlrqDnEsyfjpTfbkMcpwiSMmbRgW9XpH4SDWs1vA7pNNhrCG8/Ie +8fgM4APLugelxby9prFVKS+ucEIjngm354ihFAD2c9dcL8DP40yNeriJzZg/DxvGo2h97xw5 +V+GycfdXayvgLnQYooqrF8ZR5p8ZODXPqnVsExy3+VIx3tRdso5defoQlmXxC9btgO2MjPCx +qtLysvn4eNuyR1KTbANYQYD8msyWVL0/P+tSaviChIYtpWWR5f3Ye6jbIOaJARwEEAECAAYF +AksJD38ACgkQx3kr8RSWhpFL8wgAiRecNwpyCul3VeAyMbyaXPHx/xq+UdDkwBG/5VoHUYhS +Y7f90f5LDwCQdlj6wkSNSt0P7HUebsMGu1FaRj6rZGnRfwmQMchUU9e+I4bpJW2rE6yoapVP +LnYnMGNvqa4o0HZcBUL+gNbIiwfvvNxKTzZtk+FA2jz/x5me5APJXrkfjaIQEc9RrmovJQpm ++bz9rA6Ynquh6+762QzRTuHccXSaiCKMtGthbt4ixUqLmURsulP6dhi30ay8Dp5CUkTaritX +uJTm51WISK1mIV/7+cbGniGvPrwSuFgmx6XtfzH8OA/jcYWHGX9yZRLVhImD30G17v5beb5q +I9UOcgdmDIkBHAQQAQIABgUCSxLgdwAKCRAViNDSFnZw06C/CACk859iEhcOZKycqw0Jr76t +zhSYLV9T9mU0/NOkYmCBq8i4/BO7ppvTBugGnhxdEw7UhgXtL5k3a/KrLsYzJScLu1wVsd54 +0dZeF11Y0c5a1IloLv76TOxh84QS8hBynQA6xPYkbAhS624dFOXx+JG88y9tz0RU+lqjXeKn +5j0aGMiTEHYu4erOjjVGnMNDfEee+4hITgDIh6CcNz3U+t9wkfD0n+RbbTPFSXNQey4Oe70e +DUoyc6CompSHu9ahUegakADM/kNE9b6YjcrwbNGLncVTjB6pXd+r46zVIRTyxRvW4+WlGHRR +uzNedUcRK2/Z7Efww6bMNe13IErIZI34iQEcBBABAgAGBQJLJR7SAAoJEFSz/trJfse1RicI +AI4gr6M1h+LeR+bwJqZjgJHGloQKqkuK/YlSBufwyGZnp3EcCcaM/aRRLkVuwc2W5Pkr6O5N +UBW8xpsdiuXEzNHEcF+9wuYsvUvzDKK1dqEjF9Be4/QkHOisQvqzzWJKWQF71c4qsZaikAxV +tL76ZbEu4+MwoKzJQonOpzkMndu2DRhYsV1Ho4NpmDcb+tyhIbPX0XDve1epnjjKuX3/fIqW +ZwLJcoSCvwjfxQMd0PF4tZz1EQjRZcvvxx632pMkEvA2Nj+LXI2pBCxCcUk/i2h6gwIKOYcQ +GThZj8tV5Iy5jPz+DEfE1LBkd0bh+qBAj69yqSYFXBb7unLa7Qht06qJARwEEAECAAYFAkss +BjYACgkQZiQKMy3u9wTGEQgAlhS2s3uA5ULnctaNOg/tGhRJMO42miEgn5QmoMkHF/BRiU5P +yWU+AXKb6znNUpM82hXoAae0BhH+d3lfww7+oAM0W1eLOAIFj5zhVpFiRIx8ruDn3gQBAnZV +KR/r0JE1itwjP2cGooaHx1eXhTTfOeDCtztYtxqi0MhHlHP0omI/mCmqnb3wTC8IHLhvoUqL +lH6tDmuvEAncZWvYQk6Z9zC1UQYr1AFZol9750moP06970S+VEbDum9FbXEENSCjEDydwC+N +EaxcpthsUPyxVpdSFxss0ohSqXAzjx2/6LPPDYD1dd0ruexpuT7j2ndaSgh3jvQkMZmNB2H/ +/sgAvIkBHAQQAQIABgUCSzaRSQAKCRD4DfcCLYsUBvYmCACHNS91wGC/aNc5dFoZYqrnq1h1 +p/ABC9V9w3oWJWV6d/wtJ1KKNNzDV6EepirXji0bTpUNM27xUWehWwBVw0aW9HkS181YXEsu +ib/c1UnzYrbrZXIrUmw38CiwTKfyY7cuiXMoVKNDkLu3NsouORfXikYkL+KL0/VnhlGgwcav +DxX8hBjvtBK4RwPl7HgnFGpKuxJndzBnG2r4tB6KRRsZtfk5XHSEl1o2oGvovB5sr4VzTSJU ++r/kCVtQipLvXikMJhSil+zromBv7dJ0zVRZeJfxiSqXHiiBvZmdPB2D/QerfV0SY5V6EB8K +9jxvlEttSUL5u0OE7srDQG2M9EiaiQEcBBABAgAGBQJLQI4UAAoJEBXauSUVOENd0RIH+wRQ +BPpn17gj+hbLrVbCCx9zn/YB8y5FUUmZ2+XVsbfWugMOUONjuKGwVtnD8JaJgtxHDIRGwDlP +SlI4hRs9Cxa59/VrAY5eiTtzZ13VZEnv/wUc1an9PdHrH/o0GlF9hXCmNuKAmnqmT+QyieaJ +tT2S0F7YPdhGw0ZXHbm+0JfCIbxI3WtOIWdDPXG3eEZzH4sPgGGKO4D9asPiEyOfzRYDNFBF +Xp+uuBk7a/jvDtoYMHGhd5oI/6i7PmaWbYVtXCt2pmx4E/9SQmmdC26aFZlsOun/KeDDssSe +4UpPpaquz27L2pdbUBll0NMqtFygqrZT4ZZkIHyahbZCcPdHO72JARwEEAECAAYFAkta7v8A +CgkQ+ttz7N1GEiHr9QgAimeq2kHG5Wgzn7DmYwjNHpzdUgl5/LUrH60A7hRJDXwmGPUZB0+r +6ed05dQdw7ZxurvfXnIr6nFIuWHb30oNUYuSJY5XRMgiK2esVObVW8ngibK+JDT89oC2We3D +VKkLqon/f7SWE1XYxtvs9lqHGIvZGi2ncXH/buoRmVeOVREBamCd6Mir8CNlqftf8p5A3FWk ++FAiVr4Z8oDC+eev2Lc8KNRddI9maayCO1U6f2kkW0KRZrFkHN40I9OtHdg+F2h6fnI02Wb2 +JljufIdDrTvi9AkyGuXx9DMaNVvl11ll0uc2xcVKwkGaZuc0309+uCokUU4f886QWjXLfH7/ +TIkBHAQQAQIABgUCS3QmgwAKCRB+PRBdOGt/slUxCACBrnBLMIoNvPJRqsKv4i21atYB7Ja3 +7agQlpVxUQnMLYUK7b9Rqb8kUr4jv6xEINadWVXlksW/U+hJGUhjYnNA8fDAzRNRubfc/dhS +d1vtvA/0Pcg6OOgIBQZU45Xu3JHy+VjLMu/LOOuUuCsiZqY5LzPRJmjjyjUCbcef8uX1gvUq +zOAyNRjLT8zoHE1KL6u6zUxNM1Y4yCqLDl/BfldpxtTEkjjtZ8OcXp7MsFkzO8ct35PivwqJ +iGYjFFlJbYXuMxVd6CPqq3jIND9vhKKT6QLEk5Lc65Hkgrx3dIqycdRORiA12uptL5FkZmzT +EtqdC9buRPQx4ePpcJT8IdU6iQEcBBABAgAGBQJLqTjKAAoJEIKNhGRkElRCrt4H/ipSBgQt +LHE1+fqPGb8HB8l1wUbQIn4sJGIwp28Hou59T5svVA7zMBwYSDH8kdxnOulYYnCWwMoqiCEJ +CbDWucEgM+btYa9Y+T08eN36mp+UwCCJbfGsFgaQUWA06ZzNX2ZcMm5SbKYneRCnT+SwkFjy +1F8pCgsWbcCsZeerOOcMjEZg8MGm8uNAjC82/nBdnMdbYmV8IQY77JOiRIbIA4Rizv5yzxq/ +HFV/Di6MYOFs5Vn3J7cvWtCpWoNeXHBGADxAqxHJhsjwMef3iUANA9MjitfBSGLvztj+Uxsp +tVYL9PKQC/D7/7A55PMpNOUp1jcrRS+sPfHzijaBvMPPDLCJARwEEAECAAYFAku8sksACgkQ +NveeQx/7T2JfuQgA6ow+nQX3e6H4y7q1KixI6hut1zNpeW+U8QnsB07Q52eZFJREvLF+5ppm +jU6gYOpX0Kn2Ppj/LVKUGB8nQEcrBtGE62+mTZ/yiEaQXGXccSXR0255wfWxrLafQw2pRO+q +PtONYcILglGt5eFntWdAOmDVa8k2gKU+8p62QfwxarPtv9T+8w2u/J+3KfGt26iZPODazplq +rHQtEMRNcfIgQPMEitT1rQ4dUNZaVaL7haDe7xCWYxhtT4c0wX/TnsZigtx7uQNxfGRdkHUT +DIwJiRphTAPPFeYghqAk6QPwEZEc8zxR/l8a2WHMTNfrbdoHp0qmklo0PIVaGcj2KxXjlYkB +HAQQAQIABgUCS91b3wAKCRDBop+eyj63/BHNB/9Tl+CgP2aHKQ1QAhmwppaddTzklJiJ31A4 +fMRGMs8hsGZcHhUuMN2jgKgNNT4auFayUrGN/UzMxOPQkeTVctWBBwsMaFpSSJsWQ7jG3dig +4yZMETpXQteOFu2zlyt4DTESjYUKJTvrs/mUmGkCLnYEEAScNrxkah3FfUWcF6pj58qunhY4 +aUvFxWmTFUSDGitYb5KEkzRKDvQC7kk4xTt853YMk46idn/e2FgfZmPhth1KKp0P+uST09Rr +eSkN0W2/84R65UQHMMLIGNXEig8FJKb7dVK2usHADSmhmGiXdf2HasjXHk0Mil+4YtfDTN+Z +Hx6jz97utkcaM46tkYCEiQEcBBABAgAGBQJL8HAIAAoJEAbXGiR4Uy6SxTYIALQuhgSMT5Rx +q3K+W5fwk0vgy8SF4ugHytM6sYZp7FzJaqviT8vN7VqpBFwbE3a0HWIN4/HzlUHZRYip/YS/ +5xHBZGgzTOa49ZRzFlbALVvZmT/LV+Fu4ykRpnDvZWLAvC2dtqzu2FBJ+II4Od9Z6FMTKKD3 +aodbTxGH063VDzjBfeFrVqciN9XAfU1Vj1r9oKwrBLlwjD3BPad0soCsV8MRLBujbMJ+4kLH +uXd5i9IkslYW25wXHLqLQ1kXUQBMdy70u2vYK2RdQiyu2EYlwMsZmCWbuRpQxmQlto0TOVLu +urP38qFrUax1Xe84u2Pgf2GUvMlckzsHnvlvEQjDc8eJARwEEAECAAYFAkwKim8ACgkQiQg3 +yKlCMvJwfwf+JZwET9hcLwzekiHdwkBYx+mDAmEUDFxFsVGHNF9dpVgSxZr9Wg7QTEd4T+NO +9gGLcZjKvHt92Sn+b+UpsgatEoKaT0r1JZ8ZKy6Rqn/aR3G5w/KXtQLN/wwhLHijfmnPetKx +F4WsIDc4XfMq+WaQd4ojQiNTFX74r4UqGexL+F7ArQ2L8cUHO3JWGDk5deKUjoY9jlUm0r5e +80aFVJkmpQWigmlxTiAJhJpWbWt+uWGmlPAoXgfgFHd4cRa+jfamS1sH7RVHGWWPdArPjd9W +0GXSxJgXCzwEfQ7FR+zrVAmcbNAo8EhLemqn90MacegRzGjeDRGrenBk2lLwn2P5ZYkBHAQQ +AQIABgUCTBkxFQAKCRD8KDDbvIbv1vRhB/4w0pPtWaqUIpys9g3LACBv9c0VdHjYgzdCNvVK +Sb9gTw+fhoZn+bJhLU3D9WZ3rUSEuxuEBno+RPzmKdlWIfbF4Jvqaqr/dZ7B/xVzF4fyhCb9 +H5nu53o8J0Xu3/DqV8I///XIuGkO4+om1DKDqgRUvW5U/JIGEyR+XaWHvxKr1LSp9JGRrMmM +MqjW+uEkDgDS6vKcVbAj/atl44GNRaQ5fIwDxcnp9ZINPPuPZYGB1TlOVLKBeGNR2qdlJ18R +vmsxPM6zalmXgVTd2YhTnE5e0GrIUdcax09qzkGyOEAzHq8pOAilD26NBoiWHWkc+b+P2vRS +i7wiSTZrSYUY7GBBiQEcBBABAgAGBQJMViPmAAoJEGt1H/WZuhSyqOEIAKt6SrO7URha1KYR +WMl/iGAq1KBy0n40x5MwNQowUjwF2TBHllz/tqnOzRwOMKEZJ+Vz8gvk+Im4S/jnVlIm+Eyx +rEtDplyPpCwRjDn3ijd1B9lC+oqh8wze46GdhfEqIpNimJ6QkUEdNEM1P6s/0ZUjpOS5CqOe +SRo08sqih352lp+Ddd7aG3SU70M4lo6kmv8Cb2AlMqZUncW1yw7S+AY8vHfq3NC3rqu8AwOS +kesxL1fXmX27TT04/WO+L347OE8Vm7evTRllYuVnBaC9jjkzJwVqTgg0xs8q/pwcI5VB5JNl +PNW2hBLsVLAUzrWmKcNQh4OOC7Hr5LWwFi3RE1WJARwEEAECAAYFAkxg37kACgkQTIkKV1JB +Z3CmywgAi7CREIzgm0TSta4oMwcO8n2G6gCuCcivLSvoYefvVNgNuK8xdgENM18w6rF5q9iq +UsmxT/IWvpAfWsF++LG6VE1PnJqcULtwr2oqWd3ozU0vYTbBBlJgX3R5rcbDvvXklkG6sUff +Y09vgZYzeIoJXiLbva5A5UFirTpz/gw61mb0gHBCIRxoPBH6G1mtmJVJ2BzAoDldqjTjsuBR +4J6brKFboN7qzXmRUWhBAW1rULH+Yi6vjvyam30AjeHT3tmWCEnRQfIPwg7CjbSbrTYPG9aO +oXKLjauTiY5Gwvqh6Iyo193yCwt15AdPZgSADpomUI0091L527isGmfuyrQjV4kBHAQQAQIA +BgUCTHJtPAAKCRAC/CMR5Hmg5auUB/9CRSnMmA0KF5HXznHIPofDmgpg/LFk6tahyovfR62i +ht8Ccz2DOioqkJ4AlsEa4/wv5zxR8cFJcLkn9gade4WxQSmnly5kPsGmxgBqJEC+X8zgIoRB +staG/3gFgXzNPPQcsfSEmchY1omEYVRisWg9RCXuKeyPqF9sErINM55zT2UH7I8H1e9f3f5I +Kl55f2ok/NAw4QXA/qO0o0ewCMA+gw3V+7fNTcHWBsfHtmvTe94f6M+DqipGOYe7bwjBTgIK +bzqpaIN4yOCPo+aCz+qFkFIMqhoef9fzvdB2HpWWpIVffoRuL0WeTBZBaVwGK+W4YIXxlI40 +ksD2b14vRLGqiQEcBBABAgAGBQJMgiQuAAoJEPePn+hK5bYQw8IH/2tt2KzqdVa8YYDN03vD +Casvi+dFyvrDZe5RMXbRuj4M1xwEF11anPXGqqpZGXI94j1p7JfOrUDTntTCMBBWZhKFNevj +Y1maAyYdvvTwdU3Qy9/mj4ufLuLG+pmPXMu/AcMC1aND55CvV4ugfUSeWsErZC44KJsTF5yu +NCQIxBrK1c8oGpf/vUxGE/xkUhLJQ8hWiJwyVrzavJeHgAD0O10aTuoWNCRw5uVQkfBGF+Zg +CTBhCNC2ZXhIXLQxRBMs8MK6Apf/48ap1iQ1oGSEa4u+yaM053D9Tm89INCpT+DWpPmow0ln +K/oAU+ZD5/8duEv9dzS3wI7GYujF3gMqTWCJARwEEAECAAYFAkyKO9cACgkQJ10pebl4aWl6 +SAf/ffLufFV61cJdifnUwxqxmyTxH9CdKW2iqARDxJZUWDxfeUJW0SLVF/I77jAmGcEgXch6 +VzK/+wkJqsQc1u2rtFAW7dlU+732UFY7Rg879wqDtP1r3RcD25q7b98RJALSIk7gh1jX640z +gWWLhRYHDmvGUPujZf22BPcGambfPK/eLVGfXbRhtZl2JTEfKRn6YPd8eoG4VPKVe0Kx5rDc +2wK0ESTAUnH7ps55Vit7d5Gq5vtL1kQLeYMeehUx0ueNj2TCutf7yM05EFMQZmL5F1wn+Vqg +JxpfsjhbRO/bZNT843nr1pvAXnNCjms9I4Xl3N+kuM78bWUKUK8tQuGtY4kBHAQQAQIABgUC +TJD0GAAKCRA4pRKjfv/ZQSkCCADCoJLbazZFopUwxTylF1efuEgy1K1CCGyzVr4RdPBPBOcb +IK+542PUWKgb7w2zPJ72+U//tgmaBjc8ZzQ3sCWlebLMA2ZjvGpBZRUnkG2MgDvY11A0fdDB +me+cwW6nRL7/iJTgiuH7IK4rXyXdGkBT3eA4CUvCKGVhY4cNHJcoojVHnL65FS70dchYoyZS +4dzTxAakc9qc/cWcB4uLWNB4o2DDChyPrnNRwybJsZdSa7Vqi97iWZyVd89bWps/LTf/sSgT +MMciaQzJK28UOiln8n+yITkERHTjtFuCs2ql8NsmQZ8WCsiPcaoOh1tkUFIjerGjmTzz25+7 +e9CcOixDiQEcBBABAgAGBQJMzdaZAAoJED39xpw3zsl5JpYIAMuNQJKtExEufg8YzSHXszWX +I2+qXD3bX1UATL8EqrOKCc44UPPfqf756VYBrj2/bjHpRU1QezR1zoI9noaHOmRYOxX996Px +LN/tJ3Ks7bBKl58wDkgKQKyrcjFL7gU/pv3APxKgHTP6x0tpp3Aq3MkACn2OaFzimW+Cu1nL +r5p894AvYBTD6d7A/BVjasaDxcDc4zSljOn1I2Lpm82orLSrKiAFSB88qTGTbm6kL6dCPiI9 +tfMBxSIaCV+mU6jEWl35+0H6ra0QRPyxAiCjt0LaEw1ET9fyXgxkzfjy3ZBZJFRu/+pOlK/D +WwAn2sh0Y+Sl9QIp7PAITd1JsJEMhcmJARwEEAECAAYFAkzZrZEACgkQx9QhJyK6Jkprggf/ +e3vEC5oJJBrZE8sx76RavG7n+D0w7aSrMl0ip6QCLYElkaKBkRCitx7qMIiJzou6lKvQQO93 +cFY9ybWB5nnNJPVpmFC3rBF12WKzC3RXCWWt72KJ9Mmwr96i7KsZcKIBYbWqzgdhLDHy5Za0 +v0xh/WvyK/VXLd43xLVAvIHIfRZZFiu6p2LZ3KhRNzIE7wQ+6y9a7Em77XPHRVYaGw+Mm1Qp +fKg9kTB8G9kT4NHRzieqcBJadpm6JiYBhjjwCr3juNEmVSO4I+EukWHh3/OI5bJUdjNybC3m +dR2FXAt6nrMi3EBOUGhVZhZd3ygZG5G1H+noYv0P7MlD6pvbHKOzs4kBHAQQAQIABgUCTPKy +xgAKCRA5aKi+24YrgD8eB/9iE+Aw8VgDJBzZO2OoVI4KQNeKNDf2OylQCqIFd4w4oDZl7lJq +ZELtfh7pczJo+7OhA10xjiGj1RrPTsHTz1GDirqaYvoP1uZ84HxSrMC4UctIvahbrznuNnbo +1FHc0AJNkhBg1EflKP672ZWXFK0Gnpus69Y3tMo3i2WXe24EibWT3XgyaRKTjT87Bu8Upwl4 +Huvx03PuCAj4z9caNrrwCghHe/cJvoFRkvL6uEgKbLK7ZC3qpLSSVYCkHcT0n7AE5H+1KTnj +kz2gVFOSBz8KkPjkcWbyIr5g0XKDF1TFxMkX3hyWRFimjxBIK4ceI/ZAaasG6A/zob9H1PN1 +RfMCiQEcBBABAgAGBQJM/kjrAAoJEEKyNbRoI37wFCoH/jgZpuRy63qQY2OT293UOy6BSarg +/qMXV67Fr5/rLaY6zzVi8+TQKunYbuOdesdFxFooWLD8j7Mg9uHbmbu9N9+gAZY/vIEWJ61C +mcZoZvkYz+nN3LiazNIYAHUioaf9szNIZ7sSHzN60s2gAAfXpzMBIOXGxfhcYuj9XuyHGuy4 +011RmwZFVnqe0QA9T2/CmVDoh2wueDMzrfEDViL7k5oQyNtGaJLci3dK7FzL9K1fyNmAPGZi +Zl6fRG/sNOeTN3v1G0SDI3u5rzk5b1UWdVbxYa314V30GwJIwFqbi+C7NptA2w4fuxd6W9jI +dsQ30OpVbHXcEKjZLzo6987PxBOJARwEEAECAAYFAk0QH1YACgkQK6WpWRCHnfCdIQf/TuHt +YRAIs+fMCKqIBAaiHo0oO9xhOyopIrGSzXFK8OjhIpjws09jxUqEYILW1HfZQriKEJe37jr4 +Wa0PhN3ZNDR6mqcGaewUzyCmeWaFwRtc4LQKe1PsjzR+5VL6SsEcBx3unBrZ7A/4ojKCPTNi +jF0hVTgO0OdDKmSH3HK7raTzOcRupXpwSRGMUN3V27QiUsXn2WURKf9igBuR3f9oKVKG85hK +5sHDTFdzQX2698M8kxRnvnaeVNC/8AU22BgV8Ata9CDCT/5/duFYtZfMLKQVho6B1MYrddSJ +DsSnHVGkNM8vR3bfckwjNc2FVu1bORE2ttE8pLdgazw19VC2JIkBHAQQAQIABgUCTRl+yAAK +CRAzhwVoAoYYlP3DB/4hV0J8lShckIp9q19b5jqqCsD2if69Je/bx9Nuo35/WO+d176WNNrl +NJViUu4RXZb9UYkhHna9ctQaqcEBWFUUveVUliAKpAlXXARUG+nt7IhJyXJbxrFnTMj5FCEM +JNlaqSwll03ONZ71AIy5yQ1YXtdn7VJg63+AU49dSkTglgDPhZ3oMExgwPFdSprrATc+DiLf +B2EIcw7sjUQwMt6gBm3Dy7NaWvkJFWHw0DoauHQq4o/s8qA5adJdkX3OF5SWWFjmJnW9pAcE +VqY0x7jMVMHWJsMSoZDozB7MBrM0HtuvEJAfaNd5S3QyoRSd8yXeWIo0mVEwGYc+zujKDH+u +iQEcBBABAgAGBQJNJRlqAAoJEFuPLTI7NBdOjBQIAIHmryomStkdEFJzhfN35gP2ltERIlSr +01YjSnk9KuTa7WwSKTVoNaEetPWsG2vgQ2dce2f4MHO6Us1yXzI+yThOjKC/6jFAHIcC40jQ +q4bV6M+TQBj4r++0g/oKlcqtrQwQeS750iVH7uKkYNz2U3Ddwj6QLNIbFvhleKE+Roa3yBks +NFaDSo5pYYpiYVi8j516xXeigi8mCmCzF6bMhQTrw0EZJmgoit8Vlv7HWSDA2rkYTjV1Z+/s +sIwNXQ472SP7WFDocSUChuGSn6XARrFgrnXusaBrxeXCo5LKrNrVDLQi6w4LkSIQAOAWwrde +rJySnZduEXfA7bzMSxMTbE6JARwEEAECAAYFAk1QG5wACgkQo0WcqqOyas6F1QgAiStITo2S +UuYlaXgfEriV8HDNR1ELqZHGfe/Unat5BKSRCeA7zZ36LdgqEKXykfLbnZsb/3oedLWIojVv +ODwnt6MNxMcIgYIgXPVJJla+2nPCU8VNyhgaib8yHPDA3F6vUbgj9vsbDwq0aRe0cjkHqrWg +2WrzZrhjGQQWA0mEHFEpHZqXqdyKzgAP8Ydq718CVECecmQ0W0Ry8EEjzlBvlEd2Csbkh9KN +gH6Jfk6OsS/GB0/rJSPG3LVhz+1iyHUUD2Kzq29wLd3gPSvsnvi6vz5U7ewTjSlSlxXkbjeK +lAfoaADBnAM5V01++RhsCjaHJYF0J4h+sSVUBzBB1+On/okBHAQQAQIABgUCTVP1AAAKCRDF +KoUXoLfYLlVZB/9Bm7XaYiqqopT0EemNnvYeLfmhSBhUhwED64xI35zgvvN65XHyUMs/uloL +S43d0QNZk3wB7Y53ogJyOru0OWGV7Dt97cwi+CnM1uSlWJSn4nfYda0qIi5bqT50yjmtgLG/ +9l8/RKx93mrjJZVZ3ZuELgRxtF/jJ1DytRo4YhFOq+hnZHmnPq7dxPiegNVHllhWedQYWQVI +5RwDNfAwcuknlFZngR5lt5p25VjU4hE8YebuV82nnRKM0w/lp86II1xPGvZHaS7kZDlrmGQF +RYA7ER5YkfpDxgcjJrBPtQFfM4zedjGi5dD7oFHsfMgEHlmqK+Uy0VJ7NFEjnO0Vbk22iQEc +BBABAgAGBQJNVCgRAAoJEFVzpOJcXGFhCpcH/AuFwQQqIGgcMEHeml/+qSFF0obwn0UEWqwr +IJhXc4XWK05kr9M/Jspag13uuESs1aPlAB5rimKfgCy8u8/Ts3WH26kT9KZ0c6f43vYaG+Qs +EASz+gX1J0YLcREWSq8ccGu19UxxxPzK9F3XV1uADuFUTdfnTkJfarf/C4EZpKYCcV5219z6 +pLg89njSUefTUYTpsKYA+VtcBuzIZmOSIMN5+K4lQudZngYRxXAjUZvbdob21ygJL1z1VhSB +eboHIg8ylwcquD359ZI0WclDDEEhJwYcxD3bukbWxDF43FyX94ye8Gg1Hpcnsm910llXa71D +u4US6iondOat9xTRMaOJARwEEAECAAYFAk1XND4ACgkQKnj8WGzqmMo+cAf/VU1VtHByxM3J +bAT/m7fBbx+lltmVcXG/Xa23+qHqxCxsSI2fw47bxqfI2x+jiV0QXzqk0TEFmSyRGojxYX3U +i5yAS8DKqeptU81Sgr23UvjdW2FrC8uF8G4FM9kMTrqEV1rBbtZElmXBJ8CFs66lTdexfOPE +wMV23A9GRTusTg3oC/fc4poVdPGbNJQIt/5vnLiluvEfNug4cHLknz4Xrb/4yXA+jc7fhluK +e+Pb9J9X54NI8jCuxi8FCbMu62Qa6pzPKmSICdiVupSWZv/9dKAGzi5l4gNuGkQYcapc87pE +OWagNgVb5428LzDKlrlVa1OmbL8Aq3QHLXvr5Hw2wYkBHAQQAQIABgUCTV7yIwAKCRCivuCS +i1hE0DEIB/40CFU83EyytTSvMEYGTD1yKFDo4HPdvNUWyBhpJr451o+PzimYeH95Wfth5mMM +bly7647gH7mGfBok+tMH/Px0AjWnc7zjADfsc3M0N2CCQmIWGxaC0TMeiss2NyhUW353GuGp +aZkA/wOL/PE+BMFDbE0bCez5CyktevBha0bIhqzPxfxHLokgCCil3qvjtiA3TXvBfg2OTKm1 +eDKE2+IAxPHXQz3Yw1twjQ4WfuPeQBKKRedgHXmjCwv/P2jo7a5pRDV55G7F3ZfWNXkRvZnn +EJYobbR4a5jJgnhSV70UtfteIN6NnfN7062oVLnRawLmDFu3NhnIobO5yDbhYd9IiQEcBBAB +AgAGBQJNbTdWAAoJEIHq7RE4XPLsR1wIAIkAUiTeINyt4x/GULScntif7zSywoCQBV4XIaJZ +vv4th1PXBoK8iB8JPVYBsvj65etju/zDqLXIXRzFMHKrd0YayaW7+D71KesjI1DZwjpRKVbv +opDb5fKDIg3256/cqhElzRxBWVQXHBqNXNBeA+qr6LxYIFucSd0ZvWbXHJn286OukcFdwiPk +HVFRH9xuBdKNjIevFPT8Zh7iXIQwmiyiZuEsujcOsuGFe4nmH5XhZnHITOjlno0W/H4hmKPk +yisygHkxhm0McShMSV+bqRT/CmbAxEe7xnXVo29fz3/ZGTNzUuMhNM3QFX1z+F9UsxntujFQ +VvchPnPOMzb3uqmJARwEEAECAAYFAk15BJ0ACgkQ/wPZeS7wMLff1AgAxyVJtR0RfUY2NbQG ++UTBFX1h+iGRKD6EchCEp1r5SDROTCUGaYeNrT9/4pE+5uLl26V7bEEH7XA482J1kP3HS5xG +Vu94tQ+Zn3cuLAfrp0B/Nx15hhAFz7JI8SyoP3E5RzGC1+xo2ELQavT85HnLJMBWgCCLdH7l +nm5fw+H21HgU/V6ewbF5n02aBekbQbGWsQEQNscP9EhHEuUnXfnyHMCUmxm4t+IAwz/lYxNk +np2m2JRBGOIMGQLdrZd3V3Z0ffWGRRHOADwQJB+2PiFOUOPDpJgl9eqOMjorRvrNclML7iJ3 +ZjrVjx7BMxeXAYv0hAzYt6nkEqoRHP/qf27ntokBHAQQAQIABgUCTXlB7wAKCRBI29aQMJww +XtT0B/47RUJO2XM98tpDGNUUm4USgh4mOvk1SvI6aMf60X0CWF3tzgPIAf2xz4LLWKQGaSKt +OkGVubE+Y8vWw75UvLems+K32fhXVcEldu3LsiNBQ3I4HhM7t+Z3p4G7XVTi8nR0zTS2Vlm6 +8ARAR/ol4EFk6DdH/B45nGzgIAWwCxJsiW2168JphjzUANJsdR+tV/UEanJZIEdX7y22QU1e +3DkSapYOOc9czXh078TnDfVs78P9dfWKCWst27wIa/UJZMPGDrNXjeuKQq4edtVxrGZ2B6K4 +KgFDGMOpKYvBkdXMPX/RWrhemEDXAFHoPLW5dZzQWsl1/F2e7wdVa1+XOPrYiQEcBBABAgAG +BQJNfldHAAoJEOBS8lIZrmJuOcAH/2XQxsQulDDvzKJUFtI0Hmp0OmCjvRYFnm7Li5sb+yck +Ho8Rjkrv3Mf00LYdwnalo4w+B1Zf1LUJvxheeDc4JCy6e9WQhDGSjWWnHVd+SpnI/oBzEG3Y +wX3iW49f5gV0yRuKZ8mg0zft8ozoN9reZprU2JeyMZnxMt2A3YUa20WLpYG+mkJ0+4ngb6fR +OMCHpJwj2DXKg9gNO0QmOD/IJtsklPLWI7riYkTI43Fvs9dRjEZWzCHAJC0roemPylXjk+1q +aMp450OEsjumb/WIKYhhFbi+4Chj+mXW5MHA695yc1EQ9h7nHHJGMqjPXS35YHFjb8tONaaJ +HJwV3gJdmBeJARwEEAECAAYFAk2CO9gACgkQvap6Rtxc51Gnvwf/Wi21harqbr6i9cefDSTU +Dgq+LbFImXR3PvRE5M3Dz5PmCXZC/lh2qn54ZxpgVyIlp6/mMRKbeX+htgJumBStf6KhZiCi +X6fzXgtmOdx5OwAjw20Wvxitt9ticFQC4rA3qYtlEuB1tu4p3qfriURTN8WXwGMPvIHKwnku +p96lhdrwT3h8LLOqqP2tmzFpbx9B6WpOkNfgj2n/fK1nGJYzMRWABz30xYIqtX8VjzLRyoAR +NmdV1Qd0GMJkhGJ07KZRo5pCmPjPaBGFhljSEd/zASWuOkTnQsIQttX3tDy2YoUfC2HihI2i +h9dGvg2fja9GneVVbrkX8uiFhfr0mpiRjYkBHAQQAQIABgUCTZOvmQAKCRBEVIv0H3UTFhwN +CACf35Nu38fSpUDGMddJcV6EXKKKHqkwS8d5fXigsbhMBz3Lt0nfNtYOklD4OeK/1MqhL3Cx +2OU1gqz9nlxKm34Q9GysbAdB60L4Wv8OrPi1qzjvO+03cRK8NrNKxKnQBju1XMMTNP9UwAEq +QY7CLa/DeSFFrGiBD4rHYuQVffY9Me/WuZlSfzy4XcvwdH0LiCTdQUjSXC1MHEtID4qrp+Rw +B/Txm5jdIGyZdK6X1av5VaiqED+yI3BNJ87A6zDWeocw6Wwx8tQ70HnkqAf2ED0LdBL+mu1+ +dcTy9yXIOThG/yEdOaulTMuakFW8P8OYmkDixhTS1Y7fIRVEeN0O73t8iQEcBBABAgAGBQJN +mNWYAAoJEG50CUA0cgosv/gH/3VKt+8M4btcL/iCMXOyt8edn4K/9llt5qBgqcPeU1GPSK52 +55vIKr0FJJBlkvv6+tv2RqpihnyH5QnHTpINJDlfqoKKoy38qdaIOP0ZleOF8OhVCSCyQL73 +jf8oVBZpLx8hbdqD2nc6Zi0SMLN6DPBEcwlCyJd6nsQpS30LyDo5uSioyQxE7Ftn7c6gwIE9 +/Ync0fLNV9uqGpSi3tqN4d2xpWBaNHrp2xoTc7wPqpCDWhnKQgaZPcQ67S6emkyf+1jrCkQA +9NWMrjrSTrFEiL8XOC1RMmXiPDsbKnpZOSvKdGWcYhr2VsfS2uPUnrBqzL59rpo6l1+Rs5K7 +SfhUv/yJARwEEAECAAYFAk2ydkcACgkQtZRqHJBc9C8z/wf/TydPKHGFyKGSx76+ZzIrEW8k +14ZKo+S9gwXE+4G1+wAFljU512ztd7pcQtX57DPn1FCd3q4Mvm4WzYPMNwGAyGxouNOa6hQQ +UFyUwTj7qjKmgScYGzX+iqpxzpWPcxbIV0wCRse6V3E1sVrmCz5krXBwlkoc7gF4E30c18cN +J741qJFgUaDP8FH8Nqo0+ztwKZSodYz0rCyBB81CgHJE0TaIcq+HNlVoTFalf9MZTIROIrdQ +7Ze3aXinjIKVL3U3XjgnpJBTHNqQadTbOVwrZ14GIfEDEesVDGF7imE/nbe/eWzWusxRRCok +aRjWnV0ER+QZ3lrBU+rGt6+QRaYdTokBHAQQAQIABgUCTbVbAAAKCRAt1TnAal1X6oSOB/9y +As1+9Ruyjev4dzQdyC5PKOzlk+PnMm0DEo5vGrWp+RiU0aPkaSVhOxvC8s003+8ZtnqrJzqk +5uCp5Mr0aUR4ym/2W42AFUmFvJAaZFOc5zJhSKn7fMTHNf7384lYA2nSRXMj196Tc/oawvuu +lyWpeDuFIjCmrw9A0oaZ2t7A5h02suICQ0+4NHTO+xDLyR2Zcr4g37B35lBIzReAi6eybOpZ +mYLAD/q0L78wxG68ciyjQqNKI9MMwCKJxS9b1pLJeOBZOTgoE/xC1nmVxXGWFe+NJZcSqp/E +De+LKk8X6JAS12f/r0IHwKl9gyFEYOipdLKd7OVJwQgAfFQZFuS6iQEcBBABAgAGBQJN5CfC +AAoJEPN7BOnLDI1Ro2cIAKjjudU9zzHZw+JBaOLxw8Gd99MhcbQ9oNfW1qn28ah732/thcA1 +wG2oCYp8sWQzr3fJCHPGxaeicV4SMrTzNBtgK/YdLrn2sGgv+r3RIBJaYpXhk9a8hA8ia2oQ +lnMOTRYT7Uy0xjRvYlbLIrg9RiA2l9XPHQ1qvZNTGzuHR5dfE8u/NpQRoQ6z1+9G0+O1b+r9 +EYdTrExdWzHCfJVlmmpfaM0ZWBdVDByh0YtV340kPP2DN5a0npZfaQ3t8CHEqZZhN5zrrXB0 +FzhcT9RvvZ5uxceFTWAL4cQiIaTWOmmi/wUuaqbtd+fzU0FoEQrw0yGAu2pQu5U/dSO3O+b2 +OHGJARwEEAECAAYFAk3qHOUACgkQgbVCgYHj5ATlrAf/R6ystgzRi3rjs5m4VqhQe0SF8Gzz +jS/TIgsRMUVkVW1neeqREtWX+/ANrRmnMjbTl/Wmt7sik8PxYmEjvPNHSknqAig38X8L2ak+ +iHFVIVytGzU7ISSK49ZIM2xNjM5z7yEGKfzDbDYYc8H0nislJm5LKrvalgj/NQHqtHPCwWJf +qE3SZZcbIhVFjY2bRy+6PipcRPtcYL2IibzmqngBIK5CrVljQRqTdlXQmd5P2VcZ1OiCRP45 +sADYW9XKVYb1p1TXOydt2946pFgAa9+mbvdBr+f7ZsJeD1WD5Vo2qQd5PuA/rKktjPGiXBUz +jt/omun/zMEkUln0QlsojI/FgokBHAQQAQIABgUCTgLBQgAKCRANNkv9NImnhw2qB/47wXGd +/KtuxXBszIFkNgJAbACAVjiEIkFU3AMijuBnOir5QtL1ie2bhxC93AoAOp0FD/lWzW+a4m3b +XZHVeIvDmUN0F2T5+jmM0dgeX8CYOjb3LZZrNO1vZkD6iaHtah95UV3CltaXWsDKdU5DH5s4 +WVMv7C0kX2YR3kQUFBkIV2sLKFZran0IHeTeE9Z+3DOy4iQIY8rPQCk6mkux5ABV6LUqawol +ezYlvnrVP8tLbPXRB96zRA8zWk1rck7f8LuRUqklCiflHjONX+NMcNmjjsFpzdCrpuHSD40E +1hp9JpUiqytVtXl3XWlOvdQJ44cqRnKZSCuF7RDQo8WeA9NziQEcBBABAgAGBQJOA0aHAAoJ +EKa/525gK7CEaPgIAKMI2sJVmmf+asryzUx9TyfTZsAzXh/lT74nourc654apQ69JesvgDMo +eCygVixzJBMte0RXXSxwLjXJgQAicGiZnsfNR8oXzk13BQ2zk3bFPRcWRvP7/IqcTFxcL2d7 +cw09mT3shZrQm+Ut8ifutkm2It4ylQDa8u+TU1lcVHEQFuh9rSk1mkxLkFotFWeF2ecJNMXV +908xNsupTnhstmtk2KRLaNozzt+ihyYl8FMA4Q1vbiJgB7ldyN7lIuewrY3SEbPLqhNwfpsg +JOx+hPgZgmXiDnjeNmm/RqxWTJwjURW+I+vzcEK7Zu75xjvkf3VcrEpP9N1ygoqxyP9c4NKJ +ARwEEAECAAYFAk4WU8YACgkQ+2marj4TClGg0Af/Se/q2ByNteinp/WaXpLpYxJCLpJtc9Rr +t3POX7K6z/s507RwkeuQcPh/Fj0D+RlXTvd/EOj4mlhfKa9sehGZ0/nTyqz6xx3Qh2WRqsoa +noSECVUNa2bMAET9JqL+vIZ4clDq1eUQapoZ5Je4/TXSbguSxFDnbJnHDGb+yGBkpB7hU+W1 +ktnJBMnloxgelug5ig7ttfatLUzfgVfh/TgP2CRSAL6hV+nnCxx5bl4ZVllZlucZGIvVLzZZ ++9X+LcpSPCwmGNIjmIRFW+SE2p1piiDzjJanHU5dCw+NOM4nF/OnspXdzYP20UQ9iazlm09H +rThK+qvxC4Rf7GPBJgz0R4kBHAQQAQIABgUCTh5oBwAKCRA5n7zfcotwdUQhB/sERRnzUHzA +8fEyPXRfKSdqbVLO+NVggfRz0Bl/+Xmu8YgPTTEUcMZ4B7AB2cexoPtSVVHTL9xccgZeWJzA +0O07KKtLbnrDJvacotQCW8bESL7EZyOosAUkpIitU2w8UOLVRzS/bi+DEkXiSYbBr4ZvdAEY +cqE/Xlo4RMITjHo4INYTpN6bKgUY3CnWQJdO5klms3mkyAs3SLZYmAi1KKsH3Lo+yebmVhJM +0E+Ir0QzpFS9XxFW8V4M+VMNSb7kk71aUk3raF3K5OZnRa63+Kxl6gf2RAMdsKDczd4nnpqo +MRh2kuz8UL0XT/bNOK195oxBV8/IHChKYT/ZPxG8xjyxiQEcBBABAgAGBQJOJ+xaAAoJEOfA +fgBHUfPRUVMH/A3FmbzyWef4vnWDCK97OCIVqYsaQboV4vtG7zK9N1PWzsC7sR7XBZvi/0dr +vGZdBOI9+ZbkrLyN/Oz8taEqJZlcTY69UP2TwQQbWJquDd1okFOAXRTEkmpkjiGdOaKVPJ4n +PlKInLaMfC87yhk0sPRcsa5ZjXD7VrgY+3KKWChdJd6bFX+kXuDI3h3FwUt03NDbu7Qp8r4v +7zO7SMr6RKcIUPjU/lEonTIySp4mRb3Z1ISWimbOl6WXFKkIjP9N/QhRO7Pga6f5Z1XnKhwM +5m0U6VYabqT+POGWdJbeiKhuXqFOXge0leqzRBV4xSkTnhN82sSD5bfWvKn7uwzURxSJARwE +EAECAAYFAk4pqZ8ACgkQkJweG0ia1rz7LQgAwUCKHkReELF6ygdl9qDdT4XaA7jnclQzr7FW +tW9kBi60uPxLSoIhUXwaUbQaPTr4SKY9KTyuXmwP4hAB7eXoESgLSd8pmdmaQ5Q9ISsFDh+s +QaiO+SkoHBV/Wk2cLy2lUZ6/lTQM7CfhXPXnTwFdQm/fx/pDXCuk/sN8myrfrdNGdmIaSgS4 +IV3m43LDYFsR0FQhmWHqDlSLvCmp5aSRBRZ4w00eAWukviAqSRaEDDxpo3KSnPOY6tS0cjfm +hu2Y3mrAf4P/TBMy31fE+RTFxXkFSDWL0J/MV1JuSvjCek860CeY3pMMgD2JgCp5n5xGYxJ3 +gsPr1iYcWv2h+XBXzIkBHAQQAQIABgUCTkHmzgAKCRCufdOUil+yL4tVCACn0iFoqksAD7Hd +X15ww+N3P7q9getppGfKtMQ7s9N2s9+8P0bz59frDqJT4inCKt/66dbiwmF5F7sBYc1Kp9ch +uzUS2T9Jb0rUTxpA49Zu3rhoAaT8vkz2p69xU06AvhtCgkG9yV3yCbxMaZtRfEyGFzIGHcgv +0m5bppC5OBAMsohY8UMTWFm6AD/JI9qF7zWr/5F4pmVt6q+MP8yTL+igIjopQe1LififwM4u +X/vSZ+NBSF/Wp4LGTnblr/XDBwhAlKL8qLo9ogWnW96Jeb6oQUr6EBFMpdfEIU6E/Iq+TfVb +XBjcrxD9sTd5rB6CyGMCZ7utyk7cyNR/1r17B7sUiQEcBBABAgAGBQJOSHGbAAoJEH11H55D +2pkXzQYH/iJrJb5Ccu5EImgGkNTNQeWSM/ts9Rxxl4n7qocCkw043UR+e5jBf1FTsgFlkN3s +AuFsHVhgbHJDTh3X4IKBluzuBab+lvatpLOwqjiC8gr4xbwsl8+wIlAlu+LpiqJB8zrR8xvl +/ZudpDcVJBWu6eDzrR7pT1cuXU+ULcS8doBlA680XjZBCwcuufljKA/nkLzHa9GnokI2uo/b +7DoCiE1jcNjahqSB9zJ6TzHKVdp/HTgq9qb9dQfG7c1iAhxAYtQ3rfKEIhS6z+hWWTI20sk6 +D4dYVnClEBXTsOFqXyvBT0GP7ZS97xtVJRwSuaDKmE2pVarORHPwlcrqsSsevgaJARwEEAEC +AAYFAk5Me08ACgkQXcufGo9g9ejqjAf+NckXAvqLFRBBygGPaLCaSpExXoBjazCicJ6YzE7g +DlMgSoxoGejB2ZvGU4yVXuSAmb5u6lQLi6tJnK516OmQX1WCTc2VvPI+RKaDAts147VkU22M +eNWiSrr9Aymiy3KGUmK2CLV7f2r36BIG2SQQ2wxD8RnA8akwZ9EPbHajHgeHZ0D0puAqCaHQ +LG3unx7KEaDpNNA4+C08rKErwzOYQ3s/58QGtKhVIeZrBrzXWqSPxd93tTraJEuFwHlcFui0 +fQ8Cj6eLlrGVr0e7MCDtY0cJucR4NdUDFIH8I8YHNwKx0G+ze1vqpSFURZG1pj213BRoyIOq +IRDRVja2L+xOLIkBHAQQAQIABgUCTmUW7QAKCRAqT/rubG4mlTtyB/0bpJ+Lxj/m85W+y0QX +urg1jI3WicbVZr4db+X5CkWzvm9Nq/k0QyGe+rtpWaQPAWJUNSzbkKivxckNVjgYQ4BzzIwJ +mgQkJHCqzn3bXDidyJe+A5ah3XD9L9b7pxxBHNzPkHtjKcgU03hk/afnKZm7bSVAtXQdssrY +twEskyZQi5Hxe2e1pfmcZteZ+OYaauznJcebY3OnzkxRGYdPZnHP5syLngV3uQP04JZb6Knc +w2ff5IqVPJHgVeVo2Oy5zRYi+sS25O9sfiFw2252nsYtmx1WzYKMCC4r6NQGnxT7e6Wbm223 +vix5tNq31cft5uJJ9LWSQwXThdtULBEnhHeGiQEcBBABAgAGBQJOZgneAAoJEMra8zilCRtW +vsoH/2SJbyZEYeWm1wShagT96K9sVbfNM8ecnCzax/JyoMt7a3ByKMOT5+l1OTAH1L/kf0Xw +BCAauDKKsUkeoYF0jRMel8im/nvwiRwJyHQQZZMsG9BnRwThT5Fl7CC7c718XhoTE+akKL7z +6LkxieOrxR06N/g/QFlgN6gsm0XGavkc2O8EtlNqSntX+fbif0IKWqAuiIVZc0SVLuDOej8t +fJgN2xXiMbXYAT+7Sl2PkoILBQOoQFb/2wiIns7DjlsSyvOwmh4CqglXT3DGB1lDTh8AcP5O +NNtT1jXRD6qXwpeaAEJ1P8vAvuaDFd2YvltCxTpUtMg+EPsZ1oOCKHCa5xWJARwEEAECAAYF +Ak51sb4ACgkQByWgxTjurLj/xwf+MMSG/YcXkKwy0m4ndi+2XfcUYZg7jecrum5VnNSwyVpF +B23cf6smMKOummYZ1I32HLtGciJD5iKuJXLlfLGV0mfAOoAUc8x2TJU5xRYFf82KJEbGGrEX +pMkXkonBtFwrB9tFMsxU80Yzeuh9aGYdjATK3lLAkUUQRQdnhjhPmHC5v/Ss4I19v1mtdLnY +7yNdUsW0XvjO+tCH32L8LIWaAW264Vp7Tff3UgYnZ73BYUwbT5Yoo4P2UlkUkcC2GuoaRLZ7 +15/NdbN9U9FIsAU1a5xZXnvpCQN+rJ6Zmeozvx7FrkD5fzOnrGOkKCAIyjUZIQXmmn/nwqDa +tYpobcSQmokBHAQQAQIABgUCTnmymQAKCRC8k8YchVkX1Hl5CADNaOaKZw6XbNhjL1i+eUEB +539D7fj3n6vKE+ft5kLHbnpHTXyc200jPARtbUysOv2PZQ/poUEL0j6dOPrFq1b7fJ2b3LzF +OAekgvnb+djfxuh7WjdhIYazA/oA0/+roCt94J3qB22rK7wf/glCYl1QyjXKJ/CB/Jtrth5b +DmwwHqZfFD4vyemoymHdfViHAQQTB88qKsQzZXFd/TtdzKVXA23ta9GMVa1DOHY0MbnJR0jz +mfdgx+BH6TsWJ0xLKE+nOJpYHiWmgW3YJHYpAyjzdG9/s/6h4Y3Th+qIVX2CsCAklB7VjcZe +rnnL1djke25aZYoitbiPAW925bFbzgHhiQEcBBABAgAGBQJOflZoAAoJEA/Gpm1sNZWP1toI +AI8KOVOxrkVFjOTjNpdxHoX5LaTsnbn8Pwm8i+6wV+wUyXdEyR7cKks9ull8OsFHSJPIlUs9 +0m2c+wqEUP/WnF0DfXs3moJRnjXu2MWczUEC9NaPDp0Jl8jCdpbbI0NTdMiHdfzESkg6ugJI +JMGsI7TgjHczltJXkaz3GzWSivL0BEgA/Ex3Mp4Ly0douMxaZEQT5/d40j6PamI4SaImIc4J +YlanPilydCNhrvco+68vgqN0Rx0ihkRIrvcmooN9dZfGffLZ7tHX5Ih7UevouONGOu7SwTsW +u51roCoElMv2+0TL4uL5dxHQw3FojKh4AJLCKZPPUw+8sLojqVn199SJARwEEAECAAYFAk6G +ClMACgkQuY8/7FYaJXV4uwf/bD4mOI7IyxpoRIKHoinAM0sc2JQtVcI6E2ABiLhWcoQJB3UY +O7Zsvpo+mZ0wUeYHyd0uPMtTvJJeTnaJcfgBdeXPgC0WeBxKUpRzVUIkUU/UlENf9NL77d/2 +l4fy3JfftZ+HP/NKapw9Gj8PfPs7CPoaT4VF1vUtkP/mLP+Az+/XhxXECEC3hVEB97P4xooe +fU1+jFRmVu8qzgv0r22qPvAvuTkRSEdFC3NLDoe/1uVkUgUljzHXP8ozy8bMe2tdEUK67P3/ +Vz6tDEhE6Lw4D13o64kjSl8m37VN36qK5f2gsAefChul942jE5ZewQ9/W5QLA/e79SIgGeSh +617zsIkBHAQQAQIABgUCToYMrAAKCRCjMIYz3O/pe7G4B/sGU3wdZ9u2WOxWf5KWzjuEEIjB +hpmUD2F08VrChsIEdoIsAW2aIIzSs+o6uZ3HAJzSJC/vfP/K4Dihal2fY8yMFzT4JzS25Dkb +ZFu4y0yHo94+hySh99PIr3WLBD+8kA9uAM7vP8HI2ptUVlzdx+uvFG57X24LYuNz/7JcCeEz +zUnmdYUyU3pKTIBZcU7wiUeIH8rVOoneIZY0BpuXrGuJ1ebMSp1RlK2WwLxvckDo0T1D3tI/ +tRrcqha6YTX6roadQUt2NIErVnP+S6Ap14mi2eVGD9Zdb51oMlLgTnSQY1zpTyO+Prd95TaV +7KPygrlMvC/aM9RRjzSmk6hZ7PV8iQEcBBABAgAGBQJOnA7UAAoJEM7Fs4flRxjDxwEH/1ZA +QWn7CezhbVKP0dKVcQrdD7kenIoXz/RW0bJ2ap+Z3O2A4YlaUj3yRZHh62NLS5cI71NlV6pP +FFxQ/76Zu8lEBGg0r5IIOjWMnt1af0kdpb8pLNfNyplJD29hx68Ee+KxYfbOucDc3xUCUvHE +3E6+SvFvndGj46YqFuUPLsRzeVtpufXuwd9O9+Jr8Hm9SQ+uoV/GzF/VK1PM3ZIzwhdwo52r +pPQns9Mybzie2heqpntFBAPXOiTQeSgj/1Gup75c5/oCX8idjqcC5coXnZwCLrHapcp+DU34 +kWbTPP9feVjsgvL3XGF3MJ9p3sBMsJuApsmUbt23yZlBh0dPfOaJARwEEAECAAYFAk6iD+cA +CgkQ3CUxE1ezj9MgLggAt4vGSTrfnqaKQio6iTvX14q2tazA1kdFUasY5nV45szYMyEdCLWO ++FQT/rIVPKvRztImzIuBZ3EnOwnek6t3HDxT/AlAujwh4GvLPVKjl5zWH8dVb8Tt3nn/Texo +B1uMlrS6ZR8Qzo8DWTWdvu28kY64DRfHtV5xW7cCmpnRc3yAzz0EnMu6kdgo4HjBfC44Qq4G +gtIdyIQvAuenJclNojWek5kGRsAI2S+uqY3H31y9LvbV9HMM7FJwkjiqRxh1qxccMey4akTl +VURPfGLLjW/s5T+1KntlVD1wnJhR6nM3fyz2+wxtWJFu3scVLNYnlFVh7e/iIoecEW/7YXG2 +W4kBHAQQAQIABgUCTqP0RQAKCRDPT20H7RQBB+4BB/0YRHaaRHAY5ZbmMxxvrUcDdJFh2mEt +bD0jI51tsebDvyIbjsS8lhh0rt72N0EZHS1HulPNPPJBNFUE2zpy6HVG6m5yJyiuhGZ6YWDL +x+tUDg/4ZgDC2aEukzHTfxrNv945u+ptWUjvHeOvzjQc2WRZzWKsm2PIrIKhnGa4Z3Dz0ZCh +nRamOiI9oQfrKkgWv442WlT+tKPj9EVhqDuSYy/NFJWJ7DYrw7nncQv/J+w3f8fUYvv/lG29 +10k/lbE++8OhLgmTV8GPi0W21U0gT3w2BxnH6Or0epjdIdkOV2DNkgaY9Homas1xmTZ6Oc8h +7xROZFa4GRQFlpW2kZw4ZvwFiQEcBBABAgAGBQJOo/R8AAoJEDkie8C3ylBXNSUH/R1flSYc +UQXEydz4ihyWGjkdZE9s5GDXUkjjTfMN2qylCWXVpZ1Lsl6T5+1OdbYIHr3D1oi8z3saDfss +P7Q3vB46iXTjscGZswPfqLuYcVclmKtScKARPd49j8lgfDS7AzhX0QM+GYm3cUW0CDpbFQdP +47dwumzuIB1byl/dLXoOL1Y9qrWavdUYgT05rqUqMxVF40lL2cQM2kjpGYigsb19MSWLBTSR +pdOov6A1t59cQJtNBZs6/rwscM1ncecMm1VqISPcYMxDdpLouoiSx5cifQRlelkX/3LDC79V +rFyTfHujjBFTjsEhUOP2yHRTflh1LRGa0cHjSw8TzNzV6SSJARwEEAECAAYFAk6qokIACgkQ +tzEK5fBFaa6STgf/Z2c7GxkPMn9TiLzVtTxFChsgcNaYtvzw8wkqLpXEVdkOZziMS9Qqg9kH +Ytm0hXAQ5q6nvKJcGgeZLfqa37/Obdz98I04mEXTlBE96SU5zrK8hgNIMJvCvwJAGDrVCcnZ +CWjz7e0Ksh7/xK7p6qZMhG41dCnioPGdzIpwx7vIKtzxltGsZAFocfRpkHybYCUKE+Ubm8MF +RcqmUuM1+n2RznY7gpeGv3BG+ahJENdcAhil6t/CdNPutXLZhOLsDyWj7tlfEVHTiVMV/5eY +oOAzhw/bxbx0xNU44Bcs2LvQmq7ZMn8uTkq1GNF01yONVRI8h0ff9FRpKXB/8btAC3qe2IkB +HAQQAQIABgUCTrl6HQAKCRC/wyItFeXakXDaCACJ530txSWWr3J2VB9EO35VsbW+e20xAxta +CLNgzVntIFHShohyxT36aSyl7qyNX4NIZ3Ol9qouNJz0+CKkc8ypUZs75tGwu96CAIp9pjqC +Rf9tRMNdGVjqJCIt7EoJECCOJXKcRrdu2GX1pvDTb0ja0kYigpnSmJQZqjOOPLJZODmeFCTY +JFPE4FfRNvvUuAOeYxtDsosocczSXuUGeWhPYSob+LucM+WuJb4pmtpEbf0gmkLxeyk5BpRT +kYbloQZ2nWv587sJv6X/qi4Fe7XV8efQAtzdycU65jFca3QGIc/XrRs8shnCOAVFENBSI4f7 +TGIRQ+EjLZUEdcUrEicCiQEcBBABAgAGBQJOyRNrAAoJEJIj6JKvYW3zJ0MIALEWmrj0ODul +n6vH0f1DRD7bapTSOwCUIyU5XzP89vCVsDLfGHg0s+JSAzTYz4GycVk+6LWZ77ymxWKu6mT/ +GacyBAc/50waFvylkfU4UOd4+/p4c6Qu7kE0yKW3nLk7T/3aqVYHSUZCpq/VfzBmRDizCFzK +994bdlqsKHjKITVNhqIHe+Qd+ud4XtsClzwRJSUaAW8lgyIW4L+TehAQaZu13hauUIYgXl1N +tV5AvOA330vwQJsh5UHUh/zZuMkM2LsbpT/nz7V7fxvp3NS3qwIqK+uEjg7Izd/ORBSjQNkh +ZsbH27TAreXZE/QeW0Hz/BqLVYncnf6d5iWLg5FgDYmJARwEEAECAAYFAk7btlkACgkQUtaZ +uVylthCGwgf/auxz+8m9qVCc2zgtjf4ItaEcmQvx3ezlM2MiD36Xto3FG0pHpX9MynClvSb5 +fkdsB4NRKxheSCW9MiacgWFaGWo9C34LsL8gVuA2ibifcFlW1Gq5I/bPNCoVpIH3XzXos1+r +rk62biOymu0pocOQLaN8lWzb/DFPHpeotY/gO5MAZWUv7tr72Px4m6JkjnjUwumvYR5NB9Kt +ATmP/i8ZodMI0y1tpQXJfvv3c4T7UO8xR+CUcGp1B5QGOEkF/WiYhgFDSuLGiN2Ps1Zv99cM +xLSNq2kkK/9NRlarxreItPlc+VaOPN2UI2504xP5x4qDOcmHZ/wx/B1bEqbUgogjq4kBHAQQ +AQIABgUCTvIMBgAKCRBJMTxQr/2XxP7zB/901EUWqU6KrNfkrS7QuuYXgAheCVvPrGUW/bxb +JwNebbCUGj30kRXpAs8WQwR/aU9kaK/Q4wQxIdjiD84q8BKP3OGutMYNhGblD7BM28OKrVpp +k1UJlOiwFUbvUkhc0oCDKNobyjTCzYc01N7yM2ESCZvZ1bnpmgKgusve8UENIRlh36AvqfyR +LwoVCRnAfuMAUUxsxuAHoGcKiWWRDniB8ls38UOyzodIP8/wCNj0Vhj4JXuKL9MDNwH+Yi4M +1EIHd6leCyW5q6gSOroXjh7voV7T8CgH5bDJe3iBuZapTZH+ZcYWHAsahIbiCoET8ExhBYt+ +hj7emV0aTo2Jg4UUiQEcBBABAgAGBQJO+xlSAAoJEFE9pukKUb78SIwH/3g8wxlLHNyzVx/9 +dvPtT/8RvrbHHqkkzSn5BWGOG9b5r2sk6rg6U4Nh+iRWHb96NcVbG4T5l6tfhvVNuqb4/8H+ +m8VPXf+14ZdeadrRWV8fSqNpdli9I9sF0P1pnAgYZShx/wm055FqMhzl9mzbUuwHMKh1nUqm +a1IObd3zVwEyaH5Sn/8+mlMgSmo9DQbhIqVQQwzqHYNRAdWWX/NOBoOpcKE5szQr2T9HdbWH +91uW/5iVwEUhCuLCeLkrhN+Dqf2oB2z7M3Z8hv1sdN3Q+CNdAc16eFtbRqBQT1oXMLjjVeaH +tmCjjY/ggezDK/ZaBAYfidOiw6qwqyIKr1Qh4B2JARwEEAECAAYFAk8EXlgACgkQPrcz97q/ +QT9+owgAlT8p8AeDtiIM7dk2UjApqViLpyrA6/AOCyGjWKnjlOfLBFUSu5TswuojnZwBIBZw +R9cy4sBjitVH8GQ8PTMAapC3BHG36aGAUqSuTlbuMrcvD2gMbbSLtZum9Mhph2D58iGyZ0x4 +mUmIbYEGOq9V8ZyccH6nyJKeR7QFB2Q/gkTdnzNXXXseBrp3JjdqgykhEfYJQot0vTebcln7 +SaPYyVzOvdTW8GI0r67JhH8C31JwVg1HIZ6xrTCkCJUuClyUeOWqHW3NJYDJ81MzcMJHsr7J +xfDtkfpKcd3Arqe6/KpuB6vU3Qp5oC9wYW7930Wcmfy42xKrs39LiViniyRU1IkBHAQQAQIA +BgUCTxyESQAKCRAJJjyM/SZqdrNZB/9Z6UCtBsR1I9SRALdh3pf89m+dO+SZTKt3+DAWDOO6 +zRfSWsemK7UC+o8eyN6lwuezTBBVhBN4KRVbw0AZWl9ajfvHOGOpiUzB0NGaMAJOkXSpI1qd +ysK0ZQsa2Kv1eLi4EVXp0oqj/bglAqpTGKK42nFz7FlAcyvseX0QFOpV3lJJunE3phcE1TIW +1csLgAA+BWHnGxmm2HWboEZ/rvNSQoiS2RANPaLr7ZJfuZZYItTqI6OuJsP/Nh1XCAAOkBzg +NE6kQ5PQAM16mFJh/RE7HK00UKT/PZl0Veq84aEuBKn0NfwapZJxSz43dIYbfzoTbNc7czNJ +7HYtnJlPeRpuiQEcBBABAgAGBQJPNH8ZAAoJEC2sRJ8mFradWPMH/RZ5bqQlw9rquA89lnsT +4qN5FD8zzsjDt3Tr+RP+wsz73uBI2INOSfodALLm1A8VgsU7n/5lQ4Pnx+1nkcUvwEYLr0Xh +SP264Okiux8496FnKorGQmdxPh6/e7xQCM7AG86Gd+NNaEMj57E7lnTzlACtO7tqbjlGZwdf +9qh+iAd7heZgWzgX/s8NDl0aTepUKUC8G027+xwFTZh7CbFnGpvbMJT7gTY7ah2gEmYUQVtt +n8I3ho0dDv0TYPaWist/cf3xrbMqR8t1YysvizkqtOB7IVf4vzrduXKhzKK5lxsDbzYeOGFg +8ARuq8A2MoOjd1gT0JOtXBZi7Gd6R2dLJ6qJARwEEAECAAYFAk9DgZIACgkQjL7TQDuZsf/X +tQf+M7nABAPmExaOddywe+eCAXJ6LPOjtgE54H3tDH+EUj6ZWTjkT8KAjODefnYZ85RnvPZG +8kiNU+ODXkSL/V6DNQffuWgtkLJK9axIEiGdklGwy6Q0e4Nwd1b0Qku/U3qtZLHsobOHniS2 +iPnmyfCH2Q2DqMZk6Ep7rbzEqDE6OerrGr+drInf3w/OELKwnzNXG/R8afYV5oNG9ekNzTb8 +ygmy4t9dmEnfst3WDyLfOmPxEjkVBa9P18BJtiODHj7FMFuQd4E3BrXiOCY+KTYT4R9mIAeh +E3uOiy3mEwwRGbdULBHQwqDej5PuN6+o0jvMRkKB5bS6wi65SSTXVrU6t4kBHAQQAQIABgUC +T5XrVAAKCRDu8y4w3pIVLdoxB/0SkQj5EXtpP83XrAnqV1g00dVaZaxI/K5E+FW1U2WUPwFt +uMOiqXkDK8DTurO9cIGXubhJCP9LPBZBGQpL21toH+lE7PavOh7ZDkg/kqWezvToPLr8KF2e +EtnriBWLevc1opIRskK5VUHv2lZg80KUZOAdPrjHNEdTfm0U0jX2R3ORZ9P7PBfnTbIAPnrx +Uu/cMOO6F6YCPybo2Db6JXBuWe/ijXONRlul99pR5mjqER0F04cHym8nwvR9YaB7Tm1TNSbo +rCgOvh/l7uTGCD9h8srbz8Zp3fycX8LkDrITJ9n9ONPEFPxVQuqnkHpM/EWADQGu/PEgs3ws +bZoYENAaiQEcBBABAgAGBQJPppvbAAoJEIR0tsdmwQ/VShYH/2shaM7asmPmzmMd3ZiVvGkz +ze5qdWYr1iuWEr/tKpcdCDuoZErkc48Ow6ZL/Qnk73exNkvfCbtubhJDyX6EWIil3MiRt7Ta +hbt+FIfeQd4io1qT88TpXA7OetcRVEVpnq00aHvtHayuPvfPGRdFE7OWsb0pCv6k/ENgLI7g +i3GsKUbYfmSVKfrqdga9c0JoczrlTFDTXF8/EJJ2sXqKtUkTb9dQ04f9dTNqL4JmEwSyQzBz +iDVbkVwDLoG7HsqyZaDixP3BBSKbqFKLMXfGAThmAS+9FYK+5pluUSr6nLl5vlD9I3Ey4az3 +rOiSk/8sa8MOolaP1qxPu/wKNMdLYkGJARwEEAECAAYFAk+vwgEACgkQdlU1y9TCQ4/U3Af/ +aW9aokHIVvFZQsluB8X+DbmnXKScJ+nslA9FBBRZtex0FvxzD2FK1pzwcIgijc/0OgBPWUmt +WwvwMKXk4XRQVSTTmDJ8dHxL79jAIUSdkwNeB6j8tMz2MY6E7tfkoPFg8UgpRaotmnocQ58V +szycfGBQ0oW8ekDUDZU8RKJmeJDk4Ih9PMCGUBbA2nFS9lLW5/XrH20EcnKfw4jZoTObQBuG +0dwLMMiEsfa5K1B4uCEdxNt6PrUrNEMBThTCExE3mZ9inEJvTtqF3xP94EuBc63F6A1FfEST +5sgKlg5i50Ld/nn4coqIvfukXoKBCOhO/+R3h5kdZjTHySgQV5IfQ4kBHAQQAQIABgUCT6/C +QgAKCRALQqs2iVwkw+CuCACaagpYNrNpAxpYiQr0Fjo+b/AXgrYi+fAnEsmhAtVPZ1sPR6C8 ++pXP9lf9Zf75mQKrsehGMBzksRT3uE60Uv4Ltim/YxJxEeKK57vabrsKhBAui3TM3rD6knoK +UaNFamyvb7LScIcfeyi1miza4o8Mw60XiBFlIQE1g6q2idK4QceUTiVpNPsk5bKuX+AfgdVX +iw0jrZt63tEY8SnktkkCW2kyddxFAET2WfvOca1K6iinbaXiGZnyIgDjCpo7uw2YEu4hugBx +kq2m8AtnaHmreY6Bcy+JTAXhSk2mseNpouasiUJ2DMdrv3ADRJNGvdWxRCc5F2/b2+cSzVCw +lTLOiQEcBBABAgAGBQJPwof9AAoJECrafiMxllp9ah4IAJMcVKAXeY/xOkbI/TDLicvdCr76 +LA/yOI4XX/AjliaXKBB9eYv0GIxLtSSotxg5CBEvwHkrFdusjSvYJEJwBcMuAyWbulp1SjzP +wn3KH3rvJuo7HEoascPPaGSyRkfYq65wheWxGviY7WQ/jrFWxYzjtSHU7m3cze0acBNWtRFP +b9eBvlWsbZtpK9NwwDjPptZE94fuExZ77qcW3RzRALPE9CC8MGVeDc1gvz3g7xfc0iyQC9jy +E1KwdV17SkXv1jrH2TFeNfnY+RVYspbP+uSZ/8G5N/SiqnQevOSBxvn2sl8DnauVq3bTElvd +YF9AvEPiYle1GACui0M9rRU73UmJARwEEAECAAYFAk/psRsACgkQCS+Y0YOey7ggMggAsNDb +zkg72LkkvOCY5aEhkXvWgquHS6ODti/s+yts2IuklF6oc05SLkMJ7p9boTVc46/U6Q+Mil5J +2EWo3rf/duTeRZr7JEa149B8tRaFPR7p7D46y74rMQ9W/WfaEaqElr3RqLhPDTtJioGgSzIW +glinOHHs++yvERoUyDzQV9S1LOQPakWruaVnuzVu4x2Ubkh8prM19WDtbDx/wRcbdfmSscF0 +47nPPr+BLfc6kv2YgYV893aLAozKkyabeUvB4ZAZ76RZ8MMTxxSW4bqctFL78sHrEo76NEZI ++iBme13/ALuHop+2Y9UIqsryLjyiZpdIIoE0PauxX5gpXzRf8okBHAQQAQIABgUCT++ZogAK +CRDoq9tqwjslZ8UpB/0XnI3t1z0pnBl6OZPlnSkk3xodOCbutJ07WUeCVzVHebMFPi+BTO1k +V24XcZkEApUIX79Z7fuzijvFh5GSYdJHTYQiENcRzzBslspCogVZgiS4l4S2DTfgFsNh3SEI +DpD8K7vth7rcQfJ6jcOzw4J+vOW8uY91sNsSIAHfrYNfjLm7NX53mWA1Y8hVp10KUIRNck77 +iPH26nmcDs+MjidVhlgXMNJnOuAY0c2afnEatd7zHPwjbfG2ZCrQ0JnIRmYgpvKP1BfBQ40I +piEPsPlDfVImvhi4w2dJHIs4xE5Bx4zOtOfODLPW9BOsgvS0YzlnH+Q39cXU0wpTQHFeQWS1 +iQEcBBABAgAGBQJP/EeuAAoJEHzu36SveCllx7gIAI4BQaWV37h1N8oUJicJGggpC8GpkYc/ +7H11jA4echG1H3f2D629JW8S35SgcFwxezutJnaqHKhQoRFQ+Z4AkGcpPMw/7juP0TtPzsk3 +u6IC0Ulo3LUA6ZYawsvfiwu/YrVOBkrmXkVWKYYyN4RqSBC3Z0Y/DZ+ZbU850jlZUQvycQly +jeF6rxXP47+meno6lBwH2N24g+0R60ZIOe+M5u4MITc1bSxQbkTEYZ5CCJfe+2Q8MFr9Tf7D +VqcUwB+tb20KLBzIScpKU7ED/G7NQQsoor667aeTM4gkvaIvHeftGibHo8Ddc7P7Im2weoOI +iT0BJp/x532+erJ4UeHVj7CJARwEEAECAAYFAlAIH+cACgkQWo+ql0iZ3AmgOwgA1inMQYbi +mE/b0Ya+o1xm5Zp55bBqHIt8PU6uhp7GBGQFX0pQzi/74RlIYk9dBzy4mnUUJyVmuVOD0ug+ +undOEFAKs5MpCwUHbHQvOy2EPmCK50RHtAinwhb2kLfe7jQsTNnntg2+aEaCnrW9bWuMO6hL +Im6P+WS5pV6sFkPQsYIff4ATXY7Hz5BGte2mVsEn+gsAW9XpVuR8rNV+irCxLZlgrVvGebHA +BM9HZYdzwYvCLMP2MwAeumJ0tKYub+TH9Ufi6Yj1Y1ueZkoz9qxcfQLfsB21eQxkhmmMHYdy +2czMWncKu/ZZlPDLzV1QXFcEZ7S3M0U3QwGRiuoHDAPYbokBHAQQAQIABgUCUAxvvAAKCRCS +ljollJiDMmc2B/wKf3QKnQB7igJLKHzLjQqdS1pfviIcu6pvKDhMMtlQIX/qynqUQYzQY+bP +eFmzWZ0heuLIys5DyrhGTYsJV/jC25Qmb97GjWhBZWOoZQLs1CmPWz/7rwOkWbHW+Jznit34 +Lp3yTSljRmSYrto4ruG6vypMTPVLROYaBrrodFlRqIIW+st2/+qWv2l+xbgS/aV9pDW/Smu+ +3MXCOM03erYKWg1IcEhs9BJdOEyxYjDZrNYtgh5GNNJw+odJrR4CTvZrCqsT5mCgWwLXzvFv +WYdrJL9SwbRw9hntqilArIxHqmxKE7rFyZsJ9lPN99sJ5aSSNr157AKnVF52Zbnnq6cIiQEc +BBABAgAGBQJQJQA8AAoJEF4QuW1xTwhaAqkH/ReDDqhViDLt1PTqWgKFXQ54F7Untp+9FEQ3 ++yo1pBh5dWeyTLtKOSStms2CRqhhX1OEOVuVKFG6thp/spu+rJDRVDjWdDo9rFQjq8PmUTNW +NwbcpaXuHS6QoTnLBrUI13vVtcguUxjzXmqteEi73JA8bMfqKnU5T+hps/eil0Vo5qqB43Hf +QYAIGzFEQxLIBQPEMJYeRq3Gum/zJ5xnw5wSZV6GTbbrcdHJVtIzDZ87dnCTCY8XjUsy36nK +4gphSNymUqOmdPv/oNm3xM081ZXu+h9bJeqDCOBIjh6/dVlPNL0CydG7WtTaKo/GjdZm7nN0 +jyFngOG4z09ia5wiqnmJARwEEAECAAYFAlBJxoUACgkQNRAfFnnXycIgNwf+IjZNYUxR2jQH +M2npFtffXQPd77AIj2YnEd4z2Htbb5ysz6Q3OEN+pGonmEGuRHPKLKM+xPHSdsC/dmZmo9Jv +/+HCXmt1K2hreuXZVs6VnLSb3aChsgWDJXM9/WRYONeDTAZK90+2oJYizD7BK1WiXMlIwhWT +XUTnoZ3mi4e1D1cRBOmU819pro2iTDm8AwXBUFNgrimTxGUnby9ieVVs9/kfXpYSVlK7xYNw +y+/BW354RqJNLIwpIXBPUfJPKEK1suNFREEuQ6wGavg0Bv9DN34/Vf69DZfEueAnuVNeLEX0 +osaMWeELMzbfTeWzs9KuOZjbjOfIYwQUgyP95KK3NYkBHAQQAQIABgUCUGD/VgAKCRDdNZED +VdyqwHNHCACrJElnEnlZv0m8YyU964f3Hl6015wQPk9aiKsWXrGTA0EGGrRzSJykMqwpg+Zr +7kYDnNEk9VWcaoDLH24RK7RsGyW9+s0goNHIHqu5E6cQDXq64MgcEk9vm0DgT56M6ORaq0CR +vCJNDbryaLbzhq7XpMWIFXeJNHFHKhM4Qggs5Ax91NcnFOoDa1vm+74wbsYCdjn2/EQp/vQ5 +RBamhBG95wuYpUJjqhGLyv63Coyu+vkQdmBNBoLdzrWeSWlJaxfUhsrDmhEE0tz9bMC40pIS +qf4qXwQcsOqTNM4M/+4blP+jn7BJ7R1G+Rpzw7l63EFE099P39efuX+F9b9qgADTiQEcBBAB +AgAGBQJQcTjtAAoJEE0E6c5854DcBYQH/3KXLEK63DM4EJ8vjz5PoQJqwX6/4Mq++95vFW1V +sZnlVIkc9RUh/iRBufrgOXHxlxbqcuKo/9s1rnKJMZPCvqUsvNHBUu0uWzGtzIw0+EFepTtT +TGMh7CXex5qzIJ+innZ5xGqwcuTgzSeEHtdq8ziZd3sGa4K4AzK6tv0TOZAbYD6iZYhbkntY +srescllx/klz1JPsVjN5+54wd/OCt6ZA1F5BHZMFrl0xVtTNdfg/fiqtCskcNizBEFcTHSDe +nJjQZwNJhY7thlcdNJGvkdjLMAqCNe1av9VhcaWxHkAphcjYZdW2+fw5l/l8E59gQk3397Kn +HYe+Meu20CbjuuqJARwEEAECAAYFAlB2ETkACgkQEdd3aLAh+spxQwgAoJK4KOT4MQjNU2qb +mFMuTh6kJ60fqTp9PZMDAtYEcpFCNm9G7cN8PE8IC8GoXsBI2KPBN9Ko4tdpEhIxN3HShp3y +bnkw9SMl+WuJfzqdLYvSUDk01HSUNTRqyfw9k8CBKJOI2knXfDYUi3OcWRqLqxdvPMo43Yyv +O0V2jr4rmoQE3GXPjTIwiIWuNZEi80mpiKe57GPzftySxQWIKJdRuMLOQs8UnPvw7Mavou6r +O8xbpnKQ9DKaM67ni3XUcc6zeqQAcIO54Oe0civAxwq1WHuxAUQYBLdkIZHOWkFlYa36JK0f +0APEZpwbBV09lXihGWG/F/X6RAUVz/EdFxd524kBHAQQAQIABgUCUH6NiwAKCRCszBf0JAGD +Q4v0B/9WBeVSe4DYX0PcgXJ2A3AtnwqA9JKa6ehWOwUvQoLOhYQwLpr+z4v+36ziHBneKQsV +bmE9Wqzbht/ZuQ6RwKVi61f3vOYljJhgtrOr8Acdiyz61MZ4jWPs0+P7y96hOB1BtmsJsLPG ++RkAODWND9d8fIcUsvXNdQwW/pll3yvuTbwjcPk3qmMSvw/ZXsw4fCdKpGjELmT4rLTq/vva +1y7G1IRNrGEVkwP2BYSO1gfiLl2Opn2fhhELn5g2Ev0UFWrDeSlES6xdU3fCar69TmYtrnUQ +mdbOnJPpp078L+xMH+B/vVAvyMZ4Yzhw432NAlxaOskI3u5TaRCpKnSKmGK/iQEcBBABAgAG +BQJQiY9zAAoJEHAwPqGaC1Ee4ugH/iaiCy/ZXpwHTpeteSJ1vXROjjTo40Tpv2TtKwsxwWpd +KdQHeeDQUmWTapzYsD8XqwT4AhY96h3eB5+He5mbbirbgIfYBvGQ3NcrlaRh7SqX7j7mpSxS +UKpXL0pmqTgVus5U6k9A2y3rrADXh5RDtuYKmOT073s5DIJJ0uERJwZvHSgr2td8OA+qgvXI +Io2K2h3yqwR2L/5ITcRMUM/4MBkrKHS1Uy1Ed9wWA+o3gye6tcpXjUe8hloLdAsbXdq8g7Ag +dcBVg0Yf7WYp27OVicip3MgQJg+CSeF7uguzTqUe41QgGmHmh7WKGlKacojynOG6bh5ltJL+ +T1GCX1IDFrGJARwEEAECAAYFAlCl1SkACgkQ4pl31rNJsqaWewf+Jo7jJEG5ivEgmWpo/laF +HcqxyUM6KE30se0m5164HDLrK+SztMbL2VwTD6rdgueVnGQ2TbrEAnCiv1MGqANhAGU9k/Gg +qqrrRc2968lTXEiDEhAmo/jhcTv3bHi6Vj0THmX4jIsoHEkGpsv8EHSXI1aUs6LZkejL+GGe +IYGb3P6TY0Hy1+e75iJevrtlY3tUnZDXOmQx886pSWVxts/zOU9XqZU9/Wa3XUuiZAjnSUVj +e+AB+AAz32oPtAx+7eoPEkDdjovrIHL58BuEmvN+0IuefSEjcYw1AiTIrs6RIjC4Vl+AidT3 +Ohw10yaweQNjMkq2eQnhIkuOUcU6wZTr+YkBHAQQAQIABgUCULlNUAAKCRCJTHgfHK3vrnW6 +B/96rciWm02dUx/ZO2jdT5PccWvQX6zU+kiWiQ7+IPkT/Kp9dddhCrWSSsMIiNwWRf/JzwB8 +V0gFC8rTSPdpiZyAt4d8Ty4ECa2pdXuQTQsAAcwJQSu33wzGfw0aEaTqHMP6wJi/toTezGhj +FvOtrrXs020siuHcMsX/ln9+JFRiMqb6bpa4zZHXVAHj7x9IRLtrsvA6+cOfV35TH/JggB1i +Ma/gVZrw5WiaIba5sqOGmgUxesv9iGQDFDvPc9GHMqmvvCY57Uov6pjvuHaKkKDQC/kAGJ+B +eyrpIf7pbpC/84Dgo47ejDzVxxBqKFrhDYZ+So1dQzVTeqO1Rtx497dyiQEcBBABAgAGBQJQ +uU10AAoJEDrLKhkuw/ZR35IH/244Fau23BlduxkTQlyFTrlyM1CduHR6mcZDj4Ae3dJs7pmc +O8QiRyA8uocvMEdF/TZ5sFagw3OkKxWzcyIPRwp+kjfwrLVdlrpCkds6ZnaYe98dPzGLihhD +NfktOcMtWFwx+NoDL5LCIEr67VvlxGReDmzCW41d1+CzLXJcFvfsvyl53QwC8CMc6bDzfewC +j7cB19PBJygXcAaPrpNA0ur9g5ftfJRq6IG8tfZPW/6puEYrJ+IArTakJdFI5V9pxhtMaabn +Jt0rlT3xLKShyrfBhyhx03XdJnA7aZml4Zo/vFzX8ZXw+m0/Zt+E6tgV+SjSFxYwqban0TMQ +CuUeaxyJARwEEAECAAYFAlC5TZUACgkQplkmhdBL9DPYKggAs8Kh5AvjTzvoyW/qRkgtrP1D +Lt4205ELriUiHJkScMwRoH/Z5H/Uiqic+i7xfNnYukIQEvdRdlzgVww8kpZ/FBpQPNOXpCBq +z6o6nAsEkyE76kUQCAL/rzNLXrrbSSmnz1ahPWEXq6GuSsUll4ERomVhqyUpe7S5HGuiAJX5 +rPf51xcDowlJVEWJpVqv23K+QhvR+OmX/UMVxBc61Z0mna8YC0fbq7Ag79Msk5Ye1Z7fB7Bo +QXyf3UJG+QQo7U0GxdeAZJ5WlxqQqJI97ft+DhRhuZ8FzDbwExERwuVBlDvMZIS4hIYouqjl +vJ7BFXyIK5sp8xxKnWP34vmltGNzu4kBHAQQAQIABgUCUMsETgAKCRDqcavFq4Oxw3x+B/9k +jMK/TjB5pvspbiPTAPwd/aT/ydE4Bjl51+xStQZijqu/hRkAre7Ao/yJPDgX/pL80QpCWXKF +579IjcnIToMfJhZSF2t8vZrXF/kzNw9DWbJId/yUhn9g9b5dAud57LR26KZK6tE57TX/E8DL +FXszBmfthizTUfFW84IiBOr0q7LNnSDVYldkarS7Vph2OKk1KH+nuu80Ed8XgxshWAQ2s30o +vZS/MvO1LUeGlugSkosWfgE/TZj/XAVd6pCkWWI6UHv84FUPhM7RG+N78urTk4BZ3xmGDRgb +52PlunMs6DAJBs1fVXW9Kk2vw/toXV3kIQVnwU1OeOswr/q5R8WGiQEcBBABAgAGBQJQ4odO +AAoJECSEOlY9z/eFG6cIAJsbgfrBWL5BXCoJZgj9RLgjOmYyGdpcZo10mPRWPoU+/1yQdkJQ +pjl1UB1P11QhSKNJ6/WatlE+OfIsWqnHnIkHb5gNVXI6DxnfLpy+GTKxheHTyUHdzhew75ku +6eIjSyNUIN+J/q18ka4OIcpV9fFNW5/2fDn4Q/jzroonE0gylIhJQVBGFTvTdruy9CiwGelg +1os1dmhoMSaSYCI6eE9Nm2QOlBHzUxvTOl4eiLEVxl9EHlZLI53MCWmmAhetuhEeX0+S/KHP +XDu5EDu8e2Q8llUvm+OwTgSi6bNNFgL9Yc5MHlsnSngSc2WQ79JLA2b7UKsTmnLMpMvfkmnQ +daeJARwEEAECAAYFAlD2aYgACgkQl+xkr7e5vkwwsgf/VHWhTh0Wj03YslbOzhD2UeJL7Dc0 +EcGLg0U4WAN8I9KW5RewE8j3SBkkR5FSU/Hl5KIksks+9/7EfP3qxNGrpNxc1zioTVL7dbB1 +h2RqXZeeJQPFz+q/cjaO9uV9SUDlRj6gxknjuZiHPPV0Rqcmvn2PovRT1yQvxgo7Rs/kUbmV +7sK4YcltCDjZdiGhvtVpcH7ntcantoWV7XxSmdoQgow43aWqKjV44Yy3wqvQpXIfuX4t/hZt +X2BZ1sLtCXWBfpKXBy0g27HjiNyguXNPY0DyfIotbZEQtRhKh4ACEwLgRZMRyloMTi2ekDQ1 +mvKrt3RmTgGuNewHK9FcS6karIkBHAQQAQIABgUCUPtN3gAKCRDMuQinqZOEK3OkB/96brPa +m+U8IT/HpwBx6iiVBrRbQbW8tGDSjQLKkSey/ko9id3geKrIyRkpTwGKCWEtjak6CjjXiFjn +odacR+4QLtTF8ZNoTya8jNDYlH+4N4Jl4JqCKNqB5ffl/nV9tylhrXO8gvHNGsHFtDzuJjNV +tiE6V1Fo/6Oau0qcHegxEJR8+LCbEaecxjBNdPEcbk/t5wwKmq9KRgxb7JsJ7HWd3dttyu/X +VgTDLlOGe9njYPdpGzgY2q3YhW+Nls5fFq5U7u1gkO7CIrMoRReOaN5/BPP7R7LNQbjtGLsu +Sa3EhxQ+tSe5gi3OF7eYqGDWECF1hEBGR2bFz7EFaQFPCTZDiQEcBBABAgAGBQJQ/EQOAAoJ +EKbKqyBUclmVw50IAIGCSGcTovzZNyh3OajnWn7vMaW02Fil8Mug++201OzVPwzuZMqOigcm +zSj23V4fjSyQPvBXH2HN58SEgbs2Ovkr4iGjV3UmX35N6Lvasyow2plKs7SxIEQbEaSOJQ2X +PLTNds44iGXFBo5m4RDVNM39yqkSBuu1rCsw39vwJGIp925pSB3NCZ7FPzMjiUjSAJPKt0jn +oO02azMvAtJM4SRsFssua5qbOiwThAqKd7oWxSz1pw+GKjZfSZBLps0ORBLU+PN4ZFVDjK5h +OVbvyS3sTGW5NgDNS5jJnjm7inVlryxH/KMcWBVLS1GDBNl8BIhhpiD0h99Fl2+5e94/KwOJ +ARwEEAECAAYFAlEL0f4ACgkQeqOW0SIyrd3/6ggAnKTH4vNaezdGaa1KbVD+wnfChtDQVm4J +MYDCpCeA5MHIIR6iev5i1wI+0+xFRuEGLifOIqW4RuDzEbxpXRzxT5nzVyM0zPnGyUEXdbJH +D5wtaWVFg1cCIARzK1GMzpVgnxHuXHIWjJKLgVXgE5G2KuNRHEu1kvt9R11H57Sa/AsVZwiV +yy29Jq6Xro0tWJ+x7SCfCBPqtOxR0sRPCJTYHNOXyAxpziL+uxpIjscszdWZqDcfHqH5NJ0g +FMQj0crBQh5v8p0qSFsWd9+p10dQtyw+cg5nWbK+CtCBlR6BVQwrDRw/J+jm+dbiwxanF1Ma +NWFNx33B0YcmNHrwPX9bHokBHAQQAQIABgUCURabTQAKCRBYXFYgF4TIDJwAB/9rWGUOK/1u +UdirnJ3V96F7gkZsNMHxgc7P9qIAU/gNChWCYrjfMv5v/LAPILyRdiEv53sQA/6RJtm8AwPi +QY0JrF9AVveKaQF2wajPjnmxGWf3ubQdNDMK39cW+rqgAbvvMN8eIhQmFSbMGUCwJ0SeHqpS +xqtBbwePc2CVI6G4/j391x3InuWaxwaBL1wfBdI2PEaOT67wirzpxHzwaUc4t6bqqjIPqSbc +WVpEWy+Vwy3pYBisUGno685dWmr2F4Tdnr4cW4Yw0uB/kpnqEQ17kYb2QQPWWLFGPywc4fbN +3Pw+qjbOxjx5rJPfA0+y9CAzU7Q8Mkzjtln+xpSiYl4SiQEcBBABAgAGBQJRFtcyAAoJEB/M +D/eFTXtXj2MIAIZo7y+8WN5nXrtDtZl3hCd+FTeUnNXsuomMozQPBhGjpJlCDWOyfkS5AU0c +Rh59MNooE1wDfzklfUtcXPihHmbbC1IWZuxset3Nqzbk5eAU17gk2OOdC0+CRWKlanpIiVMb +ezdT5MHGwPV1N5drvEju6kKcFBGnxdTBmV+UaoP7eXEznF3UX7hkcdV6/C4cdpPps5x6Irt2 +K0C8J3D0HxqWc2eLQO/Oz04r+dbmR4ZUssPMV6HJT8NQcpgaKs/u63dh+eyxE78CQ/Byr4RU +M1cycVhiHDblrfzljsHQrC7GuWIrASNP61suoc82hn/KEmWE/7uCS65rPI11v5/8ujGJARwE +EAECAAYFAlEmOV4ACgkQF6H73ZZpRWft8Af/doEIQUZa7xBIMxZhgot2UXJ4sAWF2fu5FKLx +/vQyg+gB7VWsX7KRcjt6kWEJAncOSIhF0wLUwSYl4AeP9TndCkXifJ+53WO67dVpwz26bwoM +5VAXWredZaKvktKO1Oh223w0MNtBX9asFpuvXJ6QgkLj8YSpTi1omdz34n63Ll7CDAm53L5+ +ITcazOSzD8I3piHYOWcuKYVj5RTAuDN9mc6pTYMfHqpcijM0s8uuc3gjENkxgQ4yz8CUc3zh +xWi/houES3zTvOYeu1luPg7HJcwAIPLMrOLUC8VYjMUys52aDuTEY5MaHJUo/9pFSaPyG1lq +vdhHMHZBTQzLQgv9uokBHAQQAQIABgUCUUJ8tAAKCRDd4hFfx4SQV8BjB/9QuCEl56HmJEq0 +uKLoB67XGhDyoiGHUeuc2LI1yOviCvqpB1ETcpE1PPheipQ377ydUE8xgDyBf3Oe4NuWufwQ +fmY6mVoBiZC88KiCWI0M/yuqvR6g0JjlgVtnrhkDuBJ51QnqxblW84lFsQrt7h9imNsxgvd6 ++q/99AZ10fLca2ESLbZKCFFTBAs/ZHXgKdqUby/tzaHknkmnSFx+KtXsQiiFzZOG1iFNKgqk +axAy2tRsWOeu4HZwO8JSkHLxF3whi8wPin+1CDEp95RIHpAlSkKUpJ9sM0NwI/sbdB3v1RJC +jvqyCbP1Fmkpf1U/Z3H/NwE33JSabJh5A2kdHgEMiQEcBBABAgAGBQJRSeEdAAoJECZKBfwo +vitIqp4IALixdBLxmu9/u9MwLG/RGUOF2GO6sBObUl7T7ZeKJ54twW1UMLOLjbEXklXCxSja +nMwjNJ3veMyA5yRfyWHrRg0TihxPgyNtJcq4LwHbP8go/8158pY0D0DLxjuYmGv0pWjM3ez+ +p2Ue5CCRvTAdHIhyLfBEGjT/O0ap0TpVz2X5t0p14M3keSfQrbSHRfKBAhqfODT8PjIU4zHE +/6rYg1h8Nbr2N6ocm0XWCgup4AedsJaRmyLYKa8/n+mPyF7DkZJ23silH5JAbqeM2iVX4az/ +cb5X+71/Lm/GVcaH/iKFSS6MU10yIJyjRRerGDXWWjfSsGvsONSnqMiHEj9DCTeJARwEEAEC +AAYFAlFfnTsACgkQ0zImB6Fn+5XmrQf9FYY8Zg/kbNYdWFQjQUOFP4JiDb4+EdXhhrN/cCqb +y2LzeGw+/zmvQTLEsCaO564AVg3kmmlVEqYk45YNpZdczey+oK4HJbBbPAbSjIHUeiqZPqcf +2M+mf5C6MJ46fskiBOU68Td6mzt8Tdwsn/3ZAPWmBjpG4giOnE2hcKSiCH10GrtwDUGUbVkl +xbdTWgQwiN0MBqVkmykjvcY5/r8Nvt7a61LE+0eCuVQEURfjbrKYYEpKhLyhbNLbWE2zHcTS +WbSCZ8BzMSx9nZL1t2Gi5pzAvDB1JTaCB0y2NnWu36B08O1Wb5HxU8qKETlErUqQYqpGzPj1 +tqX59CtgqbNGjYkBHAQQAQIABgUCUWKP6gAKCRBBg8gUBrIduL42CACYOw0dFKRK8g846sJG +HLLcsrt9TFJaeDTxhKW/fUc7NkuOT3maco487SqMCEt91zV8D3MyhnjaUCuYJqtaQCshMLGC +mmPduIdZDtcsmlENUJJiBh0JJEXQUr2evlIRViuW9fxg60WdlajqlWDBif7X55/oJdtAYbNV +14aOqWaXH9QllaDcTkVtju79WqB1i+szV44REH7BIRxcBO/UvVTVE/upMYBIes2ZZ+lkwsGe +0mPIs3Uks+5LhzlLWt/j7YrFGOfz3HAsNyAKFbHGdDJcGfKizXK85ExhfvkQEczyI4NVpCvj +JQ1mxLt7MtIXkfzuIhDEr10mkjPNyop7jydTiQEcBBABAgAGBQJRY+XvAAoJEDuGthDu31um +pfQIAIMRD8a1cDYpTNvFlRjrD57sBY47PWbL2OGkirbXGhPAe+dqVIzVc5syjrkT/KmC1Koi +ZhthmKqVUY4vsT4p3sAkqXZvFq4rt9VYJyRBO8N2QR2FUnn18UhxKUCIOLFIFyl5ELkhFYdl +gA2uGmdTu3yZCW806PxMVTv98sUSM/vvvadfPfXCD3srL2sOrs6crl8A+T1U6ed5ciSAW1Db +fiFy9Dq+3knQhm2WR+MIcYggw1ggREQaPD4bk9b2AwN56oy4hwsNX6qfFcQNIXLaOJc0mvqC +fGaY2U7P2OoX2BjhK2Ib4DSb8U9n5KJrCsZRK06WMHkoPiuHiMjBfbnJMsGJARwEEAECAAYF +AlFlGfIACgkQwRuSkxvupLhQDAf+LLHe9dy26UY+BeDNE2pfi4LMh+bw9sM4BfHofbM5eDEn +czcZBxLmCaZLVEzwcZzWjRhAhQxMIhHRJfWwj7mjAwsUeTNuBhcrR+dZqUHh08zALEFdj7Yr +bXz7MO3OpESojC/64ww6lGPde5wZQGzuEzU4ta+nWtc6IlxkVrr3SL8TPsXN7+btJ8uSKzNR +qNsr3UxSmfQRKw2ZXYq2D3yJz70D3syq+uRTCPQ1AWq7aHs85gU7VMMwAOfoq8pDL2pzrded +NNQ/YjPnZ8abLtkyNiuydFfpCMf1AdP/JyAh7ycvSOVWyvlWlHjV1iBBsfC5eaUr2RPQMNKF +XVUDZSA9bYkBHAQQAQIABgUCUWs/YwAKCRBVew4h+GQ+m22lB/41IxIjAYh+d2vcf+DPRGUB +fWAPxNho52e3j+PcadGXMVAaJorhaIzQDNpCnVAnH+4jRlVt9ZIwoTwMM6Kyurksq8IUoXTs +jf1S+pgx5Jb3lRtOM2xXQhtOz2Bf1BOO0QWfzfD76dxD03IM+BijBm24o8a+b7MPB9cfCjKf +ZEqorjeFxkVdaeIxX/4Wtc3brYO4+V2flt7ZT7/dixwiOXtVpB5qY1xg2zjzPC4WTf7N+V1E +reibbcdTprbGRlxtn29/79PoIaNEYmToBVlnTl1FHQHOys43T0f+ZWeWnEvsA9+maBdIN9cL +pXTGdbuMWEbX2S4xwaTf/rD0dCvewGubiQEcBBABAgAGBQJRdSYQAAoJEArHsfNPqXanQKgH +/3Fsm44cmDlEe+bum4cyrkBbgyfqYn/6FDPZNgXoD8n9NiMwBQFz/gNvSdXaWioABxDcBrmK +uR8dA3oS3y2sZIWso402GE86LblzOPwzdfXrHhPGreUU2Avfe3Xl+xdykjUmefyhERZyddgb +pnBcrZf3BXPDCHkU3WgVgqBSf0AzBforC2mJwxkagbzPn8dyS7frIn1ieO0Lk3DD5Hux2PnH +w8MFs+GZYSHxL5dpdOMpPbFuKLAz8rkUCWaMVnXddPANPsLFEsPMbRTEdxUXVrzk1GDd4Q31 ++pVh5aZde9d1CRfLf85d0E7Nr8VGFnoKSI+kbIQylZj5Sb6Ccf5zd6OJARwEEAECAAYFAlGB +P6kACgkQZXBWuhz2rY0PXQgAkMd9sxgcyWsW3j64fOBPWcwwe2nyN+uPX/5MWxBWsb3ouIe7 +rIsmROtMR3/t6jqtRXKDxuwp4lv+G810+8SvWq8bBkTNva0tjLvtghErWT/Zbde+BPsP7oki +IFQF4EHGXTVKciAi0RGCYKpuRBdl3uD4zVvVNj5S3o7s2ue2usKPA9VUcfkswXfUe5SsnrVH +X26lkaGSTg/dK5tygflQJ7IiBf/yfjMzdY89svq1v6uZd8VZqpPBtSfSbcODTCXHOOlKZswf +CHkRtYWJlW5D9seUJ9lwAY+60uPgw7URZvkhHUxmP7MPYTxloBTfPrwiMlE0i2mfQDXAnYVJ +kkGsookBHAQQAQIABgUCUYNujQAKCRCjE5bJLMXWTqgRB/9nz/dCgZQFhgAyZQ13zAEpG9+h +wQlGGuUa3qJ05es4wRmqGzXIEP++8qSiPjkOlxgOVIdjO5QFSwDY5xGUdWzsi9hwA1SQxlz+ +9upqfK48AD8g+DQ0abhHwlRU3Yxmc1Lf4r2smjSRTPRg/xWOeQv7moijwrwhZ5Q0xATWw3fw +Tn5KiSZC3qoQVafW4b27dDe0Nm0KNMeKzbgblu7MuyiqZAXKzAEn7qEEnDsu4vcmysGd/oiv +ObVLcqFqeLEaLQNc1nv7mDbC1M9wHKPgwwbdeyvT+K0hb/m8lgy7dIYb+mq9hjUiwpjKYd0f +Gmwx55hy4FeV/jylDW1ADIlSwHdSiQEcBBABAgAGBQJRncDWAAoJEDVfnKQn83AuUOAIAN4x +ZWDrAyfjB0bB7t0s7vsIW/rAwVSYESDBVBfY2mSbEJJDGALK3MApt+qNlTm/Y+3CzYV0U7+F +Y4u1QDiU5uh1vcKwxg7iHecivMEpivFsvw0oa5RP1IGmdhbKYW6KSvp/YK9iAnDi7MVipA/a +j5kO2guQSR78gvVZ/p0VtyGxItQMz/Rtx2eAvuo1fH4NzDklnsedSK5ePvkkR1O9mDdcMBqX +62vPZQrj0cBB3ybnQSfHsA81CQOuximjmARL9hJumxTUcjc4F3DEzU9O/vSw8x8xmMn2caLz +Qvd2qLGrLBIyCa7WYe11aUPRo8RSEs++Fdn8GldAS6ZplbGbtiiJARwEEAECAAYFAlGdzYMA +CgkQP0KgBfOeoDEXJAf+NibA2BCLJwuZWBfWAY5/noB7xi2xuaJskIkFcKn+jCkFvyLlCICa +4shx/9GKScs4Zr3OQOrRGdyW9jOB++FW/hdgS+ACUbd+w37N44ZmxvzeoaldeVAA2FB8XdNh +jg8hmR7+i/4vMnxTAMBVFoVAnyyLmcF5OI12hzb5KNAlMykY5xckzZLVQEOGq3+JWQe4htw5 +ied9NkebMXVmybL1a/e+viffZA+KS1lA2NCoysaGyZv0xX5hgoPQZ1eGPbfbKO/Q7Jeb1kSn +z/rj/8SapT98ZEWUtWBHI6WiilWXvmVXxTZLdq57Hd6wi6mNhZ7CNP9vqkTZRduth7U+vQkI +WokBHAQQAQIABgUCUaYbVAAKCRDCsxtDhhZeSw7VB/9D0wR0w9ffnuFt01X3iU77SCfdDSDJ +h3ercFtuF+3uASPPc4TbgKYNmlY8H3HRL29CTITj3AWo0kO91gQVoS2xHLY8JkiQQMk9brse +V502rXKooyTeEbkgDFMcciGux9jrsYK0P/xEskt7oGJVq2i7THEfuTWtM4kujz73awB6MSMZ +MSGbSMkHZi2ksO19AwngqZgZc14Oroa9rLi6BbWE8Jzc0yAS+nS53f5rWcLQTh0isu5nmz1J +o3YN1FvQqCRL4lGhEc1RF541RD0Fx9otuSY3n8EsZiX4GY+nklh+8nLtOcktLSlaZNWDA/vv +EHEMn0gVtC74Kn5tJPSiHMIciQEcBBABAgAGBQJRrZXIAAoJEO+ZG53aU2Xhf5kH/3BJqjfk +0WU78+igK684yNhzNOs6Im6Ykh58eGeo0KPmnYh4qnM5TaNE5obA3XtpOH+z2Z1ROZmJPv59 +jMfP0Eezhf1BO+ZHEaSWDp25JatRSVLvuO1gQXQCahwsiCJWi8832ygU3CSwpOSmUWYcgXJZ +RZ9sWEb5KPlMa6O5a6a8T4EhGORbi4C8D3qXRfFP/UpwchquYsBh9MN9jfdHHRPkNBwH1nIL +m+z5qB5qkQhKzEkoEtjZkfJhETul9Z7I1iyJ0foOTuDT6QrdJ0j1yD/VgUWHazBnjha+lhh2 +ROYX9M8rVtrN7ClGLiZSIKhDA57ORZks17ed7+aEBomUjkqJARwEEAECAAYFAlG1wKwACgkQ +dOciamWF0OqH9wf/aUGVHnjp49Q9LfH6uXJczF6gzMrpslL6cNCwKLb62ppGIX9+5D2OTq56 +0k+jMyKrNCAdJyKJ4bEeBfwViageKuF5SeY0n1O98KihtHG47KUTyvKYb5LBraG3e2Wu+EOA +FHIU6xmQ/yCdz7bKPizxTmHFtJDDN8dPp7xO4LrEuxXbDyZNwmwsbCHiRq9ZZswgxRV6Gmyv +5r6yNu0v2tQKOjdQ4Tr8HqryaaeD1G7FOBWGJVCzkt0Ug1IEoyidqa2hjbUZZXF23cILQz3v +jADZQ/5oKAaXZFBCqFN7JLyNVi3IC+iCuJ3smUy8cNK4+0lC7TaKkMz9JBwYsws5KG/Fu4kB +HAQQAQIABgUCUchPvAAKCRDgwKrDeT5V+Z8eB/0Z7YuRSujGxK4d4Aq/GAZD9vf4GA6sIB2N +8NqZcJjAjPgxmG0iXqYexdAafPBa1lVmstjG+/+CryXZB7bvNnhJBwXKhJQF99eb/fMI4DwU +a7GBpjLj+jT5GBpoxwltYk8riRIKlyfbezgtJrwNz9dITnf3SCMHgryVbL12sQnlijVci7ni +El0gIkh3S7OrGuqnQ4VcGTdChy5QvNBMbsILmp74WmGnHYG5iJIwVvEjqAOYl2Af0EcleKXi +9YB3yuscQ02l0tGOPF39nrLfHqC9t9UE/r73JwfJ+zo9q0WZGzp4+aPu4DjdaHuX/OQ/iMP2 +z1nQejxbPDUo6FYo/p0RiQEcBBABAgAGBQJR2K+BAAoJEKPPPi86xdXz0+8H/jehWkv1xAa9 +YTPogtkKp8Wt81CXXeUdQzAlvLnya5RteXGP0iq3xEaugpMpWVxn+f0viFTH7NLbQPD2Bswi +G6/DN2ZuUZBNFlz+wlEpp7sFZ3d99zDFYC83T/rdytSO13gDmCqENH7fEE7hQskXqUwEHQai +O4xpxTdxrsqNZ0C5d3jpWSwu00gbFwrlr2iBkbTQYYPXW43GXwxN2f7oHuHqQ0ro6x8sccGD +i3Ui7afxwXn8iJ38qEJFAAFzSiTIpdf1NZOrZd7HxNk50KmHtlwpWzIUpgMruZYyo/wLjHmp +SNuWvtfISHKLlB7U0Sh8mv8o4qcUbCH++gLiegIb/rCJARwEEAECAAYFAlHa9+UACgkQ+lXW +1L3r+7mC/wgA36Ujb6beEQPhxdzBb90B1gLoDe6MOUWUZxVnLm5L+Sj8hGgOTLpGU5yWEZoK +lE4fG11FLdkd67JyWon8umahYiiEu/ASaWgknL29aeF9G5xO7CL1+nN/HhGkb9N5ICigpxxn +1g4Bs0Pixh5skpy0O0ThOQ42swJhzFANkoT6LrDrUYHifqbeVTtS7UUGPAifG898L39n2QAg +UKKJYrzT8+0KreAXtObcp9I1MTnLh8ctO4kxHqLrwTJY1AeGWxdJaAjesrkaGkLNuga9hQGG +Nlsd+Y0zYSnsvj4sLn9+huo17iEF8po8U/5L6bxcaUafdrAx3BcJmGVw5VWx1fxEI4kBHAQQ +AQIABgUCUeBSOwAKCRAanXQ/v/dn8C91B/91NqOKxOdsUvnVTLZf8dQwNePuVlIn3ZhALd+J +MOoFGu5ys665FYJ5Oy7smQqVloKz1sUR4nM625JupvZf5xNNpmFuO++NubJOjQ2xGCW5fD2e +Ipvx+b/lAP9W1zn+FS4RuUhTuiK5oy16GdeJvMN94meM3ewdl8xFkPr+1tFLtvIRaMvRnKC0 +GtkSxAwNPep+lACPBxZxIbzVGNNRbO4+VVXnLxOIApNv6dbajCa6wwSvBJzfOVeLsHFP7OU9 +bFKIiEn1UUPyB2Dz0aOv0lOigssosTIalE4Stq1kbdR8BjOcmVK3gG3HZEFdIgkqrJ+mrCc3 +nnv4bFVr8Ua93HCziQEcBBABAgAGBQJR5veDAAoJEO2XD5lmz+BeJogH/A9mel8OhtmQrtAj +nQ45KimjfEEAhDqqauXisbkEqqIJ43SzbBuxpjaF2qwMbNbPC4e82W2YO1qwoZTTqz/z+NHN +TJWhbtly1Y+3ymQze6j4BCuxafAWNa3/VUWu3sNYsRjTWPn1aUaIk15FaJKWA0VhTi7YlU2V +XPeU7KsDeWHm8cz7qSBI6RxneLViAQC1+mLD0UoEggoWVCIYEfySWMAOiI0cvK5Fjt1ZoN6d +yPdxBJ4Q0CGXzvqucujT7jkkSLwCRCRf4IFfTPZC6TJhQ6h7zwJrtSl5PeVy5C/SLduY5Ol3 +LaA5DCofKb7IhyAHDzI5TpD2nCxt0Ty1PrQCODSJARwEEAECAAYFAlHpCwcACgkQ8mXwAB0+ +70r7QQgAvXsQi38Ycu+XVRwSee3xPtJOA5ZrBDhUfsW8BqB5+q7o0ZSmkgaqhxisiAxtM4FE +8WyD0J9AgJGu3bFypVci520B7vPDRhxKDLeAgKJ1mSRmt5Dh5YJ36dkC+DhXTaxKPLT8r0N8 +BYSE3jOfXfUdTBdyF01D7JurTTA4ZoncOhTPCY+2573eI4tNIPskTo2b9yNBHgN3XpacuJs9 +EhT1QIfcJc97dC3c6dJJbi4XopEIDEANTAe+V7o+6k/nzaiZ40bykHGOTPGL9cfKpkAhqVzA ++14cIzmT3u6PTIIXX1yuCeaFLCAmFHwQNSJio1a56GTlXusc7oMcvgjbFNrtsIkBHAQQAQIA +BgUCUgJFDAAKCRCGmFzVXOSC5J6cCACdVsw2VbAuNOxM6MVNXLE9zMWWCO2JMyzF/J/GJft5 +EIWaUH4njua6BWJic+BBLnvDqIX30xRXKHwbndlfF3C5nAJbH0luMq7KZvcTfA4mRIBc+oG9 +FCW7Jx3f1JenGIz406ONAEwxwmGiBU8kuyVRnq2it8DpFeKuE3q5mNg9A0QIFdILXSsr1Zca +JGY44LRPrqlan/dwBBCMy0c9qNrHlCT7NITtoOtYc7207Gjn4OVugVZJMIC/2ae4F/W5HUMN +Rrs4UXVJAjSWRDGVEPlKdAkMrWzRWwurJhEWCGL4+7ceyCJ6o3kWhAUsyyiYXQvrk9LgJ2c8 +YMTDt7qwhxt5iQEcBBABAgAGBQJSAkX1AAoJEDvi5j+4fN3M7Y4IAJ8ZlczVASwGRh+KMn5H +lCrL3AoZrQdfAxw/BOiUJjaAptz6418UHhYYdE6Mrm+5N0ABMZvIIZRs96Z/jja/m8amtB9n +5WgwXIyQqOtLRey4ocJloJ8rKl87gwNmgWDEwohkzgbmr5hy/JwFrvPNKP25Iwvwnrl9zfCc +ViET4y6dwYHHsITCb3NhCW/3CwkM/F3l1CdrlV5+MGPtj1srAFHwtNaXhp1ezX+PTThKK2kF +MHhp6935UlCxoy6IJOwh3KP3hyhFec8B6BWIL97d7HS4arTqlxLVwxy5/APnftToYHa7tLXW +ks8Wii9wDZQ5w8OfuUaHP4eVarORwBhTo7qJARwEEAECAAYFAlIF8v0ACgkQdND8mR30bDbH +jAf/afzfwbIXXEEQSJ4DWtagjU0S2FQ+CAc9mK7PRS4LtBt+tlP24SXN/xcAo8WrycSevsrB +St3/qK/R+NdRQBj8ksMVi0L4TQQ4FgoXJBUkQ+azv4qXPVqwEOfWu+6TEJsUzeJPboc2Demk +mVQJm2xj2zSQ/v/9W8jeDYl6dmT2RaCowLJ0S1lc0GJ4G+xmxGUs0JrZSfI0hE0EryTdVXdn +CdcQyb/2HXwT4LNnyz4jID2IC9pH767FMiL43Rom7sBRslmUkIjldFbyj8TU0UfaZAtVgd5j +MhWbTvfRVwqleaAmTTjbVDBuUYqBIwypwqs5fr2grghZNddmQ5KHvnpvY4kBHAQQAQIABgUC +UgfspwAKCRChcBNsVqMZld3PB/9iTTarMU/8iOZZ4aHiCiAUsfqMYCy/LYWkYYICjkncjBco +l4U9I6U/ZBSMyeXtpwsGOb7ormu/InbuwJ+7VkgpNPeANE0StBuW19O0XDaO2AjeAM9PJgqk +XErj15wRinqgEPBf2D63mumfccXx/hoWLRhdblJa/YxO4hzrbAEGs9uqTd1jffmx291vT2al +cRfvnvQel1cPN57osF039FYsrB8n9AdEx0Y729fYpwg8HSSuqAVKd5vgGJl5XtNqS4EzSLUA +6tlH9yqQKMMLRppXjWJGL9nj/mHY9WQJoDyA1mP2lBypne0N+L1isTYOdgWtcXD4lHOzXrEz +mHottCrTiQEcBBABAgAGBQJSFyfWAAoJEHCxSLrmNFUFNdoH/0RXsIT0kzpBmxS7PvAl/hZo +doQaPPzLXBt6+uXPdcWIyaX5aDlrfQIbWHGfxsutwB+JdvoXLT0KL0mvyUEB0gwiac+r+UeZ +ss+XVnudGTKpsR83SqEeD/l983HHpyHvlX/mY526xhtScR+pbFsq+YsIOQ/B05PvsHjnVDn9 +VsTNF/jsbzVUUo5Fw0UvbI2S2SfUBXdr11TrluTL/QE6x1qGZG7Wtsm3jIjZny4ZfjnvLIL2 +yuw29CrID/MvcwF+MJscQ67KdOynqQWufrekoFrA8pSXw29RCyMvK5yoD5y4vjiiY3e/sdYX +DY/yDMCYAD+n1zbYPD71d9IDYNI8yrSJARwEEAECAAYFAlIZAh8ACgkQ7peF4ge4Xjs1KwgA +hK1qiEkKGULyff5k07OB1CFbju+stHsFe/08lfSvxHyU8CRY6S/IjXKFGdlEeQ2espSd+Nj/ +jvfO/y7RQRwpg/OTlu9jgHp67T4xeJ6KQvAkq8QPZqceQEG4aHZArz0hTpl4FjbDIFAk12hR +40rmOUq3kEnm7PmEEswkan0T+AnYohJKYagarNPvpEW/UwS1ur2pjZeoE0n5iURSnu5Aj+F8 +wnCy1lIptli44bSd1io8uc5NAizrO7RAji6l0bGOgeFzs/iCUvJ8Y7SpxlReb1unwJfAYaPT +eve/MDAVoFRQOcz6xv22TpNyLjB5XdEk7J/x9VUfzTCk2Gb4MN134okBHAQQAQIABgUCUh0l +FgAKCRCoybYZvS4dGO7AB/9lnkoIaqwFxFAAkkSvSx5ToIdSAS9MOd7D5qZToh98uf5pMrr6 +aa7sY0fLjxMfWuL3SLxtg8BmXxWINBn3qpNd/BDOFJ/J1PqfyAxGeuJtWif1Jm1J6VohebJN +/OeOalVNqm98ylCfeXbEKkyvYxWRM9jsY9TXuI3lYWoTP3XCofgH++AICEyMEadcWymvkczS +dmxyUmydm4Yq18qQ9t/C0Glmiks9+E9kqs6/XaQ1ky7KihN+YwZ67mY00eLPWw1HPZMABjCf +1sWoIB0a0zebjmch6HazuX3K6PssGoD76F9vZ2C94BQLiTNVEN2fhzmnRfJQtePg5FJrrj2j +uIoLiQEcBBABAgAGBQJSIgWnAAoJEM4B7GAWmQLqAtkH/2p6B60RFvz3ULfxOTiJYElEGLM/ +T98xd8VryBUQkf2smQZGx2IlzVpvn7qhNs/5IH8tuWfPU7d3z+XyhhaOD4lXV2PfRxkxKHY8 +EkVfeXvaZy9SIWosGrUe40a6Ebr18zto5amOemQMh6pvzzTdhdF/pSQCpnARH3Hbd17/Ae/h +yPn4QzpjZl3wIN62UUPT0MFm/FCXyAYBKjCxST415vYlB56WHjY5NYjNkKweNQlcIXZiEKTB +xctQcJRwa+0Qp0pSdo2D6+RxDMBlTWb/Nf/yogoKNzLn34HM0h3LeHc4XnjniotPJu24G8Pj +fxNdmJvBs3BqBDNWA1N7UYpNwoKJARwEEAECAAYFAlIkbHoACgkQY4QC2olqvaZkzgf/dY5n +PNMdSieZbQ4O2+bSyiDDbWDZk3TgZdagWZxuVNXKu+ykkwSwl/4WXJlgRf4ijI55DBE08mOi +GZRYFpKGI869aD9cWGO61w4SoaUTPZMBMwJklSm5LdlXQfhYN6J2ufrA+kf6gCeoB1iN6RWq +Uj6MWQ3YBsbxG48LWp7L5TWB4TAflHp3PCRtf52rHgU70yflKEh9t8PhFI99IVGgnVACMgek +rJfXOX/NgnP4umA4v5R7OT91H5yWDRIyqUagUY2LBGsZ/fo/b+K/yR7huwerbAd7KPpuzTfN +AiKseGGNQEw2y8i81dD0jx8ajbqa8OTgneSnlPAO/0z3XEIL4YkBHAQQAQIABgUCUiubsAAK +CRDAm/DZkTx6+Dq4B/9XUDBHTpxpNU2WznKQbt89Zs6EtkUj4SXAooJUtMQBrhUfvmUDngFW +4YGaOIGdUCfrGo61UWw7/Pb8ESNmGt5KloGo5AgpEvudB5K+zXPYW+fK24Mizk7PH8VWBdz/ +lyUd2jDDWSAu1tEti8mviSZ9nfHs/PHpcFhFrnyvpExD2Mb+Bbmb4cMhbFw8+1UnvMue2ltM +zQEc8SKsEXOUB5vPzCVDTWRd6dNAW1WilZszzeuPh/0DwqS1SPajUNcWhVM3wzrd7UXoSnss +V0kGLQB3FCZckBz4HaFESM6RoYxYU8QnjZBytHXJzG/IfIaVgHY70b4ob1p9RkkMwEzGoexd +iQEcBBABCAAGBQJKBM67AAoJEGjoO1fLiqD/F+gH/0RwyR0aFMwazH93cnQY0mqvIYK0tsPW +RF975BXNJU2qxpFPuRjQvpGh9KUXiCBd0SkRKGuQDH/kRvNwTiRUtgnNP9xE6B74D9Osn3AI +jegi/P32oNMOUxnxzXF29kWkZiEuXeK6mV+c4XP50kfTZxHbBIg+E2qTFoWe2TpyqbBsJ+EP +/LcvCGWqe2AEU+BfNyYkYSeB/dM+9CNx0g/qzOKCgN20aoUxNlx5tokjYpeGtJ23PZX9AJ13 +63s+AHPBUKHxw10Z9ILB9nD2GRe+EhYwEGy7B2OAmUBefk+S72H57rbP+Saa7HxmECikhkbV +iK9NW17Q0LhtYSe8b5PvrtqJARwEEAEIAAYFAkomf8kACgkQmwAFc+oKX7InfAf/ahPRj1lj +0sqHymRSawNdIGJfag7INzCRJU+M5wyICiGixs1KlX77MgtYLrUcPyzz3f35wdeuh3zF6/fn +GRfkVWjuXAKDNG5rpgOpMaa9zzVePdfwIYmNEmye1aPvd6bl1Rnqa8590ciBV7cw0sOcs2Za +colpS5ANS1CyBS7ssVW4IHXqu0gP5QPrBemwBijBvAa5ZC3CQf5oppmOi/IjzNVPAAW9xmKt +V9YGhzcUKQ8YLSnpm5tmoA5Erz/6hB2lGLExeIOBleon2dTmdSpjFG29roRcpXFMbNArwJVs +JfF5Zc9/RCgKyEm/15GWd1dyD4mZ2RHS42WF1v6iEojSYIkBHAQRAQIABgUCTYRf2AAKCRAS +Y5VFuKCOL3btCACrEa1wt4DQttc76ZzmyM4dNN3kzVEk1dLsyxh5FINhoHOGULfnbEI2JNgU +R30VrA486ul7H/xbRAQtbMzYbLGwlONpPX9KF2pBe6qvmokFGAY12UuaWyNh9rY1qlbGk9UE +RVhlyC7o/1LeezNFW0rgJD9vqpUAdXLrVvqQNaVEdDCl9w/21BKirjWuaEudX70+hCJpjPxH +kDNJP9lSXUG1nvESNucDpZmFLg5VHr+0d4Kzp+j4iltso3P3zSAMIboE4EwBz+qqQ2I+G1UI +fR/xGAfV1FoJkVeY0HTptrQb7ZmripeOmB1ZKihxhL5/DVhfHET/7w1/pdrRBk1B+vURiQEc +BBEBAgAGBQJNhGFgAAoJEBG/sq0c7jwXbdsH/2kxcwUolHybRxPZf29jcRgZmajrq9osyf8y +SfM5Ygh38UuMAaicoiFjGuHvkEC190AgkQQjLGHgpsMIryMREmO1uzdTP8AncQIWspFtc7YT +R6kghTBuAGPtXbQpGraaq4aODDDohHUwTTMT4G1tYDcELGXmLsIrojPyNEc2CpB/PMHsdveK +T2nh5BIkfVDOOGcCgrGDwBvfWFzGLD5Un6gG/dckwasKqvaRy7LZFr+FjpcF5CsfgpEyFhRi +SWONaiAlqb6C3xrdzuvBi+JH2nu9VXQSXaUc5JI8y5bJYmMQV3uJGvUudherDP8ybfIJu8wz +Yw1fFjwn9CCCixD3oDyJARwEEQECAAYFAk4h5ygACgkQihlkmujbtRU9wAgAl76QdQTVHnAa +G9sJwZzYiMJ2Y8fRL+fTEoOKYOpLikd7HITVDIOafAKAwgG3B/BJaOwPBMnUVtHxC8U5kTFq +3/DLg/82eMT/BoNigrYRZdCPmDbbwom2pH+m2Of8bNc/8njPZgEw4pS3eLHAGhY/kABqRdJn +agb5qWsEZB0tvFnY/J+qpAId5Z97IUEsKjG24K6QMFeM5UtDFJowLvzHNO9LE/QKBkjNDsV2 +E5DwtBbXDPhqJ8tWkkXIU3aK7GcybeHZlX9/Q9HbD+xeiiIkFfNo0zoYDFXY8bxSCc9E7PcN +n9SzDQQXxWA7eMvZ9hXg7xiVwrAPVbwQJsnkcXQRcokBHAQSAQIABgUCSE6CJAAKCRCvLM3F +9drmV5N4CAC/PvnKz2sDB+g761E1Hz19GuuMaoVPYETUVpdr1nlyjGgYRHWVXq10OmrqFbGK +Z1Fd3Xl2wG/U8/MASosPMuGvp3b2V3Rox9E1rXsaRfh01Vjl2PAWg4SQHmmwA4rIeOOKbwov +BBmnWd5H2nDAflwv3Jn9pvRT1ukL+cT3b7vmYrlZwmRa9lgSs95FIQhMO6mlLkaXnK9f8yWj +L28DtMEfTBxyC1yAzS827/uqPAv9pnElyzvaruqKGzNG7aGv5ZlsNSSZQdz6ImfusaZBxFVK +PIv1N/x0PBn0/43gzdJxr6MlyMAO1gsAYhS+ydV49wFcUtB4SUL2JBbhzNtTEcJziQEcBBIB +AgAGBQJIYabiAAoJEEELgqNqKSKRyIkIAJgH4KCr/CsDzrW3lh86gZ4sPxsaPWoBDb0BxZ7D +VjE52dITQPLmdIH/O3VK21N2B4x6YYmZ2bTuzZtzhey1oLAnh2yzXSC0y/PB5xVyRUQPaZmI +Jyt5TvrcnWw2JUScqzkQoVxzgXHE9x9pV+G1Dq360dYo+wyZpsmz+Jz2Ftxx+FhOvwifj0R4 +KYwjTMcwPAN4gPIzLuKJ8QSfgGVQwLikMVp7L/z0/BRMDXMIhAUG0v8xEFM+mflUZJrkpH4g +eTANssudk+V5k95oqGTrZxzxym1MKXBMKO1+5ReVDNOTnlatRaIa6ntwmdr4PuqHslJEnoo7 +pjTnD/VtctOegzSJARwEEgECAAYFAklGZbEACgkQxVkqy4DH1kcgxAf/Q9/UgtXa2kcTiKkO +qQNgAKoXJMeC2LQEbtX+GWmjrGtGHSm2KvXJfz70dDKtqdW19E80y+5A425mq0CPHUfhzPDK +nJI5u9e8DtRkMmAccsY5Q9d9vWskgm8ASl/mw5xOSqq6KddcRurQou3+MsqMG9p5/OqFZ/x4 +z7SrYyavDyjX1asDxKKa/b+oLwA/Z9X/J+JUuMVhJAjtknxq0Hx/nRupZbQKUSPQIBRpP2vt +ZTVjiT4NppbvGS2Ewcd2qI6LptGrInSCRUoq35Y83yJu88IeZUs9IwF5lIEg+6yxN5eElXn6 +8Kk1JGG9nGd+8sP7GSpYkUA0BcvYRkTqzyyMDYkBHAQSAQIABgUCSyjHKQAKCRAA8AMf3O6w +K9EAB/45gZdQxg7iL6GU4iV35oyCD9on6Gxf1jFWRdPwmvo45BZ72QjmgrfKnWW0L/UEKdS3 +pp+VrkgvZjibSEvjvSNlxfQRJSBE4KvVaD4aXdm+aM7B81NGRBkqHtZcQaEtychmEULSgtkN +zCH0Ft8wmSn/thUHzga4Ck6IgdrsfOEGnnUCuq5HeG1s7vkg0f0ZntVyivyqHyYdJ/VYVD3h +EQ5U7RNtEBkBhgqSv7mbBSFd/s8XqVE0HO+yoSzzl9ZUpsIRzNmC5nA5WDzS1apxB5VGdIk9 +fX6xqFcI/RU+62fbOta6+yPEF55uUQCS9W9ZRSDeW+30EGPoV+dD4MhcAOR3iQEcBBIBAgAG +BQJMyoXlAAoJEHyUwKFLIB0b/dEH/17rXuOZemQ3m+lWDyO+3Nmiwh83GgEUbn7ckVk43YfE +z7pshrIOXoQSrdupncbzAHfd6eiA6IgPcVXm5KADtSUTjn/QiP8zf2OfGhVsIO8ohqjCCxwq +snJWXiMKB2oSqjczqYeGH6SW9JHgcA8d5Ies9rByAulJW6mrHuUGiUKbX2IytNI0cJQG+Pbu +tlJvHRIS7lDjfdqwtL+ZyjC1iRuXTty00MxoWB1tjBS7m/YL41DRcZCFxeRs4QfwkLOu24D1 +oZpr7vwHoH0FYYV1rQvdbNm3VUbGhlq4yYoiTryX02KWgUif/7FQ9Fy/ZdwxBb2Flg/OTI2H +c/ea6fWDjCeJARwEEgECAAYFAk0XeJUACgkQlOkt+SqqXDuCPAgAqEn9tHskU+Ddcj1ovcB4 +GOagU92zfSkEXP6hFobP6oqCCbFpHCbRnulQQZwHJ9WkrVSZ2c+a8S7L6GinfRer4EpsHdi0 +7MobI44Lnd8nYxBYYFDTH1pvDU2zzt2mZTFkmwcKJRL6C9mAVBgD3aleHHF5LUFxzAxUumHr +GVhnKpErSoQVZuStKPlLNMwOe7nogvPFr43GeenJ5iyvqAzPhiDnTfYTovjNlaqch7z0vqaG +Cl7ULlm+qs+I6d/p/WPnIkBvfZRG505/SO6t1IlQMrYS/RxI2M//Hzn6Plcn21ZYdTCcdaYD +AgWrdDpMXUoULtsyuZ5UgW7NzD4IHsHurYkBHAQSAQIABgUCT1+aNwAKCRDMIzVcYuKmMu/k +B/9CJHt+wWpXBs7p8j3+/mdpKvuRqyqAPAPJqPppj/5k1j1Ri6qd4hPZ7kmlFDQqylz5I7l1 +44vHdRg3ajfd6/9oNiFoGnJg9vrBK1iGYgXcaAM/OmbBO4r6TWWPEemMlsvlq1DZB5voNyxa +GVHNoHdM07zrGHK+q/Ji4aF4IvUiK1qb0HPFAA6Xfh1hqNDXbiW/wOXIC/BayWlCvSZiae9D +FP5nbBczuarRECG2acumQE94fovsKkszApZsMF+HXv0N2GxpuexG3pHg/f2/kBhPnkpxCbyP +L1seXDkWTJPlRtU/5xYQtnp+DrIHpyRJRKXjCSuWsVBR1BWDL1hj04l4iQEcBBIBAgAGBQJP +8g5bAAoJEAbEKqEo6pDdhZ0H/0ggJiX52uhA7Ki8ec8XsoE7jaTNvDFA/0C6rpW+pG2QTxwX +nrI8CgYLYU+rY/SLNfQcioQRwMyq380aye1yRyhuA2DRIyYGOeJpi0wnJqigV8la5YSiCFFm +p0WFcOqFOPgcCQh0LohlOl8K2/GWlf8WBxNLHeYGIgTZ3kHKHXwKtrwMTKcWXre22ShUywRx +YdUEvX3hwP8okRq7XlxJEY30l/Xm0U+vn6w6AQr2tlK9CJBziyV2IYN7xBQ/oVNp/jKSgrEB +VJDdOIiO71NjtGv+4QHODUE5ZF5e657la5zW+pzQVOq4jb6XKOaJ7/vg3WzfZKzo5R0oJ8BI +S5GJKraJARwEEgECAAYFAk/yDnIACgkQrkXrAt2sOXvMKAgAwXwFmub9T7zOjmrv5uO/BPq3 +x7YOjkA5BeB4RuE92rrEyzK/einXtUdGBLdcs6HLrDXIkHkoUYalRTSwWKoYw1E7OMApWuYU +4Um32YXuehX+dBp/h9DkPFr/dEOFwmx5Chem4nf8fJ9vRdEJTXJJL3KH1bxDSvfhjptEBBO8 +QROOayc3OONbFOL7YEpHbQImHvki8hZw70wtBQXU0BJTIGCxCzWHVXigdOhD6FJUVDR+9jqz +I3qhlY32LPXCAaPrS+MpTz5tDZnniyy/6nrX9FDVFkIrdTH2rX/37cJwQU4JxoekenfL8b+7 +pFs85oxCHA9DSY5VY0o8bDtC22RO/okBHAQSAQIABgUCT/63QgAKCRDDmpXKlVYJlWzWCACD +nh6hdWfXy3zfpWKKcDR2xKw3uHfj5Vz+scqb76wBiXr52O97Ou/qQj8FeqZe/hQOh5JSc1Se +dLlfkt0aLWCooRI9W8sQ/RuIOOSi030JUO23wEb8KVVAR30lTOmn2gNQ6jMD45leMYAx9A0/ +bxkiO4O3NOAtnmg+7LKskPRWxcOTCHi0JLETk8Jgqhe729Gz64SSV9RO0t5iMGl/MLJqB6hr +FnFPeYN3pUsrMpCnE5Tb76waOStTg8aLeoeCfj8NE1sR9HyUgLmY+KB5RFtACS+PT5fov8uA +FeOMr21U+wYksjW0LW/8Z5tHUOGlTfyBIX+GAPGiowq96pt8bs12iQEcBBIBAgAGBQJQBEVR +AAoJEFYaFpSTpX6H/KIH/1GroqkgwxQEf2xQXcjBmWOQO1NYcDGxyZalSfReIr9aoKwYG+ea +YQ/PXa03UEdVnuWp7gB9AU2XQ4x1YaJfOjkoD8/nOm8DiRcJyKLFIDIU3rFvDBfAPVwwUvl6 +4Ef7i+DEEAFSnSw5lHr6tuVqzppJ/JqgVZr8RCoxZzuUSRYEr/+UBwEP//LkTHU6Ni1xy9tp +DwnzQ7XbSe/opzJB/Sx86Vf5GAGBklvg9riKK0EDzWRaW6YkWJlh0hWXtVAXYCfy6wNtvhoa +EoevfAnBDJuc2eGzsaYrrqxZS5yiv/XrPKMbM0BXvJ/agw6498CsOk7bqSsbtSMECqfnovx+ +J0eJARwEEgECAAYFAlAx8qsACgkQCSgIHf9W0S7xpwf/Tls7IIvBCB83ORy/tlnUC0GxUGlk +RRiLl9yfT+U8rSf5C3hZ+1uXzOce73LZ/iBrczzWmit+gcyiYcukdtp/TCDib12XpcHqg8+g +P2AdXeEsrfQqQxW5aAcB7aKsQAH/Gl4he+Tb/945w7VAg7JGy3zadYP0ALaRXxjEyvDL3TuQ +aK/KAyAoc87065Xj51syLuxGNUA7mkqrNX3B78buPHYGPbosRenumBbfpu5WKu6Gj8H2/L+c +kHrEx5O3PCfEOd/TL9QUjPdADEHhqKE+9fFlWusYyn4bJtV6rhG5lNTqOZL09yvm2z55XYgP +f22WG7Z3nvgu7NdFDxkrgwNRTIkBHAQSAQIABgUCUM7aiQAKCRCnWJgkCm//0sslB/0Yh9eU +wSUjwrf5rdSkUq2gfH/3yCQjmqmIIcequ9aS80V6Drlvc0vp8m+4wFv2NHB5duwtn/+xChvh ++1cWpChEg1UupQLdu/WYgo601CLUMaBCyZ29134Xzq9r/kjo7+uzNSjW12ueIKAks6ztRqnz +vNAuCFJLWBvjryHmZs7Y/R/8tEEUPU6mstlbd/PoxHuvGuSIgDh+vJR0iAPXZRdthw+8/M/w +KaDIvJI1ZwiPQhDQgwCNF5BuEYrcKvaE2NFzHc2fyyLopvKIzmcb5GRYDEGWvT2yrgKaZF8D +dadXzQPGLWkbg0PJtCYWE0W0aBVvjwURGlJKcjQRC4JTcyoziQEcBBIBAgAGBQJRYBDOAAoJ +EDUeyRQgMT7G6iMH/3XPZ/QN0/4GJGHetGTS0k4hY7dCMJz/TVMi+pGa3O7DrPRA7jOBgx3R +ymrgS0iq1S8fPt1O5Y7Vh7dtl6ls8hJ0pqGPoTPyPAMm33Imt0adOQYxZhH4UbIhCS8JFMPs +R/YSCspCojqqRI14Ro64PtLf5EXR/zAMmDX3eILpJj9HALXoTA+RZz2H82qGkh0mEAS/38c2 +Ovj/eUndtGmwbdnBKkGMdUxlpFLB53dVlGV9dFIdxyhOXeCINzrRR4baPxpJmYQB8BvvCEeP +xuShDQLngz23F245ja8a2UpQTSdnsaBo694ciG5sNU9dg6+WeX5R6WbJBDDcycnoVRTfsxGJ +ARwEEgECAAYFAlIS4KUACgkQfbH5Pl2/deIEiAf9Fx/C3umHxx6qcW4SYA9va9P+932W65Th +F4IDwU3BxxqgQ2rGhZ1mxnxbm7Pz1MB8HZCxLfsU5/SUU/Q9DcKWdGK0csOMZUYRr0tQJDpS +eCdff9j4QdEuySEKTupGHS30jm1DAOF6F6O6Zl8HaBxtB3pOmA7tClvzhup6IG+GGMU4TlPj +ooJyvjILWuyLB5f6lbgNbXe22/bboLnDwOlZyA6nVRMUbzRO1YzmIy7mWGX1rio7BAdS/KcX +oy1s8S0CJsryOKMLEChomDSmuJ5rCd2KtLd9TSnPx2m1FFL+K09fEFxCb/iZqFqMK5I9T2i6 +0NS9HX1rvECa4GXG042H5IkBHAQTAQIABgUCQ2kfJgAKCRCb/0ee5t/V+QSnB/wJ9mZ4IIfU +cjL1NapB/Q/hQQj95gJn8w75shO5sBlAlEjiO2FQ783PHAj0U8LtixDV6jnoUAn3Mjf+iWBb +GW+P2wnBGQFo8T98dy/4ZebIs6jewiJPiUvXY12aKKsKKhtD2D3s1aqxh8gIq+W/g4CIRKBI +aE612e74JeapDO4X75wmSzsUta3G3pFtzg/84izroxRl7HlJL2X6iCy38/QG+4P0jfHIKkwe +qZLuh9R6Fs0fIMqsNAmf6NVZYb0PNf/3+n4CRQ40scaN1+AFLsDEhSuzGYlH5Q5kaBxrhkB7 +TWDWXsFNgwTZ2gy24LRg4zvj3M1Xq2waI7jlY1bHqy6ciQEcBBMBAgAGBQJFaBdUAAoJEOGk +ne6TgJoVV54H/1DE7JmF9Xj215E3pWQL+WT0bFS8qGPCpOEKhPNaFRcIAfrR09iowCS+nvZ6 +aeEDoVriey9oSIfqPMZwSwW1+5K6MxppSeoY8TS+F82fUO4704xJ6YeuZDBlE5bfImkLd9mA +kYfnay9bSVuBCdDBD9MVzM+XqagEJSNuzAXpTcxzvVspgYmgbo3oykzyM5K66TAOVMKqsq1s +KVgmRUuHs4cGVKf18OdQsABoye94iyhlFVsAccyJF8UXE/iGgbSRty9GLNl/y9d1mekx/xt6 +uGVrRiqLv+jSl39mSver6FBi3iqn1s6YhPec1+F9rk0v/ay3hk/w7liWgcnFRfwwgoyJARwE +EwECAAYFAkuRLLsACgkQ8swlNkxIXUaV4QgAhzaywoOckEW4YpQRx6eq7TArvd02PPnE9uqm +hIwMMfkSCog2+zp/Ad560G74JQwze00ssjlqHo45R+P0OjAkphM0Oq5SNZ4dzrT9eFCb5L2a +oKXLGnABtPvsLL2/1Lgl9XcSdbsGJQeEAYmQHWFo8yDjGLPaDn1A7sCnTbm5WadEuAWVrkAQ +s2g1XH4yNXvZSCY+/9OK1KrKq218T5oIuUzVJgDNPMmRVgl4GnAGyOS6FIJBTsnV6xE3XeWW +sUKYS4IaQOL+gaMRuicx0HD7L0CPrW16ALZQ/q/3oqRoSfsG2KYOxrR+cNDWtAkOzhixPZ7K +T1/JtpnDwS0rwyJbeokBHAQTAQIABgUCS/rb1QAKCRB3xwVEAE/QzCoFCACBtVbsZg+Cs/Vh +zS6WBLuW8q9BHNbldlgaoR57MG9aBEaKhKZLAITRTbuMHizVJvF+wEGVznbBDZP9LF9zeXDx +WmnkxF/+P2L9IJEvLxdZZ85nWDtccZvgHbMB/KYDedwhjnSmozOKKBI2tfzz4yQTGIIZRvfw +G+cJT4vSz+lBIrdraoiLWM25W8g3jqTZwWZK+xh7NDaGOQ+6CJOUgsYCso6Q3Zl0J7Eop3qA +GwZprX+4Y5MGEaI6XDCCcOn7HE94TS8ulYuzQgsEr7JaR0RmfCMBtrEigsKjAnRaT5W8E0Au +Lony7yfuroV5zqb1Ass/59RJ1ZECGbt6VpFh5cZCiQEcBBMBAgAGBQJMPdSLAAoJEDBCM2+R +zsKu8Q8H+gPyRP/rjPNctMPmMEfIH5No7e+FVVhut0P8vdjNJWML95XyfD0Nc2r5M+tE85gY +VJu6hiODY+hlI2JGm/oS/nZLpT6c/PY33y9ayRY1ZEvTy6XOR/KU6ccAL8adGmtEfnIk0Kmz +ASQXbPfW6Og3g3jVCKA36sRAYZY+nd+u16kEyoy3rPEa71aMrpV547r6fnTIWoMw6WOWt61/ +rbt26sUfLNKbC+VRIN0yj+D3M0FLftEvS4AdsUVZHfkBzauAzAxSgFPkCHkcqCDfXh0nR2L9 +k67W7ZGfw2TYH22v7Ti12r1iV6lOz1sGUuOXnn8UHRZgeve5hnsTEBEOEgNpRdyJARwEEwEC +AAYFAkzB0isACgkQvcFoiOYs983jJwgAlndNg1Q/US+PgE2CWZPGwEC58Spp8HL+03XtbFmp +P5K07zLHs4UHw/b2S93IRp8mKXBdL6tfPt9Uwj21++H8XD129pxD0KYdxYtrQVF6vKVYFZl3 +w2Wir7bqXB9ApIUZH9dYBy1BQ7YHnIvUH3C0HP1Iu35Nxp5Ih/VDSvsqIKUtV8azUSrEkA/H +M8cTwKXMm/JWItOfarb8rnaHEx0MVvcC2r0Ib8uNY/b++eIHx9upBPa6spCGJNGFB4L9WVXn +oH6lLlZyjlBTpzhJphwEdfIlZePXzUP9vw9SiaagvOj86SKQMeF+g2Nteb1f7tW2WgEkbhOD +fRyJeGOzzg5sKokBHAQTAQIABgUCTMHSLgAKCRAAepMp4WqIJRYoB/982yqsoMXQgPDLd/b9 +frgq6jEL7mm6/5ZEPOhpD7tNtmuw49oa8GZClg67sdJz6m+kxUV4RL3uO9koIFtbjZj4urBW +LhwNqY1V3OHJX9oh7b7oSDaabOlUGpHFYF/ZFGJkvtTy1CEqRZVlUNlbn2pExkzdyHD9aIcw +iMWuJbT4mzx1EGuzDOc6EIcz4pORZIuHZn3XnF6zEF/HWKajMiDgDLbFeM+t/Bo1W8icCFxV +U/dMHSnzSrHTvhiCihp5FFE/VNDwZ6/c92H1vj3TEK4f1+V/rcNWCsN5XS1SlIc4EKEp49BB +gppkKxz3fVcw3Ck4vz3Sh8lqjGnSXvDtyQGiiQEcBBMBAgAGBQJNF/8VAAoJEJI8+0Si0pPR +0k8H/1lBmAp8Nsic1SnVvmnEYXXoXofKGJjgbhdeyLZ9aA/+yYU6JqsJ5Fvy8dY1BvwBcjBD +ARWimYHOKFg6nAZS9NHjIIChX3eMjb8ZD9ZJ7cryzHVLwwgcPBkZc2CMttnt6qi/QXd9zGj3 +w8IrhsfG7aBX1zX8gvwO2ijl4h96Crr8uVhDV/n0jRm9pu9QHxaxfgys/xYk3d7KSOSDQZh+ +JfRmzRiZgXJGnL8zimIntMlgIn35Hrav6T/kyDtri9AgBSYF9E5iMO5q9A6Hd13gzHjOGQ32 +VjqaOsLsdU3IPXRA499sbK3F61i6phoFpRHvVxFxoUwFD6p13Jh9l+rUbjOJARwEEwECAAYF +Ak0megYACgkQ/H1aaq/rn5auZQgAj1pVUJSW8GmFOeDlm01cujCEpsYA1k1z7bGzsBk/vD9m +N1uswUW2uazXXzi/mcPt8MXav967eZV/71joqcvQFa/I2lmC14qNkuXT1/Jyi6jBTDj9XTrN +F/1sMSH+NwJKL6NnBTJrqdRbxxBgfLcSabdiomDCIV0vlMBTiyVN/o5WMX7EzCYaxTFBcgBX +tUdwrIXg0FIsMP1btIre8kAbCqS7MO3BUxCyJccYeXYeDV+J/FcbUzlbc3QAnjBrbZP7Fvqi +7ezZ0rD+oiUc7FYMM8IJ0cuw50i1d+QIgjU0BV+ed7Hvcb6Xp/t98bkFl5N6BivTp5Ppg8gD +OH6m8ebcI4kBHAQTAQIABgUCTXOOyQAKCRD9q2TH9Xo0snzXCACGeBhKRCgqNN1o8G7y5lhq +iQyA+Tc7XwgOZ9mhTtDVq3Jr8oWU5sMuMOqd0xk0AoelaKPB2qVaz7aZ4AtIPYcujlpWxtU6 +6EpnRrVb86ZYQ3nQFyfbAlOcrCBT9RitLgaBnwJzblw3pQdLbHqhUMhjCwcaQGuwExuVyrYz +6A4w0nRT5zDFACrIiq1i5sfOlk0KYiwESITq9zY7Xb2Ex8hkwJngMJ+Bgc9+1b0rc/x7cFuB +txNiTsL8tEowtRfTtLs5hdPoARglReqHJiYKic57jWJjJ0UDXO2femRWXBAW2m/nWg4mcKi2 +L/dDE2EITrELcIHKp+B0QDm+UB24oQe/iQEcBBMBAgAGBQJNc479AAoJEGZuil2TdPlzLzQI +AMPLElCTy4SMgUwmMOX070+7z8m3J8B2EqfPP9n7pOsgwq5KLb1/u8yobLbI4YJZR8nW+5Y2 +4ssd/xaxMx7gpH4s7qmYBaata8wvuiarSW4ty7vpnqhOctdVzAR0i48n6a6G9vtUMQoI8HN6 +QMQe2N0ZHDfmDQJ5elPmI5w4v1Ew0U9UZNJgsPnyisDpVwcJeklc18HWm2xgXgmmcx23hUsC +PrjI5g/9WrGPCsTWQYsMZL46BrwVhlB72leWOXVXOONwsRrqmiqJM1q+R+9dDUwYwlXYwhEo ++69CB8rsPz+yvEzTi9yN+t5IDEiHsjB1LiyIsEK163/ubc1lXoCpsyuJARwEEwECAAYFAk1z +jyYACgkQmJcGpj7etXM6gAgAumNg+b5qQ9HgpbI37VVR/avtmyOFVr6BWA474Ylk2D6op28o +2PCUpXJYerIr8OeAVzsZ82FIjcPTuZGJ3dZ68wLrdXMm8jCC78fPWmM0JuEv3CsThvkXTelA +LuEAo8+zZgbswYiUHh3kUfGSJuVUWn9TUAtXEljnM09OhqNEH1cU6yC9YY4fPgkSl/Wx214B +3tiLGAXj8KRGEFsAvNq+sYh/bJCAsH5KaR/IXAWj96TEBx/4ayyfdsrWwCJ9wbXQSVSFZu51 +g8/3JDzhIMDJJsrdNRI1HYFqs6o7rH4w2p7qGa4i08vD0pUFSnIQC6jUzL1V/+SMlRNV8mTS +Ub+oKokBHAQTAQIABgUCTXOPSwAKCRBfsQa6gqzg3OIUCACeyVGHMehZJEnmxCNDvTZLtbQT +1ZrXl31EvFAuwGLvMAekBSF9qrKGPhRCevZbHV5ApOumU5gSQsjt7fAqb7UwMKWYEQNTamfv ++s8XZMw14owCH1YgoYRH/hc4oZUq7RkPEW/RJd1U+/TpfjWd+2pwVZEY58c0LpS+qZs5XE5P +pNgFCIjKUYr5H/Rn0KzX0eNhGiIKMpW46azOeH5mUvjmgwB+jKGHxM8ekwL6Y4hP8AHo0xPR ++WGIO+wVohzNWr97RC7Vi/H4k04uI5ksk7QqI98PR2QfUfoBD4E3/Em7dmRLkfZetEf4zPBC +o7rehDWRv6i6V+6RS5YBDlaG4x6biQEcBBMBAgAGBQJNc4+AAAoJEFTXdJp9h0drD9oH/04E +LBv8eOcIqwgbgBUV4IuuUtUPZpIawYr9IHlZYnJV3R0kRmCymXL7iNM7rI00/KQtwC16ODRi +66VZ9mAyTNyydYtVKLRdkmgPNa7X6saR9KibNtjz7JLWTsl1bAcvPcyh9TCv7nKEzVULlqMT +ZkPRqYA6rfUXUj2+FE3sq92Mi3A9xJEGk9p7j5F1ewe+iN23fayCm5KMMiiMDfKGqDPrGgr0 +46sRc0mQZsghsGsTFchJgcRCCUjVOzZ+ZFOZjlh36b+4RXZTsUdfiBCbBm186XYNcDYUz8yb +2XYqsVv5ApSYF68slpGxWvqqDAZ+8J9B2bax8BklV65bBsL6lECJARwEEwECAAYFAk17dUgA +CgkQDDKXCx0EiXd8DAf8Do8i0BiQv7jEXLPkuXeOHKYi1PyGqvplI7Neqf3dEeCXodY0P7Dl +XgGhTQK9DlVkg9X3IycnSg+X6HlCns8e2Xu6ukeo1Nuft3YSU+Qt4W2e1ZvJPjuYUD4nVPn/ +RgBz6NfthoeUCvcy4vgkSbuCMIEq39Y299aN3D51qlBcfgxbLvtnY3PjdGOrokbDW//UM4gX +kzyCAyTypOpwR/SdRpGqoVSXX4ulVBEu33SlLbYJYePGkfxxiIxNeSbDWnAABT3tvTaDovk2 +1BuRIa5Sp/vjkeDaBEcMrXQCQESgktBCcAsbEMcSH2PAh3a8RLjNiAoAQxfdfZRpuwG2C8g0 +nokBHAQTAQIABgUCTY2EbAAKCRBCu04Bey2UuWqcB/4ic9Kwov6ufgiY90d481/0cCSVCCD/ +7V3LI8DBmxFRsRTgGI8vLPOKp257yawfr0ZKILZHrAGbvbVCX6R9G2+slQfXcT6IIoQG1AVT +PT5y6VcW+sciUt7jKF86Hft91a+eLwVmqSsV6pRh1aFV5nlnnacAiz6Ct+enWnHBBFZne94O +q6bTc7Qfnfthzc3kHsSxe1SjfSEZSMqzsIQU32GGoVwMvj3dwgKiyEzh0fxE1czwjNANAdYd +aoriYTN7Nlm0ZqPan1iri7fvlNgWjFsu4ldyNOOjEhxtrdPWUQtnobGweOOYeU2DQjEo/Cn5 +oxN7OSonoPxYLWVlu7l17bMpiQEcBBMBAgAGBQJNw1AlAAoJECl3vsGsbU26TS8H/1/ZARvb +N401ZaPnhgy1xhYVReqIrvaFwzenT49nozfojNWzkPYYxienZmXOtfgli+eH6We/tMgj4V6U +3/h/af6mwhVI2Zfpftz48JNcudTZ6TIg4unV+9pu2i8fqeE7ruS/7Eh7yP/vtV6vTw3fQ1lC +sBcqGk9TAwBxWdfSnuzp4hsL78jNvi09Iz4Gnmahx5zd3XZy4pEssmYrCUHZfpWvA0BPI6F8 ++iqpXO2KvyJTYWdB5OuAVzLk04VfhTw9Nov39816iausgJMGbgIkjtuzfgjATBB9/nxBiDtr +9M6LRoI9q620M1hsN3zJzSQGmeQP0VnyI9T80gsO8sHjYReJARwEEwECAAYFAk3RXdwACgkQ +w3yAXRZLBSxZPgf+KLxMfjcaqbWNp1nRzoQO8Nk0cYEaXWcXsnlCrFYJ9feTnK6lhqbV7X/i +1t36JmI6cJ/WZEUeILcEM3Cgp19hA9K+FHEZQyMPEFKMruJd/k9nzIX9dclv+BZ8fpGmTeCR +ct2p2clWLeehT/fC4xxXNL+q5CYwj1amaV+8oL1mmmUylbj5rDUeV7AoY89GL0sgA0z2sn2P +zro1wiihSIk1d0iez7ZyVINq2vjszZsDMlXV2cEWAKkNbBPceXe//2KNJaeJ4e1c+b5b5UNM +ld+DqNOm/mEZXE0h6fjA+2irFva8fOZDvVB98WUDbAADPeY+doVkH/afUVcBl2vlGDC6O4kB +HAQTAQIABgUCTegu6QAKCRBh8xSjcsf4VdlbCADZvzYmddGt90iDWxCY575cIu5sutjcNT9m +n/i3aQaMXuzB+EaT4jDbv3xR3ea+yOMBNbxf/4xjPF7fbfDx/i2AMGrRIyadeu4fcmNjn+v0 +FxrzlcSNTgTNydl53XPk2HoEPY0dZUZswP8oWqsu7gTvYaBL8TEZ2lpjWcAwnJYAQwBVv7rI +xy7uMz+PFLFW6cF/RC6XISv8QMFg/iK8j/JBmdGB2YFoL1x99dhbHXSSKX04YhySaiBi4NI+ +oEdGLTbB8Rxg49mg4qIzVpbmZmII2wNJO8YCAfUOBb/wHMlkYDXI+wdveNmf/ETLQLqhTQDU +Oz2J0bhCGijQ+062PgJbiQEcBBMBAgAGBQJORESWAAoJEB5nwUrxnR69qAYIAIT7KqBvK2yk +x3tv55K4jTQS1j807AW9PPyiaF7d+ChAN2akp7Ns70zZaZwBqQgU0TG27Vo/hxE5b/+N2Dcs +LHFnoLjSwBhr/svtt9Xs+s9Oq3wuc6FY3x/934V19f1PBl7m37zWX3MW5TK3NqYqlQSICVDg +22Bua6p0d1NBkIwX2/0S+9Mk62sqxtHIrsSO3lcB354mX50mGS7hiPUecBm1DwDBahoSWQi4 +FzQUM2DhcDtRvcDevMf2Wi/0MhaL4O09wFRJ7rMNE095r6emexz1R1YroXMjSYEaC9IId0XZ +UvW9RxUtdk6/VxDz+xrPCVs0EHPc7fn3Iwu7rJI9c2iJARwEEwECAAYFAk5w5hUACgkQ+XNO +qY0sPH5gkggAhIV9/88x4Q5HbSV/p/OMqP8vSdnusabE1pR2hde22JcND42HP8+ByDA6Lo9t +dWKB9xiKWAOkX01sc7kLYExVJ1D57KTcl0PRoOk4fQvY2JfzJDjxYuXHRGzd7rDygfMqMOKr +ZKMBooJ/UiPtLhpGooymUqWSABj3pRkeTlcI4o21jgyT2w1VnJAQrWkntTlRQmKjW5QBbg86 +C0OEzVkD3GBnMRIeETSYNfoBz0APlHehuylvcn6wDXFQBTNnz7Vq3xJxwvgJ2M/KU9uniPS6 +/38u3YWfHrdD3RKWRowPV6XSo2cRxa9kULblp2yxndJn3X+TcmsibkP0zVn1YhgvGokBHAQT +AQIABgUCToUxUAAKCRDAlO3IxVtEk2XoB/0XH//Irsx5kCCc4I9dCpRe2QEh9jMqNxxHL6zT +YQBhmp4ESmOBvxGYMFSFLchNmkjwQNV3W/tzLz5gcPJY72DyGdaDV6fTxVw9PiWdwMvjFhTn +AfnGTc581lpqVJ68NI5dDzhKYmKkDNF+4jh/Iclm+9FtsRK+5gpJpqgkA1Ugs5inTcVeZAVZ +D1tprcHKLoUa0g/IDJX4kyamGKqVgIpUSVaxNFQHXEUVGXME848dzfA+7qu9sR8vRd5pOukA +6Z1c59xr3ZpLEjAAVm/mpCyWNycIFENoDdVlPnrGBmyvyW8Jh2BfNAJWHiS8b6cXMqLc+TUK +8dp55rRjhp8zpVeAiQEcBBMBAgAGBQJO9FJUAAoJEOMT7zt8tjHwEaIH/1xYP1skb6XNO3FK +S2LSA+aEe67E7qv3futKmn0KlAGBNXHHKp9PfR3leUsBBtPmWjyxlPC3gQPHzIvY0TBlkHHU +Sks6AucKHQWT5xXMZiswTK9gQizUtBtBpXpl0F7EIw4swZiiTH75pdX9tNldFd2BgrrL77tx +cKKlRP1l2hpcJK3d5lNvQ3lNI4+dr2Q6QHMRQHoDVvt24RlkHet5aRbUyorFN3PuvqNB9y3B +1yOB0oT4CFH/fni9ZdxkYa3oJY7OQQ4lVb5Ef1YSgQIPXdX2w/s7rwsc6DBnqpKkHKgSOs6s +qmODSLqlSPEcs5b/btiucf880ZBKiEnbdJses0aJARwEEwECAAYFAlAwRR0ACgkQ/Jgnq1dl +6elr/Af/VaSKSw9nXYNxyq1uz1fGcYESBaOf++SvuEZxv8OAiPEQtjZP+rGijkEouAECBSiJ +dYAkajQIhxyYpbOfkTKPvNP50IgTE+ep3CE30+8QeR4fml6CaWn6AQMn/uCN812eI50Fgyyx +6pR2w4J+IlJdfKKcshGNTwYD4C59IRufrQFASE1WymkJM0eHaqD07J8xKTyYySqgFSPjNK7j +jGrrqqsE/Msq3h0Dja6CA/Ghl76HIU3uA1Acc7J9HmksoCjcFNCF2guc/6HZJAjUXh6aft+H +yYbmYBlivd4aendkgZ5pI+LRdBd3+AaCNoIRZWhz12ATvjRsDGy5wVPX0jOONIkBHAQTAQIA +BgUCUFEQKgAKCRBzWFws4zUazTmeB/9hHqz0FKIFTVkNlZYjFPU/JvDy+gJRwc461kC3/8jn +EMXTbarJ65a4yij7ovNOF+KVrbx85W2o0H5MNlV6p2XLrFT1abh2W1wCA8ZRylS/ZAgFErnI +U2YJvNspidE8yOLyDmrRCnJ+8CFTmACnHkZSxtoxvssyaDOAZerhl3EWOasKa6+PztV/H+WJ +qRwAebT2kSYuiRor+aCLX4F+hy+iTIWICaRod1aoWJ+hMtfcVt3WdG0tElTapMlE8a2kA2aO +mnjDgQ+XE6j+Kk2GpX1irkeqQRQ/iUjBQ+qw7BnDIiPP/yBg3hBLu5JdFe9G6tGjzHONiwdg +x4PyvUZAw0vhiQEcBBMBAgAGBQJQeA2SAAoJEL/aQBRNYJZzz+IIAKY3gFBy+48PZn0ZoAs7 +xeV9lSYYH/Ax1YMJirh7xwsEjFtTKxschdtjLLPcGIbOrscnU+gfO/H2V+Y4SWERg+fnkD5+ +3WnmZIM4P1AgrfgcG67Mz4/FkIcDpN0EKzg+8QRU5nhRqloUUL9IBpqApq2LxzJAPO1fl/LE +zheDstOriRExiNmL8SXMs7/tkULX/Mrg0jnk6MDQ2li4E5aAunn2ohHOMwuhj6bAeAqLytxy +/bqaoxI23Koasq/LHEy9F+8fPZH//Ka4VIdt3euLOsEKE/cDvChjXo2KKQIhWh86c2CWbuam +vpIDsOcHPV4wugLfs7PRta9HIBAj04t6rSOJARwEEwECAAYFAlDUAU0ACgkQkxbV2mCLKPRK +hQf/Y9fl8j2oenW/1g+HqEK4Ey0iKdqu59xArOhsSsZmuISRgqwI+CHHy6xMJAVFGcHtfQ9O +7XDt/3soO6d29F9hIXtYgvvd5Im9oeIhmfcOgfPxXzNJ0/2rzml2mlwcvh68AjP8hQZPiYw7 +E0DMJAE/OqxPZtf809N5JoUY1Kn3ESDNi5Sq7KvmQvOSpn1UBxcyJwJTtH3B/tUJ+gKkKdMx +9TVUwvAcZ2Wgie9V/0TuWtQ897hJJAl2AjbgN6FbcoHnzI5n5lwG9N3eD/oM+jK3QicKT/XY ++znmeVCjEkd199TIaIVKMxKm6uEoh2rQB0gjO1YJRsRzm6bSmIUeG9cuNIkBHAQTAQIABgUC +UQvQNgAKCRDfADEPZW/LfwKEB/9/QrwEaOXm21LWfG8CjvMf8V7ibfN34DPRGPZm+i496X+q +vQfOvEJHhjElvbDg4VMRqcsOKSkLTPQX6KERsjA4OC3vobNe2Flthd/bbmTj6PCIZmcCezcn +FJhDEahL3PDwNiJiVHyNB70iFCobPlB6Gh0CTmPIh6cERm+Aoo7EZnOoCWV15tnphDJBdfGr +0DKpF9GoOtJX1dnNQXVuKv0TOthiHDggxH/hsl61LtXNb+2LUsMxQ5MEXJ9L1pN3BHDsvETh +C88QNfsoOqmU3f/6BHIHPGK0lmWXZxvxDAdEa/zmC2yAk1MYzKF4kasLmQoVOC8gGC7m0g6K +YHAcnmd2iQEcBBMBAgAGBQJRqu6gAAoJEIm9LHBWG1MM0JwH/1AqSlNoLUrHFxAcxzSRlwBv +9N0wUiaYOE/a6Q6T7KuhpFEMopvEwtEaJAorynEBRoGorEljmLfGdmOTz8mlGl7EOT2aHnmq +jOcMTjA9GwVD81XcOkX5v0EwALsA1Vo5bbO7IXGzTXZ2teV8YZHIxYVxZHEQrvAZyIqHDdA1 +jZ5iJsNMgmWzzT/nsRjw8jP7dWLBW2x1jw82xTgBFy1asRAcuRrEjDKUr0yWSWyso7sFc9LM +8CUaWPQPluaFNQrmEEevnFUMk6N/AUcURSDTehplxD05XGFKvXv21Ts7Y3H5aq/VjP9LoXe8 +AgnaVxjbdJJVbghCFofzI8fwP9yn1uiJARwEEwECAAYFAlGwnGwACgkQA3C2QaxPH3KfqggA +tRF747NG6CRDS9D4oMOVKJ5iD22MjxCR43jYEqcn9kf/nPGLN4O6dB6l8/JLg8u0aowDUEQg +AylyNmI+1vxcxwKZeqY3eUD2OC9lTjd5yjIqos9Q3wvgWU4gVTQXWd7tG/wnr4Q8wIvYG94b +sI9AHUZa2dQn4HRzTkeAi6kAzFtGqqwgwrHWpQ0uVNVj4NkcdER02VTXkJbjbO37DMygS2Ge +QJW5HbO98myJ89gD12Dd89mXSlaF8BRescuTkgdRQ0/z6y0bLtlNCb1+GcYtjoT0zuX7numO +VcQ7gdKnoUxOibQY2opuYujzH7Eo7Sm3tt/8UWnDQYDYzwV+NexMg4kBHAQTAQIABgUCUcOW +1AAKCRCHibGbcr8vSvEiB/0aEDUO9SIp2d/HrTZ20pCIQ5n1UqARQv3yfku7Uc+//V545F8U +TxtzjHMJY0iBNJeahoS11y5LyGkQx2SUC6niHTd/V3xfeAZkRz7NXUpn0+gHSZxgJsXuvAHB +fpcUc3RndRioHLJ73iHpvfqi1jJ4nnho6L/rBv5zKt/B9B6si9fO0OtjCvUoXQU86D9cf8kd +G5i13drWRT8YF5FrCARXZfayHLlGahCj4HKYKFwgR94AEIz1tZZK8kkbcZsZYRxbjDf+utr7 +bvq0JWq3YaWzUI45gRiDcGqe/R4nwAKOS2iJUnTOrwrTGdlSRjYG43inKK4kGaZ5ztyQseQ6 +tNrNiQEcBBMBAgAGBQJRw5buAAoJEObkFOae0NKOmaYH/iFFiU6pQsdCfLNIcHgCTH0V4fd8 +pF5oXRkkkE5PB10i40k78kybSjbmYeNZRYiifMDULwbQEgEoF2qwpJfMcjw15/LxK07Oc4R3 +KYAyrAKCWewDvK3y9Itg57bmDU3QksChGtGl3JA3A6pksJ7P9A2Xhqch+bXsrQ+useE/lrTS +5ZTcox1AcFRNZNsjQg390Bt1vrlWaN5vUpoBw/fd+ixmV4dXHcgzCKNiaBivyw0B+UpxScvv +JamZCS5v4RC/TzCy7GfIoHgGWhNKLfF0DoMbjfZWhf2gQ0JFPetz0nieY3Pq/rWAwpSSDFFt +wx9H8H9VXOhpENyOUcVpD5Fob+GJARwEEwECAAYFAlHDl/8ACgkQiI0Gf6ChEd62VQf/Tt// +CgVYXtuP2ptnY9gIZwraaPvrr5u+au5y4ymuxEm3XGQXl8EjhU+DD5WnIh75tbSQptKUIIE4 +fS994pYCNmCaBmADgmDUs/4TyA1a/IpNsU6tRoPVPrfa0QBqC2jQp6dNAoMP6HdFdVtN9i50 +UAv2jSRu6WclnYdttimR2xCOeyfu27wvrcO/aDJzsD4UJGv8QGZnnr1XvxYnE4NzVltQIIfP +u8IvxLe0BgPYKKdH8apSyrv5XtN2Dy8T8AviXYiq61IkfUwDkHbJo2vHdJixOeDl7kt1Jca0 +9R6sdbm5IJkShZKIfWWGKSvOY6YKEs89/4S9AB4ycYp19Ff+7IkBHAQTAQIABgUCUcOZ5AAK +CRCIjQZ/oKER3iFKB/93To7P0seqKFZWFVaNncGufSZxnD1fwAvHatMD/0AHy2icB1TaYBzX +cD33xvE51PGNupMKqefglk4e/KfjYssCDfvXZ4Q3TjNUy2nigAe4j6G2K5W7YBCp0S4G5QqH +NR711+5ee8sBoEO/x5rBG2d8JuxSmBTYQGhu+eM6A3mbJojt2+Yu1c8uuihWprgafNCIKCKq +aBTpsn89qy1POTNvMiJmJlU0slWyvvDe9HQTP1r2Dw5B5c+kTPnDvUtYnFtorm+OMffTVHn1 +43hGRcuS1h+t2pY24+s5drHUTUuLlEQ0rZtl572GTrbBUCKBgX4ZUqkM9iyw06wKfxwCsZ1r +iQEcBBMBAgAGBQJR6gacAAoJENh2Ls63kR5/a54H/jCeaEbQYIWMgUF1DBu6E4UL74m8ni40 +KHcWUaNeYFMzPpzWHHI9+LX1HYeCXSysp5Dbcp8y0Ioabd0aLvnPO/kpNobDA0C/DFM/JBO+ +KXjrKcMDuKPr9d8B+iKUWxjpF8aEhJRJvCbp59+WEsbkH4+oAJQkStsOTaIJenWIKcQWooRs +YtwGmsU95GtG26yi7UaaVFTboCbMew93o398FZWDSKGhjxV3tIDkHVp31jCorZYHtuHurHuZ +uR93yZwKebnufkPNEHWPSD4ySXYb/qdkQxEazc/dzeDgQmC2RhgqoryhxE+txfRTOFxHG266 +lH2URFTaTm4bX8A7izjdU2SJARwEEwECAAYFAlHqCX0ACgkQBKEjhz5WnZ5PwwgAnemSPoy9 +AfI31PBHlXPBZSQ2XpDMGziA4XJKsx+nID5B1/QrO5+us3hse57/SAM+0J4ASzsWcLQuJWCg ++NOdnw6Ajb6DLGhH4Fk386hUET+JTOvN6fbQDVLP9nv5FglpypZXvJSoE8jdUf3hM335oaoV +aE+JDgRy+U8ZVvFnzoZa+OSfQP6ICLCaFOdNXxM8yxMls+8YwyZBmebqDk+l2ff7eI9Uthdt +zjdDthrx0f5qnkbx5Dgf0MaFz/YlKaiij9cPWYr9ME04JWbxABP/2VxdYXj1fq8rgHpgNjN3 +DwnC7lwynSSPnA4CVlLwagdYDk4KX//iVM4XtqF1fBZpAYkBHAQTAQIABgUCUe6IwgAKCRAc +Q39iymXemQwJCADD1X1ENTjDLh8U56XQ9khZ4WGwOnvSN/Lg7YOhWIA63g8FvHv6Eni3bmAG +Orx/aq4ZT+Gl1l5DKAQzvNDb5mx03qpFBHWcwKu+odFoA1PzoZBVUOHIJjbyDhYY2zpCGRnc +efLTZqBhMw5iZ88xQ3Z7b8T5OYmoqOWQIJHrG8MtVCCItOX81nIcDAO4yPLHwD5MdeXjEJNX +/S5uQjefTCVO2nIiJ0iMTWN4d8Gr9gLJUepYIL8IHHZVeVGF4shJCuXm79aTuP+W2Gwk/oAk +Htq5uD/nzrCNwwdjpec5oEwmpsjjFOHL+BcXizhM1zP6zJ9XaIccdSNCQOKsccljwv4WiQEc +BBMBAgAGBQJSFpSvAAoJEPHhszlts1X6nn0IAIm24dpyTb2ZRPrmDWMBvIKPlx8D+XPV9bJ6 +XL60W71xluNsH7yGGYsRTEhy4Zhb1BRjPIsI8DvHefX+FcL2CN2VmcqbnrliypDAzrDKgZiN ++aXdDef9/AX1O+gjMFOg/bl65+sXPvVqY3RnmWCnEKh3kYdVfqIyv0DWO7vkEYkMzR77sxz7 +UMPlGL5oIR+sjDcYgltPoqWtRjv58SNSvCxLQthebYD8l9JQhQbnFve3ZIJqIfVAGDfLzKyC +YUQq35of69eihpn1Sj8A9sNZrg0NeX5+mRh4B8+K/ti3VDtad8UI4I5XzJFI2l4pdHnCX/ob +/Mt1IOOJl+cGzBkLOyyJARwEEwEKAAYFAlH6ToYACgkQiqkES366osvhVQgAkVlMsUatpC5y +AKFx48VB3//P6LFxu+F/zDUQ5EmtUK8R0Btd6+nx1skjUaz43kKHStNtMj3MdGap4WpvJ37A +mUGyBwPWrcjf2tz7WuhpHmUPUsqCxPm7dQeSj8FE+yjNa3ms1RGc3YAWFwjUIuBonRm1EKCN +wzT0/n9ZQYxPw18qYs8bFGKqrmisfoAuAMrrdTdQWfZpiocBadWv8wv5HFCoXpfaeXUpQAle +/gonMWQsTrv+p94O0vo+7/BBMpHpa3gj4NgeutBpi6XotPip3ywmaNa7DVbOmpUhA/2Gwro7 +i+uG3brVFhiXkY6vpq+PzbpY2bgS7Crz695GxGedn4kBIAQQAQIACgUCSbmpIAMFAXgACgkQ +9oeK7Kuu7mbh/gf/WqO+YzAdQblMzHOCLSn6WDgKvOr0CmihA/SltPCedVDFJ2WWLLG2s9fP +jdyM2OEB60o2jJGTizShNtMPe+Ttvp21iMjDV5ttTA1G3uF4JFEVyIMy+S6kN8hjkLv3N0Hj +OtwWsqRq699Yss+O9EXHTmgDUbEVc9/32Hl/t5marTOcBtIsDU6HCY2DQniOc96sQtA9HnMb +OcOhQjdm/K3m+2plMvtKI90C59jqT2sHaKAp8WpSov1w7tNVJtSvPQTvFu0wQJz/+XRnCbQU +5UrqJwm6TKzrUgkU/eDKYgJjok7ttQGuUZwdHoZ3JXG/EepeAdCL2Qozi2IGhd2s088QRokB +IAQQAQIACgUCS7OdnwMFAngACgkQU/WJBKvOZeS1jQf/RXFbompMphVaPAPVyE7AabPBBAl8 +ph6emr2UnbgGBuXgNquoCiPVo0mxRqe7zy7Cuev+HDgXXntkbRD9d0hNfTLF7JcW1DUeCHt0 +oVJdcUi75aROhHipLDpqQOvlmSvZm4+n6pJMbvy8JnGUI9F0T54qQ18RfWosf1+CQwc99jQj +mgZqoRcsin9oJ8g03BXYYFMTdJRuoYCSAjWVwGr48sRgV2gaZyhzyaN1PnrsEnpOPI1wA2qF +vyZCZ3eWzjsWFrcflZl5wJZPWRfACGs/Z0gxVFSo9+ExX4loZ3d0gPniPrEZ/vDo86xdtpkL +bdhsV5eaiyBLRHU1Q7XtN2wu94kBIAQQAQIACgUCULdf1gMFATwACgkQXsHs+lKunO5YfQf9 +EOormDHEdtrCVxDuGWz893lHLfKBFBG/YEx7loNGTmZwd2g2QmaPY4lntdAEo18HueqCpBtS +fNlDnVp/0md3J7VMJ7byqidHMNobEAOQt+QxnUZ4tX8ML+T5IfKeSLH+/skYbYFvwuIgRb9C +CpXueHeCsQYUsHuS0kkZtp0pOLAV9D1e05NVAXISo6oe+My1BYPElH1Vo+Ddox/HzArp3HvC +BmT+LwKtWkvuinhxkVZyEdo8+FgyS0R36KRwm/EJ27JK+qfFEgHYV//V1oAJyDB8HScC6Bf2 +DFaNIYrv7IcoK8kK3IJIhR/S0KYoVQOSNiLiRPnXx2SiNcqVAanX54kBIgQQAQIADAUCT/rL +YAWDB4YfgAAKCRB5KFBSI2sAL6e5B/952dmbysZJBlEhOnLiarMJEWiNP+eTI1XFmhndrBgs +wvkyvv9++w3AdkKoWW62Sjhp7uimLGafHFXrfKuiAywmRVm/7OHUbolJgPQB0SttggHGswwi +It1+LpISnf2Ji++qmTwio2pDBHPJ7HOBh27AsBkhC9UDyHzGjX2lxUdRhrxu0Vk7p463UPEa +ghS61Em3FuZxZfj1GBKC07IaBXh0Eyzl2gXkwWMQVdKqKo82Zjt2mv4QZCS1VzTNfvIgZQLf +oRFzPR3yP04ZXRbFMYwLk/j/laiDP2isdEx6enneaSru40bl1wOP6ePp5hdyfM7zwHtJsqmO +KBb69b3ubvPciQEiBBABAgAMBQJQYDBSBYMHhh+AAAoJEBiCIPCT1I+jfxwH/2kdQT6nxrGc +jl/ozXU/Nns2yWR6jgc0JeKXCtFkLHRzoa9RI2BvyGx9RfDw5QuOq2v8vMMOzskMNtLwd0JO +ZsSjZNqMKzVti+4uGbwHacfZQVNEbSnJtQarLUQfIKpagDhlIPe0lJJKQEm9BGEPgw6HqEJV +Mlqn3ciABmhavFJiefQiG9c2EsFqHOW/z9PtBcvcm6CYNDNueFaTLxJ481QJD1EhsFrFnOpd +kCZYuvzdbGYYSY+7ps21tGBZt1pb+4CrKErZIPmJuVwra+32fA3DYijY4HYuFlcsmbzpWLwD +ah0PwqW8F82I6Oda7/joRtUEpQHpmncj49i2qGHqAwGJASIEEAECAAwFAlC7wV0FgweGH4AA +CgkQ99/lXCMMKpXyywgAjsrw7cj7iYoIdiyLWj3SwdJs2pu2kf/cv2pHYYYeJNTjrsn12EVV +0UveDrmXnykaxYHm5rE9FqQvhVVvTFhU1fnicTTkUjhNU58ud8UOKgETc55Q7kNDx18izSZV +4pgDT7ykJCC0lSbvjSDHZFOXMpi9AjWGbYWuf9UBs7exOMIsSOI5STT80r2NySCeiWaPzge2 +FHvF4E9GV37kZZNioxQ6qlbIaCsfw4VU02YJOF1UL8Ych5atnazlASqq4UxX0WlTE3vaAdBm +2SUrhG0QfmA/RPAqS2eed4lVpYdRxSFsm83Epw+oV1wsXy5pnIGtDD8r/2RMHuItYhLAmNrL +FokBIgQQAQIADAUCURDUnwWDB4YfgAAKCRDfADEPZW/Lf0f1B/9id+PNTsmUlsW87I+iaqOH +PtQrtZsshsr9b+oyprKYylr9hBXoZAbNDWQyHGeamH+9R1OcC32W049E3g6JnSeBfYzsyJuH +6zE6KCQPcqNoZQBi8VxKQ6bhub3U4y6H5xDJtDXuJaWwnugOVs9epKhVUq6gsZJwf6YMzLKn +raXBU+36UsMm+abC0kwPD4dXCPMgpJN6xrU9ikeL3J33KTZRG8yfz4mEdRkCWj+gBojlOApM +DZOBDDcgrQmEyjm65gN1gHQfr1JTSRKIHWRPCbSRoxa/yiOLl3x02M0YIr3qOaWJV+QNjPMM +bpT+m2tXq5at2V+WYrsBOeyZB9snJcZRiQEiBBABAgAMBQJRLezsBYMAn4WAAAoJEKsKJ+5J +e3NNBNYH/iCOzMpuPDwnjE8Yf7mgoJPA7LfsaFX9DEQIE2VhAS0O0wAV4MBxonKffXyYsbY9 +jaSvt7tf4+evQCoUg7u/ys0cBIl1DEWYDoSBldVzO24nFyNu3DqgF0zY3HOhCOKIMLoO+dze +pjyq03eO4VSxxkqwo2KeDbRw7chzewqeQpdow4iVMbzJv1XovGH62BPG6pXHG3gL1+dYcrR4 +VcdE9HjoKMYINNbp8nJsAjbTSn8RfMY0eoy0UE8lo925SUfpwbGGQa0pIgIjkVzxw0yEv0iy +hvlpC1zsZVbIx1ZycjL+MquFbVV8QZn3OaT3X8j8tfI4yG4kT/PpW2mWZHbNbemJASIEEAEK +AAwFAlIAwFYFgweGH4AACgkQudcvajze1z2Pewf+I9+NrC4FrLEZKRSTE5IKvrG81qDSohw+ +ll3NxXosWoAei1wXOzaEqaahGZ8HloLhJ0V5SOoiqUAT46gCjDmtrsrYHZZdmUju6S1hIYYE +kSkoUAouct39LdO45bcSEsvTM4UGbxgV61U5dCOqDUyJaeI1fripk4UNcbnwHn0OhruBp4GV +NFdecZm3p4u6MntvCdz2jjr/PGVeLKUo26EJOQD396SGnLdnVkDwFLdXvOKxlTxsTiQ8Rmkg +rwQq01TaSn/4x57A8LgSEsimd7TO/HBQKbMnxZK8op2Kev6nQoI0v3SlwFVyb35EhzT9s1NQ +hUtw1rVxiwRh4/7TMy1AKYkBIgQQAQoADAUCUh1HSwWDB4YfgAAKCRDAKLqR2sIYjoxhB/9T +tvR4hSbHk0mW6hUyBNbAxaDMkUnTPpz5HcEhEkRqiFOyw071JK1/lqKswe9rDABE4jlVA/D5 +r6GeqQNNtSRQBmo1yc+0HHfqlFmbgBFjZYdc0Ls7BS3cKprfiD5WUoIqLbBF3fj3aQSiJTg8 +6sTbTnPF8jfmm3O5tClXBJIBPC2KRUkk2FWxV2gAc0drZfGuY75+9gIn+l4BKSKOmdTSbmUe +ZGwOshvNajK1SC956ItoxUEEMV1sAJZAaMsvSfKuJeLtcKDDJCHAB7WTKRPWoVQwoX/a1LM3 +fG5THCGqzJeONJdxf+DDOpr84T0EiiNvfbKmKoQZjbevJ3pKcHAsiQEiBBEBAgAMBQJQV+qm +BYMHhh+AAAoJEBEE37A8kN+HiaUH/2Xuqni6tjacB1C2QGe/cNl8NvqusXKf5+0/sShgX/gT +zvGy2AGDr6p99D412/Rrv+tT96+cBH5Gv9xxJvNT5oOk/8KtBEdniU6K0r4rCWEcH5gw8D44 +6Xii2IDMyZGvkIvEtcVzWvcI1dXdUdHFDXRNySwn5qnVorKLBWbgO5l3RHvvB1D8/ksn9+ZW +NYdKER5y7jyrHp6flVu9vOkqo/OojM/QVzRe+cmXUOgroEiRj9iQ5jkeZcafa2K2X7PvE3MI +IEm8I01hG99id299Mk4EZaLLQSRhea9lVpIiJz2sGJ2CbeCbdz9xvAvzXp8MMnlT/iXb2k/6 +O9NRfWytX5mJASIEEgECAAwFAk8Zxt8FgweGH4AACgkQFl6M+YakCBemOwf+N0ySQa2qUtOy +zyFIib9lgCu+co20RbsjXSKtjHBs4WwkxPBi5LBpdMPTMHjDeVcZL0l5ocCSDgOS4jWI2nN5 +9vWOVj1uvlBFNfClWDrlsdWGIJB/GBaK6N1o28G2OzmW6j8EtOYtukgc5Op+kSIaf7jupxc+ +AA6wff3LS6tPvkQNoXM9kISFP0XON8ZLDiazJz74miDJFdY3sSmAkKYV1NVGcqBoO/5Asm39 +OQ3rL80DLcqbTjpeD4X5B0jSijJvQB85L1ExAczKeL1gQOztLNFw4syA5muqLZQhxXJHeyMq +H7MbynQqs+NKOoqFIlLA0YuKgQ8Wze3/CU5wJX7d4IkBIgQSAQIADAUCUCXEWwWDB4YfgAAK +CRAjk5T+f2pwQVKWCADDanOWaXIR7CEmeKJhVFqoJ/ciL1gB2eXuYpTGtCwdFvnZ/U8bkOf5 +XbgFYVjM+rJJhHHn+oVjFZAncWKQtAGI2cy/HIhiJtxX7LTJ5D7bl1oGsm622y32UuDjNDoy +WvPIKJta1PVrvn5Q7Qx0O+2BUFkxZ2MxR1/1tpeM8DmK8UzkU91gwVPVorPUlMgDo7vaWbVa +pFUljRZ8LG9n6C/J6SVdCwcx0TtUs0jL3AQUETGp49BBu1fFpQyLW9N7zvw4utoFdIGzrux7 +fG5ZX0dfQONF8BOvL2UDusTMBOIRC7YX0QS8HZ3KmLR/Z59d+pP7OnqEpHIn86GQRsItJ/zI +iQEiBBIBAgAMBQJSBUGdBYMB4TOAAAoJEE8wqSYxzf9vd7MH/0CXfzRZcEuCu03pG3ob0M/h +EK70anK6MM/08CInMxQF89KF2JbObtbGEIrfVcZuGjpOT2bXYs57awmNdPna48a2zDY/oI2H +wVhtzdx3ITqOEODaeFh9qJqNIGuQVWlnWpEcQF4jsVFA1NN301kwDETCimrqocBfJNLseTUc +ADhhcDDV3Kw0iXAyCLx9Ujnh0V453pyaQHZlMCqrAEZbfEGyCO8/Gti5+3Vxg//PFmhSV0QP +JL3/XKOQYQh+RPPyHO58W6G2q8nHANs4zeWRLGQX127Qpv1hYaeIfRFr67VyI70zKt9NEHNA +wi16I2A2SNPwbH9T0ClIB4kNCnDU2iaJASIEEwECAAwFAk7np8oFgweGH4AACgkQCk0btjR8 +pxW7FwgAilfQERHhqpyKmtizXBbWwTuSOH2Y68Df1P1Bm4QxPfskpR3FWy2BP/k849zT5JNa +EtazGO8ZM8IedjTSL+Ou8OB0x6HYzpiegfKzbRC5JF6fR8CzjKQtEchXNnB9xMYTGC9UfMmE +3R/pLzipCi4Y4QbCBE5rVoW4nU4L7CqRZEx4ihBy45B3l7k8qThXakWvsTxPmtFxq1oibIAe +dCb+9bS/NMaQGKWyqwbh9HA+FXLLPBp30x90nMWkyd57gP9SXcG1T2aysZjPqj0jGz0d4MVI +P0ruodKcrBArPceWQEFkE//jxDQ0WRTH7NXFiKrg9zvgFNsawBJLsBDyr6WAvYkBIgQTAQIA +DAUCTxDzeQWDDvsbgAAKCRDTdP1/ziXyd7WfB/wL1Gyi1KxC46AAIt1XoHl393fU1d5lnJmY +dB35+F7Ksy2ruXbNj6XAibCMfSno4KbhyTtTI2OA9Wd2Paplh1mPFmr/05NkpsYFWdM9MQiG +DLSyZ3lcxy1yWj75WkyGr6MKkQ++KsQPlk51/RiS9/7sD9ITKI4z2korKfgGoB42SWD9wpUF +sz+72xrSkr02L1iY7xOlpfysoKy2Y2dTdFgEjjdhSi4f7pY/oDctP9Ck6vxp1QF4HxhczK0y +w2WHMF8PzSq0SpA2dVuVj9dKI2uKKunt6bf2AJI0NRvhI3UQArw9sbqyFQFx1JK8LZeV65yr +YAsDzfwqtUxcfMBIXjoriQEiBBMBAgAMBQJP4i6fBYMHhh+AAAoJEGM8WVFkHEUOz5IH/3aM +Ef/AfpQuPVWkcLYyyzHqUpcKQzxsZveKbicupAerFqT2G/b4bhYVLyE1CysKkaMwHSoFhmzR +9Tj4F4DkmB8dzJ9CjmHzuCCvYiobwgSGUicijPutLy2v9fBaU21wqfhHNlx+lD11CyYFQes9 +c1FAW/acg7cI1WwkgxxiovPXzTFZZQ1vkQVcNbMg+eJTD6tRNNYwSbP1L0nPeBTdqv1WS2mX +uUGYeGD+z1MJkLbm0Xn7euG4WArmFVOQs0KvB0gIxCZOdMIxPaNRHp46mZkdbFjGNxBaMfWS ++WmAH9cQqfRsH896LjcIQAs86MujsFUEiCxcNoMkE6O52WAOzvWJASIEEwECAAwFAlEt6p8F +gwCfhYAACgkQ+tt2nMRpeF1L6wgApJujxj2l0ZYMF2+WrJrH89X/S5gAYKvxiTxwjjcm3HWK +XBpMM8sbKgQxtR4Ej6ubhwvzLjeyT6QLJPXgYgagQxve5xB2F/oPoTqrBh3moUkGgV57gSto +QxZiC4SNcTpyExySzails1bmUDv/j1hAO5vuyILWSav2UZJJtdUc0PDoFQTVqC8TG3zuLl3d +OTe3KmrYjC15QKfNH6JZ3Z02BqOLyzoRWXkFvTaq0gZF3GjYuXntZDzredVeGZ0rUhBFpZl0 +ns6PF12Oh5dzAgraOg9jB+z101XcSMvSXU0FVHWMVGV53R8eRRXIk1Wbv5i5VHyB/X1DT9kO +VShsfuWaaokBIgQTAQIADAUCUhxengWDC/FGgAAKCRBfroP/tdjwjAD/CACG9Fq857a64mzj +Gy0+MlWuq5zI1a4+mcY/9b5qVE2stnuD+/ako1cCQuKGrzww2tm3CsU9BrEUe9zLnEMyqzYv +cHgxP3UVrQMobuAfv+tm8vTX61SXkCkPo4cUmTS5x/+GQiRwYlA+JCSSONDLPCKuC1QvRIfR +o4odp4d8FucM+XotknkcdrEbkPZKoHceN7uTi6GAN34xK4iPmuVNV1oEogvxGszS8p21AG/h +y3WfjiuUydhQhirRVxjDP0znL/iwmUQQbtU/sGHm7rHOHapPqf0BnJJoNid1pAxN4dtjZOH1 +BiQYlEeUuNCBQV6I20QdCDNBATc787pRg5gLumK/iQEiBBMBCgAMBQJRwRP8BYMHhh+AAAoJ +EB+5sS3+29fTkuwH/jBVm/7CXXQLQiYZphNuvvUlo94rqruLvR0nsN0KnA0tyeRKAs3BdIw4 +XcTvRCFBJwLB948JLjIE+8Oi48gKGSqSXCijsNFpqT7t/EHqWBTsyL2HHGH4chr3Ezn3qhqX +UotxCyC5CCfZJV9k6rkDltCm1zyJ2WHP2ZxVvd3OjPHqMzFxNWdsipSWWy+Cz+aFPFquTh3H +t/W/oz0uCw1qgy7hbK4ttcCpgWTvAt12nlPIV9w7qGKNcxxicyfR6U3DbK3OL1Xf1lfPsCJQ +GqlyofgsVcxrehnhHlT5K7PFxuuxc9xpffgG63qlUp40I577Y4w3tB2i3BO6tk+kvuDF1HKJ +ASIEEwEKAAwFAlHbzhcFgweGH4AACgkQDIXPyQKTJ9KtwQf8DoMlzFvHpTGeV1eeuN4o3qbT +B/OndQPS7OFuq+C7Rxie5gM/WJVHDsZQ1IeBpBcJvGhImUgQZUsiFf1raqOtfXmdUjENA22w +9atkecg1YKeY7GPFRCO31mJTISsyxYwu022UNomk2OGsl45hQTIvJbjjqHDYoSVeJMh58y7B +6aB/4/sl8WIkhi1lNaCnkwtQNEnqxzeGB2lXAxGJU6ab1xXJxi5Yq3KK6ZQKJE/wrkTgGe7Q +/SzORtIhPtH6TOK/ZyHCjmbHAgAW0IUh1VnJgqlog0sxnDnX+0MyAyNcRpRP0HVmbtnCUCmJ +fU24ROwGPNtxATOsWwsgWcqHZBwirIkBTgQQAQIAOAUCQlG0cAcLCQgHAwIKGRhsZGFwOi8v +a2V5c2VydmVyLnBncC5jb20FGwMAAAADFgIBBR4BAAAAAAoJEJcQuJvKV618SBIH/j+RGcMu +HmVoZq4+XbmCunnbft4T0Ta4o6mxNkc6wk5P9PpcE9ixztjVysMmv2i4Y746dCY9B1tfhQW1 +0S39HzrYHh3I4a2wb9zQniZCf1XnbCe1eRssNhTpLVXXnXKEsc9EwD5MtiPICluZIXB08Zx2 +uJSZ+/i9TqSM5EUuJk+lXqgXGUiTaSXN63I/4BnbFzCw8SaST7d7nok45UC9I/+gcKVO+oYE +TgrsU7AL6uk16YD9JpfYZHEFmpYoS+qQ3tLfPCG3gaS/djBZWWkNt5z7e6sbRko49XEj3EUh +33HgjrOlL8uJNbhlZ5NeILcxHqGTHji+5wMEDBjfNT/C6m2JAVMEEAECAD0FAkGz06wHCwkI +BwMCCh4YbGRhcDovL2tleXNlcnZlci1iZXRhLnBncC5jb20FGwMAAAADFgIBBR4BAAAAAAoJ +EJcQuJvKV618ERsH/020sz1xtDSLdUBRN8/eZN92BXMdUf38TOSb96cHVY1XU2X1dDU/BzdR +ZQp9AZkP9YgUtg2CMgyqeksaNsvSmB1C92dJD5VRzrX2Xy7ugeqkDnzInmMbULl6jDDXmO4U +ZDzEivhwM20ocwx8BF69W6Eav7LRoEN2rVAW8QqVHPoeDb8hWnwhSJo1FyY7mjm+c4aZbGB6 +sEqZH0pew45JTlecKv1lo9uyN/CAREBkE9LVDsudWxLX8u12HTDPvlE5qMXq/zNUFksz89Z2 +5af3zzWA+AE+EJHKSic7oSprjiSx0txKNkWnRRRFZce2DmVZSI8S+Oy3Qdc3SdbYIDVAD7qJ +AVYEEAECADgFAkJRtHAHCwkIBwMCChkYbGRhcDovL2tleXNlcnZlci5wZ3AuY29tBRsDAAAA +AxYCAQUeAQAAAAASCRCXELibyletfAdlR1BHAAEBSBIH/j+RGcMuHmVoZq4+XbmCunnbft4T +0Ta4o6mxNkc6wk5P9PpcE9ixztjVysMmv2i4Y746dCY9B1tfhQW10S39HzrYHh3I4a2wb9zQ +niZCf1XnbCe1eRssNhTpLVXXnXKEsc9EwD5MtiPICluZIXB08Zx2uJSZ+/i9TqSM5EUuJk+l +XqgXGUiTaSXN63I/4BnbFzCw8SaST7d7nok45UC9I/+gcKVO+oYETgrsU7AL6uk16YD9JpfY +ZHEFmpYoS+qQ3tLfPCG3gaS/djBZWWkNt5z7e6sbRko49XEj3EUh33HgjrOlL8uJNbhlZ5Ne +ILcxHqGTHji+5wMEDBjfNT/C6m2JAZwEEAECAAYFAkPL3o8ACgkQL/HwBAJGLuKImQv9Gg5z +/CC6iYKA+JkFEtaO3zl6z/VxROexgJshw0J31qPEZi1DHjgdqCxGQUVgeU3DwaJ2YNlz76Yp +cbuVhGmmWORy36U4DPTJhC0BhIxHk421HpeDO5v2O/W5zopVypYShqHOUqZ2du1h/zrjhV2k +luPUk2HO1HNkDqVkKsgr+oUnIINLH99abFqUpMo1OOWZZO0vJbX/y1hEN2f9TGA2FXjRnEeJ +vdjQp3ofvlmQmynwci/Er+QuxeZWLP1OMk/jTq/9jrcom1JiOIOPGR7aO3Z4IF/VMPk/7MrN +ke1lAZFOaa506MNIq/QqZSmMtmNf1XBQcfWO3gEgVFYxHWxAOnNFqzq2UE3Cu6Ac9B5TAfiL +Fh3hVcHUU0h1MbJGLmcmV7XLqa9xlKWZuUfsWn2gUZgwwvFhzrjI9jY1ygw6I/KwQ3miyKNK +h5qZh3w0HRlL+HSy6tmpyMpuu2KqdvSBi5tqvWqgORqXYxcS/9zG/JIp4Ee1FcJCzhYnyOiw +5HoHiQGcBBABAgAGBQJNxrh1AAoJEA1BNKKs35HmPvIMAIDGB4xKWiJpUYUL8ga3ZVmLz+pU +wJN6POd/njlgCB05RSqz47G33E40X8+SXNsXqkSKbcUnRguAaW1feLlwCxdDTXIcKywANb7z +s/kKf0/7fj1Eq7G15Pvni/kND7APrGZCTLwoja6i9LKQkbi24ugWBDjZgU9Flhhu5EQZsC1W +LsH+fwt/XdT/B9wyTzRPHQt4sl7fF5gO8o0JbAv77k3z2IELNh4DeNUYfje1LXPIvBiIAPOL +AT9P9o7xEWWV7hPd+0Su1bxP7U6IOzxVcX75YxeGVzVJJUKq6LEa68xN0gE8Om88ML6aKf0N +y8jtUS/cwktjT3KQurt01RTqiNWsizCkvcpUstgws9OfLMVZfr3NEWYxyEj/rFUq++EhgQEY +EBo/SNWKyoYm7wCUe+mYGnRzLs1e+n9FCQeJ3W/UkavpI37zMGVzHOcPBcYT3ot1IDVfCQEN +WZNuqU/z7uS37bfgmRruHnh91Y6Qp6CkXhBUnvBaAnga08nhWSZ5MYkBnAQQAQIABgUCTin2 +sAAKCRCu7s6/+NjxKF4gDACXQuyn/9VOpt/r0KAFD9xWgavO5yfUe/gS1StNKFmFVDdVUMfT +2F1QCrn4YsbTMiopStmU+IStXQO9junnkcbEKF7TR0F2/OtKvpC8JJN9+JP+e5h395fg8gJP +ZBcDdS9l7Fd1N8+G7d+z799fUxNXhr4UVhFb/eUf+nM1h6wi0xCkuAvTsUOu16Ue7zTHFf6s +k2uY52EUlSj2hoglXYAwCygiKhwBaExLwIU/fWrkEvgqnq08tUHN73I6JmqVKcc2zGKboK9V +vYj2s/Hz80Qvyf6NbOl0pHU+l+kE/A2INA8b+0TB9idyyNACHkXB1z7ryGQ9NvbD12NRgE8f +jqUWi8ZoF5wgU5sOWcMTw+ZNulEBS0gnZJ8mSshK05NRJxfEKvIYbL6g3LZw9WNKpRCfvqRX +DXGi4EBVPoPs2nkMBDFgqxuGGUPsE8Jp1IQy5h89iN4rWxj2UfJJ5aDeBkB2kmitfm53yFav +LU0S8fT0ICWBQhjHPmeF9PFS+aIyduWJAZwEEAECAAYFAk54DA4ACgkQH2ytYtIuJERw6QwA +pgpzc48wDaSh+xKoLjaNKOjydKLSKZ1xcemCkLj6B6ne0aXhdQpp6F1AlvVCix7A8x8pruzl +X5sUYxxRNt38oaLyHwMjWyNJoORKw6GUjv0KCqOCoOeBDKGN4jdtqbyj3TCGJ01Bu+oWLWQ7 +Rgcoh87j7pv/u5AfLXoUYHcDQ9z4ZyyLEwLoLHElQtEUeiuuVRo9Ve/dhwo6lytqom87COz4 +JzgX+jBVlQl5ULD+2b5gzkALi6m54VVwJoBJTFZXe/GVZOkwqchrC3eEp63p9x2YA6OkJC/H +3tID1XeQKc7qMmEbehVSzHmRQRRbYU2MKiEl13LLaUs4m/+yluCZ91aodr/eqGQ/Al+/FCuI +7ljy9kYmplz27byGuezugdawww7OVw3grGt5iha9vH/UkS5e9KSou6l/ZjYPdxnA65DnSyd9 +9B3Z3TakVEUkNz1fsDnVeW0p2k3OzyDRbCa9h71fPdzY590qRBy6XJBgCvHj6x/6h/3bpRZJ +Wy6ravxOiQGcBBABAgAGBQJOgLA5AAoJELoWe8g0SGOjrRUL/11YcR2xDycQYathkkxVqTLp +CvDaRFdF4aEzieR7zSYE2i0hzyi1QfhuOHjI5pqr9gu9IgTYl/9HdgrsIDT8hVt5XsL3VdcU +/CORTOYiA23y428242EaEZPxPSNAFj2vu/8qaf4SyyFU7+GzhBC0M5OOgv22me1D+3pWz2RI +LHyT6VcOUxRLYhew+rO8h+8DDnG+gCDIvSYoqfCdyu1/v+1wUjGOZljo3C+q1t889DnLvCQV +2WDKY+QfPgZK+bRFfywEYrtsPkvFn7RV/F4c92oq1BUs7mm4Bp0o1vFD220pualbeT7MhmQR +rMQXigeJnuejVnEy/+p7cZrBRHAAfnPnyCFOQvevP7zD5BeIt4tHbuZpJBVBCk+5HbvPdn+6 +JRn83YqrTO4OFpa/CCc8EF+vpvVCpcSI6AcP4GE3ZlJOjzZviCb5vNPdxBYMrth5e6n8UG6v +V64xojLpdMeNbL1pD1dw02Hm9qRo+CL3acMR32gNi14Zdjr97DiDmQ4egYkBnAQQAQIABgUC +T5qzfQAKCRBXRYXjSTKuAVHbDACdgd2Z04beMY+wYvFi2z7jm/vp86Tdxt8ljo/kspGxZN+s +0//SMHcNvLzAvzGfz8e4qsPvIxKXsGDwarlOq55AHeoC1t1WKglp5Au7AOtrmsSqyIRQGPua +p79VcjgRyW0+siJ5RPswjYAssGo4xvmQMAcDfN7uzNp05Gn8cMIfOzrlY9tuGJ6L6iqqVKM7 +F8SoHr82mYPzqd6nFG2zqZ7DSAoPFZjTtfC1MP/Qn3+j1L+pkfMKXIBdbMC+piHxfZbGV8rL +HPPxhteE0fWv9vEFys+KTAOC51yQDCY18znhmxJ44RP5BlnE+DXIhRNL0hRGh2vvoFvxuAuf +agJ6KwevqADPxjwsg1YyN2/g5EPToS9oZoMeuuAV6Ik29w2oBhngELhEsQ18oZHtVXGo8RUl +sBAn1pLYOoLdeh9oBaQuqwGYw/IDtLtM2uyR/jUssk0bkCsDZHFySkm8q/kMKOgGD2o0L1Yn +dO06XYWQt2jKMaxCZNCJ63OQGN4weNgeZl2JAZwEEAECAAYFAlBVLT0ACgkQ54NyjqP4xZiN +Dwv/TIeTScQEapzmQhLytX/moRpd0BeapXoCg3GWMj9Svw/Lz/wPuMygG7PVlAdkxU762DaP +wEnqbbrDj58cVqrLupfZUOWJwEEafGg6zXYIlf3VkUzT+sm02+5/aY4Wplcdrsp7pnS1iexP +qWhdV+VoKixQ97efSFAkNdVZlD0UDIG/fUDPyEIPC9+4gck7fy57b2IsCiFtmhKYp2GYkan+ +UkYsWxI+ToRgFwRPisXYUNh/9l+t+bNiP5Bs6GtEY+r2ZAQo7VhFsHXEI0+SN4qz3WFGeVSc +HJbwZcsKkKJqHw/mccaROOqKsf0pQZc8d/ZGGVrwWXVtUF4M5OiOU+vZGOGO9cr19oXwZ97T +vNDF7/oITZ3fxGJmADAE8BJN+auNPEwLPpQZiSGbf6B9UdJn2J85UXo73eEs0av8O+of68OB +nTah2s9i7Tey2310+MPJpchIOfrFQUCjnE66BxLZ9NxwDr/0zpj9sM5h/eKsNiq2/9FmAXpi +JeESLGof3PNiiQGcBBABAgAGBQJQZpF5AAoJEPCQYB2qrYpy1LwMAIHMDP4HcGQHlN7PQnpY +2vlJ7kbW1otkLrYcHMB+WTwDMMBvvPbHENQtTYt/T3jzPtnXCxIGdSml5Pz4mIJNQ/eFJ9sD +nzaUX1i4vs+q7LTIfTcPLHecUDmosrPRHZXKvqhv+QSPz2Jv0bqXt8Ox3LFrTU2r3DyIpwCe +jNE7LZI1KM82Jq93hNNnxecrhhppJoz4lHLw/9F6urJ2ruUvggIu30HUUVNn9lSkPiU4RRhb +iLYXM3ZAbNriVxsGdE2mJs+YVT9laCUaGkeUhh1Ec9D1vQpoJ5tMToQU1iEfcRys1Yg9avyv +cTnEssJkJT/eGLYWZDcUBf10xWlQw7y6fEUb2nqrvvwqkoVFzi1qgteWlHvKY69AFNyO5U1z +pzfd2ULuzsUXwXobTvHRAC4ssuJ1JWjULfQJFREQ4X0CRHtWFf3XZOWRTM1N/b2CHDriPIFQ +Q36m5HeL7DngvdxTjKmlmcshmT+BfINtxIajT768sG6nhQwe3LPKaDvkE2ewV4kBnAQQAQIA +BgUCUc2T/QAKCRD9Jdzqcag0XJi+DACaLfhkej55UU6WZrN7SOoa2eFPkqK5OXnNKq2NUMYz +z+BqHcJUFIaRRmSM1zJk9ftIMUoDr5T9Ja1SB7VVBe73/OnGF/YD7Pa30TW0W3jBJ0Ichuy0 +9r+HFs1Sf8RCgb2SaVV+0N1mBuBWgvhAqltEzaSfAQpzr7yOTclDcohU7bLv2vCvMWzzKC91 +EwbUldRsRdszg/22IDomPEghafT92DTy/39gNDGIG1y/eS8hnWrcVOYgb7d9p+3eEeZ2AfiV +9c49PA4FObzYJ1FAKllK/tlFf00eeXPIjf1/AuEbIUwRS0aQnMnSELb3ZYdgErvrh1TRvdER +F2FBEk64FMm9v3T8gy3U/OAwvOa0deO0Q1l51WPz/euGi4wBN+un+LQifsviwEpeQ/q/4t/9 +RWqroEVRm8ebMOWAnQT90igLmU2KRITjLGNUYk8BmroCOGxgcBt82Sl1qhwjhWrZB0s/2XGZ +KlIXmtbr6fk2+VUodaV/2s/HtXEOaWsrLXQmc8KJAZwEEAECAAYFAlHO0WcACgkQF35mgTrE +pmhb8Qv/R1Lo5vuWW35fO9JpFOuE5KFc2u1m5ZXr2IRWAWqVJFY3E3Le6TELWqfC3MHnHvit +EzAGZck7AfgcPQ8LGoqO3cmZwEDhhJn0Orr91+PxchSma7kOENzGLlEBeqi8MSDm4CT0p7I6 +crQGFHVZPcr6yxDiFFh3hgrVHDx2/Y1nYKFcQeK0oSh/voRcqidtISY5HVMQBHbS7aUKSumR +fL+SyLwXXccbVOuQ+ISypSvHtzSI+MTVpmpBlALReysThokLgm0WCtw5TqFyiKvHjlq05ji7 +APLW9k9qlX3VWMAo6odM4MIqhiUpPlagPGkaT06cHj/ul3xf9iVgZt9FJrU7k+bX4WtVbfVn +p4SQZpkhquZg7Vnq9SGWOQLOc97Wjl3nDkWXT0mCxh4vwJCZTM2SoNuUxikVJyEqhCrahL7+ +58j+d+6EVxfVmmyTSMNm0lU69tf/8vwPsPXJbcwzWCiUzAt+OCl4ecv1Mti/Cvhx4z82Xole +hWtpcthCgvmCeXSFiQGcBBABAgAGBQJSLmzQAAoJECrLnuugPRVQ2twMAORmsISnmBAHgWsX +1XAUFlZNshhjEK0qh1b8LT9gQ4rAijUhK4Mx/QuQpkdoBet5N0eSIKwwaAsxWvjT2Ulcstl3 +e+KJEuJlPXneHD//EUcG9T2sU3DPyAFsBYnRQo4kqCY4PCXDYMNA1wDCWVfq8ma93xtvxoE+ +xS4AopXjUQU80E+pdS8rSKFRa5OWavVJ8HOvwDcssS8EICXrsuz7+N2R4JpNcHWPcUXTl8I5 +OWCQ4DpDQq3VLde1yx+laThYy40eN9lJzg6S42gimlzZYhUYXgVNv0T/t1Ukxvvu4G0M0i7v +aqmgaqfQ9TaSoFDTc8ObVI0wgxkYSdentKqOdtCum46eV9/+aaD34l5YpgTdylGbdAuPQseQ +066hIP/hoJcK45t0kuUKxIrp2Z6X6ZPstO9hGxr6WcrNrFfYEaoZUSgtsAy7HbHY78VenVUJ +6Y4iWnhF3lm6DvveQL42EhV89dAHeXERJK8Hx8RUvg4W4L7TpJbKOd3lCMk40aTaEYkBoAQQ +AQIABgUCS9LI+gAKCRA18z7wtt/VDGK1DCCh/jRd/GxfPIUajWNXSCHHGy0BCUXATelUiK/S +fOiyI/rfhAa2U/IjlivMOrjKQOngyXk4nzV89p8L1nUolIa7xs2kewDPBA3i2l79dEtf+be+ +Rw8dTL5fv2oZEMx050JmO62xfK0Cu0FFzVky1vim3dBBOps9yYSZefb9d9G9UBuCg7LBTwIi +KOmYHrcS+6rKILjyhKuZ/tdzOLHB4J7blGikZ+PWVTI+XVdDKA2KZcJRhJxxY3VINp1kS7mw +7+cQL+Fiq3yw/oLeMsfhn8HwiW21CoUOepocmFuGXi5Ip7Qe3Fl8a9lzWsiP39NYMHIXiTA7 +fl5UNe+L4jwCMf5cyktmIe8kIKpIxwooT/75tNDIGyhWIL1lTv46gBZRUfli6UE55LyrvybT +pv81E+kkzXyEQwDOu100ceqzUssNF03eNVn68UagWSL6cKwbWop3r6fdYrT760oFALAiGd1e +MCdz6Co0a31Kgxh0zx1smRX5SnBYE2UEAPDr2AF+WEzB78ixiQGgBBABAgAKBQJOKfwaAwUB +PAAKCRCu7s6/+NjxKIVsC/4lM5L2TjZr8HQN72LRgM7c7uNC3qQNfif2A3XbXJMS2PUELMeS +7PwbN3SPZAMMEgLHVltSQmU97Q7ad5rhAIEjtxedGTbarkYFMRqMDJ0mwUi3ZwM/Zkxbdjju +noiihvqS6L1BBIU00j7VGEvu4/IJIfHiDeAdnRsg5PUnF9U6ZUfoqBSHBI5+mPaidvZvbM51 +yNAqxAkWoA852XysVA9kKgK1x3FhJHYqrvHe5++BXVVl/bQfq1vypDm9tIzOeRVKaCWktVFZ +Fxp32SIYaFFitZj8sjq9ENRFIaFeU3unK+/i5xqs+ZySOZJ4LA9Moa9VWXrpd1cocsCM9v/e +p7/u/F6SALjrjFLtoxSeWlBI9iPcD8RrveWf4tJ2UZaFqzLNCNJX7LFgHeb16NAEBexVdL9I +MiGm2qZ/VwFJ5gqy0TkVwTs1jye2yWwCAzfCvv3uNyZslgkWirVsg2pNn7vf9Fcqqw6DMeWG +Q4zkdN9KbLih8qwQjVKuqtN+eKD4/imJAhUDBRBLV7bsLfGjVc5M7McBAivZEACH/hDrjADx +vMCmfP1KcjFNtyXnaXOFdGPIGriey3dkYVRP9gJClBTArFmrG9yufJnIDTbqCd+3GSxTClOt +y7/AmIyoenFGqmPOFdSOuCkdU6Fnwunom+/zdWFF4+bjfLgtKaowf/LLa7nAxYIQ52hCPXb/ +tUK4ybUiLHG+E6LRZfmglTL10W4ciXAOTe174aJU0R2xZvBvoUxqd+JYz4HP1wG/ZtedjtXk +VDddIv9bXfaxA6X8xbwfwZU027Iejs878NSbisVg3Cq/o+jNfzjAmH1b+TLj7MsEffVVAnWh +jTdrb2oxAQIZPPGwtyVnYmpqnDLMRC5Xzc7JeOJi+wR0xrqc+iXFKBrn66PCtWqYhE4S02sd +nDrT79fr1UVZ66jX1VFdKTIuGdMPO4rIsLBmb4Oi36yM3gH5a7MV+8lL+r+iMcMHpETfRyHE +sIUyYo88KC5IRyiVkH459ED+9kjsDfZ0s3N+EaWYDXUKEb72tV9fEwKgSjFzTVdf35WIynQ2 +z6nlXSqLsvNEUZSaH5KcNSMgV9f+WHgUB90Jfs5sUHgekASCKi9VCIwg45Z21Htq0p4pW2zu +1rigtNI3ljOM3ljLIDl32woJEJIxXs8izqNC9SUAoJ7kpWp3lrSLLh1JLj8WrqkTzgx4izOp +UNpmcISZp74NXbLOWp7jVpwA3YkCFQMFEEtXtuwt8aNVzkzsxwECK9kQAIf+EOuMAPG8wKZ8 +/UpyMU23Jedpc4V0Y8gauJ7Ld2RhVE/2AkKUFMCsWasb3K58mcgNNuoJ37cZLFMKU63Lv8CY +jKh6cUaqY84V1I64KR1ToWfC6eib7/N1YUXj5uN8uC0pqjB/8strucDFghDnaEI9dv+1QrjJ +tSIscb4TotFl+aCVMvXRbhyJcA5N7XvholTRHbFm8G+hTGp34ljPgc/XAb9m152O1eRUN10i +/1td9rEDpfzFvB/BlTTbsh6Ozzvw1JuKxWDcKr+j6M1/OMCYfVv5MuPsywR99VUCdaGNN2tv +ajEBAhk88bC3JWdiamqcMsxELlfNzsl44mL7BHTGupz6JcUoGufro8K1apiEThLTax2cOtPv +1+vVRVnrqNfVUV0pMi4Z0w87isiwsGZvg6LfrIzeAflrsxX7yUv6v6IxwwekRN9HIcSwhTJi +jzwoLkhHKJWQfjn0QP72SOwN9nSzc34RpZgNdQoRvva1X18TAqBKMXNNV1/flYjKdDbPqeVd +Kouy80RRlJofkpw1IyBX1/5YeBQH3Ql+zmxQeB6QBIIqL1UIjCDjlnbUe2rSnilbbO7WuKC0 +0jeWM4zeWMsgOXfbdUky6GalIYOeKSoT08oDs4X3byY3OOh8cb73XQJy7K3ODHiLM6lQ2mZw +hJmnvg1dss5anuNWnADdiQIVAwUQS1e2+05VPl3aaE+VAQK0pA/+OlMmJxf3dVKCrYvnbzay +x+E9/wXuztemF+97V/Oo6NJtiwW1s3T7Z0SJZ46v4/tKfcnIrwUnvoAmphuE4GJTMDTTeThR +REzSgGOP47NriJC7yHesfN4sq/ezD39Birqr9f5B8rHIS/ZeYsvTsXznF7gI69RlgjHORYOl +lyqnL7d+Jxb5sH3DKq2HjyQhl5HzIoqMg27xC7LlqKSm2Tud1bQE0pExg6srhINQC4spgvPz +48ZXs/zPh2/17eRFPdc5wbX0KWfFv9Cyh+nHWCFwgixoSu1FUOhjODFE9SaN0hRIjWrD6UAv ++VAt/zS0TP4K6Q34btD2v+Jf76iSSt+xlT5/eVubbRPz5+5mvExEQkfzRsNjVdXiKHf9d428 +7NeKlKYUbsgvjkegC47lqq21THZqENpX35KVZKy5b4GP0rsCiCG6Pars8V1cjF+6XGyuRde1 +fBULAOq/jr4ehkEHq2f7H6kzp0rkJOGAe4MjlRmcR+x/pEQDilgUo0PWQEC9RzSjRpEo472X +2fYKR07VdjSyD8d13GPui8XXGfv/VKaxhfJ4YM+q5bfotZWFFCY2aNPmpRbauc+kIic/mHV3 +AXGSETxduG5BLbcSilre4NvO5p57LY0NWIEKo95AmnaElAoDWD1tlOJ5dMeRnPf6yJGdAzVW +BDYHU2MfGzBotxWJAhUDBRBLV7cJBVbIZR1aExgBAsrpD/4/EZpiBrE+OXwi7qcshvIKLSqm +k+zZcm763rvgbdSELJU0eKiWssczpUNrQj+/SXF3bA/zFTuNPkb5cW/2JC4XKpUvGBQQxy4c +OpXZM/0b5OWjduu8RzyKM0Qu+iUg/eKDwH+NA1ShOeJHFNr07q6/dFUiF/7GLzK32LDIHT/7 +Ru1fxt4h4Y1NKa06MR38to7NqZ3w8GlFPDwwG8HEUwtDmYcvVlJjdKSqXVS/0zd1ohXscb4J +g+9rCYQ4DbuK5ETTQmpT1/nX6NES0tuN5M6+RuY8uSs31ILK5PAzVEUg/yELea4oMBz9Zsyd +kgiZ820iO6ZpETnf1mip2CMrItFe/pGuwpVaUyDAjjGcwkbtPchZQBCxxB8MpKmJJF2EySTJ +pY7zhm5arfIPcdFfYchIaxfngbl3SQNucHA/B9NGrVWNPNbqrx3ONAAflhtB3QN6zB55a7xR +fAmTPPjK2kiz5qCJ8ys6iPCQ7RBGxjW8xZyGq5gnHlMmumZ5MHIMfzipJLM7mCe/ME7kuL2b +lPhOC6bFsB63AcEfRAxuv/h0HyXoe9ZmQgTwiH5VmkCF0rnlGVghZEJY7azA1oUH4OHllNhu +rjFjkgzC20Tq/GmhQ2Hv8s74J26D9fQ/QWTm8yNIsdwOAU3bFDrxCNJ6v+q2cTrFw4K91coR +heNaAyklS4kCFQMFEE0xNthFwNk9KxpHqQECZ7AP/0hKDKrWCtm2aTF/1Qi5tB3j4p9bJzAM +zDQrf609lkvADdc2iY2FehHBxlBAjHMfYdk3TPjAvvHQCibGcjdhcPtY941Lej3BhD6rW7zq +OI1kTI0BltYV22wa4eBdX6sEcG3Ha0zlux1jaz6HeQ6fc2TIegkOoTiYMGh4Rc66PB7q7Amf +4a8jCqGRRZ02vzkCTklJLJRs/4Q63adu2IMiK2nr3/4cLc5fRfqtmvfLgSracxIQ2jDaxFXJ +8MyFSxxM0BwZmDtNg5pOMZG0H+GS7ToIjO6MwPAK6IUjU05RbU6ZAF9TYDrvUoBbmCW382SW +i6NcW1nYw2wI/UddfSpNLS9gz04vvUPSp5fK5mQVvsLz99wdJPyiWArwNEBwof54Tb9CBrkU +cx2JjfW5i+PX58asgZR8QZdQ7YN2sHzF975wS6T56BX0xNLjmCABHW99fBmrbLbf9Kj4jAJ3 +gidzzOQZNFUDdlc0Lm/AFnQv9Rs+YG0VGyG1Sy6gRjlsCyNU7nQ71Vc1o1glCcCmL3KD7E2R +8EIlhMR8CmQfTikrFYUb+nGIt78ieL2KNT089onJbvqePhZf0yWqM2hb+H7X2/Z2X5RDIg6S +lcXIXpHIVdOISlt4iZeP1ImZyZ1YHo08duRJ6oHKA+Yv4D/JQUREsBhZknefhOa6JIjq/zh2 +nMPGiQIVAwUQTTE25tSa7ii3JRN+AQLvHQ//UF0VxyGgVer8QuNQxPiwFkg5Ijy7FIR1UE+a +kM9zJuBn3McM0SXXxjUcncTSLRU43akCeCeIi7AVWaAsWLcIrOSfWhID9X9PdHLDJMF9dmdM +CS39Ak/sFA5JUCXDnD6h757u8wt8GLpuD3lSUvoycX+aZCKy70+3yX5ph2Hz3hhDmGd1io5g +Iw9CfxcICra3QJZEf5WdALGVPG04kNuWmeXZVAEwaxFMGdj4XCC//NKwD1Iq2DJGeLOKGTFT +vuucwG9hohFSDHv4z+6fj77NbkauEko0LRLfAippT3ezBxBTTTPuGwXYCIbVgwidFO3EJXMd +4HMq+atr9gHRyAes+iJ0FZZf/6ot2qzxTaBbRjLsfRIQZcOZka2iMtbPGOTW+EyTCwi8S6m6 +aC5ZHeaZgvlIh5f3thOXV/RE56UUJbjZ6ZDmc3N7qGMEk6lnKj+IexM4lr7ENl6w4iJClKK9 +qEVJuQHnAQJhD9DIDMYytJcqEvf4LGQ8EPO1Kl1KsulkF/WlYY+o4repgRHTmxNgtvDqZq78 +EvjHGjLooL/6WFCYMSfhe/bLf5P3JSn3sClV8PM2T7EUxxf6PmTVASGbQalKUGZHvopluagL +3eMoWK8kER647vovQprHNmkqQnCRk4EivMbqndr9TITzP6zGt1yJYqCbo9CAEFZnl2XZEkeJ +AhUDBRBNMTbsQZFId/nBjkUBAoiPD/9EwWa1lppsu6afYuEDdByy/QsBxabSu7x0Qjk82NZ3 +fxmc94E8hWxURQY3OLo/PvASQkswC8K9S1/cbL1aAJfZFwYN/NLgUYCPwIiv29EB9++Y0bRa +fCN/EVaEmjZ5CNdkXtiDmUMfgpuEb5Ooukfg7gObWcnb1aoT0hZAI6I7pUXoisYg2noEvAwE +qzP/oFeiRXs1V3+haVIcDX7EbT+DUYlelvHvgFyM9Ftsa0drE2u9JSSaUwDyIMe4tylwFqOS +Tc+oNtkn3rEwdFCAA6nOLtWDyePiudiODhnzjJkrVbno2Xj72TgDOw29cAVcV8PR3ec6J+k1 +hb3ImIqp2iJ26slajnMhrA9eH7P4nfXO70qrt4/k0/0caFl5rOFGnmAfVS2T6Yd7HYkOW6Mg +ZXDq127738Wba/2ABKQt248W3qlquBvb6ThcexCo9kq1Nhunqa71cC9sYLmIaDtCuKqtdpsy +Ao/eMU8SF6YQ0piDb4Q66Tj9Jq89cSzT0BaNfUhU6nMPd6GcOFZBUFkCBlvqGb5NiH42GObX +CCEu8vCWF2SMpnkWwZ4d+lOLGm+CPScFkVPd/rWYuwm9cqLFizP6Y81SGZ+93ZLQQFQ9SSIj +W8RNbsRICjP7MMjrVsG+fpBPYzVzS6HIJWyFhdGAuNP7pFBkRWdTx9C0ENXtFNLRqokCHAQQ +AQIABgUCQcKD8AAKCRCq4+bOZqFEaDKtEADINSsH2euET5sYGISy/GXl3nL3PHE2MAUK5y2L +ch9XtNDGQm0YSLPNa7pER/3UZJfn4TINcesu5LFUOIG4o7No3MolN952be46BY7FQ8U3f2y0 +8LOyyb/UqHzRxhg90iIXZIXIV2touFN8WGLdUzUwK+L0skrprc7e+op4hdUUU7lTOQtlRQGQ +6DIS79t/Uf5YJKIo7B2JVwTpVqdNVVkfAOMf22TWbDLdkOUn2OTKU8qdkYkmggSdDHTjoAs8 +vE9WONCCBifQ2Zx/LX647xTpty2v52gWZ+8IgIWex68XGTwxSDk7M7U7Bpa+1ZXYKUHyBwWk +0+ZgnuCosrFltHEGm/RA5fKbZc6IyB9Iv111xBIQz9+rHH0wcSQzf8Y9wQMEQP3hmY19/gJ6 +imAz/EhFB1JGLsx5Uf9A9vkAecL1JWgoc6ccIouOrBK95d40DLL51zeZF6G8d3kdRveDh02b +cZJVDNeJk38+B3QyjJmfoeVLAK0MEIeBQS9ej9oK+OBksmeumcT1VpAaaiQfJa3GU76wi2ey +8sRqRv6QAFee2PIwD2rhJWQkCpXgNuevYaRFl6dTrBfOizIqxEoLnYHVMBnJ95tqaSyyINdG +XnNrFKHSNa+AHzz7/YamXgDpN1hEKfh/Y8D9ZyvVCbnPLTjYMyLYamd9GoPRyYaKJHCFRYkC +HAQQAQIABgUCQcKD8AAKCRCq4+bOZqFEaDKtEADINSsH2euET5sYGISy/GXl3nL3PHE2MAUK +5y2Lch9XtNDGQm0YSLPNa7pER/3UZJfn4TINcesu5LFUOIG4o7No3MolN952be46BY7FQ8U3 +f2y08LOyyb/UqHzRxhg90iIXZIXIV2touFN8WGLdUzUwK+L0skrprc7e+op4hdUUU7lTOQtl +RQGQ6DIS79t/Uf5YJKIo7B2JVwTpVqdNVVkfAOMf22TWbDLdkOUn2OTKU8qdkYkmggSdDHTj +oAs8vE9WONCCBifQ2Zx/LX647xTpty2v52gWZ+8IgIWex68XGTwxSDk7M7U7Bpa+1ZXYKUHy +BwWk0+ZgnuCosrFltHEGm/RA5fKbZc6IyB9Iv111xBIQz9+rHH0wcSQzf8Y9wQMEQP3hmY19 +/gJ6imAz/EhFB1JGLsx5Uf9A9vkAecL1JWgoc6ccIouOrBK95d40DLL51zeZF6G8d3kdRveD +h02bcZJVDNeJk38+B3QyjJmfoeVLAK0MEIeBQS9ej9oK+OBksmeumcT1VpAaaiQfJa3GU76w +i2ey8sRqRv6QAFee2PIwD2rhJWQkCpXgNuevYaRFl6dTrBfOizIqxEoLnYHVMBnJ95tqaSyy +INdGXnNrFKHSNa+AHzz7/YamXgDpN1hEKfh/Y8D9ZyvVGbnfPTjIIyLYamdtCoPR2YaKJGCF +VYkCHAQQAQIABgUCQcKD8AAKCRCq4+bOZqFEaDKtEADINSsH2euET5sYGISy/GXl3nL3PHE2 +MAUK5y2Lch9XtNDGQm0YSLPNa7pER/3UZJfn4TINcesu5LFUOIG4o7No3MolN97///////// +//////////////////////////////////////////////////////////////////////// +//////////////////////////////////////////////////////////////////////// +//////////////////////////////////////////////////////////////////////// +//////////////////////////////////////////////////////////////////////// +//////////////////////////////////////////////////////////////////////// +//////////////////////////////////////////////////////////////////////// +//////////////////////////////////////////////////////////////////////// +//////////////////////////////////////////////////////////////////////// +/////4kCHAQQAQIABgUCQkQM+wAKCRDcO5tBqsVPo19CEAC39tmTO0cmvcJn1vXBC/fEUkJC +9kC5bV+tGU3aKf42gr0VurJASi70v5rpKsJ+GC3uTbrmVX8QVrYRi4mpAPgC+gO52Wz2WUJ1 +AmbLW9c3o/+weOeAg3gUT0R9ukrGWg8LBbQXL3KT7DjWwDuqFD8VJ8Zdiux1cnV4uLzDjGzb +go5hZqEUla6jQuqNlJvABmel8P5G5YTt6sL+iIEDMABvNlQZx3JbhgYegY9Bv6rrGWzcVU/b +hJLQLiD/JGAxjz9XjU4JVnn9UtVffkQgAhZuWvH41pi1cvUGCUbVM1gskL2lkmnDnG+jnVRk +sVGw08NZrP7H/FglGJKOOa9OSSoW/10iGAJBJ1PYGivjcKBq4MlIs4F9zb4lvldjTwCgwbSu +ZG66sna43NSavCNZO2YEZMqjAG2bMxlOLqGD/nC+RGfovKTcMSzxNH9IbMDx7XVmWg5T149T +kRpBCj989A+G2N90TJEEM5afmBX1r/PDhaqXT4s4WrIVVA5Rldde6khZubuJkV/yQrgPkIHk +x8q4HBlF3gBjn5HaEJHBYarlNTphTp54GHyGL7OMqEdRFlBqlqnhtc3G8fYGnuyDcy1LsldT +Z3OTzNQsXknU4d8Y+Fqd3GGcsDO+QP6j4h+34N1Tuua4GL2PKvmGe3T51+7t98IqFDs+7btT +5miLdwV9jIkCHAQQAQIABgUCQkQM+wAKCRDcO5tBqsVPo19CEAC39tmTO0cmvcJn1vXBC/fE +UkJC9kC5bV+tGU3aKf42gr0VurJASi70v5rpKsJ+GC3uTbrmVX8QVrYRi4mpAPgC+gO52Wz2 +WUJ1AmbLW9c3o/+weOeAg3gUT0R9ukrGWg8LBbQXL3KT7DjWwDuqFD8VJ8Zdiux1cnV4uLzD +jGzbgo5hZqEUla6jQuqNlJvABmel8P5G5YTt6sL+iIEDMABvNlQZx3JbhgYegY9Bv6rrGWzc +VU/bhJLQLiD/JGAxjz9XjU4JVnn9UtVffkQgAhZuWvH41pi1cvUGCUbVM1gskL2lkmnDnG+j +nVRksVGw08P///////////////////////////////////////////////////////////// +//////////////////////////////////////////////////////////////////////// +//////////////////////////////////////////////////////////////////////// +//////////////////////////////////////////////////////////////////////// +//////////////////////////////////////////////////////////////////////// +/////////////4kCHAQQAQIABgUCQkQM+wAKCRDcO5tBqsVPo19CEAC39tmTO0cmvcJn1vXB +C/fEUkJC9kC5bV+tGU3aKf42gr0VurJASi70v5rpKsJ+GC3uTbrmVX8QVrYRi4mpAPgC+gO5 +2Wz2WUJ1AmbLW9c3o/+weOeAg3gUT0R9ukrGWg8LBbQXL3KT7DjWwDuqFD8VN8Zdiux1YnVo +uKzDnGzbgo5xdqEUha6jQuqNhIvAFnel8P5G5YTt6sL+iIEDMABvNlQZx3JbhgYegY9Bv6rr +GWzcVU/bhJLQLiD/JGAxjz9XjU4JVnn9UtVffkQgAhZuWvH41pi1cvUGCUbVM1gskL2lkmnD +nG+jnVRksVGw08NZrP7H/FglGJKOOa9OSSoW/10iGAJBJ1PYGivjcKBq4MlIs4F9zb4lvldj +TwCgwbSuZG66sna43NSavCNZO2YEZMqjAG2bMxlOLqGD/nC+RGfovKTcMSzxNH9IbMDx7XVm +Wg5T149TkRpBCj989A+G2N90TJEEM5afmBX1r/PDhaqXT4s4WrIVVA5Rldde6khZubuJkV/y +QrgPkIHkx8q4HBlF3gBjn5HaEJHBYarlNTphTp54GHyGL7OMqEdRFlBqlqnhtc3G8fYGnuyD +cy1LsldTZ3OTzNQsXknU4d8Y+Fqd3GGcsDO+QP6j4h+34N1Tuua4GL2PKvmGe3T51+7t98Iq +FDs+7btT5miLdwV9jIkCHAQQAQIABgUCQptfAQAKCRDO6l9ytVN84dROD/43u3Rdhef04MtS +VaPPdTu6uNLvnaaNCg2aFcjVgr9pENd/bmvLtyvcVIadO0kio4pVDYKke9xcs5ANQ+ymJfU0 +VcqD58cYFnQ+Hf9519N3nsoZLs5ZW7OUYZnJQbAWBjKlNo+eyty6EilXus5pms7DpKlEqit2 +SCf2NZK3LLnUYnKDwZwx47g4NGkd2cOTSA8k5CgB+iC2e4OU1ET+SXv7E3PNzqu4G4EsmKmb +CuYytbL+3csNQOI0eILMeRf7KUf1W7BRNl3xpiaKAsX4Z24DTA7SfVidaN2MZJPQxO/fGEV2 +EdBdLplSfMFW4EKPU4/tZwAjEHMoovXNIt3VmK1dWko4K2ajq6xVTgZ1hDU+pmvV2MU8elR7 +0jsvTppoRkYny3C+Ewdwk0bHWPK2FnkbimhDM4XYSwo8v6F82r7sOyBfEwIC0Td48z5Y/l96 +log0YnauK6lrrh/FPV9IN+eZRqG6NxT2RsXEFyh8ki3g6ZzC+uyjCYC4nrMdJ4gSXX+lALDx +xI9IVBEKIiCJoRy3BwmcQAtSOUvgwO3Z+QoGeMXCWwFBSuYNsY9ITHSyy3mPMfM/LVcN3Y52 +XBLFBB/G9QU0ZM82Y87DDthmNhIkFLIBJxqiO8wXk6N8sFdGQl0IAqLHwcENYP7OBF4AST3l ++M+Tts8NYz60odnfDiwV/IkCHAQQAQIABgUCRHORoAAKCRC/tlXydUU8WKuND/0YiGiuXLVj +YjFHB/HsCS/QpYFojwJv59xmtbv+Uu30gXbRkT56tqRHKyZM2mSPYEqHsVkVhRJUK43c+1U8 +oKdFl+LQmuVPMPAgt58r8zVTArfP8fHRsJUIKod0Y9kGaq5pZklZxkL1pw+WdgLfuN10XHFt +flZNbrlv+c0nOSqEFKZ03oenlGrasr/13QEBew6QsmulTB6KHshMPVuR1W999QrR8ocRrH6s +58VmMxsGlAq1hmGv7PzQNtMk7JGl5D0wH/G3KsmhqGvGafLXbMVZAHJ/WHxQzDwfKyVcFeDi +p3SeaKKDU3lNFn4YkW+hCtq9umM2xj0+QubUp4zMdgaPpJe1W5rKuYJxeCdeXKxiLRO6t5tt +HBVDY0mTk47MuyUoERdXWZXzGrG3ahD7VM2QngdiMUyT3CPUWCFBVfiEe4+BVDXVyzHL9UKZ +Q3xp5fVWN93LHRlyJOeWM0MLduEoxT1PkGU4G06BC3YqQsCVYVsu1FKtOcVATI2asMIUyJL4 +thXS9mBW/tIcGjCcHiI7aFqqWqbFStttdZTCgXKjfgoa0I9E+vVjURubDoR7dcU2nNt0C1fW +XKeJSEmHcrSHakm6RnV65+s+DG5KxuwpquXbxlrFXBb7D2Lo8WNEM3569bR4nzlwvDKHF1Gc +gmuKlj/IOre+47NPvwpeyA2p84kCHAQQAQIABgUCRrFdDAAKCRATgrFP3Os7f20yD/4vgN+M +C9TU70tY3PYQXXP4ZXgCwWmgY/EkBCZtJXLD5a8V/NDbqywPUg7E8gN8I4yAQwiePK1DaY34 +KHubQbn/KrTh5HxO6/KtcMyAecCkZebuD/rnUsnEvQvg2VZaQtUD8HnYp0WKZPwYvc9xigkD +T8tnVxC+V7GsBhyY7mYJfPJf7B7l+dQR61g8typvpVJOQ+xvXlQ0+4deNwygB0DctEb6vDBk +54q9WbfQJNN/YbG/B5HOJG2FHGfJFLm6PA9bnzFzNDNrTySEbk2aDyyliBkp9kSDzFmLyHqD +3+WbWQ1kwMYfOs/K2jpSbkKTeIhQTHN6rUcd4uI4bS1oJ+NIE3lk/zUwJLB+kOD0o/Ory6Z7 +L7SF8gTpsZqhbcaV3k2DovIBaaiSRi7kScpWadvXnAUZob2x5cg1BQCQE1epbaOFKlZTedtC +mR187utuIX+Yo1vwssQ6VYZUD5daxdKuiJeHz9XqYxjJJC2eHjEwwr0UOmE0bMAAjgJn/N+T +h6BsFOmehINo+afEslhKUTz3X7U8URucQ44ZZhaTZuuYuSrxc2XJmFtOCaNnb/2munDwxPGL +Crq5soZH3vek4mGVB9F/BdJS9B8XqgFgJsNnbSAG/v2Y8JGVr6tp6BBbD12T+4e0irG0CYXK +77Uj7oQl9fRjJCIFVmgKOx/EgIwkQokCHAQQAQIABgUCSgQB6QAKCRA9H1hZiW7q7rT2EADQ +/ayO7yeSZHoU49hW1A/QYw2c6qBwNe5sa6VS7hSHKSTNFmR5q9IBhaOPbD/f/4WvL3yEON1z +8T2pAl5fjUsDH8Yg7k3Y6mTdaLNtlOH5AYByYA7D799iE0twbhwGwMtAEYS+IgvKwWqOk1gf +AxpcZa0/fqDv1wIE0sDJgMQsTQ0HMv3DMwpR6mX0io0T9o5SvpTlklkgyiLFSYxHqAczw9qi +i3krXMdsy6DrmTqOd6N/Dk1Zt/bUEkBJzXhxlE++0RuMFLm8jUpOoCSR+y1F9Wq+5nMIoghA +kH/JKYEWDR+YQyifAH/UbVQAmnXowrucNpMHK2/HEnOpr+jhe7wzsytL3p3Jc8+F/vtyaI6n +pESFw/S+32z+/u/ROQ4upAPPSqVectlp1ONgcIejbwl7/eOcUEVnOOqBvOOPB34tXSEwUx2R +zBjh/lLJpg6F0oZN49oBzH/5HyYaLz2gn5eaQJJoSrIrm5Ewmt+3jEHgIgpsQjXBotfL0c7H +jcMSn2VP9LHldjcKM4kAKC3Rq7N15JMySYPVg8CFltiPvl2o4fjJ4R2e4SPr5fp+Hl3O1Hew +hVnP5oZOMwRvyKYajhJGWIeJPacX/vEpMImlwbSaLWN1CFcOtk+3Qra/7RoUWrRPUB1/7aXo +rRk+diP9PcwwHO03uXHhTSrK8+Wg8fHfYIkCHAQQAQIABgUCSoG0ZwAKCRDHDUFs2H2y7KIf +D/4149TxLcJ8BDEdaJgcG78uNYs4+IeXxSUL05fUhCCSbicy8cNaQB2MHWloGwFrLpTAuLww +4FH6qIyNfvgmLozDhFu10UGVZNfML0SmCB2RJAeJ9vOc3o3AwCgr98uMzYLrPx9LiA4L+9ia +tbj6oZsDQVKt/zwRuPOCXh50DLZlLFjTBSnDLQxECCldEnojvsMZkjJ5QPn5G5Nn3uG2WKvH +C9WIgIJifafq469qzYRKVtfZdVuxWUNtrm1XhPNLFSKOiiuzUyc/16S3v5QAuOcHquoRvTt6 +yHA7BCwUlh6ykAj0Gad6aKJ/y2jFELRGErek7UDmuQnGthhohmbsRXjffrAzkPzRhOnKkHRB +S13ibfb1aIWIElMdrPeB0T2O3FMPZ+evI//VuV57pmjnqfnIok8Nyf8wiKhuPKPPLrohwwCt +3MK/ggzVTF3ZCrqJjaQCksB6Y4RNxPYCmL9t/Y9hIqFOdYoilOA37eJRwrUKVq8tNUYUA/pB +wu6Ln26O/E3wA2DySm/t4kszHber8RZAO3evm0q68rcPzuBXlzoP8cpZm+MMFdICkx81jlaW +JEq0hcCK0jicppfiE75YkeA+QWs+IUNYvFpqZ59H4HkoBZXqlPZeL87REiNms+obQlrCioe4 +AZMlSamNadDUsSLjA77+KE4dz+cFNN48Bx8L6okCHAQQAQIABgUCSqPcTwAKCRB04FmmNBWC +5RvOD/43x8QXDiM8mc9ZhwiZ7sECxxnYT8rkr7qgDY/Rj4FivFiBRjm64/YZI+AIQLbrJHuj +4v4f4CMQGt5bxRTcdAQcpvIftYilKZcceqK6mJNESjQi9v8lbdK4FUUgRveEC949CcgiB0gR +WnC8On/lPlOL4435Xdy3Sp7ZIt5cNzUn7Y2nWxF7Vra3Sc7UHqb2msJWHvI573+Pra7nl2hk +njKrlhe/Ab7JP38K/Btb6WP5TKW0zChTvjyVUvFsX9r1Ja/8izg8Y01HEwlARoluVxoiZ8pf +kQwSAMzcdNWmTaXVfx1J1nHE+IcQbjNK3nQTWLjm2m/dD7bKYxLZnHGaiXbLFGrU/MeT8xhn +jlkdckefSeIim0f6xMIJQOlioCCe9uhievlOCva5onhkM5EE/YZHFmwXyxB8zItTNc+kxnJ0 +0W1pmwAjFBHFRW5PNeD6XE2rxaaCbvU+FpaLLuI7ocEaklzcgnu3WEjopzjkTZ+MSOQoM+m9 +du5GBhQh0UnFiqrHLxdYpxliNZxvc/wXsD9bGmlEb6hOhaSkEV+8Az61YGxZg4HgtQ9Nwu9k +AnND1F+jvokLyhEMrHOSuDzu9nNtpGMWJeU3L87QRyEN2FqdPVbNY1rug7yG95LIo5oafY7F +iNITP1RQ1Tn1m0LLRZhYFlcq3dg5ZXu9Zmo7olRJW4kCHAQQAQIABgUCSwZO4gAKCRDWCwxm +Nt5Q7h6zD/473ovISqEhDGWrxGYck1BevXIpSRu/1GdSo4fZpsm6Qf6DIOxrWY88WARKC4ia +bVUKKDNLfazcYqdYrjWZYfPE6HNok0BTIMATSLmiGe5ZKv5tyAN7YZD4WlOooM3NVqN34j7d +p/LC7IK6dFk0xinCZgpBEULzKq4W+NFxvKiCI0lf+IAg43n7VSfJVOUXebXq5N1lMqbSDJjv +FzRPt7e2rHQdJCHMN/gF3rxqB14m880VpzXrBfqaKrGE1YnXxYYaqUxGBLg57HsxIa0s3Bfs +2qhvbIz1Hco3eI/weueL8WESRi+mDFlRjS8VWimsXdjVAK4PgdlQAJLYEYYjX860Eg4mR4aJ +C5wahoZ6pSSvCFVDXbTHYWr4eyktH4b5f0vmigibwwAC9/5ARpQxOGxOCygkPoBtLyXhY14g +MJjkbyzlz2YHGdHkUcOW+Z5keibQeIOvMlIBkAN4RJ034soXXrpHGCRVqkJVpKS7t49vPDk3 +3Y+ZZyKK8FstvRkNFoJwYLyWDX18zKaehDMmP3qe87NgnXktR1FMtMQ2ERjq7BZx7i4Gkcd8 +V1B9SNvuYltkqyxkotbqYnDV+MsKJ3XZ6lU0VyxPVqYrPCOCE2ArAyHckw1L2G+cBbVYwvEP +lo32QOnC5xJkZxQtgnBs4i1Jiz78lYImdzf/pFVqldv00IkCHAQQAQIABgUCS+IpkQAKCRCv +VaJhx8ds4+ZlEACBueXqw8b5HQX/oyaK09bjiSK5wOk8mNuRDcPXEBudWWY2J/CmfcBqhHRq +TT5r9dHITnlR9hvieoqzQr0yBtujZldaFn+UmjBYU5Z3mtNUpHvp6htiZQakgVfZJGY2Qukm +S9R/p5YRFeyrk32P/Z1Cgo0blO9gmFAyZePdzx3u1l79iFLdUknwYVFit6xQNpBLLBRd7Pvv +KJq3sxTNQFncutclNyjoI7cmnHC12A2NkLf37lPRRBL31ixc2iGYI3mZBomDPmpkPyKWq68A +96Iz1YFH1OT/Hnnyz/dJI7+3NkSjcoYYp+Rqi+4Z28xXPyTeB2oWIkOaKk/HtS0STO/uTpIU +7Wu/rU/Bka50ybcuymj+OrMzby42BEMIlWwfleRZIkdprur0wwEhsfNIkwNp3b0wPk0Grcve +U9hAo7UjX/AuiNFEINjRJTiHMh+0LBGVEyukLnGn0ZiOFhPKrgqBBs/aF7AqsOkBz8p/bI5H +OVRkG6ohjqR5azuzrFIKrVjcs70PiLc/o20lepuYqeFisBH3RzSFw3ftI0JOY7mvr4mgZsHu +OJezlfBPNiixO0TwIZJoMSr7JR7SekkqdUu+Hp1MsjbsK0acLyiW4xdgM0td8nptM4LxHlFa +wDxJlbmX9df4YAsvmKKA0WJOwAFfLwWmKt4R6kTLt2Z917qLkokCHAQQAQIABgUCTAwMSAAK +CRB85bB6eyCEZRrWD/sGXg2gUxhgX3dDXNy9VAqwAJbU2Rbk8mW6o6La/puSQV0rcyEQF58O +mfBiPPx4D8trdR5LnLnk68kelQBZSjXFC+Lu//ZYl2DiMPzfmGan3iHGsGfcvMMXpfKwAAnv +30X3FHowx8/k7ep/atxWZ1JZLI5CyWa4Ohpidg49OA+As/PHe8mIMxAl81w0RoJ4vm/F0QhH +cESDtbznREU7z58+6WGLvuRcoJQ1Z/h4qly+qRi4/biiga+8rpiiZimU2Q9zgxUy/U2yAFYv +9upptO+y8F8pB+nYGDcCQuSAu4s8g7OJe9XhMVkgV1tTbIxf3ylqhG9/6BhmMLqHCiTLjY1E +CdyybNnftlhPbh1ecARpqIFzMrExQShliH9LyDyWFpwkaO7DxFW3wLyzcyibKPL9ofE5ism2 +97fLyg5hnCZTHynCsGKT/gjXLZFi8U+b8o91eYl6/bkU+qLSigYadzaPlC4JEpvAcg09MxL6 +LMTe88T1TtSOEhP0c+u0iABWqaXcOI2drLj1/lxRzgq6EeBMdDpHiJZS5hZcdHAhfoZ+B/1N +LzwvW4hEGXjRlZrVTlfVQyCzMvNHVS7gCsfETv9YSGbWYrVHClCCssqp8incEOjFRbceQHzT +oVmTD4A+w8nF/HP3NSCNEUYKj7r6ZmDfq8r513vD5wOLtKXtsaLxTYkCHAQQAQIABgUCTDpJ +YgAKCRC2xKe+vEfeEcRiEACtFpA8lUp8NrPGUt1g5o/xpsj7HpwsaCwj831N5MiZPWXR+yD5 +/wr/TU+X/bAysu+kIPHbfW3AA7RHiaQJsTA+kTnfFQTe39zCl/BYhWW4SNNZdEWrCX26wC6q +/yYcEbBxsl2DB8X1fjK4CX/4mMqrGBZsbuaE7hWKWZuVGEQV0Aa5eXInWH7a/MXWi97JXTDw +tQacglLLZxz8p4QNCfYOkLVVlfkIc+2QoZ3QaDdfQQWgX/OvQjY1sHcMirpYW8tMg9L0NTQC +/sM8QayTaq5vHHw9tHGcu+yfLWXvKrncwd1O93Eky44SB1sGGzMzPdiGZCcOvKrK4XKqNM/I +F4nRCUyyEuG24thEscGqRjQGfU4+5pKG72wUYIZjcgMKesP2AtqE6LJ51XLq5gZOcjFi9yn2 +RbthFAPK//Tf9qO4IN0F2Hp/IBHF/a5iISxS7no72WuXx39gp1m7uMIWCqFuJljdtJP5cXLe +MqcguqUlhtKQ/1oOYw16mTDpq4ikdfNULkxHeZ6pNaiZz8e1DQ76vWDe0mYHFTZt6p3ax7tT +0wtuSIUEmRnRQwBOZQZh38+Ca4BLJH/YwJpcmuGKTHSxwQdC0eaezY+7sJ9HFgaWGdtqCmng +4irVi76ngDig3ydQwMEkuwik8TffsSZZJEAfRCwG+vLUFwPk1viRcRZen4kCHAQQAQIABgUC +TIYODgAKCRCJCSF9w07sV8MPEAC8mHkHIrnkmcGnataQloRDPZ1UxA2wzH9eAQL/HSj83Cde +1IDMqNrL6rUg0K6UrMHGp30gTRfjGQp/nYBsvumjoSjgjHak9OJ5rnT/xfTD1XqBRmawwswX +p+S7v0cKmba0OJKnkGcJXfKhD0kNlrPCqJMD6pgt2egxIpbcJiAfFSkKdR95LDW7tR9tHlCa +F/a00S0Zjvp8IzHO6+BG5NHa78somq6GnBMJEO9iJwn8b0S0nk/D0P23LZ+p82Vp26CYJNk3 +OsHOwoG8kzYVDb0heW1ppaVL9uxYmLAkm7TA9zQxjzmpY8aGl4AGQXrY+0mgVmSyjHCr5v2R +T7zfDB/rN6gN2egdveZJ5hyIUruu7BxGNsCxKFdsBNYzLSrQ7USyfySNi7mjWnT+35fZuwXA ++QvT1AMHoNFvgz2lPq2GEZfdRnUwcdednL8IojvcCFsh5eTykjNpcSMrIvPLeWVsUFI6EdYP +5PxpXgl5bwgYQrksfutJ+t/Qa0NWAnmZ6/4qNYTg/wuXBTGEN4cVIrrVTO01OyOlxp0JVlK0 +Sd6n4ZIiYA6KwNeWjDVTJU97baLOvYVBr10kIi5u27fbuSx9L/uhYmd7vS0FTtcZSwOoX+ao +C2p3AFxCw8sJ/jU3wvJfH/TOR548pU5vVfDxh7cCU1Gy+XFOJt+YEF26svQ5PYkCHAQQAQIA +BgUCTJDa3QAKCRAP4+rmMEXWVSw5D/sETYIzgcV+UxPG5Jd0J3fQnLrBiNW8gqZpzapCeNOY +nC6uHOrIV2SmmyTdP52dn4rjNRdnPpHJfr5cRXhamtYm7IivEbO+arSENDnNaGDBidUCofBn +1mrAGsNPbEz0qiK2chWXSds0C5ytoeACOh4R/SR33XQyCB+MbnXpxoAJE2fYRv+1BejKfwLd +8Yo5ooMjlg+NJEPsf3ZjaSEs3H0mIV9SWLzWZjk56L3zN0s53Jv2+E0579NnTLHN/YDppM1T +qgPbVp9pASs0AAv5tP/2YtmMY7PueEDi4qwwQmG7vr0v1PwD6Tdp+E9hhvQ3gS1x0YF4zaYK +sNei1Y5LWO0rxcWvPyApKL3ctS6LHbv9NC6iySBXMsuihwq3ZNj5wsjfrb2joSW/oZIlNRBW +8xRw0bRVtdca0xBbWQJKX1iIb6COYNQazXzWzsVP1WIXKt4g9t/LkPlb3g1NwL9HqHiXuoTB +M8rZfaPZkYZOYydxZAmLvxWqpIFHcueFuU6xCbWcGPu+fQToXINNjDpVE1LuGvaU7ZI7o7P5 +AGzFY+JhebytCSSIn2uLRYifIx/xrGe3RGJKCrJBbopWqiLrVPISRlDUnb+2uXhl3Zbdi1uo +fSC9iAmM8mb8r3eOzFmcJ8aNoqxz5fZyooQ0l0Odnj8XzPQ72z9ism5C9kiEoAHpJ4kCHAQQ +AQIABgUCTOUqeAAKCRDWYVmagKlsSHanEACPejawbKD/QXuo+N1va5BPQnRFHblitFxFQhb8 +HrldxdWsYfFyeLi1MVq1twmoY7F60BTFnSomyRwB9dxHmlFdiYd2n1uhvmaV9Hs0KOxUevJJ +1aBNTvdKTmX7k62Wx7JIpUHNo1axBF5gv1k20Qg8DmmKmvF0jjQaQLrpv4n5dggoFRMfUH9h +8HLFN+aHyuWpO2GCCIiBtuMIxt5yVyq4z/Fr+kySfKCWWoL4qxLQKWUOG+4ZWXT5v9uWkBeo +hyaveafMH44Nnmk21/RR+ONAInN1yMI+pYWMsyKFXTcBC2ZKawKL4Mrs8GjgtJ4TPHUGGyw9 +EeVUH/H1yQSwdbK6ossX1xTisn6OSJDxb+aupF/sQ8uYbZmLlY2y7oQTijHRbs2diR5hFhFY +tN1105826liPioqFvm0yPIOgxRD1wvJ9wf25sdk++pkI92GZcb3iSo/zGg8hW5rBD+dGootu +h6nQz6J1fDVKvnzz/FlJ9OA4YFV6jtM46pnhRHW7Ph+4ciS+Oc7j+MKLJk4Z1rE/j1MPLuRi +5Yzge3Nn0QsooMfUXgI4XwndrBoyP9jkUs8+RHq6qaw2njKCeT0uN9YOaVckSuLrEVlsqQ12 +lHruFF5pOMrkV+wG1bTFk7lDdkG1+Io4RX5aOGcH6zbeUf7uvbb1kyRKybvddSq2eaNKEYkC +HAQQAQIABgUCTOes1gAKCRA2Gffm8mK6rNHND/9oCDrxOcataHeY8baKqo5JXcDRX+XmIsYP ++Tbet0CJqlvMDY1oHytN37A7jEc2gQ07fxkGXU9tEbWJlYzUsvZaWcecvZ3T1SM03PY8NRBY +gDJ1s5ae7HA05O48CLIxASvcIlpIWUdH57CNCsfsu2DcCWnjiyKz+XFFKarNks0rGGhll8oz +OqUvsg90IKOSEdHM8yOzSazHE2/TIOYlSQWrEmXkTsyaE+YcUHa/t2/CUnOGemWeT7MMo952 +BL9LE5JIOBnfdwFbAB8sxurIklzZV+Zewoyrsx9AKslc0ysIWuQ7Si1Igo5BebUASJxSk8FE +/+R0ijIelG99JYFGBcOKrO+KGhVMtYQrNezLMeuy/QMe95szjxJIsBKsppUM4AgKNu4hpZzd +DWfhdxsIKORL3NLjybRo2zFfy3mB2ha59Xj4zqAgWUHewln7b21outV2uRYfsXELpFZHXIah +cUPmzLS99NkGDZRUbmderML5H2Ivh5olB7oL+Sefx1Q6iurkue6dVcPYOHHYY6cKvjtctGAD +UOe2XG7A9uVzflV3ehHGWsOHFgYUf3onanb0F9NCeQyytkbbec/CALQTpfwrMXtd7oPumbvL +5Gn6W6jWjmEE7qJC4Phymm6vE7akxk4t/Ec+m68h4WHTYz7H16nRbz2hwjUa73XgCHnTDJhP +KYkCHAQQAQIABgUCTOes5QAKCRA39NXVa2rxYmTqEACeOSJ58Qfsgj3IT6UiCQhpLW+Usx74 +b9Z9zNJYr/YSee5lfGyv2+ocWQbhGjExnf+4bO8orxtXdf2uizFY45fAQ472ucMN6MUPEP6a +88cmks7UdSk6klCQ2hUMRCbL4MbumIVv6BjQNeEI53HHL9d9JsReGVGPukEnXN1htnm5IXhK +3HVVRmh7xhkKXGsxXCocpSzsLXfYxT+bLVE8atqhgTZxb59AJfY7ej3ODZXHHv1Mr9i1akKx +hyMZ6zpza/TLZRZP+6P45rfUBxuY+Re9ZKYbHfwwyijUuuIin6wFAeomlPRmElDG26LDfQ1t +PMP7cmoeQV1ne8YpSfhLdzQiV47u57hn9O4Q7x/IPQQA3UEU2naEY/+ZvQVGhsFfbOwSwo2a +OuaQQ5Mc8VhdORiJt8h4dCRKZWYY5nZ6xpaQnoZuoBGH1AT8g8GEHeczLXGBsQ6oKd6g5Diu +2LDgIHWLVkLMCSAYKprmMAyB8plpW/rjrgDfcBI9I1uG7ef0HzL6rKKvLF9FiX1k0rAXM6Kz +TtRz3q6R6TbTERuyf/SK4lMVp15eo2/hrZNyMqHg+PUH8QY1fzyoAVZRnm6kC592302h0sy5 +GN3SeVYiVmqou8uSo+2gb+i/QrKzGzk0kL73kHGvvIn/OCr//aZFetrgrZFAn1h0+D72y2dT +RvFOOIkCHAQQAQIABgUCTOetAwAKCRAuNO9thRYmnmgWD/9rEVOJ/yWyVISZyJUCzr9w4l95 +G2C08lhXc8+uIRq+52mlSayIsQBFwJwX93hkSgNp3BVkXotAmY2kc/uGH8OS1Cxy0xCpNhVW +5QWUfgXpLV4C6IDOLxK8mrr9VLXnHhDJ23F26hvViU0/Ln5tKKrGMKV1+xM5j2uEG7hhWM5e +QaHff/noiZlTkNlDnXSicObZtmdAMcQf/Tjz1N/PUAamd2YbqDOj1u/4vinGzyE+3qfC1XI/ +SMtNOLbMZPMzM3wg3OUfpNj/alHtLjfdvihBL38aG4WuVa4SovEOc5pVM94GGjryFAK3gyWE +JUUYz1E3AXAdq093+BUAtJBhgiPB9hchaY5ZfbSfq25IJtugH4GMR0jZYhKjJTwKWYw4t7fg +dkya3EGwPVRcdIfbntVFDeeOWfzDsKcFyR/tjivG+ZKEsWcVhD/tkUihDKFCOA5/dmzpm4FJ +IlW4Ib5jN+iLDEbrpb8BSX0cVDb5SpaJFj3mVG0lxk9Id0CJgnFHYp5KSl66vSeD3ucxJykl +YnBMGGF6p9xw+iwsXmVlSsde6YkYiAxUg1Axki8nE0UtuWPsU3lp7bxjCzQnI+/5XMEd1Udm +V9vTVYyIFTMdF1OuDYfEgKc1Z7buICRr3xSBH2ibRbJqBgXHJkOYwqctam47v/VaQeGlVUpK +kb4Defq4O4kCHAQQAQIABgUCTPA6zQAKCRBxIX0c/q5Wbi8+D/wIVbJY7JIzlPNxiruw2iDx +ErNi6hpwMshF/YWt7mPvVOmoGFBYfmiyEUJgdwWtaOWtQBbXJb4UxnCVEcCVjiZuNeDw7Zcf +XpXEchP4Pv22Chtc+HmxUYIwAJ1I50vudr5EBl0+mhR0U8A+0U0T3mLLnjgHqMOb/UjBGgmn +zuS+zD1wJs6wj2T1R7W42aVjQAK1p0CujVlVOvBljec4XkK4duVLYLSyTCFO60/m5fBwjYOy +IGhf8JkQEu9yzJpEoGeHAFz2PidZFYiHHjR9eu3cX8mV7zuk4vi/ZTcppzae3UEolRbIEf9o +wG+EFVhY1yhJgrN0zHsl3+9piAb+1VTKfZtPN01wtig+F5AD89h28YusSRyU8PqCFVC52Hex +SaE0Ll/50k7UI+agljj/ZhFFU1BuQMwoLKu4gCM1q7W7RADzotkwUscnEja35WfEeePZchJJ +zVmDHzdoW3Qnk7/kq2ZhMrg9u1x9rknVo2yBJqWuASST/DI0txvELQeI5yuhFfM0ixJi/TRj +r4zF6r9jdiFTFQz7rs+WMuCI17zh/4TFdhbdf9KSXhF+anSG0HYqaFjouQaT1q4ejkijoJwR +P5Ujv7kxISkrgJ6NgT4ISO27x4XGJxX4qahvxmMwPlIcaeF2ILIMNEb3OlExkQCT6Rf3aoeM +90pe71kVNl3eXIkCHAQQAQIABgUCTQ1UywAKCRDF0jGh4JNOmOC0EACKm9odCjLN7Nj5srD/ +DKCZh1V+t6dUxAZM2QcOAsPVXndFWSorcXvtJsYIppTGkcZU1rfSZThSuxCMVLKVwanx67em +q1oymAwvz869BJY4h/OCeWEx2wvovnSzsMr/W9DD0Psla1xHAWoyK97Q62cHeSRyu7F7aD1K +wMQB9ToOb00+UZsFu3x2LzJVqqkxWJU6Lpif1lR1iqiKJjPChCRHhydYEVE3/oAKAilhKEhx +1ydmQnK/z7D3KGRoq9Vp0VZhRvgGKb+EVf8nmT/6cU1LFDtswbzdFSzbCNJg3rTT/M5CQM5D +cnBg5GGUucYW/m2cofmv8HFgtWzIvfe9KRgtDrqad3wlhy7VoP3gDmIVhg0pC6Kj5EgxOnA2 +fd86jiY++71BFPVXdJhbwJhVuFzdHypGLau+pOuXu6+nWhReWmJB8JeQAY7nBmg6mQwvfPFB +0ayq0hNhHAkUEqHN3cbatRwE4Y97kJf/QHNXAw5lrRW8BiVUSDiymzgc2r8aSlbJWeFx2hqt +ir43cY3HLFwMR7yf3/P0kzBFYea8h2ANzzlxP7SoBQmaqBY7SwwBdRTIVBHGL5ucCNEd3eiE +um2Ln4o/YvdSLXKbGrNl3hFnz1RuEXVAjo2DbBDywoWtkomvQdGtaFVxgBQq14up+zs3xrct +8UknR8jmQmZ4SrBFnYkCHAQQAQIABgUCTQ50awAKCRCTZPt/6Jb0eCe0EAC5OjNcMaNSFJpB +Ud0gCGbHu/73Ur1jl6FFWuQI2CaElMdXL8QVL8o/6f+UtXg5J1nd+4qRzWg0cvAUa9Rv/xOU +PVcqLytpz/JOwuBEhpYsM7fx/gIiYrHd/wXI26/F77Xrx/XHpX6vtAgBnIVCnY62tXSK5C4q +vPbupG3FbgUWwLIpuij4Mjbp3jjGeJwc49G8c7YVYtVK99ESgYuY2gtCgaFdd38NzRcOZGan +9zKnky5gc6IMxeAzDxqeSqvZBXQRbO6+PMvnlGlD769HHf1hdVpzc7OXZTot7ozL6bCZs00b +DT4FY5VvOCGwhocb0e/ccJn+RIakMstIJtt2uqmMh/nnk3Cz0JRrnYU/vFEGezzVDiJe63GP +byWZVcj8A9jRzN4eulhhLyvHolRdu1I8zbIS6inTHAqPgm8uwywo0l/a/LXQMPXRhQiakdgW +BW5c/TwSvXdGH9c1uu/ZrjaWHPXtShL4GO5Er1mIXtu9rLUyHVgu5D8O3bd0gCqNe+wF28aC +amu9cdRC2tGZ8QnF0Nn2dV/2SO2kFTuRqXD9o31qH4enm2iTTgkF/2O9Uo+UD7wcsmafQPdb +XW/pZxr98I7XSVMXeQAayvxUWwHuOB9ORwegmZPE9GjjE/BYSTpsRa9bcMVayjQcYA+vnFlA +zN/lUvmc1kBa0PuhCScI9IkCHAQQAQIABgUCTTCHpwAKCRBougpH57HcJMfVD/4j/dLTTibi +ZVeHPucXvJ2QS6X/MRUtTeluVm8YSO2IXy9G1ne/eccFCi4lzzuV5ZTSfWg1AIoTdCOaxsas +J/RpKJpaC3LDeh0A3ENeARPPAxCPwaIiacxv5ptrz3cpmckk7/B5QMjZqxro5h6uuTy3qCjm +A8KNf+CXTudr7H318UF/7KJdCY/tXhm4vbTSxusp+c1tubqgXFE4pUBqzZODH3CjnmPRFc1G +/rmwyHeFRy2PKOg46EQALTB/H0SYLXqzUk3DQn99M5JZEi/BJlOFpN61ACfO6I+furX5DMpF +3izS6pW+3ae87TQNF56xCv/UD9vahPiaLr0aFL900txs0AxnwfoPXRjO0vvdjRtNQa3nFLCJ +wZXPR9eevySQGmFuyIGK3AkPpyLwmz2QAnTFxcArn753mdQ/31uhUL+2BCSKVyKAZ7ly8jZU +ZUoQe9bsME0og3iWTNmaPLjBxScPBxXiES9y+SvUL2qCm3tdzKJL0L6g2MPzCUSd+Cl5FKq5 +DGMvJ+QwBss+ef45RHZGblHSblH7vj2GgpC9OxcBE8ZbZnAGcId7+S+jXf9ifzMzbTxkZKc9 +QwspqUZozI/d0fVnCkEcHzUMaGd3AQXbR18FYJlBvtRHSCkBJx4iWJpCWn7ByW6Y4OV39Xuu +wWgpMPG8SDfSa7a3jM8YE3VxSIkCHAQQAQIABgUCTUJuhwAKCRDeP5fn7iJpXHKDD/9WvSnH +wH5VvjVdhU5YET54HfA0JYAeJbZwR6jat8hr4KmsWl/ikOwy69iLDw8XR3wMCKBR5Lg+E83T +EYSQhfJN3xbGBnnzbF/xENCDf3l39isucduyz56OWTTzMXHk05gP4vGYuCARmmUKq78jjBRs +ryYvHna2fnorgyLgBI2BEamvmt5y0aUMJ9o3CZid0oZERXOJzyUD/6vdoL9YrqvLUI4xHkAt +W0+Wk75whL36z6kv7gwnUfXscFVKukY0ZUFAcgDbvXuLFEVOa7VtEVBwE3pmh3tRSppxx8jA +7dXGWNUJtOV3iPYwmPTJfTHEhZ3yPQv8qxoYzPm8dr+59KAdPrbBMlSEzQYIz2LimuoBT4yT +trmfC5fpPfYU7BEkurrzepyVcxiObNY0593/mjpGxrUofWSQBFtW4kZJvR/6SLR+ql3FZQhP +6iTBY1aE94p0O93nXBQULobMBeW+Q20FMfP/kHuQ597IdgSIJklWI+I76DHc94b73vumKJUl +e0zMfI+oPxW0iwfQE3919qNOqgSADLqzrqB9lE4rqw3jlIwop1/lthm9u6k4S1E+N3SwiJY1 +POLxz9kNpQ7XfABsRoYGbEBg+0ek0UOAXos8Gm8waCPovU6DvetVqBQj7wuF87+94fd+UbLV +ZL5L+W0tInaWbym0YhmQhAXWaBSD8IkCHAQQAQIABgUCTVUwogAKCRC880RXMAFtU4NXD/90 +VjGlL6UeAfCcUkVE8XIeY0uhZxWZM0TtnkpxuslIWDqWc/L1t9uyY5U3i7q0uTHubNrQo6gk +4VdbERYcJRN9xBy66lV+qsqZ5pvLktVrW8rFJBJObEuaG51ZAvw5PwL0kDLCaq4QX4AD5dDZ +RStko73azrEFg/QTG8IMeBM+khpmnTHWaIXR08Rp30pQ5ETVzc8Izc/Hyh8UJ86bviKLQ/i7 +A7npdetDcF6rDDWA6qdK3BMDZWQz97FazPFn0T+CkmLQ9pQ1x6xbAeVpVDa2gbA9DRKXAiaa +NeZtA9wFp8oiMkDAS8hPDYka48ARuuY4mIcBGKYDrBfyUOkMwU79CsXBPGUDItS/42ks2GJU +F3lFFCEGxNCtbd8irhXXgo2lb5OoQY1gssn/ejCWW1PyK0sdklbKH5sCC4Yhlj36JSLbUnCd +zHzq9vKhgbfs9eTkfmb/FOv7f4qRQNRhVWG8KcRXo38odgy0LqeSAUktHEFEfk9Wc8EXQ/Nf +1Uq9VgmT8OC9Rv2iv+/PiAixkXLQzGfLbaIFIvlTXpQXURxPN2hbmB6Y2gKVOJ2LyZU/rRDb +q3WM3cz9jHKLeC4apC21eV1xAfmGbM/BcUFo0y0mpLeMoucsVfcR+QBWt1FUiSRtgzLSfDkm +mqWUQwkeIm+UyXqrZtta/XN76FT2ABXy6okCHAQQAQIABgUCTVUw5AAKCRC6dnbW9Cu6oJPD +D/9HHdCYZ0YtpCefOQF1ky2yl2gBucXE16asOe1x97w07319mN5RJEfAHteDDwZ8lJTfMR+m +T5rzUKV9TDPDRW5akD6pP9VfJKl3BNRax1yD7JlbnNI99d52NHL88CCk2H8HO/qh5yGow9K9 +X7zwKpFMI9iMp6ncGhsLbYXfUnDrAT5MhXciKn2m1aGKhBOQQNWkXiU+irzMtsLudUIfafkM +mnBdMr1+fNkkFTe3bLd4+W+Fb2ra2GmNgiJJ7FXMedamO9kWvyfDADZ4RcCrRAPFJ4FmjBoX +PgfcDO8MkEflZUfZWLvOy0yqzDTIYDIs0GctNz8WdqBSDyl4gM5et2jEefV9Ff1Vl69lqjgG +4iYANYmxrjgsapkXZnYMaZM/n1BZjqXkzqjG4iGH1knlDP59f++tTR2nkiCHXlQyUdKoX/rA +cra7HqktfW8FRbv6Lw8Yjqx7a+/7k6U4GdItoVvB8wZL9WUDLZ1St9Lchc6i3C9zHGHof022 +l6eoxMpo/xEVIc59wx549i6jxhX9o1dblP0utV1hnFtqLVJQpsovbL6KvZ47L1tjKBwTmiTp +AdsxM/WPobePNl9iy8EIJR9QgU5IvYXMhzbAttIL7BsokW3/x2dBtqo2eYk5CxVc4ioKhvBC +QkdUj9BaqaZt9LYb6qBFSJxyqTPKRGMhqxflE4kCHAQQAQIABgUCTY/TpgAKCRDsO1uSsBP9 +YHmfEACGUF3hcjoC8tSfFOEg6kaxcLv0M5Rh4OKKEo4mHdQa2rJKXk8jtdlbsxnmOUeFjWx+ +m8j8RsaamO5fVx1bM7gB+9hlcL8uZodxindaNfSZ74Y/3QbwHAHF9TFECgfORycGdg24LNDr +n+SkhHOqVa3J8A70vuw4Z9nRvjZFU82suJF/IuJH+8HoFxJlcD5dz+yhpG5Q2MQ6rjPBmaUr +wVduTPzX9OTtsf5tKjdXJYPic8KT/iY2Blki1O9qhGCMiCZ5aHkuUFr+oNa0eJKeMfqbW9Ha +nGI9RL1UX+DC3xBnTCJwtbjXcTeAGeurGbi8iZsEGRduSWE4dX+0VqXqs/dy8986x08b30df +A4goHATBYQzzR5yxfNEyfBp8inHX8ZmHLOM7JAvN0PWj30ZGX5YGMId0bgqQmrTm4VONOpK+ +RNIFBIc6IEfn71EohuOuUujSJ12f1JCPsxdkMEEs3Juu9jsDm1KN8x1JK2Ubomvf9fgUleJP +HezLStylN3KzLJQc4Q2WBSm3B56QDDpPMifqJcfdRZI/HHkpBF1F0GcN+VfAyQ+XSBtu42Lz +pEF/HJa4H4Ow4wsAy00K+lCn4PbCP3zCYJpTOfyf7+CQYI0BH/4JYOOSwf1hpACUMl0ANXWz +uO1cN55EBSodlSxcTJUzf1p+1nB7D7O/lb+O7FrcZokCHAQQAQIABgUCTeMlRwAKCRC79Wdr +Fd38WF4REACQ3XUa0kZ7HcMslAGOZc2f8LV3vSn2o0o8qTwSc/xsNhdzTi2d7FkUoTk7djC8 +vjtOYbXHZEpKS7MkK0nj+Spkf/PZJbqwqc4HlkrWSKYguz/2bJ5VpgRQW2ufq8D0kfuWgxZN +j8RU+ZQGOKIw/RIcQd/FCishV+Cdi0/xEOJJO718B/5pALyuaBu3K0KfabRxdaz8LFzK2lWp +n48UP4qDTS1g92LKvb7XaR9e+Ycj2Esg07B5nkugGYcGKUf60+Knl+Q9M4KeShmzi2xYiSJB ++tFXHa/3tEIcHqRP0C+1rOoVkxyf9XsUfDGGVaEmjaAKBJBzAX4F/vS6VZd3BE/DhZbtcKTh +FYI4DiZt5Mmu4I9Mq7d2hWJjGkWQ3g6KBbwpVUutlQ18YoYH1ZsiEva896MgIv+VG7a/2OoO +joHg5/UgZBokthS/2XAWgGbe/OcB6NKCcLEqW7/7H90ndTtscLUX/zF3YHCIZwm4xtJ+hxGu +jzBacLIFwiIXvaRpQrfn5NEOGEb0IFpIEKMAXV6BK81js7ujMj376er9eMJYnNp6fau30Kdl +WCi26cldZPJ3zeY1s1kmPmAkiyWo1w07T54GU6G7sJEAyksFp0bhAwTN+dhfdjTPwcoA+XnL +GqxrBLOT2ZSaUtGLA7hxqNg0bb+xQISnu+QyAEaSmp757YkCHAQQAQIABgUCTf6qzAAKCRAY +uG+OyFz9vyOyD/wJ178q/WzhAtCUs7I0UESH6KJPe9fItvP9kjHTVnQqqy1GEI9KYyntQiiQ +3kOjc4CxUDu6P/5gTiw7e8/Wo1Vp5KDxTfSPfblJO+R70z0G0QHviQvA2Vcz6h+28rx+UQ7B +hfQKTYchyD5BwKyIHdOwA3unQ9IPIWCr7JcXp7NXOKElTC+G8ploEMdRBekb56L4HqJJ/yp7 +eqCQ2maDed1P7ac5HOBl2ojWl1t/bj5X2SKWT3k77o4a1MOF6Qi5rViVB/XCP1VtDa/Ronfx +WG6k+6jojVVPOKbKWqDAvhaieMToD50Nv95FAKu4RgXCoRw4rNowZRR4sCdyLB2dMf7+fXBY +PJc7ih2R4BbgZeyNwtyu4gXN1zE4KmBdd3+fzY3kJFNpBZe5zbGwHpNqx4hoaNSuhe0ECF+y +g8+68eHgISjGn87JIzZUVPGGHnPIWcK4Qz32ruZdnkZUzsHa0cZxXmrjIv5PYUmEKAVWH4Z1 +Aopb0EFRJnfuizPnmf4cG1IB2snG97gywRCdkb8c2Kkf04X/uyuFKv0UP3j/Kb1GEBhCK3QG +jbXPoZiEc66aK5nZN+RV0oK7tM1PQRpANp+u/hfnXXQ3uSK/XFrrThrr9PfCvmRJAb0OXRCO +F7r5TWm6QnwuC54hd+aL1Jq2YZZJrNiQ3eI1SScepetI/zts84kCHAQQAQIABgUCTiBMVAAK +CRDGtSm6kRYhjL75EACJRnalvz8Ei9nAj4N4p6avTHQdTT2QZJDJMnGJi/5OqGCnz2qy3flq +tFbFD1Nqkv/k3QxfeeQt4tlYCgGLAOnfTzZ6Ecei4bdKzlA9gieCg+ctQ0KpJQCx3BbB1Qwf +uhRHjAr0RWjxqrMMjiZDRxrpkcq7SyZ5JWOn43E51D3M3bzy9oKGC1XOD/ZCVUgPhg+jcX/n +A5VcAC3v/UrhwgIo2aDgy+Icr0+7nvpM/d1emSp8+vMvZ8IR24yX/4KXgFQjLq0pS0ABFmlW +r5Axb9J77JBTrPb6Bz25fi5XWISzR9Rd26ycjWxPo+/tSh8BjxgvV/IBAkX1kMDvCvga5Hdz +7Anv6Vgej+QXhRtNFsv9kd4mT9dipJ/3OmYYW0s5/xXS3+N4xV2doBMkDZPZ6weLBAJyVAd7 +0vfRx+/wL7r5r0qYRVWo5DNpayyQUfSwXsIIY+xC5lG3HcoF9WRRMneoIWEJpsM+rvVjdkgF +27ep5IlsXQCAm0k63b47lHFCNdH+IKjb6tnFa8lDxPZkKaon9WA93BN1reeaa9/Jkj0+j9Ux +lffYCAuWfJGG/UbXVdujJ7vetb1ypQezK5AViypekS9cMhN2ZHJ/YjIQxDabdB0tjibG6AML +l4aPnq+sYLVfuvAerjmIYuAUXp/h2nOt9YFVgxik2PrM63B8/lKRI4kCHAQQAQIABgUCTlZd +DAAKCRCFnDptopMh13j2D/9Hbfg76oYapsZ8qwVA+9d+KdVQ6+Kyxxv2uJycgvRvzzWOEGPm +5hHzlV8zGOTiJyxlgGC+6QA52XuKeVaLWS0A4Rl0J3I8xQG8UjDLjShwOl8mM2fiGDC5Q7Oz +eEWKo4lLDFgAc8RUyJNWsEbAR+bFUdG1WtKgertf4l0JTLXZCxcI7r7vqQY52gtYov8Tb68Q +1hO/V0oGi2QPSaWs2wqEuOPMd1Z7A9hQMleW5flu9E9NR358/HGdZbMfNfl3cMpAy0pQOpQR +qKd2Ph8V0W5ifu1fXXyif18CzWcPHyEeOaE/WRgAL7DZmdTIog6BFpZbENJp6er5/na6awZJ +MMD8eeOq0ZD9vWEey1kKV4S0mrCcJX+XwmW7f40fIfyvNx8vZgUVvU05vx/FNmLl0eDq32A1 +Od8tr1WgenrTxfQDlUtyR/eghL/5w1G6HgNXzjH8rVANTJaG59OI8P5ZbVujbqpNxmIvmg56 +TW7oX1ucTUkCAv2kRdMJNtbkY7W4zpVoeqG/3S9tE97tYcZGwGfWGyVct1I7VAAtfYmRmPws +C4D/l7hLo7C2T8edurBhbpM3S7tD3mrUCEhVExXryyKSg+MIk5E3ljTM3ZE0sLtGqA7dVlGE +MtSgtu3BbXqnKXFSUGaXizVkzK2RUl8eIwmljqE42cA1cw2v13sfJ5i1tIkCHAQQAQIABgUC +TqwEoQAKCRDcaQ1XhbtIj2ylEACAvwMnWq2QQht6dYreFyarsTFK/dwVk1+hjpMHxI3w2MHD +9pOxvg+wI2uycDr7HPJ3FJz3E/k2YscwrGmfe5a7Ec0DRgi+TStfzTyytjTOrD2I9dSK3Oh1 +nwkbi3BbemCBe1gy+tMkLGEQcDmSXUdJwhRPKA8PvSHf/f1kwMCnGyFSJbmKysAJHjPDcFdF +6dOXKJzaoI1qJsgk9Xih7MPQGl9vx0e7lkB81ofUzEpD/5jAERtDojNP/Gm3qnrZqdou4Tqn +LHMR/k0ssU/o4KGHq7IM51nu6ODtMQNKG7VwLToSepMeOMts/0BWpr7w5H9TO8peqkM/S6Qo +bv2hvkn9iJJuIFmzH96aEKZlzKE6ZHuHYDR2sj7d6mjy6I+7WG1G757ifXjkBbX2TbQ0D4fW +gjHnzsgFrydJXSnubectyleG1BLJAWBrQrDRgSea+kfw5TjaYa0A3nx3AALGsTavWMvUTART +J5kOw53tLKm7mgr7NCjeTYLiTsGGNoPFWV//eXG6PjV6uYv5nYRnLcYTbqSz0o2pWxcqkWUf +3cjBuMjHbspvJvlFw3WZIHhlF/epqwxCakF6GsJd45OY+Wu+YJsKa9tz+eVoIQpqOCdcazv8 +XGbQSd7eV+qduIwB5xuf9/r1NQpd3/Eedqs+FL2QMNCNgv/LDB0TCm1OlEy6JokCHAQQAQIA +BgUCTsB/ngAKCRCQFB7i2ry4k7urEACIPOyJZcJluM2Qw7PmOM+lMmfSR5e777uXdvv16/xb +ifYKjen6izhphnMUY7oBPC/1K618UVAmOzy3JtyJ3FEkFrMwMQdsYMzUll/MN+KCIMwa8iO2 +TPF3b9vpFIn+sISl1nflCwOlW3tO9jEJDCrueo8v8SFGvoGfjb/0tcs6Q5Sz/JL6G2yKWLXm +Jg4bzHpbOd/CSWqkc5U9WUVhJ07javisjqBYPNy1j2n0AfWtPzH1Ha74jK5io9xNJfdCqxpq +TtSEo5+wV6b7B/0i4LjdMico6O5gTiHT3J3UclRVie6pQ25vjU+QjDUf7JO57j5fK9DF0phO +MPEYuKqfA4GvaqoJBBV7neS5uNtWtzEQOHGsZYMP1Te+GPDOG5CDslHT+JfSKEPm/Nd7fgrC +P9fzSz8sslg3pI5znzKGSJoF1qUws0W56Yt4KPEI7vUAYF8C/9EfM+/2PnzAxqyVHG0PWtqP +27RCbee6nFXBL95G0kw4bFzI4Zhe36OuZK5kxKKlOOiDgTjH3T9gNqpAdiyVBlRoaQxkrWJI +Tn+gAERUFnn3lI5P4azjad9Ld3jfSsnjlc8unQnRmw2qymKsZ0aHpi0ssJuj5fWjXqsHzPlp +qqTJG9qTHgVK4icHpDoj7Qo5xA/DBsD2k2ouf6fqx02cgWFz/xdSS90q3oBaG+xKgYkCHAQQ +AQIABgUCTs7VXQAKCRAE7wIvDBi5zATCEACTpufKpJAbchpP4UsSB4WNRss9rBYoAqAPknJ3 +fP3J7AEAOFXRWETnFfWbSqO2PG0gj6FtkSg1H5X2kP/qsnjfEjjRfp+tAYyH8umRqbZijk0L +3JUvf1lxfL4cSTTpKeBxP1CUqfdgRTQyOnXIrvcNy+CCo3N6ZpLmz9nzsvkSRauItGWOtENf +jxpI0oL+sbepnI5zqBhhvaaAZ9Bd1ZxWwN4F+W1Quae/9wOHI1YFGE33sRd89KaLpa2sNKaK +HvXphS0K2TwHWt0rE5+5xhIk70Q14bNW5YXHQ3eeN+5+NplL0J9K5jQhP2skg0RHdlmHIvTD +LRatqK4Y5EjEPMP1wSLliIo7+vsaSIDMpSEi9JGiieALhqTDOACE4/9UXf8zUiUzxiOqq3BG +gsZIxIWQbVd0KX87oXc7q1KViQnFeBtkfgExtr1RY3U1qP9VTOk6l0KrkXBKnzrfFQ1NeMVh +kxloQA2jQb/Q/mFH9lrmv1mTNDLSVPrbo8eWeUsMx7L8fJlqP8yw0BpjAMUv66LUTsa47ZD4 +pe1alRt+AJ/kNnnPW99JFsemuGr0uSNx2TRB4TSczkPqnl4FLoIrIv67SgekK3/3TaFNxYOO +TAZ6TLvfQKFmnlkqZtee9a2oMsavPDDSTD2Ze3QgK+bGrGVND6hiocetM+UuRN5E900sfIkC +HAQQAQIABgUCTs9XkAAKCRAMm5uLP24UILq0D/wIAayhxHzgqjFvbfafsJM/ms4wLwUJh2PN +3ukgTWfe2i2/yoCXuhXoPEHYcXxeqaB49uFVLhda/k4MKcoipjo1GLNMfZ2Atb14l3ecdQIK +e2oGc0MCiopprohpNgBYwDcfJsQi+rPFDvDzDHOz8FwQ4ywVgWJVliAmdqevF9miWpd0dRbu +jIX4owO0QDNVSVZ4z48ldlybAYOrFItdcDNx4o95Gpxh6F65U3laKSSDY4jkzeCvcYXJhLkL +lpPiO7/e20eqCyH58C3IL1m/67yZ8v6bhtahMMuyad6VHQsXN6kr5OmTM7iDHKCge46bWRDK +9x6jSwSzsEI1XfuafmToy4+gzRdK4IqMohY2198cy+Ny6c86fB8X45GDs+RDFj9bf3bImc3M +6UAtA46S3XElPiRPNhaVoZa7vA0nclmDEFpelRs8zhmfO4dB30hrG6SIx8BFuFcY6FQEmq60 +/gzCz4L3a3LP3V7hXHDrW6/Wjz8Uy7OSmMlfcPMSMDYvDkL84EVeQhOOb1mZrROzjJ1QHpEB +bWLJ7mh3hhI+lFIHpcEII+FLxqQYn8ygekCsZu8bIirSKE/IRYmXpvsGc1U/YFS9/QFabN7O +lkeYMlUOuXQ2K3Z/uEHNV3MgGiRUERzmeMe2dR+T0+4jTBK3MW5tX/9YAKPLAJrgDPVrItfx +X4kCHAQQAQIABgUCT4LjPAAKCRBkmO6VkbEf6PPQD/98cFsYdcllkZq45IQ4YgyfLBjOSKD4 +/DPdzazledHBapHwjPnIGCipzsE22N/JbJMY69i/bln/AYzS2hZXYgwbEQ39zd+HdX3IlXY7 +xvckelJ7NE6c8zZaCnkN7Ng7J3zekxa7/6GTpKX3WJBABrn3wmBzLu0fIgIajms5inUUiOCQ +vWwgtyO9NUURzZu/+PrJ1c8hcXjtjPPxvc9M71z+i3nAfLlVUJnJYVZvH0LUzm5S6ilLhrPv +90Qu07yIlGMF7D0ZwZPT/2OO+0qSIp6GCvKxFApq8GIfdffnJFo+XcyG/0VjG3n1tge+DrYN +vR1mYuFOXCRQlTvxEJBc5yJErfETLAY2jgdxnrw6XrANWq5n2FJhoHWnqwAsia6/YbvvrgNt +DPZI4z8M1Mikd/ynJfEfT56RPvOz2E1C6Fbj2ukxvVlfB08cqBb7DK1ECpW4Fhpm2GJKLvaX +zPm0Rny+nj83h0OTvVvksR27sOLkw+GJQMV9iX3O6OkVNmm+OJQ5kxJL/NqfCqiSkGg3ME5c +ACtCGR56H1deGyCTNr6lUch5lq+N6STuWifRtQuL9jSFjvRR2u5mPTJVP1nFoxdqjaHN4cDs +WifZ7x41oRUJLj8F41vypcnW7/4rFJKB30e1bMVBgnMasDJBnnUW+j2URU0Qe5Ff2lvQCLcU +MPNfn4kCHAQQAQIABgUCT6AKWwAKCRC7NqAoAHiN1HDsD/4jUr7kiBAdjViK1IRStoghmkhO +3JJZ24Gzi4OURjJg4XZXHINVVQa905KoA6kiicxfy6CF3BncLtHwm54ZS9ZBFAeNTHOYGGae +3LB/hKcJvC8LUh4TP/KhTRHtvE7osbe7LSclIztZPhsxCSb1VEZ3SSA8TLGvREXBVz0HuO/v +9QptgI2QYEtkiStFriT2VUgHFGFA+BYIwG+hvH89dgvRzfT7HLdOJ+9QxuWj+Hb5EAo6VEMH +O+anmvNlMr+R9mqxdobXd3Sh4I8Q1xVpHQFSXsCpH0IBA3iqYFIh+dbMTj+HDMfiWq4Q9fbZ +rHu7nE33HztSpGjWFNUFkJPrxmJS/pd1zNip/fAbrMz/ls63zwocXXEw2KQsRyb/oNH3ULv2 +WqJL4PsC3i4rnB4ITbNyCI5j4FuWgm9S2BnVWDEW9fWtjx0XiX/fAHzBH/1WrYI5mfOYuU+s +t0Gl2x2ja5G4EE3Z5ojl1RaXUxswoFR5/axWj1r/+7DIOk91svJ0Bppknh6C5ZTGCsr9CFep +iKN4TU6C0ohCK3zjCRKoyNG5PG7IKLLAeTrCWBB+xnIq8jad2osfdIWs9hBZE6tIxu7qqX2S +bzu8uRe/Bx5ArjXfh1tcwrlD8jfUPS7u+7E3o2kF39FkYEVt3SbgIeCBS/3g+uDyEBFpubyY +gGCgdE63pIkCHAQQAQIABgUCT7fLdwAKCRBixKdRBOlYNudED/9tM6N4qQG8OewLyQz+ExND +D8p0wOrHxIgEs0qUI+rx/j+SXYIpDk/PqXIM5ofET6pbTOW/Wlu2BH17TchHBkWLBNtl6wQM +Krk49j1zkSQs8kwztj2ASvCGqs02vz2JGMt8aaLeOJYZBvbSdD6YP5/ad2C7RvlajLKPgAO7 +rhipp448W9ssCLlNDKO0FDF5SZCrrS8fpd5dhl//1UszoLHhiynJykZX2QXCfO9dFTPoh2fS ++sDuvaiP19B6l7SDUnZypbhTnJ893kMFlw3TsU3A0D9gNFrMPOeufRq+OP8sqQTNzoE+CZ/0 ++rNZAgnUtKT8nmU6cJpe5o6YQ8HJS4f1JXXGlK3Tw5vvx3A6jtCTeZzkT3tf3DZmoiB1OFu/ +ewqz4tJdFaz9Jn7Vu93X0XZdeztX9+XEJXiW12JiQDGLlhTYDVGuhWW8VZfm7lVDPyk12nDL +qI3ix5J2EdC83G+IjsARGf7y4v4qXI06WPSFWMHkgenKOyr0RqIu9A9+ffLeXuBHVkEomCk7 +NvrxotGmFNiRxLinSPjTveyqWhuBW0pUtH8CqyGe2bEjqyWj8HZiAWF/g+brAecRHmPq0yr4 +YBUbHz3bTu6msZ0VyHq+g+MsO+JkocAmXTnsWmOltmvqozuDVXDLzxwEoCCHCrMCDGEUAXmv +bhlzFiDugyDKXYkCHAQQAQIABgUCT81HhAAKCRBV4tQRB5YuAir4EACWJBCyWNutLCZmBMLZ +Q1FIx8Cpx11uTfeXJuK6RRAKtDmgS4Ow7QJTws1PAkAa0i59mNYWmwaTa68Uohw9b23ZWCWv +BPmLZXi2UcSIa+sQxEfssXeREoZ8iALQBO69YGytV6a2u/3Wy5lv8Tukz4fyBB1SDQoMAn0K +K+KKbDr0ngPIcDxVUjeTm01hYqpBiAAtiFBaXPt99u/A64tCNnMcGO+llz9dsSrThSzNYAir +QJAoplQQDneCo9uALq1eDvz+MY5ZLqwypYoR9QbxjtZivHR5sCRnawLXbzJytmtxf2uzQajP +tDCzxkhsQEyMLuy9nT5hVcqZo5Un+H2LecCCYQOeelT2IRmnOmBYL9ckoapiTZf/Qb9is/J2 +j6VSaH27/RqdVSK0mMSfxMj5kdGrncU4ol9bYzwitSSaABNi0Y3afX5NEmw7rAQbR0HiuQCN +m4QAfbUqrqBY+kCn01ZBqLHZXQi5I4RfeWU3UprGVoOjuRUE5RtviGhwJuOp5RsVojTa8vD7 +aMXhVaj89VwplgLzIVtLtVhZUKPfI1ha/ggwVvDz96mYPIxcI0yU19KXlPkiSeGY4TgIWgbr +D12x02OtHZe45s8gV+r6z8K7CymBpe/DyFaoso4FM6fCKz4e6bw6pAt93/5xLbfbk8lOWIP5 +VjMi3uCra4byuncauokCHAQQAQIABgUCUCXsAQAKCRBNtTz+gqRnKIm5EACKWpQyzJn1x4pM +EiDBW4EOhlh4ZV+tA+DPlCIAiPmHQCTbpqpIQnENU32LpdIARr0hG7V5Qjg4Ml8C6wYBcr4l +nFkIdlNIXuIvmE5rHN4OioWUw/CzUSlT6Pr/jVmDjhBLeNYXGQ6Sl1Zz2Lfj0e2ZBn90V79e +ON6/nkYjafg9k6UA2J8wHnTYPU3Xq3sXZu4a4pfOabvYKDmZ9DM9DXmau3rsoxUvEkkM+/4N +lAVetBKdIhPmQgx0L8V1l++GbsA/BaaTGUcEb7dL6Jza3gLn52Ajh7YkBPEdcntfURtXQ6mE +IPzid7TrfpcnemXGILM28mZlep9etFpdmws3MOAUdJPNTgfdF/TmoytDHv5Osxg2HQKOdcIG +NjlxjtD2NUwJSFRPG8zFGijfftGBTmg54MhFJIH8gAYUwWKpdc3TTb0C+m3qcAxm6SbTpU7V +zQLtzZhTeVpXMAitN3nyewjy/oCZxlLYFilxXWAd16rf2XdgwagWG0HcKEcu+ENsRkcc3qYa +AhxrWBuwjOQNUaNHJDHMTIhhd6micAtBW8VYQjpCvNwiZqm2PriVZGON6kjLok3ynFUilv37 +3E88lS0mWqz+oSyvhsl97ZL9S6YJGHXHAYxcf5ONMb984udzY+fPsA7UO5T3cvKqlI1rQWnj +wW0J2zqSmIjmlGxPG04ltIkCHAQQAQIABgUCUCqKogAKCRAu6g2Zz1YtSMqfD/4rANWWFw+Q +6257A3UHSIG49lQEgQXNng+WUWF2/NaPy6Gvw0mcAcFsve6rTy+ItatV6cvnCqMYRP4wpVPO +nZ82x/EB2h6S9out7jyysdsq5SqcoSMzXiegeNOkLLCjjTdxuP4SoZDHI7hESaeUYcM2l/Ls +kuqFMwerUHpI/NObX8JL15rsbiz8M3AGVxe49GCk844tD1eToz7dil5gC0XmZ96iQfiVzr3o +mJDiKVp7NeS5ea1Ph3p1ix2jzHve4Fl2fEIQ+c28lGupJSp8DFpD6N4e/10YSmiVVAVYr2aj +epqWf0iy1vPbnu5ZbrV+LAl/VDguDn9h3zOqvfclblo+QY4IgMZzTr6V203JWXHLXmUaHGSI +kdAWg/+274tU68t0/+9+HmjcPRtd42nY6CrnZEQDVnRnpOtPdVxapxxy/mgb3PiwZVWYF0yx +siBZa3UBIxZXDXuvM8sSvPhPUbvmFpuer82m2EyvpCqfuso9uZN8854kWoVxbITJI/DaxCXB +An5B2cXvHB4jw4fAGaHq1wkQeIfFk+iop7q7OucAKM6/Mbi0dxvHK2OGLqXlviWVquliu1MU +1dUvMqpLMB54L8zCRiniqUfv4RPGl0W62n3/FxY1NFX2R+eT8EaTMj72raJN8NZox/m/wL9o +dIzBkRWEcmIooF18tQ9yTiJe94kCHAQQAQIABgUCUD/BpAAKCRBYweiR8NgoitWeD/9Ue7Tt +CNLlJcvul/NRWFQGH7JmSbIqVygbtL96vh1+JIB+pVMobO/q/V1uGO+ZgHFNHJjSV5IxPYi6 +TtXL3fEQDKmtza3f9Ogit8NhbqLnoPjdQ6278PjWPUyQ4t+rgFPly29Thkbnkvauk1yxQXZ7 +FlcuP8USj/rDZepr2hvZI3MoTA2p59IAEzsHwu3GlUo0OzwQttVibWYEXRqjP5SoQVGhENPo +829Mlxm3jjwiv+9w2Strmjvy60cpE7N0tQNh2lwM/1nhGZ/5vl6xjeDzufEgUgBhIhI5BDGz +W2d8TCrkb/nA++BctNDJRxP5hrFmFAS+3Osb1IEcyRhpO3WlPt7GlqXAYpDgeMTlI7mfSTG0 +W9BMhOjFscEBKzd288uzv7rbC7ss7D9KiVVp7exIyKegb3tNylfnT000ChMIMJFa8OOA4TQF +MAGqm4tzQDu02gE05AIh5DTNSs/h5QUlKBVAOnuqCsu3fBeL7CWenAmK+bnH9GKiIclXWOiO +d5dH4yEG/K4I4qCB054yRXV3084zdf6ZvEBabpZ4ZzgAL9xjgtajoTj7g7hlFwCkLQwIa/yh ++EkRlsHg/APHF7PZizHqEE36aJ3z3F+3gw29KH+G7GwyFIavk4YJrF+WsP9Cdvbw2rG9ZJVs +0LkJLF7OAMobpKUrWS+XalzS/gRNKIkCHAQQAQIABgUCUD/CMwAKCRD94qPLgAzfxjrLD/wK +dTb2QNMbZxKg34iDpKcc+h6/74XI8cHTsK+zfzsX6IklxA6ceVqPSoW5lObNKB9+wDC2AGit +ZE1niHT35UHwTBWRqhNOOeMY+q7ICCB6tm+SoQgr9tw3FNdDK4Lk09CHmEuKAINfEFuQnOAp +wHlp6jjhnNSabVWwRWlV7w8G2CZ8xbfmLWO6FZciaI0TaMiTYuhT8dD38L9mpspVOQ85uygE +wA2992qx2D5rz7eBwRT/aYTk0Sfb74LNsJ+zJsf19vh2TdS+MkcUp1Wu3eSXw9kA1Mf2zvSX +W1JYgkABkr/uSOzjqXjUV/CbGYCEnewEFYA7gZu2Ye8pvXzA0qFk1wGOFl1VZoJ4pXnawrGa +tTri8c8H+rxSQAlCbq56NURdVPuzqhJF0IZKzkF2R/XVES7we26SySaY/RAmFQb0QW1PQMGq +dp0U4wQR8UIPgODORCpHXyRYbiizq5bo2eas+YCYTAecvXT69c4SJM1sy2XZyMU3byMrfvCk +gaoZs7l2DQpHqYMmRUe4a9ILPkpIMB+xZMDsq1AthpsnLpEHSf5dw1sdzw/I4A9BM5fcpgr2 +BYQBVXhekqBW9bxTToj5SgtVR051RUW5HRJwbtOWOTXQvlb1p9OvY3hnIwjcBvrTYc7v2y+Q +BVUn+7U6+R+8+C2yV6NODKVcR6F4JKJug4kCHAQQAQIABgUCUFmD8QAKCRDr0RS4I0FR4a2D +D/4zEKstJrt98EDxKmCVQE66nKr8cesCbYLMPwxkhXT7STY94LtnKO2Hlp0V74pjPoA2INjk +0+ts5Jk70pULTOBfFMfjDkYfL40/Xdvs97tcZshTzN7FvOQX3mhN5KNz35y7ru9ILDANEAQH +qTDpRsQ/UMx2hFr/q0J3lBk7wYWjpFgq1MldEAfHcJSBcu7txrwdF6cRckAq62py9iSzt2Gd +LzGujx9ekNhGpLen4nmEruTBt+s4v2dy69eZjfRhIwdJpXtlIaA5i1ogMhjqwAEmjpBq0w54 +4ZQzjVBAJ9GbZgrgGXh+xmVenDIGNhxI/lpgU4JGawc5DPyxjWYzLcuEMQ9kEa5fgj38ko+k ++anNv26t4QeZTDHA52Xrl4l+wglO8MhGLaCNSgwOmaquRJjErWzWDTuj6ScBJ9GFZMaTB3y5 +6c9yBhsZRz95YTruZerp228azKtkqTPVgYFTY+mg7mwcsp1vATIr6eHKqeosNEoseUIil/NK +nL25sI8qs80IvlermlfJa3NZAMZlUTkBSOUPBMXfJEagSHNVWaHKZK1sgSElIhFwjwlXPZ2a +50GZdVskBtI2wnCRGhJY5u2LpdMpR71SudZY1dkb55kn/hJcdvtFsTmk6Z2pt0RYvD43m+Jk +5z6MFKxTQNm9ht+0KVILMOkzvdMgL8/MyRXGI4kCHAQQAQIABgUCUHge7gAKCRAsdgqbdk2a +bO66EAC8hO4UoENXQSqUZUg1hmIiF6FGKDAGpflWR1pgC532WK3hgGHiiGHXdegqhgtTJzhW +wqg2h8mJAlMmUJMuB7bIUAEHv7ym0rWW3bJf6Ch5BrXXhdDDukxK8dodG5nZkVn6wgrup3Jk +X21HckRQr4QrKuU1IpmBdAVY+/dgosJBhxKkJjzJG6RWb46icN3DI5sy3uLxiP6UfxI/sr2A +AiOkN+38nruCj+5BEKUzRYKItXO/a1eCtEu8AYcNst/VIiQ2XXyLdhPpM7Hh39mBBx5imgHA +yhUwkCtycWJL4Zd9ZKNzAMVM3S2obtJt7ZkTTUDQCPu/1/ZaTeG2KpXtLMEw+pX+QwOqsmXl +ibh165XppXNZUNLYoxDx0or4hjIjxu30ZcVHWfGk+rBgB0ELEjU62wBPD04ngW52ejRsxf4H +zHNgIZKSv0ycjWOXu3e7sSWtUOB3MfGKDAMNQqX3R9vHDLy8tkoHmBs/PfGV+iCJ/FW3K6Wg +f1lsjVNBdhB9yd9wae/6jiyS7gSBR7qSgVDF/cta1b0pDGijK82CNXdFyitV8KH2DjJRL0Gm +H67yFIWd32fbxNLPJ4IVi39dMGYUlXg4JNOhWhquU4DT4LiNkegE2Fu2jWCUEzgp1EUxrZhU +x0gthLyzxZBhMKQTGiRAfc3qVfJycEiNa8VPOwLt/4kCHAQQAQIABgUCUIqZlwAKCRC8pbsQ +KCJa82KgD/9uXkadirGlVt3tns4jR3UHjSG+Bh7id4pTcOvYAcfrEaU8UecXNYV7Decc3Tkx +N8qmhOguhpEzm8MbV9Y0xEQUBAK/w0qAgHCxm73Oe7sPicIpznzbQJJUI0+H7J/aY7lL+E36 +eSxtKaoYgW9w5MN0lYL/T9JbkKkZeDT5GK2aUCPXEzvPI44GrPRBrwk6W2SN6C2WUPGkfzAI +VorxjdBpc1RLlN6V471Xn0lsJEg/nLM9yYbe0/QZtnPrh7gJdle02pq8Na4sj5CwecqnWcwl +/NvpoND6Z9Gi8LYHBvMVJeWzpPjdzdm9r1tH55UfLPKfHD0nMaofQ9TogMOwkJgIhvQdiaft +vwwFKm0NyGObK9Pww5pjc8mm5EVr0IThhnYyq4TFyr2pIjBctnWOLHGzgb/GcpXTRm7ysQ4z +Un6XK06lMkiEjILsGcDYfOl88QVd/sxwPBQtTwMfpM4YcPfKxZAmGEyhVI3SoniWm1My4cMQ +GJJEM7gd+4R9JaRvLq/jE1vFvcItxgxagjA6xZiC+VmXD/bfYBzKniC2JOx/LtI6tcjhSRLy +G74ztu88fICqwRKD2++z5dy+jEJ/hfxUAUlhIKKTMIMaZpr3LbQaIFg+mqDEONcRRItNlSaQ +FRqakNFulzZqLcN5VnxtAyuyfFgQkqMgRO/xRTRa8bzTwIkCHAQQAQIABgUCUJzjAQAKCRD1 +fE3RpH1Rt/ERD/9pPimOpx3OB47NXmjZiOtO9AAzRWc/G0j7/a5UhcZXtoztUoUHt/3nz11m +UPWEvYizKO4Ew/bF8WcRulxCuLgN+dyNg0737Z+O2ZNkULXNZzcJxvWa9gKKdUFsfvxi2DH1 +pg4Tq/kmnUMwFy1Wf7JDtri4sQZS+Nr3ay1ncp4dtmF1SKQ51QA591BEGcc5YBR/e2eSXHS0 +qC8II4WFwFdLE1Y+AlyLTcErPmUlfHcgFEdFzBnhBAwbCT3HgJQYn0pEsN5/gvb2TjNDNkVA +0mJWb41m47BL7yqU6K6viJ/N+KwC1H/mOaXh7abb5MBxK1CRtspiqMducqOHX63Nsu6SqZxS +xWTyohLnHEehUrk1sM+hI8speRII7+te8lkK6VeVFsoan1K7ltZ3GGbPcEtqxKn00/R30wVY +OsfyrpXgEVP5WvI4hwOe8q0D9FYRisPEHVW4i6FAjBxXrFTINOX0X0kMOVX7izqbFDYfQygE +4YDgdZAwSriit2TtflROQ3dnBE7S4TjdxtslR713EZ814U1h8z4MYYpI1met8OEEoEzA9kXh +wFUNM3LVhv7Nh42ZVqGEiVdm42fwP/TNtKTQ/59oaGknKSqkFLW7684+43mTWwuRMjRV7lnV ++KhZDJDm0VpTWaDxYPGa3SQ0A2tHJatFY+aRyLsCIhl505n694kCHAQQAQIABgUCUKnizAAK +CRA+1+PYOo5DNpN4D/4qDs6WpzfBeSbBN6WQr1NE6LitdWMXJYj2w/g9fikCGB/L+kgx/Y8u +fH4XQkT/wGKX6DsldfHMcfaiLuulWbAN6VZLgXpC3qWgU7GuZyLn9i/mijwVjfxKjy/fIrK2 +22h3S1RuyAzvTdo3T/uHhw5JHFYjCh4bLfQE5fLLyYQFtccyzuARijn02/jRXrfHhRvA2mg5 +ECYQI8QJiXXpr0H9t+bgnVTEA9MswLIXfZg8pLV+Cb795zxHnEP4/5KTqEMas3p49XcpR2SU +Zn8mkx/uYmNLuzNVLxNC9YqHqnrsh4I5k5dx7hFD2+86rSKbL+icnHfw4lfvZyp+3bsFjEFI +WiaQ/hT6czhhDLmhoDeuDGmO7wpcZuxubA97qojvwAlBJ/8PywTlEqtFrn4gCoS+iSVxiR/K +meo0ABenI8Vft/hA06hC8VVciF3k/oKLpLj716kr3zeqZEnre46kqlIW5jd7IIofoWZQ4GRC +Ds39xpwoBInDX3nQihMKIM8F0xH8J0qZL2ue8KIXJbww9h/2DL5zb42WOZYkXQSFiDXj+9lm +ZRy01Q0R21WjRytzzhjyv8rwTNwbpHR4OgQ3cD9TS0yL5ApjY4kRq7yiGxSjCcgXTqjcLl9X +tHK0It4pFe3ClbRIr2pFYHXaCKYvr7rcLWqlNd1qKOITvtyyavPPMokCHAQQAQIABgUCUMPw +HAAKCRDGxdMPfC88uYcxEACQd/My8tpo2s9zzqqyFYwwc1ipGB60ezGPPLlfCKUrgWX/8bVG +YJpsehGmbBLn6WvbxrQovl2HtCF+9QEg7aFtaLM8AR4gHO5bnbpWyPgdKohFHgLeLfNSGA5v +xPyh6/BKoecIsYNp8Axj2TN6PHCRJnLmQ6dWYXPl9RHfOmeYCMBRkOgqtlCPQsgOJm7Q/O20 +V466BhiBz4C5cBbhSwZz78HzHAYoABTBWDNTn1jngXMzuQ7b/Q/5g58BfLm57093zVUqJ8yp +MAix1FVzVguavhQ3JUNTj+65DQbUz+uIn6w0tlNJv7jiex18Gr05I1OHYjEUaS7Ub3tvzS6i +nSIRfcNir9YvHZhpvIFySwPlRxc2DcqQpkPLUEqP+vM5SngZ+dPNNuWL1Wizf6KQwYNVCQz+ +zaua5EkZcSh9bciTISwBYZX7EzqPccFWHpNZKjsubvScQ3wh+PU7lofzF/gQKvQYxgFNdxdC +YWaO7D/Xz4JE3iGMEhT0bsmypTJ1364D2lKyhZynWeXGdnOjC9/KdMX5l/GvnOcBg4GkRZVv +mFHt/oqt9S59NLRpXpDmQQqV5IudfrtDjdOntcpuCgTJyrc3zVRoEAJjXp8oKMfhFrnDFyV2 +mJI9bs91UtBSjB4oZGoAW5yhYNWXn6gboijd+zOYZaRXqrFM1fvlhSfyF4kCHAQQAQIABgUC +UMQ8swAKCRB7OkqVr2NnVcSaEACiTl0+6o8v1+6zIOiNEYOswS1bwUvmewnOFmph6h/yDsF5 +1eY/nfI8p2OE1S+oQ8FH7y/0KmqRkoHpBtDBzljWeMVrdwWsM7V0VlCkvrur8ZwGIVnrV2aL +T4i52hr7Z0Cpm2Cmz9zUeoOjHP8ouz6758rhHdYnA+8ZxUV5lgYqXKNUptj96m0tlbpDjZEJ +3QsBMJRg053QA0cglKWuZNDLYpKnVqW7A2GoXkBWGrwSeOG/vU0Lqvp6TiG0JfalflF9LrLU +8F25QD21DqBs03yHaL3bMms0NIL5y38JnmXmOoOW0kT7BlTRBF/JQiU3NdEhRCCFapbvD0NE +67hmZJfbtPnUxw1FTxvwXu1nObi13K5HOsRGq/95IUtVEGuWQgBiyBw4Y05QrSiHACHLI0Se +qGRFvKZCPDDS8a+mdoxiAvGVjv2fEGtHPWTAGptK6DyE3LDuIypCFS/enggk0ewYZVOx0sQj +rpolO1XsTIMUz7UlyYMqd+hEJWT4tkAyicC0dTOBW2k5rMJBhPAighpdDcQBTPtiy6Do/ECF +JA3HN1KAbZOQxFFR7+WD4MU4QcEMun/DE4p+zJ0Ye+SQqglhov+CHjGbdRbCysonbZxzJ9/p +WZSlDOng2i8YpdFiWwARM8xTG6KPp9OGM5Ad0rc8rJYc1RrIpql/AcO+nvXJRokCHAQQAQIA +BgUCUMYlrgAKCRDOQW4fPEJbGwW9EADQ6wEm/NY76/S7XcdBg+zepcnOeg9Xtwkcern2fpnx +iRFsyV7ukyfAaOr5Eb7N5PtkciIW1DAReKnr8idGHNVlXkrxcwqFMnH8IoEhDkk0Y1q3Mt7m +5d9LbnLPlGq9CpQrAVp2IeLE6ZU64eFMQkTJBvgsJrpkHw0oclolg4/LrFC6C3mQlzE6hR2T +67OC3MYj3S94XlO1JOYRCuiWMFuATWbITlBlJVhjLfpAzQnFr/OMmF9XHXssm+0tuK9qpd4X +jlqVw/BBTpuv4b4Uy539wUWkBnlcNtW4/6U6kLXsF9g42Z1vwUnopqjC9ZbCJeYcppeAAkHM +nxFrcnN7kMCgon/mBt5ZnADzU49W5jQfFe9J/GwjnLNklTP2PhBxfDcaZ0+uVgYB/ABXvktz +geMy+6VZ8ifAIHtA2TCGfyNVvxCzf9n6G0voopcHkxq+eEKkijhWxF++Pxfyc7Aw3c2TfP7u +vqTrWIr3UegB/ElQCScFD2EN+sfCNnfN8q0tqtMCzD4GowNjbVfAAzNd5bjKXyoDy1tkigzU +5na6LmuX6PV5xgti04Bw1lcdNJpoCsO8GrgSMfBX83Cx946aMBsE9Xwx1CcMEGX7dndZJ+ez +c4AVqjm5yGkq3YE3Gl1Zk9gXCA7bCT4a+jGdFubfl+WhHMnTL6qYae42bidewrky2YkCHAQQ +AQIABgUCUP3tTAAKCRAGmdKigxpB1czQD/9XoGiHl2kzoJEKD4mMGQv76Xiwj/png2BwFQur +Leka2STdiSH6oLKqiC/UR+xbPEv5lzNoLvydAkWJbMymMid5sCIys0h2X6dSlKtUvOjEn40w +O/LDQMYKJID06vJq30492043Yd4C4NHCtRDstKWvixTmE2/EKVlrWKwSGPeNbLZGIb0wdeRy +l0WUGBfVHZW4jrm1Y+INgGTYWnY2mNZTFqcNQXmsX1xEOzFgWVMokE9OTt0BZHGE+xO6Zsd5 +GKvGLCU+Xicv4VN0vxK84U8yRhu0FATviAa5ItxWk9yRpW9pa+MUYvCytWcCUiRRUVzcCP6c +rZLrSM5nVUgNTCrctC7VZ/dPioHYtuaFzvX1bk/9+hKmRxp8nLy+U/o8F1dBFd+ebMlyqIj8 +O+oCFlw/ZpQ+l/Py+eJXVGqICpxynmBRYeYeBdb9hbpf5Ut5pNjdCBFYEZzOuD6Plzx263FT +CkslViivQF1Tsef4HjKsn8Qb9CGLDlyBYAxIOvKhsB53U9Z8yNzGWwpJBe1t0+mgm6RQaeiF +0OzJMzW6L5TKtp9yXb6G+F/YlMkwG9/Es/TtQDgx22ExBfop2YHLA72XReDF4epuxbbAi+fR +luxJYvizSkEJt0Cvctt4n8f+n/EA3dMIMLz5Mti+epcdYiaufTr4xzy8YSxs0CfJaIugE4kC +HAQQAQIABgUCUQEFRAAKCRCqOe8VomBW8plkEAChLF7dOTcGU262sElP6yras3zWIT0bsL83 +I7U/xxb2um5oFN64K1FEm6bHtpOkUcBd+Kiwm6udferbvxvUTNl8t6WwHCDTJ7CzkNKsQuQO +IHtAXFMVLFHjfTONMGio90PzvgUBSG3P5H1bXXIJ67JxT5hL/j7V3udPtSWaPSsLKAI9H1SR +kR+/EWIXE5uiYGTi5wVIgfTL9PkbEZ2GBpjj+wDKlgMTWgwj7VY/cZhKuaXWcJigsmSQEtrW +QwSZ6SARIW5Li+F99rXyDgc8YLA/WrRqRA/MEbRzcfQPLcEBJe5u606lWLiwXgVH3LKF7qET ++k2MF1nEAdW/4MYGOLGbnqP+2toAn9VtqhxdogP4cH201zB920itJPzEactR+4515nOwUNXD +hyez+/OYiecIXzEtj6Vii57OxNphO9o00b3B4pzY7ecrvXbpYA6q9ilWOnzpS6X5iO3Z9b3c +SlBMXvooBZHWJoalBP66ZgJPT6HFUS3gdBZU26/QYH5i0YPGXZWnbUjOqKq501f/HWh/hxMz +eoMvaNeWW8D8wzmbUVAlthinYPjVMoDva+4raiHhjPcvYMEiloqDzK/eCIewhAtS3xBZqmIi +rR0LMJP2bbCsbT7OjKu+kS8n3FcOYO/ZnrTPvzAccygcqH8Ix+Bg4ZsEz5tO0wuIEO7nHih2 +lIkCHAQQAQIABgUCUTfUwwAKCRAV4DVDSd3cAwxtD/9YdmL+m9Q0UGQvU+NVMJ5hJhJJXwRR +bVTcvfBkBcI3zGneUcMPcmw2gpKHOXeXSXcaqJ6KXB1Vq3q7IC/cMbsZ+rss+Ttz7uQ0CZfc +xj3cXqNKnx/M7pFp82P3obYCgNhVrPkOdaS58mKaK4rIjg2BI3afORLpziZeGY5By2T97D7D +seXMxMHNxK9LwtYwk3zWleqtXgzgB28ZAyihuQo6h9nyya4ewJAQufrwmGYyc6ceSHnNo81a +YPIwQMvC8g1fOTXynpJjXRTWYvNAnDCdhiv8v5PezuzmRC3X6xhAomU+iHpoi2LIBCLDC6mT +R46keU48xERJDTDufBm6hsXcjcqDc9QAgyL+F40+2xZr8ImVikQ0SKb432ijWMffZstGkNpJ +JMr9h1dZg5JmXk3g9RGKm4nrmfo2KTYO/64DFnCNLM+2jUB4GN+hwHFUupbnSc7w8YAhhRJS +omRG/XYBo8X6GeUFs3H4ZN0Fll2z/dqYbmXVK+BOJFugjTisxuMf+oBE77z3EOVOumAZB9tE +Nm9qVX05IGUh5/Zg+M6HO8SnQ7k9SiA2kuZ+mZZbYOm5jhzLPnJnmgm3ZqyeL8TWoVga17vu +/dBVHVcupQtEsK+ZCu819mUwbHRgwPyqAaELAA6NIltwk+OYhC45cA4xET9W6rexmXkRZ/q+ +CC4Bd4kCHAQQAQIABgUCUUtl4QAKCRChmZ0ne0n573sJD/9QrhEBMoL0QD3mEptKHZRGkOV2 +cYIcep7SYA3k4KVYyKHEgFFjYHHlpNpuMha8F7PMI6WhHutm6UCF6EPS0anfiue+iWDxtvpO +vdbXQ3jeJ9fKwuAlNQVmf3NZacdcR0Ty4h/MdKdTCTEKQ7gO8x0+kObsjYrz/yuU/SLZUP4h +5j+9utEwbLpWh3/66KsbKkXN+3t5B185uPJF01JZS0gvLNTs1xcak24+G0a6kouP3o8hbCak +n+37QjKPyZC8sTxUSDwxCxzN5JVhccrIzaKNUce4NYvDJg9kbsrHR2ZPAZphoQPiBifxMMlA +rsMRWeayK9ZW01r/R8kwRr1uXmgyu3C796MYkJ6Jb+v8r2GqTB0qOQZ+9n+pL6vc1pNqVEiA +pHu6a5cLof61wDh+NpPGjVnc5ZIZ9qrckl1cz0tOA/5ShjlV6oSw11qtCFjFFjIDqsfERcbW +HtASfmdlrZMwKtblWWUGSZxYebZgnmGp3XPiI1nnDEtbZOsRfv3M0qPFhgyLX69k5O1FVKCU +TGwUWMZQ7DGE4CfekP7F1pu9CV8eaTRdNW432Ie+K781rvntXoVDNxJVE6YRkhVZ+8fEG/r9 +x73Dxn21iwMTw7rcMaSRUKZ41BnFsS3wQDhyEFlJ5zM/dd9E7BUqNyIirf3zbG/cTdPAQY2W +lUWqAemstIkCHAQQAQIABgUCUWmpgQAKCRBqoEDdUNdlQWfhD/0RsyQaq2xtogUZ1OVRF9VD +AYqX3H1uwHnMkJDsNAbebrBEXcSwyam627LeWqFqKZ69ipOGpYa1Ub3X3zWp61TRXqpvZUVl +bgIBgVCDRuirjkeGuxR3xcgYkgOuap8aN8/1j3tmH2yGVvmrJUQWj/dBH5LDXBVw/2xhWyRN +lHqjvh+vqujrX/X/iAVwmhSykgTuA4UM1R6yrMyrMItFQmGgMBr1Ww9ZdQgA6gRqsAdR51sR +q8smFjRl6BQhsqzYZgBNl0vrcVHoCmxSgEDaoHJ8HrGt6dnsG4tqaR8CrDEKIgIcpxMJoxyQ +PEqsecLhtoHHpxqkIXW/XvFP7Ow0nsdfAFXr0hVkrYzvltiI29ksY0n/JPfZbsQnCJ0VBkn4 +wBTDZnmuvRPKYXCOYY8SPO1x8IsBmRpCjeOhicgj+K/zBlEz6MVq63Flg34liJtiRVZ97oAR +/2E0k7f62J6p3b5WCMnf8Gs8atb3Ego8z/9kPQjG1wwmd0lDvQ5zPelk4E8LpcxbH/9A04Nm +tZnIL+e/Aq4bJSpJjy6vQI99R8hWv5jy/4wzRaug5+ueuPzmN1SBLoOJgvFlZoc9Wb9xEnsu +au61JEkDRpurm8f6gkLmjUR8pF6Wbl313g3G8kmZy0kabCMzrhD44z+GhHCPy/Tm4WRwDJwe +LJXOLqsqzC7ZWokCHAQQAQIABgUCUaEEHwAKCRDmtFbK8VRH1UA9D/9NiByQmvHWVC0r3PJo +Jdk92KElfNkVttqSZyTwhT6I05N5F5mOc3883lgZSxjVruaurXVnWg3xfzFrG/uXOAc6RiG4 +i4cFpbqtvQlA+KNZF9EQY1eIOUD4YuLqJQuRFnpzuvcr/jTYw9yVGDlHAXR5UQaDfwqdFSEG +zJ0ZX6Hf0QpHSBXGuXFiVoTBzzrWluXN0MPRp3mYKW9rsxlVkvfmAcnMsrOUqiHzVf+c5PuN +SN13JNNo9KMpXgVWT7c1gqXJc2GRq4rZiR3dKaQg7/h27xDnrmuc9ckQSQoZusT7zwOZLE8f +XQYCpVmrKSrMkpw6XCveY46P1VX1zGtAgIbLg3PGGB/pSM6xDXXUyYtI8C8IyTsHhIKX+Fjp +pulXy7QKDvHhkg9dP6nZpl3KZbRtHaRORbEpCwUVVsVD4+GVMQayHWqS29XIygKURC/BHKbw +L3V+qu8y8PDK7NIG1XVvRxeLoLH0j+pNsMLm7/rIaOwnG3eIARxGmhAHJg+ZdjyQ3Sq+ig1F +guozsciQJR83ph2fpmkw2gv0Z+4Vsa9JvNXv3qmjv+Vmh04/W3Jthea/tx+Coqpw2WCHGtO/ +CTlaqzwmymjx3JL+c4wzitTjIZM9+KYgA98++2fixeQ5Lz1xqUj9eNv+jKJLQq7psghpyr4G +53rfb1O7y/W7EdzUaIkCHAQQAQIABgUCUaEyLgAKCRDPnwj/Arhomk2vEACzUjjHd7B3UGuy +86ppcIXKHdCna+ocF96YXhNlzXYe99TvWPJ79oIBcWl7CqsdiCiW6ZpPF390YS7vf/On34BA +RS+xff/+pMukwP1wyNVLEb7gLrLix87Ut1z/PUd3zhH6jOEP77fooqLu68ZgFVh5f7jZk5eZ +dA6qWnoAnUAPgHlq2D9olrk3btIbwscP+6hqxGV3o5lhL3ZkWnuGcRrADcrzft7K1Tr310xv +tbi9INsow/D40w06waSyl2bPxiPtpfPZ6vo7oCQkALx0TQhuEq7kp7/s95oBXOWIN+NmprnS +eNv3EQrAGGE5Xk5pfdlzq9jqbD9j4R9jHf6lNvte+gRyn4O9kVDP1rAeIW+LzmjOqmXnchPE +QEfcOnQPUiUD+h6FsvZbZAQLejsebMtTTHuFzfxQkBkmx0x0qTqJpzDu+S2BIfI2x1RKq8Lt +4WFqEHL5UM5nU2bvEND/ePfukNHUrimQw3PH+Kz04Dc3te8D4Gxs6scQFxCySZw1hH/fzC2X +VrSu8bW1DcSYOS3jjfzHVWnIBV4IcK2IjNUVQFsQpf3xsX647Vmn1bYSnRQob2ln6Lxary6n +fyGT0dqLMoBIWmqaP4SnSzU3AlokjcU/G6RjwFf3IgqgzLF3cMCNciA8mNrlxqmsyv4XGlgj +2DnGE8QHREObCkezF2hBnIkCHAQQAQIABgUCUdrrgAAKCRADJIQ+Ymt0AK6ND/91EYaqjTIt +1P//UpvFaCwust8t0epEEiiskB7jrSfeIBdBlx1wGbURW4CMFHM3fejJFx0X4wdploO29SJ/ +UnpOaL5+SreIFYENerTDq6tL1xBcZ37SdemRBUwulpGBLxHZeiaspaTejLBF8KMtUJavJpr0 +gG+pKtCbbsAwgemjN1KaB/6U/no/DjFobDYDW/0NxwevavFW+Ne3H2fcpcgBSyNNzLst8niY +n4klt4Fy9W+KBOH1UCmJr9s8EliOWuDcKNdKfRC5evM0aDrcX9DW6ZCrOQvOsG2HroFjBIMP +2L09RM7djC2SKSv4Yd7OLygkL4bu1Nktr6sSgBsdzvVq9K7oQItWU/Vw0JG+yfn0Zl4hR1h/ +9UfFqTowSv2uLbj5l4BE5on+oJnivpwyjIZc8nLbMP4N+rGjUonwTXVyeIKh+YI3MID4skPt +C6C6Rg9OoT4SDNknCRwomd35RNRw3/93rMLqNDC3GAEsBD9tkxbVCeS4nYO3BnFe5DgB10+X +aUKGV1jcr32AWU2jVlsKqvFwa2sCvYuFPbNRAf2VMmsQ7ZuT6p7LEX1WyxY3gAb/3pKN5SeM +Esx37/A0Rznh0nMPXZvnxcxQyFPgzfVBSi9d66knovSSzNXF5gn9M4q1u+klbbN9RRmxUn83 +ethCpVm+2BFFDbL0iYc8M6fOMokCHAQQAQIABgUCUewKZQAKCRBXwTRmKdbsA/91EADDMrPm +5lSFmDxwuU8F92kzr6MpI2M9SeEhs7AGSpCgvZca5DYte7cekdEDMYqJg6CeOcVi5gp3eeq0 +u4PNqU5Azah/L/3pY4r91PsRtV5bap5wkxkTnSwd/HgNvpZ69Y3+d3s8kH/d4C8rhqiZ419+ +23LxhDI3EXBdlBX/TW5OHnqfRlQ/uvnN4RKsz6ypQHgqRq+9nKG0O59lXm0pDrlRPSQkIIIt +fkFTt9c7QfjqvCJCRDy/jHbovlahbHx1axLC59l2dAQrwltIY3M5x0XaFG65ArTXmJJscAqt +dTv6W91OzRVNigDqTsdyW4GuHReKZjhSPfPGq0uzufm3ZWhhGxXMm0ztopTDRh3BoMbRVcnL +p2Ng3YvJYLPnQoCv83RuzJ6Lv9HZ4k1Opb6XlWY/FO5DOOSz4n7/lQyt8UWSY1efMsHI8edR +QeIuiYGqBtJ+XFHQWHKr+L+Eps+4xJy7hfR6bsFszNX/ChQC/5StfltfIFW63usHhc7V6zU3 +Egp7m7Z/wPyCfniqqIfBVutOv+msjJiRtFtlStnNsRNhhwEzb1ZpltArE33oWrlRIv+b7Smk +8RdO661HOnY4ISkNvFkXex6tVQUB2yTlhIARhgWi/9dcb6e9QAiV5fgUduy+It2aTYfBwd3k +O+te6pART2NdVw3IaVBZvf+KTPqUJ4kCHAQQAQIABgUCUfkf1wAKCRDYhUvRE9CGkxpnD/4t +sBCqsEZiRq4oFe52ALrLoUJABoFtm9E67G9N/Xkjz/fLrMVpj84A2lNicy19WJhnE0Qo3z3A +XxGe9MdYwHfC7BupNEI4PA/08IdQ92DN4nzPHnUljJwSlTexqvWlscyL9yMvCPRIXGfcKGrI +Aef6ohVLeCGaFAn8StjLAr2tIqWZbkhPnRenFRW4EQxc2builOlE+RIVJRSpRe5FGmWaTvTA +AYDJmCsbne5i1z43oWlBPuX4LDdljinW7S4M7MA1NQ7QjrT5/zYj3Eq4pr2fiEjkAZFbxA8C +XPyOEGMmL+7M+hSMBK8T9WwESaT4/J+eE34pHz2goqTHM9gGMXv89Qt4s6uHQZPdo+mrqyrQ +IkYrqKBTVgiVsWqKe8AHhFTsTZ2Lz+uoMxj7MR5INhxbhMlk81oIrs//JXlAC+IL+hmieuby +rMB9feLqapCD1UmscJg9niZyAqxSjpjTJJrAFRbPV8q+gaQg8rVKhvKNIIuwAQ10jtgpvx49 +23vrpQLj8PumNMGJuKQ/voFGVvTz+41/0uAi+aWB0cF0q1lYrDCDwvQEHqMeHQW12zIVt/oO +W1smvCyMuUCewBCqfeTUD8CccsrBlyXK9pS51xbdO/hIglpYjvKe5kebKqgXsapkspiC6wlM +xVlfNhdzHyV+zjCs1qa/4VE3VBdrFhv7TokCHAQQAQIABgUCUfqnIAAKCRB33f3JEbe8y0eQ +D/9uPRsBhitYQIFNvQg9EUxMKAesZrK8Dswa8arBrhVzX+4WK+cDwCSDGlq+2dzVd932Kb/4 +3mKGY0lQ7PLwT1xBxtXuQnXD1SeUqNRvEc9CJnlKnbakHhxijfQygWt+L+1LXQtAx0hDsFJn +FWi5LFKwQu96F3dfBZHiWp7OwUdsBooVqczXWPgRjONQK5Q17ovjGAh3VBjyhV+BcmtlzbMZ +v3atdsxi4WeHzfHxMyGZmdabkdCRo/Sm1Bfi62bG9/MX2poUZvStATsMfBd8BHpmlKo58RI1 +1sSC2dwiPCd6oXMq2rRO6x5XzAhpuNzHZpzmjBoiNvLQaG+GXQLu3yQkK03rMFd+8eJSRj3Z +0LxtnNQoF9pgHqyaAGZzgvJzAJ+TV540r+zT48ySLDKZigymfyq9a5eqHE/jnA7CJuD7biSY +j30Ah8HCfQSXM0h+MRcoGl2VfOo3Bp0c2xox98/QkqvfvAzVtazdS3HnSd5PJsjX6otNJ16D +hVZHkokJhEmXfeiteiPv50A9xdiBDFUTtJ9ZP5aAquY6q14JKqyjtSTYtX8U0f1rWwyTc+sK +BytGba/6Zi51661PE1iV3jwsHcRlG0LvtHJPVK6jwU+wFwFEDGQLdWeaOwsbR8teGBLD5w6J +bj0/ClnFOa8X9gGRSUbZ8ZmczL78qEqh0BmRa4kCHAQQAQIABgUCUgX+zwAKCRA8/nqw4w2a +lU7sEACwT4tdtt7t3BcFrYAang1F4yu8P6fz9nB66yDIShR0+/tylFIAuPKNNTJZQW7wZMAb +F3nQJb6Ox05kbmq+owc4R9JEdrCFvFQ5+XYGvBAoe6IhDyW+tSbcm1WLzwq0LOR522efHb1g +iQPY4VFRo7qHFPGMWXd80mBqq4jemNBTMQkap3hgZLwU9Es1cZC4Bh7cLIvQJwpnIJNxz1V7 +p9ykKIvRNsrqh3pCuunDm7l49EKoHq8RCo+XffcljCbClcC3oJzECpIXPe++o47FmaHEVCli +kpWLVbVvK4AL6/AoBJSOxmUemTE1U/1ysBX5kGRYQsIYfmdvBVCH+fh8FMqT0nVtHtCxgkBB +uBWA2uZnYB7wQ0H/GGoLJNEODXZwsqgR/1M7eoahWqJWEuMsBOZZqhHgT82GBiYj9YoXGDui +6MwLsrLTs5/VhzGMETrCIPYv7Kce9JyTKeX/CclbrhTOFdiqYej6XO0+Zq9fvX0k9vw/5jqC +SEMhZong1OCAv36VbmEASGoWd3iV1MTJycyUybfnGpm9R04cN+Y7Q9QTkxGXqEJup117+dh5 +QoaJAt1x5Ea5jZiABpVYBBlGTDwsXtpdxosxnjdAHBypflH8yRyfBbiZ3hmg3LIqalhfknA7 +gM1vE3uSJ925xHU+Q/yd0JSw8C9gZreHCQRCFO6OrYkCHAQQAQIABgUCUg2QAwAKCRDPbMMy +773WwX+mD/0VnQBX9HwCAFq3pPUEewqP5Q5Z8Q6Gh7wz8/KO23B4uYUjq4ObF7UqdFNnctmr +V62SYTO2q+JvMUHv9fwlTC/WaZctmHmDPQHxpPFCSYkwTjGev6FbOCR+7fk88ick/fD+56Bb +9FFH2Df7icsG5SsytWvWdatoh3olDdzX6LxTRiWpPUhSjGuS6SiiJnGcQS/mCi/OeXW00ET8 +ohFlWfcsYn6YzrnYUocnXF6FrzjRCsNJ9gp27//wUnt7YzVa8jFfMaZJUGkCb2KePx6s1FB4 +bMpVLGqRY5Gl5HM4/2w7Um9eudrx7avRaFPjYdIqTXgglEzOze5r3hs2pVpIjV041CbJ3fyJ +tXYetmmQgF/2N4URBQ3m1qwv6VKzouOcCioY5JWlPvF9nnv+y4l55P+w2cAt3ItrPG3lI8DT +2IRRMyzYuT2g+nFBw4//w6SenP7xKfdApbGl4wUVHcwvq/2702TNxmqlV+bQQ6SjW4mXMnTB +YERps+3o5vjxeYyaAlBrE+acmHUlHXl/Cd+VhYX4DHZJIiAuZyjMU6X9PdctlMiUPhE8AStT +OOK9kPcnSiHtpUKw5ZSP6tOEw/5fOE6za3NC29fGgH0uMvFI6fyBE9mQrxNDNcQrjoP9vgQh +glBj9WTHgyEgrTJZO50S+kcoOBox1tLWZmxe/uik/8ZVXIkCHAQQAQIABgUCUhAgfwAKCRD5 +pF59UuMFRWzWD/4vXz9O5M5fVx71OXF+eXwgszGhk12ha3bEwXD8MEgAHtdU0dSbiWPps/LS +K0h9GCYee4FIqcPtGgNYVWvQkxb0sjJLpQudSkllj33K8WlvzNPJpwYmsSnCSjJL5gArR7rO +pkguV+qNMZX+ZLOlFPH8rZDGBLBbRZ0PZS46cMOQlHeQJ+2eivRCcxx09tSUuh9QVo4axC4l +f7j/BJXBsx1o9ugYNQfONdZAgk/uSJEjVTe3igiSWg8BGIcG7F6SFX078mg4KZ31JMImPnKt +wIbpfLISgbZ4F4b5/GniUXI9aOWOL/dQe/3FfIaDi2u8z9v8lQfGuKMSSmkrXaZCr0kfBk3P +dnoYrPmWxM91TM2UCrOzImaWTrLDoIdrYRGsYbQqDG434KIjRucnaqnHpfwe8J7roTCQb2JC +HrnETRTPQp4BmLeXzXVGRVtWdeIc7q3tBTp0ZfiC4HAXnIQJ0MCXGaD0oNejUOPBCSIWbYsC ++ilSbevFNhuLzJ+fmbH9FzoIDdvU9vfSKNJmbJ24tJ5E8R6ljOGBCWSwvZcx908drP5kfwIW +EYeie2v7/kS6PxUGg/dxfzjYa8OSDNVxRLllbJd6VGMnOvQzS/42zKQojfpInTY0nEVfs1CN +cTogYwTfE/oRo9p4InFCDVIGCG0VltywXtvv/6UHzEm4EXDBV4kCHAQQAQIABgUCUhAqPAAK +CRDmeBX59clwr9McD/0b6XY9Y73Ik3HuFCjqBYSTlhkDd4es+azoXTVDQzNkF/FrGu53x34y +9vlPKgGPWNZgxoPPB6JLO9utifoz3QsIBYJ/Az1v3/JpPwPkkWldotkECA6wQ/jd2d7MDp2B +yGlEf8wYgnARu23FPItgINx9oNWz0vXEt2ZqRi76MrkOcQi+ZJcpI5S2uDJQfQvH6ks6lcmO +UZxwWtnR8fnDbbO/qo4rzUjHa06r9vQ7sbbBntdmy1TpjsyLWdgCZIj5y7mE1vMREAhze6X0 +u48cfKOgU7Fo03yuOwHi5rxQ1K+G/yHHM+a4pE1fHwK7Ea18gXrbObJf2BzwqYhGjq8prEOJ +NhMeua9D7RBX9kyQE5170MAUWpuj9Jq4B/dqhKXxRGmQJSVASb6Ep5T/3cmpG5meBGFrXTLG +pkTXciHvdhA3GRt/TuSG3WQ/nSFSuUAQxsIYf2W1cq1sikVq2tSYYf3+rwlpfkY6WZsr0ija +EXjokx9bTWiqH6yoywe0XhYAnkoLmwPLPRFcSjEtGlYCnHsTv7PdvGu5uyrp1ebKfuRWBTRB +Ys0kI8rBfEqe6XC5gaVzqv6X75gG74cd02xTG6E9MdZWU1GX9nF3ZkIIAH151hVocN2n+7Wq +66BRdMMwGdZGp03++XZxR3TdLUk6ixcyi5XiVoMU6gGNqxixzXVbFIkCHAQQAQIABgUCUhPi +pAAKCRA4273IYJJpPuPvEAC0iEZU+jGJx6KOuHdVY8Sf5+27lfVuGLf8KU00bjhflVBm81it +lEsjiEr3RisolIJqmWG4Wnf6gQ/dYnL5SOZOMfMnRkgedzyDbL5/fm1KGLYtLDpo000HSxj6 +7irsa1wGMckUPSzulNAy1wV8VxW5GkuheccDHIcAU+UMnIBfOjd4LSAw3mTGF/ZOM3wDgOhx +ABV9NRxfMvdiPS9HcvesmRfSV3246e/D1ddidwr4FfJmq6jGET/IU9DmiUQae25Jw44Yvk0y +BKVvMOYQoiwpWk61H/GqR3RWNPglgWBA422GkkmMcJtwz7dPGOo/i4cHKoKYV45ntloJmxxQ +92jjPOz3taPiAiHV3SxIawjrRMV7fNdpbhZ7vuEcZ0CvVfpYL0nMRjoRz8zDnjdZ4bKH3xZn +m1EbWlha9IUyKg31DR7bDaIXDPVe5/dNJFuQnYf4TYZhXSLi1CWACYetepzxEYDGrJ1Fvgfq +LnUBWjGeVLeml5n/HSaJ/5GT43TxZcpTwbJXB3YVZg0+U46NBizJ67GJSt3WwzSjiz5CRAxs +NxxrWyC1PCwhx4ugjbLM4cm+sxqHml9LjpvCY3lENhwlx7dzJqkzSSuR3koWKTRpb3haQbDy +TvpksqSIShnxJ/jsDfCXlv1Kt/KijsypQYjhmfVp+7oIyGxqPgO6mnjmCYkCHAQQAQIABgUC +UiBkZAAKCRBxADEoSUgVV1tEEACyccyW0OPFVfpqjxBefC4/8h7c1/Kyzt9Z8/zqwUBzrX26 +C3DQ1rzBPzJVXzXL2JmfUzmed4sfMQwfxUv5pOcpg6abmDnh6KgRGflYWCTOE+ztPyHYsami +TmYcBmo9SulU0Df88HgLrAfRcWUSi2Q9yfaGSaLyODhLzEqqkwxXPoGFfFTgJlpAhkDB2f5N +JUy8aMO4bF17wRFh6DF2eG/IDuuqbCXL3G8c9JB5+1vMZB5BvM5ZISZPf3A3YEzefi+CMLv1 +1dPf9tjU11t8l03NljOvOthXzLu3yHlvCeR19k3+fqJtRlDz3Oc+ZfSRrUl6zPIuBkMyhYBo +AlKYFearsM5WijPiIC2uu3jgceFk94JP2ipi07zFDRKFDCw7Gb9BU2WxgYde2/2QFs7ER3Uh +BXm63wjUSYgk/+wjHV85w42jaOrmQn/iZaU7LY0/Puetj+CXp2Fz1M4WrYl+zo3dTEtIaikl +67fpdvrBvg2A0F+nWTMZwjfUYAcuUdaodmVC8lnJ0qdy35C9g/s42cMr7GkvQ6XNXa6Y1brD +EeKcl9v8yacir7htTCSc82VrkYLfvEbvSzhjPqrd3z+OI/XETOEdYY0EqjvyRi9/4YJCRcg1 +NXl2SCdJS1FNVTDEPlqCl0UQNJir6gAiBmwTyoQhF0YW2xkNiqxDfuKv5tXCNIkCHAQQAQIA +BgUCUiCiWwAKCRCi3FajfHGK7ubcD/4z3sRaqxSzBjWNSNJZeK46q520CGT8X86EvOl6DHyK +ed/PCOW7i6ugneWXb+tLii1MdwKvJt4SR49ENdvSG7yf/sG3vrdXpk+9vnfvSjCZA6Y6o6kF +sp+pTKaGicGIdajHGckTK6gGhgYmeC7MHI8tpFFPN5xyIleL88K+b4ifhH0NZy646O5NAUiL +IROZqHOjj0hAJvFwoTVfY6eQVu9EnZG0aj9aGw6Hi9/6wim2qxWO56wVnOx8PqG6gZPPDFND +92fRXMmZB2ptwpc6mn/zs2WaUZkEzmC5LrKUChf/ttJ6HDLkqYMUzNI2zzkkJn/3EzE8IJXg +SRQsl+G69+XY3KR8qwCPNhCIjhhdWn39kyvD9IXsf32Hut/5vKkcmqmhq5xhmFNdpHgD42Ur +CxQMj1GUVYQYUNpgWGSJGlJVkVIjYyKW1Nzb60SlXqa3Etl6kzBSTCz7xlN7WE7BWNuNXfSr +sHz0LIqoid+ykrKqxsTNQBxXc7MXEBLWcJ1xGUG6Pr5gyuO4o6rw9vvMNxsNG00BlL4x/tDO +D17hFKFEHX8+1mG5ITuUt3WCUIpGbNa1xiuDL9xqts+VFFhKbw1cxtSl2MZCtNpmgb/3eomJ +bRyGCusIr1h9DIR0BCVlItXeLUGgmcs3QWKT2mxNCIzDu5gsiJdpqaQkyeWsaZ6EoIkCHAQQ +AQIABgUCUifNWQAKCRA7lRdqJTy03m7zD/9LtStDfuewe+D70o7KFaHxUspBesgM1sWkNjGb +KytsdONiJYijb8VhPOIYaGNw7crusL5F6nag4TXbekxr7hFYLYHOEMj4QWAa+JgNfSMHd1sH +hPBRgl3mOPJdtEXOqGEkovFXLcDMivzXP2mLADCFehFbE1JEs31Vag6NkFTj6Xlsj9TLW4Cx +CLKY1Ju7do7to/Hkd1IUjQMqJDRN6zl1wLybT9SgsJNlyxqB5mcNwPVQkcA2AXZHahJjBTZj +DTuri+7uWhx44TlsoxMwpSz69aobOHGcrGSQBNNuMpsCfz3TYNWdE13zxjfhLRB5BtX9y14x +EFThEo8VWrnD50JkhO6b0eljfYe04ZF+gOA2RP38d07K73KAUGBzpUwOtKg+ThMBQ57EGD+A +qh+IH5bfMabHLoRolhHBvYdm1fdt6ys3S5w0/hDdnhGPPMRdxJwjbcG3R4DXzkhQz40K5yma +NWcEhRBQggykVZdcoOPyg/cQeaXO0nFBcV6vxRcFU8NT5NxFADw6ClJ0PFscLvVWST2k2f+7 +qR0rBFn1Q2I+mKvpEQjw+LxxxuMhAWW0xLweRiaGUQVo6QYGY2W+P9APbzcFF+1xIzqW1sB6 +0r4CnYB/oKgs3OB1i8OxOcd2V8NsiMTv8fvh7GNoZUN4FBOCCBp8nnCME4FoGMrD3r88TIkC +HAQQAQIABgUCUifRqwAKCRBwW8lMsAxJDFplD/9ZLWpV5Nx6I9jmt0syABaXCGseGoEN/uIF +1jQIcr4CzrExR4b4ebmz3aMcPw71H8ywKCSBx9YT5bY1ayKh78LIh7yC+IdcBcXgJc+cYUkd +qvYjo4j7ihbWWQax46K0wJl2A5nwInaCNYHqW8OXt8HzQkyfNydDeB+PnIrO3XZX8Wkssao0 +9EfR4gD12bCD9/kJuwDqmoiKJd7jxUA0EcdmC3gLL1tzaadhljFU73pwZqBO1Ph/M6c+Y9pl +q37ETyPLzr1MFPKhYi1xvT3R9ecbE/lHWr4YI99RgPlvvuvFOgbKM+Jj377mg0GxC1VB/RGD +XMHihiT+uL3j7LL+gN70PEw0gAqHNNJpM5S+nxMmPq7Y91pYUCBHc5AZJhJtpDOqC3Kj/taA +OpHZoSHQYDxornanXXu1NHsTcrdLYimEm0cREJQ/nFu6b6Euy2KGW2T2yUlLJKH3NJQ+J6M4 +mWK9a5JB8BhsJyaR+teYp+01/lT06/P/oJLr0+FPnoVpfeLro/SxBIb3JpURpeSm68e0qiVc +Q/ZiGNbBa8Hq9/tfsQI16Ja2FpixM9sJQpysKs63D6GH5YqN48f+QB/DZG5s2mRsxZ2f3Znl +aYUJz0FSPVYteZXtFo5fNHqXfnXu5F1NZ2J+Ebbkt+A+zx8opUEkoD1ettehcSKtqZydCEB3 +94kCHAQQAQIABgUCUi3DtgAKCRD3L+qAyjDJzQsfEACw63aHXyA+ao9e0nnp+9tGVg0Q2t4G +C1AiksoqyUExgjaoBdgvKwAdITgajA1a1LUTHFiC9uK5rT/s+c31F37YCa7wt8ShRyncsSDg +FDtdBRklIxcKJMSunHa4Z6P7zh+2H4w4iRWeXJl3MG2KAgBaWwvHuX8AV9VC52Axzx2PBxTs +J8yA1ClEsqKx9hNg3GswH5Q6v6sdfidQbu3jn6IDY+9vF+gOYZRKLF9OFCKme5Lx/ACRK0oU +esGUOuWPhGoeWGjawDt/Fub83QfavCDJ1H3GhIOyJULZO5R5hg7pj/HlcU6fDfAgauTwPYzk +rOD86LoS/vJsFzvKhsb43YN8Zt6TURWk4Caiaq2K0330eDkRZbHPuDMCpyVQIITehAd/tk1r +wgNX0ZPVjRtQoxaTa2GUOo21oVi8abVFNMCwoCV/qptz5kCt1dM3+wUHO8YyWuGnKs81fpV3 +yaFDAARbY0yeSsRSAHL0qaBAe6rtG71eI4fN7u/vbxR1SF9fBWAzAmeacrPDAJ1ePhgQpA8U +RxHBo0dBuayMlEIugrrypu871c+ffZ01blibE72eKyPw3FKmjOMst3IMX8b/E6f4A+CkS04O +uGcLXdJbcFcsLNu//ZxjpPTuM9o1J/4QusB5CxHmg+DR+U4A0KiY/LM9dJ6Y4WbAebA0FSU2 +FdOscIkCHAQQAQgABgUCQ9o+qwAKCRDt2ZWk5pdwHEaUD/9cqNmJHapQS/9wrOUx7MhOflSU +Q3h6OWFPzJuRX+iuWxBRRBRFbPlusInlPcMrP0KPHW/ybFHdnNCbBC/2LX/qNt8EmsUq8nfo +2iQpzm9AfKkjKlIQzXxerRmL2SXrOi2duVFnMChH1FTJAWc3mTFQxaxehtGelM+9C24jbXnM +yTF+jTnbjTEPX2Edj9zhxLuS7hO9tf+1P17mBtb5tlqah9aDV3p6e0N6byvMZL7YqE4bOxzb +xnCTaXriIMnkSjOcQRrN9KEgVUy54nB6HPTFqJIoS6YHyo7EilVBJ1Iv3GkrRIghDNtksr3p +3drpkN+j2Ux7pyPUFFNWeS2CakW0NFFsPn2J7lJR/WOt0BVlv6FgV57/RgA/Bhaxi+R/66s3 +QfTNZWbI8Q1tr0TP3t8U/r46hCVcukR1f93B7rpyrQcowHnfZ9PA/Zu8ZxNnhWlJwwgykY2i +Jm6x7xZtQo4InLX0o5Nu+YXzaudlhWhO6UDBm4G+eH0vIYhx3ue3eeMRkhbDrPCu/l6m2+Sz +3zVEKFdn2dKbRNhuldwa5JGb6K3Fh+1pvjTNND30tmHm7gNft6dq1M9zeYlA+DLKJQ2vREJc +fVfd2vUFei/L2T9MPlETon5x5/1269C+Ecig/Ruz4mNjF8wME9vNFfNULSPsSBI/22AbCZEY +c1H67OHQ6okCHAQQAQgABgUCSg4eNgAKCRDBVsqV8AjDOrhDD/kB3XazIorV6kxvbID7QIUx +YEREiqya5FAAtiMp05fLJjnsyJcVH9Tex7PuXc0NsuvA39vAUpYUvxR43MKxZZTvsR3vLOrz +AW5uCuk9sjXBYItiSqmlz1D1Syzu+unH/I3Ke/O4zncSoUmd/yGOxfb57EsPCD43aXg38fjP +ZLq/kGQOPs2R8tOc28sII5AffBYGOzTsnzCg35ffqcWRAovGnrbI65XeiI5CRJQ/OtP3S/0z +MP39uQMCDsaK/ZdsQDaOO6iX/IAGWsEgGrJ0GIBbKqfiz3Irk4LHnZOikuCtxxi+E6WKrXtw +HSjAKBJLjvjeKbD/1RzNkzhrRgfSlDbsPJ0r/y+8vab3B1GzJ7C5g83MFAvXiRMrT84GbZF1 +vXSc+DwYmEMXGG3HePLRXpqI9/vo7eVKiw5vn95StuoQlceCp7A/zfn78/GHBrd65OzYVmPi +HrFdB3YbwyEUrh+WXYI9YaFIXc7mVXxoNlLuErMlai0kmUK7B8lSezvJodUvaXhP7oKeTyou +i2CH9yQ3uTe2ZDHx0hmRBkCvpFuFBS8Enbu8Fn7n/QwbC3PIiO6BUVDJdxM5WpET5ma6phfo +1f64ZBXjen6NZCkTZ2MS51yTJsgqp8U4I5AgDHtD/s2rwwo4bTwAUn87B3rE4TZSQV4k1NLa +JLDsKaM4Emsg04kCHAQQAQgABgUCS4lpvAAKCRDthSARn+lZzKFREACw3tGMYDc/LrkDRyuG +ifVv815WBPeV8TdQ/jDKSxYw4pSN9n1sCOnGwDTbFjRstLkyULnbZ/rWBy56RewLtNjavXJh +OIMtuuchggo++/kh5Tcuyj1nZ7GpaLQgtBS7y2IAZQRxFxHLzLNQLW0JKPM8EzJ0daqI3bh9 +tfAXS+3LPFYFDqADTEakGO4DjXEz82k4hmP5mQTzK9B74hww2zcR+QZs9hU24O4zi3q8cVc0 +sWbdr8ijzrDZVYvGGCOmrYUgja9/wGHBRKT2xH4MnFZvE31FIeYz6U2/JruppN7Iqp/217SL +/82De+LeHAYfsZKIcG5wLRLY73Sb98sP1Wq/cERuDi3H8THsLFiqsq0Ti/6gQCEy7lj6sA6v +Q0wjrKMxUDA2BrxQb/jT3UgtiY0xRHzB5ad3S60AxkGzLzAHdn0biCE4C/AxGCygKcVY/Ne6 +Co0jFNxIc1EuHnC5YSaUcYcfyDyDlEzSyR3GAB0+N7Ea6G+SxdNOMq/u3/lDC9Y3Z/qWg7A0 +kGhG91vUXhDjhtXG0VDe5y+yVWLHr/ymfg4jYXJSJg/F3PCl8JJgiudSiOEUnKgP6/6HyQ6b +xvGISr1dK7f/ZSK+GwlJkaWsp4/XNXLe4w+KDmUuCCVPSBen9zYfCFQMCqzBgCWzQ8I923c9 +JfNCQEZNF/BWmYLbPIkCHAQQAQgABgUCUPEFawAKCRBSPdXTTo5I2a4bD/9c37vhdK50jonO +UZ473LRF7qeC6zJhQ4s05wxKxL/OkAnP2kewHqo2WUchJmwyfcTg1oVFl1d5mPiw4Qzw0RDI +ZwhuHI/EOLyHXx9oFMqMwypBds+7acSuNXr0QAfIcfLd17l1cm9FvZj+/4ohGNna67m3ZPQO +JRb6a/8qOBg6wD6JI+do0mAcS35+jEMjJffzrWqUTj2eczXCY+OO4LSGXQ/n6ppvzbm5Ip5v +GXCLNBZDD6f+Hgq/bjtOhbmz9MhJGsOUqDQIJrP3sTtmEMs+QeXMGCJiJkSAS2LEVhZ6ExuN +k8Prv/FPEIxguOHT7nuRXNjxz8M7k/yfbghmG+EIr/AduunJClYBXFMPnp4P2a/mHUV6l3EG +ErUL/R2XhJJ+DnUwBQV9uxdPHcpe3qbpYPekKQUg2J+Ra/BoHLEtunDtTuBPBks+Xof8sOMi +fiLgFdPoOZcLkcI10G8RKWeNirN6JlmdtScOrBpROIbffMTTweUYnZlzw5uJgDg251AqPnYD +3DFo1vhVJxI+/XrrbGA2orobGxKGidD3FJTaND5eqLIIP2xPJZqQEqaUkmnqRUUck00cX4Vx +qnCrruJ6yxqlYOgCoq/sxHT0PCXq19HeC6kUgoCyHP6HLSDirZZsFsFw0V5Y3ekrBh6aOQ5l +ac/aTgpLMzc4ohjxJ3crTYkCHAQQAQoABgUCShGSaQAKCRB0h6SV1bzzY/35EACjOIka8+pN +jZaqy89+S6hnwoOhNQElO+GgoS76ZKIp81mmMWUxLs4lZX7KFRB4mneQmovuj5VUK/UGOPGJ +lpSMnB2BHI/qkSAZwYRuBLd6LzfqoMQSD2JhhkAFrUtUQI9obH7cw3gibFRoyDHSUx3HXwKG +EiEXQEPtvu57asHJ/vbp8uc9qnM6Q6SzPHmlBQ5HDGT59kNXGo5w0IUrNg9LlmeTuqBonqBq +30lmcsHsXT5M3ThRhcG4oiS7tZH+dy8/sS3sfSuwGcnh297yRBP1UzkbabWtmqJs41uDRXwC +qIOceGo+XoDbZIb/3d39x3YZAeDMtPFlmlmuaVZRumDzNwlicAH6lj7KUTWMLRkHqdyQ/HDP +RktQhAUjaodL2eSqXPY0HupDrGCDfIHGIzj4eo3LZNZ1kSoFkwW+04x8T2Pfk03jLOxIYjG1 +BEQ2rcfyDEouvLR5Jw6SXjYVq/Kg82dR7lJM9UC/4B9JrC96m7DV5w7CRT5FfhWq/U87RutR +RHn03P/OG2QUCvFqSHVad+WqJLaCta8MEl9ZO80Zb2XzkwfryFZslYvL0a7YNM2J/+fvrtei +My3Q/+euu58FbgG1FFMZ6m0BQ7ucRUFuov1co8saZMfXsUC+YSh2C2pTIVavH/+wh7QJ3qSW +t5Rf5yfePdvlpLk37GnEnAIBG4kCHAQQAQoABgUCTg9x2AAKCRAmkChboNlrLNTGEACqn+fz +XAkQwGDtaUAYyb4aHY82AyUk0d66L5ybOjac706DNttm3jEZAHcVjR6bR0KZABV2mYfKJ4bU +RjhQ0c2OrTCQ0Ska030GV8vYi4buflIYIHuzHTrB1CuGCrmLL97Z7HO6tUSpFyl0kHB+BXTb +ZeYQ6ylA/bYy/y0EKZAErwxH8GExOHIKaso9o69k8PVIFXG1qKiRvZwzNKMXtlSp3IN8nlVN +MeQiIK0ArCusSNv7wWV7m1n65XHomRcirupnGuBnocsRufxopjqkNSyye4xkzOmxxN3pYgQm +P8RhvFM5UcCsLHs+pQAw/P+HxK06GIF61bneOvhG0ERvPfB1JI5aek5MMBeZ9Z4qUx50QStN +rGcb8AqTOvri8j1pg2QVgrwWNrYsrGwpprB68lDeaxqGMWOgOaaj8bz9Z/tkt7oCNkdo10Gk +OcTYW/sHSe/XSUMd5E+64HJ3yEirwYalSmdxuZP203y8u4qkmp9OvzN192M+Sd1ZdFiyqzjN +5KTYNq2lvu+zo6f81hBCQ5KzgjLtUzGalYv3DaGy2VDrP0SGBB+GLsxFSyCtk5HwwFOno3Xy +dPO2IzSszQilNQoCHTE++iouvVCgnNsdPm53ofCSw71yAFHdGfhXMqd5iZ8HLp8K0NMBBndd +lmqsvMyulSrIgY9xSi30pf0eq/jz6okCHAQQAQoABgUCTysDywAKCRC//I3TwG3WsERBD/9K +SUhedkObgkkM3VMvdFCHEFrHPmeQmFPwGpOPs3t3Tlmb42khCPKlw1SVcIHBO6QS8cxaERpU +hyIaS4NjFNohKq8kCklg5fLVwq63S+UUkOYyVw4xIkGtSaaVA2nAo2TrhvXH2OLTGz9515k3 +Id5ZAYS8gMQEeFjzQ1yqHBDKjklV/HPsQ2SAwACVX/bsRE45K/m/kPnzAftLbPUmGNLSMbtE +DVnc8sBNgjnfBpOeJrmF9nVHN/BDQgnDxXwbrfiYECHvCNYUoWgp/8rAmFV6s3zSjoHQkm6Q +cg7q0TsBzKvRYz76kj3TMd3iFxfR7FbfQuXEIZ2aRp0qEABGO4mTZ9hDufXA7m2DGY91YtMy +mxnM6FLzBnYS6VuWfmkNneW47ikSoT/y/nFAEEzWme7Zk6xx2Y4JYkNcjzzs4Ozky2LeJ+D6 +YB0Hi+zZkWhJ+tnpzg8ln7wZsddHBqIHbyL5AXuynTDqSkq4TtkwhXAUblmrDD/RwJgxqO2V +ghfgrCkdqBBS82nCyuetP1xLJqqTtqPSVqWHf1pgJPz4GVoGYokQGWP0Mgut4Mp0Wv6FVSnn +HU2JHRfy/9fhq39hYy2wg10ok2r3sHRf7VH3dU+SP9uI73G8VApB/Cg511SkONeOZoR295Ke +yaKzWqEeI66ZcWN3Vf7BJ6XQxkq3MWWqF4kCHAQQAQoABgUCUDeq7wAKCRB7H9SitKLBWBI6 +EACp7xQzJQOWA5e/JFQpd+CPIvzPrycuwK3E8Om7RgkIPrW5Zwq6oDNrhNGQTulQpGGghH9a +mM0ehqlnX1OeH9psoljEbNiaOawbhqbN3kOIVi4mAguzrJwc89j4dcvztDwo5PDky2DZFAE5 +zbU8mXRbZIbBSUPTgnmuOeKfVZfsp/H0xyK8dQKf5MnHqASbyBLbUDNwHUMnKiEALn3cpoy/ +EFyL7ekcBeiosDcxPic6laGcus3lFgaWCeArM+vZh3A3Ogz4qMltyQqG+etS8uL/uYd5+KfC +gtSDvtOH5jQ8WhNmOfwloLKbcYAaX0S0aG2TgNwYp1NzyNwNrbGgdpevL1v9nunEvDkv8cMa +REPkd/doJP+k9bu4J8WRQMJ4H8wWf44gOMBmACWD2J+ZdGGvFoiAnxHJTJr/RFbmPZhznyZ1 +Ok+hcaMxShQw9Cx1reZ8VNg4V7dBfaVOF0rXwtY3G18KT+CU1kjPb04W4v5bWURlI3LDUvmb +7uywtBI0aX5kcjUJigQcXDzSYCt9CpjSvc0VBGFG0BcaVNLIVSW4jwOpVgmRyP/bHrMaxeWO ++SillTNrr4A+Hi5UQrWRSdtSE17G9/3n4DmS+uRG6O2SmnZHFXhHmOm67Xwl1pFf2showZH0 +OpcqGam08kASAGUxl7IOmhOlXLGU2+cSe/QitYkCHAQQAQoABgUCUaocYwAKCRBWhCfpSAGW +pHFZD/kBQZiUUZiPR73lncl/0l/EAGNr+M028hWkTsnopGti6rz8C192zB4NgGtjKwObXKvM +t3ekoswPEdfk53PexjjJox5BWfZ3lTkpFR3Je4Gei5ZR2E2rF/IVu6SV1AQrfd5TAZkfuk64 +SnlnkSktDVnXVaqLZPnRcvZ1SMBpCTEQvXnskkI9U2Cd2xuL+IetSn2yE9gGiCGo/0MXdlwV +nXhynVU8SBUROMsKtAfTZmdZI+4n7cb0sQWdmNiexLyfbFvxzlEUQiyBb6Dj05hephXgvKwE +zKDM0Z5/4z8j1k3SZ6J5PlWg2bxov2h5ewOwGdGljc2cw8R0WT7FRMiisLd6RaCWlxOSkAuj +2OVrz/xxM9k27cCVDFR8GD5T9oblBTWGcUx00faIsCgmfpYC6dILvkFiztu+Iye+g5RxvksT +4C+QtsqBpKqdBqKV1df/HQ3rhhHFB9G5aO40N1UsjPRUz/k0AUjL/5qtWyEjs9GfhF9SALKa +Dj+sFSwT+f7gXgCrzvyBM2cqyg7LXmqHa4iVdkB3Qz5uL0hau084EhSSB5GusHgJgvA3s/0j ++X7CwZqQLqeNozHf7xcINn8/s8gy203ASNFGAm5DJE9zal1UDeIqJfXfjRqzGp1uM6dTfGIT +Nl/GZyCQF4s5lN6eqkchIHEHAREc9p2OatCV+Y8N0IkCHAQQAQoABgUCUccbKQAKCRBo16lL +TIWsgaQVD/0XAZ5aH0Li12Uxb2kLnWVhp1XsvnF6am7sqRsRuuwvozqPYXe6lS3vD62EH4Lx +a/RKD3S72N47IC3s7vsbw0AvYoy1BIhOUN1ts+opF9+JXq+tgdca+KpF6yVH1ue3tBVhZr7h +HDdQ9zfWVkDlqT/Hyd/AFlF36Gl3UhNR9klpMz16Ft88fKQ2dHEXWqLl67JoEWv8CH591xlC +BpvdML5YCwtxCoKj9br0J4GpJR3wd5+4qKO7Sm3utxpgXRjeFIJqmxavJlTun7VKbaQZmsCQ +rEImNygrOwkn1oTPBn5Tfl+n9ninGPWhtB+farfj/k+jthvzrELPq+Ywm7LzB+5Iq+oZrz20 +oDGyHGMIZapx1LuoPSpNTXljHLnvxVH2jxmFnafPCxdhtO9jTYdBhxWt3vKAlRh52w9IfFir +SaRiMgkjcxJ5IKotB+d/vpW6eelr3GHROfVRv+H3UWtckZH5j8w7c6T7b8nnQWPPh+egf9WI +7eapx2mxJrgLBS4Wewow/N/HiQcRiki/0HpAAY39vWLUkGlChiikQ/wmz47UIB9pppmu1Alz +RfWhsPD1dhaiJDxeYCpzLjJOq+LUsXUxWuhTNWSHba7Mpt9c6hWNk3CoLmltShIOviU5TypT +fEMXFw/E8+0u8nE77hdTCix8GwEzjVGzSgQZTEMb+An53okCHAQRAQIABgUCQ5h7aQAKCRDb +wbccbjHPwhA2EACrPp1Y1n6SfZY0LbUtLGvPv2a+856sslUaqX372o7m2hYTvv3v8i6aom5s +JdN8XA9PRCaRY24JaW5QrhpBGHIPWk4rivuldZRVAWrzCkAEEhZefDiB/+y6RbVizJGXa4Of +WJhdQZ3t9U6WmTMzRv0oozdGGUNFYb3WebQNZjB+NrxDeY2lM9LG4tApUKEfUzu4ews1XeQU +p6mwLklyLYSPTiGnl9Yu5OS7JWJuoEN8WEVzBNy3PyB2v4C0DdAn/rU5HzwSzEUIxQ2WXiMU +EUBrBnt/0HrUg/KffRbJZJ2/0udtxUlLhASZYcvb5VNkE5qBAWVAJ1w+/XfykJ0IoZYQFs4e +dMh7m7FHwe0awDfVO1RXodqSzrc+/U5O+BGLkxrR4QqMT2YUK1mSJ/Qgc+wEHdQsYShadEks +eVcCcoztCjwqFGG+Ba3rrGxOJ4krgrwGxFcsBKATjSOg9Esw6rufQPJ44Kz4SQ4o5JPD/k3D +6vCXzh3ng51T8O/io3Js08EY2W40b9MWy0XQB155TU5fnbklkQ6+4K8/491CkOPIul8zlXg2 +8VTwV3LYgJvtvhRaNfgCCjm8PGS//+IInypeSKy0lbfGrMQlHRO/+m/B7VhzEX261GSHlZn7 +8b1IKHvzgeWOPprDvPKxbebWfJwsfzzECyVOA3KQGVXmhiEehokCHAQRAQIABgUCS+WWVAAK +CRAgnCoVrJrIQRS+EACYcREloDO7uDdSQN9hTChL0EVdCV+6id5rEopqMvximQbVwBhP28Yo +ZmTRVJ2ixJuEd5qkpJ6d7BVEVelppdW+0tIl8osheYULjzzY/5VPKnzXjXqwvsTIsVWnGu4C +FqNaI7VZyNEcz7A/fP5oFu6CvOc965zjwgn/9gIQNHbJpCh5ysprsOIKp2GnwvvI7UcwWUb3 +JKjC6Q3N1ighxDMC3gZ/s7YKW78aq9x5l9S4TmHb3WuRtM7hhF+YAttbtBp8HoIxZBzrhdP3 +aeUYg60WOsvGDJKENLHzWM9YinlWtbjGZG3Z8jK5spQgdQpWZjBhmcwv8KgQ5aA50w2DBU9D +11YtNvVh0FdUh1/8sPP6zmCGLdKFWA43O+SGIxHUT+UW53XtcEB93L3vWJ3TQ25N1RBhv0VE +8YSVzCv8lpaCO6hUSNkFPtiZasuhLNw/VsijI9GU68cHn5iHjQWGnrraSBQgwBHVB1rmGHn5 +66XDpWMpsqWZsxvYDCKR4yfGGBvRu/6IrtegooUwI1t0Oi0cHmLB+OHSKChB1dqLr0URzVWE +T+BwDCM2qD+KbCMOT66UZ7XMpZn5ZauhtAA0FSMQkmrauSqHymnMCAnCewvBFSudwxyNDhol +0YjXok0CghqHjOdVW2sdS9DQcUU+IlfDeCMuNvaaO2611Ws1ZnRHJYkCHAQRAQIABgUCUIWt +FwAKCRAijswSwI+RwbmdD/9a9s2EbOkP5UIqIXYAq0KjEsK1yTlCh8ElduaTe9cf9lsyLuz4 +Dd/GoEs/N/W5Cb1jP09dsiYemBQ4ladOoIWgIMHdhhZXHZ2Ol8WcpY9MFFwQQsovR48fMlXd +4rrzA/XILcUmr0z4sQfYNGlF1o1aYVDz/VC49ecL70bI5zcUt5m6aEvSksUO4wsrFazEGSf1 +ADBVn8ptCydmOSfgbGuZ6lhDSk1ow2vhi8Mk0qC+ZvlHnDgt5m97Ux/x21R0NEOQ/iSxzEXF +CTxIXbomOGU9wVkFtG/On0Q69I41V7hN74POJY+TVH73LRpccmraK10zIUpjr/r/k/YYG/o/ +s3dFaBqlMIbTuJPBoklkf57M8dKfMa5RNBOSe1zVTKYz94r55UeSkNlHHcgxC2z22DP7kapd +dU2hT+JlOpvV90FEGWo+OHvJnnr93pxV2zd9lFyLPyKK61MSuhZlEgIsO56BNvMfDTtGexGx +I5xDeY42dgvsARDN7uhR6rsWLAVvkweGZgisuj5iwfDrEM0eOSx9VCNal1gWGCbCvbKqYWRG +MxSs6/1XF0FLcWUecSILzT/+jwP60ARs8gcq74WxYMG/zwM4jXgnMMfNMRmu12LHEpIdueVs +LOe33Axh7Y0BP0Z3IiGaDVrYB1gozsNK3K/xNw/6AJORoPuftArZtq8BTIkCHAQSAQIABgUC +RT3bKAAKCRA/d1Fg7kG4LdHJD/9p8wcYvnc+ci7d274DEQOE7nBpl5vhOsZ0EeKd9Kp6m4Hm +tIuLNI75+xlk2WfOvMTj2ATdHUjJewE/xrKZfBVnFIxa/t7EtPG8OqXsh4yjl7LjgGmLLYWi +UU3FB+cD80GPu72+QWLL88sXUg/T6Ys99DCiUnYbNNtbjsFd/97cpQLioDRQ5IhDDLYfvlP6 +Bzl8TvYyGKdk9dZGoVUjQbRu/QSYE0KtbqNcCJUsAkOFVyrbgKWHzbwQasyUp68JnEWB9gNY +/2oOpydlcNGo3WBwVB5BsUw2FiA4IHVIVoqYKZd8carJ1Nv/+fnQsJaii6UtPKhtqreCIiXY +UnpVyjwgfeLnLpuaw6JnkSuMj4AfXrZhxBQajiL5OL4txMVz/j2AcyDSsuCRAJswZ2l3hok2 +IVnfOV4pD+l+tjhTYVpNBT90MCZ2U1eobaXJjMWOSc9SvynvDcqSotC7michvdbWQ9ejoe8N +6gAeoArfK/Qe3Er1k2pWGh3/cPNk+/Q+lIITY2OV9FnKQ2f1OOYHXTj+k4rDi+ojvK5VOmPD +4nWcPEYzjmzhB2V6T0GQ95f6Z11OUGmBbwxJmUB1Zn3+xHPxDsaYJ66uvxPPANePXiGV5TAa +k6ER6Tdxo7vny+h6MvjrL3MdpEgOSJCdge9Oqm+mdRYWNJQkvI4TZ0AluGARPYkCHAQSAQIA +BgUCR3OzlQAKCRC/xlKO9c4h6BqmEACWJqt9522zHVuo1ew7c7kbE3Bqr8UXG4DwvHpxRVC7 +F4I+CL3gpeno8L6HOEcGCKrAyGCy/YWktaB9sZgO/+C2y7VekDFhWD295I08SlTBLgkMTjK5 +U9li8gzqP3w+8F3GRLt1aH7rAiFYL1Fljt/lWQatJJr1HqGQfjd/mSbicRVVvDwgPtT9pLG2 +o7LkLKuaa3MZSWrckByJjVBAzqJ8ZkvZ7ccCOQI1FIEqUsdtNj8ndLA9Mf3nVi7Bv3zecmwR +CUoVEdiSxwg0/2jJky/skp7T+F4Iy6hrQj2zWgNGXDaMRtP4ftrqc41htU0RRJEzNK38ckrI +Fb4zzoLXrHyqlcO/4FEQ7RXw23G06igYHssBYPVyS0gyLlHKm0HyRW4U6KlL8+RsOckPfobo +DH+4ArSfz47URTFrxKp0Wy05h5KHXTCxTzGv+VFQD5VabuwPgOm3Tayi0jCqCwJxMbAmCtnY +UFve22cczwfUNY9HVTJlSYyRtJRJctBT7gsx+uU4PZPla49ivRUGIBdfnUMEF27Tc2l0HP4y +tF6l3tu8qdId9qn3bb9VxdzXSynpmiRIzhnHOyeTtGR+LlcAYOEeYpUeiWbAmh0nhxLgtzhB +XzxWfuoFmZ56DTIb7JPaC61oKmqCg/133Zzkyas3yspmO1v4kJ7ekXTKQGqOGGbRaIkCHAQS +AQIABgUCS1fV+wAKCRCZkx4l2R4BLIEpEACG/O1XpPVz7Xd0/x6VirTvyk3Iu/H8Fn7SaAWy +caULmktfz9vuzTwbGAhIHOdtkmxaYP7OshesrxZTBtgFtMl080ep8bdsWZHQKjYjlZq4ANpT +irwRHll42NGQAIhP7D90VqrrphlrMtO1CacbQ0zLCHZAYXP5J6XfSuOdGCF8/lt0CgTcEAHp +qfNLS8EWmZKDkGcrv6VMkASELuPicMdTdrgd3y2fNrqsCkJZahaQFabTOdPKw9KGXwuRacdr +hURtA1t3aGYEt99vNGC0C8eSPM3fqYoGa9qYO+lRMhJgLEU97naWhitZSDQEo7JfRjfmlyN+ +HwkGXdeXFRszoAYJNU23+7VVWz9EIYYlHWkyld7j7hM2of7+RaLVaPlQrRN++qL6Py4kh2Qj +oCSFi9tDiVxxU2vNP92qCnXPfILvfyn9AVeBLSIqd2sKm2WFNjjXjybkf4oaX0yRijQpl9ci +A7BFrZZoXV5i0+4iyyl4rx7FSJ8StvA7JyxKnKii3JvN8iVLZuCpXFoVmI13LNArqORcSnYI +VL8447XhHtM4CCJYaNzvO1rqXUxVTsQpTcTt84JsQksbst3IdTEyuztMw+gcebiyNIt+6BDr +enA9xOl7/jr16taM1WDnl4yNhJE4q/OfLpxaNvEP0pDwslbUuX+13uZaJxY2oF4GaiF3UokC +HAQSAQIABgUCS82o3QAKCRBuZbWTYFchyonpD/4+BND21t1ZYWKyB90bW91xxIT8/YxiF/8S +UaJmwvvlo58rA75aN2QevlUqtq8xh0DUkIynofqBdglAMNp4B+IhOWUN67JSPXVLGVmZepBx +Z/o4KMYVWe0mNScvHC/uVBEol7m3K83Jc72gw2ohazvO34Nesu9AL/sTSbkBfCrUkQN00315 +Tv0lHy16EjViMQSq4FzpGjCDECYqOzFoVqGIPRLcYNe4T6wjmtw/1PIZhGFGj1c03KUzJNHE +d+uWKm/wFxlxkK7JXhlTQ39DHTSGF3HQyJSxe+Vb1RoIdq3FEE3O4kenGEF/d7z9ybhu3cZx +iKGiEnlKKbZLb0JIXD4X0QmDnj4sSPQEDssHYydWyXvZCT342201texWCiv6mggx8nX7oViK +5wgTFKEhGJ7ex19nVqOHboGkZpNf5V+5BTkzDo3iOiGoUgcAnXLzkjdIgCjU75mFKJ2eU+rE +kE7Vdqn3Yw88PYXTSuKwUEqFDu2+z6fE5+JHxzlGIlROfnu6LjgQxW6mpeQ2xEsbrr4OSKkj +CCBEy+swARLdP/Tr4QVSx0RxsXerVbymhhgXLMokdQwJZXrojr73NJtH9aRSgqM0OkXaMaP8 +k7WBFs/CfeJsy4/Sox/eJQ+ZXkz72kL0DFKkUeWZcEjQVHnaZXdjDFtX86Wz/3bjTBqA/xLO +YYkCHAQSAQIABgUCTclA9QAKCRCcqg5j8k8ptc/3D/9Sqea6a3bpwgE5dsbjia5/4M1+03DN +Ad+RqCJnWlBKKVHEE6ehDKzLgXkHy67i53a5f+F72v5rTV/3aTjZ0hC0ShGz4oe5YoouvE+K +1MIlPKjgye6hR/6Silkln52IgMra6lBMnNbxsfg8e4GTepfMCs/3iVZJPqTKr+jFMCNQS+zL +vw70aTpLyH73ojl5MRYslPn3gO6jYzf0cX/CKTVo9gV4J8sJoZOib2v9la5anhZMLS22x2YX +BeGvir1XnJv6PZ7NHQEinH1MB7TTsOlugLO2Z8zNnFexcl5pCkBXvzpkmZ0EpJsM6F9CnQpT +HWx7BYlL8/ZQ3r+tSZt3bi+T0dNbhu0G07YLJcBI1audHeB7fwSSi9cNOFTbFvLMiy/pekPb +WiWMlWWUBZY6N9SeeMIO9c9y1/NzEbEipyvNQ7eDrSWbaKfaYNu+JGXRtbcq7lTYhUagPU8R +bvcN34zFsTJ/JEpOacDuJ2Y1bUYULbARTBBXr5v8oYGTHOaRrs/NFsoEZ7m/0WV8ByhXwo6H +jx9CGAmoa03XIUbbKBKTy091ZH8LtBDtfd8pvzEl4MmldVUH3LP2tNtkWFqH+whktBpJpsv6 +fv14OwRHL61bqeRGLzarozgDs28opkOd+T/+bmq+VEjoBHluiNyDxGfgv+1kdJW/1VYp2h+8 +FBgozYkCHAQSAQIABgUCTsrCZwAKCRDm2n02KoEYt6DqEACt352FQWPyspQvstPMFyhUa2MZ +LvajWFgTCULCqFvM2sRFDtU2b8gZLywcaIYsZ1sLgQk9rEWVBn3Y69EHtg0nm8Uajq6nST+U +T/ojCoS+EJWCu3kanyPy6u20JjYOqeRbBDXSSbKfKHQftcgJk4z5qL6dcDiXnVWeByXLFsMW +8EqZKgzyvfjmROc2JRNSJx7qN+vpMw3E0P2gt1fgZHTBFsCotwcKDKk6qc7KnLptggHf2JAS +QBIwVprbhUFFP8mDvcSeGkNGVtlrgCDMcYZs4eZO2NXEbgaJtdYv4Xd1Pa/ABqU6qgKQ4c4+ +dmEFL98AHUYqlNrTbX5g/YdpIPpvuInAGRUEI3wEpw+/2plRUVuLCtP8YSJHYIxWGfFY6iYN +Pkv8MkE6KvMUcE7MsjT5pX2dckLkdykip2YIyYis/oKufCwvRL13Cqx/bUtWTw9QTVIS9KQe +4vaeZbusRqakjuikiTfUIn/II8/NLzRrIvVn8uvXPgbeAlXe0HNiI2QXS8Pfl9qL/TNSimxK +2A80tlvXx6CF+43co5rPtZm3PjeykLvEZtTeq2GUWunLjE3pYuz/UK/t+hPWCUm7FZdBlf5w +l/SXfU6fC9heW+2MJ1bAlBPbFjh3R1tt6TYsK2f2+4acarfqqSFnTvHxTzMXbRa5p0V/0qCU +bEuNwG8R6YkCHAQSAQIABgUCT3Br+wAKCRA0qAIWH7cF5djREACG+efRwuMHEuZ9ZBcIMMUw +CtM9b/gFmsV/DpUBdEo0qCZLjFD+AoT98Al2WvfsoW82W4aPh9o1RkP5HA6GufWoB5ZDBo8E +lMSDAS+r2MUizIlI7MVD1DA4ZPAkYRk0oDvtpBIXDwgG6I8Gf+ssSvo7Bn9Z8Mibeik1KHYr +231OBcjuC+2CLeImRMZb8Nrlksade60JrBrYG42L3ZKqnVwtlFPHwiCpFaDEHjzYR5Lk0rlx +tgA4fIiMK4kEmnoTgmTP0roIFh88bsGhXiNxcYnNiGMAhRCB+DfWDD/pp0psI9LksYTbKRFZ +/NxOLtBx343mZDLKbnl1Y2JIpGydlFXL+dEP3AVtzgYom738DNj4Pf+DNAkodDLtRTd9LXse +bm/0bV20WzNpJ/LT9QCMapRfG60Z9YbcrH+NrOchyPJBHKruHkvfnZLyJLZBlLPVgyg95nWX +ZjW8LRhjmLxa0hGEz0kItwylGxZBvO3jHdmfYx6N3wAK4uXdam3gY/+nHxtDzUyDMzBqShv+ +81jrYk3Rv0Vh6F1TJuoNvwWp6DqCpd1siBXI39ipequpPVQjCfkZqMET3065S2htKjQDciwL +B0wP+/s9ulf15jxDUAK7PdTyDbCq43zBxdprM+Aoh7KQAfyW7SokZlEuCna4cq7VlTazvLcT ++fzolmqCyFpK0IkCHAQSAQIABgUCT5/OEAAKCRCav9NJG+YAIoTQD/9YyuWFCLRp2BR44K0H +KwDhMa7nuHecH0hmzM3GJzvz1eLFzfOF/N4T1jhri60JDvviIvlIM4PYCZajsonN/d6pI+zn +LQI74fEELfQA3Iem1Cdz8BnQI4HXYYqpeoG+Tm56krmkSNW+KNAa1w/Y6NoheZ5z3YNts0C2 +f0qo0FmuWwlKcVHaouqVVcCla6LuXuFT2q6IKp3EqZ3Xzx3VUo+E+BykTG39R/xDhdyi5f+5 +nTHi1fiTeR3Fvr9XOlNqhg3DibNVV1dx0cAAqj4xgBv+WCDTwuwxj2K7+6PZMG9EwKlg3RIS +zeXYq1PqAl4MZL56GdmJNkHX4+ZFpYzsVQUse37Ol3h0+oiWdj2fXHdmY7SzyufxwH63f0pJ +dadIrEFVZqy0SYKWAFGDzfmP6oYwQx8BFMGuOUh3cpFdrbjaWMgeJ0JXIen8a9rHe6pCUzpT +9JUpa3bjyNkuywRsX3N0002YufoMXBisIZN1fal6WDAe89BgA80InoiblbAykvwWz5f66Qtw +SGhd2UISuDcAxmm5eg8uk/3Rz8hDttXS6buPnthIzV9zNwxj2DY/J24dEJNjguff7Uf9Xl6N +XeEOPr5Vpmyn8uwZNx/+9T0BOE3bW0tKiwxZGObub8AHqEjCj5ZisAEu8vym7qjC7RciqxGD +EohCU8g+5/yt0cJxCYkCHAQSAQIABgUCT9wppQAKCRCo8sRx4sAmLbECD/wIFjT3p3gVmnNn +JE0Mc4CjH2vXqhfghbsBPzlqPkqE88GHdoOJqw2POdEGLJcOpncQPEYSBbskjChuyttLCr4c +QZWiXaUXvNeQ0wMMMtpZLnRa+bmAwcb7pty6R71R31Q9htOYQKdoZDc4OmiQuD7rHEsH7tIy +9tc7XMFywwKyQqySOWUwwzLwEi7qprbW8NhbV4vl1TCbuLHRcXP/XgqSVCzOhCv41vhwH5cj +MEOGhjC+DTQuTilQyqMeZMjl5CkY4CohzhS88r5LPnuxH3Ccg3Vjqkz9j61n+1M0rkTM7GsL +m22bw0B3aICuYG+Mm7x7OzYBFB6IWzEEZRaNOXNisMxmd13K6mNNV+RLr8cVOejD8kP8RcB/ +OQu5uQpm2OFgSnjtsbaV8uhexFSegUJ4nPdLevATKm1TvGpTniwPgmGcWJ8+NBoG4xkncE5q +t4/hrZxulxZGKIMNLFaR84YMulGfvemAM/Jh/27CKltSGWR+T2jsfLm5bgWG/FYINd/z9RP6 +P8mEgyoWee96uWCM8a6NLBwKHX+Z+e7Wd47hUS7bJysVEMNNlHY/rq6V9xrBuznrsCFidDao +F0hpY2AeE8FLTWVFtYrPoQ69mBpfbeiG6uHMG/0fZxz3wBWFE+M/JaDUJf8X38ZcHbSVjOk2 +XQF1rGTAo0+Lzb8w1z0zrYkCHAQSAQIABgUCUVNf1QAKCRAuhYDll01Y+fp8D/9dhmbrdFOC +41v+NoBPzg9mzcmux4jZGsGdxF7Y5VSwtc6BQKdAlI8ziXqb2MjKJ4kOraclWS+jASRM3zuZ +BS7wpU7McdWpADpTcveUSJcBXUXvdPEJFo+7oJ0zIw+J9VHhW6S2HtI8XQAkCYtseaOkkdMk +GteQfWK3vOml0sZ0dhYkWPAW4Xd4sK30VzGhntmySEEOEdtiuCGO7BNIz3vQdzcVcnjRQMlM +AAzMxXtpArrsc8/BB2eBcexhbgdcRtdcxNjAa7inRdAtvgJHOHVH4IRSXGs+OD2gpvHyLkro +5C1EwW5TETK+blzQFNvPxPJ4M+HubCJJbFrQErVVBV7AaFdPA/rb5zP/28uW+Wsl+OCGqm94 +7FaeC2Cn1/5AD3zQR8E5ANiWMyTpPveL1nnQhigrsCrLJPhQDvh36hD3e88Zo8HzYj//Xphu +qo2VrDdnT3+EsZiehduLlFfktm8qWDlSw5aO6HLWjhphH46AByWr7V88J7yIlpmmcPEVdMfj +wWpIq6yB+3/I/V3KCaVbLH8cpN9+63h9YQpZWhCrLmDrXQKy3dupu1ct4fa9UIWgaZjPfSh+ +byNfzCTR3XtySjeBucZt2TOTrgoNDOOsz/El5bptVvECGIWUJoTFbRAPh7yr4zl4Yd3PsN/y +WzRY2+qO2cbPgvXLykk5QWOO04kCHAQSAQIABgUCUdH0pAAKCRCw3cc1O4BFRjPHD/0e1r2K +quF9mJUkMOPp29FdNSUXi7LV83wXB71XMOZDahq986MIHrqCYszvKp2Yo53ODUMhJF3Wob7s +GaQXpmFqWKNX5S8p2c/p4DXoNkhfmXQIy3863T15lnfwEqvLbDYgJC3dmS+q7h56FSuXVm20 +BGmyRZ8lCIK+9o7digKV+SEIDlfpMuXbEh7iposOYRekUhQXvL0Wi1lAhZ5m/rKMvc4+9HfJ +GSKgb/H25WC0Mpmn1EQorLDB3rBYjUURwFcVP1mpOJQ113QVkgtILo2zdUASDUEIcL059z3/ +9c9ChnnHEQTRFLRpL694jFXiJoeOK2O/QzodY71q7Hz7WY7w6leqW5GPMnrgsCgQSdBlWf2W +jEOorjL7bXn06IN1TxA3t6gycH3RaJcjc5ydOwBy6+di5bxzh9sTQJm1YqLCfMSqGYXFUC+s +suVm7onQ8TZcuy+nETIbQsJO5kcCAKX6hYy7GDLsJHsLEW3r8DPcRl51sO9uA3vmEtwtrUi4 +jMu/mANK2+CnBO0jYkZeacO/O6MJ2TkbyQnrbD0itt8XUrGW7FZFtwS1d5+kKqzi3rHAMW0m +3yCjtyKGE9w9vtiJkU4zwEly/T9O5EWrJI0OpAMVuvClyEx0xM+iG/f/bgf98uncY9aiC42P +s3c5lNvQ/D1cjVFktuAng6VN0607xIkCHAQSAQIABgUCUdKd6QAKCRCeVk6lMHomgViTEACS +3lf8i6h1ivLxnZ0mWe/jwg9n/LSbyettcbvojged146BHyG5TV01uTKsLNKOxMQvvYNwemjC +6uJYCxkY+yaloWxH72i3qP0l5sk+rIKIi2lNgPKEkXt0u5AnsVcOpzHXaAezkHW1nlJOn6/L +g0Eg+wRW4UCeHRW7bCFbOccG1wwEB7ZUEKTZ03QEKEiLhzS6yF/376076EERBHkh2vHqRu+2 +7KoAYlrs+qCe/WZclE3kwxHFnQVg20dEc6HjXH43KfVtcV5mEentGcEiwHYmeqnSMXfqIX+B +cSGXUAWJmBVMFmIHcqKpa4v8pEdX5LZss3jzu0SZ1cxXbh7WjnuM3YRoWRSfnbIt+WiWOlHv +oGetltz9gjIqjnH56suirlIaan1Nj/AfUqKFXhjS3adxbAZdIKd2axpJlxs8FE7GMOQq6wu0 +mFEvC4v5/TkDWGjE0asJGMpWpTLdACueXkPaw2gCCds+IZ6cdS+AlfGiHZfUveK4J21FZvN4 +FIq3lPjANqUF0JZaBIJ3KcJB9TB0D8fNwV53V32FlFjfv+qYsQ0nVNpYPEnagEsx6L3lgdN0 +EBybDdnhLzxa2hQhSze03FYc5c5AGO1YWJiYOabUNOdmLfkLUqR+kdL1b59pK5T9x8H5rAZ9 +h4aeWmiT9bt9PrQYndct5sNgD8+Lz6IQFYkCHAQSAQIABgUCUhs6kwAKCRARrGPgjqpj9/H7 +EACPKA/P9IBJ9UcD91dcyCzT0wajwJBTZzWLvWDVCPUX3RNQ376Nj7uT67yh/XBVf8oFda5X +f1ZL/0GU4zKFZZ6gj2TYNlcuoSMiqPEZTWPOO1ywBLfBNPKVHxfZUUp+TIo3F9LPChicOO6c +yu4yKOgNQPcopwcZaioEuOXHiaquHc9XxNgwyaW5s6bRLhKWXekb3dSGmqFXS1uCxaZDNzVi +cgIvX6EhI/WzoQz/eUgPwtX7yaRIMZwl2+FLw4cdFd7GtI3ajD1V3/C7r9BKaVi0aepbxnJr +fZnoweqI2ykdEqifybJeVPCJhfJsMNMkuC6pHPIHuv51aPXt6d+44SS/1G9pdRnS76oVVLFz +Kqj1B9hlghRPidZuybORoILq8XhxsD3aNKJX+mxeX4muvSUtS2e9TAyVWI0tA05qPiHAs4rB +Be9aORycfw1Mz/iDkeDQUaGcRYDCv9tIyWiYRvbaAu87hfbY1+ot48k/7n//sdJB3B4njQnX +2omyJPUxYE3YvDStKxPj1gAL19B6dqxyaXCpE2Clr7gGKxFcoFbGbFqUUEVMuKCHZkNMx9KD +iWBFCGnawSVMACyWuqlyAs3p0U62tgjvKaLct+G2awkSutypK5GSqbIsAq0z+9ao3gPtzcmf +V9E4tGHttxUmGN5aiSykdb/rTaRZxY/7FvFFkYkCHAQSAQoABgUCUbbwIAAKCRC0FWuXAAAA +AHdGD/9OWBYYFcxEhh3TPGQoF8aOIX35GZuhxQ7XCUMWVZzTJ+/ndJccjTQlIYabBrZq9WK9 +zE6XB6399ElE4ODELv2Qsrw7JLlIl+MumgdoSSX7zsf/U4x3d3njrwKtWHQcT2GUnoFRlWHD +G+lzVAd2DVoqYFiFSEo2hszwaRlWhGw7Equ/5tt74/t8njIm0H8kZZsovs4NoYTxTfo7/ufI +deUFgxa2aE09labP4XtZUKtoqmA53ir16dA3MsKyjc2trDjkEpl1t8HZmxy19/w0+aDyKm5b +F7+dGIggyqDTdNKnP9i9BAdZyrjfQtK8Wj3trbGg0h7YMYq+IYGz+8yoFIkYdizqzR3fVR32 +ua9+Ziz0cVgUEDRu5wSc27QBpyz9jlN+rexHEznL8FWG8pxm7uAf6vlgi3ERznFrslJicI37 +9mJ6xAZwBQNKsJjZQL96BEunJmcWSfOSRmgrZF1RTdW1Z7sYk3Z6+ab1Zmlbn5juBU/yYaWa +Qtu9QIFjXDJR1hZTRZcQh+f/z3epgYKBnI81E3z0RLdMHp01KJo7JQJ8hTajGtSYLJldkToA +6upq0gpzEOjm4qOWcEczO8o5YXC5Tep4FBNLorPd0lBmz0DGU4qVa1JqWPBZUo4WVooOrYKD +QPq9CQ96z2ZKwvAXUkLiK9m0uK/1JDRG/rdAP4tDXIkCHAQTAQIABgUCRms3fwAKCRBpIeXk +NW7baLDaD/9yuGlZf86+IgQgLL/ggN9amG9sLQkyW4vveCQO/LSJHq4jydvFcF+6zpirbmhF +Wt9bljYf3eOJlro6ZfsLldaKpbbDRHhSGdqwksLNIwvj9+OYL9PGV3eNasiZdscE5GmsZj4n +3o3kr80vaQSwYD0wov0geMIpdA2NvRpvSl8PgcM9Wi9mhuYYahsdJQgo+PMkfX1TTYCE4Gf2 +aYWtniC7+8jY3cMWKIkepW90nEe0sjMcEmN78spPAxocudoOuX71DgxwIxqmms3HYy8LFjkH +4xkBIvx3PhoMjqvXPvY24xgMPkrbIY1d2rxKl/X+vX22Q25PT1P02jAx4hzznHTf8fpHkuvF +l31SGN8xv03l+gywO5Tq/+NWk0MAueKYbCXFmacTCX4PeUSW0O+1TKExBNYsXOnX8HPkp1nq +8UmKsW6CiBjbctRg4JZhrO6bOtcld0SgKiDDpSQq2q8qPvwv6S+I1+pXKruxSExrixO8c/jq +HO4apcO5b4yazdPE8W3XtLx9YyWSvS+DWpNk81T/49m7RnsIsiagokxdp5CAJtdK/Nb3D+jv +5uctvR1sOVLo2a2M2MuvCYL59Z9+CsyNjFUSmyYb7lqqhYEwfX9siW119O9nkBYl+Sf01M7r +X+0S5mr4VzKU6FuIj6qEWWc3ccTTY4+BH+Kt3b+lQ1JCj4kCHAQTAQIABgUCSS55hwAKCRDg +38WRr7c46DWjD/4wcZ7xpUrGRB3G0/xUG77q5//aI4BzFMQQpWbxNfRtAxBAv5jcZVfIWJ7+ +iENsC+/puo+zYLnaDal9G65yfIEOQpLut0WzLIlTke56KIk/uWD8bCTfg5cEf+1JUT8DecoK +UGKRPSlt7g/+WB6jznnYAtJeFN1PBmiir4gOdfKobvazGP5Ov/nlEUIkcXEfoQ0SoFyM9TDj +prC5XEkgo2j1lb+Zi3leXveqDCfB7ogK9vtKMIjgZXQKjgdraZLqderAgAqFJpULtURazHIA +qGgtniaMrvUALglI1HMrQQTjHwOvpBGGdM57+de99T/OPeZNerRT8/tRMf9Z4xL/hro1+ZEX +YJ7zH8UGFcwWiLPnfK2h4UGLs7RcQGlOT0aza+h28nn3hVNidM8x3yk8KBh6ue73l9gzKCnW +GmjkQN4+43Pd4L8GGawD6SEyHrNfpEUd5o/cq3TJomswB+v6YxjaCkKFuJYG1tKrC2OON8gi +AR2BRSd2ssI0Cwj0XEQHLTcYzU2zIxxghkqFEj+bOeC1mETI1uomBWPilr+GKk9mhnmD5lUr +AvUeSJTNEOHOKDTrrwmF8Z2QBSD53fI13kpSBNdkht4OI9ATlxuw7obaPij9Bt6wnavKPGBJ +FA2hYXuxeUXLBC2c9cBP4764l1EqOhCKVC5wG/txxISzdMlWQIkCHAQTAQIABgUCSolqTAAK +CRCxrddjHEAOuFheEADLGzmdVJihJTPTZvw2t3+svYjqfjQJgIu6B2duRcSBmKGelaYe8cXs +of0EFLPRwAiWOChUOPO7K0F+bxQ+ufhenEKbFXg6c2MEJ8DoE7fB/z6drgV+eB5zqN4E826T +6tEDqg0ZFpKqEeDF3vtPQqsE1agpkV/GKvIJS9+tJxv5FafnUT8QpBZCuZt/pzC+CXf/W8DJ +3xDrLuGmA//X8BHa/K9gZm2Z5tLfYupukgPRGaHZX7XVuJldkQygsG3Pj9XZgR8Y2piW68GH +zDXGswVA6l5vDe1QKfrnNM0tDUauYLpRcySIlUUHQ6YAQu8nO2IZfAbad58NGiWPupCpbYDm +D580MALvRcb/z1PRynHGLKxLsZHUh0C+cSaGP0ovHbxnWt9YJ5X4QmZSGXmcf3cAd6EZ/nGG +kptgoHlaA1dCqYbuw6V52GZtNUKV7072pb2g3Z4fTpeaVb5cT8C5Qm+ARS4gHkgOTPeLO416 +QB7a7+64IPi3Buhoua2oYkAYSokfzTSsbnEl01qOYcjzo15gX2YfZw3rO394uXXjtxoUX0+K +kWT1ee+7aj26CqMKR0CTbK40UgsUmNPKNj4ESCqu+sCsMcf7yxJd7mGPi+dxQIxEvu1im3No +3eDJDk7k/PXZjH1TtwBFfPnOxFV92+YK4LFdpzG6m7OrsEt30PKJEokCHAQTAQIABgUCTFx4 +WgAKCRBEqjSA/7OWoRXuD/49JDWu3BUGCS7QrhXqT80fsW566Vf+zVypkImlVr/rOf70w0SK +CVZpNGxuopqH8O36OIcSdIxvXLjFkf9DhFmxZw/u0JiutKX3OWFsGtryezY2e4cjSAP7ol2x +U4+UMpFwRu2pDt3JX4OpCREJ6ispWmQI1o1q9UJA0XQPUbmq9ie5rkpKqeR4v8IXTODUTSnk +nC4MiiIJm7iXq23UcbWHUB2NjNB2BVlXimqkmdLmzGt+7zQXCsfAJiBw6w5DCUOgJgqQm60P +CkDZMtJbKrjgfle3bT36CJUDXccMgDswwGyIn/Ant2QMTksCOYfhMJDBuIhcZlcCnsi4EoBe +dvM3h+NQr1p96lfYLDBkWv40KuvCr9rXaxntbsJT4kXtVh9AZMiQAzTvsL3ojltj9SGb2BSC +XEfiWwN0l3PMD16qs25vWMH52uDLLqhapHjwkidii0jCDIsksorP1NgA6LuE2yG2/s47ijQg +xu2a96Sz8pzr0ZBdSGwhJ206LazPAioKmRrzyipdLf9MXcLUS5nHWZ7ejPvvB2eR7Kb9cbo6 +2nqfgWATJLnKFJIsNxEB3Blwa5410Gily0rUJwvBiJUV0ZDbtB8fjtIAwlZwSTXgVXoB/lSl +bHAm1YyBwCVjD9omlZ8mNYy+0iNFu4kI1rBASYioNW/e862Wg7fQh9UlaIkCHAQTAQIABgUC +THVe9gAKCRAbQmWHgHHa4KmVD/40RygBoqCP7WzqhB1yI+haY2jFG62lNBdubUhY5nD+vEDv +BvOaKjmJHZedBB7nbFuT9qzBwFuX6qJnlNRmH+yG06L3HD+UW+AdVES83zU5MTEqxnfdce/k +uB/9nlpqugIIB8OicHb+tvXX2dpXntWX9vgsuQQ9NtzV1jvqeWZxuByJusZD3R1N2IY9ydk0 +ftKdwWPQUtjFkODFhTsmMLxv+OBM9KWaPc9YkrfV4MacnbGnweYQh9eCxRiipJkWp1Q+rtIh +T3DRRE0uyYObBMTjxpfw9xYFceFIziYM0QNJe3/t14jG6f+hfdbYZST3iKFXZXzrO4emt3nu +/8QIpm8pZg/bQnChGtx0q9BvFmYoOMxe4j94u28tgbQthVUpc3orfHflOIs0ravX8+vL8+gT +nyo6GN99zsrfWjZEbS/awPjMAKkWr17MDFRSf5vFKcp7kr81PevnkVeyJZ7TeTdogO3bc5Na +nBNspzlyGNc/yHrKsmCxwUs03TY6r1dIoZJ6k5Zr748K5d/hw0io1+ITUQluy4wp4Gy8Jv9G +c/ADceQEsRsP8MLZlWrb4reUFUIHq6wcQjUeoZUX8oqrfaqwC+QeDgUniy92+3ZBDcz8QYEv +lKh/I28794bWC1zCfPjmTxRNq/OuFj1Q82j1l/ij7va9U2RsRpShD0fGbMTagYkCHAQTAQIA +BgUCTHVe9gAKCRAbQmWHgHHa4KmVD/40RygBoqCP7WzqhB1yI+haY2jFG62lNBdubUhY5nD+ +vEDvBvOaKjmJHZedBB7nbFuT9qzBwFuX6qJnlNRmH+yG06L3HD+UW+AdVES83zU5MTEqxnfd +ce/kuB/9nlpqugIIB8OicHb+tvXX2dpXntWX9vgsuQQ9NtzV1jvqeWZxuByJusZD3R1N2IY9 +ydk0ftKdwWPQUtjFkODFhTsmMLxv+OBM9KWaPc9YkrfV4MacnbGnweYQh9eCxRiipJkWp1Q+ +rtIhT3DRRE0uyYObBMTjxpfw9xYFceFIziYM0QNJe3/t14jG6f+hfdbYZST3iKFXZXzrO4em +t3nu/8QIpm8pZg/bQnChGtx0q9BvFmYoOMxisMRRCQf5FTaIRgQQEQIABgUCQiLaSgAKCRB9 +DflY1yo6GN99zsrfWjZEbS/awPjMAKkWr17MDFRSf5vFKcp7kr81PevnkVeyJZ7TeTdogO3b +c5NanBNspzlyGNc/yHrKsmCxwUs03TY6r1dIoZJ6k5Zr748K5d/hw0io1+ITUQluy4wp4Gy8 +Jv9Gc/ADceQEsRsP8MLZlWrb4reUFUIHq6wcQjUeoZUX8oqrfaqwC+QeDgUniy92+3ZBDcz8 +QYEvlKh/I28794bWC1zCfPjmTxRNq/OuFj1Q82j1l/ij7va9U2RsRpShD0fGbMTagYkCHAQT +AQIABgUCTHvcEQAKCRAFXCweLWwm+bA0D/4+5oAKMTV2hAMIeiMfKi8AsSaXIJL/Z6TtUy8U +3GRfHG2UGQIjI/dZUvgDUSY7Y7Ppo7jbfza9i3PkyZ8jfIMS4DyD2Ml8GhAIi50STHhB9onW +axQ9DiP8pbD2Bwpg7np+worNnWceBnXcIT/H51UUHVuIcVeOuInaQmARPWP9ds01p1lT7nNT +3L+zCoFyvk8QVH+FotwJ38+/hsVE8DibOKtfvxC1iCb7FncXjQtj9+MJ5cHYebYzJDkuH+rc +B62oQlwf+edk0Jl2/KqmFkZFcAnjHfK5f6iDD1tCjDTzAqceAgKXrjpDOUioCiom/TO6I4Gd +rz2XdUCm7aLIy5LkxG2AwkuIfSi4EgMB3R1enJPXxL/eSjD39x9hYoFYq1EsOTOxcWFIiAQn +pE5cjgdRXnKioCPNoDySac3oOraOJzL6kp4oTcDAI0XrKWF0rMZMHafnDM5AASbota0Jfy2m +oIs4qliFkAUxW08GXqabBY2IknVKVhcMufZP54UMhccCDQDZRm8EI5sX0Alm5kejkCjKgjBe +Hou/eRmX7C2wRyc86iyK4PpTF6HOfzcr/46YQaPnszGJSFQZtohhc5VJPFn/3qWfQIAVFYZD +PR5e28hM2mIVBKWi76bjEmtNOHFrBfYIn3+T+G5D4OLOHBg7la/6mwZ0Qz37wTfBXW0q9IkC +HAQTAQIABgUCTPglggAKCRAy5nrarOTt1krGD/9BimKBl79ycq0fZt0eJhIbpjaxCrAyS4v6 +ZZY/pvFNsDhhYdmnNjACf5gU4rNVQcOzY+P6YxQd7dea/kqe8QDdJkH+PZHUGKDWgJPiafcM +QUApUlmAfKycqFmYPhYyNZk+/iZi/rxgCROfjlNFL9x8SYLaTFrTc98P+kh1Cbq0j4qeA5pl +bsosag+k+zC7EEx/u+UI1xmD1JPycUv5VHI1K9sgeybPoC0az+SPXtnMtG0r2w27RP8WcacS +KV0hS25HmbAWKBgu8C/Jl5Hp6J8F0eYcEZLyiKuPQ/YzZAj7KXTDeel0hl0dLT3dGF6K2fhP +zjvhriWEBa3nw8478a7/TiRDq+Uy0Fj/juEaWYFmuFsJRAO8qzzOVpdjLGNNE/RE3rBS6pFQ +TEAyGjLRZeCfP9LeZF4QIkck5dlt1hnVZWUHkWHcRvUXtgC3FMJcp2nGB/2qcoXXwcUxiaRK +eso6SplAQudWly45W2/e0QorTGVTwxLUMZ6qixHOgkh19ByNL3XGMWVC/iB7dcUfBdHf35Pm +zE7oti5NHa2JhV/neDq3guv0pq/JN2y2fnnk2RItkRtNEFYbLyt/pOh9i72fpuiPRPKqnKP/ +zfSdv7T++RvRVMY5f+Fgc5kMNwyJXq4/SedF3PvMshR4RBBvsK9GA8qZnX330LZ/SjSqlutb +6IkCHAQTAQIABgUCTUpkDgAKCRAWUhROG4HPXsbKEACFWNv9x/D5ADeokqbyN4ZppNkhPv+o +zs+RDwk/ZLoC2YUjxiztMmMSWrCZkVRSVff8aFFuelpn9sTswPnsb4vRqPA+68AyjFMFC6Do +w1dmbzqqgPKGr3DCL/yuuQbgcK6vRKqRMt1PPwhnoofhdn18SgcAZvDn9Klidy5bzVaIbkPW +/oLTCwDh8JEk4P3mT9Xg+qufyWpUAwkc8GLEGJOE1YTKaEn/VeU1+aErPpxs5y1/Xdk42dcC +fuP51b9lq8/EZmZlobvT8oOkrL5SoBy+q3MLEjXcqXctr3pR3JGzEsL3qj3zeVGz72c+XtjV +t4fhNV8TV5JwhlCLMssP3MUGr5mG61gqilh26w23rky0sxocl/z2pFBlLaks+skOC/0Xyf9U +tpXvlwa7fE5MTVHywwhpcezQG6rTzpyfmGhosapVO1WTa46aOL0LhYWFBqi5jRA4KxVz/ik0 +nA582TxXBCwTNGAEtG5ElskASnNmADVQ25CeaG3iBRMDMweekZvIXZunTzNJDw1kdO/BLM8U +eNAMCeFpkAkzguF09JVGzWbRc2kGCp9kJT6kIieVma4bo7m9Exw/wIxrNYc7VlYjQxuGMybl +JACT8130zlGpXEkUvFAFKJGGYgYG3t509B1v4rsQWU1C1sXsoBR8pevrjiaDKD2ZIDeShWNN +rSfxqokCHAQTAQIABgUCTcINswAKCRBrorXMtsyjExJBEADBt3+b81iyCglUsO661mKdMB8h +iGUpFeIvfJfCpyL5z5bnIqxPjbs3XVHLkaP5mPZa4504wr9p1ODv40McZV4IzcwiERHXbPCI +OyuPqYgr75diTWXgAlt1AT9//Xl7qUQGInBcNW5ybscCfqYIaii0w3eM0G4Nfi5pGoybOokU +vSBcwJ8lyBgFNT/nsE9C9a6plg/DX1NB6FL0zwtg+bjktBemvyG9LgLsbuE4McGa6DSaShPF +bsAlwPV9PaoEas/YcuQ281Tpm1Ta/cQS0KIWOrmxOcpCBYJ/Cii+tnJSCBOZUs0A96LwM13f +s1KfcT7o1ClLMQun3s5M2YPxNvSPzG6VB0nfICRDykE0ilzuARbg66I8xaGVMAplUD9nwcMB +LqBPpqwLpbMk/8EfaKxTeCvoOeVU5quDW/Bwno9in8BUmdveEwaeuFRWsMpNsvHmcK5sz63A +//J1cEeSTAcNpiruI/7D6GjAPDLZF+DFbCkDSN5fSWHGcYM4bHc89NVmT5YyC3jBfCLA2xun +OVfxtrqECSkKNyVD6MT/jjcFGUgMG5YGL3pMr+l/nd7o0+b9c0gT5/DXaVpQ2oH5TOOAUKw1 +KLJFrqyHrEwoDs7GkVq0W+l/TOhqGzgZD/ZAcPx39JITZgbI8s+CpCzXkaRTI2RQWJmjC5cb +2WC0QBOiuYkCHAQTAQIABgUCTtGoOAAKCRAE7wIvDBi5zDeoEACG2kzKwEY0KqM6DIiBSZLp +vYV/0IfsFvS7nK9A02RRIpIgNcM9rNS0P08dl573e8Oc3/nx7vYt5NS0HEYeTdypW5ukBwR0 +SzZ7lwNLoIgeIfcBBPt4WuTjUwIRaRJS8XpCO3kchk3u8VC2fdBcvcOf7jNPZePjmpVoBtNg +4qgpvRogKbL0y6ZEIrJwKsM54wO/n+KuoSzQUXb0OK/oI760AjXUCQ/FPYKCtksvoD1XlMAu +6ihuvXlp0GrfKOXmPeC6OVUpABHfAAgDJ49K+EdlW36WfBvzdNVwDUgu6lr0rhJOvXOQQW8q +CxzmgmF9z9hhpiJHmAhOasqn+qf2b2cv6mVxDmBcF06dnNdcbLjLrCsy9Q/o/VXFnZp8KDej +WWqdoGSKH6bouTxQp8YJRTg/lIKaVL73WK4A+7Jem4lQKPFE0PHV/71mSbGaauGbvpZ7arH6 +OTPJN+DmgpLh9L/USOVv85VIDQwfS94Dyjo5oyVZf14J18Upga2Ge4Y19667fkms00/rC5zH +xeia2gmUo2Ziy8nQ5P3QpBp8ZHWE7PIHlJuguaL4acr7CdiumtId/bTAMftgCjhRmL3QK9wM +LmO7Y4NNCxMTJ5AnVY0D6kAWdtY80Eu/CwF7amMnlp8AMSqkOWY0Pc3kpvH/sGw42xjTmspQ +thMrQfqyDSnNdYkCHAQTAQIABgUCT56umAAKCRAfNlZlF5PsJ+YUD/40gxCQNtEUDCfZBlnn +xCB6srLsiyO+ejcLLVgLYd2G6+6vP7mEJ33sueDBQraSuTPIoCA6amC+iFrgYd5g4W2WnMFG +j5uydJ9rLC5Zrykfq6QFz59CFk0pTVzX8qsqKtKhMUB8Q0Bnqcdr0g4fqTtrEear1GsKD88o +yMfeCJ8kTnwyyalBAWq2Ow567BDZlYIUEY6D7QZ0hv9WO/QxMIzUUN/Miho/S8XCkKK4tZa1 +lG0oaoCRBFDmjw8+STiWfsbSu1HRXTHHrYIoeWSCRjPH37Qtuy1f65HnKApGNpEfd1BYyuQQ +uakvKlWUEY4ss5VxnZNrgqszSCcJoEBykqVkxnWk+9p22Jum7sCpOpuKMg4/s+jd27VIGN4Q +jWrI0MtQkXsrToR39bk0zZdsogaGO5V9ftostQ2OwmG7kxLXgFbeKwwZ9S52g3cnxUUOh1fR +Mozj3vNI1zM5fFQ0jszyy9j6voTl3Wtkrz4zaTD4PbYjoNo9P1FqPUWHHbiksWCG5Py41avS +YXqgw0n3sQebA7z10nuNL3tctN/airC/HSfdRj0w35G3Xa8FaEvV8grxr5ijXTss+6en+Fk1 +vhwPr9raugSVhlGbRKslIkYxl1ZeI/DzFynzAtNCLRCKKXaWqAqwAeIJL/anSIQtIv9qUF5M +YRTT06jm+LHvlJan/IkCHAQTAQIABgUCUCfp/AAKCRDbkXthzQzRbpRzEADXyc/EovXXGF1J +ZJ1nSQgyDLOZnpBRGwKNkvnsRecjsJGMu/qyh3Jsy+Elbhpw6uWAcYbwTSv9RSurW1xENH/g +xKv43cubYAxAkywYRObSk4FbKHt26XU6ELdjAd3lXN/pJflpIDNP8USTr8SlyBmzmv0/Edeq +o1m+BHXSzeLhQQCkQ0cMuapHEFri161RtQEgkRSIK3a4huGZxQwAPQ66N5s472eAMSPdtD1F +1ZKtfPd4fayj+hgempjLWlkaEK555rbPRJTTo28brw5JUAYHcdmLJkzY6XqTkhPiTYo90WbX +27Doal/N/nmEtwaecd1BAMrIEpqfJ4jaH56gH8dcX2odSwC3Qlwa/wiQrZMzWHxcbe6ETZRg +/G3Kt+Dllweaflus9u7i1t+y90IKI70ZTltZfLzFGWqEkcxXK6GIelakDRaOlGIKcnSxcBDl +2rouC+wWC+hTv5RTAA6+W9srw04P0Q0Upff3XoInVcWdTJijXEWRP1kpc2LuzOI01960dmFv +HMbV8RGwsM247umt3k1X7+TiVD2YF57SHe5RCjeB0PoU7qhHiHXcyrBA7J9JNPhM9tEy3b6l +70ScppDoYiU4wWXEFFc+siFZsjNQlcC4ams+PeFHXtTPe30a6W+hishF2bGqc63Wy1m6o+If +WEQvlc36my67/QE8+BDCDokCHAQTAQIABgUCUGiGCwAKCRAQuqbK+XgZ+IzeEADM24EDKwYN +9HcrFtW1U+y4Rnz3sEaO2BpvagFessO2ETwrxuyWgsOiPqa3lZrgtj838ZDdKPhlhAmlOn7Y +L8/SXiYdW15/ADyrNIWca/I7rOaaBQqxsd83g9cKijvaQfhbu3ufWgNtikcqIMfLwlerxExP +JqtNqqszhJbEWt2sm1hn5uArTwjCtThbJH77mVY7hgVtW3NkA3seSWjA1vIgMW9qs1ch0PqM +MLgVEalluzqFhNDa2mKc7+1Ma+mzPYeZ3OFL7KYd54QE67cuWKAloC/F++OQb/WV3lBJWt2g +0aWTv22wVFvzgVBWP4a8wM/LLLD2CxMzC+waWEyRxLPsXzpcvGHMvzqA5uz/tsYv7bXeTh0S +R9LmFxwsqGEay0kS/eRHRmWuLdjFnx7gJGqqd7fzFwhHQD8ap8Z/z7fbQSJPe/Z5A8PyrmMv +/9EUv69xWJn0ljBzSxP8pRhU7L5dgZFDfgG/4QLzDrwEBgVFQpu/VJAT9Uvm0IYshahVffsq +CStHPUKVcWMs5GyELl//rBGEe/smIhheYI9wp7sB8BA7u7ieKaiYqQlEUDegsvV2kOQY0GwN +Gv/Eo4C+UR1JgyopbcoTHPyVrCVRpRDVuiTVlkMiiaAWdYyK+GLZ0Iri0clbR20jHiwJHU// +YisbBij7FUx4xDcoKhCGtE55ZYkCHAQTAQIABgUCUGiGJwAKCRAnsc7i6ZtrTEA8EACiAFIv +Bu0iThfWdeqxglv9GofjhfVT09flLwFMVMa9pVoNm9yF1/ErLa+umAMDfQkoFfImbN6BrWUQ +ACjpWKFPSdtrX8h7QQkENCAVQjBt4uHAvEC/iBF6Umtolkq95QbjLIZvY0qSWkFHqeqvGg/Z +1G+W39v9pXhTyvtj2uaSSRQNuAW5xwJ/kyBgNdIIPmPRm9o0OPM8a9oWRtUvte+np38vzJjr +UzVZlVEmXw0GZB8CB98FqT/xpwPvmPw6QXNJD9T1sSeuACPw48dvcjEwFdMwPUn9G32t6FoG +/FOm4ik/ZZqpiu8kxOo0EJFkl4W23g0o2oSfWbNr+wGf/z+Q0pQ+y14XXXdXjhN4sUM9zBDs +OtuxdN1FX7R4YdgqeOOInXfQ9d++DeuReBzT2cpzLUXwwxtS9iskoKx+9MTlbADpgpGw3bkY +KG8bTu+zqzFNYmHP5a71xVDLp6xqqIIax5GjHtx9zRDyzrwap0ZTyy+tOWRIQgLJ3HBkm/2E +e5zQWrAGitWjtrQjW+T0NNnWZX9k3ynVWOgjiKhtiN9wbzJyg4D0W7FDeTv28dmcYdk9MXhF +er3Nfd+i88HClFRBSIUGCIIfs77TO6n0EUdwYOXI5UjWJrWvLHUWzERXGcP24kha15SguyRt +FZ1sSMxCWZz+4M6HODJFHBpaoZ8J04kCHAQTAQIABgUCUGiGOAAKCRDgWyX6S6G7kMJsEACS +hvx0eRX6rMBdXqz15ChdwDrujzoD805d9erYoQkcd+iXN87XwnaidtEIr8q/jIJtxVK2OGN9 +yq+buMO86nWmfsE1jLvesThYZO20105lIQOLVGapE4AaWpM7dohVjjGZPvXQs8ZmtD5tGKnk +Lag2A0vTyGaUg5u+38FTpSrUOeSX623ZDE9Ddiqa/sDekrGzHrPp8onuolO5ypl6hnwDFiCe +KMlKs7cXLIBGz5bPAeycXNIjhPC5ey0BQbPKBCkT3FxFj/RgyPOGP9w7KrNHoXTALWuywWn2 +Dal7L1H8HuSyHya7CzikgZAwRzzrR2jFz5hkgwjyjxnvhsY0lowHo9x/8UXnDMnJ22sTkzhM +lC0Pp6xQVCPFMOfhmldHhi8nip+Z+edGSk+vF5+BkXmM51Weobv4P6hNwSDIt032sdqUzzE4 +S7rlykyfJjxwPZFGzjMuW6PFdQktjmTndNupjBck3GHNXKB/4XVCD0ey37BY12mcxLRd0iaH +/fJZHooIFPnsmAp0e/k8NmxBQ2ne6sK8pj+oNoP2RbySSTExP1qg6wUuLll5TZJwlTIAryw1 +fB1Isa3p2+uiLS+CY460oFx5eGGAs6HC2CbKmCzAHU9eLcnYKn3z2e2Ec3lKL0nj4TIF8HiC +jICd48zOii/qhHfl/x6rsCdpJI/2K3P5YIkCHAQTAQIABgUCUHhvSAAKCRBgw4EvY7/zenyg +D/9wEJBG9UuCJ5D7ggw4+9KFmtjhn0N7KSMnVGmhJ+SGIdO4/WB6Y0Lq+/5kw8dem7ZwVqcF +vcUYjJdIXF0p0wBiC6M1bM4RVxblaRYuT0ha8gM5pbw3LxWJWC3kIIrFFl87SKaXHN9iKD0o +4yzl1r37jfrg5OCMlmXJ/Wk1iCiwCdL6VGL3jYanzjkVFBh7w7N4qmvvGFaWP6MLXY3CubTn +abtEkVxhagPgxJLSb+rGmCD/FX/eMs4gwMOaXVqy3pweH58zaa8mmM6Q4yCY8tioxa2059Cb +9JsVQUb7WHAUWnU22tRVymbzt2mJYJ31lhlBb9/72JfOYEX6f5qgvyRP9fcuwkkfv2DEiecP +ZskDGaIFPzvTpwJRzM0AqoY69ew4A0LLDmM/yc/BkzR8vO0mL2qa6MrDxVTuOYZYiT0nI38R +CPIfXJbAZFfQXKu1RR8DEGRjDKMW9jjXU3juMlLv+f36BpecqAS8VxRmgYB+B1wBOcQCi/1H +CXee/C6BLjodqFziWhFl8ow7PQiR6HO31Xsg7dfDRXUiaHVpmKZEDZkuThg1LNoT3P6Kc8Lz +WOLEQ5mWXbKUkLFUtFFdLpwYUdH/Rj7Zpa2QosWhEfPRn2EKK9QydvF3gexlXdQXMdA34ocC ++X4QfkaIzYSKBpLpl3A1B+uGweBgvHBsk7UkX4kCHAQTAQIABgUCUH7uGgAKCRAfNlZlF5Ps +J7MEEACK3zUK9n8KglV8hj0wKSb8RgNaXrvM4Q9rbCsqp/gXQcnkcnXv4NKsK/vFb3UD5hIr +DfSyVX44pepIB78WbxXmTMsDXNHs7BWyn3BEB65MuEwT2tzwqQ4I5pRqT6qPW8s4dOTuRxPL +mtpKYYolBJvWtt9ETXQIjerHoO61QORVi1EzWoc/ZWdT5IeEvijl99eMQP2tZ2yzj67H4b9w +W5K1yB3OGtxcNUFYk46DnGbVwn15IVlUFLrOn60xbM4gAeoAA7NiBJmrpVl2Cj5L4/B0Qc4o +FE5jhMxRS1jKeq7psJjxR1OzJL2I5gB6dP9754utc3MNl3bymHuRQ3btPul4C0ZW7s9hEMd0 +j39KzDzMdUzn7aU/V6WHw8bLzM4J+g/kewOHz7QSNp3PmfmOo0uA0Cv5IQIgwUxIBcStHm9N +h9qVsVy1naU8nO7QdObJW2RZNJkESh0Fmm3OBF1Rfq730v5kweabxRh1ZzhVsmN3wBlmEHlG +M2KM1I5DJpMKDFnmfNIDMhVjsFZhzCATuMaW2nayXmjGCjglG9LKRKdAjC8ZEn/jmatQ3ei9 +v91u2naO2B3zYyb35pPLkcLF7trcD+6PnuzGUmnmidclXCwzbvRqfNJd1XozqeUyvbmL2LFb +rdjkmceSwvcRCwzsX8+IfxVvEqYmUQnRbGHuAvb42YkCHAQTAQIABgUCUMt/9QAKCRCQWneb +POFgwBiEEACuqHpnQBmh/Ju1CBi5HLtFgkIA42ZgWddyT9SsubjZWUGO0YFDvWkIdG5RPA8b +6R+g+JH4l9kPswR9rQz6jTndE/yKSHnVFsGFOtM9/k97+lOVe0vsV8ajyePuU2ak7ggvbU9S +j+2hRMnd9D8NmfMzWmkxCzmrIAIKuX9kc7rRnS+ZnZR7660aUltLn1usKLxeuLmsFiGBwYz7 +eMONeLOf5qQHOlglURmwnB8+o/xnPLjfyeeKPqrXy6Zj3oigt1RRV5lvcdSBw867F1HRzKKE +6Md5pWEIuMTTZ5T0ZkWTZl78xI/KmLeZGTz1J3aEEj8SQF2hPUa8PxqSeMzsPuM4q4zEfO3L +1ekVEWp19uMLpKPqQJytep5HbtRXTnRVyg5nIlvEJ3OjhmZlQq5pQNq9WznYt79a3uOUgzJ8 +JVdBzHbsszBC23078gnGAp/XY7OZvis3C8Gul1TB+kRtyH84gw4k9miY9t4Bpbrr8IEZ9OdX +fZYdVsTEbLJRFIBwwKmKrLsGCsFE9B5M6DMC3UpJpXMKF1tvHcrRB1Q9m/3Q10ZQhKNxQTti +sYPma3UgNAd7yvEizaR8VnKMdTnd1k7P7CWUB2/nBCKqLZNgHCis2OLoXX5kHweXHTQY3pei +HEDtkpPCb8TSHFgGPX/7uPd7b/uoTwGmZEMDRrib1Fb+BokCHAQTAQIABgUCUZtODgAKCRBE ++e56dhTPhAEbD/4/0q2LX7ncAV+4l2GSbYHF+2mNNp62DKbBMZZ4b9omM4UvWPwIznRsMCiU +V6GGrgjhKg42RYM3I2HwnOgstLgm3worppDWyeormfiOn0R92Sn7y7lQCbGTVChRjmJ+SDkb +/gtdiqUR8iChh9jK8uWrmh/BWdbdI3qUpy4dWAV6q1m7SnpQLvYWf4XfVAgF52HF/JNDtd+k +sGiWXlzq4nh9Vcvy4BC0Au4LFbC+4ZRjDMUxSLqDHpLzHB9bsldPSnLAfRx6U7Ty/niVrZGc +GoFGA/eX9SYkwwR/y1GsZ9Yks+cKIQnn2RQ66uD60IitTQ7J9U8WGNo5XV3sxKHxegPo5C/E +A2MAbOp1mnc0TbQ9sJD9Q+dq5o7+Cj7R+Dc4o96KAluqYPYlyAYPFQUnqUBYKpR4hytbVY4+ +9CQ97T26oy5+GuKyfcMnZm6XfrV7c9sgt+ma77zel6c3Y867JoemTa3oqNpi5A1DRMwqziwS +uMfpjPJ+m8NjsuUqDsiXRo1TdCGLHkoZjC08wpSP2ceJbQ6sXzg9umvWPkpRO/wj9tV5Rl7k +ZoQ9JhSOelhLBgx2sf+iLiIQCvqzZhWtZT4ONlVoy6S71et5vopwYTl46ST1RpY35ttUEYSN +Cn+H5Bh1Q+xC1849VGecVFB5j0CENCdaaQ0WuqFEBTkbpfRjb4kCHAQTAQIABgUCUcRUwgAK +CRBBokiV7lbwKkq1D/9pxiaJwluRwEn4bKL1AnyXYnvprv7sv9IHWG6JE34fe1+/AgIoPmXN +zIDL3Le2HMGb3txJR8z1PQCsNKu2wMFTBn2e+g3JPsaPzfRJcthf7wnZuVFiMdv/4MOjteZy +Kw9ncrbhp5ENDM/xn3d9PMUvao2AFqAzZU4yvmQ6M5UPMC+Dk9WMWbW22jE1KtCuEKPxUMlh +kjoeKtLN59S5NXGhx2S36/pxwOqTuEjFLJxdSnC774eZHQweV/+4SXjV1BLDQQuig5f+HOsl +E/Uw8ysqvPMUJJBc0t4feyChbiuuQI5/Ad5ntDyMf9klYRUOkkTguBkKsa2fVVAWChGw36ZM +s5cOtubIBb+03A+ANCzjsQOtnRexecGjUj7ezfGdXeAmQ/vfqS1EX4vsvgCW6p2CmD/lhxAm +4MFEMNKUyjLXAjbcBRc3TQ122YW+atrMiviAE6K+AhtNHEf1mHuGbtXEgoU35yKGanfjxWMJ +7A+cS/JrTgXlkqtu0MGwSf5ZSLrdlv6im9zpaqAgYKMQAYMDn0YeJRCk8y+0LyQlVF2EcEtD +7WJD+VbFsCG04wyYhPjbo0fxtPjG/49c/r5CGfL1OD9iKS4iviW18sH4Nxat3zpvELww9KP7 +PN+PJVtO09xWPZqvMvokPKdQihHf1l9iAeScKYXmInTF8B3L5P+BeYkCHAQTAQIABgUCUcck +qwAKCRD+ITon1w8NvG8pD/4xzFvWi+tFan2oGcJDV4HpIaS6uJdIHDY0gnyf8cbHadYB9iWq +H4vGHAVmF3xQLedl9nmAMEerk0zCDyby6Ea4ABqFYrgWs+HqSTrfkCsPBhqlFbyO5kSNlAH+ +RDF6Xup2xlnPjRLIzvyJXD8a7afe2gVuOJ1LpmiDxACPbdkw7xRv4FvtiXKJZjBLsZmSJxS0 +WZjDHAPAlneOPSJ3iIJ7ZeM4YQDPt7cXfFEVYmH5I3UpE7jI1YwCzY0gbeb5Y8PXYRqM++oR +Fxx5RqliiwKgfp/Jh/zC6fDlco22tp2QfJ8Ing9eUQhyKvC1opPiCSfwm8+y+yAZin9on71z +ZNM3R9YJwcyJby4tg/MA69VpzeB2JdsefibEGgjVgYJKtmPpoc46NoAk8PB5y792XCLThVew +7VzhAXsFaPOFLFM+iVlmHuikRrrcmtdntzKsVUyxzgFYr8PbdAaW7M8hKkSamHNQtKSZYoBH +yq0VCKdjVEGCDmPLlHLFRZP8bPN8z9mO70fGEzwVa7nbJU7vvcMDtnWsWqKD63zaOPbAtoOE +XHlsdDVm2gcFI8X5irDXtaR51acblQGxNU2on12JgSZsx1zD3USn890QhTvR5kDMfaYgzTAi +x8mw2pjZefhaWSssFc2kn4y1EQtZQF+XpsWf/fvbEVyeEBWGoPTVSk55rokCHAQTAQgABgUC +UI/f0wAKCRA5sU1qmXLUhiV4D/9gkJdBsB08JD1iUaevlPw42StbKnCL+W45eJ3smJ4w7Ksi +4Bj2mQrRH4LqunOU298gRS3qTGu6cYrGQiK/xPLzXv8Fc77DFbhwY4W5Nw49gP5azcCJCxlU +7KaROpFC7N1vpT8h2gnt6Vw1mbJX09oZ+XWnI3sLMYlQUllEpqOwYKmWqR271lYYQp8UhSZV +D81Jta+Vg3nlBmhoPjjISt6eQ19NwI9kgO1B32zn50wBqhehH58ZacFVwz+EKeRkBA/vEJuX +VdXU/Dz4nkKtkUe2tB51G7Z2zo+gKhx+aZjGB+QsbJLe5n5uRiD/G0K1mU5F4reS40tDHZjf +ts0EncXiibnw6OPOxSGaG5LUI84F92cCMdpBmsGnrB81Yd6PRVGVA7FN82MQdCcdxPaK8GJa +Vh4+ZgeqO4B7un+9sY7WyyOmzmZoT3Dp4Jn9v+fRaI3LyETiR1r7uOopgA1u6qIBxhfxh/bG +2rt1WWhNwsmFKP2eZhUJLdqJL3gtXgb/6PMvppWc1bYrYvvBfmAAItM6SNMXNAi6USdl3dnW ++v7mW00xW5cBLvyxU4uK+cePDK1/Wr/DVCxf12PvSSfgM264y0DslyGtgPvr5VuL50e5dBwX +NC+jpxDcEypdREyhJiRwTt4DsubIFyizsxvQLSZ9olay9QFcUk7er7OatwRXr4kCHAQTAQoA +BgUCUTD4mwAKCRDHfUWn4oNGK4Q6EACAriO2inJpJREu31qaIYpZRFdz5UP+D3CKA6w6UCrw +C0eU8BVsQyiGwzii+ls9zYubpEu99YRI73Gbj1D9UVUmEH2bIbWWSyci7949rC7Qg3oIlAUh ++HuM5T+d8BeyS6hWrPRh5fe4bXP2OkkK4fzzcCWLKkttk9V7XQoxTxCh674oe0IIWI1VHeNT +/dx5yCj2ZlOcHr212W++EI0bzI9reHlcNJ0xyXg/QoV5hC6kcUBrgCHga6V7uhjZWhfKJBz2 +/jf6ZAtvHAppjDpGZFjuvIPNnRq+dnUmeRX+h/Yu9eikpEoFYhe96E48Bmy1dc6qOr6MJ0Ql +wt9IUW7ymv8++IMhw8fjG5B5IVV5lfTUKJBkJ1HRPQOMDW+U6ZDfwnHjs1hfh+nHfnHXfXKO +0S0eUCWCWKho2bRfs4sJpHfuAPDPyj9IQ9jczjuMgX5MUJy9JFEWBmRde2cWlU/5ElKLGxDy +ItgkkpU/ciJUGhuUwQXPYokifhDAGU3EydaAU96PC8vP3JCkcDu85zjYKP1AQ3yvPFsXZrHZ +udwIx/hNdOq0d2DssWML5Nvt0ioNUV3oyHmsyIIFDAWi11RQO99C89naNKmiwEex9RNOUEbA +ZnvPxCly7Htxuulbfn/jzSRZQSiQ8HyxsqbwlDNCwHaAtg1Bu+H1orJVAVVHJATmKYkCHAQT +AQoABgUCUf5+9gAKCRAgCYIIDXZWpw0sEACCAP7LJJRZCWB2+pbnsGSJyjRsAeFtQcy0lA+w +hjdnSM5HJ0D6ngUZLz1Hfs98X65E3PTKMStG2c/rjHFwEA8KArnPZlPV+gDlA/4JWDAmKyhK +TAIBXkXELk1n6t3CI1bnZVlVc7928s4/H+4lMPlvOgiMfZo3tv43Dp90ch2gEo/TDqfXlBKy +nLAAA5c/ytxLQFFGvxpiADfG65XSUCgy1SDldYXHF8ka7wbVhmrXLD999AwCOI5kF+dRKkA9 +xq0VV2S3EP270K4y11hMcEtfeYCOcj6nVHfOxlz1+vO8Nntm9MH424vRhLLrK8w3n7FYGHgz +Bw7uTg9/iFg/cA7Y+53aBF3qTrMecmr3GnsiokaXDvIGBS9X3YRGKbmAS3BYcCqtg5Ez2Hyv +z2ANUjp7BHQVfXe68nUjxrBtguAcZ+l7l1fdQCPG14pqaT5mdwsB4NfyADqYucmh2wHliCSS +SZTINYkHi7Jm5n2Vqw2GVi0pksySxE88h2TSCTtxBRCG66Pbh99Q21rXUl/Xusj9oA8jn2d5 +lQ9Z9Se87t5MxYJm2zm04/In9gkxNQXPz4LoHa695UEbbxqaOH4t4DJNVCdQ3tV0rHwWTNMF +vGFe8vPkDe1QDQ6PRdaQgohfHgE/fFJ3tcmax7i6vLHnxsE3hJYR2cfqb7+BxomSlgd0oIkC +HwQQAQIACQUCThmWGwIHAAAKCRBbnqFhZpDPlFcaD/9ALWr4RBlkWrB7FraK4aD+tTcN4KnI +WTaKBYC8fJlkYcZ9Q+Skmb+jCU4UwYC0ku5Y+10Ntfc7UgbVWyx8d9qSvOLk0g3hyfN9l5wV +3Onjcx4wpxB8YgUtHMUh1IM2Lm/sRtSmwzZR5K6oG5VNCr6j6l8f2lhVuzLe+KCGacdo9eTh +y4gRDDzm2mJEflca1dT9MbHRoRXsBxPZpvWklxNqqdPA+0SqgYZE0BhaNuvMR+9C0kws6XHK +CHTfmxoHZ3c90z4hHh6+fcrrWqjfs4ThVfEk3iCfmGKwlEcpopCXGWWs28sJ02aqTFB/1QwP +q3iNhK8dwh8NdCUVtmBdrlyQofkHDJ1BkTfksNmGdAjgK0qAJzjVn58ysXnNtpur/beRZNyv +S2RPPsJaEKIo/lcm6Cd9aBkdF57J0wqesT+mt9N4S0DGZem5z89QgjZ+y3STWbqtgW3hTLSA ++xpW1EvgLM8c2YzllEcQHjrjef17A6nNw5z3NyyrASUQix81DTw9VsilKFlvkExsqYkhkgi5 +zjbF00SZMQ957oNoPou080AS/rQruVLYpEOA1UooJnMGIEL04x9YUVTCkFMj5DK0baGKISfL +Zr6no0jgQloFHCd1yrX363Dr3+/CNYRoMXF3Q5UexrtsDyItcxdPbGdsuR0cwKft4elYf1rp +03Zee4kCIgQQAQIADAUCT1NicAWDB4YfgAAKCRDIEwoLMBSAmmohD/9Db9oLiDQogn0PspeI +/nUlQEmKk2Qwt43YyuFiAifNMqPW9st/sQIXh78MTqsHFNGdIR2rd8chTWem79Hb20ArNnB8 +OaGi7Jwrqs046s2G2nu+4xqGgjJoD1LaX7/Rtqufi8iOJzQDu1E2w2mpjLDee3dcsw4XmTTy +106dFDcYzlyFAVhFZHxJ5+UA1rRlF+2Azw9mM8jm4Vd0aIJlaTsuB8KPbNdxaUYUnck1K+oA +MZ7jNM8934VzXJ8iy+ATrQxk9cIMkHKFSIZZIX5dBswuQyzIIwaHwJXHOr8t35mSr3Di0PCc +7OAxYvHjFHiqNbzrfdk+PA48f5wcyubu46oQNeRsyf/fJVHDstONWNyix178t6MYF6UZkNBR +ZFMEX2tuRabat7iKkNYwaZJeZVKLVeWiP9SVDe2rAs8uiVjRJV5o7FyrZvjT8uenRqPjNz+o +fb1foQDqC8ZIrMWF4Ah8yOsjNSYGccAJk4a1BAiYG2LzNN4ssD0w0RgIjrhsdR3TjnjXLrS6 +A9p2WNY7gjCmMAZZHHo2OnEZAS+Xr2ZHrgwSRLyk8XPAuHFPoZcv6IGEbEN3pqSPtgFhCdpO +Ifx9S6yQXX0aMQ+9CHfmdOhQJS9HK+rEJeetHXJPZNgmzGnDLvgRAkczMbaFC+4Hs+KxQdWj +zbP40H8q2KWZ4M5azYkCIgQQAQIADAUCT/Rq/wWDAeKFAAAKCRBjyvJ2Psdy1GOgD/9IhIXl +066PFQ8KFkcgIULaP+W1nlSZqKbsb36a4/SYOJmq6c4BO0eMVCEYWZJYK75qyM6KfID+d/he +hHMODdWCGswBlxi21xW7wA9hgwo0NjGdA1f95skFyBKTxYtnc4DCmT/UeO/Zuu5SlECqeAMB +y/qx0PXshT9a5Gwi0cbBBnmo4txZotHPF8fjubE6L2jPBmEJcJq7YSDfQP5FAvrSP8rMXCy1 +DEpU5Z3GRjNIW4fvubMjbSuPOWEzKoVnjdI8r7zT2w9Gry7xn2Wqxof7vxQZneh3Qqj3Bfhv +IdXpdznDra9mLp5v90Asv9kMi0dCPvjFzeB9KboBMUWfbpVD66egCRo9wl1/bpPKMbZS3Dan +dMgTXDdLnvheu7gqXrpqnEWziySbKbDra50ioIJ3WU+ea+aojOlwRvXAQoyYlSPNDOdHRhp+ +ALSqlgHhrHIRWJTCpkEQzRWbOkId6xuP4+gIQcUIJVqAmSTTfg3TJP7BEjuWwxdxNQh/ZVG4 +rhUGv3DGiywLtze0bC3hxtIybjHA+ATUFfsF5UdsJ7avXZXOGnb8dbOkKWGQ1NDcscI9L6gh +k9/PGRDJ/OLQEQQjyBVVBHLBFlQa+HVNL+tLt8KOM7/R5lacpuF9QpGGhtXZ3EXZJYjcQuPp +X+hh9ACX1sUQJqABIAwZAJtwSIIULokCIgQQAQIADAUCUFfqvQWDB4YfgAAKCRC/3GXuhFEF +vlQcEACdCJm4OMKUBmzeJzzE72OvOdEVFuC9C3sFFjYMHWibevGVz0M/jFTFmGQnMm9s6BiD +LSTR2o48n2tD0fyGhrQC4bf1LFfzrvCX+xvmalZFca9r7HIx0Qxh5JMFPGm0lR+DSVZsLVil +0TpanSZ34hIs3Y/HQKj9tjMHw5pGnEU8VrgVqze1YDLaZ78nk60YmI7PZeKBz/6Iy2tsmR/I +kC/HccZiSl9BcwRFznVJwSL1GimKArdvCF1d/afnDsemdgy2vzzfxBSU3urSqA86wmmIuSi/ +i7epZXqZPyIh6Q5Fcf1QMpJsFWU2q3IDZrwid6sqi0UmelMfxOXcLR2M20wal9Bsr8Ov4zVS +0SxrV2p33RlJ/tDm2+rEJj9UY3RdSUCKkto6wtbqwV9/4keim5E8Do45XYaJZ0A7H1pV/dOY +eoeuAT+AFV2NX7YP5OdnCk4HvfWoAPDuh/ceIvCHrdk+HT64nGhyI+gOiEZX4aefPh2W9y4J +ih74TJm98RpWx+ug5uNTScmHkAoCa49gf+f76+DRz8eh39GUqBLJRHodMynC8i4hPJ0gknl3 +xusxs3N3j8cBugA4Y7sU43JLUZybMJLg0FAJj9fMVxGfNZ9rRC091hQLPfezsNmw+dhnmt7q +pA0sSR1wA2hnl7U7v4fYS1tVwpSmEijjv7gwhu9l2YkCIgQQAQoADAUCUdXU9gWDB4YfgAAK +CRCUU0gQ8sMPSVK7D/4h2fiRLsDr7OkKnBGzBjEDKzTZxeiwwgkeekbrvf3Nfg1u80pNJdR+ +fNn6gOVNJN1qAhU/TOqNZzqvBY1ol9+OL2u4S2UZ0HoYumy/Cldt16oAlIBnxusmYZWzbnd4 +lU20ggVGmunPsFiiHer16alxnyGeEZh+zyYSKDILvYmfs0jjl7jKGp7Xj3ZwgLWdAsoL3EGn ++6OP+vaXXiPoHImfkhZG1GtmHCVfvt7SzRvFhv9ENr0duqkQyigbGNizBc05J4Q7pHiSHvxT +zVwxO0h7C1quilzteU/a3K2G3AjKNcN1dYHKffT8eFmFOMBE3XLSpki6hFUn6PdunDsdO0ES +4sq0cj26do8ojnRBMli47Mt6pzy8mu+fP22EiJxLlOrYb2gHYkZdH975x3aZZH3PEtQiVfhE +hEsPJo1lQXCVSgEFVq8X5f5n1bhx3DHVDCY0WU0ycor08hB+Vg7thmPLW8Upov4HC3j69QQD +Xm29oqY5t6mLl+Zs+s9Eh/187q33FS6KHiHmoQHLERBzH5A9bg6jA4FUvuewdSr6ljoNzuWq +vUEe80Pb6BkiltS6bltymi39XMfXGlVIluY3QFr8QQj1nM7rceS0+6tbMDfcwTpdH16NxxYO +4PHpnzuSEkvYog5LU5Or/wtLvPShBnYP/MX/cgJ9kvuNW46QrOBw8okCIgQRAQIADAUCUFfr +fAWDB4YfgAAKCRAKHfLGbXvrFFILD/sE3R62dwDTDg79CzxXodCjWtipkUbCia1CoQ/ObNrK +cJeXxue7Ln56CP9ouVflef+nH9cHJ4wi1PuMdRMZ6zWhn+h2vItfV4+VRaXMQHNmF3z/RCun +CTo50+oI+rVKDoRqHNX2YuH5Ei3dCMsvKW1R3lbfyGZ3B6eg4mMXrjnJxk1lzb8+SoLkXPOc +hJlqZlzaEMYAfEVSONrIU3K/RKQYdRZPnFV5l3xjwajuozsD/WBwuVZ0ncLRamZoaQknxwJo +fWyHa4E9C5OpXEb4OEyAm3Ek4qf+dswWwGKczZyGL42XNvJG1EsavaZkYozfpzqJijSLh0ap +uq6a2EWOHEtSwmTS4xUuahs7pWBz/851BMCjW3X34nln5VAqaEJ/i8MfQ0xGCZ1fOEi6XtYK +Xy8ErhhgkoBf9hRc0vuyIqgQoiC9B5SX1GYS+flvE00CfJWvmhDK5AIysv4qDwsXXsqjKSRZ +OyeooNiegjPjgqOd69wBi4Rk9aEIubVC/h4fLQQmQwsheyPcFju9MW9mx5hW24D7ZCUdyl+j +gtCxhFtgBFksictk3Mn7PGGPhtScoi4ac3iFE/izELA1gQLu5GvXl7a90nzVtnWd2rDxRBkN +dxN8yEnIZR9onzA4mcUguL/klj0zrCCODGYrjyJdP/RYPCZz0EIkKTFOZ8XL+3LmwYkCIgQS +AQIADAUCUgkJcwWDB4YfgAAKCRAvmEp4jzEI0BkVD/9u63n1MVvgiHuu+VIwgBjMKjVbX0St +WlOi8wYLz40i2X4/4CoFrKQdqCHwWafIDhwu8hFQE5ozQX2y4gO7iNP94v3t33oZ3acIcamh +SC10Km5aQrbxy0iKvByssLyDdMEYa11Ypmz8lQ53nVxymxgrwVed+79+P/z1c7ET/P15WlVM +oLheCziuYtwB1ng7QZM2xwx/4tSPi4EG7cetP2fb0NbEk0/qWC4/KP2xIGQ8incsbqTp/N9l +m+7D+SBCoIB8yfUgYjal1sE1isEefbyOdgsbZ/pHUnGE2HZ9IzHwjh2d2mL92tWM1OAwqgDs +fYBO/NPvjCBof1Y5BNqwkMntJSbGovlQlohHd+66y0h8XRSrQ9wmoqib06bG+z8ogHvRI+Q0 +oJffwL++W9CAIk3iiOnGa0nkapEnTH/KiaCZ0fCWv0WMye4oIJSux50IkG23TAvFWncZE/QI +xq/ARkUAb4jrRwmxJdkJuPVZ6KYazfkwA3V97vGI8rr84A7lJjcWiuoDzmtzdyiy2mV5VjVg +2UFDo5XBGSweHBq/yzlKfX1WdiHrMHOp6l/CW+cbOQk/BkHt318zD0NQnyCKoC4yCKciE24P +SukOWPbaCq1fK1m15hBfIx6+giM2ljjVaYWx3sc6him4P7OW6ySq4bxoyRS4E+5uljAVrAAQ +cEol34kCIgQTAQIADAUCUX55wwWDB4YfgAAKCRBn5y/rrqN+8G2KD/4sOIavZORCTxQNXg+K +2ef/CqgrSCSGuINEutBCoPv+8zMzr32V/JC/WtAfjNKh2LGgpEIhPp1dPZaqgTB2+wZIcHKu +R6ajvulhWMRKWVs/SGslZnbEXA2mhg4kRr++xjKQASH045EnwTyGSsiVZkduGMff9S7o9vJg +T8LH9n/Tv/n7VinZ+dFhIQXweIu9eo0c811KCK9INckrl1Tq7Ch/6mlh3QQ/AeGwVUScSZb0 +PPV3EN3qLrRhfaOzZBf6RPVVQydbVAt+6trmibHAGeiiWLS4P1YqGm2WEm7GOvXC+mFbz4l0 +0cIQxvMIv+Ef+kmFJ0OalWHY8i5pMiwA6RRJDNhFOgXWIUEVuwRcNzOUQNmGhl66Iym8jNU8 +xP6WFUtp+B//paUJlfD8f38MU4Gg6t/m1VhkzeuadJjsWOkQVEQsC3bdI6p+hcbnp/DZkhFJ +ShLVZfpzDN9omGOYRSuSGz+VaWVB2l1i4HX/3mg73PE3hMKfNV6LQqForl/hBFtwwlaPo5P9 +ELVD4xXpHzQ4E43Q4Yf0Z8FWE/q8+1e2xXXly+pUb0LB8GY3cj51hyNgMgwPIMKBB2gVt01/ +TU/aM9p6x8XyEkHYDdFLkwK0R1QGVIn9LCAa0jn3nESjO6SCkVBg+EvTQF+uJAX/xaw3MCK4 +WybO/wrSLj+tiLqjDYkCIgQTAQIADAUCUhURjgWDFpJegAAKCRCRndSpl+qPrfX+D/9e0tPe +tPj80FQb/qafoazRSFE6VM3KIkREZW/9uYAKtyZRQmcTT2184d3X87Ybf3yvi8xg/O5Vk17D +feHyHjtexsc0XegWW6L1pRSRGCdCAH1UYquQ/+tzSEqCwuaMMl6B9T+XCDg0+/RDesPPp19T +lK0MX5gewCB0h8+KND0G9JsE0vUSO5T6z6nYmLkkZ1pbSkyX4UfYGOorBhiak49S9MHhdGeR +7MTKuos8LkNi79WSK+/2dOnWbd7lopyXESVR1JhoFTs3PZb6rdsPYYL/MSbIKg7Oy63feCCs +f4fDqEBpsP06clwJzCq2gVG9M5Iyb4wj2CkZ37qdGP+AmJ/W5ayhxntsNVzI5NSOfv5ITnV0 +ITOfsUeRyTOgnKD7eXpkxmjHebqDj8ItrYhd+gT3pB9Byt0ozlNq/lxS21x9AHsUED1v0dI/ +vRrEsOTlGpMASdh96LItf2RS1XwT8X61X/TMdeb1j3ZrL0xdoa1J5U04FcwlBSk+OANY6ujr +L8SSQyL1rHzBeI2Rq2UdycC+ScjHqAuhWif8ISydf7k/lKtIKcv7I3s2THnGEEds4Yakfz+h +56j7IyQfLF2Be9VHaiW+5H44bY0NiM4ILkCQWskPFM++cYRjGO99t2YmttM3KKDkceJS9Qvj +9ohB/B2TEd+xNSdlzRjU7MvS0E3yp4kCPgQwAQIAKAUCTOVYgiEdAENhbiBjb21wcm9taXNl +IG15IHRydXN0IG5ldHdvcmsACgkQ1mFZmoCpbEgkAg//VcErsn1CvXoXQiPvA0XbvTynXAlc +1c5eFYbfbb3XLE8r5571KzoQanRbA/qeblLp/zn/zYOG+xWSca9BwzZ29rIgs9eBWSpbOc9t +cYfIOz/OmygYI/stap3yrTHqkbNYUtLip6eli88Hq5JtiOBxAeiOb5UmxJKocFXR6k76J5t9 +kRjYNrNgY67JDIFwWePcPCiVgrN0LlDemgGrZdkG9eA/Ar7tpdD2tu2xF93vApNhJtqfc5m2 +xfDLGQqFVNUjHRLQqWBzOboGDvCc9PdHu533qYx2Qv0P3VXAhGkaVFk/mdhvx1ovgJhkl3L3 +cMpFqlnSRvfjSe4SQ2qn8fx2tU8qLCo35V9/Q+njBPepK6/Z3lbGDMaqx9NQL1dyMFcfu09C +nTBr00mCDqPigBIqe4Ei2ylRoyXQ80SmJuCdhtxOE9DHUhFQcOhdBDAiqHmjMi+bw2jQR2FG +eOZSRw31PD4xZ9fRkbBzpnwV2nZHcYZvMre1pg1F37QaI0NhQYcON7tgRAy+uBNPJ3l0eQXH +mANjKT+jFBMDlhAsKe02kjH3UYDwgMC7hypMaL23KsLJM5fQmMVlfyWllRYM6bh5KZhHs4Iu +5gDLmL2KUm280z8xUWxCXMzUAAEHbe9PLpNRtCX5gEAON/dgUSeVonZupcAH6aJtO6NVq/XD +vmke3NOJBhwEEwEIAAYFAk72OPsACgkQJJv37rGBfaBPUTAAx6cMClfC2TTmGtUnrwczvL0U +s44JfNHM2gFHVSjRZdnD9LzXCpq6sJJKZLMaoOJoccUAD3bN3bjPWOA9RwRn+8TeD+RwAFiU +CIdK6A7STBB/F2xFjwdxh3wyWgd2HSpjF9TZDQ7K7UvThOQP5LhyI2oV//FxmLZLCnEKHIl/ +EcndV/GlaTwqotnuzokAti+BarKqBJ83PrgZ80rRqNclKqmxfG/YbwyeW5ozgRRlevy33zkX +Hjq6jXEHVE2X7FC1gAOy5QbEIzpEJg3uwLOQ9bGRFqSaZUGBD+V2wlgPY90J5EZS1NqHRxDY +ZPuWkaL90WyPFk2ALhGKuBpz3Rks61r2h9Ihxz/gaprLhhAUFH6iTW81UJXAq/nWznxbvgRe +0ZYDvPjcRJ1z1txlP2i8YsaBCeCHe6b8L6zJ3oOEPaR3sneh5peEmsuhnz3DkHSM9EYaGfMe +x161FG/X/wTi2xVQuOE3pHcZFDhgzU6edRRtdV0t8JkLSDRFuCfpXe/z6Mnh128/MpCG2iaf +TJmxv+f2Z7wtbX2ct5vVGZSo2P0kIRjlZzbsnbf+DB6caFTFkYGxYKBGJ8sjmxK/ViNIu7QR +56iyyXsLGE+Nzg4mEVk4EoHbAzggkkcqqoJVE4fyZ2KkRECs9CJdJcM7xNF8uKWk7NBMvWxa +LCSm2915Euvfx4ssfCuoyx0es2Tf7P8ExqPqLbybTqsp0yYb1x81b0i46UB91VrBCq6q3uYk +A545UiL1MGLUBIBHx4YX5Sh+qssg8grBL2EFeRA15lEtuykb+r6Bg1Ki6rp7wlWQRZhka3+o +LBxHFbCC18SpaJJCsIp4gnTgBYU9N8ryMcQUIm7Cwi8N4brP864ZQgdcbSifn0oCl9kNUfgn +usew/h+VOFidlNfZ1b3xBqQehoAZkjegbWH4WBA9ucZwpsV9x+C2Nzta1ihMxpZFT05Q7VkQ +ZbWKNzCMsHmSVq0DN+V9xuk9qjnDeS+qYGQUfv/v2goXakgSlakVxoIYYpBg+K5eX4M41QRB +hYmIXoJM/t6dyzFCyrNnHjcTGVusNFUc5i/R+AqS0I7mxCXQt2AGast71CDatONHeVNBAWTw +zWpc5NmpBEs7WYCVRpNBErrsOLI/PiB5V9lE74Do7vEyAuEL2oP6ddt/eB9zC+72TQBWGhXz +2Z0iSovyMHIfocqNlLZa/nlfif6uJMV85dusrenqyGTny0VLVsUNOBLT/0N6Alt0ENr1DkLa +5xrEIK2Keso04RBbZLTJ7N5YqSsCFgkJlqt8t9eiEcZGA127J6ntGtyNHK9f7MPDL64NdH5/ +vOUUT4DtpijkmkjB4Aaw7KPWc//3UXPTaxF45GD04su18cGOev4PLOfjOkBQak8htagE+siO +Rn7gQZP+WXt1UJ0HVgQLaizZWX2YEDPMGfNwHP3xo3joiaT+AO84nM3lOO8HPfsz/H7JvMoT +bocdmGVer8EKlaKmSlOvlBSelQKV/WNE9xPSsnXAHESEVqb1AAlEmMoPt0naSJpAZ5OWH132 +1qnFHe84VDIuasf3rSix2q24biEOlMPppZJGbtdrZBRR3MDxxFnqWZJo6zL+tV6aIjn8vY0a +DwnXVE9CL/AGEAazMOuyKbLq8WR6wL2GYuCrmwDfJNLcl2TfpCOpM06cAzhkoByD+Ek+2Ltu +4oNns/IEuPobljxZE5jdRhyBGqtpUnq5GBuRAQ7HM4ZFkr29k7GpOG56oug9XtsTtwbh7iIH +yG6gxQdcTWLcpx9vhWodEopEzx5Z/eYDUk05BAiL9UdzhAh0SSpkBIRQck9iMSU57MPs931R +9v0/DFTXYrDWf5FYezY0fhulLaKEDYhQ1pEoX4d1Sk7soHhsn6yp41x/oB9uMQjrcSivXutm +7nOD7LAN6Jget9AfJGFjQmMmEB45CZUrj1BoBXJ6n6rejz/RPqOWZKpZsydYxUaOP/Hp2miA +s7fSQ6wOF0qhDg9VURwu52qJjiMBv6Zfsz/mYdCXAVHQkRYhIyD94zgSuKqJ9Fzr9GmOJX9h +KVqU53q3iQgcBBABAgAGBQJDopd5AAoJEIDsrKa/hAOe6M4//0oAWI8LLS3cSIf9ZF+/Ba5L +pbvsleS5Al/acez6tJOMXKZjYkF0zdk/fW3Qjj+AcB1MlKt/+VIYxcPne4V4kGhCz/d44NfO +XV/rLoP4AaxpTVzbv63+YV/Eejbg0OZKjetpjlkbmIGoQMXzUI8fSVR2OEK8xOpzHLlv5041 +gWAD+wG8LFygPcgRyzMrpjeB0LcSEnyIaKEKRwZKo7H4zShQ2dYr4U7YaVEKzJYpsq8pqBwn +fTuzbdB5F2iNmbQEaNJtOgro6OmcKULUMHpmUjRyazcyPc6MpbvDDKElzLs4r6KF1mhlEMCd +ToWJ6K2pUJ8C3dy+3w2YDtSSzEicbX/CnWZOmR80dEcvhbidu5DaMnqUdWbhwKI2aZNHoxSh +SIuc0RrRvwUWL0DMzPHqLwN7BlRdGEnFjcsmcySEkxQtG4uGTRjkiXuAZ5i7+F+bnjqkah+u +bCN5vKnKq5WU6MRKcRYemx3WgyoScxuLbepfjzAcEU2WkodueawrrlhF8XqlyMmdtZWA5xxU +fHIWwK40FZwcK6piuX8hAYuPxutC4+FrWU5o6zwflZB8n7r0+BffdHYcTdjNW2oAlKNt7Oyl +qss6I08YbucKGiQv1ysUj936Bwi/2NcdZpoJ6244XEYlpIKD8nI6XxfI4mEX5Yl28pKq7xvV +rWd91ugda/dDXh/ih1/wz9xeNxHCAGL/h4Ckv2STiQx+Q9F5oyo6iNAhlhW1Lej/RdJ5CNgm +C//roJHuFhxnX8OZkVyYH3DQ67bKotZskiqJuQAhVlST1gQZg8zKMHQWKoCemlm7td5wjRrc +DgFMvjbfZ29KYrN+VPjzItE/vcVFUaNVwQ8Kc/LwMyMPzgSUBBQAyUfk17H5rUA1tqUknoP/ +0J00lzoNvk76r+A3C9Sh6TU+aGFioZjIIbScfBORMW6UxQPEd8MsB6oHXT2k9s6+vhRrZufF +FILY7I/DG4dm4fjvXcT0OkWIx/vRjmDrp5ZSprWOZtKqQicQvj0AVTpYByLlIWk6Oot2TWk0 +5Lw9aXSwnuYK4K+8RLK6z7XZDz98Z6az8/e5r3Nv14diDL9o+bxauC3pk/IXwJj8O3KUa6IX +wWtNpQJNQatmk313yMxuoCGULYtwGfcHBwAx7ZDF5bn2SAPhgm1EVxC5TkDR4pglWkl0wsLY +qNc2hoy4yRECigGf4pBbeAtXVCD3rgAlFmFs1PJTKMKG+UTa6pCi83X1Ip5YCFnWzskspQEK +joGV02gg5crBo+2Pr39YNvw/UusA4Io8Wlgv2HJolgZZdfuZEzYndYy6I8FFQpSPqa9J6kB5 +6yv1kP9c3nmkBZMzpDsHJDTmPFtjbn0WHZ+fDf3R0B/kTA6tbDeoTYJub3je43+q/kq+dgpy +7K0eSMjaheKO8ZOGZSJQbQm1+E59V0cFFpwSqdKL4kFZK9Fd/P+nsPgxFguk4+mMznMCNsXS +T/X0Bz/+WFl2vslWVfAH5InsVaTy6NuiUwylh75X7Tbj70eQ+FgUvA0veipvEMBSTvY+aj+0 +0kZEAGe6i3CzG994dyrRpiun5EBpx0kXDFPMDRzBZrvDNGfxfowRg8SGp9pEyEMkxjVMN6Tf +aZQil8b/7+p3iBlV7MKyJny5In2ix4WVbvOMHR4KtyyKtGnZg3Mo3CeAcXBUuy4K6THs9AkU +brTfAo3VBdGI026dbsXCsN9Gi1JKx9ZsUnINkaLYn9vG3kECVmJmkbMF18+ibEJLoCmnES7V +lZ7u4tuNFL9lZAGb8+bMbd5Sq16sBpUrWXd6fwR+nLVDYzXSkZEQugr5H2TBXTAKTzm4LdPK +IgStIo2GQWHyyFz+QH1uHixEbvD51VpTwsQ3KMmUiDcnSl335HUKMgB+Db6b1KeuRg3D7bgr +CbG1A9rT1vcbDF7t7w0xuzCyIrHgW2Lo+WdOO1aHg759tN/6TKr/25Uvwb/njanRxJqQlEO0 +cU1sKTwIc2/+aMRprjhZsrm+UEgsXg4Fn4dYqGqxAqvg6pzjGIw141mfPuh1xF+Vdw77FomU +Vh0IwALpgAQvD/KWjkHxMTSnWa/nUoMbvs0OAHZBiHxQaCIJB4xqdjveMmYuT69ky5gLZ6Iw +oIA2xjc3w0SxdSHC3MykiXOua5Q4QpnCxaSS90mruzshk5zS1sa38pYJ2U14Xg9wdUz8xQcR +5iqR27EYWNS1A2yyN7Dcruj613xffItAs6YkdSaDKH7qKyc2W1aW0BzITscKzQOxwkCXtCE1 +iYTMKpq9sgc8lRdPjOJtmsMgyXdpBpFELozParO+CrzFJNOKTKjiix7bluPwZqVGhnbEZevA ++LA6QRBYsvrDrTK2XEjwUl5ofGmmg15oltlHsAoYqScNIDbAJyn/GZmpLuYQJMgzJaiX4QC7 +wgdw12RJn2Zsv4pk1TTPTd1n/8Y8PwQKOnLimt1ZGpiNZOnuiZSAZo+/35O8hLVsAtBdEQIQ +QQgKsmEp5+YQx7clrxsJGDjY2VGc8E8EmzMGmlXxVlmZKFrdU8HelNCRvSXc+WIhR5eW9XBb +nNT0iTZ9AjB4eyXH43LzLHLW8lPiqXe4Rimk95Cm0jEgFefPQO+ZoFR23WmxJTcP2cyPd4Vk +o8Y8C4rU0rDbnmz/O0PUksdPS44O7MqX+gq0nGa0bZNH+xGduHbY9hx39Y9rlav13HymwJKB +Q4IEmRZC6QPmJ1mV0s9gNzj+hVp5nPROCcp1O6qdOwIIiQgcBBABAgAGBQJDopd5AAoJEIDs +rKa/hAOe6M4//0oAWI8LLS3cSIf9ZF+/Ba5LpbvsleS5Al/acez6tJOMXKZjYkF0zdk/fW3Q +jj+AcB1MlKt/+VIYxcPne4V4kGhCz/d44NfOXV/rLoP4AaxpTVzbv63+YV/Eejbg0OZKjetp +jlkbmIGoQMXzUI8fSVR2OEK8xOpzHLlv5041gWAD+wG8LFygPcgRyzMrpjeB0LcSEnyIaKEK +RwZKo7H4zShQ2dYr4U7YaVEKzJYpsq8pqBwnfTuzbdB5F2iNmbQEaNJtOgro6OmcKULUMHpm +UjRyazcyPc6MpbvDDKElzLs4r6KF1mhlEMCdToWJ6K2pUJ8C3dy+3w2YDtSSzEicbX/CnWZO +mR80dEcvhbidu5DaMnqUdWbhwKI2aZNHoxShSIuc0RrRvwUWL0DMzPHqLwN7BlRdGEnFjcsm +cySEkxQtG4uGTRjkiXuAZ5i7+F+bnjqkah+ubCN5vKnKq5WU6MRKcRYemx3WgyoScxuLbepf +jzAcEU2WkodueawrrlhF8XqlyMmdtZWA5xxUfHIWwK40FZwcK6piuX8hAYuPxutC4+FrWU5o +6zwflZB8n7r0+BffdHYcTdjNW2oAlKNt7Oylqss6I08YbucKGiQv1ysUj936Bwi/2NcdZpoJ +6244XEYlpIKD8nI6XxfI4mEX5Yl28pKq7xvVrWd91ugda/dDXh/ih1/wz9xeNxHCAGL/h4Ck +v2STiQx+Q9F5oyo6iNAhlhW1Lej/RdJ5CNgmC//roJHuFhxnX8OZkVyYH3DQ67bKotZskiqJ +uQAhVlST1gQZg8zKMHQWKoCemlm7td5wjRrcDgFMvjbfZ29KYrN+VPjzItE/vcVFUaNVwQ8K +c/LwMyMPzgSUBBQAyUfk17H5rUA1tqUknoP/0J00lzoNvk76r+A3C9Sh6TU+aGFioZjIIbSc +fBORMW6UxQPEd8MsB6oHXT2k9s6+vhRrZufFFILY7I/DG4dm4fjvXcT0OkWIx/vRjmDrp5ZS +prWOZtKqQicQvj0AVTpYByLlIWk6Oot2TWk05Lw9aXSwnuYK4K+8RLK6z7XZDz98Z6az8/e5 +r3Nv14diDL9o+bxauC3pk/IXwJj8O3KUa6IXwWtNpQJNQatmk313yMxuoCGULYtwGfcHBwAx +7ZDF5bn2SAPhgm1EVxC5TkDR4pglWkl0wsLYqNc2hoy4yRECigGf4pBbeAtXVCD3rgAlFmFs +1PJTKMKG+UTa6pCi83X1Ip5YCFnWzskspQEKjoGV02gg5crBo+2Pr39YNvw/UusA4Io8Wlgv +2HJolgZZdfuZEzYndYy6I8FFQpSPqa9J6kB56yv1kP9c3nmkBZMzpDsHJDTmPFtjbn0WHZ+f +Df3R0B/kTA6tbDeoTYJub3je43+q/kq+dgpy7K0eSMjaheKO8ZOGZSJQbQm1+E59V0cFFpwS +qdKL4kFZK9Fd/P+nsPgxFguk4+mMznMCNsXST/X0Bz/+WFl2vslWVfAH5InsVaTy6NuiUwyl +h75X7Tbj70eQ+FgUvA0veipvEMBSTvY+aj+00kZEAGe6i3CzG994dyrRpiun5EBpx0kXDFPM +DRzBZrvDNGfxfowRg8SGp9pEyEMkxjVMN6TfaZQil8b/7+p3iBlV7MKyJny5In2ix4WVbvOM +HR4KtyyKtGnZg3Mo3CeAcXBUuy4K6THs9AkUbrTfAo3VBdGI026dbsXCsN9Gi1JKx9ZsUnIN +kaLYn9vG3kECVmJmkbMF18+ibEJLoCmnES7VlZ7u4tuNFL9lZAGb8+bMbd5Sq16sBpUrWXd6 +fwR+nLVDYzXSkZEQugr5H2TBXTAKTzm4LdPKIgStIo2GQWHyyFz+QH1uHixEbvD51VpTwsQ3 +KMmUiDcnSl335HUKMgB+Db6b1KeuRg3D7bgrCbG1A9rT1vcbDF7t7w0xuzCyIrHgW2Lo+WdO +O1aHg759tN/6TKr/25Uvwb/njanRxJqQlEO0cU1sKTwIc2/+aMRprjhZsrm+UEgsXg4Fn4dY +qGqxAqvg6pzjGIw141mfPuh1xF+Vdw77FomUVh0IwALpgAQvD/KWjkHxMTSnWa/nUoMbvs0O +AHZBiHxQaCIJB4xqdjveMmYuT69ky5gLZ6IwoIA2xjc3w0SxdSHC3MykiXOua5Q4QpnCxaSS +90mruzshk5zS1sa38pYJ2U14Xg9wdUz8xQcR5iqR27EYWNS1A2yyN7Dcruj613xffItAs6Yk +dSaDKH7qKyc2W1aW0BzITscKzQOxwkCXtCE1iYTMKpq9sgc8lRdPjOJtmsMgyXdpBpFELozP +arO+CrzFJNOKTKjiix7bluPwZqVGhnbEZevA+LA6QRBYsvrDrTK2XEjwUl5ofGmmg15oltlH +sAoYqScNIDbAJyn/GZmpLuYQJMgzJaiX4QC7wgdw12RJn2Zsv4pk1TTPTd1n/8Y8PwQKOnLi +mt1ZGpiNZOnuiZSAZo+/35O8hLVsAtBdEQIQQQgKsmEp5+YQx7clrxsJGDjY2VGc8E8EmzMG +mlXxVlmZKFrdU8HelNCRvSXc+WIhR5eW9XBbnNT0iTZ9AjB4eyXH43LzLHLW8lPiqXe4Rimk +95Cm0jEgFefPQO+ZoFR23WmxJTcP2cyPd4Vko8Y8C4rU0rDbnmz/O0PUksdPS44O7MqX+gq0 +nGa0bZNH+xGduHbY9hx39Y9rlav13HymwJKBQ4IEmRZC6QPmJ1mV0s9gNzj+hVp5nPROCcp1 +O6qdO+7XiQgcBBABAgAGBQJKxQGAAAoJEHxJLFtJE2Lx4vM//jjm7GEczwCYG10l8IwyGcVW +jDe3tf86DBFbY3Kwtuuv5Wv/PDO6zZV4pklZk5uoTzRSmcf0oGfcYmbgGRSE7oXsTBvyaZbw +uNbq8FxOz5AXxb6umemdInvkdufO5U2epHDIeHdLClcIBVvNHEbWN6DMzU+vi7/yHKqwZwnG +PolLoW4yu0896ufkpGCeSqs8VbutmZp6ypY0zEpxYQNbWB50e8qPhNEWWIFFpaqX9rg6zd56 +yz429I661XTe6I9MNxCgFr6ftGxK4Md/fTEqtddBXb6d4fBv627uxrjpwGVgw7qX+kYW9Egh +g29VJheyQSQlQ/mGQffhUxi4Ut6ZBut1t5Idv9UMv9OSMtwCAVfgBZDwTDMEuf7T0tOEe78M +8658O32dhcU3AjPE+rF3jpKOSKeUcOZRUniywj+ybzrLeJLR7aKEgeJM3nUouw5R5p6Oqupx +EW2Daxk2Y8/MCkq9Jddw7ZljbWijiEOjwCQAFeRVyE5EuTVg1hK+mGyQBTIsikHjKiu2ayAP +tVth5l2QrwiMDVguj+PVAXyv81jAx7WD0p3rS0SHermwIWYlDLLHVJTjlUmB262iuOGfCNg7 +2Y3ngEOdrq++VZoc8HT0HoWgQVosDqnzPFnrJjK2sb82Nx4Fx8nOYyhiRpZO9A/hdZk8dq+c +RTiWG1gM4vnLY4yuNGh+aQsALYaV2xp7x8rOzmGgsfhhTtuRrvzIsSrfw6vpdABhYWTtcBIu +7SIBLkIAi0FUKE4bzbcDsHbgWJ/7dKHNf8bsi/3HkeeZhUsotZA7a7yYcV8qo0ryrm/OTO6N +K6XI5eo51NPTMzlI0yDb8btE7odroRNIz5USVT0lK4EGWgkvsZSndXc4F3EP8MXgpkTM3ahc +4seWME59PXhKHaiYYthgvozdE9xxh7tmsAhwBKmO+B2IALr7on9qulZGAee+0c83y4kl5l5L +xiO4GIkZmi7qfc66I0hZbNv+e1qv1f3fbsjhPKa1qCGcvJqTXGzhBeq/QAPYsmEY0Vz/8M16 +WK7O+bkb4A6U4utm9QdeOZT2itmEVD2SxUOWBm4zVX8JGxhN9DsGG6gKLQ1vO8KmZoJCFE7K +mc3/og0Q2StADf3qTdwxpgXw1OyDu0ezZ+obW0y78/Su0DlUpCGoWDCGYxcR75j3N+1MZRAu +gr+xfa/WsRb9ZvD9B4bih1+m6syHGgiiOF+f6vVScTbdbyRi2nWkYroA/t43mYUZMpfx6OGc +lI6h2IAnoVmb/07734F3qfwC9QVzizouYvcw0OQLBWxYAYwPwgfgmPxWjQhEsg81fRdU9VvE +6O2dOYUAVioLo0ORGOzqCJ9s+SHi+qg11+rbpbKeubFyz9gh4XGbgeBpJy1B9o4WS3I+uM58 +Lkm+vaqnE1XM70dS2Wl0/aHSTi8zb9fOux010IbXlbNaqorh304RMX7VNJe3hhZyxy5nVCj1 +n06Hx81gYt8crbO1+BBkSURAnJN4ubzF/v1zY478srMd6x7hSctPbGeZflJACbTZxvLUBprm +gq0oHEOtl1XICiXkZqtoq9Tz1xJCDVQfXhUsJz+nYY20dI3bPN75OzyD+pqEPOiqbgfJ78yi +pR9H0HN2WBCSP5rY+ZJG66UXqMvmushHjj1ps1Jp/52sPzqK/PQXzuk3fj3LZdC7sLoD1jdv +Vqg0vylLamdOS6FzzbVB400aSnD/GuMzaMiVK9Fr4hp9h5ipWTJjVVpFjihQcfhvvcS0E0Gg +D5iyuAsPH7jZf/F+cs+upkNuNSj1glPaoos/X8oPtQiwYhW4aTtZxSiq3gFLm7JpooAjJhtg +8jHjsBnvsQQSQEGVYdlDSV9VtccRXHvYqxj21IFPlIK5Xzeuh1vuXg68q42e/2BBYuYetT0D +3FMxjHMWfUSg82viQw4h+4o9grvuDkyqpXKA4rT83cWQyHXen0EhkiqGqFGCfCtZfbaFBgR6 +uMcXeDZSe0Yr6iKOIuylpwWo3TMdrgTaesbJ9+H9Xzmtpcyb4uz8LjLxSIhG0j7/9qtp5/ni +Z4KLWDlxbSDWbQ/CE9X3a53Uw6a+dDZu1RSXM2VwjnpB/e4WDtJcWIQXJhwGbwSIXvHVxTP5 +g2T1ma6QWfWvo+6zsjLJj6otxD/Z/A6zyhN77wAj+w0/PcUh2sMutKRUgPPME8wWvQpz76SP +I6RwEfNXU5Ayfbc92uBh8E2tLWiknd/34K+CCxpqcKL848JdxkW0NyYW1dgi4YobmmMZkK+6 +oFDTni5uHTCNzWQHWirz6qMSm/XtkjdKf5TomLmEjYZfYGl+GbP6mQLPxPdNjol+zsKRaTgu +tj6Xe0m6SrCCJODDiIn7tcrar5JqZvUZRXX6+Ei6D08D0aGNfx23P1NtyBJFkb7BbXgQgvf8 +kOsa7704o0lNhhnks1dy59p9z0nuwC2kjJmohFNN/P8BkAmbH2xUnVeVAAZAxGUQSoLD0qIR +VO4268i4buWo2h8LHPVISrLZu8llPjCE4mWXSEjAMASHQc4rDVDhU/yJg6bqF7T5S9R/+Rqe +CMypbWpDQ/fHgZW32HKy1SK0+Ue4lI1R+fNEE7sDj6yd2MGl0noxF6dYDHrx2aWe+vYT0ZYO +sjVVBQOJpURX8HSknOLcYngdhb6YmD3q+h/2tKHrlvgRpPkADurOosYy39ltAagnQi6e51YD +LoI9ZxpjQra/EO2a1We9dqKVsnbz1U9WHXIN3wxvK6nF0f8AAA1e/wAADVkBEAABAQAAAAAA +AAAAAAAAAP/Y/+AAEEpGSUYAAQEAAAEAAQAA/9sAQwAKBwcIBwYKCAgICwoKCw4YEA4NDQ4d +FRYRGCMfJSQiHyIhJis3LyYpNCkhIjBBMTQ5Oz4+PiUuRElDPEg3PT47/9sAQwEKCwsODQ4c +EBAcOygiKDs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7 +Ozs7/8AAEQgAkAB4AwEiAAIRAQMRAf/EAB8AAAEFAQEBAQEBAAAAAAAAAAABAgMEBQYHCAkK +C//EALUQAAIBAwMCBAMFBQQEAAABfQECAwAEEQUSITFBBhNRYQcicRQygZGhCCNCscEVUtHw +JDNicoIJChYXGBkaJSYnKCkqNDU2Nzg5OkNERUZHSElKU1RVVldYWVpjZGVmZ2hpanN0dXZ3 +eHl6g4SFhoeIiYqSk5SVlpeYmZqio6Slpqeoqaqys7S1tre4ubrCw8TFxsfIycrS09TV1tfY +2drh4uPk5ebn6Onq8fLz9PX29/j5+v/EAB8BAAMBAQEBAQEBAQEAAAAAAAABAgMEBQYHCAkK +C//EALURAAIBAgQEAwQHBQQEAAECdwABAgMRBAUhMQYSQVEHYXETIjKBCBRCkaGxwQkjM1Lw +FWJy0QoWJDThJfEXGBkaJicoKSo1Njc4OTpDREVGR0hJSlNUVVZXWFlaY2RlZmdoaWpzdHV2 +d3h5eoKDhIWGh4iJipKTlJWWl5iZmqKjpKWmp6ipqrKztLW2t7i5usLDxMXGx8jJytLT1NXW +19jZ2uLj5OXm5+jp6vLz9PX29/j5+v/aAAwDAQACEQMRAD8A9moqtf30Gm2cl3cvtijGSa4a +++LNlGStlZvKR0ZuBWkKU6nwomU4x3PQqK8guPinrEzYhhihX86ns/Ffia/XzElJUHOV4/rW +/wBUqJXlZEe2i9j1iivMP+Ex1q3+/KCw6gip4PiXdREC5tUkHcrwaTwlVbK4e1iekUVzmheN +dO1ycWyK8U5Gdrf410QOa55RcXaSNE09ULRRRUjCiiigAooooAKKKKAOY+IblfCN1g9cA/rX +h1fQPiXT4dU0o2dwXEcrclCARgE8ZB9K4J/AGkKeJr38ZU/+Ir0MLiIUoNSOerTlJ3R54v3h +Xpfg3UdNGmrHPMsToOc9+KrQeBdAd2SS7vkYdPnX/wCIqy3gfRoThb+9GP8AaQ/+yVdavRqx +s2yYU5wdzH164t57+V7XHlZOCOh5rn5n5NdrJ4U0xBt/tC8x16p/8RTP+EK0uRQ32q9IPfzE +/wDiKuGKpRSSYnSm3c5/wjP5XiKFywUDqScelevR6/pCR4k1S0DDqPOXI/WvPLjwdplpbtPG +9zI6so2yspU5YDoFHrW7pOmRWpEiqVyuPlHH41xYmpGpPmibU4uKszqY9f0aZtseq2bN6eeu +f51fVldQyMGU9CDkGueMCOpxtYe3NYWoabJJOZrWV7V1yFe1cxnH1HX8a57Glz0CiuFg8U6r +pjql2PtkXTMgCv8Agw4/MfjXU6VrthrCH7NKRIoy8LjDr+Hp7jIosFzRooopDCiiigClqXKR +D1c/+gtWPLFitnUfuRH/AG//AGUiqDKGFAzAmFzG7rGhAJJyB604XtzGGjeAuD3GR2x260t1 +fTJf3EChAsLKo+XOcorZP/fVQm8lPXZ/3yKLCJDPIBsjUjIHUewFWoYWS2jDDBArPN1IQR8o +/wCAirdvcERwu33ZYkdgOgLKCcfnRYBL0f8AEvmz6x/+jUqxbzyCLCKoC92NRaiMWLkHhmj/ +AB+dTWlarutdoIXI64oQETXJ25MbA9DsolCEY4zjpVswL5QXgMB1xWZMRDIywoJn6HnAWmIz +b+GZyyIisD0Vl4Nc5I0ulXSO8zQtnMTrkGM/71dVNpufnMkm7Odwfmqd5CGi8tuQB0b5v51S +Ezf8M+Kl1QixvdqXoHysOFmA7j0PqPxHoOlrxm5DROrRkxvGQVZOCpHQivSPCfiEa9px80gX +lvhZ1Hf0Yex/mDRKNtQTN6iiioKKmoD9zGfSVf1OP61QrUuovOgZM4PBB9CDkH865PxJrVx4 +d057yS0inAcIqq5TJJ+hoAqXg/4m9/8A9dU/9FR1CRUGlan/AG7Fcal9n+z+dNjy9+/btRV6 +4GemelWiKoRHVuIf6Ha/9e0X/oC1VIrIt/FtxNGsFtoxk+zoITI1zhWKjbn7vt0zSYzfvJSL +AIennIB+p/pWtZy4hXmuQa71fUzGhtre1jR920MXLHGMk+2T6da1oZb22ULM6FDwGCkHNFhG +zNqCbjAmXkPGF7VJFAkEQHBNQWkMUcQIwc859fepJJeOtNIVyK4bg1jXjda0LiTg1k3b9atE +sxr3qai0LWDoOvQXpYiEny5x6oep/Dg/hT7s9ayLoZVs1VriPeQcjIorC8F37ah4Vs3kbdLC +vkyexXjn3xg/jRWBqb1ee/FqYLpun24P+snLMPoOK9Crzb4uKQumSfwl2H44qo7iexB4JQHR +wCMj7Q39K2roRRXTkqPLU8iuB8NFl8S6ftdgrSHIycH5T2rvb8b2uap6MS1RDJcWsq7YUCt6 +5J4rA0FUCHKjh2/9CNYfjDUSkS2lskrlHDTSR/8ALPjocUaH4msUtVjCM0qLyqkAH8TyKSBn +oELoOgFJf3VoITFcTBNy546gevtzXM6Rqd3fakWadyigsYw3y+gAH410O/PDZHHcU7E3LWnX +ED2SC2nE0ajG4HJ/GpJJeOtYlxYpJdxXMcssLxkE+SwXdj14qrf6jrP22SK0t4RFkFZZMYx/ +n8aANieXg1mXMnWla5lKRCSMFmB8xoz8qHHvzg1TnlzVIRTuW61l3MyQRSTuNwjXdt9T2FXZ +3zWfcRpPG8Mn3JBtJ9PQ/nVCO7+Dl49z4f1BJG3Mt6XJ/wB5V/woqD4LwvDpurK45W5VT9Qt +FYPc1Wx6VXDfFi0M3hmG6A5trhSfoRj/AAruaz9d01dY0O809v8AlvEVX2bt+uKFowZ4z4Zb +d4h04/8ATRv/AEBq7+T53ufrXnXhffF4ls4JQVkildWB7EKwNehwnfLcD/aFXLcUThGs5bDU +pYrgFWZ2dGHR1J6ip57C0voRHcQq6htwI+Ug4xkEVo+MJ0jksrYA+ZuMhPouMfzP6VnQyEqK +qOqJejMmfSr/AE8NNbzC6hjG7aQVlA/kcVueFtR+12Mrpceagk4Abdt4/rUiMeOeaqS6UhuV +ubSaWymxtdrbC+YvoR6+9FhHRPcCNGaRgiqNzFjgAVmya/pYkZftSnH8QQlT9D3rmdbefT4o +7KO6ne3ky+yV9xBB9euO+Kw2mfruNAj0OW8t/K837TB5eM7/ADBjFVp3IAOQQwyCDkEexrz9 +5W9vrirula1LYyiOQu9s2Q0YPT3GehpgdJK2apzt8hottQgv1k8pZEeMZIYg5GcZyKjuFkkK +QxKXklYKijqSeAKdwPUvhdbeX4ZmutpH2y7eUZ9AAv8ANTRXSaJpqaPotnpyYP2eIKxHdv4j ++JyaKwe5qi/RRRSGeaeJ/Dx03x7Yavbr/o967eZj+GQI38xz+dXdPffczD1cVu+Lzi0tT6Tj +/wBBNc3oz7r5x6uaroIwPFt5FfajBaQaCa1BSSQd2cfL6GPluDCPgU3+yprC/ltrpcSqxOez +Anhge9aMNv04rRaIh7jEiNSSFLeF55c7I1LNjrgVcjt/alu9O+12U1uSUEqFNyjlcjrRcVjz +zVL6bU5xJIioqjCIo4Uf1NUDEfStiXTLizuHtboL5qc7l6OvZhTTZ+1K4WMZoSe1NFuSelbP +2M9xT47As2FXJp3FYqaUptJ2fZu3IVwSR1r0L4f6FHqmsf2w8bC3sjhA2CGlx29duc/UisHQ +/DlzreoiwtPl24NxPjKwL/Vj2H9K9m07T7bStPhsbOPy4IV2qO/uT6knkmoky4otUUUVBYUU +UUAc54yP+hWv/XwB+hrntOTyNbSP+84rs9Z04ajaqu7a8bh0OMjI9a5O6gvob3zjZAuDwyOM +fryKaegEHjZTYva6qV8yFf3MqKMsueQw9uDmq+nPZahGJLSdHz2zyKsXEOpagyC4IWOM5WNO +mfUnuaxtT8NOJPtFoGt5uu6PjP4U0xNHSx2bjtmrC2p/u1xEOr+J9MO1sXCj++OavxeO9Tj4 +m0vJ9jTuI09c8NrqUavGfKuI/wDVyhc49iO4rnToV/A/lXCI5xkPGCFI/HvWhL491BhiLSuf +c1l6hrXiTVZQIALaPGOFyfc0gHzadBZxGW9nSFBydxp+nafPrEii0RrOyP3rmRfncf7Cn+Z/ +Wo9K8NXEl0Lm+L3EgOQZTux9K7W0s5BgYNFwsbOg2tlpVilnYxCOMHJ7s7HqxPc1sqcjNZNn +bsuM1qoMLUlD6KKKACiiigBCM1E9tG55UVNRQBWNlF2UVC+mxP8Aw1fooAx5NDgfqg/KoG8N +2p/5ZL+Vb9FAHPjw1ag/6pfyqZNBt06IPyraooAzU0qJOiirCWcadBVqigBixhegp1LRQAUU +UUAf/9mIRgQQEQIABgUCQblp5gAKCRBt+kzo6TRK2TldAJ45g/9KA+gKUTMGcADWkF1z8rcU +JgCgy3+CcIo4AsiSkihWZJ9mquL1+SGIRgQQEQIABgUCQbpWsgAKCRDALc8ZBgSYCbR7AKCw +ifyI5KhuZKEY4/bIlpi+sG7B1QCgsija6TPA4BxQc5/dvvw/QdeSg9mIRgQQEQIABgUCQbsk +RAAKCRAQVXuDgHysJXHBAJwNroA3EMzfKmrHMFMSnITb08P+7QCfVBUHT7xY3ZEMeomMXWuq +uD9lx8eIRgQQEQIABgUCQbtruwAKCRARYOF9CSuajQqIAJ4j/34bnAjEOyTujxGxDzKj9DpT +vwCgtkS1ZlYWbVrxu5eeX7PXE2GvtnuIRgQQEQIABgUCQb2LDgAKCRDSmAwLmNZAO6T2AJ9h +B/jnWeVP1GTp/n/nRSd9caJ+8wCfbRBpmtY/r1YhD6Cru2lprPcDZq2IRgQQEQIABgUCQb3r +LwAKCRClI+t2YZIA87w6AKCqZggBc+OyFUt8hGOHP/Cc7eAT7wCg+a6n4JRStuVnVzm+ufD0 +S2MKzg2IRgQQEQIABgUCQb3s8QAKCRA0lNVTFE+z/WL4AJ0WZa4+aXuJkx5LgMPtr45Hx2Zz +LACfaUWMupBhvHZAXkFtJCX/PwlS1COIRgQQEQIABgUCQb8lXwAKCRCyvrxAFSkkryJOAKCl +UQXhASlDpPWP5qf3ZacFI6nQsQCg6m8Xa8WEc2a246WSIYmoo1uS1ZKIRgQQEQIABgUCQcDA +8gAKCRCIs11xG9VheWIiAKDnJTzfTUU91K5tO1lzEwzJuujxYgCfSDs/0DUYgt6206QK/MTG +n64Hs+KIRgQQEQIABgUCQcDA/AAKCRATCmFy0MSn5EdAAJ0RLewB5SKiSfCp69Yfw8rMF11Y +jwCfXBeDNcBMRgS7Lfho9vgMwE0Qe/yIRgQQEQIABgUCQcEtCgAKCRCat4fMennGGpNTAJ4t +uJHtcjtKrMJ+yqvFtGdr2JaDjwCgixzHZajDVA/1BS79RTlDhbp/h6eIRgQQEQIABgUCQcFg +cQAKCRDG280qxMGem5SLAKCgv/Eb/iShSlvfz4loimyyD23lggCgz2D5X5+fzYOVaRQdCZg4 +ATZttS6IRgQQEQIABgUCQcFkzwAKCRAGW4pwXz5ei/HmAJ9kMQJiQQSobuJoJwaq4XFWcmdY +ZwCgiLjyBYIMQGaflKcf/d2RmxkvJ36IRgQQEQIABgUCQcJ3CAAKCRCK9jWj4/ci/PJMAKDG +Y7TYzP+B3EsByloUqkiPqrGfOACfX+vMEu1WibKWv8uGg+pChvUwbxyIRgQQEQIABgUCQcJ6 ++wAKCRBV1S9dK6v/X7QvAJ0exhypCorv/Js/2b784Yq4DGZSywCeJiGGzAa3tJanwiTVJZr3 +suiUKgqIRgQQEQIABgUCQcKDZAAKCRAYWdAfZ3uh7JbRAKCJw6bilgi2lHtJ+m3aPCFUgh4d +8wCeLUNpny3OwPJdrWL7BTgW9dnBzJKIRgQQEQIABgUCQcKDkgAKCRCBwvfr4hO2khA3AJ0U +Mni2TMYQW4Vum1wkutKtmiR3+ACfQp3lnLm/afeJ9w63xINS98RFG+aIRgQQEQIABgUCQcKD +yQAKCRBrcOzZXcP0c4RCAKCf7AR/3cfpA61wCHUB646JHqGNOgCfbqUS7o+gN4nRTMSCuXtg +ozWf1E+IRgQQEQIABgUCQcKQTQAKCRDuTnx2tnTeN2AkAJ9G7J0FvpHds0VEYg2RUL9gDw9i +iACeK3xXhTGXe2X/QD9zNah7a8azgMqIRgQQEQIABgUCQcLXwAAKCRD1nHXt++Hn0orEAKCH +ZLVsRnEsAZ8oUh29em8yw6geJwCgqXusns8tdS7RpMBRVYGkrXYr6iyIRgQQEQIABgUCQcLe ++QAKCRDpuCeE4qXJI08BAJ0bGg5aY0xOTt+YvHrKBmJ3zrPjfQCfR5l70vGdt9Gs++9p8rv4 +/HjpWQaIRgQQEQIABgUCQcLqRAAKCRBAtsWAgvbCSPtxAKDiU9GktdYjcuX2gryej7T2bmLF +aACfdFWrkUf222dcWuR+SPDyFDCsZkeIRgQQEQIABgUCQcLsbQAKCRB+JG/kPCxNZ/BJAKDt +ZkEy0fvtvQfcld40LGVvYF6sFACeNvf13qFfilg5w641Nt1/oeTBx7+IRgQQEQIABgUCQcO7 +PwAKCRBQImbXGUSdGo7bAKDDLF0AKWGJ4k7PmIkJNn5cXgAhegCfcOElqZz5zfilHPT4DNhM +RmdhW6CIRgQQEQIABgUCQcQM+AAKCRDtRPW9D3mZsRJVAJ9ZNqKXQx6NjqIG9m1NBxJEkJVP +jACgowsKB1vlSsdUF5AdP10lMf+Ks9eIRgQQEQIABgUCQcQNEwAKCRByTzRNulKCetSoAKCd +Qh8tZkxLY6noBE3U/Xa8L9foIQCfVD9t+Wot1+6vNeqJ7DetqMIX/yqIRgQQEQIABgUCQcQr +rwAKCRAFPIPA62nv8ZrYAKCJjTrMXs4UZPYqz9KkcPXmJikdZQCffEca8sygak+ydsmv5JwJ +c+ocpyGIRgQQEQIABgUCQcQrugAKCRAHBBQlOEl8CbT0AKDpMqRHEVvhxdlb8WanMQMdu8Me +PwCgwGOGqXQ9y7ewD1Hm7ea/lW5AEJqIRgQQEQIABgUCQcQrwgAKCRBUWCVHHPhGLBmfAKCR +EnSBh9+3kfEuFCCBaVMUa1uSGwCgxXCbFb0VMPM4Oc3K8dslhXebbE2IRgQQEQIABgUCQcvn +pgAKCRBjzvmIzMOwvRcxAKCwq9JCf1GQqWYXVnThjLXaHxcs8ACg2+XGpCIH2AxLdWFV5Tn6 +44WJONGIRgQQEQIABgUCQdql0gAKCRAUDnOdick1YxSCAJ97qodi3ATKxKY6wRD4u6Qtoj2j +kgCdG9sn+qydThVVA+ZZf+L09JvSHCOIRgQQEQIABgUCQdsIVAAKCRAvYT7YQKUZcgUBAJ91 ++mcW46LRe9UiPKch3DrhNd35twCeMzo19ARRym4qc8OrkVCo5bCvSfaIRgQQEQIABgUCQdse +gwAKCRAwGUSWro8ffBU6AJ9DvTmioCVtutjHuYYrv8jkkG9E/QCdFmVDIUqfbEW9BN5Uf0Pv +vrhXJS+IRgQQEQIABgUCQfAINwAKCRD+XGwHccXRQxGQAJ9pyzo03UJcl3Jk/At4ZeQtEf+r +EQCglMKc081uHnmZJVmztxtwxIQq9GiIRgQQEQIABgUCQfuvxwAKCRCB/BYhp9h61/hYAKCR +gRd9vzfKGLoh9rC40npqGMovAwCfakMVqgWp0yhDX2hcv1aadEJYVIKIRgQQEQIABgUCQgdt +XwAKCRDURwan/6P8Q7qgAKCnpCPo/4onW3JUzkRkdIQ0MiQ3lwCg04S2+kgf0gQblL2E1oY5 +8/QTbWOIRgQQEQIABgUCQgd0QAAKCRB1a+hDMix5UDmMAKCn5OKO/oDr9gLFyvPZgPYFQUCE +pgCffSYbqQbnqSxUwr2ketm6N8fSoTuIRgQQEQIABgUCQgd0TAAKCRB3XR9a9N/ytw2JAJ9E +n406QFHalzE5QET0Z8P6erieDwCfTmbkbzhPMmUf/KFgZ8u2n4FMeFqIRgQQEQIABgUCQhND +mgAKCRBm8NCqnWDHoPooAJwJed0W3narYNmScu3YlGmuTFI9gQCbBMx57McuVMetFrAR0fig +bGT2a/CIRgQQEQIABgUCQimURgAKCRCB/BYhp9h615n4AKCF68tSaxdQQSIuknW1Vg+UexC3 +egCcDM2faKgGbiuTOAA/zpFFCx4LXwKIRgQQEQIABgUCQiud7wAKCRBj+tcg9C+K4SD4AJ9d +4Rzu5n7m+KuENwK0A5rNUR5Q3gCeLByCv0tauvASt7chhA9q6vBG8fiIRgQQEQIABgUCQjQk +0QAKCRAhEXpzaG1GLLfuAKCWFF8f9MK0g8fFUGDNZuZi7hQ1RgCg3DP88AHQU6g/wgChRmJJ +5w6TcWuIRgQQEQIABgUCQj/togAKCRAwGQ6MHyjYrg63AJ4wbUZWsMtJ+rox/QtBcYyt6+kh +GgCZARWOyozuhhfe+m1GHWRDZIX4T4+IRgQQEQIABgUCQkPpNwAKCRAR5APyddkthZ2RAKDr +za49lnaXsWa2I4aI5dpdlIvBjQCgoGfH4n9+kOn7Z/B5xjy2pLWH+H6IRgQQEQIABgUCQkQI +RQAKCRBsj1GUHA9+vSeeAJ0fS30N/ZIlsydoM36X2OqlF1T9GQCeM2xF6K0D8RCAkpfwSnxN +530gBZSIRgQQEQIABgUCQkrYyQAKCRDI1obxX3CRuvVdAJ0dMRsbRMg0khT3M97wJUBm4jrV +CwCgyhjopQoh84w+rxQotWNpm6/8GduIRgQQEQIABgUCQkuwnAAKCRBl+NXtJr5zhXyEAJ9g +DwLc8JPrxiqqd3qwqaj4+lftgQCeJCg10EvKZK6ZLXuGGBfCgDVGBJKIRgQREQIABgUCQbmY +RwAKCRB7OOehsU6CsZF/AJ4pqyZCo8JVo7HxNhqrNmn1hYO/pgCffMsmRYhf7FRhPzbsz0/7 +wdDujFSIRgQREQIABgUCQbo3HQAKCRBN76M+eBZV3WExAJ4lQNpJy4uXWfrftufLa1En2msR +WACeI2ML3NB2O0GMpU8RFRXFaz7zEm6IRgQREQIABgUCQcEmRAAKCRBoZ8UUuFtdaYL6AJ9G +jW21n7MrOwlGplUxYqzlPiJnDwCeKojUYeINaOOzIq8MkMC+rKRJeZuIRgQREQIABgUCQcKX +EgAKCRA1vDC+jf0N40/bAKCd47WPhkgxSgyVVW7hBIjWr3lHtACgo5qgGXbBTr7MLsN08QoU +CeyBsMyIRgQREQIABgUCQd0N0AAKCRCkyibMwJxWpfF5AKDCE3UKnwhRHO+cu7H9iRN7QreT +kgCfdxKoNrcNmlETRh1V6QLywljHal6IRgQSEQIABgUCQbjX5gAKCRBz3mmMxxQFou7bAKCl +0JDVAaJQBAQ6qaabvjjeLLl1swCfYV6L+2hlUDJ/g2TAFIPPpF66WY2IRgQSEQIABgUCQbjm +rAAKCRA8ePtFkXrFQu+8AJ9ANnYx44VJfH6DGaobZIX3tWvymQCfcYsNfpB0PFa5v1v+fFkx +/0yIhZeIRgQSEQIABgUCQbkE9gAKCRC6UZzNhPfoFqjRAJ0a4LTDaBkg5c5W1IzPfQk5Lt8o +bgCgkHEswMOeCPTq9fnTJjgWUdukAeGIRgQSEQIABgUCQbnfXAAKCRB2T+fDdkI3l//zAKCA +ATgAYtQha0NIFpxdIjyQZgEPmQCfSciqsKMtBl6YKW1d6RcGzigpgU2IRgQSEQIABgUCQbqw +fwAKCRBSVUjqL3oEGoQbAKCwlr7r+GFG5dtL8lI3a9L/fJWRZACbBAkPWFHW2s3ehaQZPXa+ +inACIQyIRgQSEQIABgUCQbxFDgAKCRAINMpFskIXmXTRAJ41S3aBZYT2jmxL4s93o1neOMYF +VgCgsWpobSmf0AexGVVzloKxLF6yqSmIRgQSEQIABgUCQbzMCQAKCRAbYDT0drefIGmvAJ9Q +JmB2q2Bx97FuWK1Rv/RgfGa/ygCfaLHxGsaXQBLWEUzDwlwhghUPyv2IRgQSEQIABgUCQb2O +VAAKCRDd00q/ZBM43jG1AJwLwt3k7xuEpYE2fnl8h/QE8BSeiACglEJfekwIt0AozyX8wR0h +r/TXwGyIRgQSEQIABgUCQcDmVgAKCRBE4H/CU1ZMNhO6AKCVol/E/SQeM0GLBgCZpjlBvAC0 +LwCcCnI87PMAIhFXlu9QxCn9ApjbBr2IRgQSEQIABgUCQcGsEgAKCRDxh6PuhbM8sAOyAJ4y +e/eXswj1m2tgpVsV2T5o08IdvACdG2Um7NCGKyvwRJfGOwsMaYN1xuWIRgQSEQIABgUCQcH6 +OAAKCRCXJwKVh2m8CYaFAJ49lUstBgNRAcPk/KCOj80IHeOfZQCfWWdDnWcWj05petlZZybq +4YzHH/KIRgQSEQIABgUCQcKAqQAKCRBDUTj2HkocBQ1ZAJ43JuCGvM/Bxgji0rXOuGbeHOJ3 +dgCfXlYfgkFES/qbCf1sEsz2UMO6ewKIRgQSEQIABgUCQcLpagAKCRAJqHka6btaDLD2AJ44 +xHtW+/zeD1bqdur9lvqOtQyzEgCgqDFd8BkwQu4erkD6a1eZ6rMFaQGIRgQSEQIABgUCQcND +GwAKCRBlL0JlOLTfedZeAJ92+HVnaY+/EyYIW/guzjwCxSbmuACeOA1LSm3noSSwKommk4SY +5+E4yjaIRgQSEQIABgUCQcNDNgAKCRBnCz6r1liODqA+AKCdN61nSH61XQnUnfsb2CN8mL26 +yQCg7qyx/QEUZyNBjeComzJdc2na0gCIRgQSEQIABgUCQcQ63wAKCRAC2SvqBxxfJYH6AJ9G +seW0VDCVlcFvLcnxOjRAY9gq8gCg1oP1ofyzl1w4YtNUpNy/BUMj5vuIRgQSEQIABgUCQceG +oAAKCRAWdTUyxs5mkLaCAKDMYb+6nP8uAq1YfTG/T4iXh5UPmgCg6W6oopoSAmG0HDA8NdB2 +ceaTmPGIRgQSEQIABgUCQemPIAAKCRAbk3BGrFnJej6zAJ9ZTO4wTua4Q+gFh2Y0Bjd1JJ4q +ngCeOVIcMMJIk74aT+s+0DdDYYeGrfeIRgQSEQIABgUCQevtBwAKCRAY8eZ2IgXmfzoJAKDG +kBrBA3376XsO808RJR1tpHKLcwCfYr9XC+hrsoZKkYr7B5l+2kdtEsiIRgQSEQIABgUCQfRB +QgAKCRCS3gwFaJf4DS9wAJoDyHd77dJaLQNVv4D02YwtxZE/+gCfddqg7UtEwBh0t1QQzgGo +cee95/2IRgQSEQIABgUCQirhvwAKCRA7LlydwpXb5W/SAJ912XT2MDSq/i4PhE2ZHgqDchuB +zwCfXmpIPJkN/kBH+xoPooZpg4RxRFKIRgQTEQIABgUCQboilwAKCRCDZs3xoWLNGT18AKCu +RZpjIkbdDqNj2pcADlCFvnUjKQCeKF6yTYoZxx87T8zinT2aOHySCRKIRgQTEQIABgUCQbxO +lAAKCRCu/WNrOwxysyB+AJ9wmtapHvF+fjOgdSjjouY//nkYzACg3YNCLC1WKAbOTNo3j9gM +DDb5VtCIRgQTEQIABgUCQb3uOAAKCRCSMV7PIs6jQnQ3AJ9Uq+l74BBloA1OObhqcAt2vJho +9wCbBlkNlMYodyqh+RTYHjTGVRt55TiIRgQTEQIABgUCQcC9fQAKCRAImJ3bS6kyxG3uAKCz +iGb0sPwIoWGb4ql7ocMlnvEiKgCgoSzWoUFbIQ3Xf3giuVOerPxvpQCIRgQTEQIABgUCQcIA +qAAKCRDspby3u5ZWsKUJAKCrGGCo01u+JP0+MVFaLfQsvdI/6QCeMSNWJheT3j8nfzC6YwZu +JJ4o+QyIRgQTEQIABgUCQcIXLgAKCRByUmrTo/lyDJ8DAJ9Y8LPLQfXzXntxc2vZM4Q2eUff +BQCbBNWiU9zN536AMarai6pTFGJiFTmIRgQTEQIABgUCQcIXPAAKCRCzn136OctqmvGjAJ43 +wh29e8SqRoxzpudztCcfEZ1rTgCggqo6vS1aMvrvoqDYa4GeMt3TQHCIRgQTEQIABgUCQcIg +twAKCRAUiBtq5F4lpdSIAJ4q5FzAGmMZGrSBamOml/97E/HteQCfcrJlTad7SDMuWb2oXIMC +h2WV07eIRgQTEQIABgUCQcOVuwAKCRC9BJIGzxawmwTiAJkBxDTL7TG4qB93H0ZJEIgwxCAC +RgCgsEbEszs+4s6LZ5ntXIOFmUhglCKIRgQTEQIABgUCQcWlawAKCRC6/PcF+eIJBJF9AJ94 +AKsiXKme/EPMwRoQQUhHUmAkrgCePMs0FAL1AhJ5M0x/eYuC7/piNU6IRgQTEQIABgUCQchk +oAAKCRDj134flRYZkepzAJ9jr+vaxD3w1kbTnLILxLowuUTfPwCggNdkSnu58cUNMxVsOBnC +sM7pdT+IRgQTEQIABgUCQclU4AAKCRDcipiU3cr+5rMaAKC3+wDtphVo0qRGkceuzE+4Lf5C +1ACg7BY2eO5F/p4rGQp8lPl6x6Uk4weIRgQTEQIABgUCQcqWsAAKCRBqGHjOEnRkPk2dAKDC +EXraWVpiqLiVrPHLcRZr6hi0kQCg0Fg9WFzHp7qsNxLffC1bfq5LDLmIRgQTEQIABgUCQkqz +vAAKCRC0cYm0Kn1xAj4DAKCz+FwQ9bECssaF6o4LlalRz9WRTwCg1mQexgXpaf8BKwGp5jqj +HSXQNZuISQQREQIACQUCQbltGgIHAAAKCRCO/0/rkF85Q6gzAJ4iP75JL/Lu/Yxdclm7yPi5 +Djid3QCaAqIoj5J7vrEmdQ1F3bZLiQ9x1K6ISQQSEQIACQUCQcsd+AIHAAAKCRDGz6amEstd +6HeBAJkBQlRPvFw+CSjzlbycXKXk0s3u4QCguAsbErCVYNk6EY8WARr4318ftNmISQQwEQIA +CQUCQdRphAIdAAAKCRAbYDT0drefIPluAJ0W/+IgTn/8yjf0gCDBXAMejantawCeNzdup2gz +svKGyVtZIxgq14AmKDiISQQwEQIACQUCQh6SggIdAAAKCRAWdTUyxs5mkHDSAJ963AryItrk +63ZhcxwZUI30veGS6gCg4ybJf212Y5QOMADEaklcdj5NT0WITAQSEQIADAUCQcDFFwWDAeKF +AAAKCRCqWhv2nyYhFtCrAJwJmy6CS3/5+gpxUHdDOE98BVdI5wCcDScTXrWgFi+l6odHmIsz +6nRrZFSJAVMEEAECAD0FAkGz06wHCwkIBwMCCh4YbGRhcDovL2tleXNlcnZlci1iZXRhLnBn +cC5jb20FGwMAAAADFgIBBR4BAAAAAAoJEJcQuJvKV618ERsH/020sz1xtDSLdUBRN8/eZN92 +BXMdUf38TOSb96cHVY1XU2X1dDU/BzdRZQp9AZkP9YgUtg2CMgyqeksaNsvSmB1C92dJD5VR +zrX2Xy7ugeqkDnzInmMbULl6jDDXmO4UZDzEivhwM20ocwx8BF69W6Eav7LRoEN2rVAW8QqV +HPoeDb8hWnwhSJo1FyY7mjm+c4aZbGB6sEqZH0pew45JTlecKv1lo9uyN/CAREBkE9LVDsud +WxLX8u12HTDPvlE5qMXq/zNUFksz89Z25af3zzWA+AE+EJHKSic7oSprjiSx0txKNkWnRRRF +Zce2DmVZSI8S+Oy3Qdc3SdbYIDVAD7qJAhwEEAECAAYFAkHCg/AACgkQquPmzmahRGgyrRAA +yDUrB9nrhE+bGBiEsvxl5d5y9zxxNjAFCucti3IfV7TQxkJtGEizzWu6REf91GSX5+EyDXHr +LuSxVDiBuKOzaNzKJTfedm3uOgWOxUPFN39stPCzssm/1Kh80cYYPdIiF2SFyFdraLhTfFhi +3VM1MCvi9LJK6a3O3vqKeIXVFFO5UzkLZUUBkOgyEu/bf1H+WCSiKOwdiVcE6VanTVVZHwDj +H9tk1mwy3ZDlJ9jkylPKnZGJJoIEnQx046ALPLxPVjjQggYn0Nmcfy1+uO8U6bctr+doFmfv +CICFnsevFxk8MUg5OzO1OwaWvtWV2ClB8gcFpNPmYJ7gqLKxZbRxBpv0QOXym2XOiMgfSL9d +dcQSEM/fqxx9MHEkM3/GPcEDBED94ZmNff4CeopgM/xIRQdSRi7MeVH/QPb5AHnC9SVoKHOn +HCKLjqwSveXeNAyy+dc3mRehvHd5HUb3g4dNm3GSVQzXiZN/Pgd0MoyZn6HlSwCtDBCHgUEv +Xo/aCvjgZLJnrpnE9VaQGmokHyWtxlO+sItnsvLEakb+kABXntjyMA9q4SVkJAqV4Dbnr2Gk +RZenU6wXzosyKsRKC52B1TAZyfebamkssiDXRl5zaxSh0jWvgB88+/2Gpl4A6TdYRCn4f2PA +/Wcr1Qm5zy042DMi2GpnfRqD0cmGiiRwhUWJAhwEEAECAAYFAkJEDPsACgkQ3DubQarFT6Nf +QhAAt/bZkztHJr3CZ9b1wQv3xFJCQvZAuW1frRlN2in+NoK9FbqyQEou9L+a6SrCfhgt7k26 +5lV/EFa2EYuJqQD4AvoDudls9llCdQJmy1vXN6P/sHjngIN4FE9EfbpKxloPCwW0Fy9yk+w4 +1sA7qhQ/FTfGXYrsdWJ1aLisw5xs24KOcXahFIWuo0LqjYSLwBZ3pfD+RuWE7erC/oiBAzAA +bzZUGcdyW4YGHoGPQb+q6xls3FVP24SS0C4g/yRgMY8/V41OCVZ5/VLVX35EIAIWblrx+NaY +tXL1BglG1TNYLJC9pZJpw5xvo51UZLFRsNPDWaz+x/xYJRiSjjmvTkkqFv9dIhgCQSdT2Bor +43CgauDJSLOBfc2+Jb5XY08AoMG0rmRuurJ2uNzUmrwjWTtmBGTKowBtmzMZTi6hg/5wvkRn +6Lyk3DEs8TR/SGzA8e11ZloOU9ePU5EaQQo/fPQPhtjfdEyRBDOWn5gV9a/zw4Wql0+LOFqy +FVQOUZXXXupIWbm7iZFf8kK4D5CB5MfKuBwZRd4AY5+R2hCRwWGq5TU6YU6eeBh8hi+zjKhH +URZQapap4bXNxvH2Bp7sg3MQALYTWNt3NLVbRSvi9VNeoYfWUB272+IafhaYzxwzJeDdU7rm +uBi9jyr5hnt0+dfu7ffCKhQ7Pu27U+Zoi3cFfYyJAhwEEAECAAYFAkJEDPsACgkQ3DubQarF +T6NfQhAAt/bZkztHJr3CZ9b1wQv3xFJCQvZAuW1frRlN2in+NoK9FbqyQEou9L+a6SrCfhgt +7k265lV/EFa2EYuJqQD4AvoDudls9llCdQJmy1vXN6P/sHjngIN4FE9EfbpKxloPCwW0Fy9y +k+w41sA7qhQ/FTfGXYrsdWJ1aLisw5xs24KOcXahFIWuo0LqjYSLwBZ3pfD+RuWE7erC/oiB +AzAAbzZUGcdyW4YGHoGPQb+q6xls3FVP24SS0C4g/yRgMY8/V41OCVZ5/VLVX35EIAIWblrx ++NaYtXL1BglG1TNYLJC9pZJpw5xvo51UZLFRsNPDWaz+x/xYJRiSjjmvTkkqFv9dIhgCQSdT +2Bor43CgauDJSLOBfc2+Jb5XY08AoMG0rmRuurJ2uNzUmrwjWTtmBGTKowBtmzMZTi6hg/5w +vkRn6Lyk3DEs8TR/SGzA8e11ZloOU9ePU5EaQQo/fPQPhtjfdEyRBDOWn5gV9a/zw4Wql0+L +OFqyFVQOUZXXXupIWbm7iZFf8kK4D5CB5MfKuBwZRd4AY5+R2hCRwWGq5TU6YU6eeBh8hi+z +jKhHURZQapap4bXNxvH2Bp7sg3MtS7JXU2dzk8zULF5J1OHfGPhandxhnLAzvkD+o+Ift+Dd +U7rmuBi9jyr5hnt0+dfu7ffCKhQ7Pu27U+Zoi3cFfYzR/wAADV7/AAANWQEQAAEBAAAAAAAA +AAAAAAAA/9j/4AAQSkZJRgABAQAAAQABAAD/2wBDAAoHBwgHBgoICAgLCgoLDhgQDg0NDh0V +FhEYIx8lJCIfIiEmKzcvJik0KSEiMEExNDk7Pj4+JS5ESUM8SDc9Pjv/2wBDAQoLCw4NDhwQ +EBw7KCIoOzs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7 +Ozv/wAARCACQAHgDASIAAhEBAxEB/8QAHwAAAQUBAQEBAQEAAAAAAAAAAAECAwQFBgcICQoL +/8QAtRAAAgEDAwIEAwUFBAQAAAF9AQIDAAQRBRIhMUEGE1FhByJxFDKBkaEII0KxwRVS0fAk +M2JyggkKFhcYGRolJicoKSo0NTY3ODk6Q0RFRkdISUpTVFVWV1hZWmNkZWZnaGlqc3R1dnd4 +eXqDhIWGh4iJipKTlJWWl5iZmqKjpKWmp6ipqrKztLW2t7i5usLDxMXGx8jJytLT1NXW19jZ +2uHi4+Tl5ufo6erx8vP09fb3+Pn6/8QAHwEAAwEBAQEBAQEBAQAAAAAAAAECAwQFBgcICQoL +/8QAtREAAgECBAQDBAcFBAQAAQJ3AAECAxEEBSExBhJBUQdhcRMiMoEIFEKRobHBCSMzUvAV +YnLRChYkNOEl8RcYGRomJygpKjU2Nzg5OkNERUZHSElKU1RVVldYWVpjZGVmZ2hpanN0dXZ3 +eHl6goOEhYaHiImKkpOUlZaXmJmaoqOkpaanqKmqsrO0tba3uLm6wsPExcbHyMnK0tPU1dbX +2Nna4uPk5ebn6Onq8vP09fb3+Pn6/9oADAMBAAIRAxEAPwD2aiq1/fQabZyXdy+2KMZJrhr7 +4s2UZK2Vm8pHRm4FaQpTqfCiZTjHc9CoryC4+KesTNiGGKFfzqez8V+Jr9fMSUlQc5Xj+tb/ +AFSoleVkR7aL2PWKK8w/4THWrf78oLDqCKng+Jd1EQLm1SQdyvBpPCVVsrh7WJ6RRXOaF410 +7XJxbIrxTkZ2t/jXRA5rnlFxdpI0TT1QtFFFSMKKKKACiiigAooooA5j4huV8I3WD1wD+teH +V9A+JdPh1TSjZ3BcRytyUIBGATxkH0rgn8AaQp4mvfxlT/4ivQwuIhSg1I56tOUndHni/eFe +l+DdR00aasc8yxOg5z34qtB4F0B3ZJLu+Rh0+df/AIirLeB9GhOFv70Y/wBpD/7JV1q9GrGz +bJhTnB3MfXri3nv5XtceVk4I6Hmufmfk12snhTTEG3+0LzHXqn/xFM/4QrS5FDfar0g9/MT/ +AOIq8YqlFJJydLbdzm/CM+lOIoXLFROpJw6F69H76kJHiTVLQMOo85cj9a88uPB2mWlu08b3 +MjqyjbKylTlgOgUetbuk6ZFakSKpXK4+UcfjXFiakak+aJtTi4qzOpj1/Rpm2x6rZs3p565/ +nV9WV1DIwZT0IOQa54wI6nG1h7c1hahpskk5mtZXtXXIV7VzGcfUdfxrnsaXPQKK4WDxTqum +OqXY+2RdMyAK/wCDDj8x+NdTpWu2GsIfs0pEijLwuMOv4enuMiiwXNGiiikMKKKKAKWpcpEP +Vz/6C1Y8sWK2dR+5Ef8Ab/8AZSKoMoYUDMCYXMbusaEAknIHrThe3MYaN4C4PcZHbHbrS3V9 +Ml/cQKECwsqj5c5yitk/99VCbyU9dn/fIosIkM8gGyNSMgdR7AVahhZLaMMMECs83UhBHyj/ +AICKt29wRHC7fdliR2A6AsoJx+dFgEvR/wAS+bPrH/6NSrFvPIIsIqgL3Y1FqIxYuQeGaP8A +H51NaVqu612ghcjrihARNcnbkxsD0OyiUIRjjOOlWzAvlBeAwHXFZkxEMjLCgmfoecBaYjNv +4ZnLIiKwPRWXg1zkjS6VdI7zNC2cxOuQYz/vV1U2m5+cySbs53B+ap3kIaLy25AHRvm/nVIT +N/wz4qXVCLG92pegfKw4WYDuPQ+o/Eeg6WvGbkNE6tGTG8ZBVk4KkdCK9I8J+IRr2nHzSBeW ++FnUd/Rh7H+YNEo21BM3qKKKgoqagP3MZ9JV/U4/rVCtS6i86Bkzg8EH0IOQfzrk/EmtXHh3 +TnvJLSKcBwiqrlMkn6GgCpeD/ib3/wD11T/0VHUJFQaVqf8AbsVxqX2f7P502PL379u1FXrg +Z6Z6VaIqhEdW4h/odr/17Rf+gLVUisi38W3E0awW2jGT7OghMjXOFYqNufu+3TNJjN+8lIsA +h6ecgH6n+la1nLiFea5BrvV9TMaG2t7WNH3bQxcscYyT7ZPp1rWhlvbZQszoUPAYKQc0WEbM +2oJuMCZeQ8YXtUkUCQRAcE1BaQxRxAjBzzn196kkl4600hXIrhuDWNeN1rQuJODWTdv1q0Sz +GvepqLQtYOg69BeliISfLnHqh6n8OD+FPuz1rIuhlWzVWuI95ByMiisLwXftqHhWzeRt0sK+ +TJ7FeOffGD+NFYGpvV578Wpgum6fbg/6ycsw+g4r0KvNvi4pC6ZJ/CXYfjiqjuJ7EHglAdHA +IyPtDf0rauhFFdOSo8tTyK4Hw0WXxLp+12CtIcjJwflPau9vxva5qnoxLVEMlxayrthQK3rk +nisDQVQIcqOHb/0I1h+MNRKRLaWySuUcNNJH/wAs+OhxRofiaxS1WMIzSovKqQAfxPIpIGeg +Qug6AUl/dWghMVxME3LnjqB6+3NczpGp3d9qRZp3KKCxjDfL6AAfjXQ788NkcdxTsTctadcQ +PZILacTRqMbgcn8akkl461iXFikl3FcxyywvGQT5LBd2PXiqt/qOs/bZIrS3hEWQVlkxjH+f +xoA2J5eDWZcydaVrmUpEJIwWYHzGjPyoce/ODVOeXNUhFO5brWXczJBFJO43CNd231PYVdnf +NZ9xGk8bwyfckG0n09D+dUI7v4OXj3Ph/UEkbcy3pcn/AHlX/CioPgvC8Om6srjlblVP1C0V +g9zVbHpVcN8WLQzeGYboDm2uFJ+hGP8ACu5rP13TV1jQ7zT2/wCW8RVfZu364oWjBnjPhlt3 +iHTj/wBNG/8AQGrv5Pne5+tedeF98XiWzglBWSKV1YHsQrA16HCd8twP9oVctxROEazlsNSl +iuAVZnZ0YdHUnqKnnsLS+hEdxCrqG3Aj5SDjGQRWj4wnSOSytgD5m4yE+i4x/M/pWdDISoqo +6ol6MyZ9Kv8ATw01vMLqGMbtpBWUD+RxW54W1H7XYyulx5qCTgBt23j+tSIx455qpLpSG5W5 +tJpbKbG12tsL5i+hHr70WEdE9wI0ZpGCKo3MWOABWbJr+liRl+1KcfxBCVP0PeuZ1t59Pijs +o7qd7eTL7JX3EEH16474rDaZ+u40CPQ5by38rzftMHl4zv8AMGMVWncgA5BDDIIOQR7GvP3l +b2+uKu6VrUtjKI5C72zZDRg9PcZ6GmB0krZqnO3yGi21CC/WTylkR4xkhiDkZxnIqO4WSQpD +EpeSVgqKOpJ4Ap3A9S+F1t5fhma62kfbLt5Rn0AC/wA1NFdJommpo+i2enJg/Z4grEd2/iP4 +nJorB7mqL9FFFIZ5p4n8PHTfHthq9uv+j3rt5mP4ZAjfzHP51d0999zMPVxW74vOLS1PpOP/ +AEE1zejPuvnHq4qugjA8W3kF5rMVtAoZrUFZJB3Jx8v4Y/WoII+BTf7KmsL+W2ulxKrE57MC +eGB71ow2/TitFoiHuMSI1JIUt4XnlzsjUs2OuBVyO39qW7077XZTW5JQSoU3KOVyOtFxWPPN +UvptTnEkiKiqMIijhR/U1QMR9K2JdMuLO4e1ugvmpzuXo69mFNNn7UrhYxmhJ7U0W5J6Vs/Y +z3FPjsCzYVcmncVippSm0nZ9m7chXBJHWvQvh/oUeqax/bDxsLeyOEDYIaXHb125z9SKwdD8 +OXOt6iLC0+Xbg3E+MrAv9WPYf0r2bTtPttK0+Gxs4/LghXao7+5PqSeSaiTLii1RRRUFhRRR +QBznjI/6Fa/9fAH6Gue05PI1tI/7ziuz1nThqNqq7trxuHQ4yMj1rk7qC+hvfONkC4PDI4x+ +vIpp6AQeNlNi9rqpXzIV/cyooyy55DD24Oar6c9lqEYktJ0fPbPIqxcQ6lqDILghY4zlY06Z +9Se5rG1Pw04k+0Wga3m67o+M/hTTE0dLHZuO2asLan+7XEQ6v4n0w7WxcKP745q/F471OPib +S8n2NO4jT1zw2upRq8Z8q4j/ANXKFzj2I7iudOhX8D+VcIjnGQ8YIUj8e9aEvj3UGGItK59z +WXqGteJNVlAgAto8Y4XJ9zSAfNp0FnEZb2dIUHJ3Gn6dp8+sSKLRGs7I/euZF+dx/sKf5n9a +j0rw1cSXQub4vcSA5BlO7H0rtbSzkGBg0XCxs6Da2WlWKWdjEI4wcnuzserE9zWypyM1k2du +y4zWqgwtSUPooooAKKKKAEIzUT20bnlRU1FAFY2UXZRUL6bE/wDDV+igDHk0OB+qD8qgbw3a +n/lkv5Vv0UAc+PDVqD/ql/Kpk0G3Tog/KtqigDNTSok6KKsJZxp0FWqKAGLGF6CnUtFABRRR +QB//2YhGBBARAgAGBQJBuWnmAAoJEG36TOjpNErZOV0AnjmD/0oD6ApRMwZwANaQXXPytxQm +AKDLf4JwijgCyJKSKFZkn2aq4vX5IYhGBBARAgAGBQJBulayAAoJEMAtzxkGBJgJtHsAoLCJ +/IjkqG5koRjj9siWmL6wbsHVAKCyKNrpM8DgHFBzn92+/D9B15KD2YhGBBARAgAGBQJBuyRE +AAoJEBBVe4OAfKwlccEAnA2ugDcQzN8qascwUxKchNvTw/7tAJ9UFQdPvFjdkQx6iYxda6q4 +P2XHx4hGBBARAgAGBQJBu2u7AAoJEBFg4X0JK5qNCogAniP/fhucCMQ7JO6PEbEPMqP0OlO/ +AKC2RLVmVhZtWvG7l55fs9cTYa+2e4hGBBARAgAGBQJBvYsOAAoJENKYDAuY1kA7pPYAn2EH ++OdZ5U/UZOn+f+dFJ31xon7zAJ9tEGma1j+vViEPoKu7aWms9wNmrYhGBBARAgAGBQJBvesv +AAoJEKUj63ZhkgDzvDoAoKpmCAFz47IVS3yEY4c/8Jzt4BPvAKD5rqfglFK25WdXOb658PRL +YwrODYhGBBARAgAGBQJBvezxAAoJEDSU1VMUT7P9YvgAnRZlrj5pe4mTHkuAw+2vjkfHZnMs +AJ9pRYy6kGG8dkBeQW0kJf8/CVLUI4hGBBARAgAGBQJBvyVfAAoJELK+vEAVKSSvIk4AoKVR +BeEBKUOk9Y/mp/dlpwUjqdCxAKDqbxdrxYRzZrbjpZIhiaijW5LVkohGBBARAgAGBQJBwMDy +AAoJEIizXXEb1WF5YiIAoOclPN9NRT3Urm07WXMTDMm66PFiAJ9IOz/QNRiC3rbTpAr8xMaf +rgez4ohGBBARAgAGBQJBwMD8AAoJEBMKYXLQxKfkR0AAnREt7AHlIqJJ8Knr1h/DyswXXViP +AJ9cF4M1wExGBLst+Gj2+AzATRB7/IhGBBARAgAGBQJBwS0KAAoJEJq3h8x6ecYak1MAni24 +ke1yO0qswn7Kq8W0Z2vYloOPAKCLHMdlqMNUD/UFLv1FOUOFun+Hp4hGBBARAgAGBQJBwWBx +AAoJEMbbzSrEwZ6blIsAoKC/8Rv+JKFKW9/PiWiKbLIPbeWCAKDPYPlfn5/Ng5VpFB0JmDgB +Nm21LohGBBARAgAGBQJBwWTPAAoJEAZbinBfPl6L8eYAn2QxAmJBBKhu4mgnBqrhcVZyZ1hn +AKCIuPIFggxAZp+Upx/93ZGbGS8nfohGBBARAgAGBQJBwncIAAoJEIr2NaPj9yL88kwAoMZj +tNjM/4HcSwHKWhSqSI+qsZ84AJ9f68wS7VaJspa/y4aD6kKG9TBvHIhGBBARAgAGBQJBwnr7 +AAoJEFXVL10rq/9ftC8AnR7GHKkKiu/8mz/ZvvzhirgMZlLLAJ4mIYbMBre0lqfCJNUlmvey +6JQqCohGBBARAgAGBQJBwoNkAAoJEBhZ0B9ne6HsltEAoInDpuKWCLaUe0n6bdo8IVSCHh3z +AJ4tQ2mfLc7A8l2tYvsFOBb12cHMkohGBBARAgAGBQJBwoOSAAoJEIHC9+viE7aSEDcAnRQy +eLZMxhBbhW6bXCS60q2aJHf4AJ9CneWcub9p94n3DrfEg1L3xEUb5ohGBBARAgAGBQJBwoPJ +AAoJEGtw7Nldw/RzhEIAoJ/sBH/dx+kDrXAIdQHrjokeoY06AJ9upRLuj6A3idFMxIK5e2Cj +NZ/UT4hGBBARAgAGBQJBwpBNAAoJEO5OfHa2dN43YCQAn0bsnQW+kd2zRURiDZFQv2APD2KI +AJ4rfFeFMZd7Zf9AP3M1qHtrxrOAyohGBBARAgAGBQJBwtfAAAoJEPWcde374efSisQAoIdk +tWxGcSwBnyhSHb16bzLDqB4nAKCpe6yezy11LtGkwFFVgaStdivqLIhGBBARAgAGBQJBwt75 +AAoJEOm4J4TipckjTwEAnRsaDlpjTE5O35i8esoGYnfOs+N9AJ9HmXvS8Z230az772nyu/j8 +eOlZBohGBBARAgAGBQJBwupEAAoJEEC2xYCC9sJI+3EAoOJT0aS11iNy5faCvJ6PtPZuYsVo +AJ90VauRR/bbZ1xa5H5I8PIUMKxmR4hGBBARAgAGBQJBwuxtAAoJEH4kb+Q8LE1n8EkAoO1m +QTLR++29B9yV3jQsZW9gXqwUAJ429/XeoV+KWDnDrjU23X+h5MHHv4hGBBARAgAGBQJBw7s/ +AAoJEFAiZtcZRJ0ajtsAoMMsXQApYYniTs+YiQk2flxeACF6AJ9w4SWpnPnN+KUc9PgM2ExG +Z2FboIhGBBARAgAGBQJBxAz4AAoJEO1E9b0PeZmxElUAn1k2opdDHo2Oogb2bU0HEkSQlU+M +AKCjCwoHW+VKx1QXkB0/XSUx/4qz14hGBBARAgAGBQJBxA0TAAoJEHJPNE26UoJ61KgAoJ1C +Hy1mTEtjqegETdT9drwv1+ghAJ9UP235ai3X7q816onsN62owhf/KohGBBARAgAGBQJBxCuv +AAoJEAU8g8Drae/xmtgAoImNOsxezhRk9irP0qRw9eYmKR1lAJ98RxryzKBqT7J2ya/knAlz +6hynIYhGBBARAgAGBQJBxCu6AAoJEAcEFCU4SXwJtPQAoOkypEcRW+HF2VvxZqcxAx27wx4/ +AKDAY4apdD3Lt7APUebt5r+VbkAQmohGBBARAgAGBQJBxCvCAAoJEFRYJUcc+EYsGZ8AoJES +dIGH37eR8S4UIIFpUxRrW5IbAKDFcJsVvRUw8zg5zcrx2yWFd5tsTYhGBBARAgAGBQJBy+em +AAoJEGPO+YjMw7C9FzEAoLCr0kJ/UZCpZhdWdOGMtdofFyzwAKDb5cakIgfYDEt1YVXlOfrj +hYk40YhGBBARAgAGBQJB2qXSAAoJEBQOc52JyTVjFIIAn3uqh2LcBMrEpjrBEPi7pC2iPaOS +AJ0b2yf6rJ1OFVUD5ll/4vT0m9IcI4hGBBARAgAGBQJB2whUAAoJEC9hPthApRlyBQEAn3X6 +ZxbjotF71SI8pyHcOuE13fm3AJ4zOjX0BFHKbipzw6uRUKjlsK9J9ohGBBARAgAGBQJB2x6D +AAoJEDAZRJaujx98FToAn0O9OaKgJW262Me5hiu/yOSQb0T9AJ0WZUMhSp9sRb0E3lR/Q+++ +uFclL4hGBBARAgAGBQJB8Ag3AAoJEP5cbAdxxdFDEZAAn2nLOjTdQlyXcmT8C3hl5C0R/6sR +AKCUwpzTzW4eeZklWbO3G3DEhCr0aIhGBBARAgAGBQJB+6/HAAoJEIH8FiGn2HrX+FgAoJGB +F32/N8oYuiH2sLjSemoYyi8DAJ9qQxWqBanTKENfaFy/Vpp0QlhUgohGBBARAgAGBQJCB21f +AAoJENRHBqf/o/xDuqAAoKekI+j/iidbclTORGR0hDQyJDeXAKDThLb6SB/SBBuUvYTWhjnz +9BNtY4hGBBARAgAGBQJCB3RAAAoJEHVr6EMyLHlQOYwAoKfk4o7+gOv2AsXK89mA9gVBQISm +AJ99JhupBuepLFTCvaR62bo3x9KhO4hGBBARAgAGBQJCB3RMAAoJEHddH1r03/K3DYkAn0Sf +jTpAUdqXMTlARPRnw/p6uJ4PAJ9OZuRvOE8yZR/8oWBny7afgUx4WohGBBARAgAGBQJCE0Oa +AAoJEGbw0KqdYMeg+igAnAl53Rbedqtg2ZJy7diUaa5MUj2BAJsEzHnsxy5Ux60WsBHR+KBs +ZPZr8IhGBBARAgAGBQJCKZRGAAoJEIH8FiGn2HrXmfgAoIXry1JrF1BBIi6SdbVWD5R7ELd6 +AJwMzZ9oqAZuK5M4AD/OkUULHgtfAohGBBARAgAGBQJCK53vAAoJEGP61yD0L4rhIPgAn13h +HO7mfub4q4Q3ArQDms1RHlDeAJ4sHIK/S1q68BK3tyGED2rq8Ebx+IhGBBARAgAGBQJCNCTR +AAoJECERenNobUYst+4AoJYUXx/0wrSDx8VQYM1m5mLuFDVGAKDcM/zwAdBTqD/CAKFGYknn +DpNxa4hGBBARAgAGBQJCP+2iAAoJEDAZDowfKNiuDrcAnjBtRlawy0n6ujH9C0FxjK3r6SEa +AJkBFY7KjO6GF976bUYdZENkhfhPj4hGBBARAgAGBQJCQ+k3AAoJEBHkA/J12S2FnZEAoOvN +rj2WdpexZrYjhojl2l2Ui8GNAKCgZ8fif36Q6ftn8HnGPLaktYf4fohGBBARAgAGBQJCRAhF +AAoJEGyPUZQcD369J54AnR9LfQ39kiWzJ2gzfpfY6qUXVP0ZAJ4zbEXorQPxEICSl/BKfE3n +fSAFlIhGBBARAgAGBQJCStjJAAoJEMjWhvFfcJG69V0AnR0xGxtEyDSSFPcz3vAlQGbiOtUL +AKDKGOilCiHzjD6vFCi1Y2mbr/wZ24hGBBARAgAGBQJCS7CcAAoJEGX41e0mvnOFfIQAn2AP +Atzwk+vGKqp3erCpqPj6V+2BAJ4kKDXQS8pkrpkte4YYF8KANUYEkohGBBERAgAGBQJBuZhH +AAoJEHs456GxToKxkX8AnimrJkKjwlWjsfE2Gqs2afWFg7+mAJ98yyZFiF/sVGE/NuzPT/vB +0O6MVIhGBBERAgAGBQJBujcdAAoJEE3voz54FlXdYTEAniVA2knLi5dZ+t+258trUSfaaxFY +AJ4jYwvc0HY7QYylTxEVFcVrPvMSbohGBBERAgAGBQJBwSZEAAoJEGhnxRS4W11pgvoAn0aN +bbWfsys7CUamVTFirOU+ImcPAJ4qiNRh4g1o47MirwyQwL6spEl5m4hGBBERAgAGBQJBwpcS +AAoJEDW8ML6N/Q3jT9sAoJ3jtY+GSDFKDJVVbuEEiNaveUe0AKCjmqAZdsFOvswuw3TxChQJ +7IGwzIhGBBERAgAGBQJB3Q3QAAoJEKTKJszAnFal8XkAoMITdQqfCFEc75y7sf2JE3tCt5OS +AJ93Eqg2tw2aURNGHVXpAvLCWMdqXohGBBIRAgAGBQJBuNfmAAoJEHPeaYzHFAWi7tsAoKXQ +kNUBolAEBDqpppu+ON4suXWzAJ9hXov7aGVQMn+DZMAUg8+kXrpZjYhGBBIRAgAGBQJBuOas +AAoJEDx4+0WResVC77wAn0A2djHjhUl8foMZqhtkhfe1a/KZAJ9xiw1+kHQ8Vrm/W/58WTH/ +TIiFl4hGBBIRAgAGBQJBuQT2AAoJELpRnM2E9+gWqNEAnRrgtMNoGSDlzlbUjM99CTku3yhu +AKCQcSzAw54I9Or1+dMmOBZR26QB4YhGBBIRAgAGBQJBud9cAAoJEHZP58N2QjeX//MAoIAB +OABi1CFrQ0gWnF0iPJBmAQ+ZAJ9JyKqwoy0GXpgpbV3pFwbOKCmBTYhGBBIRAgAGBQJBurB/ +AAoJEFJVSOovegQahBsAoLCWvuv4YUbl20vyUjdr0v98lZFkAJsECQ9YUdbazd6FpBk9dr6K +cAIhDIhGBBIRAgAGBQJBvEUOAAoJEAg0ykWyQheZdNEAnjVLdoFlhPaObEviz3ejWd44xgVW +AKCxamhtKZ/QB7EZVXOWgrEsXrKpKYhGBBIRAgAGBQJBvMwJAAoJEBtgNPR2t58gaa8An1Am +YHarYHH3sW5YrVG/9GB8Zr/KAJ9osfEaxpdAEtYRTMPCXCGCFQ/K/YhGBBIRAgAGBQJBvY5U +AAoJEN3TSr9kEzjeMbUAnAvC3eTvG4SlgTZ+eXyH9ATwFJ6IAKCUQl96TAi3QCjPJfzBHSGv +9NfAbIhGBBIRAgAGBQJBwOZWAAoJEETgf8JTVkw2E7oAoJWiX8T9JB4zQYsGAJmmOUG8ALQv +AJwKcjzs8wAiEVeW71DEKf0CmNsGvYhGBBIRAgAGBQJBwawSAAoJEPGHo+6FszywA7IAnjJ7 +95ezCPWba2ClWxXZPmjTwh28AJ0bZSbs0IYrK/BEl8Y7Cwxpg3XG5YhGBBIRAgAGBQJBwfo4 +AAoJEJcnApWHabwJhoUAnj2VSy0GA1EBw+T8oI6PzQgd459lAJ9ZZ0OdZxaPTml62VlnJurh +jMcf8ohGBBIRAgAGBQJBwoCpAAoJEENROPYeShwFDVkAnjcm4Ia8z8HGCOLStc64Zt4c4nd2 +AJ9eVh+CQURL+psJ/WwSzPZQw7p7AohGBBIRAgAGBQJBwulqAAoJEAmoeRrpu1oMsPYAnjjE +e1b7/N4PVup26v2W+o61DLMSAKCoMV3wGTBC7h6uQPprV5nqswVpAYhGBBIRAgAGBQJBw0Mb +AAoJEGUvQmU4tN951l4An3b4dWdpj78TJghb+C7OPALFJua4AJ44DUtKbeehJLAqiaaThJjn +4TjKNohGBBIRAgAGBQJBw0M2AAoJEGcLPqvWWI4OoD4AoJ03rWdIfrVdCdSd+xvYI3yYvbrJ +AKDurLH9ARRnI0GN4KibMl1zadrSAIhGBBIRAgAGBQJBxDrfAAoJEALZK+oHHF8lgfoAn0ax +5bRUMJWVwW8tyfE6NEBj2CryAKDWg/Wh/LOXXDhi01Sk3L8FQyPm+4hGBBIRAgAGBQJBx4ag +AAoJEBZ1NTLGzmaQtoIAoMxhv7qc/y4CrVh9Mb9PiJeHlQ+aAKDpbqiimhICYbQcMDw10HZx +5pOY8YhGBBIRAgAGBQJB6Y8gAAoJEBuTcEasWcl6PrMAn1lM7jBO5rhD6AWHZjQGN3Ukniqe +AJ45UhwwwkiTvhpP6z7QN0Nhh4at94hGBBIRAgAGBQJB6+0HAAoJEBjx5nYiBeZ/OgkAoMaQ +GsEDffvpew7zTxElHW2kcotzAJ9iv1cL6GuyhkqRivsHmX7aR20SyIhGBBIRAgAGBQJB9EFC +AAoJEJLeDAVol/gNL3AAmgPId3vt0lotA1W/gPTZjC3FkT/6AJ912qDtS0TAGHS3VBDOAahx +573n/YhGBBIRAgAGBQJCKuG/AAoJEDsuXJ3Cldvlb9IAn3XZdPYwNKr+Lg+ETZkeCoNyG4HP +AJ9eakg8mQ3+QEf7Gg+ihmmDhHFEUohGBBMRAgAGBQJBuiKXAAoJEINmzfGhYs0ZPXwAoK5F +mmMiRt0Oo2PalwAOUIW+dSMpAJ4oXrJNihnHHztPzOKdPZo4fJIJEohGBBMRAgAGBQJBvE6U +AAoJEK79Y2s7DHKzIH4An3Ca1qke8X5+M6B1KOOi5j/+eRjMAKDdg0IsLVYoBs5M2jeP2AwM +NvlW0IhGBBMRAgAGBQJBve44AAoJEJIxXs8izqNCdDcAn1Sr6XvgEGWgDU45uGpwC3a8mGj3 +AJsGWQ2Uxih3KqH5FNgeNMZVG3nlOIhGBBMRAgAGBQJBwL19AAoJEAiYndtLqTLEbe4AoLOI +ZvSw/AihYZviqXuhwyWe8SIqAKChLNahQVshDdd/eCK5U56s/G+lAIhGBBMRAgAGBQJBwgCo +AAoJEOylvLe7llawpQkAoKsYYKjTW74k/T4xUVot9Cy90j/pAJ4xI1YmF5PePyd/MLpjBm4k +nij5DIhGBBMRAgAGBQJBwhcuAAoJEHJSatOj+XIMnwMAn1jws8tB9fNee3Fza9kzhDZ5R98F +AJsE1aJT3M3nfoAxqtqLqlMUYmIVOYhGBBMRAgAGBQJBwhc8AAoJELOfXfo5y2qa8aMAnjfC +Hb17xKpGjHOm53O0Jx8RnWtOAKCCqjq9LVoy+u+ioNhrgZ4y3dNAcIhGBBMRAgAGBQJBwiC3 +AAoJEBSIG2rkXiWl1IgAnirkXMAaYxkatIFqY6aX/3sT8e15AJ9ysmVNp3tIMy5ZvahcgwKH +ZZXTt4hGBBMRAgAGBQJBw5W7AAoJEL0EkgbPFrCbBOIAmQHENMvtMbioH3cfRkkQiDDEIAJG +AKCwRsSzOz7izotnme1cg4WZSGCUIohGBBMRAgAGBQJBxaVrAAoJELr89wX54gkEkX0An3gA +qyJcqZ78Q8zBGhBBSEdSYCSuAJ48yzQUAvUCEnkzTH95i4Lv+mI1TohGBBMRAgAGBQJByGSg +AAoJEOPXfh+VFhmR6nMAn2Ov69rEPfDWRtOcsgvEujC5RN8/AKCA12RKe7nxxQ0zFWw4GcKw +zul1P4hGBBMRAgAGBQJByVTgAAoJENyKmJTdyv7msxoAoLf7AO2mFWjSpEaRx67MT7gt/kLU +AKDsFjZ47kX+nisZCnyU+XrHpSTjB4hGBBMRAgAGBQJBypawAAoJEGoYeM4SdGQ+TZ0AoMIR +etpZWmKouJWs8ctxFmvqGLSRAKDQWD1YXMenuqw3Et98LVt+rksMuYhGBBMRAgAGBQJCSrO8 +AAoJELRxibQqfXECPgMAoLP4XBD1sQKyxoXqjguVqVHP1ZFPAKDWZB7GBelp/wErAanmOqMd +JdA1m4hJBBERAgAJBQJBuW0aAgcAAAoJEI7/T+uQXzlDqDMAniI/vkkv8u79jF1yWbvI+LkO +OJ3dAJoCoiiPknu+sSZ1DUXdtkuJD3HUrohJBBIRAgAJBQJByx34AgcAAAoJEMbPpqYSy13o +d4EAmQFCVE+8XD4JKPOVvJxcpeTSze7hAKC4CxsSsJVg2ToRjxYBGvjfXx+02YhJBDARAgAJ +BQJB1GmEAh0AAAoJEBtgNPR2t58g+W4AnRb/4iBOf/zKN/SAIMFcAx6Nqe1rAJ43N26naDOy +8obJW1kjGCrXgCYoOIhJBDARAgAJBQJCHpKCAh0AAAoJEBZ1NTLGzmaQcNIAn3rcCvIi2uTr +dmFzHBlQjfS94ZLqAKDjJsl/bXZjlA4wAMRqSVx2Pk1PRYhMBBIRAgAMBQJBwMUXBYMB4oUA +AAoJEKpaG/afJiEW0KsAnAmbLoJLf/n6CnFQd0M4T3wFV0jnAJwNJxNetaAWL6Xqh0eYizPq +dGtkVIkBUwQQAQIAPQUCQbPTrAcLCQgHAwIKHhhsZGFwOi8va2V5c2VydmVyLWJldGEucGdw +LmNvbQUbAwAAAAMWAgEFHgEAAAAACgkQlxC4m8pXrXwRGwf/TbSzPXG0NIt1QFE3z95k33YF +cx1R/fxM5Jv3pwdVjVdTZfV0NT8HN1FlCn0BmQ/1iBS2DYIyDKp6Sxo2y9KYHUL3Z0kPlVHO +tfZfLu6B6qQOfMieYxtQuXqMMNeY7hRkPMSK+HAzbShzDHwEXr1boRq/stGgQ3atUBbxCpUc ++h4NvyFafCFImjUXJjuaOb5zhplsYHqwSpkfSl7DjklOV5wq/WWj27I38IBEQGQT0tUOy51b +Etfy7XYdMM++UTmoxer/M1QWSzPz1nblp/fPNYD4AT4QkcpKJzuhKmuOJLHS3Eo2RadFFEVl +x7YOZVlIjxL47LdB1zdJ1tggNUAPuokCHAQQAQIABgUCQcKD8AAKCRCq4+bOZqFEaDKtEADI +NSsH2euET5sYGISy/GXl3nL3PHE2MAUK5y2Lch9XtNDGQm0YSLPNa7pER/3UZJfn4TINcesu +5LFUOIG4o7No3MolN952be46BY7FQ8U3f2y08LOyyb/UqHzRxhg90iIXZIXIV2touFN8WGLd +UzUwK+L0skrprc7e+op4hdUUU7lTOQtlRQGQ6DIS79t/Uf5YJKIo7B2JVwTpVqdNVVkfAOMf +22TWbDLdkOUn2OTKU8qdkYkmggSdDHTjoAs8vE9WONCCBifQ2Zx/LX647xTpty2v52gWZ+8I +gIWex68XGTwxSDk7M7U7Bpa+1ZXYKUHyBwWk0+ZgnuCosrFltHEGm/RA5fKbZc6IyB9Iv111 +xBIQz9+rHH0wcSQzf8Y9wQMEQP3hmY19/gJ6imAz/EhFB1JGLsx5Uf9A9vkAecL1JWgoc6cc +IouOrBK95d40DLL51zeZF6G8d3kdRveDh02bcZJVDNeJk38+B3QyjJmfoeVLAK0MEIeBQS9e +j9oK+OBksmeumcT1VpAaaiQfJa3GU76wi2ey8sRqRv6QAFee2PIwD2rhJWQkCpXgNuevYaRF +l6dTrBfOizIqxEoLnYHVMBnJ95tqaSyyINdGXnNrFKHSNa+AHzz7/YamXgDpN1hEKfh/Y8D9 +ZyvVCbnPLTjYMyLYamd9GoPRyYaKJHCFRYkCHAQQAQIABgUCQkQM+wAKCRDcO5tBqsVPo19C +EAC39tmTO0cmvcJn1vXBC/fEUkJC9kC5bV+tGU3aKf42gr0VurJASi70v5rpKsJ+GC3uTbrm +VX8QVrYRi4mpAPgC+gO52Wz2WUJ1AmbLW9c3o/+weOeAg3gUT0R9ukrGWg8LBbQXL3KT7DjW +wDuqFD8VN8Zdiux1YnVouKzDnGzbgo5xdqEUha6jQuqNhIvAFnel8P5G5YTt6sL+iIEDMABv +NlQZx3JbhgYegY9Bv6rrGWzcVU/bhJLQLiD/JGAxjz9XjU4JVnn9UtVffkQgAhZuWvH41pi1 +cvUGCUbVM1gskL2lkmnDnG+jnVRksVGw08NZrP7H/FglGJKOOa9OSSoW/10iGAJBJ1PYGivj +cKBq4MlIs4F9zb4lvldjTwCgwbSuZG66sna43NSavCNZO2YEZMqjAG2bMxlOLqGD/nC+RGfo +vKTcMSzxNH9IbMDx7XVmWg5T149TkRpBCj989A+G2N90TJEEM5afmBX1r/PDhaqXT4s4WrIV +VA5Rldde6khZubuJkV/yQrgPkIHkx8q4HBlF3gBjn5HaEJHBYarlNTphTp54GHyGL7OMqEdR +FlBqlqnhtc3G8fYGnuyDcy1LsldTZ3OTzNQsXknU4d8Y+Fqd3GGcsDO+QP6j4h+34N1Tuua4 +GL2PKvmGe3T51+7t98IqFDs+7btT5miLdwV9jA== +=bZzH +-----END PGP PUBLIC KEY BLOCK----- diff --git a/BouncyCastle/crypto/test/data/openpgp/dsa/README.txt b/BouncyCastle/crypto/test/data/openpgp/dsa/README.txt new file mode 100644 index 0000000..9abffbf --- /dev/null +++ b/BouncyCastle/crypto/test/data/openpgp/dsa/README.txt @@ -0,0 +1,36 @@ +This archive contains material to help verify interoperability to the +OpenPGP DSA2 design as implemented in GnuPG. + +Keys are located in the keys directory. Included are: + + 1024 bits, 160 bit q size (i.e. regular old DSA) + 2048 bits, 224 bit q size + 3072 bits, 256 bit q size + 7680 bits, 384 bit q size +15360 bits, 512 bit q size + +All secret keys have the passphrase "test". + +Note the inclusion of 7680/384 and 15360/512 keys. They're large, +inconvenient and absurdly slow. GnuPG will accept any size key, but +will not generate DSA keys over 3072 bits. I include these keys +mainly for be-liberal-in-what-you-accept testing. + +There are are signatures issued by these keys in the sigs directory. +The filenames indicate the key used to make the signature, and the +number of bits of the hash. In the case of the 1024-bit DSA key +(160-bit q size), there are 5 signatures using different hashes. This +is to demonstrate hash truncation to fit in the 160-bit hash size of +that key. + +File Key size Hash +---------------------- ---------- ------- +dsa-1024-160-sign.gpg 1024 bits SHA-1 +dsa-1024-224-sign.gpg 1024 bits SHA-224 (truncated to 160 bits) +dsa-1024-256-sign.gpg 1024 bits SHA-256 (truncated to 160 bits) +dsa-1024-384-sign.gpg 1024 bits SHA-384 (truncated to 160 bits) +dsa-1024-512-sign.gpg 1024 bits SHA-512 (truncated to 160 bits) +dsa-2048-224-sign.gpg 2048 bits SHA-224 +dsa-3072-256-sign.gpg 3072 bits SHA-256 +dsa-7680-384-sign.gpg 7680 bits SHA-384 +dsa-15360-512-sign.gpg 15360 bits SHA-512 diff --git a/BouncyCastle/crypto/test/data/openpgp/dsa/keys/DSA-1024-160.pub b/BouncyCastle/crypto/test/data/openpgp/dsa/keys/DSA-1024-160.pub new file mode 100644 index 0000000..3fec64e Binary files /dev/null and b/BouncyCastle/crypto/test/data/openpgp/dsa/keys/DSA-1024-160.pub differ diff --git a/BouncyCastle/crypto/test/data/openpgp/dsa/keys/DSA-1024-160.sec b/BouncyCastle/crypto/test/data/openpgp/dsa/keys/DSA-1024-160.sec new file mode 100644 index 0000000..8ee1179 Binary files /dev/null and b/BouncyCastle/crypto/test/data/openpgp/dsa/keys/DSA-1024-160.sec differ diff --git a/BouncyCastle/crypto/test/data/openpgp/dsa/keys/DSA-15360-512.pub b/BouncyCastle/crypto/test/data/openpgp/dsa/keys/DSA-15360-512.pub new file mode 100644 index 0000000..4f931c6 Binary files /dev/null and b/BouncyCastle/crypto/test/data/openpgp/dsa/keys/DSA-15360-512.pub differ diff --git a/BouncyCastle/crypto/test/data/openpgp/dsa/keys/DSA-15360-512.sec b/BouncyCastle/crypto/test/data/openpgp/dsa/keys/DSA-15360-512.sec new file mode 100644 index 0000000..3c204bf Binary files /dev/null and b/BouncyCastle/crypto/test/data/openpgp/dsa/keys/DSA-15360-512.sec differ diff --git a/BouncyCastle/crypto/test/data/openpgp/dsa/keys/DSA-2048-224.pub b/BouncyCastle/crypto/test/data/openpgp/dsa/keys/DSA-2048-224.pub new file mode 100644 index 0000000..1c8dc69 Binary files /dev/null and b/BouncyCastle/crypto/test/data/openpgp/dsa/keys/DSA-2048-224.pub differ diff --git a/BouncyCastle/crypto/test/data/openpgp/dsa/keys/DSA-2048-224.sec b/BouncyCastle/crypto/test/data/openpgp/dsa/keys/DSA-2048-224.sec new file mode 100644 index 0000000..776edfc Binary files /dev/null and b/BouncyCastle/crypto/test/data/openpgp/dsa/keys/DSA-2048-224.sec differ diff --git a/BouncyCastle/crypto/test/data/openpgp/dsa/keys/DSA-3072-256.pub b/BouncyCastle/crypto/test/data/openpgp/dsa/keys/DSA-3072-256.pub new file mode 100644 index 0000000..307205c Binary files /dev/null and b/BouncyCastle/crypto/test/data/openpgp/dsa/keys/DSA-3072-256.pub differ diff --git a/BouncyCastle/crypto/test/data/openpgp/dsa/keys/DSA-3072-256.sec b/BouncyCastle/crypto/test/data/openpgp/dsa/keys/DSA-3072-256.sec new file mode 100644 index 0000000..66008cb Binary files /dev/null and b/BouncyCastle/crypto/test/data/openpgp/dsa/keys/DSA-3072-256.sec differ diff --git a/BouncyCastle/crypto/test/data/openpgp/dsa/keys/DSA-7680-384.pub b/BouncyCastle/crypto/test/data/openpgp/dsa/keys/DSA-7680-384.pub new file mode 100644 index 0000000..6c888a4 Binary files /dev/null and b/BouncyCastle/crypto/test/data/openpgp/dsa/keys/DSA-7680-384.pub differ diff --git a/BouncyCastle/crypto/test/data/openpgp/dsa/keys/DSA-7680-384.sec b/BouncyCastle/crypto/test/data/openpgp/dsa/keys/DSA-7680-384.sec new file mode 100644 index 0000000..b57f5d9 Binary files /dev/null and b/BouncyCastle/crypto/test/data/openpgp/dsa/keys/DSA-7680-384.sec differ diff --git a/BouncyCastle/crypto/test/data/openpgp/dsa/sigs/dsa-1024-160-sign.gpg b/BouncyCastle/crypto/test/data/openpgp/dsa/sigs/dsa-1024-160-sign.gpg new file mode 100644 index 0000000..c906585 --- /dev/null +++ b/BouncyCastle/crypto/test/data/openpgp/dsa/sigs/dsa-1024-160-sign.gpg @@ -0,0 +1 @@ +$xp=)O'gT<ꑚ_(ba~IbSZ/겠պe, (p̊=sK \ No newline at end of file diff --git a/BouncyCastle/crypto/test/data/openpgp/dsa/sigs/dsa-1024-224-sign.gpg b/BouncyCastle/crypto/test/data/openpgp/dsa/sigs/dsa-1024-224-sign.gpg new file mode 100644 index 0000000..8485bd3 Binary files /dev/null and b/BouncyCastle/crypto/test/data/openpgp/dsa/sigs/dsa-1024-224-sign.gpg differ diff --git a/BouncyCastle/crypto/test/data/openpgp/dsa/sigs/dsa-1024-256-sign.gpg b/BouncyCastle/crypto/test/data/openpgp/dsa/sigs/dsa-1024-256-sign.gpg new file mode 100644 index 0000000..bebe1fd Binary files /dev/null and b/BouncyCastle/crypto/test/data/openpgp/dsa/sigs/dsa-1024-256-sign.gpg differ diff --git a/BouncyCastle/crypto/test/data/openpgp/dsa/sigs/dsa-1024-384-sign.gpg b/BouncyCastle/crypto/test/data/openpgp/dsa/sigs/dsa-1024-384-sign.gpg new file mode 100644 index 0000000..f84c303 Binary files /dev/null and b/BouncyCastle/crypto/test/data/openpgp/dsa/sigs/dsa-1024-384-sign.gpg differ diff --git a/BouncyCastle/crypto/test/data/openpgp/dsa/sigs/dsa-1024-512-sign.gpg b/BouncyCastle/crypto/test/data/openpgp/dsa/sigs/dsa-1024-512-sign.gpg new file mode 100644 index 0000000..f700ce4 Binary files /dev/null and b/BouncyCastle/crypto/test/data/openpgp/dsa/sigs/dsa-1024-512-sign.gpg differ diff --git a/BouncyCastle/crypto/test/data/openpgp/dsa/sigs/dsa-15360-512-sign.gpg b/BouncyCastle/crypto/test/data/openpgp/dsa/sigs/dsa-15360-512-sign.gpg new file mode 100644 index 0000000..bbdb44c Binary files /dev/null and b/BouncyCastle/crypto/test/data/openpgp/dsa/sigs/dsa-15360-512-sign.gpg differ diff --git a/BouncyCastle/crypto/test/data/openpgp/dsa/sigs/dsa-2048-224-sign.gpg b/BouncyCastle/crypto/test/data/openpgp/dsa/sigs/dsa-2048-224-sign.gpg new file mode 100644 index 0000000..d64c817 Binary files /dev/null and b/BouncyCastle/crypto/test/data/openpgp/dsa/sigs/dsa-2048-224-sign.gpg differ diff --git a/BouncyCastle/crypto/test/data/openpgp/dsa/sigs/dsa-3072-256-sign.gpg b/BouncyCastle/crypto/test/data/openpgp/dsa/sigs/dsa-3072-256-sign.gpg new file mode 100644 index 0000000..2da0271 Binary files /dev/null and b/BouncyCastle/crypto/test/data/openpgp/dsa/sigs/dsa-3072-256-sign.gpg differ diff --git a/BouncyCastle/crypto/test/data/openpgp/dsa/sigs/dsa-7680-384-sign.gpg b/BouncyCastle/crypto/test/data/openpgp/dsa/sigs/dsa-7680-384-sign.gpg new file mode 100644 index 0000000..f313c6a Binary files /dev/null and b/BouncyCastle/crypto/test/data/openpgp/dsa/sigs/dsa-7680-384-sign.gpg differ diff --git a/BouncyCastle/crypto/test/data/openpgp/longSigSubPack.asc b/BouncyCastle/crypto/test/data/openpgp/longSigSubPack.asc new file mode 100644 index 0000000..4b33d42 --- /dev/null +++ b/BouncyCastle/crypto/test/data/openpgp/longSigSubPack.asc @@ -0,0 +1,15 @@ +-----BEGIN PGP PUBLIC KEY BLOCK----- +Charset: UTF-8 + +xv8AAABSBAAAAAATCCqGSM49AwEHAgME5D5j84R7ngjS9Zpu631VC3oTDf6vqz3x +TUcj5qv8zGBGi8LGNriyNadfKlVzl8zWNPSD+cF5C5m6RWAi4Q1htc3/AAAAEmUy +ZWtleUBleGFtcGxlLmNvbcL/AAAAjQQQEwgAP/8AAAAFglXSSrL/AAAAAosJ/wAA +AAmQFEbEoxYiUIb/AAAABZUICQoL/wAAAAOWAQL/AAAAApsD/wAAAAKeAQAAOMYA +/1HSZSJe+umnm9DGuKSql1oxxD6SaHFoh63avcITgcVzAQCb7KazBzAHuHPcMK2z +GKk+2tO9ehQPgf2w/wry8sF3I87/AAAAVgQAAAAAEggqhkjOPQMBBwIDBPZ2x6Gt +k2VF5BS4tlYKPVtEazFJ3uiNLngvpfBimk8f6MXwAuU+WXpB1//MUeY6sOODKakh +PoFYQ74xLMkrlKUDAQgHwv8AAABtBBgTCAAf/wAAAAWCVdJKsv8AAAAJkBRGxKMW +IlCG/wAAAAKbDAAAQVcBAIrP/tLo8/in5TsYTohMg+RSz3z4KkLpr64+mUJhuD6+ +AQDWN6DYCyQTSHDGKfULHBQjnrQdM2PETTuO7x8LB1mJVg== +=B6/M +-----END PGP PUBLIC KEY BLOCK----- diff --git a/BouncyCastle/crypto/test/data/openpgp/unicode/passphrase_cyr.txt b/BouncyCastle/crypto/test/data/openpgp/unicode/passphrase_cyr.txt new file mode 100644 index 0000000..702c84a --- /dev/null +++ b/BouncyCastle/crypto/test/data/openpgp/unicode/passphrase_cyr.txt @@ -0,0 +1 @@ +ТестЯ \ No newline at end of file diff --git a/BouncyCastle/crypto/test/data/openpgp/unicode/passphrase_for_test.txt b/BouncyCastle/crypto/test/data/openpgp/unicode/passphrase_for_test.txt new file mode 100644 index 0000000..157d99d --- /dev/null +++ b/BouncyCastle/crypto/test/data/openpgp/unicode/passphrase_for_test.txt @@ -0,0 +1 @@ +Hndle \ No newline at end of file diff --git a/BouncyCastle/crypto/test/data/openpgp/unicode/secring.gpg b/BouncyCastle/crypto/test/data/openpgp/unicode/secring.gpg new file mode 100644 index 0000000..fec9dd5 Binary files /dev/null and b/BouncyCastle/crypto/test/data/openpgp/unicode/secring.gpg differ diff --git a/BouncyCastle/crypto/test/data/openpgp/unicode/test.asc b/BouncyCastle/crypto/test/data/openpgp/unicode/test.asc new file mode 100644 index 0000000..73a3e7f --- /dev/null +++ b/BouncyCastle/crypto/test/data/openpgp/unicode/test.asc @@ -0,0 +1,33 @@ +-----BEGIN PGP PRIVATE KEY BLOCK----- +Version: GnuPG v2.0.17 (MingW32) + +lQO+BFBcYqwBCAC53iWjgnHOw5eo2N+OWhyz17AnEh45aRtvs/U2cIU+aCM/VXx5 +ig7GN6RcDirgnR/CTAwtdy6V/TFJ9Ej/hKu8hGsL/HCVegzs6hQo3rqXSLaAuH5i +prdBQ0fFzCB08kbr1VkP9TyTGU6xfoEiDpk33TCbqM5Cx5+7gM5uuquTxE1SkyqV +hd7M2p6LhvhtlHo5yx/mfPQhBCuRd/HtAXQux+UwFEeVh+1rxcKfygEeMHHkNg3F +LJBLJW95XxTIxuScJADKhrFPjwtzVWh/chYOoK61O5rvbyRE5epHEOQYCD5X4+IN +G22eInPaVkx9SS93Wm9UcjWEwfRY/kLDp3TjABEBAAH+AwMCSD3h6GM3cH63FXiH +nknGYv5N7GZlI+F4m3k2+MbK/OcU2sv98Fa4b78Z5ONLH3oFwIm7NFa7fobmIHyv +Xmcx9W06CrxpLUroqoRtEFGFrmap6yqAtnqDwtBqk6sar8QSH5HKX4xvBd1AOndk +Htwk3cD5uN/VaIPEwgOlC+LpvQLQpMTNRpXn2NEvsj6RIEkyWxx/N7+w0B+pfeOY +dhp8ra6kNs+1N5joMlA7tdBL9pMIiyHVfd077N2A/Fc7ONhDdIJBh9u72nTUa63H ++2jE0LzwFQQrsnz2PRvyWa4XmXVFHOg1DRuoClZ1HXZseOAYtY4u9v+62I3SjVvG +fVALDVMjwlw1omRupsq5Mn9kuvUcpmc+fcqNJIViO/tm0mFV6Brb802oq5xkstEz +iEF38cpJJe2WcVwABEEd6T7SZTgzakRMaQAWZ6Avb/yRzBtQ0Nq1mpn22EYHphNY +JJtNJ3qdtIIV0TR6X034px41Kp97ZFwVPMWsR0NeM+qOQ9w3vixFt9TGdBI8rOYh +8BSjaglz7FG8svOTfGp/Ja5nLgf3eO4hidQOQkNcRRZ9x+d/ajmZtCm6PBIfTfvH +R9E7sMjt7CY5QAgqMK4ZwrK9BMrHlk5PLMF0/db53KTgAQcfO/skubU5ko/eWMFX +gkPxAfCIbN8XP8DjzynxG7V80rngwtcOXLnWOfTce2fDiO1BGCnyu/S1JjRfCA3Y +IuS5ZVpoIdssPrfXrMEKT2CP9w4R+ERsd869+bYAckaXZ6V7D6rjLYBn4LXCElmJ +WUvevOIDRIxAUYoFuTY6jnAkQyu3/2bDwXOcGJQ3GDxMojXr8uejyeAW8NUa634C +hJ8kuFxMXfNVhR9JnodSwe20QsFy7IUnVXergAPEVMSBhsDqFCnWuvgC8pb2dbh+ +u7QgdGVzdCB1c2VyICh0ZXN0KSA8dGVzdEB0ZXN0LmNvbT6JATgEEwECACIFAlBc +YqwCGw8GCwkIBwMCBhUIAgkKCwQWAgMBAh4BAheAAAoJEOyHJy78uYbSqWQH/11k +itAUrb6aUKHVyvO0r6NEbQ6TSJCstfJ6N+Euhs14od7dWgPWfkaYh9BE0j6xTrAZ +CxP8v0Swgha7b2AVNqxf5jxAJ7xNGNY/jdzeiB9Cp5ShrFGHFGmzCYUSe2hvyBX4 +9cl9W6nKSflG+lFfcmp2wcynk/aRO0H5ieXw3eD+3SB9snAWEZzDHfUj2ifTbzPD +80Yd2mWz9pe1xyqxgnWQkAOIWUxWpECFz8wjA9U3257gEVgfN21Ng/vaVbxa1R4Z +2A+bLjt0jgdXw0XX69FDolko3cWuiWfJNbxsrfSCRYwFUxNVxK9rtm5padL/kZ8W +l9icSUSiIoEfXj1iDh4= +=2Azi +-----END PGP PRIVATE KEY BLOCK----- diff --git a/BouncyCastle/crypto/test/data/openssl/README.txt b/BouncyCastle/crypto/test/data/openssl/README.txt new file mode 100644 index 0000000..03d9933 --- /dev/null +++ b/BouncyCastle/crypto/test/data/openssl/README.txt @@ -0,0 +1,8 @@ +Some OpenSSL-generated files, all containing the same DSA or RSA key, +with various types of encryption applied (as well as the unencrypted version). + +The password used for all the encrypted files is "changeit". + +The PKCS#8 files which contain ENCRYPTED PRIVATE KEY use this password for +the EncryptedPrivateKeyInfo object stored in them. + diff --git a/BouncyCastle/crypto/test/data/openssl/dsa/openssl_dsa_aes128_cbc.pem b/BouncyCastle/crypto/test/data/openssl/dsa/openssl_dsa_aes128_cbc.pem new file mode 100644 index 0000000..7af858e --- /dev/null +++ b/BouncyCastle/crypto/test/data/openssl/dsa/openssl_dsa_aes128_cbc.pem @@ -0,0 +1,23 @@ +-----BEGIN DSA PRIVATE KEY----- +Proc-Type: 4,ENCRYPTED +DEK-Info: AES-128-CBC,3D7028A746BE6B09694E16A222C543CB + +RkTEJRJjGfaMfNc876Tx1hD92cblJRj7TvUafRKnH0J3Zv7l67MSG/6rY5HD91HP +s9i9Se+H8Sjn/HaUl3QTZv04egloNlL3MPSkI5fusR6maZGPVLRJBLfVKYQZVDja +9YRe+ZhXMS8jTe/IhYMcTlQLBnnwmmgZC09Y9Wm39idu7lytOl3JBMgz0aUNA+P6 +lN2MtaQyIBXHbaqfNDGFn/r7+MH4CGw6MtrPzGqRJgGMHhV6T5o/x0nEU+loQVOK +mPkSZTxBbn7xUb4JvFPnLTbsI4Cnre3QmfmDwkCAklQXqAIT9Ex1Slq8qaCc6TEf +mWJQCYPUkpQOqyinR8o1VbYm3DFFvE5F+CktJrppqkQvAct0dQNjMTBFxUjCkZum +qGfAslGPBREmmnsExm5GThYqA5LN+qo2prBtvt6Eso0i2jNiXA8bi5OfDzDr24R5 +/RKUdFPf7keaAjg9jSArwp6EfM3y3sj2riibwZlty2ckPJw3SwxIe6QSMwKRbKlh +GJoi05/cO0NxQYhMmlwVN9v5+YpvWmT3CsFvCA+Zb5rXPx2AZpFv8YoHdQb0qyEs +b5YuVoavL58+BWIPQpeYy/jttR5pEPpgM+C/6/1o4Cae4lwppP2OYFl1fsqyqbKh +iadErB6QRaJCnfnhG6511CxY+vZtQE5EM36blOl/op+6G+36ApuqDtfA0C074daV +uHfcqA/g5dODEJP+ps6yoWtM5lbd5bZZVidWhrU6Skbt0faF9w5ECF0qkYDGqF85 +qqFcaoimq+NP7EtUEFSneOee72zYALXyzjoEU9InktzDi0Oufojzc1gjhh7LbObw +UBANPHTsbaL6FPTEs4a3JYSyat9m/R5GAaT0EBynHxvdQRGNhtEWFPkpGYUrAz9W +0A9mNX1as8Jsxkh9wqjgOR6Xpbqh0aFHNnkodwV72H5ROga5EN8/bbuCBxInNzy8 +o9z19AnajR7vCW/p42QwsGfSolQgE3KBdqWsle81LcCPVQPQshXzcjgBHZbH9/mY +M4bX4iEsC9yeNgoMcHtIagOKipsqd4nuPskutf07Mh71OXFuxsVyGcOBVhhdZCb0 +3ZYzVi+nzORPRZ93nPXipy3+NmoARk7mhXDgX9p1bPI= +-----END DSA PRIVATE KEY----- diff --git a/BouncyCastle/crypto/test/data/openssl/dsa/openssl_dsa_aes128_cfb.pem b/BouncyCastle/crypto/test/data/openssl/dsa/openssl_dsa_aes128_cfb.pem new file mode 100644 index 0000000..de088f9 --- /dev/null +++ b/BouncyCastle/crypto/test/data/openssl/dsa/openssl_dsa_aes128_cfb.pem @@ -0,0 +1,23 @@ +-----BEGIN DSA PRIVATE KEY----- +Proc-Type: 4,ENCRYPTED +DEK-Info: AES-128-CFB,C0CCB782DF620FA388D9A356F8B7C346 + +DftIvr+HZuCHBanw4n8P5ZajHAw1ldQkSgLxtxY0ZYhhVDLEqEqh6z+4ySjZz5SR +KY7kYFo6yJnURurg3DAGvJ55s6jgyrRHQZkhiO1fBxhyarOfcBjJauJKDT4uhFtC +LWZ7dqft3PlcHi09mFKjK+BYjULe1QkdrKQlV5FBpCj7ENuHqtfx//bV+IWWVnbu +QRx4ec2nNCiS2qiI9Qg7fgMdXWrpJlr8Zvfmn0Mta3Dn9SWR9hK5J4d3xiBtaF0F ++BNuszy9poxnsRaORZYAsBh2vdLaQyn1gGdehlsWG4J2Zb5RHApYczJcp2AoPX4K +j9wAzlfLRSZ4Lt5edShd1zf/iDxegBKQFFHTfPA6uu+fe38qckdxVyBdGaCCBvUz +Quu2DjjXdCWWo8To5C28LVoVyAy+qJaX86vn7yw03/6n0y2dkydiB3u6wnucsom2 +HfLX+pdyarFoNvtCeSW3Y/1Eqd54dDhz3GrSTh6c7G+wiRziKpTduEmoZ+l+CIrl +tWxmh59YTSeX4mi48+fxTA8xaVwD/j3VuA/jTOQWDW+DXU2z6OcAQ9rlOnT6Jad6 +P2El+vgLrIFbC4eJs2ry6bszqFJ4wieBVnazPCUADLSsXVwbFuO9oB4129y3Yg+U +dE+lN24KV0kC/YIdO7c2PghaFY98CVrBX/oocHy4j122fHfboiPNh7S7n6cqJHh2 +JKKQK1qTdfULAN5ypecl27gWeM2i3ib2C5jJiOFUlwiAkZWLRJlsiJOk+b/rI5FD +tM7yFanhEtcYumRRoSzKII3tF0h+z2AwzPdsyJDdASCzo/DmhB0fg0O8G0q/isNi +VV2zL+w7mNmf79QsrGVA39Y+G/uKS2QPf3bGFthzYZwKH1M9hTN/do8wCCJJv7MR +Ejnd32srumBOvGXnYtGuHnT3qRA1mj82B00bdfwCd09GGUr6mEQwfvsDOR3q4OfH +eGCn9NkWKYvf/QAxCG9Vh7u62sUlXKS08hJcVAgBOzN10wFISTIOAvedt/q5GMvm +nRuF/ixs6f6LNy/VgyztHoQ4vN4HBf8teDsbWSMDvlLkU6tQZjyuu8JkTjeDaqMv +GbCzrRBldS3zMXX2OaWpZohi +-----END DSA PRIVATE KEY----- diff --git a/BouncyCastle/crypto/test/data/openssl/dsa/openssl_dsa_aes128_ecb.pem b/BouncyCastle/crypto/test/data/openssl/dsa/openssl_dsa_aes128_ecb.pem new file mode 100644 index 0000000..4f69fa7 --- /dev/null +++ b/BouncyCastle/crypto/test/data/openssl/dsa/openssl_dsa_aes128_ecb.pem @@ -0,0 +1,23 @@ +-----BEGIN DSA PRIVATE KEY----- +Proc-Type: 4,ENCRYPTED +DEK-Info: AES-128-ECB,174C8C70B397BCF00CAECA7AAF7A0A73 + +wzs0bJqGg+Scn00TgtgXyV6hopQKVWMEFnMpu6R/Sp1tbPVlr+m5+SppJFVyW3WJ +YeFSwXzuVAsnbD9qIZpAlco1ZYpmRXaY6IfXJKYf58v2IrqkxVd6AwjGN2FloSNp +b/DinJXJe807tNAkuBLQ/7QlkCv/BmZMeYBl60XYIH8LDF/T/ON2hREl49zr/GLY +bwmVzgRpfl3c8QIt6Yl9uKOqCFJmMHD3YS+dT2RwuQwqY+U3DNzVoCci6Zjd+gL3 +eb/S6VstodSR55qF8Fkwt+sy5yL6XmhQaGWEgCwDwArN40MWIEpx4NaBxCcqHF7g +o26bg6CZwY7Rv42RTHKHNPETegZneAMK+e1lNassSijak+A3ng9bxiBquWSKHe0i +s265Rptr/GvQX0hLxmfjEjvL98dKVDZpvdBaWRqV2lS26jDPiFAHtVsXvF8uo25J +1aS8FDHaD2DghC5aXTQRaVy1jlMTm2YZeVfiU6+7HVXBkLsVbShqEHxKylxgtB/1 +OAui+st60+o8lvRmn5dT2xnxLn81Bt4qron4pz0LdzC2xl0DqjhXyRsf7kdxr44h +YN1YzmdU3fYFzQw+VmE8xECIjPukp+0HSb4n7BTGsWvqzntFIrzWGeRmNhjtMcwy +YJoWGnz+WbxP3DJqSGNdFME7mNI/kaybIkOpbHLLlmgD7XWpeyGYtsU/rzrh5NXN +YRj6Nf3TWI1zwS2xx95+/5vc5Df+sb1+/33J4hbGOx9KdfqoVlJZ16puvdTq97dF +x8TVYxk2PfBJpvpChCsFlYBOB29F+kY2qoBKPbrvmFPsPCgI2q4gFuJ9pq1qyDbK +pq9d1oewOOxR22VMQNGG7tL0tMmtXJ/z0n3Y1UE3aYiSG7apOhooBAQ8grpuwqbn +mGTz6sYB8fHdCnedcxEUxxuFjXupmBcT2ulUjFZgFrG0SEMElgTDjtG21eurqPKh +ZgxfkW+tM251WTi6sqjiQO8WYHlU7+XyO3BKfH5v3kz4qXxsmvKfh4UOfRy5f9YT +Ft5oi1bos0soTvms0d8ckLt9Tph2wgoz3Sc++4DRcF53Ks9N6iUgtTpkEtmd/Uc2 +5+xewYmlfYO2qfiqiF/6dSVfDPjJYR/YLx8KBZ40/e0= +-----END DSA PRIVATE KEY----- diff --git a/BouncyCastle/crypto/test/data/openssl/dsa/openssl_dsa_aes128_ofb.pem b/BouncyCastle/crypto/test/data/openssl/dsa/openssl_dsa_aes128_ofb.pem new file mode 100644 index 0000000..cddcea9 --- /dev/null +++ b/BouncyCastle/crypto/test/data/openssl/dsa/openssl_dsa_aes128_ofb.pem @@ -0,0 +1,23 @@ +-----BEGIN DSA PRIVATE KEY----- +Proc-Type: 4,ENCRYPTED +DEK-Info: AES-128-OFB,B32C602DACAACE3A4C55B4600D974E5F + +w1+kMXURdxpREW3giZg+PooayvatT1Pf1bY/h0Wcm8z0w7zRtQOyjCOdEPNxsdd5 +ZYn3qEIOO+wkw0v0PdK1AaegJfYMbMpSp/iEyFXU/LHS0FpO7o8zmUiAvdeEKAFt +Qk90gFBiyQyvWEWsp32KQH1/eDSeSLeQbfRfDbh70DkB4nUjYMW/eFL9E/cHCmdw +0LKUpEycc4s8i/mWCYJF+cQd4J8RHK+Ose2+5z86kHTrbFSlTBEZEXPDRHl8ZsZE +477A6/Ndy0Mq3+NgMLSl8xacs2v3itdza3AJREVOzvnRmV+NmWtYQ4MQrJrLg2yv +wfAf4b2r+k8Igbpzn3NCEYolecGfyEWftzTsqTutlFO7RfeW8go4v2MvEsmHTphQ +k2qaQkdSTFaA7a2O4PKezJap4RRCJhq1d5bw7RwkCpbRshsvrKQqGdTGJxEZZfGY +6pOt/qRL9LVCGUVdTTdje7fx9okx0LvKo62eKcUBh/AwZGE+ue28g6/77iABuVtQ +6kgJ3lQK3AQwKislF5cBC9MAkiIomsoVOKiP6+yX74XIa7T+3aWXlsY1oX13+kMW +zijwOrc114Sus2eS3xSCOWLYN+0GECMrh2NDGDW6tx7i3R20BuEF/IwHob1qjbkz +hnS8KrRY+174avQDeF1lMSBz4Wfi0O1IDuxWRDRT2z31E4E8EIoJh+73NZr7w6JA +8usK8RkiJ4ypoOPtRegXX6GBG5UYgI5bn1Ms2X5xSUGIXgG8IwjHDbAAd5xLSWp+ +01HzUsR+6wA3MxYiybTU4eOKNMviM1G4gGsKeuGrDsNnidrHfSzVyOGVVHr51xRI +9Xie4FX/VX8/7Q5RMsA8Y2eN/yeVwXup65JRhDD5LjILVMy7aA90KX7y/s8KIYae +n6lB7PtcpRWwhdYSYtnlrJmYmrl55d6ZQtJm2/xjnOBd+igY4YKNjh11xBL8YNo3 +wBjW4/lgrlvC7kbLxO6JIWipPr/6F3bjvmeLclTAZxjM1NU5HhTScGaEA8A4bq4+ +6Jiw9ZUw+TDCOmntkgEublcCMjcAxrawWYO/5EWuOAOkyBsa7BbfsUv3pgPugz70 +qa/CEkshP5e/1VZgFq/BNFtb +-----END DSA PRIVATE KEY----- diff --git a/BouncyCastle/crypto/test/data/openssl/dsa/openssl_dsa_aes192_cbc.pem b/BouncyCastle/crypto/test/data/openssl/dsa/openssl_dsa_aes192_cbc.pem new file mode 100644 index 0000000..9b91632 --- /dev/null +++ b/BouncyCastle/crypto/test/data/openssl/dsa/openssl_dsa_aes192_cbc.pem @@ -0,0 +1,23 @@ +-----BEGIN DSA PRIVATE KEY----- +Proc-Type: 4,ENCRYPTED +DEK-Info: AES-192-CBC,7FA13403627D9E1FA02FF88F6D594679 + +hZYB09uY4gjQFEHX8KGI33EzcJijYhBMNJCR9v8UK8IcQIITOfZxYV2BmrfQhuVh +Kcar1JrQdnc4S7+UDFIjlLV9ErBCvIUQEflP2ByDhxl892EtVcoMKB3BJ2Rgi9mk +32KhayXo5V2bu2kOv2nTAjp91LebDz/ylmhhJhI86BL0DLjnjTEl99v9OHQsMtb9 +cXZb51mwIynmqU7Wf+PchH83Yw0WOKs4MOrCtsqO9lL7Mf/MiSSiE+S/rpKLPXY0 +4aBxP6fw+HG57gPlNAvv/qKtJu8YgZDqVXhIKNDZRTSRX+B9R1Yo1tgmJVPhk/7x +mmYUxIb7w9nqa5OrxzFHyNvo1U5dJcXyCEhvUZ3ImR1DZt/oGJYgrPd/8YcYbsNP +LKmTLUKI5CARZ5KcOjfM8vpKqlfpCg3Yl1FaNIjM0eAhD6XrepLj3faAJW4/YEoZ +SGMO5atbM0ERT9sNDJTG0iMW6xGL5l/6pzfsTKI/2yMaAeWAyvg1PySNoSH7s6CC +CfqF0w0VpQEiOPb+qjtmjBDB/VW5kNrRiBQqZAgpO6mED0jAdg9o31tyuuaFDWzX +41C2viVvxTx5A/xOtPvaDo9EMecc+7MpPLM2VhWhPDiDBYb8PCKqBOEwIyH119MN +gQEC0IN/itc/J9ybHLCjrF1Rp83T3/XhAaXNVU9msBBpKNjawnwsUUj8gI0JRbx/ +5ehO32sQm8wkMyP/8iKDAqBRkDT3RIEmLi8ms+ZZRmLwGBkSZZzvOK3A5Dder4bp +dIhOOetvoN6Bs9l1i6Dds64pwsy8IcnLLeNmOag+Qh8+pVUBNZ1zUV3KSizRKh5U +dyT6VMILd2EAUJYLXs9HNFTtHZglRb96jQ3rkHGmAepeIVnJlNGKByvDUsJQDGl/ +bGNk5Ejz93ylY8JzR1GaYyFVIUU0qY8khbo7bSn/o6II+KjyTTyTkV28jTSD5dYe +upGHOzmqpGi3Pzaz3DXpbLcMzwYrMP9FuXuqkVWToDs87DCfGqskKtko+zlTV7/P +eBILwUawtXMJfYntkV247FffKgS3/BNkgEE+iNthOsFMSoqX/3ESBKJdJDfKRH0J +BkYL8O0I7OwYzfU3gCWVZ8AvAhd+nSqp4H3QUK0QM2w= +-----END DSA PRIVATE KEY----- diff --git a/BouncyCastle/crypto/test/data/openssl/dsa/openssl_dsa_aes192_cfb.pem b/BouncyCastle/crypto/test/data/openssl/dsa/openssl_dsa_aes192_cfb.pem new file mode 100644 index 0000000..9dd5b15 --- /dev/null +++ b/BouncyCastle/crypto/test/data/openssl/dsa/openssl_dsa_aes192_cfb.pem @@ -0,0 +1,23 @@ +-----BEGIN DSA PRIVATE KEY----- +Proc-Type: 4,ENCRYPTED +DEK-Info: AES-192-CFB,3E445502677C77AC6ED115F8EFD9BBB7 + +fJXVVcgxhZJXZANfEWDbVmz75ocICvntATRNVgt92sHgl1B2c4cgQC4Xmu7WM/Bc +ocUlcSpWnoHtWRDumw2cwB+fDb5k3e9qb+aL2juzHkK+kYd2mkRjW8KSG6D8HIwq +fpvV6NQmVrxI5+n+uabwfil8Ecg9V7GD6ta0QSgt0lc8clp01se+VDacX1uCB7zG +NtJsr1wUM0SQbEWPEcpLUoYfK0qSO0h8fpnagKrNQLfzFbk85arkpD9XBzxpNO2p +2fYsc3xZ0RkFauSZGt6ehu0jh1TZNPYDURvSn3uVrseLyR0Gt8LWp+hjIUp9Kpo2 +fLUVaH/7wxpdCAYzo4Ub/gHPfbxo2E5qYmE1oTJyAHplaDqSg8pbwJofiXl12gMM +IyIC3SCHZJph7xqbKa+W/X4ChxYuN23ZMZ72cmqH4tH/j9IpKrpWEeqjxaj0EwDs +R06Sz/qAqs9iDMKTkuFTMxGhc09DV9sN4NYczEIEas7gploOdryJGMCM96RtMDS1 +gjW21w0wyfqa7ogsDJJ2/HqKL73Zfn7l0jzmqya7YwcToEfKOSP+a2Q/y3Exr4KO +FY5PLwKvpBaFcFzJoYhAaPphUzzAQuQFgXj34f4JU9bAXbf7ol7Swcv9JP9tN/mF +n7z55BbPfC1EiyGyDjeUDWw4XIYF6LtRK3lnvn4uSZFXLmYMJJthwwC/yS+D65LW +vsW9uuQ2qEfEC3hVbMPP+1KMgRkb9CVbSXBH+B7UoaUkGsJYzdSDeHZHbwiHgxqH +jb6WcjtUjh7W2VO/MnHBrLg8dnC77OnR4IiqJq/6TenuSu0N/4mm73SH7BtYAugu +ok/2H7GYfGfWjOnd+QvG/Vjsb+l9gtB6SXYFiWuThjB/sU4kHH8LUUOmGRlC3NDz +w4pv+cR3tS1zX+evPL0BsZ3ynDSGRbMpss7xVooxIPacFwDN8kHUnWvIBpQKAizq +blt1owc97vidf9OnZxUMpzw28/PZ+y/vRYSPQrde3kH8mJmu1FC6tLZnqzuCSsgR +SJSr3/8qqSj3XrAW+nj0Y2P8lItNdFXex7j/RuX3eV5QIyK7uY+z8ZP4gf5q9w54 +p+dQi7Vx8acRjbsU+r85+MRR +-----END DSA PRIVATE KEY----- diff --git a/BouncyCastle/crypto/test/data/openssl/dsa/openssl_dsa_aes192_ecb.pem b/BouncyCastle/crypto/test/data/openssl/dsa/openssl_dsa_aes192_ecb.pem new file mode 100644 index 0000000..c7608e0 --- /dev/null +++ b/BouncyCastle/crypto/test/data/openssl/dsa/openssl_dsa_aes192_ecb.pem @@ -0,0 +1,23 @@ +-----BEGIN DSA PRIVATE KEY----- +Proc-Type: 4,ENCRYPTED +DEK-Info: AES-192-ECB,C625A2E97BCB192B31A8E33CB0CD857C + +jM0PVjU2r063OACSZgLkaS9ppOj4idZ9hgkdMi58Oi+C5bfhZavbjROyxCG0EMGz +HnAIRJ4pkJeZTnGElmOEFbaNPb42NAvcrYXAP4XNu5FbZ2SqGKwRnjjN8z7s8+Ip +MrCyJsWycYy2BNaksJRaDNgazjKgqQxGFlQPJ+j99E4dk5QaduOCrf6YQ2G+1Q+m +2/uqVujTwmverPnHDNhQI0ZYMY+l8+oVcPHIY3TR3ufecvrGkjFgKH0B+/L7gWSd +ASvldEnWuFtPMiYnqCPtLgJNKSXO2nlumLc4Gz2ruvYKI1qGPXsVLIGnxISVLUzT +VQz7NrRYwlvSLWdQNqbrEPvEu4q1KstqIkiPRoC98vG4+VRkf9AXAGqxA+vKYktP +2Ui/SLhoC/seh9pxYXLsmqP+8bxcNM3VsJQoUUFM2PtfyvzBtuQ7mJQTSFSXgBym +qXvzx749S4xOot+H6r/bCh8753MMEsgsM39jBsRm1zbaBjaNFG0UBdfFigHWh1zx +4I44pIHu1AQDexjnfaUVrZFbys0CtM/Wy/3y0I3+mar1Wg3Rc1XL1PJzwDqBoZst +vg1h0L5OPV1c4CekFnAEx+VI6ImxENoYtZCpbpt90kz3GxRY/eS8roS/SRJ7KizC +p9bWEsUMwJ4Jl+xvV/VtVG96nKzlU13gkI6lMATYzImK4Fh7hH/LBy/UhNVL8X76 +3fo64CCwE3YkrWEmBDdxt/K8Knj4MUPjBgy/ETVRC7ziG0rUwRSd7zLOoEALMHig +AtNX+juPvPU7yARw317Q9lZXeytf1AmGiFGjYZR/mduAa9M415uWm6zutIJEz+q8 +KV93bm18JUaQSrX4D6m8IgNhX0EfmRYAIFnB3rv+1rsb61q+4USk0L/1vKT/fGGm +yvXMCA10N50wGS4wovMYQIl/giMEU8e88f+gqImU1kporgESIOUYUm9tOZ80w4R6 +ITlKCzRuoptMQBGZeJIWfWNLxwYq7NXKpvjNeSOeOqQ4fxhkzEetFERG/2hnszmM +pqwoZBZQ8bb+T6cmJD1GuxoO3ev258WIUkEZTkFYK2Q/+QKymPZO4ATSAO4N2UqQ +4TXRqUs4i+1f/BJU0ahnSgmzrynGmskUonKxt6T87lE= +-----END DSA PRIVATE KEY----- diff --git a/BouncyCastle/crypto/test/data/openssl/dsa/openssl_dsa_aes192_ofb.pem b/BouncyCastle/crypto/test/data/openssl/dsa/openssl_dsa_aes192_ofb.pem new file mode 100644 index 0000000..5010035 --- /dev/null +++ b/BouncyCastle/crypto/test/data/openssl/dsa/openssl_dsa_aes192_ofb.pem @@ -0,0 +1,23 @@ +-----BEGIN DSA PRIVATE KEY----- +Proc-Type: 4,ENCRYPTED +DEK-Info: AES-192-OFB,7E4DC037A44E5DEE4E005CED36B18C16 + +hvLtWTLg0+cMFDo3jN0yZc8S7fE6cDdZcBK0aRy+Eg+9kWlnmR/VYqG4xaich3VQ +wkyhNpBSAoUHY8OKkB8hYsqbGkuKxQ6Db4IJlahCTFgb0yO2C7pUrtGDTvmXVq2n +qJ4c+4CILeyzIp5yfy0dE8CAsZZcLEdSpPvaNK0VPZEPhelm4WdqqLozYVibR0KS +2BbVO+E7yHGC/G3xtdbduuYpID1pLwyaebUCNgblggn6FJ0G2+Iu7lndmMU4B1Wr +phvb+Fd1kL5421u8OOKRVLS2yMtlzbK2Mz7NclEzEs1m6K/xJUzztxImAxElBiiB +YfOw5WLy278DuD1GCBkSuAKB4XWUtlq0+tJnCzAG0yrdMloKH1m+XF3MXFiRTXgE +k08PcZchoNgGP51Rcg77skATP9OMamcjnkMx1B8YxTx9O5Vv/oSIjGQrr+t2np2t +JU1dHTr9QrCeadSz+My0sjlZrL3ZisAwBbu6C0Zta1P1eB+i8ORZvm9HvmadcyyE +y5oQWv7XwSfAQup/4uuAJ8bQBunIH/ajMF1WmD8rzLcUjG8W0rnBWUtjaxxBdkWv +xBzgMPm7Q+L/5yhL/TMH3dkUBq+Cg5VQSe9EspNRGKBUgfKYk67Y343Mv91xKtX8 +8Tmh/WlnYXDv8QBnFJZXVnf8HeSFHsHDzfTgAmWHdhisTNwmgSFvBK5ghvhvkbXI +UIPi+FgeB7P3ccFYnmoMq5qgK0Ki4lU6v57soDrjRl/NttfXdQEhLfWO1zXNANLk +lqEhJSvBPZY4/FiOW4kNaZg2oRswz/+Bmp3amsK5TwBcI72rnH6SW5ADqPCcTP+h +IrH4L9wnhOXw7QLk/h58JwiEc8suj5n0PJPQeHKajizd/EpUzVAuRTAl4GMvxLCY +rALxeRaEXfJH5i/0UQydEvdU3ZP/LTibAqStXyVlSBZmKOg0GNQ+aAiHZyBnI3oq +QuD0KuJi84ETMLU2baRydTbVlQDr8O0vxnCNlPkFFOqVpWyOyBgMctUfFJiM5c0l +1UT6dc2F7NF5WOuoDCVw+Jp974CJuBSRGpdQKGms1Dvjwrtnf0ycstswXHvp2ZhV +IVeCbT4WWh4f9bp6STkdquSc +-----END DSA PRIVATE KEY----- diff --git a/BouncyCastle/crypto/test/data/openssl/dsa/openssl_dsa_aes256_cbc.pem b/BouncyCastle/crypto/test/data/openssl/dsa/openssl_dsa_aes256_cbc.pem new file mode 100644 index 0000000..17289b2 --- /dev/null +++ b/BouncyCastle/crypto/test/data/openssl/dsa/openssl_dsa_aes256_cbc.pem @@ -0,0 +1,23 @@ +-----BEGIN DSA PRIVATE KEY----- +Proc-Type: 4,ENCRYPTED +DEK-Info: AES-256-CBC,307CEE18F79CA333A38CA90E75B248C5 + +qyg9Q1cX/FGOoP0NFzrCRLwmR6bai7JzDiCLFCthciYkMIWLIVzvyTg850YD3dw3 +Wusli8EQJig8DEpFSM0WBc1Rne8U4168nKuRnFUaP+VWuD4UpNDt66cT6dMoqATD +kZGdd+p8ReO9TK9gO/ZZU4R+q3OUpjxX44szxj/EIVSgphi8R0rRSxl/yFRnGHyO +xfpM9NxgMvBYlyxl5w1Lp/ictuF3D505nF/uuhzGL5a+WWhSnssMFHF9vxXTu21/ +3Cy0C3Qah9eV/C2oyAU7GGsXHIfqFqsgMjQN+cTFqMyFeg6g0J7hytDAgZVBXIFw +UuzMbxUUZU9VHcZzwqstkg5BmUI3sgW6gibBUzuJrmo7uLrCvHyj9oehSMqeuPUC +EXFqhw6Nb+jZMkvW9J9qFYG9eg3PQsDErIdVK8aWdLrLyc+O4gycOdMbR8aq/3Z4 +TlV7Ye650EvQ13bwZghZyKel6Rjt4P1MagGriNqCcLVVsyrRXAiqjq8cyJgYtoXF +1VMBZz8ob2FH9+kvk2sb4+T22sTYwiqAVaLnCsuJ4dmS5wdBrhfF4oyHYV2KOVgG +64GqxiF9/whvbAWSM4cU+KslKnWGZwz53LKleafrgeFJ2P1ldqnl0on5EQ/m9bzt ++GSGwzZGRmhf5NoyhaH+OCkq/h1UP+LZ5kDJCqH/l1JZbvJQkGNKzt1OroW17GnQ +EgihXAmhy/xOAIZkz1XKa3bNvgS1F9yreAxJAvBHB0QzZ1HrablsaTKsZOtY1Qvq +e2OdpJFm+SrI7RUtbp787Yl9pH2cLEdto+WH8gtgXloS+b11Q7broE42w9MIJrno +kzs6eDWafSExTvpi+29OJEtK4PNezmhOxzTUIsG0/8d9Vd2WYqrLD34ze68X8qUa +CoIXYP8VsQLoXVzX7VnMBYTQ+YOR0Ntq6pRj07RbJrNiOt8qcWGslzE17ERuCr0+ +ZFTGy77KOksKjLksvRj4oshQjRhVYZscPNnwKODFDvOPsGFjDoU2Sg+W8kcfE6Bc +1RQwk4N0cjkC2JXXk61QQjh+efWRBqPN6va+ixUcsZSxndCIoBk4qtqtsyTFEcC7 +LdfCC96RGnXlvroiPHvrmJYN69JAyyRrnhiYfaaC98s= +-----END DSA PRIVATE KEY----- diff --git a/BouncyCastle/crypto/test/data/openssl/dsa/openssl_dsa_aes256_cfb.pem b/BouncyCastle/crypto/test/data/openssl/dsa/openssl_dsa_aes256_cfb.pem new file mode 100644 index 0000000..06718a5 --- /dev/null +++ b/BouncyCastle/crypto/test/data/openssl/dsa/openssl_dsa_aes256_cfb.pem @@ -0,0 +1,23 @@ +-----BEGIN DSA PRIVATE KEY----- +Proc-Type: 4,ENCRYPTED +DEK-Info: AES-256-CFB,337D3978222A1367F5CFE08611416E9C + +GVmy9WG3oR1Vpfxnfpv1hFvXGzBgE+c4jplSw2BAlKnbznCPbZLc3WF/ZMv2851O +iE/8sdcetzoAlm3jGPoDi6Y/FqMFmcbqtro7vUz/SVgi1HDI0FXjOTPtFe6xfzhv +84qt5lz5VAUueTKFXEZHqM9tV7lHt1FX86VutNObn8pE7nAWVX/Xvq+qWUsEx0ik +YjZjLY696pyz61hnxZE4jKZLRx/9a6vWYaVfzsEi2FLw9qAsw6ILp+xDaAeKa+Il +YVkgDPi62NPr7cRX1WCiw+/feNYPgUfGiBNkd2mOnAr1yOXFM+YALw5V+q8I6ZKN +k8R7skAzRZkwTJ9WaaFGD/UypYmhe2b9Jp2n0BMEn5RpW4o1DTIHmfMSUmUPp5w3 +HjbtdDUWIiuplrz7mUE2sez/3bMbcoiO2Ym9SInJKBrMFSvyasg403u4QESYQhC2 +Lwcocb5ixXoczHjef3CogL6BhL2oZwXCl3OBqpMOJJJKXUPRhN8bvgV41UIsiGtN +TFUXqYdpbmMkxJNMGiD3mKWpSm2MMdQYnRlxNh0wXLi5sHckD/WS4yFrNsCIMVDT +W094liK/Z7BmplY4TyqKhsRlFVQ4VOo/W0WNh7Ayp0siIfo8vHDyoQsnUkn/EUER +UZG1lIy6/y1RSg15GWpdi1bvT9URjElh/U944LSYD28K2VU8aPKaRBokk+K3AyR6 +YhZRCBr6uIVZ8HDkBL5OW0eP69/jdbyc4MnWRa6C0d0boA7N639j+NQz9erYT6wu +RkInmBbVfxQD6HLkMwiuU23qLP+QQTLkH7rQJmnRPSwAKEE8RiXWi4/TnYW7d0AC +Bj8oaK6DO+J9t1pdj0IGluf52iUwAOf2Pxwvu44ovaF+yb2n3P7S5maDGLTV/xBW +D6nEAct9cYj22/aRDTLdpOfG0L242vjQLnjrgezBLraa9eTy29hR5FU5ACH5sB72 +rxUSwoCHCJuNFSxC27QwZqeCFw51epwXxLv1CjqsQi2So12qH+vFVtL/1YrFBct0 +dzwbdNk0S6UyPRqfiOE/+Iszzahmb/GgskPJdfT5Y03FnpDWfOotpaAebrY4t6kz +/gs8pxupvdKw4eWsxVCL9KOP +-----END DSA PRIVATE KEY----- diff --git a/BouncyCastle/crypto/test/data/openssl/dsa/openssl_dsa_aes256_ecb.pem b/BouncyCastle/crypto/test/data/openssl/dsa/openssl_dsa_aes256_ecb.pem new file mode 100644 index 0000000..ab0f64d --- /dev/null +++ b/BouncyCastle/crypto/test/data/openssl/dsa/openssl_dsa_aes256_ecb.pem @@ -0,0 +1,23 @@ +-----BEGIN DSA PRIVATE KEY----- +Proc-Type: 4,ENCRYPTED +DEK-Info: AES-256-ECB,267E98B92F05ECECABF28790E81DCFA0 + +MkVFB5/gKxAksBI/g96MmN+ujdt0XFXC+7MI+0/OJ/H0LXlHlLpwfGlx/Je73Imt +rOZveXf4I8sBCF1Z0Fhzb3TTTDxcastJGKWAVKaPzKkWdxNeUjx0kinbrkM7Spfa +yG+wW+Srtfyi6LzEsbCduDK7hzfDnLbgKymdDeP0TVeJzEdXgXcV09a01GA+CEVX +aHesQLNHyYm9nxFxK0fAnKo5r1I2JsozSWNTG3VNbiItxtfoJdXTn25I16qXjKzn +MOn/A+RBpO+P01j4uk0q0SPJMlIYIX+RjgAoPiI5R5vSeucsdUJo1sWnSfqLc4yP +vUG5wD/+lYrxsXiW61KdwIg3vy/ty5+GqwNgNvN0FZM8DvK+NQ9K/IpoW5RE4ioS +ZNm1JpeGJiywsBf3Pi9mwR44tTVY0Jwa/TTQp1kEYGjhYXMIEvf+LUHwG5KO2wmD +kDediMDUPaUx9K34eSpgIUln5d+1viMpC2VcDIg4tYjAODtGRxzgDUr3mbuoVl8f +GqusTAdsNoIyilY44XxA2odHa4S8yXsx1f54P8fRYbA4Xo179LY1Nh7PwQPm+rI2 +mERkCsvns9jP1zJRuS1lYW1Dqjtxxq8Nt5RAsEwKQYLO4DfsuMZPblEXPAwSGb/N +69xNs8ZFHm3KT1r7FdUrVpHk2vmqsetNa/g2wRTEuBmRCgrtTtEDWgdBNtDoHlBR +pDIWgwNvt7oJIU0EbQkUgW8bmg1p7jxXN8Bk2QKZoOytxA4TB3fR1p92VkXzrkxn +l+Z815BNfqnNCU5nNzLwk3jLgksZrDnLu4sXykIBC/bpP5fubnT7iJYh9h6ZGFeY +QLUP//ssuZM2auNjTVykWUtAiglROzxnFZjMXEbujOKbm70Uj3YvAHjoKalkti9x +MTj/vpR0xBv/iDtTFl12HIg+IEGL1PfX4xy2avvJO+XGFD4zcnrLfTMwtUJQjdQH +dUMWP8VI266u+B6wGfcrhdCYqtvuLVUvbISU3YD/tP+esXh563kPnXd2UuaS3ErE +/7Y/hzyUkDjJ2g37Hq3M4wbaEg/a6osDtfg73thDMadsbTLIDjHKgAgBv4umNtA8 ++EaP0stzRH3ayHL/f4I5bHC8bMIAumKM6zap6tBiork= +-----END DSA PRIVATE KEY----- diff --git a/BouncyCastle/crypto/test/data/openssl/dsa/openssl_dsa_aes256_ofb.pem b/BouncyCastle/crypto/test/data/openssl/dsa/openssl_dsa_aes256_ofb.pem new file mode 100644 index 0000000..7192ffc --- /dev/null +++ b/BouncyCastle/crypto/test/data/openssl/dsa/openssl_dsa_aes256_ofb.pem @@ -0,0 +1,23 @@ +-----BEGIN DSA PRIVATE KEY----- +Proc-Type: 4,ENCRYPTED +DEK-Info: AES-256-OFB,A2D4D65382905DF6EEE7A315B10CF2D9 + +CpLeywQMv8uZGrgJYM8rZ01awWHJWH/ZKkNi1rpQhaI1BAShQbIUvpY1IsMLa0/E +g2+oj+Aa1UE4UDsAlzcfsKG9QHS8nOYWuLpU7VAyjC6wUPn0yI0sxxKRd4dmPIgW +w3r0xO187yqLAjIZCj4y+3ANCjw+rLpZ5Zq8KAN4j6H1NEmzNoNVQbwY0hpsyxwE +Tg7TkI5IyNKQSQC48EuZh16cJR48l36gzFOmZKr47gzS0zivvED4Vxdaey+WZkoF +1XW4VbQGHRnLEn/I8rziic9E5pvvcZt6K2NwvzXrkS53ufFYZcgxNRxrdM4yLz+r +20Unn2F2KqumB1RAliKo/PtudO7XfsPNc7rbF/stGhlxDWTyPU2HMX9tw3JkWDfG +rRsG4RJOQgsx0Q73/7XPhgu1J2Wp39a/QI/IHwZ+rWIerdUPhs/MRRPoduAfSSZo +r2z8OPJAlMWLwAjmmKDGhpTp/21n9xLo8tbvqmy8Frz+kAxAHXeHCTWUbxA+URKb +s5NKQALX3wYHT9Xq0A27A/Zrqs5elqc/IQL58nU/Da3a3OfPB4+MNWeWU781ohhi +VkBgMRbnQNCC8OPoeMd/At9GDEEj1rDxx49pJdMMwxXS04P43LiuNSmndCei2cQh +/7cho8YTbdgjKF2kVCZvYXBVsu7Nn834kJw7eMH6slU+VM45jTkOTr2uLzKWrBL6 +YONiK2xdD9NlDcTsX4YRkt+dByJEcDAuvprVdnLKpFXAOWDLW6e0o0siuFIGBtgX +NR5vA5llpOkladJk+j+dxX4u5Ql9KFPtD9uM05ik5VQCZN8pxy6On3GUeSdoAE9i +i+rtgZofs39mZOTxhYr+Djnq3WiWntV91GImwhqiXxUBI/fs91+yy+FWphpGORaT ++Rab+cyvauBsdTAoSjjd5cNXXsztfDxEhLnZ1yWMQZxVgV7tcLevVo7e75pSZrN0 +/gMQAH1Fcxtbrdzg1fehLiqTEWp14lFyDCkqAqQ5C9niCqwyf8+6Axaukk4ImmP5 +n9eIykRezLizjA+GCe2oC1jXpVEEYVzOJpbBAwZqk/jlyNd0m01URxvhOaW1/M41 +uWDeQp7ljJrtiyMqD5P3STGR +-----END DSA PRIVATE KEY----- diff --git a/BouncyCastle/crypto/test/data/openssl/dsa/openssl_dsa_blowfish_cbc.pem b/BouncyCastle/crypto/test/data/openssl/dsa/openssl_dsa_blowfish_cbc.pem new file mode 100644 index 0000000..8b71187 --- /dev/null +++ b/BouncyCastle/crypto/test/data/openssl/dsa/openssl_dsa_blowfish_cbc.pem @@ -0,0 +1,23 @@ +-----BEGIN DSA PRIVATE KEY----- +Proc-Type: 4,ENCRYPTED +DEK-Info: BF-CBC,B23E9DCDF6361CCB + +BTPCHNUVRgsKo1up9Ktshx00vDANb05S4S0LPU/wzG8sj60db3bX7Uzr0PPy7ShH +1zPv0PECYla1dh9nVBPOS4EQE3uHyzuDMTg0AsiR8TpysuI+a4y8XJeAhkU1DTD6 +YzmaodjbCrhautYUCzvcui/sWWXTUSWH/yrFOxaaxLpccacCssGlPc3Tmr5brPmO +xaZvO32ii6z7WAP/WmyRoYH+BSqmUBhObolifBD5kg1ilPfCk3xMtz4lbJRWANsS +r6YWPwo+qh1TIQWw40Kz4oQOteVNiwh/dvYGxMkd9Gs4J9nY5deKYExoWlYcci6N +VOrGA6HBWzfFx/QWWGK77xE8yQ8HeeZUgkWwYoSyAmxjPWgCj+BT5gbYV3W9E6UR +T3lsKGtI/lMW9N0DVcLdur0lLIBFiVbzxoUAL1SteLJ0mbu/Vnk4VhI5z5mOmSxo +bU/HElXdjIhk7hdTU5PMNSKiAsxNh03NiPsTpEASMhz+oP8BuJZh6Zi/K3qMYH3u +6BYmA+Ua23fFYd/kz2TclVwiQ1HQjO3+9l0aSgLhHFb3t0spYbx1Ld5+bAb8b30Q +9w/fNab1mB6hFgaqruPErfI0K8BZ845oAiakZBfKnTRQxAlKNY5gWvSiPDWlkfIb +uSBW6csh62iQM1/bcW0voR21NGS+WdQ3eg16vv0HMhmEXmEvtAuCGb6ZMqY117s/ +VciBymZzwdLKFjCqrLn6enYrT7uneOoq/8PaXD1rdMuKGL4W2LqGH+Q0RU+1hyBJ +7ipTQqystqi6HUU2R1/PI4K73X0MMTB0Jfkd81S6GmjkMYCFCHmHXCdNULjbjzT4 +gppgVW5joIbLKNPHJ78lw4BuMxcAgptmtQBADnWZQNF/pBnIVAY/pdHgreIBTQ7R +KL1/ATp3+gtGd37FOGZilhq8C4ML+w18M0iTUUfGg5svUvmtw+NpNWMijTJpu3Uo +KqjMj3NbwCwu2b9qxwalC3qWOgAJf4Z784+i2GOvACk2Mw2QyXoZV8Qm520M+idR +rj6DIfzEf/86TWH9IrGukDbJNB74QHgdXd9upyt4sL6uHMxPwz4nnhBB7I8B/Q59 +oB+3CBpYIANihDscUbiNSsw5/AXNtMuA +-----END DSA PRIVATE KEY----- diff --git a/BouncyCastle/crypto/test/data/openssl/dsa/openssl_dsa_blowfish_cfb.pem b/BouncyCastle/crypto/test/data/openssl/dsa/openssl_dsa_blowfish_cfb.pem new file mode 100644 index 0000000..8372cff --- /dev/null +++ b/BouncyCastle/crypto/test/data/openssl/dsa/openssl_dsa_blowfish_cfb.pem @@ -0,0 +1,23 @@ +-----BEGIN DSA PRIVATE KEY----- +Proc-Type: 4,ENCRYPTED +DEK-Info: BF-CFB,A39496D20CA5F694 + +A9ZO/WPm319cQ3hoxaEsmuGVDkMVhCuRzFfSWC4hVBsxKHd3FIw8xZpGSkEI7+aL +cMtcyxTQn4jVV71Sw3vyb4N1+2i+DAd+63l8LztpTBQi1o2gTBqmqL9esV3shqWB +JV7uyOi94olPea0Rf5PMRXx1bAZs9U0TV+5XHAQxM04lXRJajxiN9LBZ1OMRiUVu +SdoHdXh077ylUQmgDaGQktWYuVH6leq7Yc9CF3nre6njFiUrpk61iPki7+/FgWzq +vToqiYaWffy+1lB7sXcL88BtFaMWAOV5A48Mv05miTb00VbJqdKL+SDmu6j2Soxi +Qk3k6Le0heXFHqqkURMKOrr6tepqKEjmy8WTELwMnuT5vNngMqDKpNyhdsIEJW69 ++L0imi4fWIelCd7PMI1bbPAp2QsB8Rndjlfj3irVm0AtubL/rbep3JT0ezukoScd +wLYNTlDdaLfEggry/1kYvPBMolU4xqDxg7C0quwYxLuycEFzU2QmWNtRn0xkfx+j +ruApr4getT6q2fJznW7coiW+OE9Ik7JgtYUGEZuWFUeydDHa9PiJ34w9t/aw50Sk +arATzKH66zM//g1zgzg31SmziKeE375skyQr2+1S9RajmdZzEUDL5ajsdrbALflf +UPQNr0YEF92DRHsI4O39L/+k5fesiiU38u0NoKv5DDRb5T1lQeesDZCZBowQP5KP ++6o6lnj8kCeccpGX/eUukPXFl6mdddAJ/vLptHC1zaRp2dlKPRfedZkRm4Wduplh +vQ+6oGqkjep0Q/LSRcVP69m91CZot86lAn9Ct0jfJu8o7Ua7KBeOB2k/rx1nUaZG +BOjHQRaSvPA7FVKCP1UlT0GR2hTb/VcW3UQJ7fCY8E4hc1kPfoa/T+mf0JrHtlMm +364YQh6KLgcsgVjsPBXnTN1+POH0Qy0xp/0VwQIQFWKwU7gsXprfs/uYx0uD2Ev1 +w9kIWLovIGmBh6HKptqTnjtdwhqueez5kb3MkrCMi3kqVmV1TEQoklz6eBbloXbX +SyR5jivLmuaoCJOA3oQ/A+75bwcvUP4iULZbdTpM2rnURyljKNU9Hwxim0neZ0Zv +4kiOZuhQKkGfj0gv5bRkDAZC +-----END DSA PRIVATE KEY----- diff --git a/BouncyCastle/crypto/test/data/openssl/dsa/openssl_dsa_blowfish_ecb.pem b/BouncyCastle/crypto/test/data/openssl/dsa/openssl_dsa_blowfish_ecb.pem new file mode 100644 index 0000000..58acd6f --- /dev/null +++ b/BouncyCastle/crypto/test/data/openssl/dsa/openssl_dsa_blowfish_ecb.pem @@ -0,0 +1,23 @@ +-----BEGIN DSA PRIVATE KEY----- +Proc-Type: 4,ENCRYPTED +DEK-Info: BF-ECB,6105920EB281329C + +ungL+71R1VG+DP1CKuROEP1pESqlLeGoX/vupWbGTWR9VoK4v/9e1Bh96r+hEobm +LvgsV1xhWrnyRMMw+W5bSJCfBH627SxqHltgxPhyKCNAf76cTIAdxxXgLZAxjtJi +mjuBDTNHdJ8NiAxJKLL6dr/hh+Vt1Lk9Gr/x7UdocQnhxG+IZLDSOFdXnFb8EBtK +kmAXXyOL14Rerywi6pmbxaculi/CihuFm4u6GXvunFjtP33eObzKLRub5ktbCtol +97rbDoAAUsPPm4efu6Fs/3CE/BfvjUf+cmOYu6pIKQil9VHtxXloXwkeykI9Kl92 +uZVT+e9WEn6oZslAzCnjT/r69+V0Bf06AP0zkdTK7lRNBhmcR9fAgHpxz52GC2Bt +xsqEzU7d+adCy1M73tT+bA2RBUnbA6BoCDHkvtmZTGV4mkAv11tVxU9Zqeglvi/w +6QVDQYo/b9U8GVkQFo0oh4xNaAUNdT/i1OIy7d+6UR8k1S9+r6SGVwS3er20trWN +8mAJ3dWiy3yLreggSqEvwHSpwrUQP8uxdTZOlFAy+xmwuEb3AgT4/sHQN7sJjAN9 +ISdzp+B5tBbM3kQgvEXUZckVykM7jgyv7SJ9DoDaYXvlfOVFo1oM3aWf57DcB8KH +WIV94r4USVElJERYHH9sR61YtTi2lIi1zuAQZKCf3ShJcgU+vh2ZZ3vRPQhAMXjZ +0Doi5uxi7HK/MVenO1CzNmsc6XQtyTtONqlJVmBoSq3Il8phMkMXnaOeNrQsT/1X +PzbQ6MpWEr2WkKsQn5hNA9b8BIZ+cwk9zeFbhwLH5ewjO25BWJkFra4gGFJl+HZf +vMNFjlnxuMjqM+Fjn3YH/O08P3nF/3ZGezqTCV8OJigB4Cdfbf9OrNtJSvCVsH1q +YB/3+KOO5mKObH0Y+k1pvwZsXMkj7exAEHh+nFLldjo7tBAycqUHK0RaZ29TOjqH +J6/4SSzMTJL5PF9Ayjtx0Vai4sFrjRGgnvdd8tddA/bWq6JC5i0yWIWjCEu0+b1q +q8EHdE39+gbANJn2lKsEAOOt242bsjKR+bblijaaEgZXHZyALOThcEXxn1RaFFgC +4Iv+DftZrU8lOiEvN8w00K6GDy9gbByG +-----END DSA PRIVATE KEY----- diff --git a/BouncyCastle/crypto/test/data/openssl/dsa/openssl_dsa_blowfish_ofb.pem b/BouncyCastle/crypto/test/data/openssl/dsa/openssl_dsa_blowfish_ofb.pem new file mode 100644 index 0000000..2558ae4 --- /dev/null +++ b/BouncyCastle/crypto/test/data/openssl/dsa/openssl_dsa_blowfish_ofb.pem @@ -0,0 +1,23 @@ +-----BEGIN DSA PRIVATE KEY----- +Proc-Type: 4,ENCRYPTED +DEK-Info: BF-OFB,56A8F965C6533468 + +91TyUkVkBxdl1ZXkXezMngH3YsE2cuXhiEFySx+dWZqFWcOQ3S6izXXqvk9B5sZg +O95SFlZ917dU+SFACzB8dqwYo0QmxvH0zaAIMBguuYib6YZVCd8/ElX0vyEEo68O +9V856HAks6w5WZk4zTC/75skb3tdLRWgG42oBlXHW7GsL6y29Dy3xvaWHJ3vpKXF +HygbvR/TiSzhWj/jJB6V4kCQAAm99yyMxpmo3e4Wis5AwGgf9XyHJx0gUCeyNqez +i6UJMGnYsHl1H67ltpN13trIXRcXTUDhFTadRz/suaR1R8IEefkpsnBEPnJwBuPY +tUQzlolPKuwbPXFukpJrhi7It7dLsDsw5DUYvyOnHkDXJ4vFAIplCKdG0+KLaYKJ +pXI8FH6X4M1YbIPTF+k1dhCAz7Cz+cEBA5hfJfSA4p7L6f9NBPWso3DDsyAbdPx9 +JJkVPtu0ofZHzYuD9nIhRsXjK9zaQXU0szLBdtGw7rfmPp3ftXeBcXDnO2ZdXL+j +PK6CJm0ktjnUMKY8gpWahUUfImwebQ8+uQYv+NNn61rtfCaGQWMStXaNYgq54YLs +D5ImRdvWm936tNUCeoik0yhPVlriNC4gKswRSUxD/nNIetsPl4FB4DIS/W5fvWZf +WYKwW1UlpC/HagbUVIuZcOrAMFTG+zLYS617lzZh7Y7K87GJH+jVwgbYSbHHFWCp +V215NLfofwlV5pFwq8djbeEnBhKi9SbGlZUyaZKKyDoIIEnwaxg8BoModBEWHyWp +OUmw/v81TQu6RwJYxl1C1U9n5w4yjtXr5oowgu6WRYXwWXZtevtLkHrhcuWt21ud +Cq42ojFrb0GqIcYWDXF3Wjp4nLZ4pIqg5kadpJpcFYx+fcL++Jnxs9l8Ohqwn1br +/UvY+gTmTwnICapIwovVjN6p6cT6MAok82oemWPZNPYXVwVkGewCH3DWqfeRYsdg +6gDWeIwyk2Eqn4bxFz40NrNZaLqcmQPaJVRReCV7Y0jQuQWqSYKkBHgFodf2GPMg +DRqs7doN2MW7Is6qjyc8CDDzPcSuaqUz0gzohupDfD1vAtuoC0X6U+m/8NM3yuE5 +CKE8rofcKcxmFAr52CUUsJBL +-----END DSA PRIVATE KEY----- diff --git a/BouncyCastle/crypto/test/data/openssl/dsa/openssl_dsa_des1_cbc.pem b/BouncyCastle/crypto/test/data/openssl/dsa/openssl_dsa_des1_cbc.pem new file mode 100644 index 0000000..f6fb1c9 --- /dev/null +++ b/BouncyCastle/crypto/test/data/openssl/dsa/openssl_dsa_des1_cbc.pem @@ -0,0 +1,23 @@ +-----BEGIN DSA PRIVATE KEY----- +Proc-Type: 4,ENCRYPTED +DEK-Info: DES-CBC,7D7F5AED62DF7398 + +PvrGaVyP4qWxH3LR5bOjrjTZN9KEZ7eujPyBYWV8pE7+kBc01RKaHuOfntMncXPj +cTvtvPq4z/Odrme5s5fem88QAoxB2BqM0VNviUMcCcAG+hgsYjYWjUDdSY+piAD5 +dhPcTHfSwgkA16c9pd+vNojdDKHEXzIci/gdrkJQXi9z+Orfb++NluGFUjAvQNlh +n+wi72AVwFaSPfguwAtWAZNmL37dZO8VzuCTkhciHaJSZFtS1G5rLBIo4JzW6AZI +PLEENN8fE9C60WYkfQB0PI27ksTS2xPF2b7MeaBwdPRU++hwZ2QwXH7nYlCWn522 +8wg3/QWuFIMdqtKaOjjlwvQxApV7OouRCxIFnolM8HvpZ7HvEVVT6oqcsJG339FJ +Ru60QxuVsnz6ykuP2OoGTtGZNYo5cgBSpXrpUSmOp8HHblWa6+FSatNkBf5MxJvv +pMRxcYJ7ftFCGgpKI38GgeBPkpv9Rr8PUplZlgnXkZl8trhjb0hzAAJrMqPkMQ2m +rOgsIWF+gK6MdnZdSnY1DktPYSFCkfJt0BZMGBDXcbr8RKHeV1vJNWAPOcmTsV/y +nwzv9EA1KHeMnT+wQ54q7jkRtDLIS+zSWt3qW0fJQzNR3BrMBrsij6GfRZ++PL3v +4y9D+cDFVX6LMXUDLK8kxZ11A5rSuL4HROtNnIQf/MItKNK4Y5c4PAKAMGLQpPS+ +5dgmKiu6jAIKUVT4BOEjMJ0P03JZKQkPxVB9GgLQLGCq77vz6NaTWhJmz+qTdZoL +JCvAAShdkVa5gl4hzuvKnmY9VftsPVlOUthuO4NYimnjZs6p0sXZKnxQ4J4BpbkX +mX5Fs6RU0YTQphu2v+NFhcPpYwRiwn15CVUDW61Sb87HZ5xAzwQrlpFY0LI4TqE9 +6ITUYzgpVVAlslKHNePMcjTj78V2MImHlq7xHSVPEGkkPlsDWxG0snZRkmM9aAu2 +g8kqf8MVngWbWhxqXHA35wunnaBhpBxAgqE4r2yAhyfCJNF3B01zwjt4LeTnduj7 +1ZA6EPechsSQUGQNGBoSbO5zVbIQaRZvAl2MwPU1YWCCbjaiDDRp9bHhX8vQbI/v +4TRfKX8FUSai83qORQ+Ncshg+gYkeCJc +-----END DSA PRIVATE KEY----- diff --git a/BouncyCastle/crypto/test/data/openssl/dsa/openssl_dsa_des1_cfb.pem b/BouncyCastle/crypto/test/data/openssl/dsa/openssl_dsa_des1_cfb.pem new file mode 100644 index 0000000..c3af8d5 --- /dev/null +++ b/BouncyCastle/crypto/test/data/openssl/dsa/openssl_dsa_des1_cfb.pem @@ -0,0 +1,23 @@ +-----BEGIN DSA PRIVATE KEY----- +Proc-Type: 4,ENCRYPTED +DEK-Info: DES-CFB,6215481F0FAE54A9 + +4ZA2xcGT6hS0kQObPwTWmluIl2wTnoL2jRMbxrr7usOZSLYISprcATZWieEKLsu0 +kNNzIptFCmRDt0b8VlothTS2jBIh5nlu9LqvaUlIrVuMEn7umslWrLK8JWnHVKOO +dMfqNcgmYlkbEfmmXLtlCbfQHT2kVlopD58yxf26FTQ+27l+hSX4wn2uD+xFUAcn ++9ZxAWQDhi2PYVKqTTPfhCPaKW7hjYdocADnIZg+1mhH++8fPxlDmBQBmMOid53Q +WV9LI4Fps90d7GumX7qSUFZTkBKN3v+E2ahnoP2bTBQGkqWamKFTc/4uLCEGlSWU +qXaGCy1AwPa9As1+B/jLkTstoslJppqvOooWW2R1o7JHqN44luXXQPZ+BcA7dSdf +zRcMCpudB0AwHBy3mnUNuBlUjsf4rEpq51HPSS8duYow2I127uI8m8OCoZCaUVid +msxVMSJIiDCiBi18EfCjMfGLtQVxJefMv2hmcAXQXSRDJTEw8Lrtm0Mtp7XK2B0A +v8Kqpf3x+VBc770Xoy0K1/fe5oLdvJrJOLO5PVcVXIS9B/DTqIQ8ObABJPZ1sCKA +sV8XebteS8fNXmFrVKBTmHBpUY8H5Z++VfDtKZZUBYSOqbFT+UU/+xJKlKICzFTo +YWsmPTgFsu0Z7/PMyg/rccrb9fMWRXa8et0JGoF2NlYu+lkRb/nYPe84oS8RzZT1 +dtWJMiiom4xRgENDhV6/AmA9IuyXT3QbDfFB+ntdyk94U+Ms0ODNcdA4JmEa/f2k +zFjtEGWHPH8Quit+zUt+8JnWSSFp0mjyA2ZtEj/6Qg5rqAZMdlpTo7rcuYOTHScn +ic/H7V43SuMlRAM+xx1bGrNzjWUugHrVb7Kar56pSRPtSOQ00Dmz7gB8V5LU63n1 +YX3faatiPUNRG1dArcW36o9dZ5x8O5TErPHRJNYG+96UNoAzHMXoi5thuRyVbzne +FpOqgxsryobcht7fwHuYgUq92QoY2qG6qMwHc2A3NrVFi8lJ0R83SN0lOzLebulu ++zDvrvkkRyH14uoAWi/o5IGBv1yIkO9vYApntrSO2aLnbevht9MuDJqW/Lkb579Y +LG/sVwxTmBT6jdCgTdpd1ExE +-----END DSA PRIVATE KEY----- diff --git a/BouncyCastle/crypto/test/data/openssl/dsa/openssl_dsa_des1_ecb.pem b/BouncyCastle/crypto/test/data/openssl/dsa/openssl_dsa_des1_ecb.pem new file mode 100644 index 0000000..d17a90f --- /dev/null +++ b/BouncyCastle/crypto/test/data/openssl/dsa/openssl_dsa_des1_ecb.pem @@ -0,0 +1,23 @@ +-----BEGIN DSA PRIVATE KEY----- +Proc-Type: 4,ENCRYPTED +DEK-Info: DES-ECB,1040C4105685E404 + +66Uasevd2pON2SFWljlVyWqmErfZn4XomzLHlUoagIwnQUEgCBCCpUscES98fini +roGF/iaY59JnUCMieugke7/GZF1C0aXbIReqds7S6VFfu4Ni1OQTkL4rIauHrWab +vgoE4+18OlWw6Rc0wwJ8NT/NCOmb397yTeb0w8VYERyzpwSLXxQ0BCOq4vOUX7BT +2ABX0moazjUSyTO9BQZpABF2SshxaWFbAc3QRwH4QnO1bm7Pv7b1rvjrvPZ9LxgN +fwjXG+yfHFBBojbEtFvgXRsSSyV5WCmAgYLgk5/nIDFSnRQGty0OuP+itX7SUK1I +PH/ZjdIwezMKbyuon9D1AvdOEC1xiKEdmJCWSokm0djIVNmYbv4dtfrQE6hYdMtt +C0LbsT7ef+jl0xG3k+WK24OsBVhTaqj8axIPZIVLELOPlx4EMfaFQgUjgqf5vPhO +x6RSSRy+poFwtjI6ip/xu7ygqmcY9COXCcSffk1vpw9v+6WcMaYmDLwBTrTCNsdI +7i6VJa1GiCrsn5o6ydGgdRNkF0N0sUfGnSzRUgd3BGd/fvxhBmcxHUnr8srrHYm7 +D54VL0EUsP33F1VF2ELl94GlWqfAj8NGBDkTbpUcqOeL/ERxdUWfX5IEc3h7fprs +UjjjQ+d3GRliRs27m4ZuLtGeDEhDtlTC6qtKyqgVziPMwG46tcqyFzhbLCErHNW1 +07JcoDRc1LkXImSeWgjjhskUX8nc2/q5giTVtGmiWMQwEc7aYQ1wPbVAIGPQ4PE2 +XB8zvvPEaj0wXs0JjicrfzUBo6cRbdfmWIfp+ZoTUfr+gS/aZm+VYt1G7v6u7Qel +AtoSdpN623OvqIP5ZDjOKROmAdMbXkxwwusVNQhkbdTzDYNy/yJnJqUUlhsN0VTQ +y+O8Fz7Q7fEYIk8Euz3Uf/BTVGbLSNSA9n++CJYg1nam1S51WhCXRDckDLR0c4C8 +v3zpJvaQYW+xZUmlzrYRQgxkfzv4+j9W+kZLgvitQizXfTsuDyO8gwIt2csfGkaL +EgX2+oITD/sGoaSoGknY42ePI3pPXHlhBjPq6ZWZ7uh6Ia90nV1j/PAcOEoAspAh +pEdIAkFJA76qN9JBnK7lRMFXu/EWtBjD +-----END DSA PRIVATE KEY----- diff --git a/BouncyCastle/crypto/test/data/openssl/dsa/openssl_dsa_des1_ofb.pem b/BouncyCastle/crypto/test/data/openssl/dsa/openssl_dsa_des1_ofb.pem new file mode 100644 index 0000000..2d36cbf --- /dev/null +++ b/BouncyCastle/crypto/test/data/openssl/dsa/openssl_dsa_des1_ofb.pem @@ -0,0 +1,23 @@ +-----BEGIN DSA PRIVATE KEY----- +Proc-Type: 4,ENCRYPTED +DEK-Info: DES-OFB,BB20E846FFFBD3EF + +WeRgcZKkDTSxqvtZvx9WwUZYqXUUpY7siLG1Vm5jXPaEFOEQhmvGuNYn2cwwUYKD +RMN5+sE51urDgI/xk6jdS9oZE6IlfkGeQSUoEOOfPVyVD/0/E2G0QTcKAAWB56K3 +setBb2ORbM2ZhetYUp1scaLObMEMQ5LrZaqtA/jUd2Pbs9D2MqafEH0Gde8e7mXy +1fGNJWlj8XtAdmi2BeDKZHx5Hu0r/BOTic++L0Sv66wbjHw7RDji9Rdv/vyq6DIi +0v0ZCexiNVed4mqD/3+8eGQ2z02UD7aZPy6T7E+b8kBuBi2ouB4HqgexVtz1L9x8 +VBBOBdpOLefwCZlNaeceg2kSIP9mMK919hlH472BO615YB4ugaCilUNLpvv9T85K +s4hTB5oDcQH6W68mz44vWqSwED8JcdMYvivWY+3/zBSUvkyI8+8AErnVr8tvTX29 +aBhfegKV0MbRRRirj/EcxhUhtfgbAtllZ/Wpo0LWpIsHT0GeUfWdUerbFyh/8Tfr +OQzC14xoLHdACDz5IDrLaLd87hZrKDJOELvzoSugg2W9NAzGbfoWJGVlvZ0miZcO +teULyYcK/A7Wcba+jmFaXMrKVhNH0IuGcU+Pf1lYcchjAsdnrFMVRsNJ99QWlN0F ++dTyRgaiCInnmJqT83fI58dMmaJPpMeW26jItPWZWAA0vlQB1RgZ8C7i7V4keuVc +0PYolX8WpLrrpUpJKOTdW6rmeHokJC46gOZoXEwZCSKUUgreROLgRN79RMBHKjoj +0vSZWowgH82fNWYWQbJk5z4ldulWEVye3tQhRNsZarAWPFEteiKDTSkawmBpaA6q +dJWiA+EdrVvnNmw5+xkbciMX0nj4xKsjRgPawdMFZaZNE3xu2LkrfGKDa1ne3JdL +nDeyygGRDsl93oJ799maHaTLDyub0CMdyf2MssPLFklJdxwbtxNzbI0gt0NhZu43 +FDg91Z3hlAjg/Q2h1dVM22m3pnju2ygF11HUQdNExHlv5w8LWMeqWQ5j7WhSbM4c +s2v5JURZ+jXFEf3jCs9h6pLlQNaipDkUQA/6DKHf0VbZJzKxBiRCwSP/YuQ6H3yP +dHGRAd5CQnNc3Vv+yyRqQT56 +-----END DSA PRIVATE KEY----- diff --git a/BouncyCastle/crypto/test/data/openssl/dsa/openssl_dsa_des2_cbc.pem b/BouncyCastle/crypto/test/data/openssl/dsa/openssl_dsa_des2_cbc.pem new file mode 100644 index 0000000..98d3682 --- /dev/null +++ b/BouncyCastle/crypto/test/data/openssl/dsa/openssl_dsa_des2_cbc.pem @@ -0,0 +1,23 @@ +-----BEGIN DSA PRIVATE KEY----- +Proc-Type: 4,ENCRYPTED +DEK-Info: DES-EDE-CBC,89A720DEE88FA71E + +ozUacsBZx7E1NCxbVYJJHQ0VTWl8RX0z/JzYNP58zcCIi3Cab2qlUshZP+Zb0Na9 +vlHabEqQCGsP8uLzneN6LDDaLmf+ucxKvCRrx5h8wl7DQcA5cAQhGofZuqChPqLj +1lExS4ZaAi9lRL6aZhf6rgI/apkj+9Ky89sOqJxNhj66NgoOOh9XH1Uvrffv3jT9 +RxeVv5qYcAgfX4aIAM6KjC6iTZ8NyWmIoc8izYQycOsSAn6cqtdjmyc/264OZUd/ +1Tj5PG0q/Kinh9UBJ2F+pQgU4pDlWczXEIwtnmJ2mWyHBe2zuGWtP1uQFUIfwkEz +KDTTFB0lm/00Xts+vGXgy2q+IvhqlOXfCkJGcP+OArLoyE8cu2xU4KS4qXUITSr0 +i3seUuTrda4aqrfyjNuM0tL/cUSEuT7aSlKdqSmRtYl9fTsmbCbndLKKuDJnxUrB +ocXfuCEZNMQ/q/8DvwIX3l7RRIiJwqEg5+Ue/s2FTFJh4Iar/1gNQSApwToFHHhV +XOU0pLY899B+1z10Nop7ELgJEKBK5+zMMBhB2t6nlMU3YojAH5qWEPa6D2Wr0Wu7 +x4DHqk0wEB6cDZ0PZGlWNOBP5bDB85GehAWKy73A73wYZCi9eCQnLh1Zjcjl+6T4 +fli2K+944sUKaUnY8sVT/20aXm1CRqNvgLknZMsg/eGZWX5F9+Jn/MviXmsH3LfE +6VShEkNTFEsRUqF44Tvd2BZ6pObDPRDOkMgapzqdubujUesvb7LU3yNCRPBPngRT +ZTXQynnbH0yfnFm6+0BYWtD5NeIzILwZfS6IRMSsCBMas5rCc7O2Iv0yhk/8K0f1 +Og1YH7pctbz1oAPmN/EgKZ1K36GTt33zfrwHpmKZ0jOWF90BQMgZ9dL+VyOMJYjL +MiyetxwDdiP5TUUAKxXdr9t3AvxVPxL8aVjLb86kJ9HD+IgWUDqiROe88sD30Vww +7R3sQhhl7drDGwUBj5MLCVhtE8Uli7HdaYC5CvuvlCAQN871whhk2gN27eqp81ou +RB4kNaDK8qSn83ISnueg1jsQhUGy6B2Rx+rePxx3QwDsrMGf/u/tFJ1VcLlhmOJa +svVKTMq88OAnZA1Hg6QlB03obSF9U6lJ +-----END DSA PRIVATE KEY----- diff --git a/BouncyCastle/crypto/test/data/openssl/dsa/openssl_dsa_des2_cfb.pem b/BouncyCastle/crypto/test/data/openssl/dsa/openssl_dsa_des2_cfb.pem new file mode 100644 index 0000000..edd5d8b --- /dev/null +++ b/BouncyCastle/crypto/test/data/openssl/dsa/openssl_dsa_des2_cfb.pem @@ -0,0 +1,23 @@ +-----BEGIN DSA PRIVATE KEY----- +Proc-Type: 4,ENCRYPTED +DEK-Info: DES-EDE-CFB,AC1BA482ADC9EB3E + +tPu6t71kZlKyKaRiXgAMCmyxL/P6dVH/sPVY3KDFI0FsAGoPZaD8s7BkLLOy30Y1 +66kmaaWiaPjQN2g5zMrszrXh4AXazrjMrmIJ2NksNXz7aiySFafyYjyCPA+LIu/n +KnfoE42KYEmENgMSUV9sh/nlwYS8I6LWva384BIWaG3qnFgfZ4gwgiI/R+1/lPXa +olOpnI5szYMiV+som2E+I8lgd+Ahf2rempMnuwyWTDmUvYWwst7F5bz9XbmJyeWY +HDDaTPy2Q1yRYBRvLTm64iA0J9j1TpJnSNm0uIRTVOEIZfOwOx20tFjo7RREunAx +mEm+kmn4AIYhw5RQE5XQQvD42X4MLyc0M94k5pQHvgJFypXeJ4VsH8pkd4bqfy91 +qiPiKdA7nWnbedExwiwSPOhjOLkmQrXjsMVmoqqexhckJfmNOaXYtnQ8cZc50HjB +6ccsjyLdQbLx1KT3e/NgfH4VxW4/hbbt3p0HMIxTnwt2lNG3AoKmLlOYSecuA4PB +EE6oOauIKyJM8pwMV0hfBQ/MUQOnhHG+dbTn0kW91fRZiVPPvJiJ4NmEwD3ks3jM +pLYZRot1Cd2ksJ79G4NXDFakB2bZ8EwtlQUrQHwW/ykPwiwpqCCha1PUzgsmG3hK +U8bDWWQMqXtpSmItno1mF0H2TZzdbLpRAZe2lu8/mwww1qZfPE+MLPnCp050+BCw +Hbq8fF1WVpJvsE5CKzi7Ll7bSrJ6BslrlzL4mFnnGmuz/mbBIL0MO24FNyVGKQlI +hEzGu8lgp53pG4oSUZ+79CWBkn8mesk6iEOWcFojLKrlhnxZ7mDxBYfDp/2Bmna4 +lFt53zmQHJeYiO4J2TEXOQxvDWvcOK/SnAoLXEhUCRP9vTQm2Ahj1QMmEVvEybOd +mRpcaJXUOgirS7Ulwc6ZhW7MoFFnS3UluI+gS0oXRW6hCm6l9poDem4etU+IsG2m +4k6MoMLrak9lSheB1uL+xC0S9k20CZH0X8Hj5atb4R7T5+lTle/fVw1RGdfil1NK +/ytD+CLpSV15Z6VGVGlzfXTIXYgCIgbZpFxOZk2tsdUm0dPBjR/ZhdUh4ofaxA8K +jE8HLuW7kCkvmEfdsJxuRVVQ +-----END DSA PRIVATE KEY----- diff --git a/BouncyCastle/crypto/test/data/openssl/dsa/openssl_dsa_des2_ecb.pem b/BouncyCastle/crypto/test/data/openssl/dsa/openssl_dsa_des2_ecb.pem new file mode 100644 index 0000000..35c220f --- /dev/null +++ b/BouncyCastle/crypto/test/data/openssl/dsa/openssl_dsa_des2_ecb.pem @@ -0,0 +1,23 @@ +-----BEGIN DSA PRIVATE KEY----- +Proc-Type: 4,ENCRYPTED +DEK-Info: DES-EDE,3D3D716B17DFBD33 + +XDCVsv17xsOpLWONR8xKRYxnxvWs+bdU+2XCqoqH+cM/vR4+g4lqSPSAco0/LkyX +q0/C7/BE7mN6fzUMiECYUKS2c739CBVwDJZJBVGbMNFexaQRmlSxqhmbQ60oalaG +HZfpCLLHQvrOZ3O82aYuEfsbqJTEPkGm4lUn/5psQwudmu4qyv8GFR4wVpNcg9JB +rDzesxi1aU6dgHSlLHrG5ot+lAITh40SCBQdwkcvixyDIi6l4FX2AyNrcQYmFGp1 +C3XaOn74ADLyo31Iy6rCb0KId6J+S+1aPUW2r1Xb6irI13/QYzIe8/fDfuyV7Ofq +BKtHdu/oIfzl2X8BkuxJ0CEFxyyEE9majfItPnUEjX0Sn2PfOEwzq5LYYExpNuxe +pHr9gtB+hSXC5t1b6ifv9PHErMNmBLdgLX/FT4PuL6URrn3LtydPcfW6XMkHtGgH +zD/nnn8Kl1qXmkRbWHbREcOJB/O/Q53UwD26BsX+Sjwn2cfsgwQvZFzvmq/RwsCg +Ej9FK80Tvn3ce+Kdt7LGUc9+KaH1OIn7qLcYu0Fhid/TzPCBPQffxpUJ1HylDaUz +v1txJe3C//rg/42e5GUlKqf+/nzCmQeoaqZDG+VU3UKlngIYitlpwEq5fq/E8V35 +JeuHzFjYj0k9VNsOHY/4AqmEm9qi1yxb7WGINsysO+29RvfRD1bm2Zqhi/Mg7YBo +8K1GowhW6uGFf+VCPORihMIxoT6xBU4xn2kX09EKrVdekrAi23QzslZXM6Ze0fxH +7LlktJwah4/QFHwB5qXwmHq3lN4Nj1id+CElVZXjvbKvc4+mRd7VSn++05IFjTK5 +2r4FHifwpkGASJtVbF/7ZseaoOz9sHARx/MFSUp8kRZjOCzstWj6I0Fou51BTtRn +1ZCey4e1eKVnV4F1XNdo27Aw9aZjF4Zn5hZfUPuUYBwN3W33l8FXRdYEoT/JpiQO +8LS36SSZGVA0c6nanZoeDZsrPNtPJa8ANHR0QMwBDOwNr22uuJEG/nLvBfquG4HL +Iy7nxBebe/0MXvsxK4OjjDzmYQL2msMlYffOABOVLCbtaPC/HBKUcmcpZ28WAzdN +ArkPEcJFTgzI+hCAVG//uV59MkDnUZ+e +-----END DSA PRIVATE KEY----- diff --git a/BouncyCastle/crypto/test/data/openssl/dsa/openssl_dsa_des2_ofb.pem b/BouncyCastle/crypto/test/data/openssl/dsa/openssl_dsa_des2_ofb.pem new file mode 100644 index 0000000..d06c31f --- /dev/null +++ b/BouncyCastle/crypto/test/data/openssl/dsa/openssl_dsa_des2_ofb.pem @@ -0,0 +1,23 @@ +-----BEGIN DSA PRIVATE KEY----- +Proc-Type: 4,ENCRYPTED +DEK-Info: DES-EDE-OFB,0472499818A0CFA5 + +A+t7NfS0c6IsREc9+AzXRaMGW5GR2Ao+WBBxXdxNJZ2n6DWTcNHYL1VZsnVOoc9z +N2PBfTjYQkNtehp4LDnypbooUI8gJ98T33PLkJ0/L03fs5iEiULcrpBLGc9gsNoO ++f0JcI4xNfE7bGvtveliBWBsn6KeCdwrdcOXziWGQCge0pftf7m4HZ/t/0ISfjXK +x3ftgiwrvLSnCHfp50xXdN4FGRaIj/V+C50efu/hkAaZ4rCcTxgEcvi+TKdDjmcy +MfxWmUmeGiT0MRongCZB7XH6g4sI3nwiDASLzvZ2dBysLD0wOhR+g8yumSH2RW5V +rTr7JQANZzdZm4MpOv2fMCHzDcKEtPd+OlYMHegwE3p0y4CLeYByT4IdyKHVLiWx +lwAKtZ15VlREgXqBIgrtG5ooEIIjdlabIckAhRc5yOX9sXsMePRyPgQSnG+nSbQ7 +6Y1l+3XueWXjsnr6SIXI5wbszM+TFbZAU6d9tb7B63R8ancHHSUgAbmSL7QpYZxD +oNYseUzgPv62oMbX9VxiWJ5ZgwzS+D0zGALw3Tb/YVTxI+/VZ58ITZ59I1cg26HT +H3P1thNPIee0zz3zewMdILgQLh5RWkJhn8/oawDhVVPBba72uw2nGF2aXwbLWx7G +eJ94GeikGHOJby/J4G+0D2lLlI90jP8KB2fVqHxENGKSMLjZFERGvpiPTgHxWcgI +SS3ORTxuJDzqG3qFfMhFwQnq6tbOsny27scEQZeNMGecfqGLWE+oclqfKKDQDm11 +JUQnsnFAT3cNFyd2bKefeN9co9NS1UTUw1m3gDH29kwmggFLwSccTFobrIoh5/le +qiaHdEdmd1Fvp2nMAVufwmb6G1dizT37benyr5Gzc8CHZUMibFEIhjkmG8RQ4dyb +Byai6j2gf6rzsbKiVtKqgCgMCw5LG8xypzitCBc0+DsYBnlAyS4hXYm41eqMtMsF +vrP5uS50iDbAMBjuIpWdlRewjxEqiLPZofjbMGwbrvDu45LQ76rwLww5OUj6567b +FJRcXQdyt/bWqB47GnAZq8NABCtY9HG77nTgqstOqYOOsdkuZC33JHAwTwa+b8tq +2Y7Zo35CmITqLxfjr2IT5Yeu +-----END DSA PRIVATE KEY----- diff --git a/BouncyCastle/crypto/test/data/openssl/dsa/openssl_dsa_des3_cbc.pem b/BouncyCastle/crypto/test/data/openssl/dsa/openssl_dsa_des3_cbc.pem new file mode 100644 index 0000000..f73edf1 --- /dev/null +++ b/BouncyCastle/crypto/test/data/openssl/dsa/openssl_dsa_des3_cbc.pem @@ -0,0 +1,23 @@ +-----BEGIN DSA PRIVATE KEY----- +Proc-Type: 4,ENCRYPTED +DEK-Info: DES-EDE3-CBC,9BF24F7ACA100D50 + +71AQTQlq7BkcUMR0+Ghc8O2ykT347aaFUD9BYHXBW7SzEq4th3itEQQ4QxflbgR0 +2XZQE+dNK+s891XnEkf+8ZIIQc4LKr4m3P1t8UeAQvMbHRfAQ1u2/fMf5xwYMqsW +BscjoQ0lFOcb69nb24E4taRu+MRDF2+eah2hlbHGbsTezIm1VzFRX2C4mnWyfffX +2WyJQPlZpvOY4kkv8tRvW+nbZ0P7bRjjxrSbCeUVI8X3m0fiCJ0fMVg1MMaj8JxD +AgIKBBIJV8SYRw3NqiGk/mIlMq4Qtl8PWEFBRf30DRD8RIqOO0yV9Czu/u1hcmxN +x1/ZExbwOFAFwE/GU+NMegFRXC4toNIU2Xo1C84URpAvVAwwe6SiqWFTSTEHnRu2 +N/tfJlaL2yFrfRnp6mcNN3T8Rk376skXk1zml8Deh6rNU254yK2CFRgm+79W+CeR +Gb1wxDw0GQ07Zr6/hNBfpAND4qEdyxYAfJQYOCufXiFFxWp+99TGKN4T/+Ab5D2j +zKmpYFPJj2vuULLPGIJPnCVNjM5v2KwbFY/95Jh3JEF255TORfj2P6HETcjZr0pD +TCk13jxgKs3mq98Vr5LGEJ4nUcm4GoZayIbeaM7heJTWmvQyP6PRZIDWi5mHs7K2 +wGUrutGZcxzLtaQkavQPf79xt+0CI9D8Nuz4FrKMS2ng+rWLzT3be46f6hJaX1KP +cy8RLQfaWpFGBPHr8UKhicOpdbGjxxfBUM7Jlg2o1hQIWmSuj53SygZ/EQnqBV7E +GG+Gf3RDl1Ab9ncOr2WAA5TOQ/yVBEYXy2W3TDmxuwf/fWvwF2z4DLq/J7pieEM1 +b1IuOlcDWNu6eKAhsrq0t6I/wYNB/7qOmIcMxn1dzDHjic3uO65IMH2swXmk7tuZ +ExdHGutPDZKYG3TgMyMYk3W9YeoEZAjF3TodOYNpmtaDmftjIuxlaYzmtkQCFHGh +cRlnPXJwaExSYrySX+1zsuqU2QaLB0AyTlAgkUdiLQOzfmHtiHt4Pgyv/o1z/PgJ +VTVyu2IFh75H6CnSQGgNHIH6QGN3mcMIZQ5G0U2r46X+7+nnodOky09H2Gq71nQf +vSk1M2ZoaOuo437zG8SlEuPKimz/d+PH +-----END DSA PRIVATE KEY----- diff --git a/BouncyCastle/crypto/test/data/openssl/dsa/openssl_dsa_des3_cfb.pem b/BouncyCastle/crypto/test/data/openssl/dsa/openssl_dsa_des3_cfb.pem new file mode 100644 index 0000000..eb957ba --- /dev/null +++ b/BouncyCastle/crypto/test/data/openssl/dsa/openssl_dsa_des3_cfb.pem @@ -0,0 +1,23 @@ +-----BEGIN DSA PRIVATE KEY----- +Proc-Type: 4,ENCRYPTED +DEK-Info: DES-EDE3-CFB,DDDE26F919588654 + +ulZ1WOcK/yY3ugpb4uN9s8ejFImurz+p4en3zaCfEMdv93V0JT2T/49e+OvIMaOz +4ShAD3AO5zOXkZd5AUDI5Oi7mMIH2sUmhiJ+0xZMWITbAduYvt69lCGFchpQ/YRD +G4jT1PY4WQX9o7nN1EYyPnH/vx4Rk6lnOZz7UNpK51SBSBk9lkF/d3bH3J2+pYaN +G8VET28OIVTs4nqNdu8nxoE8u/Y3aW3FVsFCA/ZhmBD81Odb4rHAHCqJl00ApW91 +nvpTkTjfF9+EfdOE3mfLA4R7CEVWaqnfzvNrVCOILs3qSFGKbIBPBBBJbc4d4pEm +G+8g5gimV+oL/Q6njSi8s8yV1WWf/nqK6EKd2JJglW700V8dbGHjhGChNTM4Px+C +RfTF+kXcQZpcsax5ULUz+4KKD2Ub5EcWumg+LAe36VVTz/zDTxhTzsm0/iN68KTM +jzKjIY9PkVIhZikVkp4s8pL97rL9Tota4OGMacPx3C58MSwJSg7fdUehAcnj+GC6 +Nfi+iHxVpJP4QnFi4BotFxlb2FoVhoh51YdaUehqD0IsoBxrQCmT8nVaz9asJMCY +CRXNO/2pUpNJY0iGjHfvdmT/aRf+gmat41bX/1r6Xxujf09JF1iS5v/fpYQsshZc +N+xysjZ8Bps2Kx57XSUTz3NrwMuliJgw6ZbDYBHGSSl2lueUanNArE4iLakuf5BK +zuf7iVNTZEww904RhnA3HnivRH2b+Q1mWxTezSYZTs2Qr62mJ5ewiFjOlv6hPUfx +T8/ka54Am8dHsgc3LUDK4pFFR0Nk82yU52FJPbGsggKZAde2tUnDgup6gNmzEjA7 +rSWxEfg53fHda79SQzrKaPGsuWr5b+cl20rGycqN54qZafKFah2tfCzgGdVZG+Yn +Wq5wvZK7Elmjz+URvKitFhw39yscj4TLlEQ3K/jZVu5/lsyyu3imiUholwMCSuhV +fg667XbT1qSw8KPWoloOSDQr60d2cK8Olg9DjfMgqmDxVHMuALB+O/dhJq4Jaa9c +e6ycERign27Fv6j09/aAGrsaB9gMXCOmMhYGSoBUptjb2dx8mN/z3fEG9ykvaDiq +i1+9GnfRKIYzfxTa3PCpA0B+ +-----END DSA PRIVATE KEY----- diff --git a/BouncyCastle/crypto/test/data/openssl/dsa/openssl_dsa_des3_ecb.pem b/BouncyCastle/crypto/test/data/openssl/dsa/openssl_dsa_des3_ecb.pem new file mode 100644 index 0000000..1dc8182 --- /dev/null +++ b/BouncyCastle/crypto/test/data/openssl/dsa/openssl_dsa_des3_ecb.pem @@ -0,0 +1,23 @@ +-----BEGIN DSA PRIVATE KEY----- +Proc-Type: 4,ENCRYPTED +DEK-Info: DES-EDE3,695F5DA31042DDE2 + +dzOyRB2M6CfzgilwOWNhrea/0Zt1EmJSCDPXO7kQz0LpP3/keHgFL14NqxQU6puh +gYn8TKE+H2f+l8xoNhT6kdRI5OZP85NlC/RvzcIPJkriBgMeLwsRCvhxg0EujRa8 +popm8yF2E8N9YPdz2CcrUW0mttVYeSy2YO/pi5rTJBeqqIjqFYjHPEmlnoNqboQk +aflRKFw/rZgsE4gzoMKR/yso/GmSIXj48h9G9CyLWPFIDi8LdiiBG62wxK1TDFDI +FIcU4KY8QyHSYc3DdYJJM2kXxvSy5BxbvWkD9cZS9+CuAvDyGI9dfF6g60f2tCA2 +AxIHRn78StCNbRN1xBfkqw0BremGo8G3H8w6FrdeS1rKzzYqAe3XhDO/uN/0aRAz +Yact4CIYbZgMRhTJh6YhWma9UfYtxslmTNkxmMptS2SvOVSbhPFSQJFIVWaN105f +HGmLwoRwV+Xd7nLX5hcR0Sozr58m/1FYun4c4797/bcGA5nDKQ9+u/GvOtqGhIU4 +EY5mkMhqt4MdDdKozQvATqWeSlESIFBZgG5sAQWuRJ9g2Pn1N2GTveY0ofIXV575 +WsharLOALP87zUur0E92LoBrbFAS7/nJ7T7F1Ye8ZoG88qs+vJy8SUVCrDjUqfgL +90YHTKvmq3fJ+DO+40pLU+aiRBPin65h+5J0jW7f+eGpJV1S5dxIYKW0D1+PgcP5 +URVYuN+cGWROH4DN7zyIFPh1lls0GtAf1to+zBy9QYUFAjt2lB/oL/d8RRso4rHG +8cUdXilKzAApI63nq0pKN2k9hAH5wGzxg3vWJCbsrXuqExsgZ0EFLR1IOX5ISCCZ +g6TKiLDDSFBfWKTsix169JzCCptFwE+u8lY1b0A2ApCClXeS5+HvWlC/vtkuqCKj +V51xSR7ltzosktG/gSc6wesbp0RlldK3Ee1l5Ld3sgoxFZd8aBuMVVfvqz0Li0ac +883Yr9+nSvc9WspdytrfjcbUxmWtBxsDtVqhuIM4eNusUPY/L6FJhfX2kgjc8RNf +MNJXiMOaTmQfVCTmKZDF1EN+4IZfdrudL+UoesTzasdlDXGKc5gCecWiQpn/hKto +6YwKToh84r1R4gDcQGM+DL6wa1W5bVbD +-----END DSA PRIVATE KEY----- diff --git a/BouncyCastle/crypto/test/data/openssl/dsa/openssl_dsa_des3_ofb.pem b/BouncyCastle/crypto/test/data/openssl/dsa/openssl_dsa_des3_ofb.pem new file mode 100644 index 0000000..86f2019 --- /dev/null +++ b/BouncyCastle/crypto/test/data/openssl/dsa/openssl_dsa_des3_ofb.pem @@ -0,0 +1,23 @@ +-----BEGIN DSA PRIVATE KEY----- +Proc-Type: 4,ENCRYPTED +DEK-Info: DES-EDE3-OFB,BB994897E99A8F6F + +Gx0S/6H98EIJK9lM7TBQrFejxjBVE0kcbBTVNTCJCuJ1Ik0s6+OqG1OFOLdXJWva +M+k0WEWKhTAXtrrbzPiu01u+OVpIQ3xhgzt0rcU8UigfLLvMdqXoyuUTzCYHBraA +ByJ0+Z9nK5r/OAJkq4gnRfhsDajZgOy8rZAdyIui9rom5emcx1GsnpW8WdRCuu5l +kHEyaG5nHtUyZobZk1kNbkqelByCAFndV/eook4kycEytZWNPpFP+tUaXma92vDV +sg3h2qODMr9ElrbvKYujOuFoO77BYM4oxlE/WtWpD29hmxaIgmnlvwUI7HerpZg8 +DbKYV/8ncRolxoE1GqO2dM2nLKaNKra+n5REJBpUDjwe/eV6dwcj5Uvk9nocEt55 +3qtmPbevuXga9mL5iTN8dm5RgrkzCX4LBu5fB3WviuseUBAqpKgq73RCutNM2gDm +5CkV7Iar6tV+LgiUcgoo8RAnJbysFT6jQkGPYhABFKzdzrFFDDQUBpcLo6hgHpyb +uQqjVXR69JFxdQpJSuc6cH60jzRQOvgwpCzpRiJL0mgXNXv51K87ucEzM81Z0UpG +O4GYnsbo7PQfeLAE1PjP2B3xj8kgcRxWbHkQ/vIHTEAtJcXmAquULi+mNKAFb578 +qlBs77sLICgtpqBUzfoiH1ozcKHOJ3XB3yPYt7WKIxn3/rwqrgRDrPbyrrDmV+FC +veepr8m8ZssbZjKy3z1js+jcvjKJOY6U/7Uc7IfZ6AjBXrkJIDEtn9RPoexG+av/ +P/LDsCF0ChhP44KZi5q5TLNvAmbvNL/7oogaSq9nw5hJYLiu2gScOAAv1h/j9yhE +f2mz/xTHjr35m3Ax6wLPk2yS53PATS7XXQtWY8E0LJz7gOkSDvolwnyc5aRgS9WF +H8DyqWi8vYzVLNd1qM1mAR55qrVhWnmlDmw+f2OJmP+6MNAoptW9nsUaeOk5xJVy +QNSwJCjzp6ujIn5UhmrS2u59HW3hiW0J/O7aalBXYQxUv/qllKkrNmX8HlB/1r2C +IniTw/Rd33TsNTBx8tqq9IpnAG4s51xHBeXT0+Sd4zNh+fIqAYLNuMllHMlM/oFu +A7+h4TYAxEccchEha3GD6CMl +-----END DSA PRIVATE KEY----- diff --git a/BouncyCastle/crypto/test/data/openssl/dsa/openssl_dsa_rc2_128_cbc.pem b/BouncyCastle/crypto/test/data/openssl/dsa/openssl_dsa_rc2_128_cbc.pem new file mode 100644 index 0000000..8a7d018 --- /dev/null +++ b/BouncyCastle/crypto/test/data/openssl/dsa/openssl_dsa_rc2_128_cbc.pem @@ -0,0 +1,23 @@ +-----BEGIN DSA PRIVATE KEY----- +Proc-Type: 4,ENCRYPTED +DEK-Info: RC2-CBC,B0CBF8975CC514AC + +eH3gBb3Shpdi9fkBr66H3xWR0XnIrKhPU1KABtoaYxE3N7su3duXHlx4zpc3YyO3 +s2YwjN64PdGYgFdwrznf97SjdI+MSJgu2wMxxTwJwOltEPBdbvNWEpq8SLdfdlDv ++zndoR7YnMIhQPp5Hch07dhwpY0hn3RELxYf32ALEbe4+xG8/LZWUBoKdgOn+trk +1Oh0VB3eupjtsdxDWMMN3Ar+l/1AfdBoaQcHg3UdO52U+mTc38QAaMA+9Gplkz+Z +YwjWz4tyltvTDWGAYGuhxTPVt3IoSewGVHWxKezFujNEhj6wuJBTlpN5T1pALfbD +JUiGEmBXOPcxwa3QKmVKJFcA+p5eOYY15sqsIhcaXxPgzjO6JQWMErkaOnyB9sHg +fQTXHwMau2HqzjOM8Qa/lQyv9nf45IFupKoTT6Kja2WzAVxd9KGW+NZSAa+okRSr +GQrsXrJBFl3+wKpXN3alj94GK6aqCBiyd3d+pp2NyM9TorZhfWxbQamPmQVaU4aF ++nJjB+lW30wPZM6Ik4UqsgXolYXZCtV4cOaZ7g9ub2AYmYCA6yIagRFfjuEs0/f2 +MNN+qu1Z0sg0oCCpqO9kVcnnC4jIaXvU0egZVlGZ51GP7iR5VsLmi3VTbebnsvT7 +x8XYI1WHYuANsSBNRJj7vmrolzVErsX90FInNcnc7o43KQGyeR4E+vSdqoLHbk3A +2HL9YLDV5cdvGafL6faVKFxUaA5CWCFVtrV6MPJAm/xWs5nu3wr6aNsDk/0R4mqi +vzQe9EjkMprrihpXqFGpTaehJQFgLaE3FwnxPeUFawqdKIqaKf+stx3i24LkDSPs +ukLiYS7cPcDYXN9kI6a0fqGtT/gL7NVa/jxsrl5+da/alvm/Ai7TJsUUi8dMzqIy +85Hv6xWyPrwCbar4Ehq1CopxWvINo1AnvajIkBHvh4EtK7B51stOO6yNEV7spYxb +nze92IMAtRNWO/yp/p/nccy9PB8/e2v41T8EN4MJuDxGX4k4cG0k2IGzBDcBM1pC +YfmkHzMBGPsq3CQ85balLEWQTgR5nr/8+TabxyloED/Sw7mLM4gqMmn2KukzMxT6 +qeiFiGtmv2TbD7OWkaLj1Mth/ns1Of8U +-----END DSA PRIVATE KEY----- diff --git a/BouncyCastle/crypto/test/data/openssl/dsa/openssl_dsa_rc2_128_cfb.pem b/BouncyCastle/crypto/test/data/openssl/dsa/openssl_dsa_rc2_128_cfb.pem new file mode 100644 index 0000000..acd0a47 --- /dev/null +++ b/BouncyCastle/crypto/test/data/openssl/dsa/openssl_dsa_rc2_128_cfb.pem @@ -0,0 +1,23 @@ +-----BEGIN DSA PRIVATE KEY----- +Proc-Type: 4,ENCRYPTED +DEK-Info: RC2-CFB,CB9482EEE6EC0DA2 + +Bo62wJPRVVYQKoP0egdW3dLX4yU/Dbkx8TtIsNxNFhdwpGWtEGzervoU73+6aaWF +LME/HVPUh+iZPKh9HuwSiP0GtwJzCv8arDp09mxGJ7XFcqz3AS7T+K9A1OclVa5o +LwQ6ynBtCsmgiVlS/haNjeONqCtpy0kERgathUclwQCLTnQBZmu/l2Pk8Gdtc1Tc +osmKc6BDlPOyofTt/UnrhVuZxasrS7tKEnVn/iZr5mjUZAqmC2mJcWT5YNahJpfO +rawRjukIUOm0feFwov45+joTSIGDsNTYD3OV/+BF4ZgBMm33ApAE31JFoweUcI03 +2l+WS5qtmcwuOYGp0Np0BWg09KVwNbIghfiVUEjnqy55PCVOFH1RZrmHhPndCvHQ +BwAaac0yAtd5vFWjeUf+pTbDmkA44g5f5aO9uQuB58WWkB8JCFpGZLizK4ISy5ay +dE8+SjVGiMSZBDfAmiEokoYymc7L8bkTIl5Jo4TuMmtFcHnfohZd6Nue3aRzNZHJ +E/V81IxIytHRlMl/dZjSujPw9FgmXSip/U1s8ESIVOVoy93HnaifgRfkkGggxp4l +S8QqBvJTAJrQ9ygO3PBjgdKGi1XWvhH1Y5EwPJ6Wor4zzltftELEs1O9xfBT/zeV +GENfUZZU+5V5ICm4K844WoiTkH5OIWAi/ZLK9XRqchaGWvMpv9UwBy3c0KOx1O4f +j1/8pbXDv1iey2USNL/Nbw3nanIG0dIbUZ2g2U/FeKtfCfVHu5LJY+v6njKl58X4 +mthqvCZyyJy2U31MYUUDN/lgNffwLnzFc1AxYyxDZwviKmAIN+Ylh5jbxuElCS1T +bpVd1+4aber+qv9Ar9G/PJEt9ZdHR3RB/tsEXv7ORke+fVzlKFQu9PKo4k25U/mn +qfBcwlut9rMu19xsjbowqHyYJbenyrF55d00pp6P037cOKLStJECtpgir6HgTpo2 +Oyavx3OIH7ypvcyaqhFUqZI2EiGOdBwbSBp/jCqOrnAwTKo9uMcnmrsKj6EpjJzO +VGK0DoieTEQ9VzGbqZKK34NHidE4j/MYW9lGKAADSy7Ey0CllvumHiICWOn9aJYy +ObB64C3p8NFEcW5SrTzPtXeD +-----END DSA PRIVATE KEY----- diff --git a/BouncyCastle/crypto/test/data/openssl/dsa/openssl_dsa_rc2_128_ecb.pem b/BouncyCastle/crypto/test/data/openssl/dsa/openssl_dsa_rc2_128_ecb.pem new file mode 100644 index 0000000..1ded3d7 --- /dev/null +++ b/BouncyCastle/crypto/test/data/openssl/dsa/openssl_dsa_rc2_128_ecb.pem @@ -0,0 +1,23 @@ +-----BEGIN DSA PRIVATE KEY----- +Proc-Type: 4,ENCRYPTED +DEK-Info: RC2-ECB,4C5CF049EFF2E116 + +M9XRNeRQW2K6U0bfpl3axdvsuTmsiFLkZ4C/76MLePY0HxePs3icSW82+t6awIpG +gHfei8zevNlF331hGPW81XZAl8OaXWi+iGhIfKAInLKY//DBVI5dMTQUKTwBa87k +oby7hLD+V4lVKr9o/tf2A43QjEkScVlxcofEnWUG84LkgXalsloaIAt7iu4qUMTA +C1gTbkwex6bId97wvPQLvhFiOyrpsi5Nm98vEeJwMdb6dMNfLAd3Stjvhh5dGGaR +BsRwDqgrkycYj6pOT0Zvg9fBxwLYeMk7PPo0bTEdY4itvpHXaRHcogsBJ62qnsFM +mxk1opz6U0W9xKSNTCwLzg9xinRPXGDP5jz0zqE1nlQ1lrsPcsY+omKdaL/SGYlN +vxDbm725eOoi1H0jsTGJsgcKJ7sKd6LTUEIAEsUvRAN+ro2zLhxteDP+gpCxTNRr +ElOLddlDm6TB55lBkZVrH/0k/QQQ+L0lBi5Kgg/hE6oanMRGeKQvxhxRuBbK6tZB +e0b0lffgZR0m49i3A+fTxa68lb6Lexggp6LAkheh6qOVAzSDWbk00fJ9SWNWO4oC +9FNqu1yafLt3Xiyqv7iD1EOyGhYF8NDvbMpu+gM7qwbTPMjgXf9N9g+AxSbvrmHR +5zGtJd+8BtU+139ZlsEv+cux1yxkYEypKm5MHfaa783b2zKuyOTMgOStvSOUgGhz +c9dlWYPkgdgRkAMHzfIigHr9rQssde7pR7ZMlw75PxI7BI2ZF1Vj4weIkwH0SKFE +fui/C67Uf78OHx4cVPANDk6cf4Ow8buH/vWjEX0p/jpOfNT9ZA6Otj0CyIQ56MjU +L4nwFU7GqCbVkJtsHLI4sZmP4kH/3zuqVtwRTzQbQAWeTi6RCSwa8/amAStTPcX2 +WPRezgAtNzS1MBhileGuTP+opGdGOOp4AeCCJdFBzkEacRXylxdY7PUsCZI7mRSZ +7AL1n9jbUbbgnl6zmqn7fybigjaTpLNSkVPOvVBxnNXxOW4n2HD4vA+q3a4d212X +fWI+/y7mbYLLRs1LPPgjSLfPQ7Ye1Cj4KWy45Z9YBUtjdsEbaaHNp8TidgJKJuMJ ++sDQ3lvtJdIZZy26tzLf3ryE/+2KMTwG +-----END DSA PRIVATE KEY----- diff --git a/BouncyCastle/crypto/test/data/openssl/dsa/openssl_dsa_rc2_128_ofb.pem b/BouncyCastle/crypto/test/data/openssl/dsa/openssl_dsa_rc2_128_ofb.pem new file mode 100644 index 0000000..331542c --- /dev/null +++ b/BouncyCastle/crypto/test/data/openssl/dsa/openssl_dsa_rc2_128_ofb.pem @@ -0,0 +1,23 @@ +-----BEGIN DSA PRIVATE KEY----- +Proc-Type: 4,ENCRYPTED +DEK-Info: RC2-OFB,F01B181DC9520301 + +azqFQnexfYYO2tX4qlC6XLU2tPX5EdwOHsruz4uzVJmYFyRLlrgG57KkahVjWupu +AHkkjhr9d9m/0/t2vFy5JEnF9WWcNA1nxqzfsaIKmnuCULzYzMWu1cFfTV2DZoAn +npdxa/eYmcGRZ0u3aZHRGpGtP1y2sKvWmUInYCc69oigiEn1qyDkRE/tDAREh7C6 +DWRcva94GLj1igIHc61lBugZKBlchv+q8t02Ga1slM10QRg2dgAlF8uCPZe+NLUk +8uOifATkKTsA8OsUgn9nRK9dH4FuZeD64NMCszOw7mYtjJ7YW0J0wYgC9BuEUcNm +QTxellBcs/qSdi4pZWsO9JXxvoc0lTmvoiS0rL+JlB/UfubVQYq+C7ScVJeTUNKL +6fF8hvfQzqDDjqx+qP4SgboAmIbL7tTJBeABnnhCOtaY5vSuT0l96rIQm/EZdlWD +hXKcrhawaq6pqh/mV2S16e2gDRQyUX+jKvumTQhjN1+AkIb7EMR1ZLJFX1l343Fj +5/V4D2+H3EZhbCdkz4uI6I0swDasUjtigcn19kOy5t1r49zpTJ3wxQptLRx4AXUZ +zjVXVebGyFYSdu+Lks1VC9WDeisBW18kCg5IpOz3eo9ULBBQZnzSKS30OXlyO000 +/1Em8FPKSKYeST3SmI1aDObXOG/s4tyKTCj+e2VKROq8hDhJQUYUP0AgYkAnwURR ++XylYEfUrW9v758Kk3u82ZhEen/lLUQhWeXkzhVi44Lgih3Bjsm3jP5f7KO/5KfM +UqECKIHR/p/H/klXPNmdFo919AFGcnxFjQCyhlv0Bl8FSc5FUkRl9TTLu+h5m/p2 +ONV63odsVGt2q/HmL+3hojX/BxSEP/8Mq1JHR4Dk0qqUpSxRtDw0XE9/LU6s9NZp +zm6lkr5E2U6EN677bmem5QoxObNvc88EXGr0EvoWPnhh20lD3vQok7GBucnycoj0 +9NMmRUIflnj47quAGXI6LuTSzKqOOCZC4yNvdyRdil3DgyLLefr99m2WEe0HolDu +pIyUsgHMlZC/YRVzqP/6DklhKDcvgWbBeqqhV1r/30rRkegHdsWiAEjmJadlBrJF +szJZpa9obMH/q0xUH3AXXCkS +-----END DSA PRIVATE KEY----- diff --git a/BouncyCastle/crypto/test/data/openssl/dsa/openssl_dsa_rc2_40_cbc.pem b/BouncyCastle/crypto/test/data/openssl/dsa/openssl_dsa_rc2_40_cbc.pem new file mode 100644 index 0000000..d44bc86 --- /dev/null +++ b/BouncyCastle/crypto/test/data/openssl/dsa/openssl_dsa_rc2_40_cbc.pem @@ -0,0 +1,23 @@ +-----BEGIN DSA PRIVATE KEY----- +Proc-Type: 4,ENCRYPTED +DEK-Info: RC2-40-CBC,7AFE1927D7FEE9F6 + +WgKt23n2XggL+3rzABzjmOq8sdOYfFuuYUzP6UNH3zdXRt/fh24/WRgRw+WCa5/l +3Tt0/spkkMsgkkDwPPVLu0MUhfoUQyErK0F+8HeEdA82C7uGIgst4E2MS4bRXPR6 +w9U2R88xdUaljjahEbSMUG7JXecjL0WG+zLVDpDqMdlKNcMz1tnQbO1JNLZCJlfX +ZlVPslMmTTxs1sqYgDhkAgh3FwSsKMj51nvedVCq2bAtSmgnz/bFDLT4c6N4iLf5 +MXP5ZUMUtWCac1hXayVw4koOkuPELKi2/1vWe7qDWJfqhKmRT2DV0Z1GKPjQp3Q6 +kGnD8oVxbKfCQDI6PSMOeBcWu40Y1yTbBHBFJO5+MdWsNOQI6CZGJCHNu2ZbOd+w +tIcxZZjy5d4uY869PxxVxO8TmCRUn9hham6qfTw5Mmh7bOyxqID3fXlyrcE7KRel +dlL9eQuLcA7wtH5vqpy6V28yWculvP7qmXAGUd1gqSYHUs8kipf46ecFwieCNPEH +x/6hDl38UsuixchyyJTp5u9L5cKPy5PWXv773xcPguk01YhlmqrpTNZsdoJ/CTBg +gal+o01rXd6snhp7IwSAppCPwh4YJumwdPjF6jUlmB/2AStF6kGaOA6BbJ/lQlCa +cHAUaVlTZEyzSGShBGJUAN2AughiOq+2POgr5IgeoC0NL8ieMg7bMYjn7+Np4yZN +KGmT1jZo7OmyVdh9mheahXTT4Axihfmy+uPTECuGjq4X3DVv79OvSFRpHXIXLnX9 +QkizsJKZc6v3FM6o5tbMDbJyelzaj8Xn8ANrugYMC1R4XImDSel6Bgxni2gHuTEc +WrrILWnNSmNjz/yziFdu5VuQmYaJ1e50uenmOxiSQhL+53UzhhGCrw4ooAOSF5or +s87oY1HO2aYq784A5UZVYGA6mYFjDDQSsbwp1LYomjoTrwoJML3P9x5SnaSrkEEC +3Gm0R/t7SkdMmJhRc28uYarO2qdwyBuhoYRxw9Z6bXeaUN2WhJ7hILCL0KKZE4vB +DuKxE/KgD8ijKpkUn+6fizWau6Lm5mqxyMyEDnCDkvlvv7DMoqZRJvVWSddNMd6t +T94SaIiCDOY3SuQCi1361GGbVH2dXH+X +-----END DSA PRIVATE KEY----- diff --git a/BouncyCastle/crypto/test/data/openssl/dsa/openssl_dsa_rc2_64_cbc.pem b/BouncyCastle/crypto/test/data/openssl/dsa/openssl_dsa_rc2_64_cbc.pem new file mode 100644 index 0000000..4a1ec98 --- /dev/null +++ b/BouncyCastle/crypto/test/data/openssl/dsa/openssl_dsa_rc2_64_cbc.pem @@ -0,0 +1,23 @@ +-----BEGIN DSA PRIVATE KEY----- +Proc-Type: 4,ENCRYPTED +DEK-Info: RC2-64-CBC,6646FC6A291EFE41 + +KWLSTeo6nX30rQ3WbgL/13WAEMCtaC32ksYorVhlN4ijjiDu5gEnmfLRNYK4c3LH +IUJawIdZvHSVxjrKNjmKA18w+4kedYCCL9NbNswd5eO18wldFR5NlSI2FGggzANN +OwJoHUOXggYxhc2/xbYHpQpl7gvJqZtAjyewyTDYeTC3VDFoB/JywQ/8vv1MN8Ce +Zx1k6preAQrnqo/LEIm+GPUa9flzWZlCGTIC+obNkjJGZPuUKLM/1TqNsrum33aa +gFwnz//khQULylIRwxfuOMCHTslFmrs/7MLLbJQyTa99S9kc+s2VDlaKWUn0BVe/ +MoCseykcuIcskavuj01SYySJU1YHBTu7RvhuYO8AQmnsAP3gWQUMvKy9aXmzsoC2 +0Nk3QCZiG+1hN423So4NPOh42OWbqrDls9PKhXvQ8H+58rAxW2s7OTN29Klo39ek +w8SFjMEtt9kLNpwBCJrIlolXvhD5WQu6XbqI0CtoOrh2Ote1c4uN88HyIUi1Y2Op +QsfLkKyx7yJcJrz356Ab5lbJKVpKJW+frEHI7rLlfJrj88uzsh1B7oPL/4fhaj84 +vNUfadRJ25ZivBiHHdUTrKk9CLsIDS/1DWM6sDclYjXiA7kgGNwJupOb2L6VEKPv +eimiJ9ooKq00E96Dc8s23FteQqySNaUAcqDnAkS+ck6pXQECZs4uD79k4pck1SX4 +O20OIPo79pzcWrmYOrTIXH6ttOcB3lUQtB1fmcMT5RSJYVSKtgBxLPKhLcL18xfb +1HbDkpdUqS0R/nK7ecMd/LP+UmMKPUyMUTfTUnlXZzsNsgIBkm1eDn9RkOGaV+oc +wau6FWmxVSPs9Inb+7A+B/2bP0qyYnciKX41I/PClKGitm52ScJyrEN0XJhQ0O+C +mPp9weJI3IwpDn/Mc46NQO9uk4rC2P9o1zfJXC38PlEDEC66a1Y6SEQOVN6iYkYm +rVytxWjD4o5vC+GwYJPYrmkOg/SQK1AlK8TSpNC5TeRcZ8YIbPLRfKRUQvUVtFS0 +fyPK9zdariwubkiG1a9/NWCF9gN1/DPKFYy+p5Au2ICD0iTtOND9I/Yw8dqsjzsF +4jhYQ+No+ytLYc4Zo+8s1RO7yduFz7XQ +-----END DSA PRIVATE KEY----- diff --git a/BouncyCastle/crypto/test/data/openssl/dsa/openssl_dsa_unencrypted.pem b/BouncyCastle/crypto/test/data/openssl/dsa/openssl_dsa_unencrypted.pem new file mode 100644 index 0000000..ee815db --- /dev/null +++ b/BouncyCastle/crypto/test/data/openssl/dsa/openssl_dsa_unencrypted.pem @@ -0,0 +1,20 @@ +-----BEGIN DSA PRIVATE KEY----- +MIIDPgIBAAKCAQEAyKItMopMK218pcmy6PkrMVXAv5dt07TdGBuNhVWpQ52ldK9X +mL7CPKpo4Dy85EZRPvRNyOnhe+LRJZ+ReKntpEkEiar/ZsKVkUthPsiUMpoM5S79 +JK8iT8F9HdFjIFKaXGySBZ4xcrj8HQ/v75iolYCso+66Ybgjs9/nsWS0UQyGE6rc +ibx7xPAtcbaGZUBaBtdkNER7+P2ueJwej89aNZxj+AKuvrWrArq6/5zOIhGR12wQ +EQQjj7FQ66ZFivJ/AYsv1yXDS7mZBNp5eMuxk8Kmis/++HKcP7tdbVRnlfTGdBuN +BMyOcBTIsE11jwikcI+KIbr9cEZoaikkm4KyuwIVAP4DZEC+/JZJ0PHSEtJTt6uz +yn1hAoIBAHhLbqDib7zqaFBrNnbaBSNiltY3GxWM6uQT88NH9YWz3wXRb6i4KJFH +9NtLbK0RF7MoQVprJY6LuGQHZ/e61Fs2EabDwT4vB2HT619fVUvDndbuSW6qfUR4 +y9kbG7zLkE4Mnym/ikmUwLABLA67cZUS9yjtcRXGpOkiTAQfCGBeUH6nWOFEaWjI +fGNMQ5awKvZhIvGyN4Zvd+mE+199s/kAsCKFux2Sq9tYw3qS0Tw2IEebHsHvX7A3 +bvxV6p7czVxlO9+O0w7bBTekPpw1BnCYmPyy0H36g/7aF2V70UCWzER8zT1Pfh7d +3P0hLqHYzX375l/7oxuDawtcDAV++iwCggEASajPdllHVQ8JvKdPH6qDkjC5XJTZ +RK46mYm1cCu8Q9Dy9ZfL67CcJBpwKVHNC3sXmk4XPfs91AZf/t01qbMJvCrR8NHs +jRyJkNIaMyDeWcFmO0KmMi374BQpFyIDQ6mK1y9BilneZ6gHDdfHMsKniLFW+SQf +9hlwlArIPYuELu7riJhNcuRUTJEfybDHwM4/ht0IFbyUIFl00mMdTrozk+e/esEs +QdWbx2UBjNs8meZPivFbT2HpQF1I0qZhtn3e7jcR5YatBQ3e4abnu1RrDc73q7d4 +g2SYQK3PmIWwxiFhJQTzeiQtl5rKzEn76knAydOtPVRgjXWzHUoW6Az0qwIVAMvw +thRrEZxNdxELdnwW3rpYBm6B +-----END DSA PRIVATE KEY----- diff --git a/BouncyCastle/crypto/test/data/openssl/eckey.pem b/BouncyCastle/crypto/test/data/openssl/eckey.pem new file mode 100644 index 0000000..8ceb3a8 --- /dev/null +++ b/BouncyCastle/crypto/test/data/openssl/eckey.pem @@ -0,0 +1,9 @@ +-----BEGIN EC PARAMETERS----- +BgUrgQQAIg== +-----END EC PARAMETERS----- +-----BEGIN EC PRIVATE KEY----- +MIGkAgEBBDCSBU3vo7ieeKs0ABQamy/ynxlde7Ylr8HmyfLaNnMrjAwPp9R+KMUE +hB7zxSAXv9KgBwYFK4EEACKhZANiAQQyyolMpg+TyB4o9kPWqafHIOe8o9K1glus ++w2sY8OIPQQWGb5i5LdAyi/SscwU24rZM0yiL3BHodp9ccwyhLrFYgXJUOQcCN2d +no1GMols5497in5gL5+zn0yMsRtyv5o= +-----END EC PRIVATE KEY----- diff --git a/BouncyCastle/crypto/test/data/openssl/enckey.pem b/BouncyCastle/crypto/test/data/openssl/enckey.pem new file mode 100644 index 0000000..137fab3 --- /dev/null +++ b/BouncyCastle/crypto/test/data/openssl/enckey.pem @@ -0,0 +1,30 @@ +-----BEGIN ENCRYPTED PRIVATE KEY----- +MIIFHzBJBgkqhkiG9w0BBQ0wPDAbBgkqhkiG9w0BBQwwDgQIpII67Pp5Vs8CAggA +MB0GCWCGSAFlAwQBKgQQBpkbyKLxdtlBlp6tm6lZoASCBND/h43o5NNNmTXWHN2+ +N9ncoFknxohgShAc8WHKMHt0SCEJab8E2IAxVkYFMOMpvi1KVldcveLlg7hcMIDm +74pJmvXOW6b0bENvPMOxFadzr9NjO7j5ZT81dwNLz2pBLyiUMYElWl0LVnxKThQF +qijJTDPcmTpFwDiUyTxzHxMx4DsoFYQulRBsZbRCAjsFpPM+OrOekSAyQHKMSbHU +LvcdWCrSDRtKOyCeCPbBA4OzPJFyzep6trhbQii6rkddf9o54/oJut+LMuUblrHE +2yMStfW0G5ZyI7AeOxAy1gKG/CQrvFHn/yhtyjkvPa0sYVGtR4pGew+cs9iIsdFk +nXOf9frJMA2agQZKc4+rf66NPv+dxVecm40HIR3omk7EnxR8s6msXOOn4qnY7qae +aq1M7pKNqCu6eW5560mW6buLpOkpm/kDbr4v9rfCX41b5rIRzOdfAt71FSJcHp6K +FNojK86YsNJWYh9pnfDbjEk7346cCIeJVgICGTmL8Tg6TUy9wIB6eKUXmIG3fKjI +Ep8OzYAU3/ae8vdmZqD12l3v75muRPs4bP1RdjaVrux5Xlq8TkzU21ixWG6Odj7I +1jusSUjz16iR29XhLP/HI80GKYQMc2yHWcYQ1YVXyLzhnHYydrqjW5OTKZW01rbe +9BC8XlRzKZJ4IOQMfSiZxcdERtImO86Kprl4du7gvWaTUGTyiQ721Q08GfFdVuAn +OO/J8stTLv2Ee7ugTeAFA2+qpz2vAo5JIPOmqjNqI2ytPjLRb80B3tSVXT41OodT +D4v5YbNpySMDpw2F052Wx37hl2wNxIP98U6aw3ZjJdM/YfLdGOJhdoRTBDAvygRU +Di6F56sDvX8bdXDUZURMg+iMx3Noc5G3TB3JpYunm3BL9lwGWesrkDzg3Vs1J/6c +4AMhAsw9+5tzvyGEDHnGZRg07K0eyWskDK0/Qb+vjSLOj8+QphM+EPCmugNnXRNo +AdslIFoVfrcKruS1/DeSIesXvMd7sj2RH/xYDcAIGzmwbc+Ki4JTPuoZlF3pGMYE +YkkYj2KHjJeX7CeUjCmU9Y7/jHp+fzlKsQAMQLVm8bRjDpvLA84RDJRoCPav333F +YqRciZzMjfx2f6AJTCT+/8nv+DBiWcRtab1u6f+p1iDUa8bVt0Y8PB71gwAyonmY +gp4A3fSilIlKEGsP2Hb4aU9V5vy1EZT0K0PuAY4yxGPmhedLCKdBqOuwQBxsLDP2 +YmXR5wQOsI0dVE8zogpgOGOEE9RXNAf7QV7pBOPNu4HQLNuZi22dKi+wkyMLsIR5 +dGEz7uDIaGQMvlprtOA02RON3gBnQTJAp7E/YMd7OldSBShRRGeIDw7yTrLoHwLI +YnA5+ZwFLBPnOrnBC47CwgB2X/+ooL8/+yigoajZIIE5RvzuKRQGjC/ZgSHXSHrt +mJKGerOR/3+OYYCTctTa3wTPVRc/vB1hZac9OPmnKpeywCJ4Q+jX+ZOhHOM671H6 +h9fLPd0tSE75gIkSuJqBuLV2TB1cp7BTnrZxLywCxC779lZBTVLctXu60kiIoW46 +zgEz1dyf22vfMN5ss0ybvBVCl8ROmrVr8ZWObzkj1MUyifDM8Tayd3uZ3SdHPo8L +2G24+4bjyVdFjUvrBdzB5dNzAQ== +-----END ENCRYPTED PRIVATE KEY----- diff --git a/BouncyCastle/crypto/test/data/openssl/pkcs7.pem b/BouncyCastle/crypto/test/data/openssl/pkcs7.pem new file mode 100644 index 0000000..6104acd --- /dev/null +++ b/BouncyCastle/crypto/test/data/openssl/pkcs7.pem @@ -0,0 +1,54 @@ +-----BEGIN PKCS7----- +MIIJogYJKoZIhvcNAQcDoIIJkzCCCY8CAQAxgfgwgfUCAQAwXjBZMQswCQYDVQQG +EwJHQjESMBAGA1UECBMJQmVya3NoaXJlMRAwDgYDVQQHEwdOZXdidXJ5MRcwFQYD +VQQKEw5NeSBDb21wYW55IEx0ZDELMAkGA1UEAxMCWFgCAQAwDQYJKoZIhvcNAQEB +BQAEgYAikb9cD39oDYpMHzLuqA4BonNpPx+jYtqlUIaJv30V03nUz1MLm7IH7TFt +ZhL6BXAbdC2iwk62KVS66ZCLBKdsqtD3w9N2HtxTEW6AdaNHKNUb6z83yarNQGzB +67llZjeCLeipP7RWIvBZcV0OoqCgLcpZkpZqzrmz5MjxTCmB/DCCCI0GCSqGSIb3 +DQEHATAUBggqhkiG9w0DBwQIja9nGhuQE1GAgghocswhe5MZRov9Zo1gnB25S0P8 +Mw3463VaOcb+ljX1mXkT3fivkBv0plLlmVT+m+CRgczup9p21+t1OqsdaITNIyrG +hYSVETWyFA/Yn7dQupK+cdCaVLKC3lT8f13iPrU40wnbeo4ZKi2vbv/X3uU4fRMZ +wSlyczFozcviUYURtA5MZaS2e6/2r1eLZcUlcZ0BDcuD+FNdryGbKztSWa2ye0Ym +Uilu+GAZr5CQi3IxpRxDqrS+RUQZNllcg8nGZ2UP5W8FjH+Z568NJ7djoziCX0EH +yd4vp+g0LRG2dkhGXIff4ufO2U3QOAgCIOuZmG5YSpRN2U7F6T8W/FwShFO1u+QH +YduA3pA/5K+IDfCbEZDMWznd13lTEZQlLSXV7dLNCqpR30JWpGg956rJR0k2bT7G +KFTXhSUK/Puac5y6IVmJwPxqAkjH+xjXpE32/AcRHi77La3nKp1aQEKo5uHg7HEg +w160S1LUenJSqcmOuk5XWvM1wdsUJl5Qk4m9a0VyovLPm/RrnulMtUjRugxJLfZK +27NivOrLl9h/Wm6BXYq4PohM5d+5zPYqupn5ipKHsA68Ps7rnDEGS3VzOQ32hqu4 +kdm6xI2zLWK0+6mQnusBPO0IAxtja6BPz8vTMlWjZtWZgEIMppQMhQJKBEQG6HTV +z+/gkFds2pFO0v8pLcMBy9+8nqhzwGacymnupXJzB6l3gon2t/e2zJjAPKUSCbHI +QhCjW2JK9tGKTbF40uYMUGMIPhxr7j1u4LKNEhKCNhlUz82NSsdJ00YNQdwuDMWN +CTAE9/STmRGF3ZHT9KWmz5MQECp/pGORD7LtOQslbUYiMH5oCYP1jD8eM+KxCljv +1pFPf+sZdpboAkdaXKcZVnKqOuPBP3Y1jBkLCZykgnXkVbEYM7gSdvsCGK52GcxH +yi/gOhfOIgywmFB3B4Yk4mDtU84WpK5sVlrZ2vZuTaAmOHaTIkVMvkq30F/jpVy3 +OF4v9/EbEAJGv6rqHMhKmuIHP530CKtWkUUfGv7qQilZ1Qi6NyFJJTfb1bhyENJt +j8A1QQFIYHDzMolmUoQgqOXJ/6xc9AtCv0fU2LijLUNFjB4rapJggo5UnZE98+Iq +UAT7tWalpbFisOdX5Dy582hhvcFn/1DDpISXpF0kgE8TV/swkJ7zuu+hO/Yj1HNd +cwG6NC9+wUCjaRqAobBtvPQyK666I8C12pnW0AeuqtznnZve2B0/a83ECS0tUmxC +PO9zv9RNwcakynklrupw7B4PcXEaEbxpvHE+/zNLgfrPRggoFdqSIRFS9xQRPE9T +uO7jEh+tyh70eLqce2jqKpRwxItZst3ABT5XarJ6vfGxxcs55sJG7xjv52xuMikY +gOagSKpETRdkeE1aAmKwpa/vEFu2J4Oq1Aiv+D2Gc7G04cOsdc+6P+N9EEv70v0R +3NA4vg3gTBcO3wxwnJZAS7GwUJOcrqC1cAaQkc5NR0lUx0lMzgWWDDS5qKX+YwIU +7KEQiyhqQ74rkf6hxQyfesaBxqxCZZkikbwBHlDZwoPfwnfrV4X4/xyo3cqCqbhf +FFlHOAXissz14wsTPh4XQumj5RZSnwj8gGK2xou9H9wMrwuZ2eAT/3L3OtbIr/Sz +Cbp8Y95Tz8FgmrJXvygMVO1xv77PA1DzE9SLiLyB6TL8lsxFQ1ZF2D8JhpDeIPpj +L0k2vTrmCgENJ+tCc0ngZO55ZgRbo1fbB/RUfkTRgEKF9WmJYnlXUVoh77kZ0cc9 +Y+KsueEZp1woSTywJb3tc/jXeRGSmcaWe6pa0DcfM50coV0y4lw1ednEV3zkA1r4 +zVtUBw8Xvr9GKcNfWdmqgIJKsQraq6WCeIxCPPJw708+/RERQBoUobXI4+Jatw/z +XiV9SjrjK9nJ4H1YKyOjyz3SAbeYrgdgrTGvkETCPAALb+4Rg1FHymSMfDquwOsB +63Mdl63DIkJpicA6CY6yk/LgOADQzEipjcdKqzQOjlb4hsQZxN83kzGJiWB0qZOL +XVLrGXP4xRYS2bUFB0T8pon0K5qsZ9oKKf+HZaHMYkni43Ef9IRA0qeDl4FfAupA +kL0lLnBjgGRHc6rMBy4qL18xRjTtR9hsn4Z/pYhIgqMm3QEVkK/aOgTOlwXHdIwu ++Hvzx0Y/BgMdCZSlrspPbQBDgrlWzr+PjcjEvDf3LYj9whtRJP5cXVxiYqi/SpCk +Ghy47RfNYfkkJs/gbojlO/lDvM8oo+XPi22zAN6yFLuxr65lJZK7QIvabHvTkEIN +wmpnWcRH+MwcFZO3yKt6lxY7nJWuW5hh8O7k4/oN0pNdGtv1/2XgXFOCREQ4CcPn +Zm/vXULLCCh7oP+RyklnwyedvfeSfY4lpldwyHCIsYyYmfZHMw32zqH5jCnSxZA4 +fHBrblr4Mj/5jyHLUF5xGsJdm5RtDfwJWe6NelO/kJMs35UjA6dhSOfHEkw73M5P +jcRo1OtYZGu19x2QguhILpZxuAvNtLpOt88z3PtsxA6Fc0BGpQXPJTYwtXiPf1lj +fUd5KFsPohPJOIEJAaFHL3GTwmWFtK1dHofPQukiOTb6pC6yKlM/zGWLOyzTM4qP +UvuUSwg1UY8GplCeqhCJNTieNmyY70vzG2CWcotAwRPeVbpa4MEWRXHf9ft4Mawb +qn2J48iW4Zgh82vFHNYcGRjKRJqLzp4VBn/qpRaX+aWEsdXq4shRgFOAOKyQNMex +GZyd9amkblqjEOOEzzxPUdmt8k+QEm+JC80NR2sv1mw80PqU/his5zUJ1Aj4tzkF +fi4jy2nPNvVSpjWiAI6cpZsbdhdh9iayij4YdQg3HB20+1K9VcFnTmBqLKiBbG2o +4oX2oNPE9Vr3H9Y8YaVoeUU+Kiqo5g== +-----END PKCS7----- diff --git a/BouncyCastle/crypto/test/data/openssl/pkcs8/openssl_pkcs8_rsa.pem b/BouncyCastle/crypto/test/data/openssl/pkcs8/openssl_pkcs8_rsa.pem new file mode 100644 index 0000000..8111b0d --- /dev/null +++ b/BouncyCastle/crypto/test/data/openssl/pkcs8/openssl_pkcs8_rsa.pem @@ -0,0 +1,28 @@ +-----BEGIN PRIVATE KEY----- +MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQDIY6+Wgj6MqdEd +Yq6FgH5xMgTBmFqAonR/eshjxY2C6MHs+WmCmNSDik2NgZWIaODvOF9uOEK2U0Zf +JEG2LcZxoeIEgg/mfII2f4DLy1JYajm/llzwFBzAd/Rkcs3qwP2ba5VKn/pSqNLl +nKHMXkXO+9SjfHDx95x2dK1dB8eGQGculOMcTm3uK7UlWNO4TSlwG9qHZ1aoM3GI +g5C1fIpbxJqDVjFq6fFAapE3KRIWIQmKd3E5ICcDErqr/AapxnfO8UFNxVWSOLW7 +ZAfis4w/c8/EAgyQHw42R0dNyjUOZsToF8McCsOpRjGolSU8aUyqspvd8IWJPd5d +6HBHueXNAgMBAAECggEAV3q9MpVVPQ79TTjBO2Km0D+nt+QMzk8dUHGHfZbGejmm +Pw96shqJ24rK5FWHs+8lEwmnD3TcGsAr3mjzjtZY5U5oXtNwoYwFRElRLqZqIlLt +NugrVltRWeyD8j30CuGJVQoYOGWyX9d3ielg8NjO3NcvMtembttLoKK68/vrbH11 +9W7wr5p8/xyMfyl9curnmCFk5QqJ1FBpjPWY05NDIBCUJB0tGAqViCpxEeWPSlvb +xcElqWfdbtnsYUxYU+iOTHHotoKnz4nLHYK2/njMhlCEyMXfu1DJOd8rg5yXewJF +v6NhXgWStSexAT1bZ17LROazVcHfWB9QmXF1Fm7vOQKBgQD+dZxPDOi3Y4gCFegn +Z+epNyl2aPTkseEZxrIqPKLHsGxUfYjQqkX2RdfTrq2vf4vFlN6uCXhSlZKXfLH/ +iQ8FAzqenhVVHK2fv5xB0SE5zNmcHDrHshl+/zUNI2u5AMFECVO2SVbgoFjvgkou +FolK8XUXfHfb4f732LUyYI0lEwKBgQDJmkWHhzekz3P5iWaAt1SH8bZpt2hqa6Bx +A4VvMdtmjCxEDETN0Rb3CPYxw3qa3xGfW1y1j/49xi4gr69yaT2Tbca7PFGUmWRo +OJwfCUB5uBUi6UVytK19OVKReOm4666x8P3YO4cxxSI/HeoSU0HR1kkX9rGmrsGN +MgUQ15+FnwKBgAKf6/DUzUG3ARwkZbSiWb1hGEhkZMJHI29EoWnWHke5BiUI9nRQ +jVAxADzqvFfnFOYA1xssddVEPbLaUmu0WjdPBTfFoaqzFQdkzpPPOGyENGpr0B9n +MuQgdceg6eeKnnO5NOfYcdD3VnOCAInhKaFgRDjty7604hBkZ9oRLOOJAoGBAIJ+ +dmUMlGr80XADjTLh+DhqsA1r542DDv44LkXUetS9BOYjHuIuZnQO+/UoOBNJMsn4 +xGDNzN7FihQkRCeFkZL9arbFi3TpeUGw6vV38qEXE69eWVKvOuEkmpqJLphBDfom +KNmvZopDtTAvt9SWybL+xp9ZUpK26ZfwebD2MU63AoGBAOa2Kt01DxoqiWiQP/ds +Mc9wOw1zJsSmIK7wEiW3FkCz8uw3UgjF9ymYY/YAW3eZtuUpuxEzyENb9f21p4b2 +zYoZ7nCUo4TmVXxgCjiEWglg3b/R3xjQr1dAABhTeI8bXMv5r/tMUsnS79uKqwGD +2Gc1syc3+055K4qcfZHH0XWu +-----END PRIVATE KEY----- diff --git a/BouncyCastle/crypto/test/data/openssl/pkcs8/openssl_pkcs8_rsa_enc.pem b/BouncyCastle/crypto/test/data/openssl/pkcs8/openssl_pkcs8_rsa_enc.pem new file mode 100644 index 0000000..fa3cff6 --- /dev/null +++ b/BouncyCastle/crypto/test/data/openssl/pkcs8/openssl_pkcs8_rsa_enc.pem @@ -0,0 +1,30 @@ +-----BEGIN ENCRYPTED PRIVATE KEY----- +MIIFDjBABgkqhkiG9w0BBQ0wMzAbBgkqhkiG9w0BBQwwDgQIleYNcQVMEocCAggA +MBQGCCqGSIb3DQMHBAjb8ZXri5RWRwSCBMjR3ICOxCzBu74U87lV1QXPNlnlHD2v +TlRv2LNLPseEBAMiJkgP47rYwpzMmJjW5bNzCLxT0pYv2Z3/pXPUqy6aNJmOgCmU +HvVGdz2jS+WYBtfijc1J6MkuvkhRIBxL4CYJidVurc5X/ebRu3BHbj9Kg/j5Hjx7 +DV4qTxZR8vbRFH+ETdnVqj3pCYNOeYXvV+S0W7IN3rKmEk2su3u19YhbwnZH7Ny2 +YMjAn9FaYT8bK+zlPBZBiQ8TuZxm/jxvW2ScQPLk1pRUs8WkDsaYY1gdg5XuKDND +xA+mq5xskAMUliQmhJaYxlmv83QZ89JzSd44lLvnNeiaP2xjAhj10ZSVQ8eOXP63 +NfHr9Ehqne5k0CI2fGg78pp8vIihw5D4WjHR46NvmbL1KIlxuYi4nFMtc9aK1zgq +3rhDL9m3fZZ9Rdd6lb1LN3ZOL8e54tL4KKVkl5jxhrThHujACB94remv6da2z6K1 +LZPuDwI0njzC6Y6LgyGgAP75NKNAH0UzbpPncZxBdhyI5mOgRZnTMNt1XoToXOHP +CMR5JfKqpczhoJnfcQJhFy44E1NH+qBOsNQTpypDe7Qiz878e6ebfcmXID0OyU/j +o8czO+1BVT1S2LoN+xpeWcyNYoT+BnRVC99G7vKUoOeo90zNzQQOAEyoAjAg/52Y +JWnOqnaxDqa0uJ/BPmESFvxeYZypJtoTd/g7n45J4fGBSwiH05TB9PbLHD3YcfxR +NorFiq/RVXMXkgOGv+2ovJ/A6GK5mS/r1xr4qKnnO44zqwaie/xdZpXuQfQ8ZS7H +XLVWgbdGP7fbTW72mAG5UzUr6c6gwPo8g6aiOaOnRU32SswhLp4CFgiKFhhgZ4YW +tLmWc1Lz92D8ctTMvXhV+z8NEPF+livmfANpyhXl6ErCr8jEnhGgj4r7BA19dUXC +Tttq+Gpo05tMXqom8/6PbQ3Cg2iCT8RGk6v0p2ne3Dg1LlbnklEfV8/DbYO5tUD/ ++BXZhF1otr/ZaSdz/jJ+GzmD9KvhheQHBikj1/KicYp1KHYfo9oZJT5ulBO1UX/w +JbpLaarntLOqb5im6OdjkPFkklVV9m6EByrfd35BTEfowNaasEvrj/VpchGPo7yf +eFB6HGeIFHNloG7xXn9rv4npJLJOleqmBgyb4cQAk2KwjEJ38LHOyXQL/+tfI5DK +NKzoFH33dtHnP2ZwaAE5ffMYv284y06n09yOFqPi8YkeFs+UiFeV4Kcht1gUNkPo +IOLhwfVxoc9H5CbIBC3emckvbpnuBT9+EefGU3pU9e9et60mQ8sp28vtx16rN/e9 +CiXhRXcLyQZxucmoLKXnyXgJbf3+nXcr4zMkNurqUisc+YVMALePkJCCsqRWPCvo +vDqwMl8rkG3jAqmMJbtZCx7+vvnRnFQSE4BXOlzEQNPZK+EdlfvY5uvksIt93FF+ +E6CIPHW4ki/X6gTIR6piDKiNEle+2e/fJpYqk/pFuVfmiN50QXzrnLrPCznhzQ9V +GN2j9/b8iKzBk5y4wMNkOS8LT2qdcJoJRzZBb4VV981GwFxhAagwM29wko4sdNG/ +vU4hrrm8WAfmp6d3/UdG6VdQj0O57z7BX6Vr91OBNw5RZKRkQvMu3Q5vCH7ZfYEj ++YM= +-----END ENCRYPTED PRIVATE KEY----- diff --git a/BouncyCastle/crypto/test/data/openssl/pkcs8test.pem b/BouncyCastle/crypto/test/data/openssl/pkcs8test.pem new file mode 100644 index 0000000..1760693 --- /dev/null +++ b/BouncyCastle/crypto/test/data/openssl/pkcs8test.pem @@ -0,0 +1,175 @@ +-----BEGIN PRIVATE KEY----- +MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQDBvYyk4LsBVS3S +34GZc8uuddHq7cUJx1lZaxWK7C6nnTNKJmJEhxW80VIukpo2RODL1hPFlgCJY3ch +/4437UoG8ZNAE1BfuVMIkS1AX/l/KAyqUIX/bsXgvZch0Joo92KaPfDB7QA8VCGd +NCcRaOnusDdsFDdF4/Mrd7/x+Ipkd56FXVEk14QGizFc86aNJrzXjy9ent34PTcS +uGPXUX7pbiZj8gK9f77pDuH+JymqXdfBKz/x0T54i8N4QFfVp2LbGzeRnduaX4Ff +79ikdo/XQYTPOYoDwgdiAR+n0+mvDNkI5rbukSLcz+xbWdkJ1ReHW/QQAiqQWK37 +4D1fFNrZAgMBAAECggEAGbH+GVAE/WRCs5kZIzUMapMNyE7It0dNPmLJdKdmeKyM +xOTaW6Re6bAJakvfUBtKhT5bWPVQFOiwQD4Yqqo6Czm3AeSN4GQ/8v7uNX+FI6w4 +Ic6UNxCGBgyfIsj76TsGRNa6O74nLdkqrCLim5iCjjmo4Bi+S/Kzqaw0NO91y2Um +9XyCzM7Oh4LukmF94pd5gZBQjjVEkEsw3+oQlOznm3rCNIhYSjfStnFZT5stvcIw +BscQg386Wo+UvXV8zDI0qrAi0pNepVGsdpGGGUIHkogaF9HHElcSIAVBOQLhxvf5 +S27j3bvHBzWmmR/MgOsBH5+ZqQCTzVGJdzIzXkCRUQKBgQDkQIQNsRv0V44UriNr +nageBkbjVFxczl5k2qN193qb0GalSOoeKcT9jsBO32mcaBd84vuueSNS69rGlj8+ +7rKyMsRAnjhbMJ0FCWv2muQjxZWEcTWV38wgXkbzos4fon19wQo3JPg0ikOjmGbK +Z4EIJE0PIw6hjGrTXqc9wK4kgwKBgQDZSv2KVaTX80ZyLIOlbs5+CTAzlEde8+u+ +7LcFOvrrzeo86i6+65yvu395Dlm6PAhz0KocaUECeEDakdQHEDfvEf29BsU+p7fU +kfNPotacAD7kNo2WenzH0mIhtBWchSUz1P3cIbq4Rxm4XPlAzMEXcDtFRqf+4wVV +d8Thcjl8cwKBgQCKVGczfRC6Bo3/DoI86DFI8PjpMOlA/XjLmo3SIofWAnkS1pu8 +aAgQuwDlTBTPS25gq5doZ9X2nSXbkJcH5tW5lXbGypzQ9ydSNCGQNNLqswYoXAvj +ptwpCbnqUdKl7W4sVl+AiBE8lkbj0KsLI6tZadahw9dMJLNhIk4s6KchTQKBgB4f +PCh6GODq04AuVY2QX8WvBmSQEJjEHZEZBYIPHAumPut010gWJ2FhD5m7eIrNmapc +aciIer+Z5fumrYrRH7/fcZpLnvpBi8VG+kC25SM5EX7XZSdQEY4txva/HSPWfULD +KvHiJx02lgUttkvaVoYmQ8Elu1IlLG8drEhIalmrAoGAKLjcIIAcAhuE0QkstS/z +ZiFhp7tCCrH5sVvXPJfxuKtEC3iTfgOoMywaX3SQGkOP5kVngziGemv1b493Vmek +T8JLbnNbkooCvPsbMlMgcqZcb/5ckymabMaJBTqhYP4w/uRETNyjmb0uxX2CqXk0 +RoIdgWsw0IiLCNMn16z5O5w= +-----END PRIVATE KEY----- +-----BEGIN ENCRYPTED PRIVATE KEY----- +MIIFHzBJBgkqhkiG9w0BBQ0wPDAbBgkqhkiG9w0BBQwwDgQIGQp1RhqLV50CAggA +MB0GCWCGSAFlAwQBAgQQhMfC5lWjUndHWVmSgLGLMgSCBNBZEZlGvXV9XjzWo0di +IJof42XSh+mrOdRvUPUS0uPzctmnXZjhKdu42v5jrbyNdruqZsMXTnnQC/UW7Fox +fp3JzOM5w7wEmgrJybOZgA5spNkiWDdlnmqKme34wEPKv+GPEuHj7w+Z4hc7MSdg +T6Q3CJFLJDCEvfK70Gyxp6X90HN1riQQVxFOTSg9TJsnsvkOJ9Ju3VCTOqt3jlW0 +FEzrC3lV4AcxfWZct7tkqOTXygWMGinz7OqLxIcmlrF3oc0bLxEQzQuGCJIzrhKo +3Lb73Xto/kC/uqbCdU+v1zafdKLI/0Uj3/GOGLUu/PeMo7VaHbAj/AOX63Yvj3zm +WOgJwnOis5iP5rqL3lfdeJrkmE1w7xTLn9fUWXXr+qcVBLeZY30TE9wW9gRCDCka +09ZVw9MnrodTgvWVSI3xHxjYin8GcxQ+VZTxQMQFHA2cyR60yMG+eGm5t3TZNHVW +h3uqVxjbN7tMYbjUo1NdbINntOQZhqMje39ai3mWIhGPO09yfsw7ZRX9hhKlrIYo +UQ4LcEgMZsZDDtAY+Mol7pYB7KpM2iftBT8KSkBLSlqpndl4PJHLUaNBgbNDP6py +PB8FjPO49qPybeVCIgg3AswxJwGE9bXtO9SLcf/p6S0IWvVcWn+VV5sX+9Bav0eZ +nCO0WJYrWcjUBzYJLWIDcPviYkoMkFrsFGUP0DA7OneLlW84YUh3AeqqJppb/qve +UeUXZipLEHf+Z/ToGW+RzPQmFTVDqIx0FdQCi3EefBr3CbN/KtLdRjbP4kyeRGlw +CUS+BWQ+W/NtVUfVmBvsSLtVfW1pevemt4FE9rP9qUa8KeRpOJIzF4kHUmHyDfp6 +rvQTSS6d3a+N1GyJA5/N4UM6g7FbVnbngPvM1hMNfK6xbIcxQJudBQa/bHqf8DXu +61npKQYir+TmgDXlc9iD23M+TH2VgeunrFKuVMNVl4igH3+mcHyXpZ/EGM0KyIhq +PJjPRKD0qcCvs4mPRiOx1wJbCYMdYfEF7sIlkQgKjbQZQyRlDKLkLl4pGWXxaqUm +iyo6VpK2phKcA/hPYz10isRfy1WrKdNHW0B5DPyreko2H0akapfqMjROE0JHtVGs +gKg0FrbZXUP+QuKm0V91ShA7c3mRfN2XNbxEc9JFzkDJs4JBxj2H7MxvPQyRrWE3 +sKsQWtr5AFpFb5p5kqCtyyu7ag9pGicqlaFuLda/PR0ykMrhMU4RBO0OulOGl8ZP +9RC1GCArbSSUYH9xvwthGdaDylONVmHwunFMHs8pblTyo6FiKn1q7lIVXYO3AJ/5 +NfKgryp50SXq0p41i8Dtu+4R6CKx4xTMilPYKYDiDPCRtnwvckI/PshGMA/CHLzr +LLZUlRt1iup5SDjqRIjquw/aDRe+Wy4AXXniHOnlSrNynHcJRWz+pnLT3Bi6Z2nQ +ERY4pCIQ/ZdhAHHldFZ7WJ2wrwhf4MQ7sF20HLgXeUN3qj4xYcwR3CykU8f7dfI7 +TIo26asqsVDsVL02tr4dUrtm4J8yQsH8jD0nCpvGwJ9gswUBPmo9YreN82Kt/LSy +YZISyo2BnoowEcAEGnZBf+PLwBeePeXC2/vrxHlMl7JPkPesEHtTuET034woXELi +wO/DuStXmiIydT29G1n81zmdVw== +-----END ENCRYPTED PRIVATE KEY----- +-----BEGIN ENCRYPTED PRIVATE KEY----- +MIIFDjBABgkqhkiG9w0BBQ0wMzAbBgkqhkiG9w0BBQwwDgQI7ITJ8AdDrO0CAggA +MBQGCCqGSIb3DQMHBAinsLeB93eJ2QSCBMhi3oBwLoE4PNYkIpp3FVk6VHzs7SGQ +u/KcyYQk0Shjbe/ykNJx72OVfzYemlcNpr4p9Jt3VbXxisiZyRs2m1Edqxzdt3zb +AcRSVNIbph8V9mSZNBl2hR3GAsrbSTkwM4xzXCQRvA50z1DIABlVFR9AB/52JQ/f +IQx9NrG6SxlzcNjJMzHpR46ELG0Z5EqPLrdyScVX7TEFWl2ue9P/MOhjfZH0/Wgk +fFCFNoPsABQ6az/lTj1f7hkYMOIw2tayHAuAXTbqyuOVWhVfAqr3H/XuJvXspjDC +SmIr9jIdJKOTNrJD1/rG4wnh9U0OHxceQqf+TJisWd12WVjwMZ1jIqjk0g+BQeId +JJvuJTdVVGee1C3enPjG5qBiSJpD+BEsfk7YQFRzW5TzlzELIdkjru3k3cqSp+dX +Hp1LT6E8TTcdX4wdhKWf7VV6sayleiaiB+9XufqU7FwnOJbe0sydnn8L7A07qFcs +9WrXmCSCpB2bH0MYDvuauqHjpIZmaHUAUpXYUjjj8EnuhesJAz2bzO7fQ9rZAQ0D +6Gq4SLbjTtOlpS2LZeNio5ibyeQkgNs76Tq0zdS+5fFnL/6tIIsJUbdZdLz/5isq +j+SO+7TiGL8a5URZO2pc3Dh/TtjV/lSiI8qb/MMUAmCL0vWe/FKx3xx4dCrRfDX1 +GyeclEl4pWFqnwSQyHadr1nvnvGrG4/pcwrcnhNNb+Y80RIw15A/kNjsKP1f3XWr +eHAp+YGqDbJ/RuvoVunoAx3PwA56NTQLMmzYakgQFEPtModtvHTQnLkGozg0VjWk +TdkB7R8GS87IHpOUyrZcxKYDwOmhR2bHgtosvZ4XK+GAwjIGUzGKtg6MyMh3ynsP +68Vaj4PgkvmItmdZKrvkinophdFqFlqCLLNf6NtaVUMfz3Ap/vmX+EK+2YWxezNa +qFMNXO76xoKj+piF47vN7zjGsJ59yLLWZHO9J8hFLqSgArhVcV69j7JVMD3XugbG +YEFudiVEwE8Kl190CVP1BX8DXYhMrrDL/4QD+jccgLfK20bWdaCtPOs6SxahhsvU +wRX8hwf3QLiuZxfAIlVCn2eL+9QffJYETjfhAuvPK/HwM6+/n+9GpYc4Ezs593KJ +9/mZLuMKc0b9tDc0dQ5ld7aNiWuWyP46Da9FWBdbjoiBOHIUp8h5METE1NuH2d1l +THWYaD0OyOgyi2gosRkjJxqDp0IVxIymsKhX0K/EBcYuKiPKZLL8lCTdrzGlhRC7 +M7N99j2elk3k6BJYewdiklmWHEXFOFo8NWwLKKQPi/rSQHcJy1o4WBiXV5UOYJ2b +50DAF52281ao7BZhYTt5JKy+KYvP9Znkk/Kklx79SHx/bSrXHZJCLoVJaWRFp332 +vQASx042mXMeNDPy7dC9NP3eSyv/niIUWI4t+ktUds1OmWIAMs+2gQqD0Eq7gAfu +i8SKjiAXPADx57dg7loU0O9IyErJpY4HrvDLLMQaxLLpJxl3YSrgEVkrkEQvP0vv +ktUR9qQbIJ3BGD3YuQ3cxAgKWaaZWdEJjKqalTYACS3mg/RHYAb0xnTUX7nkUch6 +D79p6fAhhWe9KG2f8tJVuHfUOnEBi1XR5755Vqt4xgUqMI82z4iqAU8ieBvYpy8G +ImM= +-----END ENCRYPTED PRIVATE KEY----- +-----BEGIN ENCRYPTED PRIVATE KEY----- +MIIE6jAcBgoqhkiG9w0BDAEDMA4ECBztmnlgZpEhAgIIAASCBMggv6vLTkuAj/y7 +wLaJLezGOWe1JyFmhxfn6FMMNIZruIYUdoVNpsUzeOhedtawTszOOLtDtprsqvNz +/oDWQs2B+JqpLjalfRfkjJjtzkkeij3mVNZH69XPabO/QXnHxjeW/S0Ps5gsIpsf +6+eklLo7LI+KgVMWVIdZ5bC0P/FFi+Bf+sI20NQN3RchJMT8lKcV+2PHZQIb7diJ +UuYPf3GRg9XtBb0pXssAC8Do84y1kKYj8xil3g4oe27jn1wlQ0+c8DeqXrXAcnIk +/tFAfvNyO8EMfaP74vlDC4aATXY1O8UEAStTothbtahFNpFfB/9UbvKG0ac0KC4x +43Ftv1H3xtyn9vVA4qDCmLK0cNDFKCRo+A41kEE6AKYKctbthhC0GMoj69EYPMhE +Yg9+1Ev+qI2l8jB9kGbN6YlAkM4bUDHT98fFeS/wrCnzxmmiDD/rsHzv6cdkNw0z +G5F+Wvf3cT1sVGd6RexVydmfzjEeP/6z9Xr3oMqW2CVY9mHFlq2dBkR1LR8Kju+l +vWspR2YjzggylL8CpCpeCWzd7O0Q3sni3onHFwEen9fQ0GxM9FS0bH7Ty0+gf0jm +ZFxwcHnH1mMOS5W4yg00Ri8QDgvz4M9BT+HLu+yId4QwGQFlQqg2+tLKsm9mVAnP +0Ew+dV90r7/cRUCV0kUmbYissi39OHw5sOs0GDMUiNck77E0paBnTb0s+UzBIdnq +wy+ojiDxhANB8iabKnfF/9fJ6XB0pxUQkXmKfFJZqpVzEq7ZVQLFPfyjJhQD4vTE +jOG3PdamAFOjiBBqtxbBF5s+pLZL3sZhStugqJ1l63E5tgMcJ8w0czifLjjUULtG +8O4V58yAkuqu8ICyhXXOA7Bhmn/vymBIS5VmxvR6NZA9qK9XEh5it1ngNZt3oc/e +vclArrVbev8Q+Jz6X6aAbTsDleihsRrugGkWeZCjkFIYPKlA58FKmfB7xRcvkpYn +8iuI1DJCiT99mF0YUjEkKWsbShUElR4ok474SsXt5gHtCtykXrncAPtouYPnXRuY +MS9pYhgtoMhNPXotZwMsj+YvoWJBbeBgc7WgxZkcxbum3I3ns3E0+RCz1gAI6u7F +ZUfLogdk+Og/wbv7B5NRncRT2UnWfOyyxlGtxrwqXxaOyIF9007F+Xe8NbRO/EAH +1yFMdL1jA40lacQdbxrVDQ1nVXRGL6l0O51zWC2E3HkZMclTdWp1yoV3F4r5EY7b +OLjdZ3ip/vWuMcaHpkP1lp41Q00oZpxkfhq6hrw5agpv1o9OTUr260nmHALDZ6dy +2qWNqyFYyDuSSGB7spbBeuLq30WuXNO7kLBW3Z1MGq2AmOimUR8r79OkMBkZzZol +IHgfjedxE/1uOmU5vcEnW/rGrFavTu9BvjoDLVV7/5Gc9z/q8CQbYW/cK77qD8ZC +J22oFudz2qjl377LRIjmbZp5FvU1fIPy29/7LnuB1b3xfYvFwk/6YSM2FlT57HIL +PmAHNYzW+Uwst0khEkzcagqqMDERcD/2WKedXUDNwxAm5AU8v31FYLLjeZfkmeNj +NVYXzstYWgLPtUhODf63pGuILuxQFth4YrdZitda3RRCFI2F8NVFTADbwQWKZUMg +KSVe9u9LXFxPNijyRpk= +-----END ENCRYPTED PRIVATE KEY----- +-----BEGIN ENCRYPTED PRIVATE KEY----- +MIIE4zAcBgoqhkiG9w0BDAEBMA4ECMpfoO3NymimAgIIAASCBMG1ImpwNjYr+SIa +FEBPpj57UpoC8FqFKe4bnFkYK+KVapykY/p6KRlo5GyZZHycWbLhQ6LDwCgsgPcp +x/BTghqMvztLDtO+jIaEqcudX/dp0VhDZazeFJ3hYhjgmPCfTSEBYXAKmtdEPCri +eRqO1FLw8rAX+n1dJg0wnPly6M8kY4KE331G87+IAynsbieaAVkVAFm4T5+kqLXz +dC36WzcrpaXln15ydp4Ok7i0/TLcTCfVh5zGvlujKrogJ4EJyFzThyByrRWYAx+H +3RdtjgL3zoMs7s8qXDVcmActX+PCdDz8w4lqkuG362TTdewDnEc3PQNJPjzWWhWk +QZ1vbUa2lszxAnBSxHMEs0pvXy4Owboh/FCRJ+0kpZrnEzdNumn9jWWkFxkhZeZU +BD1QHEyuVN4ZzG4Vr28uZham74RQOHZwv3hiLMKXC0K8A4VSfnWZGGXaa39J58N4 +LpPwORBJOv5haLzi1VZj/IzfN6oc5PnCS51+MYOFcLYf/2qvoQbB6SNw9PxpNf4E +cgPxXMYJQcgSf2uDJwjsRLmAe8ChD2xvo357fhDZ/y+j4viB8pzKhX9uG16c1Wbo +7BHnXdqrcbgeNgk4s9elWSr1kKb0gTSkqIRh42s4d51Zrb6qQjgwM0UfydfWyMu4 +y1acFtQPicFoIfvrKxnHEjwDLW3nOhxGL3ORL42U8ICJl8XzLRLYKMQnH6k/Idod +thZO6v0habuoPp0ozYml77BmmFkdSoR9CZKweoA5Xb9KjeLGIoQk0Kg9Roxw/KV6 +3EBLrP6HLTex/QhhribaHUoz9i9tWKKWGwOl9JXeV/BM3P+JmW05h5LY4THBG68w +7P+kFvmUAXl4SOd7AVMQCJeUKIbif+Wr7UnRM/G3lJtg3VSp3IkINW2WuUgfWSVw +T/OUObFOKRZUKqEmPd3HYvlguVJM76jQ0uVi9XiEJtpNVo7UJWw5dk+V8obANxcu +qNldaXJCDspJe9Ep0NqkfQIuXMZGQo3hcbirH0y3HlBBXdE40Oc6WA0fu/L2D/Ff +sYCEaGZ0mBOuOi9CP9HailwAEL8Bf/3LsYBLSqKR1vjSC8n2bfD+Sy598QQ8Ti7C +7XpuKBCAws+cVUnMQVuqckuEm454tQxlWNnmTqoKnIwlEw7atE3Fi7xd0Yk3xO2Z +m/1+jLMfvUsYr9uYFWYt0SV7GTOHyfc9HWFb8Mtz9XvlA7RQ3gx5hNoovJeeK3Ho +3f6h8S0BYFWOOvKXk27ZF9OgEqeRryH+B1y32n6AtgeZspnOLPlMTgmvjvqYiocA +4iaTAoX5PGZuNKRqBhfiCLUT2AI6Coq+LjRdHn1mwLqBnagJFYsaXcTjZNKUr47M +7kbXX5JC12d1lcCxkTqkhV88SZhgvPzt9J/3Kvx6iOMRinWfxGGFQqiTFEwvk5zI +64aA80Z/N0jkhiibbsl/quQqi9Tlvqd1wpHcJ28t25H0eKWfiktvuxWRNj86JzHk +ZMKv1ReqWrihQyfwSG4nvMKaSJSlwuzbb7D5g71bMCHdj9ZddgsWdu93mR7xv8Ok +tatasiU0x4bZvqaOk7qjgHJCsK0dQHsfF5kIQJ1eC0akqRP1KfDs/Jskefr6e/PX +1hql/nLztg== +-----END ENCRYPTED PRIVATE KEY----- +-----BEGIN ENCRYPTED PRIVATE KEY----- +MIIE6TAbBgkqhkiG9w0BBQowDgQI3TbGvnzF0LACAggABIIEyLCaObV7h//eWCwg +detit/l8jaBe2pHs/JPd1qJjnvAjqnSBVQjkbXjxU6ERAXC2IhQzF4ZlW29RrdLC +ocxhHHM1Pt2+E2T+wiALFYidQIfawiobru3Tb8FN0QaFoyVZgUHzxeZUdot2ceW5 +TrP3PaNSWTnPl2boYy/TBlbw3W5QvmApHvA5RFR0uVqO6kASCPmThVTrutPVPsRo +Z5QZCTgZWrPXzQmyUzF5z0uBY2i2jWDwZWso63UZh3A+7Au7hn/NAqKNDeN+TZqc +nniJXD8PTJ8eNtrwk758lhbbrh7orAzy85e+WmHnmVWuZ88kULBiDdUFu+uUNaqD +gukACGRDe0tGEq/CFKJVkSDvKPKrnBLHo4uBootK+Chj5iY8KMVVJ/IWGjgYL7Bo +R5zZYos6qubuzfycRCWXHnR5cp3qqgO6oRubRXvWaYuOx5gf/trCK7dDVptYHSzB +dK5CtlgOQY9mVM6THkgzPNKlaoaWXcAz2YdROMkqEvhGHWTnREuDRmqlsCQKSDkS +ljyBFHVLEGFrqChnZmIi5x8M8rMQHTjQYYPatIUEr10suWz9So2fSNtrlbzXrk4c +rQR3XFedszYSCoBVofW4Nt5iSdRldkYh+DGuKG40UKltCfu3EYl3xKgf6VB0quqI +l6CjQY/XlDirwLVOE0zPTqKeMGsi4UW6Tecri07/48JWBZtYPLEj7LWTG59GmLPl +LFMZd8JO0au/8UESxFBIg8lBVjGpNV8F3YdI0x/inZFaESKJqK3eNccBMSCIZVxY ++gE/8iNIn/bBGFWGxpJSVAjaGMjXnkRtYCcriTKchvWq8gljhRpTt8y/hEvHzmaM +rUbY6jJyAJ9Jeso3nzpBetDUImZ89iN9LC6Znz0g2ot1iLEL9Lvtnayn4Aik6wfA +Ha7R8qy8JjCpSJtV8/COtRrzbzcuZw5I3Hsm3cTCERP1zmNZbm0MFM7WJVMdXPUi +1OS+vwlUvXt12dfxtABJG+wbsTQ9lPVGph+aixG1QvZVTq7eq0MWo+dJRev2656a +5VcdmtVo1YiNCG2TniZjcIugksxbjwRdmOaxei7VPn0GuD+4oi5fon8IlpjosJJW +FEc17IO7rqidXmeFttnnPLooAO5wajNVdAyuCs3HKJsnVLXZK42doWnNm7k+/uca +K+ai0RHyQLqWfxcU2U78cVVhdgnmFU/9d/+gHhTfhzpCW029NlIgNuQTgU+mAiug +27Mbrm2Q2f69SNXwWgKw2h6MfMsQxDNZI0vqbA6gvcmkwgbCrrZJr1rSl7dZaZuI +ek7l/yG/dqyzUWKcHko6jL2OM16cKkVWTRv7o7Au8RrLA2G7BA+FpHt9ZnthzX6K +LMPr6an9LMwjvnxD15YfENWphVqx7r0VYQnL3AfEinuJ9K4jyGZ1nny35jUHg1tF +XQbVIBfxoMuSLUjDep9E+iyfL5Qogh2hlZ8HuXcRXb44BucBlwruDuJm8Ft6Q84k ++pw93biUrfEm/7SXIjC5+Daf+49fCrJbMQjfGUAxRxB63qkEtNo5AbLZMlujQxFt +ByA2F5l6hq5cT97uCDPcYdW+QRr7Q+rFVy8sqxtp3K/D1LHX752yRqBl+pnf1tJA +Dud9ALqr+fQhxbd3Hw== +-----END ENCRYPTED PRIVATE KEY----- diff --git a/BouncyCastle/crypto/test/data/openssl/rsa/openssl_rsa_aes128_cbc.pem b/BouncyCastle/crypto/test/data/openssl/rsa/openssl_rsa_aes128_cbc.pem new file mode 100644 index 0000000..e315053 --- /dev/null +++ b/BouncyCastle/crypto/test/data/openssl/rsa/openssl_rsa_aes128_cbc.pem @@ -0,0 +1,30 @@ +-----BEGIN RSA PRIVATE KEY----- +Proc-Type: 4,ENCRYPTED +DEK-Info: AES-128-CBC,8DA91D5A71988E3D4431D9C2C009F249 + +ZUo4tso7YF0+ayrQpLsgM4TN2H31b5g5ryj//QqqVG/WmvYgl56Vu7fDbYXytgnb +PQoJLo+8iUI1d51nirw3RrtAx7Z9lrBu6mX+JBE7nwCVsjBVVlAx1B6d6Jwc20wj +935VaUkwT3n0zZ1dwb9HLjEGUp82TIbiZ3KjWKnfER2AhFXJl3SzswA5Fvwe0AYm +KTAEYaaxigTTPgltiEQDIvA/Pnh9ZHjh6rbM816Fa2hdk30wjU4U/KkTYbg4hdoV +vLeQpYnMT2uICCuvNXq0cXXetfbgdMFsLTxvVElUZrjyMTsw1QtjijeM+gj1dbDj +HGzR0k97Xj3q+84m+SoNW29zPLZzSaFDX4KdKKG2cHs9BTYJmzb0h7qP4pCXjGgF +8V2iUDMs7BQlgNnOa9gwT7x7DN4HM6J0MIlNIiYQZnupqqYQTDR0rd+fhdIsXHkA +qNZKI/4ep7voVIufSS8ZyoISES3f7dvs5nnM2C+QAtL+l/yaaqRdfUyn9BL1djaP +akSRPXmHrmed8s8YamuhLHyf+GPL2uYpd4i1voA2KKYSx4PnfjH/F/8fXPZr3dNh +sDtcjhgXHTNAEVVek9VOaHtlUNZEY0UcbP5uqBZta+wP2rBTC94DxIbN+k8A2SlP +cKGkaRltjnPJAXWmwKMRm1J7vXngXYq0r5VUvnGPiUhFlQwAW5TUml4+1SMEUirZ +y/Oh3AjhOus67uiAXAQoqlr9KykueXobFrhZjLCgRf7iDmP/t1eK40UyV83w85yz +cORi8FNfqvCARz05qXwfhf2NBMTRbLNzKCGjS4iY0dLNk+QYNgJGoM4nFVkHYgbM +pTThzpYgtRnxQf1mYTZFtqr8hRJqiRfexzCyk2JC3rDtEO8WUmNdvdKNN0KwCd4+ +dcVS8KzNov9fYMqiiol0dL89WBN1RN+hs7HnOJkNZZgaNVspOLCT4+SN5fLgtbJI +BzbAgTK1ILrSom5fyzZcRkYwzIqNc97YhRYnxDp7vJFlgsBqySJgtdGUkTPrrzAO +CCYyi/ukSVphPe+qRsvj9L4syZgpLRgDdZaW+BR0pbTUg2WQvZuKL5iMhfB8cbAC ++FjoKeSlxI68jukrAYHBNcco+qaAYrUaHsJFUsbf7j85DzHxnaA3M+P0i+LWJwOI +3G751QR2CrjgK+QD7XUtUjBMrsVGlJmfaQsEm7+rtuPynXq+ArJrvgha4lc0GRD6 +yNDCTTMafuBnJ72wop1UEE8zGOsqERsgvOAL10J1s5KCcPHGwrDhjhr3/x1GI6/e +H80zp/E9mPgzYQMfhl06s9SwyvsxFCIZAfrKIhq7lVqeEDiusYbe15kCLmTVNZ6C +c/BhDc76vwek05AOLaZLGbdpMRwevbOn4WvUHV0o5Yr1h1IGZKx9BQYwFS65SDCg +uxfM+dKulE6MWD2hPUP9s47+R812cBnHu5BVV+Cq52YygAiAP1+nfFw7TBKzqczo +fnIsoL69JthqtkZiwl36uMmcoWwZM621ZqYFJI53WO57uhW0uuoyidQj8HoNG/re +o3OyAgVO6sTFsw/Dwxo4WX2AKuIt9W2IJMFNC7aS7lH0iPrtiVC3FFXvuY5agipH +-----END RSA PRIVATE KEY----- diff --git a/BouncyCastle/crypto/test/data/openssl/rsa/openssl_rsa_aes128_cfb.pem b/BouncyCastle/crypto/test/data/openssl/rsa/openssl_rsa_aes128_cfb.pem new file mode 100644 index 0000000..8bd32ac --- /dev/null +++ b/BouncyCastle/crypto/test/data/openssl/rsa/openssl_rsa_aes128_cfb.pem @@ -0,0 +1,30 @@ +-----BEGIN RSA PRIVATE KEY----- +Proc-Type: 4,ENCRYPTED +DEK-Info: AES-128-CFB,2F7AF90B0C0A420FFD62214EBEFC4CD5 + +hciElffC9lqjzOx+aBT3DYY0/oZrI0Q34xfQg7IOTUPUAxrrT/UjHlToX56VIbRm +PH2M5yoF88Ji7BI2V/Y2QRAjAYRFVjZvPO9ke4IGYI8xfnKRivfxLtW/YfaiKnqc +7VyyO2UI2tYGm27+JJbGLR+GdaHmcnLmencGdS4Hn3KDQ9IK4eLLXrBPWyzGnxEZ +qA2OWdzqodjppFCjlx892YJUsq+w3BXu5lkPoooTEoxB5RywZfngUY9Y+raN60S6 +zhjkaaJTEqAfnAsdVMUvzpkYpoH5LCO1vl4+XpKdeUu3wJ5p3D9TVc4kt6/V/MeL +rHJVN8FKJKYddTlaP7xOmh4bivrJao6LzRUdnyxGL6SkVQ4ipitgWcSwFGgRQc1m +/MzFmTATtC8tocSqXMY8nblp0/sabGhUSTGG+uBGddDr16D/8J5rb8cMCfR0KLPF +3uwV89PbbqpS73IUKkolRjxslO74TPDT5ds0i+UV+J+AJM+9CnyY7WI3FgMlVvRn +KwYJuihDzFjozJfe386XWYs2Joa3Eo0vbaVvp4hbHq5Gh7S2iiBpqy2uN0xxuZA9 +QB1XpLd+rOC0y5l1usuVc9kBlGsTiFVyBoZo/pWVlTU3z8Hzgv8p1TAJN6jgqVH7 +oMVgubXsz1XPHrrjjgZEEpxqzXtKJw3DKchGDfAn4VLTSrOINwMC5sR8l30OZVtD +IdlmftUBhv2AeVUqkLsSMKGdeagfwoqOlfL4FKvSt4n8Vq+Hn9lY/S7n3cjM17YE +YAgpBjX4PJqXsp8K5KmBHPQMB08jW+NQFABOprdes5bwflrERogdLZmQH4vxqUvs +DFhHVJxo1wxeRDOftVgtxnmHzU+SaB9MgdWWhC/4pxx5uzqYi0Q2kSOZ27EXZNdh +MgVX16W6jLUw9zaR1wJIJZU7SmhJOL1fxvt85RytaD28+JvPTNs2ffDpjPu0sXh9 +n0gYiWztuBNUv1m+LMpi1SPtHvtoZLhc++9g4BXoZevtgNl+FqvHs2Ob9w3yXqkT +lyJQbqju674MaKXDoQ+3+tnXad8MRGCvIgmIUzmMZj3O7QcrBbDY/pbcxoEDOaKI +SygvYvKfrBIKq6PuGsN1KHSMrjc2A4+wuTYy75xsai9YtwwT1tyIIeCv5NXbbtJq +vW+nbSNYW+khIicBc+Ye+GFfUh2MXj+iC1lK+5i+1leKo4zLNFDmnXKgZ4jOOPMa +FMYPZkwANQ6//tyP/qzLWGyBucIC/Ym9hUvi0HlYjjU3Z+Zv92vM+2+li4mtMy7M +tdcm72bqsT3+1rtJKKRaYG/FiQizOGTDyhgV+JX9MEVwJPa+61V9jwkIPPR6iBrl +u7NoFfSp666XbD+LurRh82vlS7KYOB2zimHFxI6nOHBsypJynqtgIzLg5N1+LhVz +t+cxucW9eFvkEEXmjZwofqlxq9BDso587kKY+EpOkXrlnG/ha9XeZcyUipn+jQ0Q +64Cb7LfvcU5UEXTcMh6BKkoeNP07O1ecpD1LXMGYFn2HsfYHigwwcZ7sm9oCCC9q +vF/rjXg/oIMagmc6MZOjRE2eT9tpLRAaMynLiln7XS5u+Q8O3RexEw== +-----END RSA PRIVATE KEY----- diff --git a/BouncyCastle/crypto/test/data/openssl/rsa/openssl_rsa_aes128_ecb.pem b/BouncyCastle/crypto/test/data/openssl/rsa/openssl_rsa_aes128_ecb.pem new file mode 100644 index 0000000..b6def08 --- /dev/null +++ b/BouncyCastle/crypto/test/data/openssl/rsa/openssl_rsa_aes128_ecb.pem @@ -0,0 +1,30 @@ +-----BEGIN RSA PRIVATE KEY----- +Proc-Type: 4,ENCRYPTED +DEK-Info: AES-128-ECB,3E3ACDA483AAD613760CC55C7DBFE582 + +PJupElZP0QC92uiYotAm/CG6i8ypU5SXxc3zmrk7sBdxVU9JQXsIE/oIUK40AlFW +cGuHWxxYkdYNtTpuwG/CVlsrq20YfpxQrl525f4pz8ETWt/P5+aLQ0TemEKr+LVE +921o6LNstZpftQJbe3yMz0cFTjSfsxsHbadfUZUQzobr1XcbazPyhr5rrSntgIMy +rJ5M4G6QrOEAIHfVVZ1oizlFnd4vjGOKk1i6APgEEqJTIyFWoCXEzDtaMcl97GEI +EWGusd8DJrqpJKnohVoTZdOzLrnerJXEUEJ0cz+UjvljAYg2MBSJk5v6HCp8aWcc +CCoWUbJp2933n4nLBq7EXTVmJ1pwbB4cjNM1oL2BznW/pdznrSRcw8qut35ikEKW +mB97+IMVr03orl0uFjHBIch6cPLYkXKi5w7CO4vvJeqqPK+mCtckzgIlzsdTL7Pp +tp+wrMBtG2Ibh2HeJuvvlFCgoYBY482aPu/4NMei2eqfs0p5g0bf67R/BiG2Sxxr +4o8hmR14v+dzLsQeoKrr3RnMqfmrbqgdkUfgBomlsunHUu9u7jB70TuYsZk/COPn +SgMM0T1pxEuHdXfyZPSS9u2SFGEhbW4zIuVz79Lo7h3sKdYJqmwmgOk1P3IL/nra +YpcacWzmV0g/GK8O+2CSGvEh1+m0ffQac1Pd2Abjzg9jghshsBTVTpkcFI0UfkIm +gpP/hwLONl5a1KJn7u/ltFPdZkJ5CWPe0ZQ1mqjhDaPnc8j7iuFzUilsWITLRof0 +KHUDsAZSV7gZ5G/Lh6DGZdlwfkD4b+2GOPayQ44mr4p2hdOque6Z/LEXtOv+UvvF +kR9azOu2RXVTiDLL4c/ntltS6laT/nCg0goMs5NAis+3cxKd7Uk/yXBAulwR6wmy +MIZuSM4gk2pqbt6TJWIfxl4ZtPwp+jYIpMZc47XQ7w5m7YSquJzjilaj+IDVPkhF +TWTMf+Ucb4duBD39HZjBWAoLkF487M8KDtcxL60uHuhVJsKyYsb8b20ukA++c6aH +0VqU3NB8VXH7De3pA08G51P+XLurlLUUr118STaEd4r7GR8FddFmSh5x+PSuVXut +D2p2W7pfvS8OTuaMF0PZo0KkUq/TbTpvMcTax+G0DgGJqFFhqxNur6WoJyYbQE0M +nX8USnuJhS+BRNPEXc5i14dWmZEeE8i2KGm8RlL3KZfyrpBk2zwnGs+WM8xAlBSY +KnGO6bLvRaUl+8IT1nKfY30HLr2tX+F0fEM9Tn443VgsXkYnMoaPDU0aW6+J0lLE +lTeqJn8MPVRbU0Ss/0Q2PQLpayHrR+ly6yxJPOY6Nc1eLkhXoB1DwiGh5Mp7J6+V +R5UL4nRr40hZy+35sH1lf/+1mY95Rb1hAYP9r5K9dAvqkdUMSPz8rtzb/4gevLi2 +rxB5XyOHM/qZL9ySpJWjFPBwOtJ/EJioRTvnG+/8jdxXWBiGKdkGLKV8k1z7gOee +ewq2/8n4HnzMm5YKdTesy6LuaO5TaOAUe89Eo/CxPgdM5YnxSxRsxunrPR8JMLYI +V6xyNRRHLOy2ffGdJZ3nqbSOxCNiHW+Glh5I2jyrKG5Bs0S1jbt3l0hZKWSU8k5k +-----END RSA PRIVATE KEY----- diff --git a/BouncyCastle/crypto/test/data/openssl/rsa/openssl_rsa_aes128_ofb.pem b/BouncyCastle/crypto/test/data/openssl/rsa/openssl_rsa_aes128_ofb.pem new file mode 100644 index 0000000..2986eb2 --- /dev/null +++ b/BouncyCastle/crypto/test/data/openssl/rsa/openssl_rsa_aes128_ofb.pem @@ -0,0 +1,30 @@ +-----BEGIN RSA PRIVATE KEY----- +Proc-Type: 4,ENCRYPTED +DEK-Info: AES-128-OFB,271025C313E6EFC0403320C73382F15B + +/L1xK2Hx7pYQBTuhHX1P/mkXqLAlbSSz58hL1E4oxsDJODiVH+ueTSKajA8+tbxG +eBK4p0s5j1fp7SJ9m4QXBwvhCnis992H9kQws6U9gGFrofrYAniRFhX6yzvm86ee +deQ2Pfcv+evGRPigkoeRSQGxSa40fJ+5cBs4G22cfrKabaEKxnLtQpqPG17JQ4/f +LdrHz64IyJTgvV6LCzJxShO7vxwIXaA82HNR6Qp09WUXxLB1/pfQ8oQfZbTUkvWi +CBdXWT42VZklPl7StNiAN9U85K/USIYkKG47CpJvWMYbWJ3Dt1EFiEFi/wmYTinv +b2K0xUrVUKxAMfmVtr1wGSJA9P9AT0/sBO2vTn5ibXVVHibtAET+vGXLtpGqf89/ +RmcqNEFYxvLzoTyR2FONtVluAC2yk10cKHY/pzZwQyVfjcgMlbnrZz9Pp1Y6ntR5 +AfXpVR/qyYOaQ8BeMCXkfR79GPyCPV6txy3KE2mbajwamvL7eR0+0R3Q0lhVcWGp +g91D1nbgVFkHGOugO+2yb8vLq9k7K84Za+TY9NCqCG6g0S46yAgZD2rqrAAO4UIf +6+nno8TS41W5wmsdEarbRoIg7iIKaPKzEmRRurSdlj/s7MKHgQFoet/OdZuAQkV6 +FumyDmqekmPAgIIJEO2NdrWo87RWKCzc61Yl52qmWsqrJIHrPORMGdjdlLVxXXIE +XZQot33Rx7/f0VZktYB5fWk08kjWQ0sKTDiHEp8Xobq/RDyMTm9TFIkeFm4rLkl6 +Zt2bzp7ssoKeYuJgpoRzUmGP83wgl+AaJZpupARdz5MlqXd5knuPTETFPaFIf98d +r/sl/V4E1nh0x83HNOBrLlpKbeWocVV4zv22q4zemALPCOQKUPWulINQWAYiTPDA +lBQhFRnJXSZYFUqFWpxjp3yIWCvTZd4wgX5IQpaJvG+ehRn0H4FR0hJukMG7Pn5y +ye0M0XlvVYWfxhLRDK23iNkRzVIbIxZfxqaInpGvatcTHyb2vnVFateSGlXIk0wU +GxgytnTGW2fZtCDOqeQxCL66nIkpqKhB2hJKaD5WIG7SUikjBblvVcN+gkj9IWML +7LB7xjE+4cyt27Rt9QHuLchdgSScPnPTZhdX0iK1LVELlJQFx8WPZpfXwpQR/xz8 +tqAKOfyhOX2XxYYOoaNN+ffQ3mEnsVFx2uQOp7PvNjL06XdYP4p/AruzVnbqsDsG +BIo+oo7PfepNw1jRxcmeoaMotIZ8Feq8H8QEARqQSnzRWAJZhV5D9ztmUtaeqyy4 +QDbgxBxdV0nLAWG7e54FMn5yJfjqq2pkBl69ZvR3N+F+L5/eWlEpalIoq2l8AffY +gDxlGgp030MAyFYSLJNYj+UUwq8k5INaC0QKjARbBMblf0HOX4U6RBqrpzn2xyvU +mlM6pTiO+mOpG9WLgQS9XTUk2te8n0vAVUTk4Camj94Vdl8JWFNsfJIgwE59hprg +a3Pz4FosIcBbj1pYtlA9Lz3kIGe9U3z9rHeQHNxJ8agW8NKGvlzY/YBdb115UhnM +WOVp5TkpF2MyE+TGWqXzwNo3GutaNVs5YO5nX3Mtx4ClRrsmQYVTMg== +-----END RSA PRIVATE KEY----- diff --git a/BouncyCastle/crypto/test/data/openssl/rsa/openssl_rsa_aes192_cbc.pem b/BouncyCastle/crypto/test/data/openssl/rsa/openssl_rsa_aes192_cbc.pem new file mode 100644 index 0000000..b80686d --- /dev/null +++ b/BouncyCastle/crypto/test/data/openssl/rsa/openssl_rsa_aes192_cbc.pem @@ -0,0 +1,30 @@ +-----BEGIN RSA PRIVATE KEY----- +Proc-Type: 4,ENCRYPTED +DEK-Info: AES-192-CBC,51C73DF9487965B976234C88321E3F30 + +6yLkX7C2XTX5AE6KqWsB2Lmt+TMGsoHIH5BDl+o7Yjx7aBSzB9X9KPTsVoPmTCOg ++yhhV6am/yBImCdyuY8d9Q0A1kPIJTEkshgk5vc2KpW08blLCHSCjokEVbQ4TJDH +bMtrEBVMU1g9KBTMuBpbu6MLVaFth2GTsqExX2gu7FB5EAKvEGhkmLudo1jKkgvR +aiiyMd2CH2MTdatZtw5PrJmkhV/6RMZRKP8r9wkez8NN14ehmk5QDY2s/hj5uaEf +xK0GXY6OcwoRo85PsOYhmOeFDqHKGRo9a0pPBy5ZaV4udj0QZekE1fziOxiPf6K8 +0BL50UUzQBW+3n0dIZbzlOiJQScQkjoxi0kc088FHXHf74VBoJUo6pckAu4OwpXW +L4XLIGAr2Kv4OMiFSJOcaihyawE312B2URcAzVCO7skhTYHaC0fMYDJCGTc2D9rR ++V5tVfT1dG4xdB+p/b9TQyAu8PE10jT+tVNJqGsZRI8I3iOtyWsBcn4sQInpYFYU +R/v2tgG4hDdq1beEY5N/ZaLsoSyFYZmwbzB+BVhPg0W/9s91/nYAQgOL6XrExQjF +lZxS28ujAq1LDNzg0NDA2KsDGJF2TuST2stnxyvf23h8+KV2nZLOZXjhlVl/Nr5O +WPm3gCmuPf8F6FPqM+zI4YBBRtvLRkXafUNuvc7PYVNiaPyuMh7I7U1EUUzTpkqi +OI/YD4xv6DpDand/WEtLHaYfVYU6PAapLV0T28BoFITp/qxHYYnXVfhn4htSgiwW +R1btcxWyNjsIedjb1LJ2EwEfuXqZmzDz51uDLBq3XQ/dbvDkDzfZR3O1KGaACxAT +tAeAdnTnAVliWYQiJ7BHn4LTJZ0ERGL/R1xpQs4quki4WHtEBRRzP6BbmUYYhigO +QwvTK9darP1Ev7miF5BkRnrzWqCQHNTlDB3i/RzIfIDChQbSZtrpZH/V/quPuPlO +1353Q6D221UiChhw0+8GmIszbLwBkDq+Zr7/poUBAqHmTaA3LeiahACM55ATbg1+ +FKf0nvUL0SaEBAqFxSdQ1mnW83VCMlCE7Luh49BDl4/nufCdF+iv3cYRW2SDHPrU +HELYYLz+b4QLl+XO2SgUYEkU9s1Z+eCKcVUXGzz6vZUsA8UwvYIy8b/1cz4Y5sZ4 +MLpEXnQRMwAjArh4fvmosAG+diC18H2asLWpUS5HBBrSb8lAqKPLl+n72SlZkFjE +WP+qq3koz3EyJsjwH2qbpx5BLhTPcEVHl3DZ1eOQmCXcpSm/cqKp2MKQFubCC4rr +nphTD8uYKCP3mJXB8vqIIO9ho7+GVlCHJdZGu+3bw1L89O6ZG6WClbY56eGz2xUn +DBmikb9sppeYSs0eX+yQ9kjQRf/BGnRab2dSTGtDT7jp6cL+zWUUOawLHWS72XtN +3XYSEvvAWPygwbBuAuw17pwPPmTXduRiJosR1lRk28FGsMwzbj4byXm77IO3vD80 +cyrAQ/bmSpvlmYEHvmRn9N7QT7SFANY4a03aBK2iuqZQUz/zeo3eyrJudBXIiwUz +/ZRteBa6SQagqDsmfeuGCjgTFGVnutCokh9lajm9BZ1pZtCmHEDd7yz4Odx5CmxG +-----END RSA PRIVATE KEY----- diff --git a/BouncyCastle/crypto/test/data/openssl/rsa/openssl_rsa_aes192_cfb.pem b/BouncyCastle/crypto/test/data/openssl/rsa/openssl_rsa_aes192_cfb.pem new file mode 100644 index 0000000..00cbae5 --- /dev/null +++ b/BouncyCastle/crypto/test/data/openssl/rsa/openssl_rsa_aes192_cfb.pem @@ -0,0 +1,30 @@ +-----BEGIN RSA PRIVATE KEY----- +Proc-Type: 4,ENCRYPTED +DEK-Info: AES-192-CFB,58F8574921C585278A50F7A2EA529595 + +RQtPMTKDNttPq1R+DiwHrEK33FOfxK1Cst5x1jrDhXe5MObLhqbz4Ft2idjtG/vC +pemznnZqQYKsuJl/Th6Ydsthkg7HH1pYLRstc/tWQTESa0RseHDtdw3e/Wxhm6DH +pSqymOfRq8R7PQKPxboj9fjxeooWlA+RQxGdyRJ6gki6PljOD29C2hxZV4HuL2II +tUn/cdzaGu6bCvpFDvDuFja3TRtIrHSbCq01uZg6XrFui7BuwJxxR5lERsauJ6RX ++lAvhwXqN4nsEQefvZc/GeTFzklsoJ+c3HJy7pN15nyfwNzmmH5EK7C4CdBJQymv +MRwe9hY/LGXB5IFEgXvop9bh2qYk9tb/zb8aAHcLS9rwFsGOo+5+Yib3ds4GC5fx +ILKH234g+hkhutao530kmWXFf7qup8lvTlBZueAWcIFdmBCsWjm8ejxQUZaPCqEY +sZ1UMDw1HPX7/4TXdVNZWrxHisv0VWnhwJNflEcI/k/GR0/qUgkHnUPycWTtg0W2 +7ivs7D0EkIJy2OyFj5swWs+eqhsSDmd0BgGL0VduLB0voi1eU908Af3PllsTwf4D +UaLFvOkllIbul+YweImT9TinmkWIFMZuNDR/PHjpbLN/39YkvSub6oS4LOgKEu1Y +Xr779QOZHMcIP+PXoaxqOWls9hgI6M3PAH+gAjwF77OWIQIh8JZCibR6HWYcr/qo +iFTzJGNN7P06s3IOek+YoHG1c0GoPsNungPOzthNnaAUcRyvZ1Yg8cy/nhrA8Eeo +A4G/I241jr/Ex5jooykpeotV1/AMIF7qxFeTARQgObRi/fiR0r9rjaSMbOt4PlRv +Ln0ZBqedtkkRBPRGO0VViSbUAUOq0oSb98FWqPFpcFl8tXRyqe9m/W2zACczZplz +OySvRuASdKYpGk4DmMlQtS8wjzMYTesBx68OiZfw9W2nkH+Xapc4cH8hyb3+aXXb +b53nbp59+mx4UwPOcrdzVHdKhDT3BjYrJTv9kHAY8yA4Nr08ZsO5tOeI7vF+bUKx +kWu4AIEccB030iu87/xHXUEOBzsV6HzzT1TrZ5GKSh43vhRwoasYON2xlO6RuKCD +Yv6GbcPd4lv2mv4lAaDXk5IThABHUL8yhqfwru4L43av5AwdslRKIvBM7UWrlXFe +A/Hipy6jjcusGiOyH7WfWBFV2/f6NtX6lGuna03F/yMZcHI/HEK5RyhqOYOmcxfw +A1eGKSqOnq9IJ6vXnF8PuRYKB9i8Ha0z5JmWkh/dX5dhTzwH6wOz4+bLgkgXBdhY +jptSs5zsvrxGiLCbENPTjArsBbT5NISh+VTrrUtmA5BLPWx6d4NNJ5eBXTnpOIJr +rxA0halZtFYKj0mp1ZgnVylHC45QDiwzDnhXra83RVrcgQjcX4npjKOaYZRQ5cKR +2F1QdvoLvE9YqhjH0QFQWMWfvmLHGIDIDkSB6EyFsgzWdv6kIaiYsmdir5FzE8c5 +SvHvu28j1X4OL62AquOFKMXQVns1/jLp0KERx1EhrQChHUxpA/cbqNJbhjHoRQK6 +0zXWP9gNlyrSIKY4egyQmjcTDvNXVcSDu2o7EfnprNCYirFgsAbw5A== +-----END RSA PRIVATE KEY----- diff --git a/BouncyCastle/crypto/test/data/openssl/rsa/openssl_rsa_aes192_ecb.pem b/BouncyCastle/crypto/test/data/openssl/rsa/openssl_rsa_aes192_ecb.pem new file mode 100644 index 0000000..106704e --- /dev/null +++ b/BouncyCastle/crypto/test/data/openssl/rsa/openssl_rsa_aes192_ecb.pem @@ -0,0 +1,30 @@ +-----BEGIN RSA PRIVATE KEY----- +Proc-Type: 4,ENCRYPTED +DEK-Info: AES-192-ECB,A3A4C4B92548B906A635B84B3D67591E + +E4I7KvCs0qknDw8D9ISQev5oQCNiHskfB/SvuKJ/qJoJP52qk+ajN9pNMp+011R+ +MRaMlK7tANTrQ0L/Yc6QNUZW2aHyiex0aoC4ien4ojgvqHfaP12dMxFhOoLctN+N +zrAPSuQg2OEBiWxEoDqpgA7FTUbxPiJ3QdtwwOXS5kqAKIEIoNnCPCL+45uKBrP8 +encSI+nrZIXLFqGEukKZuFH9qzdF2leOKSmEW1kmwxMOfQLMVQMJyVzd19cCxU/1 +FZtPRRIzFlx4PlNYLKDpypSUavgo5V/o3UHk6vbP/Wd+Wy1ERwNliV7CTCCpOrBH +qJezvhkbktiHQQ7+5zU0jsTzTlZcxATdm2ktyfEa5GKrCNfrmUYNwNSi8DC2Dn1x +4z9r6OfKV3dKcSkgmFS3ZI97ZhrnMqpvo0h1kg8tuiboI9pPWp8OsLIvw5+jz707 +GLsl6hI0EX61YFc7bqeetnObgiaJMJxQJXHi0U+Z01GjZ+qgGb6USmQ1D8r34nuj +4l88VYW4jBhxa/IFpzUoxIioKG58xQT+OK2Fi7BF/OJLQpj+3RA3YLqry0D+AOT+ +f+nDJepwrQ/CZtoQl53ssct+mDY0D1IU6u7ah9WdIuuptV7+WxutFfDpXsmErKcZ +eILXaH5zK9iNVnVNQDmnVacjQt0x0Rm28wrjI5N7M8jGWKWi9PMLElx3BTo9EbON +pJ6x6xshjmdCR3gOLo86CZGkoUM1eNGhJuihrl6HelcZxeFnuiNYnLb5hIaqDd1v +NpFUQBRC6Q3jz85zIvVsiN2vIyak2OGDRs7r5dqb1x9QVz5tMjxuKe3t+rfX1FN1 +vCusACQQzOl6NdTgmm5Of+pMniOL/kRF78e7zva8vM1Qf31/z8wtq3gemt+pZstW +WV/kRhIvY/p2Nm41TtltlctThbYquFTEy8gxhB/Cot2k7Z494+8UBVIn7SjsdDpU +X+N24itXM9/sd1LHrXBSbBT5PzSBJFC5MS4Nt6qpvSKIRbyWINjUoTvbbUwoCo6g +soYBPJR9KeAcQ8YdBOEXtFScq7c5ZPOGCj/+3p++Pk7yMmlxNPvs6HLjdHchjAYz +jycK/uWYNLOwKS/AMxwi4R3i45pPgIRuwGdRyi17Z8kOKATdyQwScbPOShW9/066 +OA0rEORx3C9gMoKa9QYo3O9YLjA7NS1ERSY9c3X9anSgR7eSs+DLRwFiB3EHoCba +ULqd3n7qBKgkQpVF60p34yKb3K8o5s0cIE7oAm3VdoI/O/RSs87rDmUbpuYzAA24 +mXRwBvPpwEhke5PoPeFIYmcWa4wUZOJWuF78U/tZw047vcLKgr60Z1s+DlQJvFXI +tXkV3qS45f9UDaWQ15YNev9fq+x/1JDO1LjQ9AHANBjRQSzE9K6YpyIw/SZlbo1O +xuFrE077EL3hrRNh00O2rtcrK53mAOKMX9D5xifIcN4/uD9AdwU24YvC44gij47m +hSg5wz0RokMNGLKTXaJxJGs4+ZK8JWQs/Kf/V9j6j/i4iDWuy5Ra7+/dIU/Qy1ZW +cc8Uo2ji4i2z+QyzbpbR/jBqO++lcV2byEVDy8Xp/0X2G9mY0ymIbm7ATTlzE2/b +-----END RSA PRIVATE KEY----- diff --git a/BouncyCastle/crypto/test/data/openssl/rsa/openssl_rsa_aes192_ofb.pem b/BouncyCastle/crypto/test/data/openssl/rsa/openssl_rsa_aes192_ofb.pem new file mode 100644 index 0000000..88dd91a --- /dev/null +++ b/BouncyCastle/crypto/test/data/openssl/rsa/openssl_rsa_aes192_ofb.pem @@ -0,0 +1,30 @@ +-----BEGIN RSA PRIVATE KEY----- +Proc-Type: 4,ENCRYPTED +DEK-Info: AES-192-OFB,9797077D8AC3052C37DE4D719CA8FC00 + +SU3g1XmkcVhlJpQSWXdeHcHI8IQCQBg0oenT/35NKgWnFBlysqwGwl/pwgdDBmm4 +jLsPaE5Vanm4aqWv9DNhItOQokIbIkxF6qKeV3wNSNbTsSaG2LNphwMiLs9rw4G9 +3aFV+0THPLAy3BDTsB3NPuRqlOSVcwVrfaeMXQGhCOPGmsGDeczai1xH7eq1C1no +KUqNMGdf8g1NuCmQnvswuTF9BCi6rIO0JRqLPTxoz/1emKfHhJFefpSj88zg3ucm +cz6ZOAlsmWm1MQrktXd+odzpmjHtd1vNsgr4GSYUeVxxWQX4o8pVFqWqiQXii+HS +ubtMARXAuFIGoM1RCMN8o7sJG00RbG7zNxfhHqe4wSkKgx3qEuusUDewXkDeYhHJ +HGQCD1epByGHCZkLwBntccOqbCQoSNB0/PcFU6vJrtgVFl8N4VsNMRuLj2ZJ7uuL +/EZ3qkLTk/Ek68++m2dtAdyj2KF1O4z2SFROSh7MCqWl2rYh4zZcBtGEfmQe5Pwz ++kPycc76ayzHO8Bjg6rl/16Ua5Wx7d6vy4Hg7JYb5eDmj2UGJ8p/z83KBdQnb1ku +84ZjpYgmtjZ1vY8Z5iZqfZro9JBjWM4wFZIKNXcBniC7kBV9fRC5nzpjs6qWTPRb +bd7PLMuyRZz9PO6cRuhqYlP5tYSGYYVhAMVutIqSrQVRDV8AnmblfPiOtT5lHC48 +GR/xPTIFxxVqsDmeyBzyXn9gzAJKgjTVCXNksXojM/ZMfDDvAF6m/Ntz/izp2CbI +f2lcHgsm7SwVn2fvHikAugA9B6ixMCXygO0L5OEUDJW1e1fB7FMasjrwRorDsxsj +JUNDW0KhUXWt/U8lNyfRm3oNUjQQU3x1iEymjQZV10ZO9DTn28fZOF70moUWnl0y +ffELY1vLtLNP7Y5tcGNtJARSGnMUW99P7OKpLNXkhL8zE3DGEL1N+gDS1n81kzTH +7hPjM6yR6gJQVsQrQmXrEpIlHQeGA99LYchzyVog14qMhvQItDlCsr5UIPwVwhMP +LTA2LITZOYieRAqrv3vn+yFHYG4k9/C/xHwKHE/4pDw8bLn1o8thGv5ZW4yDsHGx +n6F6vqJrkPW6vXkmwcgO5jK8JBbEpyzAPc6aSsibH3JF0ufsfs2hQ4bwb96OmU6v +mukMLjQoi3BJC70Op1bpe7wtCELJw1oFvbZDoXLYsa3c06HK1M4rmzJQTIEBjqxd +vs3g4L4CQ4RHAzlkjLrCF+wcBHt33586bDrt03qBEA7GSyAUu1NSM3UKjjM0OydG +u8echgFIz6XetqDICHdN0r3ZWyICM/FgnVQhs39fCgafVJsy9C4p5jByUuDPvebP ++gvvVqkb+DGwfkKT3RUFAcYiNHdtIob3kmp8OJKTFk/nwdUwqUTEu3VFCmWog9ps +oe/0KOL7j1Kn1xEFkOt5MdSFCcpbsYjQNi7F1gWAr1vMXDDPsSizsniGSvXZIYBt +Pk5AH4MflqbHFofWClhGczSLi0FRiVPqWyudoU7LOesQhhN74Dn5IzkeAGtDL8r6 +4vC+G61PZdFXhLXQfOEL99hgJ2mjQP4rVqwdz143YE4/CUHmpq6d8g== +-----END RSA PRIVATE KEY----- diff --git a/BouncyCastle/crypto/test/data/openssl/rsa/openssl_rsa_aes256_cbc.pem b/BouncyCastle/crypto/test/data/openssl/rsa/openssl_rsa_aes256_cbc.pem new file mode 100644 index 0000000..7b03203 --- /dev/null +++ b/BouncyCastle/crypto/test/data/openssl/rsa/openssl_rsa_aes256_cbc.pem @@ -0,0 +1,30 @@ +-----BEGIN RSA PRIVATE KEY----- +Proc-Type: 4,ENCRYPTED +DEK-Info: AES-256-CBC,1876F5A50C9046D504D47B2BF8951875 + +BAPOppBjFxMrMU+NI00PbmXXutKdPAiP+If8JqX5xGQDB9bSt5Q9R2QkaMx8Z94f +trVbp82iERyPYnwcnA1Av+pcZhKi/mYFgDBPP+dDLp8qKRFAWil0zc0U2jkfo0U7 +v8cpO5+oipkJ9RtjaTg3/XmrwCUFZH4KA6G+SUFc4Oxj8/dzQ5YUDtJ5iyArRlnr +v4nsvP4OvsI5UFYwp/T97ks0KSmo6YLMpJwUBwcleX2vOhX8fd3thk9I+EbVVt/f ++JztCTwr4EsLxWe4XVmit9AKfLU0AhmcA20j2YXE1VFvRJdyr+gOGPD2SDoRgiZH +rRBhfi7cou3QmZ5d43jFYoYCBc98blEV07umH0DXMTL8XSrfWNIjZf8uQR3+ZbHt +W60jVdhOCEb40KoRTHQAMBQdgVVkrbXCFyc9NeVzzhPqyKXElGxLBjRB9u0h15DV +WCJUdc9UGuHzFpVFzpEaehdm/7vl+SZXUzAOgAQDtL+ATsvZglyMx5y2UA+5L1eZ +grA6e3tQFdBcv8w+WgYW37oAY2VkHKjoHs1TnR8z1t+OpVovnpcklawybh9Avv5J +kXyZGc+lbbb2gvUw33VeYR8yIE4zBoePuhTFM3K4NfkBbKavBBXMjQlsdRzlt48r +RqdFnpYc1XB4ZLP2VparhG+Q1UueVML8uBcd5F6X/0u9n78LfIITwRUpVoaLXRzs +94Us0pbzWFDxqxtqKPZHLAVJOYvEOwZD5Haw/bwho73EHEx38MY7mk9T5PonsBko +7Op6aEmKK1qfpJ1aPvy74UmIlVDHu5WEMkYx7nQL67gnFXHY0yKjmP6dc2y3+nfR +qNK95RTaS9VbACRS+re+P9+Z3aAsQGvj3MA+4Q+qlscUmb8uk+M7tg9ADk0VSe1u +Ts2x7UZroI61c+WzgsQzMAwm2QLPoKQcvv2b+iGD82enAtleTTHL9rkoS+KmNNU6 +hWL+AJ7HP9s/5+FJ7/4CD84pcLECXQ+f185vvE42TfdZmoq6NgSKrGVZPLxYnyjO +qa2sTRzImZrXPtsnFEL9OBflWA+ZHaAGo4HJNxZW4Z90HJlAZN3isSZnE3jPToKP +YFdHsPv5m/KpNa5luh4L3K41QWzLmPlRR0aygWM7/0fYkgxI8PnBeCp4OjoK6qHx +VYTWMKJQTLyji3YwMr4CufFAVty3InUZzm+ALMFHqEORB6JqPTR9mtnR145FHtxE +1z0LnEoDFEdGuLjtC57yR+lYS/vgMbtj4EqQ2zK93JaXvI2HxxOiZCZEDww262Bx +QZo0vBoAd5vkMKmz5eAMpRVkguF1wN1RPvao7I2auJIHp/3zoaUowpZgtbmDHZFA +Kddfc927GQRxtUH3QQVe1R6FFAa7JBHNeJsBvZu3bj3l/7BATzcne5OPhjZ/t8Sl +hMqEBZuo0svrEc0w+e8dpbPEjuj8UwBmHYZWlALby5N+YJ1NEtLYmyHe2PFNXwK0 +2fo45CCSyl7YJrHD1ONJ0M804ML4nMwmYq6fOAaV9ufQBFqQQj/hyyE93blB8f2E +I8LMN/SUKN06YU0nErN0PRdm7CkrS+kutn/Pz2H4oSbUZ67z4Ee1tpnVQjoDYdQU +-----END RSA PRIVATE KEY----- diff --git a/BouncyCastle/crypto/test/data/openssl/rsa/openssl_rsa_aes256_cfb.pem b/BouncyCastle/crypto/test/data/openssl/rsa/openssl_rsa_aes256_cfb.pem new file mode 100644 index 0000000..a616b68 --- /dev/null +++ b/BouncyCastle/crypto/test/data/openssl/rsa/openssl_rsa_aes256_cfb.pem @@ -0,0 +1,30 @@ +-----BEGIN RSA PRIVATE KEY----- +Proc-Type: 4,ENCRYPTED +DEK-Info: AES-256-CFB,37639E4753C0E4CD43EEDEEA18AA66D7 + +HKuYoKfUqTRf4sW12EzTuIFK5J1FkeJAD+ajYnKeKYneNiDbmDlQv0kIk12qBv6l +LA0oBH62QKjUDKi/sg8NAO5CqYkN2ZB0gQurTgGT/jrvMkkkkwE0x1n69bGNScCN +mkqMnAnjQqbo1xERzwqX5OWNTTb4iDLiPyjiUlQDONl14pe4x6zGpVziCVCQh8Q6 +rAPDryZBg/wQtPXNhNpk8MiTiSwe03wq10QP6W5TmUIKp3kD4OVfBxpW1N4znyIu +unJDVcRdBf6XA+aL7plAsETL6F9Tx3Mxm5GaeaJcSOWWzKMvqYhAcEYwM01lx0w8 +LMMRUogny67ZqaLywXZWH6FCJGCnJK5oaJE+jlnKZ6xhbwAxMyxWRCZC9pF22ocI +3IY602+shDOWZQDoihhddwPJejh+o3mVFEglco3YEByL7Cy6GvqxhctEEH7uKvlQ +gXGb7srmOpeHHfP76N9afF2hn0mqyToakdZqgnlgT2jm4UDHJ1vQ+onIksV56I07 +tVMEmPhXQCIHhfKdzEgI/v8CiLL3W/g8r+20/5qyKCL5vPBLAxmRudYKbGkhm5pq +GkzaSp1cKe4ipUfVc5OEUikOMCuadal0TUQZ+h658aBCxLWHNPdZCzNdY/bZLN9z +XPhAzml/H6VOZyIxb9hm+FNESvqNKdlU2NaE7HW0ILKaDif7gsZhvogP4qNDp2P9 +xPANQh9UxpA16AUTUNOqk78t9aQVpbjZfAeGmcw6AxJ77uK649JgkEnKqcuxcDSi +zn/8NGeaKow/bTW6jJJj7b4cMys32uxRjeeeClC0moQiy28OIJpRRCRJIs7Muka+ +dMBoNyftBnCONH+oqj+F5au3QPMwKH4v/4VpO3hcByXcqxegH+BPEZzzYJ1OnI3u +dh9VlpTdC/CD+Gn3ZRqYbguSaqow1ZF+nlpD0xcs0IQjNEe2BVR7CULUFVXIgF44 +pTv96/LvbG1J9b0VuBr+iIp30FG9azd2xyn4O3lW2xk1uzvo/Wf1vDGvT6AYyXNG +DQS1dGtIm3+sy975sNTlba5gWgh0YNHjeiQq19I6ZzLFhkvLKfh7zpx+R53YcqSY +lXj62N0u2s4KUygqg14oiIUoEnNr+n7Pq0es/gYs34mY/KvlqA8Prax91BaoqqLW +qHN5bEv90KdKaJlvdWsCUjA3wReeaQa+U737GMXaON9/oOJ02bWC8/OIzUPgfGRH +v/8YL7kMnTd+Col0f+XxnebWSfJsAzT7mjfly+An9EjccTeiOon8submd+L8WySK +lVvWzBD3l4HKjQkr/3/YtmpuymVZyeTzngVuSdw+iXWPmOOuXHyjyD2Htn5iNWch +Zlw37a5sHhiFtpNZtOnhpmDbX9sgt68KJMB/E9Mh3JuWCaKZZ3Cv/22KA4KQRlNB +FSvDDKJBrM1m599A6GPJisR+iC7g7asJQ8hI1OqaY69v8nP0Fo+Qk8+Ac1L/n/Vm +RjksignkKjvqgWENNn5Bf9A9+zZrLLu9wJJLae7wIiw4UgsNob68sGjWdLyg+tab +QTxd15H5VUIuD6pkeAI2qC+0sSw9V6LKm6pmEIIbp188CzApcsGBXA== +-----END RSA PRIVATE KEY----- diff --git a/BouncyCastle/crypto/test/data/openssl/rsa/openssl_rsa_aes256_ecb.pem b/BouncyCastle/crypto/test/data/openssl/rsa/openssl_rsa_aes256_ecb.pem new file mode 100644 index 0000000..f679d6d --- /dev/null +++ b/BouncyCastle/crypto/test/data/openssl/rsa/openssl_rsa_aes256_ecb.pem @@ -0,0 +1,30 @@ +-----BEGIN RSA PRIVATE KEY----- +Proc-Type: 4,ENCRYPTED +DEK-Info: AES-256-ECB,C5DF56EE3F83A1F8C1AC805EA73D4D24 + +ac22chm8+bxXpppAKfsrFJwCY0S4VPnXmFRqlAPZRuqBH9ylFcG+F8TuHdIsLeof +q6s8yxkXa8y+/3hyqIZeMwN5Ai1Cas4P1iMwEtMUCMeaip5t0nf+yeCyx433hDSW +dVnsdeuiFCiBUPUXfp6dCGO9kOLUEwu4wM4lIJkJ4QVyauO0/DwObQ6s6xEMFvQH +GF1AFFTfW39CpZuS1rguG4hTxW6aNxjEaSKHJnzWu+kduMLJEaLUiL5+i/tUw937 +V8DhGdWU//1Q6KKLMr+5w0k9i/FhVxAGJZoZ5j79ToYORGr4jpkDPOvHaCydM6Iv +JH0epC0wfG8L/dArNGLEftTpVVlvqHMpAlc0Rgvn+LtqstfyWFXqbQ90NBxC5Fs5 +xiGxKFGpkX4stoKIaOvFVw/hoCI/oxs8Eihz8u4QjBsl/3TdYQ6AUyfBGEWImy/y +hh+QKCVOfzAmVGcffXYf7fvZETVgpo6tynxKVlSRXO9ZuzANJCC8jkUEOjc7jSKl +jyMKQMNnQxyplgaFxnWIfs/snvlLQW8DlpMPH8xSkHkUgLKMWrSLB9Cisv0N7V5t +Zl7Xxm3tOteLG73JxJKJkSZ9djlhkPvlvS///mvLQc6jse8EzY8peQMI1pYQu87U +CvHVDOYn56SFVJmo2koER8FG8a1910NqdCKpNkzjqTl1Qbz7Z2VwghTslM7sUA2L +AJP6PgdCkiGbi3oU8moPy3Nyg908j/17Bj9VyCXiegMAOxI6Kefim5Nn/sq+2/7Z +MHIucQX6ka8KjEp9jvf7jvNC5WYxJkKIl+yzwAzqRQ395Lp1sun6jPfngnPQmkXY +toeOeFvKlxaQu3QgNY7Hq9wwGbK/uo+rLK+Jbnt/75w7x5aGHQF3kf36epr3O/0l +MyZPPx6sLblYcNQhBV8rnSey1WeO6105h61xTXdKV6To/m+RDZYvt+qs4z5SNQlj +oKTezoQUh4J4QMg0EPhghyCS+/+cPMdnVnwX6Ds6nD2feX2CpN27xieGEp5ZhioG +qWi6/59B38kBW2e60eQyL5f53bhWvywBg3HeUsXCD0ujtXBqPMuNnO6FU+/5Ohg5 +BAJ/bXaWiOkobmppBeaViidGv3NytL48ZIuQ1PZsYQajFb/k1SkyLebmeC2NYdO8 +VBWxAz5glgIKP11K9DJMD3n6PVl+ZyvlYZUGXjfUhOxHKVmNDHv2o5Pv8jf3WEhs +yuWEoRECvfNlkDrmda0MxMhEYjeTysbxeX6fvwD2InzuFKhfzwh49p5LdZLurEm8 +DI8KBIXUx8g3svArJRvbVLyW0deMlXBY7h8Yc/2y7c5qBwfYrYhgazxVBfRqS3lt +EsO2sa0V0GaGhPh7LUt+n1qDDYmaOfxOdpZoSLm/surciEQIQVNXt264YuFJS+ot +vHWWVHzS1AZIgizu7NHRVeUmu4XEgT8vRsJYeogyG9o3U27L/lF1L5ysvYQjtvkd +q5idZxCnY5RctE2wa5gjxPjmgbt1sUN23KOiPyz2cmXGBh/dwqEhIV6j7+WeS4/r +SFBZBeGRHi8tACblT/6G9UB6FcycyD3hf317Zb3jXZLve17ozwRZRQ8aBkz07+iy +-----END RSA PRIVATE KEY----- diff --git a/BouncyCastle/crypto/test/data/openssl/rsa/openssl_rsa_aes256_ofb.pem b/BouncyCastle/crypto/test/data/openssl/rsa/openssl_rsa_aes256_ofb.pem new file mode 100644 index 0000000..34ed53b --- /dev/null +++ b/BouncyCastle/crypto/test/data/openssl/rsa/openssl_rsa_aes256_ofb.pem @@ -0,0 +1,30 @@ +-----BEGIN RSA PRIVATE KEY----- +Proc-Type: 4,ENCRYPTED +DEK-Info: AES-256-OFB,E6AB8D4FECB44185E26505049A97B0D6 + +Fg8Nq9CxyVZmBNEiN9vBI+gsZL4lvWqCPaR5E+Po7acLxYGos4zIcmLCBa2X8lvM +UInn087k98OAClm+0PvhZ64/AdDE952UclD/xiNvQCH25HGQy7wk/BxuOM5/FT0S +rlV6RGMibelHpnv+yploYoHD8CSo77N4RHdEuepPwod2fGTKu5Cbbt1FBGU5LXWJ +BrDMOlSN8P/rD5ePADhDsYnh86g4cBVHTb3MkrteLa0m1Szt47E6d3s+Ued8Cg5S +7tiJOTFnXkmG87LsLZ0HDp6yML3g2gpTL/1Zhn9zS9lZc3cnkBfRJmttLBPjVCiB +mStjlXnuJTDBdgQhJPJ4+2xJiR/ucFbCnUF/VICsl0hdz2Hd0PCOdhzj6U3jbRk4 +uI2sv5TV/E+e/Ppvdh2W8LISSBdIwp9CJf3se8RFz1dUXwTMGM50LKr/dpvy3T4m +NMO/Cf/LyA7HBFJxjqf++wi5LPDXzROm1QHncvXNUjypNPND3RhP53pMeQ/Ffd04 +dw29zrmbyQKQOOac5Ss9Lj33Q/WzBgw5UxxxMxwRVDyfFpdz6JRfMrnj2c97auLI +RI3euI9A9yRNxneBKTobS0EjYyqAiU6b5MbNwrybqvavbA/+ZMEg9Ylg7vtBOXpW +YLLYFYPhWNEambOfNJi4tHcX8znGACxO/W7v3Ir+QFhw2IzSvntcMODKGaNKMGys +HJ6mqKbmYidjhtKen1qHB5u2bukaGWUj2kjkv7jjuDK3ExsvB2PjEV5d0foPEwW7 +9QQeKc5pY4tOxFVA4qCq1tTzUhWr0mBkPhnFjc7XOLbu0sHYdr6ArZ3SadaNT12w +LG2yg5r8BgmaUVTTQAzIiHhAQYZoCHAq+ohNocIikIh7lPE58DL2GPpEdXZsgzTi +T+EUSkSw4VtIMmnWw5GNE3zCOxvx5qzhKiXVcnB+2+IF3nlHkQqFXcYNGhezZjnJ +4FlR4FPzumRmMj1x0zmdbp7eTFpipUpKqJtC8iuea29pEl8opXDNhvmpmrT4/429 +7x8eJOjZhm8WL1dVpV2/Ikc9boEsYzHcBkY7kuaTqT8I9tdQ08ODo8UE5aReaFuZ +vlBY4J+A4lltQ7qQ+sAk6gUMvlY8h/9L9gZiGbLe438Ndizskuwy+jAZAEx0f0cK +YnTsZxBHPkWQXgBHMhe3BAAA+CZaXPps0SjD0yMQs7lkAgag6zBXW2vqttoJLU9R +f6uP+BLwZCFDF1NtkROLV1oROnaGvMbHWcar2tw5qNe3BAsPQqGk8XnqwILz4IwX +MN6QrjzbBC2jcL5jsxPZ/Tis9+wfI3t1Ke0EljYqA9RVWuC2KtRK+X3xOK6tWEK+ +QlagHRDI0Z0u0slCLjpB/ev9Ajqwlr0h25T5ucdsLd3FFEKZbzspdfsJuOXPM5la +Uv9gpYIcuFrKcVbvuBPzt6NX/rp9gozZv7ZOnujjor6RDorHsfbgbEfcerydvJGu +PRk788TkAB0LOE2wD2J2UO8+Ufp1qK9GWmtr0WFCazqFfeiorTh71iS7pwUt08so +0BRkqfrfP6pXEcnh4p+LKh+dnbgIBD+KH0qHsyc0ci43byoOSDDHnQ== +-----END RSA PRIVATE KEY----- diff --git a/BouncyCastle/crypto/test/data/openssl/rsa/openssl_rsa_blowfish_cbc.pem b/BouncyCastle/crypto/test/data/openssl/rsa/openssl_rsa_blowfish_cbc.pem new file mode 100644 index 0000000..e3f6e24 --- /dev/null +++ b/BouncyCastle/crypto/test/data/openssl/rsa/openssl_rsa_blowfish_cbc.pem @@ -0,0 +1,30 @@ +-----BEGIN RSA PRIVATE KEY----- +Proc-Type: 4,ENCRYPTED +DEK-Info: BF-CBC,E59962EBB3DD3C74 + +1FpslA4+P9E8HcUUGpkIMWeZYV2XxCgOiSgCe2NAUiutcRkVAg9nPbzwnsQTbckx +d5uOE/w53BURpxPkz3nNcike0sr3fa/MzaoRUDo0P4MU5bmAihjnZqhRllqvw4Zt +BsyxjHVn54RaqZC4RNQUqwIHYZwJmHUi7Zk3+Sw7fivMZBr/AWqa66I2hk20+obB +y5ubRjtjw6uaciPLIoMZksxoEwi5xv4KnQHAQnaihQ558RPpUwweqHXyOZPEC1Kx +gNQPrTGc4Zm+CKqR4CceACSYzcYtechZpSQqn61emmtyhowDqXpqqjG2nimNihcI +hbp5O+O3fKZFkJllB20xuaj0rK1NFF4aLiS3BK6aWeCZ6aXFawSvbQb6vGx+pQmP +eQemfllRXXkT43CHUmMTaf6gKnz5DaxDBqdVP73dBa6UoWnxTrZcUNKiPUCvB3g1 +ciJePjBnsijb2Bh6jIwr7yghIbS65AYE/0V+5Duw360Fa1OqJkMuz5pKeJIUcYEZ +3yuI22CZeorkvymKhrt1hUn5xLIKRZkWg7UbXG1WXCrGtPdJ+CxnwupHMdL8iMLi +1haNeJ3E/PeMjehQRzSEEFwDljn/b1JtoWsEwnQPTPKY3505OWIhYRwRXLEo5n1y +QEfktZ9UtIsJcIpfi7hMvbpp/7Njlu2MJKZ/1ZtvwVLoaXFTSivqcAkDdP7u5enb +OJ4EaDWrRXS3Zj31fpYTV5p0fRaejFPevRNnYvMLRiSoFobd5MUrKjxpxPRCLiW7 +24BF9QY7C2Nso9yR7gNkzLw5x/725lGxa2ZD16nJmiECOaEB8ORVlilmjX2OQi66 +hpGVtjHMaoGr5IvBrtc7Q9aM0bdoFZD5I2mOm0hniNHG9es2IMByHWRAQFzOOLGH +IFoIyW3OIuzK3cz8lMLsh/Hlbzo/3bpX0rbrn1XZULWAJ1oNzRJRi6a3Sw2YoIMh +656IJB/fGRbG9CMVMl0T7onDUhZYLA/mV+xy2CjkQdPBjFpQUTn5YHu6zMU7gejo +YSV/4esuUfhogLiqw7sPuCDqLL2UftN29xloQDTY6MlrkFb9jCciAwn02DAmsN4h +7Utus3Z2N7gJnxt1dRecqr2o/agIINm3tMh0LK3/CydmlthZQNpsxMD7IqaWFfQR +Uq7zQUfYZi0l2J6iy6FUHUokskqwgiNhMP2Z+uZ1xHUnoP7E0IZMHnVWEKBIQZ0d +ddDucux1jOBlMwLqom3jYPjPkxoeSU2E0ozVNSOqsPnoKkz2qKnEHhea2sAPg4eX +lsZ9ENQyQMZVapjic41BU/32pbrE/+JkK2Cc+dcLlrnHo+JpFeTdbleJhZ2JgXHW +8r04vZHA7tQOc0KNR522Niu7dvOW302lwmfp7D5xfon62/AxVhos1DSZuNpVClm3 +V59lqeCBDm1yJwdM/946Eq45YJiTNTzYsPPFl25KNv+3+GKkhZ20GuLiaqprel3S +MC5XbMJg4nc0LiAfDT/q1jO/EKZ5LzRRtkVvx1D8To6DAptyFoJSMKyFu79tQdfN +371+sXEX1VjpEGxO2t/DUmuERIBdc9X7rPNOXSl31QxsXy4s73zcAhI94X8xrqYZ +-----END RSA PRIVATE KEY----- diff --git a/BouncyCastle/crypto/test/data/openssl/rsa/openssl_rsa_blowfish_cfb.pem b/BouncyCastle/crypto/test/data/openssl/rsa/openssl_rsa_blowfish_cfb.pem new file mode 100644 index 0000000..b3581da --- /dev/null +++ b/BouncyCastle/crypto/test/data/openssl/rsa/openssl_rsa_blowfish_cfb.pem @@ -0,0 +1,30 @@ +-----BEGIN RSA PRIVATE KEY----- +Proc-Type: 4,ENCRYPTED +DEK-Info: BF-CFB,A6C793D28C38F56A + +sjmmZGwl3qF65MFuXEtiTkltbaXuionUsMtzc/XzyPPaIxcdl/03iR5Fix0hTY2Y +/W9BntQGcycH7uNcoYwOUScTRr2BJncyoDXZaUx/WOQ6cDHuhRWWwpLpmitfsn1B +SRvLdKddL1GE2nfG2xhCdN4N7pVPUwIahHye1AkaSJ4gur8tU0++mJQTjDo63xKB +oTh3mZB0OCnelXtoYFKGFXNh5ouAPZgcE84breDJBoGReH6f4elkigtSx/J2QhgN +vXERboYz/HHhHSRCtMSp0qLEQo+uLcFxZcSMQE12eglOOucht877V5n5RMLFT/3c +DeZdg6D1b52UzaSjTvLm/jJCdkYqZf4SFuBgLHF/rEALQ1vBqDiKQ7QxuWz5ApPm +P0ntscETngWuJ2g2M1EoxGehwNiJJEslYE/CB0Aky1XeUmUAUm++Q3QVfUA3G3C7 +pP7whQSr1Y7gL44EmttFCX+dX8GWXuZDXa399wijphVw+6bl0gp/hWRWriTern1D ++/4S78ddrci4slA+/Kkq423wjLNGZtOoy9cXRmFdbQlMfVaeu5U7LmrTQRrgGVM6 +GQjgNanXYhkCNubQ+v2Q6FflAdri8Ac8ZvFXxSIGZ3JG14cm072vOdp0/rCNkzSb +fmtyzXUGgNgKzfp/GFvIXD04lLfeipzlUhNvDK8AKUNIctrMHZegpbfSm6HD6BiV +rUFNLvr58WDK0eLeRxg4pFTCf9QXr9Q1v4MWehkn+LOTconhJtRictdlj+G2ymOQ +LYgSRPPdXVNxlBI6u5WRtMxzZM6G3N8jkEvFfFsyeMtE+R0OsXiIwvGzdksnI/1F +deQJzav9uMBj4A0bJuMQ3Ls8ydZNFU2RDofSU84bP/g6TzU8MpT7QXQXPD2jKdLp +JouxtbRw+YY+9p0sk5PFYxti+T17jZN//pqiBrZUzvspwr5sWoa8BbA3bWE2gnXT +cmx98wREJ3wWRx+t0k44084kD5/cvVH7MsAQ75XxGa0ofVj3crMCL29c+/QaUnhR +GrdJ0sVJeIthiOQZZ5zBqG+IhJfG/jkKpweA9fkQ5gm+FoasTfDnAdSJjah7WfoO +C6LKzNBB1FaOHqy4X6LUN5wraEOP+0OI3hKPdOB47yUzPF6FGneGk4BajDHG4RyT +F2ZnG1aa+FRfakQ6l7ok4j+VPtDlCPY2jnT7muj2F78G69abNOS7ASXg5+PJzso0 +liaWo1d8TDfEazlDQvglDAKpzYw2mSbpJVmmbPSaVZxUARcIIaBqxu6xWepfdN8v +qZGrOp7vTOuGu8f2YmWKd3+lcNm2CwwGYIPpuTFjtUuF7guKEdTffyj5tpOdo942 +RAy/F3tCy5zfZrI8SkSkx+wfZAnkUnI3xQNdKKVLCXcpBtQWht2UGO1G9W84OmFy +eg21zeITIwPJZfUif9WHihdINSlfm0CiS+gDRzXukS4HgniPfS3NPo6HAepc2Gzr +QUGF/ENern3v85DCEE/AebRaQN7liM+6Z55UZ4GOT3Tj64+Nth7MNQXqBYEmCS8P +ndWvlalOs+vlj2Rl13IcSUOK8OOr6S7jeZhoutej1b4lbw8RwYBXGg== +-----END RSA PRIVATE KEY----- diff --git a/BouncyCastle/crypto/test/data/openssl/rsa/openssl_rsa_blowfish_ecb.pem b/BouncyCastle/crypto/test/data/openssl/rsa/openssl_rsa_blowfish_ecb.pem new file mode 100644 index 0000000..bc3353e --- /dev/null +++ b/BouncyCastle/crypto/test/data/openssl/rsa/openssl_rsa_blowfish_ecb.pem @@ -0,0 +1,30 @@ +-----BEGIN RSA PRIVATE KEY----- +Proc-Type: 4,ENCRYPTED +DEK-Info: BF-ECB,1E15270A7DD42BA2 + +zz3p7Ml80hSdlJsI5RyvOScQlsGC1GLg3AK0dC/Hh0IKPTDF7a2OITL6H/y/3txz +LJ6jAcobjRfVMWGAJUwFaSlE5QF5W1+RauV+M8oMmv+Mf2K/Urha6m63EauLEVWu +IDtxj74qfQgyd//qWHU+XmWhhNEGk5MrH163VITZqpG3Qe9dYHdalh4TB/ILJqfN +URKLjdz8L4YbL48dwK6UxargixQ3tfrvIdTr4mkMiquNlayTk9g5qXWnEXy+I1DB +HweXveJeSUHhYRXdx37y2I8Bz8HcuZF5wODEDJJuYXy7a8Q+Ar0Ll/uQ4NXE3iI0 +NA8RA0caAlc+Du/xfzKdUgIPQaLt/sjhM4gPBDLlASUmO+PJfb1VYgDIbNbXiR9x +92ePzennPnbhKsPcuZzXoc/jH2BiQwwRT2gLscZ86n9O1FNoaPAnYERlyNIVrQoC +0Ll6NnGBM9Ls5k1royQQtZU2x5Yu5Q7DGcNqX2yI14AZrI4e9/Y0nEa+17WRD6eO +fdaIC5dVrv8HZxlfzwFs33FpufovP2vlINWM3IqDjMf4FIQsoLdnmTsgoLRYm4JK +zfcyiImXPt2iUrcybZHKa0EXYjrcoIVBS8YP1UTcG8WHnj3ploMxXOw0AmpXcznf +sbLsaehbs4ugM5G358PMeWFXTv8K2YXRtArXHtkIYzA45zqWzpta5E7LiTQJfBRL +VNtLja40a0gaajvROCekEzWhezZc7bu6RQ/XZXxBYHx9m7nhzKRkDlBrrJVpWSW7 +QmS0ptXblyt2tbaUtNLsi2SP7gP9ggTlc5hCpwygT+lxrcr6j18CiPgMYOgDmFY7 +gZ3jZ+HHd2+8GnimOai+r8wh1aW06/tLfIZxpIn4T9yGh/EMW/R1RTJjN0xe6oqw +wC+TPUM2bMvDtAvdn8bYh3pVVLXnFa6LjhhgNvnx6wBoiBCJ4E9R1Ec0QA4jF/97 +B4e8TEv7PAFB+VGhIPnQqfsAqRfM88FwgZqSfZrBXKMVWA7I4fBeVD0cJQq8TwCz +TY9Fi1YnomqTfacH1hf9KiX3j8OkfrhIM3+w26nE553/wOcO42YJ55NgnNXlQL2e +e1s4uJ9lroATY2WqvgLy5Th8n5y6kVkjuODb/8hk3KXqiLqbUOmZCYLuT4ZHZ+Rk +xtWuFpmFiuWgbg6Nr2t2KYXwD39pjGBRmmwMX1mBxmUD9NK28yO4HEgiPVzfn7sU +1PWC7HpgPf797M2/N1gyUfrBbfw4OXWpycvmtJLXHEJi/p/H1bz0MuMJvPtNhzUO +CP4jq0xbu9nT5eW9rD7kgvv10W+aUf314RcWKaLkOxkk2dTENjbviASce5X3ZU4l +eGG2wtoHvCvHnNVj2ImKf0jbAL7dymVJlA1XwsLANAmk+9RGyVJgHn7ZkOfRVJmW +VMfZ6AVeFY5BeJ0LCq1uE6QMClVx8fLN2iBEqamBNekcZ62Qz3b1R7ZbN2tlPKee +JnLSouju6Mu8U9twVI2tr63OTh/a0XAjtlO0OAXuVcOmYOHT9fSjPdAAt3Rp50Sj +PDvgN8s+qSkQKpx7C2OA9Wisrr71UrBrCfBhCOmN5gyWFg24PwwRKUnc1a8mT5Zx +-----END RSA PRIVATE KEY----- diff --git a/BouncyCastle/crypto/test/data/openssl/rsa/openssl_rsa_blowfish_ofb.pem b/BouncyCastle/crypto/test/data/openssl/rsa/openssl_rsa_blowfish_ofb.pem new file mode 100644 index 0000000..acbd8da --- /dev/null +++ b/BouncyCastle/crypto/test/data/openssl/rsa/openssl_rsa_blowfish_ofb.pem @@ -0,0 +1,30 @@ +-----BEGIN RSA PRIVATE KEY----- +Proc-Type: 4,ENCRYPTED +DEK-Info: BF-OFB,B9F95E282FEAA06D + +StEkcUPp3txNaJlYBP+eVabWYcEzAkX64aj8vaDX64i7bVl4ospAs2stac7uXtXG +IZLTqNNACoqC0jWWTDJca9vTEoqjDRKjN9yjXYfrovj5oKi79wfsSU29oH1dcKG8 +G4y8qNsA9TexRQDWTBxYO6EiQFVie9O3oXzjhO1hYwxldSWOV5ZRWoVmg16vAOxX +Gx2W1twtjQXG/hp0HxosPkZteUDdhMZLWonYuqEw1oBC4iDG1Tjp0p5uSnb1gaIr +pzZScikP0Z4/8CxiKV9/C1VNE70EHdAUYKjUx2PAbPaMFyO/sAXOy1INI7Wis7jh +U2wKeXgCMRxmca4OMITcjDp6OGmKf41uWyTFwjO1scMvjSJsOZxNjAjcrZW1PPRA +tvnhRpU9h1G9BOH2rM7VUI6zJ2FSNKG9R6M0WOQqxRegJzvK+YNLhw5lUzrbWOR0 +RdkKL15gfnuXqLTDTMuLX+aCDS1Mu/ZRmDqLWkJH4W1HJ4l2rBojX5fcbamueMyf +Sbd1S7QtmF/B9LaGDEPMT12kOQHZkRBUYpyolK6BoMuRPYnGS0RkUwvIuPZA8uJU +vHHuYRZsOA45YFEipyB/sek61bvqYy+8TaPxzpfj0fkh7AUSQmbk3qQRkQbltzqq +/MkFShIzS7SUkyiowOet8fVjXDJPsw2bS3uOHC4zy2QQmhVKzCYWd4yCFl+WtJnZ +eEkrZH2BpoCDEzKlex/NQlH9KBLOor221nJEVd5tkdWWZt71eGld20eFL3ewtDqV +GJX8jFmR51vQL6NZ2Ehp/5zhearuBJ8VKJfFxIKSrbPjyCbEwUgYOyVHHyvYyMR/ +6hcflrUu1IFFwFhryg2bucAkdX9AhsO1dimxSgZKEFlZbihPBysCdUw3WRea57iS +n/zqLrOm786KiWh0ndBgJ973g1x+OeuUvbNl/0yiO4Vjny6PkXcBOORu+ILEflzf +UiEKyG8+cYzoYZjeiCFBxsA2+gZMdgjxVYF/lKzTqFkfpwYV+tF2K5N8W51cL8Is +yhz5OHiENobjx3QeFCZ4LWDEXg1H8cA34i9oELbXtyG7W+hkZp0B9tRDrXcDwVWk +4oYqWLNCQXqr1lL6cCuctKLdXbc1ibLt1nYGpJrPkPCbOshsI+iCMmulT23s+jqW +TMW0RNb3wFjR5z9A1YTWfiqMKEcyzRhP6bEM/+WNmHE5LRefx+dnvZrVJzGZA/3k +JAOpsxEPKv7YNR8N9yoAopRfFEOH4HYtLbsAA2sZfD6iVAXAAeiZ2Ehn+Bvek5lV +5zIOtsXswRgzXvxXCPy0V5GWqMglbkUS2HGsWaHpxDSMbvBJuaSi2blZ16p3IICM +7YcCLolKUaWqpXjhb3UypoYRwJs+40EiXid7aJ8rKoeId1SeETOwVWkz95NMiVK9 +5K37/OMvxOAdjAUxtmz/+v+twKfrUhYqP3Qkapy6FgA+qxnzpCFZZXrMKjpr99Pc +QVNcvM/SKWB34jZGTo+Styc7d+iXDC1BUS/43Pvbka/Aa2IV/LPQA2pD44aP5l3V +/tOfQFQWI0wCqpBPV8aXqGuqZU2ES0yc9DJ974a8NvS1cNWfsMcvNg== +-----END RSA PRIVATE KEY----- diff --git a/BouncyCastle/crypto/test/data/openssl/rsa/openssl_rsa_des1_cbc.pem b/BouncyCastle/crypto/test/data/openssl/rsa/openssl_rsa_des1_cbc.pem new file mode 100644 index 0000000..2d2233e --- /dev/null +++ b/BouncyCastle/crypto/test/data/openssl/rsa/openssl_rsa_des1_cbc.pem @@ -0,0 +1,30 @@ +-----BEGIN RSA PRIVATE KEY----- +Proc-Type: 4,ENCRYPTED +DEK-Info: DES-CBC,4629ADA1FF55BE00 + +2093wYtiVZThSK/Ecf2pxfukmymwYi+yaWhMDfxz/O001tbrlC/emwfU7iprUPeD +NJyyAV4GLjUBA51tfDqia3ATKaBfUtMQoC48+q/Lkr5KhLZEU0LLVuGrfvmDXmPb +Ne9Ud8XZGnrDmvAFkguzK7cF4PFWUX3l5oYKinm8he7pA+t9RJ6QX7+BHKQHlWcR +cT9e1iN7MykRD2Hh7YjSxg1uRlJ+1H5zIJBDjQ/WIUMj4EdNJriurt7eYY2XrP9M +fyvTOBgYRHn6uQU0tdV0619j5yjEBpPTRf2M4RGOeNYGfvmk4RcyZPdnccDq5bWT +w2XhhBPZMdCHmDPTCOwgfSvqBBX6OtH2EKd1aJQmtudMATPjA49Q2v9ZrgIQQxmA +ZXIXuYH8wNPlzpm+abolucwIQhWJqr5TP5q7IKfYLD7FIjyrPBJecGoDuPB/Qp8x +D9G73DKYgu3aYEFxcjs7tWwWe93pn7glEPmuybK2HP0iD5/YhXy9OUElAUZVBHXb +WNyFdcdmyP/hcex5nI3Q27yM1auTS4Wpmvg9I5Psr1NN5ilWFNiJ0fr/YcOMpVsz +NqQPuSLqxX5sg7X6m7MkE0/k8PfFO+tpy1cC/K18nnka8WgH4SJ+R1I8WXLKFznU +X+mWcOaci2YBUHT7TWRzJ9/5bL0CEWlheabTjqbaV/4kiE5L0Wcbh/am56c2YAzi +6MzassP58vp4hHXTyda94+Kj4ymYFbRBLqh9CVspolwDhy6e7ydcspGz/RRbuWrN +Xc+lsExkvnLkYvkfmaAU/C5ME5PNjgM0kH0qXLyXPPtdKmwWrkGjElzaY2iajzpP +XEmnYu4E8AsNdNg3HVcQfoUU7jFq1NeB4uibFrq8vh6VLmqGvK6XCul0gxJsfsh+ +j/38B1+5I97I0oplDZrAQMgek3BXegw6HZVqADC2KH4Jir50rYNCFrN1un9aohHG +BdTzB1wGkjW2fJ/yrU5nkkTYcNhl9zU0D09XvFvXyeRdLzJL5eFqqZluwsPPw/TM +CSwjTZbbeS2LvvstAsoYGfQTUr/E+BOXVpFmNg+94DBxwM7lCy57nG2Y6oIy8Qcb +IfmF+wKMZEVJxy8O2uaCYUwU7qpucq1tz8l4bTo8wUctxw80Iflq7WYg/8V2ilro +F1nSJ7gF0bn33KwlLxLy7akXiol8Rg6aOg+cAiMi2Apfg+5DXWrKf9YOwebDLOX3 +LWvDuMYRVccwVWsA+X4zUezGjVNuxjnjtsDfeiScf9QyliK8kjlMP/r+chrhFFzc +LXARzcVfYCQhF6heOOY9YTHvcySV4NmgRKC/dlzvN4NMGh8VxWiEFDo7Vu8XTXpN +7OiSd/BvmOism6emrC8zRMD8c1ZgCxuY1MOMVXRir/Qy1IWZXiYmI71mmJmRhE79 +Gn5JJ3aZ9xZmr34l296CWOBY/suTRvkrfyMRoSTC8Z9K5nbd+cm0MLzWMgiT5PAg +cy6PHN9zVWInz/2z00qf+3lx45ZmMeVj2+2h1PFapXaCwvek3VgsXL2HUV/mKNcU +ZH7mV8imvIopRSS4YQXB0Ophiv6i7lJWdKrSYd/Ac+Bt2E4z7q7y4wFNlZBvsBoO +-----END RSA PRIVATE KEY----- diff --git a/BouncyCastle/crypto/test/data/openssl/rsa/openssl_rsa_des1_cfb.pem b/BouncyCastle/crypto/test/data/openssl/rsa/openssl_rsa_des1_cfb.pem new file mode 100644 index 0000000..814ff89 --- /dev/null +++ b/BouncyCastle/crypto/test/data/openssl/rsa/openssl_rsa_des1_cfb.pem @@ -0,0 +1,30 @@ +-----BEGIN RSA PRIVATE KEY----- +Proc-Type: 4,ENCRYPTED +DEK-Info: DES-CFB,07BD7DC7BB2EAC98 + +yH7T+ZIRWmzcMociF5wV3YjHWCUMs9C/GUrnBP37vvJrBDBB3x0u6aQMaOs0U1Ih +xbGOweaw7cMag1HhafjVK9ZFZlYsCfXRZk6JdOvzPchDctQrnjkDxnwpOllmp0w4 +Mg9mYLuEvN968Tx2TS26va/rPAu3xxA8mrcCuSfyt6O9HteT1axwDpZzOktmnbYy +xHQDRcpDXaXspP2sVTaZJ3oq/AMGfrFXCu2m9jFHcyZKmEm/DW2aLmfOI5I7gCLP +1KMekkauODnQZEE2Iyi1SVbTBKH5DPp7yXAXWOtugBcWNHbMF9QHqKlMs5Hd2MYg +doXtBSRRBc9pLdF1FMwHHjPFI+GZL3hurqcD+YyZJqYvzEgnI9dls2K8MzQKYKDn +6VpDCNbEf8aC0QmvCLIjqei5fH2RVYeV2M4Db1GDmpRAIRJEq0fXf5ojAD0Mhv6p +DZYsz+f/MLTGwce+HCWxZyAyfptdK2ScfvaH8mUr1OHd5IdvRudh5+9sCtch5xQL +DFIp1eBRd+2gvLBMja7gBE/xHXoFZtTR8xORCwgYXVrLLf4wG27XLdKQVQiS8dpi +E+xCtiZmZfxb/1Ly9yHP/ehWD9DmxRRr/n1QeGMjSlLSzffuLgt/0tftK5yOSZri +Xc1T83n5rLqhBglNEvwR1ewsTgeIxkgZo7q/LFajrnGh4L62cIoLkLX3lG0jaEC5 +VTa06i0b7U1nJ6kiqjHuXzkZWjTim4V7p7r/SQtAGuK3s8AmqJH53EMmiK0zFq9Q +ao1ewixzD4NplA2HY4kAAVRQMR7WWIRrV2wXRTqoKwITMbZ8Yio8PwgSjsYhuzwv +Mct1CmTc2FcCH/+AZOqc2HNS4qwQVmwLnOLmsr7L9kgf9aPIl1hkn9KzC6GAU+fZ +F+N0Ti7d+ZkNAtAUg8fi2Bf/rtPvxmyJp6QICI4Tj4MFpGIRWP5rLwU6XXNch0l1 +nAcIYFvzLNL1v0TDnDz/CFW7XSp4IaDl0OLyAt+JxnPuFOAo1wJOhUWHheGynEBP +U3K4u+761XMdqHb1n14OSgfyynIuLM6WtnBDoevKX8v0dYjO6PnvcuZoRqs1sYKr +D93XsV8uMv79Oo84xQPHpJrUIJVLDeE5GLFimD7rUPvMURg1IrFnGyfcMGTvsv9O +us/B1dNmOHjG7eZwJ/8MDNsYcpwm7CQsTOJUZkQDN7MZOKJZJr2gQK659eULJwaZ +lEkR2p6A51etvlSPZ2pjy2Mgxk/T0mX/mVprEvCkxFWGlAxys1UFWKHDOOP4rUZs +iE7nxBMyW+4zHAcco4Nly5gryqWiW0gn99/I7+qQHkb5X6ydP+GKOHmUdcb8RPIH +Ec3bV7mBtfYxDC/ouStuQdVC7jWGwU7PeQqoz4d3mhK8dfeOvpudiTD1BLw30LKE +Dt8/tob6zIHMEA5NTu6g5cbfa0lhRH1tD+O/7RejWPwOTc1LbY2igvHoh5uWTo8G +ufvYO41PElmJoujef4njSZHcMvHArinYdlWlvMIg52d7Y3lQTTztY2UeO6DKRHx8 +Qjda5g8SDiqgFktkl5r9FYfqMQFqheSgKnHaJ2oPPbwuJyuNdy2Rug== +-----END RSA PRIVATE KEY----- diff --git a/BouncyCastle/crypto/test/data/openssl/rsa/openssl_rsa_des1_ecb.pem b/BouncyCastle/crypto/test/data/openssl/rsa/openssl_rsa_des1_ecb.pem new file mode 100644 index 0000000..91a3f49 --- /dev/null +++ b/BouncyCastle/crypto/test/data/openssl/rsa/openssl_rsa_des1_ecb.pem @@ -0,0 +1,30 @@ +-----BEGIN RSA PRIVATE KEY----- +Proc-Type: 4,ENCRYPTED +DEK-Info: DES-ECB,451BC59702897B57 + +lYkflQyHR1brYuUKx2oj0+L9fRwOhpKR6NMeH2nlLEMz1yntUt9DGuBRwP4RJs8o +AHo7amQ1YzGpQCEZx3p+tMmk/hHRcRmU3ZeuP3SlGwpUmbMe3NI8I2dvh/qDL3Rb +QParp+YK2vH/u/N2VPB11NvgwoUQpfS35vOhoLk3GUcupSKfbsbl/gn398DsgfoI +d0qD5VSxNutst5I05pl4JFnL5+DBv1s9w68TdvAvBqWmsfhb4ei/mSp81e6ndxOR +VLF5hgXauJjEHvI+c/ITF0roIyyxiMMjFd8IuIHbeznIjOWn4P5YcNcSswSG2wOz +1wB0e8dlskukcUGqFS6W6mJzqb2TK1Eo+l0w2B2rNGX/MlGV9f6r7e0DQQFH0nCI +nLS76C+WB5G6RA/7OMOWtsMnYSLldvXBxxZktcD1CNjyvuCOI5NK1KmG/Kajho6S +/+A1mTs274pI6sIsCNl4ay2pfgwjZSWh95l8+YNt7o0C5lHudZ4hZHCDT8U2uCoe +7dhj+KTuIS3VPI7lzruMZBGAj+haZ/cAEdqYGXizOle4MwKM5+lS8E5gEviTABua +7jqhqbBE7CkN05Y3QmyE48yzi58hzSmiTOuAJ6jhB47A6Vsp/FpKFzfsK4BoD0Zh +0ujT2BeJhtsFmPY6+RLtGITnl1498j9FTfy8ZNdrXEMxvp8SnEzlIKytLQyNoz7a +tPCe1od1w+MUz0PHqDO/Av3YMULGLCUgnuZc0YjZv3P54FdC6si6KFEEqotIGD0j +C24TXqlBpn8Qqkht/0TmzVHq6U7jynOjD1VUeB/gudPlHGLs468c7HzEzbpE5h0G +1e5o6D5u9Nh1ItMObNrjt8NUxbi2/FX/Nkm3J1Ogno0ngzh15jZUfWFPAGkI1nho +12F8Sf7YTBizPW+sd5hDbVejJURyoj/jt6UfiVKUg9iUgOW+ZzgkbD8RvC207xis +QoF+2Lr8mPsNabUaFbsXmQ+6F0Pn05BzyBN2fyTxRt6u0CKmLE1fqkIuQywk83UD +hBJfeewGoOGvoXDSy0ggIkjaRCsk//Xvntt5HEmKwc/wy/1Nzuu9H3C6n7qLqyNJ +mPhrOGXt6C4LG1JscqS87z4VmhV7mol/Umdg00HRHs7l9qKRTePdlq52JL7oUws2 +CJs/UTaBHdbV2vh06qmymtEyNmQ+PrweEL5U/neyeYyrx6DsyUDdY1h1n+aKSEyR +eittKv/pouPSLlIiMeY/DzQwN1ifoGsfYgJRst9Ry4MdlahpCTX+K7X6ryEOoJ/H +1IEOm2aSlC3qEABUGo50IqiNF/PWugS7Qf/JzXAyjtcgQdW3cskNDCR7JVJDtATu +0817ST0QXBL8qT1C3z843LcY1HpnQ1MiQvM3maDHCxuoEoUrRILWc59mc14gmowq +g5XLMOLC/y5mX5LDqkxoKhoED9eM9/9EGSSy83dWWVZlGNLzu/JHBiWa3tVhas0U +LytNa+kN8UfTC8KPe6i8euhauunLIKkq+MUBWy6agFR+jflE0zd0Av7Ox8HPbGe5 +0fraChwokeFM44fy5cOH7zENfng0jVUUreTpDtcfp390QW5Ca59J5/5P2aUBLZHi +-----END RSA PRIVATE KEY----- diff --git a/BouncyCastle/crypto/test/data/openssl/rsa/openssl_rsa_des1_ofb.pem b/BouncyCastle/crypto/test/data/openssl/rsa/openssl_rsa_des1_ofb.pem new file mode 100644 index 0000000..93766e7 --- /dev/null +++ b/BouncyCastle/crypto/test/data/openssl/rsa/openssl_rsa_des1_ofb.pem @@ -0,0 +1,30 @@ +-----BEGIN RSA PRIVATE KEY----- +Proc-Type: 4,ENCRYPTED +DEK-Info: DES-OFB,62D0879F9BE636D0 + ++iyQyk6TcPldmHOJyjJjsJ4BgdDqqdQYRzQWC/WfDLJyw3CXLquWDciAw5aCof3k +b6R4PvJHzvG6j9jdlcv+yD5M3j9ZVHYkLL0fTZA/LEODUOTX74gNZfoz3FGarYIV +TabFLgwQh4YJ0+Nb5N/oISaNszC+wxf20D4N445kvuHKbak7o2j+5ZzGId9zYIPU +Jat1HygggKh9PtE4NildizyVVK5h8ws8qPWbe2/m00Hf5R2oP2YC3Afn6kqMuueJ +RrvP9l26WboAKFED91xY3gJy8r3KkkLOJq9856BlndtgkA3USqRM31W6RvLqHUDy +3l4ZY3wSTCdZIX+iHV6Qm3xYaIHNzYjHRcPQKdOVmEYiUSmAZmcavcsPC7sEfD7d +OMEbrYrztF8iO90Myey/lJxo9RaL5PfWbtXqnXKUZtbcudEQd1fXM6gzdMm8AT4F +eUSayg1/3AGEEHq2PH8kKtxnWAb7xBOgLbjTuC68f38dFw2P8iWZerG5lbLsFuwD +YZ5eItuDhL8+dbFxisBX6H0lzcm0pwK1HCHOvSCcYfpWC4QrU08WbtI7NCqIuRWv +4QOHU6SoNGW99BSnUlsqgLdIcsWsyTwiotZqusZV9AusdsGqU5ixwal4YX/8JRg+ +93EwnFnl1Y0Bj/yoAwNfvPlZhtjevsMnPEbrXbFEm0Xw1kdhOYokrx0hQWUmdt7m +cFdmFBYQGsiKucvRpmInylrS41VQNbNySqQ5iGa+vDaPBMKZusvgPgwWSchotkzT +qTQ7HNjszwR4eIjBOiBSvY5YXoa9H3irdmLn76mOyDMjaQyC9o/0tbAagLKADuF1 +Ui4Z/3WV67SuUoawqDJsYEWbOaNFX04wFby0k7oACoNxqoGFM3ITRzmxnz3ZyiPE +DV/grOZICMLfTQ81VvE8/w+w697F6EJ8rY1yOznglP4GXrtIiXAaJbxEOhosyuN7 +HikpDQ3GRnPzXeg/Yngzpp8JMVdxKdEItcXnWd9uhB2Ok1vXH8LjhVkhrL76bJe7 +bhagz+LphPaLnkE5BPHKLUwL8bQQguz7ITfxsEFpWIHG5zCtpaQwdMEj2ePVubN8 +sfZ3qhDRNG8DdwXgCbCot16SKGuOawMMC5tsoeg3DFQ4MBDrKUv3C9nF8izTs1Zr +3J7kWYrZg6+hVcJDgLS3t/lbFIhaNAULmep6wl4Vcp6nBqr395r8/uDroOpoBxoa +BNjvFaztkRy3XmNHp3TOYLg5HZPWsK3KXOs0FvdTMEEsnoj3PXz6+hw0gMV6huYp +o24r34gKiwdbrkbwLRnyh0oF6d3bPOZ9WnPgA2y2MB+slulA47+hOMcP9+WiQxE/ +eGd6TTRjMPopQXJw7/tZEf6qyVYLWfKJmI0tljsea48NocZdsek+e4ZsTW/iP0oZ +wPDYNt95V64APcDZfNtfzydp0516KY7p624TanOXsxNNiBV6Nuqmd0dGhbmcRC8Q +KNgGNvgjF3rhqrXZyFpnZNQewE7a87bgmO1O772QU6GmPUZr3nzPRwE/8+TNA9AP +hHL9HtItZ3arx7eJ42obFrxj3uzpQ8WQo/cGLgQT0lz6u91xJyWi2A== +-----END RSA PRIVATE KEY----- diff --git a/BouncyCastle/crypto/test/data/openssl/rsa/openssl_rsa_des2_cbc.pem b/BouncyCastle/crypto/test/data/openssl/rsa/openssl_rsa_des2_cbc.pem new file mode 100644 index 0000000..9dbe30d --- /dev/null +++ b/BouncyCastle/crypto/test/data/openssl/rsa/openssl_rsa_des2_cbc.pem @@ -0,0 +1,30 @@ +-----BEGIN RSA PRIVATE KEY----- +Proc-Type: 4,ENCRYPTED +DEK-Info: DES-EDE-CBC,A48C2683D96452DF + +dRu5UKxN6kr8aSBwZnynPwIA2y8Dgu6Xf2vCf0JswuFMJAwFGjiHoZTmIHuAjArK +GWhiMl6ak552D/Nugz2SNgC3eJo/LOP/g2NIJnG09GuWOGXkiagjDKNbPCiIBPww +STIBg5ilKV07lryS0FxQSUWsjI/2c0yxk/6MGSzQ6rrAWB4Cf843u482w6Hidr/E +euPsqXJDtlQrKQ1gaMTJiOY9Y2H81b485MBN9BnKfDH4WHp49b/akcditst59fty +FtzwyUTee9SGY6u7oKaUUe6sRzFOeeRR2TgWG5Bs5sne1AFFen2/q59Va/7/iXRd +TOKKUGR4yj9gA+9EIpDF3n8Vn3G9LnTDFK0Xh1m61C1mQmXgEOqJGLVreFq4u1xq +0J1yEZKoXreZJH95+gYAW5lmG+jNCMy0RO5PsTClx7G4XcIGFZAXi8sXfk3FYLT8 +nboMgQ8IXFjqO85FIVMt+xCpov+S8yOfPMOU63zxrynaXD2eGv7y2dTpeF3Mf4Ek +be0YrQEWpCtYUdZ9AwA4N0/vkdp84/WZ3Aw/i+KUqYKtK2agkJYtarqj6iUweUvW +GgWvZqNiTAd3sGcxffSbcdSRpuNttnBG77qAFgFiPXtvJu4wRkGlaxhwVTyUWK2E +HvCEsssbzX4tZ6GUXScXv4zg3YaDP6HXsnBENl5SGXK8Uelett6PJhwH7bfpWysG +Z1TD75uk6twThhtPURGG4GUaQ6cZ1RUsL9/y06v3ZmfUBxeVGLKwyMzlr2FTYenU ++LcvzriycweTLMO6llLVQH8XwlbAZ7JgndCjZodtFXhjhrS5Iu0sO6J2D7xFvL3q +/Ym8PhhRStcVjijX+5+9aiA8AkXK3khP14T3yhPLu7iayl836Lh1+O1BHiYgr9Z6 +DdhCmO2Esa822yxyOdiwVlF+mYQylEZQy3D3kqqJytO9pn87cSvR3WbPtFOStlcs +Htms8SdqLAamuWLGZiycPr87mSH2By2JED//80fNHdR1D7cvPU7oL/ClFMX/F3EW +UJAwSXswmUxqccBR2hOJ6K3OvSIULoUn3awM/qPNTQL7rg++dSzUDbIiUywxuU9N +nXkqfBVjoJTjafgWd39G3RdoK0ohf9QFj1nqYfaQGKy90cPVw/FdjRyszJWDUBTq +jlKXnap6ZS9PGztjEoLqmFaFT75RUR49NnNtmcKmH0i6anjwFWEYBM61jox7gH+g +W0r+0R2yijAspXHVpuibx9vdgkq/WR4A36t6DEMajOHM3SVzbPzkHTV5HyYQKnaw +SZLSdUk8VwYkGSylm3f64PJLxBl7TNtrQhFLgR/9QXkhN7U2Qc7WxRQzhLQsLbtL +qcBLGH34SGQarQZ5dfo3t+B6IIW2HvHNOiT9HQsIJTz4Er1SbLNH6bco7hud6aOA +eSifKkWLp3SXXS6wjQZzsSGZ7Mws1DRcL9gEhb4tgIvopQK773AbQ1SJDEcmBpD1 +NmxrTbb1TngaW6u/79Nng84YEUiWNDKu3ovoe/HLVZoDr3tGmy5ch0jfA6NOxEn3 +KXZCiu/PjU005SLyLql5dcGzagjnnURDi7TLue/97xtpI/ac0vL868Cqfm0+e26H +-----END RSA PRIVATE KEY----- diff --git a/BouncyCastle/crypto/test/data/openssl/rsa/openssl_rsa_des2_cfb.pem b/BouncyCastle/crypto/test/data/openssl/rsa/openssl_rsa_des2_cfb.pem new file mode 100644 index 0000000..451670c --- /dev/null +++ b/BouncyCastle/crypto/test/data/openssl/rsa/openssl_rsa_des2_cfb.pem @@ -0,0 +1,30 @@ +-----BEGIN RSA PRIVATE KEY----- +Proc-Type: 4,ENCRYPTED +DEK-Info: DES-EDE-CFB,36E0C8A965F07E25 + +L0GHzT9XVnA03q7rlchpiD4JCgzISj+B9GxKCrKSJJBC8bRTgjgrwySMQyhdX1nw +DiCtb9q7UCxQ/j0VvHuoA3OS1/Q95mwCsnjUXYAPiXeR0NMJkLgv1hFU8EjAJHY8 +ZenlgfC1RNoUONucq7v3F7jpsqBWrxjyDXFnWwe3edSfUzkfkG27NK6LPScjqdY6 +kJWAkHGpoGog7cYVBJ78LbYYHSBR+xfeFzhVMqB78mH8/Y/CGlKvXnPFpiJCY7Af +zpd4/PJRVubXVyANc42k+0/E2oPOSKiwiKV79BxFw8g+NxkhRzXeCDuzvExKL457 +cuPNB0CQLSVNmOWKr6mA1bIBiJXgASzijsjkyoH62D/QoBo+kBT8W3hiHooSzJ89 +flhyknT+rVuAbFdPGqriS8siN/r4Qq/gbQIFhNe9jsSQesfr7lM3oK2EPGpDxstf +eKc+EhHBlT4S9X+AilnjK5il2X5szyhOFZQ7RdAiqZ7X2KPNNqbeS2L530ZvlL+W +Yw4qco88cilN276QQWCcrp3YcWv+MzawlNvfOOAb4GfUlR+njPxRAxM3rGVXiMn+ +6UL3X1SqZfADJOn57S4cDoP/A0i3FUfoPTwQW77LOAIzLSeMi7brQkZi5J9s5Izm +OMcEi+GwBrkbPl67fKMnt3cHeFGJmOftrLZCt8HpGEdiQzP5iiC828XvLLxby5Ue +BGoBILGIHL3OqkTVjBbSODKFZTIOQdVkqrWKyXlrfoI1meATptP7/GhdQP2DTW8B +ppmNgtwIbGLg/AwNmGPdpL2mP5SZLIDJHd81BL00xPJFCR9wxXLk3hgm6auzAsZV +FYjaIQ0Qza5kBCKNqu8ad8edqgp5Rj1/ZzfCWEkPRHD/lZ7nj9vuC/dMnPphohKz +q8/L1+gbp8dwER7sEVBiWDE5u3lpSbx+1qkk2CwOjE9eBh2Mr6qLL2WIFb4YUvYI +OAWIU1ftenOEjgjvYZcdeEOYT0UF6/avfHDPvkTIwl52UUhunbnqCjQM3qr18rbV +8vB1bC64DxetUPhDymLqJCe4QVQajdO5BxQ2wwRjHlBi94nlAS/uOFV+WwqtFKZD +TakruYhw3VjGxtnjukruMzNjDSqxd8Jabp1oTHY57C+aYQcBo34XAr+j+PQTPXEj +GNL19MUMHJo/yk05NZfkyf3/+YtAV+/Gle7TlWWCV1nvEwrHPE4yCGi8j6qtCzBC +TgpXl/lxJendZgVzIGGzMDemJgyrLNV6ar8TbOz6d5GDV3S84g2S7cToMVHX4Z8M +bR53pt/KfH27Wdn68z3Zd7sT8R0g7yCVIc0BJgRrZ1aLnyKLSUk7iJULg3+B5NwK +JNucRiU6mT5SUiyS5WjD6vZVDjggAx7H74DP04rzgzcHvTB2gzx1hFzw6WW9wcCk +7+RiY0j13M/nD8UjW+pp/Ugk4Oc/bvxsA2tWQ1BeyF+KSNj/zjHMwN/sp1/of43X +D+lcWS1hCwMiy79KQudrkc2DiYKWSIiXEFlblSJGiQz7SxybtO+D0PpVmlEYWiDF +AAMz3hM+CrWcXIFNw86mHSsJHvYsSjbCB3ydG8L9OdATYsS3tZo38g== +-----END RSA PRIVATE KEY----- diff --git a/BouncyCastle/crypto/test/data/openssl/rsa/openssl_rsa_des2_ecb.pem b/BouncyCastle/crypto/test/data/openssl/rsa/openssl_rsa_des2_ecb.pem new file mode 100644 index 0000000..c3f285f --- /dev/null +++ b/BouncyCastle/crypto/test/data/openssl/rsa/openssl_rsa_des2_ecb.pem @@ -0,0 +1,30 @@ +-----BEGIN RSA PRIVATE KEY----- +Proc-Type: 4,ENCRYPTED +DEK-Info: DES-EDE,8B0E5396F9D19442 + +Ym7x4lqzxkC0K7f3nTtR7/ZVi0Vj36NLORWiJig0qvSmH1rhkkmMjssQqc17kWRT +ttLj4D4s1ueQBlDFaumMrXloVp8c4zQS5jbHNmf+bUsom+HXGFHbjPC0usHm9TAl +pPBWMCON5uUxoqJhw2mvrGSlkQhkkh3+Oiag6fxNxnN8Te/yTPC1XXCqIh7zRjCN +q3wjkh8+0QP8ui2jK/2zrlbwvCyggs4q1YhVzWYiecFro1llb+CDCz0mzKEXj1MM +MLyMdcooxXTb4t5PhkW87N8PSWXeJEJTxcWYbZ7bf+Bf68iHm6JChc/HTXZRLUfo +3lACV21KTTI/614rLl44l/Ftg4HDSE4UV/J2JoenbRecljKXneeVj48Lmurc3zZa +rj46e/pXEGfeEGmkuVnriWhRBcK8Mq33XfY870RsP+4bfxd2ykJYyxFZyoTT0sAU +LJ4KIVZVc3/jB58CRBZDV4s6/cA0uHPhprtzEHSxp7vI9N4dQAWaUBMnDtPVC999 +QjVGYKRUUNp2S4XVLtMH3+jZ5ntvCTTabjuie/4TAxoUY45CwKjEFpWtDBEWBbXe +zmIQYCE+o8hSVtt8DFWdz8+PGqF9QgWZ5iQtnp5hUKA4rVeaxF7+ktumTrwguZcZ +6ZK+K3t4lcHyPZMQBoiWijmBLoRsoQ7NIFEE3sn9muV0XUz3hMCRapWsqS4fd3N0 +LRXrBmZuizqzaNBcDku7lBbembdW7EI9flzY/0Q0xRl7WjOdK6Nj4V2A2MblQoh1 +J+pvV9Tc4PANApNLcFZSPawOJVyUtmpX8QZYTe7QlXQrVIQE4HX4od1S3/ZlydfT +DL8Atfec1sabrRFs1M86lJGnYxsvismLVH0VmkigWe+4sClAl5QrtCfGQepYmsYi +jyVruF3FzbOCjcv04x4a4HyKRHeCVlsRlSq/njqCh0WSc7OMacpQJZVvsUYRCaS1 +7WhmzeiVNjgKXg5lPwta78Kh+XbQUtUGryQQrwOnbj0SDsho2hBTt/gbWDpxoQjL +LGPHVxwqm0GZ4bw+4IXwltfei7MG/ceWxLZYk8ZTkc6r+w0+5HQFKZ3JuSKB3OLm +rK0m87IybLY/Zfap/WLAmreRMUz/FbsY9Vjh3gt6NqrDhqLFYCyyUKZyKrWnVlIj +j5vohFGbq968UYVavCZ2eqmtwWywsBXLOabypgrIUQhmCxOUBM7Mi2NVrTqn8uIO +G5+mwzsy8imChv3Zk2/LafxPpajlu1MuC6CtMdZjV+zrGxJBEUxADaTJU7tTAWef +lUjlZ4l/XO3vxSvv/F3yONmgKp1t3naS0ZxxYalcMRi6xTznW24r5voOAsVqIz5y +Nl5FtPMSCBE4FONoUI4Gq1GAen2h2/Dz1Q3CMYAvJz/QfpZFu4DZ+jAUISU7URfL +7P/lXQhg3onHVy5tgXhiXDhCCxY4pUPSy57eE32F+sIGeltoXU2Okx5/ey8ijr+i +5URStFLeFp90ke/EhdOuhDoE++7G826ky3twqtSBTt4jU9IemH0agFU3PWIJffm3 ++Ezce6LusooS8Bqs9rYXHHGe2q0oUNY3ipggOzx4Th4mwg1HzBQnD6FU33M/WyCw +-----END RSA PRIVATE KEY----- diff --git a/BouncyCastle/crypto/test/data/openssl/rsa/openssl_rsa_des2_ofb.pem b/BouncyCastle/crypto/test/data/openssl/rsa/openssl_rsa_des2_ofb.pem new file mode 100644 index 0000000..c34872d --- /dev/null +++ b/BouncyCastle/crypto/test/data/openssl/rsa/openssl_rsa_des2_ofb.pem @@ -0,0 +1,30 @@ +-----BEGIN RSA PRIVATE KEY----- +Proc-Type: 4,ENCRYPTED +DEK-Info: DES-EDE-OFB,0A4E382F6060AA1B + +hIbY73AFUCWIkdT7MEKMhr7+uSoSMO9wihHjhiHn01cq6kTe66Vy/z9dmTcgbK2q +edRngIRyiTqyul1dhQ2ezVDisowHAtdiD7O2/Z+YiXc1hsuC/uELnYV1hTUg73Qb +v760pWyH5AXNpqGsx2LLw+hstiiWVO+/Hs+CqtM/RgONfvUCzbyOQknDfSTDoVXB +W4gEDKSDj+ydXm0ZmMS17DLCXgk4HBsJxyiK666l2TzB9pnzj6EDA6hDsiHfy3z4 ++MxfcnLxWw9TJPxdLYVdw8WNWsXQd1JHQz/BQ/Hum4eNoYxLGgsV/hWQmkFil1XO +GkPjF2z44fxN4FJjvQskrQox+5/gvnG+KamfvQt62qN16Z6ROZu5buPijxmXoecq +gW6SyeFbnYFn27hglllax9awEEUtcJwi6OxKAkWD3REjqCfNAwcqoFqwkxlPN3IH +00Rksn3P7cN5IqePVjSdwIhZtCfeBW2267oNxb870CDon7OlrUdK8KIjp/x5jKUs +Pjehw1Ovtvn2YUQnTPvIYQsgdq3BMb9ETcnPDneCVweSxHxpb8ao2hyBMyYtQG8f +LNqvLnjh7FUyRenf3XRbqka2w8B1CFTTErkMm9E0OPD8tMtDyakI+8fMJDkGhGI5 +jMwY2q98Z+Ef4wDifOi6qNklBlJwjvvybeqhqWOoXKbQMhnQPqFnLGjp5GQMczII +m9a0anYSvmNKjRtD1LBL0KDMUgIx35U+7GKQfjrRTURYtAK8EITKUqYoWJWXUevR +t9cikdwQ2yDuDH/C+a2eaEHJITerdW7ba/Rxzh50VdPq03uUNkN21VZEMjcU+GPB +sLQ50j+gSFRMMzMfDx0G3wHoEJNAul8x2+umCUSpzPfC5D6kjbyREm/fWEuQkvL6 +AUCheoD7ouRR66R8syjIbeCKhjZEXUOvxxNYHSySrxHyiCGE5xCSVDlTzAutvcOn +kivQqRlO1C6ZoEWbGr1SPoIoi0iMoh+TKZDgMy6/pRWVbELW5P9JnH8K+IreOIXd +IgnCsqKZBVN4qRPrW8HtEwiWW7MsoXGjhpVl8wer8cNmcfPTo3x2l2+mjV2r0xEZ +Xmv2LEtjDfIUP6yXuID4OrV6kpqSDax+wmujr8jlETKf0uEi4PZAXqhrgh/fgH2p +VE+Ey0vnDaXcEhS0ketOGmBIYaKzWbMH9iX46YSkA++5/PavhlbCqZZN+906jwEW +6MS7Nq1UBoUiql1Xa8AL0p/7QKZH2mgxpFcBeCHF4q6HhebbQbCpveJgBSR7/12H +fJOIubovV6AOx2kBRAf27bii5iwMjfzC9IBE+GLCX3CXR+BLfOWutTcqbaBRdmQv +K4yJqB/WHYcjlLKf/Q8+B6elmMc59NVUfStMszkIGlTzMFIkObLHH1NYPSC700rH +ZkrdbRGfcncT2OcyFbWZ/tIvUER/aHjh/BvZ9s8UyEVEZzsFJI8HA66sJzZ3fKaM +8P7nXXagyarILIzO90JIwkX+ip//QtpSDPkrUtii6Wj7n7RO0REe5N5+NA3A7WUs +Aret+KXgmsOi2fnTmCFjVN2QgmQvOg8PGx0yYx8gxWog/NAmLCVMjw== +-----END RSA PRIVATE KEY----- diff --git a/BouncyCastle/crypto/test/data/openssl/rsa/openssl_rsa_des3_cbc.pem b/BouncyCastle/crypto/test/data/openssl/rsa/openssl_rsa_des3_cbc.pem new file mode 100644 index 0000000..6a632f2 --- /dev/null +++ b/BouncyCastle/crypto/test/data/openssl/rsa/openssl_rsa_des3_cbc.pem @@ -0,0 +1,30 @@ +-----BEGIN RSA PRIVATE KEY----- +Proc-Type: 4,ENCRYPTED +DEK-Info: DES-EDE3-CBC,6D7B3D8B829964B1 + +mw05Vw0Y4gDohoiqd0xLN6ZKCalPCK2F0QFSyAVeoPY39y1RyKdsg8xt/qDx73jZ +rgZb/fQLKs/W6SqCAAk/7EIBNTCWf+yD5TTdG9n8viNDSNXWdyq172rEnRV1CWGe +beo+YjNDh6UlZ1FcXLj82TpZ9EokUKLabzNkY/coVPLlytqTSO5oZmbdreuUxOyJ +ktQJUmGBmBY0aHJmV2wCkOFAXbzoSfo+SNPntEUNTa8i0cSIgmZd4/QS2Xfa8qRZ +c2R2hNyVZygru5t8eckKj6uvj/Yszg6XqQby4ktK/cYfveS85CNlu03WfjfI5V78 +vY5efs3+NVJi2+ush4p4TfgT0PAKTWjXwpMEiGVlmxBoPoFGtTXY3Xp+64QICgTa +MdrxPDDBw2yxmWAOpm58eeRqAN7Jd42qBxerJFiOUZxYPyRrQvro6fkldUlbPNon +53Hzb+zHXv9xM5aUqfEjMO4HyprhKT/8aZgQiDE8fHgJhI/S2Ho6Fzqz2/uOHzBB +gx0m8fM8puQ11eRxO+oSE4OSKbEQG0Uj66cHXY6FbJUhsLkGo9HdjLSGW67vx7RY +Q3PQApOCFcXLecfkXrUaAEeRPNqZXjCkF6s8bfCOXD1cr9BulaGpiGxdspu5Tk9Q +bLtoX5VHnW9VoIoFsIWs1G0h3WILs7ynCE2ttDSnIjYZhE6pRBiDHRs3J6dH/oOh +c4dFaapkisk0BANJduvB7vLvvbJ0Xs42q+sRUCWzHNnJ3BqQZtL5f0dqu1AXafji +qwxcbrEqJc1kOQ+iRAZ83nVlVkI/UgWzTceYPR24Q0PnAux1LkoIO/FWbhm62j3u +xS669GX+GS9urX8oC3JUYT2n9dnPL8ouB77KfP6c0GVxR2hhiLYmyP2600C5q5DU +6rdNm6fb75nrAmD0cgPxbdOB8zbgVvQuPXG8QnTO5Vvhp5ETgifIXPCIWwNHg5xL +o2zrAdrNaio8FZUVPHOvMKE6Wl9QDMqnnShH+8VhLk7+LQpVDewBnWaMd8pK8qGn +robl+i4HWtn20uZIDFyI4ioSa0S3Kanvd9TkchEbDjKAVi1QXdcD+q9O0AYt/X6n +ygx2DGhkNYMrQmc+AIt7dAPa6RdZv50AAc0R3S0DBaxtd36pWugT4WIEexmuYj8S +NbRNLuyjQMYCeFs/Ff4df0gmfeyH88YSlafnLyFhvv041LAbU52e/yExCEUvKr5J +Oj2qVHJVe3eVW+FX8hsoUAte/a5foVe067dThfZDVp0TirozHAycgfKI600VF3Rh +rvQiHzmXRoMptt5g/yLsTVYiKAF1n2hU9556sJPARFrG1xXoFFwhpzCS5t8ywniN +6wwV+V0s4LSJFQJBFjLrreu9ZkYMdEOrekzqBohF5wG/BJILkN8hBmnD5gckbLIM +QUzGTGxu+BIUi8JNkso0hwZDAKnYit+FVAs+5yU0NVQU6e3fW/+m48YI5gqFI+k0 +gIGmAyU6zaUJBJJQ4wc3+dOsy8sokqRhVmA59Tv20IKHh54zWq4ouFAg4Yc0bwK0 +1ua9GJMGTXN0+Trb7MKZQVKokyNA0RVCDN9AIfwCA5hDhJTahsO8Lp4Eolz2TFaQ +-----END RSA PRIVATE KEY----- diff --git a/BouncyCastle/crypto/test/data/openssl/rsa/openssl_rsa_des3_cfb.pem b/BouncyCastle/crypto/test/data/openssl/rsa/openssl_rsa_des3_cfb.pem new file mode 100644 index 0000000..129e02e --- /dev/null +++ b/BouncyCastle/crypto/test/data/openssl/rsa/openssl_rsa_des3_cfb.pem @@ -0,0 +1,30 @@ +-----BEGIN RSA PRIVATE KEY----- +Proc-Type: 4,ENCRYPTED +DEK-Info: DES-EDE3-CFB,B99E3DD88C3A9D7B + +4Dsk+pNUGsgEqelOveMyrkoDb+khouKf83Yt4/qxX8CHs5q6i70NLViQWwqvIqQP +g3h8Gs8cYKZfkEAFKP6BRFPy8EttnBCzhAdvLKrKFCZoDmhxC5ia+FxPLtNaDEb5 +6bgSoZ07KUMvfMZdnG5Kogex4DedqENVHBi2Rl3Dck1pAgxwzMntgHsluT4ht3id +SgyUT/xAaMSwIklsjclR998N6V8Nilu8TDDf5X12RHOq/MSqGZ7yJC3Wb/dsirNs +7jsEQwg9tIg5B/5hxjN12E4Ov7orIuO/WHNVtLznx1w1t/umPjLFn100Kln8GvfN +jiGSB5TUz4t8r3deN7oDrGjoyr5OMnKWSsIwKcMsNSh9aTdkjIJBUUhIB2PStdX7 +WbeNXicNMQeteIrY+ZDDPpMbjsH1Kqcz5y9OWnvaXso5lSHLBp1IamCv/XbQcAPR +zbnbN8DCOYAMcUiwcRAt0U+BNc1edX8VmCB0d4RQq5BTFbjGKqzo6yFVUOVLhiFg +E8G3v8sTqUhJyH4Dmjn0oDMtfdplk30Ywg2wZAahnI9w+cZFvzqXshL3mGdu+rbb +h7PkiJE5vS6/4VKA7pngsVanCRQa3btL43ekShth+DXwsziQixGD9HhTb2iYeF+u +9niDPI5gzi9IfxIpb3QjR1xDJYAzKDDBA4gHhbEBSObByMsVzjS0+dwP9N6DV60v +3x7RfO094FXxlVWSh2SMvz/sB9fsD9dCp/gadqHxhk2aJf7lfSU1C7EmM9hxGZku +vR3J1QcSu2FMrvHyRzFZGKozSHq3QunOLno/KmY0ja1754NEkntGvPuB7LhGBNB6 +14NvQsl7qFw5wJxmEdY5rhVdz4PxLfjnMyvCiWlku83QIC51I5DbhRP7eG9rJSMw +b7KFSQwmp2yzDeX+Ipd0JAgd14GvtmICKJVushO352O7mVnx3Jy1ZtJsonhzySz6 +1fGIvJI8jxZOdO7q1OD0bfrXS/kwdXnxoxn4pkjw3ZN3hdFTfAerVQ+qYJ7zIez5 +0lUihHNw1C/KRsggraOl9rTUNppcNtMYwKXCJOGXI2UEn8p3JIxEHLwXyOjTDfg/ +5oK2nPAmBdGsLb5ivJLPivmaqDXf7fdn0XBQQmtYUQRotlGmfpztujt/b2pL5YSE +Uqginw65zyedjL6Aff3crvP8/CUR0JARx9vF12R+v2iAnDqVk/yqYpRqOp5elm1t +yGB/PtpoRFsNU1hDnPZDu7kZV9oSeXaBDFOnHmX09qE2r869Aye1xOVmxiG5tm/u +KGA+zlJVVpQSwnPc/qk17S0dvNAlgt6MH+vYlhKw8zk1nDCuavUK3hTFT+9w31cQ +yjPdV4/K8seK4zIqpH4LZrC306/1/7BT5JXL6ZChATHaI68xwEY2GsEl/Ze0JrQv +WpWSN/I269rUfaBDE6eFaiSDzq1xY+qyApHSTNPSPDHbFeCXz+puqv9lw0bJFnRJ +nLsK2fUAKNvyCF18IydyhiGz42LYbwwjlEWuVsfWtgvftDebZRIfQFlj7DJwXfZU +zcEOI5YyuQs+wFK/8b/bknF4xRpaXwt9Il7tcV07h96TDJV05illig== +-----END RSA PRIVATE KEY----- diff --git a/BouncyCastle/crypto/test/data/openssl/rsa/openssl_rsa_des3_ecb.pem b/BouncyCastle/crypto/test/data/openssl/rsa/openssl_rsa_des3_ecb.pem new file mode 100644 index 0000000..bcdc5d3 --- /dev/null +++ b/BouncyCastle/crypto/test/data/openssl/rsa/openssl_rsa_des3_ecb.pem @@ -0,0 +1,30 @@ +-----BEGIN RSA PRIVATE KEY----- +Proc-Type: 4,ENCRYPTED +DEK-Info: DES-EDE3,9675E5342C359F94 + +aqJHsie4Ls1x3Tk73mbL7VyTembpkhx/a8Mc345TuZOZEkU9XYrkFMvhEB+jcVoo +9ydosCL2d8xjDusry+vn5yF3iwE9HFHQ52M0/a5IH3sTtJ18BzAOi72ykGb2r6ly +FzTq7xdXNihN19wHHnI98GKdxdQmNR9uITx8VRBbZdbRNGdJopS8zT96+AV1QAE6 +lyKKLA7qbATHR7JWQN2OYz05vGt48Vmq+da+qs5liEtx+GtNUxS5x8lAC6Llmq2s +/Xv8X6kjYmxHSYWM2JyxsznGfdXKXe9f4Xxwyhedei6JgrTHa/JN/+tvgh5NWODK +er1tLBRRA7atlSoB2AAegJC7gJRVOxRF4hiKX/19cfEpq8hF9+6EHGYm/IQRSI/J +F0RGcnSdiddYbEb667qTkbLZi/d3Ih3KwKGww6ZzkHe/qPi230/cDR8tac26jmG8 +qoCwj+XCNOe9IUJsCN6RmLcFp4Tr4UVSsswxReN+xs5Ui+S3AY8IKscLSo+bB8gq +DVBvVFUBTiF5/zO8q8H8Xv2c0aA3S9UQla+l3yoZygiUym+Q204Li+tDXiM602kr +GGDA5/cGpQuit/7O51KF2OSwnnvLdu96qz0f9X+rq4QVNAy5PXcr2pj/y88UfSXN +GAbogEXqpQzn0rmV1OWM8hsnOpN2DLcuZICCJFJc/BHO4elt65OfBjAvbxjhFU6s +nJLUcR5EopLex46WwuucR6W6wjAuO8ET3cDV5L9wQI6DT+XItotk+yJyYawNPda7 +wfmxZ0o3qdcpRp7aw0ohfshRGJMuLnGVgLczU4hwO2/1LgRMnCywldacAfo8Ot8s +WnC7d0jVOre2K67Omh4gLQTzikvFoxg5kjmFFxF+QOFakT/B3RMa9mgjtOlX0boK +HepTxOtCaS+cZnL/fUCbWdnPxqooKid2DnVTNIXXBg3S97ReediwpSn6v6gU8QXI +O0X/+syPkCRAOKLjCdgxFXRB1UA13v6iqeja9aXgzbUnk/MrT6G4ivAMsNS1cEdA +KVKVpbiKchEpiiSiPyo7buZN6t3m4JnupU+UvcJAEFgdbPvP/kFvxywpPBcAycAM +HgujJ9bE3OR1lfyHHTGF/f5lXGDzB0/ND8h7Pm+Bd0AFde79rCswhnR4oJsPLuij +Uy499ouKhoxFTn3WMF6at2QLf36rfLHl41uSN0tky8trT9SE1PjX6yQUjl48bJh3 +MWUFPYBDfDPGTddENYo7hDmwoSLbE5WFxbAeJa86wgV/P4/QcDF0IPVa/wsDTPKR +RIy7eNqxXBYhFeOBCkTKHMJ0XCawi4q2CAwo7RNuAmTrHOBN2hZOwYd6yoEQ4ALq +70cflG8+rITJHOdAjXYAlcuuB1FjDWJjO1E3P9MwMfiFZBnJBsYkDT6ablfwgpaQ +z9ngnzRqxIjqAxrRY9GdR3BEWgRIiKXljUgkk8qFSRIS1i3w+nHAipreOwizTVUw +otTU++EjpQBracFsuGP6w9vcyhHOp3K+RzGYEQoh2vJm25lzUWBHvmVpCw5BBTms +RgurNRdm1IlN+qSzriotjPuHr9Ucit7VFV/gXtmyJiNNPjTLpLQEZOUpz15eaFs+ +-----END RSA PRIVATE KEY----- diff --git a/BouncyCastle/crypto/test/data/openssl/rsa/openssl_rsa_des3_ofb.pem b/BouncyCastle/crypto/test/data/openssl/rsa/openssl_rsa_des3_ofb.pem new file mode 100644 index 0000000..dad36ea --- /dev/null +++ b/BouncyCastle/crypto/test/data/openssl/rsa/openssl_rsa_des3_ofb.pem @@ -0,0 +1,30 @@ +-----BEGIN RSA PRIVATE KEY----- +Proc-Type: 4,ENCRYPTED +DEK-Info: DES-EDE3-OFB,C8F1482CB09D61BF + +0GfYpcSxvnnRri3s5PutcESsHTuupx6UcprKRS+B1neyPR7Ga0Z3mZ2/X0trJVpM +cxJW4g/cU4TknCZLjIJlClYQenpPRH69yw6BTi6/pgUhKeGmQK9Oob6G1RMjS9lO +MTb8DKz8P9GmDR4/3SvJwPU0aEM1EAmwGJV2beB2QWRhaPkAZBzeijYf+uYn0mgm +hZwjU8tdwnNnCdUXdaHeRkeqFcL6OjJHV+U5SZaMbaky1U9lyIJL+GUQZkRfZzJD +41Qt6yVtetTgzljtCtd4ix+RX6EYsWfZ3OVtwHGYpg28IdfJ3LVE//O9EkLZoBeg +DyU9c0gDnQ8Dxl9VHGFwQvgdSEyJLvWDv+6RXvCX4Kb2Spy847yxqcfqDpjUhzgv +C7FoBwswS0pkQzGXKgdM+WlBe9/GYOrzW08IYwrX88aihf50jXi472th6ILIkFHD +6m419YsrmOeEMXGW/VIKxk8H8MGHwdvK82xewu8Ftgfx0WihfA70EyI28VLMQTAE +MMHxxCWtdWWnmd1xiHQSX6vedPLXQKKt2AYxYmHQYfqNFMcvDc5uM5uM+mNkX0qt +VL5PeYRYtdDtT5Xj4/acZD7X7DhqcOwvNll3J7PRdadNXKfjHR7iRP62YkIiESE5 +sCHhYXmtQqK2JUJr8a9M1QPhmAIF3FYr8wSFu/eWw8ooBaTxVoGCw70lT8LNHVql +TYdW9sOnvUjz36oz6H+z55CNldor0tS/Bu5jNPOZ8F6j5r4xpTWi3d/UWLW7uBbw +VTAG25EiFvQBXpJFqgRCBdD1Gcfoc+ZefLXQ1l0RJpRf1jJMkfSWvUWDRNm87PSs +qTeDBzuLNx4A1wYcJ1H+R7ds5QK4moNlvv0hJrsqbOESpLv/XPcYrFgzms0b+Q1d +uJEWjz38AgIJQxBxmoglzDSRx9OBh9D8HQ+aJLSVcz0dBmEOEtPjZn2AmxxccwCc +NkMnAxXyNPEJhecTp2/lOOupQqMYTGe8aoiee3m01QPzfgL6m5p6IJdKzOKi0TGJ +xNW6fD486B7i8d+VOnst6vnd4xiQ03gNNA654mrXIM881X5elqmoFWyup+Ct9lw5 +lxllAJGh7w+hf8P6mIsezOkZGieGhzrFnuLVM2srRDEId+shTV/0lZi4LhfDYroN +VAbZ6bySn9fmP4Pn42zu4XjoZJffF74u8gFPo8oSFYg88tzjbPN9KAPInNxD6lBA +cwp3vc1n71CEepmfeZFR6pm1wKRSupkOZNL/PV9rqsyP1pmPE3AEU7WYjNbf2ah0 +GE9f6dtLWcDP/3SssoSnZGy5SdqcNPymG9vOR+QD12YNxn7yA87HM3+swparlSYy +Mhg1BuDXb5Q5XFVFdajFwAnXJblAIbuJAeHQ/mNCAnR3HNv/Qic2GF7X757MA+dP +z86gFzJJtb7dtZ0WDQzzEVHgnfVHP5buXnHdepFLsETw9fp4ZjqPfHjLXIOvp9/9 +G9pmSzB1JL8kK8sexWgsMRnl2j2hUDYiVJ/LQjMzk2YLF5I0D5msNTAJvb/gFBdv +ynVKUpIoJEfRaY7pxR3tufbzADNiqa8OUCGxZ8jo26j7XWDkunfGAw== +-----END RSA PRIVATE KEY----- diff --git a/BouncyCastle/crypto/test/data/openssl/rsa/openssl_rsa_rc2_128_cbc.pem b/BouncyCastle/crypto/test/data/openssl/rsa/openssl_rsa_rc2_128_cbc.pem new file mode 100644 index 0000000..1763340 --- /dev/null +++ b/BouncyCastle/crypto/test/data/openssl/rsa/openssl_rsa_rc2_128_cbc.pem @@ -0,0 +1,30 @@ +-----BEGIN RSA PRIVATE KEY----- +Proc-Type: 4,ENCRYPTED +DEK-Info: RC2-CBC,C9CEE2FFE7D795D6 + +hcUF0vilpOxap0mbziQfS/5kPdXsFb59D6myNYdLDAvBWUVAuu5g8iDDJIS8KPb2 +xvmWdXRhbsnfeQGcGWM1rMc7brutqefFp/OAJVymI0TpILMgef0abf49PEqNUa/N +rYs2dd39fsyrJ0rcEWT2lBA/+GTLATB+16/9aCwjHjQ4L7d4Soh1laMo2K2Us6Eq +pB8f6an5Y/vSIlnljl4upKOlcLItd//2ehQnkuEhI2Vafz+kX08Z3+OCLZfdNEq0 ++8b5GbOvygEZbG+amZDB/tXnR1HB+AI7lR94PmM+h24COWAelatj2uPOGov54gXc +iO7NDGoouysqfkfcMpuy5SkLVW4FoCAxfOl+LOU9p4x8+iaJt7Np+TO16dvX8MOL +4WcIz4huaT125V38Q4UiB+WbsvQXrHRM4WCyJBGBhakr+FpNFdH1UPb9Unb+8UQL +BeddEGT0l9AiSebT/JMKgFUOInQdKxOjg4NBp3asVEUeTGLeTN3o06zUoopzT0S3 +CHrpgvpZLf+4NATrFMw0HkcUK4GHZl/Q68C67qNGTc4B37eGcxzGo8QOyjXzKxL8 +Lh+Ry3eJpEXae5xDUn9yt8eqYI2vdwjA/3+XE6mRhu1sbPNJCcWo2kLZ0ibYgqdB +FLsXBT8aoeKrW2p82OpehslbmswOKZgrPRYmNh1GAPz2jwBFfCEOLQYXAjCFViiL +ipFLKLGt2dhjk5RbCraN6eYRn2XcIai/7dnaYxXkjOsNH4mmPzlzjhvRh/2E/r2Z +hbTOoa2uFUtZHWtDXUz7ZzCJErJaA00ont37BksfHDdDw1HIt4z6Ut8Jm1cR5zPO +pC7s7ohOS5j8Vr8j947bEXITC2ozcvVVZOCcHwF/PnUE1zx48HBp2m9NAZ8Bz3LS +Zn799/RrNtJLnkheG0wIrizk72M5L9PZQ4FXlupfJ9c9XniaQ23GQFszagceDN8j +z/MR4tTfdWRy/889lqZ6ccNmPAXdwwijC6Tw6V9HooN9m3++ZlbPfHpboQUp6+V0 +Wwq8gdnlYW/i++9n251xBsR7mQtFNXaYwFmLUTt9C8OobyWSsX/OaeQGbWiVnmAv +vPkr7mh6g0ha/x+1vKgEOjqItJsGdspf8ePHQ3FaTkfFwhQ4eN9w4QR3uzM/7fnj +ql3yA+G8ftpaU9omFbs+VqIVNej5tvjODQ02BbjSuRklAGxnReCS14vLwjg9BV6t +Ow74oIttwlZof21BWsCISgybkPmMhkIhUNAAkHexzY3AiqjAtEGnpmvfZAX9zN8+ ++Kg58DxudjHQwUO4cwP9p50NndrilBShkotdYIqekXn6h0frYuhspJVWwIVswNjX +BuEZE5B+Otswbt/caj9C5tfsyKmnGToG4fpDdk0ItxRq2126crKQd49zZybyR3zR +phLeduyS5h0oYNwTjq+Fg2Z+f6d/iyCAE8ynfqcAPK1WpM/02DBoLsOmve5BCSPB +YYKdrKfkGbj4J2klrptGmqgctyW5jKGddE6NO4XFYV174rsdPoErNWWcfptHEMLR +BWfopqdN/HMrpRLTkjx9rIeBJ0F+wQEEH1JehnWExSSSAhm/gzQc1kU/wihOStU4 +-----END RSA PRIVATE KEY----- diff --git a/BouncyCastle/crypto/test/data/openssl/rsa/openssl_rsa_rc2_128_cfb.pem b/BouncyCastle/crypto/test/data/openssl/rsa/openssl_rsa_rc2_128_cfb.pem new file mode 100644 index 0000000..4284fff --- /dev/null +++ b/BouncyCastle/crypto/test/data/openssl/rsa/openssl_rsa_rc2_128_cfb.pem @@ -0,0 +1,30 @@ +-----BEGIN RSA PRIVATE KEY----- +Proc-Type: 4,ENCRYPTED +DEK-Info: RC2-CFB,AEA62B1564D645C9 + +NX4iex15O1Dwp6ADN+uFIycPB1ELvBDVRGh+OZnisNU9h+8dPO1cb3j2tkwLFK4i +Pml4zz797d4I4GqdF2Y23dz2AoBrl2Lj0N0W01AlOGagh92pZ9dKjjU+S5N85OBw +buDbADh16fSPW6Y88guWFXYBlGJ6HZFK/9D4CZmEfI2Pt9AwEIZ/JvWrs/zW5eGP +YMFsLslsNu9TOIKF8iDnfcWM9MFpgwcFCIqTwyQ/+dka0hw33WsBREhFcNleLxhW +NKBIMC6jNjpW916IClH5sBu7T8ps/7JVw4DUfpl8NAOaqJSicPGpZrGIZ9N9cfLp +KD1XEy+yWc9ahV0mfiyOuzNnP2x9IEBdrk5uqJwIT9RuiFZixIH9MRuqAtrA5BIP +dc2kw50AbXRghE0JdUEFfUm9zcRKdG366SgADnteNk/77gqI0OZJDD0XL9R/N3Tn +uh3EI9joJciWDbEX0/751MfcLaa/EkI7quKMEyFGWvox9sKLLEKRUV6SfO/YX8ZM +RV7ebJdW+Mxya/beG3Yb9TAYkrG2TT2+uhRqZlZllJQFnX7k5MxyfN5I+WJP7SEs +Uy5PAkNv3h7DTV7dBFMy/gPYAooY4JzBnbq33af+w/VbhyhVid/hn9UAONahw7H/ +1Ao24IlYMza2fJ9yOn+ejLhjvwYIP5992cmElneqMdBfV+oaQTHtWUuVF6g4gJBw +9QucqxH4JbYccwA1UiKIqkmOlePm5I57RbBw1OG/Un3SiPcAwiAW/UpI5yv8kNwq +kZeWnD79kMBEW2pU1CTvf5f8aBmcgQykC0M8H25Jj2kVvj0EsRGx1LuQx3ZCSM9y +sZejgZouYA1WuZaIsz+3t4fgYFiOHDxmSvPt6VtZAMJGmLB/Xa/PVI4rsyNv99wB +UinlINhzeGKpYYHnUgN0PrRQl0LBR0TdrJ0eG1djEvflXsuAQVP7+gP+oCckkT2c +pIVm2IzplT2wzsza6+o1SA5BF7RKI3A6IxySFEBJTeaiZnYeeJHxE2DJvU1Fe29G +ML/lM02waLJNbIs0Vk/i+hyE1wtMwZetptG+En5TDzTkWlVSLSqW6LXVJ53J2E+q +wypuz4akL8CaYRm4XTmIH3Tom3qSf7rdbL9gk8llZacFNqAl7x1C9zDUzKU0DAOg +qPKAtD1s7Rtg+4p+5cIEAWD0TKX6DlXKC/EdYO1w0vmavGSvQrr+KENE4+/gIRst +qlTCiEW2U+PPyOgpZAFF0g5y5Xw0Fea/0HwBBLfCiPKRmDHQIzWIEW7RkkNfQlHC +iCTBoMRFDbwXJEI9XUu2N4RdmlP+84i6fSRWuzZGUACvzEnRJEc6H0FaaN+fX0wM +Op5O2hcdA0YTGGmTLUAeajiQnqGRobC8jQL/WQRVwOiFU9rgy1K4Cu2T6eBubvVh +gk/R12LezvD/KwLgQz1+vXa5Vgjp0xhpnLnJVzPqLG0Fmj3V4uRDc1Lvvl4uLJiR +VFjFYlqxP6w+ToRqnrfbmUCuiq6pS9FQi2Tghd02P5TnZcyS2xF2X7o45gegMplS +skPzTCON8140xpx6Flep3bHwzEI0CEwO8goVMc6x4a2Ggekjn/Nz2A== +-----END RSA PRIVATE KEY----- diff --git a/BouncyCastle/crypto/test/data/openssl/rsa/openssl_rsa_rc2_128_ecb.pem b/BouncyCastle/crypto/test/data/openssl/rsa/openssl_rsa_rc2_128_ecb.pem new file mode 100644 index 0000000..d9609d7 --- /dev/null +++ b/BouncyCastle/crypto/test/data/openssl/rsa/openssl_rsa_rc2_128_ecb.pem @@ -0,0 +1,30 @@ +-----BEGIN RSA PRIVATE KEY----- +Proc-Type: 4,ENCRYPTED +DEK-Info: RC2-ECB,270AFD04879E8434 + +u8jYUJhoDMDNI5cHXhnJJ7Pm0lF+MrOl84maQOwfwZ5hBbjpx9s+z5SMYpWfz0yQ +WlgBuGkaY1UNBDrwH6baA9/eqUzem9ZK+mYmjKC30OaumjKVJIB7cJfJf6Itcaom +SH1W0kJYeDn7ANdmstOGxbr2TDCr0BXa+7j8cTo2TZX1rfsXcdmjQ+8Qa8zfQ3Q5 +FbrO+VNmAQwO7HeFjms38+ukJRW30EPibmbzx/YTCZ7XtCsXt6t6ggYja9Kvk/eI +khwvFFk4g6Dv9YU+x2pyrkquIiTUo+jm3Vqhz2m0cGcqfynVEYn4fNPc27Ekw3uj +CrprMgnfaX8QVx/EkpDYp7gpjcLYJObpUTcBo5iA7R3lpQ8itY1Ky7u6MMwQ2VHd +XZcsS6b06mp2EW1CO951ZaPyma4AqoLl2gZ3zH4qPygp7uxrGdFdFSqrapVkDee/ +lLtj8Z+/g1IyVSIW2FP/SCoustCHcqeDDq70GKY9qiahNFybWn49vZAPB3HPM22f +mCcw4ALiKr0S9oofxrb8PKxmDQMZAJqjc8qRMLktYh9rJLMoUG2bmQqpKmLLpx5q +3CaKi3wofc005VcILyRgjumscAcpbTEz4vcR4jTwMPNP+WI8+AHtg0OcF+7hE8qc +a9KTSsx3eJNbqq5UYxVjV/DcttNx9ENllnG+jEdttkaf+T9rJiayc0WPd+Eg0XlN +ByBG0RCPQVJ9YH1Yke9HGE0FXv7FV6x4c22ePePcyE6VUNBoxdmXw+KRhRlvtXtM +1fFMwUrY//jEpfbf193avTVVctDTLxDSmwY6eAMBm81uDTlpUm0q7l2rRuKzdgFd +bG/MTOd/j7wtKJbQpbUfUNFtF6zjssPdGhJ3l+8Rg4xZyHWHgU5FYGodp9RsxUhm +8AzoPDcVbbvu5YlPP+XvyEO1860fX6iSZKuOV+owjh2i51CPzsgX6OrOEb6/1rc3 +M5AkLVl4insmetdTqb9PHCgfD6bLYcDBj7Qnf4HEDQUGcRFe+jogOoSH40C5UgPq +F83nXv6WYBb2Y97lhb44x7d1MzE1kkzQXlyf3QuZ0ZjOvm+LuOWkbQWmLj5JhFJv +9CqY2MBL39EFamKjmmBmjrRsI9XMLHvB7VvT1hJPzxbF3UwDZ5BsA8IXSps0EjXR +rZXSwo+vqTa3NlvysgvuJJUjwyf6mN2SVrNaKnZZ1OGFY1oQ3bmOgdI+SW9cpGzY +Y8eFpaG2RAiOfBZ0JIyBUoHUH1MMMPw+Mh7KzIknP7O9htwiAWEvkcjWr7X6jpG8 +sBdBmszX3TMDTToQ6DvyjVRP7mJ39dV83bLI3EA+N8bJcTOcHijCvbzQM50WzMu1 +2UA9e6rG+ouQAgwaAHdR6bwm+Zr3e7MswZ0Q8/Snd1UdpyMyJ9nb031NSRSvkEyB +ipu85/738J/g7tAIOJwwHeVWjL4lnrLC3CwbtvWAQ9Ox8Sjv848608GzQxFwHBHJ +0NWgt/AfLYsq4bmmFWtqvqTjWeAeUsM+67UY8m6/kxhfRNNN3zZcckq2zlF7TRNU +5AL/3KbVVLQl/7fD36m8AK5eImR+Gvom8ryzNacbNCL55ks0sycbICulXbdb0Jgm +-----END RSA PRIVATE KEY----- diff --git a/BouncyCastle/crypto/test/data/openssl/rsa/openssl_rsa_rc2_128_ofb.pem b/BouncyCastle/crypto/test/data/openssl/rsa/openssl_rsa_rc2_128_ofb.pem new file mode 100644 index 0000000..cafccf9 --- /dev/null +++ b/BouncyCastle/crypto/test/data/openssl/rsa/openssl_rsa_rc2_128_ofb.pem @@ -0,0 +1,30 @@ +-----BEGIN RSA PRIVATE KEY----- +Proc-Type: 4,ENCRYPTED +DEK-Info: RC2-OFB,E5989634C878E65D + +6o45POmHfE72UAdMBQrRIm2+oZCd8GmkmrFZMXYnVWP8ciNiGVQqUxVJS9j5Rx17 +8qxpNrzvcWEGWcgs9AOqog7YXHkxo/s/RIOKjUu0WhY59UrYcbkN7Rjyn3wSSD8X +kN4Z2tz3iR8LnfljD2ApbR3yEYz2NvmifZzsac58R3LvuFg3Tsl0QetPSC7PfMUh +B7dezaycDcx8QJy+nRPcqpGzeL/VVk3F4Hppc15gfdWtVellGcYsT0Z2Iu42I5nx +HYFajRliBukH98M1d905lk1aNLDj54BBcq08JsDJN/V6DY+mUpJCFOK4DfP5WLJb +/HCQg0wqsUmRHK3dVo09ilZa4OfrrRD5qTWr5boDngAqyD1r1fiHxcv7uU/HOSvt +PU53frz38BA+w1pHtlE0TSG0oBe/+741kJtpvj/1Ts7nUeYJ/DGR4vmLpg4rnbZJ +Yky5TaDV2LVLFR4syqombb3eiK5xbnjePCQFLwxYLQKZFINiS5zDr5mdjhWbIhpA +7wg9BKNpUeXRDtntWXvEH9FmyIicbk670riEYEo/EniwrxW9f7MFhPUpOb9ktE56 +RnaU0EK9zUx1sIvcu7LVq1G2EVG8IrOKGcj4LHysBtg6PQW5mvN4AA5PZlc2Sux4 +L5Z6mJfwgBbBB4OuRXAYxHZbnfMTs75vL3d/HIcvSPcvb+7nfvNLiwlaBxaUfBFh +fyDurHkMG6tBgE6OORgWraNEINJeOYcG2WK60qC4E8YfYCmc9V+28A//bsyRWyku +xIDup68r+Os5RMRAaZrkIqaH+h4Oyd5RqcjLnAFF/wLGnNwSttYT8o7WwCf9ZCCy +NFvHDWyWMUxonaWgvuSm9YPfh9/9CEsHkKh2RqBffFcZ1ktEiYaI+dGyty12QW2Y +909pnCZkKsm1Lt3ts/xie20/gcwfsnvUC8OveKPaiCnJxDv3r9pMCNFPdcXo0GuR +oadhn9r2CqNCDo+l6JWVRka2t8+yCAskZC7bKJnSeKlEDyn7A/2SLb196G2k9cve +V2qQenhzuHmG5PEVfhLWQ7fL1BmJcRDuQlSmMGrdmOD4Zb0Truq0zpFL2qaMBQvb +58hG5YkYehE25j8PpJYovOQA2hih6v9RytR2VKlTeYNFbREf1sdLfeIphB9tlHlp +qZ7eOFAjjVzLsC4LmoCzWMaQuwNO1f3WiNdGVvulHkWqFnGS9bBBTahUUWI5SYiQ +90vhSmJ7R7461rqWwn34Om5jlgRV4+2LhUbp+XdOyklujQYviHsOs8/wlg3lKr76 +SwrU5oYqlJ7FJoDq4IPpOnJaxsRjkr9foecgdqrU4SJKyJJDbkHNfoYq9r/aZJ21 +ruPFv5t021gJmWa87199GlhBZD8dxeXo0PT298Y3pmaaSdQIWLPeDAtc1R9EJLwD +6+ydhg3ZVtSgXU0zQ2SRVMGhqoEXHDUrMtjKzuaZsYL57tqH6At6vWS+xA0CJBCw +7GkDpM/lLGjyisFEQL73F0YmJPpb5s4izzCLUMxZQZ3u4T3f9OPRvAIUf8MiFJxh +RJq2Is1gD7M8+dySkFeAbQ1STvLy29uIxKTE6BgNng5NrY03GuK/5A== +-----END RSA PRIVATE KEY----- diff --git a/BouncyCastle/crypto/test/data/openssl/rsa/openssl_rsa_rc2_40_cbc.pem b/BouncyCastle/crypto/test/data/openssl/rsa/openssl_rsa_rc2_40_cbc.pem new file mode 100644 index 0000000..5a9eecf --- /dev/null +++ b/BouncyCastle/crypto/test/data/openssl/rsa/openssl_rsa_rc2_40_cbc.pem @@ -0,0 +1,30 @@ +-----BEGIN RSA PRIVATE KEY----- +Proc-Type: 4,ENCRYPTED +DEK-Info: RC2-40-CBC,BA10EF99A1862AB2 + +/CfoFtIX0zgNckXzuODWoCYVY6NoXOvu1jt7J5/BfSZUydRWKa2lpR3SWAUAesQX +H/IK9Wkz4um0QgrHy2fmVaAS1G3ifwgQ9dhW1EMiCEAmuNwPsT2YBatSyxnzWjHa +dv4eZ0Snk4DsS/Ajwn+Oc9uZ3u5gKnfYk3tXoZ9BDPQbgIz01UI/AyGHttB43brl +e1C+zKgCSa5WB8wfxCJsKHDSEHx+qlipVvDk/pntc9m4AM0sp5wsHRw3i1iirQOw +AG6qRs3Ro3jwajlEWPmJolhbRQWyA2rUfSIajElYFlFgxPLI10m0tO5M55VYXpWe +cprQNe/TxK+YJTcBvyhFmP4Ha9NeC0Vq6aHiECpZ1uObH1brZ1bdYUsSGodRzGMC +ucOkFDpsp9We48TAHqEGArCsKexxe1dDe8b+cxdvyv33ZI7dyr7DfHek3X7B2rHv +tZYjgx0cKn8SNl9qdRync9wLqjL2R99sHgphkXUA7qLP7ZdvZEeAGs5NEuq5oyDj +4aybPFJu/xvByOEZBwEtrixVJ/2h4KYF6g2vK5CgmnYrq8SUNGobt+oLv3FywKhQ +AK/YvDt97wXNdPNqPciqCP9LIeo0B0cgxFIbOOE3mvYgPaUoTtZ48B/hpkY4flKR +U7opVqbNl/pnh1OCI1ce/K5KPw0rvYgsEQ8Q04+dipPdmvONYGhcgHflS52xju6s +RbosS+iET3a6BB8ydRS8V4oezbr7AgzoSv7Od6geru87fYpVW3WbGag4w+Xgil7u +C22epy/AX8naBOsMa2QMCZ97avi/qhMFIERzhQJcxULff0lHQBq+HMGsSI8jMEiH +d2OIERTWasAEPdoBnELO3l4oywb4NmSp09m9imihdgocDAQEXyLkjmRqkm5H3Tdm +ALFIaSwU5SE/dk3T+BTmnfl+Anx7QNWTdg+ykfH8VHbs10A/K2zt6RyJGLdStfKq +VWORUG7gYcVGIQrcJllxt3Jt4sG3t3rSKA5dukM7+D1d54ExiJN5DrnaQ4kX/v7O +nENonLRtV1KqrH32R+tIuBVA8rbmyseVequTBQpkHbG/IczTG1k6p0Qye17XlnPl +kEPE3CG8+1RMLvflA1rTimSh1WafHsDwvwmTAgdkG5btLlfTpPnoKDy2hPS4Pd0P +mF7OPVfA0Hl/oEqP7bqyUxuwFrz7pZXQrKDS02nXaqVAP02nKsiEUZNo2kprAO2v +9ceOhXP3M+ItlWeNcX5jKRaaLddQvj1ntOKqDMfRk4yWm9ro8/E56Fkrq7GpKrXL +FCJJTdrWk6EcSfI6grVjPbZGBJiA+21G4IPQWskPkr9gLuE0E9I1UAdliYKXOrPK +F1lZ1ZBpG1ZBe9H8Gr2sK42pzJoFJsOvGRjCxlHpf/gBoOADH/hcxvQqBGizEr0F +kKraZWJnlL8qhDzfJ7YLMqzFsOu7uYQRqfOcv+66FqT/by9rD7dR/M03YJReupoL +lynJfffGCG6aeM8hLZ8iizjIc/RzCY0QS4lLPkRVSRNt3Z8RNX/nFuYhYgOx38pu +6dflN059kTC5iyjsI5Ka/Xzq69kR21qCcHOoq6IQqZ7q5RM4Cj0SCXw8/4jeT2xY +-----END RSA PRIVATE KEY----- diff --git a/BouncyCastle/crypto/test/data/openssl/rsa/openssl_rsa_rc2_64_cbc.pem b/BouncyCastle/crypto/test/data/openssl/rsa/openssl_rsa_rc2_64_cbc.pem new file mode 100644 index 0000000..7d09608 --- /dev/null +++ b/BouncyCastle/crypto/test/data/openssl/rsa/openssl_rsa_rc2_64_cbc.pem @@ -0,0 +1,30 @@ +-----BEGIN RSA PRIVATE KEY----- +Proc-Type: 4,ENCRYPTED +DEK-Info: RC2-64-CBC,DA39EAD05DD48A5B + +mil5OpL9dVqnEoKF7dNjIRYLgDjCBmTDZ//Bmkd4aqkPszHaCoQqgyGYOuqWXdT2 +FAluu/fHMLDTizyr2Jh00ekcR3nmnGM3B0oDiEtq84YMHPWYopWkpId1ZaoqluUe +6NP6Zew4DZ8mEQvOxIxBEZqk0ye6srtLszByw/dTy4i9S7l4oR8hx1i6Jj9lLXS1 +y24lC68igFNeIecggG8uwZBVmnHCldZGn6DBBqcC0b415+59vwGuvc+POy0Hog/4 +ADPuZcXEO2whVGyOjCF7CjhEFfo0CO2niwS9PiUIYNsUluwfS+y1qhw4VJ61sQ/q +7cNHrD4NfZHGwpIRXk4c27YHS+JsxH8Kh61e/dQPoeTf5NBQs3PthFcx+hzlTBAq +VK/4TtRRlnqTVFKRydpKo3cNGp8qm9Kvz6fr/yLb7CJvdoGDyHVO7JvT8nYL5gC0 +dvN2RySKXMrgmPS7uMAWjpnDCdNoOX4pRTRPEdBw8WsdXqnBqXM8tvrkolF9n3// +lldN3sSGLiYM1cwD4dXlYJEJNaarelHk6vpJIU4A6gYyN9MQnv061jd7sibrTAjZ +Rx06R0FrYFbfkp4yAmUbrPO5gdwZPBGS9XzkZmZr+S4u1fH7tTFxIlWNgxwSzsZJ +P9LXM8Iy408gDn1AJlbT7WbdWfcFzqIsmauRIXE66TloS+485ro9zX7O27MumF8S +hjD+cRMieUEREuAAlpNxZj5kcT3SpxfSdaAZtJv8OKeRHz796LRxlLmx3ZDAjgN5 +0H37gSCXJDP2a4YnsiI7th5fNba84t1Qt4Q36v6EZT2kscv0TB04ov1+4UX9jCQI +zn2zxzJk42kkxRSEBP3BnZf/qV5t6/+BKmg1QGCmS5AkIIlCDjTPpAom3n7YH9LV +ykAQ6Wcdo/7dGtghgaHbPGl3cXR1u7BI97GCU4vzRbW58ULh7KSC1xptDJrP7tPE +6OwwYk5YZ6lmg54cLbQcxeFwYQg1dc4pYAgBppUFUB/uWeQrbJP8/FN/GlW0HTOU +kUIz5pbI7nstb2hHrRMTtG4c0oGO1ACD2LigQo5Cl7jR0sBC3I2MB/JcBBwAHPVP +tePpIdSAZjAYI+x7LFxxXvT7eXe+BU4ZLGLcTISGJjtsbJG1oJ/e7dPP5bLL+zjJ +MrwoE6awH5GKOOxB0iUGce8jg8566qY4e2vbmVL4a2qRiKyLowr7Lcz01VzzE/RX +0Ec1I8noUmsystH/57UMBuhZNFjW3LtTaw6vuTrrmFtdmJcGwars9tBtH0LPip9X +xQbwIiTJZCyDjql7Ecgu2ncw7zHZzbHrmoEF7VEdPT4z21utXgzJ3HubvB7Agvyz +sB+EXeUqwZHnyN0GdGd6sqlHkW7TP1XxMrjewUHjXuY4SvsosJ/GqMY7uKJXK/Lt +0kqYrV/YDIVsJ2JqyxwXYYIqmZfQ2xXTLuESuesT7omKFh4cgwbYHd33YWRCsZJB +7Og8d3ciguWDutd1LOgx7da2ZA+3UVz8X601GRpFD8YoZTo8QOayXFvv7L1F3oeK +b0w11lT0npxstmeMQUkbxAyCnKrwpQagiwBzKlr9ymJvh/ot6sJ5bAFDvZBBKkQU +-----END RSA PRIVATE KEY----- diff --git a/BouncyCastle/crypto/test/data/openssl/rsa/openssl_rsa_unencrypted.pem b/BouncyCastle/crypto/test/data/openssl/rsa/openssl_rsa_unencrypted.pem new file mode 100644 index 0000000..f540dcc --- /dev/null +++ b/BouncyCastle/crypto/test/data/openssl/rsa/openssl_rsa_unencrypted.pem @@ -0,0 +1,27 @@ +-----BEGIN RSA PRIVATE KEY----- +MIIEpAIBAAKCAQEAyGOvloI+jKnRHWKuhYB+cTIEwZhagKJ0f3rIY8WNgujB7Plp +gpjUg4pNjYGViGjg7zhfbjhCtlNGXyRBti3GcaHiBIIP5nyCNn+Ay8tSWGo5v5Zc +8BQcwHf0ZHLN6sD9m2uVSp/6UqjS5ZyhzF5FzvvUo3xw8fecdnStXQfHhkBnLpTj +HE5t7iu1JVjTuE0pcBvah2dWqDNxiIOQtXyKW8Sag1YxaunxQGqRNykSFiEJindx +OSAnAxK6q/wGqcZ3zvFBTcVVkji1u2QH4rOMP3PPxAIMkB8ONkdHTco1DmbE6BfD +HArDqUYxqJUlPGlMqrKb3fCFiT3eXehwR7nlzQIDAQABAoIBAFd6vTKVVT0O/U04 +wTtiptA/p7fkDM5PHVBxh32Wxno5pj8PerIaiduKyuRVh7PvJRMJpw903BrAK95o +847WWOVOaF7TcKGMBURJUS6maiJS7TboK1ZbUVnsg/I99ArhiVUKGDhlsl/Xd4np +YPDYztzXLzLXpm7bS6CiuvP762x9dfVu8K+afP8cjH8pfXLq55ghZOUKidRQaYz1 +mNOTQyAQlCQdLRgKlYgqcRHlj0pb28XBJaln3W7Z7GFMWFPojkxx6LaCp8+Jyx2C +tv54zIZQhMjF37tQyTnfK4Ocl3sCRb+jYV4FkrUnsQE9W2dey0Tms1XB31gfUJlx +dRZu7zkCgYEA/nWcTwzot2OIAhXoJ2fnqTcpdmj05LHhGcayKjyix7BsVH2I0KpF +9kXX066tr3+LxZTergl4UpWSl3yx/4kPBQM6np4VVRytn7+cQdEhOczZnBw6x7IZ +fv81DSNruQDBRAlTtklW4KBY74JKLhaJSvF1F3x32+H+99i1MmCNJRMCgYEAyZpF +h4c3pM9z+YlmgLdUh/G2abdoamugcQOFbzHbZowsRAxEzdEW9wj2McN6mt8Rn1tc +tY/+PcYuIK+vcmk9k23GuzxRlJlkaDicHwlAebgVIulFcrStfTlSkXjpuOuusfD9 +2DuHMcUiPx3qElNB0dZJF/axpq7BjTIFENefhZ8CgYACn+vw1M1BtwEcJGW0olm9 +YRhIZGTCRyNvRKFp1h5HuQYlCPZ0UI1QMQA86rxX5xTmANcbLHXVRD2y2lJrtFo3 +TwU3xaGqsxUHZM6TzzhshDRqa9AfZzLkIHXHoOnnip5zuTTn2HHQ91ZzggCJ4Smh +YEQ47cu+tOIQZGfaESzjiQKBgQCCfnZlDJRq/NFwA40y4fg4arANa+eNgw7+OC5F +1HrUvQTmIx7iLmZ0Dvv1KDgTSTLJ+MRgzczexYoUJEQnhZGS/Wq2xYt06XlBsOr1 +d/KhFxOvXllSrzrhJJqaiS6YQQ36JijZr2aKQ7UwL7fUlsmy/safWVKStumX8Hmw +9jFOtwKBgQDmtirdNQ8aKolokD/3bDHPcDsNcybEpiCu8BIltxZAs/LsN1IIxfcp +mGP2AFt3mbblKbsRM8hDW/X9taeG9s2KGe5wlKOE5lV8YAo4hFoJYN2/0d8Y0K9X +QAAYU3iPG1zL+a/7TFLJ0u/biqsBg9hnNbMnN/tOeSuKnH2Rx9F1rg== +-----END RSA PRIVATE KEY----- diff --git a/BouncyCastle/crypto/test/data/openssl/test.pem b/BouncyCastle/crypto/test/data/openssl/test.pem new file mode 100644 index 0000000..c52453c --- /dev/null +++ b/BouncyCastle/crypto/test/data/openssl/test.pem @@ -0,0 +1,133 @@ +-----BEGIN DSA PRIVATE KEY----- +Proc-Type: 4,ENCRYPTED +DEK-Info: DES-EDE3-CBC,079DD7CA8A9BAA19 + +jIqIT0DIvUlwvkREv6gnCTVFdOsoVwUS9nxcVuQ8JOwg+TB42GnhgZ5x6MFczgNd +Dw9L60zono+ethYfYB91CdIcVULzvg61/DCAFDjIFPgOIYTVNmteUq75Dmt6wDTV +4A07iMwjwBk+0YHaeVwcr0AkdvXEcVySOGdGrwy10K8Eq/kSndzm1Sm6tUCJ45+v +zSUelLlT9fgRTmAbeowT1/tlt/q52bGTcXJzIWBxDuOxK5ASCTjk28kri9WeRUb/ +iCnXn+cqR3BvkDCdlhk2A6A6Q8U9vo0m1MPtwwsolz76jnxbtBNr6Sc+zcny0brP +jCPMP1qF+IIk01N3YsAZ9mbJmXYoFf9B0VwNUjPudWlSqhvmzzanatevgZ9TID8G +Mnltd2XsqIgdvu0JhhEJRC6n7hBvn+l7iwYKtBoK+rJmEWWttkoP82UGgjzjzqKa +rEtdaZPUCEiBLqHPyiIaDWm5Pe4sZZqrV8Ix8vDLKK59ZUkgmYXyCul2yL/cfO5T +gjMqh9EeQCrNsu3hJGuEEE3MlskQkCpEspm9qDGbKPkMno7CE37plVopx0o0oovE +S8MZn0v2lIzV8yZ6krtcEA== +-----END DSA PRIVATE KEY----- +-----BEGIN RSA PRIVATE KEY----- +Proc-Type: 4,ENCRYPTED +DEK-Info: DES-EDE3-CBC,9AC3CD3B4ED42426 + +AzAvQsDkxXGdPMlFjqO0lYXSlypkfGJWIMqij00cZI1B6K7pMnBHo3wIYStlKDg2 +SMMTYwJfsbFA8+cyCyzsqVBQC63ZgEnStMrDOt/U0SGXNb/C4mFsf1ksnAI6y/3J +3lhuPAZbMKCmANslivbj9gp4hSe828btXDhvIPKKJgKHhwHveeW9JDulySAN5KYn +s4aeasvSWVBOYtefFaS+NzrXjDnPtOMX6TQDxd9CE8es1RQbU9Ze2CEa9S7l4coj +0abWVTjxu55foDCDzbukkQm+eU0aaI4OoydoOCz6bcOfADgRx3/fJ9Z9IuS5w73O +BiF8Z4S8e7GYpgsPVEqj06PuNH7t6bwzKC9U2FTiNcejZIYPqz21d9iA4hsEfFDd +0DlXqYUKMazE+TjU8goss5cEqyLNDQmWLYLKUE2p8QmSZC/UqEsZ9pu1VZz3xpFT +k2sju26HCV14XPG5oi9LpxDQaVRmXBMFxz5b+RmUwPfZuWntTzHQXuNyH2J3B9FN +el8gaskt4hxHI28hB/eF0h7pOIBUDiR9n/BB+feOrNW8y7/ThSkdI3OK0+dyOzLg +go9s7SGz5WLyy8FWevw0k2Is4IpCueTwclDrOAPixW+paHhDGIasnvvCsz5jGqQz +4F4JPmA2ZYg/Z8dYob/ZeF/3KuJqFZAm9gseGS19sT7UzVvvmSf5IXOFfpb7VdRn +ScFMRVr8PY9ANGh7zYg/8w+G3JJj4C7djA3RB/yOhK4KwbTz/2cnEDI26VREjKs0 +7/WPQXxr/oQ+XEBTnYuJZfa7o7orGL+6wA0Vk/GJqjA= +-----END RSA PRIVATE KEY----- +-----BEGIN CERTIFICATE REQUEST----- +MIIBkDCB+gIBADAlMSMwIQYDVQQDExpSZXF1ZXN0ZWQgVGVzdCBDZXJ0aWZpY2F0 +ZTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAsO4slP/KdZQsZyYn3asTWDtX +E1YN+QQbbHELK7boPQa91YHv5DV/SgucThoXXCtSA45d3dQhrEbZ2+HRBarZIylk +Nc+VmcV1qFX5KsD9wCYPMtdAYYog6jz259yCOKPDXPm787Q5t9h2zV3Ml1i0eWhC +cdRYiWHQ5g20W4Bq3GsCAwEAAaAsMCoGCSqGSIb3DQEJDjEdMBswGQYDVR0RBBIw +EIEOdGVzdEB0ZXN0LnRlc3QwDQYJKoZIhvcNAQELBQADgYEAZGPA0Jyw49cHPJjG +bloqKAPNlBO200AiRFsHnkOQ1DopJff3mW+FdszAc9g6rTB4/YAiM4r0E314e0vm +XSlW2q8sp+c2XJO7PUIdJIuAUnvSmMb/uwXFP2SzLdjLcmymMsnFfjvwkht0K2it +O5HuUDuhLnxEimGlUEBrfkdrsH0= +-----END CERTIFICATE REQUEST----- +-----BEGIN NEW CERTIFICATE REQUEST----- +MIIBkDCB+gIBADAlMSMwIQYDVQQDExpSZXF1ZXN0ZWQgVGVzdCBDZXJ0aWZpY2F0 +ZTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAsO4slP/KdZQsZyYn3asTWDtX +E1YN+QQbbHELK7boPQa91YHv5DV/SgucThoXXCtSA45d3dQhrEbZ2+HRBarZIylk +Nc+VmcV1qFX5KsD9wCYPMtdAYYog6jz259yCOKPDXPm787Q5t9h2zV3Ml1i0eWhC +cdRYiWHQ5g20W4Bq3GsCAwEAAaAsMCoGCSqGSIb3DQEJDjEdMBswGQYDVR0RBBIw +EIEOdGVzdEB0ZXN0LnRlc3QwDQYJKoZIhvcNAQELBQADgYEAZGPA0Jyw49cHPJjG +bloqKAPNlBO200AiRFsHnkOQ1DopJff3mW+FdszAc9g6rTB4/YAiM4r0E314e0vm +XSlW2q8sp+c2XJO7PUIdJIuAUnvSmMb/uwXFP2SzLdjLcmymMsnFfjvwkht0K2it +O5HuUDuhLnxEimGlUEBrfkdrsH0= +-----END NEW CERTIFICATE REQUEST----- +-----BEGIN CERTIFICATE----- +MIIDXjCCAsegAwIBAgIBBzANBgkqhkiG9w0BAQQFADCBtzELMAkGA1UEBhMCQVUx +ETAPBgNVBAgTCFZpY3RvcmlhMRgwFgYDVQQHEw9Tb3V0aCBNZWxib3VybmUxGjAY +BgNVBAoTEUNvbm5lY3QgNCBQdHkgTHRkMR4wHAYDVQQLExVDZXJ0aWZpY2F0ZSBB +dXRob3JpdHkxFTATBgNVBAMTDENvbm5lY3QgNCBDQTEoMCYGCSqGSIb3DQEJARYZ +d2VibWFzdGVyQGNvbm5lY3Q0LmNvbS5hdTAeFw0wMDA2MDIwNzU2MjFaFw0wMTA2 +MDIwNzU2MjFaMIG4MQswCQYDVQQGEwJBVTERMA8GA1UECBMIVmljdG9yaWExGDAW +BgNVBAcTD1NvdXRoIE1lbGJvdXJuZTEaMBgGA1UEChMRQ29ubmVjdCA0IFB0eSBM +dGQxFzAVBgNVBAsTDldlYnNlcnZlciBUZWFtMR0wGwYDVQQDExR3d3cyLmNvbm5l +Y3Q0LmNvbS5hdTEoMCYGCSqGSIb3DQEJARYZd2VibWFzdGVyQGNvbm5lY3Q0LmNv +bS5hdTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEArvDxclKAhyv7Q/Wmr2re +Gw4XL9Cnh9e+6VgWy2AWNy/MVeXdlxzd7QAuc1eOWQkGQEiLPy5XQtTY+sBUJ3AO +Rvd2fEVJIcjf29ey7bYua9J/vz5MG2KYo9/WCHIwqD9mmG9g0xLcfwq/s8ZJBswE +7sb85VU+h94PTvsWOsWuKaECAwEAAaN3MHUwJAYDVR0RBB0wG4EZd2VibWFzdGVy +QGNvbm5lY3Q0LmNvbS5hdTA6BglghkgBhvhCAQ0ELRYrbW9kX3NzbCBnZW5lcmF0 +ZWQgY3VzdG9tIHNlcnZlciBjZXJ0aWZpY2F0ZTARBglghkgBhvhCAQEEBAMCBkAw +DQYJKoZIhvcNAQEEBQADgYEAotccfKpwSsIxM1Hae8DR7M/Rw8dg/RqOWx45HNVL +iBS4/3N/TO195yeQKbfmzbAA2jbPVvIvGgTxPgO1MP4ZgvgRhasaa0qCJCkWvpM4 +yQf33vOiYQbpv4rTwzU8AmRlBG45WdjyNIigGV+oRc61aKCTnLq7zB8N3z1TF/bF +5/8= +-----END CERTIFICATE----- +-----BEGIN X509 CERTIFICATE----- +MIIDXjCCAsegAwIBAgIBBzANBgkqhkiG9w0BAQQFADCBtzELMAkGA1UEBhMCQVUx +ETAPBgNVBAgTCFZpY3RvcmlhMRgwFgYDVQQHEw9Tb3V0aCBNZWxib3VybmUxGjAY +BgNVBAoTEUNvbm5lY3QgNCBQdHkgTHRkMR4wHAYDVQQLExVDZXJ0aWZpY2F0ZSBB +dXRob3JpdHkxFTATBgNVBAMTDENvbm5lY3QgNCBDQTEoMCYGCSqGSIb3DQEJARYZ +d2VibWFzdGVyQGNvbm5lY3Q0LmNvbS5hdTAeFw0wMDA2MDIwNzU2MjFaFw0wMTA2 +MDIwNzU2MjFaMIG4MQswCQYDVQQGEwJBVTERMA8GA1UECBMIVmljdG9yaWExGDAW +BgNVBAcTD1NvdXRoIE1lbGJvdXJuZTEaMBgGA1UEChMRQ29ubmVjdCA0IFB0eSBM +dGQxFzAVBgNVBAsTDldlYnNlcnZlciBUZWFtMR0wGwYDVQQDExR3d3cyLmNvbm5l +Y3Q0LmNvbS5hdTEoMCYGCSqGSIb3DQEJARYZd2VibWFzdGVyQGNvbm5lY3Q0LmNv +bS5hdTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEArvDxclKAhyv7Q/Wmr2re +Gw4XL9Cnh9e+6VgWy2AWNy/MVeXdlxzd7QAuc1eOWQkGQEiLPy5XQtTY+sBUJ3AO +Rvd2fEVJIcjf29ey7bYua9J/vz5MG2KYo9/WCHIwqD9mmG9g0xLcfwq/s8ZJBswE +7sb85VU+h94PTvsWOsWuKaECAwEAAaN3MHUwJAYDVR0RBB0wG4EZd2VibWFzdGVy +QGNvbm5lY3Q0LmNvbS5hdTA6BglghkgBhvhCAQ0ELRYrbW9kX3NzbCBnZW5lcmF0 +ZWQgY3VzdG9tIHNlcnZlciBjZXJ0aWZpY2F0ZTARBglghkgBhvhCAQEEBAMCBkAw +DQYJKoZIhvcNAQEEBQADgYEAotccfKpwSsIxM1Hae8DR7M/Rw8dg/RqOWx45HNVL +iBS4/3N/TO195yeQKbfmzbAA2jbPVvIvGgTxPgO1MP4ZgvgRhasaa0qCJCkWvpM4 +yQf33vOiYQbpv4rTwzU8AmRlBG45WdjyNIigGV+oRc61aKCTnLq7zB8N3z1TF/bF +5/8= +-----END X509 CERTIFICATE----- +-----BEGIN ATTRIBUTE CERTIFICATE----- +MIIBuDCCASECAQEwZ6BlMGCkXjBcMQswCQYDVQQGEwJBVTEoMCYGA1UEChMfVGhl +IExlZ2lvbiBvZiB0aGUgQm91bmN5IENhc3RsZTEjMCEGA1UECxMaQm91bmN5IFBy +aW1hcnkgQ2VydGlmaWNhdGUCARSgYjBgpF4wXDELMAkGA1UEBhMCQVUxKDAmBgNV +BAoTH1RoZSBMZWdpb24gb2YgdGhlIEJvdW5jeSBDYXN0bGUxIzAhBgNVBAsTGkJv +dW5jeSBQcmltYXJ5IENlcnRpZmljYXRlMA0GCSqGSIb3DQEBBQUAAgEBMCIYDzIw +MDUwNjEwMDI0MTMzWhgPMjAwNTA2MTAwMjQzMTNaMBkwFwYDVRhIMRAwDoEMREFV +MTIzNDU2Nzg5MA0GCSqGSIb3DQEBBQUAA4GBALAYXT9zdxSR5zdPLAon1xIPehgI +NZhjM7w0uu3OdzSV5sC31X1Kx9vi5RIWiM9VimRTwbQIod9POttD5QMXCwQb/fm7 +eiJqL2YBIXOeClB19VrQe8xQtMFbyuFpDiM7QdvIam9ShZZMEMGjv9QHI64M4b0G +odUBlSsJwPPQjZSU +-----END ATTRIBUTE CERTIFICATE----- +-----BEGIN X509 CRL----- +MIICjTCCAfowDQYJKoZIhvcNAQECBQAwXzELMAkGA1UEBhMCVVMxIDAeBgNVBAoT +F1JTQSBEYXRhIFNlY3VyaXR5LCBJbmMuMS4wLAYDVQQLEyVTZWN1cmUgU2VydmVy +IENlcnRpZmljYXRpb24gQXV0aG9yaXR5Fw05NTA1MDIwMjEyMjZaFw05NTA2MDEw +MDAxNDlaMIIBaDAWAgUCQQAABBcNOTUwMjAxMTcyNDI2WjAWAgUCQQAACRcNOTUw +MjEwMDIxNjM5WjAWAgUCQQAADxcNOTUwMjI0MDAxMjQ5WjAWAgUCQQAADBcNOTUw +MjI1MDA0NjQ0WjAWAgUCQQAAGxcNOTUwMzEzMTg0MDQ5WjAWAgUCQQAAFhcNOTUw +MzE1MTkxNjU0WjAWAgUCQQAAGhcNOTUwMzE1MTk0MDQxWjAWAgUCQQAAHxcNOTUw +MzI0MTk0NDMzWjAWAgUCcgAABRcNOTUwMzI5MjAwNzExWjAWAgUCcgAAERcNOTUw +MzMwMDIzNDI2WjAWAgUCQQAAIBcNOTUwNDA3MDExMzIxWjAWAgUCcgAAHhcNOTUw +NDA4MDAwMjU5WjAWAgUCcgAAQRcNOTUwNDI4MTcxNzI0WjAWAgUCcgAAOBcNOTUw +NDI4MTcyNzIxWjAWAgUCcgAATBcNOTUwNTAyMDIxMjI2WjANBgkqhkiG9w0BAQIF +AAN+AHqOEJXSDejYy0UwxxrH/9+N2z5xu/if0J6qQmK92W0hW158wpJg+ovV3+wQ +wvIEPRL2rocL0tKfAsVq1IawSJzSNgxG0lrcla3MrJBnZ4GaZDu4FutZh72MR3Gt +JaAL3iTJHJD55kK2D/VoyY1djlsPuNh6AEgdVwFAyp0v +-----END X509 CRL----- +-----BEGIN EC PRIVATE KEY----- +Proc-Type: 4,ENCRYPTED +DEK-Info: DES-EDE3-CBC,ADBCD679C6C6363E + +MmYmhTgKNKwwnA4AIskePMy+gp3Ch7Pn/UqRGjQypIyibbp/UFY+aSbQmvQNG2R9 +6Zj6cbBJGt/C2EYXk9UonUTA9Q+FVytkpR8ON6NHlSc2twrvDpqi7lpeSB9ywlH7 +WLffwNZMNsNHfcNK2slHf4RCmpqcGsXffHe45dQG0CI= +-----END EC PRIVATE KEY----- diff --git a/BouncyCastle/crypto/test/data/qvRooCa3.crt b/BouncyCastle/crypto/test/data/qvRooCa3.crt new file mode 100644 index 0000000..969322b --- /dev/null +++ b/BouncyCastle/crypto/test/data/qvRooCa3.crt @@ -0,0 +1,38 @@ +-----BEGIN CERTIFICATE----- +MIIGnTCCBIWgAwIBAgICBcYwDQYJKoZIhvcNAQEFBQAwRTELMAkGA1UEBhMCQk0x +GTAXBgNVBAoTEFF1b1ZhZGlzIExpbWl0ZWQxGzAZBgNVBAMTElF1b1ZhZGlzIFJv +b3QgQ0EgMzAeFw0wNjExMjQxOTExMjNaFw0zMTExMjQxOTA2NDRaMEUxCzAJBgNV +BAYTAkJNMRkwFwYDVQQKExBRdW9WYWRpcyBMaW1pdGVkMRswGQYDVQQDExJRdW9W +YWRpcyBSb290IENBIDMwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQDM +V0IWVJzmmNPTTe7+7cefQzlKZbPoFog02w1ZkXTPkrgEQK0CSzGrvI2RaNggDhoB +4hp7Thdd4oq3P5kazethq8Jlph+3t723j/z9cI8LoGe+AaJZz3HmDyl2/7FWeUUr +H556VOijKTVopAFPD6QuN+8bv+OPEKhyq1hX51SGyMnzW9os2l2ObjyjPtr7guXd +8lyyBTNvijbO0BNO/79KDDRMpsMhvVAEVeuxu537RR5kFd5VAYwCdrXLoT9Cabwv +vWhDFlaJKjdhkf2mrk7AyxRllDdLkgbvBNDInIjbC3uBr7E9KsRlOni27tyAsdLT +mZw67mtaa7ONt9XOnMK+pUsvFrGeaDsGb659n/je7Mwpp5ijJUMv7/FfJuGITfhe +btfZFG4ZM2mnO4SJk8RTVROhUXhA+LjJou57ulJCg54U7QVSWllWp5f8nT8KKdjc +T5EOE7zelaTfi5m+rJsziO+1ga8bxiJTyPbH7pcUsMV8eFLI8M5ud2CEpukqdiDt +WAEXMJPpGovgc2PZapKUSU60rUqFxKMiMPwJ7Wgic6aIDFUhWMXhOp8q3crhkODZ +c6tsgLjoC2SToJyMGf+z0gzskSaHirOi4XCPLArlzW1oUevaPwV/izLmE1xr/l9A +4iLItLRkT9a6fUg+qGkM17uGcclzuD87nSVL2v9A6wIDAQABo4IBlTCCAZEwDwYD +VR0TAQH/BAUwAwEB/zCB4QYDVR0gBIHZMIHWMIHTBgkrBgEEAb5YAAMwgcUwgZMG +CCsGAQUFBwICMIGGGoGDQW55IHVzZSBvZiB0aGlzIENlcnRpZmljYXRlIGNvbnN0 +aXR1dGVzIGFjY2VwdGFuY2Ugb2YgdGhlIFF1b1ZhZGlzIFJvb3QgQ0EgMyBDZXJ0 +aWZpY2F0ZSBQb2xpY3kgLyBDZXJ0aWZpY2F0aW9uIFByYWN0aWNlIFN0YXRlbWVu +dC4wLQYIKwYBBQUHAgEWIWh0dHA6Ly93d3cucXVvdmFkaXNnbG9iYWwuY29tL2Nw +czALBgNVHQ8EBAMCAQYwHQYDVR0OBBYEFPLAE+CCQz777i9nMpY1XNu4ywLQMG4G +A1UdIwRnMGWAFPLAE+CCQz777i9nMpY1XNu4ywLQoUmkRzBFMQswCQYDVQQGEwJC +TTEZMBcGA1UEChMQUXVvVmFkaXMgTGltaXRlZDEbMBkGA1UEAxMSUXVvVmFkaXMg +Um9vdCBDQSAzggIFxjANBgkqhkiG9w0BAQUFAAOCAgEAT62gLEz6wPJv92ZVqyM0 +7ucp2sNbtrCD2dDQ4iH782CnO11gUyeim/YIIirnv6By5ZwkajGxkHon24QRiSem +d1o417+shvzuXYO8BsbRd2sPbSQvS3pspweWyuOEn62Iix2rFo1bZhfZFvSLgNLd ++LJ2w/w4E6oM3kJpK27zPOuAJ9v1pkQNn1pVWQvVDVJIxa6f8i+AxeoyUDUSly7B +4f/xI4hROJ/yZlZ25w9Rl6VSDE1JUZU2Pb+iSwwQHYaZTKrzchGT5Or2m9qoXadN +t54CrnMAyNojA+j56hl0YgCUyyIgvpSnWbWCar6ZeXqp8kokUvd0/bpO5qgdAm6x +DYBEwa7TIzdfu4V8K5Iu6H6li92Z4b8nby1dqnuH/grdS/yO9SbkbnBCbjPsMZ57 +k8HkyWkaPcBrTiJt7qtYTcbQQcEr6k8Sh17rRdhs9ZgC06DYVYoGmRmioHfRMJ6s +zHXug/WwYjnPbFfiTNKRCw51KBuav/0aQ/HKd/s7j2G4aSgWQgRecCocIdiP4b0j +Wy10QJLZYxkNc91pvGJHvOB0K7Lrfb5BG7XARsWhIstfTsEokt4YutUqKLsRixeT +mJlglFwjz1onl14LBQaTNx47aTbrqZ5hHY8y2o4M1nQ+ewkk2gF3R8Q7zTSMmfXK +4SVhM7JZG+Ju1zdXtg2pEto= +-----END CERTIFICATE----- diff --git a/BouncyCastle/crypto/test/data/rfc4134/3.1.bin b/BouncyCastle/crypto/test/data/rfc4134/3.1.bin new file mode 100644 index 0000000..c4e92dd Binary files /dev/null and b/BouncyCastle/crypto/test/data/rfc4134/3.1.bin differ diff --git a/BouncyCastle/crypto/test/data/rfc4134/3.2.bin b/BouncyCastle/crypto/test/data/rfc4134/3.2.bin new file mode 100644 index 0000000..9c82edf --- /dev/null +++ b/BouncyCastle/crypto/test/data/rfc4134/3.2.bin @@ -0,0 +1 @@ +0+ *H This is some sample content. \ No newline at end of file diff --git a/BouncyCastle/crypto/test/data/rfc4134/4.1.bin b/BouncyCastle/crypto/test/data/rfc4134/4.1.bin new file mode 100644 index 0000000..d99f79d Binary files /dev/null and b/BouncyCastle/crypto/test/data/rfc4134/4.1.bin differ diff --git a/BouncyCastle/crypto/test/data/rfc4134/4.10.bin b/BouncyCastle/crypto/test/data/rfc4134/4.10.bin new file mode 100644 index 0000000..d3815bd Binary files /dev/null and b/BouncyCastle/crypto/test/data/rfc4134/4.10.bin differ diff --git a/BouncyCastle/crypto/test/data/rfc4134/4.11.bin b/BouncyCastle/crypto/test/data/rfc4134/4.11.bin new file mode 100644 index 0000000..e203651 Binary files /dev/null and b/BouncyCastle/crypto/test/data/rfc4134/4.11.bin differ diff --git a/BouncyCastle/crypto/test/data/rfc4134/4.2.bin b/BouncyCastle/crypto/test/data/rfc4134/4.2.bin new file mode 100644 index 0000000..c1b6024 Binary files /dev/null and b/BouncyCastle/crypto/test/data/rfc4134/4.2.bin differ diff --git a/BouncyCastle/crypto/test/data/rfc4134/4.3.bin b/BouncyCastle/crypto/test/data/rfc4134/4.3.bin new file mode 100644 index 0000000..1bc6b15 Binary files /dev/null and b/BouncyCastle/crypto/test/data/rfc4134/4.3.bin differ diff --git a/BouncyCastle/crypto/test/data/rfc4134/4.4.bin b/BouncyCastle/crypto/test/data/rfc4134/4.4.bin new file mode 100644 index 0000000..3245c11 Binary files /dev/null and b/BouncyCastle/crypto/test/data/rfc4134/4.4.bin differ diff --git a/BouncyCastle/crypto/test/data/rfc4134/4.5.bin b/BouncyCastle/crypto/test/data/rfc4134/4.5.bin new file mode 100644 index 0000000..6608d9b Binary files /dev/null and b/BouncyCastle/crypto/test/data/rfc4134/4.5.bin differ diff --git a/BouncyCastle/crypto/test/data/rfc4134/4.6.bin b/BouncyCastle/crypto/test/data/rfc4134/4.6.bin new file mode 100644 index 0000000..1a7eb95 Binary files /dev/null and b/BouncyCastle/crypto/test/data/rfc4134/4.6.bin differ diff --git a/BouncyCastle/crypto/test/data/rfc4134/4.7.bin b/BouncyCastle/crypto/test/data/rfc4134/4.7.bin new file mode 100644 index 0000000..ea6b1df Binary files /dev/null and b/BouncyCastle/crypto/test/data/rfc4134/4.7.bin differ diff --git a/BouncyCastle/crypto/test/data/rfc4134/4.8.eml b/BouncyCastle/crypto/test/data/rfc4134/4.8.eml new file mode 100644 index 0000000..206ebf0 --- /dev/null +++ b/BouncyCastle/crypto/test/data/rfc4134/4.8.eml @@ -0,0 +1,39 @@ +MIME-Version: 1.0 +To: User2@examples.com +From: aliceDss@examples.com +Subject: Example 4.8 +Message-Id: <020906002550300.249@examples.com> +Date: Fri, 06 Sep 2002 00:25:21 -0300 +Content-Type: multipart/signed; + micalg=SHA1; + boundary="----=_NextBoundry____Fri,_06_Sep_2002_00:25:21"; + protocol="application/pkcs7-signature" + +This is a multi-part message in MIME format. + +------=_NextBoundry____Fri,_06_Sep_2002_00:25:21 + +This is some sample content. +------=_NextBoundry____Fri,_06_Sep_2002_00:25:21 +Content-Type: application/pkcs7-signature; name=smime.p7s +Content-Transfer-Encoding: base64 +Content-Disposition: attachment; filename=smime.p7s + +MIIDdwYJKoZIhvcNAQcCoIIDaDCCA2QCAQExCTAHBgUrDgMCGjALBgkqhkiG9w0BBwGgggLgMIIC +3DCCApugAwIBAgICAMgwCQYHKoZIzjgEAzASMRAwDgYDVQQDEwdDYXJsRFNTMB4XDTk5MDgxNzAx +MTA0OVoXDTM5MTIzMTIzNTk1OVowEzERMA8GA1UEAxMIQWxpY2VEU1MwggG2MIIBKwYHKoZIzjgE +ATCCAR4CgYEAgY3N7YPqCp45PsJIKKPkR5PdDteoDuxTxauECE//lOFzSH4M1vNESNH+n6+koYkv +4dkwyDbeP5u/t0zcX2mK5HXQNwyRCJWb3qde+fz0ny/dQ6iLVPE/sAcIR01diMPDtbPjVQh11Tl2 +EMR4vf+dsISXN/LkURu15AmWXPN+W9sCFQDiR6YaRWa4E8baj7g3IStii/eTzQKBgCY40BSJMqo5 ++z5t2UtZakx2IzkEAjVc8ssaMMMeUF3dm1nizaoFPVjAe6I2uG4Hr32KQiWn9HXPSgheSz6Q+G3q +nMkhijt2FOnOLl2jB80jhbgvMAF8bUmJEYk2RL34yJVKU1a14vlz7BphNh8Rf8K97dFQ/5h0wtGB +SmA5ujY5A4GEAAKBgFzjuVp1FJYLqXrd4z+p7Kxe3L23ExE0phaJKBEj2TSGZ3V1ExI9Q1tv5VG/ ++onyohs+JH09B41bY8i7RaWgSuOF1s4GgD/oI34a8iSrUxq4Jw0e7wi/ZhSAXGKsZfoVi/G7NNTS +ljf2YUeyxDKE8H5BQP1Gp2NOM/Kl4vTyg+W4o4GBMH8wDAYDVR0TAQH/BAIwADAOBgNVHQ8BAf8E +BAMCBsAwHwYDVR0jBBgwFoAUcEQ+gi5vh95K03XjPSC8QyuT8R8wHQYDVR0OBBYEFL5sobPjwfft +Q3CkzhMB4v3jl/7NMB8GA1UdEQQYMBaBFEFsaWNlRFNTQGV4YW1wbGUuY29tMAkGByqGSM44BAMD +MAAwLQIUVQykGR9CK4lxIjONg2q1PWdrv0UCFQCfYVNSVAtcst3a53Yd4hBSW0NevTFjMGECAQEw +GDASMRAwDgYDVQQDEwdDYXJsRFNTAgIAyDAHBgUrDgMCGjAJBgcqhkjOOAQDBC4wLAIUM/mGf6gk +gp9Z0XtRdGimJeB/BxUCFGFFJqwYRt1WYcIOQoGiaowqGzVI + +------=_NextBoundry____Fri,_06_Sep_2002_00:25:21-- diff --git a/BouncyCastle/crypto/test/data/rfc4134/4.9.eml b/BouncyCastle/crypto/test/data/rfc4134/4.9.eml new file mode 100644 index 0000000..5431575 --- /dev/null +++ b/BouncyCastle/crypto/test/data/rfc4134/4.9.eml @@ -0,0 +1,28 @@ +MIME-Version: 1.0 +To: User2@examples.com +From: aliceDss@examples.com +Subject: Example 4.9 +Message-Id: <021031164540300.304@examples.com> +Date: Thu, 31 Oct 2002 16:45:14 -0300 +Content-Type: application/pkcs7-mime; smime-type=signed-data; + name=smime.p7m +Content-Transfer-Encoding: base64 +Content-Disposition: attachment; filename=smime.p7m + +MIIDmQYJKoZIhvcNAQcCoIIDijCCA4YCAQExCTAHBgUrDgMCGjAtBgkqhkiG9w0BBwGgIAQeDQpU +aGlzIGlzIHNvbWUgc2FtcGxlIGNvbnRlbnQuoIIC4DCCAtwwggKboAMCAQICAgDIMAkGByqGSM44 +BAMwEjEQMA4GA1UEAxMHQ2FybERTUzAeFw05OTA4MTcwMTEwNDlaFw0zOTEyMzEyMzU5NTlaMBMx +ETAPBgNVBAMTCEFsaWNlRFNTMIIBtjCCASsGByqGSM44BAEwggEeAoGBAIGNze2D6gqeOT7CSCij +5EeT3Q7XqA7sU8WrhAhP/5Thc0h+DNbzREjR/p+vpKGJL+HZMMg23j+bv7dM3F9piuR10DcMkQiV +m96nXvn89J8v3UOoi1TxP7AHCEdNXYjDw7Wz41UIddU5dhDEeL3/nbCElzfy5FEbteQJllzzflvb +AhUA4kemGkVmuBPG2o+4NyErYov3k80CgYAmONAUiTKqOfs+bdlLWWpMdiM5BAI1XPLLGjDDHlBd +3ZtZ4s2qBT1YwHuiNrhuB699ikIlp/R1z0oIXks+kPht6pzJIYo7dhTpzi5dowfNI4W4LzABfG1J +iRGJNkS9+MiVSlNWteL5c+waYTYfEX/Cve3RUP+YdMLRgUpgObo2OQOBhAACgYBc47ladRSWC6l6 +3eM/qeysXty9txMRNKYWiSgRI9k0hmd1dRMSPUNbb+VRv/qJ8qIbPiR9PQeNW2PIu0WloErjhdbO +BoA/6CN+GvIkq1MauCcNHu8Iv2YUgFxirGX6FYvxuzTU0pY39mFHssQyhPB+QUD9RqdjTjPypeL0 +8oPluKOBgTB/MAwGA1UdEwEB/wQCMAAwDgYDVR0PAQH/BAQDAgbAMB8GA1UdIwQYMBaAFHBEPoIu +b4feStN14z0gvEMrk/EfMB0GA1UdDgQWBBS+bKGz48H37UNwpM4TAeL945f+zTAfBgNVHREEGDAW +gRRBbGljZURTU0BleGFtcGxlLmNvbTAJBgcqhkjOOAQDAzAAMC0CFFUMpBkfQiuJcSIzjYNqtT1n +a79FAhUAn2FTUlQLXLLd2ud2HeIQUltDXr0xYzBhAgEBMBgwEjEQMA4GA1UEAxMHQ2FybERTUwIC +AMgwBwYFKw4DAhowCQYHKoZIzjgEAwQuMCwCFD1cSW6LIUFzeXle3YI5SKSBer/sAhQmCq7s/CTF +HOEjgASeUjbMpx5g6A== diff --git a/BouncyCastle/crypto/test/data/rfc4134/5.1.bin b/BouncyCastle/crypto/test/data/rfc4134/5.1.bin new file mode 100644 index 0000000..9750174 Binary files /dev/null and b/BouncyCastle/crypto/test/data/rfc4134/5.1.bin differ diff --git a/BouncyCastle/crypto/test/data/rfc4134/5.2.bin b/BouncyCastle/crypto/test/data/rfc4134/5.2.bin new file mode 100644 index 0000000..de17b01 Binary files /dev/null and b/BouncyCastle/crypto/test/data/rfc4134/5.2.bin differ diff --git a/BouncyCastle/crypto/test/data/rfc4134/5.3.eml b/BouncyCastle/crypto/test/data/rfc4134/5.3.eml new file mode 100644 index 0000000..55013ad --- /dev/null +++ b/BouncyCastle/crypto/test/data/rfc4134/5.3.eml @@ -0,0 +1,19 @@ +MIME-Version: 1.0 +Message-Id: <00103112005203.00349@amyemily.ig.com> +Date: Tue, 31 Oct 2000 12:00:52 -0600 (Central Standard Time) +From: User1 +To: User2 +Subject: Example 5.3 +Content-Type: application/pkcs7-mime; + name=smime.p7m; + smime-type=enveloped-data +Content-Transfer-Encoding: base64 +Content-Disposition: attachment; filename=smime.p7m + +MIIBHgYJKoZIhvcNAQcDoIIBDzCCAQsCAQAxgcAwgb0CAQAwJjASMRAwDgYDVQQDEwdDYXJsUlNB +AhBGNGvHgABWvBHTbi7NXXHQMA0GCSqGSIb3DQEBAQUABIGAC3EN5nGIiJi2lsGPcP2iJ97a4e8k +bKQz36zg6Z2i0yx6zYC4mZ7mX7FBs3IWg+f6KgCLx3M1eCbWx8+MDFbbpXadCDgO8/nUkUNYeNxJ +tuzubGgzoyEd8Ch4H/dd9gdzTd+taTEgS0ipdSJuNnkVY4/M652jKKHRLFf02hosdR8wQwYJKoZI +hvcNAQcBMBQGCCqGSIb3DQMHBAgtaMXpRwZRNYAgDsiSf8Z9P43LrY4OxUk660cu1lXeCSFOSOpO +J7FuVyU= + diff --git a/BouncyCastle/crypto/test/data/rfc4134/6.0.bin b/BouncyCastle/crypto/test/data/rfc4134/6.0.bin new file mode 100644 index 0000000..dfbfaaa Binary files /dev/null and b/BouncyCastle/crypto/test/data/rfc4134/6.0.bin differ diff --git a/BouncyCastle/crypto/test/data/rfc4134/7.1.bin b/BouncyCastle/crypto/test/data/rfc4134/7.1.bin new file mode 100644 index 0000000..9184c58 Binary files /dev/null and b/BouncyCastle/crypto/test/data/rfc4134/7.1.bin differ diff --git a/BouncyCastle/crypto/test/data/rfc4134/7.2.bin b/BouncyCastle/crypto/test/data/rfc4134/7.2.bin new file mode 100644 index 0000000..b95b341 Binary files /dev/null and b/BouncyCastle/crypto/test/data/rfc4134/7.2.bin differ diff --git a/BouncyCastle/crypto/test/data/rfc4134/AliceDSSSignByCarlNoInherit.cer b/BouncyCastle/crypto/test/data/rfc4134/AliceDSSSignByCarlNoInherit.cer new file mode 100644 index 0000000..7e96210 Binary files /dev/null and b/BouncyCastle/crypto/test/data/rfc4134/AliceDSSSignByCarlNoInherit.cer differ diff --git a/BouncyCastle/crypto/test/data/rfc4134/AlicePrivDSSSign.pri b/BouncyCastle/crypto/test/data/rfc4134/AlicePrivDSSSign.pri new file mode 100644 index 0000000..e123ee7 Binary files /dev/null and b/BouncyCastle/crypto/test/data/rfc4134/AlicePrivDSSSign.pri differ diff --git a/BouncyCastle/crypto/test/data/rfc4134/AlicePrivRSASign.pri b/BouncyCastle/crypto/test/data/rfc4134/AlicePrivRSASign.pri new file mode 100644 index 0000000..c885108 Binary files /dev/null and b/BouncyCastle/crypto/test/data/rfc4134/AlicePrivRSASign.pri differ diff --git a/BouncyCastle/crypto/test/data/rfc4134/AliceRSASignByCarl.cer b/BouncyCastle/crypto/test/data/rfc4134/AliceRSASignByCarl.cer new file mode 100644 index 0000000..848ba87 Binary files /dev/null and b/BouncyCastle/crypto/test/data/rfc4134/AliceRSASignByCarl.cer differ diff --git a/BouncyCastle/crypto/test/data/rfc4134/BobPrivRSAEncrypt.pri b/BouncyCastle/crypto/test/data/rfc4134/BobPrivRSAEncrypt.pri new file mode 100644 index 0000000..b0805b8 Binary files /dev/null and b/BouncyCastle/crypto/test/data/rfc4134/BobPrivRSAEncrypt.pri differ diff --git a/BouncyCastle/crypto/test/data/rfc4134/BobRSASignByCarl.cer b/BouncyCastle/crypto/test/data/rfc4134/BobRSASignByCarl.cer new file mode 100644 index 0000000..1068ab9 Binary files /dev/null and b/BouncyCastle/crypto/test/data/rfc4134/BobRSASignByCarl.cer differ diff --git a/BouncyCastle/crypto/test/data/rfc4134/CarlDSSCRLEmpty.crl b/BouncyCastle/crypto/test/data/rfc4134/CarlDSSCRLEmpty.crl new file mode 100644 index 0000000..42af3a0 Binary files /dev/null and b/BouncyCastle/crypto/test/data/rfc4134/CarlDSSCRLEmpty.crl differ diff --git a/BouncyCastle/crypto/test/data/rfc4134/CarlDSSCRLForAll.crl b/BouncyCastle/crypto/test/data/rfc4134/CarlDSSCRLForAll.crl new file mode 100644 index 0000000..52b818d Binary files /dev/null and b/BouncyCastle/crypto/test/data/rfc4134/CarlDSSCRLForAll.crl differ diff --git a/BouncyCastle/crypto/test/data/rfc4134/CarlDSSCRLForCarl.crl b/BouncyCastle/crypto/test/data/rfc4134/CarlDSSCRLForCarl.crl new file mode 100644 index 0000000..2a4e794 Binary files /dev/null and b/BouncyCastle/crypto/test/data/rfc4134/CarlDSSCRLForCarl.crl differ diff --git a/BouncyCastle/crypto/test/data/rfc4134/CarlDSSSelf.cer b/BouncyCastle/crypto/test/data/rfc4134/CarlDSSSelf.cer new file mode 100644 index 0000000..b47c682 Binary files /dev/null and b/BouncyCastle/crypto/test/data/rfc4134/CarlDSSSelf.cer differ diff --git a/BouncyCastle/crypto/test/data/rfc4134/CarlPrivDSSSign.pri b/BouncyCastle/crypto/test/data/rfc4134/CarlPrivDSSSign.pri new file mode 100644 index 0000000..4b1fdc0 Binary files /dev/null and b/BouncyCastle/crypto/test/data/rfc4134/CarlPrivDSSSign.pri differ diff --git a/BouncyCastle/crypto/test/data/rfc4134/CarlPrivRSASign.pri b/BouncyCastle/crypto/test/data/rfc4134/CarlPrivRSASign.pri new file mode 100644 index 0000000..7fee220 Binary files /dev/null and b/BouncyCastle/crypto/test/data/rfc4134/CarlPrivRSASign.pri differ diff --git a/BouncyCastle/crypto/test/data/rfc4134/CarlRSACRLEmpty.crl b/BouncyCastle/crypto/test/data/rfc4134/CarlRSACRLEmpty.crl new file mode 100644 index 0000000..c3eb304 Binary files /dev/null and b/BouncyCastle/crypto/test/data/rfc4134/CarlRSACRLEmpty.crl differ diff --git a/BouncyCastle/crypto/test/data/rfc4134/CarlRSACRLForAll.crl b/BouncyCastle/crypto/test/data/rfc4134/CarlRSACRLForAll.crl new file mode 100644 index 0000000..3708ccb Binary files /dev/null and b/BouncyCastle/crypto/test/data/rfc4134/CarlRSACRLForAll.crl differ diff --git a/BouncyCastle/crypto/test/data/rfc4134/CarlRSACRLForCarl.crl b/BouncyCastle/crypto/test/data/rfc4134/CarlRSACRLForCarl.crl new file mode 100644 index 0000000..2ce8e4d Binary files /dev/null and b/BouncyCastle/crypto/test/data/rfc4134/CarlRSACRLForCarl.crl differ diff --git a/BouncyCastle/crypto/test/data/rfc4134/CarlRSASelf.cer b/BouncyCastle/crypto/test/data/rfc4134/CarlRSASelf.cer new file mode 100644 index 0000000..ce6737d Binary files /dev/null and b/BouncyCastle/crypto/test/data/rfc4134/CarlRSASelf.cer differ diff --git a/BouncyCastle/crypto/test/data/rfc4134/DianeDSSSignByCarlInherit.cer b/BouncyCastle/crypto/test/data/rfc4134/DianeDSSSignByCarlInherit.cer new file mode 100644 index 0000000..e0fa3ac Binary files /dev/null and b/BouncyCastle/crypto/test/data/rfc4134/DianeDSSSignByCarlInherit.cer differ diff --git a/BouncyCastle/crypto/test/data/rfc4134/DianePrivDSSSign.pri b/BouncyCastle/crypto/test/data/rfc4134/DianePrivDSSSign.pri new file mode 100644 index 0000000..68ddc95 Binary files /dev/null and b/BouncyCastle/crypto/test/data/rfc4134/DianePrivDSSSign.pri differ diff --git a/BouncyCastle/crypto/test/data/rfc4134/DianePrivRSASignEncrypt.pri b/BouncyCastle/crypto/test/data/rfc4134/DianePrivRSASignEncrypt.pri new file mode 100644 index 0000000..b7bcb29 Binary files /dev/null and b/BouncyCastle/crypto/test/data/rfc4134/DianePrivRSASignEncrypt.pri differ diff --git a/BouncyCastle/crypto/test/data/rfc4134/DianeRSASignByCarl.cer b/BouncyCastle/crypto/test/data/rfc4134/DianeRSASignByCarl.cer new file mode 100644 index 0000000..062260a Binary files /dev/null and b/BouncyCastle/crypto/test/data/rfc4134/DianeRSASignByCarl.cer differ diff --git a/BouncyCastle/crypto/test/data/rfc4134/ExContent.bin b/BouncyCastle/crypto/test/data/rfc4134/ExContent.bin new file mode 100644 index 0000000..22ddba6 --- /dev/null +++ b/BouncyCastle/crypto/test/data/rfc4134/ExContent.bin @@ -0,0 +1 @@ +This is some sample content. \ No newline at end of file diff --git a/BouncyCastle/crypto/test/data/rfc4134/rfc4134.txt b/BouncyCastle/crypto/test/data/rfc4134/rfc4134.txt new file mode 100644 index 0000000..a53cec5 --- /dev/null +++ b/BouncyCastle/crypto/test/data/rfc4134/rfc4134.txt @@ -0,0 +1,7619 @@ + + + + + + +Network Working Group P. Hoffman, Ed. +Request for Comments: 4134 Internet Mail Consortium +Category: Informational July 2005 + + + Examples of S/MIME Messages + +Status of This Memo + + This memo provides information for the Internet community. It does + not specify an Internet standard of any kind. Distribution of this + memo is unlimited. + +Copyright Notice + + Copyright (C) The Internet Society (2005). + +Abstract + + This document gives examples of message bodies formatted using + S/MIME. Specifically, it has examples of Cryptographic Message + Syntax (CMS) objects and S/MIME messages (including the MIME + formatting). It includes examples of many common CMS formats. The + purpose of this document is to help increase interoperability for + S/MIME and other protocols that rely on CMS. + + + + + + + + + + + + + + + + + + + + + + + + + + +Hoffman, Ed. Informational [Page 1] + +RFC 4134 Examples of S/MIME Messages July 2005 + + +Table of Contents + + 1. Introduction ................................................ 3 + 2. Constants Used in the Examples .............................. 3 + 2.1. Content of Documents .................................. 4 + 2.2. Private Keys .......................................... 4 + 2.3. Certificates .......................................... 13 + 2.4. CRLs .................................................. 33 + 3. Trivial Examples ............................................ 39 + 3.1. ContentInfo with Data Type, BER ....................... 39 + 3.2. ContentInfo with Data Type, DER ....................... 39 + 4. Signed-data ................................................. 39 + 4.1. Basic Signed Content, DSS ............................. 39 + 4.2. Basic Signed Content, RSA ............................. 44 + 4.3. Basic Signed Content, Detached Content ................ 49 + 4.4. Fancier Signed Content ................................ 53 + 4.5. All RSA Signed Message ................................ 68 + 4.6. Multiple Signers ...................................... 75 + 4.7. Signing Using SKI ..................................... 83 + 4.8. S/MIME multipart/signed Message ....................... 87 + 4.9. S/MIME application/pkcs7-mime Signed Message .......... 88 + 4.10. SignedData with Attributes ............................ 89 + 4.11. SignedData with Certificates Only ..................... 101 + 5. Enveloped-data .............................................. 109 + 5.1. Basic Encrypted Content, TripleDES and RSA ............ 109 + 5.2. Basic Encrypted Content, RC2/128 and RSA .............. 110 + 5.3. S/MIME application/pkcs7-mime Encrypted Message ....... 112 + 6. Digested-data ............................................... 112 + 7. Encrypted-data .............................................. 113 + 7.1. Simple EncryptedData .................................. 113 + 7.2. EncryptedData with Unprotected Attributes ............. 114 + 8. Security Considerations ..................................... 115 + 9. References .................................................. 115 + 9.1. Normative References .................................. 115 + 9.2. Informative References ................................ 115 + A. Binaries of the Examples .................................... 116 + A.1. How the Binaries and Extractor Works .................. 116 + A.2. Example Extraction Program ............................ 116 + B. Examples in Order of Appearance ............................. 118 + C. Acknowledgements ............................................ 135 + + + + + + + + + + + +Hoffman, Ed. Informational [Page 2] + +RFC 4134 Examples of S/MIME Messages July 2005 + + +1. Introduction + + The examples in this document show the structure and format of CMS + message bodies, as described in [CMS]. They are useful to + implementors who use protocols that rely on CMS, such as the S/MIME + message format protocol. There are also examples of simple S/MIME + messages [SMIME-MSG] (including the MIME headers). + + Every example in this document has been checked by two different + implementors. This strongly indicates (but does not assure) that the + examples are correct. All CMS implementors must read the CMS + document carefully before implementing from it. No one should use + the examples in this document as stand-alone explanations of how to + create CMS message bodies. + + This document explicitly does not attempt to cover many PKIX [PKIX] + examples. Documents with examples of that format may be forthcoming. + Also, note that [DVCS], which covers PKIX Data Validation and + Certification Server Protocols, has examples of formats for its + protocol. + + The examples shown here were created and validated by many different + people over a long period of time. Because of this, some of the + dates used in the examples are many years in the past. This, plus + the fact that some of the certificates in the examples have very long + lifespans, may cause problems in some test situations. + +2. Constants Used in the Examples + + This section defines the data used in the rest of the document. The + names of the constants indicate their use. For example, + AlicePrivDSSSign is the private part of Alice's DSS signing key. + + - Alice is the creator of the message bodies in this document. + + - Bob is the recipient of the messages. + + - Carl is a CA. + + - Diane sometimes gets involved with these folks. + + - Erica also sometimes gets involved. + + + + + + + + + +Hoffman, Ed. Informational [Page 3] + +RFC 4134 Examples of S/MIME Messages July 2005 + + +2.1. Content of Documents + + ExContent is the following sentence: + + This is some sample content. + + That is, it is the string of characters starting with "T" up to and + including the ".". + + The hex for ExContent is + + 5468 6973 2069 7320 736f 6d65 2073 616d 706c 6520 636f 6e74 656e 742e + + The MD5 hash of ExContent is + + 9898 cac8 fab7 691f f89d c207 24e7 4a04 + + The SHA-1 hash of ExContent is + + 406a ec08 5279 ba6e 1602 2d9e 0629 c022 9687 dd48 + +2.2. Private Keys + + The following private keys are needed to create the samples. To find + the public keys, see the certificates in the next section. + + AlicePrivDSSSign = + 0 30 331: SEQUENCE { + 4 02 1: INTEGER 0 + 7 30 299: SEQUENCE { + 11 06 7: OBJECT IDENTIFIER dsa (1 2 840 10040 4 1) + : (ANSI X9.57 algorithm) + 20 30 286: SEQUENCE { + 24 02 129: INTEGER + : 00 81 8D CD ED 83 EA 0A 9E 39 3E C2 + : 48 28 A3 E4 47 93 DD 0E D7 A8 0E EC + : 53 C5 AB 84 08 4F FF 94 E1 73 48 7E + : 0C D6 F3 44 48 D1 FE 9F AF A4 A1 89 + : 2F E1 D9 30 C8 36 DE 3F 9B BF B7 4C + : DC 5F 69 8A E4 75 D0 37 0C 91 08 95 + : 9B DE A7 5E F9 FC F4 9F 2F DD 43 A8 + : 8B 54 F1 3F B0 07 08 47 4D 5D 88 C3 + : C3 B5 B3 E3 55 08 75 D5 39 76 10 C4 + : 78 BD FF 9D B0 84 97 37 F2 E4 51 1B + : B5 E4 09 96 5C F3 7E 5B DB + 156 02 21: INTEGER + : 00 E2 47 A6 1A 45 66 B8 13 C6 DA 8F + : B8 37 21 2B 62 8B F7 93 CD + + + +Hoffman, Ed. Informational [Page 4] + +RFC 4134 Examples of S/MIME Messages July 2005 + + + 179 02 128: INTEGER + : 26 38 D0 14 89 32 AA 39 FB 3E 6D D9 + : 4B 59 6A 4C 76 23 39 04 02 35 5C F2 + : CB 1A 30 C3 1E 50 5D DD 9B 59 E2 CD + : AA 05 3D 58 C0 7B A2 36 B8 6E 07 AF + : 7D 8A 42 25 A7 F4 75 CF 4A 08 5E 4B + : 3E 90 F8 6D EA 9C C9 21 8A 3B 76 14 + : E9 CE 2E 5D A3 07 CD 23 85 B8 2F 30 + : 01 7C 6D 49 89 11 89 36 44 BD F8 C8 + : 95 4A 53 56 B5 E2 F9 73 EC 1A 61 36 + : 1F 11 7F C2 BD ED D1 50 FF 98 74 C2 + : D1 81 4A 60 39 BA 36 39 + : } + : } + 310 04 23: OCTET STRING, encapsulates { + 312 02 21: INTEGER + : 00 BB 44 46 D1 A5 C9 46 07 2E D0 FE + : 7A D6 92 07 F0 9A 85 89 3F + : } + : } + + AlicePrivRSASign = + 0 30 630: SEQUENCE { + 4 02 1: INTEGER 0 + 7 30 13: SEQUENCE { + 9 06 9: OBJECT IDENTIFIER + : rsaEncryption (1 2 840 113549 1 1 1) + : (PKCS #1) + 20 05 0: NULL + : } + 22 04 608: OCTET STRING, encapsulates { + 26 30 604: SEQUENCE { + 30 02 1: INTEGER 0 + 33 02 129: INTEGER + : 00 E0 89 73 39 8D D8 F5 F5 E8 87 76 + : 39 7F 4E B0 05 BB 53 83 DE 0F B7 AB + : DC 7D C7 75 29 0D 05 2E 6D 12 DF A6 + : 86 26 D4 D2 6F AA 58 29 FC 97 EC FA + : 82 51 0F 30 80 BE B1 50 9E 46 44 F1 + : 2C BB D8 32 CF C6 68 6F 07 D9 B0 60 + : AC BE EE 34 09 6A 13 F5 F7 05 05 93 + : DF 5E BA 35 56 D9 61 FF 19 7F C9 81 + : E6 F8 6C EA 87 40 70 EF AC 6D 2C 74 + : 9F 2D FA 55 3A B9 99 77 02 A6 48 52 + : 8C 4E F3 57 38 57 74 57 5F + 165 02 3: INTEGER 65537 + 170 02 128: INTEGER + : 00 A4 03 C3 27 47 76 34 34 6C A6 86 + + + +Hoffman, Ed. Informational [Page 5] + +RFC 4134 Examples of S/MIME Messages July 2005 + + + : B5 79 49 01 4B 2E 8A D2 C8 62 B2 C7 + : D7 48 09 6A 8B 91 F7 36 F2 75 D6 E8 + : CD 15 90 60 27 31 47 35 64 4D 95 CD + : 67 63 CE B4 9F 56 AC 2F 37 6E 1C EE + : 0E BF 28 2D F4 39 90 6F 34 D8 6E 08 + : 5B D5 65 6A D8 41 F3 13 D7 2D 39 5E + : FE 33 CB FF 29 E4 03 0B 3D 05 A2 8F + : B7 F1 8E A2 76 37 B0 79 57 D3 2F 2B + : DE 87 06 22 7D 04 66 5E C9 1B AF 8B + : 1A C3 EC 91 44 AB 7F 21 + 301 02 65: INTEGER + : 00 F6 D6 E0 22 21 4C 5F 0A 70 FF 27 + : FC E5 B3 50 6A 9D E5 0F B5 85 96 C6 + : 40 FA A8 0A B4 9B 9B 0C 55 C2 01 1D + : F9 37 82 8A 14 C8 F2 93 0E 92 CD A5 + : 66 21 B9 3C D2 06 BF B4 55 31 C9 DC + : AD CA 98 2D D1 + 368 02 65: INTEGER + : 00 E8 DE B0 11 25 09 D2 02 51 01 DE + : 8A E8 98 50 F5 77 77 61 A4 45 93 6B + : 08 55 96 73 5D F4 C8 5B 12 93 22 73 + : 8B 7F D3 70 7F F5 A4 AA BB 74 FD 3C + : 22 6A DA 38 91 2A 86 5B 6C 14 E8 AE + : 4C 9E FA 8E 2F + 435 02 65: INTEGER + : 00 97 4C F0 87 9B 17 7F EE 1B 83 1B + : 14 B6 0B 6A 90 5F 86 27 51 E1 B7 A0 + : 7F F5 E4 88 E3 59 B9 F9 1E 9B D3 29 + : 77 38 22 48 D7 22 B1 25 98 BA 3D 59 + : 53 B7 FA 1E 20 B2 C8 51 16 23 75 93 + : 51 E7 AB CD F1 + 502 02 64: INTEGER + : 2C F0 24 5B FA A0 CD 85 22 EA D0 6E + : 4F FA 6C CD 21 D3 C8 E4 F1 84 44 48 + : 64 73 D7 29 8F 7E 46 8C EC 15 DE E4 + : 51 B3 94 E7 2C 99 2D 55 65 7B 24 EA + : A3 62 1F 3E 6C 4D 67 41 11 3B E1 BE + : E9 83 02 83 + 568 02 64: INTEGER + : 58 88 D9 A1 50 38 84 6A AB 03 BC BB + : DF 4B F4 9C 6F B8 B4 2A 25 FB F6 E4 + : 05 2F 6E E2 88 89 21 6F 4B 25 9E D0 + : AB 50 93 CA BF 40 71 EC 21 25 C5 7F + : FB 02 E9 21 96 B8 33 CD E2 C6 95 EE + : 6F 8D 5F 28 + : } + : } + : } + + + +Hoffman, Ed. Informational [Page 6] + +RFC 4134 Examples of S/MIME Messages July 2005 + + + BobPrivRSAEncrypt = + 0 30 645: SEQUENCE { + 4 02 1: INTEGER 0 + 7 30 13: SEQUENCE { + 9 06 9: OBJECT IDENTIFIER + : rsaEncryption (1 2 840 113549 1 1 1) + : (PKCS #1) + 20 05 0: NULL + : } + 22 04 608: OCTET STRING, encapsulates { + 26 30 604: SEQUENCE { + 30 02 1: INTEGER 0 + 33 02 129: INTEGER + : 00 A9 E1 67 98 3F 39 D5 5F F2 A0 93 + : 41 5E A6 79 89 85 C8 35 5D 9A 91 5B + : FB 1D 01 DA 19 70 26 17 0F BD A5 22 + : D0 35 85 6D 7A 98 66 14 41 5C CF B7 + : B7 08 3B 09 C9 91 B8 19 69 37 6D F9 + : 65 1E 7B D9 A9 33 24 A3 7F 3B BB AF + : 46 01 86 36 34 32 CB 07 03 59 52 FC + : 85 8B 31 04 B8 CC 18 08 14 48 E6 4F + : 1C FB 5D 60 C4 E0 5C 1F 53 D3 7F 53 + : D8 69 01 F1 05 F8 7A 70 D1 BE 83 C6 + : 5F 38 CF 1C 2C AA 6A A7 EB + 165 02 3: INTEGER 65537 + 170 02 128: INTEGER + : 67 CD 48 4C 9A 0D 8F 98 C2 1B 65 FF + : 22 83 9C 6D F0 A6 06 1D BC ED A7 03 + : 88 94 F2 1C 6B 0F 8B 35 DE 0E 82 78 + : 30 CB E7 BA 6A 56 AD 77 C6 EB 51 79 + : 70 79 0A A0 F4 FE 45 E0 A9 B2 F4 19 + : DA 87 98 D6 30 84 74 E4 FC 59 6C C1 + : C6 77 DC A9 91 D0 7C 30 A0 A2 C5 08 + : 5E 21 71 43 FC 0D 07 3D F0 FA 6D 14 + : 9E 4E 63 F0 17 58 79 1C 4B 98 1C 3D + : 3D B0 1B DF FA 25 3B A3 C0 2C 98 05 + : F6 10 09 D8 87 DB 03 19 + 301 02 65: INTEGER + : 00 D0 C3 22 C6 DE A2 99 18 76 8F 8D + : BC A6 75 D6 66 3F D4 8D 45 52 8C 76 + : F5 72 C4 EB F0 46 9A F1 3E 5C AA 55 + : 0B 9B DA DD 6B 6D F8 FC 3B 3C 08 43 + : 93 B5 5B FE CE EA FD 68 84 23 62 AF + : F3 31 C2 B9 E5 + 368 02 65: INTEGER + : 00 D0 51 FC 1E 22 B7 5B ED B5 8E 01 + : C8 D7 AB F2 58 D4 F7 82 94 F3 53 A8 + : 19 45 CB 66 CA 28 19 5F E2 10 2B F3 + + + +Hoffman, Ed. Informational [Page 7] + +RFC 4134 Examples of S/MIME Messages July 2005 + + + : 8F EC 6A 30 74 F8 4D 11 F4 A7 C4 20 + : B5 47 21 DC 49 01 F9 0A 20 29 F0 24 + : 08 84 60 7D 8F + 435 02 64: INTEGER + : 34 BA 64 C9 48 28 57 74 D7 55 50 DE + : 6A 48 EF 1B 2A 5A 1C 48 7B 1E 21 59 + : C3 60 3B 9B 97 A9 C0 EF 18 66 A9 4E + : 62 52 38 84 CE E5 09 88 48 94 69 C5 + : 20 14 99 5A 57 FE 23 6C E4 A7 23 7B + : D0 80 B7 85 + 501 02 65: INTEGER + : 00 9E 2F B3 37 9A FB 0B 06 5D 57 E1 + : 09 06 A4 5D D9 90 96 06 05 5F 24 06 + : 40 72 9C 3A 88 85 9C 87 0F 9D 62 12 + : 88 16 68 A8 35 1A 1B 43 E8 38 C0 98 + : 69 AF 03 0A 48 32 04 4E E9 0F 8F 77 + : 7D 34 30 25 07 + 568 02 64: INTEGER + : 57 18 67 D6 0A D2 B5 AB C2 BA 7A E7 + : 54 DA 9C 05 4F 81 D4 EF 01 89 1E 32 + : 3D 69 CB 31 C4 52 C8 54 55 25 00 3B + : 1C 2A 7C 26 50 D5 E9 A6 D7 77 CB CF + : 15 F5 EE 0B D5 8D EE B3 AF 4C A1 7C + : 63 46 41 F6 + : } + : } + 634 A0 13: [0] { + 636 30 11: SEQUENCE { + 638 06 3: OBJECT IDENTIFIER keyUsage (2 5 29 15) + : (X.509 id-ce (2 5 29)) + 643 31 4: SET { + 645 03 2: BIT STRING 0 unused bits + : '00001000'B (bit 3) + : Error: Spurious zero bits in bitstring. + : } + : } + : } + : } + + CarlPrivDSSSign = + 0 30 330: SEQUENCE { + 4 02 1: INTEGER 0 + 7 30 299: SEQUENCE { + 11 06 7: OBJECT IDENTIFIER dsa (1 2 840 10040 4 1) + : (ANSI X9.57 algorithm) + 20 30 286: SEQUENCE { + 24 02 129: INTEGER + : 00 B6 49 18 3E 8A 44 C1 29 71 94 4C + + + +Hoffman, Ed. Informational [Page 8] + +RFC 4134 Examples of S/MIME Messages July 2005 + + + : 01 C4 12 C1 7A 79 CB 54 4D AB 1E 81 + : FB C6 4C B3 0E 94 09 06 EB 01 D4 B1 + : C8 71 4B C7 45 C0 50 25 5D 9C FC DA + : E4 6D D3 E2 86 48 84 82 7D BA 15 95 + : 4A 16 F6 46 ED DD F6 98 D2 BB 7E 8A + : 0A 8A BA 16 7B B9 50 01 48 93 8B EB + : 25 15 51 97 55 DC 8F 53 0E 10 A9 50 + : FC 70 B7 CD 30 54 FD DA DE A8 AA 22 + : B5 A1 AF 8B CC 02 88 E7 8B 70 5F B9 + : AD E1 08 D4 6D 29 2D D6 E9 + 156 02 21: INTEGER + : 00 DD C1 2F DF 53 CE 0B 34 60 77 3E + : 02 A4 BF 8A 5D 98 B9 10 D5 + 179 02 128: INTEGER + : 0C EE 57 9B 4B BD DA B6 07 6A 74 37 + : 4F 55 7F 9D ED BC 61 0D EB 46 59 3C + : 56 0B 2B 5B 0C 91 CE A5 62 52 69 CA + : E1 6D 3E BD BF FE E1 B7 B9 2B 61 3C + : AD CB AE 45 E3 06 AC 8C 22 9D 9C 44 + : 87 0B C7 CD F0 1C D9 B5 4E 5D 73 DE + : AF 0E C9 1D 5A 51 F5 4F 44 79 35 5A + : 73 AA 7F 46 51 1F A9 42 16 9C 48 EB + : 8A 79 61 B4 D5 2F 53 22 44 63 1F 86 + : B8 A3 58 06 25 F8 29 C0 EF BA E0 75 + : F0 42 C4 63 65 52 9B 0A + : } + : } + 310 04 22: OCTET STRING, encapsulates { + 312 02 20: INTEGER + : 19 B3 38 A5 21 62 31 50 E5 7F B9 3E + : 08 46 78 D1 3E B5 E5 72 + : } + : } + + CarlPrivRSASign = + 0 30 630: SEQUENCE { + 4 02 1: INTEGER 0 + 7 30 13: SEQUENCE { + 9 06 9: OBJECT IDENTIFIER + : rsaEncryption (1 2 840 113549 1 1 1) + : (PKCS #1) + 20 05 0: NULL + : } + 22 04 608: OCTET STRING, encapsulates { + 26 30 604: SEQUENCE { + 30 02 1: INTEGER 0 + 33 02 129: INTEGER + : 00 E4 4B FF 18 B8 24 57 F4 77 FF 6E + + + +Hoffman, Ed. Informational [Page 9] + +RFC 4134 Examples of S/MIME Messages July 2005 + + + : 73 7B 93 71 5C BC 33 1A 92 92 72 23 + : D8 41 46 D0 CD 11 3A 04 B3 8E AF 82 + : 9D BD 51 1E 17 7A F2 76 2C 2B 86 39 + : A7 BD D7 8D 1A 53 EC E4 00 D5 E8 EC + : A2 36 B1 ED E2 50 E2 32 09 8A 3F 9F + : 99 25 8F B8 4E AB B9 7D D5 96 65 DA + : 16 A0 C5 BE 0E AE 44 5B EF 5E F4 A7 + : 29 CB 82 DD AC 44 E9 AA 93 94 29 0E + : F8 18 D6 C8 57 5E F2 76 C4 F2 11 60 + : 38 B9 1B 3C 1D 97 C9 6A F1 + 165 02 3: INTEGER 65537 + 170 02 129: INTEGER + : 00 AE 73 E4 5B 5F 5B 66 5A C9 D7 C6 + : EF 38 5F 53 21 2A 2F 62 FE DE 29 9A + : 7A 86 67 36 E7 7D 62 78 75 3D 73 A0 + : BC 29 0E F3 8F BD C3 C9 C9 B6 F8 BA + : D6 13 9B C3 97 7A CA 6A F0 B8 85 65 + : 4E 0F BD A7 A8 F7 54 06 41 BD EB DC + : 20 77 90 DF 61 9B 9A 6F 74 DE EA 3B + : D4 9C 87 60 ED 76 84 F1 6A 30 37 D5 + : E0 90 16 F8 80 47 C3 19 6B ED 75 77 + : BA 4A ED 39 B6 5D 02 47 3B 5F 1B C8 + : 1C AB CB E8 F5 26 3F A4 81 + 302 02 65: INTEGER + : 00 FF DF 09 A0 56 0B 42 52 9E C4 4D + : 93 B3 B0 49 BB DE E7 81 7D 28 99 D0 + : B1 48 BA 0B 39 E1 1C 7B 22 18 33 B6 + : 40 F6 BF DC AE 1D D0 A1 AD 04 71 5A + : 61 0A 6E 3B CE 30 DA 36 9F 65 25 29 + : BB A7 0E 7F 0B + 369 02 65: INTEGER + : 00 E4 69 68 18 5F F9 57 D0 7C 66 89 + : 0F BA 63 1D 72 CB 20 A4 81 76 64 89 + : CD 7D D1 C2 27 A9 2E AC 7A 56 9A 85 + : 07 D9 30 03 A3 03 AB 7F 88 92 50 24 + : 01 AA 1B 07 1F 20 4C B7 C9 7B 56 F7 + : B6 C2 7E AB 73 + 436 02 64: INTEGER + : 57 36 6C 8F 8C 04 76 6C B6 D4 EE 24 + : 44 00 F8 80 E2 AF 42 01 A9 0F 14 84 + : F8 E7 00 E0 8F 8C 27 A4 2D 5F A2 E5 + : 6D B5 63 C0 AD 44 E9 76 91 A7 19 49 + : 2E 46 F8 77 85 4B 3B 87 04 F0 AF D2 + : D8 54 26 95 + 502 02 64: INTEGER + : 64 A1 0F AC 55 74 1B BD 0D 61 7B 17 + : 03 CD B0 E6 A7 19 1D 80 AF F1 41 48 + : D8 1A B6 88 14 A0 2C 7A C5 76 D4 0F + + + +Hoffman, Ed. Informational [Page 10] + +RFC 4134 Examples of S/MIME Messages July 2005 + + + : 0E 1F 7A 2A B2 6E 37 04 AB 39 45 73 + : BA 46 A8 0F 8D 82 5F 22 14 05 CF A2 + : A3 F3 7C 83 + 568 02 64: INTEGER + : 26 1E 1D 1C A1 98 2B E4 DB 38 E8 57 + : 6E 6B 73 19 88 61 3A FA 74 4A 36 8B + : 47 68 5D 50 EB 26 E3 EA 7D 9B 4E 65 + : A9 AF 7B AB 4B 2E 76 51 3D A8 D0 11 + : AB A3 D6 A8 C0 27 36 1D 54 0B AA A7 + : D1 6D 8D FA + : } + : } + : } + + DianePrivDSSSign = + 0 30 331: SEQUENCE { + 4 02 1: INTEGER 0 + 7 30 299: SEQUENCE { + 11 06 7: OBJECT IDENTIFIER dsa (1 2 840 10040 4 1) + : (ANSI X9.57 algorithm) + 20 30 286: SEQUENCE { + 24 02 129: INTEGER + : 00 B6 49 18 3E 8A 44 C1 29 71 94 4C + : 01 C4 12 C1 7A 79 CB 54 4D AB 1E 81 + : FB C6 4C B3 0E 94 09 06 EB 01 D4 B1 + : C8 71 4B C7 45 C0 50 25 5D 9C FC DA + : E4 6D D3 E2 86 48 84 82 7D BA 15 95 + : 4A 16 F6 46 ED DD F6 98 D2 BB 7E 8A + : 0A 8A BA 16 7B B9 50 01 48 93 8B EB + : 25 15 51 97 55 DC 8F 53 0E 10 A9 50 + : FC 70 B7 CD 30 54 FD DA DE A8 AA 22 + : B5 A1 AF 8B CC 02 88 E7 8B 70 5F B9 + : AD E1 08 D4 6D 29 2D D6 E9 + 156 02 21: INTEGER + : 00 DD C1 2F DF 53 CE 0B 34 60 77 3E + : 02 A4 BF 8A 5D 98 B9 10 D5 + 179 02 128: INTEGER + : 0C EE 57 9B 4B BD DA B6 07 6A 74 37 + : 4F 55 7F 9D ED BC 61 0D EB 46 59 3C + : 56 0B 2B 5B 0C 91 CE A5 62 52 69 CA + : E1 6D 3E BD BF FE E1 B7 B9 2B 61 3C + : AD CB AE 45 E3 06 AC 8C 22 9D 9C 44 + : 87 0B C7 CD F0 1C D9 B5 4E 5D 73 DE + : AF 0E C9 1D 5A 51 F5 4F 44 79 35 5A + : 73 AA 7F 46 51 1F A9 42 16 9C 48 EB + : 8A 79 61 B4 D5 2F 53 22 44 63 1F 86 + : B8 A3 58 06 25 F8 29 C0 EF BA E0 75 + : F0 42 C4 63 65 52 9B 0A + + + +Hoffman, Ed. Informational [Page 11] + +RFC 4134 Examples of S/MIME Messages July 2005 + + + : } + : } + 310 04 23: OCTET STRING, encapsulates { + 312 02 21: INTEGER + : 00 96 95 F9 E0 C1 E0 41 2D 32 0F 8B + : 42 52 93 2A E6 1E 0E 21 29 + : } + : } + + DianePrivRSASignEncrypt = + 0 30 631: SEQUENCE { + 4 02 1: INTEGER 0 + 7 30 13: SEQUENCE { + 9 06 9: OBJECT IDENTIFIER + : rsaEncryption (1 2 840 113549 1 1 1) + : (PKCS #1) + 20 05 0: NULL + : } + 22 04 609: OCTET STRING, encapsulates { + 26 30 605: SEQUENCE { + 30 02 1: INTEGER 0 + 33 02 129: INTEGER + : 00 D6 FD B8 C0 70 C6 4C 25 EC EA CF + : EA 7C BB A2 62 FA F0 E6 32 3A 53 FF + : B1 92 5A 17 F4 20 E1 99 24 82 0A D0 + : F6 7C FB 44 CA 8B 27 06 F1 7E 26 03 + : A9 76 9D CF EC A0 2C 70 96 F2 83 42 + : F6 D4 B7 28 0A BB F8 BF 4A 4C 19 3F + : 07 DB A0 C1 60 1E B7 7E 67 F7 DE B1 + : C3 60 49 AC 45 D7 F8 C6 EF 08 37 21 + : 93 47 EE F0 73 35 72 B0 02 C4 F3 11 + : C3 5E 47 E5 0A B7 83 F1 DB 74 69 64 + : 8B 44 1D 95 5D CD 28 C0 85 + 165 02 3: INTEGER 65537 + 170 02 128: INTEGER + : 3D BD CD C2 0E 61 14 5B 4B E7 BF 60 + : 23 04 2B C5 6B 35 A5 96 45 23 FC 69 + : 7D 93 3C 0F D3 25 96 BA 62 52 42 E2 + : 96 CF FE 58 80 8F EB B1 8C BD D4 0D + : 65 D0 3A 77 45 24 9E 0C EB 86 80 C3 + : AC 21 11 71 44 E3 B2 A8 A9 2E AC 17 + : D2 A3 84 25 63 B5 BC 2F 1E DD F6 21 + : FF 15 20 24 5B F1 80 2F D5 41 0E 32 + : 24 F7 D4 4A 32 9E B9 49 D8 19 8E 3F + : 39 8D 62 BD 80 FC 0C 24 92 93 E4 C3 + : D7 05 91 53 BB 96 B6 41 + 301 02 65: INTEGER + : 00 F3 B8 3F 4A D1 94 B0 91 60 13 41 + + + +Hoffman, Ed. Informational [Page 12] + +RFC 4134 Examples of S/MIME Messages July 2005 + + + : 92 0D 8D 44 3F 77 1D FF 96 23 44 08 + : D4 0B 70 C9 1A AF E9 90 94 F2 B0 D5 + : 5F 4F 19 85 50 A1 90 91 AE BD 05 76 + : 52 B3 22 D8 A8 7C 8E 54 7F 00 72 4F + : 36 75 68 73 B5 + 368 02 65: INTEGER + : 00 E1 D2 E7 11 57 06 AE 72 95 22 16 + : AA 02 B4 5A ED 4E 9D 82 11 4F 96 3C + : 86 C9 10 8D 56 7B 31 75 79 69 E7 75 + : 68 38 00 4B 2E D2 26 32 DD B1 E2 E0 + : 2C 54 80 0A 75 BA D1 66 96 1B B0 0E + : A0 7E D2 BB 91 + 435 02 65: INTEGER + : 00 AF B6 BC DB 22 73 43 41 EC B4 B5 + : 67 A9 A1 99 FC EF D2 8E FD 1D FB E5 + : 29 8B FE 0A DF D4 C8 5E 57 25 0A 5D + : 2B D4 09 A0 56 5B C5 B1 62 FC 20 BE + : 08 2D E3 07 B5 A1 E7 B3 FF C4 C0 A5 + : 5F AC 12 5C A9 + 502 02 65: INTEGER + : 00 B9 98 41 FC 08 50 1F 73 60 8A 01 + : A2 7C 52 8A 20 5A EA 2C 89 D9 A5 19 + : DD 94 C6 1B C3 25 C0 82 51 E4 EE 2B + : 9A 19 DC 73 ED E9 1D 27 D4 F8 6C 03 + : DD AB 1D 08 7B B5 AC 7F E9 82 9B F1 + : 89 8A 71 DB 61 + 569 02 64: INTEGER + : 01 07 21 97 5F 7A 60 A8 FD 5A 5C 07 + : DF A8 DE F7 E2 B1 34 7D FC EB 91 BD + : B0 73 74 C8 C4 BE 3F 58 45 30 06 90 + : B3 AC 69 CC B3 F7 3F 7C AC C7 B8 1B + : 65 A1 16 39 39 B0 E3 74 7D CF CD C5 + : AC 6C BF E5 + : } + : } + : } + +2.3. Certificates + + AliceDSSSignByCarlNoInherit = + 0 30 732: SEQUENCE { + 4 30 667: SEQUENCE { + 8 A0 3: [0] { + 10 02 1: INTEGER 2 + : } + 13 02 2: INTEGER 200 + 17 30 9: SEQUENCE { + 19 06 7: OBJECT IDENTIFIER dsaWithSha1 (1 2 840 10040 4 3) + + + +Hoffman, Ed. Informational [Page 13] + +RFC 4134 Examples of S/MIME Messages July 2005 + + + : (ANSI X9.57 algorithm) + : } + 28 30 18: SEQUENCE { + 30 31 16: SET { + 32 30 14: SEQUENCE { + 34 06 3: OBJECT IDENTIFIER commonName (2 5 4 3) + : (X.520 id-at (2 5 4)) + 39 13 7: PrintableString 'CarlDSS' + : } + : } + : } + 48 30 30: SEQUENCE { + 50 17 13: UTCTime '990817011049Z' + 65 17 13: UTCTime '391231235959Z' + : } + 80 30 19: SEQUENCE { + 82 31 17: SET { + 84 30 15: SEQUENCE { + 86 06 3: OBJECT IDENTIFIER commonName (2 5 4 3) + : (X.520 id-at (2 5 4)) + 91 13 8: PrintableString 'AliceDSS' + : } + : } + : } + 101 30 438: SEQUENCE { + 105 30 299: SEQUENCE { + 109 06 7: OBJECT IDENTIFIER dsa (1 2 840 10040 4 1) + : (ANSI X9.57 algorithm) + 118 30 286: SEQUENCE { + 122 02 129: INTEGER + : 00 81 8D CD ED 83 EA 0A 9E 39 3E C2 + : 48 28 A3 E4 47 93 DD 0E D7 A8 0E EC + : 53 C5 AB 84 08 4F FF 94 E1 73 48 7E + : 0C D6 F3 44 48 D1 FE 9F AF A4 A1 89 + : 2F E1 D9 30 C8 36 DE 3F 9B BF B7 4C + : DC 5F 69 8A E4 75 D0 37 0C 91 08 95 + : 9B DE A7 5E F9 FC F4 9F 2F DD 43 A8 + : 8B 54 F1 3F B0 07 08 47 4D 5D 88 C3 + : C3 B5 B3 E3 55 08 75 D5 39 76 10 C4 + : 78 BD FF 9D B0 84 97 37 F2 E4 51 1B + : B5 E4 09 96 5C F3 7E 5B DB + 254 02 21: INTEGER + : 00 E2 47 A6 1A 45 66 B8 13 C6 DA 8F + : B8 37 21 2B 62 8B F7 93 CD + 277 02 128: INTEGER + : 26 38 D0 14 89 32 AA 39 FB 3E 6D D9 + : 4B 59 6A 4C 76 23 39 04 02 35 5C F2 + : CB 1A 30 C3 1E 50 5D DD 9B 59 E2 CD + + + +Hoffman, Ed. Informational [Page 14] + +RFC 4134 Examples of S/MIME Messages July 2005 + + + : AA 05 3D 58 C0 7B A2 36 B8 6E 07 AF + : 7D 8A 42 25 A7 F4 75 CF 4A 08 5E 4B + : 3E 90 F8 6D EA 9C C9 21 8A 3B 76 14 + : E9 CE 2E 5D A3 07 CD 23 85 B8 2F 30 + : 01 7C 6D 49 89 11 89 36 44 BD F8 C8 + : 95 4A 53 56 B5 E2 F9 73 EC 1A 61 36 + : 1F 11 7F C2 BD ED D1 50 FF 98 74 C2 + : D1 81 4A 60 39 BA 36 39 + : } + : } + 408 03 132: BIT STRING 0 unused bits, encapsulates { + 412 02 128: INTEGER + : 5C E3 B9 5A 75 14 96 0B A9 7A DD E3 + : 3F A9 EC AC 5E DC BD B7 13 11 34 A6 + : 16 89 28 11 23 D9 34 86 67 75 75 13 + : 12 3D 43 5B 6F E5 51 BF FA 89 F2 A2 + : 1B 3E 24 7D 3D 07 8D 5B 63 C8 BB 45 + : A5 A0 4A E3 85 D6 CE 06 80 3F E8 23 + : 7E 1A F2 24 AB 53 1A B8 27 0D 1E EF + : 08 BF 66 14 80 5C 62 AC 65 FA 15 8B + : F1 BB 34 D4 D2 96 37 F6 61 47 B2 C4 + : 32 84 F0 7E 41 40 FD 46 A7 63 4E 33 + : F2 A5 E2 F4 F2 83 E5 B8 + : } + : } + 543 A3 129: [3] { + 546 30 127: SEQUENCE { + 548 30 12: SEQUENCE { + 550 06 3: OBJECT IDENTIFIER + : basicConstraints (2 5 29 19) + : (X.509 id-ce (2 5 29)) + 555 01 1: BOOLEAN TRUE + 558 04 2: OCTET STRING, encapsulates { + 560 30 0: SEQUENCE {} + : } + : } + 562 30 14: SEQUENCE { + 564 06 3: OBJECT IDENTIFIER keyUsage (2 5 29 15) + : (X.509 id-ce (2 5 29)) + 569 01 1: BOOLEAN TRUE + 572 04 4: OCTET STRING, encapsulates { + 574 03 2: BIT STRING 6 unused bits + : '11'B + : } + : } + 578 30 31: SEQUENCE { + 580 06 3: OBJECT IDENTIFIER + : authorityKeyIdentifier (2 5 29 35) + + + +Hoffman, Ed. Informational [Page 15] + +RFC 4134 Examples of S/MIME Messages July 2005 + + + : (X.509 id-ce (2 5 29)) + 585 04 24: OCTET STRING, encapsulates { + 587 30 22: SEQUENCE { + 589 80 20: [0] + : 70 44 3E 82 2E 6F 87 DE 4A D3 75 E3 + : 3D 20 BC 43 2B 93 F1 1F + : } + : } + : } + 611 30 29: SEQUENCE { + 613 06 3: OBJECT IDENTIFIER + : subjectKeyIdentifier (2 5 29 14) + : (X.509 id-ce (2 5 29)) + 618 04 22: OCTET STRING, encapsulates { + 620 04 20: OCTET STRING + : BE 6C A1 B3 E3 C1 F7 ED 43 70 A4 CE + : 13 01 E2 FD E3 97 FE CD + : } + : } + 642 30 31: SEQUENCE { + 644 06 3: OBJECT IDENTIFIER subjectAltName (2 5 29 17) + : (X.509 id-ce (2 5 29)) + 649 04 24: OCTET STRING, encapsulates { + 651 30 22: SEQUENCE { + 653 81 20: [1] 'AliceDSS@example.com' + : } + : } + : } + : } + : } + : } + 675 30 9: SEQUENCE { + 677 06 7: OBJECT IDENTIFIER dsaWithSha1 (1 2 840 10040 4 3) + : (ANSI X9.57 algorithm) + : } + 686 03 48: BIT STRING 0 unused bits, encapsulates { + 689 30 45: SEQUENCE { + 691 02 20: INTEGER + : 55 0C A4 19 1F 42 2B 89 71 22 33 8D + : 83 6A B5 3D 67 6B BF 45 + 713 02 21: INTEGER + : 00 9F 61 53 52 54 0B 5C B2 DD DA E7 + : 76 1D E2 10 52 5B 43 5E BD + : } + : } + : } + + AliceRSASignByCarl = + + + +Hoffman, Ed. Informational [Page 16] + +RFC 4134 Examples of S/MIME Messages July 2005 + + + 0 30 556: SEQUENCE { + 4 30 405: SEQUENCE { + 8 A0 3: [0] { + 10 02 1: INTEGER 2 + : } + 13 02 16: INTEGER + : 46 34 6B C7 80 00 56 BC 11 D3 6E 2E + : C4 10 B3 B0 + 31 30 13: SEQUENCE { + 33 06 9: OBJECT IDENTIFIER + : sha1withRSAEncryption (1 2 840 113549 1 1 5) + : (PKCS #1) + 44 05 0: NULL + : } + 46 30 18: SEQUENCE { + 48 31 16: SET { + 50 30 14: SEQUENCE { + 52 06 3: OBJECT IDENTIFIER commonName (2 5 4 3) + : (X.520 id-at (2 5 4)) + 57 13 7: PrintableString 'CarlRSA' + : } + : } + : } + 66 30 30: SEQUENCE { + 68 17 13: UTCTime '990919010847Z' + 83 17 13: UTCTime '391231235959Z' + : } + 98 30 19: SEQUENCE { + 100 31 17: SET { + 102 30 15: SEQUENCE { + 104 06 3: OBJECT IDENTIFIER commonName (2 5 4 3) + : (X.520 id-at (2 5 4)) + 109 13 8: PrintableString 'AliceRSA' + : } + : } + : } + 119 30 159: SEQUENCE { + 122 30 13: SEQUENCE { + 124 06 9: OBJECT IDENTIFIER + : rsaEncryption (1 2 840 113549 1 1 1) + : (PKCS #1) + 135 05 0: NULL + : } + 137 03 141: BIT STRING 0 unused bits, encapsulates { + 141 30 137: SEQUENCE { + 144 02 129: INTEGER + : 00 E0 89 73 39 8D D8 F5 F5 E8 87 76 + : 39 7F 4E B0 05 BB 53 83 DE 0F B7 AB + + + +Hoffman, Ed. Informational [Page 17] + +RFC 4134 Examples of S/MIME Messages July 2005 + + + : DC 7D C7 75 29 0D 05 2E 6D 12 DF A6 + : 86 26 D4 D2 6F AA 58 29 FC 97 EC FA + : 82 51 0F 30 80 BE B1 50 9E 46 44 F1 + : 2C BB D8 32 CF C6 68 6F 07 D9 B0 60 + : AC BE EE 34 09 6A 13 F5 F7 05 05 93 + : DF 5E BA 35 56 D9 61 FF 19 7F C9 81 + : E6 F8 6C EA 87 40 70 EF AC 6D 2C 74 + : 9F 2D FA 55 3A B9 99 77 02 A6 48 52 + : 8C 4E F3 57 38 57 74 57 5F + 276 02 3: INTEGER 65537 + : } + : } + : } + 281 A3 129: [3] { + 284 30 127: SEQUENCE { + 286 30 12: SEQUENCE { + 288 06 3: OBJECT IDENTIFIER + : basicConstraints (2 5 29 19) + : (X.509 id-ce (2 5 29)) + 293 01 1: BOOLEAN TRUE + 296 04 2: OCTET STRING, encapsulates { + 298 30 0: SEQUENCE {} + : } + : } + 300 30 14: SEQUENCE { + 302 06 3: OBJECT IDENTIFIER keyUsage (2 5 29 15) + : (X.509 id-ce (2 5 29)) + 307 01 1: BOOLEAN TRUE + 310 04 4: OCTET STRING, encapsulates { + 312 03 2: BIT STRING 6 unused bits + : '11'B + : } + : } + 316 30 31: SEQUENCE { + 318 06 3: OBJECT IDENTIFIER + : authorityKeyIdentifier (2 5 29 35) + : (X.509 id-ce (2 5 29)) + 323 04 24: OCTET STRING, encapsulates { + 325 30 22: SEQUENCE { + 327 80 20: [0] + : E9 E0 90 27 AC 78 20 7A 9A D3 4C F2 + : 42 37 4E 22 AE 9E 38 BB + : } + : } + : } + 349 30 29: SEQUENCE { + 351 06 3: OBJECT IDENTIFIER + : subjectKeyIdentifier (2 5 29 14) + + + +Hoffman, Ed. Informational [Page 18] + +RFC 4134 Examples of S/MIME Messages July 2005 + + + : (X.509 id-ce (2 5 29)) + 356 04 22: OCTET STRING, encapsulates { + 358 04 20: OCTET STRING + : 77 D2 B4 D1 B7 4C 8A 8A A3 CE 45 9D + : CE EC 3C A0 3A E3 FF 50 + : } + : } + 380 30 31: SEQUENCE { + 382 06 3: OBJECT IDENTIFIER subjectAltName (2 5 29 17) + : (X.509 id-ce (2 5 29)) + 387 04 24: OCTET STRING, encapsulates { + 389 30 22: SEQUENCE { + 391 81 20: [1] 'AliceRSA@example.com' + : } + : } + : } + : } + : } + : } + 413 30 13: SEQUENCE { + 415 06 9: OBJECT IDENTIFIER + : sha1withRSAEncryption (1 2 840 113549 1 1 5) + : (PKCS #1) + 426 05 0: NULL + : } + 428 03 129: BIT STRING 0 unused bits + : 3E 70 47 A8 48 CC 13 58 8F CA 51 71 + : 6B 4E 36 18 5D 04 7E 80 B1 8D 4D CC + : CA A3 8F CC 7D 56 C8 BC CF 6E B3 1C + : 59 A9 20 AA 05 81 A8 4E 25 AD A7 70 + : 14 75 2F F5 C7 9B D1 0E E9 63 D2 64 + : B7 C6 66 6E 73 21 54 DF F4 BA 25 5D + : 7D 49 D3 94 6B 22 36 74 73 B8 4A EC + : 2F 64 ED D3 3D D2 A7 42 C5 E8 37 8A + : B4 DB 9F 67 E4 BD 9F F9 FE 74 EF EA + : F9 EE 63 6A D8 3F 4B 25 09 B5 D8 1A + : 76 AE EB 9B DB 49 B0 22 + : } + + BobRSASignByCarl = + 0 30 551: SEQUENCE { + 4 30 400: SEQUENCE { + 8 A0 3: [0] { + 10 02 1: INTEGER 2 + : } + 13 02 16: INTEGER + : 46 34 6B C7 80 00 56 BC 11 D3 6E 2E + : CD 5D 71 D0 + + + +Hoffman, Ed. Informational [Page 19] + +RFC 4134 Examples of S/MIME Messages July 2005 + + + 31 30 13: SEQUENCE { + 33 06 9: OBJECT IDENTIFIER + : sha1withRSAEncryption (1 2 840 113549 1 1 5) + : (PKCS #1) + 44 05 0: NULL + : } + 46 30 18: SEQUENCE { + 48 31 16: SET { + 50 30 14: SEQUENCE { + 52 06 3: OBJECT IDENTIFIER commonName (2 5 4 3) + : (X.520 id-at (2 5 4)) + 57 13 7: PrintableString 'CarlRSA' + : } + : } + : } + 66 30 30: SEQUENCE { + 68 17 13: UTCTime '990919010902Z' + 83 17 13: UTCTime '391231235959Z' + : } + 98 30 17: SEQUENCE { + 100 31 15: SET { + 102 30 13: SEQUENCE { + 104 06 3: OBJECT IDENTIFIER commonName (2 5 4 3) + : (X.520 id-at (2 5 4)) + 109 13 6: PrintableString 'BobRSA' + : } + : } + : } + 117 30 159: SEQUENCE { + 120 30 13: SEQUENCE { + 122 06 9: OBJECT IDENTIFIER + : rsaEncryption (1 2 840 113549 1 1 1) + : (PKCS #1) + 133 05 0: NULL + : } + 135 03 141: BIT STRING 0 unused bits, encapsulates { + 139 30 137: SEQUENCE { + 142 02 129: INTEGER + : 00 A9 E1 67 98 3F 39 D5 5F F2 A0 93 + : 41 5E A6 79 89 85 C8 35 5D 9A 91 5B + : FB 1D 01 DA 19 70 26 17 0F BD A5 22 + : D0 35 85 6D 7A 98 66 14 41 5C CF B7 + : B7 08 3B 09 C9 91 B8 19 69 37 6D F9 + : 65 1E 7B D9 A9 33 24 A3 7F 3B BB AF + : 46 01 86 36 34 32 CB 07 03 59 52 FC + : 85 8B 31 04 B8 CC 18 08 14 48 E6 4F + : 1C FB 5D 60 C4 E0 5C 1F 53 D3 7F 53 + : D8 69 01 F1 05 F8 7A 70 D1 BE 83 C6 + + + +Hoffman, Ed. Informational [Page 20] + +RFC 4134 Examples of S/MIME Messages July 2005 + + + : 5F 38 CF 1C 2C AA 6A A7 EB + 274 02 3: INTEGER 65537 + : } + : } + : } + 279 A3 127: [3] { + 281 30 125: SEQUENCE { + 283 30 12: SEQUENCE { + 285 06 3: OBJECT IDENTIFIER + : basicConstraints (2 5 29 19) + : (X.509 id-ce (2 5 29)) + 290 01 1: BOOLEAN TRUE + 293 04 2: OCTET STRING, encapsulates { + 295 30 0: SEQUENCE {} + : } + : } + 297 30 14: SEQUENCE { + 299 06 3: OBJECT IDENTIFIER keyUsage (2 5 29 15) + : (X.509 id-ce (2 5 29)) + 304 01 1: BOOLEAN TRUE + 307 04 4: OCTET STRING, encapsulates { + 309 03 2: BIT STRING 5 unused bits + : '100'B (bit 2) + : } + : } + 313 30 31: SEQUENCE { + 315 06 3: OBJECT IDENTIFIER + : authorityKeyIdentifier (2 5 29 35) + : (X.509 id-ce (2 5 29)) + 320 04 24: OCTET STRING, encapsulates { + 322 30 22: SEQUENCE { + 324 80 20: [0] + : E9 E0 90 27 AC 78 20 7A 9A D3 4C F2 + : 42 37 4E 22 AE 9E 38 BB + : } + : } + : } + 346 30 29: SEQUENCE { + 348 06 3: OBJECT IDENTIFIER + : subjectKeyIdentifier (2 5 29 14) + : (X.509 id-ce (2 5 29)) + 353 04 22: OCTET STRING, encapsulates { + 355 04 20: OCTET STRING + : E8 F4 B8 67 D8 B3 96 A4 2A F3 11 AA + : 29 D3 95 5A 86 16 B4 24 + : } + : } + 377 30 29: SEQUENCE { + + + +Hoffman, Ed. Informational [Page 21] + +RFC 4134 Examples of S/MIME Messages July 2005 + + + 379 06 3: OBJECT IDENTIFIER subjectAltName (2 5 29 17) + : (X.509 id-ce (2 5 29)) + 384 04 22: OCTET STRING, encapsulates { + 386 30 20: SEQUENCE { + 388 81 18: [1] 'BobRSA@example.com' + : } + : } + : } + : } + : } + : } + 408 30 13: SEQUENCE { + 410 06 9: OBJECT IDENTIFIER + : sha1withRSAEncryption (1 2 840 113549 1 1 5) + : (PKCS #1) + 421 05 0: NULL + : } + 423 03 129: BIT STRING 0 unused bits + : 7B 8E 66 C5 F1 10 3F 10 20 4C 88 71 + : AB 7B 40 6B 21 33 FA 4A 95 DE 9D 0E + : 5B 6B 94 21 05 C0 F2 E1 7E 2A CD 9C + : 93 88 87 FB 8B B7 7E 7D 41 61 E1 E4 + : D6 6D F9 E2 04 55 61 45 BC 64 27 44 + : C0 A1 BD 59 79 D9 1D 64 3C 21 D6 45 + : B0 5D 68 33 92 EA AC F1 57 E5 81 7D + : 98 E6 35 91 A3 39 DE 77 F4 E8 1C 3B + : 29 DC 7F 51 07 97 F3 36 F0 50 0A DD + : 9B DE B6 5E 38 11 2B FB 57 EA 89 6D + : AD C9 88 D8 8F CF 2B D3 + : } + + CarlDSSSelf = + 0 30 667: SEQUENCE { + 4 30 602: SEQUENCE { + 8 A0 3: [0] { + 10 02 1: INTEGER 2 + : } + 13 02 1: INTEGER 1 + 16 30 9: SEQUENCE { + 18 06 7: OBJECT IDENTIFIER dsaWithSha1 (1 2 840 10040 4 3) + : (ANSI X9.57 algorithm) + : } + 27 30 18: SEQUENCE { + 29 31 16: SET { + 31 30 14: SEQUENCE { + 33 06 3: OBJECT IDENTIFIER commonName (2 5 4 3) + : (X.520 id-at (2 5 4)) + 38 13 7: PrintableString 'CarlDSS' + + + +Hoffman, Ed. Informational [Page 22] + +RFC 4134 Examples of S/MIME Messages July 2005 + + + : } + : } + : } + 47 30 30: SEQUENCE { + 49 17 13: UTCTime '990816225050Z' + 64 17 13: UTCTime '391231235959Z' + : } + 79 30 18: SEQUENCE { + 81 31 16: SET { + 83 30 14: SEQUENCE { + 85 06 3: OBJECT IDENTIFIER commonName (2 5 4 3) + : (X.520 id-at (2 5 4)) + 90 13 7: PrintableString 'CarlDSS' + : } + : } + : } + 99 30 439: SEQUENCE { + 103 30 299: SEQUENCE { + 107 06 7: OBJECT IDENTIFIER dsa (1 2 840 10040 4 1) + : (ANSI X9.57 algorithm) + 116 30 286: SEQUENCE { + 120 02 129: INTEGER + : 00 B6 49 18 3E 8A 44 C1 29 71 94 4C + : 01 C4 12 C1 7A 79 CB 54 4D AB 1E 81 + : FB C6 4C B3 0E 94 09 06 EB 01 D4 B1 + : C8 71 4B C7 45 C0 50 25 5D 9C FC DA + : E4 6D D3 E2 86 48 84 82 7D BA 15 95 + : 4A 16 F6 46 ED DD F6 98 D2 BB 7E 8A + : 0A 8A BA 16 7B B9 50 01 48 93 8B EB + : 25 15 51 97 55 DC 8F 53 0E 10 A9 50 + : FC 70 B7 CD 30 54 FD DA DE A8 AA 22 + : B5 A1 AF 8B CC 02 88 E7 8B 70 5F B9 + : AD E1 08 D4 6D 29 2D D6 E9 + 252 02 21: INTEGER + : 00 DD C1 2F DF 53 CE 0B 34 60 77 3E + : 02 A4 BF 8A 5D 98 B9 10 D5 + 275 02 128: INTEGER + : 0C EE 57 9B 4B BD DA B6 07 6A 74 37 + : 4F 55 7F 9D ED BC 61 0D EB 46 59 3C + : 56 0B 2B 5B 0C 91 CE A5 62 52 69 CA + : E1 6D 3E BD BF FE E1 B7 B9 2B 61 3C + : AD CB AE 45 E3 06 AC 8C 22 9D 9C 44 + : 87 0B C7 CD F0 1C D9 B5 4E 5D 73 DE + : AF 0E C9 1D 5A 51 F5 4F 44 79 35 5A + : 73 AA 7F 46 51 1F A9 42 16 9C 48 EB + : 8A 79 61 B4 D5 2F 53 22 44 63 1F 86 + : B8 A3 58 06 25 F8 29 C0 EF BA E0 75 + : F0 42 C4 63 65 52 9B 0A + + + +Hoffman, Ed. Informational [Page 23] + +RFC 4134 Examples of S/MIME Messages July 2005 + + + : } + : } + 406 03 133: BIT STRING 0 unused bits, encapsulates { + 410 02 129: INTEGER + : 00 99 87 74 27 03 66 A0 B1 C0 AD DC + : 2C 75 BB E1 6C 44 9C DA 21 6D 4D 47 + : 6D B1 62 09 E9 D8 AE 1E F2 3A B4 94 + : B1 A3 8E 7A 9B 71 4E 00 94 C9 B4 25 + : 4E B9 60 96 19 24 01 F3 62 0C FE 75 + : C0 FB CE D8 68 00 E3 FD D5 70 4F DF + : 23 96 19 06 94 F4 B1 61 8F 3A 57 B1 + : 08 11 A4 0B 26 25 F0 52 76 81 EA 0B + : 62 0D 95 2A E6 86 BA 72 B2 A7 50 83 + : 0B AA 27 CD 1B A9 4D 89 9A D7 8D 18 + : 39 84 3F 8B C5 56 4D 80 7A + : } + : } + 542 A3 66: [3] { + 544 30 64: SEQUENCE { + 546 30 15: SEQUENCE { + 548 06 3: OBJECT IDENTIFIER + : basicConstraints (2 5 29 19) + : (X.509 id-ce (2 5 29)) + 553 01 1: BOOLEAN TRUE + 556 04 5: OCTET STRING, encapsulates { + 558 30 3: SEQUENCE { + 560 01 1: BOOLEAN TRUE + : } + : } + : } + 563 30 14: SEQUENCE { + 565 06 3: OBJECT IDENTIFIER keyUsage (2 5 29 15) + : (X.509 id-ce (2 5 29)) + 570 01 1: BOOLEAN TRUE + 573 04 4: OCTET STRING, encapsulates { + 575 03 2: BIT STRING 1 unused bits + : '1100001'B + : } + : } + 579 30 29: SEQUENCE { + 581 06 3: OBJECT IDENTIFIER + : subjectKeyIdentifier (2 5 29 14) + : (X.509 id-ce (2 5 29)) + 586 04 22: OCTET STRING, encapsulates { + 588 04 20: OCTET STRING + : 70 44 3E 82 2E 6F 87 DE 4A D3 75 E3 + : 3D 20 BC 43 2B 93 F1 1F + : } + + + +Hoffman, Ed. Informational [Page 24] + +RFC 4134 Examples of S/MIME Messages July 2005 + + + : } + : } + : } + : } + 610 30 9: SEQUENCE { + 612 06 7: OBJECT IDENTIFIER dsaWithSha1 (1 2 840 10040 4 3) + : (ANSI X9.57 algorithm) + : } + 621 03 48: BIT STRING 0 unused bits, encapsulates { + 624 30 45: SEQUENCE { + 626 02 20: INTEGER + : 6B A9 F0 4E 7A 5A 79 E3 F9 BE 3D 2B + : C9 06 37 E9 11 17 A1 13 + 648 02 21: INTEGER + : 00 8F 34 69 2A 8B B1 3C 03 79 94 32 + : 4D 12 1F CE 89 FB 46 B2 3B + : } + : } + : } + + CarlRSASelf = + 0 30 491: SEQUENCE { + 4 30 340: SEQUENCE { + 8 A0 3: [0] { + 10 02 1: INTEGER 2 + : } + 13 02 16: INTEGER + : 46 34 6B C7 80 00 56 BC 11 D3 6E 2E + : 9F F2 50 20 + 31 30 13: SEQUENCE { + 33 06 9: OBJECT IDENTIFIER + : sha1withRSAEncryption (1 2 840 113549 1 1 5) + : (PKCS #1) + 44 05 0: NULL + : } + 46 30 18: SEQUENCE { + 48 31 16: SET { + 50 30 14: SEQUENCE { + 52 06 3: OBJECT IDENTIFIER commonName (2 5 4 3) + : (X.520 id-at (2 5 4)) + 57 13 7: PrintableString 'CarlRSA' + : } + : } + : } + 66 30 30: SEQUENCE { + 68 17 13: UTCTime '990818070000Z' + 83 17 13: UTCTime '391231235959Z' + : } + + + +Hoffman, Ed. Informational [Page 25] + +RFC 4134 Examples of S/MIME Messages July 2005 + + + 98 30 18: SEQUENCE { + 100 31 16: SET { + 102 30 14: SEQUENCE { + 104 06 3: OBJECT IDENTIFIER commonName (2 5 4 3) + : (X.520 id-at (2 5 4)) + 109 13 7: PrintableString 'CarlRSA' + : } + : } + : } + 118 30 159: SEQUENCE { + 121 30 13: SEQUENCE { + 123 06 9: OBJECT IDENTIFIER + : rsaEncryption (1 2 840 113549 1 1 1) + : (PKCS #1) + 134 05 0: NULL + : } + 136 03 141: BIT STRING 0 unused bits, encapsulates { + 140 30 137: SEQUENCE { + 143 02 129: INTEGER + : 00 E4 4B FF 18 B8 24 57 F4 77 FF 6E + : 73 7B 93 71 5C BC 33 1A 92 92 72 23 + : D8 41 46 D0 CD 11 3A 04 B3 8E AF 82 + : 9D BD 51 1E 17 7A F2 76 2C 2B 86 39 + : A7 BD D7 8D 1A 53 EC E4 00 D5 E8 EC + : A2 36 B1 ED E2 50 E2 32 09 8A 3F 9F + : 99 25 8F B8 4E AB B9 7D D5 96 65 DA + : 16 A0 C5 BE 0E AE 44 5B EF 5E F4 A7 + : 29 CB 82 DD AC 44 E9 AA 93 94 29 0E + : F8 18 D6 C8 57 5E F2 76 C4 F2 11 60 + : 38 B9 1B 3C 1D 97 C9 6A F1 + 275 02 3: INTEGER 65537 + : } + : } + : } + 280 A3 66: [3] { + 282 30 64: SEQUENCE { + 284 30 15: SEQUENCE { + 286 06 3: OBJECT IDENTIFIER + : basicConstraints (2 5 29 19) + : (X.509 id-ce (2 5 29)) + 291 01 1: BOOLEAN TRUE + 294 04 5: OCTET STRING, encapsulates { + 296 30 3: SEQUENCE { + 298 01 1: BOOLEAN TRUE + : } + : } + : } + 301 30 14: SEQUENCE { + + + +Hoffman, Ed. Informational [Page 26] + +RFC 4134 Examples of S/MIME Messages July 2005 + + + 303 06 3: OBJECT IDENTIFIER keyUsage (2 5 29 15) + : (X.509 id-ce (2 5 29)) + 308 01 1: BOOLEAN TRUE + 311 04 4: OCTET STRING, encapsulates { + 313 03 2: BIT STRING 1 unused bits + : '1100001'B + : } + : } + 317 30 29: SEQUENCE { + 319 06 3: OBJECT IDENTIFIER + : subjectKeyIdentifier (2 5 29 14) + : (X.509 id-ce (2 5 29)) + 324 04 22: OCTET STRING, encapsulates { + 326 04 20: OCTET STRING + : E9 E0 90 27 AC 78 20 7A 9A D3 4C F2 + : 42 37 4E 22 AE 9E 38 BB + : } + : } + : } + : } + : } + 348 30 13: SEQUENCE { + 350 06 9: OBJECT IDENTIFIER + : sha1withRSAEncryption (1 2 840 113549 1 1 5) + : (PKCS #1) + 361 05 0: NULL + : } + 363 03 129: BIT STRING 0 unused bits + : B7 9E D4 04 D3 ED 29 E4 FF 89 89 15 + : 2E 4C DB 0C F0 48 0F 32 61 EE C4 04 + : EC 12 5D 2D FF 0F 64 59 7E 0A C3 ED + : 18 FD E3 56 40 37 A7 07 B5 F0 38 12 + : 61 50 ED EF DD 3F E3 0B B8 61 A5 A4 + : 9B 3C E6 9E 9C 54 9A B6 95 D6 DA 6C + : 3B B5 2D 45 35 9D 49 01 76 FA B9 B9 + : 31 F9 F9 6B 12 53 A0 F5 14 60 9B 7D + : CA 3E F2 53 6B B0 37 6F AD E6 74 D7 + : DB FA 5A EA 14 41 63 5D CD BE C8 0E + : C1 DA 6A 8D 53 34 18 02 + : } + + DianeDSSSignByCarlInherit = + 0 30 440: SEQUENCE { + 4 30 375: SEQUENCE { + 8 A0 3: [0] { + 10 02 1: INTEGER 2 + : } + 13 02 2: INTEGER 210 + + + +Hoffman, Ed. Informational [Page 27] + +RFC 4134 Examples of S/MIME Messages July 2005 + + + 17 30 9: SEQUENCE { + 19 06 7: OBJECT IDENTIFIER dsaWithSha1 (1 2 840 10040 4 3) + : (ANSI X9.57 algorithm) + : } + 28 30 18: SEQUENCE { + 30 31 16: SET { + 32 30 14: SEQUENCE { + 34 06 3: OBJECT IDENTIFIER commonName (2 5 4 3) + : (X.520 id-at (2 5 4)) + 39 13 7: PrintableString 'CarlDSS' + : } + : } + : } + 48 30 30: SEQUENCE { + 50 17 13: UTCTime '990817020810Z' + 65 17 13: UTCTime '391231235959Z' + : } + 80 30 19: SEQUENCE { + 82 31 17: SET { + 84 30 15: SEQUENCE { + 86 06 3: OBJECT IDENTIFIER commonName (2 5 4 3) + : (X.520 id-at (2 5 4)) + 91 13 8: PrintableString 'DianeDSS' + : } + : } + : } + 101 30 147: SEQUENCE { + 104 30 9: SEQUENCE { + 106 06 7: OBJECT IDENTIFIER dsa (1 2 840 10040 4 1) + : (ANSI X9.57 algorithm) + : } + 115 03 133: BIT STRING 0 unused bits, encapsulates { + 119 02 129: INTEGER + : 00 A0 00 17 78 2C EE 7E 81 53 2E 2E + : 61 08 0F A1 9B 51 52 1A DA 59 A8 73 + : 2F 12 25 B6 08 CB CA EF 2A 44 76 8A + : 52 09 EA BD 05 22 D5 0F F6 FD 46 D7 + : AF 99 38 09 0E 13 CB 4F 2C DD 1C 34 + : F7 1C BF 25 FF 23 D3 3B 59 E7 82 97 + : 37 BE 31 24 D8 18 C8 F3 49 39 5B B7 + : E2 E5 27 7E FC 8C 45 72 5B 7E 3E 8F + : 68 4D DD 46 7A 22 BE 8E FF CC DA 39 + : 29 A3 39 E5 9F 43 E9 55 C9 D7 5B A6 + : 81 67 CC C0 AA CD 2E C5 23 + : } + : } + 251 A3 129: [3] { + 254 30 127: SEQUENCE { + + + +Hoffman, Ed. Informational [Page 28] + +RFC 4134 Examples of S/MIME Messages July 2005 + + + 256 30 12: SEQUENCE { + 258 06 3: OBJECT IDENTIFIER + : basicConstraints (2 5 29 19) + : (X.509 id-ce (2 5 29)) + 263 01 1: BOOLEAN TRUE + 266 04 2: OCTET STRING, encapsulates { + 268 30 0: SEQUENCE {} + : } + : } + 270 30 14: SEQUENCE { + 272 06 3: OBJECT IDENTIFIER keyUsage (2 5 29 15) + : (X.509 id-ce (2 5 29)) + 277 01 1: BOOLEAN TRUE + 280 04 4: OCTET STRING, encapsulates { + 282 03 2: BIT STRING 6 unused bits + : '11'B + : } + : } + 286 30 31: SEQUENCE { + 288 06 3: OBJECT IDENTIFIER + : authorityKeyIdentifier (2 5 29 35) + : (X.509 id-ce (2 5 29)) + 293 04 24: OCTET STRING, encapsulates { + 295 30 22: SEQUENCE { + 297 80 20: [0] + : 70 44 3E 82 2E 6F 87 DE 4A D3 75 E3 + : 3D 20 BC 43 2B 93 F1 1F + : } + : } + : } + 319 30 29: SEQUENCE { + 321 06 3: OBJECT IDENTIFIER + : subjectKeyIdentifier (2 5 29 14) + : (X.509 id-ce (2 5 29)) + 326 04 22: OCTET STRING, encapsulates { + 328 04 20: OCTET STRING + : 64 30 99 7D 5C DC 45 0B 99 3A 52 2F + : 16 BF 58 50 DD CE 2B 18 + : } + : } + 350 30 31: SEQUENCE { + 352 06 3: OBJECT IDENTIFIER subjectAltName (2 5 29 17) + : (X.509 id-ce (2 5 29)) + 357 04 24: OCTET STRING, encapsulates { + 359 30 22: SEQUENCE { + 361 81 20: [1] 'DianeDSS@example.com' + : } + : } + + + +Hoffman, Ed. Informational [Page 29] + +RFC 4134 Examples of S/MIME Messages July 2005 + + + : } + : } + : } + : } + 383 30 9: SEQUENCE { + 385 06 7: OBJECT IDENTIFIER dsaWithSha1 (1 2 840 10040 4 3) + : (ANSI X9.57 algorithm) + : } + 394 03 48: BIT STRING 0 unused bits, encapsulates { + 397 30 45: SEQUENCE { + 399 02 21: INTEGER + : 00 A1 1A F8 17 0E 3E 5D A8 8C F4 B6 + : 55 33 1E 4B E3 2C AC B9 5F + 422 02 20: INTEGER + : 28 4B 10 45 58 D2 1C 9D 55 35 14 18 + : 91 B2 3F 39 DF B5 6E D3 + : } + : } + : } + + DianeRSASignByCarl = + 0 30 556: SEQUENCE { + 4 30 405: SEQUENCE { + 8 A0 3: [0] { + 10 02 1: INTEGER 2 + : } + 13 02 16: INTEGER + : 46 34 6B C7 80 00 56 BC 11 D3 6E 2E + : D5 9A 30 90 + 31 30 13: SEQUENCE { + 33 06 9: OBJECT IDENTIFIER + : sha1withRSAEncryption (1 2 840 113549 1 1 5) + : (PKCS #1) + 44 05 0: NULL + : } + 46 30 18: SEQUENCE { + 48 31 16: SET { + 50 30 14: SEQUENCE { + 52 06 3: OBJECT IDENTIFIER commonName (2 5 4 3) + : (X.520 id-at (2 5 4)) + 57 13 7: PrintableString 'CarlRSA' + : } + : } + : } + 66 30 30: SEQUENCE { + 68 17 13: UTCTime '990819070000Z' + 83 17 13: UTCTime '391231235959Z' + : } + + + +Hoffman, Ed. Informational [Page 30] + +RFC 4134 Examples of S/MIME Messages July 2005 + + + 98 30 19: SEQUENCE { + 100 31 17: SET { + 102 30 15: SEQUENCE { + 104 06 3: OBJECT IDENTIFIER commonName (2 5 4 3) + : (X.520 id-at (2 5 4)) + 109 13 8: PrintableString 'DianeRSA' + : } + : } + : } + 119 30 159: SEQUENCE { + 122 30 13: SEQUENCE { + 124 06 9: OBJECT IDENTIFIER + : rsaEncryption (1 2 840 113549 1 1 1) + : (PKCS #1) + 135 05 0: NULL + : } + 137 03 141: BIT STRING 0 unused bits, encapsulates { + 141 30 137: SEQUENCE { + 144 02 129: INTEGER + : 00 D6 FD B8 C0 70 C6 4C 25 EC EA CF + : EA 7C BB A2 62 FA F0 E6 32 3A 53 FF + : B1 92 5A 17 F4 20 E1 99 24 82 0A D0 + : F6 7C FB 44 CA 8B 27 06 F1 7E 26 03 + : A9 76 9D CF EC A0 2C 70 96 F2 83 42 + : F6 D4 B7 28 0A BB F8 BF 4A 4C 19 3F + : 07 DB A0 C1 60 1E B7 7E 67 F7 DE B1 + : C3 60 49 AC 45 D7 F8 C6 EF 08 37 21 + : 93 47 EE F0 73 35 72 B0 02 C4 F3 11 + : C3 5E 47 E5 0A B7 83 F1 DB 74 69 64 + : 8B 44 1D 95 5D CD 28 C0 85 + 276 02 3: INTEGER 65537 + : } + : } + : } + 281 A3 129: [3] { + 284 30 127: SEQUENCE { + 286 30 12: SEQUENCE { + 288 06 3: OBJECT IDENTIFIER + : basicConstraints (2 5 29 19) + : (X.509 id-ce (2 5 29)) + 293 01 1: BOOLEAN TRUE + 296 04 2: OCTET STRING, encapsulates { + 298 30 0: SEQUENCE {} + : } + : } + 300 30 14: SEQUENCE { + 302 06 3: OBJECT IDENTIFIER keyUsage (2 5 29 15) + : (X.509 id-ce (2 5 29)) + + + +Hoffman, Ed. Informational [Page 31] + +RFC 4134 Examples of S/MIME Messages July 2005 + + + 307 01 1: BOOLEAN TRUE + 310 04 4: OCTET STRING, encapsulates { + 312 03 2: BIT STRING 5 unused bits + : '111'B + : } + : } + 316 30 31: SEQUENCE { + 318 06 3: OBJECT IDENTIFIER + : authorityKeyIdentifier (2 5 29 35) + : (X.509 id-ce (2 5 29)) + 323 04 24: OCTET STRING, encapsulates { + 325 30 22: SEQUENCE { + 327 80 20: [0] + : E9 E0 90 27 AC 78 20 7A 9A D3 4C F2 + : 42 37 4E 22 AE 9E 38 BB + : } + : } + : } + 349 30 29: SEQUENCE { + 351 06 3: OBJECT IDENTIFIER + : subjectKeyIdentifier (2 5 29 14) + : (X.509 id-ce (2 5 29)) + 356 04 22: OCTET STRING, encapsulates { + 358 04 20: OCTET STRING + : 8C F3 CB 75 0E 8D 31 F6 D4 29 DA 44 + : 92 75 B8 FE ED 4F 39 0C + : } + : } + 380 30 31: SEQUENCE { + 382 06 3: OBJECT IDENTIFIER subjectAltName (2 5 29 17) + : (X.509 id-ce (2 5 29)) + 387 04 24: OCTET STRING, encapsulates { + 389 30 22: SEQUENCE { + 391 81 20: [1] 'DianeRSA@example.com' + : } + : } + : } + : } + : } + : } + 413 30 13: SEQUENCE { + 415 06 9: OBJECT IDENTIFIER + : sha1withRSAEncryption (1 2 840 113549 1 1 5) + : (PKCS #1) + 426 05 0: NULL + : } + 428 03 129: BIT STRING 0 unused bits + : 7D A6 2C B5 78 42 D6 79 F3 31 FE F6 + + + +Hoffman, Ed. Informational [Page 32] + +RFC 4134 Examples of S/MIME Messages July 2005 + + + : 42 CA 0F 13 07 92 09 1B E0 6F B0 91 + : 18 F6 BF 4A FB CC 63 79 FB 81 BF DD + : 97 C7 90 6B CB 0A 37 2B 41 6A 03 98 + : C5 1B 3E 32 C8 45 2B 86 01 9C 1C E2 + : 36 EF 16 C1 1A 92 B8 BE 62 FB 53 3E + : 49 47 0B C4 B9 E4 2B 58 A6 06 83 F0 + : B2 A7 BB 85 7E D5 C6 DA CE 9C 7B 31 + : 72 D7 A2 EA 41 AB 6A C0 DD 1F B9 14 + : 44 18 CF 84 57 66 E8 C5 E6 B8 DC 2D + : B3 1F 1B 28 43 36 75 7A + : } + +2.4. CRLs + + CarlDSSCRLForAll = + 0 30 216: SEQUENCE { + 3 30 153: SEQUENCE { + 6 30 9: SEQUENCE { + 8 06 7: OBJECT IDENTIFIER dsaWithSha1 (1 2 840 10040 4 3) + : (ANSI X9.57 algorithm) + : } + 17 30 18: SEQUENCE { + 19 31 16: SET { + 21 30 14: SEQUENCE { + 23 06 3: OBJECT IDENTIFIER commonName (2 5 4 3) + : (X.520 id-at (2 5 4)) + 28 13 7: PrintableString 'CarlDSS' + : } + : } + : } + 37 17 13: UTCTime '990827070000Z' + 52 30 105: SEQUENCE { + 54 30 19: SEQUENCE { + 56 02 2: INTEGER 200 + 60 17 13: UTCTime '990822070000Z' + : } + 75 30 19: SEQUENCE { + 77 02 2: INTEGER 201 + 81 17 13: UTCTime '990822070000Z' + : } + 96 30 19: SEQUENCE { + 98 02 2: INTEGER 211 + 102 17 13: UTCTime '990822070000Z' + : } + 117 30 19: SEQUENCE { + 119 02 2: INTEGER 210 + 123 17 13: UTCTime '990822070000Z' + : } + + + +Hoffman, Ed. Informational [Page 33] + +RFC 4134 Examples of S/MIME Messages July 2005 + + + 138 30 19: SEQUENCE { + 140 02 2: INTEGER 212 + 144 17 13: UTCTime '990824070000Z' + : } + : } + : } + 159 30 9: SEQUENCE { + 161 06 7: OBJECT IDENTIFIER dsaWithSha1 (1 2 840 10040 4 3) + : (ANSI X9.57 algorithm) + : } + 170 03 47: BIT STRING 0 unused bits, encapsulates { + 173 30 44: SEQUENCE { + 175 02 20: INTEGER + : 7E 65 52 76 33 FE 34 73 17 D1 F7 96 + : F9 A0 D4 D8 6D 5C 7D 3D + 197 02 20: INTEGER + : 02 7A 5B B7 D5 5B 18 C1 CF 87 EF 7E + : DA 24 F3 2A 83 9C 35 A1 + : } + : } + : } + + CarlDSSCRLForCarl = + 0 30 131: SEQUENCE { + 3 30 68: SEQUENCE { + 5 30 9: SEQUENCE { + 7 06 7: OBJECT IDENTIFIER dsaWithSha1 (1 2 840 10040 4 3) + : (ANSI X9.57 algorithm) + : } + 16 30 18: SEQUENCE { + 18 31 16: SET { + 20 30 14: SEQUENCE { + 22 06 3: OBJECT IDENTIFIER commonName (2 5 4 3) + : (X.520 id-at (2 5 4)) + 27 13 7: PrintableString 'CarlDSS' + : } + : } + : } + 36 17 13: UTCTime '990825070000Z' + 51 30 20: SEQUENCE { + 53 30 18: SEQUENCE { + 55 02 1: INTEGER 1 + 58 17 13: UTCTime '990822070000Z' + : } + : } + : } + 73 30 9: SEQUENCE { + 75 06 7: OBJECT IDENTIFIER dsaWithSha1 (1 2 840 10040 4 3) + + + +Hoffman, Ed. Informational [Page 34] + +RFC 4134 Examples of S/MIME Messages July 2005 + + + : (ANSI X9.57 algorithm) + : } + 84 03 48: BIT STRING 0 unused bits, encapsulates { + 87 30 45: SEQUENCE { + 89 02 21: INTEGER + : 00 B3 1F C5 4F 7A 3D EC 76 D5 60 F9 + : DE 79 22 EC 4F B0 90 FE 97 + 112 02 20: INTEGER + : 5A 8B C3 84 BC 66 87 1B BF 79 82 5B + : 0A 5D 07 F6 BA A9 05 29 + : } + : } + : } + + CarlDSSCRLEmpty = + 0 30 109: SEQUENCE { + 2 30 46: SEQUENCE { + 4 30 9: SEQUENCE { + 6 06 7: OBJECT IDENTIFIER dsaWithSha1 (1 2 840 10040 4 3) + : (ANSI X9.57 algorithm) + : } + 15 30 18: SEQUENCE { + 17 31 16: SET { + 19 30 14: SEQUENCE { + 21 06 3: OBJECT IDENTIFIER commonName (2 5 4 3) + : (X.520 id-at (2 5 4)) + 26 13 7: PrintableString 'CarlDSS' + : } + : } + : } + 35 17 13: UTCTime '990820070000Z' + : } + 50 30 9: SEQUENCE { + 52 06 7: OBJECT IDENTIFIER dsaWithSha1 (1 2 840 10040 4 3) + : (ANSI X9.57 algorithm) + : } + 61 03 48: BIT STRING 0 unused bits, encapsulates { + 64 30 45: SEQUENCE { + 66 02 20: INTEGER + : 62 3F 36 17 31 58 2E 67 50 79 F5 09 + : 4B 8C AD D4 6B F4 64 9F + 88 02 21: INTEGER + : 00 B5 3B 4E A1 4C 7B FD 0F C3 8D 9B + : B6 FE C3 5D 6F DE 65 28 7D + : } + : } + : } + + + + +Hoffman, Ed. Informational [Page 35] + +RFC 4134 Examples of S/MIME Messages July 2005 + + + CarlRSACRLForAll = + 0 30 307: SEQUENCE { + 4 30 157: SEQUENCE { + 7 30 13: SEQUENCE { + 9 06 9: OBJECT IDENTIFIER + : md5withRSAEncryption (1 2 840 113549 1 1 4) + : (PKCS #1) + 20 05 0: NULL + : } + 22 30 18: SEQUENCE { + 24 31 16: SET { + 26 30 14: SEQUENCE { + 28 06 3: OBJECT IDENTIFIER commonName (2 5 4 3) + : (X.520 id-at (2 5 4)) + 33 13 7: PrintableString 'CarlRSA' + : } + : } + : } + 42 17 13: UTCTime '990827070000Z' + 57 30 105: SEQUENCE { + 59 30 33: SEQUENCE { + 61 02 16: INTEGER + : 46 34 6B C7 80 00 56 BC 11 D3 6E 2E + : C4 10 B3 B0 + 79 17 13: UTCTime '990822070000Z' + : } + 94 30 33: SEQUENCE { + 96 02 16: INTEGER + : 46 34 6B C7 80 00 56 BC 11 D3 6E 2E + : D5 9A 30 90 + 114 17 13: UTCTime '990822070000Z' + : } + 129 30 33: SEQUENCE { + 131 02 16: INTEGER + : 46 34 6B C7 80 00 56 BC 11 D3 6E 2E + : CD 5D 71 D0 + 149 17 13: UTCTime '990824070000Z' + : } + : } + : } + 164 30 13: SEQUENCE { + 166 06 9: OBJECT IDENTIFIER + : md5withRSAEncryption (1 2 840 113549 1 1 4) + : (PKCS #1) + 177 05 0: NULL + : } + 179 03 129: BIT STRING 0 unused bits + : BF B3 97 AA 53 F0 32 21 16 2B 77 92 + + + +Hoffman, Ed. Informational [Page 36] + +RFC 4134 Examples of S/MIME Messages July 2005 + + + : 7A 6B BB 97 C8 DC EA F1 FA 66 16 30 + : 0E B5 9E 5C F0 81 D4 5E B3 6E C1 88 + : 6B 8C D4 5E C5 4D FB 47 5E 66 F3 5D + : AB E5 B4 18 36 60 A8 4D 9C 3C 89 EC + : 6F 27 BF 35 50 71 81 C2 B9 44 5B 62 + : 89 19 12 31 A9 7B 9A D3 CC 66 CB 11 + : D9 0B 10 47 77 AD 4F 22 D9 E5 7F 30 + : F2 5B FC 94 51 A5 58 76 3B 1F A8 46 + : A6 1F F6 A1 DE 55 A1 ED 31 88 69 97 + : 0F 08 D3 D4 0C 60 5B 1E + : } + + CarlRSACRLForCarl = + 0 30 236: SEQUENCE { + 3 30 87: SEQUENCE { + 5 30 13: SEQUENCE { + 7 06 9: OBJECT IDENTIFIER + : md5withRSAEncryption (1 2 840 113549 1 1 4) + : (PKCS #1) + 18 05 0: NULL + : } + 20 30 18: SEQUENCE { + 22 31 16: SET { + 24 30 14: SEQUENCE { + 26 06 3: OBJECT IDENTIFIER commonName (2 5 4 3) + : (X.520 id-at (2 5 4)) + 31 13 7: PrintableString 'CarlRSA' + : } + : } + : } + 40 17 13: UTCTime '990825070000Z' + 55 30 35: SEQUENCE { + 57 30 33: SEQUENCE { + 59 02 16: INTEGER + : 46 34 6B C7 80 00 56 BC 11 D3 6E 2E + : 9F F2 50 20 + 77 17 13: UTCTime '990822070000Z' + : } + : } + : } + 92 30 13: SEQUENCE { + 94 06 9: OBJECT IDENTIFIER + : md5withRSAEncryption (1 2 840 113549 1 1 4) + : (PKCS #1) + 105 05 0: NULL + : } + 107 03 129: BIT STRING 0 unused bits + : 21 EF 21 D4 C1 1A 85 95 49 6B CA 45 + + + +Hoffman, Ed. Informational [Page 37] + +RFC 4134 Examples of S/MIME Messages July 2005 + + + : 62 DC D7 09 FF A9 51 2E 8E D9 47 18 + : FA F8 E5 72 DD 4F ED 74 74 E3 F3 65 + : 32 65 28 2C 9A 1D 57 E5 D5 26 06 EA + : D5 E6 23 95 84 8D 0E 89 9E EE 9B 0C + : 2F CE 07 F7 A3 D1 6B 85 4C 0F FF E6 + : DD FC DC CD 73 2C 1E 7D DC B0 71 C5 + : 4C FC 01 6E 52 57 69 1E 39 63 DF 12 + : 22 30 C7 13 55 94 05 6E 2A 00 A9 5B + : C4 2A 66 94 62 CE 36 33 C2 2B 63 47 + : 25 9D F3 DE 70 EE 00 56 + : } + + CarlRSACRLEmpty = + 0 30 199: SEQUENCE { + 3 30 50: SEQUENCE { + 5 30 13: SEQUENCE { + 7 06 9: OBJECT IDENTIFIER + : md5withRSAEncryption (1 2 840 113549 1 1 4) + : (PKCS #1) + 18 05 0: NULL + : } + 20 30 18: SEQUENCE { + 22 31 16: SET { + 24 30 14: SEQUENCE { + 26 06 3: OBJECT IDENTIFIER commonName (2 5 4 3) + : (X.520 id-at (2 5 4)) + 31 13 7: PrintableString 'CarlRSA' + : } + : } + : } + 40 17 13: UTCTime '990820070000Z' + : } + 55 30 13: SEQUENCE { + 57 06 9: OBJECT IDENTIFIER + : md5withRSAEncryption (1 2 840 113549 1 1 4) + : (PKCS #1) + 68 05 0: NULL + : } + 70 03 129: BIT STRING 0 unused bits + : A9 C5 21 B8 13 7C 74 F3 B5 11 EC 04 + : F3 20 45 86 1E 0B 6E 7F 83 6D 5F F4 + : 34 76 06 59 25 0E 04 3D 88 09 88 81 + : 37 C4 DC 20 98 FA 17 81 0B 37 94 AC + : B4 8F 7B 51 89 14 A4 CB 72 73 14 07 + : BC 22 9C 40 A1 07 FC 44 7C 85 0F 0B + : 88 D1 EE E1 0E AF F6 16 74 AD A1 AF + : C1 00 75 00 64 EA A5 9A F6 0B 08 A2 + : DB 95 19 5F A6 A7 B9 39 45 25 0A 0E + + + +Hoffman, Ed. Informational [Page 38] + +RFC 4134 Examples of S/MIME Messages July 2005 + + + : F6 5E 84 E7 F8 B9 5A C9 18 C2 0E B8 + : A0 96 BE 81 3A 80 6D C9 + : } + +3. Trivial Examples + + This section covers examples of small CMS types. + +3.1. ContentInfo with Data Type, BER + + The object is a ContentInfo containing a Data object in BER format + that is ExContent. + + 0 30 NDEF: SEQUENCE { + 2 06 9: OBJECT IDENTIFIER data (1 2 840 113549 1 7 1) + : (PKCS #7) + 13 A0 NDEF: [0] { + 15 24 NDEF: OCTET STRING { + 17 04 4: OCTET STRING 'This' + 23 04 24: OCTET STRING ' is some sample content.' + : } + : } + : } + +3.2. ContentInfo with Data Type, DER + + The object is a ContentInfo containing a Data object in DER format + that is ExContent. + + 0 30 43: SEQUENCE { + 2 06 9: OBJECT IDENTIFIER data (1 2 840 113549 1 7 1) + : (PKCS #7) + 13 A0 30: [0] { + 15 04 28: OCTET STRING 'This is some sample content.' + : } + : } + +4. Signed-data + +4.1. Basic Signed Content, DSS + + A SignedData with no attribute certificates, signed by Alice using + DSS, just her certificate (not Carl's root cert), no CRL. The + message is ExContent, and is included in the eContent. There are no + signed or unsigned attributes. + + + + + + +Hoffman, Ed. Informational [Page 39] + +RFC 4134 Examples of S/MIME Messages July 2005 + + + 0 30 919: SEQUENCE { + 4 06 9: OBJECT IDENTIFIER signedData (1 2 840 113549 1 7 2) + : (PKCS #7) + 15 A0 904: [0] { + 19 30 900: SEQUENCE { + 23 02 1: INTEGER 1 + 26 31 9: SET { + 28 30 7: SEQUENCE { + 30 06 5: OBJECT IDENTIFIER sha1 (1 3 14 3 2 26) + : (OIW) + : } + : } + 37 30 43: SEQUENCE { + 39 06 9: OBJECT IDENTIFIER data (1 2 840 113549 1 7 1) + : (PKCS #7) + 50 A0 30: [0] { + 52 04 28: OCTET STRING 'This is some sample content.' + : } + : } + 82 A0 736: [0] { + 86 30 732: SEQUENCE { + 90 30 667: SEQUENCE { + 94 A0 3: [0] { + 96 02 1: INTEGER 2 + : } + 99 02 2: INTEGER 200 + 103 30 9: SEQUENCE { + 105 06 7: OBJECT IDENTIFIER + : dsaWithSha1 (1 2 840 10040 4 3) + : (ANSI X9.57 algorithm) + : } + 114 30 18: SEQUENCE { + 116 31 16: SET { + 118 30 14: SEQUENCE { + 120 06 3: OBJECT IDENTIFIER + : commonName (2 5 4 3) + : (X.520 id-at (2 5 4)) + 125 13 7: PrintableString 'CarlDSS' + : } + : } + : } + 134 30 30: SEQUENCE { + 136 17 13: UTCTime '990817011049Z' + 151 17 13: UTCTime '391231235959Z' + : } + 166 30 19: SEQUENCE { + 168 31 17: SET { + 170 30 15: SEQUENCE { + + + +Hoffman, Ed. Informational [Page 40] + +RFC 4134 Examples of S/MIME Messages July 2005 + + + 172 06 3: OBJECT IDENTIFIER + : commonName (2 5 4 3) + : (X.520 id-at (2 5 4)) + 177 13 8: PrintableString 'AliceDSS' + : } + : } + : } + 187 30 438: SEQUENCE { + 191 30 299: SEQUENCE { + 195 06 7: OBJECT IDENTIFIER + : dsa (1 2 840 10040 4 1) + : (ANSI X9.57 algorithm) + 204 30 286: SEQUENCE { + 208 02 129: INTEGER + : 00 81 8D CD ED 83 EA 0A 9E 39 3E C2 + : 48 28 A3 E4 47 93 DD 0E D7 A8 0E EC + : 53 C5 AB 84 08 4F FF 94 E1 73 48 7E + : 0C D6 F3 44 48 D1 FE 9F AF A4 A1 89 + : 2F E1 D9 30 C8 36 DE 3F 9B BF B7 4C + : DC 5F 69 8A E4 75 D0 37 0C 91 08 95 + : 9B DE A7 5E F9 FC F4 9F 2F DD 43 A8 + : 8B 54 F1 3F B0 07 08 47 4D 5D 88 C3 + : C3 B5 B3 E3 55 08 75 D5 39 76 10 C4 + : 78 BD FF 9D B0 84 97 37 F2 E4 51 1B + : B5 E4 09 96 5C F3 7E 5B DB + 340 02 21: INTEGER + : 00 E2 47 A6 1A 45 66 B8 13 C6 DA 8F + : B8 37 21 2B 62 8B F7 93 CD + 363 02 128: INTEGER + : 26 38 D0 14 89 32 AA 39 FB 3E 6D D9 + : 4B 59 6A 4C 76 23 39 04 02 35 5C F2 + : CB 1A 30 C3 1E 50 5D DD 9B 59 E2 CD + : AA 05 3D 58 C0 7B A2 36 B8 6E 07 AF + : 7D 8A 42 25 A7 F4 75 CF 4A 08 5E 4B + : 3E 90 F8 6D EA 9C C9 21 8A 3B 76 14 + : E9 CE 2E 5D A3 07 CD 23 85 B8 2F 30 + : 01 7C 6D 49 89 11 89 36 44 BD F8 C8 + : 95 4A 53 56 B5 E2 F9 73 EC 1A 61 36 + : 1F 11 7F C2 BD ED D1 50 FF 98 74 C2 + : D1 81 4A 60 39 BA 36 39 + : } + : } + 494 03 132: BIT STRING 0 unused bits, encapsulates { + 498 02 128: INTEGER + : 5C E3 B9 5A 75 14 96 0B A9 7A DD E3 + : 3F A9 EC AC 5E DC BD B7 13 11 34 A6 + : 16 89 28 11 23 D9 34 86 67 75 75 13 + : 12 3D 43 5B 6F E5 51 BF FA 89 F2 A2 + + + +Hoffman, Ed. Informational [Page 41] + +RFC 4134 Examples of S/MIME Messages July 2005 + + + : 1B 3E 24 7D 3D 07 8D 5B 63 C8 BB 45 + : A5 A0 4A E3 85 D6 CE 06 80 3F E8 23 + : 7E 1A F2 24 AB 53 1A B8 27 0D 1E EF + : 08 BF 66 14 80 5C 62 AC 65 FA 15 8B + : F1 BB 34 D4 D2 96 37 F6 61 47 B2 C4 + : 32 84 F0 7E 41 40 FD 46 A7 63 4E 33 + : F2 A5 E2 F4 F2 83 E5 B8 + : } + : } + 629 A3 129: [3] { + 632 30 127: SEQUENCE { + 634 30 12: SEQUENCE { + 636 06 3: OBJECT IDENTIFIER + : basicConstraints (2 5 29 19) + : (X.509 id-ce (2 5 29)) + 641 01 1: BOOLEAN TRUE + 644 04 2: OCTET STRING, encapsulates { + 646 30 0: SEQUENCE {} + : } + : } + 648 30 14: SEQUENCE { + 650 06 3: OBJECT IDENTIFIER + : keyUsage (2 5 29 15) + : (X.509 id-ce (2 5 29)) + 655 01 1: BOOLEAN TRUE + 658 04 4: OCTET STRING, encapsulates { + 660 03 2: BIT STRING 6 unused bits + : '11'B + : } + : } + 664 30 31: SEQUENCE { + 666 06 3: OBJECT IDENTIFIER + : authorityKeyIdentifier (2 5 29 35) + : (X.509 id-ce (2 5 29)) + 671 04 24: OCTET STRING, encapsulates { + 673 30 22: SEQUENCE { + 675 80 20: [0] + : 70 44 3E 82 2E 6F 87 DE 4A D3 75 E3 + : 3D 20 BC 43 2B 93 F1 1F + : } + : } + : } + 697 30 29: SEQUENCE { + 699 06 3: OBJECT IDENTIFIER + : subjectKeyIdentifier (2 5 29 14) + : (X.509 id-ce (2 5 29)) + 704 04 22: OCTET STRING, encapsulates { + 706 04 20: OCTET STRING + + + +Hoffman, Ed. Informational [Page 42] + +RFC 4134 Examples of S/MIME Messages July 2005 + + + : BE 6C A1 B3 E3 C1 F7 ED 43 70 A4 CE + : 13 01 E2 FD E3 97 FE CD + : } + : } + 728 30 31: SEQUENCE { + 730 06 3: OBJECT IDENTIFIER + : subjectAltName (2 5 29 17) + : (X.509 id-ce (2 5 29)) + 735 04 24: OCTET STRING, encapsulates { + 737 30 22: SEQUENCE { + 739 81 20: [1] 'AliceDSS@example.com' + : } + : } + : } + : } + : } + : } + 761 30 9: SEQUENCE { + 763 06 7: OBJECT IDENTIFIER + : dsaWithSha1 (1 2 840 10040 4 3) + : (ANSI X9.57 algorithm) + : } + 772 03 48: BIT STRING 0 unused bits, encapsulates { + 775 30 45: SEQUENCE { + 777 02 20: INTEGER + : 55 0C A4 19 1F 42 2B 89 71 22 33 8D + : 83 6A B5 3D 67 6B BF 45 + 799 02 21: INTEGER + : 00 9F 61 53 52 54 0B 5C B2 DD DA E7 + : 76 1D E2 10 52 5B 43 5E BD + : } + : } + : } + : } + 822 31 99: SET { + 824 30 97: SEQUENCE { + 826 02 1: INTEGER 1 + 829 30 24: SEQUENCE { + 831 30 18: SEQUENCE { + 833 31 16: SET { + 835 30 14: SEQUENCE { + 837 06 3: OBJECT IDENTIFIER + : commonName (2 5 4 3) + : (X.520 id-at (2 5 4)) + 842 13 7: PrintableString 'CarlDSS' + : } + : } + : } + + + +Hoffman, Ed. Informational [Page 43] + +RFC 4134 Examples of S/MIME Messages July 2005 + + + 851 02 2: INTEGER 200 + : } + 855 30 7: SEQUENCE { + 857 06 5: OBJECT IDENTIFIER sha1 (1 3 14 3 2 26) + : (OIW) + : } + 864 30 9: SEQUENCE { + 866 06 7: OBJECT IDENTIFIER + : dsaWithSha1 (1 2 840 10040 4 3) + : (ANSI X9.57 algorithm) + : } + 875 04 46: OCTET STRING, encapsulates { + 877 30 44: SEQUENCE { + 879 02 20: INTEGER + : 09 91 FE EB D2 69 F5 18 B7 D7 CD 55 + : F4 81 EA 2A 42 6A AD 03 + 901 02 20: INTEGER + : 3A 07 CC C3 21 BE E1 1A 4B 7F 3E B5 + : 0D DB BA 1C EA BC CD 89 + : } + : } + : } + : } + : } + : } + : } + +4.2. Basic Signed Content, RSA + + Same as 4.1, except using RSA signatures. A SignedData with no + attribute certificates, signed by Alice using RSA, just her + certificate (not Carl's root cert), no CRL. The message is + ExContent, and is included in the eContent. There are no signed or + unsigned attributes. + + 0 30 850: SEQUENCE { + 4 06 9: OBJECT IDENTIFIER signedData (1 2 840 113549 1 7 2) + : (PKCS #7) + 15 A0 835: [0] { + 19 30 831: SEQUENCE { + 23 02 1: INTEGER 1 + 26 31 11: SET { + 28 30 9: SEQUENCE { + 30 06 5: OBJECT IDENTIFIER sha1 (1 3 14 3 2 26) + : (OIW) + 37 05 0: NULL + : } + : } + + + +Hoffman, Ed. Informational [Page 44] + +RFC 4134 Examples of S/MIME Messages July 2005 + + + 39 30 43: SEQUENCE { + 41 06 9: OBJECT IDENTIFIER data (1 2 840 113549 1 7 1) + : (PKCS #7) + 52 A0 30: [0] { + 54 04 28: OCTET STRING 'This is some sample content.' + : } + : } + 84 A0 560: [0] { + 88 30 556: SEQUENCE { + 92 30 405: SEQUENCE { + 96 A0 3: [0] { + 98 02 1: INTEGER 2 + : } + 101 02 16: INTEGER + : 46 34 6B C7 80 00 56 BC 11 D3 6E 2E + : C4 10 B3 B0 + 119 30 13: SEQUENCE { + 121 06 9: OBJECT IDENTIFIER + : sha1withRSAEncryption + : (1 2 840 113549 1 1 5) + : (PKCS #1) + 132 05 0: NULL + : } + 134 30 18: SEQUENCE { + 136 31 16: SET { + 138 30 14: SEQUENCE { + 140 06 3: OBJECT IDENTIFIER + : commonName (2 5 4 3) + : (X.520 id-at (2 5 4)) + 145 13 7: PrintableString 'CarlRSA' + : } + : } + : } + 154 30 30: SEQUENCE { + 156 17 13: UTCTime '990919010847Z' + 171 17 13: UTCTime '391231235959Z' + : } + 186 30 19: SEQUENCE { + 188 31 17: SET { + 190 30 15: SEQUENCE { + 192 06 3: OBJECT IDENTIFIER + : commonName (2 5 4 3) + : (X.520 id-at (2 5 4)) + 197 13 8: PrintableString 'AliceRSA' + : } + : } + : } + 207 30 159: SEQUENCE { + + + +Hoffman, Ed. Informational [Page 45] + +RFC 4134 Examples of S/MIME Messages July 2005 + + + 210 30 13: SEQUENCE { + 212 06 9: OBJECT IDENTIFIER + : rsaEncryption (1 2 840 113549 1 1 1) + : (PKCS #1) + 223 05 0: NULL + : } + 225 03 141: BIT STRING 0 unused bits, encapsulates { + 229 30 137: SEQUENCE { + 232 02 129: INTEGER + : 00 E0 89 73 39 8D D8 F5 F5 E8 87 76 + : 39 7F 4E B0 05 BB 53 83 DE 0F B7 AB + : DC 7D C7 75 29 0D 05 2E 6D 12 DF A6 + : 86 26 D4 D2 6F AA 58 29 FC 97 EC FA + : 82 51 0F 30 80 BE B1 50 9E 46 44 F1 + : 2C BB D8 32 CF C6 68 6F 07 D9 B0 60 + : AC BE EE 34 09 6A 13 F5 F7 05 05 93 + : DF 5E BA 35 56 D9 61 FF 19 7F C9 81 + : E6 F8 6C EA 87 40 70 EF AC 6D 2C 74 + : 9F 2D FA 55 3A B9 99 77 02 A6 48 52 + : 8C 4E F3 57 38 57 74 57 5F + 364 02 3: INTEGER 65537 + : } + : } + : } + 369 A3 129: [3] { + 372 30 127: SEQUENCE { + 374 30 12: SEQUENCE { + 376 06 3: OBJECT IDENTIFIER + : basicConstraints (2 5 29 19) + : (X.509 id-ce (2 5 29)) + 381 01 1: BOOLEAN TRUE + 384 04 2: OCTET STRING, encapsulates { + 386 30 0: SEQUENCE {} + : } + : } + 388 30 14: SEQUENCE { + 390 06 3: OBJECT IDENTIFIER + : keyUsage (2 5 29 15) + : (X.509 id-ce (2 5 29)) + 395 01 1: BOOLEAN TRUE + 398 04 4: OCTET STRING, encapsulates { + 400 03 2: BIT STRING 6 unused bits + : '11'B + : } + : } + 404 30 31: SEQUENCE { + 406 06 3: OBJECT IDENTIFIER + : authorityKeyIdentifier (2 5 29 35) + + + +Hoffman, Ed. Informational [Page 46] + +RFC 4134 Examples of S/MIME Messages July 2005 + + + : (X.509 id-ce (2 5 29)) + 411 04 24: OCTET STRING, encapsulates { + 413 30 22: SEQUENCE { + 415 80 20: [0] + : E9 E0 90 27 AC 78 20 7A 9A D3 4C F2 + : 42 37 4E 22 AE 9E 38 BB + : } + : } + : } + 437 30 29: SEQUENCE { + 439 06 3: OBJECT IDENTIFIER + : subjectKeyIdentifier (2 5 29 14) + : (X.509 id-ce (2 5 29)) + 444 04 22: OCTET STRING, encapsulates { + 446 04 20: OCTET STRING + : 77 D2 B4 D1 B7 4C 8A 8A A3 CE 45 9D + : CE EC 3C A0 3A E3 FF 50 + : } + : } + 468 30 31: SEQUENCE { + 470 06 3: OBJECT IDENTIFIER + : subjectAltName (2 5 29 17) + : (X.509 id-ce (2 5 29)) + 475 04 24: OCTET STRING, encapsulates { + 477 30 22: SEQUENCE { + 479 81 20: [1] 'AliceRSA@example.com' + : } + : } + : } + : } + : } + : } + 501 30 13: SEQUENCE { + 503 06 9: OBJECT IDENTIFIER + : sha1withRSAEncryption + : (1 2 840 113549 1 1 5) + : (PKCS #1) + 514 05 0: NULL + : } + 516 03 129: BIT STRING 0 unused bits + : 3E 70 47 A8 48 CC 13 58 8F CA 51 71 + : 6B 4E 36 18 5D 04 7E 80 B1 8D 4D CC + : CA A3 8F CC 7D 56 C8 BC CF 6E B3 1C + : 59 A9 20 AA 05 81 A8 4E 25 AD A7 70 + : 14 75 2F F5 C7 9B D1 0E E9 63 D2 64 + : B7 C6 66 6E 73 21 54 DF F4 BA 25 5D + : 7D 49 D3 94 6B 22 36 74 73 B8 4A EC + : 2F 64 ED D3 3D D2 A7 42 C5 E8 37 8A + + + +Hoffman, Ed. Informational [Page 47] + +RFC 4134 Examples of S/MIME Messages July 2005 + + + : B4 DB 9F 67 E4 BD 9F F9 FE 74 EF EA + : F9 EE 63 6A D8 3F 4B 25 09 B5 D8 1A + : 76 AE EB 9B DB 49 B0 22 + : } + : } + 648 31 203: SET { + 651 30 200: SEQUENCE { + 654 02 1: INTEGER 1 + 657 30 38: SEQUENCE { + 659 30 18: SEQUENCE { + 661 31 16: SET { + 663 30 14: SEQUENCE { + 665 06 3: OBJECT IDENTIFIER + : commonName (2 5 4 3) + : (X.520 id-at (2 5 4)) + 670 13 7: PrintableString 'CarlRSA' + : } + : } + : } + 679 02 16: INTEGER + : 46 34 6B C7 80 00 56 BC 11 D3 6E 2E + : C4 10 B3 B0 + : } + 697 30 9: SEQUENCE { + 699 06 5: OBJECT IDENTIFIER sha1 (1 3 14 3 2 26) + : (OIW) + 706 05 0: NULL + : } + 708 30 13: SEQUENCE { + 710 06 9: OBJECT IDENTIFIER + : rsaEncryption (1 2 840 113549 1 1 1) + : (PKCS #1) + 721 05 0: NULL + : } + 723 04 128: OCTET STRING + : 2F 23 82 D2 F3 09 5F B8 0C 58 EB 4E + : 9D BF 89 9A 81 E5 75 C4 91 3D D3 D0 + : D5 7B B6 D5 FE 94 A1 8A AC E3 C4 84 + : F5 CD 60 4E 27 95 F6 CF 00 86 76 75 + : 3F 2B F0 E7 D4 02 67 A7 F5 C7 8D 16 + : 04 A5 B3 B5 E7 D9 32 F0 24 EF E7 20 + : 44 D5 9F 07 C5 53 24 FA CE 01 1D 0F + : 17 13 A7 2A 95 9D 2B E4 03 95 14 0B + : E9 39 0D BA CE 6E 9C 9E 0C E8 98 E6 + : 55 13 D4 68 6F D0 07 D7 A2 B1 62 4C + : E3 8F AF FD E0 D5 5D C7 + : } + : } + + + +Hoffman, Ed. Informational [Page 48] + +RFC 4134 Examples of S/MIME Messages July 2005 + + + : } + : } + : } + +4.3. Basic Signed Content, Detached Content + + Same as 4.1, except with no eContent. A SignedData with no attribute + certificates, signed by Alice using DSS, just her certificate (not + Carl's root cert), no CRL. The message is ExContent, but the + eContent is not included. There are no signed or unsigned + attributes. + + 0 30 887: SEQUENCE { + 4 06 9: OBJECT IDENTIFIER signedData (1 2 840 113549 1 7 2) + : (PKCS #7) + 15 A0 872: [0] { + 19 30 868: SEQUENCE { + 23 02 1: INTEGER 1 + 26 31 9: SET { + 28 30 7: SEQUENCE { + 30 06 5: OBJECT IDENTIFIER sha1 (1 3 14 3 2 26) + : (OIW) + : } + : } + 37 30 11: SEQUENCE { + 39 06 9: OBJECT IDENTIFIER data (1 2 840 113549 1 7 1) + : (PKCS #7) + : } + 50 A0 736: [0] { + 54 30 732: SEQUENCE { + 58 30 667: SEQUENCE { + 62 A0 3: [0] { + 64 02 1: INTEGER 2 + : } + 67 02 2: INTEGER 200 + 71 30 9: SEQUENCE { + 73 06 7: OBJECT IDENTIFIER + : dsaWithSha1 (1 2 840 10040 4 3) + : (ANSI X9.57 algorithm) + : } + 82 30 18: SEQUENCE { + 84 31 16: SET { + 86 30 14: SEQUENCE { + 88 06 3: OBJECT IDENTIFIER + : commonName (2 5 4 3) + : (X.520 id-at (2 5 4)) + 93 13 7: PrintableString 'CarlDSS' + : } + + + +Hoffman, Ed. Informational [Page 49] + +RFC 4134 Examples of S/MIME Messages July 2005 + + + : } + : } + 102 30 30: SEQUENCE { + 104 17 13: UTCTime '990817011049Z' + 119 17 13: UTCTime '391231235959Z' + : } + 134 30 19: SEQUENCE { + 136 31 17: SET { + 138 30 15: SEQUENCE { + 140 06 3: OBJECT IDENTIFIER + : commonName (2 5 4 3) + : (X.520 id-at (2 5 4)) + 145 13 8: PrintableString 'AliceDSS' + : } + : } + : } + 155 30 438: SEQUENCE { + 159 30 299: SEQUENCE { + 163 06 7: OBJECT IDENTIFIER + : dsa (1 2 840 10040 4 1) + : (ANSI X9.57 algorithm) + 172 30 286: SEQUENCE { + 176 02 129: INTEGER + : 00 81 8D CD ED 83 EA 0A 9E 39 3E C2 + : 48 28 A3 E4 47 93 DD 0E D7 A8 0E EC + : 53 C5 AB 84 08 4F FF 94 E1 73 48 7E + : 0C D6 F3 44 48 D1 FE 9F AF A4 A1 89 + : 2F E1 D9 30 C8 36 DE 3F 9B BF B7 4C + : DC 5F 69 8A E4 75 D0 37 0C 91 08 95 + : 9B DE A7 5E F9 FC F4 9F 2F DD 43 A8 + : 8B 54 F1 3F B0 07 08 47 4D 5D 88 C3 + : C3 B5 B3 E3 55 08 75 D5 39 76 10 C4 + : 78 BD FF 9D B0 84 97 37 F2 E4 51 1B + : B5 E4 09 96 5C F3 7E 5B DB + 308 02 21: INTEGER + : 00 E2 47 A6 1A 45 66 B8 13 C6 DA 8F + : B8 37 21 2B 62 8B F7 93 CD + 331 02 128: INTEGER + : 26 38 D0 14 89 32 AA 39 FB 3E 6D D9 + : 4B 59 6A 4C 76 23 39 04 02 35 5C F2 + : CB 1A 30 C3 1E 50 5D DD 9B 59 E2 CD + : AA 05 3D 58 C0 7B A2 36 B8 6E 07 AF + : 7D 8A 42 25 A7 F4 75 CF 4A 08 5E 4B + : 3E 90 F8 6D EA 9C C9 21 8A 3B 76 14 + : E9 CE 2E 5D A3 07 CD 23 85 B8 2F 30 + : 01 7C 6D 49 89 11 89 36 44 BD F8 C8 + : 95 4A 53 56 B5 E2 F9 73 EC 1A 61 36 + : 1F 11 7F C2 BD ED D1 50 FF 98 74 C2 + + + +Hoffman, Ed. Informational [Page 50] + +RFC 4134 Examples of S/MIME Messages July 2005 + + + : D1 81 4A 60 39 BA 36 39 + : } + : } + 462 03 132: BIT STRING 0 unused bits, encapsulates { + 466 02 128: INTEGER + : 5C E3 B9 5A 75 14 96 0B A9 7A DD E3 + : 3F A9 EC AC 5E DC BD B7 13 11 34 A6 + : 16 89 28 11 23 D9 34 86 67 75 75 13 + : 12 3D 43 5B 6F E5 51 BF FA 89 F2 A2 + : 1B 3E 24 7D 3D 07 8D 5B 63 C8 BB 45 + : A5 A0 4A E3 85 D6 CE 06 80 3F E8 23 + : 7E 1A F2 24 AB 53 1A B8 27 0D 1E EF + : 08 BF 66 14 80 5C 62 AC 65 FA 15 8B + : F1 BB 34 D4 D2 96 37 F6 61 47 B2 C4 + : 32 84 F0 7E 41 40 FD 46 A7 63 4E 33 + : F2 A5 E2 F4 F2 83 E5 B8 + : } + : } + 597 A3 129: [3] { + 600 30 127: SEQUENCE { + 602 30 12: SEQUENCE { + 604 06 3: OBJECT IDENTIFIER + : basicConstraints (2 5 29 19) + : (X.509 id-ce (2 5 29)) + 609 01 1: BOOLEAN TRUE + 612 04 2: OCTET STRING, encapsulates { + 614 30 0: SEQUENCE {} + : } + : } + 616 30 14: SEQUENCE { + 618 06 3: OBJECT IDENTIFIER + : keyUsage (2 5 29 15) + : (X.509 id-ce (2 5 29)) + 623 01 1: BOOLEAN TRUE + 626 04 4: OCTET STRING, encapsulates { + 628 03 2: BIT STRING 6 unused bits + : '11'B + : } + : } + 632 30 31: SEQUENCE { + 634 06 3: OBJECT IDENTIFIER + : authorityKeyIdentifier (2 5 29 35) + : (X.509 id-ce (2 5 29)) + 639 04 24: OCTET STRING, encapsulates { + 641 30 22: SEQUENCE { + 643 80 20: [0] + : 70 44 3E 82 2E 6F 87 DE 4A D3 75 E3 + : 3D 20 BC 43 2B 93 F1 1F + + + +Hoffman, Ed. Informational [Page 51] + +RFC 4134 Examples of S/MIME Messages July 2005 + + + : } + : } + : } + 665 30 29: SEQUENCE { + 667 06 3: OBJECT IDENTIFIER + : subjectKeyIdentifier (2 5 29 14) + : (X.509 id-ce (2 5 29)) + 672 04 22: OCTET STRING, encapsulates { + 674 04 20: OCTET STRING + : BE 6C A1 B3 E3 C1 F7 ED 43 70 A4 CE + : 13 01 E2 FD E3 97 FE CD + : } + : } + 696 30 31: SEQUENCE { + 698 06 3: OBJECT IDENTIFIER + : subjectAltName (2 5 29 17) + : (X.509 id-ce (2 5 29)) + 703 04 24: OCTET STRING, encapsulates { + 705 30 22: SEQUENCE { + 707 81 20: [1] 'AliceDSS@example.com' + : } + : } + : } + : } + : } + : } + 729 30 9: SEQUENCE { + 731 06 7: OBJECT IDENTIFIER + : dsaWithSha1 (1 2 840 10040 4 3) + : (ANSI X9.57 algorithm) + : } + 740 03 48: BIT STRING 0 unused bits, encapsulates { + 743 30 45: SEQUENCE { + 745 02 20: INTEGER + : 55 0C A4 19 1F 42 2B 89 71 22 33 8D + : 83 6A B5 3D 67 6B BF 45 + 767 02 21: INTEGER + : 00 9F 61 53 52 54 0B 5C B2 DD DA E7 + : 76 1D E2 10 52 5B 43 5E BD + : } + : } + : } + : } + 790 31 99: SET { + 792 30 97: SEQUENCE { + 794 02 1: INTEGER 1 + 797 30 24: SEQUENCE { + 799 30 18: SEQUENCE { + + + +Hoffman, Ed. Informational [Page 52] + +RFC 4134 Examples of S/MIME Messages July 2005 + + + 801 31 16: SET { + 803 30 14: SEQUENCE { + 805 06 3: OBJECT IDENTIFIER + : commonName (2 5 4 3) + : (X.520 id-at (2 5 4)) + 810 13 7: PrintableString 'CarlDSS' + : } + : } + : } + 819 02 2: INTEGER 200 + : } + 823 30 7: SEQUENCE { + 825 06 5: OBJECT IDENTIFIER sha1 (1 3 14 3 2 26) + : (OIW) + : } + 832 30 9: SEQUENCE { + 834 06 7: OBJECT IDENTIFIER + : dsaWithSha1 (1 2 840 10040 4 3) + : (ANSI X9.57 algorithm) + : } + 843 04 46: OCTET STRING, encapsulates { + 845 30 44: SEQUENCE { + 847 02 20: INTEGER + : 06 FB C7 2A 24 D5 34 89 F7 8B B5 FD + : 73 24 A5 86 C8 0F 5A 6C + 869 02 20: INTEGER + : 66 69 19 BC 68 58 D1 8D B1 9D 52 3F + : DA 14 88 0D FD C9 A1 B8 + : } + : } + : } + : } + : } + : } + : } + +4.4. Fancier Signed Content + + Same as 4.1, but includes Carl's root cert, Carl's CRL, some signed + and unsigned attributes (Countersignature by Diane). A SignedData + with no attribute certificates, signed by Alice using DSS, her + certificate and Carl's root cert, Carl's DSS CRL. The message is + ExContent, and is included in the eContent. The signed attributes + are Content Type, Message Digest and Signing Time; the unsigned + attributes are content hint and counter signature. The message + includes also Alice's RSA certificate. + + + + + +Hoffman, Ed. Informational [Page 53] + +RFC 4134 Examples of S/MIME Messages July 2005 + + + 0 30 2829: SEQUENCE { + 4 06 9: OBJECT IDENTIFIER signedData (1 2 840 113549 1 7 2) + : (PKCS #7) + 15 A0 2814: [0] { + 19 30 2810: SEQUENCE { + 23 02 1: INTEGER 1 + 26 31 9: SET { + 28 30 7: SEQUENCE { + 30 06 5: OBJECT IDENTIFIER sha1 (1 3 14 3 2 26) + : (OIW) + : } + : } + 37 30 43: SEQUENCE { + 39 06 9: OBJECT IDENTIFIER data (1 2 840 113549 1 7 1) + : (PKCS #7) + 50 A0 30: [0] { + 52 04 28: OCTET STRING 'This is some sample content.' + : } + : } + 82 A0 1967: [0] { + 86 30 556: SEQUENCE { + 90 30 405: SEQUENCE { + 94 A0 3: [0] { + 96 02 1: INTEGER 2 + : } + 99 02 16: INTEGER + : 46 34 6B C7 80 00 56 BC 11 D3 6E 2E + : C4 10 B3 B0 + 117 30 13: SEQUENCE { + 119 06 9: OBJECT IDENTIFIER + : sha1withRSAEncryption + : (1 2 840 113549 1 1 5) + : (PKCS #1) + 130 05 0: NULL + : } + 132 30 18: SEQUENCE { + 134 31 16: SET { + 136 30 14: SEQUENCE { + 138 06 3: OBJECT IDENTIFIER + : commonName (2 5 4 3) + : (X.520 id-at (2 5 4)) + 143 13 7: PrintableString 'CarlRSA' + : } + : } + : } + 152 30 30: SEQUENCE { + 154 17 13: UTCTime '990919010847Z' + 169 17 13: UTCTime '391231235959Z' + + + +Hoffman, Ed. Informational [Page 54] + +RFC 4134 Examples of S/MIME Messages July 2005 + + + : } + 184 30 19: SEQUENCE { + 186 31 17: SET { + 188 30 15: SEQUENCE { + 190 06 3: OBJECT IDENTIFIER + : commonName (2 5 4 3) + : (X.520 id-at (2 5 4)) + 195 13 8: PrintableString 'AliceRSA' + : } + : } + : } + 205 30 159: SEQUENCE { + 208 30 13: SEQUENCE { + 210 06 9: OBJECT IDENTIFIER + : rsaEncryption (1 2 840 113549 1 1 1) + : (PKCS #1) + 221 05 0: NULL + : } + 223 03 141: BIT STRING 0 unused bits, encapsulates { + 227 30 137: SEQUENCE { + 230 02 129: INTEGER + : 00 E0 89 73 39 8D D8 F5 F5 E8 87 76 + : 39 7F 4E B0 05 BB 53 83 DE 0F B7 AB + : DC 7D C7 75 29 0D 05 2E 6D 12 DF A6 + : 86 26 D4 D2 6F AA 58 29 FC 97 EC FA + : 82 51 0F 30 80 BE B1 50 9E 46 44 F1 + : 2C BB D8 32 CF C6 68 6F 07 D9 B0 60 + : AC BE EE 34 09 6A 13 F5 F7 05 05 93 + : DF 5E BA 35 56 D9 61 FF 19 7F C9 81 + : E6 F8 6C EA 87 40 70 EF AC 6D 2C 74 + : 9F 2D FA 55 3A B9 99 77 02 A6 48 52 + : 8C 4E F3 57 38 57 74 57 5F + 362 02 3: INTEGER 65537 + : } + : } + : } + 367 A3 129: [3] { + 370 30 127: SEQUENCE { + 372 30 12: SEQUENCE { + 374 06 3: OBJECT IDENTIFIER + : basicConstraints (2 5 29 19) + : (X.509 id-ce (2 5 29)) + 379 01 1: BOOLEAN TRUE + 382 04 2: OCTET STRING, encapsulates { + 384 30 0: SEQUENCE {} + : } + : } + 386 30 14: SEQUENCE { + + + +Hoffman, Ed. Informational [Page 55] + +RFC 4134 Examples of S/MIME Messages July 2005 + + + 388 06 3: OBJECT IDENTIFIER + : keyUsage (2 5 29 15) + : (X.509 id-ce (2 5 29)) + 393 01 1: BOOLEAN TRUE + 396 04 4: OCTET STRING, encapsulates { + 398 03 2: BIT STRING 6 unused bits + : '11'B + : } + : } + 402 30 31: SEQUENCE { + 404 06 3: OBJECT IDENTIFIER + : authorityKeyIdentifier (2 5 29 35) + : (X.509 id-ce (2 5 29)) + 409 04 24: OCTET STRING, encapsulates { + 411 30 22: SEQUENCE { + 413 80 20: [0] + : E9 E0 90 27 AC 78 20 7A 9A D3 4C F2 + : 42 37 4E 22 AE 9E 38 BB + : } + : } + : } + 435 30 29: SEQUENCE { + 437 06 3: OBJECT IDENTIFIER + : subjectKeyIdentifier (2 5 29 14) + : (X.509 id-ce (2 5 29)) + 442 04 22: OCTET STRING, encapsulates { + 444 04 20: OCTET STRING + : 77 D2 B4 D1 B7 4C 8A 8A A3 CE 45 9D + : CE EC 3C A0 3A E3 FF 50 + : } + : } + 466 30 31: SEQUENCE { + 468 06 3: OBJECT IDENTIFIER + : subjectAltName (2 5 29 17) + : (X.509 id-ce (2 5 29)) + 473 04 24: OCTET STRING, encapsulates { + 475 30 22: SEQUENCE { + 477 81 20: [1] 'AliceRSA@example.com' + : } + : } + : } + : } + : } + : } + 499 30 13: SEQUENCE { + 501 06 9: OBJECT IDENTIFIER + : sha1withRSAEncryption + : (1 2 840 113549 1 1 5) + + + +Hoffman, Ed. Informational [Page 56] + +RFC 4134 Examples of S/MIME Messages July 2005 + + + : (PKCS #1) + 512 05 0: NULL + : } + 514 03 129: BIT STRING 0 unused bits + : 3E 70 47 A8 48 CC 13 58 8F CA 51 71 + : 6B 4E 36 18 5D 04 7E 80 B1 8D 4D CC + : CA A3 8F CC 7D 56 C8 BC CF 6E B3 1C + : 59 A9 20 AA 05 81 A8 4E 25 AD A7 70 + : 14 75 2F F5 C7 9B D1 0E E9 63 D2 64 + : B7 C6 66 6E 73 21 54 DF F4 BA 25 5D + : 7D 49 D3 94 6B 22 36 74 73 B8 4A EC + : 2F 64 ED D3 3D D2 A7 42 C5 E8 37 8A + : B4 DB 9F 67 E4 BD 9F F9 FE 74 EF EA + : F9 EE 63 6A D8 3F 4B 25 09 B5 D8 1A + : 76 AE EB 9B DB 49 B0 22 + : } + 646 30 667: SEQUENCE { + 650 30 602: SEQUENCE { + 654 A0 3: [0] { + 656 02 1: INTEGER 2 + : } + 659 02 1: INTEGER 1 + 662 30 9: SEQUENCE { + 664 06 7: OBJECT IDENTIFIER + : dsaWithSha1 (1 2 840 10040 4 3) + : (ANSI X9.57 algorithm) + : } + 673 30 18: SEQUENCE { + 675 31 16: SET { + 677 30 14: SEQUENCE { + 679 06 3: OBJECT IDENTIFIER + : commonName (2 5 4 3) + : (X.520 id-at (2 5 4)) + 684 13 7: PrintableString 'CarlDSS' + : } + : } + : } + 693 30 30: SEQUENCE { + 695 17 13: UTCTime '990816225050Z' + 710 17 13: UTCTime '391231235959Z' + : } + 725 30 18: SEQUENCE { + 727 31 16: SET { + 729 30 14: SEQUENCE { + 731 06 3: OBJECT IDENTIFIER + : commonName (2 5 4 3) + : (X.520 id-at (2 5 4)) + 736 13 7: PrintableString 'CarlDSS' + + + +Hoffman, Ed. Informational [Page 57] + +RFC 4134 Examples of S/MIME Messages July 2005 + + + : } + : } + : } + 745 30 439: SEQUENCE { + 749 30 299: SEQUENCE { + 753 06 7: OBJECT IDENTIFIER + : dsa (1 2 840 10040 4 1) + : (ANSI X9.57 algorithm) + 762 30 286: SEQUENCE { + 766 02 129: INTEGER + : 00 B6 49 18 3E 8A 44 C1 29 71 94 4C + : 01 C4 12 C1 7A 79 CB 54 4D AB 1E 81 + : FB C6 4C B3 0E 94 09 06 EB 01 D4 B1 + : C8 71 4B C7 45 C0 50 25 5D 9C FC DA + : E4 6D D3 E2 86 48 84 82 7D BA 15 95 + : 4A 16 F6 46 ED DD F6 98 D2 BB 7E 8A + : 0A 8A BA 16 7B B9 50 01 48 93 8B EB + : 25 15 51 97 55 DC 8F 53 0E 10 A9 50 + : FC 70 B7 CD 30 54 FD DA DE A8 AA 22 + : B5 A1 AF 8B CC 02 88 E7 8B 70 5F B9 + : AD E1 08 D4 6D 29 2D D6 E9 + 898 02 21: INTEGER + : 00 DD C1 2F DF 53 CE 0B 34 60 77 3E + : 02 A4 BF 8A 5D 98 B9 10 D5 + 921 02 128: INTEGER + : 0C EE 57 9B 4B BD DA B6 07 6A 74 37 + : 4F 55 7F 9D ED BC 61 0D EB 46 59 3C + : 56 0B 2B 5B 0C 91 CE A5 62 52 69 CA + : E1 6D 3E BD BF FE E1 B7 B9 2B 61 3C + : AD CB AE 45 E3 06 AC 8C 22 9D 9C 44 + : 87 0B C7 CD F0 1C D9 B5 4E 5D 73 DE + : AF 0E C9 1D 5A 51 F5 4F 44 79 35 5A + : 73 AA 7F 46 51 1F A9 42 16 9C 48 EB + : 8A 79 61 B4 D5 2F 53 22 44 63 1F 86 + : B8 A3 58 06 25 F8 29 C0 EF BA E0 75 + : F0 42 C4 63 65 52 9B 0A + : } + : } + 1052 03 133: BIT STRING 0 unused bits, encapsulates { + 1056 02 129: INTEGER + : 00 99 87 74 27 03 66 A0 B1 C0 AD DC + : 2C 75 BB E1 6C 44 9C DA 21 6D 4D 47 + : 6D B1 62 09 E9 D8 AE 1E F2 3A B4 94 + : B1 A3 8E 7A 9B 71 4E 00 94 C9 B4 25 + : 4E B9 60 96 19 24 01 F3 62 0C FE 75 + : C0 FB CE D8 68 00 E3 FD D5 70 4F DF + : 23 96 19 06 94 F4 B1 61 8F 3A 57 B1 + : 08 11 A4 0B 26 25 F0 52 76 81 EA 0B + + + +Hoffman, Ed. Informational [Page 58] + +RFC 4134 Examples of S/MIME Messages July 2005 + + + : 62 0D 95 2A E6 86 BA 72 B2 A7 50 83 + : 0B AA 27 CD 1B A9 4D 89 9A D7 8D 18 + : 39 84 3F 8B C5 56 4D 80 7A + : } + : } + 1188 A3 66: [3] { + 1190 30 64: SEQUENCE { + 1192 30 15: SEQUENCE { + 1194 06 3: OBJECT IDENTIFIER + : basicConstraints (2 5 29 19) + : (X.509 id-ce (2 5 29)) + 1199 01 1: BOOLEAN TRUE + 1202 04 5: OCTET STRING, encapsulates { + 1204 30 3: SEQUENCE { + 1206 01 1: BOOLEAN TRUE + : } + : } + : } + 1209 30 14: SEQUENCE { + 1211 06 3: OBJECT IDENTIFIER + : keyUsage (2 5 29 15) + : (X.509 id-ce (2 5 29)) + 1216 01 1: BOOLEAN TRUE + 1219 04 4: OCTET STRING, encapsulates { + 1221 03 2: BIT STRING 1 unused bits + : '1100001'B + : } + : } + 1225 30 29: SEQUENCE { + 1227 06 3: OBJECT IDENTIFIER + : subjectKeyIdentifier (2 5 29 14) + : (X.509 id-ce (2 5 29)) + 1232 04 22: OCTET STRING, encapsulates { + 1234 04 20: OCTET STRING + : 70 44 3E 82 2E 6F 87 DE 4A D3 75 E3 + : 3D 20 BC 43 2B 93 F1 1F + : } + : } + : } + : } + : } + 1256 30 9: SEQUENCE { + 1258 06 7: OBJECT IDENTIFIER + : dsaWithSha1 (1 2 840 10040 4 3) + : (ANSI X9.57 algorithm) + : } + 1267 03 48: BIT STRING 0 unused bits, encapsulates { + 1270 30 45: SEQUENCE { + + + +Hoffman, Ed. Informational [Page 59] + +RFC 4134 Examples of S/MIME Messages July 2005 + + + 1272 02 20: INTEGER + : 6B A9 F0 4E 7A 5A 79 E3 F9 BE 3D 2B + : C9 06 37 E9 11 17 A1 13 + 1294 02 21: INTEGER + : 00 8F 34 69 2A 8B B1 3C 03 79 94 32 + : 4D 12 1F CE 89 FB 46 B2 3B + : } + : } + : } + 1317 30 732: SEQUENCE { + 1321 30 667: SEQUENCE { + 1325 A0 3: [0] { + 1327 02 1: INTEGER 2 + : } + 1330 02 2: INTEGER 200 + 1334 30 9: SEQUENCE { + 1336 06 7: OBJECT IDENTIFIER + : dsaWithSha1 (1 2 840 10040 4 3) + : (ANSI X9.57 algorithm) + : } + 1345 30 18: SEQUENCE { + 1347 31 16: SET { + 1349 30 14: SEQUENCE { + 1351 06 3: OBJECT IDENTIFIER + : commonName (2 5 4 3) + : (X.520 id-at (2 5 4)) + 1356 13 7: PrintableString 'CarlDSS' + : } + : } + : } + 1365 30 30: SEQUENCE { + 1367 17 13: UTCTime '990817011049Z' + 1382 17 13: UTCTime '391231235959Z' + : } + 1397 30 19: SEQUENCE { + 1399 31 17: SET { + 1401 30 15: SEQUENCE { + 1403 06 3: OBJECT IDENTIFIER + : commonName (2 5 4 3) + : (X.520 id-at (2 5 4)) + 1408 13 8: PrintableString 'AliceDSS' + : } + : } + : } + 1418 30 438: SEQUENCE { + 1422 30 299: SEQUENCE { + 1426 06 7: OBJECT IDENTIFIER + : dsa (1 2 840 10040 4 1) + + + +Hoffman, Ed. Informational [Page 60] + +RFC 4134 Examples of S/MIME Messages July 2005 + + + : (ANSI X9.57 algorithm) + 1435 30 286: SEQUENCE { + 1439 02 129: INTEGER + : 00 81 8D CD ED 83 EA 0A 9E 39 3E C2 + : 48 28 A3 E4 47 93 DD 0E D7 A8 0E EC + : 53 C5 AB 84 08 4F FF 94 E1 73 48 7E + : 0C D6 F3 44 48 D1 FE 9F AF A4 A1 89 + : 2F E1 D9 30 C8 36 DE 3F 9B BF B7 4C + : DC 5F 69 8A E4 75 D0 37 0C 91 08 95 + : 9B DE A7 5E F9 FC F4 9F 2F DD 43 A8 + : 8B 54 F1 3F B0 07 08 47 4D 5D 88 C3 + : C3 B5 B3 E3 55 08 75 D5 39 76 10 C4 + : 78 BD FF 9D B0 84 97 37 F2 E4 51 1B + : B5 E4 09 96 5C F3 7E 5B DB + 1571 02 21: INTEGER + : 00 E2 47 A6 1A 45 66 B8 13 C6 DA 8F + : B8 37 21 2B 62 8B F7 93 CD + 1594 02 128: INTEGER + : 26 38 D0 14 89 32 AA 39 FB 3E 6D D9 + : 4B 59 6A 4C 76 23 39 04 02 35 5C F2 + : CB 1A 30 C3 1E 50 5D DD 9B 59 E2 CD + : AA 05 3D 58 C0 7B A2 36 B8 6E 07 AF + : 7D 8A 42 25 A7 F4 75 CF 4A 08 5E 4B + : 3E 90 F8 6D EA 9C C9 21 8A 3B 76 14 + : E9 CE 2E 5D A3 07 CD 23 85 B8 2F 30 + : 01 7C 6D 49 89 11 89 36 44 BD F8 C8 + : 95 4A 53 56 B5 E2 F9 73 EC 1A 61 36 + : 1F 11 7F C2 BD ED D1 50 FF 98 74 C2 + : D1 81 4A 60 39 BA 36 39 + : } + : } + 1725 03 132: BIT STRING 0 unused bits, encapsulates { + 1729 02 128: INTEGER + : 5C E3 B9 5A 75 14 96 0B A9 7A DD E3 + : 3F A9 EC AC 5E DC BD B7 13 11 34 A6 + : 16 89 28 11 23 D9 34 86 67 75 75 13 + : 12 3D 43 5B 6F E5 51 BF FA 89 F2 A2 + : 1B 3E 24 7D 3D 07 8D 5B 63 C8 BB 45 + : A5 A0 4A E3 85 D6 CE 06 80 3F E8 23 + : 7E 1A F2 24 AB 53 1A B8 27 0D 1E EF + : 08 BF 66 14 80 5C 62 AC 65 FA 15 8B + : F1 BB 34 D4 D2 96 37 F6 61 47 B2 C4 + : 32 84 F0 7E 41 40 FD 46 A7 63 4E 33 + : F2 A5 E2 F4 F2 83 E5 B8 + : } + : } + 1860 A3 129: [3] { + 1863 30 127: SEQUENCE { + + + +Hoffman, Ed. Informational [Page 61] + +RFC 4134 Examples of S/MIME Messages July 2005 + + + 1865 30 12: SEQUENCE { + 1867 06 3: OBJECT IDENTIFIER + : basicConstraints (2 5 29 19) + : (X.509 id-ce (2 5 29)) + 1872 01 1: BOOLEAN TRUE + 1875 04 2: OCTET STRING, encapsulates { + 1877 30 0: SEQUENCE {} + : } + : } + 1879 30 14: SEQUENCE { + 1881 06 3: OBJECT IDENTIFIER + : keyUsage (2 5 29 15) + : (X.509 id-ce (2 5 29)) + 1886 01 1: BOOLEAN TRUE + 1889 04 4: OCTET STRING, encapsulates { + 1891 03 2: BIT STRING 6 unused bits + : '11'B + : } + : } + 1895 30 31: SEQUENCE { + 1897 06 3: OBJECT IDENTIFIER + : authorityKeyIdentifier (2 5 29 35) + : (X.509 id-ce (2 5 29)) + 1902 04 24: OCTET STRING, encapsulates { + 1904 30 22: SEQUENCE { + 1906 80 20: [0] + : 70 44 3E 82 2E 6F 87 DE 4A D3 75 E3 + : 3D 20 BC 43 2B 93 F1 1F + : } + : } + : } + 1928 30 29: SEQUENCE { + 1930 06 3: OBJECT IDENTIFIER + : subjectKeyIdentifier (2 5 29 14) + : (X.509 id-ce (2 5 29)) + 1935 04 22: OCTET STRING, encapsulates { + 1937 04 20: OCTET STRING + : BE 6C A1 B3 E3 C1 F7 ED 43 70 A4 CE + : 13 01 E2 FD E3 97 FE CD + : } + : } + 1959 30 31: SEQUENCE { + 1961 06 3: OBJECT IDENTIFIER + : subjectAltName (2 5 29 17) + : (X.509 id-ce (2 5 29)) + 1966 04 24: OCTET STRING, encapsulates { + 1968 30 22: SEQUENCE { + 1970 81 20: [1] 'AliceDSS@example.com' + + + +Hoffman, Ed. Informational [Page 62] + +RFC 4134 Examples of S/MIME Messages July 2005 + + + : } + : } + : } + : } + : } + : } + 1992 30 9: SEQUENCE { + 1994 06 7: OBJECT IDENTIFIER + : dsaWithSha1 (1 2 840 10040 4 3) + : (ANSI X9.57 algorithm) + : } + 2003 03 48: BIT STRING 0 unused bits, encapsulates { + 2006 30 45: SEQUENCE { + 2008 02 20: INTEGER + : 55 0C A4 19 1F 42 2B 89 71 22 33 8D + : 83 6A B5 3D 67 6B BF 45 + 2030 02 21: INTEGER + : 00 9F 61 53 52 54 0B 5C B2 DD DA E7 + : 76 1D E2 10 52 5B 43 5E BD + : } + : } + : } + : } + 2053 A1 219: [1] { + 2056 30 216: SEQUENCE { + 2059 30 153: SEQUENCE { + 2062 30 9: SEQUENCE { + 2064 06 7: OBJECT IDENTIFIER + : dsaWithSha1 (1 2 840 10040 4 3) + : (ANSI X9.57 algorithm) + : } + 2073 30 18: SEQUENCE { + 2075 31 16: SET { + 2077 30 14: SEQUENCE { + 2079 06 3: OBJECT IDENTIFIER + : commonName (2 5 4 3) + : (X.520 id-at (2 5 4)) + 2084 13 7: PrintableString 'CarlDSS' + : } + : } + : } + 2093 17 13: UTCTime '990827070000Z' + 2108 30 105: SEQUENCE { + 2110 30 19: SEQUENCE { + 2112 02 2: INTEGER 200 + 2116 17 13: UTCTime '990822070000Z' + : } + 2131 30 19: SEQUENCE { + + + +Hoffman, Ed. Informational [Page 63] + +RFC 4134 Examples of S/MIME Messages July 2005 + + + 2133 02 2: INTEGER 201 + 2137 17 13: UTCTime '990822070000Z' + : } + 2152 30 19: SEQUENCE { + 2154 02 2: INTEGER 211 + 2158 17 13: UTCTime '990822070000Z' + : } + 2173 30 19: SEQUENCE { + 2175 02 2: INTEGER 210 + 2179 17 13: UTCTime '990822070000Z' + : } + 2194 30 19: SEQUENCE { + 2196 02 2: INTEGER 212 + 2200 17 13: UTCTime '990824070000Z' + : } + : } + : } + 2215 30 9: SEQUENCE { + 2217 06 7: OBJECT IDENTIFIER + : dsaWithSha1 (1 2 840 10040 4 3) + : (ANSI X9.57 algorithm) + : } + 2226 03 47: BIT STRING 0 unused bits, encapsulates { + 2229 30 44: SEQUENCE { + 2231 02 20: INTEGER + : 7E 65 52 76 33 FE 34 73 17 D1 F7 96 + : F9 A0 D4 D8 6D 5C 7D 3D + 2253 02 20: INTEGER + : 02 7A 5B B7 D5 5B 18 C1 CF 87 EF 7E + : DA 24 F3 2A 83 9C 35 A1 + : } + : } + : } + : } + 2275 31 554: SET { + 2279 30 550: SEQUENCE { + 2283 02 1: INTEGER 1 + 2286 30 24: SEQUENCE { + 2288 30 18: SEQUENCE { + 2290 31 16: SET { + 2292 30 14: SEQUENCE { + 2294 06 3: OBJECT IDENTIFIER + : commonName (2 5 4 3) + : (X.520 id-at (2 5 4)) + 2299 13 7: PrintableString 'CarlDSS' + : } + : } + : } + + + +Hoffman, Ed. Informational [Page 64] + +RFC 4134 Examples of S/MIME Messages July 2005 + + + 2308 02 2: INTEGER 200 + : } + 2312 30 7: SEQUENCE { + 2314 06 5: OBJECT IDENTIFIER sha1 (1 3 14 3 2 26) + : (OIW) + : } + 2321 A0 93: [0] { + 2323 30 24: SEQUENCE { + 2325 06 9: OBJECT IDENTIFIER + : contentType (1 2 840 113549 1 9 3) + : (PKCS #9 (1 2 840 113549 1 9)) + 2336 31 11: SET { + 2338 06 9: OBJECT IDENTIFIER + : data (1 2 840 113549 1 7 1) + : (PKCS #7) + : } + : } + 2349 30 28: SEQUENCE { + 2351 06 9: OBJECT IDENTIFIER + : signingTime (1 2 840 113549 1 9 5) + : (PKCS #9 (1 2 840 113549 1 9)) + 2362 31 15: SET { + 2364 17 13: UTCTime '030514153900Z' + : } + : } + 2379 30 35: SEQUENCE { + 2381 06 9: OBJECT IDENTIFIER + : messageDigest (1 2 840 113549 1 9 4) + : (PKCS #9 (1 2 840 113549 1 9)) + 2392 31 22: SET { + 2394 04 20: OCTET STRING + : 40 6A EC 08 52 79 BA 6E 16 02 2D 9E + : 06 29 C0 22 96 87 DD 48 + : } + : } + : } + 2416 30 9: SEQUENCE { + 2418 06 7: OBJECT IDENTIFIER + : dsaWithSha1 (1 2 840 10040 4 3) + : (ANSI X9.57 algorithm) + : } + 2427 04 46: OCTET STRING, encapsulates { + 2429 30 44: SEQUENCE { + 2431 02 20: INTEGER + : 3B A5 E0 4A DB 6D 58 E0 19 D1 00 1C + : 4F 44 9A 57 7A 71 66 68 + 2453 02 20: INTEGER + : 1A 11 98 D6 1F 1F AF 34 81 01 DE BE + + + +Hoffman, Ed. Informational [Page 65] + +RFC 4134 Examples of S/MIME Messages July 2005 + + + : 8B DC B6 A8 6A 91 69 13 + : } + : } + 2475 A1 354: [1] { + 2479 30 62: SEQUENCE { + 2481 06 11: OBJECT IDENTIFIER + : id-aa-contentHint + : (1 2 840 113549 1 9 16 2 4) + : (S/MIME Authenticated Attributes + : (1 2 840 113549 1 9 16 2)) + 2494 31 47: SET { + 2496 30 45: SEQUENCE { + 2498 0C 32: UTF8String + : 'Content Hints Description Buffer' + 2532 06 9: OBJECT IDENTIFIER + : data (1 2 840 113549 1 7 1) + : (PKCS #7) + : } + : } + : } + 2543 30 286: SEQUENCE { + 2547 06 9: OBJECT IDENTIFIER + : countersignature (1 2 840 113549 1 9 6) + : (PKCS #9 (1 2 840 113549 1 9)) + 2558 31 271: SET { + 2562 30 267: SEQUENCE { + 2566 02 1: INTEGER 1 + 2569 30 38: SEQUENCE { + 2571 30 18: SEQUENCE { + 2573 31 16: SET { + 2575 30 14: SEQUENCE { + 2577 06 3: OBJECT IDENTIFIER + : commonName (2 5 4 3) + : (X.520 id-at (2 5 4)) + 2582 13 7: PrintableString 'CarlRSA' + : } + : } + : } + 2591 02 16: INTEGER + : 46 34 6B C7 80 00 56 BC 11 D3 6E 2E + : C4 10 B3 B0 + : } + 2609 30 7: SEQUENCE { + 2611 06 5: OBJECT IDENTIFIER + : sha1 (1 3 14 3 2 26) + : (OIW) + : } + 2618 A0 67: [0] { + + + +Hoffman, Ed. Informational [Page 66] + +RFC 4134 Examples of S/MIME Messages July 2005 + + + 2620 30 28: SEQUENCE { + 2622 06 9: OBJECT IDENTIFIER + : signingTime + : (1 2 840 113549 1 9 5) + : (PKCS #9 (1 2 840 113549 1 9)) + 2633 31 15: SET { + 2635 17 13: UTCTime '030514153900Z' + : } + : } + 2650 30 35: SEQUENCE { + 2652 06 9: OBJECT IDENTIFIER + : messageDigest + : (1 2 840 113549 1 9 4) + : (PKCS #9 (1 2 840 113549 1 9)) + 2663 31 22: SET { + 2665 04 20: OCTET STRING + : 02 5F 49 4E 39 98 50 85 B3 66 D3 8A + : 1F 7B 9E 69 AA FB D8 33 + : } + : } + : } + 2687 30 13: SEQUENCE { + 2689 06 9: OBJECT IDENTIFIER + : rsaEncryption + : (1 2 840 113549 1 1 1) + : (PKCS #1) + 2700 05 0: NULL + : } + 2702 04 128: OCTET STRING + : 6D AA 20 24 ED 7A EE A5 5E 87 DD 75 + : 1F 2B 54 10 65 F4 CE 9B B1 2C 78 74 + : BC 8B 1C 60 B5 DB 8B 03 9E 49 F2 2B + : 7F 93 6E 3D 89 14 C9 E3 6B F4 F6 7D + : 76 AE 3E 58 1F 9B BB BC 7C 30 19 4E + : 10 F7 02 F1 8B 5B B4 DB 9A BB 93 B4 + : 18 D0 CC 2B C9 91 A9 AD D9 46 F8 65 + : A9 E2 71 95 D0 D4 4E 1F CD 74 6F 82 + : E8 37 6F 5A 3D CB C7 D4 5F C2 80 1B + : DA D3 84 40 68 5F 56 9A 62 F5 3B 0D + : 6C 33 C3 ED 67 3F 43 BF + : } + : } + : } + : } + : } + : } + : } + : } + + + +Hoffman, Ed. Informational [Page 67] + +RFC 4134 Examples of S/MIME Messages July 2005 + + + : } + +4.5. All RSA Signed Message + + Same as 4.2, but includes Carl's RSA root cert (but no CRL). A + SignedData with no attribute certificates, signed by Alice using RSA, + her certificate and Carl's root cert, no CRL. The message is + ExContent, and is included in the eContent. There are no signed or + unsigned attributes. + + 0 30 NDEF: SEQUENCE { + 2 06 9: OBJECT IDENTIFIER signedData (1 2 840 113549 1 7 2) + : (PKCS #7) + 13 A0 NDEF: [0] { + 15 30 NDEF: SEQUENCE { + 17 02 1: INTEGER 1 + 20 31 11: SET { + 22 30 9: SEQUENCE { + 24 06 5: OBJECT IDENTIFIER sha1 (1 3 14 3 2 26) + : (OIW) + 31 05 0: NULL + : } + : } + 33 30 NDEF: SEQUENCE { + 35 06 9: OBJECT IDENTIFIER data (1 2 840 113549 1 7 1) + : (PKCS #7) + 46 A0 NDEF: [0] { + 48 24 NDEF: OCTET STRING { + 50 04 4: OCTET STRING 'This' + 56 04 24: OCTET STRING ' is some sample content.' + : } + : } + : } + 88 A0 NDEF: [0] { + 90 30 491: SEQUENCE { + 94 30 340: SEQUENCE { + 98 A0 3: [0] { + 100 02 1: INTEGER 2 + : } + 103 02 16: INTEGER + : 46 34 6B C7 80 00 56 BC 11 D3 6E 2E + : 9F F2 50 20 + 121 30 13: SEQUENCE { + 123 06 9: OBJECT IDENTIFIER + : sha1withRSAEncryption + : (1 2 840 113549 1 1 5) + : (PKCS #1) + 134 05 0: NULL + + + +Hoffman, Ed. Informational [Page 68] + +RFC 4134 Examples of S/MIME Messages July 2005 + + + : } + 136 30 18: SEQUENCE { + 138 31 16: SET { + 140 30 14: SEQUENCE { + 142 06 3: OBJECT IDENTIFIER + : commonName (2 5 4 3) + : (X.520 id-at (2 5 4)) + 147 13 7: PrintableString 'CarlRSA' + : } + : } + : } + 156 30 30: SEQUENCE { + 158 17 13: UTCTime '990818070000Z' + 173 17 13: UTCTime '391231235959Z' + : } + 188 30 18: SEQUENCE { + 190 31 16: SET { + 192 30 14: SEQUENCE { + 194 06 3: OBJECT IDENTIFIER + : commonName (2 5 4 3) + : (X.520 id-at (2 5 4)) + 199 13 7: PrintableString 'CarlRSA' + : } + : } + : } + 208 30 159: SEQUENCE { + 211 30 13: SEQUENCE { + 213 06 9: OBJECT IDENTIFIER + : rsaEncryption (1 2 840 113549 1 1 1) + : (PKCS #1) + 224 05 0: NULL + : } + 226 03 141: BIT STRING 0 unused bits, encapsulates { + 230 30 137: SEQUENCE { + 233 02 129: INTEGER + : 00 E4 4B FF 18 B8 24 57 F4 77 FF 6E + : 73 7B 93 71 5C BC 33 1A 92 92 72 23 + : D8 41 46 D0 CD 11 3A 04 B3 8E AF 82 + : 9D BD 51 1E 17 7A F2 76 2C 2B 86 39 + : A7 BD D7 8D 1A 53 EC E4 00 D5 E8 EC + : A2 36 B1 ED E2 50 E2 32 09 8A 3F 9F + : 99 25 8F B8 4E AB B9 7D D5 96 65 DA + : 16 A0 C5 BE 0E AE 44 5B EF 5E F4 A7 + : 29 CB 82 DD AC 44 E9 AA 93 94 29 0E + : F8 18 D6 C8 57 5E F2 76 C4 F2 11 60 + : 38 B9 1B 3C 1D 97 C9 6A F1 + 365 02 3: INTEGER 65537 + : } + + + +Hoffman, Ed. Informational [Page 69] + +RFC 4134 Examples of S/MIME Messages July 2005 + + + : } + : } + 370 A3 66: [3] { + 372 30 64: SEQUENCE { + 374 30 15: SEQUENCE { + 376 06 3: OBJECT IDENTIFIER + : basicConstraints (2 5 29 19) + : (X.509 id-ce (2 5 29)) + 381 01 1: BOOLEAN TRUE + 384 04 5: OCTET STRING, encapsulates { + 386 30 3: SEQUENCE { + 388 01 1: BOOLEAN TRUE + : } + : } + : } + 391 30 14: SEQUENCE { + 393 06 3: OBJECT IDENTIFIER + : keyUsage (2 5 29 15) + : (X.509 id-ce (2 5 29)) + 398 01 1: BOOLEAN TRUE + 401 04 4: OCTET STRING, encapsulates { + 403 03 2: BIT STRING 1 unused bits + : '1100001'B + : } + : } + 407 30 29: SEQUENCE { + 409 06 3: OBJECT IDENTIFIER + : subjectKeyIdentifier (2 5 29 14) + : (X.509 id-ce (2 5 29)) + 414 04 22: OCTET STRING, encapsulates { + 416 04 20: OCTET STRING + : E9 E0 90 27 AC 78 20 7A 9A D3 4C F2 + : 42 37 4E 22 AE 9E 38 BB + : } + : } + : } + : } + : } + 438 30 13: SEQUENCE { + 440 06 9: OBJECT IDENTIFIER + : sha1withRSAEncryption + : (1 2 840 113549 1 1 5) + : (PKCS #1) + 451 05 0: NULL + : } + 453 03 129: BIT STRING 0 unused bits + : B7 9E D4 04 D3 ED 29 E4 FF 89 89 15 + : 2E 4C DB 0C F0 48 0F 32 61 EE C4 04 + + + +Hoffman, Ed. Informational [Page 70] + +RFC 4134 Examples of S/MIME Messages July 2005 + + + : EC 12 5D 2D FF 0F 64 59 7E 0A C3 ED + : 18 FD E3 56 40 37 A7 07 B5 F0 38 12 + : 61 50 ED EF DD 3F E3 0B B8 61 A5 A4 + : 9B 3C E6 9E 9C 54 9A B6 95 D6 DA 6C + : 3B B5 2D 45 35 9D 49 01 76 FA B9 B9 + : 31 F9 F9 6B 12 53 A0 F5 14 60 9B 7D + : CA 3E F2 53 6B B0 37 6F AD E6 74 D7 + : DB FA 5A EA 14 41 63 5D CD BE C8 0E + : C1 DA 6A 8D 53 34 18 02 + : } + 585 30 556: SEQUENCE { + 589 30 405: SEQUENCE { + 593 A0 3: [0] { + 595 02 1: INTEGER 2 + : } + 598 02 16: INTEGER + : 46 34 6B C7 80 00 56 BC 11 D3 6E 2E + : C4 10 B3 B0 + 616 30 13: SEQUENCE { + 618 06 9: OBJECT IDENTIFIER + : sha1withRSAEncryption + : (1 2 840 113549 1 1 5) + : (PKCS #1) + 629 05 0: NULL + : } + 631 30 18: SEQUENCE { + 633 31 16: SET { + 635 30 14: SEQUENCE { + 637 06 3: OBJECT IDENTIFIER + : commonName (2 5 4 3) + : (X.520 id-at (2 5 4)) + 642 13 7: PrintableString 'CarlRSA' + : } + : } + : } + 651 30 30: SEQUENCE { + 653 17 13: UTCTime '990919010847Z' + 668 17 13: UTCTime '391231235959Z' + : } + 683 30 19: SEQUENCE { + 685 31 17: SET { + 687 30 15: SEQUENCE { + 689 06 3: OBJECT IDENTIFIER + : commonName (2 5 4 3) + : (X.520 id-at (2 5 4)) + 694 13 8: PrintableString 'AliceRSA' + : } + : } + + + +Hoffman, Ed. Informational [Page 71] + +RFC 4134 Examples of S/MIME Messages July 2005 + + + : } + 704 30 159: SEQUENCE { + 707 30 13: SEQUENCE { + 709 06 9: OBJECT IDENTIFIER + : rsaEncryption (1 2 840 113549 1 1 1) + : (PKCS #1) + 720 05 0: NULL + : } + 722 03 141: BIT STRING 0 unused bits, encapsulates { + 726 30 137: SEQUENCE { + 729 02 129: INTEGER + : 00 E0 89 73 39 8D D8 F5 F5 E8 87 76 + : 39 7F 4E B0 05 BB 53 83 DE 0F B7 AB + : DC 7D C7 75 29 0D 05 2E 6D 12 DF A6 + : 86 26 D4 D2 6F AA 58 29 FC 97 EC FA + : 82 51 0F 30 80 BE B1 50 9E 46 44 F1 + : 2C BB D8 32 CF C6 68 6F 07 D9 B0 60 + : AC BE EE 34 09 6A 13 F5 F7 05 05 93 + : DF 5E BA 35 56 D9 61 FF 19 7F C9 81 + : E6 F8 6C EA 87 40 70 EF AC 6D 2C 74 + : 9F 2D FA 55 3A B9 99 77 02 A6 48 52 + : 8C 4E F3 57 38 57 74 57 5F + 861 02 3: INTEGER 65537 + : } + : } + : } + 866 A3 129: [3] { + 869 30 127: SEQUENCE { + 871 30 12: SEQUENCE { + 873 06 3: OBJECT IDENTIFIER + : basicConstraints (2 5 29 19) + : (X.509 id-ce (2 5 29)) + 878 01 1: BOOLEAN TRUE + 881 04 2: OCTET STRING, encapsulates { + 883 30 0: SEQUENCE {} + : } + : } + 885 30 14: SEQUENCE { + 887 06 3: OBJECT IDENTIFIER + : keyUsage (2 5 29 15) + : (X.509 id-ce (2 5 29)) + 892 01 1: BOOLEAN TRUE + 895 04 4: OCTET STRING, encapsulates { + 897 03 2: BIT STRING 6 unused bits + : '11'B + : } + : } + 901 30 31: SEQUENCE { + + + +Hoffman, Ed. Informational [Page 72] + +RFC 4134 Examples of S/MIME Messages July 2005 + + + 903 06 3: OBJECT IDENTIFIER + : authorityKeyIdentifier (2 5 29 35) + : (X.509 id-ce (2 5 29)) + 908 04 24: OCTET STRING, encapsulates { + 910 30 22: SEQUENCE { + 912 80 20: [0] + : E9 E0 90 27 AC 78 20 7A 9A D3 4C F2 + : 42 37 4E 22 AE 9E 38 BB + : } + : } + : } + 934 30 29: SEQUENCE { + 936 06 3: OBJECT IDENTIFIER + : subjectKeyIdentifier (2 5 29 14) + : (X.509 id-ce (2 5 29)) + 941 04 22: OCTET STRING, encapsulates { + 943 04 20: OCTET STRING + : 77 D2 B4 D1 B7 4C 8A 8A A3 CE 45 9D + : CE EC 3C A0 3A E3 FF 50 + : } + : } + 965 30 31: SEQUENCE { + 967 06 3: OBJECT IDENTIFIER + : subjectAltName (2 5 29 17) + : (X.509 id-ce (2 5 29)) + 972 04 24: OCTET STRING, encapsulates { + 974 30 22: SEQUENCE { + 976 81 20: [1] 'AliceRSA@example.com' + : } + : } + : } + : } + : } + : } + 998 30 13: SEQUENCE { + 1000 06 9: OBJECT IDENTIFIER + : sha1withRSAEncryption + : (1 2 840 113549 1 1 5) + : (PKCS #1) + 1011 05 0: NULL + : } + 1013 03 129: BIT STRING 0 unused bits + : 3E 70 47 A8 48 CC 13 58 8F CA 51 71 + : 6B 4E 36 18 5D 04 7E 80 B1 8D 4D CC + : CA A3 8F CC 7D 56 C8 BC CF 6E B3 1C + : 59 A9 20 AA 05 81 A8 4E 25 AD A7 70 + : 14 75 2F F5 C7 9B D1 0E E9 63 D2 64 + : B7 C6 66 6E 73 21 54 DF F4 BA 25 5D + + + +Hoffman, Ed. Informational [Page 73] + +RFC 4134 Examples of S/MIME Messages July 2005 + + + : 7D 49 D3 94 6B 22 36 74 73 B8 4A EC + : 2F 64 ED D3 3D D2 A7 42 C5 E8 37 8A + : B4 DB 9F 67 E4 BD 9F F9 FE 74 EF EA + : F9 EE 63 6A D8 3F 4B 25 09 B5 D8 1A + : 76 AE EB 9B DB 49 B0 22 + : } + : } + 1147 31 203: SET { + 1150 30 200: SEQUENCE { + 1153 02 1: INTEGER 1 + 1156 30 38: SEQUENCE { + 1158 30 18: SEQUENCE { + 1160 31 16: SET { + 1162 30 14: SEQUENCE { + 1164 06 3: OBJECT IDENTIFIER + : commonName (2 5 4 3) + : (X.520 id-at (2 5 4)) + 1169 13 7: PrintableString 'CarlRSA' + : } + : } + : } + 1178 02 16: INTEGER + : 46 34 6B C7 80 00 56 BC 11 D3 6E 2E + : C4 10 B3 B0 + : } + 1196 30 9: SEQUENCE { + 1198 06 5: OBJECT IDENTIFIER sha1 (1 3 14 3 2 26) + : (OIW) + 1205 05 0: NULL + : } + 1207 30 13: SEQUENCE { + 1209 06 9: OBJECT IDENTIFIER + : rsaEncryption (1 2 840 113549 1 1 1) + : (PKCS #1) + 1220 05 0: NULL + : } + 1222 04 128: OCTET STRING + : 2F 23 82 D2 F3 09 5F B8 0C 58 EB 4E + : 9D BF 89 9A 81 E5 75 C4 91 3D D3 D0 + : D5 7B B6 D5 FE 94 A1 8A AC E3 C4 84 + : F5 CD 60 4E 27 95 F6 CF 00 86 76 75 + : 3F 2B F0 E7 D4 02 67 A7 F5 C7 8D 16 + : 04 A5 B3 B5 E7 D9 32 F0 24 EF E7 20 + : 44 D5 9F 07 C5 53 24 FA CE 01 1D 0F + : 17 13 A7 2A 95 9D 2B E4 03 95 14 0B + : E9 39 0D BA CE 6E 9C 9E 0C E8 98 E6 + : 55 13 D4 68 6F D0 07 D7 A2 B1 62 4C + : E3 8F AF FD E0 D5 5D C7 + + + +Hoffman, Ed. Informational [Page 74] + +RFC 4134 Examples of S/MIME Messages July 2005 + + + : } + : } + : } + : } + : } + +4.6. Multiple Signers + + Similar to 4.1, but the message is also signed by Diane. Two + signerInfos (one for Alice, one for Diane) with no attribute + certificates, each signed using DSS, Alice's and Diane's certificate + (not Carl's root cert), no CRL. The message is ExContent, and is + included in the eContent. There are no signed or unsigned + attributes. + + 0 30 1463: SEQUENCE { + 4 06 9: OBJECT IDENTIFIER signedData (1 2 840 113549 1 7 2) + : (PKCS #7) + 15 A0 1448: [0] { + 19 30 1444: SEQUENCE { + 23 02 1: INTEGER 1 + 26 31 9: SET { + 28 30 7: SEQUENCE { + 30 06 5: OBJECT IDENTIFIER sha1 (1 3 14 3 2 26) + : (OIW) + : } + : } + 37 30 43: SEQUENCE { + 39 06 9: OBJECT IDENTIFIER data (1 2 840 113549 1 7 1) + : (PKCS #7) + 50 A0 30: [0] { + 52 04 28: OCTET STRING 'This is some sample content.' + : } + : } + 82 A0 1180: [0] { + 86 30 440: SEQUENCE { + 90 30 375: SEQUENCE { + 94 A0 3: [0] { + 96 02 1: INTEGER 2 + : } + 99 02 2: INTEGER 210 + 103 30 9: SEQUENCE { + 105 06 7: OBJECT IDENTIFIER + : dsaWithSha1 (1 2 840 10040 4 3) + : (ANSI X9.57 algorithm) + : } + 114 30 18: SEQUENCE { + 116 31 16: SET { + + + +Hoffman, Ed. Informational [Page 75] + +RFC 4134 Examples of S/MIME Messages July 2005 + + + 118 30 14: SEQUENCE { + 120 06 3: OBJECT IDENTIFIER + : commonName (2 5 4 3) + : (X.520 id-at (2 5 4)) + 125 13 7: PrintableString 'CarlDSS' + : } + : } + : } + 134 30 30: SEQUENCE { + 136 17 13: UTCTime '990817020810Z' + 151 17 13: UTCTime '391231235959Z' + : } + 166 30 19: SEQUENCE { + 168 31 17: SET { + 170 30 15: SEQUENCE { + 172 06 3: OBJECT IDENTIFIER + : commonName (2 5 4 3) + : (X.520 id-at (2 5 4)) + 177 13 8: PrintableString 'DianeDSS' + : } + : } + : } + 187 30 147: SEQUENCE { + 190 30 9: SEQUENCE { + 192 06 7: OBJECT IDENTIFIER + : dsa (1 2 840 10040 4 1) + : (ANSI X9.57 algorithm) + : } + 201 03 133: BIT STRING 0 unused bits, encapsulates { + 205 02 129: INTEGER + : 00 A0 00 17 78 2C EE 7E 81 53 2E 2E + : 61 08 0F A1 9B 51 52 1A DA 59 A8 73 + : 2F 12 25 B6 08 CB CA EF 2A 44 76 8A + : 52 09 EA BD 05 22 D5 0F F6 FD 46 D7 + : AF 99 38 09 0E 13 CB 4F 2C DD 1C 34 + : F7 1C BF 25 FF 23 D3 3B 59 E7 82 97 + : 37 BE 31 24 D8 18 C8 F3 49 39 5B B7 + : E2 E5 27 7E FC 8C 45 72 5B 7E 3E 8F + : 68 4D DD 46 7A 22 BE 8E FF CC DA 39 + : 29 A3 39 E5 9F 43 E9 55 C9 D7 5B A6 + : 81 67 CC C0 AA CD 2E C5 23 + : } + : } + 337 A3 129: [3] { + 340 30 127: SEQUENCE { + 342 30 12: SEQUENCE { + 344 06 3: OBJECT IDENTIFIER + : basicConstraints (2 5 29 19) + + + +Hoffman, Ed. Informational [Page 76] + +RFC 4134 Examples of S/MIME Messages July 2005 + + + : (X.509 id-ce (2 5 29)) + 349 01 1: BOOLEAN TRUE + 352 04 2: OCTET STRING, encapsulates { + 354 30 0: SEQUENCE {} + : } + : } + 356 30 14: SEQUENCE { + 358 06 3: OBJECT IDENTIFIER + : keyUsage (2 5 29 15) + : (X.509 id-ce (2 5 29)) + 363 01 1: BOOLEAN TRUE + 366 04 4: OCTET STRING, encapsulates { + 368 03 2: BIT STRING 6 unused bits + : '11'B + : } + : } + 372 30 31: SEQUENCE { + 374 06 3: OBJECT IDENTIFIER + : authorityKeyIdentifier (2 5 29 35) + : (X.509 id-ce (2 5 29)) + 379 04 24: OCTET STRING, encapsulates { + 381 30 22: SEQUENCE { + 383 80 20: [0] + : 70 44 3E 82 2E 6F 87 DE 4A D3 75 E3 + : 3D 20 BC 43 2B 93 F1 1F + : } + : } + : } + 405 30 29: SEQUENCE { + 407 06 3: OBJECT IDENTIFIER + : subjectKeyIdentifier (2 5 29 14) + : (X.509 id-ce (2 5 29)) + 412 04 22: OCTET STRING, encapsulates { + 414 04 20: OCTET STRING + : 64 30 99 7D 5C DC 45 0B 99 3A 52 2F + : 16 BF 58 50 DD CE 2B 18 + : } + : } + 436 30 31: SEQUENCE { + 438 06 3: OBJECT IDENTIFIER + : subjectAltName (2 5 29 17) + : (X.509 id-ce (2 5 29)) + 443 04 24: OCTET STRING, encapsulates { + 445 30 22: SEQUENCE { + 447 81 20: [1] 'DianeDSS@example.com' + : } + : } + : } + + + +Hoffman, Ed. Informational [Page 77] + +RFC 4134 Examples of S/MIME Messages July 2005 + + + : } + : } + : } + 469 30 9: SEQUENCE { + 471 06 7: OBJECT IDENTIFIER + : dsaWithSha1 (1 2 840 10040 4 3) + : (ANSI X9.57 algorithm) + : } + 480 03 48: BIT STRING 0 unused bits, encapsulates { + 483 30 45: SEQUENCE { + 485 02 21: INTEGER + : 00 A1 1A F8 17 0E 3E 5D A8 8C F4 B6 + : 55 33 1E 4B E3 2C AC B9 5F + 508 02 20: INTEGER + : 28 4B 10 45 58 D2 1C 9D 55 35 14 18 + : 91 B2 3F 39 DF B5 6E D3 + : } + : } + : } + 530 30 732: SEQUENCE { + 534 30 667: SEQUENCE { + 538 A0 3: [0] { + 540 02 1: INTEGER 2 + : } + 543 02 2: INTEGER 200 + 547 30 9: SEQUENCE { + 549 06 7: OBJECT IDENTIFIER + : dsaWithSha1 (1 2 840 10040 4 3) + : (ANSI X9.57 algorithm) + : } + 558 30 18: SEQUENCE { + 560 31 16: SET { + 562 30 14: SEQUENCE { + 564 06 3: OBJECT IDENTIFIER + : commonName (2 5 4 3) + : (X.520 id-at (2 5 4)) + 569 13 7: PrintableString 'CarlDSS' + : } + : } + : } + 578 30 30: SEQUENCE { + 580 17 13: UTCTime '990817011049Z' + 595 17 13: UTCTime '391231235959Z' + : } + 610 30 19: SEQUENCE { + 612 31 17: SET { + 614 30 15: SEQUENCE { + 616 06 3: OBJECT IDENTIFIER + + + +Hoffman, Ed. Informational [Page 78] + +RFC 4134 Examples of S/MIME Messages July 2005 + + + : commonName (2 5 4 3) + : (X.520 id-at (2 5 4)) + 621 13 8: PrintableString 'AliceDSS' + : } + : } + : } + 631 30 438: SEQUENCE { + 635 30 299: SEQUENCE { + 639 06 7: OBJECT IDENTIFIER + : dsa (1 2 840 10040 4 1) + : (ANSI X9.57 algorithm) + 648 30 286: SEQUENCE { + 652 02 129: INTEGER + : 00 81 8D CD ED 83 EA 0A 9E 39 3E C2 + : 48 28 A3 E4 47 93 DD 0E D7 A8 0E EC + : 53 C5 AB 84 08 4F FF 94 E1 73 48 7E + : 0C D6 F3 44 48 D1 FE 9F AF A4 A1 89 + : 2F E1 D9 30 C8 36 DE 3F 9B BF B7 4C + : DC 5F 69 8A E4 75 D0 37 0C 91 08 95 + : 9B DE A7 5E F9 FC F4 9F 2F DD 43 A8 + : 8B 54 F1 3F B0 07 08 47 4D 5D 88 C3 + : C3 B5 B3 E3 55 08 75 D5 39 76 10 C4 + : 78 BD FF 9D B0 84 97 37 F2 E4 51 1B + : B5 E4 09 96 5C F3 7E 5B DB + 784 02 21: INTEGER + : 00 E2 47 A6 1A 45 66 B8 13 C6 DA 8F + : B8 37 21 2B 62 8B F7 93 CD + 807 02 128: INTEGER + : 26 38 D0 14 89 32 AA 39 FB 3E 6D D9 + : 4B 59 6A 4C 76 23 39 04 02 35 5C F2 + : CB 1A 30 C3 1E 50 5D DD 9B 59 E2 CD + : AA 05 3D 58 C0 7B A2 36 B8 6E 07 AF + : 7D 8A 42 25 A7 F4 75 CF 4A 08 5E 4B + : 3E 90 F8 6D EA 9C C9 21 8A 3B 76 14 + : E9 CE 2E 5D A3 07 CD 23 85 B8 2F 30 + : 01 7C 6D 49 89 11 89 36 44 BD F8 C8 + : 95 4A 53 56 B5 E2 F9 73 EC 1A 61 36 + : 1F 11 7F C2 BD ED D1 50 FF 98 74 C2 + : D1 81 4A 60 39 BA 36 39 + : } + : } + 938 03 132: BIT STRING 0 unused bits, encapsulates { + 942 02 128: INTEGER + : 5C E3 B9 5A 75 14 96 0B A9 7A DD E3 + : 3F A9 EC AC 5E DC BD B7 13 11 34 A6 + : 16 89 28 11 23 D9 34 86 67 75 75 13 + : 12 3D 43 5B 6F E5 51 BF FA 89 F2 A2 + : 1B 3E 24 7D 3D 07 8D 5B 63 C8 BB 45 + + + +Hoffman, Ed. Informational [Page 79] + +RFC 4134 Examples of S/MIME Messages July 2005 + + + : A5 A0 4A E3 85 D6 CE 06 80 3F E8 23 + : 7E 1A F2 24 AB 53 1A B8 27 0D 1E EF + : 08 BF 66 14 80 5C 62 AC 65 FA 15 8B + : F1 BB 34 D4 D2 96 37 F6 61 47 B2 C4 + : 32 84 F0 7E 41 40 FD 46 A7 63 4E 33 + : F2 A5 E2 F4 F2 83 E5 B8 + : } + : } + 1073 A3 129: [3] { + 1076 30 127: SEQUENCE { + 1078 30 12: SEQUENCE { + 1080 06 3: OBJECT IDENTIFIER + : basicConstraints (2 5 29 19) + : (X.509 id-ce (2 5 29)) + 1085 01 1: BOOLEAN TRUE + 1088 04 2: OCTET STRING, encapsulates { + 1090 30 0: SEQUENCE {} + : } + : } + 1092 30 14: SEQUENCE { + 1094 06 3: OBJECT IDENTIFIER + : keyUsage (2 5 29 15) + : (X.509 id-ce (2 5 29)) + 1099 01 1: BOOLEAN TRUE + 1102 04 4: OCTET STRING, encapsulates { + 1104 03 2: BIT STRING 6 unused bits + : '11'B + : } + : } + 1108 30 31: SEQUENCE { + 1110 06 3: OBJECT IDENTIFIER + : authorityKeyIdentifier (2 5 29 35) + : (X.509 id-ce (2 5 29)) + 1115 04 24: OCTET STRING, encapsulates { + 1117 30 22: SEQUENCE { + 1119 80 20: [0] + : 70 44 3E 82 2E 6F 87 DE 4A D3 75 E3 + : 3D 20 BC 43 2B 93 F1 1F + : } + : } + : } + 1141 30 29: SEQUENCE { + 1143 06 3: OBJECT IDENTIFIER + : subjectKeyIdentifier (2 5 29 14) + : (X.509 id-ce (2 5 29)) + 1148 04 22: OCTET STRING, encapsulates { + 1150 04 20: OCTET STRING + : BE 6C A1 B3 E3 C1 F7 ED 43 70 A4 CE + + + +Hoffman, Ed. Informational [Page 80] + +RFC 4134 Examples of S/MIME Messages July 2005 + + + : 13 01 E2 FD E3 97 FE CD + : } + : } + 1172 30 31: SEQUENCE { + 1174 06 3: OBJECT IDENTIFIER + : subjectAltName (2 5 29 17) + : (X.509 id-ce (2 5 29)) + 1179 04 24: OCTET STRING, encapsulates { + 1181 30 22: SEQUENCE { + 1183 81 20: [1] 'AliceDSS@example.com' + : } + : } + : } + : } + : } + : } + 1205 30 9: SEQUENCE { + 1207 06 7: OBJECT IDENTIFIER + : dsaWithSha1 (1 2 840 10040 4 3) + : (ANSI X9.57 algorithm) + : } + 1216 03 48: BIT STRING 0 unused bits, encapsulates { + 1219 30 45: SEQUENCE { + 1221 02 20: INTEGER + : 55 0C A4 19 1F 42 2B 89 71 22 33 8D + : 83 6A B5 3D 67 6B BF 45 + 1243 02 21: INTEGER + : 00 9F 61 53 52 54 0B 5C B2 DD DA E7 + : 76 1D E2 10 52 5B 43 5E BD + : } + : } + : } + : } + 1266 31 198: SET { + 1269 30 97: SEQUENCE { + 1271 02 1: INTEGER 1 + 1274 30 24: SEQUENCE { + 1276 30 18: SEQUENCE { + 1278 31 16: SET { + 1280 30 14: SEQUENCE { + 1282 06 3: OBJECT IDENTIFIER + : commonName (2 5 4 3) + : (X.520 id-at (2 5 4)) + 1287 13 7: PrintableString 'CarlDSS' + : } + : } + : } + 1296 02 2: INTEGER 200 + + + +Hoffman, Ed. Informational [Page 81] + +RFC 4134 Examples of S/MIME Messages July 2005 + + + : } + 1300 30 7: SEQUENCE { + 1302 06 5: OBJECT IDENTIFIER sha1 (1 3 14 3 2 26) + : (OIW) + : } + 1309 30 9: SEQUENCE { + 1311 06 7: OBJECT IDENTIFIER + : dsaWithSha1 (1 2 840 10040 4 3) + : (ANSI X9.57 algorithm) + : } + 1320 04 46: OCTET STRING, encapsulates { + 1322 30 44: SEQUENCE { + 1324 02 20: INTEGER + : 48 24 DE 8B 85 F2 16 AF EC 82 61 A9 + : 54 D0 2D 04 A1 CC 5A 4F + 1346 02 20: INTEGER + : 17 ED D5 77 02 EE 75 13 D8 10 BD 3D + : 97 17 20 88 BB FD 7B 81 + : } + : } + : } + 1368 30 97: SEQUENCE { + 1370 02 1: INTEGER 1 + 1373 30 24: SEQUENCE { + 1375 30 18: SEQUENCE { + 1377 31 16: SET { + 1379 30 14: SEQUENCE { + 1381 06 3: OBJECT IDENTIFIER + : commonName (2 5 4 3) + : (X.520 id-at (2 5 4)) + 1386 13 7: PrintableString 'CarlDSS' + : } + : } + : } + 1395 02 2: INTEGER 210 + : } + 1399 30 7: SEQUENCE { + 1401 06 5: OBJECT IDENTIFIER sha1 (1 3 14 3 2 26) + : (OIW) + : } + 1408 30 9: SEQUENCE { + 1410 06 7: OBJECT IDENTIFIER + : dsaWithSha1 (1 2 840 10040 4 3) + : (ANSI X9.57 algorithm) + : } + 1419 04 46: OCTET STRING, encapsulates { + 1421 30 44: SEQUENCE { + 1423 02 20: INTEGER + + + +Hoffman, Ed. Informational [Page 82] + +RFC 4134 Examples of S/MIME Messages July 2005 + + + : 15 FF 81 4D 8C AD 80 4E 9B 35 58 04 + : 37 6E 63 6E E9 5B 83 FA + 1445 02 20: INTEGER + : 06 7E 58 4E 2B 31 84 41 ED 49 79 38 + : 3E 77 D2 A6 8C 75 08 21 + : } + : } + : } + : } + : } + : } + : } + +4.7. Signing Using SKI + + Same as 4.1, but the signature uses the SKI instead of the + issuer/serial number in the cert. A SignedData with no attribute + certificates, signed by Alice using DSS, just her certificate (not + Carl's root cert), identified by the SKI, no CRL. The message is + ExContent, and is included in the eContent. There are no signed or + unsigned attributes. + + 0 30 915: SEQUENCE { + 4 06 9: OBJECT IDENTIFIER signedData (1 2 840 113549 1 7 2) + : (PKCS #7) + 15 A0 900: [0] { + 19 30 896: SEQUENCE { + 23 02 1: INTEGER 3 + 26 31 9: SET { + 28 30 7: SEQUENCE { + 30 06 5: OBJECT IDENTIFIER sha1 (1 3 14 3 2 26) + : (OIW) + : } + : } + 37 30 43: SEQUENCE { + 39 06 9: OBJECT IDENTIFIER data (1 2 840 113549 1 7 1) + : (PKCS #7) + 50 A0 30: [0] { + 52 04 28: OCTET STRING 'This is some sample content.' + : } + : } + 82 A0 736: [0] { + 86 30 732: SEQUENCE { + 90 30 667: SEQUENCE { + 94 A0 3: [0] { + 96 02 1: INTEGER 2 + : } + 99 02 2: INTEGER 200 + + + +Hoffman, Ed. Informational [Page 83] + +RFC 4134 Examples of S/MIME Messages July 2005 + + + 103 30 9: SEQUENCE { + 105 06 7: OBJECT IDENTIFIER + : dsaWithSha1 (1 2 840 10040 4 3) + : (ANSI X9.57 algorithm) + : } + 114 30 18: SEQUENCE { + 116 31 16: SET { + 118 30 14: SEQUENCE { + 120 06 3: OBJECT IDENTIFIER + : commonName (2 5 4 3) + : (X.520 id-at (2 5 4)) + 125 13 7: PrintableString 'CarlDSS' + : } + : } + : } + 134 30 30: SEQUENCE { + 136 17 13: UTCTime '990817011049Z' + 151 17 13: UTCTime '391231235959Z' + : } + 166 30 19: SEQUENCE { + 168 31 17: SET { + 170 30 15: SEQUENCE { + 172 06 3: OBJECT IDENTIFIER + : commonName (2 5 4 3) + : (X.520 id-at (2 5 4)) + 177 13 8: PrintableString 'AliceDSS' + : } + : } + : } + 187 30 438: SEQUENCE { + 191 30 299: SEQUENCE { + 195 06 7: OBJECT IDENTIFIER + : dsa (1 2 840 10040 4 1) + : (ANSI X9.57 algorithm) + 204 30 286: SEQUENCE { + 208 02 129: INTEGER + : 00 81 8D CD ED 83 EA 0A 9E 39 3E C2 + : 48 28 A3 E4 47 93 DD 0E D7 A8 0E EC + : 53 C5 AB 84 08 4F FF 94 E1 73 48 7E + : 0C D6 F3 44 48 D1 FE 9F AF A4 A1 89 + : 2F E1 D9 30 C8 36 DE 3F 9B BF B7 4C + : DC 5F 69 8A E4 75 D0 37 0C 91 08 95 + : 9B DE A7 5E F9 FC F4 9F 2F DD 43 A8 + : 8B 54 F1 3F B0 07 08 47 4D 5D 88 C3 + : C3 B5 B3 E3 55 08 75 D5 39 76 10 C4 + : 78 BD FF 9D B0 84 97 37 F2 E4 51 1B + : B5 E4 09 96 5C F3 7E 5B DB + 340 02 21: INTEGER + + + +Hoffman, Ed. Informational [Page 84] + +RFC 4134 Examples of S/MIME Messages July 2005 + + + : 00 E2 47 A6 1A 45 66 B8 13 C6 DA 8F + : B8 37 21 2B 62 8B F7 93 CD + 363 02 128: INTEGER + : 26 38 D0 14 89 32 AA 39 FB 3E 6D D9 + : 4B 59 6A 4C 76 23 39 04 02 35 5C F2 + : CB 1A 30 C3 1E 50 5D DD 9B 59 E2 CD + : AA 05 3D 58 C0 7B A2 36 B8 6E 07 AF + : 7D 8A 42 25 A7 F4 75 CF 4A 08 5E 4B + : 3E 90 F8 6D EA 9C C9 21 8A 3B 76 14 + : E9 CE 2E 5D A3 07 CD 23 85 B8 2F 30 + : 01 7C 6D 49 89 11 89 36 44 BD F8 C8 + : 95 4A 53 56 B5 E2 F9 73 EC 1A 61 36 + : 1F 11 7F C2 BD ED D1 50 FF 98 74 C2 + : D1 81 4A 60 39 BA 36 39 + : } + : } + 494 03 132: BIT STRING 0 unused bits, encapsulates { + 498 02 128: INTEGER + : 5C E3 B9 5A 75 14 96 0B A9 7A DD E3 + : 3F A9 EC AC 5E DC BD B7 13 11 34 A6 + : 16 89 28 11 23 D9 34 86 67 75 75 13 + : 12 3D 43 5B 6F E5 51 BF FA 89 F2 A2 + : 1B 3E 24 7D 3D 07 8D 5B 63 C8 BB 45 + : A5 A0 4A E3 85 D6 CE 06 80 3F E8 23 + : 7E 1A F2 24 AB 53 1A B8 27 0D 1E EF + : 08 BF 66 14 80 5C 62 AC 65 FA 15 8B + : F1 BB 34 D4 D2 96 37 F6 61 47 B2 C4 + : 32 84 F0 7E 41 40 FD 46 A7 63 4E 33 + : F2 A5 E2 F4 F2 83 E5 B8 + : } + : } + 629 A3 129: [3] { + 632 30 127: SEQUENCE { + 634 30 12: SEQUENCE { + 636 06 3: OBJECT IDENTIFIER + : basicConstraints (2 5 29 19) + : (X.509 id-ce (2 5 29)) + 641 01 1: BOOLEAN TRUE + 644 04 2: OCTET STRING, encapsulates { + 646 30 0: SEQUENCE {} + : } + : } + 648 30 14: SEQUENCE { + 650 06 3: OBJECT IDENTIFIER + : keyUsage (2 5 29 15) + : (X.509 id-ce (2 5 29)) + 655 01 1: BOOLEAN TRUE + 658 04 4: OCTET STRING, encapsulates { + + + +Hoffman, Ed. Informational [Page 85] + +RFC 4134 Examples of S/MIME Messages July 2005 + + + 660 03 2: BIT STRING 6 unused bits + : '11'B + : } + : } + 664 30 31: SEQUENCE { + 666 06 3: OBJECT IDENTIFIER + : authorityKeyIdentifier (2 5 29 35) + : (X.509 id-ce (2 5 29)) + 671 04 24: OCTET STRING, encapsulates { + 673 30 22: SEQUENCE { + 675 80 20: [0] + : 70 44 3E 82 2E 6F 87 DE 4A D3 75 E3 + : 3D 20 BC 43 2B 93 F1 1F + : } + : } + : } + 697 30 29: SEQUENCE { + 699 06 3: OBJECT IDENTIFIER + : subjectKeyIdentifier (2 5 29 14) + : (X.509 id-ce (2 5 29)) + 704 04 22: OCTET STRING, encapsulates { + 706 04 20: OCTET STRING + : BE 6C A1 B3 E3 C1 F7 ED 43 70 A4 CE + : 13 01 E2 FD E3 97 FE CD + : } + : } + 728 30 31: SEQUENCE { + 730 06 3: OBJECT IDENTIFIER + : subjectAltName (2 5 29 17) + : (X.509 id-ce (2 5 29)) + 735 04 24: OCTET STRING, encapsulates { + 737 30 22: SEQUENCE { + 739 81 20: [1] 'AliceDSS@example.com' + : } + : } + : } + : } + : } + : } + 761 30 9: SEQUENCE { + 763 06 7: OBJECT IDENTIFIER + : dsaWithSha1 (1 2 840 10040 4 3) + : (ANSI X9.57 algorithm) + : } + 772 03 48: BIT STRING 0 unused bits, encapsulates { + 775 30 45: SEQUENCE { + 777 02 20: INTEGER + : 55 0C A4 19 1F 42 2B 89 71 22 33 8D + + + +Hoffman, Ed. Informational [Page 86] + +RFC 4134 Examples of S/MIME Messages July 2005 + + + : 83 6A B5 3D 67 6B BF 45 + 799 02 21: INTEGER + : 00 9F 61 53 52 54 0B 5C B2 DD DA E7 + : 76 1D E2 10 52 5B 43 5E BD + : } + : } + : } + : } + 822 31 95: SET { + 824 30 93: SEQUENCE { + 826 02 1: INTEGER 3 + 829 80 20: [0] + : BE 6C A1 B3 E3 C1 F7 ED 43 70 A4 CE + : 13 01 E2 FD E3 97 FE CD + 851 30 7: SEQUENCE { + 853 06 5: OBJECT IDENTIFIER sha1 (1 3 14 3 2 26) + : (OIW) + : } + 860 30 9: SEQUENCE { + 862 06 7: OBJECT IDENTIFIER dsa (1 2 840 10040 4 1) + : (ANSI X9.57 algorithm) + : } + 871 04 46: OCTET STRING, encapsulates { + 873 30 44: SEQUENCE { + 875 02 20: INTEGER + : 6D 8E 5A CD 28 A0 1F D9 86 AD 7A E9 + : DF AC D7 BE EC BE 3F F8 + 897 02 20: INTEGER + : 7C 8A 06 1E FC A4 41 35 7E F7 24 14 + : FD 3D C0 56 B7 05 27 D5 + : } + : } + : } + : } + : } + : } + : } + +4.8. S/MIME multipart/signed Message + + A full S/MIME message, including MIME, that includes the body part + from 4.3 and the body containing the content of the message. + +MIME-Version: 1.0 +To: User2@examples.com +From: aliceDss@examples.com +Subject: Example 4.8 +Message-Id: <020906002550300.249@examples.com> + + + +Hoffman, Ed. Informational [Page 87] + +RFC 4134 Examples of S/MIME Messages July 2005 + + +Date: Fri, 06 Sep 2002 00:25:21 -0300 +Content-Type: multipart/signed; + micalg=SHA1; + boundary="----=_NextBoundry____Fri,_06_Sep_2002_00:25:21"; + protocol="application/pkcs7-signature" + +This is a multi-part message in MIME format. + +------=_NextBoundry____Fri,_06_Sep_2002_00:25:21 + +This is some sample content. +------=_NextBoundry____Fri,_06_Sep_2002_00:25:21 +Content-Type: application/pkcs7-signature; name=smime.p7s +Content-Transfer-Encoding: base64 +Content-Disposition: attachment; filename=smime.p7s + +MIIDdwYJKoZIhvcNAQcCoIIDaDCCA2QCAQExCTAHBgUrDgMCGjALBgkqhkiG9w0BBwGgggL +gMIIC3DCCApugAwIBAgICAMgwCQYHKoZIzjgEAzASMRAwDgYDVQQDEwdDYXJsRFNTMB4XDT +k5MDgxNzAxMTA0OVoXDTM5MTIzMTIzNTk1OVowEzERMA8GA1UEAxMIQWxpY2VEU1MwggG2M +IIBKwYHKoZIzjgEATCCAR4CgYEAgY3N7YPqCp45PsJIKKPkR5PdDteoDuxTxauECE//lOFz +SH4M1vNESNH+n6+koYkv4dkwyDbeP5u/t0zcX2mK5HXQNwyRCJWb3qde+fz0ny/dQ6iLVPE +/sAcIR01diMPDtbPjVQh11Tl2EMR4vf+dsISXN/LkURu15AmWXPN+W9sCFQDiR6YaRWa4E8 +baj7g3IStii/eTzQKBgCY40BSJMqo5+z5t2UtZakx2IzkEAjVc8ssaMMMeUF3dm1nizaoFP +VjAe6I2uG4Hr32KQiWn9HXPSgheSz6Q+G3qnMkhijt2FOnOLl2jB80jhbgvMAF8bUmJEYk2 +RL34yJVKU1a14vlz7BphNh8Rf8K97dFQ/5h0wtGBSmA5ujY5A4GEAAKBgFzjuVp1FJYLqXr +d4z+p7Kxe3L23ExE0phaJKBEj2TSGZ3V1ExI9Q1tv5VG/+onyohs+JH09B41bY8i7RaWgSu +OF1s4GgD/oI34a8iSrUxq4Jw0e7wi/ZhSAXGKsZfoVi/G7NNTSljf2YUeyxDKE8H5BQP1Gp +2NOM/Kl4vTyg+W4o4GBMH8wDAYDVR0TAQH/BAIwADAOBgNVHQ8BAf8EBAMCBsAwHwYDVR0j +BBgwFoAUcEQ+gi5vh95K03XjPSC8QyuT8R8wHQYDVR0OBBYEFL5sobPjwfftQ3CkzhMB4v3 +jl/7NMB8GA1UdEQQYMBaBFEFsaWNlRFNTQGV4YW1wbGUuY29tMAkGByqGSM44BAMDMAAwLQ +IUVQykGR9CK4lxIjONg2q1PWdrv0UCFQCfYVNSVAtcst3a53Yd4hBSW0NevTFjMGECAQEwG +DASMRAwDgYDVQQDEwdDYXJsRFNTAgIAyDAHBgUrDgMCGjAJBgcqhkjOOAQDBC4wLAIUM/mG +f6gkgp9Z0XtRdGimJeB/BxUCFGFFJqwYRt1WYcIOQoGiaowqGzVI + +------=_NextBoundry____Fri,_06_Sep_2002_00:25:21-- + +4.9. S/MIME application/pkcs7-mime Signed Message + + A full S/MIME message, including the MIME parts. + +MIME-Version: 1.0 +To: User2@examples.com +From: aliceDss@examples.com +Subject: Example 4.9 +Message-Id: <021031164540300.304@examples.com> +Date: Thu, 31 Oct 2002 16:45:14 -0300 +Content-Type: application/pkcs7-mime; smime-type=signed-data; + name=smime.p7m + + + +Hoffman, Ed. Informational [Page 88] + +RFC 4134 Examples of S/MIME Messages July 2005 + + +Content-Transfer-Encoding: base64 +Content-Disposition: attachment; filename=smime.p7m + +MIIDmQYJKoZIhvcNAQcCoIIDijCCA4YCAQExCTAHBgUrDgMCGjAtBgkqhkiG9w0BBwGgIAQ +eDQpUaGlzIGlzIHNvbWUgc2FtcGxlIGNvbnRlbnQuoIIC4DCCAtwwggKboAMCAQICAgDIMA +kGByqGSM44BAMwEjEQMA4GA1UEAxMHQ2FybERTUzAeFw05OTA4MTcwMTEwNDlaFw0zOTEyM +zEyMzU5NTlaMBMxETAPBgNVBAMTCEFsaWNlRFNTMIIBtjCCASsGByqGSM44BAEwggEeAoGB +AIGNze2D6gqeOT7CSCij5EeT3Q7XqA7sU8WrhAhP/5Thc0h+DNbzREjR/p+vpKGJL+HZMMg +23j+bv7dM3F9piuR10DcMkQiVm96nXvn89J8v3UOoi1TxP7AHCEdNXYjDw7Wz41UIddU5dh +DEeL3/nbCElzfy5FEbteQJllzzflvbAhUA4kemGkVmuBPG2o+4NyErYov3k80CgYAmONAUi +TKqOfs+bdlLWWpMdiM5BAI1XPLLGjDDHlBd3ZtZ4s2qBT1YwHuiNrhuB699ikIlp/R1z0oI +Xks+kPht6pzJIYo7dhTpzi5dowfNI4W4LzABfG1JiRGJNkS9+MiVSlNWteL5c+waYTYfEX/ +Cve3RUP+YdMLRgUpgObo2OQOBhAACgYBc47ladRSWC6l63eM/qeysXty9txMRNKYWiSgRI9 +k0hmd1dRMSPUNbb+VRv/qJ8qIbPiR9PQeNW2PIu0WloErjhdbOBoA/6CN+GvIkq1MauCcNH +u8Iv2YUgFxirGX6FYvxuzTU0pY39mFHssQyhPB+QUD9RqdjTjPypeL08oPluKOBgTB/MAwG +A1UdEwEB/wQCMAAwDgYDVR0PAQH/BAQDAgbAMB8GA1UdIwQYMBaAFHBEPoIub4feStN14z0 +gvEMrk/EfMB0GA1UdDgQWBBS+bKGz48H37UNwpM4TAeL945f+zTAfBgNVHREEGDAWgRRBbG +ljZURTU0BleGFtcGxlLmNvbTAJBgcqhkjOOAQDAzAAMC0CFFUMpBkfQiuJcSIzjYNqtT1na +79FAhUAn2FTUlQLXLLd2ud2HeIQUltDXr0xYzBhAgEBMBgwEjEQMA4GA1UEAxMHQ2FybERT +UwICAMgwBwYFKw4DAhowCQYHKoZIzjgEAwQuMCwCFD1cSW6LIUFzeXle3YI5SKSBer/sAhQ +mCq7s/CTFHOEjgASeUjbMpx5g6A== + +4.10. SignedData with Attributes + + A SignedData message with the following list of signedAttributes: + + -unknown OID + -contentHints + -smimeCapablilties + -securityLabel + -ContentReference + -smimeEncryptKeyPreference + -mlExpansionHistory + -EquivalentLabel + + 0 30 2047: SEQUENCE { + 4 06 9: OBJECT IDENTIFIER signedData (1 2 840 113549 1 7 2) + : (PKCS #7) + 15 A0 2032: [0] { + 19 30 2028: SEQUENCE { + 23 02 1: INTEGER 1 + 26 31 9: SET { + 28 30 7: SEQUENCE { + 30 06 5: OBJECT IDENTIFIER sha1 (1 3 14 3 2 26) + : (OIW) + : } + : } + 37 30 43: SEQUENCE { + + + +Hoffman, Ed. Informational [Page 89] + +RFC 4134 Examples of S/MIME Messages July 2005 + + + 39 06 9: OBJECT IDENTIFIER data (1 2 840 113549 1 7 1) + : (PKCS #7) + 50 A0 30: [0] { + 52 04 28: OCTET STRING 'This is some sample content.' + : } + : } + 82 A0 736: [0] { + 86 30 732: SEQUENCE { + 90 30 667: SEQUENCE { + 94 A0 3: [0] { + 96 02 1: INTEGER 2 + : } + 99 02 2: INTEGER 200 + 103 30 9: SEQUENCE { + 105 06 7: OBJECT IDENTIFIER + : dsaWithSha1 (1 2 840 10040 4 3) + : (ANSI X9.57 algorithm) + : } + 114 30 18: SEQUENCE { + 116 31 16: SET { + 118 30 14: SEQUENCE { + 120 06 3: OBJECT IDENTIFIER + : commonName (2 5 4 3) + : (X.520 id-at (2 5 4)) + 125 13 7: PrintableString 'CarlDSS' + : } + : } + : } + 134 30 30: SEQUENCE { + 136 17 13: UTCTime '990817011049Z' + 151 17 13: UTCTime '391231235959Z' + : } + 166 30 19: SEQUENCE { + 168 31 17: SET { + 170 30 15: SEQUENCE { + 172 06 3: OBJECT IDENTIFIER + : commonName (2 5 4 3) + : (X.520 id-at (2 5 4)) + 177 13 8: PrintableString 'AliceDSS' + : } + : } + : } + 187 30 438: SEQUENCE { + 191 30 299: SEQUENCE { + 195 06 7: OBJECT IDENTIFIER + : dsa (1 2 840 10040 4 1) + : (ANSI X9.57 algorithm) + 204 30 286: SEQUENCE { + + + +Hoffman, Ed. Informational [Page 90] + +RFC 4134 Examples of S/MIME Messages July 2005 + + + 208 02 129: INTEGER + : 00 81 8D CD ED 83 EA 0A 9E 39 3E C2 + : 48 28 A3 E4 47 93 DD 0E D7 A8 0E EC + : 53 C5 AB 84 08 4F FF 94 E1 73 48 7E + : 0C D6 F3 44 48 D1 FE 9F AF A4 A1 89 + : 2F E1 D9 30 C8 36 DE 3F 9B BF B7 4C + : DC 5F 69 8A E4 75 D0 37 0C 91 08 95 + : 9B DE A7 5E F9 FC F4 9F 2F DD 43 A8 + : 8B 54 F1 3F B0 07 08 47 4D 5D 88 C3 + : C3 B5 B3 E3 55 08 75 D5 39 76 10 C4 + : 78 BD FF 9D B0 84 97 37 F2 E4 51 1B + : B5 E4 09 96 5C F3 7E 5B DB + 340 02 21: INTEGER + : 00 E2 47 A6 1A 45 66 B8 13 C6 DA 8F + : B8 37 21 2B 62 8B F7 93 CD + 363 02 128: INTEGER + : 26 38 D0 14 89 32 AA 39 FB 3E 6D D9 + : 4B 59 6A 4C 76 23 39 04 02 35 5C F2 + : CB 1A 30 C3 1E 50 5D DD 9B 59 E2 CD + : AA 05 3D 58 C0 7B A2 36 B8 6E 07 AF + : 7D 8A 42 25 A7 F4 75 CF 4A 08 5E 4B + : 3E 90 F8 6D EA 9C C9 21 8A 3B 76 14 + : E9 CE 2E 5D A3 07 CD 23 85 B8 2F 30 + : 01 7C 6D 49 89 11 89 36 44 BD F8 C8 + : 95 4A 53 56 B5 E2 F9 73 EC 1A 61 36 + : 1F 11 7F C2 BD ED D1 50 FF 98 74 C2 + : D1 81 4A 60 39 BA 36 39 + : } + : } + 494 03 132: BIT STRING 0 unused bits, encapsulates { + 498 02 128: INTEGER + : 5C E3 B9 5A 75 14 96 0B A9 7A DD E3 + : 3F A9 EC AC 5E DC BD B7 13 11 34 A6 + : 16 89 28 11 23 D9 34 86 67 75 75 13 + : 12 3D 43 5B 6F E5 51 BF FA 89 F2 A2 + : 1B 3E 24 7D 3D 07 8D 5B 63 C8 BB 45 + : A5 A0 4A E3 85 D6 CE 06 80 3F E8 23 + : 7E 1A F2 24 AB 53 1A B8 27 0D 1E EF + : 08 BF 66 14 80 5C 62 AC 65 FA 15 8B + : F1 BB 34 D4 D2 96 37 F6 61 47 B2 C4 + : 32 84 F0 7E 41 40 FD 46 A7 63 4E 33 + : F2 A5 E2 F4 F2 83 E5 B8 + : } + : } + 629 A3 129: [3] { + 632 30 127: SEQUENCE { + 634 30 12: SEQUENCE { + 636 06 3: OBJECT IDENTIFIER + + + +Hoffman, Ed. Informational [Page 91] + +RFC 4134 Examples of S/MIME Messages July 2005 + + + : basicConstraints (2 5 29 19) + : (X.509 id-ce (2 5 29)) + 641 01 1: BOOLEAN TRUE + 644 04 2: OCTET STRING, encapsulates { + 646 30 0: SEQUENCE {} + : } + : } + 648 30 14: SEQUENCE { + 650 06 3: OBJECT IDENTIFIER + : keyUsage (2 5 29 15) + : (X.509 id-ce (2 5 29)) + 655 01 1: BOOLEAN TRUE + 658 04 4: OCTET STRING, encapsulates { + 660 03 2: BIT STRING 6 unused bits + : '11'B + : } + : } + 664 30 31: SEQUENCE { + 666 06 3: OBJECT IDENTIFIER + : authorityKeyIdentifier (2 5 29 35) + : (X.509 id-ce (2 5 29)) + 671 04 24: OCTET STRING, encapsulates { + 673 30 22: SEQUENCE { + 675 80 20: [0] + : 70 44 3E 82 2E 6F 87 DE 4A D3 75 E3 + : 3D 20 BC 43 2B 93 F1 1F + : } + : } + : } + 697 30 29: SEQUENCE { + 699 06 3: OBJECT IDENTIFIER + : subjectKeyIdentifier (2 5 29 14) + : (X.509 id-ce (2 5 29)) + 704 04 22: OCTET STRING, encapsulates { + 706 04 20: OCTET STRING + : BE 6C A1 B3 E3 C1 F7 ED 43 70 A4 CE + : 13 01 E2 FD E3 97 FE CD + : } + : } + 728 30 31: SEQUENCE { + 730 06 3: OBJECT IDENTIFIER + : subjectAltName (2 5 29 17) + : (X.509 id-ce (2 5 29)) + 735 04 24: OCTET STRING, encapsulates { + 737 30 22: SEQUENCE { + 739 81 20: [1] 'AliceDSS@example.com' + : } + : } + + + +Hoffman, Ed. Informational [Page 92] + +RFC 4134 Examples of S/MIME Messages July 2005 + + + : } + : } + : } + : } + 761 30 9: SEQUENCE { + 763 06 7: OBJECT IDENTIFIER + : dsaWithSha1 (1 2 840 10040 4 3) + : (ANSI X9.57 algorithm) + : } + 772 03 48: BIT STRING 0 unused bits, encapsulates { + 775 30 45: SEQUENCE { + 777 02 20: INTEGER + : 55 0C A4 19 1F 42 2B 89 71 22 33 8D + : 83 6A B5 3D 67 6B BF 45 + 799 02 21: INTEGER + : 00 9F 61 53 52 54 0B 5C B2 DD DA E7 + : 76 1D E2 10 52 5B 43 5E BD + : } + : } + : } + : } + 822 31 1225: SET { + 826 30 1221: SEQUENCE { + 830 02 1: INTEGER 1 + 833 30 24: SEQUENCE { + 835 30 18: SEQUENCE { + 837 31 16: SET { + 839 30 14: SEQUENCE { + 841 06 3: OBJECT IDENTIFIER + : commonName (2 5 4 3) + : (X.520 id-at (2 5 4)) + 846 13 7: PrintableString 'CarlDSS' + : } + : } + : } + 855 02 2: INTEGER 200 + : } + 859 30 7: SEQUENCE { + 861 06 5: OBJECT IDENTIFIER sha1 (1 3 14 3 2 26) + : (OIW) + : } + 868 A0 1119: [0] { + 872 30 24: SEQUENCE { + 874 06 9: OBJECT IDENTIFIER + : contentType (1 2 840 113549 1 9 3) + : (PKCS #9 (1 2 840 113549 1 9)) + 885 31 11: SET { + 887 06 9: OBJECT IDENTIFIER + + + +Hoffman, Ed. Informational [Page 93] + +RFC 4134 Examples of S/MIME Messages July 2005 + + + : data (1 2 840 113549 1 7 1) + : (PKCS #7) + : } + : } + 898 30 35: SEQUENCE { + 900 06 9: OBJECT IDENTIFIER + : messageDigest (1 2 840 113549 1 9 4) + : (PKCS #9 (1 2 840 113549 1 9)) + 911 31 22: SET { + 913 04 20: OCTET STRING + : 40 6A EC 08 52 79 BA 6E 16 02 2D 9E + : 06 29 C0 22 96 87 DD 48 + : } + : } + 935 30 56: SEQUENCE { + 937 06 3: OBJECT IDENTIFIER '1 2 5555' + 942 31 49: SET { + 944 04 47: OCTET STRING + : 'This is a test General ASN Attribut' + : 'e, number 1.' + : } + : } + 993 30 62: SEQUENCE { + 995 06 11: OBJECT IDENTIFIER + : id-aa-contentHint + : (1 2 840 113549 1 9 16 2 4) + : (S/MIME Authenticated Attributes + : (1 2 840 113549 1 9 16 2)) +1008 31 47: SET { +1010 30 45: SEQUENCE { +1012 0C 32: UTF8String + : 'Content Hints Description Buffer' +1046 06 9: OBJECT IDENTIFIER + : data (1 2 840 113549 1 7 1) + : (PKCS #7) + : } + : } + : } +1057 30 74: SEQUENCE { +1059 06 9: OBJECT IDENTIFIER + : sMIMECapabilities + : (1 2 840 113549 1 9 15) + : (PKCS #9 + : (1 2 840 113549 1 9)) +1070 31 61: SET { +1072 30 59: SEQUENCE { +1074 30 7: SEQUENCE { +1076 06 5: OBJECT IDENTIFIER '1 2 3 4 5 6' + + + +Hoffman, Ed. Informational [Page 94] + +RFC 4134 Examples of S/MIME Messages July 2005 + + + : } +1083 30 48: SEQUENCE { +1085 06 6: OBJECT IDENTIFIER '1 2 3 4 5 6 77' +1093 04 38: OCTET STRING + : 'Smime Capabilities parameters buffe' + : 'r 2' + : } + : } + : } + : } +1133 30 109: SEQUENCE { +1135 06 11: OBJECT IDENTIFIER + : id-aa-securityLabel + : (1 2 840 113549 1 9 16 2 2) + : (S/MIME Authenticated Attributes + : (1 2 840 113549 1 9 16 2)) +1148 31 94: SET { +1150 31 92: SET { +1152 02 1: INTEGER 1 +1155 06 7: OBJECT IDENTIFIER '1 2 3 4 5 6 7 8' +1164 13 27: PrintableString + : 'THIS IS A PRIVACY MARK TEST' +1193 31 49: SET { +1195 30 47: SEQUENCE { +1197 80 8: [0] + : 2A 03 04 05 06 07 86 78 +1207 A1 35: [1] { +1209 13 33: PrintableString + : 'THIS IS A TEST SECURITY-' + : 'CATEGORY.' + : } + : } + : } + : } + : } + : } +1244 30 111: SEQUENCE { +1246 06 11: OBJECT IDENTIFIER + : id-aa-contentReference + : (1 2 840 113549 1 9 16 2 10) + : (S/MIME Authenticated Attributes + : (1 2 840 113549 1 9 16 2)) +1259 31 96: SET { +1261 30 94: SEQUENCE { +1263 06 5: OBJECT IDENTIFIER '1 2 3 4 5 6' +1270 04 43: OCTET STRING + : 'Content Reference Content Identifie' + : 'r Buffer' + + + +Hoffman, Ed. Informational [Page 95] + +RFC 4134 Examples of S/MIME Messages July 2005 + + +1315 04 40: OCTET STRING + : 'Content Reference Signature Value B' + : 'uffer' + : } + : } + : } +1357 30 115: SEQUENCE { +1359 06 11: OBJECT IDENTIFIER + : id-aa-encrypKeyPref + : (1 2 840 113549 1 9 16 2 11) + : (S/MIME Authenticated Attributes + : (1 2 840 113549 1 9 16 2)) +1372 31 100: SET { +1374 A0 98: [0] { +1376 30 90: SEQUENCE { +1378 31 11: SET { +1380 30 9: SEQUENCE { +1382 06 3: OBJECT IDENTIFIER + : countryName (2 5 4 6) + : (X.520 id-at (2 5 4)) +1387 13 2: PrintableString 'US' + : } + : } +1391 31 22: SET { +1393 30 20: SEQUENCE { +1395 06 3: OBJECT IDENTIFIER + : organizationName (2 5 4 10) + : (X.520 id-at (2 5 4)) +1400 13 13: PrintableString 'US Government' + : } + : } +1415 31 17: SET { +1417 30 15: SEQUENCE { +1419 06 3: OBJECT IDENTIFIER + : organizationalUnitName + : (2 5 4 11) + : (X.520 id-at (2 5 4)) +1424 13 8: PrintableString 'VDA Site' + : } + : } +1434 31 12: SET { +1436 30 10: SEQUENCE { +1438 06 3: OBJECT IDENTIFIER + : organizationalUnitName + : (2 5 4 11) + : (X.520 id-at (2 5 4)) +1443 13 3: PrintableString 'VDA' + : } + + + +Hoffman, Ed. Informational [Page 96] + +RFC 4134 Examples of S/MIME Messages July 2005 + + + : } +1448 31 18: SET { +1450 30 16: SEQUENCE { +1452 06 3: OBJECT IDENTIFIER + : commonName (2 5 4 3) + : (X.520 id-at (2 5 4)) +1457 13 9: PrintableString 'Daisy RSA' + : } + : } + : } +1468 02 4: INTEGER 173360179 + : } + : } + : } +1474 30 252: SEQUENCE { +1477 06 11: OBJECT IDENTIFIER + : id-aa-mlExpandHistory + : (1 2 840 113549 1 9 16 2 3) + : (S/MIME Authenticated Attributes + : (1 2 840 113549 1 9 16 2)) +1490 31 236: SET { +1493 30 233: SEQUENCE { +1496 30 230: SEQUENCE { +1499 04 7: OCTET STRING '5738299' +1508 18 15: GeneralizedTime '19990311104433Z' +1525 A1 201: [1] { +1528 30 198: SEQUENCE { +1531 A4 97: [4] { +1533 30 95: SEQUENCE { +1535 31 11: SET { +1537 30 9: SEQUENCE { +1539 06 3: OBJECT IDENTIFIER + : countryName (2 5 4 6) + : (X.520 id-at (2 5 4)) +1544 13 2: PrintableString 'US' + : } + : } +1548 31 22: SET { +1550 30 20: SEQUENCE { +1552 06 3: OBJECT IDENTIFIER + : organizationName + : (2 5 4 10) + : (X.520 id-at (2 5 4)) +1557 13 13: PrintableString + : 'US Government' + : } + : } +1572 31 17: SET { + + + +Hoffman, Ed. Informational [Page 97] + +RFC 4134 Examples of S/MIME Messages July 2005 + + +1574 30 15: SEQUENCE { +1576 06 3: OBJECT IDENTIFIER + : organizationalUnitName + : (2 5 4 11) + : (X.520 id-at (2 5 4)) +1581 13 8: PrintableString + : 'VDA Site' + : } + : } +1591 31 12: SET { +1593 30 10: SEQUENCE { +1595 06 3: OBJECT IDENTIFIER + : organizationalUnitName + : (2 5 4 11) + : (X.520 id-at (2 5 4)) +1600 13 3: PrintableString 'VDA' + : } + : } +1605 31 23: SET { +1607 30 21: SEQUENCE { +1609 06 3: OBJECT IDENTIFIER + : commonName (2 5 4 3) + : (X.520 id-at (2 5 4)) +1614 13 14: PrintableString + : 'Bugs Bunny DSA' + : } + : } + : } + : } +1630 A4 97: [4] { +1632 30 95: SEQUENCE { +1634 31 11: SET { +1636 30 9: SEQUENCE { +1638 06 3: OBJECT IDENTIFIER + : countryName (2 5 4 6) + : (X.520 id-at (2 5 4)) +1643 13 2: PrintableString 'US' + : } + : } +1647 31 22: SET { +1649 30 20: SEQUENCE { +1651 06 3: OBJECT IDENTIFIER + : organizationName + : (2 5 4 10) + : (X.520 id-at (2 5 4)) +1656 13 13: PrintableString + : 'US Government' + : } + + + +Hoffman, Ed. Informational [Page 98] + +RFC 4134 Examples of S/MIME Messages July 2005 + + + : } +1671 31 17: SET { +1673 30 15: SEQUENCE { +1675 06 3: OBJECT IDENTIFIER + : organizationalUnitName + : (2 5 4 11) + : (X.520 id-at (2 5 4)) +1680 13 8: PrintableString + : 'VDA Site' + : } + : } +1690 31 12: SET { +1692 30 10: SEQUENCE { +1694 06 3: OBJECT IDENTIFIER + : organizationalUnitName + : (2 5 4 11) + : (X.520 id-at (2 5 4)) +1699 13 3: PrintableString 'VDA' + : } + : } +1704 31 23: SET { +1706 30 21: SEQUENCE { +1708 06 3: OBJECT IDENTIFIER + : commonName (2 5 4 3) + : (X.520 id-at (2 5 4)) +1713 13 14: PrintableString + : 'Elmer Fudd DSA' + : } + : } + : } + : } + : } + : } + : } + : } + : } + : } +1729 30 258: SEQUENCE { +1733 06 11: OBJECT IDENTIFIER + : id-aa-equivalentLabels + : (1 2 840 113549 1 9 16 2 9) + : (S/MIME Authenticated Attributes + : (1 2 840 113549 1 9 16 2)) +1746 31 242: SET { +1749 30 239: SEQUENCE { +1752 31 114: SET { +1754 02 1: INTEGER 1 +1757 06 7: OBJECT IDENTIFIER '1 2 3 4 5 6 7 9' + + + +Hoffman, Ed. Informational [Page 99] + +RFC 4134 Examples of S/MIME Messages July 2005 + + +1766 13 38: PrintableString + : 'EQUIVALENT THIS IS A PRIVACY MARK T' + : 'EST' +1806 31 60: SET { +1808 30 58: SEQUENCE { +1810 80 8: [0] + : 2A 03 04 05 06 07 86 78 +1820 A1 46: [1] { +1822 13 44: PrintableString + : 'EQUIVALENT THIS IS A TEST SECURITY-' + : 'CATEGORY.' + : } + : } + : } + : } +1868 31 121: SET { +1870 02 1: INTEGER 1 +1873 06 7: OBJECT IDENTIFIER + : '1 2 3 4 5 6 7 10' +1882 13 45: PrintableString + : 'EQUIVALENT THIS IS A SECOND PRIVACY' + : ' MARK TEST' +1929 31 60: SET { +1931 30 58: SEQUENCE { +1933 80 8: [0] + : 2A 03 04 05 06 07 86 78 +1943 A1 46: [1] { +1945 13 44: PrintableString + : 'EQUIVALENT THIS IS A TEST SECURITY-' + : 'CATEGORY.' + : } + : } + : } + : } + : } + : } + : } + : } +1991 30 9: SEQUENCE { +1993 06 7: OBJECT IDENTIFIER + : dsaWithSha1 (1 2 840 10040 4 3) + : (ANSI X9.57 algorithm) + : } +2002 04 47: OCTET STRING, encapsulates { +2004 30 45: SEQUENCE { +2006 02 21: INTEGER + : 00 BC 33 37 65 C4 F7 70 5C 17 49 13 + : AA 4C 85 CA BB 52 91 48 59 + + + +Hoffman, Ed. Informational [Page 100] + +RFC 4134 Examples of S/MIME Messages July 2005 + + +2029 02 20: INTEGER + : 63 96 A2 14 8B CF 57 DE B0 48 5F 6C + : 64 DD 84 04 49 5F 1C CA + : } + : } + : } + : } + : } + : } + : } + +4.11. SignedData with Certificates Only + + CA SignedData message with no content or signature, containing only + Alices's and Carl's certificates. + + 0 30 1672: SEQUENCE { + 4 06 9: OBJECT IDENTIFIER signedData (1 2 840 113549 1 7 2) + : (PKCS #7) + 15 A0 1657: [0] { + 19 30 1653: SEQUENCE { + 23 02 1: INTEGER 1 + 26 31 0: SET {} + 28 30 11: SEQUENCE { + 30 06 9: OBJECT IDENTIFIER data (1 2 840 113549 1 7 1) + : (PKCS #7) + : } + 41 A0 1407: [0] { + 45 30 667: SEQUENCE { + 49 30 602: SEQUENCE { + 53 A0 3: [0] { + 55 02 1: INTEGER 2 + : } + 58 02 1: INTEGER 1 + 61 30 9: SEQUENCE { + 63 06 7: OBJECT IDENTIFIER + : dsaWithSha1 (1 2 840 10040 4 3) + : (ANSI X9.57 algorithm) + : } + 72 30 18: SEQUENCE { + 74 31 16: SET { + 76 30 14: SEQUENCE { + 78 06 3: OBJECT IDENTIFIER + : commonName (2 5 4 3) + : (X.520 id-at (2 5 4)) + 83 13 7: PrintableString 'CarlDSS' + : } + : } + + + +Hoffman, Ed. Informational [Page 101] + +RFC 4134 Examples of S/MIME Messages July 2005 + + + : } + 92 30 30: SEQUENCE { + 94 17 13: UTCTime '990816225050Z' + 109 17 13: UTCTime '391231235959Z' + : } + 124 30 18: SEQUENCE { + 126 31 16: SET { + 128 30 14: SEQUENCE { + 130 06 3: OBJECT IDENTIFIER + : commonName (2 5 4 3) + : (X.520 id-at (2 5 4)) + 135 13 7: PrintableString 'CarlDSS' + : } + : } + : } + 144 30 439: SEQUENCE { + 148 30 299: SEQUENCE { + 152 06 7: OBJECT IDENTIFIER + : dsa (1 2 840 10040 4 1) + : (ANSI X9.57 algorithm) + 161 30 286: SEQUENCE { + 165 02 129: INTEGER + : 00 B6 49 18 3E 8A 44 C1 29 71 94 4C + : 01 C4 12 C1 7A 79 CB 54 4D AB 1E 81 + : FB C6 4C B3 0E 94 09 06 EB 01 D4 B1 + : C8 71 4B C7 45 C0 50 25 5D 9C FC DA + : E4 6D D3 E2 86 48 84 82 7D BA 15 95 + : 4A 16 F6 46 ED DD F6 98 D2 BB 7E 8A + : 0A 8A BA 16 7B B9 50 01 48 93 8B EB + : 25 15 51 97 55 DC 8F 53 0E 10 A9 50 + : FC 70 B7 CD 30 54 FD DA DE A8 AA 22 + : B5 A1 AF 8B CC 02 88 E7 8B 70 5F B9 + : AD E1 08 D4 6D 29 2D D6 E9 + 297 02 21: INTEGER + : 00 DD C1 2F DF 53 CE 0B 34 60 77 3E + : 02 A4 BF 8A 5D 98 B9 10 D5 + 320 02 128: INTEGER + : 0C EE 57 9B 4B BD DA B6 07 6A 74 37 + : 4F 55 7F 9D ED BC 61 0D EB 46 59 3C + : 56 0B 2B 5B 0C 91 CE A5 62 52 69 CA + : E1 6D 3E BD BF FE E1 B7 B9 2B 61 3C + : AD CB AE 45 E3 06 AC 8C 22 9D 9C 44 + : 87 0B C7 CD F0 1C D9 B5 4E 5D 73 DE + : AF 0E C9 1D 5A 51 F5 4F 44 79 35 5A + : 73 AA 7F 46 51 1F A9 42 16 9C 48 EB + : 8A 79 61 B4 D5 2F 53 22 44 63 1F 86 + : B8 A3 58 06 25 F8 29 C0 EF BA E0 75 + : F0 42 C4 63 65 52 9B 0A + + + +Hoffman, Ed. Informational [Page 102] + +RFC 4134 Examples of S/MIME Messages July 2005 + + + : } + : } + 451 03 133: BIT STRING 0 unused bits, encapsulates { + 455 02 129: INTEGER + : 00 99 87 74 27 03 66 A0 B1 C0 AD DC + : 2C 75 BB E1 6C 44 9C DA 21 6D 4D 47 + : 6D B1 62 09 E9 D8 AE 1E F2 3A B4 94 + : B1 A3 8E 7A 9B 71 4E 00 94 C9 B4 25 + : 4E B9 60 96 19 24 01 F3 62 0C FE 75 + : C0 FB CE D8 68 00 E3 FD D5 70 4F DF + : 23 96 19 06 94 F4 B1 61 8F 3A 57 B1 + : 08 11 A4 0B 26 25 F0 52 76 81 EA 0B + : 62 0D 95 2A E6 86 BA 72 B2 A7 50 83 + : 0B AA 27 CD 1B A9 4D 89 9A D7 8D 18 + : 39 84 3F 8B C5 56 4D 80 7A + : } + : } + 587 A3 66: [3] { + 589 30 64: SEQUENCE { + 591 30 15: SEQUENCE { + 593 06 3: OBJECT IDENTIFIER + : basicConstraints (2 5 29 19) + : (X.509 id-ce (2 5 29)) + 598 01 1: BOOLEAN TRUE + 601 04 5: OCTET STRING, encapsulates { + 603 30 3: SEQUENCE { + 605 01 1: BOOLEAN TRUE + : } + : } + : } + 608 30 14: SEQUENCE { + 610 06 3: OBJECT IDENTIFIER + : keyUsage (2 5 29 15) + : (X.509 id-ce (2 5 29)) + 615 01 1: BOOLEAN TRUE + 618 04 4: OCTET STRING, encapsulates { + 620 03 2: BIT STRING 1 unused bits + : '1100001'B + : } + : } + 624 30 29: SEQUENCE { + 626 06 3: OBJECT IDENTIFIER + : subjectKeyIdentifier (2 5 29 14) + : (X.509 id-ce (2 5 29)) + 631 04 22: OCTET STRING, encapsulates { + 633 04 20: OCTET STRING + : 70 44 3E 82 2E 6F 87 DE 4A D3 75 E3 + : 3D 20 BC 43 2B 93 F1 1F + + + +Hoffman, Ed. Informational [Page 103] + +RFC 4134 Examples of S/MIME Messages July 2005 + + + : } + : } + : } + : } + : } + 655 30 9: SEQUENCE { + 657 06 7: OBJECT IDENTIFIER + : dsaWithSha1 (1 2 840 10040 4 3) + : (ANSI X9.57 algorithm) + : } + 666 03 48: BIT STRING 0 unused bits, encapsulates { + 669 30 45: SEQUENCE { + 671 02 20: INTEGER + : 6B A9 F0 4E 7A 5A 79 E3 F9 BE 3D 2B + : C9 06 37 E9 11 17 A1 13 + 693 02 21: INTEGER + : 00 8F 34 69 2A 8B B1 3C 03 79 94 32 + : 4D 12 1F CE 89 FB 46 B2 3B + : } + : } + : } + 716 30 732: SEQUENCE { + 720 30 667: SEQUENCE { + 724 A0 3: [0] { + 726 02 1: INTEGER 2 + : } + 729 02 2: INTEGER 200 + 733 30 9: SEQUENCE { + 735 06 7: OBJECT IDENTIFIER + : dsaWithSha1 (1 2 840 10040 4 3) + : (ANSI X9.57 algorithm) + : } + 744 30 18: SEQUENCE { + 746 31 16: SET { + 748 30 14: SEQUENCE { + 750 06 3: OBJECT IDENTIFIER + : commonName (2 5 4 3) + : (X.520 id-at (2 5 4)) + 755 13 7: PrintableString 'CarlDSS' + : } + : } + : } + 764 30 30: SEQUENCE { + 766 17 13: UTCTime '990817011049Z' + 781 17 13: UTCTime '391231235959Z' + : } + 796 30 19: SEQUENCE { + 798 31 17: SET { + + + +Hoffman, Ed. Informational [Page 104] + +RFC 4134 Examples of S/MIME Messages July 2005 + + + 800 30 15: SEQUENCE { + 802 06 3: OBJECT IDENTIFIER + : commonName (2 5 4 3) + : (X.520 id-at (2 5 4)) + 807 13 8: PrintableString 'AliceDSS' + : } + : } + : } + 817 30 438: SEQUENCE { + 821 30 299: SEQUENCE { + 825 06 7: OBJECT IDENTIFIER + : dsa (1 2 840 10040 4 1) + : (ANSI X9.57 algorithm) + 834 30 286: SEQUENCE { + 838 02 129: INTEGER + : 00 81 8D CD ED 83 EA 0A 9E 39 3E C2 + : 48 28 A3 E4 47 93 DD 0E D7 A8 0E EC + : 53 C5 AB 84 08 4F FF 94 E1 73 48 7E + : 0C D6 F3 44 48 D1 FE 9F AF A4 A1 89 + : 2F E1 D9 30 C8 36 DE 3F 9B BF B7 4C + : DC 5F 69 8A E4 75 D0 37 0C 91 08 95 + : 9B DE A7 5E F9 FC F4 9F 2F DD 43 A8 + : 8B 54 F1 3F B0 07 08 47 4D 5D 88 C3 + : C3 B5 B3 E3 55 08 75 D5 39 76 10 C4 + : 78 BD FF 9D B0 84 97 37 F2 E4 51 1B + : B5 E4 09 96 5C F3 7E 5B DB + 970 02 21: INTEGER + : 00 E2 47 A6 1A 45 66 B8 13 C6 DA 8F + : B8 37 21 2B 62 8B F7 93 CD + 993 02 128: INTEGER + : 26 38 D0 14 89 32 AA 39 FB 3E 6D D9 + : 4B 59 6A 4C 76 23 39 04 02 35 5C F2 + : CB 1A 30 C3 1E 50 5D DD 9B 59 E2 CD + : AA 05 3D 58 C0 7B A2 36 B8 6E 07 AF + : 7D 8A 42 25 A7 F4 75 CF 4A 08 5E 4B + : 3E 90 F8 6D EA 9C C9 21 8A 3B 76 14 + : E9 CE 2E 5D A3 07 CD 23 85 B8 2F 30 + : 01 7C 6D 49 89 11 89 36 44 BD F8 C8 + : 95 4A 53 56 B5 E2 F9 73 EC 1A 61 36 + : 1F 11 7F C2 BD ED D1 50 FF 98 74 C2 + : D1 81 4A 60 39 BA 36 39 + : } + : } +1124 03 132: BIT STRING 0 unused bits, encapsulates { +1128 02 128: INTEGER + : 5C E3 B9 5A 75 14 96 0B A9 7A DD E3 + : 3F A9 EC AC 5E DC BD B7 13 11 34 A6 + : 16 89 28 11 23 D9 34 86 67 75 75 13 + + + +Hoffman, Ed. Informational [Page 105] + +RFC 4134 Examples of S/MIME Messages July 2005 + + + : 12 3D 43 5B 6F E5 51 BF FA 89 F2 A2 + : 1B 3E 24 7D 3D 07 8D 5B 63 C8 BB 45 + : A5 A0 4A E3 85 D6 CE 06 80 3F E8 23 + : 7E 1A F2 24 AB 53 1A B8 27 0D 1E EF + : 08 BF 66 14 80 5C 62 AC 65 FA 15 8B + : F1 BB 34 D4 D2 96 37 F6 61 47 B2 C4 + : 32 84 F0 7E 41 40 FD 46 A7 63 4E 33 + : F2 A5 E2 F4 F2 83 E5 B8 + : } + : } +1259 A3 129: [3] { +1262 30 127: SEQUENCE { +1264 30 12: SEQUENCE { +1266 06 3: OBJECT IDENTIFIER + : basicConstraints (2 5 29 19) + : (X.509 id-ce (2 5 29)) +1271 01 1: BOOLEAN TRUE +1274 04 2: OCTET STRING, encapsulates { +1276 30 0: SEQUENCE {} + : } + : } +1278 30 14: SEQUENCE { +1280 06 3: OBJECT IDENTIFIER + : keyUsage (2 5 29 15) + : (X.509 id-ce (2 5 29)) +1285 01 1: BOOLEAN TRUE +1288 04 4: OCTET STRING, encapsulates { +1290 03 2: BIT STRING 6 unused bits + : '11'B + : } + : } +1294 30 31: SEQUENCE { +1296 06 3: OBJECT IDENTIFIER + : authorityKeyIdentifier (2 5 29 35) + : (X.509 id-ce (2 5 29)) +1301 04 24: OCTET STRING, encapsulates { +1303 30 22: SEQUENCE { +1305 80 20: [0] + : 70 44 3E 82 2E 6F 87 DE 4A D3 75 E3 + : 3D 20 BC 43 2B 93 F1 1F + : } + : } + : } +1327 30 29: SEQUENCE { +1329 06 3: OBJECT IDENTIFIER + : subjectKeyIdentifier (2 5 29 14) + : (X.509 id-ce (2 5 29)) +1334 04 22: OCTET STRING, encapsulates { + + + +Hoffman, Ed. Informational [Page 106] + +RFC 4134 Examples of S/MIME Messages July 2005 + + +1336 04 20: OCTET STRING + : BE 6C A1 B3 E3 C1 F7 ED 43 70 A4 CE + : 13 01 E2 FD E3 97 FE CD + : } + : } +1358 30 31: SEQUENCE { +1360 06 3: OBJECT IDENTIFIER + : subjectAltName (2 5 29 17) + : (X.509 id-ce (2 5 29)) +1365 04 24: OCTET STRING, encapsulates { +1367 30 22: SEQUENCE { +1369 81 20: [1] 'AliceDSS@example.com' + : } + : } + : } + : } + : } + : } +1391 30 9: SEQUENCE { +1393 06 7: OBJECT IDENTIFIER + : dsaWithSha1 (1 2 840 10040 4 3) + : (ANSI X9.57 algorithm) + : } +1402 03 48: BIT STRING 0 unused bits, encapsulates { +1405 30 45: SEQUENCE { +1407 02 20: INTEGER + : 55 0C A4 19 1F 42 2B 89 71 22 33 8D + : 83 6A B5 3D 67 6B BF 45 +1429 02 21: INTEGER + : 00 9F 61 53 52 54 0B 5C B2 DD DA E7 + : 76 1D E2 10 52 5B 43 5E BD + : } + : } + : } + : } +1452 A1 219: [1] { +1455 30 216: SEQUENCE { +1458 30 153: SEQUENCE { +1461 30 9: SEQUENCE { +1463 06 7: OBJECT IDENTIFIER + : dsaWithSha1 (1 2 840 10040 4 3) + : (ANSI X9.57 algorithm) + : } +1472 30 18: SEQUENCE { +1474 31 16: SET { +1476 30 14: SEQUENCE { +1478 06 3: OBJECT IDENTIFIER + : commonName (2 5 4 3) + + + +Hoffman, Ed. Informational [Page 107] + +RFC 4134 Examples of S/MIME Messages July 2005 + + + : (X.520 id-at (2 5 4)) +1483 13 7: PrintableString 'CarlDSS' + : } + : } + : } +1492 17 13: UTCTime '990827070000Z' +1507 30 105: SEQUENCE { +1509 30 19: SEQUENCE { +1511 02 2: INTEGER 200 +1515 17 13: UTCTime '990822070000Z' + : } +1530 30 19: SEQUENCE { +1532 02 2: INTEGER 201 +1536 17 13: UTCTime '990822070000Z' + : } +1551 30 19: SEQUENCE { +1553 02 2: INTEGER 211 +1557 17 13: UTCTime '990822070000Z' + : } +1572 30 19: SEQUENCE { +1574 02 2: INTEGER 210 +1578 17 13: UTCTime '990822070000Z' + : } +1593 30 19: SEQUENCE { +1595 02 2: INTEGER 212 +1599 17 13: UTCTime '990824070000Z' + : } + : } + : } +1614 30 9: SEQUENCE { +1616 06 7: OBJECT IDENTIFIER + : dsaWithSha1 (1 2 840 10040 4 3) + : (ANSI X9.57 algorithm) + : } +1625 03 47: BIT STRING 0 unused bits, encapsulates { +1628 30 44: SEQUENCE { +1630 02 20: INTEGER + : 7E 65 52 76 33 FE 34 73 17 D1 F7 96 + : F9 A0 D4 D8 6D 5C 7D 3D +1652 02 20: INTEGER + : 02 7A 5B B7 D5 5B 18 C1 CF 87 EF 7E + : DA 24 F3 2A 83 9C 35 A1 + : } + : } + : } + : } +1674 31 0: SET {} + : } + + + +Hoffman, Ed. Informational [Page 108] + +RFC 4134 Examples of S/MIME Messages July 2005 + + + : } + : } + +5. Enveloped-data + +5.1. Basic Encrypted Content, TripleDES and RSA + + An EnvelopedData from Alice to Bob of ExContent using TripleDES for + encrypting and RSA for key management. Does not have an + OriginatorInfo. + + 0 30 286: SEQUENCE { + 4 06 9: OBJECT IDENTIFIER + : envelopedData (1 2 840 113549 1 7 3) + : (PKCS #7) + 15 A0 271: [0] { + 19 30 267: SEQUENCE { + 23 02 1: INTEGER 0 + 26 31 192: SET { + 29 30 189: SEQUENCE { + 32 02 1: INTEGER 0 + 35 30 38: SEQUENCE { + 37 30 18: SEQUENCE { + 39 31 16: SET { + 41 30 14: SEQUENCE { + 43 06 3: OBJECT IDENTIFIER + : commonName (2 5 4 3) + : (X.520 id-at (2 5 4)) + 48 13 7: PrintableString 'CarlRSA' + : } + : } + : } + 57 02 16: INTEGER + : 46 34 6B C7 80 00 56 BC 11 D3 6E 2E + : CD 5D 71 D0 + : } + 75 30 13: SEQUENCE { + 77 06 9: OBJECT IDENTIFIER + : rsaEncryption (1 2 840 113549 1 1 1) + : (PKCS #1) + 88 05 0: NULL + : } + 90 04 128: OCTET STRING + : 0B 71 0D E6 71 88 88 98 B6 96 C1 8F + : 70 FD A2 27 DE DA E1 EF 24 6C A4 33 + : DF AC E0 E9 9D A2 D3 2C 7A CD 80 B8 + : 99 9E E6 5F B1 41 B3 72 16 83 E7 FA + : 2A 00 8B C7 73 35 78 26 D6 C7 CF 8C + + + +Hoffman, Ed. Informational [Page 109] + +RFC 4134 Examples of S/MIME Messages July 2005 + + + : 0C 56 DB A5 76 9D 08 38 0E F3 F9 D4 + : 91 43 58 78 DC 49 B6 EC EE 6C 68 33 + : A3 21 1D F0 28 78 1F F7 5D F6 07 73 + : 4D DF AD 69 31 20 4B 48 A9 75 22 6E + : 36 79 15 63 8F CC EB 9D A3 28 A1 D1 + : 2C 57 F4 DA 1A 2C 75 1F + : } + : } + 221 30 67: SEQUENCE { + 223 06 9: OBJECT IDENTIFIER data (1 2 840 113549 1 7 1) + : (PKCS #7) + 234 30 20: SEQUENCE { + 236 06 8: OBJECT IDENTIFIER + : des-EDE3-CBC (1 2 840 113549 3 7) + : (RSADSI encryptionAlgorithm + : (1 2 840 113549 3)) + 246 04 8: OCTET STRING + : 2D 68 C5 E9 47 06 51 35 + : } + 256 80 32: [0] + : 0E C8 92 7F C6 7D 3F 8D CB AD 8E 0E + : C5 49 3A EB 47 2E D6 55 DE 09 21 4E + : 48 EA 4E 27 B1 6E 57 25 + : } + : } + : } + : } + +5.2. Basic Encrypted Content, RC2/128 and RSA + + Same as 5.1, except using RC2/128 for encryption and RSA for key + management. An EnvelopedData from Alice to Bob of ExContent using + RC2/40 for encrypting and RSA for key management. Does not have an + OriginatorInfo or any attributes. + + 0 30 291: SEQUENCE { + 4 06 9: OBJECT IDENTIFIER + : envelopedData (1 2 840 113549 1 7 3) + : (PKCS #7) + 15 A0 276: [0] { + 19 30 272: SEQUENCE { + 23 02 1: INTEGER 0 + 26 31 192: SET { + 29 30 189: SEQUENCE { + 32 02 1: INTEGER 0 + 35 30 38: SEQUENCE { + 37 30 18: SEQUENCE { + 39 31 16: SET { + + + +Hoffman, Ed. Informational [Page 110] + +RFC 4134 Examples of S/MIME Messages July 2005 + + + 41 30 14: SEQUENCE { + 43 06 3: OBJECT IDENTIFIER + : commonName (2 5 4 3) + : (X.520 id-at (2 5 4)) + 48 13 7: PrintableString 'CarlRSA' + : } + : } + : } + 57 02 16: INTEGER + : 46 34 6B C7 80 00 56 BC 11 D3 6E 2E + : CD 5D 71 D0 + : } + 75 30 13: SEQUENCE { + 77 06 9: OBJECT IDENTIFIER + : rsaEncryption (1 2 840 113549 1 1 1) + : (PKCS #1) + 88 05 0: NULL + : } + 90 04 128: OCTET STRING + : 85 42 BE E3 0B 2E E5 0F 09 AA 24 CA + : DE DA C1 D3 09 B8 27 2B 25 CB D5 71 + : FB C9 9C DB F0 B2 6E A0 8A 5F 1C 9D + : 4A ED 98 9D 15 39 26 01 1A 2E 6B F0 + : 44 39 89 37 3C 6F C7 4A 61 0B 0B 27 + : 77 AA F9 D4 97 A4 D2 21 3F C2 3F 20 + : D4 DC 10 E9 D6 3F 00 DB 9C 82 47 D6 + : 7E 96 FF 12 6E 87 84 A0 BA ED 81 0F + : 56 6D A6 1D EB AB C3 B7 A1 B9 F8 5F + : 8B CC 1B 4A E5 14 36 06 61 D0 C7 64 + : 5F 69 67 91 A9 50 EE D8 + : } + : } + 221 30 72: SEQUENCE { + 223 06 9: OBJECT IDENTIFIER data (1 2 840 113549 1 7 1) + : (PKCS #7) + 234 30 25: SEQUENCE { + 236 06 8: OBJECT IDENTIFIER rc2CBC (1 2 840 113549 3 2) + : (RSADSI encryptionAlgorithm + : (1 2 840 113549 3)) + 246 30 13: SEQUENCE { + 248 02 1: INTEGER 58 + 251 04 8: OCTET STRING + : E8 70 81 E2 EF C5 15 57 + : } + : } + 261 80 32: [0] + : 06 53 0A 7B 8D 5C 16 0D CC D5 76 D6 + : 8B 59 D6 45 8C 1A 1A 0C E6 1E F3 DE + + + +Hoffman, Ed. Informational [Page 111] + +RFC 4134 Examples of S/MIME Messages July 2005 + + + : 43 56 00 9B 40 8C 38 5D + : } + : } + : } + : } + +5.3. S/MIME application/pkcs7-mime Encrypted Message + + A full S/MIME message, including MIME, that includes the body part + from 5.1. + +MIME-Version: 1.0 +Message-Id: <00103112005203.00349@amyemily.ig.com> +Date: Tue, 31 Oct 2000 12:00:52 -0600 (Central Standard Time) +From: User1 +To: User2 +Subject: Example 5.3 +Content-Type: application/pkcs7-mime; + name=smime.p7m; + smime-type=enveloped-data +Content-Transfer-Encoding: base64 +Content-Disposition: attachment; filename=smime.p7m + +MIIBHgYJKoZIhvcNAQcDoIIBDzCCAQsCAQAxgcAwgb0CAQAwJjASMRAwDgYDVQQDEwdDYXJ +sUlNBAhBGNGvHgABWvBHTbi7NXXHQMA0GCSqGSIb3DQEBAQUABIGAC3EN5nGIiJi2lsGPcP +2iJ97a4e8kbKQz36zg6Z2i0yx6zYC4mZ7mX7FBs3IWg+f6KgCLx3M1eCbWx8+MDFbbpXadC +DgO8/nUkUNYeNxJtuzubGgzoyEd8Ch4H/dd9gdzTd+taTEgS0ipdSJuNnkVY4/M652jKKHR +LFf02hosdR8wQwYJKoZIhvcNAQcBMBQGCCqGSIb3DQMHBAgtaMXpRwZRNYAgDsiSf8Z9P43 +LrY4OxUk660cu1lXeCSFOSOpOJ7FuVyU= + +6. Digested-data + + A DigestedData from Alice to Bob of ExContent using SHA-1. + + 0 30 94: SEQUENCE { + 2 06 9: OBJECT IDENTIFIER digestedData (1 2 840 113549 1 7 5) + : (PKCS #7) + 13 A0 81: [0] { + 15 30 79: SEQUENCE { + 17 02 1: INTEGER 0 + 20 30 7: SEQUENCE { + 22 06 5: OBJECT IDENTIFIER sha1 (1 3 14 3 2 26) + : (OIW) + : } + 29 30 43: SEQUENCE { + 31 06 9: OBJECT IDENTIFIER data (1 2 840 113549 1 7 1) + : (PKCS #7) + 42 A0 30: [0] { + + + +Hoffman, Ed. Informational [Page 112] + +RFC 4134 Examples of S/MIME Messages July 2005 + + + 44 04 28: OCTET STRING 'This is some sample content.' + : } + : } + 74 04 20: OCTET STRING + : 40 6A EC 08 52 79 BA 6E 16 02 2D 9E + : 06 29 C0 22 96 87 DD 48 + : } + : } + : } + +7. Encrypted-data + +7.1. Simple EncryptedData + + An EncryptedData from Alice to Bob of ExContent with no attributes. + + 0 30 87: SEQUENCE { + 2 06 9: OBJECT IDENTIFIER + : encryptedData (1 2 840 113549 1 7 6) + : (PKCS #7) + 13 A0 74: [0] { + 15 30 72: SEQUENCE { + 17 02 1: INTEGER 0 + 20 30 67: SEQUENCE { + 22 06 9: OBJECT IDENTIFIER data (1 2 840 113549 1 7 1) + : (PKCS #7) + 33 30 20: SEQUENCE { + 35 06 8: OBJECT IDENTIFIER + : des-EDE3-CBC (1 2 840 113549 3 7) + : (RSADSI encryptionAlgorithm + : (1 2 840 113549 3)) + 45 04 8: OCTET STRING + : B3 6B 6B FB 62 31 08 4E + : } + 55 80 32: [0] + : FA FC ED DB 3F 18 17 1D 38 89 11 EA + : 34 D6 20 DB F4 C3 D9 58 15 EF 93 3B + : 9A F5 D7 04 F6 B5 70 E2 + : } + : } + : } + : } + + The TripleDES key is: + + 73 7c 79 1f 25 ea d0 e0 46 29 25 43 52 f7 dc 62 + 91 e5 cb 26 91 7a da 32 + + + + +Hoffman, Ed. Informational [Page 113] + +RFC 4134 Examples of S/MIME Messages July 2005 + + +7.2. EncryptedData with Unprotected Attributes + + An EncryptedData from Alice to Bob of ExContent with unprotected + attributes. + + 0 30 149: SEQUENCE { + 3 06 9: OBJECT IDENTIFIER + : encryptedData (1 2 840 113549 1 7 6) + : (PKCS #7) + 14 A0 135: [0] { + 17 30 132: SEQUENCE { + 20 02 1: INTEGER 2 + 23 30 67: SEQUENCE { + 25 06 9: OBJECT IDENTIFIER data (1 2 840 113549 1 7 1) + : (PKCS #7) + 36 30 20: SEQUENCE { + 38 06 8: OBJECT IDENTIFIER + : des-EDE3-CBC (1 2 840 113549 3 7) + : (RSADSI encryptionAlgorithm + : (1 2 840 113549 3)) + 48 04 8: OCTET STRING + : 07 27 20 85 90 9E B0 7E + : } + 58 80 32: [0] + : D2 20 8F 67 48 8A CB 41 E4 22 68 5D + : BE 77 05 52 26 ED E3 01 BD 00 91 58 + : A7 35 6E BC 4B A2 07 33 + : } + 92 A1 58: [1] { + 94 30 56: SEQUENCE { + 96 06 3: OBJECT IDENTIFIER '1 2 5555' + 101 31 49: SET { + 103 04 47: OCTET STRING + : 'This is a test General ASN Attribut' + : 'e, number 1.' + : } + : } + : } + : } + : } + : } + + + + + + + + + + +Hoffman, Ed. Informational [Page 114] + +RFC 4134 Examples of S/MIME Messages July 2005 + + +8. Security Considerations + + Because this document shows examples of S/MIME and CMS messages, this + document also inherits all of the security considerations from + [SMIME-MSG] and [CMS]. + + The Perl script in Appendix A writes to the user's local hard drive. + A malicious attacker could modify the Perl script in this document. + Be sure to read the Perl code carefully before executing it. + +9. References + +9.1. Normative References + + [CMS] Housley, R., "Cryptographic Message Syntax (CMS)", RFC + 3852, July 2004. + + [PKIX] Housley, R., Polk, W., Ford, W., and D. Solo, "Internet + X.509 Public Key Infrastructure Certificate and + Certificate Revocation List (CRL) Profile", RFC 3280, + April 2002. + + [SMIME-MSG] Ramsdell, B., "Secure/Multipurpose Internet Mail + Extensions (S/MIME) Version 3.1 Message Specification", + RFC 3851, July 2004. + +9.2. Informative References + + [DVCS] Adams, C., Sylvester, P., Zolotarev, M., and R. + Zuccherato, "Internet X.509 Public Key Infrastructure + Data Validation and Certification Server Protocols", RFC + 3029, February 2001. + + + + + + + + + + + + + + + + + + + +Hoffman, Ed. Informational [Page 115] + +RFC 4134 Examples of S/MIME Messages July 2005 + + +A. Binaries of the Examples + + This section contains the binaries of the examples shown in the rest + of the document. The binaries are stored in a modified Base64 + format. There is a Perl program that, when run over the contents of + this document, will extract the following binaries and write them out + to disk. The program requires Perl. + +A.1. How the Binaries and Extractor Works + + The program in the next section looks for lines that begin with a '|' + character (or some whitespace followed by a '|'), ignoring all other + lines. If the line begins with '|', the second character tells what + kind of line it is: + + A line that begins with |* is a comment + A line that begins with |> gives the name of a new file to start + A line that begins with |< tells to end the file (and checks the + file name for sanity) + A line that begins with |anythingelse is a Base64 line + + The program writes out a series of files, so you should run this in + an empty directory. The program will overwrite files (if it can), + but won't delete other files already in the directory. + + Run this program with this document as the standard input, such as: + + ./extractsample.pl " and "|<" markers, remove any page breaks, and remove + the "|" in the first column of each line. The result is a valid + Base64 blob that can be processed by any Base64 decoder. + +A.2. Example Extraction Program + +#!/usr/bin/perl + +# CMS Samples extraction program. v 1.1 + +# Get all the input as an array of lines +@AllIn = (); while () { push(@AllIn, $_) } + +$Base64Chars = 'ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqr' . + 'stuvwxyz0123456789+/='; +$LineCount = 0; $CurrFile = ''; + +foreach $Line (@AllIn) { + + + +Hoffman, Ed. Informational [Page 116] + +RFC 4134 Examples of S/MIME Messages July 2005 + + + $LineCount++; # Keep the line counter for error messages + $Line =~ s/^\s*//; # Get rid of leading whitespace + chomp($Line); # Get rid of CR or CRLF at the end of the line + if(substr($Line, 0, 1) ne '|') { next } # Not a special line + elsif(substr($Line, 1, 1) eq '*') { next } # It is a comment + elsif(substr($Line, 1, 1) eq '>') + { &StartNewFile(substr($Line, 2)) } # Start a new file + elsif(substr($Line, 1, 1) eq '<') + { &EndCurrFile(substr($Line, 2)) } # End the current file + else { &DoBase64(substr($Line, 1)) } # It is a line of Base64 +} + +sub StartNewFile { + $TheNewFile = shift(@_); + if($CurrFile ne '') { die "Was about to start a new file at " . + "line $LineCount, but the old file, $CurrFile, was open\n" } + open(OUT, ">$TheNewFile") or + die "Could not open $TheNewFile for writing: $!\n"; + binmode(OUT); # This is needed for Windows, is a noop on Unix + $CurrFile = $TheNewFile; + $LeftOver = 0; # Amount left from previous Base64 character + $NextPos = 0; # Bit position to start the next Base64 character + # (bits are numbered 01234567) + $OutString = ''; # Holds the text going out to the file +} + +sub EndCurrFile { + $FileToEnd = shift(@_); + if($CurrFile ne $FileToEnd) { die "Was about to close " . + "$FileToEnd at line $LineCount, but that name didn't match " . + "the name of the currently open file, $CurrFile\n" } + print OUT $OutString; + close(OUT); + $CurrFile = ''; +} + +sub DoBase64 { + $TheIn = shift(@_); + if($CurrFile eq '') { die "Got some Base64 at line $LineCount, " . + "but appear to not be writing to any particular file.\n" } + @Chars = split(//, $TheIn); # Make an array of the characters + foreach $ThisChar (@Chars) { + # $ThisVal is the position in the string and the Base64 value + $ThisVal = index($Base64Chars, $ThisChar); + if($ThisVal == -1) { die "At line $LineCount, found the " . + "character $ThisChar, which is not a Base64 character\n" } + if($ThisVal == 64) { last } # It is a "=", so we're done + if ($NextPos == 0 ) { + + + +Hoffman, Ed. Informational [Page 117] + +RFC 4134 Examples of S/MIME Messages July 2005 + + + # Don't output anything, just fill the left of $LeftOver + $LeftOver = $ThisVal * 4; + $NextPos = 6; + } elsif ($NextPos == 2) { + # Add $ThisVal to $LeftOver, output, and reset + $OutString .= chr($LeftOver + $ThisVal); + $LeftOver = 0; + $NextPos = 0; + } elsif ($NextPos == 4) { + # Add upper 4 bits of $ThisVal to $LeftOver and output + $Upper4 = ($ThisVal & 60); + $OutString .= chr($LeftOver + ($Upper4/4)); + $LeftOver = (($ThisVal - $Upper4) * 64); + $NextPos = 2; + } elsif ($NextPos == 6) { + # Add upper 2 bits of $ThisVal to $LeftOver and output + $Upper2 = ($ThisVal & 48); + $OutString .= chr($LeftOver + ($Upper2/16)); + $LeftOver = (($ThisVal - $Upper2) * 16); + $NextPos = 4; + } else { die "\$NextPos has an illegal value: $NextPos." } + } +} + +B. Examples in Order of Appearance + +From Section 2.1 + +***ExContent.bin*** + +|* Section 2.1 +|>ExContent.bin +|VGhpcyBpcyBzb21lIHNhbXBsZSBjb250ZW50Lg== +|AlicePrivDSSSign.pri +|MIIBSwIBADCCASsGByqGSM44BAEwggEeAoGBAIGNze2D6gqeOT7CSCij5EeT3Q7XqA7sU8 +|WrhAhP/5Thc0h+DNbzREjR/p+vpKGJL+HZMMg23j+bv7dM3F9piuR10DcMkQiVm96nXvn8 +|9J8v3UOoi1TxP7AHCEdNXYjDw7Wz41UIddU5dhDEeL3/nbCElzfy5FEbteQJllzzflvbAh +|UA4kemGkVmuBPG2o+4NyErYov3k80CgYAmONAUiTKqOfs+bdlLWWpMdiM5BAI1XPLLGjDD +|HlBd3ZtZ4s2qBT1YwHuiNrhuB699ikIlp/R1z0oIXks+kPht6pzJIYo7dhTpzi5dowfNI4 +|W4LzABfG1JiRGJNkS9+MiVSlNWteL5c+waYTYfEX/Cve3RUP+YdMLRgUpgObo2OQQXAhUA +|u0RG0aXJRgcu0P561pIH8JqFiT8= + + + +Hoffman, Ed. Informational [Page 118] + +RFC 4134 Examples of S/MIME Messages July 2005 + + +|AlicePrivRSASign.pri +|MIICdgIBADANBgkqhkiG9w0BAQEFAASCAmAwggJcAgEAAoGBAOCJczmN2PX16Id2OX9OsA +|W7U4PeD7er3H3HdSkNBS5tEt+mhibU0m+qWCn8l+z6glEPMIC+sVCeRkTxLLvYMs/GaG8H +|2bBgrL7uNAlqE/X3BQWT3166NVbZYf8Zf8mB5vhs6odAcO+sbSx0ny36VTq5mXcCpkhSjE +|7zVzhXdFdfAgMBAAECgYAApAPDJ0d2NDRspoa1eUkBSy6K0shissfXSAlqi5H3NvJ11ujN +|FZBgJzFHNWRNlc1nY860n1asLzduHO4Ovygt9DmQbzTYbghb1WVq2EHzE9ctOV7+M8v/Ke +|QDCz0Foo+38Y6idjeweVfTLyvehwYifQRmXskbr4saw+yRRKt/IQJBAPbW4CIhTF8KcP8n +|/OWzUGqd5Q+1hZbGQPqoCrSbmwxVwgEd+TeCihTI8pMOks2lZiG5PNIGv7RVMcncrcqYLd +|ECQQDo3rARJQnSAlEB3oromFD1d3dhpEWTawhVlnNd9MhbEpMic4t/03B/9aSqu3T9PCJq +|2jiRKoZbbBTorkye+o4vAkEAl0zwh5sXf+4bgxsUtgtqkF+GJ1Hht6B/9eSI41m5+R6b0y +|l3OCJI1yKxJZi6PVlTt/oeILLIURYjdZNR56vN8QJALPAkW/qgzYUi6tBuT/pszSHTyOTx +|hERIZHPXKY9+RozsFd7kUbOU5yyZLVVleyTqo2IfPmxNZ0ERO+G+6YMCgwJAWIjZoVA4hG +|qrA7y730v0nG+4tCol+/bkBS9u4oiJIW9LJZ7Qq1CTyr9AcewhJcV/+wLpIZa4M83ixpXu +|b41fKA== +|BobPrivRSAEncrypt.pri +|MIIChQIBADANBgkqhkiG9w0BAQEFAASCAmAwggJcAgEAAoGBAKnhZ5g/OdVf8qCTQV6meY +|mFyDVdmpFb+x0B2hlwJhcPvaUi0DWFbXqYZhRBXM+3twg7CcmRuBlpN235ZR572akzJKN/ +|O7uvRgGGNjQyywcDWVL8hYsxBLjMGAgUSOZPHPtdYMTgXB9T039T2GkB8QX4enDRvoPGXz +|jPHCyqaqfrAgMBAAECgYBnzUhMmg2PmMIbZf8ig5xt8KYGHbztpwOIlPIcaw+LNd4Ogngw +|y+e6alatd8brUXlweQqg9P5F4Kmy9Bnah5jWMIR05PxZbMHGd9ypkdB8MKCixQheIXFD/A +|0HPfD6bRSeTmPwF1h5HEuYHD09sBvf+iU7o8AsmAX2EAnYh9sDGQJBANDDIsbeopkYdo+N +|vKZ11mY/1I1FUox29XLE6/BGmvE+XKpVC5va3Wtt+Pw7PAhDk7Vb/s7q/WiEI2Kv8zHCue +|UCQQDQUfweIrdb7bWOAcjXq/JY1PeClPNTqBlFy2bKKBlf4hAr84/sajB0+E0R9KfEILVH +|IdxJAfkKICnwJAiEYH2PAkA0umTJSChXdNdVUN5qSO8bKlocSHseIVnDYDubl6nA7xhmqU +|5iUjiEzuUJiEiUacUgFJlaV/4jbOSnI3vQgLeFAkEAni+zN5r7CwZdV+EJBqRd2ZCWBgVf +|JAZAcpw6iIWchw+dYhKIFmioNRobQ+g4wJhprwMKSDIETukPj3d9NDAlBwJAVxhn1grSta +|vCunrnVNqcBU+B1O8BiR4yPWnLMcRSyFRVJQA7HCp8JlDV6abXd8vPFfXuC9WN7rOvTKF8 +|Y0ZB9qANMAsGA1UdDzEEAwIAEA== +|CarlPrivDSSSign.pri +|MIIBSgIBADCCASsGByqGSM44BAEwggEeAoGBALZJGD6KRMEpcZRMAcQSwXp5y1RNqx6B+8 +|ZMsw6UCQbrAdSxyHFLx0XAUCVdnPza5G3T4oZIhIJ9uhWVShb2Ru3d9pjSu36KCoq6Fnu5 +|UAFIk4vrJRVRl1Xcj1MOEKlQ/HC3zTBU/dreqKoitaGvi8wCiOeLcF+5reEI1G0pLdbpAh +|UA3cEv31POCzRgdz4CpL+KXZi5ENUCgYAM7lebS73atgdqdDdPVX+d7bxhDetGWTxWCytb + + + +Hoffman, Ed. Informational [Page 119] + +RFC 4134 Examples of S/MIME Messages July 2005 + + +|DJHOpWJSacrhbT69v/7ht7krYTyty65F4wasjCKdnESHC8fN8BzZtU5dc96vDskdWlH1T0 +|R5NVpzqn9GUR+pQhacSOuKeWG01S9TIkRjH4a4o1gGJfgpwO+64HXwQsRjZVKbCgQWAhQZ +|szilIWIxUOV/uT4IRnjRPrXlcg== +|CarlPrivRSASign.pri +|MIICdgIBADANBgkqhkiG9w0BAQEFAASCAmAwggJcAgEAAoGBAORL/xi4JFf0d/9uc3uTcV +|y8MxqSknIj2EFG0M0ROgSzjq+Cnb1RHhd68nYsK4Y5p73XjRpT7OQA1ejsojax7eJQ4jIJ +|ij+fmSWPuE6ruX3VlmXaFqDFvg6uRFvvXvSnKcuC3axE6aqTlCkO+BjWyFde8nbE8hFgOL +|kbPB2XyWrxAgMBAAECgYEArnPkW19bZlrJ18bvOF9TISovYv7eKZp6hmc2531ieHU9c6C8 +|KQ7zj73Dycm2+LrWE5vDl3rKavC4hWVOD72nqPdUBkG969wgd5DfYZuab3Te6jvUnIdg7X +|aE8WowN9XgkBb4gEfDGWvtdXe6Su05tl0CRztfG8gcq8vo9SY/pIECQQD/3wmgVgtCUp7E +|TZOzsEm73ueBfSiZ0LFIugs54Rx7IhgztkD2v9yuHdChrQRxWmEKbjvOMNo2n2UlKbunDn +|8LAkEA5GloGF/5V9B8ZokPumMdcssgpIF2ZInNfdHCJ6kurHpWmoUH2TADowOrf4iSUCQB +|qhsHHyBMt8l7Vve2wn6rcwJAVzZsj4wEdmy21O4kRAD4gOKvQgGpDxSE+OcA4I+MJ6QtX6 +|LlbbVjwK1E6XaRpxlJLkb4d4VLO4cE8K/S2FQmlQJAZKEPrFV0G70NYXsXA82w5qcZHYCv +|8UFI2Bq2iBSgLHrFdtQPDh96KrJuNwSrOUVzukaoD42CXyIUBc+io/N8gwJAJh4dHKGYK+ +|TbOOhXbmtzGYhhOvp0SjaLR2hdUOsm4+p9m05lqa97q0sudlE9qNARq6PWqMAnNh1UC6qn +|0W2N+g== +|DianePrivDSSSign.pri +|MIIBSwIBADCCASsGByqGSM44BAEwggEeAoGBALZJGD6KRMEpcZRMAcQSwXp5y1RNqx6B+8 +|ZMsw6UCQbrAdSxyHFLx0XAUCVdnPza5G3T4oZIhIJ9uhWVShb2Ru3d9pjSu36KCoq6Fnu5 +|UAFIk4vrJRVRl1Xcj1MOEKlQ/HC3zTBU/dreqKoitaGvi8wCiOeLcF+5reEI1G0pLdbpAh +|UA3cEv31POCzRgdz4CpL+KXZi5ENUCgYAM7lebS73atgdqdDdPVX+d7bxhDetGWTxWCytb +|DJHOpWJSacrhbT69v/7ht7krYTyty65F4wasjCKdnESHC8fN8BzZtU5dc96vDskdWlH1T0 +|R5NVpzqn9GUR+pQhacSOuKeWG01S9TIkRjH4a4o1gGJfgpwO+64HXwQsRjZVKbCgQXAhUA +|lpX54MHgQS0yD4tCUpMq5h4OISk= +|DianePrivRSASignEncrypt.pri +|MIICdwIBADANBgkqhkiG9w0BAQEFAASCAmEwggJdAgEAAoGBANb9uMBwxkwl7OrP6ny7om +|L68OYyOlP/sZJaF/Qg4ZkkggrQ9nz7RMqLJwbxfiYDqXadz+ygLHCW8oNC9tS3KAq7+L9K +|TBk/B9ugwWAet35n996xw2BJrEXX+MbvCDchk0fu8HM1crACxPMRw15H5Qq3g/HbdGlki0 +|QdlV3NKMCFAgMBAAECgYA9vc3CDmEUW0vnv2AjBCvFazWllkUj/Gl9kzwP0yWWumJSQuKW +|z/5YgI/rsYy91A1l0Dp3RSSeDOuGgMOsIRFxROOyqKkurBfSo4QlY7W8Lx7d9iH/FSAkW/ +|GAL9VBDjIk99RKMp65SdgZjj85jWK9gPwMJJKT5MPXBZFTu5a2QQJBAPO4P0rRlLCRYBNB +|kg2NRD93Hf+WI0QI1AtwyRqv6ZCU8rDVX08ZhVChkJGuvQV2UrMi2Kh8jlR/AHJPNnVoc7 + + + +Hoffman, Ed. Informational [Page 120] + +RFC 4134 Examples of S/MIME Messages July 2005 + + +|UCQQDh0ucRVwaucpUiFqoCtFrtTp2CEU+WPIbJEI1WezF1eWnndWg4AEsu0iYy3bHi4CxU +|gAp1utFmlhuwDqB+0ruRAkEAr7a82yJzQ0HstLVnqaGZ/O/Sjv0d++Upi/4K39TIXlclCl +|0r1AmgVlvFsWL8IL4ILeMHtaHns//EwKVfrBJcqQJBALmYQfwIUB9zYIoBonxSiiBa6iyJ +|2aUZ3ZTGG8MlwIJR5O4rmhncc+3pHSfU+GwD3asdCHu1rH/pgpvxiYpx22ECQAEHIZdfem +|Co/VpcB9+o3vfisTR9/OuRvbBzdMjEvj9YRTAGkLOsacyz9z98rMe4G2WhFjk5sON0fc/N +|xaxsv+U= +|AliceDSSSignByCarlNoInherit.cer +|MIIC3DCCApugAwIBAgICAMgwCQYHKoZIzjgEAzASMRAwDgYDVQQDEwdDYXJsRFNTMB4XDT +|k5MDgxNzAxMTA0OVoXDTM5MTIzMTIzNTk1OVowEzERMA8GA1UEAxMIQWxpY2VEU1MwggG2 +|MIIBKwYHKoZIzjgEATCCAR4CgYEAgY3N7YPqCp45PsJIKKPkR5PdDteoDuxTxauECE//lO +|FzSH4M1vNESNH+n6+koYkv4dkwyDbeP5u/t0zcX2mK5HXQNwyRCJWb3qde+fz0ny/dQ6iL +|VPE/sAcIR01diMPDtbPjVQh11Tl2EMR4vf+dsISXN/LkURu15AmWXPN+W9sCFQDiR6YaRW +|a4E8baj7g3IStii/eTzQKBgCY40BSJMqo5+z5t2UtZakx2IzkEAjVc8ssaMMMeUF3dm1ni +|zaoFPVjAe6I2uG4Hr32KQiWn9HXPSgheSz6Q+G3qnMkhijt2FOnOLl2jB80jhbgvMAF8bU +|mJEYk2RL34yJVKU1a14vlz7BphNh8Rf8K97dFQ/5h0wtGBSmA5ujY5A4GEAAKBgFzjuVp1 +|FJYLqXrd4z+p7Kxe3L23ExE0phaJKBEj2TSGZ3V1ExI9Q1tv5VG/+onyohs+JH09B41bY8 +|i7RaWgSuOF1s4GgD/oI34a8iSrUxq4Jw0e7wi/ZhSAXGKsZfoVi/G7NNTSljf2YUeyxDKE +|8H5BQP1Gp2NOM/Kl4vTyg+W4o4GBMH8wDAYDVR0TAQH/BAIwADAOBgNVHQ8BAf8EBAMCBs +|AwHwYDVR0jBBgwFoAUcEQ+gi5vh95K03XjPSC8QyuT8R8wHQYDVR0OBBYEFL5sobPjwfft +|Q3CkzhMB4v3jl/7NMB8GA1UdEQQYMBaBFEFsaWNlRFNTQGV4YW1wbGUuY29tMAkGByqGSM +|44BAMDMAAwLQIUVQykGR9CK4lxIjONg2q1PWdrv0UCFQCfYVNSVAtcst3a53Yd4hBSW0Ne +|vQ== +|AliceRSASignByCarl.cer +|MIICLDCCAZWgAwIBAgIQRjRrx4AAVrwR024uxBCzsDANBgkqhkiG9w0BAQUFADASMRAwDg +|YDVQQDEwdDYXJsUlNBMB4XDTk5MDkxOTAxMDg0N1oXDTM5MTIzMTIzNTk1OVowEzERMA8G +|A1UEAxMIQWxpY2VSU0EwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAOCJczmN2PX16I +|d2OX9OsAW7U4PeD7er3H3HdSkNBS5tEt+mhibU0m+qWCn8l+z6glEPMIC+sVCeRkTxLLvY +|Ms/GaG8H2bBgrL7uNAlqE/X3BQWT3166NVbZYf8Zf8mB5vhs6odAcO+sbSx0ny36VTq5mX +|cCpkhSjE7zVzhXdFdfAgMBAAGjgYEwfzAMBgNVHRMBAf8EAjAAMA4GA1UdDwEB/wQEAwIG +|wDAfBgNVHSMEGDAWgBTp4JAnrHggeprTTPJCN04irp44uzAdBgNVHQ4EFgQUd9K00bdMio +|qjzkWdzuw8oDrj/1AwHwYDVR0RBBgwFoEUQWxpY2VSU0FAZXhhbXBsZS5jb20wDQYJKoZI +|hvcNAQEFBQADgYEAPnBHqEjME1iPylFxa042GF0EfoCxjU3MyqOPzH1WyLzPbrMcWakgqg +|WBqE4lradwFHUv9ceb0Q7pY9Jkt8ZmbnMhVN/0uiVdfUnTlGsiNnRzuErsL2Tt0z3Sp0LF +|6DeKtNufZ+S9n/n+dO/q+e5jatg/SyUJtdgadq7rm9tJsCI= +|BobRSASignByCarl.cer +|MIICJzCCAZCgAwIBAgIQRjRrx4AAVrwR024uzV1x0DANBgkqhkiG9w0BAQUFADASMRAwDg +|YDVQQDEwdDYXJsUlNBMB4XDTk5MDkxOTAxMDkwMloXDTM5MTIzMTIzNTk1OVowETEPMA0G +|A1UEAxMGQm9iUlNBMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCp4WeYPznVX/Kgk0 +|FepnmJhcg1XZqRW/sdAdoZcCYXD72lItA1hW16mGYUQVzPt7cIOwnJkbgZaTdt+WUee9mp +|MySjfzu7r0YBhjY0MssHA1lS/IWLMQS4zBgIFEjmTxz7XWDE4FwfU9N/U9hpAfEF+Hpw0b +|6Dxl84zxwsqmqn6wIDAQABo38wfTAMBgNVHRMBAf8EAjAAMA4GA1UdDwEB/wQEAwIFIDAf +|BgNVHSMEGDAWgBTp4JAnrHggeprTTPJCN04irp44uzAdBgNVHQ4EFgQU6PS4Z9izlqQq8x +|GqKdOVWoYWtCQwHQYDVR0RBBYwFIESQm9iUlNBQGV4YW1wbGUuY29tMA0GCSqGSIb3DQEB +|BQUAA4GBAHuOZsXxED8QIEyIcat7QGshM/pKld6dDltrlCEFwPLhfirNnJOIh/uLt359QW +|Hh5NZt+eIEVWFFvGQnRMChvVl52R1kPCHWRbBdaDOS6qzxV+WBfZjmNZGjOd539OgcOync +|f1EHl/M28FAK3Zvetl44ESv7V+qJba3JiNiPzyvT +|CarlDSSSelf.cer +|MIICmzCCAlqgAwIBAgIBATAJBgcqhkjOOAQDMBIxEDAOBgNVBAMTB0NhcmxEU1MwHhcNOT +|kwODE2MjI1MDUwWhcNMzkxMjMxMjM1OTU5WjASMRAwDgYDVQQDEwdDYXJsRFNTMIIBtzCC +|ASsGByqGSM44BAEwggEeAoGBALZJGD6KRMEpcZRMAcQSwXp5y1RNqx6B+8ZMsw6UCQbrAd +|SxyHFLx0XAUCVdnPza5G3T4oZIhIJ9uhWVShb2Ru3d9pjSu36KCoq6Fnu5UAFIk4vrJRVR +|l1Xcj1MOEKlQ/HC3zTBU/dreqKoitaGvi8wCiOeLcF+5reEI1G0pLdbpAhUA3cEv31POCz +|Rgdz4CpL+KXZi5ENUCgYAM7lebS73atgdqdDdPVX+d7bxhDetGWTxWCytbDJHOpWJSacrh +|bT69v/7ht7krYTyty65F4wasjCKdnESHC8fN8BzZtU5dc96vDskdWlH1T0R5NVpzqn9GUR +|+pQhacSOuKeWG01S9TIkRjH4a4o1gGJfgpwO+64HXwQsRjZVKbCgOBhQACgYEAmYd0JwNm +|oLHArdwsdbvhbESc2iFtTUdtsWIJ6diuHvI6tJSxo456m3FOAJTJtCVOuWCWGSQB82IM/n +|XA+87YaADj/dVwT98jlhkGlPSxYY86V7EIEaQLJiXwUnaB6gtiDZUq5oa6crKnUIMLqifN +|G6lNiZrXjRg5hD+LxVZNgHqjQjBAMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAg +|GGMB0GA1UdDgQWBBRwRD6CLm+H3krTdeM9ILxDK5PxHzAJBgcqhkjOOAQDAzAAMC0CFGup +|8E56Wnnj+b49K8kGN+kRF6ETAhUAjzRpKouxPAN5lDJNEh/OiftGsjs= +|CarlRSASelf.cer +|MIIB6zCCAVSgAwIBAgIQRjRrx4AAVrwR024un/JQIDANBgkqhkiG9w0BAQUFADASMRAwDg +|YDVQQDEwdDYXJsUlNBMB4XDTk5MDgxODA3MDAwMFoXDTM5MTIzMTIzNTk1OVowEjEQMA4G +|A1UEAxMHQ2FybFJTQTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA5Ev/GLgkV/R3/2 +|5ze5NxXLwzGpKSciPYQUbQzRE6BLOOr4KdvVEeF3rydiwrhjmnvdeNGlPs5ADV6OyiNrHt +|4lDiMgmKP5+ZJY+4Tqu5fdWWZdoWoMW+Dq5EW+9e9Kcpy4LdrETpqpOUKQ74GNbIV17yds +|TyEWA4uRs8HZfJavECAwEAAaNCMEAwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMC +|AYYwHQYDVR0OBBYEFOngkCeseCB6mtNM8kI3TiKunji7MA0GCSqGSIb3DQEBBQUAA4GBAL +|ee1ATT7Snk/4mJFS5M2wzwSA8yYe7EBOwSXS3/D2RZfgrD7Rj941ZAN6cHtfA4EmFQ7e/d + + + +Hoffman, Ed. Informational [Page 122] + +RFC 4134 Examples of S/MIME Messages July 2005 + + +|P+MLuGGlpJs85p6cVJq2ldbabDu1LUU1nUkBdvq5uTH5+WsSU6D1FGCbfco+8lNrsDdvre +|Z019v6WuoUQWNdzb7IDsHaao1TNBgC +|DianeDSSSignByCarlInherit.cer +|MIIBuDCCAXegAwIBAgICANIwCQYHKoZIzjgEAzASMRAwDgYDVQQDEwdDYXJsRFNTMB4XDT +|k5MDgxNzAyMDgxMFoXDTM5MTIzMTIzNTk1OVowEzERMA8GA1UEAxMIRGlhbmVEU1MwgZMw +|CQYHKoZIzjgEAQOBhQACgYEAoAAXeCzufoFTLi5hCA+hm1FSGtpZqHMvEiW2CMvK7ypEdo +|pSCeq9BSLVD/b9RtevmTgJDhPLTyzdHDT3HL8l/yPTO1nngpc3vjEk2BjI80k5W7fi5Sd+ +|/IxFclt+Po9oTd1GeiK+jv/M2jkpoznln0PpVcnXW6aBZ8zAqs0uxSOjgYEwfzAMBgNVHR +|MBAf8EAjAAMA4GA1UdDwEB/wQEAwIGwDAfBgNVHSMEGDAWgBRwRD6CLm+H3krTdeM9ILxD +|K5PxHzAdBgNVHQ4EFgQUZDCZfVzcRQuZOlIvFr9YUN3OKxgwHwYDVR0RBBgwFoEURGlhbm +|VEU1NAZXhhbXBsZS5jb20wCQYHKoZIzjgEAwMwADAtAhUAoRr4Fw4+XaiM9LZVMx5L4yys +|uV8CFChLEEVY0hydVTUUGJGyPznftW7T +|DianeRSASignByCarl.cer +|MIICLDCCAZWgAwIBAgIQRjRrx4AAVrwR024u1ZowkDANBgkqhkiG9w0BAQUFADASMRAwDg +|YDVQQDEwdDYXJsUlNBMB4XDTk5MDgxOTA3MDAwMFoXDTM5MTIzMTIzNTk1OVowEzERMA8G +|A1UEAxMIRGlhbmVSU0EwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBANb9uMBwxkwl7O +|rP6ny7omL68OYyOlP/sZJaF/Qg4ZkkggrQ9nz7RMqLJwbxfiYDqXadz+ygLHCW8oNC9tS3 +|KAq7+L9KTBk/B9ugwWAet35n996xw2BJrEXX+MbvCDchk0fu8HM1crACxPMRw15H5Qq3g/ +|HbdGlki0QdlV3NKMCFAgMBAAGjgYEwfzAMBgNVHRMBAf8EAjAAMA4GA1UdDwEB/wQEAwIF +|4DAfBgNVHSMEGDAWgBTp4JAnrHggeprTTPJCN04irp44uzAdBgNVHQ4EFgQUjPPLdQ6NMf +|bUKdpEknW4/u1POQwwHwYDVR0RBBgwFoEURGlhbmVSU0FAZXhhbXBsZS5jb20wDQYJKoZI +|hvcNAQEFBQADgYEAfaYstXhC1nnzMf72QsoPEweSCRvgb7CRGPa/SvvMY3n7gb/dl8eQa8 +|sKNytBagOYxRs+MshFK4YBnBziNu8WwRqSuL5i+1M+SUcLxLnkK1imBoPwsqe7hX7VxtrO +|nHsxctei6kGrasDdH7kURBjPhFdm6MXmuNwtsx8bKEM2dXo= +|CarlDSSCRLForAll.crl +|MIHYMIGZMAkGByqGSM44BAMwEjEQMA4GA1UEAxMHQ2FybERTUxcNOTkwODI3MDcwMDAwWj +|BpMBMCAgDIFw05OTA4MjIwNzAwMDBaMBMCAgDJFw05OTA4MjIwNzAwMDBaMBMCAgDTFw05 +|OTA4MjIwNzAwMDBaMBMCAgDSFw05OTA4MjIwNzAwMDBaMBMCAgDUFw05OTA4MjQwNzAwMD +|BaMAkGByqGSM44BAMDLwAwLAIUfmVSdjP+NHMX0feW+aDU2G1cfT0CFAJ6W7fVWxjBz4fv +|ftok8yqDnDWh +|CarlDSSCRLForCarl.crl +|MIGDMEQwCQYHKoZIzjgEAzASMRAwDgYDVQQDEwdDYXJsRFNTFw05OTA4MjUwNzAwMDBaMB +|QwEgIBARcNOTkwODIyMDcwMDAwWjAJBgcqhkjOOAQDAzAAMC0CFQCzH8VPej3sdtVg+d55 +|IuxPsJD+lwIUWovDhLxmhxu/eYJbCl0H9rqpBSk= +|CarlDSSCRLEmpty.crl +|MG0wLjAJBgcqhkjOOAQDMBIxEDAOBgNVBAMTB0NhcmxEU1MXDTk5MDgyMDA3MDAwMFowCQ +|YHKoZIzjgEAwMwADAtAhRiPzYXMVguZ1B59QlLjK3Ua/RknwIVALU7TqFMe/0Pw42btv7D +|XW/eZSh9 +|CarlRSACRLForAll.crl +|MIIBMzCBnTANBgkqhkiG9w0BAQQFADASMRAwDgYDVQQDEwdDYXJsUlNBFw05OTA4MjcwNz +|AwMDBaMGkwIQIQRjRrx4AAVrwR024uxBCzsBcNOTkwODIyMDcwMDAwWjAhAhBGNGvHgABW +|vBHTbi7VmjCQFw05OTA4MjIwNzAwMDBaMCECEEY0a8eAAFa8EdNuLs1dcdAXDTk5MDgyND +|A3MDAwMFowDQYJKoZIhvcNAQEEBQADgYEAv7OXqlPwMiEWK3eSemu7l8jc6vH6ZhYwDrWe +|XPCB1F6zbsGIa4zUXsVN+0deZvNdq+W0GDZgqE2cPInsbye/NVBxgcK5RFtiiRkSMal7mt +|PMZssR2QsQR3etTyLZ5X8w8lv8lFGlWHY7H6hGph/2od5Voe0xiGmXDwjT1AxgWx4= +|CarlRSACRLForCarl.crl +|MIHsMFcwDQYJKoZIhvcNAQEEBQAwEjEQMA4GA1UEAxMHQ2FybFJTQRcNOTkwODI1MDcwMD +|AwWjAjMCECEEY0a8eAAFa8EdNuLp/yUCAXDTk5MDgyMjA3MDAwMFowDQYJKoZIhvcNAQEE +|BQADgYEAIe8h1MEahZVJa8pFYtzXCf+pUS6O2UcY+vjlct1P7XR04/NlMmUoLJodV+XVJg +|bq1eYjlYSNDome7psML84H96PRa4VMD//m3fzczXMsHn3csHHFTPwBblJXaR45Y98SIjDH +|E1WUBW4qAKlbxCpmlGLONjPCK2NHJZ3z3nDuAFY= +|CarlRSACRLEmpty.crl +|MIHHMDIwDQYJKoZIhvcNAQEEBQAwEjEQMA4GA1UEAxMHQ2FybFJTQRcNOTkwODIwMDcwMD +|AwWjANBgkqhkiG9w0BAQQFAAOBgQCpxSG4E3x087UR7ATzIEWGHgtuf4NtX/Q0dgZZJQ4E +|PYgJiIE3xNwgmPoXgQs3lKy0j3tRiRSky3JzFAe8IpxAoQf8RHyFDwuI0e7hDq/2FnStoa + + + +Hoffman, Ed. Informational [Page 124] + +RFC 4134 Examples of S/MIME Messages July 2005 + + +|/BAHUAZOqlmvYLCKLblRlfpqe5OUUlCg72XoTn+LlayRjCDriglr6BOoBtyQ== +|3.1.bin +|MIAGCSqGSIb3DQEHAaCAJIAEBFRoaXMEGCBpcyBzb21lIHNhbXBsZSBjb250ZW50LgAAAA +|AAAA== +|<3.1.bin + +***3.2.bin*** + +|* Example 3.2.bin +|>3.2.bin +|MCsGCSqGSIb3DQEHAaAeBBxUaGlzIGlzIHNvbWUgc2FtcGxlIGNvbnRlbnQu +|<3.2.bin + +***4.1.bin*** + +|* Example 4.1.bin +|>4.1.bin +|MIIDlwYJKoZIhvcNAQcCoIIDiDCCA4QCAQExCTAHBgUrDgMCGjArBgkqhkiG9w0BBwGgHg +|QcVGhpcyBpcyBzb21lIHNhbXBsZSBjb250ZW50LqCCAuAwggLcMIICm6ADAgECAgIAyDAJ +|BgcqhkjOOAQDMBIxEDAOBgNVBAMTB0NhcmxEU1MwHhcNOTkwODE3MDExMDQ5WhcNMzkxMj +|MxMjM1OTU5WjATMREwDwYDVQQDEwhBbGljZURTUzCCAbYwggErBgcqhkjOOAQBMIIBHgKB +|gQCBjc3tg+oKnjk+wkgoo+RHk90O16gO7FPFq4QIT/+U4XNIfgzW80RI0f6fr6ShiS/h2T +|DINt4/m7+3TNxfaYrkddA3DJEIlZvep175/PSfL91DqItU8T+wBwhHTV2Iw8O1s+NVCHXV +|OXYQxHi9/52whJc38uRRG7XkCZZc835b2wIVAOJHphpFZrgTxtqPuDchK2KL95PNAoGAJj +|jQFIkyqjn7Pm3ZS1lqTHYjOQQCNVzyyxowwx5QXd2bWeLNqgU9WMB7oja4bgevfYpCJaf0 +|dc9KCF5LPpD4beqcySGKO3YU6c4uXaMHzSOFuC8wAXxtSYkRiTZEvfjIlUpTVrXi+XPsGm +|E2HxF/wr3t0VD/mHTC0YFKYDm6NjkDgYQAAoGAXOO5WnUUlgupet3jP6nsrF7cvbcTETSm +|FokoESPZNIZndXUTEj1DW2/lUb/6ifKiGz4kfT0HjVtjyLtFpaBK44XWzgaAP+gjfhryJK +|tTGrgnDR7vCL9mFIBcYqxl+hWL8bs01NKWN/ZhR7LEMoTwfkFA/UanY04z8qXi9PKD5bij +|gYEwfzAMBgNVHRMBAf8EAjAAMA4GA1UdDwEB/wQEAwIGwDAfBgNVHSMEGDAWgBRwRD6CLm +|+H3krTdeM9ILxDK5PxHzAdBgNVHQ4EFgQUvmyhs+PB9+1DcKTOEwHi/eOX/s0wHwYDVR0R +|BBgwFoEUQWxpY2VEU1NAZXhhbXBsZS5jb20wCQYHKoZIzjgEAwMwADAtAhRVDKQZH0IriX +|EiM42DarU9Z2u/RQIVAJ9hU1JUC1yy3drndh3iEFJbQ169MWMwYQIBATAYMBIxEDAOBgNV +|BAMTB0NhcmxEU1MCAgDIMAcGBSsOAwIaMAkGByqGSM44BAMELjAsAhQJkf7r0mn1GLfXzV +|X0geoqQmqtAwIUOgfMwyG+4RpLfz61Ddu6HOq8zYk= +|<4.1.bin + + + + + + + + +Hoffman, Ed. Informational [Page 125] + +RFC 4134 Examples of S/MIME Messages July 2005 + + +***4.2.bin*** + +|* Example 4.2.bin +|>4.2.bin +|MIIDUgYJKoZIhvcNAQcCoIIDQzCCAz8CAQExCzAJBgUrDgMCGgUAMCsGCSqGSIb3DQEHAa +|AeBBxUaGlzIGlzIHNvbWUgc2FtcGxlIGNvbnRlbnQuoIICMDCCAiwwggGVoAMCAQICEEY0 +|a8eAAFa8EdNuLsQQs7AwDQYJKoZIhvcNAQEFBQAwEjEQMA4GA1UEAxMHQ2FybFJTQTAeFw +|05OTA5MTkwMTA4NDdaFw0zOTEyMzEyMzU5NTlaMBMxETAPBgNVBAMTCEFsaWNlUlNBMIGf +|MA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDgiXM5jdj19eiHdjl/TrAFu1OD3g+3q9x9x3 +|UpDQUubRLfpoYm1NJvqlgp/Jfs+oJRDzCAvrFQnkZE8Sy72DLPxmhvB9mwYKy+7jQJahP1 +|9wUFk99eujVW2WH/GX/Jgeb4bOqHQHDvrG0sdJ8t+lU6uZl3AqZIUoxO81c4V3RXXwIDAQ +|ABo4GBMH8wDAYDVR0TAQH/BAIwADAOBgNVHQ8BAf8EBAMCBsAwHwYDVR0jBBgwFoAU6eCQ +|J6x4IHqa00zyQjdOIq6eOLswHQYDVR0OBBYEFHfStNG3TIqKo85Fnc7sPKA64/9QMB8GA1 +|UdEQQYMBaBFEFsaWNlUlNBQGV4YW1wbGUuY29tMA0GCSqGSIb3DQEBBQUAA4GBAD5wR6hI +|zBNYj8pRcWtONhhdBH6AsY1NzMqjj8x9Vsi8z26zHFmpIKoFgahOJa2ncBR1L/XHm9EO6W +|PSZLfGZm5zIVTf9LolXX1J05RrIjZ0c7hK7C9k7dM90qdCxeg3irTbn2fkvZ/5/nTv6vnu +|Y2rYP0slCbXYGnau65vbSbAiMYHLMIHIAgEBMCYwEjEQMA4GA1UEAxMHQ2FybFJTQQIQRj +|Rrx4AAVrwR024uxBCzsDAJBgUrDgMCGgUAMA0GCSqGSIb3DQEBAQUABIGALyOC0vMJX7gM +|WOtOnb+JmoHldcSRPdPQ1Xu21f6UoYqs48SE9c1gTieV9s8AhnZ1Pyvw59QCZ6f1x40WBK +|WztefZMvAk7+cgRNWfB8VTJPrOAR0PFxOnKpWdK+QDlRQL6TkNus5unJ4M6JjmVRPUaG/Q +|B9eisWJM44+v/eDVXcc= +|<4.2.bin + +***4.3.bin*** + +|* Example 4.3.bin +|>4.3.bin +|MIIDdwYJKoZIhvcNAQcCoIIDaDCCA2QCAQExCTAHBgUrDgMCGjALBgkqhkiG9w0BBwGggg +|LgMIIC3DCCApugAwIBAgICAMgwCQYHKoZIzjgEAzASMRAwDgYDVQQDEwdDYXJsRFNTMB4X +|DTk5MDgxNzAxMTA0OVoXDTM5MTIzMTIzNTk1OVowEzERMA8GA1UEAxMIQWxpY2VEU1Mwgg +|G2MIIBKwYHKoZIzjgEATCCAR4CgYEAgY3N7YPqCp45PsJIKKPkR5PdDteoDuxTxauECE// +|lOFzSH4M1vNESNH+n6+koYkv4dkwyDbeP5u/t0zcX2mK5HXQNwyRCJWb3qde+fz0ny/dQ6 +|iLVPE/sAcIR01diMPDtbPjVQh11Tl2EMR4vf+dsISXN/LkURu15AmWXPN+W9sCFQDiR6Ya +|RWa4E8baj7g3IStii/eTzQKBgCY40BSJMqo5+z5t2UtZakx2IzkEAjVc8ssaMMMeUF3dm1 +|nizaoFPVjAe6I2uG4Hr32KQiWn9HXPSgheSz6Q+G3qnMkhijt2FOnOLl2jB80jhbgvMAF8 +|bUmJEYk2RL34yJVKU1a14vlz7BphNh8Rf8K97dFQ/5h0wtGBSmA5ujY5A4GEAAKBgFzjuV +|p1FJYLqXrd4z+p7Kxe3L23ExE0phaJKBEj2TSGZ3V1ExI9Q1tv5VG/+onyohs+JH09B41b +|Y8i7RaWgSuOF1s4GgD/oI34a8iSrUxq4Jw0e7wi/ZhSAXGKsZfoVi/G7NNTSljf2YUeyxD +|KE8H5BQP1Gp2NOM/Kl4vTyg+W4o4GBMH8wDAYDVR0TAQH/BAIwADAOBgNVHQ8BAf8EBAMC +|BsAwHwYDVR0jBBgwFoAUcEQ+gi5vh95K03XjPSC8QyuT8R8wHQYDVR0OBBYEFL5sobPjwf +|ftQ3CkzhMB4v3jl/7NMB8GA1UdEQQYMBaBFEFsaWNlRFNTQGV4YW1wbGUuY29tMAkGByqG +|SM44BAMDMAAwLQIUVQykGR9CK4lxIjONg2q1PWdrv0UCFQCfYVNSVAtcst3a53Yd4hBSW0 +|NevTFjMGECAQEwGDASMRAwDgYDVQQDEwdDYXJsRFNTAgIAyDAHBgUrDgMCGjAJBgcqhkjO +|OAQDBC4wLAIUBvvHKiTVNIn3i7X9cySlhsgPWmwCFGZpGbxoWNGNsZ1SP9oUiA39yaG4 +|<4.3.bin + + + + + + +Hoffman, Ed. Informational [Page 126] + +RFC 4134 Examples of S/MIME Messages July 2005 + + +***4.4.bin*** + +|* Example 4.4.bin +|>4.4.bin +|MIILDQYJKoZIhvcNAQcCoIIK/jCCCvoCAQExCTAHBgUrDgMCGjArBgkqhkiG9w0BBwGgHg +|QcVGhpcyBpcyBzb21lIHNhbXBsZSBjb250ZW50LqCCB68wggIsMIIBlaADAgECAhBGNGvH +|gABWvBHTbi7EELOwMA0GCSqGSIb3DQEBBQUAMBIxEDAOBgNVBAMTB0NhcmxSU0EwHhcNOT +|kwOTE5MDEwODQ3WhcNMzkxMjMxMjM1OTU5WjATMREwDwYDVQQDEwhBbGljZVJTQTCBnzAN +|BgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA4IlzOY3Y9fXoh3Y5f06wBbtTg94Pt6vcfcd1KQ +|0FLm0S36aGJtTSb6pYKfyX7PqCUQ8wgL6xUJ5GRPEsu9gyz8ZobwfZsGCsvu40CWoT9fcF +|BZPfXro1Vtlh/xl/yYHm+Gzqh0Bw76xtLHSfLfpVOrmZdwKmSFKMTvNXOFd0V18CAwEAAa +|OBgTB/MAwGA1UdEwEB/wQCMAAwDgYDVR0PAQH/BAQDAgbAMB8GA1UdIwQYMBaAFOngkCes +|eCB6mtNM8kI3TiKunji7MB0GA1UdDgQWBBR30rTRt0yKiqPORZ3O7DygOuP/UDAfBgNVHR +|EEGDAWgRRBbGljZVJTQUBleGFtcGxlLmNvbTANBgkqhkiG9w0BAQUFAAOBgQA+cEeoSMwT +|WI/KUXFrTjYYXQR+gLGNTczKo4/MfVbIvM9usxxZqSCqBYGoTiWtp3AUdS/1x5vRDulj0m +|S3xmZucyFU3/S6JV19SdOUayI2dHO4SuwvZO3TPdKnQsXoN4q0259n5L2f+f507+r57mNq +|2D9LJQm12Bp2ruub20mwIjCCApswggJaoAMCAQICAQEwCQYHKoZIzjgEAzASMRAwDgYDVQ +|QDEwdDYXJsRFNTMB4XDTk5MDgxNjIyNTA1MFoXDTM5MTIzMTIzNTk1OVowEjEQMA4GA1UE +|AxMHQ2FybERTUzCCAbcwggErBgcqhkjOOAQBMIIBHgKBgQC2SRg+ikTBKXGUTAHEEsF6ec +|tUTasegfvGTLMOlAkG6wHUschxS8dFwFAlXZz82uRt0+KGSISCfboVlUoW9kbt3faY0rt+ +|igqKuhZ7uVABSJOL6yUVUZdV3I9TDhCpUPxwt80wVP3a3qiqIrWhr4vMAojni3Bfua3hCN +|RtKS3W6QIVAN3BL99Tzgs0YHc+AqS/il2YuRDVAoGADO5Xm0u92rYHanQ3T1V/ne28YQ3r +|Rlk8VgsrWwyRzqViUmnK4W0+vb/+4be5K2E8rcuuReMGrIwinZxEhwvHzfAc2bVOXXPerw +|7JHVpR9U9EeTVac6p/RlEfqUIWnEjrinlhtNUvUyJEYx+GuKNYBiX4KcDvuuB18ELEY2VS +|mwoDgYUAAoGBAJmHdCcDZqCxwK3cLHW74WxEnNohbU1HbbFiCenYrh7yOrSUsaOOeptxTg +|CUybQlTrlglhkkAfNiDP51wPvO2GgA4/3VcE/fI5YZBpT0sWGPOlexCBGkCyYl8FJ2geoL +|Yg2VKuaGunKyp1CDC6onzRupTYma140YOYQ/i8VWTYB6o0IwQDAPBgNVHRMBAf8EBTADAQ +|H/MA4GA1UdDwEB/wQEAwIBhjAdBgNVHQ4EFgQUcEQ+gi5vh95K03XjPSC8QyuT8R8wCQYH +|KoZIzjgEAwMwADAtAhRrqfBOelp54/m+PSvJBjfpERehEwIVAI80aSqLsTwDeZQyTRIfzo +|n7RrI7MIIC3DCCApugAwIBAgICAMgwCQYHKoZIzjgEAzASMRAwDgYDVQQDEwdDYXJsRFNT +|MB4XDTk5MDgxNzAxMTA0OVoXDTM5MTIzMTIzNTk1OVowEzERMA8GA1UEAxMIQWxpY2VEU1 +|MwggG2MIIBKwYHKoZIzjgEATCCAR4CgYEAgY3N7YPqCp45PsJIKKPkR5PdDteoDuxTxauE +|CE//lOFzSH4M1vNESNH+n6+koYkv4dkwyDbeP5u/t0zcX2mK5HXQNwyRCJWb3qde+fz0ny +|/dQ6iLVPE/sAcIR01diMPDtbPjVQh11Tl2EMR4vf+dsISXN/LkURu15AmWXPN+W9sCFQDi +|R6YaRWa4E8baj7g3IStii/eTzQKBgCY40BSJMqo5+z5t2UtZakx2IzkEAjVc8ssaMMMeUF +|3dm1nizaoFPVjAe6I2uG4Hr32KQiWn9HXPSgheSz6Q+G3qnMkhijt2FOnOLl2jB80jhbgv +|MAF8bUmJEYk2RL34yJVKU1a14vlz7BphNh8Rf8K97dFQ/5h0wtGBSmA5ujY5A4GEAAKBgF +|zjuVp1FJYLqXrd4z+p7Kxe3L23ExE0phaJKBEj2TSGZ3V1ExI9Q1tv5VG/+onyohs+JH09 +|B41bY8i7RaWgSuOF1s4GgD/oI34a8iSrUxq4Jw0e7wi/ZhSAXGKsZfoVi/G7NNTSljf2YU +|eyxDKE8H5BQP1Gp2NOM/Kl4vTyg+W4o4GBMH8wDAYDVR0TAQH/BAIwADAOBgNVHQ8BAf8E +|BAMCBsAwHwYDVR0jBBgwFoAUcEQ+gi5vh95K03XjPSC8QyuT8R8wHQYDVR0OBBYEFL5sob +|PjwfftQ3CkzhMB4v3jl/7NMB8GA1UdEQQYMBaBFEFsaWNlRFNTQGV4YW1wbGUuY29tMAkG +|ByqGSM44BAMDMAAwLQIUVQykGR9CK4lxIjONg2q1PWdrv0UCFQCfYVNSVAtcst3a53Yd4h +|BSW0NevaGB2zCB2DCBmTAJBgcqhkjOOAQDMBIxEDAOBgNVBAMTB0NhcmxEU1MXDTk5MDgy +|NzA3MDAwMFowaTATAgIAyBcNOTkwODIyMDcwMDAwWjATAgIAyRcNOTkwODIyMDcwMDAwWj +|ATAgIA0xcNOTkwODIyMDcwMDAwWjATAgIA0hcNOTkwODIyMDcwMDAwWjATAgIA1BcNOTkw +|ODI0MDcwMDAwWjAJBgcqhkjOOAQDAy8AMCwCFH5lUnYz/jRzF9H3lvmg1NhtXH09AhQCel +|u31VsYwc+H737aJPMqg5w1oTGCAiowggImAgEBMBgwEjEQMA4GA1UEAxMHQ2FybERTUwIC + + + +Hoffman, Ed. Informational [Page 127] + +RFC 4134 Examples of S/MIME Messages July 2005 + + +|AMgwBwYFKw4DAhqgXTAYBgkqhkiG9w0BCQMxCwYJKoZIhvcNAQcBMBwGCSqGSIb3DQEJBT +|EPFw0wMzA1MTQxNTM5MDBaMCMGCSqGSIb3DQEJBDEWBBRAauwIUnm6bhYCLZ4GKcAilofd +|SDAJBgcqhkjOOAQDBC4wLAIUO6XgStttWOAZ0QAcT0SaV3pxZmgCFBoRmNYfH680gQHevo +|vctqhqkWkToYIBYjA+BgsqhkiG9w0BCRACBDEvMC0MIENvbnRlbnQgSGludHMgRGVzY3Jp +|cHRpb24gQnVmZmVyBgkqhkiG9w0BBwEwggEeBgkqhkiG9w0BCQYxggEPMIIBCwIBATAmMB +|IxEDAOBgNVBAMTB0NhcmxSU0ECEEY0a8eAAFa8EdNuLsQQs7AwBwYFKw4DAhqgQzAcBgkq +|hkiG9w0BCQUxDxcNMDMwNTE0MTUzOTAwWjAjBgkqhkiG9w0BCQQxFgQUAl9JTjmYUIWzZt +|OKH3ueaar72DMwDQYJKoZIhvcNAQEBBQAEgYBtqiAk7XrupV6H3XUfK1QQZfTOm7EseHS8 +|ixxgtduLA55J8it/k249iRTJ42v09n12rj5YH5u7vHwwGU4Q9wLxi1u025q7k7QY0MwryZ +|GprdlG+GWp4nGV0NROH810b4LoN29aPcvH1F/CgBva04RAaF9WmmL1Ow1sM8PtZz9Dvw== +|<4.4.bin + +***4.5.bin*** + +|* Example 4.5.bin +|>4.5.bin +|MIAGCSqGSIb3DQEHAqCAMIACAQExCzAJBgUrDgMCGgUAMIAGCSqGSIb3DQEHAaCAJIAEBF +|RoaXMEGCBpcyBzb21lIHNhbXBsZSBjb250ZW50LgAAAAAAAKCAMIIB6zCCAVSgAwIBAgIQ +|RjRrx4AAVrwR024un/JQIDANBgkqhkiG9w0BAQUFADASMRAwDgYDVQQDEwdDYXJsUlNBMB +|4XDTk5MDgxODA3MDAwMFoXDTM5MTIzMTIzNTk1OVowEjEQMA4GA1UEAxMHQ2FybFJTQTCB +|nzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA5Ev/GLgkV/R3/25ze5NxXLwzGpKSciPYQU +|bQzRE6BLOOr4KdvVEeF3rydiwrhjmnvdeNGlPs5ADV6OyiNrHt4lDiMgmKP5+ZJY+4Tqu5 +|fdWWZdoWoMW+Dq5EW+9e9Kcpy4LdrETpqpOUKQ74GNbIV17ydsTyEWA4uRs8HZfJavECAw +|EAAaNCMEAwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAYYwHQYDVR0OBBYEFOng +|kCeseCB6mtNM8kI3TiKunji7MA0GCSqGSIb3DQEBBQUAA4GBALee1ATT7Snk/4mJFS5M2w +|zwSA8yYe7EBOwSXS3/D2RZfgrD7Rj941ZAN6cHtfA4EmFQ7e/dP+MLuGGlpJs85p6cVJq2 +|ldbabDu1LUU1nUkBdvq5uTH5+WsSU6D1FGCbfco+8lNrsDdvreZ019v6WuoUQWNdzb7IDs +|Haao1TNBgCMIICLDCCAZWgAwIBAgIQRjRrx4AAVrwR024uxBCzsDANBgkqhkiG9w0BAQUF +|ADASMRAwDgYDVQQDEwdDYXJsUlNBMB4XDTk5MDkxOTAxMDg0N1oXDTM5MTIzMTIzNTk1OV +|owEzERMA8GA1UEAxMIQWxpY2VSU0EwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAOCJ +|czmN2PX16Id2OX9OsAW7U4PeD7er3H3HdSkNBS5tEt+mhibU0m+qWCn8l+z6glEPMIC+sV +|CeRkTxLLvYMs/GaG8H2bBgrL7uNAlqE/X3BQWT3166NVbZYf8Zf8mB5vhs6odAcO+sbSx0 +|ny36VTq5mXcCpkhSjE7zVzhXdFdfAgMBAAGjgYEwfzAMBgNVHRMBAf8EAjAAMA4GA1UdDw +|EB/wQEAwIGwDAfBgNVHSMEGDAWgBTp4JAnrHggeprTTPJCN04irp44uzAdBgNVHQ4EFgQU +|d9K00bdMioqjzkWdzuw8oDrj/1AwHwYDVR0RBBgwFoEUQWxpY2VSU0FAZXhhbXBsZS5jb2 +|0wDQYJKoZIhvcNAQEFBQADgYEAPnBHqEjME1iPylFxa042GF0EfoCxjU3MyqOPzH1WyLzP +|brMcWakgqgWBqE4lradwFHUv9ceb0Q7pY9Jkt8ZmbnMhVN/0uiVdfUnTlGsiNnRzuErsL2 +|Tt0z3Sp0LF6DeKtNufZ+S9n/n+dO/q+e5jatg/SyUJtdgadq7rm9tJsCIAADGByzCByAIB +|ATAmMBIxEDAOBgNVBAMTB0NhcmxSU0ECEEY0a8eAAFa8EdNuLsQQs7AwCQYFKw4DAhoFAD +|ANBgkqhkiG9w0BAQEFAASBgC8jgtLzCV+4DFjrTp2/iZqB5XXEkT3T0NV7ttX+lKGKrOPE +|hPXNYE4nlfbPAIZ2dT8r8OfUAmen9ceNFgSls7Xn2TLwJO/nIETVnwfFUyT6zgEdDxcTpy +|qVnSvkA5UUC+k5DbrObpyeDOiY5lUT1Ghv0AfXorFiTOOPr/3g1V3HAAAAAAAA +|<4.5.bin + + + + + + + + +Hoffman, Ed. Informational [Page 128] + +RFC 4134 Examples of S/MIME Messages July 2005 + + +***4.6.bin*** + +|* Example 4.6.bin +|>4.6.bin +|MIIFtwYJKoZIhvcNAQcCoIIFqDCCBaQCAQExCTAHBgUrDgMCGjArBgkqhkiG9w0BBwGgHg +|QcVGhpcyBpcyBzb21lIHNhbXBsZSBjb250ZW50LqCCBJwwggG4MIIBd6ADAgECAgIA0jAJ +|BgcqhkjOOAQDMBIxEDAOBgNVBAMTB0NhcmxEU1MwHhcNOTkwODE3MDIwODEwWhcNMzkxMj +|MxMjM1OTU5WjATMREwDwYDVQQDEwhEaWFuZURTUzCBkzAJBgcqhkjOOAQBA4GFAAKBgQCg +|ABd4LO5+gVMuLmEID6GbUVIa2lmocy8SJbYIy8rvKkR2ilIJ6r0FItUP9v1G16+ZOAkOE8 +|tPLN0cNPccvyX/I9M7WeeClze+MSTYGMjzSTlbt+LlJ378jEVyW34+j2hN3UZ6Ir6O/8za +|OSmjOeWfQ+lVyddbpoFnzMCqzS7FI6OBgTB/MAwGA1UdEwEB/wQCMAAwDgYDVR0PAQH/BA +|QDAgbAMB8GA1UdIwQYMBaAFHBEPoIub4feStN14z0gvEMrk/EfMB0GA1UdDgQWBBRkMJl9 +|XNxFC5k6Ui8Wv1hQ3c4rGDAfBgNVHREEGDAWgRREaWFuZURTU0BleGFtcGxlLmNvbTAJBg +|cqhkjOOAQDAzAAMC0CFQChGvgXDj5dqIz0tlUzHkvjLKy5XwIUKEsQRVjSHJ1VNRQYkbI/ +|Od+1btMwggLcMIICm6ADAgECAgIAyDAJBgcqhkjOOAQDMBIxEDAOBgNVBAMTB0NhcmxEU1 +|MwHhcNOTkwODE3MDExMDQ5WhcNMzkxMjMxMjM1OTU5WjATMREwDwYDVQQDEwhBbGljZURT +|UzCCAbYwggErBgcqhkjOOAQBMIIBHgKBgQCBjc3tg+oKnjk+wkgoo+RHk90O16gO7FPFq4 +|QIT/+U4XNIfgzW80RI0f6fr6ShiS/h2TDINt4/m7+3TNxfaYrkddA3DJEIlZvep175/PSf +|L91DqItU8T+wBwhHTV2Iw8O1s+NVCHXVOXYQxHi9/52whJc38uRRG7XkCZZc835b2wIVAO +|JHphpFZrgTxtqPuDchK2KL95PNAoGAJjjQFIkyqjn7Pm3ZS1lqTHYjOQQCNVzyyxowwx5Q +|Xd2bWeLNqgU9WMB7oja4bgevfYpCJaf0dc9KCF5LPpD4beqcySGKO3YU6c4uXaMHzSOFuC +|8wAXxtSYkRiTZEvfjIlUpTVrXi+XPsGmE2HxF/wr3t0VD/mHTC0YFKYDm6NjkDgYQAAoGA +|XOO5WnUUlgupet3jP6nsrF7cvbcTETSmFokoESPZNIZndXUTEj1DW2/lUb/6ifKiGz4kfT +|0HjVtjyLtFpaBK44XWzgaAP+gjfhryJKtTGrgnDR7vCL9mFIBcYqxl+hWL8bs01NKWN/Zh +|R7LEMoTwfkFA/UanY04z8qXi9PKD5bijgYEwfzAMBgNVHRMBAf8EAjAAMA4GA1UdDwEB/w +|QEAwIGwDAfBgNVHSMEGDAWgBRwRD6CLm+H3krTdeM9ILxDK5PxHzAdBgNVHQ4EFgQUvmyh +|s+PB9+1DcKTOEwHi/eOX/s0wHwYDVR0RBBgwFoEUQWxpY2VEU1NAZXhhbXBsZS5jb20wCQ +|YHKoZIzjgEAwMwADAtAhRVDKQZH0IriXEiM42DarU9Z2u/RQIVAJ9hU1JUC1yy3drndh3i +|EFJbQ169MYHGMGECAQEwGDASMRAwDgYDVQQDEwdDYXJsRFNTAgIAyDAHBgUrDgMCGjAJBg +|cqhkjOOAQDBC4wLAIUSCTei4XyFq/sgmGpVNAtBKHMWk8CFBft1XcC7nUT2BC9PZcXIIi7 +|/XuBMGECAQEwGDASMRAwDgYDVQQDEwdDYXJsRFNTAgIA0jAHBgUrDgMCGjAJBgcqhkjOOA +|QDBC4wLAIUFf+BTYytgE6bNVgEN25jbulbg/oCFAZ+WE4rMYRB7Ul5OD530qaMdQgh +|<4.6.bin + +***4.7.bin*** + +|* Example 4.7.bin +|>4.7.bin +|MIIDlAYJKoZIhvcNAQcCoIIDhTCCA4ECAQMxCTAHBgUrDgMCGjArBgkqhkiG9w0BBwGgHg +|QcVGhpcyBpcyBzb21lIHNhbXBsZSBjb250ZW50LqCCAuAwggLcMIICm6ADAgECAgIAyDAJ +|BgcqhkjOOAQDMBIxEDAOBgNVBAMTB0NhcmxEU1MwHhcNOTkwODE3MDExMDQ5WhcNMzkxMj +|MxMjM1OTU5WjATMREwDwYDVQQDEwhBbGljZURTUzCCAbYwggErBgcqhkjOOAQBMIIBHgKB +|gQCBjc3tg+oKnjk+wkgoo+RHk90O16gO7FPFq4QIT/+U4XNIfgzW80RI0f6fr6ShiS/h2T +|DINt4/m7+3TNxfaYrkddA3DJEIlZvep175/PSfL91DqItU8T+wBwhHTV2Iw8O1s+NVCHXV +|OXYQxHi9/52whJc38uRRG7XkCZZc835b2wIVAOJHphpFZrgTxtqPuDchK2KL95PNAoGAJj +|jQFIkyqjn7Pm3ZS1lqTHYjOQQCNVzyyxowwx5QXd2bWeLNqgU9WMB7oja4bgevfYpCJaf0 +|dc9KCF5LPpD4beqcySGKO3YU6c4uXaMHzSOFuC8wAXxtSYkRiTZEvfjIlUpTVrXi+XPsGm +|E2HxF/wr3t0VD/mHTC0YFKYDm6NjkDgYQAAoGAXOO5WnUUlgupet3jP6nsrF7cvbcTETSm + + + +Hoffman, Ed. Informational [Page 129] + +RFC 4134 Examples of S/MIME Messages July 2005 + + +|FokoESPZNIZndXUTEj1DW2/lUb/6ifKiGz4kfT0HjVtjyLtFpaBK44XWzgaAP+gjfhryJK +|tTGrgnDR7vCL9mFIBcYqxl+hWL8bs01NKWN/ZhR7LEMoTwfkFA/UanY04z8qXi9PKD5bij +|gYEwfzAMBgNVHRMBAf8EAjAAMA4GA1UdDwEB/wQEAwIGwDAfBgNVHSMEGDAWgBRwRD6CLm +|+H3krTdeM9ILxDK5PxHzAdBgNVHQ4EFgQUvmyhs+PB9+1DcKTOEwHi/eOX/s0wHwYDVR0R +|BBgwFoEUQWxpY2VEU1NAZXhhbXBsZS5jb20wCQYHKoZIzjgEAwMwADAtAhRVDKQZH0IriX +|EiM42DarU9Z2u/RQIVAJ9hU1JUC1yy3drndh3iEFJbQ169MWAwXgIBA4AUvmyhs+PB9+1D +|cKTOEwHi/eOX/s0wBwYFKw4DAhowCQYHKoZIzjgEAwQvMC0CFQCJw2t7VvfDEgBl8Tf1xF +|gXjRFXgwIUCw9DOqrs3nphLIyc9UGZpzwgw7c= +|<4.7.bin + +***4.8.eml*** + +|* Example 4.8.eml +|>4.8.eml +|TUlNRS1WZXJzaW9uOiAxLjAKVG86IFVzZXIyQGV4YW1wbGVzLmNvbQpGcm9tOiBhbGljZU +|Rzc0BleGFtcGxlcy5jb20KU3ViamVjdDogRXhhbXBsZSA0LjgKTWVzc2FnZS1JZDogPDAy +|MDkwNjAwMjU1MDMwMC4yNDlAZXhhbXBsZXMuY29tPgpEYXRlOiBGcmksIDA2IFNlcCAyMD +|AyIDAwOjI1OjIxIC0wMzAwIApDb250ZW50LVR5cGU6IG11bHRpcGFydC9zaWduZWQ7CiAg +|ICBtaWNhbGc9U0hBMTsKICAgIGJvdW5kYXJ5PSItLS0tPV9OZXh0Qm91bmRyeV9fX19Gcm +|ksXzA2X1NlcF8yMDAyXzAwOjI1OjIxIjsKICAgIHByb3RvY29sPSJhcHBsaWNhdGlvbi9w +|a2NzNy1zaWduYXR1cmUiCgpUaGlzIGlzIGEgbXVsdGktcGFydCBtZXNzYWdlIGluIE1JTU +|UgZm9ybWF0LgoKLS0tLS0tPV9OZXh0Qm91bmRyeV9fX19GcmksXzA2X1NlcF8yMDAyXzAw +|OjI1OjIxCgpUaGlzIGlzIHNvbWUgc2FtcGxlIGNvbnRlbnQuCi0tLS0tLT1fTmV4dEJvdW +|5kcnlfX19fRnJpLF8wNl9TZXBfMjAwMl8wMDoyNToyMQpDb250ZW50LVR5cGU6IGFwcGxp +|Y2F0aW9uL3BrY3M3LXNpZ25hdHVyZTsgbmFtZT1zbWltZS5wN3MKQ29udGVudC1UcmFuc2 +|Zlci1FbmNvZGluZzogYmFzZTY0CkNvbnRlbnQtRGlzcG9zaXRpb246IGF0dGFjaG1lbnQ7 +|IGZpbGVuYW1lPXNtaW1lLnA3cwoKTUlJRGR3WUpLb1pJaHZjTkFRY0NvSUlEYURDQ0EyUU +|NBUUV4Q1RBSEJnVXJEZ01DR2pBTEJna3Foa2lHOXcwQkJ3R2dnZ0xnTUlJQwozRENDQXB1 +|Z0F3SUJBZ0lDQU1nd0NRWUhLb1pJempnRUF6QVNNUkF3RGdZRFZRUURFd2REWVhKc1JGTl +|RNQjRYRFRrNU1EZ3hOekF4Ck1UQTBPVm9YRFRNNU1USXpNVEl6TlRrMU9Wb3dFekVSTUE4 +|R0ExVUVBeE1JUVd4cFkyVkVVMU13Z2dHMk1JSUJLd1lIS29aSXpqZ0UKQVRDQ0FSNENnWU +|VBZ1kzTjdZUHFDcDQ1UHNKSUtLUGtSNVBkRHRlb0R1eFR4YXVFQ0UvL2xPRnpTSDRNMXZO +|RVNOSCtuNitrb1lrdgo0ZGt3eURiZVA1dS90MHpjWDJtSzVIWFFOd3lSQ0pXYjNxZGUrZn +|owbnkvZFE2aUxWUEUvc0FjSVIwMWRpTVBEdGJQalZRaDExVGwyCkVNUjR2Zitkc0lTWE4v +|TGtVUnUxNUFtV1hQTitXOXNDRlFEaVI2WWFSV2E0RThiYWo3ZzNJU3RpaS9lVHpRS0JnQ1 +|k0MEJTSk1xbzUKK3o1dDJVdFpha3gySXprRUFqVmM4c3NhTU1NZVVGM2RtMW5pemFvRlBW +|akFlNkkydUc0SHIzMktRaVduOUhYUFNnaGVTejZRK0czcQpuTWtoaWp0MkZPbk9MbDJqQj +|gwamhiZ3ZNQUY4YlVtSkVZazJSTDM0eUpWS1UxYTE0dmx6N0JwaE5oOFJmOEs5N2RGUS81 +|aDB3dEdCClNtQTV1alk1QTRHRUFBS0JnRnpqdVZwMUZKWUxxWHJkNHorcDdLeGUzTDIzRX +|hFMHBoYUpLQkVqMlRTR1ozVjFFeEk5UTF0djVWRy8KK29ueW9ocytKSDA5QjQxYlk4aTdS +|YVdnU3VPRjFzNEdnRC9vSTM0YThpU3JVeHE0SncwZTd3aS9aaFNBWEdLc1pmb1ZpL0c3Tk +|5UUwpsamYyWVVleXhES0U4SDVCUVAxR3AyTk9NL0tsNHZUeWcrVzRvNEdCTUg4d0RBWURW +|UjBUQVFIL0JBSXdBREFPQmdOVkhROEJBZjhFCkJBTUNCc0F3SHdZRFZSMGpCQmd3Rm9BVW +|NFUStnaTV2aDk1SzAzWGpQU0M4UXl1VDhSOHdIUVlEVlIwT0JCWUVGTDVzb2JQandmZnQK +|UTNDa3poTUI0djNqbC83Tk1COEdBMVVkRVFRWU1CYUJGRUZzYVdObFJGTlRRR1Y0WVcxd2 +|JHVXVZMjl0TUFrR0J5cUdTTTQ0QkFNRApNQUF3TFFJVVZReWtHUjlDSzRseElqT05nMnEx +|UFdkcnYwVUNGUUNmWVZOU1ZBdGNzdDNhNTNZZDRoQlNXME5ldlRGak1HRUNBUUV3CkdEQV +|NNUkF3RGdZRFZRUURFd2REWVhKc1JGTlRBZ0lBeURBSEJnVXJEZ01DR2pBSkJnY3Foa2pP + + + +Hoffman, Ed. Informational [Page 130] + +RFC 4134 Examples of S/MIME Messages July 2005 + + +|T0FRREJDNHdMQUlVTS9tR2Y2Z2sKZ3A5WjBYdFJkR2ltSmVCL0J4VUNGR0ZGSnF3WVJ0MV +|dZY0lPUW9HaWFvd3FHelZJCgotLS0tLS09X05leHRCb3VuZHJ5X19fX0ZyaSxfMDZfU2Vw +|XzIwMDJfMDA6MjU6MjEtLQo= +|<4.8.eml + +***4.9.eml*** + +|* Example 4.9.eml +|>4.9.eml +|TUlNRS1WZXJzaW9uOiAxLjAKVG86IFVzZXIyQGV4YW1wbGVzLmNvbQpGcm9tOiBhbGljZU +|Rzc0BleGFtcGxlcy5jb20KU3ViamVjdDogRXhhbXBsZSA0LjkKTWVzc2FnZS1JZDogPDAy +|MTAzMTE2NDU0MDMwMC4zMDRAZXhhbXBsZXMuY29tPgpEYXRlOiBUaHUsIDMxIE9jdCAyMD +|AyIDE2OjQ1OjE0IC0wMzAwIApDb250ZW50LVR5cGU6IGFwcGxpY2F0aW9uL3BrY3M3LW1p +|bWU7IHNtaW1lLXR5cGU9c2lnbmVkLWRhdGE7CiAgICBuYW1lPXNtaW1lLnA3bQpDb250ZW +|50LVRyYW5zZmVyLUVuY29kaW5nOiBiYXNlNjQKQ29udGVudC1EaXNwb3NpdGlvbjogYXR0 +|YWNobWVudDsgZmlsZW5hbWU9c21pbWUucDdtCgpNSUlEbVFZSktvWklodmNOQVFjQ29JSU +|RpakNDQTRZQ0FRRXhDVEFIQmdVckRnTUNHakF0QmdrcWhraUc5dzBCQndHZ0lBUWVEUXBV +|CmFHbHpJR2x6SUhOdmJXVWdjMkZ0Y0d4bElHTnZiblJsYm5RdW9JSUM0RENDQXR3d2dnS2 +|JvQU1DQVFJQ0FnRElNQWtHQnlxR1NNNDQKQkFNd0VqRVFNQTRHQTFVRUF4TUhRMkZ5YkVS +|VFV6QWVGdzA1T1RBNE1UY3dNVEV3TkRsYUZ3MHpPVEV5TXpFeU16VTVOVGxhTUJNeApFVE +|FQQmdOVkJBTVRDRUZzYVdObFJGTlRNSUlCdGpDQ0FTc0dCeXFHU000NEJBRXdnZ0VlQW9H +|QkFJR056ZTJENmdxZU9UN0NTQ2lqCjVFZVQzUTdYcUE3c1U4V3JoQWhQLzVUaGMwaCtETm +|J6UkVqUi9wK3ZwS0dKTCtIWk1NZzIzaitidjdkTTNGOXBpdVIxMERjTWtRaVYKbTk2blh2 +|bjg5Sjh2M1VPb2kxVHhQN0FIQ0VkTlhZakR3N1d6NDFVSWRkVTVkaERFZUwzL25iQ0Vsem +|Z5NUZFYnRlUUpsbHp6Zmx2YgpBaFVBNGtlbUdrVm11QlBHMm8rNE55RXJZb3YzazgwQ2dZ +|QW1PTkFVaVRLcU9mcytiZGxMV1dwTWRpTTVCQUkxWFBMTEdqRERIbEJkCjNadFo0czJxQl +|QxWXdIdWlOcmh1QjY5OWlrSWxwL1IxejBvSVhrcytrUGh0NnB6SklZbzdkaFRwemk1ZG93 +|Zk5JNFc0THpBQmZHMUoKaVJHSk5rUzkrTWlWU2xOV3RlTDVjK3dhWVRZZkVYL0N2ZTNSVV +|ArWWRNTFJnVXBnT2JvMk9RT0JoQUFDZ1lCYzQ3bGFkUlNXQzZsNgozZU0vcWV5c1h0eTl0 +|eE1STktZV2lTZ1JJOWswaG1kMWRSTVNQVU5iYitWUnYvcUo4cUliUGlSOVBRZU5XMlBJdT +|BXbG9FcmpoZGJPCkJvQS82Q04rR3ZJa3ExTWF1Q2NOSHU4SXYyWVVnRnhpckdYNkZZdnh1 +|elRVMHBZMzltRkhzc1F5aFBCK1FVRDlScWRqVGpQeXBlTDAKOG9QbHVLT0JnVEIvTUF3R0 +|ExVWRFd0VCL3dRQ01BQXdEZ1lEVlIwUEFRSC9CQVFEQWdiQU1COEdBMVVkSXdRWU1CYUFG +|SEJFUG9JdQpiNGZlU3ROMTR6MGd2RU1yay9FZk1CMEdBMVVkRGdRV0JCUytiS0d6NDhIMz +|dVTndwTTRUQWVMOTQ1Zit6VEFmQmdOVkhSRUVHREFXCmdSUkJiR2xqWlVSVFUwQmxlR0Z0 +|Y0d4bExtTnZiVEFKQmdjcWhrak9PQVFEQXpBQU1DMENGRlVNcEJrZlFpdUpjU0l6allOcX +|RUMW4KYTc5RkFoVUFuMkZUVWxRTFhMTGQydWQySGVJUVVsdERYcjB4WXpCaEFnRUJNQmd3 +|RWpFUU1BNEdBMVVFQXhNSFEyRnliRVJUVXdJQwpBTWd3QndZRkt3NERBaG93Q1FZSEtvWk +|l6amdFQXdRdU1Dd0NGRDFjU1c2TElVRnplWGxlM1lJNVNLU0Jlci9zQWhRbUNxN3MvQ1RG +|CkhPRWpnQVNlVWpiTXB4NWc2QT09Cg== +|<4.9.eml + +***4.10.bin*** + +|* Example 4.10.bin +|>4.10.bin +|MIIH/wYJKoZIhvcNAQcCoIIH8DCCB+wCAQExCTAHBgUrDgMCGjArBgkqhkiG9w0BBwGgHg +|QcVGhpcyBpcyBzb21lIHNhbXBsZSBjb250ZW50LqCCAuAwggLcMIICm6ADAgECAgIAyDAJ + + + +Hoffman, Ed. Informational [Page 131] + +RFC 4134 Examples of S/MIME Messages July 2005 + + +|BgcqhkjOOAQDMBIxEDAOBgNVBAMTB0NhcmxEU1MwHhcNOTkwODE3MDExMDQ5WhcNMzkxMj +|MxMjM1OTU5WjATMREwDwYDVQQDEwhBbGljZURTUzCCAbYwggErBgcqhkjOOAQBMIIBHgKB +|gQCBjc3tg+oKnjk+wkgoo+RHk90O16gO7FPFq4QIT/+U4XNIfgzW80RI0f6fr6ShiS/h2T +|DINt4/m7+3TNxfaYrkddA3DJEIlZvep175/PSfL91DqItU8T+wBwhHTV2Iw8O1s+NVCHXV +|OXYQxHi9/52whJc38uRRG7XkCZZc835b2wIVAOJHphpFZrgTxtqPuDchK2KL95PNAoGAJj +|jQFIkyqjn7Pm3ZS1lqTHYjOQQCNVzyyxowwx5QXd2bWeLNqgU9WMB7oja4bgevfYpCJaf0 +|dc9KCF5LPpD4beqcySGKO3YU6c4uXaMHzSOFuC8wAXxtSYkRiTZEvfjIlUpTVrXi+XPsGm +|E2HxF/wr3t0VD/mHTC0YFKYDm6NjkDgYQAAoGAXOO5WnUUlgupet3jP6nsrF7cvbcTETSm +|FokoESPZNIZndXUTEj1DW2/lUb/6ifKiGz4kfT0HjVtjyLtFpaBK44XWzgaAP+gjfhryJK +|tTGrgnDR7vCL9mFIBcYqxl+hWL8bs01NKWN/ZhR7LEMoTwfkFA/UanY04z8qXi9PKD5bij +|gYEwfzAMBgNVHRMBAf8EAjAAMA4GA1UdDwEB/wQEAwIGwDAfBgNVHSMEGDAWgBRwRD6CLm +|+H3krTdeM9ILxDK5PxHzAdBgNVHQ4EFgQUvmyhs+PB9+1DcKTOEwHi/eOX/s0wHwYDVR0R +|BBgwFoEUQWxpY2VEU1NAZXhhbXBsZS5jb20wCQYHKoZIzjgEAwMwADAtAhRVDKQZH0IriX +|EiM42DarU9Z2u/RQIVAJ9hU1JUC1yy3drndh3iEFJbQ169MYIEyTCCBMUCAQEwGDASMRAw +|DgYDVQQDEwdDYXJsRFNTAgIAyDAHBgUrDgMCGqCCBF8wGAYJKoZIhvcNAQkDMQsGCSqGSI +|b3DQEHATAjBgkqhkiG9w0BCQQxFgQUQGrsCFJ5um4WAi2eBinAIpaH3UgwOAYDKqszMTEE +|L1RoaXMgaXMgYSB0ZXN0IEdlbmVyYWwgQVNOIEF0dHJpYnV0ZSwgbnVtYmVyIDEuMD4GCy +|qGSIb3DQEJEAIEMS8wLQwgQ29udGVudCBIaW50cyBEZXNjcmlwdGlvbiBCdWZmZXIGCSqG +|SIb3DQEHATBKBgkqhkiG9w0BCQ8xPTA7MAcGBSoDBAUGMDAGBioDBAUGTQQmU21pbWUgQ2 +|FwYWJpbGl0aWVzIHBhcmFtZXRlcnMgYnVmZmVyIDIwbQYLKoZIhvcNAQkQAgIxXjFcAgEB +|BgcqAwQFBgcIExtUSElTIElTIEEgUFJJVkFDWSBNQVJLIFRFU1QxMTAvgAgqAwQFBgeGeK +|EjEyFUSElTIElTIEEgVEVTVCBTRUNVUklUWS1DQVRFR09SWS4wbwYLKoZIhvcNAQkQAgox +|YDBeBgUqAwQFBgQrQ29udGVudCBSZWZlcmVuY2UgQ29udGVudCBJZGVudGlmaWVyIEJ1Zm +|ZlcgQoQ29udGVudCBSZWZlcmVuY2UgU2lnbmF0dXJlIFZhbHVlIEJ1ZmZlcjBzBgsqhkiG +|9w0BCRACCzFkoGIwWjELMAkGA1UEBhMCVVMxFjAUBgNVBAoTDVVTIEdvdmVybm1lbnQxET +|APBgNVBAsTCFZEQSBTaXRlMQwwCgYDVQQLEwNWREExEjAQBgNVBAMTCURhaXN5IFJTQQIE +|ClVEMzCB/AYLKoZIhvcNAQkQAgMxgewwgekwgeYEBzU3MzgyOTkYDzE5OTkwMzExMTA0ND +|MzWqGByTCBxqRhMF8xCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1VUyBHb3Zlcm5tZW50MREw +|DwYDVQQLEwhWREEgU2l0ZTEMMAoGA1UECxMDVkRBMRcwFQYDVQQDEw5CdWdzIEJ1bm55IE +|RTQaRhMF8xCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1VUyBHb3Zlcm5tZW50MREwDwYDVQQL +|EwhWREEgU2l0ZTEMMAoGA1UECxMDVkRBMRcwFQYDVQQDEw5FbG1lciBGdWRkIERTQTCCAQ +|IGCyqGSIb3DQEJEAIJMYHyMIHvMXICAQEGByoDBAUGBwkTJkVRVUlWQUxFTlQgVEhJUyBJ +|UyBBIFBSSVZBQ1kgTUFSSyBURVNUMTwwOoAIKgMEBQYHhnihLhMsRVFVSVZBTEVOVCBUSE +|lTIElTIEEgVEVTVCBTRUNVUklUWS1DQVRFR09SWS4xeQIBAQYHKgMEBQYHChMtRVFVSVZB +|TEVOVCBUSElTIElTIEEgU0VDT05EIFBSSVZBQ1kgTUFSSyBURVNUMTwwOoAIKgMEBQYHhn +|ihLhMsRVFVSVZBTEVOVCBUSElTIElTIEEgVEVTVCBTRUNVUklUWS1DQVRFR09SWS4wCQYH +|KoZIzjgEAwQvMC0CFQC8MzdlxPdwXBdJE6pMhcq7UpFIWQIUY5aiFIvPV96wSF9sZN2EBE +|lfHMo= +|<4.10.bin + +***4.11.bin*** + +|* Example 4.11.bin +|>4.11.bin +|MIIGiAYJKoZIhvcNAQcCoIIGeTCCBnUCAQExADALBgkqhkiG9w0BBwGgggV/MIICmzCCAl +|qgAwIBAgIBATAJBgcqhkjOOAQDMBIxEDAOBgNVBAMTB0NhcmxEU1MwHhcNOTkwODE2MjI1 +|MDUwWhcNMzkxMjMxMjM1OTU5WjASMRAwDgYDVQQDEwdDYXJsRFNTMIIBtzCCASsGByqGSM +|44BAEwggEeAoGBALZJGD6KRMEpcZRMAcQSwXp5y1RNqx6B+8ZMsw6UCQbrAdSxyHFLx0XA + + + +Hoffman, Ed. Informational [Page 132] + +RFC 4134 Examples of S/MIME Messages July 2005 + + +|UCVdnPza5G3T4oZIhIJ9uhWVShb2Ru3d9pjSu36KCoq6Fnu5UAFIk4vrJRVRl1Xcj1MOEK +|lQ/HC3zTBU/dreqKoitaGvi8wCiOeLcF+5reEI1G0pLdbpAhUA3cEv31POCzRgdz4CpL+K +|XZi5ENUCgYAM7lebS73atgdqdDdPVX+d7bxhDetGWTxWCytbDJHOpWJSacrhbT69v/7ht7 +|krYTyty65F4wasjCKdnESHC8fN8BzZtU5dc96vDskdWlH1T0R5NVpzqn9GUR+pQhacSOuK +|eWG01S9TIkRjH4a4o1gGJfgpwO+64HXwQsRjZVKbCgOBhQACgYEAmYd0JwNmoLHArdwsdb +|vhbESc2iFtTUdtsWIJ6diuHvI6tJSxo456m3FOAJTJtCVOuWCWGSQB82IM/nXA+87YaADj +|/dVwT98jlhkGlPSxYY86V7EIEaQLJiXwUnaB6gtiDZUq5oa6crKnUIMLqifNG6lNiZrXjR +|g5hD+LxVZNgHqjQjBAMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgGGMB0GA1Ud +|DgQWBBRwRD6CLm+H3krTdeM9ILxDK5PxHzAJBgcqhkjOOAQDAzAAMC0CFGup8E56Wnnj+b +|49K8kGN+kRF6ETAhUAjzRpKouxPAN5lDJNEh/OiftGsjswggLcMIICm6ADAgECAgIAyDAJ +|BgcqhkjOOAQDMBIxEDAOBgNVBAMTB0NhcmxEU1MwHhcNOTkwODE3MDExMDQ5WhcNMzkxMj +|MxMjM1OTU5WjATMREwDwYDVQQDEwhBbGljZURTUzCCAbYwggErBgcqhkjOOAQBMIIBHgKB +|gQCBjc3tg+oKnjk+wkgoo+RHk90O16gO7FPFq4QIT/+U4XNIfgzW80RI0f6fr6ShiS/h2T +|DINt4/m7+3TNxfaYrkddA3DJEIlZvep175/PSfL91DqItU8T+wBwhHTV2Iw8O1s+NVCHXV +|OXYQxHi9/52whJc38uRRG7XkCZZc835b2wIVAOJHphpFZrgTxtqPuDchK2KL95PNAoGAJj +|jQFIkyqjn7Pm3ZS1lqTHYjOQQCNVzyyxowwx5QXd2bWeLNqgU9WMB7oja4bgevfYpCJaf0 +|dc9KCF5LPpD4beqcySGKO3YU6c4uXaMHzSOFuC8wAXxtSYkRiTZEvfjIlUpTVrXi+XPsGm +|E2HxF/wr3t0VD/mHTC0YFKYDm6NjkDgYQAAoGAXOO5WnUUlgupet3jP6nsrF7cvbcTETSm +|FokoESPZNIZndXUTEj1DW2/lUb/6ifKiGz4kfT0HjVtjyLtFpaBK44XWzgaAP+gjfhryJK +|tTGrgnDR7vCL9mFIBcYqxl+hWL8bs01NKWN/ZhR7LEMoTwfkFA/UanY04z8qXi9PKD5bij +|gYEwfzAMBgNVHRMBAf8EAjAAMA4GA1UdDwEB/wQEAwIGwDAfBgNVHSMEGDAWgBRwRD6CLm +|+H3krTdeM9ILxDK5PxHzAdBgNVHQ4EFgQUvmyhs+PB9+1DcKTOEwHi/eOX/s0wHwYDVR0R +|BBgwFoEUQWxpY2VEU1NAZXhhbXBsZS5jb20wCQYHKoZIzjgEAwMwADAtAhRVDKQZH0IriX +|EiM42DarU9Z2u/RQIVAJ9hU1JUC1yy3drndh3iEFJbQ169oYHbMIHYMIGZMAkGByqGSM44 +|BAMwEjEQMA4GA1UEAxMHQ2FybERTUxcNOTkwODI3MDcwMDAwWjBpMBMCAgDIFw05OTA4Mj +|IwNzAwMDBaMBMCAgDJFw05OTA4MjIwNzAwMDBaMBMCAgDTFw05OTA4MjIwNzAwMDBaMBMC +|AgDSFw05OTA4MjIwNzAwMDBaMBMCAgDUFw05OTA4MjQwNzAwMDBaMAkGByqGSM44BAMDLw +|AwLAIUfmVSdjP+NHMX0feW+aDU2G1cfT0CFAJ6W7fVWxjBz4fvftok8yqDnDWhMQA= +|<4.11.bin + +***5.1.bin*** + +|* Example 5.1.bin +|>5.1.bin +|MIIBHgYJKoZIhvcNAQcDoIIBDzCCAQsCAQAxgcAwgb0CAQAwJjASMRAwDgYDVQQDEwdDYX +|JsUlNBAhBGNGvHgABWvBHTbi7NXXHQMA0GCSqGSIb3DQEBAQUABIGAC3EN5nGIiJi2lsGP +|cP2iJ97a4e8kbKQz36zg6Z2i0yx6zYC4mZ7mX7FBs3IWg+f6KgCLx3M1eCbWx8+MDFbbpX +|adCDgO8/nUkUNYeNxJtuzubGgzoyEd8Ch4H/dd9gdzTd+taTEgS0ipdSJuNnkVY4/M652j +|KKHRLFf02hosdR8wQwYJKoZIhvcNAQcBMBQGCCqGSIb3DQMHBAgtaMXpRwZRNYAgDsiSf8 +|Z9P43LrY4OxUk660cu1lXeCSFOSOpOJ7FuVyU= +|<5.1.bin + + + + + + + + + + +Hoffman, Ed. Informational [Page 133] + +RFC 4134 Examples of S/MIME Messages July 2005 + + +***5.2.bin*** + +|* Example 5.2.bin +|>5.2.bin +|MIIBZQYJKoZIhvcNAQcDoIIBVjCCAVICAQIxggEAMIG9AgEAMCYwEjEQMA4GA1UEAxMHQ2 +|FybFJTQQIQRjRrx4AAVrwR024uzV1x0DANBgkqhkiG9w0BAQEFAASBgJQmQojGi7Z4IP+C +|VypBmNFoCDoEp87khtgyff2N4SmqD3RxPx+8hbLQt9i3YcMwcap+aiOkyqjMalT03VUC0X +|BOGv+HYI3HBZm/aFzxoq+YOXAWs5xlGerZwTOc9j6AYlK4qXvnztR5SQ8TBjlzytm4V7zg +|+TGrnGVNQBNw47Ewoj4CAQQwDQQLTWFpbExpc3RSQzIwEAYLKoZIhvcNAQkQAwcCAToEGH +|cUr5MSJ/g9HnJVHsQ6X56VcwYb+OfojTBJBgkqhkiG9w0BBwEwGgYIKoZIhvcNAwIwDgIC +|AKAECJwE0hkuKlWhgCBeKNXhojuej3org9Lt7n+wWxOhnky5V50vSpoYRfRRyw== +|<5.2.bin + +***5.3.eml*** + +|* Example 5.3.eml +|>5.3.eml +|TUlNRS1WZXJzaW9uOiAxLjAKTWVzc2FnZS1JZDogPDAwMTAzMTEyMDA1MjAzLjAwMzQ5QG +|FteWVtaWx5LmlnLmNvbT4KRGF0ZTogVHVlLCAzMSBPY3QgMjAwMCAxMjowMDo1MiAtMDYw +|MCAoQ2VudHJhbCBTdGFuZGFyZCBUaW1lKQpGcm9tOiBVc2VyMQpUbzogVXNlcjIKU3Viam +|VjdDogRXhhbXBsZSA1LjMKQ29udGVudC1UeXBlOiBhcHBsaWNhdGlvbi9wa2NzNy1taW1l +|OwoJbmFtZT1zbWltZS5wN207CglzbWltZS10eXBlPWVudmVsb3BlZC1kYXRhCkNvbnRlbn +|QtVHJhbnNmZXItRW5jb2Rpbmc6IGJhc2U2NApDb250ZW50LURpc3Bvc2l0aW9uOiBhdHRh +|Y2htZW50OyBmaWxlbmFtZT1zbWltZS5wN20KCk1JSUJIZ1lKS29aSWh2Y05BUWNEb0lJQk +|R6Q0NBUXNDQVFBeGdjQXdnYjBDQVFBd0pqQVNNUkF3RGdZRFZRUURFd2REWVhKc1VsTkIK +|QWhCR05HdkhnQUJXdkJIVGJpN05YWEhRTUEwR0NTcUdTSWIzRFFFQkFRVUFCSUdBQzNFTj +|VuR0lpSmkybHNHUGNQMmlKOTdhNGU4awpiS1F6MzZ6ZzZaMmkweXg2ellDNG1aN21YN0ZC +|czNJV2crZjZLZ0NMeDNNMWVDYld4OCtNREZiYnBYYWRDRGdPOC9uVWtVTlllTnhKCnR1en +|ViR2d6b3lFZDhDaDRIL2RkOWdkelRkK3RhVEVnUzBpcGRTSnVObmtWWTQvTTY1MmpLS0hS +|TEZmMDJob3NkUjh3UXdZSktvWkkKaHZjTkFRY0JNQlFHQ0NxR1NJYjNEUU1IQkFndGFNWH +|BSd1pSTllBZ0RzaVNmOFo5UDQzTHJZNE94VWs2NjBjdTFsWGVDU0ZPU09wTwpKN0Z1VnlV +|PQoK +|<5.3.eml + +***6.0.bin*** + +|* Example 6.0.bin +|>6.0.bin +|MF4GCSqGSIb3DQEHBaBRME8CAQAwBwYFKw4DAhowKwYJKoZIhvcNAQcBoB4EHFRoaXMgaX +|Mgc29tZSBzYW1wbGUgY29udGVudC4EFEBq7AhSebpuFgItngYpwCKWh91I +|<6.0.bin + + + + + + + + + + +Hoffman, Ed. Informational [Page 134] + +RFC 4134 Examples of S/MIME Messages July 2005 + + +***7.1.bin*** + +|* Example 7.1.bin +|>7.1.bin +|MFcGCSqGSIb3DQEHBqBKMEgCAQAwQwYJKoZIhvcNAQcBMBQGCCqGSIb3DQMHBAiza2v7Yj +|EIToAg+vzt2z8YFx04iRHqNNYg2/TD2VgV75M7mvXXBPa1cOI= +|<7.1.bin + +***7.2.bin*** + +|* Example 7.2.bin +|>7.2.bin +|MIGVBgkqhkiG9w0BBwaggYcwgYQCAQIwQwYJKoZIhvcNAQcBMBQGCCqGSIb3DQMHBAgHJy +|CFkJ6wfoAg0iCPZ0iKy0HkImhdvncFUibt4wG9AJFYpzVuvEuiBzOhOjA4BgMqqzMxMQQv +|VGhpcyBpcyBhIHRlc3QgR2VuZXJhbCBBU04gQXR0cmlidXRlLCBudW1iZXIgMS4= +|<7.2.bin + +C. Acknowledgements + + Blake Ramsdell, Jim Schaad, and John Pawling contributed the vast + majority of the examples in this document, and/or correct examples + during the early versions of this document. Additional examples came + from many people, including Rob Colestock and Paul Hoffman. + Additional testing came from Holger Ebel and Russ Housley. + + The examples are displayed with a modified version of Peter Gutmann's + "dumpasn1" program. Peter and Jim Schaad and Blake Ramsdell have + been updating the program based on input from the process of writing + this draft. + +Editor's Address + + Paul Hoffman + Internet Mail Consortium + 127 Segre Place + Santa Cruz, CA 95060 USA + + EMail: phoffman@imc.org + + + + + + + + + + + + + +Hoffman, Ed. Informational [Page 135] + +RFC 4134 Examples of S/MIME Messages July 2005 + + +Full Copyright Statement + + Copyright (C) The Internet Society (2005). + + This document is subject to the rights, licenses and restrictions + contained in BCP 78, and except as set forth therein, the authors + retain all their rights. + + This document and the information contained herein are provided on an + "AS IS" basis and THE CONTRIBUTOR, THE ORGANIZATION HE/SHE REPRESENTS + OR IS SPONSORED BY (IF ANY), THE INTERNET SOCIETY AND THE INTERNET + ENGINEERING TASK FORCE DISCLAIM ALL WARRANTIES, EXPRESS OR IMPLIED, + INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE + INFORMATION HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED + WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE. + +Intellectual Property + + The IETF takes no position regarding the validity or scope of any + Intellectual Property Rights or other rights that might be claimed to + pertain to the implementation or use of the technology described in + this document or the extent to which any license under such rights + might or might not be available; nor does it represent that it has + made any independent effort to identify any such rights. Information + on the procedures with respect to rights in RFC documents can be + found in BCP 78 and BCP 79. + + Copies of IPR disclosures made to the IETF Secretariat and any + assurances of licenses to be made available, or the result of an + attempt made to obtain a general license or permission for the use of + such proprietary rights by implementers or users of this + specification can be obtained from the IETF on-line IPR repository at + http://www.ietf.org/ipr. + + The IETF invites any interested party to bring to its attention any + copyrights, patents or patent applications, or other proprietary + rights that may cover technology that may be required to implement + this standard. Please address the information to the IETF at ietf- + ipr@ietf.org. + +Acknowledgement + + Funding for the RFC Editor function is currently provided by the + Internet Society. + + + + + + + +Hoffman, Ed. Informational [Page 136] + diff --git a/BouncyCastle/crypto/test/data/rsa3/self-testcase-A.p12 b/BouncyCastle/crypto/test/data/rsa3/self-testcase-A.p12 new file mode 100644 index 0000000..79fe2f2 Binary files /dev/null and b/BouncyCastle/crypto/test/data/rsa3/self-testcase-A.p12 differ diff --git a/BouncyCastle/crypto/test/data/rsa3/self-testcase-A.pem b/BouncyCastle/crypto/test/data/rsa3/self-testcase-A.pem new file mode 100644 index 0000000..3e507ba --- /dev/null +++ b/BouncyCastle/crypto/test/data/rsa3/self-testcase-A.pem @@ -0,0 +1,52 @@ +-----BEGIN CERTIFICATE----- +MIIEHTCCAwWgAwIBAgIBADANBgkqhkiG9w0BAQQFADBsMQswCQYDVQQGEwJHQjES +MBAGA1UECBMJQmVya3NoaXJlMRAwDgYDVQQHEwdOZXdidXJ5MRcwFQYDVQQKEw5N +eSBDb21wYW55IEx0ZDEKMAgGA1UECxMBYTESMBAGA1UEAxMJbG9jYWxob3N0MB4X +DTA2MDkxMzE4MjYzMloXDTA3MDkxMzE4MjYzMlowbDELMAkGA1UEBhMCR0IxEjAQ +BgNVBAgTCUJlcmtzaGlyZTEQMA4GA1UEBxMHTmV3YnVyeTEXMBUGA1UEChMOTXkg +Q29tcGFueSBMdGQxCjAIBgNVBAsTAWExEjAQBgNVBAMTCWxvY2FsaG9zdDCCASIw +DQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAKtexL4ZP1CWMsVedm+pD2xPG+md +VbRqkVSDQYxrHUyRVKletjluY95908bsAlJR9oK/YehXe9W7r+LnotaR+yy1P45g +hSWa6TNl1sz3NGIZwdU9WdqdNNs9YyDgzFezxzZffrh9xFTSF0CR66Tm1VasKa20 +69RTx4fE5n4kZx+DKfBGCX3PBprvIANZp0nrfuhf21ij9lORI9OkITwqR72PrybB +9QDZB+7og1jGLAGbRBNR61mLVfKrg2yJVhpk1dHPsUzeVr3BB5XK8i7DvflWw5di +PeyU4S7qm7WLZ9Wdg1XOchkQWmzqEUPG71dGzG6joPhdp56LFg2Yg58myRcCAwEA +AaOByTCBxjAdBgNVHQ4EFgQUPd6mAcGQZ8iNGajt0kffN4AeDZswgZYGA1UdIwSB +jjCBi4AUPd6mAcGQZ8iNGajt0kffN4AeDZuhcKRuMGwxCzAJBgNVBAYTAkdCMRIw +EAYDVQQIEwlCZXJrc2hpcmUxEDAOBgNVBAcTB05ld2J1cnkxFzAVBgNVBAoTDk15 +IENvbXBhbnkgTHRkMQowCAYDVQQLEwFhMRIwEAYDVQQDEwlsb2NhbGhvc3SCAQAw +DAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQQFAAOCAQEAC0dXvAI0/fhu22j15YEo +F8M3OYM8fwlvxs2/qtwELR3hVckpRIJmfGpUutb6/TBPgTS8a/fmzcrxLsL/aGSD +jH4/TmTHrRmhlT/einuudpAXPxaS27Yz7duxRPmyXeyHy3P0ulXDEzOaZdV8kxQs +J/v+z0knwdAh91omHRfJuNxDQtLfjp1Qtz+jrBCI6s864UblKXG/AwjWOLFQ1E0N +A2bDo72tr3aw01gryggFkyNrB9K5/15+jJLVLFjuJfP7m3FUjPfGQB9+eZMBWpNH +hGcSsPibqWVTDMjN0Z/mTGMzZDsEXX0Ao1K21q5vK1sfFYEahv/PCwkcW1dOeTGF +pQ== +-----END CERTIFICATE----- +-----BEGIN RSA PRIVATE KEY----- +MIIEogIBAAKCAQEAq17Evhk/UJYyxV52b6kPbE8b6Z1VtGqRVINBjGsdTJFUqV62 +OW5j3n3TxuwCUlH2gr9h6Fd71buv4uei1pH7LLU/jmCFJZrpM2XWzPc0YhnB1T1Z +2p002z1jIODMV7PHNl9+uH3EVNIXQJHrpObVVqwprbTr1FPHh8TmfiRnH4Mp8EYJ +fc8Gmu8gA1mnSet+6F/bWKP2U5Ej06QhPCpHvY+vJsH1ANkH7uiDWMYsAZtEE1Hr +WYtV8quDbIlWGmTV0c+xTN5WvcEHlcryLsO9+VbDl2I97JThLuqbtYtn1Z2DVc5y +GRBabOoRQ8bvV0bMbqOg+F2nnosWDZiDnybJFwIDAQABAoIBAGA8GNn0DaUwo5RI +htQPqVSWXENlklJ9od1G1FGJeWudFWEDietYfYbdPEcyE9+snXUxCkdSkX0mKBCR +KdW7JsUlh2pp83t5scmmP+jcTbNlaX9ZM5Nbwun3YCp/cuExWQbEu8HZBp7nWB1v +lFgHNPi2N7WPqvuSjLNGtHVT9gEwWGUl1zfbuZp8pNT4r1l7nwj+S9pGF3v5RXDt +qZWSbfPF3ESPkMOpXxGk5uDLx3aoeHBQALVjeNdVlkyxjrG75Pv7ZnrmXjXzcuVv +aVACiCPWxzaRFR9cRCx/Z34KrJorLglrfIPIrRMKJY33QO2gpYYEpFkLsLth/Ip4 +NMSJ3KkCgYEA36skUOFK0iQcdEaUXR2zcvQd3P3ctxe0JqD7dHFWnY2ndA5+VvAP +vUjemZgw+tNt1qjLCAwxMi4cEOEICG6zSlMBRcVbqkKPS3gd3fGvD/lfQZ02EePz +6KYVC7xz1WXIcId/HvkBNmbPEyOLqi9fIJQoYrM3LnB3AFIUqQ4K3UMCgYEAxCRT +Z6yLGFb6Evkvvc6usqDhpAjWaaTSxlsSf9IGsKXW90OronB1IiTaWgJze1PrwWy4 +z4YOSI8oEEpF7LdwI9hztg9wFGht8lahGkfHtgR7V/QzyLMYfcU/57STI9vvsw2S +FNqIdeP1Bd/CE8iI6o6HOAadsWlTBBUBUtnZnZ0CgYA/ecthpL5eKt9kZE9gqbgu +rHb5K5aC45g9yjvyjOO+7N+UATT7qT9eQZrizh1AYdZvMBIGo6cmjY1rgOGNuxTo +x+u5iEv+YstV6K3ZOeiryOKutVYN97pV0SRx4zagXjVnMhzyhkpAzSaBUPom/zCp +B0L618+WP1aWYbT5UUHmDwKBgA3Ju+86yuBgJN42lCuUnuVBt/rvABuXEZYOCuPf +YMcEMXNaV3No0mMfEhZnu7R8tsL3IJq+Ar0JCzjx765vSrvKWIAA39EfcjMp8dNG +HnzmHcGWEhnWtS8KMa7ZG8rWiCgfGRjML/GRn8TU8PCxFSbf9BN1K5qwG7zauSgY +1lplAoGAfl1Qw77H27TYGMVBgco/2g05MaKb8TZ4PKn1znlPnNcqFEBi779W0/dD +Zgb1mjnRQkw68Jj5XA2zv/06yjvTS+nHVEDCdgIrZI2p1IrI3F4tihSoWgYtoe+8 +5OVDiHQ73d6lxVLqIRoRic8ZtWR02PbrK5SmoPsFdeTcmtzqo6c= +-----END RSA PRIVATE KEY----- diff --git a/BouncyCastle/crypto/test/data/rsa3/self-testcase-B.p12 b/BouncyCastle/crypto/test/data/rsa3/self-testcase-B.p12 new file mode 100644 index 0000000..ef50132 Binary files /dev/null and b/BouncyCastle/crypto/test/data/rsa3/self-testcase-B.p12 differ diff --git a/BouncyCastle/crypto/test/data/rsa3/self-testcase-B.pem b/BouncyCastle/crypto/test/data/rsa3/self-testcase-B.pem new file mode 100644 index 0000000..6c44910 --- /dev/null +++ b/BouncyCastle/crypto/test/data/rsa3/self-testcase-B.pem @@ -0,0 +1,52 @@ +-----BEGIN CERTIFICATE----- +MIIEHTCCAwWgAwIBAgIBADANBgkqhkiG9w0BAQQFADBsMQswCQYDVQQGEwJHQjES +MBAGA1UECBMJQmVya3NoaXJlMRAwDgYDVQQHEwdOZXdidXJ5MRcwFQYDVQQKEw5N +eSBDb21wYW55IEx0ZDEKMAgGA1UECxMBYTESMBAGA1UEAxMJbG9jYWxob3N0MB4X +DTA2MDkxMzE4MjYzMloXDTA3MDkxMzE4MjYzMlowbDELMAkGA1UEBhMCR0IxEjAQ +BgNVBAgTCUJlcmtzaGlyZTEQMA4GA1UEBxMHTmV3YnVyeTEXMBUGA1UEChMOTXkg +Q29tcGFueSBMdGQxCjAIBgNVBAsTAWExEjAQBgNVBAMTCWxvY2FsaG9zdDCCASIw +DQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAKtexL4ZP1CWMsVedm+pD2xPG+md +VbRqkVSDQYxrHUyRVKletjluY95908bsAlJR9oK/YehXe9W7r+LnotaR+yy1P45g +hSWa6TNl1sz3NGIZwdU9WdqdNNs9YyDgzFezxzZffrh9xFTSF0CR66Tm1VasKa20 +69RTx4fE5n4kZx+DKfBGCX3PBprvIANZp0nrfuhf21ij9lORI9OkITwqR72PrybB +9QDZB+7og1jGLAGbRBNR61mLVfKrg2yJVhpk1dHPsUzeVr3BB5XK8i7DvflWw5di +PeyU4S7qm7WLZ9Wdg1XOchkQWmzqEUPG71dGzG6joPhdp56LFg2Yg58myRcCAwEA +AaOByTCBxjAdBgNVHQ4EFgQUPd6mAcGQZ8iNGajt0kffN4AeDZswgZYGA1UdIwSB +jjCBi4AUPd6mAcGQZ8iNGajt0kffN4AeDZuhcKRuMGwxCzAJBgNVBAYTAkdCMRIw +EAYDVQQIEwlCZXJrc2hpcmUxEDAOBgNVBAcTB05ld2J1cnkxFzAVBgNVBAoTDk15 +IENvbXBhbnkgTHRkMQowCAYDVQQLEwFhMRIwEAYDVQQDEwlsb2NhbGhvc3SCAQAw +DAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQQFAAOCAQEAIYpxwPMRRjPuRBsWKhB0 +ACZHEaO6RtSwu28sHO2TF1o0kHONAnqR37OhMuPR70qBynd5dVDkjpxXUfxhLDPh +jdaxXuj2vMrbAvDJFsIsKDatlc632IsicSR4DVEnpJmUtLBQFC2VylHMxkGoo5eJ +dsf5ZY/QqUXf+VReLWfyQXEaSGe8nI7fP61xqTsgzcN4ziqkKSKGvsEtPU/oo23Y +xZDJpRMPdzu7TqkP3PnzRFy6HUamM2Xpyl2qeYELtGu7nuoSaF/1AX21bPtU9N9N ++wbxlGuq7NVIKdlIaoQ3FfgCVZGrVwjr7uxow7Gob+pWJJKjOS+IlSRL0MqH1t/U +yQ== +-----END CERTIFICATE----- +-----BEGIN RSA PRIVATE KEY----- +MIIEogIBAAKCAQEAq17Evhk/UJYyxV52b6kPbE8b6Z1VtGqRVINBjGsdTJFUqV62 +OW5j3n3TxuwCUlH2gr9h6Fd71buv4uei1pH7LLU/jmCFJZrpM2XWzPc0YhnB1T1Z +2p002z1jIODMV7PHNl9+uH3EVNIXQJHrpObVVqwprbTr1FPHh8TmfiRnH4Mp8EYJ +fc8Gmu8gA1mnSet+6F/bWKP2U5Ej06QhPCpHvY+vJsH1ANkH7uiDWMYsAZtEE1Hr +WYtV8quDbIlWGmTV0c+xTN5WvcEHlcryLsO9+VbDl2I97JThLuqbtYtn1Z2DVc5y +GRBabOoRQ8bvV0bMbqOg+F2nnosWDZiDnybJFwIDAQABAoIBAGA8GNn0DaUwo5RI +htQPqVSWXENlklJ9od1G1FGJeWudFWEDietYfYbdPEcyE9+snXUxCkdSkX0mKBCR +KdW7JsUlh2pp83t5scmmP+jcTbNlaX9ZM5Nbwun3YCp/cuExWQbEu8HZBp7nWB1v +lFgHNPi2N7WPqvuSjLNGtHVT9gEwWGUl1zfbuZp8pNT4r1l7nwj+S9pGF3v5RXDt +qZWSbfPF3ESPkMOpXxGk5uDLx3aoeHBQALVjeNdVlkyxjrG75Pv7ZnrmXjXzcuVv +aVACiCPWxzaRFR9cRCx/Z34KrJorLglrfIPIrRMKJY33QO2gpYYEpFkLsLth/Ip4 +NMSJ3KkCgYEA36skUOFK0iQcdEaUXR2zcvQd3P3ctxe0JqD7dHFWnY2ndA5+VvAP +vUjemZgw+tNt1qjLCAwxMi4cEOEICG6zSlMBRcVbqkKPS3gd3fGvD/lfQZ02EePz +6KYVC7xz1WXIcId/HvkBNmbPEyOLqi9fIJQoYrM3LnB3AFIUqQ4K3UMCgYEAxCRT +Z6yLGFb6Evkvvc6usqDhpAjWaaTSxlsSf9IGsKXW90OronB1IiTaWgJze1PrwWy4 +z4YOSI8oEEpF7LdwI9hztg9wFGht8lahGkfHtgR7V/QzyLMYfcU/57STI9vvsw2S +FNqIdeP1Bd/CE8iI6o6HOAadsWlTBBUBUtnZnZ0CgYA/ecthpL5eKt9kZE9gqbgu +rHb5K5aC45g9yjvyjOO+7N+UATT7qT9eQZrizh1AYdZvMBIGo6cmjY1rgOGNuxTo +x+u5iEv+YstV6K3ZOeiryOKutVYN97pV0SRx4zagXjVnMhzyhkpAzSaBUPom/zCp +B0L618+WP1aWYbT5UUHmDwKBgA3Ju+86yuBgJN42lCuUnuVBt/rvABuXEZYOCuPf +YMcEMXNaV3No0mMfEhZnu7R8tsL3IJq+Ar0JCzjx765vSrvKWIAA39EfcjMp8dNG +HnzmHcGWEhnWtS8KMa7ZG8rWiCgfGRjML/GRn8TU8PCxFSbf9BN1K5qwG7zauSgY +1lplAoGAfl1Qw77H27TYGMVBgco/2g05MaKb8TZ4PKn1znlPnNcqFEBi779W0/dD +Zgb1mjnRQkw68Jj5XA2zv/06yjvTS+nHVEDCdgIrZI2p1IrI3F4tihSoWgYtoe+8 +5OVDiHQ73d6lxVLqIRoRic8ZtWR02PbrK5SmoPsFdeTcmtzqo6c= +-----END RSA PRIVATE KEY----- diff --git a/BouncyCastle/crypto/test/data/rsa3/self-testcase-C.p12 b/BouncyCastle/crypto/test/data/rsa3/self-testcase-C.p12 new file mode 100644 index 0000000..72527d6 Binary files /dev/null and b/BouncyCastle/crypto/test/data/rsa3/self-testcase-C.p12 differ diff --git a/BouncyCastle/crypto/test/data/rsa3/self-testcase-C.pem b/BouncyCastle/crypto/test/data/rsa3/self-testcase-C.pem new file mode 100644 index 0000000..f844ee4 --- /dev/null +++ b/BouncyCastle/crypto/test/data/rsa3/self-testcase-C.pem @@ -0,0 +1,52 @@ +-----BEGIN CERTIFICATE----- +MIIEHTCCAwWgAwIBAgIBADANBgkqhkiG9w0BAQQFADBsMQswCQYDVQQGEwJHQjES +MBAGA1UECBMJQmVya3NoaXJlMRAwDgYDVQQHEwdOZXdidXJ5MRcwFQYDVQQKEw5N +eSBDb21wYW55IEx0ZDEKMAgGA1UECxMBYTESMBAGA1UEAxMJbG9jYWxob3N0MB4X +DTA2MDkxMzE4MjYzMloXDTA3MDkxMzE4MjYzMlowbDELMAkGA1UEBhMCR0IxEjAQ +BgNVBAgTCUJlcmtzaGlyZTEQMA4GA1UEBxMHTmV3YnVyeTEXMBUGA1UEChMOTXkg +Q29tcGFueSBMdGQxCjAIBgNVBAsTAWExEjAQBgNVBAMTCWxvY2FsaG9zdDCCASIw +DQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAKtexL4ZP1CWMsVedm+pD2xPG+md +VbRqkVSDQYxrHUyRVKletjluY95908bsAlJR9oK/YehXe9W7r+LnotaR+yy1P45g +hSWa6TNl1sz3NGIZwdU9WdqdNNs9YyDgzFezxzZffrh9xFTSF0CR66Tm1VasKa20 +69RTx4fE5n4kZx+DKfBGCX3PBprvIANZp0nrfuhf21ij9lORI9OkITwqR72PrybB +9QDZB+7og1jGLAGbRBNR61mLVfKrg2yJVhpk1dHPsUzeVr3BB5XK8i7DvflWw5di +PeyU4S7qm7WLZ9Wdg1XOchkQWmzqEUPG71dGzG6joPhdp56LFg2Yg58myRcCAwEA +AaOByTCBxjAdBgNVHQ4EFgQUPd6mAcGQZ8iNGajt0kffN4AeDZswgZYGA1UdIwSB +jjCBi4AUPd6mAcGQZ8iNGajt0kffN4AeDZuhcKRuMGwxCzAJBgNVBAYTAkdCMRIw +EAYDVQQIEwlCZXJrc2hpcmUxEDAOBgNVBAcTB05ld2J1cnkxFzAVBgNVBAoTDk15 +IENvbXBhbnkgTHRkMQowCAYDVQQLEwFhMRIwEAYDVQQDEwlsb2NhbGhvc3SCAQAw +DAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQQFAAOCAQEAkWkqxLQH4vvX5e2oiydv +VN8Et+ZznJ78yifF7Tctjm9+EfEBRupHwXHlAZd2n2CsZfhVTqk/Rnffb078X3g5 +9jx9ka0/hhkYyG6XqLybS3yXVpC/mvaeQMRu0Ubi0uSOkcf6rYiaqGjcG5DRaSAz +SNNrDTEDYNxsuaPJoxZtQ+o1VaB3ksJ2UanzAHy45IJKXlSWS4l0Xsu6NZJxeMLB +0iL0j5+TcaK37dkNpDi4dhFbeOi30Q8rvC5BDorFMM8GEl+GevH6Rpk0P67WlnOY +qeDoKjzKi1w0ZDBS8XI95DLsmnHXcg2Iu8Dx1iBJMFST6mLtsMdVQAD+y2NTkbpM +xA== +-----END CERTIFICATE----- +-----BEGIN RSA PRIVATE KEY----- +MIIEogIBAAKCAQEAq17Evhk/UJYyxV52b6kPbE8b6Z1VtGqRVINBjGsdTJFUqV62 +OW5j3n3TxuwCUlH2gr9h6Fd71buv4uei1pH7LLU/jmCFJZrpM2XWzPc0YhnB1T1Z +2p002z1jIODMV7PHNl9+uH3EVNIXQJHrpObVVqwprbTr1FPHh8TmfiRnH4Mp8EYJ +fc8Gmu8gA1mnSet+6F/bWKP2U5Ej06QhPCpHvY+vJsH1ANkH7uiDWMYsAZtEE1Hr +WYtV8quDbIlWGmTV0c+xTN5WvcEHlcryLsO9+VbDl2I97JThLuqbtYtn1Z2DVc5y +GRBabOoRQ8bvV0bMbqOg+F2nnosWDZiDnybJFwIDAQABAoIBAGA8GNn0DaUwo5RI +htQPqVSWXENlklJ9od1G1FGJeWudFWEDietYfYbdPEcyE9+snXUxCkdSkX0mKBCR +KdW7JsUlh2pp83t5scmmP+jcTbNlaX9ZM5Nbwun3YCp/cuExWQbEu8HZBp7nWB1v +lFgHNPi2N7WPqvuSjLNGtHVT9gEwWGUl1zfbuZp8pNT4r1l7nwj+S9pGF3v5RXDt +qZWSbfPF3ESPkMOpXxGk5uDLx3aoeHBQALVjeNdVlkyxjrG75Pv7ZnrmXjXzcuVv +aVACiCPWxzaRFR9cRCx/Z34KrJorLglrfIPIrRMKJY33QO2gpYYEpFkLsLth/Ip4 +NMSJ3KkCgYEA36skUOFK0iQcdEaUXR2zcvQd3P3ctxe0JqD7dHFWnY2ndA5+VvAP +vUjemZgw+tNt1qjLCAwxMi4cEOEICG6zSlMBRcVbqkKPS3gd3fGvD/lfQZ02EePz +6KYVC7xz1WXIcId/HvkBNmbPEyOLqi9fIJQoYrM3LnB3AFIUqQ4K3UMCgYEAxCRT +Z6yLGFb6Evkvvc6usqDhpAjWaaTSxlsSf9IGsKXW90OronB1IiTaWgJze1PrwWy4 +z4YOSI8oEEpF7LdwI9hztg9wFGht8lahGkfHtgR7V/QzyLMYfcU/57STI9vvsw2S +FNqIdeP1Bd/CE8iI6o6HOAadsWlTBBUBUtnZnZ0CgYA/ecthpL5eKt9kZE9gqbgu +rHb5K5aC45g9yjvyjOO+7N+UATT7qT9eQZrizh1AYdZvMBIGo6cmjY1rgOGNuxTo +x+u5iEv+YstV6K3ZOeiryOKutVYN97pV0SRx4zagXjVnMhzyhkpAzSaBUPom/zCp +B0L618+WP1aWYbT5UUHmDwKBgA3Ju+86yuBgJN42lCuUnuVBt/rvABuXEZYOCuPf +YMcEMXNaV3No0mMfEhZnu7R8tsL3IJq+Ar0JCzjx765vSrvKWIAA39EfcjMp8dNG +HnzmHcGWEhnWtS8KMa7ZG8rWiCgfGRjML/GRn8TU8PCxFSbf9BN1K5qwG7zauSgY +1lplAoGAfl1Qw77H27TYGMVBgco/2g05MaKb8TZ4PKn1znlPnNcqFEBi779W0/dD +Zgb1mjnRQkw68Jj5XA2zv/06yjvTS+nHVEDCdgIrZI2p1IrI3F4tihSoWgYtoe+8 +5OVDiHQ73d6lxVLqIRoRic8ZtWR02PbrK5SmoPsFdeTcmtzqo6c= +-----END RSA PRIVATE KEY----- diff --git a/BouncyCastle/crypto/test/data/rsa3/self-testcase-D.p12 b/BouncyCastle/crypto/test/data/rsa3/self-testcase-D.p12 new file mode 100644 index 0000000..c2fa40b Binary files /dev/null and b/BouncyCastle/crypto/test/data/rsa3/self-testcase-D.p12 differ diff --git a/BouncyCastle/crypto/test/data/rsa3/self-testcase-D.pem b/BouncyCastle/crypto/test/data/rsa3/self-testcase-D.pem new file mode 100644 index 0000000..6f93f1c --- /dev/null +++ b/BouncyCastle/crypto/test/data/rsa3/self-testcase-D.pem @@ -0,0 +1,52 @@ +-----BEGIN CERTIFICATE----- +MIIEHTCCAwWgAwIBAgIBADANBgkqhkiG9w0BAQQFADBsMQswCQYDVQQGEwJHQjES +MBAGA1UECBMJQmVya3NoaXJlMRAwDgYDVQQHEwdOZXdidXJ5MRcwFQYDVQQKEw5N +eSBDb21wYW55IEx0ZDEKMAgGA1UECxMBYTESMBAGA1UEAxMJbG9jYWxob3N0MB4X +DTA2MDkxMzE4MjYzMloXDTA3MDkxMzE4MjYzMlowbDELMAkGA1UEBhMCR0IxEjAQ +BgNVBAgTCUJlcmtzaGlyZTEQMA4GA1UEBxMHTmV3YnVyeTEXMBUGA1UEChMOTXkg +Q29tcGFueSBMdGQxCjAIBgNVBAsTAWExEjAQBgNVBAMTCWxvY2FsaG9zdDCCASIw +DQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAKtexL4ZP1CWMsVedm+pD2xPG+md +VbRqkVSDQYxrHUyRVKletjluY95908bsAlJR9oK/YehXe9W7r+LnotaR+yy1P45g +hSWa6TNl1sz3NGIZwdU9WdqdNNs9YyDgzFezxzZffrh9xFTSF0CR66Tm1VasKa20 +69RTx4fE5n4kZx+DKfBGCX3PBprvIANZp0nrfuhf21ij9lORI9OkITwqR72PrybB +9QDZB+7og1jGLAGbRBNR61mLVfKrg2yJVhpk1dHPsUzeVr3BB5XK8i7DvflWw5di +PeyU4S7qm7WLZ9Wdg1XOchkQWmzqEUPG71dGzG6joPhdp56LFg2Yg58myRcCAwEA +AaOByTCBxjAdBgNVHQ4EFgQUPd6mAcGQZ8iNGajt0kffN4AeDZswgZYGA1UdIwSB +jjCBi4AUPd6mAcGQZ8iNGajt0kffN4AeDZuhcKRuMGwxCzAJBgNVBAYTAkdCMRIw +EAYDVQQIEwlCZXJrc2hpcmUxEDAOBgNVBAcTB05ld2J1cnkxFzAVBgNVBAoTDk15 +IENvbXBhbnkgTHRkMQowCAYDVQQLEwFhMRIwEAYDVQQDEwlsb2NhbGhvc3SCAQAw +DAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQQFAAOCAQEAkSFw/c7vnAAs4wKzS24X +oyJrIiazcZD4A2ioqWMQD+QxFJlplJsyE5vcyVxv5Pww5Od1aPJCsSEd/C7h12eA +576kkQcbv5KQ8LUlpj6eRjzI4E97yc9Yi9C3YibniGCv5mxLpw2bOxix9l8EBj6h +vTfDMdoQVXkGyI2TCbYppkffJgxrL/wj82XbYeIHL27REf4+bNVRYD3LMXl7koPc +4vUC6lyxYUELfv6UnAzppqDl+LSUkKvQEe26syIUAE3ArGvy/aYjIYBCwQQu4r9H +WnXdIvcTdZqi3x9z/aN8Or9/IYIXpk3td6lLqI/DUwkPRS6zcthDo3x/1IFhUCB3 +KQ== +-----END CERTIFICATE----- +-----BEGIN RSA PRIVATE KEY----- +MIIEogIBAAKCAQEAq17Evhk/UJYyxV52b6kPbE8b6Z1VtGqRVINBjGsdTJFUqV62 +OW5j3n3TxuwCUlH2gr9h6Fd71buv4uei1pH7LLU/jmCFJZrpM2XWzPc0YhnB1T1Z +2p002z1jIODMV7PHNl9+uH3EVNIXQJHrpObVVqwprbTr1FPHh8TmfiRnH4Mp8EYJ +fc8Gmu8gA1mnSet+6F/bWKP2U5Ej06QhPCpHvY+vJsH1ANkH7uiDWMYsAZtEE1Hr +WYtV8quDbIlWGmTV0c+xTN5WvcEHlcryLsO9+VbDl2I97JThLuqbtYtn1Z2DVc5y +GRBabOoRQ8bvV0bMbqOg+F2nnosWDZiDnybJFwIDAQABAoIBAGA8GNn0DaUwo5RI +htQPqVSWXENlklJ9od1G1FGJeWudFWEDietYfYbdPEcyE9+snXUxCkdSkX0mKBCR +KdW7JsUlh2pp83t5scmmP+jcTbNlaX9ZM5Nbwun3YCp/cuExWQbEu8HZBp7nWB1v +lFgHNPi2N7WPqvuSjLNGtHVT9gEwWGUl1zfbuZp8pNT4r1l7nwj+S9pGF3v5RXDt +qZWSbfPF3ESPkMOpXxGk5uDLx3aoeHBQALVjeNdVlkyxjrG75Pv7ZnrmXjXzcuVv +aVACiCPWxzaRFR9cRCx/Z34KrJorLglrfIPIrRMKJY33QO2gpYYEpFkLsLth/Ip4 +NMSJ3KkCgYEA36skUOFK0iQcdEaUXR2zcvQd3P3ctxe0JqD7dHFWnY2ndA5+VvAP +vUjemZgw+tNt1qjLCAwxMi4cEOEICG6zSlMBRcVbqkKPS3gd3fGvD/lfQZ02EePz +6KYVC7xz1WXIcId/HvkBNmbPEyOLqi9fIJQoYrM3LnB3AFIUqQ4K3UMCgYEAxCRT +Z6yLGFb6Evkvvc6usqDhpAjWaaTSxlsSf9IGsKXW90OronB1IiTaWgJze1PrwWy4 +z4YOSI8oEEpF7LdwI9hztg9wFGht8lahGkfHtgR7V/QzyLMYfcU/57STI9vvsw2S +FNqIdeP1Bd/CE8iI6o6HOAadsWlTBBUBUtnZnZ0CgYA/ecthpL5eKt9kZE9gqbgu +rHb5K5aC45g9yjvyjOO+7N+UATT7qT9eQZrizh1AYdZvMBIGo6cmjY1rgOGNuxTo +x+u5iEv+YstV6K3ZOeiryOKutVYN97pV0SRx4zagXjVnMhzyhkpAzSaBUPom/zCp +B0L618+WP1aWYbT5UUHmDwKBgA3Ju+86yuBgJN42lCuUnuVBt/rvABuXEZYOCuPf +YMcEMXNaV3No0mMfEhZnu7R8tsL3IJq+Ar0JCzjx765vSrvKWIAA39EfcjMp8dNG +HnzmHcGWEhnWtS8KMa7ZG8rWiCgfGRjML/GRn8TU8PCxFSbf9BN1K5qwG7zauSgY +1lplAoGAfl1Qw77H27TYGMVBgco/2g05MaKb8TZ4PKn1znlPnNcqFEBi779W0/dD +Zgb1mjnRQkw68Jj5XA2zv/06yjvTS+nHVEDCdgIrZI2p1IrI3F4tihSoWgYtoe+8 +5OVDiHQ73d6lxVLqIRoRic8ZtWR02PbrK5SmoPsFdeTcmtzqo6c= +-----END RSA PRIVATE KEY----- diff --git a/BouncyCastle/crypto/test/data/rsa3/self-testcase-E.p12 b/BouncyCastle/crypto/test/data/rsa3/self-testcase-E.p12 new file mode 100644 index 0000000..0265642 Binary files /dev/null and b/BouncyCastle/crypto/test/data/rsa3/self-testcase-E.p12 differ diff --git a/BouncyCastle/crypto/test/data/rsa3/self-testcase-E.pem b/BouncyCastle/crypto/test/data/rsa3/self-testcase-E.pem new file mode 100644 index 0000000..0c30777 --- /dev/null +++ b/BouncyCastle/crypto/test/data/rsa3/self-testcase-E.pem @@ -0,0 +1,52 @@ +-----BEGIN CERTIFICATE----- +MIIEHTCCAwWgAwIBAgIBADANBgkqhkiG9w0BAQQFADBsMQswCQYDVQQGEwJHQjES +MBAGA1UECBMJQmVya3NoaXJlMRAwDgYDVQQHEwdOZXdidXJ5MRcwFQYDVQQKEw5N +eSBDb21wYW55IEx0ZDEKMAgGA1UECxMBYTESMBAGA1UEAxMJbG9jYWxob3N0MB4X +DTA2MDkxMzE4MjYzMloXDTA3MDkxMzE4MjYzMlowbDELMAkGA1UEBhMCR0IxEjAQ +BgNVBAgTCUJlcmtzaGlyZTEQMA4GA1UEBxMHTmV3YnVyeTEXMBUGA1UEChMOTXkg +Q29tcGFueSBMdGQxCjAIBgNVBAsTAWExEjAQBgNVBAMTCWxvY2FsaG9zdDCCASIw +DQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAKtexL4ZP1CWMsVedm+pD2xPG+md +VbRqkVSDQYxrHUyRVKletjluY95908bsAlJR9oK/YehXe9W7r+LnotaR+yy1P45g +hSWa6TNl1sz3NGIZwdU9WdqdNNs9YyDgzFezxzZffrh9xFTSF0CR66Tm1VasKa20 +69RTx4fE5n4kZx+DKfBGCX3PBprvIANZp0nrfuhf21ij9lORI9OkITwqR72PrybB +9QDZB+7og1jGLAGbRBNR61mLVfKrg2yJVhpk1dHPsUzeVr3BB5XK8i7DvflWw5di +PeyU4S7qm7WLZ9Wdg1XOchkQWmzqEUPG71dGzG6joPhdp56LFg2Yg58myRcCAwEA +AaOByTCBxjAdBgNVHQ4EFgQUPd6mAcGQZ8iNGajt0kffN4AeDZswgZYGA1UdIwSB +jjCBi4AUPd6mAcGQZ8iNGajt0kffN4AeDZuhcKRuMGwxCzAJBgNVBAYTAkdCMRIw +EAYDVQQIEwlCZXJrc2hpcmUxEDAOBgNVBAcTB05ld2J1cnkxFzAVBgNVBAoTDk15 +IENvbXBhbnkgTHRkMQowCAYDVQQLEwFhMRIwEAYDVQQDEwlsb2NhbGhvc3SCAQAw +DAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQQFAAOCAQEAkFwewElSyXCGG2ygI3I4 +iYLtjAJAy002ES4JGHvr39dNhYoZ1poop18AU52mrx+SKX5vc/hAipisVa0rK9Jl +91GF5NQdhU0KWxNCBHZAy3dUf1M63jvTC3eiG8LVV+C77Cx936i8qO5f3qWCN40z +4W8eMwkCoVtpfzuuHk1by0VwCgU5IYuNIrwxR1bjudOctyhXNJjgr3SIsjDrqpTA +nS4AauNFVqFfSyyaw5AX+7eA/WrMOGdJBJT1bEhHqrWxLtQzwSzKBKu7FpuF3mVX +SHcSW4AzA6Yzq2Hcedo+SJt96IDr5xT17ncPMBzdq9pdoHlyJVq9+3O5JQOTx1WD +6g== +-----END CERTIFICATE----- +-----BEGIN RSA PRIVATE KEY----- +MIIEogIBAAKCAQEAq17Evhk/UJYyxV52b6kPbE8b6Z1VtGqRVINBjGsdTJFUqV62 +OW5j3n3TxuwCUlH2gr9h6Fd71buv4uei1pH7LLU/jmCFJZrpM2XWzPc0YhnB1T1Z +2p002z1jIODMV7PHNl9+uH3EVNIXQJHrpObVVqwprbTr1FPHh8TmfiRnH4Mp8EYJ +fc8Gmu8gA1mnSet+6F/bWKP2U5Ej06QhPCpHvY+vJsH1ANkH7uiDWMYsAZtEE1Hr +WYtV8quDbIlWGmTV0c+xTN5WvcEHlcryLsO9+VbDl2I97JThLuqbtYtn1Z2DVc5y +GRBabOoRQ8bvV0bMbqOg+F2nnosWDZiDnybJFwIDAQABAoIBAGA8GNn0DaUwo5RI +htQPqVSWXENlklJ9od1G1FGJeWudFWEDietYfYbdPEcyE9+snXUxCkdSkX0mKBCR +KdW7JsUlh2pp83t5scmmP+jcTbNlaX9ZM5Nbwun3YCp/cuExWQbEu8HZBp7nWB1v +lFgHNPi2N7WPqvuSjLNGtHVT9gEwWGUl1zfbuZp8pNT4r1l7nwj+S9pGF3v5RXDt +qZWSbfPF3ESPkMOpXxGk5uDLx3aoeHBQALVjeNdVlkyxjrG75Pv7ZnrmXjXzcuVv +aVACiCPWxzaRFR9cRCx/Z34KrJorLglrfIPIrRMKJY33QO2gpYYEpFkLsLth/Ip4 +NMSJ3KkCgYEA36skUOFK0iQcdEaUXR2zcvQd3P3ctxe0JqD7dHFWnY2ndA5+VvAP +vUjemZgw+tNt1qjLCAwxMi4cEOEICG6zSlMBRcVbqkKPS3gd3fGvD/lfQZ02EePz +6KYVC7xz1WXIcId/HvkBNmbPEyOLqi9fIJQoYrM3LnB3AFIUqQ4K3UMCgYEAxCRT +Z6yLGFb6Evkvvc6usqDhpAjWaaTSxlsSf9IGsKXW90OronB1IiTaWgJze1PrwWy4 +z4YOSI8oEEpF7LdwI9hztg9wFGht8lahGkfHtgR7V/QzyLMYfcU/57STI9vvsw2S +FNqIdeP1Bd/CE8iI6o6HOAadsWlTBBUBUtnZnZ0CgYA/ecthpL5eKt9kZE9gqbgu +rHb5K5aC45g9yjvyjOO+7N+UATT7qT9eQZrizh1AYdZvMBIGo6cmjY1rgOGNuxTo +x+u5iEv+YstV6K3ZOeiryOKutVYN97pV0SRx4zagXjVnMhzyhkpAzSaBUPom/zCp +B0L618+WP1aWYbT5UUHmDwKBgA3Ju+86yuBgJN42lCuUnuVBt/rvABuXEZYOCuPf +YMcEMXNaV3No0mMfEhZnu7R8tsL3IJq+Ar0JCzjx765vSrvKWIAA39EfcjMp8dNG +HnzmHcGWEhnWtS8KMa7ZG8rWiCgfGRjML/GRn8TU8PCxFSbf9BN1K5qwG7zauSgY +1lplAoGAfl1Qw77H27TYGMVBgco/2g05MaKb8TZ4PKn1znlPnNcqFEBi779W0/dD +Zgb1mjnRQkw68Jj5XA2zv/06yjvTS+nHVEDCdgIrZI2p1IrI3F4tihSoWgYtoe+8 +5OVDiHQ73d6lxVLqIRoRic8ZtWR02PbrK5SmoPsFdeTcmtzqo6c= +-----END RSA PRIVATE KEY----- diff --git a/BouncyCastle/crypto/test/data/rsa3/self-testcase-F.p12 b/BouncyCastle/crypto/test/data/rsa3/self-testcase-F.p12 new file mode 100644 index 0000000..58410dc Binary files /dev/null and b/BouncyCastle/crypto/test/data/rsa3/self-testcase-F.p12 differ diff --git a/BouncyCastle/crypto/test/data/rsa3/self-testcase-F.pem b/BouncyCastle/crypto/test/data/rsa3/self-testcase-F.pem new file mode 100644 index 0000000..fcc5205 --- /dev/null +++ b/BouncyCastle/crypto/test/data/rsa3/self-testcase-F.pem @@ -0,0 +1,52 @@ +-----BEGIN CERTIFICATE----- +MIIEHTCCAwWgAwIBAgIBADANBgkqhkiG9w0BAQQFADBsMQswCQYDVQQGEwJHQjES +MBAGA1UECBMJQmVya3NoaXJlMRAwDgYDVQQHEwdOZXdidXJ5MRcwFQYDVQQKEw5N +eSBDb21wYW55IEx0ZDEKMAgGA1UECxMBYTESMBAGA1UEAxMJbG9jYWxob3N0MB4X +DTA2MDkxMzE4MjYzMloXDTA3MDkxMzE4MjYzMlowbDELMAkGA1UEBhMCR0IxEjAQ +BgNVBAgTCUJlcmtzaGlyZTEQMA4GA1UEBxMHTmV3YnVyeTEXMBUGA1UEChMOTXkg +Q29tcGFueSBMdGQxCjAIBgNVBAsTAWExEjAQBgNVBAMTCWxvY2FsaG9zdDCCASIw +DQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAKtexL4ZP1CWMsVedm+pD2xPG+md +VbRqkVSDQYxrHUyRVKletjluY95908bsAlJR9oK/YehXe9W7r+LnotaR+yy1P45g +hSWa6TNl1sz3NGIZwdU9WdqdNNs9YyDgzFezxzZffrh9xFTSF0CR66Tm1VasKa20 +69RTx4fE5n4kZx+DKfBGCX3PBprvIANZp0nrfuhf21ij9lORI9OkITwqR72PrybB +9QDZB+7og1jGLAGbRBNR61mLVfKrg2yJVhpk1dHPsUzeVr3BB5XK8i7DvflWw5di +PeyU4S7qm7WLZ9Wdg1XOchkQWmzqEUPG71dGzG6joPhdp56LFg2Yg58myRcCAwEA +AaOByTCBxjAdBgNVHQ4EFgQUPd6mAcGQZ8iNGajt0kffN4AeDZswgZYGA1UdIwSB +jjCBi4AUPd6mAcGQZ8iNGajt0kffN4AeDZuhcKRuMGwxCzAJBgNVBAYTAkdCMRIw +EAYDVQQIEwlCZXJrc2hpcmUxEDAOBgNVBAcTB05ld2J1cnkxFzAVBgNVBAoTDk15 +IENvbXBhbnkgTHRkMQowCAYDVQQLEwFhMRIwEAYDVQQDEwlsb2NhbGhvc3SCAQAw +DAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQQFAAOCAQEAaiR5Rnhj/vUqDgVqHaJk +0VcMuvDzkQVmUlAZlsDa3uH3CW43yAXXM6ahacYnOgpLB96aq6cI8E74hHzO6PU6 +M50LLdp+KWu5InQv7+6fgSpShRxnHBKigCuoLy6oKFkCTTnnK002Mplr8+eHZHbi +clm+k9rQejNalv+P9GSE5JcIEkTSXUDbfe81/ej9DCOcGbFPuL5hFQ8GNIuf+uv2 +OKXQtdpuayFZnD3hoWYE1LMT5W1lK1Jewx03phYeCMAY+MibRhzXWLDMBiwXpvW8 +cgCv777p+tRedunb5eLF+FT+/r617rskD9i9mJjqvoxQaXaYe++UX5mt9xpXZ9oM +1g== +-----END CERTIFICATE----- +-----BEGIN RSA PRIVATE KEY----- +MIIEogIBAAKCAQEAq17Evhk/UJYyxV52b6kPbE8b6Z1VtGqRVINBjGsdTJFUqV62 +OW5j3n3TxuwCUlH2gr9h6Fd71buv4uei1pH7LLU/jmCFJZrpM2XWzPc0YhnB1T1Z +2p002z1jIODMV7PHNl9+uH3EVNIXQJHrpObVVqwprbTr1FPHh8TmfiRnH4Mp8EYJ +fc8Gmu8gA1mnSet+6F/bWKP2U5Ej06QhPCpHvY+vJsH1ANkH7uiDWMYsAZtEE1Hr +WYtV8quDbIlWGmTV0c+xTN5WvcEHlcryLsO9+VbDl2I97JThLuqbtYtn1Z2DVc5y +GRBabOoRQ8bvV0bMbqOg+F2nnosWDZiDnybJFwIDAQABAoIBAGA8GNn0DaUwo5RI +htQPqVSWXENlklJ9od1G1FGJeWudFWEDietYfYbdPEcyE9+snXUxCkdSkX0mKBCR +KdW7JsUlh2pp83t5scmmP+jcTbNlaX9ZM5Nbwun3YCp/cuExWQbEu8HZBp7nWB1v +lFgHNPi2N7WPqvuSjLNGtHVT9gEwWGUl1zfbuZp8pNT4r1l7nwj+S9pGF3v5RXDt +qZWSbfPF3ESPkMOpXxGk5uDLx3aoeHBQALVjeNdVlkyxjrG75Pv7ZnrmXjXzcuVv +aVACiCPWxzaRFR9cRCx/Z34KrJorLglrfIPIrRMKJY33QO2gpYYEpFkLsLth/Ip4 +NMSJ3KkCgYEA36skUOFK0iQcdEaUXR2zcvQd3P3ctxe0JqD7dHFWnY2ndA5+VvAP +vUjemZgw+tNt1qjLCAwxMi4cEOEICG6zSlMBRcVbqkKPS3gd3fGvD/lfQZ02EePz +6KYVC7xz1WXIcId/HvkBNmbPEyOLqi9fIJQoYrM3LnB3AFIUqQ4K3UMCgYEAxCRT +Z6yLGFb6Evkvvc6usqDhpAjWaaTSxlsSf9IGsKXW90OronB1IiTaWgJze1PrwWy4 +z4YOSI8oEEpF7LdwI9hztg9wFGht8lahGkfHtgR7V/QzyLMYfcU/57STI9vvsw2S +FNqIdeP1Bd/CE8iI6o6HOAadsWlTBBUBUtnZnZ0CgYA/ecthpL5eKt9kZE9gqbgu +rHb5K5aC45g9yjvyjOO+7N+UATT7qT9eQZrizh1AYdZvMBIGo6cmjY1rgOGNuxTo +x+u5iEv+YstV6K3ZOeiryOKutVYN97pV0SRx4zagXjVnMhzyhkpAzSaBUPom/zCp +B0L618+WP1aWYbT5UUHmDwKBgA3Ju+86yuBgJN42lCuUnuVBt/rvABuXEZYOCuPf +YMcEMXNaV3No0mMfEhZnu7R8tsL3IJq+Ar0JCzjx765vSrvKWIAA39EfcjMp8dNG +HnzmHcGWEhnWtS8KMa7ZG8rWiCgfGRjML/GRn8TU8PCxFSbf9BN1K5qwG7zauSgY +1lplAoGAfl1Qw77H27TYGMVBgco/2g05MaKb8TZ4PKn1znlPnNcqFEBi779W0/dD +Zgb1mjnRQkw68Jj5XA2zv/06yjvTS+nHVEDCdgIrZI2p1IrI3F4tihSoWgYtoe+8 +5OVDiHQ73d6lxVLqIRoRic8ZtWR02PbrK5SmoPsFdeTcmtzqo6c= +-----END RSA PRIVATE KEY----- diff --git a/BouncyCastle/crypto/test/data/rsa3/self-testcase-G.p12 b/BouncyCastle/crypto/test/data/rsa3/self-testcase-G.p12 new file mode 100644 index 0000000..c8184a2 Binary files /dev/null and b/BouncyCastle/crypto/test/data/rsa3/self-testcase-G.p12 differ diff --git a/BouncyCastle/crypto/test/data/rsa3/self-testcase-G.pem b/BouncyCastle/crypto/test/data/rsa3/self-testcase-G.pem new file mode 100644 index 0000000..d10c228 --- /dev/null +++ b/BouncyCastle/crypto/test/data/rsa3/self-testcase-G.pem @@ -0,0 +1,52 @@ +-----BEGIN CERTIFICATE----- +MIIEHTCCAwWgAwIBAgIBADANBgkqhkiG9w0BAQQFADBsMQswCQYDVQQGEwJHQjES +MBAGA1UECBMJQmVya3NoaXJlMRAwDgYDVQQHEwdOZXdidXJ5MRcwFQYDVQQKEw5N +eSBDb21wYW55IEx0ZDEKMAgGA1UECxMBYTESMBAGA1UEAxMJbG9jYWxob3N0MB4X +DTA2MDkxMzE4MjYzMloXDTA3MDkxMzE4MjYzMlowbDELMAkGA1UEBhMCR0IxEjAQ +BgNVBAgTCUJlcmtzaGlyZTEQMA4GA1UEBxMHTmV3YnVyeTEXMBUGA1UEChMOTXkg +Q29tcGFueSBMdGQxCjAIBgNVBAsTAWExEjAQBgNVBAMTCWxvY2FsaG9zdDCCASIw +DQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAKtexL4ZP1CWMsVedm+pD2xPG+md +VbRqkVSDQYxrHUyRVKletjluY95908bsAlJR9oK/YehXe9W7r+LnotaR+yy1P45g +hSWa6TNl1sz3NGIZwdU9WdqdNNs9YyDgzFezxzZffrh9xFTSF0CR66Tm1VasKa20 +69RTx4fE5n4kZx+DKfBGCX3PBprvIANZp0nrfuhf21ij9lORI9OkITwqR72PrybB +9QDZB+7og1jGLAGbRBNR61mLVfKrg2yJVhpk1dHPsUzeVr3BB5XK8i7DvflWw5di +PeyU4S7qm7WLZ9Wdg1XOchkQWmzqEUPG71dGzG6joPhdp56LFg2Yg58myRcCAwEA +AaOByTCBxjAdBgNVHQ4EFgQUPd6mAcGQZ8iNGajt0kffN4AeDZswgZYGA1UdIwSB +jjCBi4AUPd6mAcGQZ8iNGajt0kffN4AeDZuhcKRuMGwxCzAJBgNVBAYTAkdCMRIw +EAYDVQQIEwlCZXJrc2hpcmUxEDAOBgNVBAcTB05ld2J1cnkxFzAVBgNVBAoTDk15 +IENvbXBhbnkgTHRkMQowCAYDVQQLEwFhMRIwEAYDVQQDEwlsb2NhbGhvc3SCAQAw +DAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQQFAAOCAQEAoLujmlhRD05T4G8CQa+g +kIW/l43pazV1+iWaPnADd3/ywX7BNrVkGDaJHPci1BBq8lsiIA9nu7Gfxjl9TsZe +wwLzZ/LxI9tTR+ikYxy0MID+x45rk1dF0nnya9S3wQAXDhP8ZKN0d8ezvbQ2N2LG +74YPAtQZngMLMvYlG6MgoDNYOHHDkYZ6uL8PEwU9DtlZ+JPwxI7o7/E/T3XdDpvI +UcI15axKbD5QMqGQxZwgQYFVMDvKou1upkLQ6ymHYgEzSqNNSzTYVdhVrGgTX+xl +VZQFdJqR/gkloXbzxC/WqFTGrX1WN6kMvL+ZnVEh7DWELPmLFMfoWYCd4Q2hIjdx +MQ== +-----END CERTIFICATE----- +-----BEGIN RSA PRIVATE KEY----- +MIIEogIBAAKCAQEAq17Evhk/UJYyxV52b6kPbE8b6Z1VtGqRVINBjGsdTJFUqV62 +OW5j3n3TxuwCUlH2gr9h6Fd71buv4uei1pH7LLU/jmCFJZrpM2XWzPc0YhnB1T1Z +2p002z1jIODMV7PHNl9+uH3EVNIXQJHrpObVVqwprbTr1FPHh8TmfiRnH4Mp8EYJ +fc8Gmu8gA1mnSet+6F/bWKP2U5Ej06QhPCpHvY+vJsH1ANkH7uiDWMYsAZtEE1Hr +WYtV8quDbIlWGmTV0c+xTN5WvcEHlcryLsO9+VbDl2I97JThLuqbtYtn1Z2DVc5y +GRBabOoRQ8bvV0bMbqOg+F2nnosWDZiDnybJFwIDAQABAoIBAGA8GNn0DaUwo5RI +htQPqVSWXENlklJ9od1G1FGJeWudFWEDietYfYbdPEcyE9+snXUxCkdSkX0mKBCR +KdW7JsUlh2pp83t5scmmP+jcTbNlaX9ZM5Nbwun3YCp/cuExWQbEu8HZBp7nWB1v +lFgHNPi2N7WPqvuSjLNGtHVT9gEwWGUl1zfbuZp8pNT4r1l7nwj+S9pGF3v5RXDt +qZWSbfPF3ESPkMOpXxGk5uDLx3aoeHBQALVjeNdVlkyxjrG75Pv7ZnrmXjXzcuVv +aVACiCPWxzaRFR9cRCx/Z34KrJorLglrfIPIrRMKJY33QO2gpYYEpFkLsLth/Ip4 +NMSJ3KkCgYEA36skUOFK0iQcdEaUXR2zcvQd3P3ctxe0JqD7dHFWnY2ndA5+VvAP +vUjemZgw+tNt1qjLCAwxMi4cEOEICG6zSlMBRcVbqkKPS3gd3fGvD/lfQZ02EePz +6KYVC7xz1WXIcId/HvkBNmbPEyOLqi9fIJQoYrM3LnB3AFIUqQ4K3UMCgYEAxCRT +Z6yLGFb6Evkvvc6usqDhpAjWaaTSxlsSf9IGsKXW90OronB1IiTaWgJze1PrwWy4 +z4YOSI8oEEpF7LdwI9hztg9wFGht8lahGkfHtgR7V/QzyLMYfcU/57STI9vvsw2S +FNqIdeP1Bd/CE8iI6o6HOAadsWlTBBUBUtnZnZ0CgYA/ecthpL5eKt9kZE9gqbgu +rHb5K5aC45g9yjvyjOO+7N+UATT7qT9eQZrizh1AYdZvMBIGo6cmjY1rgOGNuxTo +x+u5iEv+YstV6K3ZOeiryOKutVYN97pV0SRx4zagXjVnMhzyhkpAzSaBUPom/zCp +B0L618+WP1aWYbT5UUHmDwKBgA3Ju+86yuBgJN42lCuUnuVBt/rvABuXEZYOCuPf +YMcEMXNaV3No0mMfEhZnu7R8tsL3IJq+Ar0JCzjx765vSrvKWIAA39EfcjMp8dNG +HnzmHcGWEhnWtS8KMa7ZG8rWiCgfGRjML/GRn8TU8PCxFSbf9BN1K5qwG7zauSgY +1lplAoGAfl1Qw77H27TYGMVBgco/2g05MaKb8TZ4PKn1znlPnNcqFEBi779W0/dD +Zgb1mjnRQkw68Jj5XA2zv/06yjvTS+nHVEDCdgIrZI2p1IrI3F4tihSoWgYtoe+8 +5OVDiHQ73d6lxVLqIRoRic8ZtWR02PbrK5SmoPsFdeTcmtzqo6c= +-----END RSA PRIVATE KEY----- diff --git a/BouncyCastle/crypto/test/data/rsa3/self-testcase-H.p12 b/BouncyCastle/crypto/test/data/rsa3/self-testcase-H.p12 new file mode 100644 index 0000000..b38c9eb Binary files /dev/null and b/BouncyCastle/crypto/test/data/rsa3/self-testcase-H.p12 differ diff --git a/BouncyCastle/crypto/test/data/rsa3/self-testcase-H.pem b/BouncyCastle/crypto/test/data/rsa3/self-testcase-H.pem new file mode 100644 index 0000000..0cab075 --- /dev/null +++ b/BouncyCastle/crypto/test/data/rsa3/self-testcase-H.pem @@ -0,0 +1,52 @@ +-----BEGIN CERTIFICATE----- +MIIEHTCCAwWgAwIBAgIBADANBgkqhkiG9w0BAQQFADBsMQswCQYDVQQGEwJHQjES +MBAGA1UECBMJQmVya3NoaXJlMRAwDgYDVQQHEwdOZXdidXJ5MRcwFQYDVQQKEw5N +eSBDb21wYW55IEx0ZDEKMAgGA1UECxMBYTESMBAGA1UEAxMJbG9jYWxob3N0MB4X +DTA2MDkxMzE4MjYzMloXDTA3MDkxMzE4MjYzMlowbDELMAkGA1UEBhMCR0IxEjAQ +BgNVBAgTCUJlcmtzaGlyZTEQMA4GA1UEBxMHTmV3YnVyeTEXMBUGA1UEChMOTXkg +Q29tcGFueSBMdGQxCjAIBgNVBAsTAWExEjAQBgNVBAMTCWxvY2FsaG9zdDCCASIw +DQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAKtexL4ZP1CWMsVedm+pD2xPG+md +VbRqkVSDQYxrHUyRVKletjluY95908bsAlJR9oK/YehXe9W7r+LnotaR+yy1P45g +hSWa6TNl1sz3NGIZwdU9WdqdNNs9YyDgzFezxzZffrh9xFTSF0CR66Tm1VasKa20 +69RTx4fE5n4kZx+DKfBGCX3PBprvIANZp0nrfuhf21ij9lORI9OkITwqR72PrybB +9QDZB+7og1jGLAGbRBNR61mLVfKrg2yJVhpk1dHPsUzeVr3BB5XK8i7DvflWw5di +PeyU4S7qm7WLZ9Wdg1XOchkQWmzqEUPG71dGzG6joPhdp56LFg2Yg58myRcCAwEA +AaOByTCBxjAdBgNVHQ4EFgQUPd6mAcGQZ8iNGajt0kffN4AeDZswgZYGA1UdIwSB +jjCBi4AUPd6mAcGQZ8iNGajt0kffN4AeDZuhcKRuMGwxCzAJBgNVBAYTAkdCMRIw +EAYDVQQIEwlCZXJrc2hpcmUxEDAOBgNVBAcTB05ld2J1cnkxFzAVBgNVBAoTDk15 +IENvbXBhbnkgTHRkMQowCAYDVQQLEwFhMRIwEAYDVQQDEwlsb2NhbGhvc3SCAQAw +DAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQQFAAOCAQEAPaezAGexMlsmptKQBlrV +iTDBKfTs555wM05d0CRzd6dq9GHYNk/BMPy0mPmpxLwuyQqjB3rw9+mlGre1jcLf +Kthaz+Vna1yIGqg5dqqdu7NUX6/8x51hKQ+8B3rmlqx3wjt+bWgo2Qgl8otrHXKY +EWrKfmTNd3z0+nklqaLFvxmQwQ33CKciw6k9A2O3DaOdf1smCfFyjF/hi4I0pJaX +vFB/CbCAF/zVmQW+uXMNooZmd+DcKsK5ZN6LzxDXC6iqqaN0WS1kmctjYQ4pOomg +5pdKfv+gUwUqUTbtL2/WeyuOcHY9XLluYk+nwtdFS25uQpmHZcQ4baeKB5N9IJy8 +jg== +-----END CERTIFICATE----- +-----BEGIN RSA PRIVATE KEY----- +MIIEogIBAAKCAQEAq17Evhk/UJYyxV52b6kPbE8b6Z1VtGqRVINBjGsdTJFUqV62 +OW5j3n3TxuwCUlH2gr9h6Fd71buv4uei1pH7LLU/jmCFJZrpM2XWzPc0YhnB1T1Z +2p002z1jIODMV7PHNl9+uH3EVNIXQJHrpObVVqwprbTr1FPHh8TmfiRnH4Mp8EYJ +fc8Gmu8gA1mnSet+6F/bWKP2U5Ej06QhPCpHvY+vJsH1ANkH7uiDWMYsAZtEE1Hr +WYtV8quDbIlWGmTV0c+xTN5WvcEHlcryLsO9+VbDl2I97JThLuqbtYtn1Z2DVc5y +GRBabOoRQ8bvV0bMbqOg+F2nnosWDZiDnybJFwIDAQABAoIBAGA8GNn0DaUwo5RI +htQPqVSWXENlklJ9od1G1FGJeWudFWEDietYfYbdPEcyE9+snXUxCkdSkX0mKBCR +KdW7JsUlh2pp83t5scmmP+jcTbNlaX9ZM5Nbwun3YCp/cuExWQbEu8HZBp7nWB1v +lFgHNPi2N7WPqvuSjLNGtHVT9gEwWGUl1zfbuZp8pNT4r1l7nwj+S9pGF3v5RXDt +qZWSbfPF3ESPkMOpXxGk5uDLx3aoeHBQALVjeNdVlkyxjrG75Pv7ZnrmXjXzcuVv +aVACiCPWxzaRFR9cRCx/Z34KrJorLglrfIPIrRMKJY33QO2gpYYEpFkLsLth/Ip4 +NMSJ3KkCgYEA36skUOFK0iQcdEaUXR2zcvQd3P3ctxe0JqD7dHFWnY2ndA5+VvAP +vUjemZgw+tNt1qjLCAwxMi4cEOEICG6zSlMBRcVbqkKPS3gd3fGvD/lfQZ02EePz +6KYVC7xz1WXIcId/HvkBNmbPEyOLqi9fIJQoYrM3LnB3AFIUqQ4K3UMCgYEAxCRT +Z6yLGFb6Evkvvc6usqDhpAjWaaTSxlsSf9IGsKXW90OronB1IiTaWgJze1PrwWy4 +z4YOSI8oEEpF7LdwI9hztg9wFGht8lahGkfHtgR7V/QzyLMYfcU/57STI9vvsw2S +FNqIdeP1Bd/CE8iI6o6HOAadsWlTBBUBUtnZnZ0CgYA/ecthpL5eKt9kZE9gqbgu +rHb5K5aC45g9yjvyjOO+7N+UATT7qT9eQZrizh1AYdZvMBIGo6cmjY1rgOGNuxTo +x+u5iEv+YstV6K3ZOeiryOKutVYN97pV0SRx4zagXjVnMhzyhkpAzSaBUPom/zCp +B0L618+WP1aWYbT5UUHmDwKBgA3Ju+86yuBgJN42lCuUnuVBt/rvABuXEZYOCuPf +YMcEMXNaV3No0mMfEhZnu7R8tsL3IJq+Ar0JCzjx765vSrvKWIAA39EfcjMp8dNG +HnzmHcGWEhnWtS8KMa7ZG8rWiCgfGRjML/GRn8TU8PCxFSbf9BN1K5qwG7zauSgY +1lplAoGAfl1Qw77H27TYGMVBgco/2g05MaKb8TZ4PKn1znlPnNcqFEBi779W0/dD +Zgb1mjnRQkw68Jj5XA2zv/06yjvTS+nHVEDCdgIrZI2p1IrI3F4tihSoWgYtoe+8 +5OVDiHQ73d6lxVLqIRoRic8ZtWR02PbrK5SmoPsFdeTcmtzqo6c= +-----END RSA PRIVATE KEY----- diff --git a/BouncyCastle/crypto/test/data/rsa3/self-testcase-I.p12 b/BouncyCastle/crypto/test/data/rsa3/self-testcase-I.p12 new file mode 100644 index 0000000..7b97f68 Binary files /dev/null and b/BouncyCastle/crypto/test/data/rsa3/self-testcase-I.p12 differ diff --git a/BouncyCastle/crypto/test/data/rsa3/self-testcase-I.pem b/BouncyCastle/crypto/test/data/rsa3/self-testcase-I.pem new file mode 100644 index 0000000..8717fd8 --- /dev/null +++ b/BouncyCastle/crypto/test/data/rsa3/self-testcase-I.pem @@ -0,0 +1,52 @@ +-----BEGIN CERTIFICATE----- +MIIEHTCCAwWgAwIBAgIBADANBgkqhkiG9w0BAQQFADBsMQswCQYDVQQGEwJHQjES +MBAGA1UECBMJQmVya3NoaXJlMRAwDgYDVQQHEwdOZXdidXJ5MRcwFQYDVQQKEw5N +eSBDb21wYW55IEx0ZDEKMAgGA1UECxMBYTESMBAGA1UEAxMJbG9jYWxob3N0MB4X +DTA2MDkxMzE4MjYzMloXDTA3MDkxMzE4MjYzMlowbDELMAkGA1UEBhMCR0IxEjAQ +BgNVBAgTCUJlcmtzaGlyZTEQMA4GA1UEBxMHTmV3YnVyeTEXMBUGA1UEChMOTXkg +Q29tcGFueSBMdGQxCjAIBgNVBAsTAWExEjAQBgNVBAMTCWxvY2FsaG9zdDCCASIw +DQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAKtexL4ZP1CWMsVedm+pD2xPG+md +VbRqkVSDQYxrHUyRVKletjluY95908bsAlJR9oK/YehXe9W7r+LnotaR+yy1P45g +hSWa6TNl1sz3NGIZwdU9WdqdNNs9YyDgzFezxzZffrh9xFTSF0CR66Tm1VasKa20 +69RTx4fE5n4kZx+DKfBGCX3PBprvIANZp0nrfuhf21ij9lORI9OkITwqR72PrybB +9QDZB+7og1jGLAGbRBNR61mLVfKrg2yJVhpk1dHPsUzeVr3BB5XK8i7DvflWw5di +PeyU4S7qm7WLZ9Wdg1XOchkQWmzqEUPG71dGzG6joPhdp56LFg2Yg58myRcCAwEA +AaOByTCBxjAdBgNVHQ4EFgQUPd6mAcGQZ8iNGajt0kffN4AeDZswgZYGA1UdIwSB +jjCBi4AUPd6mAcGQZ8iNGajt0kffN4AeDZuhcKRuMGwxCzAJBgNVBAYTAkdCMRIw +EAYDVQQIEwlCZXJrc2hpcmUxEDAOBgNVBAcTB05ld2J1cnkxFzAVBgNVBAoTDk15 +IENvbXBhbnkgTHRkMQowCAYDVQQLEwFhMRIwEAYDVQQDEwlsb2NhbGhvc3SCAQAw +DAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQQFAAOCAQEAJanu4ytjXr/ppQEiEsJ3 +1TqGBIoASHHWZsjd4DZmigBgERJqtXK/AsTsljFrSo1lhP3Q9TFqOeikvJ5T3y4q +8yYY5qaEICsjUuySTIT3r7O00O5mtpdnpsRkBceqvBDDqfWefau00SVoBaqmt2P+ +Bq3x4l7MYqJNI8fPNVHqhSBlnWfxgYO/GZd4ZshhOZgrb96B98XpRlD5uYSlTpJt +cYvSb2s+BX4RCZIGSpoQJ0dgz3uU5H5i949fbuTbyGLVka0t8gvWN0IPoSPEp3Zj +mEw5Oz2UV0/R0qF2/yeKKNH3aFMEAzYUAmVqA5OdWiiZgLYcIm6pQvT0iAtgnT9x +rQ== +-----END CERTIFICATE----- +-----BEGIN RSA PRIVATE KEY----- +MIIEogIBAAKCAQEAq17Evhk/UJYyxV52b6kPbE8b6Z1VtGqRVINBjGsdTJFUqV62 +OW5j3n3TxuwCUlH2gr9h6Fd71buv4uei1pH7LLU/jmCFJZrpM2XWzPc0YhnB1T1Z +2p002z1jIODMV7PHNl9+uH3EVNIXQJHrpObVVqwprbTr1FPHh8TmfiRnH4Mp8EYJ +fc8Gmu8gA1mnSet+6F/bWKP2U5Ej06QhPCpHvY+vJsH1ANkH7uiDWMYsAZtEE1Hr +WYtV8quDbIlWGmTV0c+xTN5WvcEHlcryLsO9+VbDl2I97JThLuqbtYtn1Z2DVc5y +GRBabOoRQ8bvV0bMbqOg+F2nnosWDZiDnybJFwIDAQABAoIBAGA8GNn0DaUwo5RI +htQPqVSWXENlklJ9od1G1FGJeWudFWEDietYfYbdPEcyE9+snXUxCkdSkX0mKBCR +KdW7JsUlh2pp83t5scmmP+jcTbNlaX9ZM5Nbwun3YCp/cuExWQbEu8HZBp7nWB1v +lFgHNPi2N7WPqvuSjLNGtHVT9gEwWGUl1zfbuZp8pNT4r1l7nwj+S9pGF3v5RXDt +qZWSbfPF3ESPkMOpXxGk5uDLx3aoeHBQALVjeNdVlkyxjrG75Pv7ZnrmXjXzcuVv +aVACiCPWxzaRFR9cRCx/Z34KrJorLglrfIPIrRMKJY33QO2gpYYEpFkLsLth/Ip4 +NMSJ3KkCgYEA36skUOFK0iQcdEaUXR2zcvQd3P3ctxe0JqD7dHFWnY2ndA5+VvAP +vUjemZgw+tNt1qjLCAwxMi4cEOEICG6zSlMBRcVbqkKPS3gd3fGvD/lfQZ02EePz +6KYVC7xz1WXIcId/HvkBNmbPEyOLqi9fIJQoYrM3LnB3AFIUqQ4K3UMCgYEAxCRT +Z6yLGFb6Evkvvc6usqDhpAjWaaTSxlsSf9IGsKXW90OronB1IiTaWgJze1PrwWy4 +z4YOSI8oEEpF7LdwI9hztg9wFGht8lahGkfHtgR7V/QzyLMYfcU/57STI9vvsw2S +FNqIdeP1Bd/CE8iI6o6HOAadsWlTBBUBUtnZnZ0CgYA/ecthpL5eKt9kZE9gqbgu +rHb5K5aC45g9yjvyjOO+7N+UATT7qT9eQZrizh1AYdZvMBIGo6cmjY1rgOGNuxTo +x+u5iEv+YstV6K3ZOeiryOKutVYN97pV0SRx4zagXjVnMhzyhkpAzSaBUPom/zCp +B0L618+WP1aWYbT5UUHmDwKBgA3Ju+86yuBgJN42lCuUnuVBt/rvABuXEZYOCuPf +YMcEMXNaV3No0mMfEhZnu7R8tsL3IJq+Ar0JCzjx765vSrvKWIAA39EfcjMp8dNG +HnzmHcGWEhnWtS8KMa7ZG8rWiCgfGRjML/GRn8TU8PCxFSbf9BN1K5qwG7zauSgY +1lplAoGAfl1Qw77H27TYGMVBgco/2g05MaKb8TZ4PKn1znlPnNcqFEBi779W0/dD +Zgb1mjnRQkw68Jj5XA2zv/06yjvTS+nHVEDCdgIrZI2p1IrI3F4tihSoWgYtoe+8 +5OVDiHQ73d6lxVLqIRoRic8ZtWR02PbrK5SmoPsFdeTcmtzqo6c= +-----END RSA PRIVATE KEY----- diff --git a/BouncyCastle/crypto/test/data/rsa3/self-testcase-J.p12 b/BouncyCastle/crypto/test/data/rsa3/self-testcase-J.p12 new file mode 100644 index 0000000..4073ea6 Binary files /dev/null and b/BouncyCastle/crypto/test/data/rsa3/self-testcase-J.p12 differ diff --git a/BouncyCastle/crypto/test/data/rsa3/self-testcase-J.pem b/BouncyCastle/crypto/test/data/rsa3/self-testcase-J.pem new file mode 100644 index 0000000..c3fba79 --- /dev/null +++ b/BouncyCastle/crypto/test/data/rsa3/self-testcase-J.pem @@ -0,0 +1,52 @@ +-----BEGIN CERTIFICATE----- +MIIEHTCCAwWgAwIBAgIBADANBgkqhkiG9w0BAQQFADBsMQswCQYDVQQGEwJHQjES +MBAGA1UECBMJQmVya3NoaXJlMRAwDgYDVQQHEwdOZXdidXJ5MRcwFQYDVQQKEw5N +eSBDb21wYW55IEx0ZDEKMAgGA1UECxMBYTESMBAGA1UEAxMJbG9jYWxob3N0MB4X +DTA2MDkxMzE4MjYzMloXDTA3MDkxMzE4MjYzMlowbDELMAkGA1UEBhMCR0IxEjAQ +BgNVBAgTCUJlcmtzaGlyZTEQMA4GA1UEBxMHTmV3YnVyeTEXMBUGA1UEChMOTXkg +Q29tcGFueSBMdGQxCjAIBgNVBAsTAWExEjAQBgNVBAMTCWxvY2FsaG9zdDCCASIw +DQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAKtexL4ZP1CWMsVedm+pD2xPG+md +VbRqkVSDQYxrHUyRVKletjluY95908bsAlJR9oK/YehXe9W7r+LnotaR+yy1P45g +hSWa6TNl1sz3NGIZwdU9WdqdNNs9YyDgzFezxzZffrh9xFTSF0CR66Tm1VasKa20 +69RTx4fE5n4kZx+DKfBGCX3PBprvIANZp0nrfuhf21ij9lORI9OkITwqR72PrybB +9QDZB+7og1jGLAGbRBNR61mLVfKrg2yJVhpk1dHPsUzeVr3BB5XK8i7DvflWw5di +PeyU4S7qm7WLZ9Wdg1XOchkQWmzqEUPG71dGzG6joPhdp56LFg2Yg58myRcCAwEA +AaOByTCBxjAdBgNVHQ4EFgQUPd6mAcGQZ8iNGajt0kffN4AeDZswgZYGA1UdIwSB +jjCBi4AUPd6mAcGQZ8iNGajt0kffN4AeDZuhcKRuMGwxCzAJBgNVBAYTAkdCMRIw +EAYDVQQIEwlCZXJrc2hpcmUxEDAOBgNVBAcTB05ld2J1cnkxFzAVBgNVBAoTDk15 +IENvbXBhbnkgTHRkMQowCAYDVQQLEwFhMRIwEAYDVQQDEwlsb2NhbGhvc3SCAQAw +DAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQQFAAOCAQEADFGQ9QEI1TU+qRg2QFLZ +OhYryOaAXNOaEBR+f0LCG5My9j0vI3/1BKHwq6kVPVDkfSPrrX1ZNUPOAI+PLrwI +RGsJw6ST8dyWXeY4LEarHOPLvSTD2u+WaPcRMJSsSTFnsscKgrAeu4VfZixOTpBp +tI3bfqTPkY9Fra8R1M9PbNsPik0WI34nPS0T9XqF+s/FhHCcL/mX/Hj5aD0qEZWd +wCSJGDyoZRQeMc7LowMGHpu1eqcqfSLt2TCPeXebVB031AioCe1iJUddb9WxHixH +GyNlzJl7YwztT9Z3yRqHKde6Dun128N2YThQ/7/Dn54hXcWQCK4gFCTz2deD5S9Z +TQ== +-----END CERTIFICATE----- +-----BEGIN RSA PRIVATE KEY----- +MIIEogIBAAKCAQEAq17Evhk/UJYyxV52b6kPbE8b6Z1VtGqRVINBjGsdTJFUqV62 +OW5j3n3TxuwCUlH2gr9h6Fd71buv4uei1pH7LLU/jmCFJZrpM2XWzPc0YhnB1T1Z +2p002z1jIODMV7PHNl9+uH3EVNIXQJHrpObVVqwprbTr1FPHh8TmfiRnH4Mp8EYJ +fc8Gmu8gA1mnSet+6F/bWKP2U5Ej06QhPCpHvY+vJsH1ANkH7uiDWMYsAZtEE1Hr +WYtV8quDbIlWGmTV0c+xTN5WvcEHlcryLsO9+VbDl2I97JThLuqbtYtn1Z2DVc5y +GRBabOoRQ8bvV0bMbqOg+F2nnosWDZiDnybJFwIDAQABAoIBAGA8GNn0DaUwo5RI +htQPqVSWXENlklJ9od1G1FGJeWudFWEDietYfYbdPEcyE9+snXUxCkdSkX0mKBCR +KdW7JsUlh2pp83t5scmmP+jcTbNlaX9ZM5Nbwun3YCp/cuExWQbEu8HZBp7nWB1v +lFgHNPi2N7WPqvuSjLNGtHVT9gEwWGUl1zfbuZp8pNT4r1l7nwj+S9pGF3v5RXDt +qZWSbfPF3ESPkMOpXxGk5uDLx3aoeHBQALVjeNdVlkyxjrG75Pv7ZnrmXjXzcuVv +aVACiCPWxzaRFR9cRCx/Z34KrJorLglrfIPIrRMKJY33QO2gpYYEpFkLsLth/Ip4 +NMSJ3KkCgYEA36skUOFK0iQcdEaUXR2zcvQd3P3ctxe0JqD7dHFWnY2ndA5+VvAP +vUjemZgw+tNt1qjLCAwxMi4cEOEICG6zSlMBRcVbqkKPS3gd3fGvD/lfQZ02EePz +6KYVC7xz1WXIcId/HvkBNmbPEyOLqi9fIJQoYrM3LnB3AFIUqQ4K3UMCgYEAxCRT +Z6yLGFb6Evkvvc6usqDhpAjWaaTSxlsSf9IGsKXW90OronB1IiTaWgJze1PrwWy4 +z4YOSI8oEEpF7LdwI9hztg9wFGht8lahGkfHtgR7V/QzyLMYfcU/57STI9vvsw2S +FNqIdeP1Bd/CE8iI6o6HOAadsWlTBBUBUtnZnZ0CgYA/ecthpL5eKt9kZE9gqbgu +rHb5K5aC45g9yjvyjOO+7N+UATT7qT9eQZrizh1AYdZvMBIGo6cmjY1rgOGNuxTo +x+u5iEv+YstV6K3ZOeiryOKutVYN97pV0SRx4zagXjVnMhzyhkpAzSaBUPom/zCp +B0L618+WP1aWYbT5UUHmDwKBgA3Ju+86yuBgJN42lCuUnuVBt/rvABuXEZYOCuPf +YMcEMXNaV3No0mMfEhZnu7R8tsL3IJq+Ar0JCzjx765vSrvKWIAA39EfcjMp8dNG +HnzmHcGWEhnWtS8KMa7ZG8rWiCgfGRjML/GRn8TU8PCxFSbf9BN1K5qwG7zauSgY +1lplAoGAfl1Qw77H27TYGMVBgco/2g05MaKb8TZ4PKn1znlPnNcqFEBi779W0/dD +Zgb1mjnRQkw68Jj5XA2zv/06yjvTS+nHVEDCdgIrZI2p1IrI3F4tihSoWgYtoe+8 +5OVDiHQ73d6lxVLqIRoRic8ZtWR02PbrK5SmoPsFdeTcmtzqo6c= +-----END RSA PRIVATE KEY----- diff --git a/BouncyCastle/crypto/test/data/rsa3/self-testcase-L.p12 b/BouncyCastle/crypto/test/data/rsa3/self-testcase-L.p12 new file mode 100644 index 0000000..50b3b76 Binary files /dev/null and b/BouncyCastle/crypto/test/data/rsa3/self-testcase-L.p12 differ diff --git a/BouncyCastle/crypto/test/data/rsa3/self-testcase-L.pem b/BouncyCastle/crypto/test/data/rsa3/self-testcase-L.pem new file mode 100644 index 0000000..b9805f5 --- /dev/null +++ b/BouncyCastle/crypto/test/data/rsa3/self-testcase-L.pem @@ -0,0 +1,52 @@ +-----BEGIN CERTIFICATE----- +MIIEHTCCAwWgAwIBAgIBADANBgkqhkiG9w0BAQQFADBsMQswCQYDVQQGEwJHQjES +MBAGA1UECBMJQmVya3NoaXJlMRAwDgYDVQQHEwdOZXdidXJ5MRcwFQYDVQQKEw5N +eSBDb21wYW55IEx0ZDEKMAgGA1UECxMBYTESMBAGA1UEAxMJbG9jYWxob3N0MB4X +DTA2MDkxMzE4MjYzMloXDTA3MDkxMzE4MjYzMlowbDELMAkGA1UEBhMCR0IxEjAQ +BgNVBAgTCUJlcmtzaGlyZTEQMA4GA1UEBxMHTmV3YnVyeTEXMBUGA1UEChMOTXkg +Q29tcGFueSBMdGQxCjAIBgNVBAsTAWExEjAQBgNVBAMTCWxvY2FsaG9zdDCCASIw +DQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAKtexL4ZP1CWMsVedm+pD2xPG+md +VbRqkVSDQYxrHUyRVKletjluY95908bsAlJR9oK/YehXe9W7r+LnotaR+yy1P45g +hSWa6TNl1sz3NGIZwdU9WdqdNNs9YyDgzFezxzZffrh9xFTSF0CR66Tm1VasKa20 +69RTx4fE5n4kZx+DKfBGCX3PBprvIANZp0nrfuhf21ij9lORI9OkITwqR72PrybB +9QDZB+7og1jGLAGbRBNR61mLVfKrg2yJVhpk1dHPsUzeVr3BB5XK8i7DvflWw5di +PeyU4S7qm7WLZ9Wdg1XOchkQWmzqEUPG71dGzG6joPhdp56LFg2Yg58myRcCAwEA +AaOByTCBxjAdBgNVHQ4EFgQUPd6mAcGQZ8iNGajt0kffN4AeDZswgZYGA1UdIwSB +jjCBi4AUPd6mAcGQZ8iNGajt0kffN4AeDZuhcKRuMGwxCzAJBgNVBAYTAkdCMRIw +EAYDVQQIEwlCZXJrc2hpcmUxEDAOBgNVBAcTB05ld2J1cnkxFzAVBgNVBAoTDk15 +IENvbXBhbnkgTHRkMQowCAYDVQQLEwFhMRIwEAYDVQQDEwlsb2NhbGhvc3SCAQAw +DAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQQFAAOCAQEAoArZH56QUnasmPqCd68C +kcG6hw5S6p7wloY9jz+iwh9b2tF3k1SPCeE7rBV7cevr1ruv/wWttBFiGfJK/hlL +8C/MMPj1X5JuLY3JgNmNDSK9MLr5Ejvps0AQ+kA4CCSxxpTLWeUlqNnGk/Zcfoqa +Gyk37PDlHMQC3QWLgAX+wG/rg8WvrAP1ZjM6t25yb6hIPZgCWZbq+j8X5kS3Qxz0 +buc9HMi9oeuejeP7zWRJHhnCcDuClmpI6pk9nkjmunYtF2rMWi7f2eJ0Qjbo1wnn +rUU5sCGLZ6i3ux/HvMgynho7RVqV+bqV+G9wZem3crNbtLhUSB2SAgYZnMqrLcW9 +jQ== +-----END CERTIFICATE----- +-----BEGIN RSA PRIVATE KEY----- +MIIEogIBAAKCAQEAq17Evhk/UJYyxV52b6kPbE8b6Z1VtGqRVINBjGsdTJFUqV62 +OW5j3n3TxuwCUlH2gr9h6Fd71buv4uei1pH7LLU/jmCFJZrpM2XWzPc0YhnB1T1Z +2p002z1jIODMV7PHNl9+uH3EVNIXQJHrpObVVqwprbTr1FPHh8TmfiRnH4Mp8EYJ +fc8Gmu8gA1mnSet+6F/bWKP2U5Ej06QhPCpHvY+vJsH1ANkH7uiDWMYsAZtEE1Hr +WYtV8quDbIlWGmTV0c+xTN5WvcEHlcryLsO9+VbDl2I97JThLuqbtYtn1Z2DVc5y +GRBabOoRQ8bvV0bMbqOg+F2nnosWDZiDnybJFwIDAQABAoIBAGA8GNn0DaUwo5RI +htQPqVSWXENlklJ9od1G1FGJeWudFWEDietYfYbdPEcyE9+snXUxCkdSkX0mKBCR +KdW7JsUlh2pp83t5scmmP+jcTbNlaX9ZM5Nbwun3YCp/cuExWQbEu8HZBp7nWB1v +lFgHNPi2N7WPqvuSjLNGtHVT9gEwWGUl1zfbuZp8pNT4r1l7nwj+S9pGF3v5RXDt +qZWSbfPF3ESPkMOpXxGk5uDLx3aoeHBQALVjeNdVlkyxjrG75Pv7ZnrmXjXzcuVv +aVACiCPWxzaRFR9cRCx/Z34KrJorLglrfIPIrRMKJY33QO2gpYYEpFkLsLth/Ip4 +NMSJ3KkCgYEA36skUOFK0iQcdEaUXR2zcvQd3P3ctxe0JqD7dHFWnY2ndA5+VvAP +vUjemZgw+tNt1qjLCAwxMi4cEOEICG6zSlMBRcVbqkKPS3gd3fGvD/lfQZ02EePz +6KYVC7xz1WXIcId/HvkBNmbPEyOLqi9fIJQoYrM3LnB3AFIUqQ4K3UMCgYEAxCRT +Z6yLGFb6Evkvvc6usqDhpAjWaaTSxlsSf9IGsKXW90OronB1IiTaWgJze1PrwWy4 +z4YOSI8oEEpF7LdwI9hztg9wFGht8lahGkfHtgR7V/QzyLMYfcU/57STI9vvsw2S +FNqIdeP1Bd/CE8iI6o6HOAadsWlTBBUBUtnZnZ0CgYA/ecthpL5eKt9kZE9gqbgu +rHb5K5aC45g9yjvyjOO+7N+UATT7qT9eQZrizh1AYdZvMBIGo6cmjY1rgOGNuxTo +x+u5iEv+YstV6K3ZOeiryOKutVYN97pV0SRx4zagXjVnMhzyhkpAzSaBUPom/zCp +B0L618+WP1aWYbT5UUHmDwKBgA3Ju+86yuBgJN42lCuUnuVBt/rvABuXEZYOCuPf +YMcEMXNaV3No0mMfEhZnu7R8tsL3IJq+Ar0JCzjx765vSrvKWIAA39EfcjMp8dNG +HnzmHcGWEhnWtS8KMa7ZG8rWiCgfGRjML/GRn8TU8PCxFSbf9BN1K5qwG7zauSgY +1lplAoGAfl1Qw77H27TYGMVBgco/2g05MaKb8TZ4PKn1znlPnNcqFEBi779W0/dD +Zgb1mjnRQkw68Jj5XA2zv/06yjvTS+nHVEDCdgIrZI2p1IrI3F4tihSoWgYtoe+8 +5OVDiHQ73d6lxVLqIRoRic8ZtWR02PbrK5SmoPsFdeTcmtzqo6c= +-----END RSA PRIVATE KEY----- diff --git a/BouncyCastle/crypto/test/data/rsa3/testcases.README b/BouncyCastle/crypto/test/data/rsa3/testcases.README new file mode 100644 index 0000000..6485740 Binary files /dev/null and b/BouncyCastle/crypto/test/data/rsa3/testcases.README differ diff --git a/BouncyCastle/crypto/test/data/scrypt/TestVectors.txt b/BouncyCastle/crypto/test/data/scrypt/TestVectors.txt new file mode 100644 index 0000000..1b54dd6 --- /dev/null +++ b/BouncyCastle/crypto/test/data/scrypt/TestVectors.txt @@ -0,0 +1,20 @@ +scrypt(“”, “”, 16, 1, 1, 64) = +77 d6 57 62 38 65 7b 20 3b 19 ca 42 c1 8a 04 97 +f1 6b 48 44 e3 07 4a e8 df df fa 3f ed e2 14 42 +fc d0 06 9d ed 09 48 f8 32 6a 75 3a 0f c8 1f 17 +e8 d3 e0 fb 2e 0d 36 28 cf 35 e2 0c 38 d1 89 06 +scrypt(“password”, “NaCl”, 1024, 8, 16, 64) = +fd ba be 1c 9d 34 72 00 78 56 e7 19 0d 01 e9 fe +7c 6a d7 cb c8 23 78 30 e7 73 76 63 4b 37 31 62 +2e af 30 d9 2e 22 a3 88 6f f1 09 27 9d 98 30 da +c7 27 af b9 4a 83 ee 6d 83 60 cb df a2 cc 06 40 +scrypt(“pleaseletmein”, “SodiumChloride”, 16384, 8, 1, 64) = +70 23 bd cb 3a fd 73 48 46 1c 06 cd 81 fd 38 eb +fd a8 fb ba 90 4f 8e 3e a9 b5 43 f6 54 5d a1 f2 +d5 43 29 55 61 3f 0f cf 62 d4 97 05 24 2a 9a f9 +e6 1e 85 dc 0d 65 1e 40 df cf 01 7b 45 57 58 87 +scrypt(“pleaseletmein”, “SodiumChloride”, 1048576, 8, 1, 64) = +21 01 cb 9b 6a 51 1a ae ad db be 09 cf 70 f8 81 +ec 56 8d 57 4a 2f fd 4d ab e5 ee 98 20 ad aa 47 +8e 56 fd 8f 4b a5 d0 9f fa 1c 6d 92 7c 40 f4 c3 +37 30 40 49 e8 a9 52 fb cb f4 5c 6f a7 7a 41 a4 diff --git a/BouncyCastle/crypto/test/data/suvaEE.crt b/BouncyCastle/crypto/test/data/suvaEE.crt new file mode 100644 index 0000000..cc8e8ac --- /dev/null +++ b/BouncyCastle/crypto/test/data/suvaEE.crt @@ -0,0 +1,32 @@ +-----BEGIN CERTIFICATE----- +MIIFfjCCA2agAwIBAgIIBHTrx4eZAPkwDQYJKoZIhvcNAQEFBQAwcDELMAkGA1UE +BhMCQ0gxDzANBgNVBAgTBkx1emVybjEPMA0GA1UEBxMGTHV6ZXJuMQ0wCwYDVQQK +EwRTdXZhMQswCQYDVQQLEwJJRjEjMCEGA1UEAxMaU3V2YSBTZWN1cmUgTWFpbCBJ +Q0EgMSAoMSkwHhcNMTQwODA0MTE0OTIxWhcNMTYwODAzMTI0OTIxWjCBhTELMAkG +A1UEBhMCQ0gxDzANBgNVBAgMBkx1emVybjEPMA0GA1UEBwwGTHV6ZXJuMQ0wCwYD +VQQKDARTdXZhMQswCQYDVQQLDAJJRjEUMBIGA1UEAwwLTmljbyBNYXJpdHoxIjAg +BgkqhkiG9w0BCQEWE25pY28ubWFyaXR6QHN1dmEuY2gwggEiMA0GCSqGSIb3DQEB +AQUAA4IBDwAwggEKAoIBAQCweUvvHneU32sriCJJBl18xKqUE9DrGUFDhNCpgKLd +OhLKZJRgG/rpD1qn9gMI7KnnubbWpW3HCW+6nXT8wPpqMBNpjVgDwL/gb0eKMRvk +QcOs9kvaIt142MGCMZIlLBL/7/JTJhRi9tysJq8wacymqTDIh4MsejatsmXzRCx4 +tUIuNgFfObDGz0viSUplDz2xlVElRYQ5GRVVRvZF2lAlA0ymhbJwPvKRuf9ou7dh +wlG7nDgUMQnt4a+88sFTIogN11u7H5TiHgDArI8ovJjHFT7SZw/XgMsSM5NVcv1J +cSoGP4xQ1VdScr80HaVK+GIaJIiG9VcGMw4t/vwBSrBZAgMBAAGjggEEMIIBADAT +BgNVHSUEDDAKBggrBgEFBQcDBDALBgNVHQ8EBAMCBPAwHQYDVR0OBBYEFMuyfXI4 +PH87MolGzEoxWg4YMwKmMB8GA1UdIwQYMBaAFHrwc1/OwXgGLLVN2K5T/IQtgWYo +MCEGCWCGSAGG+EIBDQQUExJTdXZhIFNlY3VyZSBFLU1haWwwHgYDVR0RBBcwFYET +bmljby5tYXJpdHpAc3V2YS5jaDAMBgNVHRMBAf8EAjAAMBEGCWCGSAGG+EIBAQQE +AwIFIDA4BgNVHR8EMTAvMC2gK6AphidodHRwOi8vcGtpLnN1dmEuY2gvY3JsL3N1 +dmFtaWNhMSgxKS5jcmwwDQYJKoZIhvcNAQEFBQADggIBADCszfdfxrt+LTgh3MMp +R+7Yt8GZT5svQDLmpmUqkDcY5dHIvfSu/YBF/wVDKz+wbegTjonwr1do9Msc8lRl +BAHfFk23os6MZJr4efpuBaJXFKJN23T6U9nZgphDAroA5MreF0MVkTnQQMvLL+tu +rXAPFQb0XKl5K4xWDcn5wKdcA7UZsLW2guZm7LiWuPYiNVk5QXg3Z9awZfquFGXw +1uOCfhIv5IlfVwXf94kok6sy3tnk3IDuYLBfaAVHpAMgyocgn1XU/aAy7y+bUUHe +AosKkV6AZ/5pirZv8yDuB37sIEAiOfMc3cCYk/ACbw+C18XcGXUKxWNBG+LUiJ/n +lvxnqCWOAS4/U52I0bmbXYMZ9Iz8dYoMe19iG2sQHMhw4S25O/oKhllzmren1BNd +EA/EZdbmqjmGDfvY6ELQpyeTUz6u/4Hfcdd/8IavcYXfBo0kpPJFm6epjMBSw2Bi +D1r1U+8oGNwoTce++Ch30eEjuxyMFTDOXzJObJHsZmcPP1fxKch5yGX+cF2oDWju +GOvviu9YxVTC4m+vwAwmmKSl7XylrVcJmXCh7u92wvgw8kXqA0R/P/gn8QQtQ5Ge +/a6vJRyhDVEP8wWmyebLZYlHZDrosD191d92SKaMRg7HDAH0nZ6wtlgxD20JyDO0 +FIIJq/d36mNrHPbd7Y4SxiAX +-----END CERTIFICATE----- diff --git a/BouncyCastle/crypto/test/data/suvaEmail1.crt b/BouncyCastle/crypto/test/data/suvaEmail1.crt new file mode 100644 index 0000000..a7bcfdd --- /dev/null +++ b/BouncyCastle/crypto/test/data/suvaEmail1.crt @@ -0,0 +1,39 @@ +-----BEGIN CERTIFICATE----- +MIIG5DCCBMygAwIBAgIKF/12kwABAAACGDANBgkqhkiG9w0BAQUFADBGMQswCQYD +VQQGEwJDSDEPMA0GA1UECBMGTHV6ZXJuMQ0wCwYDVQQKEwRTdXZhMRcwFQYDVQQD +Ew5TdXZhIFJvb3QgQ0EgMTAeFw0xNDA1MTcwODAwNDJaFw0yNDA1MDcxMzEyMDNa +MHAxCzAJBgNVBAYTAkNIMQ8wDQYDVQQIEwZMdXplcm4xDzANBgNVBAcTBkx1emVy +bjENMAsGA1UEChMEU3V2YTELMAkGA1UECxMCSUYxIzAhBgNVBAMTGlN1dmEgU2Vj +dXJlIE1haWwgSUNBIDEgKDEpMIICIDANBgkqhkiG9w0BAQEFAAOCAg0AMIICCAKC +AgEAueI8pNseKiE5+3adL3ZBQQ5g6ajOAY0KI3TCV5YKt8OjFbNviV+ja9mwrhMP +hx+QaTQruyCbi6FcNQlLxhilrjKX30//J3GvPc65t8Vcs2XsyC8u6KJaaQG8kl89 +j1/F76Ary/MiFU5ZaZuyj9vwDuHjRK2Vq8PxlHNRwGQFXI5y1LJPd/DUM6hY/sub +x//rknAJYPELKj5skFGz+prQR4ZgXegjN/9F1mmGFUEdCjoROV5m91asp3KFcK3L +DyQ5WC3JVm1zSvUTpGHKVqKXX+6WvG8wbv2AIvf8XLVI92bNB6xXpV2Tq05mLx48 +txfPVez4gfGkjhAK8StFKPEJs8CIvGV1XGUGM79VSw86rN6qT/A6kpGU1FsNwHv8 +HP3BArQLR3L+mQEnlulXhKE4K6hbx9seOhufhTORoW3F2QDW71SFWag5KV+r64zC +uE9aHy20seLs6rK4+lgV1SLMsew5Ot3AKfXbCVl2SG6gwE1M6V0DYRM787tdEVo/ +CMzP1FrWj96DX2aAU6BiRC36Jjd1HrJuIVmuXvVsE6YmfRIzSYKZBT/ZR/7knl13 +fTuR6K1kiWZs4Alq6mrVXxqcXOXR8k8NzNK9RI+XiYOuSAGHu2uX4pDXiEro7AFd +o/jqIZozuLZ2C7B7Yigf39I2WEEM4zILqSbIthLGcOJn0/0CAQOjggGqMIIBpjAS +BgNVHRMBAf8ECDAGAQH/AgEAMA4GA1UdDwEB/wQEAwIBBjAdBgNVHQ4EFgQUevBz +X87BeAYstU3YrlP8hC2BZigwHwYDVR0jBBgwFoAUPFQUaTyz0/rgxsL2+kdFRxXK +KmowQwYDVR0fBDwwOjA4oDagNIYyaHR0cDovL3BraS5zdXZhLmNoL2NybC9TdXZh +JTIwUm9vdCUyMENBJTIwMSgxKS5jcmwwcwYIKwYBBQUHAQEEZzBlMCMGCCsGAQUF +BzABhhdodHRwOi8vcGtpLnN1dmEuY2gvb2NzcDA+BggrBgEFBQcwAoYyaHR0cDov +L3BraS5zdXZhLmNoL2NydC9TdXZhJTIwUm9vdCUyMENBJTIwMSgxKS5jcnQwPAYJ +KwYBBAGCNxUHBC8wLQYlKwYBBAGCNxUIxZdWhpShU4LRlzCD+65khNfBO0aHve1v +hcKqLQIBZAIBBzAeBgNVHSUEFzAVBggrBgEFBQcDBAYJKwYBBAGCNxUFMCgGCSsG +AQQBgjcVCgQbMBkwCgYIKwYBBQUHAwQwCwYJKwYBBAGCNxUFMA0GCSqGSIb3DQEB +BQUAA4ICAQDeAhIR0DCUS4tHJCJAPgHH/uMQcgV3qKNkZznmaKQ0kRl2JISbojrv +6WnIr+gcyoBPbI01QNbe7Dh73mMK/ezUZ04B9z9UBUvV5l7rCOL28Hnz/zmZZX+T +q3jxtQJPV4w2b9tuo8/vEUirEySmkmN6IGbu1epAhp9mCKUNjC6Oe3JwsMX/ouZN +Op2PPQ82fjVk8zlUpVX9qfRc9XmW992JrUe/npWqdJYYSJY1vFB9b6gMGiwOms1H +oXuDz0BQXp0m0D+7VjY8qi8vN7N8/Zy6EC/453ogal20nhMEiihGkvD68RyBjQO6 +kEWcjUizcC0vjcH6W+EyQeJ5VDTxv/GlSA2SHZWFJ7/T1dY+bHBjHr7aqptQzZeU +cWv0BfFdlEMkzZgOLRrmHKdTCGa/11vi3T12SzISwyGakPKrA8IaJCzNQO3/6dc8 +DBX8p9RO54VrSDsDSfTueofMnBpUJABMe1Eohqsj0sZv0n8cK85A6utQPuSxmgV2 +IAXdJMJcGAZ6PDKKCJYVVdHOeFEdUMh/fh6QGd1Iz0QMfMeiZODTo92loHnW0HPL +aVTdoQmn3K1yVFUrdYp/OJz4UDWFb2k4Du6GeQl1jqc2VREPohvvbDSJ9pgE3Oh2 +DEN7RZ7zK/FwLZeo8Qgo4yguznSzp3zLrUwLTewRNU1QbEiy9tIclQ== +-----END CERTIFICATE----- diff --git a/BouncyCastle/crypto/test/data/suvaRoot1.crt b/BouncyCastle/crypto/test/data/suvaRoot1.crt new file mode 100644 index 0000000..83cfe66 --- /dev/null +++ b/BouncyCastle/crypto/test/data/suvaRoot1.crt @@ -0,0 +1,46 @@ +-----BEGIN CERTIFICATE----- +MIIH4jCCBcqgAwIBAgIUZ6RtH7xmDM0r66IKSlpCZNrlRfYwDQYJKoZIhvcNAQEF +BQAwRTELMAkGA1UEBhMCQk0xGTAXBgNVBAoTEFF1b1ZhZGlzIExpbWl0ZWQxGzAZ +BgNVBAMTElF1b1ZhZGlzIFJvb3QgQ0EgMzAeFw0xNDA1MDcxMzEyMDNaFw0yNDA1 +MDcxMzEyMDNaMEYxCzAJBgNVBAYTAkNIMQ8wDQYDVQQIEwZMdXplcm4xDTALBgNV +BAoTBFN1dmExFzAVBgNVBAMTDlN1dmEgUm9vdCBDQSAxMIICIjANBgkqhkiG9w0B +AQEFAAOCAg8AMIICCgKCAgEA9KfSFwpwbRnrfnMk1DkKQguwEKg6crSLKS31CU9E +ShdmIzMQyo9k4doec6c0cpubk17VlEEE8SmFSqwmLBRo+65kR5c3X4MeI0Fv1ZXH +WV+ZiaK+CVPf4OFNNCNuEFc1qnNxyWGvGVI+KMk1Lmrpda6h5GkMpFdxBRGq4RkU +aw41ljJgY9+UapZTl0b39XEeEgQshY/hKEKPeRZNeTHBFWFTsAZxZBSH0bz35zfh +X1oQLad3b5Q2Nw1utEcai4I9DnTyAQ7wRtius217twXERdpeLdTurKe7TVqHcyBS +ziTpsCewINJ1S69a1E7Z59SNorOEgGIS2Z89fIlwYVQkcW5pLZL+Q5UC1rcD/FWq +m4rIOrjM0AYcLEiScmNYYgLEPrXvh1BVMkc+SIqiQ7JhlzXSDZmMBcqrlVilp2oz +lyuCRlMpGdlUqe0BD3JY/vfOZRm+NHfys4mmLIQhLJgX2vH5UOeAzdQ2pkpFdHNq +1tMLITr108NcZ62updidyVFy+8kbr7NKawmp03MtYjdYqEi2lDNgJcwk17uoxhbv +LEYvSNM+wMc73duO97pOrgbTrIIHeBdgjP/ZqHkW/4ZtxUpxFSxqoBgUVw6IHTn9 +2cYBmouDdhEYhnFhcEVqYP5N0JjT9nFzWL/EU+Lgk8y3x59luxaGJV9tEU9P0MIy +cBUCAwEAAaOCAscwggLDMBIGA1UdEwEB/wQIMAYBAf8CAQEwcwYIKwYBBQUHAQEE +ZzBlMCsGCCsGAQUFBzABhh9odHRwOi8vb2NzcC5xdW92YWRpc2dsb2JhbC5jb20v +MDYGCCsGAQUFBzAChipodHRwOi8vdHJ1c3QucXVvdmFkaXNnbG9iYWwuY29tL3F2 +cmNhMy5jcnQwgdAGA1UdIASByDCBxTCBwgYMKwYBBAG+WAADhFgAMIGxMIGDBggr +BgEFBQcCAjB3GnVBbnkgdXNlIG9mIHRoaXMgQ2VydGlmaWNhdGUgY29uc3RpdHV0 +ZXMgYWNjZXB0YW5jZSBvZiB0aGUgU3V2YSBDZXJ0aWZpY2F0ZSBQb2xpY3kgLyBD +ZXJ0aWZpY2F0aW9uIFByYWN0aWNlIFN0YXRlbWVudC4wKQYIKwYBBQUHAgEWHWh0 +dHA6Ly9wa2kuc3V2YS5jaC9yZXBvc2l0b3J5MGQGA1UdHgRdMFugWTAKgQhAc3V2 +YS5jaDANgQtAc3V2YW5ldC5jaDAPgQ1Ac3V2YW5ldDYyLmNoMA+BDUBzdXZhbmV0 +NzcuY2gwDIEKQHN1dmE2Mi5jaDAMgQpAc3V2YTc3LmNoMA4GA1UdDwEB/wQEAwIB +BjB0BgNVHSUEbTBrBggrBgEFBQcDBAYIKwYBBQUHAwIGCCsGAQUFBwMJBgorBgEE +AYI3CgMEBgorBgEEAYI3FAICBgorBgEEAYI3FAIBBgcrBgEFAgMFBggrBgEFBQgC +AgYJKwYBBAGCNxUFBgkrBgEEAYI3FQYwHwYDVR0jBBgwFoAU8sAT4IJDPvvuL2cy +ljVc27jLAtAwOQYDVR0fBDIwMDAuoCygKoYoaHR0cDovL2NybC5xdW92YWRpc2ds +b2JhbC5jb20vcXZyY2EzLmNybDAdBgNVHQ4EFgQUPFQUaTyz0/rgxsL2+kdFRxXK +KmowDQYJKoZIhvcNAQEFBQADggIBADsk54ImQSM2LcLtwpH5s3NPn/qpua22SUyH +sujqy8vHEAOS0KPbN+Jnq4KpexylTVHQ3ybgHSQt6SZ+/NSBHO8eAAyqZyWjenyk +UCcL7TNO82tD7lkuq+eo+BIsq9AJTI0gGRqG/wFyvNpVssZ0bFdqGNq0aM74NHWD +7LRa6toC1I+YNpvelSlZvGfEpm0G7e04AE3kzFnaemG3RwRY2mUtT5Aby5vpfouh +IbdF4t1NEyC9ExFOkEjZ3P1AAoJgxQC3T7B1Mo6r03pcBdd9LrjjVJidUyj+j/ha +faZo4e1wJeU09UtzVSzGb1GA8QHOJMY7VeA0qLg4qfZdeoDxrCZJKn/pZP2D6dQs +0Za1args4EUJmdVFsuFNc1DsM1EXTD5o9dHkX/cKPv6eMRehP7emNjJgmcIv1rX3 +sotSJA06D+5LW6ZkuWdS2uArCta8YgrVtefRMNj2nhVGafLt7tE819E0fqnaknGR +RgfNRFEMeTIU29RtgvzbpYtCK+O1v7a3x55mt/RbMhtruns3OOVAY+l7nW1y51Xb +A8bPOZc7fREndSacNCpK37Or3AhE4Uneylz+rN25H2hL8OT/xAXxj6IcPRuD2SDH +nvXiM0xeqCQpfDNv/35uNSMdpsA75GZwRpvt0fMc5r0AwtwBFZX7X4KtULoNxLNb +JZxATf23 +-----END CERTIFICATE----- + diff --git a/BouncyCastle/crypto/test/data/tls/README.txt b/BouncyCastle/crypto/test/data/tls/README.txt new file mode 100644 index 0000000..5383256 --- /dev/null +++ b/BouncyCastle/crypto/test/data/tls/README.txt @@ -0,0 +1,181 @@ +# The key and certificate .pem files here were generated using GnuTLS certtool and the accompanying +# template files. (Note that the ed25519 files needed GnuTLS 3.6+, 3.6.12+ for ed448) + +# CA (signing) credentials: + + certtool --generate-privkey --outfile x509-ca-key-dsa.pem \ + --pkcs8 --password '' --dsa --bits 2048 + certtool --generate-self-signed --template ca.tmpl --outfile x509-ca-dsa.pem \ + --load-privkey x509-ca-key-dsa.pem --hash sha256 + + certtool --generate-privkey --outfile x509-ca-key-ecdsa.pem \ + --pkcs8 --password '' --ecdsa --curve secp256r1 + certtool --generate-self-signed --template ca.tmpl --outfile x509-ca-ecdsa.pem \ + --load-privkey x509-ca-key-ecdsa.pem --hash sha256 + + certtool --generate-privkey --outfile x509-ca-key-ed25519.pem \ + --pkcs8 --password '' --key-type=ed25519 + certtool --generate-self-signed --template ca.tmpl --outfile x509-ca-ed25519.pem \ + --load-privkey x509-ca-key-ed25519.pem + + certtool --generate-privkey --outfile x509-ca-key-ed448.pem \ + --pkcs8 --password '' --key-type=ed448 + certtool --generate-self-signed --template ca.tmpl --outfile x509-ca-ed448.pem \ + --load-privkey x509-ca-key-ed448.pem + + certtool --generate-privkey --outfile x509-ca-key-rsa.pem \ + --pkcs8 --password '' --rsa --bits 2048 + certtool --generate-self-signed --template ca.tmpl --outfile x509-ca-rsa.pem \ + --load-privkey x509-ca-key-rsa.pem --hash sha256 + + certtool --generate-privkey --outfile x509-ca-key-rsa_pss_256.pem \ + --pkcs8 --password '' --key-type='rsa-pss' --bits=2048 --hash=sha256 --salt-size=32 + certtool --generate-self-signed --template ca.tmpl --outfile x509-ca-rsa_pss_256.pem \ + --load-privkey x509-ca-key-rsa_pss_256.pem + + certtool --generate-privkey --outfile x509-ca-key-rsa_pss_384.pem \ + --pkcs8 --password '' --key-type='rsa-pss' --bits=2048 --hash=sha384 --salt-size=48 + certtool --generate-self-signed --template ca.tmpl --outfile x509-ca-rsa_pss_384.pem \ + --load-privkey x509-ca-key-rsa_pss_384.pem + + certtool --generate-privkey --outfile x509-ca-key-rsa_pss_512.pem \ + --pkcs8 --password '' --key-type='rsa-pss' --bits=2048 --hash=sha512 --salt-size=64 + certtool --generate-self-signed --template ca.tmpl --outfile x509-ca-rsa_pss_512.pem \ + --load-privkey x509-ca-key-rsa_pss_512.pem + +# Client agreement credentials: + + certtool --generate-privkey --outfile x509-client-key-ecdh.pem \ + --pkcs8 --password '' --ecc --curve secp256r1 + certtool --generate-certificate --template client_agree.tmpl --outfile x509-client-ecdh.pem \ + --load-privkey x509-client-key-ecdh.pem --hash sha256 \ + --load-ca-privkey x509-ca-key-ecdsa.pem --load-ca-certificate x509-ca-ecdsa.pem + +# Client signing credentials: + + certtool --generate-privkey --outfile x509-client-key-dsa.pem \ + --pkcs8 --password '' --dsa --bits 2048 + certtool --generate-certificate --template client_sign.tmpl --outfile x509-client-dsa.pem \ + --load-privkey x509-client-key-dsa.pem --hash sha256 \ + --load-ca-privkey x509-ca-key-dsa.pem --load-ca-certificate x509-ca-dsa.pem + + certtool --generate-privkey --outfile x509-client-key-ecdsa.pem \ + --pkcs8 --password '' --ecdsa --curve secp256r1 + certtool --generate-certificate --template client_sign.tmpl --outfile x509-client-ecdsa.pem \ + --load-privkey x509-client-key-ecdsa.pem --hash sha256 \ + --load-ca-privkey x509-ca-key-ecdsa.pem --load-ca-certificate x509-ca-ecdsa.pem + + certtool --generate-privkey --outfile x509-client-key-ed25519.pem \ + --pkcs8 --password '' --key-type=ed25519 + certtool --generate-certificate --template client_sign.tmpl --outfile x509-client-ed25519.pem \ + --load-privkey x509-client-key-ed25519.pem \ + --load-ca-privkey x509-ca-key-ed25519.pem --load-ca-certificate x509-ca-ed25519.pem + + certtool --generate-privkey --outfile x509-client-key-ed448.pem \ + --pkcs8 --password '' --key-type=ed448 + certtool --generate-certificate --template client_sign.tmpl --outfile x509-client-ed448.pem \ + --load-privkey x509-client-key-ed448.pem \ + --load-ca-privkey x509-ca-key-ed448.pem --load-ca-certificate x509-ca-ed448.pem + + certtool --generate-privkey --outfile x509-client-key-rsa.pem \ + --pkcs8 --password '' --rsa --bits 2048 + certtool --generate-certificate --template client_sign.tmpl --outfile x509-client-rsa.pem \ + --load-privkey x509-client-key-rsa.pem --hash sha256 \ + --load-ca-privkey x509-ca-key-rsa.pem --load-ca-certificate x509-ca-rsa.pem + + certtool --generate-privkey --outfile x509-client-key-rsa_pss_256.pem \ + --pkcs8 --password '' --key-type='rsa-pss' --bits=2048 --hash=sha256 --salt-size=32 + certtool --generate-certificate --template client_sign.tmpl \ + --outfile x509-client-rsa_pss_256.pem \ + --load-privkey x509-client-key-rsa_pss_256.pem \ + --load-ca-privkey x509-ca-key-rsa_pss_256.pem \ + --load-ca-certificate x509-ca-rsa_pss_256.pem + + certtool --generate-privkey --outfile x509-client-key-rsa_pss_384.pem \ + --pkcs8 --password '' --key-type='rsa-pss' --bits=2048 --hash=sha384 --salt-size=48 + certtool --generate-certificate --template client_sign.tmpl \ + --outfile x509-client-rsa_pss_384.pem \ + --load-privkey x509-client-key-rsa_pss_384.pem \ + --load-ca-privkey x509-ca-key-rsa_pss_384.pem \ + --load-ca-certificate x509-ca-rsa_pss_384.pem + + certtool --generate-privkey --outfile x509-client-key-rsa_pss_512.pem \ + --pkcs8 --password '' --key-type='rsa-pss' --bits=2048 --hash=sha512 --salt-size=64 + certtool --generate-certificate --template client_sign.tmpl \ + --outfile x509-client-rsa_pss_512.pem \ + --load-privkey x509-client-key-rsa_pss_512.pem \ + --load-ca-privkey x509-ca-key-rsa_pss_512.pem \ + --load-ca-certificate x509-ca-rsa_pss_512.pem + +# Server agreement credentials: + + certtool --generate-privkey --outfile x509-server-key-ecdh.pem \ + --pkcs8 --password '' --ecc --curve secp256r1 + certtool --generate-certificate --template server_agree.tmpl --outfile x509-server-ecdh.pem \ + --load-privkey x509-server-key-ecdh.pem --hash sha256 \ + --load-ca-privkey x509-ca-key-ecdsa.pem --load-ca-certificate x509-ca-ecdsa.pem + +# Server encryption credentials: + + certtool --generate-privkey --outfile x509-server-key-rsa-enc.pem \ + --pkcs8 --password '' --rsa --bits 2048 + certtool --generate-certificate --outfile x509-server-rsa-enc.pem \ + --load-privkey x509-server-key-rsa-enc.pem --template server_enc.tmpl \ + --load-ca-privkey x509-ca-key-rsa.pem --load-ca-certificate x509-ca-rsa.pem \ + --hash sha256 + +# Server signing credentials: + + certtool --generate-privkey --outfile x509-server-key-dsa.pem \ + --pkcs8 --password '' --dsa --bits 2048 + certtool --generate-certificate --template server_sign.tmpl --outfile x509-server-dsa.pem \ + --load-privkey x509-server-key-dsa.pem --hash sha256 \ + --load-ca-privkey x509-ca-key-dsa.pem --load-ca-certificate x509-ca-dsa.pem + + certtool --generate-privkey --outfile x509-server-key-ecdsa.pem \ + --pkcs8 --password '' --ecdsa --curve secp256r1 + certtool --generate-certificate --template server_sign.tmpl --outfile x509-server-ecdsa.pem \ + --load-privkey x509-server-key-ecdsa.pem --hash sha256 \ + --load-ca-privkey x509-ca-key-ecdsa.pem --load-ca-certificate x509-ca-ecdsa.pem + + certtool --generate-privkey --outfile x509-server-key-ed25519.pem \ + --pkcs8 --password '' --key-type=ed25519 + certtool --generate-certificate --template server_sign.tmpl --outfile x509-server-ed25519.pem \ + --load-privkey x509-server-key-ed25519.pem \ + --load-ca-privkey x509-ca-key-ed25519.pem --load-ca-certificate x509-ca-ed25519.pem + + certtool --generate-privkey --outfile x509-server-key-ed448.pem \ + --pkcs8 --password '' --key-type=ed448 + certtool --generate-certificate --template server_sign.tmpl --outfile x509-server-ed448.pem \ + --load-privkey x509-server-key-ed448.pem \ + --load-ca-privkey x509-ca-key-ed448.pem --load-ca-certificate x509-ca-ed448.pem + + certtool --generate-privkey --outfile x509-server-key-rsa-sign.pem \ + --pkcs8 --password '' --rsa --bits 2048 + certtool --generate-certificate --template server_sign.tmpl --outfile x509-server-rsa-sign.pem \ + --load-privkey x509-server-key-rsa-sign.pem --hash sha256 \ + --load-ca-privkey x509-ca-key-rsa.pem --load-ca-certificate x509-ca-rsa.pem + + certtool --generate-privkey --outfile x509-server-key-rsa_pss_256.pem \ + --pkcs8 --password '' --key-type='rsa-pss' --bits=2048 --hash=sha256 --salt-size=32 + certtool --generate-certificate --template server_sign.tmpl \ + --outfile x509-server-rsa_pss_256.pem \ + --load-privkey x509-server-key-rsa_pss_256.pem \ + --load-ca-privkey x509-ca-key-rsa_pss_256.pem \ + --load-ca-certificate x509-ca-rsa_pss_256.pem + + certtool --generate-privkey --outfile x509-server-key-rsa_pss_384.pem \ + --pkcs8 --password '' --key-type='rsa-pss' --bits=2048 --hash=sha384 --salt-size=48 + certtool --generate-certificate --template server_sign.tmpl \ + --outfile x509-server-rsa_pss_384.pem \ + --load-privkey x509-server-key-rsa_pss_384.pem \ + --load-ca-privkey x509-ca-key-rsa_pss_384.pem \ + --load-ca-certificate x509-ca-rsa_pss_384.pem + + certtool --generate-privkey --outfile x509-server-key-rsa_pss_512.pem \ + --pkcs8 --password '' --key-type='rsa-pss' --bits=2048 --hash=sha512 --salt-size=64 + certtool --generate-certificate --template server_sign.tmpl \ + --outfile x509-server-rsa_pss_512.pem \ + --load-privkey x509-server-key-rsa_pss_512.pem \ + --load-ca-privkey x509-ca-key-rsa_pss_512.pem \ + --load-ca-certificate x509-ca-rsa_pss_512.pem diff --git a/BouncyCastle/crypto/test/data/tls/ca.tmpl b/BouncyCastle/crypto/test/data/tls/ca.tmpl new file mode 100644 index 0000000..72e41e6 --- /dev/null +++ b/BouncyCastle/crypto/test/data/tls/ca.tmpl @@ -0,0 +1,4 @@ +cn = BouncyCastle TLS Test CA +ca +cert_signing_key +expiration_days = 7301 diff --git a/BouncyCastle/crypto/test/data/tls/client_agree.tmpl b/BouncyCastle/crypto/test/data/tls/client_agree.tmpl new file mode 100644 index 0000000..1718041 --- /dev/null +++ b/BouncyCastle/crypto/test/data/tls/client_agree.tmpl @@ -0,0 +1,4 @@ +cn = BouncyCastle Test Client +tls_www_client +key_agreement +expiration_days = 7300 diff --git a/BouncyCastle/crypto/test/data/tls/client_enc.tmpl b/BouncyCastle/crypto/test/data/tls/client_enc.tmpl new file mode 100644 index 0000000..1a6f2ef --- /dev/null +++ b/BouncyCastle/crypto/test/data/tls/client_enc.tmpl @@ -0,0 +1,4 @@ +cn = BouncyCastle Test Client +tls_www_client +encryption_key +expiration_days = 7300 diff --git a/BouncyCastle/crypto/test/data/tls/client_sign.tmpl b/BouncyCastle/crypto/test/data/tls/client_sign.tmpl new file mode 100644 index 0000000..5a320b1 --- /dev/null +++ b/BouncyCastle/crypto/test/data/tls/client_sign.tmpl @@ -0,0 +1,4 @@ +cn = BouncyCastle Test Client +tls_www_client +signing_key +expiration_days = 7300 diff --git a/BouncyCastle/crypto/test/data/tls/keystores/client_store.dsa b/BouncyCastle/crypto/test/data/tls/keystores/client_store.dsa new file mode 100644 index 0000000..77c6e47 Binary files /dev/null and b/BouncyCastle/crypto/test/data/tls/keystores/client_store.dsa differ diff --git a/BouncyCastle/crypto/test/data/tls/keystores/client_store.rsa b/BouncyCastle/crypto/test/data/tls/keystores/client_store.rsa new file mode 100644 index 0000000..fb48103 Binary files /dev/null and b/BouncyCastle/crypto/test/data/tls/keystores/client_store.rsa differ diff --git a/BouncyCastle/crypto/test/data/tls/keystores/server_store.dsa b/BouncyCastle/crypto/test/data/tls/keystores/server_store.dsa new file mode 100644 index 0000000..819cecd Binary files /dev/null and b/BouncyCastle/crypto/test/data/tls/keystores/server_store.dsa differ diff --git a/BouncyCastle/crypto/test/data/tls/keystores/server_store.rsa b/BouncyCastle/crypto/test/data/tls/keystores/server_store.rsa new file mode 100644 index 0000000..5ade0b7 Binary files /dev/null and b/BouncyCastle/crypto/test/data/tls/keystores/server_store.rsa differ diff --git a/BouncyCastle/crypto/test/data/tls/server_agree.tmpl b/BouncyCastle/crypto/test/data/tls/server_agree.tmpl new file mode 100644 index 0000000..44f12f6 --- /dev/null +++ b/BouncyCastle/crypto/test/data/tls/server_agree.tmpl @@ -0,0 +1,4 @@ +cn = BouncyCastle Test Server +tls_www_server +key_agreement +expiration_days = 7300 diff --git a/BouncyCastle/crypto/test/data/tls/server_enc.tmpl b/BouncyCastle/crypto/test/data/tls/server_enc.tmpl new file mode 100644 index 0000000..4bfc58e --- /dev/null +++ b/BouncyCastle/crypto/test/data/tls/server_enc.tmpl @@ -0,0 +1,4 @@ +cn = BouncyCastle Test Server +tls_www_server +encryption_key +expiration_days = 7300 diff --git a/BouncyCastle/crypto/test/data/tls/server_sign.tmpl b/BouncyCastle/crypto/test/data/tls/server_sign.tmpl new file mode 100644 index 0000000..1d12add --- /dev/null +++ b/BouncyCastle/crypto/test/data/tls/server_sign.tmpl @@ -0,0 +1,4 @@ +cn = BouncyCastle Test Server +tls_www_server +signing_key +expiration_days = 7300 diff --git a/BouncyCastle/crypto/test/data/tls/x509-ca-dsa.pem b/BouncyCastle/crypto/test/data/tls/x509-ca-dsa.pem new file mode 100644 index 0000000..d9cb013 --- /dev/null +++ b/BouncyCastle/crypto/test/data/tls/x509-ca-dsa.pem @@ -0,0 +1,26 @@ +-----BEGIN CERTIFICATE----- +MIIEdDCCBBqgAwIBAgIMWYGU7zZX3YAzRZ8VMAsGCWCGSAFlAwQDAjAjMSEwHwYD +VQQDExhCb3VuY3lDYXN0bGUgVExTIFRlc3QgQ0EwHhcNMTcwODAyMDkwMTM1WhcN +MzcwNzI5MDkwMTM1WjAjMSEwHwYDVQQDExhCb3VuY3lDYXN0bGUgVExTIFRlc3Qg +Q0EwggNHMIICOQYHKoZIzjgEATCCAiwCggEBAO5dNk+YfyPOeIK54F9Wg6Zl5+cu +80tSk1fZBSQE1nFBblnGifl39LTmwkHL7XNZmUUFtrScY7Qlk0/cRsEqsl647fAy +XNhqpZAOMPJs4NBx6nzQvKlprxU9JYO5kvTIoJNBR4GCUDxX/DWLffFqvwbBmrZ3 +BgNAHhAHj/wDm0sfxKDXHgfUwmVJgBOne7xwh86SJJojw+MN33ILuSfNFePv2AeQ +kw+bY93tPpouyfskyBLdWs7DeGXmjftFSmpS68j36RAL0+4QZVwDyX/aIwK1bxAH +XLgRnono7NfGxzqlPiQXfb5ewUmZPyjJ3P06WMU3kgj6ZMoyfmJOHCSwjAECIQCg +NiET6OM1ljsc4tvOXtDSyXXqQ4YtRT5o41Gal8kv+QKCAQAbvM2Az1+PzOhrySA5 +PATwWWDMIXlxFx3U1gXIczu4lGGRaoVzfmSGsDZ6A/0j+/ZtmpjGH3B+jb0Rab0n +yZBDUzK+39w+YI7s+K6yGkKlSuyhpB/UokDP0h5Pf6MEVAU2bIcuuWTLMJmleWLw +zHKJTjUDnrC6txeVAbsW+O4l04jMHLTZMXg2OTk9urUtJzeJNkEEMNA8sv7h+yrA +oX2FqvhfDg/oLdfwXQULkKJc/ec6IQaXrtHm+oYwDQxsr9ap4FlET1nz91MMAXon +hB2Yfl7dRKJtKMUKGWGbCliTnJAPUHI1URltnEg387G/YbnnEBUnZlNBJeDrpZFg ++v2ZA4IBBgACggEBAJQi1dv4plwRKrP2fU/76FLcx++60cA4oajNm0f4Vyyaz2xF +7hPiFNj2H0nLNJAtPtdn/wC7KHNWmDx0OiUFIseAqPPoQvfaSrFun1F2iUJhlrKU +FOJ3RC2URoD+M7IbR1SXAyuWOVenhoYyky1mausApUhUjoLO3mMOyBDdXMGWMq7p +SHfyziAnySzwZ2bwOrVz4XL41w4cPbjdEzd4MLIfpPaqqW43y4MNlgLLspm9vBO5 +6Fbq9c0bDUa18jkSi7DU7uH43S9tq3HrPQh127XZ5SstNPU2uV0o+ZXAS8V9sBOM +LGZMjkiQ8bozYtUVAlhLFBnzMB/BOCWxe2yJGSyjQzBBMA8GA1UdEwEB/wQFMAMB +Af8wDwYDVR0PAQH/BAUDAwcEADAdBgNVHQ4EFgQUAOVmarDrz1YtyjvnX4C9cDcX +lagwCwYJYIZIAWUDBAMCA0cAMEQCIFEz1ogza6zKwImQS9tKVlPNjU4QSDEfPjZP +aSwIVMCyAiB+TcGoJvBEAdkzIeQQDdQLldrR+tO/WbayMeqPZHG6ww== +-----END CERTIFICATE----- diff --git a/BouncyCastle/crypto/test/data/tls/x509-ca-ecdsa.pem b/BouncyCastle/crypto/test/data/tls/x509-ca-ecdsa.pem new file mode 100644 index 0000000..019ada2 --- /dev/null +++ b/BouncyCastle/crypto/test/data/tls/x509-ca-ecdsa.pem @@ -0,0 +1,11 @@ +-----BEGIN CERTIFICATE----- +MIIBgzCCASmgAwIBAgIMWYGU7zek17Bcz64zMAoGCCqGSM49BAMCMCMxITAfBgNV +BAMTGEJvdW5jeUNhc3RsZSBUTFMgVGVzdCBDQTAeFw0xNzA4MDIwOTAxMzVaFw0z +NzA3MjkwOTAxMzVaMCMxITAfBgNVBAMTGEJvdW5jeUNhc3RsZSBUTFMgVGVzdCBD +QTBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABDOjvFecZj9RsxsIZSygfmv/GX9M +oJkQeMk+sI6QRVv7YbzL7QUxKa4gRb2x2e3iKPi+Mi2x2wGAPJajJO6nj8ujQzBB +MA8GA1UdEwEB/wQFMAMBAf8wDwYDVR0PAQH/BAUDAwcEADAdBgNVHQ4EFgQU0ma/ +FGcW5gGlL//B26Xmj0JISecwCgYIKoZIzj0EAwIDSAAwRQIhAJPFYIENHNONgDNy +1565P/2N0TMAkcENL2zyCEDnYVG4AiBiA3BuThR1Rgnvn1qRGaivzoIiMvDVRQb7 +p76OkZ8Igw== +-----END CERTIFICATE----- diff --git a/BouncyCastle/crypto/test/data/tls/x509-ca-ed25519.pem b/BouncyCastle/crypto/test/data/tls/x509-ca-ed25519.pem new file mode 100644 index 0000000..c117a26 --- /dev/null +++ b/BouncyCastle/crypto/test/data/tls/x509-ca-ed25519.pem @@ -0,0 +1,9 @@ +-----BEGIN CERTIFICATE----- +MIIBSjCB/aADAgECAhQ4EsBmtAbEpUqx/8m96XRPinrybTAFBgMrZXAwIzEhMB8G +A1UEAxMYQm91bmN5Q2FzdGxlIFRMUyBUZXN0IENBMB4XDTE4MDgyMzA5Mjk0N1oX +DTM4MDgxOTA5Mjk0N1owIzEhMB8GA1UEAxMYQm91bmN5Q2FzdGxlIFRMUyBUZXN0 +IENBMCowBQYDK2VwAyEA8ZleePPCqzYeCARxwHP10sYfQhcCQ4YXjyOxrb53I0qj +QzBBMA8GA1UdEwEB/wQFMAMBAf8wDwYDVR0PAQH/BAUDAwcEADAdBgNVHQ4EFgQU +6nm+PvoHITBuh26gdYBbNqOczWYwBQYDK2VwA0EAoUgBYkz0bcLAC+kTmbwE05ga +u2SmQtPaiXGykqY+3RhoZVthxQyEzWT0N5KJ322l6mjs0CZRat0ai4hR1Yj7BA== +-----END CERTIFICATE----- diff --git a/BouncyCastle/crypto/test/data/tls/x509-ca-ed448.pem b/BouncyCastle/crypto/test/data/tls/x509-ca-ed448.pem new file mode 100644 index 0000000..e72fcc6 --- /dev/null +++ b/BouncyCastle/crypto/test/data/tls/x509-ca-ed448.pem @@ -0,0 +1,11 @@ +-----BEGIN CERTIFICATE----- +MIIBljCCARagAwIBAgIUWxqMqdy/tO71K3Iz4GYJiWrc42wwBQYDK2VxMCMxITAf +BgNVBAMTGEJvdW5jeUNhc3RsZSBUTFMgVGVzdCBDQTAeFw0yMDAyMTMwNzMzMDJa +Fw00MDAyMDkwNzMzMDJaMCMxITAfBgNVBAMTGEJvdW5jeUNhc3RsZSBUTFMgVGVz +dCBDQTBDMAUGAytlcQM6AKSetNrq+LCrx62FFnDlmUG/gZUa6LkaIHnfVM3w7/Wl +c1RONMpgGRUeNMqM8YBlgDzUrHjVkHfOAKNDMEEwDwYDVR0TAQH/BAUwAwEB/zAP +BgNVHQ8BAf8EBQMDBwQAMB0GA1UdDgQWBBS+BSv++BEWlTJ53q6rwnDLVnR5JTAF +BgMrZXEDcwCFAtJNOZDtSYHm/Mf/L2PEbXNDDNrieJGWbixz/QXYoXjNBFB0D521 +IGH0o6Gdh0ZaQvdktpXc9wDs9xAbzh/w6+hLROTj8UvxyvPuZbGgVYH/tvE++NH/ +H0EQMi0FnLI/iBGv/bEPm8VJ1e24qEiEAAA= +-----END CERTIFICATE----- diff --git a/BouncyCastle/crypto/test/data/tls/x509-ca-key-dsa.pem b/BouncyCastle/crypto/test/data/tls/x509-ca-key-dsa.pem new file mode 100644 index 0000000..4c378da --- /dev/null +++ b/BouncyCastle/crypto/test/data/tls/x509-ca-key-dsa.pem @@ -0,0 +1,15 @@ +-----BEGIN PRIVATE KEY----- +MIICZQIBADCCAjkGByqGSM44BAEwggIsAoIBAQDuXTZPmH8jzniCueBfVoOmZefn +LvNLUpNX2QUkBNZxQW5Zxon5d/S05sJBy+1zWZlFBba0nGO0JZNP3EbBKrJeuO3w +MlzYaqWQDjDybODQcep80Lypaa8VPSWDuZL0yKCTQUeBglA8V/w1i33xar8GwZq2 +dwYDQB4QB4/8A5tLH8Sg1x4H1MJlSYATp3u8cIfOkiSaI8PjDd9yC7knzRXj79gH +kJMPm2Pd7T6aLsn7JMgS3VrOw3hl5o37RUpqUuvI9+kQC9PuEGVcA8l/2iMCtW8Q +B1y4EZ6J6OzXxsc6pT4kF32+XsFJmT8oydz9OljFN5II+mTKMn5iThwksIwBAiEA +oDYhE+jjNZY7HOLbzl7Q0sl16kOGLUU+aONRmpfJL/kCggEAG7zNgM9fj8zoa8kg +OTwE8FlgzCF5cRcd1NYFyHM7uJRhkWqFc35khrA2egP9I/v2bZqYxh9wfo29EWm9 +J8mQQ1Myvt/cPmCO7PiushpCpUrsoaQf1KJAz9IeT3+jBFQFNmyHLrlkyzCZpXli +8MxyiU41A56wurcXlQG7FvjuJdOIzBy02TF4Njk5Pbq1LSc3iTZBBDDQPLL+4fsq +wKF9har4Xw4P6C3X8F0FC5CiXP3nOiEGl67R5vqGMA0MbK/WqeBZRE9Z8/dTDAF6 +J4QdmH5e3USibSjFChlhmwpYk5yQD1ByNVEZbZxIN/Oxv2G55xAVJ2ZTQSXg66WR +YPr9mQQjAiEAnZYHGZPTcKWTzPTfMa5UQkZgqKU1jqyOOWWtHc50fPE= +-----END PRIVATE KEY----- diff --git a/BouncyCastle/crypto/test/data/tls/x509-ca-key-ecdsa.pem b/BouncyCastle/crypto/test/data/tls/x509-ca-key-ecdsa.pem new file mode 100644 index 0000000..42132d4 --- /dev/null +++ b/BouncyCastle/crypto/test/data/tls/x509-ca-key-ecdsa.pem @@ -0,0 +1,6 @@ +-----BEGIN PRIVATE KEY----- +MIGTAgEAMBMGByqGSM49AgEGCCqGSM49AwEHBHkwdwIBAQQgXP0gFZhM/8/F0imI +9EPD/er+bEFS8m2nY9JzJlricXigCgYIKoZIzj0DAQehRANCAAQzo7xXnGY/UbMb +CGUsoH5r/xl/TKCZEHjJPrCOkEVb+2G8y+0FMSmuIEW9sdnt4ij4vjItsdsBgDyW +oyTup4/L +-----END PRIVATE KEY----- diff --git a/BouncyCastle/crypto/test/data/tls/x509-ca-key-ed25519.pem b/BouncyCastle/crypto/test/data/tls/x509-ca-key-ed25519.pem new file mode 100644 index 0000000..027bb83 --- /dev/null +++ b/BouncyCastle/crypto/test/data/tls/x509-ca-key-ed25519.pem @@ -0,0 +1,25 @@ +Public Key Info: + Public Key Algorithm: EdDSA (Ed25519) + Key Security Level: High (256 bits) + +curve: Ed25519 +private key: + a9:19:76:8a:f7:cf:95:c7:e3:94:3c:ce:3c:71:59:44 + 89:08:34:e5:49:0b:0a:44:56:d6:1d:05:f4:af:5d:85 + + +x: + f1:99:5e:78:f3:c2:ab:36:1e:08:04:71:c0:73:f5:d2 + c6:1f:42:17:02:43:86:17:8f:23:b1:ad:be:77:23:4a + + + +Public Key PIN: + pin-sha256:XFgN/8/bw68mn6K+U4zDmMa+HSGjXI0bejzTOxFQf0U= +Public Key ID: + sha256:5c580dffcfdbc3af269fa2be538cc398c6be1d21a35c8d1b7a3cd33b11507f45 + sha1:ea79be3efa0721306e876ea075805b36a39ccd66 + +-----BEGIN PRIVATE KEY----- +MC4CAQAwBQYDK2VwBCIEIKkZdor3z5XH45Q8zjxxWUSJCDTlSQsKRFbWHQX0r12F +-----END PRIVATE KEY----- diff --git a/BouncyCastle/crypto/test/data/tls/x509-ca-key-ed448.pem b/BouncyCastle/crypto/test/data/tls/x509-ca-key-ed448.pem new file mode 100644 index 0000000..6974289 --- /dev/null +++ b/BouncyCastle/crypto/test/data/tls/x509-ca-key-ed448.pem @@ -0,0 +1,28 @@ +Public Key Info: + Public Key Algorithm: EdDSA (Ed448) + Key Security Level: Ultra (456 bits) + +curve: Ed448 +private key: + d8:36:a1:a6:12:8b:25:7a:86:eb:8a:b2:93:4a:71:df + 44:b7:9e:be:59:09:61:58:43:d2:3f:80:04:59:7b:37 + 89:cc:d9:6b:84:26:ae:b9:75:3c:b7:6d:eb:4b:c9:d8 + 36:94:5e:63:44:7b:7f:4b:e0: + +x: + a4:9e:b4:da:ea:f8:b0:ab:c7:ad:85:16:70:e5:99:41 + bf:81:95:1a:e8:b9:1a:20:79:df:54:cd:f0:ef:f5:a5 + 73:54:4e:34:ca:60:19:15:1e:34:ca:8c:f1:80:65:80 + 3c:d4:ac:78:d5:90:77:ce:00: + + +Public Key PIN: + pin-sha256:fnp0p/r6DXkqUgGSXDJih9BAOy/+ImGTT5dCbfH6H4w= +Public Key ID: + sha256:7e7a74a7fafa0d792a5201925c326287d0403b2ffe2261934f97426df1fa1f8c + sha1:be052bfef81116953279deaeabc270cb56747925 + +-----BEGIN PRIVATE KEY----- +MEcCAQAwBQYDK2VxBDsEOdg2oaYSiyV6huuKspNKcd9Et56+WQlhWEPSP4AEWXs3 +iczZa4Qmrrl1PLdt60vJ2DaUXmNEe39L4A== +-----END PRIVATE KEY----- diff --git a/BouncyCastle/crypto/test/data/tls/x509-ca-key-rsa.pem b/BouncyCastle/crypto/test/data/tls/x509-ca-key-rsa.pem new file mode 100644 index 0000000..9b51726 --- /dev/null +++ b/BouncyCastle/crypto/test/data/tls/x509-ca-key-rsa.pem @@ -0,0 +1,28 @@ +-----BEGIN PRIVATE KEY----- +MIIEvwIBADANBgkqhkiG9w0BAQEFAASCBKkwggSlAgEAAoIBAQDjLlJpiydqUOH2 +IxH7iI9dUzJxvHaknGqXP8lPcxwg5+Q0CRjmv1+Y2KCV+JNj215OW23JNnGguCe/ +xlkboBnOCnDlSLQJp8W1cyarabHUa1VL086nL2kmTRxIElj+91ppQAl+sSB0cgba +/j8KYoO93mZDlXBjrG7FpYn31UNH9H8/wBrGIeSFgTZSHwTlsDhAQyWr5bGK1RgM +NTLl8ZJ8m7I1xUashTTxOkoXd1t3rXqPhTr0LMqKZl+hXD/hDmhUMUkO8kfsTbK3 +gssYuNIT37MDuk4oTfYS3VbdwvjhwycNsEdsTPksLFvB7uIxIttbmpEJfOOs/l3Y +FaPg9793AgMBAAECggEBANR2XtacMFmKmTijZc7y0Pk7tKKP2flq23jmS7QE+FqB +5HcRxvsOIS6F8fEvz1AFObZYZV1XkH75mxsMOgvO+DMsqpaUHuQkxo9CyPhoWcpK +MzQ+Ozc57MHIPdndZuPUmvZx0C9vIeYlOeoW+wgQSBsK4mL0YG6nNdWcUmK4TTr9 +V62ZvqDYoZjtTsAoLkUVJAgByN3XNzc70RQKN5OyCC8iib0JpLEeLdOkGgxWE7/n +KNLZ/9tbK9O4Mn3BWwZsTt8Hve0m/G9CbjlriEz9PYRBEg+JP6FmQIB5l0mjyRMQ +F5uRqiZt6r1uUGwUifNDOqNyJzSolj32u+OG3m8/6qkCgYEA+Tof5Wtuq9Oc5zCF +oVzm3cT1DZy3kJdGZWlMekLC9NMXhnA2huuNkln8Ph2qRx5pxmomRvX8ThaHNUdg +IRjzUomTQ0IWPkn+7TT6CmeSIEOoT4Tyw/xVvBHKm/yHKxHsCkcSIzt1cXS1SGU7 +Dfsy2C+FBjkcW6UBHkNKUMxce/0CgYEA6VrShFfora0fUOibaas/YG7XnqQzFyvw +mcBpqAbUXTneFdyssZDyfmQpE44KCywfPczz+34zIRkjnBX6mLyWx5rINE0KpOBK +uwS2ob1g6J1x6I6btBzIhhgR+Zj9zxhD5f+jYmmBCU3yTvWMXL4c5YsaWvlG8doq +bNo40cQykYMCgYEAmK8pV03n8VClMWWimGbn8Tl2v64hL23d7McD2WsJMSAZq30X +irTIeL60MAHQjd1uA+aIKLUOq3BVySg/FkfI2en61BuqsOJ4US5BeRpWhXmtpXnX +mIYAqEVmEQY2cQZ7yxgbXoZQvv83CHEsKraYQaVrI5Ldcq+17apf3vw0NKkCgYBH +u6WPDT73dIp14qszlnLLAAfEOpGCA/3YJa/U+RR6+/jrG4TyqK4CcGO4ISexO4T3 +CHPP0YGCISozJwZ7wS1QeqIkgbJN8KzIRLCnk4GgwBVt+bifa2Gw5uFPqtoKuVjV +8PmWnPwPkih0YUMel0pmvZYCdTJ70ibMg2CICxnIZQKBgQC7aMgcL5ORB/8fgOdy +g0at1fmz5kKKbv0Z9cmk7trKW67NDM5kwVyFdUuc5Vp7alkRyW4SZPtwpOG+d5Xt +M0DM77Qvom+sIYq5C5eSHPU6py2Ipn5HZzkHRnAM8qw3OrL6+iFklQUKEBXeqVEq +6MfsH8P1/RIRfvcOMhPrNEzpTg== +-----END PRIVATE KEY----- diff --git a/BouncyCastle/crypto/test/data/tls/x509-ca-key-rsa_pss_256.pem b/BouncyCastle/crypto/test/data/tls/x509-ca-key-rsa_pss_256.pem new file mode 100644 index 0000000..9243a1e --- /dev/null +++ b/BouncyCastle/crypto/test/data/tls/x509-ca-key-rsa_pss_256.pem @@ -0,0 +1,138 @@ +Public Key Info: + Public Key Algorithm: RSA-PSS + Hash Algorithm: SHA256 + Salt Length: 32 + Key Security Level: Medium (2048 bits) + +modulus: + 00:b7:b4:9a:4d:2d:3f:08:b8:1e:55:d6:b0:b2:b7:d0 + 33:cc:bb:de:56:24:04:1d:73:ac:6a:32:db:af:26:4f + ef:b1:d6:10:90:79:dc:89:ac:60:e3:94:54:19:04:54 + 17:ea:18:0e:d9:46:be:60:9f:e6:33:ff:6e:60:6a:35 + c6:2d:dd:06:82:d5:80:c9:88:07:2f:27:4b:04:13:ba + 4b:69:92:ce:bc:00:be:42:2c:e2:35:8d:60:11:66:3c + 24:f8:3a:13:ad:49:e7:12:ca:c6:2a:52:84:ed:3d:7d + 1e:06:de:a4:64:d6:17:14:b1:19:63:a0:e1:7c:49:d3 + 41:73:29:f8:b5:75:e0:93:fa:e3:df:3b:82:77:5e:83 + cb:da:52:26:eb:c3:20:13:11:6d:e9:aa:a5:d7:b6:c3 + a1:a5:04:fa:6e:ee:4f:39:52:4d:18:f9:ab:87:4a:4e + d9:34:a7:c4:df:f5:1b:b6:57:71:7f:c3:c8:4f:2c:00 + c0:6e:e8:74:35:e2:71:1f:ef:c6:c1:62:7a:65:e7:c9 + c7:42:14:5f:16:c1:ab:4d:32:e5:e2:7c:38:a2:21:02 + 69:a3:81:f4:c8:78:48:58:0a:5d:99:85:f5:e6:2a:37 + be:23:e5:ff:15:ba:39:42:ac:9d:d0:11:7e:e4:2b:55 + db: + +public exponent: + 01:00:01: + +private exponent: + 00:9a:2e:3e:02:e0:22:b3:52:b4:43:1e:f9:16:46:27 + bc:11:ec:eb:62:28:c0:3b:67:c6:21:2b:a6:2d:8e:5e + 30:b2:75:13:59:ee:ad:25:ef:43:32:3e:5f:86:cf:97 + 34:ab:08:9e:0d:c5:ce:2a:92:89:46:c2:ef:04:84:9f + b5:40:f0:ec:72:0a:77:18:ad:ce:39:c9:24:b0:bb:4d + f3:d5:1b:9d:df:34:50:7a:81:e9:29:41:0a:8c:0f:de + 12:b9:33:25:28:9f:8a:0c:bf:9b:2a:12:2f:f6:5d:51 + 11:4e:7a:b6:46:db:58:6b:c9:67:a1:b2:79:0d:33:78 + d5:5d:69:38:91:d9:f0:37:28:da:67:56:96:dd:77:d4 + f0:cd:33:9a:a3:7d:cc:6a:5c:44:c1:bd:e3:d3:34:71 + 70:b1:ed:67:56:cc:02:28:3b:e2:2b:6d:d0:eb:69:9b + e5:d9:27:e8:fc:2a:03:14:e1:f7:76:3f:b7:a7:87:1c + 78:84:9e:17:60:71:84:b7:67:83:c5:41:27:40:18:96 + 3c:c5:13:9f:ff:fd:3f:ac:30:cd:e5:f7:b5:cb:ac:16 + 39:85:05:c1:59:46:ce:df:e8:67:9a:a2:56:88:73:a8 + 34:23:b2:54:2d:18:2c:c9:16:0c:d0:f6:46:55:9f:2a + 01: + +prime1: + 00:e1:11:b3:58:64:b9:77:3c:b9:f2:95:df:bb:0b:66 + f6:81:31:03:22:cb:eb:5a:a9:38:63:31:ff:f2:75:46 + 9a:dd:be:a7:d0:d4:c8:30:18:bf:6f:bf:c0:01:ba:27 + 0e:34:b2:7f:75:f0:aa:05:69:71:68:03:41:9b:47:5b + 6a:7b:89:ef:f4:e0:84:c0:01:67:5c:46:c6:29:40:3d + 55:15:48:d6:19:e9:22:d2:fd:88:1d:f6:cd:7e:9c:04 + c6:b0:d7:3d:1d:ea:42:44:8c:10:a8:6c:8a:d2:70:6d + b6:fb:9b:1f:ce:d9:ec:3e:1a:3f:ee:02:17:e3:37:74 + 9b: + +prime2: + 00:d0:f3:a9:3a:80:a3:ac:1f:e9:d8:29:f4:2f:1a:7c + d6:61:77:c8:82:cb:fa:64:a0:ce:ef:ec:5c:e9:97:a0 + 1d:28:a6:49:5d:34:59:92:96:c1:b2:c2:14:f5:02:a2 + 2e:b9:ab:df:a7:79:e6:b3:fa:5c:3e:bd:50:b2:e4:c1 + ee:d3:b5:5d:38:a4:f6:d0:81:8a:e1:5a:45:da:19:06 + a3:fa:6a:84:8f:04:f4:56:2a:00:13:2b:76:8d:c1:c8 + d4:eb:42:c0:02:d5:c5:b4:83:7f:36:32:27:93:fc:49 + 11:f4:a3:4d:7d:bd:03:61:e7:40:28:15:10:ad:8f:97 + c1: + +coefficient: + 00:d6:d9:e8:05:2e:4f:3c:27:59:e4:3a:5a:1a:15:59 + 0c:b7:fd:fa:23:ad:c1:64:07:e4:22:ae:35:9b:ac:e8 + 95:34:46:be:38:ba:99:07:4b:52:0f:f2:f9:cd:32:e7 + 99:2d:66:15:f1:f3:51:b5:4e:4a:d5:49:8f:a3:97:43 + ad:60:31:c7:c7:a7:4a:e0:2f:07:fe:40:24:22:5a:4e + 76:ee:ef:df:95:85:e4:5a:81:7a:ab:61:e9:da:51:7e + 2f:dd:d7:83:46:b2:76:13:ef:18:3a:64:45:31:e1:4f + af:6e:f0:6e:34:d2:cf:59:e3:ee:88:f2:22:1e:c8:06 + f6: + +exp1: + 00:96:25:00:c7:cf:2a:0a:e9:70:02:ed:08:bb:f6:f7 + 51:2b:0e:4f:51:3f:48:5a:ca:d8:db:13:d7:f3:1f:59 + 62:a6:db:31:88:96:ea:95:6b:6d:0a:57:98:f7:8d:ff + cf:f2:47:c1:d0:24:24:c8:47:77:68:34:03:e8:5a:ca + 19:57:20:c5:fb:4e:6c:40:ca:ae:f1:58:25:8a:0f:58 + db:11:bf:ed:54:8b:ba:b7:96:7a:df:c2:6d:84:31:00 + de:ab:ca:6a:f3:31:fb:d3:4e:bd:2e:1e:7a:dd:b8:32 + f9:07:10:8d:3f:a9:11:78:bc:7a:39:85:1b:fa:70:5c + 51: + +exp2: + 42:c5:ca:cb:8e:36:3f:98:07:33:73:dc:bb:7c:bc:6e + 09:c1:ac:8a:d7:c2:51:8b:ed:f5:4f:d4:35:35:a6:0e + 0b:62:70:49:5f:a4:4c:2a:ef:05:3f:ee:50:89:a1:e8 + 4a:9f:39:1e:9c:de:f3:9e:cb:01:a5:9f:f7:3b:11:1a + 4f:ff:42:26:0a:d9:70:b2:24:fe:74:c9:a3:b3:a1:a2 + 9f:30:90:e1:df:54:71:80:84:7b:9b:c5:0b:f1:e4:4a + de:4f:7b:6a:ac:83:bc:76:d5:1d:2d:93:e6:3f:95:de + 2e:0e:4d:82:23:f7:c3:be:91:8a:fd:88:51:de:74:41 + + + +Public Key PIN: + pin-sha256:O4J2O7fbEdphitrCWZG7Jyi8t5S4daRsB8YQZknFYWk= +Public Key ID: + sha256:3b82763bb7db11da618adac25991bb2728bcb794b875a46c07c6106649c56169 + sha1:211a88b6de03c00180aadb708899a68f17ceaa6c + +-----BEGIN PRIVATE KEY----- +MIIE7wIBADA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAaEaMBgGCSqGSIb3 +DQEBCDALBglghkgBZQMEAgGiAwIBIASCBKkwggSlAgEAAoIBAQC3tJpNLT8IuB5V +1rCyt9AzzLveViQEHXOsajLbryZP77HWEJB53ImsYOOUVBkEVBfqGA7ZRr5gn+Yz +/25gajXGLd0GgtWAyYgHLydLBBO6S2mSzrwAvkIs4jWNYBFmPCT4OhOtSecSysYq +UoTtPX0eBt6kZNYXFLEZY6DhfEnTQXMp+LV14JP64987gndeg8vaUibrwyATEW3p +qqXXtsOhpQT6bu5POVJNGPmrh0pO2TSnxN/1G7ZXcX/DyE8sAMBu6HQ14nEf78bB +Ynpl58nHQhRfFsGrTTLl4nw4oiECaaOB9Mh4SFgKXZmF9eYqN74j5f8VujlCrJ3Q +EX7kK1XbAgMBAAECggEBAJouPgLgIrNStEMe+RZGJ7wR7OtiKMA7Z8YhK6Ytjl4w +snUTWe6tJe9DMj5fhs+XNKsIng3FziqSiUbC7wSEn7VA8OxyCncYrc45ySSwu03z +1Rud3zRQeoHpKUEKjA/eErkzJSifigy/myoSL/ZdURFOerZG21hryWehsnkNM3jV +XWk4kdnwNyjaZ1aW3XfU8M0zmqN9zGpcRMG949M0cXCx7WdWzAIoO+IrbdDraZvl +2Sfo/CoDFOH3dj+3p4cceISeF2BxhLdng8VBJ0AYljzFE5///T+sMM3l97XLrBY5 +hQXBWUbO3+hnmqJWiHOoNCOyVC0YLMkWDND2RlWfKgECgYEA4RGzWGS5dzy58pXf +uwtm9oExAyLL61qpOGMx//J1RprdvqfQ1MgwGL9vv8ABuicONLJ/dfCqBWlxaANB +m0dbanuJ7/TghMABZ1xGxilAPVUVSNYZ6SLS/Ygd9s1+nATGsNc9HepCRIwQqGyK +0nBttvubH87Z7D4aP+4CF+M3dJsCgYEA0POpOoCjrB/p2Cn0Lxp81mF3yILL+mSg +zu/sXOmXoB0opkldNFmSlsGywhT1AqIuuavfp3nms/pcPr1QsuTB7tO1XTik9tCB +iuFaRdoZBqP6aoSPBPRWKgATK3aNwcjU60LAAtXFtIN/NjInk/xJEfSjTX29A2Hn +QCgVEK2Pl8ECgYEAliUAx88qCulwAu0Iu/b3USsOT1E/SFrK2NsT1/MfWWKm2zGI +luqVa20KV5j3jf/P8kfB0CQkyEd3aDQD6FrKGVcgxftObEDKrvFYJYoPWNsRv+1U +i7q3lnrfwm2EMQDeq8pq8zH70069Lh563bgy+QcQjT+pEXi8ejmFG/pwXFECgYBC +xcrLjjY/mAczc9y7fLxuCcGsitfCUYvt9U/UNTWmDgticElfpEwq7wU/7lCJoehK +nzkenN7znssBpZ/3OxEaT/9CJgrZcLIk/nTJo7Ohop8wkOHfVHGAhHubxQvx5Ere +T3tqrIO8dtUdLZPmP5XeLg5NgiP3w76Riv2IUd50QQKBgQDW2egFLk88J1nkOloa +FVkMt/36I63BZAfkIq41m6zolTRGvji6mQdLUg/y+c0y55ktZhXx81G1TkrVSY+j +l0OtYDHHx6dK4C8H/kAkIlpOdu7v35WF5FqBeqth6dpRfi/d14NGsnYT7xg6ZEUx +4U+vbvBuNNLPWePuiPIiHsgG9g== +-----END PRIVATE KEY----- diff --git a/BouncyCastle/crypto/test/data/tls/x509-ca-key-rsa_pss_384.pem b/BouncyCastle/crypto/test/data/tls/x509-ca-key-rsa_pss_384.pem new file mode 100644 index 0000000..b83a105 --- /dev/null +++ b/BouncyCastle/crypto/test/data/tls/x509-ca-key-rsa_pss_384.pem @@ -0,0 +1,138 @@ +Public Key Info: + Public Key Algorithm: RSA-PSS + Hash Algorithm: SHA384 + Salt Length: 48 + Key Security Level: Medium (2048 bits) + +modulus: + 00:ee:6d:c0:c9:44:dd:94:f8:40:af:9a:f4:43:3e:78 + 45:61:5f:6a:15:23:42:f4:f8:a0:c2:eb:6a:0a:ae:0c + 43:a7:dc:e9:ac:ce:42:c4:c8:f5:4c:de:6c:52:4b:e5 + d3:2b:42:b8:f9:e5:5c:5f:5c:53:2f:0f:f7:f5:3d:04 + ed:2b:50:c9:ab:6b:74:2d:4b:42:71:57:7a:04:83:38 + 97:fa:5b:22:4a:14:d2:0d:dd:5c:66:c9:25:7d:e3:ff + 05:84:02:ea:3c:82:97:45:0f:7c:b3:71:8e:7f:31:8d + b5:eb:5e:b6:0d:91:9b:5d:51:bc:f7:e2:81:a2:5f:46 + 35:cf:9e:64:c4:3c:65:63:f6:ff:15:b0:e7:11:49:fa + c1:cc:d9:54:9b:f8:13:3d:95:ce:f4:7f:58:66:23:cd + bc:11:af:e1:3f:af:d8:5e:16:85:cd:7d:b7:7f:59:fa + ff:29:e6:ef:4f:6e:6b:ef:b0:91:ef:81:63:6f:b2:0c + 2b:47:a6:21:f7:1f:4b:fb:1d:e7:6f:f8:6f:0e:6a:8f + 8a:54:5f:4b:a2:6d:36:20:bb:ba:11:87:06:f3:8d:95 + 6a:10:b7:27:8e:1d:02:b4:ce:1e:c2:09:73:c4:b6:5d + c7:5f:e2:26:bd:4f:cd:7a:b0:c5:c0:d6:82:1f:d4:2e + 59: + +public exponent: + 01:00:01: + +private exponent: + 6a:cf:72:10:f8:2f:c7:9f:9a:e2:d0:28:e2:c2:e6:80 + 36:49:d7:2d:16:f9:d4:e2:58:aa:59:69:cc:d5:01:9b + 81:64:9e:ae:12:4c:a8:f9:59:a2:90:f5:b7:bc:56:7d + ce:20:7a:db:40:1b:ac:80:a0:a7:31:a1:24:14:ac:d3 + 4e:97:47:70:ea:97:45:ff:34:09:b0:65:72:06:12:e1 + 4a:7f:6f:11:fe:d7:c6:ec:46:8b:a9:4a:89:66:0d:05 + bc:88:cd:c4:43:c0:5e:68:bc:b5:6a:86:aa:86:59:74 + 88:b7:8a:18:f4:04:c4:be:6c:48:24:09:6c:e2:ff:81 + 18:5f:a8:85:db:79:b0:14:66:1c:fb:f7:8f:a8:29:79 + 83:79:aa:65:45:05:5a:0f:03:30:e5:75:43:23:23:e1 + eb:09:5d:e6:be:0a:10:bd:34:4a:02:d5:60:f6:51:90 + 30:b5:2d:95:37:0e:aa:fb:8e:f3:4f:b4:2f:54:a4:c1 + 8c:a8:5a:46:0c:85:f0:d5:94:d0:ee:71:a2:c6:d7:b0 + de:81:04:66:43:4c:10:ba:ba:ec:91:57:93:bd:74:4f + d4:ea:96:3b:53:a1:0c:0f:be:7d:70:9c:c2:ae:b2:13 + 4b:2b:c3:c9:8a:56:12:a0:ab:55:e4:4e:90:df:0c:01 + + +prime1: + 00:f8:f5:75:8a:5e:fb:0f:2a:09:42:dc:eb:1e:0d:c9 + 97:6f:30:c9:55:28:af:15:4e:4a:db:9e:cd:17:6a:7f + d1:be:1e:53:2b:79:d9:83:de:96:c9:9b:1f:7e:93:ce + 02:f3:fb:9d:56:a2:19:cf:f2:d0:f2:3b:80:5f:b5:7b + cb:df:d6:26:fb:e8:ba:2b:db:e5:c1:47:98:1d:2e:57 + 5d:26:19:72:2f:48:77:00:1d:8d:72:f6:48:68:97:62 + 0f:5d:30:e0:95:a4:00:34:e4:77:b9:47:81:30:63:48 + 29:64:a0:2f:4f:c0:42:4b:bb:a2:60:7b:ba:e4:79:6b + 81: + +prime2: + 00:f5:2c:0d:7a:8c:17:59:ac:95:20:ca:29:3e:45:23 + 23:6f:25:fe:a3:56:df:23:74:47:cd:38:47:a3:4d:06 + 0e:66:7a:9f:74:cc:86:3e:86:e3:c8:4b:45:09:93:2b + 81:d3:fc:56:a2:29:b3:52:4d:f1:45:69:e2:d3:a3:b1 + 4e:1a:25:bd:1a:6c:2b:57:8a:93:11:b9:e9:6d:11:43 + 2c:aa:22:e9:20:10:bf:e4:fe:a6:c5:30:ec:42:5a:5c + d9:3d:1d:e9:18:7e:10:5b:9d:59:cd:7f:7e:51:5c:c8 + 65:63:8b:4a:54:e8:c1:fa:5c:e9:36:23:20:20:87:0e + d9: + +coefficient: + 00:9f:a9:37:76:c0:24:33:8e:18:92:c5:4c:1e:05:fd + 82:39:d9:40:4d:15:95:7e:92:59:44:1a:99:81:4b:0f + 16:e0:16:99:23:45:91:04:76:f0:98:d7:f5:92:e4:af + 39:3b:6f:49:0b:8f:22:02:aa:3a:da:72:04:9c:a4:cb + 11:1a:44:f4:47:19:ed:a0:9c:94:58:06:cd:ca:b1:ff + 48:7f:bf:2e:23:66:63:0e:cd:0b:a5:43:ee:23:75:32 + d5:93:08:23:51:e3:9e:d2:82:be:9b:c4:6d:53:a9:50 + 66:74:af:11:dd:f2:d5:a6:9f:6e:ca:11:ac:6d:a6:ca + 0b: + +exp1: + 00:ba:47:87:9c:72:77:2e:20:88:ef:73:b7:a5:34:31 + cb:d2:91:d1:83:9b:be:6d:95:b8:63:5e:0e:1d:60:3d + a5:a5:b8:b1:08:8d:d2:d8:5d:db:bb:9c:0b:53:bd:aa + 5f:01:4a:1a:af:30:f9:59:64:59:3d:76:92:16:8b:07 + c7:43:83:cc:85:9e:dc:76:66:c2:21:fd:bc:ee:d0:b6 + e3:e6:d7:11:5e:19:bd:98:e3:83:ec:2a:25:81:c5:0b + c5:6d:38:5e:42:f9:84:82:0f:15:1a:18:4b:ac:f6:0c + 8f:94:50:5b:36:34:28:26:dc:8d:a1:dd:d2:b8:93:b5 + 81: + +exp2: + 5c:07:25:28:12:dd:d0:f3:4f:26:f7:bb:73:7c:50:2c + 44:d4:66:38:b9:ab:18:8b:d5:47:db:10:48:e3:e8:9a + 0f:2d:88:1d:37:88:4c:80:25:90:51:70:a0:9f:75:7d + 4e:2d:31:f7:bc:df:6a:cd:86:fb:1f:3b:dd:65:5c:70 + 8c:b0:0d:c3:95:46:cf:9d:5c:87:12:d9:e3:ee:ce:e0 + 3d:1c:cd:95:13:b4:74:28:82:41:12:94:1c:73:fe:d6 + 2c:72:c5:c4:43:cd:b0:15:e8:57:92:bb:bf:9e:ac:3a + 22:9b:6e:53:60:eb:2f:27:21:03:09:3c:4d:f9:64:41 + + + +Public Key PIN: + pin-sha256:wv5nADHzPA1LzmxBzNO9BTLNYGb9g0W8L55XearJ5C8= +Public Key ID: + sha256:c2fe670031f33c0d4bce6c41ccd3bd0532cd6066fd8345bc2f9e5779aac9e42f + sha1:a9f05d6f61a0f001e874b25a7ed411431c2a89e7 + +-----BEGIN PRIVATE KEY----- +MIIE7gIBADA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAqEaMBgGCSqGSIb3 +DQEBCDALBglghkgBZQMEAgKiAwIBMASCBKgwggSkAgEAAoIBAQDubcDJRN2U+ECv +mvRDPnhFYV9qFSNC9PigwutqCq4MQ6fc6azOQsTI9UzebFJL5dMrQrj55VxfXFMv +D/f1PQTtK1DJq2t0LUtCcVd6BIM4l/pbIkoU0g3dXGbJJX3j/wWEAuo8gpdFD3yz +cY5/MY216162DZGbXVG89+KBol9GNc+eZMQ8ZWP2/xWw5xFJ+sHM2VSb+BM9lc70 +f1hmI828Ea/hP6/YXhaFzX23f1n6/ynm709ua++wke+BY2+yDCtHpiH3H0v7Hedv ++G8Oao+KVF9Lom02ILu6EYcG842VahC3J44dArTOHsIJc8S2Xcdf4ia9T816sMXA +1oIf1C5ZAgMBAAECggEAas9yEPgvx5+a4tAo4sLmgDZJ1y0W+dTiWKpZaczVAZuB +ZJ6uEkyo+VmikPW3vFZ9ziB620AbrICgpzGhJBSs006XR3Dql0X/NAmwZXIGEuFK +f28R/tfG7EaLqUqJZg0FvIjNxEPAXmi8tWqGqoZZdIi3ihj0BMS+bEgkCWzi/4EY +X6iF23mwFGYc+/ePqCl5g3mqZUUFWg8DMOV1QyMj4esJXea+ChC9NEoC1WD2UZAw +tS2VNw6q+47zT7QvVKTBjKhaRgyF8NWU0O5xosbXsN6BBGZDTBC6uuyRV5O9dE/U +6pY7U6EMD759cJzCrrITSyvDyYpWEqCrVeROkN8MAQKBgQD49XWKXvsPKglC3Ose +DcmXbzDJVSivFU5K257NF2p/0b4eUyt52YPelsmbH36TzgLz+51WohnP8tDyO4Bf +tXvL39Ym++i6K9vlwUeYHS5XXSYZci9IdwAdjXL2SGiXYg9dMOCVpAA05He5R4Ew +Y0gpZKAvT8BCS7uiYHu65HlrgQKBgQD1LA16jBdZrJUgyik+RSMjbyX+o1bfI3RH +zThHo00GDmZ6n3TMhj6G48hLRQmTK4HT/FaiKbNSTfFFaeLTo7FOGiW9GmwrV4qT +EbnpbRFDLKoi6SAQv+T+psUw7EJaXNk9HekYfhBbnVnNf35RXMhlY4tKVOjB+lzp +NiMgIIcO2QKBgQC6R4eccncuIIjvc7elNDHL0pHRg5u+bZW4Y14OHWA9paW4sQiN +0thd27ucC1O9ql8BShqvMPlZZFk9dpIWiwfHQ4PMhZ7cdmbCIf287tC24+bXEV4Z +vZjjg+wqJYHFC8VtOF5C+YSCDxUaGEus9gyPlFBbNjQoJtyNod3SuJO1gQKBgFwH +JSgS3dDzTyb3u3N8UCxE1GY4uasYi9VH2xBI4+iaDy2IHTeITIAlkFFwoJ91fU4t +Mfe832rNhvsfO91lXHCMsA3DlUbPnVyHEtnj7s7gPRzNlRO0dCiCQRKUHHP+1ixy +xcRDzbAV6FeSu7+erDoim25TYOsvJyEDCTxN+WRBAoGBAJ+pN3bAJDOOGJLFTB4F +/YI52UBNFZV+kllEGpmBSw8W4BaZI0WRBHbwmNf1kuSvOTtvSQuPIgKqOtpyBJyk +yxEaRPRHGe2gnJRYBs3Ksf9If78uI2ZjDs0LpUPuI3Uy1ZMII1HjntKCvpvEbVOp +UGZ0rxHd8tWmn27KEaxtpsoL +-----END PRIVATE KEY----- diff --git a/BouncyCastle/crypto/test/data/tls/x509-ca-key-rsa_pss_512.pem b/BouncyCastle/crypto/test/data/tls/x509-ca-key-rsa_pss_512.pem new file mode 100644 index 0000000..1bd1bcf --- /dev/null +++ b/BouncyCastle/crypto/test/data/tls/x509-ca-key-rsa_pss_512.pem @@ -0,0 +1,138 @@ +Public Key Info: + Public Key Algorithm: RSA-PSS + Hash Algorithm: SHA512 + Salt Length: 64 + Key Security Level: Medium (2048 bits) + +modulus: + 00:ea:1f:fc:30:5f:ff:19:db:9a:30:46:1b:fa:34:de + 6b:56:44:ff:a1:06:d1:5c:6a:a7:b9:f8:7d:ac:bc:0f + 2b:9c:d8:9b:90:2d:31:a0:41:c7:74:73:01:ba:ea:e4 + c6:9e:bf:9b:41:62:07:54:b4:53:cb:a2:d7:8b:df:3a + a4:6d:b6:95:71:32:21:ee:3c:9a:9d:9b:9b:4d:d5:ef + d3:70:84:ba:c2:0e:a7:2f:07:aa:29:69:20:46:f8:da + 87:49:e0:cf:00:d3:c0:26:a0:71:35:00:06:45:56:56 + 8f:93:60:75:42:f5:78:61:ee:ad:fb:d2:38:de:79:2d + 9b:5b:07:e6:2b:be:b5:a8:a7:95:df:9f:2a:1a:9f:62 + 55:26:35:53:88:33:8c:1c:f9:93:e6:ea:45:39:3c:09 + 7a:e1:4a:41:de:a6:38:fd:56:e4:d5:0d:ee:ff:28:81 + dc:b0:ca:a9:84:42:5f:7a:68:72:32:1e:05:4f:07:36 + 58:71:76:a4:c8:b3:d2:18:3e:c8:3d:7b:2e:18:44:8c + dc:df:b4:53:54:72:ee:78:11:68:94:92:f6:de:41:5b + 1c:e8:dc:1b:41:fe:8f:b4:7d:8d:59:56:ed:07:96:20 + bd:0b:18:cb:3f:40:d3:02:62:7a:50:2e:52:66:68:ab + a1: + +public exponent: + 01:00:01: + +private exponent: + 33:87:46:a1:fe:fe:ce:5a:1e:dd:71:10:c7:48:cb:8b + 24:39:9b:69:7d:6e:a6:c0:72:99:e3:af:05:4d:7e:a9 + 42:a4:09:d8:f9:99:6a:84:0f:b9:f9:75:f0:05:b2:c4 + 64:3c:17:97:94:53:b8:b8:d7:98:82:06:9e:aa:4a:e5 + d5:9f:d1:d4:50:0c:57:ba:ce:ec:d1:4a:a5:1e:e8:e1 + c8:69:ee:10:b7:d8:e3:e8:f3:f2:99:48:99:56:3c:02 + 7a:a8:17:e7:3e:b3:93:cc:cc:1d:b6:1b:ab:37:0d:66 + 1c:31:a6:9d:4e:19:68:b4:77:66:6d:26:47:10:b4:90 + 88:f9:af:65:d3:16:07:f2:6b:59:6e:ba:03:20:ba:a5 + 80:87:75:ae:92:42:bd:64:e1:5a:48:7b:73:33:c3:70 + 74:cc:14:05:c0:d2:42:01:7f:82:4e:e0:8b:f9:2b:12 + 4d:71:4f:55:86:fd:28:0a:8f:a6:ad:66:32:4b:5e:f3 + 22:58:b1:09:51:1f:77:b5:d8:76:e9:80:ea:25:24:09 + 2d:70:ef:5d:89:20:7d:49:4b:52:c1:26:36:c4:c3:95 + 38:80:ef:6d:15:43:5e:dc:bd:5e:06:56:42:6a:59:00 + 13:e3:99:3f:b1:c0:a6:e3:d5:fc:72:38:d1:ea:0d:61 + + +prime1: + 00:f1:54:7d:6d:25:84:c2:37:16:bc:18:04:8b:a2:5e + 09:bd:cc:98:4c:44:ef:8a:9f:b4:6a:72:ac:cf:c8:2f + b4:6b:a6:fd:e9:df:6e:98:42:6c:b4:95:b5:72:21:e0 + 21:e9:71:99:c6:8a:66:f5:06:96:35:9f:15:87:46:7a + 66:cd:3d:ba:1e:96:28:35:ab:fd:07:fd:ab:11:31:50 + 93:a6:6c:67:5e:dd:b6:a9:87:f0:9c:c6:46:cb:7d:83 + 5e:58:c6:16:81:03:64:f5:c6:01:a6:e2:54:7c:be:93 + 65:02:66:89:86:e8:c8:56:bd:cb:d0:bc:7e:df:cb:9c + f7: + +prime2: + 00:f8:5b:5f:19:24:20:60:41:4c:86:07:70:c7:2a:7d + dd:98:bc:f5:e8:ba:c3:7b:5b:2c:50:b3:fa:be:17:04 + 27:6e:75:3f:61:4f:3d:11:aa:f2:73:6a:f8:2f:da:59 + 65:b8:60:13:74:0e:d1:7e:01:07:d6:7e:fd:fb:f9:ca + 4f:9c:e9:c5:49:62:a7:99:36:ed:0f:1e:86:cb:e6:d3 + 87:d0:2c:93:3e:d6:b5:59:a6:b4:f3:2d:38:85:dc:ca + 5c:cd:e1:e9:3e:69:c4:04:25:5e:12:16:86:7f:30:3b + 84:63:80:78:77:d4:45:dd:f7:f0:cc:d2:b5:7e:53:ce + 27: + +coefficient: + 54:6b:6a:51:c7:7e:e2:d9:0b:b8:7e:ea:c8:1b:1b:a8 + 97:06:67:87:da:6a:f7:b2:15:7c:ae:91:4a:46:4a:bd + 79:3b:3a:d7:80:c6:95:2d:e7:92:97:76:cf:24:04:09 + e3:5c:11:68:77:0a:67:21:5a:82:57:80:d1:66:42:d5 + a7:03:1a:20:56:90:c2:e6:97:31:21:3e:a0:4f:41:43 + f8:07:41:92:48:39:ac:1c:8d:c1:a6:0d:be:5d:45:96 + 65:4b:b7:31:0c:c8:2d:f0:72:ca:ba:0e:f0:5a:7c:1a + 7e:23:20:98:1e:c0:55:72:f2:18:b3:22:de:ec:47:21 + + +exp1: + 00:90:e0:d8:2b:9e:4a:85:0d:ed:68:1e:43:1c:50:ed + 83:8b:9e:38:10:11:92:7c:f6:43:a9:64:0e:ba:ee:c3 + 34:dd:2b:f3:63:63:ef:51:19:0f:89:9a:16:c3:dd:f2 + 60:69:74:f9:8c:67:aa:47:8f:1c:be:34:33:08:73:17 + 28:80:2e:7e:7d:be:47:85:71:2b:06:91:13:11:cf:39 + 40:6a:b8:c9:95:fa:24:9e:c2:2d:80:f0:c7:af:82:3a + 4b:79:9f:f2:02:a1:b7:0a:95:44:88:9b:77:7d:2c:2b + f0:87:f0:66:bf:c7:1f:fe:73:12:d8:cd:50:9d:a9:ef + 21: + +exp2: + 2f:9e:a5:6f:56:a3:f6:90:ce:b1:6c:3f:cd:90:72:2d + c9:19:82:35:2b:8a:4b:de:c1:72:7f:ef:f5:fe:c7:c7 + 1f:c0:cf:74:43:13:3c:8e:00:8a:ec:d9:c5:a3:22:3d + 04:cb:37:2f:ab:9f:b3:7f:53:17:67:a6:1f:68:57:c8 + 48:17:f2:c2:0d:6e:81:4c:2c:cc:17:58:55:44:5f:0e + cd:75:9e:8e:0f:f1:19:cd:83:28:95:65:1f:15:a4:9f + 82:c2:6c:4c:91:4f:0a:54:77:e3:13:fa:99:ec:8f:9c + e4:cf:3f:4a:0a:a3:92:d9:f5:8b:f0:62:e8:63:fd:45 + + + +Public Key PIN: + pin-sha256:rS98yeSr3aoarf12o4jbIXeADc53+k2lu/+TB71kG0w= +Public Key ID: + sha256:ad2f7cc9e4abddaa1aadfd76a388db2177800dce77fa4da5bbff9307bd641b4c + sha1:a558e1b80dd69fbc34e5e83dd8fa0ca583b1c045 + +-----BEGIN PRIVATE KEY----- +MIIE7QIBADA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCA6EaMBgGCSqGSIb3 +DQEBCDALBglghkgBZQMEAgOiAwIBQASCBKcwggSjAgEAAoIBAQDqH/wwX/8Z25ow +Rhv6NN5rVkT/oQbRXGqnufh9rLwPK5zYm5AtMaBBx3RzAbrq5Maev5tBYgdUtFPL +oteL3zqkbbaVcTIh7jyanZubTdXv03CEusIOpy8HqilpIEb42odJ4M8A08AmoHE1 +AAZFVlaPk2B1QvV4Ye6t+9I43nktm1sH5iu+tainld+fKhqfYlUmNVOIM4wc+ZPm +6kU5PAl64UpB3qY4/Vbk1Q3u/yiB3LDKqYRCX3pocjIeBU8HNlhxdqTIs9IYPsg9 +ey4YRIzc37RTVHLueBFolJL23kFbHOjcG0H+j7R9jVlW7QeWIL0LGMs/QNMCYnpQ +LlJmaKuhAgMBAAECggEAM4dGof7+zloe3XEQx0jLiyQ5m2l9bqbAcpnjrwVNfqlC +pAnY+ZlqhA+5+XXwBbLEZDwXl5RTuLjXmIIGnqpK5dWf0dRQDFe6zuzRSqUe6OHI +ae4Qt9jj6PPymUiZVjwCeqgX5z6zk8zMHbYbqzcNZhwxpp1OGWi0d2ZtJkcQtJCI ++a9l0xYH8mtZbroDILqlgId1rpJCvWThWkh7czPDcHTMFAXA0kIBf4JO4Iv5KxJN +cU9Vhv0oCo+mrWYyS17zIlixCVEfd7XYdumA6iUkCS1w712JIH1JS1LBJjbEw5U4 +gO9tFUNe3L1eBlZCalkAE+OZP7HApuPV/HI40eoNYQKBgQDxVH1tJYTCNxa8GASL +ol4JvcyYTETvip+0anKsz8gvtGum/enfbphCbLSVtXIh4CHpcZnGimb1BpY1nxWH +RnpmzT26HpYoNav9B/2rETFQk6ZsZ17dtqmH8JzGRst9g15YxhaBA2T1xgGm4lR8 +vpNlAmaJhujIVr3L0Lx+38uc9wKBgQD4W18ZJCBgQUyGB3DHKn3dmLz16LrDe1ss +ULP6vhcEJ251P2FPPRGq8nNq+C/aWWW4YBN0DtF+AQfWfv37+cpPnOnFSWKnmTbt +Dx6Gy+bTh9Askz7WtVmmtPMtOIXcylzN4ek+acQEJV4SFoZ/MDuEY4B4d9RF3ffw +zNK1flPOJwKBgQCQ4NgrnkqFDe1oHkMcUO2Di544EBGSfPZDqWQOuu7DNN0r82Nj +71EZD4maFsPd8mBpdPmMZ6pHjxy+NDMIcxcogC5+fb5HhXErBpETEc85QGq4yZX6 +JJ7CLYDwx6+COkt5n/ICobcKlUSIm3d9LCvwh/Bmv8cf/nMS2M1QnanvIQKBgC+e +pW9Wo/aQzrFsP82Qci3JGYI1K4pL3sFyf+/1/sfHH8DPdEMTPI4AiuzZxaMiPQTL +Ny+rn7N/Uxdnph9oV8hIF/LCDW6BTCzMF1hVRF8OzXWejg/xGc2DKJVlHxWkn4LC +bEyRTwpUd+MT+pnsj5zkzz9KCqOS2fWL8GLoY/1FAoGAVGtqUcd+4tkLuH7qyBsb +qJcGZ4faaveyFXyukUpGSr15OzrXgMaVLeeSl3bPJAQJ41wRaHcKZyFagleA0WZC +1acDGiBWkMLmlzEhPqBPQUP4B0GSSDmsHI3Bpg2+XUWWZUu3MQzILfByyroO8Fp8 +Gn4jIJgewFVy8hizIt7sRyE= +-----END PRIVATE KEY----- diff --git a/BouncyCastle/crypto/test/data/tls/x509-ca-rsa.pem b/BouncyCastle/crypto/test/data/tls/x509-ca-rsa.pem new file mode 100644 index 0000000..ffda4f2 --- /dev/null +++ b/BouncyCastle/crypto/test/data/tls/x509-ca-rsa.pem @@ -0,0 +1,19 @@ +-----BEGIN CERTIFICATE----- +MIIDDzCCAfegAwIBAgIMWYGU7zoymvg+Z63iMA0GCSqGSIb3DQEBCwUAMCMxITAf +BgNVBAMTGEJvdW5jeUNhc3RsZSBUTFMgVGVzdCBDQTAeFw0xNzA4MDIwOTAxMzVa +Fw0zNzA3MjkwOTAxMzVaMCMxITAfBgNVBAMTGEJvdW5jeUNhc3RsZSBUTFMgVGVz +dCBDQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAOMuUmmLJ2pQ4fYj +EfuIj11TMnG8dqScapc/yU9zHCDn5DQJGOa/X5jYoJX4k2PbXk5bbck2caC4J7/G +WRugGc4KcOVItAmnxbVzJqtpsdRrVUvTzqcvaSZNHEgSWP73WmlACX6xIHRyBtr+ +Pwpig73eZkOVcGOsbsWliffVQ0f0fz/AGsYh5IWBNlIfBOWwOEBDJavlsYrVGAw1 +MuXxknybsjXFRqyFNPE6Shd3W3eteo+FOvQsyopmX6FcP+EOaFQxSQ7yR+xNsreC +yxi40hPfswO6TihN9hLdVt3C+OHDJw2wR2xM+SwsW8Hu4jEi21uakQl846z+XdgV +o+D3v3cCAwEAAaNDMEEwDwYDVR0TAQH/BAUwAwEB/zAPBgNVHQ8BAf8EBQMDBwQA +MB0GA1UdDgQWBBQrQlWadXqqzBV+2iw7BZXrvFHaQjANBgkqhkiG9w0BAQsFAAOC +AQEArUVXn2oI5hgSkDwDrhQFijHBT3d37SX0eji//lkLPTHSEXHv+6kAoxVKmSnG +hAAxuLKxtAjNlXi4FAxSpQPX17/199JHUd/Ue63Tetc8DfaFc6MaFNxWkNrY6LUX +bEhbI/vB1kBu7sc8SW7N694WSpe/OmD/lB6GYW6ZV68hrTB0gfmfB6SfcGbQ69ss +YUsNU7Yo1GZnJTz0FZzybjx/T85NnVvpfVqjjaGRFeSva9GAU+5uO5DdbSpbkCcw +6QFFfvcJ7VD6qFqtLG1TfcdOuCaUB8cmDhDtTB/Ax96wGdJvp6ca3YaboZag9HOZ +4csuzHIJQyd5HT6xLbUBeskgWw== +-----END CERTIFICATE----- diff --git a/BouncyCastle/crypto/test/data/tls/x509-ca-rsa_pss_256.pem b/BouncyCastle/crypto/test/data/tls/x509-ca-rsa_pss_256.pem new file mode 100644 index 0000000..0e5966a --- /dev/null +++ b/BouncyCastle/crypto/test/data/tls/x509-ca-rsa_pss_256.pem @@ -0,0 +1,22 @@ +-----BEGIN CERTIFICATE----- +MIIDpzCCAl+gAwIBAgIUIyISxx5PRQREJEmN08CNp74twmcwPQYJKoZIhvcNAQEK +MDCgDTALBglghkgBZQMEAgGhGjAYBgkqhkiG9w0BAQgwCwYJYIZIAWUDBAIBogMC +ASAwIzEhMB8GA1UEAxMYQm91bmN5Q2FzdGxlIFRMUyBUZXN0IENBMB4XDTE4MTAy +NDA2MDY0MloXDTM4MTAyMDA2MDY0MlowIzEhMB8GA1UEAxMYQm91bmN5Q2FzdGxl +IFRMUyBUZXN0IENBMIIBUjA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAaEa +MBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgGiAwIBIAOCAQ8AMIIBCgKCAQEAt7Sa +TS0/CLgeVdawsrfQM8y73lYkBB1zrGoy268mT++x1hCQedyJrGDjlFQZBFQX6hgO +2Ua+YJ/mM/9uYGo1xi3dBoLVgMmIBy8nSwQTuktpks68AL5CLOI1jWARZjwk+DoT +rUnnEsrGKlKE7T19HgbepGTWFxSxGWOg4XxJ00FzKfi1deCT+uPfO4J3XoPL2lIm +68MgExFt6aql17bDoaUE+m7uTzlSTRj5q4dKTtk0p8Tf9Ru2V3F/w8hPLADAbuh0 +NeJxH+/GwWJ6ZefJx0IUXxbBq00y5eJ8OKIhAmmjgfTIeEhYCl2ZhfXmKje+I+X/ +Fbo5Qqyd0BF+5CtV2wIDAQABo0MwQTAPBgNVHRMBAf8EBTADAQH/MA8GA1UdDwEB +/wQFAwMHBAAwHQYDVR0OBBYEFCEaiLbeA8ABgKrbcIiZpo8XzqpsMD0GCSqGSIb3 +DQEBCjAwoA0wCwYJYIZIAWUDBAIBoRowGAYJKoZIhvcNAQEIMAsGCWCGSAFlAwQC +AaIDAgEgA4IBAQCpl2XsRpIAR5cD0YRWOg2hNg1+oMNAj1wtuBOiaD84doN07sFl +ta3lnweoA1rZZNLtAOUu5Fs7FwetzhuA5+iHVRAU8qqoSojP5fZgTriOFK/7rEUu +ZTxL1IzXEuiQO2iCkTXslg5HP5QAsYV4iqGe6erSAgzD5tP2mpgQJudUiuvCdWGz +lgroWjDAklQHIXITCrLgnMieYIbILZXXMZLfIrMfZOPCd7IDPTjb8/k1j3N4Wuld +qZWSPeNhuUUTKniXy4GVBE1obMDyBRarR4jkeeKdsuYbdf0oSTMK/rcuZMrZfjAR +uH3sqZ1Ovw4rbYzjk/ET4QlolFnFexgZ5QcH +-----END CERTIFICATE----- diff --git a/BouncyCastle/crypto/test/data/tls/x509-ca-rsa_pss_384.pem b/BouncyCastle/crypto/test/data/tls/x509-ca-rsa_pss_384.pem new file mode 100644 index 0000000..5e8bb89 --- /dev/null +++ b/BouncyCastle/crypto/test/data/tls/x509-ca-rsa_pss_384.pem @@ -0,0 +1,22 @@ +-----BEGIN CERTIFICATE----- +MIIDpzCCAl+gAwIBAgIUWplyXkxgG/630tCmc0xgpFKshNYwPQYJKoZIhvcNAQEK +MDCgDTALBglghkgBZQMEAgKhGjAYBgkqhkiG9w0BAQgwCwYJYIZIAWUDBAICogMC +ATAwIzEhMB8GA1UEAxMYQm91bmN5Q2FzdGxlIFRMUyBUZXN0IENBMB4XDTE4MTAy +NDA2MDY0MloXDTM4MTAyMDA2MDY0MlowIzEhMB8GA1UEAxMYQm91bmN5Q2FzdGxl +IFRMUyBUZXN0IENBMIIBUjA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAqEa +MBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgKiAwIBMAOCAQ8AMIIBCgKCAQEA7m3A +yUTdlPhAr5r0Qz54RWFfahUjQvT4oMLragquDEOn3OmszkLEyPVM3mxSS+XTK0K4 ++eVcX1xTLw/39T0E7StQyatrdC1LQnFXegSDOJf6WyJKFNIN3VxmySV94/8FhALq +PIKXRQ98s3GOfzGNtetetg2Rm11RvPfigaJfRjXPnmTEPGVj9v8VsOcRSfrBzNlU +m/gTPZXO9H9YZiPNvBGv4T+v2F4Whc19t39Z+v8p5u9PbmvvsJHvgWNvsgwrR6Yh +9x9L+x3nb/hvDmqPilRfS6JtNiC7uhGHBvONlWoQtyeOHQK0zh7CCXPEtl3HX+Im +vU/NerDFwNaCH9QuWQIDAQABo0MwQTAPBgNVHRMBAf8EBTADAQH/MA8GA1UdDwEB +/wQFAwMHBAAwHQYDVR0OBBYEFKnwXW9hoPAB6HSyWn7UEUMcKonnMD0GCSqGSIb3 +DQEBCjAwoA0wCwYJYIZIAWUDBAICoRowGAYJKoZIhvcNAQEIMAsGCWCGSAFlAwQC +AqIDAgEwA4IBAQAwyVTh4HCTN1FnLLY3iUSEWHNqYNCdAmP/qMYDgwZAdS3hRHEt +9mE0a0/52bYEY9QMol4eGIGKjiXuxZpJKjK2WBgnUvyV7fEDcKy8UqB+ULFGNRxR +9tR3MRMSFrQl+W6q2ABPwmqvAtJHSiIRA30ZuwxSyX4ulzxThRYnkfp2eSKKHp2x +J6xUEnN5vnoXvpa1sFccKorPITF0r8OWzIi+GGzHz4Wq0Fqov4TOhnU/u6Xqw0xX +CXshQ0pN6+XWT0Ea0OuZk1/cKy2nyk+oHSmo/HhKJ8lGc3P2dLgCV9jjbM2WYCHs +O2rKlDWMxkd1Zx/I0ZzUI3Km+Qb8a+88KOtg +-----END CERTIFICATE----- diff --git a/BouncyCastle/crypto/test/data/tls/x509-ca-rsa_pss_512.pem b/BouncyCastle/crypto/test/data/tls/x509-ca-rsa_pss_512.pem new file mode 100644 index 0000000..690d256 --- /dev/null +++ b/BouncyCastle/crypto/test/data/tls/x509-ca-rsa_pss_512.pem @@ -0,0 +1,22 @@ +-----BEGIN CERTIFICATE----- +MIIDpzCCAl+gAwIBAgIUJ6gfVYLgx1UAxuxNNmuo6mUQP/gwPQYJKoZIhvcNAQEK +MDCgDTALBglghkgBZQMEAgOhGjAYBgkqhkiG9w0BAQgwCwYJYIZIAWUDBAIDogMC +AUAwIzEhMB8GA1UEAxMYQm91bmN5Q2FzdGxlIFRMUyBUZXN0IENBMB4XDTE4MTAy +NDA2MDY0M1oXDTM4MTAyMDA2MDY0M1owIzEhMB8GA1UEAxMYQm91bmN5Q2FzdGxl +IFRMUyBUZXN0IENBMIIBUjA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCA6Ea +MBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgOiAwIBQAOCAQ8AMIIBCgKCAQEA6h/8 +MF//GduaMEYb+jTea1ZE/6EG0Vxqp7n4fay8Dyuc2JuQLTGgQcd0cwG66uTGnr+b +QWIHVLRTy6LXi986pG22lXEyIe48mp2bm03V79NwhLrCDqcvB6opaSBG+NqHSeDP +ANPAJqBxNQAGRVZWj5NgdUL1eGHurfvSON55LZtbB+YrvrWop5Xfnyoan2JVJjVT +iDOMHPmT5upFOTwJeuFKQd6mOP1W5NUN7v8ogdywyqmEQl96aHIyHgVPBzZYcXak +yLPSGD7IPXsuGESM3N+0U1Ry7ngRaJSS9t5BWxzo3BtB/o+0fY1ZVu0HliC9CxjL +P0DTAmJ6UC5SZmiroQIDAQABo0MwQTAPBgNVHRMBAf8EBTADAQH/MA8GA1UdDwEB +/wQFAwMHBAAwHQYDVR0OBBYEFKVY4bgN1p+8NOXoPdj6DKWDscBFMD0GCSqGSIb3 +DQEBCjAwoA0wCwYJYIZIAWUDBAIDoRowGAYJKoZIhvcNAQEIMAsGCWCGSAFlAwQC +A6IDAgFAA4IBAQAIi+3zyTk8NR5w5a109GHz4wpACxafirJkr6wkAIzzU95OKLiw +fogX/ECW9UaIfJMHrnEADhKcMSRd7HcNpDg/E8GKr4IhtbkFhNjAjE10Ham6fLzw +SgvN34QpDT6iVP83Cx+SzlSDQLjq4es8diZXP39C0T2a9iskDXMF+ZcaZMwd1TLe +MI7HMIiLCoyVP7LOI39e6E0ho0W0FRrMtZuXIIvZjwkb+SGhAmlJiATmpLmtzuoK +oI/UE1gNglJFjA6HWHStHd7hEJrtGHNa061G130kOFGIJhGf8fHiGaWvWYfZ5/jc +egUo5t7rA6wg6KPwA2JjH2jxUp3NUzTRzV72 +-----END CERTIFICATE----- diff --git a/BouncyCastle/crypto/test/data/tls/x509-client-dsa.pem b/BouncyCastle/crypto/test/data/tls/x509-client-dsa.pem new file mode 100644 index 0000000..782fe4e --- /dev/null +++ b/BouncyCastle/crypto/test/data/tls/x509-client-dsa.pem @@ -0,0 +1,27 @@ +-----BEGIN CERTIFICATE----- +MIIEpzCCBE2gAwIBAgIMWYGU8Awsp0jsH7C+MAsGCWCGSAFlAwQDAjAjMSEwHwYD +VQQDExhCb3VuY3lDYXN0bGUgVExTIFRlc3QgQ0EwHhcNMTcwODAyMDkwMTM2WhcN +MzcwNzI4MDkwMTM2WjAjMSEwHwYDVQQDExhCb3VuY3lDYXN0bGUgVGVzdCBDbGll +bnQwggNHMIICOQYHKoZIzjgEATCCAiwCggEBANIzNyBmt0q+w79byPcXWN5ETG80 +4OJFYhOAdUl5gv90ACofvnojmLaOu2AnbwEUVMlV5xBdeuanPl0ESmH+yFoDwwwA +3uNhPutZ91Yml5PPpks48Fj8IV8Mnnp+0LGC1Ug9IgeXkPSrGm1aIJjMNvK3xc7q +MGI8aeL//pFSoH4vNvRqi+QzZBW/FaXeWdRvkT0c1YACvdl0rnF3SPbi7bn45ceG +GEenq6dFjbZZG1e+bZyzd8/UGO01BLZxftG0IiWWqKi1BlP1Lgc8LyUIrza+Ie1a +vLk0jbjuhhQsYebpvnO84uhDOdavpxnHCqcEm8sElRctIFYY1xB3PD3bG8ECIQCI +pXijcj1zNsncR7roSHNeer5B3c1N92F2hTLedYbzwQKCAQB7PCrFF3u7oJq/64EL +8EMlnv81vgWnet/Ux5zzY2OEdtDOOR4YnrWXcs/rsjio/blHTf/CeMX3pTVV8GE3 +f0C4+Hx6mWb+okL7UgEPmen8dGHD//yn3e6wYBG7aqd8DtBkicmgd9eKlY+xgbww +rDN8dz9RbJ9oAOXbzASw1GvLbZ6UWsMTZ7WWoAbLOf+0gfiA+eRjC9x0HbaN0jLy +ztQJhEvWqGSynNfkB2xopRtoyYCvtEVDtQEC9H6PtIG9oKyiwLAtVOmbj6pf1/V3 +ZJJEPiFfKD8CHcS8Z87JXMbjTolIf1A+/Bjn+FKOS2zdIQ+rAOFdptUyU68CWkAV +6trbA4IBBgACggEBAKprryuOBKnrY00s9y+HM6UMvS/exCjzmQrlQ9rQMuwVG+lz +GKKWFu7shIQqneaNNUuNAXRK0NABkPjIBLfvdDmkXweU4/oi2mZQaIUPEWceHrmL +FliI3+VtqC3rPvXzVGvbBdUvqSCJrYD84EK6Ahs3LGIB0OC1Wldi6x8FtKewbn7B +23twnAsvNx4QzFt7W6j05EorWCvs+cwbTttptRiruNcPYLQweMIrcNvzApq+sgoW +traZdTS7rBklrgfi7/4JJNN+jV21XqDQYGugN8PnbORyuETGHEf1wk4HFL7eweHO +4KzTpaNeqsJfilOe9PV1SgDhv9oyKj6957xK1WSjdjB0MAwGA1UdEwEB/wQCMAAw +EwYDVR0lBAwwCgYIKwYBBQUHAwIwDwYDVR0PAQH/BAUDAweAADAdBgNVHQ4EFgQU +iU8ApXTLLe07mPDvg7O9CsNwS0EwHwYDVR0jBBgwFoAUAOVmarDrz1YtyjvnX4C9 +cDcXlagwCwYJYIZIAWUDBAMCA0cAMEQCIGlXUYEccybo2azMk3f6Zl6bpxERr/FU ++/2k+mbBeo7TAiA9/aIWf0bdED8AH0KNKFfcpKMsvnJHTCOPr7fBPU84lQ== +-----END CERTIFICATE----- diff --git a/BouncyCastle/crypto/test/data/tls/x509-client-ecdh.pem b/BouncyCastle/crypto/test/data/tls/x509-client-ecdh.pem new file mode 100644 index 0000000..a3b1b34 --- /dev/null +++ b/BouncyCastle/crypto/test/data/tls/x509-client-ecdh.pem @@ -0,0 +1,12 @@ +-----BEGIN CERTIFICATE----- +MIIBtTCCAVygAwIBAgIMWYGU7ztLkMAhmmRDMAoGCCqGSM49BAMCMCMxITAfBgNV +BAMTGEJvdW5jeUNhc3RsZSBUTFMgVGVzdCBDQTAeFw0xNzA4MDIwOTAxMzVaFw0z +NzA3MjgwOTAxMzVaMCMxITAfBgNVBAMTGEJvdW5jeUNhc3RsZSBUZXN0IENsaWVu +dDBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABLRekMsBjYf7GXhy7ZqnX9lAvXyL +sC9VfMUIcfGNluSN2C3O9fjqN5FMary/eU49ij6L2mRUjZz6kQK0ZM68pL6jdjB0 +MAwGA1UdEwEB/wQCMAAwEwYDVR0lBAwwCgYIKwYBBQUHAwIwDwYDVR0PAQH/BAUD +AweIADAdBgNVHQ4EFgQU7ZRZoI8czdH0szeb+t3EwaXNUG8wHwYDVR0jBBgwFoAU +0ma/FGcW5gGlL//B26Xmj0JISecwCgYIKoZIzj0EAwIDRwAwRAIgVij5xSPQrUgo +VsbOgVdLGLJeiHo065dtdt87PSCJtusCID+c1QShYOgBkI/Bv3gotVhTP4mtjhp2 +2v442jTclSfT +-----END CERTIFICATE----- diff --git a/BouncyCastle/crypto/test/data/tls/x509-client-ecdsa.pem b/BouncyCastle/crypto/test/data/tls/x509-client-ecdsa.pem new file mode 100644 index 0000000..261db1c --- /dev/null +++ b/BouncyCastle/crypto/test/data/tls/x509-client-ecdsa.pem @@ -0,0 +1,12 @@ +-----BEGIN CERTIFICATE----- +MIIBtTCCAVygAwIBAgIMWYGU8A09KQDW+svJMAoGCCqGSM49BAMCMCMxITAfBgNV +BAMTGEJvdW5jeUNhc3RsZSBUTFMgVGVzdCBDQTAeFw0xNzA4MDIwOTAxMzZaFw0z +NzA3MjgwOTAxMzZaMCMxITAfBgNVBAMTGEJvdW5jeUNhc3RsZSBUZXN0IENsaWVu +dDBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABLenUtWqfkGp0iFncfdsvBsfaXHv +Ne5gV7U/zUO0OQ71V1c8WpOx9f0rhpOSCN9GCqQNL3yd+nWf+pu40JMMrZKjdjB0 +MAwGA1UdEwEB/wQCMAAwEwYDVR0lBAwwCgYIKwYBBQUHAwIwDwYDVR0PAQH/BAUD +AweAADAdBgNVHQ4EFgQUtK5VEuBZJUDbU8gN9dleZeXDf2swHwYDVR0jBBgwFoAU +0ma/FGcW5gGlL//B26Xmj0JISecwCgYIKoZIzj0EAwIDRwAwRAIgNnj/nlAbCd0R +fCG6n5s5Sdsh4dR7KRhncCj8wjGYZMYCICUXU05FIr3bM9bELX2We3rv1ookK9rC +7ZVjCgt7YbHi +-----END CERTIFICATE----- diff --git a/BouncyCastle/crypto/test/data/tls/x509-client-ed25519.pem b/BouncyCastle/crypto/test/data/tls/x509-client-ed25519.pem new file mode 100644 index 0000000..e419a7b --- /dev/null +++ b/BouncyCastle/crypto/test/data/tls/x509-client-ed25519.pem @@ -0,0 +1,11 @@ +-----BEGIN CERTIFICATE----- +MIIBfjCCATCgAwIBAgIUO1XUdvEupfCQwrrPHXE28BoO+TswBQYDK2VwMCMxITAf +BgNVBAMTGEJvdW5jeUNhc3RsZSBUTFMgVGVzdCBDQTAeFw0xODA4MjMwOTI5NDda +Fw0zODA4MTgwOTI5NDdaMCMxITAfBgNVBAMTGEJvdW5jeUNhc3RsZSBUZXN0IENs +aWVudDAqMAUGAytlcAMhAJe53GEkXEVP7L7FbVZ1BCGvvIZac+6k41CncucJ3BJ2 +o3YwdDAMBgNVHRMBAf8EAjAAMBMGA1UdJQQMMAoGCCsGAQUFBwMCMA8GA1UdDwEB +/wQFAwMHgAAwHQYDVR0OBBYEFNo2OYJ4FLTBdu5lozbqL2aAXsqzMB8GA1UdIwQY +MBaAFOp5vj76ByEwboduoHWAWzajnM1mMAUGAytlcANBAJrgAof3yetck8DDLNTG +dwLQdCNjEg5/xgvKVcTPuUC4rirgCoYtPY36lfPhd0v5Ev8v1Jjrxshyi/yVCsLb +mQ8= +-----END CERTIFICATE----- diff --git a/BouncyCastle/crypto/test/data/tls/x509-client-ed448.pem b/BouncyCastle/crypto/test/data/tls/x509-client-ed448.pem new file mode 100644 index 0000000..e7442fc --- /dev/null +++ b/BouncyCastle/crypto/test/data/tls/x509-client-ed448.pem @@ -0,0 +1,12 @@ +-----BEGIN CERTIFICATE----- +MIIByTCCAUmgAwIBAgIUbl3fESW+2UIW9SzaxnhuhiGygLIwBQYDK2VxMCMxITAf +BgNVBAMTGEJvdW5jeUNhc3RsZSBUTFMgVGVzdCBDQTAeFw0yMDAyMTMwNzMzMDJa +Fw00MDAyMDgwNzMzMDJaMCMxITAfBgNVBAMTGEJvdW5jeUNhc3RsZSBUZXN0IENs +aWVudDBDMAUGAytlcQM6AFbp8qV7nVhmDWZUsXTfqU8aOaP4XSmGUnKqdlQPR5O4 +3lMlUukbrclV5v5+b4Z8Qy4Abe+PZU+AgKN2MHQwDAYDVR0TAQH/BAIwADATBgNV +HSUEDDAKBggrBgEFBQcDAjAPBgNVHQ8BAf8EBQMDB4AAMB0GA1UdDgQWBBSlCh5L +f6BeaHQxiEe5B9ZjbbCKODAfBgNVHSMEGDAWgBS+BSv++BEWlTJ53q6rwnDLVnR5 +JTAFBgMrZXEDcwAC3Tugpa+pS0ExsLdh/6GsVAVvhYICLc+tWGExM+f3gzFU7yvO +uM7xwRR78ItbQyRkfLeL+6GYGgDzhjwQ6XzilwGibLtGuooLAMo3uOgW8N4mQslf +GqEW2V3VocPjmNYanAMJnTd68t5Wc0ow153cNgA= +-----END CERTIFICATE----- diff --git a/BouncyCastle/crypto/test/data/tls/x509-client-key-dsa.pem b/BouncyCastle/crypto/test/data/tls/x509-client-key-dsa.pem new file mode 100644 index 0000000..fd1a45b --- /dev/null +++ b/BouncyCastle/crypto/test/data/tls/x509-client-key-dsa.pem @@ -0,0 +1,15 @@ +-----BEGIN PRIVATE KEY----- +MIICZAIBADCCAjkGByqGSM44BAEwggIsAoIBAQDSMzcgZrdKvsO/W8j3F1jeRExv +NODiRWITgHVJeYL/dAAqH756I5i2jrtgJ28BFFTJVecQXXrmpz5dBEph/shaA8MM +AN7jYT7rWfdWJpeTz6ZLOPBY/CFfDJ56ftCxgtVIPSIHl5D0qxptWiCYzDbyt8XO +6jBiPGni//6RUqB+Lzb0aovkM2QVvxWl3lnUb5E9HNWAAr3ZdK5xd0j24u25+OXH +hhhHp6unRY22WRtXvm2cs3fP1BjtNQS2cX7RtCIllqiotQZT9S4HPC8lCK82viHt +Wry5NI247oYULGHm6b5zvOLoQznWr6cZxwqnBJvLBJUXLSBWGNcQdzw92xvBAiEA +iKV4o3I9czbJ3Ee66EhzXnq+Qd3NTfdhdoUy3nWG88ECggEAezwqxRd7u6Cav+uB +C/BDJZ7/Nb4Fp3rf1Mec82NjhHbQzjkeGJ61l3LP67I4qP25R03/wnjF96U1VfBh +N39AuPh8eplm/qJC+1IBD5np/HRhw//8p93usGARu2qnfA7QZInJoHfXipWPsYG8 +MKwzfHc/UWyfaADl28wEsNRry22elFrDE2e1lqAGyzn/tIH4gPnkYwvcdB22jdIy +8s7UCYRL1qhkspzX5AdsaKUbaMmAr7RFQ7UBAvR+j7SBvaCsosCwLVTpm4+qX9f1 +d2SSRD4hXyg/Ah3EvGfOyVzG406JSH9QPvwY5/hSjkts3SEPqwDhXabVMlOvAlpA +Fera2wQiAiAFTXpu+duj6u8P3wMsd7fOOStBEV6hPUh+RLdOjGslXw== +-----END PRIVATE KEY----- diff --git a/BouncyCastle/crypto/test/data/tls/x509-client-key-ecdh.pem b/BouncyCastle/crypto/test/data/tls/x509-client-key-ecdh.pem new file mode 100644 index 0000000..2a28a9f --- /dev/null +++ b/BouncyCastle/crypto/test/data/tls/x509-client-key-ecdh.pem @@ -0,0 +1,6 @@ +-----BEGIN PRIVATE KEY----- +MIGTAgEAMBMGByqGSM49AgEGCCqGSM49AwEHBHkwdwIBAQQgAuAT+3hSra1qS+XA +iAUT+W6MSZ2rnoeQGjFe6FX7z8qgCgYIKoZIzj0DAQehRANCAAS0XpDLAY2H+xl4 +cu2ap1/ZQL18i7AvVXzFCHHxjZbkjdgtzvX46jeRTGq8v3lOPYo+i9pkVI2c+pEC +tGTOvKS+ +-----END PRIVATE KEY----- diff --git a/BouncyCastle/crypto/test/data/tls/x509-client-key-ecdsa.pem b/BouncyCastle/crypto/test/data/tls/x509-client-key-ecdsa.pem new file mode 100644 index 0000000..d9aceb3 --- /dev/null +++ b/BouncyCastle/crypto/test/data/tls/x509-client-key-ecdsa.pem @@ -0,0 +1,6 @@ +-----BEGIN PRIVATE KEY----- +MIGUAgEAMBMGByqGSM49AgEGCCqGSM49AwEHBHoweAIBAQQhAJxpy2FD0ePz3c9j +6fVPTSpHAmdiRIqnskVP0PjiBAEvoAoGCCqGSM49AwEHoUQDQgAEt6dS1ap+QanS +IWdx92y8Gx9pce817mBXtT/NQ7Q5DvVXVzxak7H1/SuGk5II30YKpA0vfJ36dZ/6 +m7jQkwytkg== +-----END PRIVATE KEY----- diff --git a/BouncyCastle/crypto/test/data/tls/x509-client-key-ed25519.pem b/BouncyCastle/crypto/test/data/tls/x509-client-key-ed25519.pem new file mode 100644 index 0000000..a08f3c4 --- /dev/null +++ b/BouncyCastle/crypto/test/data/tls/x509-client-key-ed25519.pem @@ -0,0 +1,25 @@ +Public Key Info: + Public Key Algorithm: EdDSA (Ed25519) + Key Security Level: High (256 bits) + +curve: Ed25519 +private key: + b6:9d:94:c8:9d:c9:7a:5d:b3:58:92:af:67:8e:c2:bd + 63:c1:81:55:3d:b2:5c:e0:c8:91:f1:40:34:5a:6d:b9 + + +x: + 97:b9:dc:61:24:5c:45:4f:ec:be:c5:6d:56:75:04:21 + af:bc:86:5a:73:ee:a4:e3:50:a7:72:e7:09:dc:12:76 + + + +Public Key PIN: + pin-sha256:aWaJiTGI21SUAEt2VgTiRGAnczFMD8axA/4hrKMpfno= +Public Key ID: + sha256:696689893188db5494004b765604e244602773314c0fc6b103fe21aca3297e7a + sha1:da3639827814b4c176ee65a336ea2f66805ecab3 + +-----BEGIN PRIVATE KEY----- +MC4CAQAwBQYDK2VwBCIEILadlMidyXpds1iSr2eOwr1jwYFVPbJc4MiR8UA0Wm25 +-----END PRIVATE KEY----- diff --git a/BouncyCastle/crypto/test/data/tls/x509-client-key-ed448.pem b/BouncyCastle/crypto/test/data/tls/x509-client-key-ed448.pem new file mode 100644 index 0000000..be3c863 --- /dev/null +++ b/BouncyCastle/crypto/test/data/tls/x509-client-key-ed448.pem @@ -0,0 +1,28 @@ +Public Key Info: + Public Key Algorithm: EdDSA (Ed448) + Key Security Level: Ultra (456 bits) + +curve: Ed448 +private key: + b1:9c:73:a3:54:a0:33:05:b1:b0:ad:6f:1f:c0:ad:14 + db:d4:55:bb:eb:fa:d4:33:8c:e5:bc:68:03:d1:ca:25 + 19:75:0f:94:4f:e3:fd:3a:62:b5:77:23:d7:b0:d6:75 + 92:9c:98:86:2a:08:c5:b2:6e: + +x: + 56:e9:f2:a5:7b:9d:58:66:0d:66:54:b1:74:df:a9:4f + 1a:39:a3:f8:5d:29:86:52:72:aa:76:54:0f:47:93:b8 + de:53:25:52:e9:1b:ad:c9:55:e6:fe:7e:6f:86:7c:43 + 2e:00:6d:ef:8f:65:4f:80:80: + + +Public Key PIN: + pin-sha256:4r2UflhSms9yYj4SMc7tE9lkFxXR/ziPw1bhZGfI/qw= +Public Key ID: + sha256:e2bd947e58529acf72623e1231ceed13d9641715d1ff388fc356e16467c8feac + sha1:a50a1e4b7fa05e6874318847b907d6636db08a38 + +-----BEGIN PRIVATE KEY----- +MEcCAQAwBQYDK2VxBDsEObGcc6NUoDMFsbCtbx/ArRTb1FW76/rUM4zlvGgD0col +GXUPlE/j/TpitXcj17DWdZKcmIYqCMWybg== +-----END PRIVATE KEY----- diff --git a/BouncyCastle/crypto/test/data/tls/x509-client-key-rsa.pem b/BouncyCastle/crypto/test/data/tls/x509-client-key-rsa.pem new file mode 100644 index 0000000..d2d19bf --- /dev/null +++ b/BouncyCastle/crypto/test/data/tls/x509-client-key-rsa.pem @@ -0,0 +1,28 @@ +-----BEGIN PRIVATE KEY----- +MIIEvAIBADANBgkqhkiG9w0BAQEFAASCBKYwggSiAgEAAoIBAQDP8Yo5l5ez1W2c +EgROodwNqRLL+ALvOorSEuKm+xiTbzmdqcMdtvwDhq/yb7GBhpzrFcUOt5hPcQc9 +pYz7Khg4UHiw+wqbV2QHMGGupNs+kvdUndBgjToD7hYlyhV7fUovNrjQeNq+5Bxt +OHsZmO7ilHTKdSMVG2eO5XgZk+1uSOuZStmnMZM0Sum3TxK5zRs2beLf5OhNDqMH ++hJVH9FL4bF9LaxQfTvMrwnIqgEKBlMO29cs1gPW1otQEFD4MefHhjK0YEF3xZ7r +hnnx6lPv5wFQLeaRx1NBqgdPY3L9ZSUkKQzLQgWubbKK1b8vDookicdebSMjTrVX +HPcv6B93AgMBAAECggEAQZZe0cGFwNwdoW9xWlflL43Xduw4CLq/VHlOcfqbCs23 +L4p/F11C6d3Omzotk7wgvGl2aSjxaoUtEn2oFQR29TQ0jSXxd4O98iKJfOtUl80F +I/RO6FVDKkArTioKUpP3FSM+ccrcu/75FF4PPcil+GN43u7JbPvi0wh/tBmbdwAJ +aK2wskjaJAbQz8lnIEVZkz3uYLc32BD2FoCC+HyIPAYFbryus1m+TsXWVk3rDKst +85x4jadS7g3a1OvsDXqj8lHlom9dlxcMqTtSaJr1XJgMwztnc0FVuMOqs0MZpa2U +Mu/0EJQYLW98a1bDkXbLtbXjx2gWpO64gZqQn6aYAQKBgQDfgA2xVv7nmVuOkojJ +rJTS4muPG1BhXY7/MD13eopmjPk8rpVZt97RHfMHp3CCzuQVy9g398kBvCBtO9Ba +3/ab9ZrNMN3Rwm7vwUa4TBOvN17bRSeIPUenJJ42SDM2fmN4m8c91iiSyb9AVPmk +zSksQYtZr/8m9mQ0VOguzOxcAQKBgQDuLmDFSYDl4DO4cOZANpDYk1MkCtrW37xM +IUS6vnPFkRg3t57Og9tddj81VoMNeakGRvWmcDA1yuVdo52pqjlSXzQuSYAh7ZTC +KMzesLt1uilXQW2MNNvmZMjltgkHMiuY1cIvQLFC0o4AI5DLR5+5/w/lm/Qe9pfU +++B3XVVbdwKBgF5Yfu86ixYW/bg8kTOY/6XZ4I+jdxXy2ZdNtNTHzL6nidqc0/zw +ikV6QAoeG3eMgGnXB+nwVlC+Km4SDs0dt8t0LSmrFCgkzJG24/SOYMzZMdib46k2 +PRYIdiTx63R4e+MA12V6DtyP/4TXmh6AYH4HGRz+F1ZKMliI8w42gRwBAoGAN9sG +dJ21LbNzTZikVoC1XSTHhZdKFMPpO409ufF54uYQ4Ngd1N5VLkjRr+d22k0il0dC +ymJa2/KV8WyyR5yUzr1m1kgEVXCKxzGcQcj+XTBoC39belrXCuOtvTkASwC3+qJ+ +ZGhuaXZJOL0ecp18Vrj6+GSnTi+UEa1zyWpI3ycCgYAxJgHa3CGaGqbdzgkRTnWd +FMptvqaNd4POyy/TJ1Jf0ydZwgRpRMZTv8hJKZHh4lUkSOF6bE0qDhrxzUjpI9GT +SGYYX27pfVThoM421S7bvgVmneeLSz1S50Hg0jawHA2ixjne/7kQcMjQzYjjMfDy +FgVOrBIQnpUddGEpu1z5pw== +-----END PRIVATE KEY----- diff --git a/BouncyCastle/crypto/test/data/tls/x509-client-key-rsa_pss_256.pem b/BouncyCastle/crypto/test/data/tls/x509-client-key-rsa_pss_256.pem new file mode 100644 index 0000000..86f66f7 --- /dev/null +++ b/BouncyCastle/crypto/test/data/tls/x509-client-key-rsa_pss_256.pem @@ -0,0 +1,138 @@ +Public Key Info: + Public Key Algorithm: RSA-PSS + Hash Algorithm: SHA256 + Salt Length: 32 + Key Security Level: Medium (2048 bits) + +modulus: + 00:d7:7a:3a:01:8b:5e:59:0f:10:7d:95:5c:ce:c6:ea + c8:29:2e:75:6e:fe:6c:f9:83:d5:3e:72:6c:fc:56:95 + 43:d4:62:34:df:05:7c:b3:b3:a6:4a:37:ca:b6:e0:23 + 44:19:fc:2c:ea:cf:fc:f9:26:1a:ac:5a:8d:83:f8:4f + d9:0b:ae:fc:e9:9d:75:37:2d:a4:93:02:5d:69:10:df + b7:7a:4c:b6:05:64:73:46:45:b2:fe:a4:b3:33:9e:68 + 6b:14:35:8e:ee:df:bb:e0:77:23:76:b8:6e:fd:fc:f2 + dd:02:59:5e:dc:a1:b3:5d:93:c6:2c:e2:4a:85:21:7f + ca:59:36:e8:77:dd:fe:cd:fe:f6:b0:96:fe:14:6a:5c + 68:4c:cf:bc:fd:fe:ec:e3:2f:51:10:cf:46:db:1d:3a + 3d:cd:87:ec:67:4a:7d:20:5e:79:6c:ea:d3:24:d3:82 + 05:bc:d9:79:e5:cd:df:6a:bb:62:9b:20:b3:35:34:61 + ae:69:a9:ab:b9:b6:27:ac:7b:33:f5:be:df:9a:b4:12 + 68:06:55:79:b3:ba:52:f0:91:90:69:b1:f1:5a:11:e3 + 8b:de:dd:f1:99:ca:5a:ad:87:ba:65:52:27:a6:07:12 + 60:10:24:93:4b:df:12:db:49:0f:fc:21:ff:9f:e6:92 + 75: + +public exponent: + 01:00:01: + +private exponent: + 3f:9d:f9:84:3d:36:84:ca:ba:ce:a9:0b:76:8d:2a:02 + 20:8e:73:e3:6a:40:98:46:40:ee:27:f0:5f:6b:dc:b3 + e2:ff:7f:a6:9c:c3:1d:77:1b:d0:6b:ba:70:d5:a9:f3 + d0:4c:30:a2:be:f7:6c:43:c0:ba:44:1d:e5:e9:a9:01 + 66:be:aa:32:fa:e7:01:7c:7b:4b:5f:f6:5e:2f:ba:2d + 3c:71:6b:88:1a:09:22:a5:2f:5c:99:19:c3:52:b0:77 + 74:c6:ff:45:2d:4f:15:cd:76:ed:f5:33:e7:cf:07:91 + 12:c1:7a:0d:5f:bc:4a:13:77:fe:06:6d:83:f2:c8:fc + 55:3b:f2:3f:9d:48:4b:b5:1b:22:ad:a5:7f:c6:29:b0 + 05:b8:e2:82:5c:b9:66:48:8e:05:d1:5a:ea:3d:63:c7 + 94:81:0e:c3:0a:33:d2:a8:a5:2f:a2:83:26:59:19:1b + 89:bc:8d:02:e1:c7:0c:53:64:6b:a2:d1:8b:ef:70:d6 + d5:94:bb:df:5b:49:4b:a5:cf:d4:df:0c:0c:ac:ed:8a + 39:61:b8:15:cb:64:b6:02:6f:21:e2:46:d6:c9:d1:d8 + 62:ca:1b:f6:3f:3b:74:c0:5a:ca:cb:a5:c5:aa:80:89 + e2:66:a8:7a:57:61:5e:5d:e3:0c:b2:4f:48:01:18:21 + + +prime1: + 00:e8:cf:45:ff:39:35:03:62:2f:2a:63:b6:14:95:22 + e7:30:6f:a1:d3:65:f1:8c:0e:13:a3:67:a2:1a:86:24 + 70:1c:97:64:15:9b:12:1b:59:66:de:05:42:6e:fe:ee + 77:a0:bd:1e:8c:5b:de:45:c7:4b:05:ff:ce:39:45:ee + 96:15:4b:96:df:b3:20:62:0c:90:bd:f8:1d:0a:ac:83 + 47:34:cb:63:0e:cf:1a:b9:20:62:59:1c:7b:a2:52:b0 + 4d:d7:c3:d5:90:32:9a:a5:3f:26:d6:66:f9:45:16:7d + a4:4f:2e:4d:87:4c:d3:8b:b4:00:5e:d8:5b:29:cc:a3 + 3d: + +prime2: + 00:ec:f0:f9:c9:43:a9:c5:fd:56:bc:57:d2:6d:18:9d + 90:bb:17:74:19:80:1f:e2:21:b9:b6:13:6b:b5:02:62 + b3:51:97:4d:29:dc:85:ee:bf:15:98:f8:21:78:00:0f + 3d:78:94:23:27:2f:52:a8:35:82:02:73:44:21:07:c6 + ab:61:fc:d1:1f:67:8f:43:5a:33:fd:ee:fe:d8:5c:a1 + 1e:b0:7d:6f:0b:6f:d6:47:25:1d:71:5f:b8:77:2f:8f + 4c:6a:0f:8e:03:ce:f3:cd:dc:02:fc:21:c6:ce:10:07 + 0d:ee:1f:d1:82:94:21:41:10:9a:76:62:80:cc:f1:3f + 99: + +coefficient: + 4b:89:17:37:c2:77:4d:99:ec:95:4d:d7:7f:c7:0b:8a + fc:67:ee:59:0d:66:7d:5c:33:36:6d:90:00:6e:3b:d4 + 79:9e:94:05:61:e6:e5:8d:f9:70:3d:7b:4d:be:7d:7f + 0f:ef:e8:e3:93:1e:42:da:d1:9f:12:6b:51:d9:7c:ef + 5b:c6:f1:e9:ab:9f:87:6f:d6:eb:29:4d:51:2b:f9:0d + b7:e5:96:fb:c9:4a:21:a4:b0:4a:af:b3:2b:3c:41:45 + 19:d5:3d:cb:fe:15:4a:f7:a4:52:e6:d6:0c:c9:cc:5b + 62:fd:b0:1d:ed:98:13:0f:9a:27:92:5e:a8:6b:bc:b8 + + +exp1: + 00:8a:f6:c6:32:5d:24:5e:bb:a9:a9:a4:d1:17:a2:19 + ae:64:04:0e:55:50:21:89:57:11:b3:d4:f5:36:dd:e1 + 3c:26:64:db:71:e6:19:3d:c7:f4:96:0c:0f:a6:8f:77 + 2a:63:00:e0:0e:29:fc:18:2c:a8:84:91:37:b8:8a:1c + aa:eb:55:2e:5e:a2:de:6e:88:4f:91:85:5b:58:76:b6 + f9:b6:f2:bc:53:27:9e:2c:e8:be:ab:b0:4b:c0:0d:99 + 7d:2d:90:90:96:bd:0e:00:1b:1d:04:97:7c:ad:17:8a + b1:9c:2d:e8:4b:1d:b9:9c:47:3a:7d:62:a9:af:de:9d + 85: + +exp2: + 6c:52:0a:4f:b9:b0:3e:c4:7f:c7:a0:fa:a1:47:74:99 + 3a:ff:10:e3:ab:90:67:e7:f5:27:c9:1f:1f:64:54:cd + 17:ca:ec:ca:eb:77:0b:5b:ae:3a:fd:8d:07:78:37:7f + 69:c5:87:80:9d:80:d3:47:8b:05:25:bf:0a:be:ac:53 + a3:7b:59:fb:5a:73:c3:5d:d4:91:0d:96:d2:41:1e:a3 + 92:19:f6:0f:2b:74:b1:97:c5:2b:14:90:97:64:55:c5 + a0:63:36:10:85:a7:2e:00:9c:18:ba:34:51:f6:3f:d3 + 5d:7e:8c:60:7e:e9:e8:fd:f7:2f:91:fe:c2:32:b4:59 + + + +Public Key PIN: + pin-sha256:V1OZkBgmgMWlbg+RZ0Dx3sw/b4WHbrN4NHttN6QbsGM= +Public Key ID: + sha256:57539990182680c5a56e0f916740f1decc3f6f85876eb378347b6d37a41bb063 + sha1:028b616b894849cbca9103fcf919fdda20ca101e + +-----BEGIN PRIVATE KEY----- +MIIE7QIBADA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAaEaMBgGCSqGSIb3 +DQEBCDALBglghkgBZQMEAgGiAwIBIASCBKcwggSjAgEAAoIBAQDXejoBi15ZDxB9 +lVzOxurIKS51bv5s+YPVPnJs/FaVQ9RiNN8FfLOzpko3yrbgI0QZ/Czqz/z5Jhqs +Wo2D+E/ZC6786Z11Ny2kkwJdaRDft3pMtgVkc0ZFsv6kszOeaGsUNY7u37vgdyN2 +uG79/PLdAlle3KGzXZPGLOJKhSF/ylk26Hfd/s3+9rCW/hRqXGhMz7z9/uzjL1EQ +z0bbHTo9zYfsZ0p9IF55bOrTJNOCBbzZeeXN32q7YpsgszU0Ya5pqau5tiesezP1 +vt+atBJoBlV5s7pS8JGQabHxWhHji97d8ZnKWq2HumVSJ6YHEmAQJJNL3xLbSQ/8 +If+f5pJ1AgMBAAECggEAP535hD02hMq6zqkLdo0qAiCOc+NqQJhGQO4n8F9r3LPi +/3+mnMMddxvQa7pw1anz0Ewwor73bEPAukQd5empAWa+qjL65wF8e0tf9l4vui08 +cWuIGgkipS9cmRnDUrB3dMb/RS1PFc127fUz588HkRLBeg1fvEoTd/4GbYPyyPxV +O/I/nUhLtRsiraV/ximwBbjigly5ZkiOBdFa6j1jx5SBDsMKM9KopS+igyZZGRuJ +vI0C4ccMU2RrotGL73DW1ZS731tJS6XP1N8MDKztijlhuBXLZLYCbyHiRtbJ0dhi +yhv2Pzt0wFrKy6XFqoCJ4maoeldhXl3jDLJPSAEYIQKBgQDoz0X/OTUDYi8qY7YU +lSLnMG+h02XxjA4To2eiGoYkcByXZBWbEhtZZt4FQm7+7negvR6MW95Fx0sF/845 +Re6WFUuW37MgYgyQvfgdCqyDRzTLYw7PGrkgYlkce6JSsE3Xw9WQMpqlPybWZvlF +Fn2kTy5Nh0zTi7QAXthbKcyjPQKBgQDs8PnJQ6nF/Va8V9JtGJ2Quxd0GYAf4iG5 +thNrtQJis1GXTSnche6/FZj4IXgADz14lCMnL1KoNYICc0QhB8arYfzRH2ePQ1oz +/e7+2FyhHrB9bwtv1kclHXFfuHcvj0xqD44DzvPN3AL8IcbOEAcN7h/RgpQhQRCa +dmKAzPE/mQKBgQCK9sYyXSReu6mppNEXohmuZAQOVVAhiVcRs9T1Nt3hPCZk23Hm +GT3H9JYMD6aPdypjAOAOKfwYLKiEkTe4ihyq61UuXqLebohPkYVbWHa2+bbyvFMn +nizovquwS8ANmX0tkJCWvQ4AGx0El3ytF4qxnC3oSx25nEc6fWKpr96dhQKBgGxS +Ck+5sD7Ef8eg+qFHdJk6/xDjq5Bn5/UnyR8fZFTNF8rsyut3C1uuOv2NB3g3f2nF +h4CdgNNHiwUlvwq+rFOje1n7WnPDXdSRDZbSQR6jkhn2Dyt0sZfFKxSQl2RVxaBj +NhCFpy4AnBi6NFH2P9Ndfoxgfuno/fcvkf7CMrRZAoGAS4kXN8J3TZnslU3Xf8cL +ivxn7lkNZn1cMzZtkABuO9R5npQFYebljflwPXtNvn1/D+/o45MeQtrRnxJrUdl8 +71vG8emrn4dv1uspTVEr+Q235Zb7yUohpLBKr7MrPEFFGdU9y/4VSvekUubWDMnM +W2L9sB3tmBMPmieSXqhrvLg= +-----END PRIVATE KEY----- diff --git a/BouncyCastle/crypto/test/data/tls/x509-client-key-rsa_pss_384.pem b/BouncyCastle/crypto/test/data/tls/x509-client-key-rsa_pss_384.pem new file mode 100644 index 0000000..5cdedc5 --- /dev/null +++ b/BouncyCastle/crypto/test/data/tls/x509-client-key-rsa_pss_384.pem @@ -0,0 +1,138 @@ +Public Key Info: + Public Key Algorithm: RSA-PSS + Hash Algorithm: SHA384 + Salt Length: 48 + Key Security Level: Medium (2048 bits) + +modulus: + 00:dd:07:da:a8:65:55:09:ee:be:0b:c6:9d:95:05:28 + f6:d6:0b:d6:dd:31:7f:e9:b4:3c:53:0b:2d:ef:f1:bf + 92:13:14:9f:09:11:08:a1:d4:49:ff:8a:51:5e:45:62 + e0:63:7e:9d:18:68:bd:93:fe:42:a5:46:de:5b:06:d6 + 90:28:98:10:fd:ef:5d:0b:f9:a4:7c:f9:ce:68:2a:6c + 5d:78:5a:11:a7:d3:77:3a:49:c9:01:73:80:40:50:56 + df:1e:e6:21:d7:7b:9b:14:0b:00:fc:09:f7:97:9a:39 + 50:6d:ea:e9:c1:b1:47:ca:1a:c5:49:79:8e:42:2a:74 + e9:51:81:14:07:f2:51:59:72:b1:de:5a:09:72:de:77 + 90:62:e0:f7:96:64:07:7f:6d:83:c0:ed:82:6f:61:20 + 65:2a:09:ef:bd:8a:66:74:4c:2a:60:63:b9:91:6f:f7 + 55:aa:bd:d4:a0:a1:d5:a2:2f:20:8f:f8:19:45:60:93 + ba:19:2d:b4:eb:cf:8c:ea:1d:3b:2e:1f:99:82:66:79 + cb:c8:1b:1c:b2:a9:1d:bd:67:a0:39:e4:a2:59:14:67 + 69:0e:62:45:53:e2:8b:63:9f:38:cf:c0:dd:d1:c6:76 + b8:a2:87:78:08:31:38:28:e9:cc:25:98:69:fa:20:c8 + f1: + +public exponent: + 01:00:01: + +private exponent: + 54:12:88:b9:44:d1:f3:d5:3b:b4:7e:f7:b1:97:24:dd + be:cd:02:0d:60:a6:a6:de:47:93:ce:cc:ca:57:c9:e6 + 66:1b:91:e2:80:f8:27:95:f8:0f:9b:2d:18:0e:8c:6d + 8d:6a:bb:96:6d:40:ae:ea:27:af:76:25:5d:ba:5c:22 + b9:4e:1e:28:78:c3:8b:aa:89:46:80:3e:62:a0:c0:57 + 4d:4f:f5:27:40:e8:38:e3:97:f1:55:5d:93:18:fb:f2 + 22:6e:a6:b0:af:f3:6c:cc:42:b3:9b:96:f1:b3:57:d9 + 9f:f5:9a:b4:72:1a:3c:65:b2:65:20:37:5c:33:8a:03 + ff:ee:a7:73:42:38:40:0f:3e:af:73:c0:38:b0:21:c0 + 24:30:04:85:d5:01:0e:4e:4b:98:db:19:fb:88:39:de + c1:b0:ca:94:1a:f6:be:8d:c3:bb:b7:10:34:6f:53:c3 + 77:b8:ed:f2:b1:66:8f:f6:6e:a8:b4:d2:70:51:8c:b2 + 27:59:5e:01:9e:7e:b2:4d:a4:2a:7a:09:2f:cb:e7:f7 + d8:dd:a1:f7:97:61:cb:17:2c:5f:02:19:84:1c:54:c8 + 31:e3:50:b0:26:26:4f:7a:d9:c0:fe:4e:7b:b6:7d:b5 + bb:86:d9:67:10:47:7d:62:7b:e4:b4:9a:5e:c9:aa:01 + + +prime1: + 00:dd:5c:98:01:6c:e3:b1:f0:37:8b:d1:37:78:77:9b + 1a:f2:26:c2:b5:8a:58:9b:f0:f2:bb:cc:66:23:ea:8a + 9c:50:62:e6:d6:ea:11:ba:f3:ee:84:fd:9d:45:3e:ca + 55:65:11:46:46:1e:03:58:23:54:44:03:d9:85:50:43 + ac:97:27:bf:e1:5e:a9:17:a9:43:cf:e4:6e:d3:09:0c + 6c:11:74:8c:7d:dd:ed:be:96:bb:5b:d3:b9:c1:83:b3 + a3:70:52:d4:74:1c:d5:78:31:73:2b:1b:c0:dc:28:f8 + 51:55:4a:cf:16:b3:03:b1:58:d2:b7:df:bc:cb:6f:5f + bd: + +prime2: + 00:ff:9e:00:1d:18:dd:09:08:e6:20:10:b5:ea:c9:d5 + b8:17:2c:ce:c7:9c:d1:08:22:95:e0:41:1f:59:3e:2b + 91:07:80:21:7f:61:73:ae:74:24:c1:7d:a6:33:e0:e8 + 20:07:ed:e4:fd:d9:55:65:ae:7b:76:a3:c9:10:35:26 + 47:78:0b:d1:45:a1:31:dc:d7:a3:52:17:24:ff:55:4b + d0:c0:9e:12:73:f5:51:d1:89:ab:75:6a:0b:08:b7:8d + 9a:d3:d6:3b:c3:ee:e3:0c:47:8e:7a:01:4c:57:d2:cc + 7d:b7:bf:3d:02:cf:8e:0a:b0:43:4b:b4:15:d0:aa:17 + 45: + +coefficient: + 00:d2:c8:fc:3a:8c:28:d3:15:6f:0b:7b:51:7f:a9:8b + 3c:f5:ed:f5:6b:d1:d7:e4:e9:c8:46:16:80:1c:f8:78 + fc:10:bf:55:13:67:5a:a2:e6:2b:51:86:ca:d1:53:20 + 1e:e4:f8:82:ca:cd:4a:56:ba:bc:7a:dc:16:ba:16:43 + ca:66:21:f2:73:1b:ca:de:60:95:d1:b8:7b:ad:e1:1d + d5:48:2f:87:83:40:00:a4:ea:ac:2e:4b:a6:c8:b1:4a + 90:16:aa:e5:9c:91:a9:ee:57:ec:5d:13:b6:6d:bc:a6 + ef:b9:1b:b5:7c:44:21:24:06:c7:08:97:16:57:22:5f + d3: + +exp1: + 35:1f:b3:9b:23:f6:c1:0d:55:47:48:be:77:3a:bd:0e + 8a:6e:a2:eb:ce:77:d5:74:cd:cc:24:11:9f:2c:fa:76 + e9:13:d3:32:60:9a:40:b3:a9:da:60:c3:0d:8b:34:23 + aa:4d:aa:ff:c8:d4:24:a2:d5:e6:3c:c6:47:28:2c:15 + 8f:71:0a:ab:9b:7c:19:21:96:14:9e:4d:ba:77:c1:73 + 6d:fc:fa:7a:7a:78:43:f5:08:a1:d0:fe:13:62:f8:09 + 91:3b:4f:a1:4e:0a:2c:fe:31:15:77:63:a1:72:73:a5 + 91:42:92:d0:6f:c5:c3:19:fd:f8:02:c9:dc:48:ae:41 + + +exp2: + 00:b4:33:35:8f:4d:ac:dd:26:a9:dc:a7:0b:28:06:bb + a4:b8:a9:bc:e8:59:b3:be:d1:6a:e9:19:df:b8:b1:2c + 53:64:7f:3e:9e:27:1c:3f:3a:df:82:8c:4a:b3:bd:f4 + c6:47:f0:bc:82:fc:48:c8:92:f5:b4:d0:87:f8:e6:0f + 23:49:0c:c3:ae:1b:92:24:46:dc:7b:0d:97:e6:6c:c2 + 32:da:e7:54:c8:ec:83:8e:7d:48:23:50:eb:90:6c:9d + e6:2d:3a:95:0d:6e:86:1f:6c:fe:93:22:01:28:d4:91 + 96:7b:07:d5:41:fb:01:fe:a4:fd:fc:0b:6b:69:9b:cf + 25: + + +Public Key PIN: + pin-sha256:KV163ICyMOUr6z/cxe1yQ1x2GIwCrmZAG9iOyW244lg= +Public Key ID: + sha256:295d7adc80b230e52beb3fdcc5ed72435c76188c02ae66401bd88ec96db8e258 + sha1:0c3cb2bad4f2115a013b50d9cb9f7ddf183e6012 + +-----BEGIN PRIVATE KEY----- +MIIE7gIBADA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAqEaMBgGCSqGSIb3 +DQEBCDALBglghkgBZQMEAgKiAwIBMASCBKgwggSkAgEAAoIBAQDdB9qoZVUJ7r4L +xp2VBSj21gvW3TF/6bQ8Uwst7/G/khMUnwkRCKHUSf+KUV5FYuBjfp0YaL2T/kKl +Rt5bBtaQKJgQ/e9dC/mkfPnOaCpsXXhaEafTdzpJyQFzgEBQVt8e5iHXe5sUCwD8 +CfeXmjlQberpwbFHyhrFSXmOQip06VGBFAfyUVlysd5aCXLed5Bi4PeWZAd/bYPA +7YJvYSBlKgnvvYpmdEwqYGO5kW/3Vaq91KCh1aIvII/4GUVgk7oZLbTrz4zqHTsu +H5mCZnnLyBscsqkdvWegOeSiWRRnaQ5iRVPii2OfOM/A3dHGdriih3gIMTgo6cwl +mGn6IMjxAgMBAAECggEAVBKIuUTR89U7tH73sZck3b7NAg1gpqbeR5POzMpXyeZm +G5HigPgnlfgPmy0YDoxtjWq7lm1Aruonr3YlXbpcIrlOHih4w4uqiUaAPmKgwFdN +T/UnQOg445fxVV2TGPvyIm6msK/zbMxCs5uW8bNX2Z/1mrRyGjxlsmUgN1wzigP/ +7qdzQjhADz6vc8A4sCHAJDAEhdUBDk5LmNsZ+4g53sGwypQa9r6Nw7u3EDRvU8N3 +uO3ysWaP9m6otNJwUYyyJ1leAZ5+sk2kKnoJL8vn99jdofeXYcsXLF8CGYQcVMgx +41CwJiZPetnA/k57tn21u4bZZxBHfWJ75LSaXsmqAQKBgQDdXJgBbOOx8DeL0Td4 +d5sa8ibCtYpYm/Dyu8xmI+qKnFBi5tbqEbrz7oT9nUU+ylVlEUZGHgNYI1REA9mF +UEOslye/4V6pF6lDz+Ru0wkMbBF0jH3d7b6Wu1vTucGDs6NwUtR0HNV4MXMrG8Dc +KPhRVUrPFrMDsVjSt9+8y29fvQKBgQD/ngAdGN0JCOYgELXqydW4FyzOx5zRCCKV +4EEfWT4rkQeAIX9hc650JMF9pjPg6CAH7eT92VVlrnt2o8kQNSZHeAvRRaEx3Nej +Uhck/1VL0MCeEnP1UdGJq3VqCwi3jZrT1jvD7uMMR456AUxX0sx9t789As+OCrBD +S7QV0KoXRQKBgDUfs5sj9sENVUdIvnc6vQ6KbqLrznfVdM3MJBGfLPp26RPTMmCa +QLOp2mDDDYs0I6pNqv/I1CSi1eY8xkcoLBWPcQqrm3wZIZYUnk26d8Fzbfz6enp4 +Q/UIodD+E2L4CZE7T6FOCiz+MRV3Y6Fyc6WRQpLQb8XDGf34AsncSK5BAoGBALQz +NY9NrN0mqdynCygGu6S4qbzoWbO+0WrpGd+4sSxTZH8+niccPzrfgoxKs730xkfw +vIL8SMiS9bTQh/jmDyNJDMOuG5IkRtx7DZfmbMIy2udUyOyDjn1II1DrkGyd5i06 +lQ1uhh9s/pMiASjUkZZ7B9VB+wH+pP38C2tpm88lAoGBANLI/DqMKNMVbwt7UX+p +izz17fVr0dfk6chGFoAc+Hj8EL9VE2daouYrUYbK0VMgHuT4gsrNSla6vHrcFroW +Q8pmIfJzG8reYJXRuHut4R3VSC+Hg0AApOqsLkumyLFKkBaq5ZyRqe5X7F0Ttm28 +pu+5G7V8RCEkBscIlxZXIl/T +-----END PRIVATE KEY----- diff --git a/BouncyCastle/crypto/test/data/tls/x509-client-key-rsa_pss_512.pem b/BouncyCastle/crypto/test/data/tls/x509-client-key-rsa_pss_512.pem new file mode 100644 index 0000000..82ab5d9 --- /dev/null +++ b/BouncyCastle/crypto/test/data/tls/x509-client-key-rsa_pss_512.pem @@ -0,0 +1,138 @@ +Public Key Info: + Public Key Algorithm: RSA-PSS + Hash Algorithm: SHA512 + Salt Length: 64 + Key Security Level: Medium (2048 bits) + +modulus: + 00:d4:ed:b5:a7:85:5a:ba:9c:02:b8:fc:02:46:1e:e3 + 6c:54:34:72:3c:fc:56:eb:0b:ad:9d:95:83:a3:09:15 + 9d:f1:e7:1a:93:21:3e:b5:b3:64:7f:98:83:97:a2:b7 + ca:02:c4:48:a2:55:3f:29:b8:b1:87:61:6d:72:5f:7a + 9f:20:69:f4:82:2c:7e:48:0d:d6:57:40:92:2c:13:9f + e5:44:75:d4:ad:41:f6:c9:f4:74:c4:31:14:dd:44:8c + ec:25:5b:4f:07:51:bc:4e:21:bd:47:c9:e8:56:b2:1e + f1:5d:e0:56:36:c8:18:18:86:71:41:bb:c2:3c:06:ca + e4:71:f2:cd:ec:9f:09:a0:05:6e:b4:d9:32:65:53:9b + 5a:7a:b9:a2:30:7a:cd:06:a6:47:3f:f4:05:9e:87:b7 + 2f:b2:e0:fc:63:c5:ec:2c:19:ed:32:ad:ee:71:9c:37 + d1:34:f3:aa:1a:ba:ed:cf:40:28:82:43:11:54:83:74 + 42:db:70:f7:58:12:c5:11:af:1a:05:26:24:ef:81:8a + 26:ee:2c:f3:8a:c4:2c:0c:47:cc:76:2b:7a:ce:e0:bb + 80:d2:d0:5e:c8:8f:1d:03:c5:4c:47:1b:7b:90:c4:d3 + 0b:9f:8b:6e:29:bd:ab:25:cd:aa:1e:ad:72:19:02:c0 + 11: + +public exponent: + 01:00:01: + +private exponent: + 01:23:1b:db:3f:2d:12:de:0e:6d:aa:7a:e0:a0:fd:99 + f0:81:2f:33:00:2d:fe:a7:5b:50:02:22:67:d6:7e:95 + 0f:5b:aa:9a:aa:8c:c9:2f:a2:13:c4:5e:bf:8a:90:ec + b5:43:13:18:3a:d8:51:82:b8:ff:fe:17:35:8b:28:fe + 7c:8f:d4:4c:75:ac:5e:fa:23:f0:e7:59:60:7e:e2:55 + b9:1d:df:fa:e4:e5:4a:82:d1:b4:d2:86:48:00:3b:b8 + 6f:22:a3:b3:68:4e:57:24:7a:fc:4d:29:be:7c:c9:09 + 84:f4:d3:c1:0b:24:85:cd:02:01:d5:dc:dd:b1:33:98 + 2e:3c:e5:7c:69:e2:e7:e4:02:83:b5:e8:d0:05:c5:cd + 5b:8e:72:f7:ee:b2:d4:11:15:85:b3:b3:4f:ac:cf:77 + 81:73:68:a9:70:fc:b3:94:24:f9:77:f5:38:4f:af:ab + cb:4e:7f:c2:79:76:87:f9:0f:a3:3b:5c:95:61:64:11 + 3a:40:98:28:51:86:48:11:41:30:e2:1a:94:94:06:d0 + 0a:15:de:19:13:9f:f3:06:b8:03:68:8f:87:b2:3a:4f + f3:75:bc:f7:5a:e4:1e:b4:49:29:09:da:57:e4:43:ea + 96:bd:74:e3:f3:38:5a:bd:b3:da:cc:09:99:f6:09:19 + + +prime1: + 00:f0:d9:0a:ee:11:50:da:c9:01:1f:5c:3d:c8:82:3b + 1c:0c:27:17:80:69:fa:d1:9d:ca:d2:7f:12:90:e9:a8 + e5:36:f0:b7:8f:8e:90:f0:0a:78:53:0f:93:51:f0:f4 + 72:a3:1a:de:ea:0f:5e:8f:84:c3:57:39:38:93:73:cf + 94:6e:1a:56:ef:36:d9:22:39:75:76:5b:4e:f6:54:e7 + 02:32:9f:54:5f:1b:02:37:50:f0:49:1b:e0:e6:d1:bd + b8:07:9b:7f:15:fd:ea:53:08:59:e8:17:66:d5:10:e4 + a2:f1:3e:c3:c8:7e:68:a2:a1:5f:04:f1:7b:a6:c5:3c + 73: + +prime2: + 00:e2:53:03:dd:5d:f1:fc:27:a6:d7:01:b1:5e:f3:26 + 5d:9e:fc:f2:45:85:4b:10:86:97:a5:9d:2b:19:3b:35 + 8e:91:36:67:50:d0:da:16:de:c7:13:99:76:b8:9b:2f + 44:fc:6b:c3:29:ec:a7:11:38:05:de:3d:2e:85:1a:49 + 88:28:b6:e0:1b:8f:6a:0a:21:56:ec:ee:56:34:b5:20 + e6:a2:c0:b0:08:c1:48:13:60:e3:65:b1:4a:b9:6c:9b + a4:63:92:2f:5a:e6:6d:80:2a:c2:97:53:87:05:dd:08 + 1d:98:52:c9:88:a9:d3:5d:18:d7:2b:5e:0c:63:e0:94 + 6b: + +coefficient: + 00:8e:60:92:ac:a2:02:d9:67:c7:c5:70:13:d2:b6:2f + 5d:b2:a1:68:0e:46:db:33:f6:8a:a4:bd:06:07:db:5b + 39:62:14:e6:81:95:32:ca:89:b7:dd:87:60:bd:98:33 + 5d:a8:21:25:d9:64:fb:5f:52:a5:28:e8:05:e2:7b:5d + 43:ae:fd:d2:98:fe:20:9e:4e:65:96:11:c4:ae:91:a7 + 36:cb:3d:8d:fe:29:7c:91:bf:8b:45:17:f6:7c:29:41 + 1a:4b:87:85:c2:95:96:d5:8d:c7:5b:7a:29:6e:c3:6a + c6:6f:38:55:f7:9f:aa:27:c4:a7:18:8c:42:f1:b2:94 + 9d: + +exp1: + 7c:76:ed:9b:11:ff:c2:d0:d5:6f:ab:6f:92:4b:1a:d8 + e7:be:db:fa:54:ca:75:c1:21:ab:9e:57:ad:e3:d2:90 + 81:cf:ec:4c:97:d4:76:f8:32:2e:5a:82:3b:7a:56:19 + 58:08:ee:e1:ee:87:63:8b:ac:97:4a:ce:de:04:9f:65 + 89:70:bb:34:6c:17:d2:03:f7:9b:ee:9b:e3:d9:04:78 + b2:48:7c:85:99:a3:8f:8a:98:62:6f:b1:ce:16:de:00 + 58:8e:17:22:fa:51:3a:0f:ba:c6:a2:31:56:32:a0:b5 + 44:0e:b7:86:c9:2c:b1:be:cb:27:f6:d3:7b:df:b9:d9 + + +exp2: + 32:88:88:9f:5f:bf:8d:26:a9:58:ee:76:d5:15:83:66 + 79:fe:4e:75:f9:5a:16:59:86:f8:a2:8c:21:f9:17:6f + 3a:bb:23:fc:66:75:9b:8f:a8:71:96:dd:6c:40:b2:20 + 3c:20:2f:96:67:d1:b1:c5:89:81:e2:b5:45:60:e6:34 + 31:ab:0b:84:fb:d3:98:69:73:48:39:bb:23:cf:a1:85 + fd:a6:fa:67:2a:08:d6:d2:d6:53:39:6f:ce:d1:12:3b + 75:44:09:b0:c9:2c:7f:e6:8c:46:4f:8f:21:5f:05:d5 + dd:d1:f6:4f:be:63:84:30:ec:b2:31:30:a1:08:5e:fb + + + +Public Key PIN: + pin-sha256:xZynWKbgc/clJ1vmaUuUrDqVNLkKBsbEVke+Uj4T30M= +Public Key ID: + sha256:c59ca758a6e073f725275be6694b94ac3a9534b90a06c6c45647be523e13df43 + sha1:c19f5569864001b25aad7ff9de9d200574d2b257 + +-----BEGIN PRIVATE KEY----- +MIIE7QIBADA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCA6EaMBgGCSqGSIb3 +DQEBCDALBglghkgBZQMEAgOiAwIBQASCBKcwggSjAgEAAoIBAQDU7bWnhVq6nAK4 +/AJGHuNsVDRyPPxW6wutnZWDowkVnfHnGpMhPrWzZH+Yg5eit8oCxEiiVT8puLGH +YW1yX3qfIGn0gix+SA3WV0CSLBOf5UR11K1B9sn0dMQxFN1EjOwlW08HUbxOIb1H +yehWsh7xXeBWNsgYGIZxQbvCPAbK5HHyzeyfCaAFbrTZMmVTm1p6uaIwes0Gpkc/ +9AWeh7cvsuD8Y8XsLBntMq3ucZw30TTzqhq67c9AKIJDEVSDdELbcPdYEsURrxoF +JiTvgYom7izzisQsDEfMdit6zuC7gNLQXsiPHQPFTEcbe5DE0wufi24pvaslzaoe +rXIZAsARAgMBAAECggEAASMb2z8tEt4Obap64KD9mfCBLzMALf6nW1ACImfWfpUP +W6qaqozJL6ITxF6/ipDstUMTGDrYUYK4//4XNYso/nyP1Ex1rF76I/DnWWB+4lW5 +Hd/65OVKgtG00oZIADu4byKjs2hOVyR6/E0pvnzJCYT008ELJIXNAgHV3N2xM5gu +POV8aeLn5AKDtejQBcXNW45y9+6y1BEVhbOzT6zPd4FzaKlw/LOUJPl39ThPr6vL +Tn/CeXaH+Q+jO1yVYWQROkCYKFGGSBFBMOIalJQG0AoV3hkTn/MGuANoj4eyOk/z +dbz3WuQetEkpCdpX5EPqlr104/M4Wr2z2swJmfYJGQKBgQDw2QruEVDayQEfXD3I +gjscDCcXgGn60Z3K0n8SkOmo5Tbwt4+OkPAKeFMPk1Hw9HKjGt7qD16PhMNXOTiT +c8+UbhpW7zbZIjl1dltO9lTnAjKfVF8bAjdQ8Ekb4ObRvbgHm38V/epTCFnoF2bV +EOSi8T7DyH5ooqFfBPF7psU8cwKBgQDiUwPdXfH8J6bXAbFe8yZdnvzyRYVLEIaX +pZ0rGTs1jpE2Z1DQ2hbexxOZdribL0T8a8Mp7KcROAXePS6FGkmIKLbgG49qCiFW +7O5WNLUg5qLAsAjBSBNg42WxSrlsm6Rjki9a5m2AKsKXU4cF3QgdmFLJiKnTXRjX +K14MY+CUawKBgHx27ZsR/8LQ1W+rb5JLGtjnvtv6VMp1wSGrnlet49KQgc/sTJfU +dvgyLlqCO3pWGVgI7uHuh2OLrJdKzt4En2WJcLs0bBfSA/eb7pvj2QR4skh8hZmj +j4qYYm+xzhbeAFiOFyL6UToPusaiMVYyoLVEDreGySyxvssn9tN737nZAoGAMoiI +n1+/jSapWO521RWDZnn+TnX5WhZZhviijCH5F286uyP8ZnWbj6hxlt1sQLIgPCAv +lmfRscWJgeK1RWDmNDGrC4T705hpc0g5uyPPoYX9pvpnKgjW0tZTOW/O0RI7dUQJ +sMksf+aMRk+PIV8F1d3R9k++Y4Qw7LIxMKEIXvsCgYEAjmCSrKIC2WfHxXAT0rYv +XbKhaA5G2zP2iqS9BgfbWzliFOaBlTLKibfdh2C9mDNdqCEl2WT7X1KlKOgF4ntd +Q6790pj+IJ5OZZYRxK6RpzbLPY3+KXyRv4tFF/Z8KUEaS4eFwpWW1Y3HW3opbsNq +xm84VfefqifEpxiMQvGylJ0= +-----END PRIVATE KEY----- diff --git a/BouncyCastle/crypto/test/data/tls/x509-client-rsa.pem b/BouncyCastle/crypto/test/data/tls/x509-client-rsa.pem new file mode 100644 index 0000000..d494989 --- /dev/null +++ b/BouncyCastle/crypto/test/data/tls/x509-client-rsa.pem @@ -0,0 +1,20 @@ +-----BEGIN CERTIFICATE----- +MIIDQjCCAiqgAwIBAgIMWYGU8BDBJ3AgFnsvMA0GCSqGSIb3DQEBCwUAMCMxITAf +BgNVBAMTGEJvdW5jeUNhc3RsZSBUTFMgVGVzdCBDQTAeFw0xNzA4MDIwOTAxMzZa +Fw0zNzA3MjgwOTAxMzZaMCMxITAfBgNVBAMTGEJvdW5jeUNhc3RsZSBUZXN0IENs +aWVudDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAM/xijmXl7PVbZwS +BE6h3A2pEsv4Au86itIS4qb7GJNvOZ2pwx22/AOGr/JvsYGGnOsVxQ63mE9xBz2l +jPsqGDhQeLD7CptXZAcwYa6k2z6S91Sd0GCNOgPuFiXKFXt9Si82uNB42r7kHG04 +exmY7uKUdMp1IxUbZ47leBmT7W5I65lK2acxkzRK6bdPErnNGzZt4t/k6E0Oowf6 +ElUf0UvhsX0trFB9O8yvCciqAQoGUw7b1yzWA9bWi1AQUPgx58eGMrRgQXfFnuuG +efHqU+/nAVAt5pHHU0GqB09jcv1lJSQpDMtCBa5tsorVvy8OiiSJx15tIyNOtVcc +9y/oH3cCAwEAAaN2MHQwDAYDVR0TAQH/BAIwADATBgNVHSUEDDAKBggrBgEFBQcD +AjAPBgNVHQ8BAf8EBQMDB4AAMB0GA1UdDgQWBBSoiZsEL0tgug7IyLHTI1fA+tNH +OjAfBgNVHSMEGDAWgBQrQlWadXqqzBV+2iw7BZXrvFHaQjANBgkqhkiG9w0BAQsF +AAOCAQEAx3E9wM3ASFrxZ8Zw/036WHeJUjgOL+W9TM4Y4GZpQDkyMqKxs3pmyqcU +xuXWV+SmTCkOAvrH/kWhmgDxSs3eGrGBsRPEZcUolcedDWqPJpy0qZH6mv3Ge0+v +V+YOcd0qSVHaLpR1LQHrDnatASaVVRF4Ohk2IRSvjzYYJ158D3+erB79Txt4kqK2 +oDMp59uI2K4VwNiXeuWQgolaoKTEtPSrjuuKzetrwLN8ajii5rkiOKyuKlkZ2SyE +BYp/ye1hzmqXRHNrObbfMmggwimrShYWUSwHp0/gKMEhen+yqd9C2KEVj7dqm+oL +Jo+TGr6L77LBgZ5r7vfzj4tzL877mg== +-----END CERTIFICATE----- diff --git a/BouncyCastle/crypto/test/data/tls/x509-client-rsa_pss_256.pem b/BouncyCastle/crypto/test/data/tls/x509-client-rsa_pss_256.pem new file mode 100644 index 0000000..77ec973 --- /dev/null +++ b/BouncyCastle/crypto/test/data/tls/x509-client-rsa_pss_256.pem @@ -0,0 +1,23 @@ +-----BEGIN CERTIFICATE----- +MIID2jCCApKgAwIBAgIUej61CoI5BANd5v/ceHNxIOtR8d0wPQYJKoZIhvcNAQEK +MDCgDTALBglghkgBZQMEAgGhGjAYBgkqhkiG9w0BAQgwCwYJYIZIAWUDBAIBogMC +ASAwIzEhMB8GA1UEAxMYQm91bmN5Q2FzdGxlIFRMUyBUZXN0IENBMB4XDTE4MTAy +NDA2MDY0MloXDTM4MTAxOTA2MDY0MlowIzEhMB8GA1UEAxMYQm91bmN5Q2FzdGxl +IFRlc3QgQ2xpZW50MIIBUjA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAaEa +MBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgGiAwIBIAOCAQ8AMIIBCgKCAQEA13o6 +AYteWQ8QfZVczsbqyCkudW7+bPmD1T5ybPxWlUPUYjTfBXyzs6ZKN8q24CNEGfws +6s/8+SYarFqNg/hP2Quu/OmddTctpJMCXWkQ37d6TLYFZHNGRbL+pLMznmhrFDWO +7t+74Hcjdrhu/fzy3QJZXtyhs12TxiziSoUhf8pZNuh33f7N/vawlv4UalxoTM+8 +/f7s4y9REM9G2x06Pc2H7GdKfSBeeWzq0yTTggW82Xnlzd9qu2KbILM1NGGuaamr +ubYnrHsz9b7fmrQSaAZVebO6UvCRkGmx8VoR44ve3fGZylqth7plUiemBxJgECST +S98S20kP/CH/n+aSdQIDAQABo3YwdDAMBgNVHRMBAf8EAjAAMBMGA1UdJQQMMAoG +CCsGAQUFBwMCMA8GA1UdDwEB/wQFAwMHgAAwHQYDVR0OBBYEFAKLYWuJSEnLypED +/PkZ/dogyhAeMB8GA1UdIwQYMBaAFCEaiLbeA8ABgKrbcIiZpo8XzqpsMD0GCSqG +SIb3DQEBCjAwoA0wCwYJYIZIAWUDBAIBoRowGAYJKoZIhvcNAQEIMAsGCWCGSAFl +AwQCAaIDAgEgA4IBAQCFjsx2JQ+AtT2AD7harhhhuCH8ah9hTLz1n+ynkmq1lmYP +JCudOJfgWjMFlSv1ptzkvOst+Ig2BCCJrwX1akMX1cMsR/eoDUxxkqREU/irEYPj +ePvVk0+bd6C4+nCvs/J0bv5P/16z2NLmAq8BUidi4ULPyzVn/+nAAUpAVlYi/mHP +RQCy8UMj2ENACc4LIP1tek9cp+t5JMjsv2ogy+SPCXtq7VTMAFrckrALv9b1QLE6 +J06bp7+Q7GIkn0gTm+Z5AaddHH1ZDjqpYFcngx7wVuQCbZwTqnVJx5nQrKz+HQYt +87KWIhR2nbtygp2oZESXQg9huH395f/h+foYArPG +-----END CERTIFICATE----- diff --git a/BouncyCastle/crypto/test/data/tls/x509-client-rsa_pss_384.pem b/BouncyCastle/crypto/test/data/tls/x509-client-rsa_pss_384.pem new file mode 100644 index 0000000..dda273d --- /dev/null +++ b/BouncyCastle/crypto/test/data/tls/x509-client-rsa_pss_384.pem @@ -0,0 +1,23 @@ +-----BEGIN CERTIFICATE----- +MIID2jCCApKgAwIBAgIUbdDLDIxL8QBkB4RFPZ3TaeInTUcwPQYJKoZIhvcNAQEK +MDCgDTALBglghkgBZQMEAgKhGjAYBgkqhkiG9w0BAQgwCwYJYIZIAWUDBAICogMC +ATAwIzEhMB8GA1UEAxMYQm91bmN5Q2FzdGxlIFRMUyBUZXN0IENBMB4XDTE4MTAy +NDA2MDY0MloXDTM4MTAxOTA2MDY0MlowIzEhMB8GA1UEAxMYQm91bmN5Q2FzdGxl +IFRlc3QgQ2xpZW50MIIBUjA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAqEa +MBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgKiAwIBMAOCAQ8AMIIBCgKCAQEA3Qfa +qGVVCe6+C8adlQUo9tYL1t0xf+m0PFMLLe/xv5ITFJ8JEQih1En/ilFeRWLgY36d +GGi9k/5CpUbeWwbWkCiYEP3vXQv5pHz5zmgqbF14WhGn03c6SckBc4BAUFbfHuYh +13ubFAsA/An3l5o5UG3q6cGxR8oaxUl5jkIqdOlRgRQH8lFZcrHeWgly3neQYuD3 +lmQHf22DwO2Cb2EgZSoJ772KZnRMKmBjuZFv91WqvdSgodWiLyCP+BlFYJO6GS20 +68+M6h07Lh+ZgmZ5y8gbHLKpHb1noDnkolkUZ2kOYkVT4otjnzjPwN3Rxna4ood4 +CDE4KOnMJZhp+iDI8QIDAQABo3YwdDAMBgNVHRMBAf8EAjAAMBMGA1UdJQQMMAoG +CCsGAQUFBwMCMA8GA1UdDwEB/wQFAwMHgAAwHQYDVR0OBBYEFAw8srrU8hFaATtQ +2cuffd8YPmASMB8GA1UdIwQYMBaAFKnwXW9hoPAB6HSyWn7UEUMcKonnMD0GCSqG +SIb3DQEBCjAwoA0wCwYJYIZIAWUDBAICoRowGAYJKoZIhvcNAQEIMAsGCWCGSAFl +AwQCAqIDAgEwA4IBAQAHS+4AoR5A0sNaCrhuB8rfDfI+kcO0SqwT98d5QTJnsiqu +/2OHecJbN7nkYKh9K+8ccWVCWncWV1dFP1fVnCibFpAF+750wLhSpb/RVfm8Gd8F +CLuZNC6i9w7ssQzus7SpBx2viY615zxRJ6kdhGhPSxc98tPAHkdkdWGWq0R8Q3u9 +hP/mj/oAxskhvF/Lofwk5uyYSNIcZ9w3YPmb70OUWDH1yreF7s0J3hOPZZiC7ZA4 +Nao6UPpwKk1IdZix63xHFwCN21AtQIHoL/aRcVSlHlol5VOgaWbetb1BTBqEoKux +s4hJIMFIslA++GDX/qj7JrYr+FJTOqFF2B+Rm7wO +-----END CERTIFICATE----- diff --git a/BouncyCastle/crypto/test/data/tls/x509-client-rsa_pss_512.pem b/BouncyCastle/crypto/test/data/tls/x509-client-rsa_pss_512.pem new file mode 100644 index 0000000..2bc13ae --- /dev/null +++ b/BouncyCastle/crypto/test/data/tls/x509-client-rsa_pss_512.pem @@ -0,0 +1,23 @@ +-----BEGIN CERTIFICATE----- +MIID2jCCApKgAwIBAgIUWlbiagMGpRhGjEwawdwRz964ObEwPQYJKoZIhvcNAQEK +MDCgDTALBglghkgBZQMEAgOhGjAYBgkqhkiG9w0BAQgwCwYJYIZIAWUDBAIDogMC +AUAwIzEhMB8GA1UEAxMYQm91bmN5Q2FzdGxlIFRMUyBUZXN0IENBMB4XDTE4MTAy +NDA2MDY0M1oXDTM4MTAxOTA2MDY0M1owIzEhMB8GA1UEAxMYQm91bmN5Q2FzdGxl +IFRlc3QgQ2xpZW50MIIBUjA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCA6Ea +MBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgOiAwIBQAOCAQ8AMIIBCgKCAQEA1O21 +p4VaupwCuPwCRh7jbFQ0cjz8VusLrZ2Vg6MJFZ3x5xqTIT61s2R/mIOXorfKAsRI +olU/Kbixh2Ftcl96nyBp9IIsfkgN1ldAkiwTn+VEddStQfbJ9HTEMRTdRIzsJVtP +B1G8TiG9R8noVrIe8V3gVjbIGBiGcUG7wjwGyuRx8s3snwmgBW602TJlU5taermi +MHrNBqZHP/QFnoe3L7Lg/GPF7CwZ7TKt7nGcN9E086oauu3PQCiCQxFUg3RC23D3 +WBLFEa8aBSYk74GKJu4s84rELAxHzHYres7gu4DS0F7Ijx0DxUxHG3uQxNMLn4tu +Kb2rJc2qHq1yGQLAEQIDAQABo3YwdDAMBgNVHRMBAf8EAjAAMBMGA1UdJQQMMAoG +CCsGAQUFBwMCMA8GA1UdDwEB/wQFAwMHgAAwHQYDVR0OBBYEFMGfVWmGQAGyWq1/ ++d6dIAV00rJXMB8GA1UdIwQYMBaAFKVY4bgN1p+8NOXoPdj6DKWDscBFMD0GCSqG +SIb3DQEBCjAwoA0wCwYJYIZIAWUDBAIDoRowGAYJKoZIhvcNAQEIMAsGCWCGSAFl +AwQCA6IDAgFAA4IBAQBm9QAlG/xd8O6/TgJwnxmjKcSNhWgFHz4yY2uSMRP51VR/ +SzoXIY3drTWz3fuXSxbjAcVSlfmSX3KMVm1M6IKOw37PwUD8C5oVpLEY/NpwTjfb +WS5RR0XpAi2JJhPa9vJEO8PMdDV5C07u3fs5QvysNPZqJJvn+i2rU44JTeeJzBf8 +hesUVx4m+16C4cdU80prTnq9QYnZi08vIJ0iW0czxrsRikcqAnb+FEsrnbl1t3Wy +PcdYUq7SkQ3B3pnreOMRnRGGP0dq4YOPto6nKD2h70TQ2rH2JhSlDy7aPNx9jUKO +dwz0hfct7G7Wyoz2U+rI7ulHt3Mck4DyOam+TMEJ +-----END CERTIFICATE----- diff --git a/BouncyCastle/crypto/test/data/tls/x509-server-dsa.pem b/BouncyCastle/crypto/test/data/tls/x509-server-dsa.pem new file mode 100644 index 0000000..029d88a --- /dev/null +++ b/BouncyCastle/crypto/test/data/tls/x509-server-dsa.pem @@ -0,0 +1,27 @@ +-----BEGIN CERTIFICATE----- +MIIEpjCCBEygAwIBAgIMWYGU8C09TIACbzDkMAsGCWCGSAFlAwQDAjAjMSEwHwYD +VQQDExhCb3VuY3lDYXN0bGUgVExTIFRlc3QgQ0EwHhcNMTcwODAyMDkwMTM2WhcN +MzcwNzI4MDkwMTM2WjAjMSEwHwYDVQQDExhCb3VuY3lDYXN0bGUgVGVzdCBTZXJ2 +ZXIwggNGMIICOQYHKoZIzjgEATCCAiwCggEBAKIJ4msqhhMj/QtISZhmqwZzwvxo +9G4/z6zraDROzwt4KfCM+4Iplzb54xi4iifAKFjzegL066KAYuZEu3c5oU+1t2WT +Uz4WaD/F8jpA/p8/iMp7d/Aj+qwHoIewZmtFN7OyTvIgPFUtzKShwsA/FGxQzDbw +XOtsQ77WFdLa7B+1ZjFC776KbzNzZG0iClfZL0NweKYAGjdkJ6GKDJsKwkzWJ/wV +2fKew8GzvUKiUVamMN6QXVx8x7odGETBu5FB0bP4wCKqnQKLarfHRspynA8rCNHF +mW5CMGDQm+zaehpcgIOnsJE8xb9C7bzzFmkWxEy5DJmYPtnKEBDWz6XjdmUCIQCn +T2W/xqEt+tix4k4f/a/0D3i7iawNewwccUb4C5RcYQKCAQAs4tv1yBjpGvsspRpL +rxdAcIXhCeBQCzoYMI4CFH3lSjotUT5T30h2fA3qi3bm0GhnuAw7a1s3H749MAKm +P9RgskHkeyFoWWKJ5rVqz+KOBXQkhRDkGND5hYdBgMq5YnnDQ7O0D0621AovPOex +UQFVl2/4bJ/FRCPZ3NL790XwZNL0v/XFTDU1eL5CcSOwsENTfCpPa+6nnO4K/Gtr +QV4mCpY8dwtQB9lTB6BuhuMQ5Bmu+JVaVaGDIP8pd1ZXxPg9WQcZY+sFRz5zkiBm +Fs/+rbTnUC6Lx5T3tMBGhWC7+VmJNeT3eVzvMU7tgGGIElsQC1/5xU6pzRAL4/It +ijN3A4IBBQACggEAYi/1HWMttEK5mU2B6IpU6pgUmkUleSVrQo3tdMViiSlGPtB6 +c+yoZc3GxruCUHIYbN+rFNIsdoJQ2k9Ah4VkX6mBytopd5eulwG63DDrXCRgxqMm +BHFNvcZ/OG1Lj8Upnf9x9GbJwzoV+4J/tF/al9XlUk9gJf2zfr7oq6NAqvHXsaHj +4oC3FQV0enQdfnC325wVie+BrV5hE/YUgcYF5m2R3a0o4UokGqyJzxDjxLlrtMHe +6Rn7JngDfq7oFNXN1BMu9RD0Ll2KwZFURzZMAzj5DNc8eAScTC7omVrk6/lsQ1TW +tnlOm7QXoBcRINwrA9hoTAgPh7iyqr8497M2yqN2MHQwDAYDVR0TAQH/BAIwADAT +BgNVHSUEDDAKBggrBgEFBQcDATAPBgNVHQ8BAf8EBQMDB4AAMB0GA1UdDgQWBBQL +IkWyCawkb1V1BkwW61qMAd3TnTAfBgNVHSMEGDAWgBQA5WZqsOvPVi3KO+dfgL1w +NxeVqDALBglghkgBZQMEAwIDRwAwRAIgUHB/GqyakK8awZlbR6MsLGDz0UiCvfCR +eK2qrGSqsfICICKrf9+KyfiDh5HoB4pPZDOAAd5yQIEclw/aOD1yq0wT +-----END CERTIFICATE----- diff --git a/BouncyCastle/crypto/test/data/tls/x509-server-ecdh.pem b/BouncyCastle/crypto/test/data/tls/x509-server-ecdh.pem new file mode 100644 index 0000000..7c8f044 --- /dev/null +++ b/BouncyCastle/crypto/test/data/tls/x509-server-ecdh.pem @@ -0,0 +1,12 @@ +-----BEGIN CERTIFICATE----- +MIIBtjCCAVygAwIBAgIMWYGU8BHdfIBy0aZkMAoGCCqGSM49BAMCMCMxITAfBgNV +BAMTGEJvdW5jeUNhc3RsZSBUTFMgVGVzdCBDQTAeFw0xNzA4MDIwOTAxMzZaFw0z +NzA3MjgwOTAxMzZaMCMxITAfBgNVBAMTGEJvdW5jeUNhc3RsZSBUZXN0IFNlcnZl +cjBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABLWCgejCbKGDGpoTzBtYGeQt3OSZ +B3aPwiAaQog3VfsSsERXWAiUdogMibtR4lLl6s9QbWDorQWXhejIUi7woY2jdjB0 +MAwGA1UdEwEB/wQCMAAwEwYDVR0lBAwwCgYIKwYBBQUHAwEwDwYDVR0PAQH/BAUD +AweIADAdBgNVHQ4EFgQU0L5LXF6oiQE1eNyzRztmBOoHiR0wHwYDVR0jBBgwFoAU +0ma/FGcW5gGlL//B26Xmj0JISecwCgYIKoZIzj0EAwIDSAAwRQIhAM6F/DDKK7H9 +HbkqCcUsxTCTakQ1wcAkkRDMCI/lKLxCAiAUjBMndyVRzNlY6h4+2NP0A3RT2Q87 +2mnmiPSuW9Q4iw== +-----END CERTIFICATE----- diff --git a/BouncyCastle/crypto/test/data/tls/x509-server-ecdsa.pem b/BouncyCastle/crypto/test/data/tls/x509-server-ecdsa.pem new file mode 100644 index 0000000..ffaa81e --- /dev/null +++ b/BouncyCastle/crypto/test/data/tls/x509-server-ecdsa.pem @@ -0,0 +1,12 @@ +-----BEGIN CERTIFICATE----- +MIIBtjCCAVygAwIBAgIMWYGU8C5XSABmYVGJMAoGCCqGSM49BAMCMCMxITAfBgNV +BAMTGEJvdW5jeUNhc3RsZSBUTFMgVGVzdCBDQTAeFw0xNzA4MDIwOTAxMzZaFw0z +NzA3MjgwOTAxMzZaMCMxITAfBgNVBAMTGEJvdW5jeUNhc3RsZSBUZXN0IFNlcnZl +cjBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABKzro1Qhiu2IrXTK1X9xZ20T0eL0 +vxwmwTGcr7EvI9kRnhXDsV5Har9CmzInfIcOhL9VlS4K2WUhxNMuLYr5EIKjdjB0 +MAwGA1UdEwEB/wQCMAAwEwYDVR0lBAwwCgYIKwYBBQUHAwEwDwYDVR0PAQH/BAUD +AweAADAdBgNVHQ4EFgQUNjGYYKninT7GGg2A3pGsO2xPByIwHwYDVR0jBBgwFoAU +0ma/FGcW5gGlL//B26Xmj0JISecwCgYIKoZIzj0EAwIDSAAwRQIgWYw3r0KqlS60 +h4RON2Ycq7oH2qxf+b9mWaehP8sebHoCIQDJyu+qUegmitkVqbenVV2ypPL7x2nP +qvghAKPod/72bg== +-----END CERTIFICATE----- diff --git a/BouncyCastle/crypto/test/data/tls/x509-server-ed25519.pem b/BouncyCastle/crypto/test/data/tls/x509-server-ed25519.pem new file mode 100644 index 0000000..df3a379 --- /dev/null +++ b/BouncyCastle/crypto/test/data/tls/x509-server-ed25519.pem @@ -0,0 +1,11 @@ +-----BEGIN CERTIFICATE----- +MIIBfjCCATCgAwIBAgIUEOZLZhsVbmqCJUugm0oRFrWPO8swBQYDK2VwMCMxITAf +BgNVBAMTGEJvdW5jeUNhc3RsZSBUTFMgVGVzdCBDQTAeFw0xODA4MjMwOTI5NDda +Fw0zODA4MTgwOTI5NDdaMCMxITAfBgNVBAMTGEJvdW5jeUNhc3RsZSBUZXN0IFNl +cnZlcjAqMAUGAytlcAMhAM2PquzCzWQdU5dEG7JMCCfvaaNyfRlcIhsCzF8RLWiw +o3YwdDAMBgNVHRMBAf8EAjAAMBMGA1UdJQQMMAoGCCsGAQUFBwMBMA8GA1UdDwEB +/wQFAwMHgAAwHQYDVR0OBBYEFFsSy04J6VkN2IiqBJKGV26iMRYyMB8GA1UdIwQY +MBaAFOp5vj76ByEwboduoHWAWzajnM1mMAUGAytlcANBAOhCpwpdClN4+DFhtwLf +br8//ymNpCOf8W4vE4pZACueKIooh2S4WnbkFwBloOntxX+4TXnD06SBlpcmoQg2 +NwY= +-----END CERTIFICATE----- diff --git a/BouncyCastle/crypto/test/data/tls/x509-server-ed448.pem b/BouncyCastle/crypto/test/data/tls/x509-server-ed448.pem new file mode 100644 index 0000000..3ba371f --- /dev/null +++ b/BouncyCastle/crypto/test/data/tls/x509-server-ed448.pem @@ -0,0 +1,12 @@ +-----BEGIN CERTIFICATE----- +MIIByTCCAUmgAwIBAgIUdWna0n25+zzo6pW93hOpSKLfU0swBQYDK2VxMCMxITAf +BgNVBAMTGEJvdW5jeUNhc3RsZSBUTFMgVGVzdCBDQTAeFw0yMDAyMTMwNzMzMDJa +Fw00MDAyMDgwNzMzMDJaMCMxITAfBgNVBAMTGEJvdW5jeUNhc3RsZSBUZXN0IFNl +cnZlcjBDMAUGAytlcQM6AETFuJ7D3g4EgZnNVbPW3j81X6VpJane2pY04n8bzYcs +kAvfb5lGogDBoczMsB9opnPMdSwZQs6CAKN2MHQwDAYDVR0TAQH/BAIwADATBgNV +HSUEDDAKBggrBgEFBQcDATAPBgNVHQ8BAf8EBQMDB4AAMB0GA1UdDgQWBBTHz9U/ +S0PulhuJNX8vOdBOjnLCqjAfBgNVHSMEGDAWgBS+BSv++BEWlTJ53q6rwnDLVnR5 +JTAFBgMrZXEDcwAp/84ZggkOUHT0qCL/8a3Qmj6HyXeb8NNVyPNSbBgW6HVQsn9c +wquAbara1d9VFJ+ucpSdQfYPs4DVfxADVcVfaunEGujBoL9U3q/9XIJ5IT70HL1O ++PUERelTyKywKQI8Y2YYKUH6UYsesLhcAQ8DBwA= +-----END CERTIFICATE----- diff --git a/BouncyCastle/crypto/test/data/tls/x509-server-key-dsa.pem b/BouncyCastle/crypto/test/data/tls/x509-server-key-dsa.pem new file mode 100644 index 0000000..7324708 --- /dev/null +++ b/BouncyCastle/crypto/test/data/tls/x509-server-key-dsa.pem @@ -0,0 +1,15 @@ +-----BEGIN PRIVATE KEY----- +MIICZAIBADCCAjkGByqGSM44BAEwggIsAoIBAQCiCeJrKoYTI/0LSEmYZqsGc8L8 +aPRuP8+s62g0Ts8LeCnwjPuCKZc2+eMYuIonwChY83oC9OuigGLmRLt3OaFPtbdl +k1M+Fmg/xfI6QP6fP4jKe3fwI/qsB6CHsGZrRTezsk7yIDxVLcykocLAPxRsUMw2 +8FzrbEO+1hXS2uwftWYxQu++im8zc2RtIgpX2S9DcHimABo3ZCehigybCsJM1if8 +FdnynsPBs71ColFWpjDekF1cfMe6HRhEwbuRQdGz+MAiqp0Ci2q3x0bKcpwPKwjR +xZluQjBg0Jvs2noaXICDp7CRPMW/Qu288xZpFsRMuQyZmD7ZyhAQ1s+l43ZlAiEA +p09lv8ahLfrYseJOH/2v9A94u4msDXsMHHFG+AuUXGECggEALOLb9cgY6Rr7LKUa +S68XQHCF4QngUAs6GDCOAhR95Uo6LVE+U99IdnwN6ot25tBoZ7gMO2tbNx++PTAC +pj/UYLJB5HshaFliiea1as/ijgV0JIUQ5BjQ+YWHQYDKuWJ5w0OztA9OttQKLzzn +sVEBVZdv+GyfxUQj2dzS+/dF8GTS9L/1xUw1NXi+QnEjsLBDU3wqT2vup5zuCvxr +a0FeJgqWPHcLUAfZUwegbobjEOQZrviVWlWhgyD/KXdWV8T4PVkHGWPrBUc+c5Ig +ZhbP/q2051Aui8eU97TARoVgu/lZiTXk93lc7zFO7YBhiBJbEAtf+cVOqc0QC+Py +LYozdwQiAiAxcsCPJCsRaG0j1eDW0xomfipUvAM3Ws9MZ38R8fxQ/A== +-----END PRIVATE KEY----- diff --git a/BouncyCastle/crypto/test/data/tls/x509-server-key-ecdh.pem b/BouncyCastle/crypto/test/data/tls/x509-server-key-ecdh.pem new file mode 100644 index 0000000..669fc5c --- /dev/null +++ b/BouncyCastle/crypto/test/data/tls/x509-server-key-ecdh.pem @@ -0,0 +1,6 @@ +-----BEGIN PRIVATE KEY----- +MIGUAgEAMBMGByqGSM49AgEGCCqGSM49AwEHBHoweAIBAQQhAJsXqInsRDYS26zX +d4tHYu+WKbw2gyrnMvDOamsRyZg5oAoGCCqGSM49AwEHoUQDQgAEtYKB6MJsoYMa +mhPMG1gZ5C3c5JkHdo/CIBpCiDdV+xKwRFdYCJR2iAyJu1HiUuXqz1BtYOitBZeF +6MhSLvChjQ== +-----END PRIVATE KEY----- diff --git a/BouncyCastle/crypto/test/data/tls/x509-server-key-ecdsa.pem b/BouncyCastle/crypto/test/data/tls/x509-server-key-ecdsa.pem new file mode 100644 index 0000000..ca898da --- /dev/null +++ b/BouncyCastle/crypto/test/data/tls/x509-server-key-ecdsa.pem @@ -0,0 +1,6 @@ +-----BEGIN PRIVATE KEY----- +MIGTAgEAMBMGByqGSM49AgEGCCqGSM49AwEHBHkwdwIBAQQgHJsLqw/ZeIlLMmMZ +u+LqjbxD7OY2VhD055Icbpp5HBmgCgYIKoZIzj0DAQehRANCAASs66NUIYrtiK10 +ytV/cWdtE9Hi9L8cJsExnK+xLyPZEZ4Vw7FeR2q/QpsyJ3yHDoS/VZUuCtllIcTT +Li2K+RCC +-----END PRIVATE KEY----- diff --git a/BouncyCastle/crypto/test/data/tls/x509-server-key-ed25519.pem b/BouncyCastle/crypto/test/data/tls/x509-server-key-ed25519.pem new file mode 100644 index 0000000..e1784c5 --- /dev/null +++ b/BouncyCastle/crypto/test/data/tls/x509-server-key-ed25519.pem @@ -0,0 +1,25 @@ +Public Key Info: + Public Key Algorithm: EdDSA (Ed25519) + Key Security Level: High (256 bits) + +curve: Ed25519 +private key: + f8:32:a1:54:10:e9:b2:b2:31:10:9d:05:c0:3b:58:c5 + 1d:1b:7a:67:d1:53:5e:6b:58:fe:85:1f:4a:4e:71:13 + + +x: + cd:8f:aa:ec:c2:cd:64:1d:53:97:44:1b:b2:4c:08:27 + ef:69:a3:72:7d:19:5c:22:1b:02:cc:5f:11:2d:68:b0 + + + +Public Key PIN: + pin-sha256:tt5u5+ynOHjlD3uadUUmN2V5yZLekOkkwyyk8sZH7cI= +Public Key ID: + sha256:b6de6ee7eca73878e50f7b9a754526376579c992de90e924c32ca4f2c647edc2 + sha1:5b12cb4e09e9590dd888aa049286576ea2311632 + +-----BEGIN PRIVATE KEY----- +MC4CAQAwBQYDK2VwBCIEIPgyoVQQ6bKyMRCdBcA7WMUdG3pn0VNea1j+hR9KTnET +-----END PRIVATE KEY----- diff --git a/BouncyCastle/crypto/test/data/tls/x509-server-key-ed448.pem b/BouncyCastle/crypto/test/data/tls/x509-server-key-ed448.pem new file mode 100644 index 0000000..382cdd6 --- /dev/null +++ b/BouncyCastle/crypto/test/data/tls/x509-server-key-ed448.pem @@ -0,0 +1,28 @@ +Public Key Info: + Public Key Algorithm: EdDSA (Ed448) + Key Security Level: Ultra (456 bits) + +curve: Ed448 +private key: + af:0f:44:88:c8:11:f7:e4:87:19:b2:e5:f2:17:a4:e5 + 0a:69:78:ed:1c:34:f1:dd:8a:b1:c6:92:92:64:26:94 + 8f:46:45:af:b6:58:d5:b1:20:ce:5e:d6:b7:8e:48:e9 + 0e:14:a7:94:56:d5:14:c8:9d: + +x: + 44:c5:b8:9e:c3:de:0e:04:81:99:cd:55:b3:d6:de:3f + 35:5f:a5:69:25:a9:de:da:96:34:e2:7f:1b:cd:87:2c + 90:0b:df:6f:99:46:a2:00:c1:a1:cc:cc:b0:1f:68:a6 + 73:cc:75:2c:19:42:ce:82:00: + + +Public Key PIN: + pin-sha256:un7RlIHaUdVuKc7nlN4TlmbH42dUsl+RH5jeVUKSyiA= +Public Key ID: + sha256:ba7ed19481da51d56e29cee794de139666c7e36754b25f911f98de554292ca20 + sha1:c7cfd53f4b43ee961b89357f2f39d04e8e72c2aa + +-----BEGIN PRIVATE KEY----- +MEcCAQAwBQYDK2VxBDsEOa8PRIjIEffkhxmy5fIXpOUKaXjtHDTx3YqxxpKSZCaU +j0ZFr7ZY1bEgzl7Wt45I6Q4Up5RW1RTInQ== +-----END PRIVATE KEY----- diff --git a/BouncyCastle/crypto/test/data/tls/x509-server-key-rsa-enc.pem b/BouncyCastle/crypto/test/data/tls/x509-server-key-rsa-enc.pem new file mode 100644 index 0000000..d1e8352 --- /dev/null +++ b/BouncyCastle/crypto/test/data/tls/x509-server-key-rsa-enc.pem @@ -0,0 +1,28 @@ +-----BEGIN PRIVATE KEY----- +MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQC3mOPbXv2BWujn +fNGxYw/JNbyW7qQTaKnZogE/aIh5m86hinj7agtV2UDsBXvaQSTrp8vXwKNr9IYX +VLEvT5lM8mj+GDlJ1jhKbo1ODbZPY7b1q5e1RtMUhNX3GgZDevrLL0Tt/g912KD4 +U7vTsS2TQ35hXOQ6bknN9VWNhat0lQ/L60q2QofPdk9PydFZV9CxkoGvwV1BqiTp +JiEloFAf3h07Gim/e3K6OlU2ci+Lb6/uvSDPiOIVYPBURmVjs49sLha2jDj51II4 +9KpPbJwNUT902VrvoRwhrWP8FxYO0QxG9J07IdsNLQLzVWBxz03qK3v+U/akO1QQ +uyrWmw69AgMBAAECggEBAJd3t2RgddymV8fDHmyuQXPKtY//ybWJf7dhBI5/ezh4 +5nw3daBV2Iw29GzECW4CmKcig/W3pBuIXKga4yMZFGx7AUvASGM2LLKbilB+142f +wm3j5wFTMQmYnb2C5u/9IbNHiCKgm7ipxAObcTYw0lzQLg+9Rz09h/43DSH4yX8f +ov1ANiERjkjTMYfaoMbdVrik3MrzBx3lNa0wShS3WebdLIBGv1pk6U2b0bCVJUPP +OJ9n9bs4+kzJBofDHad6N1UszQoHB+1xHthKC5YHyEbnkWlJoyiNWELcADCKYxWY +lsbH1b6zUXlQ+/IYe7uD9Y9nOa/6kXwmyPGuFVBXGgECgYEAwMvMRVkFArycrgd1 +mmYyewuGKQyOonj6qlKDjpuZ829CPwZ7xEpSBNQcKn1vHW52IxJizVh5fHWG/8ga +p2uVGdNUbtjlazrZXDm7xBEAYke+vxgrLHzwCvk3MxFF639nmN9khX+cceLkAaZm +AEye8thr6IN7TVMt43E4G7Bd5OECgYEA88kWgFRvY7rB3oRnMEuLKaTIAdJM81Tt +lQ3PQNTAdt9HenJE5E5y884xQsYCfmvkTGrd7bWHBzRgA0slJQExAaLBNrqm2evw +AshQRVY2mR4TUuKadrWVDV6IF9IDeGZpCEmz1A0RY5M77l2jJ+pAd8Pd8wM07QLV +KqjpDRLTCV0CgYA8xkGPPr+QnEo7pchRspOJLBnPiNDRsJc756Tm6HAAR/s3COEt +AEyYjxCN6FqFiZOd/Ka+mnw5WocCzF5yljw7Ft4PzzmKstNf+icRaFaZpIohjQnX +DU9R9juLUo+a69+JVipG1vJHCEHdr0mKIJ0ealChzAirWGQnxUHtoIwIoQKBgGH1 +JWN/ihrKymf9T/FqCYs8OVnyBRWpxKWmHOdyFbwuT+x1yhTrKOmqqsSoCAyAkgXa +0z5XOOC+PO5V3aEW73g2y+iP68eZNKIJl6ek0t+H5D/j6ilVIYVzvL/Flbtle0Ln +Sqkkbx5R5T0MxyicyjbVr3OckEHEZ59yq+Ki88XJAoGAIrVxwcg+b7FKvBhjrx68 +kBK0rFwTdcqq+82G5R5DGfK5nK9RON01aOM3ddZNy+q/xe5O0kzFPkEQhSsGXTJ2 ++O0cBtTSrQ8hMZKHH6Ol4y6rWjDObmhNZR5ms76l5Fi3EzUKcLbTcl1NXlihanmU +rmQcSs0PKSGpZdraqdH+YrU= +-----END PRIVATE KEY----- diff --git a/BouncyCastle/crypto/test/data/tls/x509-server-key-rsa-sign.pem b/BouncyCastle/crypto/test/data/tls/x509-server-key-rsa-sign.pem new file mode 100644 index 0000000..975638e --- /dev/null +++ b/BouncyCastle/crypto/test/data/tls/x509-server-key-rsa-sign.pem @@ -0,0 +1,28 @@ +-----BEGIN PRIVATE KEY----- +MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQC8Xwb2eeVqVUHg +obVcnfjv7C7nhlZAZWFEbrJJXCwqnbYTOUEywVTDkNr7cVp2Q0h1iLz1Dwpz8UfC +LD77DPAVKkI8o9nfQnL7jTYMCjCM1ANdG0Cz0OumnNU+zFP9gOEfscSTeWTqeAfl +MBMDQHgFX0PV2V/h5JlQIyjyYkc5o3c6ALJUEdBecy9dYI5kvEk8GbiftjKVIdPV +RnRyfiwdQjVX5xMcD6kd8HdU0D1C12Tdw8fn9Ftu4JgOBkYrTLS5bQJY72cxrevs +YW8iiSYzJ0wVpcxRYj/4IKXD7PqtoVvYt7zwhOXjhnZGw51yYt2ogcWKUynkueMB +nPzpE7+VAgMBAAECggEBAJDChltL+d3pfyLdor52OCRI4RLTzdzXDBTG7QQrbVWi +tZW4Xj5fDIDuBRtOVTKlKj4Iww2gbWwEdBzoW84adzYMr7JiSMCmFC70qiA+hGj1 +VVBr7SFC4JW92LLV24XpURhGSMb8d20oqQicFUBeft3CBCOHVYQHZTqMip8an5nO +jWPEcxgp2hU5R1BzliMtpwtP3yLN8UD281CEdKy/nG5AfyI882mLbpiFtr0gymhw +CEqJd62vmK1mvSYDYA2QHy3ki9CxCNog0raQy/sOX4JtgCDhmy06FOOqzyo3LFcN +I7Ng2D3R+d7tCEJ8A3C7Z/HbET0MsZDolVljBoNEMlECgYEA+Kznpbm0Vd0Oew9S +5HRzXeZbCnc1fjTOhrtL8o+gyZsXiJQfDWUJ+Mlac2GFDK2FhQofnpfRHlyJRr0b +PSMzPMEB2nj/7Im0LpOUBt2TD69zK8INHIyFmu76ARgqE/rwyuxv+fyqDgUmQShP +8XC2joqejZchvvtX9REj6lQ650sCgYEAwetol/72hrrLNycaVntq7GMmLZCtqIc9 +YcLwQQVjFPkf2eiAHrsdZSnOUYXUJfvsRY4OZ7IkOQp0isU8FqED9CCoLwZ7B67c +DPhUYN6JgIqsH3CuxE9q/5sYb+d8HM9450pk8JrKHJDbBE3nwftLcay5iudkArjw +2hCi4CqzSJ8CgYAdqjKwGGkk3Qv/LiLLUgD5MKOnqfTdq1r/w5QZyXx60F+MUW8q +3+TCovKBVR7UFlcZOc3v01iE8LEHmUOIlYxlMPkRoOGWzA6Mh9pev0vt0RZCIBIE +V9cQVnXIb6OFYqga7P2mqrd2mLKpjy+KM9HzSyIC7gZ+i+lAON059PZZ5QKBgBbA +UMgscK4D8l2pJ8zns/bB9zO3WriADXKP1XI7eJF4XQVK4uU4HM3Gpt8nrWk7clAC +x6vg2aEbmerCEzewcm9M+Y5y2zJekJCw/e1TjpxXKLSTmt2LV8lfX/GZHhWfPdcd +AlS8RGQvlpKdtUgr/ID8u9QRK8mp+xAKjaFxQRGPAoGBALIBTZMU/kmvnO0PrzVL +eR3yojWI/+743kMFxPYfD2sPo/3Dd9qg8J7d1B6wu36vSP2rWVWVGShY6qxiDINi +RnLHzQILuztRbWnxRijP19KtmQctfw7/QIyUMkJ/Ur1bU2JpCjnRdoDVudk8nLvp +dAVR+0swGkDk8ffY+jwZ4gMM +-----END PRIVATE KEY----- diff --git a/BouncyCastle/crypto/test/data/tls/x509-server-key-rsa_pss_256.pem b/BouncyCastle/crypto/test/data/tls/x509-server-key-rsa_pss_256.pem new file mode 100644 index 0000000..40f795a --- /dev/null +++ b/BouncyCastle/crypto/test/data/tls/x509-server-key-rsa_pss_256.pem @@ -0,0 +1,138 @@ +Public Key Info: + Public Key Algorithm: RSA-PSS + Hash Algorithm: SHA256 + Salt Length: 32 + Key Security Level: Medium (2048 bits) + +modulus: + 00:a1:d4:bd:d5:9f:ca:7e:e5:d4:7f:49:52:78:33:d6 + b0:2f:37:a4:a2:f8:4b:32:b5:ef:d5:29:9c:7d:2e:ac + 69:b0:b1:1a:09:7d:f1:92:3a:ae:c4:d1:29:63:1b:5d + 60:d3:4d:06:3f:bc:7f:46:c7:22:c2:98:e0:2c:32:fb + 9a:94:f1:ea:b9:3b:37:4b:44:8b:bf:60:28:13:6b:e9 + 31:a6:0f:e2:3d:82:60:9d:28:8b:d4:63:7f:e1:06:cf + d6:81:a1:24:ef:b4:a5:3a:05:95:16:e5:c6:9d:e1:6e + 31:56:92:13:16:c4:2b:53:20:73:57:96:9d:7a:4b:be + e8:f0:50:1a:55:18:1e:d9:69:f2:f6:b5:e5:3a:98:b6 + 77:7b:ff:30:74:9f:6d:81:55:50:b5:3e:81:8d:54:f6 + cc:17:3d:1b:10:bf:69:77:09:d1:d8:be:79:11:ac:3b + be:19:69:5c:b1:50:4d:ba:04:09:98:74:7a:e3:96:48 + 4d:fc:67:7a:34:73:76:48:5e:41:05:61:5a:68:59:39 + b3:86:aa:78:28:f4:a6:4a:db:6f:85:47:75:75:a2:24 + e9:21:3f:18:c9:46:87:91:80:1a:f5:fa:ed:2b:ab:03 + e8:ed:c3:dd:67:ad:46:eb:9b:7e:44:d2:5c:76:4b:3d + 5f: + +public exponent: + 01:00:01: + +private exponent: + 69:92:00:19:18:f9:9f:98:cc:ec:10:68:05:54:43:ec + 81:90:fa:0c:fa:8f:0b:d0:d6:59:27:a1:17:a4:d8:02 + c6:aa:72:02:d9:2f:3b:26:9f:16:74:20:5c:af:e0:55 + a6:e2:6b:7e:2e:b8:94:f2:99:81:7a:fb:5a:ba:13:9a + bf:29:a5:e7:1a:73:32:dd:cf:90:93:e8:f0:ea:87:a0 + c4:e5:3d:c0:c4:89:c4:5c:4c:03:cc:b9:02:92:50:09 + 6e:5d:32:5c:51:6b:2c:13:b2:33:d2:c7:a3:fd:08:c6 + 94:e4:0c:21:e0:ed:26:78:57:e6:3e:b2:12:b2:d1:21 + d8:93:90:f5:8f:2f:c8:97:6b:f0:e6:b0:2a:df:02:18 + 7e:ce:98:8b:63:0c:15:7c:21:39:f9:6c:e2:61:93:fc + 49:36:cd:9d:29:d8:a4:ed:65:12:6d:11:72:f8:13:47 + 6d:8e:20:d7:9f:01:29:3b:8f:dc:d5:b8:f5:58:6f:c1 + 5c:8b:36:40:c5:80:9c:1e:4b:9f:03:55:b5:ff:1c:46 + 1f:e3:b0:12:0c:44:f0:91:07:41:20:08:6a:99:5c:f2 + 11:50:30:4b:4a:84:8e:03:87:89:4e:60:5f:69:01:94 + 5f:82:41:1c:dc:7d:34:f9:02:02:ee:e0:e7:59:63:c9 + + +prime1: + 00:c0:9b:4b:2f:d6:57:df:59:31:87:2a:4c:42:fa:4c + 0c:f2:4d:17:07:90:9b:9c:db:8e:b4:aa:68:96:d1:16 + 01:27:92:e9:8a:26:d1:73:fd:68:21:c7:19:7c:46:f0 + 33:de:21:46:9c:0d:eb:84:8c:b9:6f:cb:47:d0:c5:b8 + 95:1a:e3:18:03:99:81:39:54:2f:c3:a1:14:74:c7:5f + 82:2c:e8:b9:a9:7f:4c:ff:ac:a7:4f:7f:39:20:ee:3d + b1:0f:83:33:fa:76:57:68:4d:8b:99:24:69:d2:08:1b + 1c:36:e7:c9:be:ea:db:1d:38:61:a4:4c:7a:44:e1:82 + 53: + +prime2: + 00:d7:18:59:39:b2:de:4d:0b:58:69:8c:33:af:51:ee + c1:e2:3b:64:b6:36:dd:31:c5:9d:33:39:e2:88:c4:35 + b0:93:8a:6a:b2:c2:8b:ca:c0:0b:21:94:69:90:ae:19 + ab:7b:b8:48:eb:f3:27:3b:96:5c:17:1e:71:89:e7:c5 + 14:d8:d7:de:2b:89:1e:58:f4:4f:1a:95:a7:34:65:48 + 6a:94:f2:bb:33:3c:90:d6:99:4d:36:48:8f:0b:30:d9 + 5f:59:26:60:f0:97:8e:3e:d0:31:99:6f:93:c9:c4:ea + 25:08:f9:48:2f:2a:77:57:93:03:d6:6a:22:fe:16:cf + 45: + +coefficient: + 5b:5d:58:5d:f8:be:1f:31:c4:e9:23:1e:34:41:60:1b + 2d:57:2b:d7:3f:39:74:5f:fa:d6:71:4e:46:02:2d:1a + cc:51:d5:96:7b:d7:0c:f1:8a:a9:31:e7:61:bd:0c:31 + 31:e3:5c:27:32:0b:bd:4a:67:ad:c0:31:db:91:a4:96 + b0:a4:9e:81:0e:75:2e:5f:0c:c5:9b:8e:4d:6c:b4:7e + 2c:44:53:2d:b7:d7:82:20:ba:59:38:df:ec:99:8d:63 + 5f:e9:24:d1:8e:6e:e0:5b:fa:f2:12:16:75:ad:f3:a7 + 2d:fd:8f:55:5f:09:a3:42:4b:44:d2:c8:c8:41:7c:c8 + + +exp1: + 7f:cc:4a:e6:31:e5:da:67:d7:4a:25:51:b6:bb:57:8c + db:95:35:2b:aa:d2:e6:10:74:af:01:c7:26:13:13:f3 + ae:2b:77:d4:58:0f:70:53:fb:2d:36:6b:7d:9f:a0:2f + fa:3a:c0:1c:39:cc:45:06:0e:e0:d3:d4:11:fd:af:8d + 17:eb:08:fb:12:76:c0:f0:50:45:10:f3:7e:cc:ef:5d + 73:a8:f3:d0:38:8c:81:b5:30:ca:b9:d2:d1:3b:e3:29 + 41:ee:bf:a5:77:b2:65:9d:d6:7b:c5:c2:85:3f:25:a5 + e1:f4:88:53:aa:87:ba:ea:b7:37:0a:1b:b2:ea:a2:cb + + +exp2: + 63:04:e8:7e:71:63:79:20:51:f1:35:03:ce:1f:ef:c3 + fd:bb:cd:df:3c:5e:93:bd:1f:63:27:b0:ab:b9:77:e5 + f3:e5:f2:bc:9c:66:f2:4d:7a:52:59:1a:47:ea:7e:12 + bd:7f:d6:c2:18:4b:e5:58:90:c8:6b:d1:64:e4:f7:8b + 63:4f:ed:0d:29:b0:78:ce:ef:63:93:a5:47:af:a0:a8 + c0:2d:06:14:ce:3a:f7:2f:d7:a5:b7:bd:72:2f:68:c2 + 46:2e:2e:ce:53:56:be:7f:e5:75:77:32:17:de:b8:d3 + 97:cf:fa:75:0c:1d:a8:89:1b:69:27:af:38:3d:93:e9 + + + +Public Key PIN: + pin-sha256:KBIg1VxV9p1XXyGsX+MwqaE2DenjfwcmJzw2z8jOeT4= +Public Key ID: + sha256:281220d55c55f69d575f21ac5fe330a9a1360de9e37f0726273c36cfc8ce793e + sha1:06c5f6d2f4f448fa67ba12fe955efbe15febd164 + +-----BEGIN PRIVATE KEY----- +MIIE7AIBADA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAaEaMBgGCSqGSIb3 +DQEBCDALBglghkgBZQMEAgGiAwIBIASCBKYwggSiAgEAAoIBAQCh1L3Vn8p+5dR/ +SVJ4M9awLzekovhLMrXv1SmcfS6sabCxGgl98ZI6rsTRKWMbXWDTTQY/vH9GxyLC +mOAsMvualPHquTs3S0SLv2AoE2vpMaYP4j2CYJ0oi9Rjf+EGz9aBoSTvtKU6BZUW +5cad4W4xVpITFsQrUyBzV5adeku+6PBQGlUYHtlp8va15TqYtnd7/zB0n22BVVC1 +PoGNVPbMFz0bEL9pdwnR2L55Eaw7vhlpXLFQTboECZh0euOWSE38Z3o0c3ZIXkEF +YVpoWTmzhqp4KPSmSttvhUd1daIk6SE/GMlGh5GAGvX67SurA+jtw91nrUbrm35E +0lx2Sz1fAgMBAAECggEAaZIAGRj5n5jM7BBoBVRD7IGQ+gz6jwvQ1lknoRek2ALG +qnIC2S87Jp8WdCBcr+BVpuJrfi64lPKZgXr7WroTmr8ppecaczLdz5CT6PDqh6DE +5T3AxInEXEwDzLkCklAJbl0yXFFrLBOyM9LHo/0IxpTkDCHg7SZ4V+Y+shKy0SHY +k5D1jy/Il2vw5rAq3wIYfs6Yi2MMFXwhOfls4mGT/Ek2zZ0p2KTtZRJtEXL4E0dt +jiDXnwEpO4/c1bj1WG/BXIs2QMWAnB5LnwNVtf8cRh/jsBIMRPCRB0EgCGqZXPIR +UDBLSoSOA4eJTmBfaQGUX4JBHNx9NPkCAu7g51ljyQKBgQDAm0sv1lffWTGHKkxC ++kwM8k0XB5CbnNuOtKpoltEWASeS6Yom0XP9aCHHGXxG8DPeIUacDeuEjLlvy0fQ +xbiVGuMYA5mBOVQvw6EUdMdfgizoual/TP+sp09/OSDuPbEPgzP6dldoTYuZJGnS +CBscNufJvurbHThhpEx6ROGCUwKBgQDXGFk5st5NC1hpjDOvUe7B4jtktjbdMcWd +MzniiMQ1sJOKarLCi8rACyGUaZCuGat7uEjr8yc7llwXHnGJ58UU2NfeK4keWPRP +GpWnNGVIapTyuzM8kNaZTTZIjwsw2V9ZJmDwl44+0DGZb5PJxOolCPlILyp3V5MD +1moi/hbPRQKBgH/MSuYx5dpn10olUba7V4zblTUrqtLmEHSvAccmExPzrit31FgP +cFP7LTZrfZ+gL/o6wBw5zEUGDuDT1BH9r40X6wj7EnbA8FBFEPN+zO9dc6jz0DiM +gbUwyrnS0TvjKUHuv6V3smWd1nvFwoU/JaXh9IhTqoe66rc3Chuy6qLLAoGAYwTo +fnFjeSBR8TUDzh/vw/27zd88XpO9H2MnsKu5d+Xz5fK8nGbyTXpSWRpH6n4SvX/W +whhL5ViQyGvRZOT3i2NP7Q0psHjO72OTpUevoKjALQYUzjr3L9elt71yL2jCRi4u +zlNWvn/ldXcyF96405fP+nUMHaiJG2knrzg9k+kCgYBbXVhd+L4fMcTpIx40QWAb +LVcr1z85dF/61nFORgItGsxR1ZZ71wzxiqkx52G9DDEx41wnMgu9SmetwDHbkaSW +sKSegQ51Ll8MxZuOTWy0fixEUy2314Igulk43+yZjWNf6STRjm7gW/ryEhZ1rfOn +Lf2PVV8Jo0JLRNLIyEF8yA== +-----END PRIVATE KEY----- diff --git a/BouncyCastle/crypto/test/data/tls/x509-server-key-rsa_pss_384.pem b/BouncyCastle/crypto/test/data/tls/x509-server-key-rsa_pss_384.pem new file mode 100644 index 0000000..49f5ca8 --- /dev/null +++ b/BouncyCastle/crypto/test/data/tls/x509-server-key-rsa_pss_384.pem @@ -0,0 +1,138 @@ +Public Key Info: + Public Key Algorithm: RSA-PSS + Hash Algorithm: SHA384 + Salt Length: 48 + Key Security Level: Medium (2048 bits) + +modulus: + 00:e7:f5:99:8b:69:95:62:3a:54:80:b9:4c:21:a3:dc + 50:b9:ac:8d:50:a4:98:ea:da:87:55:82:2c:c6:68:e4 + 36:6c:7a:b8:1e:21:db:e6:fa:1f:c2:54:3a:c0:8d:2d + 94:ce:15:66:76:82:d3:27:39:ff:11:f8:19:99:95:6d + 63:7e:35:3d:17:b6:2d:59:3f:c2:b4:b3:73:75:b8:b2 + e7:9d:4d:7d:0d:98:e3:bb:da:e2:44:69:bd:15:52:0c + 45:eb:24:70:5d:47:55:79:67:56:1e:4f:2f:d5:e2:8e + c2:96:db:5f:2b:6e:c5:cf:4f:20:61:6f:22:50:05:8c + e5:ef:5d:e2:bb:e9:af:79:9d:89:ec:19:b4:ed:7d:e7 + f7:f7:20:b4:b0:7c:57:a2:c4:66:67:bb:e2:29:e3:9c + 07:9c:b0:df:30:36:40:b2:45:12:ed:53:5d:75:4d:a6 + 04:e4:2f:db:92:96:94:be:cb:e8:ac:ee:8d:28:5d:95 + a6:9f:9c:28:d3:c2:87:5e:7b:72:de:f1:ff:16:f8:49 + e4:9d:de:e7:7a:20:23:69:a4:9f:68:b2:db:b0:fc:fb + c2:77:0d:41:0a:ff:66:02:ea:9e:6b:c3:09:dd:7c:bc + 1f:47:66:66:8b:a3:72:e9:94:50:62:97:50:5a:5e:2e + d3: + +public exponent: + 01:00:01: + +private exponent: + 69:3a:96:ec:92:fa:8c:f4:4f:4f:92:40:42:66:96:d5 + 1c:56:76:49:66:52:65:00:bc:32:83:7a:92:8c:15:33 + c7:64:a8:d0:2a:a6:1b:13:cf:82:96:39:8d:0e:be:e5 + e9:d3:f5:86:bf:f4:d0:af:d3:d2:30:0e:55:09:5f:f5 + a9:d4:b7:21:61:a9:12:fb:04:f6:7b:0e:5f:12:6a:3e + fe:b2:9f:8f:a2:93:75:ae:67:c5:87:7e:9b:04:7c:c2 + df:58:c9:8c:d7:86:a4:2b:c7:fa:ba:0b:c6:69:20:40 + 90:b5:76:68:3a:b9:8c:41:a6:3b:ed:71:d0:81:a4:17 + f2:a1:1d:b8:b4:6b:01:6d:a2:e7:9a:6e:9f:b5:a1:14 + 61:7c:66:50:dc:e8:27:67:55:36:50:cc:19:d4:c7:71 + d5:8f:a7:5f:96:f1:74:90:a1:38:1c:8d:b6:37:04:23 + 81:70:24:29:62:b6:e4:85:8d:46:e9:4a:a0:26:12:0f + 40:69:42:25:eb:18:0a:97:93:dc:50:12:85:ff:74:6d + 71:31:d8:45:f8:94:74:ff:43:55:f6:fc:a3:ce:1e:cb + b9:d7:b8:2b:e5:c6:ab:d3:ab:77:60:9c:6b:4c:8e:c0 + 67:a2:37:41:a0:b8:ad:4a:bd:20:1c:29:c8:49:cc:69 + + +prime1: + 00:ed:49:8c:54:96:6b:fe:77:60:f1:93:dd:3d:bc:46 + b2:ec:9e:35:20:cc:8f:63:55:66:90:a4:1e:e3:50:b1 + 51:a3:a7:8b:b1:81:cd:93:cf:0d:4a:ac:c0:a1:81:49 + cb:71:0e:6b:4f:16:75:04:ae:89:53:c1:1d:ac:44:bc + ae:9d:85:85:e9:8c:aa:8e:b9:a8:3e:3d:86:28:b5:c3 + da:35:98:67:70:5a:8b:1f:c2:18:ed:b0:6a:0c:74:b9 + 33:6b:08:e5:93:87:39:b0:44:79:5c:eb:4c:f0:f1:db + c1:41:76:b0:12:46:38:4f:bd:68:db:70:53:13:e8:5f + 95: + +prime2: + 00:fa:40:7d:45:ec:7b:68:68:31:02:9a:ef:b7:a4:35 + a5:7d:d0:be:75:82:39:44:5f:31:98:4d:ff:3b:ec:76 + ce:c3:32:f9:d4:ce:bc:be:4c:3a:72:2f:1d:f6:2c:85 + 0d:15:50:2e:14:19:bb:cc:b5:ad:6c:bc:59:3f:a0:ba + 8b:82:e3:9d:36:93:40:b8:ec:d4:eb:15:59:da:ca:a7 + 10:1e:8e:de:22:c0:96:a5:cb:d3:37:37:4a:4b:58:aa + 13:76:84:58:21:0b:be:8a:b7:c9:04:fd:d9:99:0e:0c + 8a:28:52:50:23:9e:df:80:54:db:16:46:34:18:3b:da + c7: + +coefficient: + 7e:b9:c8:22:2e:b4:07:cd:a1:11:43:4d:48:79:e6:86 + a2:6d:3e:41:85:1e:01:3e:05:77:3d:88:2e:8c:a1:43 + b1:5c:03:3c:d9:37:d8:48:06:fa:bf:de:3e:ad:33:63 + b4:03:f7:84:02:26:22:95:66:03:1d:91:73:20:42:97 + 0e:5d:dd:37:1e:f3:60:80:1b:e4:19:0c:cb:75:bf:30 + fd:38:73:67:9c:c2:68:4c:ff:70:cb:78:6c:b7:5a:1c + a3:a2:cb:a1:f1:f4:17:06:9b:53:96:c3:19:0f:36:98 + 1e:11:f9:ba:a6:cb:5d:d5:82:ae:43:4f:cd:9e:e3:66 + + +exp1: + 2e:c1:d9:67:29:a4:ea:25:b7:f2:a2:82:6c:11:d7:94 + 96:4f:ae:84:62:0a:b7:36:32:d9:b9:9d:64:89:98:07 + 50:4a:49:9a:96:cb:5d:9e:e5:2d:9b:d0:f1:82:3a:7a + 5e:32:cb:2e:70:6c:6a:99:c1:f1:c1:12:09:ca:19:ac + 06:da:32:c3:0c:b6:e7:1c:ea:6c:29:4f:70:62:30:cf + a4:d3:fd:3e:04:79:79:ae:93:9e:f2:ae:52:fa:05:2c + 7e:a0:e8:2c:23:ef:58:2e:86:03:ab:52:24:00:64:9f + 36:39:1f:04:da:d5:69:d1:17:02:76:a5:c8:3c:77:e9 + + +exp2: + 00:84:d4:6a:2a:0d:45:cb:bb:52:18:51:e8:df:8e:d7 + b2:c9:bf:5c:f8:be:70:6b:2c:24:04:f5:91:7e:5b:1b + 0c:d0:6b:64:54:62:8f:a8:6a:89:b3:45:f3:1f:51:ae + 25:ad:a4:6b:70:db:df:e4:de:a1:f8:cf:58:87:ff:66 + 44:da:ea:b9:ed:d7:e7:48:c0:dc:9b:13:30:28:83:dc + 7d:1f:db:31:69:3c:d4:39:98:a0:b9:f4:2d:09:25:3c + d1:2b:dd:3f:71:fa:eb:de:71:82:cf:95:76:44:59:42 + aa:aa:90:56:5d:31:dc:ec:1f:1e:53:0a:5c:68:68:8c + cd: + + +Public Key PIN: + pin-sha256:ehI/YLeqtW2fBULTjESCxxpNnhvQYw9LOVxfrWzyV/g= +Public Key ID: + sha256:7a123f60b7aab56d9f0542d38c4482c71a4d9e1bd0630f4b395c5fad6cf257f8 + sha1:7ec2c93bfa8195429459015e334ef8d5735430b0 + +-----BEGIN PRIVATE KEY----- +MIIE7QIBADA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAqEaMBgGCSqGSIb3 +DQEBCDALBglghkgBZQMEAgKiAwIBMASCBKcwggSjAgEAAoIBAQDn9ZmLaZViOlSA +uUwho9xQuayNUKSY6tqHVYIsxmjkNmx6uB4h2+b6H8JUOsCNLZTOFWZ2gtMnOf8R ++BmZlW1jfjU9F7YtWT/CtLNzdbiy551NfQ2Y47va4kRpvRVSDEXrJHBdR1V5Z1Ye +Ty/V4o7ClttfK27Fz08gYW8iUAWM5e9d4rvpr3mdiewZtO195/f3ILSwfFeixGZn +u+Ip45wHnLDfMDZAskUS7VNddU2mBOQv25KWlL7L6KzujShdlaafnCjTwodee3Le +8f8W+Enknd7neiAjaaSfaLLbsPz7wncNQQr/ZgLqnmvDCd18vB9HZmaLo3LplFBi +l1BaXi7TAgMBAAECggEAaTqW7JL6jPRPT5JAQmaW1RxWdklmUmUAvDKDepKMFTPH +ZKjQKqYbE8+CljmNDr7l6dP1hr/00K/T0jAOVQlf9anUtyFhqRL7BPZ7Dl8Saj7+ +sp+PopN1rmfFh36bBHzC31jJjNeGpCvH+roLxmkgQJC1dmg6uYxBpjvtcdCBpBfy +oR24tGsBbaLnmm6ftaEUYXxmUNzoJ2dVNlDMGdTHcdWPp1+W8XSQoTgcjbY3BCOB +cCQpYrbkhY1G6UqgJhIPQGlCJesYCpeT3FAShf90bXEx2EX4lHT/Q1X2/KPOHsu5 +17gr5car06t3YJxrTI7AZ6I3QaC4rUq9IBwpyEnMaQKBgQDtSYxUlmv+d2Dxk909 +vEay7J41IMyPY1VmkKQe41CxUaOni7GBzZPPDUqswKGBSctxDmtPFnUErolTwR2s +RLyunYWF6YyqjrmoPj2GKLXD2jWYZ3Baix/CGO2wagx0uTNrCOWThzmwRHlc60zw +8dvBQXawEkY4T71o23BTE+hflQKBgQD6QH1F7HtoaDECmu+3pDWlfdC+dYI5RF8x +mE3/O+x2zsMy+dTOvL5MOnIvHfYshQ0VUC4UGbvMta1svFk/oLqLguOdNpNAuOzU +6xVZ2sqnEB6O3iLAlqXL0zc3SktYqhN2hFghC76Kt8kE/dmZDgyKKFJQI57fgFTb +FkY0GDvaxwKBgC7B2WcppOolt/KigmwR15SWT66EYgq3NjLZuZ1kiZgHUEpJmpbL +XZ7lLZvQ8YI6el4yyy5wbGqZwfHBEgnKGawG2jLDDLbnHOpsKU9wYjDPpNP9PgR5 +ea6TnvKuUvoFLH6g6Cwj71guhgOrUiQAZJ82OR8E2tVp0RcCdqXIPHfpAoGBAITU +aioNRcu7UhhR6N+O17LJv1z4vnBrLCQE9ZF+WxsM0GtkVGKPqGqJs0XzH1GuJa2k +a3Db3+TeofjPWIf/ZkTa6rnt1+dIwNybEzAog9x9H9sxaTzUOZigufQtCSU80Svd +P3H6695xgs+VdkRZQqqqkFZdMdzsHx5TClxoaIzNAoGAfrnIIi60B82hEUNNSHnm +hqJtPkGFHgE+BXc9iC6MoUOxXAM82TfYSAb6v94+rTNjtAP3hAImIpVmAx2RcyBC +lw5d3Tce82CAG+QZDMt1vzD9OHNnnMJoTP9wy3hst1oco6LLofH0FwabU5bDGQ82 +mB4R+bqmy13Vgq5DT82e42Y= +-----END PRIVATE KEY----- diff --git a/BouncyCastle/crypto/test/data/tls/x509-server-key-rsa_pss_512.pem b/BouncyCastle/crypto/test/data/tls/x509-server-key-rsa_pss_512.pem new file mode 100644 index 0000000..923f6f9 --- /dev/null +++ b/BouncyCastle/crypto/test/data/tls/x509-server-key-rsa_pss_512.pem @@ -0,0 +1,138 @@ +Public Key Info: + Public Key Algorithm: RSA-PSS + Hash Algorithm: SHA512 + Salt Length: 64 + Key Security Level: Medium (2048 bits) + +modulus: + 00:c2:ce:73:69:95:63:26:85:bd:a0:23:25:5c:94:41 + 04:11:84:78:6c:c9:a3:47:13:47:3b:c4:fe:f3:27:6c + eb:d7:41:a9:4c:e3:15:40:b8:bd:99:02:df:93:a9:bf + 07:de:a2:f1:d1:1e:49:39:2b:64:c7:5e:bb:c7:dd:30 + 07:3c:10:2c:c9:bd:d9:8f:1e:04:60:c1:92:72:44:e6 + 3c:6e:6d:7f:b7:6f:fa:ab:2f:e3:69:7b:0d:1c:31:d5 + 5e:dd:ab:99:0d:4e:80:69:53:3d:d3:63:04:1f:d6:83 + fa:d7:04:c9:3f:75:9c:95:bd:45:34:39:1d:a0:1d:d7 + 06:8e:60:17:a3:94:8f:e9:30:1e:d2:ee:05:42:a4:08 + 86:b7:93:c2:5c:c2:5e:bc:c0:26:5e:98:56:c3:76:87 + e9:9b:1a:3b:f6:bf:c1:6a:4f:f8:46:ba:0b:a8:3a:5e + bb:1d:af:e3:f3:9b:f1:b6:18:70:6d:af:30:62:5f:07 + a9:ff:7b:a2:dd:5f:7e:ff:33:19:80:a2:d7:f9:9e:c5 + a5:22:e7:79:3c:b7:ee:4a:33:c7:c4:72:e6:69:fd:ec + 43:8b:85:86:07:95:15:b9:fe:ed:1c:12:38:ca:ed:cc + 71:ef:9b:69:11:16:e5:1e:78:e0:b3:4d:4c:b4:79:ea + 9f: + +public exponent: + 01:00:01: + +private exponent: + 00:84:ed:bb:73:60:ac:b7:ac:ab:28:8a:d3:03:c9:66 + 54:10:60:04:8c:b7:4a:e3:45:14:66:84:96:33:f5:c3 + 2d:6b:45:32:f1:74:43:1c:56:f3:89:65:9c:8a:76:5a + 14:54:a7:7b:ba:e6:9f:b0:93:1b:c1:af:b3:13:3e:ab + 77:44:55:05:3a:e4:81:80:57:4b:45:7a:d1:23:88:40 + 53:1c:47:3b:cf:40:6a:1c:46:21:37:e8:ef:99:3d:a8 + 0b:83:d7:84:28:c0:58:7f:86:7d:b9:b0:e7:2f:92:81 + 9c:b8:fc:5b:17:22:7a:26:f3:70:35:a2:83:c4:ae:97 + fa:7e:c6:3f:d2:39:9b:fe:f1:e9:c6:d1:68:3e:ac:26 + b4:69:27:c6:1f:50:fc:ab:32:bb:3c:90:13:7e:5c:c0 + 52:0c:34:5d:f7:bd:dd:84:ca:7c:c7:fe:91:8d:60:fe + d7:a7:e3:95:46:b2:ce:a1:4b:af:ba:81:e5:52:7c:68 + 65:5b:9c:84:a5:b6:44:0c:28:b7:c4:19:aa:f5:f7:06 + 35:ac:92:fe:1b:12:f9:17:8f:28:b7:d0:66:3b:a8:5e + 91:6e:c1:06:65:69:97:4e:75:26:59:12:76:3a:3d:9e + ee:21:b4:df:1e:e5:c1:73:5f:cd:e7:4a:2b:66:d8:cc + 81: + +prime1: + 00:c8:9b:6c:7f:a0:08:ce:09:9b:2a:ea:f3:2c:62:d1 + ec:1e:61:7f:da:d1:3a:38:a8:31:4c:57:fa:b9:1c:d8 + 27:fc:ff:d7:79:82:f1:3b:3a:b6:93:f3:61:c8:17:e2 + 73:c8:bc:66:ff:98:9d:5e:31:4f:6b:d5:98:d3:1a:eb + cc:30:ab:f6:ed:1b:62:a4:24:6c:cd:eb:20:9e:d8:52 + 8e:49:b9:47:11:97:2d:0c:89:6c:01:0a:f2:0e:6f:cf + 57:57:7c:57:ce:06:4b:a2:d1:e4:97:91:b2:3b:ef:2a + 38:d1:64:ea:6e:b0:57:c0:93:ed:d6:27:ba:dd:9e:53 + 0b: + +prime2: + 00:f8:98:fc:b3:55:a0:27:40:a8:e2:62:3d:80:4b:13 + 10:1c:a7:22:af:3d:47:57:c4:34:8c:76:4e:95:d7:ff + e8:03:bb:cf:ac:9d:52:3a:c2:d0:91:5f:1c:1d:36:4a + 7e:9d:6d:81:4a:6e:00:f8:96:85:a1:ab:3f:54:d2:03 + ad:0e:d2:c8:c6:fc:b4:62:7e:ab:57:aa:b7:2c:6b:10 + 01:66:5d:ab:d0:5a:9e:02:5b:ad:e1:ab:be:6e:b4:b4 + d1:61:d1:5f:19:22:5c:f5:4e:9e:bd:25:ab:94:a6:be + 8c:a5:7a:2d:2f:f9:5f:55:d3:b8:d8:6d:e9:7c:b5:03 + 3d: + +coefficient: + 7a:dc:e4:d8:ed:ce:71:72:63:b3:a8:4d:c0:1d:fa:a2 + 8a:c4:9f:77:1e:5a:e1:17:d3:1a:f8:20:32:54:30:a7 + 0d:69:40:92:d7:d6:43:bf:b5:83:7e:d5:19:44:bd:3c + 8d:ff:31:ad:8b:bd:6d:ab:a7:34:d7:e3:75:57:02:85 + 8a:c0:78:2d:10:0f:6f:28:da:f7:22:69:40:f4:04:9f + a5:f9:e2:a9:0d:88:06:b4:f3:3c:5e:c6:8c:96:69:7e + f6:09:fa:9c:c6:87:de:a2:a5:9b:4d:22:2a:0b:27:7c + 25:31:26:60:b6:6d:0f:97:6f:48:f2:bf:88:dc:f3:83 + + +exp1: + 1a:20:e4:48:db:37:4a:5e:c5:ef:19:1b:03:34:fb:d2 + 9d:42:65:bc:c2:73:aa:dd:7d:4e:4c:47:43:c5:16:02 + 5f:59:93:5f:28:46:f3:47:fa:6f:da:cb:69:9c:72:ca + 51:e2:f8:27:62:61:5c:db:5f:54:d4:45:4b:79:be:2c + a2:4a:43:a7:2e:61:f2:af:2b:dc:c6:3b:41:75:3b:8b + 7c:de:bc:fa:f5:8d:d0:8c:35:9d:0d:27:e9:e9:76:40 + 12:0d:08:02:b5:9f:34:5d:d2:40:4b:a1:c3:5c:ab:4b + 2b:3a:d1:ae:09:19:e4:e3:5f:9e:fd:1d:c1:af:d5:71 + + +exp2: + 00:f0:6c:55:08:c3:a8:ee:0d:74:c7:ec:a6:fa:2a:a1 + 37:15:de:f6:86:70:47:4d:34:6e:75:e1:fd:42:a1:f1 + d6:db:b5:89:b5:b1:38:d3:a7:91:ba:e6:36:f4:71:8b + 3e:44:d6:a1:11:f0:ad:73:bd:6f:63:d9:90:98:61:bc + 38:64:7b:aa:bd:f7:ac:25:0d:c8:7c:32:98:90:96:c2 + 95:f8:00:63:a8:4f:db:3d:00:99:7c:05:73:58:f1:df + 66:18:aa:3a:c4:be:1d:15:09:82:2f:ff:fc:9e:f9:5c + 93:fd:7d:d9:b1:ea:05:2f:a6:61:c0:bf:1b:ef:05:c9 + 29: + + +Public Key PIN: + pin-sha256:ucGhof6fwEGIty3XlESZXFYnapJIa30Xc+yIYUtVbKY= +Public Key ID: + sha256:b9c1a1a1fe9fc04188b72dd79444995c56276a92486b7d1773ec88614b556ca6 + sha1:f0f7effab3260ffefd0c2c57c196d20d0fd4bd3b + +-----BEGIN PRIVATE KEY----- +MIIE7gIBADA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCA6EaMBgGCSqGSIb3 +DQEBCDALBglghkgBZQMEAgOiAwIBQASCBKgwggSkAgEAAoIBAQDCznNplWMmhb2g +IyVclEEEEYR4bMmjRxNHO8T+8yds69dBqUzjFUC4vZkC35OpvwfeovHRHkk5K2TH +XrvH3TAHPBAsyb3Zjx4EYMGSckTmPG5tf7dv+qsv42l7DRwx1V7dq5kNToBpUz3T +YwQf1oP61wTJP3Wclb1FNDkdoB3XBo5gF6OUj+kwHtLuBUKkCIa3k8Jcwl68wCZe +mFbDdofpmxo79r/Bak/4RroLqDpeux2v4/Ob8bYYcG2vMGJfB6n/e6LdX37/MxmA +otf5nsWlIud5PLfuSjPHxHLmaf3sQ4uFhgeVFbn+7RwSOMrtzHHvm2kRFuUeeOCz +TUy0eeqfAgMBAAECggEBAITtu3NgrLesqyiK0wPJZlQQYASMt0rjRRRmhJYz9cMt +a0Uy8XRDHFbziWWcinZaFFSne7rmn7CTG8GvsxM+q3dEVQU65IGAV0tFetEjiEBT +HEc7z0BqHEYhN+jvmT2oC4PXhCjAWH+Gfbmw5y+SgZy4/FsXInom83A1ooPErpf6 +fsY/0jmb/vHpxtFoPqwmtGknxh9Q/KsyuzyQE35cwFIMNF33vd2EynzH/pGNYP7X +p+OVRrLOoUuvuoHlUnxoZVuchKW2RAwot8QZqvX3BjWskv4bEvkXjyi30GY7qF6R +bsEGZWmXTnUmWRJ2Oj2e7iG03x7lwXNfzedKK2bYzIECgYEAyJtsf6AIzgmbKurz +LGLR7B5hf9rROjioMUxX+rkc2Cf8/9d5gvE7OraT82HIF+JzyLxm/5idXjFPa9WY +0xrrzDCr9u0bYqQkbM3rIJ7YUo5JuUcRly0MiWwBCvIOb89XV3xXzgZLotHkl5Gy +O+8qONFk6m6wV8CT7dYnut2eUwsCgYEA+Jj8s1WgJ0Co4mI9gEsTEBynIq89R1fE +NIx2TpXX/+gDu8+snVI6wtCRXxwdNkp+nW2BSm4A+JaFoas/VNIDrQ7SyMb8tGJ+ +q1eqtyxrEAFmXavQWp4CW63hq75utLTRYdFfGSJc9U6evSWrlKa+jKV6LS/5X1XT +uNht6Xy1Az0CgYAaIORI2zdKXsXvGRsDNPvSnUJlvMJzqt19TkxHQ8UWAl9Zk18o +RvNH+m/ay2mccspR4vgnYmFc219U1EVLeb4sokpDpy5h8q8r3MY7QXU7i3zevPr1 +jdCMNZ0NJ+npdkASDQgCtZ80XdJAS6HDXKtLKzrRrgkZ5ONfnv0dwa/VcQKBgQDw +bFUIw6juDXTH7Kb6KqE3Fd72hnBHTTRudeH9QqHx1tu1ibWxONOnkbrmNvRxiz5E +1qER8K1zvW9j2ZCYYbw4ZHuqvfesJQ3IfDKYkJbClfgAY6hP2z0AmXwFc1jx32YY +qjrEvh0VCYIv//ye+VyT/X3ZseoFL6ZhwL8b7wXJKQKBgHrc5NjtznFyY7OoTcAd ++qKKxJ93HlrhF9Ma+CAyVDCnDWlAktfWQ7+1g37VGUS9PI3/Ma2LvW2rpzTX43VX +AoWKwHgtEA9vKNr3ImlA9ASfpfniqQ2IBrTzPF7GjJZpfvYJ+pzGh96ipZtNIioL +J3wlMSZgtm0Pl29I8r+I3POD +-----END PRIVATE KEY----- diff --git a/BouncyCastle/crypto/test/data/tls/x509-server-rsa-enc.pem b/BouncyCastle/crypto/test/data/tls/x509-server-rsa-enc.pem new file mode 100644 index 0000000..bd4bee0 --- /dev/null +++ b/BouncyCastle/crypto/test/data/tls/x509-server-rsa-enc.pem @@ -0,0 +1,20 @@ +-----BEGIN CERTIFICATE----- +MIIDQjCCAiqgAwIBAgIMWYGU8Ba6TGDaJ+vVMA0GCSqGSIb3DQEBCwUAMCMxITAf +BgNVBAMTGEJvdW5jeUNhc3RsZSBUTFMgVGVzdCBDQTAeFw0xNzA4MDIwOTAxMzZa +Fw0zNzA3MjgwOTAxMzZaMCMxITAfBgNVBAMTGEJvdW5jeUNhc3RsZSBUZXN0IFNl +cnZlcjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALeY49te/YFa6Od8 +0bFjD8k1vJbupBNoqdmiAT9oiHmbzqGKePtqC1XZQOwFe9pBJOuny9fAo2v0hhdU +sS9PmUzyaP4YOUnWOEpujU4Ntk9jtvWrl7VG0xSE1fcaBkN6+ssvRO3+D3XYoPhT +u9OxLZNDfmFc5DpuSc31VY2Fq3SVD8vrSrZCh892T0/J0VlX0LGSga/BXUGqJOkm +ISWgUB/eHTsaKb97cro6VTZyL4tvr+69IM+I4hVg8FRGZWOzj2wuFraMOPnUgjj0 +qk9snA1RP3TZWu+hHCGtY/wXFg7RDEb0nTsh2w0tAvNVYHHPTeore/5T9qQ7VBC7 +KtabDr0CAwEAAaN2MHQwDAYDVR0TAQH/BAIwADATBgNVHSUEDDAKBggrBgEFBQcD +ATAPBgNVHQ8BAf8EBQMDByAAMB0GA1UdDgQWBBQwgymoaNHkuh20njTXz48/R+kl +yDAfBgNVHSMEGDAWgBQrQlWadXqqzBV+2iw7BZXrvFHaQjANBgkqhkiG9w0BAQsF +AAOCAQEA3kf9yAMYuPlBW2/y7UiKZGu6IVuxpmy+IFKeNIH6MNN9AsEHM1Yx4F1O +c4UGHxEPoKj5k1cEjiNH4hcaAR/Gukq7efHtf98WGlEp8E8ctjkK6Eu3+hOLHQ01 +YjV76BOkWzOI6DwFYNa71Jae44A8QUFhdq3c874KwwX2VkKcfenb7SzfWn/93DpR +L899PIzXWggADuRGb2S6L35DNk6sHQR8CwkT/HxZr/xqeAVP0qaXtkSPoPntVw6Z +MIUFcmC7XbDuyo1Or3iCMgdsuqP88KWDqP7vF2Bu8deES4wQeIGBSl4e6kweesbY +ASRKL9Qf3tPtKVGp0zvJbfSsOc+wig== +-----END CERTIFICATE----- diff --git a/BouncyCastle/crypto/test/data/tls/x509-server-rsa-sign.pem b/BouncyCastle/crypto/test/data/tls/x509-server-rsa-sign.pem new file mode 100644 index 0000000..09818af --- /dev/null +++ b/BouncyCastle/crypto/test/data/tls/x509-server-rsa-sign.pem @@ -0,0 +1,20 @@ +-----BEGIN CERTIFICATE----- +MIIDQjCCAiqgAwIBAgIMWYGU8DJRSWC13gO8MA0GCSqGSIb3DQEBCwUAMCMxITAf +BgNVBAMTGEJvdW5jeUNhc3RsZSBUTFMgVGVzdCBDQTAeFw0xNzA4MDIwOTAxMzZa +Fw0zNzA3MjgwOTAxMzZaMCMxITAfBgNVBAMTGEJvdW5jeUNhc3RsZSBUZXN0IFNl +cnZlcjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALxfBvZ55WpVQeCh +tVyd+O/sLueGVkBlYURusklcLCqdthM5QTLBVMOQ2vtxWnZDSHWIvPUPCnPxR8Is +PvsM8BUqQjyj2d9CcvuNNgwKMIzUA10bQLPQ66ac1T7MU/2A4R+xxJN5ZOp4B+Uw +EwNAeAVfQ9XZX+HkmVAjKPJiRzmjdzoAslQR0F5zL11gjmS8STwZuJ+2MpUh09VG +dHJ+LB1CNVfnExwPqR3wd1TQPULXZN3Dx+f0W27gmA4GRitMtLltAljvZzGt6+xh +byKJJjMnTBWlzFFiP/ggpcPs+q2hW9i3vPCE5eOGdkbDnXJi3aiBxYpTKeS54wGc +/OkTv5UCAwEAAaN2MHQwDAYDVR0TAQH/BAIwADATBgNVHSUEDDAKBggrBgEFBQcD +ATAPBgNVHQ8BAf8EBQMDB4AAMB0GA1UdDgQWBBTXwO7kKzgzAOC9j607abavBMKy +aTAfBgNVHSMEGDAWgBQrQlWadXqqzBV+2iw7BZXrvFHaQjANBgkqhkiG9w0BAQsF +AAOCAQEAAYRsE0f2BkOlNWj1SNiwoWkw4Ic6WW1X43yh3L17c5hRLOGPupDngJBA +EYTmsEfq26XX4mGlKXKgKZW2ijcrIQSkHEjkXHYdU+OI+4xufeNtGMYLijcwVKXM +mmSe8ERWODdCfzDJSRdLx/NgLeWphMQLaym1TkK29lASyqIbCNATXGnMw3bcMLvU +cXnjHtNU1tlYtVNCStvm2buy+vdVEGIsusqk+aetniEttBlQcPwuRMvbYmIDuRJP +Bxsst/t32W+s8Eb2dqbSKm6TucOG5o7oXKH6l15d+ARRJJ3C3nODBvsYgSqg1Vtm +7H0K9I4dLZoMUb4tWjSA9ckNU0nuKQ== +-----END CERTIFICATE----- diff --git a/BouncyCastle/crypto/test/data/tls/x509-server-rsa_pss_256.pem b/BouncyCastle/crypto/test/data/tls/x509-server-rsa_pss_256.pem new file mode 100644 index 0000000..0ebfa2e --- /dev/null +++ b/BouncyCastle/crypto/test/data/tls/x509-server-rsa_pss_256.pem @@ -0,0 +1,23 @@ +-----BEGIN CERTIFICATE----- +MIID2jCCApKgAwIBAgIUODLkLENJ2mZJLwlk5OXY6ebyHp8wPQYJKoZIhvcNAQEK +MDCgDTALBglghkgBZQMEAgGhGjAYBgkqhkiG9w0BAQgwCwYJYIZIAWUDBAIBogMC +ASAwIzEhMB8GA1UEAxMYQm91bmN5Q2FzdGxlIFRMUyBUZXN0IENBMB4XDTE4MTAy +NDA2MDY0MloXDTM4MTAxOTA2MDY0MlowIzEhMB8GA1UEAxMYQm91bmN5Q2FzdGxl +IFRlc3QgU2VydmVyMIIBUjA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAaEa +MBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgGiAwIBIAOCAQ8AMIIBCgKCAQEAodS9 +1Z/KfuXUf0lSeDPWsC83pKL4SzK179UpnH0urGmwsRoJffGSOq7E0SljG11g000G +P7x/RsciwpjgLDL7mpTx6rk7N0tEi79gKBNr6TGmD+I9gmCdKIvUY3/hBs/WgaEk +77SlOgWVFuXGneFuMVaSExbEK1Mgc1eWnXpLvujwUBpVGB7ZafL2teU6mLZ3e/8w +dJ9tgVVQtT6BjVT2zBc9GxC/aXcJ0di+eRGsO74ZaVyxUE26BAmYdHrjlkhN/Gd6 +NHN2SF5BBWFaaFk5s4aqeCj0pkrbb4VHdXWiJOkhPxjJRoeRgBr1+u0rqwPo7cPd +Z61G65t+RNJcdks9XwIDAQABo3YwdDAMBgNVHRMBAf8EAjAAMBMGA1UdJQQMMAoG +CCsGAQUFBwMBMA8GA1UdDwEB/wQFAwMHgAAwHQYDVR0OBBYEFAbF9tL09Ej6Z7oS +/pVe++Ff69FkMB8GA1UdIwQYMBaAFCEaiLbeA8ABgKrbcIiZpo8XzqpsMD0GCSqG +SIb3DQEBCjAwoA0wCwYJYIZIAWUDBAIBoRowGAYJKoZIhvcNAQEIMAsGCWCGSAFl +AwQCAaIDAgEgA4IBAQBQJnvKt+zUFenmqBo8zGAUQdNYcIp5JhmTP2JbgWlNjTkj +Tsc3i/rWKA0pxydWgQPL6VKBPiqFIQcuPEw6D9zQxRQpnOveRDTkDzcLbt/c5asO +6TpHYqlSujeW7TEH0WLBg0uAHuRUclKYB1/2gSU0MUVtG/sZkh213vEx56F56iqx +sXFDnt9pyu0tLE0nWWtY3dxGAYJpL1HGZ2ey//Tf0+lsS0t8iH0vAtUmssKJpA79 +76biXCHAVcL07O5jMwrF4v7ki/G7RQRQ+qrL03xBifAzKuczu4Ls++Wg7V4MUERj +mpw4pbRBam9Sz3uwc1qA+Ul0TCHzMDAFWyMod0ND +-----END CERTIFICATE----- diff --git a/BouncyCastle/crypto/test/data/tls/x509-server-rsa_pss_384.pem b/BouncyCastle/crypto/test/data/tls/x509-server-rsa_pss_384.pem new file mode 100644 index 0000000..3506f48 --- /dev/null +++ b/BouncyCastle/crypto/test/data/tls/x509-server-rsa_pss_384.pem @@ -0,0 +1,23 @@ +-----BEGIN CERTIFICATE----- +MIID2jCCApKgAwIBAgIUBSXp/i1JJIcj2ytjBNKJ0tbxKjYwPQYJKoZIhvcNAQEK +MDCgDTALBglghkgBZQMEAgKhGjAYBgkqhkiG9w0BAQgwCwYJYIZIAWUDBAICogMC +ATAwIzEhMB8GA1UEAxMYQm91bmN5Q2FzdGxlIFRMUyBUZXN0IENBMB4XDTE4MTAy +NDA3NTY0OVoXDTM4MTAxOTA3NTY0OVowIzEhMB8GA1UEAxMYQm91bmN5Q2FzdGxl +IFRlc3QgU2VydmVyMIIBUjA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAqEa +MBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgKiAwIBMAOCAQ8AMIIBCgKCAQEA5/WZ +i2mVYjpUgLlMIaPcULmsjVCkmOrah1WCLMZo5DZsergeIdvm+h/CVDrAjS2UzhVm +doLTJzn/EfgZmZVtY341PRe2LVk/wrSzc3W4suedTX0NmOO72uJEab0VUgxF6yRw +XUdVeWdWHk8v1eKOwpbbXytuxc9PIGFvIlAFjOXvXeK76a95nYnsGbTtfef39yC0 +sHxXosRmZ7viKeOcB5yw3zA2QLJFEu1TXXVNpgTkL9uSlpS+y+is7o0oXZWmn5wo +08KHXnty3vH/FvhJ5J3e53ogI2mkn2iy27D8+8J3DUEK/2YC6p5rwwndfLwfR2Zm +i6Ny6ZRQYpdQWl4u0wIDAQABo3YwdDAMBgNVHRMBAf8EAjAAMBMGA1UdJQQMMAoG +CCsGAQUFBwMBMA8GA1UdDwEB/wQFAwMHgAAwHQYDVR0OBBYEFH7CyTv6gZVClFkB +XjNO+NVzVDCwMB8GA1UdIwQYMBaAFKnwXW9hoPAB6HSyWn7UEUMcKonnMD0GCSqG +SIb3DQEBCjAwoA0wCwYJYIZIAWUDBAICoRowGAYJKoZIhvcNAQEIMAsGCWCGSAFl +AwQCAqIDAgEwA4IBAQAt1xrrBujilh2NVclsaRoqD+QJ7QhDdFVbS2zBJTVz7nds +TMu9iU/dXAp2zdsmpXi3mKStgYWS1yjSdyKyBy4v7EwGx5qHrcnMzyfX2BelGDk7 +OYCXGaFweAqRUh8SchYA1+Dlwg7ub+SpGkDnA76LgBcHFoC7AMozLOeY6GNT4qdq +64+jFvCFrDVC4xMvMB3+vwdlDIIyr9uY3z9Axw35IRPyVHJnyiLu/OIwD7Vw9A4n +11WrUXZ2fvqJUcSvwqdHRAy1kj9LsagfEXatJ79ZC2En2XhEs+PHTgtqw5UdPk16 +dVIlgPTQ/Te+ttubJPsKOpgKj8YOiNtnEZdzpJUP +-----END CERTIFICATE----- diff --git a/BouncyCastle/crypto/test/data/tls/x509-server-rsa_pss_512.pem b/BouncyCastle/crypto/test/data/tls/x509-server-rsa_pss_512.pem new file mode 100644 index 0000000..51e323b --- /dev/null +++ b/BouncyCastle/crypto/test/data/tls/x509-server-rsa_pss_512.pem @@ -0,0 +1,23 @@ +-----BEGIN CERTIFICATE----- +MIID2jCCApKgAwIBAgIUV12PGXPx0Jj7USRKsKNrWFqJRHEwPQYJKoZIhvcNAQEK +MDCgDTALBglghkgBZQMEAgOhGjAYBgkqhkiG9w0BAQgwCwYJYIZIAWUDBAIDogMC +AUAwIzEhMB8GA1UEAxMYQm91bmN5Q2FzdGxlIFRMUyBUZXN0IENBMB4XDTE4MTAy +NDA2MDY0M1oXDTM4MTAxOTA2MDY0M1owIzEhMB8GA1UEAxMYQm91bmN5Q2FzdGxl +IFRlc3QgU2VydmVyMIIBUjA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCA6Ea +MBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgOiAwIBQAOCAQ8AMIIBCgKCAQEAws5z +aZVjJoW9oCMlXJRBBBGEeGzJo0cTRzvE/vMnbOvXQalM4xVAuL2ZAt+Tqb8H3qLx +0R5JOStkx167x90wBzwQLMm92Y8eBGDBknJE5jxubX+3b/qrL+Npew0cMdVe3auZ +DU6AaVM902MEH9aD+tcEyT91nJW9RTQ5HaAd1waOYBejlI/pMB7S7gVCpAiGt5PC +XMJevMAmXphWw3aH6ZsaO/a/wWpP+Ea6C6g6Xrsdr+Pzm/G2GHBtrzBiXwep/3ui +3V9+/zMZgKLX+Z7FpSLneTy37kozx8Ry5mn97EOLhYYHlRW5/u0cEjjK7cxx75tp +ERblHnjgs01MtHnqnwIDAQABo3YwdDAMBgNVHRMBAf8EAjAAMBMGA1UdJQQMMAoG +CCsGAQUFBwMBMA8GA1UdDwEB/wQFAwMHgAAwHQYDVR0OBBYEFPD37/qzJg/+/Qws +V8GW0g0P1L07MB8GA1UdIwQYMBaAFKVY4bgN1p+8NOXoPdj6DKWDscBFMD0GCSqG +SIb3DQEBCjAwoA0wCwYJYIZIAWUDBAIDoRowGAYJKoZIhvcNAQEIMAsGCWCGSAFl +AwQCA6IDAgFAA4IBAQCVRYStZNCUKNzu+kBiHBVJn5Dbu97s3jHBw0ACphUp+M75 +O1ohoT+ny3wgIJx4sN1Fc80cT24o1V48nI4nJTlgAhYyjYjaMilHpwLP4oLclQX8 +OUoyoTPIIRfP4UNRmxAtH+2eEGieO1QDsYyqsGKR9DeWme4t4dc/NTuZ8/E3UW9C +m0VO0ev3m8ZGfWANRP0yyjnvke4I5awFur9ncGn3vwZYJLDlV9dwi3B68VUzt4Um +jz4yhgCU+kOqID/HXgWUCosreQGN+KqungUlENOVvBV4sTfQpnaAJaKpT4zkEYMP +sRkBrV12dCYh4NIpqDsnjSpWEuDlpT4F3hJx2BqU +-----END CERTIFICATE----- diff --git a/BouncyCastle/crypto/test/lib/nunit.core.dll b/BouncyCastle/crypto/test/lib/nunit.core.dll new file mode 100644 index 0000000..8d99c63 Binary files /dev/null and b/BouncyCastle/crypto/test/lib/nunit.core.dll differ diff --git a/BouncyCastle/crypto/test/lib/nunit.core.interfaces.dll b/BouncyCastle/crypto/test/lib/nunit.core.interfaces.dll new file mode 100644 index 0000000..70a76b2 Binary files /dev/null and b/BouncyCastle/crypto/test/lib/nunit.core.interfaces.dll differ diff --git a/BouncyCastle/crypto/test/lib/nunit.framework.dll b/BouncyCastle/crypto/test/lib/nunit.framework.dll new file mode 100644 index 0000000..ba484ba Binary files /dev/null and b/BouncyCastle/crypto/test/lib/nunit.framework.dll differ diff --git a/BouncyCastle/crypto/test/src/asn1/test/ASN1IntegerTest.cs b/BouncyCastle/crypto/test/src/asn1/test/ASN1IntegerTest.cs new file mode 100644 index 0000000..3d0c6fc --- /dev/null +++ b/BouncyCastle/crypto/test/src/asn1/test/ASN1IntegerTest.cs @@ -0,0 +1,393 @@ +using System; + +using NUnit.Framework; + +using Org.BouncyCastle.Math; +using Org.BouncyCastle.Utilities; +using Org.BouncyCastle.Utilities.Encoders; +using Org.BouncyCastle.Utilities.Test; + +namespace Org.BouncyCastle.Asn1.Tests +{ + [TestFixture] + public class Asn1IntegerTest + : SimpleTest + { + private static readonly byte[] suspectKey = Base64.Decode( + "MIGJAoGBAHNc+iExm94LUrJdPSJ4QJ9tDRuvaNmGVHpJ4X7a5zKI02v+2E7RotuiR2MHDJfVJkb9LUs2kb3XBlyENhtMLsbeH+3Muy3" + + "hGDlh/mLJSh1s4c5jDKBRYOHom7Uc8wP0P2+zBCA+OEdikNDFBaP5PbR2Xq9okG2kPh35M2quAiMTAgMBAAE="); + + public override string Name + { + get { return "Asn1Integer"; } + } + + public override void PerformTest() + { +#if NETCF_1_0 || NETCF_2_0 || SILVERLIGHT || (PORTABLE && !DOTNET) || NET_1_1 + // Can't SetEnvironmentVariable ! +#else + SetAllowUnsafeProperty(true); + + Asn1Sequence.GetInstance(suspectKey); + + DoTestValidEncodingSingleByte(); + DoTestValidEncodingMultiByte(); + DoTestInvalidEncoding_00(); + DoTestInvalidEncoding_ff(); + DoTestInvalidEncoding_00_32bits(); + DoTestInvalidEncoding_ff_32bits(); + //DoDoTestLooseInvalidValidEncoding_FF_32B(); + //DoTestLooseInvalidValidEncoding_zero_32B(); + DoTestLooseValidEncoding_zero_32BAligned(); + DoTestLooseValidEncoding_FF_32BAligned(); + DoTestLooseValidEncoding_FF_32BAligned_1not0(); + DoTestLooseValidEncoding_FF_32BAligned_2not0(); + DoTestOversizedEncoding(); + + SetAllowUnsafeProperty(true); + + new DerInteger(Hex.Decode("ffda47bfc776bcd269da4832626ac332adfca6dd835e8ecd83cd1ebe7d709b0e")); + + new DerEnumerated(Hex.Decode("005a47bfc776bcd269da4832626ac332adfca6dd835e8ecd83cd1ebe7d709b0e")); + + SetAllowUnsafeProperty(false); + + try + { + new DerInteger(Hex.Decode("ffda47bfc776bcd269da4832626ac332adfca6dd835e8ecd83cd1ebe7d709b")); + + Fail("no exception"); + } + catch (ArgumentException e) + { + CheckArgumentException(e, "malformed integer"); + } + + // No support for thread-local override in C# version + //IsTrue(!Properties.SetThreadOverride("org.bouncycastle.asn1.allow_unsafe_integer", true)); + + //new DerInteger(Hex.Decode("ffda47bfc776bcd269da4832626ac332adfca6dd835e8ecd83cd1ebe7d709b")); + + //IsTrue(Properties.RemoveThreadOverride("org.bouncycastle.asn1.allow_unsafe_integer")); + + try + { + Asn1Sequence.GetInstance(suspectKey); + + Fail("no exception"); + } + catch (ArgumentException e) + { + CheckArgumentException("test 1", e, "failed to construct sequence from byte[]: corrupted stream detected"); + } + + try + { + new DerInteger(Hex.Decode("ffda47bfc776bcd269da4832626ac332adfca6dd835e8ecd83cd1ebe7d709b0e")); + + Fail("no exception"); + } + catch (ArgumentException e) + { + CheckArgumentException(e, "malformed integer"); + } + + try + { + new DerEnumerated(Hex.Decode("ffda47bfc776bcd269da4832626ac332adfca6dd835e8ecd83cd1ebe7d709b0e")); + + Fail("no exception"); + } + catch (ArgumentException e) + { + CheckArgumentException(e, "malformed enumerated"); + } + + try + { + new DerEnumerated(Hex.Decode("005a47bfc776bcd269da4832626ac332adfca6dd835e8ecd83cd1ebe7d709b0e")); + + Fail("no exception"); + } + catch (ArgumentException e) + { + CheckArgumentException(e, "malformed enumerated"); + } +#endif + } + + /** + * Ensure existing single byte behavior. + */ + public void DoTestValidEncodingSingleByte() + { + SetAllowUnsafeProperty(false); + + // + // Without property, single byte. + // + byte[] rawInt = Hex.Decode("10"); + DerInteger i = new DerInteger(rawInt); + CheckIntValue(i, 16); + + // + // With property set. + // + SetAllowUnsafeProperty(true); + + rawInt = Hex.Decode("10"); + i = new DerInteger(rawInt); + CheckIntValue(i, 16); + } + + public void DoTestValidEncodingMultiByte() + { + SetAllowUnsafeProperty(false); + + // + // Without property, multi-byte. + // + byte[] rawInt = Hex.Decode("10FF"); + DerInteger i = new DerInteger(rawInt); + CheckIntValue(i, 4351); + + // + // With property set. + // + SetAllowUnsafeProperty(true); + + rawInt = Hex.Decode("10FF"); + i = new DerInteger(rawInt); + CheckIntValue(i, 4351); + } + + public void DoTestInvalidEncoding_00() + { + SetAllowUnsafeProperty(false); + try + { + byte[] rawInt = Hex.Decode("0010FF"); + DerInteger i = new DerInteger(rawInt); + IsEquals(i.Value.IntValue, 4351); + Fail("Expecting illegal argument exception."); + } + catch (ArgumentException e) + { + CheckArgumentException(e, "malformed integer"); + } + } + + public void DoTestInvalidEncoding_ff() + { + SetAllowUnsafeProperty(false); + + try + { + byte[] rawInt = Hex.Decode("FF81FF"); + new DerInteger(rawInt); + Fail("Expecting illegal argument exception."); + } + catch (ArgumentException e) + { + CheckArgumentException(e, "malformed integer"); + } + } + + public void DoTestInvalidEncoding_00_32bits() + { + SetAllowUnsafeProperty(false); + + // + // Check what would pass loose validation fails outside of loose validation. + // + try + { + byte[] rawInt = Hex.Decode("0000000010FF"); + new DerInteger(rawInt); + Fail("Expecting illegal argument exception."); + } + catch (ArgumentException e) + { + CheckArgumentException(e, "malformed integer"); + } + } + + public void DoTestInvalidEncoding_ff_32bits() + { + SetAllowUnsafeProperty(false); + + // + // Check what would pass loose validation fails outside of loose validation. + // + try + { + byte[] rawInt = Hex.Decode("FFFFFFFF01FF"); + new DerInteger(rawInt); + Fail("Expecting illegal argument exception."); + } + catch (ArgumentException e) + { + CheckArgumentException(e, "malformed integer"); + } + } + + /* + Unfortunately it turns out that integers stored without sign bits that are assumed to be + unsigned.. this means a string of FF may occur and then the user will call getPositiveValue(). + Sigh.. + public void DoTestLooseInvalidValidEncoding_zero_32B() + throws Exception + { + // + // Should still fail as loose validation only permits 3 leading 0x00 bytes. + // + try + { + SetAllowUnsafeProperty(true); + byte[] rawInt = Hex.Decode("0000000010FF"); + new DerInteger(rawInt); + Fail("Expecting illegal argument exception."); + } + catch (ArgumentException e) + { + CheckArgumentException(e, "malformed integer"); + } + } + + public void DoDoTestLooseInvalidValidEncoding_FF_32B() + throws Exception + { + // + // Should still fail as loose validation only permits 3 leading 0xFF bytes. + // + try + { + SetAllowUnsafeProperty(true); + byte[] rawInt = Hex.Decode("FFFFFFFF10FF"); + new DerInteger(rawInt); + Fail("Expecting illegal argument exception."); + } + catch (ArgumentException e) + { + CheckArgumentException(e, "malformed integer"); + } + } + */ + + public void DoTestLooseValidEncoding_zero_32BAligned() + { + // + // Should pass as loose validation permits 3 leading 0x00 bytes. + // + SetAllowUnsafeProperty(true); + byte[] rawInt = Hex.Decode("00000010FF000000"); + DerInteger i = new DerInteger(rawInt); + CheckLongValue(i, 72997666816L); + } + + public void DoTestLooseValidEncoding_FF_32BAligned() + { + // + // Should pass as loose validation permits 3 leading 0xFF bytes + // + SetAllowUnsafeProperty(true); + byte[] rawInt = Hex.Decode("FFFFFF10FF000000"); + DerInteger i = new DerInteger(rawInt); + CheckLongValue(i, -1026513960960L); + } + + public void DoTestLooseValidEncoding_FF_32BAligned_1not0() + { + // + // Should pass as loose validation permits 3 leading 0xFF bytes. + // + SetAllowUnsafeProperty(true); + byte[] rawInt = Hex.Decode("FFFEFF10FF000000"); + DerInteger i = new DerInteger(rawInt); + CheckLongValue(i, -282501490671616L); + } + + public void DoTestLooseValidEncoding_FF_32BAligned_2not0() + { + // + // Should pass as loose validation permits 3 leading 0xFF bytes. + // + SetAllowUnsafeProperty(true); + byte[] rawInt = Hex.Decode("FFFFFE10FF000000"); + DerInteger i = new DerInteger(rawInt); + CheckLongValue(i, -2126025588736L); + } + + public void DoTestOversizedEncoding() + { + // + // Should pass as loose validation permits 3 leading 0xFF bytes. + // + SetAllowUnsafeProperty(true); + byte[] rawInt = Hex.Decode("FFFFFFFE10FF000000000000"); + DerInteger i = new DerInteger(rawInt); + IsEquals(new BigInteger(Hex.Decode("FFFFFFFE10FF000000000000")), i.Value); + + rawInt = Hex.Decode("FFFFFFFFFE10FF000000000000"); + try + { + new DerInteger(rawInt); + } + catch (ArgumentException e) + { + CheckArgumentException(e, "malformed integer"); + } + } + private void CheckArgumentException(ArgumentException e, String expectedMessage) + { + IsTrue(e.Message.StartsWith(expectedMessage)); + } + + private void CheckArgumentException(String errorText, ArgumentException e, String expectedMessage) + { + IsTrue(errorText, e.Message.StartsWith(expectedMessage)); + } + + private void SetAllowUnsafeProperty(bool allowUnsafe) + { +#if NETCF_1_0 || NETCF_2_0 || SILVERLIGHT || (PORTABLE && !DOTNET) || NET_1_1 + // Can't SetEnvironmentVariable ! +#else + Environment.SetEnvironmentVariable(DerInteger.AllowUnsafeProperty, allowUnsafe ? "true" : "false"); +#endif + } + + private void CheckIntValue(DerInteger i, int n) + { + BigInteger val = i.Value; + IsEquals(val.IntValue, n); + IsEquals(val.IntValueExact, n); + IsEquals(i.IntValueExact, n); + IsTrue(i.HasValue(n)); + } + + private void CheckLongValue(DerInteger i, long n) + { + BigInteger val = i.Value; + IsEquals(val.LongValue, n); + IsEquals(val.LongValueExact, n); + IsEquals(i.LongValueExact, n); + IsTrue(i.HasValue(n)); + } + + public static void Main( + string[] args) + { + RunTest(new Asn1IntegerTest()); + } + + [Test] + public void TestFunction() + { + string resultText = Perform().ToString(); + + Assert.AreEqual(Name + ": Okay", resultText); + } + } +} diff --git a/BouncyCastle/crypto/test/src/asn1/test/ASN1SequenceParserTest.cs b/BouncyCastle/crypto/test/src/asn1/test/ASN1SequenceParserTest.cs new file mode 100644 index 0000000..030da04 --- /dev/null +++ b/BouncyCastle/crypto/test/src/asn1/test/ASN1SequenceParserTest.cs @@ -0,0 +1,359 @@ +using System; +using System.IO; + +using NUnit.Framework; + +using Org.BouncyCastle.Math; +using Org.BouncyCastle.Utilities; +using Org.BouncyCastle.Utilities.Encoders; +using Org.BouncyCastle.Utilities.Test; + +namespace Org.BouncyCastle.Asn1.Tests +{ + [TestFixture] + public class Asn1SequenceParserTest + { + private static readonly byte[] seqData = Hex.Decode("3006020100060129"); + private static readonly byte[] nestedSeqData = Hex.Decode("300b0201000601293003020101"); + private static readonly byte[] expTagSeqData = Hex.Decode("a1083006020100060129"); + private static readonly byte[] implTagSeqData = Hex.Decode("a106020100060129"); + private static readonly byte[] nestedSeqExpTagData = Hex.Decode("300d020100060129a1053003020101"); + private static readonly byte[] nestedSeqImpTagData = Hex.Decode("300b020100060129a103020101"); + + private static readonly byte[] berSeqData = Hex.Decode("30800201000601290000"); + private static readonly byte[] berDerNestedSeqData = Hex.Decode("308002010006012930030201010000"); + private static readonly byte[] berNestedSeqData = Hex.Decode("3080020100060129308002010100000000"); + private static readonly byte[] berExpTagSeqData = Hex.Decode("a180308002010006012900000000"); + private static readonly byte[] berSeqWithDERNullData = Hex.Decode("308005000201000601290000"); + + [Test] + public void TestDerWriting() + { + MemoryStream bOut = new MemoryStream(); + DerSequenceGenerator seqGen = new DerSequenceGenerator(bOut); + + seqGen.AddObject(new DerInteger(BigInteger.Zero)); + + seqGen.AddObject(new DerObjectIdentifier("1.1")); + + seqGen.Close(); + + Assert.IsTrue(Arrays.AreEqual(seqData, bOut.ToArray()), "basic DER writing test failed."); + } + + [Test] + public void TestNestedDerWriting() + { + MemoryStream bOut = new MemoryStream(); + DerSequenceGenerator seqGen1 = new DerSequenceGenerator(bOut); + + seqGen1.AddObject(new DerInteger(BigInteger.Zero)); + + seqGen1.AddObject(new DerObjectIdentifier("1.1")); + + DerSequenceGenerator seqGen2 = new DerSequenceGenerator(seqGen1.GetRawOutputStream()); + + seqGen2.AddObject(new DerInteger(BigInteger.One)); + + seqGen2.Close(); + + seqGen1.Close(); + + Assert.IsTrue(Arrays.AreEqual(nestedSeqData, bOut.ToArray()), "nested DER writing test failed."); + } + + [Test] + public void TestDerExplicitTaggedSequenceWriting() + { + MemoryStream bOut = new MemoryStream(); + DerSequenceGenerator seqGen = new DerSequenceGenerator(bOut, 1, true); + + seqGen.AddObject(new DerInteger(BigInteger.Zero)); + + seqGen.AddObject(new DerObjectIdentifier("1.1")); + + seqGen.Close(); + + Assert.IsTrue(Arrays.AreEqual(expTagSeqData, bOut.ToArray()), "explicit tag writing test failed."); + } + + [Test] + public void TestDerImplicitTaggedSequenceWriting() + { + MemoryStream bOut = new MemoryStream(); + DerSequenceGenerator seqGen = new DerSequenceGenerator(bOut, 1, false); + + seqGen.AddObject(new DerInteger(BigInteger.Zero)); + + seqGen.AddObject(new DerObjectIdentifier("1.1")); + + seqGen.Close(); + + Assert.IsTrue(Arrays.AreEqual(implTagSeqData, bOut.ToArray()), "implicit tag writing test failed."); + } + + [Test] + public void TestNestedExplicitTagDerWriting() + { + MemoryStream bOut = new MemoryStream(); + DerSequenceGenerator seqGen1 = new DerSequenceGenerator(bOut); + + seqGen1.AddObject(new DerInteger(BigInteger.Zero)); + + seqGen1.AddObject(new DerObjectIdentifier("1.1")); + + DerSequenceGenerator seqGen2 = new DerSequenceGenerator(seqGen1.GetRawOutputStream(), 1, true); + + seqGen2.AddObject(new DerInteger(BigInteger.ValueOf(1))); + + seqGen2.Close(); + + seqGen1.Close(); + + Assert.IsTrue(Arrays.AreEqual(nestedSeqExpTagData, bOut.ToArray()), "nested explicit tagged DER writing test failed."); + } + + [Test] + public void TestNestedImplicitTagDerWriting() + { + MemoryStream bOut = new MemoryStream(); + DerSequenceGenerator seqGen1 = new DerSequenceGenerator(bOut); + + seqGen1.AddObject(new DerInteger(BigInteger.Zero)); + + seqGen1.AddObject(new DerObjectIdentifier("1.1")); + + DerSequenceGenerator seqGen2 = new DerSequenceGenerator(seqGen1.GetRawOutputStream(), 1, false); + + seqGen2.AddObject(new DerInteger(BigInteger.ValueOf(1))); + + seqGen2.Close(); + + seqGen1.Close(); + + Assert.IsTrue(Arrays.AreEqual(nestedSeqImpTagData, bOut.ToArray()), "nested implicit tagged DER writing test failed."); + } + + [Test] + public void TestBerWriting() + { + MemoryStream bOut = new MemoryStream(); + BerSequenceGenerator seqGen = new BerSequenceGenerator(bOut); + + seqGen.AddObject(new DerInteger(BigInteger.Zero)); + + seqGen.AddObject(new DerObjectIdentifier("1.1")); + + seqGen.Close(); + + Assert.IsTrue(Arrays.AreEqual(berSeqData, bOut.ToArray()), "basic BER writing test failed."); + } + + [Test] + public void TestNestedBerDerWriting() + { + MemoryStream bOut = new MemoryStream(); + BerSequenceGenerator seqGen1 = new BerSequenceGenerator(bOut); + + seqGen1.AddObject(new DerInteger(BigInteger.Zero)); + + seqGen1.AddObject(new DerObjectIdentifier("1.1")); + + DerSequenceGenerator seqGen2 = new DerSequenceGenerator(seqGen1.GetRawOutputStream()); + + seqGen2.AddObject(new DerInteger(BigInteger.ValueOf(1))); + + seqGen2.Close(); + + seqGen1.Close(); + + Assert.IsTrue(Arrays.AreEqual(berDerNestedSeqData, bOut.ToArray()), "nested BER/DER writing test failed."); + } + + [Test] + public void TestNestedBerWriting() + { + MemoryStream bOut = new MemoryStream(); + BerSequenceGenerator seqGen1 = new BerSequenceGenerator(bOut); + + seqGen1.AddObject(new DerInteger(BigInteger.Zero)); + + seqGen1.AddObject(new DerObjectIdentifier("1.1")); + + BerSequenceGenerator seqGen2 = new BerSequenceGenerator(seqGen1.GetRawOutputStream()); + + seqGen2.AddObject(new DerInteger(BigInteger.ValueOf(1))); + + seqGen2.Close(); + + seqGen1.Close(); + + Assert.IsTrue(Arrays.AreEqual(berNestedSeqData, bOut.ToArray()), "nested BER writing test failed."); + } + + [Test] + public void TestDerReading() + { + Asn1StreamParser aIn = new Asn1StreamParser(seqData); + + Asn1SequenceParser seq = (Asn1SequenceParser)aIn.ReadObject(); + int count = 0; + + Assert.IsNotNull(seq, "null sequence returned"); + + object o; + while ((o = seq.ReadObject()) != null) + { + switch (count) + { + case 0: + Assert.IsTrue(o is DerInteger); + break; + case 1: + Assert.IsTrue(o is DerObjectIdentifier); + break; + } + count++; + } + + Assert.AreEqual(2, count, "wrong number of objects in sequence"); + } + + private void doTestNestedReading( + byte[] data) + { + Asn1StreamParser aIn = new Asn1StreamParser(data); + + Asn1SequenceParser seq = (Asn1SequenceParser) aIn.ReadObject(); + object o = null; + int count = 0; + + Assert.IsNotNull(seq, "null sequence returned"); + + while ((o = seq.ReadObject()) != null) + { + switch (count) + { + case 0: + Assert.IsTrue(o is DerInteger); + break; + case 1: + Assert.IsTrue(o is DerObjectIdentifier); + break; + case 2: + Assert.IsTrue(o is Asn1SequenceParser); + + Asn1SequenceParser s = (Asn1SequenceParser)o; + + // NB: Must exhaust the nested parser + while (s.ReadObject() != null) + { + // Ignore + } + + break; + } + count++; + } + + Assert.AreEqual(3, count, "wrong number of objects in sequence"); + } + + [Test] + public void TestNestedDerReading() + { + doTestNestedReading(nestedSeqData); + } + + [Test] + public void TestBerReading() + { + Asn1StreamParser aIn = new Asn1StreamParser(berSeqData); + + Asn1SequenceParser seq = (Asn1SequenceParser) aIn.ReadObject(); + object o = null; + int count = 0; + + Assert.IsNotNull(seq, "null sequence returned"); + + while ((o = seq.ReadObject()) != null) + { + switch (count) + { + case 0: + Assert.IsTrue(o is DerInteger); + break; + case 1: + Assert.IsTrue(o is DerObjectIdentifier); + break; + } + count++; + } + + Assert.AreEqual(2, count, "wrong number of objects in sequence"); + } + + [Test] + public void TestNestedBerDerReading() + { + doTestNestedReading(berDerNestedSeqData); + } + + [Test] + public void TestNestedBerReading() + { + doTestNestedReading(berNestedSeqData); + } + + [Test] + public void TestBerExplicitTaggedSequenceWriting() + { + MemoryStream bOut = new MemoryStream(); + BerSequenceGenerator seqGen = new BerSequenceGenerator(bOut, 1, true); + + seqGen.AddObject(new DerInteger(BigInteger.Zero)); + + seqGen.AddObject(new DerObjectIdentifier("1.1")); + + seqGen.Close(); + + Assert.IsTrue(Arrays.AreEqual(berExpTagSeqData, bOut.ToArray()), "explicit BER tag writing test failed."); + } + + [Test] + public void TestSequenceWithDerNullReading() + { + doTestParseWithNull(berSeqWithDERNullData); + } + + private void doTestParseWithNull( + byte[] data) + { + Asn1StreamParser aIn = new Asn1StreamParser(data); + Asn1SequenceParser seq = (Asn1SequenceParser) aIn.ReadObject(); + object o; + int count = 0; + + Assert.IsNotNull(seq, "null sequence returned"); + + while ((o = seq.ReadObject()) != null) + { + switch (count) + { + case 0: + Assert.IsTrue(o is Asn1Null); + break; + case 1: + Assert.IsTrue(o is DerInteger); + break; + case 2: + Assert.IsTrue(o is DerObjectIdentifier); + break; + } + count++; + } + + Assert.AreEqual(3, count, "wrong number of objects in sequence"); + } + } +} diff --git a/BouncyCastle/crypto/test/src/asn1/test/ASN1UnitTest.cs b/BouncyCastle/crypto/test/src/asn1/test/ASN1UnitTest.cs new file mode 100644 index 0000000..88492be --- /dev/null +++ b/BouncyCastle/crypto/test/src/asn1/test/ASN1UnitTest.cs @@ -0,0 +1,88 @@ +using System; + +using Org.BouncyCastle.Math; +using Org.BouncyCastle.Utilities.Test; + +namespace Org.BouncyCastle.Asn1.Tests +{ + public abstract class Asn1UnitTest + : SimpleTest + { + protected void checkMandatoryField(string name, Asn1Encodable expected, Asn1Encodable present) + { + if (!expected.Equals(present)) + { + Fail(name + " field doesn't match."); + } + } + + protected void checkMandatoryField(string name, string expected, string present) + { + if (!expected.Equals(present)) + { + Fail(name + " field doesn't match."); + } + } + + protected void checkMandatoryField(string name, byte[] expected, byte[] present) + { + if (!AreEqual(expected, present)) + { + Fail(name + " field doesn't match."); + } + } + + protected void checkMandatoryField(string name, int expected, int present) + { + if (expected != present) + { + Fail(name + " field doesn't match."); + } + } + + protected void checkOptionalField(string name, Asn1Encodable expected, Asn1Encodable present) + { + if (expected != null) + { + if (!expected.Equals(present)) + { + Fail(name + " field doesn't match."); + } + } + else if (present != null) + { + Fail(name + " field found when none expected."); + } + } + + protected void checkOptionalField(string name, string expected, string present) + { + if (expected != null) + { + if (!expected.Equals(present)) + { + Fail(name + " field doesn't match."); + } + } + else if (present != null) + { + Fail(name + " field found when none expected."); + } + } + + protected void checkOptionalField(string name, BigInteger expected, BigInteger present) + { + if (expected != null) + { + if (!expected.Equals(present)) + { + Fail(name + " field doesn't match."); + } + } + else if (present != null) + { + Fail(name + " field found when none expected."); + } + } + } +} diff --git a/BouncyCastle/crypto/test/src/asn1/test/AdditionalInformationSyntaxUnitTest.cs b/BouncyCastle/crypto/test/src/asn1/test/AdditionalInformationSyntaxUnitTest.cs new file mode 100644 index 0000000..b724619 --- /dev/null +++ b/BouncyCastle/crypto/test/src/asn1/test/AdditionalInformationSyntaxUnitTest.cs @@ -0,0 +1,77 @@ +using System; + +using NUnit.Framework; + +using Org.BouncyCastle.Asn1.IsisMtt.X509; +using Org.BouncyCastle.Asn1.X500; + +namespace Org.BouncyCastle.Asn1.Tests +{ + [TestFixture] + public class AdditionalInformationSyntaxUnitTest + : Asn1UnitTest + { + public override string Name + { + get { return "AdditionalInformationSyntax"; } + } + + public override void PerformTest() + { + AdditionalInformationSyntax syntax = new AdditionalInformationSyntax("hello world"); + + checkConstruction(syntax, new DirectoryString("hello world")); + + try + { + AdditionalInformationSyntax.GetInstance(new Object()); + + Fail("GetInstance() failed to detect bad object."); + } + catch (ArgumentException) + { + // expected + } + } + + private void checkConstruction( + AdditionalInformationSyntax syntax, + DirectoryString information) + { + checkValues(syntax, information); + + syntax = AdditionalInformationSyntax.GetInstance(syntax); + + checkValues(syntax, information); + + Asn1InputStream aIn = new Asn1InputStream(syntax.ToAsn1Object().GetEncoded()); + + IAsn1String info = (IAsn1String) aIn.ReadObject(); + + syntax = AdditionalInformationSyntax.GetInstance(info); + + checkValues(syntax, information); + } + + private void checkValues( + AdditionalInformationSyntax syntax, + DirectoryString information) + { + checkMandatoryField("information", information, syntax.Information); + } + + public static void Main( + string[] args) + { + RunTest(new AdditionalInformationSyntaxUnitTest()); + } + + [Test] + public void TestFunction() + { + string resultText = Perform().ToString(); + + Assert.AreEqual(Name + ": Okay", resultText); + } + } +} diff --git a/BouncyCastle/crypto/test/src/asn1/test/AdmissionSyntaxUnitTest.cs b/BouncyCastle/crypto/test/src/asn1/test/AdmissionSyntaxUnitTest.cs new file mode 100644 index 0000000..8d0a1f8 --- /dev/null +++ b/BouncyCastle/crypto/test/src/asn1/test/AdmissionSyntaxUnitTest.cs @@ -0,0 +1,99 @@ +using System; + +using NUnit.Framework; + +using Org.BouncyCastle.Asn1.IsisMtt.X509; +using Org.BouncyCastle.Asn1.X500; +using Org.BouncyCastle.Asn1.X509; + +namespace Org.BouncyCastle.Asn1.Tests +{ + [TestFixture] + public class AdmissionSyntaxUnitTest + : Asn1UnitTest + { + public override string Name + { + get { return "AdmissionSyntax"; } + } + + public override void PerformTest() + { + GeneralName name = new GeneralName(new X509Name("CN=hello world")); + Asn1Sequence admissions = new DerSequence( + new Admissions(name, + new NamingAuthority(new DerObjectIdentifier("1.2.3"), "url", new DirectoryString("fred")), + new ProfessionInfo[0])); + AdmissionSyntax syntax = new AdmissionSyntax(name, admissions); + + checkConstruction(syntax, name, admissions); + + syntax = AdmissionSyntax.GetInstance(null); + + if (syntax != null) + { + Fail("null GetInstance() failed."); + } + + try + { + AdmissionSyntax.GetInstance(new Object()); + + Fail("GetInstance() failed to detect bad object."); + } + catch (ArgumentException) + { + // expected + } + } + + private void checkConstruction( + AdmissionSyntax syntax, + GeneralName authority, + Asn1Sequence admissions) + { + checkValues(syntax, authority, admissions); + + syntax = AdmissionSyntax.GetInstance(syntax); + + checkValues(syntax, authority, admissions); + + Asn1InputStream aIn = new Asn1InputStream(syntax.ToAsn1Object().GetEncoded()); + + Asn1Sequence info = (Asn1Sequence) aIn.ReadObject(); + + syntax = AdmissionSyntax.GetInstance(info); + + checkValues(syntax, authority, admissions); + } + + private void checkValues( + AdmissionSyntax syntax, + GeneralName authority, + Asn1Sequence admissions) + { + checkMandatoryField("admissionAuthority", authority, syntax.AdmissionAuthority); + + Admissions[] adm = syntax.GetContentsOfAdmissions(); + + if (adm.Length != 1 || !adm[0].Equals(admissions[0])) + { + Fail("admissions check failed"); + } + } + + public static void Main( + string[] args) + { + RunTest(new AdmissionSyntaxUnitTest()); + } + + [Test] + public void TestFunction() + { + string resultText = Perform().ToString(); + + Assert.AreEqual(Name + ": Okay", resultText); + } + } +} diff --git a/BouncyCastle/crypto/test/src/asn1/test/AdmissionsUnitTest.cs b/BouncyCastle/crypto/test/src/asn1/test/AdmissionsUnitTest.cs new file mode 100644 index 0000000..edefeb8 --- /dev/null +++ b/BouncyCastle/crypto/test/src/asn1/test/AdmissionsUnitTest.cs @@ -0,0 +1,90 @@ +using System; + +using NUnit.Framework; + +using Org.BouncyCastle.Asn1.IsisMtt.X509; +using Org.BouncyCastle.Asn1.X500; +using Org.BouncyCastle.Asn1.X509; + +namespace Org.BouncyCastle.Asn1.Tests +{ + [TestFixture] + public class AdmissionsUnitTest + : Asn1UnitTest + { + public override string Name + { + get { return "Admissions"; } + } + + public override void PerformTest() + { + GeneralName name = new GeneralName(new X509Name("CN=hello world")); + NamingAuthority auth = new NamingAuthority(new DerObjectIdentifier("1.2.3"), "url", new DirectoryString("fred")); + Admissions admissions = new Admissions(name, auth, new ProfessionInfo[0]); + + checkConstruction(admissions, name, auth); + + admissions = Admissions.GetInstance(null); + + if (admissions != null) + { + Fail("null GetInstance() failed."); + } + + try + { + Admissions.GetInstance(new Object()); + + Fail("GetInstance() failed to detect bad object."); + } + catch (ArgumentException) + { + // expected + } + } + + private void checkConstruction( + Admissions admissions, + GeneralName name, + NamingAuthority auth) + { + checkValues(admissions, name, auth); + + admissions = Admissions.GetInstance(admissions); + + checkValues(admissions, name, auth); + + Asn1InputStream aIn = new Asn1InputStream(admissions.ToAsn1Object().GetEncoded()); + + Asn1Sequence info = (Asn1Sequence)aIn.ReadObject(); + + admissions = Admissions.GetInstance(info); + + checkValues(admissions, name, auth); + } + + private void checkValues( + Admissions admissions, + GeneralName name, + NamingAuthority auth) + { + checkMandatoryField("admissionAuthority", name, admissions.AdmissionAuthority); + checkMandatoryField("namingAuthority", auth, admissions.NamingAuthority); + } + + public static void Main( + string[] args) + { + RunTest(new AdmissionsUnitTest()); + } + + [Test] + public void TestFunction() + { + string resultText = Perform().ToString(); + + Assert.AreEqual(Name + ": Okay", resultText); + } + } +} diff --git a/BouncyCastle/crypto/test/src/asn1/test/AllTests.cs b/BouncyCastle/crypto/test/src/asn1/test/AllTests.cs new file mode 100644 index 0000000..981b5a4 --- /dev/null +++ b/BouncyCastle/crypto/test/src/asn1/test/AllTests.cs @@ -0,0 +1,32 @@ +#if !LIB +using System; + +using NUnit.Core; +using NUnit.Framework; + +namespace Org.BouncyCastle.Asn1.Tests +{ + public class AllTests + { + public static void Main(string[] args) + { + Suite.Run(new NullListener(), NUnit.Core.TestFilter.Empty); + } + + [Suite] + public static TestSuite Suite + { + get + { + TestSuite suite = new TestSuite("ASN.1 tests"); + // TODO Add these tests to RegressionTest list + suite.Add(new Asn1SequenceParserTest()); + suite.Add(new OctetStringTest()); + suite.Add(new ParseTest()); + suite.Add(new TimeTest()); + return suite; + } + } + } +} +#endif diff --git a/BouncyCastle/crypto/test/src/asn1/test/AttributeTableUnitTest.cs b/BouncyCastle/crypto/test/src/asn1/test/AttributeTableUnitTest.cs new file mode 100644 index 0000000..5dcf349 --- /dev/null +++ b/BouncyCastle/crypto/test/src/asn1/test/AttributeTableUnitTest.cs @@ -0,0 +1,151 @@ +using System; +using System.Collections; + +using NUnit.Framework; + +using Org.BouncyCastle.Asn1; +using Asn1Cms = Org.BouncyCastle.Asn1.Cms; +using Org.BouncyCastle.Utilities.Test; + +namespace Org.BouncyCastle.Asn1.Tests +{ + [TestFixture] + public class AttributeTableUnitTest + : SimpleTest + { + private static readonly DerObjectIdentifier type1 = new DerObjectIdentifier("1.1.1"); + private static readonly DerObjectIdentifier type2 = new DerObjectIdentifier("1.1.2"); + private static readonly DerObjectIdentifier type3 = new DerObjectIdentifier("1.1.3"); + + public override string Name + { + get { return "AttributeTable"; } + } + + public override void PerformTest() + { + Asn1EncodableVector v = new Asn1EncodableVector( + new Asn1Cms.Attribute(type1, new DerSet(type1)), + new Asn1Cms.Attribute(type2, new DerSet(type2))); + + Asn1Cms.AttributeTable table = new Asn1Cms.AttributeTable(v); + + Asn1Cms.Attribute a = table[type1]; + if (a == null) + { + Fail("type1 attribute not found."); + } + if (!a.AttrValues.Equals(new DerSet(type1))) + { + Fail("wrong value retrieved for type1!"); + } + + a = table[type2]; + if (a == null) + { + Fail("type2 attribute not found."); + } + if (!a.AttrValues.Equals(new DerSet(type2))) + { + Fail("wrong value retrieved for type2!"); + } + + a = table[type3]; + if (a != null) + { + Fail("type3 attribute found when none expected."); + } + + Asn1EncodableVector vec = table.GetAll(type1); + if (vec.Count != 1) + { + Fail("wrong vector size for type1."); + } + + vec = table.GetAll(type3); + if (vec.Count != 0) + { + Fail("wrong vector size for type3."); + } + + vec = table.ToAsn1EncodableVector(); + if (vec.Count != 2) + { + Fail("wrong vector size for single."); + } + + IDictionary t = table.ToDictionary(); + + if (t.Count != 2) + { + Fail("hashtable wrong size."); + } + + // multiple + + v = new Asn1EncodableVector( + new Asn1Cms.Attribute(type1, new DerSet(type1)), + new Asn1Cms.Attribute(type1, new DerSet(type2)), + new Asn1Cms.Attribute(type1, new DerSet(type3)), + new Asn1Cms.Attribute(type2, new DerSet(type2))); + + table = new Asn1Cms.AttributeTable(v); + + a = table[type1]; + if (!a.AttrValues.Equals(new DerSet(type1))) + { + Fail("wrong value retrieved for type1 multi Get!"); + } + + vec = table.GetAll(type1); + if (vec.Count != 3) + { + Fail("wrong vector size for multiple type1."); + } + + a = (Asn1Cms.Attribute)vec[0]; + if (!a.AttrValues.Equals(new DerSet(type1))) + { + Fail("wrong value retrieved for type1(0)!"); + } + + a = (Asn1Cms.Attribute)vec[1]; + if (!a.AttrValues.Equals(new DerSet(type2))) + { + Fail("wrong value retrieved for type1(1)!"); + } + + a = (Asn1Cms.Attribute)vec[2]; + if (!a.AttrValues.Equals(new DerSet(type3))) + { + Fail("wrong value retrieved for type1(2)!"); + } + + vec = table.GetAll(type2); + if (vec.Count != 1) + { + Fail("wrong vector size for multiple type2."); + } + + vec = table.ToAsn1EncodableVector(); + if (vec.Count != 4) + { + Fail("wrong vector size for multiple."); + } + } + + public static void Main( + string[] args) + { + RunTest(new AttributeTableUnitTest()); + } + + [Test] + public void TestFunction() + { + string resultText = Perform().ToString(); + + Assert.AreEqual(Name + ": Okay", resultText); + } + } +} diff --git a/BouncyCastle/crypto/test/src/asn1/test/BiometricDataUnitTest.cs b/BouncyCastle/crypto/test/src/asn1/test/BiometricDataUnitTest.cs new file mode 100644 index 0000000..a542f71 --- /dev/null +++ b/BouncyCastle/crypto/test/src/asn1/test/BiometricDataUnitTest.cs @@ -0,0 +1,133 @@ +using System; + +using NUnit.Framework; + +using Org.BouncyCastle.Asn1; +using Org.BouncyCastle.Asn1.Oiw; +using Org.BouncyCastle.Asn1.X509; +using Org.BouncyCastle.Asn1.X509.Qualified; +using Org.BouncyCastle.Utilities.Test; + +namespace Org.BouncyCastle.Asn1.Tests +{ + [TestFixture] + public class BiometricDataUnitTest + : SimpleTest + { + public override string Name + { + get { return "BiometricData"; } + } + + private byte[] GenerateHash() + { + Random rand = new Random(); + byte[] bytes = new byte[20]; + rand.NextBytes(bytes); + return bytes; + } + + public override void PerformTest() + { + TypeOfBiometricData dataType = new TypeOfBiometricData(TypeOfBiometricData.HandwrittenSignature); + AlgorithmIdentifier hashAlgorithm = new AlgorithmIdentifier(OiwObjectIdentifiers.IdSha1, DerNull.Instance); + Asn1OctetString dataHash = new DerOctetString(GenerateHash()); + BiometricData bd = new BiometricData(dataType, hashAlgorithm, dataHash); + + CheckConstruction(bd, dataType, hashAlgorithm, dataHash, null); + + DerIA5String dataUri = new DerIA5String("http://test"); + + bd = new BiometricData(dataType, hashAlgorithm, dataHash, dataUri); + + CheckConstruction(bd, dataType, hashAlgorithm, dataHash, dataUri); + + bd = BiometricData.GetInstance(null); + + if (bd != null) + { + Fail("null GetInstance() failed."); + } + + try + { + BiometricData.GetInstance(new object()); + + Fail("GetInstance() failed to detect bad object."); + } + catch (ArgumentException) + { + // expected + } + } + + private void CheckConstruction( + BiometricData bd, + TypeOfBiometricData dataType, + AlgorithmIdentifier hashAlgorithm, + Asn1OctetString dataHash, + DerIA5String dataUri) + { + CheckValues(bd, dataType, hashAlgorithm, dataHash, dataUri); + + bd = BiometricData.GetInstance(bd); + + CheckValues(bd, dataType, hashAlgorithm, dataHash, dataUri); + + Asn1Sequence seq = (Asn1Sequence) Asn1Object.FromByteArray(bd.ToAsn1Object().GetEncoded()); + + bd = BiometricData.GetInstance(seq); + + CheckValues(bd, dataType, hashAlgorithm, dataHash, dataUri); + } + + private void CheckValues( + BiometricData bd, + TypeOfBiometricData dataType, + AlgorithmIdentifier algID, + Asn1OctetString dataHash, + DerIA5String sourceDataURI) + { + if (!bd.TypeOfBiometricData.Equals(dataType)) + { + Fail("types don't match."); + } + + if (!bd.HashAlgorithm.Equals(algID)) + { + Fail("hash algorithms don't match."); + } + + if (!bd.BiometricDataHash.Equals(dataHash)) + { + Fail("hash algorithms don't match."); + } + + if (sourceDataURI != null) + { + if (!bd.SourceDataUri.Equals(sourceDataURI)) + { + Fail("data uris don't match."); + } + } + else if (bd.SourceDataUri != null) + { + Fail("data uri found when none expected."); + } + } + + public static void Main( + string[] args) + { + RunTest(new BiometricDataUnitTest()); + } + + [Test] + public void TestFunction() + { + string resultText = Perform().ToString(); + + Assert.AreEqual(Name + ": Okay", resultText); + } + } +} diff --git a/BouncyCastle/crypto/test/src/asn1/test/BitStringConstantTester.cs b/BouncyCastle/crypto/test/src/asn1/test/BitStringConstantTester.cs new file mode 100644 index 0000000..bb966d3 --- /dev/null +++ b/BouncyCastle/crypto/test/src/asn1/test/BitStringConstantTester.cs @@ -0,0 +1,25 @@ +using System; + +namespace Org.BouncyCastle.Asn1.Tests +{ + public class BitStringConstantTester + { + private static readonly int[] bits = + { + 1 << 7, 1 << 6, 1 << 5, 1 << 4, 1 << 3, 1 << 2, 1 << 1, 1 << 0, + 1 << 15, 1 << 14, 1 << 13, 1 << 12, 1 << 11, 1 << 10, 1 << 9, 1 << 8, + 1 << 23, 1 << 22, 1 << 21, 1 << 20, 1 << 19, 1 << 18, 1 << 17, 1 << 16, + 1 << 31, 1 << 30, 1 << 29, 1 << 28, 1 << 27, 1 << 26, 1 << 25, 1 << 24 + }; + + public static void testFlagValueCorrect( + int bitNo, + int value) + { + if (bits[bitNo] != value) + { + throw new ArgumentException("bit value " + bitNo + " wrong"); + } + } + } +} diff --git a/BouncyCastle/crypto/test/src/asn1/test/BitStringTest.cs b/BouncyCastle/crypto/test/src/asn1/test/BitStringTest.cs new file mode 100644 index 0000000..af893fe --- /dev/null +++ b/BouncyCastle/crypto/test/src/asn1/test/BitStringTest.cs @@ -0,0 +1,173 @@ +using System; +using System.IO; + +using NUnit.Framework; + +using Org.BouncyCastle.Asn1.X509; +using Org.BouncyCastle.Utilities; +using Org.BouncyCastle.Utilities.Encoders; +using Org.BouncyCastle.Utilities.Test; + +namespace Org.BouncyCastle.Asn1.Tests +{ + [TestFixture] + public class BitStringTest + : SimpleTest + { + private void DoTestZeroLengthStrings() + { + // basic construction + DerBitString s1 = new DerBitString(new byte[0], 0); + + // check GetBytes() + s1.GetBytes(); + + // check encoding/decoding + DerBitString derBit = (DerBitString)Asn1Object.FromByteArray(s1.GetEncoded()); + + if (!Arrays.AreEqual(s1.GetEncoded(), Hex.Decode("030100"))) + { + Fail("zero encoding wrong"); + } + + try + { + new DerBitString(null, 1); + Fail("exception not thrown"); + } + catch (ArgumentNullException) + { + } + + try + { + new DerBitString(new byte[0], 1); + Fail("exception not thrown"); + } + catch (ArgumentException) + { + } + + try + { + new DerBitString(new byte[1], 8); + Fail("exception not thrown"); + } + catch (ArgumentException) + { + } + + DerBitString s2 = new DerBitString(0); + if (!Arrays.AreEqual(s1.GetEncoded(), s2.GetEncoded())) + { + Fail("zero encoding wrong"); + } + } + + private void DoTestRandomPadBits() + { + byte[] test = Hex.Decode("030206c0"); + + byte[] test1 = Hex.Decode("030206f0"); + byte[] test2 = Hex.Decode("030206c1"); + byte[] test3 = Hex.Decode("030206c7"); + byte[] test4 = Hex.Decode("030206d1"); + + EncodingCheck(test, test1); + EncodingCheck(test, test2); + EncodingCheck(test, test3); + EncodingCheck(test, test4); + } + + private void EncodingCheck(byte[] derData, byte[] dlData) + { + if (Arrays.AreEqual(derData, Asn1Object.FromByteArray(dlData).GetEncoded())) + { + Fail("failed DL check"); + } + DerBitString dl = DerBitString.GetInstance(dlData); + + IsTrue("DL test failed", dl is DLBitString); + if (!Arrays.AreEqual(derData, Asn1Object.FromByteArray(dlData).GetDerEncoded())) + { + Fail("failed DER check"); + } + try + { + // GetInstance should work for "an object that can be converted into [a DerBitString]". + DerBitString.GetInstance(dlData); + } + catch (ArgumentException) + { + Fail("failed DL encoding conversion"); + } + DerBitString der = DerBitString.GetInstance(derData); + IsTrue("DER test failed", typeof(DerBitString) == der.GetType()); + } + + public override void PerformTest() + { + KeyUsage k = new KeyUsage(KeyUsage.DigitalSignature); + if ((k.GetBytes()[0] != (byte)KeyUsage.DigitalSignature) || (k.PadBits != 7)) + { + Fail("failed digitalSignature"); + } + + k = new KeyUsage(KeyUsage.NonRepudiation); + if ((k.GetBytes()[0] != (byte)KeyUsage.NonRepudiation) || (k.PadBits != 6)) + { + Fail("failed nonRepudiation"); + } + + k = new KeyUsage(KeyUsage.KeyEncipherment); + if ((k.GetBytes()[0] != (byte)KeyUsage.KeyEncipherment) || (k.PadBits != 5)) + { + Fail("failed keyEncipherment"); + } + + k = new KeyUsage(KeyUsage.CrlSign); + if ((k.GetBytes()[0] != (byte)KeyUsage.CrlSign) || (k.PadBits != 1)) + { + Fail("failed cRLSign"); + } + + k = new KeyUsage(KeyUsage.DecipherOnly); + if ((k.GetBytes()[1] != (byte)(KeyUsage.DecipherOnly >> 8)) || (k.PadBits != 7)) + { + Fail("failed decipherOnly"); + } + + // test for zero length bit string + try + { + Asn1Object.FromByteArray(new DerBitString(new byte[0], 0).GetEncoded()); + } + catch (IOException e) + { + Fail(e.ToString()); + } + + DoTestRandomPadBits(); + DoTestZeroLengthStrings(); + } + + public override string Name + { + get { return "BitString"; } + } + + public static void Main( + string[] args) + { + RunTest(new BitStringTest()); + } + + [Test] + public void TestFunction() + { + string resultText = Perform().ToString(); + + Assert.AreEqual(Name + ": Okay", resultText); + } + } +} diff --git a/BouncyCastle/crypto/test/src/asn1/test/CMSTest.cs b/BouncyCastle/crypto/test/src/asn1/test/CMSTest.cs new file mode 100644 index 0000000..9930830 --- /dev/null +++ b/BouncyCastle/crypto/test/src/asn1/test/CMSTest.cs @@ -0,0 +1,316 @@ +using System; +using System.IO; + +using NUnit.Framework; + +using Org.BouncyCastle.Asn1.Cms; +using Org.BouncyCastle.Utilities; +using Org.BouncyCastle.Utilities.Encoders; +using Org.BouncyCastle.Utilities.IO; +using Org.BouncyCastle.Utilities.Test; + +namespace Org.BouncyCastle.Asn1.Tests +{ + [TestFixture] + public class CmsTest + : ITest + { + // + // compressed data object + // + private static readonly byte[] OrigCompData = Base64.Decode( + "MIAGCyqGSIb3DQEJEAEJoIAwgAIBADANBgsqhkiG9w0BCRADCDCABgkqhkiG9w0BBwGggCSABIIC" + + "Hnic7ZRdb9owFIbvK/k/5PqVYPFXGK12YYyboVFASSp1vQtZGiLRACZE49/XHoUW7S/0tXP8Efux" + + "fU5ivWnasml72XFb3gb5druui7ytN803M570nii7C5r8tfwR281hy/p/KSM3+jzH5s3+pbQ90xSb" + + "P3VT3QbLusnt8WPIuN5vN/vaA2+DulnXTXkXvNTr8j8ouZmkCmGI/UW+ZS/C8zP0bz2dz0zwLt+1" + + "UEk2M8mlaxjRMByAhZTj0RGYg4TvogiRASROsZgjpVcJCb1KV6QzQeDJ1XkoQ5Jm+C5PbOHZZGRi" + + "v+ORAcshOGeCcdFJyfgFxdtCdEcmOrbinc/+BBMzRThEYpwl+jEBpciSGWQkI0TSlREmD/eOHb2D" + + "SGLuESm/iKUFt1y4XHBO2a5oq0IKJKWLS9kUZTA7vC5LSxYmgVL46SIWxIfWBQd6AdrnjLmH94UT" + + "vGxVibLqRCtIpp4g2qpdtqK1LiOeolpVK5wVQ5P7+QjZAlrh0cePYTx/gNZuB9Vhndtgujl9T/tg" + + "W9ogK+3rnmg3YWygnTuF5GDS+Q/jIVLnCcYZFc6Kk/+c80wKwZjwdZIqDYWRH68MuBQSXLgXYXj2" + + "3CAaYOBNJMliTl0X7eV5DnoKIFSKYdj3cRpD/cK/JWTHJRe76MUXnfBW8m7Hd5zhQ4ri2NrVF/WL" + + "+kV1/3AGSlJ32bFPd2BsQD8uSzIx6lObkjdz95c0AAAAAAAAAAAAAAAA"); + + // + // enveloped data + // + private static readonly byte[] envDataKeyTrns = Base64.Decode( + "MIAGCSqGSIb3DQEHA6CAMIACAQAxgcQwgcECAQAwKjAlMRYwFAYDVQQKEw1Cb3Vu" + + "Y3kgQ2FzdGxlMQswCQYDVQQGEwJBVQIBCjANBgkqhkiG9w0BAQEFAASBgC5vdGrB" + + "itQSGwifLf3KwPILjaB4WEXgT/IIO1KDzrsbItCJsMA0Smq2y0zptxT0pSRL6JRg" + + "NMxLk1ySnrIrvGiEPLMR1zjxlT8yQ6VLX+kEoK43ztd1aaLw0oBfrcXcLN7BEpZ1" + + "TIdjlBfXIOx1S88WY1MiYqJJFc3LMwRUaTEDMIAGCSqGSIb3DQEHATAdBglghkgB" + + "ZQMEARYEEAfxLMWeaBOTTZQwUq0Y5FuggAQgwOJhL04rjSZCBCSOv5i5XpFfGsOd" + + "YSHSqwntGpFqCx4AAAAAAAAAAAAA"); + + private static readonly byte[] envDataKEK = Base64.Decode( + "MIAGCSqGSIb3DQEHA6CAMIACAQIxUqJQAgEEMAcEBQECAwQFMBAGCyqGSIb3DQEJE" + + "AMHAgE6BDC7G/HyUPilIrin2Yeajqmj795VoLWETRnZAAFcAiQdoQWyz+oCh6WY/H" + + "jHHi+0y+cwgAYJKoZIhvcNAQcBMBQGCCqGSIb3DQMHBAiY3eDBBbF6naCABBiNdzJb" + + "/v6+UZB3XXKipxFDUpz9GyjzB+gAAAAAAAAAAAAA"); + + private static readonly byte[] envDataNestedNDEF = Base64.Decode( + "MIAGCSqGSIb3DQEHA6CAMIACAQAxge8wgewCAQAwgZUwgY8xKDAmBgNVBAoMH1RoZSBMZWdpb24g" + + "b2YgdGhlIEJvdW5jeSBDYXN0bGUxLzAtBgkqhkiG9w0BCQEWIGZlZWRiYWNrLWNyeXB0b0Bib3Vu" + + "Y3ljYXN0bGUub3JnMREwDwYDVQQIDAhWaWN0b3JpYTESMBAGA1UEBwwJTWVsYm91cm5lMQswCQYD" + + "VQQGEwJBVQIBATANBgkqhkiG9w0BAQEFAARABIXMd8xiTyWDKO/LQfvdGYTPW3I9oSQWwtm4OIaN" + + "VINpfY2lfwTvbmE6VXiLKeALC0dMBV8z7DEM9hE0HVmvLDCABgkqhkiG9w0BBwEwHQYJYIZIAWUD" + + "BAECBBB32ko6WrVxDTqwUYEpV6IUoIAEggKgS6RowrhNlmWWI13zxD/lryxkZ5oWXPUfNiUxYX/P" + + "r5iscW3s8VKJKUpJ4W5SNA7JGL4l/5LmSnJ4Qu/xzxcoH4r4vmt75EDE9p2Ob2Xi1NuSFAZubJFc" + + "Zlnp4e05UHKikmoaz0PbiAi277sLQlK2FcVsntTYVT00y8+IwuuQu0ATVqkXC+VhfjV/sK6vQZnw" + + "2rQKedZhLB7B4dUkmxCujb/UAq4lgSpLMXg2P6wMimTczXyQxRiZxPeI4ByCENjkafXbfcJft2eD" + + "gv1DEDdYM5WrW9Z75b4lmJiOJ/xxDniHCvum7KGXzpK1d1mqTlpzPC2xoz08/MO4lRf5Mb0bYdq6" + + "CjMaYqVwGsYryp/2ayX+d8H+JphEG+V9Eg8uPcDoibwhDI4KkoyGHstPw5bxcy7vVFt7LXUdNjJc" + + "K1wxaUKEXDGKt9Vj93FnBTLMX0Pc9HpueV5o1ipX34dn/P3HZB9XK8ScbrE38B1VnIgylStnhVFO" + + "Cj9s7qSVqI2L+xYHJRHsxaMumIRnmRuOqdXDfIo28EZAnFtQ/b9BziMGVvAW5+A8h8s2oazhSmK2" + + "23ftV7uv98ScgE8fCd3PwT1kKJM83ThTYyBzokvMfPYCCvsonMV+kTWXhWcwjYTS4ukrpR452ZdW" + + "l3aJqDnzobt5FK4T8OGciOj+1PxYFZyRmCuafm2Dx6o7Et2Tu/T5HYvhdY9jHyqtDl2PXH4CTnVi" + + "gA1YOAArjPVmsZVwAM3Ml46uyXXhcsXwQ1X0Tv4D+PSa/id4UQ2cObOw8Cj1eW2GB8iJIZVqkZaU" + + "XBexqgWYOIoxjqODSeoZKiBsTK3c+oOUBqBDueY1i55swE2o6dDt95FluX6iyr/q4w2wLt3upY1J" + + "YL+TuvZxAKviuAczMS1bAAAAAAAAAAAAAA=="); + + // + // signed data + // + private static readonly byte[] OrigSignedData = Base64.Decode( + "MIAGCSqGSIb3DQEHAqCAMIACAQExCzAJBgUrDgMCGgUAMIAGCSqGSIb3DQEHAaCA" + + "JIAEDEhlbGxvIFdvcmxkIQAAAAAAAKCCBGIwggINMIIBdqADAgECAgEBMA0GCSqG" + + "SIb3DQEBBAUAMCUxFjAUBgNVBAoTDUJvdW5jeSBDYXN0bGUxCzAJBgNVBAYTAkFV" + + "MB4XDTA0MTAyNDA0MzA1OFoXDTA1MDIwMTA0MzA1OFowJTEWMBQGA1UEChMNQm91" + + "bmN5IENhc3RsZTELMAkGA1UEBhMCQVUwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJ" + + "AoGBAJj3OAshAOgDmPcYZ1jdNSuhOHRH9VhC/PG17FdiInVGc2ulJhEifEQga/uq" + + "ZCpSd1nHsJUZKm9k1bVneWzC0941i9Znfxgb2jnXXsa5kwB2KEVESrOWsRjSRtnY" + + "iLgqBG0rzpaMn5A5ntu7N0406EesBhe19cjZAageEHGZDbufAgMBAAGjTTBLMB0G" + + "A1UdDgQWBBR/iHNKOo6f4ByWFFywRNZ65XSr1jAfBgNVHSMEGDAWgBR/iHNKOo6f" + + "4ByWFFywRNZ65XSr1jAJBgNVHRMEAjAAMA0GCSqGSIb3DQEBBAUAA4GBAFMJJ7QO" + + "pHo30bnlQ4Ny3PCnK+Se+Gw3TpaYGp84+a8fGD9Dme78G6NEsgvpFGTyoLxvJ4CB" + + "84Kzys+1p2HdXzoZiyXAer5S4IwptE3TxxFwKyj28cRrM6dK47DDyXUkV0qwBAMN" + + "luwnk/no4K7ilzN2MZk5l7wXyNa9yJ6CHW6dMIICTTCCAbagAwIBAgIBAjANBgkq" + + "hkiG9w0BAQQFADAlMRYwFAYDVQQKEw1Cb3VuY3kgQ2FzdGxlMQswCQYDVQQGEwJB" + + "VTAeFw0wNDEwMjQwNDMwNTlaFw0wNTAyMDEwNDMwNTlaMGUxGDAWBgNVBAMTD0Vy" + + "aWMgSC4gRWNoaWRuYTEkMCIGCSqGSIb3DQEJARYVZXJpY0Bib3VuY3ljYXN0bGUu" + + "b3JnMRYwFAYDVQQKEw1Cb3VuY3kgQ2FzdGxlMQswCQYDVQQGEwJBVTCBnzANBgkq" + + "hkiG9w0BAQEFAAOBjQAwgYkCgYEAm+5CnGU6W45iUpCsaGkn5gDruZv3j/o7N6ag" + + "mRZhikaLG2JF6ECaX13iioVJfmzBsPKxAACWwuTXCoSSXG8viK/qpSHwJpfQHYEh" + + "tcC0CxIqlnltv3KQAGwh/PdwpSPvSNnkQBGvtFq++9gnXDBbynfP8b2L2Eis0X9U" + + "2y6gFiMCAwEAAaNNMEswHQYDVR0OBBYEFEAmOksnF66FoQm6IQBVN66vJo1TMB8G" + + "A1UdIwQYMBaAFH+Ic0o6jp/gHJYUXLBE1nrldKvWMAkGA1UdEwQCMAAwDQYJKoZI" + + "hvcNAQEEBQADgYEAEeIjvNkKMPU/ZYCu1TqjGZPEqi+glntg2hC/CF0oGyHFpMuG" + + "tMepF3puW+uzKM1s61ar3ahidp3XFhr/GEU/XxK24AolI3yFgxP8PRgUWmQizTQX" + + "pWUmhlsBe1uIKVEfNAzCgtYfJQ8HJIKsUCcdWeCKVKs4jRionsek1rozkPExggEv" + + "MIIBKwIBATAqMCUxFjAUBgNVBAoTDUJvdW5jeSBDYXN0bGUxCzAJBgNVBAYTAkFV" + + "AgECMAkGBSsOAwIaBQCgXTAYBgkqhkiG9w0BCQMxCwYJKoZIhvcNAQcBMBwGCSqG" + + "SIb3DQEJBTEPFw0wNDEwMjQwNDMwNTlaMCMGCSqGSIb3DQEJBDEWBBQu973mCM5U" + + "BOl9XwQvlfifHCMocTANBgkqhkiG9w0BAQEFAASBgGHbe3/jcZu6b/erRhc3PEji" + + "MUO8mEIRiNYBr5/vFNhkry8TrGfOpI45m7gu1MS0/vdas7ykvidl/sNZfO0GphEI" + + "UaIjMRT3U6yuTWF4aLpatJbbRsIepJO/B2kdIAbV5SCbZgVDJIPOR2qnruHN2wLF" + + "a+fEv4J8wQ8Xwvk0C8iMAAAAAAAA"); + + private static void Touch(object o) + { + } + + private ITestResult CompressionTest() + { + try + { + byte[] compData1 = ImplCompressionTest(OrigCompData); + byte[] compData2 = ImplCompressionTest(compData1); + + if (!Arrays.AreEqual(compData1, compData2)) + { + return new SimpleTestResult(false, Name + ": CMS compression failed to re-encode"); + } + + return new SimpleTestResult(true, Name + ": Okay"); + } + catch (Exception e) + { + return new SimpleTestResult(false, Name + ": CMS compression failed - " + e.ToString(), e); + } + } + + private byte[] ImplCompressionTest(byte[] compData) + { + ContentInfo info = ContentInfo.GetInstance(Asn1Object.FromByteArray(compData)); + CompressedData data = CompressedData.GetInstance(info.Content); + data = new CompressedData(data.CompressionAlgorithmIdentifier, data.EncapContentInfo); + info = new ContentInfo(CmsObjectIdentifiers.CompressedData, data); + return info.GetEncoded(); + } + + private ITestResult EnvelopedTest() + { + try + { + // Key trans + ContentInfo info = ContentInfo.GetInstance( + Asn1Object.FromByteArray(envDataKeyTrns)); + EnvelopedData envData = EnvelopedData.GetInstance(info.Content); + Asn1Set s = envData.RecipientInfos; + + if (s.Count != 1) + { + return new SimpleTestResult(false, Name + ": CMS KeyTrans enveloped, wrong number of recipients"); + } + + RecipientInfo recip = RecipientInfo.GetInstance(s[0]); + + if (recip.Info is KeyTransRecipientInfo) + { + KeyTransRecipientInfo inf = KeyTransRecipientInfo.GetInstance(recip.Info); + + inf = new KeyTransRecipientInfo(inf.RecipientIdentifier, inf.KeyEncryptionAlgorithm, inf.EncryptedKey); + + s = new DerSet(new RecipientInfo(inf)); + } + else + { + return new SimpleTestResult(false, Name + ": CMS KeyTrans enveloped, wrong recipient type"); + } + + envData = new EnvelopedData(envData.OriginatorInfo, s, envData.EncryptedContentInfo, envData.UnprotectedAttrs); + info = new ContentInfo(CmsObjectIdentifiers.EnvelopedData, envData); + + if (!Arrays.AreEqual(info.GetEncoded(), envDataKeyTrns)) + { + return new SimpleTestResult(false, Name + ": CMS KeyTrans enveloped failed to re-encode"); + } + + + // KEK + info = ContentInfo.GetInstance( + Asn1Object.FromByteArray(envDataKEK)); + envData = EnvelopedData.GetInstance(info.Content); + s = envData.RecipientInfos; + + if (s.Count != 1) + { + return new SimpleTestResult(false, Name + ": CMS KEK enveloped, wrong number of recipients"); + } + + recip = RecipientInfo.GetInstance(s[0]); + + if (recip.Info is KekRecipientInfo) + { + KekRecipientInfo inf = KekRecipientInfo.GetInstance(recip.Info); + + inf = new KekRecipientInfo(inf.KekID, inf.KeyEncryptionAlgorithm, inf.EncryptedKey); + + s = new DerSet(new RecipientInfo(inf)); + } + else + { + return new SimpleTestResult(false, Name + ": CMS KEK enveloped, wrong recipient type"); + } + + envData = new EnvelopedData(envData.OriginatorInfo, s, envData.EncryptedContentInfo, envData.UnprotectedAttrs); + info = new ContentInfo(CmsObjectIdentifiers.EnvelopedData, envData); + + if (!Arrays.AreEqual(info.GetEncoded(), envDataKEK)) + { + return new SimpleTestResult(false, Name + ": CMS KEK enveloped failed to re-encode"); + } + + // Nested NDEF problem + Asn1StreamParser asn1In = new Asn1StreamParser(new MemoryStream(envDataNestedNDEF, false)); + ContentInfoParser ci = new ContentInfoParser((Asn1SequenceParser)asn1In.ReadObject()); + EnvelopedDataParser ed = new EnvelopedDataParser((Asn1SequenceParser)ci + .GetContent(Asn1Tags.Sequence)); + Touch(ed.Version); + ed.GetOriginatorInfo(); + ed.GetRecipientInfos().ToAsn1Object(); + EncryptedContentInfoParser eci = ed.GetEncryptedContentInfo(); + Touch(eci.ContentType); + Touch(eci.ContentEncryptionAlgorithm); + + Stream dataIn = ((Asn1OctetStringParser)eci.GetEncryptedContent(Asn1Tags.OctetString)) + .GetOctetStream(); + Streams.Drain(dataIn); + dataIn.Close(); + + // Test data doesn't have unprotected attrs, bug was being thrown by this call + Asn1SetParser upa = ed.GetUnprotectedAttrs(); + if (upa != null) + { + upa.ToAsn1Object(); + } + + return new SimpleTestResult(true, Name + ": Okay"); + } + catch (Exception e) + { + return new SimpleTestResult(false, Name + ": CMS enveloped failed - " + e.ToString(), e); + } + } + + private ITestResult SignedTest() + { + try + { + byte[] signedData1 = ImplSignedTest(OrigSignedData); + byte[] signedData2 = ImplSignedTest(signedData1); + + if (!Arrays.AreEqual(signedData1, signedData2)) + { + return new SimpleTestResult(false, Name + ": CMS signed failed to re-encode"); + } + + return new SimpleTestResult(true, Name + ": Okay"); + } + catch (Exception e) + { + return new SimpleTestResult(false, Name + ": CMS signed failed - " + e.ToString(), e); + } + } + + private byte[] ImplSignedTest(byte[] signedData) + { + ContentInfo info = ContentInfo.GetInstance(Asn1Object.FromByteArray(signedData)); + SignedData sData = SignedData.GetInstance(info.Content); + sData = new SignedData(sData.DigestAlgorithms, sData.EncapContentInfo, sData.Certificates, sData.CRLs, sData.SignerInfos); + info = new ContentInfo(CmsObjectIdentifiers.SignedData, sData); + return info.GetEncoded(); + } + + public ITestResult Perform() + { + ITestResult res = CompressionTest(); + + if (!res.IsSuccessful()) + { + return res; + } + + res = EnvelopedTest(); + if (!res.IsSuccessful()) + { + return res; + } + + return SignedTest(); + } + + public string Name + { + get { return "CMS"; } + } + + public static void Main( + string[] args) + { + ITest test = new CmsTest(); + ITestResult result = test.Perform(); + + Console.WriteLine(result); + } + + [Test] + public void TestFunction() + { + string resultText = Perform().ToString(); + + Assert.AreEqual(Name + ": Okay", resultText); + } + } +} diff --git a/BouncyCastle/crypto/test/src/asn1/test/CertHashUnitTest.cs b/BouncyCastle/crypto/test/src/asn1/test/CertHashUnitTest.cs new file mode 100644 index 0000000..1e271a9 --- /dev/null +++ b/BouncyCastle/crypto/test/src/asn1/test/CertHashUnitTest.cs @@ -0,0 +1,93 @@ +using System; + +using NUnit.Framework; + +using Org.BouncyCastle.Asn1.IsisMtt.Ocsp; +using Org.BouncyCastle.Asn1.IsisMtt.X509; +using Org.BouncyCastle.Asn1.X500; +using Org.BouncyCastle.Asn1.X509; + +namespace Org.BouncyCastle.Asn1.Tests +{ + [TestFixture] + public class CertHashUnitTest + : Asn1UnitTest + { + public override string Name + { + get { return "CertHash"; } + } + + public override void PerformTest() + { + AlgorithmIdentifier algId = new AlgorithmIdentifier(new DerObjectIdentifier("1.2.2.3")); + byte[] digest = new byte[20]; + + CertHash certID = new CertHash(algId, digest); + + checkConstruction(certID, algId, digest); + + certID = CertHash.GetInstance(null); + + if (certID != null) + { + Fail("null GetInstance() failed."); + } + + try + { + CertHash.GetInstance(new Object()); + + Fail("GetInstance() failed to detect bad object."); + } + catch (ArgumentException) + { + // expected + } + } + + private void checkConstruction( + CertHash certHash, + AlgorithmIdentifier algId, + byte[] digest) + { + checkValues(certHash, algId, digest); + + certHash = CertHash.GetInstance(certHash); + + checkValues(certHash, algId, digest); + + Asn1InputStream aIn = new Asn1InputStream(certHash.ToAsn1Object().GetEncoded()); + + Asn1Sequence seq = (Asn1Sequence) aIn.ReadObject(); + + certHash = CertHash.GetInstance(seq); + + checkValues(certHash, algId, digest); + } + + private void checkValues( + CertHash certHash, + AlgorithmIdentifier algId, + byte[] digest) + { + checkMandatoryField("algorithmHash", algId, certHash.HashAlgorithm); + + checkMandatoryField("certificateHash", digest, certHash.CertificateHash); + } + + public static void Main( + string[] args) + { + RunTest(new CertHashUnitTest()); + } + + [Test] + public void TestFunction() + { + string resultText = Perform().ToString(); + + Assert.AreEqual(Name + ": Okay", resultText); + } + } +} diff --git a/BouncyCastle/crypto/test/src/asn1/test/CertificateTest.cs b/BouncyCastle/crypto/test/src/asn1/test/CertificateTest.cs new file mode 100644 index 0000000..6163261 --- /dev/null +++ b/BouncyCastle/crypto/test/src/asn1/test/CertificateTest.cs @@ -0,0 +1,539 @@ +using System; + +using NUnit.Framework; + +using Org.BouncyCastle.Asn1.Utilities; +using Org.BouncyCastle.Asn1.X509; +using Org.BouncyCastle.Utilities.Encoders; +using Org.BouncyCastle.Utilities.Test; + +namespace Org.BouncyCastle.Asn1.Tests +{ + [TestFixture] + public class CertificateTest + : SimpleTest + { + // + // server.crt + // + private static readonly byte[] cert1 = Base64.Decode( + "MIIDXjCCAsegAwIBAgIBBzANBgkqhkiG9w0BAQQFADCBtzELMAkGA1UEBhMCQVUx" + + "ETAPBgNVBAgTCFZpY3RvcmlhMRgwFgYDVQQHEw9Tb3V0aCBNZWxib3VybmUxGjAY" + + "BgNVBAoTEUNvbm5lY3QgNCBQdHkgTHRkMR4wHAYDVQQLExVDZXJ0aWZpY2F0ZSBB" + + "dXRob3JpdHkxFTATBgNVBAMTDENvbm5lY3QgNCBDQTEoMCYGCSqGSIb3DQEJARYZ" + + "d2VibWFzdGVyQGNvbm5lY3Q0LmNvbS5hdTAeFw0wMDA2MDIwNzU2MjFaFw0wMTA2" + + "MDIwNzU2MjFaMIG4MQswCQYDVQQGEwJBVTERMA8GA1UECBMIVmljdG9yaWExGDAW" + + "BgNVBAcTD1NvdXRoIE1lbGJvdXJuZTEaMBgGA1UEChMRQ29ubmVjdCA0IFB0eSBM" + + "dGQxFzAVBgNVBAsTDldlYnNlcnZlciBUZWFtMR0wGwYDVQQDExR3d3cyLmNvbm5l" + + "Y3Q0LmNvbS5hdTEoMCYGCSqGSIb3DQEJARYZd2VibWFzdGVyQGNvbm5lY3Q0LmNv" + + "bS5hdTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEArvDxclKAhyv7Q/Wmr2re" + + "Gw4XL9Cnh9e+6VgWy2AWNy/MVeXdlxzd7QAuc1eOWQkGQEiLPy5XQtTY+sBUJ3AO" + + "Rvd2fEVJIcjf29ey7bYua9J/vz5MG2KYo9/WCHIwqD9mmG9g0xLcfwq/s8ZJBswE" + + "7sb85VU+h94PTvsWOsWuKaECAwEAAaN3MHUwJAYDVR0RBB0wG4EZd2VibWFzdGVy" + + "QGNvbm5lY3Q0LmNvbS5hdTA6BglghkgBhvhCAQ0ELRYrbW9kX3NzbCBnZW5lcmF0" + + "ZWQgY3VzdG9tIHNlcnZlciBjZXJ0aWZpY2F0ZTARBglghkgBhvhCAQEEBAMCBkAw" + + "DQYJKoZIhvcNAQEEBQADgYEAotccfKpwSsIxM1Hae8DR7M/Rw8dg/RqOWx45HNVL" + + "iBS4/3N/TO195yeQKbfmzbAA2jbPVvIvGgTxPgO1MP4ZgvgRhasaa0qCJCkWvpM4" + + "yQf33vOiYQbpv4rTwzU8AmRlBG45WdjyNIigGV+oRc61aKCTnLq7zB8N3z1TF/bF" + + "5/8="); + + // + // ca.crt + // + private static readonly byte[] cert2 = Base64.Decode( + "MIIDbDCCAtWgAwIBAgIBADANBgkqhkiG9w0BAQQFADCBtzELMAkGA1UEBhMCQVUx" + + "ETAPBgNVBAgTCFZpY3RvcmlhMRgwFgYDVQQHEw9Tb3V0aCBNZWxib3VybmUxGjAY" + + "BgNVBAoTEUNvbm5lY3QgNCBQdHkgTHRkMR4wHAYDVQQLExVDZXJ0aWZpY2F0ZSBB" + + "dXRob3JpdHkxFTATBgNVBAMTDENvbm5lY3QgNCBDQTEoMCYGCSqGSIb3DQEJARYZ" + + "d2VibWFzdGVyQGNvbm5lY3Q0LmNvbS5hdTAeFw0wMDA2MDIwNzU1MzNaFw0wMTA2" + + "MDIwNzU1MzNaMIG3MQswCQYDVQQGEwJBVTERMA8GA1UECBMIVmljdG9yaWExGDAW" + + "BgNVBAcTD1NvdXRoIE1lbGJvdXJuZTEaMBgGA1UEChMRQ29ubmVjdCA0IFB0eSBM" + + "dGQxHjAcBgNVBAsTFUNlcnRpZmljYXRlIEF1dGhvcml0eTEVMBMGA1UEAxMMQ29u" + + "bmVjdCA0IENBMSgwJgYJKoZIhvcNAQkBFhl3ZWJtYXN0ZXJAY29ubmVjdDQuY29t" + + "LmF1MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDgs5ptNG6Qv1ZpCDuUNGmv" + + "rhjqMDPd3ri8JzZNRiiFlBA4e6/ReaO1U8ASewDeQMH6i9R6degFdQRLngbuJP0s" + + "xcEE+SksEWNvygfzLwV9J/q+TQDyJYK52utb++lS0b48A1KPLwEsyL6kOAgelbur" + + "ukwxowprKUIV7Knf1ajetQIDAQABo4GFMIGCMCQGA1UdEQQdMBuBGXdlYm1hc3Rl" + + "ckBjb25uZWN0NC5jb20uYXUwDwYDVR0TBAgwBgEB/wIBADA2BglghkgBhvhCAQ0E" + + "KRYnbW9kX3NzbCBnZW5lcmF0ZWQgY3VzdG9tIENBIGNlcnRpZmljYXRlMBEGCWCG" + + "SAGG+EIBAQQEAwICBDANBgkqhkiG9w0BAQQFAAOBgQCsGvfdghH8pPhlwm1r3pQk" + + "msnLAVIBb01EhbXm2861iXZfWqGQjrGAaA0ZpXNk9oo110yxoqEoSJSzniZa7Xtz" + + "soTwNUpE0SLHvWf/SlKdFWlzXA+vOZbzEv4UmjeelekTm7lc01EEa5QRVzOxHFtQ" + + "DhkaJ8VqOMajkQFma2r9iA=="); + + // + // testx509.pem + // + private static readonly byte[] cert3 = Base64.Decode( + "MIIBWzCCAQYCARgwDQYJKoZIhvcNAQEEBQAwODELMAkGA1UEBhMCQVUxDDAKBgNV" + + "BAgTA1FMRDEbMBkGA1UEAxMSU1NMZWF5L3JzYSB0ZXN0IENBMB4XDTk1MDYxOTIz" + + "MzMxMloXDTk1MDcxNzIzMzMxMlowOjELMAkGA1UEBhMCQVUxDDAKBgNVBAgTA1FM" + + "RDEdMBsGA1UEAxMUU1NMZWF5L3JzYSB0ZXN0IGNlcnQwXDANBgkqhkiG9w0BAQEF" + + "AANLADBIAkEAqtt6qS5GTxVxGZYWa0/4u+IwHf7p2LNZbcPBp9/OfIcYAXBQn8hO" + + "/Re1uwLKXdCjIoaGs4DLdG88rkzfyK5dPQIDAQABMAwGCCqGSIb3DQIFBQADQQAE" + + "Wc7EcF8po2/ZO6kNCwK/ICH6DobgLekA5lSLr5EvuioZniZp5lFzAw4+YzPQ7XKJ" + + "zl9HYIMxATFyqSiD9jsx"); + + // + // v3-cert1.pem + // + private static readonly byte[] cert4 = Base64.Decode( + "MIICjTCCAfigAwIBAgIEMaYgRzALBgkqhkiG9w0BAQQwRTELMAkGA1UEBhMCVVMx" + + "NjA0BgNVBAoTLU5hdGlvbmFsIEFlcm9uYXV0aWNzIGFuZCBTcGFjZSBBZG1pbmlz" + + "dHJhdGlvbjAmFxE5NjA1MjgxMzQ5MDUrMDgwMBcROTgwNTI4MTM0OTA1KzA4MDAw" + + "ZzELMAkGA1UEBhMCVVMxNjA0BgNVBAoTLU5hdGlvbmFsIEFlcm9uYXV0aWNzIGFu" + + "ZCBTcGFjZSBBZG1pbmlzdHJhdGlvbjEgMAkGA1UEBRMCMTYwEwYDVQQDEwxTdGV2" + + "ZSBTY2hvY2gwWDALBgkqhkiG9w0BAQEDSQAwRgJBALrAwyYdgxmzNP/ts0Uyf6Bp" + + "miJYktU/w4NG67ULaN4B5CnEz7k57s9o3YY3LecETgQ5iQHmkwlYDTL2fTgVfw0C" + + "AQOjgaswgagwZAYDVR0ZAQH/BFowWDBWMFQxCzAJBgNVBAYTAlVTMTYwNAYDVQQK" + + "Ey1OYXRpb25hbCBBZXJvbmF1dGljcyBhbmQgU3BhY2UgQWRtaW5pc3RyYXRpb24x" + + "DTALBgNVBAMTBENSTDEwFwYDVR0BAQH/BA0wC4AJODMyOTcwODEwMBgGA1UdAgQR" + + "MA8ECTgzMjk3MDgyM4ACBSAwDQYDVR0KBAYwBAMCBkAwCwYJKoZIhvcNAQEEA4GB" + + "AH2y1VCEw/A4zaXzSYZJTTUi3uawbbFiS2yxHvgf28+8Js0OHXk1H1w2d6qOHH21" + + "X82tZXd/0JtG0g1T9usFFBDvYK8O0ebgz/P5ELJnBL2+atObEuJy1ZZ0pBDWINR3" + + "WkDNLCGiTkCKp0F5EWIrVDwh54NNevkCQRZita+z4IBO"); + + // + // v3-cert2.pem + // + private static readonly byte[] cert5 = Base64.Decode( + "MIICiTCCAfKgAwIBAgIEMeZfHzANBgkqhkiG9w0BAQQFADB9MQswCQYDVQQGEwJD" + + "YTEPMA0GA1UEBxMGTmVwZWFuMR4wHAYDVQQLExVObyBMaWFiaWxpdHkgQWNjZXB0" + + "ZWQxHzAdBgNVBAoTFkZvciBEZW1vIFB1cnBvc2VzIE9ubHkxHDAaBgNVBAMTE0Vu" + + "dHJ1c3QgRGVtbyBXZWIgQ0EwHhcNOTYwNzEyMTQyMDE1WhcNOTYxMDEyMTQyMDE1" + + "WjB0MSQwIgYJKoZIhvcNAQkBExVjb29rZUBpc3NsLmF0bC5ocC5jb20xCzAJBgNV" + + "BAYTAlVTMScwJQYDVQQLEx5IZXdsZXR0IFBhY2thcmQgQ29tcGFueSAoSVNTTCkx" + + "FjAUBgNVBAMTDVBhdWwgQS4gQ29va2UwXDANBgkqhkiG9w0BAQEFAANLADBIAkEA" + + "6ceSq9a9AU6g+zBwaL/yVmW1/9EE8s5you1mgjHnj0wAILuoB3L6rm6jmFRy7QZT" + + "G43IhVZdDua4e+5/n1ZslwIDAQABo2MwYTARBglghkgBhvhCAQEEBAMCB4AwTAYJ" + + "YIZIAYb4QgENBD8WPVRoaXMgY2VydGlmaWNhdGUgaXMgb25seSBpbnRlbmRlZCBm" + + "b3IgZGVtb25zdHJhdGlvbiBwdXJwb3Nlcy4wDQYJKoZIhvcNAQEEBQADgYEAi8qc" + + "F3zfFqy1sV8NhjwLVwOKuSfhR/Z8mbIEUeSTlnH3QbYt3HWZQ+vXI8mvtZoBc2Fz" + + "lexKeIkAZXCesqGbs6z6nCt16P6tmdfbZF3I3AWzLquPcOXjPf4HgstkyvVBn0Ap" + + "jAFN418KF/Cx4qyHB4cjdvLrRjjQLnb2+ibo7QU="); + + private static readonly byte[] cert6 = Base64.Decode( + "MIIEDjCCAvagAwIBAgIEFAAq2jANBgkqhkiG9w0BAQUFADBLMSowKAYDVQQDEyFT" + + "dW4gTWljcm9zeXN0ZW1zIEluYyBDQSAoQ2xhc3MgQikxHTAbBgNVBAoTFFN1biBN" + + "aWNyb3N5c3RlbXMgSW5jMB4XDTA0MDIyOTAwNDMzNFoXDTA5MDMwMTAwNDMzNFow" + + "NzEdMBsGA1UEChMUU3VuIE1pY3Jvc3lzdGVtcyBJbmMxFjAUBgNVBAMTDXN0b3Jl" + + "LnN1bi5jb20wgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAP9ErzFT7MPg2bVV" + + "LNmHTgN4kmiRNlPpuLGWS7EDIXYBbLeSSOCp/e1ANcOGnsuf0WIq9ejd/CPyEfh4" + + "sWoVvQzpOfHZ/Jyei29PEuxzWT+4kQmCx3+sLK25lAnDFsz1KiFmB6Y3GJ/JSjpp" + + "L0Yy1R9YlIc82I8gSw44y5JDABW5AgMBAAGjggGQMIIBjDAOBgNVHQ8BAf8EBAMC" + + "BaAwHQYDVR0OBBYEFG1WB3PApZM7OPPVWJ31UrERaoKWMEcGA1UdIARAMD4wPAYL" + + "YIZIAYb3AIN9k18wLTArBggrBgEFBQcCARYfaHR0cDovL3d3dy5zdW4uY29tL3Br" + + "aS9jcHMuaHRtbDCBhQYDVR0fBH4wfDB6oCegJYYjaHR0cDovL3d3dy5zdW4uY29t" + + "L3BraS9wa2lzbWljYS5jcmyiT6RNMEsxKjAoBgNVBAMTIVN1biBNaWNyb3N5c3Rl" + + "bXMgSW5jIENBIChDbGFzcyBCKTEdMBsGA1UEChMUU3VuIE1pY3Jvc3lzdGVtcyBJ" + + "bmMwHwYDVR0jBBgwFoAUT7ZnqR/EEBSgG6h1wdYMI5RiiWswVAYIKwYBBQUHAQEE" + + "SDBGMB0GCCsGAQUFBzABhhFodHRwOi8vdmEuc3VuLmNvbTAlBggrBgEFBQcwAYYZ" + + "aHR0cDovL3ZhLmNlbnRyYWwuc3VuLmNvbTATBgNVHSUEDDAKBggrBgEFBQcDATAN" + + "BgkqhkiG9w0BAQUFAAOCAQEAq3byQgyU24tBpR07iQK7agm1zQyzDQ6itdbji0ln" + + "T7fOd5Pnp99iig8ovwWliNtXKAmgtJY60jWz7nEuk38AioZJhS+RPWIWX/+2PRV7" + + "s2aWTzM3n43BypD+jU2qF9c9kDWP/NW9K9IcrS7SfU/2MZVmiCMD/9FEL+CWndwE" + + "JJQ/oenXm44BFISI/NjV7fMckN8EayPvgtzQkD5KnEiggOD6HOrwTDFR+tmAEJ0K" + + "ZttQNwOzCOcEdxXTg6qBHUbONdL7bjTT5NzV+JR/bnfiCqHzdnGwfbHzhmrnXw8j" + + "QCVXcfBfL9++nmpNNRlnJMRdYGeCY6OAfh/PRo8/fXak1Q=="); + + private static readonly byte[] cert7 = Base64.Decode( + "MIIFJDCCBAygAwIBAgIKEcJZuwAAAAAABzANBgkqhkiG9w0BAQUFADAPMQ0wCwYD" + + "VQQDEwRNU0NBMB4XDTA0MDUyMjE2MTM1OFoXDTA1MDUyMjE2MjM1OFowaTEbMBkG" + + "CSqGSIb3DQEJCBMMMTkyLjE2OC4xLjMzMScwJQYJKoZIhvcNAQkCExhwaXhmaXJl" + + "d2FsbC5jaXNjb3BpeC5jb20xITAfBgNVBAMTGHBpeGZpcmV3YWxsLmNpc2NvcGl4" + + "LmNvbTB8MA0GCSqGSIb3DQEBAQUAA2sAMGgCYQCbcsY7vrjweXZiFQdhUafEjJV+" + + "HRy5UKmuCy0237ffmYrN+XNLw0h90cdCSK6KPZebd2E2Bc2UmTikc/FY8meBT3/E" + + "O/Osmywzi++Ur8/IrDvtuR1zd0c/xEPnV1ZRezkCAwEAAaOCAs4wggLKMAsGA1Ud" + + "DwQEAwIFoDAdBgNVHQ4EFgQUzJBSxkQiN9TKvhTMQ1/Aq4gZnHswHwYDVR0jBBgw" + + "FoAUMsxzXVh+5UKMNpwNHmqSfcRYfJ4wgfcGA1UdHwSB7zCB7DCB6aCB5qCB44aB" + + "r2xkYXA6Ly8vQ049TVNDQSxDTj1NQVVELENOPUNEUCxDTj1QdWJsaWMlMjBLZXkl" + + "MjBTZXJ2aWNlcyxDTj1TZXJ2aWNlcyxDTj1Db25maWd1cmF0aW9uLERDPWludCxE" + + "Qz1wcmltZWtleSxEQz1zZT9jZXJ0aWZpY2F0ZVJldm9jYXRpb25MaXN0P2Jhc2U/" + + "b2JqZWN0Q2xhc3M9Y1JMRGlzdHJpYnV0aW9uUG9pbnSGL2h0dHA6Ly9tYXVkLmlu" + + "dC5wcmltZWtleS5zZS9DZXJ0RW5yb2xsL01TQ0EuY3JsMIIBEAYIKwYBBQUHAQEE" + + "ggECMIH/MIGqBggrBgEFBQcwAoaBnWxkYXA6Ly8vQ049TVNDQSxDTj1BSUEsQ049" + + "UHVibGljJTIwS2V5JTIwU2VydmljZXMsQ049U2VydmljZXMsQ049Q29uZmlndXJh" + + "dGlvbixEQz1pbnQsREM9cHJpbWVrZXksREM9c2U/Y0FDZXJ0aWZpY2F0ZT9iYXNl" + + "P29iamVjdENsYXNzPWNlcnRpZmljYXRpb25BdXRob3JpdHkwUAYIKwYBBQUHMAKG" + + "RGh0dHA6Ly9tYXVkLmludC5wcmltZWtleS5zZS9DZXJ0RW5yb2xsL01BVUQuaW50" + + "LnByaW1la2V5LnNlX01TQ0EuY3J0MCwGA1UdEQEB/wQiMCCCGHBpeGZpcmV3YWxs" + + "LmNpc2NvcGl4LmNvbYcEwKgBITA/BgkrBgEEAYI3FAIEMh4wAEkAUABTAEUAQwBJ" + + "AG4AdABlAHIAbQBlAGQAaQBhAHQAZQBPAGYAZgBsAGkAbgBlMA0GCSqGSIb3DQEB" + + "BQUAA4IBAQCa0asiPbObLJjpSz6ndJ7y4KOWMiuuBc/VQBnLr7RBCF3ZlZ6z1+e6" + + "dmv8se/z11NgateKfxw69IhLCriA960HEgX9Z61MiVG+DrCFpbQyp8+hPFHoqCZN" + + "b7upc8k2OtJW6KPaP9k0DW52YQDIky4Vb2rZeC4AMCorWN+KlndHhr1HFA14HxwA" + + "4Mka0FM6HNWnBV2UmTjBZMDr/OrGH1jLYIceAaZK0X2R+/DWXeeqIga8jwP5empq" + + "JetYnkXdtTbEh3xL0BX+mZl8vDI+/PGcwox/7YjFmyFWphRMxk9CZ3rF2/FQWMJP" + + "YqQpKiQOmQg5NAhcwffLAuVjVVibPYqi"); + + private static readonly byte[] cert8 = Base64.Decode( + "MIIB0zCCATwCAQEwbqBsMGekZTBjMQswCQYDVQQGEwJERTELMAkGA1UECBMCQlkx" + + "EzARBgNVBAcTClJlZ2Vuc2J1cmcxEDAOBgNVBAoTB0FDIFRlc3QxCzAJBgNVBAsT" + + "AkNBMRMwEQYDVQQDEwpBQyBUZXN0IENBAgEBoHYwdKRyMHAxCzAJBgNVBAYTAkRF" + + "MQswCQYDVQQIEwJCWTETMBEGA1UEBxMKUmVnZW5zYnVyZzESMBAGA1UEChMJQUMg" + + "SXNzdWVyMRowGAYDVQQLExFBQyBJc3N1ZXIgc2VjdGlvbjEPMA0GA1UEAxMGQUMg" + + "TWFuMA0GCSqGSIb3DQEBBQUAAgEBMCIYDzIwMDQxMTI2MTI1MjUxWhgPMjAwNDEy" + + "MzEyMzAwMDBaMBkwFwYDVRhIMRAwDoEMREFVMTIzNDU2Nzg5MA0GCSqGSIb3DQEB" + + "BQUAA4GBABd4Odx3yEMGL/BvItuT1RafNR2uuWuZbajg0pD6bshUsl+WCIfRiEkq" + + "lHMkpI7WqAZikdnAEQ5jQsVWEuVejWxR6gjejKxc0fb9qpIui7/GoI5Eh6dmG20e" + + "xbwJL3+6YYFrZwxR8cC5rPvWrblUR5XKJy+Zp/H5+t9iANnL1L8J"); + + // V1 attribute certificate + private static readonly byte[] attrCertv1 = Base64.Decode( + "MIIFdDCCBFygXTBbMFOkUTBPMQswCQYDVQQGEwJERTEcMBoGA1UECgwTRGV1" + + "dHNjaGUgVGVsZWtvbSBBRzEiMCAGA1UEAwwZVGVsZVNlYyBQS1MgU2lnRyBD" + + "QSAxNzpQTgIEG1toDjBTpFEwTzELMAkGA1UEBhMCREUxHDAaBgNVBAoME0Rl" + + "dXRzY2hlIFRlbGVrb20gQUcxIjAgBgNVBAMMGVRlbGVTZWMgUEtTIFNpZ0cg" + + "Q0EgMjU6UE4wDQYJKoZIhvcNAQELBQACBCep3f0wIhgPMjAxMDA0MTIxMTI5" + + "MTJaGA8yMDEyMDQxMjEwNTkyOFowggGmMIIBogYFKyQIAwgxggGXDIIBk1Ro" + + "ZSBxdWFsaWZpZWQgc2lnbmF0dXJlIGF0IGhhbmQgaXMgcmVzdHJpY3RlZCB0" + + "byBwcmVzZW50aW5nIGludm9pY2VzIG9yIGNyZWRpdHMgdG8gY3VzdG9tZXJz" + + "IGFjY29yZGluZyB0byBFVSBDb3VuY2lsIGRpcmVjdGl2ZSAyMDAxLzExNS9F" + + "QyAoMjB0aCBEZWNlbWJlciAyMDAxKSBhbmQgR2VybWFuIFZBVCB0YXggKMKn" + + "MTQgVVN0RykuICBEaWUgdm9ybGllZ2VuZGUgcXVhbGlmaXppZXJ0ZSBTaWdu" + + "YXR1ciBpc3QgYXVmIGRpZSAgUHJhZXNlbnRhdGlvbiB2b24gUmVjaG51bmdl" + + "biBvZGVyIEd1dHNjaHJpZnRlbiBnZW1hZXNzIEVVIERpcmVrdGl2ZSAyMDAx" + + "LzExNS9FQyAoMjAuIERlemVtYmVyIDIwMDEpIHVuZCBkZXV0c2NoZW0gVW1z" + + "YXR6c3RldWVyZ2VzZXR6ICAowqcxNCBVU3RHKSBiZXNjaHJhZW5rdC4wggHB" + + "MB8GA1UdIwQYMBaAFM6i1yR/z8IikpxpU/Fdh8BPxhq8MEMGA1UdIAQ8MDow" + + "OAYFKyQIAQEwLzAtBggrBgEFBQcCARYhaHR0cDovL3Brcy50ZWxlc2VjLmRl" + + "L2Nwcy9jcHMucGRmMIIBBAYDVR0fBIH8MIH5MIH2oG2ga4Y1bGRhcDovL3Br" + + "cy1sZGFwLnRlbGVzZWMuZGUvbz1EZXV0c2NoZSBUZWxla29tIEFHLGM9ZGWG" + + "Mmh0dHA6Ly9wa3MudGVsZXNlYy5kZS90ZWxlc2VjL3NlcnZsZXQvZG93bmxv" + + "YWRfY3JsooGEpIGBMH8xCzAJBgNVBAYTAkRFMRwwGgYDVQQKFBNEZXV0c2No" + + "ZSBUZWxla29tIEFHMR8wHQYDVQQLFBZQcm9kdWt0emVudHJ1bSBUZWxlU2Vj" + + "MTEwDAYHAoIGAQoHFBMBMTAhBgNVBAMUGlRlbGVTZWMgUEtTIFNpZ0cgRElS" + + "IDM1OlBOMDcGCCsGAQUFBwEBBCswKTAnBggrBgEFBQcwAYYbaHR0cDovL3Br" + + "cy50ZWxlc2VjLmRlL29jc3ByMBgGCCsGAQUFBwEDBAwwCjAIBgYEAI5GAQEw" + + "DQYJKoZIhvcNAQELBQADggEBAEz2OvU9YytJUKHMDQcND5njIyUXTkSrlWjV" + + "F28uwxVlveO4JPTAY7PvXy69HUuTPwlvqCfJIUF2RLPZFQx0wFto8ajC9v5X" + + "SqwQcINXRakpE6FPAdQFnH44TaIQWXW1hy9xr8GuD0uhQLTJGYqVzHfLoM8e" + + "llPNHUVhC7CEOxDb1PTHCUlQFNkFRmeeqzEVoj1F0pM6wI5zf8+w2WwrFPCD" + + "jrjEr/VoBRoEi/tKnsLq6oOkizUKT0KJEnSyYxoOa7euT1yX+Co94SPnMZi5" + + "qukHSj8Kiio6Jecl//qDPG/mHo1ro+8rH+rbze7EEfKMp5yeWCwXGthL9oYo" + + "RYl+UuI="); + + // bad issuer certificate + private static readonly byte[] dudCert = Base64.Decode( + "MIICLzCCAZgCBFp/9TowDQYJKoZIhvcNAQEFBQAwAjEAMB4XDTA4MDcyNTEzNTQ0" + + "MFoXDTEzMDgyNTA1MDAwMFowgboxCzAJBgNVBAYTAlVTMQ0wCwYDVQQIEwRJb3dh" + + "MRMwEQYDVQQHEwpEZXMgTW9pbmVzMT0wOwYDVQQKEzRTdGF0ZSBvZiBJb3dhLCBE" + + "ZXBhcnRtZW50IG9mIEFkbWluaXN0cmF0aXZlIFNlcnZpY2VzMSowKAYDVQQLEyFJ" + + "bmZvcm1hdGlvbiBUZWNobm9sb2d5IEVudGVycHJpc2UxHDAaBgNVBAMTE3d3dy5k" + + "b20uc3RhdGUuaWEudXMwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAK0C7Jca" + + "C0RiD0hcBcPUdGc78y815yPuHGmF/A2K+3LbwfFXDhsY7ebRxHVfL7gt+nFBvJ2r" + + "MqDBIMHFB3vYdSnGbND41eso6cLnzkMVtSisG25Tat3F8BF/js54sa0mFEn4qMQ+" + + "6T6jxyPflsjKpmi6L7lfRdPNbBbKSmK9ik2lAgMBAAEwDQYJKoZIhvcNAQEFBQAD" + + "gYEAc9Rx95MiPzJiCn3nOoP+3PPQCGTyUcUWZfYKXuC7aOzMYUXes71Q3K1/W6Vy" + + "V2Tlrbj0KT8j2/kBmy8+7d5whnUklJNsH6VJMst3V4Uxvk3os+uaW0FHsW389sNY" + + "/5LdslDjfqV2nUc2GqDPn38PATL26SRJKlCvU2NagdID3WM=" + ); + + // malformed cert + private static readonly byte[] bangerCert = Base64.Decode( + "MIIBSKADAgECAgECMA0GCSqGSIb3DQEEBAUAMCUxCzAJBgNVBAMMAkFVMRYwFAYD" + + "VQQKDA1CaXVuYHkgQGFzdGtlMB4XDTcwMDExMTQyNjAwMVoXDTcwMDEwNzAwMDAw" + + "MlowNjELMQkGA1UBAwwCQVUxFjAUBgNVAQwMDUJsdW5jeSZDY3Nzb2UxDzANBgNV" + + "AQsMBlRlc3cgNTAYMBAGBisOBwMDATAGAgEBAgECAwQAAgEDoYGVMIGSMGEGA1Yd" + + "IwEB /wRXNVWAFDZPdpTPzKi7o8EJokoQU2uqCHRRoTqkOzA2NAs2CgYDVQYDDAJ" + + "HVTEWMBQGA1QECQwNQmhwbmR5J0Ngc3RsYDAPMA0CA1UECwwGUWVzdyA0hQECMCA" + + "GA1UdDgEB/wQWBBQ2T3OSzciou6PBCqRJEFNrqgh2UTALBgNVHQkEBAMGBBE="); + + private static readonly string[] subjects = + { + "C=AU,ST=Victoria,L=South Melbourne,O=Connect 4 Pty Ltd,OU=Webserver Team,CN=www2.connect4.com.au,E=webmaster@connect4.com.au", + "C=AU,ST=Victoria,L=South Melbourne,O=Connect 4 Pty Ltd,OU=Certificate Authority,CN=Connect 4 CA,E=webmaster@connect4.com.au", + "C=AU,ST=QLD,CN=SSLeay/rsa test cert", + "C=US,O=National Aeronautics and Space Administration,SERIALNUMBER=16+CN=Steve Schoch", + "E=cooke@issl.atl.hp.com,C=US,OU=Hewlett Packard Company (ISSL),CN=Paul A. Cooke", + "O=Sun Microsystems Inc,CN=store.sun.com", + "unstructuredAddress=192.168.1.33,unstructuredName=pixfirewall.ciscopix.com,CN=pixfirewall.ciscopix.com" + }; + + public override string Name + { + get { return "Certificate"; } + } + + public void CheckCertificate( + int id, + byte[] cert) + { + X509CertificateStructure obj = X509CertificateStructure.GetInstance(cert); + TbsCertificateStructure tbsCert = obj.TbsCertificate; + + if (!tbsCert.Subject.ToString().Equals(subjects[id - 1])) + { + Fail("failed subject test for certificate id " + id + + " got " + tbsCert.Subject.ToString()); + } + + if (tbsCert.Version >= 3) + { + X509Extensions ext = tbsCert.Extensions; + if (ext != null) + { + foreach (DerObjectIdentifier oid in ext.ExtensionOids) + { + X509Extension extVal = ext.GetExtension(oid); + Asn1Object extObj = Asn1Object.FromByteArray(extVal.Value.GetOctets()); + + if (oid.Equals(X509Extensions.SubjectKeyIdentifier)) + { + SubjectKeyIdentifier.GetInstance(extObj); + } + else if (oid.Equals(X509Extensions.KeyUsage)) + { + KeyUsage.GetInstance(extObj); + } + else if (oid.Equals(X509Extensions.ExtendedKeyUsage)) + { + ExtendedKeyUsage ku = ExtendedKeyUsage.GetInstance(extObj); + + Asn1Sequence sq = (Asn1Sequence)ku.ToAsn1Object(); + for (int i = 0; i != sq.Count; i++) + { + KeyPurposeID.GetInstance(sq[i]); + } + } + else if (oid.Equals(X509Extensions.SubjectAlternativeName)) + { + GeneralNames gn = GeneralNames.GetInstance(extObj); + + Asn1Sequence sq = (Asn1Sequence)gn.ToAsn1Object(); + for (int i = 0; i != sq.Count; i++) + { + GeneralName.GetInstance(sq[i]); + } + } + else if (oid.Equals(X509Extensions.IssuerAlternativeName)) + { + GeneralNames gn = GeneralNames.GetInstance(extObj); + + Asn1Sequence sq = (Asn1Sequence)gn.ToAsn1Object(); + for (int i = 0; i != sq.Count; i++) + { + GeneralName.GetInstance(sq[i]); + } + } + else if (oid.Equals(X509Extensions.CrlDistributionPoints)) + { + CrlDistPoint p = CrlDistPoint.GetInstance(extObj); + + DistributionPoint[] points = p.GetDistributionPoints(); + for (int i = 0; i != points.Length; i++) + { + // do nothing + } + } + else if (oid.Equals(X509Extensions.CertificatePolicies)) + { + Asn1Sequence cp = (Asn1Sequence) extObj; + + for (int i = 0; i != cp.Count; i++) + { + PolicyInformation.GetInstance(cp[i]); + } + } + else if (oid.Equals(X509Extensions.AuthorityKeyIdentifier)) + { + AuthorityKeyIdentifier.GetInstance(extObj); + } + else if (oid.Equals(X509Extensions.BasicConstraints)) + { + BasicConstraints.GetInstance(extObj); + } + else + { + //Console.WriteLine(oid.Id); + } + } + } + } + } + + public void CheckAttributeCertificate( + int id, + byte[] cert) + { + AttributeCertificate obj = AttributeCertificate.GetInstance(cert); + AttributeCertificateInfo acInfo = obj.ACInfo; + + // Version + DerInteger version = acInfo.Version; + if (!version.HasValue(1) && !version.HasValue(2)) + { + Fail("failed AC Version test for id " + id); + } + + // Holder + Holder h = acInfo.Holder; + if (h == null) + { + Fail("failed AC Holder test, it's null, for id " + id); + } + + // Issuer + AttCertIssuer aci = acInfo.Issuer; + if (aci == null) + { + Fail("failed AC Issuer test, it's null, for id " + id); + } + + // Signature + AlgorithmIdentifier sig = acInfo.Signature; + if (sig == null) + { + Fail("failed AC Signature test for id " + id); + } + + // Serial + DerInteger serial = acInfo.SerialNumber; + + // Validity + AttCertValidityPeriod validity = acInfo.AttrCertValidityPeriod; + if (validity == null) + { + Fail("failed AC AttCertValidityPeriod test for id " + id); + } + + // Attributes + Asn1Sequence attribSeq = acInfo.Attributes; + AttributeX509[] att = new AttributeX509[attribSeq.Count]; + for (int i = 0; i < attribSeq.Count; i++) + { + att[i] = AttributeX509.GetInstance(attribSeq[i]); + } + + // IssuerUniqueId + // TODO, how to best test? + + // X509 Extensions + X509Extensions ext = acInfo.Extensions; + if (ext != null) + { + foreach (DerObjectIdentifier oid in ext.ExtensionOids) + { + X509Extension extVal = ext.GetExtension(oid); + } + } + } + + public void CheckV1AttributeCertificate( + int id, + byte[] cert) + { + AttributeCertificate obj = AttributeCertificate.GetInstance(cert); + AttributeCertificateInfo acInfo = obj.ACInfo; + + // Version + if (!acInfo.Version.HasValue(0)) + { + Fail("failed AC Version test for id " + id); + } + + // Holder + Holder h = acInfo.Holder; + if (h == null) + { + Fail("failed AC Holder test, it's null, for id " + id); + } + + // Issuer + AttCertIssuer aci = acInfo.Issuer; + if (aci == null) + { + Fail("failed AC Issuer test, it's null, for id " + id); + } + + // Signature + AlgorithmIdentifier sig = acInfo.Signature; + if (sig == null) + { + Fail("failed AC Signature test for id " + id); + } + + // Serial + DerInteger serial = acInfo.SerialNumber; + + // Validity + AttCertValidityPeriod validity = acInfo.AttrCertValidityPeriod; + if (validity == null) + { + Fail("failed AC AttCertValidityPeriod test for id " + id); + } + + // Attributes + Asn1Sequence attribSeq = acInfo.Attributes; + AttributeX509[] att = new AttributeX509[attribSeq.Count]; + for (int i = 0; i < attribSeq.Count; i++) + { + att[i] = AttributeX509.GetInstance(attribSeq[i]); + } + + // IssuerUniqueId + // TODO, how to best test? + + // X509 Extensions + X509Extensions ext = acInfo.Extensions; + if (ext != null) + { + foreach (DerObjectIdentifier oid in ext.ExtensionOids) + { + X509Extension extVal = ext.GetExtension(oid); + } + } + } + + private void CheckDudCertificate() + { + X509CertificateStructure cert = X509CertificateStructure.GetInstance(dudCert); + + if (!"".Equals(cert.Issuer.ToString())) + { + Fail("empty issuer not recognised correctly"); + } + } + + private void CheckMalformed() + { + try + { + TbsCertificateStructure cert = TbsCertificateStructure.GetInstance(bangerCert); + } + catch (ArgumentException) + { + // expected - anything else is not! + } + } + + public override void PerformTest() + { + CheckCertificate(1, cert1); + CheckCertificate(2, cert2); + CheckCertificate(3, cert3); + CheckCertificate(4, cert4); + CheckCertificate(5, cert5); + CheckCertificate(6, cert6); + CheckCertificate(7, cert7); + CheckAttributeCertificate(8, cert8); + CheckV1AttributeCertificate(9, attrCertv1); + CheckDudCertificate(); + CheckMalformed(); + } + + public static void Main( + string[] args) + { + RunTest(new CertificateTest()); + } + + [Test] + public void TestFunction() + { + string resultText = Perform().ToString(); + + Assert.AreEqual(Name + ": Okay", resultText); + } + } +} diff --git a/BouncyCastle/crypto/test/src/asn1/test/CommitmentTypeIndicationUnitTest.cs b/BouncyCastle/crypto/test/src/asn1/test/CommitmentTypeIndicationUnitTest.cs new file mode 100644 index 0000000..20c2d18 --- /dev/null +++ b/BouncyCastle/crypto/test/src/asn1/test/CommitmentTypeIndicationUnitTest.cs @@ -0,0 +1,107 @@ +using System; + +using NUnit.Framework; + +using Org.BouncyCastle.Asn1; +using Org.BouncyCastle.Asn1.Esf; +using Org.BouncyCastle.Utilities.Test; + +namespace Org.BouncyCastle.Asn1.Tests +{ + [TestFixture] + public class CommitmentTypeIndicationUnitTest + : SimpleTest + { + public override string Name + { + get { return "CommitmentTypeIndication"; } + } + + public override void PerformTest() + { + CommitmentTypeIndication cti = new CommitmentTypeIndication(CommitmentTypeIdentifier.ProofOfOrigin); + + CheckConstruction(cti, CommitmentTypeIdentifier.ProofOfOrigin, null); + + Asn1Sequence qualifier = new DerSequence(new DerObjectIdentifier("1.2")); + + cti = new CommitmentTypeIndication(CommitmentTypeIdentifier.ProofOfOrigin, qualifier); + + CheckConstruction(cti, CommitmentTypeIdentifier.ProofOfOrigin, qualifier); + + cti = CommitmentTypeIndication.GetInstance(null); + + if (cti != null) + { + Fail("null GetInstance() failed."); + } + + try + { + CommitmentTypeIndication.GetInstance(new object()); + + Fail("GetInstance() failed to detect bad object."); + } + catch (ArgumentException) + { + // expected + } + } + + private void CheckConstruction( + CommitmentTypeIndication mv, + DerObjectIdentifier commitmenttTypeId, + Asn1Encodable qualifier) + { + CheckStatement(mv, commitmenttTypeId, qualifier); + + mv = CommitmentTypeIndication.GetInstance(mv); + + CheckStatement(mv, commitmenttTypeId, qualifier); + + Asn1Sequence seq = (Asn1Sequence) Asn1Object.FromByteArray( + mv.ToAsn1Object().GetEncoded()); + + mv = CommitmentTypeIndication.GetInstance(seq); + + CheckStatement(mv, commitmenttTypeId, qualifier); + } + + private void CheckStatement( + CommitmentTypeIndication cti, + DerObjectIdentifier commitmentTypeId, + Asn1Encodable qualifier) + { + if (!cti.CommitmentTypeID.Equals(commitmentTypeId)) + { + Fail("commitmentTypeIds don't match."); + } + + if (qualifier != null) + { + if (!cti.CommitmentTypeQualifier.Equals(qualifier)) + { + Fail("qualifiers don't match."); + } + } + else if (cti.CommitmentTypeQualifier != null) + { + Fail("qualifier found when none expected."); + } + } + + public static void Main( + string[] args) + { + RunTest(new CommitmentTypeIndicationUnitTest()); + } + + [Test] + public void TestFunction() + { + string resultText = Perform().ToString(); + + Assert.AreEqual(Name + ": Okay", resultText); + } + } +} diff --git a/BouncyCastle/crypto/test/src/asn1/test/CommitmentTypeQualifierUnitTest.cs b/BouncyCastle/crypto/test/src/asn1/test/CommitmentTypeQualifierUnitTest.cs new file mode 100644 index 0000000..192ac52 --- /dev/null +++ b/BouncyCastle/crypto/test/src/asn1/test/CommitmentTypeQualifierUnitTest.cs @@ -0,0 +1,107 @@ +using System; + +using NUnit.Framework; + +using Org.BouncyCastle.Asn1; +using Org.BouncyCastle.Asn1.Esf; +using Org.BouncyCastle.Utilities.Test; + +namespace Org.BouncyCastle.Asn1.Tests +{ + [TestFixture] + public class CommitmentTypeQualifierUnitTest + : SimpleTest + { + public override string Name + { + get { return "CommitmentTypeQualifier"; } + } + + public override void PerformTest() + { + CommitmentTypeQualifier ctq = new CommitmentTypeQualifier(CommitmentTypeIdentifier.ProofOfOrigin); + + CheckConstruction(ctq, CommitmentTypeIdentifier.ProofOfOrigin, null); + + Asn1Encodable info = new DerObjectIdentifier("1.2"); + + ctq = new CommitmentTypeQualifier(CommitmentTypeIdentifier.ProofOfOrigin, info); + + CheckConstruction(ctq, CommitmentTypeIdentifier.ProofOfOrigin, info); + + ctq = CommitmentTypeQualifier.GetInstance(null); + + if (ctq != null) + { + Fail("null GetInstance() failed."); + } + + try + { + CommitmentTypeQualifier.GetInstance(new object()); + + Fail("GetInstance() failed to detect bad object."); + } + catch (ArgumentException) + { + // expected + } + } + + private void CheckConstruction( + CommitmentTypeQualifier mv, + DerObjectIdentifier commitmenttTypeId, + Asn1Encodable qualifier) + { + CheckStatement(mv, commitmenttTypeId, qualifier); + + mv = CommitmentTypeQualifier.GetInstance(mv); + + CheckStatement(mv, commitmenttTypeId, qualifier); + + Asn1Sequence seq = (Asn1Sequence) Asn1Object.FromByteArray( + mv.ToAsn1Object().GetEncoded()); + + mv = CommitmentTypeQualifier.GetInstance(seq); + + CheckStatement(mv, commitmenttTypeId, qualifier); + } + + private void CheckStatement( + CommitmentTypeQualifier ctq, + DerObjectIdentifier commitmentTypeId, + Asn1Encodable qualifier) + { + if (!ctq.CommitmentTypeIdentifier.Equals(commitmentTypeId)) + { + Fail("commitmentTypeIds don't match."); + } + + if (qualifier != null) + { + if (!ctq.Qualifier.Equals(qualifier)) + { + Fail("qualifiers don't match."); + } + } + else if (ctq.Qualifier != null) + { + Fail("qualifier found when none expected."); + } + } + + public static void Main( + string[] args) + { + RunTest(new CommitmentTypeQualifierUnitTest()); + } + + [Test] + public void TestFunction() + { + string resultText = Perform().ToString(); + + Assert.AreEqual(Name + ": Okay", resultText); + } + } +} diff --git a/BouncyCastle/crypto/test/src/asn1/test/ContentHintsUnitTest.cs b/BouncyCastle/crypto/test/src/asn1/test/ContentHintsUnitTest.cs new file mode 100644 index 0000000..d7453c2 --- /dev/null +++ b/BouncyCastle/crypto/test/src/asn1/test/ContentHintsUnitTest.cs @@ -0,0 +1,93 @@ +using System; + +using NUnit.Framework; + +using Org.BouncyCastle.Asn1.Ess; + +namespace Org.BouncyCastle.Asn1.Tests +{ + [TestFixture] + public class ContentHintsUnitTest + : Asn1UnitTest + { + public override string Name + { + get { return "ContentHints"; } + } + + public override void PerformTest() + { + DerUtf8String contentDescription = new DerUtf8String("Description"); + DerObjectIdentifier contentType = new DerObjectIdentifier("1.2.2.3"); + + ContentHints hints = new ContentHints(contentType); + + checkConstruction(hints, contentType, null); + + hints = new ContentHints(contentType, contentDescription); + + checkConstruction(hints, contentType, contentDescription); + + hints = ContentHints.GetInstance(null); + + if (hints != null) + { + Fail("null GetInstance() failed."); + } + + try + { + ContentHints.GetInstance(new Object()); + + Fail("GetInstance() failed to detect bad object."); + } + catch (ArgumentException) + { + // expected + } + } + + private void checkConstruction( + ContentHints hints, + DerObjectIdentifier contentType, + DerUtf8String description) + { + checkValues(hints, contentType, description); + + hints = ContentHints.GetInstance(hints); + + checkValues(hints, contentType, description); + + Asn1InputStream aIn = new Asn1InputStream(hints.ToAsn1Object().GetEncoded()); + + Asn1Sequence seq = (Asn1Sequence) aIn.ReadObject(); + + hints = ContentHints.GetInstance(seq); + + checkValues(hints, contentType, description); + } + + private void checkValues( + ContentHints hints, + DerObjectIdentifier contentType, + DerUtf8String description) + { + checkMandatoryField("contentType", contentType, hints.ContentType); + checkOptionalField("description", description, hints.ContentDescription); + } + + public static void Main( + string[] args) + { + RunTest(new ContentHintsUnitTest()); + } + + [Test] + public void TestFunction() + { + string resultText = Perform().ToString(); + + Assert.AreEqual(Name + ": Okay", resultText); + } + } +} diff --git a/BouncyCastle/crypto/test/src/asn1/test/CscaMasterListTest.cs b/BouncyCastle/crypto/test/src/asn1/test/CscaMasterListTest.cs new file mode 100644 index 0000000..814e98b --- /dev/null +++ b/BouncyCastle/crypto/test/src/asn1/test/CscaMasterListTest.cs @@ -0,0 +1,57 @@ +using System; + +using NUnit.Framework; + +using Org.BouncyCastle.Asn1; +using Org.BouncyCastle.Asn1.Icao; +using Org.BouncyCastle.Utilities.IO; +using Org.BouncyCastle.Utilities.Test; + +namespace Org.BouncyCastle.Asn1.Tests +{ + [TestFixture] + public class CscaMasterListTest + : SimpleTest + { + public override string Name + { + get { return "CscaMasterList"; } + } + + public override void PerformTest() + { + byte[] input = GetInput("masterlist-content.data"); + CscaMasterList parsedList = CscaMasterList.GetInstance(Asn1Object.FromByteArray(input)); + + if (parsedList.GetCertStructs().Length != 3) + { + Fail("Cert structure parsing failed: incorrect length"); + } + + byte[] output = parsedList.GetEncoded(); + if (!AreEqual(input, output)) + { + Fail("Encoding failed after parse"); + } + } + + private byte[] GetInput(string name) + { + return Streams.ReadAll(SimpleTest.GetTestDataAsStream("asn1." + name)); + } + + public static void Main( + string[] args) + { + RunTest(new CscaMasterListTest()); + } + + [Test] + public void TestFunction() + { + string resultText = Perform().ToString(); + + Assert.AreEqual(Name + ": Okay", resultText); + } + } +} diff --git a/BouncyCastle/crypto/test/src/asn1/test/DERApplicationSpecificTest.cs b/BouncyCastle/crypto/test/src/asn1/test/DERApplicationSpecificTest.cs new file mode 100644 index 0000000..e505acd --- /dev/null +++ b/BouncyCastle/crypto/test/src/asn1/test/DERApplicationSpecificTest.cs @@ -0,0 +1,145 @@ +using System; +using System.Text; + +using NUnit.Framework; + +using Org.BouncyCastle.Utilities; +using Org.BouncyCastle.Utilities.Encoders; +using Org.BouncyCastle.Utilities.Test; + +namespace Org.BouncyCastle.Asn1.Tests +{ + [TestFixture] + public class DerApplicationSpecificTest + : SimpleTest + { + private static readonly byte[] impData = Hex.Decode("430109"); + + private static readonly byte[] certData = Hex.Decode( + "7F218201897F4E8201495F290100420E44454356434145504153533030317F49" + + "81FD060A04007F00070202020202811CD7C134AA264366862A18302575D1D787" + + "B09F075797DA89F57EC8C0FF821C68A5E62CA9CE6C1C299803A6C1530B514E18" + + "2AD8B0042A59CAD29F43831C2580F63CCFE44138870713B1A92369E33E2135D2" + + "66DBB372386C400B8439040D9029AD2C7E5CF4340823B2A87DC68C9E4CE3174C" + + "1E6EFDEE12C07D58AA56F772C0726F24C6B89E4ECDAC24354B9E99CAA3F6D376" + + "1402CD851CD7C134AA264366862A18302575D0FB98D116BC4B6DDEBCA3A5A793" + + "9F863904393EE8E06DB6C7F528F8B4260B49AA93309824D92CDB1807E5437EE2" + + "E26E29B73A7111530FA86B350037CB9415E153704394463797139E148701015F" + + "200E44454356434145504153533030317F4C0E060904007F0007030102015301" + + "C15F25060007000400015F24060009000400015F37384CCF25C59F3612EEE188" + + "75F6C5F2E2D21F0395683B532A26E4C189B71EFE659C3F26E0EB9AEAE9986310" + + "7F9B0DADA16414FFA204516AEE2B"); + + private static readonly byte[] sampleData = Hex.Decode( + "613280020780a106060456000104a203020101a305a103020101be80288006025101020109a080b2800a01000000000000000000"); + + public override string Name + { + get { return "DerApplicationSpecific"; } + } + + private void TestTaggedObject() + { + // boolean explicit, int tagNo, ASN1Encodable obj + bool isExplicit = false; + + // Type1 ::= VisibleString + DerVisibleString type1 = new DerVisibleString("Jones"); + if (!Arrays.AreEqual(Hex.Decode("1A054A6F6E6573"), type1.GetEncoded())) + { + Fail("ERROR: expected value doesn't match!"); + } + + // Type2 ::= [APPLICATION 3] IMPLICIT Type1 + isExplicit = false; + DerApplicationSpecific type2 = new DerApplicationSpecific(isExplicit, 3, type1); + // type2.isConstructed() + if (!Arrays.AreEqual(Hex.Decode("43054A6F6E6573"), type2.GetEncoded())) + { + Fail("ERROR: expected value doesn't match!"); + } + + // Type3 ::= [2] Type2 + isExplicit = true; + DerTaggedObject type3 = new DerTaggedObject(isExplicit, 2, type2); + if (!Arrays.AreEqual(Hex.Decode("A20743054A6F6E6573"), type3.GetEncoded())) + { + Fail("ERROR: expected value doesn't match!"); + } + + // Type4 ::= [APPLICATION 7] IMPLICIT Type3 + isExplicit = false; + DerApplicationSpecific type4 = new DerApplicationSpecific(isExplicit, 7, type3); + if (!Arrays.AreEqual(Hex.Decode("670743054A6F6E6573"), type4.GetEncoded())) + { + Fail("ERROR: expected value doesn't match!"); + } + + // Type5 ::= [2] IMPLICIT Type2 + isExplicit = false; + DerTaggedObject type5 = new DerTaggedObject(isExplicit, 2, type2); + // type5.isConstructed() + if (!Arrays.AreEqual(Hex.Decode("82054A6F6E6573"), type5.GetEncoded())) + { + Fail("ERROR: expected value doesn't match!"); + } + } + + public override void PerformTest() + { + TestTaggedObject(); + + DerApplicationSpecific appSpec = (DerApplicationSpecific)Asn1Object.FromByteArray(sampleData); + + if (1 != appSpec.ApplicationTag) + { + Fail("wrong tag detected"); + } + + DerInteger val = new DerInteger(9); + + DerApplicationSpecific tagged = new DerApplicationSpecific(false, 3, val); + + if (!AreEqual(impData, tagged.GetEncoded())) + { + Fail("implicit encoding failed"); + } + + DerInteger recVal = (DerInteger) tagged.GetObject(Asn1Tags.Integer); + + if (!val.Equals(recVal)) + { + Fail("implicit read back failed"); + } + + DerApplicationSpecific certObj = (DerApplicationSpecific) + Asn1Object.FromByteArray(certData); + + if (!certObj.IsConstructed() || certObj.ApplicationTag != 33) + { + Fail("parsing of certificate data failed"); + } + + byte[] encoded = certObj.GetDerEncoded(); + + if (!Arrays.AreEqual(certData, encoded)) + { + Fail("re-encoding of certificate data failed"); + } + } + + public static void Main( + string[] args) + { + RunTest(new DerApplicationSpecificTest()); + } + + [Test] + public void TestFunction() + { + string resultText = Perform().ToString(); + + Assert.AreEqual(Name + ": Okay", resultText); + } + } +} diff --git a/BouncyCastle/crypto/test/src/asn1/test/DERUTF8StringTest.cs b/BouncyCastle/crypto/test/src/asn1/test/DERUTF8StringTest.cs new file mode 100644 index 0000000..15f98a7 --- /dev/null +++ b/BouncyCastle/crypto/test/src/asn1/test/DERUTF8StringTest.cs @@ -0,0 +1,114 @@ +using System; + +using NUnit.Framework; + +using Org.BouncyCastle.Utilities; +using Org.BouncyCastle.Utilities.Test; + +namespace Org.BouncyCastle.Asn1.Tests +{ + [TestFixture] + public class DerUtf8StringTest + : ITest + { + /** + * Unicode code point U+10400 coded as surrogate in two native Java UTF-16 + * code units + */ + private readonly static char[] glyph1_utf16 = { (char)0xd801, (char)0xdc00 }; + + /** + * U+10400 coded in UTF-8 + */ + private readonly static byte[] glyph1_utf8 = { (byte)0xF0, (byte)0x90, (byte)0x90, (byte)0x80 }; + + /** + * Unicode code point U+6771 in native Java UTF-16 + */ + private readonly static char[] glyph2_utf16 = { (char)0x6771 }; + + /** + * U+6771 coded in UTF-8 + */ + private readonly static byte[] glyph2_utf8 = { (byte)0xE6, (byte)0x9D, (byte)0xB1 }; + + /** + * Unicode code point U+00DF in native Java UTF-16 + */ + private readonly static char[] glyph3_utf16 = { (char)0x00DF }; + + /** + * U+00DF coded in UTF-8 + */ + private readonly static byte[] glyph3_utf8 = { (byte)0xC3, (byte)0x9f }; + + /** + * Unicode code point U+0041 in native Java UTF-16 + */ + private readonly static char[] glyph4_utf16 = { (char)0x0041 }; + + /** + * U+0041 coded in UTF-8 + */ + private readonly static byte[] glyph4_utf8 = { 0x41 }; + + private readonly static byte[][] glyphs_utf8 = { glyph1_utf8, glyph2_utf8, glyph3_utf8, glyph4_utf8 }; + + private readonly static char[][] glyphs_utf16 = { glyph1_utf16, glyph2_utf16, glyph3_utf16, glyph4_utf16 }; + + public ITestResult Perform() + { + try + { + for (int i = 0; i < glyphs_utf16.Length; i++) + { + string s = new string(glyphs_utf16[i]); + byte[] b1 = new DerUtf8String(s).GetEncoded(); + byte[] temp = new byte[b1.Length - 2]; + Array.Copy(b1, 2, temp, 0, b1.Length - 2); + byte[] b2 = new DerUtf8String(Strings.FromUtf8ByteArray(new DerOctetString(temp).GetOctets())) + .GetEncoded(); + if (!Arrays.AreEqual(b1, b2)) + { + return new SimpleTestResult(false, Name + ": failed UTF-8 encoding and decoding"); + } + if (!Arrays.AreEqual(temp, glyphs_utf8[i])) + { + return new SimpleTestResult(false, Name + ": failed UTF-8 encoding and decoding"); + } + } + } + catch (Exception e) + { + return new SimpleTestResult(false, Name + ": failed with Exception " + e.Message); + } + + return new SimpleTestResult(true, Name + ": Okay"); + } + + public string Name + { + get + { + return "DERUTF8String"; + } + } + + public static void Main( + string[] args) + { + DerUtf8StringTest test = new DerUtf8StringTest(); + ITestResult result = test.Perform(); + + Console.WriteLine(result); + } + + [Test] + public void TestFunction() + { + string resultText = Perform().ToString(); + + Assert.AreEqual(Name + ": Okay", resultText); + } + } +} diff --git a/BouncyCastle/crypto/test/src/asn1/test/DataGroupHashUnitTest.cs b/BouncyCastle/crypto/test/src/asn1/test/DataGroupHashUnitTest.cs new file mode 100644 index 0000000..dcebf46 --- /dev/null +++ b/BouncyCastle/crypto/test/src/asn1/test/DataGroupHashUnitTest.cs @@ -0,0 +1,106 @@ +using System; + +using NUnit.Framework; + +using Org.BouncyCastle.Asn1; +using Org.BouncyCastle.Asn1.Icao; +using Org.BouncyCastle.Utilities.Test; + +namespace Org.BouncyCastle.Asn1.Tests +{ + [TestFixture] + public class DataGroupHashUnitTest + : SimpleTest + { + public override string Name + { + get { return "DataGroupHash"; } + } + + private byte[] GenerateHash() + { + Random rand = new Random(); + byte[] bytes = new byte[20]; + rand.NextBytes(bytes); + return bytes; + } + + public override void PerformTest() + { + int dataGroupNumber = 1; + Asn1OctetString dataHash = new DerOctetString(GenerateHash()); + DataGroupHash dg = new DataGroupHash(dataGroupNumber, dataHash); + + CheckConstruction(dg, dataGroupNumber, dataHash); + + try + { + DataGroupHash.GetInstance(null); + } + catch (Exception) + { + Fail("GetInstance() failed to handle null."); + } + + try + { + DataGroupHash.GetInstance(new object()); + + Fail("GetInstance() failed to detect bad object."); + } + catch (ArgumentException) + { + // expected + } + } + + private void CheckConstruction( + DataGroupHash dg, + int dataGroupNumber, + Asn1OctetString dataGroupHashValue) + { + CheckValues(dg, dataGroupNumber, dataGroupHashValue); + + dg = DataGroupHash.GetInstance(dg); + + CheckValues(dg, dataGroupNumber, dataGroupHashValue); + + Asn1Sequence seq = (Asn1Sequence) Asn1Object.FromByteArray( + dg.ToAsn1Object().GetEncoded()); + + dg = DataGroupHash.GetInstance(seq); + + CheckValues(dg, dataGroupNumber, dataGroupHashValue); + } + + private void CheckValues( + DataGroupHash dg, + int dataGroupNumber, + Asn1OctetString dataGroupHashValue) + { + if (dg.DataGroupNumber != dataGroupNumber) + { + Fail("group number don't match."); + } + + if (!dg.DataGroupHashValue.Equals(dataGroupHashValue)) + { + Fail("hash value don't match."); + } + } + + public static void Main( + string[] args) + { + RunTest(new DataGroupHashUnitTest()); + } + + [Test] + public void TestFunction() + { + string resultText = Perform().ToString(); + + Assert.AreEqual(Name + ": Okay", resultText); + } + } +} diff --git a/BouncyCastle/crypto/test/src/asn1/test/DeclarationOfMajorityUnitTest.cs b/BouncyCastle/crypto/test/src/asn1/test/DeclarationOfMajorityUnitTest.cs new file mode 100644 index 0000000..f9eef4f --- /dev/null +++ b/BouncyCastle/crypto/test/src/asn1/test/DeclarationOfMajorityUnitTest.cs @@ -0,0 +1,93 @@ +using System; + +using NUnit.Framework; + +using Org.BouncyCastle.Asn1.IsisMtt.X509; + +namespace Org.BouncyCastle.Asn1.Tests +{ + [TestFixture] + public class DeclarationOfMajorityUnitTest + : Asn1UnitTest + { + public override string Name + { + get { return "DeclarationOfMajority"; } + } + + public override void PerformTest() + { + DerGeneralizedTime dateOfBirth = new DerGeneralizedTime("20070315173729Z"); + DeclarationOfMajority decl = new DeclarationOfMajority(dateOfBirth); + + CheckConstruction(decl, DeclarationOfMajority.Choice.DateOfBirth, dateOfBirth, -1); + + decl = new DeclarationOfMajority(6); + + CheckConstruction(decl, DeclarationOfMajority.Choice.NotYoungerThan, null, 6); + + decl = DeclarationOfMajority.GetInstance(null); + + if (decl != null) + { + Fail("null GetInstance() failed."); + } + + try + { + DeclarationOfMajority.GetInstance(new Object()); + + Fail("GetInstance() failed to detect bad object."); + } + catch (ArgumentException) + { + // expected + } + } + + private void CheckConstruction( + DeclarationOfMajority decl, + DeclarationOfMajority.Choice type, + DerGeneralizedTime dateOfBirth, + int notYoungerThan) + { + CheckValues(decl, type, dateOfBirth, notYoungerThan); + + decl = DeclarationOfMajority.GetInstance(decl); + + CheckValues(decl, type, dateOfBirth, notYoungerThan); + + decl = DeclarationOfMajority.GetInstance(Asn1Object.FromByteArray(decl.GetEncoded())); + + CheckValues(decl, type, dateOfBirth, notYoungerThan); + } + + private void CheckValues( + DeclarationOfMajority decl, + DeclarationOfMajority.Choice type, + DerGeneralizedTime dateOfBirth, + int notYoungerThan) + { + checkMandatoryField("type", (int) type, (int) decl.Type); + checkOptionalField("dateOfBirth", dateOfBirth, decl.DateOfBirth); + if (notYoungerThan != -1 && notYoungerThan != decl.NotYoungerThan) + { + Fail("notYoungerThan mismatch"); + } + } + + public static void Main( + string[] args) + { + RunTest(new DeclarationOfMajorityUnitTest()); + } + + [Test] + public void TestFunction() + { + string resultText = Perform().ToString(); + + Assert.AreEqual(Name + ": Okay", resultText); + } + } +} diff --git a/BouncyCastle/crypto/test/src/asn1/test/EncryptedPrivateKeyInfoTest.cs b/BouncyCastle/crypto/test/src/asn1/test/EncryptedPrivateKeyInfoTest.cs new file mode 100644 index 0000000..a84df59 --- /dev/null +++ b/BouncyCastle/crypto/test/src/asn1/test/EncryptedPrivateKeyInfoTest.cs @@ -0,0 +1,152 @@ +using System; +using System.IO; + +using NUnit.Framework; + +using Org.BouncyCastle.Asn1.Pkcs; +using Org.BouncyCastle.Asn1.Utilities; +using Org.BouncyCastle.Utilities; +using Org.BouncyCastle.Utilities.Encoders; +using Org.BouncyCastle.Utilities.Test; + +namespace Org.BouncyCastle.Asn1.Tests +{ + /** + * Test the reading and writing of EncryptedPrivateKeyInfo objects using + * the test vectors provided at + * + * RSA's Pkcs5 Page. + *
    + * The vectors are Base 64 encoded and encrypted using the password "password" + * (without quotes). They should all yield the same PrivateKeyInfo object. + */ + [TestFixture] + public class EncryptedPrivateKeyInfoTest + : ITest + { + static byte[] sample1 = Base64.Decode( + "MIIBozA9BgkqhkiG9w0BBQ0wMDAbBgkqhkiG9w0BBQwwDgQIfWBDXwLp4K4CAggA" + + "MBEGBSsOAwIHBAiaCF/AvOgQ6QSCAWDWX4BdAzCRNSQSANSuNsT5X8mWYO27mr3Y" + + "9c9LoBVXGNmYWKA77MI4967f7SmjNcgXj3xNE/jmnVz6hhsjS8E5VPT3kfyVkpdZ" + + "0lr5e9Yk2m3JWpPU7++v5zBkZmC4V/MwV/XuIs6U+vykgzMgpxQg0oZKS9zgmiZo" + + "f/4dOCL0UtCDnyOSvqT7mCVIcMDIEKu8QbVlgZYBop08l60EuEU3gARUo8WsYQmO" + + "Dz/ldx0Z+znIT0SXVuOwc+RVItC5T/Qx+aijmmpt+9l14nmaGBrEkmuhmtdvU/4v" + + "aptewGRgmjOfD6cqK+zs0O5NrrJ3P/6ZSxXj91CQgrThGfOv72bUncXEMNtc8pks" + + "2jpHFjGMdKufnadAD7XuMgzkkaklEXZ4f5tU6heIIwr51g0GBEGF96gYPFnjnSQM" + + "75JE02Clo+DfcfXpcybPTwwFg2jd6JTTOfkdf6OdSlA/1XNK43FA"); + + static byte[] sample2 = Base64.Decode( + "MIIBpjBABgkqhkiG9w0BBQ0wMzAbBgkqhkiG9w0BBQwwDgQIeFeOWl1jywYCAggA" + + "MBQGCCqGSIb3DQMHBAjUJ5eGBhQGtQSCAWBrHrRgqO8UUMLcWzZEtpk1l3mjxiF/" + + "koCMkHsFwowgyWhEbgIkTgbSViK54LVK8PskekcGNLph+rB6bGZ7pPbL5pbXASJ8" + + "+MkQcG3FZdlS4Ek9tTJDApj3O1UubZGFG4uvTlJJFbF1BOJ3MkY3XQ9Gl1qwv7j5" + + "6e103Da7Cq9+oIDKmznza78XXQYrUsPo8mJGjUxPskEYlzwvHjKubRnYm/K6RKhi" + + "5f4zX4BQ/Dt3H812ZjRXrsjAJP0KrD/jyD/jCT7zNBVPH1izBds+RwizyQAHwfNJ" + + "BFR78TH4cgzB619X47FDVOnT0LqQNVd0O3cSwnPrXE9XR3tPayE+iOB15llFSmi8" + + "z0ByOXldEpkezCn92Umk++suzIVj1qfsK+bv2phZWJPbLEIWPDRHUbYf76q5ArAr" + + "u4xtxT/hoK3krEs/IN3d70qjlUJ36SEw1UaZ82PWhakQbdtu39ZraMJB"); + + static byte[] sample3 = Base64.Decode( + "MIIBrjBIBgkqhkiG9w0BBQ0wOzAeBgkqhkiG9w0BBQwwEQQIrHyQPBZqWLUCAggA" + + "AgEQMBkGCCqGSIb3DQMCMA0CAToECEhbh7YZKiPSBIIBYCT1zp6o5jpFlIkgwPop" + + "7bW1+8ACr4exqzkeb3WflQ8cWJ4cURxzVdvxUnXeW1VJdaQZtjS/QHs5GhPTG/0f" + + "wtvnaPfwrIJ3FeGaZfcg2CrYhalOFmEb4xrE4KyoEQmUN8tb/Cg94uzd16BOPw21" + + "RDnE8bnPdIGY7TyL95kbkqH23mK53pi7h+xWIgduW+atIqDyyt55f7WMZcvDvlj6" + + "VpN/V0h+qxBHL274WA4dj6GYgeyUFpi60HdGCK7By2TBy8h1ZvKGjmB9h8jZvkx1" + + "MkbRumXxyFsowTZawyYvO8Um6lbfEDP9zIEUq0IV8RqH2MRyblsPNSikyYhxX/cz" + + "tdDxRKhilySbSBg5Kr8OfcwKp9bpinN96nmG4xr3Tch1bnVvqJzOQ5+Vva2WwVvH" + + "2JkWvYm5WaANg4Q6bRxu9vz7DuhbJjQdZbxFezIAgrJdSe92B00jO/0Kny1WjiVO" + + "6DA="); + + public string Name + { + get { return "EncryptedPrivateKeyInfoTest"; } + } + + private ITestResult DoTest( + int id, + byte[] sample) + { + EncryptedPrivateKeyInfo info; + try + { + info = EncryptedPrivateKeyInfo.GetInstance(Asn1Object.FromByteArray(sample)); + } + catch (Exception e) + { + return new SimpleTestResult(false, Name + ": test " + id + " failed construction - exception " + + e.ToString()); + } + + byte[] bytes; + try + { + bytes = info.GetDerEncoded(); + } + catch (Exception e) + { + return new SimpleTestResult(false, + Name + ": test " + id + " failed writing - exception " + e.ToString()); + } + + if (!Arrays.AreEqual(bytes, sample)) + { + try + { + Asn1Object obj = Asn1Object.FromByteArray(bytes); + + return new SimpleTestResult(false, Name + ": test " + id + + " length mismatch - expected " + sample.Length + SimpleTest.NewLine + + Asn1Dump.DumpAsString(info) + " got " + bytes.Length + SimpleTest.NewLine + + Asn1Dump.DumpAsString(obj)); + } + catch (Exception e) + { + return new SimpleTestResult(false, Name + ": test " + id + " data mismatch - exception " + e.ToString()); + } + } + + return new SimpleTestResult(true, Name + ": test " + id + " Okay"); + } + + public ITestResult Perform() + { + ITestResult result = DoTest(0, sample1); + if (!result.IsSuccessful()) + { + return result; + } + + result = DoTest(1, sample2); + if (!result.IsSuccessful()) + { + return result; + } + + result = DoTest(2, sample3); + if (!result.IsSuccessful()) + { + return result; + } + + return new SimpleTestResult(true, Name + ": Okay"); + } + + public static void Main( + string[] args) + { + ITest test = new EncryptedPrivateKeyInfoTest(); + ITestResult result = test.Perform(); + + Console.WriteLine(result); + } + + [Test] + public void TestFunction() + { + string resultText = Perform().ToString(); + + Assert.AreEqual(Name + ": Okay", resultText); + } + } +} diff --git a/BouncyCastle/crypto/test/src/asn1/test/EnumeratedTest.cs b/BouncyCastle/crypto/test/src/asn1/test/EnumeratedTest.cs new file mode 100644 index 0000000..31ff133 --- /dev/null +++ b/BouncyCastle/crypto/test/src/asn1/test/EnumeratedTest.cs @@ -0,0 +1,119 @@ +using System; + +using NUnit.Framework; + +using Org.BouncyCastle.Asn1; +using Org.BouncyCastle.Utilities.Encoders; + +namespace Org.BouncyCastle.Asn1.Tests +{ + /// + /// Tests used to verify correct decoding of the ENUMERATED type. + /// + [TestFixture] + public class EnumeratedTest + { + /// + /// Test vector used to test decoding of multiple items. + /// + /// This sample uses an ENUMERATED and a BOOLEAN. + private static readonly byte[] MultipleSingleByteItems = Hex.Decode("30060a01010101ff"); + + /// + /// Test vector used to test decoding of multiple items. + /// + /// This sample uses two ENUMERATEDs. + private static readonly byte[] MultipleDoubleByteItems = Hex.Decode("30080a0201010a020202"); + + /// + /// Test vector used to test decoding of multiple items. + /// + /// This sample uses an ENUMERATED and an OBJECT IDENTIFIER. + private static readonly byte[] MultipleTripleByteItems = Hex.Decode("300a0a0301010106032b0601"); + + /// + /// Makes sure multiple identically sized values are parsed correctly. + /// + [Test] + public void TestReadingMultipleSingleByteItems() + { + Asn1Object obj = Asn1Object.FromByteArray(MultipleSingleByteItems); + + Assert.IsTrue(obj is DerSequence, "Null ASN.1 SEQUENCE"); + + DerSequence sequence = (DerSequence)obj; + + Assert.AreEqual(2, sequence.Count, "2 items expected"); + + DerEnumerated enumerated = sequence[0] as DerEnumerated; + + Assert.IsNotNull(enumerated, "ENUMERATED expected"); + + Assert.AreEqual(1, enumerated.IntValueExact, "Unexpected ENUMERATED value"); + Assert.IsTrue(enumerated.HasValue(1), "Unexpected ENUMERATED value"); + + DerBoolean boolean = sequence[1] as DerBoolean; + + Assert.IsNotNull(boolean, "BOOLEAN expected"); + + Assert.IsTrue(boolean.IsTrue, "Unexpected BOOLEAN value"); + } + + /// + /// Makes sure multiple identically sized values are parsed correctly. + /// + [Test] + public void TestReadingMultipleDoubleByteItems() + { + Asn1Object obj = Asn1Object.FromByteArray(MultipleDoubleByteItems); + + Assert.IsTrue(obj is DerSequence, "Null ASN.1 SEQUENCE"); + + DerSequence sequence = (DerSequence)obj; + + Assert.AreEqual(2, sequence.Count, "2 items expected"); + + DerEnumerated enumerated1 = sequence[0] as DerEnumerated; + + Assert.IsNotNull(enumerated1, "ENUMERATED expected"); + + Assert.AreEqual(257, enumerated1.IntValueExact, "Unexpected ENUMERATED value"); + Assert.IsTrue(enumerated1.HasValue(257), "Unexpected ENUMERATED value"); + + DerEnumerated enumerated2 = sequence[1] as DerEnumerated; + + Assert.IsNotNull(enumerated2, "ENUMERATED expected"); + + Assert.AreEqual(514, enumerated2.IntValueExact, "Unexpected ENUMERATED value"); + Assert.IsTrue(enumerated2.HasValue(514), "Unexpected ENUMERATED value"); + } + + /// + /// Makes sure multiple identically sized values are parsed correctly. + /// + [Test] + public void TestReadingMultipleTripleByteItems() + { + Asn1Object obj = Asn1Object.FromByteArray(MultipleTripleByteItems); + + Assert.IsTrue(obj is DerSequence, "Null ASN.1 SEQUENCE"); + + DerSequence sequence = (DerSequence)obj; + + Assert.AreEqual(2, sequence.Count, "2 items expected"); + + DerEnumerated enumerated = sequence[0] as DerEnumerated; + + Assert.IsNotNull(enumerated, "ENUMERATED expected"); + + Assert.AreEqual(65793, enumerated.IntValueExact, "Unexpected ENUMERATED value"); + Assert.IsTrue(enumerated.HasValue(65793), "Unexpected ENUMERATED value"); + + DerObjectIdentifier objectId = sequence[1] as DerObjectIdentifier; + + Assert.IsNotNull(objectId, "OBJECT IDENTIFIER expected"); + + Assert.AreEqual("1.3.6.1", objectId.Id, "Unexpected OBJECT IDENTIFIER value"); + } + } +} diff --git a/BouncyCastle/crypto/test/src/asn1/test/EqualsAndHashCodeTest.cs b/BouncyCastle/crypto/test/src/asn1/test/EqualsAndHashCodeTest.cs new file mode 100644 index 0000000..396268f --- /dev/null +++ b/BouncyCastle/crypto/test/src/asn1/test/EqualsAndHashCodeTest.cs @@ -0,0 +1,98 @@ +using System; +using System.IO; + +using NUnit.Framework; + +using Org.BouncyCastle.Utilities; +using Org.BouncyCastle.Utilities.Encoders; +using Org.BouncyCastle.Utilities.Test; + +namespace Org.BouncyCastle.Asn1.Tests +{ + [TestFixture] + public class EqualsAndHashCodeTest + : SimpleTest + { + public override void PerformTest() + { + byte[] data = { 0, 1, 0, 1, 0, 0, 1 }; + + Asn1Object[] values = + { + new BerOctetString(data), + new BerSequence(new DerPrintableString("hello world")), + new BerSet(new DerPrintableString("hello world")), + new BerTaggedObject(0, new DerPrintableString("hello world")), + new DerApplicationSpecific(0, data), + new DerBitString(data), + new DerBmpString("hello world"), + DerBoolean.True, + DerBoolean.False, + new DerEnumerated(100), + new DerGeneralizedTime("20070315173729Z"), + new DerGeneralString("hello world"), + new DerIA5String("hello"), + new DerInteger(1000), + DerNull.Instance, + new DerNumericString("123456"), + new DerObjectIdentifier("1.1.1.10000.1"), + new Asn1RelativeOid("3.2.0.123456"), + new DerOctetString(data), + new DerPrintableString("hello world"), + new DerSequence(new DerPrintableString("hello world")), + new DerSet(new DerPrintableString("hello world")), + new DerT61String("hello world"), + new DerTaggedObject(0, new DerPrintableString("hello world")), + new DerUniversalString(data), + new DerUtcTime(new DateTime()), + new DerUtf8String("hello world"), + new DerVisibleString("hello world"), + new DerGraphicString(Hex.Decode("deadbeef")), + new DerVideotexString(Strings.ToByteArray("Hello World")) + }; + + MemoryStream bOut = new MemoryStream(); + Asn1OutputStream aOut = Asn1OutputStream.Create(bOut); + + for (int i = 0; i != values.Length; i++) + { + aOut.WriteObject(values[i]); + } + + Asn1InputStream aIn = new Asn1InputStream(bOut.ToArray()); + + for (int i = 0; i != values.Length; i++) + { + Asn1Object o = aIn.ReadObject(); + if (!o.Equals(values[i])) + { + Fail("Failed equality test for " + o.GetType().Name); + } + + if (o.GetHashCode() != values[i].GetHashCode()) + { + Fail("Failed hashCode test for " + o.GetType().Name); + } + } + } + + public override string Name + { + get { return "EqualsAndHashCode"; } + } + + public static void Main( + string[] args) + { + RunTest(new EqualsAndHashCodeTest()); + } + + [Test] + public void TestFunction() + { + string resultText = Perform().ToString(); + + Assert.AreEqual(Name + ": Okay", resultText); + } + } +} diff --git a/BouncyCastle/crypto/test/src/asn1/test/EssCertIDv2UnitTest.cs b/BouncyCastle/crypto/test/src/asn1/test/EssCertIDv2UnitTest.cs new file mode 100644 index 0000000..8f53c9b --- /dev/null +++ b/BouncyCastle/crypto/test/src/asn1/test/EssCertIDv2UnitTest.cs @@ -0,0 +1,46 @@ +using System; + +using NUnit.Framework; + +using Org.BouncyCastle.Asn1; +using Org.BouncyCastle.Asn1.Ess; +using Org.BouncyCastle.Asn1.Nist; +using Org.BouncyCastle.Asn1.X509; + +namespace Org.BouncyCastle.Asn1.Tests +{ + [TestFixture] + public class EssCertIDv2UnitTest + : Asn1UnitTest + { + public override string Name + { + get { return "ESSCertIDv2"; } + } + + public override void PerformTest() + { + // check GetInstance on default algorithm. + byte[] digest = new byte[32]; + EssCertIDv2 essCertIdv2 = new EssCertIDv2( + new AlgorithmIdentifier(NistObjectIdentifiers.IdSha256), digest); + Asn1Object asn1Object = essCertIdv2.ToAsn1Object(); + + EssCertIDv2.GetInstance(asn1Object); + } + + public static void Main( + string[] args) + { + RunTest(new EssCertIDv2UnitTest()); + } + + [Test] + public void TestFunction() + { + string resultText = Perform().ToString(); + + Assert.AreEqual(Name + ": Okay", resultText); + } + } +} diff --git a/BouncyCastle/crypto/test/src/asn1/test/GeneralNameTest.cs b/BouncyCastle/crypto/test/src/asn1/test/GeneralNameTest.cs new file mode 100644 index 0000000..e9c3b58 --- /dev/null +++ b/BouncyCastle/crypto/test/src/asn1/test/GeneralNameTest.cs @@ -0,0 +1,116 @@ +using System; + +using NUnit.Framework; + +using Org.BouncyCastle.Asn1.X509; +using Org.BouncyCastle.Utilities; +using Org.BouncyCastle.Utilities.Encoders; +using Org.BouncyCastle.Utilities.Test; + +namespace Org.BouncyCastle.Asn1.Tests +{ + [TestFixture] + public class GeneralNameTest + : SimpleTest + { + private static readonly byte[] ipv4 = Hex.Decode("87040a090800"); + private static readonly byte[] ipv4WithMask = Hex.Decode("87080a090800ffffff00"); + + private static readonly byte[] ipv6a = Hex.Decode("871020010db885a308d313198a2e03707334"); + private static readonly byte[] ipv6b = Hex.Decode("871020010db885a3000013198a2e03707334"); + private static readonly byte[] ipv6c = Hex.Decode("871000000000000000000000000000000001"); + private static readonly byte[] ipv6d = Hex.Decode("871020010db885a3000000008a2e03707334"); + private static readonly byte[] ipv6e = Hex.Decode("871020010db885a3000000008a2e0a090800"); + private static readonly byte[] ipv6f = Hex.Decode("872020010db885a3000000008a2e0a090800ffffffffffff00000000000000000000"); + private static readonly byte[] ipv6g = Hex.Decode("872020010db885a3000000008a2e0a090800ffffffffffffffffffffffffffffffff"); + private static readonly byte[] ipv6h = Hex.Decode("872020010db885a300000000000000000000ffffffffffff00000000000000000000"); + + public override string Name + { + get { return "GeneralName"; } + } + + public override void PerformTest() + { + GeneralName nm = new GeneralName(GeneralName.IPAddress, "10.9.8.0"); + if (!Arrays.AreEqual(nm.GetEncoded(), ipv4)) + { + Fail("ipv4 encoding failed"); + } + + nm = new GeneralName(GeneralName.IPAddress, "10.9.8.0/255.255.255.0"); + if (!Arrays.AreEqual(nm.GetEncoded(), ipv4WithMask)) + { + Fail("ipv4 with netmask 1 encoding failed"); + } + + nm = new GeneralName(GeneralName.IPAddress, "10.9.8.0/24"); + if (!Arrays.AreEqual(nm.GetEncoded(), ipv4WithMask)) + { + Fail("ipv4 with netmask 2 encoding failed"); + } + + nm = new GeneralName(GeneralName.IPAddress, "2001:0db8:85a3:08d3:1319:8a2e:0370:7334"); + if (!Arrays.AreEqual(nm.GetEncoded(), ipv6a)) + { + Fail("ipv6 with netmask encoding failed"); + } + + nm = new GeneralName(GeneralName.IPAddress, "2001:0db8:85a3::1319:8a2e:0370:7334"); + if (!Arrays.AreEqual(nm.GetEncoded(), ipv6b)) + { + Fail("ipv6b encoding failed"); + } + + nm = new GeneralName(GeneralName.IPAddress, "::1"); + if (!Arrays.AreEqual(nm.GetEncoded(), ipv6c)) + { + Fail("ipv6c failed"); + } + + nm = new GeneralName(GeneralName.IPAddress, "2001:0db8:85a3::8a2e:0370:7334"); + if (!Arrays.AreEqual(nm.GetEncoded(), ipv6d)) + { + Fail("ipv6d failed"); + } + + nm = new GeneralName(GeneralName.IPAddress, "2001:0db8:85a3::8a2e:10.9.8.0"); + if (!Arrays.AreEqual(nm.GetEncoded(), ipv6e)) + { + Fail("ipv6e failed"); + } + + nm = new GeneralName(GeneralName.IPAddress, "2001:0db8:85a3::8a2e:10.9.8.0/ffff:ffff:ffff::0000"); + if (!Arrays.AreEqual(nm.GetEncoded(), ipv6f)) + { + Fail("ipv6f failed"); + } + + nm = new GeneralName(GeneralName.IPAddress, "2001:0db8:85a3::8a2e:10.9.8.0/128"); + if (!Arrays.AreEqual(nm.GetEncoded(), ipv6g)) + { + Fail("ipv6g failed"); + } + + nm = new GeneralName(GeneralName.IPAddress, "2001:0db8:85a3::/48"); + if (!Arrays.AreEqual(nm.GetEncoded(), ipv6h)) + { + Fail("ipv6h failed"); + } + } + + public static void Main( + string[] args) + { + RunTest(new GeneralNameTest()); + } + + [Test] + public void TestFunction() + { + string resultText = Perform().ToString(); + + Assert.AreEqual(resultText, Name + ": Okay", resultText); + } + } +} diff --git a/BouncyCastle/crypto/test/src/asn1/test/GeneralizedTimeTest.cs b/BouncyCastle/crypto/test/src/asn1/test/GeneralizedTimeTest.cs new file mode 100644 index 0000000..51995e1 --- /dev/null +++ b/BouncyCastle/crypto/test/src/asn1/test/GeneralizedTimeTest.cs @@ -0,0 +1,231 @@ +using System; + +using NUnit.Framework; + +using Org.BouncyCastle.Utilities.Test; + +namespace Org.BouncyCastle.Asn1.Tests +{ + /** + * X.690 test example + */ + [TestFixture] + public class GeneralizedTimeTest + : SimpleTest + { + private static readonly string[] input = + { + "20020122122220", + "20020122122220Z", + "20020122122220-1000", + "20020122122220+00", + "20020122122220.1", + "20020122122220.1Z", + "20020122122220.1-1000", + "20020122122220.1+00", + "20020122122220.01", + "20020122122220.01Z", + "20020122122220.01-1000", + "20020122122220.01+00", + "20020122122220.001", + "20020122122220.001Z", + "20020122122220.001-1000", + "20020122122220.001+00", + "20020122122220.0001", + "20020122122220.0001Z", + "20020122122220.0001-1000", + "20020122122220.0001+00", + "20020122122220.0001+1000" + }; + + private static readonly string[] output = + { + "20020122122220", + "20020122122220GMT+00:00", + "20020122122220GMT-10:00", + "20020122122220GMT+00:00", + "20020122122220.1", + "20020122122220.1GMT+00:00", + "20020122122220.1GMT-10:00", + "20020122122220.1GMT+00:00", + "20020122122220.01", + "20020122122220.01GMT+00:00", + "20020122122220.01GMT-10:00", + "20020122122220.01GMT+00:00", + "20020122122220.001", + "20020122122220.001GMT+00:00", + "20020122122220.001GMT-10:00", + "20020122122220.001GMT+00:00", + "20020122122220.0001", + "20020122122220.0001GMT+00:00", + "20020122122220.0001GMT-10:00", + "20020122122220.0001GMT+00:00", + "20020122122220.0001GMT+10:00" + }; + + private static readonly string[] zOutput = + { + "20020122122220Z", + "20020122122220Z", + "20020122222220Z", + "20020122122220Z", + "20020122122220Z", + "20020122122220Z", + "20020122222220Z", + "20020122122220Z", + "20020122122220Z", + "20020122122220Z", + "20020122222220Z", + "20020122122220Z", + "20020122122220Z", + "20020122122220Z", + "20020122222220Z", + "20020122122220Z", + "20020122122220Z", + "20020122122220Z", + "20020122222220Z", + "20020122122220Z", + "20020122022220Z" + }; + + private static readonly string[] mzOutput = + { + "20020122122220.000Z", + "20020122122220.000Z", + "20020122222220.000Z", + "20020122122220.000Z", + "20020122122220.100Z", + "20020122122220.100Z", + "20020122222220.100Z", + "20020122122220.100Z", + "20020122122220.010Z", + "20020122122220.010Z", + "20020122222220.010Z", + "20020122122220.010Z", + "20020122122220.001Z", + "20020122122220.001Z", + "20020122222220.001Z", + "20020122122220.001Z", + "20020122122220.000Z", + "20020122122220.000Z", + "20020122222220.000Z", + "20020122122220.000Z", + "20020122022220.000Z" + }; + + public override string Name + { + get { return "GeneralizedTime"; } + } + + public override void PerformTest() + { + for (int i = 0; i != input.Length; i++) + { + string ii = input[i], oi = output[i]; + + DerGeneralizedTime t = new DerGeneralizedTime(ii); + DateTime dt = t.ToDateTime(); + string st = t.GetTime(); + + if (oi.IndexOf('G') > 0) // don't check local time the same way + { + if (!st.Equals(oi)) + { + Fail("failed conversion test"); + } + + string dts = dt.ToString(@"yyyyMMddHHmmss\Z"); + string zi = zOutput[i]; + if (!dts.Equals(zi)) + { + Fail("failed date conversion test"); + } + } + else + { + string offset = CalculateGmtOffset(dt); + if (!st.Equals(oi + offset)) + { + Fail("failed conversion test"); + } + } + } + + for (int i = 0; i != input.Length; i++) + { + DerGeneralizedTime t = new DerGeneralizedTime(input[i]); + + if (!t.ToDateTime().ToString(@"yyyyMMddHHmmss.fff\Z").Equals(mzOutput[i])) + { + Console.WriteLine("{0} != {1}", t.ToDateTime().ToString(@"yyyyMMddHHmmss.SSS\Z"), mzOutput[i]); + + Fail("failed long date conversion test"); + } + } + + /* + * [BMA-87] + */ + { + DateTime t1 = new DerUtcTime("110616114855Z").ToDateTime(); + DateTime t2 = new DerGeneralizedTime("20110616114855Z").ToDateTime(); + + if (t1 != t2) + { + Fail("failed UTC equivalence test"); + } + + DateTime u1 = t1.ToUniversalTime(); + DateTime u2 = t2.ToUniversalTime(); + + if (u1 != u2) + { + Fail("failed UTC conversion test"); + } + } + } + + private string CalculateGmtOffset( + DateTime date) + { + char sign = '+'; + + // Note: GetUtcOffset incorporates Daylight Savings offset + TimeSpan offset = TimeZone.CurrentTimeZone.GetUtcOffset(date); + if (offset.CompareTo(TimeSpan.Zero) < 0) + { + sign = '-'; + offset = offset.Duration(); + } + int hours = offset.Hours; + int minutes = offset.Minutes; + + return "GMT" + sign + Convert(hours) + ":" + Convert(minutes); + } + + private string Convert(int time) + { + if (time < 10) + { + return "0" + time; + } + + return time.ToString(); + } + + public static void Main( + string[] args) + { + RunTest(new GeneralizedTimeTest()); + } + + [Test] + public void TestFunction() + { + string resultText = Perform().ToString(); + + Assert.AreEqual(Name + ": Okay", resultText); + } + } +} diff --git a/BouncyCastle/crypto/test/src/asn1/test/GenerationTest.cs b/BouncyCastle/crypto/test/src/asn1/test/GenerationTest.cs new file mode 100644 index 0000000..862e66d --- /dev/null +++ b/BouncyCastle/crypto/test/src/asn1/test/GenerationTest.cs @@ -0,0 +1,325 @@ +using System; +using System.Collections; +using System.IO; +using System.Text; + +using NUnit.Framework; + +using Org.BouncyCastle.Asn1.Oiw; +using Org.BouncyCastle.Asn1.Pkcs; +using Org.BouncyCastle.Asn1.X509; +using Org.BouncyCastle.Math; +using Org.BouncyCastle.Utilities; +using Org.BouncyCastle.Utilities.Encoders; +using Org.BouncyCastle.Utilities.Test; + +namespace Org.BouncyCastle.Asn1.Tests +{ + [TestFixture] + public class GenerationTest + : SimpleTest + { + private static readonly byte[] v1Cert = Base64.Decode( + "MIGtAgEBMA0GCSqGSIb3DQEBBAUAMCUxCzAJBgNVBAMMAkFVMRYwFAYDVQQKDA1Cb" + + "3VuY3kgQ2FzdGxlMB4XDTcwMDEwMTAwMDAwMVoXDTcwMDEwMTAwMDAxMlowNjELMA" + + "kGA1UEAwwCQVUxFjAUBgNVBAoMDUJvdW5jeSBDYXN0bGUxDzANBgNVBAsMBlRlc3Q" + + "gMTAaMA0GCSqGSIb3DQEBAQUAAwkAMAYCAQECAQI="); + + private static readonly byte[] v3Cert = Base64.Decode( + "MIIBSKADAgECAgECMA0GCSqGSIb3DQEBBAUAMCUxCzAJBgNVBAMMAkFVMRYwFAYD" + + "VQQKDA1Cb3VuY3kgQ2FzdGxlMB4XDTcwMDEwMTAwMDAwMVoXDTcwMDEwMTAwMDAw" + + "MlowNjELMAkGA1UEAwwCQVUxFjAUBgNVBAoMDUJvdW5jeSBDYXN0bGUxDzANBgNV" + + "BAsMBlRlc3QgMjAYMBAGBisOBwIBATAGAgEBAgECAwQAAgEDo4GVMIGSMGEGA1Ud" + + "IwEB/wRXMFWAFDZPdpHPzKi7o8EJokkQU2uqCHRRoTqkODA2MQswCQYDVQQDDAJB" + + "VTEWMBQGA1UECgwNQm91bmN5IENhc3RsZTEPMA0GA1UECwwGVGVzdCAyggECMCAG" + + "A1UdDgEB/wQWBBQ2T3aRz8you6PBCaJJEFNrqgh0UTALBgNVHQ8EBAMCBBA="); + + private static readonly byte[] v3CertNullSubject = Base64.Decode( + "MIHGoAMCAQICAQIwDQYJKoZIhvcNAQEEBQAwJTELMAkGA1UEAwwCQVUxFjAUBgNVB" + + "AoMDUJvdW5jeSBDYXN0bGUwHhcNNzAwMTAxMDAwMDAxWhcNNzAwMTAxMDAwMDAyWj" + + "AAMBgwEAYGKw4HAgEBMAYCAQECAQIDBAACAQOjSjBIMEYGA1UdEQEB/wQ8MDqkODA" + + "2MQswCQYDVQQDDAJBVTEWMBQGA1UECgwNQm91bmN5IENhc3RsZTEPMA0GA1UECwwG" + + "VGVzdCAy"); + + private static readonly byte[] v2CertList = Base64.Decode( + "MIIBRQIBATANBgkqhkiG9w0BAQUFADAlMQswCQYDVQQDDAJBVTEWMBQGA1UECgwN" + + "Qm91bmN5IENhc3RsZRcNNzAwMTAxMDAwMDAwWhcNNzAwMTAxMDAwMDAyWjAkMCIC" + + "AQEXDTcwMDEwMTAwMDAwMVowDjAMBgNVHRUEBQoDAIAAoIHFMIHCMGEGA1UdIwEB" + + "/wRXMFWAFDZPdpHPzKi7o8EJokkQU2uqCHRRoTqkODA2MQswCQYDVQQDDAJBVTEW" + + "MBQGA1UECgwNQm91bmN5IENhc3RsZTEPMA0GA1UECwwGVGVzdCAyggECMEMGA1Ud" + + "EgQ8MDqkODA2MQswCQYDVQQDDAJBVTEWMBQGA1UECgwNQm91bmN5IENhc3RsZTEP" + + "MA0GA1UECwwGVGVzdCAzMAoGA1UdFAQDAgEBMAwGA1UdHAEB/wQCMAA="); + + private void TbsV1CertGenerate() + { + V1TbsCertificateGenerator gen = new V1TbsCertificateGenerator(); + DateTime startDate = MakeUtcDateTime(1970, 1, 1, 0, 0, 1); + DateTime endDate = MakeUtcDateTime(1970, 1, 1, 0, 0, 12); + + gen.SetSerialNumber(new DerInteger(1)); + + gen.SetStartDate(new Time(startDate)); + gen.SetEndDate(new Time(endDate)); + + gen.SetIssuer(new X509Name("CN=AU,O=Bouncy Castle")); + gen.SetSubject(new X509Name("CN=AU,O=Bouncy Castle,OU=Test 1")); + + gen.SetSignature(new AlgorithmIdentifier(PkcsObjectIdentifiers.MD5WithRsaEncryption, DerNull.Instance)); + + SubjectPublicKeyInfo info = new SubjectPublicKeyInfo(new AlgorithmIdentifier(PkcsObjectIdentifiers.RsaEncryption, DerNull.Instance), + new RsaPublicKeyStructure(BigInteger.One, BigInteger.Two)); + + gen.SetSubjectPublicKeyInfo(info); + + TbsCertificateStructure tbs = gen.GenerateTbsCertificate(); + + if (!Arrays.AreEqual(tbs.GetEncoded(), v1Cert)) + { + Fail("failed v1 cert generation"); + } + + // + // read back test + // + Asn1InputStream aIn = new Asn1InputStream(v1Cert); + Asn1Object o = aIn.ReadObject(); + + if (!Arrays.AreEqual(o.GetEncoded(), v1Cert)) + { + Fail("failed v1 cert read back test"); + } + } + + private AuthorityKeyIdentifier CreateAuthorityKeyId( + SubjectPublicKeyInfo info, + X509Name name, + int sNumber) + { + GeneralName genName = new GeneralName(name); + + return new AuthorityKeyIdentifier( + info, + GeneralNames.GetInstance(new DerSequence(genName)), + BigInteger.ValueOf(sNumber)); + } + + private void TbsV3CertGenerate() + { + V3TbsCertificateGenerator gen = new V3TbsCertificateGenerator(); + DateTime startDate = MakeUtcDateTime(1970, 1, 1, 0, 0, 1); + DateTime endDate = MakeUtcDateTime(1970, 1, 1, 0, 0, 2); + + gen.SetSerialNumber(new DerInteger(2)); + + gen.SetStartDate(new Time(startDate)); + gen.SetEndDate(new Time(endDate)); + + gen.SetIssuer(new X509Name("CN=AU,O=Bouncy Castle")); + gen.SetSubject(new X509Name("CN=AU,O=Bouncy Castle,OU=Test 2")); + + gen.SetSignature(new AlgorithmIdentifier(PkcsObjectIdentifiers.MD5WithRsaEncryption, DerNull.Instance)); + + SubjectPublicKeyInfo info = new SubjectPublicKeyInfo( + new AlgorithmIdentifier( + OiwObjectIdentifiers.ElGamalAlgorithm, + new ElGamalParameter(BigInteger.One, BigInteger.Two)), + new DerInteger(3)); + + gen.SetSubjectPublicKeyInfo(info); + + // + // add extensions + // + IList order = new ArrayList(); + IDictionary extensions = new Hashtable(); + + order.Add(X509Extensions.AuthorityKeyIdentifier); + order.Add(X509Extensions.SubjectKeyIdentifier); + order.Add(X509Extensions.KeyUsage); + + extensions.Add(X509Extensions.AuthorityKeyIdentifier, new X509Extension(true, new DerOctetString(CreateAuthorityKeyId(info, new X509Name("CN=AU,O=Bouncy Castle,OU=Test 2"), 2)))); + extensions.Add(X509Extensions.SubjectKeyIdentifier, new X509Extension(true, new DerOctetString(new SubjectKeyIdentifier(info)))); + extensions.Add(X509Extensions.KeyUsage, new X509Extension(false, new DerOctetString(new KeyUsage(KeyUsage.DataEncipherment)))); + + X509Extensions ex = new X509Extensions(order, extensions); + + gen.SetExtensions(ex); + + TbsCertificateStructure tbs = gen.GenerateTbsCertificate(); + + if (!Arrays.AreEqual(tbs.GetEncoded(), v3Cert)) + { + Fail("failed v3 cert generation"); + } + + // + // read back test + // + Asn1Object o = Asn1Object.FromByteArray(v3Cert); + + if (!Arrays.AreEqual(o.GetEncoded(), v3Cert)) + { + Fail("failed v3 cert read back test"); + } + } + + private void TbsV3CertGenWithNullSubject() + { + V3TbsCertificateGenerator gen = new V3TbsCertificateGenerator(); + DateTime startDate = MakeUtcDateTime(1970, 1, 1, 0, 0, 1); + DateTime endDate = MakeUtcDateTime(1970, 1, 1, 0, 0, 2); + + gen.SetSerialNumber(new DerInteger(2)); + + gen.SetStartDate(new Time(startDate)); + gen.SetEndDate(new Time(endDate)); + + gen.SetIssuer(new X509Name("CN=AU,O=Bouncy Castle")); + + gen.SetSignature(new AlgorithmIdentifier(PkcsObjectIdentifiers.MD5WithRsaEncryption, DerNull.Instance)); + + SubjectPublicKeyInfo info = new SubjectPublicKeyInfo( + new AlgorithmIdentifier(OiwObjectIdentifiers.ElGamalAlgorithm, + new ElGamalParameter(BigInteger.One, BigInteger.Two)), + new DerInteger(3)); + + gen.SetSubjectPublicKeyInfo(info); + + try + { + gen.GenerateTbsCertificate(); + Fail("null subject not caught!"); + } + catch (InvalidOperationException e) + { + if (!e.Message.Equals("not all mandatory fields set in V3 TBScertificate generator")) + { + Fail("unexpected exception", e); + } + } + + // + // add extensions + // + IList order = new ArrayList(); + IDictionary extensions = new Hashtable(); + + order.Add(X509Extensions.SubjectAlternativeName); + + extensions.Add( + X509Extensions.SubjectAlternativeName, + new X509Extension( + true, + new DerOctetString( + new GeneralNames( + new GeneralName( + new X509Name("CN=AU,O=Bouncy Castle,OU=Test 2")))))); + + X509Extensions ex = new X509Extensions(order, extensions); + + gen.SetExtensions(ex); + + TbsCertificateStructure tbs = gen.GenerateTbsCertificate(); + + if (!Arrays.AreEqual(tbs.GetEncoded(), v3CertNullSubject)) + { + Fail("failed v3 null sub cert generation"); + } + + // + // read back test + // + Asn1Object o = Asn1Object.FromByteArray(v3CertNullSubject); + + if (!Arrays.AreEqual(o.GetEncoded(), v3CertNullSubject)) + { + Fail("failed v3 null sub cert read back test"); + } + } + + private void TbsV2CertListGenerate() + { + V2TbsCertListGenerator gen = new V2TbsCertListGenerator(); + + gen.SetIssuer(new X509Name("CN=AU,O=Bouncy Castle")); + + gen.AddCrlEntry(new DerInteger(1), new Time(MakeUtcDateTime(1970, 1, 1, 0, 0, 1)), ReasonFlags.AACompromise); + + gen.SetNextUpdate(new Time(MakeUtcDateTime(1970, 1, 1, 0, 0, 2))); + + gen.SetThisUpdate(new Time(MakeUtcDateTime(1970, 1, 1, 0, 0, 0, 500))); + + gen.SetSignature(new AlgorithmIdentifier(PkcsObjectIdentifiers.Sha1WithRsaEncryption, DerNull.Instance)); + + // + // extensions + // + IList order = new ArrayList(); + IDictionary extensions = new Hashtable(); + SubjectPublicKeyInfo info = new SubjectPublicKeyInfo( + new AlgorithmIdentifier( + OiwObjectIdentifiers.ElGamalAlgorithm, + new ElGamalParameter(BigInteger.One, BigInteger.Two)), + new DerInteger(3)); + + order.Add(X509Extensions.AuthorityKeyIdentifier); + order.Add(X509Extensions.IssuerAlternativeName); + order.Add(X509Extensions.CrlNumber); + order.Add(X509Extensions.IssuingDistributionPoint); + + extensions.Add(X509Extensions.AuthorityKeyIdentifier, new X509Extension(true, new DerOctetString(CreateAuthorityKeyId(info, new X509Name("CN=AU,O=Bouncy Castle,OU=Test 2"), 2)))); + extensions.Add(X509Extensions.IssuerAlternativeName, new X509Extension(false, new DerOctetString(GeneralNames.GetInstance(new DerSequence(new GeneralName(new X509Name("CN=AU,O=Bouncy Castle,OU=Test 3"))))))); + extensions.Add(X509Extensions.CrlNumber, new X509Extension(false, new DerOctetString(new DerInteger(1)))); + extensions.Add(X509Extensions.IssuingDistributionPoint, new X509Extension(true, new DerOctetString(IssuingDistributionPoint.GetInstance(DerSequence.Empty)))); + + X509Extensions ex = new X509Extensions(order, extensions); + + gen.SetExtensions(ex); + + TbsCertificateList tbs = gen.GenerateTbsCertList(); + + if (!Arrays.AreEqual(tbs.GetEncoded(), v2CertList)) + { + Fail("failed v2 cert list generation"); + } + + // + // read back test + // + Asn1InputStream aIn = new Asn1InputStream(v2CertList); + Asn1Object o = aIn.ReadObject(); + + if (!Arrays.AreEqual(o.GetEncoded(), v2CertList)) + { + Fail("failed v2 cert list read back test"); + } + } + + public override void PerformTest() + { + TbsV1CertGenerate(); + TbsV3CertGenerate(); + TbsV3CertGenWithNullSubject(); + TbsV2CertListGenerate(); + } + + public override string Name + { + get { return "Generation"; } + } + + public static void Main( + string[] args) + { + RunTest(new GenerationTest()); + } + + [Test] + public void TestFunction() + { + string resultText = Perform().ToString(); + + Assert.AreEqual(resultText, Name + ": Okay", resultText); + } + } +} diff --git a/BouncyCastle/crypto/test/src/asn1/test/InputStreamTest.cs b/BouncyCastle/crypto/test/src/asn1/test/InputStreamTest.cs new file mode 100644 index 0000000..8f29b41 --- /dev/null +++ b/BouncyCastle/crypto/test/src/asn1/test/InputStreamTest.cs @@ -0,0 +1,137 @@ +using System; +using System.IO; + +using NUnit.Framework; + +using Org.BouncyCastle.Utilities.Encoders; +using Org.BouncyCastle.Utilities.Test; + +namespace Org.BouncyCastle.Asn1.Tests +{ + [TestFixture] + public class InputStreamTest + : SimpleTest + { + private static readonly byte[] outOfBoundsLength = new byte[] { (byte)0x30, (byte)0xff, (byte)0xff, (byte)0xff, (byte)0xff, (byte)0xff }; + private static readonly byte[] negativeLength = new byte[] { (byte)0x30, (byte)0x84, (byte)0xff, (byte)0xff, (byte)0xff, (byte)0xff }; + private static readonly byte[] outsideLimitLength = new byte[] { (byte)0x30, (byte)0x83, (byte)0x0f, (byte)0xff, (byte)0xff }; + + private static readonly byte[] classCast1 = Base64.Decode("p1AkHmYAvfOEIrL4ESfrNg=="); + private static readonly byte[] classCast2 = Base64.Decode("JICNbaBUTTq7uxj5mg=="); + private static readonly byte[] classCast3 = Base64.Decode("JAKzADNCxhrrBSVS"); + private static readonly byte[] memoryError1 = Base64.Decode("vm66gOiEe+FV/NvujMwSkUp5Lffw5caQlaRU5sdMPC70IGWmyK2/"); + private static readonly byte[] memoryError2 = Base64.Decode("vm4ogOSEfVGsS3w+KTzb2A0ALYR8VBOQqQeuRwnsPC4AAGWEDLjd"); + + public override string Name + { + get { return "InputStream"; } + } + + public override void PerformTest() + { + Asn1InputStream aIn = new Asn1InputStream(outOfBoundsLength); + + try + { + aIn.ReadObject(); + Fail("out of bounds length not detected."); + } + catch (IOException e) + { + if (!e.Message.Equals("invalid long form definite-length 0xFF")) + { + Fail("wrong exception: " + e.Message); + } + } + + // NOTE: Not really a "negative" length, but 32 bits + aIn = new Asn1InputStream(negativeLength); + + try + { + aIn.ReadObject(); + Fail("negative length not detected."); + } + catch (IOException e) + { + if (!e.Message.Equals("long form definite-length more than 31 bits")) + { + Fail("wrong exception: " + e.Message); + } + } + + aIn = new Asn1InputStream(outsideLimitLength); + + try + { + aIn.ReadObject(); + Fail("outside limit length not detected."); + } + catch (IOException e) + { + if (!e.Message.Equals("corrupted stream - out of bounds length found: 1048575 >= 5")) + { + Fail("wrong exception: " + e.Message); + } + } + + // TODO Test data has length issues too; needs to be reworked + //DoTestWithByteArray(classCast1, "unknown object encountered: Org.BouncyCastle.Asn1.DerApplicationSpecific"); + DoTestWithByteArray(classCast2, "unknown object encountered: Org.BouncyCastle.Asn1.DLTaggedObjectParser"); + DoTestWithByteArray(classCast3, "unknown object encountered in constructed OCTET STRING: Org.BouncyCastle.Asn1.DLTaggedObject"); + + // TODO Error dependent on parser choices; needs to be reworked + //DoTestWithByteArray(memoryError1, "corrupted stream - out of bounds length found: 2078365180 >= 39"); + //DoTestWithByteArray(memoryError2, "corrupted stream - out of bounds length found: 2102504523 >= 39"); + } + + private void DoTestWithByteArray(byte[] data, string message) + { + try + { + Asn1InputStream input = new Asn1InputStream(data); + + IAsn1Convertible p; + while ((p = input.ReadObject()) != null) + { + Asn1Sequence asn1 = Asn1Sequence.GetInstance(p); + for (int i = 0; i < asn1.Count; i++) + { + IAsn1Convertible c = asn1[i]; + } + } + } + catch (IOException e) + { + IsEquals(e.Message, message, e.Message); + } + // TODO Without InMemoryRepresentable, the IOException may be swapped/wrapped with an Asn1ParsingException + catch (Asn1ParsingException e) + { + Exception messageException = e; + + IOException ioe = e.InnerException as IOException; + if (ioe != null) + { + messageException = ioe; + } + + IsEquals(messageException.Message, message, messageException.Message); + } + } + + public static void Main( + string[] args) + { + RunTest(new InputStreamTest()); + } + + [Test] + public void TestFunction() + { + string resultText = Perform().ToString(); + + Assert.AreEqual(Name + ": Okay", resultText); + } + } +} diff --git a/BouncyCastle/crypto/test/src/asn1/test/Iso4217CurrencyCodeUnitTest.cs b/BouncyCastle/crypto/test/src/asn1/test/Iso4217CurrencyCodeUnitTest.cs new file mode 100644 index 0000000..bb6076a --- /dev/null +++ b/BouncyCastle/crypto/test/src/asn1/test/Iso4217CurrencyCodeUnitTest.cs @@ -0,0 +1,156 @@ +using System; + +using NUnit.Framework; + +using Org.BouncyCastle.Asn1; +using Org.BouncyCastle.Asn1.X509; +using Org.BouncyCastle.Asn1.X509.Qualified; +using Org.BouncyCastle.Utilities.Test; + +namespace Org.BouncyCastle.Asn1.Tests +{ + [TestFixture] + public class Iso4217CurrencyCodeUnitTest + : SimpleTest + { + private const string AlphabeticCurrencyCode = "AUD"; + private const int NUMERIC_CurrencyCode = 1; + + public override string Name + { + get { return "Iso4217CurrencyCode"; } + } + + public override void PerformTest() + { + // + // alphabetic + // + Iso4217CurrencyCode cc = new Iso4217CurrencyCode(AlphabeticCurrencyCode); + + CheckNumeric(cc, AlphabeticCurrencyCode); + + cc = Iso4217CurrencyCode.GetInstance(cc); + + CheckNumeric(cc, AlphabeticCurrencyCode); + + Asn1Object obj = cc.ToAsn1Object(); + + cc = Iso4217CurrencyCode.GetInstance(obj); + + CheckNumeric(cc, AlphabeticCurrencyCode); + + // + // numeric + // + cc = new Iso4217CurrencyCode(NUMERIC_CurrencyCode); + + CheckNumeric(cc, NUMERIC_CurrencyCode); + + cc = Iso4217CurrencyCode.GetInstance(cc); + + CheckNumeric(cc, NUMERIC_CurrencyCode); + + obj = cc.ToAsn1Object(); + + cc = Iso4217CurrencyCode.GetInstance(obj); + + CheckNumeric(cc, NUMERIC_CurrencyCode); + + cc = Iso4217CurrencyCode.GetInstance(null); + + if (cc != null) + { + Fail("null GetInstance() failed."); + } + + try + { + Iso4217CurrencyCode.GetInstance(new object()); + + Fail("GetInstance() failed to detect bad object."); + } + catch (ArgumentException) + { + // expected + } + + try + { + new Iso4217CurrencyCode("ABCD"); + + Fail("constructor failed to detect out of range currencycode."); + } + catch (ArgumentException) + { + // expected + } + + try + { + new Iso4217CurrencyCode(0); + + Fail("constructor failed to detect out of range small numeric code."); + } + catch (ArgumentException) + { + // expected + } + + try + { + new Iso4217CurrencyCode(1000); + + Fail("constructor failed to detect out of range large numeric code."); + } + catch (ArgumentException) + { + // expected + } + } + + private void CheckNumeric( + Iso4217CurrencyCode cc, + string code) + { + if (!cc.IsAlphabetic) + { + Fail("non-alphabetic code found when one expected."); + } + + if (!cc.Alphabetic.Equals(code)) + { + Fail("string codes don't match."); + } + } + + private void CheckNumeric( + Iso4217CurrencyCode cc, + int code) + { + if (cc.IsAlphabetic) + { + Fail("alphabetic code found when one not expected."); + } + + if (cc.Numeric != code) + { + Fail("numeric codes don't match."); + } + } + + public static void Main( + string[] args) + { + RunTest(new Iso4217CurrencyCodeUnitTest()); + } + + [Test] + public void TestFunction() + { + string resultText = Perform().ToString(); + + Assert.AreEqual(Name + ": Okay", resultText); + } + } +} diff --git a/BouncyCastle/crypto/test/src/asn1/test/IssuingDistributionPointTest.cs b/BouncyCastle/crypto/test/src/asn1/test/IssuingDistributionPointTest.cs new file mode 100644 index 0000000..f23edfa --- /dev/null +++ b/BouncyCastle/crypto/test/src/asn1/test/IssuingDistributionPointTest.cs @@ -0,0 +1,133 @@ +using System; + +using NUnit.Framework; + +using Org.BouncyCastle.Asn1; +using Org.BouncyCastle.Asn1.X509; +using Org.BouncyCastle.Utilities.Test; + +namespace Org.BouncyCastle.Asn1.Tests +{ + [TestFixture] + public class IssuingDistributionPointUnitTest + : SimpleTest + { + public override string Name + { + get { return "IssuingDistributionPoint"; } + } + + public override void PerformTest() + { + DistributionPointName name = new DistributionPointName( + new GeneralNames(new GeneralName(new X509Name("cn=test")))); + ReasonFlags reasonFlags = new ReasonFlags(ReasonFlags.CACompromise); + + checkPoint(6, name, true, true, reasonFlags, true, true); + + checkPoint(2, name, false, false, reasonFlags, false, false); + + checkPoint(0, null, false, false, null, false, false); + + try + { + IssuingDistributionPoint.GetInstance(new object()); + + Fail("GetInstance() failed to detect bad object."); + } + catch (ArgumentException) + { + // expected + } + } + + private void checkPoint( + int size, + DistributionPointName distributionPoint, + bool onlyContainsUserCerts, + bool onlyContainsCACerts, + ReasonFlags onlySomeReasons, + bool indirectCRL, + bool onlyContainsAttributeCerts) + { + IssuingDistributionPoint point = new IssuingDistributionPoint(distributionPoint, onlyContainsUserCerts, onlyContainsCACerts, onlySomeReasons, indirectCRL, onlyContainsAttributeCerts); + + checkValues(point, distributionPoint, onlyContainsUserCerts, onlyContainsCACerts, onlySomeReasons, indirectCRL, onlyContainsAttributeCerts); + + Asn1Sequence seq = Asn1Sequence.GetInstance(Asn1Object.FromByteArray(point.GetEncoded())); + + if (seq.Count != size) + { + Fail("size mismatch"); + } + + point = IssuingDistributionPoint.GetInstance(seq); + + checkValues(point, distributionPoint, onlyContainsUserCerts, onlyContainsCACerts, onlySomeReasons, indirectCRL, onlyContainsAttributeCerts); + } + + private void checkValues( + IssuingDistributionPoint point, + DistributionPointName distributionPoint, + bool onlyContainsUserCerts, + bool onlyContainsCACerts, + ReasonFlags onlySomeReasons, + bool indirectCRL, + bool onlyContainsAttributeCerts) + { + if (point.OnlyContainsUserCerts != onlyContainsUserCerts) + { + Fail("mismatch on onlyContainsUserCerts"); + } + + if (point.OnlyContainsCACerts != onlyContainsCACerts) + { + Fail("mismatch on onlyContainsCACerts"); + } + + if (point.IsIndirectCrl != indirectCRL) + { + Fail("mismatch on indirectCRL"); + } + + if (point.OnlyContainsAttributeCerts != onlyContainsAttributeCerts) + { + Fail("mismatch on onlyContainsAttributeCerts"); + } + + if (!isEquiv(onlySomeReasons, point.OnlySomeReasons)) + { + Fail("mismatch on onlySomeReasons"); + } + + if (!isEquiv(distributionPoint, point.DistributionPoint)) + { + Fail("mismatch on distributionPoint"); + } + } + + private bool isEquiv(object o1, object o2) + { + if (o1 == null) + { + return o2 == null; + } + + return o1.Equals(o2); + } + + public static void Main( + string[] args) + { + RunTest(new IssuingDistributionPointUnitTest()); + } + + [Test] + public void TestFunction() + { + string resultText = Perform().ToString(); + + Assert.AreEqual(Name + ": Okay", resultText); + } + } +} diff --git a/BouncyCastle/crypto/test/src/asn1/test/KMacParamsTest.cs b/BouncyCastle/crypto/test/src/asn1/test/KMacParamsTest.cs new file mode 100644 index 0000000..a3d8269 --- /dev/null +++ b/BouncyCastle/crypto/test/src/asn1/test/KMacParamsTest.cs @@ -0,0 +1,90 @@ +using System; + +using NUnit.Framework; + +using Org.BouncyCastle.Asn1.Nist; +using Org.BouncyCastle.Utilities; +using Org.BouncyCastle.Utilities.Test; + +namespace Org.BouncyCastle.Asn1.Tests +{ + [TestFixture] + public class KMacParamsTest + : SimpleTest + { + public override string Name + { + get { return "KMacParamsTest"; } + } + + public override void PerformTest() + { + Assert.IsTrue(Arrays.AreEqual(new KMacWithShake128Params(256).GetEncoded(), new DerSequence().GetEncoded())); + Assert.IsTrue(Arrays.AreEqual(new KMacWithShake256Params(512).GetEncoded(), new DerSequence().GetEncoded())); + + Assert.IsTrue(Arrays.AreEqual(new KMacWithShake128Params(512).GetEncoded(), new DerSequence(new DerInteger(512)).GetEncoded())); + Assert.IsTrue(Arrays.AreEqual(new KMacWithShake256Params(256).GetEncoded(), new DerSequence(new DerInteger(256)).GetEncoded())); + + Assert.IsTrue(Arrays.AreEqual(new KMacWithShake128Params(512).GetEncoded(), KMacWithShake128Params.GetInstance(new DerSequence(new DerInteger(512))).GetEncoded())); + Assert.IsTrue(Arrays.AreEqual(new KMacWithShake256Params(256).GetEncoded(), KMacWithShake256Params.GetInstance(new DerSequence(new DerInteger(256))).GetEncoded())); + + byte[] customizationString = Strings.ToByteArray("hello, world!"); + + Assert.IsTrue(Arrays.AreEqual(new KMacWithShake128Params(512, customizationString).GetEncoded(), new DerSequence( + new Asn1Encodable[] { new DerInteger(512), new DerOctetString(customizationString) }).GetEncoded())); + Assert.IsTrue(Arrays.AreEqual(new KMacWithShake256Params(256, customizationString).GetEncoded(), new DerSequence( + new Asn1Encodable[] { new DerInteger(256), new DerOctetString(customizationString) }).GetEncoded())); + + Assert.IsTrue(Arrays.AreEqual(new KMacWithShake128Params(512, customizationString).GetEncoded(), + KMacWithShake128Params.GetInstance( + new DerSequence(new Asn1Encodable[] { new DerInteger(512), new DerOctetString(customizationString) })).GetEncoded())); + Assert.IsTrue(Arrays.AreEqual(new KMacWithShake256Params(256, customizationString).GetEncoded(), + KMacWithShake256Params.GetInstance(new DerSequence( + new Asn1Encodable[] { new DerInteger(256), new DerOctetString(customizationString) })).GetEncoded())); + + Assert.IsTrue(Arrays.AreEqual(new KMacWithShake128Params(256, customizationString).GetEncoded(), new DerSequence( + new Asn1Encodable[] { new DerOctetString(customizationString) }).GetEncoded())); + Assert.IsTrue(Arrays.AreEqual(new KMacWithShake256Params(512, customizationString).GetEncoded(), new DerSequence( + new Asn1Encodable[] { new DerOctetString(customizationString) }).GetEncoded())); + + Assert.IsTrue(Arrays.AreEqual(new KMacWithShake128Params(256, customizationString).GetEncoded(), + KMacWithShake128Params.GetInstance( + new DerSequence(new Asn1Encodable[] { new DerOctetString(customizationString) })).GetEncoded())); + Assert.IsTrue(Arrays.AreEqual(new KMacWithShake256Params(512, customizationString).GetEncoded(), + KMacWithShake256Params.GetInstance(new DerSequence( + new Asn1Encodable[] { new DerOctetString(customizationString) })).GetEncoded())); + + KMacWithShake128Params p128 = new KMacWithShake128Params(256, customizationString); + Assert.AreEqual(256, p128.OutputLength); + Assert.IsTrue(Arrays.AreEqual(customizationString, p128.CustomizationString)); + Assert.IsTrue(p128 == KMacWithShake128Params.GetInstance(p128)); + + KMacWithShake256Params p256 = new KMacWithShake256Params(512, customizationString); + Assert.AreEqual(512, p256.OutputLength); + Assert.IsTrue(Arrays.AreEqual(customizationString, p256.CustomizationString)); + Assert.IsTrue(p256 == KMacWithShake256Params.GetInstance(p256)); + + p128 = new KMacWithShake128Params(512); + Assert.AreEqual(512, p128.OutputLength); + Assert.IsTrue(Arrays.AreEqual(new byte[0], p128.CustomizationString)); + + p256 = new KMacWithShake256Params(256); + Assert.AreEqual(256, p256.OutputLength); + Assert.IsTrue(Arrays.AreEqual(new byte[0], p256.CustomizationString)); + } + + public static void Main( + string[] args) + { + RunTest(new KMacParamsTest()); + } + + [Test] + public void TestFunction() + { + string resultText = Perform().ToString(); + + Assert.AreEqual(resultText, Name + ": Okay", resultText); + } + } +} diff --git a/BouncyCastle/crypto/test/src/asn1/test/KeyUsageTest.cs b/BouncyCastle/crypto/test/src/asn1/test/KeyUsageTest.cs new file mode 100644 index 0000000..d7ed365 --- /dev/null +++ b/BouncyCastle/crypto/test/src/asn1/test/KeyUsageTest.cs @@ -0,0 +1,49 @@ +using System; + +using NUnit.Framework; + +using Org.BouncyCastle.Asn1.X509; +using Org.BouncyCastle.Utilities.Test; + +namespace Org.BouncyCastle.Asn1.Tests +{ + [TestFixture] + public class KeyUsageTest + : SimpleTest + { + public override string Name + { + get + { + return "KeyUsage"; + } + } + + public override void PerformTest() + { + BitStringConstantTester.testFlagValueCorrect(0, KeyUsage.DigitalSignature); + BitStringConstantTester.testFlagValueCorrect(1, KeyUsage.NonRepudiation); + BitStringConstantTester.testFlagValueCorrect(2, KeyUsage.KeyEncipherment); + BitStringConstantTester.testFlagValueCorrect(3, KeyUsage.DataEncipherment); + BitStringConstantTester.testFlagValueCorrect(4, KeyUsage.KeyAgreement); + BitStringConstantTester.testFlagValueCorrect(5, KeyUsage.KeyCertSign); + BitStringConstantTester.testFlagValueCorrect(6, KeyUsage.CrlSign); + BitStringConstantTester.testFlagValueCorrect(7, KeyUsage.EncipherOnly); + BitStringConstantTester.testFlagValueCorrect(8, KeyUsage.DecipherOnly); + } + + public static void Main( + string[] args) + { + RunTest(new KeyUsageTest()); + } + + [Test] + public void TestFunction() + { + string resultText = Perform().ToString(); + + Assert.AreEqual(Name + ": Okay", resultText); + } + } +} diff --git a/BouncyCastle/crypto/test/src/asn1/test/LDSSecurityObjectUnitTest.cs b/BouncyCastle/crypto/test/src/asn1/test/LDSSecurityObjectUnitTest.cs new file mode 100644 index 0000000..5453996 --- /dev/null +++ b/BouncyCastle/crypto/test/src/asn1/test/LDSSecurityObjectUnitTest.cs @@ -0,0 +1,209 @@ +using System; + +using NUnit.Framework; + +using Org.BouncyCastle.Asn1; +using Org.BouncyCastle.Asn1.Icao; +using Org.BouncyCastle.Asn1.Oiw; +using Org.BouncyCastle.Asn1.X509; +using Org.BouncyCastle.Math; +using Org.BouncyCastle.Utilities.Test; + +namespace Org.BouncyCastle.Asn1.Tests +{ + [TestFixture] + public class LDSSecurityObjectUnitTest + : SimpleTest + { + public override string Name + { + get { return "LDSSecurityObject"; } + } + + private byte[] GenerateHash() + { + Random rand = new Random(); + byte[] bytes = new byte[20]; + rand.NextBytes(bytes); + return bytes; + } + + public override void PerformTest() + { + AlgorithmIdentifier algoId = new AlgorithmIdentifier(OiwObjectIdentifiers.IdSha1); + DataGroupHash[] datas = new DataGroupHash[2]; + + datas[0] = new DataGroupHash(1, new DerOctetString(GenerateHash())); + datas[1] = new DataGroupHash(2, new DerOctetString(GenerateHash())); + + LdsSecurityObject so = new LdsSecurityObject(algoId, datas); + + CheckConstruction(so, algoId, datas); + + LdsVersionInfo versionInfo = new LdsVersionInfo("Hello", "world"); + + so = new LdsSecurityObject(algoId, datas, versionInfo); + + CheckConstruction(so, algoId, datas, versionInfo); + + try + { + LdsSecurityObject.GetInstance(null); + } + catch (Exception) + { + Fail("GetInstance() failed to handle null."); + } + + try + { + LdsSecurityObject.GetInstance(new object()); + + Fail("GetInstance() failed to detect bad object."); + } + catch (ArgumentException) + { + // expected + } + + try + { + LdsSecurityObject.GetInstance(DerSequence.Empty); + + Fail("constructor failed to detect empty sequence."); + } + catch (ArgumentException) + { + // expected + } + + try + { + new LdsSecurityObject(algoId, new DataGroupHash[1]); + + Fail("constructor failed to detect small DataGroupHash array."); + } + catch (ArgumentException) + { + // expected + } + + try + { + new LdsSecurityObject(algoId, new DataGroupHash[LdsSecurityObject.UBDataGroups + 1]); + + Fail("constructor failed to out of bounds DataGroupHash array."); + } + catch (ArgumentException) + { + // expected + } + } + + private void CheckConstruction( + LdsSecurityObject so, + AlgorithmIdentifier digestAlgorithmIdentifier, + DataGroupHash[] datagroupHash) + { + CheckStatement(so, digestAlgorithmIdentifier, datagroupHash, null); + + so = LdsSecurityObject.GetInstance(so); + + CheckStatement(so, digestAlgorithmIdentifier, datagroupHash, null); + + Asn1Sequence seq = (Asn1Sequence) Asn1Object.FromByteArray( + so.ToAsn1Object().GetEncoded()); + + so = LdsSecurityObject.GetInstance(seq); + + CheckStatement(so, digestAlgorithmIdentifier, datagroupHash, null); + } + + private void CheckConstruction( + LdsSecurityObject so, + AlgorithmIdentifier digestAlgorithmIdentifier, + DataGroupHash[] datagroupHash, + LdsVersionInfo versionInfo) + { + if (!so.Version.Equals(BigInteger.One)) + { + Fail("version number not 1"); + } + + CheckStatement(so, digestAlgorithmIdentifier, datagroupHash, versionInfo); + + so = LdsSecurityObject.GetInstance(so); + + CheckStatement(so, digestAlgorithmIdentifier, datagroupHash, versionInfo); + + Asn1Sequence seq = (Asn1Sequence) Asn1Object.FromByteArray( + so.ToAsn1Object().GetEncoded()); + + so = LdsSecurityObject.GetInstance(seq); + + CheckStatement(so, digestAlgorithmIdentifier, datagroupHash, versionInfo); + } + + private void CheckStatement( + LdsSecurityObject so, + AlgorithmIdentifier digestAlgorithmIdentifier, + DataGroupHash[] datagroupHash, + LdsVersionInfo versionInfo) + { + if (digestAlgorithmIdentifier != null) + { + if (!so.DigestAlgorithmIdentifier.Equals(digestAlgorithmIdentifier)) + { + Fail("ids don't match."); + } + } + else if (so.DigestAlgorithmIdentifier != null) + { + Fail("digest algorithm Id found when none expected."); + } + + if (datagroupHash != null) + { + DataGroupHash[] datas = so.GetDatagroupHash(); + + for (int i = 0; i != datas.Length; i++) + { + if (!datagroupHash[i].Equals(datas[i])) + { + Fail("name registration authorities don't match."); + } + } + } + else if (so.GetDatagroupHash() != null) + { + Fail("data hash groups found when none expected."); + } + + if (versionInfo != null) + { + if (!versionInfo.Equals(so.VersionInfo)) + { + Fail("versionInfo doesn't match"); + } + } + else if (so.VersionInfo != null) + { + Fail("version info found when none expected."); + } + } + + public static void Main( + string[] args) + { + RunTest(new LDSSecurityObjectUnitTest()); + } + + [Test] + public void TestFunction() + { + string resultText = Perform().ToString(); + + Assert.AreEqual(Name + ": Okay", resultText); + } + } +} diff --git a/BouncyCastle/crypto/test/src/asn1/test/LinkedCertificateTest.cs b/BouncyCastle/crypto/test/src/asn1/test/LinkedCertificateTest.cs new file mode 100644 index 0000000..1ac5ab0 --- /dev/null +++ b/BouncyCastle/crypto/test/src/asn1/test/LinkedCertificateTest.cs @@ -0,0 +1,97 @@ +using System; + +using NUnit.Framework; + +using Org.BouncyCastle.Asn1.BC; +using Org.BouncyCastle.Asn1.Nist; +using Org.BouncyCastle.Asn1.X509; + +namespace Org.BouncyCastle.Asn1.Tests +{ + [TestFixture] + public class LinkedCertificateTest + : Asn1UnitTest + { + public override string Name + { + get { return "LinkedCertificate"; } + } + + public override void PerformTest() + { + DigestInfo digInfo = new DigestInfo(new AlgorithmIdentifier(NistObjectIdentifiers.IdSha256), new byte[32]); + GeneralName certLocation = new GeneralName(GeneralName.UniformResourceIdentifier, "https://www.bouncycastle.org/certs"); + X509Name certIssuer = null; + GeneralNames cACerts = null; + + LinkedCertificate linked = new LinkedCertificate(digInfo, certLocation); + + CheckConstruction(linked, digInfo, certLocation, certIssuer, cACerts); + + certIssuer = new X509Name("CN=Test"); + cACerts = new GeneralNames(new GeneralName(new X509Name("CN=CA Test"))); + + linked = new LinkedCertificate(digInfo, certLocation, certIssuer, cACerts); + + CheckConstruction(linked, digInfo, certLocation, certIssuer, cACerts); + + linked = LinkedCertificate.GetInstance(null); + + if (linked != null) + { + Fail("null getInstance() failed."); + } + + try + { + LinkedCertificate.GetInstance(new object()); + + Fail("getInstance() failed to detect bad object."); + } + catch (ArgumentException) + { + // expected + } + } + + private void CheckConstruction(LinkedCertificate linked, DigestInfo digestInfo, GeneralName certLocation, + X509Name certIssuer, GeneralNames caCerts) + { + CheckValues(linked, digestInfo, certLocation, certIssuer, caCerts); + + linked = LinkedCertificate.GetInstance(linked); + + CheckValues(linked, digestInfo, certLocation, certIssuer, caCerts); + + Asn1InputStream aIn = new Asn1InputStream(linked.ToAsn1Object().GetEncoded()); + + Asn1Sequence seq = (Asn1Sequence)aIn.ReadObject(); + + linked = LinkedCertificate.GetInstance(seq); + + CheckValues(linked, digestInfo, certLocation, certIssuer, caCerts); + } + + private void CheckValues(LinkedCertificate linked, DigestInfo digestInfo, GeneralName certLocation, + X509Name certIssuer, GeneralNames caCerts) + { + checkMandatoryField("digest", digestInfo, linked.Digest); + checkMandatoryField("certLocatin", certLocation, linked.CertLocation); + checkOptionalField("certIssuer", certIssuer, linked.CertIssuer); + checkOptionalField("caCerts", caCerts, linked.CACerts); + } + + public static void Main(string[] args) + { + RunTest(new LinkedCertificateTest()); + } + + [Test] + public void TestFunction() + { + string resultText = Perform().ToString(); + + Assert.AreEqual(Name + ": Okay", resultText); + } + } +} diff --git a/BouncyCastle/crypto/test/src/asn1/test/MiscTest.cs b/BouncyCastle/crypto/test/src/asn1/test/MiscTest.cs new file mode 100644 index 0000000..2d005a1 --- /dev/null +++ b/BouncyCastle/crypto/test/src/asn1/test/MiscTest.cs @@ -0,0 +1,148 @@ +using System; +using System.IO; + +using NUnit.Framework; + +using Org.BouncyCastle.Asn1.Misc; +using Org.BouncyCastle.Utilities; +using Org.BouncyCastle.Utilities.Encoders; +using Org.BouncyCastle.Utilities.Test; + +namespace Org.BouncyCastle.Asn1.Tests +{ + [TestFixture] + public class MiscTest + : SimpleTest + { + private void DoShouldFailOnExtraData() + { + // basic construction + DerBitString s1 = new DerBitString(new byte[0], 0); + + Asn1Object.FromByteArray(s1.GetEncoded()); + + Asn1Object.FromByteArray(new BerSequence(s1).GetEncoded()); + + try + { + Asn1Object obj = Asn1Object.FromByteArray(Arrays.Concatenate(s1.GetEncoded(), new byte[1])); + Fail("no exception"); + } + catch (IOException e) + { + //if (!"Extra data detected in stream".Equals(e.Message)) + if (!"extra data found after object".Equals(e.Message)) + { + Fail("wrong exception"); + } + } + } + + private void DoDerIntegerTest() + { + try + { + new DerInteger(new byte[] { 0, 0, 0, 1}); + } + catch (ArgumentException e) + { + IsTrue("wrong exc", e.Message.StartsWith("malformed integer")); + } + + try + { + new DerInteger(new byte[] {(byte)0xff, (byte)0x80, 0, 1}); + } + catch (ArgumentException e) + { + IsTrue("wrong exc", e.Message.StartsWith("malformed integer")); + } + + try + { + new DerEnumerated(new byte[] { 0, 0, 0, 1}); + } + catch (ArgumentException e) + { + IsTrue("wrong exc", e.Message.StartsWith("malformed enumerated")); + } + + try + { + new DerEnumerated(new byte[] {(byte)0xff, (byte)0x80, 0, 1}); + } + catch (ArgumentException e) + { + IsTrue("wrong exc", e.Message.StartsWith("malformed enumerated")); + } + } + + public override void PerformTest() + { + byte[] testIv = { 1, 2, 3, 4, 5, 6, 7, 8 }; + + Asn1Encodable[] values = + { + new Cast5CbcParameters(testIv, 128), + new NetscapeCertType(NetscapeCertType.Smime), + new VerisignCzagExtension(new DerIA5String("hello")), + new IdeaCbcPar(testIv), + new NetscapeRevocationUrl(new DerIA5String("http://test")) + }; + + byte[] data = Base64.Decode("MA4ECAECAwQFBgcIAgIAgAMCBSAWBWhlbGxvMAoECAECAwQFBgcIFgtodHRwOi8vdGVzdA=="); + + MemoryStream bOut = new MemoryStream(); + Asn1OutputStream aOut = Asn1OutputStream.Create(bOut); + + for (int i = 0; i != values.Length; i++) + { + aOut.WriteObject(values[i]); + } + + if (!Arrays.AreEqual(bOut.ToArray(), data)) + { + Fail("Failed data check"); + } + + Asn1InputStream aIn = new Asn1InputStream(bOut.ToArray()); + + for (int i = 0; i != values.Length; i++) + { + Asn1Object o = aIn.ReadObject(); + + if (!values[i].Equals(o)) + { + Fail("Failed equality test for " + o); + } + + if (o.GetHashCode() != values[i].GetHashCode()) + { + Fail("Failed hashCode test for " + o); + } + } + + DoShouldFailOnExtraData(); + DoDerIntegerTest(); + } + + public override string Name + { + get { return "Misc"; } + } + + public static void Main( + string[] args) + { + RunTest(new MiscTest()); + } + + [Test] + public void TestFunction() + { + string resultText = Perform().ToString(); + + Assert.AreEqual(Name + ": Okay", resultText); + } + } +} diff --git a/BouncyCastle/crypto/test/src/asn1/test/MonetaryLimitUnitTest.cs b/BouncyCastle/crypto/test/src/asn1/test/MonetaryLimitUnitTest.cs new file mode 100644 index 0000000..cdeb2ec --- /dev/null +++ b/BouncyCastle/crypto/test/src/asn1/test/MonetaryLimitUnitTest.cs @@ -0,0 +1,93 @@ +using System; + +using NUnit.Framework; + +using Org.BouncyCastle.Asn1.IsisMtt.X509; + +namespace Org.BouncyCastle.Asn1.Tests +{ + [TestFixture] + public class MonetaryLimitUnitTest + : Asn1UnitTest + { + public override string Name + { + get { return "MonetaryLimit"; } + } + + public override void PerformTest() + { + string currency = "AUD"; + int amount = 1; + int exponent = 2; + + MonetaryLimit limit = new MonetaryLimit(currency, amount, exponent); + + checkConstruction(limit, currency, amount, exponent); + + limit = MonetaryLimit.GetInstance(null); + + if (limit != null) + { + Fail("null GetInstance() failed."); + } + + try + { + MonetaryLimit.GetInstance(new Object()); + + Fail("GetInstance() failed to detect bad object."); + } + catch (ArgumentException) + { + // expected + } + } + + private void checkConstruction( + MonetaryLimit limit, + string currency, + int amount, + int exponent) + { + checkValues(limit, currency, amount, exponent); + + limit = MonetaryLimit.GetInstance(limit); + + checkValues(limit, currency, amount, exponent); + + Asn1InputStream aIn = new Asn1InputStream(limit.ToAsn1Object().GetEncoded()); + + Asn1Sequence seq = (Asn1Sequence) aIn.ReadObject(); + + limit = MonetaryLimit.GetInstance(seq); + + checkValues(limit, currency, amount, exponent); + } + + private void checkValues( + MonetaryLimit limit, + string currency, + int amount, + int exponent) + { + checkMandatoryField("currency", currency, limit.Currency); + checkMandatoryField("amount", amount, limit.Amount.IntValue); + checkMandatoryField("exponent", exponent, limit.Exponent.IntValue); + } + + public static void Main( + string[] args) + { + RunTest(new MonetaryLimitUnitTest()); + } + + [Test] + public void TestFunction() + { + string resultText = Perform().ToString(); + + Assert.AreEqual(Name + ": Okay", resultText); + } + } +} diff --git a/BouncyCastle/crypto/test/src/asn1/test/MonetaryValueUnitTest.cs b/BouncyCastle/crypto/test/src/asn1/test/MonetaryValueUnitTest.cs new file mode 100644 index 0000000..c75d745 --- /dev/null +++ b/BouncyCastle/crypto/test/src/asn1/test/MonetaryValueUnitTest.cs @@ -0,0 +1,99 @@ +using System; + +using NUnit.Framework; + +using Org.BouncyCastle.Asn1; +using Org.BouncyCastle.Asn1.X509; +using Org.BouncyCastle.Asn1.X509.Qualified; +using Org.BouncyCastle.Utilities.Test; + +namespace Org.BouncyCastle.Asn1.Tests +{ + [TestFixture] + public class MonetaryValueUnitTest + : SimpleTest + { + private const int TestAmount = 100; + private const int ZeroExponent = 0; + + private const string CurrencyCode = "AUD"; + + public override string Name + { + get { return "MonetaryValue"; } + } + + public override void PerformTest() + { + MonetaryValue mv = new MonetaryValue(new Iso4217CurrencyCode(CurrencyCode), TestAmount, ZeroExponent); + + CheckValues(mv, TestAmount, ZeroExponent); + + mv = MonetaryValue.GetInstance(mv); + + CheckValues(mv, TestAmount, ZeroExponent); + + Asn1Sequence seq = (Asn1Sequence) Asn1Object.FromByteArray( + mv.ToAsn1Object().GetEncoded()); + + mv = MonetaryValue.GetInstance(seq); + + CheckValues(mv, TestAmount, ZeroExponent); + + mv = MonetaryValue.GetInstance(null); + + if (mv != null) + { + Fail("null GetInstance() failed."); + } + + try + { + MonetaryValue.GetInstance(new object()); + + Fail("GetInstance() failed to detect bad object."); + } + catch (ArgumentException) + { + // expected + } + } + + private void CheckValues( + MonetaryValue mv, + int amount, + int exponent) + { + if (mv.Amount.IntValue != amount) + { + Fail("amounts don't match."); + } + + if (mv.Exponent.IntValue != exponent) + { + Fail("exponents don't match."); + } + + Iso4217CurrencyCode cc = mv.Currency; + + if (!cc.Alphabetic.Equals(CurrencyCode)) + { + Fail("currency code wrong"); + } + } + + public static void Main( + string[] args) + { + RunTest(new MonetaryValueUnitTest()); + } + + [Test] + public void TestFunction() + { + string resultText = Perform().ToString(); + + Assert.AreEqual(Name + ": Okay", resultText); + } + } +} diff --git a/BouncyCastle/crypto/test/src/asn1/test/NameOrPseudonymUnitTest.cs b/BouncyCastle/crypto/test/src/asn1/test/NameOrPseudonymUnitTest.cs new file mode 100644 index 0000000..45f6661 --- /dev/null +++ b/BouncyCastle/crypto/test/src/asn1/test/NameOrPseudonymUnitTest.cs @@ -0,0 +1,114 @@ +using System; + +using NUnit.Framework; + +using Org.BouncyCastle.Asn1.X500; +using Org.BouncyCastle.Asn1.X509.SigI; + +namespace Org.BouncyCastle.Asn1.Tests +{ + [TestFixture] + public class NameOrPseudonymUnitTest + : Asn1UnitTest + { + public override string Name + { + get { return "NameOrPseudonym"; } + } + + public override void PerformTest() + { + string pseudonym = "pseudonym"; + DirectoryString surname = new DirectoryString("surname"); + Asn1Sequence givenName = new DerSequence(new DirectoryString("givenName")); + + NameOrPseudonym id = new NameOrPseudonym(pseudonym); + + checkConstruction(id, pseudonym, null, null); + + id = new NameOrPseudonym(surname, givenName); + + checkConstruction(id, null, surname, givenName); + + id = NameOrPseudonym.GetInstance(null); + + if (id != null) + { + Fail("null GetInstance() failed."); + } + + try + { + NameOrPseudonym.GetInstance(new Object()); + + Fail("GetInstance() failed to detect bad object."); + } + catch (ArgumentException) + { + // expected + } + } + + private void checkConstruction( + NameOrPseudonym id, + string pseudonym, + DirectoryString surname, + Asn1Sequence givenName) + { + checkValues(id, pseudonym, surname, givenName); + + id = NameOrPseudonym.GetInstance(id); + + checkValues(id, pseudonym, surname, givenName); + + Asn1InputStream aIn = new Asn1InputStream(id.ToAsn1Object().GetEncoded()); + + if (surname != null) + { + Asn1Sequence seq = (Asn1Sequence) aIn.ReadObject(); + + id = NameOrPseudonym.GetInstance(seq); + } + else + { + IAsn1String s = (IAsn1String) aIn.ReadObject(); + + id = NameOrPseudonym.GetInstance(s); + } + + checkValues(id, pseudonym, surname, givenName); + } + + private void checkValues( + NameOrPseudonym id, + string pseudonym, + DirectoryString surname, + Asn1Sequence givenName) + { + + if (surname != null) + { + checkMandatoryField("surname", surname, id.Surname); + checkMandatoryField("givenName", givenName, new DerSequence(id.GetGivenName()[0])); + } + else + { + checkOptionalField("pseudonym", new DirectoryString(pseudonym), id.Pseudonym); + } + } + + public static void Main( + string[] args) + { + RunTest(new NameOrPseudonymUnitTest()); + } + + [Test] + public void TestFunction() + { + string resultText = Perform().ToString(); + + Assert.AreEqual(Name + ": Okay", resultText); + } + } +} diff --git a/BouncyCastle/crypto/test/src/asn1/test/NamingAuthorityUnitTest.cs b/BouncyCastle/crypto/test/src/asn1/test/NamingAuthorityUnitTest.cs new file mode 100644 index 0000000..787b2c3 --- /dev/null +++ b/BouncyCastle/crypto/test/src/asn1/test/NamingAuthorityUnitTest.cs @@ -0,0 +1,106 @@ +using System; + +using NUnit.Framework; + +using Org.BouncyCastle.Asn1.IsisMtt.X509; +using Org.BouncyCastle.Asn1.X500; + +namespace Org.BouncyCastle.Asn1.Tests +{ + [TestFixture] + public class NamingAuthorityUnitTest + : Asn1UnitTest + { + public override string Name + { + get { return "NamingAuthority"; } + } + + public override void PerformTest() + { + DerObjectIdentifier namingAuthorityID = new DerObjectIdentifier("1.2.3"); + string namingAuthorityURL = "url"; + DirectoryString namingAuthorityText = new DirectoryString("text"); + + NamingAuthority auth = new NamingAuthority(namingAuthorityID, namingAuthorityURL, namingAuthorityText); + + checkConstruction(auth, namingAuthorityID, namingAuthorityURL, namingAuthorityText); + + auth = new NamingAuthority(null, namingAuthorityURL, namingAuthorityText); + + checkConstruction(auth, null, namingAuthorityURL, namingAuthorityText); + + auth = new NamingAuthority(namingAuthorityID, null, namingAuthorityText); + + checkConstruction(auth, namingAuthorityID, null, namingAuthorityText); + + auth = new NamingAuthority(namingAuthorityID, namingAuthorityURL, null); + + checkConstruction(auth, namingAuthorityID, namingAuthorityURL, null); + + auth = NamingAuthority.GetInstance(null); + + if (auth != null) + { + Fail("null GetInstance() failed."); + } + + try + { + NamingAuthority.GetInstance(new Object()); + + Fail("GetInstance() failed to detect bad object."); + } + catch (ArgumentException) + { + // expected + } + } + + private void checkConstruction( + NamingAuthority auth, + DerObjectIdentifier namingAuthorityID, + string namingAuthorityURL, + DirectoryString namingAuthorityText) + { + checkValues(auth, namingAuthorityID, namingAuthorityURL, namingAuthorityText); + + auth = NamingAuthority.GetInstance(auth); + + checkValues(auth, namingAuthorityID, namingAuthorityURL, namingAuthorityText); + + Asn1InputStream aIn = new Asn1InputStream(auth.ToAsn1Object().GetEncoded()); + + Asn1Sequence seq = (Asn1Sequence) aIn.ReadObject(); + + auth = NamingAuthority.GetInstance(seq); + + checkValues(auth, namingAuthorityID, namingAuthorityURL, namingAuthorityText); + } + + private void checkValues( + NamingAuthority auth, + DerObjectIdentifier namingAuthorityId, + string namingAuthorityURL, + DirectoryString namingAuthorityText) + { + checkOptionalField("namingAuthorityId", namingAuthorityId, auth.NamingAuthorityID); + checkOptionalField("namingAuthorityURL", namingAuthorityURL, auth.NamingAuthorityUrl); + checkOptionalField("namingAuthorityText", namingAuthorityText, auth.NamingAuthorityText); + } + + public static void Main( + string[] args) + { + RunTest(new NamingAuthorityUnitTest()); + } + + [Test] + public void TestFunction() + { + string resultText = Perform().ToString(); + + Assert.AreEqual(Name + ": Okay", resultText); + } + } +} diff --git a/BouncyCastle/crypto/test/src/asn1/test/NetscapeCertTypeTest.cs b/BouncyCastle/crypto/test/src/asn1/test/NetscapeCertTypeTest.cs new file mode 100644 index 0000000..8db5d99 --- /dev/null +++ b/BouncyCastle/crypto/test/src/asn1/test/NetscapeCertTypeTest.cs @@ -0,0 +1,45 @@ +using System; + +using NUnit.Framework; + +using Org.BouncyCastle.Asn1.Misc; +using Org.BouncyCastle.Utilities.Test; + +namespace Org.BouncyCastle.Asn1.Tests +{ + [TestFixture] + public class NetscapeCertTypeTest + : SimpleTest + { + public override string Name + { + get { return "NetscapeCertType"; } + } + + public override void PerformTest() + { + BitStringConstantTester.testFlagValueCorrect(0, NetscapeCertType.SslClient); + BitStringConstantTester.testFlagValueCorrect(1, NetscapeCertType.SslServer); + BitStringConstantTester.testFlagValueCorrect(2, NetscapeCertType.Smime); + BitStringConstantTester.testFlagValueCorrect(3, NetscapeCertType.ObjectSigning); + BitStringConstantTester.testFlagValueCorrect(4, NetscapeCertType.Reserved); + BitStringConstantTester.testFlagValueCorrect(5, NetscapeCertType.SslCA); + BitStringConstantTester.testFlagValueCorrect(6, NetscapeCertType.SmimeCA); + BitStringConstantTester.testFlagValueCorrect(7, NetscapeCertType.ObjectSigningCA); + } + + public static void Main( + string[] args) + { + RunTest(new NetscapeCertTypeTest()); + } + + [Test] + public void TestFunction() + { + string resultText = Perform().ToString(); + + Assert.AreEqual(Name + ": Okay", resultText); + } + } +} diff --git a/BouncyCastle/crypto/test/src/asn1/test/OCSPTest.cs b/BouncyCastle/crypto/test/src/asn1/test/OCSPTest.cs new file mode 100644 index 0000000..13f59d3 --- /dev/null +++ b/BouncyCastle/crypto/test/src/asn1/test/OCSPTest.cs @@ -0,0 +1,183 @@ +using System; +using System.IO; + +using NUnit.Framework; + +using Org.BouncyCastle.Asn1.Ocsp; +using Org.BouncyCastle.Utilities; +using Org.BouncyCastle.Utilities.Encoders; +using Org.BouncyCastle.Utilities.Test; + +namespace Org.BouncyCastle.Asn1.Tests +{ + [TestFixture] + public class OcspTest + : ITest + { + private static byte[] unsignedReq = Base64.Decode( + "MEIwQDA+MDwwOjAJBgUrDgMCGgUABBRDb9GODnq7lRhSkEqw4XX24huERwQUkY4j" + + "a6eKuDlkVP9hRgkEvIWqHPECAQE="); + + private static byte[] signedReq = Base64.Decode( + "MIIC9jBAMD4wPDA6MAkGBSsOAwIaBQAEFENv0Y4OeruVGFKQSrDhdfbiG4RHBBTc" + + "Mr1fP+mZAxbF2ZdehWxn6mtAngIBAaCCArAwggKsMA0GCSqGSIb3DQEBBQUAA4GB" + + "AAzHBm4nL5AcRQB3Jkz7ScNeZF+GbRZ0p4kBDTnqi3IeESuso12yJhpqqyijdnj5" + + "gd4/GsSAgdluLHyYZ6wgozV7G9MDXCnFnG4PBUW05HaVX81JYAp+amVyU0NOgNrG" + + "90npVBsHb0o+UlkxNgMiEbSkp/TeGb6YURsYKhmwp7BgoIICFTCCAhEwggINMIIB" + + "dqADAgECAgEBMA0GCSqGSIb3DQEBBAUAMCUxFjAUBgNVBAoTDUJvdW5jeSBDYXN0" + + "bGUxCzAJBgNVBAYTAkFVMB4XDTA0MTAyNDEzNDc0M1oXDTA1MDIwMTEzNDc0M1ow" + + "JTEWMBQGA1UEChMNQm91bmN5IENhc3RsZTELMAkGA1UEBhMCQVUwgZ8wDQYJKoZI" + + "hvcNAQEBBQADgY0AMIGJAoGBAJBmLeIzthMHUeTkOeJ76iBxcMHY31o/i3a9VT12" + + "y2FcS/ejJmeUCMTdtwl5alOwXY66vF4DyT1VU/nJG3mHpSoqq7qrMXOIFGcXg1Wf" + + "oJRrQgTOLdQ6bod7i9ME/EjEJy70orh0nVS7NGcu0R5TjcbLde2J5zxjb/W9wqfy" + + "RovJAgMBAAGjTTBLMB0GA1UdDgQWBBTcMr1fP+mZAxbF2ZdehWxn6mtAnjAfBgNV" + + "HSMEGDAWgBTcMr1fP+mZAxbF2ZdehWxn6mtAnjAJBgNVHRMEAjAAMA0GCSqGSIb3" + + "DQEBBAUAA4GBAF/4EH1KkNrNxocJPIp7lThmG1KIVYESIadowMowrbok46ESofRF" + + "OIPku07W+e1Y1Y1KXLIiPMG3IGwrBrn04iLsbbBUiN37BcC/VyT4xKJ2MYscGjKL" + + "ua/9bU0lOyeTRAwqb8towWRd5lLYAI3RQ7dhStUTFp3Vqd803PJ/cpR6"); + + private static byte[] _response = Base64.Decode( + "MIIFnAoBAKCCBZUwggWRBgkrBgEFBQcwAQEEggWCMIIFfjCCARehgZ8wgZwx" + + "CzAJBgNVBAYTAklOMRcwFQYDVQQIEw5BbmRocmEgcHJhZGVzaDESMBAGA1UE" + + "BxMJSHlkZXJhYmFkMQwwCgYDVQQKEwNUQ1MxDDAKBgNVBAsTA0FUQzEeMBwG" + + "A1UEAxMVVENTLUNBIE9DU1AgUmVzcG9uZGVyMSQwIgYJKoZIhvcNAQkBFhVv" + + "Y3NwQHRjcy1jYS50Y3MuY28uaW4YDzIwMDMwNDAyMTIzNDU4WjBiMGAwOjAJ" + + "BgUrDgMCGgUABBRs07IuoCWNmcEl1oHwIak1BPnX8QQUtGyl/iL9WJ1VxjxF" + + "j0hAwJ/s1AcCAQKhERgPMjAwMjA4MjkwNzA5MjZaGA8yMDAzMDQwMjEyMzQ1" + + "OFowDQYJKoZIhvcNAQEFBQADgYEAfbN0TCRFKdhsmvOdUoiJ+qvygGBzDxD/" + + "VWhXYA+16AphHLIWNABR3CgHB3zWtdy2j7DJmQ/R7qKj7dUhWLSqclAiPgFt" + + "QQ1YvSJAYfEIdyHkxv4NP0LSogxrumANcDyC9yt/W9yHjD2ICPBIqCsZLuLk" + + "OHYi5DlwWe9Zm9VFwCGgggPMMIIDyDCCA8QwggKsoAMCAQICAQYwDQYJKoZI" + + "hvcNAQEFBQAwgZQxFDASBgNVBAMTC1RDUy1DQSBPQ1NQMSYwJAYJKoZIhvcN" + + "AQkBFhd0Y3MtY2FAdGNzLWNhLnRjcy5jby5pbjEMMAoGA1UEChMDVENTMQww" + + "CgYDVQQLEwNBVEMxEjAQBgNVBAcTCUh5ZGVyYWJhZDEXMBUGA1UECBMOQW5k" + + "aHJhIHByYWRlc2gxCzAJBgNVBAYTAklOMB4XDTAyMDgyOTA3MTE0M1oXDTAz" + + "MDgyOTA3MTE0M1owgZwxCzAJBgNVBAYTAklOMRcwFQYDVQQIEw5BbmRocmEg" + + "cHJhZGVzaDESMBAGA1UEBxMJSHlkZXJhYmFkMQwwCgYDVQQKEwNUQ1MxDDAK" + + "BgNVBAsTA0FUQzEeMBwGA1UEAxMVVENTLUNBIE9DU1AgUmVzcG9uZGVyMSQw" + + "IgYJKoZIhvcNAQkBFhVvY3NwQHRjcy1jYS50Y3MuY28uaW4wgZ8wDQYJKoZI" + + "hvcNAQEBBQADgY0AMIGJAoGBAM+XWW4caMRv46D7L6Bv8iwtKgmQu0SAybmF" + + "RJiz12qXzdvTLt8C75OdgmUomxp0+gW/4XlTPUqOMQWv463aZRv9Ust4f8MH" + + "EJh4ekP/NS9+d8vEO3P40ntQkmSMcFmtA9E1koUtQ3MSJlcs441JjbgUaVnm" + + "jDmmniQnZY4bU3tVAgMBAAGjgZowgZcwDAYDVR0TAQH/BAIwADALBgNVHQ8E" + + "BAMCB4AwEwYDVR0lBAwwCgYIKwYBBQUHAwkwNgYIKwYBBQUHAQEEKjAoMCYG" + + "CCsGAQUFBzABhhpodHRwOi8vMTcyLjE5LjQwLjExMDo3NzAwLzAtBgNVHR8E" + + "JjAkMCKgIKAehhxodHRwOi8vMTcyLjE5LjQwLjExMC9jcmwuY3JsMA0GCSqG" + + "SIb3DQEBBQUAA4IBAQB6FovM3B4VDDZ15o12gnADZsIk9fTAczLlcrmXLNN4" + + "PgmqgnwF0Ymj3bD5SavDOXxbA65AZJ7rBNAguLUo+xVkgxmoBH7R2sBxjTCc" + + "r07NEadxM3HQkt0aX5XYEl8eRoifwqYAI9h0ziZfTNes8elNfb3DoPPjqq6V" + + "mMg0f0iMS4W8LjNPorjRB+kIosa1deAGPhq0eJ8yr0/s2QR2/WFD5P4aXc8I" + + "KWleklnIImS3zqiPrq6tl2Bm8DZj7vXlTOwmraSQxUwzCKwYob1yGvNOUQTq" + + "pG6jxn7jgDawHU1+WjWQe4Q34/pWeGLysxTraMa+Ug9kPe+jy/qRX2xwvKBZ"); + + private ITestResult unSignedRequest() + { + try + { + OcspRequest req = OcspRequest.GetInstance( + Asn1Object.FromByteArray(unsignedReq)); + + if (!Arrays.AreEqual(req.GetEncoded(), unsignedReq)) + { + return new SimpleTestResult(false, Name + ": Ocsp unsigned request failed to re-encode"); + } + + return new SimpleTestResult(true, Name + ": Okay"); + } + catch (Exception e) + { + return new SimpleTestResult(false, Name + ": failed unsigned exception - " + e.ToString(), e); + } + } + + private ITestResult SignedRequest() + { + try + { + OcspRequest req = OcspRequest.GetInstance( + Asn1Object.FromByteArray(signedReq)); + + if (!Arrays.AreEqual(req.GetEncoded(), signedReq)) + { + return new SimpleTestResult(false, Name + ": Ocsp signed request failed to re-encode"); + } + + return new SimpleTestResult(true, Name + ": Okay"); + } + catch (Exception e) + { + return new SimpleTestResult(false, Name + ": failed signed exception - " + e.ToString(), e); + } + } + + private ITestResult Response() + { + try + { + OcspResponse resp = OcspResponse.GetInstance( + Asn1Object.FromByteArray(_response)); + ResponseBytes rBytes = ResponseBytes.GetInstance(resp.ResponseBytes); + + BasicOcspResponse bResp = BasicOcspResponse.GetInstance( + Asn1Object.FromByteArray(rBytes.Response.GetOctets())); + + resp = new OcspResponse( + resp.ResponseStatus, + new ResponseBytes( + rBytes.ResponseType, + new DerOctetString(bResp.GetEncoded()))); + + if (!Arrays.AreEqual(resp.GetEncoded(), _response)) + { + return new SimpleTestResult(false, Name + ": Ocsp response failed to re-encode"); + } + + return new SimpleTestResult(true, Name + ": Okay"); + } + catch (Exception e) + { + return new SimpleTestResult(false, Name + ": failed response exception - " + e.ToString(), e); + } + } + + public ITestResult Perform() + { + ITestResult res = unSignedRequest(); + + if (!res.IsSuccessful()) + { + return res; + } + + res = SignedRequest(); + if (!res.IsSuccessful()) + { + return res; + } + + return Response(); + } + + public string Name + { + get { return "Ocsp"; } + } + + public static void Main( + string[] args) + { + ITest test = new OcspTest(); + ITestResult result = test.Perform(); + + Console.WriteLine(result); + } + + [Test] + public void TestFunction() + { + string resultText = Perform().ToString(); + + Assert.AreEqual(Name + ": Okay", resultText); + } + } +} diff --git a/BouncyCastle/crypto/test/src/asn1/test/OIDTest.cs b/BouncyCastle/crypto/test/src/asn1/test/OIDTest.cs new file mode 100644 index 0000000..9a1927a --- /dev/null +++ b/BouncyCastle/crypto/test/src/asn1/test/OIDTest.cs @@ -0,0 +1,139 @@ +using System; + +using NUnit.Framework; + +using Org.BouncyCastle.Asn1.Pkcs; +using Org.BouncyCastle.Utilities; +using Org.BouncyCastle.Utilities.Encoders; +using Org.BouncyCastle.Utilities.Test; + +namespace Org.BouncyCastle.Asn1.Tests +{ + /** + * X.690 test example + */ + [TestFixture] + public class OidTest + : SimpleTest + { + private static readonly byte[] req1 = Hex.Decode("0603813403"); + private static readonly byte[] req2 = Hex.Decode("06082A36FFFFFFDD6311"); + + public override string Name + { + get { return "OID"; } + } + + private void RecodeCheck(string oid, byte[] enc) + { + DerObjectIdentifier o = new DerObjectIdentifier(oid); + DerObjectIdentifier encO = (DerObjectIdentifier) Asn1Object.FromByteArray(enc); + + if (!o.Equals(encO)) + { + Fail("oid ID didn't match", o, encO); + } + + byte[] bytes = o.GetDerEncoded(); + + if (!Arrays.AreEqual(bytes, enc)) + { + Fail("failed comparison test", Hex.ToHexString(enc), Hex.ToHexString(bytes)); + } + } + + private void CheckValid(string oid) + { + DerObjectIdentifier o = new DerObjectIdentifier(oid); + o = (DerObjectIdentifier)Asn1Object.FromByteArray(o.GetEncoded()); + + if (!o.Id.Equals(oid)) + { + Fail("failed oid check: " + oid); + } + } + + private void CheckInvalid(string oid) + { + try + { + new DerObjectIdentifier(oid); + Fail("failed to catch bad oid: " + oid); + } + catch (FormatException) + { + // expected + } + } + + private void BranchCheck(string stem, string branch) + { + string expected = stem + "." + branch; + string actual = new DerObjectIdentifier(stem).Branch(branch).Id; + + if (expected != actual) + { + Fail("failed 'branch' check for " + stem + "/" + branch); + } + } + + private void OnCheck(String stem, String test, bool expected) + { + if (expected != new DerObjectIdentifier(test).On(new DerObjectIdentifier(stem))) + { + Fail("failed 'on' check for " + stem + "/" + test); + } + } + + public override void PerformTest() + { + RecodeCheck("2.100.3", req1); + RecodeCheck("1.2.54.34359733987.17", req2); + + CheckValid(PkcsObjectIdentifiers.Pkcs9AtContentType.Id); + CheckValid("0.1"); + CheckValid("1.1.127.32512.8323072.2130706432.545460846592.139637976727552.35747322042253312.9151314442816847872"); + CheckValid("1.2.123.12345678901.1.1.1"); + CheckValid("2.25.196556539987194312349856245628873852187.1"); + + CheckInvalid("0"); + CheckInvalid("1"); + CheckInvalid("2"); + CheckInvalid("3.1"); + CheckInvalid("..1"); + CheckInvalid("192.168.1.1"); + CheckInvalid(".123452"); + CheckInvalid("1."); + CheckInvalid("1.345.23.34..234"); + CheckInvalid("1.345.23.34.234."); + CheckInvalid(".12.345.77.234"); + CheckInvalid(".12.345.77.234."); + CheckInvalid("1.2.3.4.A.5"); + CheckInvalid("1,2"); + + BranchCheck("1.1", "2.2"); + + OnCheck("1.1", "1.1", false); + OnCheck("1.1", "1.2", false); + OnCheck("1.1", "1.2.1", false); + OnCheck("1.1", "2.1", false); + OnCheck("1.1", "1.11", false); + OnCheck("1.12", "1.1.2", false); + OnCheck("1.1", "1.1.1", true); + OnCheck("1.1", "1.1.2", true); + } + + public static void Main(string[] args) + { + RunTest(new OidTest()); + } + + [Test] + public void TestFunction() + { + string resultText = Perform().ToString(); + + Assert.AreEqual(Name + ": Okay", resultText); + } + } +} diff --git a/BouncyCastle/crypto/test/src/asn1/test/OctetStringTest.cs b/BouncyCastle/crypto/test/src/asn1/test/OctetStringTest.cs new file mode 100644 index 0000000..8bae1b0 --- /dev/null +++ b/BouncyCastle/crypto/test/src/asn1/test/OctetStringTest.cs @@ -0,0 +1,186 @@ +using System; +using System.IO; + +using NUnit.Framework; + +using Org.BouncyCastle.Asn1.Cms; + +namespace Org.BouncyCastle.Asn1.Tests +{ + [TestFixture] + public class OctetStringTest + { + [Test] + public void TestReadingWriting() + { + MemoryStream bOut = new MemoryStream(); + BerOctetStringGenerator octGen = new BerOctetStringGenerator(bOut); + + Stream outStream = octGen.GetOctetOutputStream(); + + outStream.Write(new byte[] { 1, 2, 3, 4 }, 0, 4); + outStream.Write(new byte[4], 0, 4); + + outStream.Close(); + + Asn1StreamParser aIn = new Asn1StreamParser(bOut.ToArray()); + + BerOctetStringParser s = (BerOctetStringParser)aIn.ReadObject(); + + Stream inStream = s.GetOctetStream(); + int count = 0; + + while (inStream.ReadByte() >= 0) + { + count++; + } + + Assert.AreEqual(8, count); + } + + [Test] + public void TestReadingWritingZeroInLength() + { + MemoryStream bOut = new MemoryStream(); + BerOctetStringGenerator octGen = new BerOctetStringGenerator(bOut); + + Stream outStream = octGen.GetOctetOutputStream(); + + outStream.Write(new byte[] { 1, 2, 3, 4 }, 0, 4); + outStream.Write(new byte[512], 0, 512); // forces a zero to appear in length + + outStream.Close(); + + Asn1StreamParser aIn = new Asn1StreamParser(bOut.ToArray()); + + BerOctetStringParser s = (BerOctetStringParser)aIn.ReadObject(); + + Stream inStream = s.GetOctetStream(); + int count = 0; + + while (inStream.ReadByte() >= 0) + { + count++; + } + + Assert.AreEqual(516, count); + } + + [Test] + public void TestReadingWritingNested() + { + MemoryStream bOut = new MemoryStream(); + BerSequenceGenerator sGen = new BerSequenceGenerator(bOut); + BerOctetStringGenerator octGen = new BerOctetStringGenerator(sGen.GetRawOutputStream()); + + Stream outStream = octGen.GetOctetOutputStream(); + + BerSequenceGenerator inSGen = new BerSequenceGenerator(outStream); + + BerOctetStringGenerator inOctGen = new BerOctetStringGenerator(inSGen.GetRawOutputStream()); + + Stream inOut = inOctGen.GetOctetOutputStream(); + + inOut.Write(new byte[] { 1, 2, 3, 4 }, 0, 4); + inOut.Write(new byte[10], 0, 10); + + inOut.Close(); + + inSGen.Close(); + + outStream.Close(); + + sGen.Close(); + + Asn1StreamParser aIn = new Asn1StreamParser(bOut.ToArray()); + + BerSequenceParser sq = (BerSequenceParser)aIn.ReadObject(); + + BerOctetStringParser s = (BerOctetStringParser)sq.ReadObject(); + + Asn1StreamParser aIn2 = new Asn1StreamParser(s.GetOctetStream()); + + BerSequenceParser sq2 = (BerSequenceParser)aIn2.ReadObject(); + + BerOctetStringParser inS = (BerOctetStringParser)sq2.ReadObject(); + + Stream inStream = inS.GetOctetStream(); + int count = 0; + + while (inStream.ReadByte() >= 0) + { + count++; + } + + Assert.AreEqual(14, count); + } + + [Test] + public void TestNestedStructure() + { + MemoryStream bOut = new MemoryStream(); + + BerSequenceGenerator sGen = new BerSequenceGenerator(bOut); + + sGen.AddObject(new DerObjectIdentifier(CmsObjectIdentifiers.CompressedData.Id)); + + BerSequenceGenerator cGen = new BerSequenceGenerator(sGen.GetRawOutputStream(), 0, true); + + cGen.AddObject(new DerInteger(0)); + + // + // AlgorithmIdentifier + // + DerSequenceGenerator algGen = new DerSequenceGenerator(cGen.GetRawOutputStream()); + + algGen.AddObject(new DerObjectIdentifier("1.2")); + + algGen.Close(); + + // + // Encapsulated ContentInfo + // + BerSequenceGenerator eiGen = new BerSequenceGenerator(cGen.GetRawOutputStream()); + + eiGen.AddObject(new DerObjectIdentifier("1.1")); + + BerOctetStringGenerator octGen = new BerOctetStringGenerator(eiGen.GetRawOutputStream(), 0, true); + + // + // output containing zeroes + // + Stream outStream = octGen.GetOctetOutputStream(); + + outStream.Write(new byte[] { 1, 2, 3, 4 }, 0, 4); + outStream.Write(new byte[4], 0, 4); + outStream.Write(new byte[20], 0, 20); + + outStream.Close(); + eiGen.Close(); + cGen.Close(); + sGen.Close(); + + // + // reading back + // + Asn1StreamParser aIn = new Asn1StreamParser(bOut.ToArray()); + + ContentInfoParser cp = new ContentInfoParser((Asn1SequenceParser)aIn.ReadObject()); + + CompressedDataParser comData = new CompressedDataParser((Asn1SequenceParser)cp.GetContent(Asn1Tags.Sequence)); + ContentInfoParser content = comData.GetEncapContentInfo(); + + Asn1OctetStringParser bytes = (Asn1OctetStringParser)content.GetContent(Asn1Tags.OctetString); + + Stream inStream = bytes.GetOctetStream(); + int count = 0; + + while (inStream.ReadByte() >= 0) + { + count++; + } + + Assert.AreEqual(28, count); + } + } +} diff --git a/BouncyCastle/crypto/test/src/asn1/test/OtherCertIDUnitTest.cs b/BouncyCastle/crypto/test/src/asn1/test/OtherCertIDUnitTest.cs new file mode 100644 index 0000000..a09c18e --- /dev/null +++ b/BouncyCastle/crypto/test/src/asn1/test/OtherCertIDUnitTest.cs @@ -0,0 +1,100 @@ +using System; + +using NUnit.Framework; + +using Org.BouncyCastle.Asn1.Esf; +using Org.BouncyCastle.Asn1.X509; + +namespace Org.BouncyCastle.Asn1.Tests +{ + [TestFixture] + public class OtherCertIDUnitTest + : Asn1UnitTest + { + public override string Name + { + get { return "OtherCertID"; } + } + + public override void PerformTest() + { + AlgorithmIdentifier algId = new AlgorithmIdentifier(new DerObjectIdentifier("1.2.2.3")); + byte[] digest = new byte[20]; + OtherHash otherHash = new OtherHash(new OtherHashAlgAndValue(algId, digest)); + IssuerSerial issuerSerial = new IssuerSerial(new GeneralNames(new GeneralName(new X509Name("CN=test"))), new DerInteger(1)); + + OtherCertID certID = new OtherCertID(otherHash); + + checkConstruction(certID, algId, digest, null); + + certID = new OtherCertID(otherHash, issuerSerial); + + checkConstruction(certID, algId, digest, issuerSerial); + + certID = OtherCertID.GetInstance(null); + + if (certID != null) + { + Fail("null GetInstance() failed."); + } + + try + { + OtherCertID.GetInstance(new Object()); + + Fail("GetInstance() failed to detect bad object."); + } + catch (ArgumentException) + { + // expected + } + } + + private void checkConstruction( + OtherCertID certID, + AlgorithmIdentifier algId, + byte[] digest, + IssuerSerial issuerSerial) + { + checkValues(certID, algId, digest, issuerSerial); + + certID = OtherCertID.GetInstance(certID); + + checkValues(certID, algId, digest, issuerSerial); + + Asn1InputStream aIn = new Asn1InputStream(certID.ToAsn1Object().GetEncoded()); + + Asn1Sequence seq = (Asn1Sequence) aIn.ReadObject(); + + certID = OtherCertID.GetInstance(seq); + + checkValues(certID, algId, digest, issuerSerial); + } + + private void checkValues( + OtherCertID certID, + AlgorithmIdentifier algId, + byte[] digest, + IssuerSerial issuerSerial) + { + checkMandatoryField("hashAlgorithm", algId, certID.OtherCertHash.HashAlgorithm); + checkMandatoryField("hashValue", digest, certID.OtherCertHash.GetHashValue()); + + checkOptionalField("issuerSerial", issuerSerial, certID.IssuerSerial); + } + + public static void Main( + string[] args) + { + RunTest(new OtherCertIDUnitTest()); + } + + [Test] + public void TestFunction() + { + string resultText = Perform().ToString(); + + Assert.AreEqual(Name + ": Okay", resultText); + } + } +} diff --git a/BouncyCastle/crypto/test/src/asn1/test/OtherSigningCertificateUnitTest.cs b/BouncyCastle/crypto/test/src/asn1/test/OtherSigningCertificateUnitTest.cs new file mode 100644 index 0000000..4410d8e --- /dev/null +++ b/BouncyCastle/crypto/test/src/asn1/test/OtherSigningCertificateUnitTest.cs @@ -0,0 +1,94 @@ +using System; + +using NUnit.Framework; + +using Org.BouncyCastle.Asn1.Esf; +using Org.BouncyCastle.Asn1.X509; + +namespace Org.BouncyCastle.Asn1.Tests +{ + [TestFixture] + public class OtherSigningCertificateUnitTest + : Asn1UnitTest + { + public override string Name + { + get { return "OtherSigningCertificate"; } + } + + public override void PerformTest() + { + AlgorithmIdentifier algId = new AlgorithmIdentifier(new DerObjectIdentifier("1.2.2.3")); + byte[] digest = new byte[20]; + OtherHash otherHash = new OtherHash( + new OtherHashAlgAndValue(algId, digest)); + OtherCertID otherCertID = new OtherCertID(otherHash); + + OtherSigningCertificate otherCert = new OtherSigningCertificate(otherCertID); + + checkConstruction(otherCert, otherCertID); + + otherCert = OtherSigningCertificate.GetInstance(null); + + if (otherCert != null) + { + Fail("null GetInstance() failed."); + } + + try + { + OtherCertID.GetInstance(new Object()); + + Fail("GetInstance() failed to detect bad object."); + } + catch (ArgumentException) + { + // expected + } + } + + private void checkConstruction( + OtherSigningCertificate otherCert, + OtherCertID otherCertID) + { + checkValues(otherCert, otherCertID); + + otherCert = OtherSigningCertificate.GetInstance(otherCert); + + checkValues(otherCert, otherCertID); + + Asn1InputStream aIn = new Asn1InputStream(otherCert.ToAsn1Object().GetEncoded()); + + Asn1Sequence seq = (Asn1Sequence) aIn.ReadObject(); + + otherCert = OtherSigningCertificate.GetInstance(seq); + + checkValues(otherCert, otherCertID); + } + + private void checkValues( + OtherSigningCertificate otherCert, + OtherCertID otherCertID) + { + if (otherCert.GetCerts().Length != 1) + { + Fail("GetCerts() length wrong"); + } + checkMandatoryField("GetCerts()[0]", otherCertID, otherCert.GetCerts()[0]); + } + + public static void Main( + string[] args) + { + RunTest(new OtherSigningCertificateUnitTest()); + } + + [Test] + public void TestFunction() + { + string resultText = Perform().ToString(); + + Assert.AreEqual(Name + ": Okay", resultText); + } + } +} diff --git a/BouncyCastle/crypto/test/src/asn1/test/PKCS10Test.cs b/BouncyCastle/crypto/test/src/asn1/test/PKCS10Test.cs new file mode 100644 index 0000000..28736b8 --- /dev/null +++ b/BouncyCastle/crypto/test/src/asn1/test/PKCS10Test.cs @@ -0,0 +1,95 @@ +using System; +using System.IO; + +using NUnit.Framework; + +using Org.BouncyCastle.Asn1.Pkcs; +using Org.BouncyCastle.Utilities; +using Org.BouncyCastle.Utilities.Encoders; +using Org.BouncyCastle.Utilities.Test; + +namespace Org.BouncyCastle.Asn1.Tests +{ + [TestFixture] + public class Pkcs10Test + : ITest + { + byte[] req1 = Base64.Decode( + "MIHoMIGTAgEAMC4xDjAMBgNVBAMTBVRlc3QyMQ8wDQYDVQQKEwZBbmFUb20xCzAJBgNVBAYTAlNF" + + "MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBALlEt31Tzt2MlcOljvacJgzQVhmlMoqAOgqJ9Pgd3Gux" + + "Z7/WcIlgW4QCB7WZT21O1YoghwBhPDMcNGrHei9kHQkCAwEAAaAAMA0GCSqGSIb3DQEBBQUAA0EA" + + "NDEI4ecNtJ3uHwGGlitNFq9WxcoZ0djbQJ5hABMotav6gtqlrwKXY2evaIrsNwkJtNdwwH18aQDU" + + "KCjOuBL38Q=="); + + byte[] req2 = Base64.Decode( + "MIIB6TCCAVICAQAwgagxCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpDYWxpZm9ybmlhMRQwEgYDVQQH" + + "EwtTYW50YSBDbGFyYTEMMAoGA1UEChMDQUJCMVEwTwYDVQQLHEhQAAAAAAAAAG8AAAAAAAAAdwAA" + + "AAAAAABlAAAAAAAAAHIAAAAAAAAAIAAAAAAAAABUAAAAAAAAABxIAAAAAAAARAAAAAAAAAAxDTAL" + + "BgNVBAMTBGJsdWUwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBANETRZ+6occCOrFxNhfKIp4C" + + "mMkxwhBNb7TnnahpbM9O0r4hrBPcfYuL7u9YX/jN0YNUP+/CiT39HhSe/bikaBPDEyNsl988I8vX" + + "piEdgxYq/+LTgGHbjRsRYCkPtmzwBbuBldNF8bV7pu0v4UScSsExmGqqDlX1TbPU8KkPU1iTAgMB" + + "AAGgADANBgkqhkiG9w0BAQQFAAOBgQAFbrs9qUwh93CtETk7DeUD5HcdCnxauo1bck44snSV6MZV" + + "OCIGaYu1501kmhEvAtVVRr6SEHwimfQDDIjnrWwYsEr/DT6tkTZAbfRd3qUu3iKjT0H0vlUZp0hJ" + + "66mINtBM84uZFBfoXiWY8M3FuAnGmvy6ah/dYtJorTxLKiGkew=="); + + public string Name + { + get + { + return "Pkcs10"; + } + } + + public ITestResult BasicPkcs10Test( + string testName, + byte[] req) + { + try + { + CertificationRequest r = new CertificationRequest( + (Asn1Sequence)Asn1Object.FromByteArray(req)); + byte[] bytes = r.GetDerEncoded(); + + if (!Arrays.AreEqual(bytes, req)) + { + return new SimpleTestResult(false, Name + ": " + testName + " failed comparison test"); + } + } + catch (Exception e) + { + return new SimpleTestResult(false, Name + ": Exception - " + testName + " " + e.ToString()); + } + + return new SimpleTestResult(true, Name + ": Okay"); + } + + public ITestResult Perform() + { + ITestResult res = BasicPkcs10Test("basic CR", req1); + + if (!res.IsSuccessful()) + { + return res; + } + + return BasicPkcs10Test("Universal CR", req2); + } + + public static void Main( + string[] args) + { + ITest test = new Pkcs10Test(); + ITestResult result = test.Perform(); + + Console.WriteLine(result); + } + + [Test] + public void TestFunction() + { + string resultText = Perform().ToString(); + + Assert.AreEqual(Name + ": Okay", resultText); + } + } +} diff --git a/BouncyCastle/crypto/test/src/asn1/test/PKCS12Test.cs b/BouncyCastle/crypto/test/src/asn1/test/PKCS12Test.cs new file mode 100644 index 0000000..eae61de --- /dev/null +++ b/BouncyCastle/crypto/test/src/asn1/test/PKCS12Test.cs @@ -0,0 +1,217 @@ +using System; +using System.IO; + +using NUnit.Framework; + +using Org.BouncyCastle.Asn1.Pkcs; +using Org.BouncyCastle.Asn1.X509; +using Org.BouncyCastle.Utilities; +using Org.BouncyCastle.Utilities.Encoders; +using Org.BouncyCastle.Utilities.Test; + +namespace Org.BouncyCastle.Asn1.Tests +{ + [TestFixture] + public class Pkcs12Test + : SimpleTest + { + private static byte[] pkcs12 = Base64.Decode( + "MIACAQMwgAYJKoZIhvcNAQcBoIAkgASCA+gwgDCABgkqhkiG9w0BBwGggCSA" + + "BIIDRDCCA0AwggM8BgsqhkiG9w0BDAoBAqCCArEwggKtMCcGCiqGSIb3DQEM" + + "AQMwGQQUFlnNVpQoEHc+J3UEGxARipkHu5kCAWQEggKAAH9tmy40lly6QDoc" + + "1TfmY9y2qysD+lrgk+dnxP04RfoJfycTRDeaz2sPLImZtio9nsqCFqtzU/sl" + + "eWigbH34BpKU1sC0Gq1cyik0GO65sW95S6YjKtGcGOBfQCPk1oQjfiqnfU3G" + + "oeOaG3COQJukMFj8unv55u0xbX1hwO8SsZmr9RjPzLrVaeY6BP5+CCzOKBaj" + + "GxneIDqnQW7/kBIVWK7M+JXGdgQyiKhD6NvXL/zD8oKEne0nIX7IokQuWEn6" + + "8Sglv5OSclsSdvHTk57bCuV5lVzoIzczA4J/LZWdrtITeVefBLQSalBzpRde" + + "rSTMj485z2x5ChizhjE627/KQ5vkKQkQVqXYYXVyeTvKZRpL7vz13C4DUCwN" + + "im1XvNSCNebXS1yHJRtcONDhGJN3UsrVjHr+2kCfE5SCEeSU/dqgNLuLa1tk" + + "5+jwZFNj/HjO88wlOwPCol1uuJjDpaEW7dxu5qsVSfZhEXWHs8rZAMttFMzi" + + "yxsEkZe8kqngRbNJOY6KpppYedsMWDusUJGfIHo+8zymiw3gv/z+lmFOlDGt" + + "CKMk9Es/MgfjpbfhbTVYHOBKS6Qyrz7LdTuBMI8XdsZMuN+Uf73690ggLmKW" + + "IELUg8h1RX0ra2n6jOc/1rnebAifMhiMkL1ABQvqOobfOrG/9h9XcXoi64Qr" + + "htc3T7yMAHafBX5KUcNkbcn6kssYhpvd8bPADoLBnbx3GxGh/uziB0zKQEI0" + + "GnaY4SL7aR4C5xNNi41lYtsR6ohKyfPEGslhrhd4axx0cKxC2sHgVl0k+r8B" + + "8Vu44XHbW8LqdspjOHN9qg2erES1Dvgj05SfHDup+V6a3ogJo2YKXOiu3DF4" + + "MFEGCSqGSIb3DQEJFDFEHkIARABhAHYAaQBkACAARwAuACAASABvAG8AawAn" + + "AHMAIABWAGUAcgBpAFMAaQBnAG4ALAAgAEkAbgBjAC4AIABJAEQwIwYJKoZI" + + "hvcNAQkVMRYEFKEcMJ798oZLFkH0OnpbUBnrTLgWAAAAAAAAMIAGCSqGSIb3" + + "DQEHBqCAMIACAQAwgAYJKoZIhvcNAQcBMCcGCiqGSIb3DQEMAQYwGQQUTErH" + + "kWZ8nBXZYWO53FH4yqRZZsECAWSggASCDGCreuCr6/azcOv5w04bN3jkg4G2" + + "dsvTPAjL8bichaEOQCykhuNPt1dv3FsjUsdFC550K0+Y48RyBIID6JTiN9Gj" + + "K+a5aLPaXgTRdY74Toof1hYtZ4DIcVyq25LezVQHoe/++pAgEpWjqHTxVDIv" + + "YFAgT2oDB+2vkeXM61XnNWOjwCY3pXpk/VGjyN4USkD7Q/Y6tPjQOywvQE7c" + + "Ab1z62k9iMia7Yk/qmh+zJu4SSneo0/RLLdMZOlGZv89MResVG038TC8MTA9" + + "Uf+wDRcS20d7XDbTaBAgju8TpFIw5/lbDi0feUVlk6L+jkT1ktaTc1Pwtxn7" + + "psXMFW6HAWB4exOi09297R9BCOQX6vcetK/iA/3jIC6NuTdizYof0DWetdGy" + + "haIkMiEnERYE3unJocH4fq585Rw6mE+BYssPVPkVWZZInF3l69bKduuxsQt+" + + "pcApgBVsTjsU+1FOiUxuW2wWKi70RcQprPv5Ef1A5FRNxPFp+7IzLNlE4qCo" + + "wvC6NTpeuRw3aGsXSfqHmSddrHugNPmghNgG5lv1Ef7A8MUuyp8fyjAgxCDk" + + "4Hpb8PCHGj5t//Fr6Cd0MygJMIFQmv4kUd2LVHxQ9A9WFNCqTz/nBe+ZRLJL" + + "NghTv6gGpjGJiBnXYv6Sod2fs+5J2GIvex4qbdh6gzZIU2YTAwpj6Aca3SjA" + + "X8+m8AXt2SC3Z6T5+m8SxyiNp2P511paV/TZKtLWXQGKeEX1JXhQkaM6Q5W/" + + "IhSgC8/gppk1gbIraBqrW8bEnGBnC03wi0OnMz3ohM4CVHyaW3dQquT2+u6F" + + "8VeGXAYHU022NkrpPl/VlfNNEAyisU2+oJqpPZkqL6FsDWF3k6Fq2jXBLL+/" + + "a0WA82jIpgjNeXze/cgoHtU023V9E9Qcu+5nPBYdCTR4sRxvHLANii0W8lPv" + + "tvU5XO1UsEjHDfKL4E1bhGzGpb/OU5yg/98EN95r/xdFL5G+XVyHeR0UtkcB" + + "IuvyBdhkwoprCjkcgLZe8FPIBNw84HRe7Ye6f2gDW/F5uej6rBehJS1VFvCh" + + "DXzkajGmK40Gc2APS1/1vZqPu68polgw9dT84rem36PLEOq4KuU7n4QE0g7T" + + "YR2G8+4FNgQTjjg/qw3lX+sj6yLn1lYt1dOVvkiM8i8tdZg/3pCKKAW1uV7a" + + "astlBxVSkFfn1BrFTc2oFGkTrlUg90a+parOfGHTfDiaHX8ouEg63fk0+Xdi" + + "FCarXsqHNPDbpmWLKw8TAmdeneGipyScntJJk4ajy+jROQBgGew3ofOmfkqm" + + "oJFNwUvKOXN2ucViLZgsdK/7YgV1OR7oiTh8knQNPk3d5fRYSMFf9GJTjQRV" + + "y2CLdICAVzvrUXf9k7miWYkjIp2/HGD7pOH018sX9MrpfJKqvdPFOssZiFd0" + + "I2FUbgcEggPotvnT0XoabEiurTm8EPPpw66NKmK/H1kQL0hEtdIazPxfLmm/" + + "ZUDokwa7d4bE3BwFh0weQfEvMzJu6Y5E7ir2MqD33XaGMOGys1nst1SPPyDB" + + "WpOWD9w7Ng3yU1JVzqFWuVXaXDYbfnlG7AGevKF5PYNZj/RIQBBf5Xle9hTd" + + "c9CtxPkrsJwA8DeAwKl2WIfbXGzAYLSnXoYUcoTkWn/O81BlUFgAXv80gLe8" + + "NUrH7bhsnyGaPY953NyDk8IWUYrsn/sXvxTy5B0/7/WGMh3CSZrLX3p7TcFY" + + "yBrL6SRas4q9rrcwuhBq0tUUbbgWi92nhZl4bOGmx7ehHnwuUId2HWXyVGoB" + + "qToee/2E4PZFxSZwKCY6dahswFq5QGDrQKN2/qpOLZcJib6SvSGyEZl2pqr0" + + "lqk7tVPzBkN/4uP0qrcbZCDbGW6IXwu3RGMRehqj/HEJcs92lZKfVrk/U07X" + + "MBAiQHqV+kLw7kStECR/MGJG1c0xhqqBrf0W74+LpJiv/Q9iFNdWbXvE/cAk" + + "G7+OTUABd2kI88uA43T0UoRuPOi5KnLuD3AG+7IuyGyP69Xncd4u0srMg2fn" + + "DiLLZUy6vWmxwRFsSMCEfQNLtZaggukoPIihQvbX3mQS9izwLs6D89WtEcZ5" + + "6DVbIlUqUinnNKsT8vW1DZo5FMJkUxB666YIPVmkQbbJOEUU89dZg5Gw0og6" + + "rn4irEr4xHFdx+S7iqJXhzs9THg/9e4/k8KQ136z7LALOqDookcSdBzW6H8c" + + "STjs4qKQyNimsLB90mEuIEApzhseAaLFl+kgORGJv/2a+uoukZchMsJ98MVo" + + "sEPS1oBXJl2m9AshkWfON2GDeJatgcw6CyC1mSx++Gg602ZKUZZUaWxkz1Sw" + + "zTj3nhiJe+SZsdfxhsojNq7zfxqgY/Rq7BwvphU3StjnxvkB4rTkbmbiGOBO" + + "cvTFg4yOtQGRcifk2/XH/bgYiPqQrYSXpO3WRASV005RaSGufcpTtj3YlHGe" + + "8FUgZfDtfiGezhNET9KO3/Q0i34bGEpoIb/9uOWH4ZHULIlfdSm1ynV50nE4" + + "mJTXccrF6BE80KZI5GWGhqXdfPFaHTK1S20+XCw7bRJCGeiwVxvGfB+C0SZ4" + + "ndtqx165dKG5JwFukcygiIZN6foh0/PhwzmFxmPtZuPQt9dtuIQ35Y7PSDsy" + + "IH2Ot0Hh0YIN99lHJ6n9HomSjpwcgDXGssEuevbpz27u/MI/Uhq4Gfx0k5RF" + + "0pcRYtk1dYSx44a+8WgqZLF8DUNtyjSE/H8P5iGa6tqOl7kNyeeEkfoTtKst" + + "asGFwL4Qxxus4GC7repyVi7IJgSCA+iopiqKQJ2IqUHvoIEuD//sZooDx0Je" + + "oFRO5VakkTO6WHd8JpOOEU2f6Zjg++HdIl0QK7xcUaRH075LzEfqgn1vyw6J" + + "N6ex8D76sf/nAy01NvDPij48Z50XDwXu4kJGJvv0AJwId8BpjziBF0j3K/DI" + + "YOOpd6nW4EvdivCgaCnxqlIU/u1OP4BwpO+AUjJh6RKlKviGihQpi103DFhR" + + "yXNDhh55pqgCCCuNeEB+ovRt7UxzlGAVRSxJh1Zbjp/+iQun0E32RlSR4Diz" + + "p5vDk8NBZpIiKRqI+8GWZc3G1igp7dvViTLw4OdWMKwhccV5+3Ll/W72aNVm" + + "azYUoYOVn+OYS1NJkER0tjFOCozRGm5hfkxGlP+02wbH5uu/AQoJMqWIxT6l" + + "46IWC24lmAnDCXuM+gWmwUvyXLwuBdejVK8iG1Lnfg1qztoLpYRbBROgRdpt" + + "2cbPRm+9seqrth3eJbtmxCvuh3bZ3pR2e0/r5Tob/fDcOc5Kp+j4ndXWkwpa" + + "OuH1yxam7zNJR+mcYp1Wiujia5qIeY1QCAEY5QgAWaSHtjlEprwUuootA2Xm" + + "V7D8Vsr9BValhm9zMKj6IzsPmM+HZJWlhHcoucuAmPK6Lnys3Kv/mbkSgNOq" + + "fJDY901veFfKeqiCbAm6hZjNWoQDNJKFhjXUALrcOv9VCFPA3bMW3Xul/sB4" + + "Mq595e+x/1HkNOgZorBv97C6X7ENVDaAFcyZvrRU/ZeDnvFhisfxS4EJhzxl" + + "cWWnQhzD+ur1FTTlkmUFzgoB/rW+i3XigiHOuRRnkcoMy1uV17rwH8eELHJu" + + "Yni5vu2QUaD4jNEhliE2XCsn8Sm6bcXnfzBa7FXC39QvAcdJHzqcD6iIwjIz" + + "hKLu+/XoWFMFFNsgV78AwzPAn6TRya8LLCYPoIZkEP4qBoeZtUZ8PIS/Y7M9" + + "QStMwa/NI9SPswb3iScTGvor/obUEQS4QM6mVxFMpQWfwJfyU6jingX4EHRE" + + "mqvZ3ehzU8ZLOdKzRKuk022YDT7hwEQ+VL0Fg0Ld9oexqT96nQpUTHZtDRMV" + + "iTuJoUYTneDs2c9tsY4mWBqamZQSfTegj4sLMZagkuSUp/SpPM2zSGuD3nY6" + + "u3553gIM9jYhvLBEXwjGudVCwMd3bqo/4EhnKb2PcwUzdaMkipQlNteHZjBT" + + "1ici63xjJva+di0qTV+W9cyYyHwg1927X2qcMh06BhbHlcXQKbgmbL18KJEt" + + "K+GGhGNkP7mtPyHHgBb6vref/z8p7oxT2CG+oBuN/z+xQoYfe9c4IC3e/kNN" + + "DIoyYvPyEzAdfMS2aL8qDxzc5GH9UE9kcusJ/2dNEFTzBH2GK1CItL3IACv/" + + "LwX1SkI0w7oIQTL127CSnuTrUUkvJ/+rOYScQTMD/ntZPdLdu2ffszg3SzhN" + + "ELgojK8ss1OBlruWRHw/fP736Nx8MNsuOvXMnO8lruz+uyuEhF3BLv96oTcg" + + "XVHdWhPmOoqNdBQdRgAAAAAAAAAAAAAAAAAAAAAAADA8MCEwCQYFKw4DAhoF" + + "AAQUJMZn7MEKv4vW/+voCVyHBa6B0EMEFJOzH/BEjRtNNsZWlo/4L840aE5r" + + "AgFkAAA="); + + public override void PerformTest() + { + byte[] pfxEncoding1 = ImplTest(pkcs12); + byte[] pfxEncoding2 = ImplTest(pfxEncoding1); + + // + // comparison test + // + if (!Arrays.AreEqual(pfxEncoding1, pfxEncoding2)) + { + Fail("failed comparison test"); + } + } + + private byte[] ImplTest(byte[] pkcs12) + { + Pfx bag = Pfx.GetInstance(pkcs12); + ContentInfo info = bag.AuthSafe; + MacData mData = bag.MacData; + DigestInfo dInfo = mData.Mac; + AlgorithmIdentifier algId = dInfo.AlgorithmID; + byte[] salt = mData.GetSalt(); + int itCount = mData.IterationCount.IntValue; + + Asn1OctetString content = Asn1OctetString.GetInstance(info.Content); + AuthenticatedSafe authSafe = AuthenticatedSafe.GetInstance(content.GetOctets()); + ContentInfo[] c = authSafe.GetContentInfo(); + + // + // private key section + // + if (!c[0].ContentType.Equals(PkcsObjectIdentifiers.Data)) + { + Fail("Failed comparison data test"); + } + + Asn1OctetString authSafeContent = Asn1OctetString.GetInstance(c[0].Content); + Asn1Sequence seq = Asn1Sequence.GetInstance(authSafeContent.GetOctets()); + + SafeBag b = SafeBag.GetInstance(seq[0]); + if (!b.BagID.Equals(PkcsObjectIdentifiers.Pkcs8ShroudedKeyBag)) + { + Fail("Failed comparison shroudedKeyBag test"); + } + + EncryptedPrivateKeyInfo encInfo = EncryptedPrivateKeyInfo.GetInstance(b.BagValue); + + encInfo = new EncryptedPrivateKeyInfo(encInfo.EncryptionAlgorithm, encInfo.GetEncryptedData()); + + b = new SafeBag(PkcsObjectIdentifiers.Pkcs8ShroudedKeyBag, encInfo.ToAsn1Object(), b.BagAttributes); + + byte[] contentOctets = new DerSequence(b).GetEncoded(); + + c[0] = new ContentInfo(PkcsObjectIdentifiers.Data, new BerOctetString(contentOctets)); + + // + // certificates + // + if (!c[1].ContentType.Equals(PkcsObjectIdentifiers.EncryptedData)) + { + Fail("Failed comparison encryptedData test"); + } + + EncryptedData eData = EncryptedData.GetInstance(c[1].Content); + + c[1] = new ContentInfo(PkcsObjectIdentifiers.EncryptedData, eData); + + // + // create an octet stream to represent the BER encoding of authSafe + // + authSafe = new AuthenticatedSafe(c); + + contentOctets = authSafe.GetEncoded(); + + info = new ContentInfo(PkcsObjectIdentifiers.Data, new BerOctetString(contentOctets)); + + mData = new MacData(new DigestInfo(algId, dInfo.GetDigest()), salt, itCount); + + bag = new Pfx(info, mData); + + return bag.GetEncoded(); + } + + public override string Name + { + get { return "Pkcs12"; } + } + + public static void Main( + string[] args) + { + RunTest(new Pkcs12Test()); + } + + [Test] + public void TestFunction() + { + string resultText = Perform().ToString(); + + Assert.AreEqual(Name + ": Okay", resultText); + } + } +} diff --git a/BouncyCastle/crypto/test/src/asn1/test/PKIFailureInfoTest.cs b/BouncyCastle/crypto/test/src/asn1/test/PKIFailureInfoTest.cs new file mode 100644 index 0000000..7d51dbb --- /dev/null +++ b/BouncyCastle/crypto/test/src/asn1/test/PKIFailureInfoTest.cs @@ -0,0 +1,89 @@ +using System; + +using NUnit.Framework; + +using Org.BouncyCastle.Asn1; +using Org.BouncyCastle.Asn1.Cmp; +using Org.BouncyCastle.Utilities; +using Org.BouncyCastle.Utilities.Encoders; +using Org.BouncyCastle.Utilities.Test; + +namespace Org.BouncyCastle.Asn1.Tests +{ + /** + * PkiFailureInfoTest + */ + [TestFixture] + public class PkiFailureInfoTest + : SimpleTest + { + // A correct hex encoded BAD_DATA_FORMAT PkiFailureInfo + private static readonly byte[] CORRECT_FAILURE_INFO = Base64.Decode("AwIANQ=="); + + public override string Name + { + get { return "PkiFailureInfo"; } + } + + private void DoTestEncoding() + { + DerBitString bitString = (DerBitString)Asn1Object.FromByteArray(CORRECT_FAILURE_INFO); + PkiFailureInfo correct = new PkiFailureInfo(bitString); + + PkiFailureInfo bug = new PkiFailureInfo( + PkiFailureInfo.BadRequest | PkiFailureInfo.BadTime | PkiFailureInfo.BadDataFormat | PkiFailureInfo.IncorrectData); + + if (!Arrays.AreEqual(correct.GetDerEncoded(), bug.GetDerEncoded())) + { + Fail("encoding doesn't match"); + } + } + + public override void PerformTest() + { + BitStringConstantTester.testFlagValueCorrect(0, PkiFailureInfo.BadAlg); + BitStringConstantTester.testFlagValueCorrect(1, PkiFailureInfo.BadMessageCheck); + BitStringConstantTester.testFlagValueCorrect(2, PkiFailureInfo.BadRequest); + BitStringConstantTester.testFlagValueCorrect(3, PkiFailureInfo.BadTime); + BitStringConstantTester.testFlagValueCorrect(4, PkiFailureInfo.BadCertId); + BitStringConstantTester.testFlagValueCorrect(5, PkiFailureInfo.BadDataFormat); + BitStringConstantTester.testFlagValueCorrect(6, PkiFailureInfo.WrongAuthority); + BitStringConstantTester.testFlagValueCorrect(7, PkiFailureInfo.IncorrectData); + BitStringConstantTester.testFlagValueCorrect(8, PkiFailureInfo.MissingTimeStamp); + BitStringConstantTester.testFlagValueCorrect(9, PkiFailureInfo.BadPop); + BitStringConstantTester.testFlagValueCorrect(10, PkiFailureInfo.CertRevoked); + BitStringConstantTester.testFlagValueCorrect(11, PkiFailureInfo.CertConfirmed); + BitStringConstantTester.testFlagValueCorrect(12, PkiFailureInfo.WrongIntegrity); + BitStringConstantTester.testFlagValueCorrect(13, PkiFailureInfo.BadRecipientNonce); + BitStringConstantTester.testFlagValueCorrect(14, PkiFailureInfo.TimeNotAvailable); + BitStringConstantTester.testFlagValueCorrect(15, PkiFailureInfo.UnacceptedPolicy); + BitStringConstantTester.testFlagValueCorrect(16, PkiFailureInfo.UnacceptedExtension); + BitStringConstantTester.testFlagValueCorrect(17, PkiFailureInfo.AddInfoNotAvailable); + BitStringConstantTester.testFlagValueCorrect(18, PkiFailureInfo.BadSenderNonce); + BitStringConstantTester.testFlagValueCorrect(19, PkiFailureInfo.BadCertTemplate); + BitStringConstantTester.testFlagValueCorrect(20, PkiFailureInfo.SignerNotTrusted); + BitStringConstantTester.testFlagValueCorrect(21, PkiFailureInfo.TransactionIdInUse); + BitStringConstantTester.testFlagValueCorrect(22, PkiFailureInfo.UnsupportedVersion); + BitStringConstantTester.testFlagValueCorrect(23, PkiFailureInfo.NotAuthorized); + BitStringConstantTester.testFlagValueCorrect(24, PkiFailureInfo.SystemUnavail); + BitStringConstantTester.testFlagValueCorrect(25, PkiFailureInfo.SystemFailure); + BitStringConstantTester.testFlagValueCorrect(26, PkiFailureInfo.DuplicateCertReq); + + DoTestEncoding(); + } + + public static void Main( + string[] args) + { + RunTest(new PkiFailureInfoTest()); + } + + [Test] + public void TestFunction() + { + string resultText = Perform().ToString(); + + Assert.AreEqual(Name + ": Okay", resultText); + } + } +} diff --git a/BouncyCastle/crypto/test/src/asn1/test/ParseTest.cs b/BouncyCastle/crypto/test/src/asn1/test/ParseTest.cs new file mode 100644 index 0000000..c649fdb --- /dev/null +++ b/BouncyCastle/crypto/test/src/asn1/test/ParseTest.cs @@ -0,0 +1,303 @@ +using System; +using System.IO; + +using NUnit.Framework; + +using Org.BouncyCastle.Asn1.Cms; +using Org.BouncyCastle.Utilities.IO; +using Org.BouncyCastle.Utilities.Encoders; + +namespace Org.BouncyCastle.Asn1.Tests +{ + [TestFixture] + public class ParseTest + { + private static readonly byte[] classCastTest = Base64.Decode( + "MIIXqAYJKoZIhvcNAQcDoIIXmTCCF5UCAQAxggG1MIIBsQIBADCBmDCBkDEL" + + "MAkGA1UEBhMCVVMxETAPBgNVBAgTCE1pY2hpZ2FuMQ0wCwYDVQQHEwRUcm95" + + "MQwwCgYDVQQKEwNFRFMxGTAXBgNVBAsTEEVMSVQgRW5naW5lZXJpbmcxJDAi" + + "BgkqhkiG9w0BCQEWFUVsaXQuU2VydmljZXNAZWRzLmNvbTEQMA4GA1UEAxMH" + + "RURTRUxJVAIDD6FBMA0GCSqGSIb3DQEBAQUABIIBAGh04C2SyEnH9J2Va18w" + + "3vdp5L7immD5h5CDZFgdgHln5QBzT7hodXMVHmyGnycsWnAjYqpsil96H3xQ" + + "A6+9a7yB6TYSLTNv8zhL2qU3IrfdmUJyxxfsFJlWFO1MlRmu9xEAW5CeauXs" + + "RurQCT+C5tLc5uytbvw0Jqbz+Qp1+eaRbfvyhWFGkO/BYZ89hVL9Yl1sg/Ls" + + "mA5jwTj2AvHkAwis+F33ZhYlto2QDvbPsUa0cldnX8+1Pz4QzKMHmfUbFD2D" + + "ngaYN1tDlmezCsYFQmNx1th1SaQtTefvPr+qaqRsm8KEXlWbJQXmIfdyi0zY" + + "qiwztEtO81hXZYkKqc5fKMMwghXVBgkqhkiG9w0BBwEwFAYIKoZIhvcNAwcE" + + "CEq3cLLWVds9gIIVsAAik3al6Nn5pr7r0mSy9Ki3vEeCBcV9EzEG44BvNHNA" + + "WyEsqQsdSxuF7h1/DJAMuZFwCbGflaRGx/1L94zrmtpeuH501lzPMvvZCmpj" + + "KrOF8e1B4MVQ5TfQTdUVyRnbcDa6E4V1ZZIdAI7BgDeJttS4+L6btquXfxUg" + + "ttPYQkevF7MdShYNnfLkY4vUMDOp3+iVzrOlq0elM95dfSA7OdBavgDJbz/7" + + "mro3AFTytnWjGz8TUos+oUujTk9/kHOn4cEAIm0hHrNhPS5qoj3QnNduNrad" + + "rLpGtcYyNlHIsYCsvPMxwoHmIw+r9xQQRjjzmVYzidn+cNOt0FmLs6YE8ds4" + + "wvHRO9S69TgKPHRgk2bihgHqII9lF9qIzfG40YwJLHzGoEwVO1O0+wn8j2EP" + + "O9I/Q3vreCH+5VbpUD2NGTwsMwZ3YlUesurLwse/YICxmgdN5Ro4DeQJSa9M" + + "iJnRFYWRq+58cKgr+L11mNc9nApZBShlpPP7pdNqWOafStIEjo+dsY/J+iyS" + + "6WLlUvNt/12qF4NAgZMb3FvRQ9PrMe87lqSRnHcpLWHcFjuKbMKCBvcdWGWI" + + "R7JR8UNzUvoLGGAUI9Ck+yTq4QtfgtL5MLmdBGxSKzgs44Mmek+LnrFx+e9n" + + "pkrdDf2gM/m7E50FnLYqzUjctKYGLNYpXQorq9MJx6TB20CHXcqOOoQqesXa" + + "9jL9PIOtBQy1Ow5Bh4SP07nTFWFSMI/Wt4ZvNvWJj3ecA9KjMOA9EXWUDS/H" + + "k9iCb2EEMo7fe5mhoyxMxPO+EIa1sEC9A1+rDACKPQCHOLI0uPmsdo0AEECC" + + "QLgOQkcwQlkHexOyHiOOtBxehtGZ1eBQQZ+31DF+RRU6WvS6grg58eS4gGOQ" + + "bd7CS9yYebvAQkz61J8KprWdtZuG1gBGma12wKMuQuC6RuWlKsj+rPMvaQCt" + + "8mucGbkElPGZVhdyD8/BvpSCNbgRwb6iSiw4EECovu4P4GFJaMGUYEuCA711" + + "itEieYc1QqS6ULjb3LFL/RcwSw0fGdjnt6B2nHckC2VsYKU1NwU7j0R1Omb4" + + "y5AvSgpuWjTXWnHnE9Ey0B+KP5ERZA+jJGiwYz48ynYlvQFSbBm4I6nh/DuI" + + "dWB2dLNxWuhdfzafBGtEHhLHzjW3WQwwRZsKesgHLrrj9hBUObodl1uvqvZN" + + "AjMOj8DrqbGOhAClj1t4S1Zk1ZekuMjsuoxEL+/lgtbT+056ES0k3A/LnpRb" + + "uxA1ZBr26Im+GVFzEcsV0hB4vNujSwStTTZH5jX5rMyi085yJfnikcLYUn9N" + + "apl+srhpIZlDJPw7IHaw8tsqXKDxF7MozIXo8B45CKv5Am+BMrIemCMX/ehu" + + "PODICl98Ur8tNAn1L+m0nj7H3c8HW2vNuBLEI3SEHHgm2Ij3IY5pyyeVUaWC" + + "pumhy8Ru5dj3fZcfKgYuJBQxWMf+UqPsf4iUK3923pouJ1cQ8XU8gOXIRrtX" + + "e41d/yR+UAZXSig6SITLw+wLtvitSvtxvjcUSUOI9CYTovKyuz1PQKiaLsV5" + + "4CoJhMQ5uRlVFS3H829I2d2gLRpSp6pNWeIZO2NMBxPYf2qcSHyHqQjR7xP2" + + "ZTg7U3OO6dZHORfXxzAnW2ExavBIYQmZh1gLn5jSS4wXFPXyvnJAsF4s5wed" + + "YHsyAqM/ek0n2Oo/zAh7UcP2vcb9FOoeRK8qC9HjTciS6WbjskRN0ft4T69G" + + "+1RsH8/edBxo2LZeA48BSCXDXOlBZJBsOptzYJD8HSZONPnef0jn23lk0fkU" + + "C3BjJu2ubFChctRvJniTko4klpidkHwuJgrTnL4er8rG3RfiiEHn/d5era15" + + "E1cekdVYWqwQOObOd4v+0gZSJgI48TBc5Qdy8F6wIU38DR2pn/5uNthNDgXk" + + "NcV9a2gOE3DoLe8CEIPMihqYMPY8NuSp97eHB2YhKpjP7qX9TUMoOdE2Iat2" + + "klNxadJt6JTFeiBPL6R9RHAD5sVBrkrl0S+oYtgF92f9WHVwAXU7zP6IgM4x" + + "hhzeJT07yyIp44mKd//F+7ntbgQjZ/iLbHh0mtOlUmzkFsDR0UNSXEQoourZ" + + "EY4A62HXj0DMqEQbik6QwEF7FKuwZX2opdOyVKH9MzJxNfDLd5dc8wAc8bCX" + + "jcCx5/GzHx2S5DndWQEVhp2hOQYuoJS3r6QCYFaHtDPKnFHS2PBFyFWL+2UK" + + "c0WsvVaHYqYKnksmxse9I9oU75kx5O05DZCThPX6h8J8MHRuxU9tcuuleIUQ" + + "XY8On+JeEtLSUZgp+Z7ITLuagf6yuKQpaR396MlDii/449/dvBiXAXeduyO1" + + "QzSkQCh37fdasqGL3mP0ssMcxM/qpOwQsx3gMtwiHQRi1oQE1QHb8qZHDE4m" + + "I5afQJ9O/H/m/EVlGUSn2yYOsPlZrWuI3BBZKoRzRq1lZOQDtOh18BE3tWmX" + + "viGIAxajam0i2Ce3h2U7vNwtiePRNEgPmQ7RwTTv0U6X8qqkjeYskiF4Cv9G" + + "nrB0WreC19ih5psEWLIkCYKTr+OhQuRrtv7RcyUi9QSneh7BjcvRjlGB6joA" + + "F6J4Y6ENAA/nzOZJ699VkljTi59bbNJYlONpQhOeRTu8M/wExkIJz7yR9DTY" + + "bY4/JdbdHNFf5DSDmYAHaFLmdnnfuRy+tC9CGGJvlcLVv5LMFJQGt2Wi15p8" + + "lctx7sL6yNCi7OakWbEOCvGPOxY7ejnvOjVK/Krx1T+dAXNUqrsDZmvmakOP" + + "We+P4Di1GqcyLVOTP8wNCkuAUoN0JFoBHy336/Xnae91KlY4DciPMpEOIpPN" + + "oB+3h6CozV7IWX5Wh3rhfC25nyGJshIBUS6cMXAsswQI8rOylMlGaekNcSU4" + + "gNKNDZAK5jNkS0Z/ziIrElSvMNTfYbnx3gCkY0pV18uadmchXihVT11Bt77O" + + "8KCKHycR39WYFIRO09wvGv6P42CRBFTdQbWFtkSwRiH8l6x39Z7pIkDFxokT" + + "Dp6Htkj3ywfQXNbFgRXZUXqgD1gZVFDFx920hcJnuu65CKz6pEL6X0XUwNPg" + + "vtraA2nj4wjVB/y+Cxc+1FgzeELB4CAmWO1OfRVLjYe7WEe/X5DPT6p8HBkB" + + "5mWuv+iQ3e37e1Lrsjt2frRYQWoOSP5Lv7c8tZiNfuIp07IYnJKBWZLTqNf9" + + "60uiY93ssE0gr3mfYOj+fSbbjy6NgAenT7NRZmFCjFwAfmapIV0hJoqnquaN" + + "jj5KKOP72hp+Zr9l8cEcvIhG/BbkY3kYbx3JJ9lnujBVr69PphHQTdw67CNB" + + "mDkH7y3bvZ+YaDY0vdKOJif9YwW2qoALXKgVBu1T2BONbCTIUTOzrKhWEvW8" + + "D6x03JsWrMMqOKeoyomf1iMt4dIOjp7yGl/lQ3iserzzLsAzR699W2+PWrAT" + + "5vLgklJPX/Fb3Tojbsc074lBq669WZe3xzlj85hFcBmoLPPyBE91BLhEwlGC" + + "+lWmwFOENLFGZE0mGoRN+KYxwqfA2N6H8TWoz6m0oPUW4uQvy9sGtYTSyQO9" + + "6ZwVNT3ndlFrP5p2atdEFVc5aO5FsK8/Fenwez06B2wv9cE9QTVpFrnJkKtF" + + "SaPCZkignj64XN7cHbk7Ys6nC3WIrTCcj1UOyp5ihuMS9eL9vosYADsmrR6M" + + "uqqeqHsf2+6U1sO1JBkDYtLzoaILTJoqg9/eH7cTA0T0mEfxVos9kAzk5nVN" + + "nVOKFrCGVIbOStpYlWP6wyykIKVkssfO6D42D5Im0zmgUwgNEkB+Vxvs8bEs" + + "l1wPuB2YPRDCEvwM3A5d5vTKhPtKMECIcDxpdwkD5RmLt+iaYN6oSFzyeeU0" + + "YvXBQzq8gfpqJu/lP8cFsjEJ0qCKdDHVTAAeWE6s5XpIzXt5cEWa5JK7Us+I" + + "VbSmri4z0sVwSpuopXmhLqLlNWLGXRDyTjZSGGJbguczXCq5XJ2E3E4WGYd6" + + "mUWhnP5H7gfW7ILOUN8HLbwOWon8A6xZlMQssL/1PaP3nL8ukvOqzbIBCZQY" + + "nrIYGowGKDU83zhO6IOgO8RIVQBJsdjXbN0FyV/sFCs5Sf5WyPlXw/dUAXIA" + + "cQiVKM3GiVeAg/q8f5nfrr8+OD4TGMVtUVYujfJocDEtdjxBuyFz3aUaKj0F" + + "r9DM3ozAxgWcEvl2CUqJLPHH+AWn5kM7bDyQ2sTIUf5M6hdeick09hwrmXRF" + + "NdIoUpn7rZORh0h2VX3XytLj2ERmvv/jPVC97VKU916n1QeMJLprjIsp7GsH" + + "KieC1RCKEfg4i9uHoIyHo/VgnKrnTOGX/ksj2ArMhviUJ0yjDDx5jo/k5wLn" + + "Rew2+bhiQdghRSriUMkubFh7TN901yl1kF2BBP5PHbpgfTP6R7qfl8ZEwzzO" + + "elHe7t7SvI7ff5LkwDvUXSEIrHPGajYvBNZsgro+4Sx5rmaE0QSXACG228OQ" + + "Qaju8qWqA2UaPhcHSPHO/u7ad/r8kHceu0dYnSFNe1p5v9Tjux0Yn6y1c+xf" + + "V1cu3plCwzW3Byw14PH9ATmi8KJpZQaJOqTxn+zD9TvOa93blK/9b5KDY1QM" + + "1s70+VOq0lEMI6Ch3QhFbXaslpgMUJLgvEa5fz3GhmD6+BRHkqjjwlLdwmyR" + + "qbr4v6o+vnJKucoUmzvDT8ZH9nH2WCtiiEtQaLNU2vsJ4kZvEy0CEajOrqUF" + + "d8qgEAHgh9it5oiyGBB2X/52notXWOi6OMKgWlxxKHPTJDvEVcQ4zZUverII" + + "4vYrveRXdiDodggfrafziDrA/0eEKWpcZj7fDBYjUBazwjrsn5VIWfwP2AUE" + + "wNn+xR81/so8Nl7EDBeoRXttyH7stbZYdRnkPK025CQug9RLzfhEAgjdgQYw" + + "uG+z0IuyctJW1Q1E8YSOpWEFcOK5okQkLFUfB63sO1M2LS0dDHzmdZriCfIE" + + "F+9aPMzojaHg3OQmZD7MiIjioV6w43bzVmtMRG22weZIYH/Sh3lDRZn13AS9" + + "YV6L7hbFtKKYrie79SldtYazYT8FTSNml/+Qv2TvYTjVwYwHpm7t479u+MLh" + + "LxMRVsVeJeSxjgufHmiLk7yYJajNyS2j9Kx/fmXmJbWZNcerrfLP+q+b594Y" + + "1TGWr8E6ZTh9I1gU2JR7WYl/hB2/eT6sgSYHTPyGSxTEvEHP242lmjkiHY94" + + "CfiTMDu281gIsnAskl05aeCBkj2M5S0BWCxy7bpVAVFf5nhf74EFIBOtHaJl" + + "/8psz1kGVF3TzgYHkZXpUjVX/mJX8FG0R8HN7g/xK73HSvqeamr4qVz3Kmm/" + + "kMtYRbZre7E1D10qh/ksNYnOkYBcG4P2JyjZ5q+8CQNungz2/b0Glg5LztNz" + + "hUgG27xDOUraJXjkkZl/GOh0eTqhfLHXC/TfyoEAQOPcA59MKqvroFC5Js0Q" + + "sTgqm2lWzaLNz+PEXpJHuSifHFXaYIkLUJs+8X5711+0M03y8iP4jZeEOrjI" + + "l9t3ZYbazwsI3hBIke2hGprw4m3ZmSvQ22g+N6+hnitnDALMsZThesjb6aJd" + + "XOwhjLkWRD4nQN594o6ZRrfv4bFEPTp4ev8l6diouKlXSFFnVqz7AZw3Pe53" + + "BvIsoh66zHBpZhauPV/s/uLb5x6Z8sU2OK6AoJ7b8R9V/AT7zvonBi/XQNw3" + + "nwkwGnTS9Mh7PFnGHLJWTKKlYXrSpNviR1vPxqHMO6b+Lki10d/YMY0vHQrY" + + "P6oSVkA6RIKsepHWo11+rV838+2NRrdedCe91foUmOs+eoWQnwmTy2CTZmQ5" + + "b7/TTcau9ewimZAqI+MtDWcmWoZfgibZmnIITGcduNOJDRn+aLt9dz+zr1qA" + + "HxlLXCOyBPdtfx6eo4Jon+fVte37i3HmxHk+8ZGMMSS9hJbLQEkA59b4E+7L" + + "GI3JZjvEkhizB4n/aFeG7KT7K3x072DMbHLZ7VgsXQ1VDDmcZmizFwgyNqKy" + + "hKCKxU+I2O10IMtiZUpEzV1Pw7hD5Kv/eFCsJFPXOJ2j3KP6qPtX5IYki1qH" + + "Juo5C5uGKtqNc6OzkXsvNUfBz5sJkEYl0WfitSSo4ARyshFUNh2hGxNxUVKM" + + "2opOcuHSxBgwUSmVprym50C305zdHulBXv3mLzGjvRstE9qfkQ8qVJYLQEkL" + + "1Yn7E92ex71YsC8JhNNMy0/YZwMkiFrqyaFd/LrblWpBbGumhe4reCJ4K3mk" + + "lFGEsICcMoe+zU1+QuLlz/bQ+UtvClHUe8hTyIjfY04Fwo2vbdSc1U/SHho5" + + "thQy+lOZ/HijzCmfWK3aTqYMdwCUTCsoxri2N8vyD/K2kbMLQWUfUlBQfDOK" + + "VrksBoSfcluNVaO56uEUw3enPhhJghfNlJnpr5gUcrAMES53DfkjNr0dCsfM" + + "JOY2ZfQEwwYey1c4W1MNNMoegSTg4aXzjVc0xDgKa7RGbtRmVNbOxIhUNAVi" + + "thQV3Qujoz1ehDt2GyLpjGjHSpQo3WlIU4OUqJaQfF6EH+3khFqUmp1LT7Iq" + + "zH3ydYsoCDjvdXSSEY3hLcZVijUJqoaNWBLb/LF8OG5qTjsM2gLgy2vgO/lM" + + "NsqkHnWTtDimoaRRjZBlYLhdzf6QlfLi7RPmmRriiAOM0nXmylF5xBPHQLoz" + + "LO9lXYIfNbVJVqQsV43z52MvEQCqPNpGqjB+Au/PZalYHbosiVOQLgTB9hTI" + + "sGutSXXeLnf5rftCFvWyL3n5DgURzDFLibrbyVGGKAk166bK1RyVP9XZJonr" + + "hPYELk4KawCysJJSmC0E8sSsuXpfd6PPDru6nCV1EdXKR7DybS7NVHCktiPR" + + "4B4y8O/AgfJX8sb6LuxmjaINtUKEJ1+O88Gb69uy6b/Kpu2ri/SUBaNNw4Sn" + + "/tuaD+jxroL7RlZmt9ME/saNKn9OmLuggd6IUKAL4Ifsx9i7+JKcYuP8Cjdf" + + "Rx6U6H4qkEwwYGXnZYqF3jxplyOfqA2Vpvp4rnf8mST6dRLKk49IhKGTzwZr" + + "4za/RZhyl6lyoRAFDrVs1b+tj6RYZk0QnK3dLiN1MFYojLyz5Uvi5KlSyFw9" + + "trsvXyfyWdyRmJqo1fT7OUe0ImJW2RN3v/qs1k+EXizgb7DW4Rc2goDsCGrZ" + + "ZdMwuAdpRnyg9WNtmWwp4XXeb66u3hJHr4RwMd5oyKFB1GsmzZF7aOhSIb2B" + + "t3coNXo/Y+WpEj9fD7/snq7I1lS2+3Jrnna1048O7N4b5S4b5TtEcCBILP1C" + + "SRvaHyZhBtJpoH6UyimKfabXi08ksrcHmbs1+HRvn+3pl0bHcdeBIQS/wjk1" + + "TVEDtaP+K9zkJxaExtoa45QvqowxtcKtMftNoznF45LvwriXEDV9jCXvKMcO" + + "nxG5aQ//fbnn4j4q1wsKXxn61wuLUW5Nrg9fIhX7nTNAAooETO7bMUeOWjig" + + "2S1nscmtwaV+Sumyz/XUhvWynwE0AXveLrA8Gxfx"); + + private static readonly byte[] derExpTest = Base64.Decode( + "MIIS6AYJKoZIhvcNAQcDoIIS2TCCEtUCAQAxggG1MIIBsQIBADCBmDCBkDEL" + + "MAkGA1UEBhMCVVMxETAPBgNVBAgTCE1pY2hpZ2FuMQ0wCwYDVQQHEwRUcm95" + + "MQwwCgYDVQQKEwNFRFMxGTAXBgNVBAsTEEVMSVQgRW5naW5lZXJpbmcxJDAi" + + "BgkqhkiG9w0BCQEWFUVsaXQuU2VydmljZXNAZWRzLmNvbTEQMA4GA1UEAxMH" + + "RURTRUxJVAIDD6FBMA0GCSqGSIb3DQEBAQUABIIBAGsRYK/jP1YujirddAMl" + + "ATysfLCwd0eZhENohVqLiMleH25Dnwf+tBaH4a9hyW+7VrWw/LC6ILPVbKpo" + + "oLBAOical40cw6C3zulajc4gM3AlE2KEeAWtI+bgPMXhumqiWDb4byX/APYk" + + "53Gk7WXF6Xs4hj3tmrHSJxCUOsTdHKUJYvOqjwKGARPQDjP0EUbVJezeAwBA" + + "RMlJ/qBVLBj2UW28n5oJZm3oaSaU93Uc6GPVIk43IWrmEUcWVPiMfUtUCwcX" + + "tRNtHuQ9os++rmdNBiuB5p+vtUeA45KWnTUtkwJXvrzE6Sf9AUH/p8uOvvZJ" + + "3yt9LhPxcZukGIVvcQnBxLswghEVBgkqhkiG9w0BBwEwFAYIKoZIhvcNAwcE" + + "CGObmTycubs2gIIQ8AKUC8ciGPxa3sFJ1EPeX/nRwYGNAarlpVnG+07NITL2" + + "pUzqZSgsYh5JiKd8TptQBZNdebzNmCvjrVv5s9PaescGcypL7FNVPEubh0w/" + + "8h9rTACqUpF5yRgfcgpAGeK29F1hyZ1WaIH43avUCaDnrZcOKB7wc1ats1aQ" + + "TSDLImyFn4KjSo5k0Ec/xSoWnfg391vebp8eOsyHZhFMffFtKQMaayZNHJ7Q" + + "BzG3r/ysUbkgI5x+0bX0QfZjEIs7yuV5Wt8DxMTueCm3RQ+HkR4lNdTBkM4V" + + "qozCqC1SjcAF5YHB0WFkGouEPGgTlmyvLqR2xerEXVZn9YwSnT48kOde3oGt" + + "EAYyg0yHbNbL0sp6LDM7upRmrgWwxf0BR6lP4wyWdv/XSLatEB7twSNiPBJ4" + + "PJ+QagK08yQJ84UB7YpMTudKsaUs7zW76eA7KkW3TndfDYGdhbmZ5wxNl+5x" + + "yPZc/jcQHW7vplMfWglUVxnzibNW12th0QXSB57Mzk8v1Rvc/HLGvAOJZG/S" + + "N12FZOxbUrMIHGi3kXsmfWznVyq92X4P9tuDDD7sxkSGsyUAm/UJIZ3KsXhV" + + "QeaRHVTVDxtJtnbYxBupy1FDBO6AhVrp16Blvnip9cPn/aLfxDoFHzmsZmEg" + + "IcOFqpT1fW+KN6i/JxLD3mn3gKzzdL1/8F36A2GxhCbefQFp0MfIovlnMLFv" + + "mrINwMP8a9VnP8gIV5oW5CxmmMUPHuGkXrfg+69iVACaC2sTq6KGebhtg9OC" + + "8vZhmu7+Eescst694pYa3b8Sbr5bTFXV68mMMjuRnhvF2NZgF+O0jzU+sFps" + + "o7s1rUloCBk1clJUJ/r+j9vbhVahCeJQw62JAqjZu4R1JYAzON3S7jWU5zJ7" + + "pWYPSAQkLYUz3FmRRS2Yv65mXDNHqR9vqkHTIphwA9CLMKC2rIONxSVB57q1" + + "Npa/TFkVdXnw+cmYjyFWiWeDP7Mw0Kwy7tO008UrBY0rKQU466RI5ezDqYPc" + + "Lm73dUH2EjUYmKUi8zCtXpzgfTYVa/DmkbVUL9ThHMVRq1OpT2nctE7kpXZk" + + "OsZjEZHZX4MCrSOlc10ZW7MJIRreWMs70n7JX7MISU+8fK6JKOuaQNG8XcQp" + + "5IrCTIH8vmN2rVt4UT8zgm640FtO3jWUxScvxCtUJJ49hGCwK+HwDDpO6fLw" + + "LFuybey+6hnAbtaDyqgsgDh2KN8GSkQT9wixqwQPWsMQ4h0xQixf4IMdFOjP" + + "ciwp3ul8KAp/q70i0xldWGqcDjUasx6WHKc++rFjVJjoVvijKgEhlod5wJIw" + + "BqQVMKRsXle07NS1MOB+CRTVW6mwBEhDDERL+ym2GT2Q4uSDzoolmLq2y5vL" + + "+RfDHuh3W0UeC3Q5D2bJclgMsVjgfQUN19iD+lPFp2xvLTaNWi5fYDn4uuJL" + + "lgVDXIMmM8I+Z2hlTXTM1Pldz2/UFe3QXTbYnjP6kfd7Bo2Webhhgs/YmSR2" + + "XPuA42tWNAAjlK77lETWodxi3UC7XELjZ9xoGPRbxjOklXXvev9v5Vo+vcmN" + + "0KrLXhLdkyHRSm81SRsWoadCTSyT8ibv66P00GOt+OlIUOt0YKSUkULQfPvC" + + "EgMpeTm1/9l8n9bJ6td5fpJFDqLDm+FpJX6T2sWevV/Tyt6aoDPuET5iHBHW" + + "PoHxKl8YPRHBf+nRWoh45QMGQWNSrJRDlO8oYOhdznh4wxLn3DXEfDr0Z7Kd" + + "gEg6xr1XCobBn6Gi7wWXp5FDTaRF41t7fH8VxPwwDa8Yfu3vsgB6q426kjAj" + + "Q77wx1QFIg8gOYopTOgqze1i4h1U8ehP9btznDD6OR8+hPsVKoXYGp8Ukkc7" + + "JBA0o8l9O2DSGh0StsD94UhdYzn+ri7ozkXFy2SHFT2/saC34NHLoIF0v/aw" + + "L9G506Dtz6xXOACZ4brCG+NNnPLIcGblXIrYTy4+sm0KSdsl6BGzYh9uc8tu" + + "tfCh+iDuhT0n+nfnvdCmPwonONFb53Is1+dz5sisILfjB7OPRW4ngyfjgfHm" + + "oxxHDC/N01uoJIdmQRIisLi2nLhG+si8+Puz0SyPaB820VuV2mp77Y2osTAB" + + "0hTDv/sU0DQjqcuepYPUMvMs3SlkEmaEzNSiu7xOOBQYB8FoK4PeOXDIW6n2" + + "0hv6iS17hcZ+8GdhwC4x2Swkxt99ikRM0AxWrh1lCk5BagVN5xG79c/ZQ1M7" + + "a0k3WTzYF1Y4d6QPNOYeOBP9+G7/a2o3hGXDRRXnFpO7gQtlXy9A15RfvsWH" + + "O+UuFsOTtuiiZk1qRgWW5nkSCPCl2rP1Z7bwr3VD7o6VYhNCSdjuFfxwgNbW" + + "x8t35dBn6xLkc6QcBs2SZaRxvPTSAfjON++Ke0iK5w3mec0Br4QSNB1B0Aza" + + "w3t3AleqPyJC6IP1OQl5bi+PA+h3YZthwQmcwgXgW9bWxNDqUjUPZfsnNNDX" + + "MU9ANDLjITxvwr3F3ZSfJyeeDdbhr3EJUTtnzzWC6157EL9dt0jdPO35V0w4" + + "iUyZIW1FcYlCJp6t6Sy9n3TmxeLbq2xML4hncJBClaDMOp2QfabJ0XEYrD8F" + + "jq+aDM0NEUHng+Gt9WNqnjc8GzNlhxTNm3eQ6gyM/9Ip154GhH6c9hsmkMy5" + + "DlMjGFpFnsSTNFka2+DOzumWUiXLGbe4M3RePl1N4MLwXrkR2llguQynyoqF" + + "Ptat2Ky5yW2q9+IQHY49NJTlsCpunE5HFkAK9rY/4lM4/Q7hVunP6U4a0Kbu" + + "beFuOQMKQlBZvcplnYBefXD79uarY/q7ui6nFHlqND5mlXMknMrsQk3papfp" + + "OpMS4T07rCTLek0ODtb5KsHdIF76NZXevko4+d/xbv7HLCUYd8xuOuqf+y4I" + + "VJiT1FmYtZd9w+ubfHrOfHxY+SBtN6fs02WAccZqBXUYzZEijRbN2YUv1OnG" + + "rfYe4EcfOu/Sa+wLbB7msYpLfvUfEO3iseKf4LXZkgtF5P610PBZR8edeSgr" + + "YZW+J0K78PRAl5nEi1mvzBxi9DyNf6iQ9mWLyyCmr9p9HGE+aCMKVCn9jfZH" + + "WeBDAJNYDcUh5NEckqJtbEc2S1FJM7yZBWLQUt3NCQvj+nvQT45osZ3BJvFg" + + "IcGJ0CysoblVz4fCLybrYxby9HP89WMLHqdqsIeVX8IJ3x84SqLPuzrqf9FT" + + "ZVYLo0F2oBjAzjT7obt9+NJc/psOMCg+OGQkAfwj3VNvaqkkQsVxSiozgxrC" + + "7KaTXuAL6eKKspman96kz4QVk9P0usUPii+LFnW4XYc0RNfgJVO6BgJT7pLX" + + "NWwv/izMIMNAqSiWfzHHRVkhq4f1TMSF91auXOSICpJb3QQ4XFh52Mgl8+zs" + + "fobsb0geyb49WqFrZhUu+X+8LfQztppGmiUpFL+8EW0aPHbfaf4y9J1/Wthy" + + "c28Yqu62j/ljXq4Qa21uaEkoxzH1wPKCoKM9TXJtZJ39Yl9cf119Qy4M6QsB" + + "6oMXExlMjqIMCCWaLXLRiqbc2Y7rZHgEr08msibdoYHbSkEl8U+Kii2p6Vdx" + + "zyiEIz4CadrFbrAzxmrR/+3u8JuBdq0K3KNR0WWx73BU+G0rgBX56GnP7Ixy" + + "fuvkRb4YfJUF4PkDa50BGVhybPrIhoFteT6bSh6LQtBm9c4Kop8Svx3ZbqOT" + + "kgQDa0n+O0iR7x3fvNZ0Wz4YJrKGnVOPCqJSlSsnX6v2JScmaNdrSwkMTnUf" + + "F9450Hasd88+skC4jVAv3WAB03Gz1MtiGDhdUKFnHnU9HeHUnh38peCFEfnK" + + "WihakVQNfc72YoFVZHeJI5fJAW8P7xGTZ95ysyirtirxt2zkRVJa5p7semOw" + + "bL/lBC1bp4J6xHF/NHY8NQjvuhqkDyNlh3dRpIBVBu6Z04hRhLFW6IBxcCCv" + + "pjfoxJoox9yxKQKpr3J6MiZKBlndZRbSogO/wYwFeh7HhUzMNM1xIy3jWVVC" + + "CrzWp+Q1uxnL74SwrMP/EcZh+jZO4CYWk6guUMhTo1kbW03BZfyAqbPM+X+e" + + "ZqMZljydH8AWgl0MZd2IAfajDxI03/6XZSgzq24n+J7wKMYWS3WzB98OIwr+" + + "oKoQ7aKwaaT/KtR8ggUVYsCLs4ScFY24MnjUvMm+gQcVyeX74UlqR30Aipnf" + + "qzDRVcAUMMNcs0fuqePcrZ/yxPo+P135YClPDo9J8bwNpioUY8g+BQxjEQTj" + + "py3i2rAoX+Z5fcGjnZQVPMog0niIvLPRJ1Xl7yzPW0SevhlnMo6uDYDjWgQ2" + + "TLeTehRCiSd3z7ZunYR3kvJIw1Kzo4YjdO3l3WNf3RQvxPmJcSKzeqKVxWxU" + + "QBMIC/dIzmRDcY787qjAlKDZOdDp7qBKIqnfodWolxBA0KhvE61eYabZqUCT" + + "G2HJaQE1SvOdL9KM4ORFlxE3/dqv8ttBJ6N1qKk423CJjajZHYTwf1dCfj8T" + + "VAE/A3INTc6vg02tfkig+7ebmbeXJRH93KveEo2Wi1xQDsWNA+3DVzsMyTqV" + + "+AgfSjjwKouXAznhpgNc5QjmD2I6RyTf+hngftve18ZmVhtlW5+K6qi62M7o" + + "aM83KweH1QgCS12/p2tMEAfz//pPbod2NrFDxnmozhp2ZnD04wC+6HGz6bX/" + + "h8x2PDaXrpuqnZREFEYzUDKQqxdglXj5oE/chBR8+eBfYSS4JW3TBkW6RfwM" + + "KOBBOOv8pe3Sfq/bg7OLq5bn0jKwulqP50bysZJNlQUG/KqJagKRx60fnTqB" + + "7gZRebvtqgn3JQU3fRCm8ikmGz9XHruoPlrUQJitWIt4AWFxjyl3oj+suLJn" + + "7sK62KwsqAztLV7ztoC9dxldJF34ykok1XQ2cMT+uSrD6ghYZrmrG5QDkiKW" + + "tOQCUvVh/CorZNlON2rt67UvueMoW+ua25K4pLKDW316c2hGZRf/jmCpRSdb" + + "Xr3RDaRFIK6JpmEiFMMOEnk9yf4rChnS6MHrun7vPkf82w6Q0VxoR8NRdFyW" + + "3mETtm2mmG5zPFMMD8uM0BYJ/mlJ2zUcD4P3hWZ8NRiU5y1kazvrC6v7NijV" + + "o459AKOasZUj1rDMlXDLPloTHT2ViURHh/8GKqFHi2PDhIjPYUlLR5IrPRAl" + + "3m6DLZ7/tvZ1hHEu9lUMMcjrt7EJ3ujS/RRkuxhrM9BFlwzpa2VK8eckuCHm" + + "j89UH5Nn7TvH964K67hp3TeV5DKV6WTJmtIoZKCxSi6FFzMlky73gHZM4Vur" + + "eccwycFHu+8o+tQqbIAVXaJvdDstHpluUCMtb2SzVmI0bxABXp5XrkOOCg8g" + + "EDZz1I7rKLFcyERSifhsnXaC5E99BY0DJ/7v668ZR3bE5cU7Pmo/YmJctK3n" + + "m8cThrYDXJNbUi0c5vrAs36ZQECn7BY/bdDDk2NPgi36UfePI8XsbezcyrUR" + + "ZZwT+uQ5LOB931NjD5GOMEb96cjmECONcRjB0uD7DoTiVeS3QoWmf7Yz4g0p" + + "v9894YWQgOl+CvmTERO4dxd7X5wJsM3Y0acGPwneDF+HtQrIpJlslm2DivEv" + + "sikc6DtAQrnVRSNDr67HPPeIpgzThbxH3bm5UjvnP/zcGV1W8Nzk/OBQWi0l" + + "fQM9DccS6P/DW3XPSD1+fDtUK5dfH8DFf8wwgnxeVwi/1hCBq9+33XPwiVpz" + + "489DnjGhHqq7BdHjTIqAZvNm8UPQfXRpeexbkFZx1mJvS7so54Cs58/hHgQN" + + "GHJh4AUCLEt0v7Hc3CMy38ovLr3Q8eZsyNGKO5GvGNa7EffGjzOKxgqtMwT2" + + "yv8TOTFCWnZEUTtVA9+2CpwfmuEjD2UQ4vxoM+o="); + + private static readonly byte[] longTagged = Hex.Decode("9f1f023330"); + + [Test] + public void TestClassCast() + { + ParseEnveloped(classCastTest); + } + + [Test] + public void TestDerExp() + { + ParseEnveloped(derExpTest); + } + + [Test] + public void TestLongTag() + { + Asn1StreamParser aIn = new Asn1StreamParser(longTagged); + Asn1TaggedObjectParser tagged = (Asn1TaggedObjectParser)aIn.ReadObject(); + + Assert.AreEqual(31, tagged.TagNo); + } + + private void ParseEnveloped( + byte[] data) + { + Asn1StreamParser aIn = new Asn1StreamParser(data); + + ContentInfoParser cP = new ContentInfoParser((Asn1SequenceParser)aIn.ReadObject()); + + EnvelopedDataParser eP = new EnvelopedDataParser((Asn1SequenceParser)cP.GetContent(Asn1Tags.Sequence)); + + eP.GetRecipientInfos().ToAsn1Object(); // Must drain the parser! + + EncryptedContentInfoParser ecP = eP.GetEncryptedContentInfo(); + + Asn1OctetStringParser content = (Asn1OctetStringParser)ecP.GetEncryptedContent(Asn1Tags.OctetString); + + Streams.Drain(content.GetOctetStream()); + } + } +} diff --git a/BouncyCastle/crypto/test/src/asn1/test/ParsingTest.cs b/BouncyCastle/crypto/test/src/asn1/test/ParsingTest.cs new file mode 100644 index 0000000..bb219e2 --- /dev/null +++ b/BouncyCastle/crypto/test/src/asn1/test/ParsingTest.cs @@ -0,0 +1,104 @@ +using System; +using System.IO; + +using Org.BouncyCastle.Utilities.Encoders; +using Org.BouncyCastle.Utilities.Test; + +namespace Org.BouncyCastle.Asn1.Tests +{ + public class ParsingTest + : SimpleTest + { + private static readonly string[] streams = { + "oRNphCO0F+jcMQKC1uMO8qFBPikDDYmtfVGeB45xvbfj1qu696YGjdW2igRnePYM/KkQtADG7gMHIhqBRcl7dBtkejNeolOklPNA3NgsACTiVN9JFUsYq0a5842+TU+U2/6Kt/D0kvz0WmwWFRPHWEWVM9PYOWabGsh28Iucc6s7eEqmr8NEzWUx/jM3dmjpFYVpSpxt2KbbT+yUO0EqFQyy8hQ7JvKRgv1AoWQfPjMsfjkKgxnA8DjenmwXaZnDaKEvQIKQl46L1Yyu3boN082SQliSJMJVgNuNNLFIt5QSUdG1ant5O6f9Yr0niAkAoqGzmqz+LZE1S7RrGHWiQ3DowE9NzviBuaAoI4WdCn1ClMwb9fdEmBMU4C7DJSgs3qaJzPUuaAT9vU3GhZqZ0wcTV5DHxSRzGLqg9JEJRi4qyeuG3Qkg3YBtathl+FiLJ7mVoO3dFIccRuuqp2MpMhfuP1DxHLNLNiUZEhLMQ0CLTGabUISBuyQudVFlKBZIpcLD0k7fKpMPuywrYiDrTinMc2ZP3fOGevoR5fnZ6kZAE5oMTtMNokzBuctGqVapblXNrVMLYbriT538oYz5", + "KEKVhHxtyUR9D3v5K4IJbVQLAMiVKoK9z7wFWUjzvLFNLg9C/r8zKfBa3YgZrt0Nq64+MxBePMbiNLCnfditc2qUcQZUHnvNnhwT6uGK37JmXg7MvQiKwvi31EIYt6ghqBZVs1iaqc0ep7wuQ16uwSQMlaDdXc9Qf1L0dGO/6eLyREz+p4UR4NOXK+GooQLfMxYL40zJlYcwNyR0rigvIr84WP2IMS2hZjqXtyS6HMM4yUv70hkIorjr7+JC4GtU1MyWuPuNSAGen0AZTaEEXd5sMbqXMqWg3jeM4mzRH1Kb3WdAChO5vMJZPBj9jZZKgXzmxkUh5GlIhUdYgztoNceBzQ3PIc7slCDUw9I2PjB87xsfy7jA5tFtFADs2EUyxUTMCuhilP664jSHgwbrr80k9Xc4sU+MCwCq2nQmcZYcPgKb4M31VJMlKwnZF3JUU2Jtqgg4gbErw58YoBwSkEcMJ2Juhiyx9U36MzxHs9OcTURfpsilMy+mDL8arCDx1knM1KkAHCLjWuJI+p1PvuIypgCwVc+MtGfd7wW8iR1JPJLBiuoZyNJ+xx9htd/HVB+rLtB57H8Gz8W+R00f", + "Ol9I/rXMwbLpxTY97v70B+HCl2+cojz2574x/cC56A7KGVF13La8RdzOOvSkl338ct9T/blEFa6QwNz3GmF+MoPdH9lncwz+tqixIqGU02Bp5swH0qjbp/Yjaeq91eR6B+9fl+KKrpglBr8S1BrI4Ey5v3AxxJdCWP8Gd+6Sp15/HMYanwlHBpCsW4+Kq8sGJoJXUXpQ/GBUJKs+WjX1zE6PsvF7/B8cByuqE3NJt7x4Oa+qZtF8qNc0CFDNj31Yhdt7JkAoD30IAd+ue9OhImQMCWwFwySRIRJXU3865K2dBR+VhLuI2aKzLh7MlgVKJk6b2P/ZIkc86ksR1sOUiHrs9EdoYuIssAgMc8QGzn4VN8lxopdzQYVG6pbXGS/VQlHkGdyLd+OHt4srz/NTUWiOquVTRxa6GgtlBFfIXikPTb+iT2pZKyKUlBvpgo0BY9vVUadsteHAI5qrFZBrL5ecK/Qtl9hf/M8qEjyjt2aCXe9B96Hg2QR5A53qW2PJW5VzS0AeB3g+zJSPCTpygrBs20q5Xrna0ux2l17r6HT9Q/AXIOkwPZUXXn0d02igS4D6Hxrg3Fhdp+OTXL8G", + "o3eXWpwAGmUkxHEKm/pGkDb1ZQQctCQ06lltZjeMXDp9AkowmA0KXjPQCQwyWE/nqEvk2g/58AxNU0TWSujo5uU0h4/hdMZ7Mrj33NSskWvDpKe7lE5tUjPi74Rmc5RRS+1T/EQobpNxoic3+tTO7NBbZfJtcUYeZ3jqxL+3YQL3PrGe/Zpno9TnQW8mWbbhKhDRtKY4p3Pgk9hPSpJCM9xYo3EMAOAIiH2P6RKH6uX/gSaUY2b6DE/TT0V6v/jdSmYM4+cnYiTyJCi5txI35jfCqIlVCXJd7klirvUMg9SXBhGR25AgQ5Z8yjd7lbB8FvD8JQAXZrp6xiHxbLIW7G11fWEo7RGLFtALI6H38Ud0vKjsEN7N5AibJcxS2A/CWk9R00sTHRBHFUP8o5mz8nE7FeCiwJPs/+tCt04nGb9wxBFMsmWcPEDfIzphCaO6U/D/tQHlA846gbKoikv/6LI0ussSR/i85XBclNcvzTctxylSbCR02lZ+go6fe5rmMouiel/0Tndz8t1YpQGilVeOQ3mqAFyAJk3dgfTNKZuOhNzVIZ5GWScKQ5ZtNcWrg6siR+6YwKvLiRb/TJZk", + "PwRUnW4yU8PI7ggbI1BIO9fcTup8optkqCirodyHCiqsPOMZ4g28bJ2+kpfQRujWGlKFYQzA1ZT32s9hdci+fvXPX0KAjcUgcxsGzMABFbEm04BwDF2WLgg9s4/x71r5JrgME1S08I3mCo4N0eFHWDeLJL1b5YNNo6tfO5V2WpIE867N9zdAgvp1gijVjUNWqEB3A/NLb3reLMu2hYgqRFTCVBfcFclD46k0XEfUJqwWdQhOz92WNl/3g53bjKX1hDZgjLIzK6m+SU6+J/h4NidrS7E0gOBevZW8gRYdKMVqNWxzUfxv6kgG+kIeF9JqMcO6jdh/Zu/0tpZoHFeCweZ1jT1eEtltFu1FcTTPc1UT0pT+ZNVgefrBONoGnvn8+dBjPese6F2TmRCExJq9taKlIh/kHdkbpaa7vwrBpYRgVGfARPyM9SSCaE7pVBDuwkFeYiGU4tamm5Gq10ojRQgetJ3UOg/PGTJcxo97GBiG5zAST9NdHdgK3eI4FAbWpGwmWxNpPWOst0a7zuGKAzYU+1IQh8XA3IgJ2vy3+w0JihU6G+12LUzsL2aQtpG7d1PqLhwOqHq3Qqv3SDsB", + "ZIAKizvGzbvqvqOlxOeVgHGHV9TfKNjjqyzbCj8tggv2yp7kkq1D3yRlC349tuul3zN9g4u83Ctio9Gg3HiLzMULxoOImF/hKRDhJpPLbLm0jSq1fyF+N7/YvyLeFhGoPhYEBUihDcxo1NIcWy66aBt3EuOlTyDQWrDe0Za3mrTrrl10uLHVKcQMgeD+UMgjQqmHzQJR8wdNjHPKHWVvZEdiwI031nV2giHJHXv08Jvf4vmw4dAlH2drCl6cBgg33jy7ohK8IiXz6eCw6iY9Ri8YaMzxOhgE2BOHzEz5ZC2hilL4xO/ambTER4bhb4+9VTUIehHP18FcXm8TKPQRMqyKP2fMlzWW3/uelYfPP5SHlyLAULa1KjDCkLIDunEKZDpv2ljGB6JPrTlNwFsvlZcihfOAwjbr2jW3MwP704OA8xzd/dynBU47unIZEu0LAvQ3TUz3PLga0GGO1LZGtg0Foo9zFG2wuVCdgYHmozOQ+8I3gRguW1CjGy7ZCTBuN1GZ510ERhae+bRQtldHsLeiHTghnkU1xEX1+W0iEf3csDYrgpuq3NaBYRGirovDiPBYFHmru0AMclhFnpcX", + "uG0wQ55kMlfZtJFAqTl0bnYW/oy9NFOi0e4FqAYwsvMxGO4JtGzXgkVwEUAC0AUDItRUjxBl+TkoPTYaprgn0M/NQvKPpXJ+yzI7Ssi+F2alLR0T6eF/4rQ32AVjnANJaghXZm0ZKduckbhSxk5lilJVJRuzXKchZRtlPluvlj448bq+iThktsEQoNP8NMpi7n/EVxovp+dow4Q6t7msSRP4cGXtyYoWKbf/7e5XzBKOZZ1/f3s86uJke4dcKIaljpJfBrtuFxZC6NYXzX6PkoDoBgqQ8RBrxsX54S9cBDAPxxmkq8zviAOW3oqPMULGGmQzHBiRwE8oeDFoMnzF5aR/lkbNuTLOxhbIkosgLWlDNVEFYx9bVhdLzO7VwaAK829dimlPOo5loKB7Pd2G7ekRKXwu7wNvJBq8KRkhtLKbKoS8D6TaRWUMb9VBJ1CMy4mrw+YwTmAKURQ6Dko9J/RgzRg5Y/sUlwdMYS9HOnvKiTVu5I/ha35wwkhIPVm+FCn05tstntZaXXXu4xExHeugAKNBhkcc/SQt+GFdxXDd+R4C2LfKxGDSyZKVTFYojHTdZUo8Gx6SZLY6b2SZ", + "sH0kIwIq1THAfTLfqUKJfG1YauCQKPc9/mk3l39yK6zgxSpCH2IjZIwhhJtGm3F+8PTneT725OuyR617nxqrgqMGkkZkyY4DA5CjsikpBo5mo8TspX1g+vtXXtxymJMTMo8JwX3nSH4gSb3vPia+gwOW2TcJmxVdp3ITPA4gJpMfqoMBqRM+eDWO6QXW5ijVL4+wnp40u5bU4fQLVzpg25+QGLqBHD6PZTQaN6F9Vy5XpsAGDlncCklVuX3Lkp3Xb9cTiNa/4ii04uwZqx0juszjwFAMPPb6u56crvN1x4FXfXzabWECHbdQLlKazowvU9bEnqG2i4H44Ae+v8Iw8HK5mbZ6ercLTD9oPgs7Ogal037l2WwLApUz/fmD5fV8SxHh+vKDpfOzv6xcQxynS82jAJw9AdUwE/4ndGzzHPIu2M81gbAgZQ02EurMMU62hYgiXeridrtyh+H5R+CiwQdEyX7/op6WVihsYj2O3O/1hgjhGQRFD6sGwnko50jgWRxaMMfJGNlyGoT8WT5k931jU7547u7Ovr7XP/t8r3G7ceCiCcYjQgdwXdvIStzPvvV7Yy02isZjiJF8TLJQ", + "tycxf1mOz1yLE6cT/ZlCxMeTxlEEHFeIdw0+nF/40Tsw4vLco+4kR2A6cVml611CSpN6l/RMKk2LnAkprrbJ/Uam902WBnQ+I6Vsl6GkFFq7362bdixojqMFVKYytXLCT8I78f6s8M6a3jSALQloD6Ftvn+cc+cctO3weaaaPgAlrz+f2MFs8bqpnLQYbbY/JS9IAYJFH+yVtLz7eKcedEp9JMlJ3/43szU2fDN9ZMxBoQnxEmF3WZv6GF0WRc8VhTblXRgk4mlz6Fu3IXvwW/rbn+VCYYIk/XaVLrxFAnnw6mBozAF7vmV0OrIYBlSDU8rMb+F7AvE7pwErO9TJtCE8IUvQf8TsJYRoYv21/X57pzcBedtqVeU3DnTlmESHxG6H1uJbadSFLWSxKS4svfp8T9FWqX5815yD/UplAKEIeorLTAlPIC2ASKDU6SQW260biNAfY8FYQCWa8btaTwFuY8NMwSHzyqgU0aoPKnagi/4hOIWNO5rZ8Xcnzx+ELtEl33hQnzc4OUlT5eeVYQWkz2IWVQ6Re4JWF3L4OXzNZWgefKGMzZU6IHoBeCgfi+popLRJpaOx0dcvwGjk", + "oDsoFvUA+sGOoMyZY6w1UhY3NBkeoozzjEkDSRN1golyXJ1dC5CtYNEjvAJYKj+sqNwg9mBlYyybYpnI3GSP125zMeBHPCoy5CoNOkJW4OH/oLyjVeQbFNic/b2Jcz6lTguYhep8hq9EM2XuFV8T1rm5+4ucI7fH1UiOqRZyuHBAJ0Cna5kv6D3efsa9rd+swybiMIUjmPWpyxzNOOihCYuf4JqRh/D5eZKm6x0Zj2uRhTAYYxI7Q3czd0R9490ufG8VbF8ASBMireMONNNAA/OZCpxJh6xnIANBqV6YDeysws3NBWY2QuNumvg5Kr3/g+VMzJHi4wGuJjraKWi9+ylMfelHF5h/h+pAQVxCotq8JU3OTnMUW4rQp2a8BR5S+mZqPSPlb87tDG9r0+yqb1uO4UIo71C7Xxwoq4M0tXjk6mSmtP/sm+Lh14qfUzKRhTHVdz91TK104mbTJNXbK+jGPD/2BJO9fiaXY8IYanpfDLBfJo06VYbm6HehRZTwnDHnN50j7ki4aMS3COZvffjRInXD8dS5h9zmtKNpoqg//lPg4gpS+4Th2sJ3SGtBV0Ne89r7AfZMAVa26PMK", + "MIDLuZTrtZnEBOB6l14iSEyokAg5Wf5JviumhfPeL7WSFTHfOodU2hrvhyvM6oAlRHY1blTj7mw+Tcf9Tmc+/FHT6PGu0NT5UAqaqChX0gS9jizgAE2Yfhd4X/DoeQySMAixKuhu8TbvDxb54jeW9+7LVkmlntJ/0SkMgsT+WQ31OfpwDmEGDczYc+Ol14aJS+EW+rnGv9d38bo/cy+EnpNh8iV2rGGoC8fDzFHKU4gqGFSZF/tnD2OfCne0Vjr/GD6kyp2MVcHig19DBg2toGRkHnuY5kLkwOanztXA80IaAmv8e6s62U8CE8ozUZeDBcvBigEkSGx79Vsyiks8+9Kq9xLHLeS5kRT6zSl8whe8U1fIfrgic34KPlozcQVahwCru1XWyQ+9uevih8x4zMftkJ3JBZhPrnlgtx9McntH/Ss9fdUEkNwWpDnq8Xby8/5gMMMwQ13XDB73vqqteDiltMq8i7LRez4iIHfSBBfIkZIzMZAblQXaSm029iBcAAUes7wcGHUl7KOpRy18jNtI3+h7e1Ri6sT2vJYQaove0nzZ5xAjpBKnbJX+lpGVlI00fC2YSTfyNqFA0jkL", + "MG4QbKLbQR3enPn6Z/kEUtHrzWBIqYKR7Gvs5QHLPF6417p1O58suZq38Bb8dO5udtgOqNEVAPGmOuidYygWWfWOP5ReggTUk5XlrkvRxCU0MHWbkSKkJ+T4nLjozreqTJ0io41sFVrpxuOugAvXJ6QtMmixSABUaNgU9SkkWf9pOEiJI8dfND51HxJCbXHwsMCMBp5FbaMZmlWPwirRdAox4wbLk9ZLmoWUcorUjdaWhKvT/LnjMgPmwnwwKpN/4MOnRDdAPdzXX3aWHdkzpfsQnqt3UJsTsSaJlzeUja5C5L4CXGyt99qmfcwB8OB9TL4EYTIl3maD/gUWBfckOsji8x2E2c2iuKKrcmMmcChYr4wCjtTjEeVKOAZ2m9mU2MKc2z2hDw3AuZxsY6aOtdAjnrwl5QXGRg9I5LVl5SI5RwnLwk90pJzDGuSSCtSmzh9DUZ4WpfN+1393aTGRqCMOsB4KxbXjspUbVMFJbnXXlsSNWaoFTpHjK6b6Ghi2/re7KJpoKElM3nGs3qvxdvGTKu7LKr/sgKDL6uQLRKoyk8AHSIGX9c8ZUTk7Sq9jV9p4QfV1WFVpaBxSsEmw", + "MR0BACgWKis9/AKwG9/ARgGWJn1aM3nU8YXzWG+b7aeRUkVCjl4WxeL38E3FAMLW4UcyLzxeb+CskOqhPPTglmxhK7jQcrNILsWcZvdZfApYIvk5uKqA5FKuUuL48uvD0aKGRENe/VEUFlkQru5YX4Xnp+ZThrJJlgn7ANat/qAdP6ULEcLaOQlLYcGRh5ttsJTRT4+cZQggTJjWt+9idUQ66HfC6zQ1qHcMuochy7GHiUmNXAs0AgwOF9Jwet/Qh74KGMtmppJ9gkEqiYECFQA2gVgKc1AufHJS6S6Re72FfH/UkL41L2hvlwktkD5/hZrUZ1R+RG12Eip2zKgus4g/aGl0V8B/JvkcnFUsZJ6uxs24arOBDJOuzzxky5F5B/hwVGPEdcfHunqndUcx26/KCK72hOljlqTXl8yEbXlcMqVFNByZLr7TnGzGGUlO7kuHPW/ItZUJvrHokpsLLrb3ZhEZ8pTQd75gFcf0Ve8CYzEtk2ISHtNJQV6Iz4AZHWssU6F6YWM/OlJz5JGTtPHfGMJXgl4oxbBjeenS3JQ0X7vWXYMwPe3U1dat6m5hrRC1KzI6e6w+gPDtF8GQ", + "DH2WX6XoIseX6lHIey3seUr3DAz82fyk0jL7xc5IDTrDfqS64QBhHDpqHETF/81MrPXsM3IANBfjDOl9g/gua8wWPpPNxuWZMNh0GLcAr6PJ939TCbjE3soZHF2wiA82nZEO8jIZosDVRWFUfJS6Y3nrJz63SExqB6OUdBfvSfz1Y1M/90ofBxkfeuS85deMdn+1rZdsnZJYwz2Z6lCDvYjUTfrSwfVFJBP8Y2BXr8WClUYkfGG4eNG7IPNBRuMmhrhHj5y9z+5Jor+EbbTi5F5Jvdu2/bDM7s32XsaMNLYuVtNYONrbQ+3QZ746/yKZM4hDREvxyGLgDx3Apz7pyvwKm0//iTCY3yJLxZifGLh2uc28cFBln7IH1x8oui4Xq9vF+Z2EH4Ow48Ln5pzggBKMGy4dsfW6266TNYd/Z3SZUi28sxondqhGCSGUo7ZVPAOoYDcYKvjdI/cJ688PHliyZSYBYVmR5HBxZ57sqWwgZQ7zVvwv4CHHysvb92sPrXijHxBIkwpNuK56UMyQCcywlTRLDCMAMNAEGi4fWbDQIoPfn+NixMhEieg3Zh7GXPwHxW8morlgBW5aF76P", + "AwClK6Tq9R2DYGf8RAHu9dEttLeOfUVmS4WPwX0NehsnyM7y7n2sgGnXsiva3yFqK1hKZICkVukvHF7/bpgEEm/jRwcAhQUoG+c1qVde38eHJXj58YOBGTveruc+021or9/tHBtenmYPO6+arLQtONi43NKm7+I6ugkgQlp6iBr4haa0XMDTzMX9c8Qm/O+MrVo3qESYKkVtoSSK7SGZTBaRWNF/dOM0NQxeMP+XTVOuroqE23ZNsubBTEZnd4vUilFb/iKnhyT9XnIo7gM/Yz7HLVU5yc3yIj2sFUE+DcwpvcNO5EnPhj3bHsJvf3N4r72+5my2KjoR3KAJE1Imabd54o4xZ/9UaR93qLkVuXMkLRCCU/zlZDtfbJDsRR0C5rSYd2k6IPlNcl7PgmUpsNPUyoDYqvhuRUZxgoUAfKbogzJX8FU/QpllsKVtt68ucBi0bqC5pVKu23j79nDvYQsSlYY3JwJQaM5M558J5qpP1yEF2p4kSRphnB9UR29wWgch5eWZ4a02LlHVM5Msl6W5PdmHt+eFARBRv6edIyYDFzxm4WZroH5F/GxBhM0KObgawkxa5VWsYm0VhhXb", + "KACwq8rZuOLHuNnZJA07WzI7kppCwptbcYU2B7t86QcZrnadCtxoM5QNcl9rsbMA26iWCPV3VlDAmLSWcxtMoSKWuo4edJpk8K915xkFU5U6I/901vx5hqAECQDy/Q+QDWmWTXDoVHqFV9wvIj3wCJPpJL/Ewpl0NZd+68jjOjUhjIdNebLrWNK2nhTPiIjFjkcVqEgashpOmnbHT+2MV/CHoixmUEiuRI1B0dvSf7FHGRgbXGBubisuu60g8XTens5zyRo4Qn/LTxIu2aj4LTtyLonV3sXr+y35A1zq5mCrE1f1nOINVzwYYY76iJGIaBkZuMU3366FPIbYkmXwla6RQU1FA0Y7n05qczw7Ie5TveRTByKFtUqW8OAb9vH+H2ezJ4CXE3AGbu/nTj64KClO/zL499GA+97g+X6tTN6xOJdNknlqw6ZnFNtCL8+A3hL4OyOgWD0IGC+xFvcKjDUaaJenCtQvprCJaFrvoOS+yYmixnFqglnPYL/64/Lca8NmDVpPzlHI8HNwUDzKiXTw3q7GnQZWmUYzu1vLIEi6/hyqrULRN1vLdd/8HCMNQFj4ot61UftHtOG8MCKa", + "rUABPQ3SEWE5rY16pM+o+7EObLNM1jEa5YCMQM/aen0PWajWNax3Pyo6TZL8aGDXZF0yWqDM3b2m6UHOr6yqsUSrD+0jXPT48QN1VdBmh+AFRK+UcaYO383a0nvtv0c9uHt4yfceXLPGWrNjW+uTnS/lKpCdpE4GfLF1SFHIUcMxT+3At7hwDHNkLXllEXqbgDP8LyQSlYwT5jQUDCOzwc8CSxAryUOj6fN+iLKAiw4haPV/WZDG+JOmDMG2azo8SoBMi3y6Z2Le2fz2dMuvn5DUvCUvazrUmWYx4NEdSzc9GfBc6cXkduMqCs+lT2Ik2GHO0WjhrEB6j5NULOaCtbrislM85P6QutN4Pj9l18pcD6vZCcDTOwMj/BznclH342jeMn7rBgpW1YSzbNGP6KC4NeNW1H2xqNtuyhcJvasx4dwhzO18A36H6HtkiQyJNnfnVHh1oviO6mi3atmnh9B/55ugXM1Wf/6Kv8kJyaKtK8cWo+jCAR0/P/EsPtzToJM9Yk2+qxaPFd3k7T2KXvCQ9D1jLeECxL59L+WDvdBtxOEBD7W0a/Mn/9LuQPOiwARKJSTU+blJ6ezTeo83", + "poA1hF4zRh7HF0xVglYoLFqkUR7Pru/qYFnfMKBPuEOOGdgO3MMcAvIZ+w+Ug4THr/6+Vux0TN3wdOB+beObOboLgNE2zaD65lyMFbaulzrEnWjUgIg63CdpQJ2ESaimHGg/GmsipUCndRJ37TbUtn8W112SehsAgrsjiBcuJhw61i4bVfAZEcycq4Y/FlEDxtzoH8WzDoESNbl+r5agLcHGr37BFi81IXS8TLihC1T8b7d6tLb6lpXT+9IR4xAyZTw1IFMDZZEzVmHgYE/Et20/WhkX/oGghkWSpCxR0kynDplk+BEK2oyGKnl+rf4vymhsse2iQ/C99PhaodZjDfuGVSwPLoU0AYyAKaEwmgHPOFbDlrAmNk4iBp+IZYm9guZM2hcQ4GeA5WQyZzw4C1yMywWbdjtL9ZhpClmmPZ28nmwNORAat7tXPJoBBdXFB0gNT/wU7UYIKU5GnAiDIFJ0o8ijnuAMat3AsBki2vxwdypuBq5M6OF9DVA0HRUjOA0l4JHjK8Y282mz3U34PDPQvwCT342uD9cO3uXoSr3T2FnDmsVHz4Q9zYpSjioLmZk9ZTnQWgN5V5Oyat6m" + }; + + public override string Name + { + get { return "ParsingTest"; } + } + + public override void PerformTest() + { + inputStreamTest(); + parserTest(); + } + + private void parserTest() + { + foreach (string stream in streams) + { + Asn1StreamParser aIn = new Asn1StreamParser(Base64.Decode(stream)); + + try + { + Object obj; + while ((obj = aIn.ReadObject()) != null) + { + } + + Fail("bad stream parsed successfully!"); + } + catch (IOException) + { + // ignore + } + // Note: C# may throw these instead, since no InMemoryRepresentable support + catch (Asn1ParsingException) + { + // ignore + } + } + } + + private void inputStreamTest() + { + foreach (string stream in streams) + { + Asn1InputStream aIn = new Asn1InputStream(Base64.Decode(stream)); + + try + { + Object obj; + while ((obj = aIn.ReadObject()) != null) + { + } + + Fail("bad stream parsed successfully!"); + } + catch (IOException) + { + // ignore + } + // Note: C# may throw these instead, since no InMemoryRepresentable support + catch (Asn1ParsingException) + { + // ignore + } + } + } + + public static void Main( + string[] args) + { + RunTest(new ParsingTest()); + } + } +} diff --git a/BouncyCastle/crypto/test/src/asn1/test/PersonalDataUnitTest.cs b/BouncyCastle/crypto/test/src/asn1/test/PersonalDataUnitTest.cs new file mode 100644 index 0000000..f92e619 --- /dev/null +++ b/BouncyCastle/crypto/test/src/asn1/test/PersonalDataUnitTest.cs @@ -0,0 +1,127 @@ +using System; + +using NUnit.Framework; + +using Org.BouncyCastle.Asn1.X500; +using Org.BouncyCastle.Asn1.X509.SigI; +using Org.BouncyCastle.Math; + +namespace Org.BouncyCastle.Asn1.Tests +{ + [TestFixture] + public class PersonalDataUnitTest + : Asn1UnitTest + { + public override string Name + { + get { return "PersonalData"; } + } + + public override void PerformTest() + { + NameOrPseudonym nameOrPseudonym = new NameOrPseudonym("pseudonym"); + BigInteger nameDistinguisher = BigInteger.ValueOf(10); + DerGeneralizedTime dateOfBirth= new DerGeneralizedTime("20070315173729Z"); + DirectoryString placeOfBirth = new DirectoryString("placeOfBirth"); + string gender = "M"; + DirectoryString postalAddress = new DirectoryString("address"); + + PersonalData data = new PersonalData(nameOrPseudonym, nameDistinguisher, dateOfBirth, placeOfBirth, gender, postalAddress); + + checkConstruction(data, nameOrPseudonym, nameDistinguisher, dateOfBirth, placeOfBirth, gender, postalAddress); + + data = new PersonalData(nameOrPseudonym, null, dateOfBirth, placeOfBirth, gender, postalAddress); + + checkConstruction(data, nameOrPseudonym, null, dateOfBirth, placeOfBirth, gender, postalAddress); + + data = new PersonalData(nameOrPseudonym, nameDistinguisher, null, placeOfBirth, gender, postalAddress); + + checkConstruction(data, nameOrPseudonym, nameDistinguisher, null, placeOfBirth, gender, postalAddress); + + data = new PersonalData(nameOrPseudonym, nameDistinguisher, dateOfBirth, null, gender, postalAddress); + + checkConstruction(data, nameOrPseudonym, nameDistinguisher, dateOfBirth, null, gender, postalAddress); + + data = new PersonalData(nameOrPseudonym, nameDistinguisher, dateOfBirth, placeOfBirth, null, postalAddress); + + checkConstruction(data, nameOrPseudonym, nameDistinguisher, dateOfBirth, placeOfBirth, null, postalAddress); + + data = new PersonalData(nameOrPseudonym, nameDistinguisher, dateOfBirth, placeOfBirth, gender, null); + + checkConstruction(data, nameOrPseudonym, nameDistinguisher, dateOfBirth, placeOfBirth, gender, null); + + data = PersonalData.GetInstance(null); + + if (data != null) + { + Fail("null GetInstance() failed."); + } + + try + { + PersonalData.GetInstance(new Object()); + + Fail("GetInstance() failed to detect bad object."); + } + catch (ArgumentException) + { + // expected + } + } + + private void checkConstruction( + PersonalData data, + NameOrPseudonym nameOrPseudonym, + BigInteger nameDistinguisher, + DerGeneralizedTime dateOfBirth, + DirectoryString placeOfBirth, + string gender, + DirectoryString postalAddress) + { + checkValues(data, nameOrPseudonym, nameDistinguisher, dateOfBirth, placeOfBirth, gender, postalAddress); + + data = PersonalData.GetInstance(data); + + checkValues(data, nameOrPseudonym, nameDistinguisher, dateOfBirth, placeOfBirth, gender, postalAddress); + + Asn1InputStream aIn = new Asn1InputStream(data.ToAsn1Object().GetEncoded()); + + Asn1Sequence seq = (Asn1Sequence) aIn.ReadObject(); + + data = PersonalData.GetInstance(seq); + + checkValues(data, nameOrPseudonym, nameDistinguisher, dateOfBirth, placeOfBirth, gender, postalAddress); + } + + private void checkValues( + PersonalData data, + NameOrPseudonym nameOrPseudonym, + BigInteger nameDistinguisher, + DerGeneralizedTime dateOfBirth, + DirectoryString placeOfBirth, + string gender, + DirectoryString postalAddress) + { + checkMandatoryField("nameOrPseudonym", nameOrPseudonym, data.NameOrPseudonym); + checkOptionalField("nameDistinguisher", nameDistinguisher, data.NameDistinguisher); + checkOptionalField("dateOfBirth", dateOfBirth, data.DateOfBirth); + checkOptionalField("placeOfBirth", placeOfBirth, data.PlaceOfBirth); + checkOptionalField("gender", gender, data.Gender); + checkOptionalField("postalAddress", postalAddress, data.PostalAddress); + } + + public static void Main( + string[] args) + { + RunTest(new PersonalDataUnitTest()); + } + + [Test] + public void TestFunction() + { + string resultText = Perform().ToString(); + + Assert.AreEqual(Name + ": Okay", resultText); + } + } +} diff --git a/BouncyCastle/crypto/test/src/asn1/test/PrivateKeyInfoTest.cs b/BouncyCastle/crypto/test/src/asn1/test/PrivateKeyInfoTest.cs new file mode 100644 index 0000000..eb17a54 --- /dev/null +++ b/BouncyCastle/crypto/test/src/asn1/test/PrivateKeyInfoTest.cs @@ -0,0 +1,60 @@ +using System; + +using NUnit.Framework; + +using Org.BouncyCastle.Asn1.Pkcs; +using Org.BouncyCastle.Utilities.Encoders; +using Org.BouncyCastle.Utilities.Test; + +namespace Org.BouncyCastle.Asn1.Tests +{ + [TestFixture] + public class PrivateKeyInfoTest + : SimpleTest + { + private static readonly byte[] priv = Base64.Decode( + "MC4CAQAwBQYDK2VwBCIEINTuctv5E1hK1bbY8fdp+K06/nwoy/HU++CXqI9EdVhC"); + + private static readonly byte[] privWithPub = Base64.Decode( + "MHICAQEwBQYDK2VwBCIEINTuctv5E1hK1bbY8fdp+K06/nwoy/HU++CXqI9EdVhC" + + "oB8wHQYKKoZIhvcNAQkJFDEPDA1DdXJkbGUgQ2hhaXJzgSEAGb9ECWmEzf6FQbrB" + + "Z9w7lshQhqowtrbLDFw4rXAxZuE="); + + public override string Name + { + get { return "PrivateKeyInfoTest"; } + } + + public override void PerformTest() + { + PrivateKeyInfo privInfo1 = PrivateKeyInfo.GetInstance(priv); + + IsTrue(!privInfo1.HasPublicKey); + + PrivateKeyInfo privInfo2 = new PrivateKeyInfo(privInfo1.PrivateKeyAlgorithm, privInfo1.ParsePrivateKey()); + + IsTrue("enc 1 failed", AreEqual(priv, privInfo2.GetEncoded())); + + privInfo1 = PrivateKeyInfo.GetInstance(privWithPub); + + IsTrue(privInfo1.HasPublicKey); + + privInfo2 = new PrivateKeyInfo(privInfo1.PrivateKeyAlgorithm, privInfo1.ParsePrivateKey(), privInfo1.Attributes, privInfo1.PublicKeyData.GetOctets()); + + IsTrue("enc 2 failed", AreEqual(privWithPub, privInfo2.GetEncoded())); + } + + public static void Main(string[] args) + { + RunTest(new PrivateKeyInfoTest()); + } + + [Test] + public void TestFunction() + { + string resultText = Perform().ToString(); + + Assert.AreEqual(Name + ": Okay", resultText); + } + } +} diff --git a/BouncyCastle/crypto/test/src/asn1/test/ProcurationSyntaxUnitTest.cs b/BouncyCastle/crypto/test/src/asn1/test/ProcurationSyntaxUnitTest.cs new file mode 100644 index 0000000..97d0e3e --- /dev/null +++ b/BouncyCastle/crypto/test/src/asn1/test/ProcurationSyntaxUnitTest.cs @@ -0,0 +1,111 @@ +using System; + +using NUnit.Framework; + +using Org.BouncyCastle.Asn1.IsisMtt.X509; +using Org.BouncyCastle.Asn1.X500; +using Org.BouncyCastle.Asn1.X509; + +namespace Org.BouncyCastle.Asn1.Tests +{ + [TestFixture] + public class ProcurationSyntaxUnitTest + : Asn1UnitTest + { + public override string Name + { + get { return "ProcurationSyntax"; } + } + + public override void PerformTest() + { + string country = "AU"; + DirectoryString typeOfSubstitution = new DirectoryString("substitution"); + GeneralName thirdPerson = new GeneralName(new X509Name("CN=thirdPerson")); + IssuerSerial certRef = new IssuerSerial(new GeneralNames(new GeneralName(new X509Name("CN=test"))), new DerInteger(1)); + + ProcurationSyntax procuration = new ProcurationSyntax(country, typeOfSubstitution, thirdPerson); + + checkConstruction(procuration, country, typeOfSubstitution, thirdPerson, null); + + procuration = new ProcurationSyntax(country, typeOfSubstitution, certRef); + + checkConstruction(procuration, country, typeOfSubstitution, null, certRef); + + procuration = new ProcurationSyntax(null, typeOfSubstitution, certRef); + + checkConstruction(procuration, null, typeOfSubstitution, null, certRef); + + procuration = new ProcurationSyntax(country, null, certRef); + + checkConstruction(procuration, country, null, null, certRef); + + procuration = ProcurationSyntax.GetInstance(null); + + if (procuration != null) + { + Fail("null GetInstance() failed."); + } + + try + { + ProcurationSyntax.GetInstance(new Object()); + + Fail("GetInstance() failed to detect bad object."); + } + catch (ArgumentException) + { + // expected + } + } + + private void checkConstruction( + ProcurationSyntax procuration, + string country, + DirectoryString typeOfSubstitution, + GeneralName thirdPerson, + IssuerSerial certRef) + { + checkValues(procuration, country, typeOfSubstitution, thirdPerson, certRef); + + procuration = ProcurationSyntax.GetInstance(procuration); + + checkValues(procuration, country, typeOfSubstitution, thirdPerson, certRef); + + Asn1InputStream aIn = new Asn1InputStream(procuration.ToAsn1Object().GetEncoded()); + + Asn1Sequence seq = (Asn1Sequence) aIn.ReadObject(); + + procuration = ProcurationSyntax.GetInstance(seq); + + checkValues(procuration, country, typeOfSubstitution, thirdPerson, certRef); + } + + private void checkValues( + ProcurationSyntax procuration, + string country, + DirectoryString typeOfSubstitution, + GeneralName thirdPerson, + IssuerSerial certRef) + { + checkOptionalField("country", country, procuration.Country); + checkOptionalField("typeOfSubstitution", typeOfSubstitution, procuration.TypeOfSubstitution); + checkOptionalField("thirdPerson", thirdPerson, procuration.ThirdPerson); + checkOptionalField("certRef", certRef, procuration.CertRef); + } + + public static void Main( + string[] args) + { + RunTest(new ProcurationSyntaxUnitTest()); + } + + [Test] + public void TestFunction() + { + string resultText = Perform().ToString(); + + Assert.AreEqual(Name + ": Okay", resultText); + } + } +} diff --git a/BouncyCastle/crypto/test/src/asn1/test/ProfessionInfoUnitTest.cs b/BouncyCastle/crypto/test/src/asn1/test/ProfessionInfoUnitTest.cs new file mode 100644 index 0000000..6af2658 --- /dev/null +++ b/BouncyCastle/crypto/test/src/asn1/test/ProfessionInfoUnitTest.cs @@ -0,0 +1,121 @@ +using System; + +using NUnit.Framework; + +using Org.BouncyCastle.Asn1.IsisMtt.X509; +using Org.BouncyCastle.Asn1.X500; + +namespace Org.BouncyCastle.Asn1.Tests +{ + [TestFixture] + public class ProfessionInfoUnitTest + : Asn1UnitTest + { + public override string Name + { + get { return "ProfessionInfo"; } + } + + public override void PerformTest() + { + NamingAuthority auth = new NamingAuthority(new DerObjectIdentifier("1.2.3"), "url", new DirectoryString("fred")); + DirectoryString[] professionItems = { new DirectoryString("substitution") }; + DerObjectIdentifier[] professionOids = { new DerObjectIdentifier("1.2.3") }; + string registrationNumber = "12345"; + DerOctetString addProfInfo = new DerOctetString(new byte[20]); + + ProfessionInfo info = new ProfessionInfo(auth, professionItems, professionOids, registrationNumber, addProfInfo); + + checkConstruction(info, auth, professionItems, professionOids, registrationNumber, addProfInfo); + + info = new ProfessionInfo(null, professionItems, professionOids, registrationNumber, addProfInfo); + + checkConstruction(info, null, professionItems, professionOids, registrationNumber, addProfInfo); + + info = new ProfessionInfo(auth, professionItems, null, registrationNumber, addProfInfo); + + checkConstruction(info, auth, professionItems, null, registrationNumber, addProfInfo); + + info = new ProfessionInfo(auth, professionItems, professionOids, null, addProfInfo); + + checkConstruction(info, auth, professionItems, professionOids, null, addProfInfo); + + info = new ProfessionInfo(auth, professionItems, professionOids, registrationNumber, null); + + checkConstruction(info, auth, professionItems, professionOids, registrationNumber, null); + + info = ProfessionInfo.GetInstance(null); + + if (info != null) + { + Fail("null GetInstance() failed."); + } + + try + { + ProcurationSyntax.GetInstance(new Object()); + + Fail("GetInstance() failed to detect bad object."); + } + catch (ArgumentException) + { + // expected + } + } + + private void checkConstruction( + ProfessionInfo profInfo, + NamingAuthority auth, + DirectoryString[] professionItems, + DerObjectIdentifier[] professionOids, + string registrationNumber, + DerOctetString addProfInfo) + { + checkValues(profInfo, auth, professionItems, professionOids, registrationNumber, addProfInfo); + + profInfo = ProfessionInfo.GetInstance(profInfo); + + checkValues(profInfo, auth, professionItems, professionOids, registrationNumber, addProfInfo); + + Asn1InputStream aIn = new Asn1InputStream(profInfo.ToAsn1Object().GetEncoded()); + + Asn1Sequence seq = (Asn1Sequence) aIn.ReadObject(); + + profInfo = ProfessionInfo.GetInstance(seq); + + checkValues(profInfo, auth, professionItems, professionOids, registrationNumber, addProfInfo); + } + + private void checkValues( + ProfessionInfo profInfo, + NamingAuthority auth, + DirectoryString[] professionItems, + DerObjectIdentifier[] professionOids, + string registrationNumber, + DerOctetString addProfInfo) + { + checkOptionalField("auth", auth, profInfo.NamingAuthority); + checkMandatoryField("professionItems", professionItems[0], profInfo.GetProfessionItems()[0]); + if (professionOids != null) + { + checkOptionalField("professionOids", professionOids[0], profInfo.GetProfessionOids()[0]); + } + checkOptionalField("registrationNumber", registrationNumber, profInfo.RegistrationNumber); + checkOptionalField("addProfessionInfo", addProfInfo, profInfo.AddProfessionInfo); + } + + public static void Main( + string[] args) + { + RunTest(new ProfessionInfoUnitTest()); + } + + [Test] + public void TestFunction() + { + string resultText = Perform().ToString(); + + Assert.AreEqual(Name + ": Okay", resultText); + } + } +} diff --git a/BouncyCastle/crypto/test/src/asn1/test/QCStatementUnitTest.cs b/BouncyCastle/crypto/test/src/asn1/test/QCStatementUnitTest.cs new file mode 100644 index 0000000..8d8ec9e --- /dev/null +++ b/BouncyCastle/crypto/test/src/asn1/test/QCStatementUnitTest.cs @@ -0,0 +1,108 @@ +using System; + +using NUnit.Framework; + +using Org.BouncyCastle.Asn1; +using Org.BouncyCastle.Asn1.X509; +using Org.BouncyCastle.Asn1.X509.Qualified; +using Org.BouncyCastle.Utilities.Test; + +namespace Org.BouncyCastle.Asn1.Tests +{ + [TestFixture] + public class QCStatementUnitTest + : SimpleTest + { + public override string Name + { + get { return "QCStatement"; } + } + + public override void PerformTest() + { + QCStatement mv = new QCStatement(Rfc3739QCObjectIdentifiers.IdQcsPkixQCSyntaxV1); + + CheckConstruction(mv, Rfc3739QCObjectIdentifiers.IdQcsPkixQCSyntaxV1, null); + + Asn1Encodable info = new SemanticsInformation(new DerObjectIdentifier("1.2")); + + mv = new QCStatement(Rfc3739QCObjectIdentifiers.IdQcsPkixQCSyntaxV1, info); + + CheckConstruction(mv, Rfc3739QCObjectIdentifiers.IdQcsPkixQCSyntaxV1, info); + + mv = QCStatement.GetInstance(null); + + if (mv != null) + { + Fail("null GetInstance() failed."); + } + + try + { + QCStatement.GetInstance(new object()); + + Fail("GetInstance() failed to detect bad object."); + } + catch (ArgumentException) + { + // expected + } + } + + private void CheckConstruction( + QCStatement mv, + DerObjectIdentifier statementId, + Asn1Encodable statementInfo) + { + CheckStatement(mv, statementId, statementInfo); + + mv = QCStatement.GetInstance(mv); + + CheckStatement(mv, statementId, statementInfo); + + Asn1Sequence seq = (Asn1Sequence) Asn1Object.FromByteArray( + mv.ToAsn1Object().GetEncoded()); + + mv = QCStatement.GetInstance(seq); + + CheckStatement(mv, statementId, statementInfo); + } + + private void CheckStatement( + QCStatement qcs, + DerObjectIdentifier statementId, + Asn1Encodable statementInfo) + { + if (!qcs.StatementId.Equals(statementId)) + { + Fail("statementIds don't match."); + } + + if (statementInfo != null) + { + if (!qcs.StatementInfo.Equals(statementInfo)) + { + Fail("statementInfos don't match."); + } + } + else if (qcs.StatementInfo != null) + { + Fail("statementInfo found when none expected."); + } + } + + public static void Main( + string[] args) + { + RunTest(new QCStatementUnitTest()); + } + + [Test] + public void TestFunction() + { + string resultText = Perform().ToString(); + + Assert.AreEqual(Name + ": Okay", resultText); + } + } +} diff --git a/BouncyCastle/crypto/test/src/asn1/test/ReasonFlagsTest.cs b/BouncyCastle/crypto/test/src/asn1/test/ReasonFlagsTest.cs new file mode 100644 index 0000000..ef404b3 --- /dev/null +++ b/BouncyCastle/crypto/test/src/asn1/test/ReasonFlagsTest.cs @@ -0,0 +1,46 @@ +using System; + +using NUnit.Framework; + +using Org.BouncyCastle.Asn1.X509; +using Org.BouncyCastle.Utilities.Test; + +namespace Org.BouncyCastle.Asn1.Tests +{ + [TestFixture] + public class ReasonFlagsTest + : SimpleTest + { + public override string Name + { + get { return "ReasonFlags"; } + } + + public override void PerformTest() + { + BitStringConstantTester.testFlagValueCorrect(0, ReasonFlags.Unused); + BitStringConstantTester.testFlagValueCorrect(1, ReasonFlags.KeyCompromise); + BitStringConstantTester.testFlagValueCorrect(2, ReasonFlags.CACompromise); + BitStringConstantTester.testFlagValueCorrect(3, ReasonFlags.AffiliationChanged); + BitStringConstantTester.testFlagValueCorrect(4, ReasonFlags.Superseded); + BitStringConstantTester.testFlagValueCorrect(5, ReasonFlags.CessationOfOperation); + BitStringConstantTester.testFlagValueCorrect(6, ReasonFlags.CertificateHold); + BitStringConstantTester.testFlagValueCorrect(7, ReasonFlags.PrivilegeWithdrawn); + BitStringConstantTester.testFlagValueCorrect(8, ReasonFlags.AACompromise); + } + + public static void Main( + string[] args) + { + RunTest(new ReasonFlagsTest()); + } + + [Test] + public void TestFunction() + { + string resultText = Perform().ToString(); + + Assert.AreEqual(Name + ": Okay", resultText); + } + } +} diff --git a/BouncyCastle/crypto/test/src/asn1/test/RegressionTest.cs b/BouncyCastle/crypto/test/src/asn1/test/RegressionTest.cs new file mode 100644 index 0000000..7bc10b0 --- /dev/null +++ b/BouncyCastle/crypto/test/src/asn1/test/RegressionTest.cs @@ -0,0 +1,90 @@ +using System; + +using Org.BouncyCastle.Utilities.Test; + +namespace Org.BouncyCastle.Asn1.Tests +{ + public class RegressionTest + { + public static readonly ITest[] tests = + { + new AdditionalInformationSyntaxUnitTest(), + new AdmissionSyntaxUnitTest(), + new AdmissionsUnitTest(), + new Asn1IntegerTest(), + new AttributeTableUnitTest(), + new BiometricDataUnitTest(), + new BitStringTest(), + new CertHashUnitTest(), + new CertificateTest(), + new CmsTest(), + new CommitmentTypeIndicationUnitTest(), + new CommitmentTypeQualifierUnitTest(), + new ContentHintsUnitTest(), + new CscaMasterListTest(), + new DataGroupHashUnitTest(), + new DeclarationOfMajorityUnitTest(), + new DerApplicationSpecificTest(), + new DerUtf8StringTest(), + new EncryptedPrivateKeyInfoTest(), + new EqualsAndHashCodeTest(), + new EssCertIDv2UnitTest(), + new GeneralizedTimeTest(), + new GeneralNameTest(), + new GenerationTest(), + new InputStreamTest(), + new Iso4217CurrencyCodeUnitTest(), + new IssuingDistributionPointUnitTest(), + new KeyUsageTest(), + new LDSSecurityObjectUnitTest(), + new LinkedCertificateTest(), + new MiscTest(), + new MonetaryLimitUnitTest(), + new MonetaryValueUnitTest(), + new NameOrPseudonymUnitTest(), + new NamingAuthorityUnitTest(), + new NetscapeCertTypeTest(), + new OcspTest(), + new OidTest(), + new OtherCertIDUnitTest(), + new OtherSigningCertificateUnitTest(), + new ParsingTest(), + new PersonalDataUnitTest(), + new Pkcs10Test(), + new Pkcs12Test(), + new PkiFailureInfoTest(), + new PrivateKeyInfoTest(), + new ProcurationSyntaxUnitTest(), + new ProfessionInfoUnitTest(), + new QCStatementUnitTest(), + new ReasonFlagsTest(), + new RelativeOidTest(), + new RequestedCertificateUnitTest(), + new RestrictionUnitTest(), + new SemanticsInformationUnitTest(), + new SetTest(), + new SignerLocationUnitTest(), + new SmimeTest(), + new StringTest(), + new SubjectKeyIdentifierTest(), + new TagTest(), + new TargetInformationTest(), + new TypeOfBiometricDataUnitTest(), + new UtcTimeTest(), + new X509ExtensionsTest(), + new X509NameTest(), + new X9Test(), + new KMacParamsTest() + }; + + public static void Main( + string[] args) + { + for (int i = 0; i != tests.Length; i++) + { + ITestResult result = tests[i].Perform(); + Console.WriteLine(result); + } + } + } +} diff --git a/BouncyCastle/crypto/test/src/asn1/test/RelativeOidTest.cs b/BouncyCastle/crypto/test/src/asn1/test/RelativeOidTest.cs new file mode 100644 index 0000000..e52c1b7 --- /dev/null +++ b/BouncyCastle/crypto/test/src/asn1/test/RelativeOidTest.cs @@ -0,0 +1,129 @@ +using System; + +using NUnit.Framework; + +using Org.BouncyCastle.Utilities; +using Org.BouncyCastle.Utilities.Encoders; +using Org.BouncyCastle.Utilities.Test; + +namespace Org.BouncyCastle.Asn1.Tests +{ + [TestFixture] + public class RelativeOidTest + : SimpleTest + { + private static readonly byte[] req1 = Hex.Decode("0D03813403"); + private static readonly byte[] req2 = Hex.Decode("0D082A36FFFFFFDD6311"); + + public override string Name + { + get { return "RelativeOID"; } + } + + private void RecodeCheck(string oid, byte[] enc) + { + Asn1RelativeOid o = new Asn1RelativeOid(oid); + Asn1RelativeOid encO = (Asn1RelativeOid)Asn1Object.FromByteArray(enc); + + if (!o.Equals(encO)) + { + Fail("relative OID didn't match", o, encO); + } + + byte[] bytes = o.GetDerEncoded(); + + if (!Arrays.AreEqual(bytes, enc)) + { + Fail("failed comparison test", Hex.ToHexString(enc), Hex.ToHexString(bytes)); + } + } + + private void CheckValid(string oid) + { + Asn1RelativeOid o = new Asn1RelativeOid(oid); + o = (Asn1RelativeOid)Asn1Object.FromByteArray(o.GetEncoded()); + + if (!o.Id.Equals(oid)) + { + Fail("failed relative oid check for " + oid); + } + } + + private void CheckInvalid(string oid) + { + try + { + new Asn1RelativeOid(oid); + Fail("failed to catch bad relative oid: " + oid); + } + catch (FormatException) + { + // expected + } + } + + private void BranchCheck(string stem, string branch) + { + string expected = stem + "." + branch; + string actual = new Asn1RelativeOid(stem).Branch(branch).Id; + + if (expected != actual) + { + Fail("failed 'branch' check for " + stem + "/" + branch); + } + } + + public override void PerformTest() + { + RecodeCheck("180.3", req1); + RecodeCheck("42.54.34359733987.17", req2); + + CheckValid("0"); + CheckValid("37"); + CheckValid("0.1"); + CheckValid("1.0"); + CheckValid("1.0.2"); + CheckValid("1.0.20"); + CheckValid("1.0.200"); + CheckValid("1.1.127.32512.8323072.2130706432.545460846592.139637976727552.35747322042253312.9151314442816847872"); + CheckValid("1.2.123.12345678901.1.1.1"); + CheckValid("2.25.196556539987194312349856245628873852187.1"); + CheckValid("3.1"); + CheckValid("37.196556539987194312349856245628873852187.100"); + CheckValid("192.168.1.1"); + + CheckInvalid("00"); + CheckInvalid("0.01"); + CheckInvalid("00.1"); + CheckInvalid("1.00.2"); + CheckInvalid("1.0.02"); + CheckInvalid("1.2.00"); + CheckInvalid(".1"); + CheckInvalid("..1"); + CheckInvalid("3..1"); + CheckInvalid(".123452"); + CheckInvalid("1."); + CheckInvalid("1.345.23.34..234"); + CheckInvalid("1.345.23.34.234."); + CheckInvalid(".12.345.77.234"); + CheckInvalid(".12.345.77.234."); + CheckInvalid("1.2.3.4.A.5"); + CheckInvalid("1,2"); + + BranchCheck("1.1", "2.2"); + } + + public static void Main(string[] args) + { + RunTest(new RelativeOidTest()); + } + + [Test] + public void TestFunction() + { + string resultText = Perform().ToString(); + + Assert.AreEqual(Name + ": Okay", resultText); + } + } +} diff --git a/BouncyCastle/crypto/test/src/asn1/test/RequestedCertificateUnitTest.cs b/BouncyCastle/crypto/test/src/asn1/test/RequestedCertificateUnitTest.cs new file mode 100644 index 0000000..7675041 --- /dev/null +++ b/BouncyCastle/crypto/test/src/asn1/test/RequestedCertificateUnitTest.cs @@ -0,0 +1,117 @@ +using System; + +using NUnit.Framework; + +using Org.BouncyCastle.Asn1.IsisMtt.Ocsp; +using Org.BouncyCastle.Asn1.X509; +using Org.BouncyCastle.Utilities.Encoders; + +namespace Org.BouncyCastle.Asn1.Tests +{ + [TestFixture] + public class RequestedCertificateUnitTest + : Asn1UnitTest + { + private static readonly byte[] certBytes = Base64.Decode( + "MIIBWzCCAQYCARgwDQYJKoZIhvcNAQEEBQAwODELMAkGA1UEBhMCQVUxDDAKBgNV" + + "BAgTA1FMRDEbMBkGA1UEAxMSU1NMZWF5L3JzYSB0ZXN0IENBMB4XDTk1MDYxOTIz" + + "MzMxMloXDTk1MDcxNzIzMzMxMlowOjELMAkGA1UEBhMCQVUxDDAKBgNVBAgTA1FM" + + "RDEdMBsGA1UEAxMUU1NMZWF5L3JzYSB0ZXN0IGNlcnQwXDANBgkqhkiG9w0BAQEF" + + "AANLADBIAkEAqtt6qS5GTxVxGZYWa0/4u+IwHf7p2LNZbcPBp9/OfIcYAXBQn8hO" + + "/Re1uwLKXdCjIoaGs4DLdG88rkzfyK5dPQIDAQABMAwGCCqGSIb3DQIFBQADQQAE" + + "Wc7EcF8po2/ZO6kNCwK/ICH6DobgLekA5lSLr5EvuioZniZp5lFzAw4+YzPQ7XKJ" + + "zl9HYIMxATFyqSiD9jsx"); + + public override string Name + { + get { return "RequestedCertificate"; } + } + + public override void PerformTest() + { + RequestedCertificate.Choice type = RequestedCertificate.Choice.AttributeCertificate; + X509CertificateStructure cert = X509CertificateStructure.GetInstance( + Asn1Object.FromByteArray(certBytes)); + + byte[] certOctets = new byte[20]; + RequestedCertificate requested = new RequestedCertificate(type, certOctets); + + checkConstruction(requested, type, certOctets, null); + + requested = new RequestedCertificate(cert); + + checkConstruction(requested, RequestedCertificate.Choice.Certificate, null, cert); + + requested = RequestedCertificate.GetInstance(null); + + if (requested != null) + { + Fail("null GetInstance() failed."); + } + + try + { + RequestedCertificate.GetInstance(new object()); + + Fail("GetInstance() failed to detect bad object."); + } + catch (ArgumentException) + { + // expected + } + } + + private void checkConstruction( + RequestedCertificate requested, + RequestedCertificate.Choice type, + byte[] certOctets, + X509CertificateStructure cert) + { + checkValues(requested, type, certOctets, cert); + + requested = RequestedCertificate.GetInstance(requested); + + checkValues(requested, type, certOctets, cert); + + Asn1InputStream aIn = new Asn1InputStream(requested.ToAsn1Object().GetEncoded()); + + object obj = aIn.ReadObject(); + + requested = RequestedCertificate.GetInstance(obj); + + checkValues(requested, type, certOctets, cert); + } + + private void checkValues( + RequestedCertificate requested, + RequestedCertificate.Choice type, + byte[] certOctets, + X509CertificateStructure cert) + { + checkMandatoryField("certType", (int) type, (int) requested.Type); + + if (requested.Type == RequestedCertificate.Choice.Certificate) + { + checkMandatoryField("certificate", cert.GetEncoded(), requested.GetCertificateBytes()); + } + else + { + checkMandatoryField("certificateOctets", certOctets, requested.GetCertificateBytes()); + } + } + + public static void Main( + string[] args) + { + RunTest(new RequestedCertificateUnitTest()); + } + + [Test] + public void TestFunction() + { + string resultText = Perform().ToString(); + + Assert.AreEqual(Name + ": Okay", resultText); + } + } +} diff --git a/BouncyCastle/crypto/test/src/asn1/test/RestrictionUnitTest.cs b/BouncyCastle/crypto/test/src/asn1/test/RestrictionUnitTest.cs new file mode 100644 index 0000000..5dd6438 --- /dev/null +++ b/BouncyCastle/crypto/test/src/asn1/test/RestrictionUnitTest.cs @@ -0,0 +1,78 @@ +using System; + +using NUnit.Framework; + +using Org.BouncyCastle.Asn1.IsisMtt.X509; +using Org.BouncyCastle.Asn1.X500; + +namespace Org.BouncyCastle.Asn1.Tests +{ + [TestFixture] + public class RestrictionUnitTest + : Asn1UnitTest + { + public override string Name + { + get { return "Restriction"; } + } + + public override void PerformTest() + { + DirectoryString res = new DirectoryString("test"); + Restriction restriction = new Restriction(res.GetString()); + + checkConstruction(restriction, res); + + try + { + Restriction.GetInstance(new Object()); + + Fail("GetInstance() failed to detect bad object."); + } + catch (ArgumentException) + { + // expected + } + } + + private void checkConstruction( + Restriction restriction, + DirectoryString res) + { + checkValues(restriction, res); + + restriction = Restriction.GetInstance(restriction); + + checkValues(restriction, res); + + Asn1InputStream aIn = new Asn1InputStream(restriction.ToAsn1Object().GetEncoded()); + + IAsn1String str = (IAsn1String) aIn.ReadObject(); + + restriction = Restriction.GetInstance(str); + + checkValues(restriction, res); + } + + private void checkValues( + Restriction restriction, + DirectoryString res) + { + checkMandatoryField("restriction", res, restriction.RestrictionString); + } + + public static void Main( + string[] args) + { + RunTest(new RestrictionUnitTest()); + } + + [Test] + public void TestFunction() + { + string resultText = Perform().ToString(); + + Assert.AreEqual(Name + ": Okay", resultText); + } + } +} diff --git a/BouncyCastle/crypto/test/src/asn1/test/SMIMETest.cs b/BouncyCastle/crypto/test/src/asn1/test/SMIMETest.cs new file mode 100644 index 0000000..adb90e0 --- /dev/null +++ b/BouncyCastle/crypto/test/src/asn1/test/SMIMETest.cs @@ -0,0 +1,90 @@ +using System; +using System.IO; + +using NUnit.Framework; + +using Org.BouncyCastle.Asn1.Cms; +using Org.BouncyCastle.Asn1.Smime; +using Org.BouncyCastle.Utilities; +using Org.BouncyCastle.Utilities.Encoders; +using Org.BouncyCastle.Utilities.Test; + +namespace Org.BouncyCastle.Asn1.Tests +{ + [TestFixture] + public class SmimeTest + : ITest + { + private static byte[] attrBytes = Base64.Decode("MDQGCSqGSIb3DQEJDzEnMCUwCgYIKoZIhvcNAwcwDgYIKoZIhvcNAwICAgCAMAcGBSsOAwIH"); + private static byte[] prefBytes = Base64.Decode("MCwGCyqGSIb3DQEJEAILMR2hGwQIAAAAAAAAAAAYDzIwMDcwMzE1MTczNzI5Wg=="); + + public ITestResult Perform() + { + SmimeCapabilityVector caps = new SmimeCapabilityVector(); + + caps.AddCapability(SmimeCapability.DesEde3Cbc); + caps.AddCapability(SmimeCapability.RC2Cbc, 128); + caps.AddCapability(SmimeCapability.DesCbc); + + SmimeCapabilitiesAttribute attr = new SmimeCapabilitiesAttribute(caps); + + SmimeEncryptionKeyPreferenceAttribute pref = new SmimeEncryptionKeyPreferenceAttribute( + new RecipientKeyIdentifier(new DerOctetString(new byte[8]), + new DerGeneralizedTime("20070315173729Z"), + null)); + + try + { + if (!Arrays.AreEqual(attr.GetEncoded(), attrBytes)) + { + return new SimpleTestResult(false, Name + ": Failed attr data check"); + } + + Asn1Object o = Asn1Object.FromByteArray(attrBytes); + if (!attr.Equals(o)) + { + return new SimpleTestResult(false, Name + ": Failed equality test for attr"); + } + + if (!Arrays.AreEqual(pref.GetEncoded(), prefBytes)) + { + return new SimpleTestResult(false, Name + ": Failed attr data check"); + } + + o = Asn1Object.FromByteArray(prefBytes); + if (!pref.Equals(o)) + { + return new SimpleTestResult(false, Name + ": Failed equality test for pref"); + } + + return new SimpleTestResult(true, Name + ": Okay"); + } + catch (Exception e) + { + return new SimpleTestResult(false, Name + ": Failed - exception " + e.ToString(), e); + } + } + + public string Name + { + get { return "SMIME"; } + } + + public static void Main( + string[] args) + { + ITest test = new SmimeTest(); + ITestResult result = test.Perform(); + + Console.WriteLine(result); + } + + [Test] + public void TestFunction() + { + string resultText = Perform().ToString(); + + Assert.AreEqual(Name + ": Okay", resultText); + } + } +} diff --git a/BouncyCastle/crypto/test/src/asn1/test/SemanticsInformationUnitTest.cs b/BouncyCastle/crypto/test/src/asn1/test/SemanticsInformationUnitTest.cs new file mode 100644 index 0000000..8f1f85f --- /dev/null +++ b/BouncyCastle/crypto/test/src/asn1/test/SemanticsInformationUnitTest.cs @@ -0,0 +1,138 @@ +using System; + +using NUnit.Framework; + +using Org.BouncyCastle.Asn1; +using Org.BouncyCastle.Asn1.X509; +using Org.BouncyCastle.Asn1.X509.Qualified; +using Org.BouncyCastle.Utilities.Test; + +namespace Org.BouncyCastle.Asn1.Tests +{ + [TestFixture] + public class SemanticsInformationUnitTest + : SimpleTest + { + public override string Name + { + get { return "SemanticsInformation"; } + } + + public override void PerformTest() + { + DerObjectIdentifier statementId = new DerObjectIdentifier("1.1"); + SemanticsInformation mv = new SemanticsInformation(statementId); + + CheckConstruction(mv, statementId, null); + + GeneralName[] names = new GeneralName[2]; + + names[0] = new GeneralName(GeneralName.Rfc822Name, "test@test.org"); + names[1] = new GeneralName(new X509Name("cn=test")); + + mv = new SemanticsInformation(statementId, names); + + CheckConstruction(mv, statementId, names); + + mv = new SemanticsInformation(names); + + CheckConstruction(mv, null, names); + + mv = SemanticsInformation.GetInstance(null); + + if (mv != null) + { + Fail("null GetInstance() failed."); + } + + try + { + SemanticsInformation.GetInstance(new object()); + + Fail("GetInstance() failed to detect bad object."); + } + catch (ArgumentException) + { + // expected + } + + try + { + new SemanticsInformation(DerSequence.Empty); + + Fail("constructor failed to detect empty sequence."); + } + catch (ArgumentException) + { + // expected + } + } + + private void CheckConstruction( + SemanticsInformation mv, + DerObjectIdentifier semanticsIdentifier, + GeneralName[] names) + { + CheckStatement(mv, semanticsIdentifier, names); + + mv = SemanticsInformation.GetInstance(mv); + + CheckStatement(mv, semanticsIdentifier, names); + + Asn1Sequence seq = (Asn1Sequence) Asn1Object.FromByteArray(mv.ToAsn1Object().GetEncoded()); + + mv = SemanticsInformation.GetInstance(seq); + + CheckStatement(mv, semanticsIdentifier, names); + } + + private void CheckStatement( + SemanticsInformation si, + DerObjectIdentifier id, + GeneralName[] names) + { + if (id != null) + { + if (!si.SemanticsIdentifier.Equals(id)) + { + Fail("ids don't match."); + } + } + else if (si.SemanticsIdentifier != null) + { + Fail("statementId found when none expected."); + } + + if (names != null) + { + GeneralName[] siNames = si.GetNameRegistrationAuthorities(); + + for (int i = 0; i != siNames.Length; i++) + { + if (!names[i].Equals(siNames[i])) + { + Fail("name registration authorities don't match."); + } + } + } + else if (si.GetNameRegistrationAuthorities() != null) + { + Fail("name registration authorities found when none expected."); + } + } + + public static void Main( + string[] args) + { + RunTest(new SemanticsInformationUnitTest()); + } + + [Test] + public void TestFunction() + { + string resultText = Perform().ToString(); + + Assert.AreEqual(Name + ": Okay", resultText); + } + } +} diff --git a/BouncyCastle/crypto/test/src/asn1/test/SetTest.cs b/BouncyCastle/crypto/test/src/asn1/test/SetTest.cs new file mode 100644 index 0000000..b7da0a9 --- /dev/null +++ b/BouncyCastle/crypto/test/src/asn1/test/SetTest.cs @@ -0,0 +1,121 @@ +using System; + +using NUnit.Framework; + +using Org.BouncyCastle.Utilities.Test; + +namespace Org.BouncyCastle.Asn1.Tests +{ + /// Set sorting test example. + [TestFixture] + public class SetTest + : SimpleTest + { + public override string Name + { + get { return "Set"; } + } + + private void checkSortedSet( + int attempt, + Asn1Set s) + { + if (s[0] is DerBoolean + && s[1] is DerInteger + && s[2] is DerBitString + && s[3] is DerOctetString) + { + return; + } + + Fail("sorting failed on attempt: " + attempt); + } + + public override void PerformTest() + { + Asn1EncodableVector v = new Asn1EncodableVector(); + byte[] data = new byte[10]; + + v.Add(new DerOctetString(data)); + v.Add(new DerBitString(data)); + v.Add(new DerInteger(100)); + v.Add(DerBoolean.True); + + checkSortedSet(0, new DerSet(v)); + + v = new Asn1EncodableVector(); + v.Add(new DerInteger(100)); + v.Add(DerBoolean.True); + v.Add(new DerOctetString(data)); + v.Add(new DerBitString(data)); + + checkSortedSet(1, new DerSet(v)); + + v = new Asn1EncodableVector(); + v.Add(DerBoolean.True); + v.Add(new DerOctetString(data)); + v.Add(new DerBitString(data)); + v.Add(new DerInteger(100)); + + + checkSortedSet(2, new DerSet(v)); + + v = new Asn1EncodableVector(); + v.Add(new DerBitString(data)); + v.Add(new DerOctetString(data)); + v.Add(new DerInteger(100)); + v.Add(DerBoolean.True); + + checkSortedSet(3, new DerSet(v)); + + v = new Asn1EncodableVector(); + v.Add(new DerOctetString(data)); + v.Add(new DerBitString(data)); + v.Add(new DerInteger(100)); + v.Add(DerBoolean.True); + + Asn1Set s = new BerSet(v); + + if (!(s[0] is DerOctetString)) + { + Fail("BER set sort order changed."); + } + + // create an implicitly tagged "set" without sorting + Asn1TaggedObject tag = new DerTaggedObject(false, 1, new DerSequence(v)); + + // Encode/decode to get 'tag' as a parsed instance + tag = (Asn1TaggedObject)Asn1Object.FromByteArray(tag.GetEncoded(Asn1Encodable.Der));; + + s = Asn1Set.GetInstance(tag, false); + + if (s[0] is DerBoolean) + { + Fail("sorted when shouldn't be."); + } + + // equality test + v = new Asn1EncodableVector(); + + v.Add(DerBoolean.True); + v.Add(DerBoolean.True); + v.Add(DerBoolean.True); + + s = new DerSet(v); + } + + public static void Main( + string[] args) + { + RunTest(new SetTest()); + } + + [Test] + public void TestFunction() + { + string resultText = Perform().ToString(); + + Assert.AreEqual(Name + ": Okay", resultText); + } + } +} diff --git a/BouncyCastle/crypto/test/src/asn1/test/SignerLocationUnitTest.cs b/BouncyCastle/crypto/test/src/asn1/test/SignerLocationUnitTest.cs new file mode 100644 index 0000000..650e2fc --- /dev/null +++ b/BouncyCastle/crypto/test/src/asn1/test/SignerLocationUnitTest.cs @@ -0,0 +1,195 @@ +using System; + +using NUnit.Framework; + +using Org.BouncyCastle.Asn1.Esf; +using Org.BouncyCastle.Asn1.X500; +using Org.BouncyCastle.Utilities.Test; + +namespace Org.BouncyCastle.Asn1.Tests +{ + [TestFixture] + public class SignerLocationUnitTest + : SimpleTest + { + public override string Name + { + get { return "SignerLocation"; } + } + + public override void PerformTest() + { + DerUtf8String countryName = new DerUtf8String("Australia"); + + SignerLocation sl = new SignerLocation(countryName, null, null); + + CheckConstruction(sl, DirectoryString.GetInstance(countryName), null, null); + + DerUtf8String localityName = new DerUtf8String("Melbourne"); + + sl = new SignerLocation(null, localityName, null); + + CheckConstruction(sl, null, DirectoryString.GetInstance(localityName), null); + + sl = new SignerLocation(countryName, localityName, null); + + CheckConstruction(sl, DirectoryString.GetInstance(countryName), DirectoryString.GetInstance(localityName), null); + + Asn1Sequence postalAddress = new DerSequence( + new DerUtf8String("line 1"), + new DerUtf8String("line 2")); + + sl = new SignerLocation(null, null, postalAddress); + + CheckConstruction(sl, null, null, postalAddress); + + sl = new SignerLocation(countryName, null, postalAddress); + + CheckConstruction(sl, DirectoryString.GetInstance(countryName), null, postalAddress); + + sl = new SignerLocation(countryName, localityName, postalAddress); + + CheckConstruction(sl, DirectoryString.GetInstance(countryName), DirectoryString.GetInstance(localityName), postalAddress); + + sl = SignerLocation.GetInstance(null); + + if (sl != null) + { + Fail("null GetInstance() failed."); + } + + try + { + SignerLocation.GetInstance(new object()); + + Fail("GetInstance() failed to detect bad object."); + } + catch (ArgumentException) + { + // expected + } + + // + // out of range postal address + // + postalAddress = new DerSequence( + new DerUtf8String("line 1"), + new DerUtf8String("line 2"), + new DerUtf8String("line 3"), + new DerUtf8String("line 4"), + new DerUtf8String("line 5"), + new DerUtf8String("line 6"), + new DerUtf8String("line 7")); + + try + { + new SignerLocation(null, null, postalAddress); + + Fail("constructor failed to detect bad postalAddress."); + } + catch (ArgumentException) + { + // expected + } + + try + { + new SignerLocation(new DerSequence(new DerTaggedObject(2, postalAddress))); + + Fail("sequence constructor failed to detect bad postalAddress."); + } + catch (ArgumentException) + { + // expected + } + + try + { + new SignerLocation(new DerSequence(new DerTaggedObject(5, postalAddress))); + + Fail("sequence constructor failed to detect bad tag."); + } + catch (ArgumentException) + { + // expected + } + } + + private void CheckConstruction( + SignerLocation sl, + DirectoryString countryName, + DirectoryString localityName, + Asn1Sequence postalAddress) + { + CheckValues(sl, countryName, localityName, postalAddress); + + sl = SignerLocation.GetInstance(sl); + + CheckValues(sl, countryName, localityName, postalAddress); + + Asn1Sequence seq = (Asn1Sequence) Asn1Object.FromByteArray( + sl.ToAsn1Object().GetEncoded()); + + sl = SignerLocation.GetInstance(seq); + + CheckValues(sl, countryName, localityName, postalAddress); + } + + private void CheckValues( + SignerLocation sl, + DirectoryString countryName, + DirectoryString localityName, + Asn1Sequence postalAddress) + { + if (countryName != null) + { + if (!countryName.Equals(sl.CountryName)) + { + Fail("countryNames don't match."); + } + } + else if (sl.CountryName != null) + { + Fail("countryName found when none expected."); + } + + if (localityName != null) + { + if (!localityName.Equals(sl.LocalityName)) + { + Fail("localityNames don't match."); + } + } + else if (sl.LocalityName != null) + { + Fail("localityName found when none expected."); + } + + if (postalAddress != null) + { + if (!postalAddress.Equals(sl.PostalAddress)) + { + Fail("postalAddresses don't match."); + } + } + else if (sl.PostalAddress != null) + { + Fail("postalAddress found when none expected."); + } + } + + public static void Main( + string[] args) + { + RunTest(new SignerLocationUnitTest()); + } + + [Test] + public void TestFunction() + { + string resultText = Perform().ToString(); + + Assert.AreEqual(Name + ": Okay", resultText); + } + } +} diff --git a/BouncyCastle/crypto/test/src/asn1/test/StringTest.cs b/BouncyCastle/crypto/test/src/asn1/test/StringTest.cs new file mode 100644 index 0000000..acfd380 --- /dev/null +++ b/BouncyCastle/crypto/test/src/asn1/test/StringTest.cs @@ -0,0 +1,105 @@ +using System; +using System.Text; + +using NUnit.Framework; + +using Org.BouncyCastle.Utilities.Test; + +namespace Org.BouncyCastle.Asn1.Tests +{ + /** + * X.690 test example + */ + [TestFixture] + public class StringTest + : SimpleTest + { + public override string Name + { + get { return "String"; } + } + + public override void PerformTest() + { + DerBitString bs = new DerBitString( + new byte[] { (byte)0x01,(byte)0x23,(byte)0x45,(byte)0x67,(byte)0x89,(byte)0xab,(byte)0xcd,(byte)0xef }); + + if (!bs.GetString().Equals("#0309000123456789ABCDEF")) + { + Fail("DerBitString.GetString() result incorrect"); + } + + if (!bs.ToString().Equals("#0309000123456789ABCDEF")) + { + Fail("DerBitString.ToString() result incorrect"); + } + + bs = new DerBitString( + new byte[] { (byte)0xfe,(byte)0xdc,(byte)0xba,(byte)0x98,(byte)0x76,(byte)0x54,(byte)0x32,(byte)0x10 }); + + if (!bs.GetString().Equals("#030900FEDCBA9876543210")) + { + Fail("DerBitString.GetString() result incorrect"); + } + + if (!bs.ToString().Equals("#030900FEDCBA9876543210")) + { + Fail("DerBitString.ToString() result incorrect"); + } + + DerUniversalString us = new DerUniversalString( + new byte[] { (byte)0x01,(byte)0x23,(byte)0x45,(byte)0x67,(byte)0x89,(byte)0xab,(byte)0xcd,(byte)0xef }); + + if (!us.GetString().Equals("#1C080123456789ABCDEF")) + { + Fail("DerUniversalString.GetString() result incorrect"); + } + + if (!us.ToString().Equals("#1C080123456789ABCDEF")) + { + Fail("DerUniversalString.ToString() result incorrect"); + } + + us = new DerUniversalString( + new byte[] { (byte)0xfe,(byte)0xdc,(byte)0xba,(byte)0x98,(byte)0x76,(byte)0x54,(byte)0x32,(byte)0x10 }); + + if (!us.GetString().Equals("#1C08FEDCBA9876543210")) + { + Fail("DerUniversalString.GetString() result incorrect"); + } + + if (!us.ToString().Equals("#1C08FEDCBA9876543210")) + { + Fail("DerUniversalString.ToString() result incorrect"); + } + + byte[] t61Bytes = new byte[] { 0xff, 0xfe, 0xfd, 0xfc, 0xfb, 0xfa, 0xf9, 0xf8 }; + string t61String = Encoding.GetEncoding("iso-8859-1").GetString(t61Bytes, 0, t61Bytes.Length); + DerT61String t61 = new DerT61String(t61Bytes); + + if (!t61.GetString().Equals(t61String)) + { + Fail("DerT61String.GetString() result incorrect"); + } + + if (!t61.ToString().Equals(t61String)) + { + Fail("DerT61String.ToString() result incorrect"); + } + } + + public static void Main( + string[] args) + { + RunTest(new StringTest()); + } + + [Test] + public void TestFunction() + { + string resultText = Perform().ToString(); + + Assert.AreEqual(Name + ": Okay", resultText); + } + } +} diff --git a/BouncyCastle/crypto/test/src/asn1/test/SubjectKeyIdentifierTest.cs b/BouncyCastle/crypto/test/src/asn1/test/SubjectKeyIdentifierTest.cs new file mode 100644 index 0000000..127c47a --- /dev/null +++ b/BouncyCastle/crypto/test/src/asn1/test/SubjectKeyIdentifierTest.cs @@ -0,0 +1,61 @@ +using System; + +using NUnit.Framework; + +using Org.BouncyCastle.Asn1.X509; +using Org.BouncyCastle.Utilities; +using Org.BouncyCastle.Utilities.Encoders; +using Org.BouncyCastle.Utilities.Test; + +namespace Org.BouncyCastle.Asn1.Tests +{ + [TestFixture] + public class SubjectKeyIdentifierTest + : SimpleTest + { + private static byte[] pubKeyInfo = Base64.Decode( + "MFgwCwYJKoZIhvcNAQEBA0kAMEYCQQC6wMMmHYMZszT/7bNFMn+gaZoiWJLVP8ODRuu1C2jeAe" + + "QpxM+5Oe7PaN2GNy3nBE4EOYkB5pMJWA0y9n04FX8NAgED"); + + private static byte[] shaID = Hex.Decode("d8128a06d6c2feb0865994a2936e7b75b836a021"); + private static byte[] shaTruncID = Hex.Decode("436e7b75b836a021"); + + public override string Name + { + get { return "SubjectKeyIdentifier"; } + } + + public override void PerformTest() + { + SubjectPublicKeyInfo pubInfo = SubjectPublicKeyInfo.GetInstance( + Asn1Object.FromByteArray(pubKeyInfo)); + SubjectKeyIdentifier ski = SubjectKeyIdentifier.CreateSha1KeyIdentifier(pubInfo); + + if (!Arrays.AreEqual(shaID, ski.GetKeyIdentifier())) + { + Fail("SHA-1 ID does not match"); + } + + ski = SubjectKeyIdentifier.CreateTruncatedSha1KeyIdentifier(pubInfo); + + if (!Arrays.AreEqual(shaTruncID, ski.GetKeyIdentifier())) + { + Fail("truncated SHA-1 ID does not match"); + } + } + + public static void Main( + string[] args) + { + RunTest(new SubjectKeyIdentifierTest()); + } + + [Test] + public void TestFunction() + { + string resultText = Perform().ToString(); + + Assert.AreEqual(Name + ": Okay", resultText); + } + } +} diff --git a/BouncyCastle/crypto/test/src/asn1/test/TagTest.cs b/BouncyCastle/crypto/test/src/asn1/test/TagTest.cs new file mode 100644 index 0000000..fd6995c --- /dev/null +++ b/BouncyCastle/crypto/test/src/asn1/test/TagTest.cs @@ -0,0 +1,128 @@ +using System; +using System.IO; + +using NUnit.Framework; + +using Org.BouncyCastle.Security; +using Org.BouncyCastle.Utilities.Encoders; +using Org.BouncyCastle.Utilities.Test; + +namespace Org.BouncyCastle.Asn1.Tests +{ + /** + * X.690 test example + */ + [TestFixture] + public class TagTest + : SimpleTest + { + private static readonly byte[] longTagged = Base64.Decode( + "ZSRzIp8gEEZFRENCQTk4NzY1NDMyMTCfIQwyMDA2MDQwMTEyMzSUCCAFERVz" + + "A4kCAHEXGBkalAggBRcYGRqUCCAFZS6QAkRFkQlURUNITklLRVKSBQECAwQF" + + "kxAREhMUFRYXGBkalAggBREVcwOJAgBxFxgZGpQIIAUXGBkalAggBWUukAJE" + + "RZEJVEVDSE5JS0VSkgUBAgMEBZMQERITFBUWFxgZGpQIIAURFXMDiQIAcRcY" + + "GRqUCCAFFxgZGpQIIAVlLpACREWRCVRFQ0hOSUtFUpIFAQIDBAWTEBESExQV" + + "FhcYGRqUCCAFERVzA4kCAHEXGBkalAggBRcYGRqUCCAFFxgZGpQIIAUXGBka" + + "lAg="); + + private static readonly byte[] longAppSpecificTag = Hex.Decode("5F610101"); + + private static readonly byte[] taggedInteger = Hex.Decode("BF2203020101"); + + public override string Name + { + get { return "Tag"; } + } + + public override void PerformTest() + { + Asn1InputStream aIn = new Asn1InputStream(longTagged); + + DerApplicationSpecific app = (DerApplicationSpecific)aIn.ReadObject(); + + aIn = new Asn1InputStream(app.GetContents()); + + app = (DerApplicationSpecific)aIn.ReadObject(); + + aIn = new Asn1InputStream(app.GetContents()); + + Asn1TaggedObject tagged = (Asn1TaggedObject)aIn.ReadObject(); + + if (tagged.TagNo != 32) + { + Fail("unexpected tag value found - not 32"); + } + + tagged = (Asn1TaggedObject) Asn1Object.FromByteArray(tagged.GetEncoded()); + + if (tagged.TagNo != 32) + { + Fail("unexpected tag value found on recode - not 32"); + } + + tagged = (Asn1TaggedObject) aIn.ReadObject(); + + if (tagged.TagNo != 33) + { + Fail("unexpected tag value found - not 33"); + } + + tagged = (Asn1TaggedObject) Asn1Object.FromByteArray(tagged.GetEncoded()); + + if (tagged.TagNo != 33) + { + Fail("unexpected tag value found on recode - not 33"); + } + + aIn = new Asn1InputStream(longAppSpecificTag); + + app = (DerApplicationSpecific)aIn.ReadObject(); + + if (app.ApplicationTag != 97) + { + Fail("incorrect tag number read"); + } + + app = (DerApplicationSpecific)Asn1Object.FromByteArray(app.GetEncoded()); + + if (app.ApplicationTag != 97) + { + Fail("incorrect tag number read on recode"); + } + + SecureRandom sr = new SecureRandom(); + for (int i = 0; i < 100; ++i) + { + int testTag = (sr.NextInt() & int.MaxValue) >> sr.Next(26); + app = new DerApplicationSpecific(testTag, new byte[]{ 1 }); + app = (DerApplicationSpecific)Asn1Object.FromByteArray(app.GetEncoded()); + + if (app.ApplicationTag != testTag) + { + Fail("incorrect tag number read on recode (random test value: " + testTag + ")"); + } + } + + tagged = new DerTaggedObject(false, 34, new DerTaggedObject(true, 1000, new DerInteger(1))); + + if (!AreEqual(taggedInteger, tagged.GetEncoded())) + { + Fail("incorrect encoding for implicit explicit tagged integer"); + } + } + + public static void Main( + string[] args) + { + RunTest(new TagTest()); + } + + [Test] + public void TestFunction() + { + string resultText = Perform().ToString(); + + Assert.AreEqual(Name + ": Okay", resultText); + } + } +} diff --git a/BouncyCastle/crypto/test/src/asn1/test/TargetInformationTest.cs b/BouncyCastle/crypto/test/src/asn1/test/TargetInformationTest.cs new file mode 100644 index 0000000..7fa04cd --- /dev/null +++ b/BouncyCastle/crypto/test/src/asn1/test/TargetInformationTest.cs @@ -0,0 +1,58 @@ +using System; + +using NUnit.Framework; + +using Org.BouncyCastle.Asn1.X509; +using Org.BouncyCastle.Utilities.Test; + +namespace Org.BouncyCastle.Asn1.Tests +{ + [TestFixture] + public class TargetInformationTest + : SimpleTest + { + public override string Name + { + get { return "TargetInformation"; } + } + + public override void PerformTest() + { + Target[] targets = new Target[2]; + Target targetName = new Target(Target.Choice.Name, new GeneralName(GeneralName.DnsName, "www.test.com")); + Target targetGroup = new Target(Target.Choice.Group, new GeneralName(GeneralName.DirectoryName, "o=Test, ou=Test")); + targets[0] = targetName; + targets[1] = targetGroup; + Targets targetss = new Targets(targets); + TargetInformation targetInformation1 = new TargetInformation(targetss); + // use an Target array + TargetInformation targetInformation2 = new TargetInformation(targets); + // targetInformation1 and targetInformation2 must have same + // encoding. + if (!targetInformation1.Equals(targetInformation2)) + { + Fail("targetInformation1 and targetInformation2 should have the same encoding."); + } + TargetInformation targetInformation3 = TargetInformation.GetInstance(targetInformation1.ToAsn1Object()); + TargetInformation targetInformation4 = TargetInformation.GetInstance(targetInformation2.ToAsn1Object()); + if (!targetInformation3.Equals(targetInformation4)) + { + Fail("targetInformation3 and targetInformation4 should have the same encoding."); + } + } + + public static void Main( + string[] args) + { + RunTest(new TargetInformationTest()); + } + + [Test] + public void TestFunction() + { + string resultText = Perform().ToString(); + + Assert.AreEqual(Name + ": Okay", resultText); + } + } +} diff --git a/BouncyCastle/crypto/test/src/asn1/test/TimeTest.cs b/BouncyCastle/crypto/test/src/asn1/test/TimeTest.cs new file mode 100644 index 0000000..04dac3c --- /dev/null +++ b/BouncyCastle/crypto/test/src/asn1/test/TimeTest.cs @@ -0,0 +1,28 @@ +using System; + +using NUnit.Framework; + +using Org.BouncyCastle.Utilities.Test; + +namespace Org.BouncyCastle.Asn1.Tests +{ + [TestFixture] + public class TimeTest + { + [Test] + public void CheckCmsTimeVsX509Time() + { + DateTime now = DateTime.UtcNow; + + // Time classes only have a resolution of seconds + now = SimpleTest.MakeUtcDateTime(now.Year, now.Month, now.Day, now.Hour, now.Minute, now.Second); + + Org.BouncyCastle.Asn1.Cms.Time cmsTime = new Org.BouncyCastle.Asn1.Cms.Time(now); + Org.BouncyCastle.Asn1.X509.Time x509Time = new Org.BouncyCastle.Asn1.X509.Time(now); + +// Assert.AreEqual(cmsTime.Date, x509Time.ToDateTime()); + Assert.AreEqual(now, cmsTime.Date); + Assert.AreEqual(now, x509Time.ToDateTime()); + } + } +} diff --git a/BouncyCastle/crypto/test/src/asn1/test/TypeOfBiometricDataUnitTest.cs b/BouncyCastle/crypto/test/src/asn1/test/TypeOfBiometricDataUnitTest.cs new file mode 100644 index 0000000..a59415c --- /dev/null +++ b/BouncyCastle/crypto/test/src/asn1/test/TypeOfBiometricDataUnitTest.cs @@ -0,0 +1,152 @@ +using System; + +using NUnit.Framework; + +using Org.BouncyCastle.Asn1; +using Org.BouncyCastle.Asn1.X509.Qualified; +using Org.BouncyCastle.Utilities.Test; + +namespace Org.BouncyCastle.Asn1.Tests +{ + [TestFixture] + public class TypeOfBiometricDataUnitTest + : SimpleTest + { + public override string Name + { + get { return "TypeOfBiometricData"; } + } + + public override void PerformTest() + { + // + // predefined + // + CheckPredefinedType(TypeOfBiometricData.Picture); + + CheckPredefinedType(TypeOfBiometricData.HandwrittenSignature); + + // + // non-predefined + // + DerObjectIdentifier localType = new DerObjectIdentifier("1.1"); + + TypeOfBiometricData type = new TypeOfBiometricData(localType); + + CheckNonPredefined(type, localType); + + type = TypeOfBiometricData.GetInstance(type); + + CheckNonPredefined(type, localType); + + Asn1Object obj = type.ToAsn1Object(); + + type = TypeOfBiometricData.GetInstance(obj); + + CheckNonPredefined(type, localType); + + type = TypeOfBiometricData.GetInstance(null); + + if (type != null) + { + Fail("null GetInstance() failed."); + } + + try + { + TypeOfBiometricData.GetInstance(new object()); + + Fail("GetInstance() failed to detect bad object."); + } + catch (ArgumentException) + { + // expected + } + + try + { + new TypeOfBiometricData(100); + + Fail("constructor failed to detect bad predefined type."); + } + catch (ArgumentException) + { + // expected + } + + // Call Equals to avoid unreachable code warning + if (!Equals(TypeOfBiometricData.Picture, 0)) + { + Fail("predefined picture should be 0"); + } + + // Call Equals to avoid unreachable code warning + if (!Equals(TypeOfBiometricData.HandwrittenSignature, 1)) + { + Fail("predefined handwritten signature should be 1"); + } + } + + private void CheckPredefinedType( + int predefinedType) + { + TypeOfBiometricData type = new TypeOfBiometricData(predefinedType); + + CheckPredefined(type, predefinedType); + + type = TypeOfBiometricData.GetInstance(type); + + CheckPredefined(type, predefinedType); + + Asn1Object obj = Asn1Object.FromByteArray(type.ToAsn1Object().GetEncoded()); + + type = TypeOfBiometricData.GetInstance(obj); + + CheckPredefined(type, predefinedType); + } + + private void CheckPredefined( + TypeOfBiometricData type, + int val) + { + if (!type.IsPredefined) + { + Fail("predefined type expected but not found."); + } + + if (type.PredefinedBiometricType != val) + { + Fail("predefined type does not match."); + } + } + + private void CheckNonPredefined( + TypeOfBiometricData type, + DerObjectIdentifier val) + { + if (type.IsPredefined) + { + Fail("predefined type found when not expected."); + } + + if (!type.BiometricDataOid.Equals(val)) + { + Fail("data oid does not match."); + } + } + + public static void Main( + string[] args) + { + RunTest(new TypeOfBiometricDataUnitTest()); + } + + [Test] + public void TestFunction() + { + string resultText = Perform().ToString(); + + Assert.AreEqual(Name + ": Okay", resultText); + } + } +} diff --git a/BouncyCastle/crypto/test/src/asn1/test/UTCTimeTest.cs b/BouncyCastle/crypto/test/src/asn1/test/UTCTimeTest.cs new file mode 100644 index 0000000..07abbc9 --- /dev/null +++ b/BouncyCastle/crypto/test/src/asn1/test/UTCTimeTest.cs @@ -0,0 +1,122 @@ +using System; + +using NUnit.Framework; + +using Org.BouncyCastle.Utilities.Test; + +namespace Org.BouncyCastle.Asn1.Tests +{ + /** + * X.690 test example + */ + [TestFixture] + public class UtcTimeTest + : SimpleTest + { + private static readonly string[] input = + { + "020122122220Z", + "020122122220-1000", + "020122122220+1000", + "020122122220+00", + "0201221222Z", + "0201221222-1000", + "0201221222+1000", + "0201221222+00", + "550122122220Z", + "5501221222Z" + }; + + private static readonly string[] output = + { + "20020122122220GMT+00:00", + "20020122122220GMT-10:00", + "20020122122220GMT+10:00", + "20020122122220GMT+00:00", + "20020122122200GMT+00:00", + "20020122122200GMT-10:00", + "20020122122200GMT+10:00", + "20020122122200GMT+00:00", + "19550122122220GMT+00:00", + "19550122122200GMT+00:00" + }; + + private static readonly string[] zOutput1 = + { + "20020122122220Z", + "20020122222220Z", + "20020122022220Z", + "20020122122220Z", + "20020122122200Z", + "20020122222200Z", + "20020122022200Z", + "20020122122200Z", + "19550122122220Z", + "19550122122200Z" + }; + + private static readonly string[] zOutput2 = + { + "20020122122220Z", + "20020122222220Z", + "20020122022220Z", + "20020122122220Z", + "20020122122200Z", + "20020122222200Z", + "20020122022200Z", + "20020122122200Z", + "19550122122220Z", + "19550122122200Z" + }; + + public override string Name + { + get { return "UTCTime"; } + } + + public override void PerformTest() + { +// SimpleDateFormat yyyyF = new SimpleDateFormat("yyyyMMddHHmmss'Z'"); +// SimpleDateFormat yyF = new SimpleDateFormat("yyyyMMddHHmmss'Z'"); + +// yyyyF.setTimeZone(new SimpleTimeZone(0,"Z")); +// yyF.setTimeZone(new SimpleTimeZone(0,"Z")); + + for (int i = 0; i != input.Length; i++) + { + DerUtcTime t = new DerUtcTime(input[i]); + + if (!t.AdjustedTimeString.Equals(output[i])) + { + Fail("failed conversion test " + i); + } + +// if (!yyyyF.format(t.getAdjustedDate()).Equals(zOutput1[i])) + if (!t.ToAdjustedDateTime().ToString(@"yyyyMMddHHmmss\Z").Equals(zOutput1[i])) + { + Fail("failed date conversion test " + i); + } + +// if (!yyF.format(t.getDate()).Equals(zOutput2[i])) + if (!t.ToDateTime().ToString(@"yyyyMMddHHmmss\Z").Equals(zOutput2[i])) + { + Fail("failed date shortened conversion test " + i); + } + } + } + + public static void Main( + string[] args) + { + RunTest(new UtcTimeTest()); + } + + [Test] + public void TestFunction() + { + string resultText = Perform().ToString(); + + Assert.AreEqual(Name + ": Okay", resultText); + } + } +} diff --git a/BouncyCastle/crypto/test/src/asn1/test/X509ExtensionsTest.cs b/BouncyCastle/crypto/test/src/asn1/test/X509ExtensionsTest.cs new file mode 100644 index 0000000..71bb5ef --- /dev/null +++ b/BouncyCastle/crypto/test/src/asn1/test/X509ExtensionsTest.cs @@ -0,0 +1,225 @@ +using System; + +using NUnit.Framework; + +using Org.BouncyCastle.Asn1.X509; +using Org.BouncyCastle.Utilities.Test; + +namespace Org.BouncyCastle.Asn1.Tests +{ + [TestFixture] + public class X509ExtensionsTest + : SimpleTest + { + private static readonly DerObjectIdentifier Oid1 = new DerObjectIdentifier("1.2.1"); + private static readonly DerObjectIdentifier Oid2 = new DerObjectIdentifier("1.2.2"); + private static readonly DerObjectIdentifier Oid3 = new DerObjectIdentifier("1.2.3"); + + public override string Name + { + get { return "X509Extensions"; } + } + + + [Test] + public void TestDuplicateExtensions() + { + + // Testing for handling of duplicates + + GeneralName name1 = new GeneralName(GeneralName.DnsName, "bc1.local"); + GeneralName name2 = new GeneralName(GeneralName.DnsName, "bc2.local"); + + + X509ExtensionsGenerator extensionsGenerator = new X509ExtensionsGenerator(); + extensionsGenerator.AddExtension(X509Extensions.SubjectAlternativeName, false, new DerSequence(new Asn1EncodableVector(new Asn1Encodable[] { name1 }))); + extensionsGenerator.AddExtension(X509Extensions.SubjectAlternativeName, false, new DerSequence(new Asn1EncodableVector(new Asn1Encodable[] { name2 }))); + + // + // Generate and deserialise. + // + X509Extensions ext = X509Extensions.GetInstance(Asn1Sequence.GetInstance(extensionsGenerator.Generate().GetEncoded())); + X509Extension returnedExtension = ext.GetExtension(X509Extensions.SubjectAlternativeName); + Asn1Sequence seq = Asn1Sequence.GetInstance(returnedExtension.GetParsedValue()); + + + // + // Check expected order and value. + // + if (!GeneralName.GetInstance(seq[0]).Equals(name1)) + { + Fail("expected name 1"); + } + + if (!GeneralName.GetInstance(seq[1]).Equals(name2)) + { + Fail("expected name 2"); + } + + + // + // Test we can load dup extensions into a new generator + // + + X509ExtensionsGenerator genX = new X509ExtensionsGenerator(); + genX.AddExtensions(ext); + + ext = X509Extensions.GetInstance(Asn1Sequence.GetInstance(genX.Generate().GetEncoded())); + returnedExtension = ext.GetExtension(X509Extensions.SubjectAlternativeName); + seq = Asn1Sequence.GetInstance(returnedExtension.GetParsedValue()); + + + + // + // Check expected order and value. + // + if (!GeneralName.GetInstance(seq[0]).Equals(name1)) + { + Fail("expected name 1"); + } + + if (!GeneralName.GetInstance(seq[1]).Equals(name2)) + { + Fail("expected name 2"); + } + + + + + } + + + [Test] + public void TestAllowedDuplicateExtensions() + { + + // Testing for handling of duplicates + + GeneralName name1 = new GeneralName(GeneralName.DnsName, "bc1.local"); + GeneralName name2 = new GeneralName(GeneralName.DnsName, "bc2.local"); + + + X509ExtensionsGenerator extensionsGenerator = new X509ExtensionsGenerator(); + extensionsGenerator.AddExtension(X509Extensions.SubjectAlternativeName, false, new DerSequence(new Asn1EncodableVector(new Asn1Encodable[] { name1 }))); + extensionsGenerator.AddExtension(X509Extensions.SubjectAlternativeName, false, new DerSequence(new Asn1EncodableVector(new Asn1Encodable[] { name2 }))); + + extensionsGenerator.AddExtension(X509Extensions.IssuerAlternativeName, false, new DerSequence(new Asn1EncodableVector(new Asn1Encodable[] { name1 }))); + extensionsGenerator.AddExtension(X509Extensions.IssuerAlternativeName, false, new DerSequence(new Asn1EncodableVector(new Asn1Encodable[] { name2 }))); + + + extensionsGenerator.AddExtension(X509Extensions.SubjectDirectoryAttributes, false, new DerSequence(new Asn1EncodableVector(new Asn1Encodable[] { name1 }))); + extensionsGenerator.AddExtension(X509Extensions.SubjectDirectoryAttributes, false, new DerSequence(new Asn1EncodableVector(new Asn1Encodable[] { name2 }))); + + extensionsGenerator.AddExtension(X509Extensions.CertificateIssuer, false, new DerSequence(new Asn1EncodableVector(new Asn1Encodable[] { name1 }))); + extensionsGenerator.AddExtension(X509Extensions.CertificateIssuer, false, new DerSequence(new Asn1EncodableVector(new Asn1Encodable[] { name2 }))); + + + extensionsGenerator.AddExtension(X509Extensions.AuditIdentity, false, new DerSequence(new Asn1EncodableVector(new Asn1Encodable[] { name1 }))); + try + { + extensionsGenerator.AddExtension(X509Extensions.AuditIdentity, false, new DerSequence(new Asn1EncodableVector(new Asn1Encodable[] { name2 }))); + Fail("Expected exception, not a white listed duplicate."); + } + catch (Exception ex) + { + // ok + } + + } + + + public override void PerformTest() + { + X509ExtensionsGenerator gen = new X509ExtensionsGenerator(); + + gen.AddExtension(Oid1, true, new byte[20]); + gen.AddExtension(Oid2, true, new byte[20]); + + X509Extensions ext1 = gen.Generate(); + X509Extensions ext2 = gen.Generate(); + + if (!ext1.Equals(ext2)) + { + Fail("Equals test failed"); + } + + gen.Reset(); + + gen.AddExtension(Oid2, true, new byte[20]); + gen.AddExtension(Oid1, true, new byte[20]); + + ext2 = gen.Generate(); + + if (ext1.Equals(ext2)) + { + Fail("inequality test failed"); + } + + if (!ext1.Equivalent(ext2)) + { + Fail("equivalence true failed"); + } + + gen.Reset(); + + gen.AddExtension(Oid1, true, new byte[22]); + gen.AddExtension(Oid2, true, new byte[20]); + + ext2 = gen.Generate(); + + if (ext1.Equals(ext2)) + { + Fail("inequality 1 failed"); + } + + if (ext1.Equivalent(ext2)) + { + Fail("non-equivalence 1 failed"); + } + + gen.Reset(); + + gen.AddExtension(Oid3, true, new byte[20]); + gen.AddExtension(Oid2, true, new byte[20]); + + ext2 = gen.Generate(); + + if (ext1.Equals(ext2)) + { + Fail("inequality 2 failed"); + } + + if (ext1.Equivalent(ext2)) + { + Fail("non-equivalence 2 failed"); + } + + try + { + gen.AddExtension(Oid2, true, new byte[20]); + Fail("repeated oid"); + } + catch (ArgumentException e) + { + if (!e.Message.Equals("extension 1.2.2 already added")) + { + Fail("wrong exception on repeated oid: " + e.Message); + } + } + } + + public static void Main( + string[] args) + { + RunTest(new X509ExtensionsTest()); + } + + [Test] + public void TestFunction() + { + string resultText = Perform().ToString(); + + Assert.AreEqual(Name + ": Okay", resultText); + } + } +} diff --git a/BouncyCastle/crypto/test/src/asn1/test/X509NameTest.cs b/BouncyCastle/crypto/test/src/asn1/test/X509NameTest.cs new file mode 100644 index 0000000..43214c0 --- /dev/null +++ b/BouncyCastle/crypto/test/src/asn1/test/X509NameTest.cs @@ -0,0 +1,669 @@ +using System; +using System.Collections; +using System.IO; + +using NUnit.Framework; + +using Org.BouncyCastle.Asn1.X509; +using Org.BouncyCastle.Utilities; +using Org.BouncyCastle.Utilities.Encoders; +using Org.BouncyCastle.Utilities.Test; + +namespace Org.BouncyCastle.Asn1.Tests +{ + [TestFixture] + public class X509NameTest + : SimpleTest + { + private static readonly string[] subjects = + { + "C=AU,ST=Victoria,L=South Melbourne,O=Connect 4 Pty Ltd,OU=Webserver Team,CN=www2.connect4.com.au,E=webmaster@connect4.com.au", + "C=AU,ST=Victoria,L=South Melbourne,O=Connect 4 Pty Ltd,OU=Certificate Authority,CN=Connect 4 CA,E=webmaster@connect4.com.au", + "C=AU,ST=QLD,CN=SSLeay/rsa test cert", + "C=US,O=National Aeronautics and Space Administration,SERIALNUMBER=16+CN=Steve Schoch", + "E=cooke@issl.atl.hp.com,C=US,OU=Hewlett Packard Company (ISSL),CN=Paul A. Cooke", + "O=Sun Microsystems Inc,CN=store.sun.com", + "unstructuredAddress=192.168.1.33,unstructuredName=pixfirewall.ciscopix.com,CN=pixfirewall.ciscopix.com" + }; + + public override string Name + { + get { return "X509Name"; } + } + + private static X509Name FromBytes( + byte[] bytes) + { + return X509Name.GetInstance(Asn1Object.FromByteArray(bytes)); + } + + private IAsn1Convertible createEntryValue( + DerObjectIdentifier oid, + string value) + { + IDictionary attrs = new Hashtable(); + attrs.Add(oid, value); + + IList ord = new ArrayList(); + ord.Add(oid); + + X509Name name = new X509Name(ord, attrs); + + Asn1Sequence seq = (Asn1Sequence)name.ToAsn1Object(); + Asn1Set set = (Asn1Set)seq[0]; + seq = (Asn1Sequence)set[0]; + + return seq[1]; + } + + private IAsn1Convertible createEntryValueFromString( + DerObjectIdentifier oid, + string val) + { + IDictionary attrs = new Hashtable(); + attrs.Add(oid, val); + + IList ord = new ArrayList(attrs.Keys); + + X509Name name = new X509Name(new X509Name(ord, attrs).ToString()); + + Asn1Sequence seq = (Asn1Sequence) name.ToAsn1Object(); + Asn1Set asn1Set = (Asn1Set) seq[0]; + seq = (Asn1Sequence) asn1Set[0]; + + return seq[1]; + } + + private void doTestEncodingPrintableString( + DerObjectIdentifier oid, + string value) + { + IAsn1Convertible converted = createEntryValue(oid, value); + if (!(converted is DerPrintableString)) + { + Fail("encoding for " + oid + " not printable string"); + } + } + + private void doTestEncodingIA5String( + DerObjectIdentifier oid, + string value) + { + IAsn1Convertible converted = createEntryValue(oid, value); + if (!(converted is DerIA5String)) + { + Fail("encoding for " + oid + " not IA5String"); + } + } + + private void doTestEncodingGeneralizedTime( + DerObjectIdentifier oid, + string val) + { + IAsn1Convertible converted = createEntryValue(oid, val); + if (!(converted is DerGeneralizedTime)) + { + Fail("encoding for " + oid + " not GeneralizedTime"); + } + converted = createEntryValueFromString(oid, val); + if (!(converted is DerGeneralizedTime)) + { + Fail("encoding for " + oid + " not GeneralizedTime"); + } + } + + public override void PerformTest() + { + doTestEncodingPrintableString(X509Name.C, "AU"); + doTestEncodingPrintableString(X509Name.SerialNumber, "123456"); + doTestEncodingPrintableString(X509Name.DnQualifier, "123456"); + doTestEncodingIA5String(X509Name.EmailAddress, "test@test.com"); + doTestEncodingIA5String(X509Name.DC, "test"); + // correct encoding + doTestEncodingGeneralizedTime(X509Name.DateOfBirth, "#180F32303032303132323132323232305A"); + // compatability encoding + doTestEncodingGeneralizedTime(X509Name.DateOfBirth, "20020122122220Z"); + + // + // composite + // + IDictionary attrs = new Hashtable(); + attrs.Add(X509Name.C, "AU"); + attrs.Add(X509Name.O, "The Legion of the Bouncy Castle"); + attrs.Add(X509Name.L, "Melbourne"); + attrs.Add(X509Name.ST, "Victoria"); + attrs.Add(X509Name.E, "feedback-crypto@bouncycastle.org"); + + IList order = new ArrayList(); + order.Add(X509Name.C); + order.Add(X509Name.O); + order.Add(X509Name.L); + order.Add(X509Name.ST); + order.Add(X509Name.E); + + X509Name name1 = new X509Name(order, attrs); + + if (!name1.Equivalent(name1)) + { + Fail("Failed same object test"); + } + + if (!name1.Equivalent(name1, true)) + { + Fail("Failed same object test - in Order"); + } + + X509Name name2 = new X509Name(order, attrs); + + if (!name1.Equivalent(name2)) + { + Fail("Failed same name test"); + } + + if (!name1.Equivalent(name2, true)) + { + Fail("Failed same name test - in Order"); + } + + if (name1.GetHashCode() != name2.GetHashCode()) + { + Fail("Failed same name test - in Order"); + } + + IList ord1 = new ArrayList(); + + ord1.Add(X509Name.C); + ord1.Add(X509Name.O); + ord1.Add(X509Name.L); + ord1.Add(X509Name.ST); + ord1.Add(X509Name.E); + + IList ord2 = new ArrayList(); + + ord2.Add(X509Name.E); + ord2.Add(X509Name.ST); + ord2.Add(X509Name.L); + ord2.Add(X509Name.O); + ord2.Add(X509Name.C); + + name1 = new X509Name(ord1, attrs); + name2 = new X509Name(ord2, attrs); + + if (!name1.Equivalent(name2)) + { + Fail("Failed reverse name test"); + } + + // FIXME Sort out X509Name hashcode problem +// if (name1.GetHashCode() != name2.GetHashCode()) +// { +// Fail("Failed reverse name test GetHashCode"); +// } + + if (name1.Equivalent(name2, true)) + { + Fail("Failed reverse name test - in Order"); + } + + if (!name1.Equivalent(name2, false)) + { + Fail("Failed reverse name test - in Order false"); + } + + IList oids = name1.GetOidList(); + if (!CompareVectors(oids, ord1)) + { + Fail("oid comparison test"); + } + + IList val1 = new ArrayList(); + + val1.Add("AU"); + val1.Add("The Legion of the Bouncy Castle"); + val1.Add("Melbourne"); + val1.Add("Victoria"); + val1.Add("feedback-crypto@bouncycastle.org"); + + name1 = new X509Name(ord1, val1); + + IList values = name1.GetValueList(); + if (!CompareVectors(values, val1)) + { + Fail("value comparison test"); + } + + ord2 = new ArrayList(); + + ord2.Add(X509Name.ST); + ord2.Add(X509Name.ST); + ord2.Add(X509Name.L); + ord2.Add(X509Name.O); + ord2.Add(X509Name.C); + + name1 = new X509Name(ord1, attrs); + name2 = new X509Name(ord2, attrs); + + if (name1.Equivalent(name2)) + { + Fail("Failed different name test"); + } + + ord2 = new ArrayList(); + + ord2.Add(X509Name.ST); + ord2.Add(X509Name.L); + ord2.Add(X509Name.O); + ord2.Add(X509Name.C); + + name1 = new X509Name(ord1, attrs); + name2 = new X509Name(ord2, attrs); + + if (name1.Equivalent(name2)) + { + Fail("Failed subset name test"); + } + + + compositeTest(); + + + // + // getValues test + // + IList v1 = name1.GetValueList(X509Name.O); + + if (v1.Count != 1 || !v1[0].Equals("The Legion of the Bouncy Castle")) + { + Fail("O test failed"); + } + + IList v2 = name1.GetValueList(X509Name.L); + + if (v2.Count != 1 || !v2[0].Equals("Melbourne")) + { + Fail("L test failed"); + } + + // + // general subjects test + // + for (int i = 0; i != subjects.Length; i++) + { + X509Name name = new X509Name(subjects[i]); + byte[] encodedName = name.GetEncoded(); + name = X509Name.GetInstance(Asn1Object.FromByteArray(encodedName)); + + if (!name.ToString().Equals(subjects[i])) + { + Fail("Failed regeneration test " + i); + } + } + + // + // sort test + // + X509Name unsorted = new X509Name("SERIALNUMBER=BBB + CN=AA"); + + if (!FromBytes(unsorted.GetEncoded()).ToString().Equals("CN=AA+SERIALNUMBER=BBB")) + { + Fail("Failed sort test 1"); + } + + unsorted = new X509Name("CN=AA + SERIALNUMBER=BBB"); + + if (!FromBytes(unsorted.GetEncoded()).ToString().Equals("CN=AA+SERIALNUMBER=BBB")) + { + Fail("Failed sort test 2"); + } + + unsorted = new X509Name("SERIALNUMBER=B + CN=AA"); + + if (!FromBytes(unsorted.GetEncoded()).ToString().Equals("SERIALNUMBER=B+CN=AA")) + { + Fail("Failed sort test 3"); + } + + unsorted = new X509Name("CN=AA + SERIALNUMBER=B"); + + if (!FromBytes(unsorted.GetEncoded()).ToString().Equals("SERIALNUMBER=B+CN=AA")) + { + Fail("Failed sort test 4"); + } + + // + // equality tests + // + equalityTest(new X509Name("CN=The Legion"), new X509Name("CN=The Legion")); + equalityTest(new X509Name("CN= The Legion"), new X509Name("CN=The Legion")); + equalityTest(new X509Name("CN=The Legion "), new X509Name("CN=The Legion")); + equalityTest(new X509Name("CN= The Legion "), new X509Name("CN=The Legion")); + equalityTest(new X509Name("CN= the legion "), new X509Name("CN=The Legion")); + + // # test + + X509Name n1 = new X509Name("SERIALNUMBER=8,O=ABC,CN=ABC Class 3 CA,C=LT"); + X509Name n2 = new X509Name("2.5.4.5=8,O=ABC,CN=ABC Class 3 CA,C=LT"); + X509Name n3 = new X509Name("2.5.4.5=#130138,O=ABC,CN=ABC Class 3 CA,C=LT"); + + equalityTest(n1, n2); + equalityTest(n2, n3); + equalityTest(n3, n1); + + n1 = new X509Name(true, "2.5.4.5=#130138,CN=SSC Class 3 CA,O=UAB Skaitmeninio sertifikavimo centras,C=LT"); + n2 = new X509Name(true, "SERIALNUMBER=#130138,CN=SSC Class 3 CA,O=UAB Skaitmeninio sertifikavimo centras,C=LT"); + n3 = X509Name.GetInstance(Asn1Object.FromByteArray(Hex.Decode("3063310b3009060355040613024c54312f302d060355040a1326" + + "55414220536b6169746d656e696e696f20736572746966696b6176696d6f2063656e74726173311730150603550403130e53534320436c6173732033204341310a30080603550405130138"))); + + equalityTest(n1, n2); + equalityTest(n2, n3); + equalityTest(n3, n1); + + n1 = new X509Name("SERIALNUMBER=8,O=XX,CN=ABC Class 3 CA,C=LT"); + n2 = new X509Name("2.5.4.5=8,O=,CN=ABC Class 3 CA,C=LT"); + + if (n1.Equivalent(n2)) + { + Fail("empty inequality check failed"); + } + + n1 = new X509Name("SERIALNUMBER=8,O=,CN=ABC Class 3 CA,C=LT"); + n2 = new X509Name("2.5.4.5=8,O=,CN=ABC Class 3 CA,C=LT"); + + equalityTest(n1, n2); + + // + // inequality to sequences + // + name1 = new X509Name("CN=The Legion"); + + if (name1.Equals(DerSequence.Empty)) + { + Fail("inequality test with sequence"); + } + + if (name1.Equals(new DerSequence(DerSet.Empty))) + { + Fail("inequality test with sequence and set"); + } + + Asn1EncodableVector v = new Asn1EncodableVector( + new DerObjectIdentifier("1.1"), + new DerObjectIdentifier("1.1")); + + if (name1.Equals(new DerSequence(new DerSet(new DerSet(v))))) + { + Fail("inequality test with sequence and bad set"); + } + +// if (name1.Equals(new DerSequence(new DerSet(new DerSet(v))), true)) +// { +// Fail("inequality test with sequence and bad set"); +// } + try + { + X509Name.GetInstance(new DerSequence(new DerSet(new DerSet(v)))); + Fail("GetInstance should reject bad sequence"); + } + catch (ArgumentException) + { + //expected + } + + if (name1.Equals(new DerSequence(new DerSet(DerSequence.Empty)))) + { + Fail("inequality test with sequence and short sequence"); + } + +// if (name1.Equals(new DerSequence(new DerSet(DerSequence.Empty)), true)) +// { +// Fail("inequality test with sequence and short sequence"); +// } + try + { + X509Name.GetInstance(new DerSequence(new DerSet(DerSequence.Empty))); + Fail("GetInstance should reject short sequence"); + } + catch (ArgumentException) + { + //expected + } + + v = new Asn1EncodableVector( + new DerObjectIdentifier("1.1"), + DerSequence.Empty); + + if (name1.Equals(new DerSequence(new DerSet(new DerSequence(v))))) + { + Fail("inequality test with sequence and bad sequence"); + } + + if (name1.Equivalent(null)) + { + Fail("inequality test with null"); + } + + if (name1.Equivalent(null, true)) + { + Fail("inequality test with null"); + } + + // + // this is contrived but it checks sorting of sets with equal elements + // + unsorted = new X509Name("CN=AA + CN=AA + CN=AA"); + + // + // tagging test - only works if CHOICE implemented + // + /* + ASN1TaggedObject tag = new DERTaggedObject(false, 1, new X509Name("CN=AA")); + + if (!tag.isExplicit()) + { + Fail("failed to explicitly tag CHOICE object"); + } + + X509Name name = X509Name.getInstance(tag, false); + + if (!name.equals(new X509Name("CN=AA"))) + { + Fail("failed to recover tagged name"); + } + */ + + DerUtf8String testString = new DerUtf8String("The Legion of the Bouncy Castle"); + byte[] encodedBytes = testString.GetEncoded(); + string hexEncodedString = "#" + Hex.ToHexString(encodedBytes); + + DerUtf8String converted = (DerUtf8String) + new X509DefaultEntryConverter().GetConvertedValue( + X509Name.L , hexEncodedString); + + if (!converted.Equals(testString)) + { + Fail("Failed X509DefaultEntryConverter test"); + } + + // + // try escaped. + // + converted = (DerUtf8String) new X509DefaultEntryConverter().GetConvertedValue( + X509Name.L , "\\" + hexEncodedString); + + if (!converted.Equals(new DerUtf8String(hexEncodedString))) + { + Fail("Failed X509DefaultEntryConverter test got " + converted + " expected: " + hexEncodedString); + } + + // + // try a weird value + // + X509Name n = new X509Name("CN=\\#nothex#string"); + + if (!n.ToString().Equals("CN=\\#nothex#string")) + { + Fail("# string not properly escaped."); + } + + IList vls = n.GetValueList(X509Name.CN); + if (vls.Count != 1 || !vls[0].Equals("#nothex#string")) + { + Fail("Escaped # not reduced properly"); + } + + n = new X509Name("CN=\"a+b\""); + + vls = n.GetValueList(X509Name.CN); + if (vls.Count != 1 || !vls[0].Equals("a+b")) + { + Fail("Escaped + not reduced properly"); + } + + n = new X509Name("CN=a\\+b"); + + vls = n.GetValueList(X509Name.CN); + if (vls.Count != 1 || !vls[0].Equals("a+b")) + { + Fail("Escaped + not reduced properly"); + } + + if (!n.ToString().Equals("CN=a\\+b")) + { + Fail("+ in string not properly escaped."); + } + + n = new X509Name("CN=a\\=b"); + + vls = n.GetValueList(X509Name.CN); + if (vls.Count != 1 || !vls[0].Equals("a=b")) + { + Fail("Escaped = not reduced properly"); + } + + if (!n.ToString().Equals("CN=a\\=b")) + { + Fail("= in string not properly escaped."); + } + + n = new X509Name("TELEPHONENUMBER=\"+61999999999\""); + + vls = n.GetValueList(X509Name.TelephoneNumber); + if (vls.Count != 1 || !vls[0].Equals("+61999999999")) + { + Fail("telephonenumber escaped + not reduced properly"); + } + + n = new X509Name("TELEPHONENUMBER=\\+61999999999"); + + vls = n.GetValueList(X509Name.TelephoneNumber); + if (vls.Count != 1 || !vls[0].Equals("+61999999999")) + { + Fail("telephonenumber escaped + not reduced properly"); + } + + n = new X509Name(@"TELEPHONENUMBER=\+61999999999"); + + vls = n.GetValueList(X509Name.TelephoneNumber); + if (vls.Count != 1 || !vls[0].Equals("+61999999999")) + { + Fail("telephonenumber escaped + not reduced properly"); + } + } + + private void compositeTest() + { + // + // composite test + // + byte[] enc = Hex.Decode("305e310b300906035504061302415531283026060355040a0c1f546865204c6567696f6e206f662074686520426f756e637920436173746c653125301006035504070c094d656c626f75726e653011060355040b0c0a4173636f742056616c65"); + X509Name n = X509Name.GetInstance(Asn1Object.FromByteArray(enc)); + + if (!n.ToString().Equals("C=AU,O=The Legion of the Bouncy Castle,L=Melbourne+OU=Ascot Vale")) + { + Fail("Failed composite to string test got: " + n.ToString()); + } + + IDictionary symbols = X509Name.DefaultSymbols; + if (!n.ToString(true, symbols).Equals("L=Melbourne+OU=Ascot Vale,O=The Legion of the Bouncy Castle,C=AU")) + { + Fail("Failed composite to string test got: " + n.ToString(true, symbols)); + } + + n = new X509Name(true, "L=Melbourne+OU=Ascot Vale,O=The Legion of the Bouncy Castle,C=AU"); + if (!n.ToString().Equals("C=AU,O=The Legion of the Bouncy Castle,L=Melbourne+OU=Ascot Vale")) + { + Fail("Failed composite to string reversal test got: " + n.ToString()); + } + + n = new X509Name("C=AU, O=The Legion of the Bouncy Castle, L=Melbourne + OU=Ascot Vale"); + + byte[] enc2 = n.GetEncoded(); + + if (!Arrays.AreEqual(enc, enc2)) + { + Fail("Failed composite string to encoding test"); + } + + // + // dud name test - handle empty DN without barfing. + // + n = new X509Name("C=CH,O=,OU=dummy,CN=mail@dummy.com"); + + n = X509Name.GetInstance(Asn1Object.FromByteArray(n.GetEncoded())); + } + + private void equalityTest( + X509Name x509Name, + X509Name x509Name1) + { + if (!x509Name.Equivalent(x509Name1)) + { + Fail("equality test failed for " + x509Name + " : " + x509Name1); + } + + // FIXME Sort out X509Name hashcode problem +// if (x509Name.GetHashCode() != x509Name1.GetHashCode()) +// { +// Fail("GetHashCode test failed for " + x509Name + " : " + x509Name1); +// } + + if (!x509Name.Equivalent(x509Name1, true)) + { + Fail("equality test failed for " + x509Name + " : " + x509Name1); + } + } + + private bool CompareVectors( + IList one, + IList two) + { + if (one.Count != two.Count) + return false; + + for (int i = 0; i < one.Count; ++i) + { + if (!one[i].Equals(two[i])) + return false; + } + + return true; + } + + public static void Main( + string[] args) + { + ITest test = new X509NameTest(); + ITestResult result = test.Perform(); + + Console.WriteLine(result); + } + + [Test] + public void TestFunction() + { + string resultText = Perform().ToString(); + + Assert.AreEqual(Name + ": Okay", resultText); + } + } +} diff --git a/BouncyCastle/crypto/test/src/asn1/test/X9Test.cs b/BouncyCastle/crypto/test/src/asn1/test/X9Test.cs new file mode 100644 index 0000000..db2541f --- /dev/null +++ b/BouncyCastle/crypto/test/src/asn1/test/X9Test.cs @@ -0,0 +1,172 @@ +using System; +using System.IO; + +using NUnit.Framework; + +using Org.BouncyCastle.Asn1.Pkcs; +using Org.BouncyCastle.Asn1.Sec; +using Org.BouncyCastle.Asn1.X509; +using Org.BouncyCastle.Asn1.X9; +using Org.BouncyCastle.Math; +using Org.BouncyCastle.Math.EC; +using Org.BouncyCastle.Utilities; +using Org.BouncyCastle.Utilities.Encoders; +using Org.BouncyCastle.Utilities.Test; + +namespace Org.BouncyCastle.Asn1.Tests +{ + [TestFixture] + public class X9Test + : SimpleTest + { + private static readonly byte[] namedPub = Base64.Decode("MDcwEwYHKoZIzj0CAQYIKoZIzj0DAQEDIAADG5xRI+Iki/JrvL20hoDUa7Cggzorv5B9yyqSMjYu"); + private static readonly byte[] expPub = Base64.Decode( + "MIH8MIHXBgcqhkjOPQIBMIHLAgEBMCkGByqGSM49AQECHn///////////////3///////4AAAA" + + "AAAH///////zBXBB5///////////////9///////+AAAAAAAB///////wEHiVXBfoqMGZUsfTL" + + "A9anUKMMJQEC1JiHF9m6FattPgMVAH1zdBaP/jRxtgqFdoahlHXTv6L/BB8DZ2iujhi7ks/PAF" + + "yUmqLG2UhT0OZgu/hUsclQX+laAh5///////////////9///+XXetBs6YFfDxDIUZSZVECAQED" + + "IAADG5xRI+Iki/JrvL20hoDUa7Cggzorv5B9yyqSMjYu"); + + private static readonly byte[] namedPriv = Base64.Decode("MDkCAQAwEwYHKoZIzj0CAQYIKoZIzj0DAQEEHzAdAgEBBBgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAo="); + private static readonly byte[] expPriv = Base64.Decode( + "MIIBBAIBADCB1wYHKoZIzj0CATCBywIBATApBgcqhkjOPQEBAh5///////////////9///////" + + "+AAAAAAAB///////8wVwQef///////////////f///////gAAAAAAAf//////8BB4lVwX6KjBmVL" + + "H0ywPWp1CjDCUBAtSYhxfZuhWrbT4DFQB9c3QWj/40cbYKhXaGoZR107+i/wQfA2doro4Yu5LPzw" + + "BclJqixtlIU9DmYLv4VLHJUF/pWgIef///////////////f///l13rQbOmBXw8QyFGUmVRAgEBBC" + + "UwIwIBAQQeAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAU"); + + private void EncodePublicKey() + { + X9ECParameters ecP = X962NamedCurves.GetByOid(X9ObjectIdentifiers.Prime239v3); + + if (X9IntegerConverter.GetByteLength(ecP.Curve) != 30) + { + Fail("wrong byte length reported for curve"); + } + + if (ecP.Curve.FieldSize != 239) + { + Fail("wrong field size reported for curve"); + } + + // + // named curve + // + X962Parameters _params = new X962Parameters(X9ObjectIdentifiers.Prime192v1); + ECPoint point = ecP.G.Multiply(BigInteger.ValueOf(100)); + + DerOctetString p = new DerOctetString(point.GetEncoded(true)); + + SubjectPublicKeyInfo info = new SubjectPublicKeyInfo(new AlgorithmIdentifier(X9ObjectIdentifiers.IdECPublicKey, _params), p.GetOctets()); + if (!Arrays.AreEqual(info.GetEncoded(), namedPub)) + { + Fail("failed public named generation"); + } + + X9ECPoint x9P = new X9ECPoint(ecP.Curve, p); + + if (!Arrays.AreEqual(p.GetOctets(), x9P.Point.GetEncoded())) + { + Fail("point encoding not preserved"); + } + + Asn1Object o = Asn1Object.FromByteArray(namedPub); + + if (!info.Equals(o)) + { + Fail("failed public named equality"); + } + + // + // explicit curve parameters + // + _params = new X962Parameters(ecP); + + info = new SubjectPublicKeyInfo(new AlgorithmIdentifier(X9ObjectIdentifiers.IdECPublicKey, _params), p.GetOctets()); + + if (!Arrays.AreEqual(info.GetEncoded(), expPub)) + { + Fail("failed public explicit generation"); + } + + o = Asn1Object.FromByteArray(expPub); + + if (!info.Equals(o)) + { + Fail("failed public explicit equality"); + } + } + + private void EncodePrivateKey() + { + X9ECParameters ecP = X962NamedCurves.GetByOid(X9ObjectIdentifiers.Prime192v1); + + // + // named curve + // + X962Parameters _params = new X962Parameters(X9ObjectIdentifiers.Prime192v1); + + PrivateKeyInfo info = new PrivateKeyInfo(new AlgorithmIdentifier(X9ObjectIdentifiers.IdECPublicKey, _params), + new ECPrivateKeyStructure(ecP.N.BitLength, BigInteger.Ten).ToAsn1Object()); + + if (!Arrays.AreEqual(info.GetEncoded(), namedPriv)) + { + Fail("failed private named generation"); + } + + Asn1Object o = Asn1Object.FromByteArray(namedPriv); + + if (!info.Equals(o)) + { + Fail("failed private named equality"); + } + + // + // explicit curve parameters + // + ecP = X962NamedCurves.GetByOid(X9ObjectIdentifiers.Prime239v3); + + _params = new X962Parameters(ecP); + + info = new PrivateKeyInfo(new AlgorithmIdentifier(X9ObjectIdentifiers.IdECPublicKey, _params), + new ECPrivateKeyStructure(ecP.N.BitLength, BigInteger.ValueOf(20)).ToAsn1Object()); + + if (!Arrays.AreEqual(info.GetEncoded(), expPriv)) + { + Fail("failed private explicit generation"); + } + + o = Asn1Object.FromByteArray(expPriv); + + if (!info.Equals(o)) + { + Fail("failed private explicit equality"); + } + } + + public override void PerformTest() + { + EncodePublicKey(); + EncodePrivateKey(); + } + + public override string Name + { + get { return "X9"; } + } + + public static void Main( + string[] args) + { + RunTest(new X9Test()); + } + + [Test] + public void TestFunction() + { + string resultText = Perform().ToString(); + + Assert.AreEqual(Name + ": Okay", resultText); + } + } +} diff --git a/BouncyCastle/crypto/test/src/cmp/test/ProtectedMessageTest.cs b/BouncyCastle/crypto/test/src/cmp/test/ProtectedMessageTest.cs new file mode 100644 index 0000000..22e4b1c --- /dev/null +++ b/BouncyCastle/crypto/test/src/cmp/test/ProtectedMessageTest.cs @@ -0,0 +1,410 @@ +using System; +using System.Collections; + +using NUnit.Framework; + +using Org.BouncyCastle.Asn1; +using Org.BouncyCastle.Asn1.Cmp; +using Org.BouncyCastle.Asn1.Crmf; +using Org.BouncyCastle.Crmf; +using Org.BouncyCastle.Asn1.X509; +using Org.BouncyCastle.Cms; +using Org.BouncyCastle.Crypto; +using Org.BouncyCastle.Crypto.Generators; +using Org.BouncyCastle.Crypto.Operators; +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Math; +using Org.BouncyCastle.Security; +using Org.BouncyCastle.Utilities.Encoders; +using Org.BouncyCastle.Utilities.Test; +using Org.BouncyCastle.X509; + +namespace Org.BouncyCastle.Cmp.Tests +{ + [TestFixture] + public class ProtectedMessageTest : SimpleTest + { + public override string Name + { + get { return "ProtectedMessage"; } + } + + public override void PerformTest() + { + TestVerifyBCJavaGeneratedMessage(); + TestSubsequentMessage(); + TestMacProtectedMessage(); + TestProtectedMessage(); + TestConfirmationMessage(); + TestSampleCr(); + } + + // [Test] + // public void TestServerSideKey() + // { + // RsaKeyPairGenerator rsaKeyPairGenerator = new RsaKeyPairGenerator(); + // rsaKeyPairGenerator.Init(new RsaKeyGenerationParameters(BigInteger.ValueOf(65537), new SecureRandom(), 2048, 100)); + // AsymmetricCipherKeyPair rsaKeyPair = rsaKeyPairGenerator.GenerateKeyPair(); + // + // TestCertBuilder builder = new TestCertBuilder() + // { + // Issuer = new X509Name("CN=Test"), + // Subject = new X509Name("CN=Test"), + // NotBefore = DateTime.UtcNow.AddDays(-1), + // NotAfter = DateTime.UtcNow.AddDays(1), + // PublicKey = rsaKeyPair.Public, + // SignatureAlgorithm = "MD5WithRSAEncryption" + // }; + // + // builder.AddAttribute(X509Name.C, "Foo"); + // X509Certificate cert = builder.Build(rsaKeyPair.Private); + // + // GeneralName sender = new GeneralName(new X509Name("CN=Sender")); + // GeneralName recipient = new GeneralName(new X509Name("CN=Recip")); + // + // + // + // } + + [Test] + public void TestNotBeforeNotAfter() + { + RsaKeyPairGenerator rsaKeyPairGenerator = new RsaKeyPairGenerator(); + rsaKeyPairGenerator.Init(new RsaKeyGenerationParameters(BigInteger.ValueOf(65537), new SecureRandom(), 2048, 100)); + AsymmetricCipherKeyPair rsaKeyPair = rsaKeyPairGenerator.GenerateKeyPair(); + + doNotBeforeNotAfterTest(rsaKeyPair, MakeUtcDateTime(1, 1, 1, 0, 0, 1), MakeUtcDateTime(1, 1, 1, 0, 0, 10)); + doNotBeforeNotAfterTest(rsaKeyPair, DateTime.MinValue, MakeUtcDateTime(1, 1, 1, 0, 0, 10)); + doNotBeforeNotAfterTest(rsaKeyPair, MakeUtcDateTime(1, 1, 1, 0, 0, 1), DateTime.MinValue); + } + + private void doNotBeforeNotAfterTest(AsymmetricCipherKeyPair kp, DateTime notBefore, DateTime notAfter) + { + CertificateRequestMessageBuilder builder = new CertificateRequestMessageBuilder(BigInteger.One) + .SetPublicKey(SubjectPublicKeyInfoFactory.CreateSubjectPublicKeyInfo(kp.Public)) + .SetProofOfPossessionSubsequentMessage(SubsequentMessage.encrCert); + + builder.SetValidity(new Time(notBefore), new Time(notAfter)); + CertificateRequestMessage msg = builder.Build(); + + if (!notBefore.Equals(DateTime.MinValue)) + { + IsTrue("NotBefore did not match", (notBefore.Equals(msg.GetCertTemplate().Validity.NotBefore.ToDateTime()))); + } + else + { + IsTrue("Expected NotBefore to empty.", DateTime.MinValue == msg.GetCertTemplate().Validity.NotBefore.ToDateTime()); + } + + if (!notAfter.Equals(DateTime.MinValue)) + { + IsTrue("NotAfter did not match", (notAfter.Equals(msg.GetCertTemplate().Validity.NotAfter.ToDateTime()))); + } + else + { + IsTrue("Expected NotAfter to be empty.", DateTime.MinValue == msg.GetCertTemplate().Validity.NotAfter.ToDateTime()); + } + } + + [Test] + public void TestSubsequentMessage() + { + RsaKeyPairGenerator rsaKeyPairGenerator = new RsaKeyPairGenerator(); + rsaKeyPairGenerator.Init(new RsaKeyGenerationParameters(BigInteger.ValueOf(65537), new SecureRandom(), 2048, 100)); + AsymmetricCipherKeyPair rsaKeyPair = rsaKeyPairGenerator.GenerateKeyPair(); + + TestCertBuilder builder = new TestCertBuilder(); + builder.NotBefore = DateTime.UtcNow.AddDays(-1); + builder.NotAfter = DateTime.UtcNow.AddDays(1); + builder.PublicKey = rsaKeyPair.Public; + builder.SignatureAlgorithm = "Sha1WithRSAEncryption"; + + X509Certificate cert = builder.Build(rsaKeyPair.Private); + GeneralName user = new GeneralName(new X509Name("CN=Test")); + + CertificateRequestMessageBuilder crmBuiler = new CertificateRequestMessageBuilder(BigInteger.One) + .SetPublicKey(SubjectPublicKeyInfoFactory.CreateSubjectPublicKeyInfo(rsaKeyPair.Public)) + .SetProofOfPossessionSubsequentMessage(SubsequentMessage.encrCert); + + ISignatureFactory sigFact = new Asn1SignatureFactory("SHA256WithRSA", rsaKeyPair.Private); + + ProtectedPkiMessage certRequestMsg = new ProtectedPkiMessageBuilder(user, user) + .SetTransactionId(new byte[] { 1, 2, 3, 4, 5 }) + .SetBody(new PkiBody(PkiBody.TYPE_KEY_RECOVERY_REQ, new CertReqMessages(new CertReqMsg[] { crmBuiler.Build().ToAsn1Structure() }))) + .AddCmpCertificate(cert) + .Build(sigFact); + + ProtectedPkiMessage msg = new ProtectedPkiMessage(new GeneralPkiMessage(certRequestMsg.ToAsn1Message().GetDerEncoded())); + CertReqMessages reqMsgs = CertReqMessages.GetInstance(msg.Body.Content); + CertReqMsg reqMsg = reqMsgs.ToCertReqMsgArray()[0]; + IsEquals(ProofOfPossession.TYPE_KEY_ENCIPHERMENT, reqMsg.Popo.Type); + } + + [Test] + public void TestSampleCr() + { + byte[] raw = Base64.Decode( + "MIIB5TCB3AIBAqQdMBsxDDAKBgNVBAMMA0FSUDELMAkGA1UEBhMCQ0ikOTA3MREwDwYDVQQDDAhBZG1pbkNBM" + + "TEVMBMGA1UECgwMRUpCQ0EgU2FtcGxlMQswCQYDVQQGEwJTRaFGMEQGCSqGSIb2fQdCDTA3BBxzYWx0Tm9NYX" + + "R0ZXJXaGF0VGhpc1N0cmluZ0lzMAcGBSsOAwIaAgIEADAKBggrBgEFBQgBAqIQBA5TZW5kZXJLSUQtMjAwOKQ" + + "PBA0xMjAzNjA3MDE1OTQ0pRIEEOPfE1DMncRUdrBj8KelgsCigeowgecwgeQwgd0CAQAwgcGlHTAbMQwwCgYD" + + "VQQDDANBUlAxCzAJBgNVBAYTAkNIpoGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCrrv4e42olM2YJqSbCN" + + "d19EtW7d6T8HYvcSU5wsm5icKFkxyD5jrO/2xYh3zqUFYwZap0pA7qbhxk5sEne2ywVpt2lGSmpAU8M7hC9oh" + + "Ep9wvv+3+td5MEO+qMuWWxF8OZBlYIFBZ/k+pGlU+4XlBP5Ai6pu/EI/0A+1/bcGs0sQIDAQABMBQwEgYJKwY" + + "BBQUHBQEBDAVEVU1NWaACBQCgFwMVAO73HUPF//mY5+E714Cv5oprt0kO\r\n"); + + ProtectedPkiMessage msg = new ProtectedPkiMessage(new GeneralPkiMessage(raw)); + + IsTrue(msg.Verify(new PKMacBuilder(), "TopSecret1234".ToCharArray())); + } + + [Test] + public void TestConfirmationMessage() + { + RsaKeyPairGenerator rsaKeyPairGenerator = new RsaKeyPairGenerator(); + rsaKeyPairGenerator.Init(new RsaKeyGenerationParameters(BigInteger.ValueOf(65537), new SecureRandom(), 2048, 100)); + AsymmetricCipherKeyPair rsaKeyPair = rsaKeyPairGenerator.GenerateKeyPair(); + + TestCertBuilder builder = new TestCertBuilder(); + builder.NotBefore = DateTime.UtcNow.AddDays(-1); + builder.NotAfter = DateTime.UtcNow.AddDays(1); + builder.PublicKey = rsaKeyPair.Public; + builder.SignatureAlgorithm = "Sha1WithRSAEncryption"; + + builder.AddAttribute(X509Name.C, "Foo"); + X509Certificate cert = builder.Build(rsaKeyPair.Private); + + GeneralName sender = new GeneralName(new X509Name("CN=Sender")); + GeneralName recipient = new GeneralName(new X509Name("CN=Recip")); + + CertificateConfirmationContent content = new CertificateConfirmationContentBuilder() + .AddAcceptedCertificate(cert, BigInteger.One) + .Build(); + + ProtectedPkiMessageBuilder msgBuilder = new ProtectedPkiMessageBuilder(sender, recipient); + msgBuilder.SetBody(new PkiBody(PkiBody.TYPE_CERT_CONFIRM, content.ToAsn1Structure())); + msgBuilder.AddCmpCertificate(cert); + + ISignatureFactory sigFact = new Asn1SignatureFactory("MD5WithRSA", rsaKeyPair.Private); + ProtectedPkiMessage msg = msgBuilder.Build(sigFact); + + IVerifierFactory verifierFactory = new Asn1VerifierFactory("MD5WithRSA", rsaKeyPair.Public); + + IsTrue("PKIMessage must verify (MD5withRSA)", msg.Verify(verifierFactory)); + + IsEquals(sender, msg.Header.Sender); + IsEquals(recipient, msg.Header.Recipient); + + content = new CertificateConfirmationContent(CertConfirmContent.GetInstance(msg.Body.Content), new DefaultDigestAlgorithmIdentifierFinder()); + CertificateStatus[] statusList = content.GetStatusMessages(); + IsEquals(1, statusList.Length); + IsTrue(statusList[0].IsVerified(cert)); + } + + [Test] + public void TestProtectedMessage() + { + RsaKeyPairGenerator rsaKeyPairGenerator = new RsaKeyPairGenerator(); + rsaKeyPairGenerator.Init(new RsaKeyGenerationParameters(BigInteger.ValueOf(65537), new SecureRandom(), 2048, 100)); + AsymmetricCipherKeyPair rsaKeyPair = rsaKeyPairGenerator.GenerateKeyPair(); + + TestCertBuilder builder = new TestCertBuilder(); + builder.NotBefore = DateTime.UtcNow.AddDays(-1); + builder.NotAfter = DateTime.UtcNow.AddDays(1); + builder.PublicKey = rsaKeyPair.Public; + builder.SignatureAlgorithm = "Sha1WithRSAEncryption"; + + builder.AddAttribute(X509Name.C, "Foo"); + X509Certificate cert = builder.Build(rsaKeyPair.Private); + + GeneralName sender = new GeneralName(new X509Name("CN=Sender")); + GeneralName recipient = new GeneralName(new X509Name("CN=Recip")); + + ProtectedPkiMessageBuilder msgBuilder = new ProtectedPkiMessageBuilder(sender, recipient) + .SetBody(new PkiBody(PkiBody.TYPE_INIT_REP, CertRepMessage.GetInstance(new DerSequence(new DerSequence())))) + .AddCmpCertificate(cert); + + ISignatureFactory sigFact = new Asn1SignatureFactory("MD5WithRSA", rsaKeyPair.Private); + + ProtectedPkiMessage msg = msgBuilder.Build(sigFact); + + X509Certificate certificate = msg.GetCertificates()[0]; + + IVerifierFactory verifierFactory = new Asn1VerifierFactory("MD5WithRSA", rsaKeyPair.Public); + + IsTrue("PKIMessage must verify (MD5withRSA)", msg.Verify(verifierFactory)); + } + + [Test] + public void TestMacProtectedMessage() + { + RsaKeyPairGenerator rsaKeyPairGenerator = new RsaKeyPairGenerator(); + rsaKeyPairGenerator.Init(new RsaKeyGenerationParameters(BigInteger.ValueOf(65537), new SecureRandom(), 2048, + 100)); + AsymmetricCipherKeyPair rsaKeyPair = rsaKeyPairGenerator.GenerateKeyPair(); + + TestCertBuilder builder = new TestCertBuilder(); + builder.NotBefore = DateTime.UtcNow.AddDays(-1); + builder.NotAfter = DateTime.UtcNow.AddDays(1); + builder.PublicKey = rsaKeyPair.Public; + builder.SignatureAlgorithm = "Sha1WithRSAEncryption"; + + builder.AddAttribute(X509Name.C, "Foo"); + X509Certificate cert = builder.Build(rsaKeyPair.Private); + + GeneralName sender = new GeneralName(new X509Name("CN=Sender")); + GeneralName recipient = new GeneralName(new X509Name("CN=Recip")); + + ProtectedPkiMessageBuilder msgBuilder = new ProtectedPkiMessageBuilder(sender, recipient) + .SetBody(new PkiBody(PkiBody.TYPE_INIT_REP, CertRepMessage.GetInstance(new DerSequence(new DerSequence())))) + .AddCmpCertificate(cert); + + // + // Default instance. + // + + PKMacBuilder macFactory = new PKMacBuilder(); + ProtectedPkiMessage msg = msgBuilder.Build(macFactory.Build("testpass".ToCharArray())); + + IsTrue(msg.Verify(macFactory, "testpass".ToCharArray())); + } + + [Test] + public void TestVerifyBCJavaGeneratedMessage() + { + // + // Test with content generated by BC-JAVA version. + // + + ICipherParameters publicKey = PublicKeyFactory.CreateKey(Hex.Decode( + "305c300d06092a864886f70d0101010500034b003048024100ac1e59ba5f96" + + "ba86c86e6d8bbfd43ece04265fa29e6ebdb320388b58af365d05b26970cbd2" + + "6e5b0fa7df2074b90b42a1d16ab270cdb851b53e464b87f683774502030100" + + "01")); + ICipherParameters privateKey = PrivateKeyFactory.CreateKey(Hex.Decode( + "30820155020100300d06092a864886f70d01010105000482013f3082013b02" + + "0100024100ac1e59ba5f96ba86c86e6d8bbfd43ece04265fa29e6ebdb32038" + + "8b58af365d05b26970cbd26e5b0fa7df2074b90b42a1d16ab270cdb851b53e" + + "464b87f68377450203010001024046f3f208570c735349bfe00fdaa1fbcc00" + + "c0f2eebe42279876a168ac43fa74a8cdf9a1bb49066c07cfcfa7196f69f2b9" + + "419d378109db967891428c50273dcc37022100d488dc3fb86f404d726a8166" + + "b2a9aba9bee12fdbf38470a62403a2a20bad0977022100cf51874e479b141f" + + "9915533bf54d68f1940f84d7fe6130538ff01a23e3493423022100986f94f1" + + "0afa9837341219bfabf32fd16ebb9a94fa630a5ccf45e036b383275f02201b" + + "6dff07f563684b31f6e757548254733a12bf91d05f4d8490d3c4b1a0ddcb9f" + + "02210087c3b2049e9a3edfc4cb40a3a275dabf7ffff80b467157e384603042" + + "3fe91d68")); + + byte[] ind = Hex.Decode( + "308201ac306e020102a4133011310f300d06035504030c0653656e646572a4" + + "123010310e300c06035504030c055265636970a140303e06092a864886f67d" + + "07420d30310414fdccb4ffd7848e6a697bee36cbe0f3722ed7fe2f30070605" + + "2b0e03021a020203e8300c06082b060105050801020500a10430023000a017" + + "031500c131c357441daa78eb538bfd9c24870e220fdafaa182011930820115" + + "308201113081bca003020102020601684a515d5b300d06092a864886f70d01" + + "01050500300f310d300b06035504030c0454657374301e170d313930313134" + + "3033303433325a170d3139303432343033303433325a300f310d300b060355" + + "04030c0454657374305c300d06092a864886f70d0101010500034b00304802" + + "4100ac1e59ba5f96ba86c86e6d8bbfd43ece04265fa29e6ebdb320388b58af" + + "365d05b26970cbd26e5b0fa7df2074b90b42a1d16ab270cdb851b53e464b87" + + "f68377450203010001300d06092a864886f70d0101050500034100264b5b76" + + "f268e2a992f05ad83783b091ce806a6726912c6200d06b33375ae58fe3c474" + + "c3a42ad6e572a2c48ae3bf914a7510bb995c3474829cfe71ab679a3db0"); + + ProtectedPkiMessage pkiMsg = new ProtectedPkiMessage(PkiMessage.GetInstance(ind)); + + PbmParameter pbmParameters = PbmParameter.GetInstance(pkiMsg.Header.ProtectionAlg.Parameters); + + IsTrue(pkiMsg.Verify(new PKMacBuilder().SetParameters(pbmParameters), "secret".ToCharArray())); + } + } + + public class TestCertBuilder + { + IDictionary attrs = new Hashtable(); + IList ord = new ArrayList(); + IList values = new ArrayList(); + + private DateTime notBefore, notAfter; + private AsymmetricKeyParameter publicKey; + private string signatureAlgorithm; + private X509Name issuer, subject; + + public DateTime NotBefore + { + get { return notBefore; } + set { this.notBefore = value; } + } + + public DateTime NotAfter + { + get { return notAfter; } + set { this.notAfter = value; } + } + + public AsymmetricKeyParameter PublicKey + { + get { return publicKey; } + set { this.publicKey = value; } + } + + public string SignatureAlgorithm + { + get { return signatureAlgorithm; } + set { this.signatureAlgorithm = value; } + } + + public X509Name Issuer + { + get { return issuer; } + set { this.issuer = value; } + } + + public X509Name Subject + { + get { return subject; } + set { this.subject = value; } + } + + public TestCertBuilder AddAttribute(DerObjectIdentifier name, Object value) + { + attrs[name] = value; + ord.Add(name); + values.Add(value); + return this; + } + + public X509Certificate Build(AsymmetricKeyParameter privateKey) + { + X509V3CertificateGenerator certGen = new X509V3CertificateGenerator(); + + certGen.SetSerialNumber(BigInteger.One); + + if (Issuer != null) + { + certGen.SetIssuerDN(Issuer); + } + else + { + certGen.SetIssuerDN(new X509Name(ord, attrs)); + } + + certGen.SetNotBefore(NotBefore); + certGen.SetNotAfter(NotAfter); + + if (Subject != null) + { + certGen.SetSubjectDN(Subject); + } + else + { + certGen.SetSubjectDN(new X509Name(ord, attrs)); + } + + certGen.SetPublicKey(PublicKey); + certGen.SetSignatureAlgorithm(SignatureAlgorithm); + + return certGen.Generate(privateKey); + } + } +} diff --git a/BouncyCastle/crypto/test/src/cms/test/AllTests.cs b/BouncyCastle/crypto/test/src/cms/test/AllTests.cs new file mode 100644 index 0000000..52ca95f --- /dev/null +++ b/BouncyCastle/crypto/test/src/cms/test/AllTests.cs @@ -0,0 +1,36 @@ +#if !LIB +using System; + +using NUnit.Core; +using NUnit.Framework; +using Org.BouncyCastle.Asn1.Tests; +using Org.BouncyCastle.Utilities.Test; + +namespace Org.BouncyCastle.Cms.Tests +{ + public class AllTests + { + public static void Main(string[] args) + { + Suite.Run(new NullListener(), NUnit.Core.TestFilter.Empty); + } + + [Suite] + public static TestSuite Suite + { + get + { + TestSuite suite = new TestSuite("CMS Tests"); + suite.Add(new CompressedDataTest()); + suite.Add(new CompressedDataStreamTest()); + suite.Add(new EnvelopedDataTest()); + suite.Add(new EnvelopedDataStreamTest()); + suite.Add(new Rfc4134Test()); + suite.Add(new SignedDataTest()); + suite.Add(new SignedDataStreamTest()); + return suite; + } + } + } +} +#endif diff --git a/BouncyCastle/crypto/test/src/cms/test/AuthenticatedDataStreamTest.cs b/BouncyCastle/crypto/test/src/cms/test/AuthenticatedDataStreamTest.cs new file mode 100644 index 0000000..68f38d1 --- /dev/null +++ b/BouncyCastle/crypto/test/src/cms/test/AuthenticatedDataStreamTest.cs @@ -0,0 +1,112 @@ +using System; +using System.Collections; +using System.IO; +using System.Text; + +using NUnit.Framework; + +using Org.BouncyCastle.Asn1; +using Org.BouncyCastle.Asn1.Pkcs; +using Org.BouncyCastle.Crypto; +using Org.BouncyCastle.Utilities; +using Org.BouncyCastle.Utilities.Encoders; +using Org.BouncyCastle.X509; + +namespace Org.BouncyCastle.Cms.Tests +{ + [TestFixture] + public class AuthenticatedDataStreamTest + { + private const string SignDN = "O=Bouncy Castle, C=AU"; + + private static AsymmetricCipherKeyPair signKP; +// private static X509Certificate signCert; + //signCert = CmsTestUtil.MakeCertificate(_signKP, SignDN, _signKP, SignDN); + +// private const string OrigDN = "CN=Bob, OU=Sales, O=Bouncy Castle, C=AU"; + +// private static AsymmetricCipherKeyPair origKP; + //origKP = CmsTestUtil.MakeKeyPair(); +// private static X509Certificate origCert; + //origCert = CmsTestUtil.MakeCertificate(_origKP, OrigDN, _signKP, SignDN); + + private const string ReciDN = "CN=Doug, OU=Sales, O=Bouncy Castle, C=AU"; + + private static AsymmetricCipherKeyPair reciKP; + private static X509Certificate reciCert; + + private static AsymmetricCipherKeyPair origECKP; + private static AsymmetricCipherKeyPair reciECKP; + private static X509Certificate reciECCert; + + private static AsymmetricCipherKeyPair SignKP + { + get { return signKP == null ? (signKP = CmsTestUtil.MakeKeyPair()) : signKP; } + } + + private static AsymmetricCipherKeyPair ReciKP + { + get { return reciKP == null ? (reciKP = CmsTestUtil.MakeKeyPair()) : reciKP; } + } + + private static X509Certificate ReciCert + { + get { return reciCert == null ? (reciCert = CmsTestUtil.MakeCertificate(ReciKP, ReciDN, SignKP, SignDN)) : reciCert; } + } + + private static AsymmetricCipherKeyPair OrigECKP + { + get { return origECKP == null ? (origECKP = CmsTestUtil.MakeECDsaKeyPair()) : origECKP; } + } + + private static AsymmetricCipherKeyPair ReciECKP + { + get { return reciECKP == null ? (reciECKP = CmsTestUtil.MakeECDsaKeyPair()) : reciECKP; } + } + + private static X509Certificate ReciECCert + { + get { return reciECCert == null ? (reciECCert = CmsTestUtil.MakeCertificate(ReciECKP, ReciDN, SignKP, SignDN)) : reciECCert; } + } + + [Test] + public void TestKeyTransDESede() + { + tryKeyTrans(Encoding.ASCII.GetBytes("Eric H. Echidna"), CmsEnvelopedGenerator.DesEde3Cbc); + // force multiple octet-string + tryKeyTrans(new byte[2500], CmsEnvelopedGenerator.DesEde3Cbc); + } + + private void tryKeyTrans(byte[] data, string macAlg) + { + CmsAuthenticatedDataStreamGenerator adGen = new CmsAuthenticatedDataStreamGenerator(); + + adGen.AddKeyTransRecipient(ReciCert); + + MemoryStream bOut = new MemoryStream(); + Stream aOut = adGen.Open(bOut, macAlg); + aOut.Write(data, 0, data.Length); + aOut.Close(); + + CmsAuthenticatedDataParser ad = new CmsAuthenticatedDataParser(bOut.ToArray()); + + RecipientInformationStore recipients = ad.GetRecipientInfos(); + + Assert.AreEqual(ad.MacAlgOid, macAlg); + + ICollection c = recipients.GetRecipients(); + + Assert.AreEqual(1, c.Count); + + foreach (RecipientInformation recipient in c) + { + Assert.AreEqual(recipient.KeyEncryptionAlgOid, PkcsObjectIdentifiers.RsaEncryption.Id); + + byte[] recData = recipient.GetContent(ReciKP.Private); + + Assert.IsTrue(Arrays.AreEqual(data, recData)); + Assert.IsTrue(Arrays.AreEqual(ad.GetMac(), recipient.GetMac())); + } + } + } +} \ No newline at end of file diff --git a/BouncyCastle/crypto/test/src/cms/test/AuthenticatedDataTest.cs b/BouncyCastle/crypto/test/src/cms/test/AuthenticatedDataTest.cs new file mode 100644 index 0000000..0ad34a9 --- /dev/null +++ b/BouncyCastle/crypto/test/src/cms/test/AuthenticatedDataTest.cs @@ -0,0 +1,320 @@ +using System; +using System.Collections; +using System.Text; + +using NUnit.Framework; + +using Org.BouncyCastle.Asn1; +using Org.BouncyCastle.Asn1.Pkcs; +using Org.BouncyCastle.Crypto; +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Security; +using Org.BouncyCastle.Utilities; +using Org.BouncyCastle.Utilities.Encoders; +using Org.BouncyCastle.X509; + +namespace Org.BouncyCastle.Cms.Tests +{ + [TestFixture] + public class AuthenticatedDataTest + { + private const string SignDN = "O=Bouncy Castle, C=AU"; + + private static AsymmetricCipherKeyPair signKP; +// private static X509Certificate signCert; + //signCert = CmsTestUtil.MakeCertificate(_signKP, SignDN, _signKP, SignDN); + +// private const string OrigDN = "CN=Bob, OU=Sales, O=Bouncy Castle, C=AU"; + +// private static AsymmetricCipherKeyPair origKP; + //origKP = CmsTestUtil.MakeKeyPair(); +// private static X509Certificate origCert; + //origCert = CmsTestUtil.MakeCertificate(_origKP, OrigDN, _signKP, SignDN); + + private const string ReciDN = "CN=Doug, OU=Sales, O=Bouncy Castle, C=AU"; + + private static AsymmetricCipherKeyPair reciKP; + private static X509Certificate reciCert; + + private static AsymmetricCipherKeyPair origECKP; + private static AsymmetricCipherKeyPair reciECKP; + private static X509Certificate reciECCert; + + private static AsymmetricCipherKeyPair SignKP + { + get { return signKP == null ? (signKP = CmsTestUtil.MakeKeyPair()) : signKP; } + } + + private static AsymmetricCipherKeyPair ReciKP + { + get { return reciKP == null ? (reciKP = CmsTestUtil.MakeKeyPair()) : reciKP; } + } + + private static X509Certificate ReciCert + { + get { return reciCert == null ? (reciCert = CmsTestUtil.MakeCertificate(ReciKP, ReciDN, SignKP, SignDN)) : reciCert; } + } + + private static AsymmetricCipherKeyPair OrigECKP + { + get { return origECKP == null ? (origECKP = CmsTestUtil.MakeECDsaKeyPair()) : origECKP; } + } + + private static AsymmetricCipherKeyPair ReciECKP + { + get { return reciECKP == null ? (reciECKP = CmsTestUtil.MakeECDsaKeyPair()) : reciECKP; } + } + + private static X509Certificate ReciECCert + { + get { return reciECCert == null ? (reciECCert = CmsTestUtil.MakeCertificate(ReciECKP, ReciDN, SignKP, SignDN)) : reciECCert; } + } + +// private static string _signDN; +// private static KeyPair _signKP; +// private static X509Certificate _signCert; +// +// private static string _origDN; +// private static KeyPair _origKP; +// private static X509Certificate _origCert; +// +// private static string _reciDN; +// private static KeyPair _reciKP; +// private static X509Certificate _reciCert; +// +// private static KeyPair _origEcKP; +// private static KeyPair _reciEcKP; +// private static X509Certificate _reciEcCert; +// +// private static bool _initialised = false; +// +// public bool DEBUG = true; +// +// private static void init() +// { +// if (!_initialised) +// { +// _initialised = true; +// +// _signDN = "O=Bouncy Castle, C=AU"; +// _signKP = CmsTestUtil.makeKeyPair(); +// _signCert = CmsTestUtil.makeCertificate(_signKP, _signDN, _signKP, _signDN); +// +// _origDN = "CN=Bob, OU=Sales, O=Bouncy Castle, C=AU"; +// _origKP = CmsTestUtil.makeKeyPair(); +// _origCert = CmsTestUtil.makeCertificate(_origKP, _origDN, _signKP, _signDN); +// +// _reciDN = "CN=Doug, OU=Sales, O=Bouncy Castle, C=AU"; +// _reciKP = CmsTestUtil.makeKeyPair(); +// _reciCert = CmsTestUtil.makeCertificate(_reciKP, _reciDN, _signKP, _signDN); +// +// _origEcKP = CmsTestUtil.makeEcDsaKeyPair(); +// _reciEcKP = CmsTestUtil.makeEcDsaKeyPair(); +// _reciEcCert = CmsTestUtil.makeCertificate(_reciEcKP, _reciDN, _signKP, _signDN); +// } +// } +// +// public void setUp() +// { +// init(); +// } +// +// public AuthenticatedDataTest(string name) +// { +// super(name); +// } +// +// public static void main(string args[]) +// { +// junit.textui.TestRunner.run(AuthenticatedDataTest.class); +// } +// +// public static Test suite() +// throws Exception +// { +// init(); +// +// return new CMSTestSetup(new TestSuite(AuthenticatedDataTest.class)); +// } + + [Test] + public void TestKeyTransDESede() + { + tryKeyTrans(CmsAuthenticatedDataGenerator.DesEde3Cbc); + } + + [Test] + public void TestKEKDESede() + { + tryKekAlgorithm(CmsTestUtil.MakeDesEde192Key(), new DerObjectIdentifier("1.2.840.113549.1.9.16.3.6")); + } + + [Test] + public void TestPasswordAES256() + { + passwordTest(CmsAuthenticatedDataGenerator.Aes256Cbc); + } + + [Test] + public void TestECKeyAgree() + { + byte[] data = Hex.Decode("504b492d4320434d5320456e76656c6f706564446174612053616d706c65"); + + CmsAuthenticatedDataGenerator adGen = new CmsAuthenticatedDataGenerator(); + + adGen.AddKeyAgreementRecipient(CmsAuthenticatedDataGenerator.ECDHSha1Kdf, OrigECKP.Private, OrigECKP.Public, ReciECCert, CmsAuthenticatedDataGenerator.Aes128Wrap); + + CmsAuthenticatedData ad = adGen.Generate( + new CmsProcessableByteArray(data), + CmsAuthenticatedDataGenerator.DesEde3Cbc); + + RecipientInformationStore recipients = ad.GetRecipientInfos(); + + Assert.AreEqual(CmsAuthenticatedDataGenerator.DesEde3Cbc, ad.MacAlgOid); + + ICollection c = recipients.GetRecipients(); + + Assert.AreEqual(1, c.Count); + + foreach (RecipientInformation recipient in c) + { + byte[] recData = recipient.GetContent(ReciECKP.Private); + + Assert.IsTrue(Arrays.AreEqual(data, recData)); + Assert.IsTrue(Arrays.AreEqual(ad.GetMac(), recipient.GetMac())); + } + } + + [Test] + public void TestEncoding() + { + byte[] data = Encoding.ASCII.GetBytes("Eric H. Echidna"); + + CmsAuthenticatedDataGenerator adGen = new CmsAuthenticatedDataGenerator(); + + adGen.AddKeyTransRecipient(ReciCert); + + CmsAuthenticatedData ad = adGen.Generate( + new CmsProcessableByteArray(data), + CmsAuthenticatedDataGenerator.DesEde3Cbc); + + ad = new CmsAuthenticatedData(ad.GetEncoded()); + + RecipientInformationStore recipients = ad.GetRecipientInfos(); + + Assert.AreEqual(CmsAuthenticatedDataGenerator.DesEde3Cbc, ad.MacAlgOid); + + ICollection c = recipients.GetRecipients(); + + Assert.AreEqual(1, c.Count); + + foreach (RecipientInformation recipient in c) + { + Assert.AreEqual(recipient.KeyEncryptionAlgOid, PkcsObjectIdentifiers.RsaEncryption.Id); + + byte[] recData = recipient.GetContent(ReciKP.Private); + + Assert.IsTrue(Arrays.AreEqual(data, recData)); + Assert.IsTrue(Arrays.AreEqual(ad.GetMac(), recipient.GetMac())); + } + } + + private void tryKeyTrans(string macAlg) + { + byte[] data = Encoding.ASCII.GetBytes("Eric H. Echidna"); + + CmsAuthenticatedDataGenerator adGen = new CmsAuthenticatedDataGenerator(); + + adGen.AddKeyTransRecipient(ReciCert); + + CmsAuthenticatedData ad = adGen.Generate( + new CmsProcessableByteArray(data), + macAlg); + + RecipientInformationStore recipients = ad.GetRecipientInfos(); + + Assert.AreEqual(ad.MacAlgOid, macAlg); + + ICollection c = recipients.GetRecipients(); + + Assert.AreEqual(1, c.Count); + + foreach (RecipientInformation recipient in c) + { + Assert.AreEqual(recipient.KeyEncryptionAlgOid, PkcsObjectIdentifiers.RsaEncryption.Id); + + byte[] recData = recipient.GetContent(ReciKP.Private); + + Assert.IsTrue(Arrays.AreEqual(data, recData)); + Assert.IsTrue(Arrays.AreEqual(ad.GetMac(), recipient.GetMac())); + } + } + + private void tryKekAlgorithm(KeyParameter kek, DerObjectIdentifier algOid) + { + byte[] data = Encoding.ASCII.GetBytes("Eric H. Echidna"); + + CmsAuthenticatedDataGenerator adGen = new CmsAuthenticatedDataGenerator(); + + byte[] kekId = new byte[] { 1, 2, 3, 4, 5 }; + + // FIXME Will this work for macs? + string keyAlgorithm = ParameterUtilities.GetCanonicalAlgorithmName(algOid.Id); + + adGen.AddKekRecipient(keyAlgorithm, kek, kekId); + + CmsAuthenticatedData ad = adGen.Generate( + new CmsProcessableByteArray(data), + CmsAuthenticatedDataGenerator.DesEde3Cbc); + + RecipientInformationStore recipients = ad.GetRecipientInfos(); + + Assert.AreEqual(CmsAuthenticatedDataGenerator.DesEde3Cbc, ad.MacAlgOid); + + ICollection c = recipients.GetRecipients(); + + Assert.AreEqual(1, c.Count); + + foreach (RecipientInformation recipient in c) + { + Assert.AreEqual(recipient.KeyEncryptionAlgOid, algOid.Id); + + byte[] recData = recipient.GetContent(kek); + + Assert.IsTrue(Arrays.AreEqual(data, recData)); + Assert.IsTrue(Arrays.AreEqual(ad.GetMac(), recipient.GetMac())); + } + } + + private void passwordTest(string algorithm) + { + byte[] data = Hex.Decode("504b492d4320434d5320456e76656c6f706564446174612053616d706c65"); + + CmsAuthenticatedDataGenerator adGen = new CmsAuthenticatedDataGenerator(); + + adGen.AddPasswordRecipient(new Pkcs5Scheme2PbeKey("password".ToCharArray(), new byte[20], 5), algorithm); + + CmsAuthenticatedData ad = adGen.Generate( + new CmsProcessableByteArray(data), + CmsAuthenticatedDataGenerator.DesEde3Cbc); + + RecipientInformationStore recipients = ad.GetRecipientInfos(); + + Assert.AreEqual(CmsAuthenticatedDataGenerator.DesEde3Cbc, ad.MacAlgOid); + + ICollection c = recipients.GetRecipients(); + + Assert.AreEqual(1, c.Count); + + foreach (PasswordRecipientInformation recipient in c) + { + CmsPbeKey key = new Pkcs5Scheme2PbeKey("password".ToCharArray(), recipient.KeyDerivationAlgorithm); + + byte[] recData = recipient.GetContent(key); + + Assert.IsTrue(Arrays.AreEqual(data, recData)); + Assert.IsTrue(Arrays.AreEqual(ad.GetMac(), recipient.GetMac())); + } + } + } +} diff --git a/BouncyCastle/crypto/test/src/cms/test/CMSSampleMessages.cs b/BouncyCastle/crypto/test/src/cms/test/CMSSampleMessages.cs new file mode 100644 index 0000000..ae4f60f --- /dev/null +++ b/BouncyCastle/crypto/test/src/cms/test/CMSSampleMessages.cs @@ -0,0 +1,147 @@ +using Org.BouncyCastle.Utilities.Encoders; + +namespace Org.BouncyCastle.Cms.Tests +{ + internal class CmsSampleMessages + { + internal static readonly byte[] originatorMessage = Base64.Decode( + "MIIYGgYJKoZIhvcNAQcDoIIYCzCCGAcCAQKgggRJoIIERTCCBEEwggIpAgkA" + + "xS/+IvjTL8YwDQYJKoZIhvcNAQEFBQAwaTELMAkGA1UEBhMCVVMxGDAWBgNV" + + "BAoTD1UuUy4gR292ZXJubWVudDESMBAGA1UECxMJSFNQRDEyTGFiMQ8wDQYD" + + "VQQLEwZBZ2VudHMxGzAZBgNVBAMTEkhTUEQxMiBMYWIgQ0EgUm9vdDAeFw0w" + + "NzA1MTQxNzEzMzRaFw0wODA1MTMxNzEzMzRaMFwxCzAJBgNVBAYTAlVTMRgw" + + "FgYDVQQKEw9VLlMuIEdvdmVybm1lbnQxEjAQBgNVBAsTCUhTUEQxMkxhYjEP" + + "MA0GA1UECxMGQWdlbnRzMQ4wDAYDVQQDEwV1c2VyMTCCASIwDQYJKoZIhvcN" + + "AQEBBQADggEPADCCAQoCggEBALC54HvfpSE3yq/EkpNCkUEV6a6Df3q4k8EM" + + "dlg0nQSf2FgYh1GMiztw8SVjrF80l4+Hg5/FW2XN2kpVQBap/H5ziPYXenbi" + + "VLJHCF9LVyYDOS7xGfRtQ+ZhFUcECtaCLJsR7HIiFyKZWGg0c3bFZvFkdZqT" + + "8MMwjhcIVE1BptMqcGriqqMQAUKYmOguAOzMCTGAOxqBXYFmR68WtggVNMMc" + + "5qU6S/4OxeCmaNSPG5p7pA1o4Cnv4aJF1mAPedVPQpAS4Lu2K9nNhRkug0yd" + + "6nPaxgQudk5YxlreNOPKiAHApk9RhGVepGchJCFP2aIPu9tkIiSe3omezSZu" + + "Sy/3F5UCAwEAATANBgkqhkiG9w0BAQUFAAOCAgEAGDxqVI4aR4XNfbk2MtXF" + + "agNYZOswn85X84um9gG323qjYhroW0QDuy3CwtUwhH866mpnJyhJvKx3b8UE" + + "7pZInoNEz1UVn+wgJVXMmaG5mfp3X6z0xDAEaKmDMJXl66wlFGG1iveGgcEi" + + "oMkrxFJKvu/FXywzPvz2pXD9LQapogOQpVsvg/hed//wijDG94UBkhbHTZ53" + + "6ODKuHGmooO6bgqJxKcVyLwQAq/lXGtLqODK9BDicfUzuhLWA0si7Y1daehj" + + "fjgAqFGirqRtPDdk1jywoMJdDCQqocNqNGuu/+9ZoRNtY7XFbiN7h4s4KTkw" + + "YqCph8g+RZYJVZJDw/+qc5ymYZiufbImA08D7x7IzqX9eeuAqKCebkxcK0Dz" + + "eh/wT7Ff8csw0xqkkEbi5sTORogPexKGo9T1P4j/UbOyCHaIwFQVE67kYJqZ" + + "U3BB7mGNE/dKru7jC7Aadorpj7P/EQ8sfoq5wC9r3wfFB1f5znN9ZfXd3zSU" + + "Gxne2PGl3Ry4DhrhWGy/HqB+StPSkLPJL1RNtKkywtaJG1QBnrMnLNsV7T0R" + + "mIDn69NkDkc59LAuB7yxwBmhYA7c7cHckdX3bE7zgN6yYdiyLyXr+ZQl+3J8" + + "bBPN/IVSs5Wr1kK9RDrFX8MdP95LZxHlgMATwAqoEPe5r2tvvGBoajoIA2Tw" + + "71QxggGSMIIBjgIBADB2MGkxCzAJBgNVBAYTAlVTMRgwFgYDVQQKEw9VLlMu" + + "IEdvdmVybm1lbnQxEjAQBgNVBAsTCUhTUEQxMkxhYjEPMA0GA1UECxMGQWdl" + + "bnRzMRswGQYDVQQDExJIU1BEMTIgTGFiIENBIFJvb3QCCQDFL/4i+NMvyTAN" + + "BgkqhkiG9w0BAQEFAASCAQCGpoi8DBLf6I2fwqVp9MPA5M0QNRnC34AMoc7N" + + "/JGKM5dWcGNpN83yL9QmOfjgyxzwJ3L3e3hYdoXp9MNelzG5ssyyKw4NxRgM" + + "C1aRPWx1R1aKee/NAgvBjN3FyDN3Pl4ACz2EMrDMmilR0zmSJkDBVbGjxNzs" + + "ZPxtsBlHeLRky/K/ZrTy5jIheFcKt/0dNJiMsFh+677OlRhDihdLzYeV4RK1" + + "5Iy1j18ls5rJMYh1fmZOx9T6wvlpw84IjFHzUcIxIBg8t1cUkncXbg1r+rxm" + + "zIaalAKdYp58oMpjy9wV6E1mxgAM/lvE/jwiYP4/a6TsXTLDPNIxe9RZVdhA" + + "GCPvMIISHQYJKoZIhvcNAQcBMBQGCCqGSIb3DQMHBAgQBLQIaeQQMYCCEfgv" + + "FBzVKLnlRNCjs2JE/G8jBI8aduv6YQTYTt0ePh9JEHTmSi7ISbCDdAf5baKN" + + "mzVGQJj87Srz3YyEmUcozxscWnWgVWpUbx0GJkjz6LqyGLQ3VnqUDG80xnXo" + + "nQY5q4ko6avyMIDZ+zzI2fs9ChAlBjZ41Qb0FnwDPZBH3N43q+puVWesE4wj" + + "LGftt63T4k2D/qMdg7fVfHkAsXPJIxkvR4vUrGEvxTl9e24146wYgCXe+66T" + + "UcAMViNCMr8UiFQFQYSmuPcSTHgQHqEaBwYys6X+fe61yE16mUazs32yVH2v" + + "Cyf1mG4/GAaSmqR/BIU7y7trGd+g/KaT1Kp76e+Rys9G/oakoeIH3Hkgdhmc" + + "pFBPklIlgA57EocK5n84tFRv9n9cmsbOfy0EjEa6vU4ImMPZQS4iyhLCWD1u" + + "tQziu5FyHSb9COveUPuGY2iTrOWG34rHIagNndXi1OuAIGQrLjbntHmogqxb" + + "zkB+yojr+WBwY1efb8X+WQ2L+us9v31qNGA0wyfg4AC5FZur90rBxBq59UPz" + + "JAVRD6NP5FRPdxuvHclDoGBoiMr9NXO3Uv0tJuYADHlWMQnUGoPEL7UxzuPJ" + + "VAWuHpGiywzOcWMiFEiDSIZrv4RViIVIRhEtm2bO7Ta/AGTfvJcyb6ySexc1" + + "aR5TWYOjqv1NaGAVQ1vPyqazH+g17y5wnBRj2c3nSMwksn/nC60e4ax+/yaE" + + "Ls9Qou9a0L2IyQgDlvhBA4CcRGcHklhlzAovGBX2gWG31CK05doZhH7bRIrj" + + "8h1XOF2izffrfWb6LcDcZptw5BQWT5XeyoKD4eNZfJ4ww+dMw4+0MkXPZEn6" + + "Fqg+jam9ZioqXiw5Y6bdzxawefe6gvxeca3f53KDXEm4qFaVuDgyjNZhEmyB" + + "gmsWRKokQ5DDlj1PfVlO4g2Uee4zbvmr7Yx6tGnnxm6o5i/COwvvRSXp8Oj7" + + "Zej0ZA+1zenNRAGXwuTKrbQ9ZZYRi4LCXluuVmy8vocGm8bnuqulMyz5hsUi" + + "QMAl1knunhaT+/kQOLRwEdJUgfq8ME14XsTNiVq26W8n+9AsYHoFzJhFoCfe" + + "i2wngAs1MMnw1erfnhWibkFZDlG9/5OPBZ3ZzJfgMEdT5Fs+hJxrw7UqNMkb" + + "EoH+3HpzEXfcGqCL6RfdbS0hu85v1CrZv0veK8qI+rQnoqXp+xmBRiSCyWNR" + + "ITepXcJsi6vWYX0nvNNbBjTsFqi78BSVRpg/zOFRvw1gX1TtTXQLcEdalKgf" + + "tEo+An3f3GugB3CFw38IM4JwCB06vXTRQAoK4PM4uNYVXEgSPq4vg9UuHZ3n" + + "V5l96emGLK55N5FO6FvlHFft/7elEFglbnSzSQnzVyj36Z6P7x/Q3td5SY4J" + + "VAJWvR/X4Fe2G6ebIZdNSJef9UyuNPee0Fi1iJUL8L4qO61ijkjYdE3bBcGm" + + "61eWj8NgxtELVgRyXq1vNgMOFlVAwkf2ZNDgNRUM49UnIFTNKnTaeAVB9pW2" + + "DGrZER8LA8ABctAdElECceoMVRUG1uFdAicrEbBHcWJkTdjBPjumE4bE6HUm" + + "vbpNBC4wyoPS6CSvNut/re7I4wgZwho6C6GRUuwraxJZlS+jwEvC+F4Bzlf5" + + "aPygECgVaNmSGP1E/vyN2aF8CLo4NL/5o9GG8DWg9O5GdNSislr4r6ciEjCr" + + "0a6rk47QDn4rDQy8iu/YkZz9u8/GJCAinWQzAvV8byhZxc81CfKj9xYTclDX" + + "AB75blJvUQIP4U7gpWxLB/1sdN2V5f9jw+xTLSpoJ7r/tIeBygF6rFe402Sd" + + "840SLi8ZSufAVeHUoNNDYkA/c1b6k5FaxDtN22tYQi4y3Hs7k03mGhvvLC0l" + + "05fMmvtasFaW5Bupqw8E2a7wHSLmRAXrPvnrblSL/wajptKPJWDJ+oH/9d9k" + + "NkC4EFBpcMEfIDky4PoCtfKQBFa5LT1WDQGfcCnrC9SDfUfhfRLBOpoFmUaT" + + "O0xc0vI/jmDRsoBy9d42ebyGMg5uD6tTOIvszEirpMy5SYPPa64zhHcN+Pzs" + + "db+J6fthc3aVIoob9jdv/aRUH3gDwltSnaLUIc7CWcuHSCGyM/zQPiAzkw0z" + + "x6ii5fdKXsmnQn88E+YqiJTPH0fG+kkhokAGU76bQMn7fJyBeVHhF2hqSr/0" + + "4zCIjgq1Zb+d9sEuRZWF+/XsGl2gwk4vgHTwM+XfU7edQssUR6kyD6wkw7EU" + + "6HaRrflymAHTEvdAB+PaREQbyej7/2lY41qmA9df2I5Izb60NxmMFj9F4M4V" + + "bLJOVNX5fuc8vaIhPG82hIiqe05cnBfRhtmcUUb1WDHVH3klRkti+fHrnbAW" + + "TpWd5m6Wi3VssopaUozWgYVgW9M+Zr5ZUAN9H0Kb4CatxG5YFkD0MCZShGl/" + + "lSc1SUxho6YakBB+5HxCI853/sQ3RMgSrMk+8ftalM2+BrT+V9wMK2O+wM5W" + + "ujrAcM85sQ4OqSZfJ7MmKT8+pcIsRRocmlM/cxUf5hKXfXrmCR5mkf9jxF8B" + + "J1JOwhkD8zQP7sPUcOWEcT8ctOKPygtz6tWWQDW8ciiYULYyJA6ydGrrn6T+" + + "fQj8M2VsM1y4YK9dMfJUeaiP+m4BeoOjs0vqz6pBI6J3lrNz31DaNO6SApUL" + + "4cOx8EZMg498TG0zmQ87yVw4mGmL3JpWBZH89HiNEY5eJ0zEIS3lMaOADRMf" + + "kX8B5YHadeTuAEjXsGtFIlSf1xo45kwCxIfUcikdfu2rb+Bh251Im0oq/XTj" + + "XPeviXasfas6VsMHsmTrqynFdP8THnrmHLCoeAMvgpjirXfIdR7tULJcFJtr" + + "0lZLZfdZgbTsbn9GMQKwMkAAjJLfJq42usvzf4ShC7IRtvOEVAMrebaaK1YF" + + "rtV5z1WNo3VRFonakKj85nXLOAdCNe6T3zESebexJKFn8e/6+shp9IDIRmWr" + + "hiWut6KPFiSgAgfqpeIt9fuHiYeIK8DqISA7QUdAZrgPe8GlctvKkQLvjNW0" + + "srglx9CQuDqZC6C1BLaIs3sE//yLvEd06vDFjDa0WGKWjM/Uo29af/tlL1kC" + + "vDQtDPi8OPIebK8OwI2uNDZ+cnHhv3gZXCdbKkRZc1W+mrU7rUk1Fa0ViVmc" + + "zhVGX22fDXbIrs9zJ+sA+3Towrx2XmMZ+PDkVBxHFE2bk+GABM62BW9YZoX4" + + "R4U+n7E8Ec0sI8srcxEZYX8LWHh1XSU0yEHYjkIWDQUUSGpsbgqnjXJcnTdk" + + "KK5PLk4sthLYwT4o1Gg4lRpc4dn26bIQcpGdY5PEknItDt6IBSc6bYYYoQrl" + + "PIufY67haoc//d5y1LpCi5vc0wTcvbdoVepLrxVAn4MPsejbfIFJ01N0qKgv" + + "fGWVxmRGtGXHe3iNLsMrvSE2FkORSc4sgjC42hfxHTEVmhTnzOplxTsN/MzE" + + "S7ESv/c0rIen+zwXgtiFnTg1VPHcaT4z0DtLBMNjqYNoyDrIHUrWguFeV7/i" + + "RSP7SiztMmlfKhrxlQpaNNm/XvKa1OpKbVStHMgOdpMaaCp8WaX++wb9lG6V" + + "3PqBeVSCuFm1xq6KAERLUdF4XsdXNM/uUhYZX7cGIqRS3vSDJB1EfrZTpUY5" + + "xGllybE/P2gufnG5EMpC2FHx4iW4pWMkYhIpzKv1Tkxe3K6ISs4wEs4n/AtL" + + "hupMGZE9hDJ0LV0nRvRbY8YCRXoBaj6/qF1QED7CG4hx16yrkLAR7Th5rbH7" + + "GFEzNSq1HI0IssDIimD2ZN9Cf++uH6ZpP2JZeJ/gEqGi17ovtnuklx6dtu0l" + + "KL0pQjCyAoQFEFSaVJ1m4oOQJyb58lsG4gOPaPvOw1ruiJ2obt4228VR1pA8" + + "Vm9A41E4pk/vA+VFJ/tSmkB5s2gmBBVcA8mU8iIyzMmliTNHeg53EYAytF5M" + + "X2rA7Ct8ApqbrYSSBTUPC+MEBV7UajamWB6UaSUj575MhEnzm0xl/lFqU6ZF" + + "6w0rdey/KvTiotErOS1q8RcY2dcs9Mz8Dm/8IMBcGfny0i/KLtz0OUOLFg3P" + + "/VrPBt7f+YfDqLVc8AujhrxAH/hwYauJ+Q6HSVTSJI7aXB9xtdsijzMZCmnE" + + "1oKRBkACSWD9BGvS3hpv/VqaHWU4B2dnv2oyrIkdkgQu2OtlFxpcOkqwexIj" + + "ssxxOCmT6dpB8JNehjLDU8WXhtFJVFuR84V7KlyeG/s8TaZgCW6uLLVmpteE" + + "J15bnM9jRTW/FZiHwsjy9kVbvaAT+bbIjn5u7qdGsgAQHdeKy191ONvHIttZ" + + "l/qnvrygLImaTOcuMMzU/0ECNlk0QiU0YbfS/RGH2LtRzk8x3FLFVXRiNtrD" + + "uJuwzlP4RufuoZfJsi0rFOuxNFQ/cZEq1q7TCzqP+saRoSLFK1iRE/Ei06pS" + + "JH+cwHMxk3u7k4+HxF72uK9XHIgY6G6WfZTklH2w2VrsLLZLmJ9SO6Zpyt48" + + "KcwvEcxYoZxp1gfPYDCMHeb7oi/gRj9FjnBaNf2dW3a1RqVo5y0QeSfSH4k8" + + "YWX6k+Yh803ZmoIb//TEbfkbXe8XOIffbMSUuIozCQY/Rt9wAHesMWfgTuB5" + + "LSoa8R+mR5lIS/P1ANHdgNrh+XRFrNFeD0dCw6bdYWUXMVaZbCE8Z8pXQ0LO" + + "ItiPuI+w/izD/lXdKXWJJmN/bq2RJRo4WFEDe6sJH9G2Poe/T4xwTm4kX2uA" + + "IZkYy7bZcez8a0bFJzcsJxUbBPRq93J0fXzpvQsszbVZh94VSc9nkH4FnAxT" + + "Kk2bLcsXANJlw3cFO9jOygrXh6R2fyHX0E8WExb2Q7lG68wU1BJVupT8rZ0Y" + + "oRY6WBYG0LuZb+4VAQuI0/Are3BznsgkqudCjf+JUhu1Yefh2hblWuMPNEWb" + + "mOorerNiIzkrt5tjXyBj0g8w/pL//BIlkW5JerMtKTPMfZSroHw9wuAuqHqF" + + "2sMjsW/Lbr5b8SIdIgo3vrS6EM9MGkATfSZz4z+ZWG3EB6QqcMXCZ4N2/WWl" + + "EPKsIqY/509NZRzqOavcMXkOryRJ7GQpmotNbbalI6r6swRoEQ2IzK5XPCC1" + + "iv52YpcRaV9BDpNNByk4l3ddOiEc4dsOkHjaLNvj6Vo1pG/C1Z8VXRRY909D" + + "nH2+PfUL684WZ6kIPeLfqr7N3ZbNxZAVozVG+WXwBlLFT7L+axeGHOhHdH/g" + + "SVMSmWdRX4eNuofmpsU8f3A9aCnPGDxPnB4WKnAGw34TYZrtZ9mHcjYPsq1q" + + "zY6brfZD4T7tktjAlRL2PYZ15MfWVXVH1xoyjeWImTi0o4nyuy/M0HukDfwY" + + "l6nW77TMRiH54wdQqIZUxa32dNNhjcNslRlpOf6td3FbELqhTiaptRSuKjs9" + + "8evbDFK7rb7n6RSSzAwb3oU8pwr4dM8ArTVc0EqnvdSCs1tx46ckIK3AFgcd" + + "opmNq+Qa7qhN5Zgds3cLPIQiyDThhYGPaIgyn4j/dZb1Qwa2U7urijJrBqeS" + + "/kJ2rEXV9v+OX9yTYKypM05A2gOK/ESPbx24C/HmmGm/yBXBx3pABvKt41Dh" + + "b0syB4hYrsq0RriovGemBrNgy4tiJB5BDI9VpWFC/7LR0quFFOrxxm7YvH2h" + + "GkR0oUc/socA80WZx9TegdiBg9TVPbe0gZmoeQc6XLfscBol0QdZWSmLqFxf" + + "TFN7ksaVAUPXA9phBg/k51YmrwNvx4D/A1bBQRtQmq2N4R0j3uMkynubBEfb" + + "9qvQNXpdygouzKUyrN/w+7clilaq2P+R9i7rriZ1waHyjfvAdeBzQQ/pVmgh" + + "o8EiL/TZpIZ71sTYv28scY+V7yYgBA5S/Y4bdmvzSSoMoK8yH/LcBFJOZLQd" + + "YPt7uKWSwQN8iVDA6ZcsYoKuAUw3ziiRaf+GN58ihLB/y/sGmAmX2XwLsPSZ" + + "uQIF/gT8yXjxoyWDLXl3MUgfx+pGg5vBwAtk9a2elEQR9C3a8PPsOy3N9Jh3" + + "xY/A1gJ/rjuubwrb0Sd2LinzPg5uVuKR1jeMSCEebgoyBj8/t8HvknBqJkpl" + + "tjZ6AxGiQ8+v5jRBzYSyiTQfPMxWzdBKqUePdJcLPITf/XitegQnikgAN6bh" + + "kYMS2G9kXJH2CgDm9z3svmu/0Oz2XWEpVHlOjknghPlTaLRqgWoQbK5dkuiV" + + "k9HhGwwsgiR+"); + } +} diff --git a/BouncyCastle/crypto/test/src/cms/test/CMSTestUtil.cs b/BouncyCastle/crypto/test/src/cms/test/CMSTestUtil.cs new file mode 100644 index 0000000..69f7c29 --- /dev/null +++ b/BouncyCastle/crypto/test/src/cms/test/CMSTestUtil.cs @@ -0,0 +1,515 @@ +using System; +using System.Collections; +using System.IO; +using System.Text; + +using Org.BouncyCastle.Asn1.CryptoPro; +using Org.BouncyCastle.Asn1.X509; +using Org.BouncyCastle.Crypto; +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Math; +using Org.BouncyCastle.Security; +using Org.BouncyCastle.Utilities.Encoders; +using Org.BouncyCastle.Utilities.IO; +using Org.BouncyCastle.X509; +using Org.BouncyCastle.X509.Extension; +using Org.BouncyCastle.X509.Store; + +namespace Org.BouncyCastle.Cms.Tests +{ + public class CmsTestUtil + { + public static SecureRandom rand; + private static IAsymmetricCipherKeyPairGenerator kpg; + private static IAsymmetricCipherKeyPairGenerator gostKpg; + private static IAsymmetricCipherKeyPairGenerator dsaKpg; + private static IAsymmetricCipherKeyPairGenerator ecGostKpg; + private static IAsymmetricCipherKeyPairGenerator ecDsaKpg; + public static CipherKeyGenerator aes192kg; + public static CipherKeyGenerator desede128kg; + public static CipherKeyGenerator desede192kg; + public static CipherKeyGenerator rc240kg; + public static CipherKeyGenerator rc264kg; + public static CipherKeyGenerator rc2128kg; + public static CipherKeyGenerator aesKg; + public static CipherKeyGenerator seedKg; + public static CipherKeyGenerator camelliaKg; + public static BigInteger serialNumber; + + private static readonly byte[] attrCert = Base64.Decode( + "MIIHQDCCBqkCAQEwgZChgY2kgYowgYcxHDAaBgkqhkiG9w0BCQEWDW1sb3JjaEB2" + + "dC5lZHUxHjAcBgNVBAMTFU1hcmt1cyBMb3JjaCAobWxvcmNoKTEbMBkGA1UECxMS" + + "VmlyZ2luaWEgVGVjaCBVc2VyMRAwDgYDVQQLEwdDbGFzcyAyMQswCQYDVQQKEwJ2" + + "dDELMAkGA1UEBhMCVVMwgYmkgYYwgYMxGzAZBgkqhkiG9w0BCQEWDHNzaGFoQHZ0" + + "LmVkdTEbMBkGA1UEAxMSU3VtaXQgU2hhaCAoc3NoYWgpMRswGQYDVQQLExJWaXJn" + + "aW5pYSBUZWNoIFVzZXIxEDAOBgNVBAsTB0NsYXNzIDExCzAJBgNVBAoTAnZ0MQsw" + + "CQYDVQQGEwJVUzANBgkqhkiG9w0BAQQFAAIBBTAiGA8yMDAzMDcxODE2MDgwMloY" + + "DzIwMDMwNzI1MTYwODAyWjCCBU0wggVJBgorBgEEAbRoCAEBMYIFORaCBTU8UnVs" + + "ZSBSdWxlSWQ9IkZpbGUtUHJpdmlsZWdlLVJ1bGUiIEVmZmVjdD0iUGVybWl0Ij4K" + + "IDxUYXJnZXQ+CiAgPFN1YmplY3RzPgogICA8U3ViamVjdD4KICAgIDxTdWJqZWN0" + + "TWF0Y2ggTWF0Y2hJZD0idXJuOm9hc2lzOm5hbWVzOnRjOnhhY21sOjEuMDpmdW5j" + + "dGlvbjpzdHJpbmctZXF1YWwiPgogICAgIDxBdHRyaWJ1dGVWYWx1ZSBEYXRhVHlw" + + "ZT0iaHR0cDovL3d3dy53My5vcmcvMjAwMS9YTUxTY2hlbWEjc3RyaW5nIj4KICAg" + + "ICAgIENOPU1hcmt1cyBMb3JjaDwvQXR0cmlidXRlVmFsdWU+CiAgICAgPFN1Ympl" + + "Y3RBdHRyaWJ1dGVEZXNpZ25hdG9yIEF0dHJpYnV0ZUlkPSJ1cm46b2FzaXM6bmFt" + + "ZXM6dGM6eGFjbWw6MS4wOnN1YmplY3Q6c3ViamVjdC1pZCIgRGF0YVR5cGU9Imh0" + + "dHA6Ly93d3cudzMub3JnLzIwMDEvWE1MU2NoZW1hI3N0cmluZyIgLz4gCiAgICA8" + + "L1N1YmplY3RNYXRjaD4KICAgPC9TdWJqZWN0PgogIDwvU3ViamVjdHM+CiAgPFJl" + + "c291cmNlcz4KICAgPFJlc291cmNlPgogICAgPFJlc291cmNlTWF0Y2ggTWF0Y2hJ" + + "ZD0idXJuOm9hc2lzOm5hbWVzOnRjOnhhY21sOjEuMDpmdW5jdGlvbjpzdHJpbmct" + + "ZXF1YWwiPgogICAgIDxBdHRyaWJ1dGVWYWx1ZSBEYXRhVHlwZT0iaHR0cDovL3d3" + + "dy53My5vcmcvMjAwMS9YTUxTY2hlbWEjYW55VVJJIj4KICAgICAgaHR0cDovL3p1" + + "bmkuY3MudnQuZWR1PC9BdHRyaWJ1dGVWYWx1ZT4KICAgICA8UmVzb3VyY2VBdHRy" + + "aWJ1dGVEZXNpZ25hdG9yIEF0dHJpYnV0ZUlkPSJ1cm46b2FzaXM6bmFtZXM6dGM6" + + "eGFjbWw6MS4wOnJlc291cmNlOnJlc291cmNlLWlkIiBEYXRhVHlwZT0iaHR0cDov" + + "L3d3dy53My5vcmcvMjAwMS9YTUxTY2hlbWEjYW55VVJJIiAvPiAKICAgIDwvUmVz" + + "b3VyY2VNYXRjaD4KICAgPC9SZXNvdXJjZT4KICA8L1Jlc291cmNlcz4KICA8QWN0" + + "aW9ucz4KICAgPEFjdGlvbj4KICAgIDxBY3Rpb25NYXRjaCBNYXRjaElkPSJ1cm46" + + "b2FzaXM6bmFtZXM6dGM6eGFjbWw6MS4wOmZ1bmN0aW9uOnN0cmluZy1lcXVhbCI+" + + "CiAgICAgPEF0dHJpYnV0ZVZhbHVlIERhdGFUeXBlPSJodHRwOi8vd3d3LnczLm9y" + + "Zy8yMDAxL1hNTFNjaGVtYSNzdHJpbmciPgpEZWxlZ2F0ZSBBY2Nlc3MgICAgIDwv" + + "QXR0cmlidXRlVmFsdWU+CgkgIDxBY3Rpb25BdHRyaWJ1dGVEZXNpZ25hdG9yIEF0" + + "dHJpYnV0ZUlkPSJ1cm46b2FzaXM6bmFtZXM6dGM6eGFjbWw6MS4wOmFjdGlvbjph" + + "Y3Rpb24taWQiIERhdGFUeXBlPSJodHRwOi8vd3d3LnczLm9yZy8yMDAxL1hNTFNj" + + "aGVtYSNzdHJpbmciIC8+IAogICAgPC9BY3Rpb25NYXRjaD4KICAgPC9BY3Rpb24+" + + "CiAgPC9BY3Rpb25zPgogPC9UYXJnZXQ+CjwvUnVsZT4KMA0GCSqGSIb3DQEBBAUA" + + "A4GBAGiJSM48XsY90HlYxGmGVSmNR6ZW2As+bot3KAfiCIkUIOAqhcphBS23egTr" + + "6asYwy151HshbPNYz+Cgeqs45KkVzh7bL/0e1r8sDVIaaGIkjHK3CqBABnfSayr3" + + "Rd1yBoDdEv8Qb+3eEPH6ab9021AsLEnJ6LWTmybbOpMNZ3tv"); + + private static IAsymmetricCipherKeyPairGenerator Kpg + { + get + { + if (kpg == null) + { + kpg = GeneratorUtilities.GetKeyPairGenerator("RSA"); + kpg.Init(new RsaKeyGenerationParameters( + BigInteger.ValueOf(17), rand, 1024, 25)); + } + + return kpg; + } + } + + private static IAsymmetricCipherKeyPairGenerator GostKpg + { + get + { + if (gostKpg == null) + { + gostKpg = GeneratorUtilities.GetKeyPairGenerator("GOST3410"); + gostKpg.Init( + new Gost3410KeyGenerationParameters( + rand, + CryptoProObjectIdentifiers.GostR3410x94CryptoProA)); + } + + return gostKpg; + } + } + + private static IAsymmetricCipherKeyPairGenerator DsaKpg + { + get + { + if (dsaKpg == null) + { + DsaParameters dsaSpec = new DsaParameters( + new BigInteger("7434410770759874867539421675728577177024889699586189000788950934679315164676852047058354758883833299702695428196962057871264685291775577130504050839126673"), + new BigInteger("1138656671590261728308283492178581223478058193247"), + new BigInteger("4182906737723181805517018315469082619513954319976782448649747742951189003482834321192692620856488639629011570381138542789803819092529658402611668375788410")); + dsaKpg = GeneratorUtilities.GetKeyPairGenerator("DSA"); + dsaKpg.Init(new DsaKeyGenerationParameters(rand, dsaSpec)); + } + + return dsaKpg; + } + } + + private static IAsymmetricCipherKeyPairGenerator ECGostKpg + { + get + { + if (ecGostKpg == null) + { + ecGostKpg = GeneratorUtilities.GetKeyPairGenerator("ECGOST3410"); + ecGostKpg.Init( + new ECKeyGenerationParameters( + CryptoProObjectIdentifiers.GostR3410x2001CryptoProA, + new SecureRandom())); + } + + return ecGostKpg; + } + } + + private static IAsymmetricCipherKeyPairGenerator ECDsaKpg + { + get + { + if (ecDsaKpg == null) + { + ecDsaKpg = GeneratorUtilities.GetKeyPairGenerator("ECDSA"); + ecDsaKpg.Init(new KeyGenerationParameters(rand, 239)); + } + + return ecDsaKpg; + } + } + + static CmsTestUtil() + { + try + { + rand = new SecureRandom(); + + aes192kg = GeneratorUtilities.GetKeyGenerator("AES"); + aes192kg.Init(new KeyGenerationParameters(rand, 192)); + + desede128kg = GeneratorUtilities.GetKeyGenerator("DESEDE"); + desede128kg.Init(new KeyGenerationParameters(rand, 112)); + + desede192kg = GeneratorUtilities.GetKeyGenerator("DESEDE"); + desede192kg.Init(new KeyGenerationParameters(rand, 168)); + + rc240kg = GeneratorUtilities.GetKeyGenerator("RC2"); + rc240kg.Init(new KeyGenerationParameters(rand, 40)); + + rc264kg = GeneratorUtilities.GetKeyGenerator("RC2"); + rc264kg.Init(new KeyGenerationParameters(rand, 64)); + + rc2128kg = GeneratorUtilities.GetKeyGenerator("RC2"); + rc2128kg.Init(new KeyGenerationParameters(rand, 128)); + + aesKg = GeneratorUtilities.GetKeyGenerator("AES"); + + seedKg = GeneratorUtilities.GetKeyGenerator("SEED"); + + camelliaKg = GeneratorUtilities.GetKeyGenerator("Camellia"); + + serialNumber = BigInteger.One; + } + catch (Exception ex) + { + throw new Exception(ex.ToString()); + } + } + + public static string DumpBase64( + byte[] data) + { + StringBuilder buf = new StringBuilder(); + + data = Base64.Encode(data); + + for (int i = 0; i < data.Length; i += 64) + { + if (i + 64 < data.Length) + { + buf.Append(Encoding.Default.GetString(data, i, 64)); + } + else + { + buf.Append(Encoding.Default.GetString(data, i, data.Length - i)); + } + buf.Append('\n'); + } + + return buf.ToString(); + } + + public static IX509AttributeCertificate GetAttributeCertificate() + { +// X509StreamParser parser = X509StreamParser.GetInstance("AttributeCertificate"); +// parser.Init(CmsTestUtil.attrCert); +// return (X509AttributeCertificate) parser.Read(); + + return new X509AttrCertParser().ReadAttrCert(attrCert); + } + + public static AsymmetricCipherKeyPair MakeKeyPair() + { + return Kpg.GenerateKeyPair(); + } + + public static AsymmetricCipherKeyPair MakeGostKeyPair() + { + return GostKpg.GenerateKeyPair(); + } + + public static AsymmetricCipherKeyPair MakeDsaKeyPair() + { + return DsaKpg.GenerateKeyPair(); + } + + public static AsymmetricCipherKeyPair MakeECGostKeyPair() + { + return ECGostKpg.GenerateKeyPair(); + } + + public static AsymmetricCipherKeyPair MakeECDsaKeyPair() + { + return ECDsaKpg.GenerateKeyPair(); + } + + public static KeyParameter MakeDesEde128Key() + { + return ParameterUtilities.CreateKeyParameter("DESEDE", desede128kg.GenerateKey()); + } + + public static KeyParameter MakeAes192Key() + { + return ParameterUtilities.CreateKeyParameter("AES", aes192kg.GenerateKey()); + } + + public static KeyParameter MakeDesEde192Key() + { + return ParameterUtilities.CreateKeyParameter("DESEDE", desede192kg.GenerateKey()); + } + + public static KeyParameter MakeRC240Key() + { + return ParameterUtilities.CreateKeyParameter("RC2", rc240kg.GenerateKey()); + } + + public static KeyParameter MakeRC264Key() + { + return ParameterUtilities.CreateKeyParameter("RC2", rc264kg.GenerateKey()); + } + + public static KeyParameter MakeRC2128Key() + { + return ParameterUtilities.CreateKeyParameter("RC2", rc2128kg.GenerateKey()); + } + + public static KeyParameter MakeSeedKey() + { + return ParameterUtilities.CreateKeyParameter("SEED", seedKg.GenerateKey()); + } + + public static KeyParameter MakeAesKey( + int keySize) + { + aesKg.Init(new KeyGenerationParameters(rand, keySize)); + + return ParameterUtilities.CreateKeyParameter("AES", aesKg.GenerateKey()); + } + + public static KeyParameter MakeCamelliaKey( + int keySize) + { + camelliaKg.Init(new KeyGenerationParameters(rand, keySize)); + + return ParameterUtilities.CreateKeyParameter("CAMELLIA", camelliaKg.GenerateKey()); + } + + public static X509Certificate MakeCertificate(AsymmetricCipherKeyPair _subKP, + string _subDN, AsymmetricCipherKeyPair _issKP, string _issDN) + { + return MakeCertificate(_subKP, _subDN, _issKP, _issDN, false); + } + + public static X509Certificate MakeCACertificate(AsymmetricCipherKeyPair _subKP, + string _subDN, AsymmetricCipherKeyPair _issKP, string _issDN) + { + return MakeCertificate(_subKP, _subDN, _issKP, _issDN, true); + } + + public static X509Certificate MakeV1Certificate(AsymmetricCipherKeyPair subKP, + string _subDN, AsymmetricCipherKeyPair issKP, string _issDN) + { + AsymmetricKeyParameter subPub = subKP.Public; + AsymmetricKeyParameter issPriv = issKP.Private; + AsymmetricKeyParameter issPub = issKP.Public; + + X509V1CertificateGenerator v1CertGen = new X509V1CertificateGenerator(); + + v1CertGen.Reset(); + v1CertGen.SetSerialNumber(AllocateSerialNumber()); + v1CertGen.SetIssuerDN(new X509Name(_issDN)); + v1CertGen.SetNotBefore(DateTime.UtcNow); + v1CertGen.SetNotAfter(DateTime.UtcNow.AddDays(100)); + v1CertGen.SetSubjectDN(new X509Name(_subDN)); + v1CertGen.SetPublicKey(subPub); + + if (issPub is RsaKeyParameters) + { + v1CertGen.SetSignatureAlgorithm("SHA1WithRSA"); + } + else if (issPub is DsaPublicKeyParameters) + { + v1CertGen.SetSignatureAlgorithm("SHA1withDSA"); + } + else if (issPub is ECPublicKeyParameters) + { + ECPublicKeyParameters ecPub = (ECPublicKeyParameters)issPub; + if (ecPub.AlgorithmName == "ECGOST3410") + { + v1CertGen.SetSignatureAlgorithm("GOST3411withECGOST3410"); + } + else + { + v1CertGen.SetSignatureAlgorithm("SHA1withECDSA"); + } + } + else + { + v1CertGen.SetSignatureAlgorithm("GOST3411WithGOST3410"); + } + + X509Certificate _cert = v1CertGen.Generate(issPriv); + + _cert.CheckValidity(DateTime.UtcNow); + _cert.Verify(issPub); + + return _cert; + } + + public static X509Certificate MakeCertificate( + AsymmetricCipherKeyPair subKP, string _subDN, + AsymmetricCipherKeyPair issKP, string _issDN, bool _ca) + { + AsymmetricKeyParameter subPub = subKP.Public; + AsymmetricKeyParameter issPriv = issKP.Private; + AsymmetricKeyParameter issPub = issKP.Public; + + X509V3CertificateGenerator v3CertGen = new X509V3CertificateGenerator(); + + v3CertGen.Reset(); + v3CertGen.SetSerialNumber(AllocateSerialNumber()); + v3CertGen.SetIssuerDN(new X509Name(_issDN)); + v3CertGen.SetNotBefore(DateTime.UtcNow); + v3CertGen.SetNotAfter(DateTime.UtcNow.AddDays(100)); + v3CertGen.SetSubjectDN(new X509Name(_subDN)); + v3CertGen.SetPublicKey(subPub); + + if (issPub is RsaKeyParameters) + { + v3CertGen.SetSignatureAlgorithm("SHA1WithRSA"); + } + else if (issPub is ECPublicKeyParameters) + { + ECPublicKeyParameters ecPub = (ECPublicKeyParameters) issPub; + if (ecPub.AlgorithmName == "ECGOST3410") + { + v3CertGen.SetSignatureAlgorithm("GOST3411withECGOST3410"); + } + else + { + v3CertGen.SetSignatureAlgorithm("SHA1withECDSA"); + } + } + else + { + v3CertGen.SetSignatureAlgorithm("GOST3411WithGOST3410"); + } + + v3CertGen.AddExtension( + X509Extensions.SubjectKeyIdentifier, + false, + CreateSubjectKeyId(subPub)); + + v3CertGen.AddExtension( + X509Extensions.AuthorityKeyIdentifier, + false, + CreateAuthorityKeyId(issPub)); + + v3CertGen.AddExtension( + X509Extensions.BasicConstraints, + false, + new BasicConstraints(_ca)); + + X509Certificate _cert = v3CertGen.Generate(issPriv); + + _cert.CheckValidity(); + _cert.Verify(issPub); + + return _cert; + } + + public static X509Crl MakeCrl( + AsymmetricCipherKeyPair pair) + { + X509V2CrlGenerator crlGen = new X509V2CrlGenerator(); + DateTime now = DateTime.UtcNow; + + crlGen.SetIssuerDN(new X509Name("CN=Test CA")); + + crlGen.SetThisUpdate(now); + crlGen.SetNextUpdate(now.AddSeconds(100)); + crlGen.SetSignatureAlgorithm("SHA256WithRSAEncryption"); + + crlGen.AddCrlEntry(BigInteger.One, now, CrlReason.PrivilegeWithdrawn); + + crlGen.AddExtension(X509Extensions.AuthorityKeyIdentifier, false, new AuthorityKeyIdentifierStructure(pair.Public)); + + return crlGen.Generate(pair.Private); + } + + /* + * + * INTERNAL METHODS + * + */ + internal static IX509Store MakeAttrCertStore(params IX509AttributeCertificate[] attrCerts) + { + IList attrCertList = new ArrayList(); + foreach (IX509AttributeCertificate attrCert in attrCerts) + { + attrCertList.Add(attrCert); + } + + return X509StoreFactory.Create("AttributeCertificate/Collection", new X509CollectionStoreParameters(attrCertList)); + } + + internal static IX509Store MakeCertStore(params X509Certificate[] certs) + { + IList certList = new ArrayList(); + foreach (X509Certificate cert in certs) + { + certList.Add(cert); + } + + return X509StoreFactory.Create("Certificate/Collection", new X509CollectionStoreParameters(certList)); + } + + internal static IX509Store MakeCrlStore(params X509Crl[] crls) + { + IList crlList = new ArrayList(); + foreach (X509Crl crl in crls) + { + crlList.Add(crl); + } + + return X509StoreFactory.Create("CRL/Collection", new X509CollectionStoreParameters(crlList)); + } + + private static AuthorityKeyIdentifier CreateAuthorityKeyId( + AsymmetricKeyParameter _pubKey) + { + SubjectPublicKeyInfo _info = SubjectPublicKeyInfoFactory.CreateSubjectPublicKeyInfo(_pubKey); + return new AuthorityKeyIdentifier(_info); + } + + internal static SubjectKeyIdentifier CreateSubjectKeyId( + AsymmetricKeyParameter _pubKey) + { + SubjectPublicKeyInfo _info = SubjectPublicKeyInfoFactory.CreateSubjectPublicKeyInfo(_pubKey); + return new SubjectKeyIdentifier(_info); + } + + private static BigInteger AllocateSerialNumber() + { + BigInteger _tmp = serialNumber; + serialNumber = serialNumber.Add(BigInteger.One); + return _tmp; + } + + public static byte[] StreamToByteArray( + Stream inStream) + { + return Streams.ReadAll(inStream); + } + } +} diff --git a/BouncyCastle/crypto/test/src/cms/test/CompressedDataStreamTest.cs b/BouncyCastle/crypto/test/src/cms/test/CompressedDataStreamTest.cs new file mode 100644 index 0000000..48a6c56 --- /dev/null +++ b/BouncyCastle/crypto/test/src/cms/test/CompressedDataStreamTest.cs @@ -0,0 +1,116 @@ +using System; +using System.IO; +using System.Text; + +using NUnit.Framework; + +using Org.BouncyCastle.Cms; +using Org.BouncyCastle.Security; +using Org.BouncyCastle.Utilities; +using Org.BouncyCastle.Utilities.Encoders; +using Org.BouncyCastle.Utilities.Test; + +namespace Org.BouncyCastle.Cms.Tests +{ + [TestFixture] + public class CompressedDataStreamTest + { + private static readonly byte[] compData = Base64.Decode( + "MIAGCyqGSIb3DQEJEAEJoIAwgAIBADANBgsqhkiG9w0BCRADCDCABgkqhkiG9w0BBwGggCSABIIC" + + "Hnic7ZRdb9owFIbvK/k/5PqVYPFXGK12YYyboVFASSp1vQtZGiLRACZE49/XHoUW7S/0tXP8Efux" + + "fU5ivWnasml72XFb3gb5druui7ytN803M570nii7C5r8tfwR281hy/p/KSM3+jzH5s3+pbQ90xSb" + + "P3VT3QbLusnt8WPIuN5vN/vaA2+DulnXTXkXvNTr8j8ouZmkCmGI/UW+ZS/C8zP0bz2dz0zwLt+1" + + "UEk2M8mlaxjRMByAhZTj0RGYg4TvogiRASROsZgjpVcJCb1KV6QzQeDJ1XkoQ5Jm+C5PbOHZZGRi" + + "v+ORAcshOGeCcdFJyfgFxdtCdEcmOrbinc/+BBMzRThEYpwl+jEBpciSGWQkI0TSlREmD/eOHb2D" + + "SGLuESm/iKUFt1y4XHBO2a5oq0IKJKWLS9kUZTA7vC5LSxYmgVL46SIWxIfWBQd6AdrnjLmH94UT" + + "vGxVibLqRCtIpp4g2qpdtqK1LiOeolpVK5wVQ5P7+QjZAlrh0cePYTx/gNZuB9Vhndtgujl9T/tg" + + "W9ogK+3rnmg3YWygnTuF5GDS+Q/jIVLnCcYZFc6Kk/+c80wKwZjwdZIqDYWRH68MuBQSXLgXYXj2" + + "3CAaYOBNJMliTl0X7eV5DnoKIFSKYdj3cRpD/cK/JWTHJRe76MUXnfBW8m7Hd5zhQ4ri2NrVF/WL" + + "+kV1/3AGSlJ32bFPd2BsQD8uSzIx6lObkjdz95c0AAAAAAAAAAAAAAAA"); + + private static readonly byte[] uncompData = Base64.Decode( + "Q29udGVudC1UeXBlOiBhcHBsaWNhdGlvbi9FREktWDEyOyBuYW1lPUdyb3VwMi54MTINCkNvbnRl" + + "bnQtVHJhbnNmZXItRW5jb2Rpbmc6IGJpbmFyeQ0KQ29udGVudC1EaXNwb3NpdGlvbjogaW5saW5l" + + "OyBmaWxlbmFtZT1Hcm91cDIueDEyDQoNCklTQSowMCpzc3Nzc3Nzc3NzKjAwKnJycnJycnJycnIqW" + + "loqQ1lDTE9ORSAgICAgICAgKlpaKlBBUlRORVIgICAgICAgICo5NjEwMDcqMjAxMypVKjAwMjAwKj" + + "AwMDAwMDAwMSowKlQqKg1HUypQTypTMVMxUzFTMVMxUzFTMVMqUjFSMVIxUjFSMVIxUjFSKjk2MTA" + + "wNyoyMDEzKjAwMDAwMDAwNCpYKjAwMzA1MA1TVCo4NTAqMDAwMDQwMDAxDUJFRyowMCpCRSoyYSo0" + + "MzMyNDIzNHY1NTIzKjk2MTAwNyoyM3RjNHZ5MjR2MmgzdmgzdmgqWloqSUVMKjA5KlJFKjA5DUNVU" + + "ioxMSpUUk4qNTY1Nio2NSo1NjYqSU1GKjAwNio5NjEwMDcNUkVGKjZBKjQzM3IxYzNyMzRyMzRjMz" + + "MxMnFjdGdjNTQqUmVmZXJlbmNlIE51bWJlcg1QRVIqQUEqSGFucyBHdXR0ZW4qQ1AqMS4zMjIuMzI" + + "zLjQ0NDQqKioqKnJnZzRlZ3Y0dDQNVEFYKjR0Z3RidDR0cjR0cipHTCpnaGdoKioqKioqKioqRypD" + + "DUZPQipUUCpDQSpVU0EqMDIqRE9NKkNDKlJlZ3VsYXIgTG9jYXRpb25zIHBlciBUZXJtcw1DVFAqR" + + "EUqQzA0KjQ1MyoyNTAwMCpEOSpTRUwqMjMyMTQqMjM0MzI0MjM0MjMqRVMqNDIyNDM0MjMNU0FDKk" + + "EqQjAwMCpBRSozNTQ1KjM0NDIzMDANQ1VSKjExKjc2Nyo3NzY3KjY1DVBPMSoxMTEtYWFhKjEwMDA" + + "wMDAqQVMqOTAuMDAqQkQqQUsqMjM0MjM1djM1MzRxNmYzNTM0djQzNTM0NTN2cTNxMzIqKioqKioq" + + "KioqKkExKnl0cmgNUE8xKjExMS1hYWEqMTAwMDAwMCpBUyo5MC4wMCpCRCpBSyoyMzQyMzV2MzUzN" + + "HE2ZjM1MzR2NDM1MzQ1M3ZxM3EzMioqKioqKioqKioqQTEqeXRyaA1QTzEqMTExLWFhYSoxMDAwMD" + + "AwKkFTKjkwLjAwKkJEKkFLKjIzNDIzNXYzNTM0cTZmMzUzNHY0MzUzNDUzdnEzcTMyKioqKioqKio" + + "qKipBMSp5dHJoDVBPMSoxMTEtYWFhKjEwMDAwMDAqQVMqOTAuMDAqQkQqQUsqMjM0MjM1djM1MzRx" + + "NmYzNTM0djQzNTM0NTN2cTNxMzIqKioqKioqKioqKkExKnl0cmgNUE8xKjExMS1hYWEqMTAwMDAwM" + + "CpBUyo5MC4wMCpCRCpBSyoyMzQyMzV2MzUzNHE2ZjM1MzR2NDM1MzQ1M3ZxM3EzMioqKioqKioqKi" + + "oqQTEqeXRyaA1QTzEqMTExLWFhYSoxMDAwMDAwKkFTKjkwLjAwKkJEKkFLKjIzNDIzNXYzNTM0cTZ" + + "mMzUzNHY0MzUzNDUzdnEzcTMyKioqKioqKioqKipBMSp5dHJoDVBPMSoxMTEtYWFhKjEwMDAwMDAq" + + "QVMqOTAuMDAqQkQqQUsqMjM0MjM1djM1MzRxNmYzNTM0djQzNTM0NTN2cTNxMzIqKioqKioqKioqK" + + "kExKnl0cmgNUE8xKjExMS1hYWEqMTAwMDAwMCpBUyo5MC4wMCpCRCpBSyoyMzQyMzV2MzUzNHE2Zj" + + "M1MzR2NDM1MzQ1M3ZxM3EzMioqKioqKioqKioqQTEqeXRyaA1QTzEqMTExLWFhYSoxMDAwMDAwKkF" + + "TKjkwLjAwKkJEKkFLKjIzNDIzNXYzNTM0cTZmMzUzNHY0MzUzNDUzdnEzcTMyKioqKioqKioqKipB" + + "MSp5dHJoDVBPMSoxMTEtYWFhKjEwMDAwMDAqQVMqOTAuMDAqQkQqQUsqMjM0MjM1djM1MzRxNmYzN" + + "TM0djQzNTM0NTN2cTNxMzIqKioqKioqKioqKkExKnl0cmgNQ1RUKjENU0UqMjIqMDAwMDQwMDAxDU" + + "dFKjEqMDAwMDAwMDA0DUlFQSoxKjAwMDAwMDAwMQ0="); + + [Test] + public void TestWorkingData() + { + CmsCompressedDataParser ed = new CmsCompressedDataParser(compData); + + Assert.IsTrue(Arrays.AreEqual(uncompData, CmsTestUtil.StreamToByteArray(ed.GetContent().ContentStream))); + } + + [Test] + public void TestEach() + { + byte[] testData = Encoding.ASCII.GetBytes("Hello world!"); + + CmsCompressedDataStreamGenerator gen = new CmsCompressedDataStreamGenerator(); + MemoryStream bOut = new MemoryStream(); + + Stream cOut = gen.Open(bOut, CmsCompressedDataStreamGenerator.ZLib); + + cOut.Write(testData, 0, testData.Length); + + cOut.Close(); + + CmsCompressedDataParser ed = new CmsCompressedDataParser(bOut.ToArray()); + + Assert.IsTrue(Arrays.AreEqual(testData, CmsTestUtil.StreamToByteArray(ed.GetContent().ContentStream))); + } + + [Test] + public void Test1000() + { + byte[] testData = new byte[10000]; + SecureRandom rand = new SecureRandom(); + + rand.SetSeed(0); + + for (int i = 0; i != 10; i++) + { + CmsCompressedDataStreamGenerator gen = new CmsCompressedDataStreamGenerator(); + MemoryStream bOut = new MemoryStream(); + + Stream cOut = gen.Open(bOut, CmsCompressedDataStreamGenerator.ZLib); + + rand.NextBytes(testData); + + cOut.Write(testData, 0, testData.Length); + + cOut.Close(); + + CmsCompressedDataParser ed = new CmsCompressedDataParser(bOut.ToArray()); + + Assert.IsTrue(Arrays.AreEqual(testData, CmsTestUtil.StreamToByteArray(ed.GetContent().ContentStream))); + } + } + } +} diff --git a/BouncyCastle/crypto/test/src/cms/test/CompressedDataTest.cs b/BouncyCastle/crypto/test/src/cms/test/CompressedDataTest.cs new file mode 100644 index 0000000..6df85d9 --- /dev/null +++ b/BouncyCastle/crypto/test/src/cms/test/CompressedDataTest.cs @@ -0,0 +1,117 @@ +using System; +using System.Text; + +using NUnit.Framework; + +using Org.BouncyCastle.Cms; +using Org.BouncyCastle.Utilities; +using Org.BouncyCastle.Utilities.Encoders; +using Org.BouncyCastle.Utilities.IO; +using Org.BouncyCastle.Utilities.Test; + +namespace Org.BouncyCastle.Cms.Tests +{ + [TestFixture] + public class CompressedDataTest + { + private static readonly byte[] TEST_DATA = Encoding.ASCII.GetBytes("Hello world!"); + + private static readonly byte[] compData = Base64.Decode( + "MIAGCyqGSIb3DQEJEAEJoIAwgAIBADANBgsqhkiG9w0BCRADCDCABgkqhkiG9w0BBwGggCSABIIC" + + "Hnic7ZRdb9owFIbvK/k/5PqVYPFXGK12YYyboVFASSp1vQtZGiLRACZE49/XHoUW7S/0tXP8Efux" + + "fU5ivWnasml72XFb3gb5druui7ytN803M570nii7C5r8tfwR281hy/p/KSM3+jzH5s3+pbQ90xSb" + + "P3VT3QbLusnt8WPIuN5vN/vaA2+DulnXTXkXvNTr8j8ouZmkCmGI/UW+ZS/C8zP0bz2dz0zwLt+1" + + "UEk2M8mlaxjRMByAhZTj0RGYg4TvogiRASROsZgjpVcJCb1KV6QzQeDJ1XkoQ5Jm+C5PbOHZZGRi" + + "v+ORAcshOGeCcdFJyfgFxdtCdEcmOrbinc/+BBMzRThEYpwl+jEBpciSGWQkI0TSlREmD/eOHb2D" + + "SGLuESm/iKUFt1y4XHBO2a5oq0IKJKWLS9kUZTA7vC5LSxYmgVL46SIWxIfWBQd6AdrnjLmH94UT" + + "vGxVibLqRCtIpp4g2qpdtqK1LiOeolpVK5wVQ5P7+QjZAlrh0cePYTx/gNZuB9Vhndtgujl9T/tg" + + "W9ogK+3rnmg3YWygnTuF5GDS+Q/jIVLnCcYZFc6Kk/+c80wKwZjwdZIqDYWRH68MuBQSXLgXYXj2" + + "3CAaYOBNJMliTl0X7eV5DnoKIFSKYdj3cRpD/cK/JWTHJRe76MUXnfBW8m7Hd5zhQ4ri2NrVF/WL" + + "+kV1/3AGSlJ32bFPd2BsQD8uSzIx6lObkjdz95c0AAAAAAAAAAAAAAAA"); + + private static readonly byte[] uncompData = Base64.Decode( + "Q29udGVudC1UeXBlOiBhcHBsaWNhdGlvbi9FREktWDEyOyBuYW1lPUdyb3VwMi54MTINCkNvbnRl" + + "bnQtVHJhbnNmZXItRW5jb2Rpbmc6IGJpbmFyeQ0KQ29udGVudC1EaXNwb3NpdGlvbjogaW5saW5l" + + "OyBmaWxlbmFtZT1Hcm91cDIueDEyDQoNCklTQSowMCpzc3Nzc3Nzc3NzKjAwKnJycnJycnJycnIqW" + + "loqQ1lDTE9ORSAgICAgICAgKlpaKlBBUlRORVIgICAgICAgICo5NjEwMDcqMjAxMypVKjAwMjAwKj" + + "AwMDAwMDAwMSowKlQqKg1HUypQTypTMVMxUzFTMVMxUzFTMVMqUjFSMVIxUjFSMVIxUjFSKjk2MTA" + + "wNyoyMDEzKjAwMDAwMDAwNCpYKjAwMzA1MA1TVCo4NTAqMDAwMDQwMDAxDUJFRyowMCpCRSoyYSo0" + + "MzMyNDIzNHY1NTIzKjk2MTAwNyoyM3RjNHZ5MjR2MmgzdmgzdmgqWloqSUVMKjA5KlJFKjA5DUNVU" + + "ioxMSpUUk4qNTY1Nio2NSo1NjYqSU1GKjAwNio5NjEwMDcNUkVGKjZBKjQzM3IxYzNyMzRyMzRjMz" + + "MxMnFjdGdjNTQqUmVmZXJlbmNlIE51bWJlcg1QRVIqQUEqSGFucyBHdXR0ZW4qQ1AqMS4zMjIuMzI" + + "zLjQ0NDQqKioqKnJnZzRlZ3Y0dDQNVEFYKjR0Z3RidDR0cjR0cipHTCpnaGdoKioqKioqKioqRypD" + + "DUZPQipUUCpDQSpVU0EqMDIqRE9NKkNDKlJlZ3VsYXIgTG9jYXRpb25zIHBlciBUZXJtcw1DVFAqR" + + "EUqQzA0KjQ1MyoyNTAwMCpEOSpTRUwqMjMyMTQqMjM0MzI0MjM0MjMqRVMqNDIyNDM0MjMNU0FDKk" + + "EqQjAwMCpBRSozNTQ1KjM0NDIzMDANQ1VSKjExKjc2Nyo3NzY3KjY1DVBPMSoxMTEtYWFhKjEwMDA" + + "wMDAqQVMqOTAuMDAqQkQqQUsqMjM0MjM1djM1MzRxNmYzNTM0djQzNTM0NTN2cTNxMzIqKioqKioq" + + "KioqKkExKnl0cmgNUE8xKjExMS1hYWEqMTAwMDAwMCpBUyo5MC4wMCpCRCpBSyoyMzQyMzV2MzUzN" + + "HE2ZjM1MzR2NDM1MzQ1M3ZxM3EzMioqKioqKioqKioqQTEqeXRyaA1QTzEqMTExLWFhYSoxMDAwMD" + + "AwKkFTKjkwLjAwKkJEKkFLKjIzNDIzNXYzNTM0cTZmMzUzNHY0MzUzNDUzdnEzcTMyKioqKioqKio" + + "qKipBMSp5dHJoDVBPMSoxMTEtYWFhKjEwMDAwMDAqQVMqOTAuMDAqQkQqQUsqMjM0MjM1djM1MzRx" + + "NmYzNTM0djQzNTM0NTN2cTNxMzIqKioqKioqKioqKkExKnl0cmgNUE8xKjExMS1hYWEqMTAwMDAwM" + + "CpBUyo5MC4wMCpCRCpBSyoyMzQyMzV2MzUzNHE2ZjM1MzR2NDM1MzQ1M3ZxM3EzMioqKioqKioqKi" + + "oqQTEqeXRyaA1QTzEqMTExLWFhYSoxMDAwMDAwKkFTKjkwLjAwKkJEKkFLKjIzNDIzNXYzNTM0cTZ" + + "mMzUzNHY0MzUzNDUzdnEzcTMyKioqKioqKioqKipBMSp5dHJoDVBPMSoxMTEtYWFhKjEwMDAwMDAq" + + "QVMqOTAuMDAqQkQqQUsqMjM0MjM1djM1MzRxNmYzNTM0djQzNTM0NTN2cTNxMzIqKioqKioqKioqK" + + "kExKnl0cmgNUE8xKjExMS1hYWEqMTAwMDAwMCpBUyo5MC4wMCpCRCpBSyoyMzQyMzV2MzUzNHE2Zj" + + "M1MzR2NDM1MzQ1M3ZxM3EzMioqKioqKioqKioqQTEqeXRyaA1QTzEqMTExLWFhYSoxMDAwMDAwKkF" + + "TKjkwLjAwKkJEKkFLKjIzNDIzNXYzNTM0cTZmMzUzNHY0MzUzNDUzdnEzcTMyKioqKioqKioqKipB" + + "MSp5dHJoDVBPMSoxMTEtYWFhKjEwMDAwMDAqQVMqOTAuMDAqQkQqQUsqMjM0MjM1djM1MzRxNmYzN" + + "TM0djQzNTM0NTN2cTNxMzIqKioqKioqKioqKkExKnl0cmgNQ1RUKjENU0UqMjIqMDAwMDQwMDAxDU" + + "dFKjEqMDAwMDAwMDA0DUlFQSoxKjAwMDAwMDAwMQ0="); + + [Test] + public void TestWorkingData() + { + CmsCompressedData ed = new CmsCompressedData(compData); + + Assert.IsTrue(Arrays.AreEqual(uncompData, ed.GetContent())); + } + + [Test] + public void TestEach() + { + CmsCompressedData cd = GetStdData(); + + Assert.IsTrue(Arrays.AreEqual(TEST_DATA, cd.GetContent())); + } + + [Test] + public void TestLimitUnder() + { + CmsCompressedData cd = GetStdData(); + + try + { + cd.GetContent(TEST_DATA.Length / 2); + } + catch (CmsException e) + { + Assert.IsTrue(e.InnerException is StreamOverflowException); + } + } + + [Test] + public void TestLimitOver() + { + CmsCompressedData cd = GetStdData(); + + Assert.IsTrue(Arrays.AreEqual(TEST_DATA, cd.GetContent(TEST_DATA.Length * 2))); + } + + [Test] + public void TestLimitEqual() + { + CmsCompressedData cd = GetStdData(); + + Assert.IsTrue(Arrays.AreEqual(TEST_DATA, cd.GetContent(TEST_DATA.Length))); + } + + private CmsCompressedData GetStdData() + { + CmsProcessableByteArray testData = new CmsProcessableByteArray(TEST_DATA); + CmsCompressedDataGenerator gen = new CmsCompressedDataGenerator(); + return gen.Generate(testData, CmsCompressedDataGenerator.ZLib); + } + } +} diff --git a/BouncyCastle/crypto/test/src/cms/test/EnvelopedDataStreamTest.cs b/BouncyCastle/crypto/test/src/cms/test/EnvelopedDataStreamTest.cs new file mode 100644 index 0000000..8512f66 --- /dev/null +++ b/BouncyCastle/crypto/test/src/cms/test/EnvelopedDataStreamTest.cs @@ -0,0 +1,537 @@ +using System; +using System.Collections; +using System.IO; +using System.Text; + +using NUnit.Framework; + +using Org.BouncyCastle.Asn1; +using Org.BouncyCastle.Asn1.Pkcs; +using Org.BouncyCastle.Cms; +using Org.BouncyCastle.Crypto; +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Security; +using Org.BouncyCastle.Utilities; +using Org.BouncyCastle.Utilities.Encoders; +using Org.BouncyCastle.Utilities.IO; +using Org.BouncyCastle.Utilities.Test; +using Org.BouncyCastle.X509; + +namespace Org.BouncyCastle.Cms.Tests +{ + [TestFixture] + public class EnvelopedDataStreamTest + { + private const int BufferSize = 4000; + + private const string SignDN = "O=Bouncy Castle, C=AU"; + private static AsymmetricCipherKeyPair signKP; +// private static X509Certificate signCert; + //signCert = CmsTestUtil.MakeCertificate(_signKP, SignDN, _signKP, SignDN); + +// private const string OrigDN = "CN=Bob, OU=Sales, O=Bouncy Castle, C=AU"; +// private static AsymmetricCipherKeyPair origKP; + //origKP = CmsTestUtil.MakeKeyPair(); +// private static X509Certificate origCert; + //origCert = CmsTestUtil.MakeCertificate(origKP, OrigDN, _signKP, SignDN); + + private const string ReciDN = "CN=Doug, OU=Sales, O=Bouncy Castle, C=AU"; + private static AsymmetricCipherKeyPair reciKP; + private static X509Certificate reciCert; + + private static AsymmetricCipherKeyPair origECKP; + private static AsymmetricCipherKeyPair reciECKP; + private static X509Certificate reciECCert; + + private static AsymmetricCipherKeyPair SignKP + { + get { return signKP == null ? (signKP = CmsTestUtil.MakeKeyPair()) : signKP; } + } + + private static AsymmetricCipherKeyPair ReciKP + { + get { return reciKP == null ? (reciKP = CmsTestUtil.MakeKeyPair()) : reciKP; } + } + + private static X509Certificate ReciCert + { + get { return reciCert == null ? (reciCert = CmsTestUtil.MakeCertificate(ReciKP, ReciDN, SignKP, SignDN)) : reciCert;} + } + + private static AsymmetricCipherKeyPair OrigECKP + { + get { return origECKP == null ? (origECKP = CmsTestUtil.MakeECDsaKeyPair()) : origECKP; } + } + + private static AsymmetricCipherKeyPair ReciECKP + { + get { return reciECKP == null ? (reciECKP = CmsTestUtil.MakeECDsaKeyPair()) : reciECKP; } + } + + private static X509Certificate ReciECCert + { + get { return reciECCert == null ? (reciECCert = CmsTestUtil.MakeCertificate(ReciECKP, ReciDN, SignKP, SignDN)) : reciECCert;} + } + + [Test] + public void TestWorkingData() + { + byte[] keyData = Base64.Decode( + "MIICdgIBADANBgkqhkiG9w0BAQEFAASCAmAwggJcAgEAAoGBAKrAz/SQKrcQ" + + "nj9IxHIfKDbuXsMqUpI06s2gps6fp7RDNvtUDDMOciWGFhD45YSy8GO0mPx3" + + "Nkc7vKBqX4TLcqLUz7kXGOHGOwiPZoNF+9jBMPNROe/B0My0PkWg9tuq+nxN" + + "64oD47+JvDwrpNOS5wsYavXeAW8Anv9ZzHLU7KwZAgMBAAECgYA/fqdVt+5K" + + "WKGfwr1Z+oAHvSf7xtchiw/tGtosZ24DOCNP3fcTXUHQ9kVqVkNyzt9ZFCT3" + + "bJUAdBQ2SpfuV4DusVeQZVzcROKeA09nPkxBpTefWbSDQGhb+eZq9L8JDRSW" + + "HyYqs+MBoUpLw7GKtZiJkZyY6CsYkAnQ+uYVWq/TIQJBAP5zafO4HUV/w4KD" + + "VJi+ua+GYF1Sg1t/dYL1kXO9GP1p75YAmtm6LdnOCas7wj70/G1YlPGkOP0V" + + "GFzeG5KAmAUCQQCryvKU9nwWA+kypcQT9Yr1P4vGS0APYoBThnZq7jEPc5Cm" + + "ZI82yseSxSeea0+8KQbZ5mvh1p3qImDLEH/iNSQFAkAghS+tboKPN10NeSt+" + + "uiGRRWNbiggv0YJ7Uldcq3ZeLQPp7/naiekCRUsHD4Qr97OrZf7jQ1HlRqTu" + + "eZScjMLhAkBNUMZCQnhwFAyEzdPkQ7LpU1MdyEopYmRssuxijZao5JLqQAGw" + + "YCzXokGFa7hz72b09F4DQurJL/WuDlvvu4jdAkEAxwT9lylvfSfEQw4/qQgZ" + + "MFB26gqB6Gqs1pHIZCzdliKx5BO3VDeUGfXMI8yOkbXoWbYx5xPid/+N8R//" + + "+sxLBw=="); + + byte[] envData = Base64.Decode( + "MIAGCSqGSIb3DQEHA6CAMIACAQAxgcQwgcECAQAwKjAlMRYwFAYDVQQKEw1C" + + "b3VuY3kgQ2FzdGxlMQswCQYDVQQGEwJBVQIBHjANBgkqhkiG9w0BAQEFAASB" + + "gDmnaDZ0vDJNlaUSYyEXsgbaUH+itNTjCOgv77QTX2ImXj+kTctM19PQF2I1" + + "0/NL0fjakvCgBTHKmk13a7jqB6cX3bysenHNrglHsgNGgeXQ7ggAq5fV/JQQ" + + "T7rSxEtuwpbuHQnoVUZahOHVKy/a0uLr9iIh1A3y+yZTZaG505ZJMIAGCSqG" + + "SIb3DQEHATAdBglghkgBZQMEAQIEENmkYNbDXiZxJWtq82qIRZKggAQgkOGr" + + "1JcTsADStez1eY4+rO4DtyBIyUYQ3pilnbirfPkAAAAAAAAAAAAA"); + + + CmsEnvelopedDataParser ep = new CmsEnvelopedDataParser(envData); + + RecipientInformationStore recipients = ep.GetRecipientInfos(); + + Assert.AreEqual(ep.EncryptionAlgOid, CmsEnvelopedDataGenerator.Aes128Cbc); + + ICollection c = recipients.GetRecipients(); + +// PKCS8EncodedKeySpec keySpec = new PKCS8EncodedKeySpec(keyData); +// KeyFactory keyFact = KeyFactory.GetInstance("RSA"); +// Key priKey = keyFact.generatePrivate(keySpec); + AsymmetricKeyParameter priKey = PrivateKeyFactory.CreateKey(keyData); + byte[] data = Hex.Decode("57616c6c6157616c6c6157617368696e67746f6e"); + + foreach (RecipientInformation recipient in c) + { + Assert.AreEqual(recipient.KeyEncryptionAlgOid, PkcsObjectIdentifiers.RsaEncryption.Id); + + CmsTypedStream recData = recipient.GetContentStream(priKey); + + byte[] compare = CmsTestUtil.StreamToByteArray(recData.ContentStream); + Assert.IsTrue(Arrays.AreEqual(data, compare)); + } + } + + private void VerifyData( + byte[] encodedBytes, + string expectedOid, + byte[] expectedData) + { + CmsEnvelopedDataParser ep = new CmsEnvelopedDataParser(encodedBytes); + RecipientInformationStore recipients = ep.GetRecipientInfos(); + + Assert.AreEqual(ep.EncryptionAlgOid, expectedOid); + + ICollection c = recipients.GetRecipients(); + + foreach (RecipientInformation recipient in c) + { + Assert.AreEqual(recipient.KeyEncryptionAlgOid, PkcsObjectIdentifiers.RsaEncryption.Id); + + CmsTypedStream recData = recipient.GetContentStream(ReciKP.Private); + + Assert.IsTrue(Arrays.AreEqual(expectedData, CmsTestUtil.StreamToByteArray( + recData.ContentStream))); + } + } + + [Test] + public void TestKeyTransAes128BufferedStream() + { + byte[] data = new byte[2000]; + for (int i = 0; i != 2000; i++) + { + data[i] = (byte)(i & 0xff); + } + + // + // unbuffered + // + CmsEnvelopedDataStreamGenerator edGen = new CmsEnvelopedDataStreamGenerator(); + + edGen.AddKeyTransRecipient(ReciCert); + + MemoryStream bOut = new MemoryStream(); + + Stream outStream = edGen.Open( + bOut, CmsEnvelopedDataGenerator.Aes128Cbc); + + for (int i = 0; i != 2000; i++) + { + outStream.WriteByte(data[i]); + } + + outStream.Close(); + + VerifyData(bOut.ToArray(), CmsEnvelopedDataGenerator.Aes128Cbc, data); + + int unbufferedLength = bOut.ToArray().Length; + + // + // Using buffered output - should be == to unbuffered + // + edGen = new CmsEnvelopedDataStreamGenerator(); + + edGen.AddKeyTransRecipient(ReciCert); + + bOut.SetLength(0); + + outStream = edGen.Open(bOut, CmsEnvelopedDataGenerator.Aes128Cbc); + + Streams.PipeAll(new MemoryStream(data, false), outStream); + outStream.Close(); + + VerifyData(bOut.ToArray(), CmsEnvelopedDataGenerator.Aes128Cbc, data); + + Assert.AreEqual(unbufferedLength, bOut.ToArray().Length); + } + + [Test] + public void TestKeyTransAes128Buffered() + { + byte[] data = new byte[2000]; + for (int i = 0; i != 2000; i++) + { + data[i] = (byte)(i & 0xff); + } + + // + // unbuffered + // + CmsEnvelopedDataStreamGenerator edGen = new CmsEnvelopedDataStreamGenerator(); + + edGen.AddKeyTransRecipient(ReciCert); + + MemoryStream bOut = new MemoryStream(); + + Stream outStream = edGen.Open( + bOut, CmsEnvelopedDataGenerator.Aes128Cbc); + + for (int i = 0; i != 2000; i++) + { + outStream.WriteByte(data[i]); + } + + outStream.Close(); + + VerifyData(bOut.ToArray(), CmsEnvelopedDataGenerator.Aes128Cbc, data); + + int unbufferedLength = bOut.ToArray().Length; + + // + // buffered - less than default of 1000 + // + edGen = new CmsEnvelopedDataStreamGenerator(); + + edGen.SetBufferSize(300); + + edGen.AddKeyTransRecipient(ReciCert); + + bOut.SetLength(0); + + outStream = edGen.Open(bOut, CmsEnvelopedDataGenerator.Aes128Cbc); + + for (int i = 0; i != 2000; i++) + { + outStream.WriteByte(data[i]); + } + + outStream.Close(); + + VerifyData(bOut.ToArray(), CmsEnvelopedDataGenerator.Aes128Cbc, data); + + Assert.IsTrue(unbufferedLength < bOut.ToArray().Length); + } + + [Test] + public void TestKeyTransAes128Der() + { + byte[] data = new byte[2000]; + for (int i = 0; i != 2000; i++) + { + data[i] = (byte)(i & 0xff); + } + + CmsEnvelopedDataStreamGenerator edGen = new CmsEnvelopedDataStreamGenerator(); + + edGen.AddKeyTransRecipient(ReciCert); + + MemoryStream bOut = new MemoryStream(); + + Stream outStream = edGen.Open( + bOut, CmsEnvelopedDataGenerator.Aes128Cbc); + + for (int i = 0; i != 2000; i++) + { + outStream.WriteByte(data[i]); + } + + outStream.Close(); + + // convert to DER + byte[] derEncodedBytes = Asn1Object.FromByteArray(bOut.ToArray()).GetDerEncoded(); + + VerifyData(derEncodedBytes, CmsEnvelopedDataGenerator.Aes128Cbc, data); + } + + [Test] + public void TestKeyTransAes128Throughput() + { + byte[] data = new byte[40001]; + for (int i = 0; i != data.Length; i++) + { + data[i] = (byte)(i & 0xff); + } + + // + // buffered + // + CmsEnvelopedDataStreamGenerator edGen = new CmsEnvelopedDataStreamGenerator(); + + edGen.SetBufferSize(BufferSize); + + edGen.AddKeyTransRecipient(ReciCert); + + MemoryStream bOut = new MemoryStream(); + + Stream outStream = edGen.Open(bOut, CmsEnvelopedDataGenerator.Aes128Cbc); + + for (int i = 0; i != data.Length; i++) + { + outStream.WriteByte(data[i]); + } + + outStream.Close(); + + CmsEnvelopedDataParser ep = new CmsEnvelopedDataParser(bOut.ToArray()); + RecipientInformationStore recipients = ep.GetRecipientInfos(); + ICollection c = recipients.GetRecipients(); + + IEnumerator e = c.GetEnumerator(); + + if (e.MoveNext()) + { + RecipientInformation recipient = (RecipientInformation) e.Current; + + Assert.AreEqual(recipient.KeyEncryptionAlgOid, PkcsObjectIdentifiers.RsaEncryption.Id); + + CmsTypedStream recData = recipient.GetContentStream(ReciKP.Private); + + Stream dataStream = recData.ContentStream; + MemoryStream dataOut = new MemoryStream(); + int len; + byte[] buf = new byte[BufferSize]; + int count = 0; + + while (count != 10 && (len = dataStream.Read(buf, 0, buf.Length)) > 0) + { + Assert.AreEqual(buf.Length, len); + + dataOut.Write(buf, 0, buf.Length); + count++; + } + + len = dataStream.Read(buf, 0, buf.Length); + dataOut.Write(buf, 0, len); + + Assert.IsTrue(Arrays.AreEqual(data, dataOut.ToArray())); + } + else + { + Assert.Fail("recipient not found."); + } + } + + [Test] + public void TestKeyTransAes128() + { + byte[] data = Encoding.Default.GetBytes("WallaWallaWashington"); + + CmsEnvelopedDataStreamGenerator edGen = new CmsEnvelopedDataStreamGenerator(); + + edGen.AddKeyTransRecipient(ReciCert); + + MemoryStream bOut = new MemoryStream(); + + Stream outStream = edGen.Open( + bOut, CmsEnvelopedDataGenerator.Aes128Cbc); + + outStream.Write(data, 0, data.Length); + + outStream.Close(); + + CmsEnvelopedDataParser ep = new CmsEnvelopedDataParser(bOut.ToArray()); + + RecipientInformationStore recipients = ep.GetRecipientInfos(); + + Assert.AreEqual(ep.EncryptionAlgOid, CmsEnvelopedDataGenerator.Aes128Cbc); + + ICollection c = recipients.GetRecipients(); + + foreach (RecipientInformation recipient in c) + { + Assert.AreEqual(recipient.KeyEncryptionAlgOid, PkcsObjectIdentifiers.RsaEncryption.Id); + + CmsTypedStream recData = recipient.GetContentStream(ReciKP.Private); + + Assert.IsTrue(Arrays.AreEqual(data, CmsTestUtil.StreamToByteArray(recData.ContentStream))); + } + + ep.Close(); + } + + [Test] + public void TestAesKek() + { + byte[] data = Encoding.Default.GetBytes("WallaWallaWashington"); + KeyParameter kek = CmsTestUtil.MakeAes192Key(); + + CmsEnvelopedDataStreamGenerator edGen = new CmsEnvelopedDataStreamGenerator(); + + byte[] kekId = new byte[] { 1, 2, 3, 4, 5 }; + + edGen.AddKekRecipient("AES192", kek, kekId); + + MemoryStream bOut = new MemoryStream(); + + Stream outStream = edGen.Open( + bOut, + CmsEnvelopedDataGenerator.DesEde3Cbc); + outStream.Write(data, 0, data.Length); + + outStream.Close(); + + CmsEnvelopedDataParser ep = new CmsEnvelopedDataParser(bOut.ToArray()); + + RecipientInformationStore recipients = ep.GetRecipientInfos(); + + Assert.AreEqual(ep.EncryptionAlgOid, CmsEnvelopedDataGenerator.DesEde3Cbc); + + ICollection c = recipients.GetRecipients(); + + foreach (RecipientInformation recipient in c) + { + Assert.AreEqual(recipient.KeyEncryptionAlgOid, "2.16.840.1.101.3.4.1.25"); + + CmsTypedStream recData = recipient.GetContentStream(kek); + + Assert.IsTrue(Arrays.AreEqual(data, CmsTestUtil.StreamToByteArray(recData.ContentStream))); + } + + ep.Close(); + } + + [Test] + public void TestTwoAesKek() + { + byte[] data = Encoding.Default.GetBytes("WallaWallaWashington"); + KeyParameter kek1 = CmsTestUtil.MakeAes192Key(); + KeyParameter kek2 = CmsTestUtil.MakeAes192Key(); + + CmsEnvelopedDataStreamGenerator edGen = new CmsEnvelopedDataStreamGenerator(); + + byte[] kekId1 = new byte[] { 1, 2, 3, 4, 5 }; + byte[] kekId2 = new byte[] { 5, 4, 3, 2, 1 }; + + edGen.AddKekRecipient("AES192", kek1, kekId1); + edGen.AddKekRecipient("AES192", kek2, kekId2); + + MemoryStream bOut = new MemoryStream(); + + Stream outStream = edGen.Open( + bOut, + CmsEnvelopedDataGenerator.DesEde3Cbc); + outStream.Write(data, 0, data.Length); + + outStream.Close(); + + CmsEnvelopedDataParser ep = new CmsEnvelopedDataParser(bOut.ToArray()); + + RecipientInformationStore recipients = ep.GetRecipientInfos(); + + Assert.AreEqual(ep.EncryptionAlgOid, CmsEnvelopedDataGenerator.DesEde3Cbc); + + RecipientID recSel = new RecipientID(); + + recSel.KeyIdentifier = kekId2; + + RecipientInformation recipient = recipients.GetFirstRecipient(recSel); + + Assert.AreEqual(recipient.KeyEncryptionAlgOid, "2.16.840.1.101.3.4.1.25"); + + CmsTypedStream recData = recipient.GetContentStream(kek2); + + Assert.IsTrue(Arrays.AreEqual(data, CmsTestUtil.StreamToByteArray(recData.ContentStream))); + + ep.Close(); + } + + [Test] + public void TestECKeyAgree() + { + byte[] data = Hex.Decode("504b492d4320434d5320456e76656c6f706564446174612053616d706c65"); + + CmsEnvelopedDataStreamGenerator edGen = new CmsEnvelopedDataStreamGenerator(); + + edGen.AddKeyAgreementRecipient( + CmsEnvelopedDataGenerator.ECDHSha1Kdf, + OrigECKP.Private, + OrigECKP.Public, + ReciECCert, + CmsEnvelopedDataGenerator.Aes128Wrap); + + MemoryStream bOut = new MemoryStream(); + + Stream outStr = edGen.Open(bOut, CmsEnvelopedDataGenerator.Aes128Cbc); + outStr.Write(data, 0, data.Length); + + outStr.Close(); + + CmsEnvelopedDataParser ep = new CmsEnvelopedDataParser(bOut.ToArray()); + + RecipientInformationStore recipients = ep.GetRecipientInfos(); + + Assert.AreEqual(ep.EncryptionAlgOid, CmsEnvelopedDataGenerator.Aes128Cbc); + + RecipientID recSel = new RecipientID(); + +// recSel.SetIssuer(PrincipalUtilities.GetIssuerX509Principal(ReciECCert).GetEncoded()); + recSel.Issuer = PrincipalUtilities.GetIssuerX509Principal(ReciECCert); + recSel.SerialNumber = ReciECCert.SerialNumber; + + RecipientInformation recipient = recipients.GetFirstRecipient(recSel); + + CmsTypedStream recData = recipient.GetContentStream(ReciECKP.Private); + + Assert.IsTrue(Arrays.AreEqual(data, CmsTestUtil.StreamToByteArray(recData.ContentStream))); + + ep.Close(); + } + + [Test] + public void TestOriginatorInfo() + { + CmsEnvelopedDataParser env = new CmsEnvelopedDataParser(CmsSampleMessages.originatorMessage); + + env.GetRecipientInfos(); + + Assert.AreEqual(CmsEnvelopedDataGenerator.DesEde3Cbc, env.EncryptionAlgOid); + } + } +} diff --git a/BouncyCastle/crypto/test/src/cms/test/EnvelopedDataTest.cs b/BouncyCastle/crypto/test/src/cms/test/EnvelopedDataTest.cs new file mode 100644 index 0000000..1017d35 --- /dev/null +++ b/BouncyCastle/crypto/test/src/cms/test/EnvelopedDataTest.cs @@ -0,0 +1,999 @@ +using System; +using System.Collections; +using System.Text; + +using NUnit.Framework; +using Org.BouncyCastle.Asn1; +using Org.BouncyCastle.Asn1.Kisa; +using Org.BouncyCastle.Asn1.Nist; +using Org.BouncyCastle.Asn1.Ntt; +using Org.BouncyCastle.Asn1.Oiw; +using Org.BouncyCastle.Asn1.Pkcs; +using Org.BouncyCastle.Asn1.X509; +using Org.BouncyCastle.Cms; +using Org.BouncyCastle.Crypto; +using Org.BouncyCastle.Crypto.Operators; +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Operators; +using Org.BouncyCastle.Security; +using Org.BouncyCastle.Utilities; +using Org.BouncyCastle.Utilities.Encoders; +using Org.BouncyCastle.X509; + +namespace Org.BouncyCastle.Cms.Tests +{ + [TestFixture] + public class EnvelopedDataTest + { + private const string SignDN = "O=Bouncy Castle, C=AU"; + + private static AsymmetricCipherKeyPair signKP; +// private static X509Certificate signCert; + //signCert = CmsTestUtil.MakeCertificate(_signKP, SignDN, _signKP, SignDN); + +// private const string OrigDN = "CN=Bob, OU=Sales, O=Bouncy Castle, C=AU"; + +// private static AsymmetricCipherKeyPair origKP; + //origKP = CmsTestUtil.MakeKeyPair(); +// private static X509Certificate origCert; + //origCert = CmsTestUtil.MakeCertificate(_origKP, OrigDN, _signKP, SignDN); + + private const string ReciDN = "CN=Doug, OU=Sales, O=Bouncy Castle, C=AU"; + private const string ReciDN2 = "CN=Fred, OU=Sales, O=Bouncy Castle, C=AU"; + + private static AsymmetricCipherKeyPair reciKP; + private static X509Certificate reciCert; + + private static AsymmetricCipherKeyPair origECKP; + private static AsymmetricCipherKeyPair reciECKP; + private static X509Certificate reciECCert; + private static AsymmetricCipherKeyPair reciECKP2; + private static X509Certificate reciECCert2; + + private static AsymmetricCipherKeyPair SignKP + { + get { return signKP == null ? (signKP = CmsTestUtil.MakeKeyPair()) : signKP; } + } + + private static AsymmetricCipherKeyPair ReciKP + { + get { return reciKP == null ? (reciKP = CmsTestUtil.MakeKeyPair()) : reciKP; } + } + + private static X509Certificate ReciCert + { + get { return reciCert == null ? (reciCert = CmsTestUtil.MakeCertificate(ReciKP, ReciDN, SignKP, SignDN)) : reciCert; } + } + + private static AsymmetricCipherKeyPair OrigECKP + { + get { return origECKP == null ? (origECKP = CmsTestUtil.MakeECDsaKeyPair()) : origECKP; } + } + + private static AsymmetricCipherKeyPair ReciECKP + { + get { return reciECKP == null ? (reciECKP = CmsTestUtil.MakeECDsaKeyPair()) : reciECKP; } + } + + private static X509Certificate ReciECCert + { + get { return reciECCert == null ? (reciECCert = CmsTestUtil.MakeCertificate(ReciECKP, ReciDN, SignKP, SignDN)) : reciECCert; } + } + + private static AsymmetricCipherKeyPair ReciECKP2 + { + get { return reciECKP2 == null ? (reciECKP2 = CmsTestUtil.MakeECDsaKeyPair()) : reciECKP2; } + } + + private static X509Certificate ReciECCert2 + { + get { return reciECCert2 == null ? (reciECCert2 = CmsTestUtil.MakeCertificate(ReciECKP2, ReciDN2, SignKP, SignDN)) : reciECCert2; } + } + + private static readonly byte[] oldKEK = Base64.Decode( + "MIAGCSqGSIb3DQEHA6CAMIACAQIxQaI/MD0CAQQwBwQFAQIDBAUwDQYJYIZIAWUDBAEFBQAEI" + + "Fi2eHTPM4bQSjP4DUeDzJZLpfemW2gF1SPq7ZPHJi1mMIAGCSqGSIb3DQEHATAUBggqhkiG9w" + + "0DBwQImtdGyUdGGt6ggAQYk9X9z01YFBkU7IlS3wmsKpm/zpZClTceAAAAAAAAAAAAAA=="); + + private static readonly byte[] ecKeyAgreeMsgAES256 = Base64.Decode( + "MIAGCSqGSIb3DQEHA6CAMIACAQIxgcShgcECAQOgQ6FBMAsGByqGSM49AgEF" + + "AAMyAAPdXlSTpub+qqno9hUGkUDl+S3/ABhPziIB5yGU4678tgOgU5CiKG9Z" + + "kfnabIJ3nZYwGgYJK4EFEIZIPwACMA0GCWCGSAFlAwQBLQUAMFswWTAtMCgx" + + "EzARBgNVBAMTCkFkbWluLU1EU0UxETAPBgNVBAoTCDRCQ1QtMklEAgEBBCi/" + + "rJRLbFwEVW6PcLLmojjW9lI/xGD7CfZzXrqXFw8iHaf3hTRau1gYMIAGCSqG" + + "SIb3DQEHATAdBglghkgBZQMEASoEEMtCnKKPwccmyrbgeSIlA3qggAQQDLw8" + + "pNJR97bPpj6baG99bQQQwhEDsoj5Xg1oOxojHVcYzAAAAAAAAAAAAAA="); + + private static readonly byte[] ecKeyAgreeMsgAES128 = Base64.Decode( + "MIAGCSqGSIb3DQEHA6CAMIACAQIxgbShgbECAQOgQ6FBMAsGByqGSM49AgEF" + + "AAMyAAL01JLEgKvKh5rbxI/hOxs/9WEezMIsAbUaZM4l5tn3CzXAN505nr5d" + + "LhrcurMK+tAwGgYJK4EFEIZIPwACMA0GCWCGSAFlAwQBBQUAMEswSTAtMCgx" + + "EzARBgNVBAMTCkFkbWluLU1EU0UxETAPBgNVBAoTCDRCQ1QtMklEAgEBBBhi" + + "FLjc5g6aqDT3f8LomljOwl1WTrplUT8wgAYJKoZIhvcNAQcBMB0GCWCGSAFl" + + "AwQBAgQQzXjms16Y69S/rB0EbHqRMaCABBAFmc/QdVW6LTKdEy97kaZzBBBa" + + "fQuviUS03NycpojELx0bAAAAAAAAAAAAAA=="); + + private static readonly byte[] ecKeyAgreeMsgDESEDE = Base64.Decode( + "MIAGCSqGSIb3DQEHA6CAMIACAQIxgcahgcMCAQOgQ6FBMAsGByqGSM49AgEF" + + "AAMyAALIici6Nx1WN5f0ThH2A8ht9ovm0thpC5JK54t73E1RDzCifePaoQo0" + + "xd6sUqoyGaYwHAYJK4EFEIZIPwACMA8GCyqGSIb3DQEJEAMGBQAwWzBZMC0w" + + "KDETMBEGA1UEAxMKQWRtaW4tTURTRTERMA8GA1UEChMINEJDVC0ySUQCAQEE" + + "KJuqZQ1NB1vXrKPOnb4TCpYOsdm6GscWdwAAZlm2EHMp444j0s55J9wwgAYJ" + + "KoZIhvcNAQcBMBQGCCqGSIb3DQMHBAjwnsDMsafCrKCABBjyPvqFOVMKxxut" + + "VfTx4fQlNGJN8S2ATRgECMcTQ/dsmeViAAAAAAAAAAAAAA=="); + + private static readonly byte[] ecMqvKeyAgreeMsgAes128 = Base64.Decode( + "MIAGCSqGSIb3DQEHA6CAMIACAQIxgf2hgfoCAQOgQ6FBMAsGByqGSM49AgEF" + + "AAMyAAPDKU+0H58tsjpoYmYCInMr/FayvCCkupebgsnpaGEB7qS9vzcNVUj6" + + "mrnmiC2grpmhRwRFMEMwQTALBgcqhkjOPQIBBQADMgACZpD13z9c7DzRWx6S" + + "0xdbq3S+EJ7vWO+YcHVjTD8NcQDcZcWASW899l1PkL936zsuMBoGCSuBBRCG" + + "SD8AEDANBglghkgBZQMEAQUFADBLMEkwLTAoMRMwEQYDVQQDEwpBZG1pbi1N" + + "RFNFMREwDwYDVQQKEwg0QkNULTJJRAIBAQQYFq58L71nyMK/70w3nc6zkkRy" + + "RL7DHmpZMIAGCSqGSIb3DQEHATAdBglghkgBZQMEAQIEEDzRUpreBsZXWHBe" + + "onxOtSmggAQQ7csAZXwT1lHUqoazoy8bhAQQq+9Zjj8iGdOWgyebbfj67QAA" + + "AAAAAAAAAAA="); + + private static readonly byte[] ecKeyAgreeKey = Base64.Decode( + "MIG2AgEAMBAGByqGSM49AgEGBSuBBAAiBIGeMIGbAgEBBDC8vp7xVTbKSgYVU5Wc" + + "hGkWbzaj+yUFETIWP1Dt7+WSpq3ikSPdl7PpHPqnPVZfoIWhZANiAgSYHTgxf+Dd" + + "Tt84dUvuSKkFy3RhjxJmjwIscK6zbEUzKhcPQG2GHzXhWK5x1kov0I74XpGhVkya" + + "ElH5K6SaOXiXAzcyNGggTOk4+ZFnz5Xl0pBje3zKxPhYu0SnCw7Pcqw="); + + private static readonly byte[] bobPrivRsaEncrypt = Base64.Decode( + "MIIChQIBADANBgkqhkiG9w0BAQEFAASCAmAwggJcAgEAAoGBAKnhZ5g/OdVf" + + "8qCTQV6meYmFyDVdmpFb+x0B2hlwJhcPvaUi0DWFbXqYZhRBXM+3twg7CcmR" + + "uBlpN235ZR572akzJKN/O7uvRgGGNjQyywcDWVL8hYsxBLjMGAgUSOZPHPtd" + + "YMTgXB9T039T2GkB8QX4enDRvoPGXzjPHCyqaqfrAgMBAAECgYBnzUhMmg2P" + + "mMIbZf8ig5xt8KYGHbztpwOIlPIcaw+LNd4Ogngwy+e6alatd8brUXlweQqg" + + "9P5F4Kmy9Bnah5jWMIR05PxZbMHGd9ypkdB8MKCixQheIXFD/A0HPfD6bRSe" + + "TmPwF1h5HEuYHD09sBvf+iU7o8AsmAX2EAnYh9sDGQJBANDDIsbeopkYdo+N" + + "vKZ11mY/1I1FUox29XLE6/BGmvE+XKpVC5va3Wtt+Pw7PAhDk7Vb/s7q/WiE" + + "I2Kv8zHCueUCQQDQUfweIrdb7bWOAcjXq/JY1PeClPNTqBlFy2bKKBlf4hAr" + + "84/sajB0+E0R9KfEILVHIdxJAfkKICnwJAiEYH2PAkA0umTJSChXdNdVUN5q" + + "SO8bKlocSHseIVnDYDubl6nA7xhmqU5iUjiEzuUJiEiUacUgFJlaV/4jbOSn" + + "I3vQgLeFAkEAni+zN5r7CwZdV+EJBqRd2ZCWBgVfJAZAcpw6iIWchw+dYhKI" + + "FmioNRobQ+g4wJhprwMKSDIETukPj3d9NDAlBwJAVxhn1grStavCunrnVNqc" + + "BU+B1O8BiR4yPWnLMcRSyFRVJQA7HCp8JlDV6abXd8vPFfXuC9WN7rOvTKF8" + + "Y0ZB9qANMAsGA1UdDzEEAwIAEA=="); + + private static readonly byte[] rfc4134ex5_1 = Base64.Decode( + "MIIBHgYJKoZIhvcNAQcDoIIBDzCCAQsCAQAxgcAwgb0CAQAwJjASMRAwDgYD" + + "VQQDEwdDYXJsUlNBAhBGNGvHgABWvBHTbi7NXXHQMA0GCSqGSIb3DQEBAQUA" + + "BIGAC3EN5nGIiJi2lsGPcP2iJ97a4e8kbKQz36zg6Z2i0yx6zYC4mZ7mX7FB" + + "s3IWg+f6KgCLx3M1eCbWx8+MDFbbpXadCDgO8/nUkUNYeNxJtuzubGgzoyEd" + + "8Ch4H/dd9gdzTd+taTEgS0ipdSJuNnkVY4/M652jKKHRLFf02hosdR8wQwYJ" + + "KoZIhvcNAQcBMBQGCCqGSIb3DQMHBAgtaMXpRwZRNYAgDsiSf8Z9P43LrY4O" + + "xUk660cu1lXeCSFOSOpOJ7FuVyU="); + + private static readonly byte[] rfc4134ex5_2 = Base64.Decode( + "MIIBZQYJKoZIhvcNAQcDoIIBVjCCAVICAQIxggEAMIG9AgEAMCYwEjEQMA4G" + + "A1UEAxMHQ2FybFJTQQIQRjRrx4AAVrwR024uzV1x0DANBgkqhkiG9w0BAQEF" + + "AASBgJQmQojGi7Z4IP+CVypBmNFoCDoEp87khtgyff2N4SmqD3RxPx+8hbLQ" + + "t9i3YcMwcap+aiOkyqjMalT03VUC0XBOGv+HYI3HBZm/aFzxoq+YOXAWs5xl" + + "GerZwTOc9j6AYlK4qXvnztR5SQ8TBjlzytm4V7zg+TGrnGVNQBNw47Ewoj4C" + + "AQQwDQQLTWFpbExpc3RSQzIwEAYLKoZIhvcNAQkQAwcCAToEGHcUr5MSJ/g9" + + "HnJVHsQ6X56VcwYb+OfojTBJBgkqhkiG9w0BBwEwGgYIKoZIhvcNAwIwDgIC" + + "AKAECJwE0hkuKlWhgCBeKNXhojuej3org9Lt7n+wWxOhnky5V50vSpoYRfRR" + + "yw=="); + + [Test] + public void TestKeyTrans() + { + byte[] data = Encoding.ASCII.GetBytes("WallaWallaWashington"); + + CmsEnvelopedDataGenerator edGen = new CmsEnvelopedDataGenerator(); + + edGen.AddKeyTransRecipient(ReciCert); + + CmsEnvelopedData ed = edGen.Generate( + new CmsProcessableByteArray(data), + CmsEnvelopedDataGenerator.DesEde3Cbc); + + RecipientInformationStore recipients = ed.GetRecipientInfos(); + + + Assert.AreEqual(ed.EncryptionAlgOid, CmsEnvelopedDataGenerator.DesEde3Cbc); + + ICollection c = recipients.GetRecipients(); + + Assert.AreEqual(1, c.Count); + + foreach (RecipientInformation recipient in c) + { + Assert.AreEqual(recipient.KeyEncryptionAlgOid, PkcsObjectIdentifiers.RsaEncryption.Id); + + byte[] recData = recipient.GetContent(ReciKP.Private); + + Assert.IsTrue(Arrays.AreEqual(data, recData)); + } + } + + [Test] + public void TestKeyTransRC4() + { + byte[] data = Encoding.ASCII.GetBytes("WallaWallaBouncyCastle"); + + CmsEnvelopedDataGenerator edGen = new CmsEnvelopedDataGenerator(); + + edGen.AddKeyTransRecipient(ReciCert); + + CmsEnvelopedData ed = edGen.Generate( + new CmsProcessableByteArray(data), + "1.2.840.113549.3.4"); // RC4 OID + + RecipientInformationStore recipients = ed.GetRecipientInfos(); + + Assert.AreEqual(ed.EncryptionAlgOid, "1.2.840.113549.3.4"); + + ICollection c = recipients.GetRecipients(); + + Assert.AreEqual(1, c.Count); + + foreach (RecipientInformation recipient in c) + { + byte[] recData = recipient.GetContent(ReciKP.Private); + + Assert.IsTrue(Arrays.AreEqual(data, recData)); + } + } + + [Test] + public void TestKeyTrans128RC4() + { + byte[] data = Encoding.ASCII.GetBytes("WallaWallaBouncyCastle"); + + CmsEnvelopedDataGenerator edGen = new CmsEnvelopedDataGenerator(); + + edGen.AddRecipientInfoGenerator(new KeyTransRecipientInfoGenerator(ReciCert, + new Asn1KeyWrapper("RSA/ECB/PKCS1Padding", ReciCert))); + + CmsEnvelopedData ed = edGen.Generate( + new CmsProcessableByteArray(data), + "1.2.840.113549.3.4", 128); // RC4 OID + + RecipientInformationStore recipients = ed.GetRecipientInfos(); + + Assert.AreEqual(ed.EncryptionAlgOid, "1.2.840.113549.3.4"); + + ICollection c = recipients.GetRecipients(); + + Assert.AreEqual(1, c.Count); + + foreach (RecipientInformation recipient in c) + { + byte[] recData = recipient.GetContent(ReciKP.Private); + + Assert.IsTrue(Arrays.AreEqual(data, recData)); + } + } + + [Test] + public void TestKeyTransOdes() + { + byte[] data = Encoding.ASCII.GetBytes("WallaWallaBouncyCastle"); + + CmsEnvelopedDataGenerator edGen = new CmsEnvelopedDataGenerator(); + + edGen.AddKeyTransRecipient(ReciCert); + + CmsEnvelopedData ed = edGen.Generate( + new CmsProcessableByteArray(data), + OiwObjectIdentifiers.DesCbc.Id); + + RecipientInformationStore recipients = ed.GetRecipientInfos(); + + Assert.AreEqual(ed.EncryptionAlgOid, OiwObjectIdentifiers.DesCbc.Id); + + ICollection c = recipients.GetRecipients(); + + Assert.AreEqual(1, c.Count); + + foreach (RecipientInformation recipient in c) + { + byte[] recData = recipient.GetContent(ReciKP.Private); + + Assert.IsTrue(Arrays.AreEqual(data, recData)); + } + } + + [Test] + public void TestKeyTransSmallAes() + { + byte[] data = new byte[] { 0, 1, 2, 3 }; + + CmsEnvelopedDataGenerator edGen = new CmsEnvelopedDataGenerator(); + + edGen.AddKeyTransRecipient(ReciCert); + + CmsEnvelopedData ed = edGen.Generate( + new CmsProcessableByteArray(data), + CmsEnvelopedDataGenerator.Aes128Cbc); + + RecipientInformationStore recipients = ed.GetRecipientInfos(); + + Assert.AreEqual(ed.EncryptionAlgOid, + CmsEnvelopedDataGenerator.Aes128Cbc); + + ICollection c = recipients.GetRecipients(); + + Assert.AreEqual(1, c.Count); + + foreach (RecipientInformation recipient in c) + { + byte[] recData = recipient.GetContent(ReciKP.Private); + Assert.IsTrue(Arrays.AreEqual(data, recData)); + } + } + + [Test] + public void TestKeyTransSmallAesUsingOaep() + { + byte[] data = new byte[] { 0, 1, 2, 3 }; + + CmsEnvelopedDataGenerator edGen = new CmsEnvelopedDataGenerator(); + + edGen.AddRecipientInfoGenerator(new KeyTransRecipientInfoGenerator(ReciCert, + new Asn1KeyWrapper("RSA/None/OAEPwithSHA256andMGF1withSHA1Padding", ReciCert))); + + CmsEnvelopedData ed = edGen.Generate( + new CmsProcessableByteArray(data), + CmsEnvelopedDataGenerator.Aes128Cbc); + + RecipientInformationStore recipients = ed.GetRecipientInfos(); + + Assert.AreEqual(ed.EncryptionAlgOid, + CmsEnvelopedDataGenerator.Aes128Cbc); + + ICollection c = recipients.GetRecipients(); + + Assert.AreEqual(1, c.Count); + + foreach (RecipientInformation recipient in c) + { + byte[] recData = recipient.GetContent(ReciKP.Private); + Assert.IsTrue(Arrays.AreEqual(data, recData)); + } + } + + [Test] + public void TestKeyTransSmallAesUsingOaepMixed() + { + byte[] data = new byte[] { 0, 1, 2, 3 }; + + CmsEnvelopedDataGenerator edGen = new CmsEnvelopedDataGenerator(); + + edGen.AddRecipientInfoGenerator(new KeyTransRecipientInfoGenerator(ReciCert, new Asn1KeyWrapper("RSA/None/OAEPwithSHA256andMGF1withSHA1Padding", ReciCert))); + + CmsEnvelopedData ed = edGen.Generate( + new CmsProcessableByteArray(data), + CmsEnvelopedDataGenerator.Aes128Cbc); + + RecipientInformationStore recipients = ed.GetRecipientInfos(); + + Assert.AreEqual(ed.EncryptionAlgOid, + CmsEnvelopedDataGenerator.Aes128Cbc); + + ICollection c = recipients.GetRecipients(); + + Assert.AreEqual(1, c.Count); + + foreach (RecipientInformation recipient in c) + { + byte[] recData = recipient.GetContent(ReciKP.Private); + Assert.IsTrue(Arrays.AreEqual(data, recData)); + } + } + + [Test] + public void TestKeyTransSmallAesUsingOaepMixedParams() + { + byte[] data = new byte[]{ 0, 1, 2, 3 }; + + CmsEnvelopedDataGenerator edGen = new CmsEnvelopedDataGenerator(); + + edGen.AddRecipientInfoGenerator( + new KeyTransRecipientInfoGenerator( + ReciCert, + new Asn1KeyWrapper( + PkcsObjectIdentifiers.IdRsaesOaep, + new RsaesOaepParameters( + new AlgorithmIdentifier(NistObjectIdentifiers.IdSha256, DerNull.Instance), + new AlgorithmIdentifier(PkcsObjectIdentifiers.IdMgf1, + new AlgorithmIdentifier(NistObjectIdentifiers.IdSha224, DerNull.Instance))), + ReciCert))); + + CmsEnvelopedData ed = edGen.Generate( + new CmsProcessableByteArray(data), + CmsEnvelopedGenerator.Aes128Cbc); + + RecipientInformationStore recipients = ed.GetRecipientInfos(); + + Assert.AreEqual(ed.EncryptionAlgOid, CmsEnvelopedGenerator.Aes128Cbc); + + ICollection c = recipients.GetRecipients(); + + Assert.AreEqual(1, c.Count); + + foreach (RecipientInformation recipient in c) + { + byte[] recData = recipient.GetContent(ReciKP.Private); + Assert.IsTrue(Arrays.AreEqual(data, recData)); + } + } + + [Test] + public void TestKeyTransSmallAesUsingPkcs1() + { + byte[] data = new byte[] { 0, 1, 2, 3 }; + + CmsEnvelopedDataGenerator edGen = new CmsEnvelopedDataGenerator(); + + edGen.AddRecipientInfoGenerator( + new KeyTransRecipientInfoGenerator( + ReciCert, + new Asn1KeyWrapper( + PkcsObjectIdentifiers.RsaEncryption, ReciCert))); + + CmsEnvelopedData ed = edGen.Generate( + new CmsProcessableByteArray(data), + CmsEnvelopedDataGenerator.Aes128Cbc); + + RecipientInformationStore recipients = ed.GetRecipientInfos(); + + Assert.AreEqual(ed.EncryptionAlgOid, + CmsEnvelopedDataGenerator.Aes128Cbc); + + ICollection c = recipients.GetRecipients(); + + Assert.AreEqual(1, c.Count); + + foreach (RecipientInformation recipient in c) + { + byte[] recData = recipient.GetContent(ReciKP.Private); + Assert.IsTrue(Arrays.AreEqual(data, recData)); + } + } + + [Test] + public void TestKeyTransCast5() + { + TryKeyTrans(CmsEnvelopedDataGenerator.Cast5Cbc, + new DerObjectIdentifier(CmsEnvelopedDataGenerator.Cast5Cbc), + typeof(Asn1Sequence)); + } + + [Test] + public void TestKeyTransAes128() + { + TryKeyTrans(CmsEnvelopedDataGenerator.Aes128Cbc, + NistObjectIdentifiers.IdAes128Cbc, + typeof(DerOctetString)); + } + + [Test] + public void TestKeyTransAes192() + { + TryKeyTrans(CmsEnvelopedDataGenerator.Aes192Cbc, + NistObjectIdentifiers.IdAes192Cbc, + typeof(DerOctetString)); + } + + [Test] + public void TestKeyTransAes256() + { + TryKeyTrans(CmsEnvelopedDataGenerator.Aes256Cbc, + NistObjectIdentifiers.IdAes256Cbc, + typeof(DerOctetString)); + } + + [Test] + public void TestKeyTransSeed() + { + TryKeyTrans(CmsEnvelopedDataGenerator.SeedCbc, + KisaObjectIdentifiers.IdSeedCbc, + typeof(DerOctetString)); + } + + public void TestKeyTransCamellia128() + { + TryKeyTrans(CmsEnvelopedDataGenerator.Camellia128Cbc, + NttObjectIdentifiers.IdCamellia128Cbc, + typeof(DerOctetString)); + } + + public void TestKeyTransCamellia192() + { + TryKeyTrans(CmsEnvelopedDataGenerator.Camellia192Cbc, + NttObjectIdentifiers.IdCamellia192Cbc, + typeof(DerOctetString)); + } + + public void TestKeyTransCamellia256() + { + TryKeyTrans(CmsEnvelopedDataGenerator.Camellia256Cbc, + NttObjectIdentifiers.IdCamellia256Cbc, + typeof(DerOctetString)); + } + + private void TryKeyTrans( + string generatorOID, + DerObjectIdentifier checkOID, + Type asn1Params) + { + byte[] data = Encoding.ASCII.GetBytes("WallaWallaWashington"); + + CmsEnvelopedDataGenerator edGen = new CmsEnvelopedDataGenerator(); + + edGen.AddKeyTransRecipient(ReciCert); + + CmsEnvelopedData ed = edGen.Generate(new CmsProcessableByteArray(data), generatorOID); + + RecipientInformationStore recipients = ed.GetRecipientInfos(); + + Assert.AreEqual(checkOID.Id, ed.EncryptionAlgOid); + + if (asn1Params != null) + { + Assert.IsTrue(asn1Params.IsInstanceOfType(ed.EncryptionAlgorithmID.Parameters)); + } + + ArrayList c = new ArrayList(recipients.GetRecipients()); + + Assert.AreEqual(1, c.Count); + + foreach (RecipientInformation recipient in c) + { + Assert.AreEqual(recipient.KeyEncryptionAlgOid, PkcsObjectIdentifiers.RsaEncryption.Id); + + byte[] recData = recipient.GetContent(ReciKP.Private); + + Assert.IsTrue(Arrays.AreEqual(data, recData)); + } + } + + [Test] + public void TestErroneousKek() + { + byte[] data = Encoding.ASCII.GetBytes("WallaWallaWashington"); + KeyParameter kek = ParameterUtilities.CreateKeyParameter( + "AES", + new byte[] { 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16 }); + + CmsEnvelopedData ed = new CmsEnvelopedData(oldKEK); + + RecipientInformationStore recipients = ed.GetRecipientInfos(); + + Assert.AreEqual(ed.EncryptionAlgOid, CmsEnvelopedDataGenerator.DesEde3Cbc); + + ICollection c = recipients.GetRecipients(); + + Assert.AreEqual(1, c.Count); + + foreach (RecipientInformation recipient in c) + { + Assert.AreEqual(recipient.KeyEncryptionAlgOid, NistObjectIdentifiers.IdAes128Wrap.Id); + + byte[] recData = recipient.GetContent(kek); + + Assert.IsTrue(Arrays.AreEqual(data, recData)); + } + } + + [Test] + public void TestDesKek() + { + TryKekAlgorithm(CmsTestUtil.MakeDesEde192Key(), new DerObjectIdentifier("1.2.840.113549.1.9.16.3.6")); + } + + [Test] + public void TestRC2128Kek() + { + TryKekAlgorithm(CmsTestUtil.MakeRC2128Key(), new DerObjectIdentifier("1.2.840.113549.1.9.16.3.7")); + } + + [Test] + public void TestAes128Kek() + { + TryKekAlgorithm(CmsTestUtil.MakeAesKey(128), NistObjectIdentifiers.IdAes128Wrap); + } + + [Test] + public void TestAes192Kek() + { + TryKekAlgorithm(CmsTestUtil.MakeAesKey(192), NistObjectIdentifiers.IdAes192Wrap); + } + + [Test] + public void TestAes256Kek() + { + TryKekAlgorithm(CmsTestUtil.MakeAesKey(256), NistObjectIdentifiers.IdAes256Wrap); + } + + [Test] + public void TestSeed128Kek() + { + TryKekAlgorithm(CmsTestUtil.MakeSeedKey(), KisaObjectIdentifiers.IdNpkiAppCmsSeedWrap); + } + + [Test] + public void TestCamellia128Kek() + { + TryKekAlgorithm(CmsTestUtil.MakeCamelliaKey(128), NttObjectIdentifiers.IdCamellia128Wrap); + } + + [Test] + public void TestCamellia192Kek() + { + TryKekAlgorithm(CmsTestUtil.MakeCamelliaKey(192), NttObjectIdentifiers.IdCamellia192Wrap); + } + + [Test] + public void TestCamellia256Kek() + { + TryKekAlgorithm(CmsTestUtil.MakeCamelliaKey(256), NttObjectIdentifiers.IdCamellia256Wrap); + } + + private void TryKekAlgorithm( + KeyParameter kek, + DerObjectIdentifier algOid) + { + byte[] data = Encoding.ASCII.GetBytes("WallaWallaWashington"); + CmsEnvelopedDataGenerator edGen = new CmsEnvelopedDataGenerator(); + + byte[] kekId = new byte[] { 1, 2, 3, 4, 5 }; + + string keyAlgorithm = ParameterUtilities.GetCanonicalAlgorithmName(algOid.Id); + + edGen.AddKekRecipient(keyAlgorithm, kek, kekId); + + CmsEnvelopedData ed = edGen.Generate( + new CmsProcessableByteArray(data), + CmsEnvelopedDataGenerator.DesEde3Cbc); + + RecipientInformationStore recipients = ed.GetRecipientInfos(); + + Assert.AreEqual(ed.EncryptionAlgOid, CmsEnvelopedDataGenerator.DesEde3Cbc); + + ArrayList c = new ArrayList(recipients.GetRecipients()); + + Assert.IsTrue(c.Count > 0); + + foreach (RecipientInformation recipient in c) + { + Assert.AreEqual(algOid.Id, recipient.KeyEncryptionAlgOid); + + byte[] recData = recipient.GetContent(kek); + + Assert.IsTrue(Arrays.AreEqual(data, recData)); + } + } + + [Test] + public void TestECKeyAgree() + { + byte[] data = Hex.Decode("504b492d4320434d5320456e76656c6f706564446174612053616d706c65"); + + CmsEnvelopedDataGenerator edGen = new CmsEnvelopedDataGenerator(); + + edGen.AddKeyAgreementRecipient( + CmsEnvelopedDataGenerator.ECDHSha1Kdf, + OrigECKP.Private, + OrigECKP.Public, + ReciECCert, + CmsEnvelopedDataGenerator.Aes128Wrap); + + CmsEnvelopedData ed = edGen.Generate( + new CmsProcessableByteArray(data), + CmsEnvelopedDataGenerator.Aes128Cbc); + + Assert.AreEqual(ed.EncryptionAlgOid, CmsEnvelopedDataGenerator.Aes128Cbc); + + RecipientInformationStore recipients = ed.GetRecipientInfos(); + + ConfirmDataReceived(recipients, data, ReciECCert, ReciECKP.Private); + ConfirmNumberRecipients(recipients, 1); + } + + [Test] + public void TestECMqvKeyAgree() + { + byte[] data = Hex.Decode("504b492d4320434d5320456e76656c6f706564446174612053616d706c65"); + + CmsEnvelopedDataGenerator edGen = new CmsEnvelopedDataGenerator(); + + edGen.AddKeyAgreementRecipient( + CmsEnvelopedDataGenerator.ECMqvSha1Kdf, + OrigECKP.Private, + OrigECKP.Public, + ReciECCert, + CmsEnvelopedDataGenerator.Aes128Wrap); + + CmsEnvelopedData ed = edGen.Generate( + new CmsProcessableByteArray(data), + CmsEnvelopedDataGenerator.Aes128Cbc); + + Assert.AreEqual(ed.EncryptionAlgOid, CmsEnvelopedDataGenerator.Aes128Cbc); + + RecipientInformationStore recipients = ed.GetRecipientInfos(); + + ConfirmDataReceived(recipients, data, ReciECCert, ReciECKP.Private); + ConfirmNumberRecipients(recipients, 1); + } + + [Test] + public void TestECMqvKeyAgreeMultiple() + { + byte[] data = Hex.Decode("504b492d4320434d5320456e76656c6f706564446174612053616d706c65"); + + CmsEnvelopedDataGenerator edGen = new CmsEnvelopedDataGenerator(); + + ArrayList recipientCerts = new ArrayList(); + recipientCerts.Add(ReciECCert); + recipientCerts.Add(ReciECCert2); + + edGen.AddKeyAgreementRecipients( + CmsEnvelopedDataGenerator.ECMqvSha1Kdf, + OrigECKP.Private, + OrigECKP.Public, + recipientCerts, + CmsEnvelopedDataGenerator.Aes128Wrap); + + CmsEnvelopedData ed = edGen.Generate( + new CmsProcessableByteArray(data), + CmsEnvelopedDataGenerator.Aes128Cbc); + + Assert.AreEqual(ed.EncryptionAlgOid, CmsEnvelopedDataGenerator.Aes128Cbc); + + RecipientInformationStore recipients = ed.GetRecipientInfos(); + + ConfirmDataReceived(recipients, data, ReciECCert, ReciECKP.Private); + ConfirmDataReceived(recipients, data, ReciECCert2, ReciECKP2.Private); + ConfirmNumberRecipients(recipients, 2); + } + + private static void ConfirmDataReceived(RecipientInformationStore recipients, + byte[] expectedData, X509Certificate reciCert, AsymmetricKeyParameter reciPrivKey) + { + RecipientID rid = new RecipientID(); + rid.Issuer = PrincipalUtilities.GetIssuerX509Principal(reciCert); + rid.SerialNumber = reciCert.SerialNumber; + + RecipientInformation recipient = recipients[rid]; + Assert.IsNotNull(recipient); + + byte[] actualData = recipient.GetContent(reciPrivKey); + Assert.IsTrue(Arrays.AreEqual(expectedData, actualData)); + } + + private static void ConfirmNumberRecipients(RecipientInformationStore recipients, int count) + { + Assert.AreEqual(count, recipients.GetRecipients().Count); + } + + [Test] + public void TestECKeyAgreeVectors() + { + AsymmetricKeyParameter privKey = PrivateKeyFactory.CreateKey(ecKeyAgreeKey); + + VerifyECKeyAgreeVectors(privKey, "2.16.840.1.101.3.4.1.42", ecKeyAgreeMsgAES256); + VerifyECKeyAgreeVectors(privKey, "2.16.840.1.101.3.4.1.2", ecKeyAgreeMsgAES128); + VerifyECKeyAgreeVectors(privKey, "1.2.840.113549.3.7", ecKeyAgreeMsgDESEDE); + } + + [Test] + public void TestECMqvKeyAgreeVectors() + { + AsymmetricKeyParameter privKey = PrivateKeyFactory.CreateKey(ecKeyAgreeKey); + + VerifyECMqvKeyAgreeVectors(privKey, "2.16.840.1.101.3.4.1.2", ecMqvKeyAgreeMsgAes128); + } + + [Test] + public void TestPasswordAes256() + { + PasswordTest(CmsEnvelopedDataGenerator.Aes256Cbc); + PasswordUtf8Test(CmsEnvelopedDataGenerator.Aes256Cbc); + } + + [Test] + public void TestPasswordDesEde() + { + PasswordTest(CmsEnvelopedDataGenerator.DesEde3Cbc); + PasswordUtf8Test(CmsEnvelopedDataGenerator.DesEde3Cbc); + } + + [Test] + public void TestRfc4134Ex5_1() + { + byte[] data = Hex.Decode("5468697320697320736f6d652073616d706c6520636f6e74656e742e"); + +// KeyFactory kFact = KeyFactory.GetInstance("RSA"); +// Key key = kFact.generatePrivate(new PKCS8EncodedKeySpec(bobPrivRsaEncrypt)); + AsymmetricKeyParameter key = PrivateKeyFactory.CreateKey(bobPrivRsaEncrypt); + + CmsEnvelopedData ed = new CmsEnvelopedData(rfc4134ex5_1); + + RecipientInformationStore recipients = ed.GetRecipientInfos(); + + Assert.AreEqual("1.2.840.113549.3.7", ed.EncryptionAlgOid); + + ICollection c = recipients.GetRecipients(); + + Assert.AreEqual(1, c.Count); + + foreach (RecipientInformation recipient in c) + { + byte[] recData = recipient.GetContent(key); + + Assert.IsTrue(Arrays.AreEqual(data, recData)); + } + } + + [Test] + public void TestRfc4134Ex5_2() + { + byte[] data = Hex.Decode("5468697320697320736f6d652073616d706c6520636f6e74656e742e"); + +// KeyFactory kFact = KeyFactory.GetInstance("RSA"); +// Key key = kFact.generatePrivate(new PKCS8EncodedKeySpec(bobPrivRsaEncrypt)); + AsymmetricKeyParameter key = PrivateKeyFactory.CreateKey(bobPrivRsaEncrypt); + + CmsEnvelopedData ed = new CmsEnvelopedData(rfc4134ex5_2); + + RecipientInformationStore recipients = ed.GetRecipientInfos(); + + Assert.AreEqual("1.2.840.113549.3.2", ed.EncryptionAlgOid); + + ICollection c = recipients.GetRecipients(); + IEnumerator e = c.GetEnumerator(); + + if (e.MoveNext()) + { + do + { + RecipientInformation recipient = (RecipientInformation) e.Current; + + if (recipient is KeyTransRecipientInformation) + { + byte[] recData = recipient.GetContent(key); + + Assert.IsTrue(Arrays.AreEqual(data, recData)); + } + } + while (e.MoveNext()); + } + else + { + Assert.Fail("no recipient found"); + } + } + + [Test] + public void TestOriginatorInfo() + { + CmsEnvelopedData env = new CmsEnvelopedData(CmsSampleMessages.originatorMessage); + + RecipientInformationStore recipients = env.GetRecipientInfos(); + + Assert.AreEqual(CmsEnvelopedDataGenerator.DesEde3Cbc, env.EncryptionAlgOid); + } + + private void PasswordTest( + string algorithm) + { + byte[] data = Hex.Decode("504b492d4320434d5320456e76656c6f706564446174612053616d706c65"); + + CmsEnvelopedDataGenerator edGen = new CmsEnvelopedDataGenerator(); + + edGen.AddPasswordRecipient(new Pkcs5Scheme2PbeKey("password".ToCharArray(), new byte[20], 5), algorithm); + + CmsEnvelopedData ed = edGen.Generate( + new CmsProcessableByteArray(data), + CmsEnvelopedDataGenerator.Aes128Cbc); + + RecipientInformationStore recipients = ed.GetRecipientInfos(); + + Assert.AreEqual(ed.EncryptionAlgOid, CmsEnvelopedDataGenerator.Aes128Cbc); + + ICollection c = recipients.GetRecipients(); + + Assert.AreEqual(1, c.Count); + + foreach (PasswordRecipientInformation recipient in c) + { + CmsPbeKey key = new Pkcs5Scheme2PbeKey("password".ToCharArray(), recipient.KeyDerivationAlgorithm); + + byte[] recData = recipient.GetContent(key); + + Assert.IsTrue(Arrays.AreEqual(data, recData)); + } + } + + private void PasswordUtf8Test( + string algorithm) + { + byte[] data = Hex.Decode("504b492d4320434d5320456e76656c6f706564446174612053616d706c65"); + + CmsEnvelopedDataGenerator edGen = new CmsEnvelopedDataGenerator(); + + edGen.AddPasswordRecipient( + new Pkcs5Scheme2Utf8PbeKey("abc\u5639\u563b".ToCharArray(), new byte[20], 5), + algorithm); + + CmsEnvelopedData ed = edGen.Generate( + new CmsProcessableByteArray(data), + CmsEnvelopedDataGenerator.Aes128Cbc); + + RecipientInformationStore recipients = ed.GetRecipientInfos(); + + Assert.AreEqual(ed.EncryptionAlgOid, CmsEnvelopedDataGenerator.Aes128Cbc); + + ICollection c = recipients.GetRecipients(); + + Assert.AreEqual(1, c.Count); + + foreach (PasswordRecipientInformation recipient in c) + { + CmsPbeKey key = new Pkcs5Scheme2Utf8PbeKey( + "abc\u5639\u563b".ToCharArray(), recipient.KeyDerivationAlgorithm); + + byte[] recData = recipient.GetContent(key); + + Assert.IsTrue(Arrays.AreEqual(data, recData)); + } + } + + private void VerifyECKeyAgreeVectors( + AsymmetricKeyParameter privKey, + string wrapAlg, + byte[] message) + { + byte[] data = Hex.Decode("504b492d4320434d5320456e76656c6f706564446174612053616d706c65"); + + CmsEnvelopedData ed = new CmsEnvelopedData(message); + + RecipientInformationStore recipients = ed.GetRecipientInfos(); + + Assert.AreEqual(wrapAlg, ed.EncryptionAlgOid); + + ICollection c = recipients.GetRecipients(); + + Assert.AreEqual(1, c.Count); + + foreach (RecipientInformation recipient in c) + { + Assert.AreEqual("1.3.133.16.840.63.0.2", recipient.KeyEncryptionAlgOid); + + byte[] recData = recipient.GetContent(privKey); + + Assert.IsTrue(Arrays.AreEqual(data, recData)); + } + } + + private void VerifyECMqvKeyAgreeVectors( + AsymmetricKeyParameter privKey, + string wrapAlg, + byte[] message) + { + byte[] data = Hex.Decode("504b492d4320434d5320456e76656c6f706564446174612053616d706c65"); + + CmsEnvelopedData ed = new CmsEnvelopedData(message); + + RecipientInformationStore recipients = ed.GetRecipientInfos(); + + ICollection c = recipients.GetRecipients(); + + Assert.AreEqual(wrapAlg, ed.EncryptionAlgOid); + Assert.AreEqual(1, c.Count); + + foreach (RecipientInformation recipient in c) + { + Assert.AreEqual("1.3.133.16.840.63.0.16", recipient.KeyEncryptionAlgOid); + + byte[] recData = recipient.GetContent(privKey); + + Assert.IsTrue(Arrays.AreEqual(data, recData)); + } + } + } +} diff --git a/BouncyCastle/crypto/test/src/cms/test/MiscDataStreamTest.cs b/BouncyCastle/crypto/test/src/cms/test/MiscDataStreamTest.cs new file mode 100644 index 0000000..4cb1988 --- /dev/null +++ b/BouncyCastle/crypto/test/src/cms/test/MiscDataStreamTest.cs @@ -0,0 +1,218 @@ +using System; +using System.Collections; +using System.IO; +using System.Text; + +using NUnit.Framework; + +using Org.BouncyCastle.Asn1; +using Org.BouncyCastle.Asn1.Cms; +using Org.BouncyCastle.Asn1.Oiw; +using Org.BouncyCastle.Cms; +using Org.BouncyCastle.Crypto; +using Org.BouncyCastle.Security; +using Org.BouncyCastle.Utilities; +using Org.BouncyCastle.Utilities.Encoders; +using Org.BouncyCastle.Utilities.IO; +using Org.BouncyCastle.Utilities.Test; +using Org.BouncyCastle.X509; +using Org.BouncyCastle.X509.Store; + +namespace Org.BouncyCastle.Cms.Tests +{ + [TestFixture] + public class MiscDataStreamTest + { + private const string TestMessage = "Hello World!"; + private const string SignDN = "O=Bouncy Castle, C=AU"; + private static AsymmetricCipherKeyPair signKP; + private static X509Certificate signCert; + + private const string OrigDN = "CN=Bob, OU=Sales, O=Bouncy Castle, C=AU"; + private static AsymmetricCipherKeyPair origKP; + private static X509Certificate origCert; + + private const string ReciDN = "CN=Doug, OU=Sales, O=Bouncy Castle, C=AU"; + // private static AsymmetricCipherKeyPair reciKP; + // private static X509Certificate reciCert; + + private static AsymmetricCipherKeyPair origDsaKP; + private static X509Certificate origDsaCert; + + private static X509Crl signCrl; + private static X509Crl origCrl; + + private static AsymmetricCipherKeyPair SignKP + { + get { return signKP == null ? (signKP = CmsTestUtil.MakeKeyPair()) : signKP; } + } + + private static AsymmetricCipherKeyPair OrigKP + { + get { return origKP == null ? (origKP = CmsTestUtil.MakeKeyPair()) : origKP; } + } + + // private static AsymmetricCipherKeyPair ReciKP + // { + // get { return reciKP == null ? (reciKP = CmsTestUtil.MakeKeyPair()) : reciKP; } + // } + + private static AsymmetricCipherKeyPair OrigDsaKP + { + get { return origDsaKP == null ? (origDsaKP = CmsTestUtil.MakeDsaKeyPair()) : origDsaKP; } + } + + private static X509Certificate SignCert + { + get { return signCert == null ? (signCert = CmsTestUtil.MakeCertificate(SignKP, SignDN, SignKP, SignDN)) : signCert; } + } + + private static X509Certificate OrigCert + { + get { return origCert == null ? (origCert = CmsTestUtil.MakeCertificate(OrigKP, OrigDN, SignKP, SignDN)) : origCert; } + } + + // private static X509Certificate ReciCert + // { + // get { return reciCert == null ? (reciCert = CmsTestUtil.MakeCertificate(ReciKP, ReciDN, SignKP, SignDN)) : reciCert; } + // } + + private static X509Certificate OrigDsaCert + { + get { return origDsaCert == null ? (origDsaCert = CmsTestUtil.MakeCertificate(OrigDsaKP, OrigDN, SignKP, SignDN)) : origDsaCert; } + } + + private static X509Crl SignCrl + { + get { return signCrl == null ? (signCrl = CmsTestUtil.MakeCrl(SignKP)) : signCrl; } + } + + private static X509Crl OrigCrl + { + get { return origCrl == null ? (origCrl = CmsTestUtil.MakeCrl(OrigKP)) : origCrl; } + } + + private void VerifySignatures( + CmsSignedDataParser sp, + byte[] contentDigest) + { + IX509Store certStore = sp.GetCertificates("Collection"); + SignerInformationStore signers = sp.GetSignerInfos(); + + foreach (SignerInformation signer in signers.GetSigners()) + { + ICollection certCollection = certStore.GetMatches(signer.SignerID); + + IEnumerator certEnum = certCollection.GetEnumerator(); + + certEnum.MoveNext(); + X509Certificate cert = (X509Certificate) certEnum.Current; + + Assert.IsTrue(signer.Verify(cert)); + + if (contentDigest != null) + { + Assert.IsTrue(Arrays.AreEqual(contentDigest, signer.GetContentDigest())); + } + } + } + + private void VerifySignatures( + CmsSignedDataParser sp) + { + VerifySignatures(sp, null); + } + + private void VerifyEncodedData( + MemoryStream bOut) + { + CmsSignedDataParser sp = new CmsSignedDataParser(bOut.ToArray()); + + sp.GetSignedContent().Drain(); + + VerifySignatures(sp); + + sp.Close(); + } + + private void CheckSigParseable(byte[] sig) + { + CmsSignedDataParser sp = new CmsSignedDataParser(sig); + sp.Version.ToString(); + CmsTypedStream sc = sp.GetSignedContent(); + if (sc != null) + { + sc.Drain(); + } + sp.GetAttributeCertificates("Collection"); + sp.GetCertificates("Collection"); + sp.GetCrls("Collection"); + sp.GetSignerInfos(); + sp.Close(); + } + + [Test] + public void TestSha1WithRsa() + { + IList certList = new ArrayList(); + IList crlList = new ArrayList(); + MemoryStream bOut = new MemoryStream(); + + certList.Add(OrigCert); + certList.Add(SignCert); + + crlList.Add(SignCrl); + crlList.Add(OrigCrl); + + IX509Store x509Certs = X509StoreFactory.Create( + "Certificate/Collection", + new X509CollectionStoreParameters(certList)); + IX509Store x509Crls = X509StoreFactory.Create( + "CRL/Collection", + new X509CollectionStoreParameters(crlList)); + + CmsSignedDataStreamGenerator gen = new CmsSignedDataStreamGenerator(); + + gen.AddSigner(OrigKP.Private, OrigCert, CmsSignedDataStreamGenerator.DigestSha1); + + gen.AddCertificates(x509Certs); + gen.AddCrls(x509Crls); + + Stream sigOut = gen.Open(bOut); + + CmsCompressedDataStreamGenerator cGen = new CmsCompressedDataStreamGenerator(); + + Stream cOut = cGen.Open(sigOut, CmsCompressedDataStreamGenerator.ZLib); + + byte[] testBytes = Encoding.ASCII.GetBytes(TestMessage); + cOut.Write(testBytes, 0, testBytes.Length); + + cOut.Close(); + + sigOut.Close(); + + CheckSigParseable(bOut.ToArray()); + + // generate compressed stream + MemoryStream cDataOut = new MemoryStream(); + + cOut = cGen.Open(cDataOut, CmsCompressedDataStreamGenerator.ZLib); + + cOut.Write(testBytes, 0, testBytes.Length); + + cOut.Close(); + + CmsSignedDataParser sp = new CmsSignedDataParser( + new CmsTypedStream(new MemoryStream(cDataOut.ToArray(), false)), bOut.ToArray()); + + sp.GetSignedContent().Drain(); + + byte[] cDataOutBytes = cDataOut.ToArray(); + + // compute expected content digest + byte[] hash = DigestUtilities.CalculateDigest("SHA1", cDataOutBytes); + + VerifySignatures(sp, hash); + } + } +} diff --git a/BouncyCastle/crypto/test/src/cms/test/Rfc4134Test.cs b/BouncyCastle/crypto/test/src/cms/test/Rfc4134Test.cs new file mode 100644 index 0000000..3bfbd13 --- /dev/null +++ b/BouncyCastle/crypto/test/src/cms/test/Rfc4134Test.cs @@ -0,0 +1,344 @@ +using System; +using System.Collections; + +using NUnit.Framework; + +using Org.BouncyCastle.Asn1; +using Org.BouncyCastle.Asn1.Cms; +using Org.BouncyCastle.Asn1.Pkcs; +using Org.BouncyCastle.Crypto; +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Security; +using Org.BouncyCastle.Utilities; +using Org.BouncyCastle.Utilities.Encoders; +using Org.BouncyCastle.Utilities.IO; +using Org.BouncyCastle.Utilities.Test; +using Org.BouncyCastle.X509; +using Org.BouncyCastle.X509.Store; + +namespace Org.BouncyCastle.Cms.Tests +{ + [TestFixture] + public class Rfc4134Test + { + private static readonly byte[] exContent = GetRfc4134Data("ExContent.bin"); + private static readonly byte[] sha1 = Hex.Decode("406aec085279ba6e16022d9e0629c0229687dd48"); + + [Test] + public void Test4_1() + { + byte[] data = GetRfc4134Data("4.1.bin"); + CmsSignedData signedData = new CmsSignedData(data); + + VerifySignatures(signedData); + + CmsSignedDataParser parser = new CmsSignedDataParser(data); + + VerifySignatures(parser); + } + + [Test] + public void Test4_2() + { + byte[] data = GetRfc4134Data("4.2.bin"); + CmsSignedData signedData = new CmsSignedData(data); + + VerifySignatures(signedData); + + CmsSignedDataParser parser = new CmsSignedDataParser(data); + + VerifySignatures(parser); + } + + [Test] + public void Test4_3() + { + CmsProcessableByteArray unencap = new CmsProcessableByteArray(exContent); + byte[] data = GetRfc4134Data("4.3.bin"); + CmsSignedData signedData = new CmsSignedData(unencap, data); + + VerifySignatures(signedData, sha1); + + CmsSignedDataParser parser = new CmsSignedDataParser( + new CmsTypedStream(unencap.GetInputStream()), data); + + VerifySignatures(parser); + } + + [Test] + public void Test4_4() + { + byte[] data = GetRfc4134Data("4.4.bin"); + byte[] counterSigCert = GetRfc4134Data("AliceRSASignByCarl.cer"); + CmsSignedData signedData = new CmsSignedData(data); + + VerifySignatures(signedData, sha1); + + VerifySignerInfo4_4(GetFirstSignerInfo(signedData.GetSignerInfos()), counterSigCert); + + CmsSignedDataParser parser = new CmsSignedDataParser(data); + + VerifySignatures(parser); + + VerifySignerInfo4_4(GetFirstSignerInfo(parser.GetSignerInfos()), counterSigCert); + } + + [Test] + public void Test4_5() + { + byte[] data = GetRfc4134Data("4.5.bin"); + CmsSignedData signedData = new CmsSignedData(data); + + VerifySignatures(signedData); + + CmsSignedDataParser parser = new CmsSignedDataParser(data); + + VerifySignatures(parser); + } + + [Test] + public void Test4_6() + { + byte[] data = GetRfc4134Data("4.6.bin"); + CmsSignedData signedData = new CmsSignedData(data); + + VerifySignatures(signedData); + + CmsSignedDataParser parser = new CmsSignedDataParser(data); + + VerifySignatures(parser); + } + + [Test] + public void Test4_7() + { + byte[] data = GetRfc4134Data("4.7.bin"); + CmsSignedData signedData = new CmsSignedData(data); + + VerifySignatures(signedData); + + CmsSignedDataParser parser = new CmsSignedDataParser(data); + + VerifySignatures(parser); + } + + [Test] + public void Test5_1() + { + byte[] data = GetRfc4134Data("5.1.bin"); + CmsEnvelopedData envelopedData = new CmsEnvelopedData(data); + + VerifyEnvelopedData(envelopedData, CmsEnvelopedDataGenerator.DesEde3Cbc); + + CmsEnvelopedDataParser envelopedParser = new CmsEnvelopedDataParser(data); + + VerifyEnvelopedData(envelopedParser, CmsEnvelopedDataGenerator.DesEde3Cbc); + } + + [Test] + public void Test5_2() + { + byte[] data = GetRfc4134Data("5.2.bin"); + CmsEnvelopedData envelopedData = new CmsEnvelopedData(data); + + VerifyEnvelopedData(envelopedData, CmsEnvelopedDataGenerator.RC2Cbc); + + CmsEnvelopedDataParser envelopedParser = new CmsEnvelopedDataParser(data); + + VerifyEnvelopedData(envelopedParser, CmsEnvelopedDataGenerator.RC2Cbc); + } + + private void VerifyEnvelopedData(CmsEnvelopedData envelopedData, string symAlgorithmOID) + { + byte[] privKeyData = GetRfc4134Data("BobPrivRSAEncrypt.pri"); + AsymmetricKeyParameter privKey = PrivateKeyFactory.CreateKey(privKeyData); + Assert.IsTrue(privKey.IsPrivate); + Assert.IsTrue(privKey is RsaKeyParameters); + + RecipientInformationStore recipients = envelopedData.GetRecipientInfos(); + + Assert.AreEqual(envelopedData.EncryptionAlgOid, symAlgorithmOID); + + ArrayList c = new ArrayList(recipients.GetRecipients()); + Assert.LessOrEqual(1, c.Count); + Assert.GreaterOrEqual(2, c.Count); + + VerifyRecipient((RecipientInformation)c[0], privKey); + + if (c.Count == 2) + { + RecipientInformation recInfo = (RecipientInformation)c[1]; + + Assert.AreEqual(PkcsObjectIdentifiers.IdAlgCmsRC2Wrap.Id, recInfo.KeyEncryptionAlgOid); + } + } + + private void VerifyEnvelopedData(CmsEnvelopedDataParser envelopedParser, string symAlgorithmOID) + { + byte[] privKeyData = GetRfc4134Data("BobPrivRSAEncrypt.pri"); + AsymmetricKeyParameter privKey = PrivateKeyFactory.CreateKey(privKeyData); + Assert.IsTrue(privKey.IsPrivate); + Assert.IsTrue(privKey is RsaKeyParameters); + + RecipientInformationStore recipients = envelopedParser.GetRecipientInfos(); + + Assert.AreEqual(envelopedParser.EncryptionAlgOid, symAlgorithmOID); + + ArrayList c = new ArrayList(recipients.GetRecipients()); + Assert.LessOrEqual(1, c.Count); + Assert.GreaterOrEqual(2, c.Count); + + VerifyRecipient((RecipientInformation)c[0], privKey); + + if (c.Count == 2) + { + RecipientInformation recInfo = (RecipientInformation)c[1]; + + Assert.AreEqual(PkcsObjectIdentifiers.IdAlgCmsRC2Wrap.Id, recInfo.KeyEncryptionAlgOid); + } + } + + private void VerifyRecipient(RecipientInformation recipient, AsymmetricKeyParameter privKey) + { + Assert.IsTrue(privKey.IsPrivate); + + Assert.AreEqual(recipient.KeyEncryptionAlgOid, PkcsObjectIdentifiers.RsaEncryption.Id); + + byte[] recData = recipient.GetContent(privKey); + + Assert.IsTrue(Arrays.AreEqual(exContent, recData)); + } + + private void VerifySignerInfo4_4(SignerInformation signerInfo, byte[] counterSigCert) + { + VerifyCounterSignature(signerInfo, counterSigCert); + + VerifyContentHint(signerInfo); + } + + private SignerInformation GetFirstSignerInfo(SignerInformationStore store) + { + IEnumerator e = store.GetSigners().GetEnumerator(); + e.MoveNext(); + return (SignerInformation)e.Current; + } + + private void VerifyCounterSignature(SignerInformation signInfo, byte[] certificate) + { + SignerInformation csi = GetFirstSignerInfo(signInfo.GetCounterSignatures()); + + X509Certificate cert = new X509CertificateParser().ReadCertificate(certificate); + + Assert.IsTrue(csi.Verify(cert)); + } + + private void VerifyContentHint(SignerInformation signInfo) + { + Asn1.Cms.AttributeTable attrTable = signInfo.UnsignedAttributes; + + Asn1.Cms.Attribute attr = attrTable[CmsAttributes.ContentHint]; + + Assert.AreEqual(1, attr.AttrValues.Count); + + Asn1EncodableVector v = new Asn1EncodableVector( + new DerUtf8String("Content Hints Description Buffer"), + CmsObjectIdentifiers.Data); + + Assert.IsTrue(attr.AttrValues[0].Equals(new DerSequence(v))); + } + + private void VerifySignatures(CmsSignedData s, byte[] contentDigest) + { + IX509Store x509Certs = s.GetCertificates("Collection"); + IX509Store x509Crls = s.GetCrls("Collection"); + SignerInformationStore signers = s.GetSignerInfos(); + + foreach (SignerInformation signer in signers.GetSigners()) + { + ICollection certCollection = x509Certs.GetMatches(signer.SignerID); + + IEnumerator certEnum = certCollection.GetEnumerator(); + + certEnum.MoveNext(); + X509Certificate cert = (X509Certificate) certEnum.Current; + + VerifySigner(signer, cert); + + if (contentDigest != null) + { + Assert.IsTrue(Arrays.AreEqual(contentDigest, signer.GetContentDigest())); + } + } + + ICollection certColl = x509Certs.GetMatches(null); + ICollection crlColl = x509Crls.GetMatches(null); + + Assert.AreEqual(certColl.Count, s.GetCertificates("Collection").GetMatches(null).Count); + Assert.AreEqual(crlColl.Count, s.GetCrls("Collection").GetMatches(null).Count); + } + + private void VerifySignatures(CmsSignedData s) + { + VerifySignatures(s, null); + } + + private void VerifySignatures(CmsSignedDataParser sp) + { + CmsTypedStream sc = sp.GetSignedContent(); + if (sc != null) + { + sc.Drain(); + } + + IX509Store x509Certs = sp.GetCertificates("Collection"); + SignerInformationStore signers = sp.GetSignerInfos(); + + foreach (SignerInformation signer in signers.GetSigners()) + { + ICollection certCollection = x509Certs.GetMatches(signer.SignerID); + + IEnumerator certEnum = certCollection.GetEnumerator(); + certEnum.MoveNext(); + X509Certificate cert = (X509Certificate)certEnum.Current; + + VerifySigner(signer, cert); + } + } + + private void VerifySigner(SignerInformation signer, X509Certificate cert) + { + if (cert.GetPublicKey() is DsaPublicKeyParameters) + { + DsaPublicKeyParameters key = (DsaPublicKeyParameters)cert.GetPublicKey(); + + if (key.Parameters == null) + { + Assert.IsTrue(signer.Verify(GetInheritedKey(key))); + } + else + { + Assert.IsTrue(signer.Verify(cert)); + } + } + else + { + Assert.IsTrue(signer.Verify(cert)); + } + } + + private DsaPublicKeyParameters GetInheritedKey(DsaPublicKeyParameters dsaPubKey) + { + X509Certificate cert = new X509CertificateParser().ReadCertificate( + GetRfc4134Data("CarlDSSSelf.cer")); + + DsaParameters dsaParams = ((DsaPublicKeyParameters)cert.GetPublicKey()).Parameters; + + return new DsaPublicKeyParameters(dsaPubKey.Y, dsaParams); + } + + private static byte[] GetRfc4134Data(string name) + { + return Streams.ReadAll(SimpleTest.GetTestDataAsStream("rfc4134." + name)); + } + } +} diff --git a/BouncyCastle/crypto/test/src/cms/test/SignedDataStreamTest.cs b/BouncyCastle/crypto/test/src/cms/test/SignedDataStreamTest.cs new file mode 100644 index 0000000..2131938 --- /dev/null +++ b/BouncyCastle/crypto/test/src/cms/test/SignedDataStreamTest.cs @@ -0,0 +1,1013 @@ +using System; +using System.Collections; +using System.IO; +using System.Text; + +using NUnit.Framework; + +using Org.BouncyCastle.Asn1; +using Org.BouncyCastle.Asn1.Cms; +using Org.BouncyCastle.Asn1.Oiw; +using Org.BouncyCastle.Cms; +using Org.BouncyCastle.Crypto; +using Org.BouncyCastle.Security; +using Org.BouncyCastle.Utilities; +using Org.BouncyCastle.Utilities.Encoders; +using Org.BouncyCastle.Utilities.IO; +using Org.BouncyCastle.Utilities.Test; +using Org.BouncyCastle.X509; +using Org.BouncyCastle.X509.Store; + +namespace Org.BouncyCastle.Cms.Tests +{ + [TestFixture] + public class SignedDataStreamTest + { + private const string TestMessage = "Hello World!"; + private const string SignDN = "O=Bouncy Castle, C=AU"; + private static AsymmetricCipherKeyPair signKP; + private static X509Certificate signCert; + + private const string OrigDN = "CN=Bob, OU=Sales, O=Bouncy Castle, C=AU"; + private static AsymmetricCipherKeyPair origKP; + private static X509Certificate origCert; + + private const string ReciDN = "CN=Doug, OU=Sales, O=Bouncy Castle, C=AU"; +// private static AsymmetricCipherKeyPair reciKP; +// private static X509Certificate reciCert; + + private static AsymmetricCipherKeyPair origDsaKP; + private static X509Certificate origDsaCert; + + private static X509Crl signCrl; + private static X509Crl origCrl; + + private static AsymmetricCipherKeyPair SignKP + { + get { return signKP == null ? (signKP = CmsTestUtil.MakeKeyPair()) : signKP; } + } + + private static AsymmetricCipherKeyPair OrigKP + { + get { return origKP == null ? (origKP = CmsTestUtil.MakeKeyPair()) : origKP; } + } + +// private static AsymmetricCipherKeyPair ReciKP +// { +// get { return reciKP == null ? (reciKP = CmsTestUtil.MakeKeyPair()) : reciKP; } +// } + + private static AsymmetricCipherKeyPair OrigDsaKP + { + get { return origDsaKP == null ? (origDsaKP = CmsTestUtil.MakeDsaKeyPair()) : origDsaKP; } + } + + private static X509Certificate SignCert + { + get { return signCert == null ? (signCert = CmsTestUtil.MakeCertificate(SignKP, SignDN, SignKP, SignDN)) : signCert; } + } + + private static X509Certificate OrigCert + { + get { return origCert == null ? (origCert = CmsTestUtil.MakeCertificate(OrigKP, OrigDN, SignKP, SignDN)) : origCert; } + } + +// private static X509Certificate ReciCert +// { +// get { return reciCert == null ? (reciCert = CmsTestUtil.MakeCertificate(ReciKP, ReciDN, SignKP, SignDN)) : reciCert; } +// } + + private static X509Certificate OrigDsaCert + { + get { return origDsaCert == null ? (origDsaCert = CmsTestUtil.MakeCertificate(OrigDsaKP, OrigDN, SignKP, SignDN)) : origDsaCert; } + } + + private static X509Crl SignCrl + { + get { return signCrl == null ? (signCrl = CmsTestUtil.MakeCrl(SignKP)) : signCrl; } + } + + private static X509Crl OrigCrl + { + get { return origCrl == null ? (origCrl = CmsTestUtil.MakeCrl(OrigKP)) : origCrl; } + } + + private void VerifySignatures( + CmsSignedDataParser sp, + byte[] contentDigest) + { + IX509Store certStore = sp.GetCertificates("Collection"); + SignerInformationStore signers = sp.GetSignerInfos(); + + foreach (SignerInformation signer in signers.GetSigners()) + { + ICollection certCollection = certStore.GetMatches(signer.SignerID); + + IEnumerator certEnum = certCollection.GetEnumerator(); + + certEnum.MoveNext(); + X509Certificate cert = (X509Certificate) certEnum.Current; + + Assert.IsTrue(signer.Verify(cert)); + + if (contentDigest != null) + { + Assert.IsTrue(Arrays.AreEqual(contentDigest, signer.GetContentDigest())); + } + } + } + + private void VerifySignatures( + CmsSignedDataParser sp) + { + VerifySignatures(sp, null); + } + + private void VerifyEncodedData( + MemoryStream bOut) + { + CmsSignedDataParser sp = new CmsSignedDataParser(bOut.ToArray()); + + sp.GetSignedContent().Drain(); + + VerifySignatures(sp); + + sp.Close(); + } + + private void CheckSigParseable(byte[] sig) + { + CmsSignedDataParser sp = new CmsSignedDataParser(sig); + sp.Version.ToString(); + CmsTypedStream sc = sp.GetSignedContent(); + if (sc != null) + { + sc.Drain(); + } + sp.GetAttributeCertificates("Collection"); + sp.GetCertificates("Collection"); + sp.GetCrls("Collection"); + sp.GetSignerInfos(); + sp.Close(); + } + + [Test] + public void TestEarlyInvalidKeyException() + { + try + { + CmsSignedDataStreamGenerator gen = new CmsSignedDataStreamGenerator(); + gen.AddSigner(OrigKP.Private, OrigCert, + "DSA", // DOESN'T MATCH KEY ALG + CmsSignedDataStreamGenerator.DigestSha1); + + Assert.Fail("Expected InvalidKeyException in AddSigner"); + } + catch (InvalidKeyException) + { + // Ignore + } + } + + [Test] + public void TestEarlyNoSuchAlgorithmException() + { + try + { + CmsSignedDataStreamGenerator gen = new CmsSignedDataStreamGenerator(); + gen.AddSigner(OrigKP.Private, OrigCert, + CmsSignedDataStreamGenerator.DigestSha1, // BAD OID! + CmsSignedDataStreamGenerator.DigestSha1); + + Assert.Fail("Expected NoSuchAlgorithmException in AddSigner"); + } + catch (SecurityUtilityException) + { + // Ignore + } + } + + [Test] + public void TestSha1EncapsulatedSignature() + { + byte[] encapSigData = Base64.Decode( + "MIAGCSqGSIb3DQEHAqCAMIACAQExCzAJBgUrDgMCGgUAMIAGCSqGSIb3DQEH" + + "AaCAJIAEDEhlbGxvIFdvcmxkIQAAAAAAAKCCBGIwggINMIIBdqADAgECAgEF" + + "MA0GCSqGSIb3DQEBBAUAMCUxFjAUBgNVBAoTDUJvdW5jeSBDYXN0bGUxCzAJ" + + "BgNVBAYTAkFVMB4XDTA1MDgwNzA2MjU1OVoXDTA1MTExNTA2MjU1OVowJTEW" + + "MBQGA1UEChMNQm91bmN5IENhc3RsZTELMAkGA1UEBhMCQVUwgZ8wDQYJKoZI" + + "hvcNAQEBBQADgY0AMIGJAoGBAI1fZGgH9wgC3QiK6yluH6DlLDkXkxYYL+Qf" + + "nVRszJVYl0LIxZdpb7WEbVpO8fwtEgFtoDsOdxyqh3dTBv+L7NVD/v46kdPt" + + "xVkSNHRbutJVY8Xn4/TC/CDngqtbpbniMO8n0GiB6vs94gBT20M34j96O2IF" + + "73feNHP+x8PkJ+dNAgMBAAGjTTBLMB0GA1UdDgQWBBQ3XUfEE6+D+t+LIJgK" + + "ESSUE58eyzAfBgNVHSMEGDAWgBQ3XUfEE6+D+t+LIJgKESSUE58eyzAJBgNV" + + "HRMEAjAAMA0GCSqGSIb3DQEBBAUAA4GBAFK3r1stYOeXYJOlOyNGDTWEhZ+a" + + "OYdFeFaS6c+InjotHuFLAy+QsS8PslE48zYNFEqYygGfLhZDLlSnJ/LAUTqF" + + "01vlp+Bgn/JYiJazwi5WiiOTf7Th6eNjHFKXS3hfSGPNPIOjvicAp3ce3ehs" + + "uK0MxgLAaxievzhFfJcGSUMDMIICTTCCAbagAwIBAgIBBzANBgkqhkiG9w0B" + + "AQQFADAlMRYwFAYDVQQKEw1Cb3VuY3kgQ2FzdGxlMQswCQYDVQQGEwJBVTAe" + + "Fw0wNTA4MDcwNjI1NTlaFw0wNTExMTUwNjI1NTlaMGUxGDAWBgNVBAMTD0Vy" + + "aWMgSC4gRWNoaWRuYTEkMCIGCSqGSIb3DQEJARYVZXJpY0Bib3VuY3ljYXN0" + + "bGUub3JnMRYwFAYDVQQKEw1Cb3VuY3kgQ2FzdGxlMQswCQYDVQQGEwJBVTCB" + + "nzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAgHCJyfwV6/V3kqSu2SOU2E/K" + + "I+N0XohCMUaxPLLNtNBZ3ijxwaV6JGFz7siTgZD/OGfzir/eZimkt+L1iXQn" + + "OAB+ZChivKvHtX+dFFC7Vq+E4Uy0Ftqc/wrGxE6DHb5BR0hprKH8wlDS8wSP" + + "zxovgk4nH0ffUZOoDSuUgjh3gG8CAwEAAaNNMEswHQYDVR0OBBYEFLfY/4EG" + + "mYrvJa7Cky+K9BJ7YmERMB8GA1UdIwQYMBaAFDddR8QTr4P634sgmAoRJJQT" + + "nx7LMAkGA1UdEwQCMAAwDQYJKoZIhvcNAQEEBQADgYEADIOmpMd6UHdMjkyc" + + "mIE1yiwfClCsGhCK9FigTg6U1G2FmkBwJIMWBlkeH15uvepsAncsgK+Cn3Zr" + + "dZMb022mwtTJDtcaOM+SNeuCnjdowZ4i71Hf68siPm6sMlZkhz49rA0Yidoo" + + "WuzYOO+dggzwDsMldSsvsDo/ARyCGOulDOAxggEvMIIBKwIBATAqMCUxFjAU" + + "BgNVBAoTDUJvdW5jeSBDYXN0bGUxCzAJBgNVBAYTAkFVAgEHMAkGBSsOAwIa" + + "BQCgXTAYBgkqhkiG9w0BCQMxCwYJKoZIhvcNAQcBMBwGCSqGSIb3DQEJBTEP" + + "Fw0wNTA4MDcwNjI1NTlaMCMGCSqGSIb3DQEJBDEWBBQu973mCM5UBOl9XwQv" + + "lfifHCMocTANBgkqhkiG9w0BAQEFAASBgGxnBl2qozYKLgZ0ygqSFgWcRGl1" + + "LgNuE587LtO+EKkgoc3aFqEdjXlAyP8K7naRsvWnFrsB6pUpnrgI9Z8ZSKv8" + + "98IlpsSSJ0jBlEb4gzzavwcBpYbr2ryOtDcF+kYmKIpScglyyoLzm+KPXOoT" + + "n7MsJMoKN3Kd2Vzh6s10PFgeAAAAAAAA"); + + CmsSignedDataParser sp = new CmsSignedDataParser(encapSigData); + + sp.GetSignedContent().Drain(); + + VerifySignatures(sp); + } + + //[Test] + //public void TestSha1WithRsaNoAttributes() + //{ + // CmsProcessable msg = new CmsProcessableByteArray(Encoding.ASCII.GetBytes(TestMessage)); + + // IX509Store x509Certs = CmsTestUtil.MakeCertStore(OrigCert, SignCert); + + // CmsSignedDataGenerator gen = new CmsSignedDataGenerator(); + // gen.AddSigner(OrigKP.Private, OrigCert, CmsSignedDataGenerator.DigestSha1); + // gen.AddCertificates(x509Certs); + + // CmsSignedData s = gen.Generate(CmsSignedDataGenerator.Data, msg, false, false); + + // CmsSignedDataParser sp = new CmsSignedDataParser( + // new CmsTypedStream(new MemoryStream(Encoding.ASCII.GetBytes(TestMessage), false)), s.GetEncoded()); + + // sp.GetSignedContent().Drain(); + + // byte[] testBytes = Encoding.ASCII.GetBytes(TestMessage); + + // // compute expected content digest + // byte[] hash = DigestUtilities.CalculateDigest("SHA1", testBytes); + + // VerifySignatures(sp, hash); + //} + + //[Test] + //public void TestDsaNoAttributes() + //{ + // CmsProcessable msg = new CmsProcessableByteArray(Encoding.ASCII.GetBytes(TestMessage)); + + // IX509Store x509Certs = CmsTestUtil.MakeCertStore(OrigDsaCert, SignCert); + + // CmsSignedDataGenerator gen = new CmsSignedDataGenerator(); + // gen.AddSigner(OrigDsaKP.Private, OrigDsaCert, CmsSignedDataGenerator.DigestSha1); + // gen.AddCertificates(x509Certs); + + // CmsSignedData s = gen.Generate(CmsSignedDataGenerator.Data, msg, false, false); + + // CmsSignedDataParser sp = new CmsSignedDataParser( + // new CmsTypedStream( + // new MemoryStream(Encoding.ASCII.GetBytes(TestMessage), false)), + // s.GetEncoded()); + + // sp.GetSignedContent().Drain(); + + // byte[] testBytes = Encoding.ASCII.GetBytes(TestMessage); + + // // compute expected content digest + // byte[] hash = DigestUtilities.CalculateDigest("SHA1", testBytes); + + // VerifySignatures(sp, hash); + //} + + [Test] + public void TestSha1WithRsa() + { + MemoryStream bOut = new MemoryStream(); + + IX509Store x509Certs = CmsTestUtil.MakeCertStore(OrigCert, SignCert); + IX509Store x509Crls = CmsTestUtil.MakeCrlStore(SignCrl, OrigCrl); + + CmsSignedDataStreamGenerator gen = new CmsSignedDataStreamGenerator(); + gen.AddSigner(OrigKP.Private, OrigCert, CmsSignedDataStreamGenerator.DigestSha1); + gen.AddCertificates(x509Certs); + gen.AddCrls(x509Crls); + + Stream sigOut = gen.Open(bOut); + + byte[] testBytes = Encoding.ASCII.GetBytes(TestMessage); + sigOut.Write(testBytes, 0, testBytes.Length); + + sigOut.Close(); + + CheckSigParseable(bOut.ToArray()); + + CmsSignedDataParser sp = new CmsSignedDataParser( + new CmsTypedStream(new MemoryStream(testBytes, false)), bOut.ToArray()); + + sp.GetSignedContent().Drain(); + + // compute expected content digest + byte[] hash = DigestUtilities.CalculateDigest("SHA1", testBytes); + + VerifySignatures(sp, hash); + + // + // try using existing signer + // + gen = new CmsSignedDataStreamGenerator(); + gen.AddSigners(sp.GetSignerInfos()); + gen.AddCertificates(sp.GetCertificates("Collection")); + gen.AddCrls(sp.GetCrls("Collection")); + + bOut.SetLength(0); + + sigOut = gen.Open(bOut, true); + sigOut.Write(testBytes, 0, testBytes.Length); + sigOut.Close(); + + VerifyEncodedData(bOut); + + // + // look for the CRLs + // + ArrayList col = new ArrayList(x509Crls.GetMatches(null)); + + Assert.AreEqual(2, col.Count); + Assert.IsTrue(col.Contains(SignCrl)); + Assert.IsTrue(col.Contains(OrigCrl)); + } + + [Test] + public void TestSha1WithRsaNonData() + { + MemoryStream bOut = new MemoryStream(); + + IX509Store x509Certs = CmsTestUtil.MakeCertStore(OrigCert, SignCert); + IX509Store x509Crls = CmsTestUtil.MakeCrlStore(SignCrl, OrigCrl); + + CmsSignedDataStreamGenerator gen = new CmsSignedDataStreamGenerator(); + gen.AddSigner(OrigKP.Private, OrigCert, CmsSignedDataStreamGenerator.DigestSha1); + gen.AddCertificates(x509Certs); + gen.AddCrls(x509Crls); + + byte[] testBytes = Encoding.ASCII.GetBytes(TestMessage); + + Stream sigOut = gen.Open(bOut, "1.2.3.4", true); + sigOut.Write(testBytes, 0, testBytes.Length); + sigOut.Close(); + + CmsSignedDataParser sp = new CmsSignedDataParser(bOut.ToArray()); + + CmsTypedStream stream = sp.GetSignedContent(); + + Assert.AreEqual("1.2.3.4", stream.ContentType); + + stream.Drain(); + + // compute expected content digest + byte[] hash = DigestUtilities.CalculateDigest("SHA1", testBytes); + + VerifySignatures(sp, hash); + } + + [Test] + public void TestSha1AndMD5WithRsa() + { + MemoryStream bOut = new MemoryStream(); + + IX509Store x509Certs = CmsTestUtil.MakeCertStore(OrigCert, SignCert); + + CmsSignedDataStreamGenerator gen = new CmsSignedDataStreamGenerator(); + gen.AddDigests(CmsSignedDataStreamGenerator.DigestSha1, + CmsSignedDataStreamGenerator.DigestMD5); + + byte[] testBytes = Encoding.ASCII.GetBytes(TestMessage); + + Stream sigOut = gen.Open(bOut); + sigOut.Write(testBytes, 0, testBytes.Length); + + gen.AddCertificates(x509Certs); + gen.AddSigner(OrigKP.Private, OrigCert, CmsSignedDataStreamGenerator.DigestSha1); + gen.AddSigner(OrigKP.Private, OrigCert, CmsSignedDataStreamGenerator.DigestMD5); + + sigOut.Close(); + + CheckSigParseable(bOut.ToArray()); + + CmsSignedDataParser sp = new CmsSignedDataParser( + new CmsTypedStream(new MemoryStream(testBytes, false)), bOut.ToArray()); + + sp.GetSignedContent().Drain(); + + VerifySignatures(sp); + } + + [Test] + public void TestSha1WithRsaEncapsulatedBufferedStream() + { + MemoryStream bOut = new MemoryStream(); + + IX509Store x509Certs = CmsTestUtil.MakeCertStore(OrigCert, SignCert); + + // + // find unbuffered length + // + CmsSignedDataStreamGenerator gen = new CmsSignedDataStreamGenerator(); + gen.AddSigner(OrigKP.Private, OrigCert, CmsSignedDataStreamGenerator.DigestSha1); + gen.AddCertificates(x509Certs); + + Stream sigOut = gen.Open(bOut, true); + for (int i = 0; i != 2000; i++) + { + sigOut.WriteByte((byte)(i & 0xff)); + } + sigOut.Close(); + + CmsSignedDataParser sp = new CmsSignedDataParser(bOut.ToArray()); + + sp.GetSignedContent().Drain(); + + VerifySignatures(sp); + + int unbufferedLength = bOut.ToArray().Length; + + // + // find buffered length with buffered stream - should be equal + // + bOut.SetLength(0); + + gen = new CmsSignedDataStreamGenerator(); + gen.AddSigner(OrigKP.Private, OrigCert, CmsSignedDataStreamGenerator.DigestSha1); + gen.AddCertificates(x509Certs); + + sigOut = gen.Open(bOut, true); + + byte[] data = new byte[2000]; + for (int i = 0; i != 2000; i++) + { + data[i] = (byte)(i & 0xff); + } + + Streams.PipeAll(new MemoryStream(data, false), sigOut); + sigOut.Close(); + + VerifyEncodedData(bOut); + + Assert.AreEqual(unbufferedLength, bOut.ToArray().Length); + } + + [Test] + public void TestSha1WithRsaEncapsulatedBuffered() + { + MemoryStream bOut = new MemoryStream(); + + IX509Store x509Certs = CmsTestUtil.MakeCertStore(OrigCert, SignCert); + + // + // find unbuffered length + // + CmsSignedDataStreamGenerator gen = new CmsSignedDataStreamGenerator(); + gen.AddSigner(OrigKP.Private, OrigCert, CmsSignedDataStreamGenerator.DigestSha1); + gen.AddCertificates(x509Certs); + + Stream sigOut = gen.Open(bOut, true); + + for (int i = 0; i != 2000; i++) + { + sigOut.WriteByte((byte)(i & 0xff)); + } + + sigOut.Close(); + + CmsSignedDataParser sp = new CmsSignedDataParser(bOut.ToArray()); + + sp.GetSignedContent().Drain(); + + VerifySignatures(sp); + + int unbufferedLength = bOut.ToArray().Length; + + // + // find buffered length - buffer size less than default + // + bOut.SetLength(0); + + gen = new CmsSignedDataStreamGenerator(); + gen.SetBufferSize(300); + gen.AddSigner(OrigKP.Private, OrigCert, CmsSignedDataStreamGenerator.DigestSha1); + gen.AddCertificates(x509Certs); + + sigOut = gen.Open(bOut, true); + + for (int i = 0; i != 2000; i++) + { + sigOut.WriteByte((byte)(i & 0xff)); + } + + sigOut.Close(); + + VerifyEncodedData(bOut); + + Assert.IsTrue(unbufferedLength < bOut.ToArray().Length); + } + + [Test] + public void TestSha1WithRsaEncapsulated() + { + MemoryStream bOut = new MemoryStream(); + + IX509Store x509Certs = CmsTestUtil.MakeCertStore(OrigCert, SignCert); + + CmsSignedDataStreamGenerator gen = new CmsSignedDataStreamGenerator(); + gen.AddSigner(OrigKP.Private, OrigCert, CmsSignedDataStreamGenerator.DigestSha1); + gen.AddCertificates(x509Certs); + + byte[] testBytes = Encoding.ASCII.GetBytes(TestMessage); + + Stream sigOut = gen.Open(bOut, true); + sigOut.Write(testBytes, 0, testBytes.Length); + sigOut.Close(); + + CmsSignedDataParser sp = new CmsSignedDataParser(bOut.ToArray()); + + sp.GetSignedContent().Drain(); + + VerifySignatures(sp); + + byte[] contentDigest = (byte[])gen.GetGeneratedDigests()[CmsSignedGenerator.DigestSha1]; + + ArrayList signers = new ArrayList(sp.GetSignerInfos().GetSigners()); + + AttributeTable table = ((SignerInformation) signers[0]).SignedAttributes; + Asn1.Cms.Attribute hash = table[CmsAttributes.MessageDigest]; + + Assert.IsTrue(Arrays.AreEqual(contentDigest, ((Asn1OctetString)hash.AttrValues[0]).GetOctets())); + + // + // try using existing signer + // + gen = new CmsSignedDataStreamGenerator(); + gen.AddSigners(sp.GetSignerInfos()); + gen.AddCertificates(sp.GetCertificates("Collection")); + gen.AddCrls(sp.GetCrls("Collection")); + + bOut.SetLength(0); + + sigOut = gen.Open(bOut, true); + sigOut.Write(testBytes, 0, testBytes.Length); + sigOut.Close(); + + CmsSignedData sd = new CmsSignedData( + new CmsProcessableByteArray(testBytes), bOut.ToArray()); + + Assert.AreEqual(1, sd.GetSignerInfos().GetSigners().Count); + + VerifyEncodedData(bOut); + } + + private static readonly DerObjectIdentifier dummyOid1 = new DerObjectIdentifier("1.2.3"); + private static readonly DerObjectIdentifier dummyOid2 = new DerObjectIdentifier("1.2.3.4"); + + private class SignedGenAttributeTableGenerator + : DefaultSignedAttributeTableGenerator + { + public override AttributeTable GetAttributes( + IDictionary parameters) + { + IDictionary table = createStandardAttributeTable(parameters); + + DerOctetString val = new DerOctetString((byte[])parameters[CmsAttributeTableParameter.Digest]); + Asn1.Cms.Attribute attr = new Asn1.Cms.Attribute(dummyOid1, new DerSet(val)); + + table[attr.AttrType] = attr; + + return new AttributeTable(table); + } + }; + + private class UnsignedGenAttributeTableGenerator + : CmsAttributeTableGenerator + { + public AttributeTable GetAttributes( + IDictionary parameters) + { + DerOctetString val = new DerOctetString((byte[])parameters[CmsAttributeTableParameter.Signature]); + Asn1.Cms.Attribute attr = new Asn1.Cms.Attribute(dummyOid2, new DerSet(val)); + + return new AttributeTable(new DerSet(attr)); + } + }; + + [Test] + public void TestSha1WithRsaEncapsulatedSubjectKeyID() + { + MemoryStream bOut = new MemoryStream(); + + IX509Store x509Certs = CmsTestUtil.MakeCertStore(OrigCert, SignCert); + + CmsSignedDataStreamGenerator gen = new CmsSignedDataStreamGenerator(); + gen.AddSigner(OrigKP.Private, + CmsTestUtil.CreateSubjectKeyId(OrigCert.GetPublicKey()).GetKeyIdentifier(), + CmsSignedDataStreamGenerator.DigestSha1); + gen.AddCertificates(x509Certs); + + byte[] testBytes = Encoding.ASCII.GetBytes(TestMessage); + + Stream sigOut = gen.Open(bOut, true); + sigOut.Write(testBytes, 0, testBytes.Length); + sigOut.Close(); + + CmsSignedDataParser sp = new CmsSignedDataParser(bOut.ToArray()); + + sp.GetSignedContent().Drain(); + + VerifySignatures(sp); + + byte[] contentDigest = (byte[])gen.GetGeneratedDigests()[CmsSignedGenerator.DigestSha1]; + + ArrayList signers = new ArrayList(sp.GetSignerInfos().GetSigners()); + + AttributeTable table = ((SignerInformation) signers[0]).SignedAttributes; + Asn1.Cms.Attribute hash = table[CmsAttributes.MessageDigest]; + + Assert.IsTrue(Arrays.AreEqual(contentDigest, ((Asn1OctetString)hash.AttrValues[0]).GetOctets())); + + // + // try using existing signer + // + gen = new CmsSignedDataStreamGenerator(); + gen.AddSigners(sp.GetSignerInfos()); +// gen.AddCertificatesAndCRLs(sp.GetCertificatesAndCrls("Collection", "BC")); + gen.AddCertificates(sp.GetCertificates("Collection")); + + bOut.SetLength(0); + + sigOut = gen.Open(bOut, true); + sigOut.Write(testBytes, 0, testBytes.Length); + sigOut.Close(); + + CmsSignedData sd = new CmsSignedData(new CmsProcessableByteArray(testBytes), bOut.ToArray()); + + Assert.AreEqual(1, sd.GetSignerInfos().GetSigners().Count); + + VerifyEncodedData(bOut); + } + + [Test] + public void TestAttributeGenerators() + { + MemoryStream bOut = new MemoryStream(); + + IX509Store x509Certs = CmsTestUtil.MakeCertStore(OrigCert, SignCert); + + CmsAttributeTableGenerator signedGen = new SignedGenAttributeTableGenerator(); + CmsAttributeTableGenerator unsignedGen = new UnsignedGenAttributeTableGenerator(); + + CmsSignedDataStreamGenerator gen = new CmsSignedDataStreamGenerator(); + gen.AddSigner(OrigKP.Private, OrigCert, + CmsSignedDataStreamGenerator.DigestSha1, signedGen, unsignedGen); + gen.AddCertificates(x509Certs); + + byte[] testBytes = Encoding.ASCII.GetBytes(TestMessage); + + Stream sigOut = gen.Open(bOut, true); + sigOut.Write(testBytes, 0, testBytes.Length); + sigOut.Close(); + + CmsSignedDataParser sp = new CmsSignedDataParser(bOut.ToArray()); + + sp.GetSignedContent().Drain(); + + VerifySignatures(sp); + + // + // check attributes + // + SignerInformationStore signers = sp.GetSignerInfos(); + + foreach (SignerInformation signer in signers.GetSigners()) + { + CheckAttribute(signer.GetContentDigest(), signer.SignedAttributes[dummyOid1]); + CheckAttribute(signer.GetSignature(), signer.UnsignedAttributes[dummyOid2]); + } + } + + private void CheckAttribute(byte[] expected, Asn1.Cms.Attribute attr) + { + DerOctetString value = (DerOctetString)attr.AttrValues[0]; + + Assert.AreEqual(new DerOctetString(expected), value); + } + + [Test] + public void TestWithAttributeCertificate() + { + IX509Store x509Certs = CmsTestUtil.MakeCertStore(SignCert); + + CmsSignedDataStreamGenerator gen = new CmsSignedDataStreamGenerator(); + gen.AddSigner(OrigKP.Private, OrigCert, CmsSignedDataGenerator.DigestSha1); + gen.AddCertificates(x509Certs); + + IX509AttributeCertificate attrCert = CmsTestUtil.GetAttributeCertificate(); + + IX509Store store = CmsTestUtil.MakeAttrCertStore(attrCert); + + gen.AddAttributeCertificates(store); + + MemoryStream bOut = new MemoryStream(); + + byte[] testBytes = Encoding.ASCII.GetBytes(TestMessage); + + Stream sigOut = gen.Open(bOut, true); + sigOut.Write(testBytes, 0, testBytes.Length); + sigOut.Close(); + + CmsSignedDataParser sp = new CmsSignedDataParser(bOut.ToArray()); + + sp.GetSignedContent().Drain(); + + Assert.AreEqual(4, sp.Version); + + store = sp.GetAttributeCertificates("Collection"); + + ArrayList coll = new ArrayList(store.GetMatches(null)); + + Assert.AreEqual(1, coll.Count); + + Assert.IsTrue(coll.Contains(attrCert)); + } + + [Test] + public void TestSignerStoreReplacement() + { + MemoryStream bOut = new MemoryStream(); + byte[] data = Encoding.ASCII.GetBytes(TestMessage); + + IX509Store x509Certs = CmsTestUtil.MakeCertStore(OrigCert, SignCert); + + CmsSignedDataStreamGenerator gen = new CmsSignedDataStreamGenerator(); + gen.AddSigner(OrigKP.Private, OrigCert, CmsSignedDataStreamGenerator.DigestSha1); + gen.AddCertificates(x509Certs); + + Stream sigOut = gen.Open(bOut, false); + sigOut.Write(data, 0, data.Length); + sigOut.Close(); + + CheckSigParseable(bOut.ToArray()); + + // + // create new Signer + // + MemoryStream original = new MemoryStream(bOut.ToArray(), false); + + bOut.SetLength(0); + + gen = new CmsSignedDataStreamGenerator(); + gen.AddSigner(OrigKP.Private, OrigCert, CmsSignedDataStreamGenerator.DigestSha224); + + gen.AddCertificates(x509Certs); + + sigOut = gen.Open(bOut); + sigOut.Write(data, 0, data.Length); + sigOut.Close(); + + CheckSigParseable(bOut.ToArray()); + + CmsSignedData sd = new CmsSignedData(bOut.ToArray()); + + // + // replace signer + // + MemoryStream newOut = new MemoryStream(); + + CmsSignedDataParser.ReplaceSigners(original, sd.GetSignerInfos(), newOut); + + sd = new CmsSignedData(new CmsProcessableByteArray(data), newOut.ToArray()); + + IEnumerator signerEnum = sd.GetSignerInfos().GetSigners().GetEnumerator(); + signerEnum.MoveNext(); + SignerInformation signer = (SignerInformation)signerEnum.Current; + + Assert.AreEqual(signer.DigestAlgOid, CmsSignedDataStreamGenerator.DigestSha224); + + CmsSignedDataParser sp = new CmsSignedDataParser(new CmsTypedStream( + new MemoryStream(data, false)), newOut.ToArray()); + + sp.GetSignedContent().Drain(); + + VerifySignatures(sp); + } + + [Test] + public void TestEncapsulatedSignerStoreReplacement() + { + MemoryStream bOut = new MemoryStream(); + + IX509Store x509Certs = CmsTestUtil.MakeCertStore(OrigCert, SignCert); + + CmsSignedDataStreamGenerator gen = new CmsSignedDataStreamGenerator(); + gen.AddSigner(OrigKP.Private, OrigCert, CmsSignedDataStreamGenerator.DigestSha1); + gen.AddCertificates(x509Certs); + + byte[] testBytes = Encoding.ASCII.GetBytes(TestMessage); + + Stream sigOut = gen.Open(bOut, true); + sigOut.Write(testBytes, 0, testBytes.Length); + sigOut.Close(); + + // + // create new Signer + // + MemoryStream original = new MemoryStream(bOut.ToArray(), false); + + bOut.SetLength(0); + + gen = new CmsSignedDataStreamGenerator(); + gen.AddSigner(OrigKP.Private, OrigCert, CmsSignedDataStreamGenerator.DigestSha224); + gen.AddCertificates(x509Certs); + + sigOut = gen.Open(bOut, true); + sigOut.Write(testBytes, 0, testBytes.Length); + sigOut.Close(); + + CmsSignedData sd = new CmsSignedData(bOut.ToArray()); + + // + // replace signer + // + MemoryStream newOut = new MemoryStream(); + + CmsSignedDataParser.ReplaceSigners(original, sd.GetSignerInfos(), newOut); + + sd = new CmsSignedData(newOut.ToArray()); + + IEnumerator signerEnum = sd.GetSignerInfos().GetSigners().GetEnumerator(); + signerEnum.MoveNext(); + SignerInformation signer = (SignerInformation) signerEnum.Current; + + Assert.AreEqual(signer.DigestAlgOid, CmsSignedDataStreamGenerator.DigestSha224); + + CmsSignedDataParser sp = new CmsSignedDataParser(newOut.ToArray()); + + sp.GetSignedContent().Drain(); + + VerifySignatures(sp); + } + + [Test] + public void TestCertStoreReplacement() + { + MemoryStream bOut = new MemoryStream(); + byte[] data = Encoding.ASCII.GetBytes(TestMessage); + + IX509Store x509Certs = CmsTestUtil.MakeCertStore(OrigDsaCert); + + CmsSignedDataStreamGenerator gen = new CmsSignedDataStreamGenerator(); + gen.AddSigner(OrigKP.Private, OrigCert, CmsSignedDataStreamGenerator.DigestSha1); + gen.AddCertificates(x509Certs); + + Stream sigOut = gen.Open(bOut); + sigOut.Write(data, 0, data.Length); + sigOut.Close(); + + CheckSigParseable(bOut.ToArray()); + + // + // create new certstore with the right certificates + // + x509Certs = CmsTestUtil.MakeCertStore(OrigCert, SignCert); + + // + // replace certs + // + MemoryStream original = new MemoryStream(bOut.ToArray(), false); + MemoryStream newOut = new MemoryStream(); + + CmsSignedDataParser.ReplaceCertificatesAndCrls(original, x509Certs, null, null, newOut); + + CmsSignedDataParser sp = new CmsSignedDataParser(new CmsTypedStream(new MemoryStream(data, false)), newOut.ToArray()); + + sp.GetSignedContent().Drain(); + + VerifySignatures(sp); + } + + [Test] + public void TestEncapsulatedCertStoreReplacement() + { + MemoryStream bOut = new MemoryStream(); + + IX509Store x509Certs = CmsTestUtil.MakeCertStore(OrigDsaCert); + + CmsSignedDataStreamGenerator gen = new CmsSignedDataStreamGenerator(); + + gen.AddSigner(OrigKP.Private, OrigCert, CmsSignedDataStreamGenerator.DigestSha1); + + gen.AddCertificates(x509Certs); + + Stream sigOut = gen.Open(bOut, true); + + byte[] testBytes = Encoding.ASCII.GetBytes(TestMessage); + sigOut.Write(testBytes, 0, testBytes.Length); + + sigOut.Close(); + + // + // create new certstore with the right certificates + // + x509Certs = CmsTestUtil.MakeCertStore(OrigCert, SignCert); + + // + // replace certs + // + MemoryStream original = new MemoryStream(bOut.ToArray(), false); + MemoryStream newOut = new MemoryStream(); + + CmsSignedDataParser.ReplaceCertificatesAndCrls(original, x509Certs, null, null, newOut); + + CmsSignedDataParser sp = new CmsSignedDataParser(newOut.ToArray()); + + sp.GetSignedContent().Drain(); + + VerifySignatures(sp); + } + + [Test] + public void TestCertOrdering1() + { + MemoryStream bOut = new MemoryStream(); + + IX509Store x509Certs = CmsTestUtil.MakeCertStore(OrigCert, SignCert); + + CmsSignedDataStreamGenerator gen = new CmsSignedDataStreamGenerator(); + gen.AddSigner(OrigKP.Private, OrigCert, CmsSignedDataStreamGenerator.DigestSha1); + gen.AddCertificates(x509Certs); + + byte[] testBytes = Encoding.ASCII.GetBytes(TestMessage); + + Stream sigOut = gen.Open(bOut, true); + sigOut.Write(testBytes, 0, testBytes.Length); + sigOut.Close(); + + CmsSignedDataParser sp = new CmsSignedDataParser(bOut.ToArray()); + + sp.GetSignedContent().Drain(); + x509Certs = sp.GetCertificates("Collection"); + ArrayList a = new ArrayList(x509Certs.GetMatches(null)); + + Assert.AreEqual(2, a.Count); + Assert.AreEqual(OrigCert, a[0]); + Assert.AreEqual(SignCert, a[1]); + } + + [Test] + public void TestCertOrdering2() + { + MemoryStream bOut = new MemoryStream(); + + IX509Store x509Certs = CmsTestUtil.MakeCertStore(SignCert, OrigCert); + + CmsSignedDataStreamGenerator gen = new CmsSignedDataStreamGenerator(); + gen.AddSigner(OrigKP.Private, OrigCert, CmsSignedDataStreamGenerator.DigestSha1); + gen.AddCertificates(x509Certs); + + byte[] testBytes = Encoding.ASCII.GetBytes(TestMessage); + + Stream sigOut = gen.Open(bOut, true); + sigOut.Write(testBytes, 0, testBytes.Length); + sigOut.Close(); + + CmsSignedDataParser sp = new CmsSignedDataParser(bOut.ToArray()); + + sp.GetSignedContent().Drain(); + x509Certs = sp.GetCertificates("Collection"); + ArrayList a = new ArrayList(x509Certs.GetMatches(null)); + + Assert.AreEqual(2, a.Count); + Assert.AreEqual(SignCert, a[0]); + Assert.AreEqual(OrigCert, a[1]); + } + + [Test] + public void TestCertsOnly() + { + IX509Store x509Certs = CmsTestUtil.MakeCertStore(OrigCert, SignCert); + + MemoryStream bOut = new MemoryStream(); + + CmsSignedDataStreamGenerator gen = new CmsSignedDataStreamGenerator(); + gen.AddCertificates(x509Certs); + gen.Open(bOut).Close(); + + CheckSigParseable(bOut.ToArray()); + } + } +} diff --git a/BouncyCastle/crypto/test/src/cms/test/SignedDataTest.cs b/BouncyCastle/crypto/test/src/cms/test/SignedDataTest.cs new file mode 100644 index 0000000..41af048 --- /dev/null +++ b/BouncyCastle/crypto/test/src/cms/test/SignedDataTest.cs @@ -0,0 +1,1603 @@ +using System; +using System.Collections; +using System.IO; +using System.Text; + +using NUnit.Framework; + +using Org.BouncyCastle.Asn1; +using Org.BouncyCastle.Asn1.Cms; +using Org.BouncyCastle.Crypto; +using Org.BouncyCastle.Pkcs; +using Org.BouncyCastle.Security; +using Org.BouncyCastle.Utilities; +using Org.BouncyCastle.Utilities.Encoders; +using Org.BouncyCastle.Utilities.IO; +using Org.BouncyCastle.Utilities.Test; +using Org.BouncyCastle.X509; +using Org.BouncyCastle.X509.Store; +using Org.BouncyCastle.Crypto.Operators; +using Org.BouncyCastle.Asn1.Utilities; + +namespace Org.BouncyCastle.Cms.Tests +{ + [TestFixture] + public class SignedDataTest + { + private const string OrigDN = "O=Bouncy Castle, C=AU"; + private static AsymmetricCipherKeyPair origKP; + private static X509Certificate origCert; + + private const string SignDN = "CN=Bob, OU=Sales, O=Bouncy Castle, C=AU"; + private static AsymmetricCipherKeyPair signKP; + private static X509Certificate signCert; + + private const string ReciDN = "CN=Doug, OU=Sales, O=Bouncy Castle, C=AU"; +// private static AsymmetricCipherKeyPair reciKP; +// private static X509Certificate reciCert; + + private static X509Crl signCrl; + + private static AsymmetricCipherKeyPair signGostKP; + private static X509Certificate signGostCert; + + private static AsymmetricCipherKeyPair signDsaKP; + private static X509Certificate signDsaCert; + + private static AsymmetricCipherKeyPair signECGostKP; + private static X509Certificate signECGostCert; + + private static AsymmetricCipherKeyPair signECDsaKP; + private static X509Certificate signECDsaCert; + + private static AsymmetricCipherKeyPair OrigKP + { + get { return origKP == null ? (origKP = CmsTestUtil.MakeKeyPair()) : origKP; } + } + + private static AsymmetricCipherKeyPair SignKP + { + get { return signKP == null ? (signKP = CmsTestUtil.MakeKeyPair()) : signKP; } + } + +// private static AsymmetricCipherKeyPair ReciKP +// { +// get { return reciKP == null ? (reciKP = CmsTestUtil.MakeKeyPair()) : reciKP; } +// } + + private static AsymmetricCipherKeyPair SignGostKP + { + get { return signGostKP == null ? (signGostKP = CmsTestUtil.MakeGostKeyPair()) : signGostKP; } + } + + private static AsymmetricCipherKeyPair SignDsaKP + { + get { return signDsaKP == null ? (signDsaKP = CmsTestUtil.MakeDsaKeyPair()) : signDsaKP; } + } + + private static AsymmetricCipherKeyPair SignECGostKP + { + get { return signECGostKP == null ? (signECGostKP = CmsTestUtil.MakeECGostKeyPair()) : signECGostKP; } + } + + private static AsymmetricCipherKeyPair SignECDsaKP + { + get { return signECDsaKP == null ? (signECDsaKP = CmsTestUtil.MakeECDsaKeyPair()) : signECDsaKP; } + } + + private static X509Certificate OrigCert + { + get { return origCert == null ? (origCert = CmsTestUtil.MakeCertificate(OrigKP, OrigDN, OrigKP, OrigDN)) : origCert; } + } + + private static X509Certificate SignCert + { + get { return signCert == null ? (signCert = CmsTestUtil.MakeCertificate(SignKP, SignDN, OrigKP, OrigDN)) : signCert; } + } + +// private static X509Certificate ReciCert +// { +// get { return reciCert == null ? (reciCert = CmsTestUtil.MakeCertificate(ReciKP, ReciDN, SignKP, SignDN)) : reciCert; } +// } + + private static X509Crl SignCrl + { + get { return signCrl == null ? (signCrl = CmsTestUtil.MakeCrl(SignKP)) : signCrl; } + } + + private static X509Certificate SignGostCert + { + get { return signGostCert == null ? (signGostCert = CmsTestUtil.MakeCertificate(SignGostKP, SignDN, OrigKP, OrigDN)) : signGostCert; } + } + + private static X509Certificate SignECGostCert + { + get { return signECGostCert == null ? (signECGostCert = CmsTestUtil.MakeCertificate(SignECGostKP, SignDN, OrigKP, OrigDN)) : signECGostCert; } + } + + private static X509Certificate SignDsaCert + { + get { return signDsaCert == null ? (signDsaCert = CmsTestUtil.MakeCertificate(SignDsaKP, SignDN, OrigKP, OrigDN)) : signDsaCert; } + } + + private static X509Certificate SignECDsaCert + { + get { return signECDsaCert == null ? (signECDsaCert = CmsTestUtil.MakeCertificate(SignECDsaKP, SignDN, OrigKP, OrigDN)) : signECDsaCert; } + } + + private static readonly byte[] disorderedMessage = Base64.Decode( + "SU9fc3RkaW5fdXNlZABfX2xpYmNfc3RhcnRfbWFpbgBnZXRob3N0aWQAX19n" + + "bW9uX3M="); + + private static readonly byte[] disorderedSet = Base64.Decode( + "MIIYXQYJKoZIhvcNAQcCoIIYTjCCGEoCAQExCzAJBgUrDgMCGgUAMAsGCSqG" + + "SIb3DQEHAaCCFqswggJUMIIBwKADAgECAgMMg6wwCgYGKyQDAwECBQAwbzEL" + + "MAkGA1UEBhMCREUxPTA7BgNVBAoUNFJlZ3VsaWVydW5nc2JlaMhvcmRlIGbI" + + "dXIgVGVsZWtvbW11bmlrYXRpb24gdW5kIFBvc3QxITAMBgcCggYBCgcUEwEx" + + "MBEGA1UEAxQKNFItQ0EgMTpQTjAiGA8yMDAwMDMyMjA5NDM1MFoYDzIwMDQw" + + "MTIxMTYwNDUzWjBvMQswCQYDVQQGEwJERTE9MDsGA1UEChQ0UmVndWxpZXJ1" + + "bmdzYmVoyG9yZGUgZsh1ciBUZWxla29tbXVuaWthdGlvbiB1bmQgUG9zdDEh" + + "MAwGBwKCBgEKBxQTATEwEQYDVQQDFAo1Ui1DQSAxOlBOMIGhMA0GCSqGSIb3" + + "DQEBAQUAA4GPADCBiwKBgQCKHkFTJx8GmoqFTxEOxpK9XkC3NZ5dBEKiUv0I" + + "fe3QMqeGMoCUnyJxwW0k2/53duHxtv2yHSZpFKjrjvE/uGwdOMqBMTjMzkFg" + + "19e9JPv061wyADOucOIaNAgha/zFt9XUyrHF21knKCvDNExv2MYIAagkTKaj" + + "LMAw0bu1J0FadQIFAMAAAAEwCgYGKyQDAwECBQADgYEAgFauXpoTLh3Z3pT/" + + "3bhgrxO/2gKGZopWGSWSJPNwq/U3x2EuctOJurj+y2inTcJjespThflpN+7Q" + + "nvsUhXU+jL2MtPlObU0GmLvWbi47cBShJ7KElcZAaxgWMBzdRGqTOdtMv+ev" + + "2t4igGF/q71xf6J2c3pTLWr6P8s6tzLfOCMwggJDMIIBr6ADAgECAgQAuzyu" + + "MAoGBiskAwMBAgUAMG8xCzAJBgNVBAYTAkRFMT0wOwYDVQQKFDRSZWd1bGll" + + "cnVuZ3NiZWjIb3JkZSBmyHVyIFRlbGVrb21tdW5pa2F0aW9uIHVuZCBQb3N0" + + "MSEwDAYHAoIGAQoHFBMBMTARBgNVBAMUCjVSLUNBIDE6UE4wIhgPMjAwMTA4" + + "MjAwODA4MjBaGA8yMDA1MDgyMDA4MDgyMFowSzELMAkGA1UEBhMCREUxEjAQ" + + "BgNVBAoUCVNpZ250cnVzdDEoMAwGBwKCBgEKBxQTATEwGAYDVQQDFBFDQSBT" + + "SUdOVFJVU1QgMTpQTjCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAhV12" + + "N2WhlR6f+3CXP57GrBM9la5Vnsu2b92zv5MZqQOPeEsYbZqDCFkYg1bSwsDE" + + "XsGVQqXdQNAGUaapr/EUVVN+hNZ07GcmC1sPeQECgUkxDYjGi4ihbvzxlahj" + + "L4nX+UTzJVBfJwXoIvJ+lMHOSpnOLIuEL3SRhBItvRECxN0CAwEAAaMSMBAw" + + "DgYDVR0PAQH/BAQDAgEGMAoGBiskAwMBAgUAA4GBACDc9Pc6X8sK1cerphiV" + + "LfFv4kpZb9ev4WPy/C6987Qw1SOTElhZAmxaJQBqmDHWlQ63wj1DEqswk7hG" + + "LrvQk/iX6KXIn8e64uit7kx6DHGRKNvNGofPjr1WelGeGW/T2ZJKgmPDjCkf" + + "sIKt2c3gwa2pDn4mmCz/DStUIqcPDbqLMIICVTCCAcGgAwIBAgIEAJ16STAK" + + "BgYrJAMDAQIFADBvMQswCQYDVQQGEwJERTE9MDsGA1UEChQ0UmVndWxpZXJ1" + + "bmdzYmVoyG9yZGUgZsh1ciBUZWxla29tbXVuaWthdGlvbiB1bmQgUG9zdDEh" + + "MAwGBwKCBgEKBxQTATEwEQYDVQQDFAo1Ui1DQSAxOlBOMCIYDzIwMDEwMjAx" + + "MTM0NDI1WhgPMjAwNTAzMjIwODU1NTFaMG8xCzAJBgNVBAYTAkRFMT0wOwYD" + + "VQQKFDRSZWd1bGllcnVuZ3NiZWjIb3JkZSBmyHVyIFRlbGVrb21tdW5pa2F0" + + "aW9uIHVuZCBQb3N0MSEwDAYHAoIGAQoHFBMBMTARBgNVBAMUCjZSLUNhIDE6" + + "UE4wgaEwDQYJKoZIhvcNAQEBBQADgY8AMIGLAoGBAIOiqxUkzVyqnvthihnl" + + "tsE5m1Xn5TZKeR/2MQPStc5hJ+V4yptEtIx+Fn5rOoqT5VEVWhcE35wdbPvg" + + "JyQFn5msmhPQT/6XSGOlrWRoFummXN9lQzAjCj1sgTcmoLCVQ5s5WpCAOXFw" + + "VWu16qndz3sPItn3jJ0F3Kh3w79NglvPAgUAwAAAATAKBgYrJAMDAQIFAAOB" + + "gQBpSRdnDb6AcNVaXSmGo6+kVPIBhot1LzJOGaPyDNpGXxd7LV4tMBF1U7gr" + + "4k1g9BO6YiMWvw9uiTZmn0CfV8+k4fWEuG/nmafRoGIuay2f+ILuT+C0rnp1" + + "4FgMsEhuVNJJAmb12QV0PZII+UneyhAneZuQQzVUkTcVgYxogxdSOzCCAlUw" + + "ggHBoAMCAQICBACdekowCgYGKyQDAwECBQAwbzELMAkGA1UEBhMCREUxPTA7" + + "BgNVBAoUNFJlZ3VsaWVydW5nc2JlaMhvcmRlIGbIdXIgVGVsZWtvbW11bmlr" + + "YXRpb24gdW5kIFBvc3QxITAMBgcCggYBCgcUEwExMBEGA1UEAxQKNlItQ2Eg" + + "MTpQTjAiGA8yMDAxMDIwMTEzNDcwN1oYDzIwMDUwMzIyMDg1NTUxWjBvMQsw" + + "CQYDVQQGEwJERTE9MDsGA1UEChQ0UmVndWxpZXJ1bmdzYmVoyG9yZGUgZsh1" + + "ciBUZWxla29tbXVuaWthdGlvbiB1bmQgUG9zdDEhMAwGBwKCBgEKBxQTATEw" + + "EQYDVQQDFAo1Ui1DQSAxOlBOMIGhMA0GCSqGSIb3DQEBAQUAA4GPADCBiwKB" + + "gQCKHkFTJx8GmoqFTxEOxpK9XkC3NZ5dBEKiUv0Ife3QMqeGMoCUnyJxwW0k" + + "2/53duHxtv2yHSZpFKjrjvE/uGwdOMqBMTjMzkFg19e9JPv061wyADOucOIa" + + "NAgha/zFt9XUyrHF21knKCvDNExv2MYIAagkTKajLMAw0bu1J0FadQIFAMAA" + + "AAEwCgYGKyQDAwECBQADgYEAV1yTi+2gyB7sUhn4PXmi/tmBxAfe5oBjDW8m" + + "gxtfudxKGZ6l/FUPNcrSc5oqBYxKWtLmf3XX87LcblYsch617jtNTkMzhx9e" + + "qxiD02ufcrxz2EVt0Akdqiz8mdVeqp3oLcNU/IttpSrcA91CAnoUXtDZYwb/" + + "gdQ4FI9l3+qo/0UwggJVMIIBwaADAgECAgQAxIymMAoGBiskAwMBAgUAMG8x" + + "CzAJBgNVBAYTAkRFMT0wOwYDVQQKFDRSZWd1bGllcnVuZ3NiZWjIb3JkZSBm" + + "yHVyIFRlbGVrb21tdW5pa2F0aW9uIHVuZCBQb3N0MSEwDAYHAoIGAQoHFBMB" + + "MTARBgNVBAMUCjZSLUNhIDE6UE4wIhgPMjAwMTEwMTUxMzMxNThaGA8yMDA1" + + "MDYwMTA5NTIxN1owbzELMAkGA1UEBhMCREUxPTA7BgNVBAoUNFJlZ3VsaWVy" + + "dW5nc2JlaMhvcmRlIGbIdXIgVGVsZWtvbW11bmlrYXRpb24gdW5kIFBvc3Qx" + + "ITAMBgcCggYBCgcUEwExMBEGA1UEAxQKN1ItQ0EgMTpQTjCBoTANBgkqhkiG" + + "9w0BAQEFAAOBjwAwgYsCgYEAiokD/j6lEP4FexF356OpU5teUpGGfUKjIrFX" + + "BHc79G0TUzgVxqMoN1PWnWktQvKo8ETaugxLkP9/zfX3aAQzDW4Zki6x6GDq" + + "fy09Agk+RJvhfbbIzRkV4sBBco0n73x7TfG/9NTgVr/96U+I+z/1j30aboM6" + + "9OkLEhjxAr0/GbsCBQDAAAABMAoGBiskAwMBAgUAA4GBAHWRqRixt+EuqHhR" + + "K1kIxKGZL2vZuakYV0R24Gv/0ZR52FE4ECr+I49o8FP1qiGSwnXB0SwjuH2S" + + "iGiSJi+iH/MeY85IHwW1P5e+bOMvEOFhZhQXQixOD7totIoFtdyaj1XGYRef" + + "0f2cPOjNJorXHGV8wuBk+/j++sxbd/Net3FtMIICVTCCAcGgAwIBAgIEAMSM" + + "pzAKBgYrJAMDAQIFADBvMQswCQYDVQQGEwJERTE9MDsGA1UEChQ0UmVndWxp" + + "ZXJ1bmdzYmVoyG9yZGUgZsh1ciBUZWxla29tbXVuaWthdGlvbiB1bmQgUG9z" + + "dDEhMAwGBwKCBgEKBxQTATEwEQYDVQQDFAo3Ui1DQSAxOlBOMCIYDzIwMDEx" + + "MDE1MTMzNDE0WhgPMjAwNTA2MDEwOTUyMTdaMG8xCzAJBgNVBAYTAkRFMT0w" + + "OwYDVQQKFDRSZWd1bGllcnVuZ3NiZWjIb3JkZSBmyHVyIFRlbGVrb21tdW5p" + + "a2F0aW9uIHVuZCBQb3N0MSEwDAYHAoIGAQoHFBMBMTARBgNVBAMUCjZSLUNh" + + "IDE6UE4wgaEwDQYJKoZIhvcNAQEBBQADgY8AMIGLAoGBAIOiqxUkzVyqnvth" + + "ihnltsE5m1Xn5TZKeR/2MQPStc5hJ+V4yptEtIx+Fn5rOoqT5VEVWhcE35wd" + + "bPvgJyQFn5msmhPQT/6XSGOlrWRoFummXN9lQzAjCj1sgTcmoLCVQ5s5WpCA" + + "OXFwVWu16qndz3sPItn3jJ0F3Kh3w79NglvPAgUAwAAAATAKBgYrJAMDAQIF" + + "AAOBgQBi5W96UVDoNIRkCncqr1LLG9vF9SGBIkvFpLDIIbcvp+CXhlvsdCJl" + + "0pt2QEPSDl4cmpOet+CxJTdTuMeBNXxhb7Dvualog69w/+K2JbPhZYxuVFZs" + + "Zh5BkPn2FnbNu3YbJhE60aIkikr72J4XZsI5DxpZCGh6xyV/YPRdKSljFjCC" + + "AlQwggHAoAMCAQICAwyDqzAKBgYrJAMDAQIFADBvMQswCQYDVQQGEwJERTE9" + + "MDsGA1UEChQ0UmVndWxpZXJ1bmdzYmVoyG9yZGUgZsh1ciBUZWxla29tbXVu" + + "aWthdGlvbiB1bmQgUG9zdDEhMAwGBwKCBgEKBxQTATEwEQYDVQQDFAo1Ui1D" + + "QSAxOlBOMCIYDzIwMDAwMzIyMDk0MTI3WhgPMjAwNDAxMjExNjA0NTNaMG8x" + + "CzAJBgNVBAYTAkRFMT0wOwYDVQQKFDRSZWd1bGllcnVuZ3NiZWjIb3JkZSBm" + + "yHVyIFRlbGVrb21tdW5pa2F0aW9uIHVuZCBQb3N0MSEwDAYHAoIGAQoHFBMB" + + "MTARBgNVBAMUCjRSLUNBIDE6UE4wgaEwDQYJKoZIhvcNAQEBBQADgY8AMIGL" + + "AoGBAI8x26tmrFJanlm100B7KGlRemCD1R93PwdnG7svRyf5ZxOsdGrDszNg" + + "xg6ouO8ZHQMT3NC2dH8TvO65Js+8bIyTm51azF6clEg0qeWNMKiiXbBXa+ph" + + "hTkGbXiLYvACZ6/MTJMJ1lcrjpRF7BXtYeYMcEF6znD4pxOqrtbf9z5hAgUA" + + "wAAAATAKBgYrJAMDAQIFAAOBgQB99BjSKlGPbMLQAgXlvA9jUsDNhpnVm3a1" + + "YkfxSqS/dbQlYkbOKvCxkPGA9NBxisBM8l1zFynVjJoy++aysRmcnLY/sHaz" + + "23BF2iU7WERy18H3lMBfYB6sXkfYiZtvQZcWaO48m73ZBySuiV3iXpb2wgs/" + + "Cs20iqroAWxwq/W/9jCCAlMwggG/oAMCAQICBDsFZ9UwCgYGKyQDAwECBQAw" + + "bzELMAkGA1UEBhMCREUxITAMBgcCggYBCgcUEwExMBEGA1UEAxQKNFItQ0Eg" + + "MTpQTjE9MDsGA1UEChQ0UmVndWxpZXJ1bmdzYmVoyG9yZGUgZsh1ciBUZWxl" + + "a29tbXVuaWthdGlvbiB1bmQgUG9zdDAiGA8xOTk5MDEyMTE3MzUzNFoYDzIw" + + "MDQwMTIxMTYwMDAyWjBvMQswCQYDVQQGEwJERTE9MDsGA1UEChQ0UmVndWxp" + + "ZXJ1bmdzYmVoyG9yZGUgZsh1ciBUZWxla29tbXVuaWthdGlvbiB1bmQgUG9z" + + "dDEhMAwGBwKCBgEKBxQTATEwEQYDVQQDFAozUi1DQSAxOlBOMIGfMA0GCSqG" + + "SIb3DQEBAQUAA4GNADCBiQKBgI4B557mbKQg/AqWBXNJhaT/6lwV93HUl4U8" + + "u35udLq2+u9phns1WZkdM3gDfEpL002PeLfHr1ID/96dDYf04lAXQfombils" + + "of1C1k32xOvxjlcrDOuPEMxz9/HDAQZA5MjmmYHAIulGI8Qg4Tc7ERRtg/hd" + + "0QX0/zoOeXoDSEOBAgTAAAABMAoGBiskAwMBAgUAA4GBAIyzwfT3keHI/n2P" + + "LrarRJv96mCohmDZNpUQdZTVjGu5VQjVJwk3hpagU0o/t/FkdzAjOdfEw8Ql" + + "3WXhfIbNLv1YafMm2eWSdeYbLcbB5yJ1od+SYyf9+tm7cwfDAcr22jNRBqx8" + + "wkWKtKDjWKkevaSdy99sAI8jebHtWz7jzydKMIID9TCCA16gAwIBAgICbMcw" + + "DQYJKoZIhvcNAQEFBQAwSzELMAkGA1UEBhMCREUxEjAQBgNVBAoUCVNpZ250" + + "cnVzdDEoMAwGBwKCBgEKBxQTATEwGAYDVQQDFBFDQSBTSUdOVFJVU1QgMTpQ" + + "TjAeFw0wNDA3MzAxMzAyNDZaFw0wNzA3MzAxMzAyNDZaMDwxETAPBgNVBAMM" + + "CFlhY29tOlBOMQ4wDAYDVQRBDAVZYWNvbTELMAkGA1UEBhMCREUxCjAIBgNV" + + "BAUTATEwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAIWzLlYLQApocXIp" + + "pgCCpkkOUVLgcLYKeOd6/bXAnI2dTHQqT2bv7qzfUnYvOqiNgYdF13pOYtKg" + + "XwXMTNFL4ZOI6GoBdNs9TQiZ7KEWnqnr2945HYx7UpgTBclbOK/wGHuCdcwO" + + "x7juZs1ZQPFG0Lv8RoiV9s6HP7POqh1sO0P/AgMBAAGjggH1MIIB8TCBnAYD" + + "VR0jBIGUMIGRgBQcZzNghfnXoXRm8h1+VITC5caNRqFzpHEwbzELMAkGA1UE" + + "BhMCREUxPTA7BgNVBAoUNFJlZ3VsaWVydW5nc2JlaMhvcmRlIGbIdXIgVGVs" + + "ZWtvbW11bmlrYXRpb24gdW5kIFBvc3QxITAMBgcCggYBCgcUEwExMBEGA1UE" + + "AxQKNVItQ0EgMTpQToIEALs8rjAdBgNVHQ4EFgQU2e5KAzkVuKaM9I5heXkz" + + "bcAIuR8wDgYDVR0PAQH/BAQDAgZAMBIGA1UdIAQLMAkwBwYFKyQIAQEwfwYD" + + "VR0fBHgwdjB0oCygKoYobGRhcDovL2Rpci5zaWdudHJ1c3QuZGUvbz1TaWdu" + + "dHJ1c3QsYz1kZaJEpEIwQDEdMBsGA1UEAxMUQ1JMU2lnblNpZ250cnVzdDE6" + + "UE4xEjAQBgNVBAoTCVNpZ250cnVzdDELMAkGA1UEBhMCREUwYgYIKwYBBQUH" + + "AQEEVjBUMFIGCCsGAQUFBzABhkZodHRwOi8vZGlyLnNpZ250cnVzdC5kZS9T" + + "aWdudHJ1c3QvT0NTUC9zZXJ2bGV0L2h0dHBHYXRld2F5LlBvc3RIYW5kbGVy" + + "MBgGCCsGAQUFBwEDBAwwCjAIBgYEAI5GAQEwDgYHAoIGAQoMAAQDAQH/MA0G" + + "CSqGSIb3DQEBBQUAA4GBAHn1m3GcoyD5GBkKUY/OdtD6Sj38LYqYCF+qDbJR" + + "6pqUBjY2wsvXepUppEler+stH8mwpDDSJXrJyuzf7xroDs4dkLl+Rs2x+2tg" + + "BjU+ABkBDMsym2WpwgA8LCdymmXmjdv9tULxY+ec2pjSEzql6nEZNEfrU8nt" + + "ZCSCavgqW4TtMYIBejCCAXYCAQEwUTBLMQswCQYDVQQGEwJERTESMBAGA1UE" + + "ChQJU2lnbnRydXN0MSgwDAYHAoIGAQoHFBMBMTAYBgNVBAMUEUNBIFNJR05U" + + "UlVTVCAxOlBOAgJsxzAJBgUrDgMCGgUAoIGAMBgGCSqGSIb3DQEJAzELBgkq" + + "hkiG9w0BBwEwIwYJKoZIhvcNAQkEMRYEFIYfhPoyfGzkLWWSSLjaHb4HQmaK" + + "MBwGCSqGSIb3DQEJBTEPFw0wNTAzMjQwNzM4MzVaMCEGBSskCAYFMRgWFi92" + + "YXIvZmlsZXMvdG1wXzEvdGVzdDEwDQYJKoZIhvcNAQEFBQAEgYA2IvA8lhVz" + + "VD5e/itUxbFboKxeKnqJ5n/KuO/uBCl1N14+7Z2vtw1sfkIG+bJdp3OY2Cmn" + + "mrQcwsN99Vjal4cXVj8t+DJzFG9tK9dSLvD3q9zT/GQ0kJXfimLVwCa4NaSf" + + "Qsu4xtG0Rav6bCcnzabAkKuNNvKtH8amSRzk870DBg=="); + + private static readonly byte[] xtraCounterSig = Base64.Decode( + "MIIR/AYJKoZIhvcNAQcCoIIR7TCCEekCAQExCzAJBgUrDgMCGgUAMBoGCSqG" + + "SIb3DQEHAaANBAtIZWxsbyB3b3JsZKCCDnkwggTPMIIDt6ADAgECAgRDnYD3" + + "MA0GCSqGSIb3DQEBBQUAMFgxCzAJBgNVBAYTAklUMRowGAYDVQQKExFJbi5U" + + "ZS5TLkEuIFMucC5BLjEtMCsGA1UEAxMkSW4uVGUuUy5BLiAtIENlcnRpZmlj" + + "YXRpb24gQXV0aG9yaXR5MB4XDTA4MDkxMjExNDMxMloXDTEwMDkxMjExNDMx" + + "MlowgdgxCzAJBgNVBAYTAklUMSIwIAYDVQQKDBlJbnRlc2EgUy5wLkEuLzA1" + + "MjYyODkwMDE0MSowKAYDVQQLDCFCdXNpbmVzcyBDb2xsYWJvcmF0aW9uICYg" + + "U2VjdXJpdHkxHjAcBgNVBAMMFU1BU1NJTUlMSUFOTyBaSUNDQVJESTERMA8G" + + "A1UEBAwIWklDQ0FSREkxFTATBgNVBCoMDE1BU1NJTUlMSUFOTzEcMBoGA1UE" + + "BRMTSVQ6WkNDTVNNNzZIMTRMMjE5WTERMA8GA1UELhMIMDAwMDI1ODUwgaAw" + + "DQYJKoZIhvcNAQEBBQADgY4AMIGKAoGBALeJTjmyFgx1SIP6c2AuB/kuyHo5" + + "j/prKELTALsFDimre/Hxr3wOSet1TdQfFzU8Lu+EJqgfV9cV+cI1yeH1rZs7" + + "lei7L3tX/VR565IywnguX5xwvteASgWZr537Fkws50bvTEMyYOj1Tf3FZvZU" + + "z4n4OD39KI4mfR9i1eEVIxR3AgQAizpNo4IBoTCCAZ0wHQYDVR0RBBYwFIES" + + "emljY2FyZGlAaW50ZXNhLml0MC8GCCsGAQUFBwEDBCMwITAIBgYEAI5GAQEw" + + "CwYGBACORgEDAgEUMAgGBgQAjkYBBDBZBgNVHSAEUjBQME4GBgQAizABATBE" + + "MEIGCCsGAQUFBwIBFjZodHRwOi8vZS10cnVzdGNvbS5pbnRlc2EuaXQvY2Ff" + + "cHViYmxpY2EvQ1BTX0lOVEVTQS5odG0wDgYDVR0PAQH/BAQDAgZAMIGDBgNV" + + "HSMEfDB6gBQZCQOW0bjFWBt+EORuxPagEgkQqKFcpFowWDELMAkGA1UEBhMC" + + "SVQxGjAYBgNVBAoTEUluLlRlLlMuQS4gUy5wLkEuMS0wKwYDVQQDEyRJbi5U" + + "ZS5TLkEuIC0gQ2VydGlmaWNhdGlvbiBBdXRob3JpdHmCBDzRARMwOwYDVR0f" + + "BDQwMjAwoC6gLIYqaHR0cDovL2UtdHJ1c3Rjb20uaW50ZXNhLml0L0NSTC9J" + + "TlRFU0EuY3JsMB0GA1UdDgQWBBTf5ItL8KmQh541Dxt7YxcWI1254TANBgkq" + + "hkiG9w0BAQUFAAOCAQEAgW+uL1CVWQepbC/wfCmR6PN37Sueb4xiKQj2mTD5" + + "UZ5KQjpivy/Hbuf0NrfKNiDEhAvoHSPC31ebGiKuTMFNyZPHfPEUnyYGSxea" + + "2w837aXJFr6utPNQGBRi89kH90sZDlXtOSrZI+AzJJn5QK3F9gjcayU2NZXQ" + + "MJgRwYmFyn2w4jtox+CwXPQ9E5XgxiMZ4WDL03cWVXDLX00EOJwnDDMUNTRI" + + "m9Zv+4SKTNlfFbi9UTBqWBySkDzAelsfB2U61oqc2h1xKmCtkGMmN9iZT+Qz" + + "ZC/vaaT+hLEBFGAH2gwFrYc4/jTBKyBYeU1vsAxsibIoTs1Apgl6MH75qPDL" + + "BzCCBM8wggO3oAMCAQICBEOdgPcwDQYJKoZIhvcNAQEFBQAwWDELMAkGA1UE" + + "BhMCSVQxGjAYBgNVBAoTEUluLlRlLlMuQS4gUy5wLkEuMS0wKwYDVQQDEyRJ" + + "bi5UZS5TLkEuIC0gQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNMDgwOTEy" + + "MTE0MzEyWhcNMTAwOTEyMTE0MzEyWjCB2DELMAkGA1UEBhMCSVQxIjAgBgNV" + + "BAoMGUludGVzYSBTLnAuQS4vMDUyNjI4OTAwMTQxKjAoBgNVBAsMIUJ1c2lu" + + "ZXNzIENvbGxhYm9yYXRpb24gJiBTZWN1cml0eTEeMBwGA1UEAwwVTUFTU0lN" + + "SUxJQU5PIFpJQ0NBUkRJMREwDwYDVQQEDAhaSUNDQVJESTEVMBMGA1UEKgwM" + + "TUFTU0lNSUxJQU5PMRwwGgYDVQQFExNJVDpaQ0NNU003NkgxNEwyMTlZMREw" + + "DwYDVQQuEwgwMDAwMjU4NTCBoDANBgkqhkiG9w0BAQEFAAOBjgAwgYoCgYEA" + + "t4lOObIWDHVIg/pzYC4H+S7IejmP+msoQtMAuwUOKat78fGvfA5J63VN1B8X" + + "NTwu74QmqB9X1xX5wjXJ4fWtmzuV6Lsve1f9VHnrkjLCeC5fnHC+14BKBZmv" + + "nfsWTCznRu9MQzJg6PVN/cVm9lTPifg4Pf0ojiZ9H2LV4RUjFHcCBACLOk2j" + + "ggGhMIIBnTAdBgNVHREEFjAUgRJ6aWNjYXJkaUBpbnRlc2EuaXQwLwYIKwYB" + + "BQUHAQMEIzAhMAgGBgQAjkYBATALBgYEAI5GAQMCARQwCAYGBACORgEEMFkG" + + "A1UdIARSMFAwTgYGBACLMAEBMEQwQgYIKwYBBQUHAgEWNmh0dHA6Ly9lLXRy" + + "dXN0Y29tLmludGVzYS5pdC9jYV9wdWJibGljYS9DUFNfSU5URVNBLmh0bTAO" + + "BgNVHQ8BAf8EBAMCBkAwgYMGA1UdIwR8MHqAFBkJA5bRuMVYG34Q5G7E9qAS" + + "CRCooVykWjBYMQswCQYDVQQGEwJJVDEaMBgGA1UEChMRSW4uVGUuUy5BLiBT" + + "LnAuQS4xLTArBgNVBAMTJEluLlRlLlMuQS4gLSBDZXJ0aWZpY2F0aW9uIEF1" + + "dGhvcml0eYIEPNEBEzA7BgNVHR8ENDAyMDCgLqAshipodHRwOi8vZS10cnVz" + + "dGNvbS5pbnRlc2EuaXQvQ1JML0lOVEVTQS5jcmwwHQYDVR0OBBYEFN/ki0vw" + + "qZCHnjUPG3tjFxYjXbnhMA0GCSqGSIb3DQEBBQUAA4IBAQCBb64vUJVZB6ls" + + "L/B8KZHo83ftK55vjGIpCPaZMPlRnkpCOmK/L8du5/Q2t8o2IMSEC+gdI8Lf" + + "V5saIq5MwU3Jk8d88RSfJgZLF5rbDzftpckWvq6081AYFGLz2Qf3SxkOVe05" + + "Ktkj4DMkmflArcX2CNxrJTY1ldAwmBHBiYXKfbDiO2jH4LBc9D0TleDGIxnh" + + "YMvTdxZVcMtfTQQ4nCcMMxQ1NEib1m/7hIpM2V8VuL1RMGpYHJKQPMB6Wx8H" + + "ZTrWipzaHXEqYK2QYyY32JlP5DNkL+9ppP6EsQEUYAfaDAWthzj+NMErIFh5" + + "TW+wDGyJsihOzUCmCXowfvmo8MsHMIIEzzCCA7egAwIBAgIEQ52A9zANBgkq" + + "hkiG9w0BAQUFADBYMQswCQYDVQQGEwJJVDEaMBgGA1UEChMRSW4uVGUuUy5B" + + "LiBTLnAuQS4xLTArBgNVBAMTJEluLlRlLlMuQS4gLSBDZXJ0aWZpY2F0aW9u" + + "IEF1dGhvcml0eTAeFw0wODA5MTIxMTQzMTJaFw0xMDA5MTIxMTQzMTJaMIHY" + + "MQswCQYDVQQGEwJJVDEiMCAGA1UECgwZSW50ZXNhIFMucC5BLi8wNTI2Mjg5" + + "MDAxNDEqMCgGA1UECwwhQnVzaW5lc3MgQ29sbGFib3JhdGlvbiAmIFNlY3Vy" + + "aXR5MR4wHAYDVQQDDBVNQVNTSU1JTElBTk8gWklDQ0FSREkxETAPBgNVBAQM" + + "CFpJQ0NBUkRJMRUwEwYDVQQqDAxNQVNTSU1JTElBTk8xHDAaBgNVBAUTE0lU" + + "OlpDQ01TTTc2SDE0TDIxOVkxETAPBgNVBC4TCDAwMDAyNTg1MIGgMA0GCSqG" + + "SIb3DQEBAQUAA4GOADCBigKBgQC3iU45shYMdUiD+nNgLgf5Lsh6OY/6ayhC" + + "0wC7BQ4pq3vx8a98DknrdU3UHxc1PC7vhCaoH1fXFfnCNcnh9a2bO5Xouy97" + + "V/1UeeuSMsJ4Ll+ccL7XgEoFma+d+xZMLOdG70xDMmDo9U39xWb2VM+J+Dg9" + + "/SiOJn0fYtXhFSMUdwIEAIs6TaOCAaEwggGdMB0GA1UdEQQWMBSBEnppY2Nh" + + "cmRpQGludGVzYS5pdDAvBggrBgEFBQcBAwQjMCEwCAYGBACORgEBMAsGBgQA" + + "jkYBAwIBFDAIBgYEAI5GAQQwWQYDVR0gBFIwUDBOBgYEAIswAQEwRDBCBggr" + + "BgEFBQcCARY2aHR0cDovL2UtdHJ1c3Rjb20uaW50ZXNhLml0L2NhX3B1YmJs" + + "aWNhL0NQU19JTlRFU0EuaHRtMA4GA1UdDwEB/wQEAwIGQDCBgwYDVR0jBHww" + + "eoAUGQkDltG4xVgbfhDkbsT2oBIJEKihXKRaMFgxCzAJBgNVBAYTAklUMRow" + + "GAYDVQQKExFJbi5UZS5TLkEuIFMucC5BLjEtMCsGA1UEAxMkSW4uVGUuUy5B" + + "LiAtIENlcnRpZmljYXRpb24gQXV0aG9yaXR5ggQ80QETMDsGA1UdHwQ0MDIw" + + "MKAuoCyGKmh0dHA6Ly9lLXRydXN0Y29tLmludGVzYS5pdC9DUkwvSU5URVNB" + + "LmNybDAdBgNVHQ4EFgQU3+SLS/CpkIeeNQ8be2MXFiNdueEwDQYJKoZIhvcN" + + "AQEFBQADggEBAIFvri9QlVkHqWwv8Hwpkejzd+0rnm+MYikI9pkw+VGeSkI6" + + "Yr8vx27n9Da3yjYgxIQL6B0jwt9XmxoirkzBTcmTx3zxFJ8mBksXmtsPN+2l" + + "yRa+rrTzUBgUYvPZB/dLGQ5V7Tkq2SPgMySZ+UCtxfYI3GslNjWV0DCYEcGJ" + + "hcp9sOI7aMfgsFz0PROV4MYjGeFgy9N3FlVwy19NBDicJwwzFDU0SJvWb/uE" + + "ikzZXxW4vVEwalgckpA8wHpbHwdlOtaKnNodcSpgrZBjJjfYmU/kM2Qv72mk" + + "/oSxARRgB9oMBa2HOP40wSsgWHlNb7AMbImyKE7NQKYJejB++ajwywcxggM8" + + "MIIDOAIBATBgMFgxCzAJBgNVBAYTAklUMRowGAYDVQQKExFJbi5UZS5TLkEu" + + "IFMucC5BLjEtMCsGA1UEAxMkSW4uVGUuUy5BLiAtIENlcnRpZmljYXRpb24g" + + "QXV0aG9yaXR5AgRDnYD3MAkGBSsOAwIaBQAwDQYJKoZIhvcNAQEBBQAEgYB+" + + "lH2cwLqc91mP8prvgSV+RRzk13dJdZvdoVjgQoFrPhBiZCNIEoHvIhMMA/sM" + + "X6euSRZk7EjD24FasCEGYyd0mJVLEy6TSPmuW+wWz/28w3a6IWXBGrbb/ild" + + "/CJMkPgLPGgOVD1WDwiNKwfasiQSFtySf5DPn3jFevdLeMmEY6GCAjIwggEV" + + "BgkqhkiG9w0BCQYxggEGMIIBAgIBATBgMFgxCzAJBgNVBAYTAklUMRowGAYD" + + "VQQKExFJbi5UZS5TLkEuIFMucC5BLjEtMCsGA1UEAxMkSW4uVGUuUy5BLiAt" + + "IENlcnRpZmljYXRpb24gQXV0aG9yaXR5AgRDnYD3MAkGBSsOAwIaBQAwDQYJ" + + "KoZIhvcNAQEBBQAEgYBHlOULfT5GDigIvxP0qZOy8VbpntmzaPF55VV4buKV" + + "35J+uHp98gXKp0LrHM69V5IRKuyuQzHHFBqsXxsRI9o6KoOfgliD9Xc+BeMg" + + "dKzQhBhBYoFREq8hQM0nSbqDNHYAQyNHMzUA/ZQUO5dlFuH8Dw3iDYAhNtfd" + + "PrlchKJthDCCARUGCSqGSIb3DQEJBjGCAQYwggECAgEBMGAwWDELMAkGA1UE" + + "BhMCSVQxGjAYBgNVBAoTEUluLlRlLlMuQS4gUy5wLkEuMS0wKwYDVQQDEyRJ" + + "bi5UZS5TLkEuIC0gQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkCBEOdgPcwCQYF" + + "Kw4DAhoFADANBgkqhkiG9w0BAQEFAASBgEeU5Qt9PkYOKAi/E/Spk7LxVume" + + "2bNo8XnlVXhu4pXfkn64en3yBcqnQusczr1XkhEq7K5DMccUGqxfGxEj2joq" + + "g5+CWIP1dz4F4yB0rNCEGEFigVESryFAzSdJuoM0dgBDI0czNQD9lBQ7l2UW" + + "4fwPDeINgCE2190+uVyEom2E"); + + private void VerifySignatures( + CmsSignedData s, + byte[] contentDigest) + { + IX509Store x509Certs = s.GetCertificates("Collection"); + + SignerInformationStore signers = s.GetSignerInfos(); + ICollection c = signers.GetSigners(); + + foreach (SignerInformation signer in c) + { + ICollection certCollection = x509Certs.GetMatches(signer.SignerID); + + IEnumerator certEnum = certCollection.GetEnumerator(); + + certEnum.MoveNext(); + X509Certificate cert = (X509Certificate) certEnum.Current; + + Assert.IsTrue(signer.Verify(cert)); + + if (contentDigest != null) + { + Assert.IsTrue(Arrays.AreEqual(contentDigest, signer.GetContentDigest())); + } + } + } + + private void VerifyDirectSignatures( + CmsSignedData s, + byte[] contentDigest) + { + IX509Store x509Certs = s.GetCertificates("Collection"); + + SignerInformationStore signers = s.GetSignerInfos(); + ICollection c = signers.GetSigners(); + + foreach (SignerInformation signer in c) + { + ICollection certCollection = x509Certs.GetMatches(signer.SignerID); + + IEnumerator certEnum = certCollection.GetEnumerator(); + + certEnum.MoveNext(); + X509Certificate cert = (X509Certificate)certEnum.Current; + + Assert.IsTrue(signer.Verify(cert)); + Assert.IsTrue(null == signer.GetEncodedSignedAttributes()); + + if (contentDigest != null) + { + Assert.IsTrue(Arrays.AreEqual(contentDigest, signer.GetContentDigest())); + } + } + } + + private void VerifySignatures( + CmsSignedData s) + { + VerifySignatures(s, null); + } + + [Test] + public void TestDetachedVerification() + { + byte[] data = Encoding.ASCII.GetBytes("Hello World!"); + CmsProcessable msg = new CmsProcessableByteArray(data); + + IX509Store x509Certs = CmsTestUtil.MakeCertStore(OrigCert, SignCert); + + CmsSignedDataGenerator gen = new CmsSignedDataGenerator(); + gen.AddSigner(OrigKP.Private, OrigCert, CmsSignedDataGenerator.DigestSha1); + gen.AddSigner(OrigKP.Private, OrigCert, CmsSignedDataGenerator.DigestMD5); + gen.AddCertificates(x509Certs); + + CmsSignedData s = gen.Generate(msg); + + IDictionary hashes = new Hashtable(); + hashes.Add(CmsSignedDataGenerator.DigestSha1, DigestUtilities.CalculateDigest("SHA1", data)); + hashes.Add(CmsSignedDataGenerator.DigestMD5, DigestUtilities.CalculateDigest("MD5", data)); + + s = new CmsSignedData(hashes, s.GetEncoded()); + + VerifySignatures(s); + } + + [Test] + public void TestSha1AndMD5WithRsaEncapsulatedRepeated() + { + CmsProcessable msg = new CmsProcessableByteArray(Encoding.ASCII.GetBytes("Hello World!")); + + IX509Store x509Certs = CmsTestUtil.MakeCertStore(OrigCert, SignCert); + + CmsSignedDataGenerator gen = new CmsSignedDataGenerator(); + gen.AddSigner(OrigKP.Private, OrigCert, CmsSignedDataGenerator.DigestSha1); + gen.AddSigner(OrigKP.Private, OrigCert, CmsSignedDataGenerator.DigestMD5); + gen.AddCertificates(x509Certs); + + CmsSignedData s = gen.Generate(msg, true); + + s = new CmsSignedData(ContentInfo.GetInstance(Asn1Object.FromByteArray(s.GetEncoded()))); + + x509Certs = s.GetCertificates("Collection"); + + SignerInformationStore signers = s.GetSignerInfos(); + + Assert.AreEqual(2, signers.Count); + + SignerID sid = null; + ICollection c = signers.GetSigners(); + + foreach (SignerInformation signer in c) + { + ICollection certCollection = x509Certs.GetMatches(signer.SignerID); + + IEnumerator certEnum = certCollection.GetEnumerator(); + + certEnum.MoveNext(); + X509Certificate cert = (X509Certificate) certEnum.Current; + + sid = signer.SignerID; + + Assert.IsTrue(signer.Verify(cert)); + + // + // check content digest + // + + byte[] contentDigest = (byte[])gen.GetGeneratedDigests()[signer.DigestAlgOid]; + + AttributeTable table = signer.SignedAttributes; + Asn1.Cms.Attribute hash = table[CmsAttributes.MessageDigest]; + + Assert.IsTrue(Arrays.AreEqual(contentDigest, ((Asn1OctetString)hash.AttrValues[0]).GetOctets())); + } + + c = signers.GetSigners(sid); + + Assert.AreEqual(2, c.Count); + + // + // try using existing signer + // + + gen = new CmsSignedDataGenerator(); + + gen.AddSigners(s.GetSignerInfos()); + + gen.AddCertificates(s.GetCertificates("Collection")); + gen.AddCrls(s.GetCrls("Collection")); + + s = gen.Generate(msg, true); + + s = new CmsSignedData(ContentInfo.GetInstance(Asn1Object.FromByteArray(s.GetEncoded()))); + + x509Certs = s.GetCertificates("Collection"); + + signers = s.GetSignerInfos(); + c = signers.GetSigners(); + + Assert.AreEqual(2, c.Count); + + foreach (SignerInformation signer in c) + { + ICollection certCollection = x509Certs.GetMatches(signer.SignerID); + + IEnumerator certEnum = certCollection.GetEnumerator(); + + certEnum.MoveNext(); + X509Certificate cert = (X509Certificate) certEnum.Current; + + Assert.AreEqual(true, signer.Verify(cert)); + } + + CheckSignerStoreReplacement(s, signers); + } + + [Test] + public void TestSha1AndMD5WithRsaEncapsulatedRepeatedWithSignerInfoGen() + { + CmsProcessable msg = new CmsProcessableByteArray(Encoding.ASCII.GetBytes("Hello World!")); + + IX509Store x509Certs = CmsTestUtil.MakeCertStore(OrigCert, SignCert); + + CmsSignedDataGenerator gen = new CmsSignedDataGenerator(); + gen.AddSignerInfoGenerator(new SignerInfoGeneratorBuilder().Build( + new Asn1SignatureFactory("SHA1withRSA", OrigKP.Private), OrigCert)); + gen.AddSignerInfoGenerator(new SignerInfoGeneratorBuilder().Build( + new Asn1SignatureFactory("MD5withRSA", OrigKP.Private), OrigCert)); + + gen.AddCertificates(x509Certs); + + CmsSignedData s = gen.Generate(msg, true); + + s = new CmsSignedData(ContentInfo.GetInstance(Asn1Object.FromByteArray(s.GetEncoded()))); + + x509Certs = s.GetCertificates("Collection"); + + SignerInformationStore signers = s.GetSignerInfos(); + + Assert.AreEqual(2, signers.Count); + + SignerID sid = null; + ICollection c = signers.GetSigners(); + + foreach (SignerInformation signer in c) + { + ICollection certCollection = x509Certs.GetMatches(signer.SignerID); + + IEnumerator certEnum = certCollection.GetEnumerator(); + + certEnum.MoveNext(); + X509Certificate cert = (X509Certificate)certEnum.Current; + + sid = signer.SignerID; + + Assert.IsTrue(signer.Verify(cert)); + + // + // check content digest + // + + byte[] contentDigest = (byte[])gen.GetGeneratedDigests()[signer.DigestAlgOid]; + + AttributeTable table = signer.SignedAttributes; + Asn1.Cms.Attribute hash = table[CmsAttributes.MessageDigest]; + + Assert.IsTrue(Arrays.AreEqual(contentDigest, ((Asn1OctetString)hash.AttrValues[0]).GetOctets())); + } + + c = signers.GetSigners(sid); + + Assert.AreEqual(2, c.Count); + + // + // try using existing signer + // + + gen = new CmsSignedDataGenerator(); + + gen.AddSigners(s.GetSignerInfos()); + + gen.AddCertificates(s.GetCertificates("Collection")); + gen.AddCrls(s.GetCrls("Collection")); + + s = gen.Generate(msg, true); + + s = new CmsSignedData(ContentInfo.GetInstance(Asn1Object.FromByteArray(s.GetEncoded()))); + + x509Certs = s.GetCertificates("Collection"); + + signers = s.GetSignerInfos(); + c = signers.GetSigners(); + + Assert.AreEqual(2, c.Count); + + foreach (SignerInformation signer in c) + { + ICollection certCollection = x509Certs.GetMatches(signer.SignerID); + + IEnumerator certEnum = certCollection.GetEnumerator(); + + certEnum.MoveNext(); + X509Certificate cert = (X509Certificate)certEnum.Current; + + Assert.AreEqual(true, signer.Verify(cert)); + } + + CheckSignerStoreReplacement(s, signers); + } + + // NB: C# build doesn't support "no attributes" version of CmsSignedDataGenerator.Generate + //[Test] + //public void TestSha1WithRsaNoAttributes() + //{ + // CmsProcessable msg = new CmsProcessableByteArray(Encoding.ASCII.GetBytes("Hello world!")); + + // IX509Store x509Certs = MakeCertStore(OrigCert, SignCert); + + // CmsSignedDataGenerator gen = new CmsSignedDataGenerator(); + // gen.AddSigner(OrigKP.Private, OrigCert, CmsSignedDataGenerator.DigestSha1); + // gen.AddCertificates(x509Certs); + + // CmsSignedData s = gen.Generate(CmsSignedDataGenerator.Data, msg, false, false); + + // byte[] testBytes = Encoding.ASCII.GetBytes("Hello world!"); + + // // compute expected content digest + // byte[] hash = DigestUtilities.CalculateDigest("SHA1", testBytes); + + // VerifySignatures(s, hash); + //} + + [Test] + public void TestSha1WithRsaAndAttributeTable() + { + byte[] testBytes = Encoding.ASCII.GetBytes("Hello world!"); + CmsProcessable msg = new CmsProcessableByteArray(testBytes); + + IX509Store x509Certs = CmsTestUtil.MakeCertStore(OrigCert, SignCert); + + byte[] hash = DigestUtilities.CalculateDigest("SHA1", testBytes); + + Asn1.Cms.Attribute attr = new Asn1.Cms.Attribute(CmsAttributes.MessageDigest, + new DerSet(new DerOctetString(hash))); + + Asn1EncodableVector v = new Asn1EncodableVector(attr); + + CmsSignedDataGenerator gen = new CmsSignedDataGenerator(); + gen.AddSigner(SignKP.Private, SignCert, CmsSignedDataGenerator.DigestSha1, + new AttributeTable(v), null); + gen.AddCertificates(x509Certs); + + CmsSignedData s = gen.Generate(CmsSignedDataGenerator.Data, null, false); + + // + // the signature is detached, so need to add msg before passing on + // + s = new CmsSignedData(msg, s.GetEncoded()); + + // + // compute expected content digest + // + VerifySignatures(s, hash); + } + + [Test] + public void TestRawSha256MissingNull() + { + byte[] document = GetInput("rawsha256nonull.p7m"); + + CmsSignedData s = new CmsSignedData(document); + + IX509Store certStore = s.GetCertificates("Collection"); + foreach (SignerInformation signerInformation in s.GetSignerInfos().GetSigners()) + { + ICollection certCollection = certStore.GetMatches(signerInformation.SignerID); + foreach (X509Certificate cert in certCollection) + { + Assert.IsTrue(signerInformation.Verify(cert), "raw sig failed"); + } + } + } + + [Test] + public void TestSha1WithRsaEncapsulated() + { + EncapsulatedTest(SignKP, SignCert, CmsSignedDataGenerator.DigestSha1); + } + + [Test] + public void TestSha1WithRsaEncapsulatedSubjectKeyID() + { + SubjectKeyIDTest(SignKP, SignCert, CmsSignedDataGenerator.DigestSha1); + } + + [Test] + public void TestSha1WithRsaPss() + { + rsaPssTest("SHA1", CmsSignedDataGenerator.DigestSha1); + } + + [Test] + public void TestSha224WithRsaPss() + { + rsaPssTest("SHA224", CmsSignedDataGenerator.DigestSha224); + } + + [Test] + public void TestSha256WithRsaPss() + { + rsaPssTest("SHA256", CmsSignedDataGenerator.DigestSha256); + } + + [Test] + public void TestSha256WithRsaPssDirect() + { + rsaPssDirectTest("SHA256", CmsSignedDataGenerator.DigestSha256); + } + + [Test] + public void TestSha384WithRsaPss() + { + rsaPssTest("SHA384", CmsSignedDataGenerator.DigestSha384); + } + + [Test] + public void TestSha1WithRsaDigest() + { + RsaDigestTest("SHA1withRSA"); + } + + [Test] + public void TestSha224WithRsaDigest() + { + RsaDigestTest("SHA224withRSA"); + } + + [Test] + public void TestSha256WithRsaDigest() + { + RsaDigestTest("SHA256withRSA"); + } + + [Test] + public void TestSha384WithRsaDigest() + { + RsaDigestTest("SHA384withRSA"); + } + + [Test] + public void TestSha512WithRsaDigest() + { + RsaDigestTest("SHA512withRSA"); + } + + [Test] + public void TestSha3_224WithRsaDigest() + { + RsaDigestTest("SHA3-224withRSA"); + } + + [Test] + public void TestSha3_256WithRsaDigest() + { + RsaDigestTest("SHA3-256withRSA"); + } + + [Test] + public void TestSha3_384WithRsaDigest() + { + RsaDigestTest("SHA3-384withRSA"); + } + + [Test] + public void TestSha3_512WithRsaDigest() + { + RsaDigestTest("SHA3-512withRSA"); + } + + [Test] + public void testSHA512_224ithRSADigest() + { + RsaDigestTest("SHA512(224)withRSA"); + } + + [Test] + public void testSHA512_256ithRSADigest() + { + RsaDigestTest("SHA512(256)withRSA"); + } + + [Test] + public void TestSha224WithRsaEncapsulated() + { + EncapsulatedTest(SignKP, SignCert, CmsSignedDataGenerator.DigestSha224); + } + + [Test] + public void TestSha256WithRsaEncapsulated() + { + EncapsulatedTest(SignKP, SignCert, CmsSignedDataGenerator.DigestSha256); + } + + [Test] + public void TestRipeMD128WithRsaEncapsulated() + { + EncapsulatedTest(SignKP, SignCert, CmsSignedDataGenerator.DigestRipeMD128); + } + + [Test] + public void TestRipeMD160WithRsaEncapsulated() + { + EncapsulatedTest(SignKP, SignCert, CmsSignedDataGenerator.DigestRipeMD160); + } + + [Test] + public void TestRipeMD256WithRsaEncapsulated() + { + EncapsulatedTest(SignKP, SignCert, CmsSignedDataGenerator.DigestRipeMD256); + } + + [Test] + public void TestSha224WithDsaEncapsulated() + { + EncapsulatedTest(SignDsaKP, SignDsaCert, CmsSignedDataGenerator.DigestSha224); + } + + [Test] + public void TestSha256WithDsaEncapsulated() + { + EncapsulatedTest(SignDsaKP, SignDsaCert, CmsSignedDataGenerator.DigestSha256); + } + + [Test] + public void TestSha384WithDsaEncapsulated() + { + EncapsulatedTest(SignDsaKP, SignDsaCert, CmsSignedDataGenerator.DigestSha384); + } + + [Test] + public void TestSha512WithDsaEncapsulated() + { + EncapsulatedTest(SignDsaKP, SignDsaCert, CmsSignedDataGenerator.DigestSha512); + } + + [Test] + public void TestECDsaEncapsulated() + { + EncapsulatedTest(SignECDsaKP, SignECDsaCert, CmsSignedDataGenerator.DigestSha1); + } + + [Test] + public void TestECDsaEncapsulatedSubjectKeyID() + { + SubjectKeyIDTest(SignECDsaKP, SignECDsaCert, CmsSignedDataGenerator.DigestSha1); + } + + [Test] + public void TestECDsaSha224Encapsulated() + { + EncapsulatedTest(SignECDsaKP, SignECDsaCert, CmsSignedDataGenerator.DigestSha224); + } + + [Test] + public void TestECDsaSha256Encapsulated() + { + EncapsulatedTest(SignECDsaKP, SignECDsaCert, CmsSignedDataGenerator.DigestSha256); + } + + [Test] + public void TestECDsaSha384Encapsulated() + { + EncapsulatedTest(SignECDsaKP, SignECDsaCert, CmsSignedDataGenerator.DigestSha384); + } + + [Test] + public void TestECDsaSha512Encapsulated() + { + EncapsulatedTest(SignECDsaKP, SignECDsaCert, CmsSignedDataGenerator.DigestSha512); + } + + [Test] + public void TestECDsaSha512EncapsulatedWithKeyFactoryAsEC() + { +// X509EncodedKeySpec pubSpec = new X509EncodedKeySpec(_signEcDsaKP.getPublic().getEncoded()); + byte[] pubEnc = SubjectPublicKeyInfoFactory.CreateSubjectPublicKeyInfo(SignECDsaKP.Public).GetDerEncoded(); +// PKCS8EncodedKeySpec privSpec = new PKCS8EncodedKeySpec(_signEcDsaKP.Private.getEncoded()); + byte[] privEnc = PrivateKeyInfoFactory.CreatePrivateKeyInfo(SignECDsaKP.Private).GetDerEncoded(); +// KeyFactory keyFact = KeyFactory.GetInstance("EC", "BC"); +// KeyPair kp = new KeyPair(keyFact.generatePublic(pubSpec), keyFact.generatePrivate(privSpec)); + AsymmetricCipherKeyPair kp = new AsymmetricCipherKeyPair( + PublicKeyFactory.CreateKey(pubEnc), + PrivateKeyFactory.CreateKey(privEnc)); + + EncapsulatedTest(kp, SignECDsaCert, CmsSignedDataGenerator.DigestSha512); + } + + [Test] + public void TestDsaEncapsulated() + { + EncapsulatedTest(SignDsaKP, SignDsaCert, CmsSignedDataGenerator.DigestSha1); + } + + [Test] + public void TestDsaEncapsulatedSubjectKeyID() + { + SubjectKeyIDTest(SignDsaKP, SignDsaCert, CmsSignedDataGenerator.DigestSha1); + } + + [Test] + public void TestGost3411WithGost3410Encapsulated() + { + EncapsulatedTest(SignGostKP, SignGostCert, CmsSignedDataGenerator.DigestGost3411); + } + + [Test] + public void TestGost3411WithECGost3410Encapsulated() + { + EncapsulatedTest(SignECGostKP, SignECGostCert, CmsSignedDataGenerator.DigestGost3411); + } + + [Test] + public void TestSha1WithRsaCounterSignature() + { + CmsProcessable msg = new CmsProcessableByteArray(Encoding.ASCII.GetBytes("Hello World!")); + + IX509Store x509Certs = CmsTestUtil.MakeCertStore(SignCert, OrigCert); + IX509Store x509Crls = CmsTestUtil.MakeCrlStore(SignCrl); + + CmsSignedDataGenerator gen = new CmsSignedDataGenerator(); + gen.AddSigner(SignKP.Private, SignCert, CmsSignedDataGenerator.DigestSha1); + gen.AddCertificates(x509Certs); + gen.AddCrls(x509Crls); + + CmsSignedData s = gen.Generate(msg, true); + SignerInformation origSigner = (SignerInformation) new ArrayList(s.GetSignerInfos().GetSigners())[0]; + SignerInformationStore counterSigners1 = gen.GenerateCounterSigners(origSigner); + SignerInformationStore counterSigners2 = gen.GenerateCounterSigners(origSigner); + + SignerInformation signer1 = SignerInformation.AddCounterSigners(origSigner, counterSigners1); + SignerInformation signer2 = SignerInformation.AddCounterSigners(signer1, counterSigners2); + + SignerInformationStore cs = signer2.GetCounterSignatures(); + ICollection csSigners = cs.GetSigners(); + Assert.AreEqual(2, csSigners.Count); + + foreach (SignerInformation cSigner in csSigners) + { + ICollection certCollection = x509Certs.GetMatches(cSigner.SignerID); + + IEnumerator certEnum = certCollection.GetEnumerator(); + + certEnum.MoveNext(); + X509Certificate cert = (X509Certificate) certEnum.Current; + + Assert.IsNull(cSigner.SignedAttributes[Asn1.Pkcs.PkcsObjectIdentifiers.Pkcs9AtContentType]); + Assert.IsTrue(cSigner.Verify(cert)); + } + } + + private void rsaPssTest( + string digestName, + string digestOID) + { + byte[] msgBytes = Encoding.ASCII.GetBytes("Hello World!"); + CmsProcessable msg = new CmsProcessableByteArray(msgBytes); + + IX509Store x509Certs = CmsTestUtil.MakeCertStore(OrigCert, SignCert); + + CmsSignedDataGenerator gen = new CmsSignedDataGenerator(); + gen.AddSigner(OrigKP.Private, OrigCert, CmsSignedDataGenerator.EncryptionRsaPss, digestOID); + gen.AddCertificates(x509Certs); + + CmsSignedData s = gen.Generate(CmsSignedDataGenerator.Data, msg, false); + + // compute expected content digest + byte[] expectedDigest = DigestUtilities.CalculateDigest(digestName, msgBytes); + + VerifySignatures(s, expectedDigest); + } + + private void rsaPssDirectTest( + string digestName, + string digestOID) + { + byte[] msgBytes = Encoding.ASCII.GetBytes("Hello World!"); + CmsProcessable msg = new CmsProcessableByteArray(msgBytes); + + IX509Store x509Certs = CmsTestUtil.MakeCertStore(OrigCert, SignCert); + + CmsSignedDataGenerator gen = new CmsSignedDataGenerator(); + gen.AddSignerInfoGenerator(new SignerInfoGeneratorBuilder().SetDirectSignature(true).Build( + new Asn1SignatureFactory(digestName + "withRSAandMGF1", OrigKP.Private), OrigCert)); + gen.AddCertificates(x509Certs); + + CmsSignedData s = gen.Generate(CmsSignedDataGenerator.Data, msg, false); + + // compute expected content digest + byte[] expectedDigest = DigestUtilities.CalculateDigest(digestName, msgBytes); + + VerifyDirectSignatures(s, expectedDigest); + } + + private void SubjectKeyIDTest( + AsymmetricCipherKeyPair signaturePair, + X509Certificate signatureCert, + string digestAlgorithm) + { + CmsProcessable msg = new CmsProcessableByteArray(Encoding.ASCII.GetBytes("Hello World!")); + + IX509Store x509Certs = CmsTestUtil.MakeCertStore(signatureCert, OrigCert); + IX509Store x509Crls = CmsTestUtil.MakeCrlStore(SignCrl); + + CmsSignedDataGenerator gen = new CmsSignedDataGenerator(); + gen.AddSigner(signaturePair.Private, + CmsTestUtil.CreateSubjectKeyId(signatureCert.GetPublicKey()).GetKeyIdentifier(), + digestAlgorithm); + gen.AddCertificates(x509Certs); + gen.AddCrls(x509Crls); + + CmsSignedData s = gen.Generate(msg, true); + + Assert.AreEqual(3, s.Version); + + MemoryStream bIn = new MemoryStream(s.GetEncoded(), false); + Asn1InputStream aIn = new Asn1InputStream(bIn); + + s = new CmsSignedData(ContentInfo.GetInstance(aIn.ReadObject())); + + x509Certs = s.GetCertificates("Collection"); + x509Crls = s.GetCrls("Collection"); + + SignerInformationStore signers = s.GetSignerInfos(); + + foreach (SignerInformation signer in signers.GetSigners()) + { + ICollection certCollection = x509Certs.GetMatches(signer.SignerID); + + IEnumerator certEnum = certCollection.GetEnumerator(); + + certEnum.MoveNext(); + X509Certificate cert = (X509Certificate) certEnum.Current; + + Assert.IsTrue(signer.Verify(cert)); + } + + // + // check for CRLs + // + ArrayList crls = new ArrayList(x509Crls.GetMatches(null)); + + Assert.AreEqual(1, crls.Count); + + Assert.IsTrue(crls.Contains(SignCrl)); + + // + // try using existing signer + // + + gen = new CmsSignedDataGenerator(); + + gen.AddSigners(s.GetSignerInfos()); + + gen.AddCertificates(s.GetCertificates("Collection")); + gen.AddCrls(s.GetCrls("Collection")); + + s = gen.Generate(msg, true); + + bIn = new MemoryStream(s.GetEncoded(), false); + aIn = new Asn1InputStream(bIn); + + s = new CmsSignedData(ContentInfo.GetInstance(aIn.ReadObject())); + + x509Certs = s.GetCertificates("Collection"); + x509Crls = s.GetCrls("Collection"); + + signers = s.GetSignerInfos(); + + foreach (SignerInformation signer in signers.GetSigners()) + { + ICollection certCollection = x509Certs.GetMatches(signer.SignerID); + + IEnumerator certEnum = certCollection.GetEnumerator(); + + certEnum.MoveNext(); + X509Certificate cert = (X509Certificate) certEnum.Current; + + Assert.IsTrue(signer.Verify(cert)); + } + + CheckSignerStoreReplacement(s, signers); + } + + private void EncapsulatedTest( + AsymmetricCipherKeyPair signaturePair, + X509Certificate signatureCert, + string digestAlgorithm) + { + CmsProcessable msg = new CmsProcessableByteArray(Encoding.ASCII.GetBytes("Hello World!")); + + IX509Store x509Certs = CmsTestUtil.MakeCertStore(signatureCert, OrigCert); + IX509Store x509Crls = CmsTestUtil.MakeCrlStore(SignCrl); + + CmsSignedDataGenerator gen = new CmsSignedDataGenerator(); + gen.AddSigner(signaturePair.Private, signatureCert, digestAlgorithm); + gen.AddCertificates(x509Certs); + gen.AddCrls(x509Crls); + + CmsSignedData s = gen.Generate(msg, true); + + s = new CmsSignedData(ContentInfo.GetInstance(Asn1Object.FromByteArray(s.GetEncoded()))); + + x509Certs = s.GetCertificates("Collection"); + x509Crls = s.GetCrls("Collection"); + + SignerInformationStore signers = s.GetSignerInfos(); + ICollection c = signers.GetSigners(); + + foreach (SignerInformation signer in c) + { + ICollection certCollection = x509Certs.GetMatches(signer.SignerID); + + IEnumerator certEnum = certCollection.GetEnumerator(); + + certEnum.MoveNext(); + X509Certificate cert = (X509Certificate) certEnum.Current; + + Assert.AreEqual(digestAlgorithm, signer.DigestAlgOid); + + Assert.IsTrue(signer.Verify(cert)); + } + + // + // check for CRLs + // + ArrayList crls = new ArrayList(x509Crls.GetMatches(null)); + + Assert.AreEqual(1, crls.Count); + + Assert.IsTrue(crls.Contains(SignCrl)); + + // + // try using existing signer + // + + gen = new CmsSignedDataGenerator(); + + gen.AddSigners(s.GetSignerInfos()); + + gen.AddCertificates(s.GetCertificates("Collection")); + gen.AddCrls(s.GetCrls("Collection")); + + s = gen.Generate(msg, true); + + s = new CmsSignedData(ContentInfo.GetInstance(Asn1Object.FromByteArray(s.GetEncoded()))); + + x509Certs = s.GetCertificates("Collection"); + x509Crls = s.GetCrls("Collection"); + + signers = s.GetSignerInfos(); + c = signers.GetSigners(); + + foreach (SignerInformation signer in c) + { + ICollection certCollection = x509Certs.GetMatches(signer.SignerID); + + IEnumerator certEnum = certCollection.GetEnumerator(); + + certEnum.MoveNext(); + X509Certificate cert = (X509Certificate) certEnum.Current; + + Assert.IsTrue(signer.Verify(cert)); + } + + CheckSignerStoreReplacement(s, signers); + } + + // + // signerInformation store replacement test. + // + private void CheckSignerStoreReplacement( + CmsSignedData orig, + SignerInformationStore signers) + { + CmsSignedData s = CmsSignedData.ReplaceSigners(orig, signers); + + IX509Store x509Certs = s.GetCertificates("Collection"); + + signers = s.GetSignerInfos(); + ICollection c = signers.GetSigners(); + + foreach (SignerInformation signer in c) + { + ICollection certCollection = x509Certs.GetMatches(signer.SignerID); + + IEnumerator certEnum = certCollection.GetEnumerator(); + + certEnum.MoveNext(); + X509Certificate cert = (X509Certificate) certEnum.Current; + + Assert.IsTrue(signer.Verify(cert)); + } + } + + [Test] + public void TestUnsortedAttributes() + { + CmsSignedData s = new CmsSignedData(new CmsProcessableByteArray(disorderedMessage), disorderedSet); + + IX509Store x509Certs = s.GetCertificates("Collection"); + + SignerInformationStore signers = s.GetSignerInfos(); + ICollection c = signers.GetSigners(); + + foreach (SignerInformation signer in c) + { + ICollection certCollection = x509Certs.GetMatches(signer.SignerID); + + IEnumerator certEnum = certCollection.GetEnumerator(); + + certEnum.MoveNext(); + X509Certificate cert = (X509Certificate) certEnum.Current; + SignerInformation sAsIs = new AsIsSignerInformation(signer); + + Assert.IsFalse(signer.Verify(cert)); + Assert.IsTrue(sAsIs.Verify(cert)); + } + } + + class AsIsSignerInformation : SignerInformation + { + public AsIsSignerInformation(SignerInformation sInfo): base(sInfo) + { + + } + + public override byte[] GetEncodedSignedAttributes() + { + return signedAttributeSet == null + ? null + : signedAttributeSet.GetEncoded(); + } + } + + [Test] + public void TestNullContentWithSigner() + { + IX509Store x509Certs = CmsTestUtil.MakeCertStore(OrigCert, SignCert); + + CmsSignedDataGenerator gen = new CmsSignedDataGenerator(); + gen.AddSigner(OrigKP.Private, OrigCert, CmsSignedDataGenerator.DigestSha1); + gen.AddCertificates(x509Certs); + + CmsSignedData s = gen.Generate(null, false); + + s = new CmsSignedData(ContentInfo.GetInstance(Asn1Object.FromByteArray(s.GetEncoded()))); + + VerifySignatures(s); + } + + [Test] + public void TestWithAttributeCertificate() + { + CmsProcessable msg = new CmsProcessableByteArray(Encoding.ASCII.GetBytes("Hello World!")); + + IX509Store x509Certs = CmsTestUtil.MakeCertStore(SignDsaCert); + + CmsSignedDataGenerator gen = new CmsSignedDataGenerator(); + gen.AddSigner(OrigKP.Private, OrigCert, CmsSignedDataGenerator.DigestSha1); + gen.AddCertificates(x509Certs); + + IX509AttributeCertificate attrCert = CmsTestUtil.GetAttributeCertificate(); + + IX509Store store = CmsTestUtil.MakeAttrCertStore(attrCert); + + gen.AddAttributeCertificates(store); + + CmsSignedData sd = gen.Generate(msg); + + Assert.AreEqual(4, sd.Version); + + store = sd.GetAttributeCertificates("Collection"); + + ArrayList coll = new ArrayList(store.GetMatches(null)); + + Assert.AreEqual(1, coll.Count); + + Assert.IsTrue(coll.Contains(attrCert)); + + // + // create new certstore + // + x509Certs = CmsTestUtil.MakeCertStore(OrigCert, SignCert); + + // + // replace certs + // + sd = CmsSignedData.ReplaceCertificatesAndCrls(sd, x509Certs, null, null); + + VerifySignatures(sd); + } + + [Test] + public void TestCertStoreReplacement() + { + CmsProcessable msg = new CmsProcessableByteArray(Encoding.ASCII.GetBytes("Hello World!")); + + IX509Store x509Certs = CmsTestUtil.MakeCertStore(SignDsaCert); + + CmsSignedDataGenerator gen = new CmsSignedDataGenerator(); + gen.AddSigner(OrigKP.Private, OrigCert, CmsSignedDataGenerator.DigestSha1); + gen.AddCertificates(x509Certs); + + CmsSignedData sd = gen.Generate(msg); + + // + // create new certstore + // + x509Certs = CmsTestUtil.MakeCertStore(OrigCert, SignCert); + + // + // replace certs + // + sd = CmsSignedData.ReplaceCertificatesAndCrls(sd, x509Certs, null, null); + + VerifySignatures(sd); + } + + [Test] + public void TestEncapsulatedCertStoreReplacement() + { + CmsProcessable msg = new CmsProcessableByteArray(Encoding.ASCII.GetBytes("Hello World!")); + + IX509Store x509Certs = CmsTestUtil.MakeCertStore(SignDsaCert); + + CmsSignedDataGenerator gen = new CmsSignedDataGenerator(); + gen.AddSigner(OrigKP.Private, OrigCert, CmsSignedDataGenerator.DigestSha1); + gen.AddCertificates(x509Certs); + + CmsSignedData sd = gen.Generate(msg, true); + + // + // create new certstore + // + x509Certs = CmsTestUtil.MakeCertStore(OrigCert, SignCert); + + // + // replace certs + // + sd = CmsSignedData.ReplaceCertificatesAndCrls(sd, x509Certs, null, null); + + VerifySignatures(sd); + } + + [Test] + public void TestCertOrdering1() + { + CmsProcessable msg = new CmsProcessableByteArray(Encoding.ASCII.GetBytes("Hello World!")); + + IX509Store x509Certs = CmsTestUtil.MakeCertStore(OrigCert, SignCert, SignDsaCert); + + CmsSignedDataGenerator gen = new CmsSignedDataGenerator(); + gen.AddSigner(OrigKP.Private, OrigCert, CmsSignedDataGenerator.DigestSha1); + gen.AddCertificates(x509Certs); + + CmsSignedData sd = gen.Generate(msg, true); + + x509Certs = sd.GetCertificates("Collection"); + ArrayList a = new ArrayList(x509Certs.GetMatches(null)); + + Assert.AreEqual(3, a.Count); + Assert.AreEqual(OrigCert, a[0]); + Assert.AreEqual(SignCert, a[1]); + Assert.AreEqual(SignDsaCert, a[2]); + } + + [Test] + public void TestCertOrdering2() + { + CmsProcessable msg = new CmsProcessableByteArray(Encoding.ASCII.GetBytes("Hello World!")); + + IX509Store x509Certs = CmsTestUtil.MakeCertStore(SignCert, SignDsaCert, OrigCert); + + CmsSignedDataGenerator gen = new CmsSignedDataGenerator(); + gen.AddSigner(OrigKP.Private, OrigCert, CmsSignedDataGenerator.DigestSha1); + gen.AddCertificates(x509Certs); + + CmsSignedData sd = gen.Generate(msg, true); + + x509Certs = sd.GetCertificates("Collection"); + ArrayList a = new ArrayList(x509Certs.GetMatches(null)); + + Assert.AreEqual(3, a.Count); + Assert.AreEqual(SignCert, a[0]); + Assert.AreEqual(SignDsaCert, a[1]); + Assert.AreEqual(OrigCert, a[2]); + } + + [Test] + public void TestSignerStoreReplacement() + { + CmsProcessable msg = new CmsProcessableByteArray(Encoding.ASCII.GetBytes("Hello World!")); + + IX509Store x509Certs = CmsTestUtil.MakeCertStore(OrigCert, SignCert); + + CmsSignedDataGenerator gen = new CmsSignedDataGenerator(); + gen.AddSigner(OrigKP.Private, OrigCert, CmsSignedDataGenerator.DigestSha1); + gen.AddCertificates(x509Certs); + + CmsSignedData original = gen.Generate(msg, true); + + // + // create new Signer + // + gen = new CmsSignedDataGenerator(); + gen.AddSigner(OrigKP.Private, OrigCert, CmsSignedDataGenerator.DigestSha224); + gen.AddCertificates(x509Certs); + + CmsSignedData newSD = gen.Generate(msg, true); + + // + // replace signer + // + CmsSignedData sd = CmsSignedData.ReplaceSigners(original, newSD.GetSignerInfos()); + + IEnumerator signerEnum = sd.GetSignerInfos().GetSigners().GetEnumerator(); + signerEnum.MoveNext(); + SignerInformation signer = (SignerInformation) signerEnum.Current; + + Assert.AreEqual(CmsSignedDataGenerator.DigestSha224, signer.DigestAlgOid); + + // we use a parser here as it requires the digests to be correct in the digest set, if it + // isn't we'll get a NullPointerException + CmsSignedDataParser sp = new CmsSignedDataParser(sd.GetEncoded()); + + sp.GetSignedContent().Drain(); + + VerifySignatures(sp); + } + + [Test] + public void TestEncapsulatedSamples() + { + DoTestSample("PSSSignDataSHA1Enc.sig"); + DoTestSample("PSSSignDataSHA256Enc.sig"); + DoTestSample("PSSSignDataSHA512Enc.sig"); + } + + [Test] + public void TestSamples() + { + DoTestSample("PSSSignData.data", "PSSSignDataSHA1.sig"); + DoTestSample("PSSSignData.data", "PSSSignDataSHA256.sig"); + DoTestSample("PSSSignData.data", "PSSSignDataSHA512.sig"); + } + + [Test] + public void TestCounterSig() + { + CmsSignedData sig = new CmsSignedData(GetInput("counterSig.p7m")); + + SignerInformationStore ss = sig.GetSignerInfos(); + ArrayList signers = new ArrayList(ss.GetSigners()); + + SignerInformationStore cs = ((SignerInformation)signers[0]).GetCounterSignatures(); + ArrayList csSigners = new ArrayList(cs.GetSigners()); + Assert.AreEqual(1, csSigners.Count); + + foreach (SignerInformation cSigner in csSigners) + { + ArrayList certCollection = new ArrayList( + sig.GetCertificates("Collection").GetMatches(cSigner.SignerID)); + + X509Certificate cert = (X509Certificate)certCollection[0]; + + Assert.IsNull(cSigner.SignedAttributes[Asn1.Pkcs.PkcsObjectIdentifiers.Pkcs9AtContentType]); + Assert.IsTrue(cSigner.Verify(cert)); + } + + VerifySignatures(sig); + } + + private void DoTestSample(string sigName) + { + CmsSignedData sig = new CmsSignedData(GetInput(sigName)); + VerifySignatures(sig); + } + + private void DoTestSample(string messageName, string sigName) + { + CmsSignedData sig = new CmsSignedData( + new CmsProcessableByteArray(GetInput(messageName)), + GetInput(sigName)); + + VerifySignatures(sig); + } + + private byte[] GetInput(string name) + { + return Streams.ReadAll(SimpleTest.GetTestDataAsStream("cms.sigs." + name)); + } + + [Test] + public void TestForMultipleCounterSignatures() + { + CmsSignedData sd = new CmsSignedData(xtraCounterSig); + + foreach (SignerInformation sigI in sd.GetSignerInfos().GetSigners()) + { + SignerInformationStore counter = sigI.GetCounterSignatures(); + IList sigs = new ArrayList(counter.GetSigners()); + + Assert.AreEqual(2, sigs.Count); + } + } + + private void RsaDigestTest(string signatureAlgorithmName) + { + byte[] data = Encoding.ASCII.GetBytes("Hello World!"); + CmsProcessable msg = new CmsProcessableByteArray(data); + + IX509Store x509Certs = CmsTestUtil.MakeCertStore(OrigCert, SignCert); + + CmsSignedDataGenerator gen = new CmsSignedDataGenerator(); + gen.AddSignerInfoGenerator(new SignerInfoGeneratorBuilder().Build( + new Asn1SignatureFactory(signatureAlgorithmName, OrigKP.Private), OrigCert)); + gen.AddCertificates(x509Certs); + + CmsSignedData s = gen.Generate(msg, false); + + // + // compute expected content digest + // + string digestName = signatureAlgorithmName.Substring(0, signatureAlgorithmName.IndexOf("with")); + + VerifySignatures(s, DigestUtilities.CalculateDigest(digestName, data)); + } + + private void VerifySignatures( + CmsSignedDataParser sp) + { + IX509Store x509Certs = sp.GetCertificates("Collection"); + SignerInformationStore signers = sp.GetSignerInfos(); + + foreach (SignerInformation signer in signers.GetSigners()) + { + ICollection certCollection = x509Certs.GetMatches(signer.SignerID); + + IEnumerator certEnum = certCollection.GetEnumerator(); + certEnum.MoveNext(); + X509Certificate cert = (X509Certificate)certEnum.Current; + + Assert.IsTrue(signer.Verify(cert)); + Assert.IsTrue(new MySignerInformation(signer).Verify(cert)); // test simple copy works + } + } + + class MySignerInformation: SignerInformation + { + public MySignerInformation(SignerInformation sigInf): base(sigInf) + { + + } + } + } +} diff --git a/BouncyCastle/crypto/test/src/crmf/test/CrmfTest.cs b/BouncyCastle/crypto/test/src/crmf/test/CrmfTest.cs new file mode 100644 index 0000000..7a5349d --- /dev/null +++ b/BouncyCastle/crypto/test/src/crmf/test/CrmfTest.cs @@ -0,0 +1,175 @@ +using System; +using System.Collections; + +using NUnit.Framework; + +using Org.BouncyCastle.Asn1; +using Org.BouncyCastle.Asn1.Cms; +using Org.BouncyCastle.Asn1.Crmf; +using Org.BouncyCastle.Asn1.Nist; +using Org.BouncyCastle.Asn1.Pkcs; +using Org.BouncyCastle.Asn1.X509; +using Org.BouncyCastle.Cmp.Tests; +using Org.BouncyCastle.Cms; +using Org.BouncyCastle.Crypto; +using Org.BouncyCastle.Crypto.Generators; +using Org.BouncyCastle.Crypto.Operators; +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Math; +using Org.BouncyCastle.Operators; +using Org.BouncyCastle.Pkcs; +using Org.BouncyCastle.Security; +using Org.BouncyCastle.Utilities; +using Org.BouncyCastle.Utilities.Encoders; +using Org.BouncyCastle.Utilities.Test; +using Org.BouncyCastle.X509; + +namespace Org.BouncyCastle.Crmf.Tests +{ + [TestFixture] + public class CrmfTest : SimpleTest + { + public override string Name + { + get { return "CRMF"; } + } + + public override void PerformTest() + { + TestFromJVM(); + TestBasicMessage(); + TestBasicMessageWithArchiveControl(); + TestBasicMessageWithArchiveControlJVMGenerated(); + } + + [Test] + public void TestFromJVM() + { + AsymmetricKeyParameter pubKey = PublicKeyFactory.CreateKey(Hex.Decode( + "305c300d06092a864886f70d0101010500034b003048024100bbb3f6a5031fbb1feedbfed7584a4f6321ccdc16b9526b0f6e31859328db35a6ec420a98e14fb3bcf192004b1aa6fc9269410204785cc01317232feb545a7b410203010001")); + AsymmetricKeyParameter privKey = PrivateKeyFactory.CreateKey(Hex.Decode("30820153020100300d06092a864886f70d01010105000482013d30820139020100024100bbb3f6a5031fbb1feedbfed7584a4f6321ccdc16b9526b0f6e31859328db35a6ec420a98e14fb3bcf192004b1aa6fc9269410204785cc01317232feb545a7b41020301000102400093b384b9021c4cd59888e956cb1e653e736833235315b0e938116da19a9276b1ea1fe33da580a497313f08eb3e7c14627508a4284be04ea3e6ba8cb4b0a5c9022100e2fe0d9f35bfd7ecf196227e5e915a2464478ea7033c6dff4ce6a02961759a49022100d3b093770745dfea42c5c5c31f1a6b797a60dfb5503ae60f70b864452c4a193902203cc761c65b91feb3070cf8377602dd6c191dbfe8a04931fac6108a9a09ea7f61022071bb2a5f06af49cfc8340d3df995ee2c03cdcc22d389f15456511abdf73f9031022065bc10d43192cb3131c53be18a0d41a060d4e0a3324a47e3eb4bf720e1b46b10")); + + byte[] rawMsg = Hex.Decode("3081cc30760201013071a511300f310d300b0603550403130454657374a65c300d06092a864886f70d0101010500034b003048024100bbb3f6a5031fbb1feedbfed7584a4f6321ccdc16b9526b0f6e31859328db35a6ec420a98e14fb3bcf192004b1aa6fc9269410204785cc01317232feb545a7b410203010001a152300d06092a864886f70d01010505000341003120cdb58edfef4a2e1a4bfe96b972007c1d1c949221d266efe28b45ba036b9d534f5dca261dce8f21e134d97e55c3bd76d1460781fd9703f8f9907d1f036c20"); + + CertificateRequestMessage msg = new CertificateRequestMessage(rawMsg); + IsTrue("Pop Valid", msg.IsValidSigningKeyPop(new Asn1VerifierFactoryProvider(pubKey))); + + // + // Vandalize message to check for failure. + // + + rawMsg[7] ^= 1; + msg = new CertificateRequestMessage(rawMsg); + + IsTrue("Pop Verified Vandalized Message!", !msg.IsValidSigningKeyPop(new Asn1VerifierFactoryProvider(pubKey))); + } + + [Test] + public void TestBasicMessage() + { + RsaKeyPairGenerator rsaKeyPairGenerator = new RsaKeyPairGenerator(); + rsaKeyPairGenerator.Init(new RsaKeyGenerationParameters(BigInteger.ValueOf(65537), new SecureRandom(), 2048, 100)); + AsymmetricCipherKeyPair rsaKeyPair = rsaKeyPairGenerator.GenerateKeyPair(); + + CertificateRequestMessageBuilder certReqBuild = new CertificateRequestMessageBuilder(BigInteger.One); + + certReqBuild.SetSubject(new X509Name("CN=Test")) + .SetPublicKey(SubjectPublicKeyInfoFactory.CreateSubjectPublicKeyInfo(rsaKeyPair.Public)) + .SetProofOfPossessionSignKeySigner(new Asn1SignatureFactory("SHA1WithRSA", rsaKeyPair.Private)); + + CertificateRequestMessage certificateRequestMessage = certReqBuild.Build(); + + IsTrue("Signing Key Pop Valid",certificateRequestMessage.IsValidSigningKeyPop(new Asn1VerifierFactoryProvider(rsaKeyPair.Public))); + IsTrue(certificateRequestMessage.GetCertTemplate().Subject.Equivalent(new X509Name("CN=Test"))); + IsTrue(certificateRequestMessage.GetCertTemplate().PublicKey.Equals(SubjectPublicKeyInfoFactory.CreateSubjectPublicKeyInfo(rsaKeyPair.Public))); + } + + [Test] + public void TestBasicMessageWithArchiveControl() + { + RsaKeyPairGenerator rsaKeyPairGenerator = new RsaKeyPairGenerator(); + rsaKeyPairGenerator.Init(new RsaKeyGenerationParameters(BigInteger.ValueOf(65537), new SecureRandom(), 2048, 100)); + AsymmetricCipherKeyPair rsaKeyPair = rsaKeyPairGenerator.GenerateKeyPair(); + + TestCertBuilder tcb = new TestCertBuilder(); + tcb.PublicKey = rsaKeyPair.Public; + tcb.Subject = new X509Name("CN=Test"); + tcb.Issuer = new X509Name("CN=Test"); + tcb.NotBefore = DateTime.UtcNow.AddDays(-1); + tcb.NotAfter = DateTime.UtcNow.AddDays(1); + tcb.SignatureAlgorithm = "Sha1WithRSAEncryption"; + + X509Certificate cert = tcb.Build(rsaKeyPair.Private); + + SubjectPublicKeyInfo publicKeyInfo = SubjectPublicKeyInfoFactory.CreateSubjectPublicKeyInfo(rsaKeyPair.Public); + PrivateKeyInfo privateInfo = PrivateKeyInfoFactory.CreatePrivateKeyInfo(rsaKeyPair.Private); + + CertificateRequestMessageBuilder certificateRequestMessageBuilder = new CertificateRequestMessageBuilder(BigInteger.One); + certificateRequestMessageBuilder.SetSubject(new X509Name("CN=Test")); + certificateRequestMessageBuilder.SetPublicKey(publicKeyInfo); + + certificateRequestMessageBuilder.AddControl( + new PkiArchiveControlBuilder(privateInfo, new GeneralName(new X509Name("CN=Test"))) + .AddRecipientGenerator(new KeyTransRecipientInfoGenerator(cert, new Asn1KeyWrapper("RSA/None/OAEPwithSHA256andMGF1Padding", cert))) + .Build(new CmsContentEncryptorBuilder(NistObjectIdentifiers.IdAes128Cbc).Build()) + ); + + CertificateRequestMessage msg = certificateRequestMessageBuilder.Build(); + + IsTrue(Arrays.AreEqual(msg.GetCertTemplate().Subject.GetEncoded(), new X509Name("CN=Test").GetEncoded())); + IsTrue(Arrays.AreEqual(msg.GetCertTemplate().PublicKey.GetEncoded(),publicKeyInfo.GetEncoded())); + + CheckCertReqMsgWithArchiveControl(rsaKeyPair,msg); + CheckCertReqMsgWithArchiveControl(rsaKeyPair, new CertificateRequestMessage(msg.GetEncoded())); + } + + [Test] + public void TestBasicMessageWithArchiveControlJVMGenerated() + { + AsymmetricKeyParameter publicKey = PublicKeyFactory.CreateKey( + Hex.Decode("305c300d06092a864886f70d0101010500034b003048024100a9a94b7b98dc3daf8cac032a14bd4510832b0e007edbdafc065e328645a35828b8185cdbf73ed495c88436b11a9322965595d2e4c1dd63c3c4d41812f876b3070203010001")); + AsymmetricKeyParameter privateKey = PrivateKeyFactory.CreateKey( + Hex.Decode("30820154020100300d06092a864886f70d01010105000482013e3082013a020100024100a9a94b7b98dc3daf8cac032a14bd4510832b0e007edbdafc065e328645a35828b8185cdbf73ed495c88436b11a9322965595d2e4c1dd63c3c4d41812f876b307020301000102400831deacfe21a9331902d7f648e1297c563196b00c70971fb439098cb5c1618925bdbac4c66b30f8956660220f326f51e5a1725ce690165154fb62fa14497265022100e54943be1b4951e127f6e79c5ab333cba4b0fff0b5e59328d6393ba98dc0e6c3022100bd6da58ce195146a1d3825ec2a622cf4962da653096bea87fbd9a94db266a66d0221008948bcceeef78f97089ec53ed0efcb6b7b489f7638f32491a6f2cdce4f99d89102204eb1b066d8883054ed12985e863506ec0d3fa5ab356cc99ff876b228ff0639f9022024049aaf39bf9a0ddfbd4caee277d0a9f07d075faae12571176a5c0ca40415c0")); + + CertificateRequestMessage msg = new CertificateRequestMessage( + Hex.Decode("308202af308202ab0201013071a511300f310d300b0603550403130454657374a65c300d06092a864886f70d0101010500034b003048024100a9a94b7b98dc3daf8cac032a14bd4510832b0e007edbdafc065e328645a35828b8185cdbf73ed495c88436b11a9322965595d2e4c1dd63c3c4d41812f876b3070203010001308202313082022d06092b0601050507050104a082021ea082021a0201003171306f0201003019300f310d300b06035504030c04546573740206016859de5806300d06092a864886f70d0101010500044066f1a72f808908af784b83c07895276104d7c4caaee6090212ce5b27517aec510425b784352b5342c999f844b8796286f10a59807e290f06aa39f8cba86dd6bf308201a0060b2a864886f70d0109100115301d060960864801650304010204104aceaa277cc7974ea2a775ff9db6062580820170c648e70c25c4789d2ff4ed398e5536efb45d2dd8ba76a628ad30bf9596a18337afc0f596f0c18e05fb3fa9944ed9691dae1d9b327b5bbafaaa63efb0e22d675811c27bfb023b80184325fd4b67b3b9e41bf43c5583a86433b230e09a34b61397ddff0eadf10c883fc1f01860e2a56ab4002dcc4d4925c53e09dde0b99928fdf602bce544722155cebd8816e91a411a99feea07695774cd8883034022d57f64e9cd3383c3125c48db2936b7395a22b17910be1f2c0b8650bdb5bd752ffc40fcd30169e5ae3a4ac7ad9cc850e9c17bbcf8e1a1898d0d8be19145c484467b8f1124657a5e08c10fc67416274990cc16d55c9fb76c265dd436b7e803425892297f1a08e4fab8e178874b2b3bf9c749693d609db208e9a3ebbddd26cd6a1b33c0201532170dc6c303e7ac0c42ba0bc54dfb928b228842b6bb08d8dc411d262dabf140a8b5a5c67ea486c1877a2fc000981d54cf2decaf1cfeebcf83134992b09a2b1fe9e02da25b874604b5d8bbd609875ba8")); + + AsymmetricCipherKeyPair rsaKeyPair = new AsymmetricCipherKeyPair(publicKey,privateKey); + + SubjectPublicKeyInfo publicKeyInfo = SubjectPublicKeyInfoFactory.CreateSubjectPublicKeyInfo(publicKey); + + IsTrue(msg.GetCertTemplate().Subject.Equivalent(new X509Name("CN=Test"))); + IsTrue(Arrays.AreEqual(msg.GetCertTemplate().PublicKey.GetEncoded(), publicKeyInfo.GetEncoded())); + + CheckCertReqMsgWithArchiveControl(rsaKeyPair, msg); + CheckCertReqMsgWithArchiveControl(rsaKeyPair, new CertificateRequestMessage(msg.GetEncoded())); + + CheckCertReqMsgWithArchiveControl(rsaKeyPair,msg); + } + + private void CheckCertReqMsgWithArchiveControl(AsymmetricCipherKeyPair kp, CertificateRequestMessage certReqMessage) + { + PkiArchiveControl archiveControl = (PkiArchiveControl)certReqMessage.GetControl( + CrmfObjectIdentifiers.id_regCtrl_pkiArchiveOptions); + IsEquals("Archive type", PkiArchiveControl.encryptedPrivKey, archiveControl.ArchiveType); + + IsTrue(archiveControl.EnvelopedData); + RecipientInformationStore recips = archiveControl.GetEnvelopedData().GetRecipientInfos(); + + IList collection = (IList)recips.GetRecipients(); + + IsTrue(collection.Count == 1); + KeyTransRecipientInformation info = (KeyTransRecipientInformation)collection[0]; + + EncKeyWithID encKeyWithId = EncKeyWithID.GetInstance(info.GetContent(kp.Private)); + + IsTrue(encKeyWithId.HasIdentifier); + IsTrue(!encKeyWithId.IsIdentifierUtf8String); // GeneralName at this point. + + IsTrue("Name", X509Name.GetInstance(GeneralName.GetInstance(encKeyWithId.Identifier).Name).Equivalent(new X509Name("CN=Test"))); + + PrivateKeyInfo privateKeyInfo = PrivateKeyInfoFactory.CreatePrivateKeyInfo(kp.Private); + IsTrue("Private Key", Arrays.AreEqual(privateKeyInfo.GetEncoded(), encKeyWithId.PrivateKey.GetEncoded())); + } + } +} diff --git a/BouncyCastle/crypto/test/src/crypto/agreement/test/AllTests.cs b/BouncyCastle/crypto/test/src/crypto/agreement/test/AllTests.cs new file mode 100644 index 0000000..66853b2 --- /dev/null +++ b/BouncyCastle/crypto/test/src/crypto/agreement/test/AllTests.cs @@ -0,0 +1,33 @@ +#if !LIB +using System; + +using NUnit.Core; +using NUnit.Framework; + +using Org.BouncyCastle.Utilities.Test; + +namespace Org.BouncyCastle.Crypto.Agreement.Tests +{ + [TestFixture] + public class AllTests + { + public static void Main(string[] args) + { + Suite.Run(new NullListener(), NUnit.Core.TestFilter.Empty); + } + + [Suite] + public static TestSuite Suite + { + get + { + TestSuite suite = new TestSuite("JPAKE Engine Tests"); + suite.Add(new JPakeParticipantTest()); + suite.Add(new JPakePrimeOrderGroupTest()); + suite.Add(new JPakeUtilitiesTest()); + return suite; + } + } + } +} +#endif diff --git a/BouncyCastle/crypto/test/src/crypto/agreement/test/JPakeParticipantTest.cs b/BouncyCastle/crypto/test/src/crypto/agreement/test/JPakeParticipantTest.cs new file mode 100644 index 0000000..c84264a --- /dev/null +++ b/BouncyCastle/crypto/test/src/crypto/agreement/test/JPakeParticipantTest.cs @@ -0,0 +1,566 @@ +using System; + +using NUnit.Framework; + +using Org.BouncyCastle.Crypto.Agreement.JPake; +using Org.BouncyCastle.Crypto.Digests; +using Org.BouncyCastle.Math; +using Org.BouncyCastle.Security; +using Org.BouncyCastle.Utilities.Test; + +namespace Org.BouncyCastle.Crypto.Agreement.Tests +{ + [TestFixture] + public class JPakeParticipantTest + : SimpleTest + { + public override void PerformTest() + { + TestConstruction(); + TestSuccessfulExchange(); + TestIncorrectPassword(); + TestStateValidation(); + TestValidateRound1PayloadReceived(); + TestValidateRound2PayloadReceived(); + } + + public override string Name + { + get { return "JPakeParticipant"; } + } + + public static void Main( + string[] args) + { + RunTest(new JPakeParticipantTest()); + } + + [Test] + public void TestFunction() + { + string resultText = Perform().ToString(); + + Assert.AreEqual(Name + ": Okay", resultText); + } + + public void TestConstruction() + { + JPakePrimeOrderGroup group = JPakePrimeOrderGroups.SUN_JCE_1024; + SecureRandom random = new SecureRandom(); + IDigest digest = new Sha256Digest(); + string participantId = "participantId"; + char[] password = "password".ToCharArray(); + + // should succeed + new JPakeParticipant(participantId, password, group, digest, random); + + // null participantId + try + { + new JPakeParticipant(null, password, group, digest, random); + + Fail("failed to throw exception on null participantId"); + } + catch (ArgumentNullException) + { + // expected + } + + // null password + try + { + new JPakeParticipant(participantId, null, group, digest, random); + + Fail("failed to throw exception on null password"); + } + catch (ArgumentNullException) + { + // expected + } + + // empty password + try + { + new JPakeParticipant(participantId, "".ToCharArray(), group, digest, random); + + Fail("failed to throw exception on empty password"); + } + catch (ArgumentException) + { + // expected + } + + // null group + try + { + new JPakeParticipant(participantId, password, null, digest, random); + + Fail("failed to throw exception on null group"); + } + catch (ArgumentNullException) + { + // expected + } + + // null digest + try + { + new JPakeParticipant(participantId, password, group, null, random); + + Fail("failed to throw exception on null digest"); + } + catch (ArgumentNullException) + { + // expected + } + + // null random + try + { + new JPakeParticipant(participantId, password, group, digest, null); + + Fail("failed to throw exception on null random"); + } + catch (ArgumentNullException) + { + // expected + } + } + + public void TestSuccessfulExchange() + { + JPakeParticipant alice = CreateAlice(); + JPakeParticipant bob = CreateBob(); + + ExchangeAfterRound2Creation exchange = RunExchangeUntilRound2Creation(alice, bob); + + alice.ValidateRound2PayloadReceived(exchange.bobRound2Payload); + bob.ValidateRound2PayloadReceived(exchange.aliceRound2Payload); + + BigInteger aliceKeyingMaterial = alice.CalculateKeyingMaterial(); + BigInteger bobKeyingMaterial = bob.CalculateKeyingMaterial(); + + JPakeRound3Payload aliceRound3Payload = alice.CreateRound3PayloadToSend(aliceKeyingMaterial); + JPakeRound3Payload bobRound3Payload = bob.CreateRound3PayloadToSend(bobKeyingMaterial); + + alice.ValidateRound3PayloadReceived(bobRound3Payload, aliceKeyingMaterial); + bob.ValidateRound3PayloadReceived(aliceRound3Payload, bobKeyingMaterial); + + Assert.AreEqual(aliceKeyingMaterial, bobKeyingMaterial); + } + + public void TestIncorrectPassword() + { + JPakeParticipant alice = CreateAlice(); + JPakeParticipant bob = CreateBobWithWrongPassword(); + + ExchangeAfterRound2Creation exchange = RunExchangeUntilRound2Creation(alice, bob); + + alice.ValidateRound2PayloadReceived(exchange.bobRound2Payload); + bob.ValidateRound2PayloadReceived(exchange.aliceRound2Payload); + + BigInteger aliceKeyingMaterial = alice.CalculateKeyingMaterial(); + BigInteger bobKeyingMaterial = bob.CalculateKeyingMaterial(); + + JPakeRound3Payload aliceRound3Payload = alice.CreateRound3PayloadToSend(aliceKeyingMaterial); + JPakeRound3Payload bobRound3Payload = bob.CreateRound3PayloadToSend(bobKeyingMaterial); + + try + { + alice.ValidateRound3PayloadReceived(bobRound3Payload, aliceKeyingMaterial); + + Fail("failed to throw exception on incorrect password"); + } + catch (CryptoException) + { + // expected + } + + try + { + bob.ValidateRound3PayloadReceived(aliceRound3Payload, bobKeyingMaterial); + + Fail("failed to throw exception on incorrect password"); + } + catch (CryptoException) + { + // expected + } + } + + public void TestStateValidation() + { + JPakeParticipant alice = CreateAlice(); + JPakeParticipant bob = CreateBob(); + + // We're testing alice here. Bob is just used for help. + + // START ROUND 1 CHECKS + + Assert.AreEqual(JPakeParticipant.STATE_INITIALIZED, alice.State); + + // create round 2 before round 1 + try + { + alice.CreateRound2PayloadToSend(); + + Fail("failed to throw on round 2 creation before 1"); + } + catch (InvalidOperationException) + { + // expected + } + + JPakeRound1Payload aliceRound1Payload = alice.CreateRound1PayloadToSend(); + Assert.AreEqual(JPakeParticipant.STATE_ROUND_1_CREATED, alice.State); + + // create round 1 twice + try + { + alice.CreateRound1PayloadToSend(); + + Fail("failed to throw on round 1 creation twice"); + } + catch (InvalidOperationException) + { + // expected + } + + // create round 2 before validation round 1 + try + { + alice.CreateRound2PayloadToSend(); + + Fail("failed to throw on round 2 creation before round 1 validation"); + } + catch (InvalidOperationException) + { + // expected + } + + // validate round 2 before validation round 1 + try + { + alice.ValidateRound2PayloadReceived(null); + + Fail("failed to throw on round 2 validation before round 1 validation"); + } + catch (InvalidOperationException) + { + // expected + } + + JPakeRound1Payload bobRound1Payload = bob.CreateRound1PayloadToSend(); + alice.ValidateRound1PayloadReceived(bobRound1Payload); + Assert.AreEqual(JPakeParticipant.STATE_ROUND_1_VALIDATED, alice.State); + + // validate round 1 payload twice + try + { + alice.ValidateRound1PayloadReceived(bobRound1Payload); + + Fail("failed to throw on round 1 validation twice"); + } + catch (InvalidOperationException) + { + // expected + } + + bob.ValidateRound1PayloadReceived(aliceRound1Payload); + + // START ROUND 2 CHECKS + + JPakeRound2Payload aliceRound2Payload = alice.CreateRound2PayloadToSend(); + Assert.AreEqual(JPakeParticipant.STATE_ROUND_2_CREATED, alice.State); + + // create round 2 payload twice + try + { + alice.CreateRound2PayloadToSend(); + + Fail("failed to throw on round 2 creation twice"); + } + catch (InvalidOperationException) + { + // expected + } + + // create key before validation round 2 + try + { + alice.CalculateKeyingMaterial(); + + Fail("failed to throw on calculating keying material before round 2 validation"); + } + catch (InvalidOperationException) + { + // expected + } + + // validate round 3 before validating round 2 + try + { + alice.ValidateRound3PayloadReceived(null, null); + + Fail("failed to throw on validating round 3 before 2"); + } + catch (InvalidOperationException) + { + // expected + } + + JPakeRound2Payload bobRound2Payload = bob.CreateRound2PayloadToSend(); + alice.ValidateRound2PayloadReceived(bobRound2Payload); + Assert.AreEqual(JPakeParticipant.STATE_ROUND_2_VALIDATED, alice.State); + + // validate round 2 payload twice + try + { + alice.ValidateRound2PayloadReceived(bobRound2Payload); + + Fail("failed to throw on validating round 2 twice"); + } + catch (InvalidOperationException) + { + // expected + } + + bob.ValidateRound2PayloadReceived(aliceRound2Payload); + + // create round 3 before calculating key + try + { + alice.CreateRound3PayloadToSend(BigInteger.One); + + Fail("failed to throw on creating round 3 before calculating key aterial"); + } + catch (InvalidOperationException) + { + // expected + } + + // START KEY CALCULATION CHECKS + + BigInteger aliceKeyingMaterial = alice.CalculateKeyingMaterial(); + Assert.AreEqual(JPakeParticipant.STATE_KEY_CALCULATED, alice.State); + + // calculate key twice + try + { + alice.CalculateKeyingMaterial(); + + Fail("failed to throw on calculating key twice"); + } + catch (InvalidOperationException) + { + // expected + } + + BigInteger bobKeyingMaterial = bob.CalculateKeyingMaterial(); + + // START ROUND 3 CHECKS + + JPakeRound3Payload aliceRound3Payload = alice.CreateRound3PayloadToSend(aliceKeyingMaterial); + Assert.AreEqual(JPakeParticipant.STATE_ROUND_3_CREATED, alice.State); + + // create round 3 payload twice + try + { + alice.CreateRound3PayloadToSend(aliceKeyingMaterial); + + Fail("failed to throw on creation round 3 twice"); + } + catch (InvalidOperationException) + { + // expected + } + + JPakeRound3Payload bobRound3Payload = bob.CreateRound3PayloadToSend(bobKeyingMaterial); + alice.ValidateRound3PayloadReceived(bobRound3Payload, aliceKeyingMaterial); + Assert.AreEqual(JPakeParticipant.STATE_ROUND_3_VALIDATED, alice.State); + + // validate round 3 payload twice + try + { + alice.ValidateRound3PayloadReceived(bobRound3Payload, aliceKeyingMaterial); + + Fail("failed to throw on validation round 3 twice"); + } + catch (InvalidOperationException) + { + // expected + } + + bob.ValidateRound3PayloadReceived(aliceRound3Payload, bobKeyingMaterial); + } + + public void TestValidateRound1PayloadReceived() + { + // We're testing alice here. Bob is just used for help. + + JPakeRound1Payload bobRound1Payload = CreateBob().CreateRound1PayloadToSend(); + + // should succeed + CreateAlice().ValidateRound1PayloadReceived(bobRound1Payload); + + // alice verifies alice's payload + try + { + JPakeParticipant alice = CreateAlice(); + alice.ValidateRound1PayloadReceived(alice.CreateRound1PayloadToSend()); + + Fail("failed to throw on participant validating own payload"); + } + catch (CryptoException) + { + // expected + } + + // g^x4 == 1 + try + { + CreateAlice().ValidateRound1PayloadReceived(new JPakeRound1Payload( + bobRound1Payload.ParticipantId, + bobRound1Payload.Gx1, + BigInteger.One, + bobRound1Payload.KnowledgeProofForX1, + bobRound1Payload.KnowledgeProofForX2)); + + Fail("failed to throw on g^x4 == 1"); + } + catch (CryptoException) + { + // expected + } + + // zero knowledge proof for x3 fails + try + { + JPakeRound1Payload bobRound1Payload2 = CreateBob().CreateRound1PayloadToSend(); + CreateAlice().ValidateRound1PayloadReceived(new JPakeRound1Payload( + bobRound1Payload.ParticipantId, + bobRound1Payload.Gx1, + bobRound1Payload.Gx2, + bobRound1Payload2.KnowledgeProofForX1, + bobRound1Payload.KnowledgeProofForX2)); + + Fail("failed to throw on incorrect zero knowledge proof for x3"); + } + catch (CryptoException) + { + // expected + } + + // zero knowledge proof for x4 fails + try + { + JPakeRound1Payload bobRound1Payload2 = CreateBob().CreateRound1PayloadToSend(); + CreateAlice().ValidateRound1PayloadReceived(new JPakeRound1Payload( + bobRound1Payload.ParticipantId, + bobRound1Payload.Gx1, + bobRound1Payload.Gx2, + bobRound1Payload.KnowledgeProofForX1, + bobRound1Payload2.KnowledgeProofForX2)); + + Fail("failed to throw on incorrect zero knowledge proof for x4"); + } + catch (CryptoException) + { + // expected + } + } + + public void TestValidateRound2PayloadReceived() + { + // We're testing alice here. Bob is just used for help. + + // should succeed + ExchangeAfterRound2Creation exchange1 = RunExchangeUntilRound2Creation(CreateAlice(), CreateBob()); + exchange1.alice.ValidateRound2PayloadReceived(exchange1.bobRound2Payload); + + // alice verified alice's payload + ExchangeAfterRound2Creation exchange2 = RunExchangeUntilRound2Creation(CreateAlice(), CreateBob()); + try + { + exchange2.alice.ValidateRound2PayloadReceived(exchange2.aliceRound2Payload); + + Fail("failed to throw on participant verifying own payload 2"); + } + catch (CryptoException) + { + // expected + } + + // wrong z + ExchangeAfterRound2Creation exchange3 = RunExchangeUntilRound2Creation(CreateAlice(), CreateBob()); + ExchangeAfterRound2Creation exchange4 = RunExchangeUntilRound2Creation(CreateAlice(), CreateBob()); + try + { + exchange3.alice.ValidateRound2PayloadReceived(exchange4.bobRound2Payload); + + Fail("failed to throw on wrong z"); + } + catch (CryptoException) + { + // expected + } + } + + private class ExchangeAfterRound2Creation + { + public JPakeParticipant alice; + public JPakeRound2Payload aliceRound2Payload; + public JPakeRound2Payload bobRound2Payload; + + public ExchangeAfterRound2Creation( + JPakeParticipant alice, + JPakeRound2Payload aliceRound2Payload, + JPakeRound2Payload bobRound2Payload) + { + this.alice = alice; + this.aliceRound2Payload = aliceRound2Payload; + this.bobRound2Payload = bobRound2Payload; + } + } + + private ExchangeAfterRound2Creation RunExchangeUntilRound2Creation(JPakeParticipant alice, JPakeParticipant bob) + { + JPakeRound1Payload aliceRound1Payload = alice.CreateRound1PayloadToSend(); + JPakeRound1Payload bobRound1Payload = bob.CreateRound1PayloadToSend(); + + alice.ValidateRound1PayloadReceived(bobRound1Payload); + bob.ValidateRound1PayloadReceived(aliceRound1Payload); + + JPakeRound2Payload aliceRound2Payload = alice.CreateRound2PayloadToSend(); + JPakeRound2Payload bobRound2Payload = bob.CreateRound2PayloadToSend(); + + return new ExchangeAfterRound2Creation( + alice, + aliceRound2Payload, + bobRound2Payload); + } + + private JPakeParticipant CreateAlice() + { + return CreateParticipant("alice", "password"); + } + + private JPakeParticipant CreateBob() + { + return CreateParticipant("bob", "password"); + } + + private JPakeParticipant CreateBobWithWrongPassword() + { + return CreateParticipant("bob", "wrong"); + } + + private JPakeParticipant CreateParticipant(string participantId, string password) + { + return new JPakeParticipant( + participantId, + password.ToCharArray(), + JPakePrimeOrderGroups.SUN_JCE_1024); + } + } +} diff --git a/BouncyCastle/crypto/test/src/crypto/agreement/test/JPakePrimeOrderGroupTest.cs b/BouncyCastle/crypto/test/src/crypto/agreement/test/JPakePrimeOrderGroupTest.cs new file mode 100644 index 0000000..0f089f9 --- /dev/null +++ b/BouncyCastle/crypto/test/src/crypto/agreement/test/JPakePrimeOrderGroupTest.cs @@ -0,0 +1,117 @@ +using System; + +using NUnit.Framework; + +using Org.BouncyCastle.Crypto.Agreement.JPake; +using Org.BouncyCastle.Math; +using Org.BouncyCastle.Utilities.Test; + +namespace Org.BouncyCastle.Crypto.Agreement.Tests +{ + [TestFixture] + public class JPakePrimeOrderGroupTest + : SimpleTest + { + public override void PerformTest() + { + TestConstruction(); + } + + public override string Name + { + get { return "JPakePrimeOrderGroup"; } + } + + public static void Main( + string[] args) + { + RunTest(new JPakePrimeOrderGroupTest()); + } + + [Test] + public void TestFunction() + { + string resultText = Perform().ToString(); + + Assert.AreEqual(Name + ": Okay", resultText); + } + + public void TestConstruction() + { + // p-1 not evenly divisible by q + try + { + new JPakePrimeOrderGroup(BigInteger.ValueOf(7), BigInteger.ValueOf(5), BigInteger.ValueOf(6)); + + Fail("failed to throw exception on p-1 not evenly divisible by q"); + } + catch (ArgumentException) + { + // expected + } + + // g < 2 + try + { + new JPakePrimeOrderGroup(BigInteger.ValueOf(11), BigInteger.ValueOf(5), BigInteger.ValueOf(1)); + + Fail("failed to throw exception on g < 2"); + } + catch (ArgumentException) + { + // expected + } + + // g > p - 1 + try + { + new JPakePrimeOrderGroup(BigInteger.ValueOf(11), BigInteger.ValueOf(5), BigInteger.ValueOf(11)); + + Fail("failed to throw exception on g > p - 1"); + } + catch (ArgumentException) + { + // expected + } + + //g^q mod p not equal 1 + try + { + new JPakePrimeOrderGroup(BigInteger.ValueOf(11), BigInteger.ValueOf(5), BigInteger.ValueOf(6)); + + Fail("failed to throw exception on g^q mod p not equal 1"); + } + catch (ArgumentException) + { + // expected + } + + // p not prime + try + { + new JPakePrimeOrderGroup(BigInteger.ValueOf(15), BigInteger.ValueOf(2), BigInteger.ValueOf(4)); + + Fail("failed to throw exception on p not prime"); + } + catch (ArgumentException) + { + // expected + } + + // q not prime + try + { + new JPakePrimeOrderGroup(BigInteger.ValueOf(7), BigInteger.ValueOf(6), BigInteger.ValueOf(3)); + + Fail("failed to throw exception on q not prime"); + } + catch (ArgumentException) + { + // expected + } + + // should succeed + new JPakePrimeOrderGroup(BigInteger.ValueOf(7), BigInteger.ValueOf(3), BigInteger.ValueOf(4)); + } + } +} diff --git a/BouncyCastle/crypto/test/src/crypto/agreement/test/JPakeUtilitiesTest.cs b/BouncyCastle/crypto/test/src/crypto/agreement/test/JPakeUtilitiesTest.cs new file mode 100644 index 0000000..04a52cc --- /dev/null +++ b/BouncyCastle/crypto/test/src/crypto/agreement/test/JPakeUtilitiesTest.cs @@ -0,0 +1,306 @@ +using System; + +using NUnit.Framework; + +using Org.BouncyCastle.Crypto.Agreement.JPake; +using Org.BouncyCastle.Crypto.Digests; +using Org.BouncyCastle.Math; +using Org.BouncyCastle.Security; +using Org.BouncyCastle.Utilities.Test; + +namespace Org.BouncyCastle.Crypto.Agreement.Tests +{ + [TestFixture] + public class JPakeUtilitiesTest + : SimpleTest + { + private static readonly BigInteger Ten = BigInteger.ValueOf(10); + + public override void PerformTest() + { + TestValidateGx4(); + TestValidateGa(); + TestValidateParticipantIdsDiffer(); + TestValidateParticipantsIdsEqual(); + TestValidateMacTag(); + TestValidateNotNull(); + TestValidateZeroKnowledgeProof(); + } + + public override string Name + { + get { return "JPakeUtilities"; } + } + + public static void Main( + string[] args) + { + RunTest(new JPakeUtilitiesTest()); + } + + [Test] + public void TestFunction() + { + string resultText = Perform().ToString(); + + Assert.AreEqual(Name + ": Okay", resultText); + } + + public void TestValidateGx4() + { + JPakeUtilities.ValidateGx4(Ten); + + try + { + JPakeUtilities.ValidateGx4(BigInteger.One); + + Fail("exception not thrown for g^x4 equal to 1"); + } + catch (CryptoException) + { + // expected + } + } + + public void TestValidateGa() + { + JPakeUtilities.ValidateGa(Ten); + + try + { + JPakeUtilities.ValidateGa(BigInteger.One); + + Fail("exception not thrown for g^a equal to 1"); + } + catch (CryptoException) + { + // expected + } + } + + public void TestValidateParticipantIdsDiffer() + { + JPakeUtilities.ValidateParticipantIdsDiffer("a", "b"); + JPakeUtilities.ValidateParticipantIdsDiffer("a", "A"); + + try + { + JPakeUtilities.ValidateParticipantIdsDiffer("a", "a"); + + Fail("validate participant ids differ not throwing exception for equal participant ids"); + } + catch (CryptoException) + { + // expected + } + } + + public void TestValidateParticipantsIdsEqual() + { + JPakeUtilities.ValidateParticipantIdsEqual("a", "a"); + + try + { + JPakeUtilities.ValidateParticipantIdsEqual("a", "b"); + + Fail("validate participant ids equal not throwing exception for different participant ids"); + } + catch (CryptoException) + { + // expected + } + } + + public void TestValidateMacTag() + { + JPakePrimeOrderGroup pg1 = JPakePrimeOrderGroups.SUN_JCE_1024; + + SecureRandom random = new SecureRandom(); + IDigest digest = new Sha256Digest(); + + BigInteger x1 = JPakeUtilities.GenerateX1(pg1.Q, random); + BigInteger x2 = JPakeUtilities.GenerateX2(pg1.Q, random); + BigInteger x3 = JPakeUtilities.GenerateX1(pg1.Q, random); + BigInteger x4 = JPakeUtilities.GenerateX2(pg1.Q, random); + + BigInteger gx1 = JPakeUtilities.CalculateGx(pg1.P, pg1.G, x1); + BigInteger gx2 = JPakeUtilities.CalculateGx(pg1.P, pg1.G, x2); + BigInteger gx3 = JPakeUtilities.CalculateGx(pg1.P, pg1.G, x3); + BigInteger gx4 = JPakeUtilities.CalculateGx(pg1.P, pg1.G, x4); + + BigInteger gB = JPakeUtilities.CalculateGA(pg1.P, gx3, gx1, gx2); + + BigInteger s = JPakeUtilities.CalculateS("password".ToCharArray()); + + BigInteger xs = JPakeUtilities.CalculateX2s(pg1.Q, x4, s); + + BigInteger B = JPakeUtilities.CalculateA(pg1.P, pg1.Q, gB, xs); + + BigInteger keyingMaterial = JPakeUtilities.CalculateKeyingMaterial(pg1.P, pg1.Q, gx4, x2, s, B); + + BigInteger macTag = JPakeUtilities.CalculateMacTag("participantId", "partnerParticipantId", gx1, gx2, gx3, gx4, keyingMaterial, digest); + + // should succeed + JPakeUtilities.ValidateMacTag("partnerParticipantId", "participantId", gx3, gx4, gx1, gx2, keyingMaterial, digest, macTag); + + // validating own macTag (as opposed to the other party's mactag) + try + { + JPakeUtilities.ValidateMacTag("participantId", "partnerParticipantId", gx1, gx2, gx3, gx4, keyingMaterial, digest, macTag); + + Fail("failed to throw exception on validating own macTag (calculated partner macTag)"); + } + catch (CryptoException) + { + // expected + } + + // participant ids switched + try + { + JPakeUtilities.ValidateMacTag("participantId", "partnerParticipantId", gx3, gx4, gx1, gx2, keyingMaterial, digest, macTag); + + Fail("failed to throw exception on validating own macTag (calculated partner macTag"); + } + catch (CryptoException) + { + // expected + } + } + + public void TestValidateNotNull() + { + JPakeUtilities.ValidateNotNull("a", "description"); + + try + { + JPakeUtilities.ValidateNotNull(null, "description"); + + Fail("failed to throw exception on null"); + } + catch (ArgumentNullException) + { + // expected + } + } + + public void TestValidateZeroKnowledgeProof() + { + JPakePrimeOrderGroup pg1 = JPakePrimeOrderGroups.SUN_JCE_1024; + + SecureRandom random = new SecureRandom(); + IDigest digest1 = new Sha256Digest(); + + BigInteger x1 = JPakeUtilities.GenerateX1(pg1.Q, random); + BigInteger gx1 = JPakeUtilities.CalculateGx(pg1.P, pg1.G, x1); + string participantId1 = "participant1"; + + BigInteger[] zkp1 = JPakeUtilities.CalculateZeroKnowledgeProof(pg1.P, pg1.Q, pg1.G, gx1, x1, participantId1, digest1, random); + + // should succeed + JPakeUtilities.ValidateZeroKnowledgeProof(pg1.P, pg1.Q, pg1.G, gx1, zkp1, participantId1, digest1); + + // wrong group + JPakePrimeOrderGroup pg2 = JPakePrimeOrderGroups.NIST_3072; + try + { + JPakeUtilities.ValidateZeroKnowledgeProof(pg2.P, pg2.Q, pg2.G, gx1, zkp1, participantId1, digest1); + + Fail("failed to throw exception on wrong prime order group"); + } + catch (CryptoException) + { + // expected + } + + // wrong digest + IDigest digest2 = new Sha1Digest(); + try + { + JPakeUtilities.ValidateZeroKnowledgeProof(pg1.P, pg1.Q, pg1.G, gx1, zkp1, participantId1, digest2); + + Fail("failed to throw exception on wrong digest"); + } + catch (CryptoException) + { + // expected + } + + // wrong participant + string participantId2 = "participant2"; + try + { + JPakeUtilities.ValidateZeroKnowledgeProof(pg1.P, pg1.Q, pg1.G, gx1, zkp1, participantId2, digest1); + + Fail("failed to throw exception on wrong participant"); + } + catch (CryptoException) + { + // expected + } + + // wrong gx + BigInteger x2 = JPakeUtilities.GenerateX2(pg1.Q, random); + BigInteger gx2 = JPakeUtilities.CalculateGx(pg1.P, pg1.G, x2); + try + { + JPakeUtilities.ValidateZeroKnowledgeProof(pg1.P, pg1.Q, pg1.G, gx2, zkp1, participantId1, digest1); + + Fail("failed to throw exception on wrong gx"); + } + catch (CryptoException) + { + // expected + } + + // wrong zkp + BigInteger[] zkp2 = JPakeUtilities.CalculateZeroKnowledgeProof(pg1.P, pg1.Q, pg1.G, gx2, x2, participantId1, digest1, random); + try + { + JPakeUtilities.ValidateZeroKnowledgeProof(pg1.P, pg1.Q, pg1.G, gx1, zkp2, participantId1, digest1); + + Fail("failed to throw exception on wrong zero knowledge proof"); + } + catch (CryptoException) + { + // expected + } + + // gx <= 0 + try + { + JPakeUtilities.ValidateZeroKnowledgeProof(pg1.P, pg1.Q, pg1.G, BigInteger.Zero, zkp1, participantId1, digest1); + + Fail("failed to throw exception on g^x <= 0"); + } + catch (CryptoException) + { + // expected + } + + // gx >= p + try + { + JPakeUtilities.ValidateZeroKnowledgeProof(pg1.P, pg1.Q, pg1.G, pg1.P, zkp1, participantId1, digest1); + + Fail("failed to throw exception on g^x >= p"); + } + catch (CryptoException) + { + // expected + } + + // gx mod q == 1 + try + { + JPakeUtilities.ValidateZeroKnowledgeProof(pg1.P, pg1.Q, pg1.G, pg1.Q.Add(BigInteger.One), zkp1, participantId1, digest1); + + Fail("failed to throw exception on g^x mod q == 1"); + } + catch (CryptoException) + { + // expected + } + } + } +} diff --git a/BouncyCastle/crypto/test/src/crypto/examples/DESExample.cs b/BouncyCastle/crypto/test/src/crypto/examples/DESExample.cs new file mode 100644 index 0000000..788fd64 --- /dev/null +++ b/BouncyCastle/crypto/test/src/crypto/examples/DESExample.cs @@ -0,0 +1,397 @@ +using System; +using System.IO; + +using Org.BouncyCastle.Crypto; +using Org.BouncyCastle.Crypto.Engines; +using Org.BouncyCastle.Crypto.Generators; +using Org.BouncyCastle.Crypto.Modes; +using Org.BouncyCastle.Crypto.Paddings; +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Security; +using Org.BouncyCastle.Utilities.Encoders; + +namespace Org.BouncyCastle.Crypto.Examples +{ + /** + * DesExample is a simple DES based encryptor/decryptor. + *

    + * The program is command line driven, with the input + * and output files specified on the command line. + * 

    +	* java org.bouncycastle.crypto.examples.DesExample infile outfile [keyfile]
+	*
    + * A new key is generated for each encryption, if key is not specified, + * then the example will assume encryption is required, and as output + * create deskey.dat in the current directory. This key is a hex + * encoded byte-stream that is used for the decryption. The output + * file is Hex encoded, 60 characters wide text file. + *

    + *

    + * When encrypting; + *

      + *
    • the infile is expected to be a byte stream (text or binary)
      • + *
    • there is no keyfile specified on the input line
      • + *
    + *

    + *

    + * When decrypting; + *

  • the infile is expected to be the 60 character wide base64 + * encoded file
    • + *
  • the keyfile is expected to be a base64 encoded file
    • + *

    + *

    + * This example shows how to use the light-weight API, DES and + * the filesystem for message encryption and decryption. + *

    + */ + public class DesExample + { + // Encrypting or decrypting ? + private bool encrypt = true; + + // To hold the initialised DESede cipher + private PaddedBufferedBlockCipher cipher = null; + + // The input stream of bytes to be processed for encryption + private Stream inStr = null; + + // The output stream of bytes to be procssed + private Stream outStr = null; + + // The key + private byte[] key = null; + + /* + * start the application + */ + public static int Main( + string[] args) + { + bool encrypt = true; + string infile = null; + string outfile = null; + string keyfile = null; + + if (args.Length < 2) + { +// Console.Error.WriteLine("Usage: java " + typeof(DesExample).Name + " infile outfile [keyfile]"); + Console.Error.WriteLine("Usage: " + typeof(DesExample).Name + " infile outfile [keyfile]"); + return 1; + } + + keyfile = "deskey.dat"; + infile = args[0]; + outfile = args[1]; + + if (args.Length > 2) + { + encrypt = false; + keyfile = args[2]; + } + + try + { + DesExample de = new DesExample(infile, outfile, keyfile, encrypt); + de.process(); + } + catch (Exception) + { + return 1; + } + + return 0; + } + + // Default constructor, used for the usage message + public DesExample() + { + } + + /* + * Constructor, that takes the arguments appropriate for + * processing the command line directives. + */ + public DesExample( + string infile, + string outfile, + string keyfile, + bool encrypt) + { + /* + * First, determine that infile & keyfile exist as appropriate. + * + * This will also create the BufferedInputStream as required + * for reading the input file. All input files are treated + * as if they are binary, even if they contain text, it's the + * bytes that are encrypted. + */ + this.encrypt = encrypt; + try + { + inStr = File.OpenRead(infile); + } + catch (FileNotFoundException e) + { + Console.Error.WriteLine("Input file not found ["+infile+"]"); + throw e; + } + + try + { + outStr = File.Create(outfile); + } + catch (IOException e) + { + Console.Error.WriteLine("Output file not created ["+outfile+"]"); + throw e; + } + + if (encrypt) + { + try + { + /* + * The process of creating a new key requires a + * number of steps. + * + * First, create the parameters for the key generator + * which are a secure random number generator, and + * the length of the key (in bits). + */ + SecureRandom sr = new SecureRandom(); + + KeyGenerationParameters kgp = new KeyGenerationParameters( + sr, + DesEdeParameters.DesEdeKeyLength * 8); + + /* + * Second, initialise the key generator with the parameters + */ + DesEdeKeyGenerator kg = new DesEdeKeyGenerator(); + kg.Init(kgp); + + /* + * Third, and finally, generate the key + */ + key = kg.GenerateKey(); + + /* + * We can now output the key to the file, but first + * hex Encode the key so that we can have a look + * at it with a text editor if we so desire + */ + using (Stream keystream = File.Create(keyfile)) + { + Hex.Encode(key, keystream); + } + } + catch (IOException e) + { + Console.Error.WriteLine("Could not decryption create key file "+ + "["+keyfile+"]"); + throw e; + } + } + else + { + try + { + // TODO This block is a bit dodgy + + // read the key, and Decode from hex encoding + Stream keystream = File.OpenRead(keyfile); +// int len = keystream.available(); + int len = (int) keystream.Length; + byte[] keyhex = new byte[len]; + keystream.Read(keyhex, 0, len); + key = Hex.Decode(keyhex); + } + catch (IOException e) + { + Console.Error.WriteLine("Decryption key file not found, " + + "or not valid ["+keyfile+"]"); + throw e; + } + } + } + + private void process() + { + /* + * Setup the DESede cipher engine, create a PaddedBufferedBlockCipher + * in CBC mode. + */ + cipher = new PaddedBufferedBlockCipher( + new CbcBlockCipher(new DesEdeEngine())); + + /* + * The input and output streams are currently set up + * appropriately, and the key bytes are ready to be + * used. + * + */ + + if (encrypt) + { + performEncrypt(key); + } + else + { + performDecrypt(key); + } + + // after processing clean up the files + try + { + inStr.Close(); + outStr.Flush(); + outStr.Close(); + } + catch (IOException closing) + { + Console.Error.WriteLine("exception closing resources: " + closing.Message); + } + } + + /* + * This method performs all the encryption and writes + * the cipher text to the buffered output stream created + * previously. + */ + private void performEncrypt(byte[] key) + { + // initialise the cipher with the key bytes, for encryption + cipher.Init(true, new KeyParameter(key)); + + /* + * Create some temporary byte arrays for use in + * encryption, make them a reasonable size so that + * we don't spend forever reading small chunks from + * a file. + * + * There is no particular reason for using getBlockSize() + * to determine the size of the input chunk. It just + * was a convenient number for the example. + */ + // int inBlockSize = cipher.getBlockSize() * 5; + int inBlockSize = 47; + int outBlockSize = cipher.GetOutputSize(inBlockSize); + + byte[] inblock = new byte[inBlockSize]; + byte[] outblock = new byte[outBlockSize]; + + /* + * now, read the file, and output the chunks + */ + try + { + int inL; + int outL; + while ((inL = inStr.Read(inblock, 0, inBlockSize)) > 0) + { + outL = cipher.ProcessBytes(inblock, 0, inL, outblock, 0); + + /* + * Before we write anything out, we need to make sure + * that we've got something to write out. + */ + if (outL > 0) + { + Hex.Encode(outblock, 0, outL, outStr); + outStr.WriteByte((byte)'\n'); + } + } + + try + { + /* + * Now, process the bytes that are still buffered + * within the cipher. + */ + outL = cipher.DoFinal(outblock, 0); + if (outL > 0) + { + Hex.Encode(outblock, 0, outL, outStr); + outStr.WriteByte((byte) '\n'); + } + } + catch (CryptoException) + { + + } + } + catch (IOException ioeread) + { + Console.Error.WriteLine(ioeread.StackTrace); + } + } + + /* + * This method performs all the decryption and writes + * the plain text to the buffered output stream created + * previously. + */ + private void performDecrypt(byte[] key) + { + // initialise the cipher for decryption + cipher.Init(false, new KeyParameter(key)); + + /* + * As the decryption is from our preformatted file, + * and we know that it's a hex encoded format, then + * we wrap the InputStream with a BufferedReader + * so that we can read it easily. + */ +// BufferedReader br = new BufferedReader(new StreamReader(inStr)); + StreamReader br = new StreamReader(inStr); // 'inStr' already buffered + + /* + * now, read the file, and output the chunks + */ + try + { + int outL; + byte[] inblock = null; + byte[] outblock = null; + string rv = null; + while ((rv = br.ReadLine()) != null) + { + inblock = Hex.Decode(rv); + outblock = new byte[cipher.GetOutputSize(inblock.Length)]; + + outL = cipher.ProcessBytes(inblock, 0, inblock.Length, outblock, 0); + /* + * Before we write anything out, we need to make sure + * that we've got something to write out. + */ + if (outL > 0) + { + outStr.Write(outblock, 0, outL); + } + } + + try + { + /* + * Now, process the bytes that are still buffered + * within the cipher. + */ + outL = cipher.DoFinal(outblock, 0); + if (outL > 0) + { + outStr.Write(outblock, 0, outL); + } + } + catch (CryptoException) + { + + } + } + catch (IOException ioeread) + { + Console.Error.WriteLine(ioeread.StackTrace); + } + } + + } +} diff --git a/BouncyCastle/crypto/test/src/crypto/io/test/AllTests.cs b/BouncyCastle/crypto/test/src/crypto/io/test/AllTests.cs new file mode 100644 index 0000000..2634b4a --- /dev/null +++ b/BouncyCastle/crypto/test/src/crypto/io/test/AllTests.cs @@ -0,0 +1,28 @@ +#if !LIB +using System; + +using NUnit.Core; +using NUnit.Framework; + +namespace Org.BouncyCastle.Crypto.IO.Tests +{ + public class AllTests + { + public static void Main(string[] args) + { + Suite.Run(new NullListener(), NUnit.Core.TestFilter.Empty); + } + + [Suite] + public static TestSuite Suite + { + get + { + TestSuite suite = new TestSuite("IO tests"); + suite.Add(new CipherStreamTest()); + return suite; + } + } + } +} +#endif diff --git a/BouncyCastle/crypto/test/src/crypto/io/test/CipherStreamTest.cs b/BouncyCastle/crypto/test/src/crypto/io/test/CipherStreamTest.cs new file mode 100644 index 0000000..8f03c57 --- /dev/null +++ b/BouncyCastle/crypto/test/src/crypto/io/test/CipherStreamTest.cs @@ -0,0 +1,166 @@ +using System; +using System.IO; +using System.Text; + +using NUnit.Framework; + +using Org.BouncyCastle.Crypto.Engines; +using Org.BouncyCastle.Crypto.Modes; +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Crypto.IO.Tests +{ + [TestFixture] + public class CipherStreamTest + { + private const string DATA = "This will be encrypted and then decrypted and checked for correctness"; + + [Test] + public void TestEncryptDecryptA() + { + byte[] dataBytes = Encoding.ASCII.GetBytes(DATA); + byte[] encryptedDataBytes = encryptOnWrite(dataBytes); + + byte[] decryptedDataBytes = decryptOnRead(encryptedDataBytes); + string decryptedData = Encoding.ASCII.GetString(decryptedDataBytes, 0, decryptedDataBytes.Length); + Assert.AreEqual(DATA, decryptedData); + } + + [Test] + public void TestEncryptDecryptB() + { + byte[] dataBytes = Encoding.ASCII.GetBytes(DATA); + byte[] encryptedDataBytes = encryptOnRead(dataBytes); + + byte[] decryptedDataBytes = decryptOnWrite(encryptedDataBytes); + string decryptedData = Encoding.ASCII.GetString(decryptedDataBytes, 0, decryptedDataBytes.Length); + Assert.AreEqual(DATA, decryptedData); + } + + [Test] + public void TestEncryptDecryptC() + { + byte[] dataBytes = Encoding.ASCII.GetBytes(DATA); + byte[] encryptedDataBytes = encryptOnWrite(dataBytes); + + byte[] decryptedDataBytes = decryptOnWrite(encryptedDataBytes); + string decryptedData = Encoding.ASCII.GetString(decryptedDataBytes, 0, decryptedDataBytes.Length); + Assert.AreEqual(DATA, decryptedData); + } + + [Test] + public void TestEncryptDecryptD() + { + byte[] dataBytes = Encoding.ASCII.GetBytes(DATA); + byte[] encryptedDataBytes = encryptOnRead(dataBytes); + + byte[] decryptedDataBytes = decryptOnRead(encryptedDataBytes); + string decryptedData = Encoding.ASCII.GetString(decryptedDataBytes, 0, decryptedDataBytes.Length); + Assert.AreEqual(DATA, decryptedData); + } + + private byte[] encryptOnWrite(byte[] dataBytes) + { + MemoryStream encryptedDataStream = new MemoryStream(); + IBufferedCipher outCipher = createCipher(true); + CipherStream outCipherStream = new CipherStream(encryptedDataStream, null, outCipher); + outCipherStream.Write(dataBytes, 0, dataBytes.Length); + Assert.AreEqual(0L, encryptedDataStream.Position % outCipher.GetBlockSize()); + + outCipherStream.Close(); + byte[] encryptedDataBytes = encryptedDataStream.ToArray(); + Assert.AreEqual(dataBytes.Length, encryptedDataBytes.Length); + + return encryptedDataBytes; + } + + private byte[] encryptOnRead(byte[] dataBytes) + { + MemoryStream dataStream = new MemoryStream(dataBytes, false); + MemoryStream encryptedDataStream = new MemoryStream(); + IBufferedCipher inCipher = createCipher(true); + CipherStream inCipherStream = new CipherStream(dataStream, inCipher, null); + + int ch; + while ((ch = inCipherStream.ReadByte()) >= 0) + { + encryptedDataStream.WriteByte((byte) ch); + } + + encryptedDataStream.Close(); + inCipherStream.Close(); + + byte[] encryptedDataBytes = encryptedDataStream.ToArray(); + Assert.AreEqual(dataBytes.Length, encryptedDataBytes.Length); + + return encryptedDataBytes; + } + + private byte[] decryptOnRead(byte[] encryptedDataBytes) + { + MemoryStream encryptedDataStream = new MemoryStream(encryptedDataBytes, false); + MemoryStream dataStream = new MemoryStream(); + IBufferedCipher inCipher = createCipher(false); + CipherStream inCipherStream = new CipherStream(encryptedDataStream, inCipher, null); + + int ch; + while ((ch = inCipherStream.ReadByte()) >= 0) + { + dataStream.WriteByte((byte) ch); + } + + inCipherStream.Close(); + dataStream.Close(); + + byte[] dataBytes = dataStream.ToArray(); + Assert.AreEqual(encryptedDataBytes.Length, dataBytes.Length); + + return dataBytes; + } + + private byte[] decryptOnWrite(byte[] encryptedDataBytes) + { + MemoryStream encryptedDataStream = new MemoryStream(encryptedDataBytes, false); + MemoryStream dataStream = new MemoryStream(); + IBufferedCipher outCipher = createCipher(false); + CipherStream outCipherStream = new CipherStream(dataStream, null, outCipher); + + int ch; + while ((ch = encryptedDataStream.ReadByte()) >= 0) + { + outCipherStream.WriteByte((byte) ch); + } + + outCipherStream.Close(); + encryptedDataStream.Close(); + + byte[] dataBytes = dataStream.ToArray(); + Assert.AreEqual(encryptedDataBytes.Length, dataBytes.Length); + + return dataBytes; + } + + private IBufferedCipher createCipher(bool forEncryption) + { +// IBufferedCipher cipher = CipherUtilities.GetCipher("AES/CFB/NoPadding"); + + IBlockCipher blockCipher = new AesEngine(); + int bits = 8 * blockCipher.GetBlockSize(); // TODO Is this right? + blockCipher = new CfbBlockCipher(blockCipher, bits); + IBufferedCipher cipher = new BufferedBlockCipher(blockCipher); + +// SecureRandom random = new SecureRandom(); + byte[] keyBytes = new byte[32]; + //random.NextBytes(keyBytes); + KeyParameter key = new KeyParameter(keyBytes); + + byte[] iv = new byte[cipher.GetBlockSize()]; + //random.NextBytes(iv); + + cipher.Init(forEncryption, new ParametersWithIV(key, iv)); + + return cipher; + } + } +} diff --git a/BouncyCastle/crypto/test/src/crypto/io/test/PemReaderTest.cs b/BouncyCastle/crypto/test/src/crypto/io/test/PemReaderTest.cs new file mode 100644 index 0000000..c2d4dfb --- /dev/null +++ b/BouncyCastle/crypto/test/src/crypto/io/test/PemReaderTest.cs @@ -0,0 +1,151 @@ +using System; +using System.IO; + +using NUnit.Framework; + +using Org.BouncyCastle.Asn1; +using Org.BouncyCastle.Asn1.X509; +using Org.BouncyCastle.Pkcs; +using Org.BouncyCastle.Utilities.IO.Pem; + +namespace Org.BouncyCastle.Crypto.IO.Tests +{ + [TestFixture] + public class PemReaderTest + { + + [Test] + public void TestMalformedInput() + { + string raw = "-----BEGIN CERTIFICATE REQUEST----- MIIBkTCB+wIBADAUMRIwEAYDVQQDDAlUZXN0MlNBTnMwgZ8wDQYJKoZIhvcNAQEB BQADgY0AMIGJAoGBAPPPH7W8LqBMCwSu/MsmCeSCfBzMEp4k+aZmeKw8EQD1R3FK WtPy/LcaUyQhyIeNPFAH8JEz0dJRJjleFL8G5pv7c2YXjBmIfbF/W2eETBIohMDP pWOqKYiT1mqzw25rP1VuXGXaSfN22RReomUd9O2GuEkaqz5x5iTRD6aLmDoJAgMB AAGgPjA8BgkqhkiG9w0BCQ4xLzAtMCsGA1UdEQQkMCKCD3NhbjEudGVzdC5sb2Nh bIIPc2FuMi50ZXN0LmxvY2FsMA0GCSqGSIb3DQEBCwUAA4GBAOacp+9s7/jpmSTA ORvx4nsDwBsY4VLeuPUc2gYmHqfVgrCCSHKPQtQge0P5atudbo+q8Fn+/5JnJR6/ JaooICY3M+/QVrvzvV30i5W8aEIERfXsEIcFyVxv24p6SbrGAcSjwpqvgAf0z82F D3f1qdFATb9HAFsuD/J0HexTFDvB -----END CERTIFICATE REQUEST-----"; + + PemReader pemReader = new PemReader(new StringReader(raw)); + PemObject item = pemReader.ReadPemObject(); + + Asn1.Pkcs.CertificationRequest pkcs10 = Pkcs10CertificationRequest.GetInstance(Asn1Sequence.GetInstance(item.Content)); + string subject = pkcs10.GetCertificationRequestInfo().Subject.ToString(); + + Assert.AreEqual("CERTIFICATE REQUEST", item.Type); + Assert.AreEqual("CN=Test2SANs", subject); + } + + [Test] + public void TestSaneInput() + { + string test = "Certificate:\n" + + " Data:\n" + + " Version: 3 (0x2)\n" + + " Serial Number: 865 (0x361)\n" + + " Signature Algorithm: ecdsa-with-SHA1\n" + + " Issuer: CN=estExampleCA\n" + + " Validity\n" + + " Not Before: Sep 29 12:41:31 2014 GMT\n" + + " Not After : Dec 16 12:41:31 2022 GMT\n" + + " Subject: CN=*.cisco.com\n" + + " Subject Public Key Info:\n" + + " Public Key Algorithm: rsaEncryption\n" + + " Public-Key: (1024 bit)\n" + + " Modulus:\n" + + " 00:b7:08:e6:18:f2:32:d7:07:44:4b:f3:b1:83:01:\n" + + " 59:f8:bc:ec:26:71:92:9a:53:70:f2:c0:be:2a:d6:\n" + + " 26:6f:45:11:86:d7:ee:37:9d:d3:2f:22:b2:8b:9b:\n" + + " c5:96:00:36:73:97:c3:4c:f2:7a:0b:2c:e0:cc:d9:\n" + + " f0:ec:ba:1b:75:8c:66:b1:86:10:fd:be:df:6b:67:\n" + + " 9c:0e:6b:2a:0e:d0:80:a8:dc:7a:d4:df:6e:79:28:\n" + + " a7:60:1a:11:b7:ae:40:94:bb:b4:11:ed:1b:6f:a7:\n" + + " 91:ae:33:ec:bf:9c:30:f3:dc:91:2c:b4:3e:8c:c9:\n" + + " bd:f1:d1:aa:f6:c2:1d:6a:cd\n" + + " Exponent: 65537 (0x10001)\n" + + " X509v3 extensions:\n" + + " X509v3 Basic Constraints: \n" + + " CA:FALSE\n" + + " X509v3 Key Usage: \n" + + " Digital Signature, Non Repudiation, Key Encipherment\n" + + " Signature Algorithm: ecdsa-with-SHA1\n" + + " 30:44:02:20:76:4f:3a:6c:b4:99:cb:1e:37:f4:0d:6e:e1:74:\n" + + " 4b:99:bb:f5:c4:b6:3d:c1:61:df:8c:d7:1f:9f:e7:d3:64:d6:\n" + + " 02:20:64:38:8f:6f:32:37:2b:7d:cf:28:93:e5:e6:e7:70:c5:\n" + + " a9:12:04:b0:4b:a5:29:7b:23:df:85:f2:18:44:8b:d2\n" + + "-----BEGIN CERTIFICATE-----\n" + + "MIIBezCCASOgAwIBAgICA2EwCQYHKoZIzj0EATAXMRUwEwYDVQQDEwxlc3RFeGFt\n" + + "cGxlQ0EwHhcNMTQwOTI5MTI0MTMxWhcNMjIxMjE2MTI0MTMxWjAWMRQwEgYDVQQD\n" + + "DAsqLmNpc2NvLmNvbTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAtwjmGPIy\n" + + "1wdES/OxgwFZ+LzsJnGSmlNw8sC+KtYmb0URhtfuN53TLyKyi5vFlgA2c5fDTPJ6\n" + + "CyzgzNnw7LobdYxmsYYQ/b7fa2ecDmsqDtCAqNx61N9ueSinYBoRt65AlLu0Ee0b\n" + + "b6eRrjPsv5ww89yRLLQ+jMm98dGq9sIdas0CAwEAAaMaMBgwCQYDVR0TBAIwADAL\n" + + "BgNVHQ8EBAMCBeAwCQYHKoZIzj0EAQNHADBEAiB2TzpstJnLHjf0DW7hdEuZu/XE\n" + + "tj3BYd+M1x+f59Nk1gIgZDiPbzI3K33PKJPl5udwxakSBLBLpSl7I9+F8hhEi9I=\n" + + "-----END CERTIFICATE-----\n"; + + PemReader pemReader = new PemReader(new StringReader(test)); + PemObject item = pemReader.ReadPemObject(); + Assert.AreEqual("CERTIFICATE", item.Type); + X509CertificateStructure cert = X509CertificateStructure.GetInstance(Asn1Sequence.GetInstance(item.Content)); + Assert.AreEqual("CN=estExampleCA", cert.Issuer.ToString()); + } + + [Test] + public void TestWithHeaders() + { + string hdr = "Proc-Type: 4,CRL\n"; + string hdr2 = "CRL: CRL Header\n"; + string hdr3 = "Originator-Certificate: originator certificate\n"; + string hdr4 = "CRL: crl header\n"; + string hdr5 = "Originator-Certificate: next originator certificate\n"; + + string test = "-----BEGIN CERTIFICATE-----\n" + hdr + hdr2 + " \t\r\0" + hdr3 + hdr4 + hdr5 + + "MIIBezCCASOgAwIBAgICA2EwCQYHKoZIzj0EATAXMRUwEwYDVQQDEwxlc3RFeGFt\n" + + "cGxlQ0EwHhcNMTQwOTI5MTI0MTMxWhcNMjIxMjE2MTI0MTMxWjAWMRQwEgYDVQQD\n" + + "DAsqLmNpc2NvLmNvbTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAtwjmGPIy\n" + + "1wdES/OxgwFZ+LzsJnGSmlNw8sC+KtYmb0URhtfuN53TLyKyi5vFlgA2c5fDTPJ6\n" + + "CyzgzNnw7LobdYxmsYYQ/b7fa2ecDmsqDtCAqNx61N9ueSinYBoRt65AlLu0Ee0b\n" + + "b6eRrjPsv5ww89yRLLQ+jMm98dGq9sIdas0CAwEAAaMaMBgwCQYDVR0TBAIwADAL\n" + + "BgNVHQ8EBAMCBeAwCQYHKoZIzj0EAQNHADBEAiB2TzpstJnLHjf0DW7hdEuZu/XE\n" + + "tj3BYd+M1x+f59Nk1gIgZDiPbzI3K33PKJPl5udwxakSBLBLpSl7I9+F8hhEi9I=\n" + + "-----END CERTIFICATE-----\n"; + + PemReader pemReader = new PemReader(new StringReader(test)); + PemObject item = pemReader.ReadPemObject(); + Assert.AreEqual("CERTIFICATE", item.Type); + X509CertificateStructure cert = X509CertificateStructure.GetInstance(Asn1Sequence.GetInstance(item.Content)); + Assert.AreEqual("CN=estExampleCA", cert.Issuer.ToString()); + + int t = 0; + foreach(string[] items in new string[][] { + new string[] { "Proc-Type", "4,CRL" }, + new string[] { "CRL", "CRL Header" }, + new string[] { "Originator-Certificate", "originator certificate" }, + new string[] { "CRL", "crl header" }, + new string[] { "Originator-Certificate", "next originator certificate" }, + + }) + { + Assert.AreEqual(items[0], ((PemHeader)item.Headers[t]).Name); + Assert.AreEqual(items[1], ((PemHeader)item.Headers[t]).Value); + t++; + } + + } + + [Test] + public void TestNoWhiteSpace() + { + string test = "-----BEGIN CERTIFICATE-----" + + "MIIBezCCASOgAwIBAgICA2EwCQYHKoZIzj0EATAXMRUwEwYDVQQDEwxlc3RFeGFt" + + "cGxlQ0EwHhcNMTQwOTI5MTI0MTMxWhcNMjIxMjE2MTI0MTMxWjAWMRQwEgYDVQQD" + + "DAsqLmNpc2NvLmNvbTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAtwjmGPIy" + + "1wdES/OxgwFZ+LzsJnGSmlNw8sC+KtYmb0URhtfuN53TLyKyi5vFlgA2c5fDTPJ6" + + "CyzgzNnw7LobdYxmsYYQ/b7fa2ecDmsqDtCAqNx61N9ueSinYBoRt65AlLu0Ee0b" + + "b6eRrjPsv5ww89yRLLQ+jMm98dGq9sIdas0CAwEAAaMaMBgwCQYDVR0TBAIwADAL" + + "BgNVHQ8EBAMCBeAwCQYHKoZIzj0EAQNHADBEAiB2TzpstJnLHjf0DW7hdEuZu/XE" + + "tj3BYd+M1x+f59Nk1gIgZDiPbzI3K33PKJPl5udwxakSBLBLpSl7I9+F8hhEi9I=" + + "-----END CERTIFICATE-----"; + + PemReader pemReader = new PemReader(new StringReader(test)); + PemObject item = pemReader.ReadPemObject(); + Assert.AreEqual("CERTIFICATE", item.Type); + X509CertificateStructure cert = X509CertificateStructure.GetInstance(Asn1Sequence.GetInstance(item.Content)); + Assert.AreEqual("CN=estExampleCA", cert.Issuer.ToString()); + } + } +} diff --git a/BouncyCastle/crypto/test/src/crypto/prng/test/CtrDrbgTest.cs b/BouncyCastle/crypto/test/src/crypto/prng/test/CtrDrbgTest.cs new file mode 100644 index 0000000..4dc09f4 --- /dev/null +++ b/BouncyCastle/crypto/test/src/crypto/prng/test/CtrDrbgTest.cs @@ -0,0 +1,526 @@ +using System; + +using NUnit.Framework; + +using Org.BouncyCastle.Crypto.Engines; +using Org.BouncyCastle.Crypto.Prng.Drbg; +using Org.BouncyCastle.Utilities.Test; +using Org.BouncyCastle.Utilities.Encoders; +using Org.BouncyCastle.Utilities; +using Org.BouncyCastle.Crypto.Parameters; + +namespace Org.BouncyCastle.Crypto.Prng.Test +{ + /** + * CTR DRBG Test + */ + [TestFixture] + public class CtrDrbgTest + : SimpleTest + { + public override string Name + { + get { return "CTRDRBGTest"; } + } + + public static void Main(string[] args) + { + RunTest(new CtrDrbgTest()); + } + + [Test] + public void TestFunction() + { + string resultText = Perform().ToString(); + + Assert.AreEqual(Name + ": Okay", resultText); + } + + private DrbgTestVector[] CreateTestVectorData() + { + return new DrbgTestVector[] + { + new DrbgTestVector( + new DesEdeEngine(), 168, + new Bit232EntropyProvider().Get(232), + false, + "20212223242526", + 112, + new string[] + { + "ABC88224514D0316EA3D48AEE3C9A2B4", + "D3D3F372E43E7ABDC4FA293743EED076" + } + ), + new DrbgTestVector( + new DesEdeEngine(), 168, + new Bit232EntropyProvider().Get(232), + false, + "20212223242526", + 112, + new string[] + { + "D4564EE072ACA5BD279536E14F94CB12", + "1CCD9AFEF15A9679BA75E35225585DEA" + } + ) + .AddAdditionalInput("606162636465666768696A6B6C6D6E6F707172737475767778797A7B7C") + .AddAdditionalInput("A0A1A2A3A4A5A6A7A8A9AAABACADAEAFB0B1B2B3B4B5B6B7B8B9BABBBC"), + new DrbgTestVector( + new DesEdeEngine(), 168, + new Bit232EntropyProvider().Get(232), + false, + "20212223242526", + 112, + new string[] + { + "760BED7D92B083B10AF31CF0656081EB", + "FD1AC41482384D823CF3FD6F0E6C88B3" + } + ) + .SetPersonalizationString("404142434445464748494A4B4C4D4E4F505152535455565758595A5B5C"), + new DrbgTestVector( + new DesEdeEngine(), 168, + new Bit232EntropyProvider().Get(232), + false, + "20212223242526", + 112, + new string[] + { + "7A4C1D7ADC8A67FDB50100ED23583A2C", + "43044D311C0E07541CA5C8B0916976B2" + } + ) + .SetPersonalizationString("404142434445464748494A4B4C4D4E4F505152535455565758595A5B5C") + .AddAdditionalInput("606162636465666768696A6B6C6D6E6F707172737475767778797A7B7C") + .AddAdditionalInput("A0A1A2A3A4A5A6A7A8A9AAABACADAEAFB0B1B2B3B4B5B6B7B8B9BABBBC"), + new DrbgTestVector( + new DesEdeEngine(), 168, + new Bit232EntropyProvider().Get(232), + true, + "20212223242526", + 112, + new string[] + { + "8FB78ABCA75C9F284E974E36141866BC", + "9D9745FF31C42A4488CBB771B13B5D86" + } + ), + new DrbgTestVector( + new DesEdeEngine(), 168, + new Bit232EntropyProvider().Get(232), + true, + "20212223242526", + 112, + new string[] + { + "0E389920A09B485AA4ABD0CA7E60D89C", + "F4478EC6659A0D3577625B0C73A211DD" + } + ) + .AddAdditionalInput("606162636465666768696A6B6C6D6E6F707172737475767778797A7B7C") + .AddAdditionalInput("A0A1A2A3A4A5A6A7A8A9AAABACADAEAFB0B1B2B3B4B5B6B7B8B9BABBBC"), + new DrbgTestVector( + new DesEdeEngine(), 168, + new Bit232EntropyProvider().Get(232), + true, + "20212223242526", + 112, + new string[] + { + "64983055D014550B39DE699E43130B64", + "035FDDA8582A2214EC722C410A8D95D3" + } + ) + .SetPersonalizationString("404142434445464748494A4B4C4D4E4F505152535455565758595A5B5C"), + new DrbgTestVector( + new DesEdeEngine(), 168, + new Bit232EntropyProvider().Get(232), + true, + "20212223242526", + 112, + new string[] + { + "A29C1A8C42FBC562D7D1DBA7DC541FFE", + "0BDA66B049429061C013E4228C2F44C6" + } + ) + .SetPersonalizationString("404142434445464748494A4B4C4D4E4F505152535455565758595A5B5C") + .AddAdditionalInput("606162636465666768696A6B6C6D6E6F707172737475767778797A7B7C") + .AddAdditionalInput("A0A1A2A3A4A5A6A7A8A9AAABACADAEAFB0B1B2B3B4B5B6B7B8B9BABBBC"), + new DrbgTestVector( + new AesEngine(), 128, + new Bit256EntropyProvider().Get(256), + false, + "2021222324252627", + 128, + new string[] + { + "8CF59C8CF6888B96EB1C1E3E79D82387AF08A9E5FF75E23F1FBCD4559B6B997E", + "69CDEF912C692D61B1DA4C05146B52EB7B8849BD87937835328254EC25A9180E" + } + ), + new DrbgTestVector( + new AesEngine(), 128, + new Bit256EntropyProvider().Get(256), + false, + "2021222324252627", + 128, + new string[] + { + "E8C74A4B7BFFB53BEB80E78CA86BB6DF70E2032AEB473E0DD54D2339CEFCE9D0", + "26B3F823B4DBAFC23B141375E10B3AEB7A0B5DEF1C7D760B6F827D01ECD17AC7" + } + ) + .AddAdditionalInput("606162636465666768696A6B6C6D6E6F707172737475767778797A7B7C7D7E7F") + .AddAdditionalInput("A0A1A2A3A4A5A6A7A8A9AAABACADAEAFB0B1B2B3B4B5B6B7B8B9BABBBCBDBEBF"), + new DrbgTestVector( + new AesEngine(), 128, + new Bit256EntropyProvider().Get(256), + false, + "2021222324252627", + 128, + new string[] + { + "18FDEFBDC43D7A36D5D6D862205765D1D701C9F237007030DF1B8E70EE4EEE29", + "9888F1D38BB1CCE31B363AA1BD9B39616876C30DEE1FF0B7BD8C4C441715C833" + } + ) + .SetPersonalizationString("404142434445464748494A4B4C4D4E4F505152535455565758595A5B5C5D5E5F"), + new DrbgTestVector( + new AesEngine(), 128, + new Bit256EntropyProvider().Get(256), + true, + "2021222324252627", + 128, + new string[] + { + "BFF4B85D68C84529F24F69F9ACF1756E29BA648DDEB825C225FA32BA490EF4A9", + "9BD2635137A52AF7D0FCBEFEFB97EA93A0F4C438BD98956C0DACB04F15EE25B3" + } + ), + new DrbgTestVector( + new AesEngine(), 128, + new Bit256EntropyProvider().Get(256), + true, + "2021222324252627", + 128, + new string[] + { + "4573AC8BBB33D7CC4DBEF3EEDF6EAE748B536C3A1082CEE4948CDB51C83A7F9C", + "99C628CDD87BD8C2F1FE443AA7F761DA16886436326323354DA6311FFF5BC678" + } + ) + .AddAdditionalInput("606162636465666768696A6B6C6D6E6F707172737475767778797A7B7C7D7E7F") + .AddAdditionalInput("A0A1A2A3A4A5A6A7A8A9AAABACADAEAFB0B1B2B3B4B5B6B7B8B9BABBBCBDBEBF"), + new DrbgTestVector( + new AesEngine(), 128, + new Bit256EntropyProvider().Get(256), + true, + "2021222324252627", + 128, + new string[] + { + "F324104E2FA14F79D8AA60DF06B93B3BC157324958F0A7EE1E193677A70E0250", + "78F4C840134F40DC001BFAD3A90B5EF4DEBDBFAC3CFDF0CD69A89DC4FD34713F" + } + ) + .SetPersonalizationString("404142434445464748494A4B4C4D4E4F505152535455565758595A5B5C5D5E5F"), + new DrbgTestVector( + new AesEngine(), 192, + new Bit320EntropyProvider().Get(320), + false, + "202122232425262728292A2B", + 192, + new string[] + { + "E231244B3235B085C81604424357E85201E3828B5C45568679A5555F867AAC8C", + "DDD0F7BCCADADAA31A67652259CE569A271DD85CF66C3D6A7E9FAED61F38D219" + } + ) + .SetPersonalizationString("404142434445464748494A4B4C4D4E4F505152535455565758595A5B5C5D5E5F6061626364656667"), + new DrbgTestVector( + new AesEngine(), 192, + new Bit320EntropyProvider().Get(320), + true, + "202122232425262728292A2B", + 192, + new string[] + { + "F780D4A2C25CF8EE7407D948EC0B724A4235D8B20E65081392755CA7912AD7C0", + "BA14617F915BA964CB79276BDADC840C14B631BBD1A59097054FA6DFF863B238" + } + ) + .SetPersonalizationString("404142434445464748494A4B4C4D4E4F505152535455565758595A5B5C5D5E5F6061626364656667"), + new DrbgTestVector( + new AesEngine(), 256, + new Bit384EntropyProvider().Get(384), + false, + "202122232425262728292A2B2C2D2E2F", + 256, + new string[] + { + "47111E146562E9AA2FB2A1B095D37A8165AF8FC7CA611D632BE7D4C145C83900", + "98A28E3B1BA363C9DAF0F6887A1CF52B833D3354D77A7C10837DD63DD2E645F8" + } + ) + .SetPersonalizationString("404142434445464748494A4B4C4D4E4F505152535455565758595A5B5C5D5E5F606162636465666768696A6B6C6D6E6F") + .AddAdditionalInput("606162636465666768696A6B6C6D6E6F707172737475767778797A7B7C7D7E7F808182838485868788898A8B8C8D8E8F") + .AddAdditionalInput("A0A1A2A3A4A5A6A7A8A9AAABACADAEAFB0B1B2B3B4B5B6B7B8B9BABBBCBDBEBFC0C1C2C3C4C5C6C7C8C9CACBCCCDCECF"), + new DrbgTestVector( + new AesEngine(), 256, + new Bit384EntropyProvider().Get(384), + true, + "202122232425262728292A2B2C2D2E2F", + 256, + new string[] + { + "71BB3F9C9CEAF4E6C92A83EB4C7225010EE150AC75E23F5F77AD5073EF24D88A", + "386DEBBBF091BBF0502957B0329938FB836B82E594A2F5FDD5EB28D4E35528F4" + } + ) + .AddAdditionalInput("606162636465666768696A6B6C6D6E6F707172737475767778797A7B7C7D7E7F808182838485868788898A8B8C8D8E8F") + .AddAdditionalInput("A0A1A2A3A4A5A6A7A8A9AAABACADAEAFB0B1B2B3B4B5B6B7B8B9BABBBCBDBEBFC0C1C2C3C4C5C6C7C8C9CACBCCCDCECF"), + new DrbgTestVector( + new AesEngine(), 256, + new Bit384EntropyProvider().Get(384), + true, + "202122232425262728292A2B2C2D2E2F", + 256, + new string[] + { + "1A2E3FEE9056E98D375525FDC2B63B95B47CE51FCF594D804BD5A17F2E01139B", + "601F95384F0D85946301D1EACE8F645A825CE38F1E2565B0C0C439448E9CA8AC" + } + ) + .SetPersonalizationString("404142434445464748494A4B4C4D4E4F505152535455565758595A5B5C5D5E5F606162636465666768696A6B6C6D6E6F"), + new DrbgTestVector( + new AesEngine(), 256, + new Bit384EntropyProvider().Get(384), + true, + "202122232425262728292A2B2C2D2E2F", + 256, + new string[] + { + "EAE6BCE781807E524D26605EA198077932D01EEB445B9AC6C5D99C101D29F46E", + "738E99C95AF59519AAD37FF3D5180986ADEBAB6E95836725097E50A8D1D0BD28" + } + ) + .SetPersonalizationString("404142434445464748494A4B4C4D4E4F505152535455565758595A5B5C5D5E5F606162636465666768696A6B6C6D6E6F") + .AddAdditionalInput("606162636465666768696A6B6C6D6E6F707172737475767778797A7B7C7D7E7F808182838485868788898A8B8C8D8E8F") + .AddAdditionalInput("A0A1A2A3A4A5A6A7A8A9AAABACADAEAFB0B1B2B3B4B5B6B7B8B9BABBBCBDBEBFC0C1C2C3C4C5C6C7C8C9CACBCCCDCECF"), + new DrbgTestVector( + new AesEngine(), 256, + new Bit384EntropyProvider().Get(384), + true, + "202122232425262728292A2B2C2D2E2F", + 256, + new string[] + { + "eae6bce781807e524d26605ea198077932d01eeb445b9ac6c5d99c101d29f46e30b27377", + "ec51b55b49904c3ff9e13939f1cf27398993e1b3acb2b0be0be8761261428f0aa8ba2657" + } + ) + .SetPersonalizationString("404142434445464748494A4B4C4D4E4F505152535455565758595A5B5C5D5E5F606162636465666768696A6B6C6D6E6F") + .AddAdditionalInput("606162636465666768696A6B6C6D6E6F707172737475767778797A7B7C7D7E7F808182838485868788898A8B8C8D8E8F") + .AddAdditionalInput("A0A1A2A3A4A5A6A7A8A9AAABACADAEAFB0B1B2B3B4B5B6B7B8B9BABBBCBDBEBFC0C1C2C3C4C5C6C7C8C9CACBCCCDCECF") + }; + } + + public override void PerformTest() + { + DrbgTestVector[] tests = CreateTestVectorData(); + ISP80090Drbg d; + DrbgTestVector tv; + byte[] output; + + for (int i = 0; i != tests.Length; i++) + { + tv = tests[i]; + + byte[] nonce = tv.GetNonce(); + byte[] personalisationString = tv.GetPersonalizationString(); + + d = new CtrSP800Drbg(tv.Cipher, tv.KeySizeInBits, tv.SecurityStrength, tv.EntropySource, personalisationString, nonce); + + output = new byte[tv.GetExpectedValue(0).Length]; + + d.Generate(output, tv.GetAdditionalInput(0), tv.PredictionResistance); + + byte[] expected = tv.GetExpectedValue(0); + + if (!AreEqual(expected, output)) + { + Fail("Test #" + (i + 1) + ".1 failed, expected " + Hex.ToHexString(tv.GetExpectedValue(0)) + " got " + Hex.ToHexString(output)); + } + + output = new byte[tv.GetExpectedValue(0).Length]; + + d.Generate(output, tv.GetAdditionalInput(1), tv.PredictionResistance); + + expected = tv.GetExpectedValue(1); + if (!AreEqual(expected, output)) + { + Fail("Test #" + (i + 1) + ".2 failed, expected " + Hex.ToHexString(tv.GetExpectedValue(1)) + " got " + Hex.ToHexString(output)); + } + } + + // DESede/TDEA key parity test + tv = tests[0]; + + ISP80090Drbg drbg = new CtrSP800Drbg(new KeyParityCipher(tv.Cipher), tv.KeySizeInBits, tv.SecurityStrength, tv.EntropySource, + tv.GetPersonalizationString(), tv.GetNonce()); + + output = new byte[tv.GetExpectedValue(0).Length]; + + drbg.Generate(output, tv.GetAdditionalInput(0), tv.PredictionResistance); + + // Exception tests + try + { + d = new CtrSP800Drbg(new AesEngine(), 256, 256, new Bit232EntropyProvider().Get(128), null, null); + Fail("no exception thrown"); + } + catch (ArgumentException e) + { + if (!e.Message.Equals("Not enough entropy for security strength required")) + { + Fail("Wrong exception", e); + } + } + + try + { + d = new CtrSP800Drbg(new DesEdeEngine(), 256, 256, new Bit232EntropyProvider().Get(232), null, null); + Fail("no exception thrown"); + } + catch (ArgumentException e) + { + if (!e.Message.Equals("Requested security strength is not supported by block cipher and key size")) + { + Fail("Wrong exception", e); + } + } + + try + { + d = new CtrSP800Drbg(new DesEdeEngine(), 168, 256, new Bit232EntropyProvider().Get(232), null, null); + Fail("no exception thrown"); + } + catch (ArgumentException e) + { + if (!e.Message.Equals("Requested security strength is not supported by block cipher and key size")) + { + Fail("Wrong exception", e); + } + } + + try + { + d = new CtrSP800Drbg(new AesEngine(), 192, 256, new Bit232EntropyProvider().Get(232), null, null); + Fail("no exception thrown"); + } + catch (ArgumentException e) + { + if (!e.Message.Equals("Requested security strength is not supported by block cipher and key size")) + { + Fail("Wrong exception", e); + } + } + } + + internal class Bit232EntropyProvider : TestEntropySourceProvider + { + internal Bit232EntropyProvider() : base(Hex.Decode( + "000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C" + + "808182838485868788898A8B8C8D8E8F909192939495969798999A9B9C" + + "C0C1C2C3C4C5C6C7C8C9CACBCCCDCECFD0D1D2D3D4D5D6D7D8D9DADBDC"), true) + { } + } + + internal class Bit256EntropyProvider : TestEntropySourceProvider + { + internal Bit256EntropyProvider(): base(Hex.Decode( + "0001020304050607" + + "08090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F" + + "8081828384858687" + + "88898A8B8C8D8E8F909192939495969798999A9B9C9D9E9F" + + "C0C1C2C3C4C5C6C7" + + "C8C9CACBCCCDCECFD0D1D2D3D4D5D6D7D8D9DADBDCDDDEDF"), true) + { } + } + + internal class Bit320EntropyProvider : TestEntropySourceProvider + { + internal Bit320EntropyProvider() : base(Hex.Decode( + "000102030405060708090A0B0C0D0E0F" + + "101112131415161718191A1B1C1D1E1F2021222324252627" + + "808182838485868788898A8B8C8D8E8F" + + "909192939495969798999A9B9C9D9E9FA0A1A2A3A4A5A6A7" + + "C0C1C2C3C4C5C6C7C8C9CACBCCCDCECF" + + "D0D1D2D3D4D5D6D7D8D9DADBDCDDDEDFE0E1E2E3E4E5E6E7"), true) + { } + } + + internal class Bit384EntropyProvider : TestEntropySourceProvider + { + internal Bit384EntropyProvider() : base(Hex.Decode( + "000102030405060708090A0B0C0D0E0F1011121314151617" + + "18191A1B1C1D1E1F202122232425262728292A2B2C2D2E2F" + + "808182838485868788898A8B8C8D8E8F9091929394959697" + + "98999A9B9C9D9E9FA0A1A2A3A4A5A6A7A8A9AAABACADAEAF" + + "C0C1C2C3C4C5C6C7C8C9CACBCCCDCECFD0D1D2D3D4D5D6D7" + + "D8D9DADBDCDDDEDFE0E1E2E3E4E5E6E7E8E9EAEBECEDEEEF"), true) + { } + } + + internal class KeyParityCipher : IBlockCipher + { + private IBlockCipher cipher; + + internal KeyParityCipher(IBlockCipher cipher) + { + this.cipher = cipher; + } + + public void Init(bool forEncryption, ICipherParameters parameters) + { + byte[] k = Arrays.Clone(((KeyParameter)parameters).GetKey()); + + DesEdeParameters.SetOddParity(k); + + if (!Arrays.AreEqual(((KeyParameter)parameters).GetKey(), k)) + { + throw new ArgumentException("key not odd parity"); + } + + cipher.Init(forEncryption, parameters); + } + + public String AlgorithmName + { + get { return cipher.AlgorithmName; } + } + + public bool IsPartialBlockOkay + { + get { return false; } + } + + public int GetBlockSize() + { + return cipher.GetBlockSize(); + } + + public int ProcessBlock(byte[] input, int inOff, byte[] output, int outOff) + { + return cipher.ProcessBlock(input, inOff, output, outOff); + } + + public void Reset() + { + cipher.Reset(); + } + } + } +} diff --git a/BouncyCastle/crypto/test/src/crypto/prng/test/DrbgTestVector.cs b/BouncyCastle/crypto/test/src/crypto/prng/test/DrbgTestVector.cs new file mode 100644 index 0000000..e0a8eea --- /dev/null +++ b/BouncyCastle/crypto/test/src/crypto/prng/test/DrbgTestVector.cs @@ -0,0 +1,111 @@ +using System; +using System.Collections; + +using Org.BouncyCastle.Utilities.Encoders; + +namespace Org.BouncyCastle.Crypto.Prng.Test +{ + public class DrbgTestVector + { + private IDigest _digest; + private IBlockCipher _cipher; + private int _keySizeInBits; + private IEntropySource _eSource; + private bool _pr; + private string _nonce; + private string _personalisation; + private int _ss; + private String[] _ev; + private IList _ai = new ArrayList(); + + public DrbgTestVector(IDigest digest, IEntropySource eSource, bool predictionResistance, string nonce, + int securityStrength, string[] expected) + { + _digest = digest; + _eSource = eSource; + _pr = predictionResistance; + _nonce = nonce; + _ss = securityStrength; + _ev = expected; + _personalisation = null; + } + + public DrbgTestVector(IBlockCipher cipher, int keySizeInBits, IEntropySource eSource, bool predictionResistance, + string nonce, int securityStrength, string[] expected) + { + _cipher = cipher; + _keySizeInBits = keySizeInBits; + _eSource = eSource; + _pr = predictionResistance; + _nonce = nonce; + _ss = securityStrength; + _ev = expected; + _personalisation = null; + } + + public IDigest Digest + { + get { return _digest; } + } + + public IBlockCipher Cipher + { + get { return _cipher; } + } + + public int KeySizeInBits + { + get { return _keySizeInBits; } + } + + public DrbgTestVector AddAdditionalInput(string input) + { + _ai.Add(input); + return this; + } + + public DrbgTestVector SetPersonalizationString(string p) + { + _personalisation = p; + return this; + } + + public IEntropySource EntropySource + { + get { return _eSource; } + } + + public bool PredictionResistance + { + get { return _pr; } + } + + public byte[] GetNonce() + { + return _nonce == null ? null : Hex.Decode(_nonce); + } + + public byte[] GetPersonalizationString() + { + return _personalisation == null ? null : Hex.Decode(_personalisation); + } + + public int SecurityStrength + { + get { return _ss; } + } + + public byte[] GetExpectedValue(int index) + { + return Hex.Decode(_ev[index]); + } + + public byte[] GetAdditionalInput(int position) + { + if (position >= _ai.Count) + return null; + + return Hex.Decode((string)_ai[position]); + } + } +} diff --git a/BouncyCastle/crypto/test/src/crypto/prng/test/HMacDrbgTest.cs b/BouncyCastle/crypto/test/src/crypto/prng/test/HMacDrbgTest.cs new file mode 100644 index 0000000..a5ca308 --- /dev/null +++ b/BouncyCastle/crypto/test/src/crypto/prng/test/HMacDrbgTest.cs @@ -0,0 +1,524 @@ +using System; + +using NUnit.Framework; + +using Org.BouncyCastle.Crypto.Digests; +using Org.BouncyCastle.Crypto.Macs; +using Org.BouncyCastle.Crypto.Prng.Drbg; +using Org.BouncyCastle.Utilities.Test; +using Org.BouncyCastle.Utilities.Encoders; + +namespace Org.BouncyCastle.Crypto.Prng.Test +{ + /** + * HMAC SP800-90 DRBG + */ + [TestFixture] + public class HMacDrbgTest + : SimpleTest + { + public override string Name + { + get { return "HMacDRBG"; } + } + + public static void Main(string[] args) + { + RunTest(new HMacDrbgTest()); + } + + [Test] + public void TestFunction() + { + string resultText = Perform().ToString(); + + Assert.AreEqual(Name + ": Okay", resultText); + } + + private DrbgTestVector[] CreateTestVectorData() + { + return new DrbgTestVector[] + { + new DrbgTestVector( + new Sha1Digest(), + new SHA1EntropyProvider().Get(440), + false, + "2021222324", + 80, + new string[] + { + "5A7D3B449F481CB38DF79AD2B1FCC01E57F8135E8C0B22CD0630BFB0127FB5408C8EFC17A929896E", + "82cf772ec3e84b00fc74f5df104efbfb2428554e9ce367d03aeade37827fa8e9cb6a08196115d948" + }), + new DrbgTestVector( + new Sha1Digest(), + new SHA1EntropyProvider().Get(440), + false, + "2021222324", + 80, + new string[] + { + "B3BD05246CBA12A64735A4E3FDE599BC1BE30F439BD060208EEA7D71F9D123DF47B3CE069D98EDE6", + "B5DADA380E2872DF935BCA55B882C8C9376902AB639765472B71ACEBE2EA8B1B6B49629CB67317E0" + }) + .SetPersonalizationString("404142434445464748494A4B4C4D4E4F505152535455565758595A5B5C5D5E5F606162636465666768696A6B6C6D6E6F70717273747576"), + new DrbgTestVector( + new Sha1Digest(), + new SHA1EntropyProvider().Get(440), + false, + "2021222324", + 80, + new string[] + { + "C7AAAC583C6EF6300714C2CC5D06C148CFFB40449AD0BB26FAC0497B5C57E161E36681BCC930CE80", + "6EBD2B7B5E0A2AD7A24B1BF9A1DBA47D43271719B9C37B7FE81BA94045A14A7CB514B446666EA5A7" + }) + .AddAdditionalInput("606162636465666768696A6B6C6D6E6F707172737475767778797A7B7C7D7E7F808182838485868788898A8B8C8D8E8F90919293949596") + .AddAdditionalInput("A0A1A2A3A4A5A6A7A8A9AAABACADAEAFB0B1B2B3B4B5B6B7B8B9BABBBCBDBEBFC0C1C2C3C4C5C6C7C8C9CACBCCCDCECFD0D1D2D3D4D5D6"), + new DrbgTestVector( + new Sha1Digest(), + new SHA1EntropyProvider().Get(440), + true, + "2021222324", + 80, + new string[] + { + "FEC4597F06A3A8CC8529D59557B9E661053809C0BC0EFC282ABD87605CC90CBA9B8633DCB1DAE02E", + "84ADD5E2D2041C01723A4DE4335B13EFDF16B0E51A0AD39BD15E862E644F31E4A2D7D843E57C5968" + }), + new DrbgTestVector( + new Sha1Digest(), + new SHA1EntropyProvider().Get(440), + true, + "2021222324", + 80, + new string[] + { + "6C37FDD729AA40F80BC6AB08CA7CC649794F6998B57081E4220F22C5C283E2C91B8E305AB869C625", + "CAF57DCFEA393B9236BF691FA456FEA7FDF1DF8361482CA54D5FA723F4C88B4FA504BF03277FA783" + }) + .SetPersonalizationString("404142434445464748494A4B4C4D4E4F505152535455565758595A5B5C5D5E5F606162636465666768696A6B6C6D6E6F70717273747576"), + new DrbgTestVector( + new Sha1Digest(), + new SHA1EntropyProvider().Get(440), + true, + "2021222324", + 80, + new string[] + { + "A1BA8FA58BB5013F43F7B6ED52B4539FA16DC77957AEE815B9C07004C7E992EB8C7E591964AFEEA2", + "84264A73A818C95C2F424B37D3CC990B046FB50C2DC64A164211889A010F2471A0912FFEA1BF0195" + }) + .AddAdditionalInput("606162636465666768696A6B6C6D6E6F707172737475767778797A7B7C7D7E7F808182838485868788898A8B8C8D8E8F90919293949596") + .AddAdditionalInput("A0A1A2A3A4A5A6A7A8A9AAABACADAEAFB0B1B2B3B4B5B6B7B8B9BABBBCBDBEBFC0C1C2C3C4C5C6C7C8C9CACBCCCDCECFD0D1D2D3D4D5D6"), + new DrbgTestVector( + new Sha256Digest(), + new SHA256EntropyProvider().Get(440), + false, + "2021222324252627", + 128, + new string[] + { + "D67B8C1734F46FA3F763CF57C6F9F4F2" + + "DC1089BD8BC1F6F023950BFC5617635208C8501238AD7A44" + + "00DEFEE46C640B61AF77C2D1A3BFAA90EDE5D207406E5403", + "8FDAEC20F8B421407059E3588920DA7E" + + "DA9DCE3CF8274DFA1C59C108C1D0AA9B0FA38DA5C792037C" + + "4D33CD070CA7CD0C5608DBA8B885654639DE2187B74CB263" + }), + new DrbgTestVector( + new Sha256Digest(), + new SHA256EntropyProvider().Get(440), + true, + "2021222324252627", + 128, + new string[] + { + "FABD0AE25C69DC2EFDEFB7F20C5A31B5" + + "7AC938AB771AA19BF8F5F1468F665C938C9A1A5DF0628A56" + + "90F15A1AD8A613F31BBD65EEAD5457D5D26947F29FE91AA7", + "6BD925B0E1C232EFD67CCD84F722E927" + + "ECB46AB2B740014777AF14BA0BBF53A45BDBB62B3F7D0B9C" + + "8EEAD057C0EC754EF8B53E60A1F434F05946A8B686AFBC7A" + }), + new DrbgTestVector( + new Sha384Digest(), + new SHA384EntropyProvider().Get(888), + false, + "202122232425262728292A2B", + 192, + new string[] + { + "03AB8BCE4D1DBBB636C5C5B7E1C58499FEB1C619CDD11D35" + + "CD6CF6BB8F20EF27B6F5F9054FF900DB9EBF7BF30ED4DCBB" + + "BC8D5B51C965EA226FFEE2CA5AB2EFD00754DC32F357BF7A" + + "E42275E0F7704DC44E50A5220AD05AB698A22640AC634829", + "B907E77144FD55A54E9BA1A6A0EED0AAC780020C41A15DD8" + + "9A6C163830BA1D094E6A17100FF71EE30A96E1EE04D2A966" + + "03832A4E404F1966C2B5F4CB61B9927E8D12AC1E1A24CF23" + + "88C14E8EC96C35181EAEE32AAA46330DEAAFE5E7CE783C74" + }) + .SetPersonalizationString( + "404142434445464748494A4B4C4D4E" + + "4F505152535455565758595A5B5C5D5E5F60616263646566" + + "6768696A6B6C6D6E6F707172737475767778797A7B7C7D7E" + + "7F808182838485868788898A8B8C8D8E8F90919293949596" + + "9798999A9B9C9D9E9FA0A1A2A3A4A5A6A7A8A9AAABACADAE"), + new DrbgTestVector( + new Sha384Digest(), + new SHA384EntropyProvider().Get(888), + true, + "202122232425262728292A2B", + 192, + new string[] + { + "804A3AD720F4FCE8738D0632514FEF16430CB7D63A8DF1A5" + + "F02A3CE3BD7ED6A668B69E63E2BB93F096EE753D6194A0F1" + + "A32711063653009636337D22167CC4402D019AC216FA574F" + + "091CF6EA283568D737A77BE38E8F09382C69E76B142ABC3A", + "73B8E55C753202176A17B9B9754A9FE6F23B01861FCD4059" + + "6AEAA301AF1AEF8AF0EAF22FBF34541EFFAB1431666ACACC" + + "759338C7E28672819D53CFEF10A3E19DAFBD53295F1980A9" + + "F491504A2725506784B7AC826D92C838A8668171CAAA86E7" + }) + .SetPersonalizationString( + "404142434445464748494A4B4C4D4E" + + "4F505152535455565758595A5B5C5D5E5F60616263646566" + + "6768696A6B6C6D6E6F707172737475767778797A7B7C7D7E" + + "7F808182838485868788898A8B8C8D8E8F90919293949596" + + "9798999A9B9C9D9E9FA0A1A2A3A4A5A6A7A8A9AAABACADAE"), + new DrbgTestVector( + new Sha512Digest(), + new SHA512EntropyProvider().Get(888), + false, + "202122232425262728292A2B2C2D2E2F", + 256, + new string[] + { + "2A5FF6520C20F66E" + + "D5EA431BD4AEAC58F975EEC9A015137D5C94B73AA09CB8B5" + + "9D611DDEECEB34A52BB999424009EB9EAC5353F92A6699D2" + + "0A02164EEBBC6492941E10426323898465DFD731C7E04730" + + "60A5AA8973841FDF3446FB6E72A58DA8BDA2A57A36F3DD98" + + "6DF85C8A5C6FF31CDE660BF8A841B21DD6AA9D3AC356B87B", + "0EDC8D7D7CEEC7FE" + + "36333FB30C0A9A4B27AA0BECBF075568B006C1C3693B1C29" + + "0F84769C213F98EB5880909EDF068FDA6BFC43503987BBBD" + + "4FC23AFBE982FE4B4B007910CC4874EEC217405421C8D8A1" + + "BA87EC684D0AF9A6101D9DB787AE82C3A6A25ED478DF1B12" + + "212CEC325466F3AC7C48A56166DD0B119C8673A1A9D54F67" + }) + .SetPersonalizationString( + "404142434445464748494A4B4C4D4E" + + "4F505152535455565758595A5B5C5D5E5F60616263646566" + + "6768696A6B6C6D6E6F707172737475767778797A7B7C7D7E" + + "7F808182838485868788898A8B8C8D8E8F90919293949596" + + "9798999A9B9C9D9E9FA0A1A2A3A4A5A6A7A8A9AAABACADAE"), + new DrbgTestVector( + new Sha512Digest(), + new SHA512EntropyProvider().Get(888), + true, + "202122232425262728292A2B2C2D2E2F", + 256, + new string[] + { + "AAE4DC3C9ECC74D9" + + "061DD527117EF3D29E1E52B26853C539D6CA797E8DA3D0BB" + + "171D8E30B8B194D8C28F7F6BE3B986B88506DC6A01B294A7" + + "165DD1C3470F7BE7B396AA0DB7D50C4051E7C7E1C8A7D21A" + + "2B5878C0BCB163CAA79366E7A1162FDC88429616CD3E6977" + + "8D327520A6BBBF71D8AA2E03EC4A9DAA0E77CF93E1EE30D2 ", + "129FF6D31A23FFBC" + + "870632B35EE477C2280DDD2ECDABEDB900C78418BE2D243B" + + "B9D8E5093ECE7B6BF48638D8F704D134ADDEB7F4E9D5C142" + + "CD05683E72B516486AF24AEC15D61E81E270DD4EBED91B62" + + "12EB8896A6250D5C8BC3A4A12F7E3068FBDF856F47EB23D3" + + "79F82C1EBCD1585FB260B9C0C42625FBCEE68CAD773CD5B1" + }) + .SetPersonalizationString( + "404142434445464748494A4B4C4D4E" + + "4F505152535455565758595A5B5C5D5E5F60616263646566" + + "6768696A6B6C6D6E6F707172737475767778797A7B7C7D7E" + + "7F808182838485868788898A8B8C8D8E8F90919293949596" + + "9798999A9B9C9D9E9FA0A1A2A3A4A5A6A7A8A9AAABACADAE"), + new DrbgTestVector( + new Sha512Digest(), + new SHA512EntropyProvider().Get(888), + false, + "202122232425262728292A2B2C2D2E2F", + 256, + new string[] + { + "7AE31A2DEC31075F" + + "E5972660C16D22ECC0D415C5693001BE5A468B590BC1AE2C" + + "43F647F8D681AEEA0D87B79B0B4E5D089CA2C9D327534234" + + "0254E6B04690D77A71A294DA9568479EEF8BB2A2110F18B6" + + "22F60F35235DE0E8F9D7E98105D84AA24AF0757AF005DFD5" + + "2FA51DE3F44FCE0C5F3A27FCE8B0F6E4A3F7C7B53CE34A3D", + "D83A8084630F286D" + + "A4DB49B9F6F608C8993F7F1397EA0D6F4A72CF3EF2733A11" + + "AB823C29F2EBDEC3EDE962F93D920A1DB59C84E1E879C29F" + + "5F9995FC3A6A3AF9B587CA7C13EA197D423E81E1D6469942" + + "B6E2CA83A97E91F6B298266AC148A1809776C26AF5E239A5" + + "5A2BEB9E752203A694E1F3FE2B3E6A0C9C314421CDB55FBD " + }) + .SetPersonalizationString( + "404142434445464748494A4B4C4D4E" + + "4F505152535455565758595A5B5C5D5E5F60616263646566" + + "6768696A6B6C6D6E6F707172737475767778797A7B7C7D7E" + + "7F808182838485868788898A8B8C8D8E8F90919293949596" + + "9798999A9B9C9D9E9FA0A1A2A3A4A5A6A7A8A9AAABACADAE") + .AddAdditionalInput( + "606162636465666768696A6B6C6D6E" + + "6F707172737475767778797A7B7C7D7E7F80818283848586" + + "8788898A8B8C8D8E8F909192939495969798999A9B9C9D9E" + + "9FA0A1A2A3A4A5A6A7A8A9AAABACADAEAFB0B1B2B3B4B5B6" + + "B7B8B9BABBBCBDBEBFC0C1C2C3C4C5C6C7C8C9CACBCCCDCE") + .AddAdditionalInput( + "A0A1A2A3A4A5A6A7A8A9AAABACADAE" + + "AFB0B1B2B3B4B5B6B7B8B9BABBBCBDBEBFC0C1C2C3C4C5C6" + + "C7C8C9CACBCCCDCECFD0D1D2D3D4D5D6D7D8D9DADBDCDDDE" + + "DFE0E1E2E3E4E5E6E7E8E9EAEBECEDEEEFF0F1F2F3F4F5F6" + + "F7F8F9FAFBFCFDFEFF000102030405060708090A0B0C0D0E"), + new DrbgTestVector( + new Sha512Digest(), + new SHA512EntropyProvider().Get(888), + true, + "202122232425262728292A2B2C2D2E2F", + 256, + new string[] + { + "28FD6060C4F35F4D" + + "317AB2060EE32019E0DAA330F3F5650BBCA57CB67EE6AF1C" + + "6F25D1B01F3601EDA85DC2ED29A9B2BA4C85CF491CE7185F" + + "1A2BD9378AE3C655BD1CEC2EE108AE7FC382989F6D4FEA8A" + + "B01499697C2F07945CE02C5ED617D04287FEAF3BA638A4CE" + + "F3BB6B827E40AF16279580FCF1FDAD830930F7FDE341E2AF", + "C0B1601AFE39338B" + + "58DC2BE7C256AEBE3C21C5A939BEEC7E97B3528AC420F0C6" + + "341847187666E0FF578A8EB0A37809F877365A28DF2FA0F0" + + "6354A6F02496747369375B9A9D6B756FDC4A8FB308E08256" + + "9D79A85BB960F747256626389A3B45B0ABE7ECBC39D5CD7B" + + "2C18DF2E5FDE8C9B8D43474C54B6F9839468445929B438C7" + }), + new DrbgTestVector( + new Sha512Digest(), + new SHA512EntropyProvider().Get(888), + true, + "202122232425262728292A2B2C2D2E2F", + 256, + new string[] + { + "72691D2103FB567C" + + "CD30370715B36666F63430087B1C688281CA0974DB456BDB" + + "A7EB5C48CFF62EA05F9508F3B530CE995A272B11EC079C13" + + "923EEF8E011A93C19B58CC6716BC7CB8BD886CAA60C14D85" + + "C023348BD77738C475D6C7E1D9BFF4B12C43D8CC73F838DC" + + "4F8BD476CF8328EEB71B3D873D6B7B859C9B21065638FF95", + "8570DA3D47E1E160" + + "5CF3E44B8D328B995EFC64107B6292D1B1036B5F88CE3160" + + "2F12BEB71D801C0942E7C0864B3DB67A9356DB203490D881" + + "24FE86BCE38AC2269B4FDA6ABAA884039DF80A0336A24D79" + + "1EB3067C8F5F0CF0F18DD73B66A7B316FB19E02835CC6293" + + "65FCD1D3BE640178ED9093B91B36E1D68135F2785BFF505C" + }) + .AddAdditionalInput( + "606162636465666768696A6B6C6D6E" + + "6F707172737475767778797A7B7C7D7E7F80818283848586" + + "8788898A8B8C8D8E8F909192939495969798999A9B9C9D9E" + + "9FA0A1A2A3A4A5A6A7A8A9AAABACADAEAFB0B1B2B3B4B5B6" + + "B7B8B9BABBBCBDBEBFC0C1C2C3C4C5C6C7C8C9CACBCCCDCE") + .AddAdditionalInput( + "A0A1A2A3A4A5A6A7A8A9AAABACADAE" + + "AFB0B1B2B3B4B5B6B7B8B9BABBBCBDBEBFC0C1C2C3C4C5C6" + + "C7C8C9CACBCCCDCECFD0D1D2D3D4D5D6D7D8D9DADBDCDDDE" + + "DFE0E1E2E3E4E5E6E7E8E9EAEBECEDEEEFF0F1F2F3F4F5F6" + + "F7F8F9FAFBFCFDFEFF000102030405060708090A0B0C0D0E"), + new DrbgTestVector( + new Sha512Digest(), + new SHA512EntropyProvider().Get(888), + true, + "202122232425262728292A2B2C2D2E2F", + 256, + new string[] + { + "AAE4DC3C9ECC74D9" + + "061DD527117EF3D29E1E52B26853C539D6CA797E8DA3D0BB" + + "171D8E30B8B194D8C28F7F6BE3B986B88506DC6A01B294A7" + + "165DD1C3470F7BE7B396AA0DB7D50C4051E7C7E1C8A7D21A" + + "2B5878C0BCB163CAA79366E7A1162FDC88429616CD3E6977" + + "8D327520A6BBBF71D8AA2E03EC4A9DAA0E77CF93E1EE30D2 ", + "129FF6D31A23FFBC" + + "870632B35EE477C2280DDD2ECDABEDB900C78418BE2D243B" + + "B9D8E5093ECE7B6BF48638D8F704D134ADDEB7F4E9D5C142" + + "CD05683E72B516486AF24AEC15D61E81E270DD4EBED91B62" + + "12EB8896A6250D5C8BC3A4A12F7E3068FBDF856F47EB23D3" + + "79F82C1EBCD1585FB260B9C0C42625FBCEE68CAD773CD5B1" + }) + .SetPersonalizationString( + "404142434445464748494A4B4C4D4E" + + "4F505152535455565758595A5B5C5D5E5F60616263646566" + + "6768696A6B6C6D6E6F707172737475767778797A7B7C7D7E" + + "7F808182838485868788898A8B8C8D8E8F90919293949596" + + "9798999A9B9C9D9E9FA0A1A2A3A4A5A6A7A8A9AAABACADAE"), + new DrbgTestVector( + new Sha512Digest(), + new SHA512EntropyProvider().Get(888), + true, + "202122232425262728292A2B2C2D2E2F", + 256, + new string[] + { + "B8E827652175E6E0" + + "6E513C7BE94B5810C14ED94AD903647940CAEB7EE014C848" + + "8DCBBE6D4D6616D06656A3DC707CDAC4F02EE6D8408C065F" + + "CB068C0760DA47C5D60E5D70D09DC3929B6979615D117F7B" + + "EDCC661A98514B3A1F55B2CBABDCA59F11823E4838065F1F" + + "8431CBF28A577738234AF3F188C7190CC19739E72E9BBFFF", + "7ED41B9CFDC8C256" + + "83BBB4C553CC2DC61F690E62ABC9F038A16B8C519690CABE" + + "BD1B5C196C57CF759BB9871BE0C163A57315EA96F615136D" + + "064572F09F26D659D24211F9610FFCDFFDA8CE23FFA96735" + + "7595182660877766035EED800B05364CE324A75EB63FD9B3" + + "EED956D147480B1D0A42DF8AA990BB628666F6F61D60CBE2" + }) + .SetPersonalizationString( + "404142434445464748494A4B4C4D4E" + + "4F505152535455565758595A5B5C5D5E5F60616263646566" + + "6768696A6B6C6D6E6F707172737475767778797A7B7C7D7E" + + "7F808182838485868788898A8B8C8D8E8F90919293949596" + + "9798999A9B9C9D9E9FA0A1A2A3A4A5A6A7A8A9AAABACADAE") + .AddAdditionalInput( + "606162636465666768696A6B6C6D6E" + + "6F707172737475767778797A7B7C7D7E7F80818283848586" + + "8788898A8B8C8D8E8F909192939495969798999A9B9C9D9E" + + "9FA0A1A2A3A4A5A6A7A8A9AAABACADAEAFB0B1B2B3B4B5B6" + + "B7B8B9BABBBCBDBEBFC0C1C2C3C4C5C6C7C8C9CACBCCCDCE") + .AddAdditionalInput( + "A0A1A2A3A4A5A6A7A8A9AAABACADAE" + + "AFB0B1B2B3B4B5B6B7B8B9BABBBCBDBEBFC0C1C2C3C4C5C6" + + "C7C8C9CACBCCCDCECFD0D1D2D3D4D5D6D7D8D9DADBDCDDDE" + + "DFE0E1E2E3E4E5E6E7E8E9EAEBECEDEEEFF0F1F2F3F4F5F6" + + "F7F8F9FAFBFCFDFEFF000102030405060708090A0B0C0D0E") + }; + } + + public override void PerformTest() + { + DrbgTestVector[] tests = CreateTestVectorData(); + ISP80090Drbg d; + + for (int i = 0; i != tests.Length; i++) + { + DrbgTestVector tv = tests[i]; + + byte[] nonce = tv.GetNonce(); + byte[] personalisationString = tv.GetPersonalizationString(); + + d = new HMacSP800Drbg(new HMac(tv.Digest), tv.SecurityStrength, tv.EntropySource, personalisationString, nonce); + + byte[] output = new byte[tv.GetExpectedValue(0).Length]; + + d.Generate(output, tv.GetAdditionalInput(0), tv.PredictionResistance); + + byte[] expected = tv.GetExpectedValue(0); + + if (!AreEqual(expected, output)) + { + Fail("Test #" + (i + 1) + ".1 failed, expected " + Hex.ToHexString(tv.GetExpectedValue(0)) + " got " + Hex.ToHexString(output)); + } + + output = new byte[tv.GetExpectedValue(0).Length]; + + d.Generate(output, tv.GetAdditionalInput(1), tv.PredictionResistance); + + expected = tv.GetExpectedValue(1); + if (!AreEqual(expected, output)) + { + Fail("Test #" + (i + 1) + ".2 failed, expected " + Hex.ToHexString(tv.GetExpectedValue(1)) + " got " + Hex.ToHexString(output)); + } + } + + // Exception tests + // + try + { + d = new HMacSP800Drbg(new HMac(new Sha256Digest()), 256, new SHA256EntropyProvider().Get(128), null, null); + Fail("no exception thrown"); + } + catch (ArgumentException e) + { + if (!e.Message.Equals("Not enough entropy for security strength required")) + { + Fail("Wrong exception", e); + } + } + } + + private class SHA1EntropyProvider : TestEntropySourceProvider + { + internal SHA1EntropyProvider() : base(Hex.Decode( + "000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F202122232425262728292A2B2C2D2E2F30313233343536" + + "808182838485868788898A8B8C8D8E8F909192939495969798999A9B9C9D9E9FA0A1A2A3A4A5A6A7A8A9AAABACADAEAFB0B1B2B3B4B5B6" + + "C0C1C2C3C4C5C6C7C8C9CACBCCCDCECFD0D1D2D3D4D5D6D7D8D9DADBDCDDDEDFE0E1E2E3E4E5E6E7E8E9EAEBECEDEEEFF0F1F2F3F4F5F6"), true) + { + } + } + + internal class SHA256EntropyProvider : TestEntropySourceProvider + { + internal SHA256EntropyProvider() : base(Hex.Decode( + "00010203040506" + + "0708090A0B0C0D0E0F101112131415161718191A1B1C1D1E" + + "1F202122232425262728292A2B2C2D2E2F30313233343536" + + "80818283848586" + + "8788898A8B8C8D8E8F909192939495969798999A9B9C9D9E" + + "9FA0A1A2A3A4A5A6A7A8A9AAABACADAEAFB0B1B2B3B4B5B6" + + "C0C1C2C3C4C5C6" + + "C7C8C9CACBCCCDCECFD0D1D2D3D4D5D6D7D8D9DADBDCDDDE" + + "DFE0E1E2E3E4E5E6E7E8E9EAEBECEDEEEFF0F1F2F3F4F5F6"), true) + { + } + } + + internal class SHA384EntropyProvider : TestEntropySourceProvider + { + internal SHA384EntropyProvider() : base(Hex.Decode( + "000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F20212223242526" + + "2728292A2B2C2D2E2F303132333435363738393A3B3C3D3E3F404142434445464748494A4B4C4D4E4F50515253545556" + + "5758595A5B5C5D5E5F606162636465666768696A6B6C6D6E" + + "808182838485868788898A8B8C8D8E" + + "8F909192939495969798999A9B9C9D9E9FA0A1A2A3A4A5A6" + + "A7A8A9AAABACADAEAFB0B1B2B3B4B5B6B7B8B9BABBBCBDBE" + + "BFC0C1C2C3C4C5C6C7C8C9CACBCCCDCECFD0D1D2D3D4D5D6" + + "D7D8D9DADBDCDDDEDFE0E1E2E3E4E5E6E7E8E9EAEBECEDEE" + + "C0C1C2C3C4C5C6C7C8C9CACBCCCDCE" + + "CFD0D1D2D3D4D5D6D7D8D9DADBDCDDDEDFE0E1E2E3E4E5E6" + + "E7E8E9EAEBECEDEEEFF0F1F2F3F4F5F6F7F8F9FAFBFCFDFE" + + "FF000102030405060708090A0B0C0D0E0F10111213141516" + + "1718191A1B1C1D1E1F202122232425262728292A2B2C2D2E"), true) + { } + } + + internal class SHA512EntropyProvider : TestEntropySourceProvider + { + internal SHA512EntropyProvider() : base(Hex.Decode( + "000102030405060708090A0B0C0D0E" + + "0F101112131415161718191A1B1C1D1E1F20212223242526" + + "2728292A2B2C2D2E2F303132333435363738393A3B3C3D3E" + + "3F404142434445464748494A4B4C4D4E4F50515253545556" + + "5758595A5B5C5D5E5F606162636465666768696A6B6C6D6E" + + "808182838485868788898A8B8C8D8E" + + "8F909192939495969798999A9B9C9D9E9FA0A1A2A3A4A5A6" + + "A7A8A9AAABACADAEAFB0B1B2B3B4B5B6B7B8B9BABBBCBDBE" + + "BFC0C1C2C3C4C5C6C7C8C9CACBCCCDCECFD0D1D2D3D4D5D6" + + "D7D8D9DADBDCDDDEDFE0E1E2E3E4E5E6E7E8E9EAEBECEDEE" + + "C0C1C2C3C4C5C6C7C8C9CACBCCCDCE" + + "CFD0D1D2D3D4D5D6D7D8D9DADBDCDDDEDFE0E1E2E3E4E5E6" + + "E7E8E9EAEBECEDEEEFF0F1F2F3F4F5F6F7F8F9FAFBFCFDFE" + + "FF000102030405060708090A0B0C0D0E0F10111213141516" + + "1718191A1B1C1D1E1F202122232425262728292A2B2C2D2E"), true) + { } + } + } +} diff --git a/BouncyCastle/crypto/test/src/crypto/prng/test/HashDrbgTest.cs b/BouncyCastle/crypto/test/src/crypto/prng/test/HashDrbgTest.cs new file mode 100644 index 0000000..892ca74 --- /dev/null +++ b/BouncyCastle/crypto/test/src/crypto/prng/test/HashDrbgTest.cs @@ -0,0 +1,477 @@ +using System; + +using NUnit.Framework; + +using Org.BouncyCastle.Crypto.Digests; +using Org.BouncyCastle.Crypto.Prng.Drbg; +using Org.BouncyCastle.Utilities.Test; +using Org.BouncyCastle.Utilities.Encoders; + +namespace Org.BouncyCastle.Crypto.Prng.Test +{ + /** + * DRBG Test + */ + [TestFixture] + public class HashDrbgTest + : SimpleTest + { + public override string Name + { + get { return "HashDRBG"; } + } + + public static void Main(string[] args) + { + RunTest(new HashDrbgTest()); + } + + [Test] + public void TestFunction() + { + string resultText = Perform().ToString(); + + Assert.AreEqual(Name + ": Okay", resultText); + } + + private DrbgTestVector[] CreateTestVectorData() + { + return new DrbgTestVector[] + { + new DrbgTestVector( + new Sha1Digest(), + new SHA1EntropyProvider().Get(440), + false, + "2021222324", + 80, + new string[] + { + "9F7CFF1ECA23E750F66326969F11800F12088BA68E441D15D888B3FE12BF66FE057494F4546DE2F1", + "B77AA5C0CD55BBCEED7574AF223AFD988C7EEC8EFF4A94E5E89D26A04F58FA79F5E0D3702D7A9A6A" + } + ), + new DrbgTestVector( + new Sha1Digest(), + new SHA1EntropyProvider().Get(440), + false, + "2021222324", + 80, + new string[] + { + "AB438BD3B01A0AF85CFEE29F7D7B71621C4908B909124D430E7B406FB1086EA994C582E0D656D989", + "29D9098F987E7005314A0F51B3DD2B8122F4AED706735DE6AD5DDBF223177C1E5F3AEBC52FAB90B9" + }) + .SetPersonalizationString("404142434445464748494A4B4C4D4E4F505152535455565758595A5B5C5D5E5F606162636465666768696A6B6C6D6E6F70717273747576"), + new DrbgTestVector( + new Sha1Digest(), + new SHA1EntropyProvider().Get(440), + false, + "2021222324", + 80, + new string[] + { + "E76B4EDD5C865BC8AFD809A59B69B429AC7F4352A579BCF3F75E56249A3491F87C3CA6848B0FAB25", + "6577B6B4F87A93240B199FE51A3B335313683103DECE171E3256FB7E803586CA4E45DD242EB01F70" + }) + .AddAdditionalInput("606162636465666768696A6B6C6D6E6F707172737475767778797A7B7C7D7E7F808182838485868788898A8B8C8D8E8F90919293949596") + .AddAdditionalInput("A0A1A2A3A4A5A6A7A8A9AAABACADAEAFB0B1B2B3B4B5B6B7B8B9BABBBCBDBEBFC0C1C2C3C4C5C6C7C8C9CACBCCCDCECFD0D1D2D3D4D5D6"), + new DrbgTestVector( + new Sha1Digest(), + new SHA1EntropyProvider().Get(440), + true, + "2021222324", + 80, + new string[] + { + "56EF4913373994D5539F4D7D17AFE7448CDF5E72416CC6A71A340059FA0D5AE526B23250C46C0944", + "575B37A2739814F966C63B60A2C4F149CA9ACC84FC4B25493289B085C67B2E30F5F0B99A2C349E2A" + }), + new DrbgTestVector( + new Sha1Digest(), + new SHA1EntropyProvider().Get(440), + true, + "2021222324", + 80, + new string[] + { + "532CA1165DCFF21C55592687639884AF4BC4B057DF8F41DE653AB44E2ADEC7C9303E75ABE277EDBF", + "73C2C67C696D686D0C4DBCEB5C2AF7DDF6F020B6874FAE4390F102117ECAAFF54418529A367005A0" + }) + .SetPersonalizationString("404142434445464748494A4B4C4D4E4F505152535455565758595A5B5C5D5E5F606162636465666768696A6B6C6D6E6F70717273747576"), + new DrbgTestVector( + new Sha1Digest(), + new SHA1EntropyProvider().Get(440), + true, + "2021222324", + 80, + new string[] + { + "183C242A1430E46C4ED70B4DBE1BF9AB0AB8721CDCA2A2D1820AD6F6C956858543B2AA191D8D1287", + "F196F9BD021C745CBD5AC7BFCE48EAAF0D0E7C091FBF436940E63A198EE770D9A4F0718669AF2BC9" + }) + .AddAdditionalInput("606162636465666768696A6B6C6D6E6F707172737475767778797A7B7C7D7E7F808182838485868788898A8B8C8D8E8F90919293949596") + .AddAdditionalInput("A0A1A2A3A4A5A6A7A8A9AAABACADAEAFB0B1B2B3B4B5B6B7B8B9BABBBCBDBEBFC0C1C2C3C4C5C6C7C8C9CACBCCCDCECFD0D1D2D3D4D5D6"), + new DrbgTestVector( + new Sha256Digest(), + new SHA256EntropyProvider().Get(440), + false, + "2021222324252627", + 128, + new string[] + { + "77E05A0E7DC78AB5D8934D5E93E82C06" + + "A07C04CEE6C9C53045EEB485872777CF3B3E35C474F976B8" + + "94BF301A86FA651F463970E89D4A0534B2ECAD29EC044E7E", + "5FF4BA493C40CFFF3B01E472C575668C" + + "CE3880B9290B05BFEDE5EC96ED5E9B2898508B09BC800EEE" + + "099A3C90602ABD4B1D4F343D497C6055C87BB956D53BF351" + } + ), + new DrbgTestVector( + new Sha256Digest(), + new SHA256EntropyProvider().Get(440), + true, + "2021222324252627", + 128, + new string[] + { + "92275523C70E567BCF9B35EC50B933F8" + + "12616DF586B7F72EE1BC7735A5C2654373CBBC72316DFF84" + + "20A33BF02B97AC8D1952583F270ACD7005CC027F4CF1187E", + "681A46B2AA8694A0FE4DEEA720927A84" + + "EAAA985E59C19F8BE0984D8CBEF8C69B754167641946E040" + + "EE2043E1CCB29DCF063C0A50830E428E6DCA262ECD77C542" + }), + new DrbgTestVector( + new Sha384Digest(), + new SHA384EntropyProvider().Get(888), + false, + "202122232425262728292A2B", + 192, + new string[] + { + "04FF23AD15E78790ADD36B438BBC097C7A11747CC2CCEEDE" + + "2C978B23B3DC63B732C953061D7764990ABFEFC47A581B92" + + "1BC0428C4F12212460E406A0F0651E7F0CB9A90ABFDB07B5" + + "25565C74F0AA085082F6CF213AAFAD0C0646895078F1E1FE", + "4F35B85F95DEE3E873054905CFD02341653E18F529930CBE" + + "14D909F37FEAF2C790D22FAE7516B4590BE35D53E2FE1A35" + + "AFE4B6607CB358589C3B4D094A1D81FE0717F1DF5BDDEB3E" + + "114F130BB781E66C22B5B770E8AE115FF39F8ADAF66DEEDF" + } + ), + new DrbgTestVector( + new Sha384Digest(), + new SHA384EntropyProvider().Get(888), + true, + "202122232425262728292A2B", + 192, + new string[] + { + "97993B78F7C31C0E876DC92EB7D6C408E09D608AD6B99D0E" + + "A2229B05A578C426334FCC8A1C7E676ED2D89A5B4CDF5B3F" + + "4ADF11936BF14F4E10909DBA9C24F4FDFFDE72351DA8E2CC" + + "3B135A395373899E5F1A5955B880CA9B9E9DD4C9CA7FA4D4", + "F5983946320E36C64EF283CA1F65D197CF81624EC6778E77" + + "0E78949D84EF21A45CDD62D1DB76920D4C2836FC6AE5299F" + + "AF1357D9701FAD10FBD88D1E2832239436D76EB271BDC3CA" + + "04425EC88BC0E89A4D5C37FFCE7C6C3ABDE9C413AE6D3FEA" + } + ), + new DrbgTestVector( + new Sha512Digest(), + new SHA512EntropyProvider().Get(888), + false, + "202122232425262728292A2B2C2D2E2F", + 256, + new string[] + { + "DA126CF95C6BF97E" + + "2F731F2137A907ACC70FD7AC9EBACD1C6E31C74029B052E3" + + "AABC48F3B00993F2B2381F7650A55322A968C86E05DE88E6" + + "367F6EF89A601DB4342E9086C7AC13B5E56C32E9E668040B" + + "73847893C5BFD38A1CF44F348B4EEE4CD68ADB7E7B8C837F" + + "19BC4F902761F7CFF24AB1D704FD11C4E929D8553753B55D", + "400B977CE8A2BB6A" + + "84C6FD1CF901459685ABF5408CFF4588CEDF52E2D2DC300A" + + "A9B4FAED8CD0161C2172B1FD269253195883D6EBF21020F2" + + "C20E5F2C81AE60C8595B834A229B1F5B726C1125717E6207" + + "8886EF38E61E32707AD5F8116C6393DFB6E7C7AE0E8E92BB" + + "D7E0C3D04BBA02F5169F2F569A58158915FEE4C9D28D45DB" + } + ) + .SetPersonalizationString( + "404142434445464748494A4B4C4D4E" + + "4F505152535455565758595A5B5C5D5E5F60616263646566" + + "6768696A6B6C6D6E6F707172737475767778797A7B7C7D7E" + + "7F808182838485868788898A8B8C8D8E8F90919293949596" + + "9798999A9B9C9D9E9FA0A1A2A3A4A5A6A7A8A9AAABACADAE") + .AddAdditionalInput( + "606162636465666768696A6B6C6D6E" + + "6F707172737475767778797A7B7C7D7E7F80818283848586" + + "8788898A8B8C8D8E8F909192939495969798999A9B9C9D9E" + + "9FA0A1A2A3A4A5A6A7A8A9AAABACADAEAFB0B1B2B3B4B5B6" + + "B7B8B9BABBBCBDBEBFC0C1C2C3C4C5C6C7C8C9CACBCCCDCE") + .AddAdditionalInput( + "A0A1A2A3A4A5A6A7A8A9AAABACADAE" + + "AFB0B1B2B3B4B5B6B7B8B9BABBBCBDBEBFC0C1C2C3C4C5C6" + + "C7C8C9CACBCCCDCECFD0D1D2D3D4D5D6D7D8D9DADBDCDDDE" + + "DFE0E1E2E3E4E5E6E7E8E9EAEBECEDEEEFF0F1F2F3F4F5F6" + + "F7F8F9FAFBFCFDFEFF000102030405060708090A0B0C0D0E"), + new DrbgTestVector( + new Sha512Digest(), + new SHA512EntropyProvider().Get(888), + true, + "202122232425262728292A2B2C2D2E2F", + 256, + new string[] + { + "F93CA6855590A77F" + + "07354097E90E026648B6115DF008FFEDBD9D9811F54E8286" + + "EF00FDD6BA1E58DF2535E3FBDD9A9BA3754A97F36EE83322" + + "1582060A1F37FCE4EE8826636B28EAD589593F4CA8B64738" + + "8F24EB3F0A34796968D21BDEE6F81FD5DF93536F935937B8" + + "025EC8CBF57DDB0C61F2E41463CC1516D657DA2829C6BF90", + "4817618F48C60FB1" + + "CE5BFBDA0CAF4591882A31F6EE3FE0F78779992A06EC60F3" + + "7FB9A8D6108C231F0A927754B0599FA4FA27A4E25E065EF0" + + "3085B892979DC0E7A1080883CAEBFDFD3665A8F2D061C521" + + "F7D6E3DA2AF8B97B6B43B6EC831AF515070A83BBB9AC95ED" + + "4EF49B756A2377A5F0833D847E27A88DDB0C2CE4AD782E7B " + } + ), + new DrbgTestVector( + new Sha512Digest(), + new SHA512EntropyProvider().Get(888), + true, + "202122232425262728292A2B2C2D2E2F", + 256, + new string[] + { + "0455DD4AD7DBACB2" + + "410BE58DF7248D765A4547ABAEE1743B0BCAD37EBD06DA7C" + + "F7CE5E2216E525327E9E2005EBEF2CE53BD733B18128627D" + + "3FD6153089373AF2606A1584646A0EA488BFEF45228699A0" + + "89CEA8AEC44502D86D9591F3552C688B7F7B45FCB0C3C2B9" + + "43C1CD8A6FC63DF4D81C3DA543C9CF2843855EA84E4F959C", + "C047D46D7F614E4E" + + "4A7952C79A451F8F7ACA379967E2977C401C626A2ED70D74" + + "A63660579A354115BC8C8C8CC3AEA3050686A0CFCDB6FA9C" + + "F78D4C2165BAF851C6F9B1CD16A2E14C15C6DAAC56C16E75" + + "FC84A14D58B41622E88B0F1B1995587FD8BAA999CBA98025" + + "4C8AB9A9691DF7B84D88B639A9A3106DEABEB63748B99C09" + } + ) + .AddAdditionalInput( + "606162636465666768696A6B6C6D6E" + + "6F707172737475767778797A7B7C7D7E7F80818283848586" + + "8788898A8B8C8D8E8F909192939495969798999A9B9C9D9E" + + "9FA0A1A2A3A4A5A6A7A8A9AAABACADAEAFB0B1B2B3B4B5B6" + + "B7B8B9BABBBCBDBEBFC0C1C2C3C4C5C6C7C8C9CACBCCCDCE") + .AddAdditionalInput( + "A0A1A2A3A4A5A6A7A8A9AAABACADAE" + + "AFB0B1B2B3B4B5B6B7B8B9BABBBCBDBEBFC0C1C2C3C4C5C6" + + "C7C8C9CACBCCCDCECFD0D1D2D3D4D5D6D7D8D9DADBDCDDDE" + + "DFE0E1E2E3E4E5E6E7E8E9EAEBECEDEEEFF0F1F2F3F4F5F6" + + "F7F8F9FAFBFCFDFEFF000102030405060708090A0B0C0D0E"), + new DrbgTestVector( + new Sha512Digest(), + new SHA512EntropyProvider().Get(888), + true, + "202122232425262728292A2B2C2D2E2F", + 256, + new string[] + { + "22EB93A67911DA73" + + "85D9180C78127DE1A04FF713114C07C9C615F7CC5EF72744" + + "A2DDCD7C3CB85E65DED8EF5F240FBDCBEBBDE2BAAC8ECF7D" + + "CBC8AC333E54607AD41DC495D83DF72A05EF55B127C1441C" + + "9A0EFFDA2C7954DB6C2D04342EB812E5E0B11D6C395F41ED" + + "A2702ECE5BA479E2DFA18F953097492636C12FE30CE5C968", + "E66698CFBF1B3F2E" + + "919C03036E584EAA81CF1C6666240AF05F70637043733954" + + "D8A1E5A66A04C53C6900FDC145D4A3A80A31F5868ACE9AC9" + + "4E14E2051F624A05EEA1F8B684AA5410BCE315E76EA07C71" + + "5D6F34731320FF0DCF78D795E6EFA2DF92B98BE636CDFBA2" + + "9008DD392112AEC202F2E481CB9D83F987FEA69CD1B368BB" + } + ) + .SetPersonalizationString( + "404142434445464748494A4B4C4D4E" + + "4F505152535455565758595A5B5C5D5E5F60616263646566" + + "6768696A6B6C6D6E6F707172737475767778797A7B7C7D7E" + + "7F808182838485868788898A8B8C8D8E8F90919293949596" + + "9798999A9B9C9D9E9FA0A1A2A3A4A5A6A7A8A9AAABACADAE"), + new DrbgTestVector( + new Sha512Digest(), + new SHA512EntropyProvider().Get(888), + true, + "202122232425262728292A2B2C2D2E2F", + 256, + new string[] + { + "7596A76372308BD5" + + "A5613439934678B35521A94D81ABFE63A21ACF61ABB88B61" + + "E86A12C37F308F2BBBE32BE4B38D03AE808386494D70EF52" + + "E9E1365DD18B7784CAB826F31D47579E4D57F69D8BF3152B" + + "95741946CEBE58571DF58ED39980D9AF44E69F01E8989759" + + "8E40171101A0E3302838E0AD9E849C01988993CF9F6E5263", + "DBE5EE36FCD85301" + + "303E1C3617C1AC5E23C08885D0BEFAAD0C85A0D89F85B9F1" + + "6ECE3D88A24EB96504F2F13EFA7049621782F5DE2C416A0D" + + "294CCFE53545C4E309C48E1E285A2B829A574B72B3C2FBE1" + + "34D01E3706B486F2401B9820E17298A342666918E15B8462" + + "87F8C5AF2D96B20FAF3D0BB392E15F4A06CDB0DECD1B6AD7" + } + ) + .SetPersonalizationString( + "404142434445464748494A4B4C4D4E" + + "4F505152535455565758595A5B5C5D5E5F60616263646566" + + "6768696A6B6C6D6E6F707172737475767778797A7B7C7D7E" + + "7F808182838485868788898A8B8C8D8E8F90919293949596" + + "9798999A9B9C9D9E9FA0A1A2A3A4A5A6A7A8A9AAABACADAE") + .AddAdditionalInput( + "606162636465666768696A6B6C6D6E" + + "6F707172737475767778797A7B7C7D7E7F80818283848586" + + "8788898A8B8C8D8E8F909192939495969798999A9B9C9D9E" + + "9FA0A1A2A3A4A5A6A7A8A9AAABACADAEAFB0B1B2B3B4B5B6" + + "B7B8B9BABBBCBDBEBFC0C1C2C3C4C5C6C7C8C9CACBCCCDCE") + .AddAdditionalInput( + "A0A1A2A3A4A5A6A7A8A9AAABACADAE" + + "AFB0B1B2B3B4B5B6B7B8B9BABBBCBDBEBFC0C1C2C3C4C5C6" + + "C7C8C9CACBCCCDCECFD0D1D2D3D4D5D6D7D8D9DADBDCDDDE" + + "DFE0E1E2E3E4E5E6E7E8E9EAEBECEDEEEFF0F1F2F3F4F5F6" + + "F7F8F9FAFBFCFDFEFF000102030405060708090A0B0C0D0E") + }; + } + + public override void PerformTest() + { + DrbgTestVector[] tests = CreateTestVectorData(); + ISP80090Drbg d; + + for (int i = 0; i != tests.Length; i++) + { + DrbgTestVector tv = tests[i]; + + byte[] nonce = tv.GetNonce(); + byte[] personalisationString = tv.GetPersonalizationString(); + + d = new HashSP800Drbg(tv.Digest, tv.SecurityStrength, tv.EntropySource, personalisationString, nonce); + + byte[] output = new byte[tv.GetExpectedValue(0).Length]; + + d.Generate(output, tv.GetAdditionalInput(0), tv.PredictionResistance); + + byte[] expected = tv.GetExpectedValue(0); + + if (!AreEqual(expected, output)) + { + Fail("Test #" + (i + 1) + ".1 failed, expected " + Hex.ToHexString(tv.GetExpectedValue(0)) + " got " + Hex.ToHexString(output)); + } + + output = new byte[tv.GetExpectedValue(0).Length]; + + d.Generate(output, tv.GetAdditionalInput(1), tv.PredictionResistance); + + expected = tv.GetExpectedValue(1); + if (!AreEqual(expected, output)) + { + Fail("Test #" + (i + 1) + ".2 failed, expected " + Hex.ToHexString(tv.GetExpectedValue(1)) + " got " + Hex.ToHexString(output)); + } + } + + // Exception tests + // + try + { + d = new HashSP800Drbg(new Sha256Digest(), 256, new SHA256EntropyProvider().Get(128), null, null); + Fail("no exception thrown"); + } + catch (ArgumentException e) + { + if (!e.Message.Equals("Not enough entropy for security strength required")) + { + Fail("Wrong exception", e); + } + } + + try + { + d = new HashSP800Drbg(new Sha1Digest(), 256, new SHA256EntropyProvider().Get(256), null, null); + Fail("no exception thrown"); + } + catch (ArgumentException e) + { + if (!e.Message.Equals("Requested security strength is not supported by the derivation function")) + { + Fail("Wrong exception", e); + } + } + } + + internal class SHA1EntropyProvider : TestEntropySourceProvider + { + internal SHA1EntropyProvider() : base(Hex.Decode( + "000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F202122232425262728292A2B2C2D2E2F30313233343536" + + "808182838485868788898A8B8C8D8E8F909192939495969798999A9B9C9D9E9FA0A1A2A3A4A5A6A7A8A9AAABACADAEAFB0B1B2B3B4B5B6" + + "C0C1C2C3C4C5C6C7C8C9CACBCCCDCECFD0D1D2D3D4D5D6D7D8D9DADBDCDDDEDFE0E1E2E3E4E5E6E7E8E9EAEBECEDEEEFF0F1F2F3F4F5F6"), true) + {} + } + + internal class SHA256EntropyProvider : TestEntropySourceProvider + { + internal SHA256EntropyProvider() : base(Hex.Decode( + "00010203040506" + + "0708090A0B0C0D0E0F101112131415161718191A1B1C1D1E" + + "1F202122232425262728292A2B2C2D2E2F30313233343536" + + "80818283848586" + + "8788898A8B8C8D8E8F909192939495969798999A9B9C9D9E" + + "9FA0A1A2A3A4A5A6A7A8A9AAABACADAEAFB0B1B2B3B4B5B6" + + "C0C1C2C3C4C5C6" + + "C7C8C9CACBCCCDCECFD0D1D2D3D4D5D6D7D8D9DADBDCDDDE" + + "DFE0E1E2E3E4E5E6E7E8E9EAEBECEDEEEFF0F1F2F3F4F5F6"), true) + { } + } + + internal class SHA384EntropyProvider : TestEntropySourceProvider + { + internal SHA384EntropyProvider() : base(Hex.Decode( + "000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F20212223242526" + + "2728292A2B2C2D2E2F303132333435363738393A3B3C3D3E3F404142434445464748494A4B4C4D4E4F50515253545556" + + "5758595A5B5C5D5E5F606162636465666768696A6B6C6D6E" + + "808182838485868788898A8B8C8D8E" + + "8F909192939495969798999A9B9C9D9E9FA0A1A2A3A4A5A6" + + "A7A8A9AAABACADAEAFB0B1B2B3B4B5B6B7B8B9BABBBCBDBE" + + "BFC0C1C2C3C4C5C6C7C8C9CACBCCCDCECFD0D1D2D3D4D5D6" + + "D7D8D9DADBDCDDDEDFE0E1E2E3E4E5E6E7E8E9EAEBECEDEE" + + "C0C1C2C3C4C5C6C7C8C9CACBCCCDCE" + + "CFD0D1D2D3D4D5D6D7D8D9DADBDCDDDEDFE0E1E2E3E4E5E6" + + "E7E8E9EAEBECEDEEEFF0F1F2F3F4F5F6F7F8F9FAFBFCFDFE" + + "FF000102030405060708090A0B0C0D0E0F10111213141516" + + "1718191A1B1C1D1E1F202122232425262728292A2B2C2D2E"), true) + {} + } + + internal class SHA512EntropyProvider : TestEntropySourceProvider + { + internal SHA512EntropyProvider() : base(Hex.Decode( + "000102030405060708090A0B0C0D0E" + + "0F101112131415161718191A1B1C1D1E1F20212223242526" + + "2728292A2B2C2D2E2F303132333435363738393A3B3C3D3E" + + "3F404142434445464748494A4B4C4D4E4F50515253545556" + + "5758595A5B5C5D5E5F606162636465666768696A6B6C6D6E" + + "808182838485868788898A8B8C8D8E" + + "8F909192939495969798999A9B9C9D9E9FA0A1A2A3A4A5A6" + + "A7A8A9AAABACADAEAFB0B1B2B3B4B5B6B7B8B9BABBBCBDBE" + + "BFC0C1C2C3C4C5C6C7C8C9CACBCCCDCECFD0D1D2D3D4D5D6" + + "D7D8D9DADBDCDDDEDFE0E1E2E3E4E5E6E7E8E9EAEBECEDEE" + + "C0C1C2C3C4C5C6C7C8C9CACBCCCDCE" + + "CFD0D1D2D3D4D5D6D7D8D9DADBDCDDDEDFE0E1E2E3E4E5E6" + + "E7E8E9EAEBECEDEEEFF0F1F2F3F4F5F6F7F8F9FAFBFCFDFE" + + "FF000102030405060708090A0B0C0D0E0F10111213141516" + + "1718191A1B1C1D1E1F202122232425262728292A2B2C2D2E"), true) + { } + } + } +} diff --git a/BouncyCastle/crypto/test/src/crypto/prng/test/TestEntropySourceProvider.cs b/BouncyCastle/crypto/test/src/crypto/prng/test/TestEntropySourceProvider.cs new file mode 100644 index 0000000..6477996 --- /dev/null +++ b/BouncyCastle/crypto/test/src/crypto/prng/test/TestEntropySourceProvider.cs @@ -0,0 +1,57 @@ +using System; + +namespace Org.BouncyCastle.Crypto.Prng.Test +{ + public class TestEntropySourceProvider + : IEntropySourceProvider + { + private readonly byte[] data; + private readonly bool isPredictionResistant; + + internal TestEntropySourceProvider(byte[] data, bool isPredictionResistant) + { + this.data = data; + this.isPredictionResistant = isPredictionResistant; + } + + public IEntropySource Get(int bitsRequired) + { + return new EntropySource(bitsRequired, data, isPredictionResistant); + } + + internal class EntropySource + : IEntropySource + { + private readonly int bitsRequired; + private readonly byte[] data; + private readonly bool isPredictionResistant; + + int index = 0; + + internal EntropySource(int bitsRequired, byte[] data, bool isPredictionResistant) + { + this.bitsRequired = bitsRequired; + this.data = data; + this.isPredictionResistant = isPredictionResistant; + } + + public bool IsPredictionResistant + { + get { return isPredictionResistant; } + } + + public byte[] GetEntropy() + { + byte[] rv = new byte[bitsRequired / 8]; + Array.Copy(data, index, rv, 0, rv.Length); + index += bitsRequired / 8; + return rv; + } + + public int EntropySize + { + get { return bitsRequired; } + } + } + } +} diff --git a/BouncyCastle/crypto/test/src/crypto/prng/test/X931Test.cs b/BouncyCastle/crypto/test/src/crypto/prng/test/X931Test.cs new file mode 100644 index 0000000..1132ea3 --- /dev/null +++ b/BouncyCastle/crypto/test/src/crypto/prng/test/X931Test.cs @@ -0,0 +1,137 @@ +using System; + +using NUnit.Framework; + +using Org.BouncyCastle.Crypto.Engines; +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Security; +using Org.BouncyCastle.Utilities; +using Org.BouncyCastle.Utilities.Encoders; +using Org.BouncyCastle.Utilities.Test; + +namespace Org.BouncyCastle.Crypto.Prng.Test +{ + /** + * HMAC SP800-90 DRBG + */ + [TestFixture] + public class X931Test + : SimpleTest + { + public override string Name + { + get { return "X931"; } + } + + public static void Main(string[] args) + { + RunTest(new X931Test()); + } + + [Test] + public void TestFunction() + { + string resultText = Perform().ToString(); + + Assert.AreEqual(Name + ": Okay", resultText); + } + + private X931TestVector[] CreateTestVectorData() + { + return new X931TestVector[] + { + new X931TestVector( + new AesEngine(), + new Aes128EntropyProvider(), + "f7d36762b9915f1ed585eb8e91700eb2", + "259e67249288597a4d61e7c0e690afae", + false, + new string[] + { + "15f013af5a8e9df9a8e37500edaeac43", + "a9d74bb1c90a222adc398546d64879cf", + "0379e404042d58180764fb9e6c5d94bb", + "3c74603e036d28c79947ffb56fee4e51", + "e872101a4df81ebbe1e632fc87195d52", + "26a6b3d33b8e7e68b75d9630ec036314" + }), + new X931TestVector( + new DesEdeEngine(), + new TDesEntropyProvider(), + "ef16ec643e5db5892cbc6eabba310b3410e6f8759e3e382c", + "55df103deaf68dc4", + false, + new string[] + { + "9c960bb9662ce6de", + "d9d0e527fd0931da", + "3e2db9994e9e6995", + "0e3868aef8218cf7", + "7b0b0ca137f8fd81", + "f657df270ad12265" + }) + }; + } + + public override void PerformTest() + { + X931TestVector[] vectors = CreateTestVectorData(); + + for (int i = 0; i != vectors.Length; i++) + { + X931TestVector tv = vectors[i]; + X931SecureRandomBuilder bld = new X931SecureRandomBuilder(tv.EntropyProvider); + + bld.SetDateTimeVector(Hex.Decode(tv.DateTimeVector)); + + SecureRandom rand = bld.Build(tv.Engine, new KeyParameter(Hex.Decode(tv.Key)), tv.IsPredictionResistant); + + for (int j = 0; j != tv.Expected.Length - 1; j++) + { + byte[] expected = Hex.Decode(tv.Expected[j]); + byte[] res = new byte[expected.Length]; + + rand.NextBytes(res); + + if (!Arrays.AreEqual(expected, res)) + { + Fail("expected output wrong [" + j + "] got : " + Strings.FromByteArray(Hex.Encode(res))); + } + } + + { + byte[] expected = Hex.Decode(tv.Expected[tv.Expected.Length - 1]); + byte[] res = new byte[expected.Length]; + + for (int j = tv.Expected.Length - 1; j != 10000; j++) + { + rand.NextBytes(res); + } + + if (!Arrays.AreEqual(expected, res)) + { + Fail("expected output wrong [" + 10000 + "] got : " + Strings.FromByteArray(Hex.Encode(res))); + } + } + } + } + + private class Aes128EntropyProvider + : TestEntropySourceProvider + { + internal Aes128EntropyProvider() + : base(Hex.Decode("35cc0ea481fc8a4f5f05c7d4667233b2"), true) + { + } + } + + private class TDesEntropyProvider + : TestEntropySourceProvider + { + internal TDesEntropyProvider() + : base(Hex.Decode("96d872b9122c5e74"), true) + { + } + } + } +} diff --git a/BouncyCastle/crypto/test/src/crypto/prng/test/X931TestVector.cs b/BouncyCastle/crypto/test/src/crypto/prng/test/X931TestVector.cs new file mode 100644 index 0000000..e641b0a --- /dev/null +++ b/BouncyCastle/crypto/test/src/crypto/prng/test/X931TestVector.cs @@ -0,0 +1,55 @@ +using System; + +namespace Org.BouncyCastle.Crypto.Prng.Test +{ + public class X931TestVector + { + private readonly IBlockCipher engine; + private readonly IEntropySourceProvider entropyProvider; + private readonly string key; + private readonly string dateTimeVector; + private readonly bool predictionResistant; + private readonly string[] expected; + + public X931TestVector(IBlockCipher engine, IEntropySourceProvider entropyProvider, string key, string dateTimeVector, + bool predictionResistant, string[] expected) + { + this.engine = engine; + this.entropyProvider = entropyProvider; + this.key = key; + this.dateTimeVector = dateTimeVector; + this.predictionResistant = predictionResistant; + this.expected = expected; + } + + public string DateTimeVector + { + get { return dateTimeVector; } + } + + public IBlockCipher Engine + { + get { return engine; } + } + + public IEntropySourceProvider EntropyProvider + { + get { return entropyProvider; } + } + + public string[] Expected + { + get { return expected; } + } + + public string Key + { + get { return key; } + } + + public bool IsPredictionResistant + { + get { return predictionResistant; } + } + } +} diff --git a/BouncyCastle/crypto/test/src/crypto/test/AESFastTest.cs b/BouncyCastle/crypto/test/src/crypto/test/AESFastTest.cs new file mode 100644 index 0000000..5513a0e --- /dev/null +++ b/BouncyCastle/crypto/test/src/crypto/test/AESFastTest.cs @@ -0,0 +1,168 @@ +using System; + +using NUnit.Framework; + +using Org.BouncyCastle.Crypto; +using Org.BouncyCastle.Crypto.Engines; +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Utilities.Encoders; +using Org.BouncyCastle.Utilities.Test; + +namespace Org.BouncyCastle.Crypto.Tests +{ + /** + * Test vectors from the NIST standard tests and Brian Gladman's vector set + * + * http://fp.gladman.plus.com/cryptography_technology/rijndael/ + */ + [TestFixture] + public class AesFastTest + : CipherTest + { + static SimpleTest[] tests = + { + new BlockCipherVectorTest(0, new AesFastEngine(), + new KeyParameter(Hex.Decode("80000000000000000000000000000000")), + "00000000000000000000000000000000", "0EDD33D3C621E546455BD8BA1418BEC8"), + new BlockCipherVectorTest(1, new AesFastEngine(), + new KeyParameter(Hex.Decode("00000000000000000000000000000080")), + "00000000000000000000000000000000", "172AEAB3D507678ECAF455C12587ADB7"), + new BlockCipherMonteCarloTest(2, 10000, new AesFastEngine(), + new KeyParameter(Hex.Decode("00000000000000000000000000000000")), + "00000000000000000000000000000000", "C34C052CC0DA8D73451AFE5F03BE297F"), + new BlockCipherMonteCarloTest(3, 10000, new AesFastEngine(), + new KeyParameter(Hex.Decode("5F060D3716B345C253F6749ABAC10917")), + "355F697E8B868B65B25A04E18D782AFA", "ACC863637868E3E068D2FD6E3508454A"), + new BlockCipherVectorTest(4, new AesFastEngine(), + new KeyParameter(Hex.Decode("000000000000000000000000000000000000000000000000")), + "80000000000000000000000000000000", "6CD02513E8D4DC986B4AFE087A60BD0C"), + new BlockCipherMonteCarloTest(5, 10000, new AesFastEngine(), + new KeyParameter(Hex.Decode("AAFE47EE82411A2BF3F6752AE8D7831138F041560631B114")), + "F3F6752AE8D7831138F041560631B114", "77BA00ED5412DFF27C8ED91F3C376172"), + new BlockCipherVectorTest(6, new AesFastEngine(), + new KeyParameter(Hex.Decode("0000000000000000000000000000000000000000000000000000000000000000")), + "80000000000000000000000000000000", "DDC6BF790C15760D8D9AEB6F9A75FD4E"), + new BlockCipherMonteCarloTest(7, 10000, new AesFastEngine(), + new KeyParameter(Hex.Decode("28E79E2AFC5F7745FCCABE2F6257C2EF4C4EDFB37324814ED4137C288711A386")), + "C737317FE0846F132B23C8C2A672CE22", "E58B82BFBA53C0040DC610C642121168"), + new BlockCipherVectorTest(8, new AesFastEngine(), + new KeyParameter(Hex.Decode("80000000000000000000000000000000")), + "00000000000000000000000000000000", "0EDD33D3C621E546455BD8BA1418BEC8"), + new BlockCipherVectorTest(9, new AesFastEngine(), + new KeyParameter(Hex.Decode("00000000000000000000000000000080")), + "00000000000000000000000000000000", "172AEAB3D507678ECAF455C12587ADB7"), + new BlockCipherMonteCarloTest(10, 10000, new AesFastEngine(), + new KeyParameter(Hex.Decode("00000000000000000000000000000000")), + "00000000000000000000000000000000", "C34C052CC0DA8D73451AFE5F03BE297F"), + new BlockCipherMonteCarloTest(11, 10000, new AesFastEngine(), + new KeyParameter(Hex.Decode("5F060D3716B345C253F6749ABAC10917")), + "355F697E8B868B65B25A04E18D782AFA", "ACC863637868E3E068D2FD6E3508454A"), + new BlockCipherVectorTest(12, new AesFastEngine(), + new KeyParameter(Hex.Decode("000000000000000000000000000000000000000000000000")), + "80000000000000000000000000000000", "6CD02513E8D4DC986B4AFE087A60BD0C"), + new BlockCipherMonteCarloTest(13, 10000, new AesFastEngine(), + new KeyParameter(Hex.Decode("AAFE47EE82411A2BF3F6752AE8D7831138F041560631B114")), + "F3F6752AE8D7831138F041560631B114", "77BA00ED5412DFF27C8ED91F3C376172"), + new BlockCipherVectorTest(14, new AesFastEngine(), + new KeyParameter(Hex.Decode("0000000000000000000000000000000000000000000000000000000000000000")), + "80000000000000000000000000000000", "DDC6BF790C15760D8D9AEB6F9A75FD4E"), + new BlockCipherMonteCarloTest(15, 10000, new AesFastEngine(), + new KeyParameter(Hex.Decode("28E79E2AFC5F7745FCCABE2F6257C2EF4C4EDFB37324814ED4137C288711A386")), + "C737317FE0846F132B23C8C2A672CE22", "E58B82BFBA53C0040DC610C642121168"), + new BlockCipherVectorTest(16, new AesFastEngine(), + new KeyParameter(Hex.Decode("80000000000000000000000000000000")), + "00000000000000000000000000000000", "0EDD33D3C621E546455BD8BA1418BEC8"), + new BlockCipherVectorTest(17, new AesFastEngine(), + new KeyParameter(Hex.Decode("00000000000000000000000000000080")), + "00000000000000000000000000000000", "172AEAB3D507678ECAF455C12587ADB7"), + new BlockCipherMonteCarloTest(18, 10000, new AesFastEngine(), + new KeyParameter(Hex.Decode("00000000000000000000000000000000")), + "00000000000000000000000000000000", "C34C052CC0DA8D73451AFE5F03BE297F"), + new BlockCipherMonteCarloTest(19, 10000, new AesFastEngine(), + new KeyParameter(Hex.Decode("5F060D3716B345C253F6749ABAC10917")), + "355F697E8B868B65B25A04E18D782AFA", "ACC863637868E3E068D2FD6E3508454A"), + new BlockCipherVectorTest(20, new AesFastEngine(), + new KeyParameter(Hex.Decode("000000000000000000000000000000000000000000000000")), + "80000000000000000000000000000000", "6CD02513E8D4DC986B4AFE087A60BD0C"), + new BlockCipherMonteCarloTest(21, 10000, new AesFastEngine(), + new KeyParameter(Hex.Decode("AAFE47EE82411A2BF3F6752AE8D7831138F041560631B114")), + "F3F6752AE8D7831138F041560631B114", "77BA00ED5412DFF27C8ED91F3C376172"), + new BlockCipherVectorTest(22, new AesFastEngine(), + new KeyParameter(Hex.Decode("0000000000000000000000000000000000000000000000000000000000000000")), + "80000000000000000000000000000000", "DDC6BF790C15760D8D9AEB6F9A75FD4E"), + new BlockCipherMonteCarloTest(23, 10000, new AesFastEngine(), + new KeyParameter(Hex.Decode("28E79E2AFC5F7745FCCABE2F6257C2EF4C4EDFB37324814ED4137C288711A386")), + "C737317FE0846F132B23C8C2A672CE22", "E58B82BFBA53C0040DC610C642121168") + }; + + private IBlockCipher _engine = new AesFastEngine(); + + public AesFastTest() + : base(tests, new AesFastEngine(), new KeyParameter(new byte[16])) + { + } + + public override string Name + { + get + { + return "AESFast"; + } + } + + public override void PerformTest() + { + base.PerformTest(); + + byte[] keyBytes = new byte[16]; + + _engine.Init(true, new KeyParameter(keyBytes)); + + // + // init tests + // + try + { + byte[] dudKey = new byte[6]; + + _engine.Init(true, new KeyParameter(dudKey)); + + Fail("failed key length check"); + } + catch (ArgumentException) + { + // expected + } + + try + { + byte[] iv = new byte[16]; + + _engine.Init(true, new ParametersWithIV(null, iv)); + + Fail("failed parameter check"); + } + catch (ArgumentException) + { + // expected + } + } + + public static void Main( + string[] args) + { + AesFastTest test = new AesFastTest(); + ITestResult result = test.Perform(); + + Console.WriteLine(result); + } + + [Test] + public void TestFunction() + { + string resultText = Perform().ToString(); + + Assert.AreEqual(Name + ": Okay", resultText); + } + } +} diff --git a/BouncyCastle/crypto/test/src/crypto/test/AESLightTest.cs b/BouncyCastle/crypto/test/src/crypto/test/AESLightTest.cs new file mode 100644 index 0000000..0b5777b --- /dev/null +++ b/BouncyCastle/crypto/test/src/crypto/test/AESLightTest.cs @@ -0,0 +1,168 @@ +using System; + +using NUnit.Framework; + +using Org.BouncyCastle.Crypto; +using Org.BouncyCastle.Crypto.Engines; +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Utilities.Encoders; +using Org.BouncyCastle.Utilities.Test; + +namespace Org.BouncyCastle.Crypto.Tests +{ + /** + * Test vectors from the NIST standard tests and Brian Gladman's vector set + * + * http://fp.gladman.plus.com/cryptography_technology/rijndael/ + */ + [TestFixture] + public class AesLightTest + : CipherTest + { + static SimpleTest[] tests = + { + new BlockCipherVectorTest(0, new AesLightEngine(), + new KeyParameter(Hex.Decode("80000000000000000000000000000000")), + "00000000000000000000000000000000", "0EDD33D3C621E546455BD8BA1418BEC8"), + new BlockCipherVectorTest(1, new AesLightEngine(), + new KeyParameter(Hex.Decode("00000000000000000000000000000080")), + "00000000000000000000000000000000", "172AEAB3D507678ECAF455C12587ADB7"), + new BlockCipherMonteCarloTest(2, 10000, new AesLightEngine(), + new KeyParameter(Hex.Decode("00000000000000000000000000000000")), + "00000000000000000000000000000000", "C34C052CC0DA8D73451AFE5F03BE297F"), + new BlockCipherMonteCarloTest(3, 10000, new AesLightEngine(), + new KeyParameter(Hex.Decode("5F060D3716B345C253F6749ABAC10917")), + "355F697E8B868B65B25A04E18D782AFA", "ACC863637868E3E068D2FD6E3508454A"), + new BlockCipherVectorTest(4, new AesLightEngine(), + new KeyParameter(Hex.Decode("000000000000000000000000000000000000000000000000")), + "80000000000000000000000000000000", "6CD02513E8D4DC986B4AFE087A60BD0C"), + new BlockCipherMonteCarloTest(5, 10000, new AesLightEngine(), + new KeyParameter(Hex.Decode("AAFE47EE82411A2BF3F6752AE8D7831138F041560631B114")), + "F3F6752AE8D7831138F041560631B114", "77BA00ED5412DFF27C8ED91F3C376172"), + new BlockCipherVectorTest(6, new AesLightEngine(), + new KeyParameter(Hex.Decode("0000000000000000000000000000000000000000000000000000000000000000")), + "80000000000000000000000000000000", "DDC6BF790C15760D8D9AEB6F9A75FD4E"), + new BlockCipherMonteCarloTest(7, 10000, new AesLightEngine(), + new KeyParameter(Hex.Decode("28E79E2AFC5F7745FCCABE2F6257C2EF4C4EDFB37324814ED4137C288711A386")), + "C737317FE0846F132B23C8C2A672CE22", "E58B82BFBA53C0040DC610C642121168"), + new BlockCipherVectorTest(8, new AesLightEngine(), + new KeyParameter(Hex.Decode("80000000000000000000000000000000")), + "00000000000000000000000000000000", "0EDD33D3C621E546455BD8BA1418BEC8"), + new BlockCipherVectorTest(9, new AesLightEngine(), + new KeyParameter(Hex.Decode("00000000000000000000000000000080")), + "00000000000000000000000000000000", "172AEAB3D507678ECAF455C12587ADB7"), + new BlockCipherMonteCarloTest(10, 10000, new AesLightEngine(), + new KeyParameter(Hex.Decode("00000000000000000000000000000000")), + "00000000000000000000000000000000", "C34C052CC0DA8D73451AFE5F03BE297F"), + new BlockCipherMonteCarloTest(11, 10000, new AesLightEngine(), + new KeyParameter(Hex.Decode("5F060D3716B345C253F6749ABAC10917")), + "355F697E8B868B65B25A04E18D782AFA", "ACC863637868E3E068D2FD6E3508454A"), + new BlockCipherVectorTest(12, new AesLightEngine(), + new KeyParameter(Hex.Decode("000000000000000000000000000000000000000000000000")), + "80000000000000000000000000000000", "6CD02513E8D4DC986B4AFE087A60BD0C"), + new BlockCipherMonteCarloTest(13, 10000, new AesLightEngine(), + new KeyParameter(Hex.Decode("AAFE47EE82411A2BF3F6752AE8D7831138F041560631B114")), + "F3F6752AE8D7831138F041560631B114", "77BA00ED5412DFF27C8ED91F3C376172"), + new BlockCipherVectorTest(14, new AesLightEngine(), + new KeyParameter(Hex.Decode("0000000000000000000000000000000000000000000000000000000000000000")), + "80000000000000000000000000000000", "DDC6BF790C15760D8D9AEB6F9A75FD4E"), + new BlockCipherMonteCarloTest(15, 10000, new AesLightEngine(), + new KeyParameter(Hex.Decode("28E79E2AFC5F7745FCCABE2F6257C2EF4C4EDFB37324814ED4137C288711A386")), + "C737317FE0846F132B23C8C2A672CE22", "E58B82BFBA53C0040DC610C642121168"), + new BlockCipherVectorTest(16, new AesLightEngine(), + new KeyParameter(Hex.Decode("80000000000000000000000000000000")), + "00000000000000000000000000000000", "0EDD33D3C621E546455BD8BA1418BEC8"), + new BlockCipherVectorTest(17, new AesLightEngine(), + new KeyParameter(Hex.Decode("00000000000000000000000000000080")), + "00000000000000000000000000000000", "172AEAB3D507678ECAF455C12587ADB7"), + new BlockCipherMonteCarloTest(18, 10000, new AesLightEngine(), + new KeyParameter(Hex.Decode("00000000000000000000000000000000")), + "00000000000000000000000000000000", "C34C052CC0DA8D73451AFE5F03BE297F"), + new BlockCipherMonteCarloTest(19, 10000, new AesLightEngine(), + new KeyParameter(Hex.Decode("5F060D3716B345C253F6749ABAC10917")), + "355F697E8B868B65B25A04E18D782AFA", "ACC863637868E3E068D2FD6E3508454A"), + new BlockCipherVectorTest(20, new AesLightEngine(), + new KeyParameter(Hex.Decode("000000000000000000000000000000000000000000000000")), + "80000000000000000000000000000000", "6CD02513E8D4DC986B4AFE087A60BD0C"), + new BlockCipherMonteCarloTest(21, 10000, new AesLightEngine(), + new KeyParameter(Hex.Decode("AAFE47EE82411A2BF3F6752AE8D7831138F041560631B114")), + "F3F6752AE8D7831138F041560631B114", "77BA00ED5412DFF27C8ED91F3C376172"), + new BlockCipherVectorTest(22, new AesLightEngine(), + new KeyParameter(Hex.Decode("0000000000000000000000000000000000000000000000000000000000000000")), + "80000000000000000000000000000000", "DDC6BF790C15760D8D9AEB6F9A75FD4E"), + new BlockCipherMonteCarloTest(23, 10000, new AesLightEngine(), + new KeyParameter(Hex.Decode("28E79E2AFC5F7745FCCABE2F6257C2EF4C4EDFB37324814ED4137C288711A386")), + "C737317FE0846F132B23C8C2A672CE22", "E58B82BFBA53C0040DC610C642121168") + }; + + private IBlockCipher _engine = new AesLightEngine(); + + public AesLightTest() + : base(tests, new AesLightEngine(), new KeyParameter(new byte[16])) + { + } + + public override string Name + { + get + { + return "AESLight"; + } + } + + public override void PerformTest() + { + base.PerformTest(); + + byte[] keyBytes = new byte[16]; + + _engine.Init(true, new KeyParameter(keyBytes)); + + // + // init tests + // + try + { + byte[] dudKey = new byte[6]; + + _engine.Init(true, new KeyParameter(dudKey)); + + Fail("failed key length check"); + } + catch (ArgumentException) + { + // expected + } + + try + { + byte[] iv = new byte[16]; + + _engine.Init(true, new ParametersWithIV(null, iv)); + + Fail("failed parameter check"); + } + catch (ArgumentException) + { + // expected + } + } + + public static void Main( + string[] args) + { + AesLightTest test = new AesLightTest(); + ITestResult result = test.Perform(); + + Console.WriteLine(result); + } + + [Test] + public void TestFunction() + { + string resultText = Perform().ToString(); + + Assert.AreEqual(Name + ": Okay", resultText); + } + } +} diff --git a/BouncyCastle/crypto/test/src/crypto/test/AESTest.cs b/BouncyCastle/crypto/test/src/crypto/test/AESTest.cs new file mode 100644 index 0000000..7b8fc34 --- /dev/null +++ b/BouncyCastle/crypto/test/src/crypto/test/AESTest.cs @@ -0,0 +1,178 @@ +using System; + +using NUnit.Framework; + +using Org.BouncyCastle.Crypto; +using Org.BouncyCastle.Crypto.Engines; +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Utilities; +using Org.BouncyCastle.Utilities.Encoders; +using Org.BouncyCastle.Utilities.Test; + +namespace Org.BouncyCastle.Crypto.Tests +{ + /// Test vectors from the NIST standard tests and Brian Gladman's vector set + /// + /// http://fp.gladman.plus.com/cryptography_technology/rijndael/ + /// + [TestFixture] + public class AesTest : CipherTest + { + internal static SimpleTest[] tests = new SimpleTest[]{ + new BlockCipherVectorTest(0, new AesEngine(), new KeyParameter(Hex.Decode("80000000000000000000000000000000")), "00000000000000000000000000000000", "0EDD33D3C621E546455BD8BA1418BEC8"), + new BlockCipherVectorTest(1, new AesEngine(), new KeyParameter(Hex.Decode("00000000000000000000000000000080")), "00000000000000000000000000000000", "172AEAB3D507678ECAF455C12587ADB7"), + new BlockCipherMonteCarloTest(2, 10000, new AesEngine(), new KeyParameter(Hex.Decode("00000000000000000000000000000000")), "00000000000000000000000000000000", "C34C052CC0DA8D73451AFE5F03BE297F"), + new BlockCipherMonteCarloTest(3, 10000, new AesEngine(), new KeyParameter(Hex.Decode("5F060D3716B345C253F6749ABAC10917")), "355F697E8B868B65B25A04E18D782AFA", "ACC863637868E3E068D2FD6E3508454A"), + new BlockCipherVectorTest(4, new AesEngine(), new KeyParameter(Hex.Decode("000000000000000000000000000000000000000000000000")), "80000000000000000000000000000000", "6CD02513E8D4DC986B4AFE087A60BD0C"), + new BlockCipherMonteCarloTest(5, 10000, new AesEngine(), new KeyParameter(Hex.Decode("AAFE47EE82411A2BF3F6752AE8D7831138F041560631B114")), "F3F6752AE8D7831138F041560631B114", "77BA00ED5412DFF27C8ED91F3C376172"), + new BlockCipherVectorTest(6, new AesEngine(), new KeyParameter(Hex.Decode("0000000000000000000000000000000000000000000000000000000000000000")), "80000000000000000000000000000000", "DDC6BF790C15760D8D9AEB6F9A75FD4E"), + new BlockCipherMonteCarloTest(7, 10000, new AesEngine(), new KeyParameter(Hex.Decode("28E79E2AFC5F7745FCCABE2F6257C2EF4C4EDFB37324814ED4137C288711A386")), "C737317FE0846F132B23C8C2A672CE22", "E58B82BFBA53C0040DC610C642121168"), + new BlockCipherVectorTest(8, new AesEngine(), new KeyParameter(Hex.Decode("80000000000000000000000000000000")), "00000000000000000000000000000000", "0EDD33D3C621E546455BD8BA1418BEC8"), + new BlockCipherVectorTest(9, new AesEngine(), new KeyParameter(Hex.Decode("00000000000000000000000000000080")), "00000000000000000000000000000000", "172AEAB3D507678ECAF455C12587ADB7"), + new BlockCipherMonteCarloTest(10, 10000, new AesEngine(), new KeyParameter(Hex.Decode("00000000000000000000000000000000")), "00000000000000000000000000000000", "C34C052CC0DA8D73451AFE5F03BE297F"), + new BlockCipherMonteCarloTest(11, 10000, new AesEngine(), new KeyParameter(Hex.Decode("5F060D3716B345C253F6749ABAC10917")), "355F697E8B868B65B25A04E18D782AFA", "ACC863637868E3E068D2FD6E3508454A"), + new BlockCipherVectorTest(12, new AesEngine(), new KeyParameter(Hex.Decode("000000000000000000000000000000000000000000000000")), "80000000000000000000000000000000", "6CD02513E8D4DC986B4AFE087A60BD0C"), + new BlockCipherMonteCarloTest(13, 10000, new AesEngine(), new KeyParameter(Hex.Decode("AAFE47EE82411A2BF3F6752AE8D7831138F041560631B114")), "F3F6752AE8D7831138F041560631B114", "77BA00ED5412DFF27C8ED91F3C376172"), + new BlockCipherVectorTest(14, new AesEngine(), new KeyParameter(Hex.Decode("0000000000000000000000000000000000000000000000000000000000000000")), "80000000000000000000000000000000", "DDC6BF790C15760D8D9AEB6F9A75FD4E"), + new BlockCipherMonteCarloTest(15, 10000, new AesEngine(), new KeyParameter(Hex.Decode("28E79E2AFC5F7745FCCABE2F6257C2EF4C4EDFB37324814ED4137C288711A386")), "C737317FE0846F132B23C8C2A672CE22", "E58B82BFBA53C0040DC610C642121168"), + new BlockCipherVectorTest(16, new AesEngine(), new KeyParameter(Hex.Decode("80000000000000000000000000000000")), "00000000000000000000000000000000", "0EDD33D3C621E546455BD8BA1418BEC8"), + new BlockCipherVectorTest(17, new AesEngine(), new KeyParameter(Hex.Decode("00000000000000000000000000000080")), "00000000000000000000000000000000", "172AEAB3D507678ECAF455C12587ADB7"), + new BlockCipherMonteCarloTest(18, 10000, new AesEngine(), new KeyParameter(Hex.Decode("00000000000000000000000000000000")), "00000000000000000000000000000000", "C34C052CC0DA8D73451AFE5F03BE297F"), + new BlockCipherMonteCarloTest(19, 10000, new AesEngine(), new KeyParameter(Hex.Decode("5F060D3716B345C253F6749ABAC10917")), "355F697E8B868B65B25A04E18D782AFA", "ACC863637868E3E068D2FD6E3508454A"), + new BlockCipherVectorTest(20, new AesEngine(), new KeyParameter(Hex.Decode("000000000000000000000000000000000000000000000000")), "80000000000000000000000000000000", "6CD02513E8D4DC986B4AFE087A60BD0C"), + new BlockCipherMonteCarloTest(21, 10000, new AesEngine(), new KeyParameter(Hex.Decode("AAFE47EE82411A2BF3F6752AE8D7831138F041560631B114")), "F3F6752AE8D7831138F041560631B114", "77BA00ED5412DFF27C8ED91F3C376172"), + new BlockCipherVectorTest(22, new AesEngine(), new KeyParameter(Hex.Decode("0000000000000000000000000000000000000000000000000000000000000000")), "80000000000000000000000000000000", "DDC6BF790C15760D8D9AEB6F9A75FD4E"), + new BlockCipherMonteCarloTest(23, 10000, new AesEngine(), new KeyParameter(Hex.Decode("28E79E2AFC5F7745FCCABE2F6257C2EF4C4EDFB37324814ED4137C288711A386")), "C737317FE0846F132B23C8C2A672CE22", "E58B82BFBA53C0040DC610C642121168")}; + + public override string Name { get { return "AES"; } } + + public AesTest() + : base(tests, new AesEngine(), new KeyParameter(new byte[16])) + { + } + + private ITestResult WrapTest(int id, byte[] kek, byte[] input, byte[] outBytes) + { + IWrapper wrapper = new AesWrapEngine(); + + wrapper.Init(true, new KeyParameter(kek)); + + try + { + byte[] cText = wrapper.Wrap(input, 0, input.Length); + + if (!Arrays.AreEqual(cText, outBytes)) + { + return new SimpleTestResult(false, Name + ": failed wrap test " + id + + " expected " + Hex.ToHexString(outBytes) + + " got " + Hex.ToHexString(cText)); + } + } + catch (System.Exception e) + { + return new SimpleTestResult(false, Name + ": failed wrap test exception " + e.ToString()); + } + + wrapper.Init(false, new KeyParameter(kek)); + + try + { + byte[] pText = wrapper.Unwrap(outBytes, 0, outBytes.Length); + if (!Arrays.AreEqual(pText, input)) + { + return new SimpleTestResult(false, Name + ": failed unwrap test " + id + + " expected " + Hex.ToHexString(input) + + " got " + Hex.ToHexString(pText)); + } + } + catch (Exception e) + { + return new SimpleTestResult(false, Name + ": failed unwrap test exception.", e); + } + + return new SimpleTestResult(true, Name + ": Okay"); + } + + public override ITestResult Perform() + { + ITestResult result = base.Perform(); + if (!result.IsSuccessful()) + { + return result; + } + + byte[] kek1 = Hex.Decode("000102030405060708090a0b0c0d0e0f"); + byte[] in1 = Hex.Decode("00112233445566778899aabbccddeeff"); + byte[] out1 = Hex.Decode("1fa68b0a8112b447aef34bd8fb5a7b829d3e862371d2cfe5"); + result = WrapTest(1, kek1, in1, out1); + if (!result.IsSuccessful()) + { + return result; + } + + byte[] kek2 = Hex.Decode("000102030405060708090a0b0c0d0e0f1011121314151617"); + byte[] in2 = Hex.Decode("00112233445566778899aabbccddeeff"); + byte[] out2 = Hex.Decode("96778b25ae6ca435f92b5b97c050aed2468ab8a17ad84e5d"); + result = WrapTest(2, kek2, in2, out2); + if (!result.IsSuccessful()) + { + return result; + } + + byte[] kek3 = Hex.Decode("000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f"); + byte[] in3 = Hex.Decode("00112233445566778899aabbccddeeff"); + byte[] out3 = Hex.Decode("64e8c3f9ce0f5ba263e9777905818a2a93c8191e7d6e8ae7"); + result = WrapTest(3, kek3, in3, out3); + if (!result.IsSuccessful()) + { + return result; + } + + byte[] kek4 = Hex.Decode("000102030405060708090a0b0c0d0e0f1011121314151617"); + byte[] in4 = Hex.Decode("00112233445566778899aabbccddeeff0001020304050607"); + byte[] out4 = Hex.Decode("031d33264e15d33268f24ec260743edce1c6c7ddee725a936ba814915c6762d2"); + result = WrapTest(4, kek4, in4, out4); + if (!result.IsSuccessful()) + { + return result; + } + + byte[] kek5 = Hex.Decode("000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f"); + byte[] in5 = Hex.Decode("00112233445566778899aabbccddeeff0001020304050607"); + byte[] out5 = Hex.Decode("a8f9bc1612c68b3ff6e6f4fbe30e71e4769c8b80a32cb8958cd5d17d6b254da1"); + result = WrapTest(5, kek5, in5, out5); + if (!result.IsSuccessful()) + { + return result; + } + + byte[] kek6 = Hex.Decode("000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f"); + byte[] in6 = Hex.Decode("00112233445566778899aabbccddeeff000102030405060708090a0b0c0d0e0f"); + byte[] out6 = Hex.Decode("28c9f404c4b810f4cbccb35cfb87f8263f5786e2d80ed326cbc7f0e71a99f43bfb988b9b7a02dd21"); + result = WrapTest(6, kek6, in6, out6); + if (!result.IsSuccessful()) + { + return result; + } + + return new SimpleTestResult(true, Name + ": Okay"); + } + + public static void Main( + string[] args) + { + AesTest test = new AesTest(); + ITestResult result = test.Perform(); + + Console.WriteLine(result); + } + + [Test] + public void TestFunction() + { + string resultText = Perform().ToString(); + + Assert.AreEqual(Name + ": Okay", resultText); + } + } +} diff --git a/BouncyCastle/crypto/test/src/crypto/test/AESWrapTest.cs b/BouncyCastle/crypto/test/src/crypto/test/AESWrapTest.cs new file mode 100644 index 0000000..11b4609 --- /dev/null +++ b/BouncyCastle/crypto/test/src/crypto/test/AESWrapTest.cs @@ -0,0 +1,214 @@ +using System; + +using NUnit.Framework; + +using Org.BouncyCastle.Crypto; +using Org.BouncyCastle.Crypto.Engines; +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Utilities; +using Org.BouncyCastle.Utilities.Encoders; +using Org.BouncyCastle.Utilities.Test; + +namespace Org.BouncyCastle.Crypto.Tests +{ + /** + * Wrap Test + */ + [TestFixture] + public class AesWrapTest + : ITest + { + public string Name + { + get + { + return "AESWrap"; + } + } + + private ITestResult wrapTest( + int id, + byte[] kek, + byte[] inBytes, + byte[] outBytes) + { + IWrapper wrapper = new AesWrapEngine(); + + wrapper.Init(true, new KeyParameter(kek)); + + try + { + byte[] cText = wrapper.Wrap(inBytes, 0, inBytes.Length); + if (!Arrays.AreEqual(cText, outBytes)) + { + return new SimpleTestResult(false, Name + ": failed wrap test " + id + + " expected " + Hex.ToHexString(outBytes) + + " got " + Hex.ToHexString(cText)); + } + } + catch (Exception e) + { + return new SimpleTestResult(false, Name + ": failed wrap test exception " + e); + } + + wrapper.Init(false, new KeyParameter(kek)); + + try + { + byte[] pText = wrapper.Unwrap(outBytes, 0, outBytes.Length); + if (!Arrays.AreEqual(pText, inBytes)) + { + return new SimpleTestResult(false, Name + ": failed unwrap test " + id + + " expected " + Hex.ToHexString(inBytes) + + " got " + Hex.ToHexString(pText)); + } + } + catch (Exception e) + { + return new SimpleTestResult(false, Name + ": failed unwrap test exception.", e); + } + + return new SimpleTestResult(true, Name + ": Okay"); + } + + public ITestResult Perform() + { + byte[] kek1 = Hex.Decode("000102030405060708090a0b0c0d0e0f"); + byte[] in1 = Hex.Decode("00112233445566778899aabbccddeeff"); + byte[] out1 = Hex.Decode("1fa68b0a8112b447aef34bd8fb5a7b829d3e862371d2cfe5"); + ITestResult result = wrapTest(1, kek1, in1, out1); + + if (!result.IsSuccessful()) + { + return result; + } + + byte[] kek2 = Hex.Decode("000102030405060708090a0b0c0d0e0f1011121314151617"); + byte[] in2 = Hex.Decode("00112233445566778899aabbccddeeff"); + byte[] out2 = Hex.Decode("96778b25ae6ca435f92b5b97c050aed2468ab8a17ad84e5d"); + result = wrapTest(2, kek2, in2, out2); + if (!result.IsSuccessful()) + { + return result; + } + + byte[] kek3 = Hex.Decode("000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f"); + byte[] in3 = Hex.Decode("00112233445566778899aabbccddeeff"); + byte[] out3 = Hex.Decode("64e8c3f9ce0f5ba263e9777905818a2a93c8191e7d6e8ae7"); + result = wrapTest(3, kek3, in3, out3); + if (!result.IsSuccessful()) + { + return result; + } + + byte[] kek4 = Hex.Decode("000102030405060708090a0b0c0d0e0f1011121314151617"); + byte[] in4 = Hex.Decode("00112233445566778899aabbccddeeff0001020304050607"); + byte[] out4 = Hex.Decode("031d33264e15d33268f24ec260743edce1c6c7ddee725a936ba814915c6762d2"); + result = wrapTest(4, kek4, in4, out4); + if (!result.IsSuccessful()) + { + return result; + } + + byte[] kek5 = Hex.Decode("000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f"); + byte[] in5 = Hex.Decode("00112233445566778899aabbccddeeff0001020304050607"); + byte[] out5 = Hex.Decode("a8f9bc1612c68b3ff6e6f4fbe30e71e4769c8b80a32cb8958cd5d17d6b254da1"); + result = wrapTest(5, kek5, in5, out5); + if (!result.IsSuccessful()) + { + return result; + } + + byte[] kek6 = Hex.Decode("000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f"); + byte[] in6 = Hex.Decode("00112233445566778899aabbccddeeff000102030405060708090a0b0c0d0e0f"); + byte[] out6 = Hex.Decode("28c9f404c4b810f4cbccb35cfb87f8263f5786e2d80ed326cbc7f0e71a99f43bfb988b9b7a02dd21"); + result = wrapTest(6, kek6, in6, out6); + if (!result.IsSuccessful()) + { + return result; + } + + IWrapper wrapper = new AesWrapEngine(); + KeyParameter key = new KeyParameter(new byte[16]); + byte[] buf = new byte[16]; + + try + { + wrapper.Init(true, key); + + wrapper.Unwrap(buf, 0, buf.Length); + + return new SimpleTestResult(false, Name + ": failed unwrap state test."); + } + catch (InvalidOperationException) + { + // expected + } + catch (InvalidCipherTextException e) + { + return new SimpleTestResult(false, Name + ": unexpected exception: " + e, e); + } + + try + { + wrapper.Init(false, key); + + wrapper.Wrap(buf, 0, buf.Length); + + return new SimpleTestResult(false, Name + ": failed unwrap state test."); + } + catch (InvalidOperationException) + { + // expected + } + + // + // short test + // + try + { + wrapper.Init(false, key); + + wrapper.Unwrap(buf, 0, buf.Length / 2); + + return new SimpleTestResult(false, Name + ": failed unwrap short test."); + } + catch (InvalidCipherTextException) + { + // expected + } + + try + { + wrapper.Init(true, key); + + wrapper.Wrap(buf, 0, 15); + + return new SimpleTestResult(false, Name + ": failed wrap length test."); + } + catch (DataLengthException) + { + // expected + } + + return new SimpleTestResult(true, Name + ": Okay"); + } + + public static void Main( + string[] args) + { + AesWrapTest test = new AesWrapTest(); + ITestResult result = test.Perform(); + + Console.WriteLine(result); + } + + [Test] + public void TestFunction() + { + string resultText = Perform().ToString(); + + Assert.AreEqual(Name + ": Okay", resultText); + } + } +} diff --git a/BouncyCastle/crypto/test/src/crypto/test/AeadTestUtilities.cs b/BouncyCastle/crypto/test/src/crypto/test/AeadTestUtilities.cs new file mode 100644 index 0000000..ee2d7bc --- /dev/null +++ b/BouncyCastle/crypto/test/src/crypto/test/AeadTestUtilities.cs @@ -0,0 +1,77 @@ +using System; + +using Org.BouncyCastle.Crypto.Modes; +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Utilities.Test; + +namespace Org.BouncyCastle.Crypto.Tests +{ + public class AeadTestUtilities + { + internal static void TestTampering(ITest test, IAeadCipher cipher, ICipherParameters parameters) + { + byte[] plaintext = new byte[1000]; + for (int i = 0; i < plaintext.Length; i++) + { + plaintext[i] = (byte)i; + } + cipher.Init(true, parameters); + + byte[] ciphertext = new byte[cipher.GetOutputSize(plaintext.Length)]; + int len = cipher.ProcessBytes(plaintext, 0, plaintext.Length, ciphertext, 0); + cipher.DoFinal(ciphertext, len); + + int macLength = cipher.GetMac().Length; + + // Test tampering with a single byte + cipher.Init(false, parameters); + byte[] tampered = new byte[ciphertext.Length]; + byte[] output = new byte[plaintext.Length]; + Array.Copy(ciphertext, 0, tampered, 0, tampered.Length); + tampered[0] += 1; + + cipher.ProcessBytes(tampered, 0, tampered.Length, output, 0); + try + { + cipher.DoFinal(output, 0); + throw new TestFailedException( + new SimpleTestResult(false, test + " : tampering of ciphertext not detected.")); + } + catch (InvalidCipherTextException) + { + // Expected + } + + // Test truncation of ciphertext to < tag length + cipher.Init(false, parameters); + byte[] truncated = new byte[macLength - 1]; + Array.Copy(ciphertext, 0, truncated, 0, truncated.Length); + + cipher.ProcessBytes(truncated, 0, truncated.Length, output, 0); + try + { + cipher.DoFinal(output, 0); + Fail(test, "tampering of ciphertext not detected."); + } + catch (InvalidCipherTextException) + { + // Expected + } + } + + private static void Fail(ITest test, string message) + { + throw new TestFailedException(SimpleTestResult.Failed(test, message)); + } + + private static void Fail(ITest test, string message, string expected, string result) + { + throw new TestFailedException(SimpleTestResult.Failed(test, message, expected, result)); + } + + internal static AeadParameters ReuseKey(AeadParameters p) + { + return new AeadParameters(null, p.MacSize, p.GetNonce(), p.GetAssociatedText()); + } + } +} diff --git a/BouncyCastle/crypto/test/src/crypto/test/AllTests.cs b/BouncyCastle/crypto/test/src/crypto/test/AllTests.cs new file mode 100644 index 0000000..2b69093 --- /dev/null +++ b/BouncyCastle/crypto/test/src/crypto/test/AllTests.cs @@ -0,0 +1,48 @@ +using System; + +#if !LIB +using NUnit.Core; +#endif +using NUnit.Framework; + +using Org.BouncyCastle.Utilities.Test; + +namespace Org.BouncyCastle.Crypto.Tests +{ + [TestFixture] + public class AllTests + { +#if !LIB + public static void Main(string[] args) + { + Suite.Run(new NullListener(), NUnit.Core.TestFilter.Empty); + } + + [Suite] + public static TestSuite Suite + { + get + { + TestSuite suite = new TestSuite("Lightweight Crypto Tests"); + suite.Add(new AllTests()); + suite.Add(new GcmReorderTest()); + return suite; + } + } +#endif + + [Test] + public void TestCrypto() + { + foreach (Org.BouncyCastle.Utilities.Test.ITest test in RegressionTest.tests) + { + SimpleTestResult result = (SimpleTestResult)test.Perform(); + + if (!result.IsSuccessful()) + { + Assert.Fail(result.ToString()); + } + } + } + } +} diff --git a/BouncyCastle/crypto/test/src/crypto/test/AriaTest.cs b/BouncyCastle/crypto/test/src/crypto/test/AriaTest.cs new file mode 100644 index 0000000..da92792 --- /dev/null +++ b/BouncyCastle/crypto/test/src/crypto/test/AriaTest.cs @@ -0,0 +1,180 @@ +using System; + +using NUnit.Framework; + +using Org.BouncyCastle.Crypto.Engines; +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Security; +using Org.BouncyCastle.Utilities; +using Org.BouncyCastle.Utilities.Encoders; +using Org.BouncyCastle.Utilities.Test; + +namespace Org.BouncyCastle.Crypto.Tests +{ + [TestFixture] + public class AriaTest + : SimpleTest + { + private static readonly SecureRandom R = new SecureRandom(); + + private static readonly string[][] TEST_VECTORS_RFC5794 = { + new string[]{ + "128-Bit Key", + "000102030405060708090a0b0c0d0e0f", + "00112233445566778899aabbccddeeff", + "d718fbd6ab644c739da95f3be6451778" + }, + new string[]{ + "192-Bit Key", + "000102030405060708090a0b0c0d0e0f1011121314151617", + "00112233445566778899aabbccddeeff", + "26449c1805dbe7aa25a468ce263a9e79" + }, + new string[]{ + "256-Bit Key", + "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f", + "00112233445566778899aabbccddeeff", + "f92bd7c79fb72e2f2b8f80c1972d24fc" + }, + }; + + public override string Name + { + get { return "ARIA"; } + } + + public override void PerformTest() + { + CheckTestVectors_RFC5794(); + + for (int i = 0; i < 100; ++i) + { + CheckRandomRoundtrips(); + } + + new MyAriaEngine().CheckImplementation(); + } + + private void CheckRandomRoundtrips() + { + AriaEngine ce = new AriaEngine(); + AriaEngine cd = new AriaEngine(); + + byte[] txt = new byte[ce.GetBlockSize()]; + byte[] enc = new byte[ce.GetBlockSize()]; + byte[] dec = new byte[ce.GetBlockSize()]; + + for (int keyLen = 16; keyLen <= 32; keyLen += 8) + { + byte[] K = new byte[keyLen]; + + R.NextBytes(K); + + KeyParameter key = new KeyParameter(K); + ce.Init(true, key); + cd.Init(false, key); + + R.NextBytes(txt); + + for (int i = 0; i < 100; ++i) + { + ce.ProcessBlock(txt, 0, enc, 0); + cd.ProcessBlock(enc, 0, dec, 0); + + IsTrue(Arrays.AreEqual(txt, dec)); + + Array.Copy(enc, 0, txt, 0, enc.Length); + } + } + } + + private void CheckTestVector_RFC5794(String[] tv) + { + string name = "'" + tv[0] + "'"; + + IBlockCipher c = new AriaEngine(); + int blockSize = c.GetBlockSize(); + IsTrue("Wrong block size returned from getBlockSize() for " + name, 16 == blockSize); + + KeyParameter key = new KeyParameter(Hex.Decode(tv[1])); + byte[] plaintext = Hex.Decode(tv[2]); + byte[] ciphertext = Hex.Decode(tv[3]); + + IsTrue("Unexpected plaintext length for " + name, blockSize == plaintext.Length); + IsTrue("Unexpected ciphertext length for " + name, blockSize == ciphertext.Length); + + c.Init(true, key); + + byte[] actual = new byte[blockSize]; + int num = c.ProcessBlock(plaintext, 0, actual, 0); + + IsTrue("Wrong length returned from processBlock() (encryption) for " + name, blockSize == num); + IsTrue("Incorrect ciphertext computed for " + name, Arrays.AreEqual(ciphertext, actual)); + + c.Init(false, key); + num = c.ProcessBlock(ciphertext, 0, actual, 0); + + IsTrue("Wrong length returned from processBlock() (decryption) for " + name, blockSize == num); + IsTrue("Incorrect plaintext computed for " + name, Arrays.AreEqual(plaintext, actual)); + } + + private void CheckTestVectors_RFC5794() + { + for (int i = 0; i < TEST_VECTORS_RFC5794.Length; ++i) + { + CheckTestVector_RFC5794(TEST_VECTORS_RFC5794[i]); + } + } + + public static void Main(string[] args) + { + RunTest(new AriaTest()); + } + + [Test] + public void TestFunction() + { + string resultText = Perform().ToString(); + + Assert.AreEqual(Name + ": Okay", resultText); + } + + private class MyAriaEngine + : AriaEngine + { + public void CheckImplementation() + { + CheckInvolution(); + CheckSBoxes(); + } + + private void CheckInvolution() + { + byte[] x = new byte[16], y = new byte[16]; + + for (int i = 0; i < 100; ++i) + { + R.NextBytes(x); + Array.Copy(x, 0, y, 0, 16); + A(y); + A(y); + Assert.IsTrue(Arrays.AreEqual(x, y)); + } + } + + private void CheckSBoxes() + { + for (int i = 0; i < 256; ++i) + { + byte x = (byte)i; + + Assert.IsTrue(x == SB1(SB3(x))); + Assert.IsTrue(x == SB3(SB1(x))); + + Assert.IsTrue(x == SB2(SB4(x))); + Assert.IsTrue(x == SB4(SB2(x))); + } + } + } + } +} diff --git a/BouncyCastle/crypto/test/src/crypto/test/BCryptTest.cs b/BouncyCastle/crypto/test/src/crypto/test/BCryptTest.cs new file mode 100644 index 0000000..42d925f --- /dev/null +++ b/BouncyCastle/crypto/test/src/crypto/test/BCryptTest.cs @@ -0,0 +1,163 @@ +using System; + +using NUnit.Framework; + +using Org.BouncyCastle.Crypto.Generators; +using Org.BouncyCastle.Utilities; +using Org.BouncyCastle.Utilities.Encoders; +using Org.BouncyCastle.Utilities.Test; + +namespace Org.BouncyCastle.Crypto.Tests +{ + /* + * bcrypt test vectors + */ + [TestFixture] + public class BCryptTest + : SimpleTest + { + // Raw test vectors based on crypt style test vectors + // Cross checked with JBCrypt + private static readonly object[][] TestVectorData = { + new object[]{"", "144b3d691a7b4ecf39cf735c7fa7a79c", 6, "557e94f34bf286e8719a26be94ac1e16d95ef9f819dee092"}, + new object[]{"00", "144b3d691a7b4ecf39cf735c7fa7a79c", 6, "557e94f34bf286e8719a26be94ac1e16d95ef9f819dee092"}, + new object[]{"00", "26c63033c04f8bcba2fe24b574db6274", 8, "56701b26164d8f1bc15225f46234ac8ac79bf5bc16bf48ba"}, + new object[]{"00", "9b7c9d2ada0fd07091c915d1517701d6", 10, "7b2e03106a43c9753821db688b5cc7590b18fdf9ba544632"}, + new object[]{"6100", "a3612d8c9a37dac2f99d94da03bd4521", 6, "e6d53831f82060dc08a2e8489ce850ce48fbf976978738f3"}, + new object[]{"6100", "7a17b15dfe1c4be10ec6a3ab47818386", 8, "a9f3469a61cbff0a0f1a1445dfe023587f38b2c9c40570e1"}, + new object[]{"6100", "9bef4d04e1f8f92f3de57323f8179190", 10, "5169fd39606d630524285147734b4c981def0ee512c3ace1"}, + new object[]{"61626300", "2a1f1dc70a3d147956a46febe3016017", 6, "d9a275b493bcbe1024b0ff80d330253cfdca34687d8f69e5"}, + new object[]{"61626300", "4ead845a142c9bc79918c8797f470ef5", 8, "8d4131a723bfbbac8a67f2e035cae08cc33b69f37331ea91"}, + new object[]{"61626300", "631c554493327c32f9c26d9be7d18e4c", 10, "8cd0b863c3ff0860e31a2b42427974e0283b3af7142969a6"}, + new object[]{"6162636465666768696a6b6c6d6e6f707172737475767778797a00", "02d1176d74158ee29cffdac6150cf123", 6, "4d38b523ce9dc6f2f6ff9fb3c2cd71dfe7f96eb4a3baf19f"}, + new object[]{"6162636465666768696a6b6c6d6e6f707172737475767778797a00", "715b96caed2ac92c354ed16c1e19e38a", 8, "98bf9ffc1f5be485f959e8b1d526392fbd4ed2d5719f506b"}, + new object[]{"6162636465666768696a6b6c6d6e6f707172737475767778797a00", "85727e838f9049397fbec90566ede0df", 10, "cebba53f67bd28af5a44c6707383c231ac4ef244a6f5fb2b"}, + new object[]{"7e21402324255e262a28292020202020207e21402324255e262a2829504e4246524400", "8512ae0d0fac4ec9a5978f79b6171028", 6, "26f517fe5345ad575ba7dfb8144f01bfdb15f3d47c1e146a"}, + new object[]{"7e21402324255e262a28292020202020207e21402324255e262a2829504e4246524400", "1ace2de8807df18c79fced54678f388f", 8, "d51d7cdf839b91a25758b80141e42c9f896ae80fd6cd561f"}, + new object[]{"7e21402324255e262a28292020202020207e21402324255e262a2829504e4246524400", "36285a6267751b14ba2dc989f6d43126", 10, "db4fab24c1ff41c1e2c966f8b3d6381c76e86f52da9e15a9"}, + new object[]{"c2a300", "144b3d691a7b4ecf39cf735c7fa7a79c", 6, "5a6c4fedb23980a7da9217e0442565ac6145b687c7313339"}, + }; + + public override string Name + { + get { return "BCrypt"; } + } + + public override void PerformTest() + { + DoTestParameters(); + DoTestShortKeys(); + DoTestVectors(); + } + + private void DoTestShortKeys() + { + byte[] salt = new byte[16]; + + // Check BCrypt with empty key pads to zero byte key + byte[] hashEmpty = BCrypt.Generate(new byte[0], salt, 4); + byte[] hashZero1 = BCrypt.Generate(new byte[1], salt, 4); + + if (!Arrays.AreEqual(hashEmpty, hashZero1)) + { + Fail("Hash for empty password should equal zeroed key", Hex.ToHexString(hashEmpty), + Hex.ToHexString(hashZero1)); + } + + // Check zeroed byte key of min Blowfish length is equivalent + byte[] hashZero4 = BCrypt.Generate(new byte[4], salt, 4); + if (!Arrays.AreEqual(hashEmpty, hashZero4)) + { + Fail("Hash for empty password should equal zeroed key[4]", Hex.ToHexString(hashEmpty), + Hex.ToHexString(hashZero4)); + } + + // Check BCrypt isn't padding too small (32 bit) keys + byte[] hashA = BCrypt.Generate(new byte[]{(byte)'a'}, salt, 4); + byte[] hashA0 = BCrypt.Generate(new byte[]{(byte)'a', (byte)0}, salt, 4); + if (Arrays.AreEqual(hashA, hashA0)) + { + Fail("Small keys should not be 0 padded."); + } + } + + public void DoTestParameters() + { + CheckOK("Empty key", new byte[0], new byte[16], 4); + CheckOK("Minimal values", new byte[1], new byte[16], 4); + //CheckOK("Max cost", new byte[1], new byte[16], 31); + CheckOK("Max passcode", new byte[72], new byte[16], 4); + CheckIllegal("Null password", null, new byte[16], 4); + CheckIllegal("Null salt", new byte[1], null, 4); + CheckIllegal("Salt too small", new byte[1], new byte[15], 4); + CheckIllegal("Salt too big", new byte[1], new byte[17], 4); + CheckIllegal("Cost too low", new byte[16], new byte[16], 3); + CheckIllegal("Cost too high", new byte[16], new byte[16], 32); + CheckIllegal("Passcode too long", new byte[73], new byte[16], 32); + } + + private void CheckOK(string msg, byte[] pass, byte[] salt, int cost) + { + try + { + BCrypt.Generate(pass, salt, cost); + } + catch (ArgumentException e) + { + Console.Error.WriteLine(e.StackTrace); + Fail(msg); + } + } + + private void CheckIllegal(String msg, byte[] pass, byte[] salt, int cost) + { + try + { + BCrypt.Generate(pass, salt, cost); + Fail(msg); + } + catch (ArgumentException) + { + // Expected + } + } + + public void DoTestVectors() + { + foreach (object[] v in TestVectorData) + { + byte[] password = Hex.Decode((string)v[0]); + byte[] salt = Hex.Decode((string)v[1]); + int cost = (int)v[2]; + byte[] expected = Hex.Decode((string)v[3]); + + DoTest(password, salt, cost, expected); + } + + IsTrue(AreEqual(BCrypt.Generate(BCrypt.PasswordToByteArray("12341234".ToCharArray()), Hex.Decode("01020304050607080102030405060708"), 5), Hex.Decode("cdd19088721c50e5cb49a7b743d93b5a6e67bef0f700cd78"))); + IsTrue(AreEqual(BCrypt.Generate(BCrypt.PasswordToByteArray("1234".ToCharArray()), Hex.Decode("01020304050607080102030405060708"), 5), Hex.Decode("02a3269aca2732484057b40c614204814cbfc2becd8e093e"))); + } + + private void DoTest(byte[] password, byte[] salt, int cost, byte[] expected) + { + byte[] hash = BCrypt.Generate(password, salt, cost); + if (!Arrays.AreEqual(hash, expected)) + { + Fail("Hash for " + Hex.ToHexString(password), Hex.ToHexString(expected), Hex.ToHexString(hash)); + } + } + + public static void Main(string[] args) + { + RunTest(new BCryptTest()); + } + + [Test] + public void TestFunction() + { + string resultText = Perform().ToString(); + + Assert.AreEqual(Name + ": Okay", resultText); + } + } +} diff --git a/BouncyCastle/crypto/test/src/crypto/test/Blake2bDigestTest.cs b/BouncyCastle/crypto/test/src/crypto/test/Blake2bDigestTest.cs new file mode 100644 index 0000000..c9dbfc9 --- /dev/null +++ b/BouncyCastle/crypto/test/src/crypto/test/Blake2bDigestTest.cs @@ -0,0 +1,325 @@ +using System; +using System.Text; + +using NUnit.Framework; + +using Org.BouncyCastle.Crypto.Digests; +using Org.BouncyCastle.Utilities; +using Org.BouncyCastle.Utilities.Encoders; +using Org.BouncyCastle.Utilities.Test; + +namespace Org.BouncyCastle.Crypto.Tests +{ + [TestFixture] + public class Blake2bDigestTest + : SimpleTest + { + private static readonly string[,] keyedTestVectors = { // input/message, key, hash + // Vectors from BLAKE2 web site: https://blake2.net/blake2b-test.txt + { + "", + "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f", + "10ebb67700b1868efb4417987acf4690ae9d972fb7a590c2f02871799aaa4786b5e996e8f0f4eb981fc214b005f42d2ff4233499391653df7aefcbc13fc51568" + }, + { + "00", + "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f", + "961f6dd1e4dd30f63901690c512e78e4b45e4742ed197c3c5e45c549fd25f2e4187b0bc9fe30492b16b0d0bc4ef9b0f34c7003fac09a5ef1532e69430234cebd" + }, + { + "0001", + "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f", + "da2cfbe2d8409a0f38026113884f84b50156371ae304c4430173d08a99d9fb1b983164a3770706d537f49e0c916d9f32b95cc37a95b99d857436f0232c88a965" + }, + { + "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d", + "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f", + "f1aa2b044f8f0c638a3f362e677b5d891d6fd2ab0765f6ee1e4987de057ead357883d9b405b9d609eea1b869d97fb16d9b51017c553f3b93c0a1e0f1296fedcd" + }, + { + "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f505152535455565758595a5b5c5d5e5f606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9fa0a1a2a3", + "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f", + "c230f0802679cb33822ef8b3b21bf7a9a28942092901d7dac3760300831026cf354c9232df3e084d9903130c601f63c1f4a4a4b8106e468cd443bbe5a734f45f" + }, + { + "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f505152535455565758595a5b5c5d5e5f606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9fa0a1a2a3a4a5a6a7a8a9aaabacadaeafb0b1b2b3b4b5b6b7b8b9babbbcbdbebfc0c1c2c3c4c5c6c7c8c9cacbcccdcecfd0d1d2d3d4d5d6d7d8d9dadbdcdddedfe0e1e2e3e4e5e6e7e8e9eaebecedeeeff0f1f2f3f4f5f6f7f8f9fafbfcfdfe", + "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f", + "142709d62e28fcccd0af97fad0f8465b971e82201dc51070faa0372aa43e92484be1c1e73ba10906d5d1853db6a4106e0a7bf9800d373d6dee2d46d62ef2a461" + } + }; + + // from: http://fossies.org/linux/john/src/rawBLAKE2_512_fmt_plug.c + private static readonly string[,] unkeyedTestVectors = { // hash, input/message + // digests without leading $BLAKE2$ + { + "4245af08b46fbb290222ab8a68613621d92ce78577152d712467742417ebc1153668f1c9e1ec1e152a32a9c242dc686d175e087906377f0c483c5be2cb68953e", + "blake2" + }, + { + "021ced8799296ceca557832ab941a50b4a11f83478cf141f51f933f653ab9fbcc05a037cddbed06e309bf334942c4e58cdf1a46e237911ccd7fcf9787cbc7fd0", + "hello world" + }, + { + "1f7d9b7c9a90f7bfc66e52b69f3b6c3befbd6aee11aac860e99347a495526f30c9e51f6b0db01c24825092a09dd1a15740f0ade8def87e60c15da487571bcef7", + "verystrongandlongpassword" + }, + { + "a8add4bdddfd93e4877d2746e62817b116364a1fa7bc148d95090bc7333b3673f82401cf7aa2e4cb1ecd90296e3f14cb5413f8ed77be73045b13914cdcd6a918", + "The quick brown fox jumps over the lazy dog" + }, + { + "786a02f742015903c6c6fd852552d272912f4740e15847618a86e217f71f5419d25e1031afee585313896444934eb04b903a685b1448b755d56f701afe9be2ce", + "" + }, + { + "ba80a53f981c4d0d6a2797b69f12f6e94c212f14685ac4b74b12bb6fdbffa2d17d87c5392aab792dc252d5de4533cc9518d38aa8dbf1925ab92386edd4009923", + "abc" + }, + }; + + public override string Name + { + get { return "BLAKE2b"; } + } + + private void offsetTest( + IDigest digest, + byte[] input, + byte[] expected) + { + byte[] resBuf = new byte[expected.Length + 11]; + + digest.BlockUpdate(input, 0, input.Length); + + digest.DoFinal(resBuf, 11); + + if (!AreEqual(Arrays.CopyOfRange(resBuf, 11, resBuf.Length), expected)) + { + Fail("Offset failed got " + Hex.ToHexString(resBuf)); + } + } + + public override void PerformTest() + { + // test keyed test vectors: + + Blake2bDigest blake2bkeyed = new Blake2bDigest(Hex.Decode(keyedTestVectors[0, 1])); + for (int tv = 0; tv < keyedTestVectors.GetLength(0); tv++) + { + byte[] input = Hex.Decode(keyedTestVectors[tv, 0]); + blake2bkeyed.Reset(); + + blake2bkeyed.BlockUpdate(input, 0, input.Length); + byte[] keyedHash = new byte[64]; + blake2bkeyed.DoFinal(keyedHash, 0); + + if (!Arrays.AreEqual(Hex.Decode(keyedTestVectors[tv, 2]), keyedHash)) + { + Fail("BLAKE2b mismatch on test vector ", keyedTestVectors[tv, 2], Hex.ToHexString(keyedHash)); + } + + offsetTest(blake2bkeyed, input, keyedHash); + } + + Blake2bDigest blake2bunkeyed = new Blake2bDigest(); + // test unkeyed test vectors: + for (int i = 0; i < unkeyedTestVectors.GetLength(0); i++) + { + // test update(byte b) + byte[] unkeyedInput = Encoding.UTF8.GetBytes(unkeyedTestVectors[i, 1]); + for (int j = 0; j < unkeyedInput.Length; j++) + { + blake2bunkeyed.Update(unkeyedInput[j]); + } + + byte[] unkeyedHash = new byte[64]; + blake2bunkeyed.DoFinal(unkeyedHash, 0); + blake2bunkeyed.Reset(); + + if (!Arrays.AreEqual(Hex.Decode(unkeyedTestVectors[i, 0]), unkeyedHash)) + { + Fail("BLAKE2b mismatch on test vector ", unkeyedTestVectors[i, 0], Hex.ToHexString(unkeyedHash)); + } + } + + CloneTest(); + ResetTest(); + DoTestNullKeyVsUnkeyed(); + DoTestLengthConstruction(); + } + + private void CloneTest() + { + Blake2bDigest blake2bCloneSource = new Blake2bDigest(Hex.Decode(keyedTestVectors[3, 1]), 16, + Hex.Decode("000102030405060708090a0b0c0d0e0f"), Hex.Decode("101112131415161718191a1b1c1d1e1f")); + byte[] expected = Hex.Decode("b6d48ed5771b17414c4e08bd8d8a3bc4"); + + CheckClone(blake2bCloneSource, expected); + + // just digest size + blake2bCloneSource = new Blake2bDigest(160); + expected = Hex.Decode("64202454e538279b21cea0f5a7688be656f8f484"); + CheckClone(blake2bCloneSource, expected); + + // null salt and personalisation + blake2bCloneSource = new Blake2bDigest(Hex.Decode(keyedTestVectors[3, 1]), 16, null, null); + expected = Hex.Decode("2b4a081fae2d7b488f5eed7e83e42a20"); + CheckClone(blake2bCloneSource, expected); + + // null personalisation + blake2bCloneSource = new Blake2bDigest(Hex.Decode(keyedTestVectors[3, 1]), 16, Hex.Decode("000102030405060708090a0b0c0d0e0f"), null); + expected = Hex.Decode("00c3a2a02fcb9f389857626e19d706f6"); + CheckClone(blake2bCloneSource, expected); + + // null salt + blake2bCloneSource = new Blake2bDigest(Hex.Decode(keyedTestVectors[3, 1]), 16, null, Hex.Decode("101112131415161718191a1b1c1d1e1f")); + expected = Hex.Decode("f445ec9c062a3c724f8fdef824417abb"); + CheckClone(blake2bCloneSource, expected); + } + + private void CheckClone(Blake2bDigest blake2bCloneSource, byte[] expected) + { + byte[] message = Hex.Decode(keyedTestVectors[3, 0]); + + blake2bCloneSource.BlockUpdate(message, 0, message.Length); + + byte[] hash = new byte[blake2bCloneSource.GetDigestSize()]; + + Blake2bDigest digClone = new Blake2bDigest(blake2bCloneSource); + + blake2bCloneSource.DoFinal(hash, 0); + if (!AreEqual(expected, hash)) + { + Fail("clone source not correct"); + } + + digClone.DoFinal(hash, 0); + if (!AreEqual(expected, hash)) + { + Fail("clone not correct"); + } + } + + private void DoTestLengthConstruction() + { + try + { + new Blake2bDigest(-1); + Fail("no exception"); + } + catch (ArgumentException e) + { + IsEquals("BLAKE2b digest bit length must be a multiple of 8 and not greater than 512", e.Message); + } + + try + { + new Blake2bDigest(9); + Fail("no exception"); + } + catch (ArgumentException e) + { + IsEquals("BLAKE2b digest bit length must be a multiple of 8 and not greater than 512", e.Message); + } + + try + { + new Blake2bDigest(520); + Fail("no exception"); + } + catch (ArgumentException e) + { + IsEquals("BLAKE2b digest bit length must be a multiple of 8 and not greater than 512", e.Message); + } + + try + { + new Blake2bDigest(null, -1, null, null); + Fail("no exception"); + } + catch (ArgumentException e) + { + IsEquals("Invalid digest length (required: 1 - 64)", e.Message); + } + + try + { + new Blake2bDigest(null, 65, null, null); + Fail("no exception"); + } + catch (ArgumentException e) + { + IsEquals("Invalid digest length (required: 1 - 64)", e.Message); + } + } + + private void DoTestNullKeyVsUnkeyed() + { + byte[] abc = Strings.ToByteArray("abc"); + + for (int i = 1; i != 64; i++) + { + Blake2bDigest dig1 = new Blake2bDigest(i * 8); + Blake2bDigest dig2 = new Blake2bDigest(null, i, null, null); + + byte[] out1 = new byte[i]; + byte[] out2 = new byte[i]; + + dig1.BlockUpdate(abc, 0, abc.Length); + dig2.BlockUpdate(abc, 0, abc.Length); + + dig1.DoFinal(out1, 0); + dig2.DoFinal(out2, 0); + + IsTrue(Arrays.AreEqual(out1, out2)); + } + } + + private void ResetTest() + { + // Generate a non-zero key + byte[] key = new byte[32]; + for (byte i = 0; i < key.Length; i++) + { + key[i] = i; + } + // Generate some non-zero input longer than the key + byte[] input = new byte[key.Length + 1]; + for (byte i = 0; i < input.Length; i++) + { + input[i] = i; + } + // Hash the input + Blake2bDigest digest = new Blake2bDigest(key); + digest.BlockUpdate(input, 0, input.Length); + byte[] hash = new byte[digest.GetDigestSize()]; + digest.DoFinal(hash, 0); + // Using a second instance, hash the input without calling doFinal() + Blake2bDigest digest1 = new Blake2bDigest(key); + digest1.BlockUpdate(input, 0, input.Length); + // Reset the second instance and hash the input again + digest1.Reset(); + digest1.BlockUpdate(input, 0, input.Length); + byte[] hash1 = new byte[digest.GetDigestSize()]; + digest1.DoFinal(hash1, 0); + // The hashes should be identical + if (!Arrays.AreEqual(hash, hash1)) + { + Fail("state was not reset"); + } + } + + public static void Main(string[] args) + { + RunTest(new Blake2bDigestTest()); + } + + [Test] + public void TestFunction() + { + string resultText = Perform().ToString(); + + Assert.AreEqual(Name + ": Okay", resultText); + } + } +} diff --git a/BouncyCastle/crypto/test/src/crypto/test/Blake2sDigestTest.cs b/BouncyCastle/crypto/test/src/crypto/test/Blake2sDigestTest.cs new file mode 100644 index 0000000..cb07580 --- /dev/null +++ b/BouncyCastle/crypto/test/src/crypto/test/Blake2sDigestTest.cs @@ -0,0 +1,311 @@ +using System; +using System.Text; + +using NUnit.Framework; + +using Org.BouncyCastle.Crypto.Digests; +using Org.BouncyCastle.Utilities; +using Org.BouncyCastle.Utilities.Encoders; +using Org.BouncyCastle.Utilities.Test; + +namespace Org.BouncyCastle.Crypto.Tests +{ + [TestFixture] + public class Blake2sDigestTest + : SimpleTest + { + // Vectors from BLAKE2 web site: https://blake2.net/blake2s-test.txt + private static readonly string[,] keyedTestVectors = { // input/message, key, hash + { + "", + "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f", + "48a8997da407876b3d79c0d92325ad3b89cbb754d86ab71aee047ad345fd2c49", + }, + { + "00", + "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f", + "40d15fee7c328830166ac3f918650f807e7e01e177258cdc0a39b11f598066f1", + }, + { + "0001", + "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f", + "6bb71300644cd3991b26ccd4d274acd1adeab8b1d7914546c1198bbe9fc9d803", + }, + { + "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d", + "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f", + "172ffc67153d12e0ca76a8b6cd5d4731885b39ce0cac93a8972a18006c8b8baf", + }, + { + "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f505152535455565758595a5b5c5d5e5f606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9fa0a1a2a3", + "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f", + "4f8ce1e51d2fe7f24043a904d898ebfc91975418753413aa099b795ecb35cedb", + }, + { + "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f505152535455565758595a5b5c5d5e5f606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9fa0a1a2a3a4a5a6a7a8a9aaabacadaeafb0b1b2b3b4b5b6b7b8b9babbbcbdbebfc0c1c2c3c4c5c6c7c8c9cacbcccdcecfd0d1d2d3d4d5d6d7d8d9dadbdcdddedfe0e1e2e3e4e5e6e7e8e9eaebecedeeeff0f1f2f3f4f5f6f7f8f9fafbfcfdfe", + "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f", + "3fb735061abc519dfe979e54c1ee5bfad0a9d858b3315bad34bde999efd724dd", + }, + }; + + public override string Name + { + get { return "BLAKE2s"; } + } + + public void DoTestDigestWithKeyedTestVectors() + { + Blake2sDigest digest = new Blake2sDigest(Hex.Decode(keyedTestVectors[0, 1])); + for (int i = 0; i != keyedTestVectors.GetLength(0); i++) + { + byte[] input = Hex.Decode(keyedTestVectors[i, 0]); + digest.Reset(); + + digest.BlockUpdate(input, 0, input.Length); + byte[] hash = new byte[32]; + digest.DoFinal(hash, 0); + + if (!AreEqual(Hex.Decode(keyedTestVectors[i, 2]), hash)) + { + Fail("BLAKE2s mismatch on test vector ", keyedTestVectors[i, 2], Hex.ToHexString(hash)); + } + } + } + + public void DoTestDigestWithKeyedTestVectorsAndRandomUpdate() + { + Blake2sDigest digest = new Blake2sDigest(Hex.Decode(keyedTestVectors[0, 1])); + Random random = new Random(); + for (int i = 0; i < 100; i++) + { + for (int j = 0; j != keyedTestVectors.GetLength(0); j++) + { + byte[] input = Hex.Decode(keyedTestVectors[j, 0]); + if (input.Length < 3) + { + continue; + } + digest.Reset(); + + int pos = (random.Next() & 0xffff) % input.Length; + if (pos > 0) + { + digest.BlockUpdate(input, 0, pos); + } + digest.Update(input[pos]); + if (pos < (input.Length - 1)) + { + digest.BlockUpdate(input, pos + 1, input.Length - (pos + 1)); + } + + byte[] hash = new byte[32]; + digest.DoFinal(hash, 0); + + if (!AreEqual(Hex.Decode(keyedTestVectors[j, 2]), hash)) + { + Fail("BLAKE2s mismatch on test vector ", keyedTestVectors[j, 2], Hex.ToHexString(hash)); + } + } + } + } + + private void DoTestLengthConstruction() + { + try + { + new Blake2sDigest(-1); + Fail("no exception"); + } + catch (ArgumentException e) + { + IsEquals("BLAKE2s digest bit length must be a multiple of 8 and not greater than 256", e.Message); + } + + try + { + new Blake2sDigest(9); + Fail("no exception"); + } + catch (ArgumentException e) + { + IsEquals("BLAKE2s digest bit length must be a multiple of 8 and not greater than 256", e.Message); + } + + try + { + new Blake2sDigest(512); + Fail("no exception"); + } + catch (ArgumentException e) + { + IsEquals("BLAKE2s digest bit length must be a multiple of 8 and not greater than 256", e.Message); + } + + try + { + new Blake2sDigest(null, -1, null, null); + Fail("no exception"); + } + catch (ArgumentException e) + { + IsEquals("Invalid digest length (required: 1 - 32)", e.Message); + } + + try + { + new Blake2sDigest(null, 33, null, null); + Fail("no exception"); + } + catch (ArgumentException e) + { + IsEquals("Invalid digest length (required: 1 - 32)", e.Message); + } + } + + private void DoTestNullKeyVsUnkeyed() + { + byte[] abc = Strings.ToByteArray("abc"); + + for (int i = 1; i != 32; i++) + { + Blake2sDigest dig1 = new Blake2sDigest(i * 8); + Blake2sDigest dig2 = new Blake2sDigest(null, i, null, null); + + byte[] out1 = new byte[i]; + byte[] out2 = new byte[i]; + + dig1.BlockUpdate(abc, 0, abc.Length); + dig2.BlockUpdate(abc, 0, abc.Length); + + dig1.DoFinal(out1, 0); + dig2.DoFinal(out2, 0); + + IsTrue(Arrays.AreEqual(out1, out2)); + } + } + + public void DoTestReset() + { + // Generate a non-zero key + byte[] key = new byte[32]; + for (byte i = 0; i < key.Length; i++) + { + key[i] = i; + } + // Generate some non-zero input longer than the key + byte[] input = new byte[key.Length + 1]; + for (byte i = 0; i < input.Length; i++) + { + input[i] = i; + } + // Hash the input + Blake2sDigest digest = new Blake2sDigest(key); + digest.BlockUpdate(input, 0, input.Length); + byte[] hash = new byte[digest.GetDigestSize()]; + digest.DoFinal(hash, 0); + // Create a second instance, hash the input without calling doFinal() + Blake2sDigest digest1 = new Blake2sDigest(key); + digest1.BlockUpdate(input, 0, input.Length); + // Reset the second instance and hash the input again + digest1.Reset(); + digest1.BlockUpdate(input, 0, input.Length); + byte[] hash1 = new byte[digest.GetDigestSize()]; + digest1.DoFinal(hash1, 0); + // The hashes should be identical + if (!AreEqual(hash, hash1)) + { + Fail("BLAKE2s mismatch on test vector ", + Hex.ToHexString(hash), + Hex.ToHexString(hash1)); + } + } + + // Self-test routine from https://tools.ietf.org/html/rfc7693#appendix-E + private static readonly string SELF_TEST_RESULT = + "6A411F08CE25ADCDFB02ABA641451CEC53C598B24F4FC787FBDC88797F4C1DFE"; + private static readonly int[] SELF_TEST_DIGEST_LEN = {16, 20, 28, 32}; + private static readonly int[] SELF_TEST_INPUT_LEN = {0, 3, 64, 65, 255, 1024}; + + private static byte[] selfTestSequence(int len, int seed) + { + int a = (int)(0xDEAD4BAD * seed); + int b = 1; + int t; + byte[] output = new byte[len]; + + for (int i = 0; i < len; i++) + { + t = a + b; + a = b; + b = t; + output[i] = (byte)(t >> 24); + } + + return output; + } + + public void RunSelfTest() + { + Blake2sDigest testDigest = new Blake2sDigest(); + byte[] md = new byte[32]; + + for (int i = 0; i < 4; i++) + { + int outlen = SELF_TEST_DIGEST_LEN[i]; + for (int j = 0; j < 6; j++) + { + int inlen = SELF_TEST_INPUT_LEN[j]; + + // unkeyed hash + byte[] input = selfTestSequence(inlen, inlen); + Blake2sDigest unkeyedDigest = new Blake2sDigest(outlen * 8); + unkeyedDigest.BlockUpdate(input, 0, inlen); + unkeyedDigest.DoFinal(md, 0); + // hash the hash + testDigest.BlockUpdate(md, 0, outlen); + + // keyed hash + byte[] key = selfTestSequence(outlen, outlen); + Blake2sDigest keyedDigest = new Blake2sDigest(key, outlen, null, + null); + keyedDigest.BlockUpdate(input, 0, inlen); + keyedDigest.DoFinal(md, 0); + // hash the hash + testDigest.BlockUpdate(md, 0, outlen); + } + } + + byte[] hash = new byte[32]; + testDigest.DoFinal(hash, 0); + if (!AreEqual(Hex.Decode(SELF_TEST_RESULT), hash)) + { + Fail("BLAKE2s mismatch on test vector ", + SELF_TEST_RESULT, + Hex.ToHexString(hash)); + } + } + + public override void PerformTest() + { + DoTestDigestWithKeyedTestVectors(); + DoTestDigestWithKeyedTestVectorsAndRandomUpdate(); + DoTestReset(); + RunSelfTest(); + DoTestNullKeyVsUnkeyed(); + DoTestLengthConstruction(); + } + + public static void Main(string[] args) + { + RunTest(new Blake2sDigestTest()); + } + + [Test] + public void TestFunction() + { + string resultText = Perform().ToString(); + + Assert.AreEqual(Name + ": Okay", resultText); + } + } +} diff --git a/BouncyCastle/crypto/test/src/crypto/test/BlockCipherMonteCarloTest.cs b/BouncyCastle/crypto/test/src/crypto/test/BlockCipherMonteCarloTest.cs new file mode 100644 index 0000000..1a46a32 --- /dev/null +++ b/BouncyCastle/crypto/test/src/crypto/test/BlockCipherMonteCarloTest.cs @@ -0,0 +1,83 @@ +using System; +using System.IO; + +using Org.BouncyCastle.Crypto; +using Org.BouncyCastle.Utilities.Encoders; +using Org.BouncyCastle.Utilities.Test; + +namespace Org.BouncyCastle.Crypto.Tests +{ + /** + * a basic test that takes a cipher, key parameter, and an input + * and output string. This test wraps the engine in a buffered block + * cipher with padding disabled. + */ + public class BlockCipherMonteCarloTest + : SimpleTest + { + int id; + int iterations; + IBlockCipher engine; + ICipherParameters param; + byte[] input; + byte[] output; + + public BlockCipherMonteCarloTest( + int id, + int iterations, + IBlockCipher engine, + ICipherParameters param, + string input, + string output) + { + this.id = id; + this.iterations = iterations; + this.engine = engine; + this.param = param; + this.input = Hex.Decode(input); + this.output = Hex.Decode(output); + } + + public override string Name + { + get { return engine.AlgorithmName + " Monte Carlo Test " + id; } + } + + public override void PerformTest() + { + BufferedBlockCipher cipher = new BufferedBlockCipher(engine); + + cipher.Init(true, param); + + byte[] outBytes = new byte[input.Length]; + + Array.Copy(input, 0, outBytes, 0, outBytes.Length); + + for (int i = 0; i != iterations; i++) + { + int len1 = cipher.ProcessBytes(outBytes, 0, outBytes.Length, outBytes, 0); + + cipher.DoFinal(outBytes, len1); + } + + if (!AreEqual(outBytes, output)) + { + Fail("failed - " + "expected " + Hex.ToHexString(output) + " got " + Hex.ToHexString(outBytes)); + } + + cipher.Init(false, param); + + for (int i = 0; i != iterations; i++) + { + int len1 = cipher.ProcessBytes(outBytes, 0, outBytes.Length, outBytes, 0); + + cipher.DoFinal(outBytes, len1); + } + + if (!AreEqual(input, outBytes)) + { + Fail("failed reversal"); + } + } + } +} diff --git a/BouncyCastle/crypto/test/src/crypto/test/BlockCipherVectorTest.cs b/BouncyCastle/crypto/test/src/crypto/test/BlockCipherVectorTest.cs new file mode 100644 index 0000000..1ce9fa4 --- /dev/null +++ b/BouncyCastle/crypto/test/src/crypto/test/BlockCipherVectorTest.cs @@ -0,0 +1,75 @@ +using System; +using System.IO; + +using Org.BouncyCastle.Crypto; +using Org.BouncyCastle.Utilities.Encoders; +using Org.BouncyCastle.Utilities.Test; + +namespace Org.BouncyCastle.Crypto.Tests +{ + /** + * a basic test that takes a cipher, key parameter, and an input + * and output string. This test wraps the engine in a buffered block + * cipher with padding disabled. + */ + public class BlockCipherVectorTest + : SimpleTest + { + int id; + IBlockCipher engine; + ICipherParameters param; + byte[] input; + byte[] output; + + public BlockCipherVectorTest( + int id, + IBlockCipher engine, + ICipherParameters param, + string input, + string output) + { + this.id = id; + this.engine = engine; + this.param = param; + this.input = Hex.Decode(input); + this.output = Hex.Decode(output); + } + + public override string Name + { + get + { + return engine.AlgorithmName + " Vector Test " + id; + } + } + + public override void PerformTest() + { + BufferedBlockCipher cipher = new BufferedBlockCipher(engine); + + cipher.Init(true, param); + + byte[] outBytes = new byte[input.Length]; + + int len1 = cipher.ProcessBytes(input, 0, input.Length, outBytes, 0); + + cipher.DoFinal(outBytes, len1); + + if (!AreEqual(outBytes, output)) + { + Fail("failed - " + "expected " + Hex.ToHexString(output) + " got " + Hex.ToHexString(outBytes)); + } + + cipher.Init(false, param); + + int len2 = cipher.ProcessBytes(output, 0, output.Length, outBytes, 0); + + cipher.DoFinal(outBytes, len2); + + if (!AreEqual(input, outBytes)) + { + Fail("failed reversal got " + Hex.ToHexString(outBytes)); + } + } + } +} diff --git a/BouncyCastle/crypto/test/src/crypto/test/BlowfishTest.cs b/BouncyCastle/crypto/test/src/crypto/test/BlowfishTest.cs new file mode 100644 index 0000000..b940d13 --- /dev/null +++ b/BouncyCastle/crypto/test/src/crypto/test/BlowfishTest.cs @@ -0,0 +1,78 @@ +using System; + +using NUnit.Framework; + +using Org.BouncyCastle.Crypto.Engines; +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Utilities.Encoders; +using Org.BouncyCastle.Utilities.Test; + +namespace Org.BouncyCastle.Crypto.Tests +{ + /// Blowfish tester - vectors from http://www.counterpane.com/vectors.txt + [TestFixture] + public class BlowfishTest + : CipherTest + { + public override string Name + { + get { return "Blowfish"; } + } + + internal static SimpleTest[] tests = new SimpleTest[]{ + new BlockCipherVectorTest(0, new BlowfishEngine(), new KeyParameter(Hex.Decode("0000000000000000")), "0000000000000000", "4EF997456198DD78"), + new BlockCipherVectorTest(1, new BlowfishEngine(), new KeyParameter(Hex.Decode("FFFFFFFFFFFFFFFF")), "FFFFFFFFFFFFFFFF", "51866FD5B85ECB8A"), + new BlockCipherVectorTest(2, new BlowfishEngine(), new KeyParameter(Hex.Decode("3000000000000000")), "1000000000000001", "7D856F9A613063F2"), + new BlockCipherVectorTest(3, new BlowfishEngine(), new KeyParameter(Hex.Decode("1111111111111111")), "1111111111111111", "2466DD878B963C9D"), + new BlockCipherVectorTest(4, new BlowfishEngine(), new KeyParameter(Hex.Decode("0123456789ABCDEF")), "1111111111111111", "61F9C3802281B096"), + new BlockCipherVectorTest(5, new BlowfishEngine(), new KeyParameter(Hex.Decode("FEDCBA9876543210")), "0123456789ABCDEF", "0ACEAB0FC6A0A28D"), + new BlockCipherVectorTest(6, new BlowfishEngine(), new KeyParameter(Hex.Decode("7CA110454A1A6E57")), "01A1D6D039776742", "59C68245EB05282B"), + new BlockCipherVectorTest(7, new BlowfishEngine(), new KeyParameter(Hex.Decode("0131D9619DC1376E")), "5CD54CA83DEF57DA", "B1B8CC0B250F09A0") + }; + + public BlowfishTest() + : base(tests, new BlowfishEngine(), new KeyParameter(new byte[16])) + { + } + + [Test] + public void TestFunction() + { + string resultText = Perform().ToString(); + + BlowfishEngine blowfish = new BlowfishEngine(); + + // key range check + try + { + blowfish.Init(true, new KeyParameter(new byte[1])); + Fail("no exception"); + } + catch (ArgumentException e) + { + Assert.AreEqual("key length must be in range 32 to 448 bits", e.Message); + } + + try + { + blowfish.Init(true, new KeyParameter(new byte[59])); + Fail("no exception"); + } + catch (ArgumentException e) + { + Assert.AreEqual("key length must be in range 32 to 448 bits", e.Message); + } + + Assert.AreEqual(Name + ": Okay", resultText); + } + + public static void Main( + string[] args) + { + ITest test = new BlowfishTest(); + ITestResult result = test.Perform(); + + Console.WriteLine(result); + } + } +} diff --git a/BouncyCastle/crypto/test/src/crypto/test/CAST6Test.cs b/BouncyCastle/crypto/test/src/crypto/test/CAST6Test.cs new file mode 100644 index 0000000..7517b67 --- /dev/null +++ b/BouncyCastle/crypto/test/src/crypto/test/CAST6Test.cs @@ -0,0 +1,57 @@ +using System; + +using NUnit.Framework; + +using Org.BouncyCastle.Crypto.Engines; +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Utilities.Encoders; +using Org.BouncyCastle.Utilities.Test; + +namespace Org.BouncyCastle.Crypto.Tests +{ + /// Cast6 tester - vectors from http://www.ietf.org/rfc/rfc2612.txt + [TestFixture] + public class Cast6Test : CipherTest + { + public override string Name + { + get { return "CAST6"; } + } + + internal static SimpleTest[] tests = new SimpleTest[] + { + new BlockCipherVectorTest(0, new Cast6Engine(), + new KeyParameter(Hex.Decode("2342bb9efa38542c0af75647f29f615d")), + "00000000000000000000000000000000", + "c842a08972b43d20836c91d1b7530f6b"), + new BlockCipherVectorTest(0, new Cast6Engine(), + new KeyParameter(Hex.Decode("2342bb9efa38542cbed0ac83940ac298bac77a7717942863")), + "00000000000000000000000000000000", + "1b386c0210dcadcbdd0e41aa08a7a7e8"), + new BlockCipherVectorTest(0, new Cast6Engine(), + new KeyParameter(Hex.Decode("2342bb9efa38542cbed0ac83940ac2988d7c47ce264908461cc1b5137ae6b604")), + "00000000000000000000000000000000", + "4f6a2038286897b9c9870136553317fa") + }; + + public Cast6Test() + : base(tests, new Cast6Engine(), new KeyParameter(new byte[16])) + { + } + + public static void Main( + string[] args) + { + ITest test = new Cast6Test(); + ITestResult result = test.Perform(); + Console.WriteLine(result); + } + + [Test] + public void TestFunction() + { + string resultText = Perform().ToString(); + Assert.AreEqual(Name + ": Okay", resultText); + } + } +} diff --git a/BouncyCastle/crypto/test/src/crypto/test/CCMTest.cs b/BouncyCastle/crypto/test/src/crypto/test/CCMTest.cs new file mode 100644 index 0000000..cf5f31f --- /dev/null +++ b/BouncyCastle/crypto/test/src/crypto/test/CCMTest.cs @@ -0,0 +1,312 @@ +using System; +using System.Text; + +using NUnit.Framework; + +using Org.BouncyCastle.Crypto; +using Org.BouncyCastle.Crypto.Engines; +using Org.BouncyCastle.Crypto.Modes; +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Utilities; +using Org.BouncyCastle.Utilities.Encoders; +using Org.BouncyCastle.Utilities.Test; + +namespace Org.BouncyCastle.Crypto.Tests +{ + /** + * First four test vectors from + * NIST Special Publication 800-38C. + */ + [TestFixture] + public class CcmTest + : SimpleTest + { + private static readonly byte[] K1 = Hex.Decode("404142434445464748494a4b4c4d4e4f"); + private static readonly byte[] N1 = Hex.Decode("10111213141516"); + private static readonly byte[] A1 = Hex.Decode("0001020304050607"); + private static readonly byte[] P1 = Hex.Decode("20212223"); + private static readonly byte[] C1 = Hex.Decode("7162015b4dac255d"); + private static readonly byte[] T1 = Hex.Decode("6084341b"); + + private static readonly byte[] K2 = Hex.Decode("404142434445464748494a4b4c4d4e4f"); + private static readonly byte[] N2 = Hex.Decode("1011121314151617"); + private static readonly byte[] A2 = Hex.Decode("000102030405060708090a0b0c0d0e0f"); + private static readonly byte[] P2 = Hex.Decode("202122232425262728292a2b2c2d2e2f"); + private static readonly byte[] C2 = Hex.Decode("d2a1f0e051ea5f62081a7792073d593d1fc64fbfaccd"); + private static readonly byte[] T2 = Hex.Decode("7f479ffca464"); + + private static readonly byte[] K3 = Hex.Decode("404142434445464748494a4b4c4d4e4f"); + private static readonly byte[] N3 = Hex.Decode("101112131415161718191a1b"); + private static readonly byte[] A3 = Hex.Decode("000102030405060708090a0b0c0d0e0f10111213"); + private static readonly byte[] P3 = Hex.Decode("202122232425262728292a2b2c2d2e2f3031323334353637"); + private static readonly byte[] C3 = Hex.Decode("e3b201a9f5b71a7a9b1ceaeccd97e70b6176aad9a4428aa5484392fbc1b09951"); + private static readonly byte[] T3 = Hex.Decode("67c99240c7d51048"); + + private static readonly byte[] K4 = Hex.Decode("404142434445464748494a4b4c4d4e4f"); + private static readonly byte[] N4 = Hex.Decode("101112131415161718191a1b1c"); + private static readonly byte[] A4 = Hex.Decode("000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f505152535455565758595a5b5c5d5e5f606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9fa0a1a2a3a4a5a6a7a8a9aaabacadaeafb0b1b2b3b4b5b6b7b8b9babbbcbdbebfc0c1c2c3c4c5c6c7c8c9cacbcccdcecfd0d1d2d3d4d5d6d7d8d9dadbdcdddedfe0e1e2e3e4e5e6e7e8e9eaebecedeeeff0f1f2f3f4f5f6f7f8f9fafbfcfdfeff"); + private static readonly byte[] P4 = Hex.Decode("202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f"); + private static readonly byte[] C4 = Hex.Decode("69915dad1e84c6376a68c2967e4dab615ae0fd1faec44cc484828529463ccf72b4ac6bec93e8598e7f0dadbcea5b"); + private static readonly byte[] T4 = Hex.Decode("f4dd5d0ee404617225ffe34fce91"); + + // + // long data vector + // + private static readonly byte[] C5 = Hex.Decode("49b17d8d3ea4e6174a48e2b65e6d8b417ac0dd3f8ee46ce4a4a2a509661cef52528c1cd9805333a5cfd482fa3f095a3c2fdd1cc47771c5e55fddd60b5c8d6d3fa5c8dd79d08b16242b6642106e7c0c28bd1064b31e6d7c9800c8397dbc3fa8071e6a38278b386c18d65d39c6ad1ef9501a5c8f68d38eb6474799f3cc898b4b9b97e87f9c95ce5c51bc9d758f17119586663a5684e0a0daf6520ec572b87473eb141d10471e4799ded9e607655402eca5176bbf792ef39dd135ac8d710da8e9e854fd3b95c681023f36b5ebe2fb213d0b62dd6e9e3cfe190b792ccb20c53423b2dca128f861a61d306910e1af418839467e466f0ec361d2539eedd99d4724f1b51c07beb40e875a87491ec8b27cd1"); + private static readonly byte[] T5 = Hex.Decode("5c768856796b627b13ec8641581b"); + + public override void PerformTest() + { + CcmBlockCipher ccm = new CcmBlockCipher(new AesEngine()); + + checkVectors(0, ccm, K1, 32, N1, A1, P1, T1, C1); + checkVectors(1, ccm, K2, 48, N2, A2, P2, T2, C2); + checkVectors(2, ccm, K3, 64, N3, A3, P3, T3, C3); + + ivParamTest(0, ccm, K1, N1); + + // + // 4 has a reduced associated text which needs to be replicated + // + byte[] a4 = new byte[65536]; // 524288 / 8 + + for (int i = 0; i < a4.Length; i += A4.Length) + { + Array.Copy(A4, 0, a4, i, A4.Length); + } + + checkVectors(3, ccm, K4, 112, N4, a4, P4, T4, C4); + + // + // long data test + // + checkVectors(4, ccm, K4, 112, N4, A4, A4, T5, C5); + + // decryption with output specified, non-zero offset. + ccm.Init(false, new AeadParameters(new KeyParameter(K2), 48, N2, A2)); + + byte[] inBuf = new byte[C2.Length + 10]; + byte[] outBuf = new byte[ccm.GetOutputSize(C2.Length) + 10]; + + Array.Copy(C2, 0, inBuf, 10, C2.Length); + + int len = ccm.ProcessPacket(inBuf, 10, C2.Length, outBuf, 10); + byte[] output = ccm.ProcessPacket(C2, 0, C2.Length); + + if (len != output.Length || !isEqual(output, outBuf, 10)) + { + Fail("decryption output incorrect"); + } + + // encryption with output specified, non-zero offset. + ccm.Init(true, new AeadParameters(new KeyParameter(K2), 48, N2, A2)); + + int inLen = len; + inBuf = outBuf; + outBuf = new byte[ccm.GetOutputSize(inLen) + 10]; + + len = ccm.ProcessPacket(inBuf, 10, inLen, outBuf, 10); + output = ccm.ProcessPacket(inBuf, 10, inLen); + + if (len != output.Length || !isEqual(output, outBuf, 10)) + { + Fail("encryption output incorrect"); + } + + // + // exception tests + // + + try + { + ccm.Init(false, new AeadParameters(new KeyParameter(K1), 32, N2, A2)); + + ccm.ProcessPacket(C2, 0, C2.Length); + + Fail("invalid cipher text not picked up"); + } + catch (InvalidCipherTextException) + { + // expected + } + + try + { + ccm = new CcmBlockCipher(new DesEngine()); + + Fail("incorrect block size not picked up"); + } + catch (ArgumentException) + { + // expected + } + + try + { + ccm.Init(false, new KeyParameter(K1)); + + Fail("illegal argument not picked up"); + } + catch (ArgumentException) + { + // expected + } + } + + private bool isEqual(byte[] exp, byte[] other, int off) + { + for (int i = 0; i != exp.Length; i++) + { + if (exp[i] != other[off + i]) + return false; + } + + return true; + } + + private void checkVectors( + int count, + CcmBlockCipher ccm, + byte[] k, + int macSize, + byte[] n, + byte[] a, + byte[] p, + byte[] t, + byte[] c) + { + byte[] fa = new byte[a.Length / 2]; + byte[] la = new byte[a.Length - (a.Length / 2)]; + Array.Copy(a, 0, fa, 0, fa.Length); + Array.Copy(a, fa.Length, la, 0, la.Length); + + checkVectors(count, ccm, "all initial associated data", k, macSize, n, a, null, p, t, c); + checkVectors(count, ccm, "subsequent associated data", k, macSize, n, null, a, p, t, c); + checkVectors(count, ccm, "split associated data", k, macSize, n, fa, la, p, t, c); + // checkVectors(count, ccm, "reuse key", null, macSize, n, fa, la, p, t, c); + } + + private void checkVectors( + int count, + CcmBlockCipher ccm, + string additionalDataType, + byte[] k, + int macSize, + byte[] n, + byte[] a, + byte[] sa, + byte[] p, + byte[] t, + byte[] c) + { + KeyParameter keyParam = (k == null) ? null : new KeyParameter(k); + + ccm.Init(true, new AeadParameters(keyParam, macSize, n, a)); + + byte[] enc = new byte[c.Length]; + + if (sa != null) + { + ccm.ProcessAadBytes(sa, 0, sa.Length); + } + + int len = ccm.ProcessBytes(p, 0, p.Length, enc, 0); + + len += ccm.DoFinal(enc, len); + +// ccm.Init(true, new AeadParameters(new KeyParameter(k), macSize, n, a)); +// +// byte[] enc = ccm.ProcessPacket(p, 0, p.Length); + + if (!AreEqual(c, enc)) + { + Fail("encrypted stream fails to match in test " + count + " with " + additionalDataType); + } + +// ccm.Init(false, new AeadParameters(new KeyParameter(k), macSize, n, a)); +// +// byte[] dec = ccm.ProcessPacket(enc, 0, enc.Length); + + ccm.Init(false, new AeadParameters(new KeyParameter(k), macSize, n, a)); + + byte[] tmp = new byte[enc.Length]; + + if (sa != null) + { + ccm.ProcessAadBytes(sa, 0, sa.Length); + } + + len = ccm.ProcessBytes(enc, 0, enc.Length, tmp, 0); + + len += ccm.DoFinal(tmp, len); + + byte[] dec = new byte[len]; + + Array.Copy(tmp, 0, dec, 0, len); + + if (!AreEqual(p, dec)) + { + Fail("decrypted stream fails to match in test " + count + " with " + additionalDataType, + Hex.ToHexString(p), Hex.ToHexString(dec)); + } + + if (!AreEqual(t, ccm.GetMac())) + { + Fail("MAC fails to match in test " + count + " with " + additionalDataType); + } + } + + private void ivParamTest( + int count, + CcmBlockCipher ccm, + byte[] k, + byte[] n) + { + byte[] p = Encoding.ASCII.GetBytes("hello world!!"); + + ccm.Init(true, new ParametersWithIV(new KeyParameter(k), n)); + + byte[] enc = new byte[p.Length + 8]; + + int len = ccm.ProcessBytes(p, 0, p.Length, enc, 0); + + len += ccm.DoFinal(enc, len); + + ccm.Init(false, new ParametersWithIV(new KeyParameter(k), n)); + + byte[] tmp = new byte[enc.Length]; + + len = ccm.ProcessBytes(enc, 0, enc.Length, tmp, 0); + + len += ccm.DoFinal(tmp, len); + + byte[] dec = new byte[len]; + + Array.Copy(tmp, 0, dec, 0, len); + + if (!AreEqual(p, dec)) + { + Fail("decrypted stream fails to match in test " + count); + } + } + + public override string Name + { + get { return "CCM"; } + } + + [Test] + public void TestFunction() + { + string resultText = Perform().ToString(); + + Assert.AreEqual(Name + ": Okay", resultText); + } + + public static void Main( + string[] args) + { + RunTest(new CcmTest()); + } + } +} diff --git a/BouncyCastle/crypto/test/src/crypto/test/CMacTest.cs b/BouncyCastle/crypto/test/src/crypto/test/CMacTest.cs new file mode 100644 index 0000000..23ae7cb --- /dev/null +++ b/BouncyCastle/crypto/test/src/crypto/test/CMacTest.cs @@ -0,0 +1,302 @@ +using System; + +using NUnit.Framework; + +using Org.BouncyCastle.Crypto.Engines; +using Org.BouncyCastle.Crypto.Macs; +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Utilities.Encoders; +using Org.BouncyCastle.Utilities.Test; + +namespace Org.BouncyCastle.Crypto.Tests +{ + /** + * CMAC tester - Official Test Vectors. + */ + [TestFixture] + public class CMacTest + : SimpleTest + { + private static readonly byte[] keyBytes128 = Hex.Decode("2b7e151628aed2a6abf7158809cf4f3c"); + private static readonly byte[] keyBytes192 = Hex.Decode( + "8e73b0f7da0e6452c810f32b809079e5" + + "62f8ead2522c6b7b"); + private static readonly byte[] keyBytes256 = Hex.Decode( + "603deb1015ca71be2b73aef0857d7781" + + "1f352c073b6108d72d9810a30914dff4"); + + private static readonly byte[] input0 = Hex.Decode(""); + private static readonly byte[] input16 = Hex.Decode("6bc1bee22e409f96e93d7e117393172a"); + private static readonly byte[] input40 = Hex.Decode( + "6bc1bee22e409f96e93d7e117393172a" + + "ae2d8a571e03ac9c9eb76fac45af8e5130c81c46a35ce411"); + private static readonly byte[] input64 = Hex.Decode( + "6bc1bee22e409f96e93d7e117393172a" + + "ae2d8a571e03ac9c9eb76fac45af8e51" + + "30c81c46a35ce411e5fbc1191a0a52ef" + + "f69f2445df4f9b17ad2b417be66c3710"); + + private static readonly byte[] output_k128_m0 = Hex.Decode("bb1d6929e95937287fa37d129b756746"); + private static readonly byte[] output_k128_m16 = Hex.Decode("070a16b46b4d4144f79bdd9dd04a287c"); + private static readonly byte[] output_k128_m40 = Hex.Decode("dfa66747de9ae63030ca32611497c827"); + private static readonly byte[] output_k128_m64 = Hex.Decode("51f0bebf7e3b9d92fc49741779363cfe"); + + private static readonly byte[] output_k192_m0 = Hex.Decode("d17ddf46adaacde531cac483de7a9367"); + private static readonly byte[] output_k192_m16 = Hex.Decode("9e99a7bf31e710900662f65e617c5184"); + private static readonly byte[] output_k192_m40 = Hex.Decode("8a1de5be2eb31aad089a82e6ee908b0e"); + private static readonly byte[] output_k192_m64 = Hex.Decode("a1d5df0eed790f794d77589659f39a11"); + + private static readonly byte[] output_k256_m0 = Hex.Decode("028962f61b7bf89efc6b551f4667d983"); + private static readonly byte[] output_k256_m16 = Hex.Decode("28a7023f452e8f82bd4bf28d8c37c35c"); + private static readonly byte[] output_k256_m40 = Hex.Decode("aaf3d8f1de5640c232f5b169b9c911e6"); + private static readonly byte[] output_k256_m64 = Hex.Decode("e1992190549f6ed5696a2c056c315410"); + + public CMacTest() + { + } + + public override void PerformTest() + { + IBlockCipher cipher = new AesEngine(); + IMac mac = new CMac(cipher, 128); + + //128 bytes key + + KeyParameter key = new KeyParameter(keyBytes128); + + // 0 bytes message - 128 bytes key + mac.Init(key); + + mac.BlockUpdate(input0, 0, input0.Length); + + byte[] outBytes = new byte[16]; + + mac.DoFinal(outBytes, 0); + + if (!AreEqual(outBytes, output_k128_m0)) + { + Fail("Failed - expected " + + Hex.ToHexString(output_k128_m0) + " got " + + Hex.ToHexString(outBytes)); + } + + // 16 bytes message - 128 bytes key + mac.Init(key); + + mac.BlockUpdate(input16, 0, input16.Length); + + outBytes = new byte[16]; + + mac.DoFinal(outBytes, 0); + + if (!AreEqual(outBytes, output_k128_m16)) + { + Fail("Failed - expected " + + Hex.ToHexString(output_k128_m16) + " got " + + Hex.ToHexString(outBytes)); + } + + // 40 bytes message - 128 bytes key + mac.Init(key); + + mac.BlockUpdate(input40, 0, input40.Length); + + outBytes = new byte[16]; + + mac.DoFinal(outBytes, 0); + + if (!AreEqual(outBytes, output_k128_m40)) + { + Fail("Failed - expected " + + Hex.ToHexString(output_k128_m40) + " got " + + Hex.ToHexString(outBytes)); + } + + // 64 bytes message - 128 bytes key + mac.Init(key); + + mac.BlockUpdate(input64, 0, input64.Length); + + outBytes = new byte[16]; + + mac.DoFinal(outBytes, 0); + + if (!AreEqual(outBytes, output_k128_m64)) + { + Fail("Failed - expected " + + Hex.ToHexString(output_k128_m64) + " got " + + Hex.ToHexString(outBytes)); + } + + //192 bytes key + key = new KeyParameter(keyBytes192); + + // 0 bytes message - 192 bytes key + mac.Init(key); + + mac.BlockUpdate(input0, 0, input0.Length); + + outBytes = new byte[16]; + + mac.DoFinal(outBytes, 0); + + if (!AreEqual(outBytes, output_k192_m0)) + { + Fail("Failed - expected " + + Hex.ToHexString(output_k192_m0) + " got " + + Hex.ToHexString(outBytes)); + } + + // 16 bytes message - 192 bytes key + mac.Init(key); + + mac.BlockUpdate(input16, 0, input16.Length); + + outBytes = new byte[16]; + + mac.DoFinal(outBytes, 0); + + if (!AreEqual(outBytes, output_k192_m16)) + { + Fail("Failed - expected " + + Hex.ToHexString(output_k192_m16) + " got " + + Hex.ToHexString(outBytes)); + } + + // 40 bytes message - 192 bytes key + mac.Init(key); + + mac.BlockUpdate(input40, 0, input40.Length); + + outBytes = new byte[16]; + + mac.DoFinal(outBytes, 0); + + if (!AreEqual(outBytes, output_k192_m40)) + { + Fail("Failed - expected " + + Hex.ToHexString(output_k192_m40) + " got " + + Hex.ToHexString(outBytes)); + } + + // 64 bytes message - 192 bytes key + mac.Init(key); + + mac.BlockUpdate(input64, 0, input64.Length); + + outBytes = new byte[16]; + + mac.DoFinal(outBytes, 0); + + if (!AreEqual(outBytes, output_k192_m64)) + { + Fail("Failed - expected " + + Hex.ToHexString(output_k192_m64) + " got " + + Hex.ToHexString(outBytes)); + } + + //256 bytes key + + key = new KeyParameter(keyBytes256); + + // 0 bytes message - 256 bytes key + mac.Init(key); + + mac.BlockUpdate(input0, 0, input0.Length); + + outBytes = new byte[16]; + + mac.DoFinal(outBytes, 0); + + if (!AreEqual(outBytes, output_k256_m0)) + { + Fail("Failed - expected " + + Hex.ToHexString(output_k256_m0) + " got " + + Hex.ToHexString(outBytes)); + } + + // 16 bytes message - 256 bytes key + mac.Init(key); + + mac.BlockUpdate(input16, 0, input16.Length); + + outBytes = new byte[16]; + + mac.DoFinal(outBytes, 0); + + if (!AreEqual(outBytes, output_k256_m16)) + { + Fail("Failed - expected " + + Hex.ToHexString(output_k256_m16) + " got " + + Hex.ToHexString(outBytes)); + } + + // 40 bytes message - 256 bytes key + mac.Init(key); + + mac.BlockUpdate(input40, 0, input40.Length); + + outBytes = new byte[16]; + + mac.DoFinal(outBytes, 0); + + if (!AreEqual(outBytes, output_k256_m40)) + { + Fail("Failed - expected " + + Hex.ToHexString(output_k256_m40) + " got " + + Hex.ToHexString(outBytes)); + } + + // 64 bytes message - 256 bytes key + mac.Init(key); + + mac.BlockUpdate(input64, 0, input64.Length); + + outBytes = new byte[16]; + + mac.DoFinal(outBytes, 0); + + if (!AreEqual(outBytes, output_k256_m64)) + { + Fail("Failed - expected " + + Hex.ToHexString(output_k256_m64) + " got " + + Hex.ToHexString(outBytes)); + } + + TestExceptions(); + } + + private void TestExceptions() + { + try + { + CMac mac = new CMac(new AesEngine()); + mac.Init(new ParametersWithIV(new KeyParameter(new byte[16]), new byte[16])); + Fail("CMac does not accept IV"); + } + catch(ArgumentException) + { + // Expected + } + } + + public override string Name + { + get { return "CMac"; } + } + + public static void Main( + string[] args) + { + RunTest(new CMacTest()); + } + + [Test] + public void TestFunction() + { + string resultText = Perform().ToString(); + + Assert.AreEqual(Name + ": Okay", resultText); + } + } +} diff --git a/BouncyCastle/crypto/test/src/crypto/test/CSHAKETest.cs b/BouncyCastle/crypto/test/src/crypto/test/CSHAKETest.cs new file mode 100644 index 0000000..bd25a69 --- /dev/null +++ b/BouncyCastle/crypto/test/src/crypto/test/CSHAKETest.cs @@ -0,0 +1,224 @@ +using System; + +using NUnit.Framework; + +using Org.BouncyCastle.Crypto.Digests; +using Org.BouncyCastle.Utilities; +using Org.BouncyCastle.Utilities.Encoders; +using Org.BouncyCastle.Utilities.Test; + +namespace Org.BouncyCastle.Crypto.Tests +{ + [TestFixture] + public class CShakeTest + : SimpleTest + { + public override string Name + { + get { return "CSHAKE"; } + } + + public override void PerformTest() + { + CShakeDigest cshake = new CShakeDigest(128, new byte[0], Strings.ToByteArray("Email Signature")); + + cshake.BlockUpdate(Hex.Decode("00010203"), 0, 4); + + byte[] res = new byte[32]; + + cshake.DoOutput(res, 0, res.Length); + + Assert.IsTrue(Arrays.AreEqual(Hex.Decode("c1c36925b6409a04f1b504fcbca9d82b4017277cb5ed2b2065fc1d3814d5aaf5"), res)); + + cshake = new CShakeDigest(128, new byte[0], Strings.ToByteArray("Email Signature")); + + cshake.BlockUpdate(Hex.Decode( + "000102030405060708090A0B0C0D0E0F" + + "101112131415161718191A1B1C1D1E1F" + + "202122232425262728292A2B2C2D2E2F" + + "303132333435363738393A3B3C3D3E3F" + + "404142434445464748494A4B4C4D4E4F" + + "505152535455565758595A5B5C5D5E5F" + + "606162636465666768696A6B6C6D6E6F" + + "707172737475767778797A7B7C7D7E7F" + + "808182838485868788898A8B8C8D8E8F" + + "909192939495969798999A9B9C9D9E9F" + + "A0A1A2A3A4A5A6A7A8A9AAABACADAEAF" + + "B0B1B2B3B4B5B6B7B8B9BABBBCBDBEBF" + + "C0C1C2C3C4C5C6C7"), 0, 1600 / 8); + + res = new byte[32]; + + cshake.DoOutput(res, 0, res.Length); + + Assert.IsTrue(Arrays.AreEqual(Hex.Decode("C5221D50E4F822D96A2E8881A961420F294B7B24FE3D2094BAED2C6524CC166B "), res)); + + cshake = new CShakeDigest(256, new byte[0], Strings.ToByteArray("Email Signature")); + + cshake.BlockUpdate(Hex.Decode("00010203"), 0, 4); + + res = new byte[64]; + + cshake.DoOutput(res, 0, res.Length); + + Assert.IsTrue(Arrays.AreEqual(Hex.Decode( + "D008828E2B80AC9D2218FFEE1D070C48" + + "B8E4C87BFF32C9699D5B6896EEE0EDD1" + + "64020E2BE0560858D9C00C037E34A969" + + "37C561A74C412BB4C746469527281C8C"), res)); + + cshake = new CShakeDigest(256, new byte[0], Strings.ToByteArray("Email Signature")); + + cshake.BlockUpdate(Hex.Decode( + "000102030405060708090A0B0C0D0E0F" + + "101112131415161718191A1B1C1D1E1F" + + "202122232425262728292A2B2C2D2E2F" + + "303132333435363738393A3B3C3D3E3F" + + "404142434445464748494A4B4C4D4E4F" + + "505152535455565758595A5B5C5D5E5F" + + "606162636465666768696A6B6C6D6E6F" + + "707172737475767778797A7B7C7D7E7F" + + "808182838485868788898A8B8C8D8E8F" + + "909192939495969798999A9B9C9D9E9F" + + "A0A1A2A3A4A5A6A7A8A9AAABACADAEAF" + + "B0B1B2B3B4B5B6B7B8B9BABBBCBDBEBF" + + "C0C1C2C3C4C5C6C7"), 0, 1600 / 8); + + res = new byte[64]; + + cshake.DoOutput(res, 0, res.Length); + + Assert.IsTrue(Arrays.AreEqual(Hex.Decode( + "07DC27B11E51FBAC75BC7B3C1D983E8B" + + "4B85FB1DEFAF218912AC864302730917" + + "27F42B17ED1DF63E8EC118F04B23633C" + + "1DFB1574C8FB55CB45DA8E25AFB092BB"), res)); + + doFinalTest(); + longBlockTest(); + checkZeroPadZ(); + + checkSHAKE(128, new CShakeDigest(128, new byte[0], new byte[0]), Hex.Decode("eeaabeef")); + checkSHAKE(256, new CShakeDigest(256, new byte[0], null), Hex.Decode("eeaabeef")); + checkSHAKE(128, new CShakeDigest(128, null, new byte[0]), Hex.Decode("eeaabeef")); + checkSHAKE(128, new CShakeDigest(128, null, null), Hex.Decode("eeaabeef")); + checkSHAKE(256, new CShakeDigest(256, null, null), Hex.Decode("eeaabeef")); + } + + private void checkZeroPadZ() + { + byte[] buf = new byte[20]; + + CShakeDigest cshake1 = new CShakeDigest(256, new byte[0], new byte[265]); + cshake1.DoOutput(buf, 0, buf.Length); + Assert.IsTrue(Arrays.AreEqual(Hex.Decode("6e393540387004f087c4180db008acf6825190cf"), buf)); + + CShakeDigest cshake2 = new CShakeDigest(128, new byte[0], new byte[329]); + cshake2.DoOutput(buf, 0, buf.Length); + Assert.IsTrue(Arrays.AreEqual(Hex.Decode("309bd7c285fcf8b839c9686b2cc00bd578947bee"), buf)); + + cshake2 = new CShakeDigest(128, new byte[29], new byte[300]); + cshake2.DoOutput(buf, 0, buf.Length); + Assert.IsTrue(Arrays.AreEqual(Hex.Decode("ff6aafd83b8d22fc3e2e9b9948b581967ed9c5e7"), buf)); + } + + private void doFinalTest() + { + CShakeDigest cshake = new CShakeDigest(128, new byte[0], Strings.ToByteArray("Email Signature")); + + cshake.BlockUpdate(Hex.Decode("00010203"), 0, 4); + + byte[] res = new byte[32]; + + cshake.DoOutput(res, 0, res.Length); + + Assert.IsTrue(Arrays.AreEqual(Hex.Decode("c1c36925b6409a04f1b504fcbca9d82b4017277cb5ed2b2065fc1d3814d5aaf5"), res)); + + cshake.DoOutput(res, 0, res.Length); + + Assert.IsTrue(!Arrays.AreEqual(Hex.Decode("c1c36925b6409a04f1b504fcbca9d82b4017277cb5ed2b2065fc1d3814d5aaf5"), res)); + + cshake.DoFinal(res, 0, res.Length); + + cshake.BlockUpdate(Hex.Decode("00010203"), 0, 4); + + cshake.DoFinal(res, 0, res.Length); + + string s = Hex.ToHexString(res); + + //Console.WriteLine(s); + + Assert.IsTrue(Arrays.AreEqual(Hex.Decode("c1c36925b6409a04f1b504fcbca9d82b4017277cb5ed2b2065fc1d3814d5aaf5"), res)); + + cshake.BlockUpdate(Hex.Decode("00010203"), 0, 4); + + cshake.DoOutput(res, 0, res.Length); + + Assert.IsTrue(Arrays.AreEqual(Hex.Decode("c1c36925b6409a04f1b504fcbca9d82b4017277cb5ed2b2065fc1d3814d5aaf5"), res)); + + cshake.DoFinal(res, 0, res.Length); + + Assert.IsTrue(Arrays.AreEqual(Hex.Decode("9cbce830079c452abdeb875366a49ebfe75b89ef17396e34898e904830b0e136"), res)); + } + + private void longBlockTest() + { + byte[] data = new byte[16000]; + byte[] res = new byte[32]; + + for (int i = 0; i != data.Length; i++) + { + data[i] = (byte)i; + } + + byte[] hex0123 = Hex.DecodeStrict("00010203"); + for (int i = 10000; i != data.Length; i++) + { + CShakeDigest cshake_ = new CShakeDigest(128, new byte[0], Arrays.CopyOfRange(data, 0, i)); + + cshake_.BlockUpdate(hex0123, 0, 4); + + cshake_.DoFinal(res, 0, 16); + } + + CShakeDigest cshake = new CShakeDigest(256, new byte[0], new byte[200]); + + cshake.BlockUpdate(data, 0, 200); + + cshake.DoFinal(res, 0, 32); + + Assert.IsTrue(Arrays.AreEqual(Hex.Decode("4a899b5be460d85a9789215bc17f88b8f8ac049bd3b519f561e7b5d3870dafa3"), res)); + } + + private void checkSHAKE(int bitSize, CShakeDigest cshake, byte[] msg) + { + + ShakeDigest ref_ = new ShakeDigest(bitSize); + + ref_.BlockUpdate(msg, 0, msg.Length); + cshake.BlockUpdate(msg, 0, msg.Length); + + byte[] res1 = new byte[32]; + byte[] res2 = new byte[32]; + + ref_.DoFinal(res1, 0, res1.Length); + cshake.DoFinal(res2, 0, res2.Length); + + Assert.IsTrue(Arrays.AreEqual(res1, res2)); + } + + public static void Main( + string[] args) + { + RunTest(new CShakeTest()); + } + + [Test] + public void TestFunction() + { + string resultText = Perform().ToString(); + + Assert.AreEqual(Name + ": Okay", resultText); + } + } +} diff --git a/BouncyCastle/crypto/test/src/crypto/test/CTSTest.cs b/BouncyCastle/crypto/test/src/crypto/test/CTSTest.cs new file mode 100644 index 0000000..9d001bc --- /dev/null +++ b/BouncyCastle/crypto/test/src/crypto/test/CTSTest.cs @@ -0,0 +1,192 @@ +using System; + +using NUnit.Framework; + +using Org.BouncyCastle.Crypto.Engines; +using Org.BouncyCastle.Crypto.Modes; +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Utilities.Encoders; +using Org.BouncyCastle.Utilities.Test; + +namespace Org.BouncyCastle.Crypto.Tests +{ + /// CTS tester + [TestFixture] + public class CTSTest : ITest + { + public string Name + { + get + { + return "CTS"; + } + } + + internal static byte[] in1; + + internal static byte[] in2; + + internal static byte[] out1; + + internal static byte[] out2; + + internal static byte[] out3; + + private class CTSTester : ITest + { + private void InitBlock(CTSTest enclosingInstance) + { + this.enclosingInstance = enclosingInstance; + } + private CTSTest enclosingInstance; + + public string Name + { + get + { + return "CTS"; + } + } + + public CTSTest Enclosing_Instance + { + get + { + return enclosingInstance; + } + + } + + private int id; + private IBlockCipher cipher; + private ICipherParameters parameters; + private byte[] input; + private byte[] output; + + internal CTSTester(CTSTest enclosingInstance, int id, IBlockCipher cipher, ICipherParameters parameters, byte[] input, byte[] output) + { + InitBlock(enclosingInstance); + this.id = id; + this.cipher = cipher; + this.parameters = parameters; + this.input = input; + this.output = output; + } + + public virtual ITestResult Perform() + { + byte[] outBytes = new byte[input.Length]; + BufferedBlockCipher engine = new CtsBlockCipher(cipher); + + engine.Init(true, parameters); + + int len = engine.ProcessBytes(input, 0, input.Length, outBytes, 0); + + try + { + engine.DoFinal(outBytes, len); + } + catch (Exception e) + { + return new SimpleTestResult(false, Name + ": encryption exception - " + e.ToString()); + } + + for (int i = 0; i != output.Length; i++) + { + if (outBytes[i] != output[i]) + { + return new SimpleTestResult(false, Name + ": failed encryption expected " + + Hex.ToHexString(output) + " got " + Hex.ToHexString(outBytes)); + } + } + + engine.Init(false, parameters); + + len = engine.ProcessBytes(output, 0, output.Length, outBytes, 0); + + try + { + engine.DoFinal(outBytes, len); + } + catch (Exception e) + { + return new SimpleTestResult(false, Name + ": decryption exception - " + e.ToString()); + } + + for (int i = 0; i != input.Length; i++) + { + if (outBytes[i] != input[i]) + { + return new SimpleTestResult(false, Name + ": failed encryption expected " + + Hex.ToHexString(input) + " got " + Hex.ToHexString(outBytes)); + } + } + + return new SimpleTestResult(true, Name + ": Okay"); + } + } + + public CTSTest() + { + } + + public virtual ITestResult Perform() + { + byte[] key1 = new byte[]{(byte) 0x01, (byte) 0x23, (byte) 0x45, (byte) 0x67, (byte) 0x89, (byte) 0xAB, (byte) 0xCD, (byte) 0xEF}; + byte[] key2 = new byte[]{(byte) 0x01, (byte) 0x23, (byte) 0x45, (byte) 0x67, (byte) 0x89, (byte) 0xAB, (byte) 0xCD, (byte) 0xEF, (byte) 0xee, (byte) 0xff }; + byte[] iv = new byte[]{1, 2, 3, 4, 5, 6, 7, 8}; + + ITest test = new CTSTester(this, 1, new DesEngine(), new KeyParameter(key1), in1, out1); + ITestResult result = test.Perform(); + + if (!result.IsSuccessful()) + { + return result; + } + + test = new CTSTester(this, 2, new CbcBlockCipher(new DesEngine()), new ParametersWithIV(new KeyParameter(key1), iv), in1, out2); + result = test.Perform(); + + if (!result.IsSuccessful()) + { + return result; + } + + test = new CTSTester(this, 3, new CbcBlockCipher(new SkipjackEngine()), new ParametersWithIV(new KeyParameter(key2), iv), in2, out3); + result = test.Perform(); + + if (!result.IsSuccessful()) + { + return result; + } + + return new SimpleTestResult(true, Name + ": Okay"); + } + + public static void Main( + string[] args) + { + CTSTest test = new CTSTest(); + ITestResult result = test.Perform(); + + Console.WriteLine(result); + } + + [Test] + public void TestFunction() + { + string resultText = Perform().ToString(); + + Assert.AreEqual(Name + ": Okay", resultText); + } + + static CTSTest() + { + in1 = Hex.Decode("4e6f7720697320746865207420"); + in2 = Hex.Decode("000102030405060708090a0b0c0d0e0fff0102030405060708090a0b0c0d0e0f0aaa"); + out1 = Hex.Decode("9952f131588465033fa40e8a98"); + out2 = Hex.Decode("358f84d01eb42988dc34efb994"); + out3 = Hex.Decode("170171cfad3f04530c509b0c1f0be0aefbd45a8e3755a873bff5ea198504b71683c6"); + } + } +} diff --git a/BouncyCastle/crypto/test/src/crypto/test/CamelliaLightTest.cs b/BouncyCastle/crypto/test/src/crypto/test/CamelliaLightTest.cs new file mode 100644 index 0000000..2247178 --- /dev/null +++ b/BouncyCastle/crypto/test/src/crypto/test/CamelliaLightTest.cs @@ -0,0 +1,80 @@ +using System; + +using NUnit.Framework; + +using Org.BouncyCastle.Crypto.Engines; +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Utilities.Encoders; +using Org.BouncyCastle.Utilities.Test; + +namespace Org.BouncyCastle.Crypto.Tests +{ + /** + * Camellia tester - vectors from https://www.cosic.esat.kuleuven.be/nessie/testvectors/ and RFC 3713 + */ + [TestFixture] + public class CamelliaLightTest + : CipherTest + { + static SimpleTest[] tests = + { + new BlockCipherVectorTest(0, new CamelliaLightEngine(), + new KeyParameter(Hex.Decode("00000000000000000000000000000000")), + "80000000000000000000000000000000", "07923A39EB0A817D1C4D87BDB82D1F1C"), + new BlockCipherVectorTest(1, new CamelliaLightEngine(), + new KeyParameter(Hex.Decode("80000000000000000000000000000000")), + "00000000000000000000000000000000", "6C227F749319A3AA7DA235A9BBA05A2C"), + new BlockCipherVectorTest(2, new CamelliaLightEngine(), + new KeyParameter(Hex.Decode("0123456789abcdeffedcba9876543210")), + "0123456789abcdeffedcba9876543210", "67673138549669730857065648eabe43"), + // + // 192 bit + // + new BlockCipherVectorTest(3, new CamelliaLightEngine(), + new KeyParameter(Hex.Decode("0123456789abcdeffedcba98765432100011223344556677")), + "0123456789abcdeffedcba9876543210", "b4993401b3e996f84ee5cee7d79b09b9"), + new BlockCipherVectorTest(4, new CamelliaLightEngine(), + new KeyParameter(Hex.Decode("000000000000000000000000000000000000000000000000")), + "00040000000000000000000000000000", "9BCA6C88B928C1B0F57F99866583A9BC"), + new BlockCipherVectorTest(5, new CamelliaLightEngine(), + new KeyParameter(Hex.Decode("949494949494949494949494949494949494949494949494")), + "636EB22D84B006381235641BCF0308D2", "94949494949494949494949494949494"), + // + // 256 bit + // + new BlockCipherVectorTest(6, new CamelliaLightEngine(), + new KeyParameter(Hex.Decode("0123456789abcdeffedcba987654321000112233445566778899aabbccddeeff")), + "0123456789abcdeffedcba9876543210", "9acc237dff16d76c20ef7c919e3a7509"), + new BlockCipherVectorTest(7, new CamelliaLightEngine(), + new KeyParameter(Hex.Decode("4A4A4A4A4A4A4A4A4A4A4A4A4A4A4A4A4A4A4A4A4A4A4A4A4A4A4A4A4A4A4A4A")), + "057764FE3A500EDBD988C5C3B56CBA9A", "4A4A4A4A4A4A4A4A4A4A4A4A4A4A4A4A"), + new BlockCipherVectorTest(8, new CamelliaLightEngine(), + new KeyParameter(Hex.Decode("0303030303030303030303030303030303030303030303030303030303030303")), + "7968B08ABA92193F2295121EF8D75C8A", "03030303030303030303030303030303"), + }; + + public CamelliaLightTest() + : base(tests, new CamelliaLightEngine(), new KeyParameter(new byte[32])) + { + } + + public override string Name + { + get { return "CamelliaLight"; } + } + + [Test] + public void TestFunction() + { + string resultText = Perform().ToString(); + + Assert.AreEqual(Name + ": Okay", resultText); + } + + public static void Main( + string[] args) + { + RunTest(new CamelliaLightTest()); + } + } +} diff --git a/BouncyCastle/crypto/test/src/crypto/test/CamelliaTest.cs b/BouncyCastle/crypto/test/src/crypto/test/CamelliaTest.cs new file mode 100644 index 0000000..a134546 --- /dev/null +++ b/BouncyCastle/crypto/test/src/crypto/test/CamelliaTest.cs @@ -0,0 +1,80 @@ +using System; + +using NUnit.Framework; + +using Org.BouncyCastle.Crypto.Engines; +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Utilities.Encoders; +using Org.BouncyCastle.Utilities.Test; + +namespace Org.BouncyCastle.Crypto.Tests +{ + /** + * Camellia tester - vectors from https://www.cosic.esat.kuleuven.be/nessie/testvectors/ and RFC 3713 + */ + [TestFixture] + public class CamelliaTest + : CipherTest + { + static SimpleTest[] tests = + { + new BlockCipherVectorTest(0, new CamelliaEngine(), + new KeyParameter(Hex.Decode("00000000000000000000000000000000")), + "80000000000000000000000000000000", "07923A39EB0A817D1C4D87BDB82D1F1C"), + new BlockCipherVectorTest(1, new CamelliaEngine(), + new KeyParameter(Hex.Decode("80000000000000000000000000000000")), + "00000000000000000000000000000000", "6C227F749319A3AA7DA235A9BBA05A2C"), + new BlockCipherVectorTest(2, new CamelliaEngine(), + new KeyParameter(Hex.Decode("0123456789abcdeffedcba9876543210")), + "0123456789abcdeffedcba9876543210", "67673138549669730857065648eabe43"), + // + // 192 bit + // + new BlockCipherVectorTest(3, new CamelliaEngine(), + new KeyParameter(Hex.Decode("0123456789abcdeffedcba98765432100011223344556677")), + "0123456789abcdeffedcba9876543210", "b4993401b3e996f84ee5cee7d79b09b9"), + new BlockCipherVectorTest(4, new CamelliaEngine(), + new KeyParameter(Hex.Decode("000000000000000000000000000000000000000000000000")), + "00040000000000000000000000000000", "9BCA6C88B928C1B0F57F99866583A9BC"), + new BlockCipherVectorTest(5, new CamelliaEngine(), + new KeyParameter(Hex.Decode("949494949494949494949494949494949494949494949494")), + "636EB22D84B006381235641BCF0308D2", "94949494949494949494949494949494"), + // + // 256 bit + // + new BlockCipherVectorTest(6, new CamelliaEngine(), + new KeyParameter(Hex.Decode("0123456789abcdeffedcba987654321000112233445566778899aabbccddeeff")), + "0123456789abcdeffedcba9876543210", "9acc237dff16d76c20ef7c919e3a7509"), + new BlockCipherVectorTest(7, new CamelliaEngine(), + new KeyParameter(Hex.Decode("4A4A4A4A4A4A4A4A4A4A4A4A4A4A4A4A4A4A4A4A4A4A4A4A4A4A4A4A4A4A4A4A")), + "057764FE3A500EDBD988C5C3B56CBA9A", "4A4A4A4A4A4A4A4A4A4A4A4A4A4A4A4A"), + new BlockCipherVectorTest(8, new CamelliaEngine(), + new KeyParameter(Hex.Decode("0303030303030303030303030303030303030303030303030303030303030303")), + "7968B08ABA92193F2295121EF8D75C8A", "03030303030303030303030303030303"), + }; + + public CamelliaTest() + : base(tests, new CamelliaEngine(), new KeyParameter(new byte[32])) + { + } + + public override string Name + { + get { return "Camellia"; } + } + + [Test] + public void TestFunction() + { + string resultText = Perform().ToString(); + + Assert.AreEqual(Name + ": Okay", resultText); + } + + public static void Main( + string[] args) + { + RunTest(new CamelliaTest()); + } + } +} diff --git a/BouncyCastle/crypto/test/src/crypto/test/Cast5Test.cs b/BouncyCastle/crypto/test/src/crypto/test/Cast5Test.cs new file mode 100644 index 0000000..ea2e0c5 --- /dev/null +++ b/BouncyCastle/crypto/test/src/crypto/test/Cast5Test.cs @@ -0,0 +1,49 @@ +using System; + +using NUnit.Framework; + +using Org.BouncyCastle.Crypto.Engines; +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Utilities.Encoders; +using Org.BouncyCastle.Utilities.Test; + +namespace Org.BouncyCastle.Crypto.Tests +{ + /// Cast tester - vectors from http://www.ietf.org/rfc/rfc2144.txt + [TestFixture] + public class Cast5Test + : CipherTest + { + public override string Name + { + get { return "Cast5"; } + } + + internal static SimpleTest[] testlist = new SimpleTest[]{ + new BlockCipherVectorTest(0, new Cast5Engine(), new KeyParameter(Hex.Decode("0123456712345678234567893456789A")), "0123456789ABCDEF", "238B4FE5847E44B2"), + new BlockCipherVectorTest(0, new Cast5Engine(), new KeyParameter(Hex.Decode("01234567123456782345")), "0123456789ABCDEF", "EB6A711A2C02271B"), + new BlockCipherVectorTest(0, new Cast5Engine(), new KeyParameter(Hex.Decode("0123456712")), "0123456789ABCDEF", "7Ac816d16E9B302E")}; + + public Cast5Test() + : base(testlist , new Cast5Engine(), new KeyParameter(new byte[16])) + { + } + + public static void Main( + string[] args) + { + ITest test = new Cast5Test(); + ITestResult result = test.Perform(); + + Console.WriteLine(result); + } + + [Test] + public void TestFunction() + { + string resultText = Perform().ToString(); + + Assert.AreEqual(Name + ": Okay", resultText); + } + } +} diff --git a/BouncyCastle/crypto/test/src/crypto/test/ChaCha20Poly1305Test.cs b/BouncyCastle/crypto/test/src/crypto/test/ChaCha20Poly1305Test.cs new file mode 100644 index 0000000..b0b3f46 --- /dev/null +++ b/BouncyCastle/crypto/test/src/crypto/test/ChaCha20Poly1305Test.cs @@ -0,0 +1,456 @@ +using System; + +using NUnit.Framework; + +using Org.BouncyCastle.Crypto.Engines; +using Org.BouncyCastle.Crypto.Macs; +using Org.BouncyCastle.Crypto.Modes; +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Security; +using Org.BouncyCastle.Utilities; +using Org.BouncyCastle.Utilities.Date; +using Org.BouncyCastle.Utilities.Encoders; +using Org.BouncyCastle.Utilities.Test; + +namespace Org.BouncyCastle.Crypto.Tests +{ + [TestFixture] + public class ChaCha20Poly1305Test + : SimpleTest + { + private static readonly string[][] TestVectors = new string[][] + { + new string[] + { + "Test Case 1", + "808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9f", + "4c616469657320616e642047656e746c" + + "656d656e206f662074686520636c6173" + + "73206f66202739393a20496620492063" + + "6f756c64206f6666657220796f75206f" + + "6e6c79206f6e652074697020666f7220" + + "746865206675747572652c2073756e73" + + "637265656e20776f756c642062652069" + + "742e", + "50515253c0c1c2c3c4c5c6c7", + "070000004041424344454647", + "d31a8d34648e60db7b86afbc53ef7ec2" + + "a4aded51296e08fea9e2b5a736ee62d6" + + "3dbea45e8ca9671282fafb69da92728b" + + "1a71de0a9e060b2905d6a5b67ecd3b36" + + "92ddbd7f2d778b8c9803aee328091b58" + + "fab324e4fad675945585808b4831d7bc" + + "3ff4def08e4b7a9de576d26586cec64b" + + "6116", + "1ae10b594f09e26a7e902ecbd0600691", + }, + }; + + public override string Name + { + get { return "ChaCha20Poly1305"; } + } + + public override void PerformTest() + { + for (int i = 0; i < TestVectors.Length; ++i) + { + RunTestCase(TestVectors[i]); + } + + OutputSizeTests(); + RandomTests(); + TestExceptions(); + } + + private void CheckTestCase( + ChaCha20Poly1305 encCipher, + ChaCha20Poly1305 decCipher, + string testName, + byte[] SA, + byte[] P, + byte[] C, + byte[] T) + { + byte[] enc = new byte[encCipher.GetOutputSize(P.Length)]; + if (SA != null) + { + encCipher.ProcessAadBytes(SA, 0, SA.Length); + } + int len = encCipher.ProcessBytes(P, 0, P.Length, enc, 0); + len += encCipher.DoFinal(enc, len); + + if (enc.Length != len) + { + Fail("encryption reported incorrect length: " + testName); + } + + byte[] mac = encCipher.GetMac(); + + byte[] data = new byte[P.Length]; + Array.Copy(enc, 0, data, 0, data.Length); + byte[] tail = new byte[enc.Length - P.Length]; + Array.Copy(enc, P.Length, tail, 0, tail.Length); + + if (!AreEqual(C, data)) + { + Fail("incorrect encrypt in: " + testName); + } + + if (!AreEqual(T, mac)) + { + Fail("getMac() returned wrong mac in: " + testName); + } + + if (!AreEqual(T, tail)) + { + Fail("stream contained wrong mac in: " + testName); + } + + byte[] dec = new byte[decCipher.GetOutputSize(enc.Length)]; + if (SA != null) + { + decCipher.ProcessAadBytes(SA, 0, SA.Length); + } + len = decCipher.ProcessBytes(enc, 0, enc.Length, dec, 0); + len += decCipher.DoFinal(dec, len); + mac = decCipher.GetMac(); + + data = new byte[C.Length]; + Array.Copy(dec, 0, data, 0, data.Length); + + if (!AreEqual(P, data)) + { + Fail("incorrect decrypt in: " + testName); + } + } + + private ChaCha20Poly1305 InitCipher(bool forEncryption, AeadParameters parameters) + { + ChaCha20Poly1305 c = new ChaCha20Poly1305(); + c.Init(forEncryption, parameters); + return c; + } + + private static int NextInt(SecureRandom rand, int n) + { + if ((n & -n) == n) // i.e., n is a power of 2 + { + return (int)(((uint)n * (ulong)((uint)rand.NextInt() >> 1)) >> 31); + } + + int bits, value; + do + { + bits = (int)((uint)rand.NextInt() >> 1); + value = bits % n; + } + while (bits - value + (n - 1) < 0); + + return value; + } + + private void OutputSizeTests() + { + byte[] K = new byte[32]; + byte[] A = null; + byte[] N = new byte[12]; + + AeadParameters parameters = new AeadParameters(new KeyParameter(K), 16 * 8, N, A); + ChaCha20Poly1305 cipher = InitCipher(true, parameters); + + if (cipher.GetUpdateOutputSize(0) != 0) + { + Fail("incorrect getUpdateOutputSize for initial 0 bytes encryption"); + } + + if (cipher.GetOutputSize(0) != 16) + { + Fail("incorrect getOutputSize for initial 0 bytes encryption"); + } + + cipher.Init(false, parameters); + + if (cipher.GetUpdateOutputSize(0) != 0) + { + Fail("incorrect getUpdateOutputSize for initial 0 bytes decryption"); + } + + // NOTE: 0 bytes would be truncated data, but we want it to fail in the doFinal, not here + if (cipher.GetOutputSize(0) != 0) + { + Fail("fragile getOutputSize for initial 0 bytes decryption"); + } + + if (cipher.GetOutputSize(16) != 0) + { + Fail("incorrect getOutputSize for initial MAC-size bytes decryption"); + } + } + + private void RandomTests() + { + SecureRandom random = new SecureRandom(); + random.SetSeed(DateTimeUtilities.CurrentUnixMs()); + + for (int i = 0; i < 100; ++i) + { + RandomTest(random); + } + } + + private void RandomTest(SecureRandom random) + { + int kLength = 32; + byte[] K = new byte[kLength]; + random.NextBytes(K); + + int pHead = random.Next(256); + int pLength = random.Next(65536); + int pTail = random.Next(256); + byte[] P = new byte[pHead + pLength + pTail]; + random.NextBytes(P); + + int aLength = random.Next(256); + byte[] A = new byte[aLength]; + random.NextBytes(A); + + int saLength = random.Next(256); + byte[] SA = new byte[saLength]; + random.NextBytes(SA); + + int nonceLength = 12; + byte[] nonce = new byte[nonceLength]; + random.NextBytes(nonce); + + AeadParameters parameters = new AeadParameters(new KeyParameter(K), 16 * 8, nonce, A); + ChaCha20Poly1305 cipher = InitCipher(true, parameters); + + int ctLength = cipher.GetOutputSize(pLength); + byte[] C = new byte[saLength + ctLength]; + Array.Copy(SA, 0, C, 0, saLength); + + int split = NextInt(random, saLength + 1); + cipher.ProcessAadBytes(C, 0, split); + cipher.ProcessAadBytes(C, split, saLength - split); + + int predicted = cipher.GetUpdateOutputSize(pLength); + int len = cipher.ProcessBytes(P, pHead, pLength, C, saLength); + if (predicted != len) + { + Fail("encryption reported incorrect update length in randomised test"); + } + + len += cipher.DoFinal(C, saLength + len); + if (ctLength != len) + { + Fail("encryption reported incorrect length in randomised test"); + } + + byte[] encT = cipher.GetMac(); + byte[] tail = new byte[ctLength - pLength]; + Array.Copy(C, saLength + pLength, tail, 0, tail.Length); + + if (!AreEqual(encT, tail)) + { + Fail("stream contained wrong mac in randomised test"); + } + + cipher.Init(false, parameters); + + int decPHead = random.Next(256); + int decPLength = cipher.GetOutputSize(ctLength); + int decPTail = random.Next(256); + byte[] decP = new byte[decPHead + decPLength + decPTail]; + + split = NextInt(random, saLength + 1); + cipher.ProcessAadBytes(C, 0, split); + cipher.ProcessAadBytes(C, split, saLength - split); + + predicted = cipher.GetUpdateOutputSize(ctLength); + len = cipher.ProcessBytes(C, saLength, ctLength, decP, decPHead); + if (predicted != len) + { + Fail("decryption reported incorrect update length in randomised test"); + } + + len += cipher.DoFinal(decP, decPHead + len); + + if (!AreEqual(P, pHead, pHead + pLength, decP, decPHead, decPHead + decPLength)) + { + Fail("incorrect decrypt in randomised test"); + } + + byte[] decT = cipher.GetMac(); + if (!AreEqual(encT, decT)) + { + Fail("decryption produced different mac from encryption"); + } + + // + // key reuse test + // + cipher.Init(false, AeadTestUtilities.ReuseKey(parameters)); + + decPHead = random.Next(256); + decPLength = cipher.GetOutputSize(ctLength); + decPTail = random.Next(256); + decP = new byte[decPHead + decPLength + decPTail]; + + split = NextInt(random, saLength + 1); + cipher.ProcessAadBytes(C, 0, split); + cipher.ProcessAadBytes(C, split, saLength - split); + + len = cipher.ProcessBytes(C, saLength, ctLength, decP, decPHead); + len += cipher.DoFinal(decP, decPHead + len); + + if (!AreEqual(P, pHead, pHead + pLength, decP, decPHead, decPHead + decPLength)) + { + Fail("incorrect decrypt in randomised test"); + } + + decT = cipher.GetMac(); + if (!AreEqual(encT, decT)) + { + Fail("decryption produced different mac from encryption"); + } + } + + private void RunTestCase(string[] testVector) + { + int pos = 0; + string testName = testVector[pos++]; + byte[] K = Hex.DecodeStrict(testVector[pos++]); + byte[] P = Hex.DecodeStrict(testVector[pos++]); + byte[] A = Hex.DecodeStrict(testVector[pos++]); + byte[] N = Hex.DecodeStrict(testVector[pos++]); + byte[] C = Hex.DecodeStrict(testVector[pos++]); + byte[] T = Hex.DecodeStrict(testVector[pos++]); + + RunTestCase(testName, K, N, A, P, C, T); + } + + private void RunTestCase( + string testName, + byte[] K, + byte[] N, + byte[] A, + byte[] P, + byte[] C, + byte[] T) + { + byte[] fa = new byte[A.Length / 2]; + byte[] la = new byte[A.Length - (A.Length / 2)]; + Array.Copy(A, 0, fa, 0, fa.Length); + Array.Copy(A, fa.Length, la, 0, la.Length); + + RunTestCase(testName + " all initial associated data", K, N, A, null, P, C, T); + RunTestCase(testName + " all subsequent associated data", K, N, null, A, P, C, T); + RunTestCase(testName + " split associated data", K, N, fa, la, P, C, T); + } + + private void RunTestCase( + string testName, + byte[] K, + byte[] N, + byte[] A, + byte[] SA, + byte[] P, + byte[] C, + byte[] T) + { + AeadParameters parameters = new AeadParameters(new KeyParameter(K), T.Length * 8, N, A); + ChaCha20Poly1305 encCipher = InitCipher(true, parameters); + ChaCha20Poly1305 decCipher = InitCipher(false, parameters); + CheckTestCase(encCipher, decCipher, testName, SA, P, C, T); + encCipher = InitCipher(true, parameters); + CheckTestCase(encCipher, decCipher, testName + " (reused)", SA, P, C, T); + + // Key reuse + AeadParameters keyReuseParams = AeadTestUtilities.ReuseKey(parameters); + + try + { + encCipher.Init(true, keyReuseParams); + Fail("no exception"); + } + catch (ArgumentException e) + { + IsTrue("wrong message", "cannot reuse nonce for ChaCha20Poly1305 encryption".Equals(e.Message)); + } + } + + private void TestExceptions() + { + ChaCha20Poly1305 c = new ChaCha20Poly1305(); + + try + { + c = new ChaCha20Poly1305(new SipHash()); + + Fail("incorrect mac size not picked up"); + } + catch (ArgumentException) + { + // expected + } + + try + { + c.Init(false, new KeyParameter(new byte[32])); + + Fail("illegal argument not picked up"); + } + catch (ArgumentException) + { + // expected + } + + AeadTestUtilities.TestTampering(this, c, new AeadParameters(new KeyParameter(new byte[32]), 128, new byte[12])); + + byte[] P = Strings.ToByteArray("Hello world!"); + byte[] buf = new byte[100]; + + c = new ChaCha20Poly1305(); + AeadParameters aeadParameters = new AeadParameters(new KeyParameter(new byte[32]), 128, new byte[12]); + c.Init(true, aeadParameters); + + c.ProcessBytes(P, 0, P.Length, buf, 0); + + c.DoFinal(buf, 0); + + try + { + c.DoFinal(buf, 0); + Fail("no exception on reuse"); + } + catch (InvalidOperationException e) + { + IsTrue("wrong message", e.Message.Equals("ChaCha20Poly1305 cannot be reused for encryption")); + } + + try + { + c.Init(true, aeadParameters); + Fail("no exception on reuse"); + } + catch (ArgumentException e) + { + IsTrue("wrong message", e.Message.Equals("cannot reuse nonce for ChaCha20Poly1305 encryption")); + } + } + + public static void Main(string[] args) + { + RunTest(new ChaCha20Poly1305Test()); + } + + [Test] + public void TestFunction() + { + string resultText = Perform().ToString(); + + Assert.AreEqual(Name + ": Okay", resultText); + } + } +} diff --git a/BouncyCastle/crypto/test/src/crypto/test/ChaChaTest.cs b/BouncyCastle/crypto/test/src/crypto/test/ChaChaTest.cs new file mode 100644 index 0000000..0b394c9 --- /dev/null +++ b/BouncyCastle/crypto/test/src/crypto/test/ChaChaTest.cs @@ -0,0 +1,319 @@ +using System; + +using NUnit.Framework; + +using Org.BouncyCastle.Crypto.Engines; +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Utilities.Encoders; +using Org.BouncyCastle.Utilities.Test; + +namespace Org.BouncyCastle.Crypto.Tests +{ + /** + * ChaCha Test + *

    + * Test cases generated using ref version of ChaCha20 in estreambench-20080905. + *

    + */ + [TestFixture] + public class ChaChaTest + : SimpleTest + { + private static readonly byte[] zeroes = Hex.Decode( + "00000000000000000000000000000000" + + "00000000000000000000000000000000" + + "00000000000000000000000000000000" + + "00000000000000000000000000000000"); + + private static readonly string set1v0_0 = + "FBB87FBB8395E05DAA3B1D683C422046" + + "F913985C2AD9B23CFC06C1D8D04FF213" + + "D44A7A7CDB84929F915420A8A3DC58BF" + + "0F7ECB4B1F167BB1A5E6153FDAF4493D"; + + private static readonly string set1v0_192 = + "D9485D55B8B82D792ED1EEA8E93E9BC1" + + "E2834AD0D9B11F3477F6E106A2F6A5F2" + + "EA8244D5B925B8050EAB038F58D4DF57" + + "7FAFD1B89359DAE508B2B10CBD6B488E"; + + private static readonly string set1v0_256 = + "08661A35D6F02D3D9ACA8087F421F7C8" + + "A42579047D6955D937925BA21396DDD4" + + "74B1FC4ACCDCAA33025B4BCE817A4FBF" + + "3E5D07D151D7E6FE04934ED466BA4779"; + + private static readonly string set1v0_448 = + "A7E16DD38BA48CCB130E5BE9740CE359" + + "D631E91600F85C8A5D0785A612D1D987" + + "90780ACDDC26B69AB106CCF6D866411D" + + "10637483DBF08CC5591FD8B3C87A3AE0"; + + private static readonly string set1v9_0 = + "A276339F99316A913885A0A4BE870F06" + + "91E72B00F1B3F2239F714FE81E88E00C" + + "BBE52B4EBBE1EA15894E29658C4CB145" + + "E6F89EE4ABB045A78514482CE75AFB7C"; + + private static readonly string set1v9_192 = + "0DFB9BD4F87F68DE54FBC1C6428FDEB0" + + "63E997BE8490C9B7A4694025D6EBA2B1" + + "5FE429DB82A7CAE6AAB22918E8D00449" + + "6FB6291467B5AE81D4E85E81D8795EBB"; + + private static readonly string set1v9_256 = + "546F5BB315E7F71A46E56D4580F90889" + + "639A2BA528F757CF3B048738BA141AF3" + + "B31607CB21561BAD94721048930364F4" + + "B1227CFEB7CDECBA881FB44903550E68"; + + private static readonly string set1v9_448 = + "6F813586E76691305A0CF048C0D8586D" + + "C89460207D8B230CD172398AA33D19E9" + + "2D24883C3A9B0BB7CD8C6B2668DB142E" + + "37A97948A7A01498A21110297984CD20"; + + private static readonly string set6v0_0 = + "57459975BC46799394788DE80B928387" + + "862985A269B9E8E77801DE9D874B3F51" + + "AC4610B9F9BEE8CF8CACD8B5AD0BF17D" + + "3DDF23FD7424887EB3F81405BD498CC3"; + + private static readonly string set6v0_65472 = + "EF9AEC58ACE7DB427DF012B2B91A0C1E" + + "8E4759DCE9CDB00A2BD59207357BA06C" + + "E02D327C7719E83D6348A6104B081DB0" + + "3908E5186986AE41E3AE95298BB7B713"; + + private static readonly string set6v0_65536 = + "17EF5FF454D85ABBBA280F3A94F1D26E" + + "950C7D5B05C4BB3A78326E0DC5731F83" + + "84205C32DB867D1B476CE121A0D7074B" + + "AA7EE90525D15300F48EC0A6624BD0AF"; + + private static readonly string set6v1_0 = + "92A2508E2C4084567195F2A1005E552B" + + "4874EC0504A9CD5E4DAF739AB553D2E7" + + "83D79C5BA11E0653BEBB5C116651302E" + + "8D381CB728CA627B0B246E83942A2B99"; + + private static readonly string set6v1_65472 = + "E1974EC3063F7BD0CBA58B1CE34BC874" + + "67AAF5759B05EA46682A5D4306E5A76B" + + "D99A448DB8DE73AF97A73F5FBAE2C776" + + "35040464524CF14D7F08D4CE1220FD84"; + + private static readonly string set6v1_65536 = + "BE3436141CFD62D12FF7D852F80C1344" + + "81F152AD0235ECF8CA172C55CA8C031B" + + "2E785D773A988CA8D4BDA6FAE0E493AA" + + "71DCCC4C894D1F106CAC62A9FC0A9607"; + + // ChaCha12 + private static readonly string chacha12_set1v0_0 = + "36CF0D56E9F7FBF287BC5460D95FBA94" + + "AA6CBF17D74E7C784DDCF7E0E882DDAE" + + "3B5A58243EF32B79A04575A8E2C2B73D" + + "C64A52AA15B9F88305A8F0CA0B5A1A25"; + + private static readonly string chacha12_set1v0_192 = + "83496792AB68FEC75ADB16D3044420A4" + + "A00A6E9ADC41C3A63DBBF317A8258C85" + + "A9BC08B4F76B413A4837324AEDF8BC2A" + + "67D53C9AB9E1C5BC5F379D48DF9AF730"; + + private static readonly string chacha12_set1v0_256 = + "BAA28ED593690FD760ADA07C95E3B888" + + "4B4B64E488CA7A2D9BDC262243AB9251" + + "394C5037E255F8BCCDCD31306C508FFB" + + "C9E0161380F7911FCB137D46D9269250"; + + private static readonly string chacha12_set1v0_448 = + "B7ECFB6AE0B51915762FE1FD03A14D0C" + + "9E54DA5DC76EB16EBA5313BC535DE63D" + + "C72D7F9F1874E301E99C8531819F4E37" + + "75793F6A5D19C717FA5C78A39EB804A6"; + + // ChaCha8 + private static readonly string chacha8_set1v0_0 = + "BEB1E81E0F747E43EE51922B3E87FB38" + + "D0163907B4ED49336032AB78B67C2457" + + "9FE28F751BD3703E51D876C017FAA435" + + "89E63593E03355A7D57B2366F30047C5"; + + private static readonly string chacha8_set1v0_192 = + "33B8B7CA8F8E89F0095ACE75A379C651" + + "FD6BDD55703C90672E44C6BAB6AACDD8" + + "7C976A87FD264B906E749429284134C2" + + "38E3B88CF74A68245B860D119A8BDF43"; + + private static readonly string chacha8_set1v0_256 = + "F7CA95BF08688BD3BE8A27724210F9DC" + + "16F32AF974FBFB09E9F757C577A245AB" + + "F35F824B70A4C02CB4A8D7191FA8A5AD" + + "6A84568743844703D353B7F00A8601F4"; + + private static readonly string chacha8_set1v0_448 = + "7B4117E8BFFD595CD8482270B08920FB" + + "C9B97794E1809E07BB271BF07C861003" + + "4C38DBA6ECA04E5474F399A284CBF6E2" + + "7F70142E604D0977797DE5B58B6B25E0"; + + public override string Name + { + get { return "ChaCha"; } + } + + public override void PerformTest() + { + chachaTest1(20, new ParametersWithIV(new KeyParameter(Hex.Decode("80000000000000000000000000000000")), Hex.Decode("0000000000000000")), + set1v0_0, set1v0_192, set1v0_256, set1v0_448); + chachaTest1(20, new ParametersWithIV(new KeyParameter(Hex.Decode("00400000000000000000000000000000")), Hex.Decode("0000000000000000")), + set1v9_0, set1v9_192, set1v9_256, set1v9_448); + chachaTest1(12, new ParametersWithIV(new KeyParameter(Hex.Decode("80000000000000000000000000000000")), Hex.Decode("0000000000000000")), + chacha12_set1v0_0, chacha12_set1v0_192, chacha12_set1v0_256, chacha12_set1v0_448); + chachaTest1(8, new ParametersWithIV(new KeyParameter(Hex.Decode("80000000000000000000000000000000")), Hex.Decode("0000000000000000")), + chacha8_set1v0_0, chacha8_set1v0_192, chacha8_set1v0_256, chacha8_set1v0_448); + chachaTest2(new ParametersWithIV(new KeyParameter(Hex.Decode("0053A6F94C9FF24598EB3E91E4378ADD3083D6297CCF2275C81B6EC11467BA0D")), Hex.Decode("0D74DB42A91077DE")), + set6v0_0, set6v0_65472, set6v0_65536); + chachaTest2(new ParametersWithIV(new KeyParameter(Hex.Decode("0558ABFE51A4F74A9DF04396E93C8FE23588DB2E81D4277ACD2073C6196CBF12")), Hex.Decode("167DE44BB21980E7")), + set6v1_0, set6v1_65472, set6v1_65536); + reinitBug(); + } + + private void chachaTest1( + int rounds, + ICipherParameters parameters, + string v0, + string v192, + string v256, + string v448) + { + IStreamCipher salsa = new ChaChaEngine(rounds); + byte[] buf = new byte[64]; + + salsa.Init(true, parameters); + + for (int i = 0; i != 7; i++) + { + salsa.ProcessBytes(zeroes, 0, 64, buf, 0); + switch (i) + { + case 0: + if (!AreEqual(buf, Hex.Decode(v0))) + { + mismatch("v0/" + rounds, v0, buf); + } + break; + case 3: + if (!AreEqual(buf, Hex.Decode(v192))) + { + mismatch("v192/" + rounds, v192, buf); + } + break; + case 4: + if (!AreEqual(buf, Hex.Decode(v256))) + { + mismatch("v256/" + rounds, v256, buf); + } + break; + default: + // ignore + break; + } + } + + for (int i = 0; i != 64; i++) + { + buf[i] = salsa.ReturnByte(zeroes[i]); + } + + if (!AreEqual(buf, Hex.Decode(v448))) + { + mismatch("v448", v448, buf); + } + } + + private void chachaTest2( + ICipherParameters parameters, + string v0, + string v65472, + string v65536) + { + IStreamCipher salsa = new ChaChaEngine(); + byte[] buf = new byte[64]; + + salsa.Init(true, parameters); + + for (int i = 0; i != 1025; i++) + { + salsa.ProcessBytes(zeroes, 0, 64, buf, 0); + switch (i) + { + case 0: + if (!AreEqual(buf, Hex.Decode(v0))) + { + mismatch("v0", v0, buf); + } + break; + case 1023: + if (!AreEqual(buf, Hex.Decode(v65472))) + { + mismatch("v65472", v65472, buf); + } + break; + case 1024: + if (!AreEqual(buf, Hex.Decode(v65536))) + { + mismatch("v65536", v65536, buf); + } + break; + default: + // ignore + break; + } + } + } + + private void mismatch( + string name, + string expected, + byte[] found) + { + Fail("mismatch on " + name, expected, Hex.ToHexString(found)); + } + + private void reinitBug() + { + KeyParameter key = new KeyParameter(Hex.Decode("80000000000000000000000000000000")); + ParametersWithIV parameters = new ParametersWithIV(key, Hex.Decode("0000000000000000")); + + IStreamCipher chacha = new ChaChaEngine(); + + chacha.Init(true, parameters); + + try + { + chacha.Init(true, key); + Fail("ChaCha should throw exception if no IV in Init"); + } + catch (ArgumentException) + { + } + } + + public static void Main( + string[] args) + { + RunTest(new ChaChaTest()); + } + + [Test] + public void TestFunction() + { + string resultText = Perform().ToString(); + + Assert.AreEqual(Name + ": Okay", resultText); + } + } +} diff --git a/BouncyCastle/crypto/test/src/crypto/test/CipherTest.cs b/BouncyCastle/crypto/test/src/crypto/test/CipherTest.cs new file mode 100644 index 0000000..d9c085d --- /dev/null +++ b/BouncyCastle/crypto/test/src/crypto/test/CipherTest.cs @@ -0,0 +1,117 @@ +using System; +using System.Text; + +using Org.BouncyCastle.Crypto; +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Utilities.Test; + +namespace Org.BouncyCastle.Crypto.Tests +{ + public abstract class CipherTest + : SimpleTest + { + private SimpleTest[] _tests; + private IBlockCipher _engine; + private KeyParameter _validKey; + +// protected CipherTest( +// SimpleTest[] tests) +// { +// _tests = tests; +// } + + protected CipherTest( + SimpleTest[] tests, + IBlockCipher engine, + KeyParameter validKey) + { + _tests = tests; + _engine = engine; + _validKey = validKey; + } + + public override void PerformTest() + { + for (int i = 0; i != _tests.Length; i++) + { + _tests[i].PerformTest(); + } + + if (_engine != null) + { + // + // state tests + // + byte[] buf = new byte[_engine.GetBlockSize()]; + + try + { + _engine.ProcessBlock(buf, 0, buf, 0); + + Fail("failed initialisation check"); + } + catch (InvalidOperationException) + { + // expected + } + + bufferSizeCheck((_engine)); + } + } + + private void bufferSizeCheck( + IBlockCipher engine) + { + byte[] correctBuf = new byte[engine.GetBlockSize()]; + byte[] shortBuf = new byte[correctBuf.Length / 2]; + + engine.Init(true, _validKey); + + try + { + engine.ProcessBlock(shortBuf, 0, correctBuf, 0); + + Fail("failed short input check"); + } + catch (DataLengthException) + { + // expected + } + + try + { + engine.ProcessBlock(correctBuf, 0, shortBuf, 0); + + Fail("failed short output check"); + } + catch (DataLengthException) + { + // expected + } + + engine.Init(false, _validKey); + + try + { + engine.ProcessBlock(shortBuf, 0, correctBuf, 0); + + Fail("failed short input check"); + } + catch (DataLengthException) + { + // expected + } + + try + { + engine.ProcessBlock(correctBuf, 0, shortBuf, 0); + + Fail("failed short output check"); + } + catch (DataLengthException) + { + // expected + } + } + } +} diff --git a/BouncyCastle/crypto/test/src/crypto/test/DESTest.cs b/BouncyCastle/crypto/test/src/crypto/test/DESTest.cs new file mode 100644 index 0000000..cf1022e --- /dev/null +++ b/BouncyCastle/crypto/test/src/crypto/test/DESTest.cs @@ -0,0 +1,214 @@ +using System; + +using Org.BouncyCastle.Security; +using Org.BouncyCastle.Crypto.Engines; +using Org.BouncyCastle.Crypto.Generators; +using Org.BouncyCastle.Crypto.Modes; +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Utilities.Encoders; +using Org.BouncyCastle.Utilities.Test; + +using NUnit.Framework; + +namespace Org.BouncyCastle.Crypto.Tests +{ + internal class DesParityTest + : SimpleTest + { + public override string Name + { + get { return "DESParityTest"; } + } + + public override void PerformTest() + { + byte[] k1In = { (byte)0xff, (byte)0xff, (byte)0xff, (byte)0xff, + (byte)0xff, (byte)0xff, (byte)0xff, (byte)0xff }; + byte[] k1Out = { (byte)0xfe, (byte)0xfe, (byte)0xfe, (byte)0xfe, + (byte)0xfe, (byte)0xfe, (byte)0xfe, (byte)0xfe }; + + byte[] k2In = { (byte)0xef, (byte)0xcb, (byte)0xda, (byte)0x4f, + (byte)0xaa, (byte)0x99, (byte)0x7f, (byte)0x63 }; + byte[] k2Out = { (byte)0xef, (byte)0xcb, (byte)0xda, (byte)0x4f, + (byte)0xab, (byte)0x98, (byte)0x7f, (byte)0x62 }; + + DesParameters.SetOddParity(k1In); + + for (int i = 0; i != k1In.Length; i++) + { + if (k1In[i] != k1Out[i]) + { + Fail("Failed " + + "got " + Hex.ToHexString(k1In) + + " expected " + Hex.ToHexString(k1Out)); + } + } + + DesParameters.SetOddParity(k2In); + + for (int i = 0; i != k2In.Length; i++) + { + if (k2In[i] != k2Out[i]) + { + Fail("Failed " + + "got " + Hex.ToHexString(k2In) + + " expected " + Hex.ToHexString(k2Out)); + } + } + } + } + + internal class KeyGenTest + : SimpleTest + { + public override string Name + { + get { return "KeyGenTest"; } + } + + public override void PerformTest() + { + DesKeyGenerator keyGen = new DesKeyGenerator(); + + keyGen.Init(new KeyGenerationParameters(new SecureRandom(), 56)); + + byte[] kB = keyGen.GenerateKey(); + + if (kB.Length != 8) + { + Fail("DES bit key wrong length."); + } + } + } + + internal class DesParametersTest + : SimpleTest + { + private static readonly byte[] weakKeys = + { + (byte)0x01,(byte)0x01,(byte)0x01,(byte)0x01, (byte)0x01,(byte)0x01,(byte)0x01,(byte)0x01, + (byte)0x1f,(byte)0x1f,(byte)0x1f,(byte)0x1f, (byte)0x0e,(byte)0x0e,(byte)0x0e,(byte)0x0e, + (byte)0xe0,(byte)0xe0,(byte)0xe0,(byte)0xe0, (byte)0xf1,(byte)0xf1,(byte)0xf1,(byte)0xf1, + (byte)0xfe,(byte)0xfe,(byte)0xfe,(byte)0xfe, (byte)0xfe,(byte)0xfe,(byte)0xfe,(byte)0xfe, + /* semi-weak keys */ + (byte)0x01,(byte)0xfe,(byte)0x01,(byte)0xfe, (byte)0x01,(byte)0xfe,(byte)0x01,(byte)0xfe, + (byte)0x1f,(byte)0xe0,(byte)0x1f,(byte)0xe0, (byte)0x0e,(byte)0xf1,(byte)0x0e,(byte)0xf1, + (byte)0x01,(byte)0xe0,(byte)0x01,(byte)0xe0, (byte)0x01,(byte)0xf1,(byte)0x01,(byte)0xf1, + (byte)0x1f,(byte)0xfe,(byte)0x1f,(byte)0xfe, (byte)0x0e,(byte)0xfe,(byte)0x0e,(byte)0xfe, + (byte)0x01,(byte)0x1f,(byte)0x01,(byte)0x1f, (byte)0x01,(byte)0x0e,(byte)0x01,(byte)0x0e, + (byte)0xe0,(byte)0xfe,(byte)0xe0,(byte)0xfe, (byte)0xf1,(byte)0xfe,(byte)0xf1,(byte)0xfe, + (byte)0xfe,(byte)0x01,(byte)0xfe,(byte)0x01, (byte)0xfe,(byte)0x01,(byte)0xfe,(byte)0x01, + (byte)0xe0,(byte)0x1f,(byte)0xe0,(byte)0x1f, (byte)0xf1,(byte)0x0e,(byte)0xf1,(byte)0x0e, + (byte)0xe0,(byte)0x01,(byte)0xe0,(byte)0x01, (byte)0xf1,(byte)0x01,(byte)0xf1,(byte)0x01, + (byte)0xfe,(byte)0x1f,(byte)0xfe,(byte)0x1f, (byte)0xfe,(byte)0x0e,(byte)0xfe,(byte)0x0e, + (byte)0x1f,(byte)0x01,(byte)0x1f,(byte)0x01, (byte)0x0e,(byte)0x01,(byte)0x0e,(byte)0x01, + (byte)0xfe,(byte)0xe0,(byte)0xfe,(byte)0xe0, (byte)0xfe,(byte)0xf1,(byte)0xfe,(byte)0xf1 + }; + + public override string Name + { + get { return "DesParameters"; } + } + + public override void PerformTest() + { + try + { + DesParameters.IsWeakKey(new byte[4], 0); + Fail("no exception on small key"); + } + catch (ArgumentException e) + { + if (!e.Message.Equals("key material too short.")) + { + Fail("wrong exception"); + } + } + + try + { + new DesParameters(weakKeys); + Fail("no exception on weak key"); + } + catch (ArgumentException e) + { + if (!e.Message.Equals("attempt to create weak DES key")) + { + Fail("wrong exception"); + } + } + + for (int i = 0; i != weakKeys.Length; i += 8) + { + if (!DesParameters.IsWeakKey(weakKeys, i)) + { + Fail("weakKey test failed"); + } + } + } + } + + /** + * DES tester - vectors from FIPS 81 + */ + [TestFixture] + public class DesTest + : CipherTest + { + static string input1 = "4e6f77206973207468652074696d6520666f7220616c6c20"; + static string input2 = "4e6f7720697320746865"; + static string input3 = "4e6f7720697320746865aabbcc"; + + static SimpleTest[] tests = + { + new BlockCipherVectorTest(0, new DesEngine(), + new DesParameters(Hex.Decode("0123456789abcdef")), + input1, "3fa40e8a984d48156a271787ab8883f9893d51ec4b563b53"), + new BlockCipherVectorTest(1, new CbcBlockCipher(new DesEngine()), + new ParametersWithIV(new DesParameters(Hex.Decode("0123456789abcdef")), Hex.Decode("1234567890abcdef")), + input1, "e5c7cdde872bf27c43e934008c389c0f683788499a7c05f6"), + new BlockCipherVectorTest(2, new CfbBlockCipher(new DesEngine(), 8), + new ParametersWithIV(new DesParameters(Hex.Decode("0123456789abcdef")), Hex.Decode("1234567890abcdef")), + input2, "f31fda07011462ee187f"), + new BlockCipherVectorTest(3, new CfbBlockCipher(new DesEngine(), 64), + new ParametersWithIV(new DesParameters(Hex.Decode("0123456789abcdef")), Hex.Decode("1234567890abcdef")), + input1, "f3096249c7f46e51a69e839b1a92f78403467133898ea622"), + new BlockCipherVectorTest(4, new OfbBlockCipher(new DesEngine(), 8), + new ParametersWithIV(new DesParameters(Hex.Decode("0123456789abcdef")), Hex.Decode("1234567890abcdef")), + input2, "f34a2850c9c64985d684"), + new BlockCipherVectorTest(5, new CfbBlockCipher(new DesEngine(), 64), + new ParametersWithIV(new DesParameters(Hex.Decode("0123456789abcdef")), Hex.Decode("1234567890abcdef")), + input3, "f3096249c7f46e51a69e0954bf"), + new BlockCipherVectorTest(6, new OfbBlockCipher(new DesEngine(), 64), + new ParametersWithIV(new DesParameters(Hex.Decode("0123456789abcdef")), Hex.Decode("1234567890abcdef")), + input3, "f3096249c7f46e5135f2c0eb8b"), + new DesParityTest(), + new DesParametersTest(), + new KeyGenTest() + }; + + public DesTest() + : base(tests, new DesEngine(), new DesParameters(new byte[8])) + { + } + + public override string Name + { + get { return "DES"; } + } + + public static void Main( + string[] args) + { + RunTest(new DesTest()); + } + + [Test] + public void TestFunction() + { + string resultText = Perform().ToString(); + + Assert.AreEqual(Name + ": Okay", resultText); + } + } +} diff --git a/BouncyCastle/crypto/test/src/crypto/test/DESedeTest.cs b/BouncyCastle/crypto/test/src/crypto/test/DESedeTest.cs new file mode 100644 index 0000000..aa61844 --- /dev/null +++ b/BouncyCastle/crypto/test/src/crypto/test/DESedeTest.cs @@ -0,0 +1,187 @@ +using System; + +using NUnit.Framework; + +using Org.BouncyCastle.Crypto; +using Org.BouncyCastle.Crypto.Engines; +using Org.BouncyCastle.Crypto.Generators; +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Security; +using Org.BouncyCastle.Utilities.Encoders; +using Org.BouncyCastle.Utilities.Test; + +namespace Org.BouncyCastle.Crypto.Tests +{ +/** + * DESede tester + */ + [TestFixture] + public class DesEdeTest + :CipherTest + { + private static readonly byte[] weakKey = // first 8 bytes non-weak + { + (byte)0x06,(byte)0x01,(byte)0x01,(byte)0x01, (byte)0x01,(byte)0x01,(byte)0x01,(byte)0x01, + (byte)0x1f,(byte)0x1f,(byte)0x1f,(byte)0x1f, (byte)0x0e,(byte)0x0e,(byte)0x0e,(byte)0x0e, + (byte)0xe0,(byte)0xe0,(byte)0xe0,(byte)0xe0, (byte)0xf1,(byte)0xf1,(byte)0xf1,(byte)0xf1, + }; + + private const string input1 = "4e6f77206973207468652074696d6520666f7220616c6c20"; +// private const string input2 = "4e6f7720697320746865"; + + private static SimpleTest[] tests = + { + new BlockCipherVectorTest(0, new DesEdeEngine(), + new DesEdeParameters(Hex.Decode("0123456789abcdef0123456789abcdef")), + input1, "3fa40e8a984d48156a271787ab8883f9893d51ec4b563b53"), + new BlockCipherVectorTest(1, new DesEdeEngine(), + new DesEdeParameters(Hex.Decode("0123456789abcdeffedcba9876543210")), + input1, "d80a0d8b2bae5e4e6a0094171abcfc2775d2235a706e232c"), + new BlockCipherVectorTest(2, new DesEdeEngine(), + new DesEdeParameters(Hex.Decode("0123456789abcdef0123456789abcdef0123456789abcdef")), + input1, "3fa40e8a984d48156a271787ab8883f9893d51ec4b563b53"), + new BlockCipherVectorTest(3, new DesEdeEngine(), + new DesEdeParameters(Hex.Decode("0123456789abcdeffedcba98765432100123456789abcdef")), + input1, "d80a0d8b2bae5e4e6a0094171abcfc2775d2235a706e232c") + }; + + public DesEdeTest() + : base(tests, new DesEdeEngine(), new DesEdeParameters(new byte[16])) + { + } + + private void WrapTest( + int id, + byte[] kek, + byte[] iv, + byte[] input, + byte[] output) + { + IWrapper wrapper = new DesEdeWrapEngine(); + + wrapper.Init(true, new ParametersWithIV(new DesEdeParameters(kek), iv)); + + try + { + byte[] cText = wrapper.Wrap(input, 0, input.Length); + if (!AreEqual(cText, output)) + { + Fail(": failed wrap test " + id + " expected " + Hex.ToHexString(output) + + " got " + Hex.ToHexString(cText)); + } + } + catch (Exception e) + { + Fail("failed wrap test exception: " + e.ToString(), e); + } + + wrapper.Init(false, new DesEdeParameters(kek)); + + try + { + byte[] pText = wrapper.Unwrap(output, 0, output.Length); + if (!AreEqual(pText, input)) + { + Fail("failed unwrap test " + id + " expected " + Hex.ToHexString(input) + + " got " + Hex.ToHexString(pText)); + } + } + catch (Exception e) + { + Fail("failed unwrap test exception: " + e.ToString(), e); + } + } + + public override void PerformTest() + { + base.PerformTest(); + + byte[] kek1 = Hex.Decode("255e0d1c07b646dfb3134cc843ba8aa71f025b7c0838251f"); + byte[] iv1 = Hex.Decode("5dd4cbfc96f5453b"); + byte[] in1 = Hex.Decode("2923bf85e06dd6ae529149f1f1bae9eab3a7da3d860d3e98"); + byte[] out1 = Hex.Decode("690107618ef092b3b48ca1796b234ae9fa33ebb4159604037db5d6a84eb3aac2768c632775a467d4"); + + WrapTest(1, kek1, iv1, in1, out1); + + // + // key generation + // + SecureRandom random = new SecureRandom(); + DesEdeKeyGenerator keyGen = new DesEdeKeyGenerator(); + + keyGen.Init(new KeyGenerationParameters(random, 112)); + + byte[] kB = keyGen.GenerateKey(); + + if (kB.Length != 16) + { + Fail("112 bit key wrong length."); + } + + keyGen.Init(new KeyGenerationParameters(random, 168)); + + kB = keyGen.GenerateKey(); + + if (kB.Length != 24) + { + Fail("168 bit key wrong length."); + } + + try + { + keyGen.Init(new KeyGenerationParameters(random, 200)); + + Fail("invalid key length not detected."); + } + catch (ArgumentException) + { + // expected + } + + try + { + DesEdeParameters.IsWeakKey(new byte[4], 0); + Fail("no exception on small key"); + } + catch (ArgumentException e) + { + if (!e.Message.Equals("key material too short.")) + { + Fail("wrong exception"); + } + } + + try + { + new DesEdeParameters(weakKey); + Fail("no exception on weak key"); + } + catch (ArgumentException e) + { + if (!e.Message.Equals("attempt to create weak DESede key")) + { + Fail("wrong exception"); + } + } + } + + public override string Name + { + get { return "DESede"; } + } + + public static void Main( + string[] args) + { + RunTest(new DesEdeTest()); + } + + [Test] + public void TestFunction() + { + string resultText = Perform().ToString(); + + Assert.AreEqual(Name + ": Okay", resultText); + } + } +} diff --git a/BouncyCastle/crypto/test/src/crypto/test/DHKEKGeneratorTest.cs b/BouncyCastle/crypto/test/src/crypto/test/DHKEKGeneratorTest.cs new file mode 100644 index 0000000..eee408f --- /dev/null +++ b/BouncyCastle/crypto/test/src/crypto/test/DHKEKGeneratorTest.cs @@ -0,0 +1,79 @@ +using System; + +using NUnit.Framework; + +using Org.BouncyCastle.Asn1; +using Org.BouncyCastle.Asn1.Pkcs; +using Org.BouncyCastle.Crypto.Agreement.Kdf; +using Org.BouncyCastle.Crypto.Digests; +using Org.BouncyCastle.Utilities.Encoders; +using Org.BouncyCastle.Utilities.Test; + +namespace Org.BouncyCastle.Crypto.Tests +{ + /// DHKEK Generator tests - from RFC 2631. + [TestFixture] + public class DHKekGeneratorTest + : SimpleTest + { + private byte[] seed1 = Hex.Decode("000102030405060708090a0b0c0d0e0f10111213"); + private DerObjectIdentifier alg1 = PkcsObjectIdentifiers.IdAlgCms3DesWrap; + private byte[] result1 = Hex.Decode("a09661392376f7044d9052a397883246b67f5f1ef63eb5fb"); + + private byte[] seed2 = Hex.Decode("000102030405060708090a0b0c0d0e0f10111213"); + private DerObjectIdentifier alg2 = PkcsObjectIdentifiers.IdAlgCmsRC2Wrap; + private byte[] partyAInfo = Hex.Decode( + "0123456789abcdeffedcba9876543201" + + "0123456789abcdeffedcba9876543201" + + "0123456789abcdeffedcba9876543201" + + "0123456789abcdeffedcba9876543201"); + private byte[] result2 = Hex.Decode("48950c46e0530075403cce72889604e0"); + + public DHKekGeneratorTest() + { + } + + public override void PerformTest() + { + CheckMask(1, new DHKekGenerator(new Sha1Digest()), new DHKdfParameters(alg1, 192, seed1), result1); + CheckMask(2, new DHKekGenerator(new Sha1Digest()), new DHKdfParameters(alg2, 128, seed2, partyAInfo), result2); + } + + private void CheckMask( + int count, + IDerivationFunction kdf, + IDerivationParameters parameters, + byte[] result) + { + byte[] data = new byte[result.Length]; + + kdf.Init(parameters); + + kdf.GenerateBytes(data, 0, data.Length); + + if (!AreEqual(result, data)) + { + Fail("DHKekGenerator failed generator test " + count); + } + } + + public override string Name + { + get { return "DHKekGenerator"; } + } + + public static void Main( + string[] args) + { + RunTest(new DHKekGeneratorTest()); + } + + [Test] + public void TestFunction() + { + string resultText = Perform().ToString(); + + Assert.AreEqual(Name + ": Okay", resultText); + } + } +} diff --git a/BouncyCastle/crypto/test/src/crypto/test/DHTest.cs b/BouncyCastle/crypto/test/src/crypto/test/DHTest.cs new file mode 100644 index 0000000..b460f41 --- /dev/null +++ b/BouncyCastle/crypto/test/src/crypto/test/DHTest.cs @@ -0,0 +1,403 @@ +using System; + +using NUnit.Framework; + +using Org.BouncyCastle.Crypto.Agreement; +using Org.BouncyCastle.Crypto.Engines; +using Org.BouncyCastle.Crypto.Generators; +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Math; +using Org.BouncyCastle.Security; +using Org.BouncyCastle.Utilities.Test; + +namespace Org.BouncyCastle.Crypto.Tests +{ + [TestFixture] + public class DHTest + : SimpleTest + { + private static readonly BigInteger g512 = new BigInteger("153d5d6172adb43045b68ae8e1de1070b6137005686d29d3d73a7749199681ee5b212c9b96bfdcfa5b20cd5e3fd2044895d609cf9b410b7a0f12ca1cb9a428cc", 16); + private static readonly BigInteger p512 = new BigInteger("9494fec095f3b85ee286542b3836fc81a5dd0a0349b4c239dd38744d488cf8e31db8bcb7d33b41abb9e5a33cca9144b1cef332c94bf0573bf047a3aca98cdf3b", 16); + + private static readonly BigInteger g768 = new BigInteger("7c240073c1316c621df461b71ebb0cdcc90a6e5527e5e126633d131f87461c4dc4afc60c2cb0f053b6758871489a69613e2a8b4c8acde23954c08c81cbd36132cfd64d69e4ed9f8e51ed6e516297206672d5c0a69135df0a5dcf010d289a9ca1", 16); + private static readonly BigInteger p768 = new BigInteger("8c9dd223debed1b80103b8b309715be009d48860ed5ae9b9d5d8159508efd802e3ad4501a7f7e1cfec78844489148cd72da24b21eddd01aa624291c48393e277cfc529e37075eccef957f3616f962d15b44aeab4039d01b817fde9eaa12fd73f", 16); + + private static readonly BigInteger g1024 = new BigInteger("1db17639cdf96bc4eabba19454f0b7e5bd4e14862889a725c96eb61048dcd676ceb303d586e30f060dbafd8a571a39c4d823982117da5cc4e0f89c77388b7a08896362429b94a18a327604eb7ff227bffbc83459ade299e57b5f77b50fb045250934938efa145511166e3197373e1b5b1e52de713eb49792bedde722c6717abf", 16); + private static readonly BigInteger p1024 = new BigInteger("a00e283b3c624e5b2b4d9fbc2653b5185d99499b00fd1bf244c6f0bb817b4d1c451b2958d62a0f8a38caef059fb5ecd25d75ed9af403f5b5bdab97a642902f824e3c13789fed95fa106ddfe0ff4a707c85e2eb77d49e68f2808bcea18ce128b178cd287c6bc00efa9a1ad2a673fe0dceace53166f75b81d6709d5f8af7c66bb7", 16); + + public override string Name + { + get { return "DH"; } + } + + private void doTestDH( + int size, + BigInteger g, + BigInteger p) + { + DHKeyPairGenerator kpGen = getDHKeyPairGenerator(g, p); + + // + // generate first pair + // + AsymmetricCipherKeyPair pair = kpGen.GenerateKeyPair(); + + DHPublicKeyParameters pu1 = (DHPublicKeyParameters)pair.Public; + DHPrivateKeyParameters pv1 = (DHPrivateKeyParameters)pair.Private; + // + // generate second pair + // + pair = kpGen.GenerateKeyPair(); + + DHPublicKeyParameters pu2 = (DHPublicKeyParameters)pair.Public; + DHPrivateKeyParameters pv2 = (DHPrivateKeyParameters)pair.Private; + + // + // two way + // + DHAgreement e1 = new DHAgreement(); + DHAgreement e2 = new DHAgreement(); + + e1.Init(pv1); + e2.Init(pv2); + + BigInteger m1 = e1.CalculateMessage(); + BigInteger m2 = e2.CalculateMessage(); + + BigInteger k1 = e1.CalculateAgreement(pu2, m2); + BigInteger k2 = e2.CalculateAgreement(pu1, m1); + + if (!k1.Equals(k2)) + { + Fail(size + " bit 2-way test failed"); + } + } + + private void doTestDHBasic( + int size, + int privateValueSize, + BigInteger g, + BigInteger p) + { + DHBasicKeyPairGenerator kpGen = getDHBasicKeyPairGenerator(g, p, privateValueSize); + + // + // generate first pair + // + AsymmetricCipherKeyPair pair = kpGen.GenerateKeyPair(); + + DHPublicKeyParameters pu1 = (DHPublicKeyParameters)pair.Public; + DHPrivateKeyParameters pv1 = (DHPrivateKeyParameters)pair.Private; + + checkKeySize(privateValueSize, pv1); + // + // generate second pair + // + pair = kpGen.GenerateKeyPair(); + + DHPublicKeyParameters pu2 = (DHPublicKeyParameters)pair.Public; + DHPrivateKeyParameters pv2 = (DHPrivateKeyParameters)pair.Private; + + checkKeySize(privateValueSize, pv2); + // + // two way + // + DHBasicAgreement e1 = new DHBasicAgreement(); + DHBasicAgreement e2 = new DHBasicAgreement(); + + e1.Init(pv1); + e2.Init(pv2); + + BigInteger k1 = e1.CalculateAgreement(pu2); + BigInteger k2 = e2.CalculateAgreement(pu1); + + if (!k1.Equals(k2)) + { + Fail("basic " + size + " bit 2-way test failed"); + } + } + + private void checkKeySize( + int privateValueSize, + DHPrivateKeyParameters priv) + { + if (privateValueSize != 0) + { + if (priv.X.BitLength != privateValueSize) + { + Fail("limited key check failed for key size " + privateValueSize); + } + } + } + + private void doTestGPWithRandom( + DHKeyPairGenerator kpGen) + { + // + // generate first pair + // + AsymmetricCipherKeyPair pair = kpGen.GenerateKeyPair(); + + DHPublicKeyParameters pu1 = (DHPublicKeyParameters)pair.Public; + DHPrivateKeyParameters pv1 = (DHPrivateKeyParameters)pair.Private; + // + // generate second pair + // + pair = kpGen.GenerateKeyPair(); + + DHPublicKeyParameters pu2 = (DHPublicKeyParameters)pair.Public; + DHPrivateKeyParameters pv2 = (DHPrivateKeyParameters)pair.Private; + + // + // two way + // + DHAgreement e1 = new DHAgreement(); + DHAgreement e2 = new DHAgreement(); + + e1.Init(new ParametersWithRandom(pv1, new SecureRandom())); + e2.Init(new ParametersWithRandom(pv2, new SecureRandom())); + + BigInteger m1 = e1.CalculateMessage(); + BigInteger m2 = e2.CalculateMessage(); + + BigInteger k1 = e1.CalculateAgreement(pu2, m2); + BigInteger k2 = e2.CalculateAgreement(pu1, m1); + + if (!k1.Equals(k2)) + { + Fail("basic with random 2-way test failed"); + } + } + + private void doTestSimpleWithRandom( + DHBasicKeyPairGenerator kpGen) + { + // + // generate first pair + // + AsymmetricCipherKeyPair pair = kpGen.GenerateKeyPair(); + + DHPublicKeyParameters pu1 = (DHPublicKeyParameters)pair.Public; + DHPrivateKeyParameters pv1 = (DHPrivateKeyParameters)pair.Private; + // + // generate second pair + // + pair = kpGen.GenerateKeyPair(); + + DHPublicKeyParameters pu2 = (DHPublicKeyParameters)pair.Public; + DHPrivateKeyParameters pv2 = (DHPrivateKeyParameters)pair.Private; + + // + // two way + // + DHBasicAgreement e1 = new DHBasicAgreement(); + DHBasicAgreement e2 = new DHBasicAgreement(); + + e1.Init(new ParametersWithRandom(pv1, new SecureRandom())); + e2.Init(new ParametersWithRandom(pv2, new SecureRandom())); + + BigInteger k1 = e1.CalculateAgreement(pu2); + BigInteger k2 = e2.CalculateAgreement(pu1); + + if (!k1.Equals(k2)) + { + Fail("basic with random 2-way test failed"); + } + } + + private DHBasicKeyPairGenerator getDHBasicKeyPairGenerator( + BigInteger g, + BigInteger p, + int privateValueSize) + { + DHParameters dhParams = new DHParameters(p, g, null, privateValueSize); + DHKeyGenerationParameters dhkgParams = new DHKeyGenerationParameters(new SecureRandom(), dhParams); + DHBasicKeyPairGenerator kpGen = new DHBasicKeyPairGenerator(); + + kpGen.Init(dhkgParams); + + return kpGen; + } + + private DHKeyPairGenerator getDHKeyPairGenerator( + BigInteger g, + BigInteger p) + { + DHParameters dhParams = new DHParameters(p, g); + DHKeyGenerationParameters dhkgParams = new DHKeyGenerationParameters(new SecureRandom(), dhParams); + DHKeyPairGenerator kpGen = new DHKeyPairGenerator(); + + kpGen.Init(dhkgParams); + + return kpGen; + } + + /** + * this test is can take quiet a while + */ + private void doTestGeneration( + int size) + { + DHParametersGenerator pGen = new DHParametersGenerator(); + + pGen.Init(size, 10, new SecureRandom()); + + DHParameters dhParams = pGen.GenerateParameters(); + + if (dhParams.L != 0) + { + Fail("DHParametersGenerator failed to set J to 0 in generated DHParameters"); + } + + DHKeyGenerationParameters dhkgParams = new DHKeyGenerationParameters(new SecureRandom(), dhParams); + + DHBasicKeyPairGenerator kpGen = new DHBasicKeyPairGenerator(); + + kpGen.Init(dhkgParams); + + // + // generate first pair + // + AsymmetricCipherKeyPair pair = kpGen.GenerateKeyPair(); + + DHPublicKeyParameters pu1 = (DHPublicKeyParameters)pair.Public; + DHPrivateKeyParameters pv1 = (DHPrivateKeyParameters)pair.Private; + + // + // generate second pair + // + dhkgParams = new DHKeyGenerationParameters(new SecureRandom(), pu1.Parameters); + + kpGen.Init(dhkgParams); + + pair = kpGen.GenerateKeyPair(); + + DHPublicKeyParameters pu2 = (DHPublicKeyParameters)pair.Public; + DHPrivateKeyParameters pv2 = (DHPrivateKeyParameters)pair.Private; + + // + // two way + // + DHBasicAgreement e1 = new DHBasicAgreement(); + DHBasicAgreement e2 = new DHBasicAgreement(); + + e1.Init(new ParametersWithRandom(pv1, new SecureRandom())); + e2.Init(new ParametersWithRandom(pv2, new SecureRandom())); + + BigInteger k1 = e1.CalculateAgreement(pu2); + BigInteger k2 = e2.CalculateAgreement(pu1); + + if (!k1.Equals(k2)) + { + Fail("basic with " + size + " bit 2-way test failed"); + } + } + + public override void PerformTest() + { + doTestDHBasic(512, 0, g512, p512); + doTestDHBasic(768, 0, g768, p768); + doTestDHBasic(1024, 0, g1024, p1024); + + doTestDHBasic(512, 64, g512, p512); + doTestDHBasic(768, 128, g768, p768); + doTestDHBasic(1024, 256, g1024, p1024); + + doTestDH(512, g512, p512); + doTestDH(768, g768, p768); + doTestDH(1024, g1024, p1024); + + // + // generation test. + // + doTestGeneration(256); + + // + // with random test + // + DHBasicKeyPairGenerator kpBasicGen = getDHBasicKeyPairGenerator(g512, p512, 0); + + doTestSimpleWithRandom(kpBasicGen); + + DHKeyPairGenerator kpGen = getDHKeyPairGenerator(g512, p512); + + doTestGPWithRandom(kpGen); + + // + // parameter tests + // + DHAgreement dh = new DHAgreement(); + AsymmetricCipherKeyPair dhPair = kpGen.GenerateKeyPair(); + + try + { + dh.Init(dhPair.Public); + Fail("DHAgreement key check failed"); + } + catch (ArgumentException) + { + // ignore + } + + DHKeyPairGenerator kpGen768 = getDHKeyPairGenerator(g768, p768); + + try + { + dh.Init(dhPair.Private); + + dh.CalculateAgreement((DHPublicKeyParameters)kpGen768.GenerateKeyPair().Public, BigInteger.ValueOf(100)); + + Fail("DHAgreement agreement check failed"); + } + catch (ArgumentException) + { + // ignore + } + + DHBasicAgreement dhBasic = new DHBasicAgreement(); + AsymmetricCipherKeyPair dhBasicPair = kpBasicGen.GenerateKeyPair(); + + try + { + dhBasic.Init(dhBasicPair.Public); + Fail("DHBasicAgreement key check failed"); + } + catch (ArgumentException) + { + // expected + } + + DHBasicKeyPairGenerator kpBasicGen768 = getDHBasicKeyPairGenerator(g768, p768, 0); + + try + { + dhBasic.Init(dhPair.Private); + + dhBasic.CalculateAgreement((DHPublicKeyParameters)kpBasicGen768.GenerateKeyPair().Public); + + Fail("DHBasicAgreement agreement check failed"); + } + catch (ArgumentException) + { + // expected + } + } + + public static void Main( + string[] args) + { + ITest test = new DHTest(); + ITestResult result = test.Perform(); + + Console.WriteLine(result); + } + + [Test] + public void TestFunction() + { + string resultText = Perform().ToString(); + + Assert.AreEqual(Name + ": Okay", resultText); + } + } +} diff --git a/BouncyCastle/crypto/test/src/crypto/test/DSATest.cs b/BouncyCastle/crypto/test/src/crypto/test/DSATest.cs new file mode 100644 index 0000000..0e63671 --- /dev/null +++ b/BouncyCastle/crypto/test/src/crypto/test/DSATest.cs @@ -0,0 +1,615 @@ +using System; + +using NUnit.Framework; + +using Org.BouncyCastle.Math; +using Org.BouncyCastle.Security; +using Org.BouncyCastle.Crypto; +using Org.BouncyCastle.Crypto.Digests; +using Org.BouncyCastle.Crypto.Signers; +using Org.BouncyCastle.Crypto.Engines; +using Org.BouncyCastle.Crypto.Encodings; +using Org.BouncyCastle.Crypto.Generators; +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Utilities; +using Org.BouncyCastle.Utilities.Encoders; +using Org.BouncyCastle.Utilities.Test; + +namespace Org.BouncyCastle.Crypto.Tests +{ + /// Test based on FIPS 186-2, Appendix 5, an example of DSA, and FIPS 168-3 test vectors. + [TestFixture] + public class DsaTest + : SimpleTest + { + public override string Name + { + get { return "DSA"; } + } + + internal BigInteger pValue = new BigInteger("8df2a494492276aa3d25759bb06869cbeac0d83afb8d0cf7cbb8324f0d7882e5d0762fc5b7210eafc2e9adac32ab7aac49693dfbf83724c2ec0736ee31c80291", 16); + internal BigInteger qValue = new BigInteger("c773218c737ec8ee993b4f2ded30f48edace915f", 16); + + public override void PerformTest() + { + byte[] k1 = Hex.Decode("d5014e4b60ef2ba8b6211b4062ba3224e0427dd3"); + byte[] k2 = Hex.Decode("345e8d05c075c3a508df729a1685690e68fcfb8c8117847e89063bca1f85d968fd281540b6e13bd1af989a1fbf17e06462bf511f9d0b140fb48ac1b1baa5bded"); + + SecureRandom random = FixedSecureRandom.From(k1, k2); + + byte[] keyData = Hex.Decode("b5014e4b60ef2ba8b6211b4062ba3224e0427dd3"); + + SecureRandom keyRandom = FixedSecureRandom.From(keyData, keyData); + + BigInteger r = new BigInteger("68076202252361894315274692543577577550894681403"); + BigInteger s = new BigInteger("1089214853334067536215539335472893651470583479365"); + DsaParametersGenerator pGen = new DsaParametersGenerator(); + + pGen.Init(512, 80, random); + + DsaParameters parameters = pGen.GenerateParameters(); + DsaValidationParameters pValid = parameters.ValidationParameters; + + if (pValid.Counter != 105) + { + Fail("Counter wrong"); + } + + if (!pValue.Equals(parameters.P) || !qValue.Equals(parameters.Q)) + { + Fail("p or q wrong"); + } + + DsaKeyPairGenerator dsaKeyGen = new DsaKeyPairGenerator(); + DsaKeyGenerationParameters genParam = new DsaKeyGenerationParameters(keyRandom, parameters); + + dsaKeyGen.Init(genParam); + + AsymmetricCipherKeyPair pair = dsaKeyGen.GenerateKeyPair(); + + ParametersWithRandom param = new ParametersWithRandom(pair.Private, keyRandom); + + DsaSigner dsa = new DsaSigner(); + + dsa.Init(true, param); + + byte[] message = new BigInteger("968236873715988614170569073515315707566766479517").ToByteArrayUnsigned(); + BigInteger[] sig = dsa.GenerateSignature(message); + + if (!r.Equals(sig[0])) + { + Fail("r component wrong." + SimpleTest.NewLine + + " expecting: " + r + SimpleTest.NewLine + + " got : " + sig[0]); + } + + if (!s.Equals(sig[1])) + { + Fail("s component wrong." + SimpleTest.NewLine + + " expecting: " + s + SimpleTest.NewLine + + " got : " + sig[1]); + } + + dsa.Init(false, pair.Public); + + if (!dsa.VerifySignature(message, sig[0], sig[1])) + { + Fail("verification fails"); + } + + Dsa2Test1(); + Dsa2Test2(); + Dsa2Test3(); + Dsa2Test4(); + } + + private void Dsa2Test1() + { + byte[] seed = Hex.Decode("ED8BEE8D1CB89229D2903CBF0E51EE7377F48698"); + + DsaParametersGenerator pGen = new DsaParametersGenerator(); + + pGen.Init(new DsaParameterGenerationParameters(1024, 160, 80, new DsaTestSecureRandom(seed))); + + DsaParameters parameters = pGen.GenerateParameters(); + + DsaValidationParameters pv = parameters.ValidationParameters; + + if (pv.Counter != 5) + { + Fail("counter incorrect"); + } + + if (!AreEqual(seed, pv.GetSeed())) + { + Fail("seed incorrect"); + } + + if (!parameters.Q.Equals(new BigInteger("E950511EAB424B9A19A2AEB4E159B7844C589C4F", 16))) + { + Fail("Q incorrect"); + } + + if (!parameters.P.Equals(new BigInteger( + "E0A67598CD1B763B" + + "C98C8ABB333E5DDA0CD3AA0E5E1FB5BA8A7B4EABC10BA338" + + "FAE06DD4B90FDA70D7CF0CB0C638BE3341BEC0AF8A7330A3" + + "307DED2299A0EE606DF035177A239C34A912C202AA5F83B9" + + "C4A7CF0235B5316BFC6EFB9A248411258B30B839AF172440" + + "F32563056CB67A861158DDD90E6A894C72A5BBEF9E286C6B", 16))) + { + Fail("P incorrect"); + } + + if (!parameters.G.Equals(new BigInteger( + "D29D5121B0423C27" + + "69AB21843E5A3240FF19CACC792264E3BB6BE4F78EDD1B15" + + "C4DFF7F1D905431F0AB16790E1F773B5CE01C804E509066A" + + "9919F5195F4ABC58189FD9FF987389CB5BEDF21B4DAB4F8B" + + "76A055FFE2770988FE2EC2DE11AD92219F0B351869AC24DA" + + "3D7BA87011A701CE8EE7BFE49486ED4527B7186CA4610A75", 16))) + { + Fail("G incorrect"); + } + + DsaKeyPairGenerator kpGen = new DsaKeyPairGenerator(); + + kpGen.Init(new DsaKeyGenerationParameters(FixedSecureRandom.From(Hex.Decode("D0EC4E50BB290A42E9E355C73D8809345DE2E139")), parameters)); + + AsymmetricCipherKeyPair kp = kpGen.GenerateKeyPair(); + + DsaPublicKeyParameters pub = (DsaPublicKeyParameters)kp.Public; + DsaPrivateKeyParameters priv = (DsaPrivateKeyParameters)kp.Private; + + if (!pub.Y.Equals(new BigInteger( + "25282217F5730501" + + "DD8DBA3EDFCF349AAFFEC20921128D70FAC44110332201BB" + + "A3F10986140CBB97C726938060473C8EC97B4731DB004293" + + "B5E730363609DF9780F8D883D8C4D41DED6A2F1E1BBBDC97" + + "9E1B9D6D3C940301F4E978D65B19041FCF1E8B518F5C0576" + + "C770FE5A7A485D8329EE2914A2DE1B5DA4A6128CEAB70F79", 16))) + { + Fail("Y value incorrect"); + } + + if (!priv.X.Equals( + new BigInteger("D0EC4E50BB290A42E9E355C73D8809345DE2E139", 16))) + { + Fail("X value incorrect"); + } + + DsaSigner signer = new DsaSigner(); + + signer.Init(true, new ParametersWithRandom(kp.Private, FixedSecureRandom.From(Hex.Decode("349C55648DCF992F3F33E8026CFAC87C1D2BA075")))); + + byte[] msg = Hex.Decode("A9993E364706816ABA3E25717850C26C9CD0D89D"); + + BigInteger[] sig = signer.GenerateSignature(msg); + + if (!sig[0].Equals(new BigInteger("636155AC9A4633B4665D179F9E4117DF68601F34", 16))) + { + Fail("R value incorrect"); + } + + if (!sig[1].Equals(new BigInteger("6C540B02D9D4852F89DF8CFC99963204F4347704", 16))) + { + Fail("S value incorrect"); + } + + signer.Init(false, kp.Public); + + if (!signer.VerifySignature(msg, sig[0], sig[1])) + { + Fail("signature not verified"); + } + + } + + private void Dsa2Test2() + { + byte[] seed = Hex.Decode("5AFCC1EFFC079A9CCA6ECA86D6E3CC3B18642D9BE1CC6207C84002A9"); + + DsaParametersGenerator pGen = new DsaParametersGenerator(new Sha224Digest()); + + pGen.Init(new DsaParameterGenerationParameters(2048, 224, 80, new DsaTestSecureRandom(seed))); + + DsaParameters parameters = pGen.GenerateParameters(); + + DsaValidationParameters pv = parameters.ValidationParameters; + + if (pv.Counter != 21) + { + Fail("counter incorrect"); + } + + if (!AreEqual(seed, pv.GetSeed())) + { + Fail("seed incorrect"); + } + + if (!parameters.Q.Equals(new BigInteger("90EAF4D1AF0708B1B612FF35E0A2997EB9E9D263C9CE659528945C0D", 16))) + { + Fail("Q incorrect"); + } + + if (!parameters.P.Equals(new BigInteger( + "C196BA05AC29E1F9C3C72D56DFFC6154" + + "A033F1477AC88EC37F09BE6C5BB95F51C296DD20D1A28A06" + + "7CCC4D4316A4BD1DCA55ED1066D438C35AEBAABF57E7DAE4" + + "28782A95ECA1C143DB701FD48533A3C18F0FE23557EA7AE6" + + "19ECACC7E0B51652A8776D02A425567DED36EABD90CA33A1" + + "E8D988F0BBB92D02D1D20290113BB562CE1FC856EEB7CDD9" + + "2D33EEA6F410859B179E7E789A8F75F645FAE2E136D252BF" + + "FAFF89528945C1ABE705A38DBC2D364AADE99BE0D0AAD82E" + + "5320121496DC65B3930E38047294FF877831A16D5228418D" + + "E8AB275D7D75651CEFED65F78AFC3EA7FE4D79B35F62A040" + + "2A1117599ADAC7B269A59F353CF450E6982D3B1702D9CA83", 16))) + { + Fail("P incorrect"); + } + + if (!parameters.G.Equals(new BigInteger( + "A59A749A11242C58C894E9E5A91804E8"+ + "FA0AC64B56288F8D47D51B1EDC4D65444FECA0111D78F35F"+ + "C9FDD4CB1F1B79A3BA9CBEE83A3F811012503C8117F98E50"+ + "48B089E387AF6949BF8784EBD9EF45876F2E6A5A495BE64B"+ + "6E770409494B7FEE1DBB1E4B2BC2A53D4F893D418B715959"+ + "2E4FFFDF6969E91D770DAEBD0B5CB14C00AD68EC7DC1E574"+ + "5EA55C706C4A1C5C88964E34D09DEB753AD418C1AD0F4FDF"+ + "D049A955E5D78491C0B7A2F1575A008CCD727AB376DB6E69"+ + "5515B05BD412F5B8C2F4C77EE10DA48ABD53F5DD498927EE"+ + "7B692BBBCDA2FB23A516C5B4533D73980B2A3B60E384ED20"+ + "0AE21B40D273651AD6060C13D97FD69AA13C5611A51B9085", 16))) + { + Fail("G incorrect"); + } + + DsaKeyPairGenerator kpGen = new DsaKeyPairGenerator(); + + kpGen.Init(new DsaKeyGenerationParameters( + FixedSecureRandom.From(Hex.Decode("00D0F09ED3E2568F6CADF9224117DA2AEC5A4300E009DE1366023E17")), parameters)); + + AsymmetricCipherKeyPair kp = kpGen.GenerateKeyPair(); + + DsaPublicKeyParameters pub = (DsaPublicKeyParameters)kp.Public; + DsaPrivateKeyParameters priv = (DsaPrivateKeyParameters)kp.Private; + + if (!pub.Y.Equals(new BigInteger( + "70035C9A3B225B258F16741F3941FBF0" + + "6F3D056CD7BD864604CBB5EE9DD85304EE8E8E4ABD5E9032" + + "11DDF25CE149075510ACE166970AFDC7DF552B7244F342FA" + + "02F7A621405B754909D757F97290E1FE5036E904CF593446" + + "0C046D95659821E1597ED9F2B1F0E20863A6BBD0CE74DACB" + + "A5D8C68A90B29C2157CDEDB82EC12B81EE3068F9BF5F7F34" + + "6ECA41ED174CCCD7D154FA4F42F80FFE1BF46AE9D8125DEB" + + "5B4BA08A72BDD86596DBEDDC9550FDD650C58F5AE5133509" + + "A702F79A31ECB490F7A3C5581631F7C5BE4FF7F9E9F27FA3" + + "90E47347AD1183509FED6FCF198BA9A71AB3335B4F38BE8D" + + "15496A00B6DC2263E20A5F6B662320A3A1EC033AA61E3B68", 16))) + { + Fail("Y value incorrect"); + } + + if (!priv.X.Equals( + new BigInteger("00D0F09ED3E2568F6CADF9224117DA2AEC5A4300E009DE1366023E17", 16))) + { + Fail("X value incorrect"); + } + + DsaSigner signer = new DsaSigner(); + + signer.Init(true, new ParametersWithRandom(kp.Private, + FixedSecureRandom.From(Hex.Decode("735959CC4463B8B440E407EECA8A473BF6A6D1FE657546F67D401F05")))); + + byte[] msg = Hex.Decode("23097D223405D8228642A477BDA255B32AADBCE4BDA0B3F7E36C9DA7"); + + BigInteger[] sig = signer.GenerateSignature(msg); + + if (!sig[0].Equals(new BigInteger("4400138D05F9639CAF54A583CAAF25D2B76D0C3EAD752CE17DBC85FE", 16))) + { + Fail("R value incorrect"); + } + + if (!sig[1].Equals(new BigInteger("874D4F12CB13B61732D398445698CFA9D92381D938AA57EE2C9327B3", 16))) + { + Fail("S value incorrect"); + } + + signer.Init(false, kp.Public); + + if (!signer.VerifySignature(msg, sig[0], sig[1])) + { + Fail("signature not verified"); + } + } + + private void Dsa2Test3() + { + byte[] seed = Hex.Decode("4783081972865EA95D43318AB2EAF9C61A2FC7BBF1B772A09017BDF5A58F4FF0"); + + DsaParametersGenerator pGen = new DsaParametersGenerator(new Sha256Digest()); + + pGen.Init(new DsaParameterGenerationParameters(2048, 256, 80, new DsaTestSecureRandom(seed))); + + DsaParameters parameters = pGen.GenerateParameters(); + + DsaValidationParameters pv = parameters.ValidationParameters; + + if (pv.Counter != 12) + { + Fail("counter incorrect"); + } + + if (!AreEqual(seed, pv.GetSeed())) + { + Fail("seed incorrect"); + } + + if (!parameters.Q.Equals(new BigInteger("C24ED361870B61E0D367F008F99F8A1F75525889C89DB1B673C45AF5867CB467", 16))) + { + Fail("Q incorrect"); + } + + if (!parameters.P.Equals(new BigInteger( + "F56C2A7D366E3EBDEAA1891FD2A0D099" + + "436438A673FED4D75F594959CFFEBCA7BE0FC72E4FE67D91" + + "D801CBA0693AC4ED9E411B41D19E2FD1699C4390AD27D94C" + + "69C0B143F1DC88932CFE2310C886412047BD9B1C7A67F8A2" + + "5909132627F51A0C866877E672E555342BDF9355347DBD43" + + "B47156B2C20BAD9D2B071BC2FDCF9757F75C168C5D9FC431" + + "31BE162A0756D1BDEC2CA0EB0E3B018A8B38D3EF2487782A" + + "EB9FBF99D8B30499C55E4F61E5C7DCEE2A2BB55BD7F75FCD" + + "F00E48F2E8356BDB59D86114028F67B8E07B127744778AFF" + + "1CF1399A4D679D92FDE7D941C5C85C5D7BFF91BA69F9489D" + + "531D1EBFA727CFDA651390F8021719FA9F7216CEB177BD75", 16))) + { + Fail("P incorrect"); + } + + if (!parameters.G.Equals(new BigInteger( + "8DC6CC814CAE4A1C05A3E186A6FE27EA" + + "BA8CDB133FDCE14A963A92E809790CBA096EAA26140550C1" + + "29FA2B98C16E84236AA33BF919CD6F587E048C52666576DB" + + "6E925C6CBE9B9EC5C16020F9A44C9F1C8F7A8E611C1F6EC2" + + "513EA6AA0B8D0F72FED73CA37DF240DB57BBB27431D61869" + + "7B9E771B0B301D5DF05955425061A30DC6D33BB6D2A32BD0" + + "A75A0A71D2184F506372ABF84A56AEEEA8EB693BF29A6403" + + "45FA1298A16E85421B2208D00068A5A42915F82CF0B858C8" + + "FA39D43D704B6927E0B2F916304E86FB6A1B487F07D8139E" + + "428BB096C6D67A76EC0B8D4EF274B8A2CF556D279AD267CC" + + "EF5AF477AFED029F485B5597739F5D0240F67C2D948A6279", 16))) + { + Fail("G incorrect"); + } + + DsaKeyPairGenerator kpGen = new DsaKeyPairGenerator(); + + kpGen.Init(new DsaKeyGenerationParameters( + FixedSecureRandom.From(Hex.Decode("0CAF2EF547EC49C4F3A6FE6DF4223A174D01F2C115D49A6F73437C29A2A8458C")), parameters)); + + AsymmetricCipherKeyPair kp = kpGen.GenerateKeyPair(); + + DsaPublicKeyParameters pub = (DsaPublicKeyParameters)kp.Public; + DsaPrivateKeyParameters priv = (DsaPrivateKeyParameters)kp.Private; + + if (!pub.Y.Equals(new BigInteger( + "2828003D7C747199143C370FDD07A286" + + "1524514ACC57F63F80C38C2087C6B795B62DE1C224BF8D1D" + + "1424E60CE3F5AE3F76C754A2464AF292286D873A7A30B7EA" + + "CBBC75AAFDE7191D9157598CDB0B60E0C5AA3F6EBE425500" + + "C611957DBF5ED35490714A42811FDCDEB19AF2AB30BEADFF" + + "2907931CEE7F3B55532CFFAEB371F84F01347630EB227A41" + + "9B1F3F558BC8A509D64A765D8987D493B007C4412C297CAF" + + "41566E26FAEE475137EC781A0DC088A26C8804A98C23140E" + + "7C936281864B99571EE95C416AA38CEEBB41FDBFF1EB1D1D" + + "C97B63CE1355257627C8B0FD840DDB20ED35BE92F08C49AE" + + "A5613957D7E5C7A6D5A5834B4CB069E0831753ECF65BA02B", 16))) + { + Fail("Y value incorrect"); + } + + if (!priv.X.Equals( + new BigInteger("0CAF2EF547EC49C4F3A6FE6DF4223A174D01F2C115D49A6F73437C29A2A8458C", 16))) + { + Fail("X value incorrect"); + } + + DsaSigner signer = new DsaSigner(); + + signer.Init(true, new ParametersWithRandom(kp.Private, + FixedSecureRandom.From(Hex.Decode("0CAF2EF547EC49C4F3A6FE6DF4223A174D01F2C115D49A6F73437C29A2A8458C")))); + + byte[] msg = Hex.Decode("BA7816BF8F01CFEA414140DE5DAE2223B00361A396177A9CB410FF61F20015AD"); + + BigInteger[] sig = signer.GenerateSignature(msg); + + if (!sig[0].Equals(new BigInteger("315C875DCD4850E948B8AC42824E9483A32D5BA5ABE0681B9B9448D444F2BE3C", 16))) + { + Fail("R value incorrect"); + } + + if (!sig[1].Equals(new BigInteger("89718D12E54A8D9ED066E4A55F7ED5A2229CD23B9A3CEE78F83ED6AA61F6BCB9", 16))) + { + Fail("S value incorrect"); + } + + signer.Init(false, kp.Public); + + if (!signer.VerifySignature(msg, sig[0], sig[1])) + { + Fail("signature not verified"); + } + } + + private void Dsa2Test4() + { + byte[] seed = Hex.Decode("193AFCA7C1E77B3C1ECC618C81322E47B8B8B997C9C83515C59CC446C2D9BD47"); + + DsaParametersGenerator pGen = new DsaParametersGenerator(new Sha256Digest()); + + pGen.Init(new DsaParameterGenerationParameters(3072, 256, 80, new DsaTestSecureRandom(seed))); + + DsaParameters parameters = pGen.GenerateParameters(); + + DsaValidationParameters pv = parameters.ValidationParameters; + + if (pv.Counter != 20) + { + Fail("counter incorrect"); + } + + if (!AreEqual(seed, pv.GetSeed())) + { + Fail("seed incorrect"); + } + + if (!parameters.Q.Equals(new BigInteger("CFA0478A54717B08CE64805B76E5B14249A77A4838469DF7F7DC987EFCCFB11D", 16))) + { + Fail("Q incorrect"); + } + + if (!parameters.P.Equals(new BigInteger( + "90066455B5CFC38F9CAA4A48B4281F292C260FEEF01FD610" + + "37E56258A7795A1C7AD46076982CE6BB956936C6AB4DCFE0" + + "5E6784586940CA544B9B2140E1EB523F009D20A7E7880E4E" + + "5BFA690F1B9004A27811CD9904AF70420EEFD6EA11EF7DA1" + + "29F58835FF56B89FAA637BC9AC2EFAAB903402229F491D8D" + + "3485261CD068699B6BA58A1DDBBEF6DB51E8FE34E8A78E54" + + "2D7BA351C21EA8D8F1D29F5D5D15939487E27F4416B0CA63" + + "2C59EFD1B1EB66511A5A0FBF615B766C5862D0BD8A3FE7A0" + + "E0DA0FB2FE1FCB19E8F9996A8EA0FCCDE538175238FC8B0E" + + "E6F29AF7F642773EBE8CD5402415A01451A840476B2FCEB0" + + "E388D30D4B376C37FE401C2A2C2F941DAD179C540C1C8CE0" + + "30D460C4D983BE9AB0B20F69144C1AE13F9383EA1C08504F" + + "B0BF321503EFE43488310DD8DC77EC5B8349B8BFE97C2C56" + + "0EA878DE87C11E3D597F1FEA742D73EEC7F37BE43949EF1A" + + "0D15C3F3E3FC0A8335617055AC91328EC22B50FC15B941D3" + + "D1624CD88BC25F3E941FDDC6200689581BFEC416B4B2CB73", 16))) + { + Fail("P incorrect"); + } + + if (!parameters.G.Equals(new BigInteger( + "5E5CBA992E0A680D885EB903AEA78E4A45A469103D448EDE" + + "3B7ACCC54D521E37F84A4BDD5B06B0970CC2D2BBB715F7B8" + + "2846F9A0C393914C792E6A923E2117AB805276A975AADB52" + + "61D91673EA9AAFFEECBFA6183DFCB5D3B7332AA19275AFA1" + + "F8EC0B60FB6F66CC23AE4870791D5982AAD1AA9485FD8F4A" + + "60126FEB2CF05DB8A7F0F09B3397F3937F2E90B9E5B9C9B6" + + "EFEF642BC48351C46FB171B9BFA9EF17A961CE96C7E7A7CC" + + "3D3D03DFAD1078BA21DA425198F07D2481622BCE45969D9C" + + "4D6063D72AB7A0F08B2F49A7CC6AF335E08C4720E31476B6" + + "7299E231F8BD90B39AC3AE3BE0C6B6CACEF8289A2E2873D5" + + "8E51E029CAFBD55E6841489AB66B5B4B9BA6E2F784660896" + + "AFF387D92844CCB8B69475496DE19DA2E58259B090489AC8" + + "E62363CDF82CFD8EF2A427ABCD65750B506F56DDE3B98856" + + "7A88126B914D7828E2B63A6D7ED0747EC59E0E0A23CE7D8A" + + "74C1D2C2A7AFB6A29799620F00E11C33787F7DED3B30E1A2" + + "2D09F1FBDA1ABBBFBF25CAE05A13F812E34563F99410E73B", 16))) + { + Fail("G incorrect"); + } + + DsaKeyPairGenerator kpGen = new DsaKeyPairGenerator(); + + kpGen.Init(new DsaKeyGenerationParameters( + FixedSecureRandom.From(Hex.Decode("3ABC1587297CE7B9EA1AD6651CF2BC4D7F92ED25CABC8553F567D1B40EBB8764")), parameters)); + + AsymmetricCipherKeyPair kp = kpGen.GenerateKeyPair(); + + DsaPublicKeyParameters pub = (DsaPublicKeyParameters)kp.Public; + DsaPrivateKeyParameters priv = (DsaPrivateKeyParameters)kp.Private; + + if (!pub.Y.Equals(new BigInteger( + "8B891C8692D3DE875879390F2698B26FBECCA6B075535DCE" + + "6B0C862577F9FA0DEF6074E7A7624121224A595896ABD4CD" + + "A56B2CEFB942E025D2A4282FFAA98A48CDB47E1A6FCB5CFB" + + "393EF35AF9DF913102BB303C2B5C36C3F8FC04ED7B8B69FE" + + "FE0CF3E1FC05CFA713B3435B2656E913BA8874AEA9F93600" + + "6AEB448BCD005D18EC3562A33D04CF25C8D3D69844343442" + + "FA3DB7DE618C5E2DA064573E61E6D5581BFB694A23AC87FD" + + "5B52D62E954E1376DB8DDB524FFC0D469DF978792EE44173" + + "8E5DB05A7DC43E94C11A2E7A4FBE383071FA36D2A7EC8A93" + + "88FE1C4F79888A99D3B6105697C2556B79BB4D7E781CEBB3" + + "D4866AD825A5E830846072289FDBC941FA679CA82F5F78B7" + + "461B2404DB883D215F4E0676CF5493950AC5591697BFEA8D" + + "1EE6EC016B89BA51CAFB5F9C84C989FA117375E94578F28B" + + "E0B34CE0545DA46266FD77F62D8F2CEE92AB77012AFEBC11" + + "008985A821CD2D978C7E6FE7499D1AAF8DE632C21BB48CA5" + + "CBF9F31098FD3FD3854C49A65D9201744AACE540354974F9", 16))) + { + Fail("Y value incorrect"); + } + + if (!priv.X.Equals( + new BigInteger("3ABC1587297CE7B9EA1AD6651CF2BC4D7F92ED25CABC8553F567D1B40EBB8764", 16))) + { + Fail("X value incorrect"); + } + + DsaSigner signer = new DsaSigner(); + + signer.Init(true, new ParametersWithRandom(kp.Private, + FixedSecureRandom.From(Hex.Decode("A6902C1E6E3943C5628061588A8B007BCCEA91DBF12915483F04B24AB0678BEE")))); + + byte[] msg = Hex.Decode("BA7816BF8F01CFEA414140DE5DAE2223B00361A396177A9CB410FF61F20015AD"); + + BigInteger[] sig = signer.GenerateSignature(msg); + + if (!sig[0].Equals(new BigInteger("5F184E645A38BE8FB4A6871B6503A9D12924C7ABE04B71410066C2ECA6E3BE3E", 16))) + { + Fail("R value incorrect"); + } + + if (!sig[1].Equals(new BigInteger("91EB0C7BA3D4B9B60B825C3D9F2CADA8A2C9D7723267B033CBCDCF8803DB9C18", 16))) + { + Fail("S value incorrect"); + } + + signer.Init(false, kp.Public); + + if (!signer.VerifySignature(msg, sig[0], sig[1])) + { + Fail("signature not verified"); + } + } + + public static void Main( + string[] args) + { + RunTest(new DsaTest()); + } + + [Test] + public void TestFunction() + { + string resultText = Perform().ToString(); + + Assert.AreEqual(Name + ": Okay", resultText); + } + + private class DsaTestSecureRandom + : FixedSecureRandom + { + private bool first = true; + + public DsaTestSecureRandom(byte[] value) + : base(Arrays.Clone(value)) + { + } + + public override void NextBytes(byte[] bytes) + { + if (first) + { + base.NextBytes(bytes); + first = false; + } + else + { + bytes[bytes.Length - 1] = 2; + } + } + } + } +} diff --git a/BouncyCastle/crypto/test/src/crypto/test/DSTU7564Test.cs b/BouncyCastle/crypto/test/src/crypto/test/DSTU7564Test.cs new file mode 100644 index 0000000..ecbfb74 --- /dev/null +++ b/BouncyCastle/crypto/test/src/crypto/test/DSTU7564Test.cs @@ -0,0 +1,630 @@ +using System; + +using NUnit.Framework; + +using Org.BouncyCastle.Crypto; +using Org.BouncyCastle.Crypto.Digests; +using Org.BouncyCastle.Utilities.Encoders; +using Org.BouncyCastle.Utilities.Test; +using Org.BouncyCastle.Crypto.Macs; +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Crypto.Tests +{ + /** + * standard vector test for SHA-384 from FIPS Draft 180-2. + * + * Note, the first two vectors are _not_ from the draft, the last three are. + */ + [TestFixture] + public class Dstu7564Test + : DigestTest + { + private static string[] messages = + { + "", + "a", + "abc", + "abcdefghbcdefghicdefghijdefghijkefghijklfghijklmghijklmnhijklmnoijklmnopjklmnopqklmnopqrlmnopqrsmnopqrstnopqrstu" + }; + + private static string[] digests = + { + "cd5101d1ccdf0d1d1f4ada56e888cd724ca1a0838a3521e7131d4fb78d0f5eb6", + "c51a1d639596fb613d86557314a150c40f8fff3de48bc93a3b03c161f4105ee4", + "0bd1b36109f1318411a0517315aa46b8839df06622a278676f5487996c9cfc04", + "02621dbb53f2c7001be64d7308ecb80d21ba7797c92e98d1efc240d41e4c414b" + }; + + public Dstu7564Test() + : base(new Dstu7564Digest(256), messages, digests) + { + } + + + public override void PerformTest() + { + base.PerformTest(); + + hash256Tests(); + hash384Tests(); + hash512Tests(); + macTests(); + overflowTest(); + } + + private void overflowTest() + { + int macBitSize = 256; + byte[] input = new byte[1024]; + for (int i = 0; i != input.Length; i++) + { + input[i] = (byte)(i & 0xff); + } + byte[] key = Hex.Decode("1F1E1D1C1B1A191817161514131211100F0E0D0C0B0A09080706050403020100"); + + byte[] expectedMac = Hex.Decode("165382df70adcb040b17c1aced117d26d598b239ab631271a05f6d0f875ae9ea"); + byte[] mac = new byte[macBitSize / 8]; + + Dstu7564Mac dstu7564mac = new Dstu7564Mac(macBitSize); + + dstu7564mac.Init(new KeyParameter(key)); + dstu7564mac.BlockUpdate(input, 0, input.Length); + dstu7564mac.DoFinal(mac, 0); + + if (!Arrays.AreEqual(expectedMac, mac)) + { + Fail("Failed overflow test 1 - expected " + + Hex.ToHexString(expectedMac) + + " got " + Hex.ToHexString(mac)); + } + + macBitSize = 256; + input = new byte[1023]; + for (int i = 0; i != input.Length; i++) + { + input[i] = (byte)(i & 0xff); + } + key = Hex.Decode("1F1E1D1C1B1A191817161514131211100F0E0D0C0B0A09080706050403020100"); + + expectedMac = Hex.Decode("ed45f163e694d990d2d835dca2f3f869a55a31396c8138161b190d5914d50686"); + mac = new byte[macBitSize / 8]; + + dstu7564mac = new Dstu7564Mac(macBitSize); + + dstu7564mac.Init(new KeyParameter(key)); + dstu7564mac.BlockUpdate(input, 0, input.Length); + dstu7564mac.DoFinal(mac, 0); + + if (!Arrays.AreEqual(expectedMac, mac)) + { + Fail("Failed overflow test 2 - expected " + + Hex.ToHexString(expectedMac) + + " got " + Hex.ToHexString(mac)); + } + + Dstu7564Digest digest = new Dstu7564Digest(macBitSize); + byte[] expectedDigest = Hex.Decode("6bfc5ec8c1f5963fbed89da115d86e9330634eca341dd42fd94a7007e4af7942"); + byte[] digestBuf = new byte[macBitSize / 8]; + + digest.BlockUpdate(input, 0, input.Length); + digest.DoFinal(digestBuf, 0); + + if (!Arrays.AreEqual(expectedDigest, digestBuf)) + { + Fail("Failed overflow test 3 - expected " + + Hex.ToHexString(expectedDigest) + + " got " + Hex.ToHexString(digestBuf)); + } + + expectedDigest = Hex.Decode("6f8f0a3f8261af77581ab01cb89d4cb5ed87ca1d9954f11d5586e94b45c82fb8"); + + input = new byte[51]; + for (int i = 0; i != input.Length; i++) + { + input[i] = (byte)(i & 0xff); + } + + digest.BlockUpdate(input, 0, input.Length); + digest.DoFinal(digestBuf, 0); + + if (!Arrays.AreEqual(expectedDigest, digestBuf)) + { + Fail("Failed overflow test 4 - expected " + + Hex.ToHexString(expectedDigest) + + " got " + Hex.ToHexString(digestBuf)); + } + + input = new byte[52]; + for (int i = 0; i != input.Length; i++) + { + input[i] = (byte)(i & 0xff); + } + + expectedDigest = Hex.Decode("8b6fe2ba77e684b2a1ac82232f4efc49f681cd18c82a0cfff530186a2fc642d2"); + + digest.BlockUpdate(input, 0, input.Length); + digest.DoFinal(digestBuf, 0); + + if (!Arrays.AreEqual(expectedDigest, digestBuf)) + { + Fail("Failed overflow test 5 - expected " + + Hex.ToHexString(expectedDigest) + + " got " + Hex.ToHexString(digestBuf)); + } + + + input = new byte[53]; + for (int i = 0; i != input.Length; i++) + { + input[i] = (byte)(i & 0xff); + } + + expectedDigest = Hex.Decode("837f2b0cbe39a4defdfcb44272288d4091cab850161c70695d7831fc5f00e171"); + + digest.BlockUpdate(input, 0, input.Length); + digest.DoFinal(digestBuf, 0); + + if (!Arrays.AreEqual(expectedDigest, digestBuf)) + { + Fail("Failed overflow test 6 - expected " + + Hex.ToHexString(expectedDigest) + + " got " + Hex.ToHexString(digestBuf)); + } + + input = new byte[54]; + for (int i = 0; i != input.Length; i++) + { + input[i] = (byte)(i & 0xff); + } + + expectedDigest = Hex.Decode("21d423d5b8c7f18a0da42cdd95b36b66344125e2adc6edeab5899926442113bc"); + + digest.BlockUpdate(input, 0, input.Length); + digest.DoFinal(digestBuf, 0); + + if (!Arrays.AreEqual(expectedDigest, digestBuf)) + { + Fail("Failed overflow test 7 - expected " + + Hex.ToHexString(expectedDigest) + + " got " + Hex.ToHexString(digestBuf)); + } + + input = new byte[55]; + for (int i = 0; i != input.Length; i++) + { + input[i] = (byte)(i & 0xff); + } + + expectedDigest = Hex.Decode("0e7bf74464b81b3ae7d904170776d29f4b02a7227da578dd562d01027af7fd0e"); + + digest.BlockUpdate(input, 0, input.Length); + digest.DoFinal(digestBuf, 0); + + if (!Arrays.AreEqual(expectedDigest, digestBuf)) + { + Fail("Failed overflow test 8 - expected " + + Hex.ToHexString(expectedDigest) + + " got " + Hex.ToHexString(digestBuf)); + } + + input = new byte[56]; + for (int i = 0; i != input.Length; i++) + { + input[i] = (byte)(i & 0xff); + } + + expectedDigest = Hex.Decode("badea1f49cbcec94acec52b4c695acdddd786cca5a6763929f341a58c5134b3b"); + + digest.BlockUpdate(input, 0, input.Length); + digest.DoFinal(digestBuf, 0); + + if (!Arrays.AreEqual(expectedDigest, digestBuf)) + { + Fail("Failed overflow test 9 - expected " + + Hex.ToHexString(expectedDigest) + + " got " + Hex.ToHexString(digestBuf)); + } + + input = new byte[57]; + for (int i = 0; i != input.Length; i++) + { + input[i] = (byte)(i & 0xff); + } + + expectedDigest = Hex.Decode("a13b5f6f53ee043292ed65b66c1d49759be4d2fe0c2f6148f2416487965f7bde"); + + digest.BlockUpdate(input, 0, input.Length); + digest.DoFinal(digestBuf, 0); + + if (!Arrays.AreEqual(expectedDigest, digestBuf)) + { + Fail("Failed overflow test 10 - expected " + + Hex.ToHexString(expectedDigest) + + " got " + Hex.ToHexString(digestBuf)); + } + + input = new byte[63]; + for (int i = 0; i != input.Length; i++) + { + input[i] = (byte)(i & 0xff); + } + + expectedDigest = Hex.Decode("03a44a02c9ffafb43addb290bbcf3b8168f624e8cbd332dc6a9dc7df9d39cbc2"); + + digest.BlockUpdate(input, 0, input.Length); + digest.DoFinal(digestBuf, 0); + + if (!Arrays.AreEqual(expectedDigest, digestBuf)) + { + Fail("Failed overflow test 11 - expected " + + Hex.ToHexString(expectedDigest) + + " got " + Hex.ToHexString(digestBuf)); + } + + input = new byte[64]; + for (int i = 0; i != input.Length; i++) + { + input[i] = (byte)(i & 0xff); + } + + expectedDigest = Hex.Decode("08f4ee6f1be6903b324c4e27990cb24ef69dd58dbe84813ee0a52f6631239875"); + + digest.BlockUpdate(input, 0, input.Length); + digest.DoFinal(digestBuf, 0); + + if (!Arrays.AreEqual(expectedDigest, digestBuf)) + { + Fail("Failed overflow test 12 - expected " + + Hex.ToHexString(expectedDigest) + + " got " + Hex.ToHexString(digestBuf)); + } + + input = new byte[65]; + for (int i = 0; i != input.Length; i++) + { + input[i] = (byte)(i & 0xff); + } + + expectedDigest = Hex.Decode("a81c2fb92351f370050b7c36cd51736d5603a50ec1106cbd5fe1c9be2e5c77a6"); + + digest.BlockUpdate(input, 0, input.Length); + digest.DoFinal(digestBuf, 0); + + if (!Arrays.AreEqual(expectedDigest, digestBuf)) + { + Fail("Failed overflow test 13 - expected " + + Hex.ToHexString(expectedDigest) + + " got " + Hex.ToHexString(digestBuf)); + } + } + + private void macTests() + { + //test1 + int macBitSize = 256; + byte[] input = Hex.Decode("000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E"); + byte[] key = Hex.Decode("1F1E1D1C1B1A191817161514131211100F0E0D0C0B0A09080706050403020100"); + + byte[] expectedMac = Hex.Decode("B60594D56FA79BA210314C72C2495087CCD0A99FC04ACFE2A39EF669925D98EE"); + byte[] mac = new byte[macBitSize / 8]; + + Dstu7564Mac dstu7564mac = new Dstu7564Mac(macBitSize); + + dstu7564mac.Init(new KeyParameter(key)); + dstu7564mac.BlockUpdate(input, 0, input.Length); + dstu7564mac.DoFinal(mac, 0); + + if (!Arrays.AreEqual(expectedMac, mac)) + { + Fail("Failed mac test 1 - expected " + + Hex.ToHexString(expectedMac) + + " got " + Hex.ToHexString(mac)); + } + + //test1a + input = Hex.Decode("0001020304050607"); + key = Hex.Decode("08F4EE6F1BE6903B324C4E27990CB24EF69DD58DBE84813EE0A52F6631239875"); + + expectedMac = Hex.Decode("383A0B11989ABF61B2CF3EB489351EB7C9AEF70CF5A9D6DBD90F340FF151BA2D"); + mac = new byte[macBitSize / 8]; + + dstu7564mac = new Dstu7564Mac(macBitSize); + + dstu7564mac.Init(new KeyParameter(key)); + dstu7564mac.BlockUpdate(input, 0, input.Length); + dstu7564mac.DoFinal(mac, 0); + + if (!Arrays.AreEqual(expectedMac, mac)) + { + Fail("Failed mac test 1a - expected " + + Hex.ToHexString(expectedMac) + + " got " + Hex.ToHexString(mac)); + } + + //test 2 + macBitSize = 384; + input = Hex.Decode("000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E"); + key = Hex.Decode("2F2E2D2C2B2A292827262524232221201F1E1D1C1B1A191817161514131211100F0E0D0C0B0A09080706050403020100"); + + expectedMac = Hex.Decode("BEBFD8D730336F043ABACB41829E79A4D320AEDDD8D14024D5B805DA70C396FA295C281A38B30AE728A304B3F5AE490E"); + mac = new byte[macBitSize / 8]; + + dstu7564mac = new Dstu7564Mac(macBitSize); + + dstu7564mac.Init(new KeyParameter(key)); + dstu7564mac.BlockUpdate(input, 0, input.Length); + dstu7564mac.DoFinal(mac, 0); + + if (!Arrays.AreEqual(expectedMac, mac)) + { + Fail("Failed mac test 2 - expected " + + Hex.ToHexString(expectedMac) + + " got " + Hex.ToHexString(mac)); + } + + //test 3 + macBitSize = 512; + input = Hex.Decode("000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E"); + key = Hex.Decode("3F3E3D3C3B3A393837363534333231302F2E2D2C2B2A292827262524232221201F1E1D1C1B1A191817161514131211100F0E0D0C0B0A09080706050403020100"); + + expectedMac = Hex.Decode("F270043C06A5C37E65D9D791C5FBFB966E5EE709F8F54019C9A55B76CA40B70100579F269CEC24E347A9D864614CF3ABBF6610742E4DB3BD2ABC000387C49D24"); + mac = new byte[macBitSize / 8]; + + dstu7564mac = new Dstu7564Mac(macBitSize); + + dstu7564mac.Init(new KeyParameter(key)); + dstu7564mac.BlockUpdate(input, 0, input.Length); + dstu7564mac.DoFinal(mac, 0); + + if (!Arrays.AreEqual(expectedMac, mac)) + { + Fail("Failed mac test 3 - expected " + + Hex.ToHexString(expectedMac) + + " got " + Hex.ToHexString(mac)); + } + } + + private void hash512Tests() + { + int hashBitSize = 512; + + //test 1 + byte[] input = Hex.Decode("000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F202122232425262728292A2B2C2D2E2F303132333435363738393A3B3C3D3E3F"); + byte[] expectedHash = Hex.Decode("3813E2109118CDFB5A6D5E72F7208DCCC80A2DFB3AFDFB02F46992B5EDBE536B3560DD1D7E29C6F53978AF58B444E37BA685C0DD910533BA5D78EFFFC13DE62A"); + byte[] hash = new byte[hashBitSize / 8]; + + Dstu7564Digest dstu7564 = new Dstu7564Digest(hashBitSize); + dstu7564.BlockUpdate(input, 0, input.Length); + dstu7564.DoFinal(hash, 0); + + if (!Arrays.AreEqual(expectedHash, hash)) + { + Fail("Failed hash-512 test 1 - expected " + + Hex.ToHexString(expectedHash) + + " got " + Hex.ToHexString(hash)); + } + + //test 2 + input = Hex.Decode("000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F202122232425262728292A2B2C2D2E2F303132333435363738393A3B3C3D3E3F404142434445464748494A4B4C4D4E4F505152535455565758595A5B5C5D5E5F606162636465666768696A6B6C6D6E6F707172737475767778797A7B7C7D7E7F"); + expectedHash = Hex.Decode("76ED1AC28B1D0143013FFA87213B4090B356441263C13E03FA060A8CADA32B979635657F256B15D5FCA4A174DE029F0B1B4387C878FCC1C00E8705D783FD7FFE"); + hash = new byte[hashBitSize / 8]; + + dstu7564 = new Dstu7564Digest(hashBitSize); + dstu7564.BlockUpdate(input, 0, input.Length); + dstu7564.DoFinal(hash, 0); + + if (!Arrays.AreEqual(expectedHash, hash)) + { + Fail("Failed hash-512 test 2 - expected " + + Hex.ToHexString(expectedHash) + + " got " + Hex.ToHexString(hash)); + } + + //test 3 + input = Hex.Decode("000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F202122232425262728292A2B2C2D2E2F303132333435363738393A3B3C3D3E3F404142434445464748494A4B4C4D4E4F505152535455565758595A5B5C5D5E5F606162636465666768696A6B6C6D6E6F707172737475767778797A7B7C7D7E7F808182838485868788898A8B8C8D8E8F909192939495969798999A9B9C9D9E9FA0A1A2A3A4A5A6A7A8A9AAABACADAEAFB0B1B2B3B4B5B6B7B8B9BABBBCBDBEBFC0C1C2C3C4C5C6C7C8C9CACBCCCDCECFD0D1D2D3D4D5D6D7D8D9DADBDCDDDEDFE0E1E2E3E4E5E6E7E8E9EAEBECEDEEEFF0F1F2F3F4F5F6F7F8F9FAFBFCFDFEFF"); + expectedHash = Hex.Decode("0DD03D7350C409CB3C29C25893A0724F6B133FA8B9EB90A64D1A8FA93B56556611EB187D715A956B107E3BFC76482298133A9CE8CBC0BD5E1436A5B197284F7E"); + hash = new byte[hashBitSize / 8]; + + dstu7564 = new Dstu7564Digest(hashBitSize); + dstu7564.BlockUpdate(input, 0, input.Length); + dstu7564.DoFinal(hash, 0); + + if (!Arrays.AreEqual(expectedHash, hash)) + { + Fail("Failed hash-512 test 3 - expected " + + Hex.ToHexString(expectedHash) + + " got " + Hex.ToHexString(hash)); + } + + //test 4 + input = Hex.Decode("FF"); + expectedHash = Hex.Decode("871B18CF754B72740307A97B449ABEB32B64444CC0D5A4D65830AE5456837A72D8458F12C8F06C98C616ABE11897F86263B5CB77C420FB375374BEC52B6D0292"); + hash = new byte[hashBitSize / 8]; + + dstu7564 = new Dstu7564Digest(hashBitSize); + dstu7564.BlockUpdate(input, 0, input.Length); + dstu7564.DoFinal(hash, 0); + + if (!Arrays.AreEqual(expectedHash, hash)) + { + Fail("Failed hash-512 test 4 - expected " + + Hex.ToHexString(expectedHash) + + " got " + Hex.ToHexString(hash)); + } + + //test 5 + input = Hex.Decode("000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F202122232425262728292A2B2C2D2E2F303132333435363738393A3B3C3D3E3F404142434445464748494A4B4C4D4E4F505152535455565758595A5B5C5D5E5F606162636465666768696A6B6C6D6E6F707172737475767778797A7B7C7D7E7F808182838485868788898A8B8C8D8E8F909192939495969798999A9B9C9D9E9FA0A1A2A3A4A5A6A7A8A9AAABACADAEAFB0B1B2B3B4B5B6B7B8B9BABBBCBDBEBF"); + expectedHash = Hex.Decode("B189BFE987F682F5F167F0D7FA565330E126B6E592B1C55D44299064EF95B1A57F3C2D0ECF17869D1D199EBBD02E8857FB8ADD67A8C31F56CD82C016CF743121"); + hash = new byte[hashBitSize / 8]; + + dstu7564 = new Dstu7564Digest(hashBitSize); + dstu7564.BlockUpdate(input, 0, input.Length); + dstu7564.DoFinal(hash, 0); + + if (!Arrays.AreEqual(expectedHash, hash)) + { + Fail("Failed hash-512 test 5 - expected " + + Hex.ToHexString(expectedHash) + + " got " + Hex.ToHexString(hash)); + } + + //test 6 + input = Hex.Decode(""); + expectedHash = Hex.Decode("656B2F4CD71462388B64A37043EA55DBE445D452AECD46C3298343314EF04019BCFA3F04265A9857F91BE91FCE197096187CEDA78C9C1C021C294A0689198538"); + hash = new byte[hashBitSize / 8]; + + dstu7564 = new Dstu7564Digest(hashBitSize); + dstu7564.BlockUpdate(input, 0, input.Length); + dstu7564.DoFinal(hash, 0); + + if (!Arrays.AreEqual(expectedHash, hash)) + { + Fail("Failed hash-512 test 6 - expected " + + Hex.ToHexString(expectedHash) + + " got " + Hex.ToHexString(hash)); + } + } + + private void hash384Tests() + { + int hashBitSize = 384; + + //test 1 + byte[] input = Hex.Decode("000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F202122232425262728292A2B2C2D2E2F303132333435363738393A3B3C3D3E3F404142434445464748494A4B4C4D4E4F505152535455565758595A5B5C5D5E"); + byte[] expectedHash = Hex.Decode("D9021692D84E5175735654846BA751E6D0ED0FAC36DFBC0841287DCB0B5584C75016C3DECC2A6E47C50B2F3811E351B8"); + byte[] hash = new byte[hashBitSize / 8]; + + Dstu7564Digest dstu7564 = new Dstu7564Digest(hashBitSize); + dstu7564.BlockUpdate(input, 0, input.Length); + dstu7564.DoFinal(hash, 0); + + if (!Arrays.AreEqual(expectedHash, hash)) + { + Fail("Failed hash-384 test 1 - expected " + + Hex.ToHexString(expectedHash) + + " got " + Hex.ToHexString(hash)); + } + } + + private void hash256Tests() + { + int hashBitSize = 256; + + //test 1 + byte[] input = Hex.Decode("000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F202122232425262728292A2B2C2D2E2F303132333435363738393A3B3C3D3E3F"); + byte[] expectedHash = Hex.Decode("08F4EE6F1BE6903B324C4E27990CB24EF69DD58DBE84813EE0A52F6631239875"); + byte[] hash = new byte[hashBitSize / 8]; + + Dstu7564Digest dstu7564 = new Dstu7564Digest(hashBitSize); + dstu7564.BlockUpdate(input, 0, input.Length); + dstu7564.DoFinal(hash, 0); + + if (!Arrays.AreEqual(expectedHash, hash)) + { + Fail("Failed hash-256 test 1 - expected " + + Hex.ToHexString(expectedHash) + + " got " + Hex.ToHexString(hash)); + } + + //test 2 + input = Hex.Decode("000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F202122232425262728292A2B2C2D2E2F303132333435363738393A3B3C3D3E3F404142434445464748494A4B4C4D4E4F505152535455565758595A5B5C5D5E5F606162636465666768696A6B6C6D6E6F707172737475767778797A7B7C7D7E7F"); + expectedHash = Hex.Decode("0A9474E645A7D25E255E9E89FFF42EC7EB31349007059284F0B182E452BDA882"); + hash = new byte[hashBitSize / 8]; + + dstu7564 = new Dstu7564Digest(hashBitSize); + dstu7564.BlockUpdate(input, 0, input.Length); + dstu7564.DoFinal(hash, 0); + + if (!Arrays.AreEqual(expectedHash, hash)) + { + Fail("Failed hash-256 test 2 - expected " + + Hex.ToHexString(expectedHash) + + " got " + Hex.ToHexString(hash)); + } + + //test 3 + input = Hex.Decode("000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F202122232425262728292A2B2C2D2E2F303132333435363738393A3B3C3D3E3F404142434445464748494A4B4C4D4E4F505152535455565758595A5B5C5D5E5F606162636465666768696A6B6C6D6E6F707172737475767778797A7B7C7D7E7F808182838485868788898A8B8C8D8E8F909192939495969798999A9B9C9D9E9FA0A1A2A3A4A5A6A7A8A9AAABACADAEAFB0B1B2B3B4B5B6B7B8B9BABBBCBDBEBFC0C1C2C3C4C5C6C7C8C9CACBCCCDCECFD0D1D2D3D4D5D6D7D8D9DADBDCDDDEDFE0E1E2E3E4E5E6E7E8E9EAEBECEDEEEFF0F1F2F3F4F5F6F7F8F9FAFBFCFDFEFF"); + expectedHash = Hex.Decode("D305A32B963D149DC765F68594505D4077024F836C1BF03806E1624CE176C08F"); + hash = new byte[hashBitSize / 8]; + + dstu7564 = new Dstu7564Digest(hashBitSize); + dstu7564.BlockUpdate(input, 0, input.Length); + dstu7564.DoFinal(hash, 0); + + if (!Arrays.AreEqual(expectedHash, hash)) + { + Fail("Failed hash-256 test 3 - expected " + + Hex.ToHexString(expectedHash) + + " got " + Hex.ToHexString(hash)); + } + + //test 4 + input = Hex.Decode("FF"); + expectedHash = Hex.Decode("EA7677CA4526555680441C117982EA14059EA6D0D7124D6ECDB3DEEC49E890F4"); + hash = new byte[hashBitSize / 8]; + + dstu7564 = new Dstu7564Digest(hashBitSize); + dstu7564.BlockUpdate(input, 0, input.Length); + dstu7564.DoFinal(hash, 0); + + if (!Arrays.AreEqual(expectedHash, hash)) + { + Fail("Failed hash-256 test 4 - expected " + + Hex.ToHexString(expectedHash) + + " got " + Hex.ToHexString(hash)); + } + + //test 5 + input = Hex.Decode("000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F202122232425262728292A2B2C2D2E2F303132333435363738393A3B3C3D3E3F404142434445464748494A4B4C4D4E4F505152535455565758595A5B5C5D5E"); + expectedHash = Hex.Decode("1075C8B0CB910F116BDA5FA1F19C29CF8ECC75CAFF7208BA2994B68FC56E8D16"); + hash = new byte[hashBitSize / 8]; + + dstu7564 = new Dstu7564Digest(hashBitSize); + dstu7564.BlockUpdate(input, 0, input.Length); + dstu7564.DoFinal(hash, 0); + + if (!Arrays.AreEqual(expectedHash, hash)) + { + Fail("Failed hash-256 test 5 - expected " + + Hex.ToHexString(expectedHash) + + " got " + Hex.ToHexString(hash)); + } + + //test 6 + input = Hex.Decode(""); + expectedHash = Hex.Decode("CD5101D1CCDF0D1D1F4ADA56E888CD724CA1A0838A3521E7131D4FB78D0F5EB6"); + hash = new byte[hashBitSize / 8]; + + dstu7564 = new Dstu7564Digest(hashBitSize); + dstu7564.BlockUpdate(input, 0, input.Length); + dstu7564.DoFinal(hash, 0); + + if (!Arrays.AreEqual(expectedHash, hash)) + { + Fail("Failed hash-256 test 6 - expected " + + Hex.ToHexString(expectedHash) + + " got " + Hex.ToHexString(hash)); + } + } + + protected override IDigest CloneDigest(IDigest digest) + { + return new Dstu7564Digest((Dstu7564Digest)digest); + } + + public static void Main(string[] args) + { + RunTest(new Dstu7564Test()); + } + + [Test] + public void Dstu7564TestFunction() + { + string resultText = Perform().ToString(); + + Assert.AreEqual(Name + ": Okay", resultText); + } + } +} diff --git a/BouncyCastle/crypto/test/src/crypto/test/DSTU7624Test.cs b/BouncyCastle/crypto/test/src/crypto/test/DSTU7624Test.cs new file mode 100644 index 0000000..234474d --- /dev/null +++ b/BouncyCastle/crypto/test/src/crypto/test/DSTU7624Test.cs @@ -0,0 +1,735 @@ +using System; + +using NUnit.Framework; + +using Org.BouncyCastle.Crypto.Digests; +using Org.BouncyCastle.Crypto.Engines; +using Org.BouncyCastle.Crypto.Modes; +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Math; +using Org.BouncyCastle.Security; +using Org.BouncyCastle.Utilities.Encoders; +using Org.BouncyCastle.Utilities.Test; +using Org.BouncyCastle.Crypto.Macs; +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Crypto.Tests +{ + [TestFixture] + public class Dstu7624Test : CipherTest + { + private static SecureRandom Random = new SecureRandom(); + + public Dstu7624Test() + : base(tests, new Dstu7624Engine(256), new KeyParameter(new byte[32])) + { + } + + internal static SimpleTest[] tests = new SimpleTest[] + { + //ECB mode + new BlockCipherVectorTest(0, new Dstu7624Engine(128), new KeyParameter(Hex.Decode("000102030405060708090A0B0C0D0E0F")), "101112131415161718191A1B1C1D1E1F", "81BF1C7D779BAC20E1C9EA39B4D2AD06"), + new BlockCipherVectorTest(1, new Dstu7624Engine(128), new KeyParameter(Hex.Decode("000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F")), "202122232425262728292A2B2C2D2E2F", "58EC3E091000158A1148F7166F334F14"), + new BlockCipherVectorTest(2, new Dstu7624Engine(256), new KeyParameter(Hex.Decode("000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F")), "202122232425262728292A2B2C2D2E2F303132333435363738393A3B3C3D3E3F", "F66E3D570EC92135AEDAE323DCBD2A8CA03963EC206A0D5A88385C24617FD92C"), + new BlockCipherVectorTest(3, new Dstu7624Engine(256), new KeyParameter(Hex.Decode("000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F202122232425262728292A2B2C2D2E2F303132333435363738393A3B3C3D3E3F")), "404142434445464748494A4B4C4D4E4F505152535455565758595A5B5C5D5E5F", "606990E9E6B7B67A4BD6D893D72268B78E02C83C3CD7E102FD2E74A8FDFE5DD9"), + new BlockCipherVectorTest(4, new Dstu7624Engine(512), new KeyParameter(Hex.Decode("000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F202122232425262728292A2B2C2D2E2F303132333435363738393A3B3C3D3E3F")), "404142434445464748494A4B4C4D4E4F505152535455565758595A5B5C5D5E5F606162636465666768696A6B6C6D6E6F707172737475767778797A7B7C7D7E7F", "4A26E31B811C356AA61DD6CA0596231A67BA8354AA47F3A13E1DEEC320EB56B895D0F417175BAB662FD6F134BB15C86CCB906A26856EFEB7C5BC6472940DD9D9"), + + //CBC mode (PADDING NOT SUPPORTED) + new BlockCipherVectorTest(14, new CbcBlockCipher(new Dstu7624Engine(128)), new ParametersWithIV(new KeyParameter(Hex.Decode("000102030405060708090A0B0C0D0E0F")), Hex.Decode("101112131415161718191A1B1C1D1E1F")), "202122232425262728292A2B2C2D2E2F303132333435363738393A3B3C3D3E3F404142434445464748494A4B4C4D4E4F", "A73625D7BE994E85469A9FAABCEDAAB6DBC5F65DD77BB35E06BD7D1D8EAFC8624D6CB31CE189C82B8979F2936DE9BF14"), + new BlockCipherVectorTest(15, new CbcBlockCipher(new Dstu7624Engine(128)), new ParametersWithIV(new KeyParameter(Hex.Decode("0F0E0D0C0B0A09080706050403020100")), Hex.Decode("1F1E1D1C1B1A19181716151413121110")), "88F2F048BA696170E3818915E0DBC0AFA6F141FEBC2F817138DA4AAB2DBF9CE490A488C9C82AC83FB0A6C0EEB64CFD22", "4F4E4D4C4B4A494847464544434241403F3E3D3C3B3A393837363534333231302F2E2D2C2B2A29282726252423222120"), + new BlockCipherVectorTest(16, new CbcBlockCipher(new Dstu7624Engine(128)), new ParametersWithIV(new KeyParameter(Hex.Decode("000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F")), Hex.Decode("202122232425262728292A2B2C2D2E2F")), "303132333435363738393A3B3C3D3E3F404142434445464748494A4B4C4D4E4F505152535455565758595A5B5C5D8000", "13EA15843AD14C50BC03ECEF1F43E398E4217752D3EB046AC393DACC5CA1D6FA0EB9FCEB229362B4F1565527EE3D8433"), + new BlockCipherVectorTest(17, new CbcBlockCipher(new Dstu7624Engine(128)), new ParametersWithIV(new KeyParameter(Hex.Decode("1F1E1D1C1B1A191817161514131211100F0E0D0C0B0A09080706050403020100")), Hex.Decode("2F2E2D2C2B2A29282726252423222120")), "BC8F026FC603ECE05C24FDE87542730999B381870882AC0535D4368C4BABD81B884E96E853EE7E055262D9D204FBE212", "5F5E5D5C5B5A595857565554535251504F4E4D4C4B4A494847464544434241403F3E3D3C3B3A39383736353433323130"), + new BlockCipherVectorTest(18, new CbcBlockCipher(new Dstu7624Engine(256)), new ParametersWithIV(new KeyParameter(Hex.Decode("000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F")), Hex.Decode("202122232425262728292A2B2C2D2E2F303132333435363738393A3B3C3D3E3F")), "404142434445464748494A4B4C4D4E4F505152535455565758595A5B5C5D5E5F606162636465666768696A6B6C6D6E6F707172737475767778797A7B7C7D7E7F808182838485868788898A8B8C8D8E8F909192939495969798999A9B9C9D9E9F", "9CDFDAA75929E7C2A5CFC1BF16B42C5AE3886D0258E8C577DC01DAF62D185FB999B9867736B87110F5F1BC7481912C593F48FF79E2AFDFAB9F704A277EC3E557B1B0A9F223DAE6ED5AF591C4F2D6FB22E48334F5E9B96B1A2EA5200F30A406CE"), + new BlockCipherVectorTest(19, new CbcBlockCipher(new Dstu7624Engine(256)), new ParametersWithIV(new KeyParameter(Hex.Decode("000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F202122232425262728292A2B2C2D2E2F303132333435363738393A3B3C3D3E3F")), Hex.Decode("404142434445464748494A4B4C4D4E4F505152535455565758595A5B5C5D5E5F")), "606162636465666768696A6B6C6D6E6F707172737475767778797A7B7C7D7E7F808182838485868788898A8B8C8D8E8F909192939495969798999A9B9C9D9E9FA0A1A2A3A4A5A6A7A8A9AAABACADAEAFB0B1B2B3B4B5B6B7B8B9BABBBCBDBEBF", "B8A2474578C2FEBF3F94703587BD5FDC3F4A4D2F43575B6144A1E1031FB3D1452B7FD52F5E3411461DAC506869FF8D2FAEF4FEE60379AE00B33AA3EAF911645AF8091CD8A45D141D1FB150E5A01C1F26FF3DBD26AC4225EC7577B2CE57A5B0FF"), + new BlockCipherVectorTest(20, new CbcBlockCipher(new Dstu7624Engine(256)), new ParametersWithIV(new KeyParameter(Hex.Decode("3F3E3D3C3B3A393837363534333231302F2E2D2C2B2A292827262524232221201F1E1D1C1B1A191817161514131211100F0E0D0C0B0A09080706050403020100")), Hex.Decode("5F5E5D5C5B5A595857565554535251504F4E4D4C4B4A49484746454443424140")), "C69A59E10D00F087319B62288A57417C074EAD07C732A87055F0A5AD2BB288105705C45E091A9A6726E9672DC7D8C76FC45C782BCFEF7C39D94DEB84B17035BC8651255A0D34373451B6E1A2C827DB97566C9FF5506C5579F982A0EFC5BA7C28", "BFBEBDBCBBBAB9B8B7B6B5B4B3B2B1B0AFAeadACABAAA9A8A7A6A5A4A3A2A1A09F9E9D9C9B9A999897969594939291908F8E8D8C8B8A898887868584838281807F7E7D7C7B7A797877767574737271706F6E6D6C6B6A69686766656463626160"), + new BlockCipherVectorTest(21, new CbcBlockCipher(new Dstu7624Engine(512)), new ParametersWithIV(new KeyParameter(Hex.Decode("000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F202122232425262728292A2B2C2D2E2F303132333435363738393A3B3C3D3E3F")), Hex.Decode("404142434445464748494A4B4C4D4E4F505152535455565758595A5B5C5D5E5F606162636465666768696A6B6C6D6E6F707172737475767778797A7B7C7D7E7F")), "808182838485868788898A8B8C8D8E8F909192939495969798999A9B9C9D9E9FA0A1A2A3A4A5A6A7A8A9AAABACADAEAFB0B1B2B3B4B5B6B7B8B9BABBBCBDBEBFC0C1C2C3C4C5C6C7C8C9CACBCCCDCECFD0D1D2D3D4D5D6D7D8D9DADBDCDDDEDFE0E1E2E3E4E5E6E7E8E9EAEBECEDEEEFF0F1F2F3F4F5F6F7F8F9FAFBFCFDFEFF", "D4739B829EF901B24C1162AE4FDEF897EDA41FAC7F5770CDC90E1D1CDF124E8D7831E06B4498A4B6F6EC815DF2461DC99BB0449B0F09FCAA2C84090534BCC9329626FD74EF8F0A0BCB5765184629C3CBF53B0FB134F6D0421174B1C4E884D1CD1069A7AD19752DCEBF655842E79B7858BDE01390A760D85E88925BFE38B0FA57"), + new BlockCipherVectorTest(22, new CbcBlockCipher(new Dstu7624Engine(512)), new ParametersWithIV(new KeyParameter(Hex.Decode("3F3E3D3C3B3A393837363534333231302F2E2D2C2B2A292827262524232221201F1E1D1C1B1A191817161514131211100F0E0D0C0B0A09080706050403020100")), Hex.Decode("7F7E7D7C7B7A797877767574737271706F6E6D6C6B6A696867666564636261605F5E5D5C5B5A595857565554535251504F4E4D4C4B4A49484746454443424140")), "5D5B3E3DE5BAA70E0A0684D458856CE759C6018D0B3F087FC1DAC101D380236DD934F2880B02D56A575BCA35A0CE4B0D9BA1F4A39C16CA7D80D59956630F09E54EC91E32B6830FE08323ED393F8028D150BF03CAD0629A5AFEEFF6E44257980618DB2F32B7B2B65B96E8451F1090829D2FFFC615CC1581E9221438DCEAD1FD12", "FFFEFDFCFBFAF9F8F7F6F5F4F3F2F1F0EFEEEDECEBEAE9E8E7E6E5E4E3E2E1E0DFDEDDDCDBDAD9D8D7D6D5D4D3D2D1D0CFCECDCCCBCAC9C8C7C6C5C4C3C2C1C0BFBEBDBCBBBAB9B8B7B6B5B4B3B2B1B0AFAeadACABAAA9A8A7A6A5A4A3A2A1A09F9E9D9C9B9A999897969594939291908F8E8D8C8B8A89888786858483828180"), + + //CFB mode + new BlockCipherVectorTest(14, new CfbBlockCipher(new Dstu7624Engine(128), 128), new ParametersWithIV(new KeyParameter(Hex.Decode("000102030405060708090A0B0C0D0E0F")), Hex.Decode("101112131415161718191A1B1C1D1E1F")), "202122232425262728292A2B2C2D2E2F303132333435363738393A3B3C3D3E3F404142434445464748494A4B4C4D4E4F", "A19E3E5E53BE8A07C9E0C01298FF83291F8EE6212110BE3FA5C72C88A082520B265570FE28680719D9B4465E169BC37A"), + + //OFB mode + new BlockCipherVectorTest(23, new OfbBlockCipher(new Dstu7624Engine(128), 128), new ParametersWithIV(new KeyParameter(Hex.Decode("000102030405060708090A0B0C0D0E0F")), Hex.Decode("101112131415161718191A1B1C1D1E1F")), "202122232425262728292A2B2C2D2E2F303132333435363738393A3B3C3D3E3F404142434445464748494A4B4C4D4E4F", "A19E3E5E53BE8A07C9E0C01298FF832953205C661BD85A51F3A94113BC785CAB634B36E89A8FDD16A12E4467F5CC5A26"), + new BlockCipherVectorTest(24, new OfbBlockCipher(new Dstu7624Engine(128), 128), new ParametersWithIV(new KeyParameter(Hex.Decode("0F0E0D0C0B0A09080706050403020100")), Hex.Decode("1F1E1D1C1B1A19181716151413121110")), "649A1EAAE160AF20F5B3EF2F58D66C1178B82E00D26F30689C8EC22E8E86E9CBB0BD4FFEE39EB13C2311276A906DD636", "4F4E4D4C4B4A494847464544434241403F3E3D3C3B3A393837363534333231302F2E2D2C2B2A29282726252423222120"), + new BlockCipherVectorTest(25, new OfbBlockCipher(new Dstu7624Engine(128), 128), new ParametersWithIV(new KeyParameter(Hex.Decode("1F1E1D1C1B1A191817161514131211100F0E0D0C0B0A09080706050403020100")), Hex.Decode("2F2E2D2C2B2A29282726252423222120")), "1A66CFBFEC00C6D52E39923E858DD64B214AB787798D3D5059A6B498AD66B34EAC48C4074BEC0D98C6", "5F5E5D5C5B5A595857565554535251504F4E4D4C4B4A494847464544434241403F3E3D3C3B3A393837"), + new BlockCipherVectorTest(26, new OfbBlockCipher(new Dstu7624Engine(256), 256), new ParametersWithIV(new KeyParameter(Hex.Decode("000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F")), Hex.Decode("202122232425262728292A2B2C2D2E2F303132333435363738393A3B3C3D3E3F")), "404142434445464748494A4B4C4D4E4F505152535455565758595A5B5C5D5E5F606162636465666768696A6B6C6D6E6F707172737475767778797A7B7C7D7E7F808182838485868788898A8B8C8D8E8F90", "B62F7F144A8C6772E693A96890F064C3F06831BF743F5B0DD061067F3D22877331AA6A99D939F05B7550E9402BD1615CC7B2D4A167E83EC0D8A894F92C72E176F3880B61C311D69CE1210C59184E818E19"), + new BlockCipherVectorTest(27, new OfbBlockCipher(new Dstu7624Engine(256), 256), new ParametersWithIV(new KeyParameter(Hex.Decode("1F1E1D1C1B1A191817161514131211100F0E0D0C0B0A09080706050403020100")), Hex.Decode("3F3E3D3C3B3A393837363534333231302F2E2D2C2B2A29282726252423222120")), "7758A939DD6BD00CAF9153E5A5D5A66129105CA1EA54A97C06FA4A40960A068F55E34F9339A14436216948F92FA2FB5286D3AB1E81543FC0018A0C4E8C493475F4D35DCFB0A7A5377F6669B857CDC978E4", "9F9E9D9C9B9A999897969594939291908F8E8D8C8B8A898887868584838281807F7E7D7C7B7A797877767574737271706F6E6D6C6B6A696867666564636261605F5E5D5C5B5A595857565554535251504F"), + new BlockCipherVectorTest(28, new OfbBlockCipher(new Dstu7624Engine(256), 256), new ParametersWithIV(new KeyParameter(Hex.Decode("000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F202122232425262728292A2B2C2D2E2F303132333435363738393A3B3C3D3E3F")), Hex.Decode("404142434445464748494A4B4C4D4E4F505152535455565758595A5B5C5D5E5F")), "606162636465666768696A6B6C6D6E6F707172737475767778797A7B7C7D7E7F808182838485868788898A8B8C8D8E8F909192939495969798999A9B9C9D9E9FA0A1A2A3A4A5A6A7A8A9AAABACADAEAFB0", "0008F28A82D2D01D23BFB2F8BB4F06D8FE73BA4F48A2977585570ED3818323A668883C9DCFF610CC7E3EA5C025FBBC5CA6520F8F11CA35CEB9B07031E6DBFABE39001E9A3CC0A24BBC565939592B4DEDBD"), + new BlockCipherVectorTest(29, new OfbBlockCipher(new Dstu7624Engine(256), 256), new ParametersWithIV(new KeyParameter(Hex.Decode("3F3E3D3C3B3A393837363534333231302F2E2D2C2B2A292827262524232221201F1E1D1C1B1A191817161514131211100F0E0D0C0B0A09080706050403020100")), Hex.Decode("5F5E5D5C5B5A595857565554535251504F4E4D4C4B4A49484746454443424140")), "98E122708FDABB1B1A5765C396DC79D7573221EC486ADDABD1770B147A6DD00B5FBC4F1EC68C59775B7AAA4D43C4CCE4F396D982DF64D30B03EF6C3B997BA0ED940BBC590BD30D64B5AE207147D71086B5", "BFBEBDBCBBBAB9B8B7B6B5B4B3B2B1B0AFAeadACABAAA9A8A7A6A5A4A3A2A1A09F9E9D9C9B9A999897969594939291908F8E8D8C8B8A898887868584838281807F7E7D7C7B7A797877767574737271706F"), + new BlockCipherVectorTest(30, new OfbBlockCipher(new Dstu7624Engine(512), 512), new ParametersWithIV(new KeyParameter(Hex.Decode("000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F202122232425262728292A2B2C2D2E2F303132333435363738393A3B3C3D3E3F")), Hex.Decode("404142434445464748494A4B4C4D4E4F505152535455565758595A5B5C5D5E5F606162636465666768696A6B6C6D6E6F707172737475767778797A7B7C7D7E7F")), "808182838485868788898A8B8C8D8E8F909192939495969798999A9B9C9D9E9FA0A1A2A3A4A5A6A7A8A9AAABACADAEAFB0B1B2B3B4B5B6B7B8B9BABBBCBDBEBFC0C1C2C3C4C5C6C7C8C9CACBCCCDCECFD0D1D2D3D4D5D6D7D8D9DADBDCDDDEDFE0", "CAA761980599B3ED2E945C41891BAD95F72B11C73ED26536A6847458BC76C827357156B4B3FE0DC1877F5B9F17B866C37B21D89531DB48007D05DEC928B06766C014BB9080385EDF0677E48A0A39B5E7489E28E82FFFD1F84694F17296CB701656"), + new BlockCipherVectorTest(31, new OfbBlockCipher(new Dstu7624Engine(512), 512), new ParametersWithIV(new KeyParameter(Hex.Decode("3F3E3D3C3B3A393837363534333231302F2E2D2C2B2A292827262524232221201F1E1D1C1B1A191817161514131211100F0E0D0C0B0A09080706050403020100")), Hex.Decode("7F7E7D7C7B7A797877767574737271706F6E6D6C6B6A696867666564636261605F5E5D5C5B5A595857565554535251504F4E4D4C4B4A49484746454443424140")), "06C061A4A66DFC0910034B3CFBDC4206D8908241C56BF41C4103CFD6DF322210B87F57EAE9F9AD815E606A7D1E8E6BD7CB1EBFBDBCB085C2D06BF3CC1586CB2EE1D81D38437F425131321647E42F5DE309D33F25B89DE37124683E4B44824FC56D", "EFEEEDECEBEAE9E8E7E6E5E4E3E2E1E0DFDEDDDCDBDAD9D8D7D6D5D4D3D2D1D0CFCECDCCCBCAC9C8C7C6C5C4C3C2C1C0BFBEBDBCBBBAB9B8B7B6B5B4B3B2B1B0AFAeadACABAAA9A8A7A6A5A4A3A2A1A09F9E9D9C9B9A999897969594939291908F"), + + //CTR mode + new BlockCipherVectorTest(24, new KCtrBlockCipher(new Dstu7624Engine(128)), new ParametersWithIV(new KeyParameter(Hex.Decode("000102030405060708090A0B0C0D0E0F")), Hex.Decode("101112131415161718191A1B1C1D1E1F")), "202122232425262728292A2B2C2D2E2F303132333435363738393A3B3C3D3E3F404142434445464748", "A90A6B9780ABDFDFF64D14F5439E88F266DC50EDD341528DD5E698E2F000CE21F872DAF9FE1811844A"), + new BlockCipherVectorTest(25, new KCtrBlockCipher(new Dstu7624Engine(128)), new ParametersWithIV(new KeyParameter(Hex.Decode("000102030405060708090A0B0C0D0E0F")), Hex.Decode("101112131415161718191A1B1C1D1E1F")), "303132333435363738393A3B3C3D3E3F404142434445464748494A4B4C4D4E4F", "B91A7B8790BBCFCFE65D04E5538E98E216AC209DA33122FDA596E8928070BE51"), + new StreamCipherVectorTest(26, new KCtrBlockCipher(new Dstu7624Engine(128)), new ParametersWithIV(new KeyParameter(Hex.Decode("000102030405060708090A0B0C0D0E0F")), Hex.Decode("101112131415161718191A1B1C1D1E1F")), "202122232425262728292A2B2C2D2E2F303132333435363738393A3B3C3D3E3F404142434445464748", "A90A6B9780ABDFDFF64D14F5439E88F266DC50EDD341528DD5E698E2F000CE21F872DAF9FE1811844A"), + new StreamCipherVectorTest(27, new KCtrBlockCipher(new Dstu7624Engine(128)), new ParametersWithIV(new KeyParameter(Hex.Decode("000102030405060708090A0B0C0D0E0F")), Hex.Decode("101112131415161718191A1B1C1D1E1F")), "303132333435363738393A3B3C3D3E3F404142434445464748494A4B4C4D4E4F", "B91A7B8790BBCFCFE65D04E5538E98E216AC209DA33122FDA596E8928070BE51") + }; + + public override ITestResult Perform() + { + ITestResult result = base.Perform(); + + if (!result.IsSuccessful()) + { + return result; + } + + result = MacTests(); //Mac tests + + if (!result.IsSuccessful()) + { + return result; + } + + CCMModeTests(); + + result = KeyWrapTests(); //Key wrapping tests + + if (!result.IsSuccessful()) + { + return result; + } + + return new SimpleTestResult(true, Name + ": Okay"); + } + + private ITestResult MacTests() + { + //MAC mode (PADDING NOT SUPPORTED) + //test 1 + byte[] key = Hex.Decode("000102030405060708090A0B0C0D0E0F"); + + byte[] authtext = Hex.Decode("202122232425262728292A2B2C2D2E2F" + + "303132333435363738393A3B3C3D3E3F" + + "404142434445464748494A4B4C4D4E4F"); + + byte[] expectedMac = Hex.Decode("123B4EAB8E63ECF3E645A99C1115E241"); + + byte[] mac = new byte[128 / 8]; + + Dstu7624Mac dstu7624Mac = new Dstu7624Mac(128, 128); + dstu7624Mac.Init(new KeyParameter(key)); + dstu7624Mac.BlockUpdate(authtext, 0, authtext.Length); + dstu7624Mac.DoFinal(mac, 0); + + if (!Arrays.AreEqual(mac, expectedMac)) + { + return new SimpleTestResult(false, Name + ": Failed MAC test 1 - expected " + + Hex.ToHexString(expectedMac) + + " got " + Hex.ToHexString(mac)); + } + + + //test 2 + key = Hex.Decode("000102030405060708090A0B0C0D0E0F" + + "101112131415161718191A1B1C1D1E1F" + + "202122232425262728292A2B2C2D2E2F" + + "303132333435363738393A3B3C3D3E3F"); + + authtext = Hex.Decode("404142434445464748494A4B4C4D4E4F" + + "505152535455565758595A5B5C5D5E5F" + + "606162636465666768696A6B6C6D6E6F" + + "707172737475767778797A7B7C7D7E7F" + + "808182838485868788898A8B8C8D8E8F" + + "909192939495969798999A9B9C9D9E9F" + + "A0A1A2A3A4A5A6A7A8A9AAABACADAEAF" + + "B0B1B2B3B4B5B6B7B8B9BABBBCBDBEBF"); + + expectedMac = Hex.Decode("7279FA6BC8EF7525B2B35260D00A1743"); + + dstu7624Mac = new Dstu7624Mac(512, 128); + dstu7624Mac.Init(new KeyParameter(key)); + dstu7624Mac.BlockUpdate(authtext, 0, authtext.Length); + dstu7624Mac.DoFinal(mac, 0); + + if (!Arrays.AreEqual(mac, expectedMac)) + { + return new SimpleTestResult(false, Name + ": Failed MAC test 2 - expected " + + Hex.ToHexString(expectedMac) + + " got " + Hex.ToHexString(mac)); + } + + return new SimpleTestResult(true, Name + ": Okay"); + } + + private ITestResult KeyWrapTests() + { + //KW mode (PADDING NOT SUPPORTED) + //test 1 + /* + * Initial implementation had bugs handling offset and length correctly, so for + * this first test case we embed the input inside a larger buffer. + */ + byte[] textA = SecureRandom.GetNextBytes(Random, Random.Next(1, 64)); + byte[] textB = SecureRandom.GetNextBytes(Random, Random.Next(1, 64)); + byte[] textToWrap = Arrays.ConcatenateAll(textA, Hex.Decode("101112131415161718191A1B1C1D1E1F"), textB); + + byte[] key = Hex.Decode("000102030405060708090A0B0C0D0E0F"); + byte[] expectedWrappedText = Hex.Decode("1DC91DC6E52575F6DBED25ADDA95A1B6AD3E15056E489738972C199FB9EE2913"); + byte[] output = new byte[expectedWrappedText.Length]; + + Dstu7624WrapEngine wrapper = new Dstu7624WrapEngine(128); + wrapper.Init(true, new KeyParameter(key)); + output = wrapper.Wrap(textToWrap, textA.Length, textToWrap.Length - textA.Length - textB.Length); + + if (!Arrays.AreEqual(output, expectedWrappedText)) + { + return new SimpleTestResult(false, Name + ": Failed KW (wrapping) test 1 - expected " + + Hex.ToHexString(expectedWrappedText) + + " got " + Hex.ToHexString(output)); + } + + output = Arrays.ConcatenateAll(textB, output, textA); + + wrapper.Init(false, new KeyParameter(key)); + output = wrapper.Unwrap(output, textB.Length, output.Length - textB.Length - textA.Length); + + byte[] expected = Arrays.CopyOfRange(textToWrap, textA.Length, textToWrap.Length - textB.Length); + if (!Arrays.AreEqual(output, expected)) + { + return new SimpleTestResult(false, Name + ": Failed KW (unwrapping) test 1 - expected " + + Hex.ToHexString(expected) + + " got " + Hex.ToHexString(output)); + } + + //test 2 + key = Hex.Decode("000102030405060708090A0B0C0D0E0F"); + textToWrap = Hex.Decode("101112131415161718191A1B1C1D1E1F20219000000000000000800000000000"); + expectedWrappedText = Hex.Decode("0EA983D6CE48484D51462C32CC61672210FCC44196ABE635BAF878FDB83E1A63114128585D49DB355C5819FD38039169"); + + output = new byte[expectedWrappedText.Length]; + + wrapper.Init(true, new KeyParameter(key)); + output = wrapper.Wrap(textToWrap, 0, textToWrap.Length); + + + if (!Arrays.AreEqual(output, expectedWrappedText)) + { + return new SimpleTestResult(false, Name + ": Failed KW (wrapping) test 2 - expected " + + Hex.ToHexString(expectedWrappedText) + + " got " + Hex.ToHexString(output)); + } + + + wrapper.Init(false, new KeyParameter(key)); + output = wrapper.Unwrap(expectedWrappedText, 0, expectedWrappedText.Length); + + if (!Arrays.AreEqual(output, textToWrap)) + { + return new SimpleTestResult(false, Name + ": Failed KW (unwrapping) test 2 - expected " + + Hex.ToHexString(textToWrap) + + " got " + Hex.ToHexString(output)); + } + + + //test 3 + key = Hex.Decode("000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F"); + textToWrap = Hex.Decode("202122232425262728292A2B2C2D2E2F303132333435363738393A3B3C3D3E3F404142434445464748494A4B4C4D4E4F"); + expectedWrappedText = Hex.Decode("2D09A7C18E6A5A0816331EC27CEA596903F77EC8D63F3BDB73299DE7FD9F4558E05992B0B24B39E02EA496368E0841CC1E3FA44556A3048C5A6E9E335717D17D"); + + output = new byte[expectedWrappedText.Length]; + + wrapper = new Dstu7624WrapEngine(128); + wrapper.Init(true, new KeyParameter(key)); + output = wrapper.Wrap(textToWrap, 0, textToWrap.Length); + + + if (!Arrays.AreEqual(output, expectedWrappedText)) + { + return new SimpleTestResult(false, Name + ": Failed KW (wrapping) test 3 - expected " + + Hex.ToHexString(expectedWrappedText) + + " got " + Hex.ToHexString(output)); + } + + wrapper.Init(false, new KeyParameter(key)); + output = wrapper.Unwrap(expectedWrappedText, 0, expectedWrappedText.Length); + + if (!Arrays.AreEqual(output, textToWrap)) + { + return new SimpleTestResult(false, Name + ": Failed KW (unwrapping) test 3 - expected " + + Hex.ToHexString(textToWrap) + + " got " + Hex.ToHexString(output)); + } + + //test 4 + key = Hex.Decode("000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F"); + textToWrap = Hex.Decode("202122232425262728292A2B2C2D2E2F303132333435363738393A3B3C3D3E3F404142434445464E8040000000000020"); + expectedWrappedText = Hex.Decode("37E3EECB91150C6FA04CFD19D6FC57B7168C9FA5C5ED18601C68EE4AFD7301F8C8C51D7A0A5CD34F6FAB0D8AF11845CC1E4B16E0489FDA1D76BA4EFCFD161F76"); + + output = new byte[expectedWrappedText.Length]; + + wrapper = new Dstu7624WrapEngine(128); + wrapper.Init(true, new KeyParameter(key)); + output = wrapper.Wrap(textToWrap, 0, textToWrap.Length); + + + if (!Arrays.AreEqual(output, expectedWrappedText)) + { + return new SimpleTestResult(false, Name + ": Failed KW (wrapping) test 4 - expected " + + Hex.ToHexString(expectedWrappedText) + + " got " + Hex.ToHexString(output)); + } + + wrapper.Init(false, new KeyParameter(key)); + output = wrapper.Unwrap(expectedWrappedText, 0, expectedWrappedText.Length); + + if (!Arrays.AreEqual(output, textToWrap)) + { + return new SimpleTestResult(false, Name + ": Failed KW (unwrapping) test 4 - expected " + + Hex.ToHexString(textToWrap) + + " got " + Hex.ToHexString(output)); + } + + //test 5 + key = Hex.Decode("000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F"); + textToWrap = Hex.Decode("202122232425262728292A2B2C2D2E2F303132333435363738393A3B3C3D3E3F404142434445464748494A4B4C4D4E4F505152535455565758595A5B5C5D5E5F606162636465666768696A6B6C6D6E6F707172737475767778797A7B7C7D7E7F"); + expectedWrappedText = Hex.Decode("BE59D3C3C31B2685A8FA57CD000727F16AF303F0D87BC2D7ABD80DC2796BBC4CDBC4E0408943AF4DAF7DE9084DC81BFEF15FDCDD0DF399983DF69BF730D7AE2A199CA4F878E4723B7171DD4D1E8DF59C0F25FA0C20946BA64F9037D724BB1D50B6C2BD9788B2AF83EF6163087CD2D4488BC19F3A858D813E3A8947A529B6D65D"); + + output = new byte[expectedWrappedText.Length]; + + wrapper = new Dstu7624WrapEngine(256); + wrapper.Init(true, new KeyParameter(key)); + output = wrapper.Wrap(textToWrap, 0, textToWrap.Length); + + + if (!Arrays.AreEqual(output, expectedWrappedText)) + { + return new SimpleTestResult(false, Name + ": Failed KW (wrapping) test 5 - expected " + + Hex.ToHexString(expectedWrappedText) + + " got " + Hex.ToHexString(output)); + } + + wrapper.Init(false, new KeyParameter(key)); + output = wrapper.Unwrap(expectedWrappedText, 0, expectedWrappedText.Length); + + if (!Arrays.AreEqual(output, textToWrap)) + { + return new SimpleTestResult(false, Name + ": Failed KW (unwrapping) test 5 - expected " + + Hex.ToHexString(textToWrap) + + " got " + Hex.ToHexString(output)); + } + + + //test 6 + key = Hex.Decode("000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F"); + textToWrap = Hex.Decode("202122232425262728292A2B2C2D2E2F303132333435363738393A3B3C3D3E3F404142434445464748494A4B4C4D4E4F505152535455565758595A5B5C5D5E5F606162636465666768696A6B6C6D6E6F708802000000000000000000000000000080000000000000000000000000000000000000000000000000000000000000"); + expectedWrappedText = Hex.Decode("CC41D643B08592F509432E3C6F4B73156907A53B9FFB99B157DEC708F917AEA1E41D76475EDFB138A8B0220A152B673E9713DE7A2791E3573FE257C3FF3C0DAA9AD13477E52770F54CBF94D1603AED7CA876FB7913BC359D2B89562299FA92D32A9C17DBE4CC21CCE097089B9FBC245580D6DB59F8731D864B604E654397E5F5E7A79A6A777C75856039C8C86140D0CB359CA3923D902D08269F8D48E7F0F085"); + + output = new byte[expectedWrappedText.Length]; + + wrapper = new Dstu7624WrapEngine(256); + wrapper.Init(true, new KeyParameter(key)); + output = wrapper.Wrap(textToWrap, 0, textToWrap.Length); + + + if (!Arrays.AreEqual(output, expectedWrappedText)) + { + return new SimpleTestResult(false, Name + ": Failed KW (wrapping) test 6 - expected " + + Hex.ToHexString(expectedWrappedText) + + " got " + Hex.ToHexString(output)); + } + + wrapper.Init(false, new KeyParameter(key)); + output = wrapper.Unwrap(expectedWrappedText, 0, expectedWrappedText.Length); + + if (!Arrays.AreEqual(output, textToWrap)) + { + return new SimpleTestResult(false, Name + ": Failed KW (unwrapping) test 6 - expected " + + Hex.ToHexString(textToWrap) + + " got " + Hex.ToHexString(output)); + } + + + //test 7 + key = Hex.Decode("000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F202122232425262728292A2B2C2D2E2F303132333435363738393A3B3C3D3E3F"); + textToWrap = Hex.Decode("404142434445464748494A4B4C4D4E4F505152535455565758595A5B5C5D5E5F606162636465666768696A6B6C6D6E6F707172737475767778797A7B7C7D7E7F808182838485868788898A8B8C8D8E8F909192939495969798999A9B9C9D9E9F"); + expectedWrappedText = Hex.Decode("599217EB2B5270ECEF0BB716D70E251234A2451CE04FCFBAEEA92022C581F19B7C9386BB7476B4AD721D40778F49062C3605F1E8FAC9F3F3AC04E46E89E1844DBF4F18FA9303B288741ABD71013CF208F31B4C76FBE342F89B1ABFD97E830457555651B74D3CCDBF94CC5E5EEC22821536A96F44C8BC4346B0271303E67FD313"); + + output = new byte[expectedWrappedText.Length]; + + wrapper = new Dstu7624WrapEngine(256); + wrapper.Init(true, new KeyParameter(key)); + output = wrapper.Wrap(textToWrap, 0, textToWrap.Length); + + + if (!Arrays.AreEqual(output, expectedWrappedText)) + { + return new SimpleTestResult(false, Name + ": Failed KW (wrapping) test 7 - expected " + + Hex.ToHexString(expectedWrappedText) + + " got " + Hex.ToHexString(output)); + } + + wrapper.Init(false, new KeyParameter(key)); + output = wrapper.Unwrap(expectedWrappedText, 0, expectedWrappedText.Length); + + if (!Arrays.AreEqual(output, textToWrap)) + { + return new SimpleTestResult(false, Name + ": Failed KW (unwrapping) test 7 - expected " + + Hex.ToHexString(textToWrap) + + " got " + Hex.ToHexString(output)); + } + + //test 8 + key = Hex.Decode("000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F202122232425262728292A2B2C2D2E2F303132333435363738393A3B3C3D3E3F"); + textToWrap = Hex.Decode("404142434445464748494A4B4C4D4E4F505152535455565758595A5B5C5D5E5F606162636465666768696A6B6C6D6E6F707172737475767778797A7B7C7D7E7F808182838485868788898A8B8C8D8E8F908802000000000000000000000000000080000000000000000000000000000000000000000000000000000000000000"); + expectedWrappedText = Hex.Decode("B92E58F53C38F7D23F1068FA98B921AC800AD0D1947BD620700D0B6088F87D03D6A516F54198154D0C71169C2BCF520F3DF3DF527FC23E800E9A65158D45BB253A3BD0493E4822DF0DB5A366BC2F47551C5D477DDDE724A0B869F562223CEDB9D4AA36C750FA864ADF938273FBC859F7D4930F6B70C6474304AB670BA32CB0C41023769338A29EA1555F526CDFEB75C72212CD2D29F4BA49C2A62ACBE4F3272B"); + + output = new byte[expectedWrappedText.Length]; + + wrapper = new Dstu7624WrapEngine(256); + wrapper.Init(true, new KeyParameter(key)); + output = wrapper.Wrap(textToWrap, 0, textToWrap.Length); + + + if (!Arrays.AreEqual(output, expectedWrappedText)) + { + return new SimpleTestResult(false, Name + ": Failed KW (wrapping) test 8 - expected " + + Hex.ToHexString(expectedWrappedText) + + " got " + Hex.ToHexString(output)); + } + + wrapper.Init(false, new KeyParameter(key)); + output = wrapper.Unwrap(expectedWrappedText, 0, expectedWrappedText.Length); + + if (!Arrays.AreEqual(output, textToWrap)) + { + return new SimpleTestResult(false, Name + ": Failed KW (unwrapping) test 8 - expected " + + Hex.ToHexString(textToWrap) + + " got " + Hex.ToHexString(output)); + } + + //test 9 + key = Hex.Decode("000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F202122232425262728292A2B2C2D2E2F303132333435363738393A3B3C3D3E3F"); + textToWrap = Hex.Decode("404142434445464748494A4B4C4D4E4F505152535455565758595A5B5C5D5E5F606162636465666768696A6B6C6D6E6F707172737475767778797A7B7C7D7E7F808182838485868788898A8B8C8D8E8F909192939495969798999A9B9C9D9E9FA0A1A2A3A4A5A6A7A8A9AAABACADAEAFB0B1B2B3B4B5B6B7B8B9BABBBCBDBEBF"); + expectedWrappedText = Hex.Decode("9618AE6065069D5054464040F17337D58BEB51AE92391D740BDF7ABB239709C46270832039FF045BCF7878E7DA9C3B4CF89326CA8B4D29DB8680EEAE1B5A18463284713A323A69AEBF33CFC4B11283C7C8041FFC97668EDF727823411C9559816C108C11EC401643765527860D8DA0ED7254792C21DB775DEB1D6971C924CC83EB626173D894694943B1828ABDE8F9495BCEBA9AC3A4A03592C085AA29CC9A0C65786E631A702D589B819C89E79EEFF29C4EC312C8860BB68F02272EA770FB8D"); + + output = new byte[expectedWrappedText.Length]; + + wrapper = new Dstu7624WrapEngine(512); + wrapper.Init(true, new KeyParameter(key)); + output = wrapper.Wrap(textToWrap, 0, textToWrap.Length); + + + if (!Arrays.AreEqual(output, expectedWrappedText)) + { + return new SimpleTestResult(false, Name + ": Failed KW (wrapping) test 9 - expected " + + Hex.ToHexString(expectedWrappedText) + + " got " + Hex.ToHexString(output)); + } + + wrapper.Init(false, new KeyParameter(key)); + output = wrapper.Unwrap(expectedWrappedText, 0, expectedWrappedText.Length); + + if (!Arrays.AreEqual(output, textToWrap)) + { + return new SimpleTestResult(false, Name + ": Failed KW (unwrapping) test 9 - expected " + + Hex.ToHexString(textToWrap) + + " got " + Hex.ToHexString(output)); + } + + + //test 10 + key = Hex.Decode("000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F202122232425262728292A2B2C2D2E2F303132333435363738393A3B3C3D3E3F"); + textToWrap = Hex.Decode("404142434445464748494A4B4C4D4E4F505152535455565758595A5B5C5D5E5F606162636465666768696A6B6C6D6E6F707172737475767778797A7B7C7D7E7F808182838485868788898A8B8C8D8E8F909192939495969798999A9B9C9D9E9FA0A1A2A3A4A5A6A7A8A9AAABACADAEAFB0B1B2B3B4B5B6B7B8B9BABBBCBDBEBFC0C1C2C3C4C5C6C7C8C9CACBCCCDCECFD0D1D2D3D4D5D6D7D8D9DADBDCDDDEDFE00805000000000000000000000000000000000000000000000000000000000000800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000"); + expectedWrappedText = Hex.Decode("3A05BB41513555F171E9234D4834EDAD16C0BAA6136197650138219C5DA406A703C39259E9DCCF6F2691EC691CE7414B5D3CDA006DE6D6C62142FAAA742C5F8AF64FCE95BE7ABA7FE5E06C3C33EE67BAEAB196E3A71132CAE78CD605A22E34D53CD159217E7B692CC79FAC66BF5E08DBC4FE274299474E176DDDF9F462AC63F4872E9B7F16B98AA56707EE5F2F94616CFC6A9548ADBD7DCB73664C331213964593F712ECCDFA7A94E3ABA7995176EA4B7E77096A3A3FF4E4087F430B62D5DEE64999F235FA9EAC79896A1C2258BF1DFC8A6AD0E5E7E06EAEEA0CCC2DEF62F67ECE8D12EFF432277C40A7BF1A23440B3533AF1E2F7AE1BBC076D12628BB4BC7B2E4D4B4353BCEAF9A67276B3FA23CADCA80062B95EBB2D51510AFA16F97249DF98E7B845C9A410F24B3C8B3E838E58D22BC2D14F46190FC1BFDB60C9691404F99"); + + output = new byte[expectedWrappedText.Length]; + + wrapper = new Dstu7624WrapEngine(512); + wrapper.Init(true, new KeyParameter(key)); + output = wrapper.Wrap(textToWrap, 0, textToWrap.Length); + + + if (!Arrays.AreEqual(output, expectedWrappedText)) + { + return new SimpleTestResult(false, Name + ": Failed KW (wrapping) test 10 - expected " + + Hex.ToHexString(expectedWrappedText) + + " got " + Hex.ToHexString(output)); + } + + wrapper.Init(false, new KeyParameter(key)); + output = wrapper.Unwrap(expectedWrappedText, 0, expectedWrappedText.Length); + + if (!Arrays.AreEqual(output, textToWrap)) + { + return new SimpleTestResult(false, Name + ": Failed KW (unwrapping) test 10 - expected " + + Hex.ToHexString(textToWrap) + + " got " + Hex.ToHexString(output)); + } + + return new SimpleTestResult(true, Name + ": Okay"); + } + + private void CCMModeTests() + { + //test 1 + byte[] key = Hex.Decode("000102030405060708090a0b0c0d0e0f"); + byte[] iv = Hex.Decode("101112131415161718191a1b1c1d1e1f"); + byte[] input = Hex.Decode("303132333435363738393a3b3c3d3e3f"); + byte[] authText = Hex.Decode("202122232425262728292a2b2c2d2e2f"); + + byte[] expectedMac = Hex.Decode("26a936173a4dc9160d6e3fda3a974060"); + byte[] expectedEncrypted = Hex.Decode("b91a7b8790bbcfcfe65d04e5538e98e2704454c9dd39adace0b19d03f6aab07e"); + + byte[] mac; + byte[] encrypted = new byte[expectedEncrypted.Length]; + + byte[] decrypted = new byte[encrypted.Length]; + byte[] expectedDecrypted = new byte[input.Length + expectedMac.Length]; + Array.Copy(input, 0, expectedDecrypted, 0, input.Length); + Array.Copy(expectedMac, 0, expectedDecrypted, input.Length, expectedMac.Length); + int len; + + + AeadParameters param = new AeadParameters(new KeyParameter(key), 128, iv); + + KCcmBlockCipher dstu7624ccm = new KCcmBlockCipher(new Dstu7624Engine(128)); + + dstu7624ccm.Init(true, param); + + dstu7624ccm.ProcessAadBytes(authText, 0, authText.Length); + + len = dstu7624ccm.ProcessBytes(input, 0, input.Length, encrypted, 0); + + + dstu7624ccm.DoFinal(encrypted, len); + + mac = dstu7624ccm.GetMac(); + + if (!Arrays.AreEqual(mac, expectedMac)) + { + Fail("Failed CCM mac test 1 - expected " + + Hex.ToHexString(expectedMac) + + " got " + Hex.ToHexString(mac)); + } + + if (!Arrays.AreEqual(encrypted, expectedEncrypted)) + { + Fail("Failed CCM encrypt test 1 - expected " + + Hex.ToHexString(expectedEncrypted) + + " got " + Hex.ToHexString(encrypted)); + } + + dstu7624ccm.Init(false, param); + + dstu7624ccm.ProcessAadBytes(authText, 0, authText.Length); + + len = dstu7624ccm.ProcessBytes(expectedEncrypted, 0, expectedEncrypted.Length, decrypted, 0); + + dstu7624ccm.DoFinal(decrypted, len); + + if (!Arrays.AreEqual(decrypted, expectedDecrypted)) + { + Fail("Failed CCM decrypt/verify mac test 1 - expected " + + Hex.ToHexString(expectedDecrypted) + + " got " + Hex.ToHexString(decrypted)); + } + + //test 2 + key = Hex.Decode("000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F"); + iv = Hex.Decode("202122232425262728292A2B2C2D2E2F303132333435363738393A3B3C3D3E3F"); + input = Hex.Decode("606162636465666768696A6B6C6D6E6F707172737475767778797A7B7C7D7E7F808182838485868788898A8B8C8D8E8F909192939495969798999A9B9C9D9E9F"); + authText = Hex.Decode("404142434445464748494A4B4C4D4E4F505152535455565758595A5B5C5D5E5F"); + + expectedMac = Hex.Decode("9AB831B4B0BF0FDBC36E4B4FD58F0F00"); + expectedEncrypted = Hex.Decode("7EC15C54BB553CB1437BE0EFDD2E810F6058497EBCE4408A08A73FADF3F459D56B0103702D13AB73ACD2EB33A8B5E9CFFF5EB21865A6B499C10C810C4BAEBE809C48AD90A9E12A68380EF1C1B7C83EE1"); + + mac = new byte[expectedMac.Length]; + encrypted = new byte[expectedEncrypted.Length]; + + decrypted = new byte[encrypted.Length]; + expectedDecrypted = new byte[input.Length + expectedMac.Length]; + Array.Copy(input, 0, expectedDecrypted, 0, input.Length); + Array.Copy(expectedMac, 0, expectedDecrypted, input.Length, expectedMac.Length); + + + param = new AeadParameters(new KeyParameter(key), 128, iv); + + dstu7624ccm = new KCcmBlockCipher(new Dstu7624Engine(256)); + + dstu7624ccm.Init(true, param); + + dstu7624ccm.ProcessAadBytes(authText, 0, authText.Length); + + len = dstu7624ccm.ProcessBytes(input, 0, input.Length, encrypted, 0); + + dstu7624ccm.DoFinal(encrypted, len); + + mac = dstu7624ccm.GetMac(); + + if (!Arrays.AreEqual(mac, expectedMac)) + { + Fail("Failed CCM mac test 2 - expected " + + Hex.ToHexString(expectedMac) + + " got " + Hex.ToHexString(mac)); + } + + if (!Arrays.AreEqual(encrypted, expectedEncrypted)) + { + Fail("Failed CCM encrypt test 2 - expected " + + Hex.ToHexString(expectedEncrypted) + + " got " + Hex.ToHexString(encrypted)); + } + + dstu7624ccm.Init(false, param); + + dstu7624ccm.ProcessAadBytes(authText, 0, authText.Length); + + len = dstu7624ccm.ProcessBytes(expectedEncrypted, 0, expectedEncrypted.Length, decrypted, 0); + + dstu7624ccm.DoFinal(decrypted, len); + + if (!Arrays.AreEqual(decrypted, expectedDecrypted)) + { + Fail("Failed CCM decrypt/verify mac test 2 - expected " + + Hex.ToHexString(expectedDecrypted) + + " got " + Hex.ToHexString(decrypted)); + } + + //test 3 + key = Hex.Decode("000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F202122232425262728292A2B2C2D2E2F303132333435363738393A3B3C3D3E3F"); + iv = Hex.Decode("404142434445464748494A4B4C4D4E4F505152535455565758595A5B5C5D5E5F"); + input = Hex.Decode("808182838485868788898A8B8C8D8E8F909192939495969798999A9B9C9D9E9FA0A1A2A3A4A5A6A7A8A9AAABACADAEAFB0B1B2B3B4B5B6B7B8B9BABBBCBDBEBF"); + authText = Hex.Decode("606162636465666768696A6B6C6D6E6F707172737475767778797A7B7C7D7E7F"); + + expectedMac = Hex.Decode("924FA0326824355595C98028E84D86279CEA9135FAB35F22054AE3203E68AE46"); + expectedEncrypted = Hex.Decode("3EBDB4584B5169A26FBEBA0295B4223F58D5D8A031F2950A1D7764FAB97BA058E9E2DAB90FF0C519AA88435155A71B7B53BB100F5D20AFFAC0552F5F2813DEE8DD3653491737B9615A5CCD83DB32F1E479BF227C050325BBBFF60BCA9558D7FE"); + + mac = new byte[expectedMac.Length]; + encrypted = new byte[expectedEncrypted.Length]; + + decrypted = new byte[encrypted.Length]; + expectedDecrypted = new byte[input.Length + expectedMac.Length]; + Array.Copy(input, 0, expectedDecrypted, 0, input.Length); + Array.Copy(expectedMac, 0, expectedDecrypted, input.Length, expectedMac.Length); + + + param = new AeadParameters(new KeyParameter(key), 256, iv); + + dstu7624ccm = new KCcmBlockCipher(new Dstu7624Engine(256), 6); + + dstu7624ccm.Init(true, param); + + dstu7624ccm.ProcessAadBytes(authText, 0, authText.Length); + + len = dstu7624ccm.ProcessBytes(input, 0, input.Length, encrypted, 0); + + dstu7624ccm.DoFinal(encrypted, len); + + mac = dstu7624ccm.GetMac(); + + if (!Arrays.AreEqual(mac, expectedMac)) + { + Fail("Failed CCM mac test 3 - expected " + + Hex.ToHexString(expectedMac) + + " got " + Hex.ToHexString(mac)); + } + + if (!Arrays.AreEqual(encrypted, expectedEncrypted)) + { + Fail("Failed CCM encrypt test 3 - expected " + + Hex.ToHexString(expectedEncrypted) + + " got " + Hex.ToHexString(encrypted)); + } + + dstu7624ccm.Init(false, param); + + dstu7624ccm.ProcessAadBytes(authText, 0, authText.Length); + + len = dstu7624ccm.ProcessBytes(expectedEncrypted, 0, expectedEncrypted.Length, decrypted, 0); + + dstu7624ccm.DoFinal(decrypted, len); + + if (!Arrays.AreEqual(decrypted, expectedDecrypted)) + { + Fail("Failed CCM decrypt/verify mac test 3 - expected " + + Hex.ToHexString(expectedDecrypted) + + " got " + Hex.ToHexString(decrypted)); + } + + //test 4 + key = Hex.Decode("000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F202122232425262728292A2B2C2D2E2F303132333435363738393A3B3C3D3E3F"); + iv = Hex.Decode("404142434445464748494A4B4C4D4E4F505152535455565758595A5B5C5D5E5F606162636465666768696A6B6C6D6E6F707172737475767778797A7B7C7D7E7F"); + input = Hex.Decode("C0C1C2C3C4C5C6C7C8C9CACBCCCDCECFD0D1D2D3D4D5D6D7D8D9DADBDCDDDEDFE0E1E2E3E4E5E6E7E8E9EAEBECEDEEEFF0F1F2F3F4F5F6F7F8F9FAFBFCFDFEFF"); + authText = Hex.Decode("808182838485868788898A8B8C8D8E8F909192939495969798999A9B9C9D9E9FA0A1A2A3A4A5A6A7A8A9AAABACADAEAFB0B1B2B3B4B5B6B7B8B9BABBBCBDBEBF"); + + expectedMac = Hex.Decode("D4155EC3D888C8D32FE184AC260FD60F567705E1DF362A6F1F9C287156AA96D91BC4C56F9709E72F3D79CF0A9AC8BDC2BA836BE50E823AB50FB1B39080390923"); + expectedEncrypted = Hex.Decode("220642D7277D104788CF97B10210984F506435512F7BF153C5CDABFECC10AFB4A2E2FC51F616AF80FFDD0607FAD4F542B8EF0667717CE3EAAA8FBC303CE76C99BD8F80CE149143C04FC2490272A31B029DDADA82F055FE4ABEF452A7D438B21E59C1D8B3DD4606BAD66A6F36300EF3CE0E5F3BB59F11416E80B7FC5A8E8B057A"); + + mac = new byte[expectedMac.Length]; + encrypted = new byte[expectedEncrypted.Length]; + + decrypted = new byte[encrypted.Length]; + expectedDecrypted = new byte[input.Length + expectedMac.Length]; + Array.Copy(input, 0, expectedDecrypted, 0, input.Length); + Array.Copy(expectedMac, 0, expectedDecrypted, input.Length, expectedMac.Length); + + + param = new AeadParameters(new KeyParameter(key), 512, iv); + + dstu7624ccm = new KCcmBlockCipher(new Dstu7624Engine(512), 8); + + dstu7624ccm.Init(true, param); + + dstu7624ccm.ProcessAadBytes(authText, 0, authText.Length); + + len = dstu7624ccm.ProcessBytes(input, 0, input.Length, encrypted, 0); + + dstu7624ccm.DoFinal(encrypted, len); + + mac = dstu7624ccm.GetMac(); + + if (!Arrays.AreEqual(mac, expectedMac)) + { + Fail("Failed CCM mac test 4 - expected " + + Hex.ToHexString(expectedMac) + + " got " + Hex.ToHexString(mac)); + } + + if (!Arrays.AreEqual(encrypted, expectedEncrypted)) + { + Fail("Failed CCM encrypt test 4 - expected " + + Hex.ToHexString(expectedEncrypted) + + " got " + Hex.ToHexString(encrypted)); + } + + dstu7624ccm.Init(false, param); + + dstu7624ccm.ProcessAadBytes(authText, 0, authText.Length); + + len = dstu7624ccm.ProcessBytes(expectedEncrypted, 0, expectedEncrypted.Length, decrypted, 0); + + dstu7624ccm.DoFinal(decrypted, len); + + if (!Arrays.AreEqual(decrypted, expectedDecrypted)) + { + Fail("Failed CCM decrypt/verify mac test 4 - expected " + + Hex.ToHexString(expectedDecrypted) + + " got " + Hex.ToHexString(decrypted)); + } + } + + [Test] + public void Dstu7624TestFunction() + { + string resultText = Perform().ToString(); + + Assert.AreEqual(Name + ": Okay", resultText); + } + + public override string Name + { + get { return "Dstu7624"; } + } + + public static void Main( + string[] args) + { + Dstu7624Test test = new Dstu7624Test(); + ITestResult result = test.Perform(); + + Console.WriteLine(result.ToString()); + } + } +} diff --git a/BouncyCastle/crypto/test/src/crypto/test/DeterministicDSATest.cs b/BouncyCastle/crypto/test/src/crypto/test/DeterministicDSATest.cs new file mode 100644 index 0000000..914a770 --- /dev/null +++ b/BouncyCastle/crypto/test/src/crypto/test/DeterministicDSATest.cs @@ -0,0 +1,511 @@ +using System; + +using NUnit.Framework; + +using Org.BouncyCastle.Asn1.Nist; +using Org.BouncyCastle.Asn1.X9; +using Org.BouncyCastle.Crypto.Digests; +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Crypto.Signers; +using Org.BouncyCastle.Math; +using Org.BouncyCastle.Utilities.Encoders; +using Org.BouncyCastle.Utilities.Test; + +namespace Org.BouncyCastle.Crypto.Tests +{ + /// + /// Tests are taken from RFC 6979 - "Deterministic Usage of the Digital Signature Algorithm (DSA) and Elliptic Curve Digital Signature Algorithm (ECDSA)". + /// + [TestFixture] + public class DeterministicDsaTest + : SimpleTest + { + public static readonly byte[] SAMPLE = Hex.Decode("73616d706c65"); // "sample" + public static readonly byte[] TEST = Hex.Decode("74657374"); // "test" + + // test vectors from appendix in RFC 6979 + private void TestHMacDeterministic() + { + DsaParameters dsaParameters = new DsaParameters( + new BigInteger("86F5CA03DCFEB225063FF830A0C769B9DD9D6153AD91D7CE27F787C43278B447" + + "E6533B86B18BED6E8A48B784A14C252C5BE0DBF60B86D6385BD2F12FB763ED88" + + "73ABFD3F5BA2E0A8C0A59082EAC056935E529DAF7C610467899C77ADEDFC846C" + + "881870B7B19B2B58F9BE0521A17002E3BDD6B86685EE90B3D9A1B02B782B1779", 16), + new BigInteger("996F967F6C8E388D9E28D01E205FBA957A5698B1", 16), + new BigInteger("07B0F92546150B62514BB771E2A0C0CE387F03BDA6C56B505209FF25FD3C133D" + + "89BBCD97E904E09114D9A7DEFDEADFC9078EA544D2E401AEECC40BB9FBBF78FD" + + "87995A10A1C27CB7789B594BA7EFB5C4326A9FE59A070E136DB77175464ADCA4" + + "17BE5DCE2F40D10A46A3A3943F26AB7FD9C0398FF8C76EE0A56826A8A88F1DBD", 16)); + + DsaPrivateKeyParameters privKey = new DsaPrivateKeyParameters(new BigInteger("411602CB19A6CCC34494D79D98EF1E7ED5AF25F7", 16), dsaParameters); + + DoTestHMacDetDsaSample(new Sha1Digest(), privKey, new BigInteger("2E1A0C2562B2912CAAF89186FB0F42001585DA55", 16), new BigInteger("29EFB6B0AFF2D7A68EB70CA313022253B9A88DF5", 16)); + DoTestHMacDetDsaSample(new Sha224Digest(), privKey, new BigInteger("4BC3B686AEA70145856814A6F1BB53346F02101E", 16), new BigInteger("410697B92295D994D21EDD2F4ADA85566F6F94C1", 16)); + DoTestHMacDetDsaSample(new Sha256Digest(), privKey, new BigInteger("81F2F5850BE5BC123C43F71A3033E9384611C545", 16), new BigInteger("4CDD914B65EB6C66A8AAAD27299BEE6B035F5E89", 16)); + DoTestHMacDetDsaSample(new Sha384Digest(), privKey, new BigInteger("07F2108557EE0E3921BC1774F1CA9B410B4CE65A", 16), new BigInteger("54DF70456C86FAC10FAB47C1949AB83F2C6F7595", 16)); + DoTestHMacDetDsaSample(new Sha512Digest(), privKey, new BigInteger("16C3491F9B8C3FBBDD5E7A7B667057F0D8EE8E1B", 16), new BigInteger("02C36A127A7B89EDBB72E4FFBC71DABC7D4FC69C", 16)); + + DoTestHMacDetDsaTest(new Sha1Digest(), privKey, new BigInteger("42AB2052FD43E123F0607F115052A67DCD9C5C77", 16), new BigInteger("183916B0230D45B9931491D4C6B0BD2FB4AAF088", 16)); + DoTestHMacDetDsaTest(new Sha224Digest(), privKey, new BigInteger("6868E9964E36C1689F6037F91F28D5F2C30610F2", 16), new BigInteger("49CEC3ACDC83018C5BD2674ECAAD35B8CD22940F", 16)); + DoTestHMacDetDsaTest(new Sha256Digest(), privKey, new BigInteger("22518C127299B0F6FDC9872B282B9E70D0790812", 16), new BigInteger("6837EC18F150D55DE95B5E29BE7AF5D01E4FE160", 16)); + DoTestHMacDetDsaTest(new Sha384Digest(), privKey, new BigInteger("854CF929B58D73C3CBFDC421E8D5430CD6DB5E66", 16), new BigInteger("91D0E0F53E22F898D158380676A871A157CDA622", 16)); + DoTestHMacDetDsaTest(new Sha512Digest(), privKey, new BigInteger("8EA47E475BA8AC6F2D821DA3BD212D11A3DEB9A0", 16), new BigInteger("7C670C7AD72B6C050C109E1790008097125433E8", 16)); + + dsaParameters = new DsaParameters( + new BigInteger("9DB6FB5951B66BB6FE1E140F1D2CE5502374161FD6538DF1648218642F0B5C48" + + "C8F7A41AADFA187324B87674FA1822B00F1ECF8136943D7C55757264E5A1A44F" + + "FE012E9936E00C1D3E9310B01C7D179805D3058B2A9F4BB6F9716BFE6117C6B5" + + "B3CC4D9BE341104AD4A80AD6C94E005F4B993E14F091EB51743BF33050C38DE2" + + "35567E1B34C3D6A5C0CEAA1A0F368213C3D19843D0B4B09DCB9FC72D39C8DE41" + + "F1BF14D4BB4563CA28371621CAD3324B6A2D392145BEBFAC748805236F5CA2FE" + + "92B871CD8F9C36D3292B5509CA8CAA77A2ADFC7BFD77DDA6F71125A7456FEA15" + + "3E433256A2261C6A06ED3693797E7995FAD5AABBCFBE3EDA2741E375404AE25B", 16), + new BigInteger("F2C3119374CE76C9356990B465374A17F23F9ED35089BD969F61C6DDE9998C1F", 16), + new BigInteger("5C7FF6B06F8F143FE8288433493E4769C4D988ACE5BE25A0E24809670716C613" + + "D7B0CEE6932F8FAA7C44D2CB24523DA53FBE4F6EC3595892D1AA58C4328A06C4" + + "6A15662E7EAA703A1DECF8BBB2D05DBE2EB956C142A338661D10461C0D135472" + + "085057F3494309FFA73C611F78B32ADBB5740C361C9F35BE90997DB2014E2EF5" + + "AA61782F52ABEB8BD6432C4DD097BC5423B285DAFB60DC364E8161F4A2A35ACA" + + "3A10B1C4D203CC76A470A33AFDCBDD92959859ABD8B56E1725252D78EAC66E71" + + "BA9AE3F1DD2487199874393CD4D832186800654760E1E34C09E4D155179F9EC0" + + "DC4473F996BDCE6EED1CABED8B6F116F7AD9CF505DF0F998E34AB27514B0FFE7", 16)); + + privKey = new DsaPrivateKeyParameters(new BigInteger("69C7548C21D0DFEA6B9A51C9EAD4E27C33D3B3F180316E5BCAB92C933F0E4DBC", 16), dsaParameters); + + DoTestHMacDetDsaSample(new Sha1Digest(), privKey, new BigInteger("3A1B2DBD7489D6ED7E608FD036C83AF396E290DBD602408E8677DAABD6E7445A", 16), new BigInteger("D26FCBA19FA3E3058FFC02CA1596CDBB6E0D20CB37B06054F7E36DED0CDBBCCF", 16)); + DoTestHMacDetDsaSample(new Sha224Digest(), privKey, new BigInteger("DC9F4DEADA8D8FF588E98FED0AB690FFCE858DC8C79376450EB6B76C24537E2C", 16), new BigInteger("A65A9C3BC7BABE286B195D5DA68616DA8D47FA0097F36DD19F517327DC848CEC", 16)); + DoTestHMacDetDsaSample(new Sha256Digest(), privKey, new BigInteger("EACE8BDBBE353C432A795D9EC556C6D021F7A03F42C36E9BC87E4AC7932CC809", 16), new BigInteger("7081E175455F9247B812B74583E9E94F9EA79BD640DC962533B0680793A38D53", 16)); + DoTestHMacDetDsaSample(new Sha384Digest(), privKey, new BigInteger("B2DA945E91858834FD9BF616EBAC151EDBC4B45D27D0DD4A7F6A22739F45C00B", 16), new BigInteger("19048B63D9FD6BCA1D9BAE3664E1BCB97F7276C306130969F63F38FA8319021B", 16)); + DoTestHMacDetDsaSample(new Sha512Digest(), privKey, new BigInteger("2016ED092DC5FB669B8EFB3D1F31A91EECB199879BE0CF78F02BA062CB4C942E", 16), new BigInteger("D0C76F84B5F091E141572A639A4FB8C230807EEA7D55C8A154A224400AFF2351", 16)); + + DoTestHMacDetDsaTest(new Sha1Digest(), privKey, new BigInteger("C18270A93CFC6063F57A4DFA86024F700D980E4CF4E2CB65A504397273D98EA0", 16), new BigInteger("414F22E5F31A8B6D33295C7539C1C1BA3A6160D7D68D50AC0D3A5BEAC2884FAA", 16)); + DoTestHMacDetDsaTest(new Sha224Digest(), privKey, new BigInteger("272ABA31572F6CC55E30BF616B7A265312018DD325BE031BE0CC82AA17870EA3", 16), new BigInteger("E9CC286A52CCE201586722D36D1E917EB96A4EBDB47932F9576AC645B3A60806", 16)); + DoTestHMacDetDsaTest(new Sha256Digest(), privKey, new BigInteger("8190012A1969F9957D56FCCAAD223186F423398D58EF5B3CEFD5A4146A4476F0", 16), new BigInteger("7452A53F7075D417B4B013B278D1BB8BBD21863F5E7B1CEE679CF2188E1AB19E", 16)); + DoTestHMacDetDsaTest(new Sha384Digest(), privKey, new BigInteger("239E66DDBE8F8C230A3D071D601B6FFBDFB5901F94D444C6AF56F732BEB954BE", 16), new BigInteger("6BD737513D5E72FE85D1C750E0F73921FE299B945AAD1C802F15C26A43D34961", 16)); + DoTestHMacDetDsaTest(new Sha512Digest(), privKey, new BigInteger("89EC4BB1400ECCFF8E7D9AA515CD1DE7803F2DAFF09693EE7FD1353E90A68307", 16), new BigInteger("C9F0BDABCC0D880BB137A994CC7F3980CE91CC10FAF529FC46565B15CEA854E1", 16)); + } + + private void DoTestHMacDetDsaSample(IDigest digest, DsaPrivateKeyParameters privKey, BigInteger r, BigInteger s) + { + DoTestHMacDetECDsa(new DsaSigner(new HMacDsaKCalculator(digest)), digest, SAMPLE, privKey, r, s); + } + + private void DoTestHMacDetDsaTest(IDigest digest, DsaPrivateKeyParameters privKey, BigInteger r, BigInteger s) + { + DoTestHMacDetECDsa(new DsaSigner(new HMacDsaKCalculator(digest)), digest, TEST, privKey, r, s); + } + + // test vectors from appendix in RFC 6979 + private void TestECHMacDeterministic() + { + X9ECParameters x9ECParameters = NistNamedCurves.GetByName("P-192"); + ECDomainParameters ecDomainParameters = new ECDomainParameters(x9ECParameters.Curve, x9ECParameters.G, x9ECParameters.N); + + ECPrivateKeyParameters privKey = new ECPrivateKeyParameters(new BigInteger("6FAB034934E4C0FC9AE67F5B5659A9D7D1FEFD187EE09FD4", 16), ecDomainParameters); + + DoTestHMacDetECDsaSample(new Sha1Digest(), privKey, new BigInteger("98C6BD12B23EAF5E2A2045132086BE3EB8EBD62ABF6698FF", 16), new BigInteger("57A22B07DEA9530F8DE9471B1DC6624472E8E2844BC25B64", 16)); + DoTestHMacDetECDsaSample(new Sha224Digest(), privKey, new BigInteger("A1F00DAD97AEEC91C95585F36200C65F3C01812AA60378F5", 16), new BigInteger("E07EC1304C7C6C9DEBBE980B9692668F81D4DE7922A0F97A", 16)); + DoTestHMacDetECDsaSample(new Sha256Digest(), privKey, new BigInteger("4B0B8CE98A92866A2820E20AA6B75B56382E0F9BFD5ECB55", 16), new BigInteger("CCDB006926EA9565CBADC840829D8C384E06DE1F1E381B85", 16)); + DoTestHMacDetECDsaSample(new Sha384Digest(), privKey, new BigInteger("DA63BF0B9ABCF948FBB1E9167F136145F7A20426DCC287D5", 16), new BigInteger("C3AA2C960972BD7A2003A57E1C4C77F0578F8AE95E31EC5E", 16)); + DoTestHMacDetECDsaSample(new Sha512Digest(), privKey, new BigInteger("4D60C5AB1996BD848343B31C00850205E2EA6922DAC2E4B8", 16), new BigInteger("3F6E837448F027A1BF4B34E796E32A811CBB4050908D8F67", 16)); + + DoTestHMacDetECDsaTest(new Sha1Digest(), privKey, new BigInteger("0F2141A0EBBC44D2E1AF90A50EBCFCE5E197B3B7D4DE036D", 16), new BigInteger("EB18BC9E1F3D7387500CB99CF5F7C157070A8961E38700B7", 16)); + DoTestHMacDetECDsaTest(new Sha224Digest(), privKey, new BigInteger("6945A1C1D1B2206B8145548F633BB61CEF04891BAF26ED34", 16), new BigInteger("B7FB7FDFC339C0B9BD61A9F5A8EAF9BE58FC5CBA2CB15293", 16)); + DoTestHMacDetECDsaTest(new Sha256Digest(), privKey, new BigInteger("3A718BD8B4926C3B52EE6BBE67EF79B18CB6EB62B1AD97AE", 16), new BigInteger("5662E6848A4A19B1F1AE2F72ACD4B8BBE50F1EAC65D9124F", 16)); + DoTestHMacDetECDsaTest(new Sha384Digest(), privKey, new BigInteger("B234B60B4DB75A733E19280A7A6034BD6B1EE88AF5332367", 16), new BigInteger("7994090B2D59BB782BE57E74A44C9A1C700413F8ABEFE77A", 16)); + DoTestHMacDetECDsaTest(new Sha512Digest(), privKey, new BigInteger("FE4F4AE86A58B6507946715934FE2D8FF9D95B6B098FE739", 16), new BigInteger("74CF5605C98FBA0E1EF34D4B5A1577A7DCF59457CAE52290", 16)); + + x9ECParameters = NistNamedCurves.GetByName("P-224"); + ecDomainParameters = new ECDomainParameters(x9ECParameters.Curve, x9ECParameters.G, x9ECParameters.N); + + privKey = new ECPrivateKeyParameters(new BigInteger("F220266E1105BFE3083E03EC7A3A654651F45E37167E88600BF257C1", 16), ecDomainParameters); + + DoTestHMacDetECDsaSample(new Sha1Digest(), privKey, new BigInteger("22226F9D40A96E19C4A301CE5B74B115303C0F3A4FD30FC257FB57AC", 16), new BigInteger("66D1CDD83E3AF75605DD6E2FEFF196D30AA7ED7A2EDF7AF475403D69", 16)); + DoTestHMacDetECDsaSample(new Sha224Digest(), privKey, new BigInteger("1CDFE6662DDE1E4A1EC4CDEDF6A1F5A2FB7FBD9145C12113E6ABFD3E", 16), new BigInteger("A6694FD7718A21053F225D3F46197CA699D45006C06F871808F43EBC", 16)); + DoTestHMacDetECDsaSample(new Sha256Digest(), privKey, new BigInteger("61AA3DA010E8E8406C656BC477A7A7189895E7E840CDFE8FF42307BA", 16), new BigInteger("BC814050DAB5D23770879494F9E0A680DC1AF7161991BDE692B10101", 16)); + DoTestHMacDetECDsaSample(new Sha384Digest(), privKey, new BigInteger("0B115E5E36F0F9EC81F1325A5952878D745E19D7BB3EABFABA77E953", 16), new BigInteger("830F34CCDFE826CCFDC81EB4129772E20E122348A2BBD889A1B1AF1D", 16)); + DoTestHMacDetECDsaSample(new Sha512Digest(), privKey, new BigInteger("074BD1D979D5F32BF958DDC61E4FB4872ADCAFEB2256497CDAC30397", 16), new BigInteger("A4CECA196C3D5A1FF31027B33185DC8EE43F288B21AB342E5D8EB084", 16)); + + DoTestHMacDetECDsaTest(new Sha1Digest(), privKey, new BigInteger("DEAA646EC2AF2EA8AD53ED66B2E2DDAA49A12EFD8356561451F3E21C", 16), new BigInteger("95987796F6CF2062AB8135271DE56AE55366C045F6D9593F53787BD2", 16)); + DoTestHMacDetECDsaTest(new Sha224Digest(), privKey, new BigInteger("C441CE8E261DED634E4CF84910E4C5D1D22C5CF3B732BB204DBEF019", 16), new BigInteger("902F42847A63BDC5F6046ADA114953120F99442D76510150F372A3F4", 16)); + DoTestHMacDetECDsaTest(new Sha256Digest(), privKey, new BigInteger("AD04DDE87B84747A243A631EA47A1BA6D1FAA059149AD2440DE6FBA6", 16), new BigInteger("178D49B1AE90E3D8B629BE3DB5683915F4E8C99FDF6E666CF37ADCFD", 16)); + DoTestHMacDetECDsaTest(new Sha384Digest(), privKey, new BigInteger("389B92682E399B26518A95506B52C03BC9379A9DADF3391A21FB0EA4", 16), new BigInteger("414A718ED3249FF6DBC5B50C27F71F01F070944DA22AB1F78F559AAB", 16)); + DoTestHMacDetECDsaTest(new Sha512Digest(), privKey, new BigInteger("049F050477C5ADD858CAC56208394B5A55BAEBBE887FDF765047C17C", 16), new BigInteger("077EB13E7005929CEFA3CD0403C7CDCC077ADF4E44F3C41B2F60ECFF", 16)); + + x9ECParameters = NistNamedCurves.GetByName("P-256"); + ecDomainParameters = new ECDomainParameters(x9ECParameters.Curve, x9ECParameters.G, x9ECParameters.N); + + privKey = new ECPrivateKeyParameters(new BigInteger("C9AFA9D845BA75166B5C215767B1D6934E50C3DB36E89B127B8A622B120F6721", 16), ecDomainParameters); + + DoTestHMacDetECDsaSample(new Sha1Digest(), privKey, new BigInteger("61340C88C3AAEBEB4F6D667F672CA9759A6CCAA9FA8811313039EE4A35471D32", 16), new BigInteger("6D7F147DAC089441BB2E2FE8F7A3FA264B9C475098FDCF6E00D7C996E1B8B7EB", 16)); + DoTestHMacDetECDsaSample(new Sha224Digest(), privKey, new BigInteger("53B2FFF5D1752B2C689DF257C04C40A587FABABB3F6FC2702F1343AF7CA9AA3F", 16), new BigInteger("B9AFB64FDC03DC1A131C7D2386D11E349F070AA432A4ACC918BEA988BF75C74C", 16)); + DoTestHMacDetECDsaSample(new Sha256Digest(), privKey, new BigInteger("EFD48B2AACB6A8FD1140DD9CD45E81D69D2C877B56AAF991C34D0EA84EAF3716", 16), new BigInteger("F7CB1C942D657C41D436C7A1B6E29F65F3E900DBB9AFF4064DC4AB2F843ACDA8", 16)); + DoTestHMacDetECDsaSample(new Sha384Digest(), privKey, new BigInteger("0EAFEA039B20E9B42309FB1D89E213057CBF973DC0CFC8F129EDDDC800EF7719", 16), new BigInteger("4861F0491E6998B9455193E34E7B0D284DDD7149A74B95B9261F13ABDE940954", 16)); + DoTestHMacDetECDsaSample(new Sha512Digest(), privKey, new BigInteger("8496A60B5E9B47C825488827E0495B0E3FA109EC4568FD3F8D1097678EB97F00", 16), new BigInteger("2362AB1ADBE2B8ADF9CB9EDAB740EA6049C028114F2460F96554F61FAE3302FE", 16)); + + DoTestHMacDetECDsaTest(new Sha1Digest(), privKey, new BigInteger("0CBCC86FD6ABD1D99E703E1EC50069EE5C0B4BA4B9AC60E409E8EC5910D81A89", 16), new BigInteger("01B9D7B73DFAA60D5651EC4591A0136F87653E0FD780C3B1BC872FFDEAE479B1", 16)); + DoTestHMacDetECDsaTest(new Sha224Digest(), privKey, new BigInteger("C37EDB6F0AE79D47C3C27E962FA269BB4F441770357E114EE511F662EC34A692", 16), new BigInteger("C820053A05791E521FCAAD6042D40AEA1D6B1A540138558F47D0719800E18F2D", 16)); + DoTestHMacDetECDsaTest(new Sha256Digest(), privKey, new BigInteger("F1ABB023518351CD71D881567B1EA663ED3EFCF6C5132B354F28D3B0B7D38367", 16), new BigInteger("019F4113742A2B14BD25926B49C649155F267E60D3814B4C0CC84250E46F0083", 16)); + DoTestHMacDetECDsaTest(new Sha384Digest(), privKey, new BigInteger("83910E8B48BB0C74244EBDF7F07A1C5413D61472BD941EF3920E623FBCCEBEB6", 16), new BigInteger("8DDBEC54CF8CD5874883841D712142A56A8D0F218F5003CB0296B6B509619F2C", 16)); + DoTestHMacDetECDsaTest(new Sha512Digest(), privKey, new BigInteger("461D93F31B6540894788FD206C07CFA0CC35F46FA3C91816FFF1040AD1581A04", 16), new BigInteger("39AF9F15DE0DB8D97E72719C74820D304CE5226E32DEDAE67519E840D1194E55", 16)); + + x9ECParameters = NistNamedCurves.GetByName("P-384"); + ecDomainParameters = new ECDomainParameters(x9ECParameters.Curve, x9ECParameters.G, x9ECParameters.N); + + privKey = new ECPrivateKeyParameters(new BigInteger("6B9D3DAD2E1B8C1C05B19875B6659F4DE23C3B667BF297BA9AA47740787137D8" + + "96D5724E4C70A825F872C9EA60D2EDF5", 16), ecDomainParameters); + + DoTestHMacDetECDsaSample(new Sha1Digest(), privKey, new BigInteger("EC748D839243D6FBEF4FC5C4859A7DFFD7F3ABDDF72014540C16D73309834FA3" + + "7B9BA002899F6FDA3A4A9386790D4EB2", 16), + new BigInteger("A3BCFA947BEEF4732BF247AC17F71676CB31A847B9FF0CBC9C9ED4C1A5B3FACF" + + "26F49CA031D4857570CCB5CA4424A443", 16)); + DoTestHMacDetECDsaSample(new Sha224Digest(), privKey, new BigInteger("42356E76B55A6D9B4631C865445DBE54E056D3B3431766D0509244793C3F9366" + + "450F76EE3DE43F5A125333A6BE060122", 16), + new BigInteger("9DA0C81787064021E78DF658F2FBB0B042BF304665DB721F077A4298B095E483" + + "4C082C03D83028EFBF93A3C23940CA8D", 16)); + DoTestHMacDetECDsaSample(new Sha256Digest(), privKey, new BigInteger("21B13D1E013C7FA1392D03C5F99AF8B30C570C6F98D4EA8E354B63A21D3DAA33" + + "BDE1E888E63355D92FA2B3C36D8FB2CD", 16), + new BigInteger("F3AA443FB107745BF4BD77CB3891674632068A10CA67E3D45DB2266FA7D1FEEB" + + "EFDC63ECCD1AC42EC0CB8668A4FA0AB0", 16)); + DoTestHMacDetECDsaSample(new Sha384Digest(), privKey, new BigInteger("94EDBB92A5ECB8AAD4736E56C691916B3F88140666CE9FA73D64C4EA95AD133C" + + "81A648152E44ACF96E36DD1E80FABE46", 16), + new BigInteger("99EF4AEB15F178CEA1FE40DB2603138F130E740A19624526203B6351D0A3A94F" + + "A329C145786E679E7B82C71A38628AC8", 16)); + DoTestHMacDetECDsaSample(new Sha512Digest(), privKey, new BigInteger("ED0959D5880AB2D869AE7F6C2915C6D60F96507F9CB3E047C0046861DA4A799C" + + "FE30F35CC900056D7C99CD7882433709", 16), + new BigInteger("512C8CCEEE3890A84058CE1E22DBC2198F42323CE8ACA9135329F03C068E5112" + + "DC7CC3EF3446DEFCEB01A45C2667FDD5", 16)); + + DoTestHMacDetECDsaTest(new Sha1Digest(), privKey, new BigInteger("4BC35D3A50EF4E30576F58CD96CE6BF638025EE624004A1F7789A8B8E43D0678" + + "ACD9D29876DAF46638645F7F404B11C7", 16), + new BigInteger("D5A6326C494ED3FF614703878961C0FDE7B2C278F9A65FD8C4B7186201A29916" + + "95BA1C84541327E966FA7B50F7382282", 16)); + DoTestHMacDetECDsaTest(new Sha224Digest(), privKey, new BigInteger("E8C9D0B6EA72A0E7837FEA1D14A1A9557F29FAA45D3E7EE888FC5BF954B5E624" + + "64A9A817C47FF78B8C11066B24080E72", 16), + new BigInteger("07041D4A7A0379AC7232FF72E6F77B6DDB8F09B16CCE0EC3286B2BD43FA8C614" + + "1C53EA5ABEF0D8231077A04540A96B66", 16)); + DoTestHMacDetECDsaTest(new Sha256Digest(), privKey, new BigInteger("6D6DEFAC9AB64DABAFE36C6BF510352A4CC27001263638E5B16D9BB51D451559" + + "F918EEDAF2293BE5B475CC8F0188636B", 16), + new BigInteger("2D46F3BECBCC523D5F1A1256BF0C9B024D879BA9E838144C8BA6BAEB4B53B47D" + + "51AB373F9845C0514EEFB14024787265", 16)); + DoTestHMacDetECDsaTest(new Sha384Digest(), privKey, new BigInteger("8203B63D3C853E8D77227FB377BCF7B7B772E97892A80F36AB775D509D7A5FEB" + + "0542A7F0812998DA8F1DD3CA3CF023DB", 16), + new BigInteger("DDD0760448D42D8A43AF45AF836FCE4DE8BE06B485E9B61B827C2F13173923E0" + + "6A739F040649A667BF3B828246BAA5A5", 16)); + DoTestHMacDetECDsaTest(new Sha512Digest(), privKey, new BigInteger("A0D5D090C9980FAF3C2CE57B7AE951D31977DD11C775D314AF55F76C676447D0" + + "6FB6495CD21B4B6E340FC236584FB277", 16), + new BigInteger("976984E59B4C77B0E8E4460DCA3D9F20E07B9BB1F63BEEFAF576F6B2E8B22463" + + "4A2092CD3792E0159AD9CEE37659C736", 16)); + + x9ECParameters = NistNamedCurves.GetByName("P-521"); + ecDomainParameters = new ECDomainParameters(x9ECParameters.Curve, x9ECParameters.G, x9ECParameters.N); + + privKey = new ECPrivateKeyParameters(new BigInteger("0FAD06DAA62BA3B25D2FB40133DA757205DE67F5BB0018FEE8C86E1B68C7E75C" + + "AA896EB32F1F47C70855836A6D16FCC1466F6D8FBEC67DB89EC0C08B0E996B83" + + "538", 16), ecDomainParameters); + + DoTestHMacDetECDsaSample(new Sha1Digest(), privKey, new BigInteger("0343B6EC45728975EA5CBA6659BBB6062A5FF89EEA58BE3C80B619F322C87910" + + "FE092F7D45BB0F8EEE01ED3F20BABEC079D202AE677B243AB40B5431D497C55D" + + "75D", 16), + new BigInteger("0E7B0E675A9B24413D448B8CC119D2BF7B2D2DF032741C096634D6D65D0DBE3D" + + "5694625FB9E8104D3B842C1B0E2D0B98BEA19341E8676AEF66AE4EBA3D5475D5" + + "D16", 16)); + DoTestHMacDetECDsaSample(new Sha224Digest(), privKey, new BigInteger("1776331CFCDF927D666E032E00CF776187BC9FDD8E69D0DABB4109FFE1B5E2A3" + + "0715F4CC923A4A5E94D2503E9ACFED92857B7F31D7152E0F8C00C15FF3D87E2E" + + "D2E", 16), + new BigInteger("050CB5265417FE2320BBB5A122B8E1A32BD699089851128E360E620A30C7E17B" + + "A41A666AF126CE100E5799B153B60528D5300D08489CA9178FB610A2006C254B" + + "41F", 16)); + DoTestHMacDetECDsaSample(new Sha256Digest(), privKey, new BigInteger("1511BB4D675114FE266FC4372B87682BAECC01D3CC62CF2303C92B3526012659" + + "D16876E25C7C1E57648F23B73564D67F61C6F14D527D54972810421E7D87589E" + + "1A7", 16), + new BigInteger("04A171143A83163D6DF460AAF61522695F207A58B95C0644D87E52AA1A347916" + + "E4F7A72930B1BC06DBE22CE3F58264AFD23704CBB63B29B931F7DE6C9D949A7E" + + "CFC", 16)); + DoTestHMacDetECDsaSample(new Sha384Digest(), privKey, new BigInteger("1EA842A0E17D2DE4F92C15315C63DDF72685C18195C2BB95E572B9C5136CA4B4" + + "B576AD712A52BE9730627D16054BA40CC0B8D3FF035B12AE75168397F5D50C67" + + "451", 16), + new BigInteger("1F21A3CEE066E1961025FB048BD5FE2B7924D0CD797BABE0A83B66F1E35EEAF5" + + "FDE143FA85DC394A7DEE766523393784484BDF3E00114A1C857CDE1AA203DB65" + + "D61", 16)); + DoTestHMacDetECDsaSample(new Sha512Digest(), privKey, new BigInteger("0C328FAFCBD79DD77850370C46325D987CB525569FB63C5D3BC53950E6D4C5F1" + + "74E25A1EE9017B5D450606ADD152B534931D7D4E8455CC91F9B15BF05EC36E37" + + "7FA", 16), + new BigInteger("0617CCE7CF5064806C467F678D3B4080D6F1CC50AF26CA209417308281B68AF2" + + "82623EAA63E5B5C0723D8B8C37FF0777B1A20F8CCB1DCCC43997F1EE0E44DA4A" + + "67A", 16)); + + DoTestHMacDetECDsaTest(new Sha1Digest(), privKey, new BigInteger("13BAD9F29ABE20DE37EBEB823C252CA0F63361284015A3BF430A46AAA80B87B0" + + "693F0694BD88AFE4E661FC33B094CD3B7963BED5A727ED8BD6A3A202ABE009D0" + + "367", 16), + new BigInteger("1E9BB81FF7944CA409AD138DBBEE228E1AFCC0C890FC78EC8604639CB0DBDC90" + + "F717A99EAD9D272855D00162EE9527567DD6A92CBD629805C0445282BBC91679" + + "7FF", 16)); + DoTestHMacDetECDsaTest(new Sha224Digest(), privKey, new BigInteger("1C7ED902E123E6815546065A2C4AF977B22AA8EADDB68B2C1110E7EA44D42086" + + "BFE4A34B67DDC0E17E96536E358219B23A706C6A6E16BA77B65E1C595D43CAE1" + + "7FB", 16), + new BigInteger("177336676304FCB343CE028B38E7B4FBA76C1C1B277DA18CAD2A8478B2A9A9F5" + + "BEC0F3BA04F35DB3E4263569EC6AADE8C92746E4C82F8299AE1B8F1739F8FD51" + + "9A4", 16)); + DoTestHMacDetECDsaTest(new Sha256Digest(), privKey, new BigInteger("00E871C4A14F993C6C7369501900C4BC1E9C7B0B4BA44E04868B30B41D807104" + + "2EB28C4C250411D0CE08CD197E4188EA4876F279F90B3D8D74A3C76E6F1E4656" + + "AA8", 16), + new BigInteger("0CD52DBAA33B063C3A6CD8058A1FB0A46A4754B034FCC644766CA14DA8CA5CA9" + + "FDE00E88C1AD60CCBA759025299079D7A427EC3CC5B619BFBC828E7769BCD694" + + "E86", 16)); + DoTestHMacDetECDsaTest(new Sha384Digest(), privKey, new BigInteger("14BEE21A18B6D8B3C93FAB08D43E739707953244FDBE924FA926D76669E7AC8C" + + "89DF62ED8975C2D8397A65A49DCC09F6B0AC62272741924D479354D74FF60755" + + "78C", 16), + new BigInteger("133330865C067A0EAF72362A65E2D7BC4E461E8C8995C3B6226A21BD1AA78F0E" + + "D94FE536A0DCA35534F0CD1510C41525D163FE9D74D134881E35141ED5E8E95B" + + "979", 16)); + DoTestHMacDetECDsaTest(new Sha512Digest(), privKey, new BigInteger("13E99020ABF5CEE7525D16B69B229652AB6BDF2AFFCAEF38773B4B7D08725F10" + + "CDB93482FDCC54EDCEE91ECA4166B2A7C6265EF0CE2BD7051B7CEF945BABD47E" + + "E6D", 16), + new BigInteger("1FBD0013C674AA79CB39849527916CE301C66EA7CE8B80682786AD60F98F7E78" + + "A19CA69EFF5C57400E3B3A0AD66CE0978214D13BAF4E9AC60752F7B155E2DE4D" + + "CE3", 16)); + + x9ECParameters = NistNamedCurves.GetByName("B-163"); + ecDomainParameters = new ECDomainParameters(x9ECParameters.Curve, x9ECParameters.G, x9ECParameters.N); + + privKey = new ECPrivateKeyParameters(new BigInteger("35318FC447D48D7E6BC93B48617DDDEDF26AA658F", 16), ecDomainParameters); + + DoTestHMacDetECDsaSample(new Sha1Digest(), privKey, new BigInteger("153FEBD179A69B6122DEBF5BC61EB947B24C93526", 16), new BigInteger("37AC9C670F8CF18045049BAE7DD35553545C19E49", 16)); + DoTestHMacDetECDsaSample(new Sha224Digest(), privKey, new BigInteger("0A379E69C44F9C16EA3215EA39EB1A9B5D58CC955", 16), new BigInteger("04BAFF5308DA2A7FE2C1742769265AD3ED1D24E74", 16)); + DoTestHMacDetECDsaSample(new Sha256Digest(), privKey, new BigInteger("134E00F78FC1CB9501675D91C401DE20DDF228CDC", 16), new BigInteger("373273AEC6C36CB7BAFBB1903A5F5EA6A1D50B624", 16)); + DoTestHMacDetECDsaSample(new Sha384Digest(), privKey, new BigInteger("29430B935AF8E77519B0CA4F6903B0B82E6A21A66", 16), new BigInteger("1EA1415306E9353FA5AA54BC7C2581DFBB888440D", 16)); + DoTestHMacDetECDsaSample(new Sha512Digest(), privKey, new BigInteger("0B2F177A99F9DF2D51CCAF55F015F326E4B65E7A0", 16), new BigInteger("0DF1FB4487E9B120C5E970EFE48F55E406306C3A1", 16)); + + DoTestHMacDetECDsaTest(new Sha1Digest(), privKey, new BigInteger("256D4079C6C7169B8BC92529D701776A269D56308", 16), new BigInteger("341D3FFEC9F1EB6A6ACBE88E3C86A1C8FDEB8B8E1", 16)); + DoTestHMacDetECDsaTest(new Sha224Digest(), privKey, new BigInteger("28ECC6F1272CE80EA59DCF32F7AC2D861BA803393", 16), new BigInteger("0AD4AE2C06E60183C1567D2B82F19421FE3053CE2", 16)); + DoTestHMacDetECDsaTest(new Sha256Digest(), privKey, new BigInteger("227DF377B3FA50F90C1CB3CDCBBDBA552C1D35104", 16), new BigInteger("1F7BEAD92583FE920D353F368C1960D0E88B46A56", 16)); + DoTestHMacDetECDsaTest(new Sha384Digest(), privKey, new BigInteger("11811DAFEEA441845B6118A0DFEE8A0061231337D", 16), new BigInteger("36258301865EE48C5C6F91D63F62695002AB55B57", 16)); + DoTestHMacDetECDsaTest(new Sha512Digest(), privKey, new BigInteger("3B6BB95CA823BE2ED8E3972FF516EB8972D765571", 16), new BigInteger("13DC6F420628969DF900C3FCC48220B38BE24A541", 16)); + + x9ECParameters = NistNamedCurves.GetByName("B-233"); + ecDomainParameters = new ECDomainParameters(x9ECParameters.Curve, x9ECParameters.G, x9ECParameters.N); + + privKey = new ECPrivateKeyParameters(new BigInteger("07ADC13DD5BF34D1DDEEB50B2CE23B5F5E6D18067306D60C5F6FF11E5D3", 16), ecDomainParameters); + + DoTestHMacDetECDsaSample(new Sha1Digest(), privKey, new BigInteger("015CC6FD78BB06E0878E71465515EA5A21A2C18E6FC77B4B158DBEB3944", 16), new BigInteger("0822A4A6C2EB2DF213A5E90BF40377956365EE8C4B4A5A4E2EB9270CB6A", 16)); + DoTestHMacDetECDsaSample(new Sha224Digest(), privKey, new BigInteger("05D9920B53471148E10502AB49AB7A3F11084820A074FD89883CF51BC1A", 16), new BigInteger("04D3938900C0A9AAA7080D1DFEB56CFB0FADABE4214536C7ED5117ED13A", 16)); + DoTestHMacDetECDsaSample(new Sha256Digest(), privKey, new BigInteger("0A797F3B8AEFCE7456202DF1E46CCC291EA5A49DA3D4BDDA9A4B62D5E0D", 16), new BigInteger("01F6F81DA55C22DA4152134C661588F4BD6F82FDBAF0C5877096B070DC2", 16)); + DoTestHMacDetECDsaSample(new Sha384Digest(), privKey, new BigInteger("015E85A8D46225DD7E314A1C4289731FC14DECE949349FE535D11043B85", 16), new BigInteger("03F189D37F50493EFD5111A129443A662AB3C6B289129AD8C0CAC85119C", 16)); + DoTestHMacDetECDsaSample(new Sha512Digest(), privKey, new BigInteger("03B62A4BF783919098B1E42F496E65F7621F01D1D466C46940F0F132A95", 16), new BigInteger("0F4BE031C6E5239E7DAA014CBBF1ED19425E49DAEB426EC9DF4C28A2E30", 16)); + + DoTestHMacDetECDsaTest(new Sha1Digest(), privKey, new BigInteger("02F1FEDC57BE203E4C8C6B8C1CEB35E13C1FCD956AB41E3BD4C8A6EFB1F", 16), new BigInteger("05738EC8A8EDEA8E435EE7266AD3EDE1EEFC2CEBE2BE1D614008D5D2951", 16)); + DoTestHMacDetECDsaTest(new Sha224Digest(), privKey, new BigInteger("0CCE175124D3586BA7486F7146894C65C2A4A5A1904658E5C7F9DF5FA5D", 16), new BigInteger("08804B456D847ACE5CA86D97BF79FD6335E5B17F6C0D964B5D0036C867E", 16)); + DoTestHMacDetECDsaTest(new Sha256Digest(), privKey, new BigInteger("035C3D6DFEEA1CFB29B93BE3FDB91A7B130951770C2690C16833A159677", 16), new BigInteger("0600F7301D12AB376B56D4459774159ADB51F97E282FF384406AFD53A02", 16)); + DoTestHMacDetECDsaTest(new Sha384Digest(), privKey, new BigInteger("061602FC8068BFD5FB86027B97455D200EC603057446CCE4D76DB8EF42C", 16), new BigInteger("03396DD0D59C067BB999B422D9883736CF9311DFD6951F91033BD03CA8D", 16)); + DoTestHMacDetECDsaTest(new Sha512Digest(), privKey, new BigInteger("07E12CB60FDD614958E8E34B3C12DDFF35D85A9C5800E31EA2CC2EF63B1", 16), new BigInteger("0E8970FD99D836F3CC1C807A2C58760DE6EDAA23705A82B9CB1CE93FECC", 16)); + + x9ECParameters = NistNamedCurves.GetByName("B-283"); + ecDomainParameters = new ECDomainParameters(x9ECParameters.Curve, x9ECParameters.G, x9ECParameters.N); + + privKey = new ECPrivateKeyParameters(new BigInteger("14510D4BC44F2D26F4553942C98073C1BD35545CEABB5CC138853C5158D2729EA408836", 16), ecDomainParameters); + + DoTestHMacDetECDsaSample(new Sha1Digest(), privKey, new BigInteger("201E18D48C6DB3D5D097C4DCE1E25587E1501FC3CF47BDB5B4289D79E273D6A9" + + "ACB8285", 16), new BigInteger("151AE05712B024CE617358260774C8CA8B0E7A7E72EF8229BF2ACE7609560CB3" + + "0322C4F", 16)); + DoTestHMacDetECDsaSample(new Sha224Digest(), privKey, new BigInteger("143E878DDFD4DF40D97B8CD638B3C4706501C2201CF7108F2FB91478C11D6947" + + "3246925", 16), new BigInteger("0CBF1B9717FEEA3AABB09D9654110144267098E0E1E8D0289A6211BE0EEDFDD8" + + "6A3DB79", 16)); + DoTestHMacDetECDsaSample(new Sha256Digest(), privKey, new BigInteger("29FD82497FB3E5CEF65579272138DE59E2B666B8689466572B3B69A172CEE83B" + + "E145659", 16), new BigInteger("05A89D9166B40795AF0FE5958201B9C0523E500013CA12B4840EA2BC53F25F9B" + + "3CE87C0", 16)); + DoTestHMacDetECDsaSample(new Sha384Digest(), privKey, new BigInteger("2F00689C1BFCD2A8C7A41E0DE55AE182E6463A152828EF89FE3525139B660329" + + "4E69353", 16), new BigInteger("1744514FE0A37447250C8A329EAAADA81572226CABA16F39270EE5DD03F27B1F" + + "665EB5D", 16)); + DoTestHMacDetECDsaSample(new Sha512Digest(), privKey, new BigInteger("0DA43A9ADFAA6AD767998A054C6A8F1CF77A562924628D73C62761847AD8286E" + + "0D91B47", 16), new BigInteger("1D118733AE2C88357827CAFC6F68ABC25C80C640532925E95CFE66D40F8792F3" + + "AC44C42", 16)); + + DoTestHMacDetECDsaTest(new Sha1Digest(), privKey, new BigInteger("05A408133919F2CDCDBE5E4C14FBC706C1F71BADAFEF41F5DE4EC27272FC1CA9" + + "366FBB2", 16), new BigInteger("012966272872C097FEA7BCE64FAB1A81982A773E26F6E4EF7C99969846E67CA9" + + "CBE1692", 16)); + DoTestHMacDetECDsaTest(new Sha224Digest(), privKey, new BigInteger("08F3824E40C16FF1DDA8DC992776D26F4A5981AB5092956C4FDBB4F1AE0A711E" + + "EAA10E5", 16), new BigInteger("0A64B91EFADB213E11483FB61C73E3EF63D3B44EEFC56EA401B99DCC60CC28E9" + + "9F0F1FA", 16)); + DoTestHMacDetECDsaTest(new Sha256Digest(), privKey, new BigInteger("3597B406F5329D11A79E887847E5EC60861CCBB19EC61F252DB7BD549C699951" + + "C182796", 16), new BigInteger("0A6A100B997BC622D91701D9F5C6F6D3815517E577622DA69D3A0E8917C1CBE6" + + "3ACD345", 16)); + DoTestHMacDetECDsaTest(new Sha384Digest(), privKey, new BigInteger("1BB490926E5A1FDC7C5AA86D0835F9B994EDA315CA408002AF54A298728D422E" + + "BF59E4C", 16), new BigInteger("36C682CFC9E2C89A782BFD3A191609D1F0C1910D5FD6981442070393159D65FB" + + "CC0A8BA", 16)); + DoTestHMacDetECDsaTest(new Sha512Digest(), privKey, new BigInteger("19944AA68F9778C2E3D6E240947613E6DA60EFCE9B9B2C063FF5466D72745B5A" + + "0B25BA2", 16), new BigInteger("03F1567B3C5B02DF15C874F0EE22850824693D5ADC4663BAA19E384E550B1DD4" + + "1F31EE6", 16)); + + x9ECParameters = NistNamedCurves.GetByName("B-409"); + ecDomainParameters = new ECDomainParameters(x9ECParameters.Curve, x9ECParameters.G, x9ECParameters.N); + + privKey = new ECPrivateKeyParameters(new BigInteger("0494994CC325B08E7B4CE038BD9436F90B5E59A2C13C3140CD3AE07C04A01FC489F572CE0569A6DB7B8060393DE76330C624177", 16), ecDomainParameters); + + DoTestHMacDetECDsaSample(new Sha1Digest(), privKey, new BigInteger("0D8783188E1A540E2022D389E1D35B32F56F8C2BB5636B8ABF7718806B27A713" + + "EBAE37F63ECD4B61445CEF5801B62594EF3E982", 16), new BigInteger("03A6B4A80E204DB0DE12E7415C13C9EC091C52935658316B4A0C591216A38791" + + "54BEB1712560E346E7EF26517707435B55C3141", 16)); + DoTestHMacDetECDsaSample(new Sha224Digest(), privKey, new BigInteger("0EE4F39ACC2E03CE96C3D9FCBAFA5C22C89053662F8D4117752A9B10F09ADFDA" + + "59DB061E247FE5321D6B170EE758ACE1BE4D157", 16), new BigInteger("00A2B83265B456A430A8BF27DCC8A9488B3F126C10F0D6D64BF7B8A218FAAF20" + + "E51A295A3AE78F205E5A4A6AE224C3639F1BB34", 16)); + DoTestHMacDetECDsaSample(new Sha256Digest(), privKey, new BigInteger("02D8B1B31E33E74D7EB46C30FDE5AD2CA04EC8FE08FBA0E73BA5E568953AC5EA" + + "307C072942238DFC07F4A4D7C7C6A9F86436D17", 16), new BigInteger("079F7D471E6CB73234AF7F7C381D2CE15DE35BAF8BB68393B73235B3A26EC2DF" + + "4842CE433FB492D6E074E604D4870024D42189A", 16)); + DoTestHMacDetECDsaSample(new Sha384Digest(), privKey, new BigInteger("07BC638B7E7CE6FEE5E9C64A0F966D722D01BB4BC3F3A35F30D4CDDA92DFC5F7" + + "F0B4BBFE8065D9AD452FD77A1914BE3A2440C18", 16), new BigInteger("06D904429850521B28A32CBF55C7C0FDF35DC4E0BDA2552C7BF68A171E970E67" + + "88ACC0B9521EACB4796E057C70DD9B95FED5BFB", 16)); + DoTestHMacDetECDsaSample(new Sha512Digest(), privKey, new BigInteger("05D178DECAFD2D02A3DA0D8BA1C4C1D95EE083C760DF782193A9F7B4A8BE6FC5" + + "C21FD60613BCA65C063A61226E050A680B3ABD4", 16), new BigInteger("013B7581E98F6A63FBBCB3E49BCDA60F816DB230B888506D105DC229600497C3" + + "B46588C784BE3AA9343BEF82F7C9C80AEB63C3B", 16)); + + DoTestHMacDetECDsaTest(new Sha1Digest(), privKey, new BigInteger("049F54E7C10D2732B4638473053782C6919218BBEFCEC8B51640FC193E832291" + + "F05FA12371E9B448417B3290193F08EE9319195", 16), new BigInteger("0499E267DEC84E02F6F108B10E82172C414F15B1B7364BE8BFD66ADC0C5DE23F" + + "EE3DF0D811134C25AFE0E05A6672F98889F28F1", 16)); + DoTestHMacDetECDsaTest(new Sha224Digest(), privKey, new BigInteger("0B1527FFAA7DD7C7E46B628587A5BEC0539A2D04D3CF27C54841C2544E1BBDB4" + + "2FDBDAAF8671A4CA86DFD619B1E3732D7BB56F2", 16), new BigInteger("0442C68C044868DF4832C807F1EDDEBF7F5052A64B826FD03451440794063F52" + + "B022DF304F47403D4069234CA9EB4C964B37C02", 16)); + DoTestHMacDetECDsaTest(new Sha256Digest(), privKey, new BigInteger("0BB27755B991D6D31757BCBF68CB01225A38E1CFA20F775E861055DD108ED7EA" + + "455E4B96B2F6F7CD6C6EC2B3C70C3EDDEB9743B", 16), new BigInteger("0C5BE90980E7F444B5F7A12C9E9AC7A04CA81412822DD5AD1BE7C45D5032555E" + + "A070864245CF69266871FEB8CD1B7EDC30EF6D5", 16)); + DoTestHMacDetECDsaTest(new Sha384Digest(), privKey, new BigInteger("04EFEB7098772187907C87B33E0FBBA4584226C50C11E98CA7AAC6986F8D3BE0" + + "44E5B52D201A410B852536527724CA5F8CE6549", 16), new BigInteger("09574102FEB3EF87E6D66B94119F5A6062950FF4F902EA1E6BD9E2037F33FF99" + + "1E31F5956C23AFE48FCDC557FD6F088C7C9B2B3", 16)); + DoTestHMacDetECDsaTest(new Sha512Digest(), privKey, new BigInteger("07E0249C68536AE2AEC2EC30090340DA49E6DC9E9EEC8F85E5AABFB234B6DA7D" + + "2E9524028CF821F21C6019770474CC40B01FAF6", 16), new BigInteger("08125B5A03FB44AE81EA46D446130C2A415ECCA265910CA69D55F2453E16CD7B" + + "2DFA4E28C50FA8137F9C0C6CEE4CD37ABCCF6D8", 16)); + + x9ECParameters = NistNamedCurves.GetByName("B-571"); + ecDomainParameters = new ECDomainParameters(x9ECParameters.Curve, x9ECParameters.G, x9ECParameters.N); + + privKey = new ECPrivateKeyParameters(new BigInteger("028A04857F24C1C082DF0D909C0E72F453F2E2340CCB071F0E389BCA2575DA19" + + "124198C57174929AD26E348CF63F78D28021EF5A9BF2D5CBEAF6B7CCB6C4DA82" + + "4DD5C82CFB24E11", 16), ecDomainParameters); + + DoTestHMacDetECDsaSample(new Sha1Digest(), privKey, new BigInteger("147D3EB0EDA9F2152DFD014363D6A9CE816D7A1467D326A625FC4AB0C786E1B7" + + "4DDF7CD4D0E99541391B266C704BB6B6E8DCCD27B460802E0867143727AA4155" + + "55454321EFE5CB6", 16), + new BigInteger("17319571CAF533D90D2E78A64060B9C53169AB7FC908947B3EDADC54C79CCF0A" + + "7920B4C64A4EAB6282AFE9A459677CDA37FD6DD50BEF18709590FE18B923BDF7" + + "4A66B189A850819", 16)); + + DoTestHMacDetECDsaSample(new Sha224Digest(), privKey, new BigInteger("10F4B63E79B2E54E4F4F6A2DBC786D8F4A143ECA7B2AD97810F6472AC6AE2085" + + "3222854553BE1D44A7974599DB7061AE8560DF57F2675BE5F9DD94ABAF3D47F1" + + "582B318E459748B", 16), + new BigInteger("3BBEA07C6B269C2B7FE9AE4DDB118338D0C2F0022920A7F9DCFCB7489594C03B" + + "536A9900C4EA6A10410007222D3DAE1A96F291C4C9275D75D98EB290DC0EEF17" + + "6037B2C7A7A39A3", 16)); + + DoTestHMacDetECDsaSample(new Sha256Digest(), privKey, new BigInteger("213EF9F3B0CFC4BF996B8AF3A7E1F6CACD2B87C8C63820000800AC787F17EC99" + + "C04BCEDF29A8413CFF83142BB88A50EF8D9A086AF4EB03E97C567500C21D8657" + + "14D832E03C6D054", 16), + new BigInteger("3D32322559B094E20D8935E250B6EC139AC4AAB77920812C119AF419FB62B332" + + "C8D226C6C9362AE3C1E4AABE19359B8428EA74EC8FBE83C8618C2BCCB6B43FBA" + + "A0F2CCB7D303945", 16)); + + DoTestHMacDetECDsaSample(new Sha384Digest(), privKey, new BigInteger("375D8F49C656A0BBD21D3F54CDA287D853C4BB1849983CD891EF6CD6BB56A62B" + + "687807C16685C2C9BCA2663C33696ACCE344C45F3910B1DF806204FF731ECB28" + + "9C100EF4D1805EC", 16), + new BigInteger("1CDEC6F46DFEEE44BCE71D41C60550DC67CF98D6C91363625AC2553E4368D2DF" + + "B734A8E8C72E118A76ACDB0E58697940A0F3DF49E72894BD799450FC9E550CC0" + + "4B9FF9B0380021C", 16)); + DoTestHMacDetECDsaSample(new Sha512Digest(), privKey, new BigInteger("1C26F40D940A7EAA0EB1E62991028057D91FEDA0366B606F6C434C361F04E545" + + "A6A51A435E26416F6838FFA260C617E798E946B57215284182BE55F29A355E60" + + "24FE32A47289CF0", 16), + new BigInteger("3691DE4369D921FE94EDDA67CB71FBBEC9A436787478063EB1CC778B3DCDC1C4" + + "162662752D28DEEDF6F32A269C82D1DB80C87CE4D3B662E03AC347806E3F19D1" + + "8D6D4DE7358DF7E", 16)); + + DoTestHMacDetECDsaTest(new Sha1Digest(), privKey, new BigInteger("133F5414F2A9BC41466D339B79376038A64D045E5B0F792A98E5A7AA87E0AD01" + + "6419E5F8D176007D5C9C10B5FD9E2E0AB8331B195797C0358BA05ECBF24ACE59" + + "C5F368A6C0997CC", 16), + new BigInteger("3D16743AE9F00F0B1A500F738719C5582550FEB64689DA241665C4CE4F328BA0" + + "E34A7EF527ED13BFA5889FD2D1D214C11EB17D6BC338E05A56F41CAFF1AF7B8D" + + "574DB62EF0D0F21", 16)); + + DoTestHMacDetECDsaTest(new Sha224Digest(), privKey, new BigInteger("3048E76506C5C43D92B2E33F62B33E3111CEEB87F6C7DF7C7C01E3CDA28FA5E8" + + "BE04B5B23AA03C0C70FEF8F723CBCEBFF0B7A52A3F5C8B84B741B4F6157E69A5" + + "FB0524B48F31828", 16), + new BigInteger("2C99078CCFE5C82102B8D006E3703E020C46C87C75163A2CD839C885550BA5CB" + + "501AC282D29A1C26D26773B60FBE05AAB62BFA0BA32127563D42F7669C97784C" + + "8897C22CFB4B8FA", 16)); + + DoTestHMacDetECDsaTest(new Sha256Digest(), privKey, new BigInteger("184BC808506E11A65D628B457FDA60952803C604CC7181B59BD25AEE1411A66D" + + "12A777F3A0DC99E1190C58D0037807A95E5080FA1B2E5CCAA37B50D401CFFC34" + + "17C005AEE963469", 16), + new BigInteger("27280D45F81B19334DBDB07B7E63FE8F39AC7E9AE14DE1D2A6884D2101850289" + + "D70EE400F26ACA5E7D73F534A14568478E59D00594981ABE6A1BA18554C13EB5" + + "E03921E4DC98333", 16)); + + DoTestHMacDetECDsaTest(new Sha384Digest(), privKey, new BigInteger("319EE57912E7B0FAA1FBB145B0505849A89C6DB1EC06EA20A6A7EDE072A6268A" + + "F6FD9C809C7E422A5F33C6C3326EAD7402467DF3272A1B2726C1C20975950F0F" + + "50D8324578F13EC", 16), + new BigInteger("2CF3EA27EADD0612DD2F96F46E89AB894B01A10DF985C5FC099CFFE0EA083EB4" + + "4BE682B08BFE405DAD5F37D0A2C59015BA41027E24B99F8F75A70B6B7385BF39" + + "BBEA02513EB880C", 16)); + DoTestHMacDetECDsaTest(new Sha512Digest(), privKey, new BigInteger("2AA1888EAB05F7B00B6A784C4F7081D2C833D50794D9FEAF6E22B8BE728A2A90" + + "BFCABDC803162020AA629718295A1489EE7ED0ECB8AAA197B9BDFC49D18DDD78" + + "FC85A48F9715544", 16), + new BigInteger("0AA5371FE5CA671D6ED9665849C37F394FED85D51FEF72DA2B5F28EDFB2C6479" + + "CA63320C19596F5E1101988E2C619E302DD05112F47E8823040CE540CD3E90DC" + + "F41DBC461744EE9", 16)); + + } + + private void DoTestHMacDetECDsaSample(IDigest digest, ECPrivateKeyParameters privKey, BigInteger r, BigInteger s) + { + DoTestHMacDetECDsa(new ECDsaSigner(new HMacDsaKCalculator(digest)), digest, SAMPLE, privKey, r, s); + } + + private void DoTestHMacDetECDsaTest(IDigest digest, ECPrivateKeyParameters privKey, BigInteger r, BigInteger s) + { + DoTestHMacDetECDsa(new ECDsaSigner(new HMacDsaKCalculator(digest)), digest, TEST, privKey, r, s); + } + + private void DoTestHMacDetECDsa(IDsa detSigner, IDigest digest, byte[] data, ICipherParameters privKey, BigInteger r, BigInteger s) + { + byte[] m = new byte[digest.GetDigestSize()]; + + digest.BlockUpdate(data, 0, data.Length); + + digest.DoFinal(m, 0); + + detSigner.Init(true, privKey); + + BigInteger[] rs = detSigner.GenerateSignature(m); + + if (!r.Equals(rs[0])) + { + Fail("r value wrong"); + } + if (!s.Equals(rs[1])) + { + Fail("s value wrong"); + } + } + + public override string Name + { + get { return "DeterministicDSA"; } + } + + public override void PerformTest() + { + TestHMacDeterministic(); + TestECHMacDeterministic(); + } + + public static void Main( + string[] args) + { + RunTest(new DeterministicDsaTest()); + } + + [Test] + public void TestFunction() + { + string resultText = Perform().ToString(); + + Assert.AreEqual(Name + ": Okay", resultText); + } + } +} diff --git a/BouncyCastle/crypto/test/src/crypto/test/DigestRandomNumberTest.cs b/BouncyCastle/crypto/test/src/crypto/test/DigestRandomNumberTest.cs new file mode 100644 index 0000000..cee2e35 --- /dev/null +++ b/BouncyCastle/crypto/test/src/crypto/test/DigestRandomNumberTest.cs @@ -0,0 +1,163 @@ +using System; + +using NUnit.Framework; + +using Org.BouncyCastle.Crypto.Digests; +using Org.BouncyCastle.Crypto.Prng; +using Org.BouncyCastle.Utilities; +using Org.BouncyCastle.Utilities.Encoders; +using Org.BouncyCastle.Utilities.Test; + +namespace Org.BouncyCastle.Crypto.Tests +{ + [TestFixture] + public class DigestRandomNumberTest + : SimpleTest + { + private static readonly byte[] ZERO_SEED = { 0, 0, 0, 0, 0, 0, 0, 0 }; + + private static readonly byte[] TEST_SEED = Hex.Decode("81dcfafc885914057876"); + + private static readonly byte[] expected0SHA1 = Hex.Decode("95bca677b3d4ff793213c00892d2356ec729ee02"); + private static readonly byte[] noCycle0SHA1 = Hex.Decode("d57ccd0eb12c3938d59226412bc1268037b6b846"); + private static readonly byte[] expected0SHA256 = Hex.Decode("587e2dfd597d086e47ddcd343eac983a5c913bef8c6a1a560a5c1bc3a74b0991"); + private static readonly byte[] noCycle0SHA256 = Hex.Decode("e5776c4483486ba7be081f4e1b9dafbab25c8fae290fd5474c1ceda2c16f9509"); + private static readonly byte[] expected100SHA1 = Hex.Decode("b9d924092546e0876cafd4937d7364ebf9efa4be"); + private static readonly byte[] expected100SHA256 = Hex.Decode("fbc4aa54b948b99de104c44563a552899d718bb75d1941cc62a2444b0506abaf"); + private static readonly byte[] expectedTestSHA1 = Hex.Decode("e9ecef9f5306daf1ac51a89a211a64cb24415649"); + private static readonly byte[] expectedTestSHA256 = Hex.Decode("bdab3ca831b472a2fa09bd1bade541ef16c96640a91fcec553679a136061de98"); + + private static readonly byte[] sha1Xors = Hex.Decode("7edcc1216934f3891b03ffa65821611a3e2b1f79"); + private static readonly byte[] sha256Xors = Hex.Decode("5ec48189cc0aa71e79c707bc3c33ffd47bbba368a83d6cfebf3cd3969d7f3eed"); + + public override string Name + { + get { return "DigestRandomNumber"; } + } + + private void doExpectedTest(IDigest digest, int seed, byte[] expected) + { + doExpectedTest(digest, seed, expected, null); + } + + private void doExpectedTest(IDigest digest, int seed, byte[] expected, byte[] noCycle) + { + DigestRandomGenerator rGen = new DigestRandomGenerator(digest); + byte[] output = new byte[digest.GetDigestSize()]; + + rGen.AddSeedMaterial(seed); + + for (int i = 0; i != 1024; i++) + { + rGen.NextBytes(output); + } + + if (noCycle != null) + { + if (Arrays.AreEqual(noCycle, output)) + { + Fail("seed not being cycled!"); + } + } + + if (!Arrays.AreEqual(expected, output)) + { + Fail("expected output doesn't match"); + } + } + + private void doExpectedTest(IDigest digest, byte[] seed, byte[] expected) + { + DigestRandomGenerator rGen = new DigestRandomGenerator(digest); + byte[] output = new byte[digest.GetDigestSize()]; + + rGen.AddSeedMaterial(seed); + + for (int i = 0; i != 1024; i++) + { + rGen.NextBytes(output); + } + + if (!Arrays.AreEqual(expected, output)) + { + Fail("expected output doesn't match"); + } + } + + private void doCountTest(IDigest digest, byte[] seed, byte[] expectedXors) + { + DigestRandomGenerator rGen = new DigestRandomGenerator(digest); + byte[] output = new byte[digest.GetDigestSize()]; + int[] averages = new int[digest.GetDigestSize()]; + byte[] ands = new byte[digest.GetDigestSize()]; + byte[] xors = new byte[digest.GetDigestSize()]; + byte[] ors = new byte[digest.GetDigestSize()]; + + rGen.AddSeedMaterial(seed); + + for (int i = 0; i != 1000000; i++) + { + rGen.NextBytes(output); + for (int j = 0; j != output.Length; j++) + { + averages[j] += output[j] & 0xff; + ands[j] &= output[j]; + xors[j] ^= output[j]; + ors[j] |= output[j]; + } + } + + for (int i = 0; i != output.Length; i++) + { + if ((averages[i] / 1000000) != 127) + { + Fail("average test failed for " + digest.AlgorithmName); + } + if (ands[i] != 0) + { + Fail("and test failed for " + digest.AlgorithmName); + } + if ((ors[i] & 0xff) != 0xff) + { + Fail("or test failed for " + digest.AlgorithmName); + } + if (xors[i] != expectedXors[i]) + { + Fail("xor test failed for " + digest.AlgorithmName); + } + } + } + + public override void PerformTest() + { + doExpectedTest(new Sha1Digest(), 0, expected0SHA1, noCycle0SHA1); + doExpectedTest(new Sha256Digest(), 0, expected0SHA256, noCycle0SHA256); + + doExpectedTest(new Sha1Digest(), 100, expected100SHA1); + doExpectedTest(new Sha256Digest(), 100, expected100SHA256); + + doExpectedTest(new Sha1Digest(), ZERO_SEED, expected0SHA1); + doExpectedTest(new Sha256Digest(), ZERO_SEED, expected0SHA256); + + doExpectedTest(new Sha1Digest(), TEST_SEED, expectedTestSHA1); + doExpectedTest(new Sha256Digest(), TEST_SEED, expectedTestSHA256); + + doCountTest(new Sha1Digest(), TEST_SEED, sha1Xors); + doCountTest(new Sha256Digest(), TEST_SEED, sha256Xors); + } + + [Test] + public void TestFunction() + { + string resultText = Perform().ToString(); + + Assert.AreEqual(Name + ": Okay", resultText); + } + + public static void Main( + string[] args) + { + RunTest(new DigestRandomNumberTest()); + } + } +} diff --git a/BouncyCastle/crypto/test/src/crypto/test/DigestTest.cs b/BouncyCastle/crypto/test/src/crypto/test/DigestTest.cs new file mode 100644 index 0000000..9309796 --- /dev/null +++ b/BouncyCastle/crypto/test/src/crypto/test/DigestTest.cs @@ -0,0 +1,183 @@ +using System; + +using Org.BouncyCastle.Crypto; + +using Org.BouncyCastle.Utilities; +using Org.BouncyCastle.Utilities.Encoders; +using Org.BouncyCastle.Utilities.Test; + +namespace Org.BouncyCastle.Crypto.Tests +{ + public abstract class DigestTest + : SimpleTest + { + private IDigest digest; + private string[] input; + private string[] results; + + protected DigestTest( + IDigest digest, + string[] input, + string[] results) + { + this.digest = digest; + this.input = input; + this.results = results; + } + + public override string Name + { + get { return digest.AlgorithmName; } + } + + public override void PerformTest() + { + byte[] resBuf = new byte[digest.GetDigestSize()]; + + for (int i = 0; i < input.Length - 1; i++) + { + byte[] msg = toByteArray(input[i]); + + vectorTest(digest, i, resBuf, msg, Hex.Decode(results[i])); + } + + byte[] lastV = toByteArray(input[input.Length - 1]); + byte[] lastDigest = Hex.Decode(results[input.Length - 1]); + + vectorTest(digest, input.Length - 1, resBuf, lastV, Hex.Decode(results[input.Length - 1])); + + // + // clone test + // + digest.BlockUpdate(lastV, 0, lastV.Length/2); + + // clone the Digest + IDigest d = CloneDigest(digest); + + digest.BlockUpdate(lastV, lastV.Length/2, lastV.Length - lastV.Length/2); + digest.DoFinal(resBuf, 0); + + if (!AreEqual(lastDigest, resBuf)) + { + Fail("failing clone vector test", results[results.Length - 1], Hex.ToHexString(resBuf)); + } + + d.BlockUpdate(lastV, lastV.Length/2, lastV.Length - lastV.Length/2); + d.DoFinal(resBuf, 0); + + if (!AreEqual(lastDigest, resBuf)) + { + Fail("failing second clone vector test", results[results.Length - 1], Hex.ToHexString(resBuf)); + } + + // + // memo test + // + IMemoable m = (IMemoable)digest; + + digest.BlockUpdate(lastV, 0, lastV.Length/2); + + // copy the Digest + IMemoable copy1 = m.Copy(); + IMemoable copy2 = copy1.Copy(); + + digest.BlockUpdate(lastV, lastV.Length/2, lastV.Length - lastV.Length/2); + digest.DoFinal(resBuf, 0); + + if (!AreEqual(lastDigest, resBuf)) + { + Fail("failing memo vector test", results[results.Length - 1], Hex.ToHexString(resBuf)); + } + + m.Reset(copy1); + + digest.BlockUpdate(lastV, lastV.Length/2, lastV.Length - lastV.Length/2); + digest.DoFinal(resBuf, 0); + + if (!AreEqual(lastDigest, resBuf)) + { + Fail("failing memo reset vector test", results[results.Length - 1], Hex.ToHexString(resBuf)); + } + + IDigest md = (IDigest)copy2; + + md.BlockUpdate(lastV, lastV.Length/2, lastV.Length - lastV.Length/2); + md.DoFinal(resBuf, 0); + + if (!AreEqual(lastDigest, resBuf)) + { + Fail("failing memo copy vector test", results[results.Length - 1], Hex.ToHexString(resBuf)); + } + } + + private byte[] toByteArray( + string input) + { + byte[] bytes = new byte[input.Length]; + + for (int i = 0; i != bytes.Length; i++) + { + bytes[i] = (byte)input[i]; + } + + return bytes; + } + + private void vectorTest( + IDigest digest, + int count, + byte[] resBuf, + byte[] input, + byte[] expected) + { + digest.BlockUpdate(input, 0, input.Length); + digest.DoFinal(resBuf, 0); + + if (!AreEqual(resBuf, expected)) + { + Fail("Vector " + count + " failed got " + Hex.ToHexString(resBuf)); + } + } + + protected abstract IDigest CloneDigest(IDigest digest); + + // + // optional tests + // + protected void millionATest( + string expected) + { + byte[] resBuf = new byte[digest.GetDigestSize()]; + + for (int i = 0; i < 1000000; i++) + { + digest.Update((byte)'a'); + } + + digest.DoFinal(resBuf, 0); + + if (!AreEqual(resBuf, Hex.Decode(expected))) + { + Fail("Million a's failed"); + } + } + + protected void sixtyFourKTest( + string expected) + { + byte[] resBuf = new byte[digest.GetDigestSize()]; + + for (int i = 0; i < 65536; i++) + { + digest.Update((byte)(i & 0xff)); + } + + digest.DoFinal(resBuf, 0); + + if (!AreEqual(resBuf, Hex.Decode(expected))) + { + Fail("64k test failed"); + } + } + } +} diff --git a/BouncyCastle/crypto/test/src/crypto/test/EAXTest.cs b/BouncyCastle/crypto/test/src/crypto/test/EAXTest.cs new file mode 100644 index 0000000..838f26a --- /dev/null +++ b/BouncyCastle/crypto/test/src/crypto/test/EAXTest.cs @@ -0,0 +1,352 @@ +using System; +using System.Text; + +using NUnit.Framework; + +using Org.BouncyCastle.Crypto; +using Org.BouncyCastle.Crypto.Engines; +using Org.BouncyCastle.Crypto.Modes; +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Security; +using Org.BouncyCastle.Utilities.Encoders; +using Org.BouncyCastle.Utilities.Test; + +namespace Org.BouncyCastle.Crypto.Tests +{ + [TestFixture] + public class EaxTest + : SimpleTest + { + private static readonly byte[] K1 = Hex.Decode("233952DEE4D5ED5F9B9C6D6FF80FF478"); + private static readonly byte[] N1 = Hex.Decode("62EC67F9C3A4A407FCB2A8C49031A8B3"); + private static readonly byte[] A1 = Hex.Decode("6BFB914FD07EAE6B"); + private static readonly byte[] P1 = Hex.Decode(""); + private static readonly byte[] C1 = Hex.Decode("E037830E8389F27B025A2D6527E79D01"); + private static readonly byte[] T1 = Hex.Decode("E037830E8389F27B025A2D6527E79D01"); + + private static readonly byte[] K2 = Hex.Decode("91945D3F4DCBEE0BF45EF52255F095A4"); + private static readonly byte[] N2 = Hex.Decode("BECAF043B0A23D843194BA972C66DEBD"); + private static readonly byte[] A2 = Hex.Decode("FA3BFD4806EB53FA"); + private static readonly byte[] P2 = Hex.Decode("F7FB"); + private static readonly byte[] C2 = Hex.Decode("19DD5C4C9331049D0BDAB0277408F67967E5"); + private static readonly byte[] T2 = Hex.Decode("5C4C9331049D0BDAB0277408F67967E5"); + + private static readonly byte[] K3 = Hex.Decode("01F74AD64077F2E704C0F60ADA3DD523"); + private static readonly byte[] N3 = Hex.Decode("70C3DB4F0D26368400A10ED05D2BFF5E"); + private static readonly byte[] A3 = Hex.Decode("234A3463C1264AC6"); + private static readonly byte[] P3 = Hex.Decode("1A47CB4933"); + private static readonly byte[] C3 = Hex.Decode("D851D5BAE03A59F238A23E39199DC9266626C40F80"); + private static readonly byte[] T3 = Hex.Decode("3A59F238A23E39199DC9266626C40F80"); + + private static readonly byte[] K4 = Hex.Decode("D07CF6CBB7F313BDDE66B727AFD3C5E8"); + private static readonly byte[] N4 = Hex.Decode("8408DFFF3C1A2B1292DC199E46B7D617"); + private static readonly byte[] A4 = Hex.Decode("33CCE2EABFF5A79D"); + private static readonly byte[] P4 = Hex.Decode("481C9E39B1"); + private static readonly byte[] C4 = Hex.Decode("632A9D131AD4C168A4225D8E1FF755939974A7BEDE"); + private static readonly byte[] T4 = Hex.Decode("D4C168A4225D8E1FF755939974A7BEDE"); + + private static readonly byte[] K5 = Hex.Decode("35B6D0580005BBC12B0587124557D2C2"); + private static readonly byte[] N5 = Hex.Decode("FDB6B06676EEDC5C61D74276E1F8E816"); + private static readonly byte[] A5 = Hex.Decode("AEB96EAEBE2970E9"); + private static readonly byte[] P5 = Hex.Decode("40D0C07DA5E4"); + private static readonly byte[] C5 = Hex.Decode("071DFE16C675CB0677E536F73AFE6A14B74EE49844DD"); + private static readonly byte[] T5 = Hex.Decode("CB0677E536F73AFE6A14B74EE49844DD"); + + private static readonly byte[] K6 = Hex.Decode("BD8E6E11475E60B268784C38C62FEB22"); + private static readonly byte[] N6 = Hex.Decode("6EAC5C93072D8E8513F750935E46DA1B"); + private static readonly byte[] A6 = Hex.Decode("D4482D1CA78DCE0F"); + private static readonly byte[] P6 = Hex.Decode("4DE3B35C3FC039245BD1FB7D"); + private static readonly byte[] C6 = Hex.Decode("835BB4F15D743E350E728414ABB8644FD6CCB86947C5E10590210A4F"); + private static readonly byte[] T6 = Hex.Decode("ABB8644FD6CCB86947C5E10590210A4F"); + + private static readonly byte[] K7 = Hex.Decode("7C77D6E813BED5AC98BAA417477A2E7D"); + private static readonly byte[] N7 = Hex.Decode("1A8C98DCD73D38393B2BF1569DEEFC19"); + private static readonly byte[] A7 = Hex.Decode("65D2017990D62528"); + private static readonly byte[] P7 = Hex.Decode("8B0A79306C9CE7ED99DAE4F87F8DD61636"); + private static readonly byte[] C7 = Hex.Decode("02083E3979DA014812F59F11D52630DA30137327D10649B0AA6E1C181DB617D7F2"); + private static readonly byte[] T7 = Hex.Decode("137327D10649B0AA6E1C181DB617D7F2"); + + private static readonly byte[] K8 = Hex.Decode("5FFF20CAFAB119CA2FC73549E20F5B0D"); + private static readonly byte[] N8 = Hex.Decode("DDE59B97D722156D4D9AFF2BC7559826"); + private static readonly byte[] A8 = Hex.Decode("54B9F04E6A09189A"); + private static readonly byte[] P8 = Hex.Decode("1BDA122BCE8A8DBAF1877D962B8592DD2D56"); + private static readonly byte[] C8 = Hex.Decode("2EC47B2C4954A489AFC7BA4897EDCDAE8CC33B60450599BD02C96382902AEF7F832A"); + private static readonly byte[] T8 = Hex.Decode("3B60450599BD02C96382902AEF7F832A"); + + private static readonly byte[] K9 = Hex.Decode("A4A4782BCFFD3EC5E7EF6D8C34A56123"); + private static readonly byte[] N9 = Hex.Decode("B781FCF2F75FA5A8DE97A9CA48E522EC"); + private static readonly byte[] A9 = Hex.Decode("899A175897561D7E"); + private static readonly byte[] P9 = Hex.Decode("6CF36720872B8513F6EAB1A8A44438D5EF11"); + private static readonly byte[] C9 = Hex.Decode("0DE18FD0FDD91E7AF19F1D8EE8733938B1E8E7F6D2231618102FDB7FE55FF1991700"); + private static readonly byte[] T9 = Hex.Decode("E7F6D2231618102FDB7FE55FF1991700"); + + private static readonly byte[] K10 = Hex.Decode("8395FCF1E95BEBD697BD010BC766AAC3"); + private static readonly byte[] N10 = Hex.Decode("22E7ADD93CFC6393C57EC0B3C17D6B44"); + private static readonly byte[] A10 = Hex.Decode("126735FCC320D25A"); + private static readonly byte[] P10 = Hex.Decode("CA40D7446E545FFAED3BD12A740A659FFBBB3CEAB7"); + private static readonly byte[] C10 = Hex.Decode("CB8920F87A6C75CFF39627B56E3ED197C552D295A7CFC46AFC253B4652B1AF3795B124AB6E"); + private static readonly byte[] T10 = Hex.Decode("CFC46AFC253B4652B1AF3795B124AB6E"); + + private static readonly byte[] K11 = Hex.Decode("8395FCF1E95BEBD697BD010BC766AAC3"); + private static readonly byte[] N11 = Hex.Decode("22E7ADD93CFC6393C57EC0B3C17D6B44"); + private static readonly byte[] A11 = Hex.Decode("126735FCC320D25A"); + private static readonly byte[] P11 = Hex.Decode("CA40D7446E545FFAED3BD12A740A659FFBBB3CEAB7"); + private static readonly byte[] C11 = Hex.Decode("CB8920F87A6C75CFF39627B56E3ED197C552D295A7CFC46AFC"); + private static readonly byte[] T11 = Hex.Decode("CFC46AFC"); + + private const int NONCE_LEN = 8; + private const int MAC_LEN = 8; + private const int AUTHEN_LEN = 20; + + public override string Name + { + get { return "EAX"; } + } + + public override void PerformTest() + { + checkVectors(1, K1, 128, N1, A1, P1, T1, C1); + checkVectors(2, K2, 128, N2, A2, P2, T2, C2); + checkVectors(3, K3, 128, N3, A3, P3, T3, C3); + checkVectors(4, K4, 128, N4, A4, P4, T4, C4); + checkVectors(5, K5, 128, N5, A5, P5, T5, C5); + checkVectors(6, K6, 128, N6, A6, P6, T6, C6); + checkVectors(7, K7, 128, N7, A7, P7, T7, C7); + checkVectors(8, K8, 128, N8, A8, P8, T8, C8); + checkVectors(9, K9, 128, N9, A9, P9, T9, C9); + checkVectors(10, K10, 128, N10, A10, P10, T10, C10); + checkVectors(11, K11, 32, N11, A11, P11, T11, C11); + + EaxBlockCipher eax = new EaxBlockCipher(new AesEngine()); + ivParamTest(1, eax, K1, N1); + + // + // exception tests + // + + try + { + eax.Init(false, new AeadParameters(new KeyParameter(K1), 32, N2, A2)); + + byte[] enc = new byte[C2.Length]; + int len = eax.ProcessBytes(C2, 0, C2.Length, enc, 0); + + len += eax.DoFinal(enc, len); + + Fail("invalid cipher text not picked up"); + } + catch (InvalidCipherTextException) + { + // expected + } + + try + { + eax.Init(false, new KeyParameter(K1)); + + Fail("illegal argument not picked up"); + } + catch (ArgumentException) + { + // expected + } + + randomTests(); + } + + private void checkVectors( + int count, + byte[] k, + int macSize, + byte[] n, + byte[] a, + byte[] p, + byte[] t, + byte[] c) + { + byte[] fa = new byte[a.Length / 2]; + byte[] la = new byte[a.Length - (a.Length / 2)]; + Array.Copy(a, 0, fa, 0, fa.Length); + Array.Copy(a, fa.Length, la, 0, la.Length); + + checkVectors(count, "all initial associated data", k, macSize, n, a, null, p, t, c); + checkVectors(count, "subsequent associated data", k, macSize, n, null, a, p, t, c); + checkVectors(count, "split associated data", k, macSize, n, fa, la, p, t, c); + } + + private void checkVectors( + int count, + string additionalDataType, + byte[] k, + int macSize, + byte[] n, + byte[] a, + byte[] sa, + byte[] p, + byte[] t, + byte[] c) + { + EaxBlockCipher encEax = new EaxBlockCipher(new AesEngine()); + EaxBlockCipher decEax = new EaxBlockCipher(new AesEngine()); + + AeadParameters parameters = new AeadParameters(new KeyParameter(k), macSize, n, a); + encEax.Init(true, parameters); + decEax.Init(false, parameters); + + runCheckVectors(count, encEax, decEax, additionalDataType, sa, p, t, c); + runCheckVectors(count, encEax, decEax, additionalDataType, sa, p, t, c); + + // key reuse test + parameters = new AeadParameters(null, macSize, n, a); + encEax.Init(true, parameters); + decEax.Init(false, parameters); + + runCheckVectors(count, encEax, decEax, additionalDataType, sa, p, t, c); + runCheckVectors(count, encEax, decEax, additionalDataType, sa, p, t, c); + } + + private void runCheckVectors( + int count, + EaxBlockCipher encEax, + EaxBlockCipher decEax, + string additionalDataType, + byte[] sa, + byte[] p, + byte[] t, + byte[] c) + { + byte[] enc = new byte[c.Length]; + + if (sa != null) + { + encEax.ProcessAadBytes(sa, 0, sa.Length); + } + + int len = encEax.ProcessBytes(p, 0, p.Length, enc, 0); + + len += encEax.DoFinal(enc, len); + + if (!AreEqual(c, enc)) + { + Fail("encrypted stream fails to match in test " + count + " with " + additionalDataType); + } + + byte[] tmp = new byte[enc.Length]; + + if (sa != null) + { + decEax.ProcessAadBytes(sa, 0, sa.Length); + } + + len = decEax.ProcessBytes(enc, 0, enc.Length, tmp, 0); + + len += decEax.DoFinal(tmp, len); + + byte[] dec = new byte[len]; + + Array.Copy(tmp, 0, dec, 0, len); + + if (!AreEqual(p, dec)) + { + Fail("decrypted stream fails to match in test " + count + " with " + additionalDataType); + } + + if (!AreEqual(t, decEax.GetMac())) + { + Fail("MAC fails to match in test " + count + " with " + additionalDataType); + } + } + + private void ivParamTest( + int count, + IAeadBlockCipher eax, + byte[] k, + byte[] n) + { + byte[] p = Encoding.ASCII.GetBytes("hello world!!"); + + eax.Init(true, new ParametersWithIV(new KeyParameter(k), n)); + + byte[] enc = new byte[p.Length + 8]; + + int len = eax.ProcessBytes(p, 0, p.Length, enc, 0); + + len += eax.DoFinal(enc, len); + + eax.Init(false, new ParametersWithIV(new KeyParameter(k), n)); + + byte[] tmp = new byte[enc.Length]; + + len = eax.ProcessBytes(enc, 0, enc.Length, tmp, 0); + + len += eax.DoFinal(tmp, len); + + byte[] dec = new byte[len]; + + Array.Copy(tmp, 0, dec, 0, len); + + if (!AreEqual(p, dec)) + { + Fail("decrypted stream fails to match in test " + count); + } + } + + private void randomTests() + { + SecureRandom srng = new SecureRandom(); + for (int i = 0; i < 10; ++i) + { + randomTest(srng); + } + } + + private void randomTest( + SecureRandom srng) + { + int DAT_LEN = srng.Next(1024); + byte[] nonce = new byte[NONCE_LEN]; + byte[] authen = new byte[AUTHEN_LEN]; + byte[] datIn = new byte[DAT_LEN]; + byte[] key = new byte[16]; + srng.NextBytes(nonce); + srng.NextBytes(authen); + srng.NextBytes(datIn); + srng.NextBytes(key); + + IBlockCipher engine = new AesEngine(); + KeyParameter sessKey = new KeyParameter(key); + EaxBlockCipher eaxCipher = new EaxBlockCipher(engine); + + AeadParameters parameters = new AeadParameters(sessKey, MAC_LEN * 8, nonce, authen); + eaxCipher.Init(true, parameters); + + byte[] intrDat = new byte[eaxCipher.GetOutputSize(datIn.Length)]; + int outOff = eaxCipher.ProcessBytes(datIn, 0, DAT_LEN, intrDat, 0); + outOff += eaxCipher.DoFinal(intrDat, outOff); + + eaxCipher.Init(false, parameters); + byte[] datOut = new byte[eaxCipher.GetOutputSize(outOff)]; + int resultLen = eaxCipher.ProcessBytes(intrDat, 0, outOff, datOut, 0); + eaxCipher.DoFinal(datOut, resultLen); + + if (!AreEqual(datIn, datOut)) + { + Fail("EAX roundtrip failed to match"); + } + } + + public static void Main( + string[] args) + { + RunTest(new EaxTest()); + } + + [Test] + public void TestFunction() + { + string resultText = Perform().ToString(); + + Assert.AreEqual(Name + ": Okay", resultText); + } + } +} diff --git a/BouncyCastle/crypto/test/src/crypto/test/ECDHKEKGeneratorTest.cs b/BouncyCastle/crypto/test/src/crypto/test/ECDHKEKGeneratorTest.cs new file mode 100644 index 0000000..250b2ca --- /dev/null +++ b/BouncyCastle/crypto/test/src/crypto/test/ECDHKEKGeneratorTest.cs @@ -0,0 +1,80 @@ +using System; + +using NUnit.Framework; + +using Org.BouncyCastle.Asn1; +using Org.BouncyCastle.Asn1.Nist; +using Org.BouncyCastle.Asn1.Pkcs; +using Org.BouncyCastle.Crypto.Agreement.Kdf; +using Org.BouncyCastle.Crypto.Digests; +using Org.BouncyCastle.Utilities.Encoders; +using Org.BouncyCastle.Utilities.Test; + +namespace Org.BouncyCastle.Crypto.Tests +{ + /// ECDHKEK Generator tests. + [TestFixture] + public class ECDHKekGeneratorTest + : SimpleTest + { + private byte[] seed1 = Hex.Decode("db4a8daba1f98791d54e940175dd1a5f3a0826a1066aa9b668d4dc1e1e0790158dcad1533c03b44214d1b61fefa8b579"); + private DerObjectIdentifier alg1 = NistObjectIdentifiers.IdAes256Wrap; + private byte[] result1 = Hex.Decode("8ecc6d85caf25eaba823a7d620d4ab0d33e4c645f2"); + + private byte[] seed2 = Hex.Decode("75d7487b5d3d2bfb3c69ce0365fe64e3bfab5d0d63731628a9f47eb8fddfa28c65decaf228a0b38f0c51c6a3356d7c56"); + private DerObjectIdentifier alg2 = NistObjectIdentifiers.IdAes128Wrap; + private byte[] result2 = Hex.Decode("042be1faca3a4a8fc859241bfb87ba35"); + + private byte[] seed3 = Hex.Decode("fdeb6d809f997e8ac174d638734dc36d37aaf7e876e39967cd82b1cada3de772449788461ee7f856bad9305627f8e48b"); + private DerObjectIdentifier alg3 = PkcsObjectIdentifiers.IdAlgCms3DesWrap; + private byte[] result3 = Hex.Decode("bcd701fc92109b1b9d6f3b6497ad5ca9627fa8a597010305"); + + public ECDHKekGeneratorTest() + { + } + + public override void PerformTest() + { + CheckMask(1, new ECDHKekGenerator(new Sha1Digest()), new DHKdfParameters(alg1, 256, seed1), result1); + CheckMask(2, new ECDHKekGenerator(new Sha1Digest()), new DHKdfParameters(alg2, 128, seed2), result2); + CheckMask(3, new ECDHKekGenerator(new Sha1Digest()), new DHKdfParameters(alg3, 192, seed3), result3); + } + + private void CheckMask( + int count, + IDerivationFunction kdf, + IDerivationParameters parameters, + byte[] result) + { + byte[] data = new byte[result.Length]; + + kdf.Init(parameters); + + kdf.GenerateBytes(data, 0, data.Length); + + if (!AreEqual(result, data)) + { + Fail("ECDHKekGenerator failed generator test " + count); + } + } + + public override string Name + { + get { return "ECDHKekGenerator"; } + } + + public static void Main( + string[] args) + { + RunTest(new ECDHKekGeneratorTest()); + } + + [Test] + public void TestFunction() + { + string resultText = Perform().ToString(); + + Assert.AreEqual(Name + ": Okay", resultText); + } + } +} diff --git a/BouncyCastle/crypto/test/src/crypto/test/ECGOST3410Test.cs b/BouncyCastle/crypto/test/src/crypto/test/ECGOST3410Test.cs new file mode 100644 index 0000000..4c93837 --- /dev/null +++ b/BouncyCastle/crypto/test/src/crypto/test/ECGOST3410Test.cs @@ -0,0 +1,345 @@ +using System; +using System.Text; + +using NUnit.Framework; + +using Org.BouncyCastle.Crypto; +using Org.BouncyCastle.Crypto.Digests; +using Org.BouncyCastle.Crypto.Generators; +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Crypto.Signers; +using Org.BouncyCastle.Math; +using Org.BouncyCastle.Math.EC; +using Org.BouncyCastle.Security; +using Org.BouncyCastle.Utilities.Encoders; +using Org.BouncyCastle.Utilities.Test; + +namespace Org.BouncyCastle.Crypto.Tests +{ + /** + * ECGOST3410 tests are taken from GOST R 34.10-2001. + */ + [TestFixture] + public class ECGost3410Test + : SimpleTest + { + private static readonly byte[] hashmessage = Hex.Decode("3042453136414534424341374533364339313734453431443642453241453435"); + + /** + * ECGOST3410 over the field Fp
    + */ + BigInteger r = new BigInteger("29700980915817952874371204983938256990422752107994319651632687982059210933395"); + BigInteger s = new BigInteger("574973400270084654178925310019147038455227042649098563933718999175515839552"); + + byte[] kData = new BigInteger("53854137677348463731403841147996619241504003434302020712960838528893196233395").ToByteArray(); + + private readonly SecureRandom k; + + public ECGost3410Test() + { + k = FixedSecureRandom.From(kData); + } + + private void ecGOST3410_TEST() + { + BigInteger mod_p = new BigInteger("57896044618658097711785492504343953926634992332820282019728792003956564821041"); //p + BigInteger mod_q = new BigInteger("57896044618658097711785492504343953927082934583725450622380973592137631069619"); + + FpCurve curve = new FpCurve( + mod_p, // p + new BigInteger("7"), // a + new BigInteger("43308876546767276905765904595650931995942111794451039583252968842033849580414"), // b + mod_q, BigInteger.One); + + ECDomainParameters parameters = new ECDomainParameters( + curve, + curve.CreatePoint( + new BigInteger("2"), // x + new BigInteger("4018974056539037503335449422937059775635739389905545080690979365213431566280")), // y + mod_q, BigInteger.One); + + ECPrivateKeyParameters priKey = new ECPrivateKeyParameters( + "ECGOST3410", + new BigInteger("55441196065363246126355624130324183196576709222340016572108097750006097525544"), // d + parameters); + + ParametersWithRandom param = new ParametersWithRandom(priKey, k); + + ECGost3410Signer ecgost3410 = new ECGost3410Signer(); + + ecgost3410.Init(true, param); + + byte[] mVal = new BigInteger("20798893674476452017134061561508270130637142515379653289952617252661468872421").ToByteArray(); + byte[] message = new byte[mVal.Length]; + + for (int i = 0; i != mVal.Length; i++) + { + message[i] = mVal[mVal.Length - 1 - i]; + } + + BigInteger[] sig = ecgost3410.GenerateSignature(message); + + if (!r.Equals(sig[0])) + { + Fail("r component wrong.", r, sig[0]); + } + + if (!s.Equals(sig[1])) + { + Fail("s component wrong.", s, sig[1]); + } + + // Verify the signature + ECPublicKeyParameters pubKey = new ECPublicKeyParameters( + "ECGOST3410", + curve.CreatePoint( + new BigInteger("57520216126176808443631405023338071176630104906313632182896741342206604859403"), // x + new BigInteger("17614944419213781543809391949654080031942662045363639260709847859438286763994")), // y + parameters); + + ecgost3410.Init(false, pubKey); + if (!ecgost3410.VerifySignature(message, sig[0], sig[1])) + { + Fail("verification fails"); + } + } + + /** + * Test Sign and Verify with test parameters + * see: http://www.ietf.org/internet-drafts/draft-popov-cryptopro-cpalgs-01.txt + * gostR3410-2001-TestParamSet P.46 + */ + private void ecGOST3410_TestParam() + { + SecureRandom random = new SecureRandom(); + + BigInteger mod_p = new BigInteger("57896044618658097711785492504343953926634992332820282019728792003956564821041"); //p + BigInteger mod_q = new BigInteger("57896044618658097711785492504343953927082934583725450622380973592137631069619"); + + FpCurve curve = new FpCurve( + mod_p, // p + new BigInteger("7"), // a + new BigInteger("43308876546767276905765904595650931995942111794451039583252968842033849580414"), // b + mod_q, BigInteger.One); + + ECDomainParameters parameters = new ECDomainParameters( + curve, + curve.CreatePoint( + new BigInteger("2"), // x + new BigInteger("4018974056539037503335449422937059775635739389905545080690979365213431566280")), // y + mod_q, BigInteger.One); + + ECKeyPairGenerator pGen = new ECKeyPairGenerator(); + ECKeyGenerationParameters genParam = new ECKeyGenerationParameters( + parameters, + random); + + pGen.Init(genParam); + + AsymmetricCipherKeyPair pair = pGen.GenerateKeyPair(); + + ParametersWithRandom param = new ParametersWithRandom(pair.Private, random); + + ECGost3410Signer ecgost3410 = new ECGost3410Signer(); + + ecgost3410.Init(true, param); + + //get hash message using the digest GOST3411. + byte[] message = Encoding.ASCII.GetBytes("Message for sign"); + Gost3411Digest gost3411 = new Gost3411Digest(); + gost3411.BlockUpdate(message, 0, message.Length); + byte[] hashmessage = new byte[gost3411.GetDigestSize()]; + gost3411.DoFinal(hashmessage, 0); + + BigInteger[] sig = ecgost3410.GenerateSignature(hashmessage); + + ecgost3410.Init(false, pair.Public); + + if (!ecgost3410.VerifySignature(hashmessage, sig[0], sig[1])) + { + Fail("signature fails"); + } + } + + /** + * Test Sign and Verify with A parameters + * see: http://www.ietf.org/internet-drafts/draft-popov-cryptopro-cpalgs-01.txt + * gostR3410-2001-CryptoPro-A-ParamSet P.47 + */ + public void ecGOST3410_AParam() + { + SecureRandom random = new SecureRandom(); + + BigInteger mod_p = new BigInteger("115792089237316195423570985008687907853269984665640564039457584007913129639319"); //p + BigInteger mod_q = new BigInteger("115792089237316195423570985008687907853073762908499243225378155805079068850323"); + + FpCurve curve = new FpCurve( + mod_p, // p + new BigInteger("115792089237316195423570985008687907853269984665640564039457584007913129639316"), // a + new BigInteger("166"), // b + mod_q, BigInteger.One); + + ECDomainParameters parameters = new ECDomainParameters( + curve, + curve.CreatePoint( + new BigInteger("1"), // x + new BigInteger("64033881142927202683649881450433473985931760268884941288852745803908878638612")), // y + mod_q, BigInteger.One); + + ECKeyPairGenerator pGen = new ECKeyPairGenerator("ECGOST3410"); + ECKeyGenerationParameters genParam = new ECKeyGenerationParameters( + parameters, + random); + + pGen.Init(genParam); + + AsymmetricCipherKeyPair pair = pGen.GenerateKeyPair(); + + ParametersWithRandom param = new ParametersWithRandom(pair.Private, random); + + ECGost3410Signer ecgost3410 = new ECGost3410Signer(); + + ecgost3410.Init(true, param); + + BigInteger[] sig = ecgost3410.GenerateSignature(hashmessage); + + ecgost3410.Init(false, pair.Public); + + if (!ecgost3410.VerifySignature(hashmessage, sig[0], sig[1])) + { + Fail("signature fails"); + } + } + + /** + * Test Sign and Verify with B parameters + * see: http://www.ietf.org/internet-drafts/draft-popov-cryptopro-cpalgs-01.txt + * gostR3410-2001-CryptoPro-B-ParamSet P.47-48 + */ + private void ecGOST3410_BParam() + { + SecureRandom random = new SecureRandom(); + + BigInteger mod_p = new BigInteger("57896044618658097711785492504343953926634992332820282019728792003956564823193"); //p + BigInteger mod_q = new BigInteger("57896044618658097711785492504343953927102133160255826820068844496087732066703"); + + FpCurve curve = new FpCurve( + mod_p, // p + new BigInteger("57896044618658097711785492504343953926634992332820282019728792003956564823190"), // a + new BigInteger("28091019353058090096996979000309560759124368558014865957655842872397301267595"), // b + mod_q, BigInteger.One); + + ECDomainParameters parameters = new ECDomainParameters( + curve, + curve.CreatePoint( + new BigInteger("1"), // x + new BigInteger("28792665814854611296992347458380284135028636778229113005756334730996303888124")), // y + mod_q, BigInteger.One); + + ECKeyPairGenerator pGen = new ECKeyPairGenerator("ECGOST3410"); + ECKeyGenerationParameters genParam = new ECKeyGenerationParameters( + parameters, + random); + + pGen.Init(genParam); + + AsymmetricCipherKeyPair pair = pGen.GenerateKeyPair(); + + ParametersWithRandom param = new ParametersWithRandom(pair.Private, random); + + ECGost3410Signer ecgost3410 = new ECGost3410Signer(); + + ecgost3410.Init(true, param); + + BigInteger[] sig = ecgost3410.GenerateSignature(hashmessage); + + ecgost3410.Init(false, pair.Public); + + if (!ecgost3410.VerifySignature(hashmessage, sig[0], sig[1])) + { + Fail("signature fails"); + } + } + + /** + * Test Sign and Verify with C parameters + * see: http://www.ietf.org/internet-drafts/draft-popov-cryptopro-cpalgs-01.txt + * gostR3410-2001-CryptoPro-C-ParamSet P.48 + */ + private void ecGOST3410_CParam() + { + SecureRandom random = new SecureRandom(); + + BigInteger mod_p = new BigInteger("70390085352083305199547718019018437841079516630045180471284346843705633502619"); //p + BigInteger mod_q = new BigInteger("70390085352083305199547718019018437840920882647164081035322601458352298396601"); + + FpCurve curve = new FpCurve( + mod_p, // p + new BigInteger("70390085352083305199547718019018437841079516630045180471284346843705633502616"), // a + new BigInteger("32858"), // b + mod_q, BigInteger.One); + + ECDomainParameters parameters = new ECDomainParameters( + curve, + curve.CreatePoint( + new BigInteger("0"), // x + new BigInteger("29818893917731240733471273240314769927240550812383695689146495261604565990247")), // y + mod_q, BigInteger.One); + + ECKeyPairGenerator pGen = new ECKeyPairGenerator("ECGOST3410"); + ECKeyGenerationParameters genParam = new ECKeyGenerationParameters( + parameters, + random); + + pGen.Init(genParam); + + AsymmetricCipherKeyPair pair = pGen.GenerateKeyPair(); + + ParametersWithRandom param = new ParametersWithRandom(pair.Private, random); + + ECGost3410Signer ecgost3410 = new ECGost3410Signer(); + + ecgost3410.Init(true, param); + + BigInteger[] sig = ecgost3410.GenerateSignature(hashmessage); + + ecgost3410.Init(false, pair.Public); + + if (!ecgost3410.VerifySignature(hashmessage, sig[0], sig[1])) + { + Fail("signature fails"); + } + } + + public override string Name + { + get { return "ECGOST3410"; } + } + + public override void PerformTest() + { + ecGOST3410_TEST(); + ecGOST3410_TestParam(); + ecGOST3410_AParam(); + ecGOST3410_BParam(); + ecGOST3410_CParam(); + } + + public static void Main( + string[] args) + { + ECGost3410Test test = new ECGost3410Test(); + ITestResult result = test.Perform(); + + Console.WriteLine(result); + } + + [Test] + public void TestFunction() + { + string resultText = Perform().ToString(); + + Assert.AreEqual(Name + ": Okay", resultText); + } + } +} diff --git a/BouncyCastle/crypto/test/src/crypto/test/ECGOST3410_2012Test.cs b/BouncyCastle/crypto/test/src/crypto/test/ECGOST3410_2012Test.cs new file mode 100644 index 0000000..0e7e906 --- /dev/null +++ b/BouncyCastle/crypto/test/src/crypto/test/ECGOST3410_2012Test.cs @@ -0,0 +1,566 @@ +using System; + +using NUnit.Framework; + +using Org.BouncyCastle.Asn1; +using Org.BouncyCastle.Asn1.CryptoPro; +using Org.BouncyCastle.Asn1.Pkcs; +using Org.BouncyCastle.Asn1.Rosstandart; +using Org.BouncyCastle.Asn1.X509; +using Org.BouncyCastle.Crypto.Generators; +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Pkcs; +using Org.BouncyCastle.Security; +using Org.BouncyCastle.Utilities; +using Org.BouncyCastle.Utilities.Encoders; +using Org.BouncyCastle.Utilities.Test; +using Org.BouncyCastle.X509; + +namespace Org.BouncyCastle.Crypto.Tests +{ + [TestFixture] + public class ECGost3410_2012Test + : SimpleTest + { + public override string Name + { + get { return "ECGOST3410-2012"; } + } + + public SimpleTestResult EncodeRecodePublicKey() + { + DerObjectIdentifier oid = ECGost3410NamedCurves.GetOid("Tc26-Gost-3410-12-512-paramSetA"); + ECNamedDomainParameters ecp = new ECNamedDomainParameters(oid, ECGost3410NamedCurves.GetByOidX9(oid)); + ECGost3410Parameters gostParams = new ECGost3410Parameters(ecp, oid, RosstandartObjectIdentifiers.id_tc26_gost_3411_12_512, null); + ECKeyGenerationParameters paramameters = new ECKeyGenerationParameters(gostParams, new SecureRandom()); + ECKeyPairGenerator engine = new ECKeyPairGenerator(); + engine.Init(paramameters); + AsymmetricCipherKeyPair pair = engine.GenerateKeyPair(); + + ECPublicKeyParameters generatedKeyParameters = (ECPublicKeyParameters)pair.Public; + ECPublicKeyParameters keyParameters = generatedKeyParameters; + + // + // Continuously encode/decode the key and check for loss of information. + // + for (int t = 0; t < 3; t++) + { + SubjectPublicKeyInfo info = SubjectPublicKeyInfoFactory.CreateSubjectPublicKeyInfo(keyParameters); + keyParameters = (ECPublicKeyParameters)PublicKeyFactory.CreateKey(info); + + { + // Specifically cast and test gost parameters. + ECGost3410Parameters gParam = (ECGost3410Parameters)generatedKeyParameters.Parameters; + ECGost3410Parameters rParam = (ECGost3410Parameters)keyParameters.Parameters; + + bool ok = SafeEquals(gParam.DigestParamSet, rParam.DigestParamSet) && + SafeEquals(gParam.EncryptionParamSet, rParam.EncryptionParamSet) && + SafeEquals(gParam.PublicKeyParamSet, rParam.PublicKeyParamSet); + + if (!ok) + { + return new SimpleTestResult(false, "GOST parameters does not match"); + } + } + + if (!((ECGost3410Parameters)keyParameters.Parameters).Name.Equals( + ((ECGost3410Parameters)generatedKeyParameters.Parameters).Name)) + { + return new SimpleTestResult(false, "Name does not match"); + } + + if (keyParameters.IsPrivate != generatedKeyParameters.IsPrivate) + { + return new SimpleTestResult(false, "isPrivate does not match"); + } + + if (!Arrays.AreEqual(keyParameters.Q.GetEncoded(true), generatedKeyParameters.Q.GetEncoded(true))) + { + return new SimpleTestResult(false, "Q does not match"); + } + + if (!keyParameters.Parameters.Curve.Equals(generatedKeyParameters.Parameters.Curve)) + { + return new SimpleTestResult(false, "Curve does not match"); + } + + if (!Arrays.AreEqual( + keyParameters.Parameters.G.GetEncoded(true), + generatedKeyParameters.Parameters.G.GetEncoded(true))) + { + return new SimpleTestResult(false, "G does not match"); + } + + if (!keyParameters.Parameters.H.Equals(generatedKeyParameters.Parameters.H)) + { + return new SimpleTestResult(false, "H does not match"); + } + + if (!keyParameters.Parameters.HInv.Equals(generatedKeyParameters.Parameters.HInv)) + { + return new SimpleTestResult(false, "Hinv does not match"); + } + + if (!keyParameters.Parameters.N.Equals(generatedKeyParameters.Parameters.N)) + { + return new SimpleTestResult(false, "N does not match"); + } + + if (!Arrays.AreEqual(keyParameters.Parameters.GetSeed(), generatedKeyParameters.Parameters.GetSeed())) + { + return new SimpleTestResult(false, "Seed does not match"); + } + } + + return new SimpleTestResult(true, null); + } + + private SimpleTestResult EncodeRecodePrivateKey() + { + DerObjectIdentifier oid = ECGost3410NamedCurves.GetOid("Tc26-Gost-3410-12-512-paramSetA"); + ECNamedDomainParameters ecp = new ECNamedDomainParameters(oid, ECGost3410NamedCurves.GetByOidX9(oid)); + ECGost3410Parameters gostParams = new ECGost3410Parameters(ecp, oid, RosstandartObjectIdentifiers.id_tc26_gost_3411_12_512, null); + ECKeyGenerationParameters parameters = new ECKeyGenerationParameters(gostParams, new SecureRandom()); + ECKeyPairGenerator engine = new ECKeyPairGenerator(); + engine.Init(parameters); + AsymmetricCipherKeyPair pair = engine.GenerateKeyPair(); + + ECPrivateKeyParameters generatedKeyParameters = (ECPrivateKeyParameters)pair.Private; + ECPrivateKeyParameters keyParameters = generatedKeyParameters; + + // + // Continuously encode/decode the key and check for loss of information. + // + for (int t = 0; t < 3; t++) + { + PrivateKeyInfo info = PrivateKeyInfoFactory.CreatePrivateKeyInfo(keyParameters); + keyParameters = (ECPrivateKeyParameters)PrivateKeyFactory.CreateKey(info); + + { + // Specifically cast and test gost parameters. + ECGost3410Parameters gParam = (ECGost3410Parameters)generatedKeyParameters.Parameters; + ECGost3410Parameters rParam = (ECGost3410Parameters)keyParameters.Parameters; + + bool ok = SafeEquals(gParam.DigestParamSet, rParam.DigestParamSet) && + SafeEquals(gParam.EncryptionParamSet, rParam.EncryptionParamSet) && + SafeEquals(gParam.PublicKeyParamSet, rParam.PublicKeyParamSet); + + if (!ok) + { + return new SimpleTestResult(false, "GOST parameters does not match"); + } + } + + if (keyParameters.IsPrivate != generatedKeyParameters.IsPrivate) + { + return new SimpleTestResult(false, "isPrivate does not match"); + } + + if (!keyParameters.D.Equals(generatedKeyParameters.D)) + { + return new SimpleTestResult(false, "D does not match"); + } + + if (!((ECGost3410Parameters)keyParameters.Parameters).Name.Equals( + ((ECGost3410Parameters)generatedKeyParameters.Parameters).Name)) + { + return new SimpleTestResult(false, "Name does not match"); + } + + if (!keyParameters.Parameters.Curve.Equals(generatedKeyParameters.Parameters.Curve)) + { + return new SimpleTestResult(false, "Curve does not match"); + } + + if (!Arrays.AreEqual( + keyParameters.Parameters.G.GetEncoded(true), + generatedKeyParameters.Parameters.G.GetEncoded(true))) + { + return new SimpleTestResult(false, "G does not match"); + } + + if (!keyParameters.Parameters.H.Equals(generatedKeyParameters.Parameters.H)) + { + return new SimpleTestResult(false, "H does not match"); + } + + if (!keyParameters.Parameters.HInv.Equals(generatedKeyParameters.Parameters.HInv)) + { + return new SimpleTestResult(false, "Hinv does not match"); + } + + if (!keyParameters.Parameters.N.Equals(generatedKeyParameters.Parameters.N)) + { + return new SimpleTestResult(false, "N does not match"); + } + + if (!Arrays.AreEqual(keyParameters.Parameters.GetSeed(), generatedKeyParameters.Parameters.GetSeed())) + { + return new SimpleTestResult(false, "Seed does not match"); + } + } + + return new SimpleTestResult(true, null); + } + + private SimpleTestResult DecodeJCEPublic() + { + byte[] pub256 = Hex.Decode("3068302106082a85030701010101301506092a850307010201010106082a850307010102020343000440292335c87d892510c35a033819a13e2b0dc606d911676af2bad8872d74a4b7bae6c729e98ace04c3dee626343f794731e1489edb7bc26f1c8c56e1448c96501a"); + + ECPublicKeyParameters pkInfo = (ECPublicKeyParameters)PublicKeyFactory.CreateKey(pub256); + if (pkInfo.IsPrivate) + { + return new SimpleTestResult(false, "isPrivate should be false"); + } + + if (!Arrays.AreEqual( + pkInfo.Q.GetEncoded(true), + Hex.Decode("02bab7a4742d87d8baf26a6711d906c60d2b3ea11938035ac31025897dc8352329"))) + { + return new SimpleTestResult(false, "Q does not match"); + } + + if (!((ECGost3410Parameters)pkInfo.Parameters).PublicKeyParamSet.ToString().Equals("1.2.643.7.1.2.1.1.1")) + { + return new SimpleTestResult(false, "PublicKeyParamSet does not match"); + } + + if (!((ECGost3410Parameters)pkInfo.Parameters).DigestParamSet.ToString().Equals("1.2.643.7.1.1.2.2")) + { + return new SimpleTestResult(false, "DigestParamSet does not match"); + } + + if (((ECGost3410Parameters)pkInfo.Parameters).EncryptionParamSet != null) + { + return new SimpleTestResult(false, "EncryptionParamSet is not null"); + } + + byte[] pub512 = Hex.Decode("3081aa302106082a85030701010102301506092a850307010201020106082a850307010102030381840004818043ccc22692ee8a1870c7c9de0566d7e3a494cf0e3c80f9e8852a3d1ec10d2a829d357253e0864aee2eaacd5e2d327578dee771f62f24decfd6358e06199efe540e7912db43c4c80fe0fd31f7f67a862f9d44fd0075cfee6e3d638c7520063d26311ef962547e8129fb8c5b194e129370cd30313884b4a60872254a10772fe595"); + + pkInfo = (ECPublicKeyParameters)PublicKeyFactory.CreateKey(pub512); + if (pkInfo.IsPrivate) + { + return new SimpleTestResult(false, "isPrivate should be true"); + } + + if (!Arrays.AreEqual( + pkInfo.Q.GetEncoded(true), + Hex.Decode("0254fe9e19068e35d6cfde242ff671e7de7875322d5ecdaa2eee4a86e05372359d822a0dc11e3d2a85e8f9803c0ecf94a4e3d76605dec9c770188aee9226c2cc43"))) + { + return new SimpleTestResult(false, "Q does not match"); + } + + if (!((ECGost3410Parameters)pkInfo.Parameters).PublicKeyParamSet.ToString().Equals("1.2.643.7.1.2.1.2.1")) + { + return new SimpleTestResult(false, "PublicKeyParamSet does not match"); + } + + if (!((ECGost3410Parameters)pkInfo.Parameters).DigestParamSet.ToString().Equals("1.2.643.7.1.1.2.3")) + { + return new SimpleTestResult(false, "DigestParamSet does not match"); + } + + if (((ECGost3410Parameters)pkInfo.Parameters).EncryptionParamSet != null) + { + return new SimpleTestResult(false, "EncryptionParamSet is not null"); + } + + return new SimpleTestResult(true, null); + } + + private SimpleTestResult DecodeJCEPrivate() + { + byte[] priv256 = Hex.Decode("304a020100302106082a85030701010101301506092a850307010201010106082a8503070101020204220420fe75ba328d5439ed4859e6dc7e6ca2e9aab0818f094eddeb0d57d1c16a90762b"); + ECPrivateKeyParameters pkInfo = (ECPrivateKeyParameters)PrivateKeyFactory.CreateKey(priv256); + + if (!pkInfo.IsPrivate) + { + return new SimpleTestResult(false, "isPrivate should be true"); + } + + if (!Arrays.AreEqual( + Hex.Decode("2b76906ac1d1570debdd4e098f81b0aae9a26c7edce65948ed39548d32ba75fe"), + pkInfo.D.ToByteArray())) + { + return new SimpleTestResult(false, "D does not match"); + } + + if (!((ECGost3410Parameters)pkInfo.Parameters).PublicKeyParamSet.ToString().Equals("1.2.643.7.1.2.1.1.1")) + { + return new SimpleTestResult(false, "PublicKeyParamSet does not match"); + } + + if (!((ECGost3410Parameters)pkInfo.Parameters).DigestParamSet.ToString().Equals("1.2.643.7.1.1.2.2")) + { + return new SimpleTestResult(false, "DigestParamSet does not match"); + } + + if (((ECGost3410Parameters)pkInfo.Parameters).EncryptionParamSet != null) + { + return new SimpleTestResult(false, "EncryptionParamSet is not null"); + } + + + byte[] priv512 = Hex.Decode("306a020100302106082a85030701010102301506092a850307010201020106082a85030701010203044204402fc35576152f6e873236608b592b4b98d0793bf5184f8dc4a99512be703716991a96061ef46aceeae5319b5c69e6fcbfa7e339207878597ce50f9b7cbf857ff1"); + + pkInfo = (ECPrivateKeyParameters)PrivateKeyFactory.CreateKey(priv512); + + if (!pkInfo.IsPrivate) + { + return new SimpleTestResult(false, "isPrivate should be true"); + } + + if (!Arrays.AreEqual( + Hex.Decode("00f17f85bf7c9b0fe57c5978782039e3a7bffce6695c9b31e5eace6af41e06961a99163770be1295a9c48d4f18f53b79d0984b2b598b603632876e2f157655c32f"), + pkInfo.D.ToByteArray())) + { + return new SimpleTestResult(false, "D does not match"); + } + + if (!((ECGost3410Parameters)pkInfo.Parameters).PublicKeyParamSet.ToString().Equals("1.2.643.7.1.2.1.2.1")) + { + return new SimpleTestResult(false, "PublicKeyParamSet does not match"); + } + + if (!((ECGost3410Parameters)pkInfo.Parameters).DigestParamSet.ToString().Equals("1.2.643.7.1.1.2.3")) + { + return new SimpleTestResult(false, "DigestParamSet does not match"); + } + + if (((ECGost3410Parameters)pkInfo.Parameters).EncryptionParamSet != null) + { + return new SimpleTestResult(false, "EncryptionParamSet is not null"); + } + + return new SimpleTestResult(true, null); + } + + public SimpleTestResult EncodeDecodePrivateLW(string oidStr, DerObjectIdentifier digest) + { + DerObjectIdentifier oid = ECGost3410NamedCurves.GetOid(oidStr); + ECNamedDomainParameters ecp = new ECNamedDomainParameters(oid, ECGost3410NamedCurves.GetByOidX9(oid)); + ECGost3410Parameters gostParams = new ECGost3410Parameters(ecp, oid, digest, null); + ECKeyGenerationParameters parameters = new ECKeyGenerationParameters(gostParams, new SecureRandom()); + ECKeyPairGenerator engine = new ECKeyPairGenerator(); + engine.Init(parameters); + AsymmetricCipherKeyPair pair = engine.GenerateKeyPair(); + + ECPrivateKeyParameters generatedKeyParameters = (ECPrivateKeyParameters)pair.Private; + + PrivateKeyInfo info = PrivateKeyInfoFactory.CreatePrivateKeyInfo(generatedKeyParameters); + + ECPrivateKeyParameters recoveredKeyParameters = (ECPrivateKeyParameters)PrivateKeyFactory.CreateKey(info); + + { + // Specifically cast and test gost parameters. + ECGost3410Parameters gParam = (ECGost3410Parameters)generatedKeyParameters.Parameters; + ECGost3410Parameters rParam = (ECGost3410Parameters)recoveredKeyParameters.Parameters; + + bool ok = SafeEquals(gParam.DigestParamSet, rParam.DigestParamSet) && + SafeEquals(gParam.EncryptionParamSet, rParam.EncryptionParamSet) && + SafeEquals(gParam.PublicKeyParamSet, rParam.PublicKeyParamSet); + + if (!ok) + { + return new SimpleTestResult(false, "GOST parameters does not match"); + } + } + + if (recoveredKeyParameters.IsPrivate != generatedKeyParameters.IsPrivate) + { + return new SimpleTestResult(false, "isPrivate does not match"); + } + + if (!((ECGost3410Parameters)recoveredKeyParameters.Parameters).Name.Equals( + ((ECGost3410Parameters)generatedKeyParameters.Parameters).Name)) + { + return new SimpleTestResult(false, "Name does not match"); + } + + + if (!recoveredKeyParameters.D.Equals(generatedKeyParameters.D)) + { + return new SimpleTestResult(false, "D does not match"); + } + + if (!recoveredKeyParameters.Parameters.Curve.Equals(generatedKeyParameters.Parameters.Curve)) + { + return new SimpleTestResult(false, "Curve does not match"); + } + + if (!Arrays.AreEqual( + recoveredKeyParameters.Parameters.G.GetEncoded(true), + generatedKeyParameters.Parameters.G.GetEncoded(true))) + { + return new SimpleTestResult(false, "G does not match"); + } + + if (!recoveredKeyParameters.Parameters.H.Equals(generatedKeyParameters.Parameters.H)) + { + return new SimpleTestResult(false, "H does not match"); + } + + if (!recoveredKeyParameters.Parameters.HInv.Equals(generatedKeyParameters.Parameters.HInv)) + { + return new SimpleTestResult(false, "Hinv does not match"); + } + + if (!recoveredKeyParameters.Parameters.N.Equals(generatedKeyParameters.Parameters.N)) + { + return new SimpleTestResult(false, "N does not match"); + } + + if (!Arrays.AreEqual(recoveredKeyParameters.Parameters.GetSeed(), generatedKeyParameters.Parameters.GetSeed())) + { + return new SimpleTestResult(false, "Seed does not match"); + } + + return new SimpleTestResult(true, null); + } + + public SimpleTestResult EncodeDecodePublicLW(string oidStr, DerObjectIdentifier digest) + { + DerObjectIdentifier oid = ECGost3410NamedCurves.GetOid(oidStr); + ECNamedDomainParameters ecp = new ECNamedDomainParameters(oid, ECGost3410NamedCurves.GetByOidX9(oid)); + ECGost3410Parameters gostParams = new ECGost3410Parameters(ecp, oid, digest, null); + ECKeyGenerationParameters parameters = new ECKeyGenerationParameters(gostParams, new SecureRandom()); + ECKeyPairGenerator engine = new ECKeyPairGenerator(); + engine.Init(parameters); + AsymmetricCipherKeyPair pair = engine.GenerateKeyPair(); + ECPublicKeyParameters generatedKeyParameters = (ECPublicKeyParameters)pair.Public; + + SubjectPublicKeyInfo info = SubjectPublicKeyInfoFactory.CreateSubjectPublicKeyInfo(generatedKeyParameters); + + ECPublicKeyParameters recoveredKeyParameters = (ECPublicKeyParameters)PublicKeyFactory.CreateKey(info); + + { + // Specifically cast and test gost parameters. + ECGost3410Parameters gParam = (ECGost3410Parameters)generatedKeyParameters.Parameters; + ECGost3410Parameters rParam = (ECGost3410Parameters)recoveredKeyParameters.Parameters; + + bool ok = SafeEquals(gParam.DigestParamSet, rParam.DigestParamSet) + && SafeEquals(gParam.EncryptionParamSet, rParam.EncryptionParamSet) + && SafeEquals(gParam.PublicKeyParamSet, rParam.PublicKeyParamSet); + + if (!ok) + { + return new SimpleTestResult(false, "GOST parameters does not match"); + } + } + + if (!((ECGost3410Parameters)recoveredKeyParameters.Parameters).Name.Equals( + ((ECGost3410Parameters)generatedKeyParameters.Parameters).Name)) + { + return new SimpleTestResult(false, "Name does not match"); + } + + if (recoveredKeyParameters.IsPrivate != generatedKeyParameters.IsPrivate) + { + return new SimpleTestResult(false, "isPrivate does not match"); + } + + if (!Arrays.AreEqual( + recoveredKeyParameters.Q.GetEncoded(true), + generatedKeyParameters.Q.GetEncoded(true))) + { + return new SimpleTestResult(false, "Q does not match"); + } + + if (!recoveredKeyParameters.Parameters.Curve.Equals(generatedKeyParameters.Parameters.Curve)) + { + return new SimpleTestResult(false, "Curve does not match"); + } + + if (!Arrays.AreEqual( + recoveredKeyParameters.Parameters.G.GetEncoded(true), + generatedKeyParameters.Parameters.G.GetEncoded(true))) + { + return new SimpleTestResult(false, "G does not match"); + } + + if (!recoveredKeyParameters.Parameters.H.Equals(generatedKeyParameters.Parameters.H)) + { + return new SimpleTestResult(false, "H does not match"); + } + + if (!recoveredKeyParameters.Parameters.HInv.Equals(generatedKeyParameters.Parameters.HInv)) + { + return new SimpleTestResult(false, "Hinv does not match"); + } + + if (!recoveredKeyParameters.Parameters.N.Equals(generatedKeyParameters.Parameters.N)) + { + return new SimpleTestResult(false, "N does not match"); + } + + if (!Arrays.AreEqual(recoveredKeyParameters.Parameters.GetSeed(), generatedKeyParameters.Parameters.GetSeed())) + { + return new SimpleTestResult(false, "Seed does not match"); + } + + return new SimpleTestResult(true, null); + } + + [Test] + public override void PerformTest() + { + SimpleTestResult str = EncodeDecodePublicLW("Tc26-Gost-3410-12-512-paramSetA", RosstandartObjectIdentifiers.id_tc26_gost_3411_12_512); + if (!str.IsSuccessful()) + { + Fail(str.ToString(), str.GetException()); + } + + str = EncodeDecodePrivateLW("Tc26-Gost-3410-12-512-paramSetA", RosstandartObjectIdentifiers.id_tc26_gost_3411_12_512); + if (!str.IsSuccessful()) + { + Fail(str.ToString(), str.GetException()); + } + + str = EncodeDecodePublicLW("Tc26-Gost-3410-12-256-paramSetA", RosstandartObjectIdentifiers.id_tc26_gost_3411_12_256); + if (!str.IsSuccessful()) + { + Fail(str.ToString(), str.GetException()); + } + + str = EncodeDecodePrivateLW("Tc26-Gost-3410-12-256-paramSetA", RosstandartObjectIdentifiers.id_tc26_gost_3411_12_256); + if (!str.IsSuccessful()) + { + Fail(str.ToString(), str.GetException()); + } + + str = DecodeJCEPrivate(); + if (!str.IsSuccessful()) + { + Fail(str.ToString(), str.GetException()); + } + + str = DecodeJCEPublic(); + if (!str.IsSuccessful()) + { + Fail(str.ToString(), str.GetException()); + } + + str = EncodeRecodePrivateKey(); + if (!str.IsSuccessful()) + { + Fail(str.ToString(), str.GetException()); + } + + str = EncodeRecodePublicKey(); + if (!str.IsSuccessful()) + { + Fail(str.ToString(), str.GetException()); + } + } + + private bool SafeEquals(object left, object right) + { + if (left == null || right == null) + { + return left == null && right == null; + } + + return left.Equals(right); + } + } +} diff --git a/BouncyCastle/crypto/test/src/crypto/test/ECIESTest.cs b/BouncyCastle/crypto/test/src/crypto/test/ECIESTest.cs new file mode 100644 index 0000000..1e2e8f7 --- /dev/null +++ b/BouncyCastle/crypto/test/src/crypto/test/ECIESTest.cs @@ -0,0 +1,252 @@ +using System; + +using NUnit.Framework; + +using Org.BouncyCastle.Crypto; +using Org.BouncyCastle.Crypto.Agreement; +using Org.BouncyCastle.Crypto.Digests; +using Org.BouncyCastle.Crypto.Encodings; +using Org.BouncyCastle.Crypto.Engines; +using Org.BouncyCastle.Crypto.Generators; +using Org.BouncyCastle.Crypto.Macs; +using Org.BouncyCastle.Crypto.Modes; +using Org.BouncyCastle.Crypto.Paddings; +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Crypto.Signers; +using Org.BouncyCastle.Math; +using Org.BouncyCastle.Math.EC; +using Org.BouncyCastle.Security; +using Org.BouncyCastle.Utilities.Encoders; +using Org.BouncyCastle.Utilities.Test; + +namespace Org.BouncyCastle.Crypto.Tests +{ + /// Test for ECIES - Elliptic Curve Integrated Encryption Scheme + [TestFixture] + public class EcIesTest + : SimpleTest + { + public EcIesTest() + { + } + + public override string Name + { + get { return "ECIES"; } + } + + private void StaticTest() + { + BigInteger n = new BigInteger("6277101735386680763835789423176059013767194773182842284081"); + + FpCurve curve = new FpCurve( + new BigInteger("6277101735386680763835789423207666416083908700390324961279"), // q + new BigInteger("fffffffffffffffffffffffffffffffefffffffffffffffc", 16), // a + new BigInteger("64210519e59c80e70fa7e9ab72243049feb8deecc146b9b1", 16), // b + n, BigInteger.One); + + ECDomainParameters parameters = new ECDomainParameters( + curve, + curve.DecodePoint(Hex.Decode("03188da80eb03090f67cbf20eb43a18800f4ff0afd82ff1012")), // G + n, BigInteger.One); + + ECPrivateKeyParameters priKey = new ECPrivateKeyParameters( + "ECDH", + new BigInteger("651056770906015076056810763456358567190100156695615665659"), // d + parameters); + + ECPublicKeyParameters pubKey = new ECPublicKeyParameters( + "ECDH", + curve.DecodePoint(Hex.Decode("0262b12d60690cdcf330babab6e69763b471f994dd702d16a5")), // Q + parameters); + + AsymmetricCipherKeyPair p1 = new AsymmetricCipherKeyPair(pubKey, priKey); + AsymmetricCipherKeyPair p2 = new AsymmetricCipherKeyPair(pubKey, priKey); + + // + // stream test + // + IesEngine i1 = new IesEngine( + new ECDHBasicAgreement(), + new Kdf2BytesGenerator(new Sha1Digest()), + new HMac(new Sha1Digest())); + IesEngine i2 = new IesEngine( + new ECDHBasicAgreement(), + new Kdf2BytesGenerator(new Sha1Digest()), + new HMac(new Sha1Digest())); + byte[] d = new byte[] { 1, 2, 3, 4, 5, 6, 7, 8 }; + byte[] e = new byte[] { 8, 7, 6, 5, 4, 3, 2, 1 }; + IesParameters p = new IesParameters(d, e, 64); + + i1.Init(true, p1.Private, p2.Public, p); + i2.Init(false, p2.Private, p1.Public, p); + + byte[] message = Hex.Decode("1234567890abcdef"); + + byte[] out1 = i1.ProcessBlock(message, 0, message.Length); + + if (!AreEqual(out1, Hex.Decode("468d89877e8238802403ec4cb6b329faeccfa6f3a730f2cdb3c0a8e8"))) + { + Fail("stream cipher test failed on enc"); + } + + byte[] out2 = i2.ProcessBlock(out1, 0, out1.Length); + + if (!AreEqual(out2, message)) + { + Fail("stream cipher test failed"); + } + + // + // twofish with CBC + // + BufferedBlockCipher c1 = new PaddedBufferedBlockCipher( + new CbcBlockCipher(new TwofishEngine())); + BufferedBlockCipher c2 = new PaddedBufferedBlockCipher( + new CbcBlockCipher(new TwofishEngine())); + i1 = new IesEngine( + new ECDHBasicAgreement(), + new Kdf2BytesGenerator(new Sha1Digest()), + new HMac(new Sha1Digest()), + c1); + i2 = new IesEngine( + new ECDHBasicAgreement(), + new Kdf2BytesGenerator(new Sha1Digest()), + new HMac(new Sha1Digest()), + c2); + d = new byte[] { 1, 2, 3, 4, 5, 6, 7, 8 }; + e = new byte[] { 8, 7, 6, 5, 4, 3, 2, 1 }; + p = new IesWithCipherParameters(d, e, 64, 128); + + i1.Init(true, p1.Private, p2.Public, p); + i2.Init(false, p2.Private, p1.Public, p); + + message = Hex.Decode("1234567890abcdef"); + + out1 = i1.ProcessBlock(message, 0, message.Length); + + if (!AreEqual(out1, Hex.Decode("b8a06ea5c2b9df28b58a0a90a734cde8c9c02903e5c220021fe4417410d1e53a32a71696"))) + { + Fail("twofish cipher test failed on enc"); + } + + out2 = i2.ProcessBlock(out1, 0, out1.Length); + + if (!AreEqual(out2, message)) + { + Fail("twofish cipher test failed"); + } + } + + private void DoTest( + AsymmetricCipherKeyPair p1, + AsymmetricCipherKeyPair p2) + { + // + // stream test + // + IesEngine i1 = new IesEngine( + new ECDHBasicAgreement(), + new Kdf2BytesGenerator(new Sha1Digest()), + new HMac(new Sha1Digest())); + IesEngine i2 = new IesEngine( + new ECDHBasicAgreement(), + new Kdf2BytesGenerator(new Sha1Digest()), + new HMac(new Sha1Digest())); + byte[] d = new byte[] { 1, 2, 3, 4, 5, 6, 7, 8 }; + byte[] e = new byte[] { 8, 7, 6, 5, 4, 3, 2, 1 }; + IesParameters p = new IesParameters(d, e, 64); + + i1.Init(true, p1.Private, p2.Public, p); + i2.Init(false, p2.Private, p1.Public, p); + + byte[] message = Hex.Decode("1234567890abcdef"); + + byte[] out1 = i1.ProcessBlock(message, 0, message.Length); + + byte[] out2 = i2.ProcessBlock(out1, 0, out1.Length); + + if (!AreEqual(out2, message)) + { + Fail("stream cipher test failed"); + } + + // + // twofish with CBC + // + BufferedBlockCipher c1 = new PaddedBufferedBlockCipher( + new CbcBlockCipher(new TwofishEngine())); + BufferedBlockCipher c2 = new PaddedBufferedBlockCipher( + new CbcBlockCipher(new TwofishEngine())); + i1 = new IesEngine( + new ECDHBasicAgreement(), + new Kdf2BytesGenerator(new Sha1Digest()), + new HMac(new Sha1Digest()), + c1); + i2 = new IesEngine( + new ECDHBasicAgreement(), + new Kdf2BytesGenerator(new Sha1Digest()), + new HMac(new Sha1Digest()), + c2); + d = new byte[] { 1, 2, 3, 4, 5, 6, 7, 8 }; + e = new byte[] { 8, 7, 6, 5, 4, 3, 2, 1 }; + p = new IesWithCipherParameters(d, e, 64, 128); + + i1.Init(true, p1.Private, p2.Public, p); + i2.Init(false, p2.Private, p1.Public, p); + + message = Hex.Decode("1234567890abcdef"); + + out1 = i1.ProcessBlock(message, 0, message.Length); + + out2 = i2.ProcessBlock(out1, 0, out1.Length); + + if (!AreEqual(out2, message)) + { + Fail("twofish cipher test failed"); + } + } + + public override void PerformTest() + { + StaticTest(); + + BigInteger n = new BigInteger("6277101735386680763835789423176059013767194773182842284081"); + + FpCurve curve = new FpCurve( + new BigInteger("6277101735386680763835789423207666416083908700390324961279"), // q + new BigInteger("fffffffffffffffffffffffffffffffefffffffffffffffc", 16), // a + new BigInteger("64210519e59c80e70fa7e9ab72243049feb8deecc146b9b1", 16), // b + n, BigInteger.One); + + ECDomainParameters parameters = new ECDomainParameters( + curve, + curve.DecodePoint(Hex.Decode("03188da80eb03090f67cbf20eb43a18800f4ff0afd82ff1012")), // G + n, BigInteger.One); + + ECKeyPairGenerator eGen = new ECKeyPairGenerator(); + KeyGenerationParameters gParam = new ECKeyGenerationParameters(parameters, new SecureRandom()); + + eGen.Init(gParam); + + AsymmetricCipherKeyPair p1 = eGen.GenerateKeyPair(); + AsymmetricCipherKeyPair p2 = eGen.GenerateKeyPair(); + + DoTest(p1, p2); + } + + public static void Main( + string[] args) + { + RunTest(new EcIesTest()); + } + + [Test] + public void TestFunction() + { + string resultText = Perform().ToString(); + + Assert.AreEqual(Name + ": Okay", resultText); + } + } +} diff --git a/BouncyCastle/crypto/test/src/crypto/test/ECNRTest.cs b/BouncyCastle/crypto/test/src/crypto/test/ECNRTest.cs new file mode 100644 index 0000000..1ab6754 --- /dev/null +++ b/BouncyCastle/crypto/test/src/crypto/test/ECNRTest.cs @@ -0,0 +1,118 @@ +using System; + +using NUnit.Framework; + +using Org.BouncyCastle.Crypto; +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Crypto.Signers; +using Org.BouncyCastle.Math; +using Org.BouncyCastle.Math.EC; +using Org.BouncyCastle.Security; +using Org.BouncyCastle.Utilities; +using Org.BouncyCastle.Utilities.Encoders; +using Org.BouncyCastle.Utilities.Test; + +namespace Org.BouncyCastle.Crypto.Tests +{ + /** + * ECNR tests. + */ + [TestFixture] + public class EcNrTest + : SimpleTest + { + /** + * a basic regression test with 239 bit prime + */ + BigInteger r = new BigInteger("308636143175167811492623515537541734843573549327605293463169625072911693"); + BigInteger s = new BigInteger("852401710738814635664888632022555967400445256405412579597015412971797143"); + + byte[] kData = BigIntegers.AsUnsignedByteArray(new BigInteger("700000017569056646655505781757157107570501575775705779575555657156756655")); + + private readonly SecureRandom k; + + public EcNrTest() + { + k = FixedSecureRandom.From(kData); + } + + private void ecNR239bitPrime() + { + BigInteger n = new BigInteger("883423532389192164791648750360308884807550341691627752275345424702807307"); + + FpCurve curve = new FpCurve( + new BigInteger("883423532389192164791648750360308885314476597252960362792450860609699839"), // q + new BigInteger("7fffffffffffffffffffffff7fffffffffff8000000000007ffffffffffc", 16), // a + new BigInteger("6b016c3bdcf18941d0d654921475ca71a9db2fb27d1d37796185c2942c0a", 16), // b + n, BigInteger.One); + + ECDomainParameters parameters = new ECDomainParameters( + curve, + curve.DecodePoint(Hex.Decode("020ffa963cdca8816ccc33b8642bedf905c3d358573d3f27fbbd3b3cb9aaaf")), // G + n, BigInteger.One); + + ECPrivateKeyParameters priKey = new ECPrivateKeyParameters( + new BigInteger("876300101507107567501066130761671078357010671067781776716671676178726717"), // d + parameters); + + ECNRSigner ecnr = new ECNRSigner(); + ParametersWithRandom param = new ParametersWithRandom(priKey, k); + + ecnr.Init(true, param); + + byte[] message = new BigInteger("968236873715988614170569073515315707566766479517").ToByteArray(); + BigInteger[] sig = ecnr.GenerateSignature(message); + + if (!r.Equals(sig[0])) + { + Fail("r component wrong.", r, sig[0]); + } + + if (!s.Equals(sig[1])) + { + Fail("s component wrong.", s, sig[1]); + } + + // Verify the signature + ECPublicKeyParameters pubKey = new ECPublicKeyParameters( + curve.DecodePoint(Hex.Decode("025b6dc53bc61a2548ffb0f671472de6c9521a9d2d2534e65abfcbd5fe0c70")), // Q + parameters); + + ecnr.Init(false, pubKey); + if (!ecnr.VerifySignature(message, sig[0], sig[1])) + { + Fail("signature fails"); + } + } + + public override string Name + { + get + { + return "ECNR"; + } + } + + public override void PerformTest() + { + ecNR239bitPrime(); + } + + public static void Main( + string[] args) + { + EcNrTest test = new EcNrTest(); + ITestResult result = test.Perform(); + + Console.WriteLine(result); + } + + [Test] + public void TestFunction() + { + string resultText = Perform().ToString(); + + Assert.AreEqual(Name + ": Okay", resultText); + } + } +} diff --git a/BouncyCastle/crypto/test/src/crypto/test/ECTest.cs b/BouncyCastle/crypto/test/src/crypto/test/ECTest.cs new file mode 100644 index 0000000..7dc847e --- /dev/null +++ b/BouncyCastle/crypto/test/src/crypto/test/ECTest.cs @@ -0,0 +1,959 @@ +using System; + +using NUnit.Framework; + +using Org.BouncyCastle.Asn1.Nist; +using Org.BouncyCastle.Asn1.Sec; +using Org.BouncyCastle.Asn1.X9; +using Org.BouncyCastle.Crypto.EC; +using Org.BouncyCastle.Math; +using Org.BouncyCastle.Math.EC; +using Org.BouncyCastle.Security; +using Org.BouncyCastle.Crypto; +using Org.BouncyCastle.Crypto.Agreement; +using Org.BouncyCastle.Crypto.Generators; +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Crypto.Signers; +using Org.BouncyCastle.Utilities; +using Org.BouncyCastle.Utilities.Encoders; +using Org.BouncyCastle.Utilities.Test; + +namespace Org.BouncyCastle.Crypto.Tests +{ + /** + * ECDSA tests are taken from X9.62. + */ + [TestFixture] + public class ECTest + : SimpleTest + { + /** + * X9.62 - 1998,
    + * J.3.1, Page 152, ECDSA over the field Fp
    + * an example with 192 bit prime + */ + [Test] + public void TestECDsa192bitPrime() + { + BigInteger r = new BigInteger("3342403536405981729393488334694600415596881826869351677613"); + BigInteger s = new BigInteger("5735822328888155254683894997897571951568553642892029982342"); + + byte[] kData = BigIntegers.AsUnsignedByteArray(new BigInteger("6140507067065001063065065565667405560006161556565665656654")); + + SecureRandom k = FixedSecureRandom.From(kData); + + BigInteger n = new BigInteger("6277101735386680763835789423176059013767194773182842284081"); + + FpCurve curve = new FpCurve( + new BigInteger("6277101735386680763835789423207666416083908700390324961279"), // q + new BigInteger("fffffffffffffffffffffffffffffffefffffffffffffffc", 16), // a + new BigInteger("64210519e59c80e70fa7e9ab72243049feb8deecc146b9b1", 16), // b + n, BigInteger.One); + + ECDomainParameters parameters = new ECDomainParameters( + curve, + curve.DecodePoint(Hex.Decode("03188da80eb03090f67cbf20eb43a18800f4ff0afd82ff1012")), // G + n, BigInteger.One); + + ECPrivateKeyParameters priKey = new ECPrivateKeyParameters( + "ECDSA", + new BigInteger("651056770906015076056810763456358567190100156695615665659"), // d + parameters); + + ParametersWithRandom param = new ParametersWithRandom(priKey, k); + + ECDsaSigner ecdsa = new ECDsaSigner(); + + ecdsa.Init(true, param); + + byte[] message = new BigInteger("968236873715988614170569073515315707566766479517").ToByteArray(); + BigInteger[] sig = ecdsa.GenerateSignature(message); + + if (!r.Equals(sig[0])) + { + Fail("r component wrong." + SimpleTest.NewLine + + " expecting: " + r + SimpleTest.NewLine + + " got : " + sig[0]); + } + + if (!s.Equals(sig[1])) + { + Fail("s component wrong." + SimpleTest.NewLine + + " expecting: " + s + SimpleTest.NewLine + + " got : " + sig[1]); + } + + // Verify the signature + ECPublicKeyParameters pubKey = new ECPublicKeyParameters( + "ECDSA", + curve.DecodePoint(Hex.Decode("0262b12d60690cdcf330babab6e69763b471f994dd702d16a5")), // Q + parameters); + + ecdsa.Init(false, pubKey); + if (!ecdsa.VerifySignature(message, sig[0], sig[1])) + { + Fail("verification fails"); + } + } + + [Test] + public void TestDecode() + { + X9ECParameters x9 = ECNamedCurveTable.GetByName("prime192v1"); + ECPoint p = x9.G; + + if (!p.AffineXCoord.ToBigInteger().Equals(new BigInteger("188da80eb03090f67cbf20eb43a18800f4ff0afd82ff1012", 16))) + { + Fail("x uncompressed incorrectly"); + } + + if (!p.AffineYCoord.ToBigInteger().Equals(new BigInteger("7192b95ffc8da78631011ed6b24cdd573f977a11e794811", 16))) + { + Fail("y uncompressed incorrectly"); + } + + byte[] encoding = p.GetEncoded(true); + + if (!AreEqual(encoding, Hex.Decode("03188da80eb03090f67cbf20eb43a18800f4ff0afd82ff1012"))) + { + Fail("point compressed incorrectly"); + } + } + + /** + * X9.62 - 1998,
    + * J.3.2, Page 155, ECDSA over the field Fp
    + * an example with 239 bit prime + */ + [Test] + public void TestECDsa239bitPrime() + { + BigInteger r = new BigInteger("308636143175167811492622547300668018854959378758531778147462058306432176"); + BigInteger s = new BigInteger("323813553209797357708078776831250505931891051755007842781978505179448783"); + + byte[] kData = BigIntegers.AsUnsignedByteArray(new BigInteger("700000017569056646655505781757157107570501575775705779575555657156756655")); + + SecureRandom k = FixedSecureRandom.From(kData); + + BigInteger n = new BigInteger("883423532389192164791648750360308884807550341691627752275345424702807307"); + + FpCurve curve = new FpCurve( + new BigInteger("883423532389192164791648750360308885314476597252960362792450860609699839"), // q + new BigInteger("7fffffffffffffffffffffff7fffffffffff8000000000007ffffffffffc", 16), // a + new BigInteger("6b016c3bdcf18941d0d654921475ca71a9db2fb27d1d37796185c2942c0a", 16), // b + n, BigInteger.One); + + ECDomainParameters parameters = new ECDomainParameters( + curve, + curve.DecodePoint(Hex.Decode("020ffa963cdca8816ccc33b8642bedf905c3d358573d3f27fbbd3b3cb9aaaf")), // G + n, BigInteger.One); + + ECPrivateKeyParameters priKey = new ECPrivateKeyParameters( + "ECDSA", + new BigInteger("876300101507107567501066130761671078357010671067781776716671676178726717"), // d + parameters); + + ECDsaSigner ecdsa = new ECDsaSigner(); + ParametersWithRandom param = new ParametersWithRandom(priKey, k); + + ecdsa.Init(true, param); + + byte[] message = new BigInteger("968236873715988614170569073515315707566766479517").ToByteArray(); + BigInteger[] sig = ecdsa.GenerateSignature(message); + + if (!r.Equals(sig[0])) + { + Fail("r component wrong." + SimpleTest.NewLine + + " expecting: " + r + SimpleTest.NewLine + + " got : " + sig[0]); + } + + if (!s.Equals(sig[1])) + { + Fail("s component wrong." + SimpleTest.NewLine + + " expecting: " + s + SimpleTest.NewLine + + " got : " + sig[1]); + } + + // Verify the signature + ECPublicKeyParameters pubKey = new ECPublicKeyParameters( + "ECDSA", + curve.DecodePoint(Hex.Decode("025b6dc53bc61a2548ffb0f671472de6c9521a9d2d2534e65abfcbd5fe0c70")), // Q + parameters); + + ecdsa.Init(false, pubKey); + if (!ecdsa.VerifySignature(message, sig[0], sig[1])) + { + Fail("signature fails"); + } + } + + + /** + * X9.62 - 1998,
    + * J.2.1, Page 100, ECDSA over the field F2m
    + * an example with 191 bit binary field + */ + [Test] + public void TestECDsa191bitBinary() + { + BigInteger r = new BigInteger("87194383164871543355722284926904419997237591535066528048"); + BigInteger s = new BigInteger("308992691965804947361541664549085895292153777025772063598"); + + byte[] kData = BigIntegers.AsUnsignedByteArray(new BigInteger("1542725565216523985789236956265265265235675811949404040041")); + + SecureRandom k = FixedSecureRandom.From(kData); + + F2mCurve curve = new F2mCurve( + 191, // m + 9, //k + new BigInteger("2866537B676752636A68F56554E12640276B649EF7526267", 16), // a + new BigInteger("2E45EF571F00786F67B0081B9495A3D95462F5DE0AA185EC", 16)); // b + + ECDomainParameters parameters = new ECDomainParameters( + curve, + curve.DecodePoint(Hex.Decode("0436B3DAF8A23206F9C4F299D7B21A9C369137F2C84AE1AA0D765BE73433B3F95E332932E70EA245CA2418EA0EF98018FB")), // G + new BigInteger("1569275433846670190958947355803350458831205595451630533029"), // n + BigInteger.Two); // h + + ECPrivateKeyParameters priKey = new ECPrivateKeyParameters( + "ECDSA", + new BigInteger("1275552191113212300012030439187146164646146646466749494799"), // d + parameters); + + ECDsaSigner ecdsa = new ECDsaSigner(); + ParametersWithRandom param = new ParametersWithRandom(priKey, k); + + ecdsa.Init(true, param); + + byte[] message = new BigInteger("968236873715988614170569073515315707566766479517").ToByteArray(); + BigInteger[] sig = ecdsa.GenerateSignature(message); + + if (!r.Equals(sig[0])) + { + Fail("r component wrong." + SimpleTest.NewLine + + " expecting: " + r + SimpleTest.NewLine + + " got : " + sig[0]); + } + + if (!s.Equals(sig[1])) + { + Fail("s component wrong." + SimpleTest.NewLine + + " expecting: " + s + SimpleTest.NewLine + + " got : " + sig[1]); + } + + // Verify the signature + ECPublicKeyParameters pubKey = new ECPublicKeyParameters( + "ECDSA", + curve.DecodePoint(Hex.Decode("045DE37E756BD55D72E3768CB396FFEB962614DEA4CE28A2E755C0E0E02F5FB132CAF416EF85B229BBB8E1352003125BA1")), // Q + parameters); + + ecdsa.Init(false, pubKey); + if (!ecdsa.VerifySignature(message, sig[0], sig[1])) + { + Fail("signature fails"); + } + } + + /** + * X9.62 - 1998,
    + * J.2.1, Page 100, ECDSA over the field F2m
    + * an example with 191 bit binary field + */ + [Test] + public void TestECDsa239bitBinary() + { + BigInteger r = new BigInteger("21596333210419611985018340039034612628818151486841789642455876922391552"); + BigInteger s = new BigInteger("197030374000731686738334997654997227052849804072198819102649413465737174"); + + byte[] kData = BigIntegers.AsUnsignedByteArray(new BigInteger("171278725565216523967285789236956265265265235675811949404040041670216363")); + + SecureRandom k = FixedSecureRandom.From(kData); + + F2mCurve curve = new F2mCurve( + 239, // m + 36, //k + new BigInteger("32010857077C5431123A46B808906756F543423E8D27877578125778AC76", 16), // a + new BigInteger("790408F2EEDAF392B012EDEFB3392F30F4327C0CA3F31FC383C422AA8C16", 16)); // b + + ECDomainParameters parameters = new ECDomainParameters( + curve, + curve.DecodePoint(Hex.Decode("0457927098FA932E7C0A96D3FD5B706EF7E5F5C156E16B7E7C86038552E91D61D8EE5077C33FECF6F1A16B268DE469C3C7744EA9A971649FC7A9616305")), // G + new BigInteger("220855883097298041197912187592864814557886993776713230936715041207411783"), // n + BigInteger.ValueOf(4)); // h + + ECPrivateKeyParameters priKey = new ECPrivateKeyParameters( + "ECDSA", + new BigInteger("145642755521911534651321230007534120304391871461646461466464667494947990"), // d + parameters); + + ECDsaSigner ecdsa = new ECDsaSigner(); + ParametersWithRandom param = new ParametersWithRandom(priKey, k); + + ecdsa.Init(true, param); + + byte[] message = new BigInteger("968236873715988614170569073515315707566766479517").ToByteArray(); + BigInteger[] sig = ecdsa.GenerateSignature(message); + + if (!r.Equals(sig[0])) + { + Fail("r component wrong." + SimpleTest.NewLine + + " expecting: " + r + SimpleTest.NewLine + + " got : " + sig[0]); + } + + if (!s.Equals(sig[1])) + { + Fail("s component wrong." + SimpleTest.NewLine + + " expecting: " + s + SimpleTest.NewLine + + " got : " + sig[1]); + } + + // Verify the signature + ECPublicKeyParameters pubKey = new ECPublicKeyParameters( + "ECDSA", + curve.DecodePoint(Hex.Decode("045894609CCECF9A92533F630DE713A958E96C97CCB8F5ABB5A688A238DEED6DC2D9D0C94EBFB7D526BA6A61764175B99CB6011E2047F9F067293F57F5")), // Q + parameters); + + ecdsa.Init(false, pubKey); + if (!ecdsa.VerifySignature(message, sig[0], sig[1])) + { + Fail("signature fails"); + } + } + + // L 4.1 X9.62 2005 + [Test] + public void TestECDsaP224Sha224() + { + X9ECParameters p = NistNamedCurves.GetByName("P-224"); + ECDomainParameters parameters = new ECDomainParameters(p.Curve, p.G, p.N, p.H); + ECPrivateKeyParameters priKey = new ECPrivateKeyParameters( + new BigInteger("6081831502424510080126737029209236539191290354021104541805484120491"), // d + parameters); + SecureRandom k = FixedSecureRandom.From(BigIntegers.AsUnsignedByteArray(new BigInteger("15456715103636396133226117016818339719732885723579037388121116732601"))); + + byte[] M = Hex.Decode("8797A3C693CC292441039A4E6BAB7387F3B4F2A63D00ED384B378C79"); + + ECDsaSigner dsa = new ECDsaSigner(); + + dsa.Init(true, new ParametersWithRandom(priKey, k)); + + BigInteger[] sig = dsa.GenerateSignature(M); + + BigInteger r = new BigInteger("26477406756127720855365980332052585411804331993436302005017227573742"); + BigInteger s = new BigInteger("17694958233103667059888193972742186995283044672015112738919822429978"); + + if (!r.Equals(sig[0])) + { + Fail("r component wrong." + SimpleTest.NewLine + + " expecting: " + r + SimpleTest.NewLine + + " got : " + sig[0]); + } + + if (!s.Equals(sig[1])) + { + Fail("s component wrong." + SimpleTest.NewLine + + " expecting: " + s + SimpleTest.NewLine + + " got : " + sig[1]); + } + + // Verify the signature + ECPublicKeyParameters pubKey = new ECPublicKeyParameters( + parameters.Curve.DecodePoint(Hex.Decode("03FD44EC11F9D43D9D23B1E1D1C9ED6519B40ECF0C79F48CF476CC43F1")), // Q + parameters); + + dsa.Init(false, pubKey); + if (!dsa.VerifySignature(M, sig[0], sig[1])) + { + Fail("signature fails"); + } + } + + [Test] + public void TestECDsaSecP224k1Sha256() + { + X9ECParameters p = SecNamedCurves.GetByName("secp224k1"); + ECDomainParameters parameters = new ECDomainParameters(p.Curve, p.G, p.N, p.H); + ECPrivateKeyParameters priKey = new ECPrivateKeyParameters( + new BigInteger("BE6F6E91FE96840A6518B56F3FE21689903A64FA729057AB872A9F51", 16), // d + parameters); + SecureRandom k = FixedSecureRandom.From(Hex.Decode("00c39beac93db21c3266084429eb9b846b787c094f23a4de66447efbb3")); + + byte[] M = Hex.Decode("E5D5A7ADF73C5476FAEE93A2C76CE94DC0557DB04CDC189504779117920B896D"); + + ECDsaSigner dsa = new ECDsaSigner(); + + dsa.Init(true, new ParametersWithRandom(priKey, k)); + + BigInteger[] sig = dsa.GenerateSignature(M); + + BigInteger r = new BigInteger("8163E5941BED41DA441B33E653C632A55A110893133351E20CE7CB75", 16); + BigInteger s = new BigInteger("D12C3FC289DDD5F6890DCE26B65792C8C50E68BF551D617D47DF15A8", 16); + + if (!r.Equals(sig[0])) + { + Fail("r component wrong." + SimpleTest.NewLine + + " expecting: " + r + SimpleTest.NewLine + + " got : " + sig[0]); + } + + if (!s.Equals(sig[1])) + { + Fail("s component wrong." + SimpleTest.NewLine + + " expecting: " + s + SimpleTest.NewLine + + " got : " + sig[1]); + } + + // Verify the signature + ECPublicKeyParameters pubKey = new ECPublicKeyParameters( + parameters.Curve.DecodePoint(Hex.Decode("04C5C9B38D3603FCCD6994CBB9594E152B658721E483669BB42728520F484B537647EC816E58A8284D3B89DFEDB173AFDC214ECA95A836FA7C")), // Q + parameters); + + dsa.Init(false, pubKey); + if (!dsa.VerifySignature(M, sig[0], sig[1])) + { + Fail("signature fails"); + } + } + + // L4.2 X9.62 2005 + [Test] + public void TestECDsaP256Sha256() + { + X9ECParameters p = NistNamedCurves.GetByName("P-256"); + ECDomainParameters parameters = new ECDomainParameters(p.Curve, p.G, p.N, p.H); + ECPrivateKeyParameters priKey = new ECPrivateKeyParameters( + new BigInteger("20186677036482506117540275567393538695075300175221296989956723148347484984008"), // d + parameters); + SecureRandom k = FixedSecureRandom.From(BigIntegers.AsUnsignedByteArray(new BigInteger("72546832179840998877302529996971396893172522460793442785601695562409154906335"))); + + byte[] M = Hex.Decode("1BD4ED430B0F384B4E8D458EFF1A8A553286D7AC21CB2F6806172EF5F94A06AD"); + + ECDsaSigner dsa = new ECDsaSigner(); + + dsa.Init(true, new ParametersWithRandom(priKey, k)); + + BigInteger[] sig = dsa.GenerateSignature(M); + + BigInteger r = new BigInteger("97354732615802252173078420023658453040116611318111190383344590814578738210384"); + BigInteger s = new BigInteger("98506158880355671805367324764306888225238061309262649376965428126566081727535"); + + if (!r.Equals(sig[0])) + { + Fail("r component wrong." + SimpleTest.NewLine + + " expecting: " + r + SimpleTest.NewLine + + " got : " + sig[0]); + } + + if (!s.Equals(sig[1])) + { + Fail("s component wrong." + SimpleTest.NewLine + + " expecting: " + s + SimpleTest.NewLine + + " got : " + sig[1]); + } + + // Verify the signature + ECPublicKeyParameters pubKey = new ECPublicKeyParameters( + parameters.Curve.DecodePoint(Hex.Decode("03596375E6CE57E0F20294FC46BDFCFD19A39F8161B58695B3EC5B3D16427C274D")), // Q + parameters); + + dsa.Init(false, pubKey); + if (!dsa.VerifySignature(M, sig[0], sig[1])) + { + Fail("signature fails"); + } + } + + [Test] + public void TestECDsaP224OneByteOver() + { + X9ECParameters p = NistNamedCurves.GetByName("P-224"); + ECDomainParameters parameters = new ECDomainParameters(p.Curve, p.G, p.N, p.H); + ECPrivateKeyParameters priKey = new ECPrivateKeyParameters( + new BigInteger("6081831502424510080126737029209236539191290354021104541805484120491"), // d + parameters); + SecureRandom k = FixedSecureRandom.From(BigIntegers.AsUnsignedByteArray(new BigInteger("15456715103636396133226117016818339719732885723579037388121116732601"))); + + byte[] M = Hex.Decode("8797A3C693CC292441039A4E6BAB7387F3B4F2A63D00ED384B378C79FF"); + + ECDsaSigner dsa = new ECDsaSigner(); + + dsa.Init(true, new ParametersWithRandom(priKey, k)); + + BigInteger[] sig = dsa.GenerateSignature(M); + + BigInteger r = new BigInteger("26477406756127720855365980332052585411804331993436302005017227573742"); + BigInteger s = new BigInteger("17694958233103667059888193972742186995283044672015112738919822429978"); + + if (!r.Equals(sig[0])) + { + Fail("r component wrong." + SimpleTest.NewLine + + " expecting: " + r + SimpleTest.NewLine + + " got : " + sig[0]); + } + + if (!s.Equals(sig[1])) + { + Fail("s component wrong." + SimpleTest.NewLine + + " expecting: " + s + SimpleTest.NewLine + + " got : " + sig[1]); + } + + // Verify the signature + ECPublicKeyParameters pubKey = new ECPublicKeyParameters( + parameters.Curve.DecodePoint(Hex.Decode("03FD44EC11F9D43D9D23B1E1D1C9ED6519B40ECF0C79F48CF476CC43F1")), // Q + parameters); + + dsa.Init(false, pubKey); + if (!dsa.VerifySignature(M, sig[0], sig[1])) + { + Fail("signature fails"); + } + } + + // L4.3 X9.62 2005 + [Test] + public void TestECDsaP521Sha512() + { + X9ECParameters p = NistNamedCurves.GetByName("P-521"); + ECDomainParameters parameters = new ECDomainParameters(p.Curve, p.G, p.N, p.H); + ECPrivateKeyParameters priKey = new ECPrivateKeyParameters( + new BigInteger("617573726813476282316253885608633222275541026607493641741273231656161177732180358888434629562647985511298272498852936680947729040673640492310550142822667389"), // d + parameters); + SecureRandom k = FixedSecureRandom.From(BigIntegers.AsUnsignedByteArray(new BigInteger("6806532878215503520845109818432174847616958675335397773700324097584974639728725689481598054743894544060040710846048585856076812050552869216017728862957612913"))); + + byte[] M = Hex.Decode("6893B64BD3A9615C39C3E62DDD269C2BAAF1D85915526083183CE14C2E883B48B193607C1ED871852C9DF9C3147B574DC1526C55DE1FE263A676346A20028A66"); + + ECDsaSigner dsa = new ECDsaSigner(); + + dsa.Init(true, new ParametersWithRandom(priKey, k)); + + BigInteger[] sig = dsa.GenerateSignature(M); + + BigInteger r = new BigInteger("1368926195812127407956140744722257403535864168182534321188553460365652865686040549247096155740756318290773648848859639978618869784291633651685766829574104630"); + BigInteger s = new BigInteger("1624754720348883715608122151214003032398685415003935734485445999065609979304811509538477657407457976246218976767156629169821116579317401249024208611945405790"); + + if (!r.Equals(sig[0])) + { + Fail("r component wrong." + SimpleTest.NewLine + + " expecting: " + r + SimpleTest.NewLine + + " got : " + sig[0]); + } + + if (!s.Equals(sig[1])) + { + Fail("s component wrong." + SimpleTest.NewLine + + " expecting: " + s + SimpleTest.NewLine + + " got : " + sig[1]); + } + + // Verify the signature + ECPublicKeyParameters pubKey = new ECPublicKeyParameters( + parameters.Curve.DecodePoint(Hex.Decode("020145E221AB9F71C5FE740D8D2B94939A09E2816E2167A7D058125A06A80C014F553E8D6764B048FB6F2B687CEC72F39738F223D4CE6AFCBFF2E34774AA5D3C342CB3")), // Q + parameters); + + dsa.Init(false, pubKey); + if (!dsa.VerifySignature(M, sig[0], sig[1])) + { + Fail("signature fails"); + } + } + + /** + * General test for long digest. + */ + [Test] + public void TestECDsa239bitBinaryAndLargeDigest() + { + BigInteger r = new BigInteger("21596333210419611985018340039034612628818151486841789642455876922391552"); + BigInteger s = new BigInteger("144940322424411242416373536877786566515839911620497068645600824084578597"); + + byte[] kData = BigIntegers.AsUnsignedByteArray( + new BigInteger("171278725565216523967285789236956265265265235675811949404040041670216363")); + + SecureRandom k = FixedSecureRandom.From(kData); + + F2mCurve curve = new F2mCurve( + 239, // m + 36, //k + new BigInteger("32010857077C5431123A46B808906756F543423E8D27877578125778AC76", 16), // a + new BigInteger("790408F2EEDAF392B012EDEFB3392F30F4327C0CA3F31FC383C422AA8C16", 16)); // b + + ECDomainParameters parameters = new ECDomainParameters( + curve, + curve.DecodePoint( + Hex.Decode("0457927098FA932E7C0A96D3FD5B706EF7E5F5C156E16B7E7C86038552E91D61D8EE5077C33FECF6F1A16B268DE469C3C7744EA9A971649FC7A9616305")), // G + new BigInteger("220855883097298041197912187592864814557886993776713230936715041207411783"), // n + BigInteger.ValueOf(4)); // h + + ECPrivateKeyParameters priKey = new ECPrivateKeyParameters( + "ECDSA", + new BigInteger("145642755521911534651321230007534120304391871461646461466464667494947990"), // d + parameters); + + ECDsaSigner ecdsa = new ECDsaSigner(); + ParametersWithRandom param = new ParametersWithRandom(priKey, k); + + ecdsa.Init(true, param); + + byte[] message = new BigInteger("968236873715988614170569073515315707566766479517968236873715988614170569073515315707566766479517968236873715988614170569073515315707566766479517").ToByteArray(); + BigInteger[] sig = ecdsa.GenerateSignature(message); + + if (!r.Equals(sig[0])) + { + Fail("r component wrong." + SimpleTest.NewLine + + " expecting: " + r + SimpleTest.NewLine + + " got : " + sig[0]); + } + + if (!s.Equals(sig[1])) + { + Fail("s component wrong." + SimpleTest.NewLine + + " expecting: " + s + SimpleTest.NewLine + + " got : " + sig[1]); + } + + // Verify the signature + ECPublicKeyParameters pubKey = new ECPublicKeyParameters( + "ECDSA", + curve.DecodePoint( + Hex.Decode("045894609CCECF9A92533F630DE713A958E96C97CCB8F5ABB5A688A238DEED6DC2D9D0C94EBFB7D526BA6A61764175B99CB6011E2047F9F067293F57F5")), // Q + parameters); + + ecdsa.Init(false, pubKey); + if (!ecdsa.VerifySignature(message, sig[0], sig[1])) + { + Fail("signature fails"); + } + } + + /** + * key generation test + */ + [Test] + public void TestECDsaKeyGenTest() + { + SecureRandom random = new SecureRandom(); + + BigInteger n = new BigInteger("883423532389192164791648750360308884807550341691627752275345424702807307"); + + FpCurve curve = new FpCurve( + new BigInteger("883423532389192164791648750360308885314476597252960362792450860609699839"), // q + new BigInteger("7fffffffffffffffffffffff7fffffffffff8000000000007ffffffffffc", 16), // a + new BigInteger("6b016c3bdcf18941d0d654921475ca71a9db2fb27d1d37796185c2942c0a", 16), // b + n, BigInteger.One); + + ECDomainParameters parameters = new ECDomainParameters( + curve, + curve.DecodePoint(Hex.Decode("020ffa963cdca8816ccc33b8642bedf905c3d358573d3f27fbbd3b3cb9aaaf")), // G + n, BigInteger.One); + + ECKeyPairGenerator pGen = new ECKeyPairGenerator(); + ECKeyGenerationParameters genParam = new ECKeyGenerationParameters( + parameters, + random); + + pGen.Init(genParam); + + AsymmetricCipherKeyPair pair = pGen.GenerateKeyPair(); + + ParametersWithRandom param = new ParametersWithRandom(pair.Private, random); + + ECDsaSigner ecdsa = new ECDsaSigner(); + + ecdsa.Init(true, param); + + byte[] message = new BigInteger("968236873715988614170569073515315707566766479517").ToByteArray(); + BigInteger[] sig = ecdsa.GenerateSignature(message); + + ecdsa.Init(false, pair.Public); + + if (!ecdsa.VerifySignature(message, sig[0], sig[1])) + { + Fail("signature fails"); + } + } + + /** + * Basic Key Agreement Test + */ + [Test] + public void TestECDHBasicAgreement() + { + SecureRandom random = new SecureRandom(); + + BigInteger n = new BigInteger("883423532389192164791648750360308884807550341691627752275345424702807307"); + + FpCurve curve = new FpCurve( + new BigInteger("883423532389192164791648750360308885314476597252960362792450860609699839"), // q + new BigInteger("7fffffffffffffffffffffff7fffffffffff8000000000007ffffffffffc", 16), // a + new BigInteger("6b016c3bdcf18941d0d654921475ca71a9db2fb27d1d37796185c2942c0a", 16), // b + n, BigInteger.One); + + ECDomainParameters parameters = new ECDomainParameters( + curve, + curve.DecodePoint(Hex.Decode("020ffa963cdca8816ccc33b8642bedf905c3d358573d3f27fbbd3b3cb9aaaf")), // G + n, BigInteger.One); + + ECKeyPairGenerator pGen = new ECKeyPairGenerator(); + ECKeyGenerationParameters genParam = new ECKeyGenerationParameters(parameters, random); + + pGen.Init(genParam); + + AsymmetricCipherKeyPair p1 = pGen.GenerateKeyPair(); + AsymmetricCipherKeyPair p2 = pGen.GenerateKeyPair(); + + // + // two way + // + IBasicAgreement e1 = new ECDHBasicAgreement(); + IBasicAgreement e2 = new ECDHBasicAgreement(); + + e1.Init(p1.Private); + e2.Init(p2.Private); + + BigInteger k1 = e1.CalculateAgreement(p2.Public); + BigInteger k2 = e2.CalculateAgreement(p1.Public); + + if (!k1.Equals(k2)) + { + Fail("calculated agreement test failed"); + } + + // + // two way + // + e1 = new ECDHCBasicAgreement(); + e2 = new ECDHCBasicAgreement(); + + e1.Init(p1.Private); + e2.Init(p2.Private); + + k1 = e1.CalculateAgreement(p2.Public); + k2 = e2.CalculateAgreement(p1.Public); + + if (!k1.Equals(k2)) + { + Fail("calculated agreement test failed"); + } + } + + [Test] + public void TestECDHBasicAgreementCofactor() + { + SecureRandom random = new SecureRandom(); + + X9ECParameters x9 = CustomNamedCurves.GetByName("curve25519"); + ECDomainParameters ec = new ECDomainParameters(x9.Curve, x9.G, x9.N, x9.H, x9.GetSeed()); + + ECKeyPairGenerator kpg = new ECKeyPairGenerator(); + kpg.Init(new ECKeyGenerationParameters(ec, random)); + + AsymmetricCipherKeyPair p1 = kpg.GenerateKeyPair(); + AsymmetricCipherKeyPair p2 = kpg.GenerateKeyPair(); + + IBasicAgreement e1 = new ECDHBasicAgreement(); + IBasicAgreement e2 = new ECDHBasicAgreement(); + + e1.Init(p1.Private); + e2.Init(p2.Private); + + BigInteger k1 = e1.CalculateAgreement(p2.Public); + BigInteger k2 = e2.CalculateAgreement(p1.Public); + + if (!k1.Equals(k2)) + { + Fail("calculated agreement test failed"); + } + } + + [Test] + public void TestECMqvTestVector1() + { + // Test Vector from GEC-2 + + X9ECParameters x9 = SecNamedCurves.GetByName("secp160r1"); + ECDomainParameters p = new ECDomainParameters( + x9.Curve, x9.G, x9.N, x9.H, x9.GetSeed()); + + AsymmetricCipherKeyPair U1 = new AsymmetricCipherKeyPair( + new ECPublicKeyParameters( + p.Curve.DecodePoint(Hex.Decode("0251B4496FECC406ED0E75A24A3C03206251419DC0")), p), + new ECPrivateKeyParameters( + new BigInteger("AA374FFC3CE144E6B073307972CB6D57B2A4E982", 16), p)); + + AsymmetricCipherKeyPair U2 = new AsymmetricCipherKeyPair( + new ECPublicKeyParameters( + p.Curve.DecodePoint(Hex.Decode("03D99CE4D8BF52FA20BD21A962C6556B0F71F4CA1F")), p), + new ECPrivateKeyParameters( + new BigInteger("149EC7EA3A220A887619B3F9E5B4CA51C7D1779C", 16), p)); + + AsymmetricCipherKeyPair V1 = new AsymmetricCipherKeyPair( + new ECPublicKeyParameters( + p.Curve.DecodePoint(Hex.Decode("0349B41E0E9C0369C2328739D90F63D56707C6E5BC")), p), + new ECPrivateKeyParameters( + new BigInteger("45FB58A92A17AD4B15101C66E74F277E2B460866", 16), p)); + + AsymmetricCipherKeyPair V2 = new AsymmetricCipherKeyPair( + new ECPublicKeyParameters( + p.Curve.DecodePoint(Hex.Decode("02706E5D6E1F640C6E9C804E75DBC14521B1E5F3B5")), p), + new ECPrivateKeyParameters( + new BigInteger("18C13FCED9EADF884F7C595C8CB565DEFD0CB41E", 16), p)); + + BigInteger x = calculateAgreement(U1, U2, V1, V2); + + if (x == null + || !x.Equals(new BigInteger("5A6955CEFDB4E43255FB7FCF718611E4DF8E05AC", 16))) + { + Fail("MQV Test Vector #1 agreement failed"); + } + } + + [Test] + public void TestECMqvTestVector2() + { + // Test Vector from GEC-2 + + X9ECParameters x9 = SecNamedCurves.GetByName("sect163k1"); + ECDomainParameters p = new ECDomainParameters( + x9.Curve, x9.G, x9.N, x9.H, x9.GetSeed()); + + AsymmetricCipherKeyPair U1 = new AsymmetricCipherKeyPair( + new ECPublicKeyParameters( + p.Curve.DecodePoint(Hex.Decode("03037D529FA37E42195F10111127FFB2BB38644806BC")), p), + new ECPrivateKeyParameters( + new BigInteger("03A41434AA99C2EF40C8495B2ED9739CB2155A1E0D", 16), p)); + + AsymmetricCipherKeyPair U2 = new AsymmetricCipherKeyPair( + new ECPublicKeyParameters( + p.Curve.DecodePoint(Hex.Decode("02015198E74BC2F1E5C9A62B80248DF0D62B9ADF8429")), p), + new ECPrivateKeyParameters( + new BigInteger("032FC4C61A8211E6A7C4B8B0C03CF35F7CF20DBD52", 16), p)); + + AsymmetricCipherKeyPair V1 = new AsymmetricCipherKeyPair( + new ECPublicKeyParameters( + p.Curve.DecodePoint(Hex.Decode("03072783FAAB9549002B4F13140B88132D1C75B3886C")), p), + new ECPrivateKeyParameters( + new BigInteger("57E8A78E842BF4ACD5C315AA0569DB1703541D96", 16), p)); + + AsymmetricCipherKeyPair V2 = new AsymmetricCipherKeyPair( + new ECPublicKeyParameters( + p.Curve.DecodePoint(Hex.Decode("03067E3AEA3510D69E8EDD19CB2A703DDC6CF5E56E32")), p), + new ECPrivateKeyParameters( + new BigInteger("02BD198B83A667A8D908EA1E6F90FD5C6D695DE94F", 16), p)); + + BigInteger x = calculateAgreement(U1, U2, V1, V2); + + if (x == null + || !x.Equals(new BigInteger("038359FFD30C0D5FC1E6154F483B73D43E5CF2B503", 16))) + { + Fail("MQV Test Vector #2 agreement failed"); + } + } + + [Test] + public void TestECMqvRandom() + { + SecureRandom random = new SecureRandom(); + + BigInteger n = new BigInteger("883423532389192164791648750360308884807550341691627752275345424702807307"); + + FpCurve curve = new FpCurve( + new BigInteger("883423532389192164791648750360308885314476597252960362792450860609699839"), // q + new BigInteger("7fffffffffffffffffffffff7fffffffffff8000000000007ffffffffffc", 16), // a + new BigInteger("6b016c3bdcf18941d0d654921475ca71a9db2fb27d1d37796185c2942c0a", 16), // b + n, BigInteger.One); + + ECDomainParameters parameters = new ECDomainParameters( + curve, + curve.DecodePoint(Hex.Decode("020ffa963cdca8816ccc33b8642bedf905c3d358573d3f27fbbd3b3cb9aaaf")), // G + n, BigInteger.One); + + ECKeyPairGenerator pGen = new ECKeyPairGenerator(); + + pGen.Init(new ECKeyGenerationParameters(parameters, random)); + + + // Pre-established key pairs + AsymmetricCipherKeyPair U1 = pGen.GenerateKeyPair(); + AsymmetricCipherKeyPair V1 = pGen.GenerateKeyPair(); + + // Ephemeral key pairs + AsymmetricCipherKeyPair U2 = pGen.GenerateKeyPair(); + AsymmetricCipherKeyPair V2 = pGen.GenerateKeyPair(); + + BigInteger x = calculateAgreement(U1, U2, V1, V2); + + if (x == null) + { + Fail("MQV Test Vector (random) agreement failed"); + } + } + + private static BigInteger calculateAgreement( + AsymmetricCipherKeyPair U1, + AsymmetricCipherKeyPair U2, + AsymmetricCipherKeyPair V1, + AsymmetricCipherKeyPair V2) + { + ECMqvBasicAgreement u = new ECMqvBasicAgreement(); + u.Init(new MqvPrivateParameters( + (ECPrivateKeyParameters)U1.Private, + (ECPrivateKeyParameters)U2.Private, + (ECPublicKeyParameters)U2.Public)); + BigInteger ux = u.CalculateAgreement(new MqvPublicParameters( + (ECPublicKeyParameters)V1.Public, + (ECPublicKeyParameters)V2.Public)); + + ECMqvBasicAgreement v = new ECMqvBasicAgreement(); + v.Init(new MqvPrivateParameters( + (ECPrivateKeyParameters)V1.Private, + (ECPrivateKeyParameters)V2.Private, + (ECPublicKeyParameters)V2.Public)); + BigInteger vx = v.CalculateAgreement(new MqvPublicParameters( + (ECPublicKeyParameters)U1.Public, + (ECPublicKeyParameters)U2.Public)); + + if (ux.Equals(vx)) + return ux; + + return null; + } + + public override string Name + { + get { return "EC"; } + } + + public override void PerformTest() + { + TestDecode(); + TestECDsa192bitPrime(); + TestECDsa239bitPrime(); + TestECDsa191bitBinary(); + TestECDsa239bitBinary(); + TestECDsaKeyGenTest(); + TestECDHBasicAgreement(); + TestECDHBasicAgreementCofactor(); + + TestECDsaP224Sha224(); + TestECDsaP224OneByteOver(); + TestECDsaP256Sha256(); + TestECDsaP521Sha512(); + TestECDsaSecP224k1Sha256(); + TestECDsa239bitBinaryAndLargeDigest(); + + TestECMqvTestVector1(); + TestECMqvTestVector2(); + TestECMqvRandom(); + } + + public static void Main( + string[] args) + { + RunTest(new ECTest()); + } + } +} diff --git a/BouncyCastle/crypto/test/src/crypto/test/Ed25519Test.cs b/BouncyCastle/crypto/test/src/crypto/test/Ed25519Test.cs new file mode 100644 index 0000000..d771a8c --- /dev/null +++ b/BouncyCastle/crypto/test/src/crypto/test/Ed25519Test.cs @@ -0,0 +1,163 @@ +using System; + +using NUnit.Framework; + +using Org.BouncyCastle.Crypto.Generators; +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Crypto.Signers; +using Org.BouncyCastle.Math.EC.Rfc8032; +using Org.BouncyCastle.Security; +using Org.BouncyCastle.Utilities; +using Org.BouncyCastle.Utilities.Encoders; +using Org.BouncyCastle.Utilities.Test; + +namespace Org.BouncyCastle.Crypto.Tests +{ + [TestFixture] + public class Ed25519Test + : SimpleTest + { + private static readonly SecureRandom Random = new SecureRandom(); + + public override string Name + { + get { return "Ed25519"; } + } + + public static void Main(string[] args) + { + RunTest(new Ed25519Test()); + } + + [Test] + public void TestFunction() + { + string resultText = Perform().ToString(); + + Assert.AreEqual(Name + ": Okay", resultText); + } + + public override void PerformTest() + { + BasicSigTest(); + + for (int i = 0; i < 10; ++i) + { + DoTestConsistency(Ed25519.Algorithm.Ed25519, null); + + byte[] context = RandomContext(Random.NextInt() & 255); + DoTestConsistency(Ed25519.Algorithm.Ed25519ctx, context); + DoTestConsistency(Ed25519.Algorithm.Ed25519ph, context); + } + } + + private void BasicSigTest() + { + Ed25519PrivateKeyParameters privateKey = new Ed25519PrivateKeyParameters( + Hex.DecodeStrict("9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60")); + Ed25519PublicKeyParameters publicKey = new Ed25519PublicKeyParameters( + Hex.DecodeStrict("d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a")); + + byte[] sig = Hex.Decode("e5564300c360ac729086e2cc806e828a84877f1eb8e5d974d873e065224901555fb8821590a33bacc61e39701cf9b46bd25bf5f0595bbe24655141438e7a100b"); + + ISigner signer = new Ed25519Signer(); + signer.Init(true, privateKey); + + IsTrue(AreEqual(sig, signer.GenerateSignature())); + + signer.Init(false, publicKey); + + IsTrue(signer.VerifySignature(sig)); + } + + private ISigner CreateSigner(Ed25519.Algorithm algorithm, byte[] context) + { + switch (algorithm) + { + case Ed25519.Algorithm.Ed25519: + return new Ed25519Signer(); + case Ed25519.Algorithm.Ed25519ctx: + return new Ed25519ctxSigner(context); + case Ed25519.Algorithm.Ed25519ph: + return new Ed25519phSigner(context); + default: + throw new ArgumentException("algorithm"); + } + } + + private byte[] RandomContext(int length) + { + byte[] context = new byte[length]; + Random.NextBytes(context); + return context; + } + + private void DoTestConsistency(Ed25519.Algorithm algorithm, byte[] context) + { + Ed25519KeyPairGenerator kpg = new Ed25519KeyPairGenerator(); + kpg.Init(new Ed25519KeyGenerationParameters(Random)); + + AsymmetricCipherKeyPair kp = kpg.GenerateKeyPair(); + Ed25519PrivateKeyParameters privateKey = (Ed25519PrivateKeyParameters)kp.Private; + Ed25519PublicKeyParameters publicKey = (Ed25519PublicKeyParameters)kp.Public; + + byte[] msg = new byte[Random.NextInt() & 255]; + Random.NextBytes(msg); + + ISigner signer = CreateSigner(algorithm, context); + signer.Init(true, privateKey); + signer.BlockUpdate(msg, 0, msg.Length); + byte[] signature = signer.GenerateSignature(); + + ISigner verifier = CreateSigner(algorithm, context); + + { + verifier.Init(false, publicKey); + verifier.BlockUpdate(msg, 0, msg.Length); + bool shouldVerify = verifier.VerifySignature(signature); + + if (!shouldVerify) + { + Fail("Ed25519(" + algorithm + ") signature failed to verify"); + } + } + + { + byte[] wrongLengthSignature = Arrays.Append(signature, 0x00); + + verifier.Init(false, publicKey); + verifier.BlockUpdate(msg, 0, msg.Length); + bool shouldNotVerify = verifier.VerifySignature(wrongLengthSignature); + + if (shouldNotVerify) + { + Fail("Ed25519(" + algorithm + ") wrong length signature incorrectly verified"); + } + } + + if (msg.Length > 0) + { + bool shouldNotVerify = verifier.VerifySignature(signature); + + if (shouldNotVerify) + { + Fail("Ed25519(" + algorithm + ") wrong length failure did not reset verifier"); + } + } + + { + byte[] badSignature = Arrays.Clone(signature); + badSignature[Random.Next() % badSignature.Length] ^= (byte)(1 << (Random.NextInt() & 7)); + + verifier.Init(false, publicKey); + verifier.BlockUpdate(msg, 0, msg.Length); + bool shouldNotVerify = verifier.VerifySignature(badSignature); + + if (shouldNotVerify) + { + Fail("Ed25519(" + algorithm + ") bad signature incorrectly verified"); + } + } + } + } +} diff --git a/BouncyCastle/crypto/test/src/crypto/test/Ed448Test.cs b/BouncyCastle/crypto/test/src/crypto/test/Ed448Test.cs new file mode 100644 index 0000000..bfd9d09 --- /dev/null +++ b/BouncyCastle/crypto/test/src/crypto/test/Ed448Test.cs @@ -0,0 +1,173 @@ +using System; + +using NUnit.Framework; + +using Org.BouncyCastle.Crypto.Generators; +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Crypto.Signers; +using Org.BouncyCastle.Math.EC.Rfc8032; +using Org.BouncyCastle.Security; +using Org.BouncyCastle.Utilities; +using Org.BouncyCastle.Utilities.Encoders; +using Org.BouncyCastle.Utilities.Test; + +namespace Org.BouncyCastle.Crypto.Tests +{ + [TestFixture] + public class Ed448Test + : SimpleTest + { + private static readonly SecureRandom Random = new SecureRandom(); + + public override string Name + { + get { return "Ed448"; } + } + + public static void Main(string[] args) + { + RunTest(new Ed448Test()); + } + + [Test] + public void TestFunction() + { + string resultText = Perform().ToString(); + + Assert.AreEqual(Name + ": Okay", resultText); + } + + public override void PerformTest() + { + BasicSigTest(); + + for (int i = 0; i < 10; ++i) + { + byte[] context = RandomContext(Random.NextInt() & 255); + DoTestConsistency(Ed448.Algorithm.Ed448, context); + DoTestConsistency(Ed448.Algorithm.Ed448ph, context); + } + } + + private void BasicSigTest() + { + Ed448PrivateKeyParameters privateKey = new Ed448PrivateKeyParameters( + Hex.DecodeStrict( + "6c82a562cb808d10d632be89c8513ebf" + + "6c929f34ddfa8c9f63c9960ef6e348a3" + + "528c8a3fcc2f044e39a3fc5b94492f8f" + + "032e7549a20098f95b")); + Ed448PublicKeyParameters publicKey = new Ed448PublicKeyParameters( + Hex.DecodeStrict("5fd7449b59b461fd2ce787ec616ad46a" + + "1da1342485a70e1f8a0ea75d80e96778" + + "edf124769b46c7061bd6783df1e50f6c" + + "d1fa1abeafe8256180")); + + byte[] sig = Hex.DecodeStrict("533a37f6bbe457251f023c0d88f976ae" + + "2dfb504a843e34d2074fd823d41a591f" + + "2b233f034f628281f2fd7a22ddd47d78" + + "28c59bd0a21bfd3980ff0d2028d4b18a" + + "9df63e006c5d1c2d345b925d8dc00b41" + + "04852db99ac5c7cdda8530a113a0f4db" + + "b61149f05a7363268c71d95808ff2e65" + + "2600"); + + ISigner signer = new Ed448Signer(new byte[0]); + signer.Init(true, privateKey); + + IsTrue(AreEqual(sig, signer.GenerateSignature())); + + signer.Init(false, publicKey); + + IsTrue(signer.VerifySignature(sig)); + } + + private ISigner CreateSigner(Ed448.Algorithm algorithm, byte[] context) + { + switch (algorithm) + { + case Ed448.Algorithm.Ed448: + return new Ed448Signer(context); + case Ed448.Algorithm.Ed448ph: + return new Ed448phSigner(context); + default: + throw new ArgumentException("algorithm"); + } + } + + private byte[] RandomContext(int length) + { + byte[] context = new byte[length]; + Random.NextBytes(context); + return context; + } + + private void DoTestConsistency(Ed448.Algorithm algorithm, byte[] context) + { + Ed448KeyPairGenerator kpg = new Ed448KeyPairGenerator(); + kpg.Init(new Ed448KeyGenerationParameters(Random)); + + AsymmetricCipherKeyPair kp = kpg.GenerateKeyPair(); + Ed448PrivateKeyParameters privateKey = (Ed448PrivateKeyParameters)kp.Private; + Ed448PublicKeyParameters publicKey = (Ed448PublicKeyParameters)kp.Public; + + byte[] msg = new byte[Random.NextInt() & 255]; + Random.NextBytes(msg); + + ISigner signer = CreateSigner(algorithm, context); + signer.Init(true, privateKey); + signer.BlockUpdate(msg, 0, msg.Length); + byte[] signature = signer.GenerateSignature(); + + ISigner verifier = CreateSigner(algorithm, context); + + { + verifier.Init(false, publicKey); + verifier.BlockUpdate(msg, 0, msg.Length); + bool shouldVerify = verifier.VerifySignature(signature); + + if (!shouldVerify) + { + Fail("Ed448(" + algorithm + ") signature failed to verify"); + } + } + + { + byte[] wrongLengthSignature = Arrays.Append(signature, 0x00); + + verifier.Init(false, publicKey); + verifier.BlockUpdate(msg, 0, msg.Length); + bool shouldNotVerify = verifier.VerifySignature(wrongLengthSignature); + + if (shouldNotVerify) + { + Fail("Ed448(" + algorithm + ") wrong length signature incorrectly verified"); + } + } + + if (msg.Length > 0) + { + bool shouldNotVerify = verifier.VerifySignature(signature); + + if (shouldNotVerify) + { + Fail("Ed448(" + algorithm + ") wrong length failure did not reset verifier"); + } + } + + { + byte[] badSignature = Arrays.Clone(signature); + badSignature[Random.Next() % badSignature.Length] ^= (byte)(1 << (Random.NextInt() & 7)); + + verifier.Init(false, publicKey); + verifier.BlockUpdate(msg, 0, msg.Length); + bool shouldNotVerify = verifier.VerifySignature(badSignature); + + if (shouldNotVerify) + { + Fail("Ed448(" + algorithm + ") bad signature incorrectly verified"); + } + } + } + } +} diff --git a/BouncyCastle/crypto/test/src/crypto/test/ElGamalTest.cs b/BouncyCastle/crypto/test/src/crypto/test/ElGamalTest.cs new file mode 100644 index 0000000..1caa703 --- /dev/null +++ b/BouncyCastle/crypto/test/src/crypto/test/ElGamalTest.cs @@ -0,0 +1,278 @@ +using System; + +using NUnit.Framework; + +using Org.BouncyCastle.Crypto.Engines; +using Org.BouncyCastle.Crypto.Generators; +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Math; +using Org.BouncyCastle.Security; +using Org.BouncyCastle.Utilities; +using Org.BouncyCastle.Utilities.Encoders; +using Org.BouncyCastle.Utilities.Test; + +namespace Org.BouncyCastle.Crypto.Tests +{ + [TestFixture] + public class ElGamalTest + : SimpleTest + { + private static readonly BigInteger g512 = new BigInteger("153d5d6172adb43045b68ae8e1de1070b6137005686d29d3d73a7749199681ee5b212c9b96bfdcfa5b20cd5e3fd2044895d609cf9b410b7a0f12ca1cb9a428cc", 16); + private static readonly BigInteger p512 = new BigInteger("9494fec095f3b85ee286542b3836fc81a5dd0a0349b4c239dd38744d488cf8e31db8bcb7d33b41abb9e5a33cca9144b1cef332c94bf0573bf047a3aca98cdf3b", 16); + + private static readonly BigInteger g768 = new BigInteger("7c240073c1316c621df461b71ebb0cdcc90a6e5527e5e126633d131f87461c4dc4afc60c2cb0f053b6758871489a69613e2a8b4c8acde23954c08c81cbd36132cfd64d69e4ed9f8e51ed6e516297206672d5c0a69135df0a5dcf010d289a9ca1", 16); + private static readonly BigInteger p768 = new BigInteger("8c9dd223debed1b80103b8b309715be009d48860ed5ae9b9d5d8159508efd802e3ad4501a7f7e1cfec78844489148cd72da24b21eddd01aa624291c48393e277cfc529e37075eccef957f3616f962d15b44aeab4039d01b817fde9eaa12fd73f", 16); + + private static readonly BigInteger g1024 = new BigInteger("1db17639cdf96bc4eabba19454f0b7e5bd4e14862889a725c96eb61048dcd676ceb303d586e30f060dbafd8a571a39c4d823982117da5cc4e0f89c77388b7a08896362429b94a18a327604eb7ff227bffbc83459ade299e57b5f77b50fb045250934938efa145511166e3197373e1b5b1e52de713eb49792bedde722c6717abf", 16); + private static readonly BigInteger p1024 = new BigInteger("a00e283b3c624e5b2b4d9fbc2653b5185d99499b00fd1bf244c6f0bb817b4d1c451b2958d62a0f8a38caef059fb5ecd25d75ed9af403f5b5bdab97a642902f824e3c13789fed95fa106ddfe0ff4a707c85e2eb77d49e68f2808bcea18ce128b178cd287c6bc00efa9a1ad2a673fe0dceace53166f75b81d6709d5f8af7c66bb7", 16); + + private static readonly BigInteger yPgpBogusPSamp = new BigInteger("de4688497cc05b45fe8559bc9918c45afcad69b74123a7236eba409fd9de8ea34c7869839ee9df35e3d97576145d089841aa65b5b4e061fae52c37e430354269a02496b8ed8456f2d0d7c9b0db985fbcb21ae9f78507ed6e3a29db595b201b1a4f931c7d791eede65ccf918e8a61cf146859151c78c41ad48853694623467d78", 16); + private static readonly BigInteger xPgpBogusPSamp = new BigInteger("cbaf780f2cfe4f987bbc5fcb0738bbd7912060ccfdf37cbfeea65c0fd857e74a8df6cc359375f28cf5725d081813c614410a78cbe4b06d677beea9ff0fa10b1dbc47a6ed8c5b8466d6a95d6574029dbdf72596392e1b6b230faf9916dc8455821c10527a375a4d1c8a54947d1fe714d321aca25ad486b4b456506999fd2fd11a", 16); + private static readonly BigInteger gPgpBogusPSamp = new BigInteger("153ffe9522076d1cbd6e75f0816a0fc2ebd8b0e0091406587387a1763022088a03b411eed07ff50efb82b21f1608c352d10f63ba7e7e981a2f3387cec8af2915953d00493857663ae8919f517fe90f1d2abe7af4305a344b10d1a25d75f65902cd7fd775853d3ac43d7c5253ad666e1e63ee98cdcb10af81273d4ff053ff07d51", 16); + private static readonly BigInteger pPgpBogusPSamp = new BigInteger("15061b26cdab4e865098a01c86f13b03220104c5443e950658b36b85245aa0c616a0c0d8d99c454bea087c172315e45b3bc9b925443948a2b6ba47608a6035b9a79a4ef34a78d7274a12ede8364f02d5030db864988643d7e92753df603bd69fbd2682ab0af64d1a866d1131a2cb13333cedb0a9e6eefddd9fff8154d34c2daab", 16); + private const int lPgpBogusPSamp = 0; + + public override string Name + { + get { return "ElGamal"; } + } + + private void doTestEnc( + int size, + int privateValueSize, + BigInteger g, + BigInteger p) + { + ElGamalParameters dhParams = new ElGamalParameters(p, g, privateValueSize); + ElGamalKeyGenerationParameters ekgParams = new ElGamalKeyGenerationParameters(new SecureRandom(), dhParams); + ElGamalKeyPairGenerator kpGen = new ElGamalKeyPairGenerator(); + + kpGen.Init(ekgParams); + + // + // generate pair + // + AsymmetricCipherKeyPair pair = kpGen.GenerateKeyPair(); + + ElGamalPublicKeyParameters pu = (ElGamalPublicKeyParameters) pair.Public; + ElGamalPrivateKeyParameters pv = (ElGamalPrivateKeyParameters) pair.Private; + + checkKeySize(privateValueSize, pv); + + ElGamalEngine e = new ElGamalEngine(); + + e.Init(true, pu); + + if (e.GetOutputBlockSize() != size / 4) + { + Fail(size + " GetOutputBlockSize() on encryption failed."); + } + + byte[] message = Hex.Decode("5468697320697320612074657374"); + + byte[] pText = message; + byte[] cText = e.ProcessBlock(pText, 0, pText.Length); + + e.Init(false, pv); + + if (e.GetOutputBlockSize() != (size / 8) - 1) + { + Fail(size + " GetOutputBlockSize() on decryption failed."); + } + + pText = e.ProcessBlock(cText, 0, cText.Length); + + if (!Arrays.AreEqual(message, pText)) + { + Fail(size + " bit test failed"); + } + + + + e.Init(true, pu); + byte[] bytes = new byte[e.GetInputBlockSize() + 2]; + + try + { + e.ProcessBlock(bytes, 0, bytes.Length); + + Fail("out of range block not detected"); + } + catch (DataLengthException) + { + // expected + } + + try + { + bytes[0] = (byte)0xff; + + e.ProcessBlock(bytes, 0, bytes.Length - 1); + + Fail("out of range block not detected"); + } + catch (DataLengthException) + { + // expected + } + + try + { + bytes[0] = (byte)0x7f; + + e.ProcessBlock(bytes, 0, bytes.Length - 1); + } + catch (DataLengthException) + { + Fail("in range block failed"); + } + } + + private void checkKeySize( + int privateValueSize, + ElGamalPrivateKeyParameters priv) + { + if (privateValueSize != 0) + { + if (priv.X.BitLength != privateValueSize) + { + Fail("limited key check failed for key size " + privateValueSize); + } + } + } + + /** + * this test is can take quiet a while + * + * @param size size of key in bits. + */ + private void doTestGeneration( + int size) + { + ElGamalParametersGenerator pGen = new ElGamalParametersGenerator(); + + pGen.Init(size, 10, new SecureRandom()); + + ElGamalParameters elParams = pGen.GenerateParameters(); + + if (elParams.L != 0) + { + Fail("ElGamalParametersGenerator failed to set L to 0 in generated ElGamalParameters"); + } + + ElGamalKeyGenerationParameters ekgParams = new ElGamalKeyGenerationParameters(new SecureRandom(), elParams); + + ElGamalKeyPairGenerator kpGen = new ElGamalKeyPairGenerator(); + + kpGen.Init(ekgParams); + + // + // generate first pair + // + AsymmetricCipherKeyPair pair = kpGen.GenerateKeyPair(); + + ElGamalPublicKeyParameters pu = (ElGamalPublicKeyParameters)pair.Public; + ElGamalPrivateKeyParameters pv = (ElGamalPrivateKeyParameters)pair.Private; + + ElGamalEngine e = new ElGamalEngine(); + + e.Init(true, new ParametersWithRandom(pu, new SecureRandom())); + + byte[] message = Hex.Decode("5468697320697320612074657374"); + + byte[] pText = message; + byte[] cText = e.ProcessBlock(pText, 0, pText.Length); + + e.Init(false, pv); + + pText = e.ProcessBlock(cText, 0, cText.Length); + + if (!Arrays.AreEqual(message, pText)) + { + Fail("generation test failed"); + } + } + + [Test] + public void TestInvalidP() + { + ElGamalParameters dhParams = new ElGamalParameters(pPgpBogusPSamp, gPgpBogusPSamp, lPgpBogusPSamp); + ElGamalPublicKeyParameters pu = new ElGamalPublicKeyParameters(yPgpBogusPSamp, dhParams); + ElGamalPrivateKeyParameters pv = new ElGamalPrivateKeyParameters(xPgpBogusPSamp, dhParams); + + ElGamalEngine e = new ElGamalEngine(); + + e.Init(true, pu); + + byte[] message = Hex.Decode("5468697320697320612074657374"); + + byte[] pText = message; + byte[] cText = e.ProcessBlock(pText, 0, pText.Length); + + e.Init(false, pv); + + pText = e.ProcessBlock(cText, 0, cText.Length); + + if (Arrays.AreEqual(message, pText)) + { + Fail("invalid test failed"); + } + } + + [Test] + public void TestEnc512() + { + doTestEnc(512, 0, g512, p512); + doTestEnc(512, 64, g512, p512); + } + + [Test] + public void TestEnc768() + { + doTestEnc(768, 0, g768, p768); + doTestEnc(768, 128, g768, p768); + } + + [Test] + public void TestEnc1024() + { + doTestEnc(1024, 0, g1024, p1024); + } + + [Test] + public void TestGeneration258() + { + doTestGeneration(258); + } + + [Test] + public void TestInitCheck() + { + try + { + new ElGamalEngine().ProcessBlock(new byte[]{ 1 }, 0, 1); + Fail("failed initialisation check"); + } + catch (InvalidOperationException) + { + // expected + } + } + + public override void PerformTest() + { + TestInvalidP(); + TestEnc512(); + TestEnc768(); + TestEnc1024(); + TestGeneration258(); + TestInitCheck(); + } + + public static void Main( + string[] args) + { + RunTest(new ElGamalTest()); + } + } +} diff --git a/BouncyCastle/crypto/test/src/crypto/test/EqualsHashCodeTest.cs b/BouncyCastle/crypto/test/src/crypto/test/EqualsHashCodeTest.cs new file mode 100644 index 0000000..05cc9ad --- /dev/null +++ b/BouncyCastle/crypto/test/src/crypto/test/EqualsHashCodeTest.cs @@ -0,0 +1,262 @@ +using System; + +using NUnit.Framework; + +using Org.BouncyCastle.Crypto.Generators; +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Math; +using Org.BouncyCastle.Security; +using Org.BouncyCastle.Utilities.Test; + +namespace Org.BouncyCastle.Crypto.Tests +{ + internal class DHTestKeyParameters + : DHKeyParameters + { + public DHTestKeyParameters( + bool isPrivate, + DHParameters parameters) + : base(isPrivate, parameters) + { + } + } + + internal class ElGamalTestKeyParameters + : ElGamalKeyParameters + { + public ElGamalTestKeyParameters( + bool isPrivate, + ElGamalParameters parameters) + : base(isPrivate, parameters) + { + } + } + + [TestFixture] + public class EqualsHashCodeTest + : SimpleTest + { + private static object Other = new object(); + + public override string Name + { + get { return "EqualsHashCode"; } + } + + private void doTest( + object a, + object equalsA, + object notEqualsA) + { + if (a.Equals(null)) + { + Fail("a equaled null"); + } + + if (!a.Equals(equalsA) || !equalsA.Equals(a)) + { + Fail("equality failed"); + } + + if (a.Equals(Other)) + { + Fail("other inequality failed"); + } + + if (a.Equals(notEqualsA) || notEqualsA.Equals(a)) + { + Fail("inequality failed"); + } + + if (a.GetHashCode() != equalsA.GetHashCode()) + { + Fail("hashCode equality failed"); + } + } + + [Test] + public void TestDH() + { + BigInteger g512 = new BigInteger("153d5d6172adb43045b68ae8e1de1070b6137005686d29d3d73a7749199681ee5b212c9b96bfdcfa5b20cd5e3fd2044895d609cf9b410b7a0f12ca1cb9a428cc", 16); + BigInteger p512 = new BigInteger("9494fec095f3b85ee286542b3836fc81a5dd0a0349b4c239dd38744d488cf8e31db8bcb7d33b41abb9e5a33cca9144b1cef332c94bf0573bf047a3aca98cdf3b", 16); + + DHParameters dhParams = new DHParameters(p512, g512); + DHKeyGenerationParameters parameters = new DHKeyGenerationParameters(new SecureRandom(), dhParams); DHKeyPairGenerator kpGen = new DHKeyPairGenerator(); + + kpGen.Init(parameters); + + AsymmetricCipherKeyPair pair = kpGen.GenerateKeyPair(); + DHPublicKeyParameters pu1 = (DHPublicKeyParameters)pair.Public; + DHPrivateKeyParameters pv1 = (DHPrivateKeyParameters)pair.Private; + + DHPublicKeyParameters pu2 = new DHPublicKeyParameters(pu1.Y, pu1.Parameters); + DHPrivateKeyParameters pv2 = new DHPrivateKeyParameters(pv1.X, pv1.Parameters); + DHPublicKeyParameters pu3 = new DHPublicKeyParameters(pv1.X, pu1.Parameters); + DHPrivateKeyParameters pv3 = new DHPrivateKeyParameters(pu1.Y, pu1.Parameters); + + doTest(pu1, pu2, pu3); + doTest(pv1, pv2, pv3); + + DHParameters pr1 = pu1.Parameters; + DHParameters pr2 = new DHParameters( + pr1.P, pr1.G, pr1.Q, pr1.M, pr1.L, pr1.J, pr1.ValidationParameters); + DHParameters pr3 = new DHParameters( + pr1.P.Add(BigInteger.Two), pr1.G, pr1.Q, pr1.M, pr1.L, pr1.J, pr1.ValidationParameters); + + doTest(pr1, pr2, pr3); + + pr3 = new DHParameters( + pr1.P, pr1.G.Add(BigInteger.One), pr1.Q, pr1.M, pr1.L, pr1.J, pr1.ValidationParameters); + + doTest(pr1, pr2, pr3); + + pu2 = new DHPublicKeyParameters(pu1.Y, pr2); + pv2 = new DHPrivateKeyParameters(pv1.X, pr2); + + doTest(pu1, pu2, pu3); + doTest(pv1, pv2, pv3); + + DHValidationParameters vp1 = new DHValidationParameters(new byte[20], 1024); + DHValidationParameters vp2 = new DHValidationParameters(new byte[20], 1024); + DHValidationParameters vp3 = new DHValidationParameters(new byte[24], 1024); + + doTest(vp1, vp1, vp3); + doTest(vp1, vp2, vp3); + + byte[] bytes = new byte[20]; + bytes[0] = 1; + + vp3 = new DHValidationParameters(bytes, 1024); + + doTest(vp1, vp2, vp3); + + vp3 = new DHValidationParameters(new byte[20], 2048); + + doTest(vp1, vp2, vp3); + + DHTestKeyParameters k1 = new DHTestKeyParameters(false, null); + DHTestKeyParameters k2 = new DHTestKeyParameters(false, null); + DHTestKeyParameters k3 = new DHTestKeyParameters(false, pu1.Parameters); + + doTest(k1, k2, k3); + } + + [Test] + public void TestElGamal() + { + BigInteger g512 = new BigInteger("153d5d6172adb43045b68ae8e1de1070b6137005686d29d3d73a7749199681ee5b212c9b96bfdcfa5b20cd5e3fd2044895d609cf9b410b7a0f12ca1cb9a428cc", 16); + BigInteger p512 = new BigInteger("9494fec095f3b85ee286542b3836fc81a5dd0a0349b4c239dd38744d488cf8e31db8bcb7d33b41abb9e5a33cca9144b1cef332c94bf0573bf047a3aca98cdf3b", 16); + + ElGamalParameters dhParams = new ElGamalParameters(p512, g512); + ElGamalKeyGenerationParameters parameters = new ElGamalKeyGenerationParameters(new SecureRandom(), dhParams); ElGamalKeyPairGenerator kpGen = new ElGamalKeyPairGenerator(); + + kpGen.Init(parameters); + + AsymmetricCipherKeyPair pair = kpGen.GenerateKeyPair(); + ElGamalPublicKeyParameters pu1 = (ElGamalPublicKeyParameters)pair.Public; + ElGamalPrivateKeyParameters pv1 = (ElGamalPrivateKeyParameters)pair.Private; + + ElGamalPublicKeyParameters pu2 = new ElGamalPublicKeyParameters(pu1.Y, pu1.Parameters); + ElGamalPrivateKeyParameters pv2 = new ElGamalPrivateKeyParameters(pv1.X, pv1.Parameters); + ElGamalPublicKeyParameters pu3 = new ElGamalPublicKeyParameters(pv1.X, pu1.Parameters); + ElGamalPrivateKeyParameters pv3 = new ElGamalPrivateKeyParameters(pu1.Y, pu1.Parameters); + + doTest(pu1, pu2, pu3); + doTest(pv1, pv2, pv3); + + ElGamalParameters pr1 = pu1.Parameters; + ElGamalParameters pr2 = new ElGamalParameters(pr1.P, pr1.G); + ElGamalParameters pr3 = new ElGamalParameters(pr1.G, pr1.P); + + doTest(pr1, pr2, pr3); + + pu2 = new ElGamalPublicKeyParameters(pu1.Y, pr2); + pv2 = new ElGamalPrivateKeyParameters(pv1.X, pr2); + + doTest(pu1, pu2, pu3); + doTest(pv1, pv2, pv3); + + ElGamalTestKeyParameters k1 = new ElGamalTestKeyParameters(false, null); + ElGamalTestKeyParameters k2 = new ElGamalTestKeyParameters(false, null); + ElGamalTestKeyParameters k3 = new ElGamalTestKeyParameters(false, pu1.Parameters); + + doTest(k1, k2, k3); + } + + [Test] + public void TestDsa() + { + BigInteger a = BigInteger.ValueOf(1), b = BigInteger.ValueOf(2), c = BigInteger.ValueOf(3); + + DsaParameters dsaP1 = new DsaParameters(a, b, c); + DsaParameters dsaP2 = new DsaParameters(a, b, c); + DsaParameters dsaP3 = new DsaParameters(b, c, a); + + doTest(dsaP1, dsaP2, dsaP3); + + DsaValidationParameters vp1 = new DsaValidationParameters(new byte[20], 1024); + DsaValidationParameters vp2 = new DsaValidationParameters(new byte[20], 1024); + DsaValidationParameters vp3 = new DsaValidationParameters(new byte[24], 1024); + + doTest(vp1, vp1, vp3); + doTest(vp1, vp2, vp3); + + byte[] bytes = new byte[20]; + bytes[0] = 1; + + vp3 = new DsaValidationParameters(bytes, 1024); + + doTest(vp1, vp2, vp3); + + vp3 = new DsaValidationParameters(new byte[20], 2048); + + doTest(vp1, vp2, vp3); + } + + [Test] + public void TestGost3410() + { + BigInteger a = BigInteger.ValueOf(1), b = BigInteger.ValueOf(2), c = BigInteger.ValueOf(3); + + Gost3410Parameters g1 = new Gost3410Parameters(a, b, c); + Gost3410Parameters g2 = new Gost3410Parameters(a, b, c); + Gost3410Parameters g3 = new Gost3410Parameters(a, c, c); + + doTest(g1, g2, g3); + + Gost3410ValidationParameters v1 = new Gost3410ValidationParameters(100, 1); + Gost3410ValidationParameters v2 = new Gost3410ValidationParameters(100, 1); + Gost3410ValidationParameters v3 = new Gost3410ValidationParameters(101, 1); + + doTest(v1, v2, v3); + + v3 = new Gost3410ValidationParameters(100, 2); + + doTest(v1, v2, v3); + + v1 = new Gost3410ValidationParameters(100L, 1L); + v2 = new Gost3410ValidationParameters(100L, 1L); + v3 = new Gost3410ValidationParameters(101L, 1L); + + doTest(v1, v2, v3); + + v3 = new Gost3410ValidationParameters(100L, 2L); + + doTest(v1, v2, v3); + } + + public override void PerformTest() + { + TestDH(); + TestElGamal(); + TestGost3410(); + TestDsa(); + } + + public static void Main( + string[] args) + { + RunTest(new EqualsHashCodeTest()); + } + } +} diff --git a/BouncyCastle/crypto/test/src/crypto/test/GCMTest.cs b/BouncyCastle/crypto/test/src/crypto/test/GCMTest.cs new file mode 100644 index 0000000..a225708 --- /dev/null +++ b/BouncyCastle/crypto/test/src/crypto/test/GCMTest.cs @@ -0,0 +1,745 @@ +using System; + +using NUnit.Framework; + +using Org.BouncyCastle.Crypto.Engines; +using Org.BouncyCastle.Crypto.Modes; +using Org.BouncyCastle.Crypto.Modes.Gcm; +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Security; +using Org.BouncyCastle.Utilities; +using Org.BouncyCastle.Utilities.Date; +using Org.BouncyCastle.Utilities.Encoders; +using Org.BouncyCastle.Utilities.Test; + +namespace Org.BouncyCastle.Crypto.Tests +{ + /// + /// Test vectors from "The Galois/Counter Mode of Operation (GCM)", McGrew/Viega, Appendix B + /// + [TestFixture] + public class GcmTest + : SimpleTest + { + private static readonly string[][] TestVectors = new string[][] + { + new string[] + { + "Test Case 1", + "00000000000000000000000000000000", + "", + "", + "000000000000000000000000", + "", + "58e2fccefa7e3061367f1d57a4e7455a", + }, + new string[] + { + "Test Case 2", + "00000000000000000000000000000000", + "00000000000000000000000000000000", + "", + "000000000000000000000000", + "0388dace60b6a392f328c2b971b2fe78", + "ab6e47d42cec13bdf53a67b21257bddf", + }, + new string[] + { + "Test Case 3", + "feffe9928665731c6d6a8f9467308308", + "d9313225f88406e5a55909c5aff5269a" + + "86a7a9531534f7da2e4c303d8a318a72" + + "1c3c0c95956809532fcf0e2449a6b525" + + "b16aedf5aa0de657ba637b391aafd255", + "", + "cafebabefacedbaddecaf888", + "42831ec2217774244b7221b784d0d49c" + + "e3aa212f2c02a4e035c17e2329aca12e" + + "21d514b25466931c7d8f6a5aac84aa05" + + "1ba30b396a0aac973d58e091473f5985", + "4d5c2af327cd64a62cf35abd2ba6fab4", + }, + new string[] + { + "Test Case 4", + "feffe9928665731c6d6a8f9467308308", + "d9313225f88406e5a55909c5aff5269a" + + "86a7a9531534f7da2e4c303d8a318a72" + + "1c3c0c95956809532fcf0e2449a6b525" + + "b16aedf5aa0de657ba637b39", + "feedfacedeadbeeffeedfacedeadbeef" + + "abaddad2", + "cafebabefacedbaddecaf888", + "42831ec2217774244b7221b784d0d49c" + + "e3aa212f2c02a4e035c17e2329aca12e" + + "21d514b25466931c7d8f6a5aac84aa05" + + "1ba30b396a0aac973d58e091", + "5bc94fbc3221a5db94fae95ae7121a47", + }, + new string[] + { + "Test Case 5", + "feffe9928665731c6d6a8f9467308308", + "d9313225f88406e5a55909c5aff5269a" + + "86a7a9531534f7da2e4c303d8a318a72" + + "1c3c0c95956809532fcf0e2449a6b525" + + "b16aedf5aa0de657ba637b39", + "feedfacedeadbeeffeedfacedeadbeef" + + "abaddad2", + "cafebabefacedbad", + "61353b4c2806934a777ff51fa22a4755" + + "699b2a714fcdc6f83766e5f97b6c7423" + + "73806900e49f24b22b097544d4896b42" + + "4989b5e1ebac0f07c23f4598", + "3612d2e79e3b0785561be14aaca2fccb", + }, + new string[] + { + "Test Case 6", + "feffe9928665731c6d6a8f9467308308", + "d9313225f88406e5a55909c5aff5269a" + + "86a7a9531534f7da2e4c303d8a318a72" + + "1c3c0c95956809532fcf0e2449a6b525" + + "b16aedf5aa0de657ba637b39", + "feedfacedeadbeeffeedfacedeadbeef" + + "abaddad2", + "9313225df88406e555909c5aff5269aa" + + "6a7a9538534f7da1e4c303d2a318a728" + + "c3c0c95156809539fcf0e2429a6b5254" + + "16aedbf5a0de6a57a637b39b", + "8ce24998625615b603a033aca13fb894" + + "be9112a5c3a211a8ba262a3cca7e2ca7" + + "01e4a9a4fba43c90ccdcb281d48c7c6f" + + "d62875d2aca417034c34aee5", + "619cc5aefffe0bfa462af43c1699d050", + }, + new string[] + { + "Test Case 7", + "00000000000000000000000000000000" + + "0000000000000000", + "", + "", + "000000000000000000000000", + "", + "cd33b28ac773f74ba00ed1f312572435", + }, + new string[] + { + "Test Case 8", + "00000000000000000000000000000000" + + "0000000000000000", + "00000000000000000000000000000000", + "", + "000000000000000000000000", + "98e7247c07f0fe411c267e4384b0f600", + "2ff58d80033927ab8ef4d4587514f0fb", + }, + new string[] + { + "Test Case 9", + "feffe9928665731c6d6a8f9467308308" + + "feffe9928665731c", + "d9313225f88406e5a55909c5aff5269a" + + "86a7a9531534f7da2e4c303d8a318a72" + + "1c3c0c95956809532fcf0e2449a6b525" + + "b16aedf5aa0de657ba637b391aafd255", + "", + "cafebabefacedbaddecaf888", + "3980ca0b3c00e841eb06fac4872a2757" + + "859e1ceaa6efd984628593b40ca1e19c" + + "7d773d00c144c525ac619d18c84a3f47" + + "18e2448b2fe324d9ccda2710acade256", + "9924a7c8587336bfb118024db8674a14", + }, + new string[] + { + "Test Case 10", + "feffe9928665731c6d6a8f9467308308" + + "feffe9928665731c", + "d9313225f88406e5a55909c5aff5269a" + + "86a7a9531534f7da2e4c303d8a318a72" + + "1c3c0c95956809532fcf0e2449a6b525" + + "b16aedf5aa0de657ba637b39", + "feedfacedeadbeeffeedfacedeadbeef" + + "abaddad2", + "cafebabefacedbaddecaf888", + "3980ca0b3c00e841eb06fac4872a2757" + + "859e1ceaa6efd984628593b40ca1e19c" + + "7d773d00c144c525ac619d18c84a3f47" + + "18e2448b2fe324d9ccda2710", + "2519498e80f1478f37ba55bd6d27618c", + }, + new string[] + { + "Test Case 11", + "feffe9928665731c6d6a8f9467308308" + + "feffe9928665731c", + "d9313225f88406e5a55909c5aff5269a" + + "86a7a9531534f7da2e4c303d8a318a72" + + "1c3c0c95956809532fcf0e2449a6b525" + + "b16aedf5aa0de657ba637b39", + "feedfacedeadbeeffeedfacedeadbeef" + + "abaddad2", + "cafebabefacedbad", + "0f10f599ae14a154ed24b36e25324db8" + + "c566632ef2bbb34f8347280fc4507057" + + "fddc29df9a471f75c66541d4d4dad1c9" + + "e93a19a58e8b473fa0f062f7", + "65dcc57fcf623a24094fcca40d3533f8", + }, + new string[] + { + "Test Case 12", + "feffe9928665731c6d6a8f9467308308" + + "feffe9928665731c", + "d9313225f88406e5a55909c5aff5269a" + + "86a7a9531534f7da2e4c303d8a318a72" + + "1c3c0c95956809532fcf0e2449a6b525" + + "b16aedf5aa0de657ba637b39", + "feedfacedeadbeeffeedfacedeadbeef" + + "abaddad2", + "9313225df88406e555909c5aff5269aa" + + "6a7a9538534f7da1e4c303d2a318a728" + + "c3c0c95156809539fcf0e2429a6b5254" + + "16aedbf5a0de6a57a637b39b", + "d27e88681ce3243c4830165a8fdcf9ff" + + "1de9a1d8e6b447ef6ef7b79828666e45" + + "81e79012af34ddd9e2f037589b292db3" + + "e67c036745fa22e7e9b7373b", + "dcf566ff291c25bbb8568fc3d376a6d9", + }, + new string[] + { + "Test Case 13", + "00000000000000000000000000000000" + + "00000000000000000000000000000000", + "", + "", + "000000000000000000000000", + "", + "530f8afbc74536b9a963b4f1c4cb738b", + }, + new string[] + { + "Test Case 14", + "00000000000000000000000000000000" + + "00000000000000000000000000000000", + "00000000000000000000000000000000", + "", + "000000000000000000000000", + "cea7403d4d606b6e074ec5d3baf39d18", + "d0d1c8a799996bf0265b98b5d48ab919", + }, + new string[] + { + "Test Case 15", + "feffe9928665731c6d6a8f9467308308" + + "feffe9928665731c6d6a8f9467308308", + "d9313225f88406e5a55909c5aff5269a" + + "86a7a9531534f7da2e4c303d8a318a72" + + "1c3c0c95956809532fcf0e2449a6b525" + + "b16aedf5aa0de657ba637b391aafd255", + "", + "cafebabefacedbaddecaf888", + "522dc1f099567d07f47f37a32a84427d" + + "643a8cdcbfe5c0c97598a2bd2555d1aa" + + "8cb08e48590dbb3da7b08b1056828838" + + "c5f61e6393ba7a0abcc9f662898015ad", + "b094dac5d93471bdec1a502270e3cc6c", + }, + new string[] + { + "Test Case 16", + "feffe9928665731c6d6a8f9467308308" + + "feffe9928665731c6d6a8f9467308308", + "d9313225f88406e5a55909c5aff5269a" + + "86a7a9531534f7da2e4c303d8a318a72" + + "1c3c0c95956809532fcf0e2449a6b525" + + "b16aedf5aa0de657ba637b39", + "feedfacedeadbeeffeedfacedeadbeef" + + "abaddad2", + "cafebabefacedbaddecaf888", + "522dc1f099567d07f47f37a32a84427d" + + "643a8cdcbfe5c0c97598a2bd2555d1aa" + + "8cb08e48590dbb3da7b08b1056828838" + + "c5f61e6393ba7a0abcc9f662", + "76fc6ece0f4e1768cddf8853bb2d551b", + }, + new string[] + { + "Test Case 17", + "feffe9928665731c6d6a8f9467308308" + + "feffe9928665731c6d6a8f9467308308", + "d9313225f88406e5a55909c5aff5269a" + + "86a7a9531534f7da2e4c303d8a318a72" + + "1c3c0c95956809532fcf0e2449a6b525" + + "b16aedf5aa0de657ba637b39", + "feedfacedeadbeeffeedfacedeadbeef" + + "abaddad2", + "cafebabefacedbad", + "c3762df1ca787d32ae47c13bf19844cb" + + "af1ae14d0b976afac52ff7d79bba9de0" + + "feb582d33934a4f0954cc2363bc73f78" + + "62ac430e64abe499f47c9b1f", + "3a337dbf46a792c45e454913fe2ea8f2", + }, + new string[] + { + "Test Case 18", + "feffe9928665731c6d6a8f9467308308" + + "feffe9928665731c6d6a8f9467308308", + "d9313225f88406e5a55909c5aff5269a" + + "86a7a9531534f7da2e4c303d8a318a72" + + "1c3c0c95956809532fcf0e2449a6b525" + + "b16aedf5aa0de657ba637b39", + "feedfacedeadbeeffeedfacedeadbeef" + + "abaddad2", + "9313225df88406e555909c5aff5269aa" + + "6a7a9538534f7da1e4c303d2a318a728" + + "c3c0c95156809539fcf0e2429a6b5254" + + "16aedbf5a0de6a57a637b39b", + "5a8def2f0c9e53f1f75d7853659e2a20" + + "eeb2b22aafde6419a058ab4f6f746bf4" + + "0fc0c3b780f244452da3ebf1c5d82cde" + + "a2418997200ef82e44ae7e3f", + "a44a8266ee1c8eb0c8b5d4cf5ae9f19a", + }, + }; + + public override string Name + { + get { return "GCM"; } + } + + public override void PerformTest() + { + for (int i = 0; i < TestVectors.Length; ++i) + { + RunTestCase(TestVectors[i]); + } + + RandomTests(); + OutputSizeTests(); + DoTestExceptions(); + } + + protected IBlockCipher CreateAesEngine() + { + return new AesEngine(); + } + + private void DoTestExceptions() + { + GcmBlockCipher gcm = new GcmBlockCipher(CreateAesEngine()); + + try + { + gcm = new GcmBlockCipher(new DesEngine()); + + Fail("incorrect block size not picked up"); + } + catch (ArgumentException) + { + // expected + } + + try + { + gcm.Init(false, new KeyParameter(new byte[16])); + + Fail("illegal argument not picked up"); + } + catch (ArgumentException) + { + // expected + } + + AeadTestUtilities.TestTampering(this, gcm, new AeadParameters(new KeyParameter(new byte[16]), 128, new byte[16])); + + byte[] P = Strings.ToByteArray("Hello world!"); + byte[] buf = new byte[100]; + + GcmBlockCipher c = new GcmBlockCipher(CreateAesEngine()); + AeadParameters aeadParameters = new AeadParameters(new KeyParameter(new byte[16]), 128, new byte[16]); + c.Init(true, aeadParameters); + + c.ProcessBytes(P, 0, P.Length, buf, 0); + + c.DoFinal(buf, 0); + + try + { + c.DoFinal(buf, 0); + Fail("no exception on reuse"); + } + catch (InvalidOperationException e) + { + IsTrue("wrong message", e.Message.Equals("GCM cipher cannot be reused for encryption")); + } + + try + { + c.Init(true, aeadParameters); + Fail("no exception on reuse"); + } + catch (ArgumentException e) + { + IsTrue("wrong message", e.Message.Equals("cannot reuse nonce for GCM encryption")); + } + } + + private void RunTestCase(string[] testVector) + { + for (int macLength = 12; macLength <= 16; ++macLength) + { + RunTestCase(testVector, macLength); + } + } + + private void RunTestCase(string[] testVector, int macLength) + { + int pos = 0; + string testName = testVector[pos++]; + byte[] K = Hex.Decode(testVector[pos++]); + byte[] P = Hex.Decode(testVector[pos++]); + byte[] A = Hex.Decode(testVector[pos++]); + byte[] IV = Hex.Decode(testVector[pos++]); + byte[] C = Hex.Decode(testVector[pos++]); + + // For short MAC, take leading bytes + byte[] t = Hex.Decode(testVector[pos++]); + byte[] T = new byte[macLength]; + Array.Copy(t, T, T.Length); + + // Default multiplier + RunTestCase(null, null, testName, K, IV, A, P, C, T); + + RunTestCase(new BasicGcmMultiplier(), new BasicGcmMultiplier(), testName, K, IV, A, P, C, T); + RunTestCase(new Tables4kGcmMultiplier(), new Tables4kGcmMultiplier(), testName, K, IV, A, P, C, T); + RunTestCase(new Tables8kGcmMultiplier(), new Tables8kGcmMultiplier(), testName, K, IV, A, P, C, T); + RunTestCase(new Tables64kGcmMultiplier(), new Tables64kGcmMultiplier(), testName, K, IV, A, P, C, T); + } + + private void RunTestCase( + IGcmMultiplier encM, + IGcmMultiplier decM, + string testName, + byte[] K, + byte[] IV, + byte[] A, + byte[] P, + byte[] C, + byte[] T) + { + byte[] fa = new byte[A.Length / 2]; + byte[] la = new byte[A.Length - (A.Length / 2)]; + Array.Copy(A, 0, fa, 0, fa.Length); + Array.Copy(A, fa.Length, la, 0, la.Length); + + RunTestCase(encM, decM, testName + " all initial associated data", K, IV, A, null, P, C, T); + RunTestCase(encM, decM, testName + " all subsequent associated data", K, IV, null, A, P, C, T); + RunTestCase(encM, decM, testName + " split associated data", K, IV, fa, la, P, C, T); + } + + private void RunTestCase( + IGcmMultiplier encM, + IGcmMultiplier decM, + string testName, + byte[] K, + byte[] IV, + byte[] A, + byte[] SA, + byte[] P, + byte[] C, + byte[] T) + { + AeadParameters parameters = new AeadParameters(new KeyParameter(K), T.Length * 8, IV, A); + GcmBlockCipher encCipher = InitCipher(encM, true, parameters); + GcmBlockCipher decCipher = InitCipher(decM, false, parameters); + CheckTestCase(encCipher, decCipher, testName, SA, P, C, T); + encCipher = InitCipher(encM, true, parameters); + CheckTestCase(encCipher, decCipher, testName + " (reused)", SA, P, C, T); + + // Key reuse + AeadParameters keyReuseParams = AeadTestUtilities.ReuseKey(parameters); + + try + { + encCipher.Init(true, keyReuseParams); + Fail("no exception"); + } + catch (ArgumentException e) + { + IsTrue("wrong message", "cannot reuse nonce for GCM encryption".Equals(e.Message)); + } + } + + private GcmBlockCipher InitCipher( + IGcmMultiplier m, + bool forEncryption, + AeadParameters parameters) + { + GcmBlockCipher c = new GcmBlockCipher(CreateAesEngine(), m); + c.Init(forEncryption, parameters); + return c; + } + + private void CheckTestCase( + GcmBlockCipher encCipher, + GcmBlockCipher decCipher, + string testName, + byte[] SA, + byte[] P, + byte[] C, + byte[] T) + { + byte[] enc = new byte[encCipher.GetOutputSize(P.Length)]; + if (SA != null) + { + encCipher.ProcessAadBytes(SA, 0, SA.Length); + } + int len = encCipher.ProcessBytes(P, 0, P.Length, enc, 0); + len += encCipher.DoFinal(enc, len); + + if (enc.Length != len) + { +// Console.WriteLine("" + enc.Length + "/" + len); + Fail("encryption reported incorrect length: " + testName); + } + + byte[] mac = encCipher.GetMac(); + + byte[] data = new byte[P.Length]; + Array.Copy(enc, data, data.Length); + byte[] tail = new byte[enc.Length - P.Length]; + Array.Copy(enc, P.Length, tail, 0, tail.Length); + + if (!AreEqual(C, data)) + { + Fail("incorrect encrypt in: " + testName); + } + + if (!AreEqual(T, mac)) + { + Fail("GetMac() returned wrong mac in: " + testName); + } + + if (!AreEqual(T, tail)) + { + Fail("stream contained wrong mac in: " + testName); + } + + byte[] dec = new byte[decCipher.GetOutputSize(enc.Length)]; + if (SA != null) + { + decCipher.ProcessAadBytes(SA, 0, SA.Length); + } + len = decCipher.ProcessBytes(enc, 0, enc.Length, dec, 0); + len += decCipher.DoFinal(dec, len); + mac = decCipher.GetMac(); + + data = new byte[C.Length]; + Array.Copy(dec, data, data.Length); + + if (!AreEqual(P, data)) + { + Fail("incorrect decrypt in: " + testName); + } + } + + private void RandomTests() + { + SecureRandom srng = new SecureRandom(); + srng.SetSeed(DateTimeUtilities.CurrentUnixMs()); + RandomTests(srng, null); + RandomTests(srng, new BasicGcmMultiplier()); + RandomTests(srng, new Tables4kGcmMultiplier()); + RandomTests(srng, new Tables8kGcmMultiplier()); + RandomTests(srng, new Tables64kGcmMultiplier()); + } + + private void RandomTests(SecureRandom srng, IGcmMultiplier m) + { + for (int i = 0; i < 10; ++i) + { + RandomTest(srng, m); + } + } + + private void RandomTest(SecureRandom srng, IGcmMultiplier m) + { + int kLength = 16 + 8 * srng.Next(3); + byte[] K = new byte[kLength]; + srng.NextBytes(K); + + int pLength = srng.Next(65536); + byte[] P = new byte[pLength]; + srng.NextBytes(P); + + int aLength = srng.Next(256); + byte[] A = new byte[aLength]; + srng.NextBytes(A); + + int saLength = srng.Next(256); + byte[] SA = new byte[saLength]; + srng.NextBytes(SA); + + int ivLength = 1 + srng.Next(256); + byte[] IV = new byte[ivLength]; + srng.NextBytes(IV); + + AeadParameters parameters = new AeadParameters(new KeyParameter(K), 16 * 8, IV, A); + GcmBlockCipher cipher = InitCipher(m, true, parameters); + byte[] C = new byte[cipher.GetOutputSize(P.Length)]; + int predicted = cipher.GetUpdateOutputSize(P.Length); + + int split = srng.Next(SA.Length + 1); + cipher.ProcessAadBytes(SA, 0, split); + int len = cipher.ProcessBytes(P, 0, P.Length, C, 0); + cipher.ProcessAadBytes(SA, split, SA.Length - split); + + if (predicted != len) + { + Fail("encryption reported incorrect update length in randomised test"); + } + + len += cipher.DoFinal(C, len); + + if (C.Length != len) + { + Fail("encryption reported incorrect length in randomised test"); + } + + byte[] encT = cipher.GetMac(); + byte[] tail = new byte[C.Length - P.Length]; + Array.Copy(C, P.Length, tail, 0, tail.Length); + + if (!AreEqual(encT, tail)) + { + Fail("stream contained wrong mac in randomised test"); + } + + cipher.Init(false, parameters); + byte[] decP = new byte[cipher.GetOutputSize(C.Length)]; + predicted = cipher.GetUpdateOutputSize(C.Length); + + split = srng.Next(SA.Length + 1); + cipher.ProcessAadBytes(SA, 0, split); + len = cipher.ProcessBytes(C, 0, C.Length, decP, 0); + cipher.ProcessAadBytes(SA, split, SA.Length - split); + + if (predicted != len) + { + Fail("decryption reported incorrect update length in randomised test"); + } + + len += cipher.DoFinal(decP, len); + + if (!AreEqual(P, decP)) + { + Fail("incorrect decrypt in randomised test"); + } + + byte[] decT = cipher.GetMac(); + if (!AreEqual(encT, decT)) + { + Fail("decryption produced different mac from encryption"); + } + + // + // key reuse test + // + cipher.Init(false, AeadTestUtilities.ReuseKey(parameters)); + decP = new byte[cipher.GetOutputSize(C.Length)]; + + split = NextInt(srng, SA.Length + 1); + cipher.ProcessAadBytes(SA, 0, split); + len = cipher.ProcessBytes(C, 0, C.Length, decP, 0); + cipher.ProcessAadBytes(SA, split, SA.Length - split); + + len += cipher.DoFinal(decP, len); + + if (!AreEqual(P, decP)) + { + Fail("incorrect decrypt in randomised test"); + } + + decT = cipher.GetMac(); + if (!AreEqual(encT, decT)) + { + Fail("decryption produced different mac from encryption"); + } + } + + private void OutputSizeTests() + { + byte[] K = new byte[16]; + byte[] A = null; + byte[] IV = new byte[16]; + + AeadParameters parameters = new AeadParameters(new KeyParameter(K), 16 * 8, IV, A); + GcmBlockCipher cipher = InitCipher(null, true, parameters); + + if (cipher.GetUpdateOutputSize(0) != 0) + { + Fail("incorrect getUpdateOutputSize for initial 0 bytes encryption"); + } + + if (cipher.GetOutputSize(0) != 16) + { + Fail("incorrect getOutputSize for initial 0 bytes encryption"); + } + + cipher.Init(false, parameters); + + if (cipher.GetUpdateOutputSize(0) != 0) + { + Fail("incorrect getUpdateOutputSize for initial 0 bytes decryption"); + } + + // NOTE: 0 bytes would be truncated data, but we want it to fail in the doFinal, not here + if (cipher.GetOutputSize(0) != 0) + { + Fail("fragile getOutputSize for initial 0 bytes decryption"); + } + + if (cipher.GetOutputSize(16) != 0) + { + Fail("incorrect getOutputSize for initial MAC-size bytes decryption"); + } + } + + private static int NextInt(SecureRandom rand, int n) + { + if ((n & -n) == n) // i.e., n is a power of 2 + { + return (int)(((uint)n * (ulong)((uint)rand.NextInt() >> 1)) >> 31); + } + + int bits, value; + do + { + bits = (int)((uint)rand.NextInt() >> 1); + value = bits % n; + } + while (bits - value + (n - 1) < 0); + + return value; + } + + public static void Main( + string[] args) + { + RunTest(new GcmTest()); + } + + [Test] + public void TestFunction() + { + string resultText = Perform().ToString(); + + Assert.AreEqual(Name + ": Okay", resultText); + } + } +} diff --git a/BouncyCastle/crypto/test/src/crypto/test/GMacTest.cs b/BouncyCastle/crypto/test/src/crypto/test/GMacTest.cs new file mode 100644 index 0000000..0b37e1a --- /dev/null +++ b/BouncyCastle/crypto/test/src/crypto/test/GMacTest.cs @@ -0,0 +1,191 @@ +using System; + +using NUnit.Framework; + +using Org.BouncyCastle.Crypto.Engines; +using Org.BouncyCastle.Crypto.Macs; +using Org.BouncyCastle.Crypto.Modes; +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Utilities.Encoders; +using Org.BouncyCastle.Utilities.Test; + +namespace Org.BouncyCastle.Crypto.Tests +{ + /** + * Test vectors for AES-GMAC, extracted from NIST CAVP GCM test + * vectors. + * + */ + [TestFixture] + public class GMacTest + : SimpleTest + { + private class TestCase + { + private byte[] key; + private byte[] iv; + private byte[] ad; + private byte[] tag; + private string name; + + internal TestCase(string name, string key, string iv, string ad, string tag) + { + this.name = name; + this.key = Hex.Decode(key); + this.iv = Hex.Decode(iv); + this.ad = Hex.Decode(ad); + this.tag = Hex.Decode(tag); + } + + public string getName() + { + return name; + } + + public byte[] getKey() + { + return key; + } + + public byte[] getIv() + { + return iv; + } + + public byte[] getAd() + { + return ad; + } + + public byte[] getTag() + { + return tag; + } + } + + private TestCase[] TEST_VECTORS = new TestCase[] { + // Count = 0, from each of the PTlen = 0 test vector sequences + new TestCase("128/96/0/128", "11754cd72aec309bf52f7687212e8957", "3c819d9a9bed087615030b65", "", + "250327c674aaf477aef2675748cf6971"), + new TestCase("128/96/0/120", "272f16edb81a7abbea887357a58c1917", "794ec588176c703d3d2a7a07", "", + "b6e6f197168f5049aeda32dafbdaeb"), + new TestCase("128/96/0/112", "81b6844aab6a568c4556a2eb7eae752f", "ce600f59618315a6829bef4d", "", + "89b43e9dbc1b4f597dbbc7655bb5"), + new TestCase("128/96/0/104", "cde2f9a9b1a004165ef9dc981f18651b", "29512c29566c7322e1e33e8e", "", + "2e58ce7dabd107c82759c66a75"), + new TestCase("128/96/0/96", "b01e45cc3088aaba9fa43d81d481823f", "5a2c4a66468713456a4bd5e1", "", + "014280f944f53c681164b2ff"), + + new TestCase("128/96/128/128", "77be63708971c4e240d1cb79e8d77feb", "e0e00f19fed7ba0136a797f3", + "7a43ec1d9c0a5a78a0b16533a6213cab", "209fcc8d3675ed938e9c7166709dd946"), + new TestCase("128/96/128/96", "bea48ae4980d27f357611014d4486625", "32bddb5c3aa998a08556454c", + "8a50b0b8c7654bced884f7f3afda2ead", "8e0f6d8bf05ffebe6f500eb1"), + + new TestCase("128/96/384/128", "99e3e8793e686e571d8285c564f75e2b", "c2dd0ab868da6aa8ad9c0d23", + "b668e42d4e444ca8b23cfdd95a9fedd5178aa521144890b093733cf5cf22526c5917ee476541809ac6867a8c399309fc", + "3f4fba100eaf1f34b0baadaae9995d85"), + new TestCase("128/96/384/96", "c77acd1b0918e87053cb3e51651e7013", "39ff857a81745d10f718ac00", + "407992f82ea23b56875d9a3cb843ceb83fd27cb954f7c5534d58539fe96fb534502a1b38ea4fac134db0a42de4be1137", + "2a5dc173285375dc82835876"), + + new TestCase( + "128/1024/0/128", + "d0f1f4defa1e8c08b4b26d576392027c", + "42b4f01eb9f5a1ea5b1eb73b0fb0baed54f387ecaa0393c7d7dffc6af50146ecc021abf7eb9038d4303d91f8d741a11743166c0860208bcc02c6258fd9511a2fa626f96d60b72fcff773af4e88e7a923506e4916ecbd814651e9f445adef4ad6a6b6c7290cc13b956130eef5b837c939fcac0cbbcc9656cd75b13823ee5acdac", + "", "7ab49b57ddf5f62c427950111c5c4f0d"), + new TestCase( + "128/1024/384/96", + "3cce72d37933394a8cac8a82deada8f0", + "aa2f0d676d705d9733c434e481972d4888129cf7ea55c66511b9c0d25a92a174b1e28aa072f27d4de82302828955aadcb817c4907361869bd657b45ff4a6f323871987fcf9413b0702d46667380cd493ed24331a28b9ce5bbfa82d3a6e7679fcce81254ba64abcad14fd18b22c560a9d2c1cd1d3c42dac44c683edf92aced894", + "5686b458e9c176f4de8428d9ebd8e12f569d1c7595cf49a4b0654ab194409f86c0dd3fdb8eb18033bb4338c70f0b97d1", + "a3a9444b21f330c3df64c8b6"), }; + + public override void PerformTest() + { + for (int i = 0; i < TEST_VECTORS.Length; i++) + { + TestCase testCase = TEST_VECTORS[i]; + + IMac mac = new GMac(new GcmBlockCipher(new AesEngine()), testCase.getTag().Length * 8); + ICipherParameters key = new KeyParameter(testCase.getKey()); + mac.Init(new ParametersWithIV(key, testCase.getIv())); + + testSingleByte(mac, testCase); + + mac = new GMac(new GcmBlockCipher(new AesEngine()), testCase.getTag().Length * 8); + mac.Init(new ParametersWithIV(key, testCase.getIv())); + + testMultibyte(mac, testCase); + } + + // Invalid mac size + testInvalidMacSize(97); + testInvalidMacSize(136); + testInvalidMacSize(24); + } + + private void testInvalidMacSize(int size) + { + try + { + GMac mac = new GMac(new GcmBlockCipher(new AesEngine()), size); + mac.Init(new ParametersWithIV(null, new byte[16])); + Fail("Expected failure for illegal mac size " + size); + } + catch (ArgumentException e) + { + if (!e.Message.StartsWith("Invalid value for MAC size")) + { + Fail("Illegal mac size failed with unexpected message"); + } + } + } + + private void testMultibyte(IMac mac, TestCase testCase) + { + mac.BlockUpdate(testCase.getAd(), 0, testCase.getAd().Length); + checkMac(mac, testCase); + } + + private void testSingleByte(IMac mac, TestCase testCase) + { + byte[] ad = testCase.getAd(); + for (int i = 0; i < ad.Length; i++) + { + mac.Update(ad[i]); + } + checkMac(mac, testCase); + } + + private void checkMac(IMac mac, TestCase testCase) + { + byte[] generatedMac = new byte[mac.GetMacSize()]; + mac.DoFinal(generatedMac, 0); + if (!AreEqual(testCase.getTag(), generatedMac)) + { + Fail("Failed " + testCase.getName() + " - expected " + Hex.ToHexString(testCase.getTag()) + " got " + + Hex.ToHexString(generatedMac)); + } + } + + public override string Name + { + get { return "GMac"; } + } + + public static void Main( + string[] args) + { + RunTest(new GMacTest()); + } + + [Test] + public void TestFunction() + { + string resultText = Perform().ToString(); + + Assert.AreEqual(Name + ": Okay", resultText); + } + } +} diff --git a/BouncyCastle/crypto/test/src/crypto/test/GOST28147MacTest.cs b/BouncyCastle/crypto/test/src/crypto/test/GOST28147MacTest.cs new file mode 100644 index 0000000..5f3188f --- /dev/null +++ b/BouncyCastle/crypto/test/src/crypto/test/GOST28147MacTest.cs @@ -0,0 +1,105 @@ +using System; + +using NUnit.Framework; + +using Org.BouncyCastle.Crypto; +using Org.BouncyCastle.Crypto.Engines; +using Org.BouncyCastle.Crypto.Macs; +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Math; +using Org.BouncyCastle.Utilities; +using Org.BouncyCastle.Utilities.Encoders; +using Org.BouncyCastle.Utilities.Test; + +namespace Org.BouncyCastle.Crypto.Tests +{ + /** + * GOST 28147 MAC tester + */ + [TestFixture] + public class Gost28147MacTest + : ITest + { + // + // these GOSTMac for testing. + // + static byte[] gkeyBytes1 = Hex.Decode("6d145dc993f4019e104280df6fcd8cd8e01e101e4c113d7ec4f469ce6dcd9e49"); + static byte[] gkeyBytes2 = Hex.Decode("6d145dc993f4019e104280df6fcd8cd8e01e101e4c113d7ec4f469ce6dcd9e49"); + + static byte[] input3 = Hex.Decode("7768617420646f2079612077616e7420666f72206e6f7468696e673f"); + static byte[] input4 = Hex.Decode("7768617420646f2079612077616e7420666f72206e6f7468696e673f"); + + static byte[] output7 = Hex.Decode("93468a46"); + static byte[] output8 = Hex.Decode("93468a46"); + + public Gost28147MacTest() + { + } + + public ITestResult Perform() + { + // test1 + IMac mac = new Gost28147Mac(); + KeyParameter key = new KeyParameter(gkeyBytes1); + + mac.Init(key); + + mac.BlockUpdate(input3, 0, input3.Length); + + byte[] outBytes = new byte[4]; + + mac.DoFinal(outBytes, 0); + + if (!Arrays.AreEqual(outBytes, output7)) + { + return new SimpleTestResult(false, Name + ": Failed test 1 - expected " + + Hex.ToHexString(output7) + + " got " + Hex.ToHexString(outBytes)); + } + + // test2 + key = new KeyParameter(gkeyBytes2); + + ParametersWithSBox gparam = new ParametersWithSBox(key, Gost28147Engine.GetSBox("E-A")); + + mac.Init(gparam); + + mac.BlockUpdate(input4, 0, input4.Length); + + outBytes = new byte[4]; + + mac.DoFinal(outBytes, 0); + + if (!Arrays.AreEqual(outBytes, output8)) + { + return new SimpleTestResult(false, Name + ": Failed test 2 - expected " + + Hex.ToHexString(output8) + + " got " + Hex.ToHexString(outBytes)); + } + + return new SimpleTestResult(true, Name + ": Okay"); + } + + public string Name + { + get { return "Gost28147Mac"; } + } + + public static void Main( + string[] args) + { + ITest test = new Gost28147MacTest(); + ITestResult result = test.Perform(); + + Console.WriteLine(result); + } + + [Test] + public void TestFunction() + { + string resultText = Perform().ToString(); + + Assert.AreEqual(Name + ": Okay", resultText); + } + } +} diff --git a/BouncyCastle/crypto/test/src/crypto/test/GOST28147Test.cs b/BouncyCastle/crypto/test/src/crypto/test/GOST28147Test.cs new file mode 100644 index 0000000..865dcc2 --- /dev/null +++ b/BouncyCastle/crypto/test/src/crypto/test/GOST28147Test.cs @@ -0,0 +1,377 @@ +using System; + +using NUnit.Framework; + +using Org.BouncyCastle.Crypto.Digests; +using Org.BouncyCastle.Crypto.Engines; +using Org.BouncyCastle.Crypto.Modes; +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Math; +using Org.BouncyCastle.Security; +using Org.BouncyCastle.Utilities.Encoders; +using Org.BouncyCastle.Utilities.Test; + +namespace Org.BouncyCastle.Crypto.Tests +{ + [TestFixture] + public class Gost28147Test + : CipherTest + { + static string input1 = "0000000000000000"; + static string output1 = "1b0bbc32cebcab42"; + static string input2 = "bc350e71aac5f5c2"; + static string output2 = "d35ab653493b49f5"; + static string input3 = "bc350e71aa11345709acde"; + static string output3 = "8824c124c4fd14301fb1e8"; + static string input4 = "000102030405060708090a0b0c0d0e0fff0102030405060708090a0b0c0d0e0f"; + static string output4 = "29b7083e0a6d955ca0ec5b04fdb4ea41949f1dd2efdf17baffc1780b031f3934"; + + static byte[] TestSBox = { + 0x0,0x1,0x2,0x3,0x4,0x5,0x6,0x7,0x8,0x9,0xA,0xB,0xC,0xD,0xE,0xF, + 0xF,0xE,0xD,0xC,0xB,0xA,0x9,0x8,0x7,0x6,0x5,0x4,0x3,0x2,0x1,0x0, + 0x0,0x1,0x2,0x3,0x4,0x5,0x6,0x7,0x8,0x9,0xA,0xB,0xC,0xD,0xE,0xF, + 0xF,0xE,0xD,0xC,0xB,0xA,0x9,0x8,0x7,0x6,0x5,0x4,0x3,0x2,0x1,0x0, + 0x0,0x1,0x2,0x3,0x4,0x5,0x6,0x7,0x8,0x9,0xA,0xB,0xC,0xD,0xE,0xF, + 0xF,0xE,0xD,0xC,0xB,0xA,0x9,0x8,0x7,0x6,0x5,0x4,0x3,0x2,0x1,0x0, + 0x0,0x1,0x2,0x3,0x4,0x5,0x6,0x7,0x8,0x9,0xA,0xB,0xC,0xD,0xE,0xF, + 0xF,0xE,0xD,0xC,0xB,0xA,0x9,0x8,0x7,0x6,0x5,0x4,0x3,0x2,0x1,0x0 + }; + + static byte[] TestSBox_1 = + { + 0xE, 0x3, 0xC, 0xD, 0x1, 0xF, 0xA, 0x9, 0xB, 0x6, 0x2, 0x7, 0x5, 0x0, 0x8, 0x4, + 0xD, 0x9, 0x0, 0x4, 0x7, 0x1, 0x3, 0xB, 0x6, 0xC, 0x2, 0xA, 0xF, 0xE, 0x5, 0x8, + 0x8, 0xB, 0xA, 0x7, 0x1, 0xD, 0x5, 0xC, 0x6, 0x3, 0x9, 0x0, 0xF, 0xE, 0x2, 0x4, + 0xD, 0x7, 0xC, 0x9, 0xF, 0x0, 0x5, 0x8, 0xA, 0x2, 0xB, 0x6, 0x4, 0x3, 0x1, 0xE, + 0xB, 0x4, 0x6, 0x5, 0x0, 0xF, 0x1, 0xC, 0x9, 0xE, 0xD, 0x8, 0x3, 0x7, 0xA, 0x2, + 0xD, 0xF, 0x9, 0x4, 0x2, 0xC, 0x5, 0xA, 0x6, 0x0, 0x3, 0x8, 0x7, 0xE, 0x1, 0xB, + 0xF, 0xE, 0x9, 0x5, 0xB, 0x2, 0x1, 0x8, 0x6, 0x0, 0xD, 0x3, 0x4, 0x7, 0xC, 0xA, + 0xA, 0x3, 0xE, 0x2, 0x0, 0x1, 0x4, 0x6, 0xB, 0x8, 0xC, 0x7, 0xD, 0x5, 0xF, 0x9 + }; + + static SimpleTest[] tests = + { new BlockCipherVectorTest(1, new Gost28147Engine(), + new KeyParameter(Hex.Decode("546d203368656c326973652073736e62206167796967747473656865202c3d73")), + input1, output1), + new BlockCipherVectorTest(2, new CbcBlockCipher(new Gost28147Engine()), + new ParametersWithIV(new KeyParameter(Hex.Decode("00112233445566778899AABBCCDDEEFF00112233445566778899AABBCCDDEEFF")), + Hex.Decode("1234567890abcdef")), input2, output2), + new BlockCipherVectorTest(3, new GOfbBlockCipher(new Gost28147Engine()), + new ParametersWithIV(new KeyParameter(Hex.Decode("0011223344556677889900112233445566778899001122334455667788990011")), + Hex.Decode("1234567890abcdef")), //IV + input3, output3), + new BlockCipherVectorTest(4, new CfbBlockCipher(new Gost28147Engine(), 64), + new ParametersWithIV(new KeyParameter(Hex.Decode("aafd12f659cae63489b479e5076ddec2f06cb58faafd12f659cae63489b479e5")), + Hex.Decode("aafd12f659cae634")), input4, output4), + + //tests with parameters, set S-box. + new BlockCipherVectorTest(5, new Gost28147Engine(), + new KeyParameter(Hex.Decode("546d203368656c326973652073736e62206167796967747473656865202c3d73")),//key , default parameter S-box set to D-Test + input1, output1), + new BlockCipherVectorTest(6, new CfbBlockCipher(new Gost28147Engine(), 64), + new ParametersWithIV( + new ParametersWithSBox( + new KeyParameter(Hex.Decode("546d203368656c326973652073736e62206167796967747473656865202c3d73")), //key + Gost28147Engine.GetSBox("D-Test")), //type S-box + Hex.Decode("1234567890abcdef")), //IV + "0000000000000000", //input message + "b587f7a0814c911d"), //encrypt message + new BlockCipherVectorTest(7, new CfbBlockCipher(new Gost28147Engine(), 64), + new ParametersWithIV( + new ParametersWithSBox( + new KeyParameter(Hex.Decode("546d203368656c326973652073736e62206167796967747473656865202c3d73")), //key + Gost28147Engine.GetSBox("E-Test")), //type S-box + Hex.Decode("1234567890abcdef")), //IV + "0000000000000000", //input message + "e8287f53f991d52b"), //encrypt message + new BlockCipherVectorTest(8, new CfbBlockCipher(new Gost28147Engine(), 64), + new ParametersWithIV( + new ParametersWithSBox( + new KeyParameter(Hex.Decode("546d203368656c326973652073736e62206167796967747473656865202c3d73")), //key + Gost28147Engine.GetSBox("E-A")), //type S-box + Hex.Decode("1234567890abcdef")), //IV + "0000000000000000", //input message + "c41009dba22ebe35"), //encrypt message + new BlockCipherVectorTest(9, new CfbBlockCipher(new Gost28147Engine(), 8), + new ParametersWithIV( + new ParametersWithSBox( + new KeyParameter(Hex.Decode("546d203368656c326973652073736e62206167796967747473656865202c3d73")), //key + Gost28147Engine.GetSBox("E-B")), //type S-box + Hex.Decode("1234567890abcdef")), //IV + "0000000000000000", //input message + "80d8723fcd3aba28"), //encrypt message + new BlockCipherVectorTest(10, new CfbBlockCipher(new Gost28147Engine(), 8), + new ParametersWithIV( + new ParametersWithSBox( + new KeyParameter(Hex.Decode("546d203368656c326973652073736e62206167796967747473656865202c3d73")), //key + Gost28147Engine.GetSBox("E-C")), //type S-box + Hex.Decode("1234567890abcdef")), //IV + "0000000000000000", //input message + "739f6f95068499b5"), //encrypt message + new BlockCipherVectorTest(11, new CfbBlockCipher(new Gost28147Engine(), 8), + new ParametersWithIV( + new ParametersWithSBox( + new KeyParameter(Hex.Decode("546d203368656c326973652073736e62206167796967747473656865202c3d73")), //key + Gost28147Engine.GetSBox("E-D")), //type S-box + Hex.Decode("1234567890abcdef")), //IV + "0000000000000000", //input message + "4663f720f4340f57"), //encrypt message + new BlockCipherVectorTest(12, new CfbBlockCipher(new Gost28147Engine(), 8), + new ParametersWithIV( + new ParametersWithSBox( + new KeyParameter(Hex.Decode("546d203368656c326973652073736e62206167796967747473656865202c3d73")), //key + Gost28147Engine.GetSBox("D-A")), //type S-box + Hex.Decode("1234567890abcdef")), //IV + "0000000000000000", //input message + "5bb0a31d218ed564"), //encrypt message + new BlockCipherVectorTest(13, new CfbBlockCipher(new Gost28147Engine(), 8), + new ParametersWithIV( + new ParametersWithSBox( + new KeyParameter(Hex.Decode("546d203368656c326973652073736e62206167796967747473656865202c3d73")), //key + TestSBox), //set own S-box + Hex.Decode("1234567890abcdef")), //IV + "0000000000000000", //input message + "c3af96ef788667c5"), //encrypt message + new BlockCipherVectorTest(14, new GOfbBlockCipher(new Gost28147Engine()), + new ParametersWithIV( + new ParametersWithSBox( + new KeyParameter(Hex.Decode("4ef72b778f0b0bebeef4f077551cb74a927b470ad7d7f2513454569a247e989d")), //key + Gost28147Engine.GetSBox("E-A")), //type S-box + Hex.Decode("1234567890abcdef")), //IV + "bc350e71aa11345709acde", //input message + "1bcc2282707c676fb656dc"), //encrypt message + new BlockCipherVectorTest(15, new GOfbBlockCipher(new Gost28147Engine()), + new ParametersWithIV( + new ParametersWithSBox( + new KeyParameter(Hex.Decode("0A43145BA8B9E9FF0AEA67D3F26AD87854CED8D9017B3D33ED81301F90FDF993")), //key + TestSBox_1), //type, IV, S-box + Hex.Decode("8001069080010690")), + "094C912C5EFDD703D42118971694580B", //input message + "2707B58DF039D1A64460735FFE76D55F"), //encrypt message + new BlockCipherVectorTest(16, new GOfbBlockCipher(new Gost28147Engine()), + new ParametersWithIV( + new ParametersWithSBox( + new KeyParameter(Hex.Decode("0A43145BA8B9E9FF0AEA67D3F26AD87854CED8D9017B3D33ED81301F90FDF993")), //key + TestSBox_1), //type, S-box + Hex.Decode("800107A0800107A0")), + "FE780800E0690083F20C010CF00C0329", //input message + "9AF623DFF948B413B53171E8D546188D"), //encrypt message + new BlockCipherVectorTest(17, new GOfbBlockCipher(new Gost28147Engine()), + new ParametersWithIV( + new ParametersWithSBox( + new KeyParameter(Hex.Decode("0A43145BA8B9E9FF0AEA67D3F26AD87854CED8D9017B3D33ED81301F90FDF993")), //key + TestSBox_1), //type, S-box + Hex.Decode("8001114080011140")), + "D1088FD8C0A86EE8F1DCD1088FE8C058", //input message + "62A6B64D12253BCD8241A4BB0CFD3E7C"), //encrypt message + new BlockCipherVectorTest(18, new GOfbBlockCipher(new Gost28147Engine()), + new ParametersWithIV( + new ParametersWithSBox( + new KeyParameter(Hex.Decode("0A43145BA8B9E9FF0AEA67D3F26AD87854CED8D9017B3D33ED81301F90FDF993")), //key + TestSBox_1), //type, IV, S-box + Hex.Decode("80011A3080011A30")), + "D431FACD011C502C501B500A12921090", //input message + "07313C89D302FF73234B4A0506AB00F3"), //encrypt message + }; + + private const int Gost28147_KEY_LENGTH = 32; + + private byte[] generateKey(byte[] startkey) + { + byte[] newKey = new byte[Gost28147_KEY_LENGTH]; + + Gost3411Digest digest = new Gost3411Digest(); + + digest.BlockUpdate(startkey, 0, startkey.Length); + digest.DoFinal(newKey, 0); + + return newKey; + } + + public Gost28147Test() + : base(tests, new Gost28147Engine(), new KeyParameter(new byte[32])) + { + } + + public override void PerformTest() + { + base.PerformTest(); + + //advanced tests with Gost28147KeyGenerator: + //encrypt on hesh message; ECB mode: + byte[] inBytes = Hex.Decode("4e6f77206973207468652074696d6520666f7220616c6c20"); + byte[] output = Hex.Decode("8ad3c8f56b27ff1fbd46409359bdc796bc350e71aac5f5c0"); + byte[] outBytes = new byte[inBytes.Length]; + + byte[] key = generateKey(Hex.Decode("0123456789abcdef")); //!!! heshing start_key - get 256 bits !!! + // System.out.println(new string(Hex.Encode(key))); + ICipherParameters param = new ParametersWithSBox(new KeyParameter(key), Gost28147Engine.GetSBox("E-A")); + //CipherParameters param = new Gost28147Parameters(key,"D-Test"); + BufferedBlockCipher cipher = new BufferedBlockCipher(new Gost28147Engine()); + + cipher.Init(true, param); + int len1 = cipher.ProcessBytes(inBytes, 0, inBytes.Length, outBytes, 0); + try + { + cipher.DoFinal(outBytes, len1); + } + catch (CryptoException e) + { + Fail("failed - exception " + e.ToString(), e); + } + + if (outBytes.Length != output.Length) + { + Fail("failed - " + + "expected " + Hex.ToHexString(output) + " got " + + Hex.ToHexString(outBytes)); + } + + for (int i = 0; i != outBytes.Length; i++) + { + if (outBytes[i] != output[i]) + { + Fail("failed - " + + "expected " + Hex.ToHexString(output) + + " got " + Hex.ToHexString(outBytes)); + } + } + + + //encrypt on hesh message; CFB mode: + inBytes = Hex.Decode("bc350e71aac5f5c2"); + output = Hex.Decode("0ebbbafcf38f14a5"); + outBytes = new byte[inBytes.Length]; + + key = generateKey(Hex.Decode("0123456789abcdef")); //!!! heshing start_key - get 256 bits !!! + param = new ParametersWithIV( + new ParametersWithSBox( + new KeyParameter(key), //key + Gost28147Engine.GetSBox("E-A")), //type S-box + Hex.Decode("1234567890abcdef")); //IV + + cipher = new BufferedBlockCipher(new CfbBlockCipher(new Gost28147Engine(), 64)); + + cipher.Init(true, param); + len1 = cipher.ProcessBytes(inBytes, 0, inBytes.Length, outBytes, 0); + try + { + cipher.DoFinal(outBytes, len1); + } + catch (CryptoException e) + { + Fail("failed - exception " + e.ToString(), e); + } + if (outBytes.Length != output.Length) + { + Fail("failed - " + + "expected " + Hex.ToHexString(output) + + " got " + Hex.ToHexString(outBytes)); + } + for (int i = 0; i != outBytes.Length; i++) + { + if (outBytes[i] != output[i]) + { + Fail("failed - " + + "expected " + Hex.ToHexString(output) + + " got " + Hex.ToHexString(outBytes)); + } + } + + + //encrypt on hesh message; CFB mode: + inBytes = Hex.Decode("000102030405060708090a0b0c0d0e0fff0102030405060708090a0b0c0d0e0f"); + output = Hex.Decode("64988982819f0a1655e226e19ecad79d10cc73bac95c5d7da034786c12294225"); + outBytes = new byte[inBytes.Length]; + + key = generateKey(Hex.Decode("aafd12f659cae63489b479e5076ddec2f06cb58faafd12f659cae63489b479e5")); //!!! heshing start_key - get 256 bits !!! + param = new ParametersWithIV( + new ParametersWithSBox( + new KeyParameter(key), //key + Gost28147Engine.GetSBox("E-A")), //type S-box + Hex.Decode("aafd12f659cae634")); //IV + + cipher = new BufferedBlockCipher(new CfbBlockCipher(new Gost28147Engine(), 64)); + + cipher.Init(true, param); + len1 = cipher.ProcessBytes(inBytes, 0, inBytes.Length, outBytes, 0); + + cipher.DoFinal(outBytes, len1); + + if (outBytes.Length != output.Length) + { + Fail("failed - " + + "expected " + Hex.ToHexString(output) + + " got " + Hex.ToHexString(outBytes)); + } + + for (int i = 0; i != outBytes.Length; i++) + { + if (outBytes[i] != output[i]) + { + Fail("failed - " + + "expected " + Hex.ToHexString(output) + + " got " + Hex.ToHexString(outBytes)); + } + } + + //encrypt on hesh message; OFB mode: + inBytes = Hex.Decode("bc350e71aa11345709acde"); + output = Hex.Decode("1bcc2282707c676fb656dc"); + outBytes = new byte[inBytes.Length]; + + key = generateKey(Hex.Decode("0123456789abcdef")); //!!! heshing start_key - get 256 bits !!! + param = new ParametersWithIV( + new ParametersWithSBox( + new KeyParameter(key), //key + Gost28147Engine.GetSBox("E-A")), //type S-box + Hex.Decode("1234567890abcdef")); //IV + + cipher = new BufferedBlockCipher(new GOfbBlockCipher(new Gost28147Engine())); + + cipher.Init(true, param); + len1 = cipher.ProcessBytes(inBytes, 0, inBytes.Length, outBytes, 0); + + cipher.DoFinal(outBytes, len1); + + if (outBytes.Length != output.Length) + { + Fail("failed - " + + "expected " + Hex.ToHexString(output) + + " got " + Hex.ToHexString(outBytes)); + } + + for (int i = 0; i != outBytes.Length; i++) + { + if (outBytes[i] != output[i]) + { + Fail("failed - " + + "expected " + Hex.ToHexString(output) + + " got " + Hex.ToHexString(outBytes)); + } + } + } + + public override string Name + { + get { return "Gost28147"; } + } + + public static void Main( + string[] args) + { + ITest test = new Gost28147Test(); + ITestResult result = test.Perform(); + + Console.WriteLine(result); + } + + [Test] + public void TestFunction() + { + string resultText = Perform().ToString(); + + Assert.AreEqual(Name + ": Okay", resultText); + } + } +} diff --git a/BouncyCastle/crypto/test/src/crypto/test/GOST3410Test.cs b/BouncyCastle/crypto/test/src/crypto/test/GOST3410Test.cs new file mode 100644 index 0000000..1369d35 --- /dev/null +++ b/BouncyCastle/crypto/test/src/crypto/test/GOST3410Test.cs @@ -0,0 +1,1604 @@ +using System; +using System.Text; + +using NUnit.Framework; + +using Org.BouncyCastle.Crypto; +using Org.BouncyCastle.Crypto.Generators; +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Crypto.Signers; +using Org.BouncyCastle.Math; +using Org.BouncyCastle.Security; +using Org.BouncyCastle.Utilities.Encoders; +using Org.BouncyCastle.Utilities.Test; + +namespace Org.BouncyCastle.Crypto.Tests +{ + [TestFixture] + public class Gost3410Test + : ITest + { + private static readonly byte[] hashmessage = Hex.Decode("3042453136414534424341374533364339313734453431443642453241453435"); + + private static byte[] zeroTwo(int length) + { + byte[] data = new byte[length]; + data[data.Length - 1] = 0x02; + return data; + } + + private class Gost3410_TEST1_512 + : ITest + { + public string Name + { + get { return "Gost3410-TEST1-512"; } + } + + FixedSecureRandom init_random = FixedSecureRandom.From(Hex.Decode("00005EC900007341"), zeroTwo(64)); + FixedSecureRandom random = FixedSecureRandom.From(Hex.Decode("90F3A564439242F5186EBB224C8E223811B7105C64E4F5390807E6362DF4C72A")); + FixedSecureRandom keyRandom = FixedSecureRandom.From(Hex.Decode("3036314538303830343630454235324435324234314132373832433138443046")); + + BigInteger pValue = new BigInteger("EE8172AE8996608FB69359B89EB82A69854510E2977A4D63BC97322CE5DC3386EA0A12B343E9190F23177539845839786BB0C345D165976EF2195EC9B1C379E3", 16); + BigInteger qValue = new BigInteger("98915E7EC8265EDFCDA31E88F24809DDB064BDC7285DD50D7289F0AC6F49DD2D", 16); + + public ITestResult Perform() + { + BigInteger r = new BigInteger("3e5f895e276d81d2d52c0763270a458157b784c57abdbd807bc44fd43a32ac06",16); + BigInteger s = new BigInteger("3f0dd5d4400d47c08e4ce505ff7434b6dbf729592e37c74856dab85115a60955",16); + Gost3410ParametersGenerator pGen = new Gost3410ParametersGenerator(); + + pGen.Init(512, 1, init_random); + + Gost3410Parameters parameters = pGen.GenerateParameters(); + + if (parameters.ValidationParameters == null) + { + return new SimpleTestResult(false, Name + "validation parameters wrong"); + } + + if (parameters.ValidationParameters.C != 29505 + || parameters.ValidationParameters.X0 != 24265) + { + return new SimpleTestResult(false, Name + "validation parameters values wrong"); + } + + if (!init_random.IsExhausted) + { + return new SimpleTestResult(false, Name + + ": unexpected number of bytes used from 'init_random'."); + } + + if (!pValue.Equals(parameters.P) || !qValue.Equals(parameters.Q)) + { + return new SimpleTestResult(false, Name + ": p or q wrong"); + } + + Gost3410KeyPairGenerator Gost3410KeyGen = new Gost3410KeyPairGenerator(); + Gost3410KeyGenerationParameters genParam = new Gost3410KeyGenerationParameters(keyRandom, parameters); + + Gost3410KeyGen.Init(genParam); + + AsymmetricCipherKeyPair pair = Gost3410KeyGen.GenerateKeyPair(); + + if (!keyRandom.IsExhausted) + { + return new SimpleTestResult(false, Name + + ": unexpected number of bytes used from 'keyRandom'."); + } + + ParametersWithRandom param = new ParametersWithRandom(pair.Private, random); + + Gost3410Signer gost3410 = new Gost3410Signer(); + + gost3410.Init(true, param); + + BigInteger[] sig = gost3410.GenerateSignature(hashmessage); + + if (!random.IsExhausted) + { + return new SimpleTestResult(false, Name + + ": unexpected number of bytes used from 'random'."); + } + + if (!r.Equals(sig[0])) + { + return new SimpleTestResult(false, Name + + ": r component wrong." + SimpleTest.NewLine + + " expecting: " + r.ToString(16) + SimpleTest.NewLine + + " got : " + sig[0].ToString(16)); + } + + if (!s.Equals(sig[1])) + { + return new SimpleTestResult(false, Name + + ": s component wrong." + SimpleTest.NewLine + + " expecting: " + s.ToString(16) + SimpleTest.NewLine + + " got : " + sig[1].ToString(16)); + } + + gost3410.Init(false, pair.Public); + + if (gost3410.VerifySignature(hashmessage, sig[0], sig[1])) + { + return new SimpleTestResult(true, Name + ": Okay"); + } + else + { + return new SimpleTestResult(false, Name + ": verification fails"); + } + } + } + + private class Gost3410_TEST2_512 + : ITest + { + public string Name + { + get { return "Gost3410-TEST2-512"; } + } + + FixedSecureRandom init_random = FixedSecureRandom.From(Hex.Decode("000000003DFC46F1000000000000000D"), zeroTwo(64)); + FixedSecureRandom random = FixedSecureRandom.From(Hex.Decode("90F3A564439242F5186EBB224C8E223811B7105C64E4F5390807E6362DF4C72A")); + FixedSecureRandom keyRandom = FixedSecureRandom.From(Hex.Decode("3036314538303830343630454235324435324234314132373832433138443046")); + + BigInteger pValue = new BigInteger("8b08eb135af966aab39df294538580c7da26765d6d38d30cf1c06aae0d1228c3316a0e29198460fad2b19dc381c15c888c6dfd0fc2c565abb0bf1faff9518f85", 16); + BigInteger qValue = new BigInteger("931a58fb6f0dcdf2fe7549bc3f19f4724b56898f7f921a076601edb18c93dc75", 16); + + public ITestResult Perform() + { + BigInteger r = new BigInteger("7c07c8cf035c2a1cb2b7fae5807ac7cd623dfca7a1a68f6d858317822f1ea00d",16); + BigInteger s = new BigInteger("7e9e036a6ff87dbf9b004818252b1f6fc310bdd4d17cb8c37d9c36c7884de60c",16); + Gost3410ParametersGenerator pGen = new Gost3410ParametersGenerator(); + + pGen.Init(512, 2, init_random); + + Gost3410Parameters parameters = pGen.GenerateParameters(); + + if (!init_random.IsExhausted) + { + return new SimpleTestResult(false, Name + + ": unexpected number of bytes used from 'init_random'."); + } + + if (parameters.ValidationParameters == null) + { + return new SimpleTestResult(false, Name + ": validation parameters wrong"); + } + + if (parameters.ValidationParameters.CL != 13 + || parameters.ValidationParameters.X0L != 1039943409) + { + return new SimpleTestResult(false, Name + ": validation parameters values wrong"); + } + + if (!pValue.Equals(parameters.P) || !qValue.Equals(parameters.Q)) + { + return new SimpleTestResult(false, Name + ": p or q wrong"); + } + + Gost3410KeyPairGenerator Gost3410KeyGen = new Gost3410KeyPairGenerator(); + Gost3410KeyGenerationParameters genParam = new Gost3410KeyGenerationParameters(keyRandom, parameters); + + Gost3410KeyGen.Init(genParam); + + AsymmetricCipherKeyPair pair = Gost3410KeyGen.GenerateKeyPair(); + + if (!keyRandom.IsExhausted) + { + return new SimpleTestResult(false, Name + + ": unexpected number of bytes used from 'keyRandom'."); + } + + ParametersWithRandom param = new ParametersWithRandom(pair.Private, random); + + Gost3410Signer Gost3410 = new Gost3410Signer(); + + Gost3410.Init(true, param); + + BigInteger[] sig = Gost3410.GenerateSignature(hashmessage); + + if (!random.IsExhausted) + { + return new SimpleTestResult(false, Name + + ": unexpected number of bytes used from 'random'."); + } + + if (!r.Equals(sig[0])) + { + return new SimpleTestResult(false, Name + + ": r component wrong." + SimpleTest.NewLine + + " expecting: " + r.ToString(16) + SimpleTest.NewLine + + " got : " + sig[0].ToString(16)); + } + + if (!s.Equals(sig[1])) + { + return new SimpleTestResult(false, Name + + ": s component wrong." + SimpleTest.NewLine + + " expecting: " + s.ToString(16) + SimpleTest.NewLine + + " got : " + sig[1].ToString(16)); + } + + Gost3410.Init(false, pair.Public); + + if (!Gost3410.VerifySignature(hashmessage, sig[0], sig[1])) + { + return new SimpleTestResult(false, Name + ": verification fails"); + } + + return new SimpleTestResult(true, Name + ": Okay"); + } + } + + private class Gost3410_TEST1_1024 + : ITest + { + public string Name + { + get { return "Gost3410-TEST1-1024"; } + } + + private class SecureRandomImpl1 : SecureRandom + { + bool firstInt = true; + + public override int NextInt() + { + string x0 = "0xA565"; + string c = "0x538B"; + + if (firstInt) + { + firstInt = false; + return NumberParsing.DecodeIntFromHex(x0); + } + return NumberParsing.DecodeIntFromHex(c); + } + + public override void NextBytes(byte[] bytes) + { + + byte[] d = Hex.Decode("02"); + + Array.Copy(d, 0, bytes, bytes.Length-d.Length, d.Length); + } + }; + SecureRandom init_random = new SecureRandomImpl1(); + + private class SecureRandomImpl2 : SecureRandom + { + public override void NextBytes(byte[] bytes) + { + byte[] k = Hex.Decode("90F3A564439242F5186EBB224C8E223811B7105C64E4F5390807E6362DF4C72A"); + + int i; + + for (i = 0; i < (bytes.Length - k.Length); i += k.Length) + { + Array.Copy(k, 0, bytes, i, k.Length); + } + + if (i > bytes.Length) + { + Array.Copy(k, 0, bytes, i - k.Length, bytes.Length - (i - k.Length)); + } + else + { + Array.Copy(k, 0, bytes, i, bytes.Length - i); + } + } + }; + SecureRandom random = new SecureRandomImpl2(); + + private class SecureRandomImpl3 : SecureRandom + { + public override void NextBytes(byte[] bytes) + { + byte[] x = Hex.Decode("3036314538303830343630454235324435324234314132373832433138443046"); + + int i; + + for (i = 0; i < (bytes.Length - x.Length); i += x.Length) + { + Array.Copy(x, 0, bytes, i, x.Length); + } + + if (i > bytes.Length) + { + Array.Copy(x, 0, bytes, i - x.Length, bytes.Length - (i - x.Length)); + } + else + { + Array.Copy(x, 0, bytes, i, bytes.Length - i); + } + } + }; + SecureRandom keyRandom = new SecureRandomImpl3(); + + BigInteger pValue = new BigInteger("ab8f37938356529e871514c1f48c5cbce77b2f4fc9a2673ac2c1653da8984090c0ac73775159a26bef59909d4c9846631270e16653a6234668f2a52a01a39b921490e694c0f104b58d2e14970fccb478f98d01e975a1028b9536d912de5236d2dd2fc396b77153594d4178780e5f16f718471e2111c8ce64a7d7e196fa57142d", 16); + BigInteger qValue = new BigInteger("bcc02ca0ce4f0753ec16105ee5d530aa00d39f3171842ab2c334a26b5f576e0f", 16); + + public ITestResult Perform() + { + BigInteger r = new BigInteger("a8790aabbd5a998ff524bad048ac69cd1faff2dab048265c8d60d1471c44a9ee",16); + BigInteger s = new BigInteger("30df5ba32ac77170b9632559bef7d37620017756dff3fea1088b4267db0944b8",16); + Gost3410ParametersGenerator pGen = new Gost3410ParametersGenerator(); + + pGen.Init(1024, 1, init_random); + + Gost3410Parameters parameters = pGen.GenerateParameters(); + + if (!pValue.Equals(parameters.P) || !qValue.Equals(parameters.Q)) + { + return new SimpleTestResult(false, Name + ": p or q wrong"); + } + + Gost3410KeyPairGenerator Gost3410KeyGen = new Gost3410KeyPairGenerator(); + Gost3410KeyGenerationParameters genParam = new Gost3410KeyGenerationParameters(keyRandom, parameters); + + Gost3410KeyGen.Init(genParam); + + AsymmetricCipherKeyPair pair = Gost3410KeyGen.GenerateKeyPair(); + + ParametersWithRandom param = new ParametersWithRandom(pair.Private, random); + + Gost3410Signer Gost3410 = new Gost3410Signer(); + + Gost3410.Init(true, param); + + BigInteger[] sig = Gost3410.GenerateSignature(hashmessage); + + if (!r.Equals(sig[0])) + { + return new SimpleTestResult(false, Name + + ": r component wrong." + SimpleTest.NewLine + + " expecting: " + r.ToString(16) + SimpleTest.NewLine + + " got : " + sig[0].ToString(16)); + } + + if (!s.Equals(sig[1])) + { + return new SimpleTestResult(false, Name + + ": s component wrong." + SimpleTest.NewLine + + " expecting: " + s.ToString(16) + SimpleTest.NewLine + + " got : " + sig[1].ToString(16)); + } + + Gost3410.Init(false, pair.Public); + + if (Gost3410.VerifySignature(hashmessage, sig[0], sig[1])) + { + return new SimpleTestResult(true, Name + ": Okay"); + } + else + { + return new SimpleTestResult(false, Name + ": verification fails"); + } + } + } + + private class Gost3410_TEST2_1024 + : ITest + { + public string Name + { + get { return "Gost3410-TEST2-1024"; } + } + + private class SecureRandomImpl4 : SecureRandom + { + bool firstLong = true; + + public override long NextLong() + { + string x0 = "0x3DFC46F1"; + string c = "0xD"; + + if (firstLong) + { + firstLong = false; + return NumberParsing.DecodeLongFromHex(x0); + } + return NumberParsing.DecodeLongFromHex(c); + } + + public override void NextBytes(byte[] bytes) + { + + byte[] d = Hex.Decode("02"); + + Array.Copy(d, 0, bytes, bytes.Length-d.Length, d.Length); + } + }; + SecureRandom init_random = new SecureRandomImpl4(); + + private class SecureRandomImpl5 : SecureRandom + { + public override void NextBytes(byte[] bytes) + { + byte[] k = Hex.Decode("90F3A564439242F5186EBB224C8E223811B7105C64E4F5390807E6362DF4C72A"); + + int i; + + for (i = 0; i < (bytes.Length - k.Length); i += k.Length) + { + Array.Copy(k, 0, bytes, i, k.Length); + } + + if (i > bytes.Length) + { + Array.Copy(k, 0, bytes, i - k.Length, bytes.Length - (i - k.Length)); + } + else + { + Array.Copy(k, 0, bytes, i, bytes.Length - i); + } + } + }; + SecureRandom random = new SecureRandomImpl5(); + + private class SecureRandomImpl6 : SecureRandom + { + public override void NextBytes(byte[] bytes) + { + byte[] x = Hex.Decode("3036314538303830343630454235324435324234314132373832433138443046"); + + int i; + + for (i = 0; i < (bytes.Length - x.Length); i += x.Length) + { + Array.Copy(x, 0, bytes, i, x.Length); + } + + if (i > bytes.Length) + { + Array.Copy(x, 0, bytes, i - x.Length, bytes.Length - (i - x.Length)); + } + else + { + Array.Copy(x, 0, bytes, i, bytes.Length - i); + } + } + }; + SecureRandom keyRandom = new SecureRandomImpl6(); + + BigInteger pValue = new BigInteger("e2c4191c4b5f222f9ac2732562f6d9b4f18e7fb67a290ea1e03d750f0b9806755fc730d975bf3faa606d05c218b35a6c3706919aab92e0c58b1de4531c8fa8e7af43c2bff016251e21b2870897f6a27ac4450bca235a5b748ad386e4a0e4dfcb09152435abcfe48bd0b126a8122c7382f285a9864615c66decddf6afd355dfb7", 16); + BigInteger qValue = new BigInteger("931a58fb6f0dcdf2fe7549bc3f19f4724b56898f7f921a076601edb18c93dc75", 16); + + public ITestResult Perform() + { + BigInteger r = new BigInteger("81d69a192e9c7ac21fc07da41bd07e230ba6a94eb9f3c1fd104c7bd976733ca5",16); + BigInteger s = new BigInteger("315c879c8414f35feb4deb15e7cc0278c48e6ca1596325d6959338d860b0c47a",16); + Gost3410ParametersGenerator pGen = new Gost3410ParametersGenerator(); + + pGen.Init(1024, 2, init_random); + + Gost3410Parameters parameters = pGen.GenerateParameters(); + + if (!pValue.Equals(parameters.P) || !qValue.Equals(parameters.Q)) + { + return new SimpleTestResult(false, Name + ": p or q wrong"); + } + + Gost3410KeyPairGenerator Gost3410KeyGen = new Gost3410KeyPairGenerator(); + Gost3410KeyGenerationParameters genParam = new Gost3410KeyGenerationParameters(keyRandom, parameters); + + Gost3410KeyGen.Init(genParam); + + AsymmetricCipherKeyPair pair = Gost3410KeyGen.GenerateKeyPair(); + + ParametersWithRandom param = new ParametersWithRandom(pair.Private, random); + + Gost3410Signer Gost3410 = new Gost3410Signer(); + + Gost3410.Init(true, param); + + BigInteger[] sig = Gost3410.GenerateSignature(hashmessage); + + if (!r.Equals(sig[0])) + { + return new SimpleTestResult(false, Name + + ": r component wrong." + SimpleTest.NewLine + + " expecting: " + r.ToString(16) + SimpleTest.NewLine + + " got : " + sig[0].ToString(16)); + } + + if (!s.Equals(sig[1])) + { + return new SimpleTestResult(false, Name + + ": s component wrong." + SimpleTest.NewLine + + " expecting: " + s.ToString(16) + SimpleTest.NewLine + + " got : " + sig[1].ToString(16)); + } + + Gost3410.Init(false, pair.Public); + + if (Gost3410.VerifySignature(hashmessage, sig[0], sig[1])) + { + return new SimpleTestResult(true, Name + ": Okay"); + } + else + { + return new SimpleTestResult(false, Name + ": verification fails"); + } + } + } + + private class Gost3410_AParam + : ITest + { + public string Name + { + get { return "Gost3410-AParam"; } + } + + private class SecureRandomImpl7 : SecureRandom + { + bool firstLong = true; + + public override long NextLong() + { + string x0 = "0x520874F5"; + string c = "0xEE39ADB3"; + + if (firstLong) + { + firstLong = false; + return NumberParsing.DecodeLongFromHex(x0); + } + return NumberParsing.DecodeLongFromHex(c); + } + + public override void NextBytes(byte[] bytes) + { + + byte[] d = Hex.Decode("02"); + + Array.Copy(d, 0, bytes, bytes.Length-d.Length, d.Length); + } + }; + SecureRandom init_random = new SecureRandomImpl7(); + + private class SecureRandomImpl8 : SecureRandom + { + public override void NextBytes(byte[] bytes) + { + byte[] k = Hex.Decode("90F3A564439242F5186EBB224C8E223811B7105C64E4F5390807E6362DF4C72A"); + + int i; + + for (i = 0; i < (bytes.Length - k.Length); i += k.Length) + { + Array.Copy(k, 0, bytes, i, k.Length); + } + + if (i > bytes.Length) + { + Array.Copy(k, 0, bytes, i - k.Length, bytes.Length - (i - k.Length)); + } + else + { + Array.Copy(k, 0, bytes, i, bytes.Length - i); + } + } + }; + SecureRandom random = new SecureRandomImpl8(); + + private class SecureRandomImpl9 : SecureRandom + { + public override void NextBytes(byte[] bytes) + { + byte[] x = Hex.Decode("3036314538303830343630454235324435324234314132373832433138443046"); + + int i; + + for (i = 0; i < (bytes.Length - x.Length); i += x.Length) + { + Array.Copy(x, 0, bytes, i, x.Length); + } + + if (i > bytes.Length) + { + Array.Copy(x, 0, bytes, i - x.Length, bytes.Length - (i - x.Length)); + } + else + { + Array.Copy(x, 0, bytes, i, bytes.Length - i); + } + } + }; + SecureRandom keyRandom = new SecureRandomImpl9(); + + BigInteger pValue = new BigInteger("b4e25efb018e3c8b87505e2a67553c5edc56c2914b7e4f89d23f03f03377e70a2903489dd60e78418d3d851edb5317c4871e40b04228c3b7902963c4b7d85d52b9aa88f2afdbeb28da8869d6df846a1d98924e925561bd69300b9ddd05d247b5922d967cbb02671881c57d10e5ef72d3e6dad4223dc82aa1f7d0294651a480df", 16); + BigInteger qValue = new BigInteger("972432a437178b30bd96195b773789ab2fff15594b176dd175b63256ee5af2cf", 16); + + public ITestResult Perform() + { + BigInteger r = new BigInteger("64a8856628e5669d85f62cd763dd4a99bc56d33dc0e1859122855d141e9e4774",16); + BigInteger s = new BigInteger("319ebac97092b288d469a4b988248794f60c865bc97858d9a3135c6d1a1bf2dd",16); + Gost3410ParametersGenerator pGen = new Gost3410ParametersGenerator(); + + pGen.Init(1024, 2, init_random); + + Gost3410Parameters parameters = pGen.GenerateParameters(); + + if (!pValue.Equals(parameters.P) || !qValue.Equals(parameters.Q)) + { + return new SimpleTestResult(false, Name + ": p or q wrong"); + } + + Gost3410KeyPairGenerator Gost3410KeyGen = new Gost3410KeyPairGenerator(); + Gost3410KeyGenerationParameters genParam = new Gost3410KeyGenerationParameters(keyRandom, parameters); + + Gost3410KeyGen.Init(genParam); + + AsymmetricCipherKeyPair pair = Gost3410KeyGen.GenerateKeyPair(); + + ParametersWithRandom param = new ParametersWithRandom(pair.Private, random); + + Gost3410Signer Gost3410 = new Gost3410Signer(); + + Gost3410.Init(true, param); + + BigInteger[] sig = Gost3410.GenerateSignature(hashmessage); + + if (!r.Equals(sig[0])) + { + return new SimpleTestResult(false, Name + + ": r component wrong." + SimpleTest.NewLine + + " expecting: " + r.ToString(16) + SimpleTest.NewLine + + " got : " + sig[0].ToString(16)); + } + + if (!s.Equals(sig[1])) + { + return new SimpleTestResult(false, Name + + ": s component wrong." + SimpleTest.NewLine + + " expecting: " + s.ToString(16) + SimpleTest.NewLine + + " got : " + sig[1].ToString(16)); + } + + Gost3410.Init(false, pair.Public); + + if (Gost3410.VerifySignature(hashmessage, sig[0], sig[1])) + { + return new SimpleTestResult(true, Name + ": Okay"); + } + else + { + return new SimpleTestResult(false, Name + ": verification fails"); + } + } + } + + private class Gost3410_BParam + : ITest + { + public string Name + { + get { return "Gost3410-BParam"; } + } + + private class SecureRandomImpl10 : SecureRandom + { + bool firstLong = true; + + public override long NextLong() + { + string x0 = "0x5B977CDB"; + string c = "0x6E9692DD"; + + if (firstLong) + { + firstLong = false; + return NumberParsing.DecodeLongFromHex(x0); + } + return NumberParsing.DecodeLongFromHex(c); + } + + public override void NextBytes(byte[] bytes) + { + byte[] d = Hex.Decode("bc3cbbdb7e6f848286e19ad9a27a8e297e5b71c53dd974cdf60f937356df69cbc97a300ccc71685c553046147f11568c4fddf363d9d886438345a62c3b75963d6546adfabf31b31290d12cae65ecb8309ef66782"); + + Array.Copy(d, 0, bytes, bytes.Length-d.Length, d.Length); + } + }; + SecureRandom init_random = new SecureRandomImpl10(); + + private class SecureRandomImpl11 : SecureRandom + { + public override void NextBytes(byte[] bytes) + { + byte[] k = Hex.Decode("90F3A564439242F5186EBB224C8E223811B7105C64E4F5390807E6362DF4C72A"); + + int i; + + for (i = 0; i < (bytes.Length - k.Length); i += k.Length) + { + Array.Copy(k, 0, bytes, i, k.Length); + } + + if (i > bytes.Length) + { + Array.Copy(k, 0, bytes, i - k.Length, bytes.Length - (i - k.Length)); + } + else + { + Array.Copy(k, 0, bytes, i, bytes.Length - i); + } + } + }; + SecureRandom random = new SecureRandomImpl11(); + + private class SecureRandomImpl12 : SecureRandom + { + public override void NextBytes(byte[] bytes) + { + byte[] x = Hex.Decode("3036314538303830343630454235324435324234314132373832433138443046"); + + int i; + + for (i = 0; i < (bytes.Length - x.Length); i += x.Length) + { + Array.Copy(x, 0, bytes, i, x.Length); + } + + if (i > bytes.Length) + { + Array.Copy(x, 0, bytes, i - x.Length, bytes.Length - (i - x.Length)); + } + else + { + Array.Copy(x, 0, bytes, i, bytes.Length - i); + } + } + }; + SecureRandom keyRandom = new SecureRandomImpl12(); + + BigInteger pValue = new BigInteger("c6971fc57524b30c9018c5e621de15499736854f56a6f8aee65a7a404632b3540f09020f67f04dc2e6783b141dceffd21a703035b7d0187c6e12cb4229922bafdb2225b73e6b23a0de36e20047065aea000c1a374283d0ad8dc1981e3995f0bb8c72526041fcb98ae6163e1e71a669d8364e9c4c3188f673c5f8ee6fadb41abf", 16); + BigInteger qValue = new BigInteger("b09d634c10899cd7d4c3a7657403e05810b07c61a688bab2c37f475e308b0607", 16); + + public ITestResult Perform() + { + BigInteger r = new BigInteger("860d82c60e9502cd00c0e9e1f6563feafec304801974d745c5e02079946f729e",16); + BigInteger s = new BigInteger("7ef49264ef022801aaa03033cd97915235fbab4c823ed936b0f360c22114688a",16); + Gost3410ParametersGenerator pGen = new Gost3410ParametersGenerator(); + + pGen.Init(1024, 2, init_random); + + Gost3410Parameters parameters = pGen.GenerateParameters(); + + if (!pValue.Equals(parameters.P) || !qValue.Equals(parameters.Q)) + { + return new SimpleTestResult(false, Name + ": p or q wrong"); + } + + Gost3410KeyPairGenerator Gost3410KeyGen = new Gost3410KeyPairGenerator(); + Gost3410KeyGenerationParameters genParam = new Gost3410KeyGenerationParameters(keyRandom, parameters); + + Gost3410KeyGen.Init(genParam); + + AsymmetricCipherKeyPair pair = Gost3410KeyGen.GenerateKeyPair(); + + ParametersWithRandom param = new ParametersWithRandom(pair.Private, random); + + Gost3410Signer Gost3410 = new Gost3410Signer(); + + Gost3410.Init(true, param); + + BigInteger[] sig = Gost3410.GenerateSignature(hashmessage); + + if (!r.Equals(sig[0])) + { + return new SimpleTestResult(false, Name + + ": r component wrong." + SimpleTest.NewLine + + " expecting: " + r.ToString(16) + SimpleTest.NewLine + + " got : " + sig[0].ToString(16)); + } + + if (!s.Equals(sig[1])) + { + return new SimpleTestResult(false, Name + + ": s component wrong." + SimpleTest.NewLine + + " expecting: " + s.ToString(16) + SimpleTest.NewLine + + " got : " + sig[1].ToString(16)); + } + + Gost3410.Init(false, pair.Public); + + if (Gost3410.VerifySignature(hashmessage, sig[0], sig[1])) + { + return new SimpleTestResult(true, Name + ": Okay"); + } + else + { + return new SimpleTestResult(false, Name + ": verification fails"); + } + } + } + + private class Gost3410_CParam + : ITest + { + public string Name + { + get { return "Gost3410-CParam"; } + } + + private class SecureRandomImpl13 : SecureRandom + { + bool firstLong = true; + + public override long NextLong() + { + string x0 = "0x43848744"; + string c = "0xB50A826D"; + + if (firstLong) + { + firstLong = false; + return NumberParsing.DecodeLongFromHex(x0); + } + return NumberParsing.DecodeLongFromHex(c); + } + + public override void NextBytes(byte[] bytes) + { + byte[] d = Hex.Decode("7F575E8194BC5BDF"); + + Array.Copy(d, 0, bytes, bytes.Length-d.Length, d.Length); + } + }; + SecureRandom init_random = new SecureRandomImpl13(); + + private class SecureRandomImpl14 : SecureRandom + { + public override void NextBytes(byte[] bytes) + { + byte[] k = Hex.Decode("90F3A564439242F5186EBB224C8E223811B7105C64E4F5390807E6362DF4C72A"); + + int i; + + for (i = 0; i < (bytes.Length - k.Length); i += k.Length) + { + Array.Copy(k, 0, bytes, i, k.Length); + } + + if (i > bytes.Length) + { + Array.Copy(k, 0, bytes, i - k.Length, bytes.Length - (i - k.Length)); + } + else + { + Array.Copy(k, 0, bytes, i, bytes.Length - i); + } + } + }; + SecureRandom random = new SecureRandomImpl14(); + + private class SecureRandomImpl15 : SecureRandom + { + public override void NextBytes(byte[] bytes) + { + byte[] x = Hex.Decode("3036314538303830343630454235324435324234314132373832433138443046"); + + int i; + + for (i = 0; i < (bytes.Length - x.Length); i += x.Length) + { + Array.Copy(x, 0, bytes, i, x.Length); + } + + if (i > bytes.Length) + { + Array.Copy(x, 0, bytes, i - x.Length, bytes.Length - (i - x.Length)); + } + else + { + Array.Copy(x, 0, bytes, i, bytes.Length - i); + } + } + }; + SecureRandom keyRandom = new SecureRandomImpl15(); + + BigInteger pValue = new BigInteger("9d88e6d7fe3313bd2e745c7cdd2ab9ee4af3c8899e847de74a33783ea68bc30588ba1f738c6aaf8ab350531f1854c3837cc3c860ffd7e2e106c3f63b3d8a4c034ce73942a6c3d585b599cf695ed7a3c4a93b2b947b7157bb1a1c043ab41ec8566c6145e938a611906de0d32e562494569d7e999a0dda5c879bdd91fe124df1e9", 16); + BigInteger qValue = new BigInteger("fadd197abd19a1b4653eecf7eca4d6a22b1f7f893b641f901641fbb555354faf", 16); + + public ITestResult Perform() + { + BigInteger r = new BigInteger("4deb95a0b35e7ed7edebe9bef5a0f93739e16b7ff27fe794d989d0c13159cfbc",16); + BigInteger s = new BigInteger("e1d0d30345c24cfeb33efde3deee5fbbda78ddc822b719d860cd0ba1fb6bd43b",16); + Gost3410ParametersGenerator pGen = new Gost3410ParametersGenerator(); + + pGen.Init(1024, 2, init_random); + + Gost3410Parameters parameters = pGen.GenerateParameters(); + + if (!pValue.Equals(parameters.P) || !qValue.Equals(parameters.Q)) + { + return new SimpleTestResult(false, Name + ": p or q wrong"); + } + + Gost3410KeyPairGenerator Gost3410KeyGen = new Gost3410KeyPairGenerator(); + Gost3410KeyGenerationParameters genParam = new Gost3410KeyGenerationParameters(keyRandom, parameters); + + Gost3410KeyGen.Init(genParam); + + AsymmetricCipherKeyPair pair = Gost3410KeyGen.GenerateKeyPair(); + + ParametersWithRandom param = new ParametersWithRandom(pair.Private, random); + + Gost3410Signer Gost3410 = new Gost3410Signer(); + + Gost3410.Init(true, param); + + BigInteger[] sig = Gost3410.GenerateSignature(hashmessage); + + if (!r.Equals(sig[0])) + { + return new SimpleTestResult(false, Name + + ": r component wrong." + SimpleTest.NewLine + + " expecting: " + r.ToString(16) + SimpleTest.NewLine + + " got : " + sig[0].ToString(16)); + } + + if (!s.Equals(sig[1])) + { + return new SimpleTestResult(false, Name + + ": s component wrong." + SimpleTest.NewLine + + " expecting: " + s.ToString(16) + SimpleTest.NewLine + + " got : " + sig[1].ToString(16)); + } + + Gost3410.Init(false, pair.Public); + + if (Gost3410.VerifySignature(hashmessage, sig[0], sig[1])) + { + return new SimpleTestResult(true, Name + ": Okay"); + } + else + { + return new SimpleTestResult(false, Name + ": verification fails"); + } + } + } + + private class Gost3410_DParam + : ITest + { + public string Name + { + get { return "Gost3410-DParam"; } + } + + private class SecureRandomImpl16 : SecureRandom + { + bool firstLong = true; + + public override long NextLong() + { + string x0 = "0x13DA8B9D"; + string c = "0xA0E9DE4B"; + + if (firstLong) + { + firstLong = false; + return NumberParsing.DecodeLongFromHex(x0); + } + return NumberParsing.DecodeLongFromHex(c); + } + + public override void NextBytes(byte[] bytes) + { + + byte[] d = Hex.Decode("41ab97857f42614355d32db0b1069f109a4da283676c7c53a68185b4"); + + Array.Copy(d, 0, bytes, bytes.Length-d.Length, d.Length); + } + }; + SecureRandom init_random = new SecureRandomImpl16(); + + private class SecureRandomImpl17 : SecureRandom + { + public override void NextBytes(byte[] bytes) + { + byte[] k = Hex.Decode("90F3A564439242F5186EBB224C8E223811B7105C64E4F5390807E6362DF4C72A"); + + int i; + + for (i = 0; i < (bytes.Length - k.Length); i += k.Length) + { + Array.Copy(k, 0, bytes, i, k.Length); + } + + if (i > bytes.Length) + { + Array.Copy(k, 0, bytes, i - k.Length, bytes.Length - (i - k.Length)); + } + else + { + Array.Copy(k, 0, bytes, i, bytes.Length - i); + } + } + }; + SecureRandom random = new SecureRandomImpl17(); + + private class SecureRandomImpl18 : SecureRandom + { + public override void NextBytes(byte[] bytes) + { + byte[] x = Hex.Decode("3036314538303830343630454235324435324234314132373832433138443046"); + + int i; + + for (i = 0; i < (bytes.Length - x.Length); i += x.Length) + { + Array.Copy(x, 0, bytes, i, x.Length); + } + + if (i > bytes.Length) + { + Array.Copy(x, 0, bytes, i - x.Length, bytes.Length - (i - x.Length)); + } + else + { + Array.Copy(x, 0, bytes, i, bytes.Length - i); + } + } + }; + SecureRandom keyRandom = new SecureRandomImpl18(); + + BigInteger pValue = new BigInteger("80f102d32b0fd167d069c27a307adad2c466091904dbaa55d5b8cc7026f2f7a1919b890cb652c40e054e1e9306735b43d7b279eddf9102001cd9e1a831fe8a163eed89ab07cf2abe8242ac9dedddbf98d62cddd1ea4f5f15d3a42a6677bdd293b24260c0f27c0f1d15948614d567b66fa902baa11a69ae3bceadbb83e399c9b5", 16); + BigInteger qValue = new BigInteger("f0f544c418aac234f683f033511b65c21651a6078bda2d69bb9f732867502149", 16); + + public ITestResult Perform() + { + BigInteger r = new BigInteger("712592d285b792e33b8a9a11e8e6c4f512ddf0042972bbfd1abb0a93e8fc6f54",16); + BigInteger s = new BigInteger("2cf26758321258b130d5612111339f09ceb8668241f3482e38baa56529963f07",16); + Gost3410ParametersGenerator pGen = new Gost3410ParametersGenerator(); + + pGen.Init(1024, 2, init_random); + + Gost3410Parameters parameters = pGen.GenerateParameters(); + + if (!pValue.Equals(parameters.P) || !qValue.Equals(parameters.Q)) + { + return new SimpleTestResult(false, Name + ": p or q wrong"); + } + + Gost3410KeyPairGenerator Gost3410KeyGen = new Gost3410KeyPairGenerator(); + Gost3410KeyGenerationParameters genParam = new Gost3410KeyGenerationParameters(keyRandom, parameters); + + Gost3410KeyGen.Init(genParam); + + AsymmetricCipherKeyPair pair = Gost3410KeyGen.GenerateKeyPair(); + + ParametersWithRandom param = new ParametersWithRandom(pair.Private, random); + + Gost3410Signer Gost3410 = new Gost3410Signer(); + + Gost3410.Init(true, param); + + BigInteger[] sig = Gost3410.GenerateSignature(hashmessage); + + if (!r.Equals(sig[0])) + { + return new SimpleTestResult(false, Name + + ": r component wrong." + SimpleTest.NewLine + + " expecting: " + r.ToString(16) + SimpleTest.NewLine + + " got : " + sig[0].ToString(16)); + } + + if (!s.Equals(sig[1])) + { + return new SimpleTestResult(false, Name + + ": s component wrong." + SimpleTest.NewLine + + " expecting: " + s.ToString(16) + SimpleTest.NewLine + + " got : " + sig[1].ToString(16)); + } + + Gost3410.Init(false, pair.Public); + + if (Gost3410.VerifySignature(hashmessage, sig[0], sig[1])) + { + return new SimpleTestResult(true, Name + ": Okay"); + } + else + { + return new SimpleTestResult(false, Name + ": verification fails"); + } + } + } + + private class Gost3410_AExParam + : ITest + { + public string Name + { + get { return "Gost3410-AExParam"; } + } + + private class SecureRandomImpl19 : SecureRandom + { + bool firstLong = true; + + public override long NextLong() + { + string x0 = "0xD05E9F14"; + string c = "0x46304C5F"; + + if (firstLong) + { + firstLong = false; + return NumberParsing.DecodeLongFromHex(x0); + } + return NumberParsing.DecodeLongFromHex(c); + } + + public override void NextBytes(byte[] bytes) + { + byte[] d = Hex.Decode("35ab875399cda33c146ca629660e5a5e5c07714ca326db032dd6751995cdb90a612b9228932d8302704ec24a5def7739c5813d83"); + + Array.Copy(d, 0, bytes, bytes.Length-d.Length, d.Length); + } + }; + SecureRandom init_random = new SecureRandomImpl19(); + + private class SecureRandomImpl20 : SecureRandom + { + public override void NextBytes(byte[] bytes) + { + byte[] k = Hex.Decode("90F3A564439242F5186EBB224C8E223811B7105C64E4F5390807E6362DF4C72A"); + + int i; + + for (i = 0; i < (bytes.Length - k.Length); i += k.Length) + { + Array.Copy(k, 0, bytes, i, k.Length); + } + + if (i > bytes.Length) + { + Array.Copy(k, 0, bytes, i - k.Length, bytes.Length - (i - k.Length)); + } + else + { + Array.Copy(k, 0, bytes, i, bytes.Length - i); + } + } + }; + SecureRandom random = new SecureRandomImpl20(); + + private class SecureRandomImpl21 : SecureRandom + { + public override void NextBytes(byte[] bytes) + { + byte[] x = Hex.Decode("3036314538303830343630454235324435324234314132373832433138443046"); + + int i; + + for (i = 0; i < (bytes.Length - x.Length); i += x.Length) + { + Array.Copy(x, 0, bytes, i, x.Length); + } + + if (i > bytes.Length) + { + Array.Copy(x, 0, bytes, i - x.Length, bytes.Length - (i - x.Length)); + } + else + { + Array.Copy(x, 0, bytes, i, bytes.Length - i); + } + } + }; + SecureRandom keyRandom = new SecureRandomImpl21(); + + BigInteger pValue = new BigInteger("ca3b3f2eee9fd46317d49595a9e7518e6c63d8f4eb4d22d10d28af0b8839f079f8289e603b03530784b9bb5a1e76859e4850c670c7b71c0df84ca3e0d6c177fe9f78a9d8433230a883cd82a2b2b5c7a3306980278570cdb79bf01074a69c9623348824b0c53791d53c6a78cab69e1cfb28368611a397f50f541e16db348dbe5f", 16); + BigInteger qValue = new BigInteger("cae4d85f80c147704b0ca48e85fb00a9057aa4acc44668e17f1996d7152690d9", 16); + + public ITestResult Perform() + { + BigInteger r = new BigInteger("90892707282f433398488f19d31ac48523a8e2ded68944e0da91c6895ee7045e",16); + BigInteger s = new BigInteger("3be4620ee88f1ee8f9dd63c7d145b7e554839feeca125049118262ea4651e9de",16); + Gost3410ParametersGenerator pGen = new Gost3410ParametersGenerator(); + + pGen.Init(1024, 2, init_random); + + Gost3410Parameters parameters = pGen.GenerateParameters(); + + if (!pValue.Equals(parameters.P) || !qValue.Equals(parameters.Q)) + { + return new SimpleTestResult(false, Name + ": p or q wrong"); + } + + Gost3410KeyPairGenerator Gost3410KeyGen = new Gost3410KeyPairGenerator(); + Gost3410KeyGenerationParameters genParam = new Gost3410KeyGenerationParameters(keyRandom, parameters); + + Gost3410KeyGen.Init(genParam); + + AsymmetricCipherKeyPair pair = Gost3410KeyGen.GenerateKeyPair(); + + ParametersWithRandom param = new ParametersWithRandom(pair.Private, random); + + Gost3410Signer Gost3410 = new Gost3410Signer(); + + Gost3410.Init(true, param); + + BigInteger[] sig = Gost3410.GenerateSignature(hashmessage); + + if (!r.Equals(sig[0])) + { + return new SimpleTestResult(false, Name + + ": r component wrong." + SimpleTest.NewLine + + " expecting: " + r.ToString(16) + SimpleTest.NewLine + + " got : " + sig[0].ToString(16)); + } + + if (!s.Equals(sig[1])) + { + return new SimpleTestResult(false, Name + + ": s component wrong." + SimpleTest.NewLine + + " expecting: " + s.ToString(16) + SimpleTest.NewLine + + " got : " + sig[1].ToString(16)); + } + + Gost3410.Init(false, pair.Public); + + if (Gost3410.VerifySignature(hashmessage, sig[0], sig[1])) + { + return new SimpleTestResult(true, Name + ": Okay"); + } + else + { + return new SimpleTestResult(false, Name + ": verification fails"); + } + } + } + + private class Gost3410_BExParam + : ITest + { + public string Name + { + get { return "Gost3410-BExParam"; } + } + + private class SecureRandomImpl22 : SecureRandom + { + bool firstLong = true; + + public override long NextLong() + { + string x0 = "0x7A007804"; + string c = "0xD31A4FF7"; + + if (firstLong) + { + firstLong = false; + return NumberParsing.DecodeLongFromHex(x0); + } + return NumberParsing.DecodeLongFromHex(c); + } + + public override void NextBytes(byte[] bytes) + { + byte[] d = Hex.Decode("7ec123d161477762838c2bea9dbdf33074af6d41d108a066a1e7a07ab3048de2"); + + Array.Copy(d, 0, bytes, bytes.Length-d.Length, d.Length); + } + }; + SecureRandom init_random = new SecureRandomImpl22(); + + private class SecureRandomImpl23 : SecureRandom + { + public override void NextBytes(byte[] bytes) + { + byte[] k = Hex.Decode("90F3A564439242F5186EBB224C8E223811B7105C64E4F5390807E6362DF4C72A"); + + int i; + + for (i = 0; i < (bytes.Length - k.Length); i += k.Length) + { + Array.Copy(k, 0, bytes, i, k.Length); + } + + if (i > bytes.Length) + { + Array.Copy(k, 0, bytes, i - k.Length, bytes.Length - (i - k.Length)); + } + else + { + Array.Copy(k, 0, bytes, i, bytes.Length - i); + } + } + }; + SecureRandom random = new SecureRandomImpl23(); + + private class SecureRandomImpl24 : SecureRandom + { + public override void NextBytes(byte[] bytes) + { + byte[] x = Hex.Decode("3036314538303830343630454235324435324234314132373832433138443046"); + + int i; + + for (i = 0; i < (bytes.Length - x.Length); i += x.Length) + { + Array.Copy(x, 0, bytes, i, x.Length); + } + + if (i > bytes.Length) + { + Array.Copy(x, 0, bytes, i - x.Length, bytes.Length - (i - x.Length)); + } + else + { + Array.Copy(x, 0, bytes, i, bytes.Length - i); + } + } + }; + SecureRandom keyRandom = new SecureRandomImpl24(); + + BigInteger pValue = new BigInteger("9286dbda91eccfc3060aa5598318e2a639f5ba90a4ca656157b2673fb191cd0589ee05f4cef1bd13508408271458c30851ce7a4ef534742bfb11f4743c8f787b11193ba304c0e6bca25701bf88af1cb9b8fd4711d89f88e32b37d95316541bf1e5dbb4989b3df13659b88c0f97a3c1087b9f2d5317d557dcd4afc6d0a754e279", 16); + BigInteger qValue = new BigInteger("c966e9b3b8b7cdd82ff0f83af87036c38f42238ec50a876cd390e43d67b6013f", 16); + + public ITestResult Perform() + { + BigInteger r = new BigInteger("8f79a582513df84dc247bcb624340cc0e5a34c4324a20ce7fe3ab8ff38a9db71",16); + BigInteger s = new BigInteger("7508d22fd6cbb45efd438cb875e43f137247088d0f54b29a7c91f68a65b5fa85",16); + Gost3410ParametersGenerator pGen = new Gost3410ParametersGenerator(); + + pGen.Init(1024, 2, init_random); + + Gost3410Parameters parameters = pGen.GenerateParameters(); + + if (!pValue.Equals(parameters.P) || !qValue.Equals(parameters.Q)) + { + return new SimpleTestResult(false, Name + ": p or q wrong"); + } + + Gost3410KeyPairGenerator Gost3410KeyGen = new Gost3410KeyPairGenerator(); + Gost3410KeyGenerationParameters genParam = new Gost3410KeyGenerationParameters(keyRandom, parameters); + + Gost3410KeyGen.Init(genParam); + + AsymmetricCipherKeyPair pair = Gost3410KeyGen.GenerateKeyPair(); + + ParametersWithRandom param = new ParametersWithRandom(pair.Private, random); + + Gost3410Signer Gost3410 = new Gost3410Signer(); + + Gost3410.Init(true, param); + + BigInteger[] sig = Gost3410.GenerateSignature(hashmessage); + + if (!r.Equals(sig[0])) + { + return new SimpleTestResult(false, Name + + ": r component wrong." + SimpleTest.NewLine + + " expecting: " + r.ToString(16) + SimpleTest.NewLine + + " got : " + sig[0].ToString(16)); + } + + if (!s.Equals(sig[1])) + { + return new SimpleTestResult(false, Name + + ": s component wrong." + SimpleTest.NewLine + + " expecting: " + s.ToString(16) + SimpleTest.NewLine + + " got : " + sig[1].ToString(16)); + } + + Gost3410.Init(false, pair.Public); + + if (Gost3410.VerifySignature(hashmessage, sig[0], sig[1])) + { + return new SimpleTestResult(true, Name + ": Okay"); + } + else + { + return new SimpleTestResult(false, Name + ": verification fails"); + } + } + } + + private class Gost3410_CExParam + : ITest + { + public string Name + { + get { return "Gost3410-CExParam"; } + } + + private class SecureRandomImpl25 : SecureRandom + { + bool firstLong = true; + + public override long NextLong() + { + string x0 = "0x162AB910"; + string c = "0x93F828D3"; + + if (firstLong) + { + firstLong = false; + return NumberParsing.DecodeLongFromHex(x0); + } + return NumberParsing.DecodeLongFromHex(c); + } + + public override void NextBytes(byte[] bytes) + { + byte[] d = Hex.Decode("ca82cce78a738bc46f103d53b9bf809745ec845e4f6da462606c51f60ecf302e31204b81"); + + Array.Copy(d, 0, bytes, bytes.Length-d.Length, d.Length); + } + }; + SecureRandom init_random = new SecureRandomImpl25(); + + private class SecureRandomImpl26 : SecureRandom + { + public override void NextBytes(byte[] bytes) + { + byte[] k = Hex.Decode("90F3A564439242F5186EBB224C8E223811B7105C64E4F5390807E6362DF4C72A"); + + int i; + + for (i = 0; i < (bytes.Length - k.Length); i += k.Length) + { + Array.Copy(k, 0, bytes, i, k.Length); + } + + if (i > bytes.Length) + { + Array.Copy(k, 0, bytes, i - k.Length, bytes.Length - (i - k.Length)); + } + else + { + Array.Copy(k, 0, bytes, i, bytes.Length - i); + } + } + }; + SecureRandom random = new SecureRandomImpl26(); + + private class SecureRandomImpl27 : SecureRandom + { + public override void NextBytes(byte[] bytes) + { + byte[] x = Hex.Decode("3036314538303830343630454235324435324234314132373832433138443046"); + + int i; + + for (i = 0; i < (bytes.Length - x.Length); i += x.Length) + { + Array.Copy(x, 0, bytes, i, x.Length); + } + + if (i > bytes.Length) + { + Array.Copy(x, 0, bytes, i - x.Length, bytes.Length - (i - x.Length)); + } + else + { + Array.Copy(x, 0, bytes, i, bytes.Length - i); + } + } + }; + SecureRandom keyRandom = new SecureRandomImpl27(); + + BigInteger pValue = new BigInteger("b194036ace14139d36d64295ae6c50fc4b7d65d8b340711366ca93f383653908ee637be428051d86612670ad7b402c09b820fa77d9da29c8111a8496da6c261a53ed252e4d8a69a20376e6addb3bdcd331749a491a184b8fda6d84c31cf05f9119b5ed35246ea4562d85928ba1136a8d0e5a7e5c764ba8902029a1336c631a1d", 16); + BigInteger qValue = new BigInteger("96120477df0f3896628e6f4a88d83c93204c210ff262bccb7dae450355125259", 16); + + public ITestResult Perform() + { + BigInteger r = new BigInteger("169fdb2dc09f690b71332432bfec806042e258fa9a21dafe73c6abfbc71407d9",16); + BigInteger s = new BigInteger("9002551808ae40d19f6f31fb67e4563101243cf07cffd5f2f8ff4c537b0c9866",16); + Gost3410ParametersGenerator pGen = new Gost3410ParametersGenerator(); + + pGen.Init(1024, 2, init_random); + + Gost3410Parameters parameters = pGen.GenerateParameters(); + + if (!pValue.Equals(parameters.P) || !qValue.Equals(parameters.Q)) + { + return new SimpleTestResult(false, Name + ": p or q wrong"); + } + + Gost3410KeyPairGenerator Gost3410KeyGen = new Gost3410KeyPairGenerator(); + Gost3410KeyGenerationParameters genParam = new Gost3410KeyGenerationParameters(keyRandom, parameters); + + Gost3410KeyGen.Init(genParam); + + AsymmetricCipherKeyPair pair = Gost3410KeyGen.GenerateKeyPair(); + + ParametersWithRandom param = new ParametersWithRandom(pair.Private, random); + + Gost3410Signer Gost3410 = new Gost3410Signer(); + + Gost3410.Init(true, param); + + BigInteger[] sig = Gost3410.GenerateSignature(hashmessage); + + if (!r.Equals(sig[0])) + { + return new SimpleTestResult(false, Name + + ": r component wrong." + SimpleTest.NewLine + + " expecting: " + r.ToString(16) + SimpleTest.NewLine + + " got : " + sig[0].ToString(16)); + } + + if (!s.Equals(sig[1])) + { + return new SimpleTestResult(false, Name + + ": s component wrong." + SimpleTest.NewLine + + " expecting: " + s.ToString(16) + SimpleTest.NewLine + + " got : " + sig[1].ToString(16)); + } + + Gost3410.Init(false, pair.Public); + + if (Gost3410.VerifySignature(hashmessage, sig[0], sig[1])) + { + return new SimpleTestResult(true, Name + ": Okay"); + } + else + { + return new SimpleTestResult(false, Name + ": verification fails"); + } + } + } + + ITest[] tests = + { + new Gost3410_TEST1_512(), + new Gost3410_TEST2_512(), + new Gost3410_TEST1_1024(), + new Gost3410_TEST2_1024(), + new Gost3410_AParam(), + new Gost3410_BParam(), + new Gost3410_CParam(), + new Gost3410_DParam(), + new Gost3410_AExParam(), + new Gost3410_BExParam(), + new Gost3410_CExParam() + }; + + public string Name + { + get { return "Gost3410"; } + } + + public ITestResult Perform() + { + for (int i = 0; i != tests.Length; i++) + { + ITestResult result = tests[i].Perform(); + + if (!result.IsSuccessful()) + { + return result; + } + } + + return new SimpleTestResult(true, "Gost3410: Okay"); + } + + public static void Main( + string[] args) + { + ITest test = new Gost3410Test(); + ITestResult result = test.Perform(); + + Console.WriteLine(result); + } + + [Test] + public void TestFunction() + { + string resultText = Perform().ToString(); + + Assert.AreEqual(Name + ": Okay", resultText); + } + } +} diff --git a/BouncyCastle/crypto/test/src/crypto/test/GOST3411DigestTest.cs b/BouncyCastle/crypto/test/src/crypto/test/GOST3411DigestTest.cs new file mode 100644 index 0000000..329a158 --- /dev/null +++ b/BouncyCastle/crypto/test/src/crypto/test/GOST3411DigestTest.cs @@ -0,0 +1,95 @@ +using System; + +using NUnit.Framework; + +using Org.BouncyCastle.Crypto; +using Org.BouncyCastle.Crypto.Digests; +using Org.BouncyCastle.Crypto.Generators; +using Org.BouncyCastle.Crypto.Macs; +using Org.BouncyCastle.Crypto.Parameters; + +using Org.BouncyCastle.Security; +using Org.BouncyCastle.Utilities; +using Org.BouncyCastle.Utilities.Encoders; +using Org.BouncyCastle.Utilities.Test; + +namespace Org.BouncyCastle.Crypto.Tests +{ + [TestFixture] + public class Gost3411DigestTest + : DigestTest + { + private static readonly string[] messages = + { + "", + "This is message, length=32 bytes", + "Suppose the original message has length = 50 bytes", + "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789" + }; + + // If S-box = D-A (see: digest/Gost3411Digest.java; function: E(byte[] in, byte[] key); string: CipherParameters param = new Gost28147Parameters(key,"D-A");) + private static readonly string[] digests = + { + "981e5f3ca30c841487830f84fb433e13ac1101569b9c13584ac483234cd656c0", + "2cefc2f7b7bdc514e18ea57fa74ff357e7fa17d652c75f69cb1be7893ede48eb", + "c3730c5cbccacf915ac292676f21e8bd4ef75331d9405e5f1a61dc3130a65011", + "73b70a39497de53a6e08c67b6d4db853540f03e9389299d9b0156ef7e85d0f61" + }; + + // If S-box = D-Test (see: digest/GOST3411Digest.cs; function:E(byte[] in, byte[] key); string: ICipherParameters p = new Gost28147Parameters(key, "D-Test");) +// private static readonly string[] digests = +// { +// "ce85b99cc46752fffee35cab9a7b0278abb4c2d2055cff685af4912c49490f8d", +// "b1c466d37519b82e8319819ff32595e047a28cb6f83eff1c6916a815a637fffa", +// "471aba57a60a770d3a76130635c1fbea4ef14de51f78b4ae57dd893b62f55208", +// "95c1af627c356496d80274330b2cff6a10c67b5f597087202f94d06d2338cf8e" +// }; + + // 1 million 'a' + static private string million_a_digest = "8693287aa62f9478f7cb312ec0866b6c4e4a0f11160441e8f4ffcd2715dd554f"; + + public Gost3411DigestTest() + : base(new Gost3411Digest(), messages, digests) + { + } + + public override void PerformTest() + { + base.PerformTest(); + + millionATest(million_a_digest); + + byte[] data = Strings.ToUtf8ByteArray("fred"); + + KeyParameter key = new KeyParameter(Pkcs5S1ParametersGenerator.Pkcs5PasswordToUtf8Bytes("1".ToCharArray())); + byte[] mac = MacUtilities.CalculateMac("HMAC/GOST3411", key, data); + + if (!Arrays.AreEqual(Hex.Decode("e9f98610cfc80084462b175a15d2b4ec10b2ab892eae5a6179d572d9b1db6b72"), mac)) + { + Fail("mac calculation failed."); + } + } + + protected override IDigest CloneDigest(IDigest digest) + { + return new Gost3411Digest((Gost3411Digest)digest); + } + + public static void Main( + string[] args) + { + ITest test = new Gost3411DigestTest(); + ITestResult result = test.Perform(); + + Console.WriteLine(result); + } + + [Test] + public void TestFunction() + { + string resultText = Perform().ToString(); + + Assert.AreEqual(Name + ": Okay", resultText); + } + } +} diff --git a/BouncyCastle/crypto/test/src/crypto/test/GOST3411_2012_256DigestTest.cs b/BouncyCastle/crypto/test/src/crypto/test/GOST3411_2012_256DigestTest.cs new file mode 100644 index 0000000..1f2ef18 --- /dev/null +++ b/BouncyCastle/crypto/test/src/crypto/test/GOST3411_2012_256DigestTest.cs @@ -0,0 +1,102 @@ +using System; +using System.Collections; + +using NUnit.Framework; + +using Org.BouncyCastle.Crypto; +using Org.BouncyCastle.Crypto.Digests; +using Org.BouncyCastle.Crypto.Macs; +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Crypto.Tests; +using Org.BouncyCastle.Utilities; +using Org.BouncyCastle.Utilities.Encoders; + +namespace Org.BouncyCastle.Crypto.Tests +{ + [TestFixture] + public class GOST3411_2012_256DigestTest + : DigestTest + { + private static readonly String[] messages; + + private static char[] M1 = + { + (char)0x30, (char)0x31, (char)0x32, (char)0x33, (char)0x34, (char)0x35, + (char)0x36, (char)0x37, (char)0x38, (char)0x39, (char)0x30, (char)0x31, + (char)0x32, (char)0x33, (char)0x34, (char)0x35, (char)0x36, (char)0x37, + (char)0x38, (char)0x39,(char)0x30, (char)0x31, (char)0x32, (char)0x33, + (char)0x34, (char)0x35, (char)0x36, (char)0x37, (char)0x38, (char)0x39, + (char)0x30, (char)0x31, (char)0x32, (char)0x33, (char)0x34, (char)0x35, + (char)0x36, (char)0x37, (char)0x38, (char)0x39, (char)0x30, (char)0x31, + (char)0x32, (char)0x33, (char)0x34, (char)0x35, (char)0x36, (char)0x37, + (char)0x38, (char)0x39, (char)0x30, (char)0x31, (char)0x32, (char)0x33, + (char)0x34, (char)0x35, (char)0x36, (char)0x37, (char)0x38, (char)0x39, + (char)0x30, (char)0x31, (char)0x32 + }; + + private static char[] M2 = + { + (char)0xd1,(char)0xe5,(char)0x20,(char)0xe2,(char)0xe5,(char)0xf2, + (char)0xf0,(char)0xe8,(char)0x2c,(char)0x20,(char)0xd1,(char)0xf2, + (char)0xf0,(char)0xe8,(char)0xe1,(char)0xee,(char)0xe6,(char)0xe8, + (char)0x20,(char)0xe2,(char)0xed,(char)0xf3,(char)0xf6,(char)0xe8, + (char)0x2c,(char)0x20,(char)0xe2,(char)0xe5,(char)0xfe,(char)0xf2, + (char)0xfa,(char)0x20,(char)0xf1,(char)0x20,(char)0xec,(char)0xee, + (char)0xf0,(char)0xff,(char)0x20,(char)0xf1,(char)0xf2,(char)0xf0, + (char)0xe5,(char)0xeb,(char)0xe0,(char)0xec,(char)0xe8,(char)0x20, + (char)0xed,(char)0xe0,(char)0x20,(char)0xf5,(char)0xf0,(char)0xe0, + (char)0xe1,(char)0xf0,(char)0xfb,(char)0xff,(char)0x20,(char)0xef, + (char)0xeb,(char)0xfa,(char)0xea,(char)0xfb,(char)0x20,(char)0xc8, + (char)0xe3,(char)0xee,(char)0xf0,(char)0xe5,(char)0xe2,(char)0xfb + }; + + static GOST3411_2012_256DigestTest() + { + messages = new string[] { new string(M1), new string(M2) }; + } + + private static readonly String[] digests = { + "9d151eefd8590b89daa6ba6cb74af9275dd051026bb149a452fd84e5e57b5500", + "9dd2fe4e90409e5da87f53976d7405b0c0cac628fc669a741d50063c557e8f50" + }; + + public GOST3411_2012_256DigestTest() + : base(new Gost3411_2012_256Digest(), messages, digests) + { + } + + public override void PerformTest() + { + base.PerformTest(); + + HMac gMac = new HMac(new Gost3411_2012_256Digest()); + + gMac.Init(new KeyParameter(Hex.Decode("000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f"))); + + byte[] data = Hex.Decode("0126bdb87800af214341456563780100"); + + gMac.BlockUpdate(data, 0, data.Length); + byte[] mac = new byte[gMac.GetMacSize()]; + + gMac.DoFinal(mac, 0); + + if (!Arrays.AreEqual(Hex.Decode("a1aa5f7de402d7b3d323f2991c8d4534013137010a83754fd0af6d7cd4922ed9"), mac)) + { + Fail("mac calculation failed."); + } + } + + protected override IDigest CloneDigest(IDigest digest) + { + return new Gost3411_2012_256Digest((Gost3411_2012_256Digest)digest); + } + + [Test] + public void GOST3422_2012_256_TestFunction() + { + string resultText = Perform().ToString(); + + Assert.AreEqual(Name + ": Okay", resultText); + } + } +} diff --git a/BouncyCastle/crypto/test/src/crypto/test/GOST3411_2012_512DigestTest.cs b/BouncyCastle/crypto/test/src/crypto/test/GOST3411_2012_512DigestTest.cs new file mode 100644 index 0000000..f439895 --- /dev/null +++ b/BouncyCastle/crypto/test/src/crypto/test/GOST3411_2012_512DigestTest.cs @@ -0,0 +1,99 @@ +using System; +using System.Collections; + +using NUnit.Framework; + +using Org.BouncyCastle.Crypto.Digests; +using Org.BouncyCastle.Crypto.Macs; +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Utilities; +using Org.BouncyCastle.Utilities.Encoders; + +namespace Org.BouncyCastle.Crypto.Tests +{ + [TestFixture] + public class GOST3411_2012_512DigestTest + : DigestTest + { + private static readonly String[] messages; + + private static char[] M1 = + { + (char)0x30, (char)0x31, (char)0x32, (char)0x33, (char)0x34, (char)0x35, + (char)0x36, (char)0x37, (char)0x38, (char)0x39, (char)0x30, (char)0x31, + (char)0x32, (char)0x33, (char)0x34, (char)0x35, (char)0x36, (char)0x37, + (char)0x38, (char)0x39,(char)0x30, (char)0x31, (char)0x32, (char)0x33, + (char)0x34, (char)0x35, (char)0x36, (char)0x37, (char)0x38, (char)0x39, + (char)0x30, (char)0x31, (char)0x32, (char)0x33, (char)0x34, (char)0x35, + (char)0x36, (char)0x37, (char)0x38, (char)0x39,(char)0x30, (char)0x31, + (char)0x32, (char)0x33, (char)0x34, (char)0x35, (char)0x36, (char)0x37, + (char)0x38, (char)0x39, (char)0x30, (char)0x31, (char)0x32, (char)0x33, + (char)0x34, (char)0x35, (char)0x36, (char)0x37, (char)0x38, (char)0x39, + (char)0x30, (char)0x31, (char)0x32 + }; + + private static char[] M2 = + { + (char)0xd1,(char)0xe5,(char)0x20,(char)0xe2,(char)0xe5,(char)0xf2,(char)0xf0, + (char)0xe8,(char)0x2c,(char)0x20,(char)0xd1,(char)0xf2,(char)0xf0,(char)0xe8, + (char)0xe1,(char)0xee,(char)0xe6,(char)0xe8,(char)0x20,(char)0xe2,(char)0xed, + (char)0xf3,(char)0xf6,(char)0xe8,(char)0x2c,(char)0x20,(char)0xe2,(char)0xe5, + (char)0xfe,(char)0xf2,(char)0xfa,(char)0x20,(char)0xf1,(char)0x20,(char)0xec, + (char)0xee,(char)0xf0,(char)0xff,(char)0x20,(char)0xf1,(char)0xf2,(char)0xf0, + (char)0xe5,(char)0xeb,(char)0xe0,(char)0xec,(char)0xe8,(char)0x20,(char)0xed, + (char)0xe0,(char)0x20,(char)0xf5,(char)0xf0,(char)0xe0,(char)0xe1,(char)0xf0, + (char)0xfb,(char)0xff,(char)0x20,(char)0xef,(char)0xeb,(char)0xfa,(char)0xea, + (char)0xfb,(char)0x20,(char)0xc8,(char)0xe3,(char)0xee,(char)0xf0,(char)0xe5, + (char)0xe2,(char)0xfb + }; + + static GOST3411_2012_512DigestTest() + { + messages = new string[]{ new string(M1), new string(M2) }; + } + + private static readonly String[] digests = { + "1b54d01a4af5b9d5cc3d86d68d285462b19abc2475222f35c085122be4ba1ffa00ad30f8767b3a82384c6574f024c311e2a481332b08ef7f41797891c1646f48", + "1e88e62226bfca6f9994f1f2d51569e0daf8475a3b0fe61a5300eee46d961376035fe83549ada2b8620fcd7c496ce5b33f0cb9dddc2b6460143b03dabac9fb28", + }; + + public override void PerformTest() + { + base.PerformTest(); + + HMac gMac = new HMac(new Gost3411_2012_512Digest()); + + gMac.Init(new KeyParameter(Hex.Decode("000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f"))); + + byte[] data = Hex.Decode("0126bdb87800af214341456563780100"); + + gMac.BlockUpdate(data, 0, data.Length); + byte[] mac = new byte[gMac.GetMacSize()]; + + gMac.DoFinal(mac, 0); + + if (!Arrays.AreEqual(Hex.Decode("a59bab22ecae19c65fbde6e5f4e9f5d8549d31f037f9df9b905500e171923a773d5f1530f2ed7e964cb2eedc29e9ad2f3afe93b2814f79f5000ffc0366c251e6"), mac)) + { + Fail("mac calculation failed."); + } + } + + public GOST3411_2012_512DigestTest() + : base(new Gost3411_2012_512Digest(), messages, digests) + { + } + + protected override IDigest CloneDigest(IDigest digest) + { + return new Gost3411_2012_512Digest((Gost3411_2012_512Digest)digest); + } + + [Test] + public void GOST3422_2012_512_TestFunction() + { + string resultText = Perform().ToString(); + + Assert.AreEqual(Name + ": Okay", resultText); + } + } +} diff --git a/BouncyCastle/crypto/test/src/crypto/test/GcmReorderTest.cs b/BouncyCastle/crypto/test/src/crypto/test/GcmReorderTest.cs new file mode 100644 index 0000000..5d4bafb --- /dev/null +++ b/BouncyCastle/crypto/test/src/crypto/test/GcmReorderTest.cs @@ -0,0 +1,353 @@ +using System; + +using NUnit.Framework; + +using Org.BouncyCastle.Crypto.Modes.Gcm; +using Org.BouncyCastle.Security; +using Org.BouncyCastle.Utilities; +using Org.BouncyCastle.Utilities.Encoders; + +namespace Org.BouncyCastle.Crypto.Tests +{ + [TestFixture] + public class GcmReorderTest + { + private static readonly byte[] H; + private static readonly SecureRandom random = new SecureRandom(); + private static readonly IGcmMultiplier mul = new Tables4kGcmMultiplier(); + private static readonly IGcmExponentiator exp = new Tables1kGcmExponentiator(); + private static readonly byte[] Empty = new byte[0]; + + static GcmReorderTest() + { + H = new byte[16]; + random.NextBytes(H); + mul.Init(Arrays.Clone(H)); + exp.Init(Arrays.Clone(H)); + } + + [Test] + public void TestCombine() + { + for (int count = 0; count < 10; ++count) + { + byte[] A = randomBytes(1000); + byte[] C = randomBytes(1000); + + byte[] ghashA_ = GHASH(A, Empty); + byte[] ghash_C = GHASH(Empty, C); + byte[] ghashAC = GHASH(A, C); + + byte[] ghashCombine = combine_GHASH(ghashA_, (long)A.Length * 8, ghash_C, (long)C.Length * 8); + + Assert.IsTrue(Arrays.AreEqual(ghashAC, ghashCombine)); + } + } + + [Test] + public void TestConcatAuth() + { + for (int count = 0; count < 10; ++count) + { + byte[] P = randomBlocks(100); + byte[] A = randomBytes(1000); + byte[] PA = Arrays.Concatenate(P, A); + + byte[] ghashP_ = GHASH(P, Empty); + byte[] ghashA_ = GHASH(A, Empty); + byte[] ghashPA_val = GHASH(PA, Empty); + byte[] ghashConcat = concatAuth_GHASH(ghashP_, (long)P.Length * 8, ghashA_, (long)A.Length * 8); + + Assert.IsTrue(Arrays.AreEqual(ghashPA_val, ghashConcat)); + } + } + + [Test] + public void TestConcatCrypt() + { + for (int count = 0; count < 10; ++count) + { + byte[] P = randomBlocks(100); + byte[] A = randomBytes(1000); + byte[] PA = Arrays.Concatenate(P, A); + + byte[] ghash_P = GHASH(Empty, P); + byte[] ghash_A = GHASH(Empty, A); + byte[] ghash_PA = GHASH(Empty, PA); + byte[] ghashConcat = concatCrypt_GHASH(ghash_P, (long)P.Length * 8, ghash_A, (long)A.Length * 8); + + Assert.IsTrue(Arrays.AreEqual(ghash_PA, ghashConcat)); + } + } + + [Test] + public void TestExp() + { + { + byte[] buf1 = new byte[16]; + buf1[0] = 0x80; + + byte[] buf2 = new byte[16]; + + for (int pow = 0; pow != 100; ++pow) + { + exp.ExponentiateX(pow, buf2); + + Assert.IsTrue(Arrays.AreEqual(buf1, buf2)); + + mul.MultiplyH(buf1); + } + } + + long[] testPow = new long[]{ 10, 1, 8, 17, 24, 13, 2, 13, 2, 3 }; + byte[][] testData = new byte[][]{ + Hex.Decode("9185848a877bd87ba071e281f476e8e7"), + Hex.Decode("697ce3052137d80745d524474fb6b290"), + Hex.Decode("2696fc47198bb23b11296e4f88720a17"), + Hex.Decode("01f2f0ead011a4ae0cf3572f1b76dd8e"), + Hex.Decode("a53060694a044e4b7fa1e661c5a7bb6b"), + Hex.Decode("39c0392e8b6b0e04a7565c85394c2c4c"), + Hex.Decode("519c362d502e07f2d8b7597a359a5214"), + Hex.Decode("5a527a393675705e19b2117f67695af4"), + Hex.Decode("27fc0901d1d332a53ba4d4386c2109d2"), + Hex.Decode("93ca9b57174aabedf8220e83366d7df6"), + }; + + for (int i = 0; i != 10; ++i) + { + long pow = testPow[i]; + byte[] data = Arrays.Clone(testData[i]); + + byte[] expected = Arrays.Clone(data); + for (int j = 0; j < pow; ++j) + { + mul.MultiplyH(expected); + } + + byte[] H_a = new byte[16]; + exp.ExponentiateX(pow, H_a); + byte[] actual = multiply(data, H_a); + + Assert.IsTrue(Arrays.AreEqual(expected, actual)); + } + } + + [Test] + public void TestMultiply() + { + byte[] expected = Arrays.Clone(H); + mul.MultiplyH(expected); + + Assert.IsTrue(Arrays.AreEqual(expected, multiply(H, H))); + + for (int count = 0; count < 10; ++count) + { + byte[] a = new byte[16]; + random.NextBytes(a); + + byte[] b = new byte[16]; + random.NextBytes(b); + + expected = Arrays.Clone(a); + mul.MultiplyH(expected); + Assert.IsTrue(Arrays.AreEqual(expected, multiply(a, H))); + Assert.IsTrue(Arrays.AreEqual(expected, multiply(H, a))); + + expected = Arrays.Clone(b); + mul.MultiplyH(expected); + Assert.IsTrue(Arrays.AreEqual(expected, multiply(b, H))); + Assert.IsTrue(Arrays.AreEqual(expected, multiply(H, b))); + + Assert.IsTrue(Arrays.AreEqual(multiply(a, b), multiply(b, a))); + } + } + + private byte[] randomBlocks(int upper) + { + byte[] bs = new byte[16 * random.Next(upper)]; + random.NextBytes(bs); + return bs; + } + + private byte[] randomBytes(int upper) + { + byte[] bs = new byte[random.Next(upper)]; + random.NextBytes(bs); + return bs; + } + + private byte[] combine_GHASH(byte[] ghashA_, long bitlenA, byte[] ghash_C, long bitlenC) + { + // Note: bitlenA must be aligned to the block size + + long c = (bitlenC + 127) >> 7; + + byte[] H_c = new byte[16]; + exp.ExponentiateX(c, H_c); + + byte[] tmp1 = lengthBlock(bitlenA, 0); + mul.MultiplyH(tmp1); + + byte[] ghashAC = Arrays.Clone(ghashA_); + xor(ghashAC, tmp1); + ghashAC = multiply(ghashAC, H_c); + // No need to touch the len(C) part (second 8 bytes) + xor(ghashAC, tmp1); + xor(ghashAC, ghash_C); + + return ghashAC; + } + + private byte[] concatAuth_GHASH(byte[] ghashP, long bitlenP, byte[] ghashA, long bitlenA) + { + // Note: bitlenP must be aligned to the block size + + long a = (bitlenA + 127) >> 7; + + byte[] tmp1 = lengthBlock(bitlenP, 0); + mul.MultiplyH(tmp1); + + byte[] tmp2 = lengthBlock(bitlenA ^ (bitlenP + bitlenA), 0); + mul.MultiplyH(tmp2); + + byte[] H_a = new byte[16]; + exp.ExponentiateX(a, H_a); + + byte[] ghashC = Arrays.Clone(ghashP); + xor(ghashC, tmp1); + ghashC = multiply(ghashC, H_a); + xor(ghashC, tmp2); + xor(ghashC, ghashA); + return ghashC; + } + + private byte[] concatCrypt_GHASH(byte[] ghashP, long bitlenP, byte[] ghashA, long bitlenA) + { + // Note: bitlenP must be aligned to the block size + + long a = (bitlenA + 127) >> 7; + + byte[] tmp1 = lengthBlock(0, bitlenP); + mul.MultiplyH(tmp1); + + byte[] tmp2 = lengthBlock(0, bitlenA ^ (bitlenP + bitlenA)); + mul.MultiplyH(tmp2); + + byte[] H_a = new byte[16]; + exp.ExponentiateX(a, H_a); + + byte[] ghashC = Arrays.Clone(ghashP); + xor(ghashC, tmp1); + ghashC = multiply(ghashC, H_a); + xor(ghashC, tmp2); + xor(ghashC, ghashA); + return ghashC; + } + + private byte[] GHASH(byte[] A, byte[] C) + { + byte[] X = new byte[16]; + + { + for (int pos = 0; pos < A.Length; pos += 16) + { + byte[] tmp = new byte[16]; + int num = System.Math.Min(A.Length - pos, 16); + Array.Copy(A, pos, tmp, 0, num); + xor(X, tmp); + mul.MultiplyH(X); + } + } + + { + for (int pos = 0; pos < C.Length; pos += 16) + { + byte[] tmp = new byte[16]; + int num = System.Math.Min(C.Length - pos, 16); + Array.Copy(C, pos, tmp, 0, num); + xor(X, tmp); + mul.MultiplyH(X); + } + } + + { + xor(X, lengthBlock((long)A.Length * 8, (long)C.Length * 8)); + mul.MultiplyH(X); + } + + return X; + } + + private static byte[] lengthBlock(long bitlenA, long bitlenC) + { + byte[] tmp = new byte[16]; + UInt64_To_BE((ulong)bitlenA, tmp, 0); + UInt64_To_BE((ulong)bitlenC, tmp, 8); + return tmp; + } + + private static void xor(byte[] block, byte[] val) + { + for (int i = 15; i >= 0; --i) + { + block[i] ^= val[i]; + } + } + + private static void UInt64_To_BE(ulong n, byte[] bs, int off) + { + UInt32_To_BE((uint)(n >> 32), bs, off); + UInt32_To_BE((uint)(n), bs, off + 4); + } + + private static void UInt32_To_BE(uint n, byte[] bs, int off) + { + bs[ off] = (byte)(n >> 24); + bs[++off] = (byte)(n >> 16); + bs[++off] = (byte)(n >> 8); + bs[++off] = (byte)(n ); + } + + private static byte[] multiply(byte[] a, byte[] b) + { + byte[] c = new byte[16]; + byte[] tmp = Arrays.Clone(b); + + for (int i = 0; i < 16; ++i) + { + byte bits = a[i]; + for (int j = 7; j >= 0; --j) + { + if ((bits & (1 << j)) != 0) + { + xor(c, tmp); + } + + bool lsb = (tmp[15] & 1) != 0; + shiftRight(tmp); + if (lsb) + { + // R = new byte[]{ 0xe1, ... }; + //GcmUtilities.Xor(tmp, R); + tmp[0] ^= (byte)0xe1; + } + } + } + + return c; + } + + private static void shiftRight(byte[] block) + { + int i = 0; + byte bit = 0; + for (;;) + { + byte b = block[i]; + block[i] = (byte)((b >> 1) | bit); + if (++i == 16) break; + bit = (byte)(b << 7); + } + } + } +} diff --git a/BouncyCastle/crypto/test/src/crypto/test/GcmSivTest.cs b/BouncyCastle/crypto/test/src/crypto/test/GcmSivTest.cs new file mode 100644 index 0000000..0921912 --- /dev/null +++ b/BouncyCastle/crypto/test/src/crypto/test/GcmSivTest.cs @@ -0,0 +1,458 @@ +using System; + +using NUnit.Framework; + +using Org.BouncyCastle.Crypto.Modes; +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Utilities; +using Org.BouncyCastle.Utilities.Encoders; +using Org.BouncyCastle.Utilities.Test; + +namespace Org.BouncyCastle.Crypto.Tests +{ + [TestFixture] + public class GcmSivTest + : SimpleTest + { + public override string Name + { + get { return "GCM-SIV"; } + } + + public override void PerformTest() + { + new AesGcmSiv128Test1().TestTheCipher(this); + new AesGcmSiv128Test2().TestTheCipher(this); + new AesGcmSiv128Test3().TestTheCipher(this); + new AesGcmSiv256Test1().TestTheCipher(this); + new AesGcmSiv256Test2().TestTheCipher(this); + new AesGcmSiv256Test3().TestTheCipher(this); + new AesGcmSiv256Test4().TestTheCipher(this); + } + + /** + * Test the GcmSivCipher against the results. + * @param pCipher the cipher to test. + * @param pKey the key to test + * @param pNonce the nonce + * @param pAEAD the AEAD + * @param pData the data to test + * @param pExpected the expected results + */ + private void TestSivCipher(GcmSivBlockCipher pCipher, string pKey, string pNonce, string pAEAD, string pData, + string pExpected) + { + try + { + /* Access the key and the data */ + KeyParameter myKey = new KeyParameter(Hex.Decode(pKey)); + byte[] myNonce = Hex.Decode(pNonce); + byte[] myAEAD = Hex.Decode(pAEAD); + byte[] myData = Hex.Decode(pData); + + /* Initialise the cipher */ + AeadParameters myParams = new AeadParameters(myKey, 128, myNonce, myAEAD); + pCipher.Init(true, myParams); + + /* Create the output buffers */ + byte[] myOutput = new byte[pCipher.GetOutputSize(myData.Length)]; + byte[] myFinal = new byte[myData.Length]; + + /* Process the data */ + pCipher.ProcessBytes(myData, 0, myData.Length, null, 0); + pCipher.DoFinal(myOutput, 0); + + /* Check the encryption */ + byte[] myExpected = Hex.Decode(pExpected); + IsTrue("Encryption mismatch", Arrays.AreEqual(myExpected, myOutput)); + + /* Repeat processing byte at a time */ + for (int i = 0; i != myData.Length; i++) + { + pCipher.ProcessByte(myData[i], null, 0); + } + pCipher.DoFinal(myOutput, 0); + IsTrue("Encryption mismatch", Arrays.AreEqual(myExpected, myOutput)); + + /* Re-initialise the cipher */ + pCipher.Init(false, myParams); + pCipher.ProcessBytes(myOutput, 0, myOutput.Length, null, 0); + pCipher.DoFinal(myFinal, 0); + IsTrue("Decryption mismatch", Arrays.AreEqual(myData, myFinal)); + } + catch (InvalidCipherTextException e) + { + Fail("Bad Text", e); + } + } + + /** + * AES-GCM-SIV-128 Set 1. + */ + private class AesGcmSiv128Test1 + { + private readonly string EMPTY = ""; + private readonly string KEY_1 = "01000000000000000000000000000000"; + private readonly string NONCE_1 = "030000000000000000000000"; + private readonly string DATA_8 = "0100000000000000"; + private readonly string DATA_12 = "010000000000000000000000"; + private readonly string DATA_16 = "01000000000000000000000000000000"; + private readonly string DATA_32 = "01000000000000000000000000000000" + "02000000000000000000000000000000"; + private readonly string DATA_48 = "01000000000000000000000000000000" + "02000000000000000000000000000000" + + "03000000000000000000000000000000"; + private readonly string DATA_64 = "01000000000000000000000000000000" + "02000000000000000000000000000000" + + "03000000000000000000000000000000" + "04000000000000000000000000000000"; + private readonly string EXPECTED_1 = "dc20e2d83f25705bb49e439eca56de25"; + private readonly string EXPECTED_2 = "b5d839330ac7b786578782fff6013b81" + "5b287c22493a364c"; + private readonly string EXPECTED_3 = "7323ea61d05932260047d942a4978db3" + "57391a0bc4fdec8b0d106639"; + private readonly string EXPECTED_4 = "743f7c8077ab25f8624e2e948579cf77" + "303aaf90f6fe21199c6068577437a0c4"; + private readonly string EXPECTED_5 = "84e07e62ba83a6585417245d7ec413a9" + "fe427d6315c09b57ce45f2e3936a9445" + + "1a8e45dcd4578c667cd86847bf6155ff"; + private readonly string EXPECTED_6 = "3fd24ce1f5a67b75bf2351f181a475c7" + "b800a5b4d3dcf70106b1eea82fa1d64d" + + "f42bf7226122fa92e17a40eeaac1201b" + "5e6e311dbf395d35b0fe39c2714388f8"; + private readonly string EXPECTED_7 = "2433668f1058190f6d43e360f4f35cd8" + "e475127cfca7028ea8ab5c20f7ab2af0" + + "2516a2bdcbc08d521be37ff28c152bba" + "36697f25b4cd169c6590d1dd39566d3f" + + "8a263dd317aa88d56bdf3936dba75bb8"; + + /** + * Test cipher. + * @param pTest the test engine + */ + internal void TestTheCipher(GcmSivTest pTest) + { + pTest.TestSivCipher(new GcmSivBlockCipher(), KEY_1, NONCE_1, EMPTY, EMPTY, EXPECTED_1); + pTest.TestSivCipher(new GcmSivBlockCipher(), KEY_1, NONCE_1, EMPTY, DATA_8, EXPECTED_2); + pTest.TestSivCipher(new GcmSivBlockCipher(), KEY_1, NONCE_1, EMPTY, DATA_12, EXPECTED_3); + pTest.TestSivCipher(new GcmSivBlockCipher(), KEY_1, NONCE_1, EMPTY, DATA_16, EXPECTED_4); + pTest.TestSivCipher(new GcmSivBlockCipher(), KEY_1, NONCE_1, EMPTY, DATA_32, EXPECTED_5); + pTest.TestSivCipher(new GcmSivBlockCipher(), KEY_1, NONCE_1, EMPTY, DATA_48, EXPECTED_6); + pTest.TestSivCipher(new GcmSivBlockCipher(), KEY_1, NONCE_1, EMPTY, DATA_64, EXPECTED_7); + } + } + + /** + * AES-GCM-SIV-128 Set 2. + */ + private class AesGcmSiv128Test2 + { + private readonly string KEY_1 = "01000000000000000000000000000000"; + private readonly string NONCE_1 = "030000000000000000000000"; + private readonly string AEAD_1 = "01"; + private readonly string AEAD_12 = "010000000000000000000000"; + private readonly string AEAD_18 = "01000000000000000000000000000000" + "0200"; + private readonly string AEAD_20 = "01000000000000000000000000000000" + "02000000"; + private readonly string DATA_4 = "02000000"; + private readonly string DATA_8 = "0200000000000000"; + private readonly string DATA_12 = "020000000000000000000000"; + private readonly string DATA_16 = "02000000000000000000000000000000"; + private readonly string DATA_18 = "03000000000000000000000000000000" + "0400"; + private readonly string DATA_20 = "03000000000000000000000000000000" + "04000000"; + private readonly string DATA_32 = "02000000000000000000000000000000" + "03000000000000000000000000000000"; + private readonly string DATA_48 = "02000000000000000000000000000000" + "03000000000000000000000000000000" + + "04000000000000000000000000000000"; + private readonly string DATA_64 = "02000000000000000000000000000000" + "03000000000000000000000000000000" + + "04000000000000000000000000000000" + "05000000000000000000000000000000"; + private readonly string EXPECTED_1 = "1e6daba35669f4273b0a1a2560969cdf" + "790d99759abd1508"; + private readonly string EXPECTED_2 = "296c7889fd99f41917f4462008299c51" + "02745aaa3a0c469fad9e075a"; + private readonly string EXPECTED_3 = "e2b0c5da79a901c1745f700525cb335b" + "8f8936ec039e4e4bb97ebd8c4457441f"; + private readonly string EXPECTED_4 = "620048ef3c1e73e57e02bb8562c416a3" + "19e73e4caac8e96a1ecb2933145a1d71" + + "e6af6a7f87287da059a71684ed3498e1"; + private readonly string EXPECTED_5 = "50c8303ea93925d64090d07bd109dfd9" + "515a5a33431019c17d93465999a8b005" + + "3201d723120a8562b838cdff25bf9d1e" + "6a8cc3865f76897c2e4b245cf31c51f2"; + private readonly string EXPECTED_6 = "2f5c64059db55ee0fb847ed513003746" + "aca4e61c711b5de2e7a77ffd02da42fe" + + "ec601910d3467bb8b36ebbaebce5fba3" + "0d36c95f48a3e7980f0e7ac299332a80" + + "cdc46ae475563de037001ef84ae21744"; + private readonly string EXPECTED_7 = "a8fe3e8707eb1f84fb28f8cb73de8e99" + "e2f48a14"; + private readonly string EXPECTED_8 = "6bb0fecf5ded9b77f902c7d5da236a43" + "91dd029724afc9805e976f451e6d87f6" + + "fe106514"; + private readonly string EXPECTED_9 = "44d0aaf6fb2f1f34add5e8064e83e12a" + "2adabff9b2ef00fb47920cc72a0c0f13" + + "b9fd"; + + /** + * Test cipher. + * @param pTest the test engine + */ + internal void TestTheCipher(GcmSivTest pTest) + { + pTest.TestSivCipher(new GcmSivBlockCipher(), KEY_1, NONCE_1, AEAD_1, DATA_8, EXPECTED_1); + pTest.TestSivCipher(new GcmSivBlockCipher(), KEY_1, NONCE_1, AEAD_1, DATA_12, EXPECTED_2); + pTest.TestSivCipher(new GcmSivBlockCipher(), KEY_1, NONCE_1, AEAD_1, DATA_16, EXPECTED_3); + pTest.TestSivCipher(new GcmSivBlockCipher(), KEY_1, NONCE_1, AEAD_1, DATA_32, EXPECTED_4); + pTest.TestSivCipher(new GcmSivBlockCipher(), KEY_1, NONCE_1, AEAD_1, DATA_48, EXPECTED_5); + pTest.TestSivCipher(new GcmSivBlockCipher(), KEY_1, NONCE_1, AEAD_1, DATA_64, EXPECTED_6); + pTest.TestSivCipher(new GcmSivBlockCipher(), KEY_1, NONCE_1, AEAD_12, DATA_4, EXPECTED_7); + pTest.TestSivCipher(new GcmSivBlockCipher(), KEY_1, NONCE_1, AEAD_18, DATA_20, EXPECTED_8); + pTest.TestSivCipher(new GcmSivBlockCipher(), KEY_1, NONCE_1, AEAD_20, DATA_18, EXPECTED_9); + } + } + + /** + * AES-GCM-SIV-128 Set 3. + */ + private class AesGcmSiv128Test3 + { + private readonly string EMPTY = ""; + private readonly string KEY_1 = "e66021d5eb8e4f4066d4adb9c33560e4"; + private readonly string KEY_2 = "36864200e0eaf5284d884a0e77d31646"; + private readonly string KEY_3 = "aedb64a6c590bc84d1a5e269e4b47801"; + private readonly string KEY_4 = "d5cc1fd161320b6920ce07787f86743b"; + private readonly string KEY_5 = "b3fed1473c528b8426a582995929a149"; + private readonly string KEY_6 = "2d4ed87da44102952ef94b02b805249b"; + private readonly string KEY_7 = "bde3b2f204d1e9f8b06bc47f9745b3d1"; + private readonly string KEY_8 = "f901cfe8a69615a93fdf7a98cad48179"; + private readonly string NONCE_1 = "f46e44bb3da0015c94f70887"; + private readonly string NONCE_2 = "bae8e37fc83441b16034566b"; + private readonly string NONCE_3 = "afc0577e34699b9e671fdd4f"; + private readonly string NONCE_4 = "275d1ab32f6d1f0434d8848c"; + private readonly string NONCE_5 = "9e9ad8780c8d63d0ab4149c0"; + private readonly string NONCE_6 = "ac80e6f61455bfac8308a2d4"; + private readonly string NONCE_7 = "ae06556fb6aa7890bebc18fe"; + private readonly string NONCE_8 = "6245709fb18853f68d833640"; + private readonly string AEAD_2 = "46bb91c3c5"; + private readonly string AEAD_3 = "fc880c94a95198874296"; + private readonly string AEAD_4 = "046787f3ea22c127aaf195d1894728"; + private readonly string AEAD_5 = "c9882e5386fd9f92ec489c8fde2be2cf" + "97e74e93"; + private readonly string AEAD_6 = "2950a70d5a1db2316fd568378da107b5" + "2b0da55210cc1c1b0a"; + private readonly string AEAD_7 = "1860f762ebfbd08284e421702de0de18" + "baa9c9596291b08466f37de21c7f"; + private readonly string AEAD_8 = "7576f7028ec6eb5ea7e298342a94d4b2" + "02b370ef9768ec6561c4fe6b7e7296fa" + + "859c21"; + private readonly string DATA_2 = "7a806c"; + private readonly string DATA_3 = "bdc66f146545"; + private readonly string DATA_4 = "1177441f195495860f"; + private readonly string DATA_5 = "9f572c614b4745914474e7c7"; + private readonly string DATA_6 = "0d8c8451178082355c9e940fea2f58"; + private readonly string DATA_7 = "6b3db4da3d57aa94842b9803a96e07fb" + "6de7"; + private readonly string DATA_8 = "e42a3c02c25b64869e146d7b233987bd" + "dfc240871d"; + private readonly string EXPECTED_1 = "a4194b79071b01a87d65f706e3949578"; + private readonly string EXPECTED_2 = "af60eb711bd85bc1e4d3e0a462e074ee" + "a428a8"; + private readonly string EXPECTED_3 = "bb93a3e34d3cd6a9c45545cfc11f03ad" + "743dba20f966"; + private readonly string EXPECTED_4 = "4f37281f7ad12949d01d02fd0cd174c8" + "4fc5dae2f60f52fd2b"; + private readonly string EXPECTED_5 = "f54673c5ddf710c745641c8bc1dc2f87" + "1fb7561da1286e655e24b7b0"; + private readonly string EXPECTED_6 = "c9ff545e07b88a015f05b274540aa183" + "b3449b9f39552de99dc214a1190b0b"; + private readonly string EXPECTED_7 = "6298b296e24e8cc35dce0bed484b7f30" + "d5803e377094f04709f64d7b985310a4" + + "db84"; + private readonly string EXPECTED_8 = "391cc328d484a4f46406181bcd62efd9" + "b3ee197d052d15506c84a9edd65e13e9" + + "d24a2a6e70"; + + /** + * Test cipher. + * @param pTest the test engine + */ + internal void TestTheCipher(GcmSivTest pTest) + { + pTest.TestSivCipher(new GcmSivBlockCipher(), KEY_1, NONCE_1, EMPTY, EMPTY, EXPECTED_1); + pTest.TestSivCipher(new GcmSivBlockCipher(), KEY_2, NONCE_2, AEAD_2, DATA_2, EXPECTED_2); + pTest.TestSivCipher(new GcmSivBlockCipher(), KEY_3, NONCE_3, AEAD_3, DATA_3, EXPECTED_3); + pTest.TestSivCipher(new GcmSivBlockCipher(), KEY_4, NONCE_4, AEAD_4, DATA_4, EXPECTED_4); + pTest.TestSivCipher(new GcmSivBlockCipher(), KEY_5, NONCE_5, AEAD_5, DATA_5, EXPECTED_5); + pTest.TestSivCipher(new GcmSivBlockCipher(), KEY_6, NONCE_6, AEAD_6, DATA_6, EXPECTED_6); + pTest.TestSivCipher(new GcmSivBlockCipher(), KEY_7, NONCE_7, AEAD_7, DATA_7, EXPECTED_7); + pTest.TestSivCipher(new GcmSivBlockCipher(), KEY_8, NONCE_8, AEAD_8, DATA_8, EXPECTED_8); + } + } + + /** + * AES-GCM-SIV-256 Set 1. + */ + private class AesGcmSiv256Test1 + { + private readonly string EMPTY = ""; + private readonly string KEY_1 = "01000000000000000000000000000000" + "00000000000000000000000000000000"; + private readonly string NONCE_1 = "030000000000000000000000"; + private readonly string DATA_8 = "0100000000000000"; + private readonly string DATA_12 = "010000000000000000000000"; + private readonly string DATA_16 = "01000000000000000000000000000000"; + private readonly string DATA_32 = "01000000000000000000000000000000" + "02000000000000000000000000000000"; + private readonly string DATA_48 = "01000000000000000000000000000000" + "02000000000000000000000000000000" + + "03000000000000000000000000000000"; + private readonly string DATA_64 = "01000000000000000000000000000000" + "02000000000000000000000000000000" + + "03000000000000000000000000000000" + "04000000000000000000000000000000"; + private readonly string EXPECTED_1 = "07f5f4169bbf55a8400cd47ea6fd400f"; + private readonly string EXPECTED_2 = "c2ef328e5c71c83b843122130f7364b7" + "61e0b97427e3df28"; + private readonly string EXPECTED_3 = "9aab2aeb3faa0a34aea8e2b18ca50da9" + "ae6559e48fd10f6e5c9ca17e"; + private readonly string EXPECTED_4 = "85a01b63025ba19b7fd3ddfc033b3e76" + "c9eac6fa700942702e90862383c6c366"; + private readonly string EXPECTED_5 = "4a6a9db4c8c6549201b9edb53006cba8" + "21ec9cf850948a7c86c68ac7539d027f" + + "e819e63abcd020b006a976397632eb5d"; + private readonly string EXPECTED_6 = "c00d121893a9fa603f48ccc1ca3c57ce" + "7499245ea0046db16c53c7c66fe717e3" + + "9cf6c748837b61f6ee3adcee17534ed5" + "790bc96880a99ba804bd12c0e6a22cc4"; + private readonly string EXPECTED_7 = "c2d5160a1f8683834910acdafc41fbb1" + "632d4a353e8b905ec9a5499ac34f96c7" + + "e1049eb080883891a4db8caaa1f99dd0" + "04d80487540735234e3744512c6f90ce" + + "112864c269fc0d9d88c61fa47e39aa08"; + + /** + * Test cipher. + * @param pTest the test engine + */ + internal void TestTheCipher(GcmSivTest pTest) + { + pTest.TestSivCipher(new GcmSivBlockCipher(), KEY_1, NONCE_1, EMPTY, EMPTY, EXPECTED_1); + pTest.TestSivCipher(new GcmSivBlockCipher(), KEY_1, NONCE_1, EMPTY, DATA_8, EXPECTED_2); + pTest.TestSivCipher(new GcmSivBlockCipher(), KEY_1, NONCE_1, EMPTY, DATA_12, EXPECTED_3); + pTest.TestSivCipher(new GcmSivBlockCipher(), KEY_1, NONCE_1, EMPTY, DATA_16, EXPECTED_4); + pTest.TestSivCipher(new GcmSivBlockCipher(), KEY_1, NONCE_1, EMPTY, DATA_32, EXPECTED_5); + pTest.TestSivCipher(new GcmSivBlockCipher(), KEY_1, NONCE_1, EMPTY, DATA_48, EXPECTED_6); + pTest.TestSivCipher(new GcmSivBlockCipher(), KEY_1, NONCE_1, EMPTY, DATA_64, EXPECTED_7); + } + } + + /** + * AES-GCM-SIV-256 Set 2. + */ + private class AesGcmSiv256Test2 + { + private readonly string KEY_1 = "01000000000000000000000000000000" + "00000000000000000000000000000000"; + private readonly string NONCE_1 = "030000000000000000000000"; + private readonly string AEAD_1 = "01"; + private readonly string AEAD_12 = "010000000000000000000000"; + private readonly string AEAD_18 = "01000000000000000000000000000000" + "0200"; + private readonly string AEAD_20 = "01000000000000000000000000000000" + "02000000"; + private readonly string DATA_4 = "02000000"; + private readonly string DATA_8 = "0200000000000000"; + private readonly string DATA_12 = "020000000000000000000000"; + private readonly string DATA_16 = "02000000000000000000000000000000"; + private readonly string DATA_18 = "03000000000000000000000000000000" + "0400"; + private readonly string DATA_20 = "03000000000000000000000000000000" + "04000000"; + private readonly string DATA_32 = "02000000000000000000000000000000" + "03000000000000000000000000000000"; + private readonly string DATA_48 = "02000000000000000000000000000000" + "03000000000000000000000000000000" + + "04000000000000000000000000000000"; + private readonly string DATA_64 = "02000000000000000000000000000000" + "03000000000000000000000000000000" + + "04000000000000000000000000000000" + "05000000000000000000000000000000"; + private readonly string EXPECTED_1 = "1de22967237a813291213f267e3b452f" + "02d01ae33e4ec854"; + private readonly string EXPECTED_2 = "163d6f9cc1b346cd453a2e4cc1a4a19a" + "e800941ccdc57cc8413c277f"; + private readonly string EXPECTED_3 = "c91545823cc24f17dbb0e9e807d5ec17" + "b292d28ff61189e8e49f3875ef91aff7"; + private readonly string EXPECTED_4 = "07dad364bfc2b9da89116d7bef6daaaf" + "6f255510aa654f920ac81b94e8bad365" + + "aea1bad12702e1965604374aab96dbbc"; + private readonly string EXPECTED_5 = "c67a1f0f567a5198aa1fcc8e3f213143" + "36f7f51ca8b1af61feac35a86416fa47" + + "fbca3b5f749cdf564527f2314f42fe25" + "03332742b228c647173616cfd44c54eb"; + private readonly string EXPECTED_6 = "67fd45e126bfb9a79930c43aad2d3696" + "7d3f0e4d217c1e551f59727870beefc9" + + "8cb933a8fce9de887b1e40799988db1f" + "c3f91880ed405b2dd298318858467c89" + + "5bde0285037c5de81e5b570a049b62a0"; + private readonly string EXPECTED_7 = "22b3f4cd1835e517741dfddccfa07fa4" + "661b74cf"; + private readonly string EXPECTED_8 = "43dd0163cdb48f9fe3212bf61b201976" + "067f342bb879ad976d8242acc188ab59" + + "cabfe307"; + private readonly string EXPECTED_9 = "462401724b5ce6588d5a54aae5375513" + "a075cfcdf5042112aa29685c912fc205" + + "6543"; + + /** + * Test cipher. + * @param pTest the test engine + */ + internal void TestTheCipher(GcmSivTest pTest) + { + pTest.TestSivCipher(new GcmSivBlockCipher(), KEY_1, NONCE_1, AEAD_1, DATA_8, EXPECTED_1); + pTest.TestSivCipher(new GcmSivBlockCipher(), KEY_1, NONCE_1, AEAD_1, DATA_12, EXPECTED_2); + pTest.TestSivCipher(new GcmSivBlockCipher(), KEY_1, NONCE_1, AEAD_1, DATA_16, EXPECTED_3); + pTest.TestSivCipher(new GcmSivBlockCipher(), KEY_1, NONCE_1, AEAD_1, DATA_32, EXPECTED_4); + pTest.TestSivCipher(new GcmSivBlockCipher(), KEY_1, NONCE_1, AEAD_1, DATA_48, EXPECTED_5); + pTest.TestSivCipher(new GcmSivBlockCipher(), KEY_1, NONCE_1, AEAD_1, DATA_64, EXPECTED_6); + pTest.TestSivCipher(new GcmSivBlockCipher(), KEY_1, NONCE_1, AEAD_12, DATA_4, EXPECTED_7); + pTest.TestSivCipher(new GcmSivBlockCipher(), KEY_1, NONCE_1, AEAD_18, DATA_20, EXPECTED_8); + pTest.TestSivCipher(new GcmSivBlockCipher(), KEY_1, NONCE_1, AEAD_20, DATA_18, EXPECTED_9); + } + } + + /** + * AES-GCM-SIV-256 Set 3. + */ + private class AesGcmSiv256Test3 + { + private readonly string EMPTY = ""; + private readonly string KEY_1 = "e66021d5eb8e4f4066d4adb9c33560e4" + "f46e44bb3da0015c94f7088736864200"; + private readonly string KEY_2 = "bae8e37fc83441b16034566b7a806c46" + "bb91c3c5aedb64a6c590bc84d1a5e269"; + private readonly string KEY_3 = "6545fc880c94a95198874296d5cc1fd1" + "61320b6920ce07787f86743b275d1ab3"; + private readonly string KEY_4 = "d1894728b3fed1473c528b8426a58299" + "5929a1499e9ad8780c8d63d0ab4149c0"; + private readonly string KEY_5 = "a44102952ef94b02b805249bac80e6f6" + "1455bfac8308a2d40d8c845117808235"; + private readonly string KEY_6 = "9745b3d1ae06556fb6aa7890bebc18fe" + "6b3db4da3d57aa94842b9803a96e07fb"; + private readonly string KEY_7 = "b18853f68d833640e42a3c02c25b6486" + "9e146d7b233987bddfc240871d7576f7"; + private readonly string KEY_8 = "3c535de192eaed3822a2fbbe2ca9dfc8" + "8255e14a661b8aa82cc54236093bbc23"; + private readonly string NONCE_1 = "e0eaf5284d884a0e77d31646"; + private readonly string NONCE_2 = "e4b47801afc0577e34699b9e"; + private readonly string NONCE_3 = "2f6d1f0434d8848c1177441f"; + private readonly string NONCE_4 = "9f572c614b4745914474e7c7"; + private readonly string NONCE_5 = "5c9e940fea2f582950a70d5a"; + private readonly string NONCE_6 = "6de71860f762ebfbd08284e4"; + private readonly string NONCE_7 = "028ec6eb5ea7e298342a94d4"; + private readonly string NONCE_8 = "688089e55540db1872504e1c"; + private readonly string AEAD_2 = "4fbdc66f14"; + private readonly string AEAD_3 = "6787f3ea22c127aaf195"; + private readonly string AEAD_4 = "489c8fde2be2cf97e74e932d4ed87d"; + private readonly string AEAD_5 = "0da55210cc1c1b0abde3b2f204d1e9f8" + "b06bc47f"; + private readonly string AEAD_6 = "f37de21c7ff901cfe8a69615a93fdf7a" + "98cad481796245709f"; + private readonly string AEAD_7 = "9c2159058b1f0fe91433a5bdc20e214e" + "ab7fecef4454a10ef0657df21ac7"; + private readonly string AEAD_8 = "734320ccc9d9bbbb19cb81b2af4ecbc3" + "e72834321f7aa0f70b7282b4f33df23f" + + "167541"; + private readonly string DATA_2 = "671fdd"; + private readonly string DATA_3 = "195495860f04"; + private readonly string DATA_4 = "c9882e5386fd9f92ec"; + private readonly string DATA_5 = "1db2316fd568378da107b52b"; + private readonly string DATA_6 = "21702de0de18baa9c9596291b08466"; + private readonly string DATA_7 = "b202b370ef9768ec6561c4fe6b7e7296" + "fa85"; + private readonly string DATA_8 = "ced532ce4159b035277d4dfbb7db6296" + "8b13cd4eec"; + private readonly string EXPECTED_1 = "169fbb2fbf389a995f6390af22228a62"; + private readonly string EXPECTED_2 = "0eaccb93da9bb81333aee0c785b240d3" + "19719d"; + private readonly string EXPECTED_3 = "a254dad4f3f96b62b84dc40c84636a5e" + "c12020ec8c2c"; + private readonly string EXPECTED_4 = "0df9e308678244c44bc0fd3dc6628dfe" + "55ebb0b9fb2295c8c2"; + private readonly string EXPECTED_5 = "8dbeb9f7255bf5769dd56692404099c2" + "587f64979f21826706d497d5"; + private readonly string EXPECTED_6 = "793576dfa5c0f88729a7ed3c2f1bffb3" + "080d28f6ebb5d3648ce97bd5ba67fd"; + private readonly string EXPECTED_7 = "857e16a64915a787637687db4a951963" + "5cdd454fc2a154fea91f8363a39fec7d" + + "0a49"; + private readonly string EXPECTED_8 = "626660c26ea6612fb17ad91e8e767639" + "edd6c9faee9d6c7029675b89eaf4ba1d" + + "ed1a286594"; + + /** + * Test cipher. + * @param pTest the test engine + */ + internal void TestTheCipher(GcmSivTest pTest) + { + pTest.TestSivCipher(new GcmSivBlockCipher(), KEY_1, NONCE_1, EMPTY, EMPTY, EXPECTED_1); + pTest.TestSivCipher(new GcmSivBlockCipher(), KEY_2, NONCE_2, AEAD_2, DATA_2, EXPECTED_2); + pTest.TestSivCipher(new GcmSivBlockCipher(), KEY_3, NONCE_3, AEAD_3, DATA_3, EXPECTED_3); + pTest.TestSivCipher(new GcmSivBlockCipher(), KEY_4, NONCE_4, AEAD_4, DATA_4, EXPECTED_4); + pTest.TestSivCipher(new GcmSivBlockCipher(), KEY_5, NONCE_5, AEAD_5, DATA_5, EXPECTED_5); + pTest.TestSivCipher(new GcmSivBlockCipher(), KEY_6, NONCE_6, AEAD_6, DATA_6, EXPECTED_6); + pTest.TestSivCipher(new GcmSivBlockCipher(), KEY_7, NONCE_7, AEAD_7, DATA_7, EXPECTED_7); + pTest.TestSivCipher(new GcmSivBlockCipher(), KEY_8, NONCE_8, AEAD_8, DATA_8, EXPECTED_8); + } + } + + /** + * AES-GCM-SIV-256 Set 4. + */ + private class AesGcmSiv256Test4 + { + private readonly string EMPTY = ""; + private readonly string KEY_1 = "00000000000000000000000000000000" + "00000000000000000000000000000000"; + private readonly string NONCE_1 = "000000000000000000000000"; + private readonly string DATA_1 = "00000000000000000000000000000000" + "4db923dc793ee6497c76dcc03a98e108"; + private readonly string DATA_2 = "eb3640277c7ffd1303c7a542d02d3e4c" + "0000000000000000"; + private readonly string EXPECTED_1 = "f3f80f2cf0cb2dd9c5984fcda908456c" + "c537703b5ba70324a6793a7bf218d3ea" + + "ffffffff000000000000000000000000"; + private readonly string EXPECTED_2 = "18ce4f0b8cb4d0cac65fea8f79257b20" + "888e53e72299e56dffffffff00000000" + + "0000000000000000"; + + /** + * Test cipher. + * @param pTest the test engine + */ + internal void TestTheCipher(GcmSivTest pTest) + { + pTest.TestSivCipher(new GcmSivBlockCipher(), KEY_1, NONCE_1, EMPTY, DATA_1, EXPECTED_1); + pTest.TestSivCipher(new GcmSivBlockCipher(), KEY_1, NONCE_1, EMPTY, DATA_2, EXPECTED_2); + } + } + + public static void Main(string[] args) + { + RunTest(new GcmSivTest()); + } + + [Test] + public void TestFunction() + { + string resultText = Perform().ToString(); + + Assert.AreEqual(Name + ": Okay", resultText); + } + } +} diff --git a/BouncyCastle/crypto/test/src/crypto/test/HCFamilyTest.cs b/BouncyCastle/crypto/test/src/crypto/test/HCFamilyTest.cs new file mode 100644 index 0000000..0904bc9 --- /dev/null +++ b/BouncyCastle/crypto/test/src/crypto/test/HCFamilyTest.cs @@ -0,0 +1,192 @@ +using System; + +using Org.BouncyCastle.Crypto.Engines; +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Utilities.Encoders; +using Org.BouncyCastle.Utilities.Test; + +namespace Org.BouncyCastle.Crypto.Tests +{ + /** + * HC-128 and HC-256 Tests. Based on the test vectors in the official reference + * papers, respectively: + * 
    +	 * http://www.ecrypt.eu.org/stream/p3ciphers/hc/hc128_p3.pdf
+	 * http://www.ecrypt.eu.org/stream/p3ciphers/hc/hc256_p3.pdf
+	 *
    + * See HCFamilyVecTest for a more exhaustive test based on the ecrypt vectors. + */ + public class HCFamilyTest + : SimpleTest + { + private static readonly byte[] MSG = new byte[64]; + + private static readonly string[][] HC128_VerifiedTest = new string[][] + { + new string[]{ + "Set 2, vector# 0", + "00000000000000000000000000000000", + "00000000000000000000000000000000", + "82001573A003FD3B7FD72FFB0EAF63AA" + + "C62F12DEB629DCA72785A66268EC758B" + + "1EDB36900560898178E0AD009ABF1F49" + + "1330DC1C246E3D6CB264F6900271D59C" + }, + new string[]{ + "Set 6, vector# 0", + "0053A6F94C9FF24598EB3E91E4378ADD", + "0D74DB42A91077DE45AC137AE148AF16", + "2E1ED12A8551C05AF41FF39D8F9DF933" + + "122B5235D48FC2A6F20037E69BDBBCE8" + + "05782EFC16C455A4B3FF06142317535E" + + "F876104C32445138CB26EBC2F88A684C" + }, + new string[]{ + "Set 6, vector# 1", + "0558ABFE51A4F74A9DF04396E93C8FE2", + "167DE44BB21980E74EB51C83EA51B81F", + "4F864BF3C96D0363B1903F0739189138" + + "F6ED2BC0AF583FEEA0CEA66BA7E06E63" + + "FB28BF8B3CA0031D24ABB511C57DD17B" + + "FC2861C32400072CB680DF2E58A5CECC" + }, + new string[]{ + "Set 6, vector# 2", + "0A5DB00356A9FC4FA2F5489BEE4194E7", + "1F86ED54BB2289F057BE258CF35AC128", + "82168AB0023B79AAF1E6B4D823855E14" + + "A7084378036A951B1CFEF35173875ED8" + + "6CB66AB8410491A08582BE40080C3102" + + "193BA567F9E95D096C3CC60927DD7901" + }, + new string[]{ + "Set 6, vector# 3", + "0F62B5085BAE0154A7FA4DA0F34699EC", + "288FF65DC42B92F960C72E95FC63CA31", + "1CD8AEDDFE52E217E835D0B7E84E2922" + + "D04B1ADBCA53C4522B1AA604C42856A9" + + "0AF83E2614BCE65C0AECABDD8975B557" + + "00D6A26D52FFF0888DA38F1DE20B77B7" + } + }; + + private static readonly string[][] HC256_VerifiedTest = new string[][] + { + new string[]{ + "Set 2, vector# 0", + "00000000000000000000000000000000", + "00000000000000000000000000000000", + "5B078985D8F6F30D42C5C02FA6B67951" + + "53F06534801F89F24E74248B720B4818" + + "CD9227ECEBCF4DBF8DBF6977E4AE14FA" + + "E8504C7BC8A9F3EA6C0106F5327E6981" + }, + new string[]{ + "Set 2, vector# 9", + "09090909090909090909090909090909", + "00000000000000000000000000000000", + "F5C2926651AEED9AF1A9C2F04C03D081" + + "2145B56AEA46EB283A25A4C9E3D8BEB4" + + "821B418F06F2B9DCDF1A85AB8C02CD14" + + "62E1BBCAEC9AB0E99AA6AFF918BA627C" + }, + new string[]{ + "Set 2, vector#135", + "87878787878787878787878787878787", + "00000000000000000000000000000000", + "CEC0C3852E3B98233EBCB975C10B1191" + + "3C69F2275EB97A1402EDF16C6FBE19BE" + + "79D65360445BCB63676E6553B609A065" + + "0155C3B22DD1975AC0F3F65063A2E16E" + }, + new string[]{ + "Set 6, vector# 0", + "0053A6F94C9FF24598EB3E91E4378ADD" + + "3083D6297CCF2275C81B6EC11467BA0D", + "0D74DB42A91077DE45AC137AE148AF16" + + "7DE44BB21980E74EB51C83EA51B81F86", + "23D9E70A45EB0127884D66D9F6F23C01" + + "D1F88AFD629270127247256C1FFF91E9" + + "1A797BD98ADD23AE15BEE6EEA3CEFDBF" + + "A3ED6D22D9C4F459DB10C40CDF4F4DFF" + }, + new string[]{ + "Set 6, vector# 1", + "0558ABFE51A4F74A9DF04396E93C8FE2" + + "3588DB2E81D4277ACD2073C6196CBF12", + "167DE44BB21980E74EB51C83EA51B81F" + + "86ED54BB2289F057BE258CF35AC1288F", + "C44B5262F2EAD9C018213127686DB742" + + "A72D3F2D61D18F0F4E7DE5B4F7ADABE0" + + "7E0C82033B139F02BAACB4E2F2D0BE30" + + "110C3A8A2B621523756692877C905DD0" + }, + new string[]{ + "Set 6, vector# 2", + "0A5DB00356A9FC4FA2F5489BEE4194E7" + + "3A8DE03386D92C7FD22578CB1E71C417", + "1F86ED54BB2289F057BE258CF35AC128" + + "8FF65DC42B92F960C72E95FC63CA3198", + "9D13AA06122F4F03AE60D507701F1ED0" + + "63D7530FF35EE76CAEDCBFB01D8A239E" + + "FA4A44B272DE9B4092E2AD56E87C3A60" + + "89F5A074D1F6E5B8FC6FABEE0C936F06" + }, + new string[]{ + "Set 6, vector# 3", + "0F62B5085BAE0154A7FA4DA0F34699EC" + + "3F92E5388BDE3184D72A7DD02376C91C", + "288FF65DC42B92F960C72E95FC63CA31" + + "98FF66CD349B0269D0379E056CD33AA1", + "C8632038DA61679C4685288B37D3E232" + + "7BC2D28C266B041FE0CA0D3CFEED8FD5" + + "753259BAB757168F85EA96ADABD823CA" + + "4684E918423E091565713FEDDE2CCFE0" + } + }; + + public override string Name + { + get { return "HC-128 and HC-256"; } + } + + public override void PerformTest() + { + IStreamCipher hc = new HC256Engine(); + + for (int i = 0; i != HC256_VerifiedTest.Length; i++) + { + string[] test = HC256_VerifiedTest[i]; + HCTest(hc, "HC-256 - " + test[0], Hex.Decode(test[1]), Hex.Decode(test[2]), Hex.Decode(test[3])); + } + + hc = new HC128Engine(); + + for (int i = 0; i != HC128_VerifiedTest.Length; i++) + { + string[] test = HC128_VerifiedTest[i]; + HCTest(hc, "HC-128 - " + test[0], Hex.Decode(test[1]), Hex.Decode(test[2]), Hex.Decode(test[3])); + } + } + + private void HCTest(IStreamCipher hc, string test, byte[] key, byte[] IV, byte[] expected) + { + KeyParameter kp = new KeyParameter(key); + ParametersWithIV ivp = new ParametersWithIV(kp, IV); + + hc.Init(true, ivp); + for (int i = 0; i < 64; i++) + { + if (hc.ReturnByte(MSG[i]) != expected[i]) + { + Fail(test + " failure at byte " + i); + } + } + } + + public static void Main(string[] args) + { + RunTest(new HCFamilyTest()); + } + } +} diff --git a/BouncyCastle/crypto/test/src/crypto/test/HCFamilyVecTest.cs b/BouncyCastle/crypto/test/src/crypto/test/HCFamilyVecTest.cs new file mode 100644 index 0000000..00b0ee7 --- /dev/null +++ b/BouncyCastle/crypto/test/src/crypto/test/HCFamilyVecTest.cs @@ -0,0 +1,184 @@ +using System; +using System.IO; +using System.Text; + +using NUnit.Framework; + +using Org.BouncyCastle.Crypto.Engines; +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Utilities; +using Org.BouncyCastle.Utilities.Encoders; +using Org.BouncyCastle.Utilities.Test; + +namespace Org.BouncyCastle.Crypto.Tests +{ + /** + * HC-128 and HC-256 Tests. Based on the test vectors in the official reference + * papers, respectively: + * + * http://www.ecrypt.eu.org/stream/p3ciphers/hc/hc128_p3.pdf + * http://www.ecrypt.eu.org/stream/p3ciphers/hc/hc256_p3.pdf + */ + [TestFixture] + public class HCFamilyVecTest + : SimpleTest + { + private class PeekableLineReader + : StreamReader + { + public PeekableLineReader(Stream s) + : base(s) + { + peek = base.ReadLine(); + } + + public string PeekLine() + { + return peek; + } + + public override string ReadLine() + { + string tmp = peek; + peek = base.ReadLine(); + return tmp; + } + + private string peek; + } + + public override string Name + { + get { return "HC-128 and HC-256"; } + } + + public override void PerformTest() + { + RunTests(new HC128Engine(), "hc128/ecrypt_HC-128.txt"); + RunTests(new HC256Engine(), "hc256/ecrypt_HC-256_128K_128IV.txt"); + RunTests(new HC256Engine(), "hc256/ecrypt_HC-256_256K_128IV.txt"); + RunTests(new HC256Engine(), "hc256/ecrypt_HC-256_128K_256IV.txt"); + RunTests(new HC256Engine(), "hc256/ecrypt_HC-256_256K_256IV.txt"); + } + + private void RunTests(IStreamCipher hc, string fileName) + { + Stream resource = SimpleTest.GetTestDataAsStream( + "hc256." + fileName.Replace('/', '.')); + PeekableLineReader r = new PeekableLineReader(resource); + RunAllVectors(hc, fileName, r); + } + + private void RunAllVectors(IStreamCipher hc, string fileName, PeekableLineReader r) + { + for (;;) + { + string line = r.ReadLine(); + if (line == null) + break; + + line = line.Trim(); + + if (line.StartsWith("Set ")) + { + RunVector(hc, fileName, r, line.Replace(":", "")); + } + } + } + + private void RunVector(IStreamCipher hc, string fileName, PeekableLineReader r, string vectorName) + { +// Console.WriteLine(fileName + " => " + vectorName); + string hexKey = ReadBlock(r); + string hexIV = ReadBlock(r); + + ICipherParameters cp = new KeyParameter(Hex.Decode(hexKey)); + cp = new ParametersWithIV(cp, Hex.Decode(hexIV)); + hc.Init(true, cp); + + byte[] input = new byte[64]; + byte[] output = new byte[64]; + byte[] digest = new byte[64]; + int pos = 0; + + for (;;) + { + string line1 = r.PeekLine().Trim(); + int equalsPos = line1.IndexOf('='); + string lead = line1.Substring(0, equalsPos - 1); + + string hexData = ReadBlock(r); + byte[] data = Hex.Decode(hexData); + + if (lead.Equals("xor-digest")) + { + if (!Arrays.AreEqual(data, digest)) + { + Fail("Failed in " + fileName + " for test vector: " + vectorName + " at " + lead); +// Console.WriteLine(fileName + " => " + vectorName + " failed at " + lead); return; + } + break; + } + + int posA = lead.IndexOf('['); + int posB = lead.IndexOf(".."); + int posC = lead.IndexOf(']'); + int start = Int32.Parse(lead.Substring(posA + 1, posB - (posA + 1))); + int end = Int32.Parse(lead.Substring(posB + 2, posC - (posB + 2))); + + if (start % 64 != 0 || (end - start != 63)) + throw new InvalidOperationException(vectorName + ": " + lead + " not on 64 byte boundaries"); + + while (pos < end) + { + hc.ProcessBytes(input, 0, input.Length, output, 0); + xor(digest, output); + pos += 64; + } + + if (!Arrays.AreEqual(data, output)) + { + Fail("Failed in " + fileName + " for test vector: " + vectorName + " at " + lead); +// Console.WriteLine(fileName + " => " + vectorName + " failed at " + lead); return; + } + } + } + + private static string ReadBlock(PeekableLineReader r) + { + string first = r.ReadLine().Trim(); + string result = first.Substring(first.LastIndexOf(' ') + 1); + + for (;;) + { + string peek = r.PeekLine().Trim(); + if (peek.Length < 1 || peek.IndexOf('=') >= 0) + break; + result += r.ReadLine().Trim(); + } + + return result; + } + + private static void xor(byte[] digest, byte[] block) + { + for (int i = 0; i < digest.Length; ++i) + { + digest[i] ^= block[i]; + } + } + + public static void Main( + string[] args) + { + RunTest(new HCFamilyVecTest()); + } + + [Test] + public void TestFunction() + { + string resultText = Perform().ToString(); + Assert.AreEqual(Name + ": Okay", resultText); + } + } +} diff --git a/BouncyCastle/crypto/test/src/crypto/test/HKDFGeneratorTest.cs b/BouncyCastle/crypto/test/src/crypto/test/HKDFGeneratorTest.cs new file mode 100644 index 0000000..d6e2149 --- /dev/null +++ b/BouncyCastle/crypto/test/src/crypto/test/HKDFGeneratorTest.cs @@ -0,0 +1,310 @@ +using System; + +using NUnit.Framework; + +using Org.BouncyCastle.Crypto.Digests; +using Org.BouncyCastle.Crypto.Generators; +using Org.BouncyCastle.Crypto.Parameters; + +using Org.BouncyCastle.Utilities.Encoders; +using Org.BouncyCastle.Utilities.Test; + +namespace Org.BouncyCastle.Crypto.Tests +{ + /** + * HKDF tests - vectors from RFC 5869, + 2 more, 101 and 102 + */ + [TestFixture] + public class HkdfGeneratorTest + : SimpleTest + { + public HkdfGeneratorTest() + { + } + + private void CompareOkm(int test, byte[] calculatedOkm, byte[] testOkm) + { + if (!AreEqual(calculatedOkm, testOkm)) + { + Fail("HKDF failed generator test " + test); + } + } + + public override void PerformTest() + { + { + // === A.1. Test Case 1 - Basic test case with SHA-256 === + + IDigest hash = new Sha256Digest(); + byte[] ikm = Hex.Decode("0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b"); + byte[] salt = Hex.Decode("000102030405060708090a0b0c"); + byte[] info = Hex.Decode("f0f1f2f3f4f5f6f7f8f9"); + int l = 42; + byte[] okm = new byte[l]; + + HkdfParameters parameters = new HkdfParameters(ikm, salt, info); + + HkdfBytesGenerator hkdf = new HkdfBytesGenerator(hash); + hkdf.Init(parameters); + hkdf.GenerateBytes(okm, 0, l); + + CompareOkm(1, okm, Hex.Decode( + "3cb25f25faacd57a90434f64d0362f2a" + + "2d2d0a90cf1a5a4c5db02d56ecc4c5bf" + + "34007208d5b887185865")); + } + + // === A.2. Test Case 2 - Test with SHA-256 and longer inputs/outputs + // === + { + IDigest hash = new Sha256Digest(); + byte[] ikm = Hex.Decode("000102030405060708090a0b0c0d0e0f" + + "101112131415161718191a1b1c1d1e1f" + + "202122232425262728292a2b2c2d2e2f" + + "303132333435363738393a3b3c3d3e3f" + + "404142434445464748494a4b4c4d4e4f"); + byte[] salt = Hex.Decode("606162636465666768696a6b6c6d6e6f" + + "707172737475767778797a7b7c7d7e7f" + + "808182838485868788898a8b8c8d8e8f" + + "909192939495969798999a9b9c9d9e9f" + + "a0a1a2a3a4a5a6a7a8a9aaabacadaeaf"); + byte[] info = Hex.Decode("b0b1b2b3b4b5b6b7b8b9babbbcbdbebf" + + "c0c1c2c3c4c5c6c7c8c9cacbcccdcecf" + + "d0d1d2d3d4d5d6d7d8d9dadbdcdddedf" + + "e0e1e2e3e4e5e6e7e8e9eaebecedeeef" + + "f0f1f2f3f4f5f6f7f8f9fafbfcfdfeff"); + int l = 82; + byte[] okm = new byte[l]; + + HkdfParameters parameters = new HkdfParameters(ikm, salt, info); + + HkdfBytesGenerator hkdf = new HkdfBytesGenerator(hash); + hkdf.Init(parameters); + hkdf.GenerateBytes(okm, 0, l); + + CompareOkm(2, okm, Hex.Decode( + "b11e398dc80327a1c8e7f78c596a4934" + + "4f012eda2d4efad8a050cc4c19afa97c" + + "59045a99cac7827271cb41c65e590e09" + + "da3275600c2f09b8367793a9aca3db71" + + "cc30c58179ec3e87c14c01d5c1f3434f" + + "1d87")); + } + + { + // === A.3. Test Case 3 - Test with SHA-256 and zero-length + // salt/info === + + // setting salt to an empty byte array means that the salt is set to + // HashLen zero valued bytes + // setting info to null generates an empty byte array as info + // structure + + IDigest hash = new Sha256Digest(); + byte[] ikm = Hex.Decode("0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b"); + byte[] salt = new byte[0]; + byte[] info = null; + int l = 42; + byte[] okm = new byte[l]; + + HkdfParameters parameters = new HkdfParameters(ikm, salt, info); + + HkdfBytesGenerator hkdf = new HkdfBytesGenerator(hash); + hkdf.Init(parameters); + hkdf.GenerateBytes(okm, 0, l); + + CompareOkm(3, okm, Hex.Decode( + "8da4e775a563c18f715f802a063c5a31" + + "b8a11f5c5ee1879ec3454e5f3c738d2d" + + "9d201395faa4b61a96c8")); + } + + { + // === A.4. Test Case 4 - Basic test case with SHA-1 === + + IDigest hash = new Sha1Digest(); + byte[] ikm = Hex.Decode("0b0b0b0b0b0b0b0b0b0b0b"); + byte[] salt = Hex.Decode("000102030405060708090a0b0c"); + byte[] info = Hex.Decode("f0f1f2f3f4f5f6f7f8f9"); + int l = 42; + byte[] okm = new byte[l]; + + HkdfParameters parameters = new HkdfParameters(ikm, salt, info); + + HkdfBytesGenerator hkdf = new HkdfBytesGenerator(hash); + hkdf.Init(parameters); + hkdf.GenerateBytes(okm, 0, l); + + CompareOkm(4, okm, Hex.Decode( + "085a01ea1b10f36933068b56efa5ad81" + + "a4f14b822f5b091568a9cdd4f155fda2" + + "c22e422478d305f3f896")); + } + + // === A.5. Test Case 5 - Test with SHA-1 and longer inputs/outputs === + { + IDigest hash = new Sha1Digest(); + byte[] ikm = Hex.Decode("000102030405060708090a0b0c0d0e0f" + + "101112131415161718191a1b1c1d1e1f" + + "202122232425262728292a2b2c2d2e2f" + + "303132333435363738393a3b3c3d3e3f" + + "404142434445464748494a4b4c4d4e4f"); + byte[] salt = Hex.Decode("606162636465666768696a6b6c6d6e6f" + + "707172737475767778797a7b7c7d7e7f" + + "808182838485868788898a8b8c8d8e8f" + + "909192939495969798999a9b9c9d9e9f" + + "a0a1a2a3a4a5a6a7a8a9aaabacadaeaf"); + byte[] info = Hex.Decode("b0b1b2b3b4b5b6b7b8b9babbbcbdbebf" + + "c0c1c2c3c4c5c6c7c8c9cacbcccdcecf" + + "d0d1d2d3d4d5d6d7d8d9dadbdcdddedf" + + "e0e1e2e3e4e5e6e7e8e9eaebecedeeef" + + "f0f1f2f3f4f5f6f7f8f9fafbfcfdfeff"); + int l = 82; + byte[] okm = new byte[l]; + + HkdfParameters parameters = new HkdfParameters(ikm, salt, info); + + HkdfBytesGenerator hkdf = new HkdfBytesGenerator(hash); + hkdf.Init(parameters); + hkdf.GenerateBytes(okm, 0, l); + + CompareOkm(5, okm, Hex.Decode( + "0bd770a74d1160f7c9f12cd5912a06eb" + + "ff6adcae899d92191fe4305673ba2ffe" + + "8fa3f1a4e5ad79f3f334b3b202b2173c" + + "486ea37ce3d397ed034c7f9dfeb15c5e" + + "927336d0441f4c4300e2cff0d0900b52" + + "d3b4")); + } + + { + // === A.6. Test Case 6 - Test with SHA-1 and zero-length salt/info + // === + + // setting salt to null should generate a new salt of HashLen zero + // valued bytes + + IDigest hash = new Sha1Digest(); + byte[] ikm = Hex.Decode("0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b"); + byte[] salt = null; + byte[] info = new byte[0]; + int l = 42; + byte[] okm = new byte[l]; + + HkdfParameters parameters = new HkdfParameters(ikm, salt, info); + + HkdfBytesGenerator hkdf = new HkdfBytesGenerator(hash); + hkdf.Init(parameters); + hkdf.GenerateBytes(okm, 0, l); + + CompareOkm(6, okm, Hex.Decode( + "0ac1af7002b3d761d1e55298da9d0506" + + "b9ae52057220a306e07b6b87e8df21d0" + + "ea00033de03984d34918")); + } + + { + // === A.7. Test Case 7 - Test with SHA-1, salt not provided, + // zero-length info === + // (salt defaults to HashLen zero octets) + + // this test is identical to test 6 in all ways bar the IKM value + + IDigest hash = new Sha1Digest(); + byte[] ikm = Hex.Decode("0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c"); + byte[] salt = null; + byte[] info = new byte[0]; + int l = 42; + byte[] okm = new byte[l]; + + HkdfParameters parameters = new HkdfParameters(ikm, salt, info); + + HkdfBytesGenerator hkdf = new HkdfBytesGenerator(hash); + hkdf.Init(parameters); + hkdf.GenerateBytes(okm, 0, l); + + CompareOkm(7, okm, Hex.Decode( + "2c91117204d745f3500d636a62f64f0a" + + "b3bae548aa53d423b0d1f27ebba6f5e5" + + "673a081d70cce7acfc48")); + } + + { + // === A.101. Additional Test Case - Test with SHA-1, skipping extract + // zero-length info === + // (salt defaults to HashLen zero octets) + + // this test is identical to test 7 in all ways bar the IKM value + // which is set to the PRK value + + IDigest hash = new Sha1Digest(); + byte[] ikm = Hex.Decode("2adccada18779e7c2077ad2eb19d3f3e731385dd"); + byte[] info = new byte[0]; + int l = 42; + byte[] okm = new byte[l]; + + HkdfParameters parameters = HkdfParameters.SkipExtractParameters(ikm, info); + + HkdfBytesGenerator hkdf = new HkdfBytesGenerator(hash); + hkdf.Init(parameters); + hkdf.GenerateBytes(okm, 0, l); + + CompareOkm(101, okm, Hex.Decode( + "2c91117204d745f3500d636a62f64f0a" + + "b3bae548aa53d423b0d1f27ebba6f5e5" + + "673a081d70cce7acfc48")); + } + + { + // === A.102. Additional Test Case - Test with SHA-1, maximum output === + // (salt defaults to HashLen zero octets) + + // this test is identical to test 7 in all ways bar the IKM value + + IDigest hash = new Sha1Digest(); + byte[] ikm = Hex.Decode("2adccada18779e7c2077ad2eb19d3f3e731385dd"); + byte[] info = new byte[0]; + int l = 255 * hash.GetDigestSize(); + byte[] okm = new byte[l]; + + HkdfParameters parameters = HkdfParameters.SkipExtractParameters(ikm, info); + + HkdfBytesGenerator hkdf = new HkdfBytesGenerator(hash); + hkdf.Init(parameters); + hkdf.GenerateBytes(okm, 0, l); + + int zeros = 0; + for (int i = 0; i < hash.GetDigestSize(); i++) + { + if (okm[i] == 0) + { + zeros++; + } + } + + if (zeros == hash.GetDigestSize()) + { + Fail("HKDF failed generator test " + 102); + } + } + } + + public override string Name + { + get { return "HKDF"; } + } + + public static void Main(string[] args) + { + RunTest(new HkdfGeneratorTest()); + } + + [Test] + public void TestFunction() + { + string resultText = Perform().ToString(); + + Assert.AreEqual(Name + ": Okay", resultText); + } + } +} diff --git a/BouncyCastle/crypto/test/src/crypto/test/IDEATest.cs b/BouncyCastle/crypto/test/src/crypto/test/IDEATest.cs new file mode 100644 index 0000000..fbbd1ae --- /dev/null +++ b/BouncyCastle/crypto/test/src/crypto/test/IDEATest.cs @@ -0,0 +1,53 @@ +using System; + +using NUnit.Framework; + +using Org.BouncyCastle.Crypto.Engines; +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Utilities.Encoders; +using Org.BouncyCastle.Utilities.Test; + +namespace Org.BouncyCastle.Crypto.Tests +{ + [TestFixture] + public class IdeaTest + : CipherTest + { + public override string Name + { + get { return "IDEA"; } + } + + internal static SimpleTest[] tests = new SimpleTest[] + { + new BlockCipherVectorTest(0, new IdeaEngine(), + new KeyParameter(Hex.Decode("00112233445566778899AABBCCDDEEFF")), + "000102030405060708090a0b0c0d0e0f", + "ed732271a7b39f475b4b2b6719f194bf"), + new BlockCipherVectorTest(0, new IdeaEngine(), + new KeyParameter(Hex.Decode("00112233445566778899AABBCCDDEEFF")), + "f0f1f2f3f4f5f6f7f8f9fafbfcfdfeff", + "b8bc6ed5c899265d2bcfad1fc6d4287d") + }; + + public IdeaTest() + : base(tests, new IdeaEngine(), new KeyParameter(new byte[32])) + { + } + + public static void Main( + string[] args) + { + ITest test = new IdeaTest(); + ITestResult result = test.Perform(); + Console.WriteLine(result); + } + + [Test] + public void TestFunction() + { + string resultText = Perform().ToString(); + Assert.AreEqual(Name + ": Okay", resultText); + } + } +} diff --git a/BouncyCastle/crypto/test/src/crypto/test/ISAACTest.cs b/BouncyCastle/crypto/test/src/crypto/test/ISAACTest.cs new file mode 100644 index 0000000..1782bbc --- /dev/null +++ b/BouncyCastle/crypto/test/src/crypto/test/ISAACTest.cs @@ -0,0 +1,196 @@ +using System; + +using NUnit.Framework; + +using Org.BouncyCastle.Crypto.Engines; +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Utilities.Encoders; +using Org.BouncyCastle.Utilities.Test; + +namespace Org.BouncyCastle.Crypto.Tests +{ + /** + * ISAAC Test - see http://www.burtleburtle.net/bob/rand/isaacafa.html + */ + [TestFixture] + public class IsaacTest + : SimpleTest + { + byte[] outBase = Hex.Decode( + "f650e4c8e448e96d98db2fb4f5fad54f433f1afbedec154ad837048746ca4f9a" + + "5de3743e88381097f1d444eb823cedb66a83e1e04a5f6355c744243325890e2e" + + "7452e31957161df638a824f3002ed71329f5544951c08d83d78cb99ea0cc74f3" + + "8f651659cbc8b7c2f5f71c6912ad6419e5792e1b860536b809b3ce98d45d6d81" + + "f3b2612917e38f8529cf72ce349947b0c998f9ffb5e13dae32ae2a2bf7cf814c" + + "8ebfa303cf22e0640b923200eca4d58aef53cec4d0f7b37d9c411a2affdf8a80" + + "b40e27bcb4d2f97644b89b08f37c71d51a70e7e90bdb9c3060dc5207b3c3f24b" + + "d7386806229749b54e232cd091dabc65a70e11018b87437e5781414fcdbc62e2" + + "8107c9ff69d2e4ae3b18e752b143b6886f4e077295138769943c3c74afc17a97" + + "0fd439636a529b0bd8c58a6aa8bcc22d2db35dfea7a2f4026cb167db538e1f4e" + + "7275e2771d3b8e97ecc5dc9115e3a5b90369661430ab93ecac9fe69d7bc76811" + + "60eda8da28833522d5295ebc5adb60e7f7e1cdd097166d14b67ec13a210f3925" + + "64af0fef0d0286843aea3decb058bafbb8b0ccfcf2b5cc05e3a662d9814bc24c" + + "2364a1aa37c0ed052b36505c451e7ec85d2a542fe43d0fbb91c8d92560d4d5f8" + + "12a0594b9e8a51dacd49ebdb1b0dcdc1cd57c7f7e63444517ded386f2f36fa86" + + "a6d1210133bc405db388d96cdb6dbe96fe29661c13edc0cbcb0eee4a70cc94ae" + + "de11ed340606cf9f3a6ce38923d74f4ea37f63ff917bdec2d73f72d40e7e0e67" + + "3d77d9a213add9228891b3db01a9bd7056a001e3d51f093dcc033ce35ad0d3b0" + + "34105a8c6a123f57bd2e50247364944be89b1a3b21835c4d9f39e2d9d405ded8" + + "294d37e5bccaaeed35a124b56708a2bcb00960ba2a98121a4d8fae820bb3263f" + + "12595a196a1075890809e49421c171ec884d682514c8009bb0b84e7b03fb88f4" + + "28e7cb789388b13bdd2dc1d5848f520a07c28cd168a3935872c9137d127dd430" + + "c613f1578c2f0d55f7d3f39f309bfb788406b13746c0a6f53718d59708607f04" + + "76904b6d04db4e13cd7411a7b510ce0ebfc7f7ccb83f957afdfef62dc35e4580" + + "3ff1e5244112d96c02c9b944d5990dfbe7e265810d9c7e7e826dfa8966f1e0ab" + + "30bcc764eadebeaced35e5ee0c571a7de4f3a26af7f58f7badf6bc235d023e65" + + "1ed3ff4eec46b0b6d2a93b51e75b41c97e315aeb61119a5a53245b7933f6d7b1" + + "cae8deba50fc8194afa92a6dc87c80064188bfcd8bace62e78ffa5685597ec0f" + + "b4415f7d08294766ad56764309c36f903dde9f394a0a283c18080c8e080c79ec" + + "79ae4c10cb9e15637cdd662f62d31911a4ca0cf15cf824cd3b708f991e16614c" + + "b6b9d7665de87abb7229ea81d5b2d75056e6cd21fe1e42d596da2655c2b9aa36" + + "b8f6fd4a6a158d1001913fd3af7d1fb80b5e435f90c107576554abda7a68710f" + + "82ac484fd7e1c7be95c85eaa94a302f44d3cfbda786b29081010b27582d53d12" + + "21e2a51c3d1e9150b059261dd0638e1a31860f0581f2864dff4cfc350451516d" + + "bd086f26bc5654c165dfa427a82427f5582e3014b8d2486dc79a17499a1d7745" + + "8766bb541e04a7f73d3dff8ad5ec6bf4dbef7d9f36ec0ea31feb2e4f15cfcc5c" + + "d8c423fbd0ef3cc9eb244925ba5590c8a5f48ac433c5321c613b67b2479c3a22" + + "e21339cc10d210aa931dd7e2ef05ee06b82f2703a385cb2c5d67133c877eb7b4" + + "1e3437f75afb43ae53c078f394d904811d96458908063a85e13222281956b1e5" + + "31860f132e7b022f21182ca396f703ac46819e2e0d28fe523724d4dca0eabe6b" + + "c66699fdc6112fdd19c1e69c04d3658a4b55dd9931907d62f854b5224d678f26" + + "22ae0582eafed133e4a51d2184bd6dd6c1a513753f28ee63fb737b1a70a1660e" + + "8a8dfaa31be79937f7476978513c1764531ac6bf12c06908001cdb951a4b6a53" + + "d067fce512b2cfb69ddb477f740e006639ddf25acc8bfa2df1b20eaf64f2632c" + + "9783cdee63bfd4d80084cfe575f4e9e219b48fd06c48ddd87a36af9371865c4c" + + "9ce0199d867027d72cb7b77f84ef01da72f5972f040f7074df9afa29c921f94e" + + "75c08a3618c1ef9ad649a428c5b719378a30738ad97cd348858129a6239e3b0a" + + "bbb8abc480fac4c2ecfcf20bd9d711f9e2a4ef71b5fe87c0be8b06b2aafef5a7" + + "9c15db3b0aeb81654389a84a253b1d7a19047c797cdc78a2d20adf0356f55a71" + + "3e730fa8fd8650d8959e234eb7546681dad1b22a142a6e858ef4bce668235b9d" + + "85a13f8574096ae7a949bea229322d0dd568385882846526403dae086dd1943a" + + "e1279bff9e7e4f041c3a4524484525e481d4cc5fe24124c0037464c0bf1bd691" + + "26ceb003275ead3ac5bde90826414ff3a30519add7b43abe2ce5d3d588412761" + + "97ca2070e5fbb9c7276df0b4308f751f37a97df6c9cd808cfe4cb3803d469303" + + "aee19096c0d5d42a4e823ad3f5f9cc3b4286619c9ca45e1c66c97340891aec49" + + "45bae606c798f04752649d6cce86fdfc80c6e402d6ec2f2b27c822821fe26ce0" + + "92f57ea7de462f4d07497cae5a48755c721502dd6cbe7935836d80039ead7f70" + + "9ab3a42f4c8652d632e39273e8fa38601da4f25a0cd6ef8102503f7d8854a0a1" + + "9a30c4e88815715305efe29457c4c9252887d96fc1a71e3ce9f841632d0985de" + + "d21e796c6fb5ce5602614abfc3c7be2cb54fed6fa617a083c3142d8f6079e4ce" + + "ceffc1471d0cb81bdc153e5fe36ef5bbd531161a165b10157aa114ed3f7579b3" + + "f7f395f1bc6172c7a86f875e0e6c51b3cdfec2af73c0e762824c2009c5a87748" + + "94d401258aba3ffbd32be0608c17eff021e2547e07cffad905340e15f3310c92" + + "9d8d190886ba527ff943f672ef73fbf046d95ca5c54cd95b9d855e894bb5af29"); + + byte[] outFFFFFFFF = Hex.Decode( + "de3b3f3c19e0629c1fc8b7836695d523e7804edd86ff7ce9b106f52caebae9d9" + + "72f845d49ce17d7da44e49bae954aac0d0b1284b98a88eec1524fb6bc91a16b5" + + "1192ac5334131446ac2442de9ff3d5867b9b9148881ee30a6e87dd88e5d1f7cd" + + "98db31ff36f70d9850cfefaef42abb00ecc39ed308bf4b8030cdc2b6b7e42f0e" + + "908030dd282f96edacc888b3a986e109c129998f89baa1b5da8970b07a6ab012" + + "f10264f23c315c9c8e0c164955c68517b6a4f982b2626db70787f869ac6d551b" + + "e34931627c7058e965c502e18d2cd370e6db3b70d947d61aa9717cf8394f48c6" + + "3c796f3a154950846badb28b70d982f29bc670254e3e5e0f8e36b0a5f6da0a04" + + "6b235ed6a42988c012bde74d879fa8eb5d59f5f40ed5e76601c9847b3edb2690"); + + byte[] outFFFF0000 = Hex.Decode( + "26c54b1f8c4e3fc582e9e8180f7aba5380463dcf58b03cbeda0ecc8ba90ccff8" + + "5bd50896313d7efed44015faeac6964b241a7fb8a2e37127a7cbea0fd7c020f2" + + "406371b87ef5185089504751e5e44352eff63e00e5c28f5dff0616a9a3a00f1f" + + "4a1350e3a17be9abddfc2c94571450a0dc4c3c0c7c7f98e80c95f607d50c676a" + + "9a3006f9d279a79a4d66b2ab0c52930c9ee84bc09895e70fa041b1a3a2966f11" + + "6a47fd09705124b1f5c7ae055e54536e66584b1608f3612d81b72f109a385831" + + "121945b207b90ac72437a248f27a121c2801f4153a8699fb047e193f7ba69e1b" + + "b117869675d4c963e6070c2ca3d332ce830cb5e3d9ed2eee7faf0acc20fbe154" + + "188ae789e95bd5c1f459dbd150aab6eb833170257084bc5d44e9df09f5624f9d" + + "afecd0c9340ac8587f8625d343f7efd1cc8abcf7a6f90eabd4e8e2d906278d6e" + + "431fcade165c8c467887fbf5c26d341557b064b98c60dd40ab262dc046d69647" + + "56f3ddc1a07ae5f87be878b9334fcde40add68d2ca1dc05fb1670f998c7c4607" + + "9a6e48bdb330ad8d30b61b5cc8dc156f5733905931949783f89ac396b65aa4b8" + + "51f746b53ed8ea66130e1d75e8eab136e60450e3e600226bc8e17d03744ce94c" + + "0eec9234fea5f18eef65d81f2f10cfbc0b112b8cde17c32eb33ed81d7356eac3" + + "eb1cb9cefa6604c2d707949b6e5a83e60705bf6aae76dcc7d35d68ff149c1ac5" + + "424bb4a39e2f496f886637fce3db4ba4ad12c1a32d25e1606f6635ff636486f6" + + "714997b45477f38813c02afce4bebf196b813332f0decd567c745f441e736364"); + + byte[] out0000FFFF = Hex.Decode( + "bc31712f2a2f467a5abc737c57ce0f8d49d2f775eb850fc8f856daf19310fee2"+ + "5bab40e78403c9ef4ccd971418992faf4e85ca643fa6b482f30c4659066158a6"+ + "5bc3e620ba7ea5c34dd0eac5aabb2cf078d915fd1f8c437ed00423076c10f701"+ + "eefa7fc7c461aca5db8a87be29d925c4212d4adcfa71ff5b06af15c048aa0dfd"+ + "f0e645bc09fea200c430a88eb38c466ff358b836f1159656a078f6fc752f6db1"+ + "6680bb30fc771a6a785bbb2298e947d7b3500e557775962248bedf4e82c16e66"+ + "f39283ccb95e5399061056a11c4a280f00f7487888199487905273c7aa13012b"+ + "4849eca626cbf071c782e084f9fded57de92313e5f61a6e81117fb1115eff275"+ + "66fd5c755bb3b01bba69aeb8f1b1b1cc9709734be31b35bc707d372ba6fe70d1"+ + "e2c3b0e5e74a7058faff6b11d3a168f19fecc9fcb36b3e6a5f828c01c22ac0c2"+ + "5da2a3a9eec7e0ebbbf51472e430ed4cf1c7ab57ef9aea511e40250846d260b6"+ + "17a3fdeba16cf4afaf700144d3296b58b22a3c79ed96f3e2fc8d9e3c660ae153"+ + "8e0c285ccdc48b59117e80413bd0ad24c6a8d4f133fe1496f14351bb89904fa5"+ + "e10c4b8d50e0604578389c336a9ab3d292beb90ce640fc028e697cf54e021e2f"+ + "c0ca3fe0471fde5e5462f221739a74f5a13ae0621fe2a82e752bc294f63de48d"+ + "e85430af71307a30441b861ab5380e6a6dbe1251c9baa567da14e38e5a0ccddf"+ + "0127205c38fc3b77065e98101d219246103438d223ec7f8f533d4bb3a3d3407a"+ + "944910f11e8e5492e86de7a0471250eca32f0838b3db02fffe71898712af3261"); + + public override string Name + { + get { return "ISAAC"; } + } + + public override void PerformTest() + { + IsaacEngine engine = new IsaacEngine(); + + doTest(engine, Hex.Decode("00000000"), outBase); + doTest(engine, Hex.Decode("ffffffff"), outFFFFFFFF); + + byte[] k = new byte[256 * 4]; + for (int i = 0; i != k.Length; i++) + { + k[i] = (byte)((i % 4 == 0 || i % 4 == 1) ? 0xff : 0x00); + } + doTest(engine, k, outFFFF0000); + k = new byte[256 * 4]; + for (int i = 0; i != k.Length; i++) + { + k[i] = (byte)((i % 4 == 2 || i % 4 == 3) ? 0xff : 0x00); + } + doTest(engine, k, out0000FFFF); + } + + private void doTest( + IsaacEngine engine, + byte[] key, + byte[] output) + { + byte[] input = new byte[output.Length]; + byte[] enc = new byte[output.Length]; + engine.Init(true, new KeyParameter(key)); + engine.ProcessBytes(input, 0, input.Length, enc, 0); + if (!AreEqual(enc, output)) + { + Fail("ciphertext mismatch"); + } + engine.Init(false, new KeyParameter(key)); + engine.ProcessBytes(enc, 0, enc.Length, enc, 0); + if (!AreEqual(enc, input)) + { + Fail("plaintext mismatch"); + } + } + + public static void Main( + string[] args) + { + RunTest(new IsaacTest()); + } + + [Test] + public void TestFunction() + { + string resultText = Perform().ToString(); + Assert.AreEqual(Name + ": Okay", resultText); + } + } +} diff --git a/BouncyCastle/crypto/test/src/crypto/test/ISO9796Test.cs b/BouncyCastle/crypto/test/src/crypto/test/ISO9796Test.cs new file mode 100644 index 0000000..562238b --- /dev/null +++ b/BouncyCastle/crypto/test/src/crypto/test/ISO9796Test.cs @@ -0,0 +1,961 @@ +using System; + +using NUnit.Framework; + +using Org.BouncyCastle.Crypto; +using Org.BouncyCastle.Crypto.Digests; +using Org.BouncyCastle.Crypto.Encodings; +using Org.BouncyCastle.Crypto.Engines; +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Crypto.Signers; +using Org.BouncyCastle.Math; +using Org.BouncyCastle.Security; + +using Org.BouncyCastle.Utilities; +using Org.BouncyCastle.Utilities.Encoders; +using Org.BouncyCastle.Utilities.Test; + +namespace Org.BouncyCastle.Crypto.Tests +{ + /// test vectors from ISO 9796-1 and ISO 9796-2 edition 1. + [TestFixture] + public class ISO9796Test + : SimpleTest + { + static BigInteger mod1 = new BigInteger("0100000000000000000000000000000000bba2d15dbb303c8a21c5ebbcbae52b7125087920dd7cdf358ea119fd66fb064012ec8ce692f0a0b8e8321b041acd40b7", 16); + + static BigInteger pub1 = new BigInteger("03", 16); + + static BigInteger pri1 = new BigInteger("2aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaac9f0783a49dd5f6c5af651f4c9d0dc9281c96a3f16a85f9572d7cc3f2d0f25a9dbf1149e4cdc32273faadd3fda5dcda7", 16); + + static BigInteger mod2 = new BigInteger("ffffff7fa27087c35ebead78412d2bdffe0301edd494df13458974ea89b364708f7d0f5a00a50779ddf9f7d4cb80b8891324da251a860c4ec9ef288104b3858d", 16); + + static BigInteger pub2 = new BigInteger("03", 16); + + static BigInteger pri2 = new BigInteger("2aaaaa9545bd6bf5e51fc7940adcdca5550080524e18cfd88b96e8d1c19de6121b13fac0eb0495d47928e047724d91d1740f6968457ce53ec8e24c9362ce84b5", 16); + + static byte[] msg1 = Hex.Decode("0cbbaa99887766554433221100"); + + // + // you'll need to see the ISO 9796 to make sense of this + // + static byte[] sig1 = mod1.Subtract(new BigInteger("309f873d8ded8379490f6097eaafdabc137d3ebfd8f25ab5f138d56a719cdc526bdd022ea65dabab920a81013a85d092e04d3e421caab717c90d89ea45a8d23a", 16)).ToByteArray(); + + static byte[] msg2 = Hex.Decode("fedcba9876543210fedcba9876543210fedcba9876543210fedcba9876543210"); + + static byte[] sig2 = new BigInteger("319bb9becb49f3ed1bca26d0fcf09b0b0a508e4d0bd43b350f959b72cd25b3af47d608fdcd248eada74fbe19990dbeb9bf0da4b4e1200243a14e5cab3f7e610c", 16).ToByteArray(); + + static byte[] msg3 = Hex.Decode("0112233445566778899aabbccd"); + + static byte[] sig3 = mod2.Subtract(new BigInteger("58e59ffb4b1fb1bcdbf8d1fe9afa3730c78a318a1134f5791b7313d480ff07ac319b068edf8f212945cb09cf33df30ace54f4a063fcca0b732f4b662dc4e2454", 16)).ToByteArray(); + + // + // ISO 9796-2 + // + static BigInteger mod3 = new BigInteger("ffffffff78f6c55506c59785e871211ee120b0b5dd644aa796d82413a47b24573f1be5745b5cd9950f6b389b52350d4e01e90009669a8720bf265a2865994190a661dea3c7828e2e7ca1b19651adc2d5", 16); + + static BigInteger pub3 = new BigInteger("03", 16); + + static BigInteger pri3 = new BigInteger("2aaaaaaa942920e38120ee965168302fd0301d73a4e60c7143ceb0adf0bf30b9352f50e8b9e4ceedd65343b2179005b2f099915e4b0c37e41314bb0821ad8330d23cba7f589e0f129b04c46b67dfce9d", 16); + + static BigInteger mod4 = new BigInteger("FFFFFFFF45f1903ebb83d4d363f70dc647b839f2a84e119b8830b2dec424a1ce0c9fd667966b81407e89278283f27ca8857d40979407fc6da4cc8a20ecb4b8913b5813332409bc1f391a94c9c328dfe46695daf922259174544e2bfbe45cc5cd", 16); + static BigInteger pub4 = new BigInteger("02", 16); + static BigInteger pri4 = new BigInteger("1fffffffe8be3207d7707a9a6c7ee1b8c8f7073e5509c2337106165bd8849439c193faccf2cd70280fd124f0507e4f94cb66447680c6b87b6599d1b61c8f3600854a618262e9c1cb1438e485e47437be036d94b906087a61ee74ab0d9a1accd8", 16); + + static byte[] msg4 = Hex.Decode("6162636462636465636465666465666765666768666768696768696a68696a6b696a6b6c6a6b6c6d6b6c6d6e6c6d6e6f6d6e6f706e6f7071"); + static byte[] sig4 = Hex.Decode("374695b7ee8b273925b4656cc2e008d41463996534aa5aa5afe72a52ffd84e118085f8558f36631471d043ad342de268b94b080bee18a068c10965f581e7f32899ad378835477064abed8ef3bd530fce"); + + static byte[] msg5 = Hex.Decode("fedcba9876543210fedcba9876543210fedcba9876543210fedcba9876543210fedcba9876543210fedcba9876543210fedcba9876543210fedcba9876543210fedcba9876543210fedcba9876543210fedcba9876543210fedcba9876543210fedcba9876543210fedcba9876543210"); + static byte[] sig5 = Hex.Decode("5cf9a01854dbacaec83aae8efc563d74538192e95466babacd361d7c86000fe42dcb4581e48e4feb862d04698da9203b1803b262105104d510b365ee9c660857ba1c001aa57abfd1c8de92e47c275cae"); + + // + // scheme 2 data + // + static BigInteger mod6 = new BigInteger("b259d2d6e627a768c94be36164c2d9fc79d97aab9253140e5bf17751197731d6f7540d2509e7b9ffee0a70a6e26d56e92d2edd7f85aba85600b69089f35f6bdbf3c298e05842535d9f064e6b0391cb7d306e0a2d20c4dfb4e7b49a9640bdea26c10ad69c3f05007ce2513cee44cfe01998e62b6c3637d3fc0391079b26ee36d5", 16); + static BigInteger pub6 = new BigInteger("11", 16); + static BigInteger pri6 = new BigInteger("92e08f83cc9920746989ca5034dcb384a094fb9c5a6288fcc4304424ab8f56388f72652d8fafc65a4b9020896f2cde297080f2a540e7b7ce5af0b3446e1258d1dd7f245cf54124b4c6e17da21b90a0ebd22605e6f45c9f136d7a13eaac1c0f7487de8bd6d924972408ebb58af71e76fd7b012a8d0e165f3ae2e5077a8648e619", 16); + + // static byte[] sig6 = new BigInteger("0073FEAF13EB12914A43FE635022BB4AB8188A8F3ABD8D8A9E4AD6C355EE920359C7F237AE36B1212FE947F676C68FE362247D27D1F298CA9302EB21F4A64C26CE44471EF8C0DFE1A54606F0BA8E63E87CDACA993BFA62973B567473B4D38FAE73AB228600934A9CC1D3263E632E21FD52D2B95C5F7023DA63DE9509C01F6C7BBC", 16).ModPow(pri6, mod6).ToByteArray(); + static byte[] sig6 = new BigInteger("0073FEAF13EB12914A43FE635022BB4AB8188A8F3ABD8D8A9E4AD6C355EE920359C7F237AE36B1212FE947F676C68FE362247D27D1F298CA9302EB21F4A64C26CE44471EF8C0DFE1A54606F0BA8E63E87CDACA993BFA62973B567473B4D38FAE73AB228600934A9CC1D3263E632E21FD52D2B95C5F7023DA63DE9509C01F6C7BBC", 16).ModPow(pri6, mod6).ToByteArray(); + + static byte[] msg7 = Hex.Decode("6162636462636465636465666465666765666768666768696768696A68696A6B696A6B6C6A6B6C6D6B6C6D6E6C6D6E6F6D6E6F706E6F70716F70717270717273"); + static byte[] sig7 = new BigInteger("296B06224010E1EC230D4560A5F88F03550AAFCE31C805CE81E811E5E53E5F71AE64FC2A2A486B193E87972D90C54B807A862F21A21919A43ECF067240A8C8C641DE8DCDF1942CF790D136728FFC0D98FB906E7939C1EC0E64C0E067F0A7443D6170E411DF91F797D1FFD74009C4638462E69D5923E7433AEC028B9A90E633CC", 16).ModPow(pri6, mod6).ToByteArray(); + + static byte[] msg8 = Hex.Decode("FEDCBA9876543210FEDCBA9876543210FEDCBA9876543210FEDCBA9876543210FEDCBA9876543210FEDCBA9876543210FEDCBA9876543210FEDCBA9876543210FEDCBA9876543210FEDCBA9876543210FEDCBA9876543210FEDCBA9876543210FEDCBA9876543210FEDCBA9876543210FEDCBA9876543210FEDCBA9876543210FEDCBA98"); + static byte[] sig8 = new BigInteger("01402B29ABA104079677CE7FC3D5A84DB24494D6F9508B4596484F5B3CC7E8AFCC4DDE7081F21CAE9D4F94D6D2CCCB43FCEDA0988FFD4EF2EAE72CFDEB4A2638F0A34A0C49664CD9DB723315759D758836C8BA26AC4348B66958AC94AE0B5A75195B57ABFB9971E21337A4B517F2E820B81F26BCE7C66F48A2DB12A8F3D731CC", 16).ModPow(pri6, mod6).ToByteArray(); + + static byte[] msg9 = Hex.Decode("6162636462636465636465666465666765666768666768696768696A68696A6B696A6B6C6A6B6C6D6B6C6D6E6C6D6E6F6D6E6F706E6F70716F707172707172737172737472737475737475767475767775767778767778797778797A78797A61797A61627A6162636162636462636465"); + static byte[] sig9 = new BigInteger("6F2BB97571FE2EF205B66000E9DD06656655C1977F374E8666D636556A5FEEEEAF645555B25F45567C4EE5341F96FED86508C90A9E3F11B26E8D496139ED3E55ECE42860A6FB3A0817DAFBF13019D93E1D382DA07264FE99D9797D2F0B7779357CA7E74EE440D8855B7DDF15F000AC58EE3FFF144845E771907C0C83324A6FBC", 16).ModPow(pri6, mod6).ToByteArray(); + + public override string Name + { + get { return "ISO9796"; } + } + + private bool IsSameAs( + byte[] a, + int off, + byte[] b) + { + if ((a.Length - off) != b.Length) + { + return false; + } + + for (int i = 0; i != b.Length; i++) + { + if (a[i + off] != b[i]) + { + return false; + } + } + + return true; + } + + private bool StartsWith( + byte[] a, + byte[] b) + { + if (a.Length < b.Length) + return false; + + for (int i = 0; i != b.Length; i++) + { + if (a[i] != b[i]) + return false; + } + + return true; + } + + [Test] + public virtual void DoTest1() + { + RsaKeyParameters pubParameters = new RsaKeyParameters(false, mod1, pub1); + RsaKeyParameters privParameters = new RsaKeyParameters(true, mod1, pri1); + RsaEngine rsa = new RsaEngine(); + byte[] data; + + // + // ISO 9796-1 - public encrypt, private decrypt + // + ISO9796d1Encoding eng = new ISO9796d1Encoding(rsa); + + eng.Init(true, privParameters); + + eng.SetPadBits(4); + + data = eng.ProcessBlock(msg1, 0, msg1.Length); + + eng.Init(false, pubParameters); + + if (!AreEqual(sig1, data)) + { + Fail("failed ISO9796-1 generation Test 1"); + } + + data = eng.ProcessBlock(data, 0, data.Length); + + if (!AreEqual(msg1, data)) + { + Fail("failed ISO9796-1 retrieve Test 1"); + } + } + + [Test] + public virtual void DoTest2() + { + RsaKeyParameters pubParameters = new RsaKeyParameters(false, mod1, pub1); + RsaKeyParameters privParameters = new RsaKeyParameters(true, mod1, pri1); + RsaEngine rsa = new RsaEngine(); + byte[] data; + + // + // ISO 9796-1 - public encrypt, private decrypt + // + ISO9796d1Encoding eng = new ISO9796d1Encoding(rsa); + + eng.Init(true, privParameters); + + data = eng.ProcessBlock(msg2, 0, msg2.Length); + + eng.Init(false, pubParameters); + + if (!IsSameAs(data, 1, sig2)) + { + Fail("failed ISO9796-1 generation Test 2"); + } + + data = eng.ProcessBlock(data, 0, data.Length); + + if (!AreEqual(msg2, data)) + { + Fail("failed ISO9796-1 retrieve Test 2"); + } + } + + [Test] + public virtual void DoTest3() + { + RsaKeyParameters pubParameters = new RsaKeyParameters(false, mod2, pub2); + RsaKeyParameters privParameters = new RsaKeyParameters(true, mod2, pri2); + RsaEngine rsa = new RsaEngine(); + byte[] data; + + // + // ISO 9796-1 - public encrypt, private decrypt + // + ISO9796d1Encoding eng = new ISO9796d1Encoding(rsa); + + eng.Init(true, privParameters); + + eng.SetPadBits(4); + + data = eng.ProcessBlock(msg3, 0, msg3.Length); + + eng.Init(false, pubParameters); + + if (!IsSameAs(sig3, 1, data)) + { + Fail("failed ISO9796-1 generation Test 3"); + } + + data = eng.ProcessBlock(data, 0, data.Length); + + if (!IsSameAs(msg3, 0, data)) + { + Fail("failed ISO9796-1 retrieve Test 3"); + } + } + + [Test] + public virtual void DoTest4() + { + RsaKeyParameters pubParameters = new RsaKeyParameters(false, mod3, pub3); + RsaKeyParameters privParameters = new RsaKeyParameters(true, mod3, pri3); + RsaEngine rsa = new RsaEngine(); + byte[] data; + + // + // ISO 9796-2 - Signing + // + Iso9796d2Signer eng = new Iso9796d2Signer(rsa, new RipeMD128Digest()); + + eng.Init(true, privParameters); + + eng.Update(msg4[0]); + eng.BlockUpdate(msg4, 1, msg4.Length - 1); + + data = eng.GenerateSignature(); + + eng.Init(false, pubParameters); + + if (!IsSameAs(sig4, 0, data)) + { + Fail("failed ISO9796-2 generation Test 4"); + } + + eng.Update(msg4[0]); + eng.BlockUpdate(msg4, 1, msg4.Length - 1); + + if (!eng.VerifySignature(data)) + { + Fail("failed ISO9796-2 verify Test 4"); + } + + if (eng.HasFullMessage()) + { + eng = new Iso9796d2Signer(rsa, new RipeMD128Digest()); + + eng.Init(false, pubParameters); + + if (!eng.VerifySignature(sig4)) + { + Fail("failed ISO9796-2 verify and recover Test 4"); + } + + if(!IsSameAs(eng.GetRecoveredMessage(), 0, msg4)) + { + Fail("failed ISO9796-2 recovered message Test 4"); + } + + // try update with recovered + eng.UpdateWithRecoveredMessage(sig4); + + if(!IsSameAs(eng.GetRecoveredMessage(), 0, msg4)) + { + Fail("failed ISO9796-2 updateWithRecovered recovered message Test 4"); + } + + if (!eng.VerifySignature(sig4)) + { + Fail("failed ISO9796-2 updateWithRecovered verify and recover Test 4"); + } + + if(!IsSameAs(eng.GetRecoveredMessage(), 0, msg4)) + { + Fail("failed ISO9796-2 updateWithRecovered recovered verify message Test 4"); + } + + // should fail + eng.UpdateWithRecoveredMessage(sig4); + + eng.BlockUpdate(msg4, 0, msg4.Length); + + if (eng.VerifySignature(sig4)) + { + Fail("failed ISO9796-2 updateWithRecovered verify and recover Test 4"); + } + } + else + { + Fail("full message flag false - Test 4"); + } + } + + [Test] + public virtual void DoTest5() + { + RsaKeyParameters pubParameters = new RsaKeyParameters(false, mod3, pub3); + RsaKeyParameters privParameters = new RsaKeyParameters(true, mod3, pri3); + RsaEngine rsa = new RsaEngine(); + byte[] data; + + // + // ISO 9796-2 - Signing + // + Iso9796d2Signer eng = new Iso9796d2Signer(rsa, new RipeMD160Digest(), true); + + eng.Init(true, privParameters); + + eng.Update(msg5[0]); + eng.BlockUpdate(msg5, 1, msg5.Length - 1); + + data = eng.GenerateSignature(); + + eng.Init(false, pubParameters); + + if (!IsSameAs(sig5, 0, data)) + { + Fail("failed ISO9796-2 generation Test 5"); + } + + eng.Update(msg5[0]); + eng.BlockUpdate(msg5, 1, msg5.Length - 1); + + if (!eng.VerifySignature(data)) + { + Fail("failed ISO9796-2 verify Test 5"); + } + + if (eng.HasFullMessage()) + { + Fail("fullMessage true - Test 5"); + } + + if (!StartsWith(msg5, eng.GetRecoveredMessage())) + { + Fail("failed ISO9796-2 partial recovered message Test 5"); + } + + int length = eng.GetRecoveredMessage().Length; + + if (length >= msg5.Length) + { + Fail("Test 5 recovered message too long"); + } + + eng = new Iso9796d2Signer(rsa, new RipeMD160Digest(), true); + + eng.Init(false, pubParameters); + + eng.UpdateWithRecoveredMessage(sig5); + + if (!StartsWith(msg5, eng.GetRecoveredMessage())) + { + Fail("failed ISO9796-2 updateWithRecovered partial recovered message Test 5"); + } + + if (eng.HasFullMessage()) + { + Fail("fullMessage updateWithRecovered true - Test 5"); + } + + for (int i = length ; i != msg5.Length; i++) + { + eng.Update(msg5[i]); + } + + if (!eng.VerifySignature(sig5)) + { + Fail("failed ISO9796-2 verify Test 5"); + } + + if (eng.HasFullMessage()) + { + Fail("fullMessage updateWithRecovered true - Test 5"); + } + + // should fail + eng.UpdateWithRecoveredMessage(sig5); + + eng.BlockUpdate(msg5, 0, msg5.Length); + + if (eng.VerifySignature(sig5)) + { + Fail("failed ISO9796-2 updateWithRecovered verify fail Test 5"); + } + } + + // + // against a zero length string + // + [Test] + public virtual void DoTest6() + { + byte[] salt = Hex.Decode("61DF870C4890FE85D6E3DD87C3DCE3723F91DB49"); + RsaKeyParameters pubParameters = new RsaKeyParameters(false, mod6, pub6); + RsaKeyParameters privParameters = new RsaKeyParameters(true, mod6, pri6); + ParametersWithSalt sigParameters = new ParametersWithSalt(privParameters, salt); + RsaEngine rsa = new RsaEngine(); + byte[] data; + + // + // ISO 9796-2 - PSS Signing + // + Iso9796d2PssSigner eng = new Iso9796d2PssSigner(rsa, new RipeMD160Digest(), 20, true); + + eng.Init(true, sigParameters); + + data = eng.GenerateSignature(); + + eng.Init(false, pubParameters); + + if (!IsSameAs(sig6, 1, data)) + { + Fail("failed ISO9796-2 generation Test 6"); + } + + if (!eng.VerifySignature(data)) + { + Fail("failed ISO9796-2 verify Test 6"); + } + } + + [Test] + public virtual void DoTest7() + { + byte[] salt = new byte[0]; + RsaKeyParameters pubParameters = new RsaKeyParameters(false, mod6, pub6); + RsaKeyParameters privParameters = new RsaKeyParameters(true, mod6, pri6); + ParametersWithSalt sigParameters = new ParametersWithSalt(privParameters, salt); + RsaEngine rsa = new RsaEngine(); + byte[] data; + + // + // ISO 9796-2 - PSS Signing + // + Iso9796d2PssSigner eng = new Iso9796d2PssSigner(rsa, new Sha1Digest(), 0, false); + + eng.Init(true, sigParameters); + + eng.Update(msg7[0]); + eng.BlockUpdate(msg7, 1, msg7.Length - 1); + + data = eng.GenerateSignature(); + + eng.Init(false, pubParameters); + + if (!IsSameAs(sig7, 0, data)) + { + Fail("failed ISO9796-2 generation Test 7"); + } + + eng.Update(msg7[0]); + eng.BlockUpdate(msg7, 1, msg7.Length - 1); + + if (!eng.VerifySignature(data)) + { + Fail("failed ISO9796-2 verify Test 7"); + } + + if (!IsSameAs(msg7, 0, eng.GetRecoveredMessage())) + { + Fail("failed ISO9796-2 recovery Test 7"); + } + } + + [Test] + public virtual void DoTest8() + { + byte[] salt = Hex.Decode("78E293203CBA1B7F92F05F4D171FF8CA3E738FF8"); + RsaKeyParameters pubParameters = new RsaKeyParameters(false, mod6, pub6); + RsaKeyParameters privParameters = new RsaKeyParameters(true, mod6, pri6); + ParametersWithSalt sigParameters = new ParametersWithSalt(privParameters, salt); + RsaEngine rsa = new RsaEngine(); + byte[] data; + + // + // ISO 9796-2 - PSS Signing + // + Iso9796d2PssSigner eng = new Iso9796d2PssSigner(rsa, new RipeMD160Digest(), 20, false); + + eng.Init(true, sigParameters); + + eng.Update(msg8[0]); + eng.BlockUpdate(msg8, 1, msg8.Length - 1); + + data = eng.GenerateSignature(); + + eng.Init(false, pubParameters); + + if (!IsSameAs(sig8, 0, data)) + { + Fail("failed ISO9796-2 generation Test 8"); + } + + eng.Update(msg8[0]); + eng.BlockUpdate(msg8, 1, msg8.Length - 1); + + if (!eng.VerifySignature(data)) + { + Fail("failed ISO9796-2 verify Test 8"); + } + } + + [Test] + public virtual void DoTest9() + { + RsaKeyParameters pubParameters = new RsaKeyParameters(false, mod6, pub6); + RsaKeyParameters privParameters = new RsaKeyParameters(true, mod6, pri6); + RsaEngine rsa = new RsaEngine(); + byte[] data; + + // + // ISO 9796-2 - PSS Signing + // + Iso9796d2PssSigner eng = new Iso9796d2PssSigner(rsa, new RipeMD160Digest(), 0, true); + + eng.Init(true, privParameters); + + eng.Update(msg9[0]); + eng.BlockUpdate(msg9, 1, msg9.Length - 1); + + data = eng.GenerateSignature(); + + eng.Init(false, pubParameters); + + if (!IsSameAs(sig9, 0, data)) + { + Fail("failed ISO9796-2 generation Test 9"); + } + + eng.Update(msg9[0]); + eng.BlockUpdate(msg9, 1, msg9.Length - 1); + + if (!eng.VerifySignature(data)) + { + Fail("failed ISO9796-2 verify Test 9"); + } + } + + [Test] + public virtual void DoTest10() + { + BigInteger mod = new BigInteger("B3ABE6D91A4020920F8B3847764ECB34C4EB64151A96FDE7B614DC986C810FF2FD73575BDF8532C06004C8B4C8B64F700A50AEC68C0701ED10E8D211A4EA554D", 16); + BigInteger pubExp = new BigInteger("65537", 10); + BigInteger priExp = new BigInteger("AEE76AE4716F77C5782838F328327012C097BD67E5E892E75C1356E372CCF8EE1AA2D2CBDFB4DA19F703743F7C0BA42B2D69202BA7338C294D1F8B6A5771FF41", 16); + RsaKeyParameters pubParameters = new RsaKeyParameters(false, mod, pubExp); + RsaKeyParameters privParameters = new RsaKeyParameters(true, mod, priExp); + RsaEngine rsa = new RsaEngine(); + byte[] data; + + // + // ISO 9796-2 - PSS Signing + // + IDigest dig = new Sha1Digest(); + Iso9796d2PssSigner eng = new Iso9796d2PssSigner(rsa, dig, dig.GetDigestSize()); + + // + // as the padding is random this test needs to repeat a few times to + // make sure + // + for (int i = 0; i != 500; i++) + { + eng.Init(true, privParameters); + + eng.Update(msg9[0]); + eng.BlockUpdate(msg9, 1, msg9.Length - 1); + + data = eng.GenerateSignature(); + + eng.Init(false, pubParameters); + + eng.Update(msg9[0]); + eng.BlockUpdate(msg9, 1, msg9.Length - 1); + + if (!eng.VerifySignature(data)) + { + Fail("failed ISO9796-2 verify Test 10"); + } + } + } + + [Test] + public virtual void DoTest11() + { + BigInteger mod = new BigInteger("B3ABE6D91A4020920F8B3847764ECB34C4EB64151A96FDE7B614DC986C810FF2FD73575BDF8532C06004C8B4C8B64F700A50AEC68C0701ED10E8D211A4EA554D", 16); + BigInteger pubExp = new BigInteger("65537", 10); + BigInteger priExp = new BigInteger("AEE76AE4716F77C5782838F328327012C097BD67E5E892E75C1356E372CCF8EE1AA2D2CBDFB4DA19F703743F7C0BA42B2D69202BA7338C294D1F8B6A5771FF41", 16); + RsaKeyParameters pubParameters = new RsaKeyParameters(false, mod, pubExp); + RsaKeyParameters privParameters = new RsaKeyParameters(true, mod, priExp); + RsaEngine rsa = new RsaEngine(); + byte[] data; + byte[] m1 = { 1, 2, 3, 4, 5, 6, 7, 8, 9 }; + byte[] m2 = { 1, 2, 3, 4, 5, 6, 7, 8, 9, 0 }; + byte[] m3 = { 1, 2, 3, 4, 5, 6, 7, 8 }; + + // + // ISO 9796-2 - PSS Signing + // + IDigest dig = new Sha1Digest(); + Iso9796d2PssSigner eng = new Iso9796d2PssSigner(rsa, dig, dig.GetDigestSize()); + + // + // check message bounds + // + eng.Init(true, privParameters); + + eng.BlockUpdate(m1, 0, m1.Length); + + data = eng.GenerateSignature(); + + eng.Init(false, pubParameters); + + eng.BlockUpdate(m2, 0, m2.Length); + + if (eng.VerifySignature(data)) + { + Fail("failed ISO9796-2 m2 verify Test 11"); + } + + eng.Init(false, pubParameters); + + eng.BlockUpdate(m3, 0, m3.Length); + + if (eng.VerifySignature(data)) + { + Fail("failed ISO9796-2 m3 verify Test 11"); + } + + eng.Init(false, pubParameters); + + eng.BlockUpdate(m1, 0, m1.Length); + + if (!eng.VerifySignature(data)) + { + Fail("failed ISO9796-2 verify Test 11"); + } + } + + [Test] + public virtual void DoTest12() + { + BigInteger mod = new BigInteger("B3ABE6D91A4020920F8B3847764ECB34C4EB64151A96FDE7B614DC986C810FF2FD73575BDF8532C06004C8B4C8B64F700A50AEC68C0701ED10E8D211A4EA554D", 16); + BigInteger pubExp = new BigInteger("65537", 10); + BigInteger priExp = new BigInteger("AEE76AE4716F77C5782838F328327012C097BD67E5E892E75C1356E372CCF8EE1AA2D2CBDFB4DA19F703743F7C0BA42B2D69202BA7338C294D1F8B6A5771FF41", 16); + RsaKeyParameters pubParameters = new RsaKeyParameters(false, mod, pubExp); + RsaKeyParameters privParameters = new RsaKeyParameters(true, mod, priExp); + RsaEngine rsa = new RsaEngine(); + byte[] data; + byte[] m1 = { 1, 2, 3, 4, 5, 6, 7, 8, 9 }; + byte[] m2 = { 1, 2, 3, 4, 5, 6, 7, 8, 9, 0 }; + byte[] m3 = { 1, 2, 3, 4, 5, 6, 7, 8 }; + + // + // ISO 9796-2 - Regular Signing + // + IDigest dig = new Sha1Digest(); + Iso9796d2Signer eng = new Iso9796d2Signer(rsa, dig); + + // + // check message bounds + // + eng.Init(true, privParameters); + + eng.BlockUpdate(m1, 0, m1.Length); + + data = eng.GenerateSignature(); + + eng.Init(false, pubParameters); + + eng.BlockUpdate(m2, 0, m2.Length); + + if (eng.VerifySignature(data)) + { + Fail("failed ISO9796-2 m2 verify Test 12"); + } + + eng.Init(false, pubParameters); + + eng.BlockUpdate(m3, 0, m3.Length); + + if (eng.VerifySignature(data)) + { + Fail("failed ISO9796-2 m3 verify Test 12"); + } + + eng.Init(false, pubParameters); + + eng.BlockUpdate(m1, 0, m1.Length); + + if (!eng.VerifySignature(data)) + { + Fail("failed ISO9796-2 verify Test 12"); + } + } + + [Test] + public void DoTest13() + { + BigInteger modulus = new BigInteger(1, Hex.Decode("CDCBDABBF93BE8E8294E32B055256BBD0397735189BF75816341BB0D488D05D627991221DF7D59835C76A4BB4808ADEEB779E7794504E956ADC2A661B46904CDC71337DD29DDDD454124EF79CFDD7BC2C21952573CEFBA485CC38C6BD2428809B5A31A898A6B5648CAA4ED678D9743B589134B7187478996300EDBA16271A861")); + BigInteger pubExp = new BigInteger(1, Hex.Decode("010001")); + BigInteger privExp = new BigInteger(1, Hex.Decode("4BA6432AD42C74AA5AFCB6DF60FD57846CBC909489994ABD9C59FE439CC6D23D6DE2F3EA65B8335E796FD7904CA37C248367997257AFBD82B26F1A30525C447A236C65E6ADE43ECAAF7283584B2570FA07B340D9C9380D88EAACFFAEEFE7F472DBC9735C3FF3A3211E8A6BBFD94456B6A33C17A2C4EC18CE6335150548ED126D")); + + RsaKeyParameters pubParams = new RsaKeyParameters(false, modulus, pubExp); + RsaKeyParameters privParams = new RsaKeyParameters(true, modulus, privExp); + + IAsymmetricBlockCipher rsaEngine = new RsaBlindedEngine(); + IDigest digest = new Sha256Digest(); + + // set challenge to all zero's for verification + byte[] challenge = new byte[8]; + + // DOES NOT USE FINAL BOOLEAN TO INDICATE RECOVERY + Iso9796d2Signer signer = new Iso9796d2Signer(rsaEngine, digest, false); + + // sign + signer.Init(true, privParams); + signer.BlockUpdate(challenge, 0, challenge.Length); + + byte[] sig = signer.GenerateSignature(); + + // verify + signer.Init(false, pubParams); + signer.BlockUpdate(challenge, 0, challenge.Length); + + if (!signer.VerifySignature(sig)) + { + Fail("basic verification failed"); + } + + // === LETS ACTUALLY DO SOME RECOVERY, USING INPUT FROM INTERNAL AUTHENTICATE === + + signer.Reset(); + + string args0 = "482E20D1EDDED34359C38F5E7C01203F9D6B2641CDCA5C404D49ADAEDE034C7481D781D043722587761C90468DE69C6585A1E8B9C322F90E1B580EEDAB3F6007D0C366CF92B4DB8B41C8314929DCE2BE889C0129123484D2FD3D12763D2EBFD12AC8E51D7061AFCA1A53DEDEC7B9A617472A78C952CCC72467AE008E5F132994"; + + digest = new Sha1Digest(); + + signer = new Iso9796d2Signer(rsaEngine, digest, true); + + + signer.Init(false, pubParams); + byte[] signature = Hex.Decode(args0); + signer.UpdateWithRecoveredMessage(signature); + signer.BlockUpdate(challenge, 0, challenge.Length); + + if (!signer.VerifySignature(signature)) + { + Fail("recovered + challenge signature failed"); + } + + // === FINALLY, USING SHA-256 === + + signer.Reset(); + + digest = new Sha256Digest(); + + // NOTE setting implicit to false does not actually do anything for verification !!! + signer = new Iso9796d2Signer(rsaEngine, digest, false); + + + signer.Init(true, privParams); + // generate NONCE of correct length using some inner knowledge + int nonceLength = modulus.BitLength / 8 - 1 - digest.GetDigestSize() - 2; + byte[] nonce = new byte[nonceLength]; + SecureRandom rnd = new SecureRandom(); + + rnd.NextBytes(nonce); + + signer.BlockUpdate(nonce, 0, nonce.Length); + signer.BlockUpdate(challenge, 0, challenge.Length); + byte[] sig3 = signer.GenerateSignature(); + + signer.Init(false, pubParams); + signer.UpdateWithRecoveredMessage(sig3); + signer.BlockUpdate(challenge, 0, challenge.Length); + if (signer.VerifySignature(sig3)) + { + if (signer.HasFullMessage()) + { + Fail("signer indicates full message"); + } + byte[] recoverableMessage = signer.GetRecoveredMessage(); + + // sanity check, normally the nonce is ignored in eMRTD specs (PKI Technical Report) + if (!Arrays.AreEqual(nonce, recoverableMessage)) + { + Fail("Nonce compare with recoverable part of message failed"); + } + } + else + { + Fail("recoverable + nonce failed."); + } + } + + private static readonly byte[] longMessage = Base64.Decode( + "VVNIKzErU0U2ODAxNTMyOTcxOSsyKzErNisyKzErMTo6OTk5OTk5OTk5OTk5" + + "OTo6OSsyOjo3Nzc3Nzc3Nzc3Nzc3Ojo5Kys1OjIwMTMwNDA1OjExMzUyMCdV" + + "U0ErMTo6OjE2OjEnVVNDKzRmYjk3YzFhNDI5ZGIyZDYnVVNBKzY6MTY6MTox" + + "MDoxKzE0OjIwNDgrMTI6/vn3S0h96eNhfmPN6OZUxXhd815h0tP871Hl+V1r" + + "fHHUXvrPXmjHV0vdb8fYY1zxwvnQUcFBWXT43PFi7Xbow0/9e9l6/mhs1UJq" + + "VPvp+ELbeXfn4Nj02ttk0e3H5Hfa69NYRuHv1WBO6lfizNnM9m9XYmh9TOrg" + + "f9rDRtd+ZNbf4lz9fPTt9OXyxOJWRPr/0FLzxUVsddplfHxM3ndETFD7ffjI" + + "/mhRYuL8WXZ733LeWFRCeOzKzmDz/HvT3GZx/XJMbFpqyOZjedzh6vZr1vrD" + + "615TQfN7wtJJ29bN2Hvzb2f1xGHaXl7af0/w9dpR2dr7/HzuZEJKYc7JSkv4" + + "/k37yERIbcrfbVTeVtR+dcVoeeRT41fmzMfzf8RnWOX4YMNifl0rMTM68EFA" + + "QSdCR00rMzgwKzk5OTk5OTk5J0RUTSsxMzc6MjAxMzA0MDU6MTAyJ0ZUWCtB" + + "QUkrKytJTlZPSUNFIFRFU1QnUkZGK09OOjEyMzQ1NidSRkYrRFE6MjIyMjIy" + + "MjIyJ0RUTSsxNzE6MjAxMzA0MDE6MTAyJ05BRCtTVSs5OTk5OTk5OTk5OTk5" + + "Ojo5KytURVNUIFNVUFBMSUVSOjpUcmFzZSByZWdpc3RlciBYWFhYWFhYK1Rl" + + "c3QgYWRkcmVzcyBzdXBwbGllcitDaXR5KysxMjM0NStERSdSRkYrVkE6QTEy" + + "MzQ1Njc4J05BRCtTQ08rOTk5OTk5OTk5OTk5OTo6OSsrVEVTVCBTVVBQTElF" + + "Ujo6VHJhc2UgcmVnaXN0ZXIgWFhYWFhYWCtUZXN0IGFkZHJlc3Mgc3VwcGxp" + + "ZXIrQ2l0eSsrMTIzNDUrREUnUkZGK1ZBOkExMjM0NTY3OCdOQUQrQlkrODg4" + + "ODg4ODg4ODg4ODo6OSdOQUQrSVYrNzc3Nzc3Nzc3Nzc3Nzo6OSsrVEVTVCBC" + + "VVlFUitUZXN0IGFkZHJlc3MgYnV5ZXIrQ2l0eTIrKzU0MzIxK0RFJ1JGRitW" + + "QTpKODc2NTQzMjEnTkFEK0JDTys3Nzc3Nzc3Nzc3Nzc3Ojo5KytURVNUIEJV" + + "WUVSK1Rlc3QgYWRkcmVzcyBidXllcitDaXR5MisrNTQzMjErREUnUkZGK1ZB" + + "Oko4NzY1NDMyMSdOQUQrRFArODg4ODg4ODg4ODg4ODo6OSdOQUQrUFIrNzc3" + + "Nzc3Nzc3Nzc3Nzo6OSdDVVgrMjpFVVI6NCdQQVQrMzUnRFRNKzEzOjIwMTMw" + + "NjI0OjEwMidMSU4rMSsrMTExMTExMTExMTExMTpFTidQSUErMStBQUFBQUFB" + + "OlNBJ0lNRCtGK00rOjo6UFJPRFVDVCBURVNUIDEnUVRZKzQ3OjEwLjAwMCdN" + + "T0ErNjY6Ny4wMCdQUkkrQUFCOjEuMDAnUFJJK0FBQTowLjcwJ1JGRitPTjox" + + "MjM0NTYnUkZGK0RROjIyMjIyMjIyMidUQVgrNytWQVQrKys6OjoyMS4wMDAn" + + "QUxDK0ErKysxK1REJ1BDRCsxOjMwLjAwMCdNT0ErMjA0OjMuMDAnTElOKzIr" + + "KzIyMjIyMjIyMjIyMjI6RU4nUElBKzErQkJCQkJCQjpTQSdJTUQrRitNKzo6" + + "OlBST0RVQ1QgVEVTVCAyJ1FUWSs0NzoyMC4wMDAnTU9BKzY2OjgwLjAwJ1BS" + + "SStBQUI6NS4wMCdQUkkrQUFBOjQuMDAnUkZGK09OOjEyMzQ1NidSRkYrRFE6" + + "MjIyMjIyMjIyJ1RBWCs3K1ZBVCsrKzo6OjIxLjAwMCdBTEMrQSsrKzErVEQn" + + "UENEKzE6MjAuMDAwJ01PQSsyMDQ6MjAuMDAnVU5TK1MnQ05UKzI6MidNT0Er" + + "Nzk6ODcuMDAnTU9BKzEzOToxMDUuMjcnTU9BKzEyNTo4Ny4wMCdNT0ErMjYw" + + "OjAuMDAnTU9BKzI1OTowLjAwJ01PQSsxNzY6MTguMjcnVEFYKzcrVkFUKysr" + + "Ojo6MjEuMDAwJ01PQSsxNzY6MTguMjcnTU9BKzEyNTo4Ny4wMCc="); + + private static readonly byte[] shortPartialSig = Base64.Decode( + "sb8yyKk6HM1cJhICScMx7QRQunRyrZ1fbI42+T+TBGNjOknvzKuvG7aftGX7" + + "O/RXuYgk6LTxpXv7+O5noUhMBsR2PKaHveuylU1WSPmDxDCui3kp4frqVH0w" + + "8Vjpl5CsKqBsmKkbGCKE+smM0xFXhYxV8QUTB2XsWNCQiFiHPgwbpfWzZUNY" + + "QPWd0A99P64EuUIYz1tkkDnLFmwQ19/PJu1a8orIQInmkVYWSsBsZ/7Ks6lx" + + "nDHpAvgiRe+OXmJ/yuQy1O3FJYdyoqvjYRPBu3qYeBK9+9L3lExLilImH5aD" + + "nJznaXcO8QFOxVPbrF2s4GdPIMDonEyAHdrnzoghlg=="); + + [Test] + public void DoShortPartialTest() + { + byte[] recovered = Hex.Decode("5553482b312b534536383031353332393731392b322b312b362b322b312b313a3a393939393939393939393939393a3a392b323a3a373737373737373737373737373a3a392b2b353a32303133303430353a313133"); + BigInteger exp = new BigInteger("10001", 16); + BigInteger mod = new BigInteger("b9b70b083da9e37e23cde8e654855db31e21d2d3fc11a5f91d2b3c311efa8f5e28c757dd6fc798631cb1b9d051c14119749cb122ad76e8c3fd7bd93abe282c026a14fba9f8023977a7a0d8b49a24d1ad87e4379a931846a1ef9520ea57e28c998cf65722683d0caaa0da8306973e2496a25cbd3cb4adb4b284e25604fabf12f385456c75da7c3c4cde37440cfb7db8c8fe6851e2bc59767b9f7218540238ac8acef3bc7bd3dc6671320c2c1a2ac8a6799ce1eaf62b9683ab1e1341b37b9249dbd6cd987b2f27b5c4619a1eda7f0fb0b59a519afbbc3cee640261cec90a4bb8fefbc844082dca9f549e56943e758579a453a357e6ccb37fc46718a5b8c3227e5d", 16); + + AsymmetricKeyParameter pubKey = new RsaKeyParameters(false, mod, exp); + + Iso9796d2PssSigner pssSign = new Iso9796d2PssSigner(new RsaEngine(), new Sha1Digest(), 20); + + pssSign.Init(false, pubKey); + + pssSign.UpdateWithRecoveredMessage(shortPartialSig); + + byte[] recoveredMessage = pssSign.GetRecoveredMessage(); + pssSign.BlockUpdate(longMessage, recoveredMessage.Length, longMessage.Length - recoveredMessage.Length); + + if (!pssSign.VerifySignature(shortPartialSig)) + { + Fail("short partial PSS sig verification failed."); + } + + byte[] mm = pssSign.GetRecoveredMessage(); + + if (!Arrays.AreEqual(recovered, mm)) + { + Fail("short partial PSS recovery failed"); + } + } + + [Test] + public void DoFullMessageTest() + { + BigInteger modulus = new BigInteger(1, Hex.Decode("CDCBDABBF93BE8E8294E32B055256BBD0397735189BF75816341BB0D488D05D627991221DF7D59835C76A4BB4808ADEEB779E7794504E956ADC2A661B46904CDC71337DD29DDDD454124EF79CFDD7BC2C21952573CEFBA485CC38C6BD2428809B5A31A898A6B5648CAA4ED678D9743B589134B7187478996300EDBA16271A861")); + BigInteger pubExp = new BigInteger(1, Hex.Decode("010001")); + BigInteger privExp = new BigInteger(1, Hex.Decode("4BA6432AD42C74AA5AFCB6DF60FD57846CBC909489994ABD9C59FE439CC6D23D6DE2F3EA65B8335E796FD7904CA37C248367997257AFBD82B26F1A30525C447A236C65E6ADE43ECAAF7283584B2570FA07B340D9C9380D88EAACFFAEEFE7F472DBC9735C3FF3A3211E8A6BBFD94456B6A33C17A2C4EC18CE6335150548ED126D")); + RsaKeyParameters pubParams = new RsaKeyParameters(false, modulus, pubExp); + RsaKeyParameters privParams = new RsaKeyParameters(true, modulus, privExp); + + IAsymmetricBlockCipher rsaEngine = new RsaBlindedEngine(); + + // set challenge to all zero's for verification + byte[] challenge = new byte[8]; + + Iso9796d2PssSigner pssSign = new Iso9796d2PssSigner(new RsaEngine(), new Sha256Digest(), 20, true); + + pssSign.Init(true, privParams); + + pssSign.BlockUpdate(challenge, 0, challenge.Length); + + byte[] sig = pssSign.GenerateSignature(); + + pssSign.Init(false, pubParams); + + pssSign.UpdateWithRecoveredMessage(sig); + + if (!pssSign.VerifySignature(sig)) + { + Fail("challenge PSS sig verification failed."); + } + + byte[] mm = pssSign.GetRecoveredMessage(); + + if (!Arrays.AreEqual(challenge, mm)) + { + Fail("challenge partial PSS recovery failed"); + } + } + + public override void PerformTest() + { + DoTest1(); + DoTest2(); + DoTest3(); + DoTest4(); + DoTest5(); + DoTest6(); + DoTest7(); + DoTest8(); + DoTest9(); + DoTest10(); + DoTest11(); + DoTest12(); + DoTest13(); + DoShortPartialTest(); + DoFullMessageTest(); + } + + public static void Main( + string[] args) + { + RunTest(new ISO9796Test()); + } + } +} diff --git a/BouncyCastle/crypto/test/src/crypto/test/ISO9797Alg3MacTest.cs b/BouncyCastle/crypto/test/src/crypto/test/ISO9797Alg3MacTest.cs new file mode 100644 index 0000000..9d5d8b6 --- /dev/null +++ b/BouncyCastle/crypto/test/src/crypto/test/ISO9797Alg3MacTest.cs @@ -0,0 +1,99 @@ +using System; +using System.Text; + +using NUnit.Framework; + +using Org.BouncyCastle.Crypto; +using Org.BouncyCastle.Crypto.Engines; +using Org.BouncyCastle.Crypto.Macs; +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Utilities.Encoders; +using Org.BouncyCastle.Utilities.Test; + +namespace Org.BouncyCastle.Crypto.Tests +{ + [TestFixture] + public class ISO9797Alg3MacTest + : SimpleTest + { + static byte[] keyBytes = Hex.Decode("7CA110454A1A6E570131D9619DC1376E"); + static byte[] ivBytes = Hex.Decode("0000000000000000"); + + static byte[] input1 = Encoding.ASCII.GetBytes("Hello World !!!!"); + + static byte[] output1 = Hex.Decode("F09B856213BAB83B"); + + public ISO9797Alg3MacTest() + { + } + + public override void PerformTest() + { + KeyParameter key = new KeyParameter(keyBytes); + IBlockCipher cipher = new DesEngine(); + IMac mac = new ISO9797Alg3Mac(cipher); + + // + // standard DAC - zero IV + // + mac.Init(key); + + mac.BlockUpdate(input1, 0, input1.Length); + + byte[] outBytes = new byte[8]; + + mac.DoFinal(outBytes, 0); + + if (!AreEqual(outBytes, output1)) + { + Fail("Failed - expected " + Hex.ToHexString(output1) + " got " + Hex.ToHexString(outBytes)); + } + + // + // reset + // + mac.Reset(); + + mac.Init(key); + + for (int i = 0; i != input1.Length / 2; i++) + { + mac.Update(input1[i]); + } + + mac.BlockUpdate(input1, input1.Length / 2, input1.Length - (input1.Length / 2)); + + mac.DoFinal(outBytes, 0); + + if (!AreEqual(outBytes, output1)) + { + Fail("Reset failed - expected " + Hex.ToHexString(output1) + " got " + Hex.ToHexString(outBytes)); + } + } + + public override string Name + { + get + { + return "ISO9797Alg3Mac"; + } + } + + public static void Main( + string[] args) + { + ISO9797Alg3MacTest test = new ISO9797Alg3MacTest(); + ITestResult result = test.Perform(); + + Console.WriteLine(result); + } + + [Test] + public void TestFunction() + { + string resultText = Perform().ToString(); + + Assert.AreEqual(Name + ": Okay", resultText); + } + } +} diff --git a/BouncyCastle/crypto/test/src/crypto/test/KDF1GeneratorTest.cs b/BouncyCastle/crypto/test/src/crypto/test/KDF1GeneratorTest.cs new file mode 100644 index 0000000..89c8d54 --- /dev/null +++ b/BouncyCastle/crypto/test/src/crypto/test/KDF1GeneratorTest.cs @@ -0,0 +1,103 @@ +using System; + +using NUnit.Framework; + +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Crypto.Digests; +using Org.BouncyCastle.Crypto.Generators; +using Org.BouncyCastle.Utilities.Encoders; +using Org.BouncyCastle.Utilities.Test; + +namespace Org.BouncyCastle.Crypto.Tests +{ + /** + * KDF1 tests - vectors from ISO 18033. + */ + [TestFixture] + public class Kdf1GeneratorTest + : SimpleTest + { + private byte[] seed1 = Hex.Decode("d6e168c5f256a2dcff7ef12facd390f393c7a88d"); + private byte[] mask1 = Hex.Decode( + "0742ba966813af75536bb6149cc44fc256fd6406df79665bc31dc5" + + "a62f70535e52c53015b9d37d412ff3c1193439599e1b628774c50d9c" + + "cb78d82c425e4521ee47b8c36a4bcffe8b8112a89312fc04420a39de" + + "99223890e74ce10378bc515a212b97b8a6447ba6a8870278"); + + private byte[] seed2 = Hex.Decode( + "032e45326fa859a72ec235acff929b15d1372e30b207255f0611b8f785d7643741" + + "52e0ac009e509e7ba30cd2f1778e113b64e135cf4e2292c75efe5288edfda4"); + private byte[] mask2 = Hex.Decode( + "5f8de105b5e96b2e490ddecbd147dd1def7e3b8e0e6a26eb7b956ccb8b3bdc1ca9" + + "75bc57c3989e8fbad31a224655d800c46954840ff32052cdf0d640562bdfadfa263c" + + "fccf3c52b29f2af4a1869959bc77f854cf15bd7a25192985a842dbff8e13efee5b7e" + + "7e55bbe4d389647c686a9a9ab3fb889b2d7767d3837eea4e0a2f04"); + + private byte[] seed3; + private byte[] mask3= Hex.Decode( + "09e2decf2a6e1666c2f6071ff4298305e2643fd510a2403db42a8743cb989de86e" + + "668d168cbe604611ac179f819a3d18412e9eb45668f2923c087c12fee0c5a0d2a8aa" + + "70185401fbbd99379ec76c663e875a60b4aacb1319fa11c3365a8b79a44669f26fb5" + + "55c80391847b05eca1cb5cf8c2d531448d33fbaca19f6410ee1fcb"); + + public Kdf1GeneratorTest() + { + seed3 = seed2; + } + + public override void PerformTest() + { + checkMask(1, new Kdf1BytesGenerator(new ShortenedDigest(new Sha256Digest(), 20)), seed1, mask1); + checkMask(2, new Kdf1BytesGenerator(new Sha1Digest()), seed2, mask2); + checkMask(3, new Kdf1BytesGenerator(new ShortenedDigest(new Sha256Digest(), 20)), seed3, mask3); + + try + { + new Kdf1BytesGenerator(new Sha1Digest()).GenerateBytes(new byte[10], 0, 20); + + Fail("short input array not caught"); + } + catch (DataLengthException) + { + // expected + } + } + + private void checkMask( + int count, + IDerivationFunction kdf, + byte[] seed, + byte[] result) + { + byte[] data = new byte[result.Length]; + + kdf.Init(new Iso18033KdfParameters(seed)); + + kdf.GenerateBytes(data, 0, data.Length); + + if (!AreEqual(result, data)) + { + Fail("KDF1 failed generator test " + count); + } + } + + public override string Name + { + get { return "KDF1"; } + } + + public static void Main( + string[] args) + { + RunTest(new Kdf1GeneratorTest()); + } + + [Test] + public void TestFunction() + { + string resultText = Perform().ToString(); + + Assert.AreEqual(Name + ": Okay", resultText); + } + } +} diff --git a/BouncyCastle/crypto/test/src/crypto/test/KDF2GeneratorTest.cs b/BouncyCastle/crypto/test/src/crypto/test/KDF2GeneratorTest.cs new file mode 100644 index 0000000..e184e0b --- /dev/null +++ b/BouncyCastle/crypto/test/src/crypto/test/KDF2GeneratorTest.cs @@ -0,0 +1,115 @@ +using System; + +using NUnit.Framework; + +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Crypto.Digests; +using Org.BouncyCastle.Crypto.Generators; +using Org.BouncyCastle.Utilities.Encoders; +using Org.BouncyCastle.Utilities.Test; + +namespace Org.BouncyCastle.Crypto.Tests +{ + /** + * KDF2 tests - vectors from ISO 18033. + */ + [TestFixture] + public class Kdf2GeneratorTest + : SimpleTest + { + private static readonly byte[] seed1 = Hex.Decode("d6e168c5f256a2dcff7ef12facd390f393c7a88d"); + private static readonly byte[] mask1 = Hex.Decode( + "df79665bc31dc5a62f70535e52c53015b9d37d412ff3c119343959" + + "9e1b628774c50d9ccb78d82c425e4521ee47b8c36a4bcffe8b8112a8" + + "9312fc04420a39de99223890e74ce10378bc515a212b97b8a6447ba6" + + "a8870278f0262727ca041fa1aa9f7b5d1cf7f308232fe861"); + + private static readonly byte[] seed2 = Hex.Decode( + "032e45326fa859a72ec235acff929b15d1372e30b207255f0611b8f785d7643741" + + "52e0ac009e509e7ba30cd2f1778e113b64e135cf4e2292c75efe5288edfda4"); + private static readonly byte[] mask2 = Hex.Decode( + "10a2403db42a8743cb989de86e668d168cbe604611ac179f819a3d18412e9eb456" + + "68f2923c087c12fee0c5a0d2a8aa70185401fbbd99379ec76c663e875a60b4aacb13" + + "19fa11c3365a8b79a44669f26fb555c80391847b05eca1cb5cf8c2d531448d33fbac" + + "a19f6410ee1fcb260892670e0814c348664f6a7248aaf998a3acc6"); + private static readonly byte[] adjustedMask2 = Hex.Decode( + "10a2403db42a8743cb989de86e668d168cbe6046e23ff26f741e87949a3bba1311ac1" + + "79f819a3d18412e9eb45668f2923c087c1299005f8d5fd42ca257bc93e8fee0c5a0d2" + + "a8aa70185401fbbd99379ec76c663e9a29d0b70f3fe261a59cdc24875a60b4aacb131" + + "9fa11c3365a8b79a44669f26fba933d012db213d7e3b16349"); + + private static readonly byte[] sha1Mask = Hex.Decode( + "0e6a26eb7b956ccb8b3bdc1ca975bc57c3989e8fbad31a224655d800c46954840ff32" + + "052cdf0d640562bdfadfa263cfccf3c52b29f2af4a1869959bc77f854cf15bd7a2519" + + "2985a842dbff8e13efee5b7e7e55bbe4d389647c686a9a9ab3fb889b2d7767d3837ee" + + "a4e0a2f04b53ca8f50fb31225c1be2d0126c8c7a4753b0807"); + + private static readonly byte[] seed3 = Hex.Decode("CA7C0F8C3FFA87A96E1B74AC8E6AF594347BB40A"); + private static readonly byte[] mask3 = Hex.Decode("744AB703F5BC082E59185F6D049D2D367DB245C2"); + + private static readonly byte[] seed4 = Hex.Decode("0499B502FC8B5BAFB0F4047E731D1F9FD8CD0D8881"); + private static readonly byte[] mask4 = Hex.Decode("03C62280C894E103C680B13CD4B4AE740A5EF0C72547292F82DC6B1777F47D63BA9D1EA732DBF386"); + + public Kdf2GeneratorTest() + { + } + + public override void PerformTest() + { + checkMask(1, new Kdf2BytesGenerator(new ShortenedDigest(new Sha256Digest(), 20)), seed1, mask1); + checkMask(2, new Kdf2BytesGenerator(new ShortenedDigest(new Sha256Digest(), 20)), seed2, mask2); + checkMask(3, new Kdf2BytesGenerator(new Sha256Digest()), seed2, adjustedMask2); + checkMask(4, new Kdf2BytesGenerator(new Sha1Digest()), seed2, sha1Mask); + checkMask(5, new Kdf2BytesGenerator(new Sha1Digest()), seed3, mask3); + checkMask(6, new Kdf2BytesGenerator(new Sha1Digest()), seed4, mask4); + + try + { + new Kdf2BytesGenerator(new Sha1Digest()).GenerateBytes(new byte[10], 0, 20); + + Fail("short input array not caught"); + } + catch (DataLengthException) + { + // expected + } + } + + private void checkMask( + int count, + IDerivationFunction kdf, + byte[] seed, + byte[] result) + { + byte[] data = new byte[result.Length]; + + kdf.Init(new KdfParameters(seed, new byte[0])); + + kdf.GenerateBytes(data, 0, data.Length); + + if (!AreEqual(result, data)) + { + Fail("KDF2 failed generator test " + count); + } + } + + public override string Name + { + get { return "KDF2"; } + } + + public static void Main( + string[] args) + { + RunTest(new Kdf2GeneratorTest()); + } + + [Test] + public void TestFunction() + { + string resultText = Perform().ToString(); + + Assert.AreEqual(Name + ": Okay", resultText); + } + } +} \ No newline at end of file diff --git a/BouncyCastle/crypto/test/src/crypto/test/KMACTest.cs b/BouncyCastle/crypto/test/src/crypto/test/KMACTest.cs new file mode 100644 index 0000000..bf9c7d0 --- /dev/null +++ b/BouncyCastle/crypto/test/src/crypto/test/KMACTest.cs @@ -0,0 +1,266 @@ +using System; +using System.Text; + +using NUnit.Framework; + +using Org.BouncyCastle.Crypto.Macs; +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Utilities; +using Org.BouncyCastle.Utilities.Encoders; +using Org.BouncyCastle.Utilities.Test; + +namespace Org.BouncyCastle.Crypto.Tests +{ + [TestFixture] + public class KMacTest + : SimpleTest + { + public override string Name + { + get { return "KMAC"; } + } + + public override void PerformTest() + { + KMac kmac = new KMac(128, new byte[0] { }); + + Assert.AreEqual("KMAC128", kmac.AlgorithmName); + + kmac.Init(new KeyParameter(Hex.Decode( + "404142434445464748494A4B4C4D4E4F505152535455565758595A5B5C5D5E5F"))); + + kmac.BlockUpdate(Hex.Decode("00010203"), 0, 4); + + byte[] res = new byte[32]; + + kmac.DoFinal(res, 0, res.Length); + + Assert.IsTrue( Arrays.AreEqual(Hex.Decode("E5780B0D3EA6F7D3A429C5706AA43A00FADBD7D49628839E3187243F456EE14E"), res), "oops: " + Hex.ToHexString(res)); + + kmac = new KMac(128, Encoding.ASCII.GetBytes("My Tagged Application")); + + kmac.Init(new KeyParameter(Hex.Decode( + "404142434445464748494A4B4C4D4E4F505152535455565758595A5B5C5D5E5F"))); + + kmac.BlockUpdate(Hex.Decode("00010203"), 0, 4); + + res = new byte[32]; + + kmac.DoFinal(res, 0, res.Length); + + Assert.IsTrue( Arrays.AreEqual(Hex.Decode("3B1FBA963CD8B0B59E8C1A6D71888B7143651AF8BA0A7070C0979E2811324AA5"), res), "oops: " + Hex.ToHexString(res)); + + kmac = new KMac(128, Encoding.ASCII.GetBytes("My Tagged Application")); + + kmac.Init(new KeyParameter(Hex.Decode( + "404142434445464748494A4B4C4D4E4F505152535455565758595A5B5C5D5E5F"))); + + byte[] data = Hex.Decode( + "000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1" + + "F202122232425262728292A2B2C2D2E2F303132333435363738393A3B3C3D3" + + "E3F404142434445464748494A4B4C4D4E4F505152535455565758595A5B5C5" + + "D5E5F606162636465666768696A6B6C6D6E6F707172737475767778797A7B7" + + "C7D7E7F808182838485868788898A8B8C8D8E8F909192939495969798999A9" + + "B9C9D9E9FA0A1A2A3A4A5A6A7A8A9AAABACADAEAFB0B1B2B3B4B5B6B7B8B9B" + + "ABBBCBDBEBFC0C1C2C3C4C5C6C7"); + kmac.BlockUpdate(data, 0, data.Length); + + res = new byte[32]; + + kmac.DoFinal(res, 0, res.Length); + + Assert.IsTrue(Arrays.AreEqual(Hex.Decode("1F5B4E6CCA02209E0DCB5CA635B89A15E271ECC760071DFD805FAA38F9729230"), res), "oops:" + Hex.ToHexString(res)); + + kmac = new KMac(256, Encoding.ASCII.GetBytes("My Tagged Application")); + + Assert.AreEqual("KMAC256", kmac.AlgorithmName); + + kmac.Init(new KeyParameter(Hex.Decode("404142434445464748494A4B4C4D4E4F505152535455565758595A5B5C5D5E5F"))); + + data = Hex.Decode("00 01 02 03"); + kmac.BlockUpdate(data, 0, data.Length); + + res = new byte[64]; + + kmac.DoFinal(res, 0, res.Length); + + Assert.IsTrue(Arrays.AreEqual(Hex.Decode("20C570C31346F703C9AC36C61C03CB64C3970D0CFC787E9B79599D273A68D2F7F69D4CC3DE9D104A351689F27CF6F5951F0103F33F4F24871024D9C27773A8DD"), res), "oops:" + Hex.ToHexString(res)); + + kmac = new KMac(256, new byte[] { }); + + kmac.Init(new KeyParameter(Hex.Decode( + "404142434445464748494A4B4C4D4E4F505152535455565758595A5B5C5D5E5F"))); + + data = Hex.Decode( + "000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1" + + "F202122232425262728292A2B2C2D2E2F303132333435363738393A3B3C3D3" + + "E3F404142434445464748494A4B4C4D4E4F505152535455565758595A5B5C5" + + "D5E5F606162636465666768696A6B6C6D6E6F707172737475767778797A7B7" + + "C7D7E7F808182838485868788898A8B8C8D8E8F909192939495969798999A9" + + "B9C9D9E9FA0A1A2A3A4A5A6A7A8A9AAABACADAEAFB0B1B2B3B4B5B6B7B8B9B" + + "ABBBCBDBEBFC0C1C2C3C4C5C6C7"); + kmac.BlockUpdate(data, 0, data.Length); + + res = new byte[64]; + + kmac.DoFinal(res, 0, res.Length); + + Assert.IsTrue(Arrays.AreEqual(Hex.Decode("75358CF39E41494E949707927CEE0AF20A3FF553904C86B08F21CC414BCFD691589D27CF5E15369CBBFF8B9A4C2EB17800855D0235FF635DA82533EC6B759B69"), res), "oops:" + Hex.ToHexString(res)); + + kmac = new KMac(256, Encoding.ASCII.GetBytes("My Tagged Application")); + + kmac.Init(new KeyParameter(Hex.Decode( + "404142434445464748494A4B4C4D4E4F505152535455565758595A5B5C5D5E5F"))); + + data = Hex.Decode( + "000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1" + + "F202122232425262728292A2B2C2D2E2F303132333435363738393A3B3C3D3" + + "E3F404142434445464748494A4B4C4D4E4F505152535455565758595A5B5C5" + + "D5E5F606162636465666768696A6B6C6D6E6F707172737475767778797A7B7" + + "C7D7E7F808182838485868788898A8B8C8D8E8F909192939495969798999A9" + + "B9C9D9E9FA0A1A2A3A4A5A6A7A8A9AAABACADAEAFB0B1B2B3B4B5B6B7B8B9B" + + "ABBBCBDBEBFC0C1C2C3C4C5C6C7"); + kmac.BlockUpdate(data, 0, data.Length); + + res = new byte[64]; + + kmac.DoFinal(res, 0, res.Length); + + Assert.IsTrue(Arrays.AreEqual(Hex.Decode("B58618F71F92E1D56C1B8C55DDD7CD188B97B4CA4D99831EB2699A837DA2E4D970FBACFDE50033AEA585F1A2708510C32D07880801BD182898FE476876FC8965"), res), "oops:" + Hex.ToHexString(res)); + + doFinalTest(); + longBlockTest(); + paddingCheckTest(); + + checkKMAC(128, new KMac(128, new byte[0]), Hex.Decode("eeaabeef")); + checkKMAC(256, new KMac(256, null), Hex.Decode("eeaabeef")); + checkKMAC(128, new KMac(128, new byte[0]), Hex.Decode("eeaabeef")); + checkKMAC(128, new KMac(128, null), Hex.Decode("eeaabeef")); + checkKMAC(256, new KMac(256, null), Hex.Decode("eeaabeef")); + + } + + private void doFinalTest() + { + KMac kmac = new KMac(128, Encoding.ASCII.GetBytes("My Tagged Application")); + + kmac.Init(new KeyParameter(Hex.Decode( + "404142434445464748494A4B4C4D4E4F505152535455565758595A5B5C5D5E5F"))); + + kmac.BlockUpdate(Hex.Decode("00010203"), 0, 4); + + byte[] res = new byte[32]; + + kmac.DoOutput(res, 0, res.Length); + + Assert.IsTrue(Arrays.AreEqual(Hex.Decode("31a44527b4ed9f5c6101d11de6d26f0620aa5c341def41299657fe9df1a3b16c"), res), Hex.ToHexString(res)); + + kmac.DoOutput(res, 0, res.Length); + + Assert.IsTrue(!Arrays.AreEqual(Hex.Decode("31a44527b4ed9f5c6101d11de6d26f0620aa5c341def41299657fe9df1a3b16c"), res)); + + kmac.DoFinal(res, 0, res.Length); + + kmac.BlockUpdate(Hex.Decode("00010203"), 0, 4); + + kmac.DoFinal(res, 0, res.Length); + + Assert.IsTrue(Arrays.AreEqual(Hex.Decode("3B1FBA963CD8B0B59E8C1A6D71888B7143651AF8BA0A7070C0979E2811324AA5"), res)); + + kmac.BlockUpdate(Hex.Decode("00010203"), 0, 4); + + kmac.DoOutput(res, 0, res.Length); + + Assert.IsTrue(Arrays.AreEqual(Hex.Decode("31a44527b4ed9f5c6101d11de6d26f0620aa5c341def41299657fe9df1a3b16c"), res)); + + kmac.DoFinal(res, 0, res.Length); + + Assert.IsTrue(Arrays.AreEqual(Hex.Decode("ffcb48c7620ccd67d1c83224186892cef2f2a99278d5cfdde10e48bdc89718c2"), res), Hex.ToHexString(res)); + } + + private void longBlockTest() + { + byte[] data = new byte[16000]; + byte[] res = new byte[64]; + + for (int i = 0; i != data.Length; i++) + { + data[i] = (byte)i; + } + + for (int i = 10000; i != data.Length; i++) + { + KMac kmac_ = new KMac(128, Arrays.CopyOfRange(data, 0, i)); + + kmac_.Init(new KeyParameter(new byte[0])); + + kmac_.BlockUpdate(Hex.Decode("00010203"), 0, 4); + + kmac_.DoFinal(res, 0); + } + + KMac kmac = new KMac(256, new byte[200]); + + kmac.Init(new KeyParameter(new byte[0])); + + kmac.BlockUpdate(Arrays.CopyOfRange(data, 0, 200), 0, 200); + + kmac.DoFinal(res, 0); + + Assert.IsTrue(Arrays.AreEqual(Hex.Decode("f9476d9b3e42bf23307af5ccb5287fd6f033b23c400566a2ebc5829bd119aa545cd9b6bde76ef61cd31c3c0f0aaf0945f44481e863b19e9c26fb46c8b2a8a9bb"), res), Hex.ToHexString(res)); + } + + private void paddingCheckTest() + { + byte[] data = Hex.Decode("01880204187B3E43EDA8D51EC181D37DDE5B17ECCDD8BE84C268DC6C9500700857"); + byte[] out_ = new byte[32]; + + KMac k128 = new KMac(128, new byte[0]); + k128.Init(new KeyParameter(new byte[163])); + k128.BlockUpdate(data, 0, data.Length); + k128.DoOutput(out_, 0, out_.Length); + + Assert.IsTrue( Arrays.AreEqual(out_, Hex.Decode("6e6ab56468c7445f81c679f89f45c90a95a9c01afbaab5f7065b7e2e96f7d2bb")),"128 failed"); + + KMac k256 = new KMac(256, new byte[0]); + k256.Init(new KeyParameter(new byte[131])); + k256.BlockUpdate(data, 0, data.Length); + k256.DoOutput(out_, 0, out_.Length); + + Assert.IsTrue(Arrays.AreEqual(out_, Hex.Decode("f6302d4f854b4872e811b37993b6bfe027258089b6a9fbb26a755b1ebfc0d830")), "256 failed"); + } + + private void checkKMAC(int bitSize, KMac kmac, byte[] msg) + { + KMac ref_ = new KMac(bitSize, null); + + ref_.Init(new KeyParameter(new byte[0])); + kmac.Init(new KeyParameter(new byte[0])); + + ref_.BlockUpdate(msg, 0, msg.Length); + kmac.BlockUpdate(msg, 0, msg.Length); + + byte[] res1 = new byte[32]; + byte[] res2 = new byte[32]; + + ref_.DoFinal(res1, 0, res1.Length); + kmac.DoFinal(res2, 0, res2.Length); + + Assert.IsTrue(Arrays.AreEqual(res1, res2)); + } + + public static void Main( + string[] args) + { + RunTest(new KMacTest()); + } + + [Test] + public void TestFunction() + { + string resultText = Perform().ToString(); + + Assert.AreEqual(Name + ": Okay", resultText); + } + } +} diff --git a/BouncyCastle/crypto/test/src/crypto/test/KeccakDigestTest.cs b/BouncyCastle/crypto/test/src/crypto/test/KeccakDigestTest.cs new file mode 100644 index 0000000..961a5d2 --- /dev/null +++ b/BouncyCastle/crypto/test/src/crypto/test/KeccakDigestTest.cs @@ -0,0 +1,374 @@ +using System; + +using NUnit.Framework; + +using Org.BouncyCastle.Crypto; +using Org.BouncyCastle.Crypto.Digests; +using Org.BouncyCastle.Crypto.Macs; +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Utilities; +using Org.BouncyCastle.Utilities.Encoders; +using Org.BouncyCastle.Utilities.Test; + +namespace Org.BouncyCastle.Crypto.Tests +{ + /** + * Keccak Digest Test + */ + [TestFixture] + public class KeccakDigestTest + : SimpleTest + { + readonly static string[] messages = { + "", + "54686520717569636b2062726f776e20666f78206a756d7073206f76657220746865206c617a7920646f67", + "54686520717569636b2062726f776e20666f78206a756d7073206f76657220746865206c617a7920646f672e" + }; + + readonly static string[] digests288 = { // the default settings + "6753e3380c09e385d0339eb6b050a68f66cfd60a73476e6fd6adeb72f5edd7c6f04a5d01", // message[0] + "0bbe6afae0d7e89054085c1cc47b1689772c89a41796891e197d1ca1b76f288154933ded", // message[1] + "82558a209b960ddeb531e6dcb281885b2400ca160472462486e79f071e88a3330a8a303d", // message[2] + "94049e1ad7ef5d5b0df2b880489e7ab09ec937c3bfc1b04470e503e1ac7b1133c18f86da", // 64k a-test + "a9cb5a75b5b81b7528301e72553ed6770214fa963956e790528afe420de33c074e6f4220", // random alphabet test + "eadaf5ba2ad6a2f6f338fce0e1efdad2a61bb38f6be6068b01093977acf99e97a5d5827c" // extremely long data test + }; + + readonly static string[] digests224 = { + "f71837502ba8e10837bdd8d365adb85591895602fc552b48b7390abd", + "310aee6b30c47350576ac2873fa89fd190cdc488442f3ef654cf23fe", + "c59d4eaeac728671c635ff645014e2afa935bebffdb5fbd207ffdeab", + "f621e11c142fbf35fa8c22841c3a812ba1e0151be4f38d80b9f1ff53", + "68b5fc8c87193155bba68a2485377e809ee4f81a85ef023b9e64add0", + "c42e4aee858e1a8ad2976896b9d23dd187f64436ee15969afdbc68c5" + }; + + readonly static string[] digests256 = { + "c5d2460186f7233c927e7db2dcc703c0e500b653ca82273b7bfad8045d85a470", + "4d741b6f1eb29cb2a9b9911c82f56fa8d73b04959d3d9d222895df6c0b28aa15", + "578951e24efd62a3d63a86f7cd19aaa53c898fe287d2552133220370240b572d", + "0047a916daa1f92130d870b542e22d3108444f5a7e4429f05762fb647e6ed9ed", + "db368762253ede6d4f1db87e0b799b96e554eae005747a2ea687456ca8bcbd03", + "5f313c39963dcf792b5470d4ade9f3a356a3e4021748690a958372e2b06f82a4" + }; + + readonly static string[] digests384 = { + "2c23146a63a29acf99e73b88f8c24eaa7dc60aa771780ccc006afbfa8fe2479b2dd2b21362337441ac12b515911957ff", + "283990fa9d5fb731d786c5bbee94ea4db4910f18c62c03d173fc0a5e494422e8a0b3da7574dae7fa0baf005e504063b3", + "9ad8e17325408eddb6edee6147f13856ad819bb7532668b605a24a2d958f88bd5c169e56dc4b2f89ffd325f6006d820b", + "c704cfe7a1a53208ca9526cd24251e0acdc252ecd978eee05acd16425cfb404ea81f5a9e2e5e97784d63ee6a0618a398", + "d4fe8586fd8f858dd2e4dee0bafc19b4c12b4e2a856054abc4b14927354931675cdcaf942267f204ea706c19f7beefc4", + "9b7168b4494a80a86408e6b9dc4e5a1837c85dd8ff452ed410f2832959c08c8c0d040a892eb9a755776372d4a8732315" + }; + + readonly static string[] digests512 = { + "0eab42de4c3ceb9235fc91acffe746b29c29a8c366b7c60e4e67c466f36a4304c00fa9caf9d87976ba469bcbe06713b435f091ef2769fb160cdab33d3670680e", + "d135bb84d0439dbac432247ee573a23ea7d3c9deb2a968eb31d47c4fb45f1ef4422d6c531b5b9bd6f449ebcc449ea94d0a8f05f62130fda612da53c79659f609", + "ab7192d2b11f51c7dd744e7b3441febf397ca07bf812cceae122ca4ded6387889064f8db9230f173f6d1ab6e24b6e50f065b039f799f5592360a6558eb52d760", + "34341ead153aa1d1fdcf6cf624c2b4f6894b6fd16dc38bd4ec971ac0385ad54fafcb2e0ed86a1e509456f4246fdcb02c3172824cd649d9ad54c51f7fb49ea67c", + "dc44d4f4d36b07ab5fc04016cbe53548e5a7778671c58a43cb379fd00c06719b8073141fc22191ffc3db5f8b8983ae8341fa37f18c1c969664393aa5ceade64e", + "3e122edaf37398231cfaca4c7c216c9d66d5b899ec1d7ac617c40c7261906a45fc01617a021e5da3bd8d4182695b5cb785a28237cbb167590e34718e56d8aab8" + }; + + // test vectors from http://www.di-mgt.com.au/hmac_sha3_testvectors.html + readonly static byte[][] macKeys = + { + Hex.Decode("0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b"), + Hex.Decode("4a656665"), + Hex.Decode("aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"), + Hex.Decode("0102030405060708090a0b0c0d0e0f10111213141516171819"), + Hex.Decode("aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" + + "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" + + "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" + + "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" + + "aaaaaa"), + Hex.Decode("aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" + + "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" + + "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" + + "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" + + "aaaaaa"), + Hex.Decode("aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" + + "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" + + "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" + + "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" + + "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa") + }; + + readonly static string[] macData = + { + "4869205468657265", + "7768617420646f2079612077616e7420666f72206e6f7468696e673f", + "dddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddd" + + "dddddddddddddddddddddddddddddddddddd", + "cdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcd" + + "cdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcd", + "54657374205573696e67204c6172676572205468616e20426c6f636b2d53697a" + + "65204b6579202d2048617368204b6579204669727374", + "5468697320697320612074657374207573696e672061206c6172676572207468" + + "616e20626c6f636b2d73697a65206b657920616e642061206c61726765722074" + + "68616e20626c6f636b2d73697a6520646174612e20546865206b6579206e6565" + + "647320746f20626520686173686564206265666f7265206265696e6720757365" + + "642062792074686520484d414320616c676f726974686d2e", + "5468697320697320612074657374207573696e672061206c6172676572207468" + + "616e20626c6f636b2d73697a65206b657920616e642061206c61726765722074" + + "68616e20626c6f636b2d73697a6520646174612e20546865206b6579206e6565" + + "647320746f20626520686173686564206265666f7265206265696e6720757365\n" + + "642062792074686520484d414320616c676f726974686d2e" + }; + + readonly static string[] mac224 = + { + "b73d595a2ba9af815e9f2b4e53e78581ebd34a80b3bbaac4e702c4cc", + "e824fec96c074f22f99235bb942da1982664ab692ca8501053cbd414", + "770df38c99d6e2bacd68056dcfe07d4c89ae20b2686a6185e1faa449", + "305a8f2dfb94bad28861a03cbc4d590febe775c58cb4961c28428a0b", + "e7a52dfa45f95a217c100066b239aa8ad519be9b35d667268b1b57ff", + "ba13009405a929f398b348885caa5419191bb948ada32194afc84104", + "92649468be236c3c72c189909c063b13f994be05749dc91310db639e" + }; + + readonly static string[] mac256 = + { + "9663d10c73ee294054dc9faf95647cb99731d12210ff7075fb3d3395abfb9821", + "aa9aed448c7abc8b5e326ffa6a01cdedf7b4b831881468c044ba8dd4566369a1", + "95f43e50f8df80a21977d51a8db3ba572dcd71db24687e6f86f47c1139b26260", + "6331ba9b4af5804a68725b3663eb74814494b63c6093e35fb320a85d507936fd", + "b4d0cdee7ec2ba81a88b86918958312300a15622377929a054a9ce3ae1fac2b6", + "1fdc8cb4e27d07c10d897dec39c217792a6e64fa9c63a77ce42ad106ef284e02", + "fdaa10a0299aecff9bb411cf2d7748a4022e4a26be3fb5b11b33d8c2b7ef5484" + }; + + readonly static string[] mac384 = + { + "892dfdf5d51e4679bf320cd16d4c9dc6f749744608e003add7fba894acff87361efa4e5799be06b6461f43b60ae97048", + "5af5c9a77a23a6a93d80649e562ab77f4f3552e3c5caffd93bdf8b3cfc6920e3023fc26775d9df1f3c94613146ad2c9d", + "4243c29f2201992ff96441e3b91ff81d8c601d706fbc83252684a4bc51101ca9b2c06ddd03677303c502ac5331752a3c", + "b730724d3d4090cda1be799f63acbbe389fef7792fc18676fa5453aab398664650ed029c3498bbe8056f06c658e1e693", + "d62482ef601d7847439b55236e9679388ffcd53c62cd126f39be6ea63de762e26cd5974cb9a8de401b786b5555040f6f", + "4860ea191ac34994cf88957afe5a836ef36e4cc1a66d75bf77defb7576122d75f60660e4cf731c6effac06402787e2b9", + "fe9357e3cfa538eb0373a2ce8f1e26ad6590afdaf266f1300522e8896d27e73f654d0631c8fa598d4bb82af6b744f4f5" + }; + + readonly static string[] mac512 = + { + "8852c63be8cfc21541a4ee5e5a9a852fc2f7a9adec2ff3a13718ab4ed81aaea0b87b7eb397323548e261a64e7fc75198f6663a11b22cd957f7c8ec858a1c7755", + "c2962e5bbe1238007852f79d814dbbecd4682e6f097d37a363587c03bfa2eb0859d8d9c701e04cececfd3dd7bfd438f20b8b648e01bf8c11d26824b96cebbdcb", + "eb0ed9580e0ec11fc66cbb646b1be904eaff6da4556d9334f65ee4b2c85739157bae9027c51505e49d1bb81cfa55e6822db55262d5a252c088a29a5e95b84a66", + "b46193bb59f4f696bf702597616da91e2a4558a593f4b015e69141ba81e1e50ea580834c2b87f87baa25a3a03bfc9bb389847f2dc820beae69d30c4bb75369cb", + "d05888a6ebf8460423ea7bc85ea4ffda847b32df32291d2ce115fd187707325c7ce4f71880d91008084ce24a38795d20e6a28328a0f0712dc38253370da3ebb5", + "2c6b9748d35c4c8db0b4407dd2ed2381f133bdbd1dfaa69e30051eb6badfcca64299b88ae05fdbd3dd3dd7fe627e42e39e48b0fe8c7f1e85f2dbd52c2d753572", + "6adc502f14e27812402fc81a807b28bf8a53c87bea7a1df6256bf66f5de1a4cb741407ad15ab8abc136846057f881969fbb159c321c904bfb557b77afb7778c8" + }; + + readonly static KeyParameter truncKey = new KeyParameter(Hex.Decode("0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c")); + readonly static byte[] truncData = Hex.Decode("546573742057697468205472756e636174696f6e"); + + readonly static byte[] trunc224 = Hex.Decode("f52bbcfd654264e7133085c5e69b72c3"); + readonly static byte[] trunc256 = Hex.Decode("745e7e687f8335280d54202ef13cecc6"); + readonly static byte[] trunc384 = Hex.Decode("fa9aea2bc1e181e47cbb8c3df243814d"); + readonly static byte[] trunc512 = Hex.Decode("04c929fead434bba190dacfa554ce3f5"); + + readonly static byte[] xtremeData = Hex.Decode("61626364656667686263646566676869636465666768696a6465666768696a6b65666768696a6b6c666768696a6b6c6d6768696a6b6c6d6e68696a6b6c6d6e6f"); + + public override string Name + { + get { return "Keccak"; } + } + + private void TestDigest(IDigest digest, string[] expected) + { + byte[] hash = new byte[digest.GetDigestSize()]; + + for (int i = 0; i != messages.Length; i++) + { + if (messages.Length != 0) + { + byte[] data = Hex.Decode(messages[i]); + + digest.BlockUpdate(data, 0, data.Length); + } + + digest.DoFinal(hash, 0); + + if (!Arrays.AreEqual(Hex.Decode(expected[i]), hash)) + { + Fail("Keccak mismatch on " + digest.AlgorithmName + " index " + i); + } + } + + byte[] k64 = new byte[1024 * 64]; + + for (int i = 0; i != k64.Length; i++) + { + k64[i] = (byte)'a'; + } + + digest.BlockUpdate(k64, 0, k64.Length); + + digest.DoFinal(hash, 0); + + if (!Arrays.AreEqual(Hex.Decode(expected[messages.Length]), hash)) + { + Fail("Keccak mismatch on " + digest.AlgorithmName + " 64k a"); + } + + for (int i = 0; i != k64.Length; i++) + { + digest.Update((byte)'a'); + } + + digest.DoFinal(hash, 0); + + if (!Arrays.AreEqual(Hex.Decode(expected[messages.Length]), hash)) + { + Fail("Keccak mismatch on " + digest.AlgorithmName + " 64k a single"); + } + + + for (int i = 0; i != k64.Length; i++) + { + k64[i] = (byte)('a' + (i % 26)); + } + + digest.BlockUpdate(k64, 0, k64.Length); + + digest.DoFinal(hash, 0); + + if (!Arrays.AreEqual(Hex.Decode(expected[messages.Length + 1]), hash)) + { + Fail("Keccak mismatch on " + digest.AlgorithmName + " 64k alpha"); + } + + for (int i = 0; i != 64; i++) + { + digest.Update(k64[i * 1024]); + digest.BlockUpdate(k64, i * 1024 + 1, 1023); + } + + digest.DoFinal(hash, 0); + + if (!Arrays.AreEqual(Hex.Decode(expected[messages.Length + 1]), hash)) + { + Fail("Keccak mismatch on " + digest.AlgorithmName + " 64k chunked alpha"); + } + + TestDigestDoFinal(digest); + + // + // extremely long data test + // + //Console.WriteLine("Starting very long"); + //for (int i = 0; i != 16384; i++) + //{ + // for (int j = 0; j != 1024; j++) + // { + // digest.BlockUpdate(xtremeData, 0, xtremeData.Length); + // } + //} + + //digest.DoFinal(hash, 0); + + //if (!Arrays.AreEqual(Hex.Decode(expected[messages.Length + 2]), hash)) + //{ + // Fail("Keccak mismatch on " + digest.AlgorithmName + " extreme data test"); + //} + //Console.WriteLine("Done"); + } + + private void TestDigestDoFinal(IDigest digest) + { + byte[] hash = new byte[digest.GetDigestSize()]; + digest.DoFinal(hash, 0); + + for (int i = 0; i <= digest.GetDigestSize(); ++i) + { + byte[] cmp = new byte[2 * digest.GetDigestSize()]; + Array.Copy(hash, 0, cmp, i, hash.Length); + + byte[] buf = new byte[2 * digest.GetDigestSize()]; + digest.DoFinal(buf, i); + + if (!Arrays.AreEqual(cmp, buf)) + { + Fail("Keccak offset DoFinal on " + digest.AlgorithmName); + } + } + } + + private void TestMac(IDigest digest, byte[][] keys, String[] data, String[] expected, byte[] truncExpected) + { + IMac mac = new HMac(digest); + + for (int i = 0; i != keys.Length; i++) + { + mac.Init(new KeyParameter(keys[i])); + + byte[] mData = Hex.Decode(data[i]); + + mac.BlockUpdate(mData, 0, mData.Length); + + byte[] macV = new byte[mac.GetMacSize()]; + + mac.DoFinal(macV, 0); + + if (!Arrays.AreEqual(Hex.Decode(expected[i]), macV)) + { + Fail("Keccak HMAC mismatch on " + digest.AlgorithmName); + } + } + + { + mac = new HMac(digest); + + mac.Init(truncKey); + + mac.BlockUpdate(truncData, 0, truncData.Length); + + byte[] macV = new byte[mac.GetMacSize()]; + + mac.DoFinal(macV, 0); + + for (int i = 0; i != truncExpected.Length; i++) + { + if (macV[i] != truncExpected[i]) + { + Fail("mismatch on truncated HMAC for " + digest.AlgorithmName); + } + } + } + } + + public override void PerformTest() + { + TestDigest(new KeccakDigest(), digests288); + TestDigest(new KeccakDigest(224), digests224); + TestDigest(new KeccakDigest(256), digests256); + TestDigest(new KeccakDigest(384), digests384); + TestDigest(new KeccakDigest(512), digests512); + + TestMac(new KeccakDigest(224), macKeys, macData, mac224, trunc224); + TestMac(new KeccakDigest(256), macKeys, macData, mac256, trunc256); + TestMac(new KeccakDigest(384), macKeys, macData, mac384, trunc384); + TestMac(new KeccakDigest(512), macKeys, macData, mac512, trunc512); + } + + protected virtual IDigest CloneDigest(IDigest digest) + { + return new KeccakDigest((KeccakDigest)digest); + } + + public static void Main( + string[] args) + { + RunTest(new KeccakDigestTest()); + } + + [Test] + public void TestFunction() + { + string resultText = Perform().ToString(); + + Assert.AreEqual(Name + ": Okay", resultText); + } + } +} diff --git a/BouncyCastle/crypto/test/src/crypto/test/MD2DigestTest.cs b/BouncyCastle/crypto/test/src/crypto/test/MD2DigestTest.cs new file mode 100644 index 0000000..4f4da51 --- /dev/null +++ b/BouncyCastle/crypto/test/src/crypto/test/MD2DigestTest.cs @@ -0,0 +1,67 @@ +using System; + +using NUnit.Framework; + +using Org.BouncyCastle.Crypto; +using Org.BouncyCastle.Crypto.Digests; +using Org.BouncyCastle.Utilities.Encoders; +using Org.BouncyCastle.Utilities.Test; + +namespace Org.BouncyCastle.Crypto.Tests +{ + /** + * standard vector test for MD2 + * from RFC1319 by B.Kaliski of RSA Laboratories April 1992 + * + */ + [TestFixture] + public class MD2DigestTest + : DigestTest + { + static string[] messages = + { + "", + "a", + "abc", + "message digest", + "abcdefghijklmnopqrstuvwxyz", + "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789", + "12345678901234567890123456789012345678901234567890123456789012345678901234567890" + }; + + static string[] digests = + { + "8350e5a3e24c153df2275c9f80692773", + "32ec01ec4a6dac72c0ab96fb34c0b5d1", + "da853b0d3f88d99b30283a69e6ded6bb", + "ab4f496bfb2a530b219ff33031fe06b0", + "4e8ddff3650292ab5a4108c3aa47940b", + "da33def2a42df13975352846c30338cd", + "d5976f79d83d3a0dc9806c3c66f3efd8" + }; + + public MD2DigestTest() + : base(new MD2Digest(), messages, digests) + { + } + + protected override IDigest CloneDigest(IDigest digest) + { + return new MD2Digest((MD2Digest)digest); + } + + public static void Main( + string[] args) + { + RunTest(new MD2DigestTest()); + } + + [Test] + public void TestFunction() + { + string resultText = Perform().ToString(); + + Assert.AreEqual(Name + ": Okay", resultText); + } + } +} diff --git a/BouncyCastle/crypto/test/src/crypto/test/MD4DigestTest.cs b/BouncyCastle/crypto/test/src/crypto/test/MD4DigestTest.cs new file mode 100644 index 0000000..4fd4e09 --- /dev/null +++ b/BouncyCastle/crypto/test/src/crypto/test/MD4DigestTest.cs @@ -0,0 +1,59 @@ +using System; + +using NUnit.Framework; + +using Org.BouncyCastle.Crypto; +using Org.BouncyCastle.Crypto.Digests; +using Org.BouncyCastle.Utilities.Encoders; +using Org.BouncyCastle.Utilities.Test; + +namespace Org.BouncyCastle.Crypto.Tests +{ + /** + * standard vector test for MD4 from RFC 1320. + */ + [TestFixture] + public class MD4DigestTest + : DigestTest + { + static private string[] messages = + { + "", + "a", + "abc", + "12345678901234567890123456789012345678901234567890123456789012345678901234567890" + }; + + static private string[] digests = + { + "31d6cfe0d16ae931b73c59d7e0c089c0", + "bde52cb31de33e46245e05fbdbd6fb24", + "a448017aaf21d8525fc10ae87aa6729d", + "e33b4ddc9c38f2199c3e7b164fcc0536" + }; + + public MD4DigestTest() + : base(new MD4Digest(), messages, digests) + { + } + + protected override IDigest CloneDigest(IDigest digest) + { + return new MD4Digest((MD4Digest)digest); + } + + public static void Main( + string[] args) + { + RunTest(new MD4DigestTest()); + } + + [Test] + public void TestFunction() + { + string resultText = Perform().ToString(); + + Assert.AreEqual(Name + ": Okay", resultText); + } + } +} diff --git a/BouncyCastle/crypto/test/src/crypto/test/MD5DigestTest.cs b/BouncyCastle/crypto/test/src/crypto/test/MD5DigestTest.cs new file mode 100644 index 0000000..cc91416 --- /dev/null +++ b/BouncyCastle/crypto/test/src/crypto/test/MD5DigestTest.cs @@ -0,0 +1,59 @@ +using System; + +using NUnit.Framework; + +using Org.BouncyCastle.Crypto; +using Org.BouncyCastle.Crypto.Digests; +using Org.BouncyCastle.Utilities.Encoders; +using Org.BouncyCastle.Utilities.Test; + +namespace Org.BouncyCastle.Crypto.Tests +{ + /** + * standard vector test for MD5 from "Handbook of Applied Cryptography", page 345. + */ + [TestFixture] + public class MD5DigestTest + : DigestTest + { + static string[] messages = + { + "", + "a", + "abc", + "abcdefghijklmnopqrstuvwxyz" + }; + + static string[] digests = + { + "d41d8cd98f00b204e9800998ecf8427e", + "0cc175b9c0f1b6a831c399e269772661", + "900150983cd24fb0d6963f7d28e17f72", + "c3fcd3d76192e4007dfb496cca67e13b" + }; + + public MD5DigestTest() + : base(new MD5Digest(), messages, digests) + { + } + + protected override IDigest CloneDigest(IDigest digest) + { + return new MD5Digest((MD5Digest)digest); + } + + public static void Main( + string[] args) + { + RunTest(new MD5DigestTest()); + } + + [Test] + public void TestFunction() + { + string resultText = Perform().ToString(); + + Assert.AreEqual(Name + ": Okay", resultText); + } + } +} diff --git a/BouncyCastle/crypto/test/src/crypto/test/MD5HMacTest.cs b/BouncyCastle/crypto/test/src/crypto/test/MD5HMacTest.cs new file mode 100644 index 0000000..101b8be --- /dev/null +++ b/BouncyCastle/crypto/test/src/crypto/test/MD5HMacTest.cs @@ -0,0 +1,91 @@ +using System; +using System.Text; + +using NUnit.Framework; + +using Org.BouncyCastle.Crypto; +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Crypto.Digests; +using Org.BouncyCastle.Crypto.Macs; +using Org.BouncyCastle.Utilities; +using Org.BouncyCastle.Utilities.Encoders; +using Org.BouncyCastle.Utilities.Test; + +namespace Org.BouncyCastle.Crypto.Tests +{ + /// MD5 HMac Test, test vectors from RFC 2202 + [TestFixture] + public class MD5HMacTest + : ITest + { + public string Name + { + get { return "MD5HMac"; } + } + + internal static readonly string[] keys = new string[]{"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b", "4a656665", "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", "0102030405060708090a0b0c0d0e0f10111213141516171819", "0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c", "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"}; + internal static readonly string[] digests = new string[]{"9294727a3638bb1c13f48ef8158bfc9d", "750c783e6ab0b503eaa86e310a5db738", "56be34521d144c88dbb8c733f0e8b3f6", "697eaf0aca3a3aea3a75164746ffaa79", "56461ef2342edc00f9bab995690efd4c", "6b1ab7fe4bd7bf8f0b62e6ce61b9d0cd", "6f630fad67cda0ee1fb1f562db3aa53e"}; + internal static readonly string[] messages = new string[]{"Hi There", "what do ya want for nothing?", "0xdddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddd", "0xcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcd", "Test With Truncation", "Test Using Larger Than Block-Size Key - Hash Key First", "Test Using Larger Than Block-Size Key and Larger Than One Block-Size Data"}; + + public virtual ITestResult Perform() + { + HMac hmac = new HMac(new MD5Digest()); + byte[] resBuf = new byte[hmac.GetMacSize()]; + + for (int i = 0; i < messages.Length; i++) + { + byte[] m = Encoding.ASCII.GetBytes(messages[i]); + if (messages[i].StartsWith("0x")) + { + m = Hex.Decode(messages[i].Substring(2)); + } + hmac.Init(new KeyParameter(Hex.Decode(keys[i]))); + hmac.BlockUpdate(m, 0, m.Length); + hmac.DoFinal(resBuf, 0); + + if (!Arrays.AreEqual(resBuf, Hex.Decode(digests[i]))) + { + return new SimpleTestResult(false, Name + "Vector " + i + " failed"); + } + } + + // test reset + int vector = 0; // vector used for test + byte[] m2 = Encoding.ASCII.GetBytes(messages[vector]); + if (messages[vector].StartsWith("0x")) + { + m2 = Hex.Decode(messages[vector].Substring(2)); + } + hmac.Init(new KeyParameter(Hex.Decode(keys[vector]))); + hmac.BlockUpdate(m2, 0, m2.Length); + hmac.DoFinal(resBuf, 0); + hmac.Reset(); + hmac.BlockUpdate(m2, 0, m2.Length); + hmac.DoFinal(resBuf, 0); + + if (!Arrays.AreEqual(resBuf, Hex.Decode(digests[vector]))) + { + return new SimpleTestResult(false, Name + "Reset with vector " + vector + " failed"); + } + + return new SimpleTestResult(true, Name + ": Okay"); + } + + public static void Main( + string[] args) + { + ITest test = new MD5HMacTest(); + ITestResult result = test.Perform(); + + Console.WriteLine(result); + } + + [Test] + public void TestFunction() + { + string resultText = Perform().ToString(); + + Assert.AreEqual(Name + ": Okay", resultText); + } + } +} diff --git a/BouncyCastle/crypto/test/src/crypto/test/MGF1GeneratorTest.cs b/BouncyCastle/crypto/test/src/crypto/test/MGF1GeneratorTest.cs new file mode 100644 index 0000000..ee67ffa --- /dev/null +++ b/BouncyCastle/crypto/test/src/crypto/test/MGF1GeneratorTest.cs @@ -0,0 +1,103 @@ +using System; + +using NUnit.Framework; + +using Org.BouncyCastle.Crypto.Digests; +using Org.BouncyCastle.Crypto.Generators; +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Utilities.Encoders; +using Org.BouncyCastle.Utilities.Test; + +namespace Org.BouncyCastle.Crypto.Tests +{ + /** + * MGF1 tests - vectors from ISO 18033 for KDF1 (equivalent). + */ + [TestFixture] + public class Mgf1GeneratorTest + : SimpleTest + { + private byte[] seed1 = Hex.Decode("d6e168c5f256a2dcff7ef12facd390f393c7a88d"); + private byte[] mask1 = Hex.Decode( + "0742ba966813af75536bb6149cc44fc256fd6406df79665bc31dc5" + + "a62f70535e52c53015b9d37d412ff3c1193439599e1b628774c50d9c" + + "cb78d82c425e4521ee47b8c36a4bcffe8b8112a89312fc04420a39de" + + "99223890e74ce10378bc515a212b97b8a6447ba6a8870278"); + + private byte[] seed2 = Hex.Decode( + "032e45326fa859a72ec235acff929b15d1372e30b207255f0611b8f785d7643741" + + "52e0ac009e509e7ba30cd2f1778e113b64e135cf4e2292c75efe5288edfda4"); + private byte[] mask2 = Hex.Decode( + "5f8de105b5e96b2e490ddecbd147dd1def7e3b8e0e6a26eb7b956ccb8b3bdc1ca9" + + "75bc57c3989e8fbad31a224655d800c46954840ff32052cdf0d640562bdfadfa263c" + + "fccf3c52b29f2af4a1869959bc77f854cf15bd7a25192985a842dbff8e13efee5b7e" + + "7e55bbe4d389647c686a9a9ab3fb889b2d7767d3837eea4e0a2f04"); + + private byte[] seed3; + private byte[] mask3= Hex.Decode( + "09e2decf2a6e1666c2f6071ff4298305e2643fd510a2403db42a8743cb989de86e" + + "668d168cbe604611ac179f819a3d18412e9eb45668f2923c087c12fee0c5a0d2a8aa" + + "70185401fbbd99379ec76c663e875a60b4aacb1319fa11c3365a8b79a44669f26fb5" + + "55c80391847b05eca1cb5cf8c2d531448d33fbaca19f6410ee1fcb"); + + public Mgf1GeneratorTest() + { + seed3 = seed2; + } + + public override void PerformTest() + { + checkMask(1, new Mgf1BytesGenerator(new ShortenedDigest(new Sha256Digest(), 20)), seed1, mask1); + checkMask(2, new Mgf1BytesGenerator(new Sha1Digest()), seed2, mask2); + checkMask(3, new Mgf1BytesGenerator(new ShortenedDigest(new Sha256Digest(), 20)), seed3, mask3); + + try + { + new Mgf1BytesGenerator(new Sha1Digest()).GenerateBytes(new byte[10], 0, 20); + + Fail("short input array not caught"); + } + catch (DataLengthException) + { + // expected + } + } + + private void checkMask( + int count, + IDerivationFunction kdf, + byte[] seed, + byte[] result) + { + byte[] data = new byte[result.Length]; + + kdf.Init(new MgfParameters(seed)); + + kdf.GenerateBytes(data, 0, data.Length); + + if (!AreEqual(result, data)) + { + Fail("MGF1 failed generator test " + count); + } + } + + public override string Name + { + get { return "MGF1"; } + } + + public static void Main( + string[] args) + { + RunTest(new Mgf1GeneratorTest()); + } + + [Test] + public void TestFunction() + { + string resultText = Perform().ToString(); + + Assert.AreEqual(Name + ": Okay", resultText); + } + } +} \ No newline at end of file diff --git a/BouncyCastle/crypto/test/src/crypto/test/MacTest.cs b/BouncyCastle/crypto/test/src/crypto/test/MacTest.cs new file mode 100644 index 0000000..9a58f8a --- /dev/null +++ b/BouncyCastle/crypto/test/src/crypto/test/MacTest.cs @@ -0,0 +1,214 @@ +using System; + +using NUnit.Framework; + +using Org.BouncyCastle.Crypto.Engines; +using Org.BouncyCastle.Crypto.Macs; +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Crypto.Paddings; +using Org.BouncyCastle.Utilities; +using Org.BouncyCastle.Utilities.Encoders; +using Org.BouncyCastle.Utilities.Test; + +namespace Org.BouncyCastle.Crypto.Tests +{ + /// MAC tester - vectors from + /// FIP 81 and + /// FIP 113. + /// + [TestFixture] + public class MacTest + : ITest + { + public string Name + { + get { return "IMac"; } + } + + internal static byte[] keyBytes; + internal static byte[] ivBytes; + internal static byte[] input1; + internal static byte[] output1; + internal static byte[] output2; + internal static byte[] output3; + + // + // these aren't NIST vectors, just for regression testing. + // + internal static byte[] input2; + internal static byte[] output4; + internal static byte[] output5; + internal static byte[] output6; + + public MacTest() + { + } + + public virtual ITestResult Perform() + { + KeyParameter key = new KeyParameter(keyBytes); + IBlockCipher cipher = new DesEngine(); + IMac mac = new CbcBlockCipherMac(cipher); + + // + // standard DAC - zero IV + // + mac.Init(key); + + mac.BlockUpdate(input1, 0, input1.Length); + + byte[] outBytes = new byte[4]; + + mac.DoFinal(outBytes, 0); + + if (!Arrays.AreEqual(outBytes, output1)) + { + return new SimpleTestResult(false, Name + ": Failed - expected " + + Hex.ToHexString(output1) + " got " + Hex.ToHexString(outBytes)); + } + + // + // mac with IV. + // + ParametersWithIV param = new ParametersWithIV(key, ivBytes); + + mac.Init(param); + + mac.BlockUpdate(input1, 0, input1.Length); + + outBytes = new byte[4]; + + mac.DoFinal(outBytes, 0); + + if (!Arrays.AreEqual(outBytes, output2)) + { + return new SimpleTestResult(false, Name + ": Failed - expected " + + Hex.ToHexString(output2) + " got " + Hex.ToHexString(outBytes)); + } + + // + // CFB mac with IV - 8 bit CFB mode + // + param = new ParametersWithIV(key, ivBytes); + + mac = new CfbBlockCipherMac(cipher); + + mac.Init(param); + + mac.BlockUpdate(input1, 0, input1.Length); + + outBytes = new byte[4]; + + mac.DoFinal(outBytes, 0); + + if (!Arrays.AreEqual(outBytes, output3)) + { + return new SimpleTestResult(false, Name + ": Failed - expected " + + Hex.ToHexString(output3) + " got " + Hex.ToHexString(outBytes)); + } + + // + // word aligned data - zero IV + // + mac.Init(key); + + mac.BlockUpdate(input2, 0, input2.Length); + + outBytes = new byte[4]; + + mac.DoFinal(outBytes, 0); + + if (!Arrays.AreEqual(outBytes, output4)) + { + return new SimpleTestResult(false, Name + ": Failed - expected " + + Hex.ToHexString(output4) + " got " + Hex.ToHexString(outBytes)); + } + + // + // word aligned data - zero IV - CBC padding + // + mac = new CbcBlockCipherMac(cipher, new Pkcs7Padding()); + + mac.Init(key); + + mac.BlockUpdate(input2, 0, input2.Length); + + outBytes = new byte[4]; + + mac.DoFinal(outBytes, 0); + + if (!Arrays.AreEqual(outBytes, output5)) + { + return new SimpleTestResult(false, Name + ": Failed - expected " + + Hex.ToHexString(output5) + " got " + Hex.ToHexString(outBytes)); + } + + // + // non-word aligned data - zero IV - CBC padding + // + mac.Reset(); + + mac.BlockUpdate(input1, 0, input1.Length); + + outBytes = new byte[4]; + + mac.DoFinal(outBytes, 0); + + if (!Arrays.AreEqual(outBytes, output6)) + { + return new SimpleTestResult(false, Name + ": Failed - expected " + + Hex.ToHexString(output6) + " got " + Hex.ToHexString(outBytes)); + } + + // + // non-word aligned data - zero IV - CBC padding + // + mac.Init(key); + + mac.BlockUpdate(input1, 0, input1.Length); + + outBytes = new byte[4]; + + mac.DoFinal(outBytes, 0); + + if (!Arrays.AreEqual(outBytes, output6)) + { + return new SimpleTestResult(false, Name + ": Failed - expected " + + Hex.ToHexString(output6) + " got " + Hex.ToHexString(outBytes)); + } + + return new SimpleTestResult(true, Name + ": Okay"); + } + + public static void Main( + string[] args) + { + MacTest test = new MacTest(); + ITestResult result = test.Perform(); + + Console.WriteLine(result); + } + + [Test] + public void TestFunction() + { + string resultText = Perform().ToString(); + + Assert.AreEqual(Name + ": Okay", resultText); + } + + static MacTest() + { + keyBytes = Hex.Decode("0123456789abcdef"); + ivBytes = Hex.Decode("1234567890abcdef"); + input1 = Hex.Decode("37363534333231204e6f77206973207468652074696d6520666f7220"); + output1 = Hex.Decode("f1d30f68"); + output2 = Hex.Decode("58d2e77e"); + output3 = Hex.Decode("cd647403"); + input2 = Hex.Decode("3736353433323120"); + output4 = Hex.Decode("3af549c9"); + output5 = Hex.Decode("188fbdd5"); + output6 = Hex.Decode("7045eecd"); + } + } +} diff --git a/BouncyCastle/crypto/test/src/crypto/test/ModeTest.cs b/BouncyCastle/crypto/test/src/crypto/test/ModeTest.cs new file mode 100644 index 0000000..c67dce0 --- /dev/null +++ b/BouncyCastle/crypto/test/src/crypto/test/ModeTest.cs @@ -0,0 +1,108 @@ +using System; + +using NUnit.Framework; + +using Org.BouncyCastle.Crypto.Engines; +using Org.BouncyCastle.Crypto.Modes; +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Utilities; +using Org.BouncyCastle.Utilities.Encoders; +using Org.BouncyCastle.Utilities.Test; + +namespace Org.BouncyCastle.Crypto.Tests +{ + /// CFB/OFB Mode test of IV padding. + [TestFixture] + public class ModeTest + : ITest + { + public string Name + { + get { return "ModeTest"; } + } + + public ModeTest() + { + } + + public virtual ITestResult Perform() + { + KeyParameter key = new KeyParameter(Hex.Decode("0011223344556677")); + byte[] input = Hex.Decode("4e6f7720"); + byte[] out1 = new byte[4]; + byte[] out2 = new byte[4]; + + + IBlockCipher ofb = new OfbBlockCipher(new DesEngine(), 32); + + ofb.Init(true, new ParametersWithIV(key, Hex.Decode("1122334455667788"))); + + ofb.ProcessBlock(input, 0, out1, 0); + + ofb.Init(false, new ParametersWithIV(key, Hex.Decode("1122334455667788"))); + ofb.ProcessBlock(out1, 0, out2, 0); + + if (!Arrays.AreEqual(out2, input)) + { + return new SimpleTestResult(false, Name + ": test 1 - in != out"); + } + + ofb.Init(true, new ParametersWithIV(key, Hex.Decode("11223344"))); + + ofb.ProcessBlock(input, 0, out1, 0); + + ofb.Init(false, new ParametersWithIV(key, Hex.Decode("0000000011223344"))); + ofb.ProcessBlock(out1, 0, out2, 0); + + if (!Arrays.AreEqual(out2, input)) + { + return new SimpleTestResult(false, Name + ": test 2 - in != out"); + } + + IBlockCipher cfb = new CfbBlockCipher(new DesEngine(), 32); + + cfb.Init(true, new ParametersWithIV(key, Hex.Decode("1122334455667788"))); + + cfb.ProcessBlock(input, 0, out1, 0); + + cfb.Init(false, new ParametersWithIV(key, Hex.Decode("1122334455667788"))); + cfb.ProcessBlock(out1, 0, out2, 0); + + if (!Arrays.AreEqual(out2, input)) + { + return new SimpleTestResult(false, Name + ": test 3 - in != out"); + } + + cfb.Init(true, new ParametersWithIV(key, Hex.Decode("11223344"))); + + cfb.ProcessBlock(input, 0, out1, 0); + + cfb.Init(false, new ParametersWithIV(key, Hex.Decode("0000000011223344"))); + cfb.ProcessBlock(out1, 0, out2, 0); + + if (!Arrays.AreEqual(out2, input)) + { + return new SimpleTestResult(false, Name + ": test 4 - in != out"); + } + + return new SimpleTestResult(true, Name + ": Okay"); + } + + public static void Main( + string[] args) + { + ITest test = new ModeTest(); + ITestResult result = test.Perform(); + + Console.WriteLine(result); + } + + [Test] + public void TestFunction() + { + string resultText = Perform().ToString(); + + Assert.AreEqual(Name + ": Okay", resultText); + } + } +} diff --git a/BouncyCastle/crypto/test/src/crypto/test/NaccacheSternTest.cs b/BouncyCastle/crypto/test/src/crypto/test/NaccacheSternTest.cs new file mode 100644 index 0000000..9168adc --- /dev/null +++ b/BouncyCastle/crypto/test/src/crypto/test/NaccacheSternTest.cs @@ -0,0 +1,351 @@ +using System; +using System.Collections; + +using NUnit.Framework; + +using Org.BouncyCastle.Crypto; +using Org.BouncyCastle.Crypto.Engines; +using Org.BouncyCastle.Crypto.Generators; +using Org.BouncyCastle.Crypto.Modes; +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Math; +using Org.BouncyCastle.Security; +using Org.BouncyCastle.Utilities.Encoders; +using Org.BouncyCastle.Utilities.Test; + +namespace Org.BouncyCastle.Crypto.Tests +{ + /** + * Test case for NaccacheStern cipher. For details on this cipher, please see + * + * http://www.gemplus.com/smart/rd/publications/pdf/NS98pkcs.pdf + * + * Performs the following tests: + *
      + *
    • Toy example from the NaccacheSternPaper
      • + *
    • 768 bit test with text "Now is the time for all good men." (ripped from RSA test) and + * the same test with the first byte replaced by 0xFF
      • + *
    • 1024 bit test analog to 768 bit test
      • + *
    + */ + [TestFixture, Explicit] + public class NaccacheSternTest + : SimpleTest + { + static bool debug = false; + + static readonly NaccacheSternEngine cryptEng = new NaccacheSternEngine(); + static readonly NaccacheSternEngine decryptEng = new NaccacheSternEngine(); + + // Values from NaccacheStern paper + static readonly BigInteger a = BigInteger.ValueOf(101); + static readonly BigInteger u1 = BigInteger.ValueOf(3); + static readonly BigInteger u2 = BigInteger.ValueOf(5); + static readonly BigInteger u3 = BigInteger.ValueOf(7); + static readonly BigInteger b = BigInteger.ValueOf(191); + static readonly BigInteger v1 = BigInteger.ValueOf(11); + static readonly BigInteger v2 = BigInteger.ValueOf(13); + static readonly BigInteger v3 = BigInteger.ValueOf(17); + + static readonly BigInteger sigma + = u1.Multiply(u2).Multiply(u3).Multiply(v1).Multiply(v2).Multiply(v3); + + static readonly BigInteger p + = BigInteger.Two.Multiply(a).Multiply(u1).Multiply(u2).Multiply(u3).Add(BigInteger.One); + + static readonly BigInteger q + = BigInteger.Two.Multiply(b).Multiply(v1).Multiply(v2).Multiply(v3).Add(BigInteger.One); + + static readonly BigInteger n = p.Multiply(q); + + static readonly BigInteger phi_n + = p.Subtract(BigInteger.One).Multiply(q.Subtract(BigInteger.One)); + + static readonly BigInteger g = BigInteger.ValueOf(131); + + static readonly IList smallPrimes = new ArrayList(); + + // static final BigInteger paperTest = BigInteger.ValueOf(202); + + static readonly string input = "4e6f77206973207468652074696d6520666f7220616c6c20676f6f64206d656e"; + + static readonly BigInteger paperTest = BigInteger.ValueOf(202); + + // + // to check that we handling byte extension by big number correctly. + // + static readonly string edgeInput = "ff6f77206973207468652074696d6520666f7220616c6c20676f6f64206d656e"; + + static NaccacheSternTest() + { + // First the Parameters from the NaccacheStern Paper + // (see http://www.gemplus.com/smart/rd/publications/pdf/NS98pkcs.pdf ) + + smallPrimes.Add(u1); + smallPrimes.Add(u2); + smallPrimes.Add(u3); + smallPrimes.Add(v1); + smallPrimes.Add(v2); + smallPrimes.Add(v3); + } + + public override string Name + { + get { return "NaccacheStern"; } + } + + public override void PerformTest() + { + // Test with given key from NaccacheSternPaper (totally insecure) + + NaccacheSternKeyParameters pubParameters = new NaccacheSternKeyParameters(false, g, n, sigma.BitLength); + + NaccacheSternPrivateKeyParameters privParameters = new NaccacheSternPrivateKeyParameters(g, n, sigma + .BitLength, smallPrimes, phi_n); + + AsymmetricCipherKeyPair pair = new AsymmetricCipherKeyPair(pubParameters, privParameters); + + // Initialize Engines with KeyPair + + if (debug) + { + Console.WriteLine("initializing encryption engine"); + } + cryptEng.Init(true, pair.Public); + + if (debug) + { + Console.WriteLine("initializing decryption engine"); + } + decryptEng.Init(false, pair.Private); + + byte[] data = paperTest.ToByteArray(); + + if (!new BigInteger(data).Equals(new BigInteger(enDeCrypt(data)))) + { + Fail("failed NaccacheStern paper test"); + } + + // + // key generation test + // + + // + // 768 Bit test + // + + if (debug) + { + Console.WriteLine(); + Console.WriteLine("768 Bit TEST"); + } + + // specify key generation parameters + NaccacheSternKeyGenerationParameters genParam + = new NaccacheSternKeyGenerationParameters(new SecureRandom(), 768, 8, 30); + + // Initialize Key generator and generate key pair + NaccacheSternKeyPairGenerator pGen = new NaccacheSternKeyPairGenerator(); + pGen.Init(genParam); + + pair = pGen.GenerateKeyPair(); + + if (((NaccacheSternKeyParameters)pair.Public).Modulus.BitLength < 768) + { + Console.WriteLine("FAILED: key size is <786 bit, exactly " + + ((NaccacheSternKeyParameters)pair.Public).Modulus.BitLength + " bit"); + Fail("failed key generation (768) length test"); + } + + // Initialize Engines with KeyPair + + if (debug) + { + Console.WriteLine("initializing " + genParam.Strength + " bit encryption engine"); + } + cryptEng.Init(true, pair.Public); + + if (debug) + { + Console.WriteLine("initializing " + genParam.Strength + " bit decryption engine"); + } + decryptEng.Init(false, pair.Private); + + // Basic data input + data = Hex.Decode(input); + + if (!new BigInteger(1, data).Equals(new BigInteger(1, enDeCrypt(data)))) + { + Fail("failed encryption decryption (" + genParam.Strength + ") basic test"); + } + + // Data starting with FF byte (would be interpreted as negative + // BigInteger) + + data = Hex.Decode(edgeInput); + + if (!new BigInteger(1, data).Equals(new BigInteger(1, enDeCrypt(data)))) + { + Fail("failed encryption decryption (" + genParam.Strength + ") edgeInput test"); + } + + // + // 1024 Bit Test + // + /* + if (debug) + { + Console.WriteLine(); + Console.WriteLine("1024 Bit TEST"); + } + + // specify key generation parameters + genParam = new NaccacheSternKeyGenerationParameters(new SecureRandom(), 1024, 8, 40, debug); + + pGen.Init(genParam); + pair = pGen.generateKeyPair(); + + if (((NaccacheSternKeyParameters)pair.Public).getModulus().bitLength() < 1024) + { + if (debug) + { + Console.WriteLine("FAILED: key size is <1024 bit, exactly " + + ((NaccacheSternKeyParameters)pair.Public).getModulus().bitLength() + " bit"); + } + Fail("failed key generation (1024) length test"); + } + + // Initialize Engines with KeyPair + + if (debug) + { + Console.WriteLine("initializing " + genParam.getStrength() + " bit encryption engine"); + } + cryptEng.Init(true, pair.Public); + + if (debug) + { + Console.WriteLine("initializing " + genParam.getStrength() + " bit decryption engine"); + } + decryptEng.Init(false, pair.Private); + + if (debug) + { + Console.WriteLine("Data is " + new BigInteger(1, data)); + } + + // Basic data input + data = Hex.Decode(input); + + if (!new BigInteger(1, data).Equals(new BigInteger(1, enDeCrypt(data)))) + { + Fail("failed encryption decryption (" + genParam.getStrength() + ") basic test"); + } + + // Data starting with FF byte (would be interpreted as negative + // BigInteger) + + data = Hex.Decode(edgeInput); + + if (!new BigInteger(1, data).Equals(new BigInteger(1, enDeCrypt(data)))) + { + Fail("failed encryption decryption (" + genParam.getStrength() + ") edgeInput test"); + } + */ + // END OF TEST CASE + + try + { + new NaccacheSternEngine().ProcessBlock(new byte[]{ 1 }, 0, 1); + Fail("failed initialisation check"); + } + catch (InvalidOperationException) + { + // expected + } + + if (debug) + { + Console.WriteLine("All tests successful"); + } + } + + private byte[] enDeCrypt( + byte[] input) + { + // create work array + byte[] data = new byte[input.Length]; + Array.Copy(input, 0, data, 0, data.Length); + + // Perform encryption like in the paper from Naccache-Stern + if (debug) + { + Console.WriteLine("encrypting data. Data representation\n" + // + "As string:.... " + new string(data) + "\n" + + "As BigInteger: " + new BigInteger(1, data)); + Console.WriteLine("data length is " + data.Length); + } + + try + { + data = cryptEng.ProcessData(data); + } + catch (InvalidCipherTextException e) + { + if (debug) + { + Console.WriteLine("failed - exception " + e + "\n" + e.Message); + } + Fail("failed - exception " + e + "\n" + e.Message); + } + + if (debug) + { + Console.WriteLine("enrypted data representation\n" + // + "As string:.... " + new string(data) + "\n" + + "As BigInteger: " + new BigInteger(1, data)); + Console.WriteLine("data length is " + data.Length); + } + + try + { + data = decryptEng.ProcessData(data); + } + catch (InvalidCipherTextException e) + { + if (debug) + { + Console.WriteLine("failed - exception " + e + "\n" + e.Message); + } + Fail("failed - exception " + e + "\n" + e.Message); + } + + if (debug) + { + Console.WriteLine("decrypted data representation\n" + // + "As string:.... " + new string(data) + "\n" + + "As BigInteger: " + new BigInteger(1, data)); + Console.WriteLine("data length is " + data.Length); + } + + return data; + } + + [Test] + public void TestFunction() + { + string resultText = Perform().ToString(); + + Assert.AreEqual(Name + ": Okay", resultText); + } + + public static void Main( + string[] args) + { + ITest test = new NaccacheSternTest(); + ITestResult result = test.Perform(); + + Console.WriteLine(result); + } + } +} diff --git a/BouncyCastle/crypto/test/src/crypto/test/NistEccTest.cs b/BouncyCastle/crypto/test/src/crypto/test/NistEccTest.cs new file mode 100644 index 0000000..a8e4a6c --- /dev/null +++ b/BouncyCastle/crypto/test/src/crypto/test/NistEccTest.cs @@ -0,0 +1,112 @@ +using System; +using System.Collections; +using System.IO; +using System.Text.RegularExpressions; + +using NUnit.Framework; + +using Org.BouncyCastle.Asn1.X9; +using Org.BouncyCastle.Math; +using Org.BouncyCastle.Math.EC; +using Org.BouncyCastle.Utilities.Test; + +namespace Org.BouncyCastle.Crypto.Tests +{ + [TestFixture] + public class NistEccTest : SimpleTest + { + public override string Name + { + get { return "NistEcc"; } + } + + public override void PerformTest() + { + foreach (object[] testVector in CollectTestVectors()) + { + TestMultiply( + testVector[0] as string, + testVector[1] as BigInteger, + testVector[2] as BigInteger, + testVector[3] as BigInteger + ); + } + } + + public IEnumerable CollectTestVectors() + { + ArrayList testVectors = new ArrayList(); + string curve = null; + BigInteger k = null; + BigInteger x = null; + BigInteger y = null; + + using (StreamReader r = new StreamReader(SimpleTest.GetTestDataAsStream("crypto.nist_ecc.txt"))) + { + string line; + while (null != (line = r.ReadLine())) + { + Regex capture = new Regex(@"^ ?(\w+):? =? ?(\w+)", RegexOptions.Compiled); + Match data = capture.Match(line); + if (!data.Success) + continue; + + string nistKey = data.Groups[1].Value; + string nistValue = data.Groups[2].Value; + switch (nistKey) + { + case "Curve": + // Change curve name from LNNN to L-NNN ie: P256 to P-256 + curve = nistValue.Insert(1, "-"); + break; + case "k": + k = new BigInteger(nistValue, 10); + break; + case "x": + x = new BigInteger(nistValue, 16); + break; + case "y": + y = new BigInteger(nistValue, 16); + break; + } + + if (null != curve && null != k && null != x && null != y) + { + testVectors.Add(new object[] {curve, k, x, y}); + k = null; + x = null; + y = null; + } + } + } + + return testVectors; + } + + public void TestMultiply(string curve, BigInteger k, BigInteger expectedX, BigInteger expectedY) + { + // Arrange + X9ECParameters x9EcParameters = Asn1.Nist.NistNamedCurves.GetByName(curve); + + // Act + ECPoint ecPoint = x9EcParameters.G.Multiply(k).Normalize(); + + // Assert + IsEquals("Unexpected X Coordinate", expectedX, ecPoint.AffineXCoord.ToBigInteger()); + IsEquals("Unexpected Y Coordinate", expectedY, ecPoint.AffineYCoord.ToBigInteger()); + } + + public static void Main(string[] args) + { + RunTest(new NistEccTest()); + } + + [Test] + public void TestFunction() + { + string resultText = Perform().ToString(); + + Assert.AreEqual(Name + ": Okay", resultText); + } + } +} \ No newline at end of file diff --git a/BouncyCastle/crypto/test/src/crypto/test/NoekeonTest.cs b/BouncyCastle/crypto/test/src/crypto/test/NoekeonTest.cs new file mode 100644 index 0000000..b6fff70 --- /dev/null +++ b/BouncyCastle/crypto/test/src/crypto/test/NoekeonTest.cs @@ -0,0 +1,59 @@ +using System; + +using NUnit.Framework; + +using Org.BouncyCastle.Crypto.Engines; +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Utilities.Encoders; +using Org.BouncyCastle.Utilities.Test; + +namespace Org.BouncyCastle.Crypto.Tests +{ + /** + * Noekeon tester + */ + [TestFixture] + public class NoekeonTest + : CipherTest + { + private static readonly SimpleTest[] tests = + { + new BlockCipherVectorTest(0, new NoekeonEngine(), + new KeyParameter(Hex.Decode("00000000000000000000000000000000")), + "00000000000000000000000000000000", + "b1656851699e29fa24b70148503d2dfc"), + new BlockCipherVectorTest(1, new NoekeonEngine(), + new KeyParameter(Hex.Decode("ffffffffffffffffffffffffffffffff")), + "ffffffffffffffffffffffffffffffff", + "2a78421b87c7d0924f26113f1d1349b2"), + new BlockCipherVectorTest(2, new NoekeonEngine(), + new KeyParameter(Hex.Decode("b1656851699e29fa24b70148503d2dfc")), + "2a78421b87c7d0924f26113f1d1349b2", + "e2f687e07b75660ffc372233bc47532c") + }; + + public NoekeonTest() + : base(tests, new NoekeonEngine(), new KeyParameter(new byte[16])) + { + } + + public override string Name + { + get { return "Noekeon"; } + } + + public static void Main( + string[] args) + { + RunTest(new NoekeonTest()); + } + + [Test] + public void TestFunction() + { + string resultText = Perform().ToString(); + + Assert.AreEqual(Name + ": Okay", resultText); + } + } +} diff --git a/BouncyCastle/crypto/test/src/crypto/test/NonMemoableDigestTest.cs b/BouncyCastle/crypto/test/src/crypto/test/NonMemoableDigestTest.cs new file mode 100644 index 0000000..e6b329e --- /dev/null +++ b/BouncyCastle/crypto/test/src/crypto/test/NonMemoableDigestTest.cs @@ -0,0 +1,119 @@ +using System; +using System.Text; + +using NUnit.Framework; + +using Org.BouncyCastle.Crypto.Digests; +using Org.BouncyCastle.Crypto.Macs; +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Utilities; +using Org.BouncyCastle.Utilities.Encoders; +using Org.BouncyCastle.Utilities.Test; + +namespace Org.BouncyCastle.Crypto.Tests +{ + /** + * SHA1 HMac Test, test vectors from RFC 2202 + */ + public class NonMemoableDigestTest + : SimpleTest + { + private static readonly string[] keys = { + "0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b", + "4a656665", + "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", + "0102030405060708090a0b0c0d0e0f10111213141516171819", + "0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c", + "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", + "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" + }; + + private static readonly string[] digests = { + "b617318655057264e28bc0b6fb378c8ef146be00", + "effcdf6ae5eb2fa2d27416d5f184df9c259a7c79", + "125d7342b9ac11cd91a39af48aa17b4f63f175d3", + "4c9007f4026250c6bc8414f9bf50c86c2d7235da", + "4c1a03424b55e07fe7f27be1d58bb9324a9a5a04", + "aa4ae5e15272d00e95705637ce8a3b55ed402112", + "e8e99d0f45237d786d6bbaa7965c7808bbff1a91", + "4c1a03424b55e07fe7f27be1d58bb9324a9a5a04", + "aa4ae5e15272d00e95705637ce8a3b55ed402112", + "e8e99d0f45237d786d6bbaa7965c7808bbff1a91" + }; + + private static readonly string[] messages = { + "Hi There", + "what do ya want for nothing?", + "0xdddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddd", + "0xcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcd", + "Test With Truncation", + "Test Using Larger Than Block-Size Key - Hash Key First", + "Test Using Larger Than Block-Size Key and Larger Than One Block-Size Data" + }; + + public override string Name + { + get { return "NonMemoableDigest"; } + } + + public override void PerformTest() + { + HMac hmac = new HMac(new NonMemoableDigest(new Sha1Digest())); + byte[] resBuf = new byte[hmac.GetMacSize()]; + + for (int i = 0; i < messages.Length; i++) + { + byte[] m = Strings.ToByteArray(messages[i]); + if (messages[i].StartsWith("0x")) + { + m = Hex.Decode(messages[i].Substring(2)); + } + hmac.Init(new KeyParameter(Hex.Decode(keys[i]))); + hmac.BlockUpdate(m, 0, m.Length); + hmac.DoFinal(resBuf, 0); + + if (!Arrays.AreEqual(resBuf, Hex.Decode(digests[i]))) + { + Fail(Name + ": Vector " + i + " failed"); + } + } + + // + // test reset + // + { + int vector = 0; // vector used for test + byte[] m = Strings.ToByteArray(messages[vector]); + if (messages[vector].StartsWith("0x")) + { + m = Hex.Decode(messages[vector].Substring(2)); + } + hmac.Init(new KeyParameter(Hex.Decode(keys[vector]))); + hmac.BlockUpdate(m, 0, m.Length); + hmac.DoFinal(resBuf, 0); + hmac.Reset(); + hmac.BlockUpdate(m, 0, m.Length); + hmac.DoFinal(resBuf, 0); + + if (!Arrays.AreEqual(resBuf, Hex.Decode(digests[vector]))) + { + Fail(Name + ": Reset with vector " + vector + " failed"); + } + } + } + + public static void Main( + string[] args) + { + RunTest(new NonMemoableDigestTest()); + } + + [Test] + public void TestFunction() + { + string resultText = Perform().ToString(); + + Assert.AreEqual(Name + ": Okay", resultText); + } + } +} diff --git a/BouncyCastle/crypto/test/src/crypto/test/NullTest.cs b/BouncyCastle/crypto/test/src/crypto/test/NullTest.cs new file mode 100644 index 0000000..16a5180 --- /dev/null +++ b/BouncyCastle/crypto/test/src/crypto/test/NullTest.cs @@ -0,0 +1,88 @@ +using System; + +using NUnit.Framework; + +using Org.BouncyCastle.Crypto.Engines; +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Utilities.Encoders; +using Org.BouncyCastle.Utilities.Test; + +namespace Org.BouncyCastle.Crypto.Tests +{ + [TestFixture] + public class NullTest + : CipherTest + { + static SimpleTest[] tests = + { + new BlockCipherVectorTest(0, new NullEngine(), + new KeyParameter(Hex.Decode("00")), "00", "00") + }; + + public NullTest() + : base(tests, new NullEngine(), new KeyParameter(new byte[2])) + { + } + + public override string Name + { + get { return "Null"; } + } + + public override void PerformTest() + { + base.PerformTest(); + + IBlockCipher engine = new NullEngine(); + + engine.Init(true, null); + + byte[] buf = new byte[1]; + + engine.ProcessBlock(buf, 0, buf, 0); + + if (buf[0] != 0) + { + Fail("NullCipher changed data!"); + } + + byte[] shortBuf = new byte[0]; + + try + { + engine.ProcessBlock(shortBuf, 0, buf, 0); + + Fail("failed short input check"); + } + catch (DataLengthException) + { + // expected + } + + try + { + engine.ProcessBlock(buf, 0, shortBuf, 0); + + Fail("failed short output check"); + } + catch (DataLengthException) + { + // expected + } + } + + public static void Main( + string[] args) + { + RunTest(new NullTest()); + } + + [Test] + public void TestFunction() + { + string resultText = Perform().ToString(); + + Assert.AreEqual(Name + ": Okay", resultText); + } + } +} diff --git a/BouncyCastle/crypto/test/src/crypto/test/OAEPTest.cs b/BouncyCastle/crypto/test/src/crypto/test/OAEPTest.cs new file mode 100644 index 0000000..3c43732 --- /dev/null +++ b/BouncyCastle/crypto/test/src/crypto/test/OAEPTest.cs @@ -0,0 +1,943 @@ +using System; + +using NUnit.Framework; + +using Org.BouncyCastle.Asn1; +using Org.BouncyCastle.Asn1.Pkcs; +using Org.BouncyCastle.Asn1.X509; +using Org.BouncyCastle.Crypto.Digests; +using Org.BouncyCastle.Crypto.Encodings; +using Org.BouncyCastle.Crypto.Engines; +using Org.BouncyCastle.Crypto.Generators; +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Math; +using Org.BouncyCastle.Security; +using Org.BouncyCastle.Utilities; +using Org.BouncyCastle.Utilities.Encoders; +using Org.BouncyCastle.Utilities.Test; +using Org.BouncyCastle.X509; + +namespace Org.BouncyCastle.Crypto.Tests +{ + [TestFixture] + public class OaepTest + : SimpleTest + { + private static readonly byte[] pubKeyEnc1 = + { + (byte)0x30, (byte)0x5a, (byte)0x30, (byte)0x0d, (byte)0x06, (byte)0x09, (byte)0x2a, (byte)0x86, + (byte)0x48, (byte)0x86, (byte)0xf7, (byte)0x0d, (byte)0x01, (byte)0x01, (byte)0x01, (byte)0x05, + (byte)0x00, (byte)0x03, (byte)0x49, (byte)0x00, (byte)0x30, (byte)0x46, (byte)0x02, (byte)0x41, + (byte)0x00, (byte)0xaa, (byte)0x36, (byte)0xab, (byte)0xce, (byte)0x88, (byte)0xac, (byte)0xfd, + (byte)0xff, (byte)0x55, (byte)0x52, (byte)0x3c, (byte)0x7f, (byte)0xc4, (byte)0x52, (byte)0x3f, + (byte)0x90, (byte)0xef, (byte)0xa0, (byte)0x0d, (byte)0xf3, (byte)0x77, (byte)0x4a, (byte)0x25, + (byte)0x9f, (byte)0x2e, (byte)0x62, (byte)0xb4, (byte)0xc5, (byte)0xd9, (byte)0x9c, (byte)0xb5, + (byte)0xad, (byte)0xb3, (byte)0x00, (byte)0xa0, (byte)0x28, (byte)0x5e, (byte)0x53, (byte)0x01, + (byte)0x93, (byte)0x0e, (byte)0x0c, (byte)0x70, (byte)0xfb, (byte)0x68, (byte)0x76, (byte)0x93, + (byte)0x9c, (byte)0xe6, (byte)0x16, (byte)0xce, (byte)0x62, (byte)0x4a, (byte)0x11, (byte)0xe0, + (byte)0x08, (byte)0x6d, (byte)0x34, (byte)0x1e, (byte)0xbc, (byte)0xac, (byte)0xa0, (byte)0xa1, + (byte)0xf5, (byte)0x02, (byte)0x01, (byte)0x11 + }; + + private static readonly byte[] privKeyEnc1 = + { + (byte)0x30, (byte)0x82, (byte)0x01, (byte)0x52, (byte)0x02, (byte)0x01, (byte)0x00, (byte)0x30, + (byte)0x0d, (byte)0x06, (byte)0x09, (byte)0x2a, (byte)0x86, (byte)0x48, (byte)0x86, (byte)0xf7, + (byte)0x0d, (byte)0x01, (byte)0x01, (byte)0x01, (byte)0x05, (byte)0x00, (byte)0x04, (byte)0x82, + (byte)0x01, (byte)0x3c, (byte)0x30, (byte)0x82, (byte)0x01, (byte)0x38, (byte)0x02, (byte)0x01, + (byte)0x00, (byte)0x02, (byte)0x41, (byte)0x00, (byte)0xaa, (byte)0x36, (byte)0xab, (byte)0xce, + (byte)0x88, (byte)0xac, (byte)0xfd, (byte)0xff, (byte)0x55, (byte)0x52, (byte)0x3c, (byte)0x7f, + (byte)0xc4, (byte)0x52, (byte)0x3f, (byte)0x90, (byte)0xef, (byte)0xa0, (byte)0x0d, (byte)0xf3, + (byte)0x77, (byte)0x4a, (byte)0x25, (byte)0x9f, (byte)0x2e, (byte)0x62, (byte)0xb4, (byte)0xc5, + (byte)0xd9, (byte)0x9c, (byte)0xb5, (byte)0xad, (byte)0xb3, (byte)0x00, (byte)0xa0, (byte)0x28, + (byte)0x5e, (byte)0x53, (byte)0x01, (byte)0x93, (byte)0x0e, (byte)0x0c, (byte)0x70, (byte)0xfb, + (byte)0x68, (byte)0x76, (byte)0x93, (byte)0x9c, (byte)0xe6, (byte)0x16, (byte)0xce, (byte)0x62, + (byte)0x4a, (byte)0x11, (byte)0xe0, (byte)0x08, (byte)0x6d, (byte)0x34, (byte)0x1e, (byte)0xbc, + (byte)0xac, (byte)0xa0, (byte)0xa1, (byte)0xf5, (byte)0x02, (byte)0x01, (byte)0x11, (byte)0x02, + (byte)0x40, (byte)0x0a, (byte)0x03, (byte)0x37, (byte)0x48, (byte)0x62, (byte)0x64, (byte)0x87, + (byte)0x69, (byte)0x5f, (byte)0x5f, (byte)0x30, (byte)0xbc, (byte)0x38, (byte)0xb9, (byte)0x8b, + (byte)0x44, (byte)0xc2, (byte)0xcd, (byte)0x2d, (byte)0xff, (byte)0x43, (byte)0x40, (byte)0x98, + (byte)0xcd, (byte)0x20, (byte)0xd8, (byte)0xa1, (byte)0x38, (byte)0xd0, (byte)0x90, (byte)0xbf, + (byte)0x64, (byte)0x79, (byte)0x7c, (byte)0x3f, (byte)0xa7, (byte)0xa2, (byte)0xcd, (byte)0xcb, + (byte)0x3c, (byte)0xd1, (byte)0xe0, (byte)0xbd, (byte)0xba, (byte)0x26, (byte)0x54, (byte)0xb4, + (byte)0xf9, (byte)0xdf, (byte)0x8e, (byte)0x8a, (byte)0xe5, (byte)0x9d, (byte)0x73, (byte)0x3d, + (byte)0x9f, (byte)0x33, (byte)0xb3, (byte)0x01, (byte)0x62, (byte)0x4a, (byte)0xfd, (byte)0x1d, + (byte)0x51, (byte)0x02, (byte)0x21, (byte)0x00, (byte)0xd8, (byte)0x40, (byte)0xb4, (byte)0x16, + (byte)0x66, (byte)0xb4, (byte)0x2e, (byte)0x92, (byte)0xea, (byte)0x0d, (byte)0xa3, (byte)0xb4, + (byte)0x32, (byte)0x04, (byte)0xb5, (byte)0xcf, (byte)0xce, (byte)0x33, (byte)0x52, (byte)0x52, + (byte)0x4d, (byte)0x04, (byte)0x16, (byte)0xa5, (byte)0xa4, (byte)0x41, (byte)0xe7, (byte)0x00, + (byte)0xaf, (byte)0x46, (byte)0x12, (byte)0x0d, (byte)0x02, (byte)0x21, (byte)0x00, (byte)0xc9, + (byte)0x7f, (byte)0xb1, (byte)0xf0, (byte)0x27, (byte)0xf4, (byte)0x53, (byte)0xf6, (byte)0x34, + (byte)0x12, (byte)0x33, (byte)0xea, (byte)0xaa, (byte)0xd1, (byte)0xd9, (byte)0x35, (byte)0x3f, + (byte)0x6c, (byte)0x42, (byte)0xd0, (byte)0x88, (byte)0x66, (byte)0xb1, (byte)0xd0, (byte)0x5a, + (byte)0x0f, (byte)0x20, (byte)0x35, (byte)0x02, (byte)0x8b, (byte)0x9d, (byte)0x89, (byte)0x02, + (byte)0x20, (byte)0x59, (byte)0x0b, (byte)0x95, (byte)0x72, (byte)0xa2, (byte)0xc2, (byte)0xa9, + (byte)0xc4, (byte)0x06, (byte)0x05, (byte)0x9d, (byte)0xc2, (byte)0xab, (byte)0x2f, (byte)0x1d, + (byte)0xaf, (byte)0xeb, (byte)0x7e, (byte)0x8b, (byte)0x4f, (byte)0x10, (byte)0xa7, (byte)0x54, + (byte)0x9e, (byte)0x8e, (byte)0xed, (byte)0xf5, (byte)0xb4, (byte)0xfc, (byte)0xe0, (byte)0x9e, + (byte)0x05, (byte)0x02, (byte)0x21, (byte)0x00, (byte)0x8e, (byte)0x3c, (byte)0x05, (byte)0x21, + (byte)0xfe, (byte)0x15, (byte)0xe0, (byte)0xea, (byte)0x06, (byte)0xa3, (byte)0x6f, (byte)0xf0, + (byte)0xf1, (byte)0x0c, (byte)0x99, (byte)0x52, (byte)0xc3, (byte)0x5b, (byte)0x7a, (byte)0x75, + (byte)0x14, (byte)0xfd, (byte)0x32, (byte)0x38, (byte)0xb8, (byte)0x0a, (byte)0xad, (byte)0x52, + (byte)0x98, (byte)0x62, (byte)0x8d, (byte)0x51, (byte)0x02, (byte)0x20, (byte)0x36, (byte)0x3f, + (byte)0xf7, (byte)0x18, (byte)0x9d, (byte)0xa8, (byte)0xe9, (byte)0x0b, (byte)0x1d, (byte)0x34, + (byte)0x1f, (byte)0x71, (byte)0xd0, (byte)0x9b, (byte)0x76, (byte)0xa8, (byte)0xa9, (byte)0x43, + (byte)0xe1, (byte)0x1d, (byte)0x10, (byte)0xb2, (byte)0x4d, (byte)0x24, (byte)0x9f, (byte)0x2d, + (byte)0xea, (byte)0xfe, (byte)0xf8, (byte)0x0c, (byte)0x18, (byte)0x26 + }; + + private static readonly byte[] output1 = + { + (byte)0x1b, (byte)0x8f, (byte)0x05, (byte)0xf9, (byte)0xca, (byte)0x1a, (byte)0x79, (byte)0x52, + (byte)0x6e, (byte)0x53, (byte)0xf3, (byte)0xcc, (byte)0x51, (byte)0x4f, (byte)0xdb, (byte)0x89, + (byte)0x2b, (byte)0xfb, (byte)0x91, (byte)0x93, (byte)0x23, (byte)0x1e, (byte)0x78, (byte)0xb9, + (byte)0x92, (byte)0xe6, (byte)0x8d, (byte)0x50, (byte)0xa4, (byte)0x80, (byte)0xcb, (byte)0x52, + (byte)0x33, (byte)0x89, (byte)0x5c, (byte)0x74, (byte)0x95, (byte)0x8d, (byte)0x5d, (byte)0x02, + (byte)0xab, (byte)0x8c, (byte)0x0f, (byte)0xd0, (byte)0x40, (byte)0xeb, (byte)0x58, (byte)0x44, + (byte)0xb0, (byte)0x05, (byte)0xc3, (byte)0x9e, (byte)0xd8, (byte)0x27, (byte)0x4a, (byte)0x9d, + (byte)0xbf, (byte)0xa8, (byte)0x06, (byte)0x71, (byte)0x40, (byte)0x94, (byte)0x39, (byte)0xd2 + }; + + private static readonly byte[] pubKeyEnc2 = + { + (byte)0x30, (byte)0x4c, (byte)0x30, (byte)0x0d, (byte)0x06, (byte)0x09, (byte)0x2a, (byte)0x86, + (byte)0x48, (byte)0x86, (byte)0xf7, (byte)0x0d, (byte)0x01, (byte)0x01, (byte)0x01, (byte)0x05, + (byte)0x00, (byte)0x03, (byte)0x3b, (byte)0x00, (byte)0x30, (byte)0x38, (byte)0x02, (byte)0x33, + (byte)0x00, (byte)0xa3, (byte)0x07, (byte)0x9a, (byte)0x90, (byte)0xdf, (byte)0x0d, (byte)0xfd, + (byte)0x72, (byte)0xac, (byte)0x09, (byte)0x0c, (byte)0xcc, (byte)0x2a, (byte)0x78, (byte)0xb8, + (byte)0x74, (byte)0x13, (byte)0x13, (byte)0x3e, (byte)0x40, (byte)0x75, (byte)0x9c, (byte)0x98, + (byte)0xfa, (byte)0xf8, (byte)0x20, (byte)0x4f, (byte)0x35, (byte)0x8a, (byte)0x0b, (byte)0x26, + (byte)0x3c, (byte)0x67, (byte)0x70, (byte)0xe7, (byte)0x83, (byte)0xa9, (byte)0x3b, (byte)0x69, + (byte)0x71, (byte)0xb7, (byte)0x37, (byte)0x79, (byte)0xd2, (byte)0x71, (byte)0x7b, (byte)0xe8, + (byte)0x34, (byte)0x77, (byte)0xcf, (byte)0x02, (byte)0x01, (byte)0x03 + }; + + private static readonly byte[] privKeyEnc2 = + { + (byte)0x30, (byte)0x82, (byte)0x01, (byte)0x13, (byte)0x02, (byte)0x01, (byte)0x00, (byte)0x30, + (byte)0x0d, (byte)0x06, (byte)0x09, (byte)0x2a, (byte)0x86, (byte)0x48, (byte)0x86, (byte)0xf7, + (byte)0x0d, (byte)0x01, (byte)0x01, (byte)0x01, (byte)0x05, (byte)0x00, (byte)0x04, (byte)0x81, + (byte)0xfe, (byte)0x30, (byte)0x81, (byte)0xfb, (byte)0x02, (byte)0x01, (byte)0x00, (byte)0x02, + (byte)0x33, (byte)0x00, (byte)0xa3, (byte)0x07, (byte)0x9a, (byte)0x90, (byte)0xdf, (byte)0x0d, + (byte)0xfd, (byte)0x72, (byte)0xac, (byte)0x09, (byte)0x0c, (byte)0xcc, (byte)0x2a, (byte)0x78, + (byte)0xb8, (byte)0x74, (byte)0x13, (byte)0x13, (byte)0x3e, (byte)0x40, (byte)0x75, (byte)0x9c, + (byte)0x98, (byte)0xfa, (byte)0xf8, (byte)0x20, (byte)0x4f, (byte)0x35, (byte)0x8a, (byte)0x0b, + (byte)0x26, (byte)0x3c, (byte)0x67, (byte)0x70, (byte)0xe7, (byte)0x83, (byte)0xa9, (byte)0x3b, + (byte)0x69, (byte)0x71, (byte)0xb7, (byte)0x37, (byte)0x79, (byte)0xd2, (byte)0x71, (byte)0x7b, + (byte)0xe8, (byte)0x34, (byte)0x77, (byte)0xcf, (byte)0x02, (byte)0x01, (byte)0x03, (byte)0x02, + (byte)0x32, (byte)0x6c, (byte)0xaf, (byte)0xbc, (byte)0x60, (byte)0x94, (byte)0xb3, (byte)0xfe, + (byte)0x4c, (byte)0x72, (byte)0xb0, (byte)0xb3, (byte)0x32, (byte)0xc6, (byte)0xfb, (byte)0x25, + (byte)0xa2, (byte)0xb7, (byte)0x62, (byte)0x29, (byte)0x80, (byte)0x4e, (byte)0x68, (byte)0x65, + (byte)0xfc, (byte)0xa4, (byte)0x5a, (byte)0x74, (byte)0xdf, (byte)0x0f, (byte)0x8f, (byte)0xb8, + (byte)0x41, (byte)0x3b, (byte)0x52, (byte)0xc0, (byte)0xd0, (byte)0xe5, (byte)0x3d, (byte)0x9b, + (byte)0x59, (byte)0x0f, (byte)0xf1, (byte)0x9b, (byte)0xe7, (byte)0x9f, (byte)0x49, (byte)0xdd, + (byte)0x21, (byte)0xe5, (byte)0xeb, (byte)0x02, (byte)0x1a, (byte)0x00, (byte)0xcf, (byte)0x20, + (byte)0x35, (byte)0x02, (byte)0x8b, (byte)0x9d, (byte)0x86, (byte)0x98, (byte)0x40, (byte)0xb4, + (byte)0x16, (byte)0x66, (byte)0xb4, (byte)0x2e, (byte)0x92, (byte)0xea, (byte)0x0d, (byte)0xa3, + (byte)0xb4, (byte)0x32, (byte)0x04, (byte)0xb5, (byte)0xcf, (byte)0xce, (byte)0x91, (byte)0x02, + (byte)0x1a, (byte)0x00, (byte)0xc9, (byte)0x7f, (byte)0xb1, (byte)0xf0, (byte)0x27, (byte)0xf4, + (byte)0x53, (byte)0xf6, (byte)0x34, (byte)0x12, (byte)0x33, (byte)0xea, (byte)0xaa, (byte)0xd1, + (byte)0xd9, (byte)0x35, (byte)0x3f, (byte)0x6c, (byte)0x42, (byte)0xd0, (byte)0x88, (byte)0x66, + (byte)0xb1, (byte)0xd0, (byte)0x5f, (byte)0x02, (byte)0x1a, (byte)0x00, (byte)0x8a, (byte)0x15, + (byte)0x78, (byte)0xac, (byte)0x5d, (byte)0x13, (byte)0xaf, (byte)0x10, (byte)0x2b, (byte)0x22, + (byte)0xb9, (byte)0x99, (byte)0xcd, (byte)0x74, (byte)0x61, (byte)0xf1, (byte)0x5e, (byte)0x6d, + (byte)0x22, (byte)0xcc, (byte)0x03, (byte)0x23, (byte)0xdf, (byte)0xdf, (byte)0x0b, (byte)0x02, + (byte)0x1a, (byte)0x00, (byte)0x86, (byte)0x55, (byte)0x21, (byte)0x4a, (byte)0xc5, (byte)0x4d, + (byte)0x8d, (byte)0x4e, (byte)0xcd, (byte)0x61, (byte)0x77, (byte)0xf1, (byte)0xc7, (byte)0x36, + (byte)0x90, (byte)0xce, (byte)0x2a, (byte)0x48, (byte)0x2c, (byte)0x8b, (byte)0x05, (byte)0x99, + (byte)0xcb, (byte)0xe0, (byte)0x3f, (byte)0x02, (byte)0x1a, (byte)0x00, (byte)0x83, (byte)0xef, + (byte)0xef, (byte)0xb8, (byte)0xa9, (byte)0xa4, (byte)0x0d, (byte)0x1d, (byte)0xb6, (byte)0xed, + (byte)0x98, (byte)0xad, (byte)0x84, (byte)0xed, (byte)0x13, (byte)0x35, (byte)0xdc, (byte)0xc1, + (byte)0x08, (byte)0xf3, (byte)0x22, (byte)0xd0, (byte)0x57, (byte)0xcf, (byte)0x8d + }; + + private static readonly byte[] output2 = + { + (byte)0x14, (byte)0xbd, (byte)0xdd, (byte)0x28, (byte)0xc9, (byte)0x83, (byte)0x35, (byte)0x19, + (byte)0x23, (byte)0x80, (byte)0xe8, (byte)0xe5, (byte)0x49, (byte)0xb1, (byte)0x58, (byte)0x2a, + (byte)0x8b, (byte)0x40, (byte)0xb4, (byte)0x48, (byte)0x6d, (byte)0x03, (byte)0xa6, (byte)0xa5, + (byte)0x31, (byte)0x1f, (byte)0x1f, (byte)0xd5, (byte)0xf0, (byte)0xa1, (byte)0x80, (byte)0xe4, + (byte)0x17, (byte)0x53, (byte)0x03, (byte)0x29, (byte)0xa9, (byte)0x34, (byte)0x90, (byte)0x74, + (byte)0xb1, (byte)0x52, (byte)0x13, (byte)0x54, (byte)0x29, (byte)0x08, (byte)0x24, (byte)0x52, + (byte)0x62, (byte)0x51 + }; + + private static readonly byte[] pubKeyEnc3 = + { + (byte)0x30, (byte)0x81, (byte)0x9d, (byte)0x30, (byte)0x0d, (byte)0x06, (byte)0x09, (byte)0x2a, + (byte)0x86, (byte)0x48, (byte)0x86, (byte)0xf7, (byte)0x0d, (byte)0x01, (byte)0x01, (byte)0x01, + (byte)0x05, (byte)0x00, (byte)0x03, (byte)0x81, (byte)0x8b, (byte)0x00, (byte)0x30, (byte)0x81, + (byte)0x87, (byte)0x02, (byte)0x81, (byte)0x81, (byte)0x00, (byte)0xbb, (byte)0xf8, (byte)0x2f, + (byte)0x09, (byte)0x06, (byte)0x82, (byte)0xce, (byte)0x9c, (byte)0x23, (byte)0x38, (byte)0xac, + (byte)0x2b, (byte)0x9d, (byte)0xa8, (byte)0x71, (byte)0xf7, (byte)0x36, (byte)0x8d, (byte)0x07, + (byte)0xee, (byte)0xd4, (byte)0x10, (byte)0x43, (byte)0xa4, (byte)0x40, (byte)0xd6, (byte)0xb6, + (byte)0xf0, (byte)0x74, (byte)0x54, (byte)0xf5, (byte)0x1f, (byte)0xb8, (byte)0xdf, (byte)0xba, + (byte)0xaf, (byte)0x03, (byte)0x5c, (byte)0x02, (byte)0xab, (byte)0x61, (byte)0xea, (byte)0x48, + (byte)0xce, (byte)0xeb, (byte)0x6f, (byte)0xcd, (byte)0x48, (byte)0x76, (byte)0xed, (byte)0x52, + (byte)0x0d, (byte)0x60, (byte)0xe1, (byte)0xec, (byte)0x46, (byte)0x19, (byte)0x71, (byte)0x9d, + (byte)0x8a, (byte)0x5b, (byte)0x8b, (byte)0x80, (byte)0x7f, (byte)0xaf, (byte)0xb8, (byte)0xe0, + (byte)0xa3, (byte)0xdf, (byte)0xc7, (byte)0x37, (byte)0x72, (byte)0x3e, (byte)0xe6, (byte)0xb4, + (byte)0xb7, (byte)0xd9, (byte)0x3a, (byte)0x25, (byte)0x84, (byte)0xee, (byte)0x6a, (byte)0x64, + (byte)0x9d, (byte)0x06, (byte)0x09, (byte)0x53, (byte)0x74, (byte)0x88, (byte)0x34, (byte)0xb2, + (byte)0x45, (byte)0x45, (byte)0x98, (byte)0x39, (byte)0x4e, (byte)0xe0, (byte)0xaa, (byte)0xb1, + (byte)0x2d, (byte)0x7b, (byte)0x61, (byte)0xa5, (byte)0x1f, (byte)0x52, (byte)0x7a, (byte)0x9a, + (byte)0x41, (byte)0xf6, (byte)0xc1, (byte)0x68, (byte)0x7f, (byte)0xe2, (byte)0x53, (byte)0x72, + (byte)0x98, (byte)0xca, (byte)0x2a, (byte)0x8f, (byte)0x59, (byte)0x46, (byte)0xf8, (byte)0xe5, + (byte)0xfd, (byte)0x09, (byte)0x1d, (byte)0xbd, (byte)0xcb, (byte)0x02, (byte)0x01, (byte)0x11 + }; + + private static readonly byte[] privKeyEnc3 = + { + (byte)0x30, (byte)0x82, (byte)0x02, (byte)0x75, (byte)0x02, (byte)0x01, (byte)0x00, (byte)0x30, + (byte)0x0d, (byte)0x06, (byte)0x09, (byte)0x2a, (byte)0x86, (byte)0x48, (byte)0x86, (byte)0xf7, + (byte)0x0d, (byte)0x01, (byte)0x01, (byte)0x01, (byte)0x05, (byte)0x00, (byte)0x04, (byte)0x82, + (byte)0x02, (byte)0x5f, (byte)0x30, (byte)0x82, (byte)0x02, (byte)0x5b, (byte)0x02, (byte)0x01, + (byte)0x00, (byte)0x02, (byte)0x81, (byte)0x81, (byte)0x00, (byte)0xbb, (byte)0xf8, (byte)0x2f, + (byte)0x09, (byte)0x06, (byte)0x82, (byte)0xce, (byte)0x9c, (byte)0x23, (byte)0x38, (byte)0xac, + (byte)0x2b, (byte)0x9d, (byte)0xa8, (byte)0x71, (byte)0xf7, (byte)0x36, (byte)0x8d, (byte)0x07, + (byte)0xee, (byte)0xd4, (byte)0x10, (byte)0x43, (byte)0xa4, (byte)0x40, (byte)0xd6, (byte)0xb6, + (byte)0xf0, (byte)0x74, (byte)0x54, (byte)0xf5, (byte)0x1f, (byte)0xb8, (byte)0xdf, (byte)0xba, + (byte)0xaf, (byte)0x03, (byte)0x5c, (byte)0x02, (byte)0xab, (byte)0x61, (byte)0xea, (byte)0x48, + (byte)0xce, (byte)0xeb, (byte)0x6f, (byte)0xcd, (byte)0x48, (byte)0x76, (byte)0xed, (byte)0x52, + (byte)0x0d, (byte)0x60, (byte)0xe1, (byte)0xec, (byte)0x46, (byte)0x19, (byte)0x71, (byte)0x9d, + (byte)0x8a, (byte)0x5b, (byte)0x8b, (byte)0x80, (byte)0x7f, (byte)0xaf, (byte)0xb8, (byte)0xe0, + (byte)0xa3, (byte)0xdf, (byte)0xc7, (byte)0x37, (byte)0x72, (byte)0x3e, (byte)0xe6, (byte)0xb4, + (byte)0xb7, (byte)0xd9, (byte)0x3a, (byte)0x25, (byte)0x84, (byte)0xee, (byte)0x6a, (byte)0x64, + (byte)0x9d, (byte)0x06, (byte)0x09, (byte)0x53, (byte)0x74, (byte)0x88, (byte)0x34, (byte)0xb2, + (byte)0x45, (byte)0x45, (byte)0x98, (byte)0x39, (byte)0x4e, (byte)0xe0, (byte)0xaa, (byte)0xb1, + (byte)0x2d, (byte)0x7b, (byte)0x61, (byte)0xa5, (byte)0x1f, (byte)0x52, (byte)0x7a, (byte)0x9a, + (byte)0x41, (byte)0xf6, (byte)0xc1, (byte)0x68, (byte)0x7f, (byte)0xe2, (byte)0x53, (byte)0x72, + (byte)0x98, (byte)0xca, (byte)0x2a, (byte)0x8f, (byte)0x59, (byte)0x46, (byte)0xf8, (byte)0xe5, + (byte)0xfd, (byte)0x09, (byte)0x1d, (byte)0xbd, (byte)0xcb, (byte)0x02, (byte)0x01, (byte)0x11, + (byte)0x02, (byte)0x81, (byte)0x81, (byte)0x00, (byte)0xa5, (byte)0xda, (byte)0xfc, (byte)0x53, + (byte)0x41, (byte)0xfa, (byte)0xf2, (byte)0x89, (byte)0xc4, (byte)0xb9, (byte)0x88, (byte)0xdb, + (byte)0x30, (byte)0xc1, (byte)0xcd, (byte)0xf8, (byte)0x3f, (byte)0x31, (byte)0x25, (byte)0x1e, + (byte)0x06, (byte)0x68, (byte)0xb4, (byte)0x27, (byte)0x84, (byte)0x81, (byte)0x38, (byte)0x01, + (byte)0x57, (byte)0x96, (byte)0x41, (byte)0xb2, (byte)0x94, (byte)0x10, (byte)0xb3, (byte)0xc7, + (byte)0x99, (byte)0x8d, (byte)0x6b, (byte)0xc4, (byte)0x65, (byte)0x74, (byte)0x5e, (byte)0x5c, + (byte)0x39, (byte)0x26, (byte)0x69, (byte)0xd6, (byte)0x87, (byte)0x0d, (byte)0xa2, (byte)0xc0, + (byte)0x82, (byte)0xa9, (byte)0x39, (byte)0xe3, (byte)0x7f, (byte)0xdc, (byte)0xb8, (byte)0x2e, + (byte)0xc9, (byte)0x3e, (byte)0xda, (byte)0xc9, (byte)0x7f, (byte)0xf3, (byte)0xad, (byte)0x59, + (byte)0x50, (byte)0xac, (byte)0xcf, (byte)0xbc, (byte)0x11, (byte)0x1c, (byte)0x76, (byte)0xf1, + (byte)0xa9, (byte)0x52, (byte)0x94, (byte)0x44, (byte)0xe5, (byte)0x6a, (byte)0xaf, (byte)0x68, + (byte)0xc5, (byte)0x6c, (byte)0x09, (byte)0x2c, (byte)0xd3, (byte)0x8d, (byte)0xc3, (byte)0xbe, + (byte)0xf5, (byte)0xd2, (byte)0x0a, (byte)0x93, (byte)0x99, (byte)0x26, (byte)0xed, (byte)0x4f, + (byte)0x74, (byte)0xa1, (byte)0x3e, (byte)0xdd, (byte)0xfb, (byte)0xe1, (byte)0xa1, (byte)0xce, + (byte)0xcc, (byte)0x48, (byte)0x94, (byte)0xaf, (byte)0x94, (byte)0x28, (byte)0xc2, (byte)0xb7, + (byte)0xb8, (byte)0x88, (byte)0x3f, (byte)0xe4, (byte)0x46, (byte)0x3a, (byte)0x4b, (byte)0xc8, + (byte)0x5b, (byte)0x1c, (byte)0xb3, (byte)0xc1, (byte)0x02, (byte)0x41, (byte)0x00, (byte)0xee, + (byte)0xcf, (byte)0xae, (byte)0x81, (byte)0xb1, (byte)0xb9, (byte)0xb3, (byte)0xc9, (byte)0x08, + (byte)0x81, (byte)0x0b, (byte)0x10, (byte)0xa1, (byte)0xb5, (byte)0x60, (byte)0x01, (byte)0x99, + (byte)0xeb, (byte)0x9f, (byte)0x44, (byte)0xae, (byte)0xf4, (byte)0xfd, (byte)0xa4, (byte)0x93, + (byte)0xb8, (byte)0x1a, (byte)0x9e, (byte)0x3d, (byte)0x84, (byte)0xf6, (byte)0x32, (byte)0x12, + (byte)0x4e, (byte)0xf0, (byte)0x23, (byte)0x6e, (byte)0x5d, (byte)0x1e, (byte)0x3b, (byte)0x7e, + (byte)0x28, (byte)0xfa, (byte)0xe7, (byte)0xaa, (byte)0x04, (byte)0x0a, (byte)0x2d, (byte)0x5b, + (byte)0x25, (byte)0x21, (byte)0x76, (byte)0x45, (byte)0x9d, (byte)0x1f, (byte)0x39, (byte)0x75, + (byte)0x41, (byte)0xba, (byte)0x2a, (byte)0x58, (byte)0xfb, (byte)0x65, (byte)0x99, (byte)0x02, + (byte)0x41, (byte)0x00, (byte)0xc9, (byte)0x7f, (byte)0xb1, (byte)0xf0, (byte)0x27, (byte)0xf4, + (byte)0x53, (byte)0xf6, (byte)0x34, (byte)0x12, (byte)0x33, (byte)0xea, (byte)0xaa, (byte)0xd1, + (byte)0xd9, (byte)0x35, (byte)0x3f, (byte)0x6c, (byte)0x42, (byte)0xd0, (byte)0x88, (byte)0x66, + (byte)0xb1, (byte)0xd0, (byte)0x5a, (byte)0x0f, (byte)0x20, (byte)0x35, (byte)0x02, (byte)0x8b, + (byte)0x9d, (byte)0x86, (byte)0x98, (byte)0x40, (byte)0xb4, (byte)0x16, (byte)0x66, (byte)0xb4, + (byte)0x2e, (byte)0x92, (byte)0xea, (byte)0x0d, (byte)0xa3, (byte)0xb4, (byte)0x32, (byte)0x04, + (byte)0xb5, (byte)0xcf, (byte)0xce, (byte)0x33, (byte)0x52, (byte)0x52, (byte)0x4d, (byte)0x04, + (byte)0x16, (byte)0xa5, (byte)0xa4, (byte)0x41, (byte)0xe7, (byte)0x00, (byte)0xaf, (byte)0x46, + (byte)0x15, (byte)0x03, (byte)0x02, (byte)0x40, (byte)0x54, (byte)0x49, (byte)0x4c, (byte)0xa6, + (byte)0x3e, (byte)0xba, (byte)0x03, (byte)0x37, (byte)0xe4, (byte)0xe2, (byte)0x40, (byte)0x23, + (byte)0xfc, (byte)0xd6, (byte)0x9a, (byte)0x5a, (byte)0xeb, (byte)0x07, (byte)0xdd, (byte)0xdc, + (byte)0x01, (byte)0x83, (byte)0xa4, (byte)0xd0, (byte)0xac, (byte)0x9b, (byte)0x54, (byte)0xb0, + (byte)0x51, (byte)0xf2, (byte)0xb1, (byte)0x3e, (byte)0xd9, (byte)0x49, (byte)0x09, (byte)0x75, + (byte)0xea, (byte)0xb7, (byte)0x74, (byte)0x14, (byte)0xff, (byte)0x59, (byte)0xc1, (byte)0xf7, + (byte)0x69, (byte)0x2e, (byte)0x9a, (byte)0x2e, (byte)0x20, (byte)0x2b, (byte)0x38, (byte)0xfc, + (byte)0x91, (byte)0x0a, (byte)0x47, (byte)0x41, (byte)0x74, (byte)0xad, (byte)0xc9, (byte)0x3c, + (byte)0x1f, (byte)0x67, (byte)0xc9, (byte)0x81, (byte)0x02, (byte)0x40, (byte)0x47, (byte)0x1e, + (byte)0x02, (byte)0x90, (byte)0xff, (byte)0x0a, (byte)0xf0, (byte)0x75, (byte)0x03, (byte)0x51, + (byte)0xb7, (byte)0xf8, (byte)0x78, (byte)0x86, (byte)0x4c, (byte)0xa9, (byte)0x61, (byte)0xad, + (byte)0xbd, (byte)0x3a, (byte)0x8a, (byte)0x7e, (byte)0x99, (byte)0x1c, (byte)0x5c, (byte)0x05, + (byte)0x56, (byte)0xa9, (byte)0x4c, (byte)0x31, (byte)0x46, (byte)0xa7, (byte)0xf9, (byte)0x80, + (byte)0x3f, (byte)0x8f, (byte)0x6f, (byte)0x8a, (byte)0xe3, (byte)0x42, (byte)0xe9, (byte)0x31, + (byte)0xfd, (byte)0x8a, (byte)0xe4, (byte)0x7a, (byte)0x22, (byte)0x0d, (byte)0x1b, (byte)0x99, + (byte)0xa4, (byte)0x95, (byte)0x84, (byte)0x98, (byte)0x07, (byte)0xfe, (byte)0x39, (byte)0xf9, + (byte)0x24, (byte)0x5a, (byte)0x98, (byte)0x36, (byte)0xda, (byte)0x3d, (byte)0x02, (byte)0x41, + (byte)0x00, (byte)0xb0, (byte)0x6c, (byte)0x4f, (byte)0xda, (byte)0xbb, (byte)0x63, (byte)0x01, + (byte)0x19, (byte)0x8d, (byte)0x26, (byte)0x5b, (byte)0xdb, (byte)0xae, (byte)0x94, (byte)0x23, + (byte)0xb3, (byte)0x80, (byte)0xf2, (byte)0x71, (byte)0xf7, (byte)0x34, (byte)0x53, (byte)0x88, + (byte)0x50, (byte)0x93, (byte)0x07, (byte)0x7f, (byte)0xcd, (byte)0x39, (byte)0xe2, (byte)0x11, + (byte)0x9f, (byte)0xc9, (byte)0x86, (byte)0x32, (byte)0x15, (byte)0x4f, (byte)0x58, (byte)0x83, + (byte)0xb1, (byte)0x67, (byte)0xa9, (byte)0x67, (byte)0xbf, (byte)0x40, (byte)0x2b, (byte)0x4e, + (byte)0x9e, (byte)0x2e, (byte)0x0f, (byte)0x96, (byte)0x56, (byte)0xe6, (byte)0x98, (byte)0xea, + (byte)0x36, (byte)0x66, (byte)0xed, (byte)0xfb, (byte)0x25, (byte)0x79, (byte)0x80, (byte)0x39, + (byte)0xf7 + }; + + private static readonly byte[] output3 = Hex.Decode( + "b8246b56a6ed5881aeb585d9a25b2ad790c417e080681bf1ac2bc3deb69d8bce" + + "f0c4366fec400af052a72e9b0effb5b3f2f192dbeaca03c12740057113bf1f06" + + "69ac22e9f3a7852e3c15d913cab0b8863a95c99294ce8674214954610346f4d4" + + "74b26f7c48b42ee68e1f572a1fc4026ac456b4f59f7b621ea1b9d88f64202fb1"); + + private static readonly byte[] seed = { + (byte)0xaa, (byte)0xfd, (byte)0x12, (byte)0xf6, (byte)0x59, + (byte)0xca, (byte)0xe6, (byte)0x34, (byte)0x89, (byte)0xb4, + (byte)0x79, (byte)0xe5, (byte)0x07, (byte)0x6d, (byte)0xde, + (byte)0xc2, (byte)0xf0, (byte)0x6c, (byte)0xb5, (byte)0x8f + }; + + private class VecRand + : SecureRandom + { + private readonly byte[] seed; + + internal VecRand(byte[] seed) + { + this.seed = seed; + } + + public override void NextBytes( + byte[] bytes) + { + Array.Copy(seed, 0, bytes, 0, bytes.Length); + } + } + + private void BaseOaepTest( + int id, + byte[] pubKeyEnc, + byte[] privKeyEnc, + byte[] output) + { + // + // extract the public key info. + // + Asn1Object pubKeyObj = Asn1Object.FromByteArray(pubKeyEnc); + RsaPublicKeyStructure pubStruct = RsaPublicKeyStructure.GetInstance( + SubjectPublicKeyInfo.GetInstance(pubKeyObj).ParsePublicKey()); + + // + // extract the private key info. + // + Asn1Object privKeyObj = Asn1Object.FromByteArray(privKeyEnc); + RsaPrivateKeyStructure privStruct = RsaPrivateKeyStructure.GetInstance( + PrivateKeyInfo.GetInstance(privKeyObj).ParsePrivateKey()); + + RsaKeyParameters pubParameters = new RsaKeyParameters( + false, + pubStruct.Modulus, + pubStruct.PublicExponent); + + RsaKeyParameters privParameters = new RsaPrivateCrtKeyParameters( + privStruct.Modulus, + privStruct.PublicExponent, + privStruct.PrivateExponent, + privStruct.Prime1, + privStruct.Prime2, + privStruct.Exponent1, + privStruct.Exponent2, + privStruct.Coefficient); + + byte[] input = new byte[] { + (byte)0x54, (byte)0x85, (byte)0x9b, (byte)0x34, + (byte)0x2c, (byte)0x49, (byte)0xea, (byte)0x2a + }; + + EncDec("id(" + id + ")", pubParameters, privParameters, seed, input, output); + } + + private void EncDec( + string label, + RsaKeyParameters pubParameters, + RsaKeyParameters privParameters, + byte[] seed, + byte[] input, + byte[] output) + { + IAsymmetricBlockCipher cipher = new OaepEncoding(new RsaEngine()); + + cipher.Init(true, new ParametersWithRandom(pubParameters, new VecRand(seed))); + + byte[] outBytes = cipher.ProcessBlock(input, 0, input.Length); + + for (int i = 0; i != output.Length; i++) + { + if (outBytes[i] != output[i]) + { + Fail(label + " failed encryption"); + } + } + + cipher.Init(false, privParameters); + + outBytes = cipher.ProcessBlock(output, 0, output.Length); + + for (int i = 0; i != input.Length; i++) + { + if (outBytes[i] != input[i]) + { + Fail(label + " failed decoding"); + } + } + } + + /* + * RSA vector tests from PKCS#1 page + */ + private static readonly byte[] modulus_1024 = Hex.Decode( + "a8b3b284af8eb50b387034a860f146c4" + + "919f318763cd6c5598c8ae4811a1e0ab" + + "c4c7e0b082d693a5e7fced675cf46685" + + "12772c0cbc64a742c6c630f533c8cc72" + + "f62ae833c40bf25842e984bb78bdbf97" + + "c0107d55bdb662f5c4e0fab9845cb514" + + "8ef7392dd3aaff93ae1e6b667bb3d424" + + "7616d4f5ba10d4cfd226de88d39f16fb"); + + private static readonly byte[] pubExp_1024 = Hex.Decode("010001"); + + private static readonly byte[] privExp_1024 = Hex.Decode( + "53339cfdb79fc8466a655c7316aca85c" + + "55fd8f6dd898fdaf119517ef4f52e8fd" + + "8e258df93fee180fa0e4ab29693cd83b" + + "152a553d4ac4d1812b8b9fa5af0e7f55" + + "fe7304df41570926f3311f15c4d65a73" + + "2c483116ee3d3d2d0af3549ad9bf7cbf" + + "b78ad884f84d5beb04724dc7369b31de" + + "f37d0cf539e9cfcdd3de653729ead5d1"); + + private static readonly byte[] prime1_1024 = Hex.Decode( + "d32737e7267ffe1341b2d5c0d150a81b" + + "586fb3132bed2f8d5262864a9cb9f30a" + + "f38be448598d413a172efb802c21acf1" + + "c11c520c2f26a471dcad212eac7ca39d"); + + private static readonly byte[] prime2_1024 = Hex.Decode( + "cc8853d1d54da630fac004f471f281c7" + + "b8982d8224a490edbeb33d3e3d5cc93c" + + "4765703d1dd791642f1f116a0dd852be" + + "2419b2af72bfe9a030e860b0288b5d77"); + + private static readonly byte[] primeExp1_1024 = Hex.Decode( + "0e12bf1718e9cef5599ba1c3882fe804" + + "6a90874eefce8f2ccc20e4f2741fb0a3" + + "3a3848aec9c9305fbecbd2d76819967d" + + "4671acc6431e4037968db37878e695c1"); + + private static readonly byte[] primeExp2_1024 = Hex.Decode( + "95297b0f95a2fa67d00707d609dfd4fc" + + "05c89dafc2ef6d6ea55bec771ea33373" + + "4d9251e79082ecda866efef13c459e1a" + + "631386b7e354c899f5f112ca85d71583"); + + private static readonly byte[] crtCoef_1024 = Hex.Decode( + "4f456c502493bdc0ed2ab756a3a6ed4d" + + "67352a697d4216e93212b127a63d5411" + + "ce6fa98d5dbefd73263e372814274381" + + "8166ed7dd63687dd2a8ca1d2f4fbd8e1"); + + private static readonly byte[] input_1024_1 = Hex.Decode( + "6628194e12073db03ba94cda9ef95323" + + "97d50dba79b987004afefe34"); + + private static readonly byte[] seed_1024_1 = Hex.Decode( + "18b776ea21069d69776a33e96bad48e1" + + "dda0a5ef"); + + private static readonly byte[] output_1024_1 = Hex.Decode( + "354fe67b4a126d5d35fe36c777791a3f" + + "7ba13def484e2d3908aff722fad468fb" + + "21696de95d0be911c2d3174f8afcc201" + + "035f7b6d8e69402de5451618c21a535f" + + "a9d7bfc5b8dd9fc243f8cf927db31322" + + "d6e881eaa91a996170e657a05a266426" + + "d98c88003f8477c1227094a0d9fa1e8c" + + "4024309ce1ecccb5210035d47ac72e8a"); + + private static readonly byte[] input_1024_2 = Hex.Decode( + "750c4047f547e8e41411856523298ac9" + + "bae245efaf1397fbe56f9dd5"); + + private static readonly byte[] seed_1024_2 = Hex.Decode( + "0cc742ce4a9b7f32f951bcb251efd925" + + "fe4fe35f"); + + private static readonly byte[] output_1024_2 = Hex.Decode( + "640db1acc58e0568fe5407e5f9b701df" + + "f8c3c91e716c536fc7fcec6cb5b71c11" + + "65988d4a279e1577d730fc7a29932e3f" + + "00c81515236d8d8e31017a7a09df4352" + + "d904cdeb79aa583adcc31ea698a4c052" + + "83daba9089be5491f67c1a4ee48dc74b" + + "bbe6643aef846679b4cb395a352d5ed1" + + "15912df696ffe0702932946d71492b44"); + + private static readonly byte[] input_1024_3 = Hex.Decode( + "d94ae0832e6445ce42331cb06d531a82" + + "b1db4baad30f746dc916df24d4e3c245" + + "1fff59a6423eb0e1d02d4fe646cf699d" + + "fd818c6e97b051"); + + private static readonly byte[] seed_1024_3 = Hex.Decode( + "2514df4695755a67b288eaf4905c36ee" + + "c66fd2fd"); + + private static readonly byte[] output_1024_3 = Hex.Decode( + "423736ed035f6026af276c35c0b3741b" + + "365e5f76ca091b4e8c29e2f0befee603" + + "595aa8322d602d2e625e95eb81b2f1c9" + + "724e822eca76db8618cf09c5343503a4" + + "360835b5903bc637e3879fb05e0ef326" + + "85d5aec5067cd7cc96fe4b2670b6eac3" + + "066b1fcf5686b68589aafb7d629b02d8" + + "f8625ca3833624d4800fb081b1cf94eb"); + + private static readonly byte[] input_1024_4 = Hex.Decode( + "52e650d98e7f2a048b4f86852153b97e" + + "01dd316f346a19f67a85"); + + private static readonly byte[] seed_1024_4 = Hex.Decode( + "c4435a3e1a18a68b6820436290a37cef" + + "b85db3fb"); + + private static readonly byte[] output_1024_4 = Hex.Decode( + "45ead4ca551e662c9800f1aca8283b05" + + "25e6abae30be4b4aba762fa40fd3d38e" + + "22abefc69794f6ebbbc05ddbb1121624" + + "7d2f412fd0fba87c6e3acd888813646f" + + "d0e48e785204f9c3f73d6d8239562722" + + "dddd8771fec48b83a31ee6f592c4cfd4" + + "bc88174f3b13a112aae3b9f7b80e0fc6" + + "f7255ba880dc7d8021e22ad6a85f0755"); + + private static readonly byte[] input_1024_5 = Hex.Decode( + "8da89fd9e5f974a29feffb462b49180f" + + "6cf9e802"); + + private static readonly byte[] seed_1024_5 = Hex.Decode( + "b318c42df3be0f83fea823f5a7b47ed5" + + "e425a3b5"); + + private static readonly byte[] output_1024_5 = Hex.Decode( + "36f6e34d94a8d34daacba33a2139d00a" + + "d85a9345a86051e73071620056b920e2" + + "19005855a213a0f23897cdcd731b4525" + + "7c777fe908202befdd0b58386b1244ea" + + "0cf539a05d5d10329da44e13030fd760" + + "dcd644cfef2094d1910d3f433e1c7c6d" + + "d18bc1f2df7f643d662fb9dd37ead905" + + "9190f4fa66ca39e869c4eb449cbdc439"); + + private static readonly byte[] input_1024_6 = Hex.Decode("26521050844271"); + + private static readonly byte[] seed_1024_6 = Hex.Decode( + "e4ec0982c2336f3a677f6a356174eb0c" + + "e887abc2"); + + private static readonly byte[] output_1024_6 = Hex.Decode( + "42cee2617b1ecea4db3f4829386fbd61" + + "dafbf038e180d837c96366df24c097b4" + + "ab0fac6bdf590d821c9f10642e681ad0" + + "5b8d78b378c0f46ce2fad63f74e0ad3d" + + "f06b075d7eb5f5636f8d403b9059ca76" + + "1b5c62bb52aa45002ea70baace08ded2" + + "43b9d8cbd62a68ade265832b56564e43" + + "a6fa42ed199a099769742df1539e8255"); + + private static readonly byte[] modulus_1027 = Hex.Decode( + "051240b6cc0004fa48d0134671c078c7" + + "c8dec3b3e2f25bc2564467339db38853" + + "d06b85eea5b2de353bff42ac2e46bc97" + + "fae6ac9618da9537a5c8f553c1e35762" + + "5991d6108dcd7885fb3a25413f53efca" + + "d948cb35cd9b9ae9c1c67626d113d57d" + + "de4c5bea76bb5bb7de96c00d07372e96" + + "85a6d75cf9d239fa148d70931b5f3fb0" + + "39"); + + private static readonly byte[] pubExp_1027 = Hex.Decode("010001"); + + private static readonly byte[] privExp_1027 = Hex.Decode( + "0411ffca3b7ca5e9e9be7fe38a85105e" + + "353896db05c5796aecd2a725161eb365" + + "1c8629a9b862b904d7b0c7b37f8cb5a1" + + "c2b54001018a00a1eb2cafe4ee4e9492" + + "c348bc2bedab4b9ebbf064e8eff322b9" + + "009f8eec653905f40df88a3cdc49d456" + + "7f75627d41aca624129b46a0b7c698e5" + + "e65f2b7ba102c749a10135b6540d0401"); + + private static readonly byte[] prime1_1027 = Hex.Decode( + "027458c19ec1636919e736c9af25d609" + + "a51b8f561d19c6bf6943dd1ee1ab8a4a" + + "3f232100bd40b88decc6ba235548b6ef" + + "792a11c9de823d0a7922c7095b6eba57" + + "01"); + + private static readonly byte[] prime2_1027 = Hex.Decode( + "0210ee9b33ab61716e27d251bd465f4b" + + "35a1a232e2da00901c294bf22350ce49" + + "0d099f642b5375612db63ba1f2038649" + + "2bf04d34b3c22bceb909d13441b53b51" + + "39"); + + private static readonly byte[] primeExp1_1027 = Hex.Decode( + "39fa028b826e88c1121b750a8b242fa9" + + "a35c5b66bdfd1fa637d3cc48a84a4f45" + + "7a194e7727e49f7bcc6e5a5a412657fc" + + "470c7322ebc37416ef458c307a8c0901"); + + private static readonly byte[] primeExp2_1027 = Hex.Decode( + "015d99a84195943979fa9e1be2c3c1b6" + + "9f432f46fd03e47d5befbbbfd6b1d137" + + "1d83efb330a3e020942b2fed115e5d02" + + "be24fd92c9019d1cecd6dd4cf1e54cc8" + + "99"); + + private static readonly byte[] crtCoef_1027 = Hex.Decode( + "01f0b7015170b3f5e42223ba30301c41" + + "a6d87cbb70e30cb7d3c67d25473db1f6" + + "cbf03e3f9126e3e97968279a865b2c2b" + + "426524cfc52a683d31ed30eb984be412" + + "ba"); + + private static readonly byte[] input_1027_1 = Hex.Decode( + "4a86609534ee434a6cbca3f7e962e76d" + + "455e3264c19f605f6e5ff6137c65c56d" + + "7fb344cd52bc93374f3d166c9f0c6f9c" + + "506bad19330972d2"); + + private static readonly byte[] seed_1027_1 = Hex.Decode( + "1cac19ce993def55f98203f6852896c9" + + "5ccca1f3"); + + private static readonly byte[] output_1027_1 = Hex.Decode( + "04cce19614845e094152a3fe18e54e33" + + "30c44e5efbc64ae16886cb1869014cc5" + + "781b1f8f9e045384d0112a135ca0d12e" + + "9c88a8e4063416deaae3844f60d6e96f" + + "e155145f4525b9a34431ca3766180f70" + + "e15a5e5d8e8b1a516ff870609f13f896" + + "935ced188279a58ed13d07114277d75c" + + "6568607e0ab092fd803a223e4a8ee0b1" + + "a8"); + + private static readonly byte[] input_1027_2 = Hex.Decode( + "b0adc4f3fe11da59ce992773d9059943" + + "c03046497ee9d9f9a06df1166db46d98" + + "f58d27ec074c02eee6cbe2449c8b9fc5" + + "080c5c3f4433092512ec46aa793743c8"); + + private static readonly byte[] seed_1027_2 = Hex.Decode( + "f545d5897585e3db71aa0cb8da76c51d" + + "032ae963"); + + private static readonly byte[] output_1027_2 = Hex.Decode( + "0097b698c6165645b303486fbf5a2a44" + + "79c0ee85889b541a6f0b858d6b6597b1" + + "3b854eb4f839af03399a80d79bda6578" + + "c841f90d645715b280d37143992dd186" + + "c80b949b775cae97370e4ec97443136c" + + "6da484e970ffdb1323a20847821d3b18" + + "381de13bb49aaea66530c4a4b8271f3e" + + "ae172cd366e07e6636f1019d2a28aed1" + + "5e"); + + private static readonly byte[] input_1027_3 = Hex.Decode( + "bf6d42e701707b1d0206b0c8b45a1c72" + + "641ff12889219a82bdea965b5e79a96b" + + "0d0163ed9d578ec9ada20f2fbcf1ea3c" + + "4089d83419ba81b0c60f3606da99"); + + private static readonly byte[] seed_1027_3 = Hex.Decode( + "ad997feef730d6ea7be60d0dc52e72ea" + + "cbfdd275"); + + private static readonly byte[] output_1027_3 = Hex.Decode( + "0301f935e9c47abcb48acbbe09895d9f" + + "5971af14839da4ff95417ee453d1fd77" + + "319072bb7297e1b55d7561cd9d1bb24c" + + "1a9a37c619864308242804879d86ebd0" + + "01dce5183975e1506989b70e5a834341" + + "54d5cbfd6a24787e60eb0c658d2ac193" + + "302d1192c6e622d4a12ad4b53923bca2" + + "46df31c6395e37702c6a78ae081fb9d0" + + "65"); + + private static readonly byte[] input_1027_4 = Hex.Decode( + "fb2ef112f5e766eb94019297934794f7" + + "be2f6fc1c58e"); + + private static readonly byte[] seed_1027_4 = Hex.Decode( + "136454df5730f73c807a7e40d8c1a312" + + "ac5b9dd3"); + + private static readonly byte[] output_1027_4 = Hex.Decode( + "02d110ad30afb727beb691dd0cf17d0a" + + "f1a1e7fa0cc040ec1a4ba26a42c59d0a" + + "796a2e22c8f357ccc98b6519aceb682e" + + "945e62cb734614a529407cd452bee3e4" + + "4fece8423cc19e55548b8b994b849c7e" + + "cde4933e76037e1d0ce44275b08710c6" + + "8e430130b929730ed77e09b015642c55" + + "93f04e4ffb9410798102a8e96ffdfe11" + + "e4"); + + private static readonly byte[] input_1027_5 = Hex.Decode( + "28ccd447bb9e85166dabb9e5b7d1adad" + + "c4b9d39f204e96d5e440ce9ad928bc1c" + + "2284"); + + private static readonly byte[] seed_1027_5 = Hex.Decode( + "bca8057f824b2ea257f2861407eef63d" + + "33208681"); + + private static readonly byte[] output_1027_5 = Hex.Decode( + "00dbb8a7439d90efd919a377c54fae8f" + + "e11ec58c3b858362e23ad1b8a4431079" + + "9066b99347aa525691d2adc58d9b06e3" + + "4f288c170390c5f0e11c0aa3645959f1" + + "8ee79e8f2be8d7ac5c23d061f18dd74b" + + "8c5f2a58fcb5eb0c54f99f01a8324756" + + "8292536583340948d7a8c97c4acd1e98" + + "d1e29dc320e97a260532a8aa7a758a1e" + + "c2"); + + private static readonly byte[] input_1027_6 = Hex.Decode("f22242751ec6b1"); + + private static readonly byte[] seed_1027_6 = Hex.Decode( + "2e7e1e17f647b5ddd033e15472f90f68" + + "12f3ac4e"); + + private static readonly byte[] output_1027_6 = Hex.Decode( + "00a5ffa4768c8bbecaee2db77e8f2eec" + + "99595933545520835e5ba7db9493d3e1" + + "7cddefe6a5f567624471908db4e2d83a" + + "0fbee60608fc84049503b2234a07dc83" + + "b27b22847ad8920ff42f674ef79b7628" + + "0b00233d2b51b8cb2703a9d42bfbc825" + + "0c96ec32c051e57f1b4ba528db89c37e" + + "4c54e27e6e64ac69635ae887d9541619" + + "a9"); + + private void OaepVecTest( + int keySize, + int no, + RsaKeyParameters pubParam, + RsaKeyParameters privParam, + byte[] seed, + byte[] input, + byte[] output) + { + EncDec(keySize + " " + no, pubParam, privParam, seed, input, output); + } + + public override string Name + { + get { return "OAEP"; } + } + + public override void PerformTest() + { + BaseOaepTest(1, pubKeyEnc1, privKeyEnc1, output1); + BaseOaepTest(2, pubKeyEnc2, privKeyEnc2, output2); + BaseOaepTest(3, pubKeyEnc3, privKeyEnc3, output3); + + RsaKeyParameters pubParam = new RsaKeyParameters( + false, + new BigInteger(1, modulus_1024), + new BigInteger(1, pubExp_1024)); + RsaKeyParameters privParam = new RsaPrivateCrtKeyParameters( + pubParam.Modulus, + pubParam.Exponent, + new BigInteger(1, privExp_1024), + new BigInteger(1, prime1_1024), + new BigInteger(1, prime2_1024), + new BigInteger(1, primeExp1_1024), + new BigInteger(1, primeExp2_1024), + new BigInteger(1, crtCoef_1024)); + + OaepVecTest(1024, 1, pubParam, privParam, seed_1024_1, input_1024_1, output_1024_1); + OaepVecTest(1024, 2, pubParam, privParam, seed_1024_2, input_1024_2, output_1024_2); + OaepVecTest(1024, 3, pubParam, privParam, seed_1024_3, input_1024_3, output_1024_3); + OaepVecTest(1024, 4, pubParam, privParam, seed_1024_4, input_1024_4, output_1024_4); + OaepVecTest(1024, 5, pubParam, privParam, seed_1024_5, input_1024_5, output_1024_5); + OaepVecTest(1024, 6, pubParam, privParam, seed_1024_6, input_1024_6, output_1024_6); + + pubParam = new RsaKeyParameters( + false, + new BigInteger(1, modulus_1027), + new BigInteger(1, pubExp_1027)); + privParam = new RsaPrivateCrtKeyParameters( + pubParam.Modulus, + pubParam.Exponent, + new BigInteger(1, privExp_1027), + new BigInteger(1, prime1_1027), + new BigInteger(1, prime2_1027), + new BigInteger(1, primeExp1_1027), + new BigInteger(1, primeExp2_1027), + new BigInteger(1, crtCoef_1027)); + + OaepVecTest(1027, 1, pubParam, privParam, seed_1027_1, input_1027_1, output_1027_1); + OaepVecTest(1027, 2, pubParam, privParam, seed_1027_2, input_1027_2, output_1027_2); + OaepVecTest(1027, 3, pubParam, privParam, seed_1027_3, input_1027_3, output_1027_3); + OaepVecTest(1027, 4, pubParam, privParam, seed_1027_4, input_1027_4, output_1027_4); + OaepVecTest(1027, 5, pubParam, privParam, seed_1027_5, input_1027_5, output_1027_5); + OaepVecTest(1027, 6, pubParam, privParam, seed_1027_6, input_1027_6, output_1027_6); + + TestForHighByteError("invalidCiphertextOaepTest 1024", 1024); + + // + // OAEP - public encrypt, private decrypt, differing hashes + // + IAsymmetricBlockCipher cipher = new OaepEncoding(new RsaEngine(), new Sha256Digest(), new Sha1Digest(), null); + + cipher.Init(true, new ParametersWithRandom(pubParam, new SecureRandom())); + + byte[] input = new byte[10]; + + byte[] enc = cipher.ProcessBlock(input, 0, input.Length); + + cipher.Init(false, privParam); + + byte[] output = cipher.ProcessBlock(enc, 0, enc.Length); + + for (int i = 0; i != input.Length; i++) + { + if (output[i] != input[i]) + { + Fail("mixed digest failed decoding"); + } + } + + IBufferedCipher cBuf = CipherUtilities.GetCipher("RSA/NONE/OAEPWITHSHA-256ANDMGF1WITHSHA-1PADDING"); + + cBuf.Init(false, privParam); + + output = cBuf.DoFinal(enc, 0, enc.Length); + + Assert.AreEqual(input, output); + + cipher = new OaepEncoding(new RsaEngine(), new Sha1Digest(), new Sha256Digest(), new byte[10]); + + cipher.Init(true, new ParametersWithRandom(pubParam, new SecureRandom())); + + output = cipher.ProcessBlock(input, 0, input.Length); + + cipher.Init(false, privParam); + + output = cipher.ProcessBlock(output, 0, output.Length); + + for (int i = 0; i != input.Length; i++) + { + if (output[i] != input[i]) + { + Fail("mixed digest failed decoding"); + } + } + + // 2048 bit SHA-256 known answer test + byte[] encPub2048 = Base64.Decode("MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvF6kzNRPSUM3klXHq6R7O6TfI9XOe6oK5Mm/wYLMY5tqnVXItOG2fQagKhULQSi7ihUTYBbiffG72LCQVUd4/m+FSJmFdbfQgIjtEanBCC4oE4G5/uKuGh1SGQSsppMQiaJ4g1q12RAruOYp6L94JMnSy5pq3czVtbMfiEskO/FfD+nVAnpQNlrRShn268FB4+6FUiR68nwEdQXTEs20/i9V2BwoHuMmIQyjPoHo3ArEyBEDxACH02nsezb8Kes/rLwW0unjHEyWpw9EnxqaXxDg9z8CNO2IDUYtesNXBdFB/ggz+IdbsEJf0MbsjGz9R2xl2+lSOALsf6FZQOphgQIDAQAB"); + byte[] encPri2048 = Base64.Decode("MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQC8XqTM1E9JQzeSVcerpHs7pN8j1c57qgrkyb/Bgsxjm2qdVci04bZ9BqAqFQtBKLuKFRNgFuJ98bvYsJBVR3j+b4VImYV1t9CAiO0RqcEILigTgbn+4q4aHVIZBKymkxCJoniDWrXZECu45inov3gkydLLmmrdzNW1sx+ISyQ78V8P6dUCelA2WtFKGfbrwUHj7oVSJHryfAR1BdMSzbT+L1XYHCge4yYhDKM+gejcCsTIEQPEAIfTaex7Nvwp6z+svBbS6eMcTJanD0SfGppfEOD3PwI07YgNRi16w1cF0UH+CDP4h1uwQl/QxuyMbP1HbGXb6VI4Aux/oVlA6mGBAgMBAAECggEAAdjBr9pi/ppgmJgrsXSW2rJWl7DYaeD0Y2LQ9PI108IpzOoS4icWVWpztoXnSte94vAq9PW0ebyddVXhzFw7hO8N9PTAWLOZITF2dYZfBJgDP5G1g5iwUUQ5UlJ36NgnQNotaUhB4SNl8lWbUpNR97Zc0S8t3gfMjo/3fqwR6l6CkLEkzqdmrMb3+LOcdIs+kJCfC1Yb+czXkeUpbQaPogiiJDHxPlpEUMLTPqIwqWnAwJOxPLj34oevI7o7SWTQZQkwBUxj4cZYjEK/jXfQ2GM6XZJIW/7iCc1fZMzcX3PdECiri27iGFNyTdQHTqSfIhb5bctvFj5EE+DHT6ykCwKBgQD93ZbqHnslXuxXaekhSRN2sI+sXWhinVGEVptzu5secFwuUHT8xCPsAwUMMOKsyHGhh20ZYpUS/PadJPneA7oeWRZqeOPeWEli5J71dDBCDrn1UBBOFseEb/gicSbUR/ZaUa9FyJnnPVrFhUpLsXKftMxBJlGkxCNtYC6cBnyFLwKBgQC99BVbuxLCYNZe6bhxKnf16PyWbsvojjdNbAUKMr7G7VhdMFxJUcchARYhh19dtDR2/lJPBX8i9U1j5FXQzRmBz1TEQ4wF5TEYBnReOOnSWxF9kDaANY9jkMoUiAQJfWmKoLMYx5BoNoYhp/4Ri+pRVgTxM/Qp5UnzzzgXsZU4TwKBgQCgfuw/PWALg1SV+x5pbcLBYeSjSzaISf9UVFDZPT1XZB/TJAiiGPrA5jPVvj5AkETOo0jFKL8ojwb22H6j7uVG9HmofJ9LXbOfsvwQIBG2YYsNXT3BsMMYppVQaQrsYEaOWWAfFTC/sdlmUNtkuV3HPE15ztkE+v+O0aUF/U/R/wKBgHCkIFJAMhSgNh8ce6pn47EokzhlxXdHdlXr+2UbyHPQZTkFp4Q3AV159nS1gQDhDseNcqO3f7fsPRNCYP0r0rdeikbEQ3FvgthbY4BIQafjJxENhrQqjrgdMShRrAswmniBaRMFrIWP56RnqUsgbDgFSXL7OwvpExyIQhwSy4kTAoGBAN3x9T7UkwdHSAtpETC+9bGmdcbytHr6JElQKH8jM5sS3FKHR7NSGCGIBmYtbwU3GqU/4JUkDH+ASvsgT2KBLW9kj/zQRV6kW9g0O/2LY3RZ6bOvCs8p4LfPRBm6Zy1bm6h51Em62oXHoViYrI3TSmOfCK9nSeErsxt20sUfsLVW"); + + AsymmetricKeyParameter pub2048 = PublicKeyFactory.CreateKey(encPub2048); + AsymmetricKeyParameter pri2048 = PrivateKeyFactory.CreateKey(encPri2048); + + input = Strings.ToByteArray("OAEP SHA-256 Test"); + cipher = new OaepEncoding(new RsaEngine(), new Sha256Digest()); + + cipher.Init(true, new ParametersWithRandom(pub2048, new TestRandomData(encPub2048))); + + output = cipher.ProcessBlock(input, 0, input.Length); + + Assert.IsTrue(Arrays.AreEqual(Hex.Decode("8314e8dc39bfe75dcf1ecf770233593fd2f564c8bd2d4a4a66da238f8b3b476cbe4ccf40b2f3efdc74fd1fd015da1b7dd41802d9e61199b59d95714ac54b5479dd639d284038865d5a68790901093a6dac7afc086d26d4855b967eb262394eab9f15c3658ba62f90921d6354ce8d59095df761877b3e5e3278be84bae813f632a95042530eac0e28fa84f2a0202dd76529783ee3826c394476f381978dbabe7c08e76de5944b59aec0145ac6b2b75e1d153411ff8dceb18c14263eec5d9c6fc6cdbbd47006bcc0c905aaaf62d3f6b760dce5eb178635bb3fe02eb5772baa30eaa2cc00282830a9adc813611914e96ac1e3fc5c6319233ac65ff2a3c4468bac99"), output)); + + cipher.Init(false, pri2048); + + output = cipher.ProcessBlock(output, 0, output.Length); + + Assert.IsTrue(Arrays.AreEqual(input, output)); + } + + private void TestForHighByteError(string label, int keySizeBits) + { + // draw a key of the size asked + BigInteger e = BigInteger.One.ShiftLeft(16).Add(BigInteger.One); + + IAsymmetricCipherKeyPairGenerator kpGen = new RsaKeyPairGenerator(); + + kpGen.Init(new RsaKeyGenerationParameters(e, new SecureRandom(), keySizeBits, 100)); + + AsymmetricCipherKeyPair kp = kpGen.GenerateKeyPair(); + + IAsymmetricBlockCipher cipher = new OaepEncoding(new RsaEngine()); + + // obtain a known good ciphertext + cipher.Init(true, new ParametersWithRandom(kp.Public, new VecRand(seed))); + byte[] m = { 42 }; + byte[] c = cipher.ProcessBlock(m, 0, m.Length); + int keySizeBytes = (keySizeBits + 7) / 8; + if (c.Length != keySizeBytes) + { + Fail(label + " failed ciphertext size"); + } + + BigInteger n = ((RsaPrivateCrtKeyParameters)kp.Private).Modulus; + + // decipher + cipher.Init(false, kp.Private); + byte[] r = cipher.ProcessBlock(c, 0, keySizeBytes); + if (r.Length != 1 || r[0] != 42) + { + Fail(label + " failed first decryption of test message"); + } + + // decipher again + r = cipher.ProcessBlock(c, 0, keySizeBytes); + if (r.Length != 1 || r[0] != 42) + { + Fail(label + " failed second decryption of test message"); + } + + // check hapazard incorrect ciphertexts + for (int i = keySizeBytes * 8; --i >= 0; ) + { + c[i / 8] ^= (byte)(1 << (i & 7)); + bool ko = true; + try + { + BigInteger cV = new BigInteger(1, c); + + // don't pass in c if it will be rejected trivially + if (cV.CompareTo(n) < 0) + { + r = cipher.ProcessBlock(c, 0, keySizeBytes); + } + else + { + ko = false; // size errors are picked up at start + } + } + catch (InvalidCipherTextException) + { + ko = false; + } + if (ko) + { + Fail(label + " invalid ciphertext caused no exception"); + } + c[i / 8] ^= (byte)(1 << (i & 7)); + } + } + + public static void Main(string[] args) + { + RunTest(new OaepTest()); + } + + [Test] + public void TestFunction() + { + string resultText = Perform().ToString(); + + Assert.AreEqual(Name + ": Okay", resultText); + } + } +} diff --git a/BouncyCastle/crypto/test/src/crypto/test/OCBTest.cs b/BouncyCastle/crypto/test/src/crypto/test/OCBTest.cs new file mode 100644 index 0000000..9f898fb --- /dev/null +++ b/BouncyCastle/crypto/test/src/crypto/test/OCBTest.cs @@ -0,0 +1,515 @@ +using System; + +using NUnit.Framework; + +using Org.BouncyCastle.Crypto; +using Org.BouncyCastle.Crypto.Engines; +using Org.BouncyCastle.Crypto.Modes; +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Security; +using Org.BouncyCastle.Utilities; +using Org.BouncyCastle.Utilities.Date; +using Org.BouncyCastle.Utilities.Encoders; +using Org.BouncyCastle.Utilities.Test; + +namespace Org.BouncyCastle.Crypto.Tests +{ + /** + * Test vectors from RFC 7253 on The OCB + * Authenticated-Encryption Algorithm + */ + public class OcbTest + : SimpleTest + { + private const string KEY_128 = "000102030405060708090A0B0C0D0E0F"; + private const string KEY_96 = "0F0E0D0C0B0A09080706050403020100"; + + /* + * Test vectors from Appendix A of the specification, containing the strings N, A, P, C in order + */ + + private static readonly string[][] TEST_VECTORS_128 = new string[][]{ + new string[]{ "BBAA99887766554433221100", + "", + "", + "785407BFFFC8AD9EDCC5520AC9111EE6" }, + new string[]{ "BBAA99887766554433221101", + "0001020304050607", + "0001020304050607", + "6820B3657B6F615A5725BDA0D3B4EB3A257C9AF1F8F03009" }, + new string[]{ "BBAA99887766554433221102", + "0001020304050607", + "", + "81017F8203F081277152FADE694A0A00" }, + new string[]{ "BBAA99887766554433221103", + "", + "0001020304050607", + "45DD69F8F5AAE72414054CD1F35D82760B2CD00D2F99BFA9" }, + new string[]{ "BBAA99887766554433221104", + "000102030405060708090A0B0C0D0E0F", + "000102030405060708090A0B0C0D0E0F", + "571D535B60B277188BE5147170A9A22C3AD7A4FF3835B8C5701C1CCEC8FC3358" }, + new string[]{ "BBAA99887766554433221105", + "000102030405060708090A0B0C0D0E0F", + "", + "8CF761B6902EF764462AD86498CA6B97" }, + new string[]{ "BBAA99887766554433221106", + "", + "000102030405060708090A0B0C0D0E0F", + "5CE88EC2E0692706A915C00AEB8B2396F40E1C743F52436BDF06D8FA1ECA343D" }, + new string[]{ "BBAA99887766554433221107", + "000102030405060708090A0B0C0D0E0F1011121314151617", + "000102030405060708090A0B0C0D0E0F1011121314151617", + "1CA2207308C87C010756104D8840CE1952F09673A448A122C92C62241051F57356D7F3C90BB0E07F" }, + new string[]{ "BBAA99887766554433221108", + "000102030405060708090A0B0C0D0E0F1011121314151617", + "", + "6DC225A071FC1B9F7C69F93B0F1E10DE" }, + new string[]{ "BBAA99887766554433221109", + "", + "000102030405060708090A0B0C0D0E0F1011121314151617", + "221BD0DE7FA6FE993ECCD769460A0AF2D6CDED0C395B1C3CE725F32494B9F914D85C0B1EB38357FF" }, + new string[]{ "BBAA9988776655443322110A", + "000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F", + "000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F", + "BD6F6C496201C69296C11EFD138A467ABD3C707924B964DEAFFC40319AF5A48540FBBA186C5553C68AD9F592A79A4240" }, + new string[]{ "BBAA9988776655443322110B", + "000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F", + "", + "FE80690BEE8A485D11F32965BC9D2A32" }, + new string[]{ "BBAA9988776655443322110C", + "", + "000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F", + "2942BFC773BDA23CABC6ACFD9BFD5835BD300F0973792EF46040C53F1432BCDFB5E1DDE3BC18A5F840B52E653444D5DF" }, + new string[]{ "BBAA9988776655443322110D", + "000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F2021222324252627", + "000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F2021222324252627", + "D5CA91748410C1751FF8A2F618255B68A0A12E093FF454606E59F9C1D0DDC54B65E8628E568BAD7AED07BA06A4A69483A7035490C5769E60" }, + new string[]{ "BBAA9988776655443322110E", + "000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F2021222324252627", + "", + "C5CD9D1850C141E358649994EE701B68" }, + new string[]{ "BBAA9988776655443322110F", + "", + "000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F2021222324252627", + "4412923493C57D5DE0D700F753CCE0D1D2D95060122E9F15A5DDBFC5787E50B5CC55EE507BCB084E479AD363AC366B95A98CA5F3000B1479" }, + }; + + private static readonly string[][] TEST_VECTORS_96 = new string[][]{ + new string[]{ "BBAA9988776655443322110D", + "000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F2021222324252627", + "000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F2021222324252627", + "1792A4E31E0755FB03E31B22116E6C2DDF9EFD6E33D536F1A0124B0A55BAE884ED93481529C76B6AD0C515F4D1CDD4FDAC4F02AA" }, + }; + + public override string Name + { + get { return "OCB"; } + } + + public override void PerformTest() + { + byte[] K128 = Hex.Decode(KEY_128); + for (int i = 0; i < TEST_VECTORS_128.Length; ++i) + { + RunTestCase("Test Case " + i, TEST_VECTORS_128[i], 128, K128); + } + + byte[] K96 = Hex.Decode(KEY_96); + for (int i = 0; i < TEST_VECTORS_96.Length; ++i) + { + RunTestCase("Test Case " + i, TEST_VECTORS_96[i], 96, K96); + } + + RunLongerTestCase(128, 128, "67E944D23256C5E0B6C61FA22FDF1EA2"); + RunLongerTestCase(192, 128, "F673F2C3E7174AAE7BAE986CA9F29E17"); + RunLongerTestCase(256, 128, "D90EB8E9C977C88B79DD793D7FFA161C"); + RunLongerTestCase(128, 96, "77A3D8E73589158D25D01209"); + RunLongerTestCase(192, 96, "05D56EAD2752C86BE6932C5E"); + RunLongerTestCase(256, 96, "5458359AC23B0CBA9E6330DD"); + RunLongerTestCase(128, 64, "192C9B7BD90BA06A"); + RunLongerTestCase(192, 64, "0066BC6E0EF34E24"); + RunLongerTestCase(256, 64, "7D4EA5D445501CBE"); + + RandomTests(); + OutputSizeTests(); + DoTestExceptions(); + } + + private void DoTestExceptions() + { + IAeadBlockCipher ocb = CreateOcbCipher(); + + try + { + ocb = new OcbBlockCipher(new DesEngine(), new DesEngine()); + Fail("incorrect block size not picked up"); + } + catch (ArgumentException) + { + // expected + } + + try + { + ocb.Init(false, new KeyParameter(new byte[16])); + Fail("illegal argument not picked up"); + } + catch (ArgumentException) + { + // expected + } + + // TODO + //AEADTestUtil.testReset(this, createOCBCipher(), createOCBCipher(), new AEADParameters(new KeyParameter(new byte[16]), 128, new byte[15])); + //AEADTestUtil.testTampering(this, ocb, new AEADParameters(new KeyParameter(new byte[16]), 128, new byte[15])); + } + + private void RunTestCase(string testName, string[] testVector, int macLengthBits, byte[] K) + { + int pos = 0; + byte[] N = Hex.Decode(testVector[pos++]); + byte[] A = Hex.Decode(testVector[pos++]); + byte[] P = Hex.Decode(testVector[pos++]); + byte[] C = Hex.Decode(testVector[pos++]); + + int macLengthBytes = macLengthBits / 8; + + KeyParameter keyParameter = new KeyParameter(K); + AeadParameters parameters = new AeadParameters(keyParameter, macLengthBits, N, A); + + IAeadBlockCipher encCipher = InitOcbCipher(true, parameters); + IAeadBlockCipher decCipher = InitOcbCipher(false, parameters); + + CheckTestCase(encCipher, decCipher, testName, macLengthBytes, P, C); + CheckTestCase(encCipher, decCipher, testName + " (reused)", macLengthBytes, P, C); + + // Key reuse + AeadParameters keyReuseParams = AeadTestUtilities.ReuseKey(parameters); + encCipher.Init(true, keyReuseParams); + decCipher.Init(false, keyReuseParams); + CheckTestCase(encCipher, decCipher, testName + " (key reuse)", macLengthBytes, P, C); + } + + private IBlockCipher CreateUnderlyingCipher() + { + return new AesEngine(); + } + + private IAeadBlockCipher CreateOcbCipher() + { + return new OcbBlockCipher(CreateUnderlyingCipher(), CreateUnderlyingCipher()); + } + + private IAeadBlockCipher InitOcbCipher(bool forEncryption, AeadParameters parameters) + { + IAeadBlockCipher c = CreateOcbCipher(); + c.Init(forEncryption, parameters); + return c; + } + + private void CheckTestCase(IAeadBlockCipher encCipher, IAeadBlockCipher decCipher, string testName, + int macLengthBytes, byte[] P, byte[] C) + { + byte[] tag = Arrays.CopyOfRange(C, C.Length - macLengthBytes, C.Length); + + { + byte[] enc = new byte[encCipher.GetOutputSize(P.Length)]; + int len = encCipher.ProcessBytes(P, 0, P.Length, enc, 0); + len += encCipher.DoFinal(enc, len); + + if (enc.Length != len) + { + Fail("encryption reported incorrect length: " + testName); + } + + if (!AreEqual(C, enc)) + { + Fail("incorrect encrypt in: " + testName); + } + + if (!AreEqual(tag, encCipher.GetMac())) + { + Fail("getMac() not the same as the appended tag: " + testName); + } + } + + { + byte[] dec = new byte[decCipher.GetOutputSize(C.Length)]; + int len = decCipher.ProcessBytes(C, 0, C.Length, dec, 0); + len += decCipher.DoFinal(dec, len); + + if (dec.Length != len) + { + Fail("decryption reported incorrect length: " + testName); + } + + if (!AreEqual(P, dec)) + { + Fail("incorrect decrypt in: " + testName); + } + + if (!AreEqual(tag, decCipher.GetMac())) + { + Fail("getMac() not the same as the appended tag: " + testName); + } + } + } + + private void RunLongerTestCase(int keyLen, int tagLen, string expectedOutputHex) + { + byte[] expectedOutput = Hex.Decode(expectedOutputHex); + byte[] keyBytes = new byte[keyLen / 8]; + keyBytes[keyBytes.Length - 1] = (byte)tagLen; + KeyParameter key = new KeyParameter(keyBytes); + + IAeadBlockCipher c1 = InitOcbCipher(true, new AeadParameters(key, tagLen, CreateNonce(385))); + IAeadBlockCipher c2 = CreateOcbCipher(); + + long total = 0; + + byte[] S = new byte[128]; + + uint n = 0; + for (int i = 0; i < 128; ++i) + { + c2.Init(true, new AeadParameters(key, tagLen, CreateNonce(++n))); + total += UpdateCiphers(c1, c2, S, i, true, true); + c2.Init(true, new AeadParameters(key, tagLen, CreateNonce(++n))); + total += UpdateCiphers(c1, c2, S, i, false, true); + c2.Init(true, new AeadParameters(key, tagLen, CreateNonce(++n))); + total += UpdateCiphers(c1, c2, S, i, true, false); + } + + long expectedTotal = 16256 + (48 * tagLen); + + if (total != expectedTotal) + { + Fail("test generated the wrong amount of input: " + total); + } + + byte[] output = new byte[c1.GetOutputSize(0)]; + c1.DoFinal(output, 0); + + if (!AreEqual(expectedOutput, output)) + { + Fail("incorrect encrypt in long-form test"); + } + } + + private byte[] CreateNonce(uint n) + { + return new byte[]{ 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, (byte)(n >> 8), (byte)n }; + } + + private int UpdateCiphers(IAeadBlockCipher c1, IAeadBlockCipher c2, byte[] S, int i, + bool includeAAD, bool includePlaintext) + { + int inputLen = includePlaintext ? i : 0; + int outputLen = c2.GetOutputSize(inputLen); + + byte[] output = new byte[outputLen]; + + int len = 0; + + if (includeAAD) { + c2.ProcessAadBytes(S, 0, i); + } + + if (includePlaintext) { + len += c2.ProcessBytes(S, 0, i, output, len); + } + + len += c2.DoFinal(output, len); + + c1.ProcessAadBytes(output, 0, len); + + return len; + } + + private void RandomTests() + { + SecureRandom srng = new SecureRandom(); + srng.SetSeed(DateTimeUtilities.CurrentUnixMs()); + for (int i = 0; i < 10; ++i) + { + RandomTest(srng); + } + } + + private void RandomTest(SecureRandom srng) + { + int kLength = 16 + 8 * (System.Math.Abs(srng.NextInt()) % 3); + byte[] K = new byte[kLength]; + srng.NextBytes(K); + + int pLength = (int)((uint)srng.NextInt() >> 16); + byte[] P = new byte[pLength]; + srng.NextBytes(P); + + int aLength = (int)((uint)srng.NextInt() >> 24); + byte[] A = new byte[aLength]; + srng.NextBytes(A); + + int saLength = (int)((uint)srng.NextInt() >> 24); + byte[] SA = new byte[saLength]; + srng.NextBytes(SA); + + int ivLength = 1 + NextInt(srng, 15); + byte[] IV = new byte[ivLength]; + srng.NextBytes(IV); + + AeadParameters parameters = new AeadParameters(new KeyParameter(K), 16 * 8, IV, A); + IAeadBlockCipher cipher = InitOcbCipher(true, parameters); + byte[] C = new byte[cipher.GetOutputSize(P.Length)]; + int predicted = cipher.GetUpdateOutputSize(P.Length); + + int split = NextInt(srng, SA.Length + 1); + cipher.ProcessAadBytes(SA, 0, split); + int len = cipher.ProcessBytes(P, 0, P.Length, C, 0); + cipher.ProcessAadBytes(SA, split, SA.Length - split); + + if (predicted != len) + { + Fail("encryption reported incorrect update length in randomised test"); + } + + len += cipher.DoFinal(C, len); + + if (C.Length != len) + { + Fail("encryption reported incorrect length in randomised test"); + } + + byte[] encT = cipher.GetMac(); + byte[] tail = new byte[C.Length - P.Length]; + Array.Copy(C, P.Length, tail, 0, tail.Length); + + if (!AreEqual(encT, tail)) + { + Fail("stream contained wrong mac in randomised test"); + } + + cipher.Init(false, parameters); + byte[] decP = new byte[cipher.GetOutputSize(C.Length)]; + predicted = cipher.GetUpdateOutputSize(C.Length); + + split = NextInt(srng, SA.Length + 1); + cipher.ProcessAadBytes(SA, 0, split); + len = cipher.ProcessBytes(C, 0, C.Length, decP, 0); + cipher.ProcessAadBytes(SA, split, SA.Length - split); + + if (predicted != len) + { + Fail("decryption reported incorrect update length in randomised test"); + } + + len += cipher.DoFinal(decP, len); + + if (!AreEqual(P, decP)) + { + Fail("incorrect decrypt in randomised test"); + } + + byte[] decT = cipher.GetMac(); + if (!AreEqual(encT, decT)) + { + Fail("decryption produced different mac from encryption"); + } + + // + // key reuse test + // + cipher.Init(false, AeadTestUtilities.ReuseKey(parameters)); + decP = new byte[cipher.GetOutputSize(C.Length)]; + + split = NextInt(srng, SA.Length + 1); + cipher.ProcessAadBytes(SA, 0, split); + len = cipher.ProcessBytes(C, 0, C.Length, decP, 0); + cipher.ProcessAadBytes(SA, split, SA.Length - split); + + len += cipher.DoFinal(decP, len); + + if (!AreEqual(P, decP)) + { + Fail("incorrect decrypt in randomised test"); + } + + decT = cipher.GetMac(); + if (!AreEqual(encT, decT)) + { + Fail("decryption produced different mac from encryption"); + } + } + + private void OutputSizeTests() + { + byte[] K = new byte[16]; + byte[] A = null; + byte[] IV = new byte[15]; + + AeadParameters parameters = new AeadParameters(new KeyParameter(K), 16 * 8, IV, A); + IAeadBlockCipher cipher = InitOcbCipher(true, parameters); + + if (cipher.GetUpdateOutputSize(0) != 0) + { + Fail("incorrect getUpdateOutputSize for initial 0 bytes encryption"); + } + + if (cipher.GetOutputSize(0) != 16) + { + Fail("incorrect getOutputSize for initial 0 bytes encryption"); + } + + cipher.Init(false, parameters); + + if (cipher.GetUpdateOutputSize(0) != 0) + { + Fail("incorrect getUpdateOutputSize for initial 0 bytes decryption"); + } + + // NOTE: 0 bytes would be truncated data, but we want it to fail in the doFinal, not here + if (cipher.GetOutputSize(0) != 0) + { + Fail("fragile getOutputSize for initial 0 bytes decryption"); + } + + if (cipher.GetOutputSize(16) != 0) + { + Fail("incorrect getOutputSize for initial MAC-size bytes decryption"); + } + } + + private static int NextInt(SecureRandom rand, int n) + { + if ((n & -n) == n) // i.e., n is a power of 2 + { + return (int)(((uint)n * (ulong)((uint)rand.NextInt() >> 1)) >> 31); + } + + int bits, value; + do + { + bits = (int)((uint)rand.NextInt() >> 1); + value = bits % n; + } + while (bits - value + (n - 1) < 0); + + return value; + } + + public static void Main( + string[] args) + { + RunTest(new OcbTest()); + } + + [Test] + public void TestFunction() + { + string resultText = Perform().ToString(); + + Assert.AreEqual(Name + ": Okay", resultText); + } + } +} diff --git a/BouncyCastle/crypto/test/src/crypto/test/OpenBsdBCryptTest.cs b/BouncyCastle/crypto/test/src/crypto/test/OpenBsdBCryptTest.cs new file mode 100644 index 0000000..fabe84d --- /dev/null +++ b/BouncyCastle/crypto/test/src/crypto/test/OpenBsdBCryptTest.cs @@ -0,0 +1,194 @@ +using System; + +using NUnit.Framework; + +using Org.BouncyCastle.Crypto.Generators; +using Org.BouncyCastle.Utilities.Test; + +namespace Org.BouncyCastle.Crypto.Tests +{ + [TestFixture] + public class OpenBsdBCryptTest + : SimpleTest + { + private static readonly string[][] BCryptTest1 = // vectors from http://cvsweb.openwall.com/cgi/cvsweb.cgi/Owl/packages/glibc/crypt_blowfish/wrapper.c?rev=HEAD + { + new string[]{"$2a$05$CCCCCCCCCCCCCCCCCCCCC.E5YPO9kmyuRGyh0XouQYb4YMJKvyOeW", "U*U"}, + new string[]{"$2a$05$CCCCCCCCCCCCCCCCCCCCC.VGOzA784oUp/Z0DY336zx7pLYAy0lwK", "U*U*"}, + new string[]{"$2a$05$XXXXXXXXXXXXXXXXXXXXXOAcXxm9kjPGEMsLznoKqmqw7tc8WCx4a", "U*U*U"}, + new string[]{"$2a$05$CCCCCCCCCCCCCCCCCCCCC.7uG0VCzI2bS7j6ymqJi9CdcdxiRTWNy", ""}, + new string[]{"$2a$05$abcdefghijklmnopqrstuu5s2v8.iXieOjg/.AySBTTZIIVFJeBui", + "0123456789abcdefghijklmnopqrstuvwxyz" + + "ABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789" + + "chars after 72 are ignored"}, + }; + + private static readonly string[] BCryptTest2 = { // from: http://openwall.info/wiki/john/sample-hashes + "$2a$05$bvIG6Nmid91Mu9RcmmWZfO5HJIMCT8riNW0hEp8f6/FuA2/mHZFpe", "password" + }; + + private static readonly string[] BCryptTest2b = { // from: http://stackoverflow.com/questions/11654684/verifying-a-bcrypt-hash + "$2a$10$.TtQJ4Jr6isd4Hp.mVfZeuh6Gws4rOQ/vdBczhDx.19NFK0Y84Dle", "ππππππππ" + }; + + private static readonly string[][] BCryptTest3 = // from: https://bitbucket.org/vadim/bcrypt.net/src/464c41416dc9/BCrypt.Net.Test/TestBCrypt.cs - plain - salt - expected + { + new string[]{"", "$2a$06$DCq7YPn5Rq63x1Lad4cll.", "$2a$06$DCq7YPn5Rq63x1Lad4cll.TV4S6ytwfsfvkgY8jIucDrjc8deX1s."}, + new string[]{"", "$2a$08$HqWuK6/Ng6sg9gQzbLrgb.", "$2a$08$HqWuK6/Ng6sg9gQzbLrgb.Tl.ZHfXLhvt/SgVyWhQqgqcZ7ZuUtye"}, + new string[]{"", "$2a$10$k1wbIrmNyFAPwPVPSVa/ze", "$2a$10$k1wbIrmNyFAPwPVPSVa/zecw2BCEnBwVS2GbrmgzxFUOqW9dk4TCW"}, + new string[]{"", "$2a$12$k42ZFHFWqBp3vWli.nIn8u", "$2a$12$k42ZFHFWqBp3vWli.nIn8uYyIkbvYRvodzbfbK18SSsY.CsIQPlxO"}, + new string[]{"a", "$2a$06$m0CrhHm10qJ3lXRY.5zDGO", "$2a$06$m0CrhHm10qJ3lXRY.5zDGO3rS2KdeeWLuGmsfGlMfOxih58VYVfxe"}, + new string[]{"a", "$2a$08$cfcvVd2aQ8CMvoMpP2EBfe", "$2a$08$cfcvVd2aQ8CMvoMpP2EBfeodLEkkFJ9umNEfPD18.hUF62qqlC/V."}, + new string[]{"a", "$2a$10$k87L/MF28Q673VKh8/cPi.", "$2a$10$k87L/MF28Q673VKh8/cPi.SUl7MU/rWuSiIDDFayrKk/1tBsSQu4u"}, + new string[]{"a", "$2a$12$8NJH3LsPrANStV6XtBakCe", "$2a$12$8NJH3LsPrANStV6XtBakCez0cKHXVxmvxIlcz785vxAIZrihHZpeS"}, + new string[]{"abc", "$2a$06$If6bvum7DFjUnE9p2uDeDu", "$2a$06$If6bvum7DFjUnE9p2uDeDu0YHzrHM6tf.iqN8.yx.jNN1ILEf7h0i"}, + new string[]{"abc", "$2a$08$Ro0CUfOqk6cXEKf3dyaM7O", "$2a$08$Ro0CUfOqk6cXEKf3dyaM7OhSCvnwM9s4wIX9JeLapehKK5YdLxKcm"}, + new string[]{"abc", "$2a$10$WvvTPHKwdBJ3uk0Z37EMR.", "$2a$10$WvvTPHKwdBJ3uk0Z37EMR.hLA2W6N9AEBhEgrAOljy2Ae5MtaSIUi"}, + new string[]{"abc", "$2a$12$EXRkfkdmXn2gzds2SSitu.", "$2a$12$EXRkfkdmXn2gzds2SSitu.MW9.gAVqa9eLS1//RYtYCmB1eLHg.9q"}, + new string[]{"abcdefghijklmnopqrstuvwxyz", "$2a$06$.rCVZVOThsIa97pEDOxvGu", "$2a$06$.rCVZVOThsIa97pEDOxvGuRRgzG64bvtJ0938xuqzv18d3ZpQhstC"}, + new string[]{"abcdefghijklmnopqrstuvwxyz", "$2a$08$aTsUwsyowQuzRrDqFflhge", "$2a$08$aTsUwsyowQuzRrDqFflhgekJ8d9/7Z3GV3UcgvzQW3J5zMyrTvlz."}, + new string[]{"abcdefghijklmnopqrstuvwxyz", "$2a$10$fVH8e28OQRj9tqiDXs1e1u", "$2a$10$fVH8e28OQRj9tqiDXs1e1uxpsjN0c7II7YPKXua2NAKYvM6iQk7dq"}, + new string[]{"abcdefghijklmnopqrstuvwxyz", "$2a$12$D4G5f18o7aMMfwasBL7Gpu", "$2a$12$D4G5f18o7aMMfwasBL7GpuQWuP3pkrZrOAnqP.bmezbMng.QwJ/pG"}, + new string[]{"~!@#$%^&*() ~!@#$%^&*()PNBFRD", "$2a$06$fPIsBO8qRqkjj273rfaOI.", "$2a$06$fPIsBO8qRqkjj273rfaOI.HtSV9jLDpTbZn782DC6/t7qT67P6FfO"}, + new string[]{"~!@#$%^&*() ~!@#$%^&*()PNBFRD", "$2a$08$Eq2r4G/76Wv39MzSX262hu", "$2a$08$Eq2r4G/76Wv39MzSX262huzPz612MZiYHVUJe/OcOql2jo4.9UxTW"}, + new string[]{"~!@#$%^&*() ~!@#$%^&*()PNBFRD", "$2a$10$LgfYWkbzEvQ4JakH7rOvHe", "$2a$10$LgfYWkbzEvQ4JakH7rOvHe0y8pHKF9OaFgwUZ2q7W2FFZmZzJYlfS"}, + new string[]{"~!@#$%^&*() ~!@#$%^&*()PNBFRD", "$2a$12$WApznUOJfkEGSmYRfnkrPO", "$2a$12$WApznUOJfkEGSmYRfnkrPOr466oFDCaj4b6HY3EXGvfxm43seyhgC"}, + }; + + private static readonly string[][] BCryptTest4 = { // from: https://github.com/ChrisMcKee/cryptsharp/blob/master/Tests/vectors/BCrypt.txt + new string[]{"n6HyjrYTo/r4lgjvM7L<`iM", "$2a$07$XPrYfnqc5ankSHnRfmPVu.A0trKq3VdczdbJjKaWIksKF.GfFCxv."}, + new string[]{"~s0quB/K8zRtRT:QtZr`s|^O", "$2a$07$5zzz8omiaStXwOetWwlmuePPRwUt0jhNBPYGGgAMcUDvqsGVqv9Cy"}, + new string[]{"r>8y3uE}6<7nI34?Q2rR0JEw", "$2a$07$k5AH9bO9aplPYdZMZ155qOcY1FewMXcupWewW6fViUtsVQ2Umg6LS"}, + new string[]{">l_7}xxH3|Cr{dCR[HTUN@k~", "$2a$05$24xz81ZZsMUMm940bbWMCeHsO.s6A3MG0JZzm4y3.Ti6P96bz6RN6"}, + new string[]{"D`lCFYTe9_8IW6nEB:oPjEk/S", "$2a$05$bA1xkp4NqFvDmtQJtDO9CugW0INxQLpMZha8AaHmBj9Zg9HlfQtBa"}, + new string[]{"UBGYU6|a|RpA:bp[;}p.ZY4f1", "$2a$08$gu4KBnkla.bEqHiwaJ8.z.0ixfzE1Q0/iPfmpfRmUA.NUhUdZboxa"}, + new string[]{"O9X[kP6{63F3rXKtN>n?zh2_", "$2a$04$yRZW9xEsqN9DL19jveqFyO1bljZ0r5KNCYqQzMqYpDB7XHWqDWNGC"}, + new string[]{":Sa:BknepsG}\\5dOj>kh0KAk", "$2a$04$KhDTFUlakUsPNuLQSgyr7.xQZxkTSIvo0nFw0XyjvrH6n5kZkYDLG"},// extra escape sequence added + new string[]{"2_9J6k:{z?SSjCzL/GT/5CMgc", "$2a$05$eN1jCXDxN9HmuIARJlwH4ewsEyYbAmq7Cw99gEHqGRXtWyrRNLScy"}, + + new string[]{"2KNy`Kodau14?s8XVruE;h/kdCRd@T]fQiv`Vz]KC0zaIAIeyY4zcooQ0^DfP{hHsw9?atO}CxbkbnK-LxUe;|FiBEluVqO@ysHhXQDdXPt0p", "$2a$07$pNHi/IxrSUohtsD5/eIv4O324ZPGfJE7mUAaNpIPkpyxjW9kqIk76"}, + new string[]{"ilWj~2mLBa1Pq`sxrW8fNNq:XF0@KP5RLW9u?[E_wwkROmCSWudYoS5I2HGI-1-?Pd0zVxTIeNbF;nLDUGtce{8dHmx90:;N<8", "$2a$07$ePVgkQl8QKSG2Xv6o0bnOe4SZp4ejag5CP44tjxfmY17F5VzRgwF6"}, + new string[]{"dj~OsXmQGj6FXnPGgwg9]G@75~L@G[|e3KWhz.Z~jUF0tt8[5U@8;5:=[v6pf.IEJ", "$2a$08$eXo9KDc1BZyybBgMurpcD.GA1/ch3XhgBnIH10Xvjc2ogZaGg3t/m"}, + }; + + + // 2y vectors generated from htpasswd -nB -C 12, nb leading username was removed. + private static readonly string[,] twoYVec = new string[,]{ + {"a", "$2y$12$DB3BUbYa/SsEL7kCOVji0OauTkPkB5Y1OeyfxJHM7jvMrbml5sgD2"}, + {"abc", "$2y$12$p.xODEbFcXUlHGbNxWZqAe6AA5FWupqXmN9tZea2ACDhwIx4EA2a6"}, + {"hello world", "$2y$12$wfkxITYXjNLVpEi9nOjz7uXMhCXKSTY7O2y7X4bwY89aGSvRziguq"}, + {"ABCDEFGHIJKLMNOPQRSTUVWXYABCDEFGHIJKLMNOPQRSTUVWXYABCDEFGHIJKLMNOPQRSTUVWXYABCDEFGHIJKLMNOPQRSTUVWXY", "$2y$12$QwAt5kuG68nW7v.87q0QPuwdki3romFc/RU/RV3Qqk4FPw6WdbQzu"} + }; + + // Same as 2y vectors only version changed to 2b to verify handling of that version. + private static readonly string[,] twoBVec = new string[,]{ + {"a", "$2b$12$DB3BUbYa/SsEL7kCOVji0OauTkPkB5Y1OeyfxJHM7jvMrbml5sgD2"}, + {"abc", "$2b$12$p.xODEbFcXUlHGbNxWZqAe6AA5FWupqXmN9tZea2ACDhwIx4EA2a6"}, + {"hello world", "$2b$12$wfkxITYXjNLVpEi9nOjz7uXMhCXKSTY7O2y7X4bwY89aGSvRziguq"}, + {"ABCDEFGHIJKLMNOPQRSTUVWXYABCDEFGHIJKLMNOPQRSTUVWXYABCDEFGHIJKLMNOPQRSTUVWXYABCDEFGHIJKLMNOPQRSTUVWXY", "$2b$12$QwAt5kuG68nW7v.87q0QPuwdki3romFc/RU/RV3Qqk4FPw6WdbQzu"} + }; + + public static void Main(string[] args) + { + RunTest(new OpenBsdBCryptTest()); + } + + public override string Name + { + get { return "OpenBsdBCrypt"; } + } + + public override void PerformTest() + { + string encoded, password; + + for (int i = 0; i < BCryptTest1.Length; i++) + { + string[] testString = BCryptTest1[i]; + encoded = testString[0]; + password = testString[1]; + if (!OpenBsdBCrypt.CheckPassword(encoded, password.ToCharArray())) + { + Fail("test1 mismatch: " + "[" + i + "] " + password); + } + } + + encoded = BCryptTest2[0]; + password = BCryptTest2[1]; + if (!OpenBsdBCrypt.CheckPassword(encoded, password.ToCharArray())) + { + Fail("bcryptTest2 mismatch: " + password); + } + + encoded = BCryptTest2b[0]; + password = BCryptTest2b[1]; + if (!OpenBsdBCrypt.CheckPassword(encoded, password.ToCharArray())) + { + Fail("bcryptTest2b mismatch: " + password); + } + + for (int i = 0; i < BCryptTest3.Length; i++) + { + string[] testString = BCryptTest3[i]; + encoded = testString[2]; + password = testString[0]; + if (!OpenBsdBCrypt.CheckPassword(encoded, password.ToCharArray())) + { + Fail("test3 mismatch: " + "[" + i + "] " + password); + } + } + + for (int i = 0; i < BCryptTest4.Length; i++) + { + string[] testString = BCryptTest4[i]; + encoded = testString[1]; + password = testString[0]; + if (!OpenBsdBCrypt.CheckPassword(encoded, password.ToCharArray())) + { + Fail("test4 mismatch: " + "[" + i + "] " + password); + } + } + + { + int lower = twoYVec.GetLowerBound(0); + int upper = twoYVec.GetUpperBound(0); + for (int i = lower; i <= upper; i++) + { + password = twoYVec[i, 0]; + encoded = twoYVec[i, 1]; + + if (!OpenBsdBCrypt.CheckPassword(encoded, password.ToCharArray())) + { + Fail("twoYVec mismatch: " + "[" + i + "] " + password); + } + } + } + + { + int lower = twoBVec.GetLowerBound(0); + int upper = twoBVec.GetUpperBound(0); + for (int i = lower; i <= upper; i++) + { + password = twoBVec[i, 0]; + encoded = twoBVec[i, 1]; + + if (!OpenBsdBCrypt.CheckPassword(encoded, password.ToCharArray())) + { + Fail("twoBVec mismatch: " + "[" + i + "] " + password); + } + } + } + } + + [Test] + public void TestFunction() + { + string resultText = Perform().ToString(); + + Assert.AreEqual(Name + ": Okay", resultText); + } + } +} diff --git a/BouncyCastle/crypto/test/src/crypto/test/PSSBlindTest.cs b/BouncyCastle/crypto/test/src/crypto/test/PSSBlindTest.cs new file mode 100644 index 0000000..d887a8f --- /dev/null +++ b/BouncyCastle/crypto/test/src/crypto/test/PSSBlindTest.cs @@ -0,0 +1,399 @@ +using System; + +using NUnit.Framework; + +using Org.BouncyCastle.Crypto.Digests; +using Org.BouncyCastle.Crypto.Engines; +using Org.BouncyCastle.Crypto.Generators; +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Crypto.Signers; +using Org.BouncyCastle.Math; +using Org.BouncyCastle.Security; +using Org.BouncyCastle.Utilities.Encoders; +using Org.BouncyCastle.Utilities.Test; + +namespace Org.BouncyCastle.Crypto.Tests +{ + /* + * RSA PSS test vectors for PKCS#1 V2.1 with blinding + */ + [TestFixture] + public class PssBlindTest + : SimpleTest + { + private readonly int DATA_LENGTH = 1000; + private readonly int NUM_TESTS = 50; + private readonly int NUM_TESTS_WITH_KEY_GENERATION = 10; + + private class FixedRandom + : SecureRandom + { + private readonly byte[] vals; + + public FixedRandom( + byte[] vals) + { + this.vals = vals; + } + + public override void NextBytes( + byte[] bytes) + { + Array.Copy(vals, 0, bytes, 0, vals.Length); + } + } + + // + // Example 1: A 1024-bit RSA keypair + // + private RsaKeyParameters pub1 = new RsaKeyParameters(false, + new BigInteger("a56e4a0e701017589a5187dc7ea841d156f2ec0e36ad52a44dfeb1e61f7ad991d8c51056ffedb162b4c0f283a12a88a394dff526ab7291cbb307ceabfce0b1dfd5cd9508096d5b2b8b6df5d671ef6377c0921cb23c270a70e2598e6ff89d19f105acc2d3f0cb35f29280e1386b6f64c4ef22e1e1f20d0ce8cffb2249bd9a2137",16), + new BigInteger("010001",16)); + + private RsaKeyParameters prv1 = new RsaPrivateCrtKeyParameters( + new BigInteger("a56e4a0e701017589a5187dc7ea841d156f2ec0e36ad52a44dfeb1e61f7ad991d8c51056ffedb162b4c0f283a12a88a394dff526ab7291cbb307ceabfce0b1dfd5cd9508096d5b2b8b6df5d671ef6377c0921cb23c270a70e2598e6ff89d19f105acc2d3f0cb35f29280e1386b6f64c4ef22e1e1f20d0ce8cffb2249bd9a2137",16), + new BigInteger("010001",16), + new BigInteger("33a5042a90b27d4f5451ca9bbbd0b44771a101af884340aef9885f2a4bbe92e894a724ac3c568c8f97853ad07c0266c8c6a3ca0929f1e8f11231884429fc4d9ae55fee896a10ce707c3ed7e734e44727a39574501a532683109c2abacaba283c31b4bd2f53c3ee37e352cee34f9e503bd80c0622ad79c6dcee883547c6a3b325",16), + new BigInteger("e7e8942720a877517273a356053ea2a1bc0c94aa72d55c6e86296b2dfc967948c0a72cbccca7eacb35706e09a1df55a1535bd9b3cc34160b3b6dcd3eda8e6443",16), + new BigInteger("b69dca1cf7d4d7ec81e75b90fcca874abcde123fd2700180aa90479b6e48de8d67ed24f9f19d85ba275874f542cd20dc723e6963364a1f9425452b269a6799fd",16), + new BigInteger("28fa13938655be1f8a159cbaca5a72ea190c30089e19cd274a556f36c4f6e19f554b34c077790427bbdd8dd3ede2448328f385d81b30e8e43b2fffa027861979",16), + new BigInteger("1a8b38f398fa712049898d7fb79ee0a77668791299cdfa09efc0e507acb21ed74301ef5bfd48be455eaeb6e1678255827580a8e4e8e14151d1510a82a3f2e729",16), + new BigInteger("27156aba4126d24a81f3a528cbfb27f56886f840a9f6e86e17a44b94fe9319584b8e22fdde1e5a2e3bd8aa5ba8d8584194eb2190acf832b847f13a3d24a79f4d",16)); + + // PSSExample1.1 + + private byte[] msg1a = Hex.Decode("cdc87da223d786df3b45e0bbbc721326d1ee2af806cc315475cc6f0d9c66e1b62371d45ce2392e1ac92844c310102f156a0d8d52c1f4c40ba3aa65095786cb769757a6563ba958fed0bcc984e8b517a3d5f515b23b8a41e74aa867693f90dfb061a6e86dfaaee64472c00e5f20945729cbebe77f06ce78e08f4098fba41f9d6193c0317e8b60d4b6084acb42d29e3808a3bc372d85e331170fcbf7cc72d0b71c296648b3a4d10f416295d0807aa625cab2744fd9ea8fd223c42537029828bd16be02546f130fd2e33b936d2676e08aed1b73318b750a0167d0"); + + private byte[] slt1a = Hex.Decode("dee959c7e06411361420ff80185ed57f3e6776af"); + + private byte[] sig1a = Hex.Decode("9074308fb598e9701b2294388e52f971faac2b60a5145af185df5287b5ed2887e57ce7fd44dc8634e407c8e0e4360bc226f3ec227f9d9e54638e8d31f5051215df6ebb9c2f9579aa77598a38f914b5b9c1bd83c4e2f9f382a0d0aa3542ffee65984a601bc69eb28deb27dca12c82c2d4c3f66cd500f1ff2b994d8a4e30cbb33c"); + + // PSSExample1.2 + + private byte[] msg1b = Hex.Decode("851384cdfe819c22ed6c4ccb30daeb5cf059bc8e1166b7e3530c4c233e2b5f8f71a1cca582d43ecc72b1bca16dfc7013226b9e"); + + private byte[] slt1b = Hex.Decode("ef2869fa40c346cb183dab3d7bffc98fd56df42d"); + + private byte[] sig1b = Hex.Decode("3ef7f46e831bf92b32274142a585ffcefbdca7b32ae90d10fb0f0c729984f04ef29a9df0780775ce43739b97838390db0a5505e63de927028d9d29b219ca2c4517832558a55d694a6d25b9dab66003c4cccd907802193be5170d26147d37b93590241be51c25055f47ef62752cfbe21418fafe98c22c4d4d47724fdb5669e843"); + + // + // Example 2: A 1025-bit RSA keypair + // + + private RsaKeyParameters pub2 = new RsaKeyParameters(false, + new BigInteger("01d40c1bcf97a68ae7cdbd8a7bf3e34fa19dcca4ef75a47454375f94514d88fed006fb829f8419ff87d6315da68a1ff3a0938e9abb3464011c303ad99199cf0c7c7a8b477dce829e8844f625b115e5e9c4a59cf8f8113b6834336a2fd2689b472cbb5e5cabe674350c59b6c17e176874fb42f8fc3d176a017edc61fd326c4b33c9", 16), + new BigInteger("010001", 16)); + + private RsaKeyParameters prv2 = new RsaPrivateCrtKeyParameters( + new BigInteger("01d40c1bcf97a68ae7cdbd8a7bf3e34fa19dcca4ef75a47454375f94514d88fed006fb829f8419ff87d6315da68a1ff3a0938e9abb3464011c303ad99199cf0c7c7a8b477dce829e8844f625b115e5e9c4a59cf8f8113b6834336a2fd2689b472cbb5e5cabe674350c59b6c17e176874fb42f8fc3d176a017edc61fd326c4b33c9", 16), + new BigInteger("010001", 16), + new BigInteger("027d147e4673057377fd1ea201565772176a7dc38358d376045685a2e787c23c15576bc16b9f444402d6bfc5d98a3e88ea13ef67c353eca0c0ddba9255bd7b8bb50a644afdfd1dd51695b252d22e7318d1b6687a1c10ff75545f3db0fe602d5f2b7f294e3601eab7b9d1cecd767f64692e3e536ca2846cb0c2dd486a39fa75b1", 16), + new BigInteger("016601e926a0f8c9e26ecab769ea65a5e7c52cc9e080ef519457c644da6891c5a104d3ea7955929a22e7c68a7af9fcad777c3ccc2b9e3d3650bce404399b7e59d1", 16), + new BigInteger("014eafa1d4d0184da7e31f877d1281ddda625664869e8379e67ad3b75eae74a580e9827abd6eb7a002cb5411f5266797768fb8e95ae40e3e8a01f35ff89e56c079", 16), + new BigInteger("e247cce504939b8f0a36090de200938755e2444b29539a7da7a902f6056835c0db7b52559497cfe2c61a8086d0213c472c78851800b171f6401de2e9c2756f31", 16), + new BigInteger("b12fba757855e586e46f64c38a70c68b3f548d93d787b399999d4c8f0bbd2581c21e19ed0018a6d5d3df86424b3abcad40199d31495b61309f27c1bf55d487c1", 16), + new BigInteger("564b1e1fa003bda91e89090425aac05b91da9ee25061e7628d5f51304a84992fdc33762bd378a59f030a334d532bd0dae8f298ea9ed844636ad5fb8cbdc03cad", 16)); + + // PSS Example 2.1 + + private byte[] msg2a = Hex.Decode("daba032066263faedb659848115278a52c44faa3a76f37515ed336321072c40a9d9b53bc05014078adf520875146aae70ff060226dcb7b1f1fc27e9360"); + private byte[] slt2a = Hex.Decode("57bf160bcb02bb1dc7280cf0458530b7d2832ff7"); + private byte[] sig2a = Hex.Decode("014c5ba5338328ccc6e7a90bf1c0ab3fd606ff4796d3c12e4b639ed9136a5fec6c16d8884bdd99cfdc521456b0742b736868cf90de099adb8d5ffd1deff39ba4007ab746cefdb22d7df0e225f54627dc65466131721b90af445363a8358b9f607642f78fab0ab0f43b7168d64bae70d8827848d8ef1e421c5754ddf42c2589b5b3"); + + // PSS Example 2.2 + + private byte[] msg2b = Hex.Decode("e4f8601a8a6da1be34447c0959c058570c3668cfd51dd5f9ccd6ad4411fe8213486d78a6c49f93efc2ca2288cebc2b9b60bd04b1e220d86e3d4848d709d032d1e8c6a070c6af9a499fcf95354b14ba6127c739de1bb0fd16431e46938aec0cf8ad9eb72e832a7035de9b7807bdc0ed8b68eb0f5ac2216be40ce920c0db0eddd3860ed788efaccaca502d8f2bd6d1a7c1f41ff46f1681c8f1f818e9c4f6d91a0c7803ccc63d76a6544d843e084e363b8acc55aa531733edb5dee5b5196e9f03e8b731b3776428d9e457fe3fbcb3db7274442d785890e9cb0854b6444dace791d7273de1889719338a77fe"); + private byte[] slt2b = Hex.Decode("7f6dd359e604e60870e898e47b19bf2e5a7b2a90"); + private byte[] sig2b = Hex.Decode("010991656cca182b7f29d2dbc007e7ae0fec158eb6759cb9c45c5ff87c7635dd46d150882f4de1e9ae65e7f7d9018f6836954a47c0a81a8a6b6f83f2944d6081b1aa7c759b254b2c34b691da67cc0226e20b2f18b42212761dcd4b908a62b371b5918c5742af4b537e296917674fb914194761621cc19a41f6fb953fbcbb649dea"); + + // + // Example 4: A 1027-bit RSA key pair + // + + private RsaKeyParameters pub4 = new RsaKeyParameters(false, + new BigInteger("054adb7886447efe6f57e0368f06cf52b0a3370760d161cef126b91be7f89c421b62a6ec1da3c311d75ed50e0ab5fff3fd338acc3aa8a4e77ee26369acb81ba900fa83f5300cf9bb6c53ad1dc8a178b815db4235a9a9da0c06de4e615ea1277ce559e9c108de58c14a81aa77f5a6f8d1335494498848c8b95940740be7bf7c3705", 16), + new BigInteger("010001", 16)); + + private RsaKeyParameters prv4 = new RsaPrivateCrtKeyParameters( + new BigInteger("054adb7886447efe6f57e0368f06cf52b0a3370760d161cef126b91be7f89c421b62a6ec1da3c311d75ed50e0ab5fff3fd338acc3aa8a4e77ee26369acb81ba900fa83f5300cf9bb6c53ad1dc8a178b815db4235a9a9da0c06de4e615ea1277ce559e9c108de58c14a81aa77f5a6f8d1335494498848c8b95940740be7bf7c3705", 16), + new BigInteger("010001", 16), + new BigInteger("fa041f8cd9697ceed38ec8caa275523b4dd72b09a301d3541d72f5d31c05cbce2d6983b36183af10690bd46c46131e35789431a556771dd0049b57461bf060c1f68472e8a67c25f357e5b6b4738fa541a730346b4a07649a2dfa806a69c975b6aba64678acc7f5913e89c622f2d8abb1e3e32554e39df94ba60c002e387d9011", 16), + new BigInteger("029232336d2838945dba9dd7723f4e624a05f7375b927a87abe6a893a1658fd49f47f6c7b0fa596c65fa68a23f0ab432962d18d4343bd6fd671a5ea8d148413995", 16), + new BigInteger("020ef5efe7c5394aed2272f7e81a74f4c02d145894cb1b3cab23a9a0710a2afc7e3329acbb743d01f680c4d02afb4c8fde7e20930811bb2b995788b5e872c20bb1", 16), + new BigInteger("026e7e28010ecf2412d9523ad704647fb4fe9b66b1a681581b0e15553a89b1542828898f27243ebab45ff5e1acb9d4df1b051fbc62824dbc6f6c93261a78b9a759", 16), + new BigInteger("012ddcc86ef655998c39ddae11718669e5e46cf1495b07e13b1014cd69b3af68304ad2a6b64321e78bf3bbca9bb494e91d451717e2d97564c6549465d0205cf421", 16), + new BigInteger("010600c4c21847459fe576703e2ebecae8a5094ee63f536bf4ac68d3c13e5e4f12ac5cc10ab6a2d05a199214d1824747d551909636b774c22cac0b837599abcc75", 16)); + + // PSS Example 4.1 + + private byte[] msg4a = Hex.Decode("9fb03b827c8217d9"); + + private byte[] slt4a = Hex.Decode("ed7c98c95f30974fbe4fbddcf0f28d6021c0e91d"); + + private byte[] sig4a = Hex.Decode("0323d5b7bf20ba4539289ae452ae4297080feff4518423ff4811a817837e7d82f1836cdfab54514ff0887bddeebf40bf99b047abc3ecfa6a37a3ef00f4a0c4a88aae0904b745c846c4107e8797723e8ac810d9e3d95dfa30ff4966f4d75d13768d20857f2b1406f264cfe75e27d7652f4b5ed3575f28a702f8c4ed9cf9b2d44948"); + + // PSS Example 4.2 + + private byte[] msg4b = Hex.Decode("0ca2ad77797ece86de5bf768750ddb5ed6a3116ad99bbd17edf7f782f0db1cd05b0f677468c5ea420dc116b10e80d110de2b0461ea14a38be68620392e7e893cb4ea9393fb886c20ff790642305bf302003892e54df9f667509dc53920df583f50a3dd61abb6fab75d600377e383e6aca6710eeea27156e06752c94ce25ae99fcbf8592dbe2d7e27453cb44de07100ebb1a2a19811a478adbeab270f94e8fe369d90b3ca612f9f"); + + private byte[] slt4b = Hex.Decode("22d71d54363a4217aa55113f059b3384e3e57e44"); + + private byte[] sig4b = Hex.Decode("049d0185845a264d28feb1e69edaec090609e8e46d93abb38371ce51f4aa65a599bdaaa81d24fba66a08a116cb644f3f1e653d95c89db8bbd5daac2709c8984000178410a7c6aa8667ddc38c741f710ec8665aa9052be929d4e3b16782c1662114c5414bb0353455c392fc28f3db59054b5f365c49e1d156f876ee10cb4fd70598"); + + + // + // Example 8: A 1031-bit RSA key pair + // + + private RsaKeyParameters pub8 = new RsaKeyParameters(false, + new BigInteger("495370a1fb18543c16d3631e3163255df62be6eee890d5f25509e4f778a8ea6fbbbcdf85dff64e0d972003ab3681fbba6dd41fd541829b2e582de9f2a4a4e0a2d0900bef4753db3cee0ee06c7dfae8b1d53b5953218f9cceea695b08668edeaadced9463b1d790d5ebf27e9115b46cad4d9a2b8efab0561b0810344739ada0733f", 16), + new BigInteger("010001", 16)); + + private RsaKeyParameters prv8 = new RsaPrivateCrtKeyParameters( + new BigInteger("495370a1fb18543c16d3631e3163255df62be6eee890d5f25509e4f778a8ea6fbbbcdf85dff64e0d972003ab3681fbba6dd41fd541829b2e582de9f2a4a4e0a2d0900bef4753db3cee0ee06c7dfae8b1d53b5953218f9cceea695b08668edeaadced9463b1d790d5ebf27e9115b46cad4d9a2b8efab0561b0810344739ada0733f", 16), + new BigInteger("010001", 16), + new BigInteger("6c66ffe98980c38fcdeab5159898836165f4b4b817c4f6a8d486ee4ea9130fe9b9092bd136d184f95f504a607eac565846d2fdd6597a8967c7396ef95a6eeebb4578a643966dca4d8ee3de842de63279c618159c1ab54a89437b6a6120e4930afb52a4ba6ced8a4947ac64b30a3497cbe701c2d6266d517219ad0ec6d347dbe9", 16), + new BigInteger("08dad7f11363faa623d5d6d5e8a319328d82190d7127d2846c439b0ab72619b0a43a95320e4ec34fc3a9cea876422305bd76c5ba7be9e2f410c8060645a1d29edb", 16), + new BigInteger("0847e732376fc7900f898ea82eb2b0fc418565fdae62f7d9ec4ce2217b97990dd272db157f99f63c0dcbb9fbacdbd4c4dadb6df67756358ca4174825b48f49706d", 16), + new BigInteger("05c2a83c124b3621a2aa57ea2c3efe035eff4560f33ddebb7adab81fce69a0c8c2edc16520dda83d59a23be867963ac65f2cc710bbcfb96ee103deb771d105fd85", 16), + new BigInteger("04cae8aa0d9faa165c87b682ec140b8ed3b50b24594b7a3b2c220b3669bb819f984f55310a1ae7823651d4a02e99447972595139363434e5e30a7e7d241551e1b9", 16), + new BigInteger("07d3e47bf686600b11ac283ce88dbb3f6051e8efd04680e44c171ef531b80b2b7c39fc766320e2cf15d8d99820e96ff30dc69691839c4b40d7b06e45307dc91f3f", 16)); + + // PSS Example 8.1 + + private byte[] msg8a = Hex.Decode("81332f4be62948415ea1d899792eeacf6c6e1db1da8be13b5cea41db2fed467092e1ff398914c714259775f595f8547f735692a575e6923af78f22c6997ddb90fb6f72d7bb0dd5744a31decd3dc3685849836ed34aec596304ad11843c4f88489f209735f5fb7fdaf7cec8addc5818168f880acbf490d51005b7a8e84e43e54287977571dd99eea4b161eb2df1f5108f12a4142a83322edb05a75487a3435c9a78ce53ed93bc550857d7a9fb"); + + private byte[] slt8a = Hex.Decode("1d65491d79c864b373009be6f6f2467bac4c78fa"); + + private byte[] sig8a = Hex.Decode("0262ac254bfa77f3c1aca22c5179f8f040422b3c5bafd40a8f21cf0fa5a667ccd5993d42dbafb409c520e25fce2b1ee1e716577f1efa17f3da28052f40f0419b23106d7845aaf01125b698e7a4dfe92d3967bb00c4d0d35ba3552ab9a8b3eef07c7fecdbc5424ac4db1e20cb37d0b2744769940ea907e17fbbca673b20522380c5"); + + // PSS Example 8.2 + + private byte[] msg8b = Hex.Decode("e2f96eaf0e05e7ba326ecca0ba7fd2f7c02356f3cede9d0faabf4fcc8e60a973e5595fd9ea08"); + + private byte[] slt8b = Hex.Decode("435c098aa9909eb2377f1248b091b68987ff1838"); + + private byte[] sig8b = Hex.Decode("2707b9ad5115c58c94e932e8ec0a280f56339e44a1b58d4ddcff2f312e5f34dcfe39e89c6a94dcee86dbbdae5b79ba4e0819a9e7bfd9d982e7ee6c86ee68396e8b3a14c9c8f34b178eb741f9d3f121109bf5c8172fada2e768f9ea1433032c004a8aa07eb990000a48dc94c8bac8aabe2b09b1aa46c0a2aa0e12f63fbba775ba7e"); + + // + // Example 9: A 1536-bit RSA key pair + // + + private RsaKeyParameters pub9 = new RsaKeyParameters(false, + new BigInteger("e6bd692ac96645790403fdd0f5beb8b9bf92ed10007fc365046419dd06c05c5b5b2f48ecf989e4ce269109979cbb40b4a0ad24d22483d1ee315ad4ccb1534268352691c524f6dd8e6c29d224cf246973aec86c5bf6b1401a850d1b9ad1bb8cbcec47b06f0f8c7f45d3fc8f319299c5433ddbc2b3053b47ded2ecd4a4caefd614833dc8bb622f317ed076b8057fe8de3f84480ad5e83e4a61904a4f248fb397027357e1d30e463139815c6fd4fd5ac5b8172a45230ecb6318a04f1455d84e5a8b", 16), + new BigInteger("010001", 16)); + + private RsaKeyParameters prv9 = new RsaPrivateCrtKeyParameters( + new BigInteger("e6bd692ac96645790403fdd0f5beb8b9bf92ed10007fc365046419dd06c05c5b5b2f48ecf989e4ce269109979cbb40b4a0ad24d22483d1ee315ad4ccb1534268352691c524f6dd8e6c29d224cf246973aec86c5bf6b1401a850d1b9ad1bb8cbcec47b06f0f8c7f45d3fc8f319299c5433ddbc2b3053b47ded2ecd4a4caefd614833dc8bb622f317ed076b8057fe8de3f84480ad5e83e4a61904a4f248fb397027357e1d30e463139815c6fd4fd5ac5b8172a45230ecb6318a04f1455d84e5a8b", 16), + new BigInteger("010001", 16), + new BigInteger("6a7fd84fb85fad073b34406db74f8d61a6abc12196a961dd79565e9da6e5187bce2d980250f7359575359270d91590bb0e427c71460b55d51410b191bcf309fea131a92c8e702738fa719f1e0041f52e40e91f229f4d96a1e6f172e15596b4510a6daec26105f2bebc53316b87bdf21311666070e8dfee69d52c71a976caae79c72b68d28580dc686d9f5129d225f82b3d615513a882b3db91416b48ce08888213e37eeb9af800d81cab328ce420689903c00c7b5fd31b75503a6d419684d629", 16), + new BigInteger("f8eb97e98df12664eefdb761596a69ddcd0e76daece6ed4bf5a1b50ac086f7928a4d2f8726a77e515b74da41988f220b1cc87aa1fc810ce99a82f2d1ce821edced794c6941f42c7a1a0b8c4d28c75ec60b652279f6154a762aed165d47dee367", 16), + new BigInteger("ed4d71d0a6e24b93c2e5f6b4bbe05f5fb0afa042d204fe3378d365c2f288b6a8dad7efe45d153eef40cacc7b81ff934002d108994b94a5e4728cd9c963375ae49965bda55cbf0efed8d6553b4027f2d86208a6e6b489c176128092d629e49d3d", 16), + new BigInteger("2bb68bddfb0c4f56c8558bffaf892d8043037841e7fa81cfa61a38c5e39b901c8ee71122a5da2227bd6cdeeb481452c12ad3d61d5e4f776a0ab556591befe3e59e5a7fddb8345e1f2f35b9f4cee57c32414c086aec993e9353e480d9eec6289f", 16), + new BigInteger("4ff897709fad079746494578e70fd8546130eeab5627c49b080f05ee4ad9f3e4b7cba9d6a5dff113a41c3409336833f190816d8a6bc42e9bec56b7567d0f3c9c696db619b245d901dd856db7c8092e77e9a1cccd56ee4dba42c5fdb61aec2669", 16), + new BigInteger("77b9d1137b50404a982729316efafc7dfe66d34e5a182600d5f30a0a8512051c560d081d4d0a1835ec3d25a60f4e4d6aa948b2bf3dbb5b124cbbc3489255a3a948372f6978496745f943e1db4f18382ceaa505dfc65757bb3f857a58dce52156", 16)); + + // PSS Example 9.1 + + private byte[] msg9a = Hex.Decode("a88e265855e9d7ca36c68795f0b31b591cd6587c71d060a0b3f7f3eaef43795922028bc2b6ad467cfc2d7f659c5385aa70ba3672cdde4cfe4970cc7904601b278872bf51321c4a972f3c95570f3445d4f57980e0f20df54846e6a52c668f1288c03f95006ea32f562d40d52af9feb32f0fa06db65b588a237b34e592d55cf979f903a642ef64d2ed542aa8c77dc1dd762f45a59303ed75e541ca271e2b60ca709e44fa0661131e8d5d4163fd8d398566ce26de8730e72f9cca737641c244159420637028df0a18079d6208ea8b4711a2c750f5"); + + private byte[] slt9a = Hex.Decode("c0a425313df8d7564bd2434d311523d5257eed80"); + + private byte[] sig9a = Hex.Decode("586107226c3ce013a7c8f04d1a6a2959bb4b8e205ba43a27b50f124111bc35ef589b039f5932187cb696d7d9a32c0c38300a5cdda4834b62d2eb240af33f79d13dfbf095bf599e0d9686948c1964747b67e89c9aba5cd85016236f566cc5802cb13ead51bc7ca6bef3b94dcbdbb1d570469771df0e00b1a8a06777472d2316279edae86474668d4e1efff95f1de61c6020da32ae92bbf16520fef3cf4d88f61121f24bbd9fe91b59caf1235b2a93ff81fc403addf4ebdea84934a9cdaf8e1a9e"); + + // PSS Example 9.2 + + private byte[] msg9b = Hex.Decode("c8c9c6af04acda414d227ef23e0820c3732c500dc87275e95b0d095413993c2658bc1d988581ba879c2d201f14cb88ced153a01969a7bf0a7be79c84c1486bc12b3fa6c59871b6827c8ce253ca5fefa8a8c690bf326e8e37cdb96d90a82ebab69f86350e1822e8bd536a2e"); + + private byte[] slt9b = Hex.Decode("b307c43b4850a8dac2f15f32e37839ef8c5c0e91"); + + private byte[] sig9b = Hex.Decode("80b6d643255209f0a456763897ac9ed259d459b49c2887e5882ecb4434cfd66dd7e1699375381e51cd7f554f2c271704b399d42b4be2540a0eca61951f55267f7c2878c122842dadb28b01bd5f8c025f7e228418a673c03d6bc0c736d0a29546bd67f786d9d692ccea778d71d98c2063b7a71092187a4d35af108111d83e83eae46c46aa34277e06044589903788f1d5e7cee25fb485e92949118814d6f2c3ee361489016f327fb5bc517eb50470bffa1afa5f4ce9aa0ce5b8ee19bf5501b958"); + + + public override string Name + { + get { return "PssBlindTest"; } + } + + private void testSig( + int id, + RsaKeyParameters pub, + RsaKeyParameters prv, + byte[] slt, + byte[] msg, + byte[] sig) + { + RsaBlindingFactorGenerator blindFactorGen = new RsaBlindingFactorGenerator(); + RsaBlindingEngine blindingEngine = new RsaBlindingEngine(); + PssSigner blindSigner = new PssSigner(blindingEngine, new Sha1Digest(), 20); + PssSigner signer = new PssSigner(new RsaEngine(), new Sha1Digest(), 20); + + blindFactorGen.Init(pub); + + BigInteger blindFactor = blindFactorGen.GenerateBlindingFactor(); + RsaBlindingParameters parameters = new RsaBlindingParameters(pub, blindFactor); + + // generate a blind signature + blindSigner.Init(true, new ParametersWithRandom(parameters, new FixedRandom(slt))); + + blindSigner.BlockUpdate(msg, 0, msg.Length); + + byte[] blindedData = blindSigner.GenerateSignature(); + + RsaEngine signerEngine = new RsaEngine(); + + signerEngine.Init(true, prv); + + byte[] blindedSig = signerEngine.ProcessBlock(blindedData, 0, blindedData.Length); + + // unblind the signature + blindingEngine.Init(false, parameters); + + byte[] s = blindingEngine.ProcessBlock(blindedSig, 0, blindedSig.Length); + + //signature verification + if (!AreEqual(s, sig)) + { + Fail("test " + id + " failed generation"); + } + + //verify signature with PssSigner + signer.Init(false, pub); + signer.BlockUpdate(msg, 0, msg.Length); + + if (!signer.VerifySignature(s)) + { + Fail("test " + id + " failed PssSigner verification"); + } + } + + private bool isProcessingOkay( + RsaKeyParameters pub, + RsaKeyParameters prv, + byte[] data, + SecureRandom random) + { + RsaBlindingFactorGenerator blindFactorGen = new RsaBlindingFactorGenerator(); + RsaBlindingEngine blindingEngine = new RsaBlindingEngine(); + PssSigner blindSigner = new PssSigner(blindingEngine, new Sha1Digest(), 20); + PssSigner pssEng = new PssSigner(new RsaEngine(), new Sha1Digest(), 20); + + random.NextBytes(data); + + blindFactorGen.Init(pub); + + BigInteger blindFactor = blindFactorGen.GenerateBlindingFactor(); + RsaBlindingParameters parameters = new RsaBlindingParameters(pub, blindFactor); + + // generate a blind signature + blindSigner.Init(true, new ParametersWithRandom(parameters, random)); + + blindSigner.BlockUpdate(data, 0, data.Length); + + byte[] blindedData = blindSigner.GenerateSignature(); + + RsaEngine signerEngine = new RsaEngine(); + + signerEngine.Init(true, prv); + + byte[] blindedSig = signerEngine.ProcessBlock(blindedData, 0, blindedData.Length); + + // unblind the signature + blindingEngine.Init(false, parameters); + + byte[] s = blindingEngine.ProcessBlock(blindedSig, 0, blindedSig.Length); + + //verify signature with PssSigner + pssEng.Init(false, pub); + pssEng.BlockUpdate(data, 0, data.Length); + + return pssEng.VerifySignature(s); + } + + public override void PerformTest() + { + testSig(1, pub1, prv1, slt1a, msg1a, sig1a); + testSig(2, pub1, prv1, slt1b, msg1b, sig1b); + testSig(3, pub2, prv2, slt2a, msg2a, sig2a); + testSig(4, pub2, prv2, slt2b, msg2b, sig2b); + testSig(5, pub4, prv4, slt4a, msg4a, sig4a); + testSig(6, pub4, prv4, slt4b, msg4b, sig4b); + testSig(7, pub8, prv8, slt8a, msg8a, sig8a); + testSig(8, pub8, prv8, slt8b, msg8b, sig8b); + testSig(9, pub9, prv9, slt9a, msg9a, sig9a); + testSig(10, pub9, prv9, slt9b, msg9b, sig9b); + + // + // loop test + // + int failed = 0; + byte[] data = new byte[DATA_LENGTH]; + + SecureRandom random = new SecureRandom(); + + + RsaKeyParameters[] kprv ={prv1, prv2, prv4, prv8, prv9}; + RsaKeyParameters[] kpub ={pub1, pub2, pub4, pub8, pub9}; + + for (int j = 0, i = 0; j < NUM_TESTS; j++, i++) + { + if (i == kprv.Length) + { + i = 0; + } + + if (!isProcessingOkay(kpub[i], kprv[i], data, random)) + { + failed++; + } + } + + if (failed != 0) + { + Fail("loop test failed - failures: " + failed); + } + + // + // key generation test + // + RsaKeyPairGenerator pGen = new RsaKeyPairGenerator(); + RsaKeyGenerationParameters genParam = new RsaKeyGenerationParameters( + BigInteger.ValueOf(0x11), new SecureRandom(), 1024, 25); + + pGen.Init(genParam); + failed = 0; + + for (int k = 0; k < NUM_TESTS_WITH_KEY_GENERATION; k++) + { + AsymmetricCipherKeyPair pair = pGen.GenerateKeyPair(); + + for (int j = 0; j < NUM_TESTS; j++) + { + if (!isProcessingOkay((RsaKeyParameters)pair.Public, (RsaKeyParameters)pair.Private, data, random)) + { + failed++; + } + } + } + + if (failed != 0) + { + Fail("loop test with key generation failed - failures: " + failed); + } + } + + public static void Main( + string[] args) + { + RunTest(new PssBlindTest()); + } + + [Test] + public void TestFunction() + { + string resultText = Perform().ToString(); + + Assert.AreEqual(Name + ": Okay", resultText); + } + } +} diff --git a/BouncyCastle/crypto/test/src/crypto/test/PSSTest.cs b/BouncyCastle/crypto/test/src/crypto/test/PSSTest.cs new file mode 100644 index 0000000..8578d25 --- /dev/null +++ b/BouncyCastle/crypto/test/src/crypto/test/PSSTest.cs @@ -0,0 +1,374 @@ +using System; + +using NUnit.Framework; + +using Org.BouncyCastle.Crypto.Digests; +using Org.BouncyCastle.Crypto.Engines; +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Crypto.Signers; +using Org.BouncyCastle.Math; +using Org.BouncyCastle.Security; +using Org.BouncyCastle.Utilities.Encoders; +using Org.BouncyCastle.Utilities.Test; + +namespace Org.BouncyCastle.Crypto.Tests +{ + /// RSA PSS test vectors for PKCS#1 V2.1 + [TestFixture] + public class PssTest + : SimpleTest + { + private const int DataLength = 1000; + private const int NumTests = 500; + + private class FixedRandom + : SecureRandom + { + private readonly byte[] vals; + + public FixedRandom( + byte[] vals) + { + this.vals = vals; + } + + public override void NextBytes( + byte[] bytes) + { + Array.Copy(vals, 0, bytes, 0, vals.Length); + } + } + + // + // Example 1: A 1024-bit RSA keypair + // + private RsaKeyParameters pub1 = new RsaKeyParameters(false, + new BigInteger("a56e4a0e701017589a5187dc7ea841d156f2ec0e36ad52a44dfeb1e61f7ad991d8c51056ffedb162b4c0f283a12a88a394dff526ab7291cbb307ceabfce0b1dfd5cd9508096d5b2b8b6df5d671ef6377c0921cb23c270a70e2598e6ff89d19f105acc2d3f0cb35f29280e1386b6f64c4ef22e1e1f20d0ce8cffb2249bd9a2137",16), + new BigInteger("010001",16)); + + private RsaKeyParameters prv1 = new RsaPrivateCrtKeyParameters( + new BigInteger("a56e4a0e701017589a5187dc7ea841d156f2ec0e36ad52a44dfeb1e61f7ad991d8c51056ffedb162b4c0f283a12a88a394dff526ab7291cbb307ceabfce0b1dfd5cd9508096d5b2b8b6df5d671ef6377c0921cb23c270a70e2598e6ff89d19f105acc2d3f0cb35f29280e1386b6f64c4ef22e1e1f20d0ce8cffb2249bd9a2137",16), + new BigInteger("010001",16), + new BigInteger("33a5042a90b27d4f5451ca9bbbd0b44771a101af884340aef9885f2a4bbe92e894a724ac3c568c8f97853ad07c0266c8c6a3ca0929f1e8f11231884429fc4d9ae55fee896a10ce707c3ed7e734e44727a39574501a532683109c2abacaba283c31b4bd2f53c3ee37e352cee34f9e503bd80c0622ad79c6dcee883547c6a3b325",16), + new BigInteger("e7e8942720a877517273a356053ea2a1bc0c94aa72d55c6e86296b2dfc967948c0a72cbccca7eacb35706e09a1df55a1535bd9b3cc34160b3b6dcd3eda8e6443",16), + new BigInteger("b69dca1cf7d4d7ec81e75b90fcca874abcde123fd2700180aa90479b6e48de8d67ed24f9f19d85ba275874f542cd20dc723e6963364a1f9425452b269a6799fd",16), + new BigInteger("28fa13938655be1f8a159cbaca5a72ea190c30089e19cd274a556f36c4f6e19f554b34c077790427bbdd8dd3ede2448328f385d81b30e8e43b2fffa027861979",16), + new BigInteger("1a8b38f398fa712049898d7fb79ee0a77668791299cdfa09efc0e507acb21ed74301ef5bfd48be455eaeb6e1678255827580a8e4e8e14151d1510a82a3f2e729",16), + new BigInteger("27156aba4126d24a81f3a528cbfb27f56886f840a9f6e86e17a44b94fe9319584b8e22fdde1e5a2e3bd8aa5ba8d8584194eb2190acf832b847f13a3d24a79f4d",16)); + + // PSSExample1.1 + + private byte[] msg1a = Hex.Decode("cdc87da223d786df3b45e0bbbc721326d1ee2af806cc315475cc6f0d9c66e1b62371d45ce2392e1ac92844c310102f156a0d8d52c1f4c40ba3aa65095786cb769757a6563ba958fed0bcc984e8b517a3d5f515b23b8a41e74aa867693f90dfb061a6e86dfaaee64472c00e5f20945729cbebe77f06ce78e08f4098fba41f9d6193c0317e8b60d4b6084acb42d29e3808a3bc372d85e331170fcbf7cc72d0b71c296648b3a4d10f416295d0807aa625cab2744fd9ea8fd223c42537029828bd16be02546f130fd2e33b936d2676e08aed1b73318b750a0167d0"); + + private byte[] slt1a = Hex.Decode("dee959c7e06411361420ff80185ed57f3e6776af"); + + private byte[] sig1a = Hex.Decode("9074308fb598e9701b2294388e52f971faac2b60a5145af185df5287b5ed2887e57ce7fd44dc8634e407c8e0e4360bc226f3ec227f9d9e54638e8d31f5051215df6ebb9c2f9579aa77598a38f914b5b9c1bd83c4e2f9f382a0d0aa3542ffee65984a601bc69eb28deb27dca12c82c2d4c3f66cd500f1ff2b994d8a4e30cbb33c"); + + // PSSExample1.2 + + private byte[] msg1b = Hex.Decode("851384cdfe819c22ed6c4ccb30daeb5cf059bc8e1166b7e3530c4c233e2b5f8f71a1cca582d43ecc72b1bca16dfc7013226b9e"); + + private byte[] slt1b = Hex.Decode("ef2869fa40c346cb183dab3d7bffc98fd56df42d"); + + private byte[] sig1b = Hex.Decode("3ef7f46e831bf92b32274142a585ffcefbdca7b32ae90d10fb0f0c729984f04ef29a9df0780775ce43739b97838390db0a5505e63de927028d9d29b219ca2c4517832558a55d694a6d25b9dab66003c4cccd907802193be5170d26147d37b93590241be51c25055f47ef62752cfbe21418fafe98c22c4d4d47724fdb5669e843"); + + // + // Example 2: A 1025-bit RSA keypair + // + + private RsaKeyParameters pub2 = new RsaKeyParameters(false, + new BigInteger("01d40c1bcf97a68ae7cdbd8a7bf3e34fa19dcca4ef75a47454375f94514d88fed006fb829f8419ff87d6315da68a1ff3a0938e9abb3464011c303ad99199cf0c7c7a8b477dce829e8844f625b115e5e9c4a59cf8f8113b6834336a2fd2689b472cbb5e5cabe674350c59b6c17e176874fb42f8fc3d176a017edc61fd326c4b33c9", 16), + new BigInteger("010001", 16)); + + private RsaKeyParameters prv2 = new RsaPrivateCrtKeyParameters( + new BigInteger("01d40c1bcf97a68ae7cdbd8a7bf3e34fa19dcca4ef75a47454375f94514d88fed006fb829f8419ff87d6315da68a1ff3a0938e9abb3464011c303ad99199cf0c7c7a8b477dce829e8844f625b115e5e9c4a59cf8f8113b6834336a2fd2689b472cbb5e5cabe674350c59b6c17e176874fb42f8fc3d176a017edc61fd326c4b33c9", 16), + new BigInteger("010001", 16), + new BigInteger("027d147e4673057377fd1ea201565772176a7dc38358d376045685a2e787c23c15576bc16b9f444402d6bfc5d98a3e88ea13ef67c353eca0c0ddba9255bd7b8bb50a644afdfd1dd51695b252d22e7318d1b6687a1c10ff75545f3db0fe602d5f2b7f294e3601eab7b9d1cecd767f64692e3e536ca2846cb0c2dd486a39fa75b1", 16), + new BigInteger("016601e926a0f8c9e26ecab769ea65a5e7c52cc9e080ef519457c644da6891c5a104d3ea7955929a22e7c68a7af9fcad777c3ccc2b9e3d3650bce404399b7e59d1", 16), + new BigInteger("014eafa1d4d0184da7e31f877d1281ddda625664869e8379e67ad3b75eae74a580e9827abd6eb7a002cb5411f5266797768fb8e95ae40e3e8a01f35ff89e56c079", 16), + new BigInteger("e247cce504939b8f0a36090de200938755e2444b29539a7da7a902f6056835c0db7b52559497cfe2c61a8086d0213c472c78851800b171f6401de2e9c2756f31", 16), + new BigInteger("b12fba757855e586e46f64c38a70c68b3f548d93d787b399999d4c8f0bbd2581c21e19ed0018a6d5d3df86424b3abcad40199d31495b61309f27c1bf55d487c1", 16), + new BigInteger("564b1e1fa003bda91e89090425aac05b91da9ee25061e7628d5f51304a84992fdc33762bd378a59f030a334d532bd0dae8f298ea9ed844636ad5fb8cbdc03cad", 16)); + + // PSS Example 2.1 + + private byte[] msg2a = Hex.Decode("daba032066263faedb659848115278a52c44faa3a76f37515ed336321072c40a9d9b53bc05014078adf520875146aae70ff060226dcb7b1f1fc27e9360"); + private byte[] slt2a = Hex.Decode("57bf160bcb02bb1dc7280cf0458530b7d2832ff7"); + private byte[] sig2a = Hex.Decode("014c5ba5338328ccc6e7a90bf1c0ab3fd606ff4796d3c12e4b639ed9136a5fec6c16d8884bdd99cfdc521456b0742b736868cf90de099adb8d5ffd1deff39ba4007ab746cefdb22d7df0e225f54627dc65466131721b90af445363a8358b9f607642f78fab0ab0f43b7168d64bae70d8827848d8ef1e421c5754ddf42c2589b5b3"); + + // PSS Example 2.2 + + private byte[] msg2b = Hex.Decode("e4f8601a8a6da1be34447c0959c058570c3668cfd51dd5f9ccd6ad4411fe8213486d78a6c49f93efc2ca2288cebc2b9b60bd04b1e220d86e3d4848d709d032d1e8c6a070c6af9a499fcf95354b14ba6127c739de1bb0fd16431e46938aec0cf8ad9eb72e832a7035de9b7807bdc0ed8b68eb0f5ac2216be40ce920c0db0eddd3860ed788efaccaca502d8f2bd6d1a7c1f41ff46f1681c8f1f818e9c4f6d91a0c7803ccc63d76a6544d843e084e363b8acc55aa531733edb5dee5b5196e9f03e8b731b3776428d9e457fe3fbcb3db7274442d785890e9cb0854b6444dace791d7273de1889719338a77fe"); + private byte[] slt2b = Hex.Decode("7f6dd359e604e60870e898e47b19bf2e5a7b2a90"); + private byte[] sig2b = Hex.Decode("010991656cca182b7f29d2dbc007e7ae0fec158eb6759cb9c45c5ff87c7635dd46d150882f4de1e9ae65e7f7d9018f6836954a47c0a81a8a6b6f83f2944d6081b1aa7c759b254b2c34b691da67cc0226e20b2f18b42212761dcd4b908a62b371b5918c5742af4b537e296917674fb914194761621cc19a41f6fb953fbcbb649dea"); + + // + // Example 4: A 1027-bit RSA key pair + // + + private RsaKeyParameters pub4 = new RsaKeyParameters(false, + new BigInteger("054adb7886447efe6f57e0368f06cf52b0a3370760d161cef126b91be7f89c421b62a6ec1da3c311d75ed50e0ab5fff3fd338acc3aa8a4e77ee26369acb81ba900fa83f5300cf9bb6c53ad1dc8a178b815db4235a9a9da0c06de4e615ea1277ce559e9c108de58c14a81aa77f5a6f8d1335494498848c8b95940740be7bf7c3705", 16), + new BigInteger("010001", 16)); + + private RsaKeyParameters prv4 = new RsaPrivateCrtKeyParameters( + new BigInteger("054adb7886447efe6f57e0368f06cf52b0a3370760d161cef126b91be7f89c421b62a6ec1da3c311d75ed50e0ab5fff3fd338acc3aa8a4e77ee26369acb81ba900fa83f5300cf9bb6c53ad1dc8a178b815db4235a9a9da0c06de4e615ea1277ce559e9c108de58c14a81aa77f5a6f8d1335494498848c8b95940740be7bf7c3705", 16), + new BigInteger("010001", 16), + new BigInteger("fa041f8cd9697ceed38ec8caa275523b4dd72b09a301d3541d72f5d31c05cbce2d6983b36183af10690bd46c46131e35789431a556771dd0049b57461bf060c1f68472e8a67c25f357e5b6b4738fa541a730346b4a07649a2dfa806a69c975b6aba64678acc7f5913e89c622f2d8abb1e3e32554e39df94ba60c002e387d9011", 16), + new BigInteger("029232336d2838945dba9dd7723f4e624a05f7375b927a87abe6a893a1658fd49f47f6c7b0fa596c65fa68a23f0ab432962d18d4343bd6fd671a5ea8d148413995", 16), + new BigInteger("020ef5efe7c5394aed2272f7e81a74f4c02d145894cb1b3cab23a9a0710a2afc7e3329acbb743d01f680c4d02afb4c8fde7e20930811bb2b995788b5e872c20bb1", 16), + new BigInteger("026e7e28010ecf2412d9523ad704647fb4fe9b66b1a681581b0e15553a89b1542828898f27243ebab45ff5e1acb9d4df1b051fbc62824dbc6f6c93261a78b9a759", 16), + new BigInteger("012ddcc86ef655998c39ddae11718669e5e46cf1495b07e13b1014cd69b3af68304ad2a6b64321e78bf3bbca9bb494e91d451717e2d97564c6549465d0205cf421", 16), + new BigInteger("010600c4c21847459fe576703e2ebecae8a5094ee63f536bf4ac68d3c13e5e4f12ac5cc10ab6a2d05a199214d1824747d551909636b774c22cac0b837599abcc75", 16)); + + // PSS Example 4.1 + + private byte[] msg4a = Hex.Decode("9fb03b827c8217d9"); + + private byte[] slt4a = Hex.Decode("ed7c98c95f30974fbe4fbddcf0f28d6021c0e91d"); + + private byte[] sig4a = Hex.Decode("0323d5b7bf20ba4539289ae452ae4297080feff4518423ff4811a817837e7d82f1836cdfab54514ff0887bddeebf40bf99b047abc3ecfa6a37a3ef00f4a0c4a88aae0904b745c846c4107e8797723e8ac810d9e3d95dfa30ff4966f4d75d13768d20857f2b1406f264cfe75e27d7652f4b5ed3575f28a702f8c4ed9cf9b2d44948"); + + // PSS Example 4.2 + + private byte[] msg4b = Hex.Decode("0ca2ad77797ece86de5bf768750ddb5ed6a3116ad99bbd17edf7f782f0db1cd05b0f677468c5ea420dc116b10e80d110de2b0461ea14a38be68620392e7e893cb4ea9393fb886c20ff790642305bf302003892e54df9f667509dc53920df583f50a3dd61abb6fab75d600377e383e6aca6710eeea27156e06752c94ce25ae99fcbf8592dbe2d7e27453cb44de07100ebb1a2a19811a478adbeab270f94e8fe369d90b3ca612f9f"); + + private byte[] slt4b = Hex.Decode("22d71d54363a4217aa55113f059b3384e3e57e44"); + + private byte[] sig4b = Hex.Decode("049d0185845a264d28feb1e69edaec090609e8e46d93abb38371ce51f4aa65a599bdaaa81d24fba66a08a116cb644f3f1e653d95c89db8bbd5daac2709c8984000178410a7c6aa8667ddc38c741f710ec8665aa9052be929d4e3b16782c1662114c5414bb0353455c392fc28f3db59054b5f365c49e1d156f876ee10cb4fd70598"); + + + // + // Example 8: A 1031-bit RSA key pair + // + + private RsaKeyParameters pub8 = new RsaKeyParameters(false, + new BigInteger("495370a1fb18543c16d3631e3163255df62be6eee890d5f25509e4f778a8ea6fbbbcdf85dff64e0d972003ab3681fbba6dd41fd541829b2e582de9f2a4a4e0a2d0900bef4753db3cee0ee06c7dfae8b1d53b5953218f9cceea695b08668edeaadced9463b1d790d5ebf27e9115b46cad4d9a2b8efab0561b0810344739ada0733f", 16), + new BigInteger("010001", 16)); + + private RsaKeyParameters prv8 = new RsaPrivateCrtKeyParameters( + new BigInteger("495370a1fb18543c16d3631e3163255df62be6eee890d5f25509e4f778a8ea6fbbbcdf85dff64e0d972003ab3681fbba6dd41fd541829b2e582de9f2a4a4e0a2d0900bef4753db3cee0ee06c7dfae8b1d53b5953218f9cceea695b08668edeaadced9463b1d790d5ebf27e9115b46cad4d9a2b8efab0561b0810344739ada0733f", 16), + new BigInteger("010001", 16), + new BigInteger("6c66ffe98980c38fcdeab5159898836165f4b4b817c4f6a8d486ee4ea9130fe9b9092bd136d184f95f504a607eac565846d2fdd6597a8967c7396ef95a6eeebb4578a643966dca4d8ee3de842de63279c618159c1ab54a89437b6a6120e4930afb52a4ba6ced8a4947ac64b30a3497cbe701c2d6266d517219ad0ec6d347dbe9", 16), + new BigInteger("08dad7f11363faa623d5d6d5e8a319328d82190d7127d2846c439b0ab72619b0a43a95320e4ec34fc3a9cea876422305bd76c5ba7be9e2f410c8060645a1d29edb", 16), + new BigInteger("0847e732376fc7900f898ea82eb2b0fc418565fdae62f7d9ec4ce2217b97990dd272db157f99f63c0dcbb9fbacdbd4c4dadb6df67756358ca4174825b48f49706d", 16), + new BigInteger("05c2a83c124b3621a2aa57ea2c3efe035eff4560f33ddebb7adab81fce69a0c8c2edc16520dda83d59a23be867963ac65f2cc710bbcfb96ee103deb771d105fd85", 16), + new BigInteger("04cae8aa0d9faa165c87b682ec140b8ed3b50b24594b7a3b2c220b3669bb819f984f55310a1ae7823651d4a02e99447972595139363434e5e30a7e7d241551e1b9", 16), + new BigInteger("07d3e47bf686600b11ac283ce88dbb3f6051e8efd04680e44c171ef531b80b2b7c39fc766320e2cf15d8d99820e96ff30dc69691839c4b40d7b06e45307dc91f3f", 16)); + + // PSS Example 8.1 + + private byte[] msg8a = Hex.Decode("81332f4be62948415ea1d899792eeacf6c6e1db1da8be13b5cea41db2fed467092e1ff398914c714259775f595f8547f735692a575e6923af78f22c6997ddb90fb6f72d7bb0dd5744a31decd3dc3685849836ed34aec596304ad11843c4f88489f209735f5fb7fdaf7cec8addc5818168f880acbf490d51005b7a8e84e43e54287977571dd99eea4b161eb2df1f5108f12a4142a83322edb05a75487a3435c9a78ce53ed93bc550857d7a9fb"); + + private byte[] slt8a = Hex.Decode("1d65491d79c864b373009be6f6f2467bac4c78fa"); + + private byte[] sig8a = Hex.Decode("0262ac254bfa77f3c1aca22c5179f8f040422b3c5bafd40a8f21cf0fa5a667ccd5993d42dbafb409c520e25fce2b1ee1e716577f1efa17f3da28052f40f0419b23106d7845aaf01125b698e7a4dfe92d3967bb00c4d0d35ba3552ab9a8b3eef07c7fecdbc5424ac4db1e20cb37d0b2744769940ea907e17fbbca673b20522380c5"); + + // PSS Example 8.2 + + private byte[] msg8b = Hex.Decode("e2f96eaf0e05e7ba326ecca0ba7fd2f7c02356f3cede9d0faabf4fcc8e60a973e5595fd9ea08"); + + private byte[] slt8b = Hex.Decode("435c098aa9909eb2377f1248b091b68987ff1838"); + + private byte[] sig8b = Hex.Decode("2707b9ad5115c58c94e932e8ec0a280f56339e44a1b58d4ddcff2f312e5f34dcfe39e89c6a94dcee86dbbdae5b79ba4e0819a9e7bfd9d982e7ee6c86ee68396e8b3a14c9c8f34b178eb741f9d3f121109bf5c8172fada2e768f9ea1433032c004a8aa07eb990000a48dc94c8bac8aabe2b09b1aa46c0a2aa0e12f63fbba775ba7e"); + + // + // Example 9: A 1536-bit RSA key pair + // + + private RsaKeyParameters pub9 = new RsaKeyParameters(false, + new BigInteger("e6bd692ac96645790403fdd0f5beb8b9bf92ed10007fc365046419dd06c05c5b5b2f48ecf989e4ce269109979cbb40b4a0ad24d22483d1ee315ad4ccb1534268352691c524f6dd8e6c29d224cf246973aec86c5bf6b1401a850d1b9ad1bb8cbcec47b06f0f8c7f45d3fc8f319299c5433ddbc2b3053b47ded2ecd4a4caefd614833dc8bb622f317ed076b8057fe8de3f84480ad5e83e4a61904a4f248fb397027357e1d30e463139815c6fd4fd5ac5b8172a45230ecb6318a04f1455d84e5a8b", 16), + new BigInteger("010001", 16)); + + private RsaKeyParameters prv9 = new RsaPrivateCrtKeyParameters( + new BigInteger("e6bd692ac96645790403fdd0f5beb8b9bf92ed10007fc365046419dd06c05c5b5b2f48ecf989e4ce269109979cbb40b4a0ad24d22483d1ee315ad4ccb1534268352691c524f6dd8e6c29d224cf246973aec86c5bf6b1401a850d1b9ad1bb8cbcec47b06f0f8c7f45d3fc8f319299c5433ddbc2b3053b47ded2ecd4a4caefd614833dc8bb622f317ed076b8057fe8de3f84480ad5e83e4a61904a4f248fb397027357e1d30e463139815c6fd4fd5ac5b8172a45230ecb6318a04f1455d84e5a8b", 16), + new BigInteger("010001", 16), + new BigInteger("6a7fd84fb85fad073b34406db74f8d61a6abc12196a961dd79565e9da6e5187bce2d980250f7359575359270d91590bb0e427c71460b55d51410b191bcf309fea131a92c8e702738fa719f1e0041f52e40e91f229f4d96a1e6f172e15596b4510a6daec26105f2bebc53316b87bdf21311666070e8dfee69d52c71a976caae79c72b68d28580dc686d9f5129d225f82b3d615513a882b3db91416b48ce08888213e37eeb9af800d81cab328ce420689903c00c7b5fd31b75503a6d419684d629", 16), + new BigInteger("f8eb97e98df12664eefdb761596a69ddcd0e76daece6ed4bf5a1b50ac086f7928a4d2f8726a77e515b74da41988f220b1cc87aa1fc810ce99a82f2d1ce821edced794c6941f42c7a1a0b8c4d28c75ec60b652279f6154a762aed165d47dee367", 16), + new BigInteger("ed4d71d0a6e24b93c2e5f6b4bbe05f5fb0afa042d204fe3378d365c2f288b6a8dad7efe45d153eef40cacc7b81ff934002d108994b94a5e4728cd9c963375ae49965bda55cbf0efed8d6553b4027f2d86208a6e6b489c176128092d629e49d3d", 16), + new BigInteger("2bb68bddfb0c4f56c8558bffaf892d8043037841e7fa81cfa61a38c5e39b901c8ee71122a5da2227bd6cdeeb481452c12ad3d61d5e4f776a0ab556591befe3e59e5a7fddb8345e1f2f35b9f4cee57c32414c086aec993e9353e480d9eec6289f", 16), + new BigInteger("4ff897709fad079746494578e70fd8546130eeab5627c49b080f05ee4ad9f3e4b7cba9d6a5dff113a41c3409336833f190816d8a6bc42e9bec56b7567d0f3c9c696db619b245d901dd856db7c8092e77e9a1cccd56ee4dba42c5fdb61aec2669", 16), + new BigInteger("77b9d1137b50404a982729316efafc7dfe66d34e5a182600d5f30a0a8512051c560d081d4d0a1835ec3d25a60f4e4d6aa948b2bf3dbb5b124cbbc3489255a3a948372f6978496745f943e1db4f18382ceaa505dfc65757bb3f857a58dce52156", 16)); + + // PSS Example 9.1 + + private byte[] msg9a = Hex.Decode("a88e265855e9d7ca36c68795f0b31b591cd6587c71d060a0b3f7f3eaef43795922028bc2b6ad467cfc2d7f659c5385aa70ba3672cdde4cfe4970cc7904601b278872bf51321c4a972f3c95570f3445d4f57980e0f20df54846e6a52c668f1288c03f95006ea32f562d40d52af9feb32f0fa06db65b588a237b34e592d55cf979f903a642ef64d2ed542aa8c77dc1dd762f45a59303ed75e541ca271e2b60ca709e44fa0661131e8d5d4163fd8d398566ce26de8730e72f9cca737641c244159420637028df0a18079d6208ea8b4711a2c750f5"); + + private byte[] slt9a = Hex.Decode("c0a425313df8d7564bd2434d311523d5257eed80"); + + private byte[] sig9a = Hex.Decode("586107226c3ce013a7c8f04d1a6a2959bb4b8e205ba43a27b50f124111bc35ef589b039f5932187cb696d7d9a32c0c38300a5cdda4834b62d2eb240af33f79d13dfbf095bf599e0d9686948c1964747b67e89c9aba5cd85016236f566cc5802cb13ead51bc7ca6bef3b94dcbdbb1d570469771df0e00b1a8a06777472d2316279edae86474668d4e1efff95f1de61c6020da32ae92bbf16520fef3cf4d88f61121f24bbd9fe91b59caf1235b2a93ff81fc403addf4ebdea84934a9cdaf8e1a9e"); + + // PSS Example 9.2 + + private byte[] msg9b = Hex.Decode("c8c9c6af04acda414d227ef23e0820c3732c500dc87275e95b0d095413993c2658bc1d988581ba879c2d201f14cb88ced153a01969a7bf0a7be79c84c1486bc12b3fa6c59871b6827c8ce253ca5fefa8a8c690bf326e8e37cdb96d90a82ebab69f86350e1822e8bd536a2e"); + + private byte[] slt9b = Hex.Decode("b307c43b4850a8dac2f15f32e37839ef8c5c0e91"); + + private byte[] sig9b = Hex.Decode("80b6d643255209f0a456763897ac9ed259d459b49c2887e5882ecb4434cfd66dd7e1699375381e51cd7f554f2c271704b399d42b4be2540a0eca61951f55267f7c2878c122842dadb28b01bd5f8c025f7e228418a673c03d6bc0c736d0a29546bd67f786d9d692ccea778d71d98c2063b7a71092187a4d35af108111d83e83eae46c46aa34277e06044589903788f1d5e7cee25fb485e92949118814d6f2c3ee361489016f327fb5bc517eb50470bffa1afa5f4ce9aa0ce5b8ee19bf5501b958"); + + + public override string Name + { + get { return "PSSTest"; } + } + + private void doTestSig( + int id, + RsaKeyParameters pub, + RsaKeyParameters prv, + byte[] slt, + byte[] msg, + byte[] sig) + { + PssSigner eng = new PssSigner(new RsaEngine(), new Sha1Digest(), 20); + + eng.Init(true, new ParametersWithRandom(prv, new FixedRandom(slt))); + + eng.BlockUpdate(msg, 0, msg.Length); + + byte[] s = eng.GenerateSignature(); + + if (!AreEqual(s, sig)) + { + Fail("test " + id + " failed generation"); + } + + eng.Init(false, pub); + + eng.BlockUpdate(msg, 0, msg.Length); + + if (!eng.VerifySignature(s)) + { + Fail("test " + id + " failed verification"); + } + } + + public override void PerformTest() + { + doTestSig(1, pub1, prv1, slt1a, msg1a, sig1a); + doTestSig(2, pub1, prv1, slt1b, msg1b, sig1b); + doTestSig(3, pub2, prv2, slt2a, msg2a, sig2a); + doTestSig(4, pub2, prv2, slt2b, msg2b, sig2b); + doTestSig(5, pub4, prv4, slt4a, msg4a, sig4a); + doTestSig(6, pub4, prv4, slt4b, msg4b, sig4b); + doTestSig(7, pub8, prv8, slt8a, msg8a, sig8a); + doTestSig(8, pub8, prv8, slt8b, msg8b, sig8b); + doTestSig(9, pub9, prv9, slt9a, msg9a, sig9a); + doTestSig(10, pub9, prv9, slt9b, msg9b, sig9b); + + // + // loop test - sha-1 only + // + PssSigner eng = new PssSigner(new RsaEngine(), new Sha1Digest(), 20); + int failed = 0; + byte[] data = new byte[DataLength]; + + SecureRandom random = new SecureRandom(); + random.NextBytes(data); + + for (int j = 0; j < NumTests; j++) + { + eng.Init(true, new ParametersWithRandom(prv8, random)); + + eng.BlockUpdate(data, 0, data.Length); + + byte[] s = eng.GenerateSignature(); + + eng.Init(false, pub8); + + eng.BlockUpdate(data, 0, data.Length); + + if (!eng.VerifySignature(s)) + { + failed++; + } + } + + if (failed != 0) + { + Fail("loop test failed - failures: " + failed); + } + + // + // loop test - sha-256 and sha-1 + // + eng = new PssSigner(new RsaEngine(), new Sha256Digest(), new Sha1Digest(), 20); + failed = 0; + data = new byte[DataLength]; + + random.NextBytes(data); + + for (int j = 0; j < NumTests; j++) + { + eng.Init(true, new ParametersWithRandom(prv8, random)); + + eng.BlockUpdate(data, 0, data.Length); + + byte[] s = eng.GenerateSignature(); + + eng.Init(false, pub8); + + eng.BlockUpdate(data, 0, data.Length); + + if (!eng.VerifySignature(s)) + { + failed++; + } + } + + if (failed != 0) + { + Fail("loop test failed - failures: " + failed); + } + + fixedSaltTest(); + } + + private void fixedSaltTest() + { + byte[] data = Hex.Decode("010203040506070809101112131415"); + + PssSigner eng = new PssSigner(new RsaEngine(), new Sha256Digest(), new Sha1Digest(), Hex.Decode("deadbeef")); + + eng.Init(true, prv8); + + eng.BlockUpdate(data, 0, data.Length); + + byte[] s = eng.GenerateSignature(); + + eng.Init(false, pub8); + + eng.BlockUpdate(data, 0, data.Length); + + if (!eng.VerifySignature(s)) + { + Fail("fixed salt failed"); + } + + // test failure + eng = new PssSigner(new RsaEngine(), new Sha256Digest(), new Sha1Digest(), Hex.Decode("beefbeef")); + + eng.Init(false, pub8); + + eng.BlockUpdate(data, 0, data.Length); + + if (eng.VerifySignature(s)) + { + Fail("fixed salt failure verfied"); + } + } + + public static void Main( + string[] args) + { + RunTest(new PssTest()); + } + + [Test] + public void TestFunction() + { + string resultText = Perform().ToString(); + + Assert.AreEqual(Name + ": Okay", resultText); + } + } +} diff --git a/BouncyCastle/crypto/test/src/crypto/test/PaddingTest.cs b/BouncyCastle/crypto/test/src/crypto/test/PaddingTest.cs new file mode 100644 index 0000000..ed53d92 --- /dev/null +++ b/BouncyCastle/crypto/test/src/crypto/test/PaddingTest.cs @@ -0,0 +1,169 @@ +using System; + +using NUnit.Framework; + +using Org.BouncyCastle.Security; +using Org.BouncyCastle.Crypto.Engines; +using Org.BouncyCastle.Crypto.Paddings; +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Utilities.Encoders; +using Org.BouncyCastle.Utilities.Test; + +namespace Org.BouncyCastle.Crypto.Tests +{ + /** + * General Padding tests. + */ + [TestFixture] + public class PaddingTest : SimpleTest + { + public PaddingTest() + { + } + + private void blockCheck( + PaddedBufferedBlockCipher cipher, + IBlockCipherPadding padding, + KeyParameter key, + byte[] data) + { + byte[] outBytes = new byte[data.Length + 8]; + byte[] dec = new byte[data.Length]; + + try + { + cipher.Init(true, key); + + int len = cipher.ProcessBytes(data, 0, data.Length, outBytes, 0); + + len += cipher.DoFinal(outBytes, len); + + cipher.Init(false, key); + + int decLen = cipher.ProcessBytes(outBytes, 0, len, dec, 0); + + decLen += cipher.DoFinal(dec, decLen); + + if (!AreEqual(data, dec)) + { + Fail("failed to decrypt - i = " + data.Length + ", padding = " + padding.PaddingName); + } + } + catch (Exception e) + { + Fail("Exception - " + e.ToString(), e); + } + } + + public void doTestPadding( + IBlockCipherPadding padding, + SecureRandom rand, + byte[] ffVector, + byte[] ZeroVector) + { + PaddedBufferedBlockCipher cipher = new PaddedBufferedBlockCipher(new DesEngine(), padding); + KeyParameter key = new KeyParameter(Hex.Decode("0011223344556677")); + + // + // ff test + // + byte[] data = { (byte)0xff, (byte)0xff, (byte)0xff, (byte)0, (byte)0, (byte)0, (byte)0, (byte)0 }; + + if (ffVector != null) + { + padding.AddPadding(data, 3); + + if (!AreEqual(data, ffVector)) + { + Fail("failed ff test for " + padding.PaddingName); + } + } + + // + // zero test + // + if (ZeroVector != null) + { + data = new byte[8]; + padding.AddPadding(data, 4); + + if (!AreEqual(data, ZeroVector)) + { + Fail("failed zero test for " + padding.PaddingName); + } + } + + for (int i = 1; i != 200; i++) + { + data = new byte[i]; + + rand.NextBytes(data); + + blockCheck(cipher, padding, key, data); + } + } + + public override void PerformTest() + { + SecureRandom rand = SecureRandom.GetInstance("SHA1PRNG"); + + doTestPadding(new Pkcs7Padding(), rand, + Hex.Decode("ffffff0505050505"), + Hex.Decode("0000000004040404")); + + Pkcs7Padding padder = new Pkcs7Padding(); + try + { + padder.PadCount(new byte[8]); + + Fail("invalid padding not detected"); + } + catch (InvalidCipherTextException e) + { + if (!"pad block corrupted".Equals(e.Message)) + { + Fail("wrong exception for corrupt padding: " + e); + } + } + + doTestPadding(new ISO10126d2Padding(), rand, + null, + null); + + doTestPadding(new X923Padding(), rand, + null, + null); + + doTestPadding(new TbcPadding(), rand, + Hex.Decode("ffffff0000000000"), + Hex.Decode("00000000ffffffff")); + + doTestPadding(new ZeroBytePadding(), rand, + Hex.Decode("ffffff0000000000"), + null); + + doTestPadding(new ISO7816d4Padding(), rand, + Hex.Decode("ffffff8000000000"), + Hex.Decode("0000000080000000")); + } + + public override string Name + { + get { return "PaddingTest"; } + } + + public static void Main( + string[] args) + { + RunTest(new PaddingTest()); + } + + [Test] + public void TestFunction() + { + string resultText = Perform().ToString(); + + Assert.AreEqual(Name + ": Okay", resultText); + } + } +} diff --git a/BouncyCastle/crypto/test/src/crypto/test/ParallelHashTest.cs b/BouncyCastle/crypto/test/src/crypto/test/ParallelHashTest.cs new file mode 100644 index 0000000..3e80b4d --- /dev/null +++ b/BouncyCastle/crypto/test/src/crypto/test/ParallelHashTest.cs @@ -0,0 +1,152 @@ +using System; + +using NUnit.Framework; + +using Org.BouncyCastle.Crypto.Digests; +using Org.BouncyCastle.Utilities; +using Org.BouncyCastle.Utilities.Encoders; +using Org.BouncyCastle.Utilities.Test; + +namespace Org.BouncyCastle.Crypto.Tests +{ + /** + * ParallelHash test vectors from: + *

    + * https://csrc.nist.gov/CSRC/media/Projects/Cryptographic-Standards-and-Guidelines/documents/examples/KMAC_samples.pdf + */ + [TestFixture] + public class ParallelHashTest + : SimpleTest + { + public override string Name + { + get { return "ParallelHash"; } + } + + public override void PerformTest() + { + ParallelHash pHash = new ParallelHash(128, new byte[0], 8); + + byte[] data = Hex.Decode("00 01 02 03 04 05 06 07 10 11 12 13 14 15 16 17 20 21 22 23 24 25 26 27"); + pHash.BlockUpdate(data, 0, data.Length); + + byte[] res = new byte[pHash.GetDigestSize()]; + + pHash.DoFinal(res, 0); + + IsTrue("oops!", Arrays.AreEqual(Hex.Decode("BA 8D C1 D1 D9 79 33 1D 3F 81 36 03 C6 7F 72 609A B5 E4 4B 94 A0 B8 F9 AF 46 51 44 54 A2 B4 F5"), res)); + + pHash = new ParallelHash(128, Strings.ToByteArray("Parallel Data"), 8); + + pHash.BlockUpdate(data, 0, data.Length); + + res = new byte[pHash.GetDigestSize()]; + + pHash.DoFinal(res, 0); + + IsTrue("oops!", Arrays.AreEqual(Hex.Decode("FC 48 4D CB 3F 84 DC EE DC 35 34 38 15 1B EE 58 15 7D 6E FE D0 44 5A 81 F1 65 E4 95 79 5B 72 06"), res)); + + pHash = new ParallelHash(128, Strings.ToByteArray("Parallel Data"), 12); + + data = Hex.Decode("00 01 02 03 04 05 06 07 08 09 0A 0B 10 11 12 13 14 15 16 17 18 19 1A 1B 20 21 22 23 24 25 26 27 28 29 2A 2B 30 31 32 33 34 35 36 37 38 39 3A 3B 40 41 42 43 44 45 46 47 48 49 4A 4B 50 51 52 53 54 55 56 57 58 59 5A 5B"); + + pHash.BlockUpdate(data, 0, data.Length); + + res = new byte[pHash.GetDigestSize()]; + + pHash.DoFinal(res, 0); + + IsTrue("oops!", Arrays.AreEqual(Hex.Decode("F7 FD 53 12 89 6C 66 85 C8 28 AF 7E 2A DB 97 E3 93 E7 F8 D5 4E 3C 2E A4 B9 5E 5A CA 37 96 E8 FC"), res)); + + pHash = new ParallelHash(256, new byte[0], 8); + + data = Hex.Decode("00 01 02 03 04 05 06 07 10 11 12 13 14 15 16 17 20 21 22 23 24 25 26 27"); + + pHash.BlockUpdate(data, 0, data.Length); + + res = new byte[pHash.GetDigestSize()]; + + pHash.DoFinal(res, 0); + + IsTrue("oops!", Arrays.AreEqual(Hex.Decode("BC 1E F1 24 DA 34 49 5E 94 8E AD 20 7D D9 84 22 35 DA 43 2D 2B BC 54 B4 C1 10 E6 4C 45 11 05 53 1B 7F 2A 3E 0C E0 55 C0 28 05 E7 C2 DE 1F B7 46 AF 97 A1 DD 01 F4 3B 82 4E 31 B8 76 12 41 04 29"), res)); + + pHash = new ParallelHash(256, Strings.ToByteArray("Parallel Data"), 8); + + data = Hex.Decode("00 01 02 03 04 05 06 07 10 11 12 13 14 15 16 17 20 21 22 23 24 25 26 27"); + + pHash.BlockUpdate(data, 0, data.Length); + + res = new byte[pHash.GetDigestSize()]; + + pHash.DoFinal(res, 0); + + IsTrue("oops!", Arrays.AreEqual(Hex.Decode("CD F1 52 89 B5 4F 62 12 B4 BC 27 05 28 B4 95 26 00 6D D9 B5 4E 2B 6A DD 1E F6 90 0D DA 39 63 BB 33 A7 24 91 F2 36 96 9C A8 AF AE A2 9C 68 2D 47 A3 93 C0 65 B3 8E 29 FA E6 51 A2 09 1C 83 31 10"), res)); + + pHash = new ParallelHash(256, Strings.ToByteArray("Parallel Data"), 12); + + data = Hex.Decode("00 01 02 03 04 05 06 07 08 09 0A 0B 10 11 12 13 14 15 16 17 18 19 1A 1B 20 21 22 23 24 25 26 27 28 29 2A 2B 30 31 32 33 34 35 36 37 38 39 3A 3B 40 41 42 43 44 45 46 47 48 49 4A 4B 50 51 52 53 54 55 56 57 58 59 5A 5B"); + + pHash.BlockUpdate(data, 0, data.Length); + + res = new byte[pHash.GetDigestSize()]; + + pHash.DoFinal(res, 0); + + IsTrue("oops!", Arrays.AreEqual(Hex.Decode("69 D0 FC B7 64 EA 05 5D D0 93 34 BC 60 21 CB 7E 4B 61 34 8D FF 37 5D A2 62 67 1C DE C3 EF FA 8D 1B 45 68 A6 CC E1 6B 1C AD 94 6D DD E2 7F 6C E2 B8 DE E4 CD 1B 24 85 1E BF 00 EB 90 D4 38 13 E9"), res)); + + pHash = new ParallelHash(128, Strings.ToByteArray("Parallel Data"), 12); + + data = Hex.Decode("00 01 02 03 04 05 06 07 08 09 0A 0B 10 11 12 13 14 15 16 17 18 19 1A 1B 20 21 22 23 24 25 26 27 28 29 2A 2B 30 31 32 33 34 35 36 37 38 39 3A 3B 40 41 42 43 44 45 46 47 48 49 4A 4B 50 51 52 53 54 55 56 57 58 59 5A 5B"); + pHash.BlockUpdate(data, 0, data.Length); + + res = new byte[32]; + + pHash.DoOutput(res, 0, res.Length); + + IsTrue("oops!", !Arrays.AreEqual(Hex.Decode("F7 FD 53 12 89 6C 66 85 C8 28 AF 7E 2A DB 97 E3 93 E7 F8 D5 4E 3C 2E A4 B9 5E 5A CA 37 96 E8 FC"), res)); + IsTrue("oops!", Arrays.AreEqual(Hex.Decode("0127ad9772ab904691987fcc4a24888f341fa0db2145e872d4efd255376602f0"), res)); + + pHash = new ParallelHash(256, Strings.ToByteArray("Parallel Data"), 12); + + data = Hex.Decode("00 01 02 03 04 05 06 07 08 09 0A 0B 10 11 12 13 14 15 16 17 18 19 1A 1B 20 21 22 23 24 25 26 27 28 29 2A 2B 30 31 32 33 34 35 36 37 38 39 3A 3B 40 41 42 43 44 45 46 47 48 49 4A 4B 50 51 52 53 54 55 56 57 58 59 5A 5B"); + pHash.BlockUpdate(data, 0, data.Length); + + res = new byte[64]; + + pHash.DoOutput(res, 0, res.Length); + + IsTrue("oops!", !Arrays.AreEqual(Hex.Decode("69 D0 FC B7 64 EA 05 5D D0 93 34 BC 60 21 CB 7E 4B 61 34 8D FF 37 5D A2 62 67 1C DE C3 EF FA 8D 1B 45 68 A6 CC E1 6B 1C AD 94 6D DD E2 7F 6C E2 B8 DE E4 CD 1B 24 85 1E BF 00 EB 90 D4 38 13 E9"), res)); + IsTrue("oops!", Arrays.AreEqual(Hex.Decode("6b3e790b330c889a204c2fbc728d809f19367328d852f4002dc829f73afd6bcefb7fe5b607b13a801c0be5c1170bdb794e339458fdb0e62a6af3d42558970249"), res)); + + testEmpty(); + } + + private void testEmpty() + { + //{"tcId":90,"msg":"","len":0,"blockSize":62,"customization":"Ny0LL2tUmt\u003C\u002BkuN5:Z7pZ_7]R; l/i:%pWbo4}","outLen":16}, + //{"tcId":90,"md":"13C4","outLen":16} + ParallelHash pHash = new ParallelHash(256, Strings.ToByteArray("Ny0LL2tUmt\u003C\u002BkuN5:Z7pZ_7]R; l/i:%pWbo4}"), 62); + + pHash.BlockUpdate(new byte[0], 0, 0); + + byte[] res = new byte[16 / 8]; + + pHash.DoOutput(res, 0, res.Length); + + IsTrue(Arrays.AreEqual(Hex.Decode("13C4"), res)); + } + + public static void Main(string[] args) + { + RunTest(new ParallelHashTest()); + } + + [Test] + public void TestFunction() + { + string resultText = Perform().ToString(); + + Assert.AreEqual(Name + ": Okay", resultText); + } + } +} diff --git a/BouncyCastle/crypto/test/src/crypto/test/Pkcs12Test.cs b/BouncyCastle/crypto/test/src/crypto/test/Pkcs12Test.cs new file mode 100644 index 0000000..29d5a39 --- /dev/null +++ b/BouncyCastle/crypto/test/src/crypto/test/Pkcs12Test.cs @@ -0,0 +1,101 @@ +using System; + +using NUnit.Framework; + +using Org.BouncyCastle.Crypto.Digests; +using Org.BouncyCastle.Crypto.Generators; +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Utilities; +using Org.BouncyCastle.Utilities.Encoders; +using Org.BouncyCastle.Utilities.Test; + +namespace Org.BouncyCastle.Crypto.Tests +{ + /// test for Pkcs12 key generation - vectors from + /// + /// http://www.drh-consultancy.demon.co.uk/test.txt + /// + [TestFixture] + public class Pkcs12Test + : SimpleTest + { + public override string Name + { + get { return "Pkcs12Test"; } + } + + internal char[] password1 = new char[]{'s', 'm', 'e', 'g'}; + internal char[] password2 = new char[]{'q', 'u', 'e', 'e', 'g'}; + + private void Run1(int id, char[] password, byte[] salt, int iCount, byte[] result) + { + PbeParametersGenerator generator = new Pkcs12ParametersGenerator(new Sha1Digest()); + + generator.Init(PbeParametersGenerator.Pkcs12PasswordToBytes(password), salt, iCount); + + ICipherParameters key = generator.GenerateDerivedParameters("DESEDE", 24 * 8); + + if (!Arrays.AreEqual(result, ((KeyParameter) key).GetKey())) + { + Fail("id " + id + " Failed"); + } + } + + private void Run2(int id, char[] password, byte[] salt, int iCount, byte[] result) + { + PbeParametersGenerator generator = new Pkcs12ParametersGenerator(new Sha1Digest()); + + generator.Init(PbeParametersGenerator.Pkcs12PasswordToBytes(password), salt, iCount); + + ParametersWithIV parameters = (ParametersWithIV) + generator.GenerateDerivedParameters("DES", 64, 64); + + if (!Arrays.AreEqual(result, parameters.GetIV())) + { + Fail("id " + id + " Failed"); + } + } + + private void Run3(int id, char[] password, byte[] salt, int iCount, byte[] result) + { + PbeParametersGenerator generator = new Pkcs12ParametersGenerator(new Sha1Digest()); + + generator.Init(PbeParametersGenerator.Pkcs12PasswordToBytes(password), salt, iCount); + + ICipherParameters key = generator.GenerateDerivedMacParameters(160); + + if (!Arrays.AreEqual(result, ((KeyParameter) key).GetKey())) + { + Fail("id " + id + " Failed"); + } + } + + public override void PerformTest() + { + Run1(1, password1, Hex.Decode("0A58CF64530D823F"), 1, Hex.Decode("8AAAE6297B6CB04642AB5B077851284EB7128F1A2A7FBCA3")); + Run2(2, password1, Hex.Decode("0A58CF64530D823F"), 1, Hex.Decode("79993DFE048D3B76")); + Run1(3, password1, Hex.Decode("642B99AB44FB4B1F"), 1, Hex.Decode("F3A95FEC48D7711E985CFE67908C5AB79FA3D7C5CAA5D966")); + Run2(4, password1, Hex.Decode("642B99AB44FB4B1F"), 1, Hex.Decode("C0A38D64A79BEA1D")); + Run3(5, password1, Hex.Decode("3D83C0E4546AC140"), 1, Hex.Decode("8D967D88F6CAA9D714800AB3D48051D63F73A312")); + Run1(6, password2, Hex.Decode("05DEC959ACFF72F7"), 1000, Hex.Decode("ED2034E36328830FF09DF1E1A07DD357185DAC0D4F9EB3D4")); + Run2(7, password2, Hex.Decode("05DEC959ACFF72F7"), 1000, Hex.Decode("11DEDAD7758D4860")); + Run1(8, password2, Hex.Decode("1682C0FC5B3F7EC5"), 1000, Hex.Decode("483DD6E919D7DE2E8E648BA8F862F3FBFBDC2BCB2C02957F")); + Run2(9, password2, Hex.Decode("1682C0FC5B3F7EC5"), 1000, Hex.Decode("9D461D1B00355C50")); + Run3(10, password2, Hex.Decode("263216FCC2FAB31C"), 1000, Hex.Decode("5EC4C7A80DF652294C3925B6489A7AB857C83476")); + } + + public static void Main( + string[] args) + { + RunTest(new Pkcs12Test()); + } + + [Test] + public void TestFunction() + { + string resultText = Perform().ToString(); + + Assert.AreEqual(Name + ": Okay", resultText); + } + } +} diff --git a/BouncyCastle/crypto/test/src/crypto/test/Pkcs5Test.cs b/BouncyCastle/crypto/test/src/crypto/test/Pkcs5Test.cs new file mode 100644 index 0000000..fdf1e7a --- /dev/null +++ b/BouncyCastle/crypto/test/src/crypto/test/Pkcs5Test.cs @@ -0,0 +1,243 @@ +using System; +using System.IO; + +using NUnit.Framework; + +using Org.BouncyCastle.Asn1; +using Org.BouncyCastle.Asn1.Pkcs; +using Org.BouncyCastle.Crypto.Engines; +using Org.BouncyCastle.Crypto.Generators; +using Org.BouncyCastle.Crypto.Modes; +using Org.BouncyCastle.Crypto.Paddings; +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Utilities; +using Org.BouncyCastle.Utilities.Encoders; +using Org.BouncyCastle.Utilities.Test; + +namespace Org.BouncyCastle.Crypto.Tests +{ + + ///

    A test class for Pkcs5 PbeS2 with PBKDF2 (Pkcs5 v2.0) using + /// test vectors provider at + /// + /// RSA's Pkcs5 Page + ///
    + /// The vectors are Base 64 encoded and encrypted using the password "password" + /// (without quotes). They should all yield the same PrivateKeyInfo object. + ///     + [TestFixture] + public class Pkcs5Test + : SimpleTest + { + public override string Name + { + get { return "Pkcs5Test"; } + } + + /// encrypted using des-cbc. + internal static byte[] sample1; + + /// encrypted using des-ede3-cbc. + internal static byte[] sample2; + + /// encrypted using rc2-cbc. + internal static byte[] sample3; + + internal static byte[] result; + + private class PbeTest + : SimpleTest + { + private Pkcs5Test enclosingInstance; + + private void InitBlock( + Pkcs5Test enclosingInstance) + { + this.enclosingInstance = enclosingInstance; + } + + public override string Name + { + get { return cipher.AlgorithmName + " Pkcs5S2 Test " + id; } + } + + public Pkcs5Test Enclosing_Instance + { + get { return enclosingInstance; } + } + + internal int id; + internal BufferedBlockCipher cipher; + internal byte[] sample; + internal int keySize; + + internal PbeTest( + Pkcs5Test enclosingInstance, + int id, + BufferedBlockCipher cipher, + byte[] sample, + int keySize) + { + InitBlock(enclosingInstance); + + this.id = id; + this.cipher = cipher; + this.sample = sample; + this.keySize = keySize; + } + + public override void PerformTest() + { + char[] password = "password".ToCharArray(); + PbeParametersGenerator generator = new Pkcs5S2ParametersGenerator(); + + EncryptedPrivateKeyInfo info = null; + try + { + info = EncryptedPrivateKeyInfo.GetInstance(Asn1Object.FromByteArray(sample)); + } + catch (System.Exception e) + { + Fail("failed construction - exception " + e.ToString(), e); + } + + PbeS2Parameters alg = PbeS2Parameters.GetInstance(info.EncryptionAlgorithm.Parameters); + Pbkdf2Params func = Pbkdf2Params.GetInstance(alg.KeyDerivationFunc.Parameters); + EncryptionScheme scheme = alg.EncryptionScheme; + + if (func.KeyLength != null) + { + keySize = func.KeyLength.IntValue * 8; + } + + int iterationCount = func.IterationCount.IntValue; + byte[] salt = func.GetSalt(); + + generator.Init(PbeParametersGenerator.Pkcs5PasswordToBytes(password), salt, iterationCount); + + DerObjectIdentifier algOid = scheme.Algorithm; + + byte[] iv; + if (algOid.Equals(PkcsObjectIdentifiers.RC2Cbc)) + { + RC2CbcParameter rc2Params = RC2CbcParameter.GetInstance(scheme.Asn1Object); + iv = rc2Params.GetIV(); + } + else + { + iv = ((Asn1OctetString) scheme.Asn1Object).GetOctets(); + } + + ICipherParameters param = new ParametersWithIV( + generator.GenerateDerivedParameters(algOid.Id, keySize), iv); + + cipher.Init(false, param); + + byte[] data = info.GetEncryptedData(); + byte[] outBytes = new byte[cipher.GetOutputSize(data.Length)]; + int len = cipher.ProcessBytes(data, 0, data.Length, outBytes, 0); + + try + { + len += cipher.DoFinal(outBytes, len); + } + catch (Exception e) + { + Fail("failed DoFinal - exception " + e.ToString()); + } + + if (result.Length != len) + { + Fail("failed length"); + } + + for (int i = 0; i != len; i++) + { + if (outBytes[i] != result[i]) + { + Fail("failed comparison"); + } + } + } + } + + public override void PerformTest() + { + BufferedBlockCipher cipher = new PaddedBufferedBlockCipher(new CbcBlockCipher(new DesEngine())); + SimpleTest test = new PbeTest(this, 0, cipher, sample1, 64); + + test.PerformTest(); + + cipher = new PaddedBufferedBlockCipher(new CbcBlockCipher(new DesEdeEngine())); + test = new PbeTest(this, 1, cipher, sample2, 192); + + test.PerformTest(); + + cipher = new PaddedBufferedBlockCipher(new CbcBlockCipher(new RC2Engine())); + test = new PbeTest(this, 2, cipher, sample3, 0); + + test.PerformTest(); + + // + // RFC 3211 tests + // + char[] password = "password".ToCharArray(); + PbeParametersGenerator generator = new Pkcs5S2ParametersGenerator(); + + byte[] salt = Hex.Decode("1234567878563412"); + + generator.Init( + PbeParametersGenerator.Pkcs5PasswordToBytes(password), + salt, + 5); + + if (!AreEqual(((KeyParameter)generator.GenerateDerivedParameters("DES", 64)).GetKey(), + Hex.Decode("d1daa78615f287e6"))) + { + Fail("64 test failed"); + } + + password = "All n-entities must communicate with other n-entities via n-1 entiteeheehees".ToCharArray(); + + generator.Init( + PbeParametersGenerator.Pkcs5PasswordToBytes(password), + salt, + 500); + + if (!AreEqual(((KeyParameter)generator.GenerateDerivedParameters("DESEDE", 192)).GetKey(), + Hex.Decode("6a8970bf68c92caea84a8df28510858607126380cc47ab2d"))) + { + Fail("192 test failed"); + } + + generator.Init(PbeParametersGenerator.Pkcs5PasswordToBytes(password), salt, 60000); + if (!AreEqual(((KeyParameter)generator.GenerateDerivedParameters("DESEDE", 192)).GetKey(), + Hex.Decode("29aaef810c12ecd2236bbcfb55407f9852b5573dc1c095bb"))) + { + Fail("192 (60000) test failed"); + } + } + + public static void Main( + string[] args) + { + RunTest(new Pkcs5Test()); + } + + [Test] + public void TestFunction() + { + string resultText = Perform().ToString(); + + Assert.AreEqual(Name + ": Okay", resultText); + } + + static Pkcs5Test() + { + sample1 = Base64.Decode("MIIBozA9BgkqhkiG9w0BBQ0wMDAbBgkqhkiG9w0BBQwwDgQIfWBDXwLp4K4CAggA" + "MBEGBSsOAwIHBAiaCF/AvOgQ6QSCAWDWX4BdAzCRNSQSANSuNsT5X8mWYO27mr3Y" + "9c9LoBVXGNmYWKA77MI4967f7SmjNcgXj3xNE/jmnVz6hhsjS8E5VPT3kfyVkpdZ" + "0lr5e9Yk2m3JWpPU7++v5zBkZmC4V/MwV/XuIs6U+vykgzMgpxQg0oZKS9zgmiZo" + "f/4dOCL0UtCDnyOSvqT7mCVIcMDIEKu8QbVlgZYBop08l60EuEU3gARUo8WsYQmO" + "Dz/ldx0Z+znIT0SXVuOwc+RVItC5T/Qx+aijmmpt+9l14nmaGBrEkmuhmtdvU/4v" + "aptewGRgmjOfD6cqK+zs0O5NrrJ3P/6ZSxXj91CQgrThGfOv72bUncXEMNtc8pks" + "2jpHFjGMdKufnadAD7XuMgzkkaklEXZ4f5tU6heIIwr51g0GBEGF96gYPFnjnSQM" + "75JE02Clo+DfcfXpcybPTwwFg2jd6JTTOfkdf6OdSlA/1XNK43FA"); + sample2 = Base64.Decode("MIIBpjBABgkqhkiG9w0BBQ0wMzAbBgkqhkiG9w0BBQwwDgQIeFeOWl1jywYCAggA" + "MBQGCCqGSIb3DQMHBAjUJ5eGBhQGtQSCAWBrHrRgqO8UUMLcWzZEtpk1l3mjxiF/" + "koCMkHsFwowgyWhEbgIkTgbSViK54LVK8PskekcGNLph+rB6bGZ7pPbL5pbXASJ8" + "+MkQcG3FZdlS4Ek9tTJDApj3O1UubZGFG4uvTlJJFbF1BOJ3MkY3XQ9Gl1qwv7j5" + "6e103Da7Cq9+oIDKmznza78XXQYrUsPo8mJGjUxPskEYlzwvHjKubRnYm/K6RKhi" + "5f4zX4BQ/Dt3H812ZjRXrsjAJP0KrD/jyD/jCT7zNBVPH1izBds+RwizyQAHwfNJ" + "BFR78TH4cgzB619X47FDVOnT0LqQNVd0O3cSwnPrXE9XR3tPayE+iOB15llFSmi8" + "z0ByOXldEpkezCn92Umk++suzIVj1qfsK+bv2phZWJPbLEIWPDRHUbYf76q5ArAr" + "u4xtxT/hoK3krEs/IN3d70qjlUJ36SEw1UaZ82PWhakQbdtu39ZraMJB"); + sample3 = Base64.Decode("MIIBrjBIBgkqhkiG9w0BBQ0wOzAeBgkqhkiG9w0BBQwwEQQIrHyQPBZqWLUCAggA" + "AgEQMBkGCCqGSIb3DQMCMA0CAToECEhbh7YZKiPSBIIBYCT1zp6o5jpFlIkgwPop" + "7bW1+8ACr4exqzkeb3WflQ8cWJ4cURxzVdvxUnXeW1VJdaQZtjS/QHs5GhPTG/0f" + "wtvnaPfwrIJ3FeGaZfcg2CrYhalOFmEb4xrE4KyoEQmUN8tb/Cg94uzd16BOPw21" + "RDnE8bnPdIGY7TyL95kbkqH23mK53pi7h+xWIgduW+atIqDyyt55f7WMZcvDvlj6" + "VpN/V0h+qxBHL274WA4dj6GYgeyUFpi60HdGCK7By2TBy8h1ZvKGjmB9h8jZvkx1" + "MkbRumXxyFsowTZawyYvO8Um6lbfEDP9zIEUq0IV8RqH2MRyblsPNSikyYhxX/cz" + "tdDxRKhilySbSBg5Kr8OfcwKp9bpinN96nmG4xr3Tch1bnVvqJzOQ5+Vva2WwVvH" + "2JkWvYm5WaANg4Q6bRxu9vz7DuhbJjQdZbxFezIAgrJdSe92B00jO/0Kny1WjiVO" + "6DA="); + result = Hex.Decode("30820155020100300d06092a864886f70d01010105000482013f3082013b020100024100" + "debbfc2c09d61bada2a9462f24224e54cc6b3cc0755f15ce318ef57e79df17026b6a85cc" + "a12428027245045df2052a329a2f9ad3d17b78a10572ad9b22bf343b020301000102402d" + "90a96adcec472743527bc023153d8f0d6e96b40c8ed228276d467d843306429f8670559b" + "f376dd41857f6397c2fc8d95e0e53ed62de420b855430ee4a1b8a1022100ffcaf0838239" + "31e073ff534f06a5d415b3d414bc614a4544a3dff7ed271817eb022100deea30242117db" + "2d3b8837f58f1da530ff83cf9283680da33683ec4e583610f1022100e6026381adb0a683" + "f16a8f4c096b462979b9e4277cc89f3ed8a905b46fa9ff9f02210097c146d4d1d2b3dbaf" + "53a504ff51674c5c271800de84d003f4f10ac6ab36e38102202bfa141f10bda874e1017d" + "845e82767c1c38e82745daf421f0c8cd09d7652387"); + } + } +} diff --git a/BouncyCastle/crypto/test/src/crypto/test/Poly1305Test.cs b/BouncyCastle/crypto/test/src/crypto/test/Poly1305Test.cs new file mode 100644 index 0000000..fd4053c --- /dev/null +++ b/BouncyCastle/crypto/test/src/crypto/test/Poly1305Test.cs @@ -0,0 +1,519 @@ +using System; + +using NUnit.Framework; + +using Org.BouncyCastle.Crypto.Engines; +using Org.BouncyCastle.Crypto.Generators; +using Org.BouncyCastle.Crypto.Macs; +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Utilities; +using Org.BouncyCastle.Utilities.Encoders; +using Org.BouncyCastle.Utilities.Test; +using Org.BouncyCastle.Security; + +namespace Org.BouncyCastle.Crypto.Tests +{ + [TestFixture] + public class Poly1305Test + : SimpleTest + { + private const int MAXLEN = 1000; + + private class TestCase + { + internal byte[] key; + internal byte[] nonce; + internal byte[] message; + internal byte[] expectedMac; + + public TestCase(string key, string nonce, string message, string expectedMac) + { + this.key = Hex.Decode(key); + // nacl test case keys are not pre-Clamped + Poly1305KeyGenerator.Clamp(this.key); + this.nonce = (nonce == null) ? null : Hex.Decode(nonce); + this.message = Hex.Decode(message); + this.expectedMac = Hex.Decode(expectedMac); + } + } + + private static TestCase[] CASES = { + // Raw Poly1305 + // onetimeauth.c from nacl-20110221 + new TestCase("eea6a7251c1e72916d11c2cb214d3c25" + "2539121d8e234e652d651fa4c8cff880", null, + "8e993b9f48681273c29650ba32fc76ce48332ea7164d96a4476fb8c531a1186a" + + "c0dfc17c98dce87b4da7f011ec48c97271d2c20f9b928fe2270d6fb863d51738" + + "b48eeee314a7cc8ab932164548e526ae90224368517acfeabd6bb3732bc0e9da" + + "99832b61ca01b6de56244a9e88d5f9b37973f622a43d14a6599b1f654cb45a74e355a5", + "f3ffc7703f9400e52a7dfb4b3d3305d9"), + // Poly1305-AES + // Loop 1 of test-poly1305aes from poly1305aes-20050218 + new TestCase("0000000000000000000000000000000000000000000000000000000000000000", + "00000000000000000000000000000000", "", "66e94bd4ef8a2c3b884cfa59ca342b2e"), + new TestCase("f795bd0a50e29e0710d3130a20e98d0c" + "f795bd4a52e29ed713d313fa20e98dbc", + "917cf69ebd68b2ec9b9fe9a3eadda692", "66f7", "5ca585c75e8f8f025e710cabc9a1508b"), + new TestCase("3ef49901c8e11c000430d90ad45e7603" + "e69dae0aab9f91c03a325dcc9436fa90", + "166450152e2394835606a9d1dd2cdc8b", "66f75c0e0c7a406586", "2924f51b9c2eff5df09db61dd03a9ca1"), + new TestCase("da4afc035087d90e503f8f0ea08c3e0d" + "85a4ea91a7de0b0d96eed0d4bf6ecf1c", + "0b6ef7a0b8f8c738b0f8d5995415271f", + "66f75c0e0c7a40658629e3392f7f8e3349a02191ffd49f39879a8d9d1d0e23ea", + "3c5a13adb18d31c64cc29972030c917d"), + new TestCase( + "ca3c6a0da0a864024ca3090628c28e0d" + "25eb69bac5cdf7d6bfcee4d9d5507b82", + "046772a4f0a8de92e4f0d628cdb04484", + "66f75c0e0c7a40658629e3392f7f8e3349a02191ffd49f39879a8d9d1d0e23ea3caa4d240bd2ab8a8c4a6bb8d3288d9de4b793f05e97646dd4d98055de", + "fc5fb58dc65daf19b14d1d05da1064e8"), + // Specific test cases generated from test-poly1305aes from poly1305aes-20050218 that + // expose Java unsigned integer problems + new TestCase( + "01bcb20bfc8b6e03609ddd09f44b060f" + "95cc0e44d0b79a8856afcae1bec4fe3c", + null, + "66f75c0e0c7a40658629e3392f7f8e3349a02191ffd49f39879a8d9d1d0e23ea3caa4d240bd2ab8a8c4a6bb8d3288d9de4b793f05e97646dd4d98055de" + + "fc3e0677d956b4c62664bac15962ab15d93ccbbc03aafdbde779162ed93b55361f0f8acaa41d50ef5175927fe79ea316186516eef15001cd04d3524a55" + + "e4fa3c5ca479d3aaa8a897c21807f721b6270ffc68b6889d81a116799f6aaa35d8e04c7a7dd5e6da2519e8759f54e906696f5772fee093283bcef7b930" + + "aed50323bcbc8c820c67422c1e16bdc022a9c0277c9d95fef0ea4ee11e2b27276da811523c5acb80154989f8a67ee9e3fa30b73b0c1c34bf46e3464d97" + + "7cd7fcd0ac3b82721080bb0d9b982ee2c77feee983d7ba35da88ce86955002940652ab63bc56fb16f994da2b01d74356509d7d1b6d7956b0e5a557757b" + + "d1ced2eef8650bc5b6d426108c1518abcbd0befb6a0d5fd57a3e2dbf31458eab63df66613653d4beae73f5c40eb438fbcfdcf4a4ba46320184b9ca0da4" + + "dfae77de7ccc910356caea3243f33a3c81b064b3b7cedc7435c223f664227215715980e6e0bb570d459ba80d7512dbe458c8f0f3f52d659b6e8eef19ee" + + "71aea2ced85c7a42ffca6522a62db49a2a46eff72bd7f7e0883acd087183f0627f3537a4d558754ed63358e8182bee196735b361dc9bd64d5e34e1074a" + + "855655d2974cc6fa1653754cf40f561d8c7dc526aab2908ec2d2b977cde1a1fb1071e32f40e049ea20f30368ba1592b4fe57fb51595d23acbdace324cd" + + "d78060a17187c662368854e915402d9b52fb21e984663e41c26a109437e162cfaf071b53f77e50000a5388ff183b82ce7a1af476c416d7d204157b3633" + + "b2f4ec077b699b032816997e37bceded8d4a04976fd7d0c0b029f290794c3be504c5242287ea2f831f11ed5690d92775cd6e863d7731fd4da687ebfb13" + + "df4c41dc0fb8", "ae345d555eb04d6947bb95c0965237e2"), + new TestCase( + "cd07fd0ef8c0be0afcbdb30af4af0009" + "76fb3635a2dc92a1f768163ab12f2187", + null, + "f05204a74f0f88a7fa1a95b84ec3d8ffb36fcdc7723ea65dfe7cd464e86e0abf6b9d51db3220cfd8496ad6e6d36ebee8d990f9ce0d3bb7f72b7ab5b3ab0a73240d11efe772c857021ae859db4933cdde4387b471d2ce700fef4b81087f8f47c307881fd83017afcd15b8d21edf9b704677f46df97b07e5b83f87c8abd90af9b1d0f9e2710e8ebd0d4d1c6a055abea861f42368bed94d9373e909c1d3715b221c16bc524c55c31ec3eab204850bb2474a84f9917038eff9d921130951391b5c54f09b5e1de833ea2cd7d3b306740abb7096d1e173da83427da2adddd3631eda30b54dbf487f2b082e8646f07d6e0a87e97522ca38d4ace4954bf3db6dd3a93b06fa18eb56856627ed6cffcd7ae26374554ca18ab8905f26331d323fe10e6e70624c7bc07a70f06ecd804b48f8f7e75e910165e1beb554f1f0ec7949c9c8d429a206b4d5c0653102249b6098e6b45fac2a07ff0220b0b8ae8f4c6bcc0c813a7cd141fa8b398b42575fc395747c5a0257ac41d6c1f434cfbf5dfe8349f5347ef6b60e611f5d6c3cbc20ca2555274d1934325824cef4809da293ea13f181929e2af025bbd1c9abdc3af93afd4c50a2854ade3887f4d2c8c225168052c16e74d76d2dd3e9467a2c5b8e15c06ffbffa42b8536384139f07e195a8c9f70f514f31dca4eb2cf262c0dcbde53654b6250a29efe21d54e83c80e005a1cad36d5934ff01c32e4bc5fe06d03064ff4a268517df4a94c759289f323734318cfa5d859d4ce9c16e63d02dff0896976f521607638535d2ee8dd3312e1ddc80a55d34fe829ab954c1ebd54d929954770f1be9d32b4c05003c5c9e97943b6431e2afe820b1e967b19843e5985a131b1100517cdc363799104af91e2cf3f53cb8fd003653a6dd8a31a3f9d566a7124b0ffe9695bcb87c482eb60106f88198f766a40bc0f4873c23653c5f9e7a8e446f770beb8034cf01d21028ba15ccee21a8db918c4829d61c88bfa927bc5def831501796c5b401a60a6b1b433c9fb905c8cd40412fffee81ab", + "045be28cc52009f506bdbfabedacf0b4"), + // Test case from JIRA issue BJA-620 + new TestCase( + "ffffffffffffffffffffffffffffffff" + "ffffffffffffffffffffffffffffffff", + null, + "ffffffffffffffffffffffffffffffff" + "ffffffffffffffffffffffffffffffff" + "ffffffffffffffffffffffffffffffff" + "ffffffffffffffffffffffffffffffff" + + "ffffffffffffffffffffffffffffffff" + "ffffffffffffffffffffffffffffffff" + "ffffffffffffffffffffffffffffffff" + "ffffffffffffffffffffffffffffffff" + + "ffffffffffffffffffffffffffffffff" + "ffffffffffffffffffffffffffffffff" + "ffffffffffffffffffffffffffffffff" + "ffffffffffffffffffffffffffffffff" + + "ffffffffffffffffffffffffffffffff" + "ffffffffffffffffffffffffffffffff" + "ffffffffffffffffffffffffffffffff" + "ffffffffffffffffffffffffffffff", + "c80cb43844f387946e5aa6085bdf67da") + }; + + public override string Name + { + get { return "Poly1305"; } + } + + public override void PerformTest() + { + testKeyGenerator(); + testInit(); + for (int i = 0; i < CASES.Length; i++) + { + testCase(i); + } + testSequential(); + testReset(); + rfc7539Test(); + } + + private void testCase(int i) + { + byte[] output = new byte[16]; + TestCase tc = CASES[i]; + + IMac mac; + if (tc.nonce == null) + { + // Raw Poly1305 test - don't do any transform on AES key part + mac = new Poly1305(); + mac.Init(new KeyParameter(tc.key)); + } + else + { + mac = new Poly1305(new AesEngine()); + mac.Init(new ParametersWithIV(new KeyParameter(tc.key), tc.nonce)); + } + mac.BlockUpdate(tc.message, 0, tc.message.Length); + mac.DoFinal(output, 0); + + if (!Arrays.AreEqual(output, tc.expectedMac)) + { + Fail("Mismatched output " + i, Hex.ToHexString(tc.expectedMac), Hex.ToHexString(output)); + } + } + + private void testSequential() + { + // Sequential test, adapted from test-poly1305aes + int len; + byte[] kr = new byte[32]; + byte[] m = new byte[MAXLEN]; + byte[] n = new byte[16]; + byte[] output = new byte[16]; + + int c = 0; + IMac mac = new Poly1305(new AesEngine()); + for (int loop = 0; loop < 13; loop++) + { + len = 0; + for (;;) + { + c++; + mac.Init(new ParametersWithIV(new KeyParameter(kr), n)); + mac.BlockUpdate(m, 0, len); + mac.DoFinal(output, 0); + + // if (c == 678) + // { + // TestCase tc = CASES[0]; + // + // if (!Arrays.AreEqual(tc.key, kr)) + // { + // System.err.println("Key bad"); + // System.err.println(Hex.ToHexString(tc.key))); + // System.err.println(Hex.ToHexString(kr))); + // System.exit(1); + // } + // if (!Arrays.AreEqual(tc.nonce, n)) + // { + // System.err.println("Nonce bad"); + // System.exit(1); + // } + // System.out.printf("[%d] m: %s\n", c, Hex.ToHexString(m, 0, len))); + // System.out.printf("[%d] K: %s\n", c, new string(Hex.encodje(kr))); + // System.out.printf("[%d] N: %s\n", c, Hex.ToHexString(n))); + // System.out.printf("[%d] M: ", c); + // } + // System.out.printf("%d/%s\n", c, Hex.ToHexString(out))); + + if (len >= MAXLEN) + break; + n[0] = (byte)(n[0] ^ loop); + for (int i = 0; i < 16; ++i) + { + n[i] ^= output[i]; + } + if (len % 2 != 0) + { + for (int i = 0; i < 16; ++i) + { + kr[i] ^= output[i]; + } + } + if (len % 3 != 0) + { + for (int i = 0; i < 16; ++i) + { + kr[i + 16] ^= output[i]; + } + } + Poly1305KeyGenerator.Clamp(kr); + m[len++] ^= output[0]; + } + } + // Output after 13 loops as generated by poly1305 ref + if (c != 13013 || !Arrays.AreEqual(output, Hex.Decode("89824ddf0816481051f4a82731cd56d5"))) + { + Fail("Sequential Poly1305 " + c, "89824ddf0816481051f4a82731cd56d5", Hex.ToHexString(output)); + } + } + + private void testReset() + { + CipherKeyGenerator gen = new Poly1305KeyGenerator(); + gen.Init(new KeyGenerationParameters(new SecureRandom(), 256)); + byte[] k = gen.GenerateKey(); + + byte[] m = new byte[10000]; + byte[] check = new byte[16]; + byte[] output = new byte[16]; + + // Generate baseline + IMac poly = new Poly1305(new AesEngine()); + poly.Init(new ParametersWithIV(new KeyParameter(k), new byte[16])); + + poly.BlockUpdate(m, 0, m.Length); + poly.DoFinal(check, 0); + + // Check reset after doFinal + poly.BlockUpdate(m, 0, m.Length); + poly.DoFinal(output, 0); + + if (!Arrays.AreEqual(check, output)) + { + Fail("Mac not reset after doFinal"); + } + + // Check reset + poly.Update((byte)1); + poly.Update((byte)2); + poly.Reset(); + poly.BlockUpdate(m, 0, m.Length); + poly.DoFinal(output, 0); + + if (!Arrays.AreEqual(check, output)) + { + Fail("Mac not reset after doFinal"); + } + + // Check init resets + poly.Update((byte)1); + poly.Update((byte)2); + poly.Init(new ParametersWithIV(new KeyParameter(k), new byte[16])); + poly.BlockUpdate(m, 0, m.Length); + poly.DoFinal(output, 0); + + if (!Arrays.AreEqual(check, output)) + { + Fail("Mac not reset after doFinal"); + } + } + + private void testInit() + { + CipherKeyGenerator gen = new Poly1305KeyGenerator(); + gen.Init(new KeyGenerationParameters(new SecureRandom(), 256)); + byte[] k = gen.GenerateKey(); + + IMac poly = new Poly1305(new AesEngine()); + poly.Init(new ParametersWithIV(new KeyParameter(k), new byte[16])); + + try + { + poly.Init(new ParametersWithIV(new KeyParameter(k), new byte[15])); + Fail("16 byte nonce required"); + } + catch (ArgumentException) + { + // Expected + } + + try + { + byte[] k2 = new byte[k.Length - 1]; + Array.Copy(k, 0, k2, 0, k2.Length); + poly.Init(new ParametersWithIV(new KeyParameter(k2), new byte[16])); + Fail("32 byte key required"); + } + catch (ArgumentException) + { + // Expected + } + + /* + try + { + k[19] = (byte)0xFF; + poly.Init(new ParametersWithIV(new KeyParameter(k), new byte[16])); + Fail("UnClamped key should not be accepted."); + } + catch (ArgumentException) + { + // Expected + } + */ + } + + private void testKeyGenerator() + { + CipherKeyGenerator gen = new Poly1305KeyGenerator(); + gen.Init(new KeyGenerationParameters(new SecureRandom(), 256)); + byte[] k = gen.GenerateKey(); + + if (k.Length != 32) + { + Fail("Poly1305 key should be 256 bits."); + } + + try + { + Poly1305KeyGenerator.CheckKey(k); + } + catch (ArgumentException) + { + Fail("Poly1305 key should be Clamped on generation."); + } + + byte[] k2 = new byte[k.Length]; + Array.Copy(k, 0, k2, 0, k2.Length); + Poly1305KeyGenerator.Clamp(k); + if (!Arrays.AreEqual(k, k2)) + { + Fail("Poly1305 key should be Clamped on generation."); + } + + /* + try + { + k2[19] = (byte)0xff; + Poly1305KeyGenerator.CheckKey(k2); + Fail("UnClamped key should fail check."); + } + catch (ArgumentException) + { + // Expected + } + */ + } + + public void rfc7539Test() + { + // From RFC 7539 + byte[] keyMaterial = Hex.Decode("85d6be7857556d337f4452fe42d506a80103808afb0db2fd4abff6af4149f51b"); + byte[] data = Hex.Decode("43727970746f677261706869 63 20 46 6f 72 75 6d 20 52 65 73 65 61 72 63 68 20 47 72 6f7570"); + byte[] expected = Hex.Decode("a8061dc1305136c6c22b8baf0c0127a9"); + + CheckVector(keyMaterial, data, expected); + + data = Hex.Decode("48656c6c6f20776f726c6421"); + keyMaterial = Hex.Decode( + "746869732069732033322d6279746520" + + "6b657920666f7220506f6c7931333035"); + + CheckVector(keyMaterial, data, Hex.Decode("a6f745008f81c916a20dcc74eef2b2f0")); + + // A.3 #1 + keyMaterial = Hex.Decode("00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0000 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00"); + + data = Hex.Decode( + "00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00" + + "00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00" + + "00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00" + + "00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00"); + + CheckVector(keyMaterial, data, Hex.Decode("00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00")); + + // A.3 #2 + keyMaterial = Hex.Decode("00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0036 e5 f6 b5 c5 e0 60 70 f0 ef ca 96 22 7a 86 3e"); + + data = Hex.Decode( + "41 6e 79 20 73 75 62 6d 69 73 73 69 6f 6e 20 74" + + "6f 20 74 68 65 20 49 45 54 46 20 69 6e 74 65 6e" + + "64 65 64 20 62 79 20 74 68 65 20 43 6f 6e 74 72" + + "69 62 75 74 6f 72 20 66 6f 72 20 70 75 62 6c 69" + + "63 61 74 69 6f 6e 20 61 73 20 61 6c 6c 20 6f 72" + + "20 70 61 72 74 20 6f 66 20 61 6e 20 49 45 54 46" + + "20 49 6e 74 65 72 6e 65 74 2d 44 72 61 66 74 20" + + "6f 72 20 52 46 43 20 61 6e 64 20 61 6e 79 20 73" + + "74 61 74 65 6d 65 6e 74 20 6d 61 64 65 20 77 69" + + "74 68 69 6e 20 74 68 65 20 63 6f 6e 74 65 78 74" + + "20 6f 66 20 61 6e 20 49 45 54 46 20 61 63 74 69" + + "76 69 74 79 20 69 73 20 63 6f 6e 73 69 64 65 72" + + "65 64 20 61 6e 20 22 49 45 54 46 20 43 6f 6e 74" + + "72 69 62 75 74 69 6f 6e 22 2e 20 53 75 63 68 20" + + "73 74 61 74 65 6d 65 6e 74 73 20 69 6e 63 6c 75" + + "64 65 20 6f 72 61 6c 20 73 74 61 74 65 6d 65 6e" + + "74 73 20 69 6e 20 49 45 54 46 20 73 65 73 73 69" + + "6f 6e 73 2c 20 61 73 20 77 65 6c 6c 20 61 73 20" + + "77 72 69 74 74 65 6e 20 61 6e 64 20 65 6c 65 63" + + "74 72 6f 6e 69 63 20 63 6f 6d 6d 75 6e 69 63 61" + + "74 69 6f 6e 73 20 6d 61 64 65 20 61 74 20 61 6e" + + "79 20 74 69 6d 65 20 6f 72 20 70 6c 61 63 65 2c" + + "20 77 68 69 63 68 20 61 72 65 20 61 64 64 72 65" + + "73 73 65 64 20 74 6f"); + + CheckVector(keyMaterial, data, Hex.Decode("36 e5 f6 b5 c5 e0 60 70 f0 ef ca 96 22 7a 86 3e")); + + // A.3 #3 + keyMaterial = Hex.Decode("36 e5 f6 b5 c5 e0 60 70 f0 ef ca 96 22 7a 86 3e00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00"); + + CheckVector(keyMaterial, data, Hex.Decode("f3 47 7e 7c d9 54 17 af 89 a6 b8 79 4c 31 0c f0")); + + // A.3 #4 + + keyMaterial = Hex.Decode("1c 92 40 a5 eb 55 d3 8a f3 33 88 86 04 f6 b5 f0 47 39 17 c1 40 2b 80 09 9d ca 5c bc 20 70 75 c0"); + + data = Hex.Decode( + "27 54 77 61 73 20 62 72 69 6c 6c 69 67 2c 20 61" + + "6e 64 20 74 68 65 20 73 6c 69 74 68 79 20 74 6f" + + "76 65 73 0a 44 69 64 20 67 79 72 65 20 61 6e 64" + + "20 67 69 6d 62 6c 65 20 69 6e 20 74 68 65 20 77" + + "61 62 65 3a 0a 41 6c 6c 20 6d 69 6d 73 79 20 77" + + "65 72 65 20 74 68 65 20 62 6f 72 6f 67 6f 76 65" + + "73 2c 0a 41 6e 64 20 74 68 65 20 6d 6f 6d 65 20" + + "72 61 74 68 73 20 6f 75 74 67 72 61 62 65 2e"); + + CheckVector(keyMaterial, data, Hex.Decode("45 41 66 9a 7e aa ee 61 e7 08 dc 7c bc c5 eb 62")); + + // A.3 #5 + keyMaterial = Hex.Decode("02 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0000 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00"); + data = Hex.Decode("FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF"); + + CheckVector(keyMaterial, data, Hex.Decode("03 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00")); + + // A.3 #6 + keyMaterial = Hex.Decode("02 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF"); + data = Hex.Decode("02 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00"); + + CheckVector(keyMaterial, data, Hex.Decode("03 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00")); + + // A.3 #7 + keyMaterial = Hex.Decode("01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0000 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00"); + data = Hex.Decode("FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FFF0 FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF11 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00"); + + CheckVector(keyMaterial, data, Hex.Decode("05 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00")); + + // A.3 #8 + keyMaterial = Hex.Decode("01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0000 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00"); + data = Hex.Decode("FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FFFB FE FE FE FE FE FE FE FE FE FE FE FE FE FE FE01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01"); + + CheckVector(keyMaterial, data, Hex.Decode("00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00")); + + // A.3 #9 + keyMaterial = Hex.Decode("02 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0000 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00"); + data = Hex.Decode("FD FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF"); + + CheckVector(keyMaterial, data, Hex.Decode("FA FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF")); + + // A.3 #10 + keyMaterial = Hex.Decode("01 00 00 00 00 00 00 00 04 00 00 00 00 00 00 0000 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00"); + data = Hex.Decode( + "E3 35 94 D7 50 5E 43 B9 00 00 00 00 00 00 00 00" + + "33 94 D7 50 5E 43 79 CD 01 00 00 00 00 00 00 00" + + "00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00" + + "01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00"); + + CheckVector(keyMaterial, data, Hex.Decode("14 00 00 00 00 00 00 00 55 00 00 00 00 00 00 00")); + + // A.3 #11 + keyMaterial = Hex.Decode("01 00 00 00 00 00 00 00 04 00 00 00 00 00 00 0000 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00"); + data = Hex.Decode( + "E3 35 94 D7 50 5E 43 B9 00 00 00 00 00 00 00 00" + + "33 94 D7 50 5E 43 79 CD 01 00 00 00 00 00 00 00" + + "00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00"); + + CheckVector(keyMaterial, data, Hex.Decode("13 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00")); + } + + private void CheckVector(byte[] keyMaterial, byte[] input, byte[] tag) + { + Poly1305 poly1305 = new Poly1305(); + + poly1305.Init(new KeyParameter(keyMaterial)); + + poly1305.BlockUpdate(input, 0, input.Length); + + byte[] mac = new byte[poly1305.GetMacSize()]; + + poly1305.DoFinal(mac, 0); + + if (!Arrays.AreEqual(tag, mac)) + { + Fail("rfc7539", Hex.ToHexString(tag), Hex.ToHexString(mac)); + } + } + + public static void Main( + string[] args) + { + RunTest(new Poly1305Test()); + } + + [Test] + public void TestFunction() + { + string resultText = Perform().ToString(); + + Assert.AreEqual(Name + ": Okay", resultText); + } + + } +} \ No newline at end of file diff --git a/BouncyCastle/crypto/test/src/crypto/test/RC2Test.cs b/BouncyCastle/crypto/test/src/crypto/test/RC2Test.cs new file mode 100644 index 0000000..177c181 --- /dev/null +++ b/BouncyCastle/crypto/test/src/crypto/test/RC2Test.cs @@ -0,0 +1,58 @@ +using System; + +using NUnit.Framework; + +using Org.BouncyCastle.Crypto.Engines; +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Utilities.Encoders; +using Org.BouncyCastle.Utilities.Test; + +namespace Org.BouncyCastle.Crypto.Tests +{ + + /// RC2 tester - vectors from ftp://ftp.isi.edu/in-notes/rfc2268.txt + /// + /// RFC 2268 "A Description of the RC2(r) Encryption Algorithm" + /// + + [TestFixture] + public class RC2Test:CipherTest + { + public override string Name + { + get { return "RC2"; } + } + + internal static BlockCipherVectorTest[] tests = new BlockCipherVectorTest[]{ + new BlockCipherVectorTest(0, new RC2Engine(), new RC2Parameters(Hex.Decode("0000000000000000"), 63), "0000000000000000", "ebb773f993278eff"), + new BlockCipherVectorTest(1, new RC2Engine(), new RC2Parameters(Hex.Decode("ffffffffffffffff"), 64), "ffffffffffffffff", "278b27e42e2f0d49"), + new BlockCipherVectorTest(2, new RC2Engine(), new RC2Parameters(Hex.Decode("3000000000000000"), 64), "1000000000000001", "30649edf9be7d2c2"), + new BlockCipherVectorTest(3, new RC2Engine(), new RC2Parameters(Hex.Decode("88"), 64), "0000000000000000", "61a8a244adacccf0"), + new BlockCipherVectorTest(4, new RC2Engine(), new RC2Parameters(Hex.Decode("88bca90e90875a"), 64), "0000000000000000", "6ccf4308974c267f"), + new BlockCipherVectorTest(5, new RC2Engine(), new RC2Parameters(Hex.Decode("88bca90e90875a7f0f79c384627bafb2"), 64), "0000000000000000", "1a807d272bbe5db1"), + new BlockCipherVectorTest(6, new RC2Engine(), new RC2Parameters(Hex.Decode("88bca90e90875a7f0f79c384627bafb2"), 128), "0000000000000000", "2269552ab0f85ca6"), + new BlockCipherVectorTest(7, new RC2Engine(), new RC2Parameters(Hex.Decode("88bca90e90875a7f0f79c384627bafb216f80a6f85920584c42fceb0be255daf1e"), 129), "0000000000000000", "5b78d3a43dfff1f1")}; + + public RC2Test() + :base(tests, new RC2Engine(), new RC2Parameters(new byte[16])) + { + } + + public static void Main( + string[] args) + { + ITest test = new RC2Test(); + ITestResult result = test.Perform(); + + Console.WriteLine(result); + } + + [Test] + public void TestFunction() + { + string resultText = Perform().ToString(); + + Assert.AreEqual(Name + ": Okay", resultText); + } + } +} diff --git a/BouncyCastle/crypto/test/src/crypto/test/RC2WrapTest.cs b/BouncyCastle/crypto/test/src/crypto/test/RC2WrapTest.cs new file mode 100644 index 0000000..fc27acd --- /dev/null +++ b/BouncyCastle/crypto/test/src/crypto/test/RC2WrapTest.cs @@ -0,0 +1,123 @@ +using System; + +using NUnit.Framework; + +using Org.BouncyCastle.Crypto; +using Org.BouncyCastle.Crypto.Engines; +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Security; +using Org.BouncyCastle.Utilities; +using Org.BouncyCastle.Utilities.Encoders; +using Org.BouncyCastle.Utilities.Test; + +namespace Org.BouncyCastle.Crypto.Tests +{ + /** + * RC2 wrap tester + */ + [TestFixture] + public class RC2WrapTest + : ITest + { + private class RFCRandom + : SecureRandom + { + public override void NextBytes( + byte[] nextBytes) + { + Array.Copy(Hex.Decode("4845cce7fd1250"), 0, nextBytes, 0, nextBytes.Length); + } + } + + private ITestResult wrapTest( + int id, + ICipherParameters paramsWrap, + ICipherParameters paramsUnwrap, + byte[] inBytes, + byte[] outBytes) + { + IWrapper wrapper = new RC2WrapEngine(); + + wrapper.Init(true, paramsWrap); + + try + { + byte[] cText = wrapper.Wrap(inBytes, 0, inBytes.Length); + if (!Arrays.AreEqual(cText, outBytes)) + { + return new SimpleTestResult(false, Name + ": failed wrap test " + id + + " expected " + Hex.ToHexString(outBytes) + + " got " + Hex.ToHexString(cText)); + } + } + catch (Exception e) + { + return new SimpleTestResult(false, Name + ": failed wrap test exception " + e, e); + } + + wrapper.Init(false, paramsUnwrap); + + try + { + byte[] pText = wrapper.Unwrap(outBytes, 0, outBytes.Length); + if (!Arrays.AreEqual(pText, inBytes)) + { + return new SimpleTestResult(false, Name + ": failed unwrap test " + id + + " expected " + Hex.ToHexString(inBytes) + + " got " + Hex.ToHexString(pText)); + } + } + catch (Exception e) + { + return new SimpleTestResult(false, Name + ": failed unwrap test exception " + e, e); + } + + return new SimpleTestResult(true, Name + ": Okay"); + } + + public ITestResult Perform() + { + byte[] kek1 = Hex.Decode("fd04fd08060707fb0003fefffd02fe05"); + byte[] iv1 = Hex.Decode("c7d90059b29e97f7"); + byte[] in1 = Hex.Decode("b70a25fbc9d86a86050ce0d711ead4d9"); + byte[] out1 = Hex.Decode("70e699fb5701f7833330fb71e87c85a420bdc99af05d22af5a0e48d35f3138986cbaafb4b28d4f35"); + // + // note the RFC 3217 test specifies a key to be used with an effective key size of + // 40 bits which is why it is done here - in practice nothing less than 128 bits should be used. + // + ICipherParameters paramWrap = new ParametersWithRandom(new ParametersWithIV(new RC2Parameters(kek1, 40), iv1), new RFCRandom()); + ICipherParameters paramUnwrap = new RC2Parameters(kek1, 40); + + ITestResult result = wrapTest(1, paramWrap, paramUnwrap, in1, out1); + + if (!result.IsSuccessful()) + { + return result; + } + + return new SimpleTestResult(true, Name + ": Okay"); + } + + public string Name + { + get { return "RC2Wrap"; } + } + + public static void Main( + string[] args) + { + ITest test = new RC2WrapTest(); + ITestResult result = test.Perform(); + + Console.WriteLine(result); + } + + [Test] + public void TestFunction() + { + string resultText = Perform().ToString(); + + Assert.AreEqual(Name + ": Okay", resultText); + } + } +} diff --git a/BouncyCastle/crypto/test/src/crypto/test/RC4Test.cs b/BouncyCastle/crypto/test/src/crypto/test/RC4Test.cs new file mode 100644 index 0000000..7c1ac91 --- /dev/null +++ b/BouncyCastle/crypto/test/src/crypto/test/RC4Test.cs @@ -0,0 +1,59 @@ +using System; + +using NUnit.Framework; + +using Org.BouncyCastle.Crypto.Engines; +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Utilities.Encoders; +using Org.BouncyCastle.Utilities.Test; + +namespace Org.BouncyCastle.Crypto.Tests +{ + /// RC4 Test + [TestFixture] + public class RC4Test + : ITest + { + public string Name + { + get { return "RC4"; } + } + + internal StreamCipherVectorTest[] tests = new StreamCipherVectorTest[]{ + new StreamCipherVectorTest(0, new RC4Engine(), new KeyParameter(Hex.Decode("0123456789ABCDEF")), "4e6f772069732074", "3afbb5c77938280d"), + new StreamCipherVectorTest(0, new RC4Engine(), new KeyParameter(Hex.Decode("0123456789ABCDEF")), "68652074696d6520", "1cf1e29379266d59"), + new StreamCipherVectorTest(0, new RC4Engine(), new KeyParameter(Hex.Decode("0123456789ABCDEF")), "666f7220616c6c20", "12fbb0c771276459")}; + + public virtual ITestResult Perform() + { + for (int i = 0; i != tests.Length; i++) + { + ITestResult res = tests[i].Perform(); + + if (!res.IsSuccessful()) + { + return res; + } + } + + return new SimpleTestResult(true, Name + ": Okay"); + } + + public static void Main( + string[] args) + { + ITest test = new RC4Test(); + ITestResult result = test.Perform(); + + Console.WriteLine(result); + } + + [Test] + public void TestFunction() + { + string resultText = Perform().ToString(); + + Assert.AreEqual(Name + ": Okay", resultText); + } + } +} diff --git a/BouncyCastle/crypto/test/src/crypto/test/RC5Test.cs b/BouncyCastle/crypto/test/src/crypto/test/RC5Test.cs new file mode 100644 index 0000000..e50878a --- /dev/null +++ b/BouncyCastle/crypto/test/src/crypto/test/RC5Test.cs @@ -0,0 +1,201 @@ +using System; + +using NUnit.Framework; + +using System.Text; +using Org.BouncyCastle.Crypto; +using Org.BouncyCastle.Crypto.Engines; +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Crypto.Modes; +using Org.BouncyCastle.Utilities.Encoders; +using Org.BouncyCastle.Utilities.Test; + + +namespace Org.BouncyCastle.Crypto.Tests +{ + + /** + * RC5 tester - vectors from ftp://ftp.nordu.net/rfc/rfc2040.txt + * + * RFC 2040 "The RC5, RC5-CBC, RC5-CBC-Pad, and RC5-CTS Algorithms" + */ + [TestFixture] + public class RC5Test: ITest + { + BlockCipherVectorTest[] tests = + { + new BlockCipherVectorTest(0, new CbcBlockCipher(new RC532Engine()), + new ParametersWithIV( + new RC5Parameters(Hex.Decode("00"), 0), + Hex.Decode("0000000000000000")), + "0000000000000000", "7a7bba4d79111d1e"), + new BlockCipherVectorTest(1, new CbcBlockCipher(new RC532Engine()), + new ParametersWithIV( + new RC5Parameters(Hex.Decode("00"), 0), + Hex.Decode("0000000000000000")), + "ffffffffffffffff", "797bba4d78111d1e"), + new BlockCipherVectorTest(2, new CbcBlockCipher(new RC532Engine()), + new ParametersWithIV( + new RC5Parameters(Hex.Decode("00"), 0), + Hex.Decode("0000000000000001")), + "0000000000000000", "7a7bba4d79111d1f"), + new BlockCipherVectorTest(3, new CbcBlockCipher(new RC532Engine()), + new ParametersWithIV( + new RC5Parameters(Hex.Decode("00"), 0), + Hex.Decode("0000000000000000")), + "0000000000000001", "7a7bba4d79111d1f"), + new BlockCipherVectorTest(4, new CbcBlockCipher(new RC532Engine()), + new ParametersWithIV( + new RC5Parameters(Hex.Decode("00"), 0), + Hex.Decode("0102030405060708")), + "1020304050607080", "8b9ded91ce7794a6"), + new BlockCipherVectorTest(5, new CbcBlockCipher(new RC532Engine()), + new ParametersWithIV( + new RC5Parameters(Hex.Decode("11"), 1), + Hex.Decode("0000000000000000")), + "0000000000000000", "2f759fe7ad86a378"), + new BlockCipherVectorTest(6, new CbcBlockCipher(new RC532Engine()), + new ParametersWithIV( + new RC5Parameters(Hex.Decode("00"), 2), + Hex.Decode("0000000000000000")), + "0000000000000000", "dca2694bf40e0788"), + new BlockCipherVectorTest(7, new CbcBlockCipher(new RC532Engine()), + new ParametersWithIV( + new RC5Parameters(Hex.Decode("00000000"), 2), + Hex.Decode("0000000000000000")), + "0000000000000000", "dca2694bf40e0788"), + new BlockCipherVectorTest(8, new CbcBlockCipher(new RC532Engine()), + new ParametersWithIV( + new RC5Parameters(Hex.Decode("00000000"), 8), + Hex.Decode("0000000000000000")), + "0000000000000000", "dcfe098577eca5ff"), + new BlockCipherVectorTest(9, new CbcBlockCipher(new RC532Engine()), + new ParametersWithIV( + new RC5Parameters(Hex.Decode("00"), 8), + Hex.Decode("0102030405060708")), + "1020304050607080", "9646fb77638f9ca8"), + new BlockCipherVectorTest(10, new CbcBlockCipher(new RC532Engine()), + new ParametersWithIV( + new RC5Parameters(Hex.Decode("00"), 12), + Hex.Decode("0102030405060708")), + "1020304050607080", "b2b3209db6594da4"), + new BlockCipherVectorTest(11, new CbcBlockCipher(new RC532Engine()), + new ParametersWithIV( + new RC5Parameters(Hex.Decode("00"), 16), + Hex.Decode("0102030405060708")), + "1020304050607080", "545f7f32a5fc3836"), + new BlockCipherVectorTest(12, new CbcBlockCipher(new RC532Engine()), + new ParametersWithIV( + new RC5Parameters(Hex.Decode("01020304"), 8), + Hex.Decode("0000000000000000")), + "ffffffffffffffff", "8285e7c1b5bc7402"), + new BlockCipherVectorTest(13, new CbcBlockCipher(new RC532Engine()), + new ParametersWithIV( + new RC5Parameters(Hex.Decode("01020304"), 12), + Hex.Decode("0000000000000000")), + "ffffffffffffffff", "fc586f92f7080934"), + new BlockCipherVectorTest(14, new CbcBlockCipher(new RC532Engine()), + new ParametersWithIV( + new RC5Parameters(Hex.Decode("01020304"), 16), + Hex.Decode("0000000000000000")), + "ffffffffffffffff", "cf270ef9717ff7c4"), + new BlockCipherVectorTest(15, new CbcBlockCipher(new RC532Engine()), + new ParametersWithIV( + new RC5Parameters(Hex.Decode("0102030405060708"), 12), + Hex.Decode("0000000000000000")), + "ffffffffffffffff", "e493f1c1bb4d6e8c"), + new BlockCipherVectorTest(16, new CbcBlockCipher(new RC532Engine()), + new ParametersWithIV( + new RC5Parameters(Hex.Decode("0102030405060708"), 8), + Hex.Decode("0102030405060708")), + "1020304050607080", "5c4c041e0f217ac3"), + new BlockCipherVectorTest(17, new CbcBlockCipher(new RC532Engine()), + new ParametersWithIV( + new RC5Parameters(Hex.Decode("0102030405060708"), 12), + Hex.Decode("0102030405060708")), + "1020304050607080", "921f12485373b4f7"), + new BlockCipherVectorTest(18, new CbcBlockCipher(new RC532Engine()), + new ParametersWithIV( + new RC5Parameters(Hex.Decode("0102030405060708"), 16), + Hex.Decode("0102030405060708")), + "1020304050607080", "5ba0ca6bbe7f5fad"), + new BlockCipherVectorTest(19, new CbcBlockCipher(new RC532Engine()), + new ParametersWithIV( + new RC5Parameters(Hex.Decode("01020304050607081020304050607080"), 8), + Hex.Decode("0102030405060708")), + "1020304050607080", "c533771cd0110e63"), + new BlockCipherVectorTest(20, new CbcBlockCipher(new RC532Engine()), + new ParametersWithIV( + new RC5Parameters(Hex.Decode("01020304050607081020304050607080"), 12), + Hex.Decode("0102030405060708")), + "1020304050607080", "294ddb46b3278d60"), + new BlockCipherVectorTest(21, new CbcBlockCipher(new RC532Engine()), + new ParametersWithIV( + new RC5Parameters(Hex.Decode("01020304050607081020304050607080"), 16), + Hex.Decode("0102030405060708")), + "1020304050607080", "dad6bda9dfe8f7e8"), + new BlockCipherVectorTest(22, new CbcBlockCipher(new RC532Engine()), + new ParametersWithIV( + new RC5Parameters(Hex.Decode("0102030405"), 12), + Hex.Decode("0000000000000000")), + "ffffffffffffffff", "97e0787837ed317f"), + new BlockCipherVectorTest(23, new CbcBlockCipher(new RC532Engine()), + new ParametersWithIV( + new RC5Parameters(Hex.Decode("0102030405"), 8), + Hex.Decode("0000000000000000")), + "ffffffffffffffff", "7875dbf6738c6478"), + new BlockCipherVectorTest(23, new CbcBlockCipher(new RC532Engine()), + new ParametersWithIV( + new RC5Parameters(Hex.Decode("0102030405"), 8), + Hex.Decode("7875dbf6738c6478")), + "0808080808080808", "8f34c3c681c99695"), + new BlockCipherVectorTest(640, new CbcBlockCipher(new RC564Engine()), + new ParametersWithIV( + new RC5Parameters(Hex.Decode("00"), 0), + Hex.Decode("00000000000000000000000000000000")), + "00000000000000000000000000000000", "9f09b98d3f6062d9d4d59973d00e0e63"), + new BlockCipherVectorTest(641, new CbcBlockCipher(new RC564Engine()), + new ParametersWithIV( + new RC5Parameters(Hex.Decode("00"), 0), + Hex.Decode("00000000000000000000000000000000")), + "ffffffffffffffffffffffffffffffff", "9e09b98d3f6062d9d3d59973d00e0e63") + }; + + public string Name + { + get { return "RC5"; } + } + + public ITestResult Perform() + { + for (int i = 0; i != tests.Length; i++) + { + ITestResult res = tests[i].Perform(); + + if (!res.IsSuccessful()) + { + return res; + } + } + + return new SimpleTestResult(true, Name + ": Okay"); + } + + public static void Main( + string[] args) + { + RC5Test test = new RC5Test(); + ITestResult result = test.Perform(); + + Console.WriteLine(result); + } + + [Test] + public void TestFunction() + { + string resultText = Perform().ToString(); + + Assert.AreEqual(Name + ": Okay", resultText); + } + } +} diff --git a/BouncyCastle/crypto/test/src/crypto/test/RC6Test.cs b/BouncyCastle/crypto/test/src/crypto/test/RC6Test.cs new file mode 100644 index 0000000..4f59ec4 --- /dev/null +++ b/BouncyCastle/crypto/test/src/crypto/test/RC6Test.cs @@ -0,0 +1,54 @@ +using System; + +using NUnit.Framework; + +using Org.BouncyCastle.Crypto.Engines; +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Utilities.Encoders; +using Org.BouncyCastle.Utilities.Test; + +namespace Org.BouncyCastle.Crypto.Tests +{ + /// RC6 Test - test vectors from AES Submitted RSA Reference implementation. + /// ftp://ftp.funet.fi/pub/crypt/cryptography/symmetric/aes/rc6-unix-refc.tar + /// + [TestFixture] + public class RC6Test + : CipherTest + { + public override string Name + { + get { return "RC6"; } + } + + internal static SimpleTest[] tests = new SimpleTest[]{ + new BlockCipherVectorTest(0, new RC6Engine(), new KeyParameter(Hex.Decode("00000000000000000000000000000000")), "80000000000000000000000000000000", "f71f65e7b80c0c6966fee607984b5cdf"), + new BlockCipherVectorTest(1, new RC6Engine(), new KeyParameter(Hex.Decode("000000000000000000000000000000008000000000000000")), "00000000000000000000000000000000", "dd04c176440bbc6686c90aee775bd368"), + new BlockCipherVectorTest(2, new RC6Engine(), new KeyParameter(Hex.Decode("000000000000000000000000000000000000001000000000")), "00000000000000000000000000000000", "937fe02d20fcb72f0f57201012b88ba4"), + new BlockCipherVectorTest(3, new RC6Engine(), new KeyParameter(Hex.Decode("00000001000000000000000000000000")), "00000000000000000000000000000000", "8a380594d7396453771a1dfbe2914c8e"), + new BlockCipherVectorTest(4, new RC6Engine(), new KeyParameter(Hex.Decode("1000000000000000000000000000000000000000000000000000000000000000")), "00000000000000000000000000000000", "11395d4bfe4c8258979ee2bf2d24dff4"), + new BlockCipherVectorTest(5, new RC6Engine(), new KeyParameter(Hex.Decode("0000000000000000000000000000000000080000000000000000000000000000")), "00000000000000000000000000000000", "3d6f7e99f6512553bb983e8f75672b97")}; + + public RC6Test() + : base(tests, new RC6Engine(), new KeyParameter(new byte[32])) + { + } + + public static void Main( + string[] args) + { + ITest test = new RC6Test(); + ITestResult result = test.Perform(); + + Console.WriteLine(result); + } + + [Test] + public void TestFunction() + { + string resultText = Perform().ToString(); + + Assert.AreEqual(Name + ": Okay", resultText); + } + } +} diff --git a/BouncyCastle/crypto/test/src/crypto/test/RFC3211WrapTest.cs b/BouncyCastle/crypto/test/src/crypto/test/RFC3211WrapTest.cs new file mode 100644 index 0000000..91dea34 --- /dev/null +++ b/BouncyCastle/crypto/test/src/crypto/test/RFC3211WrapTest.cs @@ -0,0 +1,216 @@ +using System; + +using NUnit.Framework; + +using Org.BouncyCastle.Crypto.Engines; +using Org.BouncyCastle.Crypto.Modes; +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Security; +using Org.BouncyCastle.Utilities; +using Org.BouncyCastle.Utilities.Encoders; +using Org.BouncyCastle.Utilities.Test; + +namespace Org.BouncyCastle.Crypto.Tests +{ + /** + * Wrap Test based on RFC3211 test vectors + */ + [TestFixture] + public class Rfc3211WrapTest + : SimpleTest + { + // Note: These test data assume the Rfc3211WrapEngine will call SecureRandom.NextBytes + + SecureRandom r1 = FixedSecureRandom.From( + new byte[]{ 0xC4, 0x36, 0xF5, 0x41 }); + + SecureRandom r2 = FixedSecureRandom.From( + new byte[]{ 0xFA, 0x06, 0x0A, 0x45 }); + + public override string Name + { + get { return "RFC3211Wrap"; } + } + + private void doWrapTest( + int id, + IBlockCipher engine, + byte[] kek, + byte[] iv, + SecureRandom rand, + byte[] inBytes, + byte[] outBytes) + { + IWrapper wrapper = new Rfc3211WrapEngine(engine); + + wrapper.Init(true, new ParametersWithRandom( + new ParametersWithIV(new KeyParameter(kek), iv), rand)); + + byte[] cText = wrapper.Wrap(inBytes, 0, inBytes.Length); + if (!AreEqual(cText, outBytes)) + { + Fail("failed Wrap test " + id + " expected " + + Hex.ToHexString(outBytes) + " got " + Hex.ToHexString(cText)); + } + + wrapper.Init(false, new ParametersWithIV(new KeyParameter(kek), iv)); + + byte[] pText = wrapper.Unwrap(outBytes, 0, outBytes.Length); + if (!AreEqual(pText, inBytes)) + { + Fail("rfailed Unwrap test " + id + " expected " + + Hex.ToHexString(inBytes) + " got " + Hex.ToHexString(pText)); + } + } + + private void doTestCorruption() + { + byte[] kek = Hex.Decode("D1DAA78615F287E6"); + byte[] iv = Hex.Decode("EFE598EF21B33D6D"); + + IWrapper wrapper = new Rfc3211WrapEngine(new DesEngine()); + + wrapper.Init(false, new ParametersWithIV(new KeyParameter(kek), iv)); + + byte[] block = Hex.Decode("ff739D838C627C897323A2F8C436F541"); + encryptBlock(kek, iv, block); + + try + { + wrapper.Unwrap(block, 0, block.Length); + + Fail("bad length not detected"); + } + catch (InvalidCipherTextException e) + { + if (!e.Message.Equals("wrapped key corrupted")) + { + Fail("wrong exception on length"); + } + } + + block = Hex.Decode("08639D838C627C897323A2F8C436F541"); + doTestChecksum(kek, iv, block, wrapper); + + block = Hex.Decode("08736D838C627C897323A2F8C436F541"); + doTestChecksum(kek, iv, block, wrapper); + + block = Hex.Decode("08739D638C627C897323A2F8C436F541"); + doTestChecksum(kek, iv, block, wrapper); + } + + private void doTestChecksum( + byte[] kek, + byte[] iv, + byte[] block, + IWrapper wrapper) + { + encryptBlock(kek, iv, block); + + try + { + wrapper.Unwrap(block, 0, block.Length); + + Fail("bad checksum not detected"); + } + catch (InvalidCipherTextException e) + { + if (!e.Message.Equals("wrapped key corrupted")) + { + Fail("wrong exception"); + } + } + } + + private void encryptBlock(byte[] key, byte[] iv, byte[] cekBlock) + { + IBlockCipher engine = new CbcBlockCipher(new DesEngine()); + + engine.Init(true, new ParametersWithIV(new KeyParameter(key), iv)); + + for (int i = 0; i < cekBlock.Length; i += 8) + { + engine.ProcessBlock(cekBlock, i, cekBlock, i); + } + + for (int i = 0; i < cekBlock.Length; i += 8) + { + engine.ProcessBlock(cekBlock, i, cekBlock, i); + } + } + + public override void PerformTest() + { + doWrapTest(1, new DesEngine(), Hex.Decode("D1DAA78615F287E6"), Hex.Decode("EFE598EF21B33D6D"), r1, Hex.Decode("8C627C897323A2F8"), Hex.Decode("B81B2565EE373CA6DEDCA26A178B0C10")); + doWrapTest(2, new DesEdeEngine(), Hex.Decode("6A8970BF68C92CAEA84A8DF28510858607126380CC47AB2D"), Hex.Decode("BAF1CA7931213C4E"), r2, + Hex.Decode("8C637D887223A2F965B566EB014B0FA5D52300A3F7EA40FFFC577203C71BAF3B"), + Hex.Decode("C03C514ABDB9E2C5AAC038572B5E24553876B377AAFB82ECA5A9D73F8AB143D9EC74E6CAD7DB260C")); + + doTestCorruption(); + + IWrapper wrapper = new Rfc3211WrapEngine(new DesEngine()); + ParametersWithIV parameters = new ParametersWithIV(new KeyParameter(new byte[16]), new byte[16]); + byte[] buf = new byte[16]; + + try + { + wrapper.Init(true, parameters); + + wrapper.Unwrap(buf, 0, buf.Length); + + Fail("failed Unwrap state test."); + } + catch (InvalidOperationException) + { + // expected + } + catch (InvalidCipherTextException e) + { + Fail("unexpected exception: " + e, e); + } + + try + { + wrapper.Init(false, parameters); + + wrapper.Wrap(buf, 0, buf.Length); + + Fail("failed Unwrap state test."); + } + catch (InvalidOperationException) + { + // expected + } + + // + // short test + // + try + { + wrapper.Init(false, parameters); + + wrapper.Unwrap(buf, 0, buf.Length / 2); + + Fail("failed Unwrap short test."); + } + catch (InvalidCipherTextException) + { + // expected + } + } + + public static void Main( + string[] args) + { + RunTest(new Rfc3211WrapTest()); + } + + [Test] + public void TestFunction() + { + string resultText = Perform().ToString(); + + Assert.AreEqual(Name + ": Okay", resultText); + } + } +} diff --git a/BouncyCastle/crypto/test/src/crypto/test/RSABlindedTest.cs b/BouncyCastle/crypto/test/src/crypto/test/RSABlindedTest.cs new file mode 100644 index 0000000..75b9f3a --- /dev/null +++ b/BouncyCastle/crypto/test/src/crypto/test/RSABlindedTest.cs @@ -0,0 +1,449 @@ +using System; + +using NUnit.Framework; + +using Org.BouncyCastle.Crypto; +using Org.BouncyCastle.Crypto.Digests; +using Org.BouncyCastle.Crypto.Encodings; +using Org.BouncyCastle.Crypto.Engines; +using Org.BouncyCastle.Crypto.Generators; +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Math; +using Org.BouncyCastle.Security; +using Org.BouncyCastle.Utilities.Encoders; +using Org.BouncyCastle.Utilities.Test; + +namespace Org.BouncyCastle.Crypto.Tests +{ + [TestFixture] + public class RsaBlindedTest + : SimpleTest + { + static BigInteger mod = new BigInteger("b259d2d6e627a768c94be36164c2d9fc79d97aab9253140e5bf17751197731d6f7540d2509e7b9ffee0a70a6e26d56e92d2edd7f85aba85600b69089f35f6bdbf3c298e05842535d9f064e6b0391cb7d306e0a2d20c4dfb4e7b49a9640bdea26c10ad69c3f05007ce2513cee44cfe01998e62b6c3637d3fc0391079b26ee36d5", 16); + static BigInteger pubExp = new BigInteger("11", 16); + static BigInteger privExp = new BigInteger("92e08f83cc9920746989ca5034dcb384a094fb9c5a6288fcc4304424ab8f56388f72652d8fafc65a4b9020896f2cde297080f2a540e7b7ce5af0b3446e1258d1dd7f245cf54124b4c6e17da21b90a0ebd22605e6f45c9f136d7a13eaac1c0f7487de8bd6d924972408ebb58af71e76fd7b012a8d0e165f3ae2e5077a8648e619", 16); + static BigInteger p = new BigInteger("f75e80839b9b9379f1cf1128f321639757dba514642c206bbbd99f9a4846208b3e93fbbe5e0527cc59b1d4b929d9555853004c7c8b30ee6a213c3d1bb7415d03", 16); + static BigInteger q = new BigInteger("b892d9ebdbfc37e397256dd8a5d3123534d1f03726284743ddc6be3a709edb696fc40c7d902ed804c6eee730eee3d5b20bf6bd8d87a296813c87d3b3cc9d7947", 16); + static BigInteger pExp = new BigInteger("1d1a2d3ca8e52068b3094d501c9a842fec37f54db16e9a67070a8b3f53cc03d4257ad252a1a640eadd603724d7bf3737914b544ae332eedf4f34436cac25ceb5", 16); + static BigInteger qExp = new BigInteger("6c929e4e81672fef49d9c825163fec97c4b7ba7acb26c0824638ac22605d7201c94625770984f78a56e6e25904fe7db407099cad9b14588841b94f5ab498dded", 16); + static BigInteger crtCoef = new BigInteger("dae7651ee69ad1d081ec5e7188ae126f6004ff39556bde90e0b870962fa7b926d070686d8244fe5a9aa709a95686a104614834b0ada4b10f53197a5cb4c97339", 16); + + static string input = "4e6f77206973207468652074696d6520666f7220616c6c20676f6f64206d656e"; + + // + // to check that we handling byte extension by big number correctly. + // + static string edgeInput = "ff6f77206973207468652074696d6520666f7220616c6c20676f6f64206d656e"; + + static byte[] oversizedSig = Hex.Decode("01ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff004e6f77206973207468652074696d6520666f7220616c6c20676f6f64206d656e"); + static byte[] dudBlock = Hex.Decode("000fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff004e6f77206973207468652074696d6520666f7220616c6c20676f6f64206d656e"); + static byte[] truncatedDataBlock = Hex.Decode("0001ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff004e6f77206973207468652074696d6520666f7220616c6c20676f6f64206d656e"); + static byte[] incorrectPadding = Hex.Decode("0001ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff4e6f77206973207468652074696d6520666f7220616c6c20676f6f64206d656e"); + static byte[] missingDataBlock = Hex.Decode("0001ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff"); + + public override string Name + { + get { return "RSABlinded"; } + } + + private void doTestStrictPkcs1Length(RsaKeyParameters pubParameters, RsaKeyParameters privParameters) + { + IAsymmetricBlockCipher eng = new RsaBlindedEngine(); + + eng.Init(true, privParameters); + + byte[] data = null; + + try + { + data = eng.ProcessBlock(oversizedSig, 0, oversizedSig.Length); + } + catch (Exception e) + { + Fail("RSA: failed - exception " + e.ToString(), e); + } + + eng = new Pkcs1Encoding(eng); + + eng.Init(false, pubParameters); + + try + { + data = eng.ProcessBlock(data, 0, data.Length); + + Fail("oversized signature block not recognised"); + } + catch (InvalidCipherTextException e) + { + if (!e.Message.Equals("block incorrect size")) + { + Fail("RSA: failed - exception " + e.ToString(), e); + } + } + + + // Create the encoding with StrictLengthEnabled=false (done thru environment in Java version) + Pkcs1Encoding.StrictLengthEnabled = false; + + eng = new Pkcs1Encoding(new RsaBlindedEngine()); + + eng.Init(false, pubParameters); + + try + { + data = eng.ProcessBlock(data, 0, data.Length); + } + catch (InvalidCipherTextException e) + { + Fail("RSA: failed - exception " + e.ToString(), e); + } + + Pkcs1Encoding.StrictLengthEnabled = true; + } + + private void doTestTruncatedPkcs1Block(RsaKeyParameters pubParameters, RsaKeyParameters privParameters) + { + checkForPkcs1Exception(pubParameters, privParameters, truncatedDataBlock, "block incorrect"); + } + + private void doTestDudPkcs1Block(RsaKeyParameters pubParameters, RsaKeyParameters privParameters) + { + checkForPkcs1Exception(pubParameters, privParameters, dudBlock, "block incorrect"); + } + + private void doTestWrongPaddingPkcs1Block(RsaKeyParameters pubParameters, RsaKeyParameters privParameters) + { + checkForPkcs1Exception(pubParameters, privParameters, incorrectPadding, "block incorrect"); + } + + private void doTestMissingDataPkcs1Block(RsaKeyParameters pubParameters, RsaKeyParameters privParameters) + { + checkForPkcs1Exception(pubParameters, privParameters, missingDataBlock, "block incorrect"); + } + + private void checkForPkcs1Exception(RsaKeyParameters pubParameters, RsaKeyParameters privParameters, byte[] inputData, string expectedMessage) + { + IAsymmetricBlockCipher eng = new RsaBlindedEngine(); + + eng.Init(true, privParameters); + + byte[] data = null; + + try + { + data = eng.ProcessBlock(inputData, 0, inputData.Length); + } + catch (Exception e) + { + Fail("RSA: failed - exception " + e.ToString(), e); + } + + eng = new Pkcs1Encoding(eng); + + eng.Init(false, pubParameters); + + try + { + data = eng.ProcessBlock(data, 0, data.Length); + + Fail("missing data block not recognised"); + } + catch (InvalidCipherTextException e) + { + if (!e.Message.Equals(expectedMessage)) + { + Fail("RSA: failed - exception " + e.ToString(), e); + } + } + } + + private void doTestOaep(RsaKeyParameters pubParameters, RsaKeyParameters privParameters) + { + // + // OAEP - public encrypt, private decrypt + // + IAsymmetricBlockCipher eng = new OaepEncoding(new RsaBlindedEngine()); + byte[] data = Hex.Decode(input); + + eng.Init(true, pubParameters); + + try + { + data = eng.ProcessBlock(data, 0, data.Length); + } + catch (Exception e) + { + Fail("failed - exception " + e.ToString(), e); + } + + eng.Init(false, privParameters); + + try + { + data = eng.ProcessBlock(data, 0, data.Length); + } + catch (Exception e) + { + Fail("failed - exception " + e.ToString(), e); + } + + if (!input.Equals(Hex.ToHexString(data))) + { + Fail("failed OAEP Test"); + } + } + + public override void PerformTest() + { + RsaKeyParameters pubParameters = new RsaKeyParameters(false, mod, pubExp); + RsaKeyParameters privParameters = new RsaPrivateCrtKeyParameters(mod, pubExp, privExp, p, q, pExp, qExp, crtCoef); + byte[] data = Hex.Decode(edgeInput); + + // + // RAW + // + IAsymmetricBlockCipher eng = new RsaBlindedEngine(); + + eng.Init(true, pubParameters); + + try + { + data = eng.ProcessBlock(data, 0, data.Length); + } + catch (Exception e) + { + Fail("RSA: failed - exception " + e.ToString(), e); + } + + eng.Init(false, privParameters); + + try + { + data = eng.ProcessBlock(data, 0, data.Length); + } + catch (Exception e) + { + Fail("failed - exception " + e.ToString(), e); + } + + if (!edgeInput.Equals(Hex.ToHexString(data))) + { + Fail("failed RAW edge Test"); + } + + data = Hex.Decode(input); + + eng.Init(true, pubParameters); + + try + { + data = eng.ProcessBlock(data, 0, data.Length); + } + catch (Exception e) + { + Fail("failed - exception " + e.ToString(), e); + } + + eng.Init(false, privParameters); + + try + { + data = eng.ProcessBlock(data, 0, data.Length); + } + catch (Exception e) + { + Fail("failed - exception " + e.ToString(), e); + } + + if (!input.Equals(Hex.ToHexString(data))) + { + Fail("failed RAW Test"); + } + + // + // PKCS1 - public encrypt, private decrypt + // + eng = new Pkcs1Encoding(eng); + + eng.Init(true, pubParameters); + + if (eng.GetOutputBlockSize() != ((Pkcs1Encoding)eng).GetUnderlyingCipher().GetOutputBlockSize()) + { + Fail("PKCS1 output block size incorrect"); + } + + try + { + data = eng.ProcessBlock(data, 0, data.Length); + } + catch (Exception e) + { + Fail("failed - exception " + e.ToString(), e); + } + + eng.Init(false, privParameters); + + try + { + data = eng.ProcessBlock(data, 0, data.Length); + } + catch (Exception e) + { + Fail("failed - exception " + e.ToString(), e); + } + + if (!input.Equals(Hex.ToHexString(data))) + { + Fail("failed PKCS1 public/private Test"); + } + + // + // PKCS1 - private encrypt, public decrypt + // + eng = new Pkcs1Encoding(((Pkcs1Encoding)eng).GetUnderlyingCipher()); + + eng.Init(true, privParameters); + + try + { + data = eng.ProcessBlock(data, 0, data.Length); + } + catch (Exception e) + { + Fail("failed - exception " + e.ToString(), e); + } + + eng.Init(false, pubParameters); + + try + { + data = eng.ProcessBlock(data, 0, data.Length); + } + catch (Exception e) + { + Fail("failed - exception " + e.ToString(), e); + } + + if (!input.Equals(Hex.ToHexString(data))) + { + Fail("failed PKCS1 private/public Test"); + } + + // + // key generation test + // + RsaKeyPairGenerator pGen = new RsaKeyPairGenerator(); + RsaKeyGenerationParameters genParam = new RsaKeyGenerationParameters( + BigInteger.ValueOf(0x11), new SecureRandom(), 768, 25); + + pGen.Init(genParam); + + AsymmetricCipherKeyPair pair = pGen.GenerateKeyPair(); + + eng = new RsaBlindedEngine(); + + if (((RsaKeyParameters)pair.Public).Modulus.BitLength < 768) + { + Fail("failed key generation (768) length test"); + } + + eng.Init(true, pair.Public); + + try + { + data = eng.ProcessBlock(data, 0, data.Length); + } + catch (Exception e) + { + Fail("failed - exception " + e.ToString(), e); + } + + eng.Init(false, pair.Private); + + try + { + data = eng.ProcessBlock(data, 0, data.Length); + } + catch (Exception e) + { + Fail("failed - exception " + e.ToString(), e); + } + + if (!input.Equals(Hex.ToHexString(data))) + { + Fail("failed key generation (768) Test"); + } + + genParam = new RsaKeyGenerationParameters(BigInteger.ValueOf(0x11), new SecureRandom(), 1024, 25); + + pGen.Init(genParam); + pair = pGen.GenerateKeyPair(); + + eng.Init(true, pair.Public); + + if (((RsaKeyParameters)pair.Public).Modulus.BitLength < 1024) + { + Fail("failed key generation (1024) length test"); + } + + try + { + data = eng.ProcessBlock(data, 0, data.Length); + } + catch (Exception e) + { + Fail("failed - exception " + e.ToString(), e); + } + + eng.Init(false, pair.Private); + + try + { + data = eng.ProcessBlock(data, 0, data.Length); + } + catch (Exception e) + { + Fail("failed - exception " + e.ToString(), e); + } + + if (!input.Equals(Hex.ToHexString(data))) + { + Fail("failed key generation (1024) test"); + } + + doTestOaep(pubParameters, privParameters); + doTestStrictPkcs1Length(pubParameters, privParameters); + doTestDudPkcs1Block(pubParameters, privParameters); + doTestMissingDataPkcs1Block(pubParameters, privParameters); + doTestTruncatedPkcs1Block(pubParameters, privParameters); + doTestWrongPaddingPkcs1Block(pubParameters, privParameters); + + try + { + new RsaBlindedEngine().ProcessBlock(new byte[]{ 1 }, 0, 1); + Fail("failed initialisation check"); + } + catch (InvalidOperationException) + { + // expected + } + } + + public static void Main( + string[] args) + { + ITest test = new RsaBlindedTest(); + ITestResult result = test.Perform(); + + Console.WriteLine(result); + } + + [Test] + public void TestFunction() + { + string resultText = Perform().ToString(); + + Assert.AreEqual(Name + ": Okay", resultText); + } + } +} diff --git a/BouncyCastle/crypto/test/src/crypto/test/RegressionTest.cs b/BouncyCastle/crypto/test/src/crypto/test/RegressionTest.cs new file mode 100644 index 0000000..edb50da --- /dev/null +++ b/BouncyCastle/crypto/test/src/crypto/test/RegressionTest.cs @@ -0,0 +1,164 @@ +using System; + +using Org.BouncyCastle.Crypto.Tests.Cavp; +using Org.BouncyCastle.Utilities.Test; + +namespace Org.BouncyCastle.Crypto.Tests +{ + public class RegressionTest + { + public static ITest[] tests = new ITest[] + { + new AesTest(), + new AesLightTest(), + new AesFastTest(), + new AesWrapTest(), + new AriaTest(), + new DesTest(), + new DesEdeTest(), + new ModeTest(), + new PaddingTest(), + new DHTest(), + new ElGamalTest(), + new DsaTest(), + new ECTest(), + new DeterministicDsaTest(), + new Gost3410Test(), + new ECGost3410Test(), + new ECGost3410_2012Test(), + new EcIesTest(), + new EcNrTest(), + new MacTest(), + new Gost28147MacTest(), + new RC2Test(), + new RC2WrapTest(), + new RC4Test(), + new RC5Test(), + new RC6Test(), + new RijndaelTest(), + new SerpentTest(), + new TnepresTest(), + new CamelliaTest(), + new CamelliaLightTest(), + new DigestRandomNumberTest(), + new SkipjackTest(), + new BlowfishTest(), + new TwofishTest(), + new Threefish256Test(), + new Threefish512Test(), + new Threefish1024Test(), + new SkeinDigestTest(), + new SkeinMacTest(), + new Cast5Test(), + new Cast6Test(), + new Gost28147Test(), + new IdeaTest(), + new RsaBlindedTest(), + new RsaTest(), + new ISO9796Test(), + new ISO9797Alg3MacTest(), + new MD2DigestTest(), + new MD4DigestTest(), + new MD5DigestTest(), + new PssBlindTest(), + new Sha1DigestTest(), + new Sha224DigestTest(), + new Sha256DigestTest(), + new Sha384DigestTest(), + new Sha512DigestTest(), + new Sha512t224DigestTest(), + new Sha512t256DigestTest(), + new Sha3DigestTest(), + new RipeMD128DigestTest(), + new RipeMD160DigestTest(), + new RipeMD256DigestTest(), + new RipeMD320DigestTest(), + new TigerDigestTest(), + new Gost3411DigestTest(), + new WhirlpoolDigestTest(), + new MD5HMacTest(), + new Sha1HMacTest(), + new Sha224HMacTest(), + new Sha256HMacTest(), + new Sha384HMacTest(), + new Sha512HMacTest(), + new RipeMD128HMacTest(), + new RipeMD160HMacTest(), + new OaepTest(), + new PssTest(), + new CTSTest(), + new CcmTest(), + new Pkcs5Test(), + new Pkcs12Test(), + new Kdf1GeneratorTest(), + new Kdf2GeneratorTest(), + new Mgf1GeneratorTest(), + new HkdfGeneratorTest(), + new DHKekGeneratorTest(), + new ECDHKekGeneratorTest(), + new ShortenedDigestTest(), + new EqualsHashCodeTest(), + new TeaTest(), + new XteaTest(), + new Rfc3211WrapTest(), + new SeedTest(), + new NaccacheSternTest(), + new Salsa20Test(), + new XSalsa20Test(), + new ChaChaTest(), + new ChaCha20Poly1305Test(), + new CMacTest(), + new EaxTest(), + new GcmTest(), + new GMacTest(), + new HCFamilyTest(), + new HCFamilyVecTest(), + new IsaacTest(), + new NoekeonTest(), + new VmpcKsa3Test(), + new VmpcMacTest(), + new VmpcTest(), + new Srp6Test(), + new SCryptTest(), + new NullTest(), + new SipHashTest(), + new Poly1305Test(), + new OcbTest(), + new NonMemoableDigestTest(), + new StreamCipherResetTest(), + new SM3DigestTest(), + new BCryptTest(), + new OpenBsdBCryptTest(), + new X931SignerTest(), + new Blake2bDigestTest(), + new Blake2sDigestTest(), + new KeccakDigestTest(), + new ShakeDigestTest(), + new SM2EngineTest(), + new SM2KeyExchangeTest(), + new SM2SignerTest(), + new SM4Test(), + new X25519Test(), + new X448Test(), + new Ed25519Test(), + new Ed448Test(), + new KdfCounterTests(), + new KdfDoublePipelineTests(), + new KdfFeedbackCounterTests(), + new CShakeTest(), + new KMacTest(), + new GcmSivTest(), + new ParallelHashTest(), + new SP80038GTest(), + new TupleHashTest(), + }; + + public static void Main(string[] args) + { + foreach (ITest test in tests) + { + SimpleTest.RunTest(test); + } + } + } +} diff --git a/BouncyCastle/crypto/test/src/crypto/test/RijndaelTest.cs b/BouncyCastle/crypto/test/src/crypto/test/RijndaelTest.cs new file mode 100644 index 0000000..f714c83 --- /dev/null +++ b/BouncyCastle/crypto/test/src/crypto/test/RijndaelTest.cs @@ -0,0 +1,135 @@ +using System; +using System.Text; + +using NUnit.Framework; + +using Org.BouncyCastle.Crypto.Engines; +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Utilities.Encoders; +using Org.BouncyCastle.Utilities.Test; + +namespace Org.BouncyCastle.Crypto.Tests +{ + /** + * Test vectors from the NIST standard tests and Brian Gladman's vector set + * + * http://fp.gladman.plus.com/cryptography_technology/rijndael/ + */ + [TestFixture] + public class RijndaelTest + : CipherTest + { + static SimpleTest[] tests = + { + new BlockCipherVectorTest(0, new RijndaelEngine(128), + new KeyParameter(Hex.Decode("80000000000000000000000000000000")), + "00000000000000000000000000000000", "0EDD33D3C621E546455BD8BA1418BEC8"), + new BlockCipherVectorTest(1, new RijndaelEngine(128), + new KeyParameter(Hex.Decode("00000000000000000000000000000080")), + "00000000000000000000000000000000", "172AEAB3D507678ECAF455C12587ADB7"), + new BlockCipherMonteCarloTest(2, 10000, new RijndaelEngine(128), + new KeyParameter(Hex.Decode("00000000000000000000000000000000")), + "00000000000000000000000000000000", "C34C052CC0DA8D73451AFE5F03BE297F"), + new BlockCipherMonteCarloTest(3, 10000, new RijndaelEngine(128), + new KeyParameter(Hex.Decode("5F060D3716B345C253F6749ABAC10917")), + "355F697E8B868B65B25A04E18D782AFA", "ACC863637868E3E068D2FD6E3508454A"), + new BlockCipherVectorTest(4, new RijndaelEngine(128), + new KeyParameter(Hex.Decode("000000000000000000000000000000000000000000000000")), + "80000000000000000000000000000000", "6CD02513E8D4DC986B4AFE087A60BD0C"), + new BlockCipherMonteCarloTest(5, 10000, new RijndaelEngine(128), + new KeyParameter(Hex.Decode("AAFE47EE82411A2BF3F6752AE8D7831138F041560631B114")), + "F3F6752AE8D7831138F041560631B114", "77BA00ED5412DFF27C8ED91F3C376172"), + new BlockCipherVectorTest(6, new RijndaelEngine(128), + new KeyParameter(Hex.Decode("0000000000000000000000000000000000000000000000000000000000000000")), + "80000000000000000000000000000000", "DDC6BF790C15760D8D9AEB6F9A75FD4E"), + new BlockCipherMonteCarloTest(7, 10000, new RijndaelEngine(128), + new KeyParameter(Hex.Decode("28E79E2AFC5F7745FCCABE2F6257C2EF4C4EDFB37324814ED4137C288711A386")), + "C737317FE0846F132B23C8C2A672CE22", "E58B82BFBA53C0040DC610C642121168"), + new BlockCipherVectorTest(8, new RijndaelEngine(160), + new KeyParameter(Hex.Decode("2b7e151628aed2a6abf7158809cf4f3c")), + "3243f6a8885a308d313198a2e03707344a409382", "16e73aec921314c29df905432bc8968ab64b1f51"), + new BlockCipherVectorTest(8, new RijndaelEngine(160), + new KeyParameter(Hex.Decode("2b7e151628aed2a6abf7158809cf4f3c762e7160")), + "3243f6a8885a308d313198a2e03707344a409382", "0553eb691670dd8a5a5b5addf1aa7450f7a0e587"), + new BlockCipherVectorTest(8, new RijndaelEngine(160), + new KeyParameter(Hex.Decode("2b7e151628aed2a6abf7158809cf4f3c762e7160f38b4da5")), + "3243f6a8885a308d313198a2e03707344a409382", "73cd6f3423036790463aa9e19cfcde894ea16623"), + new BlockCipherVectorTest(8, new RijndaelEngine(160), + new KeyParameter(Hex.Decode("2b7e151628aed2a6abf7158809cf4f3c762e7160f38b4da56a784d90")), + "3243f6a8885a308d313198a2e03707344a409382", "601b5dcd1cf4ece954c740445340bf0afdc048df"), + new BlockCipherVectorTest(8, new RijndaelEngine(160), + new KeyParameter(Hex.Decode("2b7e151628aed2a6abf7158809cf4f3c762e7160f38b4da56a784d9045190cfe")), + "3243f6a8885a308d313198a2e03707344a409382", "579e930b36c1529aa3e86628bacfe146942882cf"), + new BlockCipherVectorTest(8, new RijndaelEngine(192), + new KeyParameter(Hex.Decode("2b7e151628aed2a6abf7158809cf4f3c")), + "3243f6a8885a308d313198a2e03707344a4093822299f31d", "b24d275489e82bb8f7375e0d5fcdb1f481757c538b65148a"), + new BlockCipherVectorTest(9, new RijndaelEngine(192), + new KeyParameter(Hex.Decode("2b7e151628aed2a6abf7158809cf4f3c762e7160f38b4da5")), + "3243f6a8885a308d313198a2e03707344a4093822299f31d", "725ae43b5f3161de806a7c93e0bca93c967ec1ae1b71e1cf"), + new BlockCipherVectorTest(10, new RijndaelEngine(192), + new KeyParameter(Hex.Decode("2b7e151628aed2a6abf7158809cf4f3c762e7160f38b4da56a784d90")), + "3243f6a8885a308d313198a2e03707344a4093822299f31d", "bbfc14180afbf6a36382a061843f0b63e769acdc98769130"), + new BlockCipherVectorTest(11, new RijndaelEngine(192), + new KeyParameter(Hex.Decode("2b7e151628aed2a6abf7158809cf4f3c762e7160f38b4da56a784d9045190cfe")), + "3243f6a8885a308d313198a2e03707344a4093822299f31d", "0ebacf199e3315c2e34b24fcc7c46ef4388aa475d66c194c"), + new BlockCipherVectorTest(12, new RijndaelEngine(224), + new KeyParameter(Hex.Decode("2b7e151628aed2a6abf7158809cf4f3c")), + "3243f6a8885a308d313198a2e03707344a4093822299f31d0082efa9", "b0a8f78f6b3c66213f792ffd2a61631f79331407a5e5c8d3793aceb1"), + new BlockCipherVectorTest(13, new RijndaelEngine(224), + new KeyParameter(Hex.Decode("2b7e151628aed2a6abf7158809cf4f3c762e7160")), + "3243f6a8885a308d313198a2e03707344a4093822299f31d0082efa9", "08b99944edfce33a2acb131183ab0168446b2d15e958480010f545e3"), + new BlockCipherVectorTest(14, new RijndaelEngine(224), + new KeyParameter(Hex.Decode("2b7e151628aed2a6abf7158809cf4f3c762e7160f38b4da5")), + "3243f6a8885a308d313198a2e03707344a4093822299f31d0082efa9", "be4c597d8f7efe22a2f7e5b1938e2564d452a5bfe72399c7af1101e2"), + new BlockCipherVectorTest(15, new RijndaelEngine(224), + new KeyParameter(Hex.Decode("2b7e151628aed2a6abf7158809cf4f3c762e7160f38b4da56a784d90")), + "3243f6a8885a308d313198a2e03707344a4093822299f31d0082efa9", "ef529598ecbce297811b49bbed2c33bbe1241d6e1a833dbe119569e8"), + new BlockCipherVectorTest(16, new RijndaelEngine(224), + new KeyParameter(Hex.Decode("2b7e151628aed2a6abf7158809cf4f3c762e7160f38b4da56a784d9045190cfe")), + "3243f6a8885a308d313198a2e03707344a4093822299f31d0082efa9", "02fafc200176ed05deb8edb82a3555b0b10d47a388dfd59cab2f6c11"), + new BlockCipherVectorTest(17, new RijndaelEngine(256), + new KeyParameter(Hex.Decode("2b7e151628aed2a6abf7158809cf4f3c")), + "3243f6a8885a308d313198a2e03707344a4093822299f31d0082efa98ec4e6c8", "7d15479076b69a46ffb3b3beae97ad8313f622f67fedb487de9f06b9ed9c8f19"), + new BlockCipherVectorTest(18, new RijndaelEngine(256), + new KeyParameter(Hex.Decode("2b7e151628aed2a6abf7158809cf4f3c762e7160")), + "3243f6a8885a308d313198a2e03707344a4093822299f31d0082efa98ec4e6c8", "514f93fb296b5ad16aa7df8b577abcbd484decacccc7fb1f18dc567309ceeffd"), + new BlockCipherVectorTest(19, new RijndaelEngine(256), + new KeyParameter(Hex.Decode("2b7e151628aed2a6abf7158809cf4f3c762e7160f38b4da5")), + "3243f6a8885a308d313198a2e03707344a4093822299f31d0082efa98ec4e6c8", "5d7101727bb25781bf6715b0e6955282b9610e23a43c2eb062699f0ebf5887b2"), + new BlockCipherVectorTest(20, new RijndaelEngine(256), + new KeyParameter(Hex.Decode("2b7e151628aed2a6abf7158809cf4f3c762e7160f38b4da56a784d90")), + "3243f6a8885a308d313198a2e03707344a4093822299f31d0082efa98ec4e6c8", "d56c5a63627432579e1dd308b2c8f157b40a4bfb56fea1377b25d3ed3d6dbf80"), + new BlockCipherVectorTest(21, new RijndaelEngine(256), + new KeyParameter(Hex.Decode("2b7e151628aed2a6abf7158809cf4f3c762e7160f38b4da56a784d9045190cfe")), + "3243f6a8885a308d313198a2e03707344a4093822299f31d0082efa98ec4e6c8", "a49406115dfb30a40418aafa4869b7c6a886ff31602a7dd19c889dc64f7e4e7a") + }; + + public RijndaelTest() + : base(tests, new RijndaelEngine(128), new KeyParameter(new byte[16])) + { + } + + public override string Name + { + get { return "Rijndael"; } + } + + public static void Main( + string[] args) + { + ITest test = new RijndaelTest(); + ITestResult result = test.Perform(); + + Console.WriteLine(result); + } + + [Test] + public void TestFunction() + { + string resultText = Perform().ToString(); + + Assert.AreEqual(Name + ": Okay", resultText); + } + } + +} diff --git a/BouncyCastle/crypto/test/src/crypto/test/RipeMD128DigestTest.cs b/BouncyCastle/crypto/test/src/crypto/test/RipeMD128DigestTest.cs new file mode 100644 index 0000000..ead4f06 --- /dev/null +++ b/BouncyCastle/crypto/test/src/crypto/test/RipeMD128DigestTest.cs @@ -0,0 +1,74 @@ +using System; + +using NUnit.Framework; + +using Org.BouncyCastle.Crypto; +using Org.BouncyCastle.Crypto.Digests; +using Org.BouncyCastle.Utilities.Encoders; +using Org.BouncyCastle.Utilities.Test; + +namespace Org.BouncyCastle.Crypto.Tests +{ + /** + * RIPEMD128 Digest Test + */ + [TestFixture] + public class RipeMD128DigestTest + : DigestTest + { + readonly static string[] messages = { + "", + "a", + "abc", + "message digest", + "abcdefghijklmnopqrstuvwxyz", + "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq", + "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789", + "12345678901234567890123456789012345678901234567890123456789012345678901234567890" + }; + + readonly static string[] digests = { + "cdf26213a150dc3ecb610f18f6b38b46", + "86be7afa339d0fc7cfc785e72f578d33", + "c14a12199c66e4ba84636b0f69144c77", + "9e327b3d6e523062afc1132d7df9d1b8", + "fd2aa607f71dc8f510714922b371834e", + "a1aa0689d0fafa2ddc22e88b49133a06", + "d1e959eb179c911faea4624c60c5c702", + "3f45ef194732c2dbb2c4a2c769795fa3" + }; + + readonly static String million_a_digest = "4a7f5723f954eba1216c9d8f6320431f"; + + public RipeMD128DigestTest() + : base(new RipeMD128Digest(), messages, digests) + { + } + + public override void PerformTest() + { + base.PerformTest(); + + millionATest(million_a_digest); + } + + protected override IDigest CloneDigest(IDigest digest) + { + return new RipeMD128Digest((RipeMD128Digest)digest); + } + + public static void Main( + string[] args) + { + RunTest(new RipeMD128DigestTest()); + } + + [Test] + public void TestFunction() + { + string resultText = Perform().ToString(); + + Assert.AreEqual(Name + ": Okay", resultText); + } + } +} diff --git a/BouncyCastle/crypto/test/src/crypto/test/RipeMD128HMacTest.cs b/BouncyCastle/crypto/test/src/crypto/test/RipeMD128HMacTest.cs new file mode 100644 index 0000000..2f6a2d9 --- /dev/null +++ b/BouncyCastle/crypto/test/src/crypto/test/RipeMD128HMacTest.cs @@ -0,0 +1,100 @@ +using System; +using System.Text; + +using NUnit.Framework; + +using Org.BouncyCastle.Crypto; +using Org.BouncyCastle.Crypto.Digests; +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Crypto.Macs; +using Org.BouncyCastle.Utilities; +using Org.BouncyCastle.Utilities.Encoders; +using Org.BouncyCastle.Utilities.Test; + +namespace Org.BouncyCastle.Crypto.Tests +{ + /** + * RipeMD128 HMac Test, test vectors from RFC 2286 + */ + [TestFixture] + public class RipeMD128HMacTest: ITest + { + readonly static string[] keys = + { + "0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b", + "4a656665", + "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", + "0102030405060708090a0b0c0d0e0f10111213141516171819", + "0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c", + "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", + "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" + }; + + readonly static string[] digests = { + "fbf61f9492aa4bbf81c172e84e0734db", + "875f828862b6b334b427c55f9f7ff09b", + "09f0b2846d2f543da363cbec8d62a38d", + "bdbbd7cf03e44b5aa60af815be4d2294", + "e79808f24b25fd031c155f0d551d9a3a", + "dc732928de98104a1f59d373c150acbb", + "5c6bec96793e16d40690c237635f30c5" + }; + + readonly static string[] messages = { + "Hi There", + "what do ya want for nothing?", + "0xdddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddd", + "0xcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcd", + "Test With Truncation", + "Test Using Larger Than Block-Size Key - Hash Key First", + "Test Using Larger Than Block-Size Key and Larger Than One Block-Size Data" + }; + + public string Name + { + get { return "RipeMD128HMac"; } + } + + public ITestResult Perform() + { + HMac hmac = new HMac(new RipeMD128Digest()); + byte[] resBuf = new byte[hmac.GetMacSize()]; + + for (int i = 0; i < messages.Length; i++) + { + byte[] m = Encoding.ASCII.GetBytes(messages[i]); + if (messages[i].StartsWith("0x")) + { + m = Hex.Decode(messages[i].Substring(2)); + } + hmac.Init(new KeyParameter(Hex.Decode(keys[i]))); + hmac.BlockUpdate(m, 0, m.Length); + hmac.DoFinal(resBuf, 0); + + if (!Arrays.AreEqual(resBuf, Hex.Decode(digests[i]))) + { + return new SimpleTestResult(false, Name + ": Vector " + i + " failed"); + } + } + + return new SimpleTestResult(true, Name + ": Okay"); + } + + public static void Main( + string[] args) + { + ITest test = new RipeMD128HMacTest(); + ITestResult result = test.Perform(); + + Console.WriteLine(result); + } + + [Test] + public void TestFunction() + { + string resultText = Perform().ToString(); + + Assert.AreEqual(Name + ": Okay", resultText); + } + } +} diff --git a/BouncyCastle/crypto/test/src/crypto/test/RipeMD160DigestTest.cs b/BouncyCastle/crypto/test/src/crypto/test/RipeMD160DigestTest.cs new file mode 100644 index 0000000..15e53f2 --- /dev/null +++ b/BouncyCastle/crypto/test/src/crypto/test/RipeMD160DigestTest.cs @@ -0,0 +1,74 @@ +using System; + +using NUnit.Framework; + +using Org.BouncyCastle.Crypto; +using Org.BouncyCastle.Crypto.Digests; +using Org.BouncyCastle.Utilities.Encoders; +using Org.BouncyCastle.Utilities.Test; + +namespace Org.BouncyCastle.Crypto.Tests +{ + /** + * RIPEMD160 Digest Test + */ + [TestFixture] + public class RipeMD160DigestTest + : DigestTest + { + readonly static string[] messages = { + "", + "a", + "abc", + "message digest", + "abcdefghijklmnopqrstuvwxyz", + "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq", + "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789", + "12345678901234567890123456789012345678901234567890123456789012345678901234567890" + }; + + readonly static string[] digests = { + "9c1185a5c5e9fc54612808977ee8f548b2258d31", + "0bdc9d2d256b3ee9daae347be6f4dc835a467ffe", + "8eb208f7e05d987a9b044a8e98c6b087f15a0bfc", + "5d0689ef49d2fae572b881b123a85ffa21595f36", + "f71c27109c692c1b56bbdceb5b9d2865b3708dbc", + "12a053384a9c0c88e405a06c27dcf49ada62eb2b", + "b0e20b6e3116640286ed3a87a5713079b21f5189", + "9b752e45573d4b39f4dbd3323cab82bf63326bfb" + }; + + readonly static string million_a_digest = "52783243c1697bdbe16d37f97f68f08325dc1528"; + + public RipeMD160DigestTest() + : base(new RipeMD160Digest(), messages, digests) + { + } + + public override void PerformTest() + { + base.PerformTest(); + + millionATest(million_a_digest); + } + + protected override IDigest CloneDigest(IDigest digest) + { + return new RipeMD160Digest((RipeMD160Digest)digest); + } + + public static void Main( + string[] args) + { + RunTest(new RipeMD160DigestTest()); + } + + [Test] + public void TestFunction() + { + string resultText = Perform().ToString(); + + Assert.AreEqual(Name + ": Okay", resultText); + } + } +} diff --git a/BouncyCastle/crypto/test/src/crypto/test/RipeMD160HMacTest.cs b/BouncyCastle/crypto/test/src/crypto/test/RipeMD160HMacTest.cs new file mode 100644 index 0000000..cc87a53 --- /dev/null +++ b/BouncyCastle/crypto/test/src/crypto/test/RipeMD160HMacTest.cs @@ -0,0 +1,102 @@ +using System; +using System.Text; + +using NUnit.Framework; + +using Org.BouncyCastle.Crypto; +using Org.BouncyCastle.Crypto.Digests; +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Crypto.Macs; +using Org.BouncyCastle.Utilities; +using Org.BouncyCastle.Utilities.Encoders; +using Org.BouncyCastle.Utilities.Test; + +namespace Org.BouncyCastle.Crypto.Tests +{ + /** + * RipeMD160 HMac Test, test vectors from RFC 2286 + */ + [TestFixture] + public class RipeMD160HMacTest + : ITest + { + readonly static string[] keys = + { + "0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b", + "4a656665", + "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", + "0102030405060708090a0b0c0d0e0f10111213141516171819", + "0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c", + "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", + "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" + }; + + readonly static string[] digests = { + "24cb4bd67d20fc1a5d2ed7732dcc39377f0a5668", + "dda6c0213a485a9e24f4742064a7f033b43c4069", + "b0b105360de759960ab4f35298e116e295d8e7c1", + "d5ca862f4d21d5e610e18b4cf1beb97a4365ecf4", + "7619693978f91d90539ae786500ff3d8e0518e39", + "6466ca07ac5eac29e1bd523e5ada7605b791fd8b", + "69ea60798d71616cce5fd0871e23754cd75d5a0a" + }; + + readonly static string[] messages = { + "Hi There", + "what do ya want for nothing?", + "0xdddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddd", + "0xcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcd", + "Test With Truncation", + "Test Using Larger Than Block-Size Key - Hash Key First", + "Test Using Larger Than Block-Size Key and Larger Than One Block-Size Data" + }; + + public string Name + { + get { return "RipeMD160HMac"; } + } + + public ITestResult Perform() + { + HMac hmac = new HMac(new RipeMD160Digest()); + byte[] resBuf = new byte[hmac.GetMacSize()]; + + for (int i = 0; i < messages.Length; i++) + { + byte[] m = Encoding.ASCII.GetBytes(messages[i]); + if (messages[i].StartsWith("0x")) + { + m = Hex.Decode(messages[i].Substring(2)); + } + hmac.Init(new KeyParameter(Hex.Decode(keys[i]))); + hmac.BlockUpdate(m, 0, m.Length); + hmac.DoFinal(resBuf, 0); + + if (!Arrays.AreEqual(resBuf, Hex.Decode(digests[i]))) + { + return new SimpleTestResult(false, Name + ": Vector " + i + " failed"); + } + } + + return new SimpleTestResult(true, Name + ": Okay"); + } + + public static void Main( + string[] args) + { + ITest test = new RipeMD160HMacTest(); + ITestResult result = test.Perform(); + + Console.WriteLine(result); + } + + [Test] + public void TestFunction() + { + string resultText = Perform().ToString(); + + Assert.AreEqual(Name + ": Okay", resultText); + } + } + +} diff --git a/BouncyCastle/crypto/test/src/crypto/test/RipeMD256DigestTest.cs b/BouncyCastle/crypto/test/src/crypto/test/RipeMD256DigestTest.cs new file mode 100644 index 0000000..5b3e6b1 --- /dev/null +++ b/BouncyCastle/crypto/test/src/crypto/test/RipeMD256DigestTest.cs @@ -0,0 +1,74 @@ +using System; + +using NUnit.Framework; + +using Org.BouncyCastle.Crypto; +using Org.BouncyCastle.Crypto.Digests; +using Org.BouncyCastle.Utilities.Encoders; +using Org.BouncyCastle.Utilities.Test; + +namespace Org.BouncyCastle.Crypto.Tests +{ + /** + * RIPEMD256 Digest Test + */ + [TestFixture] + public class RipeMD256DigestTest + : DigestTest + { + readonly static string[] messages = { + "", + "a", + "abc", + "message digest", + "abcdefghijklmnopqrstuvwxyz", + "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq", + "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789", + "12345678901234567890123456789012345678901234567890123456789012345678901234567890" + }; + + readonly static string[] digests = { + "02ba4c4e5f8ecd1877fc52d64d30e37a2d9774fb1e5d026380ae0168e3c5522d", + "f9333e45d857f5d90a91bab70a1eba0cfb1be4b0783c9acfcd883a9134692925", + "afbd6e228b9d8cbbcef5ca2d03e6dba10ac0bc7dcbe4680e1e42d2e975459b65", + "87e971759a1ce47a514d5c914c392c9018c7c46bc14465554afcdf54a5070c0e", + "649d3034751ea216776bf9a18acc81bc7896118a5197968782dd1fd97d8d5133", + "3843045583aac6c8c8d9128573e7a9809afb2a0f34ccc36ea9e72f16f6368e3f", + "5740a408ac16b720b84424ae931cbb1fe363d1d0bf4017f1a89f7ea6de77a0b8", + "06fdcc7a409548aaf91368c06a6275b553e3f099bf0ea4edfd6778df89a890dd" + }; + + readonly static string million_a_digest = "ac953744e10e31514c150d4d8d7b677342e33399788296e43ae4850ce4f97978"; + + public RipeMD256DigestTest() + : base(new RipeMD256Digest(), messages, digests) + { + } + + public override void PerformTest() + { + base.PerformTest(); + + millionATest(million_a_digest); + } + + protected override IDigest CloneDigest(IDigest digest) + { + return new RipeMD256Digest((RipeMD256Digest)digest); + } + + public static void Main( + string[] args) + { + RunTest(new RipeMD256DigestTest()); + } + + [Test] + public void TestFunction() + { + string resultText = Perform().ToString(); + + Assert.AreEqual(Name + ": Okay", resultText); + } + } +} diff --git a/BouncyCastle/crypto/test/src/crypto/test/RipeMD320DigestTest.cs b/BouncyCastle/crypto/test/src/crypto/test/RipeMD320DigestTest.cs new file mode 100644 index 0000000..047d68a --- /dev/null +++ b/BouncyCastle/crypto/test/src/crypto/test/RipeMD320DigestTest.cs @@ -0,0 +1,74 @@ +using System; + +using NUnit.Framework; + +using Org.BouncyCastle.Crypto; +using Org.BouncyCastle.Crypto.Digests; +using Org.BouncyCastle.Utilities.Encoders; +using Org.BouncyCastle.Utilities.Test; + +namespace Org.BouncyCastle.Crypto.Tests +{ + /** + * RIPEMD320 Digest Test + */ + [TestFixture] + public class RipeMD320DigestTest + : DigestTest + { + readonly static string[] messages = { + "", + "a", + "abc", + "message digest", + "abcdefghijklmnopqrstuvwxyz", + "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq", + "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789", + "12345678901234567890123456789012345678901234567890123456789012345678901234567890" + }; + + readonly static string[] digests = { + "22d65d5661536cdc75c1fdf5c6de7b41b9f27325ebc61e8557177d705a0ec880151c3a32a00899b8", + "ce78850638f92658a5a585097579926dda667a5716562cfcf6fbe77f63542f99b04705d6970dff5d", + "de4c01b3054f8930a79d09ae738e92301e5a17085beffdc1b8d116713e74f82fa942d64cdbc4682d", + "3a8e28502ed45d422f68844f9dd316e7b98533fa3f2a91d29f84d425c88d6b4eff727df66a7c0197", + "cabdb1810b92470a2093aa6bce05952c28348cf43ff60841975166bb40ed234004b8824463e6b009", + "d034a7950cf722021ba4b84df769a5de2060e259df4c9bb4a4268c0e935bbc7470a969c9d072a1ac", + "ed544940c86d67f250d232c30b7b3e5770e0c60c8cb9a4cafe3b11388af9920e1b99230b843c86a4", + "557888af5f6d8ed62ab66945c6d2a0a47ecd5341e915eb8fea1d0524955f825dc717e4a008ab2d42" + }; + + readonly static string million_a_digest = "bdee37f4371e20646b8b0d862dda16292ae36f40965e8c8509e63d1dbddecc503e2b63eb9245bb66"; + + public RipeMD320DigestTest() + : base(new RipeMD320Digest(), messages, digests) + { + } + + public override void PerformTest() + { + base.PerformTest(); + + millionATest(million_a_digest); + } + + protected override IDigest CloneDigest(IDigest digest) + { + return new RipeMD320Digest((RipeMD320Digest)digest); + } + + public static void Main( + string[] args) + { + RunTest(new RipeMD320DigestTest()); + } + + [Test] + public void TestFunction() + { + string resultText = Perform().ToString(); + + Assert.AreEqual(Name + ": Okay", resultText); + } + } +} diff --git a/BouncyCastle/crypto/test/src/crypto/test/RsaTest.cs b/BouncyCastle/crypto/test/src/crypto/test/RsaTest.cs new file mode 100644 index 0000000..ace60b2 --- /dev/null +++ b/BouncyCastle/crypto/test/src/crypto/test/RsaTest.cs @@ -0,0 +1,764 @@ +using System; + +using NUnit.Framework; + +using Org.BouncyCastle.Crypto; +using Org.BouncyCastle.Crypto.Digests; +using Org.BouncyCastle.Crypto.Encodings; +using Org.BouncyCastle.Crypto.Engines; +using Org.BouncyCastle.Crypto.Generators; +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Math; +using Org.BouncyCastle.Security; +using Org.BouncyCastle.Utilities; +using Org.BouncyCastle.Utilities.Encoders; +using Org.BouncyCastle.Utilities.Test; + +namespace Org.BouncyCastle.Crypto.Tests +{ + [TestFixture] + public class RsaTest + : SimpleTest + { + /* + * Based on https://github.com/crocs-muni/roca/blob/master/java/BrokenKey.java + * Credits: ported to Java by Martin Paljak + */ + internal class BrokenKey_CVE_2017_15361 + { + private static readonly int[] prims = new int[]{ 3, 5, 7, 11, 13, 17, 19, 23, 29, 31, 37, 41, 43, 47, 53, 59, 61, + 67, 71, 73, 79, 83, 89, 97, 101, 103, 107, 109, 113, 127, 131, 137, 139, 149, 151, 157, 163, 167 }; + private static readonly BigInteger[] primes = new BigInteger[prims.Length]; + + static BrokenKey_CVE_2017_15361() + { + for (int i = 0; i < prims.Length; i++) + { + primes[i] = BigInteger.ValueOf(prims[i]); + } + } + + private static readonly BigInteger[] markers = new BigInteger[] + { + new BigInteger("6"), + new BigInteger("30"), + new BigInteger("126"), + new BigInteger("1026"), + new BigInteger("5658"), + new BigInteger("107286"), + new BigInteger("199410"), + new BigInteger("8388606"), + new BigInteger("536870910"), + new BigInteger("2147483646"), + new BigInteger("67109890"), + new BigInteger("2199023255550"), + new BigInteger("8796093022206"), + new BigInteger("140737488355326"), + new BigInteger("5310023542746834"), + new BigInteger("576460752303423486"), + new BigInteger("1455791217086302986"), + new BigInteger("147573952589676412926"), + new BigInteger("20052041432995567486"), + new BigInteger("6041388139249378920330"), + new BigInteger("207530445072488465666"), + new BigInteger("9671406556917033397649406"), + new BigInteger("618970019642690137449562110"), + new BigInteger("79228162521181866724264247298"), + new BigInteger("2535301200456458802993406410750"), + new BigInteger("1760368345969468176824550810518"), + new BigInteger("50079290986288516948354744811034"), + new BigInteger("473022961816146413042658758988474"), + new BigInteger("10384593717069655257060992658440190"), + new BigInteger("144390480366845522447407333004847678774"), + new BigInteger("2722258935367507707706996859454145691646"), + new BigInteger("174224571863520493293247799005065324265470"), + new BigInteger("696898287454081973172991196020261297061886"), + new BigInteger("713623846352979940529142984724747568191373310"), + new BigInteger("1800793591454480341970779146165214289059119882"), + new BigInteger("126304807362733370595828809000324029340048915994"), + new BigInteger("11692013098647223345629478661730264157247460343806"), + new BigInteger("187072209578355573530071658587684226515959365500926") + }; + + public static bool IsAffected(RsaKeyParameters publicKey) + { + BigInteger modulus = publicKey.Modulus; + + for (int i = 0; i < primes.Length; i++) + { + int remainder = modulus.Remainder(primes[i]).IntValue; + if (!markers[i].TestBit(remainder)) + { + return false; + } + } + + return true; + } + } + + static BigInteger mod = new BigInteger("b259d2d6e627a768c94be36164c2d9fc79d97aab9253140e5bf17751197731d6f7540d2509e7b9ffee0a70a6e26d56e92d2edd7f85aba85600b69089f35f6bdbf3c298e05842535d9f064e6b0391cb7d306e0a2d20c4dfb4e7b49a9640bdea26c10ad69c3f05007ce2513cee44cfe01998e62b6c3637d3fc0391079b26ee36d5", 16); + static BigInteger pubExp = new BigInteger("11", 16); + static BigInteger privExp = new BigInteger("92e08f83cc9920746989ca5034dcb384a094fb9c5a6288fcc4304424ab8f56388f72652d8fafc65a4b9020896f2cde297080f2a540e7b7ce5af0b3446e1258d1dd7f245cf54124b4c6e17da21b90a0ebd22605e6f45c9f136d7a13eaac1c0f7487de8bd6d924972408ebb58af71e76fd7b012a8d0e165f3ae2e5077a8648e619", 16); + static BigInteger p = new BigInteger("f75e80839b9b9379f1cf1128f321639757dba514642c206bbbd99f9a4846208b3e93fbbe5e0527cc59b1d4b929d9555853004c7c8b30ee6a213c3d1bb7415d03", 16); + static BigInteger q = new BigInteger("b892d9ebdbfc37e397256dd8a5d3123534d1f03726284743ddc6be3a709edb696fc40c7d902ed804c6eee730eee3d5b20bf6bd8d87a296813c87d3b3cc9d7947", 16); + static BigInteger pExp = new BigInteger("1d1a2d3ca8e52068b3094d501c9a842fec37f54db16e9a67070a8b3f53cc03d4257ad252a1a640eadd603724d7bf3737914b544ae332eedf4f34436cac25ceb5", 16); + static BigInteger qExp = new BigInteger("6c929e4e81672fef49d9c825163fec97c4b7ba7acb26c0824638ac22605d7201c94625770984f78a56e6e25904fe7db407099cad9b14588841b94f5ab498dded", 16); + static BigInteger crtCoef = new BigInteger("dae7651ee69ad1d081ec5e7188ae126f6004ff39556bde90e0b870962fa7b926d070686d8244fe5a9aa709a95686a104614834b0ada4b10f53197a5cb4c97339", 16); + + static string input = "4e6f77206973207468652074696d6520666f7220616c6c20676f6f64206d656e"; + + // + // to check that we handling byte extension by big number correctly. + // + static string edgeInput = "ff6f77206973207468652074696d6520666f7220616c6c20676f6f64206d656e"; + + static byte[] oversizedSig = Hex.Decode("01ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff004e6f77206973207468652074696d6520666f7220616c6c20676f6f64206d656e"); + static byte[] dudBlock = Hex.Decode("000fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff004e6f77206973207468652074696d6520666f7220616c6c20676f6f64206d656e"); + static byte[] truncatedDataBlock = Hex.Decode("0001ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff004e6f77206973207468652074696d6520666f7220616c6c20676f6f64206d656e"); + static byte[] incorrectPadding = Hex.Decode("0001ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff4e6f77206973207468652074696d6520666f7220616c6c20676f6f64206d656e"); + static byte[] missingDataBlock = Hex.Decode("0001ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff"); + + public override string Name + { + get { return "RSA"; } + } + + private void doTestStrictPkcs1Length(RsaKeyParameters pubParameters, RsaKeyParameters privParameters) + { + IAsymmetricBlockCipher eng = new RsaEngine(); + + eng.Init(true, privParameters); + + byte[] data = null; + byte[] overSized = null; + + try + { + overSized = data = eng.ProcessBlock(oversizedSig, 0, oversizedSig.Length); + } + catch (Exception e) + { + Fail("RSA: failed - exception " + e.ToString(), e); + } + + eng = new Pkcs1Encoding(eng); + + eng.Init(false, pubParameters); + + try + { + data = eng.ProcessBlock(overSized, 0, overSized.Length); + + Fail("oversized signature block not recognised"); + } + catch (InvalidCipherTextException e) + { + if (!e.Message.Equals("block incorrect size")) + { + Fail("RSA: failed - exception " + e.ToString(), e); + } + } + + eng = new Pkcs1Encoding(new RsaEngine(), Hex.Decode("feedbeeffeedbeeffeedbeef")); + eng.Init(false, new ParametersWithRandom(privParameters, new SecureRandom())); + + try + { + data = eng.ProcessBlock(overSized, 0, overSized.Length); + IsTrue("not fallback", Arrays.AreEqual(Hex.Decode("feedbeeffeedbeeffeedbeef"), data)); + } + catch (InvalidCipherTextException e) + { + Fail("RSA: failed - exception " + e.ToString(), e); + } + + + // Create the encoding with StrictLengthEnabled=false (done thru environment in Java version) + Pkcs1Encoding.StrictLengthEnabled = false; + + eng = new Pkcs1Encoding(new RsaEngine()); + + eng.Init(false, pubParameters); + + try + { + data = eng.ProcessBlock(overSized, 0, overSized.Length); + } + catch (InvalidCipherTextException e) + { + Fail("RSA: failed - exception " + e.ToString(), e); + } + + Pkcs1Encoding.StrictLengthEnabled = true; + } + + private void doTestTruncatedPkcs1Block(RsaKeyParameters pubParameters, RsaKeyParameters privParameters) + { + checkForPkcs1Exception(pubParameters, privParameters, truncatedDataBlock, "block incorrect"); + } + + private void doTestDudPkcs1Block(RsaKeyParameters pubParameters, RsaKeyParameters privParameters) + { + checkForPkcs1Exception(pubParameters, privParameters, dudBlock, "block incorrect"); + } + + private void doTestWrongPaddingPkcs1Block(RsaKeyParameters pubParameters, RsaKeyParameters privParameters) + { + checkForPkcs1Exception(pubParameters, privParameters, incorrectPadding, "block incorrect"); + } + + private void doTestMissingDataPkcs1Block(RsaKeyParameters pubParameters, RsaKeyParameters privParameters) + { + checkForPkcs1Exception(pubParameters, privParameters, missingDataBlock, "block incorrect"); + } + + private void checkForPkcs1Exception(RsaKeyParameters pubParameters, RsaKeyParameters privParameters, byte[] inputData, string expectedMessage) + { + IAsymmetricBlockCipher eng = new RsaEngine(); + + eng.Init(true, privParameters); + + byte[] data = null; + + try + { + data = eng.ProcessBlock(inputData, 0, inputData.Length); + } + catch (Exception e) + { + Fail("RSA: failed - exception " + e.ToString(), e); + } + + eng = new Pkcs1Encoding(eng); + + eng.Init(false, pubParameters); + + try + { + data = eng.ProcessBlock(data, 0, data.Length); + + Fail("missing data block not recognised"); + } + catch (InvalidCipherTextException e) + { + if (!e.Message.Equals(expectedMessage)) + { + Fail("RSA: failed - exception " + e.ToString(), e); + } + } + } + + private void doTestOaep(RsaKeyParameters pubParameters, RsaKeyParameters privParameters) + { + // + // OAEP - public encrypt, private decrypt + // + IAsymmetricBlockCipher eng = new OaepEncoding(new RsaEngine()); + byte[] data = Hex.Decode(input); + + eng.Init(true, pubParameters); + + try + { + data = eng.ProcessBlock(data, 0, data.Length); + } + catch (Exception e) + { + Fail("failed - exception " + e.ToString(), e); + } + + eng.Init(false, privParameters); + + try + { + data = eng.ProcessBlock(data, 0, data.Length); + } + catch (Exception e) + { + Fail("failed - exception " + e.ToString(), e); + } + + if (!input.Equals(Hex.ToHexString(data))) + { + Fail("failed OAEP Test"); + } + + // check for oversized input + byte[] message = new byte[87]; + RsaEngine rsaEngine = new RsaEngine(); + IAsymmetricBlockCipher cipher = new OaepEncoding(rsaEngine, new Sha1Digest(), new Sha1Digest(), message); + cipher.Init(true, new ParametersWithRandom(pubParameters, new SecureRandom())); + + try + { + cipher.ProcessBlock(message, 0, message.Length); + + Fail("no exception thrown"); + } + catch (DataLengthException e) + { + IsTrue("message mismatch", "input data too long".Equals(e.Message)); + } + catch (InvalidCipherTextException e) + { + Fail("failed - exception " + e.ToString(), e); + } + } + + // TODO Move this when other JCE tests are ported from Java + /** + * signature with a "forged signature" (sig block not at end of plain text) + */ + private void doTestBadSig()//PrivateKey priv, PublicKey pub) + { +// Signature sig = Signature.getInstance("SHA1WithRSAEncryption", "BC"); + ISigner sig = SignerUtilities.GetSigner("SHA1WithRSAEncryption"); +// KeyPairGenerator fact; +// KeyPair keyPair; +// byte[] data = { 1, 2, 3, 4, 5, 6, 7, 8, 9, 0 }; + +// fact = KeyPairGenerator.getInstance("RSA", "BC"); + RsaKeyPairGenerator fact = new RsaKeyPairGenerator(); + +// fact.initialize(768, new SecureRandom()); + RsaKeyGenerationParameters factParams = new RsaKeyGenerationParameters( +// BigInteger.ValueOf(0x11), new SecureRandom(), 768, 25); + BigInteger.ValueOf(3), new SecureRandom(), 768, 25); + fact.Init(factParams); + +// keyPair = fact.generateKeyPair(); +// +// PrivateKey signingKey = keyPair.getPrivate(); +// PublicKey verifyKey = keyPair.getPublic(); + AsymmetricCipherKeyPair keyPair = fact.GenerateKeyPair(); + + AsymmetricKeyParameter priv = keyPair.Private; + AsymmetricKeyParameter pub = keyPair.Public; + +// testBadSig(signingKey, verifyKey); + + + + + +// MessageDigest sha1 = MessageDigest.getInstance("SHA1", "BC"); + IDigest sha1 = DigestUtilities.GetDigest("SHA1"); + +// Cipher signer = Cipher.getInstance("RSA/ECB/PKCS1Padding", "BC"); +// IBufferedCipher signer = CipherUtilities.GetCipher("RSA/ECB/PKCS1Padding"); + IAsymmetricBlockCipher signer = new Pkcs1Encoding(new RsaEngine()); + +// signer.init(Cipher.ENCRYPT_MODE, priv); + signer.Init(true, priv); + +// byte[] block = new byte[signer.getBlockSize()]; +// byte[] block = new byte[signer.GetBlockSize()]; + byte[] block = new byte[signer.GetInputBlockSize()]; + +// sha1.update((byte)0); + sha1.Update(0); + +// byte[] sigHeader = Hex.decode("3021300906052b0e03021a05000414"); + byte[] sigHeader = Hex.Decode("3021300906052b0e03021a05000414"); +// System.arraycopy(sigHeader, 0, block, 0, sigHeader.length); + Array.Copy(sigHeader, 0, block, 0, sigHeader.Length); + +// sha1.digest(block, sigHeader.length, sha1.getDigestLength()); + sha1.DoFinal(block, sigHeader.Length); + +// System.arraycopy(sigHeader, 0, block, +// sigHeader.length + sha1.getDigestLength(), sigHeader.length); + Array.Copy(sigHeader, 0, block, + sigHeader.Length + sha1.GetDigestSize(), sigHeader.Length); + +// byte[] sigBytes = signer.doFinal(block); + byte[] sigBytes = signer.ProcessBlock(block, 0, block.Length); + +// Signature verifier = Signature.getInstance("SHA1WithRSA", "BC"); + ISigner verifier = SignerUtilities.GetSigner("SHA1WithRSA"); + +// verifier.initVerify(pub); + verifier.Init(false, pub); + +// verifier.update((byte)0); + verifier.Update(0); + +// if (verifier.verify(sig)) + if (verifier.VerifySignature(sigBytes)) + { +// fail("bad signature passed"); + Fail("bad signature passed"); + } + } + + private void testZeroBlock(ICipherParameters encParameters, ICipherParameters decParameters) + { + IAsymmetricBlockCipher eng = new Pkcs1Encoding(new RsaEngine()); + + eng.Init(true, encParameters); + + if (eng.GetOutputBlockSize() != ((Pkcs1Encoding)eng).GetUnderlyingCipher().GetOutputBlockSize()) + { + Fail("PKCS1 output block size incorrect"); + } + + byte[] zero = new byte[0]; + byte[] data = null; + + try + { + data = eng.ProcessBlock(zero, 0, zero.Length); + } + catch (Exception e) + { + Fail("failed - exception " + e.ToString(), e); + } + + eng.Init(false, decParameters); + + try + { + data = eng.ProcessBlock(data, 0, data.Length); + } + catch (Exception e) + { + Fail("failed - exception " + e.ToString(), e); + } + + if (!Arrays.AreEqual(zero, data)) + { + Fail("failed PKCS1 zero Test"); + } + } + + private void doTest_CVE_2017_15361() + { + SecureRandom random = new SecureRandom(); + RsaKeyPairGenerator pGen = new RsaKeyPairGenerator(); + BigInteger e = BigInteger.ValueOf(0x11); + + for (int strength = 512; strength <= 2048; strength += 32) + { + pGen.Init(new RsaKeyGenerationParameters( + e, random, strength, 100)); + + RsaKeyParameters pubKey = (RsaKeyParameters)pGen.GenerateKeyPair().Public; + + if (BrokenKey_CVE_2017_15361.IsAffected(pubKey)) + { + Fail("failed CVE-2017-15361 vulnerability test for generated RSA key"); + } + } + } + + public override void PerformTest() + { + RsaKeyParameters pubParameters = new RsaKeyParameters(false, mod, pubExp); + RsaKeyParameters privParameters = new RsaPrivateCrtKeyParameters(mod, pubExp, privExp, p, q, pExp, qExp, crtCoef); + byte[] data = Hex.Decode(edgeInput); + + // + // RAW + // + IAsymmetricBlockCipher eng = new RsaEngine(); + + eng.Init(true, pubParameters); + + try + { + data = eng.ProcessBlock(data, 0, data.Length); + } + catch (Exception e) + { + Fail("RSA: failed - exception " + e.ToString()); + } + + eng.Init(false, privParameters); + + try + { + data = eng.ProcessBlock(data, 0, data.Length); + } + catch (Exception e) + { + Fail("failed - exception " + e.ToString()); + } + + if (!edgeInput.Equals(Hex.ToHexString(data))) + { + Fail("failed RAW edge Test"); + } + + data = Hex.Decode(input); + + eng.Init(true, pubParameters); + + try + { + data = eng.ProcessBlock(data, 0, data.Length); + } + catch (Exception e) + { + Fail("failed - exception " + e.ToString()); + } + + eng.Init(false, privParameters); + + try + { + data = eng.ProcessBlock(data, 0, data.Length); + } + catch (Exception e) + { + Fail("failed - exception " + e.ToString()); + } + + if (!input.Equals(Hex.ToHexString(data))) + { + Fail("failed RAW Test"); + } + + // + // PKCS1 - public encrypt, private decrypt + // + eng = new Pkcs1Encoding(eng); + + eng.Init(true, pubParameters); + + if (eng.GetOutputBlockSize() != ((Pkcs1Encoding)eng).GetUnderlyingCipher().GetOutputBlockSize()) + { + Fail("PKCS1 output block size incorrect"); + } + + try + { + data = eng.ProcessBlock(data, 0, data.Length); + } + catch (Exception e) + { + Fail("failed - exception " + e.ToString()); + } + + eng.Init(false, privParameters); + + byte[] plainData = null; + try + { + plainData = eng.ProcessBlock(data, 0, data.Length); + } + catch (Exception e) + { + Fail("failed - exception " + e.ToString()); + } + + if (!input.Equals(Hex.ToHexString(plainData))) + { + Fail("failed PKCS1 public/private Test"); + } + + Pkcs1Encoding fEng = new Pkcs1Encoding(new RsaEngine(), input.Length / 2); + fEng.Init(false, new ParametersWithRandom(privParameters, new SecureRandom())); + try + { + plainData = fEng.ProcessBlock(data, 0, data.Length); + } + catch (Exception e) + { + Fail("failed - exception " + e.ToString(), e); + } + + if (!input.Equals(Hex.ToHexString(plainData))) + { + Fail("failed PKCS1 public/private fixed Test"); + } + + fEng = new Pkcs1Encoding(new RsaEngine(), input.Length); + fEng.Init(false, new ParametersWithRandom(privParameters, new SecureRandom())); + try + { + data = fEng.ProcessBlock(data, 0, data.Length); + } + catch (Exception e) + { + Fail("failed - exception " + e.ToString(), e); + } + + if (input.Equals(Hex.ToHexString(data))) + { + Fail("failed to recognise incorrect plaint text length"); + } + + data = plainData; + + // + // PKCS1 - private encrypt, public decrypt + // + eng = new Pkcs1Encoding(((Pkcs1Encoding)eng).GetUnderlyingCipher()); + + eng.Init(true, privParameters); + + try + { + data = eng.ProcessBlock(plainData, 0, plainData.Length); + } + catch (Exception e) + { + Fail("failed - exception " + e.ToString()); + } + + eng.Init(false, pubParameters); + + try + { + data = eng.ProcessBlock(data, 0, data.Length); + } + catch (Exception e) + { + Fail("failed - exception " + e.ToString()); + } + + if (!input.Equals(Hex.ToHexString(data))) + { + Fail("failed PKCS1 private/public Test"); + } + + testZeroBlock(pubParameters, privParameters); + testZeroBlock(privParameters, pubParameters); + + // + // key generation test + // + RsaKeyPairGenerator pGen = new RsaKeyPairGenerator(); + RsaKeyGenerationParameters genParam = new RsaKeyGenerationParameters( + BigInteger.ValueOf(0x11), new SecureRandom(), 768, 25); + + pGen.Init(genParam); + + AsymmetricCipherKeyPair pair = pGen.GenerateKeyPair(); + + eng = new RsaEngine(); + + if (((RsaKeyParameters)pair.Public).Modulus.BitLength < 768) + { + Fail("failed key generation (768) length test"); + } + + eng.Init(true, pair.Public); + + try + { + data = eng.ProcessBlock(data, 0, data.Length); + } + catch (Exception e) + { + Fail("failed - exception " + e.ToString()); + } + + eng.Init(false, pair.Private); + + try + { + data = eng.ProcessBlock(data, 0, data.Length); + } + catch (Exception e) + { + Fail("failed - exception " + e.ToString()); + } + + if (!input.Equals(Hex.ToHexString(data))) + { + Fail("failed key generation (768) Test"); + } + + genParam = new RsaKeyGenerationParameters(BigInteger.ValueOf(0x11), new SecureRandom(), 1024, 25); + + pGen.Init(genParam); + pair = pGen.GenerateKeyPair(); + + eng.Init(true, pair.Public); + + if (((RsaKeyParameters)pair.Public).Modulus.BitLength < 1024) + { + Fail("failed key generation (1024) length test"); + } + + try + { + data = eng.ProcessBlock(data, 0, data.Length); + } + catch (Exception e) + { + Fail("failed - exception " + e.ToString()); + } + + eng.Init(false, pair.Private); + + try + { + data = eng.ProcessBlock(data, 0, data.Length); + } + catch (Exception e) + { + Fail("failed - exception " + e.ToString()); + } + + if (!input.Equals(Hex.ToHexString(data))) + { + Fail("failed key generation (1024) test"); + } + + genParam = new RsaKeyGenerationParameters( + BigInteger.ValueOf(0x11), new SecureRandom(), 128, 25); + pGen.Init(genParam); + + for (int i = 0; i < 100; ++i) + { + pair = pGen.GenerateKeyPair(); + RsaPrivateCrtKeyParameters privKey = (RsaPrivateCrtKeyParameters) pair.Private; + BigInteger pqDiff = privKey.P.Subtract(privKey.Q).Abs(); + + if (pqDiff.BitLength < 42) + { + Fail("P and Q too close in RSA key pair"); + } + } + + doTestBadSig(); + doTestOaep(pubParameters, privParameters); + doTestStrictPkcs1Length(pubParameters, privParameters); + doTestDudPkcs1Block(pubParameters, privParameters); + doTestMissingDataPkcs1Block(pubParameters, privParameters); + doTestTruncatedPkcs1Block(pubParameters, privParameters); + doTestWrongPaddingPkcs1Block(pubParameters, privParameters); + doTest_CVE_2017_15361(); + + try + { + new RsaEngine().ProcessBlock(new byte[]{ 1 }, 0, 1); + Fail("failed initialisation check"); + } + catch (InvalidOperationException) + { + // expected + } + } + + public static void Main( + string[] args) + { + ITest test = new RsaTest(); + ITestResult result = test.Perform(); + + Console.WriteLine(result); + } + + [Test] + public void TestFunction() + { + string resultText = Perform().ToString(); + + Assert.AreEqual(Name + ": Okay", resultText); + } + } +} diff --git a/BouncyCastle/crypto/test/src/crypto/test/SCryptTest.cs b/BouncyCastle/crypto/test/src/crypto/test/SCryptTest.cs new file mode 100644 index 0000000..f236c4b --- /dev/null +++ b/BouncyCastle/crypto/test/src/crypto/test/SCryptTest.cs @@ -0,0 +1,143 @@ +using System; +using System.IO; +using System.Text; + +using NUnit.Framework; + +using Org.BouncyCastle.Crypto.Generators; +using Org.BouncyCastle.Utilities.Encoders; +using Org.BouncyCastle.Utilities.IO; +using Org.BouncyCastle.Utilities.Test; + +namespace Org.BouncyCastle.Crypto.Tests +{ + /// + /// scrypt test vectors from "Stronger Key Derivation Via Sequential Memory-hard Functions" Appendix B. + /// (http://www.tarsnap.com/scrypt/scrypt.pdf) + /// + [TestFixture] + public class SCryptTest + : SimpleTest + { + public override string Name + { + get { return "SCrypt"; } + } + + public override void PerformTest() + { + TestParameters(); + TestVectors(); + } + + [Test] + public void TestParameters() + { + CheckOK("Minimal values", new byte[0], new byte[0], 2, 1, 1, 1); + CheckIllegal("Cost parameter must be > 1", new byte[0], new byte[0], 1, 1, 1, 1); + CheckOK("Cost parameter 32768 OK for r == 1", new byte[0], new byte[0], 32768, 1, 1, 1); + CheckIllegal("Cost parameter must < 65536 for r == 1", new byte[0], new byte[0], 65536, 1, 1, 1); + CheckIllegal("Block size must be >= 1", new byte[0], new byte[0], 2, 0, 2, 1); + CheckIllegal("Parallelisation parameter must be >= 1", new byte[0], new byte[0], 2, 1, 0, 1); + // CheckOK("Parallelisation parameter 65535 OK for r = 4", new byte[0], new byte[0], 2, 32, 65535, 1); + CheckIllegal("Parallelisation parameter must be < 65535 for r = 4", new byte[0], new byte[0], 2, 32, 65536, 1); + + CheckIllegal("Len parameter must be > 1", new byte[0], new byte[0], 2, 1, 1, 0); + } + + private void CheckOK(String msg, byte[] pass, byte[] salt, int N, int r, int p, int len) + { + try + { + SCrypt.Generate(pass, salt, N, r, p, len); + } + catch (ArgumentException e) + { + Console.Error.WriteLine(e.StackTrace); + Fail(msg); + } + } + + private void CheckIllegal(String msg, byte[] pass, byte[] salt, int N, int r, int p, int len) + { + try + { + SCrypt.Generate(pass, salt, N, r, p, len); + Fail(msg); + } + catch (ArgumentException) + { + //Console.Error.WriteLine(e.StackTrace); + } + } + + [Test] + public void TestVectors() + { + using (StreamReader sr = new StreamReader(SimpleTest.GetTestDataAsStream("scrypt.TestVectors.txt"))) + { + int count = 0; + string line = sr.ReadLine(); + + while (line != null) + { + ++count; + string header = line; + StringBuilder data = new StringBuilder(); + + while (!IsEndData(line = sr.ReadLine())) + { + data.Append(line.Replace(" ", "")); + } + + int start = header.IndexOf('(') + 1; + int limit = header.LastIndexOf(')'); + string argStr = header.Substring(start, limit - start); + string[] args = argStr.Split(','); + + byte[] P = ExtractQuotedString(args[0]); + byte[] S = ExtractQuotedString(args[1]); + int N = ExtractInteger(args[2]); + int r = ExtractInteger(args[3]); + int p = ExtractInteger(args[4]); + int dkLen = ExtractInteger(args[5]); + byte[] expected = Hex.Decode(data.ToString()); + + // This skips very expensive test case(s), remove check to re-enable + if (N <= 16384) + { + byte[] result = SCrypt.Generate(P, S, N, r, p, dkLen); + + if (!AreEqual(expected, result)) + { + Fail("Result does not match expected value in test case " + count); + } + } + } + } + } + + private static bool IsEndData(string line) + { + return line == null || line.StartsWith("scrypt"); + } + + private static byte[] ExtractQuotedString(string arg) + { + arg = arg.Trim(); + arg = arg.Substring(1, arg.Length - 2); + return Encoding.ASCII.GetBytes(arg); + } + + private static int ExtractInteger(string arg) + { + return int.Parse(arg.Trim()); + } + + public static void Main( + string[] args) + { + RunTest(new SCryptTest()); + } + } +} diff --git a/BouncyCastle/crypto/test/src/crypto/test/SEEDTest.cs b/BouncyCastle/crypto/test/src/crypto/test/SEEDTest.cs new file mode 100644 index 0000000..2fcb242 --- /dev/null +++ b/BouncyCastle/crypto/test/src/crypto/test/SEEDTest.cs @@ -0,0 +1,65 @@ +using NUnit.Framework; + +using Org.BouncyCastle.Crypto.Engines; +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Utilities.Encoders; +using Org.BouncyCastle.Utilities.Test; + +namespace Org.BouncyCastle.Crypto.Tests +{ + /** + * SEED tester - vectors http://www.ietf.org/rfc/rfc4009.txt + */ + [TestFixture] + public class SeedTest + : CipherTest + { + static SimpleTest[] tests = + { + new BlockCipherVectorTest(0, new SeedEngine(), + new KeyParameter(Hex.Decode("00000000000000000000000000000000")), + "000102030405060708090a0b0c0d0e0f", + "5EBAC6E0054E166819AFF1CC6D346CDB"), + new BlockCipherVectorTest(0, new SeedEngine(), + new KeyParameter(Hex.Decode("000102030405060708090a0b0c0d0e0f")), + "00000000000000000000000000000000", + "c11f22f20140505084483597e4370f43"), + new BlockCipherVectorTest(0, new SeedEngine(), + new KeyParameter(Hex.Decode("4706480851E61BE85D74BFB3FD956185")), + "83A2F8A288641FB9A4E9A5CC2F131C7D", + "EE54D13EBCAE706D226BC3142CD40D4A"), + new BlockCipherVectorTest(0, new SeedEngine(), + new KeyParameter(Hex.Decode("28DBC3BC49FFD87DCFA509B11D422BE7")), + "B41E6BE2EBA84A148E2EED84593C5EC7", + "9B9B7BFCD1813CB95D0B3618F40F5122"), + new BlockCipherVectorTest(0, new SeedEngine(), + new KeyParameter(Hex.Decode("0E0E0E0E0E0E0E0E0E0E0E0E0E0E0E0E")), + "0E0E0E0E0E0E0E0E0E0E0E0E0E0E0E0E", + "8296F2F1B007AB9D533FDEE35A9AD850"), + }; + + public SeedTest() + : base(tests, new SeedEngine(), new KeyParameter(new byte[16])) + { + } + + public override string Name + { + get { return "SEED"; } + } + + public static void Main( + string[] args) + { + RunTest(new SeedTest()); + } + + [Test] + public void TestFunction() + { + string resultText = Perform().ToString(); + + Assert.AreEqual(Name + ": Okay", resultText); + } + } +} diff --git a/BouncyCastle/crypto/test/src/crypto/test/SHA1DigestTest.cs b/BouncyCastle/crypto/test/src/crypto/test/SHA1DigestTest.cs new file mode 100644 index 0000000..318035b --- /dev/null +++ b/BouncyCastle/crypto/test/src/crypto/test/SHA1DigestTest.cs @@ -0,0 +1,57 @@ +using System; + +using NUnit.Framework; + +using Org.BouncyCastle.Crypto; +using Org.BouncyCastle.Crypto.Digests; +using Org.BouncyCastle.Utilities.Encoders; +using Org.BouncyCastle.Utilities.Test; + +namespace Org.BouncyCastle.Crypto.Tests +{ + /// Standard vector test for SHA-1 from "Handbook of Applied Cryptography", page 345. + [TestFixture] + public class Sha1DigestTest + : DigestTest + { + private static string[] messages = + { + "", + "a", + "abc", + "abcdefghijklmnopqrstuvwxyz" + }; + + private static string[] digests = + { + "da39a3ee5e6b4b0d3255bfef95601890afd80709", + "86f7e437faa5a7fce15d1ddcb9eaeaea377667b8", + "a9993e364706816aba3e25717850c26c9cd0d89d", + "32d10c7b8cf96570ca04ce37f2a19d84240d3a89" + }; + + public Sha1DigestTest() + : base(new Sha1Digest(), messages, digests) + { + } + + protected override IDigest CloneDigest(IDigest digest) + { + return new Sha1Digest((Sha1Digest)digest); + } + + public static void Main( + string[] args) + { + RunTest(new Sha1DigestTest()); + } + + [Test] + public void TestFunction() + { + string resultText = Perform().ToString(); + + Assert.AreEqual(Name + ": Okay", resultText); + } + } +} diff --git a/BouncyCastle/crypto/test/src/crypto/test/SHA1HMacTest.cs b/BouncyCastle/crypto/test/src/crypto/test/SHA1HMacTest.cs new file mode 100644 index 0000000..865f5b5 --- /dev/null +++ b/BouncyCastle/crypto/test/src/crypto/test/SHA1HMacTest.cs @@ -0,0 +1,93 @@ +using System; +using System.Text; + +using NUnit.Framework; + +using Org.BouncyCastle.Crypto; +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Crypto.Digests; +using Org.BouncyCastle.Crypto.Macs; +using Org.BouncyCastle.Utilities; +using Org.BouncyCastle.Utilities.Encoders; +using Org.BouncyCastle.Utilities.Test; + +namespace Org.BouncyCastle.Crypto.Tests +{ + /// SHA1 HMac Test, test vectors from RFC 2202 + [TestFixture] + public class Sha1HMacTest + : ITest + { + public string Name + { + get { return "SHA1HMac"; } + } + + public static readonly string[] keys = new string[]{"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b", "4a656665", "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", "0102030405060708090a0b0c0d0e0f10111213141516171819", "0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c", "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"}; + public static readonly string[] digests = new string[]{"b617318655057264e28bc0b6fb378c8ef146be00", "effcdf6ae5eb2fa2d27416d5f184df9c259a7c79", "125d7342b9ac11cd91a39af48aa17b4f63f175d3", "4c9007f4026250c6bc8414f9bf50c86c2d7235da", "4c1a03424b55e07fe7f27be1d58bb9324a9a5a04", "aa4ae5e15272d00e95705637ce8a3b55ed402112", "e8e99d0f45237d786d6bbaa7965c7808bbff1a91", "4c1a03424b55e07fe7f27be1d58bb9324a9a5a04", "aa4ae5e15272d00e95705637ce8a3b55ed402112", "e8e99d0f45237d786d6bbaa7965c7808bbff1a91"}; + public static readonly string[] messages = new string[]{"Hi There", "what do ya want for nothing?", "0xdddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddd", "0xcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcd", "Test With Truncation", "Test Using Larger Than Block-Size Key - Hash Key First", "Test Using Larger Than Block-Size Key and Larger Than One Block-Size Data"}; + + public virtual ITestResult Perform() + { + HMac hmac = new HMac(new Sha1Digest()); + byte[] resBuf = new byte[hmac.GetMacSize()]; + + for (int i = 0; i < messages.Length; i++) + { + byte[] m = Encoding.ASCII.GetBytes(messages[i]); + if (messages[i].StartsWith("0x")) + { + m = Hex.Decode(messages[i].Substring(2)); + } + hmac.Init(new KeyParameter(Hex.Decode(keys[i]))); + hmac.BlockUpdate(m, 0, m.Length); + hmac.DoFinal(resBuf, 0); + + if (!Arrays.AreEqual(resBuf, Hex.Decode(digests[i]))) + { + return new SimpleTestResult(false, Name + ": Vector " + i + " failed"); + } + } + + // + // test reset + // + int vector = 0; // vector used for test + byte[] m2 = Encoding.ASCII.GetBytes(messages[vector]); + if (messages[vector].StartsWith("0x")) + { + m2 = Hex.Decode(messages[vector].Substring(2)); + } + hmac.Init(new KeyParameter(Hex.Decode(keys[vector]))); + hmac.BlockUpdate(m2, 0, m2.Length); + hmac.DoFinal(resBuf, 0); + hmac.Reset(); + hmac.BlockUpdate(m2, 0, m2.Length); + hmac.DoFinal(resBuf, 0); + + if (!Arrays.AreEqual(resBuf, Hex.Decode(digests[vector]))) + { + return new SimpleTestResult(false, Name + "Reset with vector " + vector + " failed"); + } + + return new SimpleTestResult(true, Name + ": Okay"); + } + + public static void Main( + string[] args) + { + ITest test = new Sha1HMacTest(); + ITestResult result = test.Perform(); + + Console.WriteLine(result); + } + + [Test] + public void TestFunction() + { + string resultText = Perform().ToString(); + + Assert.AreEqual(Name + ": Okay", resultText); + } + } +} diff --git a/BouncyCastle/crypto/test/src/crypto/test/SHA224DigestTest.cs b/BouncyCastle/crypto/test/src/crypto/test/SHA224DigestTest.cs new file mode 100644 index 0000000..9469b65 --- /dev/null +++ b/BouncyCastle/crypto/test/src/crypto/test/SHA224DigestTest.cs @@ -0,0 +1,70 @@ +using System; + +using NUnit.Framework; + +using Org.BouncyCastle.Crypto; +using Org.BouncyCastle.Crypto.Digests; +using Org.BouncyCastle.Utilities.Encoders; +using Org.BouncyCastle.Utilities.Test; + +namespace Org.BouncyCastle.Crypto.Tests +{ + /** + * standard vector test for SHA-224 from RFC 3874 - only the last three are in + * the RFC. + */ + [TestFixture] + public class Sha224DigestTest + : DigestTest + { + private static string[] messages = + { + "", + "a", + "abc", + "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq" + }; + + private static string[] digests = + { + "d14a028c2a3a2bc9476102bb288234c415a2b01f828ea62ac5b3e42f", + "abd37534c7d9a2efb9465de931cd7055ffdb8879563ae98078d6d6d5", + "23097d223405d8228642a477bda255b32aadbce4bda0b3f7e36c9da7", + "75388b16512776cc5dba5da1fd890150b0c6455cb4f58b1952522525" + }; + + // 1 million 'a' + private static string million_a_digest = "20794655980c91d8bbb4c1ea97618a4bf03f42581948b2ee4ee7ad67"; + + public Sha224DigestTest() + : base(new Sha224Digest(), messages, digests) + { + } + + public override void PerformTest() + { + base.PerformTest(); + + millionATest(million_a_digest); + } + + protected override IDigest CloneDigest(IDigest digest) + { + return new Sha224Digest((Sha224Digest)digest); + } + + public static void Main( + string[] args) + { + RunTest(new Sha224DigestTest()); + } + + [Test] + public void TestFunction() + { + string resultText = Perform().ToString(); + + Assert.AreEqual(Name + ": Okay", resultText); + } + } +} diff --git a/BouncyCastle/crypto/test/src/crypto/test/SHA224HMacTest.cs b/BouncyCastle/crypto/test/src/crypto/test/SHA224HMacTest.cs new file mode 100644 index 0000000..06c6ea1 --- /dev/null +++ b/BouncyCastle/crypto/test/src/crypto/test/SHA224HMacTest.cs @@ -0,0 +1,122 @@ +using System; +using System.Text; + +using NUnit.Framework; + +using Org.BouncyCastle.Crypto; +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Crypto.Digests; +using Org.BouncyCastle.Crypto.Macs; +using Org.BouncyCastle.Utilities; +using Org.BouncyCastle.Utilities.Encoders; +using Org.BouncyCastle.Utilities.Test; + +namespace Org.BouncyCastle.Crypto.Tests +{ + /// SHA224 HMac Test, test vectors from RFC + [TestFixture] + public class Sha224HMacTest + : ITest + { + public string Name + { + get { return "SHA224HMac"; } + } + + public static readonly string[] keys = + { + "0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b", + "4a656665", + "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", + "0102030405060708090a0b0c0d0e0f10111213141516171819", + "0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c", + "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", + "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" + }; + + public static readonly string[] digests = + { + "896fb1128abbdf196832107cd49df33f47b4b1169912ba4f53684b22", + "a30e01098bc6dbbf45690f3a7e9e6d0f8bbea2a39e6148008fd05e44", + "7fb3cb3588c6c1f6ffa9694d7d6ad2649365b0c1f65d69d1ec8333ea", + "6c11506874013cac6a2abc1bb382627cec6a90d86efc012de7afec5a", + "0e2aea68a90c8d37c988bcdb9fca6fa8099cd857c7ec4a1815cac54c", + "95e9a0db962095adaebe9b2d6f0dbce2d499f112f2d2b7273fa6870e", + "3a854166ac5d9f023f54d517d0b39dbd946770db9c2b95c9f6f565d1" + }; + + public static readonly string[] messages = + { + "Hi There", + "what do ya want for nothing?", + "0xdddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddd", + "0xcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcd", + "Test With Truncation", + "Test Using Larger Than Block-Size Key - Hash Key First", + "This is a test using a larger than block-size key and a larger than block-size data. The key needs to be hashed before being used by the HMAC algorithm." + }; + + public virtual ITestResult Perform() + { + HMac hmac = new HMac(new Sha224Digest()); + byte[] resBuf = new byte[hmac.GetMacSize()]; + + for (int i = 0; i < messages.Length; i++) + { + byte[] m = Encoding.ASCII.GetBytes(messages[i]); + if (messages[i].StartsWith("0x")) + { + m = Hex.Decode(messages[i].Substring(2)); + } + hmac.Init(new KeyParameter(Hex.Decode(keys[i]))); + hmac.BlockUpdate(m, 0, m.Length); + hmac.DoFinal(resBuf, 0); + + if (!Arrays.AreEqual(resBuf, Hex.Decode(digests[i]))) + { + return new SimpleTestResult(false, Name + ": Vector " + i + " failed"); + } + } + + // + // test reset + // + int vector = 0; // vector used for test + byte[] m2 = Encoding.ASCII.GetBytes(messages[vector]); + if (messages[vector].StartsWith("0x")) + { + m2 = Hex.Decode(messages[vector].Substring(2)); + } + hmac.Init(new KeyParameter(Hex.Decode(keys[vector]))); + hmac.BlockUpdate(m2, 0, m2.Length); + hmac.DoFinal(resBuf, 0); + hmac.Reset(); + hmac.BlockUpdate(m2, 0, m2.Length); + hmac.DoFinal(resBuf, 0); + + if (!Arrays.AreEqual(resBuf, Hex.Decode(digests[vector]))) + { + return new SimpleTestResult(false, Name + "Reset with vector " + vector + " failed"); + } + + return new SimpleTestResult(true, Name + ": Okay"); + } + + public static void Main( + string[] args) + { + ITest test = new Sha224HMacTest(); + ITestResult result = test.Perform(); + + Console.WriteLine(result); + } + + [Test] + public void TestFunction() + { + string resultText = Perform().ToString(); + + Assert.AreEqual(Name + ": Okay", resultText); + } + } +} diff --git a/BouncyCastle/crypto/test/src/crypto/test/SHA256DigestTest.cs b/BouncyCastle/crypto/test/src/crypto/test/SHA256DigestTest.cs new file mode 100644 index 0000000..d2ae89e --- /dev/null +++ b/BouncyCastle/crypto/test/src/crypto/test/SHA256DigestTest.cs @@ -0,0 +1,71 @@ +using System; + +using NUnit.Framework; + +using Org.BouncyCastle.Crypto; +using Org.BouncyCastle.Crypto.Digests; +using Org.BouncyCastle.Utilities.Encoders; +using Org.BouncyCastle.Utilities.Test; + +namespace Org.BouncyCastle.Crypto.Tests +{ + /** + * standard vector test for SHA-256 from FIPS Draft 180-2. + * + * Note, the first two vectors are _not_ from the draft, the last three are. + */ + [TestFixture] + public class Sha256DigestTest + : DigestTest + { + private static string[] messages = + { + "", + "a", + "abc", + "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq" + }; + + private static string[] digests = + { + "e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855", + "ca978112ca1bbdcafac231b39a23dc4da786eff8147c4e72b9807785afee48bb", + "ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad", + "248d6a61d20638b8e5c026930c3e6039a33ce45964ff2167f6ecedd419db06c1" + }; + + // 1 million 'a' + static private string million_a_digest = "cdc76e5c9914fb9281a1c7e284d73e67f1809a48a497200e046d39ccc7112cd0"; + + public Sha256DigestTest() + : base(new Sha256Digest(), messages, digests) + { + } + + public override void PerformTest() + { + base.PerformTest(); + + millionATest(million_a_digest); + } + + protected override IDigest CloneDigest(IDigest digest) + { + return new Sha256Digest((Sha256Digest)digest); + } + + public static void Main( + string[] args) + { + RunTest(new Sha256DigestTest()); + } + + [Test] + public void TestFunction() + { + string resultText = Perform().ToString(); + + Assert.AreEqual(Name + ": Okay", resultText); + } + } +} diff --git a/BouncyCastle/crypto/test/src/crypto/test/SHA256HMacTest.cs b/BouncyCastle/crypto/test/src/crypto/test/SHA256HMacTest.cs new file mode 100644 index 0000000..a9016af --- /dev/null +++ b/BouncyCastle/crypto/test/src/crypto/test/SHA256HMacTest.cs @@ -0,0 +1,122 @@ +using System; +using System.Text; + +using NUnit.Framework; + +using Org.BouncyCastle.Crypto; +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Crypto.Digests; +using Org.BouncyCastle.Crypto.Macs; +using Org.BouncyCastle.Utilities; +using Org.BouncyCastle.Utilities.Encoders; +using Org.BouncyCastle.Utilities.Test; + +namespace Org.BouncyCastle.Crypto.Tests +{ + /// SHA256 HMac Test, test vectors from RFC + [TestFixture] + public class Sha256HMacTest + : ITest + { + public string Name + { + get { return "SHA256HMac"; } + } + + public static readonly string[] keys = + { + "0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b", + "4a656665", + "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", + "0102030405060708090a0b0c0d0e0f10111213141516171819", + "0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c", + "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", + "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" + }; + + public static readonly string[] digests = + { + "b0344c61d8db38535ca8afceaf0bf12b881dc200c9833da726e9376c2e32cff7", + "5bdcc146bf60754e6a042426089575c75a003f089d2739839dec58b964ec3843", + "773ea91e36800e46854db8ebd09181a72959098b3ef8c122d9635514ced565fe", + "82558a389a443c0ea4cc819899f2083a85f0faa3e578f8077a2e3ff46729665b", + "a3b6167473100ee06e0c796c2955552bfa6f7c0a6a8aef8b93f860aab0cd20c5", + "60e431591ee0b67f0d8a26aacbf5b77f8e0bc6213728c5140546040f0ee37f54", + "9b09ffa71b942fcb27635fbcd5b0e944bfdc63644f0713938a7f51535c3a35e2" + }; + + public static readonly string[] messages = + { + "Hi There", + "what do ya want for nothing?", + "0xdddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddd", + "0xcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcd", + "Test With Truncation", + "Test Using Larger Than Block-Size Key - Hash Key First", + "This is a test using a larger than block-size key and a larger than block-size data. The key needs to be hashed before being used by the HMAC algorithm." + }; + + public virtual ITestResult Perform() + { + HMac hmac = new HMac(new Sha256Digest()); + byte[] resBuf = new byte[hmac.GetMacSize()]; + + for (int i = 0; i < messages.Length; i++) + { + byte[] m = Encoding.ASCII.GetBytes(messages[i]); + if (messages[i].StartsWith("0x")) + { + m = Hex.Decode(messages[i].Substring(2)); + } + hmac.Init(new KeyParameter(Hex.Decode(keys[i]))); + hmac.BlockUpdate(m, 0, m.Length); + hmac.DoFinal(resBuf, 0); + + if (!Arrays.AreEqual(resBuf, Hex.Decode(digests[i]))) + { + return new SimpleTestResult(false, Name + ": Vector " + i + " failed"); + } + } + + // + // test reset + // + int vector = 0; // vector used for test + byte[] m2 = Encoding.ASCII.GetBytes(messages[vector]); + if (messages[vector].StartsWith("0x")) + { + m2 = Hex.Decode(messages[vector].Substring(2)); + } + hmac.Init(new KeyParameter(Hex.Decode(keys[vector]))); + hmac.BlockUpdate(m2, 0, m2.Length); + hmac.DoFinal(resBuf, 0); + hmac.Reset(); + hmac.BlockUpdate(m2, 0, m2.Length); + hmac.DoFinal(resBuf, 0); + + if (!Arrays.AreEqual(resBuf, Hex.Decode(digests[vector]))) + { + return new SimpleTestResult(false, Name + "Reset with vector " + vector + " failed"); + } + + return new SimpleTestResult(true, Name + ": Okay"); + } + + public static void Main( + string[] args) + { + ITest test = new Sha256HMacTest(); + ITestResult result = test.Perform(); + + Console.WriteLine(result); + } + + [Test] + public void TestFunction() + { + string resultText = Perform().ToString(); + + Assert.AreEqual(Name + ": Okay", resultText); + } + } +} diff --git a/BouncyCastle/crypto/test/src/crypto/test/SHA384DigestTest.cs b/BouncyCastle/crypto/test/src/crypto/test/SHA384DigestTest.cs new file mode 100644 index 0000000..99363ac --- /dev/null +++ b/BouncyCastle/crypto/test/src/crypto/test/SHA384DigestTest.cs @@ -0,0 +1,70 @@ +using System; + +using NUnit.Framework; + +using Org.BouncyCastle.Crypto; +using Org.BouncyCastle.Crypto.Digests; +using Org.BouncyCastle.Utilities.Encoders; +using Org.BouncyCastle.Utilities.Test; + +namespace Org.BouncyCastle.Crypto.Tests +{ + /** + * standard vector test for SHA-384 from FIPS Draft 180-2. + * + * Note, the first two vectors are _not_ from the draft, the last three are. + */ + [TestFixture] + public class Sha384DigestTest + : DigestTest + { + private static string[] messages = + { + "", + "a", + "abc", + "abcdefghbcdefghicdefghijdefghijkefghijklfghijklmghijklmnhijklmnoijklmnopjklmnopqklmnopqrlmnopqrsmnopqrstnopqrstu" + }; + + private static string[] digests = + { + "38b060a751ac96384cd9327eb1b1e36a21fdb71114be07434c0cc7bf63f6e1da274edebfe76f65fbd51ad2f14898b95b", + "54a59b9f22b0b80880d8427e548b7c23abd873486e1f035dce9cd697e85175033caa88e6d57bc35efae0b5afd3145f31", + "cb00753f45a35e8bb5a03d699ac65007272c32ab0eded1631a8b605a43ff5bed8086072ba1e7cc2358baeca134c825a7", + "09330c33f71147e83d192fc782cd1b4753111b173b3b05d22fa08086e3b0f712fcc7c71a557e2db966c3e9fa91746039" + }; + + static private string million_a_digest = "9d0e1809716474cb086e834e310a4a1ced149e9c00f248527972cec5704c2a5b07b8b3dc38ecc4ebae97ddd87f3d8985"; + + public Sha384DigestTest() + : base(new Sha384Digest(), messages, digests) + { + } + + public override void PerformTest() + { + base.PerformTest(); + + millionATest(million_a_digest); + } + + protected override IDigest CloneDigest(IDigest digest) + { + return new Sha384Digest((Sha384Digest)digest); + } + + public static void Main( + string[] args) + { + RunTest(new Sha384DigestTest()); + } + + [Test] + public void TestFunction() + { + string resultText = Perform().ToString(); + + Assert.AreEqual(Name + ": Okay", resultText); + } + } +} diff --git a/BouncyCastle/crypto/test/src/crypto/test/SHA384HMacTest.cs b/BouncyCastle/crypto/test/src/crypto/test/SHA384HMacTest.cs new file mode 100644 index 0000000..0caba12 --- /dev/null +++ b/BouncyCastle/crypto/test/src/crypto/test/SHA384HMacTest.cs @@ -0,0 +1,122 @@ +using System; +using System.Text; + +using NUnit.Framework; + +using Org.BouncyCastle.Crypto; +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Crypto.Digests; +using Org.BouncyCastle.Crypto.Macs; +using Org.BouncyCastle.Utilities; +using Org.BouncyCastle.Utilities.Encoders; +using Org.BouncyCastle.Utilities.Test; + +namespace Org.BouncyCastle.Crypto.Tests +{ + /// SHA384 HMac Test, test vectors from RFC + [TestFixture] + public class Sha384HMacTest + : ITest + { + public string Name + { + get { return "SHA384HMac"; } + } + + public static readonly string[] keys = + { + "0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b", + "4a656665", + "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", + "0102030405060708090a0b0c0d0e0f10111213141516171819", + "0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c", + "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", + "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" + }; + + public static readonly string[] digests = + { + "afd03944d84895626b0825f4ab46907f15f9dadbe4101ec682aa034c7cebc59cfaea9ea9076ede7f4af152e8b2fa9cb6", + "af45d2e376484031617f78d2b58a6b1b9c7ef464f5a01b47e42ec3736322445e8e2240ca5e69e2c78b3239ecfab21649", + "88062608d3e6ad8a0aa2ace014c8a86f0aa635d947ac9febe83ef4e55966144b2a5ab39dc13814b94e3ab6e101a34f27", + "3e8a69b7783c25851933ab6290af6ca77a9981480850009cc5577c6e1f573b4e6801dd23c4a7d679ccf8a386c674cffb", + "3abf34c3503b2a23a46efc619baef897f4c8e42c934ce55ccbae9740fcbc1af4ca62269e2a37cd88ba926341efe4aeea", + "4ece084485813e9088d2c63a041bc5b44f9ef1012a2b588f3cd11f05033ac4c60c2ef6ab4030fe8296248df163f44952", + "6617178e941f020d351e2f254e8fd32c602420feb0b8fb9adccebb82461e99c5a678cc31e799176d3860e6110c46523e" + }; + + public static readonly string[] messages = + { + "Hi There", + "what do ya want for nothing?", + "0xdddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddd", + "0xcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcd", + "Test With Truncation", + "Test Using Larger Than Block-Size Key - Hash Key First", + "This is a test using a larger than block-size key and a larger than block-size data. The key needs to be hashed before being used by the HMAC algorithm." + }; + + public virtual ITestResult Perform() + { + HMac hmac = new HMac(new Sha384Digest()); + byte[] resBuf = new byte[hmac.GetMacSize()]; + + for (int i = 0; i < messages.Length; i++) + { + byte[] m = Encoding.ASCII.GetBytes(messages[i]); + if (messages[i].StartsWith("0x")) + { + m = Hex.Decode(messages[i].Substring(2)); + } + hmac.Init(new KeyParameter(Hex.Decode(keys[i]))); + hmac.BlockUpdate(m, 0, m.Length); + hmac.DoFinal(resBuf, 0); + + if (!Arrays.AreEqual(resBuf, Hex.Decode(digests[i]))) + { + return new SimpleTestResult(false, Name + ": Vector " + i + " failed"); + } + } + + // + // test reset + // + int vector = 0; // vector used for test + byte[] m2 = Encoding.ASCII.GetBytes(messages[vector]); + if (messages[vector].StartsWith("0x")) + { + m2 = Hex.Decode(messages[vector].Substring(2)); + } + hmac.Init(new KeyParameter(Hex.Decode(keys[vector]))); + hmac.BlockUpdate(m2, 0, m2.Length); + hmac.DoFinal(resBuf, 0); + hmac.Reset(); + hmac.BlockUpdate(m2, 0, m2.Length); + hmac.DoFinal(resBuf, 0); + + if (!Arrays.AreEqual(resBuf, Hex.Decode(digests[vector]))) + { + return new SimpleTestResult(false, Name + "Reset with vector " + vector + " failed"); + } + + return new SimpleTestResult(true, Name + ": Okay"); + } + + public static void Main( + string[] args) + { + ITest test = new Sha384HMacTest(); + ITestResult result = test.Perform(); + + Console.WriteLine(result); + } + + [Test] + public void TestFunction() + { + string resultText = Perform().ToString(); + + Assert.AreEqual(Name + ": Okay", resultText); + } + } +} diff --git a/BouncyCastle/crypto/test/src/crypto/test/SHA3DigestTest.cs b/BouncyCastle/crypto/test/src/crypto/test/SHA3DigestTest.cs new file mode 100644 index 0000000..71f51f4 --- /dev/null +++ b/BouncyCastle/crypto/test/src/crypto/test/SHA3DigestTest.cs @@ -0,0 +1,286 @@ +using System; +using System.IO; +using System.Text; + +using NUnit.Framework; + +using Org.BouncyCastle.Crypto.Digests; +using Org.BouncyCastle.Math; +using Org.BouncyCastle.Utilities; +using Org.BouncyCastle.Utilities.Encoders; +using Org.BouncyCastle.Utilities.Test; + +namespace Org.BouncyCastle.Crypto.Tests +{ + /** + * SHA3 Digest Test + */ + [TestFixture] + public class Sha3DigestTest + : SimpleTest + { + internal class MySha3Digest : Sha3Digest + { + internal MySha3Digest(int bitLength) + : base(bitLength) + { + } + + internal int MyDoFinal(byte[] output, int outOff, byte partialByte, int partialBits) + { + return DoFinal(output, outOff, partialByte, partialBits); + } + } + + public override string Name + { + get { return "SHA-3"; } + } + + public override void PerformTest() + { + TestVectors(); + } + + public void TestVectors() + { + using (StreamReader r = new StreamReader(SimpleTest.GetTestDataAsStream("crypto.SHA3TestVectors.txt"))) + { + String line; + while (null != (line = ReadLine(r))) + { + if (line.Length != 0) + { + TestVector v = ReadTestVector(r, line); + RunTestVector(v); + } + } + } + } + + private MySha3Digest CreateDigest(string algorithm) + { + if (algorithm.StartsWith("SHA3-")) + { + int bits = ParseDecimal(algorithm.Substring("SHA3-".Length)); + return new MySha3Digest(bits); + } + throw new ArgumentException("Unknown algorithm: " + algorithm, "algorithm"); + } + + private byte[] DecodeBinary(string block) + { + int bits = block.Length; + int fullBytes = bits / 8; + int totalBytes = (bits + 7) / 8; + byte[] result = new byte[totalBytes]; + + for (int i = 0; i < fullBytes; ++i) + { + string byteStr = Reverse(block.Substring(i * 8, 8)); + result[i] = (byte)ParseBinary(byteStr); + } + + if (totalBytes > fullBytes) + { + string byteStr = Reverse(block.Substring(fullBytes * 8)); + result[fullBytes] = (byte)ParseBinary(byteStr); + } + + return result; + } + + private int ParseBinary(string s) + { + return new BigInteger(s, 2).IntValue; + } + + private int ParseDecimal(string s) + { + return Int32.Parse(s); + } + + private string ReadBlock(StreamReader r) + { + StringBuilder b = new StringBuilder(); + string line; + while ((line = ReadBlockLine(r)) != null) + { + b.Append(line); + } + return b.ToString(); + } + + private string ReadBlockLine(StreamReader r) + { + string line = ReadLine(r); + if (line == null || line.Length == 0) + { + return null; + } + return line.Replace(" ", ""); + } + + private TestVector ReadTestVector(StreamReader r, string header) + { + string[] parts = SplitAround(header, TestVector.SAMPLE_OF); + + string algorithm = parts[0]; + int bits = ParseDecimal(StripFromChar(parts[1], '-')); + + SkipUntil(r, TestVector.MSG_HEADER); + string messageBlock = ReadBlock(r); + if (messageBlock.Length != bits) + { + throw new InvalidOperationException("Test vector length mismatch"); + } + byte[] message = DecodeBinary(messageBlock); + + SkipUntil(r, TestVector.HASH_HEADER); + byte[] hash = Hex.Decode(ReadBlock(r)); + + return new TestVector(algorithm, bits, message, hash); + } + + private string ReadLine(StreamReader r) + { + string line = r.ReadLine(); + return line == null ? null : StripFromChar(line, '#').Trim(); + } + + private string RequireLine(StreamReader r) + { + string line = ReadLine(r); + if (line == null) + { + throw new EndOfStreamException(); + } + return line; + } + + private string Reverse(string s) + { + char[] cs = s.ToCharArray(); + Array.Reverse(cs); + return new string(cs); + } + + private void RunTestVector(TestVector v) + { + int bits = v.Bits; + int partialBits = bits % 8; + + //Console.WriteLine(v.Algorithm + " " + bits + "-bit"); + //Console.WriteLine(Hex.ToHexString(v.Message).ToUpper()); + //Console.WriteLine(Hex.ToHexString(v.Hash).ToUpper()); + + MySha3Digest d = CreateDigest(v.Algorithm); + byte[] output = new byte[d.GetDigestSize()]; + + byte[] m = v.Message; + if (partialBits == 0) + { + d.BlockUpdate(m, 0, m.Length); + d.DoFinal(output, 0); + } + else + { + d.BlockUpdate(m, 0, m.Length - 1); + d.MyDoFinal(output, 0, m[m.Length - 1], partialBits); + } + + if (!Arrays.AreEqual(v.Hash, output)) + { + Fail(v.Algorithm + " " + v.Bits + "-bit test vector hash mismatch"); + //Console.Error.WriteLine(v.Algorithm + " " + v.Bits + "-bit test vector hash mismatch"); + //Console.Error.WriteLine(Hex.ToHexString(output).ToUpper()); + } + } + + private void SkipUntil(StreamReader r, string header) + { + string line; + do + { + line = RequireLine(r); + } + while (line.Length == 0); + if (!line.Equals(header)) + { + throw new IOException("Expected: " + header); + } + } + + private string[] SplitAround(string s, string separator) + { + int i = s.IndexOf(separator); + if (i < 0) + throw new InvalidOperationException(); + return new string[] { s.Substring(0, i), s.Substring(i + separator.Length) }; + } + + private string StripFromChar(string s, char c) + { + int i = s.IndexOf(c); + if (i >= 0) + { + s = s.Substring(0, i); + } + return s; + } + + public static void Main( + string[] args) + { + RunTest(new Sha3DigestTest()); + } + + [Test] + public void TestFunction() + { + string resultText = Perform().ToString(); + + Assert.AreEqual(Name + ": Okay", resultText); + } + + internal class TestVector + { + internal static string SAMPLE_OF = " sample of "; + internal static string MSG_HEADER = "Msg as bit string"; + internal static string HASH_HEADER = "Hash val is"; + + private readonly string algorithm; + private readonly int bits; + private readonly byte[] message; + private readonly byte[] hash; + + internal TestVector(string algorithm, int bits, byte[] message, byte[] hash) + { + this.algorithm = algorithm; + this.bits = bits; + this.message = message; + this.hash = hash; + } + + public string Algorithm + { + get { return algorithm; } + } + + public int Bits + { + get { return bits; } + } + + public byte[] Message + { + get { return message; } + } + + public byte[] Hash + { + get { return hash; } + } + } + } +} diff --git a/BouncyCastle/crypto/test/src/crypto/test/SHA512DigestTest.cs b/BouncyCastle/crypto/test/src/crypto/test/SHA512DigestTest.cs new file mode 100644 index 0000000..d4f56e1 --- /dev/null +++ b/BouncyCastle/crypto/test/src/crypto/test/SHA512DigestTest.cs @@ -0,0 +1,70 @@ +using System; + +using NUnit.Framework; + +using Org.BouncyCastle.Crypto; +using Org.BouncyCastle.Crypto.Digests; +using Org.BouncyCastle.Utilities.Encoders; +using Org.BouncyCastle.Utilities.Test; + +namespace Org.BouncyCastle.Crypto.Tests +{ + /// + /// Standard vector test for SHA-512 from FIPS Draft 180-2. + /// Note, the first two vectors are _not_ from the draft, the last three are. + /// + [TestFixture] + public class Sha512DigestTest + : DigestTest + { + private static string[] messages = + { + "", + "a", + "abc", + "abcdefghbcdefghicdefghijdefghijkefghijklfghijklmghijklmnhijklmnoijklmnopjklmnopqklmnopqrlmnopqrsmnopqrstnopqrstu" + }; + + private static string[] digests = + { + "cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e", + "1f40fc92da241694750979ee6cf582f2d5d7d28e18335de05abc54d0560e0f5302860c652bf08d560252aa5e74210546f369fbbbce8c12cfc7957b2652fe9a75", + "ddaf35a193617abacc417349ae20413112e6fa4e89a97ea20a9eeee64b55d39a2192992a274fc1a836ba3c23a3feebbd454d4423643ce80e2a9ac94fa54ca49f", + "8e959b75dae313da8cf4f72814fc143f8f7779c6eb9f7fa17299aeadb6889018501d289e4900f7e4331b99dec4b5433ac7d329eeb6dd26545e96e55b874be909" + }; + + // 1 million 'a' + static private string million_a_digest = "e718483d0ce769644e2e42c7bc15b4638e1f98b13b2044285632a803afa973ebde0ff244877ea60a4cb0432ce577c31beb009c5c2c49aa2e4eadb217ad8cc09b"; + + public Sha512DigestTest() + : base(new Sha512Digest(), messages, digests) + { + } + + public override void PerformTest() + { + base.PerformTest(); + + millionATest(million_a_digest); + } + + protected override IDigest CloneDigest(IDigest digest) + { + return new Sha512Digest((Sha512Digest)digest); + } + + public static void Main( + string[] args) + { + RunTest(new Sha512DigestTest()); + } + + [Test] + public void TestFunction() + { + string resultText = Perform().ToString(); + + Assert.AreEqual(Name + ": Okay", resultText); + } + } +} diff --git a/BouncyCastle/crypto/test/src/crypto/test/SHA512HMacTest.cs b/BouncyCastle/crypto/test/src/crypto/test/SHA512HMacTest.cs new file mode 100644 index 0000000..c091a72 --- /dev/null +++ b/BouncyCastle/crypto/test/src/crypto/test/SHA512HMacTest.cs @@ -0,0 +1,123 @@ +using System; +using System.Text; + +using NUnit.Framework; + +using Org.BouncyCastle.Crypto; +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Crypto.Digests; +using Org.BouncyCastle.Crypto.Macs; +using Org.BouncyCastle.Utilities; +using Org.BouncyCastle.Utilities.Encoders; +using Org.BouncyCastle.Utilities.Test; + +namespace Org.BouncyCastle.Crypto.Tests +{ + + /// SHA512 HMac Test, test vectors from RFC + [TestFixture] + public class Sha512HMacTest + : ITest + { + public string Name + { + get { return "SHA512HMac"; } + } + + public static readonly string[] keys = + { + "0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b", + "4a656665", + "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", + "0102030405060708090a0b0c0d0e0f10111213141516171819", + "0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c", + "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", + "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" + }; + + public static readonly string[] digests = + { + "87aa7cdea5ef619d4ff0b4241a1d6cb02379f4e2ce4ec2787ad0b30545e17cdedaa833b7d6b8a702038b274eaea3f4e4be9d914eeb61f1702e696c203a126854", + "164b7a7bfcf819e2e395fbe73b56e0a387bd64222e831fd610270cd7ea2505549758bf75c05a994a6d034f65f8f0e6fdcaeab1a34d4a6b4b636e070a38bce737", + "fa73b0089d56a284efb0f0756c890be9b1b5dbdd8ee81a3655f83e33b2279d39bf3e848279a722c806b485a47e67c807b946a337bee8942674278859e13292fb", + "b0ba465637458c6990e5a8c5f61d4af7e576d97ff94b872de76f8050361ee3dba91ca5c11aa25eb4d679275cc5788063a5f19741120c4f2de2adebeb10a298dd", + "415fad6271580a531d4179bc891d87a650188707922a4fbb36663a1eb16da008711c5b50ddd0fc235084eb9d3364a1454fb2ef67cd1d29fe6773068ea266e96b", + "80b24263c7c1a3ebb71493c1dd7be8b49b46d1f41b4aeec1121b013783f8f3526b56d037e05f2598bd0fd2215d6a1e5295e64f73f63f0aec8b915a985d786598", + "e37b6a775dc87dbaa4dfa9f96e5e3ffddebd71f8867289865df5a32d20cdc944b6022cac3c4982b10d5eeb55c3e4de15134676fb6de0446065c97440fa8c6a58" + }; + + public static readonly string[] messages = + { + "Hi There", + "what do ya want for nothing?", + "0xdddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddd", + "0xcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcd", + "Test With Truncation", + "Test Using Larger Than Block-Size Key - Hash Key First", + "This is a test using a larger than block-size key and a larger than block-size data. The key needs to be hashed before being used by the HMAC algorithm." + }; + + public virtual ITestResult Perform() + { + HMac hmac = new HMac(new Sha512Digest()); + byte[] resBuf = new byte[hmac.GetMacSize()]; + + for (int i = 0; i < messages.Length; i++) + { + byte[] m = Encoding.ASCII.GetBytes(messages[i]); + if (messages[i].StartsWith("0x")) + { + m = Hex.Decode(messages[i].Substring(2)); + } + hmac.Init(new KeyParameter(Hex.Decode(keys[i]))); + hmac.BlockUpdate(m, 0, m.Length); + hmac.DoFinal(resBuf, 0); + + if (!Arrays.AreEqual(resBuf, Hex.Decode(digests[i]))) + { + return new SimpleTestResult(false, Name + ": Vector " + i + " failed"); + } + } + + // + // test reset + // + int vector = 0; // vector used for test + byte[] m2 = Encoding.ASCII.GetBytes(messages[vector]); + if (messages[vector].StartsWith("0x")) + { + m2 = Hex.Decode(messages[vector].Substring(2)); + } + hmac.Init(new KeyParameter(Hex.Decode(keys[vector]))); + hmac.BlockUpdate(m2, 0, m2.Length); + hmac.DoFinal(resBuf, 0); + hmac.Reset(); + hmac.BlockUpdate(m2, 0, m2.Length); + hmac.DoFinal(resBuf, 0); + + if (!Arrays.AreEqual(resBuf, Hex.Decode(digests[vector]))) + { + return new SimpleTestResult(false, Name + "Reset with vector " + vector + " failed"); + } + + return new SimpleTestResult(true, Name + ": Okay"); + } + + public static void Main( + string[] args) + { + ITest test = new Sha512HMacTest(); + ITestResult result = test.Perform(); + + Console.WriteLine(result); + } + + [Test] + public void TestFunction() + { + string resultText = Perform().ToString(); + + Assert.AreEqual(Name + ": Okay", resultText); + } + } +} diff --git a/BouncyCastle/crypto/test/src/crypto/test/SHA512t224DigestTest.cs b/BouncyCastle/crypto/test/src/crypto/test/SHA512t224DigestTest.cs new file mode 100644 index 0000000..a3d68e1 --- /dev/null +++ b/BouncyCastle/crypto/test/src/crypto/test/SHA512t224DigestTest.cs @@ -0,0 +1,62 @@ +using System; + +using NUnit.Framework; + +using Org.BouncyCastle.Crypto; +using Org.BouncyCastle.Crypto.Digests; +using Org.BouncyCastle.Utilities.Encoders; +using Org.BouncyCastle.Utilities.Test; + +namespace Org.BouncyCastle.Crypto.Tests +{ + /** + * standard vector test for SHA-512/224 from FIPS 180-4. + * + * Note, only the last 2 message entries are FIPS originated.. + */ + public class Sha512t224DigestTest + : DigestTest + { + private static string[] messages = + { + "", + "a", + "abc", + "abcdefghbcdefghicdefghijdefghijkefghijklfghijklmghijklmnhijklmnoijklmnopjklmnopqklmnopqrlmnopqrsmnopqrstnopqrstu" + }; + + private static string[] digests = + { + "6ed0dd02806fa89e25de060c19d3ac86cabb87d6a0ddd05c333b84f4", + "d5cdb9ccc769a5121d4175f2bfdd13d6310e0d3d361ea75d82108327", + "4634270F707B6A54DAAE7530460842E20E37ED265CEEE9A43E8924AA", + "23FEC5BB94D60B23308192640B0C453335D664734FE40E7268674AF9" + }; + + // 1 million 'a' + private const string million_a_digest = "37ab331d76f0d36de422bd0edeb22a28accd487b7a8453ae965dd287"; + + internal Sha512t224DigestTest() + : base(new Sha512tDigest(224), messages, digests) + { + } + + public override void PerformTest() + { + base.PerformTest(); + + millionATest(million_a_digest); + } + + protected override IDigest CloneDigest(IDigest digest) + { + return new Sha512tDigest((Sha512tDigest)digest); + } + + public static void Main( + string[] args) + { + RunTest(new Sha512t224DigestTest()); + } + } +} diff --git a/BouncyCastle/crypto/test/src/crypto/test/SHA512t256DigestTest.cs b/BouncyCastle/crypto/test/src/crypto/test/SHA512t256DigestTest.cs new file mode 100644 index 0000000..c957aa6 --- /dev/null +++ b/BouncyCastle/crypto/test/src/crypto/test/SHA512t256DigestTest.cs @@ -0,0 +1,62 @@ +using System; + +using NUnit.Framework; + +using Org.BouncyCastle.Crypto; +using Org.BouncyCastle.Crypto.Digests; +using Org.BouncyCastle.Utilities.Encoders; +using Org.BouncyCastle.Utilities.Test; + +namespace Org.BouncyCastle.Crypto.Tests +{ + /** + * standard vector test for SHA-512/256 from FIPS 180-4. + * + * Note, only the last 2 message entries are FIPS originated.. + */ + public class Sha512t256DigestTest + : DigestTest + { + private static string[] messages = + { + "", + "a", + "abc", + "abcdefghbcdefghicdefghijdefghijkefghijklfghijklmghijklmnhijklmnoijklmnopjklmnopqklmnopqrlmnopqrsmnopqrstnopqrstu" + }; + + private static string[] digests = + { + "c672b8d1ef56ed28ab87c3622c5114069bdd3ad7b8f9737498d0c01ecef0967a", + "455e518824bc0601f9fb858ff5c37d417d67c2f8e0df2babe4808858aea830f8", + "53048E2681941EF99B2E29B76B4C7DABE4C2D0C634FC6D46E0E2F13107E7AF23", + "3928E184FB8690F840DA3988121D31BE65CB9D3EF83EE6146FEAC861E19B563A" + }; + + // 1 million 'a' + private const string million_a_digest = "9a59a052930187a97038cae692f30708aa6491923ef5194394dc68d56c74fb21"; + + internal Sha512t256DigestTest() + : base(new Sha512tDigest(256), messages, digests) + { + } + + public override void PerformTest() + { + base.PerformTest(); + + millionATest(million_a_digest); + } + + protected override IDigest CloneDigest(IDigest digest) + { + return new Sha512tDigest((Sha512tDigest)digest); + } + + public static void Main( + string[] args) + { + RunTest(new Sha512t256DigestTest()); + } + } +} diff --git a/BouncyCastle/crypto/test/src/crypto/test/SM2EngineTest.cs b/BouncyCastle/crypto/test/src/crypto/test/SM2EngineTest.cs new file mode 100644 index 0000000..1a2d1d1 --- /dev/null +++ b/BouncyCastle/crypto/test/src/crypto/test/SM2EngineTest.cs @@ -0,0 +1,168 @@ +using System; + +using NUnit.Framework; + +using Org.BouncyCastle.Crypto.Engines; +using Org.BouncyCastle.Crypto.Generators; +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Math; +using Org.BouncyCastle.Math.EC; +using Org.BouncyCastle.Utilities; +using Org.BouncyCastle.Utilities.Encoders; +using Org.BouncyCastle.Utilities.Test; + +namespace Org.BouncyCastle.Crypto.Tests +{ + [TestFixture] + public class SM2EngineTest + : SimpleTest + { + public override string Name + { + get { return "SM2Engine"; } + } + + private void DoEngineTestFp() + { + BigInteger SM2_ECC_P = new BigInteger("8542D69E4C044F18E8B92435BF6FF7DE457283915C45517D722EDB8B08F1DFC3", 16); + BigInteger SM2_ECC_A = new BigInteger("787968B4FA32C3FD2417842E73BBFEFF2F3C848B6831D7E0EC65228B3937E498", 16); + BigInteger SM2_ECC_B = new BigInteger("63E4C6D3B23B0C849CF84241484BFE48F61D59A5B16BA06E6E12D1DA27C5249A", 16); + BigInteger SM2_ECC_N = new BigInteger("8542D69E4C044F18E8B92435BF6FF7DD297720630485628D5AE74EE7C32E79B7", 16); + BigInteger SM2_ECC_H = BigInteger.One; + BigInteger SM2_ECC_GX = new BigInteger("421DEBD61B62EAB6746434EBC3CC315E32220B3BADD50BDC4C4E6C147FEDD43D", 16); + BigInteger SM2_ECC_GY = new BigInteger("0680512BCBB42C07D47349D2153B70C4E5D7FDFCBFA36EA1A85841B9E46E09A2", 16); + + ECCurve curve = new FpCurve(SM2_ECC_P, SM2_ECC_A, SM2_ECC_B, SM2_ECC_N, SM2_ECC_H); + + ECPoint g = curve.CreatePoint(SM2_ECC_GX, SM2_ECC_GY); + ECDomainParameters domainParams = new ECDomainParameters(curve, g, SM2_ECC_N); + + ECKeyPairGenerator keyPairGenerator = new ECKeyPairGenerator(); + + ECKeyGenerationParameters aKeyGenParams = new ECKeyGenerationParameters(domainParams, new TestRandomBigInteger("1649AB77A00637BD5E2EFE283FBF353534AA7F7CB89463F208DDBC2920BB0DA0", 16)); + + keyPairGenerator.Init(aKeyGenParams); + + AsymmetricCipherKeyPair aKp = keyPairGenerator.GenerateKeyPair(); + + ECPublicKeyParameters aPub = (ECPublicKeyParameters)aKp.Public; + ECPrivateKeyParameters aPriv = (ECPrivateKeyParameters)aKp.Private; + + SM2Engine sm2Engine = new SM2Engine(); + + byte[] m = Strings.ToByteArray("encryption standard"); + + sm2Engine.Init(true, new ParametersWithRandom(aPub, new TestRandomBigInteger("4C62EEFD6ECFC2B95B92FD6C3D9575148AFA17425546D49018E5388D49DD7B4F", 16))); + + byte[] enc = sm2Engine.ProcessBlock(m, 0, m.Length); + + IsTrue("enc wrong", Arrays.AreEqual(Hex.Decode( + "04245C26 FB68B1DD DDB12C4B 6BF9F2B6 D5FE60A3 83B0D18D 1C4144AB F17F6252" + + "E776CB92 64C2A7E8 8E52B199 03FDC473 78F605E3 6811F5C0 7423A24B 84400F01" + + "B8650053 A89B41C4 18B0C3AA D00D886C 00286467 9C3D7360 C30156FA B7C80A02" + + "76712DA9 D8094A63 4B766D3A 285E0748 0653426D"), enc)); + + sm2Engine.Init(false, aPriv); + + byte[] dec = sm2Engine.ProcessBlock(enc, 0, enc.Length); + + IsTrue("dec wrong", Arrays.AreEqual(m, dec)); + + enc[80] = (byte)(enc[80] + 1); + + try + { + sm2Engine.ProcessBlock(enc, 0, enc.Length); + Fail("no exception"); + } + catch (InvalidCipherTextException e) + { + IsTrue("wrong exception", "invalid cipher text".Equals(e.Message)); + } + + // long message + sm2Engine = new SM2Engine(); + + m = new byte[4097]; + for (int i = 0; i != m.Length; i++) + { + m[i] = (byte)i; + } + + sm2Engine.Init(true, new ParametersWithRandom(aPub, new TestRandomBigInteger("4C62EEFD6ECFC2B95B92FD6C3D9575148AFA17425546D49018E5388D49DD7B4F", 16))); + + enc = sm2Engine.ProcessBlock(m, 0, m.Length); + + sm2Engine.Init(false, aPriv); + + dec = sm2Engine.ProcessBlock(enc, 0, enc.Length); + + IsTrue("dec wrong", Arrays.AreEqual(m, dec)); + } + + private void DoEngineTestF2m() + { + BigInteger SM2_ECC_A = new BigInteger("00", 16); + BigInteger SM2_ECC_B = new BigInteger("E78BCD09746C202378A7E72B12BCE00266B9627ECB0B5A25367AD1AD4CC6242B", 16); + BigInteger SM2_ECC_N = new BigInteger("7FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFBC972CF7E6B6F900945B3C6A0CF6161D", 16); + BigInteger SM2_ECC_H = BigInteger.ValueOf(4); + BigInteger SM2_ECC_GX = new BigInteger("00CDB9CA7F1E6B0441F658343F4B10297C0EF9B6491082400A62E7A7485735FADD", 16); + BigInteger SM2_ECC_GY = new BigInteger("013DE74DA65951C4D76DC89220D5F7777A611B1C38BAE260B175951DC8060C2B3E", 16); + + ECCurve curve = new F2mCurve(257, 12, SM2_ECC_A, SM2_ECC_B, SM2_ECC_N, SM2_ECC_H); + + ECPoint g = curve.CreatePoint(SM2_ECC_GX, SM2_ECC_GY); + ECDomainParameters domainParams = new ECDomainParameters(curve, g, SM2_ECC_N, SM2_ECC_H); + + ECKeyPairGenerator keyPairGenerator = new ECKeyPairGenerator(); + + ECKeyGenerationParameters aKeyGenParams = new ECKeyGenerationParameters(domainParams, new TestRandomBigInteger("56A270D17377AA9A367CFA82E46FA5267713A9B91101D0777B07FCE018C757EB", 16)); + + keyPairGenerator.Init(aKeyGenParams); + + AsymmetricCipherKeyPair aKp = keyPairGenerator.GenerateKeyPair(); + + ECPublicKeyParameters aPub = (ECPublicKeyParameters)aKp.Public; + ECPrivateKeyParameters aPriv = (ECPrivateKeyParameters)aKp.Private; + + SM2Engine sm2Engine = new SM2Engine(); + + byte[] m = Strings.ToByteArray("encryption standard"); + + sm2Engine.Init(true, new ParametersWithRandom(aPub, new TestRandomBigInteger("6D3B497153E3E92524E5C122682DBDC8705062E20B917A5F8FCDB8EE4C66663D", 16))); + + byte[] enc = sm2Engine.ProcessBlock(m, 0, m.Length); + + IsTrue("f2m enc wrong", Arrays.AreEqual(Hex.Decode( + "04019D23 6DDB3050 09AD52C5 1BB93270 9BD534D4 76FBB7B0 DF9542A8 A4D890A3" + + "F2E100B2 3B938DC0 A94D1DF8 F42CF45D 2D6601BF 638C3D7D E75A29F0 2AFB7E45" + + "E91771FD 55AC6213 C2A8A040 E4CAB5B2 6A9CFCDA 737373A4 8625D375 8FA37B3E" + + "AB80E9CF CABA665E 3199EA15 A1FA8189 D96F5791 25E4"), enc)); + + sm2Engine.Init(false, aPriv); + + byte[] dec = sm2Engine.ProcessBlock(enc, 0, enc.Length); + + IsTrue("f2m dec wrong", Arrays.AreEqual(m, dec)); + } + + public override void PerformTest() + { + DoEngineTestFp(); + DoEngineTestF2m(); + } + + public static void Main(string[] args) + { + RunTest(new SM2EngineTest()); + } + + [Test] + public void TestFunction() + { + string resultText = Perform().ToString(); + + Assert.AreEqual(Name + ": Okay", resultText); + } + } +} diff --git a/BouncyCastle/crypto/test/src/crypto/test/SM2KeyExchangeTest.cs b/BouncyCastle/crypto/test/src/crypto/test/SM2KeyExchangeTest.cs new file mode 100644 index 0000000..39131f1 --- /dev/null +++ b/BouncyCastle/crypto/test/src/crypto/test/SM2KeyExchangeTest.cs @@ -0,0 +1,230 @@ +using System; +using System.IO; + +using NUnit.Framework; + +using Org.BouncyCastle.Asn1; +using Org.BouncyCastle.Crypto.Agreement; +using Org.BouncyCastle.Crypto.Generators; +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Math; +using Org.BouncyCastle.Math.EC; +using Org.BouncyCastle.Utilities; +using Org.BouncyCastle.Utilities.Encoders; +using Org.BouncyCastle.Utilities.Test; + +namespace Org.BouncyCastle.Crypto.Tests +{ + [TestFixture] + public class SM2KeyExchangeTest + : SimpleTest + { + public override string Name + { + get { return "SM2KeyExchange"; } + } + + private void DoKeyExchangeTestFp() + { + BigInteger SM2_ECC_P = new BigInteger("8542D69E4C044F18E8B92435BF6FF7DE457283915C45517D722EDB8B08F1DFC3", 16); + BigInteger SM2_ECC_A = new BigInteger("787968B4FA32C3FD2417842E73BBFEFF2F3C848B6831D7E0EC65228B3937E498", 16); + BigInteger SM2_ECC_B = new BigInteger("63E4C6D3B23B0C849CF84241484BFE48F61D59A5B16BA06E6E12D1DA27C5249A", 16); + BigInteger SM2_ECC_N = new BigInteger("8542D69E4C044F18E8B92435BF6FF7DD297720630485628D5AE74EE7C32E79B7", 16); + BigInteger SM2_ECC_H = BigInteger.One; + BigInteger SM2_ECC_GX = new BigInteger("421DEBD61B62EAB6746434EBC3CC315E32220B3BADD50BDC4C4E6C147FEDD43D", 16); + BigInteger SM2_ECC_GY = new BigInteger("0680512BCBB42C07D47349D2153B70C4E5D7FDFCBFA36EA1A85841B9E46E09A2", 16); + + ECCurve curve = new FpCurve(SM2_ECC_P, SM2_ECC_A, SM2_ECC_B, SM2_ECC_N, SM2_ECC_H); + + ECPoint g = curve.CreatePoint(SM2_ECC_GX, SM2_ECC_GY); + ECDomainParameters domainParams = new ECDomainParameters(curve, g, SM2_ECC_N); + + ECKeyPairGenerator keyPairGenerator = new ECKeyPairGenerator(); + + ECKeyGenerationParameters aKeyGenParams = new ECKeyGenerationParameters(domainParams, new TestRandomBigInteger("6FCBA2EF9AE0AB902BC3BDE3FF915D44BA4CC78F88E2F8E7F8996D3B8CCEEDEE", 16)); + + keyPairGenerator.Init(aKeyGenParams); + + AsymmetricCipherKeyPair aKp = keyPairGenerator.GenerateKeyPair(); + + ECPublicKeyParameters aPub = (ECPublicKeyParameters)aKp.Public; + ECPrivateKeyParameters aPriv = (ECPrivateKeyParameters)aKp.Private; + + ECKeyGenerationParameters aeKeyGenParams = new ECKeyGenerationParameters(domainParams, new TestRandomBigInteger("83A2C9C8B96E5AF70BD480B472409A9A327257F1EBB73F5B073354B248668563", 16)); + + keyPairGenerator.Init(aeKeyGenParams); + + AsymmetricCipherKeyPair aeKp = keyPairGenerator.GenerateKeyPair(); + + ECPublicKeyParameters aePub = (ECPublicKeyParameters)aeKp.Public; + ECPrivateKeyParameters aePriv = (ECPrivateKeyParameters)aeKp.Private; + + ECKeyGenerationParameters bKeyGenParams = new ECKeyGenerationParameters(domainParams, new TestRandomBigInteger("5E35D7D3F3C54DBAC72E61819E730B019A84208CA3A35E4C2E353DFCCB2A3B53", 16)); + + keyPairGenerator.Init(bKeyGenParams); + + AsymmetricCipherKeyPair bKp = keyPairGenerator.GenerateKeyPair(); + + ECPublicKeyParameters bPub = (ECPublicKeyParameters)bKp.Public; + ECPrivateKeyParameters bPriv = (ECPrivateKeyParameters)bKp.Private; + + ECKeyGenerationParameters beKeyGenParams = new ECKeyGenerationParameters(domainParams, new TestRandomBigInteger("33FE21940342161C55619C4A0C060293D543C80AF19748CE176D83477DE71C80", 16)); + + keyPairGenerator.Init(beKeyGenParams); + + AsymmetricCipherKeyPair beKp = keyPairGenerator.GenerateKeyPair(); + + ECPublicKeyParameters bePub = (ECPublicKeyParameters)beKp.Public; + ECPrivateKeyParameters bePriv = (ECPrivateKeyParameters)beKp.Private; + + SM2KeyExchange exch = new SM2KeyExchange(); + + exch.Init(new ParametersWithID(new SM2KeyExchangePrivateParameters(true, aPriv, aePriv), Strings.ToByteArray("ALICE123@YAHOO.COM"))); + + byte[] k1 = exch.CalculateKey(128, new ParametersWithID(new SM2KeyExchangePublicParameters(bPub, bePub), Strings.ToByteArray("BILL456@YAHOO.COM"))); + + IsTrue("key 1 wrong", Arrays.AreEqual(Hex.Decode("55b0ac62a6b927ba23703832c853ded4"), k1)); + + exch = new SM2KeyExchange(); + + exch.Init(new ParametersWithID(new SM2KeyExchangePrivateParameters(false, bPriv, bePriv), Strings.ToByteArray("BILL456@YAHOO.COM"))); + + byte[] k2 = exch.CalculateKey(128, new ParametersWithID(new SM2KeyExchangePublicParameters(aPub, aePub), Strings.ToByteArray("ALICE123@YAHOO.COM"))); + + IsTrue("key 2 wrong", Arrays.AreEqual(Hex.Decode("55b0ac62a6b927ba23703832c853ded4"), k2)); + + // with key confirmation + exch = new SM2KeyExchange(); + + exch.Init(new ParametersWithID(new SM2KeyExchangePrivateParameters(false, bPriv, bePriv), Strings.ToByteArray("BILL456@YAHOO.COM"))); + + byte[][] vals2 = exch.CalculateKeyWithConfirmation(128, null, new ParametersWithID(new SM2KeyExchangePublicParameters(aPub, aePub), Strings.ToByteArray("ALICE123@YAHOO.COM"))); + + IsTrue("key 2 wrong", Arrays.AreEqual(Hex.Decode("55b0ac62a6b927ba23703832c853ded4"), k2)); + + IsTrue("conf a tag 2 wrong", Arrays.AreEqual(Hex.Decode("284C8F198F141B502E81250F1581C7E9EEB4CA6990F9E02DF388B45471F5BC5C"), vals2[1])); + IsTrue("conf b tag 2 wrong", Arrays.AreEqual(Hex.Decode("23444DAF8ED7534366CB901C84B3BDBB63504F4065C1116C91A4C00697E6CF7A"), vals2[2])); + + exch = new SM2KeyExchange(); + + exch.Init(new ParametersWithID(new SM2KeyExchangePrivateParameters(true, aPriv, aePriv), Strings.ToByteArray("ALICE123@YAHOO.COM"))); + + byte[][] vals1 = exch.CalculateKeyWithConfirmation(128, vals2[1], new ParametersWithID(new SM2KeyExchangePublicParameters(bPub, bePub), Strings.ToByteArray("BILL456@YAHOO.COM"))); + + IsTrue("conf key 1 wrong", Arrays.AreEqual(Hex.Decode("55b0ac62a6b927ba23703832c853ded4"), vals1[0])); + IsTrue("conf tag 1 wrong", Arrays.AreEqual(Hex.Decode("23444DAF8ED7534366CB901C84B3BDBB63504F4065C1116C91A4C00697E6CF7A"), vals1[1])); + } + + private void DoKeyExchangeTestF2m() + { + BigInteger SM2_ECC_A = new BigInteger("00", 16); + BigInteger SM2_ECC_B = new BigInteger("E78BCD09746C202378A7E72B12BCE00266B9627ECB0B5A25367AD1AD4CC6242B", 16); + BigInteger SM2_ECC_N = new BigInteger("7FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFBC972CF7E6B6F900945B3C6A0CF6161D", 16); + BigInteger SM2_ECC_H = BigInteger.ValueOf(4); + BigInteger SM2_ECC_GX = new BigInteger("00CDB9CA7F1E6B0441F658343F4B10297C0EF9B6491082400A62E7A7485735FADD", 16); + BigInteger SM2_ECC_GY = new BigInteger("013DE74DA65951C4D76DC89220D5F7777A611B1C38BAE260B175951DC8060C2B3E", 16); + + ECCurve curve = new F2mCurve(257, 12, SM2_ECC_A, SM2_ECC_B, SM2_ECC_N, SM2_ECC_H); + + ECPoint g = curve.CreatePoint(SM2_ECC_GX, SM2_ECC_GY); + ECDomainParameters domainParams = new ECDomainParameters(curve, g, SM2_ECC_N, SM2_ECC_H); + + ECKeyPairGenerator keyPairGenerator = new ECKeyPairGenerator(); + + ECKeyGenerationParameters aKeyGenParams = new ECKeyGenerationParameters(domainParams, new TestRandomBigInteger("4813903D254F2C20A94BC5704238496954BB5279F861952EF2C5298E84D2CEAA", 16)); + + keyPairGenerator.Init(aKeyGenParams); + + AsymmetricCipherKeyPair aKp = keyPairGenerator.GenerateKeyPair(); + + ECPublicKeyParameters aPub = (ECPublicKeyParameters)aKp.Public; + ECPrivateKeyParameters aPriv = (ECPrivateKeyParameters)aKp.Private; + + ECKeyGenerationParameters aeKeyGenParams = new ECKeyGenerationParameters(domainParams, new TestRandomBigInteger("54A3D6673FF3A6BD6B02EBB164C2A3AF6D4A4906229D9BFCE68CC366A2E64BA4", 16)); + + keyPairGenerator.Init(aeKeyGenParams); + + AsymmetricCipherKeyPair aeKp = keyPairGenerator.GenerateKeyPair(); + + ECPublicKeyParameters aePub = (ECPublicKeyParameters)aeKp.Public; + ECPrivateKeyParameters aePriv = (ECPrivateKeyParameters)aeKp.Private; + + ECKeyGenerationParameters bKeyGenParams = new ECKeyGenerationParameters(domainParams, new TestRandomBigInteger("08F41BAE0922F47C212803FE681AD52B9BF28A35E1CD0EC273A2CF813E8FD1DC", 16)); + + keyPairGenerator.Init(bKeyGenParams); + + AsymmetricCipherKeyPair bKp = keyPairGenerator.GenerateKeyPair(); + + ECPublicKeyParameters bPub = (ECPublicKeyParameters)bKp.Public; + ECPrivateKeyParameters bPriv = (ECPrivateKeyParameters)bKp.Private; + + ECKeyGenerationParameters beKeyGenParams = new ECKeyGenerationParameters(domainParams, new TestRandomBigInteger("1F21933387BEF781D0A8F7FD708C5AE0A56EE3F423DBC2FE5BDF6F068C53F7AD", 16)); + + keyPairGenerator.Init(beKeyGenParams); + + AsymmetricCipherKeyPair beKp = keyPairGenerator.GenerateKeyPair(); + + ECPublicKeyParameters bePub = (ECPublicKeyParameters)beKp.Public; + ECPrivateKeyParameters bePriv = (ECPrivateKeyParameters)beKp.Private; + + SM2KeyExchange exch = new SM2KeyExchange(); + + exch.Init(new ParametersWithID(new SM2KeyExchangePrivateParameters(true, aPriv, aePriv), Strings.ToByteArray("ALICE123@YAHOO.COM"))); + + byte[] k1 = exch.CalculateKey(128, new ParametersWithID(new SM2KeyExchangePublicParameters(bPub, bePub), Strings.ToByteArray("BILL456@YAHOO.COM"))); + + // there appears to be typo for ZA in the draft + //IsTrue("F2m key 1 wrong", Arrays.AreEqual(Hex.Decode("4E587E5C66634F22D973A7D98BF8BE23"), k1)); + IsTrue("F2m key 1 wrong", Arrays.AreEqual(Hex.Decode("8c2b03289aa7126555dc660cfc29fd74"), k1)); + + exch = new SM2KeyExchange(); + + exch.Init(new ParametersWithID(new SM2KeyExchangePrivateParameters(false, bPriv, bePriv), Strings.ToByteArray("BILL456@YAHOO.COM"))); + + byte[] k2 = exch.CalculateKey(128, new ParametersWithID(new SM2KeyExchangePublicParameters(aPub, aePub), Strings.ToByteArray("ALICE123@YAHOO.COM"))); + + //IsTrue("F2m key 2 wrong", Arrays.AreEqual(Hex.Decode("4E587E5C66634F22D973A7D98BF8BE23"), k2)); + IsTrue("F2m key 2 wrong", Arrays.AreEqual(Hex.Decode("8c2b03289aa7126555dc660cfc29fd74"), k2)); + + // with key confirmation + exch = new SM2KeyExchange(); + + exch.Init(new ParametersWithID(new SM2KeyExchangePrivateParameters(false, bPriv, bePriv), Strings.ToByteArray("BILL456@YAHOO.COM"))); + + byte[][] vals2 = exch.CalculateKeyWithConfirmation(128, null, new ParametersWithID(new SM2KeyExchangePublicParameters(aPub, aePub), Strings.ToByteArray("ALICE123@YAHOO.COM"))); + + IsTrue("key 2 wrong", Arrays.AreEqual(Hex.Decode("8c2b03289aa7126555dc660cfc29fd74"), k2)); + + IsTrue("conf a tag 2 wrong", Arrays.AreEqual(Hex.Decode("d8294c4c0f0ac180feac95e8a0d786638c9e915b9a684b2348809af03a0de2a5"), vals2[1])); + IsTrue("conf b tag 2 wrong", Arrays.AreEqual(Hex.Decode("52089e706911b58fd5e7c7b2ab5cf32bb61e481ef1e114a1e33d99eec84b5a4f"), vals2[2])); + + exch = new SM2KeyExchange(); + + exch.Init(new ParametersWithID(new SM2KeyExchangePrivateParameters(true, aPriv, aePriv), Strings.ToByteArray("ALICE123@YAHOO.COM"))); + + byte[][] vals1 = exch.CalculateKeyWithConfirmation(128, vals2[1], new ParametersWithID(new SM2KeyExchangePublicParameters(bPub, bePub), Strings.ToByteArray("BILL456@YAHOO.COM"))); + + IsTrue("conf key 1 wrong", Arrays.AreEqual(Hex.Decode("8c2b03289aa7126555dc660cfc29fd74"), vals1[0])); + IsTrue("conf tag 1 wrong", Arrays.AreEqual(Hex.Decode("52089e706911b58fd5e7c7b2ab5cf32bb61e481ef1e114a1e33d99eec84b5a4f"), vals1[1])); + } + + public override void PerformTest() + { + DoKeyExchangeTestFp(); + DoKeyExchangeTestF2m(); + } + + public static void Main(string[] args) + { + RunTest(new SM2KeyExchangeTest()); + } + + [Test] + public void TestFunction() + { + string resultText = Perform().ToString(); + + Assert.AreEqual(Name + ": Okay", resultText); + } + } +} diff --git a/BouncyCastle/crypto/test/src/crypto/test/SM2SignerTest.cs b/BouncyCastle/crypto/test/src/crypto/test/SM2SignerTest.cs new file mode 100644 index 0000000..67cb1a4 --- /dev/null +++ b/BouncyCastle/crypto/test/src/crypto/test/SM2SignerTest.cs @@ -0,0 +1,269 @@ +using System; +using System.IO; + +using NUnit.Framework; + +using Org.BouncyCastle.Asn1; +using Org.BouncyCastle.Asn1.X9; +using Org.BouncyCastle.Crypto.Digests; +using Org.BouncyCastle.Crypto.Generators; +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Crypto.Signers; +using Org.BouncyCastle.Math; +using Org.BouncyCastle.Math.EC; +using Org.BouncyCastle.Utilities; +using Org.BouncyCastle.Utilities.Test; + +namespace Org.BouncyCastle.Crypto.Tests +{ + [TestFixture] + public class SM2SignerTest + : SimpleTest + { + private static readonly ECDomainParameters ParametersFpDraft = CreateParamsFpDraft(); + private static readonly ECDomainParameters ParametersF2m = CreateParamsF2m(); + + public override string Name + { + get { return "SM2Signer"; } + } + + private void DoSignerTestFpDraftSM3() + { + DoSignerTest( + ParametersFpDraft, + new SM3Digest(), + "ALICE123@YAHOO.COM", + "message digest", + "128B2FA8BD433C6C068C8D803DFF79792A519A55171B1B650C23661D15897263", + "6CB28D99385C175C94F94E934817663FC176D925DD72B727260DBAAE1FB2F96F", + "40F1EC59F793D9F49E09DCEF49130D4194F79FB1EED2CAA55BACDB49C4E755D1", + "6FC6DAC32C5D5CF10C77DFB20F7C2EB667A457872FB09EC56327A67EC7DEEBE7" + ); + } + + private void DoSignerTestFpDraftSha256() + { + DoSignerTest( + ParametersFpDraft, + new Sha256Digest(), + "ALICE123@YAHOO.COM", + "message digest", + "128B2FA8BD433C6C068C8D803DFF79792A519A55171B1B650C23661D15897263", + "6CB28D99385C175C94F94E934817663FC176D925DD72B727260DBAAE1FB2F96F", + "7D62A5EDBDDC8AF4D69C9E37A60D31F5CEFE8727709117E0869648D0A9AE4F57", + "1E5E89718B716AAFC6253443168E4F7CF7E1B7B3934307686CE5947C1BD55EDA" + ); + } + + private void DoSignerTestFpStandardSM3() + { + DoSignerTest( + "sm2p256v1", + new SM3Digest(), + "sm2test@example.com", + "hi chappy", + "110E7973206F68C19EE5F7328C036F26911C8C73B4E4F36AE3291097F8984FFC", + "3174C6FFC3C279D2422F3FC0A9F3E574674A4490FE45A5325CAF7D3EC4C8F96C", + "05890B9077B92E47B17A1FF42A814280E556AFD92B4A98B9670BF8B1A274C2FA", + "E3ABBB8DB2B6ECD9B24ECCEA7F679FB9A4B1DB52F4AA985E443AD73237FA1993" + ); + } + + private void DoSignerTestFpStandardSha256() + { + DoSignerTest( + "sm2p256v1", + new Sha256Digest(), + "sm2test@example.com", + "hi chappy", + "110E7973206F68C19EE5F7328C036F26911C8C73B4E4F36AE3291097F8984FFC", + "3174C6FFC3C279D2422F3FC0A9F3E574674A4490FE45A5325CAF7D3EC4C8F96C", + "94DA20EA69E4FC70692158BF3D30F87682A4B2F84DF4A4829A1EFC5D9C979D3F", + "EE15AF8D455B728AB80E592FCB654BF5B05620B2F4D25749D263D5C01FAD365F" + ); + } + + private void DoSignerTestFpP256SM3() + { + DoSignerTest( + "P-256", + new SM3Digest(), + "sm2_p256_test@example.com", + "no backdoors here", + "110E7973206F68C19EE5F7328C036F26911C8C73B4E4F36AE3291097F8984FFC", + "3174C6FFC3C279D2422F3FC0A9F3E574674A4490FE45A5325CAF7D3EC4C8F96C", + "96AA39A0C4A5C454653F394E86386F2E38BE14C57D0E555F3A27A5CEF30E51BD", + "62372BE4AC97DBE725AC0B279BB8FD15883858D814FD792DDB0A401DCC988E70" + ); + } + + private void DoSignerTestFpP256Sha256() + { + DoSignerTest( + "P-256", + new Sha256Digest(), + "sm2_p256_test@example.com", + "no backdoors here", + "110E7973206F68C19EE5F7328C036F26911C8C73B4E4F36AE3291097F8984FFC", + "3174C6FFC3C279D2422F3FC0A9F3E574674A4490FE45A5325CAF7D3EC4C8F96C", + "503D234A22123D7029271EB9E0D763619A69868DE8296C13EDD4CA32D280CFDE", + "0BDE97699B77268584DDD238DA120095F01130AD2DB37184270F37C02FB2E86B" + ); + } + + private void DoSignerTestF2m() + { + DoSignerTest( + ParametersF2m, + new SM3Digest(), + "ALICE123@YAHOO.COM", + "message digest", + "771EF3DBFF5F1CDC32B9C572930476191998B2BF7CB981D7F5B39202645F0931", + "36CD79FC8E24B7357A8A7B4A46D454C397703D6498158C605399B341ADA186D6", + "6D3FBA26EAB2A1054F5D198332E335817C8AC453ED26D3391CD4439D825BF25B", + "3124C5688D95F0A10252A9BED033BEC84439DA384621B6D6FAD77F94B74A9556" + ); + } + + private void DoSignerTest(string curveName, IDigest d, string ident, string msg, string x, string nonce, string r, string s) + { + X9ECParameters x9 = ECNamedCurveTable.GetByName(curveName); + ECDomainParameters domainParams = new ECDomainParameters(x9.Curve, x9.G, x9.N, x9.H, x9.GetSeed()); + + DoSignerTest(domainParams, d, ident, msg, x, nonce, r, s); + } + + private void DoSignerTest(ECDomainParameters domainParams, IDigest d, string ident, string msg, string x, string nonce, string r, string s) + { + byte[] idBytes = Strings.ToByteArray(ident); + byte[] msgBytes = Strings.ToByteArray(msg); + AsymmetricCipherKeyPair kp = GenerateKeyPair(domainParams, x); + + SM2Signer signer = new SM2Signer(d); + + signer.Init(true, new ParametersWithID( + new ParametersWithRandom(kp.Private, new TestRandomBigInteger(nonce, 16)), + idBytes)); + + signer.BlockUpdate(msgBytes, 0, msgBytes.Length); + + byte[] sig = signer.GenerateSignature(); + + BigInteger[] rs = Decode(sig); + + IsTrue("r wrong", rs[0].Equals(new BigInteger(r, 16))); + IsTrue("s wrong", rs[1].Equals(new BigInteger(s, 16))); + + signer.Init(false, new ParametersWithID(kp.Public, idBytes)); + + signer.BlockUpdate(msgBytes, 0, msgBytes.Length); + + IsTrue("verification failed", signer.VerifySignature(sig)); + } + + private void DoVerifyBoundsCheck() + { + ECDomainParameters domainParams = ParametersF2m; + + AsymmetricCipherKeyPair kp = GenerateKeyPair(domainParams, "771EF3DBFF5F1CDC32B9C572930476191998B2BF7CB981D7F5B39202645F0931"); + + SM2Signer signer = new SM2Signer(); + + signer.Init(false, kp.Public); + + signer.BlockUpdate(new byte[20], 0, 20); + IsTrue(!signer.VerifySignature(Encode(BigInteger.Zero, BigInteger.ValueOf(8)))); + + signer.BlockUpdate(new byte[20], 0, 20); + IsTrue(!signer.VerifySignature(Encode(BigInteger.ValueOf(8), BigInteger.Zero))); + + signer.BlockUpdate(new byte[20], 0, 20); + IsTrue(!signer.VerifySignature(Encode(domainParams.N, BigInteger.ValueOf(8)))); + + signer.BlockUpdate(new byte[20], 0, 20); + IsTrue(!signer.VerifySignature(Encode(BigInteger.ValueOf(8), domainParams.N))); + } + + public override void PerformTest() + { + DoSignerTestFpDraftSM3(); + DoSignerTestFpDraftSha256(); + DoSignerTestFpStandardSM3(); + DoSignerTestFpStandardSha256(); + DoSignerTestFpP256SM3(); + DoSignerTestFpP256Sha256(); + DoSignerTestF2m(); + DoVerifyBoundsCheck(); + } + + private static ECDomainParameters CreateParamsFpDraft() + { + BigInteger SM2_ECC_P = new BigInteger("8542D69E4C044F18E8B92435BF6FF7DE457283915C45517D722EDB8B08F1DFC3", 16); + BigInteger SM2_ECC_A = new BigInteger("787968B4FA32C3FD2417842E73BBFEFF2F3C848B6831D7E0EC65228B3937E498", 16); + BigInteger SM2_ECC_B = new BigInteger("63E4C6D3B23B0C849CF84241484BFE48F61D59A5B16BA06E6E12D1DA27C5249A", 16); + BigInteger SM2_ECC_N = new BigInteger("8542D69E4C044F18E8B92435BF6FF7DD297720630485628D5AE74EE7C32E79B7", 16); + BigInteger SM2_ECC_H = BigInteger.One; + BigInteger SM2_ECC_GX = new BigInteger("421DEBD61B62EAB6746434EBC3CC315E32220B3BADD50BDC4C4E6C147FEDD43D", 16); + BigInteger SM2_ECC_GY = new BigInteger("0680512BCBB42C07D47349D2153B70C4E5D7FDFCBFA36EA1A85841B9E46E09A2", 16); + + ECCurve curve = new FpCurve(SM2_ECC_P, SM2_ECC_A, SM2_ECC_B, SM2_ECC_N, SM2_ECC_H); + ECPoint g = curve.CreatePoint(SM2_ECC_GX, SM2_ECC_GY); + return new ECDomainParameters(curve, g, SM2_ECC_N, SM2_ECC_H); + } + + private static ECDomainParameters CreateParamsF2m() + { + BigInteger SM2_ECC_A = new BigInteger("00", 16); + BigInteger SM2_ECC_B = new BigInteger("E78BCD09746C202378A7E72B12BCE00266B9627ECB0B5A25367AD1AD4CC6242B", 16); + BigInteger SM2_ECC_N = new BigInteger("7FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFBC972CF7E6B6F900945B3C6A0CF6161D", 16); + BigInteger SM2_ECC_H = BigInteger.ValueOf(4); + BigInteger SM2_ECC_GX = new BigInteger("00CDB9CA7F1E6B0441F658343F4B10297C0EF9B6491082400A62E7A7485735FADD", 16); + BigInteger SM2_ECC_GY = new BigInteger("013DE74DA65951C4D76DC89220D5F7777A611B1C38BAE260B175951DC8060C2B3E", 16); + + ECCurve curve = new F2mCurve(257, 12, SM2_ECC_A, SM2_ECC_B, SM2_ECC_N, SM2_ECC_H); + ECPoint g = curve.CreatePoint(SM2_ECC_GX, SM2_ECC_GY); + return new ECDomainParameters(curve, g, SM2_ECC_N, SM2_ECC_H); + } + + private static BigInteger[] Decode(byte[] sig) + { + Asn1Sequence s = Asn1Sequence.GetInstance(sig); + + return new BigInteger[] { + DecodeValue(s[0]), + DecodeValue(s[1]) }; + } + + private static BigInteger DecodeValue(Asn1Encodable e) + { + return DerInteger.GetInstance(e).Value; + } + + private static byte[] Encode(BigInteger r, BigInteger s) + { + return new DerSequence(new DerInteger(r), new DerInteger(s)).GetEncoded(); + } + + private static AsymmetricCipherKeyPair GenerateKeyPair(ECDomainParameters domainParams, string x) + { + ECKeyPairGenerator kpg = new ECKeyPairGenerator(); + kpg.Init(new ECKeyGenerationParameters(domainParams, new TestRandomBigInteger(x, 16))); + return kpg.GenerateKeyPair(); + } + + public static void Main( + string[] args) + { + RunTest(new SM2SignerTest()); + } + + [Test] + public void TestFunction() + { + string resultText = Perform().ToString(); + + Assert.AreEqual(Name + ": Okay", resultText); + } + } +} diff --git a/BouncyCastle/crypto/test/src/crypto/test/SM3DigestTest.cs b/BouncyCastle/crypto/test/src/crypto/test/SM3DigestTest.cs new file mode 100644 index 0000000..ae29a15 --- /dev/null +++ b/BouncyCastle/crypto/test/src/crypto/test/SM3DigestTest.cs @@ -0,0 +1,207 @@ +using System; + +using NUnit.Framework; + +using Org.BouncyCastle.Crypto.Digests; +using Org.BouncyCastle.Utilities.Encoders; + +namespace Org.BouncyCastle.Crypto.Tests +{ + /** + * standard vector test for SM3 digest from chinese specification + */ + [TestFixture] + public class SM3DigestTest + : DigestTest + { + private static string[] messages = { + // Standard test vectors + "abc", + "abcdabcdabcdabcdabcdabcdabcdabcdabcdabcdabcdabcdabcdabcdabcdabcd", + // Non-standard test vectors + "", + "a", + "abcdefghijklmnopqrstuvwxyz", + }; + + private static string[] hexMessages = { + /* 2 p.57 ZA */ + "0090" + + "414C494345313233405941484F4F2E434F4D" + + "787968B4FA32C3FD2417842E73BBFEFF2F3C848B6831D7E0EC65228B3937E498" + + "63E4C6D3B23B0C849CF84241484BFE48F61D59A5B16BA06E6E12D1DA27C5249A" + + "421DEBD61B62EAB6746434EBC3CC315E32220B3BADD50BDC4C4E6C147FEDD43D" + + "0680512BCBB42C07D47349D2153B70C4E5D7FDFCBFA36EA1A85841B9E46E09A2" + + "0AE4C7798AA0F119471BEE11825BE46202BB79E2A5844495E97C04FF4DF2548A" + + "7C0240F88F1CD4E16352A73C17B7F16F07353E53A176D684A9FE0C6BB798E857", + /* 3 p.59 ZA */ + "0090" + + "414C494345313233405941484F4F2E434F4D" + + "000000000000000000000000000000000000000000000000000000000000000000" + + "00E78BCD09746C202378A7E72B12BCE00266B9627ECB0B5A25367AD1AD4CC6242B" + + "00CDB9CA7F1E6B0441F658343F4B10297C0EF9B6491082400A62E7A7485735FADD" + + "013DE74DA65951C4D76DC89220D5F7777A611B1C38BAE260B175951DC8060C2B3E" + + "0165961645281A8626607B917F657D7E9382F1EA5CD931F40F6627F357542653B2" + + "01686522130D590FB8DE635D8FCA715CC6BF3D05BEF3F75DA5D543454448166612", + /* 4 p.72 ZA */ + "0090" + + "414C494345313233405941484F4F2E434F4D" + + "787968B4FA32C3FD2417842E73BBFEFF2F3C848B6831D7E0EC65228B3937E498" + + "63E4C6D3B23B0C849CF84241484BFE48F61D59A5B16BA06E6E12D1DA27C5249A" + + "421DEBD61B62EAB6746434EBC3CC315E32220B3BADD50BDC4C4E6C147FEDD43D" + + "0680512BCBB42C07D47349D2153B70C4E5D7FDFCBFA36EA1A85841B9E46E09A2" + + "3099093BF3C137D8FCBBCDF4A2AE50F3B0F216C3122D79425FE03A45DBFE1655" + + "3DF79E8DAC1CF0ECBAA2F2B49D51A4B387F2EFAF482339086A27A8E05BAED98B", + /* 5 p.72 ZB */ + "0088" + + "42494C4C343536405941484F4F2E434F4D" + + "787968B4FA32C3FD2417842E73BBFEFF2F3C848B6831D7E0EC65228B3937E498" + + "63E4C6D3B23B0C849CF84241484BFE48F61D59A5B16BA06E6E12D1DA27C5249A" + + "421DEBD61B62EAB6746434EBC3CC315E32220B3BADD50BDC4C4E6C147FEDD43D" + + "0680512BCBB42C07D47349D2153B70C4E5D7FDFCBFA36EA1A85841B9E46E09A2" + + "245493D446C38D8CC0F118374690E7DF633A8A4BFB3329B5ECE604B2B4F37F43" + + "53C0869F4B9E17773DE68FEC45E14904E0DEA45BF6CECF9918C85EA047C60A4C", + /* 6 p.75 ZA */ + "0090" + + "414C494345313233405941484F4F2E434F4D" + + "000000000000000000000000000000000000000000000000000000000000000000" + + "00E78BCD09746C202378A7E72B12BCE00266B9627ECB0B5A25367AD1AD4CC6242B" + + "00CDB9CA7F1E6B0441F658343F4B10297C0EF9B6491082400A62E7A7485735FADD" + + "013DE74DA65951C4D76DC89220D5F7777A611B1C38BAE260B175951DC8060C2B3E" + + "008E3BDB2E11F9193388F1F901CCC857BF49CFC065FB38B9069CAAE6D5AFC3592F" + + "004555122AAC0075F42E0A8BBD2C0665C789120DF19D77B4E3EE4712F598040415", + /* 7 p.76 ZB */ + "0088" + + "42494C4C343536405941484F4F2E434F4D" + + "000000000000000000000000000000000000000000000000000000000000000000" + + "00E78BCD09746C202378A7E72B12BCE00266B9627ECB0B5A25367AD1AD4CC6242B" + + "00CDB9CA7F1E6B0441F658343F4B10297C0EF9B6491082400A62E7A7485735FADD" + + "013DE74DA65951C4D76DC89220D5F7777A611B1C38BAE260B175951DC8060C2B3E" + + "0034297DD83AB14D5B393B6712F32B2F2E938D4690B095424B89DA880C52D4A7D9" + + "0199BBF11AC95A0EA34BBD00CA50B93EC24ACB68335D20BA5DCFE3B33BDBD2B62D", + /* 8 TopsecCA cert ZA */ + "0080" + + "31323334353637383132333435363738" + + "FFFFFFFEFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF00000000FFFFFFFFFFFFFFFC" + + "28E9FA9E9D9F5E344D5A9E4BCF6509A7F39789F515AB8F92DDBCBD414D940E93" + + "32C4AE2C1F1981195F9904466A39C9948FE30BBFF2660BE1715A4589334C74C7" + + "BC3736A2F4F6779C59BDCEE36B692153D0A9877CC62A474002DF32E52139F0A0" + + "D69C2F1EEC3BFB6B95B30C28085C77B125D77A9C39525D8190768F37D6B205B5" + + "89DCD316BBE7D89A9DC21917F17799E698531F5E6E3E10BD31370B259C3F81C3", + /* 9 */ + "4D38D2958CA7FD2CFAE3AF04486959CF92C8EF48E8B83A05C112E739D5F181D0" + + "3082020CA003020102020900" + + "AF28725D98D33143300C06082A811CCF" + + "550183750500307D310B300906035504" + + "060C02636E310B300906035504080C02" + + "626A310B300906035504070C02626A31" + + "0F300D060355040A0C06746F70736563" + + "310F300D060355040B0C06746F707365" + + "633111300F06035504030C08546F7073" + + "65634341311F301D06092A864886F70D" + + "0109010C10626A40746F707365632E63" + + "6F6D2E636E301E170D31323036323430" + + "37353433395A170D3332303632303037" + + "353433395A307D310B30090603550406" + + "0C02636E310B300906035504080C0262" + + "6A310B300906035504070C02626A310F" + + "300D060355040A0C06746F7073656331" + + "0F300D060355040B0C06746F70736563" + + "3111300F06035504030C08546F707365" + + "634341311F301D06092A864886F70D01" + + "09010C10626A40746F707365632E636F" + + "6D2E636E3059301306072A8648CE3D02" + + "0106082A811CCF5501822D03420004D6" + + "9C2F1EEC3BFB6B95B30C28085C77B125" + + "D77A9C39525D8190768F37D6B205B589" + + "DCD316BBE7D89A9DC21917F17799E698" + + "531F5E6E3E10BD31370B259C3F81C3A3" + + "733071300F0603551D130101FF040530" + + "030101FF301D0603551D0E041604148E" + + "5D90347858BAAAD870D8BDFBA6A85E7B" + + "563B64301F0603551D23041830168014" + + "8E5D90347858BAAAD870D8BDFBA6A85E" + + "7B563B64300B0603551D0F0404030201" + + "06301106096086480186F84201010404" + + "03020057", + }; + + private static string[] digests = { + // Standard test vectors + "66c7f0f462eeedd9d1f2d46bdc10e4e24167c4875cf2f7a2297da02b8f4ba8e0", + "debe9ff92275b8a138604889c18e5a4d6fdb70e5387e5765293dcba39c0c5732", + // Non-standard test vectors + "1ab21d8355cfa17f8e61194831e81a8f22bec8c728fefb747ed035eb5082aa2b", + "623476ac18f65a2909e43c7fec61b49c7e764a91a18ccb82f1917a29c86c5e88", + "b80fe97a4da24afc277564f66a359ef440462ad28dcc6d63adb24d5c20a61595", + // Additional vectors for GMSSL + "F4A38489E32B45B6F876E3AC2168CA392362DC8F23459C1D1146FC3DBFB7BC9A", + "26352AF82EC19F207BBC6F9474E11E90CE0F7DDACE03B27F801817E897A81FD5", + "E4D1D0C3CA4C7F11BC8FF8CB3F4C02A78F108FA098E51A668487240F75E20F31", + "6B4B6D0E276691BD4A11BF72F4FB501AE309FDACB72FA6CC336E6656119ABD67", + "329c2f6030cc7e0ca3af6c97b76243ca250338ad3d3dc3a8b322d1cfdf98c2b7", // original appears wrong -> "ECF0080215977B2E5D6D61B98A99442F03E8803DC39E349F8DCA5621A9ACDF2B", + "557BAD30E183559AEEC3B2256E1C7C11F870D22B165D015ACF9465B09B87B527", + "4D38D2958CA7FD2CFAE3AF04486959CF92C8EF48E8B83A05C112E739D5F181D0", + "C3B02E500A8B60B77DEDCF6F4C11BEF8D56E5CDE708C72065654FD7B2167915A", + }; + + private static string sixtyFourKdigest = "97049bdc8f0736bc7300eafa9980aeb9cf00f24f7ec3a8f1f8884954d7655c1d"; + private static string million_a_digest = "c8aaf89429554029e231941a2acc0ad61ff2a5acd8fadd25847a3a732b3b02c3"; + + public SM3DigestTest() + : base(new SM3Digest(), messages, digests) + { + } + + public override void PerformTest() + { + base.PerformTest(); + + SM3Digest dig = new SM3Digest(); + byte[] resBuf = new byte[dig.GetDigestSize()]; + + VectorTest(dig, 10, resBuf, Hex.Decode(hexMessages[0]), Hex.Decode(digests[messages.Length])); + VectorTest(dig, 11, resBuf, Hex.Decode(hexMessages[1]), Hex.Decode(digests[messages.Length + 1])); + VectorTest(dig, 12, resBuf, Hex.Decode(hexMessages[2]), Hex.Decode(digests[messages.Length + 2])); + VectorTest(dig, 13, resBuf, Hex.Decode(hexMessages[3]), Hex.Decode(digests[messages.Length + 3])); + VectorTest(dig, 14, resBuf, Hex.Decode(hexMessages[4]), Hex.Decode(digests[messages.Length + 4])); + VectorTest(dig, 15, resBuf, Hex.Decode(hexMessages[5]), Hex.Decode(digests[messages.Length + 5])); + VectorTest(dig, 16, resBuf, Hex.Decode(hexMessages[6]), Hex.Decode(digests[messages.Length + 6])); + VectorTest(dig, 17, resBuf, Hex.Decode(hexMessages[7]), Hex.Decode(digests[messages.Length + 7])); + + sixtyFourKTest(sixtyFourKdigest); + millionATest(million_a_digest); + } + + protected virtual void VectorTest(IDigest digest, int count, + byte[] resBuf, byte[] input, byte[] expected) + { + digest.BlockUpdate(input, 0, input.Length); + digest.DoFinal(resBuf, 0); + + if (!AreEqual(resBuf, expected)) + { + Fail("Vector " + count + " failed got " + Hex.ToHexString(resBuf)); + } + } + + protected override IDigest CloneDigest(IDigest digest) + { + return new SM3Digest((SM3Digest)digest); + } + + public static void Main( + string[] args) + { + RunTest(new SM3DigestTest()); + } + + [Test] + public void TestFunction() + { + string resultText = Perform().ToString(); + + Assert.AreEqual(Name + ": Okay", resultText); + } + } +} diff --git a/BouncyCastle/crypto/test/src/crypto/test/SM4Test.cs b/BouncyCastle/crypto/test/src/crypto/test/SM4Test.cs new file mode 100644 index 0000000..ae2f18b --- /dev/null +++ b/BouncyCastle/crypto/test/src/crypto/test/SM4Test.cs @@ -0,0 +1,93 @@ +using System; + +using NUnit.Framework; + +using Org.BouncyCastle.Crypto.Engines; +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Utilities.Encoders; +using Org.BouncyCastle.Utilities.Test; + +namespace Org.BouncyCastle.Crypto.Tests +{ + /** + * SM4 tester, vectors from http://eprint.iacr.org/2008/329.pdf + */ + [TestFixture] + public class SM4Test + : CipherTest + { + static SimpleTest[] tests = + { + new BlockCipherVectorTest(0, new SM4Engine(), + new KeyParameter(Hex.Decode("0123456789abcdeffedcba9876543210")), + "0123456789abcdeffedcba9876543210", + "681edf34d206965e86b3e94f536e4246") + }; + + public SM4Test() + : base(tests, new SM4Engine(), new KeyParameter(new byte[16])) + { + } + + public override void PerformTest() + { + base.PerformTest(); + + DoTest1000000(); + } + + private void DoTest1000000() + { + byte[] plain = Hex.Decode("0123456789abcdeffedcba9876543210"); + byte[] key = Hex.Decode("0123456789abcdeffedcba9876543210"); + byte[] cipher = Hex.Decode("595298c7c6fd271f0402f804c33d3f66"); + byte[] buf = new byte[16]; + + IBlockCipher engine = new SM4Engine(); + + engine.Init(true, new KeyParameter(key)); + + Array.Copy(plain, 0, buf, 0, buf.Length); + + for (int i = 0; i != 1000000; i++) + { + engine.ProcessBlock(buf, 0, buf, 0); + } + + if (!AreEqual(cipher, buf)) + { + Fail("1000000 encryption test failed"); + } + + engine.Init(false, new KeyParameter(key)); + + for (int i = 0; i != 1000000; i++) + { + engine.ProcessBlock(buf, 0, buf, 0); + } + + if (!AreEqual(plain, buf)) + { + Fail("1000000 decryption test failed"); + } + } + + public override string Name + { + get { return "SM4"; } + } + + public static void Main(string[] args) + { + RunTest(new SM4Test()); + } + + [Test] + public void TestFunction() + { + string resultText = Perform().ToString(); + + Assert.AreEqual(Name + ": Okay", resultText); + } + } +} diff --git a/BouncyCastle/crypto/test/src/crypto/test/SP80038GTest.cs b/BouncyCastle/crypto/test/src/crypto/test/SP80038GTest.cs new file mode 100644 index 0000000..676a564 --- /dev/null +++ b/BouncyCastle/crypto/test/src/crypto/test/SP80038GTest.cs @@ -0,0 +1,599 @@ + +using NUnit.Framework; + +using System; + +using Org.BouncyCastle.Crypto; +using Org.BouncyCastle.Crypto.Digests; +using Org.BouncyCastle.Crypto.Utilities; +using Org.BouncyCastle.Crypto.Fpe; +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Utilities; +using Org.BouncyCastle.Utilities.Encoders; +using Org.BouncyCastle.Utilities.Test; + +namespace Org.BouncyCastle.Crypto.Tests +{ + [TestFixture] + public class SP80038GTest + : SimpleTest + { + private class FFSample + { + private readonly int radix; + private readonly byte[] key; + private readonly byte[] plaintext; + private readonly byte[] ciphertext; + private readonly byte[] tweak; + + public static FFSample from(int radix, String hexKey, String asciiPT, String asciiCT, String hexTweak) + { + return new FFSample(radix, fromHex(hexKey), fromAscii(radix, asciiPT), fromAscii(radix, asciiCT), fromHex(hexTweak)); + } + + private static byte fromAlphaNumeric(char c) + { + if (c >= '0' && c <= '9') + { + return (byte)(c - '0'); + } + else if (c >= 'a' && c <= 'z') + { + return (byte)(10 + (c - 'a')); + } + else if (c >= 'A' && c <= 'Z') + { + return (byte)(36 + (c - 'A')); + } + else + { + throw new ArgumentException(); + } + } + + private static byte[] fromAscii(int radix, string ascii) + { + byte[] result = new byte[ascii.Length]; + for (int i = 0; i < result.Length; ++i) + { + result[i] = fromAlphaNumeric(ascii[i]); + if (result[i] < 0 || result[i] >= radix) + { + throw new ArgumentException(); + } + } + return result; + } + + private static byte[] fromHex(string hex) + { + return Hex.Decode(hex); + } + + private FFSample(int radix, byte[] key, byte[] plaintext, byte[] ciphertext, byte[] tweak) + { + this.radix = radix; + this.key = key; + this.plaintext = plaintext; + this.ciphertext = ciphertext; + this.tweak = tweak; + } + + public byte[] getCiphertext() + { + return ciphertext; + } + + public byte[] getKey() + { + return key; + } + + public byte[] getPlaintext() + { + return plaintext; + } + + public int getRadix() + { + return radix; + } + + public byte[] getTweak() + { + return tweak; + } + } + + private static FFSample[] ff1Samples = new FFSample[] + { + // FF1-AES128 + FFSample.from(10, "2B7E151628AED2A6ABF7158809CF4F3C", "0123456789", "2433477484", ""), + FFSample.from(10, "2B7E151628AED2A6ABF7158809CF4F3C", "0123456789", "6124200773", "39383736353433323130"), + FFSample.from(36, "2B7E151628AED2A6ABF7158809CF4F3C", "0123456789abcdefghi", "a9tv40mll9kdu509eum", "3737373770717273373737"), + + // FF1-AES192 + FFSample.from(10, "2B7E151628AED2A6ABF7158809CF4F3CEF4359D8D580AA4F", "0123456789", "2830668132", ""), + FFSample.from(10, "2B7E151628AED2A6ABF7158809CF4F3CEF4359D8D580AA4F", "0123456789", "2496655549", "39383736353433323130"), + FFSample.from(36, "2B7E151628AED2A6ABF7158809CF4F3CEF4359D8D580AA4F", "0123456789abcdefghi", "xbj3kv35jrawxv32ysr", "3737373770717273373737"), + + // FF1-AES256 + FFSample.from(10, "2B7E151628AED2A6ABF7158809CF4F3CEF4359D8D580AA4F7F036D6F04FC6A94", "0123456789", "6657667009", ""), + FFSample.from(10, "2B7E151628AED2A6ABF7158809CF4F3CEF4359D8D580AA4F7F036D6F04FC6A94", "0123456789", "1001623463", "39383736353433323130"), + FFSample.from(36, "2B7E151628AED2A6ABF7158809CF4F3CEF4359D8D580AA4F7F036D6F04FC6A94", "0123456789abcdefghi", "xs8a0azh2avyalyzuwd", "3737373770717273373737"), + }; + + private static FFSample[] ff3_1Samples = new FFSample[] + { + // FF3-AES128 + FFSample.from(62, "7793833CE891B496381BD5B882F77EA1", "YbpT3hDo0J9xwCQ5qUWt93iv", "dDEYxViK56lGbV1WdZTPTe4w", "C58797C2580174"), + }; + + private void testFF1() + { + for (int i = 0; i < ff1Samples.Length; ++i) + { + testFF1Sample(ff1Samples[i]); + } + + byte[] key = Hex.Decode("EF4359D8D580AA4F7F036D6F04FC6A942B7E151628AED2A6"); + byte[] plainText = Hex.Decode("0327035100210215"); + byte[] tweak = Hex.Decode("39383736353433323130"); + + FpeEngine fpeEngine = new FpeFf1Engine(); + + fpeEngine.Init(true, new FpeParameters(new KeyParameter(key), 24, tweak)); + + try + { + fpeEngine.ProcessBlock(plainText, 0, plainText.Length, plainText, 0); + Fail("no exception"); + } + catch (ArgumentException e) + { + IsEquals("input data outside of radix", e.Message); + } + + try + { + fpeEngine.ProcessBlock(new byte[] { 1 }, 0, 1, plainText, 0); + Fail("no exception"); + } + catch (ArgumentException e) + { + IsEquals("input too short", e.Message); + } + } + + public void testFF1w() + { + byte[] key = Hex.Decode("EF4359D8D580AA4F7F036D6F04FC6A942B7E151628AED2A6"); + byte[] plainText = Hex.Decode("0327035100210215"); + byte[] cipherText = Hex.Decode("022701f80217020a"); + byte[] tweak = Hex.Decode("39383736353433323130"); + + FpeEngine fpeEngine = new FpeFf1Engine(); + + fpeEngine.Init(true, new FpeParameters(new KeyParameter(key), 1024, tweak)); + + byte[] enc = new byte[plainText.Length]; + + fpeEngine.ProcessBlock(plainText, 0, plainText.Length, enc, 0); + + AreEqual(cipherText, enc); + + fpeEngine.Init(false, new FpeParameters(new KeyParameter(key), 1024, tweak)); + + fpeEngine.ProcessBlock(cipherText, 0, cipherText.Length, enc, 0); + + AreEqual(plainText, enc); + + byte[] outPt = Hex.Decode("03270F5100210215"); + + try + { + fpeEngine.ProcessBlock(outPt, 0, outPt.Length, enc, 0); + } + catch (ArgumentException e) + { + IsEquals("input data outside of radix", e.Message); + } + } + + public void testFF3_1() + { + for (int i = 0; i < ff3_1Samples.Length; ++i) + { + testFF3_1Sample(ff3_1Samples[i]); + } + + byte[] key = Hex.Decode("EF4359D8D580AA4F7F036D6F04FC6A942B7E151628AED2A6"); + byte[] plainText = Hex.Decode("0327035100210215"); + byte[] tweak = Hex.Decode("39383736353433"); + + FpeEngine fpeEngine = new FpeFf3_1Engine(); + + fpeEngine.Init(true, new FpeParameters(new KeyParameter(key), 24, tweak)); + + try + { + fpeEngine.ProcessBlock(plainText, 0, plainText.Length, plainText, 0); + Fail("no exception"); + } + catch (ArgumentException e) + { + IsEquals("input data outside of radix", e.Message); + } + + try + { + fpeEngine.Init(true, new FpeParameters(new KeyParameter(key), 24, Hex.Decode("beef"))); + + Fail("no exception"); + } + catch (ArgumentException e) + { + IsEquals("tweak should be 56 bits", e.Message); + } + } + + private void testFF3_1w() + { + byte[] key = Hex.Decode("EF4359D8D580AA4F7F036D6F04FC6A942B7E151628AED2A6"); + byte[] plainText = Hex.Decode("0327035100210215"); + byte[] cipherText = Hex.Decode("02fb024900310220"); + byte[] tweak = Hex.Decode("39383736353433"); + + FpeEngine fpeEngine = new FpeFf3_1Engine(); + + fpeEngine.Init(true, new FpeParameters(new KeyParameter(key), 1024, tweak)); + + byte[] enc = new byte[plainText.Length]; + + fpeEngine.ProcessBlock(plainText, 0, plainText.Length, enc, 0); + + IsTrue("enc failed: " + Hex.ToHexString(enc), AreEqual(cipherText, enc)); + + fpeEngine.Init(false, new FpeParameters(new KeyParameter(key), 1024, tweak)); + + fpeEngine.ProcessBlock(cipherText, 0, cipherText.Length, enc, 0); + + IsTrue(AreEqual(plainText, enc)); + + byte[] outPt = Hex.Decode("03270F5100210215"); + + try + { + fpeEngine.ProcessBlock(outPt, 0, outPt.Length, enc, 0); + } + catch (ArgumentException e) + { + IsEquals("input data outside of radix", e.Message); + } + } + + private void testDisable() + { +#if NETCF_1_0 || NETCF_2_0 || SILVERLIGHT || (PORTABLE && !DOTNET) || NET_1_1 + // Can't SetEnvironmentVariable ! +#else + Environment.SetEnvironmentVariable("org.bouncycastle.fpe.disable", "true"); + try + { + testFF1(); + Fail("no exception"); + } + catch (InvalidOperationException e) + { + IsEquals("FF1 encryption disabled", e.Message); + } + + try + { + testFF3_1(); + Fail("no exception"); + } + catch (InvalidOperationException e) + { + IsEquals("FPE disabled", e.Message); + } + Environment.SetEnvironmentVariable("org.bouncycastle.fpe.disable", "false"); + + Environment.SetEnvironmentVariable("org.bouncycastle.fpe.disable_ff1", "true"); + try + { + testFF1(); + Fail("no exception"); + } + catch (InvalidOperationException e) + { + IsEquals("FF1 encryption disabled", e.Message); + } + + testFF3_1(); + Environment.SetEnvironmentVariable("org.bouncycastle.fpe.disable_ff1", "false"); +#endif + } + + private void testFF3_1_255() + { + byte[] key = Hex.Decode("339BB5B1F2D44BAABF87CA1B7380CDC8"); + byte[] tweak = Hex.Decode("3F096DE35BFA31"); + int radix = 256; + + FpeEngine fpeEngine = new FpeFf3_1Engine(); + + fpeEngine.Init(true, new FpeParameters(new KeyParameter(key), radix, tweak)); + + ulong valueToEncrypt = 0x31009155FFL; + + byte[] bytes = Hex.Decode("00000031009155FF"); + byte[] enc = new byte[bytes.Length]; + //Encrypt + + fpeEngine.ProcessBlock(bytes, 0, bytes.Length, enc, 0); + + IsTrue(Arrays.AreEqual(Hex.Decode("18fa139dc978a681"), enc)); + + //Decrypt + fpeEngine.Init(false, new FpeParameters(new KeyParameter(key), radix, tweak)); + + fpeEngine.ProcessBlock(enc, 0, enc.Length, enc, 0); + + IsTrue(Arrays.AreEqual(bytes, enc)); + } + + private void testFF1Sample(FFSample ff1) + { + FpeEngine fpeEngine = new FpeFf1Engine(); + + fpeEngine.Init(true, new FpeParameters(new KeyParameter(ff1.getKey()), ff1.getRadix(), ff1.getTweak())); + + byte[] plain = ff1.getPlaintext(); + byte[] enc = new byte[plain.Length]; + + fpeEngine.ProcessBlock(plain, 0, plain.Length, enc, 0); + + IsTrue(AreEqual(ff1.getCiphertext(), enc)); + + fpeEngine.Init(false, new FpeParameters(new KeyParameter(ff1.getKey()), ff1.getRadix(), ff1.getTweak())); + + fpeEngine.ProcessBlock(ff1.getCiphertext(), 0, ff1.getCiphertext().Length, enc, 0); + + IsTrue(AreEqual(ff1.getPlaintext(), enc)); + } + + private void testFF3_1Sample(FFSample ff3_1) + { + FpeEngine fpeEngine = new FpeFf3_1Engine(); + + fpeEngine.Init(true, new FpeParameters(new KeyParameter(ff3_1.getKey()), ff3_1.getRadix(), ff3_1.getTweak())); + + byte[] plain = ff3_1.getPlaintext(); + byte[] enc = new byte[plain.Length]; + + fpeEngine.ProcessBlock(plain, 0, plain.Length, enc, 0); + + IsTrue(AreEqual(ff3_1.getCiphertext(), enc)); + + fpeEngine.Init(false, new FpeParameters(new KeyParameter(ff3_1.getKey()), ff3_1.getRadix(), ff3_1.getTweak())); + + fpeEngine.ProcessBlock(ff3_1.getCiphertext(), 0, plain.Length, enc, 0); + + IsTrue(AreEqual(ff3_1.getPlaintext(), enc)); + } + + public void testFF1Bounds() + { + byte[] key = Hex.Decode("339BB5B1F2D44BAABF87CA1B7380CDC8"); + byte[] tweak = Hex.Decode("3F096DE35BFA31"); + + FpeEngine fpeEngine = new FpeFf1Engine(); + + try + { + IAlphabetMapper alphabetMapper = new BasicAlphabetMapper("ABCDEFGHI"); + + fpeEngine.Init(true, new FpeParameters(new KeyParameter(key), + alphabetMapper.Radix, tweak)); + + process(fpeEngine, new byte[] { 1, 2, 3 }); + Fail("no exception"); + } + catch (ArgumentException e) + { + IsEquals("input too short", e.Message); + } + + try + { + IAlphabetMapper alphabetMapper = new BasicAlphabetMapper("ABCD"); + + fpeEngine.Init(true, new FpeParameters(new KeyParameter(key), + alphabetMapper.Radix, tweak)); + + process(fpeEngine, new byte[] { 1, 2, 3 }); + Fail("no exception"); + } + catch (ArgumentException e) + { + IsEquals("input too short", e.Message); + } + } + + private void testFF3_1Bounds() + { + String bigAlpha = "+-ABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789abcdefghijklmnopqrstuvwxyz"; + + IAlphabetMapper alphabetMapper = new BasicAlphabetMapper(bigAlpha); + + ff3_1Test(alphabetMapper, "467094C27E47978FE616F475215BF4F1", "ECC8AA7B87B41C", "9RwG+t8cKfa9JweBYgHAA6fHUShNZ5tc", "-DXMBhb3AFPq5Xf4oUva4WbB8eagGK2u"); + ff3_1Test(alphabetMapper, "4DB04B58E97819015A08BA7A39A79C303968A34DB0936FAD", "26B3A632FAADFE", "k5Kop6xYpT0skr1zHHPEt5rPWQ4s4O-3", "JyWzuPL6SNsciOXdEgwnKZJxHiKaTu4Z"); + ff3_1Test(alphabetMapper, "15567AA6CD8CCA401ADB6A10730655AEEC10E9101FD3969A", "379B9572B687A6", "ZpztPp90Oo5ekoNRzqArsAqAbnmM--W6", "NPxEDufvnYzVX3jxupv+iJOuPVpWRPjD"); + try + { + ff3_1Test(alphabetMapper, "15567AA6CD8CCA401ADB6A10730655AEEC10E9101FD3969A", "379B9572B687A6", "ZpztPp90Oo5ekoNRzqArsAqAbnmM+-W6ZZ", "L1yx-4YLQG9W1P5yTI7Wp2h0IDcRoBq1kk"); + Fail("no exception 1"); + } + catch (ArgumentException e) + { + IsEquals("maximum input length is 32", e.Message); + } + + try + { + ff3_1Test(alphabetMapper, "15567AA6CD8CCA401ADB6A10730655AEEC10E9101FD3969A", "379B9572B687A6", "Z", "L"); + Fail("no exception 2"); + } + catch (ArgumentException e) + { + IsEquals("input too short", e.Message); + } + + try + { + alphabetMapper = new BasicAlphabetMapper("ABCDEFGHI"); + + ff3_1Test(alphabetMapper, "15567AA6CD8CCA401ADB6A10730655AEEC10E9101FD3969A", "379B9572B687A6", "AB", "ZZ"); + Fail("no exception 3"); + } + catch (ArgumentException e) + { + IsEquals("input too short", e.Message); + } + } + + private void ff3_1Test(IAlphabetMapper alphabetMapper, String skey, String stweak, String input, String output) + { + FpeEngine fpeEncEngine = new FpeFf3_1Engine(); + FpeEngine fpeDecEngine = new FpeFf3_1Engine(); + + byte[] key = Hex.Decode(skey); + byte[] tweak = Hex.Decode(stweak); + int radix = alphabetMapper.Radix; + + fpeEncEngine.Init(true, new FpeParameters(new KeyParameter(key), radix, tweak)); + fpeDecEngine.Init(false, new FpeParameters(new KeyParameter(key), radix, tweak)); + + byte[] bytes = alphabetMapper.ConvertToIndexes(input.ToCharArray()); + + byte[] encryptedBytes = process(fpeEncEngine, bytes); + IsEquals(output, new String(alphabetMapper.ConvertToChars(encryptedBytes))); + + byte[] decryptedBytes = process(fpeDecEngine, encryptedBytes); + IsTrue(Arrays.AreEqual(bytes, decryptedBytes)); + char[] chars = alphabetMapper.ConvertToChars(decryptedBytes); + IsEquals(input, new String(chars)); + } + + private byte[] process(FpeEngine fpeEngine, byte[] bytes) + { + byte[] rv = new byte[bytes.Length]; + + fpeEngine.ProcessBlock(bytes, 0, bytes.Length, rv, 0); + + return rv; + } + + public void testUtility() + { + FpeCharEncryptor fpeEnc = new FpeCharEncryptor(new FpeFf1Engine(), Hex.Decode("2B7E151628AED2A6ABF7158809CF4F3C"), "0123456789".ToCharArray()); + + char[] input = "01234567890123456".ToCharArray(); + char[] encrypted = fpeEnc.Process(input); + + FpeCharDecryptor fpeDec = new FpeCharDecryptor(new FpeFf1Engine(), Hex.Decode("2B7E151628AED2A6ABF7158809CF4F3C"), "0123456789".ToCharArray()); + char[] decrypted = fpeDec.Process(encrypted); + + IsTrue("no match", Arrays.AreEqual(input, decrypted)); + } + + public override void PerformTest() + { + testFF1(); + testFF1w(); + testFF1Bounds(); + testFF3_1(); + testFF3_1w(); + testFF3_1_255(); + testFF3_1Bounds(); + testDisable(); + testUtility(); + } + + public override string Name + { + get { return "SP80038GTest"; } + } + + public static void Main(string[] args) + { + RunTest(new SP80038GTest()); + } + + [Test] + public void TestFunction() + { + string resultText = Perform().ToString(); + + Assert.AreEqual(Name + ": Okay", resultText); + } + + public class FpeCharEncryptor + { + private readonly FpeEngine fpeEngine; + private IAlphabetMapper alphabetMapper; + + public FpeCharEncryptor(FpeEngine fpeEngine, byte[] key, char[] alphabet): this(fpeEngine, key, new byte[0], alphabet) + { + + } + + public FpeCharEncryptor(FpeEngine fpeEngine, byte[] key, byte[] tweak, char[] alphabet) + { + this.fpeEngine = fpeEngine; + + alphabetMapper = new BasicAlphabetMapper(alphabet); + + fpeEngine.Init(true, new FpeParameters(new KeyParameter(key), alphabetMapper.Radix, tweak)); + } + + public char[] Process(char[] input) + { + byte[] bytes = alphabetMapper.ConvertToIndexes(input); + + fpeEngine.ProcessBlock(bytes, 0, bytes.Length, bytes, 0); + + return alphabetMapper.ConvertToChars(bytes); + } + } + + public class FpeCharDecryptor + { + private readonly FpeEngine fpeEngine; + private IAlphabetMapper alphabetMapper; + + public FpeCharDecryptor(FpeEngine fpeEngine, byte[] key, char[] alphabet): this(fpeEngine, key, new byte[0], alphabet) + { + } + + public FpeCharDecryptor(FpeEngine fpeEngine, byte[] key, byte[] tweak, char[] alphabet) + { + this.fpeEngine = fpeEngine; + + alphabetMapper = new BasicAlphabetMapper(alphabet); + + fpeEngine.Init(false, new FpeParameters(new KeyParameter(key), alphabetMapper.Radix, tweak)); + } + + public char[] Process(char[] input) + { + byte[] bytes = alphabetMapper.ConvertToIndexes(input); + + fpeEngine.ProcessBlock(bytes, 0, bytes.Length, bytes, 0); + + return alphabetMapper.ConvertToChars(bytes); + } + } + } +} diff --git a/BouncyCastle/crypto/test/src/crypto/test/SRP6Test.cs b/BouncyCastle/crypto/test/src/crypto/test/SRP6Test.cs new file mode 100644 index 0000000..6b64df9 --- /dev/null +++ b/BouncyCastle/crypto/test/src/crypto/test/SRP6Test.cs @@ -0,0 +1,289 @@ +using System; +using System.Text; + +using NUnit.Framework; + +using Org.BouncyCastle.Crypto.Agreement.Srp; +using Org.BouncyCastle.Crypto.Digests; +using Org.BouncyCastle.Crypto.Generators; +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Math; +using Org.BouncyCastle.Security; +using Org.BouncyCastle.Utilities.Encoders; +using Org.BouncyCastle.Utilities.Test; + +namespace Org.BouncyCastle.Crypto.Tests +{ + [TestFixture] + public class Srp6Test + : SimpleTest + { + private static BigInteger FromHex(string hex) + { + return new BigInteger(1, Hex.Decode(hex)); + } + + private readonly SecureRandom random = new SecureRandom(); + + public override string Name + { + get { return "SRP6"; } + } + + public override void PerformTest() + { + rfc5054AppendixBTestVectors(); + + testMutualVerification(Srp6StandardGroups.rfc5054_1024); + testClientCatchesBadB(Srp6StandardGroups.rfc5054_1024); + testServerCatchesBadA(Srp6StandardGroups.rfc5054_1024); + + testWithRandomParams(256); + testWithRandomParams(384); + testWithRandomParams(512); + } + + private void rfc5054AppendixBTestVectors() + { + byte[] I = Encoding.UTF8.GetBytes("alice"); + byte[] P = Encoding.UTF8.GetBytes("password123"); + byte[] s = Hex.Decode("BEB25379D1A8581EB5A727673A2441EE"); + BigInteger N = Srp6StandardGroups.rfc5054_1024.N; + BigInteger g = Srp6StandardGroups.rfc5054_1024.G; + BigInteger a = FromHex("60975527035CF2AD1989806F0407210BC81EDC04E2762A56AFD529DDDA2D4393"); + BigInteger b = FromHex("E487CB59D31AC550471E81F00F6928E01DDA08E974A004F49E61F5D105284D20"); + + BigInteger expect_k = FromHex("7556AA045AEF2CDD07ABAF0F665C3E818913186F"); + BigInteger expect_x = FromHex("94B7555AABE9127CC58CCF4993DB6CF84D16C124"); + BigInteger expect_v = FromHex("7E273DE8696FFC4F4E337D05B4B375BEB0DDE1569E8FA00A9886D812" + + "9BADA1F1822223CA1A605B530E379BA4729FDC59F105B4787E5186F5" + + "C671085A1447B52A48CF1970B4FB6F8400BBF4CEBFBB168152E08AB5" + + "EA53D15C1AFF87B2B9DA6E04E058AD51CC72BFC9033B564E26480D78" + + "E955A5E29E7AB245DB2BE315E2099AFB"); + BigInteger expect_A = FromHex("61D5E490F6F1B79547B0704C436F523DD0E560F0C64115BB72557EC4" + + "4352E8903211C04692272D8B2D1A5358A2CF1B6E0BFCF99F921530EC" + + "8E39356179EAE45E42BA92AEACED825171E1E8B9AF6D9C03E1327F44" + + "BE087EF06530E69F66615261EEF54073CA11CF5858F0EDFDFE15EFEA" + + "B349EF5D76988A3672FAC47B0769447B"); + BigInteger expect_B = FromHex("BD0C61512C692C0CB6D041FA01BB152D4916A1E77AF46AE105393011" + + "BAF38964DC46A0670DD125B95A981652236F99D9B681CBF87837EC99" + + "6C6DA04453728610D0C6DDB58B318885D7D82C7F8DEB75CE7BD4FBAA" + + "37089E6F9C6059F388838E7A00030B331EB76840910440B1B27AAEAE" + + "EB4012B7D7665238A8E3FB004B117B58"); + BigInteger expect_u = FromHex("CE38B9593487DA98554ED47D70A7AE5F462EF019"); + BigInteger expect_S = FromHex("B0DC82BABCF30674AE450C0287745E7990A3381F63B387AAF271A10D" + + "233861E359B48220F7C4693C9AE12B0A6F67809F0876E2D013800D6C" + + "41BB59B6D5979B5C00A172B4A2A5903A0BDCAF8A709585EB2AFAFA8F" + + "3499B200210DCC1F10EB33943CD67FC88A2F39A4BE5BEC4EC0A3212D" + + "C346D7E474B29EDE8A469FFECA686E5A"); + + BigInteger k = Srp6Utilities.CalculateK(new Sha1Digest(), N, g); + if (!k.Equals(expect_k)) + { + Fail("wrong value of 'k'"); + } + + BigInteger x = Srp6Utilities.CalculateX(new Sha1Digest(), N, s, I, P); + if (!x.Equals(expect_x)) + { + Fail("wrong value of 'x'"); + } + + Srp6VerifierGenerator gen = new Srp6VerifierGenerator(); + gen.Init(N, g, new Sha1Digest()); + BigInteger v = gen.GenerateVerifier(s, I, P); + if (!v.Equals(expect_v)) + { + Fail("wrong value of 'v'"); + } + + Srp6Client client = new MySrp6Client(a); + client.Init(N, g, new Sha1Digest(), random); + + BigInteger A = client.GenerateClientCredentials(s, I, P); + if (!A.Equals(expect_A)) + { + Fail("wrong value of 'A'"); + } + + Srp6Server server = new MySrp6Server(b); + server.Init(N, g, v, new Sha1Digest(), random); + + BigInteger B = server.GenerateServerCredentials(); + if (!B.Equals(expect_B)) + { + Fail("wrong value of 'B'"); + } + + BigInteger u = Srp6Utilities.CalculateU(new Sha1Digest(), N, A, B); + if (!u.Equals(expect_u)) + { + Fail("wrong value of 'u'"); + } + + BigInteger clientS = client.CalculateSecret(B); + if (!clientS.Equals(expect_S)) + { + Fail("wrong value of 'S' (client)"); + } + + BigInteger serverS = server.CalculateSecret(A); + if (!serverS.Equals(expect_S)) + { + Fail("wrong value of 'S' (server)"); + } + } + + private void testWithRandomParams(int bits) + { + DHParametersGenerator paramGen = new DHParametersGenerator(); + paramGen.Init(bits, 25, random); + DHParameters parameters = paramGen.GenerateParameters(); + + testMutualVerification(new Srp6GroupParameters(parameters.P, parameters.G)); + } + + private void testMutualVerification(Srp6GroupParameters group) + { + byte[] I = Encoding.UTF8.GetBytes("username"); + byte[] P = Encoding.UTF8.GetBytes("password"); + byte[] s = new byte[16]; + random.NextBytes(s); + + Srp6VerifierGenerator gen = new Srp6VerifierGenerator(); + gen.Init(group, new Sha256Digest()); + BigInteger v = gen.GenerateVerifier(s, I, P); + + Srp6Client client = new Srp6Client(); + client.Init(group, new Sha256Digest(), random); + + Srp6Server server = new Srp6Server(); + server.Init(group, v, new Sha256Digest(), random); + + BigInteger A = client.GenerateClientCredentials(s, I, P); + BigInteger B = server.GenerateServerCredentials(); + + BigInteger clientS = client.CalculateSecret(B); + BigInteger serverS = server.CalculateSecret(A); + + if (!clientS.Equals(serverS)) + { + Fail("SRP agreement failed - client/server calculated different secrets"); + } + } + + private void testClientCatchesBadB(Srp6GroupParameters group) + { + byte[] I = Encoding.UTF8.GetBytes("username"); + byte[] P = Encoding.UTF8.GetBytes("password"); + byte[] s = new byte[16]; + random.NextBytes(s); + + Srp6Client client = new Srp6Client(); + client.Init(group, new Sha256Digest(), random); + + client.GenerateClientCredentials(s, I, P); + + try + { + client.CalculateSecret(BigInteger.Zero); + Fail("Client failed to detect invalid value for 'B'"); + } + catch (CryptoException) + { + // Expected + } + + try + { + client.CalculateSecret(group.N); + Fail("Client failed to detect invalid value for 'B'"); + } + catch (CryptoException) + { + // Expected + } + } + + private void testServerCatchesBadA(Srp6GroupParameters group) + { + byte[] I = Encoding.UTF8.GetBytes("username"); + byte[] P = Encoding.UTF8.GetBytes("password"); + byte[] s = new byte[16]; + random.NextBytes(s); + + Srp6VerifierGenerator gen = new Srp6VerifierGenerator(); + gen.Init(group, new Sha256Digest()); + BigInteger v = gen.GenerateVerifier(s, I, P); + + Srp6Server server = new Srp6Server(); + server.Init(group, v, new Sha256Digest(), random); + + server.GenerateServerCredentials(); + + try + { + server.CalculateSecret(BigInteger.Zero); + Fail("Client failed to detect invalid value for 'A'"); + } + catch (CryptoException) + { + // Expected + } + + try + { + server.CalculateSecret(group.N); + Fail("Client failed to detect invalid value for 'A'"); + } + catch (CryptoException) + { + // Expected + } + } + + public static void Main(string[] args) + { + RunTest(new Srp6Test()); + } + + [Test] + public void TestFunction() + { + string resultText = Perform().ToString(); + Assert.AreEqual(Name + ": Okay", resultText); + } + + private class MySrp6Client + : Srp6Client + { + private readonly BigInteger nonRandomPrivA; + + internal MySrp6Client(BigInteger nonRandomPrivA) + { + this.nonRandomPrivA = nonRandomPrivA; + } + + protected override BigInteger SelectPrivateValue() + { + return nonRandomPrivA; + } + } + + private class MySrp6Server + : Srp6Server + { + private readonly BigInteger nonRandomPrivB; + + internal MySrp6Server(BigInteger nonRandomPrivB) + { + this.nonRandomPrivB = nonRandomPrivB; + } + + protected override BigInteger SelectPrivateValue() + { + return nonRandomPrivB; + } + } + } +} diff --git a/BouncyCastle/crypto/test/src/crypto/test/Salsa20Test.cs b/BouncyCastle/crypto/test/src/crypto/test/Salsa20Test.cs new file mode 100644 index 0000000..b4dc1ef --- /dev/null +++ b/BouncyCastle/crypto/test/src/crypto/test/Salsa20Test.cs @@ -0,0 +1,318 @@ +using System; + +using NUnit.Framework; + +using Org.BouncyCastle.Crypto.Engines; +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Utilities.Encoders; +using Org.BouncyCastle.Utilities.Test; + +namespace Org.BouncyCastle.Crypto.Tests +{ + /** + * Salsa20 Test + */ + [TestFixture] + public class Salsa20Test + : SimpleTest + { + private static readonly byte[] zeroes = Hex.Decode( + "00000000000000000000000000000000" + + "00000000000000000000000000000000" + + "00000000000000000000000000000000" + + "00000000000000000000000000000000"); + + private static readonly string set1v0_0 = + "4DFA5E481DA23EA09A31022050859936" + + "DA52FCEE218005164F267CB65F5CFD7F" + + "2B4F97E0FF16924A52DF269515110A07" + + "F9E460BC65EF95DA58F740B7D1DBB0AA"; + + private static readonly string set1v0_192 = + "DA9C1581F429E0A00F7D67E23B730676" + + "783B262E8EB43A25F55FB90B3E753AEF" + + "8C6713EC66C51881111593CCB3E8CB8F" + + "8DE124080501EEEB389C4BCB6977CF95"; + + private static readonly string set1v0_256 = + "7D5789631EB4554400E1E025935DFA7B" + + "3E9039D61BDC58A8697D36815BF1985C" + + "EFDF7AE112E5BB81E37ECF0616CE7147" + + "FC08A93A367E08631F23C03B00A8DA2F"; + + private static readonly string set1v0_448 = + "B375703739DACED4DD4059FD71C3C47F" + + "C2F9939670FAD4A46066ADCC6A564578" + + "3308B90FFB72BE04A6B147CBE38CC0C3" + + "B9267C296A92A7C69873F9F263BE9703"; + + private static readonly string set1v9_0 = + "0471076057830FB99202291177FBFE5D" + + "38C888944DF8917CAB82788B91B53D1C" + + "FB06D07A304B18BB763F888A61BB6B75" + + "5CD58BEC9C4CFB7569CB91862E79C459"; + + private static readonly string set1v9_192 = + "D1D7E97556426E6CFC21312AE3811425" + + "9E5A6FB10DACBD88E4354B0472556935" + + "2B6DA5ACAFACD5E266F9575C2ED8E6F2" + + "EFE4B4D36114C3A623DD49F4794F865B"; + + private static readonly string set1v9_256 = + "AF06FAA82C73291231E1BD916A773DE1" + + "52FD2126C40A10C3A6EB40F22834B8CC" + + "68BD5C6DBD7FC1EC8F34165C517C0B63" + + "9DB0C60506D3606906B8463AA0D0EC2F"; + + private static readonly string set1v9_448 = + "AB3216F1216379EFD5EC589510B8FD35" + + "014D0AA0B613040BAE63ECAB90A9AF79" + + "661F8DA2F853A5204B0F8E72E9D9EB4D" + + "BA5A4690E73A4D25F61EE7295215140C"; + + private static readonly string set6v0_0 = + "F5FAD53F79F9DF58C4AEA0D0ED9A9601" + + "F278112CA7180D565B420A48019670EA" + + "F24CE493A86263F677B46ACE1924773D" + + "2BB25571E1AA8593758FC382B1280B71"; + + private static readonly string set6v0_65472 = + "B70C50139C63332EF6E77AC54338A407" + + "9B82BEC9F9A403DFEA821B83F7860791" + + "650EF1B2489D0590B1DE772EEDA4E3BC" + + "D60FA7CE9CD623D9D2FD5758B8653E70"; + + private static readonly string set6v0_65536 = + "81582C65D7562B80AEC2F1A673A9D01C" + + "9F892A23D4919F6AB47B9154E08E699B" + + "4117D7C666477B60F8391481682F5D95" + + "D96623DBC489D88DAA6956B9F0646B6E"; + + private static readonly string set6v1_0 = + "3944F6DC9F85B128083879FDF190F7DE" + + "E4053A07BC09896D51D0690BD4DA4AC1" + + "062F1E47D3D0716F80A9B4D85E6D6085" + + "EE06947601C85F1A27A2F76E45A6AA87"; + + private static readonly string set6v1_65472 = + "36E03B4B54B0B2E04D069E690082C8C5" + + "92DF56E633F5D8C7682A02A65ECD1371" + + "8CA4352AACCB0DA20ED6BBBA62E177F2" + + "10E3560E63BB822C4158CAA806A88C82"; + + private static readonly string set6v1_65536 = + "1B779E7A917C8C26039FFB23CF0EF8E0" + + "8A1A13B43ACDD9402CF5DF38501098DF" + + "C945A6CC69A6A17367BC03431A86B3ED" + + "04B0245B56379BF997E25800AD837D7D"; + + // Salsa20/12 + + private static readonly string salsa12_set1v0_0 = + "FC207DBFC76C5E1774961E7A5AAD0906" + + "9B2225AC1CE0FE7A0CE77003E7E5BDF8" + + "B31AF821000813E6C56B8C1771D6EE70" + + "39B2FBD0A68E8AD70A3944B677937897"; + + private static readonly string salsa12_set1v0_192 = + "4B62A4881FA1AF9560586510D5527ED4" + + "8A51ECAFA4DECEEBBDDC10E9918D44AB" + + "26B10C0A31ED242F146C72940C6E9C37" + + "53F641DA84E9F68B4F9E76B6C48CA5AC"; + + private static readonly string salsa12_set1v0_256 = + "F52383D9DEFB20810325F7AEC9EADE34" + + "D9D883FEE37E05F74BF40875B2D0BE79" + + "ED8886E5BFF556CEA8D1D9E86B1F68A9" + + "64598C34F177F8163E271B8D2FEB5996"; + + private static readonly string salsa12_set1v0_448 = + "A52ED8C37014B10EC0AA8E05B5CEEE12" + + "3A1017557FB3B15C53E6C5EA8300BF74" + + "264A73B5315DC821AD2CAB0F3BB2F152" + + "BDAEA3AEE97BA04B8E72A7B40DCC6BA4"; + + // Salsa20/8 + + private static readonly string salsa8_set1v0_0 = + "A9C9F888AB552A2D1BBFF9F36BEBEB33" + + "7A8B4B107C75B63BAE26CB9A235BBA9D" + + "784F38BEFC3ADF4CD3E266687EA7B9F0" + + "9BA650AE81EAC6063AE31FF12218DDC5"; + + private static readonly string salsa8_set1v0_192 = + "BB5B6BB2CC8B8A0222DCCC1753ED4AEB" + + "23377ACCBD5D4C0B69A8A03BB115EF71" + + "871BC10559080ACA7C68F0DEF32A80DD" + + "BAF497259BB76A3853A7183B51CC4B9F"; + + private static readonly string salsa8_set1v0_256 = + "4436CDC0BE39559F5E5A6B79FBDB2CAE" + + "4782910F27FFC2391E05CFC78D601AD8" + + "CD7D87B074169361D997D1BED9729C0D" + + "EB23418E0646B7997C06AA84E7640CE3"; + + private static readonly string salsa8_set1v0_448 = + "BEE85903BEA506B05FC04795836FAAAC" + + "7F93F785D473EB762576D96B4A65FFE4" + + "63B34AAE696777FC6351B67C3753B89B" + + "A6B197BD655D1D9CA86E067F4D770220"; + + public override string Name + { + get { return "Salsa20"; } + } + + public override void PerformTest() + { + salsa20Test1(20, new ParametersWithIV(new KeyParameter(Hex.Decode("80000000000000000000000000000000")), Hex.Decode("0000000000000000")), + set1v0_0, set1v0_192, set1v0_256, set1v0_448); + salsa20Test1(20, new ParametersWithIV(new KeyParameter(Hex.Decode("00400000000000000000000000000000")), Hex.Decode("0000000000000000")), + set1v9_0, set1v9_192, set1v9_256, set1v9_448); + salsa20Test1(12, new ParametersWithIV(new KeyParameter(Hex.Decode("80000000000000000000000000000000")), Hex.Decode("0000000000000000")), + salsa12_set1v0_0, salsa12_set1v0_192, salsa12_set1v0_256, salsa12_set1v0_448); + salsa20Test1(8, new ParametersWithIV(new KeyParameter(Hex.Decode("80000000000000000000000000000000")), Hex.Decode("0000000000000000")), + salsa8_set1v0_0, salsa8_set1v0_192, salsa8_set1v0_256, salsa8_set1v0_448); + salsa20Test2(new ParametersWithIV(new KeyParameter(Hex.Decode("0053A6F94C9FF24598EB3E91E4378ADD3083D6297CCF2275C81B6EC11467BA0D")), Hex.Decode("0D74DB42A91077DE")), + set6v0_0, set6v0_65472, set6v0_65536); + salsa20Test2(new ParametersWithIV(new KeyParameter(Hex.Decode("0558ABFE51A4F74A9DF04396E93C8FE23588DB2E81D4277ACD2073C6196CBF12")), Hex.Decode("167DE44BB21980E7")), + set6v1_0, set6v1_65472, set6v1_65536); + reinitBug(); + } + + private void salsa20Test1( + int rounds, + ICipherParameters parameters, + string v0, + string v192, + string v256, + string v448) + { + IStreamCipher salsa = new Salsa20Engine(rounds); + byte[] buf = new byte[64]; + + salsa.Init(true, parameters); + + for (int i = 0; i != 7; i++) + { + salsa.ProcessBytes(zeroes, 0, 64, buf, 0); + switch (i) + { + case 0: + if (!AreEqual(buf, Hex.Decode(v0))) + { + mismatch("v0/" + rounds, v0, buf); + } + break; + case 3: + if (!AreEqual(buf, Hex.Decode(v192))) + { + mismatch("v192/" + rounds, v192, buf); + } + break; + case 4: + if (!AreEqual(buf, Hex.Decode(v256))) + { + mismatch("v256/" + rounds, v256, buf); + } + break; + default: + // ignore + break; + } + } + + for (int i = 0; i != 64; i++) + { + buf[i] = salsa.ReturnByte(zeroes[i]); + } + + if (!AreEqual(buf, Hex.Decode(v448))) + { + mismatch("v448", v448, buf); + } + } + + private void salsa20Test2( + ICipherParameters parameters, + string v0, + string v65472, + string v65536) + { + IStreamCipher salsa = new Salsa20Engine(); + byte[] buf = new byte[64]; + + salsa.Init(true, parameters); + + for (int i = 0; i != 1025; i++) + { + salsa.ProcessBytes(zeroes, 0, 64, buf, 0); + switch (i) + { + case 0: + if (!AreEqual(buf, Hex.Decode(v0))) + { + mismatch("v0", v0, buf); + } + break; + case 1023: + if (!AreEqual(buf, Hex.Decode(v65472))) + { + mismatch("v65472", v65472, buf); + } + break; + case 1024: + if (!AreEqual(buf, Hex.Decode(v65536))) + { + mismatch("v65536", v65536, buf); + } + break; + default: + // ignore + break; + } + } + } + + private void mismatch( + string name, + string expected, + byte[] found) + { + Fail("mismatch on " + name, expected, Hex.ToHexString(found)); + } + + private void reinitBug() + { + KeyParameter key = new KeyParameter(Hex.Decode("80000000000000000000000000000000")); + ParametersWithIV parameters = new ParametersWithIV(key, Hex.Decode("0000000000000000")); + + IStreamCipher salsa = new Salsa20Engine(); + + salsa.Init(true, parameters); + + try + { + salsa.Init(true, key); + Fail("Salsa20 should throw exception if no IV in Init"); + } + catch (ArgumentException) + { + } + } + + public static void Main( + string[] args) + { + RunTest(new Salsa20Test()); + } + + [Test] + public void TestFunction() + { + string resultText = Perform().ToString(); + + Assert.AreEqual(Name + ": Okay", resultText); + } + } +} diff --git a/BouncyCastle/crypto/test/src/crypto/test/SerpentTest.cs b/BouncyCastle/crypto/test/src/crypto/test/SerpentTest.cs new file mode 100644 index 0000000..08dbda5 --- /dev/null +++ b/BouncyCastle/crypto/test/src/crypto/test/SerpentTest.cs @@ -0,0 +1,150 @@ +using System; + +using NUnit.Framework; + +using Org.BouncyCastle.Crypto; +using Org.BouncyCastle.Crypto.Engines; +using Org.BouncyCastle.Crypto.Modes; +using Org.BouncyCastle.Crypto.Paddings; +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Utilities; +using Org.BouncyCastle.Utilities.Encoders; +using Org.BouncyCastle.Utilities.Test; + +namespace Org.BouncyCastle.Crypto.Tests +{ + /** + * Test vectors based on the NESSIE submission + */ + [TestFixture] + public class SerpentTest + : CipherTest + { + static SimpleTest[] tests = + { + new BlockCipherVectorTest(0, new SerpentEngine(), + new KeyParameter(Hex.Decode("00000000000000000000000000000000")), + "00000000000000000000000000000000", "3620b17ae6a993d09618b8768266bae9"), + new BlockCipherVectorTest(1, new SerpentEngine(), + new KeyParameter(Hex.Decode("80000000000000000000000000000000")), + "00000000000000000000000000000000", "264E5481EFF42A4606ABDA06C0BFDA3D"), + new BlockCipherVectorTest(2, new SerpentEngine(), + new KeyParameter(Hex.Decode("D9D9D9D9D9D9D9D9D9D9D9D9D9D9D9D9")), + "D9D9D9D9D9D9D9D9D9D9D9D9D9D9D9D9", "20EA07F19C8E93FDA30F6B822AD5D486"), + new BlockCipherVectorTest(3, new SerpentEngine(), + new KeyParameter(Hex.Decode("000000000000000000000000000000000000000000008000")), + "00000000000000000000000000000000", "40520018C4AC2BBA285AEEB9BCB58755"), + new BlockCipherVectorTest(4, new SerpentEngine(), + new KeyParameter(Hex.Decode("0000000000000000000000000000000000000000000000000000000000000000")), + "00000000000000000000000000000001", "AD86DE83231C3203A86AE33B721EAA9F"), + new BlockCipherVectorTest(5, new SerpentEngine(), + new KeyParameter(Hex.Decode("000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F")), + "3DA46FFA6F4D6F30CD258333E5A61369", "00112233445566778899AABBCCDDEEFF"), + new BlockCipherVectorTest(6, new SerpentEngine(), + new KeyParameter(Hex.Decode("2BD6459F82C5B300952C49104881FF482BD6459F82C5B300952C49104881FF48")), + "677C8DFAA08071743FD2B415D1B28AF2", "EA024714AD5C4D84EA024714AD5C4D84"), + new BlockCipherVectorTest(7, new SerpentEngine(), + new KeyParameter(Hex.Decode("000102030405060708090A0B0C0D0E0F1011121314151617")), + "4528CACCB954D450655E8CFD71CBFAC7", "00112233445566778899AABBCCDDEEFF"), + new BlockCipherVectorTest(8, new SerpentEngine(), + new KeyParameter(Hex.Decode("2BD6459F82C5B300952C49104881FF482BD6459F82C5B300")), + "E0208BE278E21420C4B1B9747788A954", "EA024714AD5C4D84EA024714AD5C4D84"), + new BlockCipherVectorTest(9, new SerpentEngine(), + new KeyParameter(Hex.Decode("000102030405060708090A0B0C0D0E0F")), + "33B3DC87EDDD9B0F6A1F407D14919365", "00112233445566778899AABBCCDDEEFF"), + new BlockCipherVectorTest(10, new SerpentEngine(), + new KeyParameter(Hex.Decode("2BD6459F82C5B300952C49104881FF48")), + "BEB6C069393822D3BE73FF30525EC43E", "EA024714AD5C4D84EA024714AD5C4D84"), + new BlockCipherMonteCarloTest(20, 100, new SerpentEngine(), + new KeyParameter(Hex.Decode("F3F3F3F3F3F3F3F3F3F3F3F3F3F3F3F3F3F3F3F3F3F3F3F3")), + "F3F3F3F3F3F3F3F3F3F3F3F3F3F3F3F3", "8FD0E58DB7A54B929FCA6A12F96F20AF"), + new BlockCipherMonteCarloTest(21, 100, new SerpentEngine(), + new KeyParameter(Hex.Decode("0004000000000000000000000000000000000000000000000000000000000000")), + "00000000000000000000000000000000", "E7B681E8871FD05FEAE5FB64DA891EA2"), + new BlockCipherMonteCarloTest(22, 100, new SerpentEngine(), + new KeyParameter(Hex.Decode("0000000020000000000000000000000000000000000000000000000000000000")), + "00000000000000000000000000000000", "C5545D516EEC73BFA3622A8194F95620"), + new BlockCipherMonteCarloTest(23, 100, new SerpentEngine(), + new KeyParameter(Hex.Decode("0000000000000000000000000000000000000000000000000000000002000000")), + "00000000000000000000000000000000", "11FF5C9BE006F82C98BD4FAC1A19920E"), + new BlockCipherMonteCarloTest(24, 100, new SerpentEngine(), + new KeyParameter(Hex.Decode("0000000000000000000000000000000000000000000000000000000000000000")), + "00000000000000000000000000010000", "47CA1CA404B6481CAD4C21C8A0415A0E"), + new BlockCipherMonteCarloTest(25, 100, new SerpentEngine(), + new KeyParameter(Hex.Decode("0000000000000000000000000000000000000000000000000000000000000000")), + "00000000000000008000000000000000", "A0A2D5B07E27D539CA5BEE9DE1EAB3E6") + }; + + public SerpentTest() + : base(tests, new SerpentEngine(), new KeyParameter(new byte[32])) + { + } + + public override void PerformTest() + { + base.PerformTest(); + + //DoCbcMonte(new byte[16], new byte[16], new byte[16], Hex.Decode("9ea101ecebaa41c712bcb0d9bab3e2e4")); + //DoCbcMonte(Hex.Decode("9ea101ecebaa41c712bcb0d9bab3e2e4"), Hex.Decode("9ea101ecebaa41c712bcb0d9bab3e2e4"), Hex.Decode("b4813d8a66244188b9e92c75913fa2f4"), Hex.Decode("f86b2c265b9c75869f31e2c684c13e9f")); + + DoCbc(Hex.Decode("BE4295539F6BD1752FD0A80229EF8847"), Hex.Decode("00963F59224794D5AD4252094358FBC3"), Strings.ToByteArray("CBC Mode Test"), Hex.Decode("CF2CF2547E02F6D34D97246E8042ED89")); + + + DoEax(Hex.Decode("7494A57648FB420043BFBFC5639EB82D"), Hex.Decode("6DF94638B83E01458F3E30C9A1D6AF1C"), Strings.ToByteArray("EAX Mode Test"), new byte[0], 128, Hex.Decode("96C521F32DC5E9BBC369DDE4914CB13B710EEBBAB7D706D3ABE06A99DC")); + } + + private void DoEax(byte[] key, byte[] iv, byte[] pt, byte[] aad, int tagLength, byte[] expected) + { + EaxBlockCipher c = new EaxBlockCipher(new SerpentEngine()); + + c.Init(true, new AeadParameters(new KeyParameter(key), tagLength, iv, aad)); + + byte[] output = new byte[expected.Length]; + + int len = c.ProcessBytes(pt, 0, pt.Length, output, 0); + + c.DoFinal(output, len); + + if (!Arrays.AreEqual(expected, output)) + { + Fail("EAX test failed"); + } + } + + private void DoCbc(byte[] key, byte[] iv, byte[] pt, byte[] expected) + { + PaddedBufferedBlockCipher c = new PaddedBufferedBlockCipher(new CbcBlockCipher(new SerpentEngine()), new Pkcs7Padding()); + + byte[] ct = new byte[expected.Length]; + + c.Init(true, new ParametersWithIV(new KeyParameter(key), iv)); + + int l = c.ProcessBytes(pt, 0, pt.Length, ct, 0); + + c.DoFinal(ct, l); + + if (!Arrays.AreEqual(expected, ct)) + { + Fail("CBC test failed"); + } + } + + public override string Name + { + get { return "Serpent"; } + } + + public static void Main(string[] args) + { + RunTest(new SerpentTest()); + } + + [Test] + public void TestFunction() + { + string resultText = Perform().ToString(); + + Assert.AreEqual(Name + ": Okay", resultText); + } + } +} diff --git a/BouncyCastle/crypto/test/src/crypto/test/ShakeDigestTest.cs b/BouncyCastle/crypto/test/src/crypto/test/ShakeDigestTest.cs new file mode 100644 index 0000000..d8b2d55 --- /dev/null +++ b/BouncyCastle/crypto/test/src/crypto/test/ShakeDigestTest.cs @@ -0,0 +1,334 @@ +using System; +using System.IO; +using System.Text; + +using NUnit.Framework; + +using Org.BouncyCastle.Crypto.Digests; +using Org.BouncyCastle.Math; +using Org.BouncyCastle.Utilities; +using Org.BouncyCastle.Utilities.Encoders; +using Org.BouncyCastle.Utilities.Test; + +namespace Org.BouncyCastle.Crypto.Tests +{ + /** + * SHAKE Digest Test + */ + [TestFixture] + public class ShakeDigestTest + : SimpleTest + { + internal class MyShakeDigest : ShakeDigest + { + internal MyShakeDigest(int bitLength) + : base(bitLength) + { + } + + internal int MyDoFinal(byte[] output, int outOff, int outLen, byte partialByte, int partialBits) + { + return DoFinal(output, outOff, outLen, partialByte, partialBits); + } + } + + public override string Name + { + get { return "SHAKE"; } + } + + public override void PerformTest() + { + TestVectors(); + } + + public void TestVectors() + { + using (StreamReader r = new StreamReader(SimpleTest.GetTestDataAsStream("crypto.SHAKETestVectors.txt"))) + { + String line; + while (null != (line = ReadLine(r))) + { + if (line.Length != 0) + { + TestVector v = ReadTestVector(r, line); + RunTestVector(v); + } + } + } + } + + private MyShakeDigest CreateDigest(string algorithm) + { + if (algorithm.StartsWith("SHAKE-")) + { + int bits = ParseDecimal(algorithm.Substring("SHAKE-".Length)); + return new MyShakeDigest(bits); + } + throw new ArgumentException("Unknown algorithm: " + algorithm, "algorithm"); + } + + private byte[] DecodeBinary(string block) + { + int bits = block.Length; + int fullBytes = bits / 8; + int totalBytes = (bits + 7) / 8; + byte[] result = new byte[totalBytes]; + + for (int i = 0; i < fullBytes; ++i) + { + string byteStr = Reverse(block.Substring(i * 8, 8)); + result[i] = (byte)ParseBinary(byteStr); + } + + if (totalBytes > fullBytes) + { + string byteStr = Reverse(block.Substring(fullBytes * 8)); + result[fullBytes] = (byte)ParseBinary(byteStr); + } + + return result; + } + + private int ParseBinary(string s) + { + return new BigInteger(s, 2).IntValue; + } + + private int ParseDecimal(string s) + { + return Int32.Parse(s); + } + + private string ReadBlock(StreamReader r) + { + StringBuilder b = new StringBuilder(); + string line; + while ((line = ReadBlockLine(r)) != null) + { + b.Append(line); + } + return b.ToString(); + } + + private string ReadBlockLine(StreamReader r) + { + string line = ReadLine(r); + if (line == null || line.Length == 0) + { + return null; + } + return line.Replace(" ", ""); + } + + private TestVector ReadTestVector(StreamReader r, string header) + { + string[] parts = SplitAround(header, TestVector.SAMPLE_OF); + + string algorithm = parts[0]; + int bits = ParseDecimal(StripFromChar(parts[1], '-')); + + SkipUntil(r, TestVector.MSG_HEADER); + string messageBlock = ReadBlock(r); + if (messageBlock.Length != bits) + { + throw new InvalidOperationException("Test vector length mismatch"); + } + byte[] message = DecodeBinary(messageBlock); + + SkipUntil(r, TestVector.OUTPUT_HEADER); + byte[] output = Hex.Decode(ReadBlock(r)); + + return new TestVector(algorithm, bits, message, output); + } + + private string ReadLine(StreamReader r) + { + string line = r.ReadLine(); + return line == null ? null : StripFromChar(line, '#').Trim(); + } + + private string RequireLine(StreamReader r) + { + string line = ReadLine(r); + if (line == null) + { + throw new EndOfStreamException(); + } + return line; + } + + private string Reverse(string s) + { + char[] cs = s.ToCharArray(); + Array.Reverse(cs); + return new string(cs); + } + + private void RunTestVector(TestVector v) + { + int bits = v.Bits; + int partialBits = bits % 8; + + byte[] expected = v.Output; + + //Console.WriteLine(v.Algorithm + " " + bits + "-bit"); + //Console.WriteLine(Hex.ToHexString(v.Message).ToUpper()); + //Console.WriteLine(Hex.ToHexString(expected).ToUpper()); + + int outLen = expected.Length; + + MyShakeDigest d = CreateDigest(v.Algorithm); + byte[] output = new byte[outLen]; + + byte[] m = v.Message; + if (partialBits == 0) + { + d.BlockUpdate(m, 0, m.Length); + d.DoFinal(output, 0, outLen); + } + else + { + d.BlockUpdate(m, 0, m.Length - 1); + d.MyDoFinal(output, 0, outLen, m[m.Length - 1], partialBits); + } + + if (!Arrays.AreEqual(expected, output)) + { + Fail(v.Algorithm + " " + v.Bits + "-bit test vector hash mismatch"); + //Console.Error.WriteLine(v.Algorithm + " " + v.Bits + "-bit test vector hash mismatch"); + //Console.Error.WriteLine(Hex.ToHexString(output).ToUpper()); + } + + if (partialBits == 0) + { + d = CreateDigest(v.Algorithm); + + m = v.Message; + + d.BlockUpdate(m, 0, m.Length); + d.DoOutput(output, 0, outLen / 2); + d.DoOutput(output, outLen / 2, output.Length - outLen / 2); + + if (!Arrays.AreEqual(expected, output)) + { + Fail(v.Algorithm + " " + v.Bits + "-bit test vector extended hash mismatch"); + } + + try + { + d.Update((byte)0x01); + Fail("no exception"); + } + catch (InvalidOperationException e) + { + if (!"attempt to absorb while squeezing".Equals(e.Message)) + { + Fail("wrong exception"); + } + } + + d = CreateDigest(v.Algorithm); + + m = v.Message; + + d.BlockUpdate(m, 0, m.Length); + d.DoOutput(output, 0, outLen / 2); + d.DoFinal(output, outLen / 2, output.Length - outLen / 2); + + if (!Arrays.AreEqual(expected, output)) + { + Fail(v.Algorithm + " " + v.Bits + "-bit test vector extended doFinal hash mismatch"); + } + + d.Update((byte)0x01); // this should be okay as we've reset on DoFinal() + } + } + + private void SkipUntil(StreamReader r, string header) + { + string line; + do + { + line = RequireLine(r); + } + while (line.Length == 0); + if (!line.Equals(header)) + { + throw new IOException("Expected: " + header); + } + } + + private string[] SplitAround(string s, string separator) + { + int i = s.IndexOf(separator); + if (i < 0) + throw new InvalidOperationException(); + return new string[] { s.Substring(0, i), s.Substring(i + separator.Length) }; + } + + private string StripFromChar(string s, char c) + { + int i = s.IndexOf(c); + if (i >= 0) + { + s = s.Substring(0, i); + } + return s; + } + + public static void Main( + string[] args) + { + RunTest(new ShakeDigestTest()); + } + + [Test] + public void TestFunction() + { + string resultText = Perform().ToString(); + + Assert.AreEqual(Name + ": Okay", resultText); + } + + internal class TestVector + { + internal static string SAMPLE_OF = " sample of "; + internal static string MSG_HEADER = "Msg as bit string"; + internal static string OUTPUT_HEADER = "Output val is"; + + private readonly string algorithm; + private readonly int bits; + private readonly byte[] message; + private readonly byte[] output; + + internal TestVector(string algorithm, int bits, byte[] message, byte[] output) + { + this.algorithm = algorithm; + this.bits = bits; + this.message = message; + this.output = output; + } + + public string Algorithm + { + get { return algorithm; } + } + + public int Bits + { + get { return bits; } + } + + public byte[] Message + { + get { return message; } + } + + public byte[] Output + { + get { return output; } + } + } + } +} diff --git a/BouncyCastle/crypto/test/src/crypto/test/ShortenedDigestTest.cs b/BouncyCastle/crypto/test/src/crypto/test/ShortenedDigestTest.cs new file mode 100644 index 0000000..4956b5b --- /dev/null +++ b/BouncyCastle/crypto/test/src/crypto/test/ShortenedDigestTest.cs @@ -0,0 +1,98 @@ +using System; + +using NUnit.Framework; + +using Org.BouncyCastle.Security; +using Org.BouncyCastle.Crypto.Digests; +using Org.BouncyCastle.Crypto.Engines; +using Org.BouncyCastle.Crypto.Paddings; +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Utilities.Encoders; +using Org.BouncyCastle.Utilities.Test; + +namespace Org.BouncyCastle.Crypto.Tests +{ + [TestFixture] + public class ShortenedDigestTest : SimpleTest + { + public override void PerformTest() + { + IDigest d = new Sha1Digest(); + ShortenedDigest sd = new ShortenedDigest(new Sha1Digest(), 10); + + if (sd.GetDigestSize() != 10) + { + Fail("size check wrong for SHA-1"); + } + + if (sd.GetByteLength() != d.GetByteLength()) + { + Fail("byte length check wrong for SHA-1"); + } + + // + // check output fits + // + sd.DoFinal(new byte[10], 0); + + d = new Sha512Digest(); + sd = new ShortenedDigest(new Sha512Digest(), 20); + + if (sd.GetDigestSize() != 20) + { + Fail("size check wrong for SHA-512"); + } + + if (sd.GetByteLength() != d.GetByteLength()) + { + Fail("byte length check wrong for SHA-512"); + } + + // + // check output fits + // + sd.DoFinal(new byte[20], 0); + + try + { + new ShortenedDigest(null, 20); + + Fail("null parameter not caught"); + } + catch (ArgumentException) + { + // expected + } + + try + { + new ShortenedDigest(new Sha1Digest(), 50); + + Fail("short digest not caught"); + } + catch (ArgumentException) + { + // expected + } + } + + public override string Name + { + get { return "ShortenedDigest"; } + } + + public static void Main( + string[] args) + { + RunTest(new ShortenedDigestTest()); + } + + [Test] + public void TestFunction() + { + string resultText = Perform().ToString(); + + Assert.AreEqual(Name + ": Okay", resultText); + } + } +} \ No newline at end of file diff --git a/BouncyCastle/crypto/test/src/crypto/test/SipHashTest.cs b/BouncyCastle/crypto/test/src/crypto/test/SipHashTest.cs new file mode 100644 index 0000000..82dfce8 --- /dev/null +++ b/BouncyCastle/crypto/test/src/crypto/test/SipHashTest.cs @@ -0,0 +1,156 @@ +using System; +using System.IO; +using System.Text; + +using NUnit.Framework; + +using Org.BouncyCastle.Crypto.Macs; +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Crypto.Utilities; +using Org.BouncyCastle.Security; +using Org.BouncyCastle.Utilities.Encoders; +using Org.BouncyCastle.Utilities.Test; + +namespace Org.BouncyCastle.Crypto.Tests +{ + /// + /// SipHash test values from "SipHash: a fast short-input PRF", by Jean-Philippe + /// Aumasson and Daniel J. Bernstein (https://131002.net/siphash/siphash.pdf), Appendix A. + /// + [TestFixture] + public class SipHashTest + : SimpleTest + { + private const int UPDATE_BYTES = 0; + private const int UPDATE_FULL = 1; + private const int UPDATE_MIX = 2; + + public override string Name + { + get { return "SipHash"; } + } + + public override void PerformTest() + { + byte[] key = Hex.Decode("000102030405060708090a0b0c0d0e0f"); + byte[] input = Hex.Decode("000102030405060708090a0b0c0d0e"); + + RunMac(key, input, UPDATE_BYTES); + RunMac(key, input, UPDATE_FULL); + RunMac(key, input, UPDATE_MIX); + + SecureRandom random = new SecureRandom(); + for (int i = 0; i < 100; ++i) + { + RandomTest(random); + } + } + + private void RunMac(byte[] key, byte[] input, int updateType) + { + long expected = unchecked((long)0xa129ca6149be45e5); + + SipHash mac = new SipHash(); + mac.Init(new KeyParameter(key)); + + UpdateMac(mac, input, updateType); + + long result = mac.DoFinal(); + if (expected != result) + { + Fail("Result does not match expected value for DoFinal()"); + } + + // NOTE: Little-endian representation of 0xa129ca6149be45e5 + byte[] expectedBytes = Hex.Decode("e545be4961ca29a1"); + + UpdateMac(mac, input, updateType); + + byte[] output = new byte[mac.GetMacSize()]; + int len = mac.DoFinal(output, 0); + if (len != output.Length) + { + Fail("Result length does not equal GetMacSize() for DoFinal(byte[],int)"); + } + if (!AreEqual(expectedBytes, output)) + { + Fail("Result does not match expected value for DoFinal(byte[],int)"); + } + } + + private void RandomTest(SecureRandom random) + { + byte[] key = new byte[16]; + random.NextBytes(key); + + int length = 1 + random.Next(1024); + byte[] input = new byte[length]; + random.NextBytes(input); + + SipHash mac = new SipHash(); + mac.Init(new KeyParameter(key)); + + UpdateMac(mac, input, UPDATE_BYTES); + long result1 = mac.DoFinal(); + + UpdateMac(mac, input, UPDATE_FULL); + long result2 = mac.DoFinal(); + + UpdateMac(mac, input, UPDATE_MIX); + long result3 = mac.DoFinal(); + + if (result1 != result2 || result1 != result3) + { + Fail("Inconsistent results in random test"); + } + } + + private void UpdateMac(SipHash mac, byte[] input, int updateType) + { + switch (updateType) + { + case UPDATE_BYTES: + { + for (int i = 0; i < input.Length; ++i) + { + mac.Update(input[i]); + } + break; + } + case UPDATE_FULL: + { + mac.BlockUpdate(input, 0, input.Length); + break; + } + case UPDATE_MIX: + { + int step = System.Math.Max(1, input.Length / 3); + int pos = 0; + while (pos < input.Length) + { + mac.Update(input[pos++]); + int len = System.Math.Min(input.Length - pos, step); + mac.BlockUpdate(input, pos, len); + pos += len; + } + break; + } + default: + throw new InvalidOperationException(); + } + } + + public static void Main(string[] args) + { + RunTest(new SipHashTest()); + } + + [Test] + public void TestFunction() + { + string resultText = Perform().ToString(); + + Assert.AreEqual(Name + ": Okay", resultText); + } + } +} diff --git a/BouncyCastle/crypto/test/src/crypto/test/SkeinDigestTest.cs b/BouncyCastle/crypto/test/src/crypto/test/SkeinDigestTest.cs new file mode 100644 index 0000000..b6f1c54 --- /dev/null +++ b/BouncyCastle/crypto/test/src/crypto/test/SkeinDigestTest.cs @@ -0,0 +1,303 @@ +using System; + +using NUnit.Framework; + +using Org.BouncyCastle.Crypto; +using Org.BouncyCastle.Crypto.Digests; +using Org.BouncyCastle.Utilities.Encoders; +using Org.BouncyCastle.Utilities.Test; + + +namespace Org.BouncyCastle.Crypto.Tests +{ + + [TestFixture] + public class SkeinDigestTest + : SimpleTest + { + private class Case + { + private byte[] message; + private byte[] digest; + private int blockSize; + private int outputSize; + + public Case(int blockSize, int outputSize, string message, string digest) + { + this.blockSize = blockSize; + this.outputSize = outputSize; + this.message = Hex.Decode(message); + this.digest = Hex.Decode(digest); + } + + public int getOutputSize() + { + return outputSize; + } + + public int getBlockSize() + { + return blockSize; + } + + public byte[] getMessage() + { + return message; + } + + public byte[] getDigest() + { + return digest; + } + + } + + // Test cases from skein_golden_kat.txt and skein_golden_kat_short.txt in Skein 1.3 NIST CD + private static readonly Case[] TEST_CASES = { + new Case(256, 256, "", "c8877087da56e072870daa843f176e9453115929094c3a40c463a196c29bf7ba"), + new Case(256, 256, "fb", "088eb23cc2bccfb8171aa64e966d4af937325167dfcd170700ffd21f8a4cbdac"), + new Case(256, 256, "fbd17c26b61a82e12e125f0d459b96c91ab4837dff22b39b78439430cdfc5dc8", + "5c3002ff57a627089ea2f97a5000d5678416389019e80e45a3bbcab118315d26"), + new Case(256, 256, "fbd17c26b61a82e12e125f0d459b96c91ab4837dff22b39b78439430cdfc5dc8" + + "78bb393a1a5f79bef30995a85a129233", + "640c894a4bba6574c83e920ddf7dd2982fc634881bbbcb9d774eae0a285e89ce"), + new Case(256, 160, "fbd17c26b61a82e12e125f0d459b96c91ab4837dff22b39b78439430cdfc5dc8" + + "78bb393a1a5f79bef30995a85a12923339ba8ab7d8fc6dc5fec6f4ed22c122bb" + + "e7eb61981892966de5cef576f71fc7a80d14dab2d0c03940b95b9fb3a727c66a" + + "6e1ff0dc311b9aa21a3054484802154c1826c2a27a0914152aeb76f1168d4410", + "0cd491b7715704c3a15a45a1ca8d93f8f646d3a1"), + new Case(256, 224, "fbd17c26b61a82e12e125f0d459b96c91ab4837dff22b39b78439430cdfc5dc8" + + "78bb393a1a5f79bef30995a85a12923339ba8ab7d8fc6dc5fec6f4ed22c122bb" + + "e7eb61981892966de5cef576f71fc7a80d14dab2d0c03940b95b9fb3a727c66a" + + "6e1ff0dc311b9aa21a3054484802154c1826c2a27a0914152aeb76f1168d4410", + "afd1e2d0f5b6cd4e1f8b3935fa2497d27ee97e72060adac099543487"), + new Case(256, 256, "fbd17c26b61a82e12e125f0d459b96c91ab4837dff22b39b78439430cdfc5dc8" + + "78bb393a1a5f79bef30995a85a12923339ba8ab7d8fc6dc5fec6f4ed22c122bb" + + "e7eb61981892966de5cef576f71fc7a80d14dab2d0c03940b95b9fb3a727c66a" + + "6e1ff0dc311b9aa21a3054484802154c1826c2a27a0914152aeb76f1168d4410", + "4de6fe2bfdaa3717a4261030ef0e044ced9225d066354610842a24a3eafd1dcf"), + new Case(256, 384, "fbd17c26b61a82e12e125f0d459b96c91ab4837dff22b39b78439430cdfc5dc8" + + "78bb393a1a5f79bef30995a85a12923339ba8ab7d8fc6dc5fec6f4ed22c122bb" + + "e7eb61981892966de5cef576f71fc7a80d14dab2d0c03940b95b9fb3a727c66a" + + "6e1ff0dc311b9aa21a3054484802154c1826c2a27a0914152aeb76f1168d4410", + "954620fb31e8b782a2794c6542827026fe069d715df04261629fcbe81d7d529b" + + "95ba021fa4239fb00afaa75f5fd8e78b"), + new Case(256, 512, "fbd17c26b61a82e12e125f0d459b96c91ab4837dff22b39b78439430cdfc5dc8" + + "78bb393a1a5f79bef30995a85a12923339ba8ab7d8fc6dc5fec6f4ed22c122bb" + + "e7eb61981892966de5cef576f71fc7a80d14dab2d0c03940b95b9fb3a727c66a" + + "6e1ff0dc311b9aa21a3054484802154c1826c2a27a0914152aeb76f1168d4410", + "51347e27c7eabba514959f899a6715ef6ad5cf01c23170590e6a8af399470bf9" + + "0ea7409960a708c1dbaa90e86389df254abc763639bb8cdf7fb663b29d9557c3"), + new Case(256, 1024, "fbd17c26b61a82e12e125f0d459b96c91ab4837dff22b39b78439430cdfc5dc8" + + "78bb393a1a5f79bef30995a85a12923339ba8ab7d8fc6dc5fec6f4ed22c122bb" + + "e7eb61981892966de5cef576f71fc7a80d14dab2d0c03940b95b9fb3a727c66a" + + "6e1ff0dc311b9aa21a3054484802154c1826c2a27a0914152aeb76f1168d4410", + "6c9b6facbaf116b538aa655e0be0168084aa9f1be445f7e06714585e5999a6c9" + + "84fffa9d41a316028692d4aad18f573fbf27cf78e84de26da1928382b023987d" + + "cfe002b6201ea33713c54a8a5d9eb346f0365e04330d2faaf7bc8aba92a5d7fb" + + "6345c6fb26750bce65ab2045c233627679ac6e9acb33602e26fe3526063ecc8b"), + + new Case(512, 512, "", "bc5b4c50925519c290cc634277ae3d6257212395cba733bbad37a4af0fa06af4" + + "1fca7903d06564fea7a2d3730dbdb80c1f85562dfcc070334ea4d1d9e72cba7a"), + new Case(512, 512, "fb", "c49e03d50b4b2cc46bd3b7ef7014c8a45b016399fd1714467b7596c86de98240" + + "e35bf7f9772b7d65465cd4cffab14e6bc154c54fc67b8bc340abf08eff572b9e"), + new Case(512, 512, "fbd17c26b61a82e12e125f0d459b96c91ab4837dff22b39b78439430cdfc5dc8", + "abefb179d52f68f86941acbbe014cc67ec66ad78b7ba9508eb1400ee2cbdb06f" + + "9fe7c2a260a0272d0d80e8ef5e8737c0c6a5f1c02ceb00fb2746f664b85fcef5"), + new Case(512, 512, "fbd17c26b61a82e12e125f0d459b96c91ab4837dff22b39b78439430cdfc5dc8" + + "78bb393a1a5f79bef30995a85a129233", + "5c5b7956f9d973c0989aa40a71aa9c48a65af2757590e9a758343c7e23ea2df4" + + "057ce0b49f9514987feff97f648e1dd065926e2c371a0211ca977c213f14149f"), + new Case(512, 160, "fbd17c26b61a82e12e125f0d459b96c91ab4837dff22b39b78439430cdfc5dc8" + + "78bb393a1a5f79bef30995a85a12923339ba8ab7d8fc6dc5fec6f4ed22c122bb" + + "e7eb61981892966de5cef576f71fc7a80d14dab2d0c03940b95b9fb3a727c66a" + + "6e1ff0dc311b9aa21a3054484802154c1826c2a27a0914152aeb76f1168d4410", + "ef03079d61b57c6047e15fa2b35b46fa24279539"), + new Case(512, 224, "fbd17c26b61a82e12e125f0d459b96c91ab4837dff22b39b78439430cdfc5dc8" + + "78bb393a1a5f79bef30995a85a12923339ba8ab7d8fc6dc5fec6f4ed22c122bb" + + "e7eb61981892966de5cef576f71fc7a80d14dab2d0c03940b95b9fb3a727c66a" + + "6e1ff0dc311b9aa21a3054484802154c1826c2a27a0914152aeb76f1168d4410", + "d9e3219b214e15246a2038f76a573e018ef69b385b3bd0576b558231"), + new Case(512, 256, "fbd17c26b61a82e12e125f0d459b96c91ab4837dff22b39b78439430cdfc5dc8" + + "78bb393a1a5f79bef30995a85a12923339ba8ab7d8fc6dc5fec6f4ed22c122bb" + + "e7eb61981892966de5cef576f71fc7a80d14dab2d0c03940b95b9fb3a727c66a" + + "6e1ff0dc311b9aa21a3054484802154c1826c2a27a0914152aeb76f1168d4410", + "809dd3f763a11af90912bbb92bc0d94361cbadab10142992000c88b4ceb88648"), + new Case(512, 384, "fbd17c26b61a82e12e125f0d459b96c91ab4837dff22b39b78439430cdfc5dc8" + + "78bb393a1a5f79bef30995a85a12923339ba8ab7d8fc6dc5fec6f4ed22c122bb" + + "e7eb61981892966de5cef576f71fc7a80d14dab2d0c03940b95b9fb3a727c66a" + + "6e1ff0dc311b9aa21a3054484802154c1826c2a27a0914152aeb76f1168d4410", + "825f5cbd5da8807a7b4d3e7bd9cd089ca3a256bcc064cd73a9355bf3ae67f2bf" + + "93ac7074b3b19907a0665ba3a878b262"), + new Case(512, 512, "fbd17c26b61a82e12e125f0d459b96c91ab4837dff22b39b78439430cdfc5dc8" + + "78bb393a1a5f79bef30995a85a12923339ba8ab7d8fc6dc5fec6f4ed22c122bb" + + "e7eb61981892966de5cef576f71fc7a80d14dab2d0c03940b95b9fb3a727c66a" + + "6e1ff0dc311b9aa21a3054484802154c1826c2a27a0914152aeb76f1168d4410", + "1a0d5abf4432e7c612d658f8dcfa35b0d1ab68b8d6bd4dd115c23cc57b5c5bcd" + + "de9bff0ece4208596e499f211bc07594d0cb6f3c12b0e110174b2a9b4b2cb6a9"), + + new Case(1024, 1024, "", "0fff9563bb3279289227ac77d319b6fff8d7e9f09da1247b72a0a265cd6d2a62" + + "645ad547ed8193db48cff847c06494a03f55666d3b47eb4c20456c9373c86297" + + "d630d5578ebd34cb40991578f9f52b18003efa35d3da6553ff35db91b81ab890" + + "bec1b189b7f52cb2a783ebb7d823d725b0b4a71f6824e88f68f982eefc6d19c6"), + new Case(1024, 1024, "fb", "6426bdc57b2771a6ef1b0dd39f8096a9a07554565743ac3de851d28258fcff22" + + "9993e11c4e6bebc8b6ecb0ad1b140276081aa390ec3875960336119427827473" + + "4770671b79f076771e2cfdaaf5adc9b10cbae43d8e6cd2b1c1f5d6c82dc96618" + + "00ddc476f25865b8748253173187d81da971c027d91d32fb390301c2110d2db2"), + new Case(1024, 1024, "fbd17c26b61a82e12e125f0d459b96c91ab4837dff22b39b78439430cdfc5dc8", + "140e93726ab0b0467c0b8a834ad8cda4d1769d273661902b70db0dcb5ee692ac" + + "b3f852d03b11f857850f2428432811309c1dcbe5724f00267ea3667e89fadb4e" + + "4911da6b0ba8a7eddf87c1c67152ef0f07b7fead3557318478bdef5ad1e5926d" + + "7071fdd4bfa5076d4b3253f8de479ebdf5357676f1641b2f097e9b785e9e528e"), + new Case(1024, 1024, "fbd17c26b61a82e12e125f0d459b96c91ab4837dff22b39b78439430cdfc5dc8" + + "78bb393a1a5f79bef30995a85a129233", + "31105e1ef042c30b95b16e0f6e6a1a19172bb7d54a0597dd0c711194888efe1d" + + "bce82d47416df9577ca387219f06e45cd10964ff36f6711edbbea0e9595b0f66" + + "f72b755d70a46857e0aec98561a743d49370d8e572e212811273125f66cc30bf" + + "117d3221894c48012bf6e2219de91e064b01523517420a1e00f71c4cc04bab62"), + new Case(1024, 160, "fbd17c26b61a82e12e125f0d459b96c91ab4837dff22b39b78439430cdfc5dc8" + + "78bb393a1a5f79bef30995a85a12923339ba8ab7d8fc6dc5fec6f4ed22c122bb" + + "e7eb61981892966de5cef576f71fc7a80d14dab2d0c03940b95b9fb3a727c66a" + + "6e1ff0dc311b9aa21a3054484802154c1826c2a27a0914152aeb76f1168d4410", + "2e6a4cbf2ef05ea9c24b93e8d1de732ddf2739eb"), + new Case(1024, 224, "fbd17c26b61a82e12e125f0d459b96c91ab4837dff22b39b78439430cdfc5dc8" + + "78bb393a1a5f79bef30995a85a12923339ba8ab7d8fc6dc5fec6f4ed22c122bb" + + "e7eb61981892966de5cef576f71fc7a80d14dab2d0c03940b95b9fb3a727c66a" + + "6e1ff0dc311b9aa21a3054484802154c1826c2a27a0914152aeb76f1168d4410", + "1d6de19f37f7a3c265440eecb4b9fbd3300bb5ac60895cfc0d4d3c72"), + new Case(1024, 256, "fbd17c26b61a82e12e125f0d459b96c91ab4837dff22b39b78439430cdfc5dc8" + + "78bb393a1a5f79bef30995a85a12923339ba8ab7d8fc6dc5fec6f4ed22c122bb" + + "e7eb61981892966de5cef576f71fc7a80d14dab2d0c03940b95b9fb3a727c66a" + + "6e1ff0dc311b9aa21a3054484802154c1826c2a27a0914152aeb76f1168d4410", + "986a4d472b123e8148731a8eac9db23325f0058c4ccbc44a5bb6fe3a8db672d7"), + new Case(1024, 384, "fbd17c26b61a82e12e125f0d459b96c91ab4837dff22b39b78439430cdfc5dc8" + + "78bb393a1a5f79bef30995a85a12923339ba8ab7d8fc6dc5fec6f4ed22c122bb" + + "e7eb61981892966de5cef576f71fc7a80d14dab2d0c03940b95b9fb3a727c66a" + + "6e1ff0dc311b9aa21a3054484802154c1826c2a27a0914152aeb76f1168d4410", + "9c3d0648c11f31c18395d5e6c8ebd73f43d189843fc45235e2c35e345e12d62b" + + "c21a41f65896ddc6a04969654c2e2ce9"), + new Case(1024, 512, "fbd17c26b61a82e12e125f0d459b96c91ab4837dff22b39b78439430cdfc5dc8" + + "78bb393a1a5f79bef30995a85a12923339ba8ab7d8fc6dc5fec6f4ed22c122bb" + + "e7eb61981892966de5cef576f71fc7a80d14dab2d0c03940b95b9fb3a727c66a" + + "6e1ff0dc311b9aa21a3054484802154c1826c2a27a0914152aeb76f1168d4410", + "5d0416f49c2d08dfd40a1446169dc6a1d516e23b8b853be4933513051de8d5c2" + + "6baccffb08d3b16516ba3c6ccf3e9a6c78fff6ef955f2dbc56e1459a7cdba9a5"), + new Case(1024, 1024, "fbd17c26b61a82e12e125f0d459b96c91ab4837dff22b39b78439430cdfc5dc8" + + "78bb393a1a5f79bef30995a85a12923339ba8ab7d8fc6dc5fec6f4ed22c122bb" + + "e7eb61981892966de5cef576f71fc7a80d14dab2d0c03940b95b9fb3a727c66a" + + "6e1ff0dc311b9aa21a3054484802154c1826c2a27a0914152aeb76f1168d4410", + "96ca81f586c825d0360aef5acaec49ad55289e1797072eee198b64f349ce65b6" + + "e6ed804fe38f05135fe769cc56240ddda5098f620865ce4a4278c77fa2ec6bc3" + + "1c0f354ca78c7ca81665bfcc5dc54258c3b8310ed421d9157f36c093814d9b25" + + "103d83e0ddd89c52d0050e13a64c6140e6388431961685734b1f138fe2243086"), + + }; + + public override string Name + { + get { return "SkeinDigest"; } + } + + public override void PerformTest() + { + for (int i = 0; i < TEST_CASES.Length; i++) + { + Case test = TEST_CASES[i]; + runTest(test); + } + } + + private void runTest(Case dc) + { + SkeinDigest digest = new SkeinDigest(dc.getBlockSize(), dc.getOutputSize()); + + byte[] message = dc.getMessage(); + digest.BlockUpdate(message, 0, message.Length); + + byte[] output = new byte[digest.GetDigestSize()]; + digest.DoFinal(output, 0); + + if (!AreEqual(output, dc.getDigest())) + { + Fail(digest.AlgorithmName + " message mismatch.\n Message " + Hex.ToHexString(dc.getMessage()), + Hex.ToHexString(dc.getDigest()), Hex.ToHexString(output)); + } + + // Clone test + digest.BlockUpdate(message, 0, message.Length / 2); + + // clone the Digest + IDigest d = new SkeinDigest(digest); + + digest.BlockUpdate(message, message.Length / 2, message.Length - message.Length / 2); + digest.DoFinal(output, 0); + + if (!AreEqual(dc.getDigest(), output)) + { + Fail("failing clone vector test", Hex.ToHexString(dc.getDigest()), Hex.ToHexString(output)); + } + + d.BlockUpdate(message, message.Length / 2, message.Length - message.Length / 2); + d.DoFinal(output, 0); + + if (!AreEqual(dc.getDigest(), output)) + { + Fail("failing second clone vector test", Hex.ToHexString(dc.getDigest()), Hex.ToHexString(output)); + } + + // // + // // memo test + // // + // Memoable m = (Memoable)digest; + // + // digest.Update(message, 0, message.Length / 2); + // + // // copy the Digest + // Memoable copy1 = m.copy(); + // Memoable copy2 = copy1.copy(); + // + // digest.Update(message, message.Length / 2, message.Length - message.Length / 2); + // digest.DoFinal(output, 0); + // + // if (!AreEqual(dc.getDigest(), output)) + // { + // Fail("failing memo vector test", Hex.ToHexString(dc.getDigest()), Hex.ToHexString(output)); + // } + // + // m.reset(copy1); + // + // digest.Update(message, message.Length / 2, message.Length - message.Length / 2); + // digest.DoFinal(output, 0); + // + // if (!AreEqual(dc.getDigest(), output)) + // { + // fail("failing memo reset vector test", Hex.ToHexString(dc.getDigest()), Hex.ToHexString(output)); + // } + // + // IDigest md = (IDigest)copy2; + // + // md.Update(message, message.Length / 2, message.Length - message.Length / 2); + // md.DoFinal(output, 0); + // + // if (!AreEqual(dc.getDigest(), output)) + // { + // Fail("failing memo copy vector test", Hex.ToHexString(dc.getDigest()), Hex.ToHexString(output)); + // } + } + + public static void Main( + string[] args) + { + RunTest(new SkeinDigestTest()); + } + + [Test] + public void TestFunction() + { + string resultText = Perform().ToString(); + + Assert.AreEqual(Name + ": Okay", resultText); + } + + } +} \ No newline at end of file diff --git a/BouncyCastle/crypto/test/src/crypto/test/SkeinMacTest.cs b/BouncyCastle/crypto/test/src/crypto/test/SkeinMacTest.cs new file mode 100644 index 0000000..852c3b2 --- /dev/null +++ b/BouncyCastle/crypto/test/src/crypto/test/SkeinMacTest.cs @@ -0,0 +1,174 @@ +using System; + +using NUnit.Framework; + +using Org.BouncyCastle.Crypto; +using Org.BouncyCastle.Crypto.Macs; +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Utilities.Encoders; +using Org.BouncyCastle.Utilities.Test; + + +namespace Org.BouncyCastle.Crypto.Tests +{ + + [TestFixture] + public class SkeinMacTest + : SimpleTest + { + private class Case + { + private byte[] message; + private byte[] digest; + private byte[] key; + private int blockSize; + private int outputSize; + + public Case(int blockSize, int outputSize, String message, String key, String digest) + { + this.blockSize = blockSize; + this.outputSize = outputSize; + this.message = Hex.Decode(message); + this.key = Hex.Decode(key); + this.digest = Hex.Decode(digest); + } + + public int getOutputSize() + { + return outputSize; + } + + public int getBlockSize() + { + return blockSize; + } + + public byte[] getMessage() + { + return message; + } + + public byte[] getKey() + { + return key; + } + + public byte[] getDigest() + { + return digest; + } + + public override string ToString() + { + return String.Format("new Case({0}, {1}, \"{2}\", \"{3}\", \"{4}\"),", blockSize, outputSize, + Hex.ToHexString(message), Hex.ToHexString(key), Hex.ToHexString(digest)); + } + + } + + // Test cases from skein_golden_kat.txt in Skein 1.3 NIST CD + // Excludes empty '(none)' key 'random+MAC' tests, which are in effect digest + private static readonly Case[] TEST_CASES = { + new Case(256, 256, "", "cb41f1706cde09651203c2d0efbaddf8", "886e4efefc15f06aa298963971d7a25398fffe5681c84db39bd00851f64ae29d"), + new Case(256, 256, "d3", "cb41f1706cde09651203c2d0efbaddf847a0d315cb2e53ff8bac41da0002672e920244c66e02d5f0dad3e94c42bb65f0d14157decf4105ef5609d5b0984457c193", "979422a94e3afaa46664124d4e5e8b9422b1d8baf11c6ae6725992ac72a112ca"), + new Case(256, 256, "d3090c72", "cb41f1706cde09651203c2d0efbaddf847a0d315cb2e53ff8bac41da0002672e", "1d658372cbea2f9928493cc47599d6f4ad8ce33536bedfa20b739f07516519d5"), + new Case(256, 256, "d3090c72167517f7", "cb41f1706cde09651203c2d0efbaddf847a0d315cb2e53ff8bac41da0002672e92", "41ef6b0f0fad81c040284f3b1a91e9c44e4c26a6d7207f3aac4362856ef12aca"), + new Case(256, 256, "d3090c72167517f7c7ad82a70c2fd3f6", "cb41f1706cde09651203c2d0efbaddf847a0d315cb2e53ff8bac41da0002672e920244c66e02d5f0dad3e94c42bb65f0d14157decf4105ef5609d5b0984457c193", "ca8208119b9e4e4057631ab31015cfd256f6763a0a34381633d97f640899b84f"), + new Case(256, 256, "d3090c72167517f7c7ad82a70c2fd3f6443f608301591e598eadb195e8357135", "cb41f1706cde09651203c2d0efbaddf847a0d315cb2e53ff8bac41da0002672e", "9e9980fcc16ee082cf164a5147d0e0692aeffe3dcb8d620e2bb542091162e2e9"), + new Case(256, 256, "d3090c72167517f7c7ad82a70c2fd3f6443f608301591e598eadb195e8357135ba26fede2ee187417f816048d00fc235", "cb41f1706cde09651203c2d0efbaddf847a0d315cb2e53ff8bac41da0002672e920244c66e02d5f0dad3e94c42bb65f0d14157decf4105ef5609d5b0984457c193", "c353a316558ec34f8245dd2f9c2c4961fbc7decc3b69053c103e4b8aaaf20394"), + new Case(256, 256, "d3090c72167517f7c7ad82a70c2fd3f6443f608301591e598eadb195e8357135ba26fede2ee187417f816048d00fc23512737a2113709a77e4170c49a94b7fdf", "cb41f1706cde09651203c2d0efbaddf8", "b1b8c18188e69a6ecae0b6018e6b638c6a91e6de6881e32a60858468c17b520d"), + new Case(256, 256, "d3090c72167517f7c7ad82a70c2fd3f6443f608301591e598eadb195e8357135ba26fede2ee187417f816048d00fc23512737a2113709a77e4170c49a94b7fdff45ff579a72287743102e7766c35ca5abc5dfe2f63a1e726ce5fbd2926db03a2", "cb41f1706cde09651203c2d0efbaddf847a0d315cb2e53ff8bac41da0002672e92", "1dfd2515a412e78852cd81a7f2167711b4ca19b2891c2ea36ba94f8451944793"), + new Case(256, 224, "d3090c72167517f7c7ad82a70c2fd3f6443f608301591e598eadb195e8357135ba26fede2ee187417f816048d00fc23512737a2113709a77e4170c49a94b7fdff45ff579a72287743102e7766c35ca5abc5dfe2f63a1e726ce5fbd2926db03a2dd18b03fc1508a9aac45eb362440203a323e09edee6324ee2e37b4432c1867ed", "cb41f1706cde09651203c2d0efbaddf8", "a097340709b443ed2c0a921f5dcefef3ead65c4f0bcd5f13da54d7ed"), + new Case(256, 256, "d3090c72167517f7c7ad82a70c2fd3f6443f608301591e598eadb195e8357135ba26fede2ee187417f816048d00fc23512737a2113709a77e4170c49a94b7fdff45ff579a72287743102e7766c35ca5abc5dfe2f63a1e726ce5fbd2926db03a2dd18b03fc1508a9aac45eb362440203a323e09edee6324ee2e37b4432c1867ed", "cb41f1706cde09651203c2d0efbaddf847a0d315cb2e53ff8bac41da0002672e", "ac1b4fab6561c92d0c487e082daec53e0db4f505e08bf51cae4fd5375e37fc04"), + new Case(256, 384, "d3090c72167517f7c7ad82a70c2fd3f6443f608301591e598eadb195e8357135ba26fede2ee187417f816048d00fc23512737a2113709a77e4170c49a94b7fdff45ff579a72287743102e7766c35ca5abc5dfe2f63a1e726ce5fbd2926db03a2dd18b03fc1508a9aac45eb362440203a323e09edee6324ee2e37b4432c1867ed", "cb41f1706cde09651203c2d0efbaddf847a0d315cb2e53ff8bac41da0002672e92", "96e6cebb23573d0a70ce36a67aa05d2403148093f25c695e1254887cc97f9771d2518413af4286bf2a06b61a53f7fcec"), + new Case(256, 512, "d3090c72167517f7c7ad82a70c2fd3f6443f608301591e598eadb195e8357135ba26fede2ee187417f816048d00fc23512737a2113709a77e4170c49a94b7fdff45ff579a72287743102e7766c35ca5abc5dfe2f63a1e726ce5fbd2926db03a2dd18b03fc1508a9aac45eb362440203a323e09edee6324ee2e37b4432c1867ed", "cb41f1706cde09651203c2d0efbaddf847a0d315cb2e53ff8bac41da0002672e920244c66e02d5f0dad3e94c42bb65f0d14157decf4105ef5609d5b0984457c193", "0e95e597e71d6350f20b99c4179f54f43a4722705c06ba765a82cb0a314fe2fe87ef8090063b757e53182706ed18737dadc0da1e1c66518f08334052702c5ed7"), + new Case(256, 264, "d3090c72167517f7c7ad82a70c2fd3f6443f608301591e598eadb195e8357135ba26fede2ee187417f816048d00fc23512737a2113709a77e4170c49a94b7fdff45ff579a72287743102e7766c35ca5abc5dfe2f63a1e726ce5fbd2926db03a2dd18b03fc1508a9aac45eb362440203a323e09edee6324ee2e37b4432c1867ed", "cb41f1706cde09651203c2d0efbaddf8", "064abd4896f460b1953f5a357e7f7c5256e29cdb62b8740d0b52295cfa2ef4c7a2"), + new Case(256, 520, "d3090c72167517f7c7ad82a70c2fd3f6443f608301591e598eadb195e8357135ba26fede2ee187417f816048d00fc23512737a2113709a77e4170c49a94b7fdff45ff579a72287743102e7766c35ca5abc5dfe2f63a1e726ce5fbd2926db03a2dd18b03fc1508a9aac45eb362440203a323e09edee6324ee2e37b4432c1867ed", "cb41f1706cde09651203c2d0efbaddf847a0d315cb2e53ff8bac41da0002672e", "edf220e43e048603bd16197d59b673b9974de5b8bcf7cb1558a4799f6fd3743eb5fb400cd6129afc0c60e7b741b7e5806f0e0b93eb8429fbc7efa222175a9c80fd"), + new Case(256, 1032, "d3090c72167517f7c7ad82a70c2fd3f6443f608301591e598eadb195e8357135ba26fede2ee187417f816048d00fc23512737a2113709a77e4170c49a94b7fdff45ff579a72287743102e7766c35ca5abc5dfe2f63a1e726ce5fbd2926db03a2dd18b03fc1508a9aac45eb362440203a323e09edee6324ee2e37b4432c1867ed", "cb41f1706cde09651203c2d0efbaddf847a0d315cb2e53ff8bac41da0002672e92", "f3f59fb07399c7b73aae02a8590883cb2fdfde75c55654e71846522301bde48d267169adcc559e038e8c2f28faa552b550d51874055384adea93c036c71a1f0af0c7bcc3bc923738d5307b9da7cb423d4e615c629c4aba71f70d4c9d1fa008176825e51bfa0203445a4083947ec19f6a0fbd082b5b970f2396fb67420639410447"), + new Case(256, 2056, "d3090c72167517f7c7ad82a70c2fd3f6443f608301591e598eadb195e8357135ba26fede2ee187417f816048d00fc23512737a2113709a77e4170c49a94b7fdff45ff579a72287743102e7766c35ca5abc5dfe2f63a1e726ce5fbd2926db03a2dd18b03fc1508a9aac45eb362440203a323e09edee6324ee2e37b4432c1867ed", "cb41f1706cde09651203c2d0efbaddf847a0d315cb2e53ff8bac41da0002672e920244c66e02d5f0dad3e94c42bb65f0d14157decf4105ef5609d5b0984457c193", "80eb80d9b8836b32fa576fc84ba08edfbdfd6979123d61914e610a70a372b37f560a10909484f9f4a377c93e29ba681dfe522c41dc83b5ee0567e5370007c7bbe4df0b2b4a25e088f80d72fc30734cdcd76d817b42fbd44dca881019afb25306f19d4e91848778af306517d2072cef72caa327e877c5b6554f83cec3d00877131b47c4d3b557f5a13541c4d5080ee3ce7a658993d083efd0db3496a8752060c3c8552f44b290cabdcc867f691ad605836c08dbd59c9528d885b600b85fdfc8a9d0e636ac3ad8b4295bcb0169e78dc358e77eacc8c4b61bddfa9e5f32d2268a006cfe05c57150fe8e68cabd21cf6cf6035aa1fe4db36c922b765aad0b64e82a2c37"), + new Case(256, 256, "d3090c72167517f7c7ad82a70c2fd3f6443f608301591e598eadb195e8357135ba26fede2ee187417f816048d00fc23512737a2113709a77e4170c49a94b7fdff45ff579a72287743102e7766c35ca5abc5dfe2f63a1e726ce5fbd2926db03a2dd18b03fc1508a9aac45eb362440203a323e09edee6324ee2e37b4432c1867ed696e6c9db1e6abea026288954a9c2d5758d7c5db7c9e48aa3d21cae3d977a7c3926066aa393dbd538dd0c30da8916c8757f24c18488014668a2627163a37b261833dc2f8c3c56b1b2e0be21fd3fbdb507b2950b77a6cc02efb393e57419383a920767bca2c972107aa61384542d47cbfb82cfe5c415389d1b0a2d74e2c5da851", "cb41f1706cde09651203c2d0efbaddf847a0d315cb2e53ff8bac41da0002672e", "8f88de68f03cd2f396ccdd49c3a0f4ff15bcda7eb357da9753f6116b124de91d"), + new Case(512, 512, "", "cb41f1706cde09651203c2d0efbaddf847a0d315cb2e53ff8bac41da0002672e920244c66e02d5f0dad3e94c42bb65f0d14157decf4105ef5609d5b0984457c1935df3061ff06e9f204192ba11e5bb2cac0430c1c370cb3d113fea5ec1021eb875e5946d7a96ac69a1626c6206b7252736f24253c9ee9b85eb852dfc814631346c", "9bd43d2a2fcfa92becb9f69faab3936978f1b865b7e44338fc9c8f16aba949ba340291082834a1fc5aa81649e13d50cd98641a1d0883062bfe2c16d1faa7e3aa"), + new Case(512, 512, "d3", "cb41f1706cde09651203c2d0efbaddf847a0d315cb2e53ff8bac41da0002672e920244c66e02d5f0dad3e94c42bb65f0d14157decf4105ef5609d5b0984457c1", "f0c0a10f031c8fc69cfabcd54154c318b5d6cd95d06b12cf20264402492211ee010d5cecc2dc37fd772afac0596b2bf71e6020ef2dee7c860628b6e643ed9ff6"), + new Case(512, 512, "d3090c72167517f7", "cb41f1706cde09651203c2d0efbaddf847a0d315cb2e53ff8bac41da0002672e", "0c1f1921253dd8e5c2d4c5f4099f851042d91147892705829161f5fc64d89785226eb6e187068493ee4c78a4b7c0f55a8cbbb1a5982c2daf638fc6a74b16b0d7"), + new Case(512, 512, "d3090c72167517f7c7ad82a70c2fd3f6", "cb41f1706cde09651203c2d0efbaddf847a0d315cb2e53ff8bac41da0002672e920244c66e02d5f0dad3e94c42bb65f0d14157decf4105ef5609d5b0984457c1", "478d7b6c0cc6e35d9ebbdedf39128e5a36585db6222891692d1747d401de34ce3db6fcbab6c968b7f2620f4a844a2903b547775579993736d2493a75ff6752a1"), + new Case(512, 512, "d3090c72167517f7c7ad82a70c2fd3f6443f608301591e59", "cb41f1706cde09651203c2d0efbaddf847a0d315cb2e53ff8bac41da0002672e920244c66e02d5f0dad3e94c42bb65f0d14157decf4105ef5609d5b0984457c193", "13c170bac1de35e5fb843f65fabecf214a54a6e0458a4ff6ea5df91915468f4efcd371effa8965a9e82c5388d84730490dcf3976af157b8baf550655a5a6ab78"), + new Case(512, 512, "d3090c72167517f7c7ad82a70c2fd3f6443f608301591e598eadb195e8357135ba26fede2ee187417f816048d00fc235", "cb41f1706cde09651203c2d0efbaddf847a0d315cb2e53ff8bac41da0002672e920244c66e02d5f0dad3e94c42bb65f0d14157decf4105ef5609d5b0984457c1", "a947812529a72fd3b8967ec391b298bee891babc8487a1ec4ea3d88f6b2b5be09ac6a780f30f8e8c3bbb4f18bc302a28f3e87d170ba0f858a8fefe3487478cca"), + new Case(512, 512, "d3090c72167517f7c7ad82a70c2fd3f6443f608301591e598eadb195e8357135ba26fede2ee187417f816048d00fc23512737a2113709a77e4170c49a94b7fdf", "cb41f1706cde09651203c2d0efbaddf847a0d315cb2e53ff8bac41da0002672e920244c66e02d5f0dad3e94c42bb65f0d14157decf4105ef5609d5b0984457c1935df3061ff06e9f204192ba11e5bb2cac0430c1c370cb3d113fea5ec1021eb875e5946d7a96ac69a1626c6206b7252736f24253c9ee9b85eb852dfc814631346c", "7690ba61f10e0bba312980b0212e6a9a51b0e9aadfde7ca535754a706e042335b29172aae29d8bad18efaf92d43e6406f3098e253f41f2931eda5911dc740352"), + new Case(512, 512, "d3090c72167517f7c7ad82a70c2fd3f6443f608301591e598eadb195e8357135ba26fede2ee187417f816048d00fc23512737a2113709a77e4170c49a94b7fdff45ff579a72287743102e7766c35ca5abc5dfe2f63a1e726ce5fbd2926db03a2", "cb41f1706cde09651203c2d0efbaddf847a0d315cb2e53ff8bac41da0002672e", "d10e3ba81855ac087fbf5a3bc1f99b27d05f98ba22441138026225d34a418b93fd9e8dfaf5120757451adabe050d0eb59d271b0fe1bbf04badbcf9ba25a8791b"), + new Case(512, 160, "d3090c72167517f7c7ad82a70c2fd3f6443f608301591e598eadb195e8357135ba26fede2ee187417f816048d00fc23512737a2113709a77e4170c49a94b7fdff45ff579a72287743102e7766c35ca5abc5dfe2f63a1e726ce5fbd2926db03a2dd18b03fc1508a9aac45eb362440203a323e09edee6324ee2e37b4432c1867ed", "cb41f1706cde09651203c2d0efbaddf847a0d315cb2e53ff8bac41da0002672e920244c66e02d5f0dad3e94c42bb65f0d14157decf4105ef5609d5b0984457c193", "5670b226156570dff3efe16661ab86eb24982cdf"), + new Case(512, 224, "d3090c72167517f7c7ad82a70c2fd3f6443f608301591e598eadb195e8357135ba26fede2ee187417f816048d00fc23512737a2113709a77e4170c49a94b7fdff45ff579a72287743102e7766c35ca5abc5dfe2f63a1e726ce5fbd2926db03a2dd18b03fc1508a9aac45eb362440203a323e09edee6324ee2e37b4432c1867ed", "cb41f1706cde09651203c2d0efbaddf847a0d315cb2e53ff8bac41da0002672e920244c66e02d5f0dad3e94c42bb65f0d14157decf4105ef5609d5b0984457c1935df3061ff06e9f204192ba11e5bb2cac0430c1c370cb3d113fea5ec1021eb875e5946d7a96ac69a1626c6206b7252736f24253c9ee9b85eb852dfc814631346c", "c41b9ff9753e6c0f8ed88866e320535e927fe4da552c289841a920db"), + new Case(512, 384, "d3090c72167517f7c7ad82a70c2fd3f6443f608301591e598eadb195e8357135ba26fede2ee187417f816048d00fc23512737a2113709a77e4170c49a94b7fdff45ff579a72287743102e7766c35ca5abc5dfe2f63a1e726ce5fbd2926db03a2dd18b03fc1508a9aac45eb362440203a323e09edee6324ee2e37b4432c1867ed", "cb41f1706cde09651203c2d0efbaddf847a0d315cb2e53ff8bac41da0002672e", "dfbf5c1319a1d9d70efb2f1600fbcf694f935907f31d24a16d6cd2fb2d7855a769681766c0a29da778eed346cd1d740f"), + new Case(512, 512, "d3090c72167517f7c7ad82a70c2fd3f6443f608301591e598eadb195e8357135ba26fede2ee187417f816048d00fc23512737a2113709a77e4170c49a94b7fdff45ff579a72287743102e7766c35ca5abc5dfe2f63a1e726ce5fbd2926db03a2dd18b03fc1508a9aac45eb362440203a323e09edee6324ee2e37b4432c1867ed", "cb41f1706cde09651203c2d0efbaddf847a0d315cb2e53ff8bac41da0002672e920244c66e02d5f0dad3e94c42bb65f0d14157decf4105ef5609d5b0984457c1", "04d8cddb0ad931d54d195899a094684344e902286037272890bce98a41813edc37a3cee190a693fcca613ee30049ce7ec2bdff9613f56778a13f8c28a21d167a"), + new Case(512, 1024, "d3090c72167517f7c7ad82a70c2fd3f6443f608301591e598eadb195e8357135ba26fede2ee187417f816048d00fc23512737a2113709a77e4170c49a94b7fdff45ff579a72287743102e7766c35ca5abc5dfe2f63a1e726ce5fbd2926db03a2dd18b03fc1508a9aac45eb362440203a323e09edee6324ee2e37b4432c1867ed", "cb41f1706cde09651203c2d0efbaddf847a0d315cb2e53ff8bac41da0002672e920244c66e02d5f0dad3e94c42bb65f0d14157decf4105ef5609d5b0984457c193", "08fca368b3b14ac406676adf37ac9be2dbb8704e694055a0c6331184d4f0070098f23f0963ee29002495771bf56fb4d3d9ff3506abcd80be927379f7880d5d7703919fbf92184f498ac44f47f015ce676eded9165d47d53733f5a27abbc05f45acd98b97cc15ffdced641defd1a5119ef841b452a1b8f94ee69004466ccdc143"), + new Case(512, 264, "d3090c72167517f7c7ad82a70c2fd3f6443f608301591e598eadb195e8357135ba26fede2ee187417f816048d00fc23512737a2113709a77e4170c49a94b7fdff45ff579a72287743102e7766c35ca5abc5dfe2f63a1e726ce5fbd2926db03a2dd18b03fc1508a9aac45eb362440203a323e09edee6324ee2e37b4432c1867ed", "cb41f1706cde09651203c2d0efbaddf847a0d315cb2e53ff8bac41da0002672e920244c66e02d5f0dad3e94c42bb65f0d14157decf4105ef5609d5b0984457c1935df3061ff06e9f204192ba11e5bb2cac0430c1c370cb3d113fea5ec1021eb875e5946d7a96ac69a1626c6206b7252736f24253c9ee9b85eb852dfc814631346c", "669e770ebe7eacc2b64caaf049923ad297a5b37cfa61c283392d81ccfcb9bbbc09"), + new Case(512, 1032, "d3090c72167517f7c7ad82a70c2fd3f6443f608301591e598eadb195e8357135ba26fede2ee187417f816048d00fc23512737a2113709a77e4170c49a94b7fdff45ff579a72287743102e7766c35ca5abc5dfe2f63a1e726ce5fbd2926db03a2dd18b03fc1508a9aac45eb362440203a323e09edee6324ee2e37b4432c1867ed", "cb41f1706cde09651203c2d0efbaddf847a0d315cb2e53ff8bac41da0002672e", "acc2e03f07f33e9820a6038421089429adcd6a7a83f733beec048c05bf37531a170a5537fcb565c348a70a83217f8be768ff6f95fd2b3d89cb7d8a3dc849505e3710eb4e65a8e7134bbf580d92fe18c9aa987563669b1f014aa5e092519089355534eaa9f0bdc99f6839f54080ffe74623254c906ecb8896b4346c3178a0bc2898"), + new Case(512, 2056, "d3090c72167517f7c7ad82a70c2fd3f6443f608301591e598eadb195e8357135ba26fede2ee187417f816048d00fc23512737a2113709a77e4170c49a94b7fdff45ff579a72287743102e7766c35ca5abc5dfe2f63a1e726ce5fbd2926db03a2dd18b03fc1508a9aac45eb362440203a323e09edee6324ee2e37b4432c1867ed", "cb41f1706cde09651203c2d0efbaddf847a0d315cb2e53ff8bac41da0002672e920244c66e02d5f0dad3e94c42bb65f0d14157decf4105ef5609d5b0984457c1", "9f3e082223c43090a4a3ffbdcd469cbabfe0c1399d1edf45a5dfc18f4db5428928a76e979b8d0d5dffec0e6a59ada448c1ffbc06cc80a2006f002adc0c6dbf458563762228dce4381944e460ebebfe06f1237093634625107469a22a189a47f8b025899265d8890a1b39df64552394377e88ba2ad44a8c8d174f884ac8c3ae24ddb0affca5fceb6aa76e09706881e8371774b9b050a69b96ef5e97e81043f8b7e9479e287ab441bacd62caf768a82c8c3e3107be70eb8799a39856fe29842a04e25de0ef9de1b7e65bd0f1f7306835287fc957388e2035b7d22d3aa9c06a9fefbca16f3f60e1c4def89038d918942152a069aa2e0be8ae7475d859031adec84583"), + new Case(1024, 1024, "", "cb41f1706cde09651203c2d0efbaddf847a0d315cb2e53ff8bac41da0002672e920244c66e02d5f0dad3e94c42bb65f0d14157decf4105ef5609d5b0984457c1935df3061ff06e9f204192ba11e5bb2cac0430c1c370cb3d113fea5ec1021eb875e5946d7a96ac69a1626c6206b7252736f24253c9ee9b85eb852dfc81463134", "bcf37b3459c88959d6b6b58b2bfe142cef60c6f4ec56b0702480d7893a2b0595aa354e87102a788b61996b9cbc1eade7dafbf6581135572c09666d844c90f066b800fc4f5fd1737644894ef7d588afc5c38f5d920bdbd3b738aea3a3267d161ed65284d1f57da73b68817e17e381ca169115152b869c66b812bb9a84275303f0"), + new Case(1024, 1024, "d3090c72", "cb41f1706cde09651203c2d0efbaddf847a0d315cb2e53ff8bac41da0002672e920244c66e02d5f0dad3e94c42bb65f0d14157decf4105ef5609d5b0984457c1935df3061ff06e9f204192ba11e5bb2cac0430c1c370cb3d113fea5ec1021eb875e5946d7a96ac69a1626c6206b7252736f24253c9ee9b85eb852dfc814631346c", "df0596e5808835a3e304aa27923db05f61dac57c0696a1d19abf188e70aa9dbcc659e9510f7c9a37fbc025bd4e5ea293e78ed7838dd0b08864e8ad40ddb3a88031ebefc21572a89960d1916107a7da7ac0c067e34ec46a86a29ca63fa250bd398eb32ec1ed0f8ac8329f26da018b029e41e2e58d1dfc44de81615e6c987ed9c9"), + new Case(1024, 1024, "d3090c72167517f7", "cb41f1706cde09651203c2d0efbaddf847a0d315cb2e53ff8bac41da0002672e920244c66e02d5f0dad3e94c42bb65f0d14157decf4105ef5609d5b0984457c1935df3061ff06e9f204192ba11e5bb2cac0430c1c370cb3d113fea5ec1021eb875e5946d7a96ac69a1626c6206b7252736f24253c9ee9b85eb852dfc814631346c042eb4187aa1c015a4767032c0bb28f076b66485f51531c12e948f47dbc2cb904a4b75d1e8a6d931dab4a07e0a54d1bb5b55e602141746bd09fb15e8f01a8d74e9e63959cb37336bc1b896ec78da734c15e362db04368fbba280f20a043e0d0941e9f5193e1b360a33c43b266524880125222e648f05f28be34ba3cabfc9c544", "3cfbb79cd88af8ee09c7670bcbab6907a31f80fa31d9d7c9d50826c9568f307a78bd254961398c76b6e338fd9ca5f351059350d30963c3320659b223b991fc46d1307686fe2b4763d9f593c57ad5adbc45caf2ea3dc6090f5a74fa5fa6d9e9838964ea0a2aa216831ab069b00629a1a9b037083403bdb25d3d06a21c430c87dd"), + new Case(1024, 1024, "d3090c72167517f7c7ad82a70c2fd3f6443f608301591e59", "cb41f1706cde09651203c2d0efbaddf847a0d315cb2e53ff8bac41da0002672e920244c66e02d5f0dad3e94c42bb65f0d14157decf4105ef5609d5b0984457c1", "0a1b960099fc9d653b0fd1f5b6b972fb366907b772cbce5a59b6171d7935506f70c212bd169d68c5cfd8618343611b7eb2e686ff1dc7c03a57e1a55ed10726848161eea903d53b58459be42d95df989c66c2eea4e51cde272c2d8be67bf3bca2aee633777eb8486781eaa060d0f538abd6c93dbd2d1bf66e6f50bfdcac3725a4"), + new Case(1024, 1024, "d3090c72167517f7c7ad82a70c2fd3f6443f608301591e598eadb195e8357135", "cb41f1706cde09651203c2d0efbaddf847a0d315cb2e53ff8bac41da0002672e920244c66e02d5f0dad3e94c42bb65f0d14157decf4105ef5609d5b0984457c1935df3061ff06e9f204192ba11e5bb2cac0430c1c370cb3d113fea5ec1021eb875e5946d7a96ac69a1626c6206b7252736f24253c9ee9b85eb852dfc814631346c", "3e0cd7938d71c39ffbb08a6ba7995ade3ad140e2c0c45cdbafb099247e08e4c20b61c1f885ced5ed2f816680925034918236e5807f0eecf3f27e9cfca36675eb75873efa1fb41f17541dc2f7c2469eaecb35cc7ca58e489804caf56f09fb97c9f689c64ad49c6888f86c483e901bd3d25798b394ef93faf9154900f92f31f433"), + new Case(1024, 1024, "d3090c72167517f7c7ad82a70c2fd3f6443f608301591e598eadb195e8357135ba26fede2ee187417f816048d00fc23512737a2113709a77e4170c49a94b7fdf", "cb41f1706cde09651203c2d0efbaddf847a0d315cb2e53ff8bac41da0002672e920244c66e02d5f0dad3e94c42bb65f0d14157decf4105ef5609d5b0984457c1935df3061ff06e9f204192ba11e5bb2cac0430c1c370cb3d113fea5ec1021eb875e5946d7a96ac69a1626c6206b7252736f24253c9ee9b85eb852dfc81463134", "7266752f7e9aa04bd7d8a1b16030677de6021301f6a62473c76bae2b98bbf8aad73bd00a4b5035f741caf2317ab80e4e97f5c5bbe8acc0e8b424bcb13c7c6740a985801fba54addde8d4f13f69d2bfc98ae104d46a211145217e51d510ea846cec9581d14fda079f775c8b18d66cb31bf7060996ee8a69eee7f107909ce59a97"), + new Case(1024, 1024, "d3090c72167517f7c7ad82a70c2fd3f6443f608301591e598eadb195e8357135ba26fede2ee187417f816048d00fc23512737a2113709a77e4170c49a94b7fdff45ff579a72287743102e7766c35ca5abc5dfe2f63a1e726ce5fbd2926db03a2", "cb41f1706cde09651203c2d0efbaddf847a0d315cb2e53ff8bac41da0002672e920244c66e02d5f0dad3e94c42bb65f0d14157decf4105ef5609d5b0984457c1935df3061ff06e9f204192ba11e5bb2cac0430c1c370cb3d113fea5ec1021eb875e5946d7a96ac69a1626c6206b7252736f24253c9ee9b85eb852dfc814631346c042eb4187aa1c015a4767032c0bb28f076b66485f51531c12e948f47dbc2cb904a4b75d1e8a6d931dab4a07e0a54d1bb5b55e602141746bd09fb15e8f01a8d74e9e63959cb37336bc1b896ec78da734c15e362db04368fbba280f20a043e0d0941e9f5193e1b360a33c43b266524880125222e648f05f28be34ba3cabfc9c544", "71f40bf2aa635125ef83c8df0d4e9ea18b73b56be4f45e89b910a7c68d396b65b09d18abc7d1b6de3f53fd5de583e6f22e612dd17b292068af6027daaf8b4cd60acf5bc85044741e9f7a1f423f5827f5e360930a2e71912239af9fc6343604fdcf3f3569854f2bb8d25a81e3b3f5261a02fe8292aaaa50c324101ab2c7a2f349"), + new Case(1024, 160, "d3090c72167517f7c7ad82a70c2fd3f6443f608301591e598eadb195e8357135ba26fede2ee187417f816048d00fc23512737a2113709a77e4170c49a94b7fdff45ff579a72287743102e7766c35ca5abc5dfe2f63a1e726ce5fbd2926db03a2dd18b03fc1508a9aac45eb362440203a323e09edee6324ee2e37b4432c1867ed", "cb41f1706cde09651203c2d0efbaddf847a0d315cb2e53ff8bac41da0002672e920244c66e02d5f0dad3e94c42bb65f0d14157decf4105ef5609d5b0984457c1", "17c3c533b27d666da556ae586e641b7a3a0bcc45"), + new Case(1024, 224, "d3090c72167517f7c7ad82a70c2fd3f6443f608301591e598eadb195e8357135ba26fede2ee187417f816048d00fc23512737a2113709a77e4170c49a94b7fdff45ff579a72287743102e7766c35ca5abc5dfe2f63a1e726ce5fbd2926db03a2dd18b03fc1508a9aac45eb362440203a323e09edee6324ee2e37b4432c1867ed", "cb41f1706cde09651203c2d0efbaddf847a0d315cb2e53ff8bac41da0002672e920244c66e02d5f0dad3e94c42bb65f0d14157decf4105ef5609d5b0984457c1935df3061ff06e9f204192ba11e5bb2cac0430c1c370cb3d113fea5ec1021eb875e5946d7a96ac69a1626c6206b7252736f24253c9ee9b85eb852dfc81463134", "6625df9801581009125ea4e5c94ad6f1a2d692c278822ccb6eb67235"), + new Case(1024, 256, "d3090c72167517f7c7ad82a70c2fd3f6443f608301591e598eadb195e8357135ba26fede2ee187417f816048d00fc23512737a2113709a77e4170c49a94b7fdff45ff579a72287743102e7766c35ca5abc5dfe2f63a1e726ce5fbd2926db03a2dd18b03fc1508a9aac45eb362440203a323e09edee6324ee2e37b4432c1867ed", "cb41f1706cde09651203c2d0efbaddf847a0d315cb2e53ff8bac41da0002672e920244c66e02d5f0dad3e94c42bb65f0d14157decf4105ef5609d5b0984457c1935df3061ff06e9f204192ba11e5bb2cac0430c1c370cb3d113fea5ec1021eb875e5946d7a96ac69a1626c6206b7252736f24253c9ee9b85eb852dfc814631346c", "6c5b671c1766f6eecea6d24b641d4a6bf84bba13a1976f8f80b3f30ee2f93de6"), + new Case(1024, 384, "d3090c72167517f7c7ad82a70c2fd3f6443f608301591e598eadb195e8357135ba26fede2ee187417f816048d00fc23512737a2113709a77e4170c49a94b7fdff45ff579a72287743102e7766c35ca5abc5dfe2f63a1e726ce5fbd2926db03a2dd18b03fc1508a9aac45eb362440203a323e09edee6324ee2e37b4432c1867ed", "cb41f1706cde09651203c2d0efbaddf847a0d315cb2e53ff8bac41da0002672e920244c66e02d5f0dad3e94c42bb65f0d14157decf4105ef5609d5b0984457c1935df3061ff06e9f204192ba11e5bb2cac0430c1c370cb3d113fea5ec1021eb875e5946d7a96ac69a1626c6206b7252736f24253c9ee9b85eb852dfc814631346c042eb4187aa1c015a4767032c0bb28f076b66485f51531c12e948f47dbc2cb904a4b75d1e8a6d931dab4a07e0a54d1bb5b55e602141746bd09fb15e8f01a8d74e9e63959cb37336bc1b896ec78da734c15e362db04368fbba280f20a043e0d0941e9f5193e1b360a33c43b266524880125222e648f05f28be34ba3cabfc9c544", "98af454d7fa3706dfaafbf58c3f9944868b57f68f493987347a69fce19865febba0407a16b4e82065035651f0b1e0327"), + new Case(1024, 1024, "d3090c72167517f7c7ad82a70c2fd3f6443f608301591e598eadb195e8357135ba26fede2ee187417f816048d00fc23512737a2113709a77e4170c49a94b7fdff45ff579a72287743102e7766c35ca5abc5dfe2f63a1e726ce5fbd2926db03a2dd18b03fc1508a9aac45eb362440203a323e09edee6324ee2e37b4432c1867ed", "cb41f1706cde09651203c2d0efbaddf847a0d315cb2e53ff8bac41da0002672e920244c66e02d5f0dad3e94c42bb65f0d14157decf4105ef5609d5b0984457c1", "211ac479e9961141da3aac19d320a1dbbbfad55d2dce87e6a345fcd58e36827597378432b482d89bad44dddb13e6ad86e0ee1e0882b4eb0cd6a181e9685e18dd302ebb3aa74502c06254dcadfb2bd45d288f82366b7afc3bc0f6b1a3c2e8f84d37fbedd07a3f8fcff84faf24c53c11da600aaa118e76cfdcb366d0b3f7729dce"), + new Case(1024, 264, "d3090c72167517f7c7ad82a70c2fd3f6443f608301591e598eadb195e8357135ba26fede2ee187417f816048d00fc23512737a2113709a77e4170c49a94b7fdff45ff579a72287743102e7766c35ca5abc5dfe2f63a1e726ce5fbd2926db03a2dd18b03fc1508a9aac45eb362440203a323e09edee6324ee2e37b4432c1867ed", "cb41f1706cde09651203c2d0efbaddf847a0d315cb2e53ff8bac41da0002672e920244c66e02d5f0dad3e94c42bb65f0d14157decf4105ef5609d5b0984457c1935df3061ff06e9f204192ba11e5bb2cac0430c1c370cb3d113fea5ec1021eb875e5946d7a96ac69a1626c6206b7252736f24253c9ee9b85eb852dfc81463134", "dc1d253b7cadbdaef18503b1809a7f1d4f8c323b7f6f8ca50b76d3864649ce1c7d"), + new Case(1024, 520, "d3090c72167517f7c7ad82a70c2fd3f6443f608301591e598eadb195e8357135ba26fede2ee187417f816048d00fc23512737a2113709a77e4170c49a94b7fdff45ff579a72287743102e7766c35ca5abc5dfe2f63a1e726ce5fbd2926db03a2dd18b03fc1508a9aac45eb362440203a323e09edee6324ee2e37b4432c1867ed", "cb41f1706cde09651203c2d0efbaddf847a0d315cb2e53ff8bac41da0002672e920244c66e02d5f0dad3e94c42bb65f0d14157decf4105ef5609d5b0984457c1935df3061ff06e9f204192ba11e5bb2cac0430c1c370cb3d113fea5ec1021eb875e5946d7a96ac69a1626c6206b7252736f24253c9ee9b85eb852dfc814631346c", "decd79578d12bf6806530c382230a2c7836429c70cac941179e1dd982938bab91fb6f3638df1cc1ef615ecfc4249e5aca8a73c4c1eebef662a836d0be903b00146"), + new Case(1024, 1032, "d3090c72167517f7c7ad82a70c2fd3f6443f608301591e598eadb195e8357135ba26fede2ee187417f816048d00fc23512737a2113709a77e4170c49a94b7fdff45ff579a72287743102e7766c35ca5abc5dfe2f63a1e726ce5fbd2926db03a2dd18b03fc1508a9aac45eb362440203a323e09edee6324ee2e37b4432c1867ed", "cb41f1706cde09651203c2d0efbaddf847a0d315cb2e53ff8bac41da0002672e920244c66e02d5f0dad3e94c42bb65f0d14157decf4105ef5609d5b0984457c1935df3061ff06e9f204192ba11e5bb2cac0430c1c370cb3d113fea5ec1021eb875e5946d7a96ac69a1626c6206b7252736f24253c9ee9b85eb852dfc814631346c042eb4187aa1c015a4767032c0bb28f076b66485f51531c12e948f47dbc2cb904a4b75d1e8a6d931dab4a07e0a54d1bb5b55e602141746bd09fb15e8f01a8d74e9e63959cb37336bc1b896ec78da734c15e362db04368fbba280f20a043e0d0941e9f5193e1b360a33c43b266524880125222e648f05f28be34ba3cabfc9c544", "440fe691e04f1fed8c253d6c4670646156f33fffaea702de9445df5739eb960cecf85d56e2e6860a610211a5c909932ab774b978aa0b0d5bbce82775172ab12dceddd51d1eb030057ce61bea6c18f6bb368d26ae76a9e44a962eb132e6c42c25d9fecc4f13348300ca55c78e0990de96c1ae24eb3ee3324782c93dd628260a2c8d"), + new Case(1024, 1024, "d3090c72167517f7c7ad82a70c2fd3f6443f608301591e598eadb195e8357135ba26fede2ee187417f816048d00fc23512737a2113709a77e4170c49a94b7fdff45ff579a72287743102e7766c35ca5abc5dfe2f63a1e726ce5fbd2926db03a2dd18b03fc1508a9aac45eb362440203a323e09edee6324ee2e37b4432c1867ed696e6c9db1e6abea026288954a9c2d5758d7c5db7c9e48aa3d21cae3d977a7c3926066aa393dbd538dd0c30da8916c8757f24c18488014668a2627163a37b261833dc2f8c3c56b1b2e0be21fd3fbdb507b2950b77a6cc02efb393e57419383a920767bca2c972107aa61384542d47cbfb82cfe5c415389d1b0a2d74e2c5da851", "cb41f1706cde09651203c2d0efbaddf847a0d315cb2e53ff8bac41da0002672e920244c66e02d5f0dad3e94c42bb65f0d14157decf4105ef5609d5b0984457c1935df3061ff06e9f204192ba11e5bb2cac0430c1c370cb3d113fea5ec1021eb875e5946d7a96ac69a1626c6206b7252736f24253c9ee9b85eb852dfc814631346c", "46a42b0d7b8679f8fcea156c072cf9833c468a7d59ac5e5d326957d60dfe1cdfb27eb54c760b9e049fda47f0b847ac68d6b340c02c39d4a18c1bdfece3f405fae8aa848bdbefe3a4c277a095e921228618d3be8bd1999a071682810de748440ad416a97742cc9e8a9b85455b1d76472cf562f525116698d5cd0a35ddf86e7f8a"), + + }; + + public override string Name + { + get { return "SkeinMac"; } + } + + public override void PerformTest() + { + for (int i = 0; i < TEST_CASES.Length; i++) + { + Case test = TEST_CASES[i]; + runTest(test); + } + } + + private void runTest(Case dc) + { + IMac digest = new SkeinMac(dc.getBlockSize(), dc.getOutputSize()); + digest.Init(new KeyParameter(dc.getKey())); + + byte[] message = dc.getMessage(); + digest.BlockUpdate(message, 0, message.Length); + + byte[] output = new byte[digest.GetMacSize()]; + digest.DoFinal(output, 0); + + if (!AreEqual(output, dc.getDigest())) + { + Fail(digest.AlgorithmName + " message " + (dc.getMessage().Length * 8) + " mismatch.\n Message " + Hex.ToHexString(dc.getMessage()) + + "\n Key " + Hex.ToHexString(dc.getKey()) + "\n Expected " + + Hex.ToHexString(dc.getDigest()) + "\n Actual " + Hex.ToHexString(output)); + } + + } + + public static void Main( + string[] args) + { + RunTest(new SkeinMacTest()); + } + + [Test] + public void TestFunction() + { + string resultText = Perform().ToString(); + + Assert.AreEqual(Name + ": Okay", resultText); + } + + } +} \ No newline at end of file diff --git a/BouncyCastle/crypto/test/src/crypto/test/SkipjackTest.cs b/BouncyCastle/crypto/test/src/crypto/test/SkipjackTest.cs new file mode 100644 index 0000000..d9fe6e4 --- /dev/null +++ b/BouncyCastle/crypto/test/src/crypto/test/SkipjackTest.cs @@ -0,0 +1,46 @@ +using System; + +using NUnit.Framework; + +using Org.BouncyCastle.Crypto.Engines; +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Utilities.Encoders; +using Org.BouncyCastle.Utilities.Test; + +namespace Org.BouncyCastle.Crypto.Tests +{ + [TestFixture] + public class SkipjackTest + : CipherTest + { + public override string Name + { + get { return "SKIPJACK"; } + } + + internal static SimpleTest[] tests = new SimpleTest[]{ + new BlockCipherVectorTest(0, new SkipjackEngine(), new KeyParameter(Hex.Decode("00998877665544332211")), "33221100ddccbbaa", "2587cae27a12d300")}; + + public SkipjackTest() + : base(tests, new SkipjackEngine(), new KeyParameter(new byte[16])) + { + } + + public static void Main( + string[] args) + { + ITest test = new SkipjackTest(); + ITestResult result = test.Perform(); + + Console.WriteLine(result); + } + + [Test] + public void TestFunction() + { + string resultText = Perform().ToString(); + + Assert.AreEqual(Name + ": Okay", resultText); + } + } +} diff --git a/BouncyCastle/crypto/test/src/crypto/test/StreamCipherResetTest.cs b/BouncyCastle/crypto/test/src/crypto/test/StreamCipherResetTest.cs new file mode 100644 index 0000000..49760a2 --- /dev/null +++ b/BouncyCastle/crypto/test/src/crypto/test/StreamCipherResetTest.cs @@ -0,0 +1,134 @@ +using System; + +using NUnit.Framework; + +using Org.BouncyCastle.Crypto.Engines; +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Security; +using Org.BouncyCastle.Utilities; +using Org.BouncyCastle.Utilities.Encoders; +using Org.BouncyCastle.Utilities.Test; + +namespace Org.BouncyCastle.Crypto.Tests +{ + /** + * Test whether block ciphers implement reset contract on init, encrypt/decrypt and reset. + */ + [TestFixture] + public class StreamCipherResetTest + : SimpleTest + { + public override string Name + { + get { return "Stream Cipher Reset"; } + } + + public override void PerformTest() + { + TestReset(typeof(Salsa20Engine), 32, 8); + TestReset(typeof(Salsa20Engine), 16, 8); + TestReset(typeof(XSalsa20Engine), 32, 24); + TestReset(typeof(ChaChaEngine), 32, 8); + TestReset(typeof(ChaChaEngine), 16, 8); + TestReset(typeof(RC4Engine), 16); + TestReset(typeof(IsaacEngine), 16); + TestReset(typeof(HC128Engine), 16, 16); + TestReset(typeof(HC256Engine), 16, 16); + //TestReset(typeof(Grainv1Engine), 16, 8); + //TestReset(typeof(Grain128Engine), 16, 12); + } + + private static readonly SecureRandom RAND = new SecureRandom(); + + private static byte[] Random(int size) + { + return SecureRandom.GetNextBytes(RAND, size); + } + + private IStreamCipher Make(Type sct) + { + return (IStreamCipher)Activator.CreateInstance(sct); + } + + private void TestReset(Type sct, int keyLen) + { + TestReset(Make(sct), Make(sct), new KeyParameter(Random(keyLen))); + } + + private void TestReset(Type sct, int keyLen, int ivLen) + { + TestReset(Make(sct), Make(sct), new ParametersWithIV(new KeyParameter(Random(keyLen)), Random(ivLen))); + } + + private void TestReset(IStreamCipher cipher1, IStreamCipher cipher2, ICipherParameters cipherParams) + { + cipher1.Init(true, cipherParams); + + byte[] plaintext = new byte[1023]; + byte[] ciphertext = new byte[plaintext.Length]; + + // Establish baseline answer + cipher1.ProcessBytes(plaintext, 0, plaintext.Length, ciphertext, 0); + + // Test encryption resets + CheckReset(cipher1, cipherParams, true, plaintext, ciphertext); + + // Test decryption resets with fresh instance + cipher2.Init(false, cipherParams); + CheckReset(cipher2, cipherParams, false, ciphertext, plaintext); + } + + private void CheckReset(IStreamCipher cipher, ICipherParameters cipherParams, + bool encrypt, byte[] pretext, byte[] posttext) + { + // Do initial run + byte[] output = new byte[posttext.Length]; + cipher.ProcessBytes(pretext, 0, pretext.Length, output, 0); + + // Check encrypt resets cipher + cipher.Init(encrypt, cipherParams); + + try + { + cipher.ProcessBytes(pretext, 0, pretext.Length, output, 0); + } + catch (Exception e) + { + Fail(cipher.AlgorithmName + " init did not reset: " + e.Message); + } + if (!Arrays.AreEqual(output, posttext)) + { + Fail(cipher.AlgorithmName + " init did not reset.", Hex.ToHexString(posttext), Hex.ToHexString(output)); + } + + // Check reset resets data + cipher.Reset(); + + try + { + cipher.ProcessBytes(pretext, 0, pretext.Length, output, 0); + } + catch (Exception e) + { + Fail(cipher.AlgorithmName + " reset did not reset: " + e.Message); + } + if (!Arrays.AreEqual(output, posttext)) + { + Fail(cipher.AlgorithmName + " reset did not reset."); + } + } + + public static void Main(string[] args) + { + RunTest(new StreamCipherResetTest()); + } + + [Test] + public void TestFunction() + { + string resultText = Perform().ToString(); + + Assert.AreEqual(Name + ": Okay", resultText); + } + } +} diff --git a/BouncyCastle/crypto/test/src/crypto/test/StreamCipherVectorTest.cs b/BouncyCastle/crypto/test/src/crypto/test/StreamCipherVectorTest.cs new file mode 100644 index 0000000..c807a68 --- /dev/null +++ b/BouncyCastle/crypto/test/src/crypto/test/StreamCipherVectorTest.cs @@ -0,0 +1,66 @@ +using System; + +using Org.BouncyCastle.Crypto; +using Org.BouncyCastle.Utilities; +using Org.BouncyCastle.Utilities.Test; +using Org.BouncyCastle.Utilities.Encoders; + +namespace Org.BouncyCastle.Crypto.Tests +{ + /** + * a basic test that takes a stream cipher, key parameter, and an input + * and output string. + */ + public class StreamCipherVectorTest: SimpleTest + { + int id; + IStreamCipher cipher; + ICipherParameters param; + byte[] input; + byte[] output; + + public StreamCipherVectorTest( + int id, + IStreamCipher cipher, + ICipherParameters param, + string input, + string output) + { + this.id = id; + this.cipher = cipher; + this.param = param; + this.input = Hex.Decode(input); + this.output = Hex.Decode(output); + } + + public override string Name + { + get { return cipher.AlgorithmName + " Vector Test " + id; } + } + + public override void PerformTest() + { + cipher.Init(true, param); + + byte[] outBytes = new byte[input.Length]; + + cipher.ProcessBytes(input, 0, input.Length, outBytes, 0); + + if (!Arrays.AreEqual(outBytes, output)) + { + Fail("failed - " + + "expected " + Hex.ToHexString(output) + + " got " + Hex.ToHexString(outBytes)); + } + + cipher.Init(false, param); + + cipher.ProcessBytes(output, 0, output.Length, outBytes, 0); + + if (!Arrays.AreEqual(input, outBytes)) + { + Fail("failed reversal"); + } + } + } +} diff --git a/BouncyCastle/crypto/test/src/crypto/test/TEATest.cs b/BouncyCastle/crypto/test/src/crypto/test/TEATest.cs new file mode 100644 index 0000000..525941d --- /dev/null +++ b/BouncyCastle/crypto/test/src/crypto/test/TEATest.cs @@ -0,0 +1,59 @@ +using System; + +using NUnit.Framework; + +using Org.BouncyCastle.Crypto.Engines; +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Utilities.Encoders; +using Org.BouncyCastle.Utilities.Test; + +namespace Org.BouncyCastle.Crypto.Tests +{ + /** + * TEA tester - based on C implementation results from http://www.simonshepherd.supanet.com/tea.htm + */ + [TestFixture] + public class TeaTest + : CipherTest + { + private static readonly SimpleTest[] tests = + { + new BlockCipherVectorTest(0, new TeaEngine(), + new KeyParameter(Hex.Decode("00000000000000000000000000000000")), + "0000000000000000","41ea3a0a94baa940"), + new BlockCipherVectorTest(1, new TeaEngine(), + new KeyParameter(Hex.Decode("00000000000000000000000000000000")), + "0102030405060708", "6a2f9cf3fccf3c55"), + new BlockCipherVectorTest(2, new TeaEngine(), + new KeyParameter(Hex.Decode("0123456712345678234567893456789A")), + "0000000000000000", "34e943b0900f5dcb"), + new BlockCipherVectorTest(3, new TeaEngine(), + new KeyParameter(Hex.Decode("0123456712345678234567893456789A")), + "0102030405060708", "773dc179878a81c0"), + }; + + public TeaTest() + : base(tests, new TeaEngine(), new KeyParameter(new byte[16])) + { + } + + public override string Name + { + get { return "TEA"; } + } + + public static void Main( + string[] args) + { + RunTest(new TeaTest()); + } + + [Test] + public void TestFunction() + { + string resultText = Perform().ToString(); + + Assert.AreEqual(Name + ": Okay", resultText); + } + } +} diff --git a/BouncyCastle/crypto/test/src/crypto/test/Threefish1024Test.cs b/BouncyCastle/crypto/test/src/crypto/test/Threefish1024Test.cs new file mode 100644 index 0000000..64f9aa2 --- /dev/null +++ b/BouncyCastle/crypto/test/src/crypto/test/Threefish1024Test.cs @@ -0,0 +1,74 @@ +using System; + +using NUnit.Framework; + +using Org.BouncyCastle.Crypto.Engines; +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Utilities.Encoders; +using Org.BouncyCastle.Utilities.Test; + +namespace Org.BouncyCastle.Crypto.Tests +{ + + [TestFixture] + public class Threefish1024Test + : CipherTest + { + // Test cases from skein_golden_kat_internals.txt in Skein 1.3 NIST CD + static SimpleTest[] tests = + { + new BlockCipherVectorTest(0, new ThreefishEngine(ThreefishEngine.BLOCKSIZE_1024), + new TweakableBlockCipherParameters( + new KeyParameter(new byte[128]), + new byte[16]), + "0000000000000000000000000000000000000000000000000000000000000000" + + "0000000000000000000000000000000000000000000000000000000000000000" + + "0000000000000000000000000000000000000000000000000000000000000000" + + "0000000000000000000000000000000000000000000000000000000000000000", + "f05c3d0a3d05b304f785ddc7d1e036015c8aa76e2f217b06c6e1544c0bc1a90d" + + "f0accb9473c24e0fd54fea68057f43329cb454761d6df5cf7b2e9b3614fbd5a2" + + "0b2e4760b40603540d82eabc5482c171c832afbe68406bc39500367a592943fa" + + "9a5b4a43286ca3c4cf46104b443143d560a4b230488311df4feef7e1dfe8391e"), + new BlockCipherVectorTest(1, new ThreefishEngine(ThreefishEngine.BLOCKSIZE_1024), + new TweakableBlockCipherParameters( + new KeyParameter(Hex.Decode( + "101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f" + + "303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f" + + "505152535455565758595a5b5c5d5e5f606162636465666768696a6b6c6d6e6f" + + "707172737475767778797a7b7c7d7e7f808182838485868788898a8b8c8d8e8f")), + Hex.Decode("000102030405060708090a0b0c0d0e0f")), + "fffefdfcfbfaf9f8f7f6f5f4f3f2f1f0efeeedecebeae9e8e7e6e5e4e3e2e1e0" + + "dfdedddcdbdad9d8d7d6d5d4d3d2d1d0cfcecdcccbcac9c8c7c6c5c4c3c2c1c0" + + "bfbebdbcbbbab9b8b7b6b5b4b3b2b1b0afaeadacabaaa9a8a7a6a5a4a3a2a1a0" + + "9f9e9d9c9b9a999897969594939291908f8e8d8c8b8a89888786858483828180", + "a6654ddbd73cc3b05dd777105aa849bce49372eaaffc5568d254771bab85531c" + + "94f780e7ffaae430d5d8af8c70eebbe1760f3b42b737a89cb363490d670314bd" + + "8aa41ee63c2e1f45fbd477922f8360b388d6125ea6c7af0ad7056d01796e90c8" + + "3313f4150a5716b30ed5f569288ae974ce2b4347926fce57de44512177dd7cde") + }; + + public Threefish1024Test() + : base(tests, new ThreefishEngine(ThreefishEngine.BLOCKSIZE_1024), new KeyParameter(new byte[128])) + { + } + + public override string Name + { + get { return "Threefish-1024"; } + } + + public static void Main( + string[] args) + { + RunTest(new Threefish1024Test()); + } + + [Test] + public void TestFunction() + { + string resultText = Perform().ToString(); + + Assert.AreEqual(Name + ": Okay", resultText); + } + } +} diff --git a/BouncyCastle/crypto/test/src/crypto/test/Threefish256Test.cs b/BouncyCastle/crypto/test/src/crypto/test/Threefish256Test.cs new file mode 100644 index 0000000..e44299a --- /dev/null +++ b/BouncyCastle/crypto/test/src/crypto/test/Threefish256Test.cs @@ -0,0 +1,59 @@ +using System; + +using NUnit.Framework; + +using Org.BouncyCastle.Crypto.Engines; +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Utilities.Encoders; +using Org.BouncyCastle.Utilities.Test; + +namespace Org.BouncyCastle.Crypto.Tests +{ + + [TestFixture] + public class Threefish256Test + : CipherTest + { + // Test cases from skein_golden_kat_internals.txt in Skein 1.3 NIST CD + static SimpleTest[] tests = + { + new BlockCipherVectorTest(0, new ThreefishEngine(ThreefishEngine.BLOCKSIZE_256), + new TweakableBlockCipherParameters( + new KeyParameter(new byte[32]), + new byte[16]), + "0000000000000000000000000000000000000000000000000000000000000000", + "84da2a1f8beaee947066ae3e3103f1ad536db1f4a1192495116b9f3ce6133fd8"), + new BlockCipherVectorTest(1, new ThreefishEngine(ThreefishEngine.BLOCKSIZE_256), + new TweakableBlockCipherParameters( + new KeyParameter(Hex.Decode( + "101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f")), + Hex.Decode("000102030405060708090a0b0c0d0e0f")), + "FFFEFDFCFBFAF9F8F7F6F5F4F3F2F1F0EFEEEDECEBEAE9E8E7E6E5E4E3E2E1E0", + "e0d091ff0eea8fdfc98192e62ed80ad59d865d08588df476657056b5955e97df") + }; + + public Threefish256Test() + : base(tests, new ThreefishEngine(ThreefishEngine.BLOCKSIZE_256), new KeyParameter(new byte[32])) + { + } + + public override string Name + { + get { return "Threefish-256"; } + } + + public static void Main( + string[] args) + { + RunTest(new Threefish256Test()); + } + + [Test] + public void TestFunction() + { + string resultText = Perform().ToString(); + + Assert.AreEqual(Name + ": Okay", resultText); + } + } +} \ No newline at end of file diff --git a/BouncyCastle/crypto/test/src/crypto/test/Threefish512Test.cs b/BouncyCastle/crypto/test/src/crypto/test/Threefish512Test.cs new file mode 100644 index 0000000..8f4ec63 --- /dev/null +++ b/BouncyCastle/crypto/test/src/crypto/test/Threefish512Test.cs @@ -0,0 +1,64 @@ +using System; + +using NUnit.Framework; + +using Org.BouncyCastle.Crypto.Engines; +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Utilities.Encoders; +using Org.BouncyCastle.Utilities.Test; + +namespace Org.BouncyCastle.Crypto.Tests +{ + + [TestFixture] + public class Threefish512Test + : CipherTest + { + // Test cases from skein_golden_kat_internals.txt in Skein 1.3 NIST CD + static SimpleTest[] tests = + { + new BlockCipherVectorTest(0, new ThreefishEngine(ThreefishEngine.BLOCKSIZE_512), + new TweakableBlockCipherParameters( + new KeyParameter(new byte[64]), + new byte[16]), + "0000000000000000000000000000000000000000000000000000000000000000" + + "0000000000000000000000000000000000000000000000000000000000000000", + "b1a2bbc6ef6025bc40eb3822161f36e375d1bb0aee3186fbd19e47c5d479947b" + + "7bc2f8586e35f0cff7e7f03084b0b7b1f1ab3961a580a3e97eb41ea14a6d7bbe"), + new BlockCipherVectorTest(1, new ThreefishEngine(ThreefishEngine.BLOCKSIZE_512), + new TweakableBlockCipherParameters( + new KeyParameter(Hex.Decode( + "101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f" + + "303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f")), + Hex.Decode("000102030405060708090a0b0c0d0e0f")), + "fffefdfcfbfaf9f8f7f6f5f4f3f2f1f0efeeedecebeae9e8e7e6e5e4e3e2e1e0" + + "dfdedddcdbdad9d8d7d6d5d4d3d2d1d0cfcecdcccbcac9c8c7c6c5c4c3c2c1c0", + "e304439626d45a2cb401cad8d636249a6338330eb06d45dd8b36b90e97254779" + + "272a0a8d99463504784420ea18c9a725af11dffea10162348927673d5c1caf3d") + }; + + public Threefish512Test() + : base(tests, new ThreefishEngine(ThreefishEngine.BLOCKSIZE_512), new KeyParameter(new byte[64])) + { + } + + public override string Name + { + get { return "Threefish-512"; } + } + + public static void Main( + string[] args) + { + RunTest(new Threefish512Test()); + } + + [Test] + public void TestFunction() + { + string resultText = Perform().ToString(); + + Assert.AreEqual(Name + ": Okay", resultText); + } + } +} \ No newline at end of file diff --git a/BouncyCastle/crypto/test/src/crypto/test/TigerDigestTest.cs b/BouncyCastle/crypto/test/src/crypto/test/TigerDigestTest.cs new file mode 100644 index 0000000..b351c4b --- /dev/null +++ b/BouncyCastle/crypto/test/src/crypto/test/TigerDigestTest.cs @@ -0,0 +1,82 @@ +using System; +using System.Text; + +using NUnit.Framework; + +using Org.BouncyCastle.Crypto; +using Org.BouncyCastle.Crypto.Digests; +using Org.BouncyCastle.Crypto.Engines; +using Org.BouncyCastle.Crypto.Encodings; +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Utilities; +using Org.BouncyCastle.Utilities.Encoders; +using Org.BouncyCastle.Utilities.Test; + +namespace Org.BouncyCastle.Crypto.Tests +{ + + /** + * Tiger Digest Test + */ + [TestFixture] + public class TigerDigestTest + : DigestTest + { + readonly static string[] messages = + { + "", + "abc", + "Tiger", + "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+-", + "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvw", + "ABCDEFGHIJKLMNOPQRSTUVWXYZ=abcdefghijklmnopqrstuvwxyz+0123456789", + "Tiger - A Fast New Hash Function, by Ross Anderson and Eli Biham, proceedings of Fast Software Encryption 3, Cambridge, 1996.", + "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+-ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+-" + }; + + readonly static string[] digests = { + "3293AC630C13F0245F92BBB1766E16167A4E58492DDE73F3", + "2AAB1484E8C158F2BFB8C5FF41B57A525129131C957B5F93", + "DD00230799F5009FEC6DEBC838BB6A27DF2B9D6F110C7937", + "F71C8583902AFB879EDFE610F82C0D4786A3A534504486B5", + "38F41D9D9A710A10C3727AC0DEEAA270727D9F926EC10139", + "48CEEB6308B87D46E95D656112CDF18D97915F9765658957", + "631ABDD103EB9A3D245B6DFD4D77B257FC7439501D1568DD", + "C54034E5B43EB8005848A7E0AE6AAC76E4FF590AE715FD25", + "C54034E5B43EB8005848A7E0AE6AAC76E4FF590AE715FD25" + }; + + readonly static string hash64k = "FDF4F5B35139F48E710E421BE5AF411DE1A8AAC333F26204"; + + public TigerDigestTest() + : base(new TigerDigest(), messages, digests) + { + } + + public override void PerformTest() + { + base.PerformTest(); + + sixtyFourKTest(hash64k); + } + + protected override IDigest CloneDigest(IDigest digest) + { + return new TigerDigest((TigerDigest)digest); + } + + public static void Main( + string[] args) + { + RunTest(new TigerDigestTest()); + } + + [Test] + public void TestFunction() + { + string resultText = Perform().ToString(); + + Assert.AreEqual(Name + ": Okay", resultText); + } + } +} diff --git a/BouncyCastle/crypto/test/src/crypto/test/TnepresTest.cs b/BouncyCastle/crypto/test/src/crypto/test/TnepresTest.cs new file mode 100644 index 0000000..07308db --- /dev/null +++ b/BouncyCastle/crypto/test/src/crypto/test/TnepresTest.cs @@ -0,0 +1,155 @@ +using System; + +using NUnit.Framework; + +using Org.BouncyCastle.Crypto.Engines; +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Utilities; +using Org.BouncyCastle.Utilities.Encoders; +using Org.BouncyCastle.Utilities.Test; + +namespace Org.BouncyCastle.Crypto.Tests +{ + /** + * Test vectors based on Floppy 4 of the Serpent AES submission. + */ + [TestFixture] + public class TnepresTest + : CipherTest + { + static SimpleTest[] tests = + { + new BlockCipherVectorTest(0, new TnepresEngine(), + new KeyParameter(Hex.Decode("0000000000000000000000000000000000000000000000000000000000000000")), + "00000000000000000000000000000000", "8910494504181950f98dd998a82b6749"), + new BlockCipherVectorTest(1, new TnepresEngine(), + new KeyParameter(Hex.Decode("00000000000000000000000000000000")), + "80000000000000000000000000000000", "10b5ffb720b8cb9002a1142b0ba2e94a"), + new BlockCipherVectorTest(2, new TnepresEngine(), + new KeyParameter(Hex.Decode("00000000000000000000000000000000")), + "00000000008000000000000000000000", "4f057a42d8d5bd9746e434680ddcd5e5"), + new BlockCipherVectorTest(3, new TnepresEngine(), + new KeyParameter(Hex.Decode("00000000000000000000000000000000")), + "00000000000000000000400000000000", "99407bf8582ef12550886ef5b6f169b9"), + new BlockCipherVectorTest(4, new TnepresEngine(), + new KeyParameter(Hex.Decode("000000000000000000000000000000000000000000000000")), + "40000000000000000000000000000000", "d522a3b8d6d89d4d2a124fdd88f36896"), + new BlockCipherVectorTest(5, new TnepresEngine(), + new KeyParameter(Hex.Decode("000000000000000000000000000000000000000000000000")), + "00000000000200000000000000000000", "189b8ec3470085b3da97e82ca8964e32"), + new BlockCipherVectorTest(6, new TnepresEngine(), + new KeyParameter(Hex.Decode("000000000000000000000000000000000000000000000000")), + "00000000000000000000008000000000", "f77d868cf760b9143a89809510ccb099"), + new BlockCipherVectorTest(7, new TnepresEngine(), + new KeyParameter(Hex.Decode("0000000000000000000000000000000000000000000000000000000000000000")), + "08000000000000000000000000000000", "d43b7b981b829342fce0e3ec6f5f4c82"), + new BlockCipherVectorTest(8, new TnepresEngine(), + new KeyParameter(Hex.Decode("0000000000000000000000000000000000000000000000000000000000000000")), + "00000000000000000100000000000000", "0bf30e1a0c33ccf6d5293177886912a7"), + new BlockCipherVectorTest(9, new TnepresEngine(), + new KeyParameter(Hex.Decode("0000000000000000000000000000000000000000000000000000000000000000")), + "00000000000000000000000000000001", "6a7f3b805d2ddcba49b89770ade5e507"), + new BlockCipherVectorTest(10, new TnepresEngine(), + new KeyParameter(Hex.Decode("80000000000000000000000000000000")), + "00000000000000000000000000000000", "49afbfad9d5a34052cd8ffa5986bd2dd"), + new BlockCipherVectorTest(11, new TnepresEngine(), + new KeyParameter(Hex.Decode("000000000000000000000000004000000000000000000000")), + "00000000000000000000000000000000", "ba8829b1de058c4b48615d851fc74f17"), + new BlockCipherVectorTest(12, new TnepresEngine(), + new KeyParameter(Hex.Decode("0000000000000000000000000000000000000000000000000000000100000000")), + "00000000000000000000000000000000", "89f64377bf1e8a46c8247044e8056a98"), +/* + new BlockCipherMonteCarloTest(13, 10000, new TnepresEngine(), + new KeyParameter(Hex.Decode("47f5f881daab9b67b43bd1342e339c19")), + "7a4f7db38c52a8b711b778a38d203b6b", "003380e19f10065740394f48e2fe80b7"), +*/ + new BlockCipherMonteCarloTest(13, 100, new TnepresEngine(), + new KeyParameter(Hex.Decode("47f5f881daab9b67b43bd1342e339c19")), + "7a4f7db38c52a8b711b778a38d203b6b", "4db75303d815c2f7cc6ca935d1c5a046"), +/* + new BlockCipherMonteCarloTest(14, 10000, new TnepresEngine(), + new KeyParameter(Hex.Decode("31fba879ebc5e80df35e6fa33eaf92d6")), + "70a05e12f74589009692a337f53ff614", "afb5425426906db26b70bdf842ac5400"), +*/ + new BlockCipherMonteCarloTest(14, 100, new TnepresEngine(), + new KeyParameter(Hex.Decode("31fba879ebc5e80df35e6fa33eaf92d6")), + "70a05e12f74589009692a337f53ff614", "fc53a50f4d3bc9836001893d2f41742d"), +/* + new BlockCipherMonteCarloTest(15, 10000, new TnepresEngine(), + new KeyParameter(Hex.Decode("bde6dd392307984695aee80e574f9977caae9aa78eda53e8")), + "9cc523d034a93740a0aa4e2054bb34d8", "1949d506ada7de1f1344986e8ea049b2"), +*/ + new BlockCipherMonteCarloTest(15, 100, new TnepresEngine(), + new KeyParameter(Hex.Decode("bde6dd392307984695aee80e574f9977caae9aa78eda53e8")), + "9cc523d034a93740a0aa4e2054bb34d8", "77117e6a9e80f40b2a36b7d755573c2d"), +/* + new BlockCipherMonteCarloTest(16, 10000, new TnepresEngine(), + new KeyParameter(Hex.Decode("60f6f8ad4290699dc50921a1bbcca92da914e7d9cf01a9317c79c0af8f2487a1")), + "ee1a61106fae2d381d686cbf854bab65", "e57f45559027cb1f2ed9603d814e1c34"), +*/ + new BlockCipherMonteCarloTest(16, 100, new TnepresEngine(), + new KeyParameter(Hex.Decode("60f6f8ad4290699dc50921a1bbcca92da914e7d9cf01a9317c79c0af8f2487a1")), + "ee1a61106fae2d381d686cbf854bab65", "dcd7f13ea0dcdfd0139d1a42e2ffb84b") + }; + + public TnepresTest() + : base(tests, new TnepresEngine(), new KeyParameter(new byte[32])) + { + } + + public override void PerformTest() + { + base.PerformTest(); + + DoCbcMonte(new byte[16], new byte[16], new byte[16], Hex.Decode("9ea101ecebaa41c712bcb0d9bab3e2e4")); + DoCbcMonte(Hex.Decode("9ea101ecebaa41c712bcb0d9bab3e2e4"), Hex.Decode("9ea101ecebaa41c712bcb0d9bab3e2e4"), Hex.Decode("b4813d8a66244188b9e92c75913fa2f4"), Hex.Decode("f86b2c265b9c75869f31e2c684c13e9f")); + } + + private void DoCbcMonte(byte[] key, byte[] iv, byte[] pt, byte[] expected) + { + IBlockCipher c = new TnepresEngine(); + + byte[] ct = new byte[16]; + + Array.Copy(iv, 0, ct, 0, 16); + + for (int i = 0; i < 10000; i++) + { + for (int k = 0; k != iv.Length; k++) + { + iv[k] ^= pt[k]; + } + Array.Copy(ct, 0, pt, 0, 16); + + c.Init(true, new KeyParameter(key)); + + c.ProcessBlock(iv, 0, ct, 0); + + Array.Copy(ct, 0, iv, 0, 16); + } + + if (!Arrays.AreEqual(expected, ct)) + { + Fail("CBC monte test failed"); + } + } + + public override string Name + { + get { return "Tnepres"; } + } + + public static void Main(string[] args) + { + RunTest(new TnepresTest()); + } + + [Test] + public void TestFunction() + { + string resultText = Perform().ToString(); + + Assert.AreEqual(Name + ": Okay", resultText); + } + } +} diff --git a/BouncyCastle/crypto/test/src/crypto/test/TupleHashTest.cs b/BouncyCastle/crypto/test/src/crypto/test/TupleHashTest.cs new file mode 100644 index 0000000..2195bb2 --- /dev/null +++ b/BouncyCastle/crypto/test/src/crypto/test/TupleHashTest.cs @@ -0,0 +1,121 @@ +using System; + +using NUnit.Framework; + +using Org.BouncyCastle.Crypto.Digests; +using Org.BouncyCastle.Utilities; +using Org.BouncyCastle.Utilities.Encoders; +using Org.BouncyCastle.Utilities.Test; + +namespace Org.BouncyCastle.Crypto.Tests +{ + /** + * TupleHash test vectors from: + *

    + * https://csrc.nist.gov/CSRC/media/Projects/Cryptographic-Standards-and-Guidelines/documents/examples/KMAC_samples.pdf + */ + [TestFixture] + public class TupleHashTest + : SimpleTest + { + public override string Name + { + get { return "TupleHash"; } + } + + public override void PerformTest() + { + TupleHash tHash = new TupleHash(128, new byte[0]); + + tHash.BlockUpdate(Hex.Decode("000102"), 0, 3); + tHash.BlockUpdate(Hex.Decode("101112131415"), 0, 6); + + byte[] res = new byte[tHash.GetDigestSize()]; + + tHash.DoFinal(res, 0); + IsTrue("oops!", Arrays.AreEqual(Hex.Decode("C5 D8 78 6C 1A FB 9B 82 11 1A B3 4B 65 B2 C0 04 8F A6 4E 6D 48 E2 63 26 4C E1 70 7D 3F FC 8E D1"), res)); + + tHash = new TupleHash(128, Strings.ToByteArray("My Tuple App")); + + tHash.BlockUpdate(Hex.Decode("000102"), 0, 3); + tHash.BlockUpdate(Hex.Decode("101112131415"), 0, 6); + + tHash.DoFinal(res, 0); + + IsTrue("oops!", Arrays.AreEqual(Hex.Decode("75 CD B2 0F F4 DB 11 54 E8 41 D7 58 E2 41 60 C5 4B AE 86 EB 8C 13 E7 F5 F4 0E B3 55 88 E9 6D FB"), res)); + + tHash.BlockUpdate(Hex.Decode("000102"), 0, 3); + tHash.BlockUpdate(Hex.Decode("101112131415"), 0, 6); + tHash.BlockUpdate(Hex.Decode("202122232425262728"), 0, 9); + + tHash.DoFinal(res, 0); + + IsTrue("oops!", Arrays.AreEqual(Hex.Decode("E6 0F 20 2C 89 A2 63 1E DA 8D 4C 58 8C A5 FD 07 F3 9E 51 51 99 8D EC CF 97 3A DB 38 04 BB 6E 84"), res)); + + tHash = new TupleHash(256, new byte[0]); + + tHash.BlockUpdate(Hex.Decode("000102"), 0, 3); + tHash.BlockUpdate(Hex.Decode("101112131415"), 0, 6); + + res = new byte[tHash.GetDigestSize()]; + + tHash.DoFinal(res, 0); + + IsTrue("oops!", Arrays.AreEqual(Hex.Decode("CF B7 05 8C AC A5 E6 68 F8 1A 12 A2 0A 21 95 CE 97 A9 25 F1 DB A3 E7 44 9A 56 F8 22 01 EC 60 73 11 AC 26 96 B1 AB 5E A2 35 2D F1 42 3B DE 7B D4 BB 78 C9 AE D1 A8 53 C7 86 72 F9 EB 23 BB E1 94"), res)); + + tHash = new TupleHash(256, Strings.ToByteArray("My Tuple App")); + + tHash.BlockUpdate(Hex.Decode("000102"), 0, 3); + tHash.BlockUpdate(Hex.Decode("101112131415"), 0, 6); + + tHash.DoFinal(res, 0); + + IsTrue("oops!", Arrays.AreEqual(Hex.Decode("14 7C 21 91 D5 ED 7E FD 98 DB D9 6D 7A B5 A1 16 92 57 6F 5F E2 A5 06 5F 3E 33 DE 6B BA 9F 3A A1 C4 E9 A0 68 A2 89 C6 1C 95 AA B3 0A EE 1E 41 0B 0B 60 7D E3 62 0E 24 A4 E3 BF 98 52 A1 D4 36 7E"), res)); + + tHash.BlockUpdate(Hex.Decode("000102"), 0, 3); + tHash.BlockUpdate(Hex.Decode("101112131415"), 0, 6); + tHash.BlockUpdate(Hex.Decode("202122232425262728"), 0, 9); + + tHash.DoFinal(res, 0); + + IsTrue("oops!", Arrays.AreEqual(Hex.Decode("45 00 0B E6 3F 9B 6B FD 89 F5 47 17 67 0F 69 A9 BC 76 35 91 A4 F0 5C 50 D6 88 91 A7 44 BC C6 E7 D6 D5 B5 E8 2C 01 8D A9 99 ED 35 B0 BB 49 C9 67 8E 52 6A BD 8E 85 C1 3E D2 54 02 1D B9 E7 90 CE"), res)); + + tHash = new TupleHash(128, Strings.ToByteArray("My Tuple App")); + + tHash.BlockUpdate(Hex.Decode("000102"), 0, 3); + tHash.BlockUpdate(Hex.Decode("101112131415"), 0, 6); + tHash.BlockUpdate(Hex.Decode("202122232425262728"), 0, 9); + + res = new byte[32]; + tHash.DoOutput(res, 0, res.Length); + + IsTrue("oops!", !Arrays.AreEqual(Hex.Decode("E6 0F 20 2C 89 A2 63 1E DA 8D 4C 58 8C A5 FD 07 F3 9E 51 51 99 8D EC CF 97 3A DB 38 04 BB 6E 84"), res)); + IsTrue("oops!", Arrays.AreEqual(Hex.Decode("900fe16cad098d28e74d632ed852f99daab7f7df4d99e775657885b4bf76d6f8"), res)); + + tHash = new TupleHash(256, Strings.ToByteArray("My Tuple App")); + + tHash.BlockUpdate(Hex.Decode("000102"), 0, 3); + tHash.BlockUpdate(Hex.Decode("101112131415"), 0, 6); + tHash.BlockUpdate(Hex.Decode("202122232425262728"), 0, 9); + + res = new byte[64]; + tHash.DoOutput(res, 0, res.Length); + + IsTrue("oops!", !Arrays.AreEqual(Hex.Decode("45 00 0B E6 3F 9B 6B FD 89 F5 47 17 67 0F 69 A9 BC 76 35 91 A4 F0 5C 50 D6 88 91 A7 44 BC C6 E7 D6 D5 B5 E8 2C 01 8D A9 99 ED 35 B0 BB 49 C9 67 8E 52 6A BD 8E 85 C1 3E D2 54 02 1D B9 E7 90 CE"), res)); + IsTrue("oops!", Arrays.AreEqual(Hex.Decode("0c59b11464f2336c34663ed51b2b950bec743610856f36c28d1d088d8a2446284dd09830a6a178dc752376199fae935d86cfdee5913d4922dfd369b66a53c897"), res)); + } + + public static void Main(string[] args) + { + RunTest(new TupleHashTest()); + } + + [Test] + public void TestFunction() + { + string resultText = Perform().ToString(); + + Assert.AreEqual(Name + ": Okay", resultText); + } + } +} diff --git a/BouncyCastle/crypto/test/src/crypto/test/TwofishTest.cs b/BouncyCastle/crypto/test/src/crypto/test/TwofishTest.cs new file mode 100644 index 0000000..9425d2e --- /dev/null +++ b/BouncyCastle/crypto/test/src/crypto/test/TwofishTest.cs @@ -0,0 +1,54 @@ +using System; + +using NUnit.Framework; + +using Org.BouncyCastle.Crypto.Engines; +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Utilities.Encoders; +using Org.BouncyCastle.Utilities.Test; + +namespace Org.BouncyCastle.Crypto.Tests +{ + [TestFixture] + public class TwofishTest + : CipherTest + { + public override string Name + { + get { return "Twofish"; } + } + + internal static string key1 = "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f"; + internal static string key2 = "000102030405060708090a0b0c0d0e0f1011121314151617"; + internal static string key3 = "000102030405060708090a0b0c0d0e0f"; + + internal static string input = "000102030405060708090A0B0C0D0E0F"; + + internal static SimpleTest[] tests = new SimpleTest[]{ + new BlockCipherVectorTest(0, new TwofishEngine(), new KeyParameter(Hex.Decode(key1)), input, "8ef0272c42db838bcf7b07af0ec30f38"), + new BlockCipherVectorTest(1, new TwofishEngine(), new KeyParameter(Hex.Decode(key2)), input, "95accc625366547617f8be4373d10cd7"), + new BlockCipherVectorTest(2, new TwofishEngine(), new KeyParameter(Hex.Decode(key3)), input, "9fb63337151be9c71306d159ea7afaa4")}; + + public TwofishTest() + : base(tests, new TwofishEngine(), new KeyParameter(new byte[32])) + { + } + + public static void Main( + string[] args) + { + ITest test = new TwofishTest(); + ITestResult result = test.Perform(); + + Console.WriteLine(result); + } + + [Test] + public void TestFunction() + { + string resultText = Perform().ToString(); + + Assert.AreEqual(Name + ": Okay", resultText); + } + } +} diff --git a/BouncyCastle/crypto/test/src/crypto/test/VMPCKSA3Test.cs b/BouncyCastle/crypto/test/src/crypto/test/VMPCKSA3Test.cs new file mode 100644 index 0000000..a25105b --- /dev/null +++ b/BouncyCastle/crypto/test/src/crypto/test/VMPCKSA3Test.cs @@ -0,0 +1,112 @@ +using System; + +using NUnit.Framework; + +using Org.BouncyCastle.Crypto; +using Org.BouncyCastle.Crypto.Engines; +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Utilities; +using Org.BouncyCastle.Utilities.Encoders; +using Org.BouncyCastle.Utilities.Test; + +namespace Org.BouncyCastle.Crypto.Tests +{ + /** + * VMPC Test + */ + [TestFixture] + public class VmpcKsa3Test + : SimpleTest + { + private static readonly byte[] input = new byte[1000000]; + + public override string Name + { + get { return "VMPC-KSA3"; } + } + + private void checkByte(byte[] array, int position, byte b) + { + if (array[position] != b) + { + Fail("Fail on position " + position, + Hex.ToHexString(new byte[] { b }), + Hex.ToHexString(new byte[] { array[position] })); + } + } + + public override void PerformTest() + { + byte[] key = Hex.Decode("9661410AB797D8A9EB767C21172DF6C7"); + byte[] iv = Hex.Decode("4B5C2F003E67F39557A8D26F3DA2B155"); + ICipherParameters kp = new KeyParameter(key); + ICipherParameters kpwiv = new ParametersWithIV(kp, iv); + + VmpcKsa3Engine engine = new VmpcKsa3Engine(); + + try + { + engine.Init(true, kp); + Fail("Init failed to throw expected exception"); + } + catch (ArgumentException) + { + // Expected + } + + engine.Init(true, kpwiv); + checkEngine(engine); + + engine.Reset(); + byte[] output = checkEngine(engine); + + engine.Init(false, kpwiv); + byte[] recovered = new byte[output.Length]; + engine.ProcessBytes(output, 0, output.Length, recovered, 0); + + if (!Arrays.AreEqual(input, recovered)) + { + Fail("decrypted bytes differ from original bytes"); + } + } + + private byte[] checkEngine(VmpcKsa3Engine engine) + { + byte[] output = new byte[input.Length]; + engine.ProcessBytes(input, 0, output.Length, output, 0); + + checkByte(output, 0, (byte) 0xB6); + checkByte(output, 1, (byte) 0xEB); + checkByte(output, 2, (byte) 0xAE); + checkByte(output, 3, (byte) 0xFE); + checkByte(output, 252, (byte) 0x48); + checkByte(output, 253, (byte) 0x17); + checkByte(output, 254, (byte) 0x24); + checkByte(output, 255, (byte) 0x73); + checkByte(output, 1020, (byte) 0x1D); + checkByte(output, 1021, (byte) 0xAE); + checkByte(output, 1022, (byte) 0xC3); + checkByte(output, 1023, (byte) 0x5A); + checkByte(output, 102396, (byte) 0x1D); + checkByte(output, 102397, (byte) 0xA7); + checkByte(output, 102398, (byte) 0xE1); + checkByte(output, 102399, (byte) 0xDC); + + return output; + } + + public static void Main( + string[] args) + { + RunTest(new VmpcKsa3Test()); + } + + [Test] + public void TestFunction() + { + string resultText = Perform().ToString(); + + Assert.AreEqual(Name + ": Okay", resultText); + } + } +} diff --git a/BouncyCastle/crypto/test/src/crypto/test/VMPCMacTest.cs b/BouncyCastle/crypto/test/src/crypto/test/VMPCMacTest.cs new file mode 100644 index 0000000..b9a5e3a --- /dev/null +++ b/BouncyCastle/crypto/test/src/crypto/test/VMPCMacTest.cs @@ -0,0 +1,69 @@ +using System; + +using NUnit.Framework; + +using Org.BouncyCastle.Crypto; +using Org.BouncyCastle.Crypto.Macs; +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Utilities; +using Org.BouncyCastle.Utilities.Encoders; +using Org.BouncyCastle.Utilities.Test; + +namespace Org.BouncyCastle.Crypto.Tests +{ + [TestFixture] + public class VmpcMacTest + : SimpleTest + { + public override string Name + { + get { return "VMPC-MAC"; } + } + + public static void Main( + string[] args) + { + RunTest(new VmpcMacTest()); + } + + private static byte[] output1 = Hex.Decode("9BDA16E2AD0E284774A3ACBC8835A8326C11FAAD"); + + public override void PerformTest() + { + ICipherParameters kp = new KeyParameter( + Hex.Decode("9661410AB797D8A9EB767C21172DF6C7")); + ICipherParameters kpwiv = new ParametersWithIV(kp, + Hex.Decode("4B5C2F003E67F39557A8D26F3DA2B155")); + + int offset = 117; + byte[] m = new byte[512]; + for (int i = 0; i < 256; i++) + { + m[offset + i] = (byte)i; + } + + VmpcMac mac = new VmpcMac(); + mac.Init(kpwiv); + + mac.BlockUpdate(m, offset, 256); + + byte[] output = new byte[20]; + mac.DoFinal(output, 0); + + if (!Arrays.AreEqual(output, output1)) + { + Fail("Fail", + Hex.ToHexString(output1), + Hex.ToHexString(output)); + } + } + + [Test] + public void TestFunction() + { + string resultText = Perform().ToString(); + + Assert.AreEqual(Name + ": Okay", resultText); + } + } +} diff --git a/BouncyCastle/crypto/test/src/crypto/test/VMPCTest.cs b/BouncyCastle/crypto/test/src/crypto/test/VMPCTest.cs new file mode 100644 index 0000000..6186c47 --- /dev/null +++ b/BouncyCastle/crypto/test/src/crypto/test/VMPCTest.cs @@ -0,0 +1,112 @@ +using System; + +using NUnit.Framework; + +using Org.BouncyCastle.Crypto; +using Org.BouncyCastle.Crypto.Engines; +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Utilities; +using Org.BouncyCastle.Utilities.Encoders; +using Org.BouncyCastle.Utilities.Test; + +namespace Org.BouncyCastle.Crypto.Tests +{ + /** + * VMPC Test + */ + [TestFixture] + public class VmpcTest + : SimpleTest + { + private static readonly byte[] input = new byte[1000000]; + + public override string Name + { + get { return "VMPC"; } + } + + private void checkByte(byte[] array, int position, byte b) + { + if (array[position] != b) + { + Fail("Fail on position " + position, + Hex.ToHexString(new byte[] { b }), + Hex.ToHexString(new byte[] { array[position] })); + } + } + + public override void PerformTest() + { + byte[] key = Hex.Decode("9661410AB797D8A9EB767C21172DF6C7"); + byte[] iv = Hex.Decode("4B5C2F003E67F39557A8D26F3DA2B155"); + ICipherParameters kp = new KeyParameter(key); + ICipherParameters kpwiv = new ParametersWithIV(kp, iv); + + VmpcEngine engine = new VmpcEngine(); + + try + { + engine.Init(true, kp); + Fail("Init failed to throw expected exception"); + } + catch (ArgumentException) + { + // Expected + } + + engine.Init(true, kpwiv); + checkEngine(engine); + + engine.Reset(); + byte[] output = checkEngine(engine); + + engine.Init(false, kpwiv); + byte[] recovered = new byte[output.Length]; + engine.ProcessBytes(output, 0, output.Length, recovered, 0); + + if (!Arrays.AreEqual(input, recovered)) + { + Fail("decrypted bytes differ from original bytes"); + } + } + + private byte[] checkEngine(VmpcEngine engine) + { + byte[] output = new byte[input.Length]; + engine.ProcessBytes(input, 0, output.Length, output, 0); + + checkByte(output, 0, (byte) 0xA8); + checkByte(output, 1, (byte) 0x24); + checkByte(output, 2, (byte) 0x79); + checkByte(output, 3, (byte) 0xF5); + checkByte(output, 252, (byte) 0xB8); + checkByte(output, 253, (byte) 0xFC); + checkByte(output, 254, (byte) 0x66); + checkByte(output, 255, (byte) 0xA4); + checkByte(output, 1020, (byte) 0xE0); + checkByte(output, 1021, (byte) 0x56); + checkByte(output, 1022, (byte) 0x40); + checkByte(output, 1023, (byte) 0xA5); + checkByte(output, 102396, (byte) 0x81); + checkByte(output, 102397, (byte) 0xCA); + checkByte(output, 102398, (byte) 0x49); + checkByte(output, 102399, (byte) 0x9A); + + return output; + } + + public static void Main( + string[] args) + { + RunTest(new VmpcTest()); + } + + [Test] + public void TestFunction() + { + string resultText = Perform().ToString(); + + Assert.AreEqual(Name + ": Okay", resultText); + } + } +} diff --git a/BouncyCastle/crypto/test/src/crypto/test/WhirlpoolDigestTest.cs b/BouncyCastle/crypto/test/src/crypto/test/WhirlpoolDigestTest.cs new file mode 100644 index 0000000..1445b89 --- /dev/null +++ b/BouncyCastle/crypto/test/src/crypto/test/WhirlpoolDigestTest.cs @@ -0,0 +1,119 @@ +using System; +using System.Text; + +using NUnit.Framework; + +using Org.BouncyCastle.Crypto; +using Org.BouncyCastle.Crypto.Digests; +using Org.BouncyCastle.Crypto.Engines; +using Org.BouncyCastle.Crypto.Encodings; +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Utilities; +using Org.BouncyCastle.Utilities.Encoders; +using Org.BouncyCastle.Utilities.Test; + +namespace Org.BouncyCastle.Crypto.Tests +{ + + /** + * ISO vector test for Whirlpool + * + */ + [TestFixture] + public class WhirlpoolDigestTest + : DigestTest + { + private static string[] messages = + { + "", + "a", + "abc", + "message digest", + "abcdefghijklmnopqrstuvwxyz", + "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789", + "12345678901234567890123456789012345678901234567890123456789012345678901234567890", + "abcdbcdecdefdefgefghfghighijhijk" + }; + + private static string[] digests = + { + "19FA61D75522A4669B44E39C1D2E1726C530232130D407F89AFEE0964997F7A73E83BE698B288FEBCF88E3E03C4F0757EA8964E59B63D93708B138CC42A66EB3", + "8ACA2602792AEC6F11A67206531FB7D7F0DFF59413145E6973C45001D0087B42D11BC645413AEFF63A42391A39145A591A92200D560195E53B478584FDAE231A", + "4E2448A4C6F486BB16B6562C73B4020BF3043E3A731BCE721AE1B303D97E6D4C7181EEBDB6C57E277D0E34957114CBD6C797FC9D95D8B582D225292076D4EEF5", + "378C84A4126E2DC6E56DCC7458377AAC838D00032230F53CE1F5700C0FFB4D3B8421557659EF55C106B4B52AC5A4AAA692ED920052838F3362E86DBD37A8903E", + "F1D754662636FFE92C82EBB9212A484A8D38631EAD4238F5442EE13B8054E41B08BF2A9251C30B6A0B8AAE86177AB4A6F68F673E7207865D5D9819A3DBA4EB3B", + "DC37E008CF9EE69BF11F00ED9ABA26901DD7C28CDEC066CC6AF42E40F82F3A1E08EBA26629129D8FB7CB57211B9281A65517CC879D7B962142C65F5A7AF01467", + "466EF18BABB0154D25B9D38A6414F5C08784372BCCB204D6549C4AFADB6014294D5BD8DF2A6C44E538CD047B2681A51A2C60481E88C5A20B2C2A80CF3A9A083B", + "2A987EA40F917061F5D6F0A0E4644F488A7A5A52DEEE656207C562F988E95C6916BDC8031BC5BE1B7B947639FE050B56939BAAA0ADFF9AE6745B7B181C3BE3FD" + }; + + private static string _millionAResultVector = "0C99005BEB57EFF50A7CF005560DDF5D29057FD86B20BFD62DECA0F1CCEA4AF51FC15490EDDC47AF32BB2B66C34FF9AD8C6008AD677F77126953B226E4ED8B01"; + + private static string _thirtyOneZeros = "3E3F188F8FEBBEB17A933FEAF7FE53A4858D80C915AD6A1418F0318E68D49B4E459223CD414E0FBC8A57578FD755D86E827ABEF4070FC1503E25D99E382F72BA"; + + public WhirlpoolDigestTest() + : base(new WhirlpoolDigest(), messages, digests) + { + } + + public override void PerformTest() + { + base.PerformTest(); + + byte[] thirtyOneZeros = new byte[31]; + performStandardVectorTest("31 zeroes test", + thirtyOneZeros, _thirtyOneZeros); + + byte[] millionAInByteArray = new byte[1000000]; + Arrays.Fill(millionAInByteArray, (byte)'a'); + + performStandardVectorTest("Million 'a' test", + millionAInByteArray, _millionAResultVector); + } + + private void performStandardVectorTest(string testTitle, byte[] inputBytes, + string resultsAsHex) + { + doPerformTest(testTitle, inputBytes, resultsAsHex); + } + + private void doPerformTest(string testTitle, byte[] inputBytes, string resultsAsHex) + { + string resStr = createHexOutputFromDigest(inputBytes); + if (!resultsAsHex.Equals(resStr.ToUpper())) + { + Fail(testTitle, resultsAsHex, resStr); + } + } + + private string createHexOutputFromDigest(byte[] digestBytes) + { + string resStr; + IDigest digest = new WhirlpoolDigest(); + byte[] resBuf = new byte[digest.GetDigestSize()]; + digest.BlockUpdate(digestBytes, 0, digestBytes.Length); + digest.DoFinal(resBuf, 0); + resStr = Hex.ToHexString(resBuf); + return resStr; + } + + protected override IDigest CloneDigest(IDigest digest) + { + return new WhirlpoolDigest((WhirlpoolDigest)digest); + } + + public static void Main( + string[] args) + { + RunTest(new WhirlpoolDigestTest()); + } + + [Test] + public void TestFunction() + { + string resultText = Perform().ToString(); + + Assert.AreEqual(Name + ": Okay", resultText); + } + } +} diff --git a/BouncyCastle/crypto/test/src/crypto/test/X25519Test.cs b/BouncyCastle/crypto/test/src/crypto/test/X25519Test.cs new file mode 100644 index 0000000..29466e0 --- /dev/null +++ b/BouncyCastle/crypto/test/src/crypto/test/X25519Test.cs @@ -0,0 +1,69 @@ +using System; + +using NUnit.Framework; + +using Org.BouncyCastle.Crypto.Agreement; +using Org.BouncyCastle.Crypto.Generators; +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Security; +using Org.BouncyCastle.Utilities.Test; + +namespace Org.BouncyCastle.Crypto.Tests +{ + [TestFixture] + public class X25519Test + : SimpleTest + { + private static readonly SecureRandom Random = new SecureRandom(); + + public override string Name + { + get { return "X25519"; } + } + + public static void Main(string[] args) + { + RunTest(new X25519Test()); + } + + [Test] + public void TestFunction() + { + string resultText = Perform().ToString(); + + Assert.AreEqual(Name + ": Okay", resultText); + } + + public override void PerformTest() + { + for (int i = 0; i < 10; ++i) + { + DoTestAgreement(); + } + } + + private void DoTestAgreement() + { + IAsymmetricCipherKeyPairGenerator kpGen = new X25519KeyPairGenerator(); + kpGen.Init(new X25519KeyGenerationParameters(Random)); + + AsymmetricCipherKeyPair kpA = kpGen.GenerateKeyPair(); + AsymmetricCipherKeyPair kpB = kpGen.GenerateKeyPair(); + + X25519Agreement agreeA = new X25519Agreement(); + agreeA.Init(kpA.Private); + byte[] secretA = new byte[agreeA.AgreementSize]; + agreeA.CalculateAgreement(kpB.Public, secretA, 0); + + X25519Agreement agreeB = new X25519Agreement(); + agreeB.Init(kpB.Private); + byte[] secretB = new byte[agreeB.AgreementSize]; + agreeB.CalculateAgreement(kpA.Public, secretB, 0); + + if (!AreEqual(secretA, secretB)) + { + Fail("X25519 agreement failed"); + } + } + } +} diff --git a/BouncyCastle/crypto/test/src/crypto/test/X448Test.cs b/BouncyCastle/crypto/test/src/crypto/test/X448Test.cs new file mode 100644 index 0000000..5d4b14b --- /dev/null +++ b/BouncyCastle/crypto/test/src/crypto/test/X448Test.cs @@ -0,0 +1,69 @@ +using System; + +using NUnit.Framework; + +using Org.BouncyCastle.Crypto.Agreement; +using Org.BouncyCastle.Crypto.Generators; +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Security; +using Org.BouncyCastle.Utilities.Test; + +namespace Org.BouncyCastle.Crypto.Tests +{ + [TestFixture] + public class X448Test + : SimpleTest + { + private static readonly SecureRandom Random = new SecureRandom(); + + public override string Name + { + get { return "X448"; } + } + + public static void Main(string[] args) + { + RunTest(new X448Test()); + } + + [Test] + public void TestFunction() + { + string resultText = Perform().ToString(); + + Assert.AreEqual(Name + ": Okay", resultText); + } + + public override void PerformTest() + { + for (int i = 0; i < 10; ++i) + { + DoTestAgreement(); + } + } + + private void DoTestAgreement() + { + IAsymmetricCipherKeyPairGenerator kpGen = new X448KeyPairGenerator(); + kpGen.Init(new X448KeyGenerationParameters(Random)); + + AsymmetricCipherKeyPair kpA = kpGen.GenerateKeyPair(); + AsymmetricCipherKeyPair kpB = kpGen.GenerateKeyPair(); + + X448Agreement agreeA = new X448Agreement(); + agreeA.Init(kpA.Private); + byte[] secretA = new byte[agreeA.AgreementSize]; + agreeA.CalculateAgreement(kpB.Public, secretA, 0); + + X448Agreement agreeB = new X448Agreement(); + agreeB.Init(kpB.Private); + byte[] secretB = new byte[agreeB.AgreementSize]; + agreeB.CalculateAgreement(kpA.Public, secretB, 0); + + if (!AreEqual(secretA, secretB)) + { + Fail("X448 agreement failed"); + } + } + } +} diff --git a/BouncyCastle/crypto/test/src/crypto/test/X931SignerTest.cs b/BouncyCastle/crypto/test/src/crypto/test/X931SignerTest.cs new file mode 100644 index 0000000..d03cbc8 --- /dev/null +++ b/BouncyCastle/crypto/test/src/crypto/test/X931SignerTest.cs @@ -0,0 +1,145 @@ +using System; + +using Org.BouncyCastle.Crypto.Digests; +using Org.BouncyCastle.Crypto.Engines; +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Crypto.Signers; +using Org.BouncyCastle.Math; +using Org.BouncyCastle.Utilities; +using Org.BouncyCastle.Utilities.Encoders; +using Org.BouncyCastle.Utilities.Test; + +using NUnit.Framework; + +namespace Org.BouncyCastle.Crypto.Tests +{ + [TestFixture] + public class X931SignerTest + : SimpleTest + { + public override string Name + { + get { return "X931Signer"; } + } + + public override void PerformTest() + { + BigInteger rsaPubMod = new BigInteger(Base64.Decode("AIASoe2PQb1IP7bTyC9usjHP7FvnUMVpKW49iuFtrw/dMpYlsMMoIU2jupfifDpdFxIktSB4P+6Ymg5WjvHKTIrvQ7SR4zV4jaPTu56Ys0pZ9EDA6gb3HLjtU+8Bb1mfWM+yjKxcPDuFjwEtjGlPHg1Vq+CA9HNcMSKNn2+tW6qt")); + BigInteger rsaPubExp = new BigInteger(Base64.Decode("EQ==")); + BigInteger rsaPrivMod = new BigInteger(Base64.Decode("AIASoe2PQb1IP7bTyC9usjHP7FvnUMVpKW49iuFtrw/dMpYlsMMoIU2jupfifDpdFxIktSB4P+6Ymg5WjvHKTIrvQ7SR4zV4jaPTu56Ys0pZ9EDA6gb3HLjtU+8Bb1mfWM+yjKxcPDuFjwEtjGlPHg1Vq+CA9HNcMSKNn2+tW6qt")); + BigInteger rsaPrivDP = new BigInteger(Base64.Decode("JXzfzG5v+HtLJIZqYMUefJfFLu8DPuJGaLD6lI3cZ0babWZ/oPGoJa5iHpX4Ul/7l3s1PFsuy1GhzCdOdlfRcQ==")); + BigInteger rsaPrivDQ = new BigInteger(Base64.Decode("YNdJhw3cn0gBoVmMIFRZzflPDNthBiWy/dUMSRfJCxoZjSnr1gysZHK01HteV1YYNGcwPdr3j4FbOfri5c6DUQ==")); + BigInteger rsaPrivExp = new BigInteger(Base64.Decode("DxFAOhDajr00rBjqX+7nyZ/9sHWRCCp9WEN5wCsFiWVRPtdB+NeLcou7mWXwf1Y+8xNgmmh//fPV45G2dsyBeZbXeJwB7bzx9NMEAfedchyOwjR8PYdjK3NpTLKtZlEJ6Jkh4QihrXpZMO4fKZWUm9bid3+lmiq43FwW+Hof8/E=")); + BigInteger rsaPrivP = new BigInteger(Base64.Decode("AJ9StyTVW+AL/1s7RBtFwZGFBgd3zctBqzzwKPda6LbtIFDznmwDCqAlIQH9X14X7UPLokCDhuAa76OnDXb1OiE=")); + BigInteger rsaPrivQ = new BigInteger(Base64.Decode("AM3JfD79dNJ5A3beScSzPtWxx/tSLi0QHFtkuhtSizeXdkv5FSba7lVzwEOGKHmW829bRoNxThDy4ds1IihW1w0=")); + BigInteger rsaPrivQinv = new BigInteger(Base64.Decode("Lt0g7wrsNsQxuDdB8q/rH8fSFeBXMGLtCIqfOec1j7FEIuYA/ACiRDgXkHa0WgN7nLXSjHoy630wC5Toq8vvUg==")); + RsaKeyParameters rsaPublic = new RsaKeyParameters(false, rsaPubMod, rsaPubExp); + RsaPrivateCrtKeyParameters rsaPrivate = new RsaPrivateCrtKeyParameters(rsaPrivMod, rsaPubExp, rsaPrivExp, rsaPrivP, rsaPrivQ, rsaPrivDP, rsaPrivDQ, rsaPrivQinv); + + byte[] msg = new byte[] { 1, 6, 3, 32, 7, 43, 2, 5, 7, 78, 4, 23 }; + + X931Signer signer = new X931Signer(new RsaEngine(), new Sha1Digest()); + signer.Init(true, rsaPrivate); + signer.BlockUpdate(msg, 0, msg.Length); + byte[] sig = signer.GenerateSignature(); + + signer = new X931Signer(new RsaEngine(), new Sha1Digest()); + signer.Init(false, rsaPublic); + signer.BlockUpdate(msg, 0, msg.Length); + if (!signer.VerifySignature(sig)) + { + Fail("X9.31 Signer failed."); + } + + ShouldPassSignatureTest1(); + ShouldPassSignatureTest2(); + ShouldPassSignatureTest3(); + } + + private void ShouldPassSignatureTest1() + { + BigInteger n = new BigInteger("c9be1b28f8caccca65d86cc3c9bbcc13eccc059df3b80bd2292b811eff3aa0dd75e1e85c333b8e3fa9bed53bb20f5359ff4e6900c5e9a388e3a4772a583a79e2299c76582c2b27694b65e9ba22e66bfb817f8b70b22206d7d8ae488c86dbb7137c26d5eff9b33c90e6cee640630313b7a715802e15142fef498c404a8de19674974785f0f852e2d470fe85a2e54ffca9f5851f672b71df691785a5cdabe8f14aa628942147de7593b2cf962414a5b59c632c4e14f1768c0ab2e9250824beea60a3529f11bf5e070ce90a47686eb0be1086fb21f0827f55295b4a48307db0b048c05a4aec3f488c576ca6f1879d354224c7e84cbcd8e76dd217a3de54dba73c35", 16); + BigInteger e = new BigInteger("e75b1b", 16); + byte[] msg = Hex.Decode("5bb0d1c0ef9b5c7af2477fe08d45523d3842a4b2db943f7033126c2a7829bacb3d2cfc6497ec91688189e81b7f8742488224ba320ce983ce9480722f2cc5bc42611f00bb6311884f660ccc244788378673532edb05284fd92e83f6f6dab406209032e6af9a33c998677933e32d6fb95fd27408940d7728f9c9c40267ca1d20ce"); + byte[] sig = Hex.Decode("0fe8bb8e3109a1eb7489ef35bf4c1a0780071da789c8bd226a4170538eafefdd30b732d628f0e87a0b9450051feae9754d4fb61f57862d10f0bacc4f660d13281d0cd1141c006ade5186ff7d961a4c6cd0a4b352fc1295c5afd088f80ac1f8e192ef116a010a442655fe8ff5eeacea15807906fb0f0dfa86e680d4c005872357f7ece9aa4e20b15d5f709b30f08648ecaa34f2fbf54eb6b414fa2ff6f87561f70163235e69ccb4ac82a2e46d3be214cc2ef5263b569b2d8fd839b21a9e102665105ea762bda25bb446cfd831487a6b846100dee113ae95ae64f4af22c428c87bab809541c962bb3a56d4c86588e0af4ebc7fcc66dadced311051356d3ea745f7"); + + RsaKeyParameters rsaPublic = new RsaKeyParameters(false, n, e); + X931Signer signer = new X931Signer(new RsaEngine(), new Sha1Digest()); + + signer.Init(false, rsaPublic); + + signer.BlockUpdate(msg, 0, msg.Length); + + if (!signer.VerifySignature(sig)) + { + Fail("RSA X931 verify test 1 failed."); + } + } + + private void ShouldPassSignatureTest2() + { + BigInteger n = new BigInteger("b746ba6c3c0be64bbe33aa55b2929b0af4e86d773d44bfe5914db9287788c4663984b61a418d2eecca30d752ff6b620a07ec72eeb2b422d2429da352407b99982800b9dd7697be6a7b1baa98ca5f4fc2fe33400f20b9dba337ac25c987804165d4a6e0ee4d18eabd6de5abdfe578cae6713ff91d16c80a5bb20217fe614d9509e75a43e1825327b9da8f0a9f6eeaa1c04b69fb4bacc073569fff4ab491becbe6d0441d437fc3fa823239c4a0f75321666b68dd3f66e2dd394089a15bcc288a68a4eb0a48e17d639743b9dea0a91cc35820544732aff253f8ca9967c609dc01c2f8cd0313a7a91cfa94ff74289a1d2b6f19d1811f4b9a65f4cce9e5759b4cc64f", 16); + BigInteger e = new BigInteger("dcbbdb", 16); + byte[] msg = Hex.Decode("a5d3c8a060f897bbbc20ae0955052f37fbc70986b6e11c65075c9f457142bfa93856897c69020aa81a91b5e4f39e05cdeecc63395ab849c8262ca8bc5c96870aecb8edb0aba0024a9bdb71e06de6100344e5c318bc979ef32b8a49a8278ba99d4861bce42ebbc5c8c666aaa6cac39aff8779f2cae367620f9edd4cb1d80b6c8c"); + byte[] sig = Hex.Decode("39fbbd1804c689a533b0043f84da0f06081038c0fbf31e443e46a05e58f50de5198bbca40522afefaba3aed7082a6cb93b1da39f1f5a42246bf64930781948d300549bef0f8d554ecfca60a1b1ecba95a7014ee4545ad4f0c4e3a31942c6738b4ccd6244b6a21267dadf0826a5f713f13b1f5a9ab8501d957a26d4948278ac67851071a315674bdab173bfef2c2690c8373da6bf3d69f30c0e5da8883de872f59521b40793854085641adf98d13db991c5d0a8aaa0222934fa33332e90ef0b954e195cb267d6ffb36c96e14d1ec7b915a87598b4461a3146566354dc2ae748c84ee0cd46543b53ebff8cdf47725b280a1f799fb6ebb4a31ad2bdd5178250f83a"); + + RsaKeyParameters rsaPublic = new RsaKeyParameters(false, n, e); + X931Signer signer = new X931Signer(new RsaEngine(), new Sha224Digest()); + + signer.Init(false, rsaPublic); + + signer.BlockUpdate(msg, 0, msg.Length); + + if (!signer.VerifySignature(sig)) + { + Fail("RSA X931 verify test 2 failed."); + } + } + + private void ShouldPassSignatureTest3() + { + BigInteger n = new BigInteger("dcb5686a3d2063a3f9cf7b9b32d2d3765b4c449b09b4960245a9111cd3b0cbd3260496885b8e1fa5db33b03efcc759d9c1afe29d93c6faebc7e0efada334b5b9a29655e2da2c8f11103d8203be311feab7ae88e9f1b2ec7d8fc655d77202b1681dd9717ec0f525b35584987e19539635a1ed23ca482a00149c609a23dc1645fd", 16); + BigInteger e = new BigInteger("00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000dc9f7", 16); + BigInteger d = new BigInteger("189d6345099098992e0c9ca5f281e1338092342fa0acc85cc2a111f30f9bd2fb4753cd1a48ef0ddca9bf1af33ec76fb2e23a9fb4896c26f2235b516f7c05ef7ae81e70f4b491a5fedba9b935e9c76d761a813ce7776ff8a1e5efe1166ff2eca26aa900da88c908d51af9de26977fe39719cc781df32216fa41b838f0c63803c3", 16); + + byte[] msg = Hex.Decode("911475c6e210ef4ac65b6fe8d2bfe5e01b959771b137c4ef69b88716e0d2ff9ebc1fad0f358c1dd7d50cc99a7b893ac9a6207076f08d8467d9e48c69c683bfe64a44dabaa3f7c243880f6ab7229bf7bb587822314fc5de5131983bfb2eef8b4bc1eac36f353724b567cd1ae8cddd64ddb7057549d5c81ad5fa3b5e751f00abf5"); + byte[] sig = Hex.Decode("02c50ec0ac8a7f38ef5630c396964d6a6daaa7e3083ab5b57fa2a2632f3b70e2e85c8456cd774d45d7e44fcb063f0f04fff9f1e3adfda11272535a92cb59320b190b5ee4261f23d6ceaa925df3a7bfa42e26bf61ea9645d9d64b3c90a820802768a6e209c9f83705375a3867afccc037e8242a98fa4c3db6b2d9877754d47289"); + + RsaKeyParameters rsaPublic = new RsaKeyParameters(false, n, e); + X931Signer signer = new X931Signer(new RsaEngine(), new Sha1Digest()); + + signer.Init(true, new RsaKeyParameters(true, n, d)); + + signer.BlockUpdate(msg, 0, msg.Length); + + byte[] s = signer.GenerateSignature(); + + if (!Arrays.AreEqual(sig, s)) + { + Fail("RSA X931 sig test 3 failed."); + } + + signer.Init(false, rsaPublic); + + signer.BlockUpdate(msg, 0, msg.Length); + + if (!signer.VerifySignature(sig)) + { + Fail("RSA X931 verify test 3 failed."); + } + } + + public static void Main(string[] args) + { + RunTest(new X931SignerTest()); + } + + [Test] + public void TestFunction() + { + string resultText = Perform().ToString(); + + Assert.AreEqual(Name + ": Okay", resultText); + } + } +} diff --git a/BouncyCastle/crypto/test/src/crypto/test/XSalsa20Test.cs b/BouncyCastle/crypto/test/src/crypto/test/XSalsa20Test.cs new file mode 100644 index 0000000..74ed04e --- /dev/null +++ b/BouncyCastle/crypto/test/src/crypto/test/XSalsa20Test.cs @@ -0,0 +1,183 @@ +using System; + +using NUnit.Framework; + +using Org.BouncyCastle.Crypto.Engines; +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Utilities; +using Org.BouncyCastle.Utilities.Encoders; +using Org.BouncyCastle.Utilities.Test; + +namespace Org.BouncyCastle.Crypto.Tests +{ + /** + * XSalsa20 Test + */ + [TestFixture] + public class XSalsa20Test + : SimpleTest + { + private class TestCase + { + + private byte[] key; + private byte[] iv; + private byte[] plaintext; + private byte[] ciphertext; + + public TestCase(String key, string iv, string plaintext, string ciphertext) + { + this.key = Hex.Decode(key); + this.iv = Hex.Decode(iv); + this.plaintext = Hex.Decode(plaintext); + this.ciphertext = Hex.Decode(ciphertext); + } + + public byte[] Key + { + get { return key; } + } + + public byte[] Iv + { + get { return iv; } + } + + public byte[] Plaintext + { + get { return plaintext; } + } + + public byte[] Ciphertext + { + get { return ciphertext; } + } + } + + // Test cases generated by naclcrypto-20090308, as used by cryptopp + private static readonly TestCase[] TEST_CASES = new TestCase[] { + new TestCase( + "a6a7251c1e72916d11c2cb214d3c252539121d8e234e652d651fa4c8cff88030", + "9e645a74e9e0a60d8243acd9177ab51a1beb8d5a2f5d700c", + "093c5e5585579625337bd3ab619d615760d8c5b224a85b1d0efe0eb8a7ee163abb0376529fcc09bab506c618e13ce777d82c3ae9d1a6f972d4160287cbfe60bf2130fc0a6ff6049d0a5c8a82f429231f008082e845d7e189d37f9ed2b464e6b919e6523a8c1210bd52a02a4c3fe406d3085f5068d1909eeeca6369abc981a42e87fe665583f0ab85ae71f6f84f528e6b397af86f6917d9754b7320dbdc2fea81496f2732f532ac78c4e9c6cfb18f8e9bdf74622eb126141416776971a84f94d156beaf67aecbf2ad412e76e66e8fad7633f5b6d7f3d64b5c6c69ce29003c6024465ae3b89be78e915d88b4b5621d", + "b2af688e7d8fc4b508c05cc39dd583d6714322c64d7f3e63147aede2d9534934b04ff6f337b031815cd094bdbc6d7a92077dce709412286822ef0737ee47f6b7ffa22f9d53f11dd2b0a3bb9fc01d9a88f9d53c26e9365c2c3c063bc4840bfc812e4b80463e69d179530b25c158f543191cff993106511aa036043bbc75866ab7e34afc57e2cce4934a5faae6eabe4f221770183dd060467827c27a354159a081275a291f69d946d6fe28ed0b9ce08206cf484925a51b9498dbde178ddd3ae91a8581b91682d860f840782f6eea49dbb9bd721501d2c67122dea3b7283848c5f13e0c0de876bd227a856e4de593a3"), + new TestCase( + "9e1da239d155f52ad37f75c7368a536668b051952923ad44f57e75ab588e475a", + "af06f17859dffa799891c4288f6635b5c5a45eee9017fd72", + "feac9d54fc8c115ae247d9a7e919dd76cfcbc72d32cae4944860817cbdfb8c04e6b1df76a16517cd33ccf1acda9206389e9e318f5966c093cfb3ec2d9ee2de856437ed581f552f26ac2907609df8c613b9e33d44bfc21ff79153e9ef81a9d66cc317857f752cc175fd8891fefebb7d041e6517c3162d197e2112837d3bc4104312ad35b75ea686e7c70d4ec04746b52ff09c421451459fb59f", + "2c261a2f4e61a62e1b27689916bf03453fcbc97bb2af6f329391ef063b5a219bf984d07d70f602d85f6db61474e9d9f5a2deecb4fcd90184d16f3b5b5e168ee03ea8c93f3933a22bc3d1a5ae8c2d8b02757c87c073409052a2a8a41e7f487e041f9a49a0997b540e18621cad3a24f0a56d9b19227929057ab3ba950f6274b121f193e32e06e5388781a1cb57317c0ba6305e910961d01002f0"), + new TestCase("d5c7f6797b7e7e9c1d7fd2610b2abf2bc5a7885fb3ff78092fb3abe8986d35e2", + "744e17312b27969d826444640e9c4a378ae334f185369c95", + "7758298c628eb3a4b6963c5445ef66971222be5d1a4ad839715d1188071739b77cc6e05d5410f963a64167629757", + "27b8cfe81416a76301fd1eec6a4d99675069b2da2776c360db1bdfea7c0aa613913e10f7a60fec04d11e65f2d64e"), + new TestCase( + "737d7811ce96472efed12258b78122f11deaec8759ccbd71eac6bbefa627785c", + "6fb2ee3dda6dbd12f1274f126701ec75c35c86607adb3edd", + "501325fb2645264864df11faa17bbd58312b77cad3d94ac8fb8542f0eb653ad73d7fce932bb874cb89ac39fc47f8267cf0f0c209f204b2d8578a3bdf461cb6a271a468bebaccd9685014ccbc9a73618c6a5e778a21cc8416c60ad24ddc417a130d53eda6dfbfe47d09170a7be1a708b7b5f3ad464310be36d9a2a95dc39e83d38667e842eb6411e8a23712297b165f690c2d7ca1b1346e3c1fccf5cafd4f8be0", + "6724c372d2e9074da5e27a6c54b2d703dc1d4c9b1f8d90f00c122e692ace7700eadca942544507f1375b6581d5a8fb39981c1c0e6e1ff2140b082e9ec016fce141d5199647d43b0b68bfd0fea5e00f468962c7384dd6129aea6a3fdfe75abb210ed5607cef8fa0e152833d5ac37d52e557b91098a322e76a45bbbcf4899e790618aa3f4c2e5e0fc3de93269a577d77a5502e8ea02f717b1dd2df1ec69d8b61ca"), + new TestCase( + "760158da09f89bbab2c99e6997f9523a95fcef10239bcca2573b7105f6898d34", + "43636b2cc346fc8b7c85a19bf507bdc3dafe953b88c69dba", + "d30a6d42dff49f0ed039a306bae9dec8d9e88366cc19e8c3642fd58fa0794ebf8029d949730339b0823a51f0f49f0d2c71f1051c1e0e2c86941f172789cdb1b0107413e70f982ff9761877bb526ef1c3eb1106a948d60ef21bd35d32cfd64f89b79ed63ecc5cca56246af736766f285d8e6b0da9cb1cd21020223ffacc5a32", + "c815b6b79b64f9369aec8dce8c753df8a50f2bc97c70ce2f014db33a65ac5816bac9e30ac08bdded308c65cb87e28e2e71b677dc25c5a6499c1553555daf1f55270a56959dffa0c66f24e0af00951ec4bb59ccc3a6c5f52e0981647e53e439313a52c40fa7004c855b6e6eb25b212a138e843a9ba46edb2a039ee82a263abe"), + new TestCase( + "27ba7e81e7edd4e71be53c07ce8e633138f287e155c7fa9e84c4ad804b7fa1b9", + "ea05f4ebcd2fb6b000da0612861ba54ff5c176fb601391aa", + "e09ff5d2cb050d69b2d42494bde5825238c756d6991d99d7a20d1ef0b83c371c89872690b2fc11d5369f4fc4971b6d3d6c078aef9b0f05c0e61ab89c025168054defeb03fef633858700c58b1262ce011300012673e893e44901dc18eee3105699c44c805897bdaf776af1833162a21a", + "a23e7ef93c5d0667c96d9e404dcbe6be62026fa98f7a3ff9ba5d458643a16a1cef7272dc6097a9b52f35983557c77a11b314b4f7d5dc2cca15ee47616f861873cbfed1d32372171a61e38e447f3cf362b3abbb2ed4170d89dcb28187b7bfd206a3e026f084a7e0ed63d319de6bc9afc0"), + new TestCase("6799d76e5ffb5b4920bc2768bafd3f8c16554e65efcf9a16f4683a7a06927c11", + "61ab951921e54ff06d9b77f313a4e49df7a057d5fd627989", "472766", "8fd7df"), + new TestCase( + "f68238c08365bb293d26980a606488d09c2f109edafa0bbae9937b5cc219a49c", + "5190b51e9b708624820b5abdf4e40fad1fb950ad1adc2d26", + "47ec6b1f73c4b7ff5274a0bfd7f45f864812c85a12fbcb3c2cf8a3e90cf66ccf2eacb521e748363c77f52eb426ae57a0c6c78f75af71284569e79d1a92f949a9d69c4efc0b69902f1e36d7562765543e2d3942d9f6ff5948d8a312cff72c1afd9ea3088aff7640bfd265f7a9946e606abc77bcedae6bddc75a0dba0bd917d73e3bd1268f727e0096345da1ed25cf553ea7a98fea6b6f285732de37431561ee1b3064887fbcbd71935e02", + "36160e88d3500529ba4edba17bc24d8cfaca9a0680b3b1fc97cf03f3675b7ac301c883a68c071bc54acdd3b63af4a2d72f985e51f9d60a4c7fd481af10b2fc75e252fdee7ea6b6453190617dcc6e2fe1cd56585fc2f0b0e97c5c3f8ad7eb4f31bc4890c03882aac24cc53acc1982296526690a220271c2f6e326750d3fbda5d5b63512c831f67830f59ac49aae330b3e0e02c9ea0091d19841f1b0e13d69c9fbfe8a12d6f30bb734d9d2"), + new TestCase( + "45b2bd0de4ed9293ec3e26c4840faaf64b7d619d51e9d7a2c7e36c83d584c3df", + "546c8c5d6be8f90952cab3f36d7c1957baaa7a59abe3d7e5", + "5007c8cd5b3c40e17d7fe423a87ae0ced86bec1c39dc07a25772f3e96dabd56cd3fd7319f6c9654925f2d87087a700e1b130da796895d1c9b9acd62b266144067d373ed51e787498b03c52faad16bb3826fa511b0ed2a19a8663f5ba2d6ea7c38e7212e9697d91486c49d8a000b9a1935d6a7ff7ef23e720a45855481440463b4ac8c4f6e7062adc1f1e1e25d3d65a31812f58a71160", + "8eacfba568898b10c0957a7d44100685e8763a71a69a8d16bc7b3f88085bb9a2f09642e4d09a9f0ad09d0aad66b22610c8bd02ff6679bb92c2c026a216bf425c6be35fb8dae7ff0c72b0efd6a18037c70eed0ca90062a49a3c97fdc90a8f9c2ea536bfdc41918a7582c9927fae47efaa3dc87967b7887dee1bf071734c7665901d9105dae2fdf66b4918e51d8f4a48c60d19fbfbbcba"), + new TestCase( + "fe559c9a282beb40814d016d6bfcb2c0c0d8bf077b1110b8703a3ce39d70e0e1", + "b076200cc7011259805e18b304092754002723ebec5d6200", + "6db65b9ec8b114a944137c821fd606be75478d928366d5284096cdef782fcff7e8f59cb8ffcda979757902c5ffa6bc477ceaa4cb5d5ea76f94d91e833f823a6bc78f1055dfa6a97bea8965c1cde67a668e001257334a585727d9e0f7c1a06e88d3d25a4e6d9096c968bf138e116a3ebeffd4bb4808adb1fd698164ba0a35c709a47f16f1f4435a2345a9194a00b95abd51851d505809a6077da9baca5831afff31578c487ee68f2767974a98a7e803aac788da98319c4ea8eaa3d394855651f484cef543f537e35158ee29", + "4dce9c8f97a028051b0727f34e1b9ef21f06f0760f36e71713204027902090ba2bb6b13436ee778d9f50530efbd7a32b0d41443f58ccaee781c7b716d3a96fdec0e3764ed7959f34c3941278591ea033b5cbadc0f1916032e9bebbd1a8395b83fb63b1454bd775bd20b3a2a96f951246ac14daf68166ba62f6cbff8bd121ac9498ff8852fd2be975df52b5daef3829d18eda42e715022dcbf930d0a789ee6a146c2c7088c35773c63c06b4af4559856ac199ced86863e4294707825337c5857970eb7fddeb263781309011"), + new TestCase( + "0ae10012d7e56614b03dcc89b14bae9242ffe630f3d7e35ce8bbb97bbc2c92c3", + "f96b025d6cf46a8a12ac2af1e2aef1fb83590adadaa5c5ea", + "ea0f354e96f12bc72bbaa3d12b4a8ed879b042f0689878f46b651cc4116d6f78409b11430b3aaa30b2076891e8e1fa528f2fd169ed93dc9f84e24409eec2101daf4d057be2492d11de640cbd7b355ad29fb70400fffd7cd6d425abeeb732a0eaa4330af4c656252c4173deab653eb85c58462d7ab0f35fd12b613d29d473d330310dc323d3c66348bbdbb68a326324657cae7b77a9e34358f2cec50c85609e73056856796e3be8d62b6e2fe9f953", + "e8abd48924b54e5b80866be7d4ebe5cf4274cafff08b39cb2d40a8f0b472398aedc776e0793812fbf1f60078635d2ed86b15efcdba60411ee23b07233592a44ec31b1013ce8964236675f8f183aef885e864f2a72edf4215b5338fa2b54653dfa1a8c55ce5d95cc605b9b311527f2e3463ffbec78a9d1d65dabad2f338769c9f43f133a791a11c7eca9af0b771a4ac32963dc8f631a2c11217ac6e1b9430c1aae1ceebe22703f429998a8fb8c641"), + new TestCase( + "082c539bc5b20f97d767cd3f229eda80b2adc4fe49c86329b5cd6250a9877450", + "845543502e8b64912d8f2c8d9fffb3c69365686587c08d0c", + "a96bb7e910281a6dfad7c8a9c370674f0ceec1ad8d4f0de32f9ae4a23ed329e3d6bc708f876640a229153ac0e7281a8188dd77695138f01cda5f41d5215fd5c6bdd46d982cb73b1efe2997970a9fdbdb1e768d7e5db712068d8ba1af6067b5753495e23e6e1963af012f9c7ce450bf2de619d3d59542fb55f3", + "835da74fc6de08cbda277a7966a07c8dcd627e7b17adde6d930b6581e3124b8baad096f693991fedb1572930601fc7709541839b8e3ffd5f033d2060d999c6c6e3048276613e648000acb5212cc632a916afce290e20ebdf612d08a6aa4c79a74b070d3f872a861f8dc6bb07614db515d363349d3a8e3336a3"), + new TestCase("3d02bff3375d403027356b94f514203737ee9a85d2052db3e4e5a217c259d18a", + "74216c95031895f48c1dba651555ebfa3ca326a755237025", + "0d4b0f54fd09ae39baa5fa4baccf2e6682e61b257e01f42b8f", + "16c4006c28365190411eb1593814cf15e74c22238f210afc3d"), + new TestCase( + "ad1a5c47688874e6663a0f3fa16fa7efb7ecadc175c468e5432914bdb480ffc6", + "e489eed440f1aae1fac8fb7a9825635454f8f8f1f52e2fcc", + "aa6c1e53580f03a9abb73bfdadedfecada4c6b0ebe020ef10db745e54ba861caf65f0e40dfc520203bb54d29e0a8f78f16b3f1aa525d6bfa33c54726e59988cfbec78056", + "02fe84ce81e178e7aabdd3ba925a766c3c24756eefae33942af75e8b464556b5997e616f3f2dfc7fce91848afd79912d9fb55201b5813a5a074d2c0d4292c1fd441807c5"), + new TestCase( + "053a02bedd6368c1fb8afc7a1b199f7f7ea2220c9a4b642a6850091c9d20ab9c", + "c713eea5c26dad75ad3f52451e003a9cb0d649f917c89dde", + "8f0a8a164760426567e388840276de3f95cb5e3fadc6ed3f3e4fe8bc169d9388804dcb94b6587dbb66cb0bd5f87b8e98b52af37ba290629b858e0e2aa7378047a26602", + "516710e59843e6fbd4f25d0d8ca0ec0d47d39d125e9dad987e0518d49107014cb0ae405e30c2eb3794750bca142ce95e290cf95abe15e822823e2e7d3ab21bc8fbd445"), + new TestCase( + "5b14ab0fbed4c58952548a6cb1e0000cf4481421f41288ea0aa84add9f7deb96", + "54bf52b911231b952ba1a6af8e45b1c5a29d97e2abad7c83", + "37fb44a675978b560ff9a4a87011d6f3ad2d37a2c3815b45a3c0e6d1b1d8b1784cd468927c2ee39e1dccd4765e1c3d676a335be1ccd6900a45f5d41a317648315d8a8c24adc64eb285f6aeba05b9029586353d303f17a807658b9ff790474e1737bd5fdc604aeff8dfcaf1427dcc3aacbb0256badcd183ed75a2dc52452f87d3c1ed2aa583472b0ab91cda20614e9b6fdbda3b49b098c95823cc72d8e5b717f2314b0324e9ce", + "ae6deb5d6ce43d4b09d0e6b1c0e9f46157bcd8ab50eaa3197ff9fa2bf7af649eb52c68544fd3adfe6b1eb316f1f23538d470c30dbfec7e57b60cbcd096c782e7736b669199c8253e70214cf2a098fda8eac5da79a9496a3aae754d03b17c6d70d1027f42bf7f95ce3d1d9c338854e158fcc803e4d6262fb639521e47116ef78a7a437ca9427ba645cd646832feab822a208278e45e93e118d780b988d65397eddfd7a819526e"), + new TestCase( + "d74636e3413a88d85f322ca80fb0bd650bd0bf0134e2329160b69609cd58a4b0", + "efb606aa1d9d9f0f465eaa7f8165f1ac09f5cb46fecf2a57", + "f85471b75f6ec81abac2799ec09e98e280b2ffd64ca285e5a0109cfb31ffab2d617b2c2952a2a8a788fc0da2af7f530758f74f1ab56391ab5ff2adbcc5be2d6c7f49fbe8118104c6ff9a23c6dfe52f57954e6a69dcee5db06f514f4a0a572a9a8525d961dae72269b987189d465df6107119c7fa790853e063cba0fab7800ca932e258880fd74c33c784675bedad0e7c09e9cc4d63dd5e9713d5d4a0196e6b562226ac31b4f57c04f90a181973737ddc7e80f364112a9fbb435ebdbcabf7d490ce52", + "b2b795fe6c1d4c83c1327e015a67d4465fd8e32813575cbab263e20ef05864d2dc17e0e4eb81436adfe9f638dcc1c8d78f6b0306baf938e5d2ab0b3e05e735cc6fff2d6e02e3d60484bea7c7a8e13e23197fea7b04d47d48f4a4e5944174539492800d3ef51e2ee5e4c8a0bdf050c2dd3dd74fce5e7e5c37364f7547a11480a3063b9a0a157b15b10a5a954de2731ced055aa2e2767f0891d4329c426f3808ee867bed0dc75b5922b7cfb895700fda016105a4c7b7f0bb90f029f6bbcb04ac36ac16") }; + + public override string Name + { + get { return "XSalsa20"; } + } + + public override void PerformTest() + { + for (int i = 0; i < TEST_CASES.Length; i++) + { + performTest(i, TEST_CASES[i]); + } + } + + private void performTest(int number, TestCase testCase) + { + byte[] plaintext = testCase.Plaintext; + byte[] output = new byte[plaintext.Length]; + + XSalsa20Engine engine = new XSalsa20Engine(); + engine.Init(false, new ParametersWithIV(new KeyParameter(testCase.Key), testCase.Iv)); + + engine.ProcessBytes(testCase.Plaintext, 0, testCase.Plaintext.Length, output, 0); + + if (!Arrays.AreEqual(testCase.Ciphertext, output)) + { + Fail("mismatch on " + number, Hex.ToHexString(testCase.Ciphertext), Hex.ToHexString(output)); + } + } + + public static void Main( + string[] args) + { + RunTest(new XSalsa20Test()); + } + + [Test] + public void TestFunction() + { + string resultText = Perform().ToString(); + + Assert.AreEqual(Name + ": Okay", resultText); + } + } +} diff --git a/BouncyCastle/crypto/test/src/crypto/test/XTEATest.cs b/BouncyCastle/crypto/test/src/crypto/test/XTEATest.cs new file mode 100644 index 0000000..a1ea652 --- /dev/null +++ b/BouncyCastle/crypto/test/src/crypto/test/XTEATest.cs @@ -0,0 +1,59 @@ +using System; + +using NUnit.Framework; + +using Org.BouncyCastle.Crypto.Engines; +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Utilities.Encoders; +using Org.BouncyCastle.Utilities.Test; + +namespace Org.BouncyCastle.Crypto.Tests +{ + /** + * TEA tester - based on C implementation results from http://www.simonshepherd.supanet.com/tea.htm + */ + [TestFixture] + public class XteaTest + : CipherTest + { + private static readonly SimpleTest[] tests = + { + new BlockCipherVectorTest(0, new XteaEngine(), + new KeyParameter(Hex.Decode("00000000000000000000000000000000")), + "0000000000000000", "dee9d4d8f7131ed9"), + new BlockCipherVectorTest(1, new XteaEngine(), + new KeyParameter(Hex.Decode("00000000000000000000000000000000")), + "0102030405060708", "065c1b8975c6a816"), + new BlockCipherVectorTest(2, new XteaEngine(), + new KeyParameter(Hex.Decode("0123456712345678234567893456789A")), + "0000000000000000", "1ff9a0261ac64264"), + new BlockCipherVectorTest(3, new XteaEngine(), + new KeyParameter(Hex.Decode("0123456712345678234567893456789A")), + "0102030405060708", "8c67155b2ef91ead"), + }; + + public XteaTest() + : base(tests, new XteaEngine(), new KeyParameter(new byte[16])) + { + } + + public override string Name + { + get { return "XTEA"; } + } + + public static void Main( + string[] args) + { + RunTest(new XteaTest()); + } + + [Test] + public void TestFunction() + { + string resultText = Perform().ToString(); + + Assert.AreEqual(Name + ": Okay", resultText); + } + } +} diff --git a/BouncyCastle/crypto/test/src/crypto/test/cavp/CavpReader.cs b/BouncyCastle/crypto/test/src/crypto/test/cavp/CavpReader.cs new file mode 100644 index 0000000..0b04092 --- /dev/null +++ b/BouncyCastle/crypto/test/src/crypto/test/cavp/CavpReader.cs @@ -0,0 +1,225 @@ +using System; +using System.Collections; +using System.IO; + +using Org.BouncyCastle.Crypto.Digests; +using Org.BouncyCastle.Crypto.Engines; +using Org.BouncyCastle.Crypto.Macs; +using Org.BouncyCastle.Security; +using Org.BouncyCastle.Utilities.Encoders; +using Org.BouncyCastle.Utilities.Test; + +namespace Org.BouncyCastle.Crypto.Tests.Cavp +{ + internal class Vector : Hashtable + { + private Hashtable mHeader = null; + + public Vector(Hashtable header) + { + this.mHeader = header; + } + + public Hashtable Header + { + get { return mHeader; } + set { this.mHeader = value; } + } + + public string ValueAsString(string name) + { + return this[name] as string; + } + + public string HeaderAsString(string name) + { + return Header[name] as string; + } + + public byte[] ValueAsBytes(string name) + { + string value = this[name] as string; + if (value != null) + { + return Hex.Decode(value); + } + + return null; + } + + public byte[] HeaderAsBytes(string name) + { + string value = Header[name] as string; + if (value != null) + { + return Hex.Decode(value); + } + + return null; + } + + public int ValueAsInt(string name) + { + string value = this[name] as string; + if (value == null) + throw new InvalidOperationException(name + " was null"); + + return Int32.Parse(value); + } + + public int ValueAsInt(string name, int def) + { + string value = this[name] as string; + if (value == null) + return def; + + return Int32.Parse(value); + } + } + + internal class CavpReader + { + public static ArrayList ReadVectorFile(string name) + { + ArrayList vectors = new ArrayList(); + Hashtable header = null; + Vector currentVector = null; + + int headerState = 0; + + using (StreamReader r = new StreamReader(SimpleTest.GetTestDataAsStream("crypto.cavp." + name))) + { + String line; + while (null != (line = r.ReadLine())) + { + // Reading a header or waiting to encounter a header + // and we encounter a vector line. + // Set up a new vector. + if (headerState <= 1 && !line.StartsWith("[") && Contains(line, '=')) + { + currentVector = new Vector(header); + vectors.Add(currentVector); + headerState = 2; + } + + // + // Read + // + if (headerState == 2) + { + // + // Header line found immediately after vector elements. + // + if (line.StartsWith("[") && line.EndsWith("]")) + { + headerState = 0; + } + else + + // + // Not a valid line so we assume this is a break between vectors. + // + if (headerState == 2 && !Contains(line, '=')) + { + headerState = 0; + } + else + + // + // Vector parameter. + // + if (!line.StartsWith("[") && Contains(line, '=')) + { + if (currentVector == null) + { + currentVector = new Vector(header); + vectors.Add(currentVector); + } + + string[] parts = line.Split('='); + currentVector[parts[0].Trim()] = parts[1].Trim(); + headerState = 2; + } + } + + // + // Found start of header block. + // We need a new header map. + // + if (headerState == 0 && line.StartsWith("[") && line.EndsWith("]")) + { + header = new Hashtable(); + headerState = 1; + } + + // + // Read header lines. + // + if (headerState <= 1) + { + if (line.StartsWith("[") && line.EndsWith("]")) + { + // Strip away brackets. + string trimmed = line.Substring(1, line.Length - 2); + string[] parts = trimmed.Split('='); + header[parts[0].Trim()] = parts[1].Trim(); + headerState = 1; + } + } + } + } + + return vectors; + } + + public static IMac CreatePrf(Vector config) + { + string type = config.HeaderAsString("PRF"); + if (type == null) + throw new ArgumentException("PRF field was null."); + + return MacUtilities.GetMac(GetMacForPrf(type)); + } + + private static bool Contains(string s, char c) + { + return s.IndexOf(c) >= 0; + } + + private static string GetMacForPrf(string type) + { + if (type.StartsWith("CMAC_AES")) + { + return "AESCMAC"; + } + else if (type.StartsWith("CMAC_TDES")) + { + return "DESEDECMAC"; + } + else if (type.StartsWith("HMAC_SHA1")) + { + return "HMAC/SHA1"; + } + else if (type.StartsWith("HMAC_SHA224")) + { + return "HMAC/SHA224"; + } + else if (type.StartsWith("HMAC_SHA256")) + { + return "HMAC/SHA256"; + } + else if (type.StartsWith("HMAC_SHA384")) + { + return "HMAC/SHA384"; + } + else if (type.StartsWith("HMAC_SHA512")) + { + return "HMAC/SHA512"; + } + else + { + throw new ArgumentException("Unknown Mac for PRF " + type); + } + } + } +} diff --git a/BouncyCastle/crypto/test/src/crypto/test/cavp/KDFCounterTests.cs b/BouncyCastle/crypto/test/src/crypto/test/cavp/KDFCounterTests.cs new file mode 100644 index 0000000..e0f8755 --- /dev/null +++ b/BouncyCastle/crypto/test/src/crypto/test/cavp/KDFCounterTests.cs @@ -0,0 +1,92 @@ +using System; +using System.Collections; + +using NUnit.Framework; + +using Org.BouncyCastle.Crypto.Generators; +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Utilities; +using Org.BouncyCastle.Utilities.Test; + +namespace Org.BouncyCastle.Crypto.Tests.Cavp +{ + [TestFixture] + public class KdfCounterTests : SimpleTest + { + public KdfCounterTests() + { + } + + public override string Name + { + get { return "KdfCounterTests"; } + } + + [Test] + public override void PerformTest() + { + string file = "KDFCTR_gen.rsp"; + ArrayList vectors = CavpReader.ReadVectorFile(file); + ProcessVectors(file, vectors); + } + + private void ProcessVectors(string name, ArrayList vectors) + { + foreach (Vector vector in vectors) + { + IMac prf = CavpReader.CreatePrf(vector); + KdfCounterBytesGenerator gen = new KdfCounterBytesGenerator(prf); + int r = -1; + { + string rlen = vector.HeaderAsString("RLEN"); + if (rlen == null) + { + Assert.Fail("No RLEN"); + } + r = Int32.Parse(rlen.Split('_')[0]); + } + int count = vector.ValueAsInt("COUNT"); + int l = vector.ValueAsInt("L"); + byte[] ki = vector.ValueAsBytes("KI"); + if (vector.HeaderAsString("CTRLOCATION") == "BEFORE_FIXED") + { + byte[] fixedInputData = vector.ValueAsBytes("FixedInputData"); + KdfCounterParameters param = new KdfCounterParameters(ki, null, fixedInputData, r); + gen.Init(param); + } + else if (vector.HeaderAsString("CTRLOCATION") == "AFTER_FIXED") + { + byte[] fixedInputData = vector.ValueAsBytes("FixedInputData"); + KdfCounterParameters param = new KdfCounterParameters(ki, fixedInputData, null, r); + gen.Init(param); + } + else if (vector.HeaderAsString("CTRLOCATION") == "MIDDLE_FIXED") + { + byte[] DataBeforeCtrData = vector.ValueAsBytes("DataBeforeCtrData"); + byte[] DataAfterCtrData = vector.ValueAsBytes("DataAfterCtrData"); + KdfCounterParameters param = new KdfCounterParameters(ki, DataBeforeCtrData, DataAfterCtrData, r); + gen.Init(param); + } + else + { + throw new InvalidOperationException("Unknown CTRLOCATION: " + vector.HeaderAsString("CTRLOCATION")); + } + + byte[] koGenerated = new byte[l / 8]; + gen.GenerateBytes(koGenerated, 0, koGenerated.Length); + + byte[] koVectors = vector.ValueAsBytes("KO"); + CompareKO(name, vector, count, koGenerated, koVectors); + } + } + + private static void CompareKO(string name, Vector config, int test, byte[] calculatedOKM, byte[] testOKM) + { + if (!Arrays.AreEqual(calculatedOKM, testOKM)) + { + throw new TestFailedException(new SimpleTestResult( + false, name + " using " + config.ValueAsInt("COUNT") + " test " + test + " failed")); + } + } + } +} \ No newline at end of file diff --git a/BouncyCastle/crypto/test/src/crypto/test/cavp/KDFDoublePipelineTests.cs b/BouncyCastle/crypto/test/src/crypto/test/cavp/KDFDoublePipelineTests.cs new file mode 100644 index 0000000..6742244 --- /dev/null +++ b/BouncyCastle/crypto/test/src/crypto/test/cavp/KDFDoublePipelineTests.cs @@ -0,0 +1,98 @@ +using System; +using System.Collections; + +using NUnit.Framework; + +using Org.BouncyCastle.Crypto.Generators; +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Utilities; +using Org.BouncyCastle.Utilities.Test; + +namespace Org.BouncyCastle.Crypto.Tests.Cavp +{ + [TestFixture] + public class KdfDoublePipelineTests : SimpleTest + { + public override string Name + { + get { return "KdfDoublePipelineTests"; } + } + + [Test] + public override void PerformTest() + { + KdfDblPipelineNoCounterTest(); + KdfDblPipelineCounterTest(); + } + + private void KdfDblPipelineNoCounterTest() + { + string file = "KDFDblPipelineNoCounter_gen.rsp"; + ArrayList vectors = CavpReader.ReadVectorFile(file); + + foreach (Vector vector in vectors) + { + IMac prf = CavpReader.CreatePrf(vector); + KdfDoublePipelineIterationBytesGenerator gen = new KdfDoublePipelineIterationBytesGenerator(prf); + + int count = vector.ValueAsInt("COUNT"); + int l = vector.ValueAsInt("L"); + byte[] ki = vector.ValueAsBytes("KI"); + byte[] fixedInputData = vector.ValueAsBytes("FixedInputData"); + KdfDoublePipelineIterationParameters param = KdfDoublePipelineIterationParameters.CreateWithoutCounter(ki, fixedInputData); + gen.Init(param); + + byte[] koGenerated = new byte[l / 8]; + gen.GenerateBytes(koGenerated, 0, koGenerated.Length); + + byte[] koVectors = vector.ValueAsBytes("KO"); + CompareKO(file, vector, count, koGenerated, koVectors); + } + } + + private void KdfDblPipelineCounterTest() + { + string file = "KDFDblPipelineCounter_gen.rsp"; + ArrayList vectors = CavpReader.ReadVectorFile(file); + + foreach (Vector vector in vectors) + { + if (vector.HeaderAsString("CTRLOCATION") != "AFTER_ITER") + continue; + + IMac prf = CavpReader.CreatePrf(vector); + KdfDoublePipelineIterationBytesGenerator gen = new KdfDoublePipelineIterationBytesGenerator(prf); + int r = -1; + { + string rlen = vector.HeaderAsString("RLEN"); + if (rlen == null) + { + Assert.Fail("No RLEN"); + } + r = Int32.Parse(rlen.Split('_')[0]); + } + int count = vector.ValueAsInt("COUNT"); + int l = vector.ValueAsInt("L"); + byte[] ki = vector.ValueAsBytes("KI"); + byte[] fixedInputData = vector.ValueAsBytes("FixedInputData"); + KdfDoublePipelineIterationParameters param = KdfDoublePipelineIterationParameters.CreateWithCounter(ki, fixedInputData, r); + gen.Init(param); + + byte[] koGenerated = new byte[l / 8]; + gen.GenerateBytes(koGenerated, 0, koGenerated.Length); + + byte[] koVectors = vector.ValueAsBytes("KO"); + CompareKO(file, vector, count, koGenerated, koVectors); + } + } + + private static void CompareKO(string name, Vector config, int test, byte[] calculatedOKM, byte[] testOKM) + { + if (!Arrays.AreEqual(calculatedOKM, testOKM)) + { + throw new TestFailedException(new SimpleTestResult( + false, name + " using " + config.ValueAsInt("COUNT") + " test " + test + " failed")); + } + } + } +} \ No newline at end of file diff --git a/BouncyCastle/crypto/test/src/crypto/test/cavp/KDFFeedbackCounterTests.cs b/BouncyCastle/crypto/test/src/crypto/test/cavp/KDFFeedbackCounterTests.cs new file mode 100644 index 0000000..ea052b8 --- /dev/null +++ b/BouncyCastle/crypto/test/src/crypto/test/cavp/KDFFeedbackCounterTests.cs @@ -0,0 +1,100 @@ +using System; +using System.Collections; + +using NUnit.Framework; + +using Org.BouncyCastle.Crypto.Generators; +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Utilities; +using Org.BouncyCastle.Utilities.Test; + +namespace Org.BouncyCastle.Crypto.Tests.Cavp +{ + [TestFixture] + public class KdfFeedbackCounterTests : SimpleTest + { + public override string Name + { + get { return "KdfFeedbackCounterTests"; } + } + + [Test] + public override void PerformTest() + { + KdfFeedbackCounterTest(); + KdfFeedbackNoCounterTest(); + } + + private void KdfFeedbackNoCounterTest() + { + string file = "KDFFeedbackNoCounter_gen.rsp"; + ArrayList vectors = CavpReader.ReadVectorFile(file); + + foreach (Vector vector in vectors) + { + IMac prf = CavpReader.CreatePrf(vector); + KdfFeedbackBytesGenerator gen = new KdfFeedbackBytesGenerator(prf); + + int count = vector.ValueAsInt("COUNT"); + int l = vector.ValueAsInt("L"); + byte[] ki = vector.ValueAsBytes("KI"); + byte[] iv = vector.ValueAsBytes("IV"); + byte[] fixedInputData = vector.ValueAsBytes("FixedInputData"); + KdfFeedbackParameters param = KdfFeedbackParameters.CreateWithoutCounter(ki, iv, fixedInputData); + gen.Init(param); + + byte[] koGenerated = new byte[l / 8]; + gen.GenerateBytes(koGenerated, 0, koGenerated.Length); + + byte[] koVectors = vector.ValueAsBytes("KO"); + CompareKO(file, vector, count, koGenerated, koVectors); + } + } + + private void KdfFeedbackCounterTest() + { + string file = "KDFFeedbackCounter_gen.rsp"; + ArrayList vectors = CavpReader.ReadVectorFile(file); + + foreach (Vector vector in vectors) + { + if (vector.HeaderAsString("CTRLOCATION") != "AFTER_ITER") + continue; + + IMac prf = CavpReader.CreatePrf(vector); + KdfFeedbackBytesGenerator gen = new KdfFeedbackBytesGenerator(prf); + int r = -1; + { + string rlen = vector.HeaderAsString("RLEN"); + if (rlen == null) + { + Fail("No RLEN"); + } + r = Int32.Parse(rlen.Split('_')[0]); + } + int count = vector.ValueAsInt("COUNT"); + int l = vector.ValueAsInt("L"); + byte[] ki = vector.ValueAsBytes("KI"); + byte[] iv = vector.ValueAsBytes("IV"); + byte[] fixedInputData = vector.ValueAsBytes("FixedInputData"); + KdfFeedbackParameters param = KdfFeedbackParameters.CreateWithCounter(ki, iv, fixedInputData, r); + gen.Init(param); + + byte[] koGenerated = new byte[l / 8]; + gen.GenerateBytes(koGenerated, 0, koGenerated.Length); + + byte[] koVectors = vector.ValueAsBytes("KO"); + CompareKO(file, vector, count, koGenerated, koVectors); + } + } + + private static void CompareKO(string name, Vector config, int test, byte[] calculatedOKM, byte[] testOKM) + { + if (!Arrays.AreEqual(calculatedOKM, testOKM)) + { + throw new TestFailedException(new SimpleTestResult( + false, name + " using " + config.ValueAsInt("COUNT") + " test " + test + " failed")); + } + } + } +} \ No newline at end of file diff --git a/BouncyCastle/crypto/test/src/crypto/tls/test/ByteQueueStreamTest.cs b/BouncyCastle/crypto/test/src/crypto/tls/test/ByteQueueStreamTest.cs new file mode 100644 index 0000000..1d68a52 --- /dev/null +++ b/BouncyCastle/crypto/test/src/crypto/tls/test/ByteQueueStreamTest.cs @@ -0,0 +1,134 @@ +using System; + +using NUnit.Framework; + +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Crypto.Tls.Tests +{ + [TestFixture] + public class ByteQueueStreamTest + { + [Test] + public void TestAvailable() + { + ByteQueueStream input = new ByteQueueStream(); + + // buffer is empty + Assert.AreEqual(0, input.Available); + + // after adding once + input.Write(new byte[10]); + Assert.AreEqual(10, input.Available); + + // after adding more than once + input.Write(new byte[5]); + Assert.AreEqual(15, input.Available); + + // after reading a single byte + input.ReadByte(); + Assert.AreEqual(14, input.Available); + + // after reading into a byte array + input.Read(new byte[4]); + Assert.AreEqual(10, input.Available); + + input.Close(); // so compiler doesn't whine about a resource leak + } + + [Test] + public void TestSkip() + { + ByteQueueStream input = new ByteQueueStream(); + + // skip when buffer is empty + Assert.AreEqual(0, input.Skip(10)); + + // skip equal to available + input.Write(new byte[2]); + Assert.AreEqual(2, input.Skip(2)); + Assert.AreEqual(0, input.Available); + + // skip less than available + input.Write(new byte[10]); + Assert.AreEqual(5, input.Skip(5)); + Assert.AreEqual(5, input.Available); + + // skip more than available + Assert.AreEqual(5, input.Skip(20)); + Assert.AreEqual(0, input.Available); + + input.Close();// so compiler doesn't whine about a resource leak + } + + [Test] + public void TestRead() + { + ByteQueueStream input = new ByteQueueStream(); + input.Write(new byte[] { 0x01, 0x02 }); + input.Write(new byte[]{ 0x03 }); + + Assert.AreEqual(0x01, input.ReadByte()); + Assert.AreEqual(0x02, input.ReadByte()); + Assert.AreEqual(0x03, input.ReadByte()); + Assert.AreEqual(-1, input.ReadByte()); + + input.Close(); // so compiler doesn't whine about a resource leak + } + + [Test] + public void TestReadArray() + { + ByteQueueStream input = new ByteQueueStream(); + input.Write(new byte[] { 0x01, 0x02, 0x03, 0x04, 0x05, 0x06 }); + + byte[] buffer = new byte[5]; + + // read less than available into specified position + Assert.AreEqual(1, input.Read(buffer, 2, 1)); + AssertArrayEquals(new byte[]{ 0x00, 0x00, 0x01, 0x00, 0x00 }, buffer); + + // read equal to available + Assert.AreEqual(5, input.Read(buffer)); + AssertArrayEquals(new byte[]{ 0x02, 0x03, 0x04, 0x05, 0x06 }, buffer); + + // read more than available + input.Write(new byte[]{ 0x01, 0x02, 0x03 }); + Assert.AreEqual(3, input.Read(buffer)); + AssertArrayEquals(new byte[]{ 0x01, 0x02, 0x03, 0x05, 0x06 }, buffer); + + input.Close(); // so compiler doesn't whine about a resource leak + } + + [Test] + public void TestPeek() + { + ByteQueueStream input = new ByteQueueStream(); + + byte[] buffer = new byte[5]; + + // peek more than available + Assert.AreEqual(0, input.Peek(buffer)); + AssertArrayEquals(new byte[]{ 0x00, 0x00, 0x00, 0x00, 0x00 }, buffer); + + // peek less than available + input.Write(new byte[]{ 0x01, 0x02, 0x03, 0x04, 0x05, 0x06 }); + Assert.AreEqual(5, input.Peek(buffer)); + AssertArrayEquals(new byte[]{ 0x01, 0x02, 0x03, 0x04, 0x05 }, buffer); + Assert.AreEqual(6, input.Available); + + // peek equal to available + input.ReadByte(); + Assert.AreEqual(5, input.Peek(buffer)); + AssertArrayEquals(new byte[]{ 0x02, 0x03, 0x04, 0x05, 0x06 }, buffer); + Assert.AreEqual(5, input.Available); + + input.Close(); // so compiler doesn't whine about a resource leak + } + + private static void AssertArrayEquals(byte[] a, byte[] b) + { + Assert.IsTrue(Arrays.AreEqual(a, b)); + } + } +} diff --git a/BouncyCastle/crypto/test/src/crypto/tls/test/DtlsProtocolTest.cs b/BouncyCastle/crypto/test/src/crypto/tls/test/DtlsProtocolTest.cs new file mode 100644 index 0000000..43726c7 --- /dev/null +++ b/BouncyCastle/crypto/test/src/crypto/tls/test/DtlsProtocolTest.cs @@ -0,0 +1,102 @@ +using System; +using System.IO; +using System.Threading; + +using Org.BouncyCastle.Security; +using Org.BouncyCastle.Utilities; + +using NUnit.Framework; + +namespace Org.BouncyCastle.Crypto.Tls.Tests +{ + [TestFixture] + public class DtlsProtocolTest + { + [Test] + public void TestClientServer() + { + SecureRandom secureRandom = new SecureRandom(); + + DtlsClientProtocol clientProtocol = new DtlsClientProtocol(secureRandom); + DtlsServerProtocol serverProtocol = new DtlsServerProtocol(secureRandom); + + MockDatagramAssociation network = new MockDatagramAssociation(1500); + + Server server = new Server(serverProtocol, network.Server); + + Thread serverThread = new Thread(new ThreadStart(server.Run)); + serverThread.Start(); + + DatagramTransport clientTransport = network.Client; + + clientTransport = new UnreliableDatagramTransport(clientTransport, secureRandom, 0, 0); + + clientTransport = new LoggingDatagramTransport(clientTransport, Console.Out); + + MockDtlsClient client = new MockDtlsClient(null); + + DtlsTransport dtlsClient = clientProtocol.Connect(client, clientTransport); + + for (int i = 1; i <= 10; ++i) + { + byte[] data = new byte[i]; + Arrays.Fill(data, (byte)i); + dtlsClient.Send(data, 0, data.Length); + } + + byte[] buf = new byte[dtlsClient.GetReceiveLimit()]; + while (dtlsClient.Receive(buf, 0, buf.Length, 100) >= 0) + { + } + + dtlsClient.Close(); + + server.Shutdown(serverThread); + } + + internal class Server + { + private readonly DtlsServerProtocol mServerProtocol; + private readonly DatagramTransport mServerTransport; + private volatile bool isShutdown = false; + + internal Server(DtlsServerProtocol serverProtocol, DatagramTransport serverTransport) + { + this.mServerProtocol = serverProtocol; + this.mServerTransport = serverTransport; + } + + public void Run() + { + try + { + MockDtlsServer server = new MockDtlsServer(); + DtlsTransport dtlsServer = mServerProtocol.Accept(server, mServerTransport); + byte[] buf = new byte[dtlsServer.GetReceiveLimit()]; + while (!isShutdown) + { + int length = dtlsServer.Receive(buf, 0, buf.Length, 1000); + if (length >= 0) + { + dtlsServer.Send(buf, 0, length); + } + } + dtlsServer.Close(); + } + catch (Exception e) + { + Console.Error.WriteLine(e); + } + } + + internal void Shutdown(Thread serverThread) + { + if (!isShutdown) + { + isShutdown = true; + serverThread.Join(); + } + } + } + } +} diff --git a/BouncyCastle/crypto/test/src/crypto/tls/test/DtlsTestCase.cs b/BouncyCastle/crypto/test/src/crypto/tls/test/DtlsTestCase.cs new file mode 100644 index 0000000..1cea4bf --- /dev/null +++ b/BouncyCastle/crypto/test/src/crypto/tls/test/DtlsTestCase.cs @@ -0,0 +1,154 @@ +using System; +using System.IO; +using System.Threading; + +using Org.BouncyCastle.Security; +using Org.BouncyCastle.Utilities; + +using NUnit.Framework; + +namespace Org.BouncyCastle.Crypto.Tls.Tests +{ + [TestFixture] + public class DtlsTestCase + { + private static void CheckDtlsVersion(ProtocolVersion version) + { + if (version != null && !version.IsDtls) + throw new InvalidOperationException("Non-DTLS version"); + } + + [Test, TestCaseSource(typeof(DtlsTestSuite), "Suite")] + public void RunTest(TlsTestConfig config) + { + CheckDtlsVersion(config.clientMinimumVersion); + CheckDtlsVersion(config.clientOfferVersion); + CheckDtlsVersion(config.serverMaximumVersion); + CheckDtlsVersion(config.serverMinimumVersion); + + SecureRandom secureRandom = new SecureRandom(); + + DtlsTestClientProtocol clientProtocol = new DtlsTestClientProtocol(secureRandom, config); + DtlsTestServerProtocol serverProtocol = new DtlsTestServerProtocol(secureRandom, config); + + MockDatagramAssociation network = new MockDatagramAssociation(1500); + + TlsTestClientImpl clientImpl = new TlsTestClientImpl(config); + TlsTestServerImpl serverImpl = new TlsTestServerImpl(config); + + Server server = new Server(this, serverProtocol, network.Server, serverImpl); + + Thread serverThread = new Thread(new ThreadStart(server.Run)); + serverThread.Start(); + + Exception caught = null; + try + { + DatagramTransport clientTransport = network.Client; + + if (TlsTestConfig.DEBUG) + { + clientTransport = new LoggingDatagramTransport(clientTransport, Console.Out); + } + + DtlsTransport dtlsClient = clientProtocol.Connect(clientImpl, clientTransport); + + for (int i = 1; i <= 10; ++i) + { + byte[] data = new byte[i]; + Arrays.Fill(data, (byte)i); + dtlsClient.Send(data, 0, data.Length); + } + + byte[] buf = new byte[dtlsClient.GetReceiveLimit()]; + while (dtlsClient.Receive(buf, 0, buf.Length, 100) >= 0) + { + } + + dtlsClient.Close(); + } + catch (Exception e) + { + caught = e; + LogException(caught); + } + + server.Shutdown(serverThread); + + // TODO Add checks that the various streams were closed + + Assert.AreEqual(config.expectFatalAlertConnectionEnd, clientImpl.FirstFatalAlertConnectionEnd, "Client fatal alert connection end"); + Assert.AreEqual(config.expectFatalAlertConnectionEnd, serverImpl.FirstFatalAlertConnectionEnd, "Server fatal alert connection end"); + + Assert.AreEqual(config.expectFatalAlertDescription, clientImpl.FirstFatalAlertDescription, "Client fatal alert description"); + Assert.AreEqual(config.expectFatalAlertDescription, serverImpl.FirstFatalAlertDescription, "Server fatal alert description"); + + if (config.expectFatalAlertConnectionEnd == -1) + { + Assert.IsNull(caught, "Unexpected client exception"); + Assert.IsNull(server.mCaught, "Unexpected server exception"); + } + } + + protected void LogException(Exception e) + { + if (TlsTestConfig.DEBUG) + { + Console.Error.WriteLine(e); + } + } + + internal class Server + { + private readonly DtlsTestCase mOuter; + private readonly DtlsTestServerProtocol mServerProtocol; + private readonly DatagramTransport mServerTransport; + private readonly TlsTestServerImpl mServerImpl; + + private volatile bool isShutdown = false; + internal Exception mCaught = null; + + internal Server(DtlsTestCase outer, DtlsTestServerProtocol serverProtocol, + DatagramTransport serverTransport, TlsTestServerImpl serverImpl) + { + this.mOuter = outer; + this.mServerProtocol = serverProtocol; + this.mServerTransport = serverTransport; + this.mServerImpl = serverImpl; + } + + public void Run() + { + try + { + DtlsTransport dtlsServer = mServerProtocol.Accept(mServerImpl, mServerTransport); + byte[] buf = new byte[dtlsServer.GetReceiveLimit()]; + while (!isShutdown) + { + int length = dtlsServer.Receive(buf, 0, buf.Length, 100); + if (length >= 0) + { + dtlsServer.Send(buf, 0, length); + } + } + dtlsServer.Close(); + } + catch (Exception e) + { + mCaught = e; + mOuter.LogException(mCaught); + } + } + + internal void Shutdown(Thread serverThread) + { + if (!isShutdown) + { + isShutdown = true; + //serverThread.Interrupt(); + serverThread.Join(); + } + } + } + } +} diff --git a/BouncyCastle/crypto/test/src/crypto/tls/test/DtlsTestClientProtocol.cs b/BouncyCastle/crypto/test/src/crypto/tls/test/DtlsTestClientProtocol.cs new file mode 100644 index 0000000..41ed93e --- /dev/null +++ b/BouncyCastle/crypto/test/src/crypto/tls/test/DtlsTestClientProtocol.cs @@ -0,0 +1,28 @@ +using System; + +using Org.BouncyCastle.Security; + +namespace Org.BouncyCastle.Crypto.Tls.Tests +{ + internal class DtlsTestClientProtocol + : DtlsClientProtocol + { + protected readonly TlsTestConfig config; + + public DtlsTestClientProtocol(SecureRandom secureRandom, TlsTestConfig config) + : base(secureRandom) + { + this.config = config; + } + + protected override byte[] GenerateCertificateVerify(ClientHandshakeState state, DigitallySigned certificateVerify) + { + if (certificateVerify.Algorithm != null && config.clientAuthSigAlgClaimed != null) + { + certificateVerify = new DigitallySigned(config.clientAuthSigAlgClaimed, certificateVerify.Signature); + } + + return base.GenerateCertificateVerify(state, certificateVerify); + } + } +} diff --git a/BouncyCastle/crypto/test/src/crypto/tls/test/DtlsTestServerProtocol.cs b/BouncyCastle/crypto/test/src/crypto/tls/test/DtlsTestServerProtocol.cs new file mode 100644 index 0000000..006473c --- /dev/null +++ b/BouncyCastle/crypto/test/src/crypto/tls/test/DtlsTestServerProtocol.cs @@ -0,0 +1,18 @@ +using System; + +using Org.BouncyCastle.Security; + +namespace Org.BouncyCastle.Crypto.Tls.Tests +{ + internal class DtlsTestServerProtocol + : DtlsServerProtocol + { + protected readonly TlsTestConfig config; + + public DtlsTestServerProtocol(SecureRandom secureRandom, TlsTestConfig config) + : base(secureRandom) + { + this.config = config; + } + } +} diff --git a/BouncyCastle/crypto/test/src/crypto/tls/test/DtlsTestSuite.cs b/BouncyCastle/crypto/test/src/crypto/tls/test/DtlsTestSuite.cs new file mode 100644 index 0000000..f191ef0 --- /dev/null +++ b/BouncyCastle/crypto/test/src/crypto/tls/test/DtlsTestSuite.cs @@ -0,0 +1,228 @@ +using System; +using System.Collections; + +using NUnit.Framework; + +namespace Org.BouncyCastle.Crypto.Tls.Tests +{ + public class DtlsTestSuite + { + // Make the access to constants less verbose + internal class C : TlsTestConfig {} + + public DtlsTestSuite() + { + } + + public static IEnumerable Suite() + { + IList testSuite = new ArrayList(); + + AddFallbackTests(testSuite); + AddVersionTests(testSuite, ProtocolVersion.DTLSv10); + AddVersionTests(testSuite, ProtocolVersion.DTLSv12); + + return testSuite; + } + + private static void AddFallbackTests(IList testSuite) + { + { + TlsTestConfig c = CreateDtlsTestConfig(ProtocolVersion.DTLSv12); + c.clientFallback = true; + + AddTestCase(testSuite, c, "FallbackGood"); + } + + /* + * NOTE: Temporarily disabled automatic test runs because of problems getting a clean exit + * of the DTLS server after a fatal alert. As of writing, manual runs show the correct + * alerts being raised + */ + +#if false + { + TlsTestConfig c = CreateDtlsTestConfig(ProtocolVersion.DTLSv12); + c.clientOfferVersion = ProtocolVersion.DTLSv10; + c.clientFallback = true; + c.ExpectServerFatalAlert(AlertDescription.inappropriate_fallback); + + AddTestCase(testSuite, c, "FallbackBad"); + } +#endif + + { + TlsTestConfig c = CreateDtlsTestConfig(ProtocolVersion.DTLSv12); + c.clientOfferVersion = ProtocolVersion.DTLSv10; + + AddTestCase(testSuite, c, "FallbackNone"); + } + } + + private static void AddVersionTests(IList testSuite, ProtocolVersion version) + { + string prefix = version.ToString() + .Replace(" ", "") + .Replace("\\", "") + .Replace(".", "") + + "_"; + + /* + * NOTE: Temporarily disabled automatic test runs because of problems getting a clean exit + * of the DTLS server after a fatal alert. As of writing, manual runs show the correct + * alerts being raised + */ + +#if false + /* + * Server only declares support for SHA1/RSA, client selects MD5/RSA. Since the client is + * NOT actually tracking MD5 over the handshake, we expect fatal alert from the client. + */ + if (TlsUtilities.IsTlsV12(version)) + { + TlsTestConfig c = CreateDtlsTestConfig(version); + c.clientAuth = C.CLIENT_AUTH_VALID; + c.clientAuthSigAlg = new SignatureAndHashAlgorithm(HashAlgorithm.md5, SignatureAlgorithm.rsa); + c.serverCertReqSigAlgs = TlsUtilities.GetDefaultRsaSignatureAlgorithms(); + c.ExpectClientFatalAlert(AlertDescription.internal_error); + + AddTestCase(testSuite, c, prefix + "BadCertificateVerifyHashAlg"); + } + + /* + * Server only declares support for SHA1/ECDSA, client selects SHA1/RSA. Since the client is + * actually tracking SHA1 over the handshake, we expect fatal alert to come from the server + * when it verifies the selected algorithm against the CertificateRequest supported + * algorithms. + */ + if (TlsUtilities.IsTlsV12(version)) + { + TlsTestConfig c = CreateDtlsTestConfig(version); + c.clientAuth = C.CLIENT_AUTH_VALID; + c.clientAuthSigAlg = new SignatureAndHashAlgorithm(HashAlgorithm.sha1, SignatureAlgorithm.rsa); + c.serverCertReqSigAlgs = TlsUtilities.GetDefaultECDsaSignatureAlgorithms(); + c.ExpectServerFatalAlert(AlertDescription.illegal_parameter); + + AddTestCase(testSuite, c, prefix + "BadCertificateVerifySigAlg"); + } + + /* + * Server only declares support for SHA1/ECDSA, client signs with SHA1/RSA, but sends + * SHA1/ECDSA in the CertificateVerify. Since the client is actually tracking SHA1 over the + * handshake, and the claimed algorithm is in the CertificateRequest supported algorithms, + * we expect fatal alert to come from the server when it finds the claimed algorithm + * doesn't match the client certificate. + */ + if (TlsUtilities.IsTlsV12(version)) + { + TlsTestConfig c = CreateDtlsTestConfig(version); + c.clientAuth = C.CLIENT_AUTH_VALID; + c.clientAuthSigAlg = new SignatureAndHashAlgorithm(HashAlgorithm.sha1, SignatureAlgorithm.rsa); + c.clientAuthSigAlgClaimed = new SignatureAndHashAlgorithm(HashAlgorithm.sha1, SignatureAlgorithm.ecdsa); + c.serverCertReqSigAlgs = TlsUtilities.GetDefaultECDsaSignatureAlgorithms(); + c.ExpectServerFatalAlert(AlertDescription.decrypt_error); + + AddTestCase(testSuite, c, prefix + "BadCertificateVerifySigAlgMismatch"); + } + + { + TlsTestConfig c = CreateDtlsTestConfig(version); + c.clientAuth = C.CLIENT_AUTH_INVALID_VERIFY; + c.ExpectServerFatalAlert(AlertDescription.decrypt_error); + + AddTestCase(testSuite, c, prefix + "BadCertificateVerifySignature"); + } + + { + TlsTestConfig c = CreateDtlsTestConfig(version); + c.clientAuth = C.CLIENT_AUTH_INVALID_CERT; + c.ExpectServerFatalAlert(AlertDescription.bad_certificate); + + AddTestCase(testSuite, c, prefix + "BadClientCertificate"); + } + + { + TlsTestConfig c = CreateDtlsTestConfig(version); + c.clientAuth = C.CLIENT_AUTH_NONE; + c.serverCertReq = C.SERVER_CERT_REQ_MANDATORY; + c.ExpectServerFatalAlert(AlertDescription.handshake_failure); + + AddTestCase(testSuite, c, prefix + "BadMandatoryCertReqDeclined"); + } + + /* + * Server selects MD5/RSA for ServerKeyExchange signature, which is not in the default + * supported signature algorithms that the client sent. We expect fatal alert from the + * client when it verifies the selected algorithm against the supported algorithms. + */ + if (TlsUtilities.IsTlsV12(version)) + { + TlsTestConfig c = CreateDtlsTestConfig(version); + c.serverAuthSigAlg = new SignatureAndHashAlgorithm(HashAlgorithm.md5, SignatureAlgorithm.rsa); + c.ExpectClientFatalAlert(AlertDescription.illegal_parameter); + + AddTestCase(testSuite, c, prefix + "BadServerKeyExchangeSigAlg"); + } + + /* + * Server selects MD5/RSA for ServerKeyExchange signature, which is not the default {sha1,rsa} + * implied by the absent signature_algorithms extension. We expect fatal alert from the + * client when it verifies the selected algorithm against the implicit default. + */ + if (TlsUtilities.IsTlsV12(version)) + { + TlsTestConfig c = CreateDtlsTestConfig(version); + c.clientSendSignatureAlgorithms = false; + c.serverAuthSigAlg = new SignatureAndHashAlgorithm(HashAlgorithm.md5, SignatureAlgorithm.rsa); + c.ExpectClientFatalAlert(AlertDescription.illegal_parameter); + + AddTestCaseDebug(testSuite, c, prefix + "BadServerKeyExchangeSigAlg2"); + } +#endif + + { + TlsTestConfig c = CreateDtlsTestConfig(version); + + AddTestCase(testSuite, c, prefix + "GoodDefault"); + } + + { + TlsTestConfig c = CreateDtlsTestConfig(version); + c.serverCertReq = C.SERVER_CERT_REQ_NONE; + + AddTestCase(testSuite, c, prefix + "GoodNoCertReq"); + } + + { + TlsTestConfig c = CreateDtlsTestConfig(version); + c.clientAuth = C.CLIENT_AUTH_NONE; + + AddTestCase(testSuite, c, prefix + "GoodOptionalCertReqDeclined"); + } + } + + private static void AddTestCase(IList testSuite, TlsTestConfig config, String name) + { + testSuite.Add(new TestCaseData(config).SetName(name)); + } + + private static TlsTestConfig CreateDtlsTestConfig(ProtocolVersion version) + { + TlsTestConfig c = new TlsTestConfig(); + c.clientMinimumVersion = ProtocolVersion.DTLSv10; + c.clientOfferVersion = ProtocolVersion.DTLSv12; + c.serverMaximumVersion = version; + c.serverMinimumVersion = ProtocolVersion.DTLSv10; + return c; + } + + public static void RunTests() + { + foreach (TestCaseData data in Suite()) + { + Console.WriteLine(data.TestName); + new DtlsTestCase().RunTest((TlsTestConfig)data.Arguments[0]); + } + } + } +} diff --git a/BouncyCastle/crypto/test/src/crypto/tls/test/LoggingDatagramTransport.cs b/BouncyCastle/crypto/test/src/crypto/tls/test/LoggingDatagramTransport.cs new file mode 100644 index 0000000..a26c5bd --- /dev/null +++ b/BouncyCastle/crypto/test/src/crypto/tls/test/LoggingDatagramTransport.cs @@ -0,0 +1,86 @@ +using System; +using System.IO; +using System.Text; + +using Org.BouncyCastle.Utilities.Date; + +namespace Org.BouncyCastle.Crypto.Tls.Tests +{ + public class LoggingDatagramTransport + : DatagramTransport + { + private static readonly string HEX_CHARS = "0123456789ABCDEF"; + + private readonly DatagramTransport transport; + private readonly TextWriter output; + private readonly long launchTimestamp; + + public LoggingDatagramTransport(DatagramTransport transport, TextWriter output) + { + this.transport = transport; + this.output = output; + this.launchTimestamp = DateTimeUtilities.CurrentUnixMs(); + } + + public virtual int GetReceiveLimit() + { + return transport.GetReceiveLimit(); + } + + public virtual int GetSendLimit() + { + return transport.GetSendLimit(); + } + + public virtual int Receive(byte[] buf, int off, int len, int waitMillis) + { + int length = transport.Receive(buf, off, len, waitMillis); + if (length >= 0) + { + DumpDatagram("Received", buf, off, length); + } + return length; + } + + public virtual void Send(byte[] buf, int off, int len) + { + DumpDatagram("Sending", buf, off, len); + transport.Send(buf, off, len); + } + + public virtual void Close() + { + } + + private void DumpDatagram(string verb, byte[] buf, int off, int len) + { + long timestamp = DateTimeUtilities.CurrentUnixMs() - launchTimestamp; + StringBuilder sb = new StringBuilder("(+" + timestamp + "ms) " + verb + " " + len + " byte datagram:"); + for (int pos = 0; pos < len; ++pos) + { + if (pos % 16 == 0) + { + sb.Append(Environment.NewLine); + sb.Append(" "); + } + else if (pos % 16 == 8) + { + sb.Append('-'); + } + else + { + sb.Append(' '); + } + int val = buf[off + pos] & 0xFF; + sb.Append(HEX_CHARS[val >> 4]); + sb.Append(HEX_CHARS[val & 0xF]); + } + Dump(sb.ToString()); + } + + private void Dump(string s) + { + lock (this) output.WriteLine(s); + } + } +} diff --git a/BouncyCastle/crypto/test/src/crypto/tls/test/MockDatagramAssociation.cs b/BouncyCastle/crypto/test/src/crypto/tls/test/MockDatagramAssociation.cs new file mode 100644 index 0000000..48df36c --- /dev/null +++ b/BouncyCastle/crypto/test/src/crypto/tls/test/MockDatagramAssociation.cs @@ -0,0 +1,110 @@ +using System; +using System.Collections; +using System.IO; +using System.Net; +using System.Threading; + +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Crypto.Tls.Tests +{ + public class MockDatagramAssociation + { + private int mtu; + private MockDatagramTransport client, server; + + public MockDatagramAssociation(int mtu) + { + this.mtu = mtu; + + IList clientQueue = new ArrayList(); + IList serverQueue = new ArrayList(); + + this.client = new MockDatagramTransport(this, clientQueue, serverQueue); + this.server = new MockDatagramTransport(this, serverQueue, clientQueue); + } + + public virtual DatagramTransport Client + { + get { return client; } + } + + public virtual DatagramTransport Server + { + get { return server; } + } + + private class MockDatagramTransport + : DatagramTransport + { + private readonly MockDatagramAssociation mOuter; + + private IList receiveQueue, sendQueue; + + internal MockDatagramTransport(MockDatagramAssociation outer, IList receiveQueue, IList sendQueue) + { + this.mOuter = outer; + this.receiveQueue = receiveQueue; + this.sendQueue = sendQueue; + } + + public virtual int GetReceiveLimit() + { + return mOuter.mtu; + } + + public virtual int GetSendLimit() + { + return mOuter.mtu; + } + + public virtual int Receive(byte[] buf, int off, int len, int waitMillis) + { + lock (receiveQueue) + { + if (receiveQueue.Count < 1) + { + try + { + Monitor.Wait(receiveQueue, waitMillis); + } + catch (ThreadInterruptedException) + { + // TODO Keep waiting until full wait expired? + } + if (receiveQueue.Count < 1) + { + return -1; + } + } + byte[] packet = (byte[])receiveQueue[0]; + receiveQueue.RemoveAt(0); + int copyLength = System.Math.Min(len, packet.Length); + Array.Copy(packet, 0, buf, off, copyLength); + return copyLength; + } + } + + public virtual void Send(byte[] buf, int off, int len) + { + if (len > mOuter.mtu) + { + // TODO Simulate rejection? + } + + byte[] packet = Arrays.CopyOfRange(buf, off, off + len); + + lock (sendQueue) + { + sendQueue.Add(packet); + Monitor.PulseAll(sendQueue); + } + } + + public virtual void Close() + { + // TODO? + } + } + } +} diff --git a/BouncyCastle/crypto/test/src/crypto/tls/test/MockDtlsClient.cs b/BouncyCastle/crypto/test/src/crypto/tls/test/MockDtlsClient.cs new file mode 100644 index 0000000..43b987c --- /dev/null +++ b/BouncyCastle/crypto/test/src/crypto/tls/test/MockDtlsClient.cs @@ -0,0 +1,152 @@ +using System; +using System.Collections; +using System.IO; + +using Org.BouncyCastle.Asn1.X509; +using Org.BouncyCastle.Utilities; +using Org.BouncyCastle.Utilities.Encoders; + +namespace Org.BouncyCastle.Crypto.Tls.Tests +{ + public class MockDtlsClient + : DefaultTlsClient + { + protected TlsSession mSession; + + public MockDtlsClient(TlsSession session) + { + this.mSession = session; + } + + public override TlsSession GetSessionToResume() + { + return this.mSession; + } + + public override void NotifyAlertRaised(byte alertLevel, byte alertDescription, string message, Exception cause) + { + TextWriter output = (alertLevel == AlertLevel.fatal) ? Console.Error : Console.Out; + output.WriteLine("DTLS client raised alert: " + AlertLevel.GetText(alertLevel) + + ", " + AlertDescription.GetText(alertDescription)); + if (message != null) + { + output.WriteLine("> " + message); + } + if (cause != null) + { + output.WriteLine(cause); + } + } + + public override void NotifyAlertReceived(byte alertLevel, byte alertDescription) + { + TextWriter output = (alertLevel == AlertLevel.fatal) ? Console.Error : Console.Out; + output.WriteLine("DTLS client received alert: " + AlertLevel.GetText(alertLevel) + + ", " + AlertDescription.GetText(alertDescription)); + } + + public override ProtocolVersion ClientVersion + { + get { return ProtocolVersion.DTLSv12; } + } + + public override ProtocolVersion MinimumVersion + { + get { return ProtocolVersion.DTLSv10; } + } + + //public override int[] GetCipherSuites() + //{ + // return Arrays.Concatenate(base.GetCipherSuites(), + // new int[] + // { + // CipherSuite.DRAFT_TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256, + // }); + //} + + public override IDictionary GetClientExtensions() + { + IDictionary clientExtensions = TlsExtensionsUtilities.EnsureExtensionsInitialised(base.GetClientExtensions()); + TlsExtensionsUtilities.AddEncryptThenMacExtension(clientExtensions); + { + /* + * NOTE: If you are copying test code, do not blindly set these extensions in your own client. + */ + TlsExtensionsUtilities.AddMaxFragmentLengthExtension(clientExtensions, MaxFragmentLength.pow2_9); + TlsExtensionsUtilities.AddPaddingExtension(clientExtensions, mContext.SecureRandom.Next(16)); + TlsExtensionsUtilities.AddTruncatedHMacExtension(clientExtensions); + } + return clientExtensions; + } + + public override void NotifyServerVersion(ProtocolVersion serverVersion) + { + base.NotifyServerVersion(serverVersion); + + Console.WriteLine("Negotiated " + serverVersion); + } + + public override TlsAuthentication GetAuthentication() + { + return new MyTlsAuthentication(mContext); + } + + public override void NotifyHandshakeComplete() + { + base.NotifyHandshakeComplete(); + + TlsSession newSession = mContext.ResumableSession; + if (newSession != null) + { + byte[] newSessionID = newSession.SessionID; + string hex = Hex.ToHexString(newSessionID); + + if (this.mSession != null && Arrays.AreEqual(this.mSession.SessionID, newSessionID)) + { + Console.WriteLine("Resumed session: " + hex); + } + else + { + Console.WriteLine("Established session: " + hex); + } + + this.mSession = newSession; + } + } + + internal class MyTlsAuthentication + : TlsAuthentication + { + private readonly TlsContext mContext; + + internal MyTlsAuthentication(TlsContext context) + { + this.mContext = context; + } + + public virtual void NotifyServerCertificate(Certificate serverCertificate) + { + X509CertificateStructure[] chain = serverCertificate.GetCertificateList(); + Console.WriteLine("DTLS client received server certificate chain of length " + chain.Length); + for (int i = 0; i != chain.Length; i++) + { + X509CertificateStructure entry = chain[i]; + // TODO Create fingerprint based on certificate signature algorithm digest + Console.WriteLine(" fingerprint:SHA-256 " + TlsTestUtilities.Fingerprint(entry) + " (" + + entry.Subject + ")"); + } + } + + public virtual TlsCredentials GetClientCredentials(CertificateRequest certificateRequest) + { + byte[] certificateTypes = certificateRequest.CertificateTypes; + if (certificateTypes == null || !Arrays.Contains(certificateTypes, ClientCertificateType.rsa_sign)) + return null; + + return TlsTestUtilities.LoadSignerCredentials(mContext, + certificateRequest.SupportedSignatureAlgorithms, SignatureAlgorithm.rsa, + new string[]{ "x509-client-rsa.pem", "x509-ca-rsa.pem" }, "x509-client-key-rsa.pem"); + } + }; + } +} diff --git a/BouncyCastle/crypto/test/src/crypto/tls/test/MockDtlsServer.cs b/BouncyCastle/crypto/test/src/crypto/tls/test/MockDtlsServer.cs new file mode 100644 index 0000000..842cbba --- /dev/null +++ b/BouncyCastle/crypto/test/src/crypto/tls/test/MockDtlsServer.cs @@ -0,0 +1,97 @@ +using System; +using System.Collections; +using System.IO; + +using Org.BouncyCastle.Asn1.X509; +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Crypto.Tls.Tests +{ + public class MockDtlsServer + : DefaultTlsServer + { + public override void NotifyAlertRaised(byte alertLevel, byte alertDescription, string message, Exception cause) + { + TextWriter output = (alertLevel == AlertLevel.fatal) ? Console.Error : Console.Out; + output.WriteLine("DTLS server raised alert: " + AlertLevel.GetText(alertLevel) + + ", " + AlertDescription.GetText(alertDescription)); + if (message != null) + { + output.WriteLine("> " + message); + } + if (cause != null) + { + output.WriteLine(cause); + } + } + + public override void NotifyAlertReceived(byte alertLevel, byte alertDescription) + { + TextWriter output = (alertLevel == AlertLevel.fatal) ? Console.Error : Console.Out; + output.WriteLine("DTLS server received alert: " + AlertLevel.GetText(alertLevel) + + ", " + AlertDescription.GetText(alertDescription)); + } + + protected override int[] GetCipherSuites() + { + return Arrays.Concatenate(base.GetCipherSuites(), + new int[] + { + CipherSuite.DRAFT_TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256, + }); + } + + public override CertificateRequest GetCertificateRequest() + { + byte[] certificateTypes = new byte[]{ ClientCertificateType.rsa_sign, + ClientCertificateType.dss_sign, ClientCertificateType.ecdsa_sign }; + + IList serverSigAlgs = null; + if (TlsUtilities.IsSignatureAlgorithmsExtensionAllowed(mServerVersion)) + { + serverSigAlgs = TlsUtilities.GetDefaultSupportedSignatureAlgorithms(); + } + + IList certificateAuthorities = new ArrayList(); + certificateAuthorities.Add(TlsTestUtilities.LoadCertificateResource("x509-ca-rsa.pem").Subject); + + return new CertificateRequest(certificateTypes, serverSigAlgs, certificateAuthorities); + } + + public override void NotifyClientCertificate(Certificate clientCertificate) + { + X509CertificateStructure[] chain = clientCertificate.GetCertificateList(); + Console.WriteLine("DTLS server received client certificate chain of length " + chain.Length); + for (int i = 0; i != chain.Length; i++) + { + X509CertificateStructure entry = chain[i]; + // TODO Create fingerprint based on certificate signature algorithm digest + Console.WriteLine(" fingerprint:SHA-256 " + TlsTestUtilities.Fingerprint(entry) + " (" + + entry.Subject + ")"); + } + } + + protected override ProtocolVersion MaximumVersion + { + get { return ProtocolVersion.DTLSv12; } + } + + protected override ProtocolVersion MinimumVersion + { + get { return ProtocolVersion.DTLSv10; } + } + + protected override TlsEncryptionCredentials GetRsaEncryptionCredentials() + { + return TlsTestUtilities.LoadEncryptionCredentials(mContext, + new string[] { "x509-server-rsa-enc.pem", "x509-ca-rsa.pem" }, "x509-server-key-rsa-enc.pem"); + } + + protected override TlsSignerCredentials GetRsaSignerCredentials() + { + return TlsTestUtilities.LoadSignerCredentials(mContext, mSupportedSignatureAlgorithms, + SignatureAlgorithm.rsa, new string[]{ "x509-server-rsa-sign.pem", "x509-ca-rsa.pem" }, + "x509-server-key-rsa-sign.pem"); + } + } +} diff --git a/BouncyCastle/crypto/test/src/crypto/tls/test/MockPskTlsClient.cs b/BouncyCastle/crypto/test/src/crypto/tls/test/MockPskTlsClient.cs new file mode 100644 index 0000000..80ebb4d --- /dev/null +++ b/BouncyCastle/crypto/test/src/crypto/tls/test/MockPskTlsClient.cs @@ -0,0 +1,132 @@ +using System; +using System.Collections; +using System.IO; + +using Org.BouncyCastle.Asn1.X509; +using Org.BouncyCastle.Utilities; +using Org.BouncyCastle.Utilities.Encoders; + +namespace Org.BouncyCastle.Crypto.Tls.Tests +{ + internal class MockPskTlsClient + : PskTlsClient + { + internal TlsSession mSession; + + internal MockPskTlsClient(TlsSession session) + : this(session, new BasicTlsPskIdentity("client", Strings.ToUtf8ByteArray("TLS_TEST_PSK"))) + { + } + + internal MockPskTlsClient(TlsSession session, TlsPskIdentity pskIdentity) + : base(pskIdentity) + { + this.mSession = session; + } + + public override TlsSession GetSessionToResume() + { + return this.mSession; + } + + public override void NotifyAlertRaised(byte alertLevel, byte alertDescription, string message, Exception cause) + { + TextWriter output = (alertLevel == AlertLevel.fatal) ? Console.Error : Console.Out; + output.WriteLine("TLS-PSK client raised alert: " + AlertLevel.GetText(alertLevel) + + ", " + AlertDescription.GetText(alertDescription)); + if (message != null) + { + output.WriteLine("> " + message); + } + if (cause != null) + { + output.WriteLine(cause); + } + } + + public override void NotifyAlertReceived(byte alertLevel, byte alertDescription) + { + TextWriter output = (alertLevel == AlertLevel.fatal) ? Console.Error : Console.Out; + output.WriteLine("TLS-PSK client received alert: " + AlertLevel.GetText(alertLevel) + + ", " + AlertDescription.GetText(alertDescription)); + } + + public override void NotifyHandshakeComplete() + { + base.NotifyHandshakeComplete(); + + TlsSession newSession = mContext.ResumableSession; + if (newSession != null) + { + byte[] newSessionID = newSession.SessionID; + string hex = Hex.ToHexString(newSessionID); + + if (this.mSession != null && Arrays.AreEqual(this.mSession.SessionID, newSessionID)) + { + Console.WriteLine("Resumed session: " + hex); + } + else + { + Console.WriteLine("Established session: " + hex); + } + + this.mSession = newSession; + } + } + + public override int[] GetCipherSuites() + { + return new int[]{ CipherSuite.TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384, + CipherSuite.TLS_DHE_PSK_WITH_AES_256_CBC_SHA384, CipherSuite.TLS_RSA_PSK_WITH_AES_256_CBC_SHA384, + CipherSuite.TLS_PSK_WITH_AES_256_CBC_SHA }; + } + + public override ProtocolVersion MinimumVersion + { + get { return ProtocolVersion.TLSv12; } + } + + public override IDictionary GetClientExtensions() + { + IDictionary clientExtensions = TlsExtensionsUtilities.EnsureExtensionsInitialised(base.GetClientExtensions()); + TlsExtensionsUtilities.AddEncryptThenMacExtension(clientExtensions); + return clientExtensions; + } + + public override void NotifyServerVersion(ProtocolVersion serverVersion) + { + base.NotifyServerVersion(serverVersion); + + Console.WriteLine("TLS-PSK client negotiated " + serverVersion); + } + + public override TlsAuthentication GetAuthentication() + { + return new MyTlsAuthentication(mContext); + } + + internal class MyTlsAuthentication + : ServerOnlyTlsAuthentication + { + private readonly TlsContext mContext; + + internal MyTlsAuthentication(TlsContext context) + { + this.mContext = context; + } + + public override void NotifyServerCertificate(Certificate serverCertificate) + { + X509CertificateStructure[] chain = serverCertificate.GetCertificateList(); + Console.WriteLine("TLS-PSK client received server certificate chain of length " + chain.Length); + for (int i = 0; i != chain.Length; i++) + { + X509CertificateStructure entry = chain[i]; + // TODO Create fingerprint based on certificate signature algorithm digest + Console.WriteLine(" fingerprint:SHA-256 " + TlsTestUtilities.Fingerprint(entry) + " (" + + entry.Subject + ")"); + } + } + }; + } +} diff --git a/BouncyCastle/crypto/test/src/crypto/tls/test/MockPskTlsServer.cs b/BouncyCastle/crypto/test/src/crypto/tls/test/MockPskTlsServer.cs new file mode 100644 index 0000000..3a68602 --- /dev/null +++ b/BouncyCastle/crypto/test/src/crypto/tls/test/MockPskTlsServer.cs @@ -0,0 +1,105 @@ +using System; +using System.Collections; +using System.IO; + +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Crypto.Tls.Tests +{ + internal class MockPskTlsServer + : PskTlsServer + { + internal MockPskTlsServer() + : base(new MyIdentityManager()) + { + } + + public override void NotifyAlertRaised(byte alertLevel, byte alertDescription, string message, Exception cause) + { + TextWriter output = (alertLevel == AlertLevel.fatal) ? Console.Error : Console.Out; + output.WriteLine("TLS-PSK server raised alert: " + AlertLevel.GetText(alertLevel) + + ", " + AlertDescription.GetText(alertDescription)); + if (message != null) + { + output.WriteLine("> " + message); + } + if (cause != null) + { + output.WriteLine(cause); + } + } + + public override void NotifyAlertReceived(byte alertLevel, byte alertDescription) + { + TextWriter output = (alertLevel == AlertLevel.fatal) ? Console.Error : Console.Out; + output.WriteLine("TLS-PSK server received alert: " + AlertLevel.GetText(alertLevel) + + ", " + AlertDescription.GetText(alertDescription)); + } + + public override void NotifyHandshakeComplete() + { + base.NotifyHandshakeComplete(); + + byte[] pskIdentity = mContext.SecurityParameters.PskIdentity; + if (pskIdentity != null) + { + string name = Strings.FromUtf8ByteArray(pskIdentity); + Console.WriteLine("TLS-PSK server completed handshake for PSK identity: " + name); + } + } + + protected override int[] GetCipherSuites() + { + return new int[]{ CipherSuite.TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384, + CipherSuite.TLS_DHE_PSK_WITH_AES_256_CBC_SHA384, CipherSuite.TLS_RSA_PSK_WITH_AES_256_CBC_SHA384, + CipherSuite.TLS_PSK_WITH_AES_256_CBC_SHA }; + } + + protected override ProtocolVersion MaximumVersion + { + get { return ProtocolVersion.TLSv12; } + } + + protected override ProtocolVersion MinimumVersion + { + get { return ProtocolVersion.TLSv12; } + } + + public override ProtocolVersion GetServerVersion() + { + ProtocolVersion serverVersion = base.GetServerVersion(); + + Console.WriteLine("TLS-PSK server negotiated " + serverVersion); + + return serverVersion; + } + + protected override TlsEncryptionCredentials GetRsaEncryptionCredentials() + { + return TlsTestUtilities.LoadEncryptionCredentials(mContext, + new string[]{ "x509-server-rsa-enc.pem", "x509-ca-rsa.pem"}, "x509-server-key-rsa-enc.pem"); + } + + internal class MyIdentityManager + : TlsPskIdentityManager + { + public virtual byte[] GetHint() + { + return Strings.ToUtf8ByteArray("hint"); + } + + public virtual byte[] GetPsk(byte[] identity) + { + if (identity != null) + { + string name = Strings.FromUtf8ByteArray(identity); + if (name.Equals("client")) + { + return Strings.ToUtf8ByteArray("TLS_TEST_PSK"); + } + } + return null; + } + } + } +} diff --git a/BouncyCastle/crypto/test/src/crypto/tls/test/MockSrpTlsClient.cs b/BouncyCastle/crypto/test/src/crypto/tls/test/MockSrpTlsClient.cs new file mode 100644 index 0000000..8a6b9f4 --- /dev/null +++ b/BouncyCastle/crypto/test/src/crypto/tls/test/MockSrpTlsClient.cs @@ -0,0 +1,120 @@ +using System; +using System.Collections; +using System.IO; + +using Org.BouncyCastle.Asn1.X509; +using Org.BouncyCastle.Utilities; +using Org.BouncyCastle.Utilities.Encoders; + +namespace Org.BouncyCastle.Crypto.Tls.Tests +{ + internal class MockSrpTlsClient + : SrpTlsClient + { + internal TlsSession mSession; + + internal MockSrpTlsClient(TlsSession session, byte[] identity, byte[] password) + : base(identity, password) + { + this.mSession = session; + } + + public override TlsSession GetSessionToResume() + { + return this.mSession; + } + + public override void NotifyAlertRaised(byte alertLevel, byte alertDescription, string message, Exception cause) + { + TextWriter output = (alertLevel == AlertLevel.fatal) ? Console.Error : Console.Out; + output.WriteLine("TLS-SRP client raised alert: " + AlertLevel.GetText(alertLevel) + + ", " + AlertDescription.GetText(alertDescription)); + if (message != null) + { + output.WriteLine("> " + message); + } + if (cause != null) + { + output.WriteLine(cause); + } + } + + public override void NotifyAlertReceived(byte alertLevel, byte alertDescription) + { + TextWriter output = (alertLevel == AlertLevel.fatal) ? Console.Error : Console.Out; + output.WriteLine("TLS-SRP client received alert: " + AlertLevel.GetText(alertLevel) + + ", " + AlertDescription.GetText(alertDescription)); + } + + public override void NotifyHandshakeComplete() + { + base.NotifyHandshakeComplete(); + + TlsSession newSession = mContext.ResumableSession; + if (newSession != null) + { + byte[] newSessionID = newSession.SessionID; + string hex = Hex.ToHexString(newSessionID); + + if (this.mSession != null && Arrays.AreEqual(this.mSession.SessionID, newSessionID)) + { + Console.WriteLine("Resumed session: " + hex); + } + else + { + Console.WriteLine("Established session: " + hex); + } + + this.mSession = newSession; + } + } + + public override ProtocolVersion MinimumVersion + { + get { return ProtocolVersion.TLSv12; } + } + + public override IDictionary GetClientExtensions() + { + IDictionary clientExtensions = TlsExtensionsUtilities.EnsureExtensionsInitialised(base.GetClientExtensions()); + TlsExtensionsUtilities.AddEncryptThenMacExtension(clientExtensions); + return clientExtensions; + } + + public override void NotifyServerVersion(ProtocolVersion serverVersion) + { + base.NotifyServerVersion(serverVersion); + + Console.WriteLine("TLS-SRP client negotiated " + serverVersion); + } + + public override TlsAuthentication GetAuthentication() + { + return new MyTlsAuthentication(mContext); + } + + internal class MyTlsAuthentication + : ServerOnlyTlsAuthentication + { + private readonly TlsContext mContext; + + internal MyTlsAuthentication(TlsContext context) + { + this.mContext = context; + } + + public override void NotifyServerCertificate(Certificate serverCertificate) + { + X509CertificateStructure[] chain = serverCertificate.GetCertificateList(); + Console.WriteLine("TLS-SRP client received server certificate chain of length " + chain.Length); + for (int i = 0; i != chain.Length; i++) + { + X509CertificateStructure entry = chain[i]; + // TODO Create fingerprint based on certificate signature algorithm digest + Console.WriteLine(" fingerprint:SHA-256 " + TlsTestUtilities.Fingerprint(entry) + " (" + + entry.Subject + ")"); + } + } + }; + } +} diff --git a/BouncyCastle/crypto/test/src/crypto/tls/test/MockSrpTlsServer.cs b/BouncyCastle/crypto/test/src/crypto/tls/test/MockSrpTlsServer.cs new file mode 100644 index 0000000..61a86d3 --- /dev/null +++ b/BouncyCastle/crypto/test/src/crypto/tls/test/MockSrpTlsServer.cs @@ -0,0 +1,115 @@ +using System; +using System.Collections; +using System.IO; + +using Org.BouncyCastle.Crypto.Agreement.Srp; +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Math; +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Crypto.Tls.Tests +{ + internal class MockSrpTlsServer + : SrpTlsServer + { + internal static readonly Srp6GroupParameters TEST_GROUP = Srp6StandardGroups.rfc5054_1024; + internal static readonly byte[] TEST_IDENTITY = Strings.ToUtf8ByteArray("client"); + internal static readonly byte[] TEST_PASSWORD = Strings.ToUtf8ByteArray("password"); + internal static readonly byte[] TEST_SALT = Strings.ToUtf8ByteArray("salt"); + internal static readonly byte[] TEST_SEED_KEY = Strings.ToUtf8ByteArray("seed_key"); + + internal MockSrpTlsServer() + : base(new MyIdentityManager()) + { + } + + public override void NotifyAlertRaised(byte alertLevel, byte alertDescription, string message, Exception cause) + { + TextWriter output = (alertLevel == AlertLevel.fatal) ? Console.Error : Console.Out; + output.WriteLine("TLS-SRP server raised alert: " + AlertLevel.GetText(alertLevel) + + ", " + AlertDescription.GetText(alertDescription)); + if (message != null) + { + output.WriteLine("> " + message); + } + if (cause != null) + { + output.WriteLine(cause); + } + } + + public override void NotifyAlertReceived(byte alertLevel, byte alertDescription) + { + TextWriter output = (alertLevel == AlertLevel.fatal) ? Console.Error : Console.Out; + output.WriteLine("TLS-SRP server received alert: " + AlertLevel.GetText(alertLevel) + + ", " + AlertDescription.GetText(alertDescription)); + } + + public override void NotifyHandshakeComplete() + { + base.NotifyHandshakeComplete(); + + byte[] srpIdentity = mContext.SecurityParameters.SrpIdentity; + if (srpIdentity != null) + { + string name = Strings.FromUtf8ByteArray(srpIdentity); + Console.WriteLine("TLS-SRP server completed handshake for SRP identity: " + name); + } + } + + protected override ProtocolVersion MaximumVersion + { + get { return ProtocolVersion.TLSv12; } + } + + protected override ProtocolVersion MinimumVersion + { + get { return ProtocolVersion.TLSv12; } + } + + public override ProtocolVersion GetServerVersion() + { + ProtocolVersion serverVersion = base.GetServerVersion(); + + Console.WriteLine("TLS-SRP server negotiated " + serverVersion); + + return serverVersion; + } + + protected override TlsSignerCredentials GetDsaSignerCredentials() + { + return TlsTestUtilities.LoadSignerCredentials(mContext, mSupportedSignatureAlgorithms, + SignatureAlgorithm.dsa, new string[] { "x509-server-dsa.pem", "x509-ca-dsa.pem" }, + "x509-server-key-dsa.pem"); + } + + protected override TlsSignerCredentials GetRsaSignerCredentials() + { + return TlsTestUtilities.LoadSignerCredentials(mContext, mSupportedSignatureAlgorithms, + SignatureAlgorithm.rsa, new string[] { "x509-server-rsa-sign.pem", "x509-ca-rsa.pem" }, + "x509-server-key-rsa-sign.pem"); + } + + internal class MyIdentityManager + : TlsSrpIdentityManager + { + protected SimulatedTlsSrpIdentityManager unknownIdentityManager = SimulatedTlsSrpIdentityManager.GetRfc5054Default( + TEST_GROUP, TEST_SEED_KEY); + + public virtual TlsSrpLoginParameters GetLoginParameters(byte[] identity) + { + if (Arrays.AreEqual(TEST_IDENTITY, identity)) + { + Srp6VerifierGenerator verifierGenerator = new Srp6VerifierGenerator(); + verifierGenerator.Init(TEST_GROUP, TlsUtilities.CreateHash(HashAlgorithm.sha1)); + + BigInteger verifier = verifierGenerator.GenerateVerifier(TEST_SALT, identity, TEST_PASSWORD); + + return new TlsSrpLoginParameters(TEST_GROUP, verifier, TEST_SALT); + } + + return unknownIdentityManager.GetLoginParameters(identity); + } + } + } +} diff --git a/BouncyCastle/crypto/test/src/crypto/tls/test/MockTlsClient.cs b/BouncyCastle/crypto/test/src/crypto/tls/test/MockTlsClient.cs new file mode 100644 index 0000000..cdf727c --- /dev/null +++ b/BouncyCastle/crypto/test/src/crypto/tls/test/MockTlsClient.cs @@ -0,0 +1,142 @@ +using System; +using System.Collections; +using System.IO; + +using Org.BouncyCastle.Asn1.X509; +using Org.BouncyCastle.Utilities; +using Org.BouncyCastle.Utilities.Encoders; + +namespace Org.BouncyCastle.Crypto.Tls.Tests +{ + internal class MockTlsClient + : DefaultTlsClient + { + internal TlsSession mSession; + + internal MockTlsClient(TlsSession session) + { + this.mSession = session; + } + + public override TlsSession GetSessionToResume() + { + return this.mSession; + } + + public override void NotifyAlertRaised(byte alertLevel, byte alertDescription, string message, Exception cause) + { + TextWriter output = (alertLevel == AlertLevel.fatal) ? Console.Error : Console.Out; + output.WriteLine("TLS client raised alert: " + AlertLevel.GetText(alertLevel) + + ", " + AlertDescription.GetText(alertDescription)); + if (message != null) + { + output.WriteLine("> " + message); + } + if (cause != null) + { + output.WriteLine(cause); + } + } + + public override void NotifyAlertReceived(byte alertLevel, byte alertDescription) + { + TextWriter output = (alertLevel == AlertLevel.fatal) ? Console.Error : Console.Out; + output.WriteLine("TLS client received alert: " + AlertLevel.GetText(alertLevel) + + ", " + AlertDescription.GetText(alertDescription)); + } + + //public override int[] GetCipherSuites() + //{ + // return Arrays.Concatenate(base.GetCipherSuites(), + // new int[] + // { + // CipherSuite.DRAFT_TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256, + // }); + //} + + public override IDictionary GetClientExtensions() + { + IDictionary clientExtensions = TlsExtensionsUtilities.EnsureExtensionsInitialised(base.GetClientExtensions()); + TlsExtensionsUtilities.AddEncryptThenMacExtension(clientExtensions); + { + /* + * NOTE: If you are copying test code, do not blindly set these extensions in your own client. + */ + TlsExtensionsUtilities.AddMaxFragmentLengthExtension(clientExtensions, MaxFragmentLength.pow2_9); + TlsExtensionsUtilities.AddPaddingExtension(clientExtensions, mContext.SecureRandom.Next(16)); + TlsExtensionsUtilities.AddTruncatedHMacExtension(clientExtensions); + } + return clientExtensions; + } + + public override void NotifyServerVersion(ProtocolVersion serverVersion) + { + base.NotifyServerVersion(serverVersion); + + Console.WriteLine("TLS client negotiated " + serverVersion); + } + + public override TlsAuthentication GetAuthentication() + { + return new MyTlsAuthentication(mContext); + } + + public override void NotifyHandshakeComplete() + { + base.NotifyHandshakeComplete(); + + TlsSession newSession = mContext.ResumableSession; + if (newSession != null) + { + byte[] newSessionID = newSession.SessionID; + string hex = Hex.ToHexString(newSessionID); + + if (this.mSession != null && Arrays.AreEqual(this.mSession.SessionID, newSessionID)) + { + Console.WriteLine("Resumed session: " + hex); + } + else + { + Console.WriteLine("Established session: " + hex); + } + + this.mSession = newSession; + } + } + + internal class MyTlsAuthentication + : TlsAuthentication + { + private readonly TlsContext mContext; + + internal MyTlsAuthentication(TlsContext context) + { + this.mContext = context; + } + + public virtual void NotifyServerCertificate(Certificate serverCertificate) + { + X509CertificateStructure[] chain = serverCertificate.GetCertificateList(); + Console.WriteLine("TLS client received server certificate chain of length " + chain.Length); + for (int i = 0; i != chain.Length; i++) + { + X509CertificateStructure entry = chain[i]; + // TODO Create fingerprint based on certificate signature algorithm digest + Console.WriteLine(" fingerprint:SHA-256 " + TlsTestUtilities.Fingerprint(entry) + " (" + + entry.Subject + ")"); + } + } + + public virtual TlsCredentials GetClientCredentials(CertificateRequest certificateRequest) + { + byte[] certificateTypes = certificateRequest.CertificateTypes; + if (certificateTypes == null || !Arrays.Contains(certificateTypes, ClientCertificateType.rsa_sign)) + return null; + + return TlsTestUtilities.LoadSignerCredentials(mContext, + certificateRequest.SupportedSignatureAlgorithms, SignatureAlgorithm.rsa, + new string[]{ "x509-client-rsa.pem", "x509-ca-rsa.pem" }, "x509-client-key-rsa.pem"); + } + }; + } +} diff --git a/BouncyCastle/crypto/test/src/crypto/tls/test/MockTlsServer.cs b/BouncyCastle/crypto/test/src/crypto/tls/test/MockTlsServer.cs new file mode 100644 index 0000000..5911607 --- /dev/null +++ b/BouncyCastle/crypto/test/src/crypto/tls/test/MockTlsServer.cs @@ -0,0 +1,101 @@ +using System; +using System.Collections; +using System.IO; + +using Org.BouncyCastle.Asn1.X509; +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Crypto.Tls.Tests +{ + internal class MockTlsServer + : DefaultTlsServer + { + public override void NotifyAlertRaised(byte alertLevel, byte alertDescription, string message, Exception cause) + { + TextWriter output = (alertLevel == AlertLevel.fatal) ? Console.Error : Console.Out; + output.WriteLine("TLS server raised alert: " + AlertLevel.GetText(alertLevel) + + ", " + AlertDescription.GetText(alertDescription)); + if (message != null) + { + output.WriteLine("> " + message); + } + if (cause != null) + { + output.WriteLine(cause); + } + } + + public override void NotifyAlertReceived(byte alertLevel, byte alertDescription) + { + TextWriter output = (alertLevel == AlertLevel.fatal) ? Console.Error : Console.Out; + output.WriteLine("TLS server received alert: " + AlertLevel.GetText(alertLevel) + + ", " + AlertDescription.GetText(alertDescription)); + } + + protected override int[] GetCipherSuites() + { + return Arrays.Concatenate(base.GetCipherSuites(), + new int[] + { + CipherSuite.DRAFT_TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256, + }); + } + + protected override ProtocolVersion MaximumVersion + { + get { return ProtocolVersion.TLSv12; } + } + + public override ProtocolVersion GetServerVersion() + { + ProtocolVersion serverVersion = base.GetServerVersion(); + + Console.WriteLine("TLS server negotiated " + serverVersion); + + return serverVersion; + } + + public override CertificateRequest GetCertificateRequest() + { + byte[] certificateTypes = new byte[]{ ClientCertificateType.rsa_sign, + ClientCertificateType.dss_sign, ClientCertificateType.ecdsa_sign }; + + IList serverSigAlgs = null; + if (TlsUtilities.IsSignatureAlgorithmsExtensionAllowed(mServerVersion)) + { + serverSigAlgs = TlsUtilities.GetDefaultSupportedSignatureAlgorithms(); + } + + IList certificateAuthorities = new ArrayList(); + certificateAuthorities.Add(TlsTestUtilities.LoadCertificateResource("x509-ca-rsa.pem").Subject); + + return new CertificateRequest(certificateTypes, serverSigAlgs, certificateAuthorities); + } + + public override void NotifyClientCertificate(Certificate clientCertificate) + { + X509CertificateStructure[] chain = clientCertificate.GetCertificateList(); + Console.WriteLine("TLS server received client certificate chain of length " + chain.Length); + for (int i = 0; i != chain.Length; i++) + { + X509CertificateStructure entry = chain[i]; + // TODO Create fingerprint based on certificate signature algorithm digest + Console.WriteLine(" fingerprint:SHA-256 " + TlsTestUtilities.Fingerprint(entry) + " (" + + entry.Subject + ")"); + } + } + + protected override TlsEncryptionCredentials GetRsaEncryptionCredentials() + { + return TlsTestUtilities.LoadEncryptionCredentials(mContext, + new string[]{ "x509-server-rsa-enc.pem", "x509-ca-rsa.pem" }, "x509-server-key-rsa-enc.pem"); + } + + protected override TlsSignerCredentials GetRsaSignerCredentials() + { + return TlsTestUtilities.LoadSignerCredentials(mContext, mSupportedSignatureAlgorithms, + SignatureAlgorithm.rsa, new string[]{ "x509-server-rsa-sign.pem", "x509-ca-rsa.pem" }, + "x509-server-key-rsa-sign.pem"); + } + } +} diff --git a/BouncyCastle/crypto/test/src/crypto/tls/test/NetworkStream.cs b/BouncyCastle/crypto/test/src/crypto/tls/test/NetworkStream.cs new file mode 100644 index 0000000..c20101c --- /dev/null +++ b/BouncyCastle/crypto/test/src/crypto/tls/test/NetworkStream.cs @@ -0,0 +1,101 @@ +using System; +using System.IO; + +namespace Org.BouncyCastle.Crypto.Tls.Tests +{ + internal class NetworkStream + : Stream + { + private readonly Stream mInner; + private bool mClosed = false; + + internal NetworkStream(Stream inner) + { + this.mInner = inner; + } + + internal virtual bool IsClosed + { + get { lock (this) return mClosed; } + } + + public override bool CanRead + { + get { return mInner.CanRead; } + } + + public override bool CanSeek + { + get { return mInner.CanSeek; } + } + + public override bool CanWrite + { + get { return mInner.CanWrite; } + } + + public override void Close() + { + lock (this) mClosed = true; + } + + public override void Flush() + { + mInner.Flush(); + } + + public override long Length + { + get { return mInner.Length; } + } + + public override long Position + { + get { return mInner.Position; } + set { mInner.Position = value; } + } + + public override long Seek(long offset, SeekOrigin origin) + { + return mInner.Seek(offset, origin); + } + + public override void SetLength(long value) + { + mInner.SetLength(value); + } + + public override int Read(byte[] buffer, int offset, int count) + { + CheckNotClosed(); + return mInner.Read(buffer, offset, count); + } + + public override int ReadByte() + { + CheckNotClosed(); + return mInner.ReadByte(); + } + + public override void Write(byte[] buf, int off, int len) + { + CheckNotClosed(); + mInner.Write(buf, off, len); + } + + public override void WriteByte(byte value) + { + CheckNotClosed(); + mInner.WriteByte(value); + } + + private void CheckNotClosed() + { + lock (this) + { + if (mClosed) + throw new ObjectDisposedException(this.GetType().Name); + } + } + } +} diff --git a/BouncyCastle/crypto/test/src/crypto/tls/test/PipedStream.cs b/BouncyCastle/crypto/test/src/crypto/tls/test/PipedStream.cs new file mode 100644 index 0000000..cfff4b8 --- /dev/null +++ b/BouncyCastle/crypto/test/src/crypto/tls/test/PipedStream.cs @@ -0,0 +1,134 @@ +using System; +using System.IO; +using System.Threading; + +namespace Org.BouncyCastle.Crypto.Tls.Tests +{ + internal class PipedStream + : Stream + { + private readonly MemoryStream mBuf = new MemoryStream(); + private bool mClosed = false; + + private PipedStream mOther = null; + private long mReadPos = 0; + + internal PipedStream() + { + } + + internal PipedStream(PipedStream other) + { + lock (other) + { + this.mOther = other; + other.mOther = this; + } + } + + public override bool CanRead + { + get { return true; } + } + + public override bool CanSeek + { + get { return false; } + } + + public override bool CanWrite + { + get { return true; } + } + + public override void Close() + { + lock (this) + { + mClosed = true; + Monitor.PulseAll(this); + } + } + + public override void Flush() + { + } + + public override long Length + { + get { throw new NotImplementedException(); } + } + + public override long Position + { + get { throw new NotImplementedException(); } + set { throw new NotImplementedException(); } + } + + public override long Seek(long offset, SeekOrigin origin) + { + throw new NotImplementedException(); + } + + public override void SetLength(long value) + { + throw new NotImplementedException(); + } + + public override int Read(byte[] buffer, int offset, int count) + { + lock (mOther) + { + WaitForData(); + int len = (int)System.Math.Min(count, mOther.mBuf.Position - mReadPos); + Array.Copy(mOther.mBuf.GetBuffer(), mReadPos, buffer, offset, len); + mReadPos += len; + return len; + } + } + + public override int ReadByte() + { + lock (mOther) + { + WaitForData(); + bool eof = (mReadPos >= mOther.mBuf.Position); + return eof ? -1 : mOther.mBuf.GetBuffer()[mReadPos++]; + } + } + + public override void Write(byte[] buf, int off, int len) + { + lock (this) + { + CheckOpen(); + mBuf.Write(buf, off, len); + Monitor.PulseAll(this); + } + } + + public override void WriteByte(byte value) + { + lock (this) + { + CheckOpen(); + mBuf.WriteByte(value); + Monitor.PulseAll(mBuf); + } + } + + private void CheckOpen() + { + if (mClosed) + throw new ObjectDisposedException(this.GetType().Name); + } + + private void WaitForData() + { + while (mReadPos >= mOther.mBuf.Position && !mOther.mClosed) + { + Monitor.Wait(mOther); + } + } + } +} diff --git a/BouncyCastle/crypto/test/src/crypto/tls/test/PskTlsClientTest.cs b/BouncyCastle/crypto/test/src/crypto/tls/test/PskTlsClientTest.cs new file mode 100644 index 0000000..a8c5b47 --- /dev/null +++ b/BouncyCastle/crypto/test/src/crypto/tls/test/PskTlsClientTest.cs @@ -0,0 +1,84 @@ +using System; +using System.IO; +using System.Net.Sockets; +using System.Text; + +using Org.BouncyCastle.Security; +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Crypto.Tls.Tests +{ + /** + * A simple test designed to conduct a TLS handshake with an external TLS server. + *

    + * Please refer to GnuTLSSetup.html or OpenSSLSetup.html (under 'docs'), and x509-*.pem files in + * this package (under 'src/test/resources') for help configuring an external TLS server. + *

    + * In both cases, extra options are required to enable PSK ciphersuites and configure identities/keys. + *

    + */ + public class PskTlsClientTest + { + private static readonly SecureRandom secureRandom = new SecureRandom(); + + public static void Main(string[] args) + { + string hostname = "localhost"; + int port = 5556; + + long time1 = DateTime.UtcNow.Ticks; + + /* + * Note: This is the default PSK identity for 'openssl s_server' testing, the server must be + * started with "-psk 6161616161" to make the keys match, and possibly the "-psk_hint" + * option should be present. + */ + //string psk_identity = "Client_identity"; + //byte[] psk = new byte[]{ 0x61, 0x61, 0x61, 0x61, 0x61 }; + + // These correspond to the configuration of MockPskTlsServer + string psk_identity = "client"; + byte[] psk = Strings.ToUtf8ByteArray("TLS_TEST_PSK"); + + BasicTlsPskIdentity pskIdentity = new BasicTlsPskIdentity(psk_identity, psk); + + MockPskTlsClient client = new MockPskTlsClient(null, pskIdentity); + TlsClientProtocol protocol = OpenTlsConnection(hostname, port, client); + protocol.Close(); + + long time2 = DateTime.UtcNow.Ticks; + Console.WriteLine("Elapsed 1: " + (time2 - time1)/TimeSpan.TicksPerMillisecond + "ms"); + + client = new MockPskTlsClient(client.GetSessionToResume(), pskIdentity); + protocol = OpenTlsConnection(hostname, port, client); + + long time3 = DateTime.UtcNow.Ticks; + Console.WriteLine("Elapsed 2: " + (time3 - time2)/TimeSpan.TicksPerMillisecond + "ms"); + + byte[] req = Encoding.UTF8.GetBytes("GET / HTTP/1.1\r\n\r\n"); + + Stream tlsStream = protocol.Stream; + tlsStream.Write(req, 0, req.Length); + tlsStream.Flush(); + + StreamReader reader = new StreamReader(tlsStream); + + String line; + while ((line = reader.ReadLine()) != null) + { + Console.WriteLine(">>> " + line); + } + + protocol.Close(); + } + + internal static TlsClientProtocol OpenTlsConnection(string hostname, int port, TlsClient client) + { + TcpClient tcp = new TcpClient(hostname, port); + + TlsClientProtocol protocol = new TlsClientProtocol(tcp.GetStream(), secureRandom); + protocol.Connect(client); + return protocol; + } + } +} diff --git a/BouncyCastle/crypto/test/src/crypto/tls/test/PskTlsServerTest.cs b/BouncyCastle/crypto/test/src/crypto/tls/test/PskTlsServerTest.cs new file mode 100644 index 0000000..15766f0 --- /dev/null +++ b/BouncyCastle/crypto/test/src/crypto/tls/test/PskTlsServerTest.cs @@ -0,0 +1,85 @@ +using System; +using System.IO; +using System.Net; +using System.Net.Sockets; +using System.Threading; + +using Org.BouncyCastle.Security; +using Org.BouncyCastle.Utilities.IO; + +namespace Org.BouncyCastle.Crypto.Tls.Tests +{ + /** + * A simple test designed to conduct a TLS handshake with an external TLS client. + *

    + * Please refer to GnuTLSSetup.html or OpenSSLSetup.html (under 'docs'), and x509-*.pem files in + * this package (under 'src/test/resources') for help configuring an external TLS client. + */ + public class PskTlsServerTest + { + private static readonly SecureRandom secureRandom = new SecureRandom(); + + public static void Main(string[] args) + { + int port = 5556; + + TcpListener ss = new TcpListener(IPAddress.Any, port); + ss.Start(); + Stream stdout = Console.OpenStandardOutput(); + try + { + while (true) + { + TcpClient s = ss.AcceptTcpClient(); + Console.WriteLine("--------------------------------------------------------------------------------"); + Console.WriteLine("Accepted " + s); + ServerThread st = new ServerThread(s, stdout); + Thread t = new Thread(new ThreadStart(st.Run)); + t.Start(); + } + } + finally + { + ss.Stop(); + } + } + + internal class ServerThread + { + private readonly TcpClient s; + private readonly Stream stdout; + + internal ServerThread(TcpClient s, Stream stdout) + { + this.s = s; + this.stdout = stdout; + } + + public void Run() + { + try + { + MockPskTlsServer server = new MockPskTlsServer(); + TlsServerProtocol serverProtocol = new TlsServerProtocol(s.GetStream(), secureRandom); + serverProtocol.Accept(server); + Stream log = new TeeOutputStream(serverProtocol.Stream, stdout); + Streams.PipeAll(serverProtocol.Stream, log); + serverProtocol.Close(); + } + finally + { + try + { + s.Close(); + } + catch (IOException) + { + } + finally + { + } + } + } + } + } +} diff --git a/BouncyCastle/crypto/test/src/crypto/tls/test/TlsClientTest.cs b/BouncyCastle/crypto/test/src/crypto/tls/test/TlsClientTest.cs new file mode 100644 index 0000000..c9a5ef9 --- /dev/null +++ b/BouncyCastle/crypto/test/src/crypto/tls/test/TlsClientTest.cs @@ -0,0 +1,66 @@ +using System; +using System.IO; +using System.Net.Sockets; +using System.Text; + +using Org.BouncyCastle.Security; + +namespace Org.BouncyCastle.Crypto.Tls.Tests +{ + /** + * A simple test designed to conduct a TLS handshake with an external TLS server. + *

    + * Please refer to GnuTLSSetup.html or OpenSSLSetup.html (under 'docs'), and x509-*.pem files in + * this package (under 'src/test/resources') for help configuring an external TLS server. + */ + public class TlsClientTest + { + private static readonly SecureRandom secureRandom = new SecureRandom(); + + public static void Main(string[] args) + { + string hostname = "localhost"; + int port = 5556; + + long time1 = DateTime.UtcNow.Ticks; + + MockTlsClient client = new MockTlsClient(null); + TlsClientProtocol protocol = OpenTlsConnection(hostname, port, client); + protocol.Close(); + + long time2 = DateTime.UtcNow.Ticks; + Console.WriteLine("Elapsed 1: " + (time2 - time1)/TimeSpan.TicksPerMillisecond + "ms"); + + client = new MockTlsClient(client.GetSessionToResume()); + protocol = OpenTlsConnection(hostname, port, client); + + long time3 = DateTime.UtcNow.Ticks; + Console.WriteLine("Elapsed 2: " + (time3 - time2)/TimeSpan.TicksPerMillisecond + "ms"); + + byte[] req = Encoding.UTF8.GetBytes("GET / HTTP/1.1\r\n\r\n"); + + Stream tlsStream = protocol.Stream; + tlsStream.Write(req, 0, req.Length); + tlsStream.Flush(); + + StreamReader reader = new StreamReader(tlsStream); + + String line; + while ((line = reader.ReadLine()) != null) + { + Console.WriteLine(">>> " + line); + } + + protocol.Close(); + } + + internal static TlsClientProtocol OpenTlsConnection(string hostname, int port, TlsClient client) + { + TcpClient tcp = new TcpClient(hostname, port); + + TlsClientProtocol protocol = new TlsClientProtocol(tcp.GetStream(), secureRandom); + protocol.Connect(client); + return protocol; + } + } +} diff --git a/BouncyCastle/crypto/test/src/crypto/tls/test/TlsProtocolNonBlockingTest.cs b/BouncyCastle/crypto/test/src/crypto/tls/test/TlsProtocolNonBlockingTest.cs new file mode 100644 index 0000000..219a65a --- /dev/null +++ b/BouncyCastle/crypto/test/src/crypto/tls/test/TlsProtocolNonBlockingTest.cs @@ -0,0 +1,127 @@ +using System; +using System.IO; + +using NUnit.Framework; + +using Org.BouncyCastle.Security; +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Crypto.Tls.Tests +{ + [TestFixture] + public class TlsProtocolNonBlockingTest + { + [Test] + public void TestClientServerFragmented() + { + // tests if it's really non-blocking when partial records arrive + DoTestClientServer(true); + } + + [Test] + public void TestClientServerNonFragmented() + { + DoTestClientServer(false); + } + + private static void DoTestClientServer(bool fragment) + { + SecureRandom secureRandom = new SecureRandom(); + + TlsClientProtocol clientProtocol = new TlsClientProtocol(secureRandom); + TlsServerProtocol serverProtocol = new TlsServerProtocol(secureRandom); + + clientProtocol.Connect(new MockTlsClient(null)); + serverProtocol.Accept(new MockTlsServer()); + + // pump handshake + bool hadDataFromServer = true; + bool hadDataFromClient = true; + while (hadDataFromServer || hadDataFromClient) + { + hadDataFromServer = PumpData(serverProtocol, clientProtocol, fragment); + hadDataFromClient = PumpData(clientProtocol, serverProtocol, fragment); + } + + // send data in both directions + byte[] data = new byte[1024]; + secureRandom.NextBytes(data); + WriteAndRead(clientProtocol, serverProtocol, data, fragment); + WriteAndRead(serverProtocol, clientProtocol, data, fragment); + + // close the connection + clientProtocol.Close(); + PumpData(clientProtocol, serverProtocol, fragment); + serverProtocol.CloseInput(); + CheckClosed(serverProtocol); + CheckClosed(clientProtocol); + } + + private static void WriteAndRead(TlsProtocol writer, TlsProtocol reader, byte[] data, bool fragment) + { + int dataSize = data.Length; + writer.OfferOutput(data, 0, dataSize); + PumpData(writer, reader, fragment); + + Assert.AreEqual(dataSize, reader.GetAvailableInputBytes()); + byte[] readData = new byte[dataSize]; + reader.ReadInput(readData, 0, dataSize); + AssertArrayEquals(data, readData); + } + + private static bool PumpData(TlsProtocol from, TlsProtocol to, bool fragment) + { + int byteCount = from.GetAvailableOutputBytes(); + if (byteCount == 0) + { + return false; + } + + if (fragment) + { + byte[] buffer = new byte[1]; + while (from.GetAvailableOutputBytes() > 0) + { + from.ReadOutput(buffer, 0, 1); + to.OfferInput(buffer); + } + } + else + { + byte[] buffer = new byte[byteCount]; + from.ReadOutput(buffer, 0, buffer.Length); + to.OfferInput(buffer); + } + + return true; + } + + private static void CheckClosed(TlsProtocol protocol) + { + Assert.IsTrue(protocol.IsClosed); + + try + { + protocol.OfferInput(new byte[10]); + Assert.Fail("Input was accepted after close"); + } + catch (IOException) + { + } + + try + { + protocol.OfferOutput(new byte[10], 0, 10); + Assert.Fail("Output was accepted after close"); + } + catch (IOException) + { + } + } + + private static void AssertArrayEquals(byte[] a, byte[] b) + { + Assert.IsTrue(Arrays.AreEqual(a, b)); + } + } +} diff --git a/BouncyCastle/crypto/test/src/crypto/tls/test/TlsProtocolTest.cs b/BouncyCastle/crypto/test/src/crypto/tls/test/TlsProtocolTest.cs new file mode 100644 index 0000000..ba5b90c --- /dev/null +++ b/BouncyCastle/crypto/test/src/crypto/tls/test/TlsProtocolTest.cs @@ -0,0 +1,80 @@ +using System; +using System.IO; +using System.Threading; + +using Org.BouncyCastle.Security; +using Org.BouncyCastle.Utilities; +using Org.BouncyCastle.Utilities.IO; + +using NUnit.Framework; + +namespace Org.BouncyCastle.Crypto.Tls.Tests +{ + [TestFixture] + public class TlsProtocolTest + { + [Test] + public void TestClientServer() + { + SecureRandom secureRandom = new SecureRandom(); + + PipedStream clientPipe = new PipedStream(); + PipedStream serverPipe = new PipedStream(clientPipe); + + TlsClientProtocol clientProtocol = new TlsClientProtocol(clientPipe, secureRandom); + TlsServerProtocol serverProtocol = new TlsServerProtocol(serverPipe, secureRandom); + + Server server = new Server(serverProtocol); + + Thread serverThread = new Thread(new ThreadStart(server.Run)); + serverThread.Start(); + + MockTlsClient client = new MockTlsClient(null); + clientProtocol.Connect(client); + + // NOTE: Because we write-all before we read-any, this length can't be more than the pipe capacity + int length = 1000; + + byte[] data = new byte[length]; + secureRandom.NextBytes(data); + + Stream output = clientProtocol.Stream; + output.Write(data, 0, data.Length); + + byte[] echo = new byte[data.Length]; + int count = Streams.ReadFully(clientProtocol.Stream, echo); + + Assert.AreEqual(count, data.Length); + Assert.IsTrue(Arrays.AreEqual(data, echo)); + + output.Close(); + + serverThread.Join(); + } + + internal class Server + { + private readonly TlsServerProtocol mServerProtocol; + + internal Server(TlsServerProtocol serverProtocol) + { + this.mServerProtocol = serverProtocol; + } + + public void Run() + { + try + { + MockTlsServer server = new MockTlsServer(); + mServerProtocol.Accept(server); + Streams.PipeAll(mServerProtocol.Stream, mServerProtocol.Stream); + mServerProtocol.Close(); + } + catch (Exception) + { + //throw new RuntimeException(e); + } + } + } + } +} diff --git a/BouncyCastle/crypto/test/src/crypto/tls/test/TlsPskProtocolTest.cs b/BouncyCastle/crypto/test/src/crypto/tls/test/TlsPskProtocolTest.cs new file mode 100644 index 0000000..b059bb2 --- /dev/null +++ b/BouncyCastle/crypto/test/src/crypto/tls/test/TlsPskProtocolTest.cs @@ -0,0 +1,80 @@ +using System; +using System.IO; +using System.Threading; + +using Org.BouncyCastle.Security; +using Org.BouncyCastle.Utilities; +using Org.BouncyCastle.Utilities.IO; + +using NUnit.Framework; + +namespace Org.BouncyCastle.Crypto.Tls.Tests +{ + [TestFixture] + public class TlsPskProtocolTest + { + [Test] + public void TestClientServer() + { + SecureRandom secureRandom = new SecureRandom(); + + PipedStream clientPipe = new PipedStream(); + PipedStream serverPipe = new PipedStream(clientPipe); + + TlsClientProtocol clientProtocol = new TlsClientProtocol(clientPipe, secureRandom); + TlsServerProtocol serverProtocol = new TlsServerProtocol(serverPipe, secureRandom); + + Server server = new Server(serverProtocol); + + Thread serverThread = new Thread(new ThreadStart(server.Run)); + serverThread.Start(); + + MockPskTlsClient client = new MockPskTlsClient(null); + clientProtocol.Connect(client); + + // NOTE: Because we write-all before we read-any, this length can't be more than the pipe capacity + int length = 1000; + + byte[] data = new byte[length]; + secureRandom.NextBytes(data); + + Stream output = clientProtocol.Stream; + output.Write(data, 0, data.Length); + + byte[] echo = new byte[data.Length]; + int count = Streams.ReadFully(clientProtocol.Stream, echo); + + Assert.AreEqual(count, data.Length); + Assert.IsTrue(Arrays.AreEqual(data, echo)); + + output.Close(); + + serverThread.Join(); + } + + internal class Server + { + private readonly TlsServerProtocol mServerProtocol; + + internal Server(TlsServerProtocol serverProtocol) + { + this.mServerProtocol = serverProtocol; + } + + public void Run() + { + try + { + MockPskTlsServer server = new MockPskTlsServer(); + mServerProtocol.Accept(server); + Streams.PipeAll(mServerProtocol.Stream, mServerProtocol.Stream); + mServerProtocol.Close(); + } + catch (Exception) + { + //throw new RuntimeException(e); + } + } + } + } +} diff --git a/BouncyCastle/crypto/test/src/crypto/tls/test/TlsServerTest.cs b/BouncyCastle/crypto/test/src/crypto/tls/test/TlsServerTest.cs new file mode 100644 index 0000000..7920cb5 --- /dev/null +++ b/BouncyCastle/crypto/test/src/crypto/tls/test/TlsServerTest.cs @@ -0,0 +1,85 @@ +using System; +using System.IO; +using System.Net; +using System.Net.Sockets; +using System.Threading; + +using Org.BouncyCastle.Security; +using Org.BouncyCastle.Utilities.IO; + +namespace Org.BouncyCastle.Crypto.Tls.Tests +{ + /** + * A simple test designed to conduct a TLS handshake with an external TLS client. + *

    + * Please refer to GnuTLSSetup.html or OpenSSLSetup.html (under 'docs'), and x509-*.pem files in + * this package (under 'src/test/resources') for help configuring an external TLS client. + */ + public class TlsServerTest + { + private static readonly SecureRandom secureRandom = new SecureRandom(); + + public static void Main(string[] args) + { + int port = 5556; + + TcpListener ss = new TcpListener(IPAddress.Any, port); + ss.Start(); + Stream stdout = Console.OpenStandardOutput(); + try + { + while (true) + { + TcpClient s = ss.AcceptTcpClient(); + Console.WriteLine("--------------------------------------------------------------------------------"); + Console.WriteLine("Accepted " + s); + ServerThread st = new ServerThread(s, stdout); + Thread t = new Thread(new ThreadStart(st.Run)); + t.Start(); + } + } + finally + { + ss.Stop(); + } + } + + internal class ServerThread + { + private readonly TcpClient s; + private readonly Stream stdout; + + internal ServerThread(TcpClient s, Stream stdout) + { + this.s = s; + this.stdout = stdout; + } + + public void Run() + { + try + { + MockTlsServer server = new MockTlsServer(); + TlsServerProtocol serverProtocol = new TlsServerProtocol(s.GetStream(), secureRandom); + serverProtocol.Accept(server); + Stream log = new TeeOutputStream(serverProtocol.Stream, stdout); + Streams.PipeAll(serverProtocol.Stream, log); + serverProtocol.Close(); + } + finally + { + try + { + s.Close(); + } + catch (IOException) + { + } + finally + { + } + } + } + } + } +} diff --git a/BouncyCastle/crypto/test/src/crypto/tls/test/TlsSrpProtocolTest.cs b/BouncyCastle/crypto/test/src/crypto/tls/test/TlsSrpProtocolTest.cs new file mode 100644 index 0000000..32e126f --- /dev/null +++ b/BouncyCastle/crypto/test/src/crypto/tls/test/TlsSrpProtocolTest.cs @@ -0,0 +1,80 @@ +using System; +using System.IO; +using System.Threading; + +using Org.BouncyCastle.Security; +using Org.BouncyCastle.Utilities; +using Org.BouncyCastle.Utilities.IO; + +using NUnit.Framework; + +namespace Org.BouncyCastle.Crypto.Tls.Tests +{ + [TestFixture] + public class TlsSrpProtocolTest + { + [Test] + public void TestClientServer() + { + SecureRandom secureRandom = new SecureRandom(); + + PipedStream clientPipe = new PipedStream(); + PipedStream serverPipe = new PipedStream(clientPipe); + + TlsClientProtocol clientProtocol = new TlsClientProtocol(clientPipe, secureRandom); + TlsServerProtocol serverProtocol = new TlsServerProtocol(serverPipe, secureRandom); + + Server server = new Server(serverProtocol); + + Thread serverThread = new Thread(new ThreadStart(server.Run)); + serverThread.Start(); + + MockSrpTlsClient client = new MockSrpTlsClient(null, MockSrpTlsServer.TEST_IDENTITY, MockSrpTlsServer.TEST_PASSWORD); + clientProtocol.Connect(client); + + // NOTE: Because we write-all before we read-any, this length can't be more than the pipe capacity + int length = 1000; + + byte[] data = new byte[length]; + secureRandom.NextBytes(data); + + Stream output = clientProtocol.Stream; + output.Write(data, 0, data.Length); + + byte[] echo = new byte[data.Length]; + int count = Streams.ReadFully(clientProtocol.Stream, echo); + + Assert.AreEqual(count, data.Length); + Assert.IsTrue(Arrays.AreEqual(data, echo)); + + output.Close(); + + serverThread.Join(); + } + + internal class Server + { + private readonly TlsServerProtocol mServerProtocol; + + internal Server(TlsServerProtocol serverProtocol) + { + this.mServerProtocol = serverProtocol; + } + + public void Run() + { + try + { + MockSrpTlsServer server = new MockSrpTlsServer(); + mServerProtocol.Accept(server); + Streams.PipeAll(mServerProtocol.Stream, mServerProtocol.Stream); + mServerProtocol.Close(); + } + catch (Exception) + { + //throw new RuntimeException(e); + } + } + } + } +} diff --git a/BouncyCastle/crypto/test/src/crypto/tls/test/TlsTestCase.cs b/BouncyCastle/crypto/test/src/crypto/tls/test/TlsTestCase.cs new file mode 100644 index 0000000..7fb5db6 --- /dev/null +++ b/BouncyCastle/crypto/test/src/crypto/tls/test/TlsTestCase.cs @@ -0,0 +1,164 @@ +using System; +using System.IO; +using System.Threading; + +using Org.BouncyCastle.Security; +using Org.BouncyCastle.Utilities; +using Org.BouncyCastle.Utilities.IO; + +using NUnit.Framework; + +namespace Org.BouncyCastle.Crypto.Tls.Tests +{ + [TestFixture] + public class TlsTestCase + { + private static void CheckTlsVersion(ProtocolVersion version) + { + if (version != null && !version.IsTls) + throw new InvalidOperationException("Non-TLS version"); + } + + [Test, TestCaseSource(typeof(TlsTestSuite), "Suite")] + public void RunTest(TlsTestConfig config) + { + CheckTlsVersion(config.clientMinimumVersion); + CheckTlsVersion(config.clientOfferVersion); + CheckTlsVersion(config.serverMaximumVersion); + CheckTlsVersion(config.serverMinimumVersion); + + SecureRandom secureRandom = new SecureRandom(); + + PipedStream clientPipe = new PipedStream(); + PipedStream serverPipe = new PipedStream(clientPipe); + + NetworkStream clientNet = new NetworkStream(clientPipe); + NetworkStream serverNet = new NetworkStream(serverPipe); + + TlsTestClientProtocol clientProtocol = new TlsTestClientProtocol(clientNet, secureRandom, config); + TlsTestServerProtocol serverProtocol = new TlsTestServerProtocol(serverNet, secureRandom, config); + + TlsTestClientImpl clientImpl = new TlsTestClientImpl(config); + TlsTestServerImpl serverImpl = new TlsTestServerImpl(config); + + Server server = new Server(this, serverProtocol, serverImpl); + + Thread serverThread = new Thread(new ThreadStart(server.Run)); + serverThread.Start(); + + Exception caught = null; + try + { + clientProtocol.Connect(clientImpl); + + // NOTE: Because we write-all before we read-any, this length can't be more than the pipe capacity + int length = 1000; + + byte[] data = new byte[length]; + secureRandom.NextBytes(data); + + Stream output = clientProtocol.Stream; + output.Write(data, 0, data.Length); + + byte[] echo = new byte[data.Length]; + int count = Streams.ReadFully(clientProtocol.Stream, echo); + + Assert.AreEqual(count, data.Length); + Assert.IsTrue(Arrays.AreEqual(data, echo)); + + output.Close(); + } + catch (Exception e) + { + caught = e; + LogException(caught); + } + + server.AllowExit(); + serverThread.Join(); + + Assert.IsTrue(clientNet.IsClosed, "Client Stream not closed"); + Assert.IsTrue(serverNet.IsClosed, "Server Stream not closed"); + + Assert.AreEqual(config.expectFatalAlertConnectionEnd, clientImpl.FirstFatalAlertConnectionEnd, "Client fatal alert connection end"); + Assert.AreEqual(config.expectFatalAlertConnectionEnd, serverImpl.FirstFatalAlertConnectionEnd, "Server fatal alert connection end"); + + Assert.AreEqual(config.expectFatalAlertDescription, clientImpl.FirstFatalAlertDescription, "Client fatal alert description"); + Assert.AreEqual(config.expectFatalAlertDescription, serverImpl.FirstFatalAlertDescription, "Server fatal alert description"); + + if (config.expectFatalAlertConnectionEnd == -1) + { + Assert.IsNull(caught, "Unexpected client exception"); + Assert.IsNull(server.mCaught, "Unexpected server exception"); + } + } + + protected virtual void LogException(Exception e) + { + if (TlsTestConfig.DEBUG) + { + Console.Error.WriteLine(e); + } + } + + internal class Server + { + protected readonly TlsTestCase mOuter; + protected readonly TlsTestServerProtocol mServerProtocol; + protected readonly TlsTestServerImpl mServerImpl; + + internal bool mCanExit = false; + internal Exception mCaught = null; + + internal Server(TlsTestCase outer, TlsTestServerProtocol serverProtocol, TlsTestServerImpl serverImpl) + { + this.mOuter = outer; + this.mServerProtocol = serverProtocol; + this.mServerImpl = serverImpl; + } + + internal void AllowExit() + { + lock (this) + { + mCanExit = true; + Monitor.PulseAll(this); + } + } + + public void Run() + { + try + { + mServerProtocol.Accept(mServerImpl); + Streams.PipeAll(mServerProtocol.Stream, mServerProtocol.Stream); + mServerProtocol.Close(); + } + catch (Exception e) + { + mCaught = e; + mOuter.LogException(mCaught); + } + + WaitExit(); + } + + protected void WaitExit() + { + lock (this) + { + while (!mCanExit) + { + try + { + Monitor.Wait(this); + } + catch (ThreadInterruptedException) + { + } + } + } + } + } + } +} diff --git a/BouncyCastle/crypto/test/src/crypto/tls/test/TlsTestClientImpl.cs b/BouncyCastle/crypto/test/src/crypto/tls/test/TlsTestClientImpl.cs new file mode 100644 index 0000000..ae1f632 --- /dev/null +++ b/BouncyCastle/crypto/test/src/crypto/tls/test/TlsTestClientImpl.cs @@ -0,0 +1,284 @@ +using System; +using System.Collections; +using System.IO; + +using Org.BouncyCastle.Asn1; +using Org.BouncyCastle.Asn1.X509; +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Crypto.Tls.Tests +{ + internal class TlsTestClientImpl + : DefaultTlsClient + { + protected readonly TlsTestConfig mConfig; + + protected int firstFatalAlertConnectionEnd = -1; + protected int firstFatalAlertDescription = -1; + + internal TlsTestClientImpl(TlsTestConfig config) + { + this.mConfig = config; + } + + internal int FirstFatalAlertConnectionEnd + { + get { return firstFatalAlertConnectionEnd; } + } + + internal int FirstFatalAlertDescription + { + get { return firstFatalAlertDescription; } + } + + public override ProtocolVersion ClientVersion + { + get + { + if (mConfig.clientOfferVersion != null) + { + return mConfig.clientOfferVersion; + } + + return base.ClientVersion; + } + } + + public override ProtocolVersion MinimumVersion + { + get + { + if (mConfig.clientMinimumVersion != null) + { + return mConfig.clientMinimumVersion; + } + + return base.MinimumVersion; + } + } + + public override IDictionary GetClientExtensions() + { + IDictionary clientExtensions = base.GetClientExtensions(); + if (clientExtensions != null && !mConfig.clientSendSignatureAlgorithms) + { + clientExtensions.Remove(ExtensionType.signature_algorithms); + this.mSupportedSignatureAlgorithms = null; + } + return clientExtensions; + } + + public override bool IsFallback + { + get { return mConfig.clientFallback; } + } + + public override void NotifyAlertRaised(byte alertLevel, byte alertDescription, string message, Exception cause) + { + if (alertLevel == AlertLevel.fatal && firstFatalAlertConnectionEnd == -1) + { + firstFatalAlertConnectionEnd = ConnectionEnd.client; + firstFatalAlertDescription = alertDescription; + } + + if (TlsTestConfig.DEBUG) + { + TextWriter output = (alertLevel == AlertLevel.fatal) ? Console.Error : Console.Out; + output.WriteLine("TLS client raised alert: " + AlertLevel.GetText(alertLevel) + + ", " + AlertDescription.GetText(alertDescription)); + if (message != null) + { + output.WriteLine("> " + message); + } + if (cause != null) + { + output.WriteLine(cause); + } + } + } + + public override void NotifyAlertReceived(byte alertLevel, byte alertDescription) + { + if (alertLevel == AlertLevel.fatal && firstFatalAlertConnectionEnd == -1) + { + firstFatalAlertConnectionEnd = ConnectionEnd.server; + firstFatalAlertDescription = alertDescription; + } + + if (TlsTestConfig.DEBUG) + { + TextWriter output = (alertLevel == AlertLevel.fatal) ? Console.Error : Console.Out; + output.WriteLine("TLS client received alert: " + AlertLevel.GetText(alertLevel) + + ", " + AlertDescription.GetText(alertDescription)); + } + } + + public override void NotifyServerVersion(ProtocolVersion serverVersion) + { + base.NotifyServerVersion(serverVersion); + + if (TlsTestConfig.DEBUG) + { + Console.WriteLine("TLS client negotiated " + serverVersion); + } + } + + public override TlsAuthentication GetAuthentication() + { + return new MyTlsAuthentication(this, mContext); + } + + protected virtual Certificate CorruptCertificate(Certificate cert) + { + X509CertificateStructure[] certList = cert.GetCertificateList(); + certList[0] = CorruptCertificateSignature(certList[0]); + return new Certificate(certList); + } + + protected virtual X509CertificateStructure CorruptCertificateSignature(X509CertificateStructure cert) + { + Asn1EncodableVector v = new Asn1EncodableVector(); + v.Add(cert.TbsCertificate); + v.Add(cert.SignatureAlgorithm); + v.Add(CorruptSignature(cert.Signature)); + + return X509CertificateStructure.GetInstance(new DerSequence(v)); + } + + protected virtual DerBitString CorruptSignature(DerBitString bs) + { + return new DerBitString(CorruptBit(bs.GetOctets())); + } + + protected virtual byte[] CorruptBit(byte[] bs) + { + bs = Arrays.Clone(bs); + + // Flip a random bit + int bit = mContext.SecureRandom.Next(bs.Length << 3); + bs[bit >> 3] ^= (byte)(1 << (bit & 7)); + + return bs; + } + + internal class MyTlsAuthentication + : TlsAuthentication + { + private readonly TlsTestClientImpl mOuter; + private readonly TlsContext mContext; + + internal MyTlsAuthentication(TlsTestClientImpl outer, TlsContext context) + { + this.mOuter = outer; + this.mContext = context; + } + + public virtual void NotifyServerCertificate(Certificate serverCertificate) + { + bool isEmpty = serverCertificate == null || serverCertificate.IsEmpty; + + X509CertificateStructure[] chain = serverCertificate.GetCertificateList(); + + // TODO Cache test resources? + if (isEmpty || !( + chain[0].Equals(TlsTestUtilities.LoadCertificateResource("x509-server-dsa.pem")) || + chain[0].Equals(TlsTestUtilities.LoadCertificateResource("x509-server-ecdsa.pem")) || + chain[0].Equals(TlsTestUtilities.LoadCertificateResource("x509-server-rsa-enc.pem")) || + chain[0].Equals(TlsTestUtilities.LoadCertificateResource("x509-server-rsa-sign.pem")) + )) + { + throw new TlsFatalAlert(AlertDescription.bad_certificate); + } + + if (TlsTestConfig.DEBUG) + { + Console.WriteLine("TLS client received server certificate chain of length " + chain.Length); + for (int i = 0; i != chain.Length; i++) + { + X509CertificateStructure entry = chain[i]; + // TODO Create fingerprint based on certificate signature algorithm digest + Console.WriteLine(" fingerprint:SHA-256 " + TlsTestUtilities.Fingerprint(entry) + " (" + + entry.Subject + ")"); + } + } + } + + public virtual TlsCredentials GetClientCredentials(CertificateRequest certificateRequest) + { + if (mOuter.mConfig.serverCertReq == TlsTestConfig.SERVER_CERT_REQ_NONE) + throw new InvalidOperationException(); + if (mOuter.mConfig.clientAuth == TlsTestConfig.CLIENT_AUTH_NONE) + return null; + + byte[] certificateTypes = certificateRequest.CertificateTypes; + if (certificateTypes == null || !Arrays.Contains(certificateTypes, ClientCertificateType.rsa_sign)) + { + return null; + } + + IList supportedSigAlgs = certificateRequest.SupportedSignatureAlgorithms; + if (supportedSigAlgs != null && mOuter.mConfig.clientAuthSigAlg != null) + { + supportedSigAlgs = new ArrayList(1); + supportedSigAlgs.Add(mOuter.mConfig.clientAuthSigAlg); + } + + TlsSignerCredentials signerCredentials = TlsTestUtilities.LoadSignerCredentials(mContext, + supportedSigAlgs, SignatureAlgorithm.rsa, new string[]{ "x509-client-rsa.pem", "x509-ca-rsa.pem" }, + "x509-client-key-rsa.pem"); + + if (mOuter.mConfig.clientAuth == TlsTestConfig.CLIENT_AUTH_VALID) + { + return signerCredentials; + } + + return new MyTlsSignerCredentials(mOuter, signerCredentials); + } + }; + + internal class MyTlsSignerCredentials + : TlsSignerCredentials + { + private readonly TlsTestClientImpl mOuter; + private readonly TlsSignerCredentials mInner; + + internal MyTlsSignerCredentials(TlsTestClientImpl outer, TlsSignerCredentials inner) + { + this.mOuter = outer; + this.mInner = inner; + } + + public virtual byte[] GenerateCertificateSignature(byte[] hash) + { + byte[] sig = mInner.GenerateCertificateSignature(hash); + + if (mOuter.mConfig.clientAuth == TlsTestConfig.CLIENT_AUTH_INVALID_VERIFY) + { + sig = mOuter.CorruptBit(sig); + } + + return sig; + } + + public virtual Certificate Certificate + { + get + { + Certificate cert = mInner.Certificate; + + if (mOuter.mConfig.clientAuth == TlsTestConfig.CLIENT_AUTH_INVALID_CERT) + { + cert = mOuter.CorruptCertificate(cert); + } + + return cert; + } + } + + public virtual SignatureAndHashAlgorithm SignatureAndHashAlgorithm + { + get { return mInner.SignatureAndHashAlgorithm; } + } + } + } +} diff --git a/BouncyCastle/crypto/test/src/crypto/tls/test/TlsTestClientProtocol.cs b/BouncyCastle/crypto/test/src/crypto/tls/test/TlsTestClientProtocol.cs new file mode 100644 index 0000000..97b7c91 --- /dev/null +++ b/BouncyCastle/crypto/test/src/crypto/tls/test/TlsTestClientProtocol.cs @@ -0,0 +1,29 @@ +using System; +using System.IO; + +using Org.BouncyCastle.Security; + +namespace Org.BouncyCastle.Crypto.Tls.Tests +{ + internal class TlsTestClientProtocol + : TlsClientProtocol + { + protected readonly TlsTestConfig config; + + public TlsTestClientProtocol(Stream stream, SecureRandom secureRandom, TlsTestConfig config) + : base(stream, secureRandom) + { + this.config = config; + } + + protected override void SendCertificateVerifyMessage(DigitallySigned certificateVerify) + { + if (certificateVerify.Algorithm != null && config.clientAuthSigAlgClaimed != null) + { + certificateVerify = new DigitallySigned(config.clientAuthSigAlgClaimed, certificateVerify.Signature); + } + + base.SendCertificateVerifyMessage(certificateVerify); + } + } +} diff --git a/BouncyCastle/crypto/test/src/crypto/tls/test/TlsTestConfig.cs b/BouncyCastle/crypto/test/src/crypto/tls/test/TlsTestConfig.cs new file mode 100644 index 0000000..ccbb919 --- /dev/null +++ b/BouncyCastle/crypto/test/src/crypto/tls/test/TlsTestConfig.cs @@ -0,0 +1,131 @@ +using System; +using System.Collections; + +namespace Org.BouncyCastle.Crypto.Tls.Tests +{ + public class TlsTestConfig + { + public static readonly bool DEBUG = false; + + /** + * Client does not authenticate, ignores any certificate request + */ + public const int CLIENT_AUTH_NONE = 0; + + /** + * Client will authenticate if it receives a certificate request + */ + public const int CLIENT_AUTH_VALID = 1; + + /** + * Client will authenticate if it receives a certificate request, with an invalid certificate + */ + public const int CLIENT_AUTH_INVALID_CERT = 2; + + /** + * Client will authenticate if it receives a certificate request, with an invalid CertificateVerify signature + */ + public const int CLIENT_AUTH_INVALID_VERIFY = 3; + + /** + * Server will not request a client certificate + */ + public const int SERVER_CERT_REQ_NONE = 0; + + /** + * Server will request a client certificate but receiving one is optional + */ + public const int SERVER_CERT_REQ_OPTIONAL = 1; + + /** + * Server will request a client certificate and receiving one is mandatory + */ + public const int SERVER_CERT_REQ_MANDATORY = 2; + + /** + * Configures the client authentication behaviour of the test client. Use CLIENT_AUTH_* constants. + */ + public int clientAuth = CLIENT_AUTH_VALID; + + /** + * If not null, and TLS 1.2 or higher is negotiated, selects a fixed signature/hash algorithm to + * be used for the CertificateVerify signature (if one is sent). + */ + public SignatureAndHashAlgorithm clientAuthSigAlg = null; + + /** + * If not null, and TLS 1.2 or higher is negotiated, selects a fixed signature/hash algorithm to + * be _claimed_ in the CertificateVerify (if one is sent), independently of what was actually used. + */ + public SignatureAndHashAlgorithm clientAuthSigAlgClaimed = null; + + /** + * Configures the minimum protocol version the client will accept. If null, uses the library's default. + */ + public ProtocolVersion clientMinimumVersion = null; + + /** + * Configures the protocol version the client will offer. If null, uses the library's default. + */ + public ProtocolVersion clientOfferVersion = null; + + /** + * Configures whether the client will indicate version fallback via TLS_FALLBACK_SCSV. + */ + public bool clientFallback = false; + + /** + * Configures whether a (TLS 1.2+) client will send the signature_algorithms extension in ClientHello. + */ + public bool clientSendSignatureAlgorithms = true; + + /** + * If not null, and TLS 1.2 or higher is negotiated, selects a fixed signature/hash algorithm to + * be used for the ServerKeyExchange signature (if one is sent). + */ + public SignatureAndHashAlgorithm serverAuthSigAlg = null; + + /** + * Configures whether the test server will send a certificate request. + */ + public int serverCertReq = SERVER_CERT_REQ_OPTIONAL; + + /** + * If TLS 1.2 or higher is negotiated, configures the set of supported signature algorithms in the + * CertificateRequest (if one is sent). If null, uses a default set. + */ + public IList serverCertReqSigAlgs = null; + + /** + * Configures the maximum protocol version the server will accept. If null, uses the library's default. + */ + public ProtocolVersion serverMaximumVersion = null; + + /** + * Configures the minimum protocol version the server will accept. If null, uses the library's default. + */ + public ProtocolVersion serverMinimumVersion = null; + + /** + * Configures the connection end that a fatal alert is expected to be raised. Use ConnectionEnd.* constants. + */ + public int expectFatalAlertConnectionEnd = -1; + + /** + * Configures the type of fatal alert expected to be raised. Use AlertDescription.* constants. + */ + public int expectFatalAlertDescription = -1; + + public void ExpectClientFatalAlert(byte alertDescription) + { + this.expectFatalAlertConnectionEnd = ConnectionEnd.client; + this.expectFatalAlertDescription = alertDescription; + } + + public void ExpectServerFatalAlert(byte alertDescription) + { + this.expectFatalAlertConnectionEnd = ConnectionEnd.server; + this.expectFatalAlertDescription = alertDescription; + } + } +} diff --git a/BouncyCastle/crypto/test/src/crypto/tls/test/TlsTestServerImpl.cs b/BouncyCastle/crypto/test/src/crypto/tls/test/TlsTestServerImpl.cs new file mode 100644 index 0000000..2587181 --- /dev/null +++ b/BouncyCastle/crypto/test/src/crypto/tls/test/TlsTestServerImpl.cs @@ -0,0 +1,230 @@ +using System; +using System.Collections; +using System.IO; +using System.Threading; + +using Org.BouncyCastle.Asn1; +using Org.BouncyCastle.Asn1.X509; +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Crypto.Tls.Tests +{ + internal class TlsTestServerImpl + : DefaultTlsServer + { + protected readonly TlsTestConfig mConfig; + + protected int firstFatalAlertConnectionEnd = -1; + protected int firstFatalAlertDescription = -1; + + internal TlsTestServerImpl(TlsTestConfig config) + { + this.mConfig = config; + } + + internal int FirstFatalAlertConnectionEnd + { + get { return firstFatalAlertConnectionEnd; } + } + + internal int FirstFatalAlertDescription + { + get { return firstFatalAlertDescription; } + } + + protected override ProtocolVersion MaximumVersion + { + get + { + if (mConfig.serverMaximumVersion != null) + { + return mConfig.serverMaximumVersion; + } + + return base.MaximumVersion; + } + } + + protected override ProtocolVersion MinimumVersion + { + get + { + if (mConfig.serverMinimumVersion != null) + { + return mConfig.serverMinimumVersion; + } + + return base.MinimumVersion; + } + } + + public override void NotifyAlertRaised(byte alertLevel, byte alertDescription, string message, Exception cause) + { + if (alertLevel == AlertLevel.fatal && firstFatalAlertConnectionEnd == -1) + { + firstFatalAlertConnectionEnd = ConnectionEnd.server; + firstFatalAlertDescription = alertDescription; + } + + if (TlsTestConfig.DEBUG) + { + TextWriter output = (alertLevel == AlertLevel.fatal) ? Console.Error : Console.Out; + output.WriteLine("TLS server raised alert: " + AlertLevel.GetText(alertLevel) + + ", " + AlertDescription.GetText(alertDescription)); + if (message != null) + { + SafeWriteLine(output, "> " + message); + } + if (cause != null) + { + SafeWriteLine(output, cause); + } + } + } + + public override void NotifyAlertReceived(byte alertLevel, byte alertDescription) + { + if (alertLevel == AlertLevel.fatal && firstFatalAlertConnectionEnd == -1) + { + firstFatalAlertConnectionEnd = ConnectionEnd.client; + firstFatalAlertDescription = alertDescription; + } + + if (TlsTestConfig.DEBUG) + { + TextWriter output = (alertLevel == AlertLevel.fatal) ? Console.Error : Console.Out; + SafeWriteLine(output, "TLS server received alert: " + AlertLevel.GetText(alertLevel) + + ", " + AlertDescription.GetText(alertDescription)); + } + } + + public override ProtocolVersion GetServerVersion() + { + ProtocolVersion serverVersion = base.GetServerVersion(); + + if (TlsTestConfig.DEBUG) + { + Console.WriteLine("TLS server negotiated " + serverVersion); + } + + return serverVersion; + } + + public override CertificateRequest GetCertificateRequest() + { + if (mConfig.serverCertReq == TlsTestConfig.SERVER_CERT_REQ_NONE) + { + return null; + } + + byte[] certificateTypes = new byte[]{ ClientCertificateType.rsa_sign, + ClientCertificateType.dss_sign, ClientCertificateType.ecdsa_sign }; + + IList serverSigAlgs = null; + if (TlsUtilities.IsSignatureAlgorithmsExtensionAllowed(mServerVersion)) + { + serverSigAlgs = mConfig.serverCertReqSigAlgs; + if (serverSigAlgs == null) + { + serverSigAlgs = TlsUtilities.GetDefaultSupportedSignatureAlgorithms(); + } + } + + IList certificateAuthorities = new ArrayList(); + certificateAuthorities.Add(TlsTestUtilities.LoadCertificateResource("x509-ca-rsa.pem").Subject); + + return new CertificateRequest(certificateTypes, serverSigAlgs, certificateAuthorities); + } + + public override void NotifyClientCertificate(Certificate clientCertificate) + { + bool isEmpty = (clientCertificate == null || clientCertificate.IsEmpty); + + if (isEmpty != (mConfig.clientAuth == TlsTestConfig.CLIENT_AUTH_NONE)) + { + throw new InvalidOperationException(); + } + if (isEmpty && (mConfig.serverCertReq == TlsTestConfig.SERVER_CERT_REQ_MANDATORY)) + { + throw new TlsFatalAlert(AlertDescription.handshake_failure); + } + + X509CertificateStructure[] chain = clientCertificate.GetCertificateList(); + + // TODO Cache test resources? + if (!isEmpty && !( + chain[0].Equals(TlsTestUtilities.LoadCertificateResource("x509-client-dsa.pem")) || + chain[0].Equals(TlsTestUtilities.LoadCertificateResource("x509-client-ecdsa.pem")) || + chain[0].Equals(TlsTestUtilities.LoadCertificateResource("x509-client-rsa.pem")) + )) + { + throw new TlsFatalAlert(AlertDescription.bad_certificate); + } + + if (TlsTestConfig.DEBUG) + { + Console.WriteLine("TLS server received client certificate chain of length " + chain.Length); + for (int i = 0; i != chain.Length; i++) + { + X509CertificateStructure entry = chain[i]; + // TODO Create fingerprint based on certificate signature algorithm digest + Console.WriteLine(" fingerprint:SHA-256 " + TlsTestUtilities.Fingerprint(entry) + " (" + + entry.Subject + ")"); + } + } + } + + protected virtual IList GetSupportedSignatureAlgorithms() + { + if (TlsUtilities.IsTlsV12(mContext) && mConfig.serverAuthSigAlg != null) + { + IList signatureAlgorithms = new ArrayList(1); + signatureAlgorithms.Add(mConfig.serverAuthSigAlg); + return signatureAlgorithms; + } + + return mSupportedSignatureAlgorithms; + } + + protected override TlsSignerCredentials GetDsaSignerCredentials() + { + return TlsTestUtilities.LoadSignerCredentials(mContext, GetSupportedSignatureAlgorithms(), + SignatureAlgorithm.dsa, new string[]{ "x509-server-dsa.pem", "x509-ca-dsa.pem" }, + "x509-server-key-dsa.pem"); + } + + protected override TlsSignerCredentials GetECDsaSignerCredentials() + { + return TlsTestUtilities.LoadSignerCredentials(mContext, GetSupportedSignatureAlgorithms(), + SignatureAlgorithm.ecdsa, new string[]{ "x509-server-ecdsa.pem", "x509-ca-ecdsa.pem" }, + "x509-server-key-ecdsa.pem"); + } + + protected override TlsEncryptionCredentials GetRsaEncryptionCredentials() + { + return TlsTestUtilities.LoadEncryptionCredentials(mContext, + new string[]{ "x509-server-rsa-enc.pem", "x509-ca-rsa.pem" }, "x509-server-key-rsa-enc.pem"); + } + + protected override TlsSignerCredentials GetRsaSignerCredentials() + { + return TlsTestUtilities.LoadSignerCredentials(mContext, GetSupportedSignatureAlgorithms(), + SignatureAlgorithm.rsa, new string[]{ "x509-server-rsa-sign.pem", "x509-ca-rsa.pem" }, + "x509-server-key-rsa-sign.pem"); + } + + private static void SafeWriteLine(TextWriter output, object line) + { + try + { + output.WriteLine(line); + } + catch (ThreadInterruptedException) + { + /* + * For some reason the NUnit plugin in Visual Studio started throwing these during alert logging + */ + } + } + } +} diff --git a/BouncyCastle/crypto/test/src/crypto/tls/test/TlsTestServerProtocol.cs b/BouncyCastle/crypto/test/src/crypto/tls/test/TlsTestServerProtocol.cs new file mode 100644 index 0000000..845b7f0 --- /dev/null +++ b/BouncyCastle/crypto/test/src/crypto/tls/test/TlsTestServerProtocol.cs @@ -0,0 +1,19 @@ +using System; +using System.IO; + +using Org.BouncyCastle.Security; + +namespace Org.BouncyCastle.Crypto.Tls.Tests +{ + internal class TlsTestServerProtocol + : TlsServerProtocol + { + protected readonly TlsTestConfig config; + + public TlsTestServerProtocol(Stream stream, SecureRandom secureRandom, TlsTestConfig config) + : base(stream, secureRandom) + { + this.config = config; + } + } +} diff --git a/BouncyCastle/crypto/test/src/crypto/tls/test/TlsTestSuite.cs b/BouncyCastle/crypto/test/src/crypto/tls/test/TlsTestSuite.cs new file mode 100644 index 0000000..849e738 --- /dev/null +++ b/BouncyCastle/crypto/test/src/crypto/tls/test/TlsTestSuite.cs @@ -0,0 +1,214 @@ +using System; +using System.Collections; + +using NUnit.Framework; + +namespace Org.BouncyCastle.Crypto.Tls.Tests +{ + public class TlsTestSuite + { + // Make the access to constants less verbose + internal class C : TlsTestConfig {} + + public TlsTestSuite() + { + } + + public static IEnumerable Suite() + { + IList testSuite = new ArrayList(); + + AddFallbackTests(testSuite); + AddVersionTests(testSuite, ProtocolVersion.SSLv3); + AddVersionTests(testSuite, ProtocolVersion.TLSv10); + AddVersionTests(testSuite, ProtocolVersion.TLSv11); + AddVersionTests(testSuite, ProtocolVersion.TLSv12); + + return testSuite; + } + + private static void AddFallbackTests(IList testSuite) + { + { + TlsTestConfig c = CreateTlsTestConfig(ProtocolVersion.TLSv12); + c.clientFallback = true; + + AddTestCase(testSuite, c, "FallbackGood"); + } + + { + TlsTestConfig c = CreateTlsTestConfig(ProtocolVersion.TLSv12); + c.clientOfferVersion = ProtocolVersion.TLSv11; + c.clientFallback = true; + c.ExpectServerFatalAlert(AlertDescription.inappropriate_fallback); + + AddTestCase(testSuite, c, "FallbackBad"); + } + + { + TlsTestConfig c = CreateTlsTestConfig(ProtocolVersion.TLSv12); + c.clientOfferVersion = ProtocolVersion.TLSv11; + + AddTestCase(testSuite, c, "FallbackNone"); + } + } + + private static void AddVersionTests(IList testSuite, ProtocolVersion version) + { + string prefix = version.ToString() + .Replace(" ", "") + .Replace("\\", "") + .Replace(".", "") + + "_"; + + { + TlsTestConfig c = CreateTlsTestConfig(version); + + AddTestCase(testSuite, c, prefix + "GoodDefault"); + } + + /* + * Server only declares support for SHA1/RSA, client selects MD5/RSA. Since the client is + * NOT actually tracking MD5 over the handshake, we expect fatal alert from the client. + */ + if (TlsUtilities.IsTlsV12(version)) + { + TlsTestConfig c = CreateTlsTestConfig(version); + c.clientAuth = C.CLIENT_AUTH_VALID; + c.clientAuthSigAlg = new SignatureAndHashAlgorithm(HashAlgorithm.md5, SignatureAlgorithm.rsa); + c.serverCertReqSigAlgs = TlsUtilities.GetDefaultRsaSignatureAlgorithms(); + c.ExpectClientFatalAlert(AlertDescription.internal_error); + + AddTestCase(testSuite, c, prefix + "BadCertificateVerifyHashAlg"); + } + + /* + * Server only declares support for SHA1/ECDSA, client selects SHA1/RSA. Since the client is + * actually tracking SHA1 over the handshake, we expect fatal alert to come from the server + * when it verifies the selected algorithm against the CertificateRequest supported + * algorithms. + */ + if (TlsUtilities.IsTlsV12(version)) + { + TlsTestConfig c = CreateTlsTestConfig(version); + c.clientAuth = C.CLIENT_AUTH_VALID; + c.clientAuthSigAlg = new SignatureAndHashAlgorithm(HashAlgorithm.sha1, SignatureAlgorithm.rsa); + c.serverCertReqSigAlgs = TlsUtilities.GetDefaultECDsaSignatureAlgorithms(); + c.ExpectServerFatalAlert(AlertDescription.illegal_parameter); + + AddTestCase(testSuite, c, prefix + "BadCertificateVerifySigAlg"); + } + + /* + * Server only declares support for SHA1/ECDSA, client signs with SHA1/RSA, but sends + * SHA1/ECDSA in the CertificateVerify. Since the client is actually tracking SHA1 over the + * handshake, and the claimed algorithm is in the CertificateRequest supported algorithms, + * we expect fatal alert to come from the server when it finds the claimed algorithm + * doesn't match the client certificate. + */ + if (TlsUtilities.IsTlsV12(version)) + { + TlsTestConfig c = CreateTlsTestConfig(version); + c.clientAuth = C.CLIENT_AUTH_VALID; + c.clientAuthSigAlg = new SignatureAndHashAlgorithm(HashAlgorithm.sha1, SignatureAlgorithm.rsa); + c.clientAuthSigAlgClaimed = new SignatureAndHashAlgorithm(HashAlgorithm.sha1, SignatureAlgorithm.ecdsa); + c.serverCertReqSigAlgs = TlsUtilities.GetDefaultECDsaSignatureAlgorithms(); + c.ExpectServerFatalAlert(AlertDescription.decrypt_error); + + AddTestCase(testSuite, c, prefix + "BadCertificateVerifySigAlgMismatch"); + } + + { + TlsTestConfig c = CreateTlsTestConfig(version); + c.clientAuth = C.CLIENT_AUTH_INVALID_VERIFY; + c.ExpectServerFatalAlert(AlertDescription.decrypt_error); + + AddTestCase(testSuite, c, prefix + "BadCertificateVerifySignature"); + } + + { + TlsTestConfig c = CreateTlsTestConfig(version); + c.clientAuth = C.CLIENT_AUTH_INVALID_CERT; + c.ExpectServerFatalAlert(AlertDescription.bad_certificate); + + AddTestCase(testSuite, c, prefix + "BadClientCertificate"); + } + + { + TlsTestConfig c = CreateTlsTestConfig(version); + c.clientAuth = C.CLIENT_AUTH_NONE; + c.serverCertReq = C.SERVER_CERT_REQ_MANDATORY; + c.ExpectServerFatalAlert(AlertDescription.handshake_failure); + + AddTestCase(testSuite, c, prefix + "BadMandatoryCertReqDeclined"); + } + + /* + * Server selects MD5/RSA for ServerKeyExchange signature, which is not in the default + * supported signature algorithms that the client sent. We expect fatal alert from the + * client when it verifies the selected algorithm against the supported algorithms. + */ + if (TlsUtilities.IsTlsV12(version)) + { + TlsTestConfig c = CreateTlsTestConfig(version); + c.serverAuthSigAlg = new SignatureAndHashAlgorithm(HashAlgorithm.md5, SignatureAlgorithm.rsa); + c.ExpectClientFatalAlert(AlertDescription.illegal_parameter); + + AddTestCase(testSuite, c, prefix + "BadServerKeyExchangeSigAlg"); + } + + /* + * Server selects MD5/RSA for ServerKeyExchange signature, which is not the default {sha1,rsa} + * implied by the absent signature_algorithms extension. We expect fatal alert from the + * client when it verifies the selected algorithm against the implicit default. + */ + if (TlsUtilities.IsTlsV12(version)) + { + TlsTestConfig c = CreateTlsTestConfig(version); + c.clientSendSignatureAlgorithms = false; + c.serverAuthSigAlg = new SignatureAndHashAlgorithm(HashAlgorithm.md5, SignatureAlgorithm.rsa); + c.ExpectClientFatalAlert(AlertDescription.illegal_parameter); + + AddTestCase(testSuite, c, prefix + "BadServerKeyExchangeSigAlg2"); + } + + { + TlsTestConfig c = CreateTlsTestConfig(version); + c.serverCertReq = C.SERVER_CERT_REQ_NONE; + + AddTestCase(testSuite, c, prefix + "GoodNoCertReq"); + } + + { + TlsTestConfig c = CreateTlsTestConfig(version); + c.clientAuth = C.CLIENT_AUTH_NONE; + + AddTestCase(testSuite, c, prefix + "GoodOptionalCertReqDeclined"); + } + } + + private static void AddTestCase(IList testSuite, TlsTestConfig config, string name) + { + testSuite.Add(new TestCaseData(config).SetName(name)); + } + + private static TlsTestConfig CreateTlsTestConfig(ProtocolVersion version) + { + TlsTestConfig c = new TlsTestConfig(); + c.clientMinimumVersion = ProtocolVersion.SSLv3; + c.clientOfferVersion = ProtocolVersion.TLSv12; + c.serverMaximumVersion = version; + c.serverMinimumVersion = ProtocolVersion.SSLv3; + return c; + } + + public static void RunTests() + { + foreach (TestCaseData data in Suite()) + { + Console.WriteLine(data.TestName); + new TlsTestCase().RunTest((TlsTestConfig)data.Arguments[0]); + } + } + } +} diff --git a/BouncyCastle/crypto/test/src/crypto/tls/test/TlsTestUtilities.cs b/BouncyCastle/crypto/test/src/crypto/tls/test/TlsTestUtilities.cs new file mode 100644 index 0000000..e339850 --- /dev/null +++ b/BouncyCastle/crypto/test/src/crypto/tls/test/TlsTestUtilities.cs @@ -0,0 +1,166 @@ +using System; +using System.Collections; +using System.Globalization; +using System.IO; +using System.Text; + +using Org.BouncyCastle.Asn1.Pkcs; +using Org.BouncyCastle.Asn1.X509; +using Org.BouncyCastle.Crypto.Digests; +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Security; +using Org.BouncyCastle.Utilities; +using Org.BouncyCastle.Utilities.Encoders; +using Org.BouncyCastle.Utilities.IO.Pem; +using Org.BouncyCastle.Utilities.Test; + +namespace Org.BouncyCastle.Crypto.Tls.Tests +{ + public abstract class TlsTestUtilities + { + internal static readonly byte[] RsaCertData = Base64 + .Decode("MIICUzCCAf2gAwIBAgIBATANBgkqhkiG9w0BAQQFADCBjzELMAkGA1UEBhMCQVUxKDAmBgNVBAoMH1RoZSBMZWdpb2" + + "4gb2YgdGhlIEJvdW5jeSBDYXN0bGUxEjAQBgNVBAcMCU1lbGJvdXJuZTERMA8GA1UECAwIVmljdG9yaWExLzAtBgkq" + + "hkiG9w0BCQEWIGZlZWRiYWNrLWNyeXB0b0Bib3VuY3ljYXN0bGUub3JnMB4XDTEzMDIyNTA2MDIwNVoXDTEzMDIyNT" + + "A2MDM0NVowgY8xCzAJBgNVBAYTAkFVMSgwJgYDVQQKDB9UaGUgTGVnaW9uIG9mIHRoZSBCb3VuY3kgQ2FzdGxlMRIw" + + "EAYDVQQHDAlNZWxib3VybmUxETAPBgNVBAgMCFZpY3RvcmlhMS8wLQYJKoZIhvcNAQkBFiBmZWVkYmFjay1jcnlwdG" + + "9AYm91bmN5Y2FzdGxlLm9yZzBaMA0GCSqGSIb3DQEBAQUAA0kAMEYCQQC0p+RhcFdPFqlwgrIr5YtqKmKXmEGb4Shy" + + "pL26Ymz66ZAPdqv7EhOdzl3lZWT6srZUMWWgQMYGiHQg4z2R7X7XAgERo0QwQjAOBgNVHQ8BAf8EBAMCBSAwEgYDVR" + + "0lAQH/BAgwBgYEVR0lADAcBgNVHREBAf8EEjAQgQ50ZXN0QHRlc3QudGVzdDANBgkqhkiG9w0BAQQFAANBAHU55Ncz" + + "eglREcTg54YLUlGWu2WOYWhit/iM1eeq8Kivro7q98eW52jTuMI3CI5ulqd0hYzshQKQaZ5GDzErMyM="); + + internal static readonly byte[] DudRsaCertData = Base64 + .Decode("MIICUzCCAf2gAwIBAgIBATANBgkqhkiG9w0BAQQFADCBjzELMAkGA1UEBhMCQVUxKDAmBgNVBAoMH1RoZSBMZWdpb2" + + "4gb2YgdGhlIEJvdW5jeSBDYXN0bGUxEjAQBgNVBAcMCU1lbGJvdXJuZTERMA8GA1UECAwIVmljdG9yaWExLzAtBgkq" + + "hkiG9w0BCQEWIGZlZWRiYWNrLWNyeXB0b0Bib3VuY3ljYXN0bGUub3JnMB4XDTEzMDIyNTA1NDcyOFoXDTEzMDIyNT" + + "A1NDkwOFowgY8xCzAJBgNVBAYTAkFVMSgwJgYDVQQKDB9UaGUgTGVnaW9uIG9mIHRoZSBCb3VuY3kgQ2FzdGxlMRIw" + + "EAYDVQQHDAlNZWxib3VybmUxETAPBgNVBAgMCFZpY3RvcmlhMS8wLQYJKoZIhvcNAQkBFiBmZWVkYmFjay1jcnlwdG" + + "9AYm91bmN5Y2FzdGxlLm9yZzBaMA0GCSqGSIb3DQEBAQUAA0kAMEYCQQC0p+RhcFdPFqlwgrIr5YtqKmKXmEGb4Shy" + + "pL26Ymz66ZAPdqv7EhOdzl3lZWT6srZUMWWgQMYGiHQg4z2R7X7XAgERo0QwQjAOBgNVHQ8BAf8EBAMCAAEwEgYDVR" + + "0lAQH/BAgwBgYEVR0lADAcBgNVHREBAf8EEjAQgQ50ZXN0QHRlc3QudGVzdDANBgkqhkiG9w0BAQQFAANBAJg55PBS" + + "weg6obRUKF4FF6fCrWFi6oCYSQ99LWcAeupc5BofW5MstFMhCOaEucuGVqunwT5G7/DweazzCIrSzB0="); + + internal static string Fingerprint(X509CertificateStructure c) + { + byte[] der = c.GetEncoded(); + byte[] sha1 = Sha256DigestOf(der); + byte[] hexBytes = Hex.Encode(sha1); + string hex = Encoding.ASCII.GetString(hexBytes).ToUpper(CultureInfo.InvariantCulture); + + StringBuilder fp = new StringBuilder(); + int i = 0; + fp.Append(hex.Substring(i, 2)); + while ((i += 2) < hex.Length) + { + fp.Append(':'); + fp.Append(hex.Substring(i, 2)); + } + return fp.ToString(); + } + + internal static byte[] Sha256DigestOf(byte[] input) + { + return DigestUtilities.CalculateDigest("SHA256", input); + } + + internal static TlsAgreementCredentials LoadAgreementCredentials(TlsContext context, + string[] certResources, string keyResource) + { + Certificate certificate = LoadCertificateChain(certResources); + AsymmetricKeyParameter privateKey = LoadPrivateKeyResource(keyResource); + + return new DefaultTlsAgreementCredentials(certificate, privateKey); + } + + internal static TlsEncryptionCredentials LoadEncryptionCredentials(TlsContext context, + string[] certResources, string keyResource) + { + Certificate certificate = LoadCertificateChain(certResources); + AsymmetricKeyParameter privateKey = LoadPrivateKeyResource(keyResource); + + return new DefaultTlsEncryptionCredentials(context, certificate, privateKey); + } + + internal static TlsSignerCredentials LoadSignerCredentials(TlsContext context, string[] certResources, + string keyResource, SignatureAndHashAlgorithm signatureAndHashAlgorithm) + { + Certificate certificate = LoadCertificateChain(certResources); + AsymmetricKeyParameter privateKey = LoadPrivateKeyResource(keyResource); + + return new DefaultTlsSignerCredentials(context, certificate, privateKey, signatureAndHashAlgorithm); + } + + internal static TlsSignerCredentials LoadSignerCredentials(TlsContext context, IList supportedSignatureAlgorithms, + byte signatureAlgorithm, string[] certResources, string keyResource) + { + /* + * TODO Note that this code fails to provide default value for the client supported + * algorithms if it wasn't sent. + */ + + SignatureAndHashAlgorithm signatureAndHashAlgorithm = null; + if (supportedSignatureAlgorithms != null) + { + foreach (SignatureAndHashAlgorithm alg in supportedSignatureAlgorithms) + { + if (alg.Signature == signatureAlgorithm) + { + signatureAndHashAlgorithm = alg; + break; + } + } + + if (signatureAndHashAlgorithm == null) + return null; + } + + return LoadSignerCredentials(context, certResources, keyResource, signatureAndHashAlgorithm); + } + + internal static Certificate LoadCertificateChain(string[] resources) + { + X509CertificateStructure[] chain = new X509CertificateStructure[resources.Length]; + for (int i = 0; i < resources.Length; ++i) + { + chain[i] = LoadCertificateResource(resources[i]); + } + return new Certificate(chain); + } + + internal static X509CertificateStructure LoadCertificateResource(string resource) + { + PemObject pem = LoadPemResource(resource); + if (pem.Type.EndsWith("CERTIFICATE")) + { + return X509CertificateStructure.GetInstance(pem.Content); + } + throw new ArgumentException("doesn't specify a valid certificate", "resource"); + } + + internal static AsymmetricKeyParameter LoadPrivateKeyResource(string resource) + { + PemObject pem = LoadPemResource(resource); + if (pem.Type.EndsWith("RSA PRIVATE KEY")) + { + RsaPrivateKeyStructure rsa = RsaPrivateKeyStructure.GetInstance(pem.Content); + return new RsaPrivateCrtKeyParameters(rsa.Modulus, rsa.PublicExponent, + rsa.PrivateExponent, rsa.Prime1, rsa.Prime2, rsa.Exponent1, + rsa.Exponent2, rsa.Coefficient); + } + if (pem.Type.EndsWith("PRIVATE KEY")) + { + return PrivateKeyFactory.CreateKey(pem.Content); + } + throw new ArgumentException("doesn't specify a valid private key", "resource"); + } + + internal static PemObject LoadPemResource(string resource) + { + Stream s = SimpleTest.GetTestDataAsStream("tls." + resource); + PemReader p = new PemReader(new StreamReader(s)); + PemObject o = p.ReadPemObject(); + p.Reader.Close(); + return o; + } + } +} diff --git a/BouncyCastle/crypto/test/src/crypto/tls/test/UnreliableDatagramTransport.cs b/BouncyCastle/crypto/test/src/crypto/tls/test/UnreliableDatagramTransport.cs new file mode 100644 index 0000000..b771ab7 --- /dev/null +++ b/BouncyCastle/crypto/test/src/crypto/tls/test/UnreliableDatagramTransport.cs @@ -0,0 +1,84 @@ +using System; +using System.IO; + +using Org.BouncyCastle.Utilities.Date; + +namespace Org.BouncyCastle.Crypto.Tls.Tests +{ + public class UnreliableDatagramTransport + : DatagramTransport + { + private readonly DatagramTransport transport; + private readonly Random random; + private readonly int percentPacketLossReceiving, percentPacketLossSending; + + public UnreliableDatagramTransport(DatagramTransport transport, Random random, + int percentPacketLossReceiving, int percentPacketLossSending) + { + if (percentPacketLossReceiving < 0 || percentPacketLossReceiving > 100) + throw new ArgumentException("out of range", "percentPacketLossReceiving"); + if (percentPacketLossSending < 0 || percentPacketLossSending > 100) + throw new ArgumentException("out of range", "percentPacketLossSending"); + + this.transport = transport; + this.random = random; + this.percentPacketLossReceiving = percentPacketLossReceiving; + this.percentPacketLossSending = percentPacketLossSending; + } + + public virtual int GetReceiveLimit() + { + return transport.GetReceiveLimit(); + } + + public virtual int GetSendLimit() + { + return transport.GetSendLimit(); + } + + public virtual int Receive(byte[] buf, int off, int len, int waitMillis) + { + long endMillis = DateTimeUtilities.CurrentUnixMs() + waitMillis; + for (;;) + { + int length = transport.Receive(buf, off, len, waitMillis); + if (length < 0 || !LostPacket(percentPacketLossReceiving)) + { + return length; + } + + Console.WriteLine("PACKET LOSS (" + length + " byte packet not received)"); + + long now = DateTimeUtilities.CurrentUnixMs(); + if (now >= endMillis) + { + return -1; + } + + waitMillis = (int)(endMillis - now); + } + } + + public virtual void Send(byte[] buf, int off, int len) + { + if (LostPacket(percentPacketLossSending)) + { + Console.WriteLine("PACKET LOSS (" + len + " byte packet not sent)"); + } + else + { + transport.Send(buf, off, len); + } + } + + public virtual void Close() + { + transport.Close(); + } + + private bool LostPacket(int percentPacketLoss) + { + return percentPacketLoss > 0 && random.Next(100) < percentPacketLoss; + } + } +} diff --git a/BouncyCastle/crypto/test/src/math/ec/custom/sec/test/SecP128R1FieldTest.cs b/BouncyCastle/crypto/test/src/math/ec/custom/sec/test/SecP128R1FieldTest.cs new file mode 100644 index 0000000..26b4060 --- /dev/null +++ b/BouncyCastle/crypto/test/src/math/ec/custom/sec/test/SecP128R1FieldTest.cs @@ -0,0 +1,61 @@ +using System; + +using NUnit.Framework; + +using Org.BouncyCastle.Asn1.Sec; +using Org.BouncyCastle.Asn1.X9; +using Org.BouncyCastle.Crypto.EC; + +namespace Org.BouncyCastle.Math.EC.Custom.Sec.Tests +{ + [TestFixture] + public class SecP128R1FieldTest + { + private static readonly X9ECParameters DP = CustomNamedCurves + .GetByOid(SecObjectIdentifiers.SecP128r1); + + [Test] + public void Test_GitHub566() + { + uint[] x = new uint[]{ 0x4B1E2F5E, 0x09E29D21, 0xA58407ED, 0x6FC3C7CF }; + uint[] y = new uint[]{ 0x2FFE8892, 0x55CA61CA, 0x0AF780B5, 0x4BD7B797 }; + + ECFieldElement Z = FE(x).Multiply(FE(y)); + + uint[] expected = new uint[] { 0x01FFFF01, 0, 0, 0 }; + Assert.AreEqual(FE(expected), Z); + } + + private ECFieldElement FE(BigInteger x) + { + return DP.Curve.FromBigInteger(x); + } + + private ECFieldElement FE(uint[] x) + { + return FE(Nat128_ToBigInteger(x)); + } + + private static BigInteger Nat128_ToBigInteger(uint[] x) + { + byte[] bs = new byte[16]; + for (int i = 0; i < 4; ++i) + { + uint x_i = x[i]; + if (x_i != 0) + { + Pack_UInt32_To_BE(x_i, bs, (3 - i) << 2); + } + } + return new BigInteger(1, bs); + } + + private static void Pack_UInt32_To_BE(uint n, byte[] bs, int off) + { + bs[off] = (byte)(n >> 24); + bs[off + 1] = (byte)(n >> 16); + bs[off + 2] = (byte)(n >> 8); + bs[off + 3] = (byte)(n); + } + } +} diff --git a/BouncyCastle/crypto/test/src/math/ec/custom/sec/test/SecP256R1FieldTest.cs b/BouncyCastle/crypto/test/src/math/ec/custom/sec/test/SecP256R1FieldTest.cs new file mode 100644 index 0000000..c6b7b31 --- /dev/null +++ b/BouncyCastle/crypto/test/src/math/ec/custom/sec/test/SecP256R1FieldTest.cs @@ -0,0 +1,207 @@ +using System; + +using NUnit.Framework; + +using Org.BouncyCastle.Asn1.Sec; +using Org.BouncyCastle.Asn1.X9; +using Org.BouncyCastle.Crypto.EC; +using Org.BouncyCastle.Security; + +namespace Org.BouncyCastle.Math.EC.Custom.Sec.Tests +{ + [TestFixture] + public class SecP256R1FieldTest + { + private static readonly SecureRandom Random = new SecureRandom(); + + private static readonly X9ECParameters DP = CustomNamedCurves + .GetByOid(SecObjectIdentifiers.SecP256r1); + private static readonly BigInteger Q = DP.Curve.Field.Characteristic; + + [Test] + public void TestMultiply1() + { + int COUNT = 1000; + + for (int i = 0; i < COUNT; ++i) + { + ECFieldElement x = GenerateMultiplyInput_Random(); + ECFieldElement y = GenerateMultiplyInput_Random(); + + BigInteger X = x.ToBigInteger(), Y = y.ToBigInteger(); + BigInteger R = X.Multiply(Y).Mod(Q); + + ECFieldElement z = x.Multiply(y); + BigInteger Z = z.ToBigInteger(); + + Assert.AreEqual(R, Z); + } + } + + [Test] + public void TestMultiply2() + { + int COUNT = 100; + ECFieldElement[] inputs = new ECFieldElement[COUNT]; + BigInteger[] INPUTS = new BigInteger[COUNT]; + + for (int i = 0; i < inputs.Length; ++i) + { + inputs[i] = GenerateMultiplyInput_Random(); + INPUTS[i] = inputs[i].ToBigInteger(); + } + + for (int j = 0; j < inputs.Length; ++j) + { + for (int k = 0; k < inputs.Length; ++k) + { + BigInteger R = INPUTS[j].Multiply(INPUTS[k]).Mod(Q); + + ECFieldElement z = inputs[j].Multiply(inputs[k]); + BigInteger Z = z.ToBigInteger(); + + Assert.AreEqual(R, Z); + } + } + } + + [Test] + public void TestSquare() + { + int COUNT = 1000; + + for (int i = 0; i < COUNT; ++i) + { + ECFieldElement x = GenerateMultiplyInput_Random(); + + BigInteger X = x.ToBigInteger(); + BigInteger R = X.Multiply(X).Mod(Q); + + ECFieldElement z = x.Square(); + BigInteger Z = z.ToBigInteger(); + + Assert.AreEqual(R, Z); + } + } + + /** + * Test multiplication with specifically selected values that triggered a bug in the modular + * reduction in OpenSSL (last affected version 0.9.8g). + * + * See "Practical realisation and elimination of an ECC-related software bug attack", B. B. + * Brumley, M. Barbarosa, D. Page, F. Vercauteren. + */ + [Test] + public void TestMultiply_OpenSSLBug() + { + int COUNT = 100; + + for (int i = 0; i < COUNT; ++i) + { + ECFieldElement x = GenerateMultiplyInputA_OpenSSLBug(); + ECFieldElement y = GenerateMultiplyInputB_OpenSSLBug(); + + BigInteger X = x.ToBigInteger(), Y = y.ToBigInteger(); + BigInteger R = X.Multiply(Y).Mod(Q); + + ECFieldElement z = x.Multiply(y); + BigInteger Z = z.ToBigInteger(); + + Assert.AreEqual(R, Z); + } + } + + /** + * Test squaring with specifically selected values that triggered a bug in the modular reduction + * in OpenSSL (last affected version 0.9.8g). + * + * See "Practical realisation and elimination of an ECC-related software bug attack", B. B. + * Brumley, M. Barbarosa, D. Page, F. Vercauteren. + */ + [Test] + public void TestSquare_OpenSSLBug() + { + int COUNT = 100; + + for (int i = 0; i < COUNT; ++i) + { + ECFieldElement x = GenerateSquareInput_OpenSSLBug(); + + BigInteger X = x.ToBigInteger(); + BigInteger R = X.Multiply(X).Mod(Q); + + ECFieldElement z = x.Square(); + BigInteger Z = z.ToBigInteger(); + + Assert.AreEqual(R, Z); + } + } + + private ECFieldElement FE(BigInteger x) + { + return DP.Curve.FromBigInteger(x); + } + + private ECFieldElement GenerateMultiplyInput_Random() + { + return FE(new BigInteger(DP.Curve.FieldSize + 32, Random).Mod(Q)); + } + + private ECFieldElement GenerateMultiplyInputA_OpenSSLBug() + { + uint[] x = Nat256_Create(); + x[0] = (uint)Random.NextInt() >> 1; + x[4] = 3; + x[7] = 0xFFFFFFFF; + + return FE(Nat256_ToBigInteger(x)); + } + + private ECFieldElement GenerateMultiplyInputB_OpenSSLBug() + { + uint[] x = Nat256_Create(); + x[0] = (uint)Random.NextInt() >> 1; + x[3] = 1; + x[7] = 0xFFFFFFFF; + + return FE(Nat256_ToBigInteger(x)); + } + + private ECFieldElement GenerateSquareInput_OpenSSLBug() + { + uint[] x = Nat256_Create(); + x[0] = (uint)Random.NextInt() >> 1; + x[4] = 2; + x[7] = 0xFFFFFFFF; + + return FE(Nat256_ToBigInteger(x)); + } + + private static uint[] Nat256_Create() + { + return new uint[8]; + } + + private static BigInteger Nat256_ToBigInteger(uint[] x) + { + byte[] bs = new byte[32]; + for (int i = 0; i < 8; ++i) + { + uint x_i = x[i]; + if (x_i != 0) + { + Pack_UInt32_To_BE(x_i, bs, (7 - i) << 2); + } + } + return new BigInteger(1, bs); + } + + private static void Pack_UInt32_To_BE(uint n, byte[] bs, int off) + { + bs[off] = (byte)(n >> 24); + bs[off + 1] = (byte)(n >> 16); + bs[off + 2] = (byte)(n >> 8); + bs[off + 3] = (byte)(n); + } + } +} diff --git a/BouncyCastle/crypto/test/src/math/ec/custom/sec/test/SecP384R1FieldTest.cs b/BouncyCastle/crypto/test/src/math/ec/custom/sec/test/SecP384R1FieldTest.cs new file mode 100644 index 0000000..6045c1b --- /dev/null +++ b/BouncyCastle/crypto/test/src/math/ec/custom/sec/test/SecP384R1FieldTest.cs @@ -0,0 +1,172 @@ +using System; + +using NUnit.Framework; + +using Org.BouncyCastle.Asn1.Sec; +using Org.BouncyCastle.Asn1.X9; +using Org.BouncyCastle.Crypto.EC; +using Org.BouncyCastle.Security; + +namespace Org.BouncyCastle.Math.EC.Custom.Sec.Tests +{ + [TestFixture] + public class SecP384R1FieldTest + { + private static readonly SecureRandom Random = new SecureRandom(); + + private static readonly X9ECParameters DP = CustomNamedCurves + .GetByOid(SecObjectIdentifiers.SecP384r1); + private static readonly BigInteger Q = DP.Curve.Field.Characteristic; + + [Test] + public void TestMultiply1() + { + int COUNT = 1000; + + for (int i = 0; i < COUNT; ++i) + { + ECFieldElement x = GenerateMultiplyInput_Random(); + ECFieldElement y = GenerateMultiplyInput_Random(); + + BigInteger X = x.ToBigInteger(), Y = y.ToBigInteger(); + BigInteger R = X.Multiply(Y).Mod(Q); + + ECFieldElement z = x.Multiply(y); + BigInteger Z = z.ToBigInteger(); + + Assert.AreEqual(R, Z); + } + } + + [Test] + public void TestMultiply2() + { + int COUNT = 100; + ECFieldElement[] inputs = new ECFieldElement[COUNT]; + BigInteger[] INPUTS = new BigInteger[COUNT]; + + for (int i = 0; i < inputs.Length; ++i) + { + inputs[i] = GenerateMultiplyInput_Random(); + INPUTS[i] = inputs[i].ToBigInteger(); + } + + for (int j = 0; j < inputs.Length; ++j) + { + for (int k = 0; k < inputs.Length; ++k) + { + BigInteger R = INPUTS[j].Multiply(INPUTS[k]).Mod(Q); + + ECFieldElement z = inputs[j].Multiply(inputs[k]); + BigInteger Z = z.ToBigInteger(); + + Assert.AreEqual(R, Z); + } + } + } + + [Test] + public void TestSquare() + { + int COUNT = 1000; + + for (int i = 0; i < COUNT; ++i) + { + ECFieldElement x = GenerateMultiplyInput_Random(); + + BigInteger X = x.ToBigInteger(); + BigInteger R = X.Multiply(X).Mod(Q); + + ECFieldElement z = x.Square(); + BigInteger Z = z.ToBigInteger(); + + Assert.AreEqual(R, Z); + } + } + + [Test] + public void TestSquare_CarryBug() + { + int COUNT = 100; + + for (int i = 0; i < COUNT; ++i) + { + ECFieldElement x = GenerateSquareInput_CarryBug(); + + BigInteger X = x.ToBigInteger(); + BigInteger R = X.Multiply(X).Mod(Q); + + ECFieldElement z = x.Square(); + BigInteger Z = z.ToBigInteger(); + + Assert.AreEqual(R, Z); + } + } + + /* + * Based on another example input demonstrating the carry propagation bug in Nat192.square, as + * reported by Joseph Friel on dev-crypto. + */ + [Test] + public void TestSquare_CarryBug_Reported() + { + ECFieldElement x = FE(new BigInteger("2fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffd", 16)); + + BigInteger X = x.ToBigInteger(); + BigInteger R = X.Multiply(X).Mod(Q); + + ECFieldElement z = x.Square(); + BigInteger Z = z.ToBigInteger(); + + Assert.AreEqual(R, Z); + } + + private ECFieldElement FE(BigInteger x) + { + return DP.Curve.FromBigInteger(x); + } + + private ECFieldElement GenerateMultiplyInput_Random() + { + return FE(new BigInteger(DP.Curve.FieldSize + 32, Random).Mod(Q)); + } + + private ECFieldElement GenerateSquareInput_CarryBug() + { + uint[] x = Nat_Create(12); + x[0] = (uint)Random.NextInt() >> 1; + x[6] = 2; + x[10] = 0xFFFF0000; + x[11] = 0xFFFFFFFF; + + return FE(Nat_ToBigInteger(12, x)); + } + + private static uint[] Nat_Create(int len) + { + return new uint[len]; + } + + private static BigInteger Nat_ToBigInteger(int len, uint[] x) + { + byte[] bs = new byte[len << 2]; + for (int i = 0; i < len; ++i) + { + uint x_i = x[i]; + if (x_i != 0) + { + Pack_UInt32_To_BE(x_i, bs, (len - 1 - i) << 2); + } + } + return new BigInteger(1, bs); + } + + private static void Pack_UInt32_To_BE(uint n, byte[] bs, int off) + { + bs[off] = (byte)(n >> 24); + bs[off + 1] = (byte)(n >> 16); + bs[off + 2] = (byte)(n >> 8); + bs[off + 3] = (byte)(n); + } + } +} diff --git a/BouncyCastle/crypto/test/src/math/ec/rfc7748/test/X25519Test.cs b/BouncyCastle/crypto/test/src/math/ec/rfc7748/test/X25519Test.cs new file mode 100644 index 0000000..562e0e4 --- /dev/null +++ b/BouncyCastle/crypto/test/src/math/ec/rfc7748/test/X25519Test.cs @@ -0,0 +1,193 @@ +using System; + +using NUnit.Framework; + +using Org.BouncyCastle.Security; +using Org.BouncyCastle.Utilities; +using Org.BouncyCastle.Utilities.Encoders; + +namespace Org.BouncyCastle.Math.EC.Rfc7748.Tests +{ + [TestFixture] + public class X25519Test + { + private static readonly SecureRandom Random = new SecureRandom(); + + [SetUp] + public void SetUp() + { + X25519.Precompute(); + } + + [Test] + public void TestConsistency() + { + byte[] u = new byte[X25519.PointSize]; u[0] = 9; + byte[] k = new byte[X25519.ScalarSize]; + byte[] rF = new byte[X25519.PointSize]; + byte[] rV = new byte[X25519.PointSize]; + + for (int i = 1; i <= 100; ++i) + { + Random.NextBytes(k); + X25519.ScalarMultBase(k, 0, rF, 0); + X25519.ScalarMult(k, 0, u, 0, rV, 0); + Assert.IsTrue(Arrays.AreEqual(rF, rV), "Consistency #" + i); + } + } + + [Test] + public void TestECDH() + { + byte[] kA = new byte[X25519.ScalarSize]; + byte[] kB = new byte[X25519.ScalarSize]; + byte[] qA = new byte[X25519.PointSize]; + byte[] qB = new byte[X25519.PointSize]; + byte[] sA = new byte[X25519.PointSize]; + byte[] sB = new byte[X25519.PointSize]; + + for (int i = 1; i <= 100; ++i) + { + // Each party generates an ephemeral private key, ... + Random.NextBytes(kA); + Random.NextBytes(kB); + + // ... publishes their public key, ... + X25519.ScalarMultBase(kA, 0, qA, 0); + X25519.ScalarMultBase(kB, 0, qB, 0); + + // ... computes the shared secret, ... + X25519.ScalarMult(kA, 0, qB, 0, sA, 0); + X25519.ScalarMult(kB, 0, qA, 0, sB, 0); + + // ... which is the same for both parties. + //Assert.IsTrue(Arrays.AreEqual(sA, sB), "ECDH #" + i); + if (!Arrays.AreEqual(sA, sB)) + { + Console.WriteLine(" " + i); + } + } + } + + [Test] + public void TestECDHVector1() + { + CheckECDHVector( + "77076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c2a", + "8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a", + "5dab087e624a8a4b79e17f8b83800ee66f3bb1292618b6fd1c2f8b27ff88e0eb", + "de9edb7d7b7dc1b4d35b61c2ece435373f8343c85b78674dadfc7e146f882b4f", + "4a5d9d5ba4ce2de1728e3bf480350f25e07e21c947d19e3376f09b3c1e161742", + "ECDH Vector #1"); + } + + [Test] + public void TestX25519Iterated() + { + CheckIterated(1000); + } + + //[Test, Explicit] + //public void TestX25519IteratedFull() + //{ + // CheckIterated(1000000); + //} + + [Test] + public void TestX25519Vector1() + { + CheckX25519Vector( + "a546e36bf0527c9d3b16154b82465edd62144c0ac1fc5a18506a2244ba449ac4", + "e6db6867583030db3594c1a424b15f7c726624ec26b3353b10a903a6d0ab1c4c", + "c3da55379de9c6908e94ea4df28d084f32eccf03491c71f754b4075577a28552", + "Vector #1"); + } + + [Test] + public void TestX25519Vector2() + { + CheckX25519Vector( + "4b66e9d4d1b4673c5ad22691957d6af5c11b6421e0ea01d42ca4169e7918ba0d", + "e5210f12786811d3f4b7959d0538ae2c31dbe7106fc03c3efc4cd549c715a493", + "95cbde9476e8907d7aade45cb4b873f88b595a68799fa152e6f8f7647aac7957", + "Vector #2"); + } + + private static void CheckECDHVector(string sA, string sAPub, string sB, string sBPub, string sK, string text) + { + byte[] a = Hex.Decode(sA); + Assert.AreEqual(X25519.ScalarSize, a.Length); + + byte[] b = Hex.Decode(sB); + Assert.AreEqual(X25519.ScalarSize, b.Length); + + byte[] aPub = new byte[X25519.PointSize]; + X25519.ScalarMultBase(a, 0, aPub, 0); + CheckValue(aPub, text, sAPub); + + byte[] bPub = new byte[X25519.PointSize]; + X25519.ScalarMultBase(b, 0, bPub, 0); + CheckValue(bPub, text, sBPub); + + byte[] aK = new byte[X25519.PointSize]; + X25519.ScalarMult(a, 0, bPub, 0, aK, 0); + CheckValue(aK, text, sK); + + byte[] bK = new byte[X25519.PointSize]; + X25519.ScalarMult(b, 0, aPub, 0, bK, 0); + CheckValue(bK, text, sK); + } + + private static void CheckIterated(int count) + { + Assert.AreEqual(X25519.PointSize, X25519.ScalarSize); + + byte[] k = new byte[X25519.PointSize]; k[0] = 9; + byte[] u = new byte[X25519.PointSize]; u[0] = 9; + byte[] r = new byte[X25519.PointSize]; + + int iterations = 0; + while (iterations < count) + { + X25519.ScalarMult(k, 0, u, 0, r, 0); + + Array.Copy(k, 0, u, 0, X25519.PointSize); + Array.Copy(r, 0, k, 0, X25519.PointSize); + + switch (++iterations) + { + case 1: + CheckValue(k, "Iterated @1", "422c8e7a6227d7bca1350b3e2bb7279f7897b87bb6854b783c60e80311ae3079"); + break; + case 1000: + CheckValue(k, "Iterated @1000", "684cf59ba83309552800ef566f2f4d3c1c3887c49360e3875f2eb94d99532c51"); + break; + case 1000000: + CheckValue(k, "Iterated @1000000", "7c3911e0ab2586fd864497297e575e6f3bc601c0883c30df5f4dd2d24f665424"); + break; + default: + break; + } + } + } + + private static void CheckValue(byte[] n, string text, string se) + { + byte[] e = Hex.Decode(se); + Assert.IsTrue(Arrays.AreEqual(e, n), text); + } + + private static void CheckX25519Vector(string sk, string su, string se, string text) + { + byte[] k = Hex.Decode(sk); + Assert.AreEqual(X25519.ScalarSize, k.Length); + + byte[] u = Hex.Decode(su); + Assert.AreEqual(X25519.PointSize, u.Length); + + byte[] r = new byte[X25519.PointSize]; + X25519.ScalarMult(k, 0, u, 0, r, 0); + CheckValue(r, text, se); + } + } +} diff --git a/BouncyCastle/crypto/test/src/math/ec/rfc7748/test/X448Test.cs b/BouncyCastle/crypto/test/src/math/ec/rfc7748/test/X448Test.cs new file mode 100644 index 0000000..5c1ceb7 --- /dev/null +++ b/BouncyCastle/crypto/test/src/math/ec/rfc7748/test/X448Test.cs @@ -0,0 +1,382 @@ +using System; + +using NUnit.Framework; + +using Org.BouncyCastle.Security; +using Org.BouncyCastle.Utilities; +using Org.BouncyCastle.Utilities.Encoders; + +namespace Org.BouncyCastle.Math.EC.Rfc7748.Tests +{ + [TestFixture] + public class X448Test + { + private static readonly SecureRandom Random = new SecureRandom(); + + [SetUp] + public void SetUp() + { + X448.Precompute(); + } + + [Test] + public void TestConsistency() + { + byte[] u = new byte[X448.PointSize]; u[0] = 5; + byte[] k = new byte[X448.ScalarSize]; + byte[] rF = new byte[X448.PointSize]; + byte[] rV = new byte[X448.PointSize]; + + for (int i = 1; i <= 100; ++i) + { + Random.NextBytes(k); + X448.ScalarMultBase(k, 0, rF, 0); + X448.ScalarMult(k, 0, u, 0, rV, 0); + Assert.IsTrue(Arrays.AreEqual(rF, rV), "Consistency #" + i); + } + } + + [Test] + public void TestECDH() + { + byte[] kA = new byte[X448.ScalarSize]; + byte[] kB = new byte[X448.ScalarSize]; + byte[] qA = new byte[X448.PointSize]; + byte[] qB = new byte[X448.PointSize]; + byte[] sA = new byte[X448.PointSize]; + byte[] sB = new byte[X448.PointSize]; + + for (int i = 1; i <= 100; ++i) + { + // Each party generates an ephemeral private key, ... + Random.NextBytes(kA); + Random.NextBytes(kB); + + // ... publishes their public key, ... + X448.ScalarMultBase(kA, 0, qA, 0); + X448.ScalarMultBase(kB, 0, qB, 0); + + // ... computes the shared secret, ... + X448.ScalarMult(kA, 0, qB, 0, sA, 0); + X448.ScalarMult(kB, 0, qA, 0, sB, 0); + + // ... which is the same for both parties. + Assert.IsTrue(Arrays.AreEqual(sA, sB), "ECDH #" + i); + } + } + + [Test] + public void TestECDHVector1() + { + CheckECDHVector( + "9a8f4925d1519f5775cf46b04b5800d4ee9ee8bae8bc5565d498c28dd9c9baf574a9419744897391006382a6f127ab1d9ac2d8c0a598726b", + "9b08f7cc31b7e3e67d22d5aea121074a273bd2b83de09c63faa73d2c22c5d9bbc836647241d953d40c5b12da88120d53177f80e532c41fa0", + "1c306a7ac2a0e2e0990b294470cba339e6453772b075811d8fad0d1d6927c120bb5ee8972b0d3e21374c9c921b09d1b0366f10b65173992d", + "3eb7a829b0cd20f5bcfc0b599b6feccf6da4627107bdb0d4f345b43027d8b972fc3e34fb4232a13ca706dcb57aec3dae07bdc1c67bf33609", + "07fff4181ac6cc95ec1c16a94a0f74d12da232ce40a77552281d282bb60c0b56fd2464c335543936521c24403085d59a449a5037514a879d", + "ECDH Vector #1"); + } + + [Test] + public void TestRegression() + { + CheckX448Vector( + "c05bd19c61d1c2c0e79414345cfb9c138eed88054fac8f74b2c4b5e1e817aaad629d159903bef40c10c85a8b90b8433c7f35248d72bea2d1", + "fefffffffffffffffffffffffffffffffffffffffffffffffffffffffeffffffffffffffffffffffffffffffffffffffffffffffffffff7f", + "856b8707b16e1b21dfc547fdb04c61a4aed9f9001f3f26404901e9ba30933cdd7ca9e2a0e57700588eb8576312ead8ee5791a8ecff32efaa", + "Regression #1"); + + CheckX448Vector( + "24ba9df56ef036b4bcde7b0138b7983ae0fe3d2fd4b9d13ef0b8b0998c8394364d7dcb25a3885e571374f91615275440db0645ee7c0a6feb", + "0000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000", + "f1ef9174222c422cb3a6194da91dbdab62b0688179e77f47019cc9eb7c38da86f6f51fc250e8a46dd4b3341cc5f71f1d8daf0b28e873d818", + "Regression #2"); + + CheckX448Vector( + "40670a1efa7072a65c279f9618263a9e266fe12d82ff53c29b99d5e265e1fc7c32345227d6699a6d6b5517cf33b43ab156ee20df4878798e", + "0000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000", + "f27f02b452f9a5e95f08092e7e4058ae560732a4ffd5e4c4cc497af9d8e0d77f3d94d07dea932f0a79fa63c852a1cf03b60ab5a5201748ef", + "Regression #3"); + + CheckX448Vector( + "8c37fb35eac1dbda6a3b5bf492c1f642c761be3adf0ab7617a66002576c45bba8202970bae6c5e05f645f5439ca2f42b89dacace1a5d0e82", + "0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000040", + "60c468df97e2e4427f27420cc6bc9eebaa2bceb827eb55a187fc5c29555e72a663243f6af4095641d72caeacb369720ea18cadd6efdbece6", + "Regression #4"); + + CheckX448Vector( + "e8761598ba212a4e9724eaab2f3c225b0cc019595fa702ae0361bf3d348d9d6f7a04352424a5fd3026650f2a04574499daebc71f4c6d0fd9", + "fffffffffffffffffffffffffffffffffffffffffffffffffffffffffeffffffffffffffffffffffffffffffffffffffffffffffffffffbf", + "2521c283651396fb03bf074e3ce6d08d7b393de5fa85e9ac633cef328ac54576f6005f34c795425c56db62e8ceddf807d68e37646afb1184", + "Regression #5"); + + CheckX448Vector( + "5410735bd95cd0640fc1e2e11a028803f1cb4344f4efee75ae0b9eb9db5627d6e2a4b6dbad4af3fee986cce934bed60a0e8698204638b5a9", + "fffffffffffffffefffffffffffffffffffffffffffffffffffffffffeffffffffffffffffffffffffffffffffffffffffffffffffffffff", + "8951b4fc362ccd60cb560fde65fa126158a9727a3d577c507566fa5b4a79c2ac6bfd6c69defeb9eb29830cc4aaf6427f2ae66b2cd320159d", + "Regression #6"); + + CheckX448Vector( + "08353724fbc03927b17359a88c121276ad697991ee89868e48890e95d1b03e603bcb51fdf6f296f1f1d10f5df10e00b8a25c9809f9aa1a94", + "0000000000000000000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000", + "30b1d98154768a2a2af568e2fa3577a042a5c7e5f9ac91b100655ea332b42db568034b15fdf75c693d8c2d0c2de54fb9d6d17efa316aa543", + "Regression #7"); + + CheckX448Vector( + "98c6f36e1cb74528763f3aa11196ef9449c67be360e25e40ab06f1e39b742615a7dde3b29415ed827c68f07d4a47a4d9595c40c7fccb92a3", + "ffffffffffffffffffffffffffffffff00000000000000000000000000000000000000000000000000000000000000000000000000000000", + "c3c7aec97786a43b79f8a053cf185363112f04411a8ef3d3283f61eeac59a1f2918e10f54937932f5ac1e3b72fdbea57f34274598b17d768", + "Regression #8"); + + CheckX448Vector( + "4804afd055ec05f335b7e3eebbde2a6de010ce7495e6c0d02173fa8c48bb495375b7d149c67b92d2885acb8d8bbb51a317453788671efa9f", + "fffffffffffffffffffffffffffffffffefffffffffffffffffffffffeffffffffffffffffffffffffffffffffffffffffffffffffffffff", + "d6a2724dc9ca1579d94a8cc8815a3ed392b9e10b39f57c747f7b2d84f54969062c8b86929a1a12f466d3ef9598f1904773a4ee938f0f5df3", + "Regression #9"); + + CheckX448Vector( + "bc7bce37434c0a1d05eff428034f75ed7454ede6b2a6e34ed4fcedc050349c866c40a27c27898afec41b3b477f0df5c5356e57d7562cdda5", + "fffffefffffffffffffffffffffffffffffffffffffffffffffffffffeffffffffffffffffffffffffffffffffffffffffffffffffffffff", + "963ff8e5ea534178e1922cc06c638367c2c4690aba7e4aaab8342210b9035727062762631f79e709d2baf0646f0d9a37df02d531791bc940", + "Regression #10"); + + CheckX448Vector( + "c05bd19c61d1c2c0e79414345cfb9c138eed88054fac8f74b2c4b5e1e817aaad629d159903bef40c10c85a8b90b8433c7f35248d72bea2d1", + "fefffffffffffffffffffffffffffffffffffffffffffffffffffffffeffffffffffffffffffffffffffffffffffffffffffffffffffff7f", + "856b8707b16e1b21dfc547fdb04c61a4aed9f9001f3f26404901e9ba30933cdd7ca9e2a0e57700588eb8576312ead8ee5791a8ecff32efaa", + "Regression #11"); + + CheckX448Vector( + "742b8c0b0ab0104a9ef9634c0aad023f35e41fb953717121ce4c2aebc1a128e7c0431cd1347a6241685f7174a8512d417ebaaa46ee780a8a", + "ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", + "d92b02d7bb9952f4ca826b2b51f1a3d4de1fd4459f0d019853f3a960d54f3354d8e40fb28d1be65637bb7dba0571ff83797b7106c7497459", + "Regression #12"); + + CheckX448Vector( + "244534ab5f22108381d4a35f308d51b19e20ce997d7e9dff253e1d5faf1a8ad6ab73ff586d1eee6dac0fe7b5593c3123c6f1424800fa9b88", + "0100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000", + "0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000", + "Regression #13"); + + CheckX448Vector( + "244534ab5f22108381d4a35f308d51b19e20ce997d7e9dff253e1d5faf1a8ad6ab73ff586d1eee6dac0fe7b5593c3123c6f1424800fa9b88", + "0200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000", + "9fe4a6f810098a4faf078cdc888988bae53234d9dac49e0c39186789d8ce4b35530bfbe4e8a5520b84028f3c6d2234f6bf2e07375e927e48", + "Regression #14"); + + CheckX448Vector( + "244534ab5f22108381d4a35f308d51b19e20ce997d7e9dff253e1d5faf1a8ad6ab73ff586d1eee6dac0fe7b5593c3123c6f1424800fa9b88", + "0000000000000000000000000080000000000000000000000000000000000000000000000000000000000000000000000000000000000000", + "c51d92750f8491e669eabb9c30fc8d4d16bfd6a214fd8f1a884e6130f9d5121aef3ac1cb7eac7c128473d38fbdedc584c477575de332ad93", + "Regression #15"); + + CheckX448Vector( + "244534ab5f22108381d4a35f308d51b19e20ce997d7e9dff253e1d5faf1a8ad6ab73ff586d1eee6dac0fe7b5593c3123c6f1424800fa9b88", + "ffffffffffffffffffffffffffff000000000000000000000000000000000000000000000000000000000000000000000000000000000000", + "a1840a0bd418dab5529353787f71042303ed65df615340845ba39e48c82b70022c3e10c3afbaec9f3c1559d5164a4c123672f308f55f5cb3", + "Regression #16"); + + CheckX448Vector( + "244534ab5f22108381d4a35f308d51b19e20ce997d7e9dff253e1d5faf1a8ad6ab73ff586d1eee6dac0fe7b5593c3123c6f1424800fa9b88", + "0000000000000000000000000000000000000000000000000000004000000000000000000000000000000000000000000000000000000000", + "c9c399826f4fdf4898f8abbccb7401541ca6084cf53e6f809d87d1fb614e867d6ff956058275944351917fe41675bce2f642f8aadf01a7bb", + "Regression #17"); + + CheckX448Vector( + "244534ab5f22108381d4a35f308d51b19e20ce997d7e9dff253e1d5faf1a8ad6ab73ff586d1eee6dac0fe7b5593c3123c6f1424800fa9b88", + "0000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000", + "b4209095fd21eb70a3e60b380191c43a85ca96a03f079d4493b215567af08514560fff03f9f6280bc0b357919c533686d0c02019f4866b2e", + "Regression #18"); + + CheckX448Vector( + "244534ab5f22108381d4a35f308d51b19e20ce997d7e9dff253e1d5faf1a8ad6ab73ff586d1eee6dac0fe7b5593c3123c6f1424800fa9b88", + "ffffffffffffffffffffffffffffffffffffffffffffffffffffffff00000000000000000000000000000000000000000000000000000000", + "8c46b8a63d37ea4ff2603b6ee0b72fd37f5d4be4c9076b0841d07540dc1f28c2d15ce01c5bccb8ba284b4f077b9d0f554d49bb1f5f9ebf7e", + "Regression #19"); + + CheckX448Vector( + "244534ab5f22108381d4a35f308d51b19e20ce997d7e9dff253e1d5faf1a8ad6ab73ff586d1eee6dac0fe7b5593c3123c6f1424800fa9b88", + "0000000000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000", + "8c46b8a63d37ea4ff2603b6ee0b72fd37f5d4be4c9076b0841d07540dc1f28c2d15ce01c5bccb8ba284b4f077b9d0f554d49bb1f5f9ebf7e", + "Regression #20"); + + CheckX448Vector( + "244534ab5f22108381d4a35f308d51b19e20ce997d7e9dff253e1d5faf1a8ad6ab73ff586d1eee6dac0fe7b5593c3123c6f1424800fa9b88", + "0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000040", + "bbcb71fe09d61a0d78a310d6a8f97f15457e9c3e020a4b70f9fcdee93a897505494fbb1437a0eacaf79f526fce66c8a24ee4a0e75891af4c", + "Regression #21"); + + CheckX448Vector( + "244534ab5f22108381d4a35f308d51b19e20ce997d7e9dff253e1d5faf1a8ad6ab73ff586d1eee6dac0fe7b5593c3123c6f1424800fa9b88", + "feffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff7f", + "b21e0e2701e415d4ec3a46fecf167ffec7bb335cf96e902f1f8a63e90ef956381014149e86f3a6838a40a33ea6947b9955899cb622812ca1", + "Regression #22"); + + CheckX448Vector( + "244534ab5f22108381d4a35f308d51b19e20ce997d7e9dff253e1d5faf1a8ad6ab73ff586d1eee6dac0fe7b5593c3123c6f1424800fa9b88", + "0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080", + "ad4be2907f519cc9e87006bb1b1fbe71475db52680fe7f27707b455e70c74a0e2600c6ff6de69365be551fcde234f9a25b4c269255174c5a", + "Regression #23"); + + CheckX448Vector( + "244534ab5f22108381d4a35f308d51b19e20ce997d7e9dff253e1d5faf1a8ad6ab73ff586d1eee6dac0fe7b5593c3123c6f1424800fa9b88", + "00000000000000000000000000000000000000000000000000000000feffffffffffffffffffffffffffffffffffffffffffffffffffffff", + "663c7b4c123648242185c9f88352304f4476bf46580297c41714917eda81efa5e0ce2cf48529b587a7e7cd1afcff9d2afa887d0feab6109b", + "Regression #24"); + + CheckX448Vector( + "244534ab5f22108381d4a35f308d51b19e20ce997d7e9dff253e1d5faf1a8ad6ab73ff586d1eee6dac0fe7b5593c3123c6f1424800fa9b88", + "ffffffffffffffffffffffffffffffffffffffffffffffffffffff7ffeffffffffffffffffffffffffffffffffffffffffffffffffffffff", + "0b3587f884ca5ac777ac98bbb203dbddf3fda14f351488d0dcf60a9c13c2fec4b8595922a9ec09cfd5d9d20ac639f9f74369b34646288965", + "Regression #25"); + + CheckX448Vector( + "244534ab5f22108381d4a35f308d51b19e20ce997d7e9dff253e1d5faf1a8ad6ab73ff586d1eee6dac0fe7b5593c3123c6f1424800fa9b88", + "fefffffffffffffffffffffffffffefffffffffffffffffffffffffffeffffffffffffffffffffffffffffffffffffffffffffffffffffff", + "3921df4603cce60a982403d04a034160e3bde6b6a496f5be2c927b37dcab5137de990cc00a589b63ee12c9ee7e944bc1500d1b3ded48622c", + "Regression #26"); + + CheckX448Vector( + "244534ab5f22108381d4a35f308d51b19e20ce997d7e9dff253e1d5faf1a8ad6ab73ff586d1eee6dac0fe7b5593c3123c6f1424800fa9b88", + "0000000000000000000000000000fffffffffffffffffffffffffffffeffffffffffffffffffffffffffffffffffffffffffffffffffffff", + "51ede7991c611ef33c0676584d1e8897cedf32cccf14e262515c043a7642048e01f2cc3ae392c40063459c34414d4cc809fd37253d7ee801", + "Regression #27"); + + CheckX448Vector( + "244534ab5f22108381d4a35f308d51b19e20ce997d7e9dff253e1d5faf1a8ad6ab73ff586d1eee6dac0fe7b5593c3123c6f1424800fa9b88", + "ffffffffffffffffffffffffff7ffffffffffffffffffffffffffffffeffffffffffffffffffffffffffffffffffffffffffffffffffffff", + "07538cec452af2888f2bc565f31a5a6e73489857752304e21a1907ff62f63874ef091a0c11d8514a3ed7a15af77efee84f6eec8fa0792423", + "Regression #28"); + + CheckX448Vector( + "244534ab5f22108381d4a35f308d51b19e20ce997d7e9dff253e1d5faf1a8ad6ab73ff586d1eee6dac0fe7b5593c3123c6f1424800fa9b88", + "fdfffffffffffffffffffffffffffffffffffffffffffffffffffffffeffffffffffffffffffffffffffffffffffffffffffffffffffffff", + "5116bf8a4860bbfa28c2c8c96a1105cc9c139130417ed2226f2fe29a3d0b39096b0456faf34dab950bf430bb58c8c8b9320f39c7766c9fc1", + "Regression #29"); + + CheckX448Vector( + "244534ab5f22108381d4a35f308d51b19e20ce997d7e9dff253e1d5faf1a8ad6ab73ff586d1eee6dac0fe7b5593c3123c6f1424800fa9b88", + "fefffffffffffffffffffffffffffffffffffffffffffffffffffffffeffffffffffffffffffffffffffffffffffffffffffffffffffffff", + "0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000", + "Regression #30"); + + CheckX448Vector( + "244534ab5f22108381d4a35f308d51b19e20ce997d7e9dff253e1d5faf1a8ad6ab73ff586d1eee6dac0fe7b5593c3123c6f1424800fa9b88", + "fffffffffffffffffffffffffffffffffffffffffffffffffffffffffeffffffffffffffffffffffffffffffffffffffffffffffffffff7f", + "006bc6af5644e8f5824ab7a1b1411d1b2f91d8038b545efcfcb9917c40a3ef48d698f342c1db57118936a18a2608c0427772c70bd0aae479", + "Regression #31"); + } + + [Test] + public void TestX448Iterated() + { + CheckIterated(1000); + } + + //[Test, Explicit] + //public void TestX448IteratedFull() + //{ + // CheckIterated(1000000); + //} + + [Test] + public void TestX448Vector1() + { + CheckX448Vector( + "3d262fddf9ec8e88495266fea19a34d28882acef045104d0d1aae121700a779c984c24f8cdd78fbff44943eba368f54b29259a4f1c600ad3", + "06fce640fa3487bfda5f6cf2d5263f8aad88334cbd07437f020f08f9814dc031ddbdc38c19c6da2583fa5429db94ada18aa7a7fb4ef8a086", + "ce3e4ff95a60dc6697da1db1d85e6afbdf79b50a2412d7546d5f239fe14fbaadeb445fc66a01b0779d98223961111e21766282f73dd96b6f", + "Vector #1"); + } + + [Test] + public void TestX448Vector2() + { + CheckX448Vector( + "203d494428b8399352665ddca42f9de8fef600908e0d461cb021f8c538345dd77c3e4806e25f46d3315c44e0a5b4371282dd2c8d5be3095f", + "0fbcc2f993cd56d3305b0b7d9e55d4c1a8fb5dbb52f8e9a1e9b6201b165d015894e56c4d3570bee52fe205e28a78b91cdfbde71ce8d157db", + "884a02576239ff7a2f2f63b2db6a9ff37047ac13568e1e30fe63c4a7ad1b3ee3a5700df34321d62077e63633c575c1c954514e99da7c179d", + "Vector #2"); + } + + private static void CheckECDHVector(string sA, string sAPub, string sB, string sBPub, string sK, string text) + { + byte[] a = Hex.Decode(sA); + Assert.AreEqual(X448.ScalarSize, a.Length); + + byte[] b = Hex.Decode(sB); + Assert.AreEqual(X448.ScalarSize, b.Length); + + byte[] aPub = new byte[X448.PointSize]; + X448.ScalarMultBase(a, 0, aPub, 0); + CheckValue(aPub, text, sAPub); + + byte[] bPub = new byte[X448.PointSize]; + X448.ScalarMultBase(b, 0, bPub, 0); + CheckValue(bPub, text, sBPub); + + byte[] aK = new byte[X448.PointSize]; + X448.ScalarMult(a, 0, bPub, 0, aK, 0); + CheckValue(aK, text, sK); + + byte[] bK = new byte[X448.PointSize]; + X448.ScalarMult(b, 0, aPub, 0, bK, 0); + CheckValue(bK, text, sK); + } + + private static void CheckIterated(int count) + { + Assert.AreEqual(X448.PointSize, X448.ScalarSize); + + byte[] k = new byte[X448.PointSize]; k[0] = 5; + byte[] u = new byte[X448.PointSize]; u[0] = 5; + byte[] r = new byte[X448.PointSize]; + + int iterations = 0; + while (iterations < count) + { + X448.ScalarMult(k, 0, u, 0, r, 0); + + Array.Copy(k, 0, u, 0, X448.PointSize); + Array.Copy(r, 0, k, 0, X448.PointSize); + + switch (++iterations) + { + case 1: + CheckValue(k, "Iterated @1", + "3f482c8a9f19b01e6c46ee9711d9dc14fd4bf67af30765c2ae2b846a4d23a8cd0db897086239492caf350b51f833868b9bc2b3bca9cf4113"); + break; + case 1000: + CheckValue(k, "Iterated @1000", + "aa3b4749d55b9daf1e5b00288826c467274ce3ebbdd5c17b975e09d4af6c67cf10d087202db88286e2b79fceea3ec353ef54faa26e219f38"); + break; + case 1000000: + CheckValue(k, "Iterated @1000000", + "077f453681caca3693198420bbe515cae0002472519b3e67661a7e89cab94695c8f4bcd66e61b9b9c946da8d524de3d69bd9d9d66b997e37"); + break; + default: + break; + } + } + } + + private static void CheckValue(byte[] n, string text, string se) + { + byte[] e = Hex.Decode(se); + Assert.IsTrue(Arrays.AreEqual(e, n), text); + } + + private static void CheckX448Vector(string sk, string su, string se, string text) + { + byte[] k = Hex.Decode(sk); + Assert.AreEqual(X448.ScalarSize, k.Length); + + byte[] u = Hex.Decode(su); + Assert.AreEqual(X448.PointSize, u.Length); + + byte[] r = new byte[X448.PointSize]; + X448.ScalarMult(k, 0, u, 0, r, 0); + CheckValue(r, text, se); + } + } +} diff --git a/BouncyCastle/crypto/test/src/math/ec/rfc8032/test/Ed25519Test.cs b/BouncyCastle/crypto/test/src/math/ec/rfc8032/test/Ed25519Test.cs new file mode 100644 index 0000000..29ff671 --- /dev/null +++ b/BouncyCastle/crypto/test/src/math/ec/rfc8032/test/Ed25519Test.cs @@ -0,0 +1,586 @@ +using System; + +using NUnit.Framework; + +using Org.BouncyCastle.Crypto; +using Org.BouncyCastle.Security; +using Org.BouncyCastle.Utilities; +using Org.BouncyCastle.Utilities.Encoders; + +namespace Org.BouncyCastle.Math.EC.Rfc8032.Tests +{ + [TestFixture] + public class Ed25519Test + { + private static readonly SecureRandom Random = new SecureRandom(); + + private static readonly byte[] Neutral = Hex.DecodeStrict("0100000000000000000000000000000000000000000000000000000000000000"); + + [SetUp] + public void SetUp() + { + Ed25519.Precompute(); + } + + [Test] + public void TestEd25519Consistency() + { + byte[] sk = new byte[Ed25519.SecretKeySize]; + byte[] pk = new byte[Ed25519.PublicKeySize]; + byte[] m = new byte[255]; + byte[] sig1 = new byte[Ed25519.SignatureSize]; + byte[] sig2 = new byte[Ed25519.SignatureSize]; + + Random.NextBytes(m); + + for (int i = 0; i < 10; ++i) + { + Random.NextBytes(sk); + Ed25519.GeneratePublicKey(sk, 0, pk, 0); + + int mLen = Random.NextInt() & 255; + + Ed25519.Sign(sk, 0, m, 0, mLen, sig1, 0); + Ed25519.Sign(sk, 0, pk, 0, m, 0, mLen, sig2, 0); + + Assert.IsTrue(Arrays.AreEqual(sig1, sig2), "Ed25519 consistent signatures #" + i); + + bool shouldVerify = Ed25519.Verify(sig1, 0, pk, 0, m, 0, mLen); + + Assert.IsTrue(shouldVerify, "Ed25519 consistent sign/verify #" + i); + + sig1[Ed25519.PublicKeySize - 1] ^= 0x80; + bool shouldNotVerify = Ed25519.Verify(sig1, 0, pk, 0, m, 0, mLen); + + Assert.IsFalse(shouldNotVerify, "Ed25519 consistent verification failure #" + i); + } + } + + [Test] + public void TestEd25519ctxConsistency() + { + byte[] sk = new byte[Ed25519.SecretKeySize]; + byte[] pk = new byte[Ed25519.PublicKeySize]; + byte[] ctx = new byte[Random.NextInt() & 7]; + byte[] m = new byte[255]; + byte[] sig1 = new byte[Ed25519.SignatureSize]; + byte[] sig2 = new byte[Ed25519.SignatureSize]; + + Random.NextBytes(ctx); + Random.NextBytes(m); + + for (int i = 0; i < 10; ++i) + { + Random.NextBytes(sk); + Ed25519.GeneratePublicKey(sk, 0, pk, 0); + + int mLen = Random.NextInt() & 255; + + Ed25519.Sign(sk, 0, ctx, m, 0, mLen, sig1, 0); + Ed25519.Sign(sk, 0, pk, 0, ctx, m, 0, mLen, sig2, 0); + + Assert.IsTrue(Arrays.AreEqual(sig1, sig2), "Ed25519ctx consistent signatures #" + i); + + bool shouldVerify = Ed25519.Verify(sig1, 0, pk, 0, ctx, m, 0, mLen); + + Assert.IsTrue(shouldVerify, "Ed25519ctx consistent sign/verify #" + i); + + sig1[Ed25519.PublicKeySize - 1] ^= 0x80; + bool shouldNotVerify = Ed25519.Verify(sig1, 0, pk, 0, ctx, m, 0, mLen); + + Assert.IsFalse(shouldNotVerify, "Ed25519ctx consistent verification failure #" + i); + } + } + + [Test] + public void TestEd25519phConsistency() + { + byte[] sk = new byte[Ed25519.SecretKeySize]; + byte[] pk = new byte[Ed25519.PublicKeySize]; + byte[] ctx = new byte[Random.NextInt() & 7]; + byte[] m = new byte[255]; + byte[] ph = new byte[Ed25519.PrehashSize]; + byte[] sig1 = new byte[Ed25519.SignatureSize]; + byte[] sig2 = new byte[Ed25519.SignatureSize]; + + Random.NextBytes(ctx); + Random.NextBytes(m); + + for (int i = 0; i < 10; ++i) + { + Random.NextBytes(sk); + Ed25519.GeneratePublicKey(sk, 0, pk, 0); + + int mLen = Random.NextInt() & 255; + + IDigest prehash = Ed25519.CreatePrehash(); + prehash.BlockUpdate(m, 0, mLen); + prehash.DoFinal(ph, 0); + + Ed25519.SignPrehash(sk, 0, ctx, ph, 0, sig1, 0); + Ed25519.SignPrehash(sk, 0, pk, 0, ctx, ph, 0, sig2, 0); + + Assert.IsTrue(Arrays.AreEqual(sig1, sig2), "Ed25519ph consistent signatures #" + i); + + bool shouldVerify = Ed25519.VerifyPrehash(sig1, 0, pk, 0, ctx, ph, 0); + + Assert.IsTrue(shouldVerify, "Ed25519ph consistent sign/verify #" + i); + + sig1[Ed25519.PublicKeySize - 1] ^= 0x80; + bool shouldNotVerify = Ed25519.VerifyPrehash(sig1, 0, pk, 0, ctx, ph, 0); + + Assert.IsFalse(shouldNotVerify, "Ed25519ph consistent verification failure #" + i); + } + } + + [Test] + public void TestEd25519Vector1() + { + CheckEd25519Vector( + ("9d61b19deffd5a60ba844af492ec2cc4" + + "4449c5697b326919703bac031cae7f60"), + ("d75a980182b10ab7d54bfed3c964073a" + + "0ee172f3daa62325af021a68f707511a"), + "", + ("e5564300c360ac729086e2cc806e828a" + + "84877f1eb8e5d974d873e06522490155" + + "5fb8821590a33bacc61e39701cf9b46b" + + "d25bf5f0595bbe24655141438e7a100b"), + "Ed25519 Vector #1"); + } + + [Test] + public void TestEd25519Vector2() + { + CheckEd25519Vector( + ("4ccd089b28ff96da9db6c346ec114e0f" + + "5b8a319f35aba624da8cf6ed4fb8a6fb"), + ("3d4017c3e843895a92b70aa74d1b7ebc" + + "9c982ccf2ec4968cc0cd55f12af4660c"), + "72", + ("92a009a9f0d4cab8720e820b5f642540" + + "a2b27b5416503f8fb3762223ebdb69da" + + "085ac1e43e15996e458f3613d0f11d8c" + + "387b2eaeb4302aeeb00d291612bb0c00"), + "Ed25519 Vector #2"); + } + + [Test] + public void TestEd25519Vector3() + { + CheckEd25519Vector( + ("c5aa8df43f9f837bedb7442f31dcb7b1" + + "66d38535076f094b85ce3a2e0b4458f7"), + ("fc51cd8e6218a1a38da47ed00230f058" + + "0816ed13ba3303ac5deb911548908025"), + "af82", + ("6291d657deec24024827e69c3abe01a3" + + "0ce548a284743a445e3680d7db5ac3ac" + + "18ff9b538d16f290ae67f760984dc659" + + "4a7c15e9716ed28dc027beceea1ec40a"), + "Ed25519 Vector #3"); + } + + [Test] + public void TestEd25519Vector1023() + { + string m = + "08b8b2b733424243760fe426a4b54908" + + "632110a66c2f6591eabd3345e3e4eb98" + + "fa6e264bf09efe12ee50f8f54e9f77b1" + + "e355f6c50544e23fb1433ddf73be84d8" + + "79de7c0046dc4996d9e773f4bc9efe57" + + "38829adb26c81b37c93a1b270b20329d" + + "658675fc6ea534e0810a4432826bf58c" + + "941efb65d57a338bbd2e26640f89ffbc" + + "1a858efcb8550ee3a5e1998bd177e93a" + + "7363c344fe6b199ee5d02e82d522c4fe" + + "ba15452f80288a821a579116ec6dad2b" + + "3b310da903401aa62100ab5d1a36553e" + + "06203b33890cc9b832f79ef80560ccb9" + + "a39ce767967ed628c6ad573cb116dbef" + + "efd75499da96bd68a8a97b928a8bbc10" + + "3b6621fcde2beca1231d206be6cd9ec7" + + "aff6f6c94fcd7204ed3455c68c83f4a4" + + "1da4af2b74ef5c53f1d8ac70bdcb7ed1" + + "85ce81bd84359d44254d95629e9855a9" + + "4a7c1958d1f8ada5d0532ed8a5aa3fb2" + + "d17ba70eb6248e594e1a2297acbbb39d" + + "502f1a8c6eb6f1ce22b3de1a1f40cc24" + + "554119a831a9aad6079cad88425de6bd" + + "e1a9187ebb6092cf67bf2b13fd65f270" + + "88d78b7e883c8759d2c4f5c65adb7553" + + "878ad575f9fad878e80a0c9ba63bcbcc" + + "2732e69485bbc9c90bfbd62481d9089b" + + "eccf80cfe2df16a2cf65bd92dd597b07" + + "07e0917af48bbb75fed413d238f5555a" + + "7a569d80c3414a8d0859dc65a46128ba" + + "b27af87a71314f318c782b23ebfe808b" + + "82b0ce26401d2e22f04d83d1255dc51a" + + "ddd3b75a2b1ae0784504df543af8969b" + + "e3ea7082ff7fc9888c144da2af58429e" + + "c96031dbcad3dad9af0dcbaaaf268cb8" + + "fcffead94f3c7ca495e056a9b47acdb7" + + "51fb73e666c6c655ade8297297d07ad1" + + "ba5e43f1bca32301651339e22904cc8c" + + "42f58c30c04aafdb038dda0847dd988d" + + "cda6f3bfd15c4b4c4525004aa06eeff8" + + "ca61783aacec57fb3d1f92b0fe2fd1a8" + + "5f6724517b65e614ad6808d6f6ee34df" + + "f7310fdc82aebfd904b01e1dc54b2927" + + "094b2db68d6f903b68401adebf5a7e08" + + "d78ff4ef5d63653a65040cf9bfd4aca7" + + "984a74d37145986780fc0b16ac451649" + + "de6188a7dbdf191f64b5fc5e2ab47b57" + + "f7f7276cd419c17a3ca8e1b939ae49e4" + + "88acba6b965610b5480109c8b17b80e1" + + "b7b750dfc7598d5d5011fd2dcc5600a3" + + "2ef5b52a1ecc820e308aa342721aac09" + + "43bf6686b64b2579376504ccc493d97e" + + "6aed3fb0f9cd71a43dd497f01f17c0e2" + + "cb3797aa2a2f256656168e6c496afc5f" + + "b93246f6b1116398a346f1a641f3b041" + + "e989f7914f90cc2c7fff357876e506b5" + + "0d334ba77c225bc307ba537152f3f161" + + "0e4eafe595f6d9d90d11faa933a15ef1" + + "369546868a7f3a45a96768d40fd9d034" + + "12c091c6315cf4fde7cb68606937380d" + + "b2eaaa707b4c4185c32eddcdd306705e" + + "4dc1ffc872eeee475a64dfac86aba41c" + + "0618983f8741c5ef68d3a101e8a3b8ca" + + "c60c905c15fc910840b94c00a0b9d0"; + + CheckEd25519Vector( + ("f5e5767cf153319517630f226876b86c" + + "8160cc583bc013744c6bf255f5cc0ee5"), + ("278117fc144c72340f67d0f2316e8386" + + "ceffbf2b2428c9c51fef7c597f1d426e"), + m, + ("0aab4c900501b3e24d7cdf4663326a3a" + + "87df5e4843b2cbdb67cbf6e460fec350" + + "aa5371b1508f9f4528ecea23c436d94b" + + "5e8fcd4f681e30a6ac00a9704a188a03"), + "Ed25519 Vector #1023"); + } + + [Test] + public void TestEd25519VectorSHAabc() + { + CheckEd25519Vector( + ("833fe62409237b9d62ec77587520911e" + + "9a759cec1d19755b7da901b96dca3d42"), + ("ec172b93ad5e563bf4932c70e1245034" + + "c35467ef2efd4d64ebf819683467e2bf"), + ("ddaf35a193617abacc417349ae204131" + + "12e6fa4e89a97ea20a9eeee64b55d39a" + + "2192992a274fc1a836ba3c23a3feebbd" + + "454d4423643ce80e2a9ac94fa54ca49f"), + ("dc2a4459e7369633a52b1bf277839a00" + + "201009a3efbf3ecb69bea2186c26b589" + + "09351fc9ac90b3ecfdfbc7c66431e030" + + "3dca179c138ac17ad9bef1177331a704"), + "Ed25519 Vector SHA(abc)"); + } + + [Test] + public void TestEd25519ctxVector1() + { + CheckEd25519ctxVector( + ("0305334e381af78f141cb666f6199f57" + + "bc3495335a256a95bd2a55bf546663f6"), + ("dfc9425e4f968f7f0c29f0259cf5f9ae" + + "d6851c2bb4ad8bfb860cfee0ab248292"), + "f726936d19c800494e3fdaff20b276a8", + "666f6f", + ("55a4cc2f70a54e04288c5f4cd1e45a7b" + + "b520b36292911876cada7323198dd87a" + + "8b36950b95130022907a7fb7c4e9b2d5" + + "f6cca685a587b4b21f4b888e4e7edb0d"), + "Ed25519ctx Vector #1"); + } + + [Test] + public void TestEd25519ctxVector2() + { + CheckEd25519ctxVector( + ("0305334e381af78f141cb666f6199f57" + + "bc3495335a256a95bd2a55bf546663f6"), + ("dfc9425e4f968f7f0c29f0259cf5f9ae" + + "d6851c2bb4ad8bfb860cfee0ab248292"), + "f726936d19c800494e3fdaff20b276a8", + "626172", + ("fc60d5872fc46b3aa69f8b5b4351d580" + + "8f92bcc044606db097abab6dbcb1aee3" + + "216c48e8b3b66431b5b186d1d28f8ee1" + + "5a5ca2df6668346291c2043d4eb3e90d"), + "Ed25519ctx Vector #2"); + } + + [Test] + public void TestEd25519ctxVector3() + { + CheckEd25519ctxVector( + ("0305334e381af78f141cb666f6199f57" + + "bc3495335a256a95bd2a55bf546663f6"), + ("dfc9425e4f968f7f0c29f0259cf5f9ae" + + "d6851c2bb4ad8bfb860cfee0ab248292"), + "508e9e6882b979fea900f62adceaca35", + "666f6f", + ("8b70c1cc8310e1de20ac53ce28ae6e72" + + "07f33c3295e03bb5c0732a1d20dc6490" + + "8922a8b052cf99b7c4fe107a5abb5b2c" + + "4085ae75890d02df26269d8945f84b0b"), + "Ed25519ctx Vector #3"); + } + + [Test] + public void TestEd25519ctxVector4() + { + CheckEd25519ctxVector( + ("ab9c2853ce297ddab85c993b3ae14bca" + + "d39b2c682beabc27d6d4eb20711d6560"), + ("0f1d1274943b91415889152e893d80e9" + + "3275a1fc0b65fd71b4b0dda10ad7d772"), + "f726936d19c800494e3fdaff20b276a8", + "666f6f", + ("21655b5f1aa965996b3f97b3c849eafb" + + "a922a0a62992f73b3d1b73106a84ad85" + + "e9b86a7b6005ea868337ff2d20a7f5fb" + + "d4cd10b0be49a68da2b2e0dc0ad8960f"), + "Ed25519ctx Vector #4"); + } + + [Test] + public void TestEd25519phVector1() + { + CheckEd25519phVector( + ("833fe62409237b9d62ec77587520911e" + + "9a759cec1d19755b7da901b96dca3d42"), + ("ec172b93ad5e563bf4932c70e1245034" + + "c35467ef2efd4d64ebf819683467e2bf"), + "616263", + "", + ("98a70222f0b8121aa9d30f813d683f80" + + "9e462b469c7ff87639499bb94e6dae41" + + "31f85042463c2a355a2003d062adf5aa" + + "a10b8c61e636062aaad11c2a26083406"), + "Ed25519ph Vector #1"); + } + + [Test] + public void TestPublicKeyValidationFull() + { + Assert.IsFalse(Ed25519.ValidatePublicKeyFull(Neutral, 0)); + + byte[] sk = new byte[Ed25519.SecretKeySize]; + byte[] pk = new byte[Ed25519.PublicKeySize]; + + for (int i = 0; i < 10; ++i) + { + Random.NextBytes(sk); + Ed25519.GeneratePublicKey(sk, 0, pk, 0); + Assert.IsTrue(Ed25519.ValidatePublicKeyFull(pk, 0)); + } + + Assert.IsFalse(Ed25519.ValidatePublicKeyFull(Hex.DecodeStrict("0100000000000000000000000000000000000000000000000000000000000080"), 0)); + + Assert.IsFalse(Ed25519.ValidatePublicKeyFull(Hex.DecodeStrict("FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF7F"), 0)); + Assert.IsFalse(Ed25519.ValidatePublicKeyFull(Hex.DecodeStrict("FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF"), 0)); + + Assert.IsFalse(Ed25519.ValidatePublicKeyFull(Hex.DecodeStrict("D73D6044821BD0DF4068AE1792F0851170F53062150AA70A87E2A58A05A26115"), 0)); + Assert.IsFalse(Ed25519.ValidatePublicKeyFull(Hex.DecodeStrict("F9D557BE0F3C700571CD8AD9CFDE0A2C67F88EE71830073C7756A0599311AD94"), 0)); + Assert.IsFalse(Ed25519.ValidatePublicKeyFull(Hex.DecodeStrict("7A772BBC08D53BF381B150D8411B9AF134BBF24B90A038EFD8DA4A17B32606A1"), 0)); + Assert.IsFalse(Ed25519.ValidatePublicKeyFull(Hex.DecodeStrict("DC6EF81316C08B91209A73FE8E208DD319F56C6A47956A03AF7D6D826A88AC87"), 0)); + Assert.IsFalse(Ed25519.ValidatePublicKeyFull(Hex.DecodeStrict("6EEDF105177868C9AD48DAF2C36EE3B169D892A02A3BF83101B1D50D86BFB19E"), 0)); + Assert.IsFalse(Ed25519.ValidatePublicKeyFull(Hex.DecodeStrict("4BAAB5711F22FF7479E6D9BD2C5BC4DCD3CFC9F36921971496907B1F2B62C6BA"), 0)); + Assert.IsFalse(Ed25519.ValidatePublicKeyFull(Hex.DecodeStrict("D96A46432581A80085F978F7FC0977E228C5A3FD2E64D588BB5F5E5A84E4ABAE"), 0)); + Assert.IsFalse(Ed25519.ValidatePublicKeyFull(Hex.DecodeStrict("10C326AE15FA5BA89EDDAB89C860797385298F4C7750BAEB94A5AAC9A876B538"), 0)); + Assert.IsFalse(Ed25519.ValidatePublicKeyFull(Hex.DecodeStrict("7808F3F6EB858E9BBD2570F20A9F7502175F312FA2DBE4C96EB5C683B384AA60"), 0)); + Assert.IsFalse(Ed25519.ValidatePublicKeyFull(Hex.DecodeStrict("0DE943C51E91AA3ED9FFA82D39A9813D94F59246452F6A7780D067BC61342FE1"), 0)); + + Assert.IsFalse(Ed25519.ValidatePublicKeyFull(Hex.DecodeStrict("10026DBFB4C55628716BB0EF979A10DD5AC7AA970C229B5E68DD993E2C20E7D5"), 0)); + Assert.IsFalse(Ed25519.ValidatePublicKeyFull(Hex.DecodeStrict("68EC52D16C1DB4483AA8679277C34E0DC56EB7D064D302B9749F0D31A901D484"), 0)); + Assert.IsFalse(Ed25519.ValidatePublicKeyFull(Hex.DecodeStrict("6E54C8F00669422D5697E09C0575AE1E699841ACF1690A5DFAA25E3160F3A2EF"), 0)); + Assert.IsFalse(Ed25519.ValidatePublicKeyFull(Hex.DecodeStrict("CA66B62D361F790AA9658161BA0FFDC3CE60624151258C7301926DFE0C67EE64"), 0)); + Assert.IsFalse(Ed25519.ValidatePublicKeyFull(Hex.DecodeStrict("88D912C322AE3D0907B38ED08727FBF06D51C5D1DE622B5BC24DAB30078AE9FF"), 0)); + Assert.IsFalse(Ed25519.ValidatePublicKeyFull(Hex.DecodeStrict("F24683E044CE3F14BCA24F1356AE7767509E17EFA2606438BA275860819E14B8"), 0)); + Assert.IsFalse(Ed25519.ValidatePublicKeyFull(Hex.DecodeStrict("B2865F02E6D19A94CE6147B574095733B3628A2FBE2C84022262D88F7D6C4F7D"), 0)); + Assert.IsFalse(Ed25519.ValidatePublicKeyFull(Hex.DecodeStrict("FA4DA03321816C1C9066BD250982DDD1B4349C43C5E124D2B39F8DDA4E5364F8"), 0)); + Assert.IsFalse(Ed25519.ValidatePublicKeyFull(Hex.DecodeStrict("FCADF40DE51A943F3B7847DBEBA0627B33D020D81DFFABF2B3701BD9B746952A"), 0)); + Assert.IsFalse(Ed25519.ValidatePublicKeyFull(Hex.DecodeStrict("379B071E6F7E2479D5A8588AB708137808D63F689127D4A228E2C1681873C55E"), 0)); + } + + [Test] + public void TestPublicKeyValidationPartial() + { + Assert.IsTrue(Ed25519.ValidatePublicKeyPartial(Neutral, 0)); + + byte[] sk = new byte[Ed25519.SecretKeySize]; + byte[] pk = new byte[Ed25519.PublicKeySize]; + + for (int i = 0; i < 10; ++i) + { + Random.NextBytes(sk); + Ed25519.GeneratePublicKey(sk, 0, pk, 0); + Assert.IsTrue(Ed25519.ValidatePublicKeyPartial(pk, 0)); + } + + Assert.IsFalse(Ed25519.ValidatePublicKeyPartial(Hex.DecodeStrict("0100000000000000000000000000000000000000000000000000000000000080"), 0)); + + Assert.IsFalse(Ed25519.ValidatePublicKeyPartial(Hex.DecodeStrict("FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF7F"), 0)); + Assert.IsFalse(Ed25519.ValidatePublicKeyPartial(Hex.DecodeStrict("FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF"), 0)); + + Assert.IsFalse(Ed25519.ValidatePublicKeyPartial(Hex.DecodeStrict("D73D6044821BD0DF4068AE1792F0851170F53062150AA70A87E2A58A05A26115"), 0)); + Assert.IsFalse(Ed25519.ValidatePublicKeyPartial(Hex.DecodeStrict("F9D557BE0F3C700571CD8AD9CFDE0A2C67F88EE71830073C7756A0599311AD94"), 0)); + Assert.IsFalse(Ed25519.ValidatePublicKeyPartial(Hex.DecodeStrict("7A772BBC08D53BF381B150D8411B9AF134BBF24B90A038EFD8DA4A17B32606A1"), 0)); + Assert.IsFalse(Ed25519.ValidatePublicKeyPartial(Hex.DecodeStrict("DC6EF81316C08B91209A73FE8E208DD319F56C6A47956A03AF7D6D826A88AC87"), 0)); + Assert.IsFalse(Ed25519.ValidatePublicKeyPartial(Hex.DecodeStrict("6EEDF105177868C9AD48DAF2C36EE3B169D892A02A3BF83101B1D50D86BFB19E"), 0)); + Assert.IsFalse(Ed25519.ValidatePublicKeyPartial(Hex.DecodeStrict("4BAAB5711F22FF7479E6D9BD2C5BC4DCD3CFC9F36921971496907B1F2B62C6BA"), 0)); + Assert.IsFalse(Ed25519.ValidatePublicKeyPartial(Hex.DecodeStrict("D96A46432581A80085F978F7FC0977E228C5A3FD2E64D588BB5F5E5A84E4ABAE"), 0)); + Assert.IsFalse(Ed25519.ValidatePublicKeyPartial(Hex.DecodeStrict("10C326AE15FA5BA89EDDAB89C860797385298F4C7750BAEB94A5AAC9A876B538"), 0)); + Assert.IsFalse(Ed25519.ValidatePublicKeyPartial(Hex.DecodeStrict("7808F3F6EB858E9BBD2570F20A9F7502175F312FA2DBE4C96EB5C683B384AA60"), 0)); + Assert.IsFalse(Ed25519.ValidatePublicKeyPartial(Hex.DecodeStrict("0DE943C51E91AA3ED9FFA82D39A9813D94F59246452F6A7780D067BC61342FE1"), 0)); + + Assert.IsTrue(Ed25519.ValidatePublicKeyPartial(Hex.DecodeStrict("10026DBFB4C55628716BB0EF979A10DD5AC7AA970C229B5E68DD993E2C20E7D5"), 0)); + Assert.IsTrue(Ed25519.ValidatePublicKeyPartial(Hex.DecodeStrict("68EC52D16C1DB4483AA8679277C34E0DC56EB7D064D302B9749F0D31A901D484"), 0)); + Assert.IsTrue(Ed25519.ValidatePublicKeyPartial(Hex.DecodeStrict("6E54C8F00669422D5697E09C0575AE1E699841ACF1690A5DFAA25E3160F3A2EF"), 0)); + Assert.IsTrue(Ed25519.ValidatePublicKeyPartial(Hex.DecodeStrict("CA66B62D361F790AA9658161BA0FFDC3CE60624151258C7301926DFE0C67EE64"), 0)); + Assert.IsTrue(Ed25519.ValidatePublicKeyPartial(Hex.DecodeStrict("88D912C322AE3D0907B38ED08727FBF06D51C5D1DE622B5BC24DAB30078AE9FF"), 0)); + Assert.IsTrue(Ed25519.ValidatePublicKeyPartial(Hex.DecodeStrict("F24683E044CE3F14BCA24F1356AE7767509E17EFA2606438BA275860819E14B8"), 0)); + Assert.IsTrue(Ed25519.ValidatePublicKeyPartial(Hex.DecodeStrict("B2865F02E6D19A94CE6147B574095733B3628A2FBE2C84022262D88F7D6C4F7D"), 0)); + Assert.IsTrue(Ed25519.ValidatePublicKeyPartial(Hex.DecodeStrict("FA4DA03321816C1C9066BD250982DDD1B4349C43C5E124D2B39F8DDA4E5364F8"), 0)); + Assert.IsTrue(Ed25519.ValidatePublicKeyPartial(Hex.DecodeStrict("FCADF40DE51A943F3B7847DBEBA0627B33D020D81DFFABF2B3701BD9B746952A"), 0)); + Assert.IsTrue(Ed25519.ValidatePublicKeyPartial(Hex.DecodeStrict("379B071E6F7E2479D5A8588AB708137808D63F689127D4A228E2C1681873C55E"), 0)); + } + + private static void CheckEd25519Vector(string sSK, string sPK, string sM, string sSig, string text) + { + byte[] sk = Hex.Decode(sSK); + byte[] pk = Hex.Decode(sPK); + + byte[] pkGen = new byte[Ed25519.PublicKeySize]; + Ed25519.GeneratePublicKey(sk, 0, pkGen, 0); + Assert.IsTrue(Arrays.AreEqual(pk, pkGen), text); + + byte[] m = Hex.Decode(sM); + byte[] sig = Hex.Decode(sSig); + + byte[] badsig = Arrays.Clone(sig); + badsig[Ed25519.SignatureSize - 1] ^= 0x80; + + byte[] sigGen = new byte[Ed25519.SignatureSize]; + Ed25519.Sign(sk, 0, m, 0, m.Length, sigGen, 0); + Assert.IsTrue(Arrays.AreEqual(sig, sigGen), text); + + Ed25519.Sign(sk, 0, pk, 0, m, 0, m.Length, sigGen, 0); + Assert.IsTrue(Arrays.AreEqual(sig, sigGen), text); + + bool shouldVerify = Ed25519.Verify(sig, 0, pk, 0, m, 0, m.Length); + Assert.IsTrue(shouldVerify, text); + + bool shouldNotVerify = Ed25519.Verify(badsig, 0, pk, 0, m, 0, m.Length); + Assert.IsFalse(shouldNotVerify, text); + } + + private static void CheckEd25519ctxVector(string sSK, string sPK, string sM, string sCTX, string sSig, string text) + { + byte[] sk = Hex.Decode(sSK); + byte[] pk = Hex.Decode(sPK); + + byte[] pkGen = new byte[Ed25519.PublicKeySize]; + Ed25519.GeneratePublicKey(sk, 0, pkGen, 0); + Assert.IsTrue(Arrays.AreEqual(pk, pkGen), text); + + byte[] m = Hex.Decode(sM); + byte[] ctx = Hex.Decode(sCTX); + byte[] sig = Hex.Decode(sSig); + + byte[] badsig = Arrays.Clone(sig); + badsig[Ed25519.SignatureSize - 1] ^= 0x80; + + byte[] sigGen = new byte[Ed25519.SignatureSize]; + Ed25519.Sign(sk, 0, ctx, m, 0, m.Length, sigGen, 0); + Assert.IsTrue(Arrays.AreEqual(sig, sigGen), text); + + Ed25519.Sign(sk, 0, pk, 0, ctx, m, 0, m.Length, sigGen, 0); + Assert.IsTrue(Arrays.AreEqual(sig, sigGen), text); + + bool shouldVerify = Ed25519.Verify(sig, 0, pk, 0, ctx, m, 0, m.Length); + Assert.IsTrue(shouldVerify, text); + + bool shouldNotVerify = Ed25519.Verify(badsig, 0, pk, 0, ctx, m, 0, m.Length); + Assert.IsFalse(shouldNotVerify, text); + } + + private static void CheckEd25519phVector(string sSK, string sPK, string sM, string sCTX, string sSig, string text) + { + byte[] sk = Hex.Decode(sSK); + byte[] pk = Hex.Decode(sPK); + + byte[] pkGen = new byte[Ed25519.PublicKeySize]; + Ed25519.GeneratePublicKey(sk, 0, pkGen, 0); + Assert.IsTrue(Arrays.AreEqual(pk, pkGen), text); + + byte[] m = Hex.Decode(sM); + byte[] ctx = Hex.Decode(sCTX); + byte[] sig = Hex.Decode(sSig); + + byte[] badsig = Arrays.Clone(sig); + badsig[Ed25519.SignatureSize - 1] ^= 0x80; + + byte[] sigGen = new byte[Ed25519.SignatureSize]; + + { + IDigest prehash = Ed25519.CreatePrehash(); + prehash.BlockUpdate(m, 0, m.Length); + + byte[] ph = new byte[Ed25519.PrehashSize]; + prehash.DoFinal(ph, 0); + + Ed25519.SignPrehash(sk, 0, ctx, ph, 0, sigGen, 0); + Assert.IsTrue(Arrays.AreEqual(sig, sigGen), text); + + Ed25519.SignPrehash(sk, 0, pk, 0, ctx, ph, 0, sigGen, 0); + Assert.IsTrue(Arrays.AreEqual(sig, sigGen), text); + + bool shouldVerify = Ed25519.VerifyPrehash(sig, 0, pk, 0, ctx, ph, 0); + Assert.IsTrue(shouldVerify, text); + + bool shouldNotVerify = Ed25519.VerifyPrehash(badsig, 0, pk, 0, ctx, ph, 0); + Assert.IsFalse(shouldNotVerify, text); + } + + { + IDigest ph = Ed25519.CreatePrehash(); + ph.BlockUpdate(m, 0, m.Length); + + Ed25519.SignPrehash(sk, 0, ctx, ph, sigGen, 0); + Assert.IsTrue(Arrays.AreEqual(sig, sigGen), text); + } + + { + IDigest ph = Ed25519.CreatePrehash(); + ph.BlockUpdate(m, 0, m.Length); + + Ed25519.SignPrehash(sk, 0, pk, 0, ctx, ph, sigGen, 0); + Assert.IsTrue(Arrays.AreEqual(sig, sigGen), text); + } + + { + IDigest ph = Ed25519.CreatePrehash(); + ph.BlockUpdate(m, 0, m.Length); + + bool shouldVerify = Ed25519.VerifyPrehash(sig, 0, pk, 0, ctx, ph); + Assert.IsTrue(shouldVerify, text); + } + + { + IDigest ph = Ed25519.CreatePrehash(); + ph.BlockUpdate(m, 0, m.Length); + + bool shouldNotVerify = Ed25519.VerifyPrehash(badsig, 0, pk, 0, ctx, ph); + Assert.IsFalse(shouldNotVerify, text); + } + } + } +} diff --git a/BouncyCastle/crypto/test/src/math/ec/rfc8032/test/Ed448Test.cs b/BouncyCastle/crypto/test/src/math/ec/rfc8032/test/Ed448Test.cs new file mode 100644 index 0000000..40d28cc --- /dev/null +++ b/BouncyCastle/crypto/test/src/math/ec/rfc8032/test/Ed448Test.cs @@ -0,0 +1,658 @@ +using System; + +using NUnit.Framework; + +using Org.BouncyCastle.Crypto; +using Org.BouncyCastle.Security; +using Org.BouncyCastle.Utilities; +using Org.BouncyCastle.Utilities.Encoders; + +namespace Org.BouncyCastle.Math.EC.Rfc8032.Tests +{ + [TestFixture] + public class Ed448Test + { + private static readonly SecureRandom Random = new SecureRandom(); + + private static readonly byte[] Neutral = Hex.DecodeStrict("010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000"); + + [SetUp] + public void SetUp() + { + Ed448.Precompute(); + } + + [Test] + public void TestEd448Consistency() + { + byte[] sk = new byte[Ed448.SecretKeySize]; + byte[] pk = new byte[Ed448.PublicKeySize]; + byte[] ctx = new byte[Random.NextInt() & 7]; + byte[] m = new byte[255]; + byte[] sig1 = new byte[Ed448.SignatureSize]; + byte[] sig2 = new byte[Ed448.SignatureSize]; + + Random.NextBytes(ctx); + Random.NextBytes(m); + + for (int i = 0; i < 10; ++i) + { + Random.NextBytes(sk); + Ed448.GeneratePublicKey(sk, 0, pk, 0); + + int mLen = Random.NextInt() & 255; + + Ed448.Sign(sk, 0, ctx, m, 0, mLen, sig1, 0); + Ed448.Sign(sk, 0, pk, 0, ctx, m, 0, mLen, sig2, 0); + + Assert.IsTrue(Arrays.AreEqual(sig1, sig2), "Ed448 consistent signatures #" + i); + + bool shouldVerify = Ed448.Verify(sig1, 0, pk, 0, ctx, m, 0, mLen); + + Assert.IsTrue(shouldVerify, "Ed448 consistent sign/verify #" + i); + + sig1[Ed448.PublicKeySize - 1] ^= 0x80; + bool shouldNotVerify = Ed448.Verify(sig1, 0, pk, 0, ctx, m, 0, mLen); + + Assert.IsFalse(shouldNotVerify, "Ed448 consistent verification failure #" + i); + } + } + + [Test] + public void TestEd448phConsistency() + { + byte[] sk = new byte[Ed448.SecretKeySize]; + byte[] pk = new byte[Ed448.PublicKeySize]; + byte[] ctx = new byte[Random.NextInt() & 7]; + byte[] m = new byte[255]; + byte[] ph = new byte[Ed448.PrehashSize]; + byte[] sig1 = new byte[Ed448.SignatureSize]; + byte[] sig2 = new byte[Ed448.SignatureSize]; + + Random.NextBytes(ctx); + Random.NextBytes(m); + + for (int i = 0; i < 10; ++i) + { + Random.NextBytes(sk); + Ed448.GeneratePublicKey(sk, 0, pk, 0); + + int mLen = Random.NextInt() & 255; + + IXof prehash = Ed448.CreatePrehash(); + prehash.BlockUpdate(m, 0, mLen); + prehash.DoFinal(ph, 0, ph.Length); + + Ed448.SignPrehash(sk, 0, ctx, ph, 0, sig1, 0); + Ed448.SignPrehash(sk, 0, pk, 0, ctx, ph, 0, sig2, 0); + + Assert.IsTrue(Arrays.AreEqual(sig1, sig2), "Ed448ph consistent signatures #" + i); + + bool shouldVerify = Ed448.VerifyPrehash(sig1, 0, pk, 0, ctx, ph, 0); + + Assert.IsTrue(shouldVerify, "Ed448ph consistent sign/verify #" + i); + + sig1[Ed448.PublicKeySize - 1] ^= 0x80; + bool shouldNotVerify = Ed448.VerifyPrehash(sig1, 0, pk, 0, ctx, ph, 0); + + Assert.IsFalse(shouldNotVerify, "Ed448ph consistent verification failure #" + i); + } + } + + [Test] + public void TestEd448Vector1() + { + CheckEd448Vector( + ( "6c82a562cb808d10d632be89c8513ebf" + + "6c929f34ddfa8c9f63c9960ef6e348a3" + + "528c8a3fcc2f044e39a3fc5b94492f8f" + + "032e7549a20098f95b"), + ( "5fd7449b59b461fd2ce787ec616ad46a" + + "1da1342485a70e1f8a0ea75d80e96778" + + "edf124769b46c7061bd6783df1e50f6c" + + "d1fa1abeafe8256180"), + "", + "", + ( "533a37f6bbe457251f023c0d88f976ae" + + "2dfb504a843e34d2074fd823d41a591f" + + "2b233f034f628281f2fd7a22ddd47d78" + + "28c59bd0a21bfd3980ff0d2028d4b18a" + + "9df63e006c5d1c2d345b925d8dc00b41" + + "04852db99ac5c7cdda8530a113a0f4db" + + "b61149f05a7363268c71d95808ff2e65" + + "2600"), + "Ed448 Vector #1"); + } + + [Test] + public void TestEd448Vector2() + { + CheckEd448Vector( + ( "c4eab05d357007c632f3dbb48489924d" + + "552b08fe0c353a0d4a1f00acda2c463a" + + "fbea67c5e8d2877c5e3bc397a659949e" + + "f8021e954e0a12274e"), + ( "43ba28f430cdff456ae531545f7ecd0a" + + "c834a55d9358c0372bfa0c6c6798c086" + + "6aea01eb00742802b8438ea4cb82169c" + + "235160627b4c3a9480"), + "03", + "", + ( "26b8f91727bd62897af15e41eb43c377" + + "efb9c610d48f2335cb0bd0087810f435" + + "2541b143c4b981b7e18f62de8ccdf633" + + "fc1bf037ab7cd779805e0dbcc0aae1cb" + + "cee1afb2e027df36bc04dcecbf154336" + + "c19f0af7e0a6472905e799f1953d2a0f" + + "f3348ab21aa4adafd1d234441cf807c0" + + "3a00"), + "Ed448 Vector #2"); + } + + [Test] + public void TestEd448Vector3() + { + CheckEd448Vector( + ( "c4eab05d357007c632f3dbb48489924d" + + "552b08fe0c353a0d4a1f00acda2c463a" + + "fbea67c5e8d2877c5e3bc397a659949e" + + "f8021e954e0a12274e"), + ( "43ba28f430cdff456ae531545f7ecd0a" + + "c834a55d9358c0372bfa0c6c6798c086" + + "6aea01eb00742802b8438ea4cb82169c" + + "235160627b4c3a9480"), + "03", + "666f6f", + ( "d4f8f6131770dd46f40867d6fd5d5055" + + "de43541f8c5e35abbcd001b32a89f7d2" + + "151f7647f11d8ca2ae279fb842d60721" + + "7fce6e042f6815ea000c85741de5c8da" + + "1144a6a1aba7f96de42505d7a7298524" + + "fda538fccbbb754f578c1cad10d54d0d" + + "5428407e85dcbc98a49155c13764e66c" + + "3c00"), + "Ed448 Vector #3"); + } + + [Test] + public void TestEd448Vector4() + { + CheckEd448Vector( + ( "cd23d24f714274e744343237b93290f5" + + "11f6425f98e64459ff203e8985083ffd" + + "f60500553abc0e05cd02184bdb89c4cc" + + "d67e187951267eb328"), + ( "dcea9e78f35a1bf3499a831b10b86c90" + + "aac01cd84b67a0109b55a36e9328b1e3" + + "65fce161d71ce7131a543ea4cb5f7e9f" + + "1d8b00696447001400"), + "0c3e544074ec63b0265e0c", + "", + ( "1f0a8888ce25e8d458a21130879b840a" + + "9089d999aaba039eaf3e3afa090a09d3" + + "89dba82c4ff2ae8ac5cdfb7c55e94d5d" + + "961a29fe0109941e00b8dbdeea6d3b05" + + "1068df7254c0cdc129cbe62db2dc957d" + + "bb47b51fd3f213fb8698f064774250a5" + + "028961c9bf8ffd973fe5d5c206492b14" + + "0e00"), + "Ed448 Vector #4"); + } + + [Test] + public void TestEd448Vector5() + { + CheckEd448Vector( + ( "258cdd4ada32ed9c9ff54e63756ae582" + + "fb8fab2ac721f2c8e676a72768513d93" + + "9f63dddb55609133f29adf86ec9929dc" + + "cb52c1c5fd2ff7e21b"), + ( "3ba16da0c6f2cc1f30187740756f5e79" + + "8d6bc5fc015d7c63cc9510ee3fd44adc" + + "24d8e968b6e46e6f94d19b945361726b" + + "d75e149ef09817f580"), + "64a65f3cdedcdd66811e2915", + "", + ( "7eeeab7c4e50fb799b418ee5e3197ff6" + + "bf15d43a14c34389b59dd1a7b1b85b4a" + + "e90438aca634bea45e3a2695f1270f07" + + "fdcdf7c62b8efeaf00b45c2c96ba457e" + + "b1a8bf075a3db28e5c24f6b923ed4ad7" + + "47c3c9e03c7079efb87cb110d3a99861" + + "e72003cbae6d6b8b827e4e6c143064ff" + + "3c00"), + "Ed448 Vector #5"); + } + + [Test] + public void TestEd448Vector6() + { + CheckEd448Vector( + ( "7ef4e84544236752fbb56b8f31a23a10" + + "e42814f5f55ca037cdcc11c64c9a3b29" + + "49c1bb60700314611732a6c2fea98eeb" + + "c0266a11a93970100e"), + ( "b3da079b0aa493a5772029f0467baebe" + + "e5a8112d9d3a22532361da294f7bb381" + + "5c5dc59e176b4d9f381ca0938e13c6c0" + + "7b174be65dfa578e80"), + "64a65f3cdedcdd66811e2915e7", + "", + ( "6a12066f55331b6c22acd5d5bfc5d712" + + "28fbda80ae8dec26bdd306743c5027cb" + + "4890810c162c027468675ecf645a8317" + + "6c0d7323a2ccde2d80efe5a1268e8aca" + + "1d6fbc194d3f77c44986eb4ab4177919" + + "ad8bec33eb47bbb5fc6e28196fd1caf5" + + "6b4e7e0ba5519234d047155ac727a105" + + "3100"), + "Ed448 Vector #6"); + } + + [Test] + public void TestEd448Vector64() + { + string m = + "bd0f6a3747cd561bdddf4640a332461a" + + "4a30a12a434cd0bf40d766d9c6d458e5" + + "512204a30c17d1f50b5079631f64eb31" + + "12182da3005835461113718d1a5ef944"; + + CheckEd448Vector( + ( "d65df341ad13e008567688baedda8e9d" + + "cdc17dc024974ea5b4227b6530e339bf" + + "f21f99e68ca6968f3cca6dfe0fb9f4fa" + + "b4fa135d5542ea3f01"), + ( "df9705f58edbab802c7f8363cfe5560a" + + "b1c6132c20a9f1dd163483a26f8ac53a" + + "39d6808bf4a1dfbd261b099bb03b3fb5" + + "0906cb28bd8a081f00"), + m, + "", + ( "554bc2480860b49eab8532d2a533b7d5" + + "78ef473eeb58c98bb2d0e1ce488a98b1" + + "8dfde9b9b90775e67f47d4a1c3482058" + + "efc9f40d2ca033a0801b63d45b3b722e" + + "f552bad3b4ccb667da350192b61c508c" + + "f7b6b5adadc2c8d9a446ef003fb05cba" + + "5f30e88e36ec2703b349ca229c267083" + + "3900"), + "Ed448 Vector #64"); + } + + [Test] + public void TestEd448Vector256() + { + string m = + "15777532b0bdd0d1389f636c5f6b9ba7" + + "34c90af572877e2d272dd078aa1e567c" + + "fa80e12928bb542330e8409f31745041" + + "07ecd5efac61ae7504dabe2a602ede89" + + "e5cca6257a7c77e27a702b3ae39fc769" + + "fc54f2395ae6a1178cab4738e543072f" + + "c1c177fe71e92e25bf03e4ecb72f47b6" + + "4d0465aaea4c7fad372536c8ba516a60" + + "39c3c2a39f0e4d832be432dfa9a706a6" + + "e5c7e19f397964ca4258002f7c0541b5" + + "90316dbc5622b6b2a6fe7a4abffd9610" + + "5eca76ea7b98816af0748c10df048ce0" + + "12d901015a51f189f3888145c03650aa" + + "23ce894c3bd889e030d565071c59f409" + + "a9981b51878fd6fc110624dcbcde0bf7" + + "a69ccce38fabdf86f3bef6044819de11"; + + CheckEd448Vector( + ( "2ec5fe3c17045abdb136a5e6a913e32a" + + "b75ae68b53d2fc149b77e504132d3756" + + "9b7e766ba74a19bd6162343a21c8590a" + + "a9cebca9014c636df5"), + ( "79756f014dcfe2079f5dd9e718be4171" + + "e2ef2486a08f25186f6bff43a9936b9b" + + "fe12402b08ae65798a3d81e22e9ec80e" + + "7690862ef3d4ed3a00"), + m, + "", + ( "c650ddbb0601c19ca11439e1640dd931" + + "f43c518ea5bea70d3dcde5f4191fe53f" + + "00cf966546b72bcc7d58be2b9badef28" + + "743954e3a44a23f880e8d4f1cfce2d7a" + + "61452d26da05896f0a50da66a239a8a1" + + "88b6d825b3305ad77b73fbac0836ecc6" + + "0987fd08527c1a8e80d5823e65cafe2a" + + "3d00"), + "Ed448 Vector #256"); + } + + [Test] + public void TestEd448Vector1023() + { + string m = + "6ddf802e1aae4986935f7f981ba3f035" + + "1d6273c0a0c22c9c0e8339168e675412" + + "a3debfaf435ed651558007db4384b650" + + "fcc07e3b586a27a4f7a00ac8a6fec2cd" + + "86ae4bf1570c41e6a40c931db27b2faa" + + "15a8cedd52cff7362c4e6e23daec0fbc" + + "3a79b6806e316efcc7b68119bf46bc76" + + "a26067a53f296dafdbdc11c77f7777e9" + + "72660cf4b6a9b369a6665f02e0cc9b6e" + + "dfad136b4fabe723d2813db3136cfde9" + + "b6d044322fee2947952e031b73ab5c60" + + "3349b307bdc27bc6cb8b8bbd7bd32321" + + "9b8033a581b59eadebb09b3c4f3d2277" + + "d4f0343624acc817804728b25ab79717" + + "2b4c5c21a22f9c7839d64300232eb66e" + + "53f31c723fa37fe387c7d3e50bdf9813" + + "a30e5bb12cf4cd930c40cfb4e1fc6225" + + "92a49588794494d56d24ea4b40c89fc0" + + "596cc9ebb961c8cb10adde976a5d602b" + + "1c3f85b9b9a001ed3c6a4d3b1437f520" + + "96cd1956d042a597d561a596ecd3d173" + + "5a8d570ea0ec27225a2c4aaff26306d1" + + "526c1af3ca6d9cf5a2c98f47e1c46db9" + + "a33234cfd4d81f2c98538a09ebe76998" + + "d0d8fd25997c7d255c6d66ece6fa56f1" + + "1144950f027795e653008f4bd7ca2dee" + + "85d8e90f3dc315130ce2a00375a318c7" + + "c3d97be2c8ce5b6db41a6254ff264fa6" + + "155baee3b0773c0f497c573f19bb4f42" + + "40281f0b1f4f7be857a4e59d416c06b4" + + "c50fa09e1810ddc6b1467baeac5a3668" + + "d11b6ecaa901440016f389f80acc4db9" + + "77025e7f5924388c7e340a732e554440" + + "e76570f8dd71b7d640b3450d1fd5f041" + + "0a18f9a3494f707c717b79b4bf75c984" + + "00b096b21653b5d217cf3565c9597456" + + "f70703497a078763829bc01bb1cbc8fa" + + "04eadc9a6e3f6699587a9e75c94e5bab" + + "0036e0b2e711392cff0047d0d6b05bd2" + + "a588bc109718954259f1d86678a579a3" + + "120f19cfb2963f177aeb70f2d4844826" + + "262e51b80271272068ef5b3856fa8535" + + "aa2a88b2d41f2a0e2fda7624c2850272" + + "ac4a2f561f8f2f7a318bfd5caf969614" + + "9e4ac824ad3460538fdc25421beec2cc" + + "6818162d06bbed0c40a387192349db67" + + "a118bada6cd5ab0140ee273204f628aa" + + "d1c135f770279a651e24d8c14d75a605" + + "9d76b96a6fd857def5e0b354b27ab937" + + "a5815d16b5fae407ff18222c6d1ed263" + + "be68c95f32d908bd895cd76207ae7264" + + "87567f9a67dad79abec316f683b17f2d" + + "02bf07e0ac8b5bc6162cf94697b3c27c" + + "d1fea49b27f23ba2901871962506520c" + + "392da8b6ad0d99f7013fbc06c2c17a56" + + "9500c8a7696481c1cd33e9b14e40b82e" + + "79a5f5db82571ba97bae3ad3e0479515" + + "bb0e2b0f3bfcd1fd33034efc6245eddd" + + "7ee2086ddae2600d8ca73e214e8c2b0b" + + "db2b047c6a464a562ed77b73d2d841c4" + + "b34973551257713b753632efba348169" + + "abc90a68f42611a40126d7cb21b58695" + + "568186f7e569d2ff0f9e745d0487dd2e" + + "b997cafc5abf9dd102e62ff66cba87"; + + CheckEd448Vector( + ( "872d093780f5d3730df7c212664b37b8" + + "a0f24f56810daa8382cd4fa3f77634ec" + + "44dc54f1c2ed9bea86fafb7632d8be19" + + "9ea165f5ad55dd9ce8"), + ( "a81b2e8a70a5ac94ffdbcc9badfc3feb" + + "0801f258578bb114ad44ece1ec0e799d" + + "a08effb81c5d685c0c56f64eecaef8cd" + + "f11cc38737838cf400"), + m, + "", + ( "e301345a41a39a4d72fff8df69c98075" + + "a0cc082b802fc9b2b6bc503f926b65bd" + + "df7f4c8f1cb49f6396afc8a70abe6d8a" + + "ef0db478d4c6b2970076c6a0484fe76d" + + "76b3a97625d79f1ce240e7c576750d29" + + "5528286f719b413de9ada3e8eb78ed57" + + "3603ce30d8bb761785dc30dbc320869e" + + "1a00"), + "Ed448 Vector #1023"); + } + + [Test] + public void TestEd448phVector1() + { + CheckEd448phVector( + ("833fe62409237b9d62ec77587520911e" + + "9a759cec1d19755b7da901b96dca3d42" + + "ef7822e0d5104127dc05d6dbefde69e3" + + "ab2cec7c867c6e2c49"), + ("259b71c19f83ef77a7abd26524cbdb31" + + "61b590a48f7d17de3ee0ba9c52beb743" + + "c09428a131d6b1b57303d90d8132c276" + + "d5ed3d5d01c0f53880"), + "616263", + "", + ("822f6901f7480f3d5f562c592994d969" + + "3602875614483256505600bbc281ae38" + + "1f54d6bce2ea911574932f52a4e6cadd" + + "78769375ec3ffd1b801a0d9b3f4030cd" + + "433964b6457ea39476511214f97469b5" + + "7dd32dbc560a9a94d00bff07620464a3" + + "ad203df7dc7ce360c3cd3696d9d9fab9" + + "0f00"), + "Ed448ph Vector #1"); + } + + [Test] + public void TestEd448phVector2() + { + CheckEd448phVector( + ("833fe62409237b9d62ec77587520911e" + + "9a759cec1d19755b7da901b96dca3d42" + + "ef7822e0d5104127dc05d6dbefde69e3" + + "ab2cec7c867c6e2c49"), + ("259b71c19f83ef77a7abd26524cbdb31" + + "61b590a48f7d17de3ee0ba9c52beb743" + + "c09428a131d6b1b57303d90d8132c276" + + "d5ed3d5d01c0f53880"), + "616263", + "666f6f", + ("c32299d46ec8ff02b54540982814dce9" + + "a05812f81962b649d528095916a2aa48" + + "1065b1580423ef927ecf0af5888f90da" + + "0f6a9a85ad5dc3f280d91224ba9911a3" + + "653d00e484e2ce232521481c8658df30" + + "4bb7745a73514cdb9bf3e15784ab7128" + + "4f8d0704a608c54a6b62d97beb511d13" + + "2100"), + "Ed448ph Vector #2"); + } + + [Test] + public void TestPublicKeyValidationFull() + { + Assert.IsFalse(Ed448.ValidatePublicKeyFull(Neutral, 0)); + + byte[] sk = new byte[Ed448.SecretKeySize]; + byte[] pk = new byte[Ed448.PublicKeySize]; + + for (int i = 0; i < 10; ++i) + { + Random.NextBytes(sk); + Ed448.GeneratePublicKey(sk, 0, pk, 0); + Assert.IsTrue(Ed448.ValidatePublicKeyFull(pk, 0)); + } + + Assert.IsFalse(Ed448.ValidatePublicKeyFull(Hex.DecodeStrict("010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080"), 0)); + + Assert.IsFalse(Ed448.ValidatePublicKeyFull(Hex.DecodeStrict("FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF00"), 0)); + Assert.IsFalse(Ed448.ValidatePublicKeyFull(Hex.DecodeStrict("FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF80"), 0)); + Assert.IsFalse(Ed448.ValidatePublicKeyFull(Hex.DecodeStrict("000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001"), 0)); + Assert.IsFalse(Ed448.ValidatePublicKeyFull(Hex.DecodeStrict("000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000081"), 0)); + + Assert.IsFalse(Ed448.ValidatePublicKeyFull(Hex.DecodeStrict("C784B7238BDDDB84C44FB80936FB103FCF39C1F74EE83163A57DB4AD3946FDC81BF0504D6EC1DBABABDB750997BCA465D5FCD3A45F8E183D00"), 0)); + Assert.IsFalse(Ed448.ValidatePublicKeyFull(Hex.DecodeStrict("149578BCA53F7D199B472D6D367D22A35942BBCA2051F833122D4DC12FE758A16D672A54D5F8C390C44C2F8B32F21121DA69E9DE8FF9675780"), 0)); + Assert.IsFalse(Ed448.ValidatePublicKeyFull(Hex.DecodeStrict("9E9F6E7A8576E8D7C286C493FE76559419012B164589DF764E735CFFDE21BFCAF4D7553F9B37178A2F20C77473E4195E3E1E327F3174C14500"), 0)); + Assert.IsFalse(Ed448.ValidatePublicKeyFull(Hex.DecodeStrict("1979BDCBE0CEC16602B87257114059029605C720D5AFD2A90EF4B06655B34B561EBA6C1034452C3D8D1DA41C57340B0C9A95297E712CA75C00"), 0)); + Assert.IsFalse(Ed448.ValidatePublicKeyFull(Hex.DecodeStrict("E2B8507036D478F262A7009734CDD383734002CE32397FEA22BFEDEE0CEBB0064D176FB45A05AF19F8B18B07EE20D6E2320D075E95DAF15200"), 0)); + Assert.IsFalse(Ed448.ValidatePublicKeyFull(Hex.DecodeStrict("3C2FFFFCF504A0EBD8051B3962546C39410464A9C44DC3E82FA9437F2450F0F93C892F28E2ABDF7EA84B051E5536CCA6B44762D0941C5D0700"), 0)); + Assert.IsFalse(Ed448.ValidatePublicKeyFull(Hex.DecodeStrict("997FE46037CF6207B27B6D0BB9D7D97A038D5BFCF898D07EE6ED07953F0889CC4745D1E018EB7A894EFE88871004452E99C6A344362DA6E080"), 0)); + Assert.IsFalse(Ed448.ValidatePublicKeyFull(Hex.DecodeStrict("F67C319B8EDCE2E85D450BE46E1671183EB499CE8ABE56BCF666C13A99C5ECBC89FCE9B3B578E2A5D061D3590506BC27614DB6B0C682971B80"), 0)); + Assert.IsFalse(Ed448.ValidatePublicKeyFull(Hex.DecodeStrict("A7776DDD0BD52EC4D017478E38700395F9F4C45A3BEFFE4EA9994EA1A9E92D8D1CC56539BF57FF88401BBDC764904BC0E3635AEE1721FD3380"), 0)); + Assert.IsFalse(Ed448.ValidatePublicKeyFull(Hex.DecodeStrict("9F914CD9920D2B75ADBF34F758DA39BB35D1C81B5C480571A7A8B2CAAD7BA0F32D13AF9C69B0BECE5775B324DC49C063354EA2F6F231A23800"), 0)); + + Assert.IsFalse(Ed448.ValidatePublicKeyFull(Hex.DecodeStrict("2E0ACAB5953BC2F22C557C75E6B86225BE9CB3E82E78FC886EB57B628229C0C9548CD82630483C03D0E5DC02B2C3B1BD0E5DEE0B8DE4A88000"), 0)); + Assert.IsFalse(Ed448.ValidatePublicKeyFull(Hex.DecodeStrict("0F89D2E413A36A33031329169EFAAE88D8F84E90E741C3DFBB01C32544D995FF6EB354B6C5C29E62ACC124E806540C46CB0C0ED71931B39D00"), 0)); + Assert.IsFalse(Ed448.ValidatePublicKeyFull(Hex.DecodeStrict("AB553809FE1B027328EC7DBE71929C1F3A435B74CC0C06BEA831BC5E287EF2ACF4E831EC8E0C964A80BF85B966D32CADAE8E17E12EAFD3AF80"), 0)); + Assert.IsFalse(Ed448.ValidatePublicKeyFull(Hex.DecodeStrict("3043631378826937A822BDB8878DC33B9174BEC3530B2A8A4048F6B06B378DBC450E34ED623E47B1449E7636DAFB72F584605EF3BE01647F00"), 0)); + Assert.IsFalse(Ed448.ValidatePublicKeyFull(Hex.DecodeStrict("8A03959C8BD20BA7B1DA92A4C5591BC846F4CD8BE07387B325E179BB12245E17BDDE1AC82E9F7CAB2A79DDDBE68F8BA8DB7F03F91156C24A00"), 0)); + Assert.IsFalse(Ed448.ValidatePublicKeyFull(Hex.DecodeStrict("46299C8D31BAFEBBCF1719A851123CC4722E5BE9D93D8F98C215D34082AF658C570B4CFD44079993CBC19B0EAD3BFD0DFB2B67EBABB119B780"), 0)); + Assert.IsFalse(Ed448.ValidatePublicKeyFull(Hex.DecodeStrict("81A58C03708DD60BD68237622EC9934E8DE27FE7997F74A501B06C60C8F9D68856E7D12B88F1507E29EB0C30531B5AA353F154F2551AF5E580"), 0)); + Assert.IsFalse(Ed448.ValidatePublicKeyFull(Hex.DecodeStrict("DC5028F5AA0B9217B40C7FE00E10503C37B6611BA87CDD70F01536E87AD659711BA1265E679F94EC8D5ED87476CE031D14B2C7E46268F11A80"), 0)); + Assert.IsFalse(Ed448.ValidatePublicKeyFull(Hex.DecodeStrict("910DDFE36AAB6DCB7D5B72E6F2DF0769AD86665262232C487F722FEA85429DE247D1EBBC5C579A01D04672894E2B0F3FBDF22B43EA191DF700"), 0)); + Assert.IsFalse(Ed448.ValidatePublicKeyFull(Hex.DecodeStrict("43482D0750D4830AAAF578346288050EAE8ADF96DF66F243E73252114E432B448730517FD8726871508CAD7ECECFDB33120CA5558788B6C800"), 0)); + } + + [Test] + public void TestPublicKeyValidationPartial() + { + Assert.IsTrue(Ed448.ValidatePublicKeyPartial(Neutral, 0)); + + byte[] sk = new byte[Ed448.SecretKeySize]; + byte[] pk = new byte[Ed448.PublicKeySize]; + + for (int i = 0; i < 10; ++i) + { + Random.NextBytes(sk); + Ed448.GeneratePublicKey(sk, 0, pk, 0); + Assert.IsTrue(Ed448.ValidatePublicKeyPartial(pk, 0)); + } + + Assert.IsFalse(Ed448.ValidatePublicKeyPartial(Hex.DecodeStrict("010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080"), 0)); + + Assert.IsFalse(Ed448.ValidatePublicKeyPartial(Hex.DecodeStrict("FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF00"), 0)); + Assert.IsFalse(Ed448.ValidatePublicKeyPartial(Hex.DecodeStrict("FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF80"), 0)); + Assert.IsFalse(Ed448.ValidatePublicKeyPartial(Hex.DecodeStrict("000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001"), 0)); + Assert.IsFalse(Ed448.ValidatePublicKeyPartial(Hex.DecodeStrict("000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000081"), 0)); + + Assert.IsFalse(Ed448.ValidatePublicKeyPartial(Hex.DecodeStrict("C784B7238BDDDB84C44FB80936FB103FCF39C1F74EE83163A57DB4AD3946FDC81BF0504D6EC1DBABABDB750997BCA465D5FCD3A45F8E183D00"), 0)); + Assert.IsFalse(Ed448.ValidatePublicKeyPartial(Hex.DecodeStrict("149578BCA53F7D199B472D6D367D22A35942BBCA2051F833122D4DC12FE758A16D672A54D5F8C390C44C2F8B32F21121DA69E9DE8FF9675780"), 0)); + Assert.IsFalse(Ed448.ValidatePublicKeyPartial(Hex.DecodeStrict("9E9F6E7A8576E8D7C286C493FE76559419012B164589DF764E735CFFDE21BFCAF4D7553F9B37178A2F20C77473E4195E3E1E327F3174C14500"), 0)); + Assert.IsFalse(Ed448.ValidatePublicKeyPartial(Hex.DecodeStrict("1979BDCBE0CEC16602B87257114059029605C720D5AFD2A90EF4B06655B34B561EBA6C1034452C3D8D1DA41C57340B0C9A95297E712CA75C00"), 0)); + Assert.IsFalse(Ed448.ValidatePublicKeyPartial(Hex.DecodeStrict("E2B8507036D478F262A7009734CDD383734002CE32397FEA22BFEDEE0CEBB0064D176FB45A05AF19F8B18B07EE20D6E2320D075E95DAF15200"), 0)); + Assert.IsFalse(Ed448.ValidatePublicKeyPartial(Hex.DecodeStrict("3C2FFFFCF504A0EBD8051B3962546C39410464A9C44DC3E82FA9437F2450F0F93C892F28E2ABDF7EA84B051E5536CCA6B44762D0941C5D0700"), 0)); + Assert.IsFalse(Ed448.ValidatePublicKeyPartial(Hex.DecodeStrict("997FE46037CF6207B27B6D0BB9D7D97A038D5BFCF898D07EE6ED07953F0889CC4745D1E018EB7A894EFE88871004452E99C6A344362DA6E080"), 0)); + Assert.IsFalse(Ed448.ValidatePublicKeyPartial(Hex.DecodeStrict("F67C319B8EDCE2E85D450BE46E1671183EB499CE8ABE56BCF666C13A99C5ECBC89FCE9B3B578E2A5D061D3590506BC27614DB6B0C682971B80"), 0)); + Assert.IsFalse(Ed448.ValidatePublicKeyPartial(Hex.DecodeStrict("A7776DDD0BD52EC4D017478E38700395F9F4C45A3BEFFE4EA9994EA1A9E92D8D1CC56539BF57FF88401BBDC764904BC0E3635AEE1721FD3380"), 0)); + Assert.IsFalse(Ed448.ValidatePublicKeyPartial(Hex.DecodeStrict("9F914CD9920D2B75ADBF34F758DA39BB35D1C81B5C480571A7A8B2CAAD7BA0F32D13AF9C69B0BECE5775B324DC49C063354EA2F6F231A23800"), 0)); + + Assert.IsTrue(Ed448.ValidatePublicKeyPartial(Hex.DecodeStrict("2E0ACAB5953BC2F22C557C75E6B86225BE9CB3E82E78FC886EB57B628229C0C9548CD82630483C03D0E5DC02B2C3B1BD0E5DEE0B8DE4A88000"), 0)); + Assert.IsTrue(Ed448.ValidatePublicKeyPartial(Hex.DecodeStrict("0F89D2E413A36A33031329169EFAAE88D8F84E90E741C3DFBB01C32544D995FF6EB354B6C5C29E62ACC124E806540C46CB0C0ED71931B39D00"), 0)); + Assert.IsTrue(Ed448.ValidatePublicKeyPartial(Hex.DecodeStrict("AB553809FE1B027328EC7DBE71929C1F3A435B74CC0C06BEA831BC5E287EF2ACF4E831EC8E0C964A80BF85B966D32CADAE8E17E12EAFD3AF80"), 0)); + Assert.IsTrue(Ed448.ValidatePublicKeyPartial(Hex.DecodeStrict("3043631378826937A822BDB8878DC33B9174BEC3530B2A8A4048F6B06B378DBC450E34ED623E47B1449E7636DAFB72F584605EF3BE01647F00"), 0)); + Assert.IsTrue(Ed448.ValidatePublicKeyPartial(Hex.DecodeStrict("8A03959C8BD20BA7B1DA92A4C5591BC846F4CD8BE07387B325E179BB12245E17BDDE1AC82E9F7CAB2A79DDDBE68F8BA8DB7F03F91156C24A00"), 0)); + Assert.IsTrue(Ed448.ValidatePublicKeyPartial(Hex.DecodeStrict("46299C8D31BAFEBBCF1719A851123CC4722E5BE9D93D8F98C215D34082AF658C570B4CFD44079993CBC19B0EAD3BFD0DFB2B67EBABB119B780"), 0)); + Assert.IsTrue(Ed448.ValidatePublicKeyPartial(Hex.DecodeStrict("81A58C03708DD60BD68237622EC9934E8DE27FE7997F74A501B06C60C8F9D68856E7D12B88F1507E29EB0C30531B5AA353F154F2551AF5E580"), 0)); + Assert.IsTrue(Ed448.ValidatePublicKeyPartial(Hex.DecodeStrict("DC5028F5AA0B9217B40C7FE00E10503C37B6611BA87CDD70F01536E87AD659711BA1265E679F94EC8D5ED87476CE031D14B2C7E46268F11A80"), 0)); + Assert.IsTrue(Ed448.ValidatePublicKeyPartial(Hex.DecodeStrict("910DDFE36AAB6DCB7D5B72E6F2DF0769AD86665262232C487F722FEA85429DE247D1EBBC5C579A01D04672894E2B0F3FBDF22B43EA191DF700"), 0)); + Assert.IsTrue(Ed448.ValidatePublicKeyPartial(Hex.DecodeStrict("43482D0750D4830AAAF578346288050EAE8ADF96DF66F243E73252114E432B448730517FD8726871508CAD7ECECFDB33120CA5558788B6C800"), 0)); + } + + private static void CheckEd448Vector(string sSK, string sPK, string sM, string sCTX, string sSig, string text) + { + byte[] sk = Hex.Decode(sSK); + byte[] pk = Hex.Decode(sPK); + + byte[] pkGen = new byte[Ed448.PublicKeySize]; + Ed448.GeneratePublicKey(sk, 0, pkGen, 0); + Assert.IsTrue(Arrays.AreEqual(pk, pkGen), text); + + byte[] m = Hex.Decode(sM); + byte[] ctx = Hex.Decode(sCTX); + byte[] sig = Hex.Decode(sSig); + byte[] sigGen = new byte[Ed448.SignatureSize]; + + byte[] badsig = Arrays.Clone(sig); + badsig[Ed448.SignatureSize - 1] ^= 0x80; + + Ed448.Sign(sk, 0, ctx, m, 0, m.Length, sigGen, 0); + Assert.IsTrue(Arrays.AreEqual(sig, sigGen), text); + + Ed448.Sign(sk, 0, pk, 0, ctx, m, 0, m.Length, sigGen, 0); + Assert.IsTrue(Arrays.AreEqual(sig, sigGen), text); + + bool shouldVerify = Ed448.Verify(sig, 0, pk, 0, ctx, m, 0, m.Length); + Assert.IsTrue(shouldVerify, text); + + bool shouldNotVerify = Ed448.Verify(badsig, 0, pk, 0, ctx, m, 0, m.Length); + Assert.IsFalse(shouldNotVerify, text); + } + + private static void CheckEd448phVector(string sSK, string sPK, string sM, string sCTX, string sSig, string text) + { + byte[] sk = Hex.Decode(sSK); + byte[] pk = Hex.Decode(sPK); + + byte[] pkGen = new byte[Ed448.PublicKeySize]; + Ed448.GeneratePublicKey(sk, 0, pkGen, 0); + Assert.IsTrue(Arrays.AreEqual(pk, pkGen), text); + + byte[] m = Hex.Decode(sM); + byte[] ctx = Hex.Decode(sCTX); + byte[] sig = Hex.Decode(sSig); + + byte[] badsig = Arrays.Clone(sig); + badsig[Ed448.SignatureSize - 1] ^= 0x80; + + byte[] sigGen = new byte[Ed448.SignatureSize]; + + { + IXof prehash = Ed448.CreatePrehash(); + prehash.BlockUpdate(m, 0, m.Length); + + byte[] ph = new byte[Ed448.PrehashSize]; + prehash.DoFinal(ph, 0, ph.Length); + + Ed448.SignPrehash(sk, 0, ctx, ph, 0, sigGen, 0); + Assert.IsTrue(Arrays.AreEqual(sig, sigGen), text); + + Ed448.SignPrehash(sk, 0, pk, 0, ctx, ph, 0, sigGen, 0); + Assert.IsTrue(Arrays.AreEqual(sig, sigGen), text); + + bool shouldVerify = Ed448.VerifyPrehash(sig, 0, pk, 0, ctx, ph, 0); + Assert.IsTrue(shouldVerify, text); + + bool shouldNotVerify = Ed448.VerifyPrehash(badsig, 0, pk, 0, ctx, ph, 0); + Assert.IsFalse(shouldNotVerify, text); + } + + { + IXof ph = Ed448.CreatePrehash(); + ph.BlockUpdate(m, 0, m.Length); + + Ed448.SignPrehash(sk, 0, ctx, ph, sigGen, 0); + Assert.IsTrue(Arrays.AreEqual(sig, sigGen), text); + } + + { + IXof ph = Ed448.CreatePrehash(); + ph.BlockUpdate(m, 0, m.Length); + + Ed448.SignPrehash(sk, 0, pk, 0, ctx, ph, sigGen, 0); + Assert.IsTrue(Arrays.AreEqual(sig, sigGen), text); + } + + { + IXof ph = Ed448.CreatePrehash(); + ph.BlockUpdate(m, 0, m.Length); + + bool shouldVerify = Ed448.VerifyPrehash(sig, 0, pk, 0, ctx, ph); + Assert.IsTrue(shouldVerify, text); + } + + { + IXof ph = Ed448.CreatePrehash(); + ph.BlockUpdate(m, 0, m.Length); + + bool shouldNotVerify = Ed448.VerifyPrehash(badsig, 0, pk, 0, ctx, ph); + Assert.IsFalse(shouldNotVerify, text); + } + } + } +} diff --git a/BouncyCastle/crypto/test/src/math/ec/test/AllTests.cs b/BouncyCastle/crypto/test/src/math/ec/test/AllTests.cs new file mode 100644 index 0000000..3d3f393 --- /dev/null +++ b/BouncyCastle/crypto/test/src/math/ec/test/AllTests.cs @@ -0,0 +1,30 @@ +#if !LIB +using System; + +using NUnit.Core; +using NUnit.Framework; + +namespace Org.BouncyCastle.Math.EC.Tests +{ + public class AllTests + { + public static void Main(string[] args) + { + Suite.Run(new NullListener(), NUnit.Core.TestFilter.Empty); + } + + [Suite] + public static TestSuite Suite + { + get + { + TestSuite suite = new TestSuite("EC Math tests"); + suite.Add(new ECAlgorithmsTest()); + suite.Add(new ECPointTest()); + suite.Add(new FixedPointTest()); + return suite; + } + } + } +} +#endif diff --git a/BouncyCastle/crypto/test/src/math/ec/test/ECAlgorithmsTest.cs b/BouncyCastle/crypto/test/src/math/ec/test/ECAlgorithmsTest.cs new file mode 100644 index 0000000..2a05c82 --- /dev/null +++ b/BouncyCastle/crypto/test/src/math/ec/test/ECAlgorithmsTest.cs @@ -0,0 +1,174 @@ +using System; +using System.Collections; + +using NUnit.Framework; + +using Org.BouncyCastle.Asn1.X9; +using Org.BouncyCastle.Crypto.EC; +using Org.BouncyCastle.Security; +using Org.BouncyCastle.Utilities.Collections; + +namespace Org.BouncyCastle.Math.EC.Tests +{ + [TestFixture] + public class ECAlgorithmsTest + { + private const int Scale = 4; + private static readonly SecureRandom Random = new SecureRandom(); + + [Test] + public void TestSumOfMultiplies() + { + X9ECParameters x9 = CustomNamedCurves.GetByName("secp256r1"); + Assert.NotNull(x9); + DoTestSumOfMultiplies(x9); + } + + [Test, Explicit] + public void TestSumOfMultipliesComplete() + { + foreach (X9ECParameters x9 in GetTestCurves()) + { + DoTestSumOfMultiplies(x9); + } + } + + [Test] + public void TestSumOfTwoMultiplies() + { + X9ECParameters x9 = CustomNamedCurves.GetByName("secp256r1"); + Assert.NotNull(x9); + DoTestSumOfTwoMultiplies(x9); + } + + [Test, Explicit] + public void TestSumOfTwoMultipliesComplete() + { + foreach (X9ECParameters x9 in GetTestCurves()) + { + DoTestSumOfTwoMultiplies(x9); + } + } + + private void DoTestSumOfMultiplies(X9ECParameters x9) + { + ECPoint[] points = new ECPoint[Scale]; + BigInteger[] scalars = new BigInteger[Scale]; + for (int i = 0; i < Scale; ++i) + { + points[i] = GetRandomPoint(x9); + scalars[i] = GetRandomScalar(x9); + } + + ECPoint u = x9.Curve.Infinity; + for (int i = 0; i < Scale; ++i) + { + u = u.Add(points[i].Multiply(scalars[i])); + + ECPoint v = ECAlgorithms.SumOfMultiplies(CopyPoints(points, i + 1), CopyScalars(scalars, i + 1)); + + ECPoint[] results = new ECPoint[] { u, v }; + x9.Curve.NormalizeAll(results); + + AssertPointsEqual("ECAlgorithms.SumOfMultiplies is incorrect", results[0], results[1]); + } + } + + private void DoTestSumOfTwoMultiplies(X9ECParameters x9) + { + ECPoint p = GetRandomPoint(x9); + BigInteger a = GetRandomScalar(x9); + + for (int i = 0; i < Scale; ++i) + { + ECPoint q = GetRandomPoint(x9); + BigInteger b = GetRandomScalar(x9); + + ECPoint u = p.Multiply(a).Add(q.Multiply(b)); + ECPoint v = ECAlgorithms.ShamirsTrick(p, a, q, b); + ECPoint w = ECAlgorithms.SumOfTwoMultiplies(p, a, q, b); + + ECPoint[] results = new ECPoint[] { u, v, w }; + x9.Curve.NormalizeAll(results); + + AssertPointsEqual("ECAlgorithms.ShamirsTrick is incorrect", results[0], results[1]); + AssertPointsEqual("ECAlgorithms.SumOfTwoMultiplies is incorrect", results[0], results[2]); + + p = q; + a = b; + } + } + + private void AssertPointsEqual(string message, ECPoint a, ECPoint b) + { + Assert.AreEqual(a, b, message); + } + + private ECPoint[] CopyPoints(ECPoint[] ps, int len) + { + ECPoint[] result = new ECPoint[len]; + Array.Copy(ps, 0, result, 0, len); + return result; + } + + private BigInteger[] CopyScalars(BigInteger[] ks, int len) + { + BigInteger[] result = new BigInteger[len]; + Array.Copy(ks, 0, result, 0, len); + return result; + } + + private ECPoint GetRandomPoint(X9ECParameters x9) + { + return x9.G.Multiply(GetRandomScalar(x9)); + } + + private BigInteger GetRandomScalar(X9ECParameters x9) + { + return new BigInteger(x9.N.BitLength, Random); + } + + private IList GetTestCurves() + { + ArrayList x9s = new ArrayList(); + ISet names = new HashSet(ECNamedCurveTable.Names); + names.AddAll(CustomNamedCurves.Names); + + foreach (string name in names) + { + X9ECParameters x9 = ECNamedCurveTable.GetByName(name); + if (x9 != null) + { + AddTestCurves(x9s, x9); + } + + x9 = CustomNamedCurves.GetByName(name); + if (x9 != null) + { + AddTestCurves(x9s, x9); + } + } + return x9s; + } + + private void AddTestCurves(IList x9s, X9ECParameters x9) + { + ECCurve curve = x9.Curve; + + int[] coords = ECCurve.GetAllCoordinateSystems(); + for (int i = 0; i < coords.Length; ++i) + { + int coord = coords[i]; + if (curve.CoordinateSystem == coord) + { + x9s.Add(x9); + } + else if (curve.SupportsCoordinateSystem(coord)) + { + ECCurve c = curve.Configure().SetCoordinateSystem(coord).Create(); + x9s.Add(new X9ECParameters(c, c.ImportPoint(x9.G), x9.N, x9.H)); + } + } + } + } +} diff --git a/BouncyCastle/crypto/test/src/math/ec/test/ECPointPerformanceTest.cs b/BouncyCastle/crypto/test/src/math/ec/test/ECPointPerformanceTest.cs new file mode 100644 index 0000000..1cf8c81 --- /dev/null +++ b/BouncyCastle/crypto/test/src/math/ec/test/ECPointPerformanceTest.cs @@ -0,0 +1,209 @@ +using System; +using System.Collections; +using System.Text; + +using NUnit.Framework; + +using Org.BouncyCastle.Asn1; +using Org.BouncyCastle.Asn1.Sec; +using Org.BouncyCastle.Asn1.X9; +using Org.BouncyCastle.Crypto.EC; +using Org.BouncyCastle.Math; +using Org.BouncyCastle.Math.EC; +using Org.BouncyCastle.Security; +using Org.BouncyCastle.Utilities; +using Org.BouncyCastle.Utilities.Collections; +using Org.BouncyCastle.Utilities.Date; + +namespace Org.BouncyCastle.Math.EC.Tests +{ + /** + * Compares the performance of the the window NAF point multiplication against + * conventional point multiplication. + */ + [TestFixture, Explicit] + public class ECPointPerformanceTest + { + internal const int MILLIS_PER_ROUND = 200; + internal const int MILLIS_WARMUP = 1000; + + internal const int MULTS_PER_CHECK = 16; + internal const int NUM_ROUNDS = 10; + + private static string[] COORD_NAMES = new string[]{ "AFFINE", "HOMOGENEOUS", "JACOBIAN", "JACOBIAN-CHUDNOVSKY", + "JACOBIAN-MODIFIED", "LAMBDA-AFFINE", "LAMBDA-PROJECTIVE", "SKEWED" }; + + private void RandMult(string curveName) + { + X9ECParameters spec = ECNamedCurveTable.GetByName(curveName); + if (spec != null) + { + RandMult(curveName, spec); + } + + spec = CustomNamedCurves.GetByName(curveName); + if (spec != null) + { + RandMult(curveName + " (custom)", spec); + } + } + + private void RandMult(string label, X9ECParameters spec) + { + ECCurve C = spec.Curve; + ECPoint G = (ECPoint)spec.G; + BigInteger n = spec.N; + + SecureRandom random = new SecureRandom(); + random.SetSeed(DateTimeUtilities.CurrentUnixMs()); + + Console.WriteLine(label); + + int[] coords = ECCurve.GetAllCoordinateSystems(); + for (int i = 0; i < coords.Length; ++i) + { + int coord = coords[i]; + if (C.SupportsCoordinateSystem(coord)) + { + ECCurve c = C; + ECPoint g = G; + + bool defaultCoord = (c.CoordinateSystem == coord); + if (!defaultCoord) + { + c = C.Configure().SetCoordinateSystem(coord).Create(); + g = c.ImportPoint(G); + } + + double avgRate = RandMult(random, g, n); + string coordName = COORD_NAMES[coord]; + StringBuilder sb = new StringBuilder(); + sb.Append(" "); + sb.Append(defaultCoord ? '*' : ' '); + sb.Append(coordName); + for (int j = sb.Length; j < 30; ++j) + { + sb.Append(' '); + } + sb.Append(": "); + sb.Append(avgRate); + sb.Append(" mults/sec"); + for (int j = sb.Length; j < 64; ++j) + { + sb.Append(' '); + } + sb.Append('('); + sb.Append(1000.0 / avgRate); + sb.Append(" millis/mult)"); + Console.WriteLine(sb.ToString()); + } + } + } + + private double RandMult(SecureRandom random, ECPoint g, BigInteger n) + { + BigInteger[] ks = new BigInteger[128]; + for (int i = 0; i < ks.Length; ++i) + { + ks[i] = new BigInteger(n.BitLength - 1, random); + } + + int ki = 0; + ECPoint p = g; + + { + long startTime = DateTimeUtilities.CurrentUnixMs(); + long goalTime = startTime + MILLIS_WARMUP; + + do + { + BigInteger k = ks[ki]; + p = g.Multiply(k); + if ((ki & 1) != 0) + { + g = p; + } + if (++ki == ks.Length) + { + ki = 0; + } + } + while (DateTimeUtilities.CurrentUnixMs() < goalTime); + } + + double minRate = Double.MaxValue, maxRate = Double.MinValue, totalRate = 0.0; + + for (int i = 1; i <= NUM_ROUNDS; i++) + { + long startTime = DateTimeUtilities.CurrentUnixMs(); + long goalTime = startTime + MILLIS_PER_ROUND; + long count = 0, endTime; + + do + { + ++count; + + for (int j = 0; j < MULTS_PER_CHECK; ++j) + { + BigInteger k = ks[ki]; + p = g.Multiply(k); + if ((ki & 1) != 0) + { + g = p; + } + if (++ki == ks.Length) + { + ki = 0; + } + } + + endTime = DateTimeUtilities.CurrentUnixMs(); + } + while (endTime < goalTime); + + double roundElapsed = (double)(endTime - startTime); + double roundRate = count * MULTS_PER_CHECK * 1000L / roundElapsed; + + minRate = System.Math.Min(minRate, roundRate); + maxRate = System.Math.Max(maxRate, roundRate); + totalRate += roundRate; + } + + return (totalRate - minRate - maxRate) / (NUM_ROUNDS - 2); + } + + [Test, Ignore] + public void TestMultiply() + { + ArrayList nameList = new ArrayList(); + CollectionUtilities.AddRange(nameList, ECNamedCurveTable.Names); + CollectionUtilities.AddRange(nameList, CustomNamedCurves.Names); + + string[] names = (string[])nameList.ToArray(typeof(string)); + Array.Sort(names); + ISet oids = new HashSet(); + foreach (string name in names) + { + DerObjectIdentifier oid = ECNamedCurveTable.GetOid(name); + if (oid == null) + { + oid = CustomNamedCurves.GetOid(name); + } + if (oid != null) + { + if (oids.Contains(oid)) + continue; + + oids.Add(oid); + } + + RandMult(name); + } + } + + public static void Main(string[] args) + { + new ECPointPerformanceTest().TestMultiply(); + } + } +} diff --git a/BouncyCastle/crypto/test/src/math/ec/test/ECPointTest.cs b/BouncyCastle/crypto/test/src/math/ec/test/ECPointTest.cs new file mode 100644 index 0000000..4b17d8c --- /dev/null +++ b/BouncyCastle/crypto/test/src/math/ec/test/ECPointTest.cs @@ -0,0 +1,700 @@ +using System; +using System.Collections; + +using NUnit.Framework; + +using Org.BouncyCastle.Asn1.X9; +using Org.BouncyCastle.Crypto.EC; +using Org.BouncyCastle.Math.EC.Multiplier; +using Org.BouncyCastle.Security; +using Org.BouncyCastle.Utilities; +using Org.BouncyCastle.Utilities.Collections; +using Org.BouncyCastle.Utilities.Encoders; + +namespace Org.BouncyCastle.Math.EC.Tests +{ + /** + * Test class for {@link org.bouncycastle.math.ec.ECPoint ECPoint}. All + * literature values are taken from "Guide to elliptic curve cryptography", + * Darrel Hankerson, Alfred J. Menezes, Scott Vanstone, 2004, Springer-Verlag + * New York, Inc. + */ + [TestFixture] + public class ECPointTest + { + /** + * Random source used to generate random points + */ + private SecureRandom Random = new SecureRandom(); + + /** + * Nested class containing sample literature values for Fp. + */ + public class Fp + { + internal static readonly BigInteger q = new BigInteger("1063"); + + internal static readonly BigInteger a = new BigInteger("4"); + + internal static readonly BigInteger b = new BigInteger("20"); + + internal static readonly BigInteger n = new BigInteger("38"); + + internal static readonly BigInteger h = new BigInteger("1"); + + internal static readonly ECCurve curve = new FpCurve(q, a, b, n, h); + + internal static readonly ECPoint infinity = curve.Infinity; + + internal static readonly int[] pointSource = { 1, 5, 4, 10, 234, 1024, 817, 912 }; + + internal static ECPoint[] p = new ECPoint[pointSource.Length / 2]; + + /** + * Creates the points on the curve with literature values. + */ + internal static void CreatePoints() + { + for (int i = 0; i < pointSource.Length / 2; i++) + { + p[i] = curve.CreatePoint( + new BigInteger(pointSource[2 * i].ToString()), + new BigInteger(pointSource[2 * i + 1].ToString())); + } + } + } + + /** + * Nested class containing sample literature values for F2m. + */ + public class F2m + { + // Irreducible polynomial for TPB z^4 + z + 1 + internal const int m = 4; + + internal const int k1 = 1; + + // a = z^3 + internal static readonly BigInteger aTpb = new BigInteger("1000", 2); + + // b = z^3 + 1 + internal static readonly BigInteger bTpb = new BigInteger("1001", 2); + + internal static readonly BigInteger n = new BigInteger("23"); + + internal static readonly BigInteger h = new BigInteger("1"); + + internal static readonly ECCurve curve = new F2mCurve(m, k1, aTpb, bTpb, n, h); + + internal static readonly ECPoint infinity = curve.Infinity; + + internal static readonly String[] pointSource = { "0010", "1111", "1100", "1100", + "0001", "0001", "1011", "0010" }; + + internal static readonly ECPoint[] p = new ECPoint[pointSource.Length / 2]; + + /** + * Creates the points on the curve with literature values. + */ + internal static void CreatePoints() + { + for (int i = 0; i < pointSource.Length / 2; i++) + { + p[i] = curve.CreatePoint( + new BigInteger(pointSource[2 * i], 2), + new BigInteger(pointSource[2 * i + 1], 2)); + } + } + } + + [SetUp] + public void SetUp() + { + Fp.CreatePoints(); + F2m.CreatePoints(); + } + + /** + * Tests, if inconsistent points can be created, i.e. points with exactly + * one null coordinate (not permitted). + */ + [Test] + public void TestPointCreationConsistency() + { + try + { + ECPoint bad = Fp.curve.CreatePoint(BigInteger.ValueOf(12), null); + Assert.Fail(); + } + catch (ArgumentException) + { + // Expected + } + + try + { + ECPoint bad = Fp.curve.CreatePoint(null, BigInteger.ValueOf(12)); + Assert.Fail(); + } + catch (ArgumentException) + { + // Expected + } + + try + { + ECPoint bad = F2m.curve.CreatePoint(new BigInteger("1011"), null); + Assert.Fail(); + } + catch (ArgumentException) + { + // Expected + } + + try + { + ECPoint bad = F2m.curve.CreatePoint(null, new BigInteger("1011")); + Assert.Fail(); + } + catch (ArgumentException) + { + // Expected + } + } + + /** + * Tests ECPoint.add() against literature values. + * + * @param p + * The array of literature values. + * @param infinity + * The point at infinity on the respective curve. + */ + private void ImplTestAdd(ECPoint[] p, ECPoint infinity) + { + AssertPointsEqual("p0 plus p1 does not equal p2", p[2], p[0].Add(p[1])); + AssertPointsEqual("p1 plus p0 does not equal p2", p[2], p[1].Add(p[0])); + for (int i = 0; i < p.Length; i++) + { + AssertPointsEqual("Adding infinity failed", p[i], p[i].Add(infinity)); + AssertPointsEqual("Adding to infinity failed", p[i], infinity.Add(p[i])); + } + } + + /** + * Calls implTestAdd() for Fp and + * F2m. + */ + [Test] + public void TestAdd() + { + ImplTestAdd(Fp.p, Fp.infinity); + ImplTestAdd(F2m.p, F2m.infinity); + } + + /** + * Tests ECPoint.twice() against literature values. + * + * @param p + * The array of literature values. + */ + private void ImplTestTwice(ECPoint[] p) + { + AssertPointsEqual("Twice incorrect", p[3], p[0].Twice()); + AssertPointsEqual("Add same point incorrect", p[3], p[0].Add(p[0])); + } + + /** + * Calls implTestTwice() for Fp and + * F2m. + */ + [Test] + public void TestTwice() + { + ImplTestTwice(Fp.p); + ImplTestTwice(F2m.p); + } + + private void ImplTestThreeTimes(ECPoint[] p) + { + ECPoint P = p[0]; + ECPoint _3P = P.Add(P).Add(P); + AssertPointsEqual("ThreeTimes incorrect", _3P, P.ThreeTimes()); + AssertPointsEqual("TwicePlus incorrect", _3P, P.TwicePlus(P)); + } + + /** + * Calls implTestThreeTimes() for Fp and + * F2m. + */ + [Test] + public void TestThreeTimes() + { + ImplTestThreeTimes(Fp.p); + ImplTestThreeTimes(F2m.p); + } + + /** + * Goes through all points on an elliptic curve and checks, if adding a + * point k-times is the same as multiplying the point by + * k, for all k. Should be called for points + * on very small elliptic curves only. + * + * @param p + * The base point on the elliptic curve. + * @param infinity + * The point at infinity on the elliptic curve. + */ + private void ImplTestAllPoints(ECPoint p, ECPoint infinity) + { + ECPoint adder = infinity; + ECPoint multiplier = infinity; + + BigInteger i = BigInteger.One; + do + { + adder = adder.Add(p); + multiplier = p.Multiply(i); + AssertPointsEqual("Results of Add() and Multiply() are inconsistent " + i, adder, multiplier); + i = i.Add(BigInteger.One); + } + while (!(adder.Equals(infinity))); + } + + /** + * Calls implTestAllPoints() for the small literature curves, + * both for Fp and F2m. + */ + [Test] + public void TestAllPoints() + { + for (int i = 0; i < Fp.p.Length; i++) + { + ImplTestAllPoints(Fp.p[i], Fp.infinity); + } + + for (int i = 0; i < F2m.p.Length; i++) + { + ImplTestAllPoints(F2m.p[i], F2m.infinity); + } + } + + /** + * Checks, if the point multiplication algorithm of the given point yields + * the same result as point multiplication done by the reference + * implementation given in multiply(). This method chooses a + * random number by which the given point p is multiplied. + * + * @param p + * The point to be multiplied. + * @param numBits + * The bitlength of the random number by which p + * is multiplied. + */ + private void ImplTestMultiply(ECPoint p, int numBits) + { + BigInteger k = new BigInteger(numBits, Random); + ECPoint reff = ECAlgorithms.ReferenceMultiply(p, k); + ECPoint q = p.Multiply(k); + AssertPointsEqual("ECPoint.Multiply is incorrect", reff, q); + } + + /** + * Checks, if the point multiplication algorithm of the given point yields + * the same result as point multiplication done by the reference + * implementation given in multiply(). This method tests + * multiplication of p by every number of bitlength + * numBits or less. + * + * @param p + * The point to be multiplied. + * @param numBits + * Try every multiplier up to this bitlength + */ + private void ImplTestMultiplyAll(ECPoint p, int numBits) + { + BigInteger bound = BigInteger.One.ShiftLeft(numBits); + BigInteger k = BigInteger.Zero; + + do + { + ECPoint reff = ECAlgorithms.ReferenceMultiply(p, k); + ECPoint q = p.Multiply(k); + AssertPointsEqual("ECPoint.Multiply is incorrect", reff, q); + k = k.Add(BigInteger.One); + } + while (k.CompareTo(bound) < 0); + } + + /** + * Tests ECPoint.add() and ECPoint.subtract() + * for the given point and the given point at infinity. + * + * @param p + * The point on which the tests are performed. + * @param infinity + * The point at infinity on the same curve as p. + */ + private void ImplTestAddSubtract(ECPoint p, ECPoint infinity) + { + AssertPointsEqual("Twice and Add inconsistent", p.Twice(), p.Add(p)); + AssertPointsEqual("Twice p - p is not p", p, p.Twice().Subtract(p)); + AssertPointsEqual("TwicePlus(p, -p) is not p", p, p.TwicePlus(p.Negate())); + AssertPointsEqual("p - p is not infinity", infinity, p.Subtract(p)); + AssertPointsEqual("p plus infinity is not p", p, p.Add(infinity)); + AssertPointsEqual("infinity plus p is not p", p, infinity.Add(p)); + AssertPointsEqual("infinity plus infinity is not infinity ", infinity, infinity.Add(infinity)); + AssertPointsEqual("Twice infinity is not infinity ", infinity, infinity.Twice()); + } + + /** + * Calls implTestAddSubtract() for literature values, both + * for Fp and F2m. + */ + [Test] + public void TestAddSubtractMultiplySimple() + { + int fpBits = Fp.curve.Order.BitLength; + for (int iFp = 0; iFp < Fp.pointSource.Length / 2; iFp++) + { + ImplTestAddSubtract(Fp.p[iFp], Fp.infinity); + + ImplTestMultiplyAll(Fp.p[iFp], fpBits); + ImplTestMultiplyAll(Fp.infinity, fpBits); + } + + int f2mBits = F2m.curve.Order.BitLength; + for (int iF2m = 0; iF2m < F2m.pointSource.Length / 2; iF2m++) + { + ImplTestAddSubtract(F2m.p[iF2m], F2m.infinity); + + ImplTestMultiplyAll(F2m.p[iF2m], f2mBits); + ImplTestMultiplyAll(F2m.infinity, f2mBits); + } + } + + /** + * Test encoding with and without point compression. + * + * @param p + * The point to be encoded and decoded. + */ + private void ImplTestEncoding(ECPoint p) + { + // Not Point Compression + byte[] unCompBarr = p.GetEncoded(false); + ECPoint decUnComp = p.Curve.DecodePoint(unCompBarr); + AssertPointsEqual("Error decoding uncompressed point", p, decUnComp); + + // Point compression + byte[] compBarr = p.GetEncoded(true); + ECPoint decComp = p.Curve.DecodePoint(compBarr); + AssertPointsEqual("Error decoding compressed point", p, decComp); + } + + private void ImplAddSubtractMultiplyTwiceEncodingTest(ECCurve curve, ECPoint q, BigInteger n) + { + // Get point at infinity on the curve + ECPoint infinity = curve.Infinity; + + ImplTestAddSubtract(q, infinity); + ImplTestMultiply(q, n.BitLength); + ImplTestMultiply(infinity, n.BitLength); + + int logSize = 32 - Integers.NumberOfLeadingZeros(curve.FieldSize - 1); + int rounds = System.Math.Max(2, System.Math.Min(10, 32 - 3 * logSize)); + + ECPoint p = q; + for (int i = 0; ; ) + { + ImplTestEncoding(p); + if (++i == rounds) + break; + p = p.Twice(); + } + } + + private void ImplSqrtTest(ECCurve c) + { + if (ECAlgorithms.IsFpCurve(c)) + { + BigInteger p = c.Field.Characteristic; + BigInteger pMinusOne = p.Subtract(BigInteger.One); + BigInteger legendreExponent = p.ShiftRight(1); + + int count = 0; + while (count < 10) + { + BigInteger nonSquare = BigIntegers.CreateRandomInRange(BigInteger.Two, pMinusOne, Random); + if (!nonSquare.ModPow(legendreExponent, p).Equals(BigInteger.One)) + { + ECFieldElement root = c.FromBigInteger(nonSquare).Sqrt(); + Assert.IsNull(root); + ++count; + } + } + } + else if (ECAlgorithms.IsF2mCurve(c)) + { + int m = c.FieldSize; + BigInteger x = new BigInteger(m, Random); + ECFieldElement fe = c.FromBigInteger(x); + for (int i = 0; i < 100; ++i) + { + ECFieldElement sq = fe.Square(); + ECFieldElement check = sq.Sqrt(); + Assert.AreEqual(fe, check); + fe = sq; + } + } + } + + private void ImplValidityTest(ECCurve c, ECPoint g) + { + Assert.IsTrue(g.IsValid()); + + if (ECAlgorithms.IsF2mCurve(c)) + { + BigInteger h = c.Cofactor; + if (null != h) + { + if (!h.TestBit(0)) + { + ECFieldElement sqrtB = c.B.Sqrt(); + ECPoint order2 = c.CreatePoint(BigInteger.Zero, sqrtB.ToBigInteger()); + Assert.IsTrue(order2.Twice().IsInfinity); + Assert.IsFalse(order2.IsValid()); + ECPoint bad2 = g.Add(order2); + Assert.IsFalse(bad2.IsValid()); + ECPoint good2 = bad2.Add(order2); + Assert.IsTrue(good2.IsValid()); + + if (!h.TestBit(1)) + { + ECFieldElement L = SolveQuadraticEquation(c, c.A); + Assert.IsNotNull(L); + ECFieldElement T = sqrtB; + ECFieldElement x = T.Sqrt(); + ECFieldElement y = T.Add(x.Multiply(L)); + ECPoint order4 = c.CreatePoint(x.ToBigInteger(), y.ToBigInteger()); + Assert.IsTrue(order4.Twice().Equals(order2)); + Assert.IsFalse(order4.IsValid()); + ECPoint bad4_1 = g.Add(order4); + Assert.IsFalse(bad4_1.IsValid()); + ECPoint bad4_2 = bad4_1.Add(order4); + Assert.IsFalse(bad4_2.IsValid()); + ECPoint bad4_3 = bad4_2.Add(order4); + Assert.IsFalse(bad4_3.IsValid()); + ECPoint good4 = bad4_3.Add(order4); + Assert.IsTrue(good4.IsValid()); + } + } + } + } + } + + private void ImplAddSubtractMultiplyTwiceEncodingTestAllCoords(X9ECParameters x9ECParameters) + { + BigInteger n = x9ECParameters.N; + ECPoint G = x9ECParameters.G; + ECCurve C = x9ECParameters.Curve; + + int[] coords = ECCurve.GetAllCoordinateSystems(); + for (int i = 0; i < coords.Length; ++i) + { + int coord = coords[i]; + if (C.SupportsCoordinateSystem(coord)) + { + ECCurve c = C; + ECPoint g = G; + + if (c.CoordinateSystem != coord) + { + c = C.Configure().SetCoordinateSystem(coord).Create(); + g = c.ImportPoint(G); + } + + // The generator is multiplied by random b to get random q + BigInteger b = new BigInteger(n.BitLength, Random); + ECPoint q = g.Multiply(b).Normalize(); + + ImplAddSubtractMultiplyTwiceEncodingTest(c, q, n); + + ImplSqrtTest(c); + + ImplValidityTest(c, g); + } + } + } + + /** + * Calls implTestAddSubtract(), + * implTestMultiply and implTestEncoding for + * the standard elliptic curves as given in SecNamedCurves. + */ + [Test] + public void TestAddSubtractMultiplyTwiceEncoding() + { + ArrayList names = new ArrayList(); + CollectionUtilities.AddRange(names, ECNamedCurveTable.Names); + CollectionUtilities.AddRange(names, CustomNamedCurves.Names); + + ISet uniqNames = new HashSet(names); + + foreach (string name in uniqNames) + { + X9ECParameters x9A = ECNamedCurveTable.GetByName(name); + X9ECParameters x9B = CustomNamedCurves.GetByName(name); + + if (x9A != null && x9B != null) + { + Assert.AreEqual(x9A.Curve.Field, x9B.Curve.Field); + Assert.AreEqual(x9A.Curve.A.ToBigInteger(), x9B.Curve.A.ToBigInteger()); + Assert.AreEqual(x9A.Curve.B.ToBigInteger(), x9B.Curve.B.ToBigInteger()); + AssertOptionalValuesAgree(x9A.Curve.Cofactor, x9B.Curve.Cofactor); + AssertOptionalValuesAgree(x9A.Curve.Order, x9B.Curve.Order); + + AssertPointsEqual("Custom curve base-point inconsistency", x9A.G, x9B.G); + + Assert.AreEqual(x9A.H, x9B.H); + Assert.AreEqual(x9A.N, x9B.N); + AssertOptionalValuesAgree(x9A.GetSeed(), x9B.GetSeed()); + + BigInteger k = new BigInteger(x9A.N.BitLength, Random); + ECPoint pA = x9A.G.Multiply(k); + ECPoint pB = x9B.G.Multiply(k); + AssertPointsEqual("Custom curve multiplication inconsistency", pA, pB); + } + + if (x9A != null) + { + ImplAddSubtractMultiplyTwiceEncodingTestAllCoords(x9A); + } + + if (x9B != null) + { + ImplAddSubtractMultiplyTwiceEncodingTestAllCoords(x9B); + } + } + } + + [Test] + public void TestExampleFpB0() + { + /* + * The supersingular curve y^2 = x^3 - 3.x (i.e. with 'B' == 0) from RFC 6508 2.1, with + * curve parameters from RFC 6509 Appendix A. + */ + BigInteger p = FromHex( + "997ABB1F0A563FDA65C61198DAD0657A" + + "416C0CE19CB48261BE9AE358B3E01A2E" + + "F40AAB27E2FC0F1B228730D531A59CB0" + + "E791B39FF7C88A19356D27F4A666A6D0" + + "E26C6487326B4CD4512AC5CD65681CE1" + + "B6AFF4A831852A82A7CF3C521C3C09AA" + + "9F94D6AF56971F1FFCE3E82389857DB0" + + "80C5DF10AC7ACE87666D807AFEA85FEB"); + BigInteger a = p.Subtract(BigInteger.ValueOf(3)); + BigInteger b = BigInteger.Zero; + byte[] S = null; + BigInteger n = p.Add(BigInteger.One).ShiftRight(2); + BigInteger h = BigInteger.ValueOf(4); + + ECCurve curve = ConfigureCurve(new FpCurve(p, a, b, n, h)); + + X9ECPoint G = ConfigureBasepoint(curve, "04" + // Px + + "53FC09EE332C29AD0A7990053ED9B52A" + + "2B1A2FD60AEC69C698B2F204B6FF7CBF" + + "B5EDB6C0F6CE2308AB10DB9030B09E10" + + "43D5F22CDB9DFA55718BD9E7406CE890" + + "9760AF765DD5BCCB337C86548B72F2E1" + + "A702C3397A60DE74A7C1514DBA66910D" + + "D5CFB4CC80728D87EE9163A5B63F73EC" + + "80EC46C4967E0979880DC8ABEAE63895" + // Py + + "0A8249063F6009F1F9F1F0533634A135" + + "D3E82016029906963D778D821E141178" + + "F5EA69F4654EC2B9E7F7F5E5F0DE55F6" + + "6B598CCF9A140B2E416CFF0CA9E032B9" + + "70DAE117AD547C6CCAD696B5B7652FE0" + + "AC6F1E80164AA989492D979FC5A4D5F2" + + "13515AD7E9CB99A980BDAD5AD5BB4636" + + "ADB9B5706A67DCDE75573FD71BEF16D7"); + + X9ECParameters x9 = new X9ECParameters(curve, G, n, h, S); + + ImplAddSubtractMultiplyTwiceEncodingTestAllCoords(x9); + } + + private void AssertPointsEqual(string message, ECPoint a, ECPoint b) + { + // NOTE: We intentionally test points for equality in both directions + Assert.AreEqual(a, b, message); + Assert.AreEqual(b, a, message); + } + + private void AssertOptionalValuesAgree(object a, object b) + { + if (a != null && b != null) + { + Assert.AreEqual(a, b); + } + } + + private void AssertOptionalValuesAgree(byte[] a, byte[] b) + { + if (a != null && b != null) + { + Assert.IsTrue(Arrays.AreEqual(a, b)); + } + } + + private static X9ECPoint ConfigureBasepoint(ECCurve curve, string encoding) + { + X9ECPoint G = new X9ECPoint(curve, Hex.Decode(encoding)); + //WNafUtilities.ConfigureBasepoint(G.Point); + return G; + } + + private static ECCurve ConfigureCurve(ECCurve curve) + { + return curve; + } + + private static BigInteger FromHex(string hex) + { + return new BigInteger(1, Hex.Decode(hex)); + } + + private static ECFieldElement SolveQuadraticEquation(ECCurve c, ECFieldElement rhs) + { + if (rhs.IsZero) + return rhs; + + ECFieldElement gamma, z, zeroElement = c.FromBigInteger(BigInteger.Zero); + + int m = c.FieldSize; + do + { + ECFieldElement t = c.FromBigInteger(BigInteger.Arbitrary(m)); + z = zeroElement; + ECFieldElement w = rhs; + for (int i = 1; i < m; i++) + { + ECFieldElement w2 = w.Square(); + z = z.Square().Add(w2.Multiply(t)); + w = w2.Add(rhs); + } + if (!w.IsZero) + { + return null; + } + gamma = z.Square().Add(z); + } + while (gamma.IsZero); + + return z; + } + } +} diff --git a/BouncyCastle/crypto/test/src/math/ec/test/F2mProofer.cs b/BouncyCastle/crypto/test/src/math/ec/test/F2mProofer.cs new file mode 100644 index 0000000..727d32c --- /dev/null +++ b/BouncyCastle/crypto/test/src/math/ec/test/F2mProofer.cs @@ -0,0 +1,201 @@ +// TODO Need a replacement for the Java properties class to finish this class + +//using System; +//using System.IO; +//using System.Text; +// +//using Org.BouncyCastle.Asn1.Sec; +//using Org.BouncyCastle.Asn1.X9; +//using Org.BouncyCastle.Math.EC; +//using Org.BouncyCastle.Security; +// +//namespace Org.BouncyCastle.Math.EC.Tests +//{ +// public class F2mProofer +// { +// private const int NUM_SAMPLES = 1000; +// +// private static readonly string PATH = "crypto/test/src/org/bouncycastle/math/ec/test/samples/"; +// +// private static readonly string INPUT_FILE_NAME_PREFIX = "Input_"; +// +// private static readonly string RESULT_FILE_NAME_PREFIX = "Output_"; +// +// /** +// * The standard curves on which the tests are done +// */ +// public static readonly string[] Curves = { "sect163r2", "sect233r1", +// "sect283r1", "sect409r1", "sect571r1" }; +// +// private string pointToString(F2mPoint p) +// { +// F2mFieldElement x = (F2mFieldElement) p.X; +// F2mFieldElement y = (F2mFieldElement) p.Y; +// +// int m = x.M; +// int len = m / 2 + 5; +// +// StringBuilder sb = new StringBuilder(len); +// sb.Append('('); +// sb.Append(x.ToBigInteger().ToString(16)); +// sb.Append(", "); +// sb.Append(y.ToBigInteger().ToString(16)); +// sb.Append(')'); +// +// return sb.ToString(); +// } +// +// private void generateRandomInput(X9ECParameters x9ECParameters) +// { +// F2mPoint g = (F2mPoint) x9ECParameters.G; +// int m = ((F2mFieldElement) g.X).M; +// +// SecureRandom secRand = new SecureRandom(); //SecureRandom.GetInstance("SHA1PRNG"); +// Properties inputProps = new Properties(); +// for (int i = 0; i < NUM_SAMPLES; i++) +// { +// BigInteger rand = new BigInteger(m, secRand); +// inputProps.put(i.ToString(), rand.ToString(16)); +// } +// string bits = m.ToString(); +// FileStream fos = File.Create(PATH +// + INPUT_FILE_NAME_PREFIX + bits + ".properties"); +// inputProps.store(fos, "Input Samples of length" + bits); +// fos.Close(); +// } +// +// private void multiplyPoints(X9ECParameters x9ECParameters, +// string classPrefix) +// { +// F2mPoint g = (F2mPoint) x9ECParameters.G; +// int m = ((F2mFieldElement) g.X).M; +// +// string inputFileName = PATH + INPUT_FILE_NAME_PREFIX + m +// + ".properties"; +// Properties inputProps = new Properties(); +// FileStream fis = File.OpenRead(inputFileName); +// inputProps.load(fis); +// fis.Close(); +// +// Properties outputProps = new Properties(); +// +// for (int i = 0; i < NUM_SAMPLES; i++) +// { +// BigInteger rand = new BigInteger(inputProps.getProperty(Integer +// .ToString(i)), 16); +// F2mPoint result = (F2mPoint) g.Multiply(rand).normalize(); +// string resultStr = pointToString(result); +// outputProps.setProperty(i.ToString(), resultStr); +// } +// +// string outputFileName = PATH + RESULT_FILE_NAME_PREFIX + classPrefix +// + "_" + m + ".properties"; +// FileStream fos = File.Create(outputFileName); +// outputProps.store(fos, "Output Samples of length" + m); +// fos.Close(); +// } +// +// private Properties loadResults(string classPrefix, int m) +// { +// FileStream fis = File.OpenRead(PATH +// + RESULT_FILE_NAME_PREFIX + classPrefix + "_" + m + ".properties"); +// Properties res = new Properties(); +// res.load(fis); +// fis.Close(); +// return res; +// } +// +// private void compareResult(X9ECParameters x9ECParameters, +// string classPrefix1, string classPrefix2) +// { +// F2mPoint g = (F2mPoint) x9ECParameters.G; +// int m = ((F2mFieldElement) g.X).M; +// +// Properties res1 = loadResults(classPrefix1, m); +// Properties res2 = loadResults(classPrefix2, m); +// +// Set keys = res1.keySet(); +// Iterator iter = keys.iterator(); +// while (iter.hasNext()) +// { +// string key = (string) iter.next(); +// string result1 = res1.getProperty(key); +// string result2 = res2.getProperty(key); +// if (!(result1.Equals(result2))) +// { +// Console.Error.WriteLine("Difference found: m = " + m + ", " +// + result1 + " does not equal " + result2); +// } +// } +// +// } +// +// private static void usage() +// { +// Console.Error.WriteLine("Usage: F2mProofer [-init | -Multiply " +// + "| -compare ]"); +// } +// +// public static void Main(string[] args) +// { +// if (args.Length == 0) +// { +// usage(); +// return; +// } +// F2mProofer proofer = new F2mProofer(); +// if (args[0].Equals("-init")) +// { +// Console.WriteLine("Generating random input..."); +// for (int i = 0; i < Curves.Length; i++) +// { +// X9ECParameters x9ECParameters = SecNamedCurves +// .GetByName(Curves[i]); +// proofer.generateRandomInput(x9ECParameters); +// } +// Console.WriteLine("Successfully generated random input in " + PATH); +// } +// else if (args[0].Equals("-compare")) +// { +// if (args.Length < 3) +// { +// usage(); +// return; +// } +// string classPrefix1 = args[1]; +// string classPrefix2 = args[2]; +// Console.WriteLine("Comparing results..."); +// for (int i = 0; i < Curves.Length; i++) +// { +// X9ECParameters x9ECParameters = SecNamedCurves +// .GetByName(Curves[i]); +// proofer.compareResult(x9ECParameters, classPrefix1, +// classPrefix2); +// } +// Console.WriteLine("Successfully compared results in " + PATH); +// } +// else if (args[0].Equals("-Multiply")) +// { +// if (args.Length < 2) +// { +// usage(); +// return; +// } +// string classPrefix = args[1]; +// Console.WriteLine("Multiplying points..."); +// for (int i = 0; i < Curves.Length; i++) +// { +// X9ECParameters x9ECParameters = SecNamedCurves +// .GetByName(Curves[i]); +// proofer.multiplyPoints(x9ECParameters, classPrefix); +// } +// Console.WriteLine("Successfully generated multiplied points in " +// + PATH); +// } +// else +// { +// usage(); +// } +// } +// } +//} diff --git a/BouncyCastle/crypto/test/src/math/ec/test/FixedPointTest.cs b/BouncyCastle/crypto/test/src/math/ec/test/FixedPointTest.cs new file mode 100644 index 0000000..83e5fab --- /dev/null +++ b/BouncyCastle/crypto/test/src/math/ec/test/FixedPointTest.cs @@ -0,0 +1,66 @@ +using System; +using System.Collections; + +using NUnit.Framework; + +using Org.BouncyCastle.Asn1.X9; +using Org.BouncyCastle.Crypto.EC; +using Org.BouncyCastle.Math.EC.Multiplier; +using Org.BouncyCastle.Security; +using Org.BouncyCastle.Utilities.Collections; + +namespace Org.BouncyCastle.Math.EC.Tests +{ + [TestFixture] + public class FixedPointTest + { + private static readonly SecureRandom Random = new SecureRandom(); + + private const int TestsPerCurve = 5; + + [Test] + public void TestFixedPointMultiplier() + { + FixedPointCombMultiplier M = new FixedPointCombMultiplier(); + + ArrayList names = new ArrayList(); + CollectionUtilities.AddRange(names, ECNamedCurveTable.Names); + CollectionUtilities.AddRange(names, CustomNamedCurves.Names); + + ISet uniqNames = new HashSet(names); + + foreach (string name in uniqNames) + { + X9ECParameters x9A = ECNamedCurveTable.GetByName(name); + X9ECParameters x9B = CustomNamedCurves.GetByName(name); + + X9ECParameters x9 = x9B != null ? x9B : x9A; + + for (int i = 0; i < TestsPerCurve; ++i) + { + BigInteger k = new BigInteger(x9.N.BitLength, Random); + ECPoint pRef = ECAlgorithms.ReferenceMultiply(x9.G, k); + + if (x9A != null) + { + ECPoint pA = M.Multiply(x9A.G, k); + AssertPointsEqual("Standard curve fixed-point failure", pRef, pA); + } + + if (x9B != null) + { + ECPoint pB = M.Multiply(x9B.G, k); + AssertPointsEqual("Custom curve fixed-point failure", pRef, pB); + } + } + } + } + + private void AssertPointsEqual(string message, ECPoint a, ECPoint b) + { + // NOTE: We intentionally test points for equality in both directions + Assert.AreEqual(a, b, message); + Assert.AreEqual(b, a, message); + } + } +} diff --git a/BouncyCastle/crypto/test/src/math/ec/test/TnafTest.cs b/BouncyCastle/crypto/test/src/math/ec/test/TnafTest.cs new file mode 100644 index 0000000..f5a58e8 --- /dev/null +++ b/BouncyCastle/crypto/test/src/math/ec/test/TnafTest.cs @@ -0,0 +1,158 @@ +//using System; +//using System.Text; +// +//using NUnit.Framework; +// +//using Org.BouncyCastle.Asn1.Sec; +//using Org.BouncyCastle.Asn1.X9; +//using Org.BouncyCastle.Math.EC.Multiplier; +//using Org.BouncyCastle.Utilities.Date; +// +//namespace Org.BouncyCastle.Math.EC.Tests +//{ +// [TestFixture, Explicit] +// public class TnafTest +// { +// private Random m_rand = new Random(); +// +// private string ecPointToString( +// ECPoint p) +// { +// StringBuilder sb = new StringBuilder("x = "); +// sb.Append(p.X.ToBigInteger().ToString()); +// sb.Append("; y = "); +// sb.Append(p.Y.ToBigInteger().ToString()); +// return sb.ToString(); +// } +// +// private ECPoint repeatedMultiply(ECPoint p, BigInteger k) +// { +// ECPoint result = p.Multiply(k); +// for (int i = 1; i < 10; ++i) +// { +// ECPoint check = p.Multiply(k); +// Assert.AreEqual(result, check); +// } +// return result; +// } +// +// private void ImplTestMultiplyTnaf(string curveName) +// { +// X9ECParameters x9ECParameters = SecNamedCurves.GetByName(curveName); +// +// AbstractF2mCurve curve = (AbstractF2mCurve)x9ECParameters.Curve; +// BigInteger n = curve.N; +// +// // The generator is multiplied by random b to get random q +// BigInteger b = new BigInteger(n.BitLength, m_rand); +// ECPoint g = x9ECParameters.G; +// F2mPoint p = (F2mPoint) g.Multiply(b); +// +// BigInteger k = new BigInteger(n.BitLength, m_rand); +// long now1 = DateTimeUtilities.CurrentUnixMs(); +// p.SetECMultiplier(new WTauNafMultiplier()); +// ECPoint refRWTnaf = repeatedMultiply(p, k); +// long now2 = DateTimeUtilities.CurrentUnixMs(); +// p.SetECMultiplier(new WNafMultiplier()); +// ECPoint refWnaf = repeatedMultiply(p, k); +// long now3 = DateTimeUtilities.CurrentUnixMs(); +// p.SetECMultiplier(new FpNafMultiplier()); +// ECPoint refFpNaf = repeatedMultiply(p, k); +// long now4 = DateTimeUtilities.CurrentUnixMs(); +// p.SetECMultiplier(new ReferenceMultiplier()); +// ECPoint reference = repeatedMultiply(p, k); +// long now5 = DateTimeUtilities.CurrentUnixMs(); +// +// Assert.AreEqual(reference, refRWTnaf, "WTNAF multiplication is incorrect"); +// Assert.AreEqual(reference, refFpNaf, "FPNAF multiplication is incorrect"); +// Assert.AreEqual(reference, refWnaf, "WNAF multiplication is incorrect"); +// +// Console.WriteLine(curveName + ": Multiply WTNAF took millis: " + (now2 - now1)); +// Console.WriteLine(curveName + ": Multiply WNAF took millis: " + (now3 - now2)); +// Console.WriteLine(curveName + ": Multiply FPNAF took millis: " + (now4 - now3)); +// Console.WriteLine(curveName + ": Multiply REFE took millis: " + (now5 - now4)); +// +//// Console.WriteLine(curveName + ": refRWTnaf = " + ecPointToString(refRWTnaf)); +//// Console.WriteLine(curveName + ": refWnaf = " + ecPointToString(refWnaf)); +//// Console.WriteLine(curveName + ": refFpNaf = " + ecPointToString(refFpNaf)); +//// Console.WriteLine(curveName + ": reference = " + ecPointToString(reference) + "\n"); +// Console.WriteLine(); +// } +// +// [Test] +// public void TestMultiplyTnaf() +// { +// Console.WriteLine("\n\n\n***** Start test multiplications on F2m (Koblitz) *****"); +// ImplTestMultiplyTnaf("sect163k1"); +// ImplTestMultiplyTnaf("sect233k1"); +// ImplTestMultiplyTnaf("sect239k1"); +// ImplTestMultiplyTnaf("sect283k1"); +// ImplTestMultiplyTnaf("sect409k1"); +// ImplTestMultiplyTnaf("sect571k1"); +// } +// +// private void ImplTestMultiplyWnaf(String curveName) +// { +// X9ECParameters x9ECParameters = SecNamedCurves.GetByName(curveName); +// +// BigInteger r = x9ECParameters.N; +// +// // The generator is multiplied by random b to get random q +// BigInteger b = new BigInteger(r.BitLength, m_rand); +// ECPoint g = x9ECParameters.G; +// ECPoint p = g.Multiply(b); +// +// BigInteger k = new BigInteger(r.BitLength, m_rand); +// long now1 = DateTimeUtilities.CurrentUnixMs(); +// p.SetECMultiplier(new WNafMultiplier()); +// ECPoint refWnaf = repeatedMultiply(p, k); +// long now2 = DateTimeUtilities.CurrentUnixMs(); +// p.SetECMultiplier(new FpNafMultiplier()); +// ECPoint refFpNaf = repeatedMultiply(p, k); +// long now3 = DateTimeUtilities.CurrentUnixMs(); +// p.SetECMultiplier(new ReferenceMultiplier()); +// ECPoint reference = repeatedMultiply(p, k); +// long now4 = DateTimeUtilities.CurrentUnixMs(); +// +// Assert.AreEqual(reference, refWnaf, "WNAF multiplication is incorrect"); +// Assert.AreEqual(reference, refFpNaf, "FPNAF multiplication is incorrect"); +// +// Console.WriteLine(curveName + ": Multiply WNAF took millis: " + (now2 - now1)); +// Console.WriteLine(curveName + ": Multiply FPNAF took millis: " + (now3 - now2)); +// Console.WriteLine(curveName + ": Multiply REFE took millis: " + (now4 - now3)); +// +//// Console.WriteLine(curveName + ": refWnaf = " + ecPointToString(refWnaf)); +//// Console.WriteLine(curveName + ": refFpNaf = " + ecPointToString(refFpNaf)); +//// Console.WriteLine(curveName + ": reference = " + ecPointToString(reference)); +// Console.WriteLine(); +// } +// +// [Test] +// public void TestMultiplyWnaf() +// { +// Console.WriteLine("\n\n\n***** Start test multiplications on F2m *****"); +// ImplTestMultiplyWnaf("sect113r1"); +// ImplTestMultiplyWnaf("sect113r2"); +// ImplTestMultiplyWnaf("sect131r1"); +// ImplTestMultiplyWnaf("sect131r2"); +// ImplTestMultiplyWnaf("sect163r1"); +// ImplTestMultiplyWnaf("sect163r2"); +// ImplTestMultiplyWnaf("sect193r1"); +// ImplTestMultiplyWnaf("sect193r2"); +// ImplTestMultiplyWnaf("sect233r1"); +// ImplTestMultiplyWnaf("sect283r1"); +// ImplTestMultiplyWnaf("sect409r1"); +// ImplTestMultiplyWnaf("sect571r1"); +// +// Console.WriteLine("\n\n\n***** Start test multiplications on Fp *****"); +// ImplTestMultiplyWnaf("secp112r1"); +// ImplTestMultiplyWnaf("secp128r1"); +// ImplTestMultiplyWnaf("secp160r1"); +// ImplTestMultiplyWnaf("secp192r1"); +// ImplTestMultiplyWnaf("secp224r1"); +// ImplTestMultiplyWnaf("secp256r1"); +// ImplTestMultiplyWnaf("secp384r1"); +// ImplTestMultiplyWnaf("secp521r1"); +// } +// } +//} diff --git a/BouncyCastle/crypto/test/src/math/test/AllTests.cs b/BouncyCastle/crypto/test/src/math/test/AllTests.cs new file mode 100644 index 0000000..53feff9 --- /dev/null +++ b/BouncyCastle/crypto/test/src/math/test/AllTests.cs @@ -0,0 +1,29 @@ +#if !LIB +using System; + +using NUnit.Core; +using NUnit.Framework; + +namespace Org.BouncyCastle.Math.Tests +{ + public class AllTests + { + public static void Main(string[] args) + { + Suite.Run(new NullListener(), NUnit.Core.TestFilter.Empty); + } + + [Suite] + public static TestSuite Suite + { + get + { + TestSuite suite = new TestSuite("Math tests"); + suite.Add(new BigIntegerTest()); + suite.Add(new PrimesTest()); + return suite; + } + } + } +} +#endif diff --git a/BouncyCastle/crypto/test/src/math/test/BigIntegerTest.cs b/BouncyCastle/crypto/test/src/math/test/BigIntegerTest.cs new file mode 100644 index 0000000..8196cc6 --- /dev/null +++ b/BouncyCastle/crypto/test/src/math/test/BigIntegerTest.cs @@ -0,0 +1,1048 @@ +using System; + +using NUnit.Framework; + +using Org.BouncyCastle.Math; +using Org.BouncyCastle.Utilities; +using Org.BouncyCastle.Utilities.Encoders; + +namespace Org.BouncyCastle.Math.Tests +{ + [TestFixture] + public class BigIntegerTest + { + private static Random random = new Random(); + + [Test] + public void MonoBug81857() + { + BigInteger b = new BigInteger("18446744073709551616"); + BigInteger exp = BigInteger.Two; + BigInteger mod = new BigInteger("48112959837082048697"); + BigInteger expected = new BigInteger("4970597831480284165"); + + BigInteger manual = b.Multiply(b).Mod(mod); + Assert.AreEqual(expected, manual, "b * b % mod"); + } + + [Test] + public void TestAbs() + { + Assert.AreEqual(zero, zero.Abs()); + + Assert.AreEqual(one, one.Abs()); + Assert.AreEqual(one, minusOne.Abs()); + + Assert.AreEqual(two, two.Abs()); + Assert.AreEqual(two, minusTwo.Abs()); + } + + [Test] + public void TestAdd() + { + for (int i = -10; i <= 10; ++i) + { + for (int j = -10; j <= 10; ++j) + { + Assert.AreEqual( + val(i + j), + val(i).Add(val(j)), + "Problem: " + i + ".Add(" + j + ") should be " + (i + j)); + } + } + } + + [Test] + public void TestAnd() + { + for (int i = -10; i <= 10; ++i) + { + for (int j = -10; j <= 10; ++j) + { + Assert.AreEqual( + val(i & j), + val(i).And(val(j)), + "Problem: " + i + " AND " + j + " should be " + (i & j)); + } + } + } + + [Test] + public void TestAndNot() + { + for (int i = -10; i <= 10; ++i) + { + for (int j = -10; j <= 10; ++j) + { + Assert.AreEqual( + val(i & ~j), + val(i).AndNot(val(j)), + "Problem: " + i + " AND NOT " + j + " should be " + (i & ~j)); + } + } + } + + [Test] + public void TestBitCount() + { + Assert.AreEqual(0, zero.BitCount); + Assert.AreEqual(1, one.BitCount); + Assert.AreEqual(0, minusOne.BitCount); + Assert.AreEqual(1, two.BitCount); + Assert.AreEqual(1, minusTwo.BitCount); + + for (int i = 0; i < 100; ++i) + { + BigInteger pow2 = one.ShiftLeft(i); + + Assert.AreEqual(1, pow2.BitCount); + Assert.AreEqual(i, pow2.Negate().BitCount); + } + + for (int i = 0; i < 10; ++i) + { + BigInteger test = new BigInteger(128, 0, random); + int bitCount = 0; + + for (int bit = 0; bit < test.BitLength; ++bit) + { + if (test.TestBit(bit)) + { + ++bitCount; + } + } + + Assert.AreEqual(bitCount, test.BitCount); + } + } + + [Test] + public void TestBitLength() + { + Assert.AreEqual(0, zero.BitLength); + Assert.AreEqual(1, one.BitLength); + Assert.AreEqual(0, minusOne.BitLength); + Assert.AreEqual(2, two.BitLength); + Assert.AreEqual(1, minusTwo.BitLength); + + for (int i = 0; i < 100; ++i) + { + int bit = i + random.Next(64); + BigInteger odd = new BigInteger(bit, random).SetBit(bit + 1).SetBit(0); + BigInteger pow2 = one.ShiftLeft(bit); + + Assert.AreEqual(bit + 2, odd.BitLength); + Assert.AreEqual(bit + 2, odd.Negate().BitLength); + Assert.AreEqual(bit + 1, pow2.BitLength); + Assert.AreEqual(bit, pow2.Negate().BitLength); + } + } + + [Test] + public void TestClearBit() + { + Assert.AreEqual(zero, zero.ClearBit(0)); + Assert.AreEqual(zero, one.ClearBit(0)); + Assert.AreEqual(two, two.ClearBit(0)); + + Assert.AreEqual(zero, zero.ClearBit(1)); + Assert.AreEqual(one, one.ClearBit(1)); + Assert.AreEqual(zero, two.ClearBit(1)); + + // TODO Tests for clearing bits in negative numbers + + // TODO Tests for clearing extended bits + + for (int i = 0; i < 10; ++i) + { + BigInteger n = new BigInteger(128, random); + + for (int j = 0; j < 10; ++j) + { + int pos = random.Next(128); + BigInteger m = n.ClearBit(pos); + bool test = m.ShiftRight(pos).Remainder(two).Equals(one); + + Assert.IsFalse(test); + } + } + + for (int i = 0; i < 100; ++i) + { + BigInteger pow2 = one.ShiftLeft(i); + BigInteger minusPow2 = pow2.Negate(); + + Assert.AreEqual(zero, pow2.ClearBit(i)); + Assert.AreEqual(minusPow2.ShiftLeft(1), minusPow2.ClearBit(i)); + + BigInteger bigI = BigInteger.ValueOf(i); + BigInteger negI = bigI.Negate(); + + for (int j = 0; j < 10; ++j) + { + string data = "i=" + i + ", j=" + j; + Assert.AreEqual(bigI.AndNot(one.ShiftLeft(j)), bigI.ClearBit(j), data); + Assert.AreEqual(negI.AndNot(one.ShiftLeft(j)), negI.ClearBit(j), data); + } + } + } + + [Test] + public void TestCompareTo() + { + Assert.AreEqual(0, minusTwo.CompareTo(minusTwo)); + Assert.AreEqual(-1, minusTwo.CompareTo(minusOne)); + Assert.AreEqual(-1, minusTwo.CompareTo(zero)); + Assert.AreEqual(-1, minusTwo.CompareTo(one)); + Assert.AreEqual(-1, minusTwo.CompareTo(two)); + + Assert.AreEqual(1, minusOne.CompareTo(minusTwo)); + Assert.AreEqual(0, minusOne.CompareTo(minusOne)); + Assert.AreEqual(-1, minusOne.CompareTo(zero)); + Assert.AreEqual(-1, minusOne.CompareTo(one)); + Assert.AreEqual(-1, minusOne.CompareTo(two)); + + Assert.AreEqual(1, zero.CompareTo(minusTwo)); + Assert.AreEqual(1, zero.CompareTo(minusOne)); + Assert.AreEqual(0, zero.CompareTo(zero)); + Assert.AreEqual(-1, zero.CompareTo(one)); + Assert.AreEqual(-1, zero.CompareTo(two)); + + Assert.AreEqual(1, one.CompareTo(minusTwo)); + Assert.AreEqual(1, one.CompareTo(minusOne)); + Assert.AreEqual(1, one.CompareTo(zero)); + Assert.AreEqual(0, one.CompareTo(one)); + Assert.AreEqual(-1, one.CompareTo(two)); + + Assert.AreEqual(1, two.CompareTo(minusTwo)); + Assert.AreEqual(1, two.CompareTo(minusOne)); + Assert.AreEqual(1, two.CompareTo(zero)); + Assert.AreEqual(1, two.CompareTo(one)); + Assert.AreEqual(0, two.CompareTo(two)); + } + + [Test] + public void TestConstructors() + { + Assert.AreEqual(BigInteger.Zero, new BigInteger(new byte[]{ 0 })); + Assert.AreEqual(BigInteger.Zero, new BigInteger(new byte[]{ 0, 0 })); + + for (int i = 0; i < 10; ++i) + { + Assert.IsTrue(new BigInteger(i + 3, 0, random).TestBit(0)); + } + + // TODO Other constructors + } + + [Test] + public void TestDivide() + { + for (int i = -5; i <= 5; ++i) + { + try + { + val(i).Divide(zero); + Assert.Fail("expected ArithmeticException"); + } + catch (ArithmeticException) {} + } + + int product = 1 * 2 * 3 * 4 * 5 * 6 * 7 * 8 * 9; + int productPlus = product + 1; + + BigInteger bigProduct = val(product); + BigInteger bigProductPlus = val(productPlus); + + for (int divisor = 1; divisor < 10; ++divisor) + { + // Exact division + BigInteger expected = val(product / divisor); + + Assert.AreEqual(expected, bigProduct.Divide(val(divisor))); + Assert.AreEqual(expected.Negate(), bigProduct.Negate().Divide(val(divisor))); + Assert.AreEqual(expected.Negate(), bigProduct.Divide(val(divisor).Negate())); + Assert.AreEqual(expected, bigProduct.Negate().Divide(val(divisor).Negate())); + + expected = val((product + 1)/divisor); + + Assert.AreEqual(expected, bigProductPlus.Divide(val(divisor))); + Assert.AreEqual(expected.Negate(), bigProductPlus.Negate().Divide(val(divisor))); + Assert.AreEqual(expected.Negate(), bigProductPlus.Divide(val(divisor).Negate())); + Assert.AreEqual(expected, bigProductPlus.Negate().Divide(val(divisor).Negate())); + } + + for (int rep = 0; rep < 10; ++rep) + { + BigInteger a = new BigInteger(100 - rep, 0, random); + BigInteger b = new BigInteger(100 + rep, 0, random); + BigInteger c = new BigInteger(10 + rep, 0, random); + BigInteger d = a.Multiply(b).Add(c); + BigInteger e = d.Divide(a); + + Assert.AreEqual(b, e); + } + + // Special tests for power of two since uses different code path internally + for (int i = 0; i < 100; ++i) + { + int shift = random.Next(64); + BigInteger a = one.ShiftLeft(shift); + BigInteger b = new BigInteger(64 + random.Next(64), random); + BigInteger bShift = b.ShiftRight(shift); + + string data = "shift=" + shift +", b=" + b.ToString(16); + + Assert.AreEqual(bShift, b.Divide(a), data); + Assert.AreEqual(bShift.Negate(), b.Divide(a.Negate()), data); + Assert.AreEqual(bShift.Negate(), b.Negate().Divide(a), data); + Assert.AreEqual(bShift, b.Negate().Divide(a.Negate()), data); + } + + // Regression + { + int shift = 63; + BigInteger a = one.ShiftLeft(shift); + BigInteger b = new BigInteger(1, Hex.Decode("2504b470dc188499")); + BigInteger bShift = b.ShiftRight(shift); + + string data = "shift=" + shift +", b=" + b.ToString(16); + + Assert.AreEqual(bShift, b.Divide(a), data); + Assert.AreEqual(bShift.Negate(), b.Divide(a.Negate()), data); +// Assert.AreEqual(bShift.Negate(), b.Negate().Divide(a), data); + Assert.AreEqual(bShift, b.Negate().Divide(a.Negate()), data); + } + } + + [Test] + public void TestDivideAndRemainder() + { + // TODO More basic tests + + BigInteger n = new BigInteger(48, random); + BigInteger[] qr = n.DivideAndRemainder(n); + Assert.AreEqual(one, qr[0]); + Assert.AreEqual(zero, qr[1]); + qr = n.DivideAndRemainder(one); + Assert.AreEqual(n, qr[0]); + Assert.AreEqual(zero, qr[1]); + + for (int rep = 0; rep < 10; ++rep) + { + BigInteger a = new BigInteger(100 - rep, 0, random); + BigInteger b = new BigInteger(100 + rep, 0, random); + BigInteger c = new BigInteger(10 + rep, 0, random); + BigInteger d = a.Multiply(b).Add(c); + BigInteger[] es = d.DivideAndRemainder(a); + + Assert.AreEqual(b, es[0]); + Assert.AreEqual(c, es[1]); + } + + // Special tests for power of two since uses different code path internally + for (int i = 0; i < 100; ++i) + { + int shift = random.Next(64); + BigInteger a = one.ShiftLeft(shift); + BigInteger b = new BigInteger(64 + random.Next(64), random); + BigInteger bShift = b.ShiftRight(shift); + BigInteger bMod = b.And(a.Subtract(one)); + + string data = "shift=" + shift +", b=" + b.ToString(16); + + qr = b.DivideAndRemainder(a); + Assert.AreEqual(bShift, qr[0], data); + Assert.AreEqual(bMod, qr[1], data); + + qr = b.DivideAndRemainder(a.Negate()); + Assert.AreEqual(bShift.Negate(), qr[0], data); + Assert.AreEqual(bMod, qr[1], data); + + qr = b.Negate().DivideAndRemainder(a); + Assert.AreEqual(bShift.Negate(), qr[0], data); + Assert.AreEqual(bMod.Negate(), qr[1], data); + + qr = b.Negate().DivideAndRemainder(a.Negate()); + Assert.AreEqual(bShift, qr[0], data); + Assert.AreEqual(bMod.Negate(), qr[1], data); + } + } + + [Test] + public void TestFlipBit() + { + for (int i = 0; i < 10; ++i) + { + BigInteger a = new BigInteger(128, 0, random); + BigInteger b = a; + + for (int x = 0; x < 100; ++x) + { + // Note: Intentionally greater than initial size + int pos = random.Next(256); + + a = a.FlipBit(pos); + b = b.TestBit(pos) ? b.ClearBit(pos) : b.SetBit(pos); + } + + Assert.AreEqual(a, b); + } + + for (int i = 0; i < 100; ++i) + { + BigInteger pow2 = one.ShiftLeft(i); + BigInteger minusPow2 = pow2.Negate(); + + Assert.AreEqual(zero, pow2.FlipBit(i)); + Assert.AreEqual(minusPow2.ShiftLeft(1), minusPow2.FlipBit(i)); + + BigInteger bigI = BigInteger.ValueOf(i); + BigInteger negI = bigI.Negate(); + + for (int j = 0; j < 10; ++j) + { + string data = "i=" + i + ", j=" + j; + Assert.AreEqual(bigI.Xor(one.ShiftLeft(j)), bigI.FlipBit(j), data); + Assert.AreEqual(negI.Xor(one.ShiftLeft(j)), negI.FlipBit(j), data); + } + } + } + + [Test] + public void TestGcd() + { + for (int i = 0; i < 10; ++i) + { + BigInteger fac = new BigInteger(32, random).Add(two); + BigInteger p1 = BigInteger.ProbablePrime(63, random); + BigInteger p2 = BigInteger.ProbablePrime(64, random); + + BigInteger gcd = fac.Multiply(p1).Gcd(fac.Multiply(p2)); + + Assert.AreEqual(fac, gcd); + } + } + + [Test] + public void TestGetLowestSetBit() + { + for (int i = 1; i <= 100; ++i) + { + BigInteger test = new BigInteger(i + 1, 0, random).Add(one); + int bit1 = test.GetLowestSetBit(); + Assert.AreEqual(test, test.ShiftRight(bit1).ShiftLeft(bit1)); + int bit2 = test.ShiftLeft(i + 1).GetLowestSetBit(); + Assert.AreEqual(i + 1, bit2 - bit1); + int bit3 = test.ShiftLeft(3 * i).GetLowestSetBit(); + Assert.AreEqual(3 * i, bit3 - bit1); + } + } + + [Test] + public void TestIntValue() + { + int[] tests = new int[]{ int.MinValue, -1234, -10, -1, 0, ~0, 1, 10, 5678, int.MaxValue }; + + foreach (int test in tests) + { + Assert.AreEqual(test, val(test).IntValue); + } + + // TODO Tests for large numbers + } + + [Test] + public void TestIsProbablePrime() + { + Assert.IsFalse(zero.IsProbablePrime(100)); + Assert.IsFalse(zero.IsProbablePrime(100)); + Assert.IsTrue(zero.IsProbablePrime(0)); + Assert.IsTrue(zero.IsProbablePrime(-10)); + Assert.IsFalse(minusOne.IsProbablePrime(100)); + Assert.IsTrue(minusTwo.IsProbablePrime(100)); + Assert.IsTrue(val(-17).IsProbablePrime(100)); + Assert.IsTrue(val(67).IsProbablePrime(100)); + Assert.IsTrue(val(773).IsProbablePrime(100)); + + foreach (int p in firstPrimes) + { + Assert.IsTrue(val(p).IsProbablePrime(100)); + Assert.IsTrue(val(-p).IsProbablePrime(100)); + } + + foreach (int c in nonPrimes) + { + Assert.IsFalse(val(c).IsProbablePrime(100)); + Assert.IsFalse(val(-c).IsProbablePrime(100)); + } + + foreach (int e in mersennePrimeExponents) + { + Assert.IsTrue(mersenne(e).IsProbablePrime(100)); + Assert.IsTrue(mersenne(e).Negate().IsProbablePrime(100)); + } + + foreach (int e in nonPrimeExponents) + { + Assert.IsFalse(mersenne(e).IsProbablePrime(100)); + Assert.IsFalse(mersenne(e).Negate().IsProbablePrime(100)); + } + + // TODO Other examples of 'tricky' values? + } + + [Test] + public void TestLongValue() + { + long[] tests = new long[]{ long.MinValue, -1234, -10, -1, 0L, ~0L, 1, 10, 5678, long.MaxValue }; + + foreach (long test in tests) + { + Assert.AreEqual(test, val(test).LongValue); + } + + // TODO Tests for large numbers + } + + [Test] + public void TestMax() + { + for (int i = -10; i <= 10; ++i) + { + for (int j = -10; j <= 10; ++j) + { + Assert.AreEqual(val(System.Math.Max(i, j)), val(i).Max(val(j))); + } + } + } + + [Test] + public void TestMin() + { + for (int i = -10; i <= 10; ++i) + { + for (int j = -10; j <= 10; ++j) + { + Assert.AreEqual(val(System.Math.Min(i, j)), val(i).Min(val(j))); + } + } + } + + [Test] + public void TestMod() + { + // TODO Basic tests + + for (int rep = 0; rep < 100; ++rep) + { + int diff = random.Next(25); + BigInteger a = new BigInteger(100 - diff, 0, random); + BigInteger b = new BigInteger(100 + diff, 0, random); + BigInteger c = new BigInteger(10 + diff, 0, random); + + BigInteger d = a.Multiply(b).Add(c); + BigInteger e = d.Mod(a); + Assert.AreEqual(c, e); + + BigInteger pow2 = one.ShiftLeft(random.Next(128)); + Assert.AreEqual(b.And(pow2.Subtract(one)), b.Mod(pow2)); + } + } + + [Test] + public void TestModInverse() + { + for (int i = 0; i < 10; ++i) + { + BigInteger p = BigInteger.ProbablePrime(64, random); + BigInteger q = new BigInteger(63, random).Add(one); + BigInteger inv = q.ModInverse(p); + BigInteger inv2 = inv.ModInverse(p); + + Assert.AreEqual(q, inv2); + Assert.AreEqual(one, q.Multiply(inv).Mod(p)); + } + + // ModInverse a power of 2 for a range of powers + for (int i = 1; i <= 128; ++i) + { + BigInteger m = one.ShiftLeft(i); + BigInteger d = new BigInteger(i, random).SetBit(0); + BigInteger x = d.ModInverse(m); + BigInteger check = x.Multiply(d).Mod(m); + + Assert.AreEqual(one, check); + } + } + + [Test] + public void TestModPow() + { + try + { + two.ModPow(one, zero); + Assert.Fail("expected ArithmeticException"); + } + catch (ArithmeticException) {} + + Assert.AreEqual(zero, zero.ModPow(zero, one)); + Assert.AreEqual(one, zero.ModPow(zero, two)); + Assert.AreEqual(zero, two.ModPow(one, one)); + Assert.AreEqual(one, two.ModPow(zero, two)); + + for (int i = 0; i < 100; ++i) + { + BigInteger m = BigInteger.ProbablePrime(10 + i, random); + BigInteger x = new BigInteger(m.BitLength - 1, random); + + Assert.AreEqual(x, x.ModPow(m, m)); + if (x.SignValue != 0) + { + Assert.AreEqual(zero, zero.ModPow(x, m)); + Assert.AreEqual(one, x.ModPow(m.Subtract(one), m)); + } + + BigInteger y = new BigInteger(m.BitLength - 1, random); + BigInteger n = new BigInteger(m.BitLength - 1, random); + BigInteger n3 = n.ModPow(three, m); + + BigInteger resX = n.ModPow(x, m); + BigInteger resY = n.ModPow(y, m); + BigInteger res = resX.Multiply(resY).Mod(m); + BigInteger res3 = res.ModPow(three, m); + + Assert.AreEqual(res3, n3.ModPow(x.Add(y), m)); + + BigInteger a = x.Add(one); // Make sure it's not zero + BigInteger b = y.Add(one); // Make sure it's not zero + + Assert.AreEqual(a.ModPow(b, m).ModInverse(m), a.ModPow(b.Negate(), m)); + } + } + + [Test] + public void TestMultiply() + { + BigInteger one = BigInteger.One; + + Assert.AreEqual(one, one.Negate().Multiply(one.Negate())); + + for (int i = 0; i < 100; ++i) + { + int aLen = 64 + random.Next(64); + int bLen = 64 + random.Next(64); + + BigInteger a = new BigInteger(aLen, random).SetBit(aLen); + BigInteger b = new BigInteger(bLen, random).SetBit(bLen); + BigInteger c = new BigInteger(32, random); + + BigInteger ab = a.Multiply(b); + BigInteger bc = b.Multiply(c); + + Assert.AreEqual(ab.Add(bc), a.Add(c).Multiply(b)); + Assert.AreEqual(ab.Subtract(bc), a.Subtract(c).Multiply(b)); + } + + // Special tests for power of two since uses different code path internally + for (int i = 0; i < 100; ++i) + { + int shift = random.Next(64); + BigInteger a = one.ShiftLeft(shift); + BigInteger b = new BigInteger(64 + random.Next(64), random); + BigInteger bShift = b.ShiftLeft(shift); + + Assert.AreEqual(bShift, a.Multiply(b)); + Assert.AreEqual(bShift.Negate(), a.Multiply(b.Negate())); + Assert.AreEqual(bShift.Negate(), a.Negate().Multiply(b)); + Assert.AreEqual(bShift, a.Negate().Multiply(b.Negate())); + + Assert.AreEqual(bShift, b.Multiply(a)); + Assert.AreEqual(bShift.Negate(), b.Multiply(a.Negate())); + Assert.AreEqual(bShift.Negate(), b.Negate().Multiply(a)); + Assert.AreEqual(bShift, b.Negate().Multiply(a.Negate())); + } + } + + [Test] + public void TestNegate() + { + for (int i = -10; i <= 10; ++i) + { + Assert.AreEqual(val(-i), val(i).Negate()); + } + } + + [Test] + public void TestNextProbablePrime() + { + BigInteger firstPrime = BigInteger.ProbablePrime(32, random); + BigInteger nextPrime = firstPrime.NextProbablePrime(); + + Assert.IsTrue(firstPrime.IsProbablePrime(10)); + Assert.IsTrue(nextPrime.IsProbablePrime(10)); + + BigInteger check = firstPrime.Add(one); + + while (check.CompareTo(nextPrime) < 0) + { + Assert.IsFalse(check.IsProbablePrime(10)); + check = check.Add(one); + } + } + + [Test] + public void TestNot() + { + for (int i = -10; i <= 10; ++i) + { + Assert.AreEqual( + val(~i), + val(i).Not(), + "Problem: ~" + i + " should be " + ~i); + } + } + + [Test] + public void TestOr() + { + for (int i = -10; i <= 10; ++i) + { + for (int j = -10; j <= 10; ++j) + { + Assert.AreEqual( + val(i | j), + val(i).Or(val(j)), + "Problem: " + i + " OR " + j + " should be " + (i | j)); + } + } + } + + [Test] + public void TestPow() + { + Assert.AreEqual(one, zero.Pow(0)); + Assert.AreEqual(zero, zero.Pow(123)); + Assert.AreEqual(one, one.Pow(0)); + Assert.AreEqual(one, one.Pow(123)); + + Assert.AreEqual(two.Pow(147), one.ShiftLeft(147)); + Assert.AreEqual(one.ShiftLeft(7).Pow(11), one.ShiftLeft(77)); + + BigInteger n = new BigInteger("1234567890987654321"); + BigInteger result = one; + + for (int i = 0; i < 10; ++i) + { + try + { + val(i).Pow(-1); + Assert.Fail("expected ArithmeticException"); + } + catch (ArithmeticException) {} + + Assert.AreEqual(result, n.Pow(i)); + + result = result.Multiply(n); + } + } + + [Test] + public void TestRemainder() + { + // TODO Basic tests + + for (int rep = 0; rep < 10; ++rep) + { + BigInteger a = new BigInteger(100 - rep, 0, random); + BigInteger b = new BigInteger(100 + rep, 0, random); + BigInteger c = new BigInteger(10 + rep, 0, random); + BigInteger d = a.Multiply(b).Add(c); + BigInteger e = d.Remainder(a); + + Assert.AreEqual(c, e); + } + } + + [Test] + public void TestSetBit() + { + Assert.AreEqual(one, zero.SetBit(0)); + Assert.AreEqual(one, one.SetBit(0)); + Assert.AreEqual(three, two.SetBit(0)); + + Assert.AreEqual(two, zero.SetBit(1)); + Assert.AreEqual(three, one.SetBit(1)); + Assert.AreEqual(two, two.SetBit(1)); + + // TODO Tests for setting bits in negative numbers + + // TODO Tests for setting extended bits + + for (int i = 0; i < 10; ++i) + { + BigInteger n = new BigInteger(128, random); + + for (int j = 0; j < 10; ++j) + { + int pos = random.Next(128); + BigInteger m = n.SetBit(pos); + bool test = m.ShiftRight(pos).Remainder(two).Equals(one); + + Assert.IsTrue(test); + } + } + + for (int i = 0; i < 100; ++i) + { + BigInteger pow2 = one.ShiftLeft(i); + BigInteger minusPow2 = pow2.Negate(); + + Assert.AreEqual(pow2, pow2.SetBit(i)); + Assert.AreEqual(minusPow2, minusPow2.SetBit(i)); + + BigInteger bigI = BigInteger.ValueOf(i); + BigInteger negI = bigI.Negate(); + + for (int j = 0; j < 10; ++j) + { + string data = "i=" + i + ", j=" + j; + Assert.AreEqual(bigI.Or(one.ShiftLeft(j)), bigI.SetBit(j), data); + Assert.AreEqual(negI.Or(one.ShiftLeft(j)), negI.SetBit(j), data); + } + } + } + + [Test] + public void TestShiftLeft() + { + for (int i = 0; i < 100; ++i) + { + int shift = random.Next(128); + + BigInteger a = new BigInteger(128 + i, random).Add(one); + int bits = a.BitCount; // Make sure nBits is set + + BigInteger negA = a.Negate(); + bits = negA.BitCount; // Make sure nBits is set + + BigInteger b = a.ShiftLeft(shift); + BigInteger c = negA.ShiftLeft(shift); + + Assert.AreEqual(a.BitCount, b.BitCount); + Assert.AreEqual(negA.BitCount + shift, c.BitCount); + Assert.AreEqual(a.BitLength + shift, b.BitLength); + Assert.AreEqual(negA.BitLength + shift, c.BitLength); + + int j = 0; + for (; j < shift; ++j) + { + Assert.IsFalse(b.TestBit(j)); + } + + for (; j < b.BitLength; ++j) + { + Assert.AreEqual(a.TestBit(j - shift), b.TestBit(j)); + } + } + } + + [Test] + public void TestShiftRight() + { + for (int i = 0; i < 10; ++i) + { + int shift = random.Next(128); + BigInteger a = new BigInteger(256 + i, random).SetBit(256 + i); + BigInteger b = a.ShiftRight(shift); + + Assert.AreEqual(a.BitLength - shift, b.BitLength); + + for (int j = 0; j < b.BitLength; ++j) + { + Assert.AreEqual(a.TestBit(j + shift), b.TestBit(j)); + } + } + } + + [Test] + public void TestSignValue() + { + for (int i = -10; i <= 10; ++i) + { + Assert.AreEqual(i < 0 ? -1 : i > 0 ? 1 : 0, val(i).SignValue); + } + } + + [Test] + public void TestSubtract() + { + for (int i = -10; i <= 10; ++i) + { + for (int j = -10; j <= 10; ++j) + { + Assert.AreEqual( + val(i - j), + val(i).Subtract(val(j)), + "Problem: " + i + ".Subtract(" + j + ") should be " + (i - j)); + } + } + } + + [Test] + public void TestTestBit() + { + for (int i = 0; i < 10; ++i) + { + BigInteger n = new BigInteger(128, random); + + Assert.IsFalse(n.TestBit(128)); + Assert.IsTrue(n.Negate().TestBit(128)); + + for (int j = 0; j < 10; ++j) + { + int pos = random.Next(128); + bool test = n.ShiftRight(pos).Remainder(two).Equals(one); + + Assert.AreEqual(test, n.TestBit(pos)); + } + } + } + + [Test] + public void TestToByteArray() + { + byte[] z = BigInteger.Zero.ToByteArray(); + Assert.IsTrue(Arrays.AreEqual(new byte[1], z)); + + for (int i = 16; i <= 48; ++i) + { + BigInteger x = BigInteger.ProbablePrime(i, random); + byte[] b = x.ToByteArray(); + Assert.AreEqual((i / 8 + 1), b.Length); + BigInteger y = new BigInteger(b); + Assert.AreEqual(x, y); + + x = x.Negate(); + b = x.ToByteArray(); + Assert.AreEqual((i / 8 + 1), b.Length); + y = new BigInteger(b); + Assert.AreEqual(x, y); + } + } + + [Test] + public void TestToByteArrayUnsigned() + { + byte[] z = BigInteger.Zero.ToByteArrayUnsigned(); + Assert.IsTrue(Arrays.AreEqual(new byte[0], z)); + + for (int i = 16; i <= 48; ++i) + { + BigInteger x = BigInteger.ProbablePrime(i, random); + byte[] b = x.ToByteArrayUnsigned(); + Assert.AreEqual((i + 7) / 8, b.Length); + BigInteger y = new BigInteger(1, b); + Assert.AreEqual(x, y); + + x = x.Negate(); + b = x.ToByteArrayUnsigned(); + Assert.AreEqual(i / 8 + 1, b.Length); + y = new BigInteger(b); + Assert.AreEqual(x, y); + } + } + + [Test] + public void TestToString() + { + string s = "12345667890987654321"; + + Assert.AreEqual(s, new BigInteger(s).ToString()); + Assert.AreEqual(s, new BigInteger(s, 10).ToString(10)); + Assert.AreEqual(s, new BigInteger(s, 16).ToString(16)); + + for (int i = 0; i < 100; ++i) + { + BigInteger n = new BigInteger(i, random); + + Assert.AreEqual(n, new BigInteger(n.ToString(2), 2)); + Assert.AreEqual(n, new BigInteger(n.ToString(10), 10)); + Assert.AreEqual(n, new BigInteger(n.ToString(16), 16)); + } + + // Radix version + int[] radices = new int[] { 2, 8, 10, 16 }; + int trials = 256; + + BigInteger[] tests = new BigInteger[trials]; + for (int i = 0; i < trials; ++i) + { + int len = random.Next(i + 1); + tests[i] = new BigInteger(len, random); + } + + foreach (int radix in radices) + { + for (int i = 0; i < trials; ++i) + { + BigInteger n1 = tests[i]; + string str = n1.ToString(radix); + BigInteger n2 = new BigInteger(str, radix); + Assert.AreEqual(n1, n2); + } + } + } + + [Test] + public void TestValueOf() + { + Assert.AreEqual(-1, BigInteger.ValueOf(-1).SignValue); + Assert.AreEqual(0, BigInteger.ValueOf(0).SignValue); + Assert.AreEqual(1, BigInteger.ValueOf(1).SignValue); + + for (long i = -5; i < 5; ++i) + { + Assert.AreEqual(i, BigInteger.ValueOf(i).IntValue); + } + } + + [Test] + public void TestXor() + { + for (int i = -10; i <= 10; ++i) + { + for (int j = -10; j <= 10; ++j) + { + Assert.AreEqual( + val(i ^ j), + val(i).Xor(val(j)), + "Problem: " + i + " XOR " + j + " should be " + (i ^ j)); + } + } + } + + private static BigInteger val(long n) + { + return BigInteger.ValueOf(n); + } + + private static BigInteger mersenne(int e) + { + return two.Pow(e).Subtract(one); + } + + private static readonly BigInteger minusTwo = BigInteger.Two.Negate(); + private static readonly BigInteger minusOne = BigInteger.One.Negate(); + private static readonly BigInteger zero = BigInteger.Zero; + private static readonly BigInteger one = BigInteger.One; + private static readonly BigInteger two = BigInteger.Two; + private static readonly BigInteger three = BigInteger.Three; + + private static int[] firstPrimes = { 2, 3, 5, 7, 11, 13, 17, 19, 23, 29 }; + private static int[] nonPrimes = { 0, 1, 4, 10, 20, 21, 22, 25, 26, 27 }; + + private static int[] mersennePrimeExponents = { 2, 3, 5, 7, 13, 17, 19, 31, 61, 89 }; + private static int[] nonPrimeExponents = { 1, 4, 6, 9, 11, 15, 23, 29, 37, 41 }; + } +} diff --git a/BouncyCastle/crypto/test/src/math/test/PrimesTest.cs b/BouncyCastle/crypto/test/src/math/test/PrimesTest.cs new file mode 100644 index 0000000..4456ef2 --- /dev/null +++ b/BouncyCastle/crypto/test/src/math/test/PrimesTest.cs @@ -0,0 +1,179 @@ +using System; + +using NUnit.Framework; + +using Org.BouncyCastle.Crypto; +using Org.BouncyCastle.Crypto.Digests; +using Org.BouncyCastle.Security; +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Math.Tests +{ + [TestFixture] + public class PrimesTest + { + private const int ITERATIONS = 10; + private const int PRIME_BITS = 256; + private const int PRIME_CERTAINTY = 100; + + private static readonly BigInteger Two = BigInteger.Two; + + private static readonly SecureRandom R = new SecureRandom(); + + [Test] + public void TestHasAnySmallFactors() + { + for (int iterations = 0; iterations < ITERATIONS; ++iterations) + { + BigInteger prime = RandomPrime(); + Assert.False(Primes.HasAnySmallFactors(prime)); + + // NOTE: Loop through ALL small values to be sure no small primes are missing + for (int smallFactor = 2; smallFactor <= Primes.SmallFactorLimit; ++smallFactor) + { + BigInteger nonPrimeWithSmallFactor = BigInteger.ValueOf(smallFactor).Multiply(prime); + Assert.True(Primes.HasAnySmallFactors(nonPrimeWithSmallFactor)); + } + } + } + + [Test] + public void TestEnhancedMRProbablePrime() + { + int mrIterations = (PRIME_CERTAINTY + 1) / 2; + for (int iterations = 0; iterations < ITERATIONS; ++iterations) + { + BigInteger prime = RandomPrime(); + Primes.MROutput mr = Primes.EnhancedMRProbablePrimeTest(prime, R, mrIterations); + Assert.False(mr.IsProvablyComposite); + Assert.False(mr.IsNotPrimePower); + Assert.Null(mr.Factor); + + BigInteger primePower = prime; + for (int i = 0; i <= (iterations % 8); ++i) + { + primePower = primePower.Multiply(prime); + } + + Primes.MROutput mr2 = Primes.EnhancedMRProbablePrimeTest(primePower, R, mrIterations); + Assert.True(mr2.IsProvablyComposite); + Assert.False(mr2.IsNotPrimePower); + Assert.AreEqual(mr2.Factor, prime); + + BigInteger nonPrimePower = RandomPrime().Multiply(prime); + Primes.MROutput mr3 = Primes.EnhancedMRProbablePrimeTest(nonPrimePower, R, mrIterations); + Assert.True(mr3.IsProvablyComposite); + Assert.True(mr3.IsNotPrimePower); + Assert.Null(mr.Factor); + } + } + + [Test] + public void TestMRProbablePrime() + { + int mrIterations = (PRIME_CERTAINTY + 1) / 2; + for (int iterations = 0; iterations < ITERATIONS; ++iterations) + { + BigInteger prime = RandomPrime(); + Assert.True(Primes.IsMRProbablePrime(prime, R, mrIterations)); + + BigInteger nonPrime = RandomPrime().Multiply(prime); + Assert.False(Primes.IsMRProbablePrime(nonPrime, R, mrIterations)); + } + } + + [Test] + public void TestMRProbablePrimeToBase() + { + int mrIterations = (PRIME_CERTAINTY + 1) / 2; + for (int iterations = 0; iterations < ITERATIONS; ++iterations) + { + BigInteger prime = RandomPrime(); + Assert.True(ReferenceIsMRProbablePrime(prime, mrIterations)); + + BigInteger nonPrime = RandomPrime().Multiply(prime); + Assert.False(ReferenceIsMRProbablePrime(nonPrime, mrIterations)); + } + } + + [Test] + public void TestSTRandomPrime() + { + IDigest[] digests = new IDigest[] { new Sha1Digest(), new Sha256Digest() }; + for (int digestIndex = 0; digestIndex < digests.Length; ++digestIndex) + { + int coincidenceCount = 0; + + IDigest digest = digests[digestIndex]; + for (int iterations = 0; iterations < ITERATIONS; ++iterations) + { + try + { + byte[] inputSeed = new byte[16]; + R.NextBytes(inputSeed); + + Primes.STOutput st = Primes.GenerateSTRandomPrime(digest, PRIME_BITS, inputSeed); + Assert.True(IsPrime(st.Prime)); + + Primes.STOutput st2 = Primes.GenerateSTRandomPrime(digest, PRIME_BITS, inputSeed); + Assert.AreEqual(st.Prime, st2.Prime); + Assert.AreEqual(st.PrimeGenCounter, st2.PrimeGenCounter); + Assert.True(Arrays.AreEqual(st.PrimeSeed, st2.PrimeSeed)); + + for (int i = 0; i < inputSeed.Length; ++i) + { + inputSeed[i] ^= 0xFF; + } + + Primes.STOutput st3 = Primes.GenerateSTRandomPrime(digest, PRIME_BITS, inputSeed); + Assert.True(!st.Prime.Equals(st3.Prime)); + Assert.False(Arrays.AreEqual(st.PrimeSeed, st3.PrimeSeed)); + + if (st.PrimeGenCounter == st3.PrimeGenCounter) + { + ++coincidenceCount; + } + } + catch (InvalidOperationException e) + { + if (e.Message.StartsWith("Too many iterations")) + { + --iterations; + continue; + } + + throw e; + } + } + + Assert.True(coincidenceCount * coincidenceCount < ITERATIONS); + } + } + + private static bool ReferenceIsMRProbablePrime(BigInteger x, int numBases) + { + BigInteger xSubTwo = x.Subtract(Two); + + for (int i = 0; i < numBases; ++i) + { + BigInteger b = BigIntegers.CreateRandomInRange(Two, xSubTwo, R); + if (!Primes.IsMRProbablePrimeToBase(x, b)) + { + return false; + } + } + + return true; + } + + private static bool IsPrime(BigInteger x) + { + return x.IsProbablePrime(PRIME_CERTAINTY); + } + + private static BigInteger RandomPrime() + { + return new BigInteger(PRIME_BITS, PRIME_CERTAINTY, R); + } + } +} diff --git a/BouncyCastle/crypto/test/src/ocsp/test/AllTests.cs b/BouncyCastle/crypto/test/src/ocsp/test/AllTests.cs new file mode 100644 index 0000000..5e799cd --- /dev/null +++ b/BouncyCastle/crypto/test/src/ocsp/test/AllTests.cs @@ -0,0 +1,30 @@ +#if !LIB +using System; + +using NUnit.Core; +using NUnit.Framework; + +using Org.BouncyCastle.Utilities.Test; + +namespace Org.BouncyCastle.Ocsp.Tests +{ + public class AllTests + { + public static void Main(string[] args) + { + Suite.Run(new NullListener(), NUnit.Core.TestFilter.Empty); + } + + [Suite] + public static TestSuite Suite + { + get + { + TestSuite suite = new TestSuite("OCSP Tests"); + suite.Add(new OcspTest()); + return suite; + } + } + } +} +#endif diff --git a/BouncyCastle/crypto/test/src/ocsp/test/OCSPTest.cs b/BouncyCastle/crypto/test/src/ocsp/test/OCSPTest.cs new file mode 100644 index 0000000..823de90 --- /dev/null +++ b/BouncyCastle/crypto/test/src/ocsp/test/OCSPTest.cs @@ -0,0 +1,852 @@ +using System; +using System.Collections; +using System.IO; + +using NUnit.Framework; + +using Org.BouncyCastle.Asn1; +using Org.BouncyCastle.Asn1.Ocsp; +using Org.BouncyCastle.Asn1.X509; +using Org.BouncyCastle.Crypto; +using Org.BouncyCastle.Math; +using Org.BouncyCastle.Utilities.Collections; +using Org.BouncyCastle.Utilities.Encoders; +using Org.BouncyCastle.Utilities.Test; +using Org.BouncyCastle.X509; +using Org.BouncyCastle.X509.Extension; + +namespace Org.BouncyCastle.Ocsp.Tests +{ + [TestFixture] + public class OcspTest + : SimpleTest + { + private static readonly byte[] testResp1 = Base64.Decode( + "MIIFnAoBAKCCBZUwggWRBgkrBgEFBQcwAQEEggWCMIIFfjCCARehgZ8wgZwx" + + "CzAJBgNVBAYTAklOMRcwFQYDVQQIEw5BbmRocmEgcHJhZGVzaDESMBAGA1UE" + + "BxMJSHlkZXJhYmFkMQwwCgYDVQQKEwNUQ1MxDDAKBgNVBAsTA0FUQzEeMBwG" + + "A1UEAxMVVENTLUNBIE9DU1AgUmVzcG9uZGVyMSQwIgYJKoZIhvcNAQkBFhVv" + + "Y3NwQHRjcy1jYS50Y3MuY28uaW4YDzIwMDMwNDAyMTIzNDU4WjBiMGAwOjAJ" + + "BgUrDgMCGgUABBRs07IuoCWNmcEl1oHwIak1BPnX8QQUtGyl/iL9WJ1VxjxF" + + "j0hAwJ/s1AcCAQKhERgPMjAwMjA4MjkwNzA5MjZaGA8yMDAzMDQwMjEyMzQ1" + + "OFowDQYJKoZIhvcNAQEFBQADgYEAfbN0TCRFKdhsmvOdUoiJ+qvygGBzDxD/" + + "VWhXYA+16AphHLIWNABR3CgHB3zWtdy2j7DJmQ/R7qKj7dUhWLSqclAiPgFt" + + "QQ1YvSJAYfEIdyHkxv4NP0LSogxrumANcDyC9yt/W9yHjD2ICPBIqCsZLuLk" + + "OHYi5DlwWe9Zm9VFwCGgggPMMIIDyDCCA8QwggKsoAMCAQICAQYwDQYJKoZI" + + "hvcNAQEFBQAwgZQxFDASBgNVBAMTC1RDUy1DQSBPQ1NQMSYwJAYJKoZIhvcN" + + "AQkBFhd0Y3MtY2FAdGNzLWNhLnRjcy5jby5pbjEMMAoGA1UEChMDVENTMQww" + + "CgYDVQQLEwNBVEMxEjAQBgNVBAcTCUh5ZGVyYWJhZDEXMBUGA1UECBMOQW5k" + + "aHJhIHByYWRlc2gxCzAJBgNVBAYTAklOMB4XDTAyMDgyOTA3MTE0M1oXDTAz" + + "MDgyOTA3MTE0M1owgZwxCzAJBgNVBAYTAklOMRcwFQYDVQQIEw5BbmRocmEg" + + "cHJhZGVzaDESMBAGA1UEBxMJSHlkZXJhYmFkMQwwCgYDVQQKEwNUQ1MxDDAK" + + "BgNVBAsTA0FUQzEeMBwGA1UEAxMVVENTLUNBIE9DU1AgUmVzcG9uZGVyMSQw" + + "IgYJKoZIhvcNAQkBFhVvY3NwQHRjcy1jYS50Y3MuY28uaW4wgZ8wDQYJKoZI" + + "hvcNAQEBBQADgY0AMIGJAoGBAM+XWW4caMRv46D7L6Bv8iwtKgmQu0SAybmF" + + "RJiz12qXzdvTLt8C75OdgmUomxp0+gW/4XlTPUqOMQWv463aZRv9Ust4f8MH" + + "EJh4ekP/NS9+d8vEO3P40ntQkmSMcFmtA9E1koUtQ3MSJlcs441JjbgUaVnm" + + "jDmmniQnZY4bU3tVAgMBAAGjgZowgZcwDAYDVR0TAQH/BAIwADALBgNVHQ8E" + + "BAMCB4AwEwYDVR0lBAwwCgYIKwYBBQUHAwkwNgYIKwYBBQUHAQEEKjAoMCYG" + + "CCsGAQUFBzABhhpodHRwOi8vMTcyLjE5LjQwLjExMDo3NzAwLzAtBgNVHR8E" + + "JjAkMCKgIKAehhxodHRwOi8vMTcyLjE5LjQwLjExMC9jcmwuY3JsMA0GCSqG" + + "SIb3DQEBBQUAA4IBAQB6FovM3B4VDDZ15o12gnADZsIk9fTAczLlcrmXLNN4" + + "PgmqgnwF0Ymj3bD5SavDOXxbA65AZJ7rBNAguLUo+xVkgxmoBH7R2sBxjTCc" + + "r07NEadxM3HQkt0aX5XYEl8eRoifwqYAI9h0ziZfTNes8elNfb3DoPPjqq6V" + + "mMg0f0iMS4W8LjNPorjRB+kIosa1deAGPhq0eJ8yr0/s2QR2/WFD5P4aXc8I" + + "KWleklnIImS3zqiPrq6tl2Bm8DZj7vXlTOwmraSQxUwzCKwYob1yGvNOUQTq" + + "pG6jxn7jgDawHU1+WjWQe4Q34/pWeGLysxTraMa+Ug9kPe+jy/qRX2xwvKBZ" +// + "===="); + + ""); + + private static readonly byte[] testResp2 = Base64.Decode( + "MIII1QoBAKCCCM4wggjKBgkrBgEFBQcwAQEEggi7MIIItzCBjqADAgEAoSMw" + + "ITEfMB0GA1UEAxMWT0NTUCBjZXJ0LVFBLUNMSUVOVC04NxgPMjAwMzA1MTky" + + "MDI2MzBaMFEwTzA6MAkGBSsOAwIaBQAEFJniwiUuyrhKIEF2TjVdVdCAOw0z" + + "BBR2olPKrPOJUVyGZ7BXOC4L2BmAqgIBL4AAGA8yMDAzMDUxOTIwMjYzMFow" + + "DQYJKoZIhvcNAQEEBQADggEBALImFU3kUtpNVf4tIFKg/1sDHvGpk5Pk0uhH" + + "TiNp6vdPfWjOgPkVXskx9nOTabVOBE8RusgwEcK1xeBXSHODb6mnjt9pkfv3" + + "ZdbFLFvH/PYjOb6zQOgdIOXhquCs5XbcaSFCX63hqnSaEqvc9w9ctmQwds5X" + + "tCuyCB1fWu/ie8xfuXR5XZKTBf5c6dO82qFE65gTYbGOxJBYiRieIPW1XutZ" + + "A76qla4m+WdxubV6SPG8PVbzmAseqjsJRn4jkSKOGenqSOqbPbZn9oBsU0Ku" + + "hul3pwsNJvcBvw2qxnWybqSzV+n4OvYXk+xFmtTjw8H9ChV3FYYDs8NuUAKf" + + "jw1IjWegggcOMIIHCjCCAzMwggIboAMCAQICAQIwDQYJKoZIhvcNAQEEBQAw" + + "bzELMAkGA1UEBhMCVVMxCzAJBgNVBAgTAk1BMRAwDgYDVQQHEwdXYWx0aGFt" + + "MRYwFAYDVQQKEw1Gb3J1bSBTeXN0ZW1zMQswCQYDVQQLEwJRQTEcMBoGA1UE" + + "AxMTQ2VydGlmaWNhdGUgTWFuYWdlcjAeFw0wMzAzMjEwNTAwMDBaFw0yNTAz" + + "MjEwNTAwMDBaMCExHzAdBgNVBAMTFk9DU1AgY2VydC1RQS1DTElFTlQtODcw" + + "ggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDVuxRCZgJAYAftYuRy" + + "9axdtsHrkIJyVVRorLCTWOoLmx2tlrGqKbHOGKmvqEPEpeCDYQk+0WIlWMuM" + + "2pgiYAolwqSFBwCjkjQN3fCIHXiby0JBgCCLoe7wa0pZffE+8XZH0JdSjoT3" + + "2OYD19wWZeY2VB0JWJFWYAnIL+R5Eg7LwJ5QZSdvghnOWKTv60m/O1rC0see" + + "9lbPO+3jRuaDyCUKYy/YIKBYC9rtC4hS47jg70dTfmE2nccjn7rFCPBrVr4M" + + "5szqdRzwu3riL9W+IE99LTKXOH/24JX0S4woeGXMS6me7SyZE6x7P2tYkNXM" + + "OfXk28b3SJF75K7vX6T6ecWjAgMBAAGjKDAmMBMGA1UdJQQMMAoGCCsGAQUF" + + "BwMJMA8GCSsGAQUFBzABBQQCBQAwDQYJKoZIhvcNAQEEBQADggEBAKNSn7pp" + + "UEC1VTN/Iqk8Sc2cAYM7KSmeB++tuyes1iXY4xSQaEgOxRa5AvPAKnXKSzfY" + + "vqi9WLdzdkpTo4AzlHl5nqU/NCUv3yOKI9lECVMgMxLAvZgMALS5YXNZsqrs" + + "hP3ASPQU99+5CiBGGYa0PzWLstXLa6SvQYoHG2M8Bb2lHwgYKsyrUawcfc/s" + + "jE3jFJeyCyNwzH0eDJUVvW1/I3AhLNWcPaT9/VfyIWu5qqZU+ukV/yQXrKiB" + + "glY8v4QDRD4aWQlOuiV2r9sDRldOPJe2QSFDBe4NtBbynQ+MRvF2oQs/ocu+" + + "OAHX7uiskg9GU+9cdCWPwJf9cP/Zem6MemgwggPPMIICt6ADAgECAgEBMA0G" + + "CSqGSIb3DQEBBQUAMG8xCzAJBgNVBAYTAlVTMQswCQYDVQQIEwJNQTEQMA4G" + + "A1UEBxMHV2FsdGhhbTEWMBQGA1UEChMNRm9ydW0gU3lzdGVtczELMAkGA1UE" + + "CxMCUUExHDAaBgNVBAMTE0NlcnRpZmljYXRlIE1hbmFnZXIwHhcNMDMwMzIx" + + "MDUwMDAwWhcNMjUwMzIxMDUwMDAwWjBvMQswCQYDVQQGEwJVUzELMAkGA1UE" + + "CBMCTUExEDAOBgNVBAcTB1dhbHRoYW0xFjAUBgNVBAoTDUZvcnVtIFN5c3Rl" + + "bXMxCzAJBgNVBAsTAlFBMRwwGgYDVQQDExNDZXJ0aWZpY2F0ZSBNYW5hZ2Vy" + + "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4VeU+48VBjI0mGRt" + + "9qlD+WAhx3vv4KCOD5f3HWLj8D2DcoszVTVDqtRK+HS1eSpO/xWumyXhjV55" + + "FhG2eYi4e0clv0WyswWkGLqo7IxYn3ZhVmw04ohdTjdhVv8oS+96MUqPmvVW" + + "+MkVRyqm75HdgWhKRr/lEpDNm+RJe85xMCipkyesJG58p5tRmAZAAyRs3jYw" + + "5YIFwDOnt6PCme7ui4xdas2zolqOlynMuq0ctDrUPKGLlR4mVBzgAVPeatcu" + + "ivEQdB3rR6UN4+nv2jx9kmQNNb95R1M3J9xHfOWX176UWFOZHJwVq8eBGF9N" + + "pav4ZGBAyqagW7HMlo7Hw0FzUwIDAQABo3YwdDARBglghkgBhvhCAQEEBAMC" + + "AJcwDwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQU64zBxl1yKES8tjU3/rBA" + + "NaeBpjkwHwYDVR0jBBgwFoAU64zBxl1yKES8tjU3/rBANaeBpjkwDgYDVR0P" + + "AQH/BAQDAgGGMA0GCSqGSIb3DQEBBQUAA4IBAQAzHnf+Z+UgxDVOpCu0DHF+" + + "qYZf8IaUQxLhUD7wjwnt3lJ0QV1z4oyc6Vs9J5xa8Mvf7u1WMmOxvN8r8Kb0" + + "k8DlFszLd0Qwr+NVu5NQO4Vn01UAzCtH4oX2bgrVzotqDnzZ4TcIr11EX3Nb" + + "tO8yWWl+xWIuxKoAO8a0Rh97TyYfAj4++GIm43b2zIvRXEWAytjz7rXUMwRC" + + "1ipRQwSA9gyw2y0s8emV/VwJQXsTe9xtDqlEC67b90V/BgL/jxck5E8yrY9Z" + + "gNxlOgcqscObisAkB5I6GV+dfa+BmZrhSJ/bvFMUrnFzjLFvZp/9qiK11r5K" + + "A5oyOoNv0w+8bbtMNEc1" +// + "===="); + + ""); + + /** + * extra version number encoding. + */ + private static readonly byte[] irregReq = Base64.Decode( + "MIIQpTBUoAMCAQAwTTBLMEkwCQYFKw4DAhoFAAQUIcFvFFVjPem15pKox4cfcnzF" + + "Kf4EFJf8OQzmVmyJ/hc4EhitQbXcqAzDAhB9ePsP19SuP6CsAgFwQuEAoIIQSzCC" + + "EEcwDQYJKoZIhvcNAQEFBQADgYEAlq/Tjl8OtFM8Tib1JYTiaPy9vFDr8UZhqXJI" + + "FyrdgtUyyDt0EcrgnBGacAeRZzF5sokIC6DjXweU7EItGqrpw/RaCUPUWFpPxR6y" + + "HjuzrLmICocTI9MH7dRUXm0qpxoY987sx1PtWB4pSR99ixBtq3OPNdsI0uJ+Qkei" + + "LbEZyvWggg+wMIIPrDCCA5owggKCoAMCAQICEEAxXx/eFe7gm/NX7AkcS68wDQYJ" + + "KoZIhvcNAQEFBQAwgZoxCzAJBgNVBAYTAlNFMTMwMQYDVQQKDCpMw6Ruc2bDtnJz" + + "w6RrcmluZ2FyIEJhbmsgQWt0aWVib2xhZyAocHVibCkxFTATBgNVBAUTDDExMTEx" + + "MTExMTExMTE/MD0GA1UEAww2TMOkbnNmw7Zyc8Oka3JpbmdhciBCYW5rIFB1cmNo" + + "YXNlciBDQTEgZm9yIEJhbmtJRCBURVNUMB4XDTA4MTAwNjIyMDAwMFoXDTEwMTAx" + + "MDIxNTk1OVowgZExCzAJBgNVBAYTAlNFMTMwMQYDVQQKDCpMw6Ruc2bDtnJzw6Rr" + + "cmluZ2FyIEJhbmsgQWt0aWVib2xhZyAocHVibCkxFTATBgNVBAUTDDExMTExMTEx" + + "MTExMTE2MDQGA1UEAwwtTMOkbnNmw7Zyc8Oka3JpbmdhciBCYW5rIE9DU1AgZm9y" + + "IEJhbmtJRCBURVNUMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC5e/h6aL2m" + + "DVpWeu5e5p1Ps9kbvuuGeAp9zJDYLbZz7uzT67X+s59HaViroD2+2my/gg7rX7tK" + + "H9VXpJad1W9O19SjfNyxgeAMwVMkrbb4IlrQwu0v/Ub8JPxSWwZZXYiODq5abeXA" + + "abMYIHxSaSkhrsUj1dpSAohHLJRlq707swIDAQABo2cwZTAfBgNVHSMEGDAWgBTR" + + "vcp2QyNdNGZ+q7TjKSrrHZqxmDATBgNVHSAEDDAKMAgGBiqFcDwBBjAOBgNVHQ8B" + + "Af8EBAMCBkAwHQYDVR0OBBYEFF/3557FEvkA8iiPv2XcBclxKnTdMA0GCSqGSIb3" + + "DQEBBQUAA4IBAQAOxRvHO89XJ0v83BZdPFzEBA4B2Tqc1oABUn13S6fAkcGWvOmG" + + "eY61MK16aMnLPNDadZrAqJc6PEtVY57uaywE9acwv9XpHO0bcS94tLwvZZJ2KBt0" + + "Oq96gaI6gnJViUjyWjm+qBZvod0QPOLGv6wUPoiNcCpSid/COTjKpLYpCJj3ZWUV" + + "nsTRWSRVXsdY/xI0gs/A8/c5P1PuTxoi99RTmcruoFxvV4MmhWyX7IGqG4OAtLdo" + + "yefz/90FPGOrmqY9OgEb+gNuTM26YDvSs1dfarPl89d8jjwxHgNbZjh2VHFqKolJ" + + "8TB8ZS5aNvhHPumOOE47y95rTBxrxSmGvKb8MIIENDCCAxygAwIBAgIRAJAFaeOw" + + "7XbxH/DN/Vvhjx8wDQYJKoZIhvcNAQEFBQAwgZUxCzAJBgNVBAYTAlNFMTMwMQYD" + + "VQQKDCpMw6Ruc2bDtnJzw6RrcmluZ2FyIEJhbmsgQWt0aWVib2xhZyAocHVibCkx" + + "FTATBgNVBAUTDDExMTExMTExMTExMTE6MDgGA1UEAwwxTMOkbnNmw7Zyc8Oka3Jp" + + "bmdhciBCYW5rIFJvb3QgQ0ExIGZvciBCYW5rSUQgVEVTVDAeFw0wNzEwMDExMjAw" + + "MzdaFw0yOTA3MDExMjAwMzdaMIGaMQswCQYDVQQGEwJTRTEzMDEGA1UECgwqTMOk" + + "bnNmw7Zyc8Oka3JpbmdhciBCYW5rIEFrdGllYm9sYWcgKHB1YmwpMRUwEwYDVQQF" + + "EwwxMTExMTExMTExMTExPzA9BgNVBAMMNkzDpG5zZsO2cnPDpGtyaW5nYXIgQmFu" + + "ayBQdXJjaGFzZXIgQ0ExIGZvciBCYW5rSUQgVEVTVDCCASIwDQYJKoZIhvcNAQEB" + + "BQADggEPADCCAQoCggEBAMK5WbYojYRX1ZKrbxJBgbd4x503LfMWgr67sVD5L0NY" + + "1RPhZVFJRKJWvawE5/eXJ4oNQwc831h2jiOgINXuKyGXqdAVGBcpFwIxTfzxwT4l" + + "fvztr8pE6wk7mLLwKUvIjbM3EF1IL3zUI3UU/U5ioyGmcb/o4GGN71kMmvV/vrkU" + + "02/s7xicXNxYej4ExLiCkS5+j/+3sR47Uq5cL9e8Yg7t5/6FyLGQjKoS8HU/abYN" + + "4kpx/oyrxzrXMhnMVDiI8QX9NYGJwI8KZ/LU6GDq/NnZ3gG5v4l4UU1GhgUbrk4I" + + "AZPDu99zvwCtkdj9lJN0eDv8jdyEPZ6g1qPBE0pCNqcCAwEAAaN4MHYwDwYDVR0T" + + "AQH/BAUwAwEB/zATBgNVHSAEDDAKMAgGBiqFcDwBBjAOBgNVHQ8BAf8EBAMCAQYw" + + "HwYDVR0jBBgwFoAUnkjp1bkQUOrkRiLgxpxwAe2GQFYwHQYDVR0OBBYEFNG9ynZD" + + "I100Zn6rtOMpKusdmrGYMA0GCSqGSIb3DQEBBQUAA4IBAQAPVSC4HEd+yCtSgL0j" + + "NI19U2hJeP28lAD7OA37bcLP7eNrvfU/2tuqY7rEn1m44fUbifewdgR8x2DzhM0m" + + "fJcA5Z12PYUb85L9z8ewGQdyHLNlMpKSTP+0lebSc/obFbteC4jjuvux60y5KVOp" + + "osXbGw2qyrS6uhZJrTDP1B+bYg/XBttG+i7Qzx0S5Tq//VU9OfAQZWpvejadKAk9" + + "WCcXq6zALiJcxsUwOHZRvvHDxkHuf5eZpPvm1gaqa+G9CtV+oysZMU1eTRasBHsB" + + "NRWYfOSXggsyqRHfIAVieB4VSsB8WhZYm8UgYoLhAQfSJ5Xq5cwBOHkVj33MxAyP" + + "c7Y5MIID/zCCAuegAwIBAgIRAOXEoBcV4gV3Z92gk5AuRgwwDQYJKoZIhvcNAQEF" + + "BQAwZjEkMCIGA1UECgwbRmluYW5zaWVsbCBJRC1UZWtuaWsgQklEIEFCMR8wHQYD" + + "VQQLDBZCYW5rSUQgTWVtYmVyIEJhbmtzIENBMR0wGwYDVQQDDBRCYW5rSUQgUm9v" + + "dCBDQSBURVNUMjAeFw0wNzEwMDExMTQ1NDlaFw0yOTA4MDExMTU4MjVaMIGVMQsw" + + "CQYDVQQGEwJTRTEzMDEGA1UECgwqTMOkbnNmw7Zyc8Oka3JpbmdhciBCYW5rIEFr" + + "dGllYm9sYWcgKHB1YmwpMRUwEwYDVQQFEwwxMTExMTExMTExMTExOjA4BgNVBAMM" + + "MUzDpG5zZsO2cnPDpGtyaW5nYXIgQmFuayBSb290IENBMSBmb3IgQmFua0lEIFRF" + + "U1QwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDBzn7IXIpyOGCCTuzL" + + "DKE/T+pFRTgFh3QgKtifZ4zxdvB2Sd5+90vUEGcGExUhzpgb9gOUrT1eE0XhdiUR" + + "YuYYpJI/nzPQWTsRtEaql7NHBPKnEauoA9oAhCT4pE5gLlqpTfkB8nAsRTI2XqpI" + + "hQ7vTvnTRx20xog21NIbz1GztV8H1kBH2eDvRX7cXGiugp6CXV/le9cB+/4TBNUN" + + "Xqupt79dM49KCoDuYr72W7Hv4BSWw3IInEN2m8T2X6UBpBGkCiGwLQy/+KOmYRK7" + + "1PSFC0rXDwOJ0HJ/8fHwx6vLMxHAQ6s/9vOW10MjgjSQlbVqH/4Pa+TlpWumSV4E" + + "l0z9AgMBAAGjeDB2MA8GA1UdEwEB/wQFMAMBAf8wEwYDVR0gBAwwCjAIBgYqhXA8" + + "AQYwDgYDVR0PAQH/BAQDAgEGMB8GA1UdIwQYMBaAFJuTMPljHcYdrRO9sEi1amb4" + + "tE3VMB0GA1UdDgQWBBSeSOnVuRBQ6uRGIuDGnHAB7YZAVjANBgkqhkiG9w0BAQUF" + + "AAOCAQEArnW/9n+G+84JOgv1Wn4tsBBS7QgJp1rdCoiNrZPx2du/7Wz3wQVNKBjL" + + "eMCyLjg0OVHuq4hpCv9MZpUqdcUW8gpp4dLDAAd1uE7xqVuG8g4Ir5qocxbZHQew" + + "fnqSJJDlEZgDeZIzod92OO+htv0MWqKWbr3Mo2Hqhn+t0+UVWsW4k44e7rUw3xQq" + + "r2VdMJv/C68BXUgqh3pplUDjWyXfreiACTT0q3HT6v6WaihKCa2WY9Kd1IkDcLHb" + + "TZk8FqMmGn72SgJw3H5Dvu7AiZijjNAUulMnMpxBEKyFTU2xRBlZZVcp50VJ2F7+" + + "siisxbcYOAX4GztLMlcyq921Ov/ipDCCA88wggK3oAMCAQICEQCmaX+5+m5bF5us" + + "CtyMq41SMA0GCSqGSIb3DQEBBQUAMGYxJDAiBgNVBAoMG0ZpbmFuc2llbGwgSUQt" + + "VGVrbmlrIEJJRCBBQjEfMB0GA1UECwwWQmFua0lEIE1lbWJlciBCYW5rcyBDQTEd" + + "MBsGA1UEAwwUQmFua0lEIFJvb3QgQ0EgVEVTVDIwHhcNMDQwODEzMDcyMDEwWhcN" + + "MjkwODEyMTIwMjQ2WjBmMSQwIgYDVQQKDBtGaW5hbnNpZWxsIElELVRla25payBC" + + "SUQgQUIxHzAdBgNVBAsMFkJhbmtJRCBNZW1iZXIgQmFua3MgQ0ExHTAbBgNVBAMM" + + "FEJhbmtJRCBSb290IENBIFRFU1QyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB" + + "CgKCAQEA25D0f1gipbACk4Bg3t6ODUlCWOU0TWeTkzAHR7IRB5T++yvsVosedMMW" + + "6KYYTbPONeJSt5kydX+wZi9nVNdlhkNULLbDKWfRY7x+B9MR1Q0Kq/e4VR0uRsak" + + "Bv5iwEYZ7cSR63HfBaPTqQsGobq+wtGH5JeTBrmCt4A3kN1UWgX32Dv/I3m7v8bK" + + "iwh4cnvAD9PIOtq6pOmAkSvLvp8jCy3qFLe9KAxm8M/ZAmnxYaRV8DVEg57FGoG6" + + "oiG3Ixx8PSVVdzpFY4kuUFLi4ueMPwjnXFiBhhWJJeOtFG3Lc2aW3zvcDbD/MsDm" + + "rSZNTmtbOOou8xuMKjlNY9PU5MHIaQIDAQABo3gwdjAPBgNVHRMBAf8EBTADAQH/" + + "MBMGA1UdIAQMMAowCAYGKoVwPAEGMA4GA1UdDwEB/wQEAwIBBjAfBgNVHSMEGDAW" + + "gBSbkzD5Yx3GHa0TvbBItWpm+LRN1TAdBgNVHQ4EFgQUm5Mw+WMdxh2tE72wSLVq" + + "Zvi0TdUwDQYJKoZIhvcNAQEFBQADggEBAIQ4ZBHWssA38pfNzH5A+H3SXpAlI8Jc" + + "LuoMVOIwwbfd1Up0xopCs+Ay41v8FZtcTMFqCVTih2nzVusTgnFBPMPJ2cnTlRue" + + "kAtVRNsiWn2/Ool/OXoYf5YnpgYu8t9jLCBCoDS5YJg714r9V9hCwfey8TCWBU80" + + "vL7EIfjK13nUxf8d49GzZlFMNqGDMjfMp1FYrHBGLZBr8br/G/7em1Cprw7iR8cw" + + "pddz+QXXFIrIz5Y9D/x1RrwoLibPw0kMrSwI2G4aCvoBySfbD6cpnJf6YHRctdSb" + + "755zhdBW7XWTl6ReUVuEt0hTFms4F60kFAi5hIbDRSN1Slv5yP2b0EA="); + + public override string Name + { + get { return "OCSP"; } + } + + private void doTestECDsa() + { + string signDN = "O=Bouncy Castle, C=AU"; + AsymmetricCipherKeyPair signKP = OcspTestUtil.MakeECKeyPair(); + X509Certificate testCert = OcspTestUtil.MakeECDsaCertificate(signKP, signDN, signKP, signDN); + + string origDN = "CN=Eric H. Echidna, E=eric@bouncycastle.org, O=Bouncy Castle, C=AU"; + GeneralName origName = new GeneralName(new X509Name(origDN)); + + // + // general id value for our test issuer cert and a serial number. + // + CertificateID id = new CertificateID(CertificateID.HashSha1, testCert, BigInteger.One); + + // + // basic request generation + // + OcspReqGenerator gen = new OcspReqGenerator(); + + gen.AddRequest(id); + + OcspReq req = gen.Generate(); + + if (req.IsSigned) + { + Fail("signed but shouldn't be"); + } + + X509Certificate[] certs = req.GetCerts(); + + if (certs != null) + { + Fail("null certs expected, but not found"); + } + + Req[] requests = req.GetRequestList(); + + if (!requests[0].GetCertID().Equals(id)) + { + Fail("Failed isFor test"); + } + + // + // request generation with signing + // + X509Certificate[] chain = new X509Certificate[1]; + + gen = new OcspReqGenerator(); + + gen.SetRequestorName(new GeneralName(GeneralName.DirectoryName, new X509Name("CN=fred"))); + + gen.AddRequest(new CertificateID(CertificateID.HashSha1, testCert, BigInteger.One)); + + chain[0] = testCert; + + req = gen.Generate("SHA1withECDSA", signKP.Private, chain); + + if (!req.IsSigned) + { + Fail("not signed but should be"); + } + + if (!req.Verify(signKP.Public)) + { + Fail("signature failed to Verify"); + } + + requests = req.GetRequestList(); + + if (!requests[0].GetCertID().Equals(id)) + { + Fail("Failed isFor test"); + } + + certs = req.GetCerts(); + + if (certs == null) + { + Fail("null certs found"); + } + + if (certs.Length != 1 || !certs[0].Equals(testCert)) + { + Fail("incorrect certs found in request"); + } + + // + // encoding test + // + byte[] reqEnc = req.GetEncoded(); + + OcspReq newReq = new OcspReq(reqEnc); + + if (!newReq.Verify(signKP.Public)) + { + Fail("newReq signature failed to Verify"); + } + + // + // request generation with signing and nonce + // + chain = new X509Certificate[1]; + + gen = new OcspReqGenerator(); + + IList oids = new ArrayList(); + IList values = new ArrayList(); + byte[] sampleNonce = new byte[16]; + Random rand = new Random(); + + rand.NextBytes(sampleNonce); + + gen.SetRequestorName(new GeneralName(GeneralName.DirectoryName, new X509Name("CN=fred"))); + + oids.Add(OcspObjectIdentifiers.PkixOcspNonce); + values.Add(new X509Extension(false, new DerOctetString(new DerOctetString(sampleNonce)))); + + gen.SetRequestExtensions(new X509Extensions(oids, values)); + + gen.AddRequest(new CertificateID(CertificateID.HashSha1, testCert, BigInteger.One)); + + chain[0] = testCert; + + req = gen.Generate("SHA1withECDSA", signKP.Private, chain); + + if (!req.IsSigned) + { + Fail("not signed but should be"); + } + + if (!req.Verify(signKP.Public)) + { + Fail("signature failed to Verify"); + } + + // + // extension check. + // + ISet extOids = req.GetCriticalExtensionOids(); + + if (extOids.Count != 0) + { + Fail("wrong number of critical extensions in OCSP request."); + } + + extOids = req.GetNonCriticalExtensionOids(); + + if (extOids.Count != 1) + { + Fail("wrong number of non-critical extensions in OCSP request."); + } + + Asn1OctetString extValue = req.GetExtensionValue(OcspObjectIdentifiers.PkixOcspNonce); + + Asn1Encodable extObj = X509ExtensionUtilities.FromExtensionValue(extValue); + + if (!(extObj is Asn1OctetString)) + { + Fail("wrong extension type found."); + } + + if (!AreEqual(((Asn1OctetString)extObj).GetOctets(), sampleNonce)) + { + Fail("wrong extension value found."); + } + + // + // request list check + // + requests = req.GetRequestList(); + + if (!requests[0].GetCertID().Equals(id)) + { + Fail("Failed isFor test"); + } + + // + // response generation + // + BasicOcspRespGenerator respGen = new BasicOcspRespGenerator(signKP.Public); + + respGen.AddResponse(id, CertificateStatus.Good); + + respGen.Generate("SHA1withECDSA", signKP.Private, chain, DateTime.UtcNow); + } + + private void doTestRsa() + { + string signDN = "O=Bouncy Castle, C=AU"; + AsymmetricCipherKeyPair signKP = OcspTestUtil.MakeKeyPair(); + X509Certificate testCert = OcspTestUtil.MakeCertificate(signKP, signDN, signKP, signDN); + + string origDN = "CN=Eric H. Echidna, E=eric@bouncycastle.org, O=Bouncy Castle, C=AU"; + GeneralName origName = new GeneralName(new X509Name(origDN)); + + // + // general id value for our test issuer cert and a serial number. + // + CertificateID id = new CertificateID(CertificateID.HashSha1, testCert, BigInteger.One); + + // + // basic request generation + // + OcspReqGenerator gen = new OcspReqGenerator(); + + gen.AddRequest( + new CertificateID(CertificateID.HashSha1, testCert, BigInteger.One)); + + OcspReq req = gen.Generate(); + + if (req.IsSigned) + { + Fail("signed but shouldn't be"); + } + + X509Certificate[] certs = req.GetCerts(); + + if (certs != null) + { + Fail("null certs expected, but not found"); + } + + Req[] requests = req.GetRequestList(); + + if (!requests[0].GetCertID().Equals(id)) + { + Fail("Failed isFor test"); + } + + // + // request generation with signing + // + X509Certificate[] chain = new X509Certificate[1]; + + gen = new OcspReqGenerator(); + + gen.SetRequestorName(new GeneralName(GeneralName.DirectoryName, new X509Name("CN=fred"))); + + gen.AddRequest( + new CertificateID(CertificateID.HashSha1, testCert, BigInteger.One)); + + chain[0] = testCert; + + req = gen.Generate("SHA1withRSA", signKP.Private, chain); + + if (!req.IsSigned) + { + Fail("not signed but should be"); + } + + if (!req.Verify(signKP.Public)) + { + Fail("signature failed to Verify"); + } + + requests = req.GetRequestList(); + + if (!requests[0].GetCertID().Equals(id)) + { + Fail("Failed isFor test"); + } + + certs = req.GetCerts(); + + if (certs == null) + { + Fail("null certs found"); + } + + if (certs.Length != 1 || !certs[0].Equals(testCert)) + { + Fail("incorrect certs found in request"); + } + + // + // encoding test + // + byte[] reqEnc = req.GetEncoded(); + + OcspReq newReq = new OcspReq(reqEnc); + + if (!newReq.Verify(signKP.Public)) + { + Fail("newReq signature failed to Verify"); + } + + // + // request generation with signing and nonce + // + chain = new X509Certificate[1]; + + gen = new OcspReqGenerator(); + + IList oids = new ArrayList(); + IList values = new ArrayList(); + byte[] sampleNonce = new byte[16]; + Random rand = new Random(); + + rand.NextBytes(sampleNonce); + + gen.SetRequestorName(new GeneralName(GeneralName.DirectoryName, new X509Name("CN=fred"))); + + oids.Add(OcspObjectIdentifiers.PkixOcspNonce); + values.Add(new X509Extension(false, new DerOctetString(new DerOctetString(sampleNonce)))); + + gen.SetRequestExtensions(new X509Extensions(oids, values)); + + gen.AddRequest( + new CertificateID(CertificateID.HashSha1, testCert, BigInteger.One)); + + chain[0] = testCert; + + req = gen.Generate("SHA1withRSA", signKP.Private, chain); + + if (!req.IsSigned) + { + Fail("not signed but should be"); + } + + if (!req.Verify(signKP.Public)) + { + Fail("signature failed to Verify"); + } + + // + // extension check. + // + ISet extOids = req.GetCriticalExtensionOids(); + + if (extOids.Count != 0) + { + Fail("wrong number of critical extensions in OCSP request."); + } + + extOids = req.GetNonCriticalExtensionOids(); + + if (extOids.Count != 1) + { + Fail("wrong number of non-critical extensions in OCSP request."); + } + + Asn1OctetString extValue = req.GetExtensionValue(OcspObjectIdentifiers.PkixOcspNonce); + + Asn1Object extObj = X509ExtensionUtilities.FromExtensionValue(extValue); + + if (!(extObj is Asn1OctetString)) + { + Fail("wrong extension type found."); + } + + if (!AreEqual(((Asn1OctetString)extObj).GetOctets(), sampleNonce)) + { + Fail("wrong extension value found."); + } + + // + // request list check + // + requests = req.GetRequestList(); + + if (!requests[0].GetCertID().Equals(id)) + { + Fail("Failed isFor test"); + } + + // + // response generation + // + BasicOcspRespGenerator respGen = new BasicOcspRespGenerator(signKP.Public); + + respGen.AddResponse(id, CertificateStatus.Good); + + BasicOcspResp resp = respGen.Generate("SHA1withRSA", signKP.Private, chain, DateTime.UtcNow); + OCSPRespGenerator rGen = new OCSPRespGenerator(); + + byte[] enc = rGen.Generate(OCSPRespGenerator.Successful, resp).GetEncoded(); + } + + private void doTestIrregularVersionReq() + { + OcspReq ocspRequest = new OcspReq(irregReq); + X509Certificate cert = ocspRequest.GetCerts()[0]; + if (!ocspRequest.Verify(cert.GetPublicKey())) + { + Fail("extra version encoding test failed"); + } + } + + public override void PerformTest() + { + string signDN = "O=Bouncy Castle, C=AU"; + AsymmetricCipherKeyPair signKP = OcspTestUtil.MakeKeyPair(); + X509Certificate testCert = OcspTestUtil.MakeCertificate(signKP, signDN, signKP, signDN); + + string origDN = "CN=Eric H. Echidna, E=eric@bouncycastle.org, O=Bouncy Castle, C=AU"; + GeneralName origName = new GeneralName(new X509Name(origDN)); + + // + // general id value for our test issuer cert and a serial number. + // + CertificateID id = new CertificateID(CertificateID.HashSha1, testCert, BigInteger.One); + + // + // basic request generation + // + OcspReqGenerator gen = new OcspReqGenerator(); + + gen.AddRequest( + new CertificateID(CertificateID.HashSha1, testCert, BigInteger.One)); + + OcspReq req = gen.Generate(); + + if (req.IsSigned) + { + Fail("signed but shouldn't be"); + } + + X509Certificate[] certs = req.GetCerts(); + + if (certs != null) + { + Fail("null certs expected, but not found"); + } + + Req[] requests = req.GetRequestList(); + + if (!requests[0].GetCertID().Equals(id)) + { + Fail("Failed isFor test"); + } + + // + // request generation with signing + // + X509Certificate[] chain = new X509Certificate[1]; + + gen = new OcspReqGenerator(); + + gen.SetRequestorName(new GeneralName(GeneralName.DirectoryName, new X509Name("CN=fred"))); + + gen.AddRequest( + new CertificateID(CertificateID.HashSha1, testCert, BigInteger.One)); + + chain[0] = testCert; + + req = gen.Generate("SHA1withRSA", signKP.Private, chain); + + if (!req.IsSigned) + { + Fail("not signed but should be"); + } + + if (!req.Verify(signKP.Public)) + { + Fail("signature failed to Verify"); + } + + requests = req.GetRequestList(); + + if (!requests[0].GetCertID().Equals(id)) + { + Fail("Failed isFor test"); + } + + certs = req.GetCerts(); + + if (certs == null) + { + Fail("null certs found"); + } + + if (certs.Length != 1 || !testCert.Equals(certs[0])) + { + Fail("incorrect certs found in request"); + } + + // + // encoding test + // + byte[] reqEnc = req.GetEncoded(); + + OcspReq newReq = new OcspReq(reqEnc); + + if (!newReq.Verify(signKP.Public)) + { + Fail("newReq signature failed to Verify"); + } + + // + // request generation with signing and nonce + // + chain = new X509Certificate[1]; + + gen = new OcspReqGenerator(); + + IList oids = new ArrayList(); + IList values = new ArrayList(); + byte[] sampleNonce = new byte[16]; + Random rand = new Random(); + + rand.NextBytes(sampleNonce); + + gen.SetRequestorName(new GeneralName(GeneralName.DirectoryName, new X509Name("CN=fred"))); + + oids.Add(OcspObjectIdentifiers.PkixOcspNonce); + values.Add(new X509Extension(false, new DerOctetString(new DerOctetString(sampleNonce)))); + + gen.SetRequestExtensions(new X509Extensions(oids, values)); + + gen.AddRequest( + new CertificateID(CertificateID.HashSha1, testCert, BigInteger.One)); + + chain[0] = testCert; + + req = gen.Generate("SHA1withRSA", signKP.Private, chain); + + if (!req.IsSigned) + { + Fail("not signed but should be"); + } + + if (!req.Verify(signKP.Public)) + { + Fail("signature failed to Verify"); + } + + // + // extension check. + // + ISet extOids = req.GetCriticalExtensionOids(); + + if (extOids.Count != 0) + { + Fail("wrong number of critical extensions in OCSP request."); + } + + extOids = req.GetNonCriticalExtensionOids(); + + if (extOids.Count != 1) + { + Fail("wrong number of non-critical extensions in OCSP request."); + } + + Asn1OctetString extValue = req.GetExtensionValue(OcspObjectIdentifiers.PkixOcspNonce); + Asn1Object extObj = X509ExtensionUtilities.FromExtensionValue(extValue); + + if (!(extObj is Asn1OctetString)) + { + Fail("wrong extension type found."); + } + + byte[] compareNonce = ((Asn1OctetString) extObj).GetOctets(); + + if (!AreEqual(compareNonce, sampleNonce)) + { + Fail("wrong extension value found."); + } + + // + // request list check + // + requests = req.GetRequestList(); + + if (!requests[0].GetCertID().Equals(id)) + { + Fail("Failed isFor test"); + } + + // + // response parsing - test 1 + // + OcspResp response = new OcspResp(testResp1); + + if (response.Status != 0) + { + Fail("response status not zero."); + } + + BasicOcspResp brep = (BasicOcspResp) response.GetResponseObject(); + chain = brep.GetCerts(); + + if (!brep.Verify(chain[0].GetPublicKey())) + { + Fail("response 1 failed to Verify."); + } + + // + // test 2 + // + SingleResp[] singleResp = brep.Responses; + + response = new OcspResp(testResp2); + + if (response.Status != 0) + { + Fail("response status not zero."); + } + + brep = (BasicOcspResp)response.GetResponseObject(); + chain = brep.GetCerts(); + + if (!brep.Verify(chain[0].GetPublicKey())) + { + Fail("response 2 failed to Verify."); + } + + singleResp = brep.Responses; + + // + // simple response generation + // + OCSPRespGenerator respGen = new OCSPRespGenerator(); + OcspResp resp = respGen.Generate(OCSPRespGenerator.Successful, response.GetResponseObject()); + + if (!resp.GetResponseObject().Equals(response.GetResponseObject())) + { + Fail("response fails to match"); + } + + doTestECDsa(); + doTestRsa(); + doTestIrregularVersionReq(); + } + + public static void Main( + string[] args) + { + RunTest(new OcspTest()); + } + + [Test] + public void TestFunction() + { + string resultText = Perform().ToString(); + + Assert.AreEqual(Name + ": Okay", resultText); + } + } +} diff --git a/BouncyCastle/crypto/test/src/ocsp/test/OCSPTestUtil.cs b/BouncyCastle/crypto/test/src/ocsp/test/OCSPTestUtil.cs new file mode 100644 index 0000000..53b8f5b --- /dev/null +++ b/BouncyCastle/crypto/test/src/ocsp/test/OCSPTestUtil.cs @@ -0,0 +1,147 @@ +using System; + +using Org.BouncyCastle.Asn1; +using Org.BouncyCastle.Asn1.X509; +using Org.BouncyCastle.Asn1.X9; +using Org.BouncyCastle.Crypto; +using Org.BouncyCastle.Crypto.Generators; +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Math; +using Org.BouncyCastle.Security; +using Org.BouncyCastle.X509; + +namespace Org.BouncyCastle.Ocsp.Tests +{ + public class OcspTestUtil + { + public static SecureRandom rand; + public static IAsymmetricCipherKeyPairGenerator kpg, ecKpg; + public static CipherKeyGenerator desede128kg; + public static CipherKeyGenerator desede192kg; + public static CipherKeyGenerator rc240kg; + public static CipherKeyGenerator rc264kg; + public static CipherKeyGenerator rc2128kg; + public static BigInteger serialNumber; + + public static readonly bool Debug = true; + + static OcspTestUtil() + { + rand = new SecureRandom(); + +// kpg = KeyPairGenerator.GetInstance("RSA"); +// kpg.initialize(1024, rand); + kpg = GeneratorUtilities.GetKeyPairGenerator("RSA"); + kpg.Init(new RsaKeyGenerationParameters( + BigInteger.ValueOf(0x10001), rand, 1024, 25)); + + serialNumber = BigInteger.One; + + ecKpg = GeneratorUtilities.GetKeyPairGenerator("ECDSA"); + ecKpg.Init(new KeyGenerationParameters(rand, 192)); + } + + public static AsymmetricCipherKeyPair MakeKeyPair() + { + return kpg.GenerateKeyPair(); + } + + public static AsymmetricCipherKeyPair MakeECKeyPair() + { + return ecKpg.GenerateKeyPair(); + } + + public static X509Certificate MakeCertificate(AsymmetricCipherKeyPair _subKP, + string _subDN, AsymmetricCipherKeyPair _issKP, string _issDN) + { + return MakeCertificate(_subKP, _subDN, _issKP, _issDN, false); + } + + public static X509Certificate MakeECDsaCertificate(AsymmetricCipherKeyPair _subKP, + string _subDN, AsymmetricCipherKeyPair _issKP, string _issDN) + { + return MakeECDsaCertificate(_subKP, _subDN, _issKP, _issDN, false); + } + + public static X509Certificate MakeCACertificate(AsymmetricCipherKeyPair _subKP, + string _subDN, AsymmetricCipherKeyPair _issKP, string _issDN) + { + + return MakeCertificate(_subKP, _subDN, _issKP, _issDN, true); + } + + public static X509Certificate MakeCertificate(AsymmetricCipherKeyPair _subKP, + string _subDN, AsymmetricCipherKeyPair _issKP, string _issDN, bool _ca) + { + return MakeCertificate(_subKP,_subDN, _issKP, _issDN, "MD5withRSA", _ca); + } + + public static X509Certificate MakeECDsaCertificate(AsymmetricCipherKeyPair _subKP, + string _subDN, AsymmetricCipherKeyPair _issKP, string _issDN, bool _ca) + { + return MakeCertificate(_subKP,_subDN, _issKP, _issDN, "SHA1WithECDSA", _ca); + } + + public static X509Certificate MakeCertificate(AsymmetricCipherKeyPair _subKP, + string _subDN, AsymmetricCipherKeyPair _issKP, string _issDN, string algorithm, bool _ca) + { + AsymmetricKeyParameter _subPub = _subKP.Public; + AsymmetricKeyParameter _issPriv = _issKP.Private; + AsymmetricKeyParameter _issPub = _issKP.Public; + + X509V3CertificateGenerator _v3CertGen = new X509V3CertificateGenerator(); + + _v3CertGen.Reset(); + _v3CertGen.SetSerialNumber(allocateSerialNumber()); + _v3CertGen.SetIssuerDN(new X509Name(_issDN)); + _v3CertGen.SetNotBefore(DateTime.UtcNow); + _v3CertGen.SetNotAfter(DateTime.UtcNow.AddDays(100)); + _v3CertGen.SetSubjectDN(new X509Name(_subDN)); + _v3CertGen.SetPublicKey(_subPub); + _v3CertGen.SetSignatureAlgorithm(algorithm); + + _v3CertGen.AddExtension(X509Extensions.SubjectKeyIdentifier, false, + createSubjectKeyId(_subPub)); + + _v3CertGen.AddExtension(X509Extensions.AuthorityKeyIdentifier, false, + createAuthorityKeyId(_issPub)); + + _v3CertGen.AddExtension(X509Extensions.BasicConstraints, false, + new BasicConstraints(_ca)); + + X509Certificate _cert = _v3CertGen.Generate(_issPriv); + + _cert.CheckValidity(DateTime.UtcNow); + _cert.Verify(_issPub); + + return _cert; + } + + /* + * + * INTERNAL METHODS + * + */ + + private static AuthorityKeyIdentifier createAuthorityKeyId( + AsymmetricKeyParameter _pubKey) + { + SubjectPublicKeyInfo _info = SubjectPublicKeyInfoFactory.CreateSubjectPublicKeyInfo(_pubKey); + return new AuthorityKeyIdentifier(_info); + } + + private static SubjectKeyIdentifier createSubjectKeyId( + AsymmetricKeyParameter _pubKey) + { + SubjectPublicKeyInfo _info = SubjectPublicKeyInfoFactory.CreateSubjectPublicKeyInfo(_pubKey); + return new SubjectKeyIdentifier(_info); + } + + private static BigInteger allocateSerialNumber() + { + BigInteger _tmp = serialNumber; + serialNumber = serialNumber.Add(BigInteger.One); + return _tmp; + } + } +} diff --git a/BouncyCastle/crypto/test/src/openpgp/examples/ByteArrayHandler.cs b/BouncyCastle/crypto/test/src/openpgp/examples/ByteArrayHandler.cs new file mode 100644 index 0000000..b5098ff --- /dev/null +++ b/BouncyCastle/crypto/test/src/openpgp/examples/ByteArrayHandler.cs @@ -0,0 +1,195 @@ +using System; +using System.Collections; +using System.IO; +using System.Text; + +using Org.BouncyCastle.Bcpg.OpenPgp; +using Org.BouncyCastle.Security; +using Org.BouncyCastle.Utilities.Encoders; +using Org.BouncyCastle.Utilities.IO; + +namespace Org.BouncyCastle.Bcpg.OpenPgp.Examples +{ + /** + * Simple routine to encrypt and decrypt using a passphrase. + * This service routine provides the basic PGP services between + * byte arrays. + * + * Note: this code plays no attention to -Console in the file name + * the specification of "_CONSOLE" in the filename. + * It also expects that a single pass phrase will have been used. + * + */ + public sealed class ByteArrayHandler + { + private ByteArrayHandler() + { + } + + /** + * decrypt the passed in message stream + * + * @param encrypted The message to be decrypted. + * @param passPhrase Pass phrase (key) + * + * @return Clear text as a byte array. I18N considerations are + * not handled by this routine + * @exception IOException + * @exception PgpException + */ + public static byte[] Decrypt( + byte[] encrypted, + char[] passPhrase) + { + Stream inputStream = new MemoryStream(encrypted); + + inputStream = PgpUtilities.GetDecoderStream(inputStream); + + PgpObjectFactory pgpF = new PgpObjectFactory(inputStream); + PgpEncryptedDataList enc = null; + PgpObject o = pgpF.NextPgpObject(); + + // + // the first object might be a PGP marker packet. + // + if (o is PgpEncryptedDataList) + { + enc = (PgpEncryptedDataList) o; + } + else + { + enc = (PgpEncryptedDataList) pgpF.NextPgpObject(); + } + + PgpPbeEncryptedData pbe = (PgpPbeEncryptedData)enc[0]; + + Stream clear = pbe.GetDataStream(passPhrase); + + PgpObjectFactory pgpFact = new PgpObjectFactory(clear); + + PgpCompressedData cData = (PgpCompressedData) pgpFact.NextPgpObject(); + + pgpFact = new PgpObjectFactory(cData.GetDataStream()); + + PgpLiteralData ld = (PgpLiteralData) pgpFact.NextPgpObject(); + + Stream unc = ld.GetInputStream(); + + return Streams.ReadAll(unc); + } + + /** + * Simple PGP encryptor between byte[]. + * + * @param clearData The test to be encrypted + * @param passPhrase The pass phrase (key). This method assumes that the + * key is a simple pass phrase, and does not yet support + * RSA or more sophisiticated keying. + * @param fileName File name. This is used in the Literal Data Packet (tag 11) + * which is really inly important if the data is to be + * related to a file to be recovered later. Because this + * routine does not know the source of the information, the + * caller can set something here for file name use that + * will be carried. If this routine is being used to + * encrypt SOAP MIME bodies, for example, use the file name from the + * MIME type, if applicable. Or anything else appropriate. + * + * @param armor + * + * @return encrypted data. + * @exception IOException + * @exception PgpException + */ + public static byte[] Encrypt( + byte[] clearData, + char[] passPhrase, + string fileName, + SymmetricKeyAlgorithmTag algorithm, + bool armor) + { + if (fileName == null) + { + fileName = PgpLiteralData.Console; + } + + byte[] compressedData = Compress(clearData, fileName, CompressionAlgorithmTag.Zip); + + MemoryStream bOut = new MemoryStream(); + + Stream output = bOut; + if (armor) + { + output = new ArmoredOutputStream(output); + } + + PgpEncryptedDataGenerator encGen = new PgpEncryptedDataGenerator(algorithm, new SecureRandom()); + encGen.AddMethod(passPhrase, HashAlgorithmTag.Sha1); + + Stream encOut = encGen.Open(output, compressedData.Length); + + encOut.Write(compressedData, 0, compressedData.Length); + encOut.Close(); + + if (armor) + { + output.Close(); + } + + return bOut.ToArray(); + } + + private static byte[] Compress(byte[] clearData, string fileName, CompressionAlgorithmTag algorithm) + { + MemoryStream bOut = new MemoryStream(); + + PgpCompressedDataGenerator comData = new PgpCompressedDataGenerator(algorithm); + Stream cos = comData.Open(bOut); // open it with the final destination + PgpLiteralDataGenerator lData = new PgpLiteralDataGenerator(); + + // we want to Generate compressed data. This might be a user option later, + // in which case we would pass in bOut. + Stream pOut = lData.Open( + cos, // the compressed output stream + PgpLiteralData.Binary, + fileName, // "filename" to store + clearData.Length, // length of clear data + DateTime.UtcNow // current time + ); + + pOut.Write(clearData, 0, clearData.Length); + pOut.Close(); + + comData.Close(); + + return bOut.ToArray(); + } + + private static string GetAsciiString(byte[] bs) + { + return Encoding.ASCII.GetString(bs, 0, bs.Length); + } + + public static void Main( + string[] args) + { + string passPhrase = "Dick Beck"; + char[] passArray = passPhrase.ToCharArray(); + + byte[] original = Encoding.ASCII.GetBytes("Hello world"); + Console.WriteLine("Starting PGP test"); + byte[] encrypted = Encrypt(original, passArray, "iway", SymmetricKeyAlgorithmTag.Cast5, true); + + Console.WriteLine("\nencrypted data = '"+Hex.ToHexString(encrypted)+"'"); + byte[] decrypted= Decrypt(encrypted,passArray); + + Console.WriteLine("\ndecrypted data = '"+GetAsciiString(decrypted)+"'"); + + encrypted = Encrypt(original, passArray, "iway", SymmetricKeyAlgorithmTag.Aes256, false); + + Console.WriteLine("\nencrypted data = '"+Hex.ToHexString(encrypted)+"'"); + decrypted= Decrypt(encrypted, passArray); + + Console.WriteLine("\ndecrypted data = '"+GetAsciiString(decrypted)+"'"); + } + } +} diff --git a/BouncyCastle/crypto/test/src/openpgp/examples/ClearSignedFileProcessor.cs b/BouncyCastle/crypto/test/src/openpgp/examples/ClearSignedFileProcessor.cs new file mode 100644 index 0000000..6a12f90 --- /dev/null +++ b/BouncyCastle/crypto/test/src/openpgp/examples/ClearSignedFileProcessor.cs @@ -0,0 +1,385 @@ +using System; +using System.Collections; +using System.IO; +using System.Text; + +using Org.BouncyCastle.Bcpg.OpenPgp; +using Org.BouncyCastle.Utilities.Test; + +namespace Org.BouncyCastle.Bcpg.OpenPgp.Examples +{ + /** + * A simple utility class that creates clear signed files and verifies them. + *

    + * To sign a file: ClearSignedFileProcessor -s fileName secretKey passPhrase. + *

    + *

    + * To decrypt: ClearSignedFileProcessor -v signatureFile publicKeyFile. + *

    + */ + public sealed class ClearSignedFileProcessor + { + private ClearSignedFileProcessor() + { + } + + private static int ReadInputLine( + MemoryStream bOut, + Stream fIn) + { + bOut.SetLength(0); + + int lookAhead = -1; + int ch; + + while ((ch = fIn.ReadByte()) >= 0) + { + bOut.WriteByte((byte) ch); + if (ch == '\r' || ch == '\n') + { + lookAhead = ReadPassedEol(bOut, ch, fIn); + break; + } + } + + return lookAhead; + } + + private static int ReadInputLine( + MemoryStream bOut, + int lookAhead, + Stream fIn) + { + bOut.SetLength(0); + + int ch = lookAhead; + + do + { + bOut.WriteByte((byte) ch); + if (ch == '\r' || ch == '\n') + { + lookAhead = ReadPassedEol(bOut, ch, fIn); + break; + } + } + while ((ch = fIn.ReadByte()) >= 0); + + if (ch < 0) + { + lookAhead = -1; + } + + return lookAhead; + } + + private static int ReadPassedEol( + MemoryStream bOut, + int lastCh, + Stream fIn) + { + int lookAhead = fIn.ReadByte(); + + if (lastCh == '\r' && lookAhead == '\n') + { + bOut.WriteByte((byte) lookAhead); + lookAhead = fIn.ReadByte(); + } + + return lookAhead; + } + + /* + * verify a clear text signed file + */ + private static void VerifyFile( + Stream inputStream, + Stream keyIn, + string resultName) + { + ArmoredInputStream aIn = new ArmoredInputStream(inputStream); + Stream outStr = File.Create(resultName); + + // + // write out signed section using the local line separator. + // note: trailing white space needs to be removed from the end of + // each line RFC 4880 Section 7.1 + // + MemoryStream lineOut = new MemoryStream(); + int lookAhead = ReadInputLine(lineOut, aIn); + byte[] lineSep = LineSeparator; + + if (lookAhead != -1 && aIn.IsClearText()) + { + byte[] line = lineOut.ToArray(); + outStr.Write(line, 0, GetLengthWithoutSeparatorOrTrailingWhitespace(line)); + outStr.Write(lineSep, 0, lineSep.Length); + + while (lookAhead != -1 && aIn.IsClearText()) + { + lookAhead = ReadInputLine(lineOut, lookAhead, aIn); + + line = lineOut.ToArray(); + outStr.Write(line, 0, GetLengthWithoutSeparatorOrTrailingWhitespace(line)); + outStr.Write(lineSep, 0, lineSep.Length); + } + } + else + { + // a single line file + if (lookAhead != -1) + { + byte[] line = lineOut.ToArray(); + outStr.Write(line, 0, GetLengthWithoutSeparatorOrTrailingWhitespace(line)); + outStr.Write(lineSep, 0, lineSep.Length); + } + } + + outStr.Close(); + + PgpPublicKeyRingBundle pgpRings = new PgpPublicKeyRingBundle(keyIn); + + PgpObjectFactory pgpFact = new PgpObjectFactory(aIn); + PgpSignatureList p3 = (PgpSignatureList) pgpFact.NextPgpObject(); + PgpSignature sig = p3[0]; + + sig.InitVerify(pgpRings.GetPublicKey(sig.KeyId)); + + // + // read the input, making sure we ignore the last newline. + // + Stream sigIn = File.OpenRead(resultName); + + lookAhead = ReadInputLine(lineOut, sigIn); + + ProcessLine(sig, lineOut.ToArray()); + + if (lookAhead != -1) + { + do + { + lookAhead = ReadInputLine(lineOut, lookAhead, sigIn); + + sig.Update((byte) '\r'); + sig.Update((byte) '\n'); + + ProcessLine(sig, lineOut.ToArray()); + } + while (lookAhead != -1); + } + + sigIn.Close(); + + if (sig.Verify()) + { + Console.WriteLine("signature verified."); + } + else + { + Console.WriteLine("signature verification failed."); + } + } + + private static byte[] LineSeparator + { + get { return Encoding.ASCII.GetBytes(SimpleTest.NewLine); } + } + + /* + * create a clear text signed file. + */ + private static void SignFile( + string fileName, + Stream keyIn, + Stream outputStream, + char[] pass, + string digestName) + { + HashAlgorithmTag digest; + + if (digestName.Equals("SHA256")) + { + digest = HashAlgorithmTag.Sha256; + } + else if (digestName.Equals("SHA384")) + { + digest = HashAlgorithmTag.Sha384; + } + else if (digestName.Equals("SHA512")) + { + digest = HashAlgorithmTag.Sha512; + } + else if (digestName.Equals("MD5")) + { + digest = HashAlgorithmTag.MD5; + } + else if (digestName.Equals("RIPEMD160")) + { + digest = HashAlgorithmTag.RipeMD160; + } + else + { + digest = HashAlgorithmTag.Sha1; + } + + PgpSecretKey pgpSecKey = PgpExampleUtilities.ReadSecretKey(keyIn); + PgpPrivateKey pgpPrivKey = pgpSecKey.ExtractPrivateKey(pass); + PgpSignatureGenerator sGen = new PgpSignatureGenerator(pgpSecKey.PublicKey.Algorithm, digest); + PgpSignatureSubpacketGenerator spGen = new PgpSignatureSubpacketGenerator(); + + sGen.InitSign(PgpSignature.CanonicalTextDocument, pgpPrivKey); + + IEnumerator enumerator = pgpSecKey.PublicKey.GetUserIds().GetEnumerator(); + if (enumerator.MoveNext()) + { + spGen.SetSignerUserId(false, (string) enumerator.Current); + sGen.SetHashedSubpackets(spGen.Generate()); + } + + Stream fIn = File.OpenRead(fileName); + ArmoredOutputStream aOut = new ArmoredOutputStream(outputStream); + + aOut.BeginClearText(digest); + + // + // note the last \n/\r/\r\n in the file is ignored + // + MemoryStream lineOut = new MemoryStream(); + int lookAhead = ReadInputLine(lineOut, fIn); + + ProcessLine(aOut, sGen, lineOut.ToArray()); + + if (lookAhead != -1) + { + do + { + lookAhead = ReadInputLine(lineOut, lookAhead, fIn); + + sGen.Update((byte) '\r'); + sGen.Update((byte) '\n'); + + ProcessLine(aOut, sGen, lineOut.ToArray()); + } + while (lookAhead != -1); + } + + fIn.Close(); + + aOut.EndClearText(); + + BcpgOutputStream bOut = new BcpgOutputStream(aOut); + + sGen.Generate().Encode(bOut); + + aOut.Close(); + } + + private static void ProcessLine( + PgpSignature sig, + byte[] line) + { + // note: trailing white space needs to be removed from the end of + // each line for signature calculation RFC 4880 Section 7.1 + int length = GetLengthWithoutWhiteSpace(line); + if (length > 0) + { + sig.Update(line, 0, length); + } + } + + private static void ProcessLine( + Stream aOut, + PgpSignatureGenerator sGen, + byte[] line) + { + int length = GetLengthWithoutWhiteSpace(line); + if (length > 0) + { + sGen.Update(line, 0, length); + } + + aOut.Write(line, 0, line.Length); + } + + private static int GetLengthWithoutSeparatorOrTrailingWhitespace(byte[] line) + { + int end = line.Length - 1; + + while (end >= 0 && IsWhiteSpace(line[end])) + { + end--; + } + + return end + 1; + } + + private static bool IsLineEnding( + byte b) + { + return b == '\r' || b == '\n'; + } + + private static int GetLengthWithoutWhiteSpace( + byte[] line) + { + int end = line.Length - 1; + + while (end >= 0 && IsWhiteSpace(line[end])) + { + end--; + } + + return end + 1; + } + + private static bool IsWhiteSpace( + byte b) + { + return IsLineEnding(b) || b == '\t' || b == ' '; + } + + public static int Main( + string[] args) + { + if (args[0].Equals("-s")) + { + Stream fis = File.OpenRead(args[2]); + Stream fos = File.Create(args[1] + ".asc"); + + Stream keyIn = PgpUtilities.GetDecoderStream(fis); + + string digestName = (args.Length == 4) + ? "SHA1" + : args[4]; + + SignFile(args[1], keyIn, fos, args[3].ToCharArray(), digestName); + + fis.Close(); + fos.Close(); + } + else if (args[0].Equals("-v")) + { + if (args[1].IndexOf(".asc") < 0) + { + Console.Error.WriteLine("file needs to end in \".asc\""); + return 1; + } + + Stream fin = File.OpenRead(args[1]); + Stream fis = File.OpenRead(args[2]); + + Stream keyIn = PgpUtilities.GetDecoderStream(fis); + + VerifyFile(fin, keyIn, args[1].Substring(0, args[1].Length - 4)); + + fin.Close(); + fis.Close(); + } + else + { + Console.Error.WriteLine("usage: ClearSignedFileProcessor [-s file keyfile passPhrase]|[-v sigFile keyFile]"); + } + return 0; + } + } +} diff --git a/BouncyCastle/crypto/test/src/openpgp/examples/DetachedSignatureProcessor.cs b/BouncyCastle/crypto/test/src/openpgp/examples/DetachedSignatureProcessor.cs new file mode 100644 index 0000000..c495984 --- /dev/null +++ b/BouncyCastle/crypto/test/src/openpgp/examples/DetachedSignatureProcessor.cs @@ -0,0 +1,167 @@ +using System; +using System.Collections; +using System.IO; + + +using Org.BouncyCastle.Bcpg.OpenPgp; + +namespace Org.BouncyCastle.Bcpg.OpenPgp.Examples +{ + /** + * A simple utility class that creates seperate signatures for files and verifies them. + *

    + * To sign a file: DetachedSignatureProcessor -s [-a] fileName secretKey passPhrase.
    + * If -a is specified the output file will be "ascii-armored".

    + *

    + * To decrypt: DetachedSignatureProcessor -v fileName signatureFile publicKeyFile.

    + *

    + * Note: this example will silently overwrite files. + * It also expects that a single pass phrase + * will have been used.

    + */ + public sealed class DetachedSignatureProcessor + { + private DetachedSignatureProcessor() + { + } + + private static void VerifySignature( + string fileName, + string inputFileName, + string keyFileName) + { + using (Stream input = File.OpenRead(inputFileName), + keyIn = File.OpenRead(keyFileName)) + { + VerifySignature(fileName, input, keyIn); + } + } + + /** + * verify the signature in in against the file fileName. + */ + private static void VerifySignature( + string fileName, + Stream inputStream, + Stream keyIn) + { + inputStream = PgpUtilities.GetDecoderStream(inputStream); + + PgpObjectFactory pgpFact = new PgpObjectFactory(inputStream); + PgpSignatureList p3 = null; + PgpObject o = pgpFact.NextPgpObject(); + if (o is PgpCompressedData) + { + PgpCompressedData c1 = (PgpCompressedData)o; + pgpFact = new PgpObjectFactory(c1.GetDataStream()); + + p3 = (PgpSignatureList)pgpFact.NextPgpObject(); + } + else + { + p3 = (PgpSignatureList)o; + } + + PgpPublicKeyRingBundle pgpPubRingCollection = new PgpPublicKeyRingBundle( + PgpUtilities.GetDecoderStream(keyIn)); + Stream dIn = File.OpenRead(fileName); + PgpSignature sig = p3[0]; + PgpPublicKey key = pgpPubRingCollection.GetPublicKey(sig.KeyId); + sig.InitVerify(key); + + int ch; + while ((ch = dIn.ReadByte()) >= 0) + { + sig.Update((byte)ch); + } + + dIn.Close(); + + if (sig.Verify()) + { + Console.WriteLine("signature verified."); + } + else + { + Console.WriteLine("signature verification failed."); + } + } + + private static void CreateSignature( + string inputFileName, + string keyFileName, + string outputFileName, + char[] pass, + bool armor) + { + using (Stream keyIn = File.OpenRead(keyFileName), + output = File.OpenRead(outputFileName)) + { + CreateSignature(inputFileName, keyIn, output, pass, armor); + } + } + + private static void CreateSignature( + string fileName, + Stream keyIn, + Stream outputStream, + char[] pass, + bool armor) + { + if (armor) + { + outputStream = new ArmoredOutputStream(outputStream); + } + + PgpSecretKey pgpSec = PgpExampleUtilities.ReadSecretKey(keyIn); + PgpPrivateKey pgpPrivKey = pgpSec.ExtractPrivateKey(pass); + PgpSignatureGenerator sGen = new PgpSignatureGenerator( + pgpSec.PublicKey.Algorithm, HashAlgorithmTag.Sha1); + + sGen.InitSign(PgpSignature.BinaryDocument, pgpPrivKey); + + BcpgOutputStream bOut = new BcpgOutputStream(outputStream); + + Stream fIn = File.OpenRead(fileName); + + int ch; + while ((ch = fIn.ReadByte()) >= 0) + { + sGen.Update((byte)ch); + } + + fIn.Close(); + + sGen.Generate().Encode(bOut); + + if (armor) + { + outputStream.Close(); + } + } + + public static void Main( + string[] args) + { + if (args[0].Equals("-s")) + { + if (args[1].Equals("-a")) + { + CreateSignature(args[2], args[3], args[2] + ".asc", args[4].ToCharArray(), true); + } + else + { + CreateSignature(args[1], args[2], args[1] + ".bpg", args[3].ToCharArray(), false); + } + } + else if (args[0].Equals("-v")) + { + VerifySignature(args[1], args[2], args[3]); + } + else + { + Console.Error.WriteLine("usage: DetachedSignatureProcessor [-s [-a] file keyfile passPhrase]|[-v file sigFile keyFile]"); + } + } + } +} diff --git a/BouncyCastle/crypto/test/src/openpgp/examples/DirectKeySignature.cs b/BouncyCastle/crypto/test/src/openpgp/examples/DirectKeySignature.cs new file mode 100644 index 0000000..3926a78 --- /dev/null +++ b/BouncyCastle/crypto/test/src/openpgp/examples/DirectKeySignature.cs @@ -0,0 +1,140 @@ +using System; +using System.IO; + +using Org.BouncyCastle.Bcpg; +using Org.BouncyCastle.Bcpg.Sig; + +namespace Org.BouncyCastle.Bcpg.OpenPgp.Examples +{ + /** + * A simple utility class that directly signs a public key and writes the signed key to "SignedKey.asc" in + * the current working directory. + *

    + * To sign a key: DirectKeySignature secretKeyFile secretKeyPass publicKeyFile(key to be signed) NotationName NotationValue.
    + *

    + * To display a NotationData packet from a publicKey previously signed: DirectKeySignature signedPublicKeyFile.
    + *

    + * Note: this example will silently overwrite files, nor does it pay any attention to + * the specification of "_CONSOLE" in the filename. It also expects that a single pass phrase + * will have been used. + *

    + */ + public class DirectKeySignature + { + public static void Main( + string[] args) + { + if (args.Length == 1) + { + Stream fis = File.OpenRead(args[0]); + + PgpPublicKeyRing ring = new PgpPublicKeyRing( + PgpUtilities.GetDecoderStream(fis)); + PgpPublicKey key = ring.GetPublicKey(); + + // iterate through all direct key signautures and look for NotationData subpackets + foreach (PgpSignature sig in key.GetSignaturesOfType(PgpSignature.DirectKey)) + { + Console.WriteLine("Signature date is: " + + sig.GetHashedSubPackets().GetSignatureCreationTime()); + + NotationData[] data = sig.GetHashedSubPackets().GetNotationDataOccurrences(); + + for (int i = 0; i < data.Length; i++) + { + Console.WriteLine("Found Notation named '" + data[i].GetNotationName() + +"' with content '" + data[i].GetNotationValue() + "'."); + } + } + + fis.Close(); + } + else if (args.Length == 5) + { + Stream secFis = File.OpenRead(args[0]); + Stream pubFis = File.OpenRead(args[2]); + + // gather command line arguments + PgpSecretKeyRing secRing = new PgpSecretKeyRing( + PgpUtilities.GetDecoderStream(secFis)); + String secretKeyPass = args[1]; + PgpPublicKeyRing ring = new PgpPublicKeyRing( + PgpUtilities.GetDecoderStream(pubFis)); + String notationName = args[3]; + String notationValue = args[4]; + + // create the signed keyRing + PgpPublicKeyRing sRing = null; + sRing = new PgpPublicKeyRing( + new MemoryStream( + SignPublicKey(secRing.GetSecretKey(), secretKeyPass, + ring.GetPublicKey(), notationName, notationValue, true), + false)); + ring = sRing; + + secFis.Close(); + pubFis.Close(); + + Stream fos = File.Create("SignedKey.asc"); + + // write the created keyRing to file + ArmoredOutputStream aOut = new ArmoredOutputStream(fos); + sRing.Encode(aOut); + aOut.Close(); + + // Note: ArmoredOutputStream.Close() leaves underlying stream open + fos.Close(); + } + else + { + Console.Error.WriteLine("usage: DirectKeySignature secretKeyFile secretKeyPass publicKeyFile(key to be signed) NotationName NotationValue"); + Console.Error.WriteLine("or: DirectKeySignature signedPublicKeyFile"); + } + } + + private static byte[] SignPublicKey( + PgpSecretKey secretKey, + string secretKeyPass, + PgpPublicKey keyToBeSigned, + string notationName, + string notationValue, + bool armor) + { + Stream os = new MemoryStream(); + if (armor) + { + os = new ArmoredOutputStream(os); + } + + PgpPrivateKey pgpPrivKey = secretKey.ExtractPrivateKey( + secretKeyPass.ToCharArray()); + + PgpSignatureGenerator sGen = new PgpSignatureGenerator( + secretKey.PublicKey.Algorithm, HashAlgorithmTag.Sha1); + + sGen.InitSign(PgpSignature.DirectKey, pgpPrivKey); + + BcpgOutputStream bOut = new BcpgOutputStream(os); + + sGen.GenerateOnePassVersion(false).Encode(bOut); + + PgpSignatureSubpacketGenerator spGen = new PgpSignatureSubpacketGenerator(); + + bool isHumanReadable = true; + + spGen.SetNotationData(true, isHumanReadable, notationName, notationValue); + + PgpSignatureSubpacketVector packetVector = spGen.Generate(); + sGen.SetHashedSubpackets(packetVector); + + bOut.Flush(); + + if (armor) + { + os.Close(); + } + + return PgpPublicKey.AddCertification(keyToBeSigned, sGen.Generate()).GetEncoded(); + } + } +} diff --git a/BouncyCastle/crypto/test/src/openpgp/examples/DsaElGamalKeyRingGenerator.cs b/BouncyCastle/crypto/test/src/openpgp/examples/DsaElGamalKeyRingGenerator.cs new file mode 100644 index 0000000..6040351 --- /dev/null +++ b/BouncyCastle/crypto/test/src/openpgp/examples/DsaElGamalKeyRingGenerator.cs @@ -0,0 +1,134 @@ +using System; +using System.IO; + +using Org.BouncyCastle.Crypto; +using Org.BouncyCastle.Crypto.Generators; +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Math; +using Org.BouncyCastle.Bcpg.OpenPgp; +using Org.BouncyCastle.Security; + +namespace Org.BouncyCastle.Bcpg.OpenPgp.Examples +{ + /** + * A simple utility class that Generates a public/secret keyring containing a DSA signing + * key and an El Gamal key for encryption. + *

    + * usage: DSAElGamalKeyRingGenerator [-a] identity passPhrase

    + *

    + * Where identity is the name to be associated with the public key. The keys are placed + * in the files pub.[asc|bpg] and secret.[asc|bpg].

    + *

    + * Note: this example encrypts the secret key using AES_256, many PGP products still + * do not support this, if you are having problems importing keys try changing the algorithm + * id to PgpEncryptedData.Cast5. CAST5 is more widelysupported.

    + */ + public sealed class DsaElGamalKeyRingGenerator + { + private DsaElGamalKeyRingGenerator() + { + } + + private static void ExportKeyPair( + Stream secretOut, + Stream publicOut, + AsymmetricCipherKeyPair dsaKp, + AsymmetricCipherKeyPair elgKp, + string identity, + char[] passPhrase, + bool armor) + { + if (armor) + { + secretOut = new ArmoredOutputStream(secretOut); + } + + PgpKeyPair dsaKeyPair = new PgpKeyPair(PublicKeyAlgorithmTag.Dsa, dsaKp, DateTime.UtcNow); + PgpKeyPair elgKeyPair = new PgpKeyPair(PublicKeyAlgorithmTag.ElGamalEncrypt, elgKp, DateTime.UtcNow); + + PgpKeyRingGenerator keyRingGen = new PgpKeyRingGenerator(PgpSignature.PositiveCertification, dsaKeyPair, + identity, SymmetricKeyAlgorithmTag.Aes256, passPhrase, true, null, null, new SecureRandom()); + + keyRingGen.AddSubKey(elgKeyPair); + + keyRingGen.GenerateSecretKeyRing().Encode(secretOut); + + if (armor) + { + secretOut.Close(); + publicOut = new ArmoredOutputStream(publicOut); + } + + keyRingGen.GeneratePublicKeyRing().Encode(publicOut); + + if (armor) + { + publicOut.Close(); + } + } + + public static int Main( + string[] args) + { + if (args.Length < 2) + { + Console.WriteLine("DsaElGamalKeyRingGenerator [-a] identity passPhrase"); + return 0; + } + + IAsymmetricCipherKeyPairGenerator dsaKpg = GeneratorUtilities.GetKeyPairGenerator("DSA"); + DsaParametersGenerator pGen = new DsaParametersGenerator(); + pGen.Init(1024, 80, new SecureRandom()); + DsaParameters dsaParams = pGen.GenerateParameters(); + DsaKeyGenerationParameters kgp = new DsaKeyGenerationParameters(new SecureRandom(), dsaParams); + dsaKpg.Init(kgp); + + + // + // this takes a while as the key generator has to Generate some DSA parameters + // before it Generates the key. + // + AsymmetricCipherKeyPair dsaKp = dsaKpg.GenerateKeyPair(); + + + IAsymmetricCipherKeyPairGenerator elgKpg = GeneratorUtilities.GetKeyPairGenerator("ELGAMAL"); + + BigInteger g = new BigInteger("153d5d6172adb43045b68ae8e1de1070b6137005686d29d3d73a7749199681ee5b212c9b96bfdcfa5b20cd5e3fd2044895d609cf9b410b7a0f12ca1cb9a428cc", 16); + BigInteger p = new BigInteger("9494fec095f3b85ee286542b3836fc81a5dd0a0349b4c239dd38744d488cf8e31db8bcb7d33b41abb9e5a33cca9144b1cef332c94bf0573bf047a3aca98cdf3b", 16); + + ElGamalParameters elParams = new ElGamalParameters(p, g); + ElGamalKeyGenerationParameters elKgp = new ElGamalKeyGenerationParameters(new SecureRandom(), elParams); + elgKpg.Init(elKgp); + + // + // this is quicker because we are using preGenerated parameters. + // + AsymmetricCipherKeyPair elgKp = elgKpg.GenerateKeyPair(); + + Stream out1, out2; + if (args[0].Equals("-a")) + { + if (args.Length < 3) + { + Console.WriteLine("DSAElGamalKeyRingGenerator [-a] identity passPhrase"); + return 0; + } + + out1 = File.Create("secret.asc"); + out2 = File.Create("pub.asc"); + + ExportKeyPair(out1, out2, dsaKp, elgKp, args[1], args[2].ToCharArray(), true); + } + else + { + out1 = File.Create("secret.bpg"); + out2 = File.Create("pub.bpg"); + + ExportKeyPair(out1, out2, dsaKp, elgKp, args[0], args[1].ToCharArray(), false); + } + out1.Close(); + out2.Close(); + return 0; + } + } +} diff --git a/BouncyCastle/crypto/test/src/openpgp/examples/KeyBasedFileProcessor.cs b/BouncyCastle/crypto/test/src/openpgp/examples/KeyBasedFileProcessor.cs new file mode 100644 index 0000000..c77408b --- /dev/null +++ b/BouncyCastle/crypto/test/src/openpgp/examples/KeyBasedFileProcessor.cs @@ -0,0 +1,259 @@ +using System; +using System.Collections; +using System.IO; + +using Org.BouncyCastle.Bcpg.OpenPgp; +using Org.BouncyCastle.Security; +using Org.BouncyCastle.Utilities.IO; + +namespace Org.BouncyCastle.Bcpg.OpenPgp.Examples +{ + /** + * A simple utility class that encrypts/decrypts public key based + * encryption files. + *

    + * To encrypt a file: KeyBasedFileProcessor -e [-a|-ai] fileName publicKeyFile.
    + * If -a is specified the output file will be "ascii-armored". + * If -i is specified the output file will be have integrity checking added.

    + *

    + * To decrypt: KeyBasedFileProcessor -d fileName secretKeyFile passPhrase.

    + *

    + * Note 1: this example will silently overwrite files, nor does it pay any attention to + * the specification of "_CONSOLE" in the filename. It also expects that a single pass phrase + * will have been used.

    + *

    + * Note 2: if an empty file name has been specified in the literal data object contained in the + * encrypted packet a file with the name filename.out will be generated in the current working directory.

    + */ + public sealed class KeyBasedFileProcessor + { + private KeyBasedFileProcessor() + { + } + + private static void DecryptFile( + string inputFileName, + string keyFileName, + char[] passwd, + string defaultFileName) + { + using (Stream input = File.OpenRead(inputFileName), + keyIn = File.OpenRead(keyFileName)) + { + DecryptFile(input, keyIn, passwd, defaultFileName); + } + } + + /** + * decrypt the passed in message stream + */ + private static void DecryptFile( + Stream inputStream, + Stream keyIn, + char[] passwd, + string defaultFileName) + { + inputStream = PgpUtilities.GetDecoderStream(inputStream); + + try + { + PgpObjectFactory pgpF = new PgpObjectFactory(inputStream); + PgpEncryptedDataList enc; + + PgpObject o = pgpF.NextPgpObject(); + // + // the first object might be a PGP marker packet. + // + if (o is PgpEncryptedDataList) + { + enc = (PgpEncryptedDataList)o; + } + else + { + enc = (PgpEncryptedDataList)pgpF.NextPgpObject(); + } + + // + // find the secret key + // + PgpPrivateKey sKey = null; + PgpPublicKeyEncryptedData pbe = null; + PgpSecretKeyRingBundle pgpSec = new PgpSecretKeyRingBundle( + PgpUtilities.GetDecoderStream(keyIn)); + + foreach (PgpPublicKeyEncryptedData pked in enc.GetEncryptedDataObjects()) + { + sKey = PgpExampleUtilities.FindSecretKey(pgpSec, pked.KeyId, passwd); + + if (sKey != null) + { + pbe = pked; + break; + } + } + + if (sKey == null) + { + throw new ArgumentException("secret key for message not found."); + } + + Stream clear = pbe.GetDataStream(sKey); + + PgpObjectFactory plainFact = new PgpObjectFactory(clear); + + PgpObject message = plainFact.NextPgpObject(); + + if (message is PgpCompressedData) + { + PgpCompressedData cData = (PgpCompressedData)message; + PgpObjectFactory pgpFact = new PgpObjectFactory(cData.GetDataStream()); + + message = pgpFact.NextPgpObject(); + } + + if (message is PgpLiteralData) + { + PgpLiteralData ld = (PgpLiteralData)message; + + string outFileName = ld.FileName; + if (outFileName.Length == 0) + { + outFileName = defaultFileName; + } + + Stream fOut = File.Create(outFileName); + Stream unc = ld.GetInputStream(); + Streams.PipeAll(unc, fOut); + fOut.Close(); + } + else if (message is PgpOnePassSignatureList) + { + throw new PgpException("encrypted message contains a signed message - not literal data."); + } + else + { + throw new PgpException("message is not a simple encrypted file - type unknown."); + } + + if (pbe.IsIntegrityProtected()) + { + if (!pbe.Verify()) + { + Console.Error.WriteLine("message failed integrity check"); + } + else + { + Console.Error.WriteLine("message integrity check passed"); + } + } + else + { + Console.Error.WriteLine("no message integrity check"); + } + } + catch (PgpException e) + { + Console.Error.WriteLine(e); + + Exception underlyingException = e.InnerException; + if (underlyingException != null) + { + Console.Error.WriteLine(underlyingException.Message); + Console.Error.WriteLine(underlyingException.StackTrace); + } + } + } + + private static void EncryptFile( + string outputFileName, + string inputFileName, + string encKeyFileName, + bool armor, + bool withIntegrityCheck) + { + PgpPublicKey encKey = PgpExampleUtilities.ReadPublicKey(encKeyFileName); + + using (Stream output = File.Create(outputFileName)) + { + EncryptFile(output, inputFileName, encKey, armor, withIntegrityCheck); + } + } + + private static void EncryptFile( + Stream outputStream, + string fileName, + PgpPublicKey encKey, + bool armor, + bool withIntegrityCheck) + { + if (armor) + { + outputStream = new ArmoredOutputStream(outputStream); + } + + try + { + byte[] bytes = PgpExampleUtilities.CompressFile(fileName, CompressionAlgorithmTag.Zip); + + PgpEncryptedDataGenerator encGen = new PgpEncryptedDataGenerator( + SymmetricKeyAlgorithmTag.Cast5, withIntegrityCheck, new SecureRandom()); + encGen.AddMethod(encKey); + + Stream cOut = encGen.Open(outputStream, bytes.Length); + + cOut.Write(bytes, 0, bytes.Length); + cOut.Close(); + + if (armor) + { + outputStream.Close(); + } + } + catch (PgpException e) + { + Console.Error.WriteLine(e); + + Exception underlyingException = e.InnerException; + if (underlyingException != null) + { + Console.Error.WriteLine(underlyingException.Message); + Console.Error.WriteLine(underlyingException.StackTrace); + } + } + } + + public static void Main( + string[] args) + { + if (args.Length == 0) + { + Console.Error.WriteLine("usage: KeyBasedFileProcessor -e|-d [-a|ai] file [secretKeyFile passPhrase|pubKeyFile]"); + return; + } + + if (args[0].Equals("-e")) + { + if (args[1].Equals("-a") || args[1].Equals("-ai") || args[1].Equals("-ia")) + { + EncryptFile(args[2] + ".asc", args[2], args[3], true, (args[1].IndexOf('i') > 0)); + } + else if (args[1].Equals("-i")) + { + EncryptFile(args[2] + ".bpg", args[2], args[3], false, true); + } + else + { + EncryptFile(args[1] + ".bpg", args[1], args[2], false, false); + } + } + else if (args[0].Equals("-d")) + { + DecryptFile(args[1], args[2], args[3].ToCharArray(), new FileInfo(args[1]).Name + ".out"); + } + else + { + Console.Error.WriteLine("usage: KeyBasedFileProcessor -d|-e [-a|ai] file [secretKeyFile passPhrase|pubKeyFile]"); + } + } + } +} diff --git a/BouncyCastle/crypto/test/src/openpgp/examples/KeyBasedLargeFileProcessor.cs b/BouncyCastle/crypto/test/src/openpgp/examples/KeyBasedLargeFileProcessor.cs new file mode 100644 index 0000000..7fb00a3 --- /dev/null +++ b/BouncyCastle/crypto/test/src/openpgp/examples/KeyBasedLargeFileProcessor.cs @@ -0,0 +1,267 @@ +using System; +using System.Collections; +using System.IO; + +using Org.BouncyCastle.Bcpg.OpenPgp; +using Org.BouncyCastle.Security; +using Org.BouncyCastle.Utilities.IO; + +namespace Org.BouncyCastle.Bcpg.OpenPgp.Examples +{ + /** + * A simple utility class that encrypts/decrypts public key based + * encryption large files. + *

    + * To encrypt a file: KeyBasedLargeFileProcessor -e [-a|-ai] fileName publicKeyFile.
    + * If -a is specified the output file will be "ascii-armored". + * If -i is specified the output file will be have integrity checking added.

    + *

    + * To decrypt: KeyBasedLargeFileProcessor -d fileName secretKeyFile passPhrase.

    + *

    + * Note 1: this example will silently overwrite files, nor does it pay any attention to + * the specification of "_CONSOLE" in the filename. It also expects that a single pass phrase + * will have been used.

    + *

    + * Note 2: this example Generates partial packets to encode the file, the output it Generates + * will not be readable by older PGP products or products that don't support partial packet + * encoding.

    + *

    + * Note 3: if an empty file name has been specified in the literal data object contained in the + * encrypted packet a file with the name filename.out will be generated in the current working directory.

    + */ + public sealed class KeyBasedLargeFileProcessor + { + private KeyBasedLargeFileProcessor() + { + } + + private static void DecryptFile( + string inputFileName, + string keyFileName, + char[] passwd, + string defaultFileName) + { + using (Stream input = File.OpenRead(inputFileName), + keyIn = File.OpenRead(keyFileName)) + { + DecryptFile(input, keyIn, passwd, defaultFileName); + } + } + + /** + * decrypt the passed in message stream + */ + private static void DecryptFile( + Stream inputStream, + Stream keyIn, + char[] passwd, + string defaultFileName) + { + inputStream = PgpUtilities.GetDecoderStream(inputStream); + + try + { + PgpObjectFactory pgpF = new PgpObjectFactory(inputStream); + PgpEncryptedDataList enc; + + PgpObject o = pgpF.NextPgpObject(); + // + // the first object might be a PGP marker packet. + // + if (o is PgpEncryptedDataList) + { + enc = (PgpEncryptedDataList)o; + } + else + { + enc = (PgpEncryptedDataList)pgpF.NextPgpObject(); + } + + // + // find the secret key + // + PgpPrivateKey sKey = null; + PgpPublicKeyEncryptedData pbe = null; + PgpSecretKeyRingBundle pgpSec = new PgpSecretKeyRingBundle( + PgpUtilities.GetDecoderStream(keyIn)); + + foreach (PgpPublicKeyEncryptedData pked in enc.GetEncryptedDataObjects()) + { + sKey = PgpExampleUtilities.FindSecretKey(pgpSec, pked.KeyId, passwd); + + if (sKey != null) + { + pbe = pked; + break; + } + } + + if (sKey == null) + { + throw new ArgumentException("secret key for message not found."); + } + + Stream clear = pbe.GetDataStream(sKey); + + PgpObjectFactory plainFact = new PgpObjectFactory(clear); + + PgpCompressedData cData = (PgpCompressedData) plainFact.NextPgpObject(); + + PgpObjectFactory pgpFact = new PgpObjectFactory(cData.GetDataStream()); + + PgpObject message = pgpFact.NextPgpObject(); + + if (message is PgpLiteralData) + { + PgpLiteralData ld = (PgpLiteralData)message; + + string outFileName = ld.FileName; + if (outFileName.Length == 0) + { + outFileName = defaultFileName; + } + + Stream fOut = File.Create(outFileName); + Stream unc = ld.GetInputStream(); + Streams.PipeAll(unc, fOut); + fOut.Close(); + } + else if (message is PgpOnePassSignatureList) + { + throw new PgpException("encrypted message contains a signed message - not literal data."); + } + else + { + throw new PgpException("message is not a simple encrypted file - type unknown."); + } + + if (pbe.IsIntegrityProtected()) + { + if (!pbe.Verify()) + { + Console.Error.WriteLine("message failed integrity check"); + } + else + { + Console.Error.WriteLine("message integrity check passed"); + } + } + else + { + Console.Error.WriteLine("no message integrity check"); + } + } + catch (PgpException e) + { + Console.Error.WriteLine(e); + + Exception underlyingException = e.InnerException; + if (underlyingException != null) + { + Console.Error.WriteLine(underlyingException.Message); + Console.Error.WriteLine(underlyingException.StackTrace); + } + } + } + + private static void EncryptFile( + string outputFileName, + string inputFileName, + string encKeyFileName, + bool armor, + bool withIntegrityCheck) + { + PgpPublicKey encKey = PgpExampleUtilities.ReadPublicKey(encKeyFileName); + + using (Stream output = File.Create(outputFileName)) + { + EncryptFile(output, inputFileName, encKey, armor, withIntegrityCheck); + } + } + + private static void EncryptFile( + Stream outputStream, + string fileName, + PgpPublicKey encKey, + bool armor, + bool withIntegrityCheck) + { + if (armor) + { + outputStream = new ArmoredOutputStream(outputStream); + } + + try + { + PgpEncryptedDataGenerator cPk = new PgpEncryptedDataGenerator(SymmetricKeyAlgorithmTag.Cast5, withIntegrityCheck, new SecureRandom()); + + cPk.AddMethod(encKey); + + Stream cOut = cPk.Open(outputStream, new byte[1 << 16]); + + PgpCompressedDataGenerator comData = new PgpCompressedDataGenerator( + CompressionAlgorithmTag.Zip); + + PgpUtilities.WriteFileToLiteralData( + comData.Open(cOut), + PgpLiteralData.Binary, + new FileInfo(fileName), + new byte[1 << 16]); + + comData.Close(); + + cOut.Close(); + + if (armor) + { + outputStream.Close(); + } + } + catch (PgpException e) + { + Console.Error.WriteLine(e); + + Exception underlyingException = e.InnerException; + if (underlyingException != null) + { + Console.Error.WriteLine(underlyingException.Message); + Console.Error.WriteLine(underlyingException.StackTrace); + } + } + } + + public static void Main( + string[] args) + { + if (args.Length == 0) + { + Console.Error.WriteLine("usage: KeyBasedLargeFileProcessor -e|-d [-a|ai] file [secretKeyFile passPhrase|pubKeyFile]"); + return; + } + + if (args[0].Equals("-e")) + { + if (args[1].Equals("-a") || args[1].Equals("-ai") || args[1].Equals("-ia")) + { + EncryptFile(args[2] + ".asc", args[2], args[3], true, (args[1].IndexOf('i') > 0)); + } + else if (args[1].Equals("-i")) + { + EncryptFile(args[2] + ".bpg", args[2], args[3], false, true); + } + else + { + EncryptFile(args[1] + ".bpg", args[1], args[2], false, false); + } + } + else if (args[0].Equals("-d")) + { + DecryptFile(args[1], args[2], args[3].ToCharArray(), new FileInfo(args[1]).Name + ".out"); + } + else + { + Console.Error.WriteLine("usage: KeyBasedLargeFileProcessor -d|-e [-a|ai] file [secretKeyFile passPhrase|pubKeyFile]"); + } + } + } +} diff --git a/BouncyCastle/crypto/test/src/openpgp/examples/PbeFileProcessor.cs b/BouncyCastle/crypto/test/src/openpgp/examples/PbeFileProcessor.cs new file mode 100644 index 0000000..9617044 --- /dev/null +++ b/BouncyCastle/crypto/test/src/openpgp/examples/PbeFileProcessor.cs @@ -0,0 +1,183 @@ +using System; +using System.IO; + +using Org.BouncyCastle.Bcpg.OpenPgp; +using Org.BouncyCastle.Security; +using Org.BouncyCastle.Utilities.IO; + +namespace Org.BouncyCastle.Bcpg.OpenPgp.Examples +{ + /** + * A simple utility class that encrypts/decrypts password based + * encryption files. + *

    + * To encrypt a file: PBEFileProcessor -e [-ai] fileName passPhrase.
    + * If -a is specified the output file will be "ascii-armored".
    + * If -i is specified the output file will be "integrity protected".

    + *

    + * To decrypt: PBEFileProcessor -d fileName passPhrase.

    + *

    + * Note: this example will silently overwrite files, nor does it pay any attention to + * the specification of "_CONSOLE" in the filename. It also expects that a single pass phrase + * will have been used.

    + */ + public sealed class PbeFileProcessor + { + private PbeFileProcessor() {} + + private static void DecryptFile(string inputFileName, char[] passPhrase) + { + using (Stream input = File.OpenRead(inputFileName)) + { + DecryptFile(input, passPhrase); + } + } + + /** + * decrypt the passed in message stream + */ + private static void DecryptFile( + Stream inputStream, + char[] passPhrase) + { + inputStream = PgpUtilities.GetDecoderStream(inputStream); + + PgpObjectFactory pgpF = new PgpObjectFactory(inputStream); + PgpObject o = pgpF.NextPgpObject(); + + // + // the first object might be a PGP marker packet. + // + PgpEncryptedDataList enc = o as PgpEncryptedDataList; + if (enc == null) + { + enc = (PgpEncryptedDataList)pgpF.NextPgpObject(); + } + + PgpPbeEncryptedData pbe = (PgpPbeEncryptedData)enc[0]; + + Stream clear = pbe.GetDataStream(passPhrase); + + PgpObjectFactory pgpFact = new PgpObjectFactory(clear); + + // + // if we're trying to read a file generated by someone other than us + // the data might not be compressed, so we check the return type from + // the factory and behave accordingly. + // + o = pgpFact.NextPgpObject(); + if (o is PgpCompressedData) + { + PgpCompressedData cData = (PgpCompressedData) o; + pgpFact = new PgpObjectFactory(cData.GetDataStream()); + o = pgpFact.NextPgpObject(); + } + + PgpLiteralData ld = (PgpLiteralData) o; + Stream unc = ld.GetInputStream(); + Stream fOut = File.Create(ld.FileName); + Streams.PipeAll(unc, fOut); + fOut.Close(); + + if (pbe.IsIntegrityProtected()) + { + if (!pbe.Verify()) + { + Console.Error.WriteLine("message failed integrity check"); + } + else + { + Console.Error.WriteLine("message integrity check passed"); + } + } + else + { + Console.Error.WriteLine("no message integrity check"); + } + } + + private static void EncryptFile( + string outputFileName, + string inputFileName, + char[] passPhrase, + bool armor, + bool withIntegrityCheck) + { + using (Stream output = File.Create(outputFileName)) + { + EncryptFile(output, inputFileName, passPhrase, armor, withIntegrityCheck); + } + } + + private static void EncryptFile( + Stream outputStream, + string fileName, + char[] passPhrase, + bool armor, + bool withIntegrityCheck) + { + if (armor) + { + outputStream = new ArmoredOutputStream(outputStream); + } + + try + { + byte[] compressedData = PgpExampleUtilities.CompressFile(fileName, CompressionAlgorithmTag.Zip); + + PgpEncryptedDataGenerator encGen = new PgpEncryptedDataGenerator( + SymmetricKeyAlgorithmTag.Cast5, withIntegrityCheck, new SecureRandom()); + encGen.AddMethod(passPhrase, HashAlgorithmTag.Sha1); + + Stream encOut = encGen.Open(outputStream, compressedData.Length); + + encOut.Write(compressedData, 0, compressedData.Length); + encOut.Close(); + + if (armor) + { + outputStream.Close(); + } + } + catch (PgpException e) + { + Console.Error.WriteLine(e); + + Exception underlyingException = e.InnerException; + if (underlyingException != null) + { + Console.Error.WriteLine(underlyingException.Message); + Console.Error.WriteLine(underlyingException.StackTrace); + } + } + } + + public static void Main( + string[] args) + { + if (args[0].Equals("-e")) + { + if (args[1].Equals("-a") || args[1].Equals("-ai") || args[1].Equals("-ia")) + { + EncryptFile(args[2] + ".asc", args[2], args[3].ToCharArray(), true, (args[1].IndexOf('i') > 0)); + } + else if (args[1].Equals("-i")) + { + EncryptFile(args[2] + ".bpg", args[2], args[3].ToCharArray(), false, true); + } + else + { + EncryptFile(args[1] + ".bpg", args[1], args[2].ToCharArray(), false, false); + } + } + else if (args[0].Equals("-d")) + { + DecryptFile(args[1], args[2].ToCharArray()); + } + else + { + Console.Error.WriteLine("usage: PbeFileProcessor -e [-ai]|-d file passPhrase"); + } + } + } +} diff --git a/BouncyCastle/crypto/test/src/openpgp/examples/PgpExampleUtilities.cs b/BouncyCastle/crypto/test/src/openpgp/examples/PgpExampleUtilities.cs new file mode 100644 index 0000000..fd371d7 --- /dev/null +++ b/BouncyCastle/crypto/test/src/openpgp/examples/PgpExampleUtilities.cs @@ -0,0 +1,123 @@ +using System; +using System.IO; + +namespace Org.BouncyCastle.Bcpg.OpenPgp.Examples +{ + internal class PgpExampleUtilities + { + internal static byte[] CompressFile(string fileName, CompressionAlgorithmTag algorithm) + { + MemoryStream bOut = new MemoryStream(); + PgpCompressedDataGenerator comData = new PgpCompressedDataGenerator(algorithm); + PgpUtilities.WriteFileToLiteralData(comData.Open(bOut), PgpLiteralData.Binary, + new FileInfo(fileName)); + comData.Close(); + return bOut.ToArray(); + } + + /** + * Search a secret key ring collection for a secret key corresponding to keyID if it + * exists. + * + * @param pgpSec a secret key ring collection. + * @param keyID keyID we want. + * @param pass passphrase to decrypt secret key with. + * @return + * @throws PGPException + * @throws NoSuchProviderException + */ + internal static PgpPrivateKey FindSecretKey(PgpSecretKeyRingBundle pgpSec, long keyID, char[] pass) + { + PgpSecretKey pgpSecKey = pgpSec.GetSecretKey(keyID); + + if (pgpSecKey == null) + { + return null; + } + + return pgpSecKey.ExtractPrivateKey(pass); + } + + internal static PgpPublicKey ReadPublicKey(string fileName) + { + using (Stream keyIn = File.OpenRead(fileName)) + { + return ReadPublicKey(keyIn); + } + } + + /** + * A simple routine that opens a key ring file and loads the first available key + * suitable for encryption. + * + * @param input + * @return + * @throws IOException + * @throws PGPException + */ + internal static PgpPublicKey ReadPublicKey(Stream input) + { + PgpPublicKeyRingBundle pgpPub = new PgpPublicKeyRingBundle( + PgpUtilities.GetDecoderStream(input)); + + // + // we just loop through the collection till we find a key suitable for encryption, in the real + // world you would probably want to be a bit smarter about this. + // + + foreach (PgpPublicKeyRing keyRing in pgpPub.GetKeyRings()) + { + foreach (PgpPublicKey key in keyRing.GetPublicKeys()) + { + if (key.IsEncryptionKey) + { + return key; + } + } + } + + throw new ArgumentException("Can't find encryption key in key ring."); + } + + internal static PgpSecretKey ReadSecretKey(string fileName) + { + using (Stream keyIn = File.OpenRead(fileName)) + { + return ReadSecretKey(keyIn); + } + } + + /** + * A simple routine that opens a key ring file and loads the first available key + * suitable for signature generation. + * + * @param input stream to read the secret key ring collection from. + * @return a secret key. + * @throws IOException on a problem with using the input stream. + * @throws PGPException if there is an issue parsing the input stream. + */ + internal static PgpSecretKey ReadSecretKey(Stream input) + { + PgpSecretKeyRingBundle pgpSec = new PgpSecretKeyRingBundle( + PgpUtilities.GetDecoderStream(input)); + + // + // we just loop through the collection till we find a key suitable for encryption, in the real + // world you would probably want to be a bit smarter about this. + // + + foreach (PgpSecretKeyRing keyRing in pgpSec.GetKeyRings()) + { + foreach (PgpSecretKey key in keyRing.GetSecretKeys()) + { + if (key.IsSigningKey) + { + return key; + } + } + } + + throw new ArgumentException("Can't find signing key in key ring."); + } + } +} diff --git a/BouncyCastle/crypto/test/src/openpgp/examples/PublicKeyRingDump.cs b/BouncyCastle/crypto/test/src/openpgp/examples/PublicKeyRingDump.cs new file mode 100644 index 0000000..cbf5537 --- /dev/null +++ b/BouncyCastle/crypto/test/src/openpgp/examples/PublicKeyRingDump.cs @@ -0,0 +1,98 @@ +using System; +using System.Collections; +using System.IO; + +using Org.BouncyCastle.Asn1.Utilities; + +using Org.BouncyCastle.Bcpg.OpenPgp; +using Org.BouncyCastle.Utilities.Encoders; + +namespace Org.BouncyCastle.Bcpg.OpenPgp.Examples +{ + /** + * Basic class which just lists the contents of the public key file passed + * as an argument. If the file contains more than one "key ring" they are + * listed in the order found. + */ + public sealed class PublicKeyRingDump + { + private PublicKeyRingDump() + { + } + + public static string GetAlgorithm( + PublicKeyAlgorithmTag algId) + { + switch (algId) + { + case PublicKeyAlgorithmTag.RsaGeneral: + return "RsaGeneral"; + case PublicKeyAlgorithmTag.RsaEncrypt: + return "RsaEncrypt"; + case PublicKeyAlgorithmTag.RsaSign: + return "RsaSign"; + case PublicKeyAlgorithmTag.ElGamalEncrypt: + return "ElGamalEncrypt"; + case PublicKeyAlgorithmTag.Dsa: + return "DSA"; + case PublicKeyAlgorithmTag.ECDH: + return "ECDH"; + case PublicKeyAlgorithmTag.ECDsa: + return "ECDSA"; + case PublicKeyAlgorithmTag.ElGamalGeneral: + return "ElGamalGeneral"; + case PublicKeyAlgorithmTag.DiffieHellman: + return "DiffieHellman"; + } + + return "unknown"; + } + + public static void Main( + string[] args) + { + Stream fs = File.OpenRead(args[0]); + + // + // Read the public key rings + // + PgpPublicKeyRingBundle pubRings = new PgpPublicKeyRingBundle( + PgpUtilities.GetDecoderStream(fs)); + + fs.Close(); + + foreach (PgpPublicKeyRing pgpPub in pubRings.GetKeyRings()) + { + try + { + //PgpPublicKey pubKey = + pgpPub.GetPublicKey(); + } + catch (Exception e) + { + Console.Error.WriteLine(e.Message); + Console.Error.WriteLine(e.StackTrace); + continue; + } + + bool first = true; + + foreach (PgpPublicKey pgpKey in pgpPub.GetPublicKeys()) + { + if (first) + { + Console.WriteLine("Key ID: " + pgpKey.KeyId.ToString("X")); + first = false; + } + else + { + Console.WriteLine("Key ID: " + pgpKey.KeyId.ToString("X") + " (subkey)"); + } + + Console.WriteLine(" Algorithm: " + GetAlgorithm(pgpKey.Algorithm)); + Console.WriteLine(" Fingerprint: " + Hex.ToHexString(pgpKey.GetFingerprint())); + } + } + } + } +} diff --git a/BouncyCastle/crypto/test/src/openpgp/examples/RsaKeyRingGenerator.cs b/BouncyCastle/crypto/test/src/openpgp/examples/RsaKeyRingGenerator.cs new file mode 100644 index 0000000..284118b --- /dev/null +++ b/BouncyCastle/crypto/test/src/openpgp/examples/RsaKeyRingGenerator.cs @@ -0,0 +1,115 @@ +using System; +using System.IO; + +using Org.BouncyCastle.Crypto; +using Org.BouncyCastle.Crypto.Generators; +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Math; +using Org.BouncyCastle.Bcpg.OpenPgp; +using Org.BouncyCastle.Security; + +namespace Org.BouncyCastle.Bcpg.OpenPgp.Examples +{ + /** + * A simple utility class that Generates a RSA PgpPublicKey/PgpSecretKey pair. + *

    + * usage: RsaKeyRingGenerator [-a] identity passPhrase

    + *

    + * Where identity is the name to be associated with the public key. The keys are placed + * in the files pub.[asc|bpg] and secret.[asc|bpg].

    + */ + public sealed class RsaKeyRingGenerator + { + private RsaKeyRingGenerator() + { + } + + private static void ExportKeyPair( + Stream secretOut, + Stream publicOut, + AsymmetricKeyParameter publicKey, + AsymmetricKeyParameter privateKey, + string identity, + char[] passPhrase, + bool armor) + { + if (armor) + { + secretOut = new ArmoredOutputStream(secretOut); + } + + PgpSecretKey secretKey = new PgpSecretKey( + PgpSignature.DefaultCertification, + PublicKeyAlgorithmTag.RsaGeneral, + publicKey, + privateKey, + DateTime.UtcNow, + identity, + SymmetricKeyAlgorithmTag.Cast5, + passPhrase, + null, + null, + new SecureRandom() + ); + + secretKey.Encode(secretOut); + + if (armor) + { + secretOut.Close(); + publicOut = new ArmoredOutputStream(publicOut); + } + + PgpPublicKey key = secretKey.PublicKey; + + key.Encode(publicOut); + + if (armor) + { + publicOut.Close(); + } + } + + public static int Main( + string[] args) + { + IAsymmetricCipherKeyPairGenerator kpg = GeneratorUtilities.GetKeyPairGenerator("RSA"); + + kpg.Init(new RsaKeyGenerationParameters( + BigInteger.ValueOf(0x10001), new SecureRandom(), 1024, 25)); + + AsymmetricCipherKeyPair kp = kpg.GenerateKeyPair(); + + if (args.Length < 2) + { + Console.WriteLine("RsaKeyPairGenerator [-a] identity passPhrase"); + return 0; + } + + Stream out1, out2; + if (args[0].Equals("-a")) + { + if (args.Length < 3) + { + Console.WriteLine("RsaKeyPairGenerator [-a] identity passPhrase"); + return 0; + } + + out1 = File.Create("secret.asc"); + out2 = File.Create("pub.asc"); + + ExportKeyPair(out1, out2, kp.Public, kp.Private, args[1], args[2].ToCharArray(), true); + } + else + { + out1 = File.Create("secret.bpg"); + out2 = File.Create("pub.bpg"); + + ExportKeyPair(out1, out2, kp.Public, kp.Private, args[0], args[1].ToCharArray(), false); + } + out1.Close(); + out2.Close(); + return 0; + } + } +} diff --git a/BouncyCastle/crypto/test/src/openpgp/examples/SignedFileProcessor.cs b/BouncyCastle/crypto/test/src/openpgp/examples/SignedFileProcessor.cs new file mode 100644 index 0000000..1ad0d10 --- /dev/null +++ b/BouncyCastle/crypto/test/src/openpgp/examples/SignedFileProcessor.cs @@ -0,0 +1,188 @@ +using System; +using System.Collections; +using System.IO; + + +using Org.BouncyCastle.Bcpg.OpenPgp; + +namespace Org.BouncyCastle.Bcpg.OpenPgp.Examples +{ + /** + * A simple utility class that signs and verifies files. + *

    + * To sign a file: SignedFileProcessor -s [-a] fileName secretKey passPhrase.
    + * If -a is specified the output file will be "ascii-armored".

    + *

    + * To decrypt: SignedFileProcessor -v fileName publicKeyFile.

    + *

    + * Note: this example will silently overwrite files, nor does it pay any attention to + * the specification of "_CONSOLE" in the filename. It also expects that a single pass phrase + * will have been used.

    + *

    + * Note: the example also makes use of PGP compression. If you are having difficulty Getting it + * to interoperate with other PGP programs try removing the use of compression first.

    + */ + public sealed class SignedFileProcessor + { + private SignedFileProcessor() {} + + /** + * verify the passed in file as being correctly signed. + */ + private static void VerifyFile( + Stream inputStream, + Stream keyIn) + { + inputStream = PgpUtilities.GetDecoderStream(inputStream); + + PgpObjectFactory pgpFact = new PgpObjectFactory(inputStream); + PgpCompressedData c1 = (PgpCompressedData) pgpFact.NextPgpObject(); + pgpFact = new PgpObjectFactory(c1.GetDataStream()); + + PgpOnePassSignatureList p1 = (PgpOnePassSignatureList) pgpFact.NextPgpObject(); + PgpOnePassSignature ops = p1[0]; + + PgpLiteralData p2 = (PgpLiteralData) pgpFact.NextPgpObject(); + Stream dIn = p2.GetInputStream(); + PgpPublicKeyRingBundle pgpRing = new PgpPublicKeyRingBundle(PgpUtilities.GetDecoderStream(keyIn)); + PgpPublicKey key = pgpRing.GetPublicKey(ops.KeyId); + Stream fos = File.Create(p2.FileName); + + ops.InitVerify(key); + + int ch; + while ((ch = dIn.ReadByte()) >= 0) + { + ops.Update((byte)ch); + fos.WriteByte((byte) ch); + } + fos.Close(); + + PgpSignatureList p3 = (PgpSignatureList)pgpFact.NextPgpObject(); + PgpSignature firstSig = p3[0]; + if (ops.Verify(firstSig)) + { + Console.Out.WriteLine("signature verified."); + } + else + { + Console.Out.WriteLine("signature verification failed."); + } + } + + /** + * Generate an encapsulated signed file. + * + * @param fileName + * @param keyIn + * @param outputStream + * @param pass + * @param armor + */ + private static void SignFile( + string fileName, + Stream keyIn, + Stream outputStream, + char[] pass, + bool armor, + bool compress) + { + if (armor) + { + outputStream = new ArmoredOutputStream(outputStream); + } + + PgpSecretKey pgpSec = PgpExampleUtilities.ReadSecretKey(keyIn); + PgpPrivateKey pgpPrivKey = pgpSec.ExtractPrivateKey(pass); + PgpSignatureGenerator sGen = new PgpSignatureGenerator(pgpSec.PublicKey.Algorithm, HashAlgorithmTag.Sha1); + + sGen.InitSign(PgpSignature.BinaryDocument, pgpPrivKey); + foreach (string userId in pgpSec.PublicKey.GetUserIds()) + { + PgpSignatureSubpacketGenerator spGen = new PgpSignatureSubpacketGenerator(); + spGen.SetSignerUserId(false, userId); + sGen.SetHashedSubpackets(spGen.Generate()); + // Just the first one! + break; + } + + Stream cOut = outputStream; + PgpCompressedDataGenerator cGen = null; + if (compress) + { + cGen = new PgpCompressedDataGenerator(CompressionAlgorithmTag.ZLib); + + cOut = cGen.Open(cOut); + } + + BcpgOutputStream bOut = new BcpgOutputStream(cOut); + + sGen.GenerateOnePassVersion(false).Encode(bOut); + + FileInfo file = new FileInfo(fileName); + PgpLiteralDataGenerator lGen = new PgpLiteralDataGenerator(); + Stream lOut = lGen.Open(bOut, PgpLiteralData.Binary, file); + FileStream fIn = file.OpenRead(); + int ch = 0; + + while ((ch = fIn.ReadByte()) >= 0) + { + lOut.WriteByte((byte) ch); + sGen.Update((byte)ch); + } + + fIn.Close(); + lGen.Close(); + + sGen.Generate().Encode(bOut); + + if (cGen != null) + { + cGen.Close(); + } + + if (armor) + { + outputStream.Close(); + } + } + + public static void Main( + string[] args) + { + // TODO provide command-line option to determine whether to use compression in SignFile + if (args[0].Equals("-s")) + { + Stream keyIn, fos; + if (args[1].Equals("-a")) + { + keyIn = File.OpenRead(args[3]); + fos = File.Create(args[2] + ".asc"); + + SignFile(args[2], keyIn, fos, args[4].ToCharArray(), true, true); + } + else + { + keyIn = File.OpenRead(args[2]); + fos = File.Create(args[1] + ".bpg"); + + SignFile(args[1], keyIn, fos, args[3].ToCharArray(), false, true); + } + keyIn.Close(); + fos.Close(); + } + else if (args[0].Equals("-v")) + { + using (Stream fis = File.OpenRead(args[1]), + keyIn = File.OpenRead(args[2])) + { + VerifyFile(fis, keyIn); + } + } + else + { + Console.Error.WriteLine("usage: SignedFileProcessor -v|-s [-a] file keyfile [passPhrase]"); + } + } + } +} diff --git a/BouncyCastle/crypto/test/src/openpgp/examples/test/AllTests.cs b/BouncyCastle/crypto/test/src/openpgp/examples/test/AllTests.cs new file mode 100644 index 0000000..3403a4f --- /dev/null +++ b/BouncyCastle/crypto/test/src/openpgp/examples/test/AllTests.cs @@ -0,0 +1,438 @@ +#if !LIB +using System; +using System.IO; + +using NUnit.Core; +using NUnit.Framework; + +using Org.BouncyCastle.Utilities; +using Org.BouncyCastle.Utilities.Encoders; +using Org.BouncyCastle.Utilities.IO; + +namespace Org.BouncyCastle.Bcpg.OpenPgp.Examples.Tests +{ + [TestFixture] + public class AllTests + { + private static readonly byte[] clearSignedPublicKey = Base64.Decode( + "mQELBEQh2+wBCAD26kte0hO6flr7Y2aetpPYutHY4qsmDPy+GwmmqVeCDkX+" + + "r1g7DuFbMhVeu0NkKDnVl7GsJ9VarYsFYyqu0NzLa9XS2qlTIkmJV+2/xKa1" + + "tzjn18fT/cnAWL88ZLCOWUr241aPVhLuIc6vpHnySpEMkCh4rvMaimnTrKwO" + + "42kgeDGd5cXfs4J4ovRcTbc4hmU2BRVsRjiYMZWWx0kkyL2zDVyaJSs4yVX7" + + "Jm4/LSR1uC/wDT0IJJuZT/gQPCMJNMEsVCziRgYkAxQK3OWojPSuv4rXpyd4" + + "Gvo6IbvyTgIskfpSkCnQtORNLIudQSuK7pW+LkL62N+ohuKdMvdxauOnAAYp" + + "tBNnZ2dnZ2dnZyA8Z2dnQGdnZ2c+iQE2BBMBAgAgBQJEIdvsAhsDBgsJCAcD" + + "AgQVAggDBBYCAwECHgECF4AACgkQ4M/Ier3f9xagdAf/fbKWBjLQM8xR7JkR" + + "P4ri8YKOQPhK+VrddGUD59/wzVnvaGyl9MZE7TXFUeniQq5iXKnm22EQbYch" + + "v2Jcxyt2H9yptpzyh4tP6tEHl1C887p2J4qe7F2ATua9CzVGwXQSUbKtj2fg" + + "UZP5SsNp25guhPiZdtkf2sHMeiotmykFErzqGMrvOAUThrO63GiYsRk4hF6r" + + "cQ01d+EUVpY/sBcCxgNyOiB7a84sDtrxnX5BTEZDTEj8LvuEyEV3TMUuAjx1" + + "7Eyd+9JtKzwV4v3hlTaWOvGro9nPS7YaPuG+RtufzXCUJPbPfTjTvtGOqvEz" + + "oztls8tuWA0OGHba9XfX9rfgorACAAM="); + + private static readonly string crOnlyMessage = + "\r" + + " hello world!\r" + + "\r" + + "- dash\r"; + + private static readonly string nlOnlyMessage = + "\n" + + " hello world!\n" + + "\n" + + "- dash\n"; + + private static readonly string crNlMessage = + "\r\n" + + " hello world!\r\n" + + "\r\n" + + "- dash\r\n"; + + private static readonly string crNlMessageTrailingWhiteSpace = + "\r\n" + + " hello world! \t\r\n" + + "\r\n" + + "\r\n"; + + private static readonly string crOnlySignedMessage = + "-----BEGIN PGP SIGNED MESSAGE-----\r" + + "Hash: SHA256\r" + + "\r" + + "\r" + + " hello world!\r" + + "\r" + + "- - dash\r" + + "-----BEGIN PGP SIGNATURE-----\r" + + "Version: GnuPG v1.4.2.1 (GNU/Linux)\r" + + "\r" + + "iQEVAwUBRCNS8+DPyHq93/cWAQi6SwgAj3ItmSLr/sd/ixAQLW7/12jzEjfNmFDt\r" + + "WOZpJFmXj0fnMzTrOILVnbxHv2Ru+U8Y1K6nhzFSR7d28n31/XGgFtdohDEaFJpx\r" + + "Fl+KvASKIonnpEDjFJsPIvT1/G/eCPalwO9IuxaIthmKj0z44SO1VQtmNKxdLAfK\r" + + "+xTnXGawXS1WUE4CQGPM45mIGSqXcYrLtJkAg3jtRa8YRUn2d7b2BtmWH+jVaVuC\r" + + "hNrXYv7iHFOu25yRWhUQJisvdC13D/gKIPRvARXPgPhAC2kovIy6VS8tDoyG6Hm5\r" + + "dMgLEGhmqsgaetVq1ZIuBZj5S4j2apBJCDpF6GBfpBOfwIZs0Tpmlw==\r" + + "=84Nd\r" + + "-----END PGP SIGNATURE-----\r"; + + private static readonly string nlOnlySignedMessage = + "-----BEGIN PGP SIGNED MESSAGE-----\n" + + "Hash: SHA256\n" + + "\n" + + "\n" + + " hello world!\n" + + "\n" + + "- - dash\n" + + "-----BEGIN PGP SIGNATURE-----\n" + + "Version: GnuPG v1.4.2.1 (GNU/Linux)\n" + + "\n" + + "iQEVAwUBRCNS8+DPyHq93/cWAQi6SwgAj3ItmSLr/sd/ixAQLW7/12jzEjfNmFDt\n" + + "WOZpJFmXj0fnMzTrOILVnbxHv2Ru+U8Y1K6nhzFSR7d28n31/XGgFtdohDEaFJpx\n" + + "Fl+KvASKIonnpEDjFJsPIvT1/G/eCPalwO9IuxaIthmKj0z44SO1VQtmNKxdLAfK\n" + + "+xTnXGawXS1WUE4CQGPM45mIGSqXcYrLtJkAg3jtRa8YRUn2d7b2BtmWH+jVaVuC\n" + + "hNrXYv7iHFOu25yRWhUQJisvdC13D/gKIPRvARXPgPhAC2kovIy6VS8tDoyG6Hm5\n" + + "dMgLEGhmqsgaetVq1ZIuBZj5S4j2apBJCDpF6GBfpBOfwIZs0Tpmlw==\n" + + "=84Nd\n" + + "-----END PGP SIGNATURE-----\n"; + + private static readonly string crNlSignedMessage = + "-----BEGIN PGP SIGNED MESSAGE-----\r\n" + + "Hash: SHA256\r\n" + + "\r\n" + + "\r\n" + + " hello world!\r\n" + + "\r\n" + + "- - dash\r\n" + + "-----BEGIN PGP SIGNATURE-----\r\n" + + "Version: GnuPG v1.4.2.1 (GNU/Linux)\r\n" + + "\r\n" + + "iQEVAwUBRCNS8+DPyHq93/cWAQi6SwgAj3ItmSLr/sd/ixAQLW7/12jzEjfNmFDt\r\n" + + "WOZpJFmXj0fnMzTrOILVnbxHv2Ru+U8Y1K6nhzFSR7d28n31/XGgFtdohDEaFJpx\r\n" + + "Fl+KvASKIonnpEDjFJsPIvT1/G/eCPalwO9IuxaIthmKj0z44SO1VQtmNKxdLAfK\r\n" + + "+xTnXGawXS1WUE4CQGPM45mIGSqXcYrLtJkAg3jtRa8YRUn2d7b2BtmWH+jVaVuC\r\n" + + "hNrXYv7iHFOu25yRWhUQJisvdC13D/gKIPRvARXPgPhAC2kovIy6VS8tDoyG6Hm5\r\n" + + "dMgLEGhmqsgaetVq1ZIuBZj5S4j2apBJCDpF6GBfpBOfwIZs0Tpmlw==\r\n" + + "=84Nd\r" + + "-----END PGP SIGNATURE-----\r\n"; + + private static readonly string crNlSignedMessageTrailingWhiteSpace = + "-----BEGIN PGP SIGNED MESSAGE-----\r\n" + + "Hash: SHA256\r\n" + + "\r\n" + + "\r\n" + + " hello world! \t\r\n" + + "\r\n" + + "- - dash\r\n" + + "-----BEGIN PGP SIGNATURE-----\r\n" + + "Version: GnuPG v1.4.2.1 (GNU/Linux)\r\n" + + "\r\n" + + "iQEVAwUBRCNS8+DPyHq93/cWAQi6SwgAj3ItmSLr/sd/ixAQLW7/12jzEjfNmFDt\r\n" + + "WOZpJFmXj0fnMzTrOILVnbxHv2Ru+U8Y1K6nhzFSR7d28n31/XGgFtdohDEaFJpx\r\n" + + "Fl+KvASKIonnpEDjFJsPIvT1/G/eCPalwO9IuxaIthmKj0z44SO1VQtmNKxdLAfK\r\n" + + "+xTnXGawXS1WUE4CQGPM45mIGSqXcYrLtJkAg3jtRa8YRUn2d7b2BtmWH+jVaVuC\r\n" + + "hNrXYv7iHFOu25yRWhUQJisvdC13D/gKIPRvARXPgPhAC2kovIy6VS8tDoyG6Hm5\r\n" + + "dMgLEGhmqsgaetVq1ZIuBZj5S4j2apBJCDpF6GBfpBOfwIZs0Tpmlw==\r\n" + + "=84Nd\r" + + "-----END PGP SIGNATURE-----\r\n"; + + private TextWriter _oldOut; + private TextWriter _oldErr; + + private MemoryStream _currentOut; + private MemoryStream _currentErr; + + [SetUp] + public void SetUp() + { + _oldOut = Console.Out; + _oldErr = Console.Error; + _currentOut = new MemoryStream(); + _currentErr = new MemoryStream(); + + Console.SetOut(new StreamWriter(_currentOut)); + Console.SetError(new StreamWriter(_currentErr)); + } + + [TearDown] + public void TearDown() + { + Console.SetOut(_oldOut); + Console.SetError(_oldErr); + } + + [Test] + public void TestRsaKeyGeneration() + { + RsaKeyRingGenerator.Main(new string[]{ "test", "password" }); + + CreateSmallTestInput(); + CreateLargeTestInput(); + + CheckSigning("bpg"); + CheckKeyBasedEncryption("bpg"); + CheckLargeKeyBasedEncryption("bpg"); + + RsaKeyRingGenerator.Main(new string[]{ "-a", "test", "password" }); + + CheckSigning("asc"); + CheckKeyBasedEncryption("asc"); + CheckLargeKeyBasedEncryption("asc"); + } + + [Test] + public void TestDsaElGamalKeyGeneration() + { + DsaElGamalKeyRingGenerator.Main(new string[]{ "test", "password" }); + + CreateSmallTestInput(); + CreateLargeTestInput(); + + CheckSigning("bpg"); + CheckKeyBasedEncryption("bpg"); + CheckLargeKeyBasedEncryption("bpg"); + + DsaElGamalKeyRingGenerator.Main(new string[]{ "-a", "test", "password" }); + + CheckSigning("asc"); + CheckKeyBasedEncryption("asc"); + CheckLargeKeyBasedEncryption("asc"); + } + + [Test] + public void TestPbeEncryption() + { + Console.Error.Flush(); + _currentErr.SetLength(0); + + PbeFileProcessor.Main(new string[]{ "-e", "test.txt", "password" }); + + PbeFileProcessor.Main(new string[]{ "-d", "test.txt.bpg", "password" }); + + Console.Error.Flush(); + Assert.AreEqual("no message integrity check", GetLine(_currentErr)); + + PbeFileProcessor.Main(new string[]{ "-e", "-i", "test.txt", "password" }); + + PbeFileProcessor.Main(new string[]{ "-d", "test.txt.bpg", "password" }); + + Console.Error.Flush(); + Assert.AreEqual("message integrity check passed", GetLine(_currentErr)); + + PbeFileProcessor.Main(new string[]{ "-e", "-ai", "test.txt", "password" }); + + PbeFileProcessor.Main(new string[]{ "-d", "test.txt.asc", "password" }); + + Console.Error.Flush(); + Assert.AreEqual("message integrity check passed", GetLine(_currentErr)); + } + + [Test] + public void TestClearSigned() + { + CreateTestFile(clearSignedPublicKey, "pub.bpg"); + + CheckClearSignedVerify(nlOnlySignedMessage); + CheckClearSignedVerify(crOnlySignedMessage); + CheckClearSignedVerify(crNlSignedMessage); + CheckClearSignedVerify(crNlSignedMessageTrailingWhiteSpace); + + ClearSignedFileProcessor.Main(new string[]{ "-v", "test.txt.asc", "pub.bpg" }); + + RsaKeyRingGenerator.Main(new string[]{ "test", "password" }); + + CheckClearSigned(crOnlyMessage); + CheckClearSigned(nlOnlyMessage); + CheckClearSigned(crNlMessage); + CheckClearSigned(crNlMessageTrailingWhiteSpace); + } + + [Test] + public void TestClearSignedBogusInput() + { + CreateTestFile(clearSignedPublicKey, "test.txt"); + + RsaKeyRingGenerator.Main(new string[]{ "test", "password" }); + + ClearSignedFileProcessor.Main(new string[]{ "-s", "test.txt", "secret.bpg", "password" }); + } + + [Test] + public void TestClearSignedSingleLine() + { + CreateTestData("This is a test payload!" + Environment.NewLine, "test.txt"); + CreateTestData("This is a test payload!" + Environment.NewLine, "test.bak"); + + RsaKeyRingGenerator.Main(new string[]{ "test", "password" }); + + ClearSignedFileProcessor.Main(new string[]{"-s", "test.txt", "secret.bpg", "password"}); + ClearSignedFileProcessor.Main(new string[]{"-v", "test.txt.asc", "pub.bpg"}); + + CompareFile("test.bak", "test.txt"); + } + + private void CheckClearSignedVerify( + string message) + { + CreateTestData(message, "test.txt.asc"); + + ClearSignedFileProcessor.Main(new string[]{ "-v", "test.txt.asc", "pub.bpg" }); + } + + private void CompareFile(string file1, string file2) + { + byte[] data1 = GetFileContents(file1); + byte[] data2 = GetFileContents(file2); + + Assert.IsTrue(Arrays.AreEqual(data1, data2)); + } + + private byte[] GetFileContents(string name) + { + FileStream fs = File.OpenRead(name); + byte[] contents = Streams.ReadAll(fs); + fs.Close(); + return contents; + } + + private void CheckClearSigned( + string message) + { + CreateTestData(message, "test.txt"); + + ClearSignedFileProcessor.Main(new string[]{ "-s", "test.txt", "secret.bpg", "password" }); + ClearSignedFileProcessor.Main(new string[]{ "-v", "test.txt.asc", "pub.bpg" }); + } + + private void CheckSigning( + string type) + { + Console.Out.Flush(); + _currentOut.SetLength(0); + + SignedFileProcessor.Main(new string[]{ "-s", "test.txt", "secret." + type, "password" }); + SignedFileProcessor.Main(new string[]{ "-v", "test.txt.bpg", "pub." + type }); + + Console.Out.Flush(); + Assert.AreEqual("signature verified.", GetLine(_currentOut)); + + SignedFileProcessor.Main(new string[]{ "-s", "-a", "test.txt", "secret." + type, "password" }); + SignedFileProcessor.Main(new string[]{ "-v", "test.txt.asc", "pub." + type }); + + Console.Out.Flush(); + Assert.AreEqual("signature verified.", GetLine(_currentOut)); + } + + private void CheckKeyBasedEncryption( + string type) + { + Console.Error.Flush(); + _currentErr.SetLength(0); + + KeyBasedFileProcessor.Main(new string[]{ "-e", "test.txt", "pub." + type }); + KeyBasedFileProcessor.Main(new string[]{ "-d", "test.txt.bpg", "secret." + type, "password" }); + + Console.Error.Flush(); + Assert.AreEqual("no message integrity check", GetLine(_currentErr)); + + KeyBasedFileProcessor.Main(new string[]{ "-e", "-i", "test.txt", "pub." + type }); + KeyBasedFileProcessor.Main(new string[]{ "-d", "test.txt.bpg", "secret." + type, "password" }); + + Console.Error.Flush(); + Assert.AreEqual("message integrity check passed", GetLine(_currentErr)); + + KeyBasedFileProcessor.Main(new string[]{ "-e", "-ai", "test.txt", "pub." + type }); + KeyBasedFileProcessor.Main(new string[]{ "-d", "test.txt.asc", "secret." + type, "password" }); + + Console.Error.Flush(); + Assert.AreEqual("message integrity check passed", GetLine(_currentErr)); + } + + private void CheckLargeKeyBasedEncryption( + string type) + { + Console.Error.Flush(); + _currentErr.SetLength(0); + + KeyBasedLargeFileProcessor.Main(new string[]{ "-e", "large.txt", "pub." + type }); + KeyBasedLargeFileProcessor.Main(new string[]{ "-d", "large.txt.bpg", "secret." + type, "password" }); + + Console.Error.Flush(); + Assert.AreEqual("no message integrity check", GetLine(_currentErr)); + + KeyBasedLargeFileProcessor.Main(new string[]{ "-e", "-i", "large.txt", "pub." + type }); + KeyBasedLargeFileProcessor.Main(new string[]{ "-d", "large.txt.bpg", "secret." + type, "password" }); + + Console.Error.Flush(); + Assert.AreEqual("message integrity check passed", GetLine(_currentErr)); + + KeyBasedLargeFileProcessor.Main(new string[]{ "-e", "-ai", "large.txt", "pub." + type }); + KeyBasedLargeFileProcessor.Main(new string[]{ "-d", "large.txt.asc", "secret." + type, "password" }); + + Console.Error.Flush(); + Assert.AreEqual("message integrity check passed", GetLine(_currentErr)); + } + + private void CreateSmallTestInput() + { + TextWriter bfOut = new StreamWriter(File.Create("test.txt")); + bfOut.WriteLine("hello world!"); + bfOut.Close(); + } + + private void CreateLargeTestInput() + { + TextWriter bfOut = new StreamWriter(File.Create("large.txt")); + + for (int i = 1; i <= 2000; i++) + { + bfOut.WriteLine("hello to planet " + i + "!"); + } + + bfOut.Close(); + } + + private void CreateTestData( + string testData, + string name) + { + FileStream fOut = File.Create(name); + TextWriter bfOut = new StreamWriter(fOut); + bfOut.Write(testData); + bfOut.Close(); + } + + private void CreateTestFile( + byte[] keyData, + string name) + { + FileStream fOut = File.Create(name); + fOut.Write(keyData, 0, keyData.Length); + fOut.Close(); + } + + private string GetLine( + MemoryStream outStr) + { + byte[] b = outStr.ToArray(); + TextReader bRd = new StreamReader(new MemoryStream(b, false)); + outStr.SetLength(0); + return bRd.ReadLine(); + } + + public static void Main(string[] args) + { + Suite.Run(new NullListener(), NUnit.Core.TestFilter.Empty); + } + + [Suite] + public static TestSuite Suite + { + get + { + TestSuite suite = new TestSuite("OpenPGP Example Tests"); + suite.Add(new AllTests()); + return suite; + } + } + } +} +#endif diff --git a/BouncyCastle/crypto/test/src/openpgp/test/ArmoredInputStreamTest.cs b/BouncyCastle/crypto/test/src/openpgp/test/ArmoredInputStreamTest.cs new file mode 100644 index 0000000..375d4ef --- /dev/null +++ b/BouncyCastle/crypto/test/src/openpgp/test/ArmoredInputStreamTest.cs @@ -0,0 +1,419 @@ +using System; +using System.IO; + +using NUnit.Framework; + +using Org.BouncyCastle.Utilities; +using Org.BouncyCastle.Utilities.Encoders; +using Org.BouncyCastle.Utilities.IO; +using Org.BouncyCastle.Utilities.Test; + +namespace Org.BouncyCastle.Bcpg.OpenPgp.Tests +{ + [TestFixture] + public class ArmoredInputStreamTest + : SimpleTest + { + private static readonly byte[] bogusData = Hex.Decode( + "ed864b3c622d5d71d43e5bd77876e81bfaaba8522f64cb494dc897daa3494f7da598f5907b758b72394fbefea77b86a16865e7bf" + + "b8f5bb46bb0d2db4a99a6a4542b9040a0e4f74b8e202c4eb255e8a81a59be9c0d5d2c593b8b512c9bdc75a243cb0992b5a885889" + + "a4a3d3d70e1fcb415d4f718e8230b11895e3706314912554d7c19dafb733df7d02e9a2f42492139648618b1943af9e2941bd0e42" + + "73b58de9b734d15a793a6d7673b3e90dedebc2a479965680de61880dddea25c0168237a6e52846e6a5aa9fb9161ac7a3996315cf" + + "7d391cb86e86cce44e2a353b68cf84d3ac49eddde9a040180533af4aade92de7a03c1982020a2591141aeffd2ad07ffbc0d0a303" + + "710763f47317a5c468d18e69e4094945060f707778cd65b4e94c2e27b5e5a8f4d510e01c9f84b22e1c59486a9b72552682833a07" + + "23995febde56a59d31b60b2cdac00efbf693ac27607c8c4a502749bc7bde65ec80c661aadada4611e3093607d8c7927bf4b29ea9" + + "0481a4616952abb88cb2f4ad78c2e94ba9193f0d0dac17d972ed0b6a738a11a6f27a3a5857e9a0746c5acb2a33ea05491e23db39" + + "657549b5b1a341f2088232b5c72c1a3fcce6dd8b1ce8ade51977521e473b6b208458ce513606daf47689c9a239e161cc592f070f" + + "395a2b964547954516651fc122a781b336d3ddc529c37c16022e6882ba52a6ff9ffd1e362971096997053e916953ca6146eb9973" + + "a28663074692fa3d216b4f169d20e32655602461dce525db1d94b9c43620e05a9e2d3465bb7ed0c07493738434bcf058a73b22ab" + + "0fd6ade1b995b3129d791e3f3a9446d35d9fe521ba5f196f98e7b637132aaa2df424ddb4e372cb70ede1eacdf0b454de91ae279f" + + "ec3c16e268f262a169a2d9ecb27ac1ae177fa6f31f63991179b35e5a48d5cd0e369f50f92cf0327bde1cbd8125201b0c0e4c9242" + + "d416cf48a9ac9c367ab424999fdf3cf5faac259b302b68c417f1461380a57d4f6a5bad8e60ac2140af53f3b44b2e4a44383e597e" + + "f0d7594d2f8c74346a7759b13364bf7abe08663ed4d2ab92bd60231d71e63c125739c446c048e76b7157c644ad6e136f3078c79a" + + "27d505af22b25706c4cf1aec5cb9578e0d0f0471fabdbfc4504a4f971b2c68a4af75ff9a438b1e4c3507dd93c38dc8caa43e87c3" + + "95e27d9b23402671e1a8a6f9563ba8e9d00d2f99d77d25bdda2ac4fe363db138a6eeea4ec1a5ae104cc30b9e4f468799335157da" + + "a9f4c310ef0806ef1803d81db84f58b45639a1749c705594cf5dbbe6109af4711eb080af4edd0d0386c09676b705d3a0ccad5cc7" + + "b5f289a884ce649b5b00b46ad33ee43b0db8c0202cf1fdde4c3b61d5fec99e3024016ccdb0ff2d321f08781d08e4312de38245eb" + + "bc2af032d2a59e36be6467bc23456b4ac178d36cf9f45df5e833a1981ed1a1032679ea0a"); + + private static readonly string badHeaderData1 = + "-----BEGIN PGP MESSAGE-----\n" + + "Version: BCPG v1.32\n" + + "Comment: A dummy message\n" + + "Comment actually not really as there is no colon" + + " \t \t\n" + + "SGVsbG8gV29ybGQh\n" + + "=d9Xi\n" + + "-----END PGP MESSAGE-----\n"; + + private static readonly string badHeaderData2 = + "-----BEGIN PGP MESSAGE-----\n" + + "Comment actually not really as there is no colon" + + " \t \t\n" + + "SGVsbG8gV29ybGQh\n" + + "=d9Xi\n" + + "-----END PGP MESSAGE-----\n"; + + // See https://tests.sequoia-pgp.org/#Mangled_ASCII_Armored_Key (Blank line with '\t\r\v\f') + public static readonly string ARMOR_WITH_BACKSLASH_T_R_V_F = "" + + "-----BEGIN PGP PRIVATE KEY BLOCK-----\n" + + "Comment: Bob's OpenPGP Transferable Secret Key\n" + + " \t\n" + + "\u000B\f\n" + + "lQVYBF2lnPIBDAC5cL9PQoQLTMuhjbYvb4Ncuuo0bfmgPRFywX53jPhoFf4Zg6mv\n" + + "/seOXpgecTdOcVttfzC8ycIKrt3aQTiwOG/ctaR4Bk/t6ayNFfdUNxHWk4WCKzdz\n" + + "/56fW2O0F23qIRd8UUJp5IIlN4RDdRCtdhVQIAuzvp2oVy/LaS2kxQoKvph/5pQ/\n" + + "5whqsyroEWDJoSV0yOb25B/iwk/pLUFoyhDG9bj0kIzDxrEqW+7Ba8nocQlecMF3\n" + + "X5KMN5kp2zraLv9dlBBpWW43XktjcCZgMy20SouraVma8Je/ECwUWYUiAZxLIlMv\n" + + "9CurEOtxUw6N3RdOtLmYZS9uEnn5y1UkF88o8Nku890uk6BrewFzJyLAx5wRZ4F0\n" + + "qV/yq36UWQ0JB/AUGhHVPdFf6pl6eaxBwT5GXvbBUibtf8YI2og5RsgTWtXfU7eb\n" + + "SGXrl5ZMpbA6mbfhd0R8aPxWfmDWiIOhBufhMCvUHh1sApMKVZnvIff9/0Dca3wb\n" + + "vLIwa3T4CyshfT0AEQEAAQAL/RZqbJW2IqQDCnJi4Ozm++gPqBPiX1RhTWSjwxfM\n" + + "cJKUZfzLj414rMKm6Jh1cwwGY9jekROhB9WmwaaKT8HtcIgrZNAlYzANGRCM4TLK\n" + + "3VskxfSwKKna8l+s+mZglqbAjUg3wmFuf9Tj2xcUZYmyRm1DEmcN2ZzpvRtHgX7z\n" + + "Wn1mAKUlSDJZSQks0zjuMNbupcpyJokdlkUg2+wBznBOTKzgMxVNC9b2g5/tMPUs\n" + + "hGGWmF1UH+7AHMTaS6dlmr2ZBIyogdnfUqdNg5sZwsxSNrbglKP4sqe7X61uEAIQ\n" + + "bD7rT3LonLbhkrj3I8wilUD8usIwt5IecoHhd9HziqZjRCc1BUBkboUEoyedbDV4\n" + + "i4qfsFZ6CEWoLuD5pW7dEp0M+WeuHXO164Rc+LnH6i1VQrpb1Okl4qO6ejIpIjBI\n" + + "1t3GshtUu/mwGBBxs60KBX5g77mFQ9lLCRj8lSYqOsHRKBhUp4qM869VA+fD0BRP\n" + + "fqPT0I9IH4Oa/A3jYJcg622GwQYA1LhnP208Waf6PkQSJ6kyr8ymY1yVh9VBE/g6\n" + + "fRDYA+pkqKnw9wfH2Qho3ysAA+OmVOX8Hldg+Pc0Zs0e5pCavb0En8iFLvTA0Q2E\n" + + "LR5rLue9uD7aFuKFU/VdcddY9Ww/vo4k5p/tVGp7F8RYCFn9rSjIWbfvvZi1q5Tx\n" + + "+akoZbga+4qQ4WYzB/obdX6SCmi6BndcQ1QdjCCQU6gpYx0MddVERbIp9+2SXDyL\n" + + "hpxjSyz+RGsZi/9UAshT4txP4+MZBgDfK3ZqtW+h2/eMRxkANqOJpxSjMyLO/FXN\n" + + "WxzTDYeWtHNYiAlOwlQZEPOydZFty9IVzzNFQCIUCGjQ/nNyhw7adSgUk3+BXEx/\n" + + "MyJPYY0BYuhLxLYcrfQ9nrhaVKxRJj25SVHj2ASsiwGJRZW4CC3uw40OYxfKEvNC\n" + + "mer/VxM3kg8qqGf9KUzJ1dVdAvjyx2Hz6jY2qWCyRQ6IMjWHyd43C4r3jxooYKUC\n" + + "YnstRQyb/gCSKahveSEjo07CiXMr88UGALwzEr3npFAsPW3osGaFLj49y1oRe11E\n" + + "he9gCHFm+fuzbXrWmdPjYU5/ZdqdojzDqfu4ThfnipknpVUM1o6MQqkjM896FHm8\n" + + "zbKVFSMhEP6DPHSCexMFrrSgN03PdwHTO6iBaIBBFqmGY01tmJ03SxvSpiBPON9P\n" + + "NVvy/6UZFedTq8A07OUAxO62YUSNtT5pmK2vzs3SAZJmbFbMh+NN204TRI72GlqT\n" + + "t5hcfkuv8hrmwPS/ZR6q312mKQ6w/1pqO9qitCFCb2IgQmFiYmFnZSA8Ym9iQG9w\n" + + "ZW5wZ3AuZXhhbXBsZT6JAc4EEwEKADgCGwMFCwkIBwIGFQoJCAsCBBYCAwECHgEC\n" + + "F4AWIQTRpm4aI7GCyZgPeIz7/MgqAV5zMAUCXaWe+gAKCRD7/MgqAV5zMG9sC/9U\n" + + "2T3RrqEbw533FPNfEflhEVRIZ8gDXKM8hU6cqqEzCmzZT6xYTe6sv4y+PJBGXJFX\n" + + "yhj0g6FDkSyboM5litOcTupURObVqMgA/Y4UKERznm4fzzH9qek85c4ljtLyNufe\n" + + "doL2pp3vkGtn7eD0QFRaLLmnxPKQ/TlZKdLE1G3u8Uot8QHicaR6GnAdc5UXQJE3\n" + + "BiV7jZuDyWmZ1cUNwJkKL6oRtp+ZNDOQCrLNLecKHcgCqrpjSQG5oouba1I1Q6Vl\n" + + "sP44dhA1nkmLHtxlTOzpeHj4jnk1FaXmyasurrrI5CgU/L2Oi39DGKTH/A/cywDN\n" + + "4ZplIQ9zR8enkbXquUZvFDe+Xz+6xRXtb5MwQyWODB3nHw85HocLwRoIN9WdQEI+\n" + + "L8a/56AuOwhs8llkSuiITjR7r9SgKJC2WlAHl7E8lhJ3VDW3ELC56KH308d6mwOG\n" + + "ZRAqIAKzM1T5FGjMBhq7ZV0eqdEntBh3EcOIfj2M8rg1MzJv+0mHZOIjByawikad\n" + + "BVgEXaWc8gEMANYwv1xsYyunXYK0X1vY/rP1NNPvhLyLIE7NpK90YNBj+xS1ldGD\n" + + "bUdZqZeef2xJe8gMQg05DoD1DF3GipZ0Ies65beh+d5hegb7N4pzh0LzrBrVNHar\n" + + "29b5ExdI7i4iYD5TO6Vr/qTUOiAN/byqELEzAb+L+b2DVz/RoCm4PIp1DU9ewcc2\n" + + "WB38Ofqut3nLYA5tqJ9XvAiEQme+qAVcM3ZFcaMt4I4dXhDZZNg+D9LiTWcxdUPB\n" + + "leu8iwDRjAgyAhPzpFp+nWoqWA81uIiULWD1Fj+IVoY3ZvgivoYOiEFBJ9lbb4te\n" + + "g9m5UT/AaVDTWuHzbspVlbiVe+qyB77C2daWzNyx6UYBPLOo4r0t0c91kbNE5lgj\n" + + "Z7xz6los0N1U8vq91EFSeQJoSQ62XWavYmlCLmdNT6BNfgh4icLsT7Vr1QMX9jzn\n" + + "JtTPxdXytSdHvpSpULsqJ016l0dtmONcK3z9mj5N5z0k1tg1AH970TGYOe2aUcSx\n" + + "IRDMXDOPyzEfjwARAQABAAv9F2CwsjS+Sjh1M1vegJbZjei4gF1HHpEM0K0PSXsp\n" + + "SfVvpR4AoSJ4He6CXSMWg0ot8XKtDuZoV9jnJaES5UL9pMAD7JwIOqZm/DYVJM5h\n" + + "OASCh1c356/wSbFbzRHPtUdZO9Q30WFNJM5pHbCJPjtNoRmRGkf71RxtvHBzy7np\n" + + "Ga+W6U/NVKHw0i0CYwMI0YlKDakYW3Pm+QL+gHZFvngGweTod0f9l2VLLAmeQR/c\n" + + "+EZs7lNumhuZ8mXcwhUc9JQIhOkpO+wreDysEFkAcsKbkQP3UDUsA1gFx9pbMzT0\n" + + "tr1oZq2a4QBtxShHzP/ph7KLpN+6qtjks3xB/yjTgaGmtrwM8tSe0wD1RwXS+/1o\n" + + "BHpXTnQ7TfeOGUAu4KCoOQLv6ELpKWbRBLWuiPwMdbGpvVFALO8+kvKAg9/r+/ny\n" + + "zM2GQHY+J3Jh5JxPiJnHfXNZjIKLbFbIPdSKNyJBuazXW8xIa//mEHMI5OcvsZBK\n" + + "clAIp7LXzjEjKXIwHwDcTn9pBgDpdOKTHOtJ3JUKx0rWVsDH6wq6iKV/FTVSY5jl\n" + + "zN+puOEsskF1Lfxn9JsJihAVO3yNsp6RvkKtyNlFazaCVKtDAmkjoh60XNxcNRqr\n" + + "gCnwdpbgdHP6v/hvZY54ZaJjz6L2e8unNEkYLxDt8cmAyGPgH2XgL7giHIp9jrsQ\n" + + "aS381gnYwNX6wE1aEikgtY91nqJjwPlibF9avSyYQoMtEqM/1UjTjB2KdD/MitK5\n" + + "fP0VpvuXpNYZedmyq4UOMwdkiNMGAOrfmOeT0olgLrTMT5H97Cn3Yxbk13uXHNu/\n" + + "ZUZZNe8s+QtuLfUlKAJtLEUutN33TlWQY522FV0m17S+b80xJib3yZVJteVurrh5\n" + + "HSWHAM+zghQAvCesg5CLXa2dNMkTCmZKgCBvfDLZuZbjFwnwCI6u/NhOY9egKuUf\n" + + "SA/je/RXaT8m5VxLYMxwqQXKApzD87fv0tLPlVIEvjEsaf992tFEFSNPcG1l/jpd\n" + + "5AVXw6kKuf85UkJtYR1x2MkQDrqY1QX/XMw00kt8y9kMZUre19aCArcmor+hDhRJ\n" + + "E3Gt4QJrD9z/bICESw4b4z2DbgD/Xz9IXsA/r9cKiM1h5QMtXvuhyfVeM01enhxM\n" + + "GbOH3gjqqGNKysx0UODGEwr6AV9hAd8RWXMchJLaExK9J5SRawSg671ObAU24SdY\n" + + "vMQ9Z4kAQ2+1ReUZzf3ogSMRZtMT+d18gT6L90/y+APZIaoArLPhebIAGq39HLmJ\n" + + "26x3z0WAgrpA1kNsjXEXkoiZGPLKIGoe3hqJAbYEGAEKACAWIQTRpm4aI7GCyZgP\n" + + "eIz7/MgqAV5zMAUCXaWc8gIbDAAKCRD7/MgqAV5zMOn/C/9ugt+HZIwX308zI+QX\n" + + "c5vDLReuzmJ3ieE0DMO/uNSC+K1XEioSIZP91HeZJ2kbT9nn9fuReuoff0T0Dief\n" + + "rbwcIQQHFFkrqSp1K3VWmUGp2JrUsXFVdjy/fkBIjTd7c5boWljv/6wAsSfiv2V0\n" + + "JSM8EFU6TYXxswGjFVfc6X97tJNeIrXL+mpSmPPqy2bztcCCHkWS5lNLWQw+R7Vg\n" + + "71Fe6yBSNVrqC2/imYG2J9zlowjx1XU63Wdgqp2Wxt0l8OmsB/W80S1fRF5G4SDH\n" + + "s9HXglXXqPsBRZJYfP+VStm9L5P/sKjCcX6WtZR7yS6G8zj/X767MLK/djANvpPd\n" + + "NVniEke6hM3CNBXYPAMhQBMWhCulcoz+0lxi8L34rMN+Dsbma96psdUrn7uLaB91\n" + + "6we0CTfF8qqm7BsVAgalon/UUiuMY80U3ueoj3okiSTiHIjD/YtpXSPioC8nMng7\n" + + "xqAY9Bwizt4FWgXuLm1a4+So4V9j1TRCXd12Uc2l2RNmgDE=\n" + + "=miES\n" + + "-----END PGP PRIVATE KEY BLOCK-----"; + + private static readonly string ASCII_ARMOR_CRC_MISMATCH = "" + + "-----BEGIN PGP MESSAGE-----\n" + + "Version: FlowCrypt 5.0.4 Gmail Encryption flowcrypt.com\n" + + "Comment: Seamlessly send, receive and search encrypted email\n" + + "\n" + + "wcFMA+ADv/5v4RgKAQ/+K2rrAqhjMe9FLCfklI9Y30Woktg0Q/xe71EVw6WO\n" + + "tVD/VK+xv4CHzi+HojtE0U2F+vqoPSO0q5TN9giKPMTiK25PnCzfd7Q+zXiF\n" + + "j+5RSHTVJxC62qLHhtKsAQtC4asub8cQIFXbZz3Ns4+7jKtSWPcRqhKTurWv\n" + + "XVH0YAFJDsFYo26r2V9c+Ie0uoQPx8graEGpKO9GtoQjXMKK32oApuBSSlmS\n" + + "Q+nxyxMx1V+gxP4qgGBCxqkBFRYB/Ve6ygNHL1KxxCVTEw9pgnxJscn89Iio\n" + + "dO6qZ9EgIV0PVQN0Yw033MTgAhCHunlE/qXvDxib4tdihoNsLN0q5kdOeiMW\n" + + "+ntm3kphjMpQ6TMCUGtdS7UmvnadZ+dh5s785M8S9oY64mQd6QuYA2iy1IQv\n" + + "q3zpW4/ba2gqL36qCCw/OaruXpQ4NeBr3hMaJQjWgeSuMsQnNGYUn5Nn1+9X\n" + + "wtlithO8eLi3M1dg19dpDky8CacWfGgHD7SNsZ2zqFqyd1qtdFcit5ynQUHS\n" + + "IiJKeUknGv1dQAnPPJ1FdXyyqC/VDBZG6CNdnxjonmQDRh1YlqNwSnmrR/Sy\n" + + "X7n+nGra+/0EHJW6ohaSdep2jAwJDelq/DI1lqiN16ZXJ2/WH6pItA9tmkLU\n" + + "61QUz6qwPAnd0t6iy/YkOi2/s1+dwC0DwOcZoUPF8bTBwUwDS1ov/OYtlQEB\n" + + "D/46rCPRZrX34ipseTkZxtw3YPhbNkNHo95Mzh9lpeaaZIqtUg2yiFUnhwLi\n" + + "tYwyBCkXCb92l1GXXxGSmvSLDSKfQfIpZ0rV5j50MYKIpjSeJZyH/3qP+JXv\n" + + "Z47GsTp0z5/oNau5XQwuhLhUtRoZd1WS9ahSJ1akiKeYJroLbTg10fjL25yp\n" + + "iaoV16SqKA1H/JOuj6lT5z1nuez35JjeSpUc7ksdot60ZovMfWC+OGRnkYKb\n" + + "7KxFd7uaxL6uOBOFyvRxYeohKd73aVkiKpcWd4orI18FhlftFNAwIdsmfzNc\n" + + "mzTHZaUl89iYxEKR6ae6AKws1wzLq0noarsf2eKBVbTSfmK3S3xFqduKINnc\n" + + "e5Yb3F5adSj1dUjm1BZ4aqzsgKyBb+J8keG9ESsnFOyxOIUXDM1nIo1IOgzC\n" + + "M928Jb9GVa+uhdXRrb5cLjTihTusJN0I8oJrwKkwIpCJVgPMdDLkeubrMBQ4\n" + + "fbpl4V76sOU2Nx+6nG2FnFBFBFohOL+0nTK5/6Ns9ateN7K9VP++QcoeqfPk\n" + + "IUO3+lCZW+trTSvvFId3ziUVsPTeuAS+7nxSMfWZ/K9Ci6QV/Xnx3F/qSmuS\n" + + "AUm4zPQ1EjZf1N/5K+vhcCTN4MMx406VlqtedkXL2KPwZ6jDS/ww8RfcmPnD\n" + + "s94ct0WCZZtNlnQq+5h0ybwTJNLC2QFyrhhPqztVY95n9La2Mw5WITCWzg/d\n" + + "IBUceW/OwHYtePyaSQkCnegDw/2mN2/GC8d0OlwULcTYG6uVenGv2UOUbCr3\n" + + "Pfy/Eb/VqUEZK00PdvVQV7FWYAshuTFPTqidph04CgQvBpi3SDEEo8SkEIFS\n" + + "/iEeRQaWjFEXKUI3FwKXPJQWvFpbrXBOAjnxXXbAFYOLxdydmq1GVl9Mm3GU\n" + + "Clc9g6t9vaYDBPx2gN562/CM/nT8Vq45VHe79XkrrcHDwLn7yeHJScNFsib+\n" + + "VvwTPoUftlhC/ai21D403TsJpm7ZmPcDjagoIcXrS/lN03z79RBmSKFtYiXW\n" + + "4obkKSGow61vMBh2/XLVYKJKpYKm/GnVlJxA0zQVl558x8I/nAMaxSzwx+ZY\n" + + "waVU/s5PLZ7Ghg3MOguiRTlflKUQyL0A7NR46OjFgUnHAZRxr4KO3GoxVPy4\n" + + "XLeS4+Wl68s7QlV6WF1IKCHWEUMEeRRea2/OvvlS/oLs2MNNWDemlJ4SiXHf\n" + + "xINU38Txo84A00NALbKppsSyy9Gwj//rO/FcerupkfeuOm9nHFwIQeeC5bWD\n" + + "mmRlC90r2jY8gM/v3Jjy9h8PbXWxh9MUpc7/kAcTwdGlMxiVjE29p065qTRr\n" + + "Oi6sJ7pWuYTfWldZqTVmaBjlv0zuXQ8Eo8o/USvoTs+oihYIMcqReqdeqr/N\n" + + "e+sDtYKRg/LKp/JJ5nAQzVMP67DxkgwLNxx0ijBLysaQmvRlsiYWayxZB1Xd\n" + + "BxA2bjZRvsmww+hgSKNlcsiubJGBqfqvgmlebZuJHHSC1L6mdMYgcihKmYAj\n" + + "p+HFLyqgyeRVMdjRHcrEdxNPG4fJmlk1bYiVQQ4XAd72w+AHS/seZ5HzbAK0\n" + + "omuHYUD5PTEqZ1K9JObSsh3XMUkJK+z3BnrOxnTOOyG2r+4FxizH6rfz/Pgg\n" + + "sPxqxE9ELUlgQe8plcPFge6aN9tUoSe+vMtDaEAqKw9JwofBF7jlxTqMMvQC\n" + + "gWbn9x3W5o4VrnpjYGtPl8sh1QREu0A+0PUJAKL4A3GSMYRouGewLSMNJlOg\n" + + "/0pPF6qB+Fi4GJ7ju5C07tfr9z9UqRj09kDXJuoJd95NdSiCz6ndugn6gs8B\n" + + "Qf/XPxZVefeMLiB6p8pG0iZ/jcJjyYJLtTg6kA+1/ffmJPfH/76ZA9dgEJLj\n" + + "/W2u0Lp4NY8cwqcXuGKgl72TVJ34Iawl35Y0yr47k/7Y1vEQ5Q3bT7HP5A==\n" + + "=FdCC\n" + + "-----END PGP MESSAGE-----"; + + public static readonly string KEY_WITH_MISSING_CRC = "-----BEGIN PGP PRIVATE KEY BLOCK-----\n" + + "Comment: Bob's OpenPGP Transferable Secret Key\n" + + "\n" + + "lQVYBF2lnPIBDAC5cL9PQoQLTMuhjbYvb4Ncuuo0bfmgPRFywX53jPhoFf4Zg6mv\n" + + "/seOXpgecTdOcVttfzC8ycIKrt3aQTiwOG/ctaR4Bk/t6ayNFfdUNxHWk4WCKzdz\n" + + "/56fW2O0F23qIRd8UUJp5IIlN4RDdRCtdhVQIAuzvp2oVy/LaS2kxQoKvph/5pQ/\n" + + "5whqsyroEWDJoSV0yOb25B/iwk/pLUFoyhDG9bj0kIzDxrEqW+7Ba8nocQlecMF3\n" + + "X5KMN5kp2zraLv9dlBBpWW43XktjcCZgMy20SouraVma8Je/ECwUWYUiAZxLIlMv\n" + + "9CurEOtxUw6N3RdOtLmYZS9uEnn5y1UkF88o8Nku890uk6BrewFzJyLAx5wRZ4F0\n" + + "qV/yq36UWQ0JB/AUGhHVPdFf6pl6eaxBwT5GXvbBUibtf8YI2og5RsgTWtXfU7eb\n" + + "SGXrl5ZMpbA6mbfhd0R8aPxWfmDWiIOhBufhMCvUHh1sApMKVZnvIff9/0Dca3wb\n" + + "vLIwa3T4CyshfT0AEQEAAQAL/RZqbJW2IqQDCnJi4Ozm++gPqBPiX1RhTWSjwxfM\n" + + "cJKUZfzLj414rMKm6Jh1cwwGY9jekROhB9WmwaaKT8HtcIgrZNAlYzANGRCM4TLK\n" + + "3VskxfSwKKna8l+s+mZglqbAjUg3wmFuf9Tj2xcUZYmyRm1DEmcN2ZzpvRtHgX7z\n" + + "Wn1mAKUlSDJZSQks0zjuMNbupcpyJokdlkUg2+wBznBOTKzgMxVNC9b2g5/tMPUs\n" + + "hGGWmF1UH+7AHMTaS6dlmr2ZBIyogdnfUqdNg5sZwsxSNrbglKP4sqe7X61uEAIQ\n" + + "bD7rT3LonLbhkrj3I8wilUD8usIwt5IecoHhd9HziqZjRCc1BUBkboUEoyedbDV4\n" + + "i4qfsFZ6CEWoLuD5pW7dEp0M+WeuHXO164Rc+LnH6i1VQrpb1Okl4qO6ejIpIjBI\n" + + "1t3GshtUu/mwGBBxs60KBX5g77mFQ9lLCRj8lSYqOsHRKBhUp4qM869VA+fD0BRP\n" + + "fqPT0I9IH4Oa/A3jYJcg622GwQYA1LhnP208Waf6PkQSJ6kyr8ymY1yVh9VBE/g6\n" + + "fRDYA+pkqKnw9wfH2Qho3ysAA+OmVOX8Hldg+Pc0Zs0e5pCavb0En8iFLvTA0Q2E\n" + + "LR5rLue9uD7aFuKFU/VdcddY9Ww/vo4k5p/tVGp7F8RYCFn9rSjIWbfvvZi1q5Tx\n" + + "+akoZbga+4qQ4WYzB/obdX6SCmi6BndcQ1QdjCCQU6gpYx0MddVERbIp9+2SXDyL\n" + + "hpxjSyz+RGsZi/9UAshT4txP4+MZBgDfK3ZqtW+h2/eMRxkANqOJpxSjMyLO/FXN\n" + + "WxzTDYeWtHNYiAlOwlQZEPOydZFty9IVzzNFQCIUCGjQ/nNyhw7adSgUk3+BXEx/\n" + + "MyJPYY0BYuhLxLYcrfQ9nrhaVKxRJj25SVHj2ASsiwGJRZW4CC3uw40OYxfKEvNC\n" + + "mer/VxM3kg8qqGf9KUzJ1dVdAvjyx2Hz6jY2qWCyRQ6IMjWHyd43C4r3jxooYKUC\n" + + "YnstRQyb/gCSKahveSEjo07CiXMr88UGALwzEr3npFAsPW3osGaFLj49y1oRe11E\n" + + "he9gCHFm+fuzbXrWmdPjYU5/ZdqdojzDqfu4ThfnipknpVUM1o6MQqkjM896FHm8\n" + + "zbKVFSMhEP6DPHSCexMFrrSgN03PdwHTO6iBaIBBFqmGY01tmJ03SxvSpiBPON9P\n" + + "NVvy/6UZFedTq8A07OUAxO62YUSNtT5pmK2vzs3SAZJmbFbMh+NN204TRI72GlqT\n" + + "t5hcfkuv8hrmwPS/ZR6q312mKQ6w/1pqO9qitCFCb2IgQmFiYmFnZSA8Ym9iQG9w\n" + + "ZW5wZ3AuZXhhbXBsZT6JAc4EEwEKADgCGwMFCwkIBwIGFQoJCAsCBBYCAwECHgEC\n" + + "F4AWIQTRpm4aI7GCyZgPeIz7/MgqAV5zMAUCXaWe+gAKCRD7/MgqAV5zMG9sC/9U\n" + + "2T3RrqEbw533FPNfEflhEVRIZ8gDXKM8hU6cqqEzCmzZT6xYTe6sv4y+PJBGXJFX\n" + + "yhj0g6FDkSyboM5litOcTupURObVqMgA/Y4UKERznm4fzzH9qek85c4ljtLyNufe\n" + + "doL2pp3vkGtn7eD0QFRaLLmnxPKQ/TlZKdLE1G3u8Uot8QHicaR6GnAdc5UXQJE3\n" + + "BiV7jZuDyWmZ1cUNwJkKL6oRtp+ZNDOQCrLNLecKHcgCqrpjSQG5oouba1I1Q6Vl\n" + + "sP44dhA1nkmLHtxlTOzpeHj4jnk1FaXmyasurrrI5CgU/L2Oi39DGKTH/A/cywDN\n" + + "4ZplIQ9zR8enkbXquUZvFDe+Xz+6xRXtb5MwQyWODB3nHw85HocLwRoIN9WdQEI+\n" + + "L8a/56AuOwhs8llkSuiITjR7r9SgKJC2WlAHl7E8lhJ3VDW3ELC56KH308d6mwOG\n" + + "ZRAqIAKzM1T5FGjMBhq7ZV0eqdEntBh3EcOIfj2M8rg1MzJv+0mHZOIjByawikad\n" + + "BVgEXaWc8gEMANYwv1xsYyunXYK0X1vY/rP1NNPvhLyLIE7NpK90YNBj+xS1ldGD\n" + + "bUdZqZeef2xJe8gMQg05DoD1DF3GipZ0Ies65beh+d5hegb7N4pzh0LzrBrVNHar\n" + + "29b5ExdI7i4iYD5TO6Vr/qTUOiAN/byqELEzAb+L+b2DVz/RoCm4PIp1DU9ewcc2\n" + + "WB38Ofqut3nLYA5tqJ9XvAiEQme+qAVcM3ZFcaMt4I4dXhDZZNg+D9LiTWcxdUPB\n" + + "leu8iwDRjAgyAhPzpFp+nWoqWA81uIiULWD1Fj+IVoY3ZvgivoYOiEFBJ9lbb4te\n" + + "g9m5UT/AaVDTWuHzbspVlbiVe+qyB77C2daWzNyx6UYBPLOo4r0t0c91kbNE5lgj\n" + + "Z7xz6los0N1U8vq91EFSeQJoSQ62XWavYmlCLmdNT6BNfgh4icLsT7Vr1QMX9jzn\n" + + "JtTPxdXytSdHvpSpULsqJ016l0dtmONcK3z9mj5N5z0k1tg1AH970TGYOe2aUcSx\n" + + "IRDMXDOPyzEfjwARAQABAAv9F2CwsjS+Sjh1M1vegJbZjei4gF1HHpEM0K0PSXsp\n" + + "SfVvpR4AoSJ4He6CXSMWg0ot8XKtDuZoV9jnJaES5UL9pMAD7JwIOqZm/DYVJM5h\n" + + "OASCh1c356/wSbFbzRHPtUdZO9Q30WFNJM5pHbCJPjtNoRmRGkf71RxtvHBzy7np\n" + + "Ga+W6U/NVKHw0i0CYwMI0YlKDakYW3Pm+QL+gHZFvngGweTod0f9l2VLLAmeQR/c\n" + + "+EZs7lNumhuZ8mXcwhUc9JQIhOkpO+wreDysEFkAcsKbkQP3UDUsA1gFx9pbMzT0\n" + + "tr1oZq2a4QBtxShHzP/ph7KLpN+6qtjks3xB/yjTgaGmtrwM8tSe0wD1RwXS+/1o\n" + + "BHpXTnQ7TfeOGUAu4KCoOQLv6ELpKWbRBLWuiPwMdbGpvVFALO8+kvKAg9/r+/ny\n" + + "zM2GQHY+J3Jh5JxPiJnHfXNZjIKLbFbIPdSKNyJBuazXW8xIa//mEHMI5OcvsZBK\n" + + "clAIp7LXzjEjKXIwHwDcTn9pBgDpdOKTHOtJ3JUKx0rWVsDH6wq6iKV/FTVSY5jl\n" + + "zN+puOEsskF1Lfxn9JsJihAVO3yNsp6RvkKtyNlFazaCVKtDAmkjoh60XNxcNRqr\n" + + "gCnwdpbgdHP6v/hvZY54ZaJjz6L2e8unNEkYLxDt8cmAyGPgH2XgL7giHIp9jrsQ\n" + + "aS381gnYwNX6wE1aEikgtY91nqJjwPlibF9avSyYQoMtEqM/1UjTjB2KdD/MitK5\n" + + "fP0VpvuXpNYZedmyq4UOMwdkiNMGAOrfmOeT0olgLrTMT5H97Cn3Yxbk13uXHNu/\n" + + "ZUZZNe8s+QtuLfUlKAJtLEUutN33TlWQY522FV0m17S+b80xJib3yZVJteVurrh5\n" + + "HSWHAM+zghQAvCesg5CLXa2dNMkTCmZKgCBvfDLZuZbjFwnwCI6u/NhOY9egKuUf\n" + + "SA/je/RXaT8m5VxLYMxwqQXKApzD87fv0tLPlVIEvjEsaf992tFEFSNPcG1l/jpd\n" + + "5AVXw6kKuf85UkJtYR1x2MkQDrqY1QX/XMw00kt8y9kMZUre19aCArcmor+hDhRJ\n" + + "E3Gt4QJrD9z/bICESw4b4z2DbgD/Xz9IXsA/r9cKiM1h5QMtXvuhyfVeM01enhxM\n" + + "GbOH3gjqqGNKysx0UODGEwr6AV9hAd8RWXMchJLaExK9J5SRawSg671ObAU24SdY\n" + + "vMQ9Z4kAQ2+1ReUZzf3ogSMRZtMT+d18gT6L90/y+APZIaoArLPhebIAGq39HLmJ\n" + + "26x3z0WAgrpA1kNsjXEXkoiZGPLKIGoe3hqJAbYEGAEKACAWIQTRpm4aI7GCyZgP\n" + + "eIz7/MgqAV5zMAUCXaWc8gIbDAAKCRD7/MgqAV5zMOn/C/9ugt+HZIwX308zI+QX\n" + + "c5vDLReuzmJ3ieE0DMO/uNSC+K1XEioSIZP91HeZJ2kbT9nn9fuReuoff0T0Dief\n" + + "rbwcIQQHFFkrqSp1K3VWmUGp2JrUsXFVdjy/fkBIjTd7c5boWljv/6wAsSfiv2V0\n" + + "JSM8EFU6TYXxswGjFVfc6X97tJNeIrXL+mpSmPPqy2bztcCCHkWS5lNLWQw+R7Vg\n" + + "71Fe6yBSNVrqC2/imYG2J9zlowjx1XU63Wdgqp2Wxt0l8OmsB/W80S1fRF5G4SDH\n" + + "s9HXglXXqPsBRZJYfP+VStm9L5P/sKjCcX6WtZR7yS6G8zj/X767MLK/djANvpPd\n" + + "NVniEke6hM3CNBXYPAMhQBMWhCulcoz+0lxi8L34rMN+Dsbma96psdUrn7uLaB91\n" + + "6we0CTfF8qqm7BsVAgalon/UUiuMY80U3ueoj3okiSTiHIjD/YtpXSPioC8nMng7\n" + + "xqAY9Bwizt4FWgXuLm1a4+So4V9j1TRCXd12Uc2l2RNmgDE=\n" + + "-----END PGP PRIVATE KEY BLOCK-----"; + + public override string Name + { + get { return "ArmoredInputStream"; } + } + + public override void PerformTest() + { + try + { + PgpObjectFactory pgpObjectFactoryOfTestFile = new PgpObjectFactory( + new ArmoredInputStream(new MemoryStream( + Arrays.Concatenate( + Strings.ToByteArray("-----BEGIN PGP MESSAGE-----\n" + "Version: BCPG v1.32\n\n"), + bogusData), + false))); + pgpObjectFactoryOfTestFile.NextPgpObject(); // <-- EXCEPTION HERE + Fail("no exception"); + } + catch (IOException e) + { + IsTrue("invalid armor".Equals(e.Message)); + } + + try + { + PgpObjectFactory pgpObjectFactoryOfTestFile = new PgpObjectFactory( + new ArmoredInputStream(new MemoryStream( + Strings.ToByteArray(badHeaderData1), + false))); + Fail("no exception"); + } + catch (IOException e) + { + IsTrue("invalid armor header".Equals(e.Message)); + } + + try + { + PgpObjectFactory pgpObjectFactoryOfTestFile = new PgpObjectFactory( + new ArmoredInputStream(new MemoryStream( + Strings.ToByteArray(badHeaderData2), + false))); + Fail("no exception"); + } + catch (IOException e) + { + IsTrue("invalid armor header".Equals(e.Message)); + } + + DoBackslashTrvfTest(); + DoCrcErrorGetsThrownTest(); + DoIgnoreMissingCrcTest(); + } + + public void DoBackslashTrvfTest() + { + MemoryStream bIn = new MemoryStream(Strings.ToByteArray(ARMOR_WITH_BACKSLASH_T_R_V_F), false); + ArmoredInputStream armor = new ArmoredInputStream(bIn); + + try + { + PgpSecretKeyRing secretKey = new PgpSecretKeyRing(armor); + } + catch (IOException e) + { + Fail("Cannot parse armor containing blank line with '\\t\\r\\v\\f'.", e); + } + } + + private void DoCrcErrorGetsThrownTest() + { + MemoryStream bytesIn = new MemoryStream(Strings.ToByteArray(ASCII_ARMOR_CRC_MISMATCH), false); + ArmoredInputStream armorIn = new ArmoredInputStream(bytesIn); + MemoryStream bytesOut = new MemoryStream(); + + try + { + Streams.PipeAll(armorIn, bytesOut); + Fail("Expected IOException to be thrown due to CRC mismatch."); + } + catch (IOException e) + { + IsEquals("crc check failed in armored message.", e.Message); + } + } + + private void DoIgnoreMissingCrcTest() + { + MemoryStream data = new MemoryStream(Strings.ToByteArray(KEY_WITH_MISSING_CRC), false); + ArmoredInputStream armorIn = new ArmoredInputStream(data); + + try + { + Streams.Drain(armorIn); + } + catch (IOException e) + { + Fail("Missing CRC sum must be ignored.", e); + } + + data.Position = 0L; + armorIn = new ArmoredInputStream(data); + armorIn.SetDetectMissingCrc(false); + + try + { + Streams.Drain(armorIn); + } + catch (IOException e) + { + Fail("Missing CRC sum must be ignored.", e); + } + + data.Position = 0L; + armorIn = new ArmoredInputStream(data); + armorIn.SetDetectMissingCrc(true); + + try + { + Streams.Drain(armorIn); + Fail("Missing CRC sum MUST NOT be ignored."); + } + catch (IOException e) + { + IsEquals("crc check not found", e.Message); + // expected + } + } + + public static void Main(string[] args) + { + RunTest(new ArmoredInputStreamTest()); + } + + [Test] + public void TestFunction() + { + string resultText = Perform().ToString(); + + Assert.AreEqual(Name + ": Okay", resultText); + } + } +} diff --git a/BouncyCastle/crypto/test/src/openpgp/test/DSA2Test.cs b/BouncyCastle/crypto/test/src/openpgp/test/DSA2Test.cs new file mode 100644 index 0000000..883ae31 --- /dev/null +++ b/BouncyCastle/crypto/test/src/openpgp/test/DSA2Test.cs @@ -0,0 +1,237 @@ +using System; +using System.IO; +using System.Text; + +using NUnit.Framework; + +using Org.BouncyCastle.Utilities.Test; + +namespace Org.BouncyCastle.Bcpg.OpenPgp.Tests +{ + /** + * GPG compatability test vectors + */ + [TestFixture] + public class Dsa2Test + //extends TestCase + { + [Test] + public void TestK1024H160() + { + doSigVerifyTest("DSA-1024-160.pub", "dsa-1024-160-sign.gpg"); + } + + [Test] + public void TestK1024H224() + { + doSigVerifyTest("DSA-1024-160.pub", "dsa-1024-224-sign.gpg"); + } + + [Test] + public void TestK1024H256() + { + doSigVerifyTest("DSA-1024-160.pub", "dsa-1024-256-sign.gpg"); + } + + [Test] + public void TestK1024H384() + { + doSigVerifyTest("DSA-1024-160.pub", "dsa-1024-384-sign.gpg"); + } + + [Test] + public void TestK1024H512() + { + doSigVerifyTest("DSA-1024-160.pub", "dsa-1024-512-sign.gpg"); + } + + [Test] + public void TestK2048H224() + { + doSigVerifyTest("DSA-2048-224.pub", "dsa-2048-224-sign.gpg"); + } + + [Test] + public void TestK3072H256() + { + doSigVerifyTest("DSA-3072-256.pub", "dsa-3072-256-sign.gpg"); + } + + [Test] + public void TestK7680H384() + { + doSigVerifyTest("DSA-7680-384.pub", "dsa-7680-384-sign.gpg"); + } + + [Test] + public void TestK15360H512() + { + doSigVerifyTest("DSA-15360-512.pub", "dsa-15360-512-sign.gpg"); + } + + [Test] + public void TestGenerateK1024H224() + { + doSigGenerateTest("DSA-1024-160.sec", "DSA-1024-160.pub", HashAlgorithmTag.Sha224); + } + + [Test] + public void TestGenerateK1024H256() + { + doSigGenerateTest("DSA-1024-160.sec", "DSA-1024-160.pub", HashAlgorithmTag.Sha256); + } + + [Test] + public void TestGenerateK1024H384() + { + doSigGenerateTest("DSA-1024-160.sec", "DSA-1024-160.pub", HashAlgorithmTag.Sha384); + } + + [Test] + public void TestGenerateK1024H512() + { + doSigGenerateTest("DSA-1024-160.sec", "DSA-1024-160.pub", HashAlgorithmTag.Sha512); + } + + [Test] + public void TestGenerateK2048H256() + { + doSigGenerateTest("DSA-2048-224.sec", "DSA-2048-224.pub", HashAlgorithmTag.Sha256); + } + + [Test] + public void TestGenerateK2048H512() + { + doSigGenerateTest("DSA-2048-224.sec", "DSA-2048-224.pub", HashAlgorithmTag.Sha512); + } + + private void doSigGenerateTest( + string privateKeyFile, + string publicKeyFile, + HashAlgorithmTag digest) + { + PgpSecretKeyRing secRing = loadSecretKey(privateKeyFile); + PgpPublicKeyRing pubRing = loadPublicKey(publicKeyFile); + string data = "hello world!"; + byte[] dataBytes = Encoding.ASCII.GetBytes(data); + MemoryStream bOut = new MemoryStream(); + MemoryStream testIn = new MemoryStream(dataBytes, false); + PgpSignatureGenerator sGen = new PgpSignatureGenerator(PublicKeyAlgorithmTag.Dsa, digest); + + sGen.InitSign(PgpSignature.BinaryDocument, secRing.GetSecretKey().ExtractPrivateKey("test".ToCharArray())); + + BcpgOutputStream bcOut = new BcpgOutputStream(bOut); + + sGen.GenerateOnePassVersion(false).Encode(bcOut); + + PgpLiteralDataGenerator lGen = new PgpLiteralDataGenerator(); + +// Date testDate = new Date((System.currentTimeMillis() / 1000) * 1000); + DateTime testDate = new DateTime( + (DateTime.UtcNow.Ticks / TimeSpan.TicksPerSecond) * TimeSpan.TicksPerSecond); + + Stream lOut = lGen.Open( + new UncloseableStream(bcOut), + PgpLiteralData.Binary, + "_CONSOLE", + dataBytes.Length, + testDate); + + int ch; + while ((ch = testIn.ReadByte()) >= 0) + { + lOut.WriteByte((byte)ch); + sGen.Update((byte)ch); + } + + lGen.Close(); + + sGen.Generate().Encode(bcOut); + + PgpObjectFactory pgpFact = new PgpObjectFactory(bOut.ToArray()); + PgpOnePassSignatureList p1 = (PgpOnePassSignatureList)pgpFact.NextPgpObject(); + PgpOnePassSignature ops = p1[0]; + + Assert.AreEqual(digest, ops.HashAlgorithm); + Assert.AreEqual(PublicKeyAlgorithmTag.Dsa, ops.KeyAlgorithm); + + PgpLiteralData p2 = (PgpLiteralData)pgpFact.NextPgpObject(); + if (!p2.ModificationTime.Equals(testDate)) + { + Assert.Fail("Modification time not preserved"); + } + + Stream dIn = p2.GetInputStream(); + + ops.InitVerify(pubRing.GetPublicKey()); + + while ((ch = dIn.ReadByte()) >= 0) + { + ops.Update((byte)ch); + } + + PgpSignatureList p3 = (PgpSignatureList)pgpFact.NextPgpObject(); + PgpSignature sig = p3[0]; + + Assert.AreEqual(digest, sig.HashAlgorithm); + Assert.AreEqual(PublicKeyAlgorithmTag.Dsa, sig.KeyAlgorithm); + + Assert.IsTrue(ops.Verify(sig)); + } + + private void doSigVerifyTest( + string publicKeyFile, + string sigFile) + { + PgpPublicKeyRing publicKey = loadPublicKey(publicKeyFile); + PgpObjectFactory pgpFact = loadSig(sigFile); + + PgpCompressedData c1 = (PgpCompressedData)pgpFact.NextPgpObject(); + + pgpFact = new PgpObjectFactory(c1.GetDataStream()); + + PgpOnePassSignatureList p1 = (PgpOnePassSignatureList)pgpFact.NextPgpObject(); + PgpOnePassSignature ops = p1[0]; + + PgpLiteralData p2 = (PgpLiteralData)pgpFact.NextPgpObject(); + + Stream dIn = p2.GetInputStream(); + + ops.InitVerify(publicKey.GetPublicKey()); + + int ch; + while ((ch = dIn.ReadByte()) >= 0) + { + ops.Update((byte)ch); + } + + PgpSignatureList p3 = (PgpSignatureList)pgpFact.NextPgpObject(); + + Assert.IsTrue(ops.Verify(p3[0])); + } + + private PgpObjectFactory loadSig( + string sigName) + { + Stream fIn = SimpleTest.GetTestDataAsStream("openpgp.dsa.sigs." + sigName); + + return new PgpObjectFactory(fIn); + } + + private PgpPublicKeyRing loadPublicKey( + string keyName) + { + Stream fIn = SimpleTest.GetTestDataAsStream("openpgp.dsa.keys." + keyName); + + return new PgpPublicKeyRing(fIn); + } + + private PgpSecretKeyRing loadSecretKey( + string keyName) + { + Stream fIn = SimpleTest.GetTestDataAsStream("openpgp.dsa.keys." + keyName); + + return new PgpSecretKeyRing(fIn); + } + } +} diff --git a/BouncyCastle/crypto/test/src/openpgp/test/IgnoreMarkerPacketInCertificatesTest.cs b/BouncyCastle/crypto/test/src/openpgp/test/IgnoreMarkerPacketInCertificatesTest.cs new file mode 100644 index 0000000..1de5f8b --- /dev/null +++ b/BouncyCastle/crypto/test/src/openpgp/test/IgnoreMarkerPacketInCertificatesTest.cs @@ -0,0 +1,119 @@ +using System; +using System.Collections; +using System.IO; +using System.Text; + +using NUnit.Framework; + +using Org.BouncyCastle.Math; +using Org.BouncyCastle.Utilities.Test; + +namespace Org.BouncyCastle.Bcpg.OpenPgp.Tests +{ + [TestFixture] + public class IgnoreMarkerPacketInCertificatesTest + : SimpleTest + { + // [PUBLIC KEY, MARKER, USER-ID, SIGNATURE, SUBKEY, SIGNATURE] + private static readonly string CERT_WITH_MARKER = "" + + "-----BEGIN PGP PUBLIC KEY BLOCK-----\n" + + "\n" + + "xsDNBF2lnPIBDAC5cL9PQoQLTMuhjbYvb4Ncuuo0bfmgPRFywX53jPhoFf4Zg6mv\n" + + "/seOXpgecTdOcVttfzC8ycIKrt3aQTiwOG/ctaR4Bk/t6ayNFfdUNxHWk4WCKzdz\n" + + "/56fW2O0F23qIRd8UUJp5IIlN4RDdRCtdhVQIAuzvp2oVy/LaS2kxQoKvph/5pQ/\n" + + "5whqsyroEWDJoSV0yOb25B/iwk/pLUFoyhDG9bj0kIzDxrEqW+7Ba8nocQlecMF3\n" + + "X5KMN5kp2zraLv9dlBBpWW43XktjcCZgMy20SouraVma8Je/ECwUWYUiAZxLIlMv\n" + + "9CurEOtxUw6N3RdOtLmYZS9uEnn5y1UkF88o8Nku890uk6BrewFzJyLAx5wRZ4F0\n" + + "qV/yq36UWQ0JB/AUGhHVPdFf6pl6eaxBwT5GXvbBUibtf8YI2og5RsgTWtXfU7eb\n" + + "SGXrl5ZMpbA6mbfhd0R8aPxWfmDWiIOhBufhMCvUHh1sApMKVZnvIff9/0Dca3wb\n" + + "vLIwa3T4CyshfT0AEQEAAcoDUEdQzSFCb2IgQmFiYmFnZSA8Ym9iQG9wZW5wZ3Au\n" + + "ZXhhbXBsZT7CwQ4EEwEKADgCGwMFCwkIBwIGFQoJCAsCBBYCAwECHgECF4AWIQTR\n" + + "pm4aI7GCyZgPeIz7/MgqAV5zMAUCXaWe+gAKCRD7/MgqAV5zMG9sC/9U2T3RrqEb\n" + + "w533FPNfEflhEVRIZ8gDXKM8hU6cqqEzCmzZT6xYTe6sv4y+PJBGXJFXyhj0g6FD\n" + + "kSyboM5litOcTupURObVqMgA/Y4UKERznm4fzzH9qek85c4ljtLyNufedoL2pp3v\n" + + "kGtn7eD0QFRaLLmnxPKQ/TlZKdLE1G3u8Uot8QHicaR6GnAdc5UXQJE3BiV7jZuD\n" + + "yWmZ1cUNwJkKL6oRtp+ZNDOQCrLNLecKHcgCqrpjSQG5oouba1I1Q6VlsP44dhA1\n" + + "nkmLHtxlTOzpeHj4jnk1FaXmyasurrrI5CgU/L2Oi39DGKTH/A/cywDN4ZplIQ9z\n" + + "R8enkbXquUZvFDe+Xz+6xRXtb5MwQyWODB3nHw85HocLwRoIN9WdQEI+L8a/56Au\n" + + "Owhs8llkSuiITjR7r9SgKJC2WlAHl7E8lhJ3VDW3ELC56KH308d6mwOGZRAqIAKz\n" + + "M1T5FGjMBhq7ZV0eqdEntBh3EcOIfj2M8rg1MzJv+0mHZOIjByawikbOwM0EXaWc\n" + + "8gEMANYwv1xsYyunXYK0X1vY/rP1NNPvhLyLIE7NpK90YNBj+xS1ldGDbUdZqZee\n" + + "f2xJe8gMQg05DoD1DF3GipZ0Ies65beh+d5hegb7N4pzh0LzrBrVNHar29b5ExdI\n" + + "7i4iYD5TO6Vr/qTUOiAN/byqELEzAb+L+b2DVz/RoCm4PIp1DU9ewcc2WB38Ofqu\n" + + "t3nLYA5tqJ9XvAiEQme+qAVcM3ZFcaMt4I4dXhDZZNg+D9LiTWcxdUPBleu8iwDR\n" + + "jAgyAhPzpFp+nWoqWA81uIiULWD1Fj+IVoY3ZvgivoYOiEFBJ9lbb4teg9m5UT/A\n" + + "aVDTWuHzbspVlbiVe+qyB77C2daWzNyx6UYBPLOo4r0t0c91kbNE5lgjZ7xz6los\n" + + "0N1U8vq91EFSeQJoSQ62XWavYmlCLmdNT6BNfgh4icLsT7Vr1QMX9jznJtTPxdXy\n" + + "tSdHvpSpULsqJ016l0dtmONcK3z9mj5N5z0k1tg1AH970TGYOe2aUcSxIRDMXDOP\n" + + "yzEfjwARAQABwsD2BBgBCgAgFiEE0aZuGiOxgsmYD3iM+/zIKgFeczAFAl2lnPIC\n" + + "GwwACgkQ+/zIKgFeczDp/wv/boLfh2SMF99PMyPkF3Obwy0Xrs5id4nhNAzDv7jU\n" + + "gvitVxIqEiGT/dR3mSdpG0/Z5/X7kXrqH39E9A4nn628HCEEBxRZK6kqdSt1VplB\n" + + "qdia1LFxVXY8v35ASI03e3OW6FpY7/+sALEn4r9ldCUjPBBVOk2F8bMBoxVX3Ol/\n" + + "e7STXiK1y/pqUpjz6stm87XAgh5FkuZTS1kMPke1YO9RXusgUjVa6gtv4pmBtifc\n" + + "5aMI8dV1Ot1nYKqdlsbdJfDprAf1vNEtX0ReRuEgx7PR14JV16j7AUWSWHz/lUrZ\n" + + "vS+T/7CownF+lrWUe8kuhvM4/1++uzCyv3YwDb6T3TVZ4hJHuoTNwjQV2DwDIUAT\n" + + "FoQrpXKM/tJcYvC9+KzDfg7G5mveqbHVK5+7i2gfdesHtAk3xfKqpuwbFQIGpaJ/\n" + + "1FIrjGPNFN7nqI96JIkk4hyIw/2LaV0j4qAvJzJ4O8agGPQcIs7eBVoF7i5tWuPk\n" + + "qOFfY9U0Ql3ddlHNpdkTZoAx\n" + + "=6mfA\n" + + "-----END PGP PUBLIC KEY BLOCK-----"; + + public override string Name + { + get { return "IgnoreMarkerPacketInCertificatesTest"; } + } + + public override void PerformTest() + { + ArmoredInputStream armorIn = new ArmoredInputStream( + new MemoryStream(Encoding.UTF8.GetBytes(CERT_WITH_MARKER), false)); + PgpObjectFactory objectFactory = new PgpObjectFactory(armorIn); + + PgpPublicKeyRing certificate = (PgpPublicKeyRing)objectFactory.NextPgpObject(); + IsEquals("Bob Babbage ", First(certificate.GetPublicKey().GetUserIds())); + IEnumerable publicKeys = certificate.GetPublicKeys(); + IEnumerator publicKeyEnum = publicKeys.GetEnumerator(); + IsTrue(publicKeyEnum.MoveNext()); + PgpPublicKey primaryKey = (PgpPublicKey)publicKeyEnum.Current; + IsEquals(new BigInteger("FBFCC82A015E7330", 16).LongValue, primaryKey.KeyId); + IEnumerable signatures = primaryKey.GetSignatures(); + IsEquals(1, Count(signatures)); + + IsTrue(publicKeyEnum.MoveNext()); + PgpPublicKey subkey = (PgpPublicKey)publicKeyEnum.Current; + IsEquals(new BigInteger("7C2FAA4DF93C37B2", 16).LongValue, subkey.KeyId); + signatures = subkey.GetSignatures(); + IsEquals(1, Count(signatures)); + } + + public static void Main(string[] args) + { + RunTest(new IgnoreMarkerPacketInCertificatesTest()); + } + + [Test] + public void TestFunction() + { + string resultText = Perform().ToString(); + + Assert.AreEqual(Name + ": Okay", resultText); + } + + private int Count(IEnumerable e) + { + int count = 0; + foreach (object o in e) + { + ++count; + } + return count; + } + + private object First(IEnumerable e) + { + IEnumerator enumerator = e.GetEnumerator(); + IsTrue(enumerator.MoveNext()); + return enumerator.Current; + } + } +} diff --git a/BouncyCastle/crypto/test/src/openpgp/test/PGPArmoredTest.cs b/BouncyCastle/crypto/test/src/openpgp/test/PGPArmoredTest.cs new file mode 100644 index 0000000..1f1cbf3 --- /dev/null +++ b/BouncyCastle/crypto/test/src/openpgp/test/PGPArmoredTest.cs @@ -0,0 +1,311 @@ +using System; +using System.IO; +using System.Text; + +using NUnit.Framework; + +using Org.BouncyCastle.Utilities; +using Org.BouncyCastle.Utilities.Encoders; +using Org.BouncyCastle.Utilities.Test; + +namespace Org.BouncyCastle.Bcpg.OpenPgp.Tests +{ + [TestFixture] + public class PgpArmoredTest + : SimpleTest + { + private static readonly byte[] sample = Base64.Decode( + "mQGiBEA83v0RBADzKVLVCnpWQxX0LCsevw/3OLs0H7MOcLBQ4wMO9sYmzGYn" + + "xpVj+4e4PiCP7QBayWyy4lugL6Lnw7tESvq3A4v3fefcxaCTkJrryiKn4+Cg" + + "y5rIBbrSKNtCEhVi7xjtdnDjP5kFKgHYjVOeIKn4Cz/yzPG3qz75kDknldLf" + + "yHxp2wCgwW1vAE5EnZU4/UmY7l8kTNkMltMEAJP4/uY4zcRwLI9Q2raPqAOJ" + + "TYLd7h+3k/BxI0gIw96niQ3KmUZDlobbWBI+VHM6H99vcttKU3BgevNf8M9G" + + "x/AbtW3SS4De64wNSU3189XDG8vXf0vuyW/K6Pcrb8exJWY0E1zZQ1WXT0gZ" + + "W0kH3g5ro//Tusuil9q2lVLF2ovJA/0W+57bPzi318dWeNs0tTq6Njbc/GTG" + + "FUAVJ8Ss5v2u6h7gyJ1DB334ExF/UdqZGldp0ugkEXaSwBa2R7d3HBgaYcoP" + + "Ck1TrovZzEY8gm7JNVy7GW6mdOZuDOHTxyADEEP2JPxh6eRcZbzhGuJuYIif" + + "IIeLOTI5Dc4XKeV32a+bWrQidGVzdCAoVGVzdCBrZXkpIDx0ZXN0QHViaWNh" + + "bGwuY29tPohkBBMRAgAkBQJAPN79AhsDBQkB4TOABgsJCAcDAgMVAgMDFgIB" + + "Ah4BAheAAAoJEJh8Njfhe8KmGDcAoJWr8xgPr75y/Cp1kKn12oCCOb8zAJ4p" + + "xSvk4K6tB2jYbdeSrmoWBZLdMLACAAC5AQ0EQDzfARAEAJeUAPvUzJJbKcc5" + + "5Iyb13+Gfb8xBWE3HinQzhGr1v6A1aIZbRj47UPAD/tQxwz8VAwJySx82ggN" + + "LxCk4jW9YtTL3uZqfczsJngV25GoIN10f4/j2BVqZAaX3q79a3eMiql1T0oE" + + "AGmD7tO1LkTvWfm3VvA0+t8/6ZeRLEiIqAOHAAQNBACD0mVMlAUgd7REYy/1" + + "mL99Zlu9XU0uKyUex99sJNrcx1aj8rIiZtWaHz6CN1XptdwpDeSYEOFZ0PSu" + + "qH9ByM3OfjU/ya0//xdvhwYXupn6P1Kep85efMBA9jUv/DeBOzRWMFG6sC6y" + + "k8NGG7Swea7EHKeQI40G3jgO/+xANtMyTIhPBBgRAgAPBQJAPN8BAhsMBQkB" + + "4TOAAAoJEJh8Njfhe8KmG7kAn00mTPGJCWqmskmzgdzeky5fWd7rAKCNCp3u" + + "ZJhfg0htdgAfIy8ppm05vLACAAA="); + + private static readonly byte[] marker = Hex.Decode("2d2d2d2d2d454e4420504750205055424c4943204b455920424c4f434b2d2d2d2d2d"); + + // Contains "Hello World!" as an armored message + // The 'blank line' after the headers contains (legal) whitespace - see RFC2440 6.2 + private static readonly string blankLineData = + "-----BEGIN PGP MESSAGE-----\n" + + "Version: BCPG v1.32\n" + + "Comment: A dummy message\n" + + " \t \t\n" + + "SGVsbG8gV29ybGQh\n" + + "=d9Xi\n" + + "-----END PGP MESSAGE-----\n"; + + private int markerCount( + byte[] data) + { + int ind = 0; + int matches = 0; + + while (ind < data.Length) + { + if (data[ind] == 0x2d) + { + int count = 0; + while (count < marker.Length) + { + if (data[ind + count] != marker[count]) + { + break; + } + count++; + } + + if (count == marker.Length) + { + matches++; + } + + // TODO Is this correct? + ind += count; + } + else + { + ind++; + } + } + + return matches; + } + + private void pgpUtilTest() + { + // check decoder exception isn't escaping. + MemoryStream bIn = new MemoryStream(Strings.ToByteArray("abcde"), false); + + try + { + PgpUtilities.GetDecoderStream(bIn); + Fail("no exception"); + } + catch (IOException) + { + // expected: ignore. + } + } + + private void blankLineTest() + { + byte[] blankLineBytes = Encoding.ASCII.GetBytes(blankLineData); + MemoryStream bIn = new MemoryStream(blankLineBytes, false); + ArmoredInputStream aIn = new ArmoredInputStream(bIn, true); + + MemoryStream bOut = new MemoryStream(); + int c; + while ((c = aIn.ReadByte()) >= 0) + { + bOut.WriteByte((byte)c); + } + + byte[] expected = Encoding.ASCII.GetBytes("Hello World!"); + + if (!Arrays.AreEqual(expected, bOut.ToArray())) + { + Fail("Incorrect message retrieved in blank line test."); + } + } + + private void repeatHeaderTest() + { + MemoryStream bOut = new MemoryStream(); + ArmoredOutputStream aOut = new ArmoredOutputStream(bOut); + + aOut.SetHeader("Comment", "Line 1"); + aOut.AddHeader("Comment", "Line 2"); + + aOut.Write(sample, 0, sample.Length); + + aOut.Close(); + + MemoryStream bIn = new MemoryStream(bOut.ToArray(), false); + ArmoredInputStream aIn = new ArmoredInputStream(bIn, true); + + string[] hdrs = aIn.GetArmorHeaders(); + int count = 0; + + for (int i = 0; i != hdrs.Length; i++) + { + if (hdrs[i].IndexOf("Comment: ") == 0) + { + count++; + } + } + + IsEquals(2, count); + } + + public override void PerformTest() + { + // + // test immediate close + // + MemoryStream bOut = new MemoryStream(); + ArmoredOutputStream aOut = new ArmoredOutputStream(bOut); + + aOut.Close(); + + byte[] data = bOut.ToArray(); + + if (data.Length != 0) + { + Fail("No data should have been written"); + } + + // + // multiple close + // + bOut = new MemoryStream(); + aOut = new ArmoredOutputStream(bOut); + + aOut.Write(sample, 0, sample.Length); + + aOut.Close(); + aOut.Close(); + + int mc = markerCount(bOut.ToArray()); + + if (mc < 1) + { + Fail("No end marker found"); + } + + if (mc > 1) + { + Fail("More than one end marker found"); + } + + // + // writing and reading single objects + // + bOut = new MemoryStream(); + aOut = new ArmoredOutputStream(bOut); + + aOut.Write(sample, 0, sample.Length); + + aOut.Close(); + + ArmoredInputStream aIn = new ArmoredInputStream( + new MemoryStream(bOut.ToArray(), false)); + + PgpObjectFactory fact = new PgpObjectFactory(aIn); + int count = 0; + + while (fact.NextPgpObject() != null) + { + count++; + } + + if (count != 1) + { + Fail("wrong number of objects found: " + count); + } + + // + // writing and reading multiple objects - in single block + // + bOut = new MemoryStream(); + aOut = new ArmoredOutputStream(bOut); + + aOut.Write(sample, 0, sample.Length); + aOut.Write(sample, 0, sample.Length); + + aOut.Close(); + + aIn = new ArmoredInputStream( + new MemoryStream(bOut.ToArray(), false)); + + fact = new PgpObjectFactory(aIn); + count = 0; + + while (fact.NextPgpObject() != null) + { + count++; + } + + if (count != 2) + { + Fail("wrong number of objects found: " + count); + } + + // + // writing and reading multiple objects - in single block + // + bOut = new MemoryStream(); + aOut = new ArmoredOutputStream(bOut); + + aOut.Write(sample, 0, sample.Length); + + aOut.Close(); // does not close underlying stream + + aOut = new ArmoredOutputStream(bOut); + + aOut.Write(sample, 0, sample.Length); + + aOut.Close(); + + aIn = new ArmoredInputStream( + new MemoryStream(bOut.ToArray(), false)); + + count = 0; + bool atLeastOne; + do + { + atLeastOne = false; + fact = new PgpObjectFactory(aIn); + + while (fact.NextPgpObject() != null) + { + atLeastOne = true; + count++; + } + } + while (atLeastOne); + + if (count != 2) + { + Fail("wrong number of objects found: " + count); + } + + blankLineTest(); + pgpUtilTest(); + repeatHeaderTest(); + } + + public override string Name + { + get { return "PgpArmoredTest"; } + } + + public static void Main(string[] args) + { + RunTest(new PgpArmoredTest()); + } + + [Test] + public void TestFunction() + { + string resultText = Perform().ToString(); + + Assert.AreEqual(Name + ": Okay", resultText); + } + } +} diff --git a/BouncyCastle/crypto/test/src/openpgp/test/PGPClearSignedSignatureTest.cs b/BouncyCastle/crypto/test/src/openpgp/test/PGPClearSignedSignatureTest.cs new file mode 100644 index 0000000..6ed632a --- /dev/null +++ b/BouncyCastle/crypto/test/src/openpgp/test/PGPClearSignedSignatureTest.cs @@ -0,0 +1,444 @@ +using System; +using System.Collections; +using System.IO; +using System.Text; + +using NUnit.Framework; + +using Org.BouncyCastle.Utilities.Test; +using Org.BouncyCastle.Utilities.Encoders; + +namespace Org.BouncyCastle.Bcpg.OpenPgp.Tests +{ + [TestFixture] + public class PgpClearSignedSignatureTest + : SimpleTest + { + private static readonly byte[] publicKey = Base64.Decode( + "mQELBEQh2+wBCAD26kte0hO6flr7Y2aetpPYutHY4qsmDPy+GwmmqVeCDkX+" + + "r1g7DuFbMhVeu0NkKDnVl7GsJ9VarYsFYyqu0NzLa9XS2qlTIkmJV+2/xKa1" + + "tzjn18fT/cnAWL88ZLCOWUr241aPVhLuIc6vpHnySpEMkCh4rvMaimnTrKwO" + + "42kgeDGd5cXfs4J4ovRcTbc4hmU2BRVsRjiYMZWWx0kkyL2zDVyaJSs4yVX7" + + "Jm4/LSR1uC/wDT0IJJuZT/gQPCMJNMEsVCziRgYkAxQK3OWojPSuv4rXpyd4" + + "Gvo6IbvyTgIskfpSkCnQtORNLIudQSuK7pW+LkL62N+ohuKdMvdxauOnAAYp" + + "tBNnZ2dnZ2dnZyA8Z2dnQGdnZ2c+iQE2BBMBAgAgBQJEIdvsAhsDBgsJCAcD" + + "AgQVAggDBBYCAwECHgECF4AACgkQ4M/Ier3f9xagdAf/fbKWBjLQM8xR7JkR" + + "P4ri8YKOQPhK+VrddGUD59/wzVnvaGyl9MZE7TXFUeniQq5iXKnm22EQbYch" + + "v2Jcxyt2H9yptpzyh4tP6tEHl1C887p2J4qe7F2ATua9CzVGwXQSUbKtj2fg" + + "UZP5SsNp25guhPiZdtkf2sHMeiotmykFErzqGMrvOAUThrO63GiYsRk4hF6r" + + "cQ01d+EUVpY/sBcCxgNyOiB7a84sDtrxnX5BTEZDTEj8LvuEyEV3TMUuAjx1" + + "7Eyd+9JtKzwV4v3hlTaWOvGro9nPS7YaPuG+RtufzXCUJPbPfTjTvtGOqvEz" + + "oztls8tuWA0OGHba9XfX9rfgorACAAM="); + + private static readonly byte[] secretKey = Base64.Decode( + "lQOWBEQh2+wBCAD26kte0hO6flr7Y2aetpPYutHY4qsmDPy+GwmmqVeCDkX+" + + "r1g7DuFbMhVeu0NkKDnVl7GsJ9VarYsFYyqu0NzLa9XS2qlTIkmJV+2/xKa1" + + "tzjn18fT/cnAWL88ZLCOWUr241aPVhLuIc6vpHnySpEMkCh4rvMaimnTrKwO" + + "42kgeDGd5cXfs4J4ovRcTbc4hmU2BRVsRjiYMZWWx0kkyL2zDVyaJSs4yVX7" + + "Jm4/LSR1uC/wDT0IJJuZT/gQPCMJNMEsVCziRgYkAxQK3OWojPSuv4rXpyd4" + + "Gvo6IbvyTgIskfpSkCnQtORNLIudQSuK7pW+LkL62N+ohuKdMvdxauOnAAYp" + + "AAf+JCJJeAXEcrTVHotsrRR5idzmg6RK/1MSQUijwPmP7ZGy1BmpAmYUfbxn" + + "B56GvXyFV3Pbj9PgyJZGS7cY+l0BF4ZqN9USiQtC9OEpCVT5LVMCFXC/lahC" + + "/O3EkjQy0CYK+GwyIXa+Flxcr460L/Hvw2ZEXJZ6/aPdiR+DU1l5h99Zw8V1" + + "Y625MpfwN6ufJfqE0HLoqIjlqCfi1iwcKAK2oVx2SwnT1W0NwUUXjagGhD2s" + + "VzJVpLqhlwmS0A+RE9Niqrf80/zwE7QNDF2DtHxmMHJ3RY/pfu5u1rrFg9YE" + + "lmS60mzOe31CaD8Li0k5YCJBPnmvM9mN3/DWWprSZZKtmQQA96C2/VJF5EWm" + + "+/Yxi5J06dG6Bkz311Ui4p2zHm9/4GvTPCIKNpGx9Zn47YFD3tIg3fIBVPOE" + + "ktG38pEPx++dSSFF9Ep5UgmYFNOKNUVq3yGpatBtCQBXb1LQLAMBJCJ5TQmk" + + "68hMOEaqjMHSOa18cS63INgA6okb/ueAKIHxYQcEAP9DaXu5n9dZQw7pshbN" + + "Nu/T5IP0/D/wqM+W5r+j4P1N7PgiAnfKA4JjKrUgl8PGnI2qM/Qu+g3qK++c" + + "F1ESHasnJPjvNvY+cfti06xnJVtCB/EBOA2UZkAr//Tqa76xEwYAWRBnO2Y+" + + "KIVOT+nMiBFkjPTrNAD6fSr1O4aOueBhBAC6aA35IfjC2h5MYk8+Z+S4io2o" + + "mRxUZ/dUuS+kITvWph2e4DT28Xpycpl2n1Pa5dCDO1lRqe/5JnaDYDKqxfmF" + + "5tTG8GR4d4nVawwLlifXH5Ll7t5NcukGNMCsGuQAHMy0QHuAaOvMdLs5kGHn" + + "8VxfKEVKhVrXsvJSwyXXSBtMtUcRtBNnZ2dnZ2dnZyA8Z2dnQGdnZ2c+iQE2" + + "BBMBAgAgBQJEIdvsAhsDBgsJCAcDAgQVAggDBBYCAwECHgECF4AACgkQ4M/I" + + "er3f9xagdAf/fbKWBjLQM8xR7JkRP4ri8YKOQPhK+VrddGUD59/wzVnvaGyl" + + "9MZE7TXFUeniQq5iXKnm22EQbYchv2Jcxyt2H9yptpzyh4tP6tEHl1C887p2" + + "J4qe7F2ATua9CzVGwXQSUbKtj2fgUZP5SsNp25guhPiZdtkf2sHMeiotmykF" + + "ErzqGMrvOAUThrO63GiYsRk4hF6rcQ01d+EUVpY/sBcCxgNyOiB7a84sDtrx" + + "nX5BTEZDTEj8LvuEyEV3TMUuAjx17Eyd+9JtKzwV4v3hlTaWOvGro9nPS7Ya" + + "PuG+RtufzXCUJPbPfTjTvtGOqvEzoztls8tuWA0OGHba9XfX9rfgorACAAA="); + + private static readonly string crOnlyMessage = + "\r" + + " hello world!\r" + + "\r" + + "- dash\r"; + + private static readonly string nlOnlyMessage = + "\n" + + " hello world!\n" + + "\n" + + "- dash\n"; + + private static readonly string crNlMessage = + "\r\n" + + " hello world!\r\n" + + "\r\n" + + "- dash\r\n"; + + private static readonly string crOnlySignedMessage = + "-----BEGIN PGP SIGNED MESSAGE-----\r" + + "Hash: SHA256\r" + + "\r" + + "\r" + + " hello world!\r" + + "\r" + + "- - dash\r" + + "-----BEGIN PGP SIGNATURE-----\r" + + "Version: GnuPG v1.4.2.1 (GNU/Linux)\r" + + "\r" + + "iQEVAwUBRCNS8+DPyHq93/cWAQi6SwgAj3ItmSLr/sd/ixAQLW7/12jzEjfNmFDt\r" + + "WOZpJFmXj0fnMzTrOILVnbxHv2Ru+U8Y1K6nhzFSR7d28n31/XGgFtdohDEaFJpx\r" + + "Fl+KvASKIonnpEDjFJsPIvT1/G/eCPalwO9IuxaIthmKj0z44SO1VQtmNKxdLAfK\r" + + "+xTnXGawXS1WUE4CQGPM45mIGSqXcYrLtJkAg3jtRa8YRUn2d7b2BtmWH+jVaVuC\r" + + "hNrXYv7iHFOu25yRWhUQJisvdC13D/gKIPRvARXPgPhAC2kovIy6VS8tDoyG6Hm5\r" + + "dMgLEGhmqsgaetVq1ZIuBZj5S4j2apBJCDpF6GBfpBOfwIZs0Tpmlw==\r" + + "=84Nd\r" + + "-----END PGP SIGNATURE-----\r"; + + private static readonly string nlOnlySignedMessage = + "-----BEGIN PGP SIGNED MESSAGE-----\n" + + "Hash: SHA256\n" + + "\n" + + "\n" + + " hello world!\n" + + "\n" + + "- - dash\n" + + "-----BEGIN PGP SIGNATURE-----\n" + + "Version: GnuPG v1.4.2.1 (GNU/Linux)\n" + + "\n" + + "iQEVAwUBRCNS8+DPyHq93/cWAQi6SwgAj3ItmSLr/sd/ixAQLW7/12jzEjfNmFDt\n" + + "WOZpJFmXj0fnMzTrOILVnbxHv2Ru+U8Y1K6nhzFSR7d28n31/XGgFtdohDEaFJpx\n" + + "Fl+KvASKIonnpEDjFJsPIvT1/G/eCPalwO9IuxaIthmKj0z44SO1VQtmNKxdLAfK\n" + + "+xTnXGawXS1WUE4CQGPM45mIGSqXcYrLtJkAg3jtRa8YRUn2d7b2BtmWH+jVaVuC\n" + + "hNrXYv7iHFOu25yRWhUQJisvdC13D/gKIPRvARXPgPhAC2kovIy6VS8tDoyG6Hm5\n" + + "dMgLEGhmqsgaetVq1ZIuBZj5S4j2apBJCDpF6GBfpBOfwIZs0Tpmlw==\n" + + "=84Nd\n" + + "-----END PGP SIGNATURE-----\n"; + + private static readonly string crNlSignedMessage = + "-----BEGIN PGP SIGNED MESSAGE-----\r\n" + + "Hash: SHA256\r\n" + + "\r\n" + + "\r\n" + + " hello world!\r\n" + + "\r\n" + + "- - dash\r\n" + + "-----BEGIN PGP SIGNATURE-----\r\n" + + "Version: GnuPG v1.4.2.1 (GNU/Linux)\r\n" + + "\r\n" + + "iQEVAwUBRCNS8+DPyHq93/cWAQi6SwgAj3ItmSLr/sd/ixAQLW7/12jzEjfNmFDt\r\n" + + "WOZpJFmXj0fnMzTrOILVnbxHv2Ru+U8Y1K6nhzFSR7d28n31/XGgFtdohDEaFJpx\r\n" + + "Fl+KvASKIonnpEDjFJsPIvT1/G/eCPalwO9IuxaIthmKj0z44SO1VQtmNKxdLAfK\r\n" + + "+xTnXGawXS1WUE4CQGPM45mIGSqXcYrLtJkAg3jtRa8YRUn2d7b2BtmWH+jVaVuC\r\n" + + "hNrXYv7iHFOu25yRWhUQJisvdC13D/gKIPRvARXPgPhAC2kovIy6VS8tDoyG6Hm5\r\n" + + "dMgLEGhmqsgaetVq1ZIuBZj5S4j2apBJCDpF6GBfpBOfwIZs0Tpmlw==\r\n" + + "=84Nd\r" + + "-----END PGP SIGNATURE-----\r\n"; + + private static readonly string crNlSignedMessageTrailingWhiteSpace = + "-----BEGIN PGP SIGNED MESSAGE-----\r\n" + + "Hash: SHA256\r\n" + + "\r\n" + + "\r\n" + + " hello world! \t\r\n" + + "\r\n" + + "- - dash\r\n" + + "-----BEGIN PGP SIGNATURE-----\r\n" + + "Version: GnuPG v1.4.2.1 (GNU/Linux)\r\n" + + "\r\n" + + "iQEVAwUBRCNS8+DPyHq93/cWAQi6SwgAj3ItmSLr/sd/ixAQLW7/12jzEjfNmFDt\r\n" + + "WOZpJFmXj0fnMzTrOILVnbxHv2Ru+U8Y1K6nhzFSR7d28n31/XGgFtdohDEaFJpx\r\n" + + "Fl+KvASKIonnpEDjFJsPIvT1/G/eCPalwO9IuxaIthmKj0z44SO1VQtmNKxdLAfK\r\n" + + "+xTnXGawXS1WUE4CQGPM45mIGSqXcYrLtJkAg3jtRa8YRUn2d7b2BtmWH+jVaVuC\r\n" + + "hNrXYv7iHFOu25yRWhUQJisvdC13D/gKIPRvARXPgPhAC2kovIy6VS8tDoyG6Hm5\r\n" + + "dMgLEGhmqsgaetVq1ZIuBZj5S4j2apBJCDpF6GBfpBOfwIZs0Tpmlw==\r\n" + + "=84Nd\r" + + "-----END PGP SIGNATURE-----\r\n"; + + public override string Name + { + get { return "PgpClearSignedSignatureTest"; } + } + + private void messageTest( + string message, + string type) + { + ArmoredInputStream aIn = new ArmoredInputStream( + new MemoryStream(Encoding.ASCII.GetBytes(message))); + + string[] headers = aIn.GetArmorHeaders(); + + if (headers == null || headers.Length != 1) + { + Fail("wrong number of headers found"); + } + + if (!"Hash: SHA256".Equals(headers[0])) + { + Fail("header value wrong: " + headers[0]); + } + + // + // read the input, making sure we ingore the last newline. + // + MemoryStream bOut = new MemoryStream(); + int ch; + + while ((ch = aIn.ReadByte()) >= 0 && aIn.IsClearText()) + { + bOut.WriteByte((byte)ch); + } + + PgpPublicKeyRingBundle pgpRings = new PgpPublicKeyRingBundle(publicKey); + + PgpObjectFactory pgpFact = new PgpObjectFactory(aIn); + PgpSignatureList p3 = (PgpSignatureList)pgpFact.NextPgpObject(); + PgpSignature sig = p3[0]; + + sig.InitVerify(pgpRings.GetPublicKey(sig.KeyId)); + + MemoryStream lineOut = new MemoryStream(); + Stream sigIn = new MemoryStream(bOut.ToArray(), false); + int lookAhead = ReadInputLine(lineOut, sigIn); + + ProcessLine(sig, lineOut.ToArray()); + + if (lookAhead != -1) + { + do + { + lookAhead = ReadInputLine(lineOut, lookAhead, sigIn); + + sig.Update((byte) '\r'); + sig.Update((byte) '\n'); + + ProcessLine(sig, lineOut.ToArray()); + } + while (lookAhead != -1); + } + + if (!sig.Verify()) + { + Fail("signature failed to verify m_in " + type); + } + } + + private PgpSecretKey ReadSecretKey( + Stream inputStream) + { + PgpSecretKeyRingBundle pgpSec = new PgpSecretKeyRingBundle(inputStream); + + // + // we just loop through the collection till we find a key suitable for encryption, in the real + // world you would probably want to be a bit smarter about this. + // + // + // iterate through the key rings. + // + foreach (PgpSecretKeyRing kRing in pgpSec.GetKeyRings()) + { + foreach (PgpSecretKey k in kRing.GetSecretKeys()) + { + if (k.IsSigningKey) + { + return k; + } + } + } + + throw new ArgumentException("Can't find signing key in key ring."); + } + + private void generateTest( + string message, + string type) + { + PgpSecretKey pgpSecKey = ReadSecretKey(new MemoryStream(secretKey)); + PgpPrivateKey pgpPrivKey = pgpSecKey.ExtractPrivateKey("".ToCharArray()); + PgpSignatureGenerator sGen = new PgpSignatureGenerator(pgpSecKey.PublicKey.Algorithm, HashAlgorithmTag.Sha256); + PgpSignatureSubpacketGenerator spGen = new PgpSignatureSubpacketGenerator(); + + sGen.InitSign(PgpSignature.CanonicalTextDocument, pgpPrivKey); + + IEnumerator it = pgpSecKey.PublicKey.GetUserIds().GetEnumerator(); + if (it.MoveNext()) + { + spGen.SetSignerUserId(false, (string)it.Current); + sGen.SetHashedSubpackets(spGen.Generate()); + } + + MemoryStream bOut = new MemoryStream(); + ArmoredOutputStream aOut = new ArmoredOutputStream(bOut); + MemoryStream bIn = new MemoryStream(Encoding.ASCII.GetBytes(message), false); + + aOut.BeginClearText(HashAlgorithmTag.Sha256); + + // + // note the last \n m_in the file is ignored + // + MemoryStream lineOut = new MemoryStream(); + int lookAhead = ReadInputLine(lineOut, bIn); + + ProcessLine(aOut, sGen, lineOut.ToArray()); + + if (lookAhead != -1) + { + do + { + lookAhead = ReadInputLine(lineOut, lookAhead, bIn); + + sGen.Update((byte) '\r'); + sGen.Update((byte) '\n'); + + ProcessLine(aOut, sGen, lineOut.ToArray()); + } + while (lookAhead != -1); + } + + aOut.EndClearText(); + + BcpgOutputStream bcpgOut = new BcpgOutputStream(aOut); + + sGen.Generate().Encode(bcpgOut); + + aOut.Close(); + + byte[] bs = bOut.ToArray(); + messageTest(Encoding.ASCII.GetString(bs, 0, bs.Length), type); + } + + private static int ReadInputLine( + MemoryStream bOut, + Stream fIn) + { + bOut.SetLength(0); + + int lookAhead = -1; + int ch; + + while ((ch = fIn.ReadByte()) >= 0) + { + bOut.WriteByte((byte) ch); + if (ch == '\r' || ch == '\n') + { + lookAhead = ReadPassedEol(bOut, ch, fIn); + break; + } + } + + return lookAhead; + } + + private static int ReadInputLine( + MemoryStream bOut, + int lookAhead, + Stream fIn) + { + bOut.SetLength(0); + + int ch = lookAhead; + + do + { + bOut.WriteByte((byte) ch); + if (ch == '\r' || ch == '\n') + { + lookAhead = ReadPassedEol(bOut, ch, fIn); + break; + } + } + while ((ch = fIn.ReadByte()) >= 0); + + return lookAhead; + } + + private static int ReadPassedEol( + MemoryStream bOut, + int lastCh, + Stream fIn) + { + int lookAhead = fIn.ReadByte(); + + if (lastCh == '\r' && lookAhead == '\n') + { + bOut.WriteByte((byte) lookAhead); + lookAhead = fIn.ReadByte(); + } + + return lookAhead; + } + + private static void ProcessLine( + PgpSignature sig, + byte[] line) + { + int length = GetLengthWithoutWhiteSpace(line); + if (length > 0) + { + sig.Update(line, 0, length); + } + } + + private static void ProcessLine( + Stream aOut, + PgpSignatureGenerator sGen, + byte[] line) + { + int length = GetLengthWithoutWhiteSpace(line); + if (length > 0) + { + sGen.Update(line, 0, length); + } + + aOut.Write(line, 0, line.Length); + } + + private static int GetLengthWithoutWhiteSpace( + byte[] line) + { + int end = line.Length - 1; + + while (end >= 0 && IsWhiteSpace(line[end])) + { + end--; + } + + return end + 1; + } + + private static bool IsWhiteSpace( + byte b) + { + return b == '\r' || b == '\n' || b == '\t' || b == ' '; + } + + public override void PerformTest() + { + messageTest(crOnlySignedMessage, "\\r"); + messageTest(nlOnlySignedMessage, "\\n"); + messageTest(crNlSignedMessage, "\\r\\n"); + messageTest(crNlSignedMessageTrailingWhiteSpace, "\\r\\n"); + + generateTest(nlOnlyMessage, "\\r"); + generateTest(crOnlyMessage, "\\n"); + generateTest(crNlMessage, "\\r\\n"); + } + + public static void Main(string[] args) + { + RunTest(new PgpClearSignedSignatureTest()); + } + + [Test] + public void TestFunction() + { + string resultText = Perform().ToString(); + + Assert.AreEqual(Name + ": Okay", resultText); + } + } +} diff --git a/BouncyCastle/crypto/test/src/openpgp/test/PGPCompressionTest.cs b/BouncyCastle/crypto/test/src/openpgp/test/PGPCompressionTest.cs new file mode 100644 index 0000000..4a8df30 --- /dev/null +++ b/BouncyCastle/crypto/test/src/openpgp/test/PGPCompressionTest.cs @@ -0,0 +1,127 @@ +using System; +using System.IO; +using System.Text; + +using NUnit.Framework; + +using Org.BouncyCastle.Security; +using Org.BouncyCastle.Utilities.IO; +using Org.BouncyCastle.Utilities.Test; + +namespace Org.BouncyCastle.Bcpg.OpenPgp.Tests +{ + [TestFixture] + public class PgpCompressionTest + : SimpleTest + { + private static readonly SecureRandom Random = new SecureRandom(); + + private static readonly byte[] Data1 = new byte[0]; + private static readonly byte[] Data2 = Encoding.ASCII.GetBytes("hello world! !dlrow olleh"); + + [Test] + public void TestBZip2() + { + DoTestCompression(Data1, CompressionAlgorithmTag.BZip2); + DoTestCompression(Data2, CompressionAlgorithmTag.BZip2); + DoTestCompression(RandomData(1000000), CompressionAlgorithmTag.BZip2); + } + + [Test] + public void TestUncompressed() + { + DoTestCompression(Data1, CompressionAlgorithmTag.Uncompressed); + DoTestCompression(Data2, CompressionAlgorithmTag.Uncompressed); + DoTestCompression(RandomData(1000000), CompressionAlgorithmTag.Uncompressed); + } + + [Test] + public void TestZip() + { + DoTestCompression(Data1, CompressionAlgorithmTag.Zip); + DoTestCompression(Data2, CompressionAlgorithmTag.Zip); + DoTestCompression(RandomData(1000000), CompressionAlgorithmTag.Zip); + } + + [Test] + public void TestZLib() + { + DoTestCompression(Data1, CompressionAlgorithmTag.ZLib); + DoTestCompression(Data2, CompressionAlgorithmTag.ZLib); + DoTestCompression(RandomData(1000000), CompressionAlgorithmTag.ZLib); + } + + public override void PerformTest() + { + TestBZip2(); + TestUncompressed(); + TestZip(); + TestZLib(); + } + + private void DoTestCompression(byte[] data, CompressionAlgorithmTag type) + { + DoTestCompression(data, type, true); + DoTestCompression(data, type, false); + } + + private void DoTestCompression(byte[] data, CompressionAlgorithmTag type, bool streamClose) + { + MemoryStream bOut = new MemoryStream(); + PgpCompressedDataGenerator cPacket = new PgpCompressedDataGenerator(type); + Stream os = cPacket.Open(new UncloseableStream(bOut)); + os.Write(data, 0, data.Length); + + if (streamClose) + { + os.Close(); + } + else + { + cPacket.Close(); + } + + ValidateData(data, bOut.ToArray()); + + try + { + os.Close(); + cPacket.Close(); + } + catch (Exception) + { + Fail("Redundant Close() should be ignored"); + } + } + + private byte[] RandomData(int length) + { + return SecureRandom.GetNextBytes(Random, length); + } + + private void ValidateData(byte[] data, byte[] compressed) + { + PgpObjectFactory pgpFact = new PgpObjectFactory(compressed); + PgpCompressedData c1 = (PgpCompressedData) pgpFact.NextPgpObject(); + + Stream pIn = c1.GetDataStream(); + byte[] bytes = Streams.ReadAll(pIn); + pIn.Close(); + + if (!AreEqual(bytes, data)) + { + Fail("compression test failed"); + } + } + + public override string Name + { + get { return "PgpCompressionTest"; } + } + + public static void Main(string[] args) + { + RunTest(new PgpCompressionTest()); + } + } +} diff --git a/BouncyCastle/crypto/test/src/openpgp/test/PGPDSAElGamalTest.cs b/BouncyCastle/crypto/test/src/openpgp/test/PGPDSAElGamalTest.cs new file mode 100644 index 0000000..cd10a3f --- /dev/null +++ b/BouncyCastle/crypto/test/src/openpgp/test/PGPDSAElGamalTest.cs @@ -0,0 +1,491 @@ +using System; +using System.IO; +using System.Text; + +using NUnit.Framework; + +using Org.BouncyCastle.Crypto; +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Crypto.Generators; +using Org.BouncyCastle.Math; +using Org.BouncyCastle.Security; +using Org.BouncyCastle.Utilities; +using Org.BouncyCastle.Utilities.Encoders; +using Org.BouncyCastle.Utilities.IO; +using Org.BouncyCastle.Utilities.Test; + +namespace Org.BouncyCastle.Bcpg.OpenPgp.Tests +{ + [TestFixture] + public class PgpDsaElGamalTest + : SimpleTest + { + private static readonly byte[] testPubKeyRing = Base64.Decode( + "mQGiBEAR8jYRBADNifuSopd20JOQ5x30ljIaY0M6927+vo09NeNxS3KqItba" + + "nz9o5e2aqdT0W1xgdHYZmdElOHTTsugZxdXTEhghyxoo3KhVcNnTABQyrrvX" + + "qouvmP2fEDEw0Vpyk+90BpyY9YlgeX/dEA8OfooRLCJde/iDTl7r9FT+mts8" + + "g3azjwCgx+pOLD9LPBF5E4FhUOdXISJ0f4EEAKXSOi9nZzajpdhe8W2ZL9gc" + + "BpzZi6AcrRZBHOEMqd69gtUxA4eD8xycUQ42yH89imEcwLz8XdJ98uHUxGJi" + + "qp6hq4oakmw8GQfiL7yQIFgaM0dOAI9Afe3m84cEYZsoAFYpB4/s9pVMpPRH" + + "NsVspU0qd3NHnSZ0QXs8L8DXGO1uBACjDUj+8GsfDCIP2QF3JC+nPUNa0Y5t" + + "wKPKl+T8hX/0FBD7fnNeC6c9j5Ir/Fp/QtdaDAOoBKiyNLh1JaB1NY6US5zc" + + "qFks2seZPjXEiE6OIDXYra494mjNKGUobA4hqT2peKWXt/uBcuL1mjKOy8Qf" + + "JxgEd0MOcGJO+1PFFZWGzLQ3RXJpYyBILiBFY2hpZG5hICh0ZXN0IGtleSBv" + + "bmx5KSA8ZXJpY0Bib3VuY3ljYXN0bGUub3JnPohZBBMRAgAZBQJAEfI2BAsH" + + "AwIDFQIDAxYCAQIeAQIXgAAKCRAOtk6iUOgnkDdnAKC/CfLWikSBdbngY6OK" + + "5UN3+o7q1ACcDRqjT3yjBU3WmRUNlxBg3tSuljmwAgAAuQENBEAR8jgQBAC2" + + "kr57iuOaV7Ga1xcU14MNbKcA0PVembRCjcVjei/3yVfT/fuCVtGHOmYLEBqH" + + "bn5aaJ0P/6vMbLCHKuN61NZlts+LEctfwoya43RtcubqMc7eKw4k0JnnoYgB" + + "ocLXOtloCb7jfubOsnfORvrUkK0+Ne6anRhFBYfaBmGU75cQgwADBQP/XxR2" + + "qGHiwn+0YiMioRDRiIAxp6UiC/JQIri2AKSqAi0zeAMdrRsBN7kyzYVVpWwN" + + "5u13gPdQ2HnJ7d4wLWAuizUdKIQxBG8VoCxkbipnwh2RR4xCXFDhJrJFQUm+" + + "4nKx9JvAmZTBIlI5Wsi5qxst/9p5MgP3flXsNi1tRbTmRhqIRgQYEQIABgUC" + + "QBHyOAAKCRAOtk6iUOgnkBStAJoCZBVM61B1LG2xip294MZecMtCwQCbBbsk" + + "JVCXP0/Szm05GB+WN+MOCT2wAgAA"); + + private static readonly byte[] testPrivKeyRing = Base64.Decode( + "lQHhBEAR8jYRBADNifuSopd20JOQ5x30ljIaY0M6927+vo09NeNxS3KqItba" + + "nz9o5e2aqdT0W1xgdHYZmdElOHTTsugZxdXTEhghyxoo3KhVcNnTABQyrrvX" + + "qouvmP2fEDEw0Vpyk+90BpyY9YlgeX/dEA8OfooRLCJde/iDTl7r9FT+mts8" + + "g3azjwCgx+pOLD9LPBF5E4FhUOdXISJ0f4EEAKXSOi9nZzajpdhe8W2ZL9gc" + + "BpzZi6AcrRZBHOEMqd69gtUxA4eD8xycUQ42yH89imEcwLz8XdJ98uHUxGJi" + + "qp6hq4oakmw8GQfiL7yQIFgaM0dOAI9Afe3m84cEYZsoAFYpB4/s9pVMpPRH" + + "NsVspU0qd3NHnSZ0QXs8L8DXGO1uBACjDUj+8GsfDCIP2QF3JC+nPUNa0Y5t" + + "wKPKl+T8hX/0FBD7fnNeC6c9j5Ir/Fp/QtdaDAOoBKiyNLh1JaB1NY6US5zc" + + "qFks2seZPjXEiE6OIDXYra494mjNKGUobA4hqT2peKWXt/uBcuL1mjKOy8Qf" + + "JxgEd0MOcGJO+1PFFZWGzP4DAwLeUcsVxIC2s2Bb9ab2XD860TQ2BI2rMD/r" + + "7/psx9WQ+Vz/aFAT3rXkEJ97nFeqEACgKmUCAEk9939EwLQ3RXJpYyBILiBF" + + "Y2hpZG5hICh0ZXN0IGtleSBvbmx5KSA8ZXJpY0Bib3VuY3ljYXN0bGUub3Jn" + + "PohZBBMRAgAZBQJAEfI2BAsHAwIDFQIDAxYCAQIeAQIXgAAKCRAOtk6iUOgn" + + "kDdnAJ9Ala3OcwEV1DbK906CheYWo4zIQwCfUqUOLMp/zj6QAk02bbJAhV1r" + + "sAewAgAAnQFYBEAR8jgQBAC2kr57iuOaV7Ga1xcU14MNbKcA0PVembRCjcVj" + + "ei/3yVfT/fuCVtGHOmYLEBqHbn5aaJ0P/6vMbLCHKuN61NZlts+LEctfwoya" + + "43RtcubqMc7eKw4k0JnnoYgBocLXOtloCb7jfubOsnfORvrUkK0+Ne6anRhF" + + "BYfaBmGU75cQgwADBQP/XxR2qGHiwn+0YiMioRDRiIAxp6UiC/JQIri2AKSq" + + "Ai0zeAMdrRsBN7kyzYVVpWwN5u13gPdQ2HnJ7d4wLWAuizUdKIQxBG8VoCxk" + + "bipnwh2RR4xCXFDhJrJFQUm+4nKx9JvAmZTBIlI5Wsi5qxst/9p5MgP3flXs" + + "Ni1tRbTmRhr+AwMC3lHLFcSAtrNg/EiWFLAnKNXH27zjwuhje8u2r+9iMTYs" + + "GjbRxaxRY0GKRhttCwqe2BC0lHhzifdlEcc9yjIjuKfepG2fnnSIRgQYEQIA" + + "BgUCQBHyOAAKCRAOtk6iUOgnkBStAJ9HFejVtVJ/A9LM/mDPe0ExhEXt/QCg" + + "m/KM7hJ/JrfnLQl7IaZsdg1F6vCwAgAA"); + + private static readonly byte[] encMessage = Base64.Decode( + "hQEOAynbo4lhNjcHEAP/dgCkMtPB6mIgjFvNiotjaoh4sAXf4vFNkSeehQ2c" + + "r+IMt9CgIYodJI3FoJXxOuTcwesqTp5hRzgUBJS0adLDJwcNubFMy0M2tp5o" + + "KTWpXulIiqyO6f5jI/oEDHPzFoYgBmR4x72l/YpMy8UoYGtNxNvR7LVOfqJv" + + "uDY/71KMtPQEAIadOWpf1P5Td+61Zqn2VH2UV7H8eI6hGa6Lsy4sb9iZNE7f" + + "c+spGJlgkiOt8TrQoq3iOK9UN9nHZLiCSIEGCzsEn3uNuorD++Qs065ij+Oy" + + "36TKeuJ+38CfT7u47dEshHCPqWhBKEYrxZWHUJU/izw2Q1Yxd2XRxN+nafTL" + + "X1fQ0lABQUASa18s0BkkEERIdcKQXVLEswWcGqWNv1ZghC7xO2VDBX4HrPjp" + + "drjL63p2UHzJ7/4gPWGGtnqq1Xita/1mrImn7pzLThDWiT55vjw6Hw=="); + + private static readonly byte[] signedAndEncMessage = Base64.Decode( + "hQEOAynbo4lhNjcHEAP+K20MVhzdX57hf/cU8TH0prP0VePr9mmeBedzqqMn" + + "fp2p8Zb68zmcMlI/WiL5XMNLYRmCgEcXyWbKdP/XV9m9LDBe1CMAGrkCeGBy" + + "je69IQQ5LS9vDPyEMF4iAAv/EqACjqHkizdY/a/FRx/t2ioXYdEC2jA6kS9C" + + "McpsNz16DE8EAIk3uKn4bGo/+15TXkyFYzW5Cf71SfRoHNmU2zAI93zhjN+T" + + "B7mGJwWXzsMkIO6FkMU5TCSrwZS3DBWCIaJ6SYoaawE/C/2j9D7bX1Jv8kum" + + "4cq+eZM7z6JYs6xend+WAwittpUxbEiyC2AJb3fBSXPAbLqWd6J6xbZZ7GDK" + + "r2Ca0pwBxwGhbMDyi2zpHLzw95H7Ah2wMcGU6kMLB+hzBSZ6mSTGFehqFQE3" + + "2BnAj7MtnbghiefogacJ891jj8Y2ggJeKDuRz8j2iICaTOy+Y2rXnnJwfYzm" + + "BMWcd2h1C5+UeBJ9CrrLniCCI8s5u8z36Rno3sfhBnXdRmWSxExXtocbg1Ht" + + "dyiThf6TK3W29Yy/T6x45Ws5zOasaJdsFKM="); + + private static readonly char[] pass = "hello world".ToCharArray(); + + private static readonly SecureRandom random = new SecureRandom(); + + public override void PerformTest() + { + PgpPublicKey pubKey = null; + + // + // Read the public key + // + PgpObjectFactory pgpFact = new PgpObjectFactory(testPubKeyRing); + PgpPublicKeyRing pgpPub = (PgpPublicKeyRing)pgpFact.NextPgpObject(); + + pubKey = pgpPub.GetPublicKey(); + + if (pubKey.BitStrength != 1024) + { + Fail("failed - key strength reported incorrectly."); + } + + // + // Read the private key + // + PgpSecretKeyRing sKey = new PgpSecretKeyRing(testPrivKeyRing); + PgpSecretKey secretKey = sKey.GetSecretKey(); + PgpPrivateKey pgpPrivKey = secretKey.ExtractPrivateKey(pass); + + // + // signature generation + // + const string data = "hello world!"; + byte[] dataBytes = Encoding.ASCII.GetBytes(data); + MemoryStream bOut = new MemoryStream(); + MemoryStream testIn = new MemoryStream(dataBytes, false); + PgpSignatureGenerator sGen = new PgpSignatureGenerator(PublicKeyAlgorithmTag.Dsa, + HashAlgorithmTag.Sha1); + + sGen.InitSign(PgpSignature.BinaryDocument, pgpPrivKey); + + PgpCompressedDataGenerator cGen = new PgpCompressedDataGenerator( + CompressionAlgorithmTag.Zip); + + BcpgOutputStream bcOut = new BcpgOutputStream( + cGen.Open(new UncloseableStream(bOut))); + + sGen.GenerateOnePassVersion(false).Encode(bcOut); + + PgpLiteralDataGenerator lGen = new PgpLiteralDataGenerator(); + + DateTime testDateTime = new DateTime(1973, 7, 27); + Stream lOut = lGen.Open( + new UncloseableStream(bcOut), + PgpLiteralData.Binary, + "_CONSOLE", + dataBytes.Length, + testDateTime); + + int ch; + while ((ch = testIn.ReadByte()) >= 0) + { + lOut.WriteByte((byte) ch); + sGen.Update((byte) ch); + } + + lGen.Close(); + + sGen.Generate().Encode(bcOut); + + cGen.Close(); + + // + // verify Generated signature + // + pgpFact = new PgpObjectFactory(bOut.ToArray()); + + PgpCompressedData c1 = (PgpCompressedData)pgpFact.NextPgpObject(); + + pgpFact = new PgpObjectFactory(c1.GetDataStream()); + + PgpOnePassSignatureList p1 = (PgpOnePassSignatureList)pgpFact.NextPgpObject(); + + PgpOnePassSignature ops = p1[0]; + + PgpLiteralData p2 = (PgpLiteralData)pgpFact.NextPgpObject(); + if (!p2.ModificationTime.Equals(testDateTime)) + { + Fail("Modification time not preserved"); + } + + Stream dIn = p2.GetInputStream(); + + ops.InitVerify(pubKey); + + while ((ch = dIn.ReadByte()) >= 0) + { + ops.Update((byte)ch); + } + + PgpSignatureList p3 = (PgpSignatureList)pgpFact.NextPgpObject(); + + if (!ops.Verify(p3[0])) + { + Fail("Failed Generated signature check"); + } + + // + // test encryption + // + + // + // find a key sutiable for encryption + // + long pgpKeyID = 0; + AsymmetricKeyParameter pKey = null; + + foreach (PgpPublicKey pgpKey in pgpPub.GetPublicKeys()) + { + if (pgpKey.Algorithm == PublicKeyAlgorithmTag.ElGamalEncrypt + || pgpKey.Algorithm == PublicKeyAlgorithmTag.ElGamalGeneral) + { + pKey = pgpKey.GetKey(); + pgpKeyID = pgpKey.KeyId; + if (pgpKey.BitStrength != 1024) + { + Fail("failed - key strength reported incorrectly."); + } + + // + // verify the key + // + + } + } + + IBufferedCipher c = CipherUtilities.GetCipher("ElGamal/None/PKCS1Padding"); + + c.Init(true, pKey); + + byte[] inBytes = Encoding.ASCII.GetBytes("hello world"); + byte[] outBytes = c.DoFinal(inBytes); + + pgpPrivKey = sKey.GetSecretKey(pgpKeyID).ExtractPrivateKey(pass); + + c.Init(false, pgpPrivKey.Key); + + outBytes = c.DoFinal(outBytes); + + if (!Arrays.AreEqual(inBytes, outBytes)) + { + Fail("decryption failed."); + } + + // + // encrypted message + // + byte[] text = { (byte)'h', (byte)'e', (byte)'l', (byte)'l', (byte)'o', + (byte)' ', (byte)'w', (byte)'o', (byte)'r', (byte)'l', (byte)'d', (byte)'!', (byte)'\n' }; + + PgpObjectFactory pgpF = new PgpObjectFactory(encMessage); + + PgpEncryptedDataList encList = (PgpEncryptedDataList)pgpF.NextPgpObject(); + + PgpPublicKeyEncryptedData encP = (PgpPublicKeyEncryptedData)encList[0]; + + Stream clear = encP.GetDataStream(pgpPrivKey); + + pgpFact = new PgpObjectFactory(clear); + + c1 = (PgpCompressedData)pgpFact.NextPgpObject(); + + pgpFact = new PgpObjectFactory(c1.GetDataStream()); + + PgpLiteralData ld = (PgpLiteralData)pgpFact.NextPgpObject(); + + if (!ld.FileName.Equals("test.txt")) + { + throw new Exception("wrong filename in packet"); + } + + Stream inLd = ld.GetDataStream(); + byte[] bytes = Streams.ReadAll(inLd); + + if (!Arrays.AreEqual(bytes, text)) + { + Fail("wrong plain text in decrypted packet"); + } + + // + // signed and encrypted message + // + pgpF = new PgpObjectFactory(signedAndEncMessage); + + encList = (PgpEncryptedDataList)pgpF.NextPgpObject(); + + encP = (PgpPublicKeyEncryptedData)encList[0]; + + clear = encP.GetDataStream(pgpPrivKey); + + pgpFact = new PgpObjectFactory(clear); + + c1 = (PgpCompressedData)pgpFact.NextPgpObject(); + + pgpFact = new PgpObjectFactory(c1.GetDataStream()); + + p1 = (PgpOnePassSignatureList)pgpFact.NextPgpObject(); + + ops = p1[0]; + + ld = (PgpLiteralData)pgpFact.NextPgpObject(); + + bOut = new MemoryStream(); + + if (!ld.FileName.Equals("test.txt")) + { + throw new Exception("wrong filename in packet"); + } + + inLd = ld.GetDataStream(); + + // + // note: we use the DSA public key here. + // + ops.InitVerify(pgpPub.GetPublicKey()); + + while ((ch = inLd.ReadByte()) >= 0) + { + ops.Update((byte) ch); + bOut.WriteByte((byte) ch); + } + + p3 = (PgpSignatureList)pgpFact.NextPgpObject(); + + if (!ops.Verify(p3[0])) + { + Fail("Failed signature check"); + } + + if (!Arrays.AreEqual(bOut.ToArray(), text)) + { + Fail("wrong plain text in decrypted packet"); + } + + // + // encrypt + // + MemoryStream cbOut = new MemoryStream(); + PgpEncryptedDataGenerator cPk = new PgpEncryptedDataGenerator( + SymmetricKeyAlgorithmTag.TripleDes, random); + PgpPublicKey puK = sKey.GetSecretKey(pgpKeyID).PublicKey; + + cPk.AddMethod(puK); + + Stream cOut = cPk.Open(new UncloseableStream(cbOut), bOut.ToArray().Length); + + cOut.Write(text, 0, text.Length); + + cOut.Close(); + + pgpF = new PgpObjectFactory(cbOut.ToArray()); + + encList = (PgpEncryptedDataList)pgpF.NextPgpObject(); + + encP = (PgpPublicKeyEncryptedData)encList[0]; + + pgpPrivKey = sKey.GetSecretKey(pgpKeyID).ExtractPrivateKey(pass); + + clear = encP.GetDataStream(pgpPrivKey); + outBytes = Streams.ReadAll(clear); + + if (!Arrays.AreEqual(outBytes, text)) + { + Fail("wrong plain text in Generated packet"); + } + + // + // use of PgpKeyPair + // + BigInteger g = new BigInteger("153d5d6172adb43045b68ae8e1de1070b6137005686d29d3d73a7749199681ee5b212c9b96bfdcfa5b20cd5e3fd2044895d609cf9b410b7a0f12ca1cb9a428cc", 16); + BigInteger p = new BigInteger("9494fec095f3b85ee286542b3836fc81a5dd0a0349b4c239dd38744d488cf8e31db8bcb7d33b41abb9e5a33cca9144b1cef332c94bf0573bf047a3aca98cdf3b", 16); + + ElGamalParameters elParams = new ElGamalParameters(p, g); + + IAsymmetricCipherKeyPairGenerator kpg = GeneratorUtilities.GetKeyPairGenerator("ELGAMAL"); + kpg.Init(new ElGamalKeyGenerationParameters(random, elParams)); + + AsymmetricCipherKeyPair kp = kpg.GenerateKeyPair(); + + PgpKeyPair pgpKp = new PgpKeyPair(PublicKeyAlgorithmTag.ElGamalGeneral , + kp.Public, kp.Private, DateTime.UtcNow); + + PgpPublicKey k1 = pgpKp.PublicKey; + PgpPrivateKey k2 = pgpKp.PrivateKey; + + + + + + // Test bug with ElGamal P size != 0 mod 8 (don't use these sizes at home!) + for (int pSize = 257; pSize < 264; ++pSize) + { + // Generate some parameters of the given size + ElGamalParametersGenerator epg = new ElGamalParametersGenerator(); + epg.Init(pSize, 2, random); + + elParams = epg.GenerateParameters(); + + kpg = GeneratorUtilities.GetKeyPairGenerator("ELGAMAL"); + kpg.Init(new ElGamalKeyGenerationParameters(random, elParams)); + + + // Run a short encrypt/decrypt test with random key for the given parameters + kp = kpg.GenerateKeyPair(); + + PgpKeyPair elGamalKeyPair = new PgpKeyPair( + PublicKeyAlgorithmTag.ElGamalGeneral, kp, DateTime.UtcNow); + + cPk = new PgpEncryptedDataGenerator(SymmetricKeyAlgorithmTag.Cast5, random); + + puK = elGamalKeyPair.PublicKey; + + cPk.AddMethod(puK); + + cbOut = new MemoryStream(); + + cOut = cPk.Open(new UncloseableStream(cbOut), text.Length); + + cOut.Write(text, 0, text.Length); + + cOut.Close(); + + pgpF = new PgpObjectFactory(cbOut.ToArray()); + + encList = (PgpEncryptedDataList)pgpF.NextPgpObject(); + + encP = (PgpPublicKeyEncryptedData)encList[0]; + + pgpPrivKey = elGamalKeyPair.PrivateKey; + + // Note: This is where an exception would be expected if the P size causes problems + clear = encP.GetDataStream(pgpPrivKey); + byte[] decText = Streams.ReadAll(clear); + + if (!Arrays.AreEqual(text, decText)) + { + Fail("decrypted message incorrect"); + } + } + + + // check sub key encoding + + foreach (PgpPublicKey pgpKey in pgpPub.GetPublicKeys()) + { + if (!pgpKey.IsMasterKey) + { + byte[] kEnc = pgpKey.GetEncoded(); + + PgpObjectFactory objF = new PgpObjectFactory(kEnc); + + // TODO Make PgpPublicKey a PgpObject or return a PgpPublicKeyRing +// PgpPublicKey k = (PgpPublicKey)objF.NextPgpObject(); +// +// pKey = k.GetKey(); +// pgpKeyID = k.KeyId; +// if (k.BitStrength != 1024) +// { +// Fail("failed - key strength reported incorrectly."); +// } +// +// if (objF.NextPgpObject() != null) +// { +// Fail("failed - stream not fully parsed."); +// } + } + } + } + + public override string Name + { + get { return "PgpDsaElGamalTest"; } + } + + public static void Main( + string[] args) + { + RunTest(new PgpDsaElGamalTest()); + } + + [Test] + public void TestFunction() + { + string resultText = Perform().ToString(); + + Assert.AreEqual(Name + ": Okay", resultText); + } + } +} diff --git a/BouncyCastle/crypto/test/src/openpgp/test/PGPDSATest.cs b/BouncyCastle/crypto/test/src/openpgp/test/PGPDSATest.cs new file mode 100644 index 0000000..b99fe23 --- /dev/null +++ b/BouncyCastle/crypto/test/src/openpgp/test/PGPDSATest.cs @@ -0,0 +1,596 @@ +using System; +using System.Collections; +using System.IO; +using System.Text; + +using NUnit.Framework; + +using Org.BouncyCastle.Crypto; +using Org.BouncyCastle.Crypto.Generators; +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Security; +using Org.BouncyCastle.Utilities.Encoders; +using Org.BouncyCastle.Utilities.Test; + +namespace Org.BouncyCastle.Bcpg.OpenPgp.Tests +{ + [TestFixture] + public class PgpDsaTest + : SimpleTest + { + private static readonly byte[] testPubKey = Base64.Decode( + "mQGiBD9HBzURBACzkxRCVGJg5+Ld9DU4Xpnd4LCKgMq7YOY7Gi0EgK92gbaa6+zQ" + + "oQFqz1tt3QUmpz3YVkm/zLESBBtC1ACIXGggUdFMUr5I87+1Cb6vzefAtGt8N5VV" + + "1F/MXv1gJz4Bu6HyxL/ncfe71jsNhav0i4yAjf2etWFj53zK6R+Ojg5H6wCgpL9/" + + "tXVfGP8SqFvyrN/437MlFSUEAIN3V6j/MUllyrZglrtr2+RWIwRrG/ACmrF6hTug" + + "Ol4cQxaDYNcntXbhlTlJs9MxjTH3xxzylyirCyq7HzGJxZzSt6FTeh1DFYzhJ7Qu" + + "YR1xrSdA6Y0mUv0ixD5A4nPHjupQ5QCqHGeRfFD/oHzD4zqBnJp/BJ3LvQ66bERJ" + + "mKl5A/4uj3HoVxpb0vvyENfRqKMmGBISycY4MoH5uWfb23FffsT9r9KL6nJ4syLz" + + "aRR0gvcbcjkc9Z3epI7gr3jTrb4d8WPxsDbT/W1tv9bG/EHawomLcihtuUU68Uej" + + "6/wZot1XJqu2nQlku57+M/V2X1y26VKsipolPfja4uyBOOyvbLQzRXJpYyBFY2hp" + + "ZG5hIChEU0EgVGVzdCBLZXkpIDxlcmljQGJvdW5jeWNhc3RsZS5vcmc+iFkEExEC" + + "ABkFAj9HBzUECwcDAgMVAgMDFgIBAh4BAheAAAoJEM0j9enEyjRDAlwAn2rrom0s" + + "MhufWK5vIRwg7gj5qsLEAJ4vnT5dPBVblofsG+pDoCVeJXGGng=="); + + private static readonly byte[] testPrivKey = Base64.Decode( + "lQHhBD9HBzURBACzkxRCVGJg5+Ld9DU4Xpnd4LCKgMq7YOY7Gi0EgK92gbaa6+zQ" + + "oQFqz1tt3QUmpz3YVkm/zLESBBtC1ACIXGggUdFMUr5I87+1Cb6vzefAtGt8N5VV" + + "1F/MXv1gJz4Bu6HyxL/ncfe71jsNhav0i4yAjf2etWFj53zK6R+Ojg5H6wCgpL9/" + + "tXVfGP8SqFvyrN/437MlFSUEAIN3V6j/MUllyrZglrtr2+RWIwRrG/ACmrF6hTug" + + "Ol4cQxaDYNcntXbhlTlJs9MxjTH3xxzylyirCyq7HzGJxZzSt6FTeh1DFYzhJ7Qu" + + "YR1xrSdA6Y0mUv0ixD5A4nPHjupQ5QCqHGeRfFD/oHzD4zqBnJp/BJ3LvQ66bERJ" + + "mKl5A/4uj3HoVxpb0vvyENfRqKMmGBISycY4MoH5uWfb23FffsT9r9KL6nJ4syLz" + + "aRR0gvcbcjkc9Z3epI7gr3jTrb4d8WPxsDbT/W1tv9bG/EHawomLcihtuUU68Uej" + + "6/wZot1XJqu2nQlku57+M/V2X1y26VKsipolPfja4uyBOOyvbP4DAwIDIBTxWjkC" + + "GGAWQO2jy9CTvLHJEoTO7moHrp1FxOVpQ8iJHyRqZzLllO26OzgohbiPYz8u9qCu" + + "lZ9Xn7QzRXJpYyBFY2hpZG5hIChEU0EgVGVzdCBLZXkpIDxlcmljQGJvdW5jeWNh" + + "c3RsZS5vcmc+iFkEExECABkFAj9HBzUECwcDAgMVAgMDFgIBAh4BAheAAAoJEM0j" + + "9enEyjRDAlwAnjTjjt57NKIgyym7OTCwzIU3xgFpAJ0VO5m5PfQKmGJRhaewLSZD" + + "4nXkHg=="); + + private static readonly byte[] testPrivKey2 = Base64.Decode( + "lQHhBEAnoewRBADRvKgDhbV6pMzqYfUgBsLxSHzmycpuxGbjMrpyKHDOEemj" + + "iQb6TyyBKUoR28/pfshFP9R5urtKIT7wjVrDuOkxYkgRhNm+xmPXW2Lw3D++" + + "MQrC5VWe8ywBltz6T9msmChsaKo2hDhIiRI/mg9Q6rH9pJKtVGi4R7CgGxM2" + + "STQ5fwCgub38qGS1W2O4hUsa+3gva5gaNZUEAItegda4/H4t88XdWxW3D8pv" + + "RnFz26/ADdImVaQlBoumD15VmcgYoT1Djizey7X8vfV+pntudESzLbn3GHlI" + + "6C09seH4e8eYP63t7KU/qbUCDomlSswd1OgQ/RxfN86q765K2t3K1i3wDSxe" + + "EgSRyGKee0VNvOBFOFhuWt+patXaBADE1riNkUxg2P4lBNWwu8tEZRmsl/Ys" + + "DBIzXBshoMzZCvS5PnNXMW4G3SAaC9OC9jvKSx9IEWhKjfjs3QcWzXR28mcm" + + "5na0bTxeOMlaPPhBdkTCmFl0IITWlH/pFlR2ah9WYoWYhZEL2tqB82wByzxH" + + "SkSeD9V5oeSCdCcqiqkEmv4DAwLeNsQ2XGJVRmA4lld+CR5vRxpT/+/2xklp" + + "lxVf/nx0+thrHDpro3u/nINIIObk0gh59+zaEEe3APlHqbQVYWFhIGJiYiA8" + + "Y2NjQGRkZC5lZWU+iFoEExECABoFAkAnoewFCwcDAgEDFQIDAxYCAQIeAQIX" + + "gAAKCRA5nBpCS63az85BAKCbPfU8ATrFvkXhzGNGlc1BJo6DWQCgnK125xVK" + + "lWLpt6ZJJ7TXcx3nkm6wAgAAnQFXBEAnoe0QBACsQxPvaeBcv2TkbgU/5Wc/" + + "tO222dPE1mxFbXjGTKfb+6ge96iyD8kTRLrKCkEEeVBa8AZqMSoXUVN6tV8j" + + "/zD8Bc76o5iJ6wgpg3Mmy2GxInVfsfZN6/G3Y2ukmouz+CDNvQdUw8cTguIb" + + "QoV3XhQ03MLbfVmNcHsku9F4CuKNWwADBQP0DSSe8v5PXF9CSCXOIxBDcQ5x" + + "RKjyYOveqoH/4lbOV0YNUbIDZq4RaUdotpADuPREFmWf0zTB6KV/WIiag8XU" + + "WU9zdDvLKR483Bo6Do5pDBcN+NqfQ+ntGY9WJ7BSFnhQ3+07i1K+NsfFTRfv" + + "hf9X3MP75rCf7MxAIWHTabEmUf4DAwLeNsQ2XGJVRmA8DssBUCghogG9n8T3" + + "qfBeKsplGyCcF+JjPeQXkKQaoYGJ0aJz36qFP9d8DuWtT9soQcqIxVf6mTa8" + + "kN1594hGBBgRAgAGBQJAJ6HtAAoJEDmcGkJLrdrPpMkAnRyjQSKugz0YJqOB" + + "yGasMLQLxd2OAKCEIlhtCarlufVQNGZsuWxHVbU8crACAAA="); + + private static readonly byte[] sig1 = Base64.Decode( + "owGbwMvMwCR4VvnryyOnTJwZ10gncZSkFpfolVSU2Ltz78hIzcnJVyjPL8pJUeTq" + + "sGdmZQCJwpQLMq3ayTA/0Fj3xf4jbwPfK/H3zj55Z9L1n2k/GOapKJrvMZ4tLiCW" + + "GtP/XeDqX4fORDUA"); + + private static readonly byte[] sig1crc = Base64.Decode("OZa/"); + + private static readonly byte[] testPubWithUserAttr = Base64.Decode( + "mQGiBD2Rqv0RBADqKCkhVEtB/lEEr/9CubuHEy2oN/yU5j+2GXSdcNdVnRI/rwFy" + + "fHEQIk3uU7zHSUKFrC59yDm0sODYyjEdE3BVb0xvEJ5LE/OdndcIMXT1DungZ1vB" + + "zIK/3lr33W/PHixYxv9jduH3WrTehBpiKkgMZp8XloSFj2Cnw9LDyfqB7QCg/8K1" + + "o2k75NkOd9ZjnA9ye7Ri3bEEAKyr61Mo7viPWBK1joWAEsxG0OBWM+iSlG7kwh31" + + "8efgC/7Os6x4Y0jzs8mpcbBjeZtZjS9lRbfp7RinhF269xL0TZ3JxIdtaAV/6yDQ" + + "9NXfZY9dskN++HIR/5GCEEgq/qTJZt6ti5k7aV19ZFfO6wiK3NUy08wOrVsdOkVE" + + "w9IcBADaplhpcel3201uU3OCboogJtw81R5MJMZ4Y9cKL/ca2jGISn0nA7KrAw9v" + + "ShheSixGO4BV9JECkLEbtg7i+W/j/De6S+x2GLNcphuTP3UmgtKbhs0ItRqzW561" + + "s6gLkqi6aWmgaFLd8E1pMJcd9DSY95P13EYB9VJIUxFNUopzo7QcUmFsZiBIYXVz" + + "ZXIgPGhhdXNlckBhY20ub3JnPokAWAQQEQIAGAUCPZGq/QgLAwkIBwIBCgIZAQUb" + + "AwAAAAAKCRAqIBiOh4JvOKg4AJ9j14yygOqqzqiLKeaasIzqT8LCIgCggx14WuLO" + + "wOUTUswTaVKMFnU7tseJAJwEEAECAAYFAj2Rqx8ACgkQ9aWTKMpUDFV+9QP/RiWT" + + "5FAF5Rgb7beaApsgXsME+Pw7HEYFtqGa6VcXEpbcUXO6rjaXsgMgY90klWlWCF1T" + + "HOyKITvj2FdhE+0j8NQn4vaGpiTwORW/zMf/BZ0abdSWQybp10Yjs8gXw30UheO+" + + "F1E524MC+s2AeUi2hwHMiS+AVYd4WhxWHmWuBpTRypP/AAALTgEQAAEBAAAAAQAA" + + "AAABAAAA/9j/4AAQSkZJRgABAQAAAQABAAD/2wBDAAoHBwgHBgoICAgLCgoLDhgQ" + + "Dg0NDh0VFhEYIx8lJCIfIiEmKzcvJik0KSEiMEExNDk7Pj4+JS5ESUM8SDc9Pjv/" + + "2wBDAQoLCw4NDhwQEBw7KCIoOzs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7" + + "Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozv/wAARCABqAF0DASIAAhEBAxEB/8QAHwAAAQUB" + + "AQEBAQEAAAAAAAAAAAECAwQFBgcICQoL/8QAtRAAAgEDAwIEAwUFBAQAAAF9AQID" + + "AAQRBRIhMUEGE1FhByJxFDKBkaEII0KxwRVS0fAkM2JyggkKFhcYGRolJicoKSo0" + + "NTY3ODk6Q0RFRkdISUpTVFVWV1hZWmNkZWZnaGlqc3R1dnd4eXqDhIWGh4iJipKT" + + "lJWWl5iZmqKjpKWmp6ipqrKztLW2t7i5usLDxMXGx8jJytLT1NXW19jZ2uHi4+Tl" + + "5ufo6erx8vP09fb3+Pn6/8QAHwEAAwEBAQEBAQEBAQAAAAAAAAECAwQFBgcICQoL" + + "/8QAtREAAgECBAQDBAcFBAQAAQJ3AAECAxEEBSExBhJBUQdhcRMiMoEIFEKRobHB" + + "CSMzUvAVYnLRChYkNOEl8RcYGRomJygpKjU2Nzg5OkNERUZHSElKU1RVVldYWVpj" + + "ZGVmZ2hpanN0dXZ3eHl6goOEhYaHiImKkpOUlZaXmJmaoqOkpaanqKmqsrO0tba3" + + "uLm6wsPExcbHyMnK0tPU1dbX2Nna4uPk5ebn6Onq8vP09fb3+Pn6/9oADAMBAAIR" + + "AxEAPwD2aiiq9xcxWsRllcKqjOT06E/0oAsVm6jrmm6VGXvLuOPGflz8x+grzXxV" + + "8U51u5LXRgBGowZHXknnkc9OQcV51caneXdw9xPOXlckl2AJHY4J6cD1oA9J1z4p" + + "TRkrYQhRyQ0hIY5/2QRx7k9ulczN8SvEEshdZkX0UorDrznI759a5Mksckkknqec" + + "mkoA7WD4oavEoEttbTepYEZ+mCMVv6H8SLTULhbe/gFozAYkD5Unp3Ax/kV5XRQB" + + "9EAhgCDkHkEcgilryTwd4zn0m4WzvpTJZSMBuY5MfbueletKyugZWDKwyCOc/j3o" + + "AduyWLDeWB5Ynj8jSUUUAdFXn/xU15dO0RbGGYC5uWwUB6L1Jx+n413F1cJa2stz" + + "J92JC5+gGa+bdfvp9S1q4urmRneQg5Yk4HGAPYZoAzySxySSSep5yaSvQvAPhOHU" + + "rB7u5iLGUlIwQRx7HPr/AJ9LGsfC+dJGngc+X12gc8nvx1/rQB5rRXS3Xg28t9ye" + + "VLvA7Ddj8MDt6Vnx6JKJCsocnBwqqQSOxPH+fWgDKorTl0SaLGXxkZ+ZcZ4z1yfb" + + "P1qg0MqLueN1A6kqRigCOvVPh74mF9YjS7tgLi3GIm6b17c+oOfrXlda3haeW38R" + + "WjxfeMgBOCcD/PHpzQB7nRRRQBqarZjUNLubPJXz4yhI64PFfO3iDRrnRtdm0+cq" + + "0ocEbehzyOv1xX0vXnHxU8Kf2hYf23aRk3VsMTAZO6MZ5x7UAbfga1W00WzjRSF8" + + "kbsg5z744HT/ADmuoysikdQSVP8AI1yPgq6il0axk27V8sDcTg5x7V1qSxOcJIrH" + + "/ZOaAKV5p8JgJSPJGMr97PNcxqOiRXLiRI8nONoIGO55z/8AqyeldhPcQxwyOzoQ" + + "owRkflXH6t4q0nTLjy57mNXfJCA5x+Qx0NAGXd6LD5iiaPYwTAAx07+vXvXOXmiR" + + "Qu6u5VTk/MQQV7cdvxPT866KbxTpt7HGR8p7SMw5HuOP8/Ws/ULlb2No0bKMOGBJ" + + "BHrjHHXn6D8QDzWZQk8iAYVWIA9K6LwDZNeeJ4sEqsaF2YHBHpz2/wA/WsG+V0vZ" + + "kkGGVsEZz9OcntXffC62iiS7vJTsklKxRFuAw6nBP+eKAPRKKKKAOiqOSNJYzHIo" + + "ZGGCD0NSUUAeRajIunwzQG4e3tYZTHGsPzOxJ6ADuQcH8Pw5v+19Q0rVJVgl1JG3" + + "cxykEj13cnHT1r1C38OQ3l063cIkkhmkZDKSeCfx9R/kVLeeGIRKs7hVVDn5OCx9" + + "yeTjqMf0oAo3k1xP4biuJFeKV4w7gDaQcen1/wAjt5gbK81HW41kIiJBZppULe47" + + "eoxx+YzivW9Vh/0FAE+XPIJGCOR0rnbPT7eG+LyxlkAG1wQSPXrjvg9MfjQBycNj" + + "4hMRZgJkUjETQqAy/UAY6DoO/wCNbVlYTNbSNJbmBlBwoUfM30B7j2/lz20VhbKA" + + "wHmZOQWbOfyrO1G3jil8tBhWToOcdu+c/wAvagDzbUdGlu9aRxFiB/vsuBggZOfq" + + "cfWujSIR2dnNZTEeXKgMcb4BUHjofbjNKmI5juiabaGGxVJLcdh/nFWtI0oxagsD" + + "DIkkWXYp4VQDnOemSfyHbigDtgSQMjBI6HqKKKKAOiopoPXjGKdQBnXLiDUI5SMK" + + "VwxHGf8APFUtW1A+YkMKmbnc23njuf6D/ObWquoaNSQCM/rwP1rMYxxTGWR1UsoU" + + "biAcdep+o/KgDG1LxdpracIirCVRjaykHr6cHGQe1cv/AGjNcXBW3sntyT/rHcjj" + + "Hp6Z+nQdAK6PXIdIvcE3Fv5rEfNgP9eRn8c8d/rgzX2i2sqo1y8745CD5WPseOnH" + + "f8aANiz1O9gjiR5FMUhAV1wcH0Ix6jHHSrMsskz7pGy2MZNc8PEEM7xxWsM/lr8r" + + "b4jtI9CcHt7nr7Vqi4JuEjB2qse9y2Ace47dRn/OQDMuRMl8RHw7SgDBPGT6jpwf" + + "yzXa2NmbYF3IMrDB2kkAe3HP5Vwk99u1hdg3ANuOOOB0z6ZwPz6c8eiAhgCDkHkE" + + "cgigBaKKKAOiqJiMEb9mBknjim3LFIGcOU285ArNa8mKIN3QclScn6+/FADL9xOc" + + "K2Tj7xAxnAwQPqOmawdSNpeSJBfQyGNXwQpIAPvjqOPyPT12nYsxYnJIGSeMnHP+" + + "e9UL7TUumEqOYp1GNw6N/vDv/wDXoA5+70vSbFGlhtopUxkBl3EZ45z7/kKwTdpN" + + "cIsOmeSCduUiCnB9cdeg/M/j0v8AbFtY5hu0gjmGSRICT19cdMDt3+lULzxPZGZv" + + "LXcBnCrwB6Y4PX+ZoAptMRbiMDAGSSMksf8A9Q6DuKzJtVYs+BvcPgMTkEdOTnrx" + + "/KoLzVmvZZQjjaT82DyPbqcdx+GKitLf7TNsLYAGWPfH+TQBcsYJDE0rOyu4wjHk" + + "gfQ+p/zzWjpnja5sdSOm6yyK0Z2pMCQjZ+6SM9CCMdhnp3E1hYy393FaW0eXfjAx" + + "gAdT26D+X4Vg/EuFLbxOsCYBitkQkEdsgcADsB+lAHplvqUbsu5vlYA5PIB7468e" + + "nPf8lfUlDkRRrIvqZNn6EV41o3iO/wBFcCJ/MhBP7pjwD6g9ua7G08b6TcRl7h5L" + + "eTPKvGz5+hUH9cUAeo3uFDrt+Y4O7HOOB69Pr/8AXqhUlx/r2/z2qOgBCQoJJwBy" + + "SeABXHeIfHVvbXcemaW4luHlVJJlIKxjODgg8nqKq/Em6uItOhWOeVAx5CuRnrXn" + + "+jf8hyw/6+Y//QhQB6xrmlxzXc0NyuHVyQcdjnBz379D1BGeK5u88LMJGlt2RlX7" + + "qkEsPXn6/pXo/ilVzbttG7DDOOeornqAONbRpI4v3pKOQcAqQD+Y/P6j052NK0p5" + + "HWHy3IBPyqrfN6gZz+P4/hpXoGzOOiP/ACNdH4XRftsp2jIBxx70AX9E0pdMtvMm" + + "VRNt5xyEGOgPf3NeDeLdVOs+J768zlGkKx+yjgfy/WvoPXeNEvMcfujXzJQAUUUU" + + "Af/ZiQBGBBARAgAGBQI9katEAAoJECogGI6Hgm84xz8AoNGz1fJrVPxqkBrUDmWA" + + "GsP6qVGYAJ0ZOftw/GfQHzdGR8pOK85DLUPEErQkUmFsZiBIYXVzZXIgPGhhdXNl" + + "ckBwcml2YXNwaGVyZS5jb20+iQBGBBARAgAGBQI9katmAAoJECogGI6Hgm84m0oA" + + "oJS3CTrgpqRZfhgPtHGtUVjRCJbbAJ9stJgPcbqA2xXEg9yl2TQToWdWxbQkUmFs" + + "ZiBIYXVzZXIgPGhhdXNlckBwcml2YXNwaGVyZS5vcmc+iQBGBBARAgAGBQI9kauJ" + + "AAoJECogGI6Hgm84GfAAnRswktLMzDfIjv6ni76Qp5B850byAJ90I0LEHOLhda7r" + + "kqTwZ8rguNssUrQkUmFsZiBIYXVzZXIgPGhhdXNlckBwcml2YXNwaGVyZS5uZXQ+" + + "iQBGBBARAgAGBQI9kaubAAoJECogGI6Hgm84zi0An16C4s/B9Z0/AtfoN4ealMh3" + + "i3/7AJ9Jg4GOUqGCGRRKUA9Gs5pk8yM8GbQmUmFsZiBDLiBIYXVzZXIgPHJhbGZo" + + "YXVzZXJAYmx1ZXdpbi5jaD6JAEYEEBECAAYFAj2Rq8oACgkQKiAYjoeCbzhPOACg" + + "iiTohKuIa66FNiI24mQ+XR9nTisAoLmh3lJf16/06qLPsRd9shTkLfmHtB9SYWxm" + + "IEhhdXNlciA8cmFsZmhhdXNlckBnbXguY2g+iQBGBBARAgAGBQI9kavvAAoJECog" + + "GI6Hgm84ZE8An0RlgL8mPBa/P08S5e/lD35MlDdgAJ99pjCeY46S9+nVyx7ACyKO" + + "SZ4OcLQmUmFsZiBIYXVzZXIgPGhhdXNlci5yYWxmQG15c3VucmlzZS5jaD6JAEYE" + + "EBECAAYFAj2RrEEACgkQKiAYjoeCbzjz0wCg+q801XrXk+Rf+koSI50MW5OaaKYA" + + "oKOVA8SLxE29qSR/bJeuW0ryzRLqtCVSYWxmIEhhdXNlciA8aGF1c2VyLnJhbGZA" + + "ZnJlZXN1cmYuY2g+iQBGBBARAgAGBQI9kaxXAAoJECogGI6Hgm848zoAnRBtWH6e" + + "fTb3is63s8J2zTfpsyS0AKDxTjl+ZZV0COHLrSCaNLZVcpImFrkEDQQ9kar+EBAA" + + "+RigfloGYXpDkJXcBWyHhuxh7M1FHw7Y4KN5xsncegus5D/jRpS2MEpT13wCFkiA" + + "tRXlKZmpnwd00//jocWWIE6YZbjYDe4QXau2FxxR2FDKIldDKb6V6FYrOHhcC9v4" + + "TE3V46pGzPvOF+gqnRRh44SpT9GDhKh5tu+Pp0NGCMbMHXdXJDhK4sTw6I4TZ5dO" + + "khNh9tvrJQ4X/faY98h8ebByHTh1+/bBc8SDESYrQ2DD4+jWCv2hKCYLrqmus2UP" + + "ogBTAaB81qujEh76DyrOH3SET8rzF/OkQOnX0ne2Qi0CNsEmy2henXyYCQqNfi3t" + + "5F159dSST5sYjvwqp0t8MvZCV7cIfwgXcqK61qlC8wXo+VMROU+28W65Szgg2gGn" + + "VqMU6Y9AVfPQB8bLQ6mUrfdMZIZJ+AyDvWXpF9Sh01D49Vlf3HZSTz09jdvOmeFX" + + "klnN/biudE/F/Ha8g8VHMGHOfMlm/xX5u/2RXscBqtNbno2gpXI61Brwv0YAWCvl" + + "9Ij9WE5J280gtJ3kkQc2azNsOA1FHQ98iLMcfFstjvbzySPAQ/ClWxiNjrtVjLhd" + + "ONM0/XwXV0OjHRhs3jMhLLUq/zzhsSlAGBGNfISnCnLWhsQDGcgHKXrKlQzZlp+r" + + "0ApQmwJG0wg9ZqRdQZ+cfL2JSyIZJrqrol7DVes91hcAAgIQAKD9MGkS8SUD2irI" + + "AiwVHU0WXLBnk2CvvueSmT9YtC34UKkIkDPZ7VoeuXDfqTOlbiE6T16zPvArZfbl" + + "JGdrU7HhsTdu+ADxRt1dPur0G0ICJ3pBD3ydGWpdLI/94x1BvTY4rsR5mS4YWmpf" + + "e2kWc7ZqezhP7Xt9q7m4EK456ddeUZWtkwGU+PKyRAZ+CK82Uhouw+4aW0NjiqmX" + + "hfH9/BUhI1P/8R9VkTfAFGPmZzqoHr4AuO5tLRLD2RFSmQCP8nZTiP9nP+wBBvn7" + + "vuqKRQsj9PwwPD4V5SM+kpW+rUIWr9TZYl3UqSnlXlpEZFd2Bfl6NloeH0cfU69E" + + "gtjcWGvGxYKPS0cg5yhVb4okka6RqIPQiYl6eJgv4tRTKoPRX29o0aUVdqVvDr5u" + + "tnFzcINq7jTo8GiO8Ia3cIFWfo0LyQBd1cf1U+eEOz+DleEFqyljaz9VCbDPE4GP" + + "o+ALESBlOwn5daUSaah9iU8aVPaSjn45hoQqxOKPwJxnCKKQ01iy0Gir+CDU8JJB" + + "7bmbvQN4bke30EGAeED3oi+3VaBHrhjYLv7SHIxP5jtCJKWMJuLRV709HsWJi3kn" + + "fGHwH+yCDF8+PDeROAzpXBaD2EFhKgeUTjP5Rgn6ltRf8TQnfbW4qlwyiXMhPOfC" + + "x6qNmwaFPKQJpIkVq5VGfRXAERfkiQBMBBgRAgAMBQI9kar+BRsMAAAAAAoJECog" + + "GI6Hgm84CDMAoNrNeP4c8XqFJnsLLPcjk5YGLaVIAKCrL5KFuLQVIp7d0Fkscx3/" + + "7DGrzw=="); + + private static readonly byte[] aesSecretKey = Base64.Decode( + "lQHpBEBSdIYRBADpd7MeIxRk4RsvyMnJNIYe4FiVv6i7I7+LPRvnIjDct0bN" + + "1gCV48QFej7g/PsvXRjYSowV3VIvchWX8OERd/5i10cLbcs7X52EP1vwYaLj" + + "uRfNUBg8Q51RQsKR+/rBmnVsi68rjU4yTH6wpo6FOO4pz4wFV+tWwGOwOitA" + + "K31L4wCgqh59eFFBrOlRFAbDvaL7emoCIR8EAOLxDKiLQJYQrKZfXdZnifeo" + + "dhEP0uuV4O5TG6nrqkhWffzC9cSoFD0BhMl979d8IB2Uft4FNvQc2u8hbJL5" + + "7OCGDCUAidlB9jSdu0/J+kfRaTGhYDjBgw7AA42576BBSMNouJg/aOOQENEN" + + "Nn4n7NxR3viBzIsL/OIeU8HSkBgaA/41PsvcgZ3kwpdltJ/FVRWhmMmv/q/X" + + "qp1YOnF8xPU9bv2ofELrxJfRsbS4GW1etzD+nXs/woW4Vfixs01x+cutR4iF" + + "3hw+eU+yLToMPmmo8D2LUvX1SRODJpx5yBBeRIYv6nz9H3sQRDx3kaLASxDV" + + "jTxKmrLYnZz5w5qyVpvRyv4JAwKyWlhdblPudWBFXNkW5ydKn0AV2f51wEtj" + + "Zy0aLIeutVMSJf1ytLqjFqrnFe6pdJrHO3G00TE8OuFhftWosLGLbEGytDtF" + + "cmljIEguIEVjaGlkbmEgKHRlc3Qga2V5IC0gQUVTMjU2KSA8ZXJpY0Bib3Vu" + + "Y3ljYXN0bGUub3JnPohZBBMRAgAZBQJAUnSGBAsHAwIDFQIDAxYCAQIeAQIX" + + "gAAKCRBYt1NnUiCgeFKaAKCiqtOO+NQES1gJW6XuOGmSkXt8bQCfcuW7SXZH" + + "zxK1FfdcG2HEDs3YEVawAgAA"); + + private static readonly byte[] aesPublicKey = Base64.Decode( + "mQGiBEBSdIYRBADpd7MeIxRk4RsvyMnJNIYe4FiVv6i7I7+LPRvnIjDct0bN" + + "1gCV48QFej7g/PsvXRjYSowV3VIvchWX8OERd/5i10cLbcs7X52EP1vwYaLj" + + "uRfNUBg8Q51RQsKR+/rBmnVsi68rjU4yTH6wpo6FOO4pz4wFV+tWwGOwOitA" + + "K31L4wCgqh59eFFBrOlRFAbDvaL7emoCIR8EAOLxDKiLQJYQrKZfXdZnifeo" + + "dhEP0uuV4O5TG6nrqkhWffzC9cSoFD0BhMl979d8IB2Uft4FNvQc2u8hbJL5" + + "7OCGDCUAidlB9jSdu0/J+kfRaTGhYDjBgw7AA42576BBSMNouJg/aOOQENEN" + + "Nn4n7NxR3viBzIsL/OIeU8HSkBgaA/41PsvcgZ3kwpdltJ/FVRWhmMmv/q/X" + + "qp1YOnF8xPU9bv2ofELrxJfRsbS4GW1etzD+nXs/woW4Vfixs01x+cutR4iF" + + "3hw+eU+yLToMPmmo8D2LUvX1SRODJpx5yBBeRIYv6nz9H3sQRDx3kaLASxDV" + + "jTxKmrLYnZz5w5qyVpvRyrQ7RXJpYyBILiBFY2hpZG5hICh0ZXN0IGtleSAt" + + "IEFFUzI1NikgPGVyaWNAYm91bmN5Y2FzdGxlLm9yZz6IWQQTEQIAGQUCQFJ0" + + "hgQLBwMCAxUCAwMWAgECHgECF4AACgkQWLdTZ1IgoHhSmgCfU83BLBF2nCua" + + "zk2dXB9zO1l6XS8AnA07U4cq5W0GrKM6/kP9HWtPhgOFsAIAAA=="); + + private static readonly byte[] twofishSecretKey = Base64.Decode( + "lQHpBEBSdtIRBACf7WfrqTl8F051+EbaljPf/8/ajFpAfMq/7p3Hri8OCsuc" + + "fJJIufEEOV1/Lt/wkN67MmSyrU0fUCsRbEckRiB4EJ0zGHVFfAnku2lzdgc8" + + "AVounqcHOmqA/gliFDEnhYOx3bOIAOav+yiOqfKVBhWRCpFdOTE+w/XoDM+p" + + "p8bH5wCgmP2FuWpzfSut7GVKp51xNEBRNuED/3t2Q+Mq834FVynmLKEmeXB/" + + "qtIz5reHEQR8eMogsOoJS3bXs6v3Oblj4in1gLyTVfcID5tku6kLP20xMRM2" + + "zx2oRbz7TyOCrs15IpRXyqqJxUWD8ipgJPkPXE7hK8dh4YSTUi4i5a1ug8xG" + + "314twlPzrchpWZiutDvZ+ks1rzOtBACHrEFG2frUu+qVkL43tySE0cV2bnuK" + + "LVhXbpzF3Qdkfxou2nuzsCbl6m87OWocJX8uYcQGlHLKv8Q2cfxZyieLFg6v" + + "06LSFdE9drGBWz7mbrT4OJjxPyvnkffPfLOOqae3PMYIIuscvswuhm4X5aoj" + + "KJs01YT3L6f0iIj03hCeV/4KAwLcGrxT3X0qR2CZyZYSVBdjXeNYKXuGBtOf" + + "ood26WOtwLw4+l9sHVoiXNv0LomkO58ndJRPGCeZWZEDMVrfkS7rcOlktDxF" + + "cmljIEguIEVjaGlkbmEgKHRlc3Qga2V5IC0gdHdvZmlzaCkgPGVyaWNAYm91" + + "bmN5Y2FzdGxlLm9yZz6IWQQTEQIAGQUCQFJ20gQLBwMCAxUCAwMWAgECHgEC" + + "F4AACgkQaCCMaHh9zR2+RQCghcQwlt4B4YmNxp2b3v6rP3E8M0kAn2Gspi4u" + + "A/ynoqnC1O8HNlbjPdlVsAIAAA=="); + + private static readonly byte[] twofishPublicKey = Base64.Decode( + "mQGiBEBSdtIRBACf7WfrqTl8F051+EbaljPf/8/ajFpAfMq/7p3Hri8OCsuc" + + "fJJIufEEOV1/Lt/wkN67MmSyrU0fUCsRbEckRiB4EJ0zGHVFfAnku2lzdgc8" + + "AVounqcHOmqA/gliFDEnhYOx3bOIAOav+yiOqfKVBhWRCpFdOTE+w/XoDM+p" + + "p8bH5wCgmP2FuWpzfSut7GVKp51xNEBRNuED/3t2Q+Mq834FVynmLKEmeXB/" + + "qtIz5reHEQR8eMogsOoJS3bXs6v3Oblj4in1gLyTVfcID5tku6kLP20xMRM2" + + "zx2oRbz7TyOCrs15IpRXyqqJxUWD8ipgJPkPXE7hK8dh4YSTUi4i5a1ug8xG" + + "314twlPzrchpWZiutDvZ+ks1rzOtBACHrEFG2frUu+qVkL43tySE0cV2bnuK" + + "LVhXbpzF3Qdkfxou2nuzsCbl6m87OWocJX8uYcQGlHLKv8Q2cfxZyieLFg6v" + + "06LSFdE9drGBWz7mbrT4OJjxPyvnkffPfLOOqae3PMYIIuscvswuhm4X5aoj" + + "KJs01YT3L6f0iIj03hCeV7Q8RXJpYyBILiBFY2hpZG5hICh0ZXN0IGtleSAt" + + "IHR3b2Zpc2gpIDxlcmljQGJvdW5jeWNhc3RsZS5vcmc+iFkEExECABkFAkBS" + + "dtIECwcDAgMVAgMDFgIBAh4BAheAAAoJEGggjGh4fc0dvkUAn2QGdNk8Wrrd" + + "+DvKECrO5+yoPRx3AJ91DhCMme6uMrQorKSDYxHlgc7iT7ACAAA="); + + private static readonly char[] pass = "hello world".ToCharArray(); + + /** + * Generated signature test + * + * @param sKey + * @param pgpPrivKey + * @return test result + */ + public void GenerateTest( + PgpSecretKeyRing sKey, + PgpPublicKey pgpPubKey, + PgpPrivateKey pgpPrivKey) + { + string data = "hello world!"; + MemoryStream bOut = new MemoryStream(); + + byte[] dataBytes = Encoding.ASCII.GetBytes(data); + MemoryStream testIn = new MemoryStream(dataBytes, false); + + PgpSignatureGenerator sGen = new PgpSignatureGenerator(PublicKeyAlgorithmTag.Dsa, HashAlgorithmTag.Sha1); + + sGen.InitSign(PgpSignature.BinaryDocument, pgpPrivKey); + + PgpSignatureSubpacketGenerator spGen = new PgpSignatureSubpacketGenerator(); + + IEnumerator enumerator = sKey.GetSecretKey().PublicKey.GetUserIds().GetEnumerator(); + enumerator.MoveNext(); + string primaryUserId = (string) enumerator.Current; + + spGen.SetSignerUserId(true, primaryUserId); + + sGen.SetHashedSubpackets(spGen.Generate()); + + PgpCompressedDataGenerator cGen = new PgpCompressedDataGenerator( + CompressionAlgorithmTag.Zip); + + BcpgOutputStream bcOut = new BcpgOutputStream(cGen.Open(new UncloseableStream(bOut))); + + sGen.GenerateOnePassVersion(false).Encode(bcOut); + + PgpLiteralDataGenerator lGen = new PgpLiteralDataGenerator(); + + DateTime testDateTime = new DateTime(1973, 7, 27); + Stream lOut = lGen.Open( + new UncloseableStream(bcOut), + PgpLiteralData.Binary, + "_CONSOLE", + dataBytes.Length, + testDateTime); + + int ch; + while ((ch = testIn.ReadByte()) >= 0) + { + lOut.WriteByte((byte) ch); + sGen.Update((byte)ch); + } + + lGen.Close(); + + sGen.Generate().Encode(bcOut); + + cGen.Close(); + + PgpObjectFactory pgpFact = new PgpObjectFactory(bOut.ToArray()); + PgpCompressedData c1 = (PgpCompressedData)pgpFact.NextPgpObject(); + + pgpFact = new PgpObjectFactory(c1.GetDataStream()); + + PgpOnePassSignatureList p1 = (PgpOnePassSignatureList)pgpFact.NextPgpObject(); + PgpOnePassSignature ops = p1[0]; + + PgpLiteralData p2 = (PgpLiteralData) pgpFact.NextPgpObject(); + if (!p2.ModificationTime.Equals(testDateTime)) + { + Fail("Modification time not preserved"); + } + + Stream dIn = p2.GetInputStream(); + + ops.InitVerify(pgpPubKey); + + while ((ch = dIn.ReadByte()) >= 0) + { + ops.Update((byte) ch); + } + + PgpSignatureList p3 = (PgpSignatureList) pgpFact.NextPgpObject(); + + if (!ops.Verify(p3[0])) + { + Fail("Failed generated signature check"); + } + } + + public override void PerformTest() + { + PgpPublicKey pubKey = null; + + // + // Read the public key + // + PgpPublicKeyRing pgpPub = new PgpPublicKeyRing(testPubKey); + + pubKey = pgpPub.GetPublicKey(); + + // + // Read the private key + // + PgpSecretKeyRing sKey = new PgpSecretKeyRing(testPrivKey); + PgpSecretKey secretKey = sKey.GetSecretKey(); + PgpPrivateKey pgpPrivKey = secretKey.ExtractPrivateKey(pass); + + // + // test signature message + // + PgpObjectFactory pgpFact = new PgpObjectFactory(sig1); + PgpCompressedData c1 = (PgpCompressedData)pgpFact.NextPgpObject(); + pgpFact = new PgpObjectFactory(c1.GetDataStream()); + + PgpOnePassSignatureList p1 = (PgpOnePassSignatureList)pgpFact.NextPgpObject(); + PgpOnePassSignature ops = p1[0]; + + PgpLiteralData p2 = (PgpLiteralData)pgpFact.NextPgpObject(); + + Stream dIn = p2.GetInputStream(); + + ops.InitVerify(pubKey); + + int ch; + while ((ch = dIn.ReadByte()) >= 0) + { + ops.Update((byte) ch); + } + + PgpSignatureList p3 = (PgpSignatureList) pgpFact.NextPgpObject(); + + if (!ops.Verify(p3[0])) + { + Fail("Failed signature check"); + } + + // + // signature generation + // + GenerateTest(sKey, pubKey, pgpPrivKey); + + // + // signature generation - canonical text + // + const string data = "hello world!"; + byte[] dataBytes = Encoding.ASCII.GetBytes(data); + MemoryStream bOut = new MemoryStream(); + MemoryStream testIn = new MemoryStream(dataBytes, false); + PgpSignatureGenerator sGen = new PgpSignatureGenerator( + PublicKeyAlgorithmTag.Dsa, HashAlgorithmTag.Sha1); + + sGen.InitSign(PgpSignature.CanonicalTextDocument, pgpPrivKey); + + PgpCompressedDataGenerator cGen = new PgpCompressedDataGenerator( + CompressionAlgorithmTag.Zip); + + BcpgOutputStream bcOut = new BcpgOutputStream(cGen.Open(new UncloseableStream(bOut))); + + sGen.GenerateOnePassVersion(false).Encode(bcOut); + + PgpLiteralDataGenerator lGen = new PgpLiteralDataGenerator(); + DateTime testDateTime = new DateTime(1973, 7, 27); + Stream lOut = lGen.Open( + new UncloseableStream(bcOut), + PgpLiteralData.Text, + "_CONSOLE", + dataBytes.Length, + testDateTime); + + while ((ch = testIn.ReadByte()) >= 0) + { + lOut.WriteByte((byte) ch); + sGen.Update((byte)ch); + } + + lGen.Close(); + + sGen.Generate().Encode(bcOut); + + cGen.Close(); + + // + // verify Generated signature - canconical text + // + pgpFact = new PgpObjectFactory(bOut.ToArray()); + + c1 = (PgpCompressedData) pgpFact.NextPgpObject(); + + pgpFact = new PgpObjectFactory(c1.GetDataStream()); + + p1 = (PgpOnePassSignatureList) pgpFact.NextPgpObject(); + + ops = p1[0]; + + p2 = (PgpLiteralData) pgpFact.NextPgpObject(); + if (!p2.ModificationTime.Equals(testDateTime)) + { + Fail("Modification time not preserved"); + } + + dIn = p2.GetInputStream(); + + ops.InitVerify(pubKey); + + while ((ch = dIn.ReadByte()) >= 0) + { + ops.Update((byte)ch); + } + + p3 = (PgpSignatureList) pgpFact.NextPgpObject(); + + if (!ops.Verify(p3[0])) + { + Fail("Failed generated signature check"); + } + + // + // Read the public key with user attributes + // + pgpPub = new PgpPublicKeyRing(testPubWithUserAttr); + + pubKey = pgpPub.GetPublicKey(); + + int count = 0; + foreach (PgpUserAttributeSubpacketVector attributes in pubKey.GetUserAttributes()) + { + int sigCount = 0; + foreach (object sigs in pubKey.GetSignaturesForUserAttribute(attributes)) + { + if (sigs == null) + Fail("null signature found"); + + sigCount++; + } + + if (sigCount != 1) + { + Fail("Failed user attributes signature check"); + } + + count++; + } + + if (count != 1) + { + Fail("Failed user attributes check"); + } + + byte[] pgpPubBytes = pgpPub.GetEncoded(); + pgpPub = new PgpPublicKeyRing(pgpPubBytes); + pubKey = pgpPub.GetPublicKey(); + count = 0; + + foreach (object ua in pubKey.GetUserAttributes()) + { + if (ua == null) + Fail("null user attribute found"); + + count++; + } + + if (count != 1) + { + Fail("Failed user attributes reread"); + } + + // + // reading test extra data - key with edge condition for DSA key password. + // + char[] passPhrase = { '0', '1', '2', '3', '4', '5', '6', '7', '8', '9' }; + + sKey = new PgpSecretKeyRing(testPrivKey2); + pgpPrivKey = sKey.GetSecretKey().ExtractPrivateKey(passPhrase); + + // + // reading test - aes256 encrypted passphrase. + // + sKey = new PgpSecretKeyRing(aesSecretKey); + pgpPrivKey = sKey.GetSecretKey().ExtractPrivateKey(pass); + + // + // reading test - twofish encrypted passphrase. + // + sKey = new PgpSecretKeyRing(twofishSecretKey); + pgpPrivKey = sKey.GetSecretKey().ExtractPrivateKey(pass); + + // + // use of PgpKeyPair + // + DsaParametersGenerator pGen = new DsaParametersGenerator(); + pGen.Init(512, 80, new SecureRandom()); // TODO Is the certainty okay? + DsaParameters dsaParams = pGen.GenerateParameters(); + DsaKeyGenerationParameters kgp = new DsaKeyGenerationParameters(new SecureRandom(), dsaParams); + IAsymmetricCipherKeyPairGenerator kpg = GeneratorUtilities.GetKeyPairGenerator("DSA"); + kpg.Init(kgp); + + + AsymmetricCipherKeyPair kp = kpg.GenerateKeyPair(); + + PgpKeyPair pgpKp = new PgpKeyPair(PublicKeyAlgorithmTag.Dsa, + kp.Public, kp.Private, DateTime.UtcNow); + + PgpPublicKey k1 = pgpKp.PublicKey; + PgpPrivateKey k2 = pgpKp.PrivateKey; + } + + public override string Name + { + get { return "PgpDsaTest"; } + } + + public static void Main(string[] args) + { + RunTest(new PgpDsaTest()); + } + + [Test] + public void TestFunction() + { + string resultText = Perform().ToString(); + + Assert.AreEqual(Name + ": Okay", resultText); + } + } +} diff --git a/BouncyCastle/crypto/test/src/openpgp/test/PGPNoPrivateKeyTest.cs b/BouncyCastle/crypto/test/src/openpgp/test/PGPNoPrivateKeyTest.cs new file mode 100644 index 0000000..3006aeb --- /dev/null +++ b/BouncyCastle/crypto/test/src/openpgp/test/PGPNoPrivateKeyTest.cs @@ -0,0 +1,167 @@ +using System; + +using NUnit.Framework; + +using Org.BouncyCastle.Security; +using Org.BouncyCastle.Utilities.Encoders; +using Org.BouncyCastle.Utilities.Test; + +namespace Org.BouncyCastle.Bcpg.OpenPgp.Tests +{ + [TestFixture] + public class PgpNoPrivateKeyTest + : SimpleTest + { + private static string pgpOldPass = "test"; + private static string pgpNewPass = "newtest"; + + private static readonly byte[] pgpPrivateEmpty = Base64.Decode( + "lQCVBFGSNGwBBACwABZRIEW/4vDQajcO0FW39yNDcsHBDwPkGT95D7jiVTTRoSs6" + + "ACWRAAwGlz4V62U0+nEgasxpifHnu6jati5zxwS16qNvBcxcqZrdZWdvolzCWWsr" + + "pFd0juhwesrvvUb5dN/xCJKyLPkp6A+uwv35/cxVSOHFvbW7nnronwinYQARAQAB" + + "/gJlAkdOVQG0HlRlc3QgVGVzdGVyc29uIDx0ZXN0QHRlc3QubmV0Poi4BBMBAgAi" + + "BQJRkjRsAhsDBgsJCAcDAgYVCAIJCgsEFgIDAQIeAQIXgAAKCRDSr6Hh9tuk5NfI" + + "A/4iMPF9k2/7KanWksNrBqhKemsyI7hLTxAwv+AA9B0rOO2QoJYe9OjuKn199fNO" + + "JPsAgwy7okvDe3QAUz3WA9GlghM5STYvonFJtl7o4kyjcZ4HO2ZI5Bdc5O9i63QA" + + "rNv40qVp++A3Mf+13z7cftKufj0vOfw6YeayLVXcV4h95J0B/gRRkjSNAQQA2l3d" + + "ZnFFYXYDoNHz1cOX4787CbKdBIfiALFfdbyQ6TzYkCTJTnVCZlQs2aeyrcdTSZUx" + + "N4y9bih4nfJ8uRKyQvLm6O0u6bG16kUDDnnwlsGn3uvTXfUwnSPq8pFY2acde6ZG" + + "N25vezNK1R6C7kU3+puNHqBIRANfHTsBElaD2V0AEQEAAf4CAwIUI0+QlwBVFdNa" + + "S/ppOwSht7Gr19AK4SHe92VWDKnCBPN2W3vhM4NcZSQCV2oiEMI0akLZ26jqCiRl" + + "AvTjLSVDho1rUWbaSxFfKlDQNbxCJKlMQeVfbsWXJMeDkn1AhPru3PBLl6Y1jocd" + + "vIVM7aQugNQlwEuFWgtZeODxcgBfX2lQeEMIv0AtWTAMt6MVT8AgnFqiqC4+14t0" + + "j2CHP2hqCDr5zw9gerAYQ0F03OS34vDm4Y5DmQFjyB05QO2cIN4DZ9gJg8NAQT+P" + + "+bwWR3/i9pTq3InNkoi2uT41OnHsYWgKoEQn62BDxjbvO359crUiq9VvS52v2UXh" + + "b6Z+fF3PoXXsobS1QQwTPXAeA/mlAflTp+HrkckatY7DgWbON1SSn4Z1XcWPKBSY" + + "epS5+90Tj3byZvN7Laj61ZlXVBvU3x7z6MaBZDf4479fklcUnJ13v+P6uGnTI4YE" + + "Q5pPjHn1dDqD2Nl8ZW9ufK9pPYkBPQQYAQIACQUCUZI0jQIbAgCoCRDSr6Hh9tuk" + + "5J0gBBkBAgAGBQJRkjSNAAoJEPIU7wJ5Ws2K0F0D/jHx4jrZq7SCv69/4hictjgz" + + "nNNFSOm20/brHXMBdp6p9mBqt28WU8fgRkxS0mz+1i7VNTv6ZwUXawfTyOVCPR5B" + + "QEC+FA+LvdX0UcJBJpa9tT4koz1JBxmppxxLYdS2A5sslPD5If8QHUaOMEX9O1I+" + + "So3rEh3+DuhQj88FUuG8uJAD/3Xtpf/5nEpghLOZdQ/7QkLCoRZk7fwjChQNFSJU" + + "5xiZbZ/GsSvU1IqAP/NZBmBO0qDm5m7ahXy71O1bMFtaiUaw2Mb7dwqqDvppbjIB" + + "OHdIhSnAorRLcnjm8z51QVMzHmgvKt5/e1q1fzsVzza6DWtYr2X/1VsuouSC1uz1" + + "nPdgnQH+BFGSNJ4BBAC3KliQlchs0rctsXbhA/GEfiO0s9tAgVsfJL1PWUkC+26M" + + "yBbqkVg5RV+J6dyTSeT6cDI8PMu8XFPO6H2WWdovfs7X9K1lxfnNWxQB2L6t2xre" + + "XyFqvTsYEFuGvYmbNyUYvA+daHD0xqX8UrC0J6TYg5ie5I685X8gFKVEtGYG/wAR" + + "AQAB/gIDAuMt34hcdJPX03uBj9LtjcnrMNLyF7PVJv4wBXEt7T9Kp8cYZ80Sxpd2" + + "11LHzjgiPg1kkkImJ9Ie1qbPZjc9tyiGf47m0TIORnKtwNb2YN+sKLpqZ+ienfTs" + + "vc0uyuVGW+8PCt409M9R++0q66sxvb3oKBp2zsr3BbGaISs4OVxY2L8uU3t5j9pi" + + "qKdV2XTiV9OZJ+2f1au1tMwhNPzjVJ4GH53TxewSkshRJTZtw2ouUJkdA/bizfNO" + + "9XYYvV8sW1/ASe1dnOs+ANDGzumzSA00dWPSveURroG+ZtVXVgkakJJtDwdAYutP" + + "kSm28cnsl1OmrBKPonB5N3uDjTlq56vji1d2F5ugAXTTD5PptiML1wEB/TqsRJRX" + + "uY7DLy+8iukOVOyoVw63UMX27YUz61JJZYcB7U28gNeRyBsnTEbjmvteoFsYnaGg" + + "Owgc+1Zx4rQdZEqxZRmfwmiUgHGyI9OpvoVaTIuDIqDd2ZRWiJ8EGAECAAkFAlGS" + + "NJ4CGwwACgkQ0q+h4fbbpOScsgQAmMymSfAmltnHQzKr5k2GvlAqIzl9MqKVm9wA" + + "0Cx3grwzPaiqmfspPIueQ8Phexiy6dwfPrwNoKnJOEjM6/sOcWEmLiIoYi+/oQjU" + + "12zwogOfzT/1hPpG5zs+GBGX4sorCK663PuovwCEoNrWm+7nItfTwdnFavNuj7s4" + + "+b3JLdM="); + + private static readonly byte[] pgpPrivateFull = Base64.Decode( + "lQH+BFGSNGwBBACwABZRIEW/4vDQajcO0FW39yNDcsHBDwPkGT95D7jiVTTRoSs6" + + "ACWRAAwGlz4V62U0+nEgasxpifHnu6jati5zxwS16qNvBcxcqZrdZWdvolzCWWsr" + + "pFd0juhwesrvvUb5dN/xCJKyLPkp6A+uwv35/cxVSOHFvbW7nnronwinYQARAQAB" + + "/gIDAuqTuDp/Chfq0TKnSxmm2ZpDuiHD+NFVnCyNuJpvCQk0PnVwmGMH4xvsAZB2" + + "TOrfh2XHf/n9J4vjxB6p6Zs1kGBgg9hcHoWf+oEf1Tz/PE/c1tUXG2Hz9wlAgstU" + + "my2NpDTYUjQs45p+LaM+WFtLNXzBeqELKlMevs8Xb7n+VHwiTuM3KfXETLCoLz0Q" + + "3GmmpOuNnvXBdza7RsDwke0r66HzwX4Le8cMH9Pe7kSMakx9S1UR/uIsxsZYZOKb" + + "BieGEumxiAnew0Ri5/8wTd5yYC7BWbYvBUgdMQ1gzkzmJcVky8NVfoZKQ0GkdvMo" + + "fMThIVXN1U6+aqzAuUMFCPYQ7fEpfoNLhCnzQPv3RE7Wo2vFMjWBod2J4MSLhBuq" + + "Ut+FYLqYqU21Qe4PEyPmGnkVu7Wd8FGjBF+IKZg+ycPi++h/twloD/h7LEaq907C" + + "4R3rdOzjZnefDfxVWjLLhqKSSuXxtjSSKwMNdbjYVVJ/tB5UZXN0IFRlc3RlcnNv" + + "biA8dGVzdEB0ZXN0Lm5ldD6IuAQTAQIAIgUCUZI0bAIbAwYLCQgHAwIGFQgCCQoL" + + "BBYCAwECHgECF4AACgkQ0q+h4fbbpOTXyAP+IjDxfZNv+ymp1pLDawaoSnprMiO4" + + "S08QML/gAPQdKzjtkKCWHvTo7ip9ffXzTiT7AIMMu6JLw3t0AFM91gPRpYITOUk2" + + "L6JxSbZe6OJMo3GeBztmSOQXXOTvYut0AKzb+NKlafvgNzH/td8+3H7Srn49Lzn8" + + "OmHmsi1V3FeIfeSdAf4EUZI0jQEEANpd3WZxRWF2A6DR89XDl+O/OwmynQSH4gCx" + + "X3W8kOk82JAkyU51QmZULNmnsq3HU0mVMTeMvW4oeJ3yfLkSskLy5ujtLumxtepF" + + "Aw558JbBp97r0131MJ0j6vKRWNmnHXumRjdub3szStUegu5FN/qbjR6gSEQDXx07" + + "ARJWg9ldABEBAAH+AgMCFCNPkJcAVRXTWkv6aTsEobexq9fQCuEh3vdlVgypwgTz" + + "dlt74TODXGUkAldqIhDCNGpC2duo6gokZQL04y0lQ4aNa1Fm2ksRXypQ0DW8QiSp" + + "TEHlX27FlyTHg5J9QIT67tzwS5emNY6HHbyFTO2kLoDUJcBLhVoLWXjg8XIAX19p" + + "UHhDCL9ALVkwDLejFU/AIJxaoqguPteLdI9ghz9oagg6+c8PYHqwGENBdNzkt+Lw" + + "5uGOQ5kBY8gdOUDtnCDeA2fYCYPDQEE/j/m8Fkd/4vaU6tyJzZKItrk+NTpx7GFo" + + "CqBEJ+tgQ8Y27zt+fXK1IqvVb0udr9lF4W+mfnxdz6F17KG0tUEMEz1wHgP5pQH5" + + "U6fh65HJGrWOw4FmzjdUkp+GdV3FjygUmHqUufvdE4928mbzey2o+tWZV1Qb1N8e" + + "8+jGgWQ3+OO/X5JXFJydd7/j+rhp0yOGBEOaT4x59XQ6g9jZfGVvbnyvaT2JAT0E" + + "GAECAAkFAlGSNI0CGwIAqAkQ0q+h4fbbpOSdIAQZAQIABgUCUZI0jQAKCRDyFO8C" + + "eVrNitBdA/4x8eI62au0gr+vf+IYnLY4M5zTRUjpttP26x1zAXaeqfZgardvFlPH" + + "4EZMUtJs/tYu1TU7+mcFF2sH08jlQj0eQUBAvhQPi73V9FHCQSaWvbU+JKM9SQcZ" + + "qaccS2HUtgObLJTw+SH/EB1GjjBF/TtSPkqN6xId/g7oUI/PBVLhvLiQA/917aX/" + + "+ZxKYISzmXUP+0JCwqEWZO38IwoUDRUiVOcYmW2fxrEr1NSKgD/zWQZgTtKg5uZu" + + "2oV8u9TtWzBbWolGsNjG+3cKqg76aW4yATh3SIUpwKK0S3J45vM+dUFTMx5oLyre" + + "f3tatX87Fc82ug1rWK9l/9VbLqLkgtbs9Zz3YJ0B/gRRkjSeAQQAtypYkJXIbNK3" + + "LbF24QPxhH4jtLPbQIFbHyS9T1lJAvtujMgW6pFYOUVfienck0nk+nAyPDzLvFxT" + + "zuh9llnaL37O1/StZcX5zVsUAdi+rdsa3l8har07GBBbhr2JmzclGLwPnWhw9Mal" + + "/FKwtCek2IOYnuSOvOV/IBSlRLRmBv8AEQEAAf4CAwLjLd+IXHST19N7gY/S7Y3J" + + "6zDS8hez1Sb+MAVxLe0/SqfHGGfNEsaXdtdSx844Ij4NZJJCJifSHtamz2Y3Pbco" + + "hn+O5tEyDkZyrcDW9mDfrCi6amfonp307L3NLsrlRlvvDwreNPTPUfvtKuurMb29" + + "6Cgads7K9wWxmiErODlcWNi/LlN7eY/aYqinVdl04lfTmSftn9WrtbTMITT841Se" + + "Bh+d08XsEpLIUSU2bcNqLlCZHQP24s3zTvV2GL1fLFtfwEntXZzrPgDQxs7ps0gN" + + "NHVj0r3lEa6BvmbVV1YJGpCSbQ8HQGLrT5EptvHJ7JdTpqwSj6JweTd7g405auer" + + "44tXdheboAF00w+T6bYjC9cBAf06rESUV7mOwy8vvIrpDlTsqFcOt1DF9u2FM+tS" + + "SWWHAe1NvIDXkcgbJ0xG45r7XqBbGJ2hoDsIHPtWceK0HWRKsWUZn8JolIBxsiPT" + + "qb6FWkyLgyKg3dmUVoifBBgBAgAJBQJRkjSeAhsMAAoJENKvoeH226TknLIEAJjM" + + "pknwJpbZx0Myq+ZNhr5QKiM5fTKilZvcANAsd4K8Mz2oqpn7KTyLnkPD4XsYsunc" + + "Hz68DaCpyThIzOv7DnFhJi4iKGIvv6EI1Nds8KIDn80/9YT6Ruc7PhgRl+LKKwiu" + + "utz7qL8AhKDa1pvu5yLX08HZxWrzbo+7OPm9yS3T"); + + public override void PerformTest() + { + PgpSecretKeyRing pgpSecRing = new PgpSecretKeyRing(pgpPrivateFull); + PgpSecretKey pgpSecKey = pgpSecRing.GetSecretKey(); + bool isFullEmpty = pgpSecKey.IsPrivateKeyEmpty; + + pgpSecRing = new PgpSecretKeyRing(pgpPrivateEmpty); + pgpSecKey = pgpSecRing.GetSecretKey(); + bool isEmptyEmpty = pgpSecKey.IsPrivateKeyEmpty; + + // + // Check isPrivateKeyEmpty() is public + // + + if (isFullEmpty || !isEmptyEmpty) + { + Fail("Empty private keys not detected correctly."); + } + + // + // Check copyWithNewPassword doesn't throw an exception for secret + // keys without private keys (PGPException: unknown S2K type: 101). + // + + SecureRandom rand = new SecureRandom(); + + try + { + PgpSecretKey pgpChangedKey = PgpSecretKey.CopyWithNewPassword(pgpSecKey, + pgpOldPass.ToCharArray(), pgpNewPass.ToCharArray(), pgpSecKey.KeyEncryptionAlgorithm, rand); + } + catch (PgpException e) + { + if (!e.Message.Equals("no private key in this SecretKey - public key present only.")) + { + Fail("wrong exception."); + } + } + } + + public override string Name + { + get { return "PgpNoPrivateKeyTest"; } + } + + public static void Main(string[] args) + { + RunTest(new PgpNoPrivateKeyTest()); + } + + [Test] + public void TestFunction() + { + string resultText = Perform().ToString(); + + Assert.AreEqual(Name + ": Okay", resultText); + } + } +} diff --git a/BouncyCastle/crypto/test/src/openpgp/test/PGPPBETest.cs b/BouncyCastle/crypto/test/src/openpgp/test/PGPPBETest.cs new file mode 100644 index 0000000..4301646 --- /dev/null +++ b/BouncyCastle/crypto/test/src/openpgp/test/PGPPBETest.cs @@ -0,0 +1,383 @@ +using System; +using System.IO; +using System.Text; + +using NUnit.Framework; + +using Org.BouncyCastle.Security; +using Org.BouncyCastle.Utilities; +using Org.BouncyCastle.Utilities.Encoders; +using Org.BouncyCastle.Utilities.IO; +using Org.BouncyCastle.Utilities.Test; + +namespace Org.BouncyCastle.Bcpg.OpenPgp.Tests +{ + [TestFixture] + public class PgpPbeTest + : SimpleTest + { + private static readonly DateTime TestDateTime = new DateTime(2003, 8, 29, 23, 35, 11, 0); + + private static readonly byte[] enc1 = Base64.Decode( + "jA0EAwMC5M5wWBP2HBZgySvUwWFAmMRLn7dWiZN6AkQMvpE3b6qwN3SSun7zInw2" + + "hxxdgFzVGfbjuB8w"); +// private static readonly byte[] enc1crc = Base64.Decode("H66L"); + private static readonly char[] pass = "hello world".ToCharArray(); + + /** + * Message with both PBE and symmetric + */ + private static readonly byte[] testPBEAsym = Base64.Decode( + "hQIOA/ZlQEFWB5vuEAf/covEUaBve7NlWWdiO5NZubdtTHGElEXzG9hyBycp9At8" + + "nZGi27xOZtEGFQo7pfz4JySRc3O0s6w7PpjJSonFJyNSxuze2LuqRwFWBYYcbS8/" + + "7YcjB6PqutrT939OWsozfNqivI9/QyZCjBvFU89pp7dtUngiZ6MVv81ds2I+vcvk" + + "GlIFcxcE1XoCIB3EvbqWNaoOotgEPT60unnB2BeDV1KD3lDRouMIYHfZ3SzBwOOI" + + "6aK39sWnY5sAK7JjFvnDAMBdueOiI0Fy+gxbFD/zFDt4cWAVSAGTC4w371iqppmT" + + "25TM7zAtCgpiq5IsELPlUZZnXKmnYQ7OCeysF0eeVwf+OFB9fyvCEv/zVQocJCg8" + + "fWxfCBlIVFNeNQpeGygn/ZmRaILvB7IXDWP0oOw7/F2Ym66IdYYIp2HeEZv+jFwa" + + "l41w5W4BH/gtbwGjFQ6CvF/m+lfUv6ZZdzsMIeEOwhP5g7rXBxrbcnGBaU+PXbho" + + "gjDqaYzAWGlrmAd6aPSj51AGeYXkb2T1T/yoJ++M3GvhH4C4hvitamDkksh/qRnM" + + "M/s8Nku6z1+RXO3M6p5QC1nlAVqieU8esT43945eSoC77K8WyujDNbysDyUCUTzt" + + "p/aoQwe/HgkeOTJNelKR9y2W3xinZLFzep0SqpNI/e468yB/2/LGsykIyQa7JX6r" + + "BYwuBAIDAkOKfv5rK8v0YDfnN+eFqwhTcrfBj5rDH7hER6nW3lNWcMataUiHEaMg" + + "o6Q0OO1vptIGxW8jClTD4N1sCNwNu9vKny8dKYDDHbCjE06DNTv7XYVW3+JqTL5E" + + "BnidvGgOmA=="); + + /** + * decrypt the passed in message stream + */ + private byte[] DecryptMessage( + byte[] message) + { + PgpObjectFactory pgpF = new PgpObjectFactory(message); + PgpEncryptedDataList enc = (PgpEncryptedDataList) pgpF.NextPgpObject(); + PgpPbeEncryptedData pbe = (PgpPbeEncryptedData) enc[0]; + Stream clear = pbe.GetDataStream(pass); + + PgpObjectFactory pgpFact = new PgpObjectFactory(clear); + PgpCompressedData cData = (PgpCompressedData) pgpFact.NextPgpObject(); + pgpFact = new PgpObjectFactory(cData.GetDataStream()); + + PgpLiteralData ld = (PgpLiteralData) pgpFact.NextPgpObject(); + + if (!ld.FileName.Equals("test.txt") + && !ld.FileName.Equals("_CONSOLE")) + { + Fail("wrong filename in packet"); + } + + if (!ld.ModificationTime.Equals(TestDateTime)) + { + Fail("wrong modification time in packet: " + ld.ModificationTime + " vs " + TestDateTime); + } + + Stream unc = ld.GetInputStream(); + byte[] bytes = Streams.ReadAll(unc); + + if (pbe.IsIntegrityProtected() && !pbe.Verify()) + { + Fail("integrity check failed"); + } + + return bytes; + } + + private byte[] DecryptMessageBuffered( + byte[] message) + { + PgpObjectFactory pgpF = new PgpObjectFactory(message); + PgpEncryptedDataList enc = (PgpEncryptedDataList) pgpF.NextPgpObject(); + PgpPbeEncryptedData pbe = (PgpPbeEncryptedData) enc[0]; + + Stream clear = pbe.GetDataStream(pass); + + PgpObjectFactory pgpFact = new PgpObjectFactory(clear); + PgpCompressedData cData = (PgpCompressedData) pgpFact.NextPgpObject(); + + pgpFact = new PgpObjectFactory(cData.GetDataStream()); + + PgpLiteralData ld = (PgpLiteralData) pgpFact.NextPgpObject(); + + MemoryStream bOut = new MemoryStream(); + if (!ld.FileName.Equals("test.txt") + && !ld.FileName.Equals("_CONSOLE")) + { + Fail("wrong filename in packet"); + } + if (!ld.ModificationTime.Equals(TestDateTime)) + { + Fail("wrong modification time in packet: " + ld.ModificationTime.Ticks + " " + TestDateTime.Ticks); + } + + Stream unc = ld.GetInputStream(); + byte[] buf = new byte[1024]; + + int len; + while ((len = unc.Read(buf, 0, buf.Length)) > 0) + { + bOut.Write(buf, 0, len); + } + + if (pbe.IsIntegrityProtected() && !pbe.Verify()) + { + Fail("integrity check failed"); + } + + return bOut.ToArray(); + } + + public override void PerformTest() + { + byte[] data = DecryptMessage(enc1); + if (data[0] != 'h' || data[1] != 'e' || data[2] != 'l') + { + Fail("wrong plain text in packet"); + } + + // + // create a PBE encrypted message and read it back. + // + byte[] text = Encoding.ASCII.GetBytes("hello world!\n"); + + // + // encryption step - convert to literal data, compress, encode. + // + MemoryStream bOut = new UncloseableMemoryStream(); + + PgpCompressedDataGenerator comData = new PgpCompressedDataGenerator( + CompressionAlgorithmTag.Zip); + + PgpLiteralDataGenerator lData = new PgpLiteralDataGenerator(); + Stream comOut = comData.Open(new UncloseableStream(bOut)); + Stream ldOut = lData.Open( + new UncloseableStream(comOut), + PgpLiteralData.Binary, + PgpLiteralData.Console, + text.Length, + TestDateTime); + + ldOut.Write(text, 0, text.Length); + ldOut.Close(); + + comOut.Close(); + + // + // encrypt - with stream close + // + MemoryStream cbOut = new UncloseableMemoryStream(); + PgpEncryptedDataGenerator cPk = new PgpEncryptedDataGenerator( + SymmetricKeyAlgorithmTag.Cast5, new SecureRandom()); + + cPk.AddMethod(pass, HashAlgorithmTag.Sha1); + + byte[] bOutData = bOut.ToArray(); + Stream cOut = cPk.Open(new UncloseableStream(cbOut), bOutData.Length); + cOut.Write(bOutData, 0, bOutData.Length); + cOut.Close(); + + data = DecryptMessage(cbOut.ToArray()); + if (!Arrays.AreEqual(data, text)) + { + Fail("wrong plain text in generated packet"); + } + + // + // encrypt - with generator close + // + cbOut = new UncloseableMemoryStream(); + cPk = new PgpEncryptedDataGenerator( + SymmetricKeyAlgorithmTag.Cast5, new SecureRandom()); + + cPk.AddMethod(pass, HashAlgorithmTag.Sha1); + + bOutData = bOut.ToArray(); + cOut = cPk.Open(new UncloseableStream(cbOut), bOutData.Length); + cOut.Write(bOutData, 0, bOutData.Length); + + cPk.Close(); + + data = DecryptMessage(cbOut.ToArray()); + + if (!AreEqual(data, text)) + { + Fail("wrong plain text in generated packet"); + } + + // + // encrypt - partial packet style. + // + SecureRandom rand = new SecureRandom(); + byte[] test = new byte[1233]; + + rand.NextBytes(test); + + bOut = new UncloseableMemoryStream(); + + comData = new PgpCompressedDataGenerator( + CompressionAlgorithmTag.Zip); + comOut = comData.Open(new UncloseableStream(bOut)); + + lData = new PgpLiteralDataGenerator(); + ldOut = lData.Open( + new UncloseableStream(comOut), + PgpLiteralData.Binary, + PgpLiteralData.Console, + TestDateTime, + new byte[16]); + + ldOut.Write(test, 0, test.Length); + lData.Close(); + + comData.Close(); + cbOut = new UncloseableMemoryStream(); + cPk = new PgpEncryptedDataGenerator( + SymmetricKeyAlgorithmTag.Cast5, rand); + + cPk.AddMethod(pass, HashAlgorithmTag.Sha1); + + cOut = cPk.Open(new UncloseableStream(cbOut), new byte[16]); + { + byte[] tmp = bOut.ToArray(); + cOut.Write(tmp, 0, tmp.Length); + } + + cPk.Close(); + + data = DecryptMessage(cbOut.ToArray()); + if (!Arrays.AreEqual(data, test)) + { + Fail("wrong plain text in generated packet"); + } + + // + // with integrity packet + // + cbOut = new UncloseableMemoryStream(); + cPk = new PgpEncryptedDataGenerator( + SymmetricKeyAlgorithmTag.Cast5, true, rand); + + cPk.AddMethod(pass, HashAlgorithmTag.Sha1); + + cOut = cPk.Open(new UncloseableStream(cbOut), new byte[16]); + bOutData = bOut.ToArray(); + cOut.Write(bOutData, 0, bOutData.Length); + cPk.Close(); + + data = DecryptMessage(cbOut.ToArray()); + if (!Arrays.AreEqual(data, test)) + { + Fail("wrong plain text in generated packet"); + } + + // + // decrypt with buffering + // + data = DecryptMessageBuffered(cbOut.ToArray()); + if (!AreEqual(data, test)) + { + Fail("wrong plain text in buffer generated packet"); + } + + // + // sample message + // + PgpObjectFactory pgpFact = new PgpObjectFactory(testPBEAsym); + + PgpEncryptedDataList enc = (PgpEncryptedDataList)pgpFact.NextPgpObject(); + + PgpPbeEncryptedData pbe = (PgpPbeEncryptedData) enc[1]; + + Stream clear = pbe.GetDataStream("password".ToCharArray()); + + pgpFact = new PgpObjectFactory(clear); + + PgpLiteralData ld = (PgpLiteralData) pgpFact.NextPgpObject(); + + Stream unc = ld.GetInputStream(); + byte[] bytes = Streams.ReadAll(unc); + + if (!AreEqual(bytes, Hex.Decode("5361742031302e30322e30370d0a"))) + { + Fail("data mismatch on combined PBE"); + } + + // + // with integrity packet - one byte message + // + byte[] msg = new byte[1]; + bOut = new MemoryStream(); + + comData = new PgpCompressedDataGenerator( + CompressionAlgorithmTag.Zip); + + lData = new PgpLiteralDataGenerator(); + comOut = comData.Open(new UncloseableStream(bOut)); + ldOut = lData.Open( + new UncloseableStream(comOut), + PgpLiteralData.Binary, + PgpLiteralData.Console, + msg.Length, + TestDateTime); + + ldOut.Write(msg, 0, msg.Length); + + ldOut.Close(); + + comOut.Close(); + + cbOut = new MemoryStream(); + cPk = new PgpEncryptedDataGenerator(SymmetricKeyAlgorithmTag.Cast5, true, rand); + + cPk.AddMethod(pass, HashAlgorithmTag.Sha1); + + cOut = cPk.Open(new UncloseableStream(cbOut), new byte[16]); + + data = bOut.ToArray(); + cOut.Write(data, 0, data.Length); + + cOut.Close(); + + data = DecryptMessage(cbOut.ToArray()); + if (!AreEqual(data, msg)) + { + Fail("wrong plain text in generated packet"); + } + + // + // decrypt with buffering + // + data = DecryptMessageBuffered(cbOut.ToArray()); + if (!AreEqual(data, msg)) + { + Fail("wrong plain text in buffer generated packet"); + } + } + + private class UncloseableMemoryStream + : MemoryStream + { + public override void Close() + { + throw new Exception("Close() called on underlying stream"); + } + } + + public override string Name + { + get { return "PgpPbeTest"; } + } + + public static void Main(string[] args) + { + RunTest(new PgpPbeTest()); + } + + [Test] + public void TestFunction() + { + string resultText = Perform().ToString(); + + Assert.AreEqual(Name + ": Okay", resultText); + } + } +} diff --git a/BouncyCastle/crypto/test/src/openpgp/test/PGPPacketTest.cs b/BouncyCastle/crypto/test/src/openpgp/test/PGPPacketTest.cs new file mode 100644 index 0000000..9c5e823 --- /dev/null +++ b/BouncyCastle/crypto/test/src/openpgp/test/PGPPacketTest.cs @@ -0,0 +1,79 @@ +using System; +using System.IO; + +using NUnit.Framework; + +using Org.BouncyCastle.Utilities.Test; + +namespace Org.BouncyCastle.Bcpg.OpenPgp.Tests +{ + [TestFixture] + public class PgpPacketTest + : SimpleTest + { + private static int MAX = 32000; + + private void ReadBackTest( + PgpLiteralDataGenerator generator) + { + Random rand = new Random(); + byte[] buf = new byte[MAX]; + + rand.NextBytes(buf); + + for (int i = 1; i != MAX; i++) + { + MemoryStream bOut = new MemoryStream(); + + Stream outputStream = generator.Open( + new UncloseableStream(bOut), + PgpLiteralData.Binary, + PgpLiteralData.Console, + i, + DateTime.UtcNow); + + outputStream.Write(buf, 0, i); + + generator.Close(); + + PgpObjectFactory fact = new PgpObjectFactory(bOut.ToArray()); + + PgpLiteralData data = (PgpLiteralData)fact.NextPgpObject(); + + Stream inputStream = data.GetInputStream(); + + for (int count = 0; count != i; count++) + { + if (inputStream.ReadByte() != (buf[count] & 0xff)) + { + Fail("failed readback test - length = " + i); + } + } + } + } + + public override void PerformTest() + { + ReadBackTest(new PgpLiteralDataGenerator(true)); + ReadBackTest(new PgpLiteralDataGenerator(false)); + } + + public override string Name + { + get { return "PgpPacketTest"; } + } + + public static void Main(string[] args) + { + RunTest(new PgpPacketTest()); + } + + [Test] + public void TestFunction() + { + string resultText = Perform().ToString(); + + Assert.AreEqual(Name + ": Okay", resultText); + } + } +} diff --git a/BouncyCastle/crypto/test/src/openpgp/test/PGPRSATest.cs b/BouncyCastle/crypto/test/src/openpgp/test/PGPRSATest.cs new file mode 100644 index 0000000..250fe61 --- /dev/null +++ b/BouncyCastle/crypto/test/src/openpgp/test/PGPRSATest.cs @@ -0,0 +1,1231 @@ +using System; +using System.Collections; +using System.IO; +using System.Text; + +using NUnit.Framework; + +using Org.BouncyCastle.Bcpg.Attr; +using Org.BouncyCastle.Crypto; +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Math; +using Org.BouncyCastle.Security; +using Org.BouncyCastle.Utilities; +using Org.BouncyCastle.Utilities.Encoders; +using Org.BouncyCastle.Utilities.IO; +using Org.BouncyCastle.Utilities.Test; + +namespace Org.BouncyCastle.Bcpg.OpenPgp.Tests +{ + [TestFixture] + public class PgpRsaTest + : SimpleTest + { + private static readonly byte[] testPubKey = Base64.Decode( + "mIsEPz2nJAEEAOTVqWMvqYE693qTgzKv/TJpIj3hI8LlYPC6m1dk0z3bDLwVVk9F" + + "FAB+CWS8RdFOWt/FG3tEv2nzcoNdRvjv9WALyIGNawtae4Ml6oAT06/511yUzXHO" + + "k+9xK3wkXN5jdzUhf4cA2oGpLSV/pZlocsIDL+jCUQtumUPwFodmSHhzAAYptC9F" + + "cmljIEVjaGlkbmEgKHRlc3Qga2V5KSA8ZXJpY0Bib3VuY3ljYXN0bGUub3JnPoi4" + + "BBMBAgAiBQI/PackAhsDBQkAg9YABAsHAwIDFQIDAxYCAQIeAQIXgAAKCRA1WGFG" + + "/fPzc8WMA/9BbjuB8E48QAlxoiVf9U8SfNelrz/ONJA/bMvWr/JnOGA9PPmFD5Uc" + + "+kV/q+i94dEMjsC5CQ1moUHWSP2xlQhbOzBP2+oPXw3z2fBs9XJgnTH6QWMAAvLs" + + "3ug9po0loNHLobT/D/XdXvcrb3wvwvPT2FptZqrtonH/OdzT9JdfrA=="); + + private static readonly byte[] testPrivKey = Base64.Decode( + "lQH8BD89pyQBBADk1aljL6mBOvd6k4Myr/0yaSI94SPC5WDwuptXZNM92wy8FVZP" + + "RRQAfglkvEXRTlrfxRt7RL9p83KDXUb47/VgC8iBjWsLWnuDJeqAE9Ov+ddclM1x" + + "zpPvcSt8JFzeY3c1IX+HANqBqS0lf6WZaHLCAy/owlELbplD8BaHZkh4cwAGKf4D" + + "AwKbLeIOVYTEdWD5v/YgW8ERs0pDsSIfBTvsJp2qA798KeFuED6jGsHUzdi1M990" + + "6PRtplQgnoYmYQrzEc6DXAiAtBR4Kuxi4XHx0ZR2wpVlVxm2Ypgz7pbBNWcWqzvw" + + "33inl7tR4IDsRdJOY8cFlN+1tSCf16sDidtKXUVjRjZNYJytH18VfSPlGXMeYgtw" + + "3cSGNTERwKaq5E/SozT2MKTiORO0g0Mtyz+9MEB6XVXFavMun/mXURqbZN/k9BFb" + + "z+TadpkihrLD1xw3Hp+tpe4CwPQ2GdWKI9KNo5gEnbkJgLrSMGgWalPhknlNHRyY" + + "bSq6lbIMJEE3LoOwvYWwweR1+GrV9farJESdunl1mDr5/d6rKru+FFDwZM3na1IF" + + "4Ei4FpqhivZ4zG6pN5XqLy+AK85EiW4XH0yAKX1O4YlbmDU4BjxhiwTdwuVMCjLO" + + "5++jkz5BBQWdFX8CCMA4FJl36G70IbGzuFfOj07ly7QvRXJpYyBFY2hpZG5hICh0" + + "ZXN0IGtleSkgPGVyaWNAYm91bmN5Y2FzdGxlLm9yZz6IuAQTAQIAIgUCPz2nJAIb" + + "AwUJAIPWAAQLBwMCAxUCAwMWAgECHgECF4AACgkQNVhhRv3z83PFjAP/QW47gfBO" + + "PEAJcaIlX/VPEnzXpa8/zjSQP2zL1q/yZzhgPTz5hQ+VHPpFf6voveHRDI7AuQkN" + + "ZqFB1kj9sZUIWzswT9vqD18N89nwbPVyYJ0x+kFjAALy7N7oPaaNJaDRy6G0/w/1" + + "3V73K298L8Lz09habWaq7aJx/znc0/SXX6w="); + + private static readonly byte[] testPubKeyV3 = Base64.Decode( + "mQCNAz+zvlEAAAEEAMS22jgXbOZ/D3xWgM2kauSdzrwlU7Ms5hDW05ObqQyO" + + "FfQoKKMhfupyoa7J3x04VVBKu6Eomvr1es+VImH0esoeWFFahNOYq/I+jRRB" + + "woOhAGZ5UB2/hRd7rFmxqp6sCXi8wmLO2tAorlTzAiNNvl7xF4cQZpc0z56F" + + "wdi2fBUJAAURtApGSVhDSVRZX1FBiQCVAwUQP7O+UZ6Fwdi2fBUJAQFMwwQA" + + "qRnFsdg4xQnB8Y5d4cOpXkIn9AZgYS3cxtuSJB84vG2CgC39nfv4c+nlLkWP" + + "4puG+mZuJNgVoE84cuAF4I//1anKjlU7q1M6rFQnt5S4uxPyG3dFXmgyU1b4" + + "PBOnA0tIxjPzlIhJAMsPCGGA5+5M2JP0ad6RnzqzE3EENMX+GqY="); + + private static readonly byte[] testPrivKeyV3 = Base64.Decode( + "lQHfAz+zvlEAAAEEAMS22jgXbOZ/D3xWgM2kauSdzrwlU7Ms5hDW05ObqQyO" + + "FfQoKKMhfupyoa7J3x04VVBKu6Eomvr1es+VImH0esoeWFFahNOYq/I+jRRB" + + "woOhAGZ5UB2/hRd7rFmxqp6sCXi8wmLO2tAorlTzAiNNvl7xF4cQZpc0z56F" + + "wdi2fBUJAAURAXWwRBZQHNikA/f0ScLLjrXi4s0hgQecg+dkpDow94eu5+AR" + + "0DzZnfurpgfUJCNiDi5W/5c3Zj/xyrfMAgkbCgJ1m6FZqAQh7Mq73l7Kfu4/" + + "XIkyDF3tDgRuZNezB+JuElX10tV03xumHepp6M6CfhXqNJ15F33F99TA5hXY" + + "CPYD7SiSOpIhQkCOAgDAA63imxbpuKE2W7Y4I1BUHB7WQi8ZdkZd04njNTv+" + + "rFUuOPapQVfbWG0Vq8ld3YmJB4QWsa2mmqn+qToXbwufAgBpXkjvqK5yPiHF" + + "Px2QbFc1VqoCJB6PO5JRIqEiUZBFGdDlLxt3VSyqz7IZ/zEnxZq+tPCGGGSm" + + "/sAGiMvENcHVAfy0kTXU42TxEAYJyyNyqjXOobDJpEV1mKhFskRXt7tbMfOS" + + "Yf91oX8f6xw6O2Nal+hU8dS0Bmfmk5/enHmvRLHQocO0CkZJWENJVFlfUUE="); + + private static readonly byte[] sig1 = Base64.Decode( + "owGbwMvMwMRoGpHo9vfz52LGNTJJnBmpOTn5eiUVJfb23JvAHIXy/KKcFEWuToap" + + "zKwMIGG4Bqav0SwMy3yParsEKi2LMGI9xhh65sBxb05n5++ZLcWNJ/eLFKdWbm95" + + "tHbDV7GMwj/tUctUpFUXWPYFCLdNsDiVNuXbQvZtdXV/5xzY+9w1nCnijH9JoNiJ" + + "22n2jo0zo30/TZLo+jDl2vTzIvPeLEsPM3ZUE/1Ytqs4SG2TxIQbH7xf3uzcYXq2" + + "5Fw9AA=="); + +// private static readonly byte[] sig1crc = Base64.Decode("+3i0"); + + private static readonly byte[] subKey = Base64.Decode( + "lQH8BD89pyQBBADk1aljL6mBOvd6k4Myr/0yaSI94SPC5WDwuptXZNM92wy8FVZP" + + "RRQAfglkvEXRTlrfxRt7RL9p83KDXUb47/VgC8iBjWsLWnuDJeqAE9Ov+ddclM1x" + + "zpPvcSt8JFzeY3c1IX+HANqBqS0lf6WZaHLCAy/owlELbplD8BaHZkh4cwAGKf4D" + + "AwKt6ZC7iqsQHGDNn2ZAuhS+ZwiFC+BToW9Vq6rwggWjgM/SThv55rfDk7keiXUT" + + "MyUcZVeYBe4Jttb4fAAm83hNztFu6Jvm9ITcm7YvnasBtVQjppaB+oYZgsTtwK99" + + "LGC3mdexnriCLxPN6tDFkGhzdOcYZfK6py4Ska8Dmq9nOZU9Qtv7Pm3qa5tuBvYw" + + "myTxeaJYifZTu/sky3Gj+REb8WonbgAJX/sLNBPUt+vYko+lxU8uqZpVEMU//hGG" + + "Rns2gIHdbSbIe1vGgIRUEd7Z0b7jfVQLUwqHDyfh5DGvAUhvtJogjUyFIXZzpU+E" + + "9ES9t7LZKdwNZSIdNUjM2eaf4g8BpuQobBVkj/GUcotKyeBjwvKxHlRefL4CCw28" + + "DO3SnLRKxd7uBSqeOGUKxqasgdekM/xIFOrJ85k7p89n6ncLQLHCPGVkzmVeRZro" + + "/T7zE91J57qBGZOUAP1vllcYLty1cs9PCc5oWnj3XbQvRXJpYyBFY2hpZG5hICh0" + + "ZXN0IGtleSkgPGVyaWNAYm91bmN5Y2FzdGxlLm9yZz6IuAQTAQIAIgUCPz2nJAIb" + + "AwUJAIPWAAQLBwMCAxUCAwMWAgECHgECF4AACgkQNVhhRv3z83PFjAP/QW47gfBO" + + "PEAJcaIlX/VPEnzXpa8/zjSQP2zL1q/yZzhgPTz5hQ+VHPpFf6voveHRDI7AuQkN" + + "ZqFB1kj9sZUIWzswT9vqD18N89nwbPVyYJ0x+kFjAALy7N7oPaaNJaDRy6G0/w/1" + + "3V73K298L8Lz09habWaq7aJx/znc0/SXX6y0JEVyaWMgRWNoaWRuYSA8ZXJpY0Bi" + + "b3VuY3ljYXN0bGUub3JnPoi4BBMBAgAiBQI/RxQNAhsDBQkAg9YABAsHAwIDFQID" + + "AxYCAQIeAQIXgAAKCRA1WGFG/fPzc3O6A/49tXFCiiP8vg77OXvnmbnzPBA1G6jC" + + "RZNP1yIXusOjpHqyLN5K9hw6lq/o4pNiCuiq32osqGRX3lv/nDduJU1kn2Ow+I2V" + + "ci+ojMXdCGdEqPwZfv47jHLwRrIUJ22OOoWsORtgvSeRUd4Izg8jruaFM7ufr5hr" + + "jEl1cuLW1Hr8Lp0B/AQ/RxxQAQQA0J2BIdqb8JtDGKjvYxrju0urJVVzyI1CnCjA" + + "p7CtLoHQJUQU7PajnV4Jd12ukfcoK7MRraYydQEjxh2MqPpuQgJS3dgQVrxOParD" + + "QYBFrZNd2tZxOjYakhErvUmRo6yWFaxChwqMgl8XWugBNg1Dva+/YcoGQ+ly+Jg4" + + "RWZoH88ABin+AwMCldD/2v8TyT1ghK70IuFs4MZBhdm6VgyGR8DQ/Ago6IAjA4BY" + + "Sol3lJb7+IIGsZaXwEuMRUvn6dWfa3r2I0p1t75vZb1Ng1YK32RZ5DNzl4Xb3L8V" + + "D+1Fiz9mHO8wiplAwDudB+RmQMlth3DNi/UsjeCTdEJAT+TTC7D40DiHDb1bR86Y" + + "2O5Y7MQ3SZs3/x0D/Ob6PStjfQ1kiqbruAMROKoavG0zVgxvspkoKN7h7BapnwJM" + + "6yf4qN/aByhAx9sFvADxu6z3SVcxiFw3IgAmabyWYb85LP8AsTYAG/HBoC6yob47" + + "Mt+GEDeyPifzzGXBWYIH4heZbSQivvA0eRwY5VZsMsBkbY5VR0FLVWgplbuO21bS" + + "rPS1T0crC+Zfj7FQBAkTfsg8RZQ8MPaHng01+gnFd243DDFvTAHygvm6a2X2fiRw" + + "5epAST4wWfY/BZNOxmfSKH6QS0oQMRscw79He6vGTB7vunLrKQYD4veInwQYAQIA" + + "CQUCP0ccUAIbDAAKCRA1WGFG/fPzczmFA/wMg5HhN5NkqmjnHUFfeXNXdHzmekyw" + + "38RnuCMKmfc43AiDs+FtJ62gpQ6PEsZF4o9S5fxcjVk3VSg00XMDtQ/0BsKBc5Gx" + + "hJTq7G+/SoeM433WG19uoS0+5Lf/31wNoTnpv6npOaYpcTQ7L9LCnzwAF4H0hJPE" + + "6bhmW2CMcsE/IZUB4QQ/Rwc1EQQAs5MUQlRiYOfi3fQ1OF6Z3eCwioDKu2DmOxot" + + "BICvdoG2muvs0KEBas9bbd0FJqc92FZJv8yxEgQbQtQAiFxoIFHRTFK+SPO/tQm+" + + "r83nwLRrfDeVVdRfzF79YCc+Abuh8sS/53H3u9Y7DYWr9IuMgI39nrVhY+d8yukf" + + "jo4OR+sAoKS/f7V1Xxj/Eqhb8qzf+N+zJRUlBACDd1eo/zFJZcq2YJa7a9vkViME" + + "axvwApqxeoU7oDpeHEMWg2DXJ7V24ZU5SbPTMY0x98cc8pcoqwsqux8xicWc0reh" + + "U3odQxWM4Se0LmEdca0nQOmNJlL9IsQ+QOJzx47qUOUAqhxnkXxQ/6B8w+M6gZya" + + "fwSdy70OumxESZipeQP+Lo9x6FcaW9L78hDX0aijJhgSEsnGODKB+bln29txX37E" + + "/a/Si+pyeLMi82kUdIL3G3I5HPWd3qSO4K94062+HfFj8bA20/1tbb/WxvxB2sKJ" + + "i3IobblFOvFHo+v8GaLdVyartp0JZLue/jP1dl9ctulSrIqaJT342uLsgTjsr2z+" + + "AwMCAyAU8Vo5AhhgFkDto8vQk7yxyRKEzu5qB66dRcTlaUPIiR8kamcy5ZTtujs4" + + "KIW4j2M/LvagrpWfV5+0M0VyaWMgRWNoaWRuYSAoRFNBIFRlc3QgS2V5KSA8ZXJp" + + "Y0Bib3VuY3ljYXN0bGUub3JnPohZBBMRAgAZBQI/Rwc1BAsHAwIDFQIDAxYCAQIe" + + "AQIXgAAKCRDNI/XpxMo0QwJcAJ40447eezSiIMspuzkwsMyFN8YBaQCdFTuZuT30" + + "CphiUYWnsC0mQ+J15B4="); + + private static readonly byte[] enc1 = Base64.Decode( + "hIwDKwfQexPJboABA/4/7prhYYMORTiQ5avQKx0XYpCLujzGefYjnyuWZnx3Iev8" + + "Pmsguumm+OLLvtXhhkXQmkJRXbIg6Otj2ubPYWflRPgpJSgOrNOreOl5jeABOrtw" + + "bV6TJb9OTtZuB7cTQSCq2gmYiSZkluIiDjNs3R3mEanILbYzOQ3zKSggKpzlv9JQ" + + "AZUqTyDyJ6/OUbJF5fI5uiv76DCsw1zyMWotUIu5/X01q+AVP5Ly3STzI7xkWg/J" + + "APz4zUHism7kSYz2viAQaJx9/bNnH3AM6qm1Fuyikl4="); + +// private static readonly byte[] enc1crc = Base64.Decode("lv4o"); + +// private static readonly byte[] enc2 = Base64.Decode( +// "hIwDKwfQexPJboABBAC62jcJH8xKnKb1neDVmiovYON04+7VQ2v4BmeHwJrdag1g" +// + "Ya++6PeBlQ2Q9lSGBwLobVuJmQ7cOnPUJP727JeSGWlMyFtMbBSHekOaTenT5lj7" +// + "Zk7oRHxMp/hByzlMacIDzOn8LPSh515RHM57eDLCOwqnAxGQwk67GRl8f5dFH9JQ" +// + "Aa7xx8rjCqPbiIQW6t5LqCNvPZOiSCmftll6+se1XJhFEuq8WS4nXtPfTiJ3vib4" +// + "3soJdHzGB6AOs+BQ6aKmmNTVAxa5owhtSt1Z/6dfSSk="); + + private static readonly byte[] subPubKey = Base64.Decode( + "mIsEPz2nJAEEAOTVqWMvqYE693qTgzKv/TJpIj3hI8LlYPC6m1dk0z3bDLwVVk9F" + + "FAB+CWS8RdFOWt/FG3tEv2nzcoNdRvjv9WALyIGNawtae4Ml6oAT06/511yUzXHO" + + "k+9xK3wkXN5jdzUhf4cA2oGpLSV/pZlocsIDL+jCUQtumUPwFodmSHhzAAYptC9F" + + "cmljIEVjaGlkbmEgKHRlc3Qga2V5KSA8ZXJpY0Bib3VuY3ljYXN0bGUub3JnPoi4" + + "BBMBAgAiBQI/PackAhsDBQkAg9YABAsHAwIDFQIDAxYCAQIeAQIXgAAKCRA1WGFG" + + "/fPzc8WMA/9BbjuB8E48QAlxoiVf9U8SfNelrz/ONJA/bMvWr/JnOGA9PPmFD5Uc" + + "+kV/q+i94dEMjsC5CQ1moUHWSP2xlQhbOzBP2+oPXw3z2fBs9XJgnTH6QWMAAvLs" + + "3ug9po0loNHLobT/D/XdXvcrb3wvwvPT2FptZqrtonH/OdzT9JdfrIhMBBARAgAM" + + "BQI/RxooBYMAemL8AAoJEM0j9enEyjRDiBgAn3RcLK+gq90PvnQFTw2DNqdq7KA0" + + "AKCS0EEIXCzbV1tfTdCUJ3hVh3btF7QkRXJpYyBFY2hpZG5hIDxlcmljQGJvdW5j" + + "eWNhc3RsZS5vcmc+iLgEEwECACIFAj9HFA0CGwMFCQCD1gAECwcDAgMVAgMDFgIB" + + "Ah4BAheAAAoJEDVYYUb98/Nzc7oD/j21cUKKI/y+Dvs5e+eZufM8EDUbqMJFk0/X" + + "Ihe6w6OkerIs3kr2HDqWr+jik2IK6KrfaiyoZFfeW/+cN24lTWSfY7D4jZVyL6iM" + + "xd0IZ0So/Bl+/juMcvBGshQnbY46haw5G2C9J5FR3gjODyOu5oUzu5+vmGuMSXVy" + + "4tbUevwuiEwEEBECAAwFAj9HGigFgwB6YvwACgkQzSP16cTKNEPwBQCdHm0Amwza" + + "NmVmDHm3rmqI7rp2oQ0An2YbiP/H/kmBNnmTeH55kd253QOhuIsEP0ccUAEEANCd" + + "gSHam/CbQxio72Ma47tLqyVVc8iNQpwowKewrS6B0CVEFOz2o51eCXddrpH3KCuz" + + "Ea2mMnUBI8YdjKj6bkICUt3YEFa8Tj2qw0GARa2TXdrWcTo2GpIRK71JkaOslhWs" + + "QocKjIJfF1roATYNQ72vv2HKBkPpcviYOEVmaB/PAAYpiJ8EGAECAAkFAj9HHFAC" + + "GwwACgkQNVhhRv3z83M5hQP8DIOR4TeTZKpo5x1BX3lzV3R85npMsN/EZ7gjCpn3" + + "ONwIg7PhbSetoKUOjxLGReKPUuX8XI1ZN1UoNNFzA7UP9AbCgXORsYSU6uxvv0qH" + + "jON91htfbqEtPuS3/99cDaE56b+p6TmmKXE0Oy/Swp88ABeB9ISTxOm4ZltgjHLB" + + "PyGZAaIEP0cHNREEALOTFEJUYmDn4t30NThemd3gsIqAyrtg5jsaLQSAr3aBtprr" + + "7NChAWrPW23dBSanPdhWSb/MsRIEG0LUAIhcaCBR0UxSvkjzv7UJvq/N58C0a3w3" + + "lVXUX8xe/WAnPgG7ofLEv+dx97vWOw2Fq/SLjICN/Z61YWPnfMrpH46ODkfrAKCk" + + "v3+1dV8Y/xKoW/Ks3/jfsyUVJQQAg3dXqP8xSWXKtmCWu2vb5FYjBGsb8AKasXqF" + + "O6A6XhxDFoNg1ye1duGVOUmz0zGNMffHHPKXKKsLKrsfMYnFnNK3oVN6HUMVjOEn" + + "tC5hHXGtJ0DpjSZS/SLEPkDic8eO6lDlAKocZ5F8UP+gfMPjOoGcmn8Encu9Drps" + + "REmYqXkD/i6PcehXGlvS+/IQ19GooyYYEhLJxjgygfm5Z9vbcV9+xP2v0ovqcniz" + + "IvNpFHSC9xtyORz1nd6kjuCveNOtvh3xY/GwNtP9bW2/1sb8QdrCiYtyKG25RTrx" + + "R6Pr/Bmi3Vcmq7adCWS7nv4z9XZfXLbpUqyKmiU9+Nri7IE47K9stDNFcmljIEVj" + + "aGlkbmEgKERTQSBUZXN0IEtleSkgPGVyaWNAYm91bmN5Y2FzdGxlLm9yZz6IWQQT" + + "EQIAGQUCP0cHNQQLBwMCAxUCAwMWAgECHgECF4AACgkQzSP16cTKNEMCXACfauui" + + "bSwyG59Yrm8hHCDuCPmqwsQAni+dPl08FVuWh+wb6kOgJV4lcYae"); + +// private static readonly byte[] subPubCrc = Base64.Decode("rikt"); + + private static readonly byte[] pgp8Key = Base64.Decode( + "lQIEBEBXUNMBBADScQczBibewnbCzCswc/9ut8R0fwlltBRxMW0NMdKJY2LF" + + "7k2COeLOCIU95loJGV6ulbpDCXEO2Jyq8/qGw1qD3SCZNXxKs3GS8Iyh9Uwd" + + "VL07nMMYl5NiQRsFB7wOb86+94tYWgvikVA5BRP5y3+O3GItnXnpWSJyREUy" + + "6WI2QQAGKf4JAwIVmnRs4jtTX2DD05zy2mepEQ8bsqVAKIx7lEwvMVNcvg4Y" + + "8vFLh9Mf/uNciwL4Se/ehfKQ/AT0JmBZduYMqRU2zhiBmxj4cXUQ0s36ysj7" + + "fyDngGocDnM3cwPxaTF1ZRBQHSLewP7dqE7M73usFSz8vwD/0xNOHFRLKbsO" + + "RqDlLA1Cg2Yd0wWPS0o7+qqk9ndqrjjSwMM8ftnzFGjShAdg4Ca7fFkcNePP" + + "/rrwIH472FuRb7RbWzwXA4+4ZBdl8D4An0dwtfvAO+jCZSrLjmSpxEOveJxY" + + "GduyR4IA4lemvAG51YHTHd4NXheuEqsIkn1yarwaaj47lFPnxNOElOREMdZb" + + "nkWQb1jfgqO24imEZgrLMkK9bJfoDnlF4k6r6hZOp5FSFvc5kJB4cVo1QJl4" + + "pwCSdoU6luwCggrlZhDnkGCSuQUUW45NE7Br22NGqn4/gHs0KCsWbAezApGj" + + "qYUCfX1bcpPzUMzUlBaD5rz2vPeO58CDtBJ0ZXN0ZXIgPHRlc3RAdGVzdD6I" + + "sgQTAQIAHAUCQFdQ0wIbAwQLBwMCAxUCAwMWAgECHgECF4AACgkQs8JyyQfH" + + "97I1QgP8Cd+35maM2cbWV9iVRO+c5456KDi3oIUSNdPf1NQrCAtJqEUhmMSt" + + "QbdiaFEkPrORISI/2htXruYn0aIpkCfbUheHOu0sef7s6pHmI2kOQPzR+C/j" + + "8D9QvWsPOOso81KU2axUY8zIer64Uzqc4szMIlLw06c8vea27RfgjBpSCryw" + + "AgAA"); + + private static readonly char[] pgp8Pass = "2002 Buffalo Sabres".ToCharArray(); + + private static readonly char[] pass = "hello world".ToCharArray(); + + private static readonly byte[] fingerprintKey = Base64.Decode( + "mQEPA0CiJdUAAAEIAMI+znDlPd2kQoEcnxqxLcRz56Z7ttFKHpnYp0UkljZdquVc" + + "By1jMfXGVV64xN1IvMcyenLXUE0IUeUBCQs6tHunFRAPSeCxJ3FdFe1B5MpqQG8A" + + "BnEpAds/hAUfRDZD5y/lolk1hjvFMrRh6WXckaA/QQ2t00NmTrJ1pYUpkw9tnVQb" + + "LUjWJhfZDBBcN0ADtATzgkugxMtcDxR6I5x8Ndn+IilqIm23kxGIcmMd/BHOec4c" + + "jRwJXXDb7u8tl+2knAf9cwhPHp3+Zy4uGSQPdzQnXOhBlA+4WDa0RROOevWgq8uq" + + "8/9Xp/OlTVL+OoIzjsI6mJP1Joa4qmqAnaHAmXcAEQEAAbQoQk9BM1JTS1kgPEJP" + + "QSBNb25pdG9yaW5nIEAgODg4LTI2OS01MjY2PokBFQMFEECiJdWqaoCdocCZdwEB" + + "0RsH/3HPxoUZ3G3K7T3jgOnJUckTSHWU3XspHzMVgqOxjTrcexi5IsAM5M+BulfW" + + "T2aO+Kqf5w8cKTKgW02DNpHUiPjHx0nzDE+Do95zbIErGeK+Twkc4O/aVsvU9GGO" + + "81VFI6WMvDQ4CUAUnAdk03MRrzI2nAuhn4NJ5LQS+uJrnqUJ4HmFAz6CQZQKd/kS" + + "Xgq+A6i7aI1LG80YxWa9ooQgaCrb9dwY/kPQ+yC22zQ3FExtv+Fv3VtAKTilO3vn" + + "BA4Y9uTHuObHfI+1yxUS2PrlRUX0m48ZjpIX+cEN3QblGBJudI/A1QSd6P0LZeBr" + + "7F1Z1aF7ZDo0KzgiAIBvgXkeTpw="); + +// private static readonly byte[] fingerprintCheck = Base64.Decode("CTv2"); + + private static readonly byte[] jpegImage = Base64.Decode( + "/9j/4AAQSkZJRgABAQEASABIAAD/4QAWRXhpZgAATU0AKgAAAAgAAAAAAAD/2wBDAAUDBAQEAwUE" + + "BAQFBQUGBwwIBwcHBw8LCwkMEQ8SEhEPERETFhwXExQaFRERGCEYGh0dHx8fExciJCIeJBweHx7/" + + "wAALCAA6AFABASIA/8QAHAAAAgMAAwEAAAAAAAAAAAAABQcABAYBAggD/8QAMRAAAgEDBAEDAwME" + + "AQUAAAAAAQIDBAURAAYSITEHIkETFFEjYXEVMkKRCCUzQ4Gh/9oACAEBAAA/APX1TdKCmlaOoqoo" + + "WXzzbiP9nWaS71lXuA2tqrgopBOxpyGyWLAEEd4GAf3+fOjLPXoVaOcNzYAhl8HskADwAPz37f3z" + + "opSvI9Mjypwcr7l/B1XuFwSmoTVooljB9xDYAH51Vor191F9dKGb6Py3yo4huwcHwf8AYP7ZLIyu" + + "gZSGBGQQejrnU1NKn1EqVi3sZJOBCwxxIp9xzksfb5PR+Mdga+ljqIKje1TNBBNToYYgU4477HwQ" + + "Bn9z8/nW6mqxLR0NzpJkMLx8lJUkOGAIx4I/0f41lJ93UkkrRxVKvNKVjZfpSe6RyqhCp7wCSD89" + + "EEDRWppEkgqKdYohGcoZAjAlSMMcZ+PHH/3odsG6VLW2qaoqV+nTyFZpHOFQL0Sc9ADGTnHWtZap" + + "EpoamJm/TgYkfgJ5H/zGuKieVJIGkqCgmfCJFFy64s3Z+Oh58fHyNfGavipIJ2BrZcKXA+mzEd9Y" + + "OCcHI/gDV62SzvBGKhQHaNWzj8jvP750oN/xM3qkshLPEstOhj7IVyvkY+f7Nd7hf9vbc9QbVb7n" + + "dadLldqc00FMCwlmZnCrgL2v/cAySPBPwSD+/wC+3HbWx3rLbaqW81CVHOWnetMZjRm9h7VvClcj" + + "oDB7PymPTvem+a6roxvC10sd3ScmlucdEyUtRADxdice9wY3PQGRgj4OnHU3u5RW+op6imo4q+KA" + + "1UKGQ/bzrnt0biWxkgFOJK9ZyCCVX6f3T1Rh9RawbltdQNv18CGe2wxBDQyvGrowIJd15HEnHvP+" + + "OBjXoGzS0tNTpQipFTIw48Xn5SSBVUMw5e5wMgZ/j86yVNvvZ9TeDR1c9XSV0bl443dmYZXiCSCR" + + "jvxkjR1L1b46iWpStpIRLOWkCqyniP8AJjxPIniBjr+etFdu11DVu321WZiFHRjZcA/gsO+seNYf" + + "fVpq6n1Eo5KNATIYmb5Bx7csP4z/AKz8aX1N6Q7W3FuWWrS1TRzi+tXSutUESQhCGiVAvJVRgfcc" + + "HkeidM6tSmTbps9RHIH4KoqC8j/VC8R0+CSScZLdknPZGgNfYpUUUzfewxxcWpopWbhL715KgBIQ" + + "MCQc4A84+dD963X7ywQ0NIVW60qqzkzIfoszAMGUNyUHORkDrHxo3sSaOhtX2hnp3uNRF9b7hqtO" + + "DxM3Rcj3dMCPHXLGfOkLuPddp9R/ViOa62KppqK3Vctvsz0UylKtWfgXy3+L8WIZFBGRhs407rTT" + + "bcuFDRWmtsNGIZ1MMEU9GPqRorKPcJEzhich8Anz350Wk2zs2OsT7D7RZJpChMEk0MoypJZWVwM9" + + "ZzjWw2lbKaioFjQy/U9shLyu7Esi5JLEnsgnQlaSqhqayWSRZ5JaiSSNPoBCiq54jPuJyA2W+QfA" + + "+FrSXq4bdulZHRpWRzpArPK0SSNUExh14qB4c5X9ipz41Zud0juVouVooHN6rrZKVaoek/VhYgqE" + + "4v7cZPTfPHwT7tZX0e2NVUV5rK2ku9TeY6aFZJ6GuLALKzNnizE4CsqHIyBxJCk4AYFNt2wSUExm" + + "pP1lqgq1zkfXUtIgkiOFHQCsCM/kfOtZU7GsNZU1FFc1lrqCSNSlFOQ8SJk8kC4/tJx1rMwbWt0V" + + "CW21VW+krVoFTCRrPC0bf+NF8ocqMcT/AIg6EVF5/p9U6zPXLVFGpoKlSpMiEkniSCcqVY+eQIPW" + + "NULf/UNxJNS0dhklu8SK9Lco6pUcEr0JOu1HQ7z+R5OndaI5leWV0VQ54kA5KlWIx/Gqd2t6vcqe" + + "FIXNJMs71SoCMsQuG5jsN8AAjyTnrGlt6mVlqswtS0SG71NTXpSiCQFpogckll6Y4wvyD/OToVd7" + + "3tLedda4Nr3iRK2mqJhW1K0qxSSGJf1OTOAwwVADLkA9fPV2W77msVfPTClNRUyJCla0SqS5dR5J" + + "b2kluKlQc5BbHnWu2xTS0G4qmjvSq6RwrPHJUMHkkYDhzJHXIhmBAHnxpaL6j3il3D6g1VLuSz1k" + + "1ht//S6SZQ4KoTI6MyMOb9hR85HedM/0wqn3RsC0bhgq/pQV9J9WELEFaNWGARg+04xkd95xjQTe" + + "df6c7U+ysl3mtMFJe5JYGkkmAVKgKZCZGzlVbBySemA/OgvpZUQxvaqitgoqSsiX6XKh5RwVCBP0" + + "8KCTIoU8VJyDjIA8Bs2e5CprDTR8VXi8pRgyyZMh8qQMDHz850ZOlVv30RsW5blcL5S3a626+1cq" + + "TirFQ0qJIgAQCNjgIMeFKn9wQCMA3o2vprca/ctp29Jv6/3aoZ4IRRx08dC5D8nWQv7FJYHByeuv" + + "zo5SWn1Z2ttahutFZqbcG6JK5ZLu1TNEzzUq5ASNyVw6pxUMc5Oc5znR6KyXffldUVW4rBcbAqos" + + "EUq1qrUzUkwy8bFB+m4ZI2IBbAJAbOdau0+nmybJYqe027atvNHTRlYomhVz+Tln8knyScn50j/+" + + "SOyd3VO2oDtmPcNPYqJgDt23xKtOIiTy6gYO/Z5YOcAHGsJ/x39NgbzuDc+0bNt6/wAySmltbXGv" + + "flaT8ST07xBjIR30RjsL+dex9uwT/wBKo6i5UtPFdHp4/u/pgECTiOQDYBIByB+w0RVEVmZUUM39" + + "xA7P867ampqampqaq09BQwV9RWwUVNFU1AUTTJEoeQLnHJgMnGTjP51a1Nf/2Q=="); + + private static readonly byte[] embeddedJPEGKey = Base64.Decode( + "mI0ER0JXuwEEAKNqsXwLU6gu6P2Q/HJqEJVt3A7Kp1yucn8HWVeJF9JLAKVjVU8jrvz9Bw4NwaRJ" + + "NGYEAgdRq8Hx3WP9FXFCIVfCdi+oQrphcHWzzBFul8sykUGT+LmcBdqQGU9WaWSJyCOmUht4j7t0" + + "zk/IXX0YxGmkqR+no5rTj9LMDG8AQQrFABEBAAG0P0VyaWMgSCBFY2hpZG5hIChpbWFnZSB0ZXN0" + + "IGtleSkgPGVyaWMuZWNoaWRuYUBib3VuY3ljYXN0bGUub3JnPoi2BBMBAgAgBQJHQle7AhsDBgsJ" + + "CAcDAgQVAggDBBYCAwECHgECF4AACgkQ1+RWqFFpjMTKtgP+Okqkn0gVpQyNYXM/hWX6f3UQcyXk" + + "2Sd/fWW0XG+LBjhhBo+lXRWK0uYF8OMdZwsSl9HimpgYD5/kNs0Seh417DioP1diOgxkgezyQgMa" + + "+ODZfNnIvVaBr1pHLPLeqIBxBVMWBfa4wDXnLLGu8018uvI2yBhz5vByB1ntxwgKMXCwAgAD0cf3" + + "x/UBEAABAQAAAAAAAAAAAAAAAP/Y/+AAEEpGSUYAAQEBAEgASAAA/+EAFkV4aWYAAE1NACoAAAAI" + + "AAAAAAAA/9sAQwAFAwQEBAMFBAQEBQUFBgcMCAcHBwcPCwsJDBEPEhIRDxERExYcFxMUGhURERgh" + + "GBodHR8fHxMXIiQiHiQcHh8e/8AACwgAOgBQAQEiAP/EABwAAAIDAAMBAAAAAAAAAAAAAAUHAAQG" + + "AQIIA//EADEQAAIBAwQBAwMDBAEFAAAAAAECAwQFEQAGEiExByJBExRRI2FxFTJCkQglM0OBof/a" + + "AAgBAQAAPwD19U3SgppWjqKqKFl8824j/Z1mku9ZV7gNraq4KKQTsachsliwBBHeBgH9/nzoyz16" + + "FWjnDc2AIZfB7JAA8AD89+3986KUryPTI8qcHK+5fwdV7hcEpqE1aKJYwfcQ2AB+dVaK9fdRfXSh" + + "m+j8t8qOIbsHB8H/AGD+2SyMroGUhgRkEHo651NTSp9RKlYt7GSTgQsMcSKfcc5LH2+T0fjHYGvp" + + "Y6iCo3tUzQQTU6GGIFOOO+x8EAZ/c/P51upqsS0dDc6SZDC8fJSVJDhgCMeCP9H+NZSfd1JJK0cV" + + "SrzSlY2X6UnukcqoQqe8Akg/PRBA0VqaRJIKinWKIRnKGQIwJUjDHGfjxx/96HbBulS1tqmqKlfp" + + "08hWaRzhUC9EnPQAxk5x1rWWqRKaGpiZv04GJH4CeR/8xrionlSSBpKgoJnwiRRcuuLN2fjoefHx" + + "8jXxmr4qSCdga2XClwPpsxHfWDgnByP4A1etks7wRioUB2jVs4/I7z++dKDf8TN6pLISzxLLToY+" + + "yFcr5GPn+zXe4X/b23PUG1W+53WnS5XanNNBTAsJZmZwq4C9r/3AMkjwT8Eg/v8Avtx21sd6y22q" + + "lvNQlRzlp3rTGY0ZvYe1bwpXI6Awez8pj073pvmuq6MbwtdLHd0nJpbnHRMlLUQA8XYnHvcGNz0B" + + "kYI+Dpx1N7uUVvqKeopqOKvigNVChkP28657dG4lsZIBTiSvWcgglV+n909UYfUWsG5bXUDb9fAh" + + "ntsMQQ0Mrxq6MCCXdeRxJx7z/jgY16Bs0tLTU6UIqRUyMOPF5+UkgVVDMOXucDIGf4/OslTb72fU" + + "3g0dXPV0ldG5eON3ZmGV4gkgkY78ZI0dS9W+OolqUraSESzlpAqsp4j/ACY8TyJ4gY6/nrRXbtdQ" + + "1bt9tVmYhR0Y2XAP4LDvrHjWH31aaup9RKOSjQEyGJm+Qce3LD+M/wCs/Gl9TekO1txbllq0tU0c" + + "4vrV0rrVBEkIQholQLyVUYH3HB5HonTOrUpk26bPURyB+CqKgvI/1QvEdPgkknGS3ZJz2RoDX2KV" + + "FFM33sMcXFqaKVm4S+9eSoASEDAkHOAPOPnQ/et1+8sENDSFVutKqs5MyH6LMwDBlDclBzkZA6x8" + + "aN7EmjobV9oZ6d7jURfW+4arTg8TN0XI93TAjx1yxnzpC7j3XafUf1Yjmutiqaait1XLb7M9FMpS" + + "rVn4F8t/i/FiGRQRkYbONO60023LhQ0VprbDRiGdTDBFPRj6kaKyj3CRM4YnIfAJ89+dFpNs7Njr" + + "E+w+0WSaQoTBJNDKMqSWVlcDPWc41sNpWymoqBY0Mv1PbIS8ruxLIuSSxJ7IJ0JWkqoamslkkWeS" + + "WokkjT6AQoqueIz7icgNlvkHwPha0l6uG3bpWR0aVkc6QKzytEkjVBMYdeKgeHOV/Yqc+NWbndI7" + + "laLlaKBzeq62SlWqHpP1YWIKhOL+3GT03zx8E+7WV9HtjVVFeaytpLvU3mOmhWSehriwCyszZ4sx" + + "OArKhyMgcSQpOAGBTbdsElBMZqT9ZaoKtc5H11LSIJIjhR0ArAjP5HzrWVOxrDWVNRRXNZa6gkjU" + + "pRTkPEiZPJAuP7ScdazMG1rdFQlttVVvpK1aBUwkazwtG3/jRfKHKjHE/wCIOhFRef6fVOsz1y1R" + + "RqaCpUqTIhJJ4kgnKlWPnkCD1jVC3/1DcSTUtHYZJbvEivS3KOqVHBK9CTrtR0O8/keTp3WiOZXl" + + "ldFUOeJAOSpViMfxqndrer3KnhSFzSTLO9UqAjLELhuY7DfAAI8k56xpbeplZarMLUtEhu9TU16U" + + "ogkBaaIHJJZemOML8g/zk6FXe97S3nXWuDa94kStpqiYVtStKsUkhiX9TkzgMMFQAy5APXz1dlu+" + + "5rFXz0wpTUVMiQpWtEqkuXUeSW9pJbipUHOQWx51rtsU0tBuKpo70qukcKzxyVDB5JGA4cyR1yIZ" + + "gQB58aWi+o94pdw+oNVS7ks9ZNYbf/0ukmUOCqEyOjMjDm/YUfOR3nTP9MKp90bAtG4YKv6UFfSf" + + "VhCxBWjVhgEYPtOMZHfecY0E3nX+nO1PsrJd5rTBSXuSWBpJJgFSoCmQmRs5VWwcknpgPzoL6WVE" + + "Mb2qorYKKkrIl+lyoeUcFQgT9PCgkyKFPFScg4yAPAbNnuQqaw00fFV4vKUYMsmTIfKkDAx8/OdG" + + "TpVb99EbFuW5XC+Ut2utuvtXKk4qxUNKiSIAEAjY4CDHhSp/cEAjAN6Nr6a3Gv3LadvSb+v92qGe" + + "CEUcdPHQuQ/J1kL+xSWBwcnrr86OUlp9WdrbWobrRWam3BuiSuWS7tUzRM81KuQEjclcOqcVDHOT" + + "nOc50eisl335XVFVuKwXGwKqLBFKtaq1M1JMMvGxQfpuGSNiAWwCQGznWrtPp5smyWKntNu2rbzR" + + "00ZWKJoVc/k5Z/JJ8knJ+dI//kjsnd1TtqA7Zj3DT2KiYA7dt8SrTiIk8uoGDv2eWDnABxrCf8d/" + + "TYG87g3PtGzbev8AMkppbW1xr35Wk/Ek9O8QYyEd9EY7C/nXsfbsE/8ASqOouVLTxXR6eP7v6YBA" + + "k4jkA2ASAcgfsNEVRFZmVFDN/cQOz/Ou2pqampqamqtPQUMFfUVsFFTRVNQFE0yRKHkC5xyYDJxk" + + "4z+dWtTX/9mItgQTAQIAIAUCR0JYkAIbAwYLCQgHAwIEFQIIAwQWAgMBAh4BAheAAAoJENfkVqhR" + + "aYzEAPYD/iHdLOAE8r8HHF3F4z28vtIT8iiRB9aPC/YH0xqV1qeEKG8+VosBaQAOCEquONtRWsww" + + "gO3XB0d6VAq2kMOKc2YiB4ZtZcFvvmP9KdmVIZxVjpa9ozjP5j9zFso1HOpFcsn/VDBEqy5TvsNx" + + "Qvmtc8X7lqK/zLRVkSSBItik2IIhsAIAAw=="); + + private void FingerPrintTest() + { + // + // version 3 + // + PgpPublicKeyRing pgpPub = new PgpPublicKeyRing(fingerprintKey); + + PgpPublicKey pubKey = pgpPub.GetPublicKey(); + + if (!Arrays.AreEqual(pubKey.GetFingerprint(), Hex.Decode("4FFB9F0884266C715D1CEAC804A3BBFA"))) + { + Fail("version 3 fingerprint test failed"); + } + + // + // version 4 + // + pgpPub = new PgpPublicKeyRing(testPubKey); + + pubKey = pgpPub.GetPublicKey(); + + if (!Arrays.AreEqual(pubKey.GetFingerprint(), Hex.Decode("3062363c1046a01a751946bb35586146fdf3f373"))) + { + Fail("version 4 fingerprint test failed"); + } + } + + private void MixedTest( + PgpPrivateKey pgpPrivKey, + PgpPublicKey pgpPubKey) + { + byte[] text = Encoding.ASCII.GetBytes("hello world!\n"); + + // + // literal data + // + MemoryStream bOut = new MemoryStream(); + PgpLiteralDataGenerator lGen = new PgpLiteralDataGenerator(); + Stream lOut = lGen.Open( + bOut, + PgpLiteralData.Binary, + PgpLiteralData.Console, + text.Length, + DateTime.UtcNow); + + lOut.Write(text, 0, text.Length); + + lGen.Close(); + + byte[] bytes = bOut.ToArray(); + + PgpObjectFactory f = new PgpObjectFactory(bytes); + CheckLiteralData((PgpLiteralData)f.NextPgpObject(), text); + + MemoryStream bcOut = new MemoryStream(); + + PgpEncryptedDataGenerator encGen = new PgpEncryptedDataGenerator( + SymmetricKeyAlgorithmTag.Aes128, + true, + new SecureRandom()); + + encGen.AddMethod(pgpPubKey); + + encGen.AddMethod("password".ToCharArray(), HashAlgorithmTag.Sha1); + + Stream cOut = encGen.Open(bcOut, bytes.Length); + + cOut.Write(bytes, 0, bytes.Length); + + cOut.Close(); + + byte[] encData = bcOut.ToArray(); + + // + // asymmetric + // + PgpObjectFactory pgpF = new PgpObjectFactory(encData); + + PgpEncryptedDataList encList = (PgpEncryptedDataList) pgpF.NextPgpObject(); + + PgpPublicKeyEncryptedData encP = (PgpPublicKeyEncryptedData)encList[0]; + + Stream clear = encP.GetDataStream(pgpPrivKey); + + PgpObjectFactory pgpFact = new PgpObjectFactory(clear); + + CheckLiteralData((PgpLiteralData)pgpFact.NextPgpObject(), text); + + // + // PBE + // + pgpF = new PgpObjectFactory(encData); + + encList = (PgpEncryptedDataList)pgpF.NextPgpObject(); + + PgpPbeEncryptedData encPbe = (PgpPbeEncryptedData) encList[1]; + + clear = encPbe.GetDataStream("password".ToCharArray()); + + pgpF = new PgpObjectFactory(clear); + + CheckLiteralData((PgpLiteralData) pgpF.NextPgpObject(), text); + } + + private void CheckLiteralData( + PgpLiteralData ld, + byte[] data) + { + if (!ld.FileName.Equals(PgpLiteralData.Console)) + throw new Exception("wrong filename in packet"); + + Stream inLd = ld.GetDataStream(); + byte[] bytes = Streams.ReadAll(inLd); + + if (!AreEqual(bytes, data)) + { + Fail("wrong plain text in decrypted packet"); + } + } + + private void ExistingEmbeddedJpegTest() + { + PgpPublicKeyRing pgpPub = new PgpPublicKeyRing(embeddedJPEGKey); + + PgpPublicKey pubKey = pgpPub.GetPublicKey(); + + int count = 0; + foreach (PgpUserAttributeSubpacketVector attributes in pubKey.GetUserAttributes()) + { + int sigCount = 0; + foreach (PgpSignature sig in pubKey.GetSignaturesForUserAttribute(attributes)) + { + sig.InitVerify(pubKey); + + if (!sig.VerifyCertification(attributes, pubKey)) + { + Fail("signature failed verification"); + } + + sigCount++; + } + + if (sigCount != 1) + { + Fail("Failed user attributes signature check"); + } + count++; + } + + if (count != 1) + { + Fail("didn't find user attributes"); + } + } + + private void EmbeddedJpegTest() + { + PgpPublicKeyRing pgpPub = new PgpPublicKeyRing(testPubKey); + PgpSecretKeyRing pgpSec = new PgpSecretKeyRing(testPrivKey); + + PgpPublicKey pubKey = pgpPub.GetPublicKey(); + + PgpUserAttributeSubpacketVectorGenerator vGen = new PgpUserAttributeSubpacketVectorGenerator(); + + vGen.SetImageAttribute(ImageAttrib.Format.Jpeg, jpegImage); + + PgpUserAttributeSubpacketVector uVec = vGen.Generate(); + + PgpSignatureGenerator sGen = new PgpSignatureGenerator( + PublicKeyAlgorithmTag.RsaGeneral, HashAlgorithmTag.Sha1); + + sGen.InitSign(PgpSignature.PositiveCertification, pgpSec.GetSecretKey().ExtractPrivateKey(pass)); + + PgpSignature sig = sGen.GenerateCertification(uVec, pubKey); + + PgpPublicKey nKey = PgpPublicKey.AddCertification(pubKey, uVec, sig); + + int count = 0; + foreach (PgpUserAttributeSubpacketVector attributes in nKey.GetUserAttributes()) + { + int sigCount = 0; + foreach (PgpSignature s in nKey.GetSignaturesForUserAttribute(attributes)) + { + s.InitVerify(pubKey); + + if (!s.VerifyCertification(attributes, pubKey)) + { + Fail("added signature failed verification"); + } + + sigCount++; + } + + if (sigCount != 1) + { + Fail("Failed added user attributes signature check"); + } + count++; + } + + if (count != 1) + { + Fail("didn't find added user attributes"); + } + + nKey = PgpPublicKey.RemoveCertification(nKey, uVec); + + if (nKey.GetUserAttributes().GetEnumerator().MoveNext()) + { + Fail("found attributes where none expected"); + } + } + + public override void PerformTest() + { + // + // Read the public key + // + PgpPublicKeyRing pgpPub = new PgpPublicKeyRing(testPubKey); + + AsymmetricKeyParameter pubKey = pgpPub.GetPublicKey().GetKey(); + + IEnumerator enumerator = pgpPub.GetPublicKey().GetUserIds().GetEnumerator(); + enumerator.MoveNext(); + string uid = (string) enumerator.Current; + + + enumerator = pgpPub.GetPublicKey().GetSignaturesForId(uid).GetEnumerator(); + enumerator.MoveNext(); + PgpSignature sig = (PgpSignature) enumerator.Current; + + sig.InitVerify(pgpPub.GetPublicKey()); + + if (!sig.VerifyCertification(uid, pgpPub.GetPublicKey())) + { + Fail("failed to verify certification"); + } + + // + // write a public key + // + MemoryStream bOut = new UncloseableMemoryStream(); + BcpgOutputStream pOut = new BcpgOutputStream(bOut); + + pgpPub.Encode(pOut); + + if (!Arrays.AreEqual(bOut.ToArray(), testPubKey)) + { + Fail("public key rewrite failed"); + } + + // + // Read the public key + // + PgpPublicKeyRing pgpPubV3 = new PgpPublicKeyRing(testPubKeyV3); + AsymmetricKeyParameter pubKeyV3 = pgpPub.GetPublicKey().GetKey(); + + // + // write a V3 public key + // + bOut = new UncloseableMemoryStream(); + pOut = new BcpgOutputStream(bOut); + + pgpPubV3.Encode(pOut); + + // + // Read a v3 private key + // + char[] passP = "FIXCITY_QA".ToCharArray(); + + { + PgpSecretKeyRing pgpPriv2 = new PgpSecretKeyRing(testPrivKeyV3); + PgpSecretKey pgpPrivSecretKey = pgpPriv2.GetSecretKey(); + PgpPrivateKey pgpPrivKey2 = pgpPrivSecretKey.ExtractPrivateKey(passP); + + // + // write a v3 private key + // + bOut = new UncloseableMemoryStream(); + pOut = new BcpgOutputStream(bOut); + + pgpPriv2.Encode(pOut); + + byte[] result = bOut.ToArray(); + if (!Arrays.AreEqual(result, testPrivKeyV3)) + { + Fail("private key V3 rewrite failed"); + } + } + + // + // Read the private key + // + PgpSecretKeyRing pgpPriv = new PgpSecretKeyRing(testPrivKey); + PgpPrivateKey pgpPrivKey = pgpPriv.GetSecretKey().ExtractPrivateKey(pass); + + // + // write a private key + // + bOut = new UncloseableMemoryStream(); + pOut = new BcpgOutputStream(bOut); + + pgpPriv.Encode(pOut); + + if (!Arrays.AreEqual(bOut.ToArray(), testPrivKey)) + { + Fail("private key rewrite failed"); + } + + // + // test encryption + // + IBufferedCipher c = CipherUtilities.GetCipher("RSA"); + +// c.Init(Cipher.ENCRYPT_MODE, pubKey); + c.Init(true, pubKey); + + byte[] inBytes = Encoding.ASCII.GetBytes("hello world"); + byte[] outBytes = c.DoFinal(inBytes); + +// c.Init(Cipher.DECRYPT_MODE, pgpPrivKey.GetKey()); + c.Init(false, pgpPrivKey.Key); + + outBytes = c.DoFinal(outBytes); + + if (!Arrays.AreEqual(inBytes, outBytes)) + { + Fail("decryption failed."); + } + + // + // test signature message + // + PgpObjectFactory pgpFact = new PgpObjectFactory(sig1); + + PgpCompressedData c1 = (PgpCompressedData)pgpFact.NextPgpObject(); + + pgpFact = new PgpObjectFactory(c1.GetDataStream()); + + PgpOnePassSignatureList p1 = (PgpOnePassSignatureList)pgpFact.NextPgpObject(); + + PgpOnePassSignature ops = p1[0]; + + PgpLiteralData p2 = (PgpLiteralData)pgpFact.NextPgpObject(); + + Stream dIn = p2.GetInputStream(); + + ops.InitVerify(pgpPub.GetPublicKey(ops.KeyId)); + + int ch; + while ((ch = dIn.ReadByte()) >= 0) + { + ops.Update((byte)ch); + } + + PgpSignatureList p3 = (PgpSignatureList)pgpFact.NextPgpObject(); + + if (!ops.Verify(p3[0])) + { + Fail("Failed signature check"); + } + + // + // encrypted message - read subkey + // + pgpPriv = new PgpSecretKeyRing(subKey); + + // + // encrypted message + // + byte[] text = Encoding.ASCII.GetBytes("hello world!\n"); + + PgpObjectFactory pgpF = new PgpObjectFactory(enc1); + + PgpEncryptedDataList encList = (PgpEncryptedDataList)pgpF.NextPgpObject(); + + PgpPublicKeyEncryptedData encP = (PgpPublicKeyEncryptedData)encList[0]; + + pgpPrivKey = pgpPriv.GetSecretKey(encP.KeyId).ExtractPrivateKey(pass); + + Stream clear = encP.GetDataStream(pgpPrivKey); + + pgpFact = new PgpObjectFactory(clear); + + c1 = (PgpCompressedData)pgpFact.NextPgpObject(); + + pgpFact = new PgpObjectFactory(c1.GetDataStream()); + + PgpLiteralData ld = (PgpLiteralData)pgpFact.NextPgpObject(); + + if (!ld.FileName.Equals("test.txt")) + { + throw new Exception("wrong filename in packet"); + } + + Stream inLd = ld.GetDataStream(); + byte[] bytes = Streams.ReadAll(inLd); + + if (!Arrays.AreEqual(bytes, text)) + { + Fail("wrong plain text in decrypted packet"); + } + + // + // encrypt - short message + // + byte[] shortText = { (byte)'h', (byte)'e', (byte)'l', (byte)'l', (byte)'o' }; + + MemoryStream cbOut = new UncloseableMemoryStream(); + PgpEncryptedDataGenerator cPk = new PgpEncryptedDataGenerator(SymmetricKeyAlgorithmTag.Cast5, new SecureRandom()); + PgpPublicKey puK = pgpPriv.GetSecretKey(encP.KeyId).PublicKey; + + cPk.AddMethod(puK); + + Stream cOut = cPk.Open(new UncloseableStream(cbOut), shortText.Length); + + cOut.Write(shortText, 0, shortText.Length); + + cOut.Close(); + + pgpF = new PgpObjectFactory(cbOut.ToArray()); + + encList = (PgpEncryptedDataList)pgpF.NextPgpObject(); + + encP = (PgpPublicKeyEncryptedData)encList[0]; + + pgpPrivKey = pgpPriv.GetSecretKey(encP.KeyId).ExtractPrivateKey(pass); + + if (encP.GetSymmetricAlgorithm(pgpPrivKey) != SymmetricKeyAlgorithmTag.Cast5) + { + Fail("symmetric algorithm mismatch"); + } + + clear = encP.GetDataStream(pgpPrivKey); + outBytes = Streams.ReadAll(clear); + + if (!Arrays.AreEqual(outBytes, shortText)) + { + Fail("wrong plain text in generated short text packet"); + } + + // + // encrypt + // + cbOut = new UncloseableMemoryStream(); + cPk = new PgpEncryptedDataGenerator(SymmetricKeyAlgorithmTag.Cast5, new SecureRandom()); + puK = pgpPriv.GetSecretKey(encP.KeyId).PublicKey; + + cPk.AddMethod(puK); + + cOut = cPk.Open(new UncloseableStream(cbOut), text.Length); + + cOut.Write(text, 0, text.Length); + + cOut.Close(); + + pgpF = new PgpObjectFactory(cbOut.ToArray()); + + encList = (PgpEncryptedDataList)pgpF.NextPgpObject(); + + encP = (PgpPublicKeyEncryptedData)encList[0]; + + pgpPrivKey = pgpPriv.GetSecretKey(encP.KeyId).ExtractPrivateKey(pass); + + clear = encP.GetDataStream(pgpPrivKey); + outBytes = Streams.ReadAll(clear); + + if (!Arrays.AreEqual(outBytes, text)) + { + Fail("wrong plain text in generated packet"); + } + + // + // read public key with sub key. + // + pgpF = new PgpObjectFactory(subPubKey); + object o; + while ((o = pgpFact.NextPgpObject()) != null) + { + // TODO Should something be tested here? + // Console.WriteLine(o); + } + + // + // key pair generation - CAST5 encryption + // + char[] passPhrase = "hello".ToCharArray(); + IAsymmetricCipherKeyPairGenerator kpg = GeneratorUtilities.GetKeyPairGenerator("RSA"); + RsaKeyGenerationParameters genParam = new RsaKeyGenerationParameters( + BigInteger.ValueOf(0x10001), new SecureRandom(), 1024, 25); + + kpg.Init(genParam); + + + AsymmetricCipherKeyPair kp = kpg.GenerateKeyPair(); + + PgpSecretKey secretKey = new PgpSecretKey( + PgpSignature.DefaultCertification, + PublicKeyAlgorithmTag.RsaGeneral, + kp.Public, + kp.Private, + DateTime.UtcNow, + "fred", + SymmetricKeyAlgorithmTag.Cast5, + passPhrase, + null, + null, + new SecureRandom() + ); + + PgpPublicKey key = secretKey.PublicKey; + + + enumerator = key.GetUserIds().GetEnumerator(); + enumerator.MoveNext(); + uid = (string) enumerator.Current; + + + enumerator = key.GetSignaturesForId(uid).GetEnumerator(); + enumerator.MoveNext(); + sig = (PgpSignature) enumerator.Current; + + sig.InitVerify(key); + + if (!sig.VerifyCertification(uid, key)) + { + Fail("failed to verify certification"); + } + + pgpPrivKey = secretKey.ExtractPrivateKey(passPhrase); + + key = PgpPublicKey.RemoveCertification(key, uid, sig); + + if (key == null) + { + Fail("failed certification removal"); + } + + byte[] keyEnc = key.GetEncoded(); + + key = PgpPublicKey.AddCertification(key, uid, sig); + + keyEnc = key.GetEncoded(); + + PgpSignatureGenerator sGen = new PgpSignatureGenerator(PublicKeyAlgorithmTag.RsaGeneral, HashAlgorithmTag.Sha1); + + sGen.InitSign(PgpSignature.KeyRevocation, secretKey.ExtractPrivateKey(passPhrase)); + + sig = sGen.GenerateCertification(key); + + key = PgpPublicKey.AddCertification(key, sig); + + keyEnc = key.GetEncoded(); + + PgpPublicKeyRing tmpRing = new PgpPublicKeyRing(keyEnc); + + key = tmpRing.GetPublicKey(); + + IEnumerator sgEnum = key.GetSignaturesOfType(PgpSignature.KeyRevocation).GetEnumerator(); + sgEnum.MoveNext(); + sig = (PgpSignature) sgEnum.Current; + + sig.InitVerify(key); + + if (!sig.VerifyCertification(key)) + { + Fail("failed to verify revocation certification"); + } + + // + // use of PgpKeyPair + // + PgpKeyPair pgpKp = new PgpKeyPair(PublicKeyAlgorithmTag.RsaGeneral, + kp.Public, kp.Private, DateTime.UtcNow); + + PgpPublicKey k1 = pgpKp.PublicKey; + PgpPrivateKey k2 = pgpKp.PrivateKey; + + k1.GetEncoded(); + + MixedTest(k2, k1); + + // + // key pair generation - AES_256 encryption. + // + kp = kpg.GenerateKeyPair(); + + secretKey = new PgpSecretKey(PgpSignature.DefaultCertification, PublicKeyAlgorithmTag.RsaGeneral, kp.Public, kp.Private, DateTime.UtcNow, "fred", SymmetricKeyAlgorithmTag.Aes256, passPhrase, null, null, new SecureRandom()); + + secretKey.ExtractPrivateKey(passPhrase); + + secretKey.Encode(new UncloseableMemoryStream()); + + // + // secret key password changing. + // + const string newPass = "newPass"; + + secretKey = PgpSecretKey.CopyWithNewPassword(secretKey, passPhrase, newPass.ToCharArray(), secretKey.KeyEncryptionAlgorithm, new SecureRandom()); + + secretKey.ExtractPrivateKey(newPass.ToCharArray()); + + secretKey.Encode(new UncloseableMemoryStream()); + + key = secretKey.PublicKey; + + key.Encode(new UncloseableMemoryStream()); + + + enumerator = key.GetUserIds().GetEnumerator(); + enumerator.MoveNext(); + uid = (string) enumerator.Current; + + + enumerator = key.GetSignaturesForId(uid).GetEnumerator(); + enumerator.MoveNext(); + sig = (PgpSignature) enumerator.Current; + + sig.InitVerify(key); + + if (!sig.VerifyCertification(uid, key)) + { + Fail("failed to verify certification"); + } + + pgpPrivKey = secretKey.ExtractPrivateKey(newPass.ToCharArray()); + + // + // signature generation + // + const string data = "hello world!"; + byte[] dataBytes = Encoding.ASCII.GetBytes(data); + + bOut = new UncloseableMemoryStream(); + + MemoryStream testIn = new MemoryStream(dataBytes, false); + + sGen = new PgpSignatureGenerator( + PublicKeyAlgorithmTag.RsaGeneral, HashAlgorithmTag.Sha1); + + sGen.InitSign(PgpSignature.BinaryDocument, pgpPrivKey); + + PgpCompressedDataGenerator cGen = new PgpCompressedDataGenerator( + CompressionAlgorithmTag.Zip); + + BcpgOutputStream bcOut = new BcpgOutputStream(cGen.Open(new UncloseableStream(bOut))); + + sGen.GenerateOnePassVersion(false).Encode(bcOut); + + PgpLiteralDataGenerator lGen = new PgpLiteralDataGenerator(); + + DateTime testDateTime = new DateTime(1973, 7, 27); + Stream lOut = lGen.Open(new UncloseableStream(bcOut), PgpLiteralData.Binary, "_CONSOLE", + dataBytes.Length, testDateTime); + + // TODO Need a stream object to automatically call Update? + // (via ISigner implementation of PgpSignatureGenerator) + while ((ch = testIn.ReadByte()) >= 0) + { + lOut.WriteByte((byte)ch); + sGen.Update((byte)ch); + } + + lOut.Close(); + + sGen.Generate().Encode(bcOut); + + bcOut.Close(); + + // + // verify generated signature + // + pgpFact = new PgpObjectFactory(bOut.ToArray()); + + c1 = (PgpCompressedData)pgpFact.NextPgpObject(); + + pgpFact = new PgpObjectFactory(c1.GetDataStream()); + + p1 = (PgpOnePassSignatureList)pgpFact.NextPgpObject(); + + ops = p1[0]; + + p2 = (PgpLiteralData)pgpFact.NextPgpObject(); + if (!p2.ModificationTime.Equals(testDateTime)) + { + Fail("Modification time not preserved"); + } + + dIn = p2.GetInputStream(); + + ops.InitVerify(secretKey.PublicKey); + + // TODO Need a stream object to automatically call Update? + // (via ISigner implementation of PgpSignatureGenerator) + while ((ch = dIn.ReadByte()) >= 0) + { + ops.Update((byte)ch); + } + + p3 = (PgpSignatureList)pgpFact.NextPgpObject(); + + if (!ops.Verify(p3[0])) + { + Fail("Failed generated signature check"); + } + + // + // signature generation - version 3 + // + bOut = new UncloseableMemoryStream(); + + testIn = new MemoryStream(dataBytes); + PgpV3SignatureGenerator sGenV3 = new PgpV3SignatureGenerator( + PublicKeyAlgorithmTag.RsaGeneral, HashAlgorithmTag.Sha1); + + sGen.InitSign(PgpSignature.BinaryDocument, pgpPrivKey); + + cGen = new PgpCompressedDataGenerator(CompressionAlgorithmTag.Zip); + + bcOut = new BcpgOutputStream(cGen.Open(new UncloseableStream(bOut))); + + sGen.GenerateOnePassVersion(false).Encode(bcOut); + + lGen = new PgpLiteralDataGenerator(); + lOut = lGen.Open( + new UncloseableStream(bcOut), + PgpLiteralData.Binary, + "_CONSOLE", + dataBytes.Length, + testDateTime); + + // TODO Need a stream object to automatically call Update? + // (via ISigner implementation of PgpSignatureGenerator) + while ((ch = testIn.ReadByte()) >= 0) + { + lOut.WriteByte((byte) ch); + sGen.Update((byte)ch); + } + + lOut.Close(); + + sGen.Generate().Encode(bcOut); + + bcOut.Close(); + + // + // verify generated signature + // + pgpFact = new PgpObjectFactory(bOut.ToArray()); + + c1 = (PgpCompressedData)pgpFact.NextPgpObject(); + + pgpFact = new PgpObjectFactory(c1.GetDataStream()); + + p1 = (PgpOnePassSignatureList)pgpFact.NextPgpObject(); + + ops = p1[0]; + + p2 = (PgpLiteralData)pgpFact.NextPgpObject(); + if (!p2.ModificationTime.Equals(testDateTime)) + { + Fail("Modification time not preserved"); + } + + dIn = p2.GetInputStream(); + + ops.InitVerify(secretKey.PublicKey); + + // TODO Need a stream object to automatically call Update? + // (via ISigner implementation of PgpSignatureGenerator) + while ((ch = dIn.ReadByte()) >= 0) + { + ops.Update((byte)ch); + } + + p3 = (PgpSignatureList)pgpFact.NextPgpObject(); + + if (!ops.Verify(p3[0])) + { + Fail("Failed v3 generated signature check"); + } + + // + // extract PGP 8 private key + // + pgpPriv = new PgpSecretKeyRing(pgp8Key); + + secretKey = pgpPriv.GetSecretKey(); + + pgpPrivKey = secretKey.ExtractPrivateKey(pgp8Pass); + + // + // other sig tests + // + PerformTestSig(HashAlgorithmTag.Sha256, secretKey.PublicKey, pgpPrivKey); + PerformTestSig(HashAlgorithmTag.Sha384, secretKey.PublicKey, pgpPrivKey); + PerformTestSig(HashAlgorithmTag.Sha512, secretKey.PublicKey, pgpPrivKey); + FingerPrintTest(); + ExistingEmbeddedJpegTest(); + EmbeddedJpegTest(); + } + + private void PerformTestSig( + HashAlgorithmTag hashAlgorithm, + PgpPublicKey pubKey, + PgpPrivateKey privKey) + { + const string data = "hello world!"; + byte[] dataBytes = Encoding.ASCII.GetBytes(data); + + MemoryStream bOut = new UncloseableMemoryStream(); + MemoryStream testIn = new MemoryStream(dataBytes, false); + PgpSignatureGenerator sGen = new PgpSignatureGenerator(PublicKeyAlgorithmTag.RsaGeneral, hashAlgorithm); + + sGen.InitSign(PgpSignature.BinaryDocument, privKey); + + PgpCompressedDataGenerator cGen = new PgpCompressedDataGenerator(CompressionAlgorithmTag.Zip); + + BcpgOutputStream bcOut = new BcpgOutputStream(cGen.Open(new UncloseableStream(bOut))); + + sGen.GenerateOnePassVersion(false).Encode(bcOut); + + PgpLiteralDataGenerator lGen = new PgpLiteralDataGenerator(); + DateTime testDateTime = new DateTime(1973, 7, 27); + Stream lOut = lGen.Open( + new UncloseableStream(bcOut), + PgpLiteralData.Binary, + "_CONSOLE", + dataBytes.Length, + testDateTime); + + // TODO Need a stream object to automatically call Update? + // (via ISigner implementation of PgpSignatureGenerator) + int ch; + while ((ch = testIn.ReadByte()) >= 0) + { + lOut.WriteByte((byte)ch); + sGen.Update((byte)ch); + } + + lOut.Close(); + + sGen.Generate().Encode(bcOut); + + bcOut.Close(); + + // + // verify generated signature + // + PgpObjectFactory pgpFact = new PgpObjectFactory(bOut.ToArray()); + + PgpCompressedData c1 = (PgpCompressedData)pgpFact.NextPgpObject(); + + pgpFact = new PgpObjectFactory(c1.GetDataStream()); + + PgpOnePassSignatureList p1 = (PgpOnePassSignatureList)pgpFact.NextPgpObject(); + + PgpOnePassSignature ops = p1[0]; + + PgpLiteralData p2 = (PgpLiteralData)pgpFact.NextPgpObject(); + if (!p2.ModificationTime.Equals(testDateTime)) + { + Fail("Modification time not preserved"); + } + + Stream dIn = p2.GetInputStream(); + + ops.InitVerify(pubKey); + + // TODO Need a stream object to automatically call Update? + // (via ISigner implementation of PgpSignatureGenerator) + while ((ch = dIn.ReadByte()) >= 0) + { + ops.Update((byte)ch); + } + + PgpSignatureList p3 = (PgpSignatureList)pgpFact.NextPgpObject(); + + if (!ops.Verify(p3[0])) + { + Fail("Failed generated signature check - " + hashAlgorithm); + } + } + + private class UncloseableMemoryStream + : MemoryStream + { + public override void Close() + { + throw new Exception("Close() called on underlying stream"); + } + } + + public override string Name + { + get { return "PgpRsaTest"; } + } + + public static void Main(string[] args) + { + RunTest(new PgpRsaTest()); + } + + [Test] + public void TestFunction() + { + string resultText = Perform().ToString(); + + Assert.AreEqual(Name + ": Okay", resultText); + } + } +} diff --git a/BouncyCastle/crypto/test/src/openpgp/test/PGPSignatureTest.cs b/BouncyCastle/crypto/test/src/openpgp/test/PGPSignatureTest.cs new file mode 100644 index 0000000..b836fe2 --- /dev/null +++ b/BouncyCastle/crypto/test/src/openpgp/test/PGPSignatureTest.cs @@ -0,0 +1,1085 @@ +using System; +using System.IO; +using System.Text; + +using NUnit.Framework; + +using Org.BouncyCastle.Bcpg.Sig; +using Org.BouncyCastle.Utilities.Date; +using Org.BouncyCastle.Utilities.Encoders; +using Org.BouncyCastle.Utilities.IO; +using Org.BouncyCastle.Utilities.Test; + +namespace Org.BouncyCastle.Bcpg.OpenPgp.Tests +{ + [TestFixture] + public class PgpSignatureTest + : SimpleTest + { + private const int[] NO_PREFERENCES = null; + private static readonly int[] PREFERRED_SYMMETRIC_ALGORITHMS + = new int[] { (int)SymmetricKeyAlgorithmTag.Aes128, (int)SymmetricKeyAlgorithmTag.TripleDes }; + private static readonly int[] PREFERRED_HASH_ALGORITHMS + = new int[] { (int)HashAlgorithmTag.Sha1, (int)HashAlgorithmTag.Sha256 }; + private static readonly int[] PREFERRED_COMPRESSION_ALGORITHMS + = new int[] { (int)CompressionAlgorithmTag.ZLib }; + + private const int TEST_EXPIRATION_TIME = 10000; + private const string TEST_USER_ID = "test user id"; + private static readonly byte[] TEST_DATA = Encoding.ASCII.GetBytes("hello world!\nhello world!\n"); + private static readonly byte[] TEST_DATA_WITH_CRLF = Encoding.ASCII.GetBytes("hello world!\r\nhello world!\r\n"); + + private static readonly byte[] dsaKeyRing = Base64.Decode( + "lQHhBD9HBzURBACzkxRCVGJg5+Ld9DU4Xpnd4LCKgMq7YOY7Gi0EgK92gbaa6+zQ" + + "oQFqz1tt3QUmpz3YVkm/zLESBBtC1ACIXGggUdFMUr5I87+1Cb6vzefAtGt8N5VV" + + "1F/MXv1gJz4Bu6HyxL/ncfe71jsNhav0i4yAjf2etWFj53zK6R+Ojg5H6wCgpL9/" + + "tXVfGP8SqFvyrN/437MlFSUEAIN3V6j/MUllyrZglrtr2+RWIwRrG/ACmrF6hTug" + + "Ol4cQxaDYNcntXbhlTlJs9MxjTH3xxzylyirCyq7HzGJxZzSt6FTeh1DFYzhJ7Qu" + + "YR1xrSdA6Y0mUv0ixD5A4nPHjupQ5QCqHGeRfFD/oHzD4zqBnJp/BJ3LvQ66bERJ" + + "mKl5A/4uj3HoVxpb0vvyENfRqKMmGBISycY4MoH5uWfb23FffsT9r9KL6nJ4syLz" + + "aRR0gvcbcjkc9Z3epI7gr3jTrb4d8WPxsDbT/W1tv9bG/EHawomLcihtuUU68Uej" + + "6/wZot1XJqu2nQlku57+M/V2X1y26VKsipolPfja4uyBOOyvbP4DAwIDIBTxWjkC" + + "GGAWQO2jy9CTvLHJEoTO7moHrp1FxOVpQ8iJHyRqZzLllO26OzgohbiPYz8u9qCu" + + "lZ9Xn7QzRXJpYyBFY2hpZG5hIChEU0EgVGVzdCBLZXkpIDxlcmljQGJvdW5jeWNh" + + "c3RsZS5vcmc+iFkEExECABkFAj9HBzUECwcDAgMVAgMDFgIBAh4BAheAAAoJEM0j" + + "9enEyjRDAlwAnjTjjt57NKIgyym7OTCwzIU3xgFpAJ0VO5m5PfQKmGJRhaewLSZD" + + "4nXkHg=="); + + private static readonly char[] dsaPass = "hello world".ToCharArray(); + + private static readonly byte[] rsaKeyRing = Base64.Decode( + "lQIEBEBXUNMBBADScQczBibewnbCzCswc/9ut8R0fwlltBRxMW0NMdKJY2LF" + + "7k2COeLOCIU95loJGV6ulbpDCXEO2Jyq8/qGw1qD3SCZNXxKs3GS8Iyh9Uwd" + + "VL07nMMYl5NiQRsFB7wOb86+94tYWgvikVA5BRP5y3+O3GItnXnpWSJyREUy" + + "6WI2QQAGKf4JAwIVmnRs4jtTX2DD05zy2mepEQ8bsqVAKIx7lEwvMVNcvg4Y" + + "8vFLh9Mf/uNciwL4Se/ehfKQ/AT0JmBZduYMqRU2zhiBmxj4cXUQ0s36ysj7" + + "fyDngGocDnM3cwPxaTF1ZRBQHSLewP7dqE7M73usFSz8vwD/0xNOHFRLKbsO" + + "RqDlLA1Cg2Yd0wWPS0o7+qqk9ndqrjjSwMM8ftnzFGjShAdg4Ca7fFkcNePP" + + "/rrwIH472FuRb7RbWzwXA4+4ZBdl8D4An0dwtfvAO+jCZSrLjmSpxEOveJxY" + + "GduyR4IA4lemvAG51YHTHd4NXheuEqsIkn1yarwaaj47lFPnxNOElOREMdZb" + + "nkWQb1jfgqO24imEZgrLMkK9bJfoDnlF4k6r6hZOp5FSFvc5kJB4cVo1QJl4" + + "pwCSdoU6luwCggrlZhDnkGCSuQUUW45NE7Br22NGqn4/gHs0KCsWbAezApGj" + + "qYUCfX1bcpPzUMzUlBaD5rz2vPeO58CDtBJ0ZXN0ZXIgPHRlc3RAdGVzdD6I" + + "sgQTAQIAHAUCQFdQ0wIbAwQLBwMCAxUCAwMWAgECHgECF4AACgkQs8JyyQfH" + + "97I1QgP8Cd+35maM2cbWV9iVRO+c5456KDi3oIUSNdPf1NQrCAtJqEUhmMSt" + + "QbdiaFEkPrORISI/2htXruYn0aIpkCfbUheHOu0sef7s6pHmI2kOQPzR+C/j" + + "8D9QvWsPOOso81KU2axUY8zIer64Uzqc4szMIlLw06c8vea27RfgjBpSCryw" + + "AgAA"); + + private static readonly char[] rsaPass = "2002 Buffalo Sabres".ToCharArray(); + + private static readonly byte[] nullPacketsSubKeyBinding = Base64.Decode( + "iDYEGBECAAAAACp9AJ9PlJCrFpi+INwG7z61eku2Wg1HaQCgl33X5Egj+Kf7F9CXIWj2iFCvQDo="); + + private static readonly byte[] okAttr = Base64.Decode( + "mQENBFOkuoMBCAC+8WcWLBZovlR5pLW4tbOoH3APia+poMEeTNkXKe8yAH0f" + + "ZmTQgeXFBIizd4Ka1QETbayv+C6Axt6Ipdwf+3N/lqcOqg6PEwuIX4MBrv5R" + + "ILMH5QyM3a3RlyXa7xES3I9t2VHiZvl15OrTZe67YNGtxlXyeawt6v/9d/a3" + + "M1EaUzjN4H2EfI3P/VWpMUvQkn70996UKInOyaSB0hef/QS10jshG9DdgmLM" + + "1/mJFRp8ynZOV4yGLnAdoEoPGG/HJZEzWfqOiwmWZOIrZIwedY1eKuMIhUGv" + + "LTC9u+9X0h+Y0st5eb1pf8OLvrpRpEyHMrxXfj/V3rxom4d160ifGihPABEB" + + "AAG0GndpdGggYXR0dHIgPGF0dHJAYXR0ci5uZXQ+iQE4BBMBAgAiBQJTpLqD" + + "AhsDBgsJCAcDAgYVCAIJCgsEFgIDAQIeAQIXgAAKCRBCjbg0bKVgCXJiB/wO" + + "6ksdrAy+zVxygFhk6Ju2vpMAOGnLl1nqBVT1mA5XiJu3rSiJmROLF2l21K0M" + + "BICZfz+mjIwN56RZNzZnEmXk/E2+PgADV5VTRRsjqlyoeN/NrLWuTm9FyngJ" + + "f96jVPysN6FzYRUB5Fuys57P+nu0RMoLGkHmQhp4L5hgNJTBy1SRnXukoIgJ" + + "2Ra3EBQ7dBrzuWW1ycwU5acfOoxfcVqgXkiXaxgvujFChZGWT6djbnbbzlMm" + + "sMKr6POKChEPWo1HJXXz1OaPsd75JA8bImgnrHhB3dHhD2wIqzQrtTxvraqz" + + "ZWWR2xYZPltzBSlaAdn8Hf0GGBoMhutb3tJLzbAX0cybzJkBEAABAQAAAAAA" + + "AAAAAAAAAP/Y/+AAEEpGSUYAAQEAAAEAAQAA/9sAQwAKBwcIBwYKCAgICwoK" + + "Cw4YEA4NDQ4dFRYRGCMfJSQiHyIhJis3LyYpNCkhIjBBMTQ5Oz4+PiUuRElD" + + "PEg3PT47/9sAQwEKCwsODQ4cEBAcOygiKDs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7" + + "Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7/8AAEQgAkAB4AwEiAAIR" + + "AQMRAf/EAB8AAAEFAQEBAQEBAAAAAAAAAAABAgMEBQYHCAkKC//EALUQAAIB" + + "AwMCBAMFBQQEAAABfQECAwAEEQUSITFBBhNRYQcicRQygZGhCCNCscEVUtHw" + + "JDNicoIJChYXGBkaJSYnKCkqNDU2Nzg5OkNERUZHSElKU1RVVldYWVpjZGVm" + + "Z2hpanN0dXZ3eHl6g4SFhoeIiYqSk5SVlpeYmZqio6Slpqeoqaqys7S1tre4" + + "ubrCw8TFxsfIycrS09TV1tfY2drh4uPk5ebn6Onq8fLz9PX29/j5+v/EAB8B" + + "AAMBAQEBAQEBAQEAAAAAAAABAgMEBQYHCAkKC//EALURAAIBAgQEAwQHBQQE" + + "AAECdwABAgMRBAUhMQYSQVEHYXETIjKBCBRCkaGxwQkjM1LwFWJy0QoWJDTh" + + "JfEXGBkaJicoKSo1Njc4OTpDREVGR0hJSlNUVVZXWFlaY2RlZmdoaWpzdHV2" + + "d3h5eoKDhIWGh4iJipKTlJWWl5iZmqKjpKWmp6ipqrKztLW2t7i5usLDxMXG" + + "x8jJytLT1NXW19jZ2uLj5OXm5+jp6vLz9PX29/j5+v/aAAwDAQACEQMRAD8A" + + "9moqtf30Gm2cl3cvtijGSa4a++LNlGStlZvKR0ZuBWkKU6nwomU4x3PQqK8g" + + "uPinrEzYhhihX86ns/Ffia/XzElJUHOV4/rW/wBUqJXlZEe2i9j1iivMP+Ex" + + "1q3+/KCw6gip4PiXdREC5tUkHcrwaTwlVbK4e1iekUVzmheNdO1ycWyK8U5G" + + "drf410QOa55RcXaSNE09ULRRRUjCiiigAooooAKKKKAOY+IblfCN1g9cA/rX" + + "h1fQPiXT4dU0o2dwXEcrclCARgE8ZB9K4J/AGkKeJr38ZU/+Ir0MLiIUoNSO" + + "erTlJ3R54v3hXpfg3UdNGmrHPMsToOc9+KrQeBdAd2SS7vkYdPnX/wCIqy3g" + + "fRoThb+9GP8AaQ/+yVdavRqxs2yYU5wdzH164t57+V7XHlZOCOh5rn5n5Ndr" + + "J4U0xBt/tC8x16p/8RTP+EK0uRQ32q9IPfzE/wDiKuGKpRSSYnSm3c5/wjP5" + + "XiKFywUDqScelevR6/pCR4k1S0DDqPOXI/WvPLjwdplpbtPG9zI6so2yspU5" + + "YDoFHrW7pOmRWpEiqVyuPlHH41xYmPgpPmibU4uKszqY9f0aZtseq2bN6eeu" + + "f51fVldQyMGU9CDkGueMCOpxtYe3NYWoabJJOZrWV7V1yFe1cxnH1HX8a57G" + + "lz0CiuFg8U6rpjql2PtkXTMgCv8Agw4/MfjXU6VrthrCH7NKRIoy8LjDr+Hp" + + "7jIosFzRooopDCiiigClqXKRD1c/+gtWPLFitnUfuRH/AG//AGUiqDKGFAzA" + + "mFzG7rGhAJJyB604XtzGGjeAuD3GR2x260t1fTJf3EChAsLKo+XOcorZP/fV" + + "Qm8lPXZ/3yKLCJDPIBsjUjIHUewFWoYWS2jDDBArPN1IQR8o/wCAirdvcERw" + + "u33ZYkdgOgLKCcfnRYBL0f8AEvmz6x/+jUqxbzyCLCKoC92NRaiMWLkHhmj/" + + "AB+dTWlarutdoIXI64oQETXJ25MbA9DsolCEY4zjpVswL5QXgMB1xWZMRDIy" + + "woJn6HnAWmIzb+GZyyIisD0Vl4Nc5I0ulXSO8zQtnMTrkGM/71dVNpufnMkm" + + "7Odwfmqd5CGi8tuQB0b5v51SEzf8M+Kl1QixvdqXoHysOFmA7j0PqPxHoOlr" + + "xm5DROrRkxvGQVZOCpHQivSPCfiEa9px80gXlvhZ1Hf0Yex/mDRKNtQTN6ii" + + "ioKKmoD9zGfSVf1OP61QrUuovOgZM4PBB9CDkH865PxJrVx4d057yS0inAcI" + + "qq5TJJ+hoAqXg/4m9/8A9dU/9FR1CRUGlan/AG7Fcal9n+z+dNjy9+/btRV6" + + "4GemelWiKoRHVuIf6Ha/9e0X/oC1VIrIt/FtxNGsFtoxk+zoITI1zhWKjbn7" + + "vt0zSYzfvJSLAIennIB+p/pWtZy4hXmuQa71fUzGhtre1jR920MXLHGMk+2T" + + "6da1oZb22ULM6FDwGCkHNFhGzNqCbjAmXkPGF7VJFAkEQHBNQWkMUcQIwc85" + + "9fepJJeOtNIVyK4bg1jXjda0LiTg1k3b9atEsxr3qai0LWDoOvQXpYiEny5x" + + "6oep/Dg/hT7s9ayLoZVs1VriPeQcjIorC8F37ah4Vs3kbdLCvkyexXjn3xg/" + + "jRWBqb1ee/FqYLpun24P+snLMPoOK9Crzb4uKQumSfwl2H44qo7iexB4JQHR" + + "wCMj7Q39K2roRRXTkqPLU8iuB8NFl8S6ftdgrSHIycH5T2rvb8b2uap6MS1R" + + "DJcWsq7YUCt65J4rA0FUCHKjh2/9CNYfjDUSkS2lskrlHDTSR/8ALPjocUaH" + + "4msUtVjCM0qLyqkAH8TyKSBnoELoOgFJf3VoITFcTBNy546gevtzXM6Rqd3f" + + "akWadyigsYw3y+gAH410O/PDZHHcU7E3LWnXED2SC2nE0ajG4HJ/GpJJeOtY" + + "lxYpJdxXMcssLxkE+SwXdj14qrf6jrP22SK0t4RFkFZZMYx/n8aANieXg1mX" + + "MnWla5lKRCSMFmB8xoz8qHHvzg1TnlzVIRTuW61l3MyQRSTuNwjXdt9T2FXZ" + + "3zWfcRpPG8Mn3JBtJ9PQ/nVCO7+Dl49z4f1BJG3Mt6XJ/wB5V/woqD4LwvDp" + + "urK45W5VT9QtFYPc1Wx6VXDfFi0M3hmG6A5trhSfoRj/AAruaz9d01dY0O80" + + "9v8AlvEVX2bt+uKFowZ4z4Zbd4h04/8ATRv/AEBq7+T53ufrXnXhffF4ls4J" + + "QVkildWB7EKwNehwnfLcD/aFXLcUThGs5bDUpYrgFWZ2dGHR1J6ip57C0voR" + + "HcQq6htwI+Ug4xkEVo+MJ0jksrYA+ZuMhPouMfzP6VnQyEqKqOqJejMmfSr/" + + "AE8NNbzC6hjG7aQVlA/kcVueFtR+12Mrpceagk4Abdt4/rUiMeOeaqS6UhuV" + + "ubSaWymxtdrbC+YvoR6+9FhHRPcCNGaRgiqNzFjgAVmya/pYkZftSnH8QQlT" + + "9D3rmdbefT4o7KO6ne3ky+yV9xBB9euO+Kw2mfruNAj0OW8t/K837TB5eM7/" + + "ADBjFVp3IAOQQwyCDkEexrz95W9vrirula1LYyiOQu9s2Q0YPT3GehpgdJK2" + + "apzt8hottQgv1k8pZEeMZIYg5GcZyKjuFkkKQxKXklYKijqSeAKdwPUvhdbe" + + "X4ZmutpH2y7eUZ9AAv8ANTRXSaJpqaPotnpyYP2eIKxHdv4j+JyaKwe5qi/R" + + "RRSGeaeJ/Dx03x7Yavbr/o967eZj+GQI38xz+dXdPffczD1cVu+Lzi0tT6Tj" + + "/wBBNc3oz7r5x6uKroIwPFt5BeazFbQKGa1BWSQdycfL+GP1qCCPgU3+yprC" + + "/ltrpcSqxOezAnhge9aMNv04rRaIh7jEiNSSFLeF55c7I1LNjrgVcjt/alu9" + + "O+12U1uSUEqFNyjlcjrRcVjzzVL6bU5xJIioqjCIo4Uf1NUDEfStiXTLizuH" + + "tboL5qc7l6OvZhTTZ+1K4WMZoSe1NFuSelbP2M9xT47As2FXJp3FYqaUptJ2" + + "fZu3IVwSR1r0L4f6FHqmsf2w8bC3sjhA2CGlx29duc/UisHQ/DlzreoiwtPl" + + "24NxPjKwL/Vj2H9K9m07T7bStPhsbOPy4IV2qO/uT6knkmoky4otUUUVBYUU" + + "UUAc54yP+hWv/XwB+hrntOTyNbSP+84rs9Z04ajaqu7a8bh0OMjI9a5O6gvo" + + "b3zjZAuDwyOMfryKaegEHjZTYva6qV8yFf3MqKMsueQw9uDmq+nPZahGJLSd" + + "Hz2zyKsXEOpagyC4IWOM5WNOmfUnuaxtT8NOJPtFoGt5uu6PjP4U0xNHSx2b" + + "jtmrC2p/u1xEOr+J9MO1sXCj++OavxeO9Tj4m0vJ9jTuI09c8NrqUavGfKuI" + + "/wDVyhc49iO4rnToV/A/lXCI5xkPGCFI/HvWhL491BhiLSufc1l6hrXiTVZQ" + + "IALaPGOFyfc0gHzadBZxGW9nSFBydxp+nafPrEii0RrOyP3rmRfncf7Cn+Z/" + + "Wo9K8NXEl0Lm+L3EgOQZTux9K7W0s5BgYNFwsbOg2tlpVilnYxCOMHJ7s7Hq" + + "xPc1sqcjNZNnbsuM1qoMLUlD6KKKACiiigBCM1E9tG55UVNRQBWNlF2UVC+m" + + "xP8Aw1fooAx5NDgfqg/KoG8N2p/5ZL+Vb9FAHPjw1ag/6pfyqZNBt06IPyra" + + "ooAzU0qJOiirCWcadBVqigBixhegp1LRQAUUUUAf/9mJATgEEwECACIFAlOk" + + "xL4CGwMGCwkIBwMCBhUIAgkKCwQWAgMBAh4BAheAAAoJEEKNuDRspWAJhi8I" + + "AKhIemGlaKtuZxBA4bQcJOy/ZdGJriJuu3OQl2m6CAwxaGMncpxHFVTT6GqI" + + "Vu4/b4SSwYP1pI24MqAkdEudjFSi15ByogPFpUoDJC44zrO64b/mv3L5iq1C" + + "PY+VvgLMAdvA3Tsoj/rNYlD0fieBa9EF8BtoAkaA4X6pihNPGsVe0AxlJhQw" + + "eMgLXwTjllJm1iWa/fEQvv5Uk01gzayH1TIwkNAJ0E8s6Ontu2szUHjFGRNA" + + "llR5OJzt/loo9p53zWddFfxlCfn2w+smHyB4i+FfpQfFSMLnwew7wncHs6XE" + + "PevLPcW66T3w2/oMd0fC7GwhnCiebDYjl8ymF+4b0N65AQ0EU6S6gwEIAOAC" + + "NRzXH0dc5wwkucFdTMs1nxr16y+Kk3zF3R21OkHLHazXVC7ZP2HurTFGd5VP" + + "Yd+vv0CrYHCjjMu0lIeMfTlpJswvJRBxVw8vIVLpOSqxtJS+zysE8/LpKw6i" + + "ti51ydalhm6VYGPm+OAoAAO1pLriwR132caoye5vqxGKEUCmkaNLl8LCljyH" + + "kMgL5nQr+7cerTcGd2MaC8Y5vQuZBpVVBZcVt004iP3bCJu2l2RKskIoSysC" + + "68bqV4XLMnoVeM97VPdwdb0Y7tGXCW8YodN8ni43YOaQxfr7fHx8nyzQ5S8w" + + "a701GKWcQqCb0DR1ngCRAgWLzj8HDlZoofPL8d0AEQEAAYkBHwQYAQIACQUC" + + "U6S6gwIbDAAKCRBCjbg0bKVgCWPSB/wN9Z5ayWiox5xxouAQv4W2JZGPiqk8" + + "nFF5fzSgQxV4Xo63IaC1bD8411pgRlj1aWtt8pvWjEW9WWxvyPnkz0xldErb" + + "NRZ9482TknY0dsrbmg6jwLOlNvLhLVhWUWt+DkH20daVCADV/0p2/2OPodn+" + + "MYnueL5ljoJxzTO84WMz1u7qumMdX4EcLAFblelmPsGiNsnGabc148+TgYZI" + + "1fBucn5Xrk4fxVCuqa8QjOa37aHHT5Li/xGIDCbtCqPPIi7M7O1yq8gXLWP9" + + "TV7nsu99t4EiZT4zov9rCS+tgvBiFrRqsHL37PGrS27s+gMw3GR7F6BiDiqa" + + "0GvLdt0Lx24c" + ); + + private static readonly byte[] attrLongLength = Base64.Decode( + "mQENBEGz0vIBCADLb2Sb5QbOhRIzfOg3u9F338gK1XZWJG8JwXP8DSGbQEof" + + "0+YoT/7bA+3h1ljh3LG0m8JUEdolrxLz/8Mguu2TA2UQiMwRaRChSVvBgkCR" + + "Ykr97+kClNgmi+PLuUN1z4tspqdE761nRVvUl2x4XvLTJ21hU5eXGGsC+qFP" + + "4Efe8B5kH+FexAfnFPPzou3GjbDbYv4CYi0pyhTxmauxyJyQrQ/MQUt0RFRk" + + "L8qCzWCR2BmH3jM3M0Wt0oKn8C8+fWItUh5U9fzv/K9GeO/SV8+zdL4MrdqD" + + "stgqXNs27H+WeIgbXlUGIs0mONE6TtKZ5PXG5zFM1bz1vDdAYbY4eUWDABEB" + + "AAGJAhwEHwEIAAYFAlLd55oACgkQ5ppjUk3RnxANSBAAqzYF/9hu7x7wtmi7" + + "ScmIal6bXP14ZJaRVibMnAPEPIHAULPVa8x9QX/fGW8px5tK9YU41wigLXe6" + + "3eC5MOLc+wkouELsBeeA3zap51/5HhsuHq5AYtL2tigce9epYUVNV9LaZd2U" + + "vQOQ6RqyTMhSADN9mD0kR+Nu1+ns7Ur7qAq6UI39hFIGKPoZQ61pTrVsi8N7" + + "GxHoNwa1FAxm0Dm4XvyiJHPOYs0K4OnNWLKLCcSVOx453Zj3JnllRrCFLpIt" + + "H27jAxcbGStxWpJvlVMSylcP/x0ATjGfp+kSv2TpU2wK0W5iUtrn30W+WZp4" + + "+BIXL0NSi4XPksoUoM9dOTsOCPh/ntiWJBlzIdhQuxgcwymoYnaAG0ermI+R" + + "djB0gCj0AfMDZEOW+thFKg1kEkYrUnAISNDt+VZNUtk26tJ7PDitC9EY6IA6" + + "vbKeh47LmqpyK3gqQiIA/XuWhdUOr1Wv3H8qxumFjxQQh9sr72IbWFJ+tSNl" + + "UtrohK7N6CoJQidkj2qFsuGLcFKypAdS7Y0s0t9uOYJLwj1c+2KG0mrA2PvW" + + "1vng9mMN6AHIx9oRSwQc1+OV29ws2hfNB3JQnpdzBYAy8C5haUWG7E7WFg+j" + + "pNpeREVX0S+1ibmWDVs+trSQI8hd58j91Kc2YvwE13YigC9nlU2R853Gsox4" + + "oazn75iJAhwEHwEIAAYFAlMkBMIACgkQcssEwQwvQ5L2yxAAmND9w3OZsJpF" + + "tTAJFpfg8Bacy0Xs/+LipA1hB8vG+mvaiedcqc5KTpuFQ4bffH1swMRjXAM7" + + "ZP/u/6qX2LL9kjxCtwDUjDT8YcphTnRxSu5Jv3w4Rf0zWIRWHhnbswiBuGwE" + + "zQN8V20AYxfZ+ffkR0wymm/y8qLQ1oNynweijXHSlaG/sVmvDxkuc77n4hLi" + + "4UVQiSAP7dRIkcOh6QCBW4TxoZkDfxIhASFQWl1paCagO1rwyo7YY42O4c16" + + "+UZBMZtWTvRO2rThz1g9SxAyx8FZ7SxMv140C7VGQmdag97dA1WgBOCuLzLi" + + "cYT+o/bL9vpFXSI7LVflQEqauzL4fs2X8ggckoI4lkjcDe8DhiDmCoju5Lat" + + "Q/7DqV8T6z/Gv0sK2hqKr4ULC3By4N11WDCg6wXa72tMQoFBT1vOC+UzLHOj" + + "vgWBJKE7q3E7kFfq22D0ZX0BPTYy2mcrghMzvvOe74Dx495zlUJhtBfr8MC2" + + "uPnjsv6PjCYAaomQcvvI0o/5k8JIFi1P0pwLM5VjfujdAuCpAwQuy9AeGlz2" + + "TEuZZlWBZuyBqZ7JyHx5xz1aVXbY7kofqO+njyyZ+MakZRLYpBI+B/8KomQP" + + "pqWVARw4uPAXVTd1fjW2CTQtt7Ia6BRWMSblxTv3VWosTSgPnCXmzYEpGvCL" + + "bIauL8UEhzS0JVBHUCBHbG9iYWwgRGlyZWN0b3J5IFZlcmlmaWNhdGlvbiBL" + + "ZXmJAV4EEAECAEAFAkJRtHAHCwkIBwMCCgIZARkYbGRhcDovL2tleXNlcnZl" + + "ci5wZ3AuY29tBRsDAAAAAxYCAQUeAQAAAAQVCAIKABIJEJcQuJvKV618B2VH" + + "UEcAAQH35ggAnVHdAh2KqrvwSnPos73YdlVbeF9Lcbxs4oYPDCk6AHiDpjr2" + + "nxu48i1BiLea7aTEEwwAkcIa/3lCLP02NjGXq5gRnWpW/d0xtsaDDj8yYWus" + + "WGhEJsUlrq5Cz2KjwxNQHXRhHXEDR8vq9uzw5EjCB0u69vlwNmo8+fa17YMN" + + "VdXaXsmXJlJciVHazdvGoscTzZOuKDHdaJmY8nJcCydk4qsFOiGOcFm5UOKP" + + "nzdBh31NKglqw/xh+1nTA2z5orsY4jVFIB6sWqutIcVQYt/J78diAKFemkEO" + + "Qe0kU5JZrY34E8pp4BmS6mfPyr8NtHFfMOAE4m8acFeaZK1X6+uW57QpRE5S" + + "IEtTMSA8ZG8tbm90LXJlcGx5QGtleXNlcnZlcjEucGdwLmNvbT6JAVMEEAEC" + + "AD0FAkmgVoIHCwkIBwMCChkYbGRhcDovL2tleXNlcnZlci5wZ3AuY29tBRsD" + + "AAAAAxYCAQUeAQAAAAQVCAIKAAoJEJcQuJvKV618t6wH/1RFTp9Z7QUZFR5h" + + "r8eHFWhPoeTCMXF3Vikgw2mZsjN43ZyzpxrIdUwwHROQXn1BzAvOS0rGNiDs" + + "fOOmQFulz+Oc14xxGox2TZbdnDnXEb8ReZnimQCWYERfpRtY6GSY7uWzNjG2" + + "dLB1y3XfsOBG+QqTULSJSZqRYD+2IpwPlAdl6qncqRvFzGcPXPIp0RS6nvoP" + + "Jfe0u2sETDRAUDwivr7ZU/xCA12txELhcsvMQP0fy0CRNgN+pQ2b6iBL2x1l" + + "jHgSG1r3g3gQjHEk3UCTEKHq9+mFhd/Gi0RXz6i1AmrvW4pKhbtN76WrXeF+" + + "FXTsB09f1xKnWi4c303Ms1tIJQC0KUROUi1LUzIgPGRvLW5vdC1yZXBseUBr" + + "ZXlzZXJ2ZXIyLnBncC5jb20+iQFTBBABAgA9BQJJoFabBwsJCAcDAgoZGGxk" + + "YXA6Ly9rZXlzZXJ2ZXIucGdwLmNvbQUbAwAAAAMWAgEFHgEAAAAEFQgCCgAK" + + "CRCXELibyletfBwzB/41/OkBDVLgEYnGJ78rKHLtgMdRfrL8gmZn9KhMi44H" + + "nlFl1NAgi1yuWA2wC8DziVKIiu8YCaCVP0FFXuBK1BF8uZDRp8lZuT3Isf0/" + + "4DX4yuvZwY5nmtDu3qXrjZ7bZi1W2A8c9Hgc+5A30R9PtiYy5Lz2m8xZl4P6" + + "wDrYCQA2RLfzGC887bIPBK/tvXTRUFZfj2X1o/q4pr8z4NJTaFUl/XrseGcJ" + + "R2PP3S2/fU5LErqLJhlj690xofRkf9oYrUiyyb1/UbWmNJsOHSHyy8FEc9lv" + + "lSJIa39niSQKK6I0Mh1LheXNL7aG152KkXiH0mi6bH4EOzaTR7dfLey3o9Ph" + + "0cye/wAADVkBEAABAQAAAAAAAAAAAAAAAP/Y/+AAEEpGSUYAAQEAAAEAAQAA" + + "/9sAQwAKBwcIBwYKCAgICwoKCw4YEA4NDQ4dFRYRGCMfJSQiHyIhJis3LyYp" + + "NCkhIjBBMTQ5Oz4+PiUuRElDPEg3PT47/9sAQwEKCwsODQ4cEBAcOygiKDs7" + + "Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7" + + "Ozs7/8AAEQgAkAB4AwEiAAIRAQMRAf/EAB8AAAEFAQEBAQEBAAAAAAAAAAAB" + + "AgMEBQYHCAkKC//EALUQAAIBAwMCBAMFBQQEAAABfQECAwAEEQUSITFBBhNR" + + "YQcicRQygZGhCCNCscEVUtHwJDNicoIJChYXGBkaJSYnKCkqNDU2Nzg5OkNE" + + "RUZHSElKU1RVVldYWVpjZGVmZ2hpanN0dXZ3eHl6g4SFhoeIiYqSk5SVlpeY" + + "mZqio6Slpqeoqaqys7S1tre4ubrCw8TFxsfIycrS09TV1tfY2drh4uPk5ebn" + + "6Onq8fLz9PX29/j5+v/EAB8BAAMBAQEBAQEBAQEAAAAAAAABAgMEBQYHCAkK" + + "C//EALURAAIBAgQEAwQHBQQEAAECdwABAgMRBAUhMQYSQVEHYXETIjKBCBRC" + + "kaGxwQkjM1LwFWJy0QoWJDThJfEXGBkaJicoKSo1Njc4OTpDREVGR0hJSlNU" + + "VVZXWFlaY2RlZmdoaWpzdHV2d3h5eoKDhIWGh4iJipKTlJWWl5iZmqKjpKWm" + + "p6ipqrKztLW2t7i5usLDxMXGx8jJytLT1NXW19jZ2uLj5OXm5+jp6vLz9PX2" + + "9/j5+v/aAAwDAQACEQMRAD8A9moqtf30Gm2cl3cvtijGSa4a++LNlGStlZvK" + + "R0ZuBWkKU6nwomU4x3PQqK8guPinrEzYhhihX86ns/Ffia/XzElJUHOV4/rW" + + "/wBUqJXlZEe2i9j1iivMP+Ex1q3+/KCw6gip4PiXdREC5tUkHcrwaTwlVbK4" + + "e1iekUVzmheNdO1ycWyK8U5Gdrf410QOa55RcXaSNE09ULRRRUjCiiigAooo" + + "oAKKKKAOY+IblfCN1g9cA/rXh1fQPiXT4dU0o2dwXEcrclCARgE8ZB9K4J/A" + + "GkKeJr38ZU/+Ir0MLiIUoNSOerTlJ3R54v3hXpfg3UdNGmrHPMsToOc9+KrQ" + + "eBdAd2SS7vkYdPnX/wCIqy3gfRoThb+9GP8AaQ/+yVdavRqxs2yYU5wdzH16" + + "4t57+V7XHlZOCOh5rn5n5NdrJ4U0xBt/tC8x16p/8RTP+EK0uRQ32q9IPfzE" + + "/wDiKuGKpRSSYnSm3c5/wjP5XiKFywUDqScelevR6/pCR4k1S0DDqPOXI/Wv" + + "PLjwdplpbtPG9zI6so2yspU5YDoFHrW7pOmRWpEiqVyuPlHH41xYmPgpPmib" + + "U4uKszqY9f0aZtseq2bN6eeuf51fVldQyMGU9CDkGueMCOpxtYe3NYWoabJJ" + + "OZrWV7V1yFe1cxnH1HX8a57Glz0CiuFg8U6rpjql2PtkXTMgCv8Agw4/MfjX" + + "U6VrthrCH7NKRIoy8LjDr+Hp7jIosFzRooopDCiiigClqXKRD1c/+gtWPLFi" + + "tnUfuRH/AG//AGUiqDKGFAzAmFzG7rGhAJJyB604XtzGGjeAuD3GR2x260t1" + + "fTJf3EChAsLKo+XOcorZP/fVQm8lPXZ/3yKLCJDPIBsjUjIHUewFWoYWS2jD" + + "DBArPN1IQR8o/wCAirdvcERwu33ZYkdgOgLKCcfnRYBL0f8AEvmz6x/+jUqx" + + "bzyCLCKoC92NRaiMWLkHhmj/AB+dTWlarutdoIXI64oQETXJ25MbA9DsolCE" + + "Y4zjpVswL5QXgMB1xWZMRDIywoJn6HnAWmIzb+GZyyIisD0Vl4Nc5I0ulXSO" + + "8zQtnMTrkGM/71dVNpufnMkm7Odwfmqd5CGi8tuQB0b5v51SEzf8M+Kl1Qix" + + "vdqXoHysOFmA7j0PqPxHoOlrxm5DROrRkxvGQVZOCpHQivSPCfiEa9px80gX" + + "lvhZ1Hf0Yex/mDRKNtQTN6iiioKKmoD9zGfSVf1OP61QrUuovOgZM4PBB9CD" + + "kH865PxJrVx4d057yS0inAcIqq5TJJ+hoAqXg/4m9/8A9dU/9FR1CRUGlan/" + + "AG7Fcal9n+z+dNjy9+/btRV64GemelWiKoRHVuIf6Ha/9e0X/oC1VIrIt/Ft" + + "xNGsFtoxk+zoITI1zhWKjbn7vt0zSYzfvJSLAIennIB+p/pWtZy4hXmuQa71" + + "fUzGhtre1jR920MXLHGMk+2T6da1oZb22ULM6FDwGCkHNFhGzNqCbjAmXkPG" + + "F7VJFAkEQHBNQWkMUcQIwc859fepJJeOtNIVyK4bg1jXjda0LiTg1k3b9atE" + + "sxr3qai0LWDoOvQXpYiEny5x6oep/Dg/hT7s9ayLoZVs1VriPeQcjIorC8F3" + + "7ah4Vs3kbdLCvkyexXjn3xg/jRWBqb1ee/FqYLpun24P+snLMPoOK9Crzb4u" + + "KQumSfwl2H44qo7iexB4JQHRwCMj7Q39K2roRRXTkqPLU8iuB8NFl8S6ftdg" + + "rSHIycH5T2rvb8b2uap6MS1RDJcWsq7YUCt65J4rA0FUCHKjh2/9CNYfjDUS" + + "kS2lskrlHDTSR/8ALPjocUaH4msUtVjCM0qLyqkAH8TyKSBnoELoOgFJf3Vo" + + "ITFcTBNy546gevtzXM6Rqd3fakWadyigsYw3y+gAH410O/PDZHHcU7E3LWnX" + + "ED2SC2nE0ajG4HJ/GpJJeOtYlxYpJdxXMcssLxkE+SwXdj14qrf6jrP22SK0" + + "t4RFkFZZMYx/n8aANieXg1mXMnWla5lKRCSMFmB8xoz8qHHvzg1TnlzVIRTu" + + "W61l3MyQRSTuNwjXdt9T2FXZ3zWfcRpPG8Mn3JBtJ9PQ/nVCO7+Dl49z4f1B" + + "JG3Mt6XJ/wB5V/woqD4LwvDpurK45W5VT9QtFYPc1Wx6VXDfFi0M3hmG6A5t" + + "rhSfoRj/AAruaz9d01dY0O809v8AlvEVX2bt+uKFowZ4z4Zbd4h04/8ATRv/" + + "AEBq7+T53ufrXnXhffF4ls4JQVkildWB7EKwNehwnfLcD/aFXLcUThGs5bDU" + + "pYrgFWZ2dGHR1J6ip57C0voRHcQq6htwI+Ug4xkEVo+MJ0jksrYA+ZuMhPou" + + "MfzP6VnQyEqKqOqJejMmfSr/AE8NNbzC6hjG7aQVlA/kcVueFtR+12Mrpcea" + + "gk4Abdt4/rUiMeOeaqS6UhuVubSaWymxtdrbC+YvoR6+9FhHRPcCNGaRgiqN" + + "zFjgAVmya/pYkZftSnH8QQlT9D3rmdbefT4o7KO6ne3ky+yV9xBB9euO+Kw2" + + "mfruNAj0OW8t/K837TB5eM7/ADBjFVp3IAOQQwyCDkEexrz95W9vrirula1L" + + "YyiOQu9s2Q0YPT3GehpgdJK2apzt8hottQgv1k8pZEeMZIYg5GcZyKjuFkkK" + + "QxKXklYKijqSeAKdwPUvhdbeX4ZmutpH2y7eUZ9AAv8ANTRXSaJpqaPotnpy" + + "YP2eIKxHdv4j+JyaKwe5qi/RRRSGeaeJ/Dx03x7Yavbr/o967eZj+GQI38xz" + + "+dXdPffczD1cVu+Lzi0tT6Tj/wBBNc3oz7r5x6uKroIwPFt5BeazFbQKGa1B" + + "WSQdycfL+GP1qCCPgU3+yprC/ltrpcSqxOezAnhge9aMNv04rRaIh7jEiNSS" + + "FLeF55c7I1LNjrgVcjt/alu9O+12U1uSUEqFNyjlcjrRcVjzzVL6bU5xJIio" + + "qjCIo4Uf1NUDEfStiXTLizuHtboL5qc7l6OvZhTTZ+1K4WMZoSe1NFuSelbP" + + "2M9xT47As2FXJp3FYqaUptJ2fZu3IVwSR1r0L4f6FHqmsf2w8bC3sjhA2CGl" + + "x29duc/UisHQ/DlzreoiwtPl24NxPjKwL/Vj2H9K9m07T7bStPhsbOPy4IV2" + + "qO/uT6knkmoky4otUUUVBYUUUUAc54yP+hWv/XwB+hrntOTyNbSP+84rs9Z0" + + "4ajaqu7a8bh0OMjI9a5O6gvob3zjZAuDwyOMfryKaegEHjZTYva6qV8yFf3M" + + "qKMsueQw9uDmq+nPZahGJLSdHz2zyKsXEOpagyC4IWOM5WNOmfUnuaxtT8NO" + + "JPtFoGt5uu6PjP4U0xNHSx2bjtmrC2p/u1xEOr+J9MO1sXCj++OavxeO9Tj4" + + "m0vJ9jTuI09c8NrqUavGfKuI/wDVyhc49iO4rnToV/A/lXCI5xkPGCFI/HvW" + + "hL491BhiLSufc1l6hrXiTVZQIALaPGOFyfc0gHzadBZxGW9nSFBydxp+nafP" + + "rEii0RrOyP3rmRfncf7Cn+Z/Wo9K8NXEl0Lm+L3EgOQZTux9K7W0s5BgYNFw" + + "sbOg2tlpVilnYxCOMHJ7s7HqxPc1sqcjNZNnbsuM1qoMLUlD6KKKACiiigBC" + + "M1E9tG55UVNRQBWNlF2UVC+mxP8Aw1fooAx5NDgfqg/KoG8N2p/5ZL+Vb9FA" + + "HPjw1ag/6pfyqZNBt06IPyraooAzU0qJOiirCWcadBVqigBixhegp1LRQAUU" + + "UUAf/9mJAVYEEAECADgFAkJRtHAHCwkIBwMCChkYbGRhcDovL2tleXNlcnZl" + + "ci5wZ3AuY29tBRsDAAAAAxYCAQUeAQAAAAASCRCXELibyletfAdlR1BHAAEB" + + "SBIH/j+RGcMuHmVoZq4+XbmCunnbft4T0Ta4o6mxNkc6wk5P9PpcE9ixztjV" + + "ysMmv2i4Y746dCY9B1tfhQW10S39HzrYHh3I4a2wb9zQniZCf1XnbCe1eRss" + + "NhTpLVXXnXKEsc9EwD5MtiPICluZIXB08Zx2uJSZ+/i9TqSM5EUuJk+lXqgX" + + "GUiTaSXN63I/4BnbFzCw8SaST7d7nok45UC9I/+gcKVO+oYETgrsU7AL6uk1" + + "6YD9JpfYZHEFmpYoS+qQ3tLfPCG3gaS/djBZWWkNt5z7e6sbRko49XEj3EUh" + + "33HgjrOlL8uJNbhlZ5NeILcxHqGTHji+5wMEDBjfNT/C6m0="); + + private void DoTestRemoveSignature() + { + byte[] testPubKeyRing = + Base64.Decode( + "mQGiBEAR8jYRBADNifuSopd20JOQ5x30ljIaY0M6927+vo09NeNxS3KqItba" + + "nz9o5e2aqdT0W1xgdHYZmdElOHTTsugZxdXTEhghyxoo3KhVcNnTABQyrrvX" + + "qouvmP2fEDEw0Vpyk+90BpyY9YlgeX/dEA8OfooRLCJde/iDTl7r9FT+mts8" + + "g3azjwCgx+pOLD9LPBF5E4FhUOdXISJ0f4EEAKXSOi9nZzajpdhe8W2ZL9gc" + + "BpzZi6AcrRZBHOEMqd69gtUxA4eD8xycUQ42yH89imEcwLz8XdJ98uHUxGJi" + + "qp6hq4oakmw8GQfiL7yQIFgaM0dOAI9Afe3m84cEYZsoAFYpB4/s9pVMpPRH" + + "NsVspU0qd3NHnSZ0QXs8L8DXGO1uBACjDUj+8GsfDCIP2QF3JC+nPUNa0Y5t" + + "wKPKl+T8hX/0FBD7fnNeC6c9j5Ir/Fp/QtdaDAOoBKiyNLh1JaB1NY6US5zc" + + "qFks2seZPjXEiE6OIDXYra494mjNKGUobA4hqT2peKWXt/uBcuL1mjKOy8Qf" + + "JxgEd0MOcGJO+1PFFZWGzLQ3RXJpYyBILiBFY2hpZG5hICh0ZXN0IGtleSBv" + + "bmx5KSA8ZXJpY0Bib3VuY3ljYXN0bGUub3JnPohZBBMRAgAZBQJAEfI2BAsH" + + "AwIDFQIDAxYCAQIeAQIXgAAKCRAOtk6iUOgnkDdnAKC/CfLWikSBdbngY6OK" + + "5UN3+o7q1ACcDRqjT3yjBU3WmRUNlxBg3tSuljmwAgAAuQENBEAR8jgQBAC2" + + "kr57iuOaV7Ga1xcU14MNbKcA0PVembRCjcVjei/3yVfT/fuCVtGHOmYLEBqH" + + "bn5aaJ0P/6vMbLCHKuN61NZlts+LEctfwoya43RtcubqMc7eKw4k0JnnoYgB" + + "ocLXOtloCb7jfubOsnfORvrUkK0+Ne6anRhFBYfaBmGU75cQgwADBQP/XxR2" + + "qGHiwn+0YiMioRDRiIAxp6UiC/JQIri2AKSqAi0zeAMdrRsBN7kyzYVVpWwN" + + "5u13gPdQ2HnJ7d4wLWAuizUdKIQxBG8VoCxkbipnwh2RR4xCXFDhJrJFQUm+" + + "4nKx9JvAmZTBIlI5Wsi5qxst/9p5MgP3flXsNi1tRbTmRhqIRgQYEQIABgUC" + + "QBHyOAAKCRAOtk6iUOgnkBStAJoCZBVM61B1LG2xip294MZecMtCwQCbBbsk" + + "JVCXP0/Szm05GB+WN+MOCT2wAgAA"); + + PgpObjectFactory pgpFact = new PgpObjectFactory(testPubKeyRing); + + PgpPublicKeyRing pgpPub = (PgpPublicKeyRing)pgpFact.NextPgpObject(); + + foreach (PgpSignature sig in pgpPub.GetPublicKey().GetSignatures()) + { + if (sig.SignatureType == PgpSignature.PositiveCertification) + { + PgpPublicKey.RemoveCertification(pgpPub.GetPublicKey(), sig); + } + } + } + + public override void PerformTest() + { + DoTestRemoveSignature(); + + // + // RSA tests + // + PgpSecretKeyRing pgpPriv = new PgpSecretKeyRing(rsaKeyRing); + PgpSecretKey secretKey = pgpPriv.GetSecretKey(); + PgpPrivateKey pgpPrivKey = secretKey.ExtractPrivateKey(rsaPass); + + try + { + doTestSig(PublicKeyAlgorithmTag.Dsa, HashAlgorithmTag.Sha1, secretKey.PublicKey, pgpPrivKey); + + Fail("RSA wrong key test failed."); + } + catch (PgpException) + { + // expected + } + + try + { + doTestSigV3(PublicKeyAlgorithmTag.Dsa, HashAlgorithmTag.Sha1, secretKey.PublicKey, pgpPrivKey); + + Fail("RSA V3 wrong key test failed."); + } + catch (PgpException) + { + // expected + } + + // + // certifications + // + PgpSignatureGenerator sGen = new PgpSignatureGenerator(PublicKeyAlgorithmTag.RsaGeneral, HashAlgorithmTag.Sha1); + + sGen.InitSign(PgpSignature.KeyRevocation, pgpPrivKey); + + PgpSignature sig = sGen.GenerateCertification(secretKey.PublicKey); + + sig.InitVerify(secretKey.PublicKey); + + if (!sig.VerifyCertification(secretKey.PublicKey)) + { + Fail("revocation verification failed."); + } + + PgpSecretKeyRing pgpDSAPriv = new PgpSecretKeyRing(dsaKeyRing); + PgpSecretKey secretDSAKey = pgpDSAPriv.GetSecretKey(); + PgpPrivateKey pgpPrivDSAKey = secretDSAKey.ExtractPrivateKey(dsaPass); + + sGen = new PgpSignatureGenerator(PublicKeyAlgorithmTag.Dsa, HashAlgorithmTag.Sha1); + + sGen.InitSign(PgpSignature.SubkeyBinding, pgpPrivDSAKey); + + PgpSignatureSubpacketGenerator unhashedGen = new PgpSignatureSubpacketGenerator(); + PgpSignatureSubpacketGenerator hashedGen = new PgpSignatureSubpacketGenerator(); + + hashedGen.SetSignatureExpirationTime(false, TEST_EXPIRATION_TIME); + hashedGen.SetSignerUserId(true, TEST_USER_ID); + hashedGen.SetPreferredCompressionAlgorithms(false, PREFERRED_COMPRESSION_ALGORITHMS); + hashedGen.SetPreferredHashAlgorithms(false, PREFERRED_HASH_ALGORITHMS); + hashedGen.SetPreferredSymmetricAlgorithms(false, PREFERRED_SYMMETRIC_ALGORITHMS); + + sGen.SetHashedSubpackets(hashedGen.Generate()); + sGen.SetUnhashedSubpackets(unhashedGen.Generate()); + + sig = sGen.GenerateCertification(secretDSAKey.PublicKey, secretKey.PublicKey); + + byte[] sigBytes = sig.GetEncoded(); + + PgpObjectFactory f = new PgpObjectFactory(sigBytes); + + sig = ((PgpSignatureList) f.NextPgpObject())[0]; + + sig.InitVerify(secretDSAKey.PublicKey); + + if (!sig.VerifyCertification(secretDSAKey.PublicKey, secretKey.PublicKey)) + { + Fail("subkey binding verification failed."); + } + + PgpSignatureSubpacketVector hashedPcks = sig.GetHashedSubPackets(); + PgpSignatureSubpacketVector unhashedPcks = sig.GetUnhashedSubPackets(); + + if (hashedPcks.Count != 6) + { + Fail("wrong number of hashed packets found."); + } + + if (unhashedPcks.Count != 1) + { + Fail("wrong number of unhashed packets found."); + } + + if (!hashedPcks.GetSignerUserId().Equals(TEST_USER_ID)) + { + Fail("test userid not matching"); + } + + if (hashedPcks.GetSignatureExpirationTime() != TEST_EXPIRATION_TIME) + { + Fail("test signature expiration time not matching"); + } + + if (unhashedPcks.GetIssuerKeyId() != secretDSAKey.KeyId) + { + Fail("wrong issuer key ID found in certification"); + } + + int[] prefAlgs = hashedPcks.GetPreferredCompressionAlgorithms(); + preferredAlgorithmCheck("compression", PREFERRED_COMPRESSION_ALGORITHMS, prefAlgs); + + prefAlgs = hashedPcks.GetPreferredHashAlgorithms(); + preferredAlgorithmCheck("hash", PREFERRED_HASH_ALGORITHMS, prefAlgs); + + prefAlgs = hashedPcks.GetPreferredSymmetricAlgorithms(); + preferredAlgorithmCheck("symmetric", PREFERRED_SYMMETRIC_ALGORITHMS, prefAlgs); + + SignatureSubpacketTag[] criticalHashed = hashedPcks.GetCriticalTags(); + + if (criticalHashed.Length != 1) + { + Fail("wrong number of critical packets found."); + } + + if (criticalHashed[0] != SignatureSubpacketTag.SignerUserId) + { + Fail("wrong critical packet found in tag list."); + } + + // + // no packets passed + // + sGen = new PgpSignatureGenerator(PublicKeyAlgorithmTag.Dsa, HashAlgorithmTag.Sha1); + + sGen.InitSign(PgpSignature.SubkeyBinding, pgpPrivDSAKey); + + sGen.SetHashedSubpackets(null); + sGen.SetUnhashedSubpackets(null); + + sig = sGen.GenerateCertification(TEST_USER_ID, secretKey.PublicKey); + + sig.InitVerify(secretDSAKey.PublicKey); + + if (!sig.VerifyCertification(TEST_USER_ID, secretKey.PublicKey)) + { + Fail("subkey binding verification failed."); + } + + hashedPcks = sig.GetHashedSubPackets(); + + if (hashedPcks.Count != 1) + { + Fail("found wrong number of hashed packets"); + } + + unhashedPcks = sig.GetUnhashedSubPackets(); + + if (unhashedPcks.Count != 1) + { + Fail("found wrong number of unhashed packets"); + } + + try + { + sig.VerifyCertification(secretKey.PublicKey); + + Fail("failed to detect non-key signature."); + } + catch (InvalidOperationException) + { + // expected + } + + // + // override hash packets + // + sGen = new PgpSignatureGenerator(PublicKeyAlgorithmTag.Dsa, HashAlgorithmTag.Sha1); + + sGen.InitSign(PgpSignature.SubkeyBinding, pgpPrivDSAKey); + + hashedGen = new PgpSignatureSubpacketGenerator(); + + DateTime creationTime = new DateTime(1973, 7, 27); + hashedGen.SetSignatureCreationTime(false, creationTime); + + sGen.SetHashedSubpackets(hashedGen.Generate()); + + sGen.SetUnhashedSubpackets(null); + + sig = sGen.GenerateCertification(TEST_USER_ID, secretKey.PublicKey); + + sig.InitVerify(secretDSAKey.PublicKey); + + if (!sig.VerifyCertification(TEST_USER_ID, secretKey.PublicKey)) + { + Fail("subkey binding verification failed."); + } + + hashedPcks = sig.GetHashedSubPackets(); + + if (hashedPcks.Count != 1) + { + Fail("found wrong number of hashed packets in override test"); + } + + if (!hashedPcks.HasSubpacket(SignatureSubpacketTag.CreationTime)) + { + Fail("hasSubpacket test for creation time failed"); + } + + DateTime sigCreationTime = hashedPcks.GetSignatureCreationTime(); + if (!sigCreationTime.Equals(creationTime)) + { + Fail("creation of overridden date failed."); + } + + prefAlgs = hashedPcks.GetPreferredCompressionAlgorithms(); + preferredAlgorithmCheck("compression", NO_PREFERENCES, prefAlgs); + + prefAlgs = hashedPcks.GetPreferredHashAlgorithms(); + preferredAlgorithmCheck("hash", NO_PREFERENCES, prefAlgs); + + prefAlgs = hashedPcks.GetPreferredSymmetricAlgorithms(); + preferredAlgorithmCheck("symmetric", NO_PREFERENCES, prefAlgs); + + if (hashedPcks.GetKeyExpirationTime() != 0) + { + Fail("unexpected key expiration time found"); + } + + if (hashedPcks.GetSignatureExpirationTime() != 0) + { + Fail("unexpected signature expiration time found"); + } + + if (hashedPcks.GetSignerUserId() != null) + { + Fail("unexpected signer user ID found"); + } + + criticalHashed = hashedPcks.GetCriticalTags(); + + if (criticalHashed.Length != 0) + { + Fail("critical packets found when none expected"); + } + + unhashedPcks = sig.GetUnhashedSubPackets(); + + if (unhashedPcks.Count != 1) + { + Fail("found wrong number of unhashed packets in override test"); + } + + // + // general signatures + // + doTestSig(PublicKeyAlgorithmTag.RsaGeneral, HashAlgorithmTag.Sha256, secretKey.PublicKey, pgpPrivKey); + doTestSig(PublicKeyAlgorithmTag.RsaGeneral, HashAlgorithmTag.Sha384, secretKey.PublicKey, pgpPrivKey); + doTestSig(PublicKeyAlgorithmTag.RsaGeneral, HashAlgorithmTag.Sha512, secretKey.PublicKey, pgpPrivKey); + doTestSigV3(PublicKeyAlgorithmTag.RsaGeneral, HashAlgorithmTag.Sha1, secretKey.PublicKey, pgpPrivKey); + doTestTextSig(PublicKeyAlgorithmTag.RsaGeneral, HashAlgorithmTag.Sha1, secretKey.PublicKey, pgpPrivKey, TEST_DATA_WITH_CRLF, TEST_DATA_WITH_CRLF); + doTestTextSig(PublicKeyAlgorithmTag.RsaGeneral, HashAlgorithmTag.Sha1, secretKey.PublicKey, pgpPrivKey, TEST_DATA, TEST_DATA_WITH_CRLF); + doTestTextSigV3(PublicKeyAlgorithmTag.RsaGeneral, HashAlgorithmTag.Sha1, secretKey.PublicKey, pgpPrivKey, TEST_DATA_WITH_CRLF, TEST_DATA_WITH_CRLF); + doTestTextSigV3(PublicKeyAlgorithmTag.RsaGeneral, HashAlgorithmTag.Sha1, secretKey.PublicKey, pgpPrivKey, TEST_DATA, TEST_DATA_WITH_CRLF); + + // + // DSA Tests + // + pgpPriv = new PgpSecretKeyRing(dsaKeyRing); + secretKey = pgpPriv.GetSecretKey(); + pgpPrivKey = secretKey.ExtractPrivateKey(dsaPass); + + try + { + doTestSig(PublicKeyAlgorithmTag.RsaGeneral, HashAlgorithmTag.Sha1, secretKey.PublicKey, pgpPrivKey); + + Fail("DSA wrong key test failed."); + } + catch (PgpException) + { + // expected + } + + try + { + doTestSigV3(PublicKeyAlgorithmTag.RsaGeneral, HashAlgorithmTag.Sha1, secretKey.PublicKey, pgpPrivKey); + + Fail("DSA V3 wrong key test failed."); + } + catch (PgpException) + { + // expected + } + + doTestSig(PublicKeyAlgorithmTag.Dsa, HashAlgorithmTag.Sha1, secretKey.PublicKey, pgpPrivKey); + doTestSigV3(PublicKeyAlgorithmTag.Dsa, HashAlgorithmTag.Sha1, secretKey.PublicKey, pgpPrivKey); + doTestTextSig(PublicKeyAlgorithmTag.Dsa, HashAlgorithmTag.Sha1, secretKey.PublicKey, pgpPrivKey, TEST_DATA_WITH_CRLF, TEST_DATA_WITH_CRLF); + doTestTextSig(PublicKeyAlgorithmTag.Dsa, HashAlgorithmTag.Sha1, secretKey.PublicKey, pgpPrivKey, TEST_DATA, TEST_DATA_WITH_CRLF); + doTestTextSigV3(PublicKeyAlgorithmTag.Dsa, HashAlgorithmTag.Sha1, secretKey.PublicKey, pgpPrivKey, TEST_DATA_WITH_CRLF, TEST_DATA_WITH_CRLF); + doTestTextSigV3(PublicKeyAlgorithmTag.Dsa, HashAlgorithmTag.Sha1, secretKey.PublicKey, pgpPrivKey, TEST_DATA, TEST_DATA_WITH_CRLF); + + // special cases + // + doTestMissingSubpackets(nullPacketsSubKeyBinding); + + doTestMissingSubpackets(generateV3BinarySig(pgpPrivKey, PublicKeyAlgorithmTag.Dsa, HashAlgorithmTag.Sha1)); + + // keyflags + doTestKeyFlagsValues(); + + // TODO Seems to depend on some other functionality that's yet to be ported + //doTestUserAttributeEncoding(); + } + + //private void doTestUserAttributeEncoding() + //{ + // PgpPublicKeyRing pkr = new PgpPublicKeyRing(okAttr); + + // CheckUserAttribute("normal", pkr, pkr.GetPublicKey()); + + // pkr = new PgpPublicKeyRing(attrLongLength); + + // CheckUserAttribute("long", pkr, pkr.GetPublicKey()); + //} + + //private void CheckUserAttribute(String type, PgpPublicKeyRing pkr, PgpPublicKey masterPk) + //{ + // foreach (PgpUserAttributeSubpacketVector attr in pkr.GetPublicKey().GetUserAttributes()) + // { + // foreach (PgpSignature sig in masterPk.GetSignaturesForUserAttribute(attr)) + // { + // sig.InitVerify(masterPk); + // if (!sig.VerifyCertification(attr, masterPk)) + // { + // Fail("user attribute sig failed to verify on " + type); + // } + // } + // } + //} + + private void doTestKeyFlagsValues() + { + checkValue(KeyFlags.CertifyOther, 0x01); + checkValue(KeyFlags.SignData, 0x02); + checkValue(KeyFlags.EncryptComms, 0x04); + checkValue(KeyFlags.EncryptStorage, 0x08); + checkValue(KeyFlags.Split, 0x10); + checkValue(KeyFlags.Authentication, 0x20); + checkValue(KeyFlags.Shared, 0x80); + + // yes this actually happens + checkValue(new byte[] { 4, 0, 0, 0 }, 0x04); + checkValue(new byte[] { 4, 0, 0 }, 0x04); + checkValue(new byte[] { 4, 0 }, 0x04); + checkValue(new byte[] { 4 }, 0x04); + } + + private void checkValue(int flag, int val) + { + KeyFlags f = new KeyFlags(true, flag); + + if (f.Flags != val) + { + Fail("flag value mismatch"); + } + } + + private void checkValue(byte[] flag, int val) + { + KeyFlags f = new KeyFlags(true, false, flag); + + if (f.Flags != val) + { + Fail("flag value mismatch"); + } + } + + private void doTestMissingSubpackets(byte[] signature) + { + PgpObjectFactory f = new PgpObjectFactory(signature); + object obj = f.NextPgpObject(); + + while (!(obj is PgpSignatureList)) + { + obj = f.NextPgpObject(); + if (obj is PgpLiteralData) + { + Stream input = ((PgpLiteralData)obj).GetDataStream(); + Streams.Drain(input); + } + } + + PgpSignature sig = ((PgpSignatureList)obj)[0]; + + if (sig.Version > 3) + { + PgpSignatureSubpacketVector v = sig.GetHashedSubPackets(); + + if (v.GetKeyExpirationTime() != 0) + { + Fail("key expiration time not zero for missing subpackets"); + } + + if (!sig.HasSubpackets) + { + Fail("HasSubpackets property was false with packets"); + } + } + else + { + if (sig.GetHashedSubPackets() != null) + { + Fail("hashed sub packets found when none expected"); + } + + if (sig.GetUnhashedSubPackets() != null) + { + Fail("unhashed sub packets found when none expected"); + } + + if (sig.HasSubpackets) + { + Fail("HasSubpackets property was true with no packets"); + } + } + } + + private void preferredAlgorithmCheck( + string type, + int[] expected, + int[] prefAlgs) + { + if (expected == null) + { + if (prefAlgs != null) + { + Fail("preferences for " + type + " found when none expected"); + } + } + else + { + if (prefAlgs.Length != expected.Length) + { + Fail("wrong number of preferred " + type + " algorithms found"); + } + + for (int i = 0; i != expected.Length; i++) + { + if (expected[i] != prefAlgs[i]) + { + Fail("wrong algorithm found for " + type + ": expected " + expected[i] + " got " + prefAlgs); + } + } + } + } + + private void doTestSig( + PublicKeyAlgorithmTag encAlgorithm, + HashAlgorithmTag hashAlgorithm, + PgpPublicKey pubKey, + PgpPrivateKey privKey) + { + MemoryStream bOut = new MemoryStream(); + MemoryStream testIn = new MemoryStream(TEST_DATA, false); + PgpSignatureGenerator sGen = new PgpSignatureGenerator(encAlgorithm, hashAlgorithm); + + sGen.InitSign(PgpSignature.BinaryDocument, privKey); + sGen.GenerateOnePassVersion(false).Encode(bOut); + + PgpLiteralDataGenerator lGen = new PgpLiteralDataGenerator(); + Stream lOut = lGen.Open( + new UncloseableStream(bOut), + PgpLiteralData.Binary, + "_CONSOLE", + TEST_DATA.Length * 2, + DateTime.UtcNow); + + int ch; + while ((ch = testIn.ReadByte()) >= 0) + { + lOut.WriteByte((byte)ch); + sGen.Update((byte)ch); + } + + lOut.Write(TEST_DATA, 0, TEST_DATA.Length); + sGen.Update(TEST_DATA); + + lGen.Close(); + + sGen.Generate().Encode(bOut); + + verifySignature(bOut.ToArray(), hashAlgorithm, pubKey, TEST_DATA); + } + + private void doTestTextSig( + PublicKeyAlgorithmTag encAlgorithm, + HashAlgorithmTag hashAlgorithm, + PgpPublicKey pubKey, + PgpPrivateKey privKey, + byte[] data, + byte[] canonicalData) + { + PgpSignatureGenerator sGen = new PgpSignatureGenerator(encAlgorithm, HashAlgorithmTag.Sha1); + MemoryStream bOut = new MemoryStream(); + MemoryStream testIn = new MemoryStream(data, false); + DateTime creationTime = DateTime.UtcNow; + + sGen.InitSign(PgpSignature.CanonicalTextDocument, privKey); + sGen.GenerateOnePassVersion(false).Encode(bOut); + + PgpLiteralDataGenerator lGen = new PgpLiteralDataGenerator(); + Stream lOut = lGen.Open( + new UncloseableStream(bOut), + PgpLiteralData.Text, + "_CONSOLE", + data.Length * 2, + creationTime); + + int ch; + while ((ch = testIn.ReadByte()) >= 0) + { + lOut.WriteByte((byte)ch); + sGen.Update((byte)ch); + } + + lOut.Write(data, 0, data.Length); + sGen.Update(data); + + lGen.Close(); + + PgpSignature sig = sGen.Generate(); + + if (sig.CreationTime == DateTimeUtilities.UnixMsToDateTime(0)) + { + Fail("creation time not set in v4 signature"); + } + + sig.Encode(bOut); + + verifySignature(bOut.ToArray(), hashAlgorithm, pubKey, canonicalData); + } + + private void doTestSigV3( + PublicKeyAlgorithmTag encAlgorithm, + HashAlgorithmTag hashAlgorithm, + PgpPublicKey pubKey, + PgpPrivateKey privKey) + { + byte[] bytes = generateV3BinarySig(privKey, encAlgorithm, hashAlgorithm); + + verifySignature(bytes, hashAlgorithm, pubKey, TEST_DATA); + } + + private byte[] generateV3BinarySig( + PgpPrivateKey privKey, + PublicKeyAlgorithmTag encAlgorithm, + HashAlgorithmTag hashAlgorithm) + { + MemoryStream bOut = new MemoryStream(); + MemoryStream testIn = new MemoryStream(TEST_DATA, false); + PgpV3SignatureGenerator sGen = new PgpV3SignatureGenerator(encAlgorithm, hashAlgorithm); + + sGen.InitSign(PgpSignature.BinaryDocument, privKey); + sGen.GenerateOnePassVersion(false).Encode(bOut); + + PgpLiteralDataGenerator lGen = new PgpLiteralDataGenerator(); + Stream lOut = lGen.Open( + new UncloseableStream(bOut), + PgpLiteralData.Binary, + "_CONSOLE", + TEST_DATA.Length * 2, + DateTime.UtcNow); + + int ch; + while ((ch = testIn.ReadByte()) >= 0) + { + lOut.WriteByte((byte)ch); + sGen.Update((byte)ch); + } + + lOut.Write(TEST_DATA, 0, TEST_DATA.Length); + sGen.Update(TEST_DATA); + + lGen.Close(); + + sGen.Generate().Encode(bOut); + + return bOut.ToArray(); + } + + private void doTestTextSigV3( + PublicKeyAlgorithmTag encAlgorithm, + HashAlgorithmTag hashAlgorithm, + PgpPublicKey pubKey, + PgpPrivateKey privKey, + byte[] data, + byte[] canonicalData) + { + PgpV3SignatureGenerator sGen = new PgpV3SignatureGenerator(encAlgorithm, HashAlgorithmTag.Sha1); + MemoryStream bOut = new MemoryStream(); + MemoryStream testIn = new MemoryStream(data, false); + + sGen.InitSign(PgpSignature.CanonicalTextDocument, privKey); + sGen.GenerateOnePassVersion(false).Encode(bOut); + + PgpLiteralDataGenerator lGen = new PgpLiteralDataGenerator(); + Stream lOut = lGen.Open( + new UncloseableStream(bOut), + PgpLiteralData.Text, + "_CONSOLE", + data.Length * 2, + DateTime.UtcNow); + + int ch; + while ((ch = testIn.ReadByte()) >= 0) + { + lOut.WriteByte((byte)ch); + sGen.Update((byte)ch); + } + + lOut.Write(data, 0, data.Length); + sGen.Update(data); + + lGen.Close(); + + PgpSignature sig = sGen.Generate(); + + if (sig.CreationTime == DateTimeUtilities.UnixMsToDateTime(0)) + { + Fail("creation time not set in v3 signature"); + } + + sig.Encode(bOut); + + verifySignature(bOut.ToArray(), hashAlgorithm, pubKey, canonicalData); + } + + private void verifySignature( + byte[] encodedSig, + HashAlgorithmTag hashAlgorithm, + PgpPublicKey pubKey, + byte[] original) + { + PgpObjectFactory pgpFact = new PgpObjectFactory(encodedSig); + PgpOnePassSignatureList p1 = (PgpOnePassSignatureList)pgpFact.NextPgpObject(); + PgpOnePassSignature ops = p1[0]; + PgpLiteralData p2 = (PgpLiteralData)pgpFact.NextPgpObject(); + Stream dIn = p2.GetInputStream(); + + ops.InitVerify(pubKey); + + int ch; + while ((ch = dIn.ReadByte()) >= 0) + { + ops.Update((byte)ch); + } + + PgpSignatureList p3 = (PgpSignatureList)pgpFact.NextPgpObject(); + PgpSignature sig = p3[0]; + + DateTime creationTime = sig.CreationTime; + + // Check creationTime is recent + if (creationTime.CompareTo(DateTime.UtcNow) > 0 + || creationTime.CompareTo(DateTime.UtcNow.AddMinutes(-10)) < 0) + { + Fail("bad creation time in signature: " + creationTime); + } + + if (sig.KeyId != pubKey.KeyId) + { + Fail("key id mismatch in signature"); + } + + if (!ops.Verify(sig)) + { + Fail("Failed generated signature check - " + hashAlgorithm); + } + + sig.InitVerify(pubKey); + + for (int i = 0; i != original.Length; i++) + { + sig.Update(original[i]); + } + + sig.Update(original); + + if (!sig.Verify()) + { + Fail("Failed generated signature check against original data"); + } + } + + public override string Name + { + get { return "PgpSignatureTest"; } + } + + public static void Main(string[] args) + { + RunTest(new PgpSignatureTest()); + } + + [Test] + public void TestFunction() + { + string resultText = Perform().ToString(); + + Assert.AreEqual(Name + ": Okay", resultText); + } + } +} diff --git a/BouncyCastle/crypto/test/src/openpgp/test/PgpECDHTest.cs b/BouncyCastle/crypto/test/src/openpgp/test/PgpECDHTest.cs new file mode 100644 index 0000000..94ab2a7 --- /dev/null +++ b/BouncyCastle/crypto/test/src/openpgp/test/PgpECDHTest.cs @@ -0,0 +1,277 @@ +using System; +using System.Collections; +using System.IO; +using System.Text; + +using NUnit.Framework; + +using Org.BouncyCastle.Asn1.Sec; +using Org.BouncyCastle.Crypto; +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Security; +using Org.BouncyCastle.Utilities; +using Org.BouncyCastle.Utilities.Encoders; +using Org.BouncyCastle.Utilities.Test; + +namespace Org.BouncyCastle.Bcpg.OpenPgp.Tests +{ + [TestFixture] + public class PgpECDHTest + : SimpleTest + { + private static readonly byte[] testPubKey = + Base64.Decode( + "mFIEUb4GwBMIKoZIzj0DAQcCAwS8p3TFaRAx58qCG63W+UNthXBPSJDnVDPTb/sT" + + "iXePaAZ/Gh1GKXTq7k6ab/67MMeVFp/EdySumqdWLtvceFKstFBUZXN0IEVDRFNB" + + "LUVDREggKEtleSBhbmQgc3Via2V5IGFyZSAyNTYgYml0cyBsb25nKSA8dGVzdC5l" + + "Y2RzYS5lY2RoQGV4YW1wbGUuY29tPoh6BBMTCAAiBQJRvgbAAhsDBgsJCAcDAgYV" + + "CAIJCgsEFgIDAQIeAQIXgAAKCRD3wDlWjFo9U5O2AQDi89NO6JbaIObC63jMMWsi" + + "AaQHrBCPkDZLibgNv73DLgD/faouH4YZJs+cONQBPVnP1baG1NpWR5ppN3JULFcr" + + "hcq4VgRRvgbAEggqhkjOPQMBBwIDBLtY8Nmfz0zSEa8C1snTOWN+VcT8pXPwgJRy" + + "z6kSP4nPt1xj1lPKj5zwPXKWxMkPO9ocqhKdg2mOh6/rc1ObIoMDAQgHiGEEGBMI" + + "AAkFAlG+BsACGwwACgkQ98A5VoxaPVN8cgEAj4dMNMNwRSg2ZBWunqUAHqIedVbS" + + "dmwmbysD192L3z4A/ReXEa0gtv8OFWjuALD1ovEK8TpDORLUb6IuUb5jUIzY"); + + private static readonly byte[] testPrivKey = + Base64.Decode( + "lKUEUb4GwBMIKoZIzj0DAQcCAwS8p3TFaRAx58qCG63W+UNthXBPSJDnVDPTb/sT" + + "iXePaAZ/Gh1GKXTq7k6ab/67MMeVFp/EdySumqdWLtvceFKs/gcDAo11YYCae/K2" + + "1uKGJ/uU4b4QHYnPIsAdYpuo5HIdoAOL/WwduRa8C6vSFrtMJLDqPK3BUpMz3CXN" + + "GyMhjuaHKP5MPbBZkIfgUGZO5qvU9+i0UFRlc3QgRUNEU0EtRUNESCAoS2V5IGFu" + + "ZCBzdWJrZXkgYXJlIDI1NiBiaXRzIGxvbmcpIDx0ZXN0LmVjZHNhLmVjZGhAZXhh" + + "bXBsZS5jb20+iHoEExMIACIFAlG+BsACGwMGCwkIBwMCBhUIAgkKCwQWAgMBAh4B" + + "AheAAAoJEPfAOVaMWj1Tk7YBAOLz007oltog5sLreMwxayIBpAesEI+QNkuJuA2/" + + "vcMuAP99qi4fhhkmz5w41AE9Wc/VtobU2lZHmmk3clQsVyuFyg=="); + + private static readonly byte[] testMessage = + Base64.Decode( + "hH4Dp5+FdoujIBwSAgMErx4BSvgXY3irwthgxU8zPoAoR+8rhmxdpwbw6ZJAO2GX" + + "azWJ85JNcobHKDeGeUq6wkTFu+g6yG99gIX8J5xJAjBRhyCRcaFgwbdDV4orWTe3" + + "iewiT8qs4BQ23e0c8t+thdKoK4thMsCJy7wSKqY0sJTSVAELroNbCOi2lcO15YmW" + + "6HiuFH7VKWcxPUBjXwf5+Z3uOKEp28tBgNyDrdbr1BbqlgYzIKq/pe9zUbUXfitn" + + "vFc6HcGhvmRQreQ+Yw1x3x0HJeoPwg=="); + + private void Generate() + { + SecureRandom random = SecureRandom.GetInstance("SHA1PRNG"); + + // + // Generate a master key + // + IAsymmetricCipherKeyPairGenerator keyGen = GeneratorUtilities.GetKeyPairGenerator("ECDSA"); + keyGen.Init(new ECKeyGenerationParameters(SecObjectIdentifiers.SecP256r1, random)); + + AsymmetricCipherKeyPair kpSign = keyGen.GenerateKeyPair(); + + PgpKeyPair ecdsaKeyPair = new PgpKeyPair(PublicKeyAlgorithmTag.ECDsa, kpSign, DateTime.UtcNow); + + // + // Generate an encryption key + // + keyGen = GeneratorUtilities.GetKeyPairGenerator("ECDH"); + keyGen.Init(new ECKeyGenerationParameters(SecObjectIdentifiers.SecP256r1, random)); + + AsymmetricCipherKeyPair kpEnc = keyGen.GenerateKeyPair(); + + PgpKeyPair ecdhKeyPair = new PgpKeyPair(PublicKeyAlgorithmTag.ECDH, kpEnc, DateTime.UtcNow); + + // + // Generate a key ring + // + char[] passPhrase = "test".ToCharArray(); + PgpKeyRingGenerator keyRingGen = new PgpKeyRingGenerator(PgpSignature.PositiveCertification, ecdsaKeyPair, + "test@bouncycastle.org", SymmetricKeyAlgorithmTag.Aes256, passPhrase, true, null, null, random); + keyRingGen.AddSubKey(ecdhKeyPair); + + PgpPublicKeyRing pubRing = keyRingGen.GeneratePublicKeyRing(); + + // TODO: add check of KdfParameters + DoBasicKeyRingCheck(pubRing); + + PgpSecretKeyRing secRing = keyRingGen.GenerateSecretKeyRing(); + + PgpPublicKeyRing pubRingEnc = new PgpPublicKeyRing(pubRing.GetEncoded()); + if (!Arrays.AreEqual(pubRing.GetEncoded(), pubRingEnc.GetEncoded())) + { + Fail("public key ring encoding failed"); + } + + PgpSecretKeyRing secRingEnc = new PgpSecretKeyRing(secRing.GetEncoded()); + if (!Arrays.AreEqual(secRing.GetEncoded(), secRingEnc.GetEncoded())) + { + Fail("secret key ring encoding failed"); + } + + PgpPrivateKey pgpPrivKey = secRing.GetSecretKey().ExtractPrivateKey(passPhrase); + } + + private void TestDecrypt(PgpSecretKeyRing secretKeyRing) + { + PgpObjectFactory pgpF = new PgpObjectFactory(testMessage); + + PgpEncryptedDataList encList = (PgpEncryptedDataList)pgpF.NextPgpObject(); + + PgpPublicKeyEncryptedData encP = (PgpPublicKeyEncryptedData)encList[0]; + + PgpSecretKey secretKey = secretKeyRing.GetSecretKey(); // secretKeyRing.GetSecretKey(encP.KeyId); + + // PgpPrivateKey pgpPrivKey = secretKey.extractPrivateKey(new JcePBESecretKeyEncryptorBuilder()); + + // clear = encP.getDataStream(pgpPrivKey, "BC"); + // + // bOut.reset(); + // + // while ((ch = clear.read()) >= 0) + // { + // bOut.write(ch); + // } + // + // out = bOut.toByteArray(); + // + // if (!AreEqual(out, text)) + // { + // fail("wrong plain text in Generated packet"); + // } + } + + private void EncryptDecryptTest() + { + SecureRandom random = SecureRandom.GetInstance("SHA1PRNG"); + + byte[] text = Encoding.ASCII.GetBytes("hello world!"); + + IAsymmetricCipherKeyPairGenerator keyGen = GeneratorUtilities.GetKeyPairGenerator("ECDH"); + keyGen.Init(new ECKeyGenerationParameters(SecObjectIdentifiers.SecP256r1, random)); + + AsymmetricCipherKeyPair kpEnc = keyGen.GenerateKeyPair(); + + PgpKeyPair ecdhKeyPair = new PgpKeyPair(PublicKeyAlgorithmTag.ECDH, kpEnc, DateTime.UtcNow); + + PgpLiteralDataGenerator lData = new PgpLiteralDataGenerator(); + MemoryStream ldOut = new MemoryStream(); + Stream pOut = lData.Open(ldOut, PgpLiteralDataGenerator.Utf8, PgpLiteralData.Console, text.Length, DateTime.UtcNow); + + pOut.Write(text, 0, text.Length); + + pOut.Close(); + + byte[] data = ldOut.ToArray(); + + MemoryStream cbOut = new MemoryStream(); + + PgpEncryptedDataGenerator cPk = new PgpEncryptedDataGenerator(SymmetricKeyAlgorithmTag.Cast5, random); + cPk.AddMethod(ecdhKeyPair.PublicKey); + + Stream cOut = cPk.Open(new UncloseableStream(cbOut), data.Length); + + cOut.Write(data, 0, data.Length); + + cOut.Close(); + + PgpObjectFactory pgpF = new PgpObjectFactory(cbOut.ToArray()); + + PgpEncryptedDataList encList = (PgpEncryptedDataList)pgpF.NextPgpObject(); + + PgpPublicKeyEncryptedData encP = (PgpPublicKeyEncryptedData)encList[0]; + + Stream clear = encP.GetDataStream(ecdhKeyPair.PrivateKey); + + pgpF = new PgpObjectFactory(clear); + + PgpLiteralData ld = (PgpLiteralData)pgpF.NextPgpObject(); + + clear = ld.GetInputStream(); + MemoryStream bOut = new MemoryStream(); + + int ch; + while ((ch = clear.ReadByte()) >= 0) + { + bOut.WriteByte((byte)ch); + } + + byte[] output = bOut.ToArray(); + + if (!AreEqual(output, text)) + { + Fail("wrong plain text in Generated packet"); + } + } + + public override void PerformTest() + { + // + // Read the public key + // + PgpPublicKeyRing pubKeyRing = new PgpPublicKeyRing(testPubKey); + + DoBasicKeyRingCheck(pubKeyRing); + + // + // Read the private key + // + PgpSecretKeyRing secretKeyRing = new PgpSecretKeyRing(testPrivKey); + + TestDecrypt(secretKeyRing); + + EncryptDecryptTest(); + + Generate(); + } + + private void DoBasicKeyRingCheck(PgpPublicKeyRing pubKeyRing) + { + foreach (PgpPublicKey pubKey in pubKeyRing.GetPublicKeys()) + { + if (pubKey.IsMasterKey) + { + if (pubKey.IsEncryptionKey) + { + Fail("master key showed as encryption key!"); + } + } + else + { + if (!pubKey.IsEncryptionKey) + { + Fail("sub key not encryption key!"); + } + + foreach (PgpSignature certification in pubKeyRing.GetPublicKey().GetSignatures()) + { + certification.InitVerify(pubKeyRing.GetPublicKey()); + + if (!certification.VerifyCertification((string)First(pubKeyRing.GetPublicKey().GetUserIds()), pubKeyRing.GetPublicKey())) + { + Fail("subkey certification does not verify"); + } + } + } + } + } + + private static object First(IEnumerable e) + { + IEnumerator n = e.GetEnumerator(); + Assert.IsTrue(n.MoveNext()); + return n.Current; + } + + public override string Name + { + get { return "PgpECDHTest"; } + } + + public static void Main(string[] args) + { + RunTest(new PgpECDHTest()); + } + + [Test] + public void TestFunction() + { + string resultText = Perform().ToString(); + + Assert.AreEqual(Name + ": Okay", resultText); + } + } +} diff --git a/BouncyCastle/crypto/test/src/openpgp/test/PgpECDsaTest.cs b/BouncyCastle/crypto/test/src/openpgp/test/PgpECDsaTest.cs new file mode 100644 index 0000000..c065320 --- /dev/null +++ b/BouncyCastle/crypto/test/src/openpgp/test/PgpECDsaTest.cs @@ -0,0 +1,204 @@ +using System; +using System.Collections; +using System.IO; +using System.Text; + +using NUnit.Framework; + +using Org.BouncyCastle.Asn1.Sec; +using Org.BouncyCastle.Crypto; +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Security; +using Org.BouncyCastle.Utilities; +using Org.BouncyCastle.Utilities.Encoders; +using Org.BouncyCastle.Utilities.Test; + +namespace Org.BouncyCastle.Bcpg.OpenPgp.Tests +{ + [TestFixture] + public class PgpECDsaTest + : SimpleTest + { + private static readonly byte[] testPubKey = + Base64.Decode( + "mFIEUb4HqBMIKoZIzj0DAQcCAwSQynmjwsGJHYJakAEVYxrm3tt/1h8g9Uksx32J" + + "zG/ZH4RwaD0PbjzEe5EVBmCwSErRZxt/5AxXa0TEHWjya8FetDVFQ0RTQSAoS2V5" + + "IGlzIDI1NiBiaXRzIGxvbmcpIDx0ZXN0LmVjZHNhQGV4YW1wbGUuY29tPoh6BBMT" + + "CAAiBQJRvgeoAhsDBgsJCAcDAgYVCAIJCgsEFgIDAQIeAQIXgAAKCRDqO46kgPLi" + + "vN1hAP4n0UApR36ziS5D8KUt7wEpBujQE4G3+efATJ+DMmY/SgEA+wbdDynFf/V8" + + "pQs0+FtCYQ9schzIur+peRvol7OrNnc="); + + private static readonly byte[] testPrivKey = + Base64.Decode( + "lKUEUb4HqBMIKoZIzj0DAQcCAwSQynmjwsGJHYJakAEVYxrm3tt/1h8g9Uksx32J" + + "zG/ZH4RwaD0PbjzEe5EVBmCwSErRZxt/5AxXa0TEHWjya8Fe/gcDAqTWSUiFpEno" + + "1n8izmLaWTy8GYw5/lK4R2t6D347YGgTtIiXfoNPOcosmU+3OibyTm2hc/WyG4fL" + + "a0nxFtj02j0Bt/Fw0N4VCKJwKL/QJT+0NUVDRFNBIChLZXkgaXMgMjU2IGJpdHMg" + + "bG9uZykgPHRlc3QuZWNkc2FAZXhhbXBsZS5jb20+iHoEExMIACIFAlG+B6gCGwMG" + + "CwkIBwMCBhUIAgkKCwQWAgMBAh4BAheAAAoJEOo7jqSA8uK83WEA/ifRQClHfrOJ" + + "LkPwpS3vASkG6NATgbf558BMn4MyZj9KAQD7Bt0PKcV/9XylCzT4W0JhD2xyHMi6" + + "v6l5G+iXs6s2dw=="); + + private static readonly char[] testPasswd = "test".ToCharArray(); + + private static readonly byte[] sExprKey = + Base64.Decode( + "KDIxOnByb3RlY3RlZC1wcml2YXRlLWtleSgzOmVjYyg1OmN1cnZlMTU6YnJh" + + "aW5wb29sUDM4NHIxKSgxOnE5NzoEi29XCqkugtlRvONnpAVMQgfecL+Gk86O" + + "t8LnUizfHG2TqRrtqlMg1DdU8Z8dJWmhJG84IUOURCyjt8nE4BeeCfRIbTU5" + + "7CB13OqveBdNIRfK45UQnxHLO2MPVXf4GMdtKSg5OnByb3RlY3RlZDI1Om9w" + + "ZW5wZ3AtczJrMy1zaGExLWFlcy1jYmMoKDQ6c2hhMTg6itLEzGV4Cfg4OjEy" + + "OTA1NDcyKTE2OgxmufENKFTZUB72+X7AwkgpMTEyOvMWNLZgaGdlTN8XCxa6" + + "8ia0Xqqb9RvHgTh+iBf0RgY5Tx5hqO9fHOi76LTBMfxs9VC4f1rTketjEUKR" + + "f5amKb8lrJ67kKEsny4oRtP9ejkNzcvHFqRdxmHyL10ui8M8rJN9OU8ArqWf" + + "g22dTcKu02cpKDEyOnByb3RlY3RlZC1hdDE1OjIwMTQwNjA4VDE2MDg1MCkp" + + "KQ=="); + + private void GenerateAndSign() + { + SecureRandom random = SecureRandom.GetInstance("SHA1PRNG"); + + IAsymmetricCipherKeyPairGenerator keyGen = GeneratorUtilities.GetKeyPairGenerator("ECDSA"); + keyGen.Init(new ECKeyGenerationParameters(SecObjectIdentifiers.SecP256r1, random)); + + AsymmetricCipherKeyPair kpSign = keyGen.GenerateKeyPair(); + + PgpKeyPair ecdsaKeyPair = new PgpKeyPair(PublicKeyAlgorithmTag.ECDsa, kpSign, DateTime.UtcNow); + + byte[] msg = Encoding.ASCII.GetBytes("hello world!"); + + // + // try a signature + // + PgpSignatureGenerator signGen = new PgpSignatureGenerator(PublicKeyAlgorithmTag.ECDsa, HashAlgorithmTag.Sha256); + signGen.InitSign(PgpSignature.BinaryDocument, ecdsaKeyPair.PrivateKey); + + signGen.Update(msg); + + PgpSignature sig = signGen.Generate(); + + sig.InitVerify(ecdsaKeyPair.PublicKey); + sig.Update(msg); + + if (!sig.Verify()) + { + Fail("signature failed to verify!"); + } + + // + // generate a key ring + // + char[] passPhrase = "test".ToCharArray(); + PgpKeyRingGenerator keyRingGen = new PgpKeyRingGenerator(PgpSignature.PositiveCertification, ecdsaKeyPair, + "test@bouncycastle.org", SymmetricKeyAlgorithmTag.Aes256, passPhrase, true, null, null, random); + + PgpPublicKeyRing pubRing = keyRingGen.GeneratePublicKeyRing(); + PgpSecretKeyRing secRing = keyRingGen.GenerateSecretKeyRing(); + + PgpPublicKeyRing pubRingEnc = new PgpPublicKeyRing(pubRing.GetEncoded()); + if (!Arrays.AreEqual(pubRing.GetEncoded(), pubRingEnc.GetEncoded())) + { + Fail("public key ring encoding failed"); + } + + PgpSecretKeyRing secRingEnc = new PgpSecretKeyRing(secRing.GetEncoded()); + if (!Arrays.AreEqual(secRing.GetEncoded(), secRingEnc.GetEncoded())) + { + Fail("secret key ring encoding failed"); + } + + + // + // try a signature using encoded key + // + signGen = new PgpSignatureGenerator(PublicKeyAlgorithmTag.ECDsa, HashAlgorithmTag.Sha256); + signGen.InitSign(PgpSignature.BinaryDocument, secRing.GetSecretKey().ExtractPrivateKey(passPhrase)); + signGen.Update(msg); + + sig = signGen.Generate(); + sig.InitVerify(secRing.GetSecretKey().PublicKey); + sig.Update(msg); + + if (!sig.Verify()) + { + Fail("re-encoded signature failed to verify!"); + } + } + + public override void PerformTest() + { + // + // Read the public key + // + PgpPublicKeyRing pubKeyRing = new PgpPublicKeyRing(testPubKey); + foreach (PgpSignature certification in pubKeyRing.GetPublicKey().GetSignatures()) + { + certification.InitVerify(pubKeyRing.GetPublicKey()); + + if (!certification.VerifyCertification((string)First(pubKeyRing.GetPublicKey().GetUserIds()), pubKeyRing.GetPublicKey())) + { + Fail("self certification does not verify"); + } + } + + if (pubKeyRing.GetPublicKey().BitStrength != 256) + { + Fail("incorrect bit strength returned"); + } + + // + // Read the private key + // + PgpSecretKeyRing secretKeyRing = new PgpSecretKeyRing(testPrivKey); + + PgpPrivateKey privKey = secretKeyRing.GetSecretKey().ExtractPrivateKey(testPasswd); + + GenerateAndSign(); + + // + // sExpr + // + byte[] msg = Encoding.ASCII.GetBytes("hello world!"); + + PgpSecretKey key = PgpSecretKey.ParseSecretKeyFromSExpr(new MemoryStream(sExprKey, false), "test".ToCharArray()); + + PgpSignatureGenerator signGen = new PgpSignatureGenerator(PublicKeyAlgorithmTag.ECDsa, HashAlgorithmTag.Sha256); + signGen.InitSign(PgpSignature.BinaryDocument, key.ExtractPrivateKey(null)); + signGen.Update(msg); + + PgpSignature sig = signGen.Generate(); + sig.InitVerify(key.PublicKey); + sig.Update(msg); + + if (!sig.Verify()) + { + Fail("signature failed to verify!"); + } + } + + private static object First(IEnumerable e) + { + IEnumerator n = e.GetEnumerator(); + Assert.IsTrue(n.MoveNext()); + return n.Current; + } + + public override string Name + { + get { return "PgpECDsaTest"; } + } + + public static void Main(string[] args) + { + RunTest(new PgpECDsaTest()); + } + + [Test] + public void TestFunction() + { + string resultText = Perform().ToString(); + + Assert.AreEqual(Name + ": Okay", resultText); + } + } +} diff --git a/BouncyCastle/crypto/test/src/openpgp/test/PgpECMessageTest.cs b/BouncyCastle/crypto/test/src/openpgp/test/PgpECMessageTest.cs new file mode 100644 index 0000000..8f6111c --- /dev/null +++ b/BouncyCastle/crypto/test/src/openpgp/test/PgpECMessageTest.cs @@ -0,0 +1,195 @@ +using System; +using System.IO; +using System.Text; + +using NUnit.Framework; + +using Org.BouncyCastle.Utilities.Encoders; +using Org.BouncyCastle.Utilities.Test; + +namespace Org.BouncyCastle.Bcpg.OpenPgp.Tests +{ + [TestFixture] + public class PgpECMessageTest + : SimpleTest + { + private static readonly byte[] testPubKey = + Base64.Decode( + "mFIEU5SAxhMIKoZIzj0DAQcCAwRqnFLCB8EEZkAELNqznk8yQau/f1PACUTU/Qe9\n" + + "jlybc22bO55BdvZdFoa3RmNQHhR980/KeVwCQ3cPpe6OQJFAtD9OSVNUIFAtMjU2\n" + + "IChHZW5lcmF0ZWQgYnkgR1BHIDIuMSBiZXRhKSA8bmlzdC1wLTI1NkBleGFtcGxl\n" + + "LmNvbT6IeQQTEwgAIQUCU5SAxgIbAwYLCQgHAwIGFQgCCQoLAxYCAQIeAQIXgAAK\n" + + "CRA2iYNe+deDntxvAP90U2BUL2YcxrJYnsK783VIPM5U5/2IhH7azbRfaHiLZgEA\n" + + "1/BVNxRG/Q07gPSdEGagRZcrzPxMQPLjBL4T7Nq5eSG4VgRTlIDqEggqhkjOPQMB\n" + + "BwIDBJlWEj5qR12xbmp5dkjEkV+PRSfk37NKnw8axSJkyDTsFNZLIugMLX/zTn3r\n" + + "rOamvHUdXNbLy1s8PeyrztMcOnwDAQgHiGEEGBMIAAkFAlOUgOoCGwwACgkQNomD\n" + + "XvnXg556SQD+MCXRkYgLPd0NWWbCKl5wYk4NwWRvOCDFGk7eYoRTKaYBAIkt3J86\n" + + "Bn0zCzsphjrIUlGPXhLSX/2aJQDuuK3zzLmn"); + + private static readonly byte[] sExprKeySub = + Base64.Decode( + "KDIxOnByb3RlY3RlZC1wcml2YXRlLWtleSgzOmVjYyg1OmN1cnZlMTA6TklT" + + "VCBQLTI1NikoMTpxNjU6BJlWEj5qR12xbmp5dkjEkV+PRSfk37NKnw8axSJk" + + "yDTsFNZLIugMLX/zTn3rrOamvHUdXNbLy1s8PeyrztMcOnwpKDk6cHJvdGVj" + + "dGVkMjU6b3BlbnBncC1zMmszLXNoYTEtYWVzLWNiYygoNDpzaGExODpu2e7w" + + "pW4L5jg6MTI5MDU0NzIpMTY6ohIkbi1P1O7QX1zgPd7Ejik5NjrCoM9qBxzy" + + "LVJJMVRGlsjltF9/CeLnRPN1sjeiQrP1vAlZMPiOpYTmGDVRcZhdkCRO06MY" + + "UTLDZK1wsxELVD0s9irpbskcOnXwqtXbIqhoK4B+9pnkR0h5gi0xPIGSTtYp" + + "KDEyOnByb3RlY3RlZC1hdDE1OjIwMTQwNjA4VDE1MjgxMCkpKQ=="); + + private static readonly byte[] sExprKeyMaster = + Base64.Decode( + "KDIxOnByb3RlY3RlZC1wcml2YXRlLWtleSgzOmVjYyg1OmN1cnZlMTA6TklT" + + "VCBQLTI1NikoMTpxNjU6BGqcUsIHwQRmQAQs2rOeTzJBq79/U8AJRNT9B72O" + + "XJtzbZs7nkF29l0WhrdGY1AeFH3zT8p5XAJDdw+l7o5AkUApKDk6cHJvdGVj" + + "dGVkMjU6b3BlbnBncC1zMmszLXNoYTEtYWVzLWNiYygoNDpzaGExODr4PqHT" + + "9W4lpTg6MTI5MDU0NzIpMTY6VsooQy9aGsuMpiObZk4y1ik5NjoCArOSmSsJ" + + "IYUzxkRwy/HyDYPqjAqrNrh3m8lQco6k64Pf4SDda/0gKjkum7zYDEzBEvXI" + + "+ZodAST6z3IDkPHL7LUy5qp2LdG73xLRFjfsqOsZgP+nwoOSUiC7N4AWJPAp" + + "KDEyOnByb3RlY3RlZC1hdDE1OjIwMTQwNjA4VDE1MjcwOSkpKQ=="); + + private static readonly byte[] encMessage = + Base64.Decode("hH4DrQCblwYU61MSAgMEVXjgPW2hvIhUMQ2qlAQlAliZKbyujaYfLnwZTeGvu+pt\n"+ + "gJXt+JJ8zWoENxLAp+Nb3PxJW4CjvkXQ2dEmmvkhBzAhDer86XJBrQLBQUL+6EmE\n"+ + "l+/3Yzt+cPEyEn32BSpkt31F2yGncoefCUDgj9tKiFXSRwGhjRno0qzB3CfRWzDu\n"+ + "eelwwtRcxnvXNc44TuHRf4PgZ3d4dDU69bWQswdQ5UTP/Bjjo92yMLtJ3HtBuym+\n"+ + "NazbQUh4M+SP"); + + private static readonly byte[] signedEncMessage = + Base64.Decode("hH4DrQCblwYU61MSAgMEC/jpqjgnqotzKWNWJ3bhOxmmChghrV2PLQbQqtHtVvbj\n" + + "zyLpaPgeqLslMAjsdy8rlANCjlweZhtP1DmvHiYgjDAA54eptpLMtbULaQOoRcsZ\n" + + "ZnMqhx9s5phAohNFGC+DnVU/IwxDOnI+ya54LOoXUrrSsgEKDTlAmYr4/oDmLTXt\n" + + "TaLgk0T9nBxGe8WbLwhPRBIyq6NX151aQ+pOobajrRiLwg/CwUsbAZ50bBPn2JjX\n" + + "wgBhBjyAn7D6bZ4hMl3YSluSiFkJhxZcYSydtIAlX35q4D/pJjT4mPT/y7ypytCU\n" + + "0wWo53O6NCSeM/EpeFw8RRh8fe+m33qpA6T5sR3Alg4ZukiIxLa36k6Cv5KTHmB3\n" + + "6lKZcgQDHNIKStV1bW4Cva1aXXQ="); + + private void DoTestMasterKey() + { + PgpSecretKey key = PgpSecretKey.ParseSecretKeyFromSExpr(new MemoryStream(sExprKeyMaster, false), + "test".ToCharArray()); + + byte[] msg = Encoding.UTF8.GetBytes("hello world!"); + + PgpSignatureGenerator signGen = new PgpSignatureGenerator(PublicKeyAlgorithmTag.ECDsa, HashAlgorithmTag.Sha256); + signGen.InitSign(PgpSignature.BinaryDocument, key.ExtractPrivateKey(null)); + signGen.Update(msg); + PgpSignature sig = signGen.Generate(); + + PgpPublicKey publicKey = new PgpPublicKeyRing(testPubKey).GetPublicKey(); + sig.InitVerify(publicKey); + sig.Update(msg); + + if (!sig.Verify()) + { + Fail("signature failed to verify!"); + } + } + + private void DoTestEncMessage() + { + PgpObjectFactory pgpFact = new PgpObjectFactory(encMessage); + + PgpEncryptedDataList encList = (PgpEncryptedDataList)pgpFact.NextPgpObject(); + + PgpPublicKeyEncryptedData encP = (PgpPublicKeyEncryptedData)encList[0]; + + PgpPublicKey publicKey = new PgpPublicKeyRing(testPubKey).GetPublicKey(encP.KeyId); + + PgpSecretKey secretKey = PgpSecretKey.ParseSecretKeyFromSExpr(new MemoryStream(sExprKeySub, false), + "test".ToCharArray(), publicKey); + + Stream clear = encP.GetDataStream(secretKey.ExtractPrivateKey(null)); + + PgpObjectFactory plainFact = new PgpObjectFactory(clear); + + PgpCompressedData cData = (PgpCompressedData)plainFact.NextPgpObject(); + + PgpObjectFactory compFact = new PgpObjectFactory(cData.GetDataStream()); + + PgpLiteralData lData = (PgpLiteralData)compFact.NextPgpObject(); + + if (!"test.txt".Equals(lData.FileName)) + { + Fail("wrong file name detected"); + } + } + + private void DoTestSignedEncMessage() + { + PgpObjectFactory pgpFact = new PgpObjectFactory(signedEncMessage); + + PgpEncryptedDataList encList = (PgpEncryptedDataList)pgpFact.NextPgpObject(); + + PgpPublicKeyEncryptedData encP = (PgpPublicKeyEncryptedData)encList[0]; + + PgpPublicKeyRing publicKeyRing = new PgpPublicKeyRing(testPubKey); + + PgpPublicKey publicKey = publicKeyRing.GetPublicKey(encP.KeyId); + + PgpSecretKey secretKey = PgpSecretKey.ParseSecretKeyFromSExpr(new MemoryStream(sExprKeySub, false), + "test".ToCharArray(), publicKey); + + Stream clear = encP.GetDataStream(secretKey.ExtractPrivateKey(null)); + + PgpObjectFactory plainFact = new PgpObjectFactory(clear); + + PgpCompressedData cData = (PgpCompressedData)plainFact.NextPgpObject(); + + PgpObjectFactory compFact = new PgpObjectFactory(cData.GetDataStream()); + + PgpOnePassSignatureList sList = (PgpOnePassSignatureList)compFact.NextPgpObject(); + + PgpOnePassSignature ops = sList[0]; + + PgpLiteralData lData = (PgpLiteralData)compFact.NextPgpObject(); + + if (!"test.txt".Equals(lData.FileName)) + { + Fail("wrong file name detected"); + } + + Stream dIn = lData .GetInputStream(); + + ops.InitVerify(publicKeyRing.GetPublicKey(ops.KeyId)); + + int ch; + while ((ch = dIn.ReadByte()) >= 0) + { + ops.Update((byte)ch); + } + + PgpSignatureList p3 = (PgpSignatureList)compFact.NextPgpObject(); + + if (!ops.Verify(p3[0])) + { + Fail("Failed signature check"); + } + } + + public override void PerformTest() + { + DoTestMasterKey(); + DoTestEncMessage(); + DoTestSignedEncMessage(); + } + + public override string Name + { + get { return "PgpECMessageTest"; } + } + + public static void Main(string[] args) + { + RunTest(new PgpECMessageTest()); + } + + [Test] + public void TestFunction() + { + string resultText = Perform().ToString(); + + Assert.AreEqual(Name + ": Okay", resultText); + } + } +} diff --git a/BouncyCastle/crypto/test/src/openpgp/test/PgpFeaturesTest.cs b/BouncyCastle/crypto/test/src/openpgp/test/PgpFeaturesTest.cs new file mode 100644 index 0000000..162c3f0 --- /dev/null +++ b/BouncyCastle/crypto/test/src/openpgp/test/PgpFeaturesTest.cs @@ -0,0 +1,59 @@ +using System; + +using NUnit.Framework; + +using Org.BouncyCastle.Bcpg.Sig; +using Org.BouncyCastle.Utilities.Test; + +namespace Org.BouncyCastle.Bcpg.OpenPgp.Tests +{ + [TestFixture] + public class PgpFeaturesTest + : SimpleTest + { + public override void PerformTest() + { + Features f = new Features(true, Features.FEATURE_MODIFICATION_DETECTION); + Assert.IsTrue(f.SupportsFeature(Features.FEATURE_MODIFICATION_DETECTION)); + Assert.IsTrue(f.SupportsModificationDetection); + Assert.IsTrue(!f.SupportsFeature(Features.FEATURE_VERSION_5_PUBLIC_KEY)); + + f = new Features(true, Features.FEATURE_VERSION_5_PUBLIC_KEY); + Assert.IsTrue(!f.SupportsModificationDetection); + Assert.IsTrue(f.SupportsFeature(Features.FEATURE_VERSION_5_PUBLIC_KEY)); + + f = new Features(true, Features.FEATURE_AEAD_ENCRYPTED_DATA); + Assert.IsTrue(f.SupportsFeature(Features.FEATURE_AEAD_ENCRYPTED_DATA)); + Assert.IsTrue(!f.SupportsModificationDetection); + Assert.IsTrue(!f.SupportsFeature(Features.FEATURE_VERSION_5_PUBLIC_KEY)); + + f = new Features(true, Features.FEATURE_AEAD_ENCRYPTED_DATA | Features.FEATURE_MODIFICATION_DETECTION); + Assert.IsTrue(f.SupportsFeature(Features.FEATURE_AEAD_ENCRYPTED_DATA)); + Assert.IsTrue(f.SupportsModificationDetection); + Assert.IsTrue(!f.SupportsFeature(Features.FEATURE_VERSION_5_PUBLIC_KEY)); + + f = new Features(true, Features.FEATURE_VERSION_5_PUBLIC_KEY | Features.FEATURE_MODIFICATION_DETECTION); + Assert.IsTrue(!f.SupportsFeature(Features.FEATURE_AEAD_ENCRYPTED_DATA)); + Assert.IsTrue(f.SupportsModificationDetection); + Assert.IsTrue(f.SupportsFeature(Features.FEATURE_VERSION_5_PUBLIC_KEY)); + } + + public override string Name + { + get { return "PgpFeaturesTest"; } + } + + public static void Main(string[] args) + { + RunTest(new PgpFeaturesTest()); + } + + [Test] + public void TestFunction() + { + string resultText = Perform().ToString(); + + Assert.AreEqual(Name + ": Okay", resultText); + } + } +} diff --git a/BouncyCastle/crypto/test/src/openpgp/test/PgpKeyRingTest.cs b/BouncyCastle/crypto/test/src/openpgp/test/PgpKeyRingTest.cs new file mode 100644 index 0000000..f8eaa64 --- /dev/null +++ b/BouncyCastle/crypto/test/src/openpgp/test/PgpKeyRingTest.cs @@ -0,0 +1,2662 @@ +using System; +using System.Collections; +using System.IO; + +using NUnit.Framework; + +using Org.BouncyCastle.Crypto; +using Org.BouncyCastle.Crypto.Generators; +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Math; +using Org.BouncyCastle.Security; +using Org.BouncyCastle.Utilities.Encoders; +using Org.BouncyCastle.Utilities.Test; + +namespace Org.BouncyCastle.Bcpg.OpenPgp.Tests +{ + [TestFixture] + public class PgpKeyRingTest + : SimpleTest + { + private static readonly SecureRandom Random = new SecureRandom(); + + private static readonly byte[] pub1 = Base64.Decode( + "mQGiBEA83v0RBADzKVLVCnpWQxX0LCsevw/3OLs0H7MOcLBQ4wMO9sYmzGYn" + + "xpVj+4e4PiCP7QBayWyy4lugL6Lnw7tESvq3A4v3fefcxaCTkJrryiKn4+Cg" + + "y5rIBbrSKNtCEhVi7xjtdnDjP5kFKgHYjVOeIKn4Cz/yzPG3qz75kDknldLf" + + "yHxp2wCgwW1vAE5EnZU4/UmY7l8kTNkMltMEAJP4/uY4zcRwLI9Q2raPqAOJ" + + "TYLd7h+3k/BxI0gIw96niQ3KmUZDlobbWBI+VHM6H99vcttKU3BgevNf8M9G" + + "x/AbtW3SS4De64wNSU3189XDG8vXf0vuyW/K6Pcrb8exJWY0E1zZQ1WXT0gZ" + + "W0kH3g5ro//Tusuil9q2lVLF2ovJA/0W+57bPzi318dWeNs0tTq6Njbc/GTG" + + "FUAVJ8Ss5v2u6h7gyJ1DB334ExF/UdqZGldp0ugkEXaSwBa2R7d3HBgaYcoP" + + "Ck1TrovZzEY8gm7JNVy7GW6mdOZuDOHTxyADEEP2JPxh6eRcZbzhGuJuYIif" + + "IIeLOTI5Dc4XKeV32a+bWrQidGVzdCAoVGVzdCBrZXkpIDx0ZXN0QHViaWNh" + + "bGwuY29tPohkBBMRAgAkBQJAPN79AhsDBQkB4TOABgsJCAcDAgMVAgMDFgIB" + + "Ah4BAheAAAoJEJh8Njfhe8KmGDcAoJWr8xgPr75y/Cp1kKn12oCCOb8zAJ4p" + + "xSvk4K6tB2jYbdeSrmoWBZLdMLACAAC5AQ0EQDzfARAEAJeUAPvUzJJbKcc5" + + "5Iyb13+Gfb8xBWE3HinQzhGr1v6A1aIZbRj47UPAD/tQxwz8VAwJySx82ggN" + + "LxCk4jW9YtTL3uZqfczsJngV25GoIN10f4/j2BVqZAaX3q79a3eMiql1T0oE" + + "AGmD7tO1LkTvWfm3VvA0+t8/6ZeRLEiIqAOHAAQNBACD0mVMlAUgd7REYy/1" + + "mL99Zlu9XU0uKyUex99sJNrcx1aj8rIiZtWaHz6CN1XptdwpDeSYEOFZ0PSu" + + "qH9ByM3OfjU/ya0//xdvhwYXupn6P1Kep85efMBA9jUv/DeBOzRWMFG6sC6y" + + "k8NGG7Swea7EHKeQI40G3jgO/+xANtMyTIhPBBgRAgAPBQJAPN8BAhsMBQkB" + + "4TOAAAoJEJh8Njfhe8KmG7kAn00mTPGJCWqmskmzgdzeky5fWd7rAKCNCp3u" + + "ZJhfg0htdgAfIy8ppm05vLACAAA="); + + private static readonly byte[] sec1 = Base64.Decode( + "lQHhBEA83v0RBADzKVLVCnpWQxX0LCsevw/3OLs0H7MOcLBQ4wMO9sYmzGYn" + + "xpVj+4e4PiCP7QBayWyy4lugL6Lnw7tESvq3A4v3fefcxaCTkJrryiKn4+Cg" + + "y5rIBbrSKNtCEhVi7xjtdnDjP5kFKgHYjVOeIKn4Cz/yzPG3qz75kDknldLf" + + "yHxp2wCgwW1vAE5EnZU4/UmY7l8kTNkMltMEAJP4/uY4zcRwLI9Q2raPqAOJ" + + "TYLd7h+3k/BxI0gIw96niQ3KmUZDlobbWBI+VHM6H99vcttKU3BgevNf8M9G" + + "x/AbtW3SS4De64wNSU3189XDG8vXf0vuyW/K6Pcrb8exJWY0E1zZQ1WXT0gZ" + + "W0kH3g5ro//Tusuil9q2lVLF2ovJA/0W+57bPzi318dWeNs0tTq6Njbc/GTG" + + "FUAVJ8Ss5v2u6h7gyJ1DB334ExF/UdqZGldp0ugkEXaSwBa2R7d3HBgaYcoP" + + "Ck1TrovZzEY8gm7JNVy7GW6mdOZuDOHTxyADEEP2JPxh6eRcZbzhGuJuYIif" + + "IIeLOTI5Dc4XKeV32a+bWv4CAwJ5KgazImo+sGBfMhDiBcBTqyDGhKHNgHic" + + "0Pky9FeRvfXTc2AO+jGmFPjcs8BnTWuDD0/jkQnRZpp1TrQidGVzdCAoVGVz" + + "dCBrZXkpIDx0ZXN0QHViaWNhbGwuY29tPohkBBMRAgAkBQJAPN79AhsDBQkB" + + "4TOABgsJCAcDAgMVAgMDFgIBAh4BAheAAAoJEJh8Njfhe8KmGDcAn3XeXDMg" + + "BZgrZzFWU2IKtA/5LG2TAJ0Vf/jjyq0jZNZfGfoqGTvD2MAl0rACAACdAVgE" + + "QDzfARAEAJeUAPvUzJJbKcc55Iyb13+Gfb8xBWE3HinQzhGr1v6A1aIZbRj4" + + "7UPAD/tQxwz8VAwJySx82ggNLxCk4jW9YtTL3uZqfczsJngV25GoIN10f4/j" + + "2BVqZAaX3q79a3eMiql1T0oEAGmD7tO1LkTvWfm3VvA0+t8/6ZeRLEiIqAOH" + + "AAQNBACD0mVMlAUgd7REYy/1mL99Zlu9XU0uKyUex99sJNrcx1aj8rIiZtWa" + + "Hz6CN1XptdwpDeSYEOFZ0PSuqH9ByM3OfjU/ya0//xdvhwYXupn6P1Kep85e" + + "fMBA9jUv/DeBOzRWMFG6sC6yk8NGG7Swea7EHKeQI40G3jgO/+xANtMyTP4C" + + "AwJ5KgazImo+sGBl2C7CFuI+5KM4ZhbtVie7l+OiTpr5JW2z5VgnV3EX9p04" + + "LcGKfQvD65+ELwli6yh8B2zGcipqTaYk3QoYNIhPBBgRAgAPBQJAPN8BAhsM" + + "BQkB4TOAAAoJEJh8Njfhe8KmG7kAniuRkaFFv1pdCBN8JJXpcorHmyouAJ9L" + + "xxmusffR6OI7WgD3XZ0AL8zUC7ACAAA="); + +// private static readonly char[] pass1 = "qwertzuiop".ToCharArray(); + + private static readonly byte[] pub2 = Base64.Decode( + "mQGiBEBtfW8RBADfWjTxFedIbGBNVgh064D/OCf6ul7x4PGsCl+BkAyheYkr" + + "mVUsChmBKoeXaY+Fb85wwusXzyM/6JFK58Rg+vEb3Z19pue8Ixxq7cRtCtOA" + + "tOP1eKXLNtTRWJutvLkQmeOa19UZ6ziIq23aWuWKSq+KKMWek2GUnGycnx5M" + + "W0pn1QCg/39r9RKhY9cdKYqRcqsr9b2B/AsD/Ru24Q15Jmrsl9zZ6EC47J49" + + "iNW5sLQx1qf/mgfVWQTmU2j6gq4ND1OuK7+0OP/1yMOUpkjjcqxFgTnDAAoM" + + "hHDTzCv/aZzIzmMvgLsYU3aIMfbz+ojpuASMCMh+te01cEMjiPWwDtdWWOdS" + + "OSyX9ylzhO3PiNDks8R83onsacYpA/9WhTcg4bvkjaj66I7wGZkm3BmTxNSb" + + "pE4b5HZDh31rRYhY9tmrryCfFnU4BS2Enjj5KQe9zFv7pUBCBW2oFo8i8Osn" + + "O6fa1wVN4fBHC6wqWmmpnkFerNPkiC9V75KUFIfeWHmT3r2DVSO3dfdHDERA" + + "jFIAioMLjhaX6DnODF5KQrABh7QmU2FpIFB1bGxhYmhvdGxhIDxwc2FpQG15" + + "amF2YXdvcmxkLmNvbT6wAwP//4kAVwQQEQIAFwUCQG19bwcLCQgHAwIKAhkB" + + "BRsDAAAAAAoJEKXQf/RT99uYmfAAoMKxV5g2owIfmy2w7vSLvOQUpvvOAJ4n" + + "jB6xJot523rPAQW9itPoGGekirABZ7kCDQRAbX1vEAgA9kJXtwh/CBdyorrW" + + "qULzBej5UxE5T7bxbrlLOCDaAadWoxTpj0BV89AHxstDqZSt90xkhkn4DIO9" + + "ZekX1KHTUPj1WV/cdlJPPT2N286Z4VeSWc39uK50T8X8dryDxUcwYc58yWb/" + + "Ffm7/ZFexwGq01uejaClcjrUGvC/RgBYK+X0iP1YTknbzSC0neSRBzZrM2w4" + + "DUUdD3yIsxx8Wy2O9vPJI8BD8KVbGI2Ou1WMuF040zT9fBdXQ6MdGGzeMyEs" + + "tSr/POGxKUAYEY18hKcKctaGxAMZyAcpesqVDNmWn6vQClCbAkbTCD1mpF1B" + + "n5x8vYlLIhkmuquiXsNV6TILOwACAgf9F7/nJHDayJ3pBVTTVSq2g5WKUXMg" + + "xxGKTvOahiVRcbO03w0pKAkH85COakVfe56sMYpWRl36adjNoKOxaciow74D" + + "1R5snY/hv/kBXPBkzo4UMkbANIVaZ0IcnLp+rkkXcDVbRCibZf8FfCY1zXbq" + + "d680UtEgRbv1D8wFBqfMt7kLsuf9FnIw6vK4DU06z5ZDg25RHGmswaDyY6Mw" + + "NGCrKGbHf9I/T7MMuhGF/in8UU8hv8uREOjseOqklG3/nsI1hD/MdUC7fzXi" + + "MRO4RvahLoeXOuaDkMYALdJk5nmNuCL1YPpbFGttI3XsK7UrP/Fhd8ND6Nro" + + "wCqrN6keduK+uLABh4kATAQYEQIADAUCQG19bwUbDAAAAAAKCRCl0H/0U/fb" + + "mC/0AJ4r1yvyu4qfOXlDgmVuCsvHFWo63gCfRIrCB2Jv/N1cgpmq0L8LGHM7" + + "G/KwAWeZAQ0EQG19owEIAMnavLYqR7ffaDPbbq+lQZvLCK/3uA0QlyngNyTa" + + "sDW0WC1/ryy2dx7ypOOCicjnPYfg3LP5TkYAGoMjxH5+xzM6xfOR+8/EwK1z" + + "N3A5+X/PSBDlYjQ9dEVKrvvc7iMOp+1K1VMf4Ug8Yah22Ot4eLGP0HRCXiv5" + + "vgdBNsAl/uXnBJuDYQmLrEniqq/6UxJHKHxZoS/5p13Cq7NfKB1CJCuJXaCE" + + "TW2do+cDpN6r0ltkF/r+ES+2L7jxyoHcvQ4YorJoDMlAN6xpIZQ8dNaTYP/n" + + "Mx/pDS3shUzbU+UYPQrreJLMF1pD+YWP5MTKaZTo+U/qPjDFGcadInhPxvh3" + + "1ssAEQEAAbABh7QuU2FuZGh5YSBQdWxsYWJob3RsYSA8cHNhbmRoeWFAbXlq" + + "YXZhd29ybGQuY29tPrADA///iQEtBBABAgAXBQJAbX2jBwsJCAcDAgoCGQEF" + + "GwMAAAAACgkQx87DL9gOvoeVUwgAkQXYiF0CxhKbDnuabAssnOEwJrutgCRO" + + "CJRQvIwTe3fe6hQaWn2Yowt8OQtNFiR8GfAY6EYxyFLKzZbAI/qtq5fHmN3e" + + "RSyNWe6d6e17hqZZL7kf2sVkyGTChHj7Jiuo7vWkdqT2MJN6BW5tS9CRH7Me" + + "D839STv+4mAAO9auGvSvicP6UEQikAyCy/ihoJxLQlspfbSNpi0vrUjCPT7N" + + "tWwfP0qF64i9LYkjzLqihnu+UareqOPhXcWnyFKrjmg4ezQkweNU2pdvCLbc" + + "W24FhT92ivHgpLyWTswXcqjhFjVlRr0+2sIz7v1k0budCsJ7PjzOoH0hJxCv" + + "sJQMlZR/e7ABZ7kBDQRAbX2kAQgAm5j+/LO2M4pKm/VUPkYuj3eefHkzjM6n" + + "KbvRZX1Oqyf+6CJTxQskUWKAtkzzKafPdS5Wg0CMqeXov+EFod4bPEYccszn" + + "cKd1U8NRwacbEpCvvvB84Yl2YwdWpDpkryyyLI4PbCHkeuwx9Dc2z7t4XDB6" + + "FyAJTMAkia7nzYa/kbeUO3c2snDb/dU7uyCsyKtTZyTyhTgtl/f9L03Bgh95" + + "y3mOUz0PimJ0Sg4ANczF4d04BpWkjLNVJi489ifWodPlHm1hag5drYekYpWJ" + + "+3g0uxs5AwayV9BcOkPKb1uU3EoYQw+nn0Kn314Nvx2M1tKYunuVNLEm0PhA" + + "/+B8PTq8BQARAQABsAGHiQEiBBgBAgAMBQJAbX2kBRsMAAAAAAoJEMfOwy/Y" + + "Dr6HkLoH/RBY8lvUv1r8IdTs5/fN8e/MnGeThLl+JrlYF/4t3tjXYIf5xUj/" + + "c9NdjreKYgHfMtrbVM08LlxUVQlkjuF3DIk5bVH9Blq8aXmyiwiM5GrCry+z" + + "WiqkpZze1G577C38mMJbHDwbqNCLALMzo+W2q04Avl5sniNnDNGbGz9EjhRg" + + "o7oS16KkkD6Ls4RnHTEZ0vyZOXodDHu+sk/2kzj8K07kKaM8rvR7aDKiI7HH" + + "1GxJz70fn1gkKuV2iAIIiU25bty+S3wr+5h030YBsUZF1qeKCdGOmpK7e9Of" + + "yv9U7rf6Z5l8q+akjqLZvej9RnxeH2Um7W+tGg2me482J+z6WOawAWc="); + + private static readonly byte[] sec2 = Base64.Decode( + "lQHpBEBtfW8RBADfWjTxFedIbGBNVgh064D/OCf6ul7x4PGsCl+BkAyheYkr" + + "mVUsChmBKoeXaY+Fb85wwusXzyM/6JFK58Rg+vEb3Z19pue8Ixxq7cRtCtOA" + + "tOP1eKXLNtTRWJutvLkQmeOa19UZ6ziIq23aWuWKSq+KKMWek2GUnGycnx5M" + + "W0pn1QCg/39r9RKhY9cdKYqRcqsr9b2B/AsD/Ru24Q15Jmrsl9zZ6EC47J49" + + "iNW5sLQx1qf/mgfVWQTmU2j6gq4ND1OuK7+0OP/1yMOUpkjjcqxFgTnDAAoM" + + "hHDTzCv/aZzIzmMvgLsYU3aIMfbz+ojpuASMCMh+te01cEMjiPWwDtdWWOdS" + + "OSyX9ylzhO3PiNDks8R83onsacYpA/9WhTcg4bvkjaj66I7wGZkm3BmTxNSb" + + "pE4b5HZDh31rRYhY9tmrryCfFnU4BS2Enjj5KQe9zFv7pUBCBW2oFo8i8Osn" + + "O6fa1wVN4fBHC6wqWmmpnkFerNPkiC9V75KUFIfeWHmT3r2DVSO3dfdHDERA" + + "jFIAioMLjhaX6DnODF5KQv4JAwIJH6A/rzqmMGAG4e+b8Whdvp8jaTGVT4CG" + + "M1b65rbiDyAuf5KTFymQBOIi9towgFzG9NXAZC07nEYSukN56tUTUDNVsAGH" + + "tCZTYWkgUHVsbGFiaG90bGEgPHBzYWlAbXlqYXZhd29ybGQuY29tPrADA///" + + "iQBXBBARAgAXBQJAbX1vBwsJCAcDAgoCGQEFGwMAAAAACgkQpdB/9FP325iZ" + + "8ACgwrFXmDajAh+bLbDu9Iu85BSm+84AnieMHrEmi3nbes8BBb2K0+gYZ6SK" + + "sAFnnQJqBEBtfW8QCAD2Qle3CH8IF3KiutapQvMF6PlTETlPtvFuuUs4INoB" + + "p1ajFOmPQFXz0AfGy0OplK33TGSGSfgMg71l6RfUodNQ+PVZX9x2Uk89PY3b" + + "zpnhV5JZzf24rnRPxfx2vIPFRzBhznzJZv8V+bv9kV7HAarTW56NoKVyOtQa" + + "8L9GAFgr5fSI/VhOSdvNILSd5JEHNmszbDgNRR0PfIizHHxbLY7288kjwEPw" + + "pVsYjY67VYy4XTjTNP18F1dDox0YbN4zISy1Kv884bEpQBgRjXyEpwpy1obE" + + "AxnIByl6ypUM2Zafq9AKUJsCRtMIPWakXUGfnHy9iUsiGSa6q6Jew1XpMgs7" + + "AAICB/0Xv+ckcNrInekFVNNVKraDlYpRcyDHEYpO85qGJVFxs7TfDSkoCQfz" + + "kI5qRV97nqwxilZGXfpp2M2go7FpyKjDvgPVHmydj+G/+QFc8GTOjhQyRsA0" + + "hVpnQhycun6uSRdwNVtEKJtl/wV8JjXNdup3rzRS0SBFu/UPzAUGp8y3uQuy" + + "5/0WcjDq8rgNTTrPlkODblEcaazBoPJjozA0YKsoZsd/0j9Pswy6EYX+KfxR" + + "TyG/y5EQ6Ox46qSUbf+ewjWEP8x1QLt/NeIxE7hG9qEuh5c65oOQxgAt0mTm" + + "eY24IvVg+lsUa20jdewrtSs/8WF3w0Po2ujAKqs3qR524r64/gkDAmmp39NN" + + "U2pqYHokufIOab2VpD7iQo8UjHZNwR6dpjyky9dVfIe4MA0H+t0ju8UDdWoe" + + "IkRu8guWsI83mjGPbIq8lmsZOXPCA8hPuBmL0iaj8TnuotmsBjIBsAGHiQBM" + + "BBgRAgAMBQJAbX1vBRsMAAAAAAoJEKXQf/RT99uYL/QAnivXK/K7ip85eUOC" + + "ZW4Ky8cVajreAJ9EisIHYm/83VyCmarQvwsYczsb8rABZ5UDqARAbX2jAQgA" + + "ydq8tipHt99oM9tur6VBm8sIr/e4DRCXKeA3JNqwNbRYLX+vLLZ3HvKk44KJ" + + "yOc9h+Dcs/lORgAagyPEfn7HMzrF85H7z8TArXM3cDn5f89IEOViND10RUqu" + + "+9zuIw6n7UrVUx/hSDxhqHbY63h4sY/QdEJeK/m+B0E2wCX+5ecEm4NhCYus" + + "SeKqr/pTEkcofFmhL/mnXcKrs18oHUIkK4ldoIRNbZ2j5wOk3qvSW2QX+v4R" + + "L7YvuPHKgdy9DhiismgMyUA3rGkhlDx01pNg/+czH+kNLeyFTNtT5Rg9Cut4" + + "kswXWkP5hY/kxMpplOj5T+o+MMUZxp0ieE/G+HfWywARAQABCWEWL2cKQKcm" + + "XFTNsWgRoOcOkKyJ/osERh2PzNWvOF6/ir1BMRsg0qhd+hEcoWHaT+7Vt12i" + + "5Y2Ogm2HFrVrS5/DlV/rw0mkALp/3cR6jLOPyhmq7QGwhG27Iy++pLIksXQa" + + "RTboa7ZasEWw8zTqa4w17M5Ebm8dtB9Mwl/kqU9cnIYnFXj38BWeia3iFBNG" + + "PD00hqwhPUCTUAcH9qQPSqKqnFJVPe0KQWpq78zhCh1zPUIa27CE86xRBf45" + + "XbJwN+LmjCuQEnSNlloXJSPTRjEpla+gWAZz90fb0uVIR1dMMRFxsuaO6aCF" + + "QMN2Mu1wR/xzTzNCiQf8cVzq7YkkJD8ChJvu/4BtWp3BlU9dehAz43mbMhaw" + + "Qx3NmhKR/2dv1cJy/5VmRuljuzC+MRtuIjJ+ChoTa9ubNjsT6BF5McRAnVzf" + + "raZK+KVWCGA8VEZwe/K6ouYLsBr6+ekCKIkGZdM29927m9HjdFwEFjnzQlWO" + + "NZCeYgDcK22v7CzobKjdo2wdC7XIOUVCzMWMl+ch1guO/Y4KVuslfeQG5X1i" + + "PJqV+bwJriCx5/j3eE/aezK/vtZU6cchifmvefKvaNL34tY0Myz2bOx44tl8" + + "qNcGZbkYF7xrNCutzI63xa2ruN1p3hNxicZV1FJSOje6+ITXkU5Jmufto7IJ" + + "t/4Q2dQefBQ1x/d0EdX31yK6+1z9dF/k3HpcSMb5cAWa2u2g4duAmREHc3Jz" + + "lHCsNgyzt5mkb6kS43B6og8Mm2SOx78dBIOA8ANzi5B6Sqk3/uN5eQFLY+sQ" + + "qGxXzimyfbMjyq9DdqXThx4vlp3h/GC39KxL5MPeB0oe6P3fSP3C2ZGjsn3+" + + "XcYk0Ti1cBwBOFOZ59WYuc61B0wlkiU/WGeaebABh7QuU2FuZGh5YSBQdWxs" + + "YWJob3RsYSA8cHNhbmRoeWFAbXlqYXZhd29ybGQuY29tPrADA///iQEtBBAB" + + "AgAXBQJAbX2jBwsJCAcDAgoCGQEFGwMAAAAACgkQx87DL9gOvoeVUwgAkQXY" + + "iF0CxhKbDnuabAssnOEwJrutgCROCJRQvIwTe3fe6hQaWn2Yowt8OQtNFiR8" + + "GfAY6EYxyFLKzZbAI/qtq5fHmN3eRSyNWe6d6e17hqZZL7kf2sVkyGTChHj7" + + "Jiuo7vWkdqT2MJN6BW5tS9CRH7MeD839STv+4mAAO9auGvSvicP6UEQikAyC" + + "y/ihoJxLQlspfbSNpi0vrUjCPT7NtWwfP0qF64i9LYkjzLqihnu+UareqOPh" + + "XcWnyFKrjmg4ezQkweNU2pdvCLbcW24FhT92ivHgpLyWTswXcqjhFjVlRr0+" + + "2sIz7v1k0budCsJ7PjzOoH0hJxCvsJQMlZR/e7ABZ50DqARAbX2kAQgAm5j+" + + "/LO2M4pKm/VUPkYuj3eefHkzjM6nKbvRZX1Oqyf+6CJTxQskUWKAtkzzKafP" + + "dS5Wg0CMqeXov+EFod4bPEYccszncKd1U8NRwacbEpCvvvB84Yl2YwdWpDpk" + + "ryyyLI4PbCHkeuwx9Dc2z7t4XDB6FyAJTMAkia7nzYa/kbeUO3c2snDb/dU7" + + "uyCsyKtTZyTyhTgtl/f9L03Bgh95y3mOUz0PimJ0Sg4ANczF4d04BpWkjLNV" + + "Ji489ifWodPlHm1hag5drYekYpWJ+3g0uxs5AwayV9BcOkPKb1uU3EoYQw+n" + + "n0Kn314Nvx2M1tKYunuVNLEm0PhA/+B8PTq8BQARAQABCXo6bD6qi3s4U8Pp" + + "Uf9l3DyGuwiVPGuyb2P+sEmRFysi2AvxMe9CkF+CLCVYfZ32H3Fcr6XQ8+K8" + + "ZGH6bJwijtV4QRnWDZIuhUQDS7dsbGqTh4Aw81Fm0Bz9fpufViM9RPVEysxs" + + "CZRID+9jDrACthVsbq/xKomkKdBfNTK7XzGeZ/CBr9F4EPlnBWClURi9txc0" + + "pz9YP5ZRy4XTFgx+jCbHgKWUIz4yNaWQqpSgkHEDrGZwstXeRaaPftcfQN+s" + + "EO7OGl/Hd9XepGLez4vKSbT35CnqTwMzCK1IwUDUzyB4BYEFZ+p9TI18HQDW" + + "hA0Wmf6E8pjS16m/SDXoiRY43u1jUVZFNFzz25uLFWitfRNHCLl+VfgnetZQ" + + "jMFr36HGVQ65fogs3avkgvpgPwDc0z+VMj6ujTyXXgnCP/FdhzgkRFJqgmdJ" + + "yOlC+wFmZJEs0MX7L/VXEXdpR27XIGYm24CC7BTFKSdlmR1qqenXHmCCg4Wp" + + "00fV8+aAsnesgwPvxhCbZQVp4v4jqhVuB/rvsQu9t0rZnKdDnWeom/F3StYo" + + "A025l1rrt0wRP8YS4XlslwzZBqgdhN4urnzLH0/F3X/MfjP79Efj7Zk07vOH" + + "o/TPjz8lXroPTscOyXWHwtQqcMhnVsj9jvrzhZZSdUuvnT30DR7b8xcHyvAo" + + "WG2cnF/pNSQX11RlyyAOlw9TOEiDJ4aLbFdkUt+qZdRKeC8mEC2xsQ87HqFR" + + "pWKWABWaoUO0nxBEmvNOy97PkIeGVFNHDLlIeL++Ry03+JvuNNg4qAnwacbJ" + + "TwQzWP4vJqre7Gl/9D0tVlD4Yy6Xz3qyosxdoFpeMSKHhgKVt1bk0SQP7eXA" + + "C1c+eDc4gN/ZWpl+QLqdk2T9vr4wRAaK5LABh4kBIgQYAQIADAUCQG19pAUb" + + "DAAAAAAKCRDHzsMv2A6+h5C6B/0QWPJb1L9a/CHU7Of3zfHvzJxnk4S5fia5" + + "WBf+Ld7Y12CH+cVI/3PTXY63imIB3zLa21TNPC5cVFUJZI7hdwyJOW1R/QZa" + + "vGl5sosIjORqwq8vs1oqpKWc3tRue+wt/JjCWxw8G6jQiwCzM6PltqtOAL5e" + + "bJ4jZwzRmxs/RI4UYKO6EteipJA+i7OEZx0xGdL8mTl6HQx7vrJP9pM4/CtO" + + "5CmjPK70e2gyoiOxx9RsSc+9H59YJCrldogCCIlNuW7cvkt8K/uYdN9GAbFG" + + "RdanignRjpqSu3vTn8r/VO63+meZfKvmpI6i2b3o/UZ8Xh9lJu1vrRoNpnuP" + + "Nifs+ljmsAFn"); + + private static readonly char[] sec2pass1 = "sandhya".ToCharArray(); + private static readonly char[] sec2pass2 = "psai".ToCharArray(); + + private static readonly byte[] pub3 = Base64.Decode( + "mQGiBEB9BH0RBACtYQtE7tna6hgGyGLpq+ds3r2cLC0ISn5dNw7tm9vwiNVF" + + "JA2N37RRrifw4PvgelRSvLaX3M3ZBqC9s1Metg3v4FSlIRtSLWCNpHSvNw7i" + + "X8C2Xy9Hdlbh6Y/50o+iscojLRE14upfR1bIkcCZQGSyvGV52V2wBImUUZjV" + + "s2ZngwCg7mu852vK7+euz4WaL7ERVYtq9CMEAJ5swrljerDpz/RQ4Lhp6KER" + + "KyuI0PUttO57xINGshEINgYlZdGaZHRueHe7uKfI19mb0T4N3NJWaZ0wF+Cn" + + "rixsq0VrTUfiwfZeGluNG73aTCeY45fVXMGTTSYXzS8T0LW100Xn/0g9HRyA" + + "xUpuWo8IazxkMqHJis2uwriYKpAfA/9anvj5BS9p5pfPjp9dGM7GTMIYl5f2" + + "fcP57f+AW1TVR6IZiMJAvAdeWuLtwLnJiFpGlnFz273pfl+sAuqm1yNceImR" + + "2SDDP4+vtyycWy8nZhgEuhZx3W3cWMQz5WyNJSY1JJHh9TCQkCoN8E7XpVP4" + + "zEPboB2GzD93mfD8JLHP+7QtVGVzdCBLZXkgKG5vIGNvbW1lbnQpIDx0ZXN0" + + "QGJvdW5jeWNhc3RsZS5vcmc+iFkEExECABkFAkB9BH0ECwcDAgMVAgMDFgIB" + + "Ah4BAheAAAoJEKnMV8vjZQOpSRQAnidAQswYkrXQAFcLBzhxQTknI9QMAKDR" + + "ryV3l6xuCCgHST8JlxpbjcXhlLACAAPRwXPBcQEQAAEBAAAAAAAAAAAAAAAA" + + "/9j/4AAQSkZJRgABAQEASABIAAD//gAXQ3JlYXRlZCB3aXRoIFRoZSBHSU1Q" + + "/9sAQwAIBgYHBgUIBwcHCQkICgwUDQwLCwwZEhMPFB0aHx4dGhwcICQuJyAi" + + "LCMcHCg3KSwwMTQ0NB8nOT04MjwuMzQy/9sAQwEJCQkMCwwYDQ0YMiEcITIy" + + "MjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIy" + + "MjIy/8AAEQgAFAAUAwEiAAIRAQMRAf/EABoAAQACAwEAAAAAAAAAAAAAAAAE" + + "BQIDBgf/xAAoEAABAgUDBAEFAAAAAAAAAAABAgMABBEhMQUSQQYTIiNhFFGB" + + "kcH/xAAXAQEAAwAAAAAAAAAAAAAAAAAEAgMF/8QAJBEAAQQAAwkAAAAAAAAA" + + "AAAAAQACERIEIfATMTJBUZGx0fH/2gAMAwEAAhEDEQA/APMuotJlJVxstqaP" + + "o22NlAUp+YsNO0qSUtBcMu6n6EtOHcfPAHHFI16++oajQtTA3DapK02HFR8U" + + "pE9pTbQWtKm2WG2rlxVyQTcfGbn7Qm0OIjL77Wrs2NNm9lzTmmSxQ0PX4opS" + + "prk5tmESF6syggzGwOLG6gXgHFbZhBixk8XlIDcOQLRKt+rX+3qC5ZLTQblp" + + "Qlvwvxn9CMpZturVGkJHapQJphRH8hCLXbzrqpYsCx1zC5rtpJNuYQhASc0U" + + "AQv/2YhcBBMRAgAcBQJAfQV+AhsDBAsHAwIDFQIDAxYCAQIeAQIXgAAKCRCp" + + "zFfL42UDqfa2AJ9hjtEeDTbTEAuuSbzhYFxN/qc0FACgsmzysdbBpuN65yK0" + + "1tbEaeIMtqCwAgADuM0EQH0EfhADAKpG5Y6vGbm//xZYG08RRmdi67dZjF59" + + "Eqfo43mRrliangB8qkqoqqf3za2OUbXcZUQ/ajDXUvjJAoY2b5XJURqmbtKk" + + "wPRIeD2+wnKABat8wmcFhZKATX1bqjdyRRGxawADBgMAoMJKJLELdnn885oJ" + + "6HDmIez++ZWTlafzfUtJkQTCRKiE0NsgSvKJr/20VdK3XUA/iy0m1nQwfzv/" + + "okFuIhEPgldzH7N/NyEvtN5zOv/TpAymFKewAQ26luEu6l+lH4FsiEYEGBEC" + + "AAYFAkB9BH4ACgkQqcxXy+NlA6mtMgCgtQMFBaKymktM+DQmCgy2qjW7WY0A" + + "n3FaE6UZE9GMDmCIAjhI+0X9aH6CsAIAAw=="); + + private static readonly byte[] sec3 = Base64.Decode( + "lQHhBEB9BH0RBACtYQtE7tna6hgGyGLpq+ds3r2cLC0ISn5dNw7tm9vwiNVF" + + "JA2N37RRrifw4PvgelRSvLaX3M3ZBqC9s1Metg3v4FSlIRtSLWCNpHSvNw7i" + + "X8C2Xy9Hdlbh6Y/50o+iscojLRE14upfR1bIkcCZQGSyvGV52V2wBImUUZjV" + + "s2ZngwCg7mu852vK7+euz4WaL7ERVYtq9CMEAJ5swrljerDpz/RQ4Lhp6KER" + + "KyuI0PUttO57xINGshEINgYlZdGaZHRueHe7uKfI19mb0T4N3NJWaZ0wF+Cn" + + "rixsq0VrTUfiwfZeGluNG73aTCeY45fVXMGTTSYXzS8T0LW100Xn/0g9HRyA" + + "xUpuWo8IazxkMqHJis2uwriYKpAfA/9anvj5BS9p5pfPjp9dGM7GTMIYl5f2" + + "fcP57f+AW1TVR6IZiMJAvAdeWuLtwLnJiFpGlnFz273pfl+sAuqm1yNceImR" + + "2SDDP4+vtyycWy8nZhgEuhZx3W3cWMQz5WyNJSY1JJHh9TCQkCoN8E7XpVP4" + + "zEPboB2GzD93mfD8JLHP+/4DAwIvYrn+YqRaaGAu19XUj895g/GROyP8WEaU" + + "Bd/JNqWc4kE/0guetGnPzq7G3bLVwiKfFd4X7BrgHAo3mrQtVGVzdCBLZXkg" + + "KG5vIGNvbW1lbnQpIDx0ZXN0QGJvdW5jeWNhc3RsZS5vcmc+iFkEExECABkF" + + "AkB9BH0ECwcDAgMVAgMDFgIBAh4BAheAAAoJEKnMV8vjZQOpSRQAoKZy6YS1" + + "irF5/Q3JlWiwbkN6dEuLAJ9lldRLOlXsuQ5JW1+SLEc6K9ho4rACAADRwXPB" + + "cQEQAAEBAAAAAAAAAAAAAAAA/9j/4AAQSkZJRgABAQEASABIAAD//gAXQ3Jl" + + "YXRlZCB3aXRoIFRoZSBHSU1Q/9sAQwAIBgYHBgUIBwcHCQkICgwUDQwLCwwZ" + + "EhMPFB0aHx4dGhwcICQuJyAiLCMcHCg3KSwwMTQ0NB8nOT04MjwuMzQy/9sA" + + "QwEJCQkMCwwYDQ0YMiEcITIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIy" + + "MjIyMjIyMjIyMjIyMjIyMjIyMjIy/8AAEQgAFAAUAwEiAAIRAQMRAf/EABoA" + + "AQACAwEAAAAAAAAAAAAAAAAEBQIDBgf/xAAoEAABAgUDBAEFAAAAAAAAAAAB" + + "AgMABBEhMQUSQQYTIiNhFFGBkcH/xAAXAQEAAwAAAAAAAAAAAAAAAAAEAgMF" + + "/8QAJBEAAQQAAwkAAAAAAAAAAAAAAQACERIEIfATMTJBUZGx0fH/2gAMAwEA" + + "AhEDEQA/APMuotJlJVxstqaPo22NlAUp+YsNO0qSUtBcMu6n6EtOHcfPAHHF" + + "I16++oajQtTA3DapK02HFR8UpE9pTbQWtKm2WG2rlxVyQTcfGbn7Qm0OIjL7" + + "7Wrs2NNm9lzTmmSxQ0PX4opSprk5tmESF6syggzGwOLG6gXgHFbZhBixk8Xl" + + "IDcOQLRKt+rX+3qC5ZLTQblpQlvwvxn9CMpZturVGkJHapQJphRH8hCLXbzr" + + "qpYsCx1zC5rtpJNuYQhASc0UAQv/2YhcBBMRAgAcBQJAfQV+AhsDBAsHAwID" + + "FQIDAxYCAQIeAQIXgAAKCRCpzFfL42UDqfa2AJ9hjtEeDTbTEAuuSbzhYFxN" + + "/qc0FACgsmzysdbBpuN65yK01tbEaeIMtqCwAgAAnQEUBEB9BH4QAwCqRuWO" + + "rxm5v/8WWBtPEUZnYuu3WYxefRKn6ON5ka5Ymp4AfKpKqKqn982tjlG13GVE" + + "P2ow11L4yQKGNm+VyVEapm7SpMD0SHg9vsJygAWrfMJnBYWSgE19W6o3ckUR" + + "sWsAAwYDAKDCSiSxC3Z5/POaCehw5iHs/vmVk5Wn831LSZEEwkSohNDbIEry" + + "ia/9tFXSt11AP4stJtZ0MH87/6JBbiIRD4JXcx+zfzchL7Teczr/06QMphSn" + + "sAENupbhLupfpR+BbP4DAwIvYrn+YqRaaGBjvFK1fbxCt7ZM4I2W/3BC0lCX" + + "m/NypKNspGflec8u96uUlA0fNCnxm6f9nbB0jpvoKi0g4iqAf+P2iEYEGBEC" + + "AAYFAkB9BH4ACgkQqcxXy+NlA6mtMgCgvccZA/Sg7BXVpxli47SYhxSHoM4A" + + "oNCOMplSnYTuh5ikKeBWtz36gC1psAIAAA=="); + + private static readonly char[] sec3pass1 = "123456".ToCharArray(); + + // + // GPG comment packets. + // + private static readonly byte[] sec4 = Base64.Decode( + "lQG7BD0PbK8RBAC0cW4Y2MZXmAmqYp5Txyw0kSQsFvwZKHNMFRv996IsN57URVF5" + + "BGMVPRBi9dNucWbjiSYpiYN13wE9IuLZsvVaQojV4XWGRDc+Rxz9ElsXnsYQ3mZU" + + "7H1bNQEofstChk4z+dlvPBN4GFahrIzn/CeVUn6Ut7dVdYbiTqviANqNXwCglfVA" + + "2OEePvqFnGxs1jhJyPSOnTED/RwRvsLH/k43mk6UEvOyN1RIpBXN+Ieqs7h1gFrQ" + + "kB+WMgeP5ZUsotTffVDSUS9UMxRQggVUW1Xml0geGwQsNfkr/ztWMs/T4xp1v5j+" + + "QyJx6OqNlkGdqOsoqkzJx0SQ1zBxdinFyyC4H95SDAb/RQOu5LQmxFG7quexztMs" + + "infEA/9cVc9+qCo92yRAaXRqKNVVQIQuPxeUsGMyVeJQvJBD4An8KTMCdjpF10Cp" + + "qA3t+n1S0zKr5WRUtvS6y60MOONO+EJWVWBNkx8HJDaIMNkfoqQoz3Krn7w6FE/v" + + "/5uwMd6jY3N3yJZn5nDZT9Yzv9Nx3j+BrY+henRlSU0c6xDc9QAAnjJYg0Z83VJG" + + "6HrBcgc4+4K6lHulCqH9JiM6RFNBX2ZhY3RvcjoAAK9hV206agp99GI6x5qE9+pU" + + "vs6O+Ich/SYjOkRTQV9mYWN0b3I6AACvYAfGn2FGrpBYbjnpTuFOHJMS/T5xg/0m" + + "IzpEU0FfZmFjdG9yOgAAr0dAQz6XxMwxWIn8xIZR/v2iN2L9C6O0EkZvbyBCYXIg" + + "PGJhekBxdXV4PohXBBMRAgAXBQI9D2yvBQsHCgMEAxUDAgMWAgECF4AACgkQUGLI" + + "YCIktfoGogCfZiXMJUKrScqozv5tMwzTTk2AaT8AniM5iRr0Du/Y08SL/NMhtF6H" + + "hJ89nO4EPQ9ssRADAI6Ggxj6ZBfoavuXd/ye99osW8HsNlbqhXObu5mCMNySX2wa" + + "HoWyRUEaUkI9eQw+MlHzIwzA32E7y2mU3OQBKdgLcBg4jxtcWVEg8ESKF9MpFXxl" + + "pExxWrr4DFBfCRcsTwAFEQL9G3OvwJuEZXgx2JSS41D3pG4/qiHYICVa0u3p/14i" + + "cq0kXajIk5ZJ6frCIAHIzuQ3n7jjzr05yR8s/qCrNbBA+nlkVNa/samk+jCzxxxa" + + "cR/Dbh2wkvTFuDFFETwQYLuZAADcDck4YGQAmHivVT2NNDCf/aTz0+CJWl+xRc2l" + + "Qw7D/SQjOkVMR19mYWN0b3I6AACbBnv9m5/bb/pjYAm2PtDp0CysQ9X9JCM6RUxH" + + "X2ZhY3RvcjoAAJsFyHnSmaWguTFf6lJ/j39LtUNtmf0kIzpFTEdfZmFjdG9yOgAA" + + "mwfwMD3LxmWtuCWBE9BptWMNH07Z/SQjOkVMR19mYWN0b3I6AACbBdhBrbSiM4UN" + + "y7khDW2Sk0e4v9mIRgQYEQIABgUCPQ9ssQAKCRBQYshgIiS1+jCMAJ9txwHnb1Kl" + + "6i/fSoDs8SkdM7w48wCdFvPEV0sSxE73073YhBgPZtMWbBo="); + + // + // PGP freeware version 7 + // + private static readonly byte[] pub5 = Base64.Decode( + "mQENBEBrBE4BCACjXVcNIFDQSofaIyZnALb2CRg+WY9uUqgHEEAOlPe03Cs5STM5" + + "HDlNmrh4TdFceJ46rxk1mQOjULES1YfHay8lCIzrD7FX4oj0r4DC14Fs1vXaSar2" + + "1szIpttOw3obL4A1e0p6N4jjsoG7N/pA0fEL0lSw92SoBrMbAheXRg4qNTZvdjOR" + + "grcuOuwgJRvPLtRXlhyLBoyhkd5mmrIDGv8QHJ/UjpeIcRXY9kn9oGXnEYcRbMaU" + + "VwXB4pLzWqz3ZejFI3lOxRWjm760puPOnGYlzSVBxlt2LgzUgSj1Mn+lIpWmAzsa" + + "xEiU4xUwEomQns72yYRZ6D3euNCibcte4SeXABEBAAG0KXBhbGFzaCBrYXNvZGhh" + + "biA8cGthc29kaGFuQHRpYWEtY3JlZi5vcmc+iQEuBBABAgAYBQJAawROCAsBAwkI" + + "BwIKAhkBBRsDAAAAAAoJEOfelumuiOrYqPEH+wYrdP5Tq5j+E5yN1pyCg1rwbSOt" + + "Dka0y0p7Oq/VIGLk692IWPItLEunnBXQtGBcWqklrvogvlhxtf16FgoyScfLJx1e" + + "1cJa+QQnVuH+VOESN6iS9Gp9lUfVOHv74mEMXw0l2Djfy/lnrkAMBatggyGnF9xF" + + "VXOLk1J2WVFm9KUE23o6qdB7RGkf31pN2eA7SWmkdJSkUH7o/QSFBI+UTRZ/IY5P" + + "ZIJpsdiIOqd9YMG/4RoSZuPqNRR6x7BSs8nQVR9bYs4PPlp4GfdRnOcRonoTeJCZ" + + "83RnsraWJnJTg34gRLBcqumhTuFKc8nuCNK98D6zkQESdcHLLTquCOaF5L+5AQ0E" + + "QGsETwEIAOVwNCTaDZvW4dowPbET1bI5UeYY8rAGLYsWSUfgaFv2srMiApyBVltf" + + "i6OLcPjcUCHDBjCv4pwx/C4qcHWb8av4xQIpqQXOpO9NxYE1eZnel/QB7DtH12ZO" + + "nrDNmHtaXlulcKNGe1i1utlFhgzfFx6rWkRL0ENmkTkaQmPY4gTGymJTUhBbsSRq" + + "2ivWqQA1TPwBuda73UgslIAHRd/SUaxjXoLpMbGOTeqzcKGjr5XMPTs7/YgBpWPP" + + "UxMlEQIiU3ia1bxpEhx05k97ceK6TSH2oCPQA7gumjxOSjKT+jEm+8jACVzymEmc" + + "XRy4D5Ztqkw/Z16pvNcu1DI5m6xHwr8AEQEAAYkBIgQYAQIADAUCQGsETwUbDAAA" + + "AAAKCRDn3pbprojq2EynB/4/cEOtKbI5UisUd3vkTzvWOcqWUqGqi5wjjioNtIM5" + + "pur2nFvhQE7SZ+PbAa87HRJU/4WcWMcoLkHD48JrQwHCHOLHSV5muYowb78X4Yh9" + + "epYtSJ0uUahcn4Gp48p4BkhgsPYXkxEImSYzAOWStv21/7WEMqItMYl89BV6Upm8" + + "HyTJx5MPTDbMR7X51hRg3OeQs6po3WTCWRzFIMyGm1rd/VK1L5ZDFPqO3S6YUJ0z" + + "cxecYruvfK0Wp7q834wE8Zkl/PQ3NhfEPL1ZiLr/L00Ty+77/FZqt8SHRCICzOfP" + + "OawcVGI+xHVXW6lijMpB5VaVIH8i2KdBMHXHtduIkPr9"); + + private static readonly byte[] sec5 = Base64.Decode( + "lQOgBEBrBE4BCACjXVcNIFDQSofaIyZnALb2CRg+WY9uUqgHEEAOlPe03Cs5STM5" + + "HDlNmrh4TdFceJ46rxk1mQOjULES1YfHay8lCIzrD7FX4oj0r4DC14Fs1vXaSar2" + + "1szIpttOw3obL4A1e0p6N4jjsoG7N/pA0fEL0lSw92SoBrMbAheXRg4qNTZvdjOR" + + "grcuOuwgJRvPLtRXlhyLBoyhkd5mmrIDGv8QHJ/UjpeIcRXY9kn9oGXnEYcRbMaU" + + "VwXB4pLzWqz3ZejFI3lOxRWjm760puPOnGYlzSVBxlt2LgzUgSj1Mn+lIpWmAzsa" + + "xEiU4xUwEomQns72yYRZ6D3euNCibcte4SeXABEBAAEB8wqP7JkKN6oMNi1xJNqU" + + "vvt0OV4CCnrIFiOPCjebjH/NC4T/9pJ6BYSjYdo3VEPNhPhRS9U3071Kqbdt35J5" + + "kmzMq1yNStC1jkxHRCNTMsb1yIEY1v+fv8/Cy+tBpvAYiJKaox8jW3ppi9vTHZjW" + + "tYYq0kwAVojMovz1O3wW/pEF69UPBmPYsze+AHA1UucYYqdWO8U2tsdFJET/hYpe" + + "o7ppHJJCdqWzeiE1vDUrih9pP3MPpzcRS/gU7HRDb5HbfP7ghSLzByEa+2mvg5eK" + + "eLwNAx2OUtrVg9rJswXX7DOLa1nKPhdGrSV/qwuK4rBdaqJ/OvszVJ0Vln0T/aus" + + "it1PAuVROLUPqTVVN8/zkMenFbf5vtryC3GQYXvvZq+l3a4EXwrR/1pqrTfnfOuD" + + "GwlFhRJAqPfthxZS68/xC8qAmTtkl7j4nscNM9kSoZ3BFwSyD9B/vYHPWGlqnpGF" + + "k/hBXuIgl07KIeNIyEC3f1eRyaiMFqEz5yXbbTfEKirSVpHM/mpeKxG8w96aK3Je" + + "AV0X6ZkC4oLTp6HCG2TITUIeNxCh2rX3fhr9HvBDXBbMHgYlIcLwzNkwDX74cz/7" + + "nIclcubaWjEkDHP20XFicuChFc9zx6kBYuYy170snltTBgTWSuRH15W4NQqrLo37" + + "zyzZQubX7CObgQJu4ahquiOg4SWl6uEI7+36U0SED7sZzw8ns1LxrwOWbXuHie1i" + + "xCvsJ4RpJJ03iEdNdUIb77qf6AriqE92tXzcVXToBv5S2K5LdFYNJ1rWdwaKJRkt" + + "kmjCL67KM9WT/IagsUyU+57ao3COtqw9VWZi6ev+ubM6fIV0ZK46NEggOLph1hi2" + + "gZ9ew9uVuruYg7lG2Ku82N0fjrQpcGFsYXNoIGthc29kaGFuIDxwa2Fzb2RoYW5A" + + "dGlhYS1jcmVmLm9yZz6dA6AEQGsETwEIAOVwNCTaDZvW4dowPbET1bI5UeYY8rAG" + + "LYsWSUfgaFv2srMiApyBVltfi6OLcPjcUCHDBjCv4pwx/C4qcHWb8av4xQIpqQXO" + + "pO9NxYE1eZnel/QB7DtH12ZOnrDNmHtaXlulcKNGe1i1utlFhgzfFx6rWkRL0ENm" + + "kTkaQmPY4gTGymJTUhBbsSRq2ivWqQA1TPwBuda73UgslIAHRd/SUaxjXoLpMbGO" + + "TeqzcKGjr5XMPTs7/YgBpWPPUxMlEQIiU3ia1bxpEhx05k97ceK6TSH2oCPQA7gu" + + "mjxOSjKT+jEm+8jACVzymEmcXRy4D5Ztqkw/Z16pvNcu1DI5m6xHwr8AEQEAAQF7" + + "osMrvQieBAJFYY+x9jKPVclm+pVaMaIcHKwCTv6yUZMqbHNRTfwdCVKTdAzdlh5d" + + "zJNXXRu8eNwOcfnG3WrWAy59cYE389hA0pQPOh7iL2V1nITf1qdLru1HJqqLC+dy" + + "E5GtkNcgvQYbv7ACjQacscvnyBioYC6TATtPnHipMO0S1sXEnmUugNlW88pDln4y" + + "VxCtQXMBjuqMt0bURqmb+RoYhHhoCibo6sexxSnbEAPHBaW1b1Rm7l4UBSW6S5U0" + + "MXURE60IHfP1TBe1l/xOIxOi8qdBQCyaFW2up00EhRBy/WOO6KAYXQrRRpOs9TBq" + + "ic2wquwZePmErTbIttnnBcAKmpodrM/JBkn/we5fVg+FDTP8sM/Ubv0ZuM70aWmF" + + "v0/ZKbkCkh2YORLWl5+HR/RKShdkmmFgZZ5uzbOGxxEGKhw+Q3+QFUF7PmYOnOtv" + + "s9PZE3dV7ovRDoXIjfniD1+8sLUWwW5d+3NHAQnCHJrLnPx4sTHx6C0yWMcyZk6V" + + "fNHpLK4xDTbgoTmxJa/4l+wa0iD69h9K/Nxw/6+X/GEM5w3d/vjlK1Da6urN9myc" + + "GMsfiIll5DNIWdLLxCBPFmhJy653CICQLY5xkycWB7JOZUBTOEVrYr0AbBZSTkuB" + + "fq5p9MfH4N51M5TWnwlJnqEiGnpaK+VDeP8GniwCidTYyiocNPvghvWIzG8QGWMY" + + "PFncRpjFxmcY4XScYYpyRme4qyPbJhbZcgGpfeLvFKBPmNxVKJ2nXTdx6O6EbHDj" + + "XctWqNd1EQas7rUN728u7bk8G7m37MGqQuKCpNvOScH4TnPROBY8get0G3bC4mWz" + + "6emPeENnuyElfWQiHEtCZr1InjnNbb/C97O+vWu9PfsE"); + + private static readonly char[] sec5pass1 = "12345678".ToCharArray(); + + // + // Werner Koch "odd keys" + // + private static readonly byte[] pub6 = Base64.Decode( + "mQGiBDWiHh4RBAD+l0rg5p9rW4M3sKvmeyzhs2mDxhRKDTVVUnTwpMIR2kIA9pT4" + + "3No/coPajDvhZTaDM/vSz25IZDZWJ7gEu86RpoEdtr/eK8GuDcgsWvFs5+YpCDwW" + + "G2dx39ME7DN+SRvEE1xUm4E9G2Nnd2UNtLgg82wgi/ZK4Ih9CYDyo0a9awCgisn3" + + "RvZ/MREJmQq1+SjJgDx+c2sEAOEnxGYisqIKcOTdPOTTie7o7x+nem2uac7uOW68" + + "N+wRWxhGPIxsOdueMIa7U94Wg/Ydn4f2WngJpBvKNaHYmW8j1Q5zvZXXpIWRXSvy" + + "TR641BceGHNdYiR/PiDBJsGQ3ac7n7pwhV4qex3IViRDJWz5Dzr88x+Oju63KtxY" + + "urUIBACi7d1rUlHr4ok7iBRlWHYXU2hpUIQ8C+UOE1XXT+HB7mZLSRONQnWMyXnq" + + "bAAW+EUUX2xpb54CevAg4eOilt0es8GZMmU6c0wdUsnMWWqOKHBFFlDIvyI27aZ9" + + "quf0yvby63kFCanQKc0QnqGXQKzuXbFqBYW2UQrYgjXji8rd8bQnV2VybmVyIEtv" + + "Y2ggKGdudXBnIHNpZykgPGRkOWpuQGdudS5vcmc+iGUEExECAB0FAjZVoKYFCQht" + + "DIgDCwQDBRUDAgYBAxYCAQIXgAASCRBot6uJV1SNzQdlR1BHAAEBLj4AoId15gcy" + + "YpBX2YLtEQTlXPp3mtEGAJ9UxzJE/t3EHCHK2bAIOkBwIW8ItIkBXwMFEDWiHkMD" + + "bxG4/z6qCxADYzIFHR6I9Si9gzPQNRcFs2znrTp5pV5Mk6f1aqRgZxL3E4qUZ3xe" + + "PQhwAo3fSy3kCwLmFGqvzautSMHn8K5V1u+T5CSHqLFYKqj5FGtuB/xwoKDXH6UO" + + "P0+l5IP8H1RTjme3Fhqahec+zPG3NT57vc2Ru2t6PmuAwry2BMuSFMBs7wzXkyC3" + + "DbI54MV+IKPjHMORivK8uI8jmna9hdNVyBifCk1GcxkHBSCFvU8xJePsA/Q//zCe" + + "lvrnrIiMfY4CQTmKzke9MSzbAZQIRddgrGAsiX1tE8Z3YMd8lDpuujHLVEdWZo6s" + + "54OJuynHrtFFObdapu0uIrT+dEXSASMUbEuNCLL3aCnrEtGJCwxB2TPQvCCvR2BK" + + "zol6MGWxA+nmddeQib2r+GXoKXLdnHcpsAjA7lkXk3IFyJ7MLFK6uDrjGbGJs2FK" + + "SduUjS/Ib4hGBBARAgAGBQI1oic8AAoJEGx+4bhiHMATftYAn1fOaKDUOt+dS38r" + + "B+CJ2Q+iElWJAKDRPpp8q5GylbM8DPlMpClWN3TYqYhGBBARAgAGBQI27U5sAAoJ" + + "EF3iSZZbA1iiarYAn35qU3ZOlVECELE/3V6q98Q30eAaAKCtO+lacH0Qq1E6v4BP" + + "/9y6MoLIhohiBBMRAgAiAhsDBAsHAwIDFQIDAxYCAQIeAQIXgAUCP+mCaQUJDDMj" + + "ywAKCRBot6uJV1SNzaLvAJwLsPV1yfc2D+yT+2W11H/ftNMDvwCbBweORhCb/O/E" + + "Okg2UTXJBR4ekoCIXQQTEQIAHQMLBAMFFQMCBgEDFgIBAheABQI/6YJzBQkMMyPL" + + "AAoJEGi3q4lXVI3NgroAn2Z+4KgVo2nzW72TgCJwkAP0cOc2AJ0ZMilsOWmxmEG6" + + "B4sHMLkB4ir4GIhdBBMRAgAdAwsEAwUVAwIGAQMWAgECF4AFAj/pgnMFCQwzI8sA" + + "CgkQaLeriVdUjc2CugCfRrOIfllp3mSmGpHgIxvg5V8vtMcAn0BvKVehOn+12Yvn" + + "9BCHfg34jUZbiF0EExECAB0DCwQDBRUDAgYBAxYCAQIXgAUCP+mCcwUJDDMjywAK" + + "CRBot6uJV1SNzYK6AJ9x7R+daNIjkieNW6lJeVUIoj1UHgCeLZm025uULML/5DFs" + + "4tUvXs8n9XiZAaIENaIg8xEEALYPe0XNsPjx+inTQ+Izz527ZJnoc6BhWik/4a2b" + + "ZYENSOQXAMKTDQMv2lLeI0i6ceB967MNubhHeVdNeOWYHFSM1UGRfhmZERISho3b" + + "p+wVZvVG8GBVwpw34PJjgYU/0tDwnJaJ8BzX6j0ecTSTjQPnaUEtdJ/u/gmG9j02" + + "18TzAKDihdNoKJEU9IKUiSjdGomSuem/VwQArHfaucSiDmY8+zyZbVLLnK6UJMqt" + + "sIv1LvAg20xwXoUk2bY8H3tXL4UZ8YcoSXYozwALq3cIo5UZJ0q9Of71mI8WLK2i" + + "FSYVplpTX0WMClAdkGt3HgVb7xtOhGt1mEKeRQjNZ2LteUQrRDD9MTQ+XxcvEN0I" + + "pAj4kBJe9bR6HzAD/iecCmGwSlHUZZrgqWzv78o79XxDdcuLdl4i2fL7kwEOf9js" + + "De7hGs27yrdJEmAG9QF9TOF9LJFmE1CqkgW+EpKxsY01Wjm0BFJB1R7iPUaUtFRZ" + + "xYqfgXarmPjql2iBi+cVjLzGu+4BSojVAPgP/hhcnIowf4M4edPiICMP1GVjtCFX" + + "ZXJuZXIgS29jaCA8d2VybmVyLmtvY2hAZ3V1Zy5kZT6IYwQTEQIAGwUCNs8JNwUJ" + + "CCCxRAMLCgMDFQMCAxYCAQIXgAASCRBsfuG4YhzAEwdlR1BHAAEBaSAAn3YkpT5h" + + "xgehGFfnX7izd+c8jI0SAJ9qJZ6jJvXnGB07p60aIPYxgJbLmYkAdQMFEDWjdxQd" + + "GfTBDJhXpQEBPfMC/0cxo+4xYVAplFO0nIYyjQgP7D8O0ufzPsIwF3kvb7b5FNNj" + + "fp+DAhN6G0HOIgkL3GsWtCfH5UHali+mtNFIKDpTtr+F/lPpZP3OPzzsLZS4hYTq" + + "mMs1O/ACq8axKgAilYkBXwMFEDWiJw4DbxG4/z6qCxADB9wFH0i6mmn6rWYKFepJ" + + "hXyhE4wWqRPJAnvfoiWUntDp4aIQys6lORigVXIWo4k4SK/FH59YnzF7578qrTZW" + + "/RcA0bIqJqzqaqsOdTYEFa49cCjvLnBW4OebJlLTUs/nnmU0FWKW8OwwL+pCu8d7" + + "fLSSnggBsrUQwbepuw0cJoctFPAz5T1nQJieQKVsHaCNwL2du0XefOgF5ujB1jK1" + + "q3p4UysF9hEcBR9ltE3THr+iv4jtZXmC1P4at9W5LFWsYuwr0U3yJcaKSKp0v/wG" + + "EWe2J/gFQZ0hB1+35RrCZPgiWsEv87CHaG6XtQ+3HhirBCJsYhmOikVKoEan6PhU" + + "VR1qlXEytpAt389TBnvyceAX8hcHOE3diuGvILEgYes3gw3s5ZmM7bUX3jm2BrX8" + + "WchexUFUQIuKW2cL379MFXR8TbxpVxrsRYE/4jHZBYhGBBARAgAGBQI27U4LAAoJ" + + "EF3iSZZbA1iifJoAoLEsGy16hV/CfmDku6D1CBUIxXvpAJ9GBApdC/3OXig7sBrV" + + "CWOb3MQzcLkBjQQ2zwcIEAYA9zWEKm5eZpMMBRsipL0IUeSKEyeKUjABX4vYNurl" + + "44+2h6Y8rHn7rG1l/PNj39UJXBkLFj1jk8Q32v+3BQDjvwv8U5e/kTgGlf7hH3WS" + + "W38RkZw18OXYCvnoWkYneIuDj6/HH2bVNXmTac05RkBUPUv4yhqlaFpkVcswKGuE" + + "NRxujv/UWvVF+/2P8uSQgkmGp/cbwfMTkC8JBVLLBRrJhl1uap2JjZuSVklUUBez" + + "Vf3NJMagVzx47HPqLVl4yr4bAAMGBf9PujlH5I5OUnvZpz+DXbV/WQVfV1tGRCra" + + "kIj3mpN6GnUDF1LAbe6vayUUJ+LxkM1SqQVcmuy/maHXJ+qrvNLlPqUZPmU5cINl" + + "sA7bCo1ljVUp54J1y8PZUx6HxfEl/LzLVkr+ITWnyqeiRikDecUf4kix2teTlx6I" + + "3ecqT5oNqZSRXWwnN4SbkXtAd7rSgEptUYhQXgSEarp1pXJ4J4rgqFa49jKISDJq" + + "rn/ElltHe5Fx1bpfkCIYlYk45Cga9bOIVAQYEQIADAUCNs8HCAUJBvPJAAASCRBs" + + "fuG4YhzAEwdlR1BHAAEBeRUAoIGpCDmMy195TatlloHAJEjZu5KaAJwOvW989hOb" + + "8cg924YIFVA1+4/Ia7kBjQQ1oiE8FAYAkQmAlOXixb8wra83rE1i7LCENLzlvBZW" + + "KBXN4ONelZAnnkOm7IqRjMhtKRJN75zqVyKUaUwDKjpf9J5K2t75mSxBtnbNRqL3" + + "XodjHK93OcAUkz3ci7iuC/b24JI2q4XeQG/v4YR1VodM0zEQ1IC0JCq4Pl39QZyX" + + "JdZCrUFvMcXq5ruNSldztBqTFFUiFbkw1Fug/ZyXJve2FVcbsRXFrB7EEuy+iiU/" + + "kZ/NViKk0L4T6KRHVsEiriNlCiibW19fAAMFBf9Tbv67KFMDrLqQan/0oSSodjDQ" + + "KDGqtoh7KQYIKPXqfqT8ced9yd5MLFwPKf3t7AWG1ucW2x118ANYkPSU122UTndP" + + "sax0cY4XkaHxaNwpNFCotGQ0URShxKNpcqbdfvy+1d8ppEavgOyxnV1JOkLjZJLw" + + "K8bgxFdbPWcsJJnjuuH3Pwz87CzTgOSYQxMPnIwQcx5buZIV5NeELJtcbbd3RVua" + + "K/GQht8QJpuXSji8Nl1FihYDjACR8TaRlAh50GmIRgQoEQIABgUCOCv7gwAKCRBs" + + "fuG4YhzAE9hTAJ9cRHu+7q2hkxpFfnok4mRisofCTgCgzoPjNIuYiiV6+wLB5o11" + + "7MNWPZCIVAQYEQIADAUCNaIhPAUJB4TOAAASCRBsfuG4YhzAEwdlR1BHAAEBDfUA" + + "oLstR8cg5QtHwSQ3nFCOKEREUFIwAKDID3K3hM+b6jW1o+tNX9dnjb+YMZkAbQIw" + + "bYOUAAABAwC7ltmO5vdKssohwzXEZeYvDW2ll3CYD2I+ruiNq0ybxkfFBopq9cxt" + + "a0OvVML4LK/TH+60f/Fqx9wg2yk9APXyaomdLrXfWyfZ91YtNCfj3ElC4XB4qqm0" + + "HRn0wQyYV6UABRG0IVdlcm5lciBLb2NoIDx3ZXJuZXIua29jaEBndXVnLmRlPokA" + + "lQMFEDRfoOmOB31Gi6BmjQEBzwgD/2fHcdDXuRRY+SHvIVESweijstB+2/sVRp+F" + + "CDjR74Kg576sJHfTJCxtSSmzpaVpelb5z4URGJ/Byi5L9AU7hC75S1ZnJ+MjBT6V" + + "ePyk/r0uBrMkU/lMG7lk/y2By3Hll+edjzJsdwn6aoNPiyen4Ch4UGTEguxYsLq0" + + "HES/UvojiQEVAwUTNECE2gnp+QqKck5FAQH+1Af/QMlYPlLG+5E19qP6AilKQUzN" + + "kd1TWMenXTS66hGIVwkLVQDi6RCimhnLMq/F7ENA8bSbyyMuncaBz5dH4kjfiDp1" + + "o64LULcTmN1LW9ctpTAIeLLJZnwxoJLkUbLUYKADKqIBXHMt2B0zRmhFOqEjRN+P" + + "hI7XCcHeHWHiDeUB58QKMyeoJ/QG/7zLwnNgDN2PVqq2E72C3ye5FOkYLcHfWKyB" + + "Rrn6BdUphAB0LxZujSGk8ohZFbia+zxpWdE8xSBhZbjVGlwLurmS2UTjjxByBNih" + + "eUD6IC3u5P6psld0OfqnpriZofP0CBP2oTk65r529f/1lsy2kfWrVPYIFJXEnIkA" + + "lQMFEDQyneGkWMS9SnJfMQEBMBMD/1ADuhhuY9kyN7Oj6DPrDt5SpPQDGS0Jtw3y" + + "uIPoed+xyzlrEuL2HeaOj1O9urpn8XLN7V21ajkzlqsxnGkOuifbE9UT67o2b2vC" + + "ldCcY4nV5n+U1snMDwNv+RkcEgNa8ANiWkm03UItd7/FpHDQP0FIgbPEPwRoBN87" + + "I4gaebfRiQCVAwUQNDUSwxRNm5Suj3z1AQGMTAP/UaXXMhPzcjjLxBW0AccTdHUt" + + "Li+K+rS5PNxxef2nnasEhCdK4GkM9nwJgsP0EZxCG3ZSAIlWIgQ3MK3ZAV1Au5pL" + + "KolRjFyEZF420wAtiE7V+4lw3FCqNoXDJEFC3BW431kx1wAhDk9VaIHHadYcof4d" + + "dmMLQOW2cJ7LDEEBW/WJAJUDBRA0M/VQImbGhU33abUBARcoA/9eerDBZGPCuGyE" + + "mQBcr24KPJHWv/EZIKl5DM/Ynz1YZZbzLcvEFww34mvY0jCfoVcCKIeFFBMKiSKr" + + "OMtoVC6cQMKpmhE9hYRStw4E0bcf0BD/stepdVtpwRnG8SDP2ZbmtgyjYT/7T4Yt" + + "6/0f6N/0NC7E9qfq4ZlpU3uCGGu/44kAlQMFEDQz8kp2sPVxuCQEdQEBc5YD/Rix" + + "vFcLTO1HznbblrO0WMzQc+R4qQ50CmCpWcFMwvVeQHo/bxoxGggNMmuVT0bqf7Mo" + + "lZDSJNS96IAN32uf25tYHgERnQaMhmi1aSHvRDh4jxFu8gGVgL6lWit/vBDW/BiF" + + "BCH6sZJJrGSuSdpecTtaWC8OJGDoKTO9PqAA/HQRiQB1AwUQNDJSx011eFs7VOAZ" + + "AQGdKQL/ea3qD2OP3wVTzXvfjQL1CosX4wyKusBBhdt9u2vOT+KWkiRk1o35nIOG" + + "uZLHtSFQDY8CVDOkqg6g4sVbOcTl8QUwHA+A4AVDInwTm1m4Bk4oeCIwk4Bp6mDd" + + "W11g28k/iQEVAgUSNDIWPm/Y4wPDeaMxAQGvBQgAqGhzA/21K7oL/L5S5Xz//eO7" + + "J8hgvqqGXWd13drNy3bHbKPn7TxilkA3ca24st+6YPZDdSUHLMCqg16YOMyQF8gE" + + "kX7ZHWPacVoUpCmSz1uQ3p6W3+u5UCkRpgQN8wBbJx5ZpBBqeq5q/31okaoNjzA2" + + "ghEWyR5Ll+U0C87MY7pc7PlNHGCr0ZNOhhtf1jU+H9ag5UyT6exIYim3QqWYruiC" + + "LSUcim0l3wK7LMW1w/7Q6cWfAFQvl3rGjt3rg6OWg9J4H2h5ukf5JNiRybkupmat" + + "UM+OVMRkf93jzU62kbyZpJBHiQZuxxJaLkhpv2RgWib9pbkftwEy/ZnmjkxlIIkA" + + "lQMFEDQvWjh4313xYR8/NQEB37QEAIi9vR9h9ennz8Vi7RNU413h1ZoZjxfEbOpk" + + "QAjE/LrZ/L5WiWdoStSiyqCLPoyPpQafiU8nTOr1KmY4RgceJNgxIW4OiSMoSvrh" + + "c2kqP+skb8A2B4+47Aqjr5fSAVfVfrDMqDGireOguhQ/hf9BOYsM0gs+ROdtyLWP" + + "tMjRnFlviD8DBRAz8qQSj6lRT5YOKXIRAntSAJ9StSEMBoFvk8iRWpXb6+LDNLUW" + + "zACfT8iY3IxwvMF6jjCHrbuxQkL7chSJARUDBRA0MMO7569NIyeqD3EBATIAB/4t" + + "CPZ1sLWO07g2ZCpiP1HlYpf5PENaXtaasFvhWch7eUe3DksuMEPzB5GnauoQZAku" + + "hEGkoEfrfL3AXtXH+WMm2t7dIcTBD4p3XkeZ+PgJpKiASXDyul9rumXXvMxSL4KV" + + "7ar+F1ZJ0ycCx2r2au0prPao70hDAzLTy16hrWgvdHSK7+wwaYO5TPCL5JDmcB+d" + + "HKW72qNUOD0pxbe0uCkkb+gDxeVX28pZEkIIOMMV/eAs5bs/smV+eJqWT/EyfVBD" + + "o7heF2aeyJj5ecxNOODr88xKF7qEpqazCQ4xhvFY+Yn6+vNCcYfkoZbOn0XQAvqf" + + "a2Vab9woVIVSaDji/mlPiQB1AwUQNDC233FfeD4HYGBJAQFh6QL/XCgm5O3q9kWp" + + "gts1MHKoHoh7vxSSQGSP2k7flNP1UB2nv4sKvyGM8eJKApuROIodcTkccM4qXaBu" + + "XunMr5kJlvDJPm+NLzKyhtQP2fWI7xGYwiCiB29gm1GFMjdur4amiQEVAwUQNDBR" + + "9fjDdqGixRdJAQE+mAf+JyqJZEVFwNwZ2hSIMewekC1r7N97p924nqfZKnzn6weF" + + "pE80KIJSWtEVzI0XvHlVCOnS+WRxn7zxwrOTbrcEOy0goVbNgUsP5ypZa2/EM546" + + "uyyJTvgD0nwA45Q4bP5sGhjh0G63r9Vwov7itFe4RDBGM8ibGnZTr9hHo469jpom" + + "HSNeavcaUYyEqcr4GbpQmdpJTnn/H0A+fMl7ZHRoaclNx9ZksxihuCRrkQvUOb3u" + + "RD9lFIhCvNwEardN62dKOKJXmn1TOtyanZvnmWigU5AmGuk6FpsClm3p5vvlid64" + + "i49fZt9vW5krs2XfUevR4oL0IyUl+qW2HN0DIlDiAYkAlQMFEDQvbv2wcgJwUPMh" + + "JQEBVBID/iOtS8CQfMxtG0EmrfaeVUU8R/pegBmVWDBULAp8CLTtdfxjVzs/6DXw" + + "0RogXMRRl2aFfu1Yp0xhBYjII6Kque/FzAFXY9VNF1peqnPt7ADdeptYMppZa8sG" + + "n9BBRu9Fsw69z6JkyqvMiVxGcKy3XEpVGr0JHx8Xt6BYdrULiKr2iQB1AwUQNC68" + + "n6jZR/ntlUftAQFaYgL+NUYEj/sX9M5xq1ORX0SsVPMpNamHO3JBSmZSIzjiox5M" + + "AqoFOCigAkonuzk5aBy/bRHy1cmDBOxf4mNhzrH8N6IkGvPE70cimDnbFvr+hoZS" + + "jIqxtELNZsLuLVavLPAXiQCVAwUQNC6vWocCuHlnLQXBAQHb1gQAugp62aVzDCuz" + + "4ntfXsmlGbLY7o5oZXYIKdPP4riOj4imcJh6cSgYFL6OMzeIp9VW/PHo2mk8kkdk" + + "z5uif5LqOkEuIxgra7p1Yq/LL4YVhWGQeD8hwpmu+ulYoPOw40dVYS36PwrHIH9a" + + "fNhl8Or5O2VIHIWnoQ++9r6gwngFQOyJAJUDBRAzHnkh1sNKtX1rroUBAWphBACd" + + "huqm7GHoiXptQ/Y5F6BivCjxr9ch+gPSjaLMhq0kBHVO+TbXyVefVVGVgCYvFPjo" + + "zM8PEVykQAtY//eJ475aGXjF+BOAhl2z0IMkQKCJMExoEDHbcj0jIIMZ2/+ptgtb" + + "FSyJ2DQ3vvCdbw/1kyPHTPfP+L2u40GWMIYVBbyouokAlQMFEDMe7+UZsymln7HG" + + "2QEBzMED/3L0DyPK/u6PyAd1AdpjUODTkWTZjZ6XA2ubc6IXXsZWpmCgB/24v8js" + + "J3DIsvUD3Ke55kTr6xV+au+mAkwOQqWUTUWfQCkSrSDlbUJ1VPBzhyTpuzjBopte" + + "7o3R6XXfcLiC5jY6eCX0QtLGhKpLjTr5uRhf1fYODGsAGXmCByDviQB1AgUQMy6U" + + "MB0Z9MEMmFelAQHV4AMAjdFUIyFtpTr5jkyZSd3y//0JGO0z9U9hLVxeBBCwvdEQ" + + "xsrpeTtVdqpeKZxHN1GhPCYvgLFZAQlcPh/Gc8u9uO7wVSgJc3zYKFThKpQevdF/" + + "rzjTCHfgigf5Iui0qiqBiQCVAwUQMx22bAtzgG/ED06dAQFi0gQAkosqTMWy+1eU" + + "Xbi2azFK3RX5ERf9wlN7mqh7TvwcPXvVWzUARnwRv+4kk3uOWI18q5UPis7KH3KY" + + "OVeRrPd8bbp6SjhBh82ourTEQUXLBDQiI1V1cZZmwwEdlnAnhFnkXgMBNM2q7oBe" + + "fRHADfYDfGo90wXyrVVL+GihDNpzUwOJAJUDBRAzHUFnOWvfULwOR3EBAbOYA/90" + + "JIrKmxhwP6quaheFOjjPoxDGEZpGJEOwejEByYj+AgONCRmQS3BydtubA+nm/32D" + + "FeG8pe/dnFvGc+QgNW560hK21C2KJj72mhjRlg/na7jz4/MmBAv5k61Q7roWi0rw" + + "x+R9NSHxpshC8A92zmvo8w/XzVSogC8pJ04jcnY6YokAlQMFEDMdPtta9LwlvuSC" + + "3QEBvPMD/3TJGroHhHYjHhiEpDZZVszeRQ0cvVI/uLLi5yq3W4F6Jy47DF8VckA7" + + "mw0bXrOMNACN7Je7uyaU85qvJC2wgoQpFGdFlkjmkAwDAjR+koEysiE8FomiOHhv" + + "EpEY/SjSS4jj4IPmgV8Vq66XjPw+i7Z0RsPLOIf67yZHxypNiBiYiQCVAwUQMxxw" + + "pKrq6G7/78D5AQHo2QQAjnp6KxOl6Vvv5rLQ/4rj3OemvF7IUUq34xb25i/BSvGB" + + "UpDQVUmhv/qIfWvDqWGZedyM+AlNSfUWPWnP41S8OH+lcERH2g2dGKGl7kH1F2Bx" + + "ByZlqREHm2q624wPPA35RLXtXIx06yYjLtJ7b+FCAX6PUgZktZYk5gwjdoAGrC2J" + + "AJUDBRAzGvcCKC6c7f53PGUBAUozA/9l/qKmcqbi8RtLsKQSh3vHds9d22zcbkuJ" + + "PBSoOv2D7i2VLshaQFjq+62uYZGE6nU1WP5sZcBDuWjoX4t4NrffnOG/1R9D0t1t" + + "9F47D77HJzjvo+J52SN520YHcbT8VoHdPRoEOXPN4tzhvn2GapVVdaAlWM0MLloh" + + "NH3I9jap9okAdQMFEDMZlUAnyXglSykrxQEBnuwC/jXbFL+jzs2HQCuo4gyVrPlU" + + "ksQCLYZjNnZtw1ca697GV3NhBhSXR9WHLQH+ZWnpTzg2iL3WYSdi9tbPs78iY1FS" + + "d4EG8H9V700oQG8dlICF5W2VjzR7fByNosKM70WSXYkBFQMFEDMWBsGCy1t9eckW" + + "HQEBHzMH/jmrsHwSPrA5R055VCTuDzdS0AJ+tuWkqIyqQQpqbost89Hxper3MmjL" + + "Jas/VJv8EheuU3vQ9a8sG2SnlWKLtzFqpk7TCkyq/H3blub0agREbNnYhHHTGQFC" + + "YJb4lWjWvMjfP+N5jvlLcnDqQPloXfAOgy7W90POoqFrsvhxdpnXgoLrzyNNja1O" + + "1NRj+Cdv/GmJYNi6sQe43zmXWeA7syLKMw6058joDqEJFKndgSp3Zy/yXmObOZ/H" + + "C2OJwA3gzEaAu8Pqd1svwGIGznqtTNCn9k1+rMvJPaxglg7PXIJS282hmBl9AcJl" + + "wmh2GUCswl9/sj+REWTb8SgJUbkFcp6JAJUDBRAwdboVMPfsgxioXMEBAQ/LA/9B" + + "FTZ9T95P/TtsxeC7lm9imk2mpNQCBEvXk286FQnGFtDodGfBfcH5SeKHaUNxFaXr" + + "39rDGUtoTE98iAX3qgCElf4V2rzgoHLpuQzCg3U35dfs1rIxlpcSDk5ivaHpPV3S" + + "v+mlqWL049y+3bGaZeAnwM6kvGMP2uccS9U6cbhpw4hGBBARAgAGBQI3GtRfAAoJ" + + "EF3iSZZbA1iikWUAoIpSuXzuN/CI63dZtT7RL7c/KtWUAJ929SAtTr9SlpSgxMC8" + + "Vk1T1i5/SYkBFQMFEzccnFnSJilEzmrGwQEBJxwH/2oauG+JlUC3zBUsoWhRQwqo" + + "7DdqaPl7sH5oCGDKS4x4CRA23U15NicDI7ox6EizkwCjk0dRr1EeRK+RqL1b/2T4" + + "2B6nynOLhRG2A0BPHRRJLcoL4nKfoPSo/6dIC+3iVliGEl90KZZD5bnONrVJQkRj" + + "ZL8Ao+9IpmoYh8XjS5xMLEF9oAQqAkA93nVBm56lKmaL1kl+M3dJFtNKtVB8de1Z" + + "XifDs8HykD42qYVtcseCKxZXhC3UTG5YLNhPvgZKH8WBCr3zcR13hFDxuecUmu0M" + + "VhvEzoKyBYYt0rrqnyWrxwbv4gSTUWH5ZbgsTjc1SYKZxz6hrPQnfYWzNkznlFWJ" + + "ARUDBRM0xL43CdxwOTnzf10BATOCB/0Q6WrpzwPMofjHj54MiGLKVP++Yfwzdvns" + + "HxVpTZLZ5Ux8ErDsnLmvUGphnLVELZwEkEGRjln7a19h9oL8UYZaV+IcR6tQ06Fb" + + "1ldR+q+3nXtBYzGhleXdgJQSKLJkzPF72tvY0DHUB//GUV9IBLQMvfG8If/AFsih" + + "4iXi96DOtUAbeuIhnMlWwLJFeGjLLsX1u6HSX33xy4bGX6v/UcHbTSSYaxzb92GR" + + "/xpP2Xt332hOFRkDZL52g27HS0UrEJWdAVZbh25KbZEl7C6zX/82OZ5nTEziHo20" + + "eOS6Nrt2+gLSeA9X5h/+qUx30kTPz2LUPBQyIqLCJkHM8+0q5j9ciQCiAwUTNMS+" + + "HZFeTizbCJMJAQFrGgRlEAkG1FYU4ufTxsaxhFZy7xv18527Yxpls6mSCi1HL55n" + + "Joce6TI+Z34MrLOaiZljeQP3EUgzA+cs1sFRago4qz2wS8McmQ9w0FNQQMz4vVg9" + + "CVi1JUVd4EWYvJpA8swDd5b9+AodYFEsfxt9Z3aP+AcWFb10RlVVsNw9EhObc6IM" + + "nwAOHCEI9vp5FzzFiQCVAwUQNxyr6UyjTSyISdw9AQHf+wP+K+q6hIQ09tkgaYaD" + + "LlWKLbuxePXqM4oO72qi70Gkg0PV5nU4l368R6W5xgR8ZkxlQlg85sJ0bL6wW/Sj" + + "Mz7pP9hkhNwk0x3IFkGMTYG8i6Gt8Nm7x70dzJoiC+A496PryYC0rvGVf+Om8j5u" + + "TexBBjb/jpJhAQ/SGqeDeCHheOC0Lldlcm5lciBLb2NoIChtZWluIGFsdGVyIGtl" + + "eSkgPHdrQGNvbXB1dGVyLm9yZz6JAHUDBRM2G2MyHRn0wQyYV6UBASKKAv4wzmK7" + + "a9Z+g0KH+6W8ffIhzrQo8wDAU9X1WJKzJjS205tx4mmdnAt58yReBc/+5HXTI8IK" + + "R8IgF+LVXKWAGv5P5AqGhnPMeQSCs1JYdf9MPvbe34jD8wA1LTWFXn9e/cWIRgQQ" + + "EQIABgUCNxrUaQAKCRBd4kmWWwNYovRiAJ9dJBVfjx9lGARoFXmAieYrMGDrmwCZ" + + "AQyO4Wo0ntQ+iq4do9M3/FTFjiCZAaIENu1I6REEAJRGEqcYgXJch5frUYBj2EkD" + + "kWAbhRqVXnmiF3PjCEGAPMMYsTddiU7wcKfiCAqKWWXow7BjTJl6Do8RT1jdKpPO" + + "lBJXqqPYzsyBxLzE6mLps0K7SLJlSKTQqSVRcx0jx78JWYGlAlP0Kh9sPV2w/rPh" + + "0LrPeOKXT7lZt/DrIhfPAKDL/sVqCrmY3QfvrT8kSKJcgtLWfQP/cfbqVNrGjW8a" + + "m631N3UVA3tWfpgM/T9OjmKmw44NE5XfPJTAXlCV5j7zNMUkDeoPkrFF8DvbpYQs" + + "4XWYHozDjhR2Q+eI6gZ0wfmhLHqqc2eVVkEG7dT57Wp9DAtCMe7RZfhnarTQMqlY" + + "tOEa/suiHk0qLo59NsyF8eh68IDNCeYD/Apzonwaq2EQ1OEpfFlp6LcSnS34+UGZ" + + "tTO4BgJdmEjr/QrIPp6bJDstgho+/2oR8yQwuHGJwbS/8ADA4IFEpLduSpzrABho" + + "7RuNQcm96bceRY+7Hza3zf7pg/JGdWOb+bC3S4TIpK+3sx3YNWs7eURwpGREeJi5" + + "/Seic+GXlGzltBpXZXJuZXIgS29jaCA8d2tAZ251cGcub3JnPohjBBMRAgAbBQI3" + + "Gs+QBQkMyXyAAwsKAwMVAwIDFgIBAheAABIJEF3iSZZbA1iiB2VHUEcAAQFdwgCe" + + "O/s43kCLDMIsHCb2H3LC59clC5UAn1EyrqWk+qcOXLpQIrP6Qa3QSmXIiEYEEBEC" + + "AAYFAjca0T0ACgkQbH7huGIcwBOF9ACeNwO8G2G0ei03z0g/n3QZIpjbzvEAnRaE" + + "qX2PuBbClWoIP6h9yrRlAEbUiQB1AwUQNxrRYx0Z9MEMmFelAQHRrgL/QDNKPV5J" + + "gWziyzbHvEKfTIw/Ewv6El2MadVvQI8kbPN4qkPr2mZWwPzuc9rneCPQ1eL8AOdC" + + "8+ZyxWzx2vsrk/FcU5donMObva2ct4kqJN6xl8xjsxDTJhBSFRaiBJjxiEYEEBEC" + + "AAYFAjca0aMACgkQaLeriVdUjc0t+ACghK37H2vTYeXXieNJ8aZkiPJSte4An0WH" + + "FOotQdTW4NmZJK+Uqk5wbWlgiEYEEBECAAYFAjdPH10ACgkQ9u7fIBhLxNktvgCe" + + "LnQ5eOxAJz+Cvkb7FnL/Ko6qc5YAnjhWWW5c1o3onvKEH2Je2wQa8T6iiEYEEBEC" + + "AAYFAjenJv4ACgkQmDRl2yFDlCJ+yQCfSy1zLftEfLuIHZsUHis9U0MlqLMAn2EI" + + "f7TI1M5OKysQcuFLRC58CfcfiEUEEBECAAYFAjfhQTMACgkQNmdg8X0u14h55wCf" + + "d5OZCV3L8Ahi4QW/JoXUU+ZB0M0AmPe2uw7WYDLOzv48H76tm6cy956IRgQQEQIA" + + "BgUCOCpiDwAKCRDj8lhUEo8OeRsdAJ9FHupRibBPG2t/4XDqF+xiMLL/8ACfV5F2" + + "SR0ITE4k/C+scS1nJ1KZUDW0C1dlcm5lciBLb2NoiGMEExECABsFAjbtSOoFCQzJ" + + "fIADCwoDAxUDAgMWAgECF4AAEgkQXeJJllsDWKIHZUdQRwABAbXWAJ9SCW0ieOpL" + + "7AY6vF+OIaMmw2ZW1gCgkto0eWfgpjAuVg6jXqR1wHt2pQOJAh4EEBQDAAYFAjcv" + + "WdQACgkQbEwxpbHVFWcNxQf/bg14WGJ0GWMNSuuOOR0WYzUaNtzYpiLSVyLrreXt" + + "o8LBNwzbgzj2ramW7Ri+tYJAHLhtua8ZgSeibmgBuZasF8db1m5NN1ZcHBXGTysA" + + "jp+KnicTZ9Orj75D9o3oSmMyRcisEhr+gkj0tVhGfOAOC6eKbufVuyYFDVIyOyUB" + + "GlW7ApemzAzYemfs3DdjHn87lkjHMVESO4fM5rtLuSc7cBfL/e6ljaWQc5W8S0gI" + + "Dv0VtL39pMW4BlpKa25r14oJywuUpvWCZusvDm7ZJnqZ/WmgOHQUsyYudTROpGIb" + + "lsNg8iqC6huWpGSBRdu3oRQRhkqpfVdszz6BB/nAx01q2wf/Q+U9XId1jyzxUL1S" + + "GgaYMf6QdyjHQ1oxuFLNxzM6C/M069twbNgXJ71RsDDXVxFZfSTjSiH100AP9+9h" + + "b5mycaXLUOXYDvOSFzHBd/LsjFNVrrFbDs5Xw+cLGVHOIgR5IWAfgu5d1PAZU9uQ" + + "VgdGnQfmZg383RSPxvR3fnZz1rHNUGmS6w7x6FVbxa1QU2t38gNacIwHATAPcBpy" + + "JLfXoznbpg3ADbgCGyDjBwnuPQEQkYwRakbczRrge8IaPZbt2HYPoUsduXMZyJI8" + + "z5tvu7pUDws51nV1EX15BcN3++aY5pUyA1ItaaDymQVmoFbQC0BNMzMO53dMnFko" + + "4i42kohGBBARAgAGBQI3OvmjAAoJEHUPZJXInZM+hosAnRntCkj/70shGTPxgpUF" + + "74zA+EbzAKCcMkyHXIz2W0Isw3gDt27Z9ggsE4hGBBARAgAGBQI3NyPFAAoJEPbu" + + "3yAYS8TZh2UAoJVmzw85yHJzsXQ1vpO2IAPfv59NAJ9WY0oiYqb3q1MSxBRwG0gV" + + "iNCJ7YkBFQMFEDdD3tNSgFdEdlNAHQEByHEH/2JMfg71GgiyGJTKxCAymdyf2j2y" + + "fH6wI782JK4BWV4c0E/V38q+jpIYslihV9t8s8w1XK5niMaLwlCOyBWOkDP3ech6" + + "+GPPtfB3cmlL2hS896PWZ1adQHgCeQpB837n56yj0aTs4L1xarbSVT22lUwMiU6P" + + "wYdH2Rh8nh8FvN0IZsbln2nOj73qANQzNflmseUKF1Xh4ck8yLrRd4r6amhxAVAf" + + "cYFRJN4zdLL3cmhgkt0ADZlzAwXnEjwdHHy7SvAJk1ecNOA9pFsOJbvnzufd1afs" + + "/CbG78I+0JDhg75Z2Nwq8eKjsKqiO0zz/vG5yWSndZvWkTWz3D3b1xr1Id2IRgQQ" + + "EQIABgUCOCpiHgAKCRDj8lhUEo8OeQ+QAKCbOTscyUnWHSrDo4fIy0MThEjhOgCe" + + "L4Kb7TWkd/OHQScVBO8sTUz0+2g="); + + private static readonly byte[] pub6check = Base64.Decode("62O9"); + + // + // revoked master key + // + private static readonly byte[] pub7 = Base64.Decode( + "mQGiBFKQDEMRBACtcEzu15gGDrZKLuO2zgDJ9qFkweOxKyeO45LKIfUGBful" + + "lheoFHbsJIeNGjWbSOfWWtphTaSu9//BJt4xxg2pqVLYqzR+hEPpDy9kXxnZ" + + "LwwxjAP2TcOvuZKWe+JzoYQxDunOH4Zu9CPJhZhF3RNPw+tbv0jHfTV/chtb" + + "23Dj5wCg7eoM8bL9NYXacsAfkS//m+AB1MkD/jEZJqJSQHW8WVP7wKRrAZse" + + "N4l9b8+yY4RwLIodhD8wGsMYjkCF4yb/SQ5QlmLlvrHDLBofRzG+8oxldX4o" + + "GLZWvqPmW+BlS4QNSr+ZBu+OwnpClXG2pR+ExumXNoeArREyylrmOgD+0cUa" + + "8K2UbOxbJ8EioyOKxa7wjUVxmHmhBACAGQGLT/lpHA5zcU0g8AlSk8fsd+bB" + + "nwa/+9xdLqVsCTZdOWULtPOw9hbAdjjAy0L4M/MDAJYYtCEl9rB7aOc9PVdT" + + "h7CT9Ma6ltiSMKDlqWbDmogNEGx9Gz3GjiSGxAy/SN6JR1On4c60TAiTv6eE" + + "uEHszE6CH4qceK5W8HLLB4hJBCARAgAJBQJSkA0OAh0CAAoJEBCIvJhXZzdI" + + "X8wAn0qUP/jqAuPEX9g2XCr5jN3RKvKjAKDpx4NP7P1/yLN2ycFIgxKZ1plK" + + "CLACAAO0J3Jldm9rZSAoUmV2b2tlIFRlc3QpIDxyZXZva2VAdGVzdC50ZXN0" + + "PohiBBMRAgAiBQJSkAxDAhsDBgsJCAcDAgYVCAIJCgsEFgIDAQIeAQIXgAAK" + + "CRAQiLyYV2c3SKw0AJ9kufxvnorVOv6a+WM+I/bNP+mjLQCgtPKuwTyeZU2k" + + "Sec1fJZUssDL1hGwAgADuQENBFKQDEMQBACruJ54GuhUaXgqGzu/HsCrgGQA" + + "n86PZW1qPCX28E9sayEmVOgzSDA/OT5c05P0PVLhMNEguSnUGC249MpZfPK/" + + "9LVKMXATZLzEB6lFX1YJdfrrb9KrQ5kdDhOcFXm1GIGBwLzjUmXYRVPH+TsT" + + "4QFvDpfIANQZfKK4UV5BJzJV5wADBQP/ew75dy1x58KWpPqfeH1OVln/Ui6e" + + "EDyyISic147+FIfVDuLtWoxMFE0ZPg47+rEQrhWC96izaSKPW97y5bkWz5PG" + + "CMChnLcg+3M91x/QCGzNhzVMiVpY5VhBDFP+7iiOaKYRiN/x7oasf2482Ny8" + + "1oiykOZUm8FCUQnRmJzIlbiISQQYEQIACQUCUpAMQwIbDAAKCRAQiLyYV2c3" + + "SL04AJ9VceD1DtcEDaWPDzFPgpe3ZfiXiQCfe5azYl26JpHSJvNKZRLi0I8H" + + "shCwAgAD"); + + private static readonly byte[] pub7sub = Base64.Decode( + "mQGiBFKQFFURBAD7CTE4RYPD7O+ki7pl/vXSZsSR0kQhCD9BR4lwE/Iffzmr" + + "vK8tmr2yLKWoXyoc3VF0Gdg/VATDcawBnKSjuCIsFZ58Edacb7uVRl4+ACiu" + + "OsvCKl9JuZ54SQ/tbD+NFS+HWNyVlWn7vDv8l+37DWNxuQRIYtQR+drAnIwQ" + + "g0O4owCg5a9cGAaN0zNVssUo6GFEoAI8nE0EAJMxQMcHTlLQQN1c549Ub0+E" + + "LV4dRIxjO7O6yi6Bg5udwS9Un1XeHF4GM7fj95WHi7o9sgErr2evhuGWl337" + + "ySytE1npk2F/jqevhAJazQTuilEuyjMbCShV39qJlEKtU9uHQYxN8oqGT9Ot" + + "lOoXXtrgfHbsrouCVwm4Jk14kzCaA/4okwrQwGkPlXRpVFyLn4GwrGivG7eh" + + "enRbAd2SQBiNVKmMsKLxHT1avZ11qcx6OU3ixdw5wYmq7TNR+5FXiz/e2MIq" + + "m7VhKONN21F7WC7siHxXfqqI/uz2tTPrFoLbnr/j/RZZRUMh6qUQrWpv58ci" + + "Bh+xkWCRantLCL9khuvRSrQncmV2b2tlIChSZXZva2UgVGVzdCkgPHJldm9r" + + "ZUB0ZXN0LnRlc3Q+iGIEExECACIFAlKQFFUCGwMGCwkIBwMCBhUIAgkKCwQW" + + "AgMBAh4BAheAAAoJEDKzvtpHqpp2DN4AoNS9M634KdvZT25DclGpb2bCFjv0" + + "AKDYXl5fIRGi583vFJ9C/q8hNGyNc7ACAAO5AQ0EUpAUVRAEALusV5UIL4gB" + + "6qQk++h+czV9KS0yxwgZyR+dJza+duEG88aNv28Wmjpfr3ZkvIiUaOcxFoct" + + "LgVGtPJM1HhWJtoA94CRBFTGzLfUIfXHcyXSdAw8Qh96svRl2w2KM+/pJl1r" + + "A3CWIy48jQei0mLwElRELLG7HJKYJxjCbg4+ihYTAAMGA/42PgHTV5VpF7YC" + + "XodlLOyGDVOoRjsvu0Gu/P88QnVP2jN57MJcla224aN3pGprtcbTwyjt+dtf" + + "5IJlB+3RZLczyqvT5hw7j9h81mr3RDbg3cn57xdYwQNP+6b6Wf9QRmaE813s" + + "g3kF0IJ0oFvwZdHnjndQ0JCrKaPflGSO6msjIYhTBCgRAgATBQJSkBXdDB0B" + + "U3VwZXJzZWRlZAAKCRAys77aR6qadmZPAJ0eJzmgBLTWK9RIbVtRUFzm736I" + + "hACgsPGHdZmLUFhV80fvYnUtB7TYGeKwAgADiEkEGBECAAkFAlKQFFUCGwwA" + + "CgkQMrO+2keqmnZGIACfRTkdqi6b7fjqkWxx7DysKBedgS8An1TJrhhkeJVd" + + "smkOCYLILgjrBHq4sAIAAw=="); + + private static readonly byte[] pub8 = Base64.Decode( + "mQGiBEEcraYRBADFYj+uFOhHz5SdECvJ3Z03P47gzmWLQ5HH8fPYC9rrv7AgqFFX" + + "aWlJJVMLua9e6xoCiDWJs/n4BbZ/weL/11ELg6XqUnzFhYyz0H2KFsPgQ/b9lWLY" + + "MtcPMFy5jE33hv/ixHgYLFqoNaAIbg0lzYEW/otQ9IhRl16fO1Q/CQZZrQCg/9M2" + + "V2BTmm9RYog86CXJtjawRBcD/RIqU0zulxZ2Zt4javKVxrGIwW3iBU935ebmJEIK" + + "Y5EVkGKBOCvsApZ+RGzpYeR2uMsTnQi8RJgiAnjaoVPCdsVJE7uQ0h8XuJ5n5mJ2" + + "kLCFlF2hj5ViicZzse+crC12CGtgRe8z23ubLRcd6IUGhVutK8/b5knZ22vE14JD" + + "ykKdA/96ObzJQdiuuPsEWN799nUUCaYWPAoLAmiXuICSP4GEnxLbYHWo8zhMrVMT" + + "9Q5x3h8cszUz7Acu2BXjP1m96msUNoxPOZtt88NlaFz1Q/JSbQTsVOMd9b/IRN6S" + + "A/uU0BiKEMHXuT8HUHVPK49oCKhZrGFP3RT8HZxDKLmR/qrgZ7ABh7QhSmlhIFlp" + + "eXUgPHl5amlhQG5vd21lZGlhdGVjaC5jb20+sAMD//+JAF0EEBECAB0FAkEcraYH" + + "CwkIBwMCCgIZAQUbAwAAAAUeAQAAAAAKCRD0/lb4K/9iFJlhAKCRMifQewiX5o8F" + + "U099FG3QnLVUZgCfWpMOsHulGHfNrxdBSkE5Urqh1ymwAWe5Ag0EQRytphAIAPZC" + + "V7cIfwgXcqK61qlC8wXo+VMROU+28W65Szgg2gGnVqMU6Y9AVfPQB8bLQ6mUrfdM" + + "ZIZJ+AyDvWXpF9Sh01D49Vlf3HZSTz09jdvOmeFXklnN/biudE/F/Ha8g8VHMGHO" + + "fMlm/xX5u/2RXscBqtNbno2gpXI61Brwv0YAWCvl9Ij9WE5J280gtJ3kkQc2azNs" + + "OA1FHQ98iLMcfFstjvbzySPAQ/ClWxiNjrtVjLhdONM0/XwXV0OjHRhs3jMhLLUq" + + "/zzhsSlAGBGNfISnCnLWhsQDGcgHKXrKlQzZlp+r0ApQmwJG0wg9ZqRdQZ+cfL2J" + + "SyIZJrqrol7DVekyCzsAAgIH/3K2wKRSzkIpDfZR25+tnQ8brv3TYoDZo3/wN3F/" + + "r6PGjx0150Q8g8EAC0bqm4rXWzOqdSxYxvIPOAGm5P4y+884yS6j3vKcXitT7vj+" + + "ODc2pVwGDLDjrMRrosSK89ycPCK6R/5pD7Rv4l9DWi2fgLvXqJHS2/ujUf2uda9q" + + "i9xNMnBXIietR82Sih4undFUOwh6Mws/o3eed9DIdaqv2Y2Aw43z/rJ6cjSGV3C7" + + "Rkf9x85AajYA3LwpS8d99tgFig2u6V/A16oi6/M51oT0aR/ZAk50qUc4WBk9uRUX" + + "L3Y+P6v6FCBE/06fgVltwcQHO1oKYKhH532tDL+9mW5/dYGwAYeJAEwEGBECAAwF" + + "AkEcraYFGwwAAAAACgkQ9P5W+Cv/YhShrgCg+JW8m5nF3R/oZGuG87bXQBszkjMA" + + "oLhGPncuGKowJXMRVc70/8qwXQJLsAFnmQGiBD2K5rYRBADD6kznWZA9nH/pMlk0" + + "bsG4nI3ELgyI7KpgRSS+Dr17+CCNExxCetT+fRFpiEvUcSxeW4pOe55h0bQWSqLo" + + "MNErXVJEXrm1VPkC08W8D/gZuPIsdtKJu4nowvdoA+WrI473pbeONGjaEDbuIJak" + + "yeKM1VMSGhsImdKtxqhndq2/6QCg/xARUIzPRvKr2TJ52K393895X1kEAMCdjSs+" + + "vABnhaeNNR5+NNkkIOCCjCS8qZRZ4ZnIayvn9ueG3KrhZeBIHoajUHrlTXBVj7XO" + + "wXVfGpW17jCDiqhU8Pu6VwEwX1iFbuUwqBffiRLXKg0zfcN+MyFKToi+VsJi4jiZ" + + "zcwUFMb8jE8tvR/muXti7zKPRPCbNBExoCt4A/0TgkzAosG/W4dUkkbc6XoHrjob" + + "iYuy6Xbs/JYlV0vf2CyuKCZC6UoznO5x2GkvOyVtAgyG4HSh1WybdrutZ8k0ysks" + + "mOthE7n7iczdj9Uwg2h+TfgDUnxcCAwxnOsX5UaBqGdkX1PjCWs+O3ZhUDg6UsZc" + + "7O5a3kstf16lHpf4q7ABAIkAYQQfEQIAIQUCPYrmtgIHABcMgBHRi/xlIgI+Q6LT" + + "kNJ7zKvTd87NHAAKCRDJM3gHb/sRj7bxAJ9f6mdlXQH7gMaYiY5tBe/FRtPr1gCf" + + "UhDJQG0ARvORFWHjwhhBMLxW7j2wAWC0KkRlc21vbmQgS2VlIDxkZXNtb25kLmtl" + + "ZUBub3dtZWRpYXRlY2guY29tPrADAQD9iQBYBBARAgAYBQI9iua2CAsDCQgHAgEK" + + "AhkBBRsDAAAAAAoJEMkzeAdv+xGP7v4An19iqadBCCgDIe2DTpspOMidwQYPAJ4/" + + "5QXbcn4ClhOKTO3ZEZefQvvL27ABYLkCDQQ9iua2EAgA9kJXtwh/CBdyorrWqULz" + + "Bej5UxE5T7bxbrlLOCDaAadWoxTpj0BV89AHxstDqZSt90xkhkn4DIO9ZekX1KHT" + + "UPj1WV/cdlJPPT2N286Z4VeSWc39uK50T8X8dryDxUcwYc58yWb/Ffm7/ZFexwGq" + + "01uejaClcjrUGvC/RgBYK+X0iP1YTknbzSC0neSRBzZrM2w4DUUdD3yIsxx8Wy2O" + + "9vPJI8BD8KVbGI2Ou1WMuF040zT9fBdXQ6MdGGzeMyEstSr/POGxKUAYEY18hKcK" + + "ctaGxAMZyAcpesqVDNmWn6vQClCbAkbTCD1mpF1Bn5x8vYlLIhkmuquiXsNV6TIL" + + "OwACAgf/SO+bbg+owbFKVN5HgOjOElQZVnCsegwCLqTeQzPPzsWmkGX2qZJPDIRN" + + "RZfJzti6+oLJwaRA/3krjviUty4VKhZ3lKg8fd9U0jEdnw+ePA7yJ6gZmBHL15U5" + + "OKH4Zo+OVgDhO0c+oetFpend+eKcvtoUcRoQoi8VqzYUNG0b/nmZGDlxQe1/ZNbP" + + "HpNf1BAtJXivCEKMD6PVzsLPg2L4tFIvD9faeeuKYQ4jcWtTkBLuIaZba3i3a4wG" + + "xTN20j9HpISVuLW/EfZAK1ef4DNjLmHEU9dMzDqfi+hPmMbGlFqcKr+VjcYIDuje" + + "o+92xm/EWAmlti88r2hZ3MySamHDrLABAIkATAQYEQIADAUCPYrmtgUbDAAAAAAK" + + "CRDJM3gHb/sRjzVTAKDVS+OJLMeS9VLAmT8atVCB42MwIQCgoh1j3ccWnhc/h6B7" + + "9Uqz3fUvGoewAWA="); + + private static readonly byte[] sec8 = Base64.Decode( + "lQHpBEEcraYRBADFYj+uFOhHz5SdECvJ3Z03P47gzmWLQ5HH8fPYC9rrv7AgqFFX" + + "aWlJJVMLua9e6xoCiDWJs/n4BbZ/weL/11ELg6XqUnzFhYyz0H2KFsPgQ/b9lWLY" + + "MtcPMFy5jE33hv/ixHgYLFqoNaAIbg0lzYEW/otQ9IhRl16fO1Q/CQZZrQCg/9M2" + + "V2BTmm9RYog86CXJtjawRBcD/RIqU0zulxZ2Zt4javKVxrGIwW3iBU935ebmJEIK" + + "Y5EVkGKBOCvsApZ+RGzpYeR2uMsTnQi8RJgiAnjaoVPCdsVJE7uQ0h8XuJ5n5mJ2" + + "kLCFlF2hj5ViicZzse+crC12CGtgRe8z23ubLRcd6IUGhVutK8/b5knZ22vE14JD" + + "ykKdA/96ObzJQdiuuPsEWN799nUUCaYWPAoLAmiXuICSP4GEnxLbYHWo8zhMrVMT" + + "9Q5x3h8cszUz7Acu2BXjP1m96msUNoxPOZtt88NlaFz1Q/JSbQTsVOMd9b/IRN6S" + + "A/uU0BiKEMHXuT8HUHVPK49oCKhZrGFP3RT8HZxDKLmR/qrgZ/4JAwLXyWhb4pf4" + + "nmCmD0lDwoYvatLiR7UQVM2MamxClIiT0lCPN9C2AYIFgRWAJNS215Tjx7P/dh7e" + + "8sYfh5XEHErT3dMbsAGHtCFKaWEgWWl5dSA8eXlqaWFAbm93bWVkaWF0ZWNoLmNv" + + "bT6wAwP//4kAXQQQEQIAHQUCQRytpgcLCQgHAwIKAhkBBRsDAAAABR4BAAAAAAoJ" + + "EPT+Vvgr/2IUmWEAoJEyJ9B7CJfmjwVTT30UbdCctVRmAJ9akw6we6UYd82vF0FK" + + "QTlSuqHXKbABZ50CawRBHK2mEAgA9kJXtwh/CBdyorrWqULzBej5UxE5T7bxbrlL" + + "OCDaAadWoxTpj0BV89AHxstDqZSt90xkhkn4DIO9ZekX1KHTUPj1WV/cdlJPPT2N" + + "286Z4VeSWc39uK50T8X8dryDxUcwYc58yWb/Ffm7/ZFexwGq01uejaClcjrUGvC/" + + "RgBYK+X0iP1YTknbzSC0neSRBzZrM2w4DUUdD3yIsxx8Wy2O9vPJI8BD8KVbGI2O" + + "u1WMuF040zT9fBdXQ6MdGGzeMyEstSr/POGxKUAYEY18hKcKctaGxAMZyAcpesqV" + + "DNmWn6vQClCbAkbTCD1mpF1Bn5x8vYlLIhkmuquiXsNV6TILOwACAgf/crbApFLO" + + "QikN9lHbn62dDxuu/dNigNmjf/A3cX+vo8aPHTXnRDyDwQALRuqbitdbM6p1LFjG" + + "8g84Aabk/jL7zzjJLqPe8pxeK1Pu+P44NzalXAYMsOOsxGuixIrz3Jw8IrpH/mkP" + + "tG/iX0NaLZ+Au9eokdLb+6NR/a51r2qL3E0ycFciJ61HzZKKHi6d0VQ7CHozCz+j" + + "d5530Mh1qq/ZjYDDjfP+snpyNIZXcLtGR/3HzkBqNgDcvClLx3322AWKDa7pX8DX" + + "qiLr8znWhPRpH9kCTnSpRzhYGT25FRcvdj4/q/oUIET/Tp+BWW3BxAc7WgpgqEfn" + + "fa0Mv72Zbn91gf4JAwITijME9IlFBGAwH6YmBtWIlnDiRbsq/Pxozuhbnes831il" + + "KmdpUKXkiIfHY0MqrEWl3Dfn6PMJGTnhgqXMrDxx3uHrq0Jl2swRnAWIIO8gID7j" + + "uPetUqEviPiwAYeJAEwEGBECAAwFAkEcraYFGwwAAAAACgkQ9P5W+Cv/YhShrgCg" + + "+JW8m5nF3R/oZGuG87bXQBszkjMAoLhGPncuGKowJXMRVc70/8qwXQJLsAFn"); + + private static readonly char[] sec8pass = "qwertyui".ToCharArray(); + + private static readonly byte[] sec9 = Base64.Decode( + "lQGqBEHCokERBAC9rh5SzC1sX1y1zoFuBB/v0SGhoKMEvLYf8Qv/j4deAMrc" + + "w5dxasYoD9oxivIUfTbZKo8cqr+dKLgu8tycigTM5b/T2ms69SUAxSBtj2uR" + + "LZrh4vjC/93kF+vzYJ4fNaBs9DGfCnsTouKjXqmfN3SlPMKNcGutO7FaUC3d" + + "zcpYfwCg7qyONHvXPhS0Iw4QL3mJ/6wMl0UD/0PaonqW0lfGeSjJSM9Jx5Bt" + + "fTSlwl6GmvYmI8HKvOBXAUSTZSbEkMsMVcIgf577iupzgWCgNF6WsNqQpKaq" + + "QIq1Kjdd0Y00xU1AKflOkhl6eufTigjviM+RdDlRYsOO5rzgwDTRTu9giErs" + + "XIyJAIZIdu2iaBHX1zHTfJ1r7nlAA/9H4T8JIhppUk/fLGsoPNZzypzVip8O" + + "mFb9PgvLn5GmuIC2maiocT7ibbPa7XuXTO6+k+323v7PoOUaKD3uD93zHViY" + + "Ma4Q5pL5Ajc7isnLXJgJb/hvvB1oo+wSDo9vJX8OCSq1eUPUERs4jm90/oqy" + + "3UG2QVqs5gcKKR4o48jTiv4DZQJHTlUBtB1mb28ga2V5IDxmb28ua2V5QGlu" + + "dmFsaWQuY29tPoheBBMRAgAeBQJBwqJCAhsDBgsJCAcDAgMVAgMDFgIBAh4B" + + "AheAAAoJEOKcXvehtw4ajJMAoK9nLfsrRY6peq56l/KzmjzuaLacAKCXnmiU" + + "waI7+uITZ0dihJ3puJgUz50BWARBwqJDEAQA0DPcNIn1BQ4CDEzIiQkegNPY" + + "mkYyYWDQjb6QFUXkuk1WEB73TzMoemsA0UKXwNuwrUgVhdpkB1+K0OR/e5ik" + + "GhlFdrDCqyT+mw6dRWbJ2i4AmFXZaRKO8AozZeWojsfP1/AMxQoIiBEteMFv" + + "iuXnZ3pGxSfZYm2+33IuPAV8KKMAAwUD/0C2xZQXgVWTiVz70HUviOmeTQ+f" + + "b1Hj0U9NMXWB383oQRBZCvQDM12cqGsvPZuZZ0fkGehGAIoyXtIjJ9lejzZN" + + "1TE9fnXZ9okXI4yCl7XLSE26OAbNsis4EtKTNScNaU9Dk3CS5XD/pkRjrkPN" + + "2hdUFtshuGmYkqhb9BIlrwE7/gMDAglbVSwecr9mYJcDYCH62U9TScWDTzsQ" + + "NFEfhMez3hGnNHNfHe+7yN3+Q9/LIhbba3IJEN5LsE5BFvudLbArp56EusIn" + + "JCxgiEkEGBECAAkFAkHCokMCGwwACgkQ4pxe96G3Dho2UQCeN3VPwx3dROZ+" + + "4Od8Qj+cLrBndGEAn0vaQdy6eIGeDw2I9u3Quwy6JnROnQHhBEHCozMRBADH" + + "ZBlB6xsAnqFYtYQOHr4pX6Q8TrqXCiHHc/q56G2iGbI9IlbfykQzaPHgWqZw" + + "9P0QGgF/QZh8TitiED+imLlGDqj3nhzpazqDh5S6sg6LYkQPqhwG/wT5sZQQ" + + "fzdeupxupjI5YN8RdIqkWF+ILOjk0+awZ4z0TSY/f6OSWpOXlwCgjIquR3KR" + + "tlCLk+fBlPnOXaOjX+kEAJw7umykNIHNaoY/2sxNhQhjqHVxKyN44y6FCSv9" + + "jRyW8Q/Qc8YhqBIHdmlcXoNWkDtlvErjdYMvOKFqKB1e2bGpjvhtIhNVQWdk" + + "oHap9ZuM1nV0+fD/7g/NM6D9rOOVCahBG2fEEeIwxa2CQ7zHZYfg9Umn3vbh" + + "TYi68R3AmgLOA/wKIVkfFKioI7iX4crQviQHJK3/A90SkrjdMQwLoiUjdgtk" + + "s7hJsTP1OPb2RggS1wCsh4sv9nOyDULj0T0ySGv7cpyv5Nq0FY8gw2oogHs5" + + "fjUnG4VeYW0zcIzI8KCaJT4UhR9An0A1jF6COrYCcjuzkflFbQLtQb9uNj8a" + + "hCpU4/4DAwIUxXlRMYE8uWCranzPo83FnBPRnGJ2aC9SqZWJYVUKIn4Vf2nu" + + "pVvCGFja0usl1WfV72hqlNKEONq7lohJBBgRAgAJBQJBwqMzAhsCAAoJEOKc" + + "Xvehtw4afisAoME/t8xz/rj/N7QRN9p8Ji8VPGSqAJ9K8eFJ+V0mxR+octJr" + + "6neEEX/i1Q=="); + + public char[] sec9pass = "foo".ToCharArray(); + + // version 4 keys with expiry dates + private static readonly byte[] pub10 = Base64.Decode( + "mQGiBEKqia0RBACc3hkufmscRSC4UvPZqMDsHm4+d/GXIr+3iNMSSEySJu8yk+k0" + + "Xs11C/K+n+v1rnn2jGGknv+1lDY6w75TIcTE6o6HGKeIDxsAm8P3MhoGU1GNPamA" + + "eTDeNybtrN/g6C65fCY9uI11hsUboYgQZ8ND22PB0VtvdOgq9D85qNUzxwCg1BbJ" + + "ycAKd4VqEvQ2Zglp3dCSrFMD/Ambq1kZqYa69sp3b9BPKuAgUgUPoytOArEej3Bk" + + "easAgAxNhWJy4GxigES3vk50rVi7w8XBuqbD1mQCzldF0HX0/A7PxLBv6od5uqqF" + + "HFxIyxg/KBZLd9ZOrsSaoUWH58jZq98X/sFtJtRi5VuJagMxCIJD4mLgtMv7Unlb" + + "/GrsA/9DEnObA/fNTgK70T+ZmPIS5tSt+bio30Aw4YGpPCGqpnm1u73b5kqX3U3B" + + "P+vGDvFuqZYpqQA8byAueH0MbaDHI4CFugvShXvgysJxN7ov7/8qsZZUMfK1t2Nr" + + "SAsPuKRbcY4gNKXIElKeXbyaET7vX7uAEKuxEwdYGFp/lNTkHLQgdGVzdCBrZXkg" + + "KHRlc3QpIDx0ZXN0QHRlc3QudGVzdD6IZAQTEQIAJAUCQqqJrQIbAwUJACTqAAYL" + + "CQgHAwIDFQIDAxYCAQIeAQIXgAAKCRDjDROQZRqIzDzLAJ42AeCRIBBjv8r8qw9y" + + "laNj2GZ1sACgiWYHVXMA6B1H9I1kS3YsCd3Oq7qwAgAAuM0EQqqJrhADAKWkix8l" + + "pJN7MMTXob4xFF1TvGll0UD1bDGOMMbes6aeXSbT9QXee/fH3GnijLY7wB+qTPv9" + + "ohubrSpnv3yen3CEBW6Q2YK+NlCskma42Py8YMV2idmYjtJi1ckvHFWt5wADBQL/" + + "fkB5Q5xSGgspMaTZmtmX3zG7ZDeZ0avP8e8mRL8UszCTpqs6vMZrXwyQLZPbtMYv" + + "PQpuRGEeKj0ysimwYRA5rrLQjnRER3nyuuEUUgc4j+aeRxPf9WVsJ/a1FCHtaAP1" + + "iE8EGBECAA8FAkKqia4CGwwFCQAk6gAACgkQ4w0TkGUaiMzdqgCfd66H7DL7kFGd" + + "IoS+NIp8JO+noxAAn25si4QAF7og8+4T5YQUuhIhx/NesAIAAA=="); + + private static readonly byte[] sec10 = Base64.Decode( + "lQHhBEKqia0RBACc3hkufmscRSC4UvPZqMDsHm4+d/GXIr+3iNMSSEySJu8yk+k0" + + "Xs11C/K+n+v1rnn2jGGknv+1lDY6w75TIcTE6o6HGKeIDxsAm8P3MhoGU1GNPamA" + + "eTDeNybtrN/g6C65fCY9uI11hsUboYgQZ8ND22PB0VtvdOgq9D85qNUzxwCg1BbJ" + + "ycAKd4VqEvQ2Zglp3dCSrFMD/Ambq1kZqYa69sp3b9BPKuAgUgUPoytOArEej3Bk" + + "easAgAxNhWJy4GxigES3vk50rVi7w8XBuqbD1mQCzldF0HX0/A7PxLBv6od5uqqF" + + "HFxIyxg/KBZLd9ZOrsSaoUWH58jZq98X/sFtJtRi5VuJagMxCIJD4mLgtMv7Unlb" + + "/GrsA/9DEnObA/fNTgK70T+ZmPIS5tSt+bio30Aw4YGpPCGqpnm1u73b5kqX3U3B" + + "P+vGDvFuqZYpqQA8byAueH0MbaDHI4CFugvShXvgysJxN7ov7/8qsZZUMfK1t2Nr" + + "SAsPuKRbcY4gNKXIElKeXbyaET7vX7uAEKuxEwdYGFp/lNTkHP4DAwLssmOjVC+d" + + "mWB783Lpzjb9evKzsxisTdx8/jHpUSS+r//6/Guyx3aA/zUw5bbftItW57mhuNNb" + + "JTu7WrQgdGVzdCBrZXkgKHRlc3QpIDx0ZXN0QHRlc3QudGVzdD6IZAQTEQIAJAUC" + + "QqqJrQIbAwUJACTqAAYLCQgHAwIDFQIDAxYCAQIeAQIXgAAKCRDjDROQZRqIzDzL" + + "AJ0cYPwKeoSReY14LqJtAjnkX7URHACgsRZWfpbalrSyDnq3TtZeGPUqGX+wAgAA" + + "nQEUBEKqia4QAwClpIsfJaSTezDE16G+MRRdU7xpZdFA9WwxjjDG3rOmnl0m0/UF" + + "3nv3x9xp4oy2O8Afqkz7/aIbm60qZ798np9whAVukNmCvjZQrJJmuNj8vGDFdonZ" + + "mI7SYtXJLxxVrecAAwUC/35AeUOcUhoLKTGk2ZrZl98xu2Q3mdGrz/HvJkS/FLMw" + + "k6arOrzGa18MkC2T27TGLz0KbkRhHio9MrIpsGEQOa6y0I50REd58rrhFFIHOI/m" + + "nkcT3/VlbCf2tRQh7WgD9f4DAwLssmOjVC+dmWDXVLRopzxbBGOvodp/LZoSDb56" + + "gNJjDMJ1aXqWW9qTAg1CFjBq73J3oFpVzInXZ8+Q8inxv7bnWiHbiE8EGBECAA8F" + + "AkKqia4CGwwFCQAk6gAACgkQ4w0TkGUaiMzdqgCgl2jw5hfk/JsyjulQqe1Nps1q" + + "Lx0AoMdnFMZmTMLHn8scUW2j9XO312tmsAIAAA=="); + +// private static readonly char[] sec10pass = "test".ToCharArray(); + + private static readonly byte[] subKeyBindingKey = Base64.Decode( + "mQGiBDWagYwRBAD7UcH4TAIp7tmUoHBNxVxCVz2ZrNo79M6fV63riOiH2uDxfIpr" + + "IrL0cM4ehEKoqlhngjDhX60eJrOw1nC5BpYZRnDnyDYT4wTWRguxObzGq9pqA1dM" + + "oPTJhkFZVIBgFY99/ULRqaUYIhFGgBtnwS70J8/L/PGVc3DmWRLMkTDjSQCg/5Nh" + + "MCjMK++MdYMcMl/ziaKRT6EEAOtw6PnU9afdohbpx9CK4UvCCEagfbnUtkSCQKSk" + + "6cUp6VsqyzY0pai/BwJ3h4apFMMMpVrtBAtchVgqo4xTr0Sve2j0k+ase6FSImiB" + + "g+AR7hvTUTcBjwtIExBc8TuCTqmn4GG8F7UMdl5Z0AZYj/FfAQYaRVZYP/pRVFNx" + + "Lw65BAC/Fi3qgiGCJFvXnHIckTfcAmZnKSEXWY9NJ4YQb4+/nH7Vsw0wR/ZObUHR" + + "bWgTc9Vw1uZIMe0XVj6Yk1dhGRehUnrm3mE7UJxu7pgkBCbFECFSlSSqP4MEJwZV" + + "09YP/msu50kjoxyoTpt+16uX/8B4at24GF1aTHBxwDLd8X0QWrQsTWVycmlsbCBM" + + "eW5jaCBDTEVBUiBzeXN0ZW0gREggPGNsZWFyQG1sLmNvbT6JAEsEEBECAAsFAjWa" + + "gYwECwMBAgAKCRDyAGjiP47/XanfAKCs6BPURWVQlGh635VgL+pdkUVNUwCdFcNa" + + "1isw+eAcopXPMj6ACOapepu5Ag0ENZqBlBAIAPZCV7cIfwgXcqK61qlC8wXo+VMR" + + "OU+28W65Szgg2gGnVqMU6Y9AVfPQB8bLQ6mUrfdMZIZJ+AyDvWXpF9Sh01D49Vlf" + + "3HZSTz09jdvOmeFXklnN/biudE/F/Ha8g8VHMGHOfMlm/xX5u/2RXscBqtNbno2g" + + "pXI61Brwv0YAWCvl9Ij9WE5J280gtJ3kkQc2azNsOA1FHQ98iLMcfFstjvbzySPA" + + "Q/ClWxiNjrtVjLhdONM0/XwXV0OjHRhs3jMhLLUq/zzhsSlAGBGNfISnCnLWhsQD" + + "GcgHKXrKlQzZlp+r0ApQmwJG0wg9ZqRdQZ+cfL2JSyIZJrqrol7DVekyCzsAAgIH" + + "/RYtVo+HROZ6jrNjrATEwQm1fUQrk6n5+2dniN881lF0CNkB4NkHw1Xxz4Ejnu/0" + + "iLg8fkOAsmanOsKpOkRtqUnVpsVL5mLJpFEyCY5jbcfj+KY9/25bs0ga7kLHNZia" + + "zbCxJdF+W179z3nudQxRaXG/0XISIH7ziZbSVni69sKc1osk1+OoOMbSuZ86z535" + + "Pln4fXclkFE927HxfbWoO+60hkOLKh7x+8fC82b3x9vCETujEaxrscO2xS7/MYXP" + + "8t1ffriTDmhuIuQS2q4fLgeWdqrODrMhrD8Dq7e558gzp30ZCqpiS7EmKGczL7B8" + + "gXxbBCVSTxYMJheXt2xMXsuJAD8DBRg1moGU8gBo4j+O/10RAgWdAKCPhaFIXuC8" + + "/cdiNMxTDw9ug3De5QCfYXmDzRSFUu/nrCi8yz/l09wsnxo="); + +// private static readonly byte[] subKeyBindingCheckSum = Base64.Decode("3HU+"); + + // + // PGP8 with SHA1 checksum. + // + private static readonly byte[] rewrapKey = Base64.Decode( + "lQOWBEUPOQgBCADdjPTtl8oOwqJFA5WU8p7oDK5KRWfmXeXUZr+ZJipemY5RSvAM" + + "rxqsM47LKYbmXOJznXCQ8+PPa+VxXAsI1CXFHIFqrXSwvB/DUmb4Ec9EuvNd18Zl" + + "hJAybzmV2KMkaUp9oG/DUvxZJqkpUddNfwqZu0KKKZWF5gwW5Oy05VCpaJxQVXFS" + + "whdbRfwEENJiNx4RB3OlWhIjY2p+TgZfgQjiGB9i15R+37sV7TqzBUZF4WWcnIRQ" + + "DnpUfxHgxQ0wO/h/aooyRHSpIx5i4oNpMYq9FNIyakEx/Bomdbs5hW9dFxhrE8Es" + + "UViAYITgTsyROxmgGatGG09dcmVDJVYF4i7JAAYpAAf/VnVyUDs8HrxYTOIt4rYY" + + "jIHToBsV0IiLpA8fEA7k078L1MwSwERVVe6oHVTjeR4A9OxE52Vroh2eOLnF3ftf" + + "6QThVVZr+gr5qeG3yvQ36N7PXNEVOlkyBzGmFQNe4oCA+NR2iqnAIspnekVmwJV6" + + "xVvPCjWw/A7ZArDARpfthspwNcJAp4SWfoa2eKzvUTznTyqFu2PSS5fwQZUgOB0P" + + "Y2FNaKeqV8vEZu4SUWwLOqXBQIZXiaLvdKNgwFvUe3kSHdCNsrVzW7SYxFwaEog2" + + "o6YLKPVPqjlGX1cMOponGp+7n9nDYkQjtEsGSSMQkQRDAcBdSVJmLO07kFOQSOhL" + + "WQQA49BcgTZyhyH6TnDBMBHsGCYj43FnBigypGT9FrQHoWybfX47yZaZFROAaaMa" + + "U6man50YcYZPwzDzXHrK2MoGALY+DzB3mGeXVB45D/KYtlMHPLgntV9T5b14Scbc" + + "w1ES2OUtsSIUs0zelkoXqjLuKnSIYK3mMb67Au7AEp6LXM8EAPj2NypvC86VEnn+" + + "FH0QHvUwBpmDw0EZe25xQs0brvAG00uIbiZnTH66qsIfRhXV/gbKK9J5DTGIqQ15" + + "DuPpz7lcxg/n2+SmjQLNfXCnG8hmtBjhTe+udXAUrmIcfafXyu68SAtebgm1ga56" + + "zUfqsgN3FFuMUffLl3myjyGsg5DnA/oCFWL4WCNClOgL6A5VkNIUait8QtSdCACT" + + "Y7jdSOguSNXfln0QT5lTv+q1AjU7zjRl/LsFNmIJ5g2qdDyK937FOXM44FEEjZty" + + "/4P2dzYpThUI4QUohIj8Qi9f2pZQueC5ztH6rpqANv9geZKcciAeAbZ8Md0K2TEU" + + "RD3Lh+RSBzILtBtUZXN0IEtleSA8dGVzdEBleGFtcGxlLmNvbT6JATYEEwECACAF" + + "AkUPOQgCGwMGCwkIBwMCBBUCCAMEFgIDAQIeAQIXgAAKCRDYpknHeQaskD9NB/9W" + + "EbFuLaqZAl3yjLU5+vb75BdvcfL1lUs44LZVwobNp3/0XbZdY76xVPNZURtU4u3L" + + "sJfGlaF+EqZDE0Mqc+vs5SIb0OnCzNJ00KaUFraUtkByRV32T5ECHK0gMBjCs5RT" + + "I0vVv+Qmzl4+X1Y2bJ2mlpBejHIrOzrBD5NTJimTAzyfnNfipmbqL8p/cxXKKzS+" + + "OM++ZFNACj6lRM1W9GioXnivBRC88gFSQ4/GXc8yjcrMlKA27JxV+SZ9kRWwKH2f" + + "6o6mojUQxnHr+ZFKUpo6ocvTgBDlC57d8IpwJeZ2TvqD6EdA8rZ0YriVjxGMDrX1" + + "8esfw+iLchfEwXtBIRwS"); + + private static readonly char[] rewrapPass = "voltage123".ToCharArray(); + + private static readonly byte[] pubWithX509 = Base64.Decode( + "mQENBERabjABCACtmfyo6Nph9MQjv4nmCWjZrRYnhXbivomAdIwYkLZUj1bjqE+j" + + "uaLzjZV8xSI59odZvrmOiqlzOc4txitQ1OX7nRgbOJ7qku0dvwjtIn46+HQ+cAFn" + + "2mTi81RyXEpO2uiZXfsNTxUtMi+ZuFLufiMc2kdk27GZYWEuasdAPOaPJnA+wW6i" + + "ZHlt0NfXIGNz864gRwhD07fmBIr1dMFfATWxCbgMd/rH7Z/j4rvceHD2n9yrhPze" + + "YN7W4Nuhsr2w/Ft5Cm9xO7vXT/cpto45uxn8f7jERep6bnUwNOhH8G+6xLQgTLD0" + + "qFBGVSIneK3lobs6+xn6VaGN8W0tH3UOaxA1ABEBAAG0D0NOPXFhLWRlZXBzaWdo" + + "dIkFDgQQZAIFAQUCRFpuMAUDCWdU0gMF/3gCGwPELGQBAQQwggTkMIIDzKADAgEC" + + "AhBVUMV/M6rIiE+IzmnPheQWMA0GCSqGSIb3DQEBBQUAMG4xEzARBgoJkiaJk/Is" + + "ZAEZFgNjb20xEjAQBgoJkiaJk/IsZAEZFgJxYTEVMBMGCgmSJomT8ixkARkWBXRt" + + "czAxMRUwEwYKCZImiZPyLGQBGRYFV2ViZmUxFTATBgNVBAMTDHFhLWRlZXBzaWdo" + + "dDAeFw0wNjA1MDQyMTEyMTZaFw0xMTA1MDQyMTIwMDJaMG4xEzARBgoJkiaJk/Is" + + "ZAEZFgNjb20xEjAQBgoJkiaJk/IsZAEZFgJxYTEVMBMGCgmSJomT8ixkARkWBXRt" + + "czAxMRUwEwYKCZImiZPyLGQBGRYFV2ViZmUxFTATBgNVBAMTDHFhLWRlZXBzaWdo" + + "dDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAK2Z/Kjo2mH0xCO/ieYJ" + + "aNmtFieFduK+iYB0jBiQtlSPVuOoT6O5ovONlXzFIjn2h1m+uY6KqXM5zi3GK1DU" + + "5fudGBs4nuqS7R2/CO0ifjr4dD5wAWfaZOLzVHJcSk7a6Jld+w1PFS0yL5m4Uu5+" + + "IxzaR2TbsZlhYS5qx0A85o8mcD7BbqJkeW3Q19cgY3PzriBHCEPTt+YEivV0wV8B" + + "NbEJuAx3+sftn+Piu9x4cPaf3KuE/N5g3tbg26GyvbD8W3kKb3E7u9dP9ym2jjm7" + + "Gfx/uMRF6npudTA06Efwb7rEtCBMsPSoUEZVIid4reWhuzr7GfpVoY3xbS0fdQ5r" + + "EDUCAwEAAaOCAXwwggF4MAsGA1UdDwQEAwIBhjAPBgNVHRMBAf8EBTADAQH/MB0G" + + "A1UdDgQWBBSmFTRv5y65DHtTYae48zl0ExNWZzCCASUGA1UdHwSCARwwggEYMIIB" + + "FKCCARCgggEMhoHFbGRhcDovLy9DTj1xYS1kZWVwc2lnaHQsQ049cWEtd3VtYW4x" + + "LWRjLENOPUNEUCxDTj1QdWJsaWMlMjBLZXklMjBTZXJ2aWNlcyxDTj1TZXJ2aWNl" + + "cyxDTj1Db25maWd1cmF0aW9uLERDPVdlYmZlLERDPXRtczAxLERDPXFhLERDPWNv" + + "bT9jZXJ0aWZpY2F0ZVJldm9jYXRpb25MaXN0P2Jhc2U/b2JqZWN0Q2xhc3M9Y1JM" + + "RGlzdHJpYnV0aW9uUG9pbnSGQmh0dHA6Ly9xYS13dW1hbjEtZGMud2ViZmUudG1z" + + "MDEucWEuY29tL0NlcnRFbnJvbGwvcWEtZGVlcHNpZ2h0LmNybDAQBgkrBgEEAYI3" + + "FQEEAwIBADANBgkqhkiG9w0BAQUFAAOCAQEAfuZCW3XlB7Eok35zQbvYt9rhAndT" + + "DNw3wPNI4ZzD1nXoYWnwhNNvWRpsOt4ExOSNdaHErfgDXAMyyg66Sro0TkAx8eAj" + + "fPQsyRAh0nm0glzFmJN6TdOZbj7hqGZjc4opQ6nZo8h/ULnaEwMIUW4gcSkZt0ww" + + "CuErl5NUrN3DpkREeCG/fVvQZ8ays3ibQ5ZCZnYBkLYq/i0r3NLW34WfYhjDY48J" + + "oQWtvFSAxvRfz2NGmqnrCHPQZxqlfdta97kDa4VQ0zSeBaC70gZkLmD1GJMxWoXW" + + "6tmEcgPY5SghInUf+L2u52V55MjyAFzVp7kTK2KY+p7qw35vzckrWkwu8AAAAAAA" + + "AQE="); + + private static readonly byte[] secWithPersonalCertificate = Base64.Decode( + "lQOYBEjGLGsBCACp1I1dZKsK4N/I0/4g02hDVNLdQkDZfefduJgyJUyBGo/I" + + "/ZBpc4vT1YwVIdic4ADjtGB4+7WohN4v8siGzwRSeXardSdZVIw2va0JDsQC" + + "yeoTnwVkUgn+w/MDgpL0BBhTpr9o3QYoo28/qKMni3eA8JevloZqlAbQ/sYq" + + "rToMAqn0EIdeVVh6n2lRQhUJaNkH/kA5qWBpI+eI8ot/Gm9kAy3i4e0Xqr3J" + + "Ff1lkGlZuV5H5p/ItZui9BDIRn4IDaeR511NQnKlxFalM/gP9R9yDVI1aXfy" + + "STcp3ZcsTOTGNzACtpvMvl6LZyL42DyhlOKlJQJS81wp4dg0LNrhMFOtABEB" + + "AAEAB/0QIH5UEg0pTqAG4r/3v1uKmUbKJVJ3KhJB5xeSG3dKWIqy3AaXR5ZN" + + "mrJfXK7EfC5ZcSAqx5br1mzVl3PHVBKQVQxvIlmG4r/LKvPVhQYZUFyJWckZ" + + "9QMR+EA0Dcran9Ds5fa4hH84jgcwalkj64XWRAKDdVh098g17HDw+IYnQanl" + + "7IXbYvh+1Lr2HyPo//vHX8DxXIJBv+E4skvqGoNfCIfwcMeLsrI5EKo+D2pu" + + "kAuBYI0VBiZkrJHFXWmQLW71Mc/Bj7wTG8Q1pCpu7YQ7acFSv+/IOCsB9l9S" + + "vdB7pNhB3lEjYFGoTgr03VfeixA7/x8uDuSXjnBdTZqmGqkZBADNwCqlzdaQ" + + "X6CjS5jc3vzwDSPgM7ovieypEL6NU3QDEUhuP6fVvD2NYOgVnAEbJzgOleZS" + + "W2AFXKAf5NDxfqHnBmo/jlYb5yZV5Y+8/poLLj/m8t7sAfAmcZqGXfYMbSbe" + + "tr6TGTUXcXgbRyU5oH1e4iq691LOwZ39QjL8lNQQywQA006XYEr/PS9uJkyM" + + "Cg+M+nmm40goW4hU/HboFh9Ru6ataHj+CLF42O9sfMAV02UcD3Agj6w4kb5L" + + "VswuwfmY+17IryT81d+dSmDLhpo6ufKoAp4qrdP+bzdlbfIim4Rdrw5vF/Yk" + + "rC/Nfm3CLJxTimHJhqFx4MG7yEC89lxgdmcD/iJ3m41fwS+bPN2rrCAf7j1u" + + "JNr/V/8GAnoXR8VV9150BcOneijftIIYKKyKkV5TGwcTfjaxRKp87LTeC3MV" + + "szFDw04MhlIKRA6nBdU0Ay8Yu+EjXHK2VSpLG/Ny+KGuNiFzhqgBxM8KJwYA" + + "ISa1UEqWjXoLU3qu1aD7cCvANPVCOASwAYe0GlBHUCBEZXNrdG9wIDxpbmZv" + + "QHBncC5jb20+sAMD//+JAW4EEAECAFgFAkjGLGswFIAAAAAAIAAHcHJlZmVy" + + "cmVkLWVtYWlsLWVuY29kaW5nQHBncC5jb21wZ3BtaW1lBwsJCAcDAgoCGQEF" + + "GwMAAAADFgECBR4BAAAABRUCCAkKAAoJEHHHqp2m1tlWsx8H/icpHl1Nw17A" + + "D6MJN6zJm+aGja+5BOFxOsntW+IV6JI+l5WwiIVE8xTDhoXW4zdH3IZTqoyY" + + "frtkqLGpvsPtAQmV6eiPgE3+25ahL+MmjXKsceyhbZeCPDtM2M382VCHYCZK" + + "DZ4vrHVgK/BpyTeP/mqoWra9+F5xErhody71/cLyIdImLqXgoAny6YywjuAD" + + "2TrFnzPEBmZrkISHVEso+V9sge/8HsuDqSI03BAVWnxcg6aipHtxm907sdVo" + + "jzl2yFbxCCCaDIKR7XVbmdX7VZgCYDvNSxX3WEOgFq9CYl4ZlXhyik6Vr4XP" + + "7EgqadtfwfMcf4XrYoImSQs0gPOd4QqwAWedA5gESMYsawEIALiazFREqBfi" + + "WouTjIdLuY09Ks7PCkn0eo/i40/8lEj1R6JKFQ5RlHNnabh+TLvjvb3nOSU0" + + "sDg+IKK/JUc8/Fo7TBdZvARX6BmltEGakqToDC3eaF9EQgHLEhyE/4xXiE4H" + + "EeIQeCHdC7k0pggEuWUn5lt6oeeiPUWhqdlUOvzjG+jqMPJL0bk9STbImHUR" + + "EiugCPTekC0X0Zn0yrwyqlJQMWnh7wbSl/uo4q45K7qOhxcijo+hNNrkRAMi" + + "fdNqD4s5qDERqqHdAAgpWqydo7zV5tx0YSz5fjh59Z7FxkUXpcu1WltT6uVn" + + "hubiMTWpXzXOQI8wZL2fb12JmRY47BEAEQEAAQAH+wZBeanj4zne+fBHrWAS" + + "2vx8LYiRV9EKg8I/PzKBVdGUnUs0vTqtXU1dXGXsAsPtu2r1bFh0TQH06gR1" + + "24iq2obgwkr6x54yj+sZlE6SU0SbF/mQc0NCNAXtSKV2hNXvy+7P+sVJR1bn" + + "b5ukuvkj1tgEln/0W4r20qJ60F+M5QxXg6kGh8GAlo2tetKEv1NunAyWY6iv" + + "FTnSaIJ/YaKQNcudNvOJjeIakkIzfzBL+trUiI5n1LTBB6+u3CF/BdZBTxOy" + + "QwjAh6epZr+GnQqeaomFxBc3mU00sjrsB1Loso84UIs6OKfjMkPoZWkQrQQW" + + "+xvQ78D33YwqNfXk/5zQAxkEANZxJGNKaAeDpN2GST/tFZg0R5GPC7uWYC7T" + + "pG100mir9ugRpdeIFvfAa7IX2jujxo9AJWo/b8hq0q0koUBdNAX3xxUaWy+q" + + "KVCRxBifpYVBfEViD3lsbMy+vLYUrXde9087YD0c0/XUrj+oowWJavblmZtS" + + "V9OjkQW9zoCigpf5BADcYV+6bkmJtstxJopJG4kD/lr1o35vOEgLkNsMLayc" + + "NuzES084qP+8yXPehkzSsDB83kc7rKfQCQMZ54V7KCCz+Rr4wVG7FCrFAw4e" + + "4YghfGVU/5whvbJohl/sXXCYGtVljvY/BSQrojRdP+/iZxFbeD4IKiTjV+XL" + + "WKSS56Fq2QQAzeoKBJFUq8nqc8/OCmc52WHSOLnB4AuHL5tNfdE9tjqfzZAE" + + "tx3QB7YGGP57tPQxPFDFJVRJDqw0YxI2tG9Pum8iriKGjHg+oEfFhxvCmPxf" + + "zDKaGibkLeD7I6ATpXq9If+Nqb5QjzPjFbXBIz/q2nGjamZmp4pujKt/aZxF" + + "+YRCebABh4kCQQQYAQIBKwUCSMYsbAUbDAAAAMBdIAQZAQgABgUCSMYsawAK" + + "CRCrkqZshpdZSNAiB/9+5nAny2O9/lp2K2z5KVXqlNAHUmd4S/dpqtsZCbAo" + + "8Lcr/VYayrNojga1U7cyhsvFky3N9wczzPHq3r9Z+R4WnRM1gpRWl+9+xxtd" + + "ZxGfGzMRlxX1n5rCqltKKk6IKuBAr2DtTnxThaQiISO2hEw+P1MT2HnSzMXt" + + "zse5CZ5OiOd/bm/rdvTRD/JmLqhXmOFaIwzdVP0dR9Ld4Dug2onOlIelIntC" + + "cywY6AmnL0DThaTy5J8MiMSPamSmATl4Bicm8YRbHHz58gCYxI5UMLwtwR1+" + + "rSEmrB6GwVHZt0/BzOpuGpvFZI5ZmC5yO/waR1hV+VYj025cIz+SNuDPyjy4" + + "AAoJEHHHqp2m1tlW/w0H/3w38SkB5n9D9JL3chp+8fex03t7CQowVMdsBYNY" + + "qI4QoVQkakkxzCz5eF7rijXt5eC3NE/quWhlMigT8LARiwBROBWgDRFW4WuX" + + "6MwYtjKKUkZSkBKxP3lmaqZrJpF6jfhPEN76zr/NxWPC/nHRNldUdqkzSu/r" + + "PeJyePMofJevzMkUzw7EVtbtWhZavCz+EZXRTZXub9M4mDMj64BG6JHMbVZI" + + "1iDF2yka5RmhXz9tOhYgq80m7UQUb1ttNn86v1zVbe5lmB8NG4Ndv+JaaSuq" + + "SBZOYQ0ZxtMAB3vVVLZCWxma1P5HdXloegh+hosqeu/bl0Wh90z5Bspt6eI4" + + "imqwAWeVAdgESMYtmwEEAM9ZeMFxor7oSoXnhQAXD9lXLLfBky6IcIWISY4F" + + "JWc8sK8+XiVzpOrefKro0QvmEGSYcDFQMHdScBLOTsiVJiqenA7fg1bkBr/M" + + "bnD7vTKMJe0DARlU27tE5hsWCDYTluxIFjGcAcecY2UqHkqpctYKY0WY9EIm" + + "dBA5TYaw3c0PABEBAAEAA/0Zg6318nC57cWLIp5dZiO/dRhTPZD0hI+BWZrg" + + "zJtPT8rXVY+qK3Jwquig8z29/r+nppEE+xQWVWDlv4M28BDJAbGE+qWKAZqT" + + "67lyKgc0c50W/lfbGvvs+F7ldCcNpFvlk79GODKxcEeTGDQKb9R6FnHFee/K" + + "cZum71O3Ku3vUQIA3B3PNM+tKocIUNDHnInuLyqLORwQBNGfjU/pLMM0MkpP" + + "lWeIfgUmn2zL/e0JrRoO0LQqX1LN/TlfcurDM0SEtwIA8Sba9OpDq99Yz360" + + "FiePJiGNNlbj9EZsuGJyMVXL1mTLA6WHnz5XZOfYqJXHlmKvaKDbARW4+0U7" + + "0/vPdYWSaQIAwYeo2Ce+b7M5ifbGMDWYBisEvGISg5xfvbe6qApmHS4QVQzE" + + "Ym81rdJJ8OfvgSbHcgn37S3OBXIQvNdejF4BWqM9sAGHtCBIeW5lay1JbnRy" + + "YW5ldCA8aHluZWtAYWxzb2Z0LmN6PrADA///iQDrBBABAgBVBQJIxi2bBQkB" + + "mgKAMBSAAAAAACAAB3ByZWZlcnJlZC1lbWFpbC1lbmNvZGluZ0BwZ3AuY29t" + + "cGdwbWltZQULBwgJAgIZAQUbAQAAAAUeAQAAAAIVAgAKCRDlTa3BE84gWVKW" + + "BACcoCFKvph9r9QiHT1Z3N4wZH36Uxqu/059EFALnBkEdVudX/p6S9mynGRk" + + "EfhmWFC1O6dMpnt+ZBEed/4XyFWVSLPwirML+6dxfXogdUsdFF1NCRHc3QGc" + + "txnNUT/zcZ9IRIQjUhp6RkIvJPHcyfTXKSbLviI+PxzHU2Padq8pV7ABZ7kA" + + "jQRIfg8tAQQAutJR/aRnfZYwlVv+KlUDYjG8YQUfHpTxpnmVu7W6N0tNg/Xr" + + "5dg50wq3I4HOamRxUwHpdPkXyNF1szpDSRZmlM+VmiIvJDBnyH5YVlxT6+zO" + + "8LUJ2VTbfPxoLFp539SQ0oJOm7IGMAGO7c0n/QV0N3hKUfWgCyJ+sENDa0Ft" + + "JycAEQEAAbABj4kEzQQYAQIENwUCSMYtnAUJAeEzgMLFFAAAAAAAFwNleDUw" + + "OWNlcnRpZmljYXRlQHBncC5jb20wggNhMIICyqADAgECAgkA1AoCoRKJCgsw" + + "DQYJKoZIhvcNAQEFBQAwgakxCzAJBgNVBAYTAkNaMRcwFQYDVQQIEw5DemVj" + + "aCBSZXB1YmxpYzESMBAGA1UEChQJQSYmTCBzb2Z0MSAwHgYDVQQLExdJbnRl" + + "cm5hbCBEZXZlbG9wbWVudCBDQTEqMCgGA1UEAxQhQSYmTCBzb2Z0IEludGVy" + + "bmFsIERldmVsb3BtZW50IENBMR8wHQYJKoZIhvcNAQkBFhBrYWRsZWNAYWxz" + + "b2Z0LmN6MB4XDTA4MDcxNjE1MDkzM1oXDTA5MDcxNjE1MDkzM1owaTELMAkG" + + "A1UEBhMCQ1oxFzAVBgNVBAgTDkN6ZWNoIFJlcHVibGljMRIwEAYDVQQKFAlB" + + "JiZMIHNvZnQxFDASBgNVBAsTC0RldmVsb3BtZW50MRcwFQYDVQQDEw5IeW5l" + + "ay1JbnRyYW5ldDCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAutJR/aRn" + + "fZYwlVv+KlUDYjG8YQUfHpTxpnmVu7W6N0tNg/Xr5dg50wq3I4HOamRxUwHp" + + "dPkXyNF1szpDSRZmlM+VmiIvJDBnyH5YVlxT6+zO8LUJ2VTbfPxoLFp539SQ" + + "0oJOm7IGMAGO7c0n/QV0N3hKUfWgCyJ+sENDa0FtJycCAwEAAaOBzzCBzDAJ" + + "BgNVHRMEAjAAMCwGCWCGSAGG+EIBDQQfFh1PcGVuU1NMIEdlbmVyYXRlZCBD" + + "ZXJ0aWZpY2F0ZTAdBgNVHQ4EFgQUNaw7A6r10PtYZzAvr9CrSKeRYJgwHwYD" + + "VR0jBBgwFoAUmqSRM8rN3+T1+tkGiqef8S5suYgwGgYDVR0RBBMwEYEPaHlu" + + "ZWtAYWxzb2Z0LmN6MCgGA1UdHwQhMB8wHaAboBmGF2h0dHA6Ly9wZXRyazIv" + + "Y2EvY2EuY3JsMAsGA1UdDwQEAwIF4DANBgkqhkiG9w0BAQUFAAOBgQCUdOWd" + + "7mBLWj1/GSiYgfwgdTrgk/VZOJvMKBiiFyy1iFEzldz6Xx+mAexnFJKfZXZb" + + "EMEGWHfWPmgJzAtuTT0Jz6tUwDmeLH3MP4m8uOZtmyUJ2aq41kciV3rGxF0G" + + "BVlZ/bWTaOzHdm6cjylt6xxLt6MJzpPBA/9ZfybSBh1DaAUbDgAAAJ0gBBkB" + + "AgAGBQJIxi2bAAoJEAdYkEWLb2R2fJED/RK+JErZ98uGo3Z81cHkdP3rk8is" + + "DUL/PR3odBPFH2SIA5wrzklteLK/ZXmBUzcvxqHEgI1F7goXbsBgeTuGgZdx" + + "pINErxkNpcMl9FTldWKGiapKrhkZ+G8knDizF/Y7Lg6uGd2nKVxzutLXdHJZ" + + "pU89Q5nzq6aJFAZo5TBIcchQAAoJEOVNrcETziBZXvQD/1mvFqBfWqwXxoj3" + + "8fHUuFrE2pcp32y3ciO2i+uNVEkNDoaVVNw5eHQaXXWpllI/Pe6LnBl4vkyc" + + "n3pjONa4PKrePkEsCUhRbIySqXIHuNwZumDOlKzZHDpCUw72LaC6S6zwuoEf" + + "ucOcxTeGIUViANWXyTIKkHfo7HfigixJIL8nsAFn"); + + // Key from http://www.angelfire.com/pr/pgpf/pgpoddities.html + private static readonly char[] v3KeyPass = "test@key.test".ToCharArray(); + + private static readonly byte[] pubv3 = Base64.Decode( + "mQENAzroPPgAAAEIANnTx/gHfag7qRMG6cVUnYZJjLcsdF6JSaVs+PUDCZ8l2+Z2" + + "V9tgxByp26bymIlq5qFFeoA5vCiKc8qzYiEVLJVVIIDjw/id2gq/TgmxoLAwiDQM" + + "TUKdCFa6pmR/uaxyrnJxfUA7+Qh0R0OjoCxNlrmyO3eiKstsJGqSUFIQq7GhcHc4" + + "nbV59zHhEWnH7DX7sDa9CgF11WxM3sjWp15iOoP1nixhmchDtQ7foUxLsCF36G/4" + + "ijcbN2NjiCDYMFburN8fXgrQzYHAIIiVFE0J+fbXNfPRmnbhQdaC8rIdiQ3tExBb" + + "N0qWhGPT9M4JOZd1yPdFMb9gbntd8VZkiPd6/3sABRG0FHRlc3QgPHRlc3RAa2V5" + + "LnRlc3Q+iQEVAwUQOug8+PFWZIj3ev97AQH7NQgAo3sH+KcsPtAbyp5U02J9h3Ro" + + "aiKpAYxg3rfUVo/RH6hmCWT/AlPHLPZZC/tKiPkuIm2V3Xqyum530N0sBYxNzgNp" + + "us8mK9QurYj2omKzf1ltN+uNHR8vjB8s7jEd/CDCARu81PqNoVq2b9JRFGpGbAde" + + "7kQ/a0r2/IsJ8fz0iSpCH0geoHt3sBk9MyEem4uG0e2NzlH2wBz4H8l8BNHRHBq0" + + "6tGH4h11ZhH3FiNzJWibT2AvzLCqar2qK+6pohKSvIp8zEP7Y/iQzCvkuOfHsUOH" + + "4Utgg85k09hRDZ3pRRL/4R+Z+/1uXb+n6yKbOmpmi7U7wc9IwZxtTlGXsNIf+Q==" + ); + + private static readonly byte[] privv3 = Base64.Decode( + "lQOgAzroPPgAAAEIANnTx/gHfag7qRMG6cVUnYZJjLcsdF6JSaVs+PUDCZ8l2+Z2" + + "V9tgxByp26bymIlq5qFFeoA5vCiKc8qzYiEVLJVVIIDjw/id2gq/TgmxoLAwiDQM" + + "TUKdCFa6pmR/uaxyrnJxfUA7+Qh0R0OjoCxNlrmyO3eiKstsJGqSUFIQq7GhcHc4" + + "nbV59zHhEWnH7DX7sDa9CgF11WxM3sjWp15iOoP1nixhmchDtQ7foUxLsCF36G/4" + + "ijcbN2NjiCDYMFburN8fXgrQzYHAIIiVFE0J+fbXNfPRmnbhQdaC8rIdiQ3tExBb" + + "N0qWhGPT9M4JOZd1yPdFMb9gbntd8VZkiPd6/3sABREDXB5zk3GNdSkH/+/447Kq" + + "hR9uM+UnZz7wDkzmt+7xbNg9F2pr/tghVCM7D0PO1YjH4DBpU1ZRO+v1t/eBB/Jd" + + "3lJYdlWYHOefJkBi44gNAafZ8ysPOJk6OGOjas/sr+JRFiX9Mgzrs2IDiejmuA98" + + "DLuSuNtzFKbE2/DDdOBEizYUjqPLlCdn5sVEt+0WKWJiAv7YonCGguWS3RKfTaYk" + + "9IE9SbI+qph9JsuyTD22GLv+gTMvwCkC1DVaHIVgzURpdnlyYyz4DBh3pAgg0nh6" + + "gpUTsjnUmrvdh+r8qj3oXH7WBMhs6qKYvU1Go5iV3S1Cu4H/Z/+s6XUFgQShevVe" + + "VCy0QtmWSFeySekEACHLJIdBDa8K4dcM2wvccz587D4PtKvMG5j71raOcgVY+r1k" + + "e6au/fa0ACqLNvn6+vFHG+Rurn8RSKV31YmTpx7J5ixTOsB+wVcwTYbrw8uNlBWc" + + "+IkqPwHrtdK95GIYQykfPW95PRudsOBdxwQW4Ax/WCst3fbjo0SZww0Os+3WBADJ" + + "/Nv0mjikXRmqJIzfuI2yxxX4Wm6vqXJkPF7LGtSMB3VEJ3qPsysoai5TYboxA8C1" + + "4rQjIoQjA+87gxZ44PUVxrxBonITCLXJ3GsvDQ2PNhS6WQ9Cf89vtYW1vLW65Nex" + + "+7AuVRepKhx6Heqdf7S03m6UYliIglrEzgEWM1XrOwP/gLMsme4h0LjLgKfd0LBk" + + "qSMdu21VSl60TMTjxav149AdutzuCVa/yPBM/zLQdlvQoGYg2IbN4+7gDHKURcSx" + + "DgOAzCcEZxdMvRk2kaOI5RRf5gV9e+ErvEMzJ/xT8xWsi+aLOhaDMbwq2LLiK2L+" + + "tXV/Z3H/Ot4u3E7H+6fHPElFYbQUdGVzdCA8dGVzdEBrZXkudGVzdD4=" + ); + + private static readonly byte[] probExpPubKey = Base64.Decode( + "mQENBFj1Q70BCAC2ynacUueCmIUXxeYy1HIA92JAhgXrPcD5JkQiNlI779/f" + + "72gLzFDqeNCKLsatnjD3m0tNgPB8vSsg2Um2Np1zTyHRO6hyUZsxmwsMoDrm" + + "RCaJxBuLU6if1S7b9I8A8vIVOLrvUrw48Vh16GZO9eeTmqQ/oNRxN3kuZSVC" + + "ccQ9jgMJqvq3TUJpNeNWp/ibLdBFN6HoOw2Zf1jm+jvYntsocVD+ZtpfHQoO" + + "ZzA55hc7QO0LU3odtdy6sQHvTmZZGHZVYgg6joARY+HZuzm+63vn31ajI16g" + + "ZKKnAjyubQ+giZT05ApQgHpJ7hMXVXVzjxoiE1qapNZBU+K3CwNJWqdjABEB" + + "AAG0CXZhbGlkLWtleYkBPwQTAQgAKQUCWPVDvQIbAwUJAeEzgAcLCQgHAwIB" + + "BhUIAgkKCwQWAgMBAh4BAheAAAoJEBmVFZBmFliQwYUIAIz+PAYEQ2tDjOiq" + + "R6IG0V7zyQjthLcSxWbOEIF53FD3xBx3tAXScq88RlW/QY4d9en+cK3gpvrr" + + "/5aWomi7QoziZeUcMN7HtdqPgqk8DMcogIyS/geK8z4r6eDz3HQWDxAitRTw" + + "bbjFxahUHuetOh9nnTgsDTaimBRKVMLSUqqVYcgmPJLFaJSGRLMF7qHzN9hc" + + "jaiGLCLM9zVg74PnyORwmlnsM81uHzJ3uKueudGDKjMvgsMKODGMUzXArUKO" + + "PrDKKkrx82F5FHMIJ5Mn9fq57leJKzy1APnz7E8/ieqasTsBcC0L/6uJ+sS9" + + "Eca93q4mziqGvFx8cL5ZmlYx++ewAgADuQENBFj1Q70BCADFmn2DXY/G7K5G" + + "v5KLI8296e8q0iETX8516tXB5t0jWzxcsAHeMflsDR+TloXp4Ecznx3Pv8Q0" + + "4dkoo2MiSBiJ5adkwr/zLs+WWqwUjVw6m4ButTaFH/GaoKF+7HWg066NSd/u" + + "4JQaeAqsWqvTW4p3YRDm5GbXID0GsN7APtvUk9ShCeDXP9KZvNeTWFy2+iWd" + + "aYQBoRzTGPpjoboStZPDmLxuPXDbjQIXLys7k3Z0Shx/f5GMHnSyhVDNPlGQ" + + "+aCi2VL/PrwEVp4CCP5dQefNm1q95DCM2wdEQBeC3r3fGTTkBprZTWCwNPo6" + + "sCVaG/BbaFtFgilDUvMFEj5MP3FPABEBAAGJASUEGAEIAA8FAlj1Q70CGwwF" + + "CQHhM4AACgkQGZUVkGYWWJCQxwgAp/eIdOjWK9Tw9SOyFwi83nI92zWdnIxP" + + "KUroKQcXilH1nIyIykDSL2SLHK49c2Cw819MjWTwcUn7/OdZYc+X9ryteEFR" + + "Jge/Qw5CXvmRzhaCDtx6OU2U+/uHGMuvAOwpS1brmKaSN46LwHDHRMGn1+1D" + + "n4uXnFyc9lMDbja5c+b5vX3loulBwXO35ColrLx0Q585QusgMoGJwkr/8tx5" + + "jvLdI+T35e6f84gAlexGenvMDgobw32vaW8dXQQ0BKqNZKjXMy/0OGJs7G1X" + + "VhL+80K6K2UAu84JhBYFgoZQQ6cHtPn/WrSVN7RykSAKIOzvhqt8dFnjDHdH" + + "4xagReRrQbACAAOZAQ0EWPVHNwEIAKy/E/vob7FC+e+FX+W09pqNVMQXACxa" + + "7SCF51aFAMmncOJVS5BlyUjevaC77nXq5YXBvzZjYSN7nS6AOO/5BBXAH2/i" + + "bFBjrtqlLfH7sMqqly3gMWxXDOGw0FvH5DrlIiO8F4TciEXXOLHgMkC6RlBQ" + + "rj+Ca0iB8hEz34xkDB8NccQgfySDdcmOWvVHm9DCO8xbdLRoTb9WFb8w6pkX" + + "wioJnaQ0pa4VYC8gTHOqMgy9/Yk8GHdZ9iOALTNFKCGJZvVKYKL7vhthQV5O" + + "XVBeBGB6eTCFutJpcqdv27V3EwsV77WBHxgTvjsWJoGK7p8jvApgZSYSV1fB" + + "YetDiXhgezEAEQEAAbQKc2lnbi1rZXktMYkBOQQTAQgAIwUCWPVHNwIbAwcL" + + "CQgHAwIBBhUIAgkKCwQWAgMBAh4BAheAAAoJEFdUbHpYn0hjUYwIAIovaR+B" + + "YOYD8nYz3ylrnbRx7pAxaniNN2ZdzkhvbAx9ACvuN56R9GkaU3mwTd3LUEMG" + + "iw4MlvbEeADCckL6sB73esOiteoJz3+0+NCDb5rhbt5YCKQicubxhSNd2qkR" + + "eQE3IYpEd++QHXr/B7U95rwzjXzGImNyK15zuFGboC9VEQOc3ckTugoMirC0" + + "QSpHXAQlPHdwcA/f5ljceVSqGTDPbKFjwpU4kB10ZK8Jm8VLlL1JiCfufyfL" + + "mYTa/ysjzcMI/Z4jTuZ2y0pLR+q8gMpuMfA+MVby3IXrK6hsgQcTjm3idHRx" + + "xxBiRzdpJbh4CJAEu/9BTCr4WQF48rmwLmqwAgADuQENBFj1RzcBCACisowf" + + "NnQQTZBK7nYv24T3I0jDy3fENEtZ/g3pVW/e9BdeyXy0eXMSHgiWqn8LWznD" + + "BYzPbAth4Eq4fyNv2FbkvEHeQwoF893oLonXeyM171A6siptL1LXdqBNYaai" + + "Z62pHYFa4r8q7UzcAeVMKHQYEjbat90FTnFHrT/Mc84ZN7nVnu8PevdM73z0" + + "pdLq2aQ6oPJ+zZDU5nnx9dBiftc3BCn+gBuNua1rQVPBjXv+urEc/nig9dG0" + + "LDH3Gio7Va9AOgkyq6RB0X/yGF1Q4B88n9pHsbIUEH6SjA/WNX0iAqjv2Z7v" + + "fgJaJIr7UY5Lz9hBBpMKeHhhY3p9I4k3gZTnABEBAAGJAR8EGAEIAAkFAlj1" + + "RzcCGwwACgkQV1RselifSGN2Mgf/SmLWjy7PQa8WzwdMfM3ngTkqc6cunmVr" + + "R8cDsevKnwCzN86I9SHgSBIFt3YcCaFOFprF6gREq6He0G+VbyY/7xnjCfrl" + + "ZczkwFddHl3vO/3CcZrPyfFnItMmLYW1WjSOoSfz/uiijzV+R7KcmT3s8z4G" + + "hB4u/yCa5WszRYepVaH6J3IYbfCjMn5YDuv/bxPeqbv0xkTanKeeGHT0MKN2" + + "ff9mtlAK9gj8awU0rlvIcmHXIpcEih9pJDhmtCbapNH2ne4SyixztjfYgdEd" + + "uVUD8gp0mN/5ckVtAwQ8j6Qa6tYoQJfNj/p6OMmR0bQFvVpqTasWoL+hO8Bw" + + "TvUuMkI1uLACAAOZAQ0EWPVHXQEIANB18VoDCSng6SiOIeQwmk01K4Q8jak7" + + "3J5nwKvGHTLHy105AI5d6b3QFRcdK4WzM5ai9Pm5snTyAAGgubcU25dDUAqO" + + "EfyKwWkeBEl9Zc6iXgB2KGrTJylVSrRH6y/CsAo9JOXtyV6S9iKacQBZHVKN" + + "xZGWOlQ72xDfPBjhYi65cUZhNhK4fn32L8WmyKWVWNFfajybHnKN/Wv0R/Uf" + + "TxCWEDA0ieUVKs//m97gCzYC2xODGDEKal6xQsmQB6iRrcPAWpxC9LHG7cGh" + + "oqS99Guj2b5UqdI+69KNpqrbX7vj1mnYo+QrJJCp62+7QMlXAs+1Xih2P6Qe" + + "KMlk97j2gPsAEQEAAbQKc2lnbi1rZXktMokBOQQTAQgAIwUCWPVHXQIbAwcL" + + "CQgHAwIBBhUIAgkKCwQWAgMBAh4BAheAAAoJEGFcNg7n5zRXZYoH/3iFmvXH" + + "TR8lCLs/dj0JQ3FdbBNSwhJRHUh8cpPTcJxFZumAjf1nVJbqKVLhTrrcqZF/" + + "QJdYvfaD/pziaDgNTUdzBC4VXKqtNODS0QLlq1dcZQ/rNst/HlP/e0FCfq3V" + + "HZgsY2Xwmf2gj8sK9bnZT9U6THUU7m6miW4TnQDAhUmBJubmYzKwbrkuca2c" + + "lW3PC53IIjycp7+jY9Hxah/D+MU+0eaelBTQ9rypZNbVOCKcm8rMIKk9HxoX" + + "GfbZuo7L5TT/TFZVwK9DRh0qBqW4fOGSLTNsz0O9QkcrsXxdhvAvX2fiWsZu" + + "2r7E3/c5CIL/s/5C7AzA370wtriu2b4toWSwAgADmQENBFj1XDoBCACyr8Bu" + + "03osh26GiIKOzhfbgH0hdlnJlh8LNo8ALE/Hz4KbxzM9Zyh46NZG5aS5NADd" + + "c7FBWTLqcxS14JobkjM2edJJXIilpCdw9ThuW/gSEYpJbPKRncq8D4K6d8Bg" + + "kWkjadYPsmFzFlnSL0Eki9sW8JRzEACe1R3srJLUN0SsQ6OPwOimv4i2CkYw" + + "RIvjpBhCtIs2qV1ERMpct9/rPDzLlL/YS7MF7PSXd9Jy7J2KuwPNXjcXwRFR" + + "MOTYV3Cx7+OAnUs6+Pyb6DbrYPF8AgC6KKqJXR4Ei5sQCwWkIXQ3sjPBD4x8" + + "hAqBuUzJMnNF00YhDXl4kMI+2r0GSwo+6ZF5ABEBAAG0GWV4cGlyZWQtZW5j" + + "cnlwdGlvbi1zdWJrZXmJAT8EEwEIACkFAlj1XDoCGwMFCRLMAwAHCwkIBwMC" + + "AQYVCAIJCgsEFgIDAQIeAQIXgAAKCRDDZIMAG7vFqFoXB/9exlOGLLK3tiYl" + + "RaPZsq26uOdiU1efO98aJCK7lRaUZkTXlxF9THVQnCRUGjEHPjYIxwm1oeUy" + + "2dvqklq5jIL6Vcmt5hrVax++tIuKBpqISF8wpJcNEmq3zwWUxAhvE3d2mgAn" + + "9AzoabzAy8SBkCZD/o0THB1z1R8CJ3PcmbIzt+CdMwG2NVJLlw5VTNVCp0fc" + + "m8OzxoH0C0qiaR2DPjuRNlXepjz0LC+8coIMOOiJnJnQywGnjNbgoDp79XPn" + + "KpoN+TpXkQkAiuIwlu4GSADUDV8MiUDbhMxZTPJD5KSC47COMZV2huLgRx1x" + + "kwQil3Pqp4PMf/fvgbWE7L9yNz+ysAIAA7kBDQRY9Vw6AQgAzvv+T0ykClWK" + + "wyPuDd+2e0NSxzzyn7ZWrms7FClnvKszjpKnznHiRRE+kXwEJ3HIBJIs604I" + + "09pgIkZZrfx5zkrZm2zpUp7gWndh2c/AiO6/cAe6I3vwodhPyDFn7+JXQjgz" + + "aJWg9jNEbSjodq/mK9K7Ln5YqYNjn/mb+VX4xa0E5YBMcGnLdrkmOJcEZTd5" + + "fedeIVKzU/BAk6YQcrDXuDAKD5yXB4djAhP1p6DUSaQ7iS35pgHTdgNuHBMC" + + "uFxzR4vco/eqRElzaUVIIBGQYUcUE+RDRDREQKCkchrTELGh2GNFieig78D1" + + "3HaVdZb6yJg9gYcuWH54QKgVSnzPxQARAQABiQElBBgBCAAPAhsMBQJY9V0/" + + "BQkABpiFAAoJEMNkgwAbu8WokgoIAIE2uNH0SpHVKB4hJRqYes6hURn8q0HB" + + "+tfvlfrSopaDp2nr55B6dDiJNS3QIMb9nZePOnbW0tVPwga1775Gh0LM3+jf" + + "s8oVgG5EcH+CZWiW0dj4LXvZ5hO4qqJJYF5IC9cbQQOG8TUNZZEHO/Rwe1/0" + + "5mEV+Qw9vPSvEfloMku7pdeZIn8+GLai/jxSC/7WGBeuyhjuCmookrqcufh1" + + "SICnRZPGuIGVqAsAm5pthWHwwwcW7TYy70ml5eTSBwrR3ciVJ+gibLo+p6IK" + + "pd+E71rpk6NwHKvFDCaBW2BUYItgzcapA4ellc6OLeXVSktd4rL9Ad/Vb9Xu" + + "v9zqQppjemywAgADmQENBFj1Z9YBCADEsA6PsyFNS2lK1DOPenoZCLYYujDf" + + "j3zIf7AUG3DHEya3km+mm/etpSS38ENtJRzjZ8Xb8T73iMbsRiMuvbPhLP7L" + + "zMw0YQz2OBqXeft/TM8GhAfRdxGwTRKEhczA/GBVj1uXtt3aH9PKqa4ZBAUC" + + "+mhwts87IY3OlchAzESJnpWYfL+9PD6y0PdgPCQXjwrLuXkwpmR4L2VKLunW" + + "RKdYcV4pWF/MbqND4ZHuYsj11CDYaKdC7Q4LegBlU9wBOEzJR+pRzMog1HgM" + + "UYnifpfcQqJ4xY7mr57eHDNZ/x8UeJDQN2uH3bflWmi8GmE4lrCOp1C7jNAD" + + "vJeF76LP5o1fABEBAAG0EGV4cGlyZWQtbWFpbi1rZXmJAT4EEwEIACkCGwMH" + + "CwkIBwMCAQYVCAIJCgsEFgIDAQIeAQIXgAUCWPVpAgUJAAaYrAAKCRBRNKkC" + + "/D9UQS56B/j/H4nxRPjPHkUSlfPrvP1zP58hDWDN7vFF/3/r8kVTRScWfXXm" + + "63OWpsvWP1i1rPnKsvq/TiS9hvO7bmvhpWiGViUZhWewaPTmtygNbXLgsbF+" + + "47VDG3kHeOLXwouCNwCOa9KUUVy6SJqom3FBlVqU8NyW6SUQtw5Jwvi9nsAV" + + "Vbo9Cg1YDwEJbiVuXO9IB5VZ09+ZEcWMWAJzDPy7yuBeVDoHXuS6uZrkMIMx" + + "gGsH84V3o/8v0D3+a5PnQ1Ke/IRLlLJ2kGMNyqenFVQJWLTIxJK58ppWXwGM" + + "E5jB/Wi0xzw/uSf3aZVBodp2AZdYB48qfMyLOeSObyyPkYayGOSwAgADuQEN" + + "BFj1Z9YBCACwO+T+s2ZXiHmiKSSf5ZdHA02LiHxmO5vfPfh/z65FhYuhkRgt" + + "9wHdKabf7drG2xDmDJwumUxQiut3OnLimN8kXX7Yh/+11S9OHJHA6HkhXAxb" + + "323bHpfJ0Rdjt7MEscIk1qCwboG7cMHiWH1e2IsyR2w5NNQuKLRyUC1AAuMs" + + "1qFmwYpJDSuJZsuL/dd9d2BTfHKA0KeCx5j/6xme82ULNyU8niA3EWjt/Lql" + + "4IZaVQXbBKlBi7ZNC9q8tuYYHkxxGfwhq0g5FWKPumtpFIOV5KZVoil48U9p" + + "c0B/I/IRHXJ2Q4w5YlZQR5cbOKOrQ0/ELYRRvzh4yurzy+sobiGfABEBAAGJ" + + "ASUEGAEIAA8FAlj1Z9YCGwwFCRLMAwAACgkQUTSpAvw/VEHj2ggAoKv89H6V" + + "TSRWCXNq6FZVbD8WFz4emuyn/k4e5C4ULVI8j2eSNUVG3VfPQLzxYC/GjVUU" + + "m38p7wGG8aYYZumUc4+7vR811uBxDTgWnmthR6SRTqutpuvYShlgT5kor3E2" + + "hkZapIrxqKBwZOAi8JK5ADbdLrpQRlDoik10a4KZH4c7FblIxcag1Ee95IOv" + + "xrxFDRRJqdkka+TmtWFuf5eMOSTDeSS8XK4Az8kl8W3CGULICwVWJmfASeeR" + + "TwE+Guw/gx/dhz6ukTgSsxn1EdQMu4GMrlCk5Khwq1soVLumfrch8iqt7y1k" + + "CgNgcu7sk31BaZp2xrGpP1G/kklggTVtxrACAAOZAQ0EWPVqQQEIAMpR07Jm" + + "F2fLdLGLEpge3FCUqxbnyp5xAvLJHyUHLmFqoW8xpPMJHnIZycBcPe5G/S+a" + + "7uLbUMaRALHHFebmopmw4JzW2wFMk/LXST6MmRIfFTcpYqtAn+YNKLUxuqqH" + + "1kHPDG+kjMqzWmW/Heoh4rPHuREm3D0PBXQNLrcHlOV862+g/yLW8QfPd/0E" + + "Mi2A+1gb54J3zLsyQjCEHYguLPtGD7tMdOk7exBgrHD1nado3Ofu3H2zZ7Sc" + + "+izarkIeNDnq4k2eaEmfmiambqDsqdCB8mSP0jKo3+hChDMU43WlL7jka2Ko" + + "Q6zKmKHopZAHjNM1AfUzF8XZWEhQZ8yQP4sAEQEAAbQNZnVsbHktZXhwaXJl" + + "ZIkBPwQTAQgAKQIbAwcLCQgHAwIBBhUIAgkKCwQWAgMBAh4BAheABQJY9Ws1" + + "BQkABph0AAoJEEkvIbBfB919T2oH/1LRkMTU0U/H7gVxMsWyv1aFF5d8FZE4" + + "CnGz9YJmOQky+wck1GH5qLdGaPikD/hC73N2s276KE2iW3wg/VRH+760k69I" + + "+Ffjn252lafBxN5ZISxU1YM7GTjdkLo28ZEVR7dgFJMZTYpoefULh/Vac4KC" + + "ZbAp7OMNBuc8CSYTYGtqThcZB58aM/w4TeWRSBi9CcxP4JObdx2U0aoowJf/" + + "MNcN6/6/tEDYcAYYJoCLiLiVc4yzfS+vrrdM/knARyPyqjQnyo2s/CGyccYz" + + "u0lENc8mquRhqBbb+zI98eez8oxAVxzxhafTmtOn5+M8/1fpsPT70sZUlK+K" + + "z7iVCCJS0uewAgADuQENBFj1akEBCADhxBHK/Yzg5kuLiF0DsTYCslRTNr3s" + + "wU+vv1WGrGd14ktp2XZlNnhnF5N2cpCVi9CiUf8B9Hq7N7caa4E7F56EzEpf" + + "ccTJy3tysvtRiWwOhlBgkgNK5RxRCBMa6fXAgON2AX8EjFYBc0L7e/35CLQn" + + "3SGAyYiZ97PhH3gD15C7qwyqSKR2J++FPYEH1BYm2FbxZ22joJ3jP86EWTiq" + + "UYcXWwIRuDeZvP7hDdozJMMM8MGtnnSFWvBgotBf7P8ttq6lbdMLQzJTFXUS" + + "z9qsNgdBQo8PNrE2Ig9HuOJlEY2g8EXUhqHgMtCYIimN4FjFFEMdMiIrwc+t" + + "ygNSysmcN/EnABEBAAGJASUEGAEIAA8CGwwFAlj1a0EFCQAGmIAACgkQSS8h" + + "sF8H3X2XPggAlxD+W9jL+AAlKpXcwuvzLOxHL4i/x4snqx+UMZkNrohP5wed" + + "du8KuewWCjF08qVL4CzkUbu7T3xOkG3mghvwv8/2AeoEtyeNCNyNtVi+oLAL" + + "AW3fA199rFwK/6C+c5QPUlFLrJMFK4S62LR16U+gLpWbjVg88DFRIfq7ISGP" + + "K+VLZlMGqvtO6s/uRgFpjTZsrh50CaQ7l1gHwFsdA7W0J0uR9fq3YYWXcUS+" + + "Dzn1bYyL47v67YfSIAe3fWkwKujMWgqeZP37Wx9S68mdZwGWM4dL7p2gm+FZ" + + "rnv5PgyOlHqBTHHj/pnLNNAhlPGLtQkVe5MuluSPpQYwAsdJzX5aLrACAAOZ" + + "AQ0EWPV1SgEIALxHYi0DZvv2m+M/6p8FxOye/PAaJhhrMsKOS2D7IJeEujk3" + + "+6/75P7Rp3P50qCHq5jl7+GqquEf1pKjwBgTe8vhT7sxPimzsZ73R4PmTFhj" + + "WzxDUnLKYE2+McuhuBTKFep0tZcxtzEMLPuA7Wd78lR1YtuAYmLI5Q24iGn5" + + "X62RZhvecms5Iul0GVo77o3S52P+yiyEWhd0v3LuHxoglJiLAqWv4EoO3ciG" + + "LAZTgfMloDyHmkuGI+fqnfb6wYbkmH6pEguXV6GAfcWvBH0UoaVgcp7muAkD" + + "B7MNWMljmy7KEseUJ5/jqJd+CFPPLx6HL3PYV+L8rsrKGkVZ98PDKUUAEQEA" + + "AbQeZG91YmxlLXNpZ25hdHVyZS1leHBpcmVkLWZpcnN0iQE/BBMBCAApAhsD" + + "BwsJCAcDAgEGFQgCCQoLBBYCAwECHgECF4AFAlj1dzkFCQAGmW8ACgkQWv1T" + + "qduyxA0fKgf/d4WPcxh+4TK+tPNM2JKP7X3UywiUeK7DL8Hbz1Fd4JvOrw9t" + + "EBlrX6+RLzljjfZ1iXIvZLwMacV70zO64pndiKUi24cIFtumOgSY29WSfA6r" + + "VEy/7Pj8KB6D8h52uEmI/l7+R01W9cDTc2/FMwHpfgMGs4tnfDPs9I5o3GaP" + + "N7gPyeh1CWPg07Se4vYTQXQpE80i3NuSDIIdxDRF60mXhIzuKuPmZaky5VfZ" + + "JemkuJg9xZUqIZkKN7DPd+bdLCHYT/4sO9KpXdhCqXOcrQcrZ+pK8+XF9oow" + + "I0zHmVfzs6sx49nN9r6IkWp2ptcPVYy/xbuR4FNqu3zywBoaHCYwm7ACAAOJ" + + "AT8EEwEIACkFAlj1dUoCGwMFCRLMAwAHCwkIBwMCAQYVCAIJCgsEFgIDAQIe" + + "AQIXgAAKCRBa/VOp27LEDTKpB/97tH64nH+il9x/3JYXqXZ5dBoQnvUbPbU0" + + "Zb6MJXKRfh+T+SDtUSzjeWGgNFY8tGe2EuPbWrSY6IOilwKs2mk/flXoiKxm" + + "x45nAjPfdbaOhNC8J4d3GOqga8ysICWpWZK6JOb3SfzKa49Un4aALp5tGEIu" + + "aJAlNyS+U5BHhCMl5qiYCn+YyuL54B6z1MChqC8s9Zsmr7vbum97bsK8X5dK" + + "fZEL5CJqZGcVgh4dbcVhjXmBCFXfwNxHyZGeMBUegcF9TNdi03QghFjyV3qn" + + "WtesVjx9AWN3QFxgHRPwOt4vGPMDPvLgGLIJ1ecZT3PEelKG5fuHrWdwjnaL" + + "YmmzrjUbsAIAA7kBDQRY9XVKAQgAzr1JH5kZ+GeSDcflHZHQQ/cjoqvRw7dl" + + "SP/Je7IGBF21QDjlgesSzSyKvR49P0pI9us9fN7weU4YyJEWk1JP87wO/hAb" + + "qHkZvqaPFmUQq+8s/JaWcAdADqmEYaqf4O5Z4QpaWelv+DiXITLFyHGchKwY" + + "Z7JQv8JtWRuNSARMl4Xw/rrB342cy7BVU4p502tv/0tTWdtGn/lJA2kashoN" + + "7GS2AmSvXtHHT4acLuIYglJAMU2Xb5P3vhKalvLVbwqVEEkH2rFeX9QQIw2r" + + "JpqZarW6sbXxMuOxj7lBWa4/hL0oz2Tyit6f8QIqJDlvzR4tus/xyDgipFhT" + + "6Kzey6dRFQARAQABiQElBBgBCAAPBQJY9XVKAhsMBQkSzAMAAAoJEFr9U6nb" + + "ssQNIcYH/juwAmPLNTRkssajoT2I+z6rk/SHMWyfYgxml+XneBE/sQQ8pU6f" + + "9DrroqyZpQh8cOMzdKLNM3/ilFbHplRXDk4ehDo5XYgVk2PcQvo10eOrVHO/" + + "9YMXzb8ZYwkbdiQGPB/1nQNl80mWcVQjw2atlyoWm7MKpqZDjil2t59s8Jxv" + + "IXqc0o7FkpB6r8i2TKZuWkUhyzrPBr+i6yuFfJg6diV2huGYTZ2lcNO7TiMj" + + "pRgq8KjK59Cm8iosvJxGTAd2KXZBAxCamiIYEhNHFRmBX5+PR+zpeG0p+t2k" + + "voqMwoEHcbSh4L6h/aiH6fFpPMjdKuYKj1QOJ2Aie2HbhYqbE6ewAgADmQEN" + + "BFj1fKQBCACZB8WV+FuMc4Ryh/Z9/AwdV2h0kRaux2A/7fsvoSVPUi4o89hN" + + "uzULN7qfw3kcoYf63LsAXT9xYeYmrBpPhUg/jWSHqb7sX3du30hRO2YaikPJ" + + "VD1j241zn9VjwBsKNbbUSp1pxvCjhQazwm06wFKWfJ7KbyHrZuH0F1ynLga3" + + "6UNfPrHPxxDaBx3TlvEM0dJMu5dhPyWpUUTMAM1cEzkY13W2evwZ9mmvnJEc" + + "kKuomoLk1rVGLsyP0OH8uR3+2Uvm2zFUnr/zRm7y6561nlJNTCr+Y3U+4j05" + + "VwunRyA85Kw6QqEhVq7E2e49rPafSfgF5wcvcCnnyaumtY8efo9rABEBAAG0" + + "EXRyaXBsZS1zaWduZWQta2V5iQE/BBMBCAApAhsDBwsJCAcDAgEGFQgCCQoL" + + "BBYCAwECHgECF4AFAlj1fVEFCQBB660ACgkQifz6SyM2MzO2Qgf/SlF+9qsf" + + "nMJyH+8sn+v4wyarKbHvXh6oXLRWp2pdtRXD/H2HfkTj9zCnSwDuos1mAtet" + + "YDRX/dc6C4YRTUJM9VHmHXkQJN8cW1b33cleHSViUdSmKRMCDYoCYbgT7k2u" + + "wZx+OQZLxqQ9oT7AqJFhxxSJNYKDBwOPJmV++8L84FCOFxO1bwfpwq0zRTlL" + + "WSMRwcwICeBaZ6qwCuHSxVzHL27JEWLM1v5T2DWYYY8TCgH0sspO3FLepPaS" + + "mMHsUoX1vo72fTqzSeucO7eFWMX919h/2YsVpk/G8c3N7YaulAa0bfc1C+1u" + + "iRygA978Uh7dwO8fGX7ZZApk/mCoKQwB7LACAAOJAT8EEwEIACkFAlj1fKQC" + + "GwMFCQANLwAHCwkIBwMCAQYVCAIJCgsEFgIDAQIeAQIXgAAKCRCJ/PpLIzYz" + + "Mw9GB/4mzkmW2HeeAXDvy2KZqpoGnrzR8AO3HmkZBPKV+kXTDp4Vpt6Tr9AB" + + "Sg3IOv07mLj9T7v0UI4HiKX+s8vFVGGE1Ad74zYJTJJNBKojSP4ZmqldJbS1" + + "DbvqfYxZgm/oC56qtKhLI/eB/3lPJxrGWnB5Vq9HbRY5Y3Jrvky8LLM7rhfn" + + "8MDFJGQebgC4RaR/AhQ8wstp2LnwsqptUX06sQXzfNKjv1N1JjCV5WUPDnI+" + + "wEXt0jvlcVN7BVNGOnMVuQt3HSJcDHSwUrVkIOZMbTfNsW7n6LiTYdOZZsVS" + + "I5KEEx23DYOKwWwBagGII4RlhYJO1cm6XediuZMqLl1qwIjwsAIAA4kBPwQT" + + "AQgAKQIbAwcLCQgHAwIBBhUIAgkKCwQWAgMBAh4BAheABQJY9XzpBQkSzANF" + + "AAoJEIn8+ksjNjMzih4H/RUKWx4oHSI+QfsNwWUFjxgoM8qPuya248fJVqTr" + + "zqT2zhEctLKcyFsei7QcgfksJyZklY9AV0NeNCXkg6iUoX+5ZTxpu2Fblf6l" + + "7ZKzQZPGV1lWBbOW+ybm8xGpmKZaNYiFHjVvXZ4QNkvQMw+GCe+D+yQxvMIm" + + "G5/1k7VrEGpwL31BaiBsoQ2ADHXAHk7Aa+4stp8V3db2jNzln6aHbriGvjLH" + + "FUa2CstdtfBo52hzWcQGSp4XsbEcrjP6bYskJW+spJjvLL48tFMbSFIdNJMo" + + "l6WIXBItbCkG9GUbAK6t3reIeVvoXLqKN/vzWFPJ6B1JLmRfRU5q5GFBBzvH" + + "TZOwAgADuQENBFj1fKQBCAC3B46wgfnaS/TgBQD284P+isKn6jcEy79oivV0" + + "lMTrQxexQBbzXnCBt2l8p+kOYm8YTeNJecg7gpTYLckbL2EsMwhiLt3mrgiB" + + "eFdRhNbuYH9jXekysE3zmGmM4BS/KjIcm8Jngk2zVY/o/GA6Mg3s3XgCU4Fa" + + "HYd+ojbkORVI3p1MF/hy3Rqbe1WJKgPOCXW+n/TLMzciRr0Y8EVCcSopFCGX" + + "6QFJVKPwYLqIKfYkJhyEmIAlBu1747ysAV42Bfr5TjkNH+jIOy4rDVYjDzCS" + + "pwx/TF/7970QEYlwPQYKEZGW2yYVKq4Y0pMKbAwo/sCpjI2cOu9cwcLkBlFg" + + "8/hlABEBAAGJASUEGAEIAA8CGwwFAlj1fVYFCQBB67IACgkQifz6SyM2MzMf" + + "DAf/T/rfVynO00CLLX5oMvRJITQH6yu7aiCqOJEsDaxxpQL3tJhMJRyybCmI" + + "kXATcEtn6GNAbGJViw6I1o1K6HmeAHECxR64uKvhsMeoC0XuPPvVZD7qAUaQ" + + "KRi6l4j/2e7YCqp5F+Xz1zhER2nwGnqYpM7IR0M3OPbwQVgPe2FaQYYnY16J" + + "bGHyFtdfwyJEzzR8YMcgAnrD8TI+SvErFEH+0vzV+JA1gjYd2l3/ijDj82rn" + + "WDoIM5gfjeZgwht1vl6+7J+h20yjFrBdf7gJj9OcIGmwlpQ56qzbT4U++mw3" + + "pW2tN2VuYtreceEoI4B6yUGMEhI9t/asLgn7wEAU2lpuE7ACAAM="); + + [Test] + public void PerformTest1() + { + PgpPublicKeyRingBundle pubRings = new PgpPublicKeyRingBundle(pub1); + + int count = 0; + + foreach (PgpPublicKeyRing pgpPub1 in pubRings.GetKeyRings()) + { + count++; + + int keyCount = 0; + byte[] bytes = pgpPub1.GetEncoded(); + + PgpPublicKeyRing pgpPub2 = new PgpPublicKeyRing(bytes); + + foreach (PgpPublicKey pubKey in pgpPub2.GetPublicKeys()) + { + keyCount++; + + foreach (PgpSignature sig in pubKey.GetSignatures()) + { + if (sig == null) + Fail("null signature found"); + } + } + + if (keyCount != 2) + { + Fail("wrong number of public keys"); + } + } + + if (count != 1) + { + Fail("wrong number of public keyrings"); + } + + // + // exact match + // + count = 0; + foreach (PgpPublicKeyRing pgpPub3 in pubRings.GetKeyRings("test (Test key) ")) + { + if (pgpPub3 == null) + Fail("null keyring found"); + + count++; + } + + if (count != 1) + { + Fail("wrong number of public keyrings on exact match"); + } + + // + // partial match 1 expected + // + count = 0; + foreach (PgpPublicKeyRing pgpPub4 in pubRings.GetKeyRings("test", true)) + { + if (pgpPub4 == null) + Fail("null keyring found"); + + count++; + } + + if (count != 1) + { + Fail("wrong number of public keyrings on partial match 1"); + } + + // + // partial match 0 expected + // + count = 0; + foreach (PgpPublicKeyRing pgpPub5 in pubRings.GetKeyRings("XXX", true)) + { + if (pgpPub5 == null) + Fail("null keyring found"); + + count++; + } + + if (count != 0) + { + Fail("wrong number of public keyrings on partial match 0"); + } + + // + // case-insensitive partial match + // + count = 0; + foreach (PgpPublicKeyRing pgpPub6 in pubRings.GetKeyRings("TEST@ubicall.com", true, true)) + { + if (pgpPub6 == null) + Fail("null keyring found"); + + count++; + } + + if (count != 1) + { + Fail("wrong number of public keyrings on case-insensitive partial match"); + } + + PgpSecretKeyRingBundle secretRings = new PgpSecretKeyRingBundle(sec1); + count = 0; + + foreach (PgpSecretKeyRing pgpSec1 in secretRings.GetKeyRings()) + { + count++; + + int keyCount = 0; + + byte[] bytes = pgpSec1.GetEncoded(); + + PgpSecretKeyRing pgpSec2 = new PgpSecretKeyRing(bytes); + + foreach (PgpSecretKey k in pgpSec2.GetSecretKeys()) + { + keyCount++; + PgpPublicKey pk = k.PublicKey; + + pk.GetSignatures(); + + byte[] pkBytes = pk.GetEncoded(); + + PgpPublicKeyRing pkR = new PgpPublicKeyRing(pkBytes); + } + + if (keyCount != 2) + { + Fail("wrong number of secret keys"); + } + } + + if (count != 1) + { + Fail("wrong number of secret keyrings"); + } + + // + // exact match + // + count = 0; + foreach (PgpSecretKeyRing o1 in secretRings.GetKeyRings("test (Test key) ")) + { + if (o1 == null) + Fail("null keyring found"); + + count++; + } + + if (count != 1) + { + Fail("wrong number of secret keyrings on exact match"); + } + + // + // partial match 1 expected + // + count = 0; + foreach (PgpSecretKeyRing o2 in secretRings.GetKeyRings("test", true)) + { + if (o2 == null) + Fail("null keyring found"); + + count++; + } + + if (count != 1) + { + Fail("wrong number of secret keyrings on partial match 1"); + } + + // + // exact match 0 expected + // + count = 0; + foreach (PgpSecretKeyRing o3 in secretRings.GetKeyRings("test", false)) + { + if (o3 == null) + Fail("null keyring found"); + + count++; + } + + if (count != 0) + { + Fail("wrong number of secret keyrings on partial match 0"); + } + + // + // case-insensitive partial match + // + count = 0; + foreach (PgpSecretKeyRing o4 in secretRings.GetKeyRings("TEST@ubicall.com", true, true)) + { + if (o4 == null) + Fail("null keyring found"); + + count++; + } + + if (count != 1) + { + Fail("wrong number of secret keyrings on case-insensitive partial match"); + } + } + + [Test] + public void PerformTest2() + { + PgpPublicKeyRingBundle pubRings = new PgpPublicKeyRingBundle(pub2); + + int count = 0; + + byte[] encRing = pubRings.GetEncoded(); + + pubRings = new PgpPublicKeyRingBundle(encRing); + + foreach (PgpPublicKeyRing pgpPub1 in pubRings.GetKeyRings()) + { + count++; + + int keyCount = 0; + + byte[] bytes = pgpPub1.GetEncoded(); + + PgpPublicKeyRing pgpPub2 = new PgpPublicKeyRing(bytes); + + foreach (PgpPublicKey pk in pgpPub2.GetPublicKeys()) + { + byte[] pkBytes = pk.GetEncoded(); + + PgpPublicKeyRing pkR = new PgpPublicKeyRing(pkBytes); + + keyCount++; + } + + if (keyCount != 2) + { + Fail("wrong number of public keys"); + } + } + + if (count != 2) + { + Fail("wrong number of public keyrings"); + } + + PgpSecretKeyRingBundle secretRings2 = new PgpSecretKeyRingBundle(sec2); + + count = 0; + + + encRing = secretRings2.GetEncoded(); + PgpSecretKeyRingBundle secretRings = new PgpSecretKeyRingBundle(encRing); + + foreach (PgpSecretKeyRing pgpSec1 in secretRings2.GetKeyRings()) + { + count++; + + int keyCount = 0; + + byte[] bytes = pgpSec1.GetEncoded(); + + PgpSecretKeyRing pgpSec2 = new PgpSecretKeyRing(bytes); + + foreach (PgpSecretKey k in pgpSec2.GetSecretKeys()) + { + keyCount++; + PgpPublicKey pk = k.PublicKey; + + if (pk.KeyId == -1413891222336124627L) + { + int sCount = 0; + + foreach (PgpSignature pgpSignature in pk.GetSignaturesOfType(PgpSignature.SubkeyBinding)) + { + int type = pgpSignature.SignatureType; + if (type != PgpSignature.SubkeyBinding) + { + Fail("failed to return correct signature type"); + } + sCount++; + } + + if (sCount != 1) + { + Fail("failed to find binding signature"); + } + } + + pk.GetSignatures(); + + if (k.KeyId == -4049084404703773049L + || k.KeyId == -1413891222336124627L) + { + k.ExtractPrivateKey(sec2pass1); + } + else if (k.KeyId == -6498553574938125416L + || k.KeyId == 59034765524361024L) + { + k.ExtractPrivateKey(sec2pass2); + } + } + + if (keyCount != 2) + { + Fail("wrong number of secret keys"); + } + } + + if (count != 2) + { + Fail("wrong number of secret keyrings"); + } + } + + [Test] + public void PerformTest3() + { + PgpPublicKeyRingBundle pubRings = new PgpPublicKeyRingBundle(pub3); + + int count = 0; + + byte[] encRing = pubRings.GetEncoded(); + + pubRings = new PgpPublicKeyRingBundle(encRing); + + foreach (PgpPublicKeyRing pgpPub1 in pubRings.GetKeyRings()) + { + count++; + + int keyCount = 0; + + byte[] bytes = pgpPub1.GetEncoded(); + + PgpPublicKeyRing pgpPub2 = new PgpPublicKeyRing(bytes); + + foreach (PgpPublicKey pubK in pgpPub2.GetPublicKeys()) + { + keyCount++; + pubK.GetSignatures(); + } + + if (keyCount != 2) + { + Fail("wrong number of public keys"); + } + } + + if (count != 1) + { + Fail("wrong number of public keyrings"); + } + + PgpSecretKeyRingBundle secretRings2 = new PgpSecretKeyRingBundle(sec3); + + count = 0; + + encRing = secretRings2.GetEncoded(); + + PgpSecretKeyRingBundle secretRings = new PgpSecretKeyRingBundle(encRing); + + foreach (PgpSecretKeyRing pgpSec1 in secretRings2.GetKeyRings()) + { + count++; + + int keyCount = 0; + + byte[] bytes = pgpSec1.GetEncoded(); + + PgpSecretKeyRing pgpSec2 = new PgpSecretKeyRing(bytes); + + foreach (PgpSecretKey k in pgpSec2.GetSecretKeys()) + { + keyCount++; + k.ExtractPrivateKey(sec3pass1); + } + + if (keyCount != 2) + { + Fail("wrong number of secret keys"); + } + } + + if (count != 1) + { + Fail("wrong number of secret keyrings"); + } + } + + [Test] + public void PerformTest4() + { + PgpSecretKeyRingBundle secretRings1 = new PgpSecretKeyRingBundle(sec4); + int count = 0; + + + byte[] encRing = secretRings1.GetEncoded(); + + PgpSecretKeyRingBundle secretRings2 = new PgpSecretKeyRingBundle(encRing); + + foreach (PgpSecretKeyRing pgpSec1 in secretRings1.GetKeyRings()) + { + count++; + + int keyCount = 0; + + byte[] bytes = pgpSec1.GetEncoded(); + + PgpSecretKeyRing pgpSec2 = new PgpSecretKeyRing(bytes); + + foreach (PgpSecretKey k in pgpSec2.GetSecretKeys()) + { + keyCount++; + k.ExtractPrivateKey(sec3pass1); + } + + if (keyCount != 2) + { + Fail("wrong number of secret keys"); + } + } + + if (count != 1) + { + Fail("wrong number of secret keyrings"); + } + } + + [Test] + public void PerformTest5() + { + PgpPublicKeyRingBundle pubRings = new PgpPublicKeyRingBundle(pub5); + + int count = 0; + + byte[] encRing = pubRings.GetEncoded(); + + pubRings = new PgpPublicKeyRingBundle(encRing); + + foreach (PgpPublicKeyRing pgpPub1 in pubRings.GetKeyRings()) + { + count++; + + int keyCount = 0; + + byte[] bytes = pgpPub1.GetEncoded(); + + PgpPublicKeyRing pgpPub2 = new PgpPublicKeyRing(bytes); + + foreach (PgpPublicKey o in pgpPub2.GetPublicKeys()) + { + if (o == null) + Fail("null keyring found"); + + keyCount++; + } + + if (keyCount != 2) + { + Fail("wrong number of public keys"); + } + } + + if (count != 1) + { + Fail("wrong number of public keyrings"); + } + + PgpSecretKeyRingBundle secretRings1 = new PgpSecretKeyRingBundle(sec5); + + count = 0; + + encRing = secretRings1.GetEncoded(); + + PgpSecretKeyRingBundle secretRings2 = new PgpSecretKeyRingBundle(encRing); + + foreach (PgpSecretKeyRing pgpSec1 in secretRings1.GetKeyRings()) + { + count++; + + int keyCount = 0; + + byte[] bytes = pgpSec1.GetEncoded(); + + PgpSecretKeyRing pgpSec2 = new PgpSecretKeyRing(bytes); + + foreach (PgpSecretKey k in pgpSec2.GetSecretKeys()) + { + keyCount++; + k.ExtractPrivateKey(sec5pass1); + } + + if (keyCount != 2) + { + Fail("wrong number of secret keys"); + } + } + + if (count != 1) + { + Fail("wrong number of secret keyrings"); + } + } + + [Test] + public void PerformTest6() + { + PgpPublicKeyRingBundle pubRings = new PgpPublicKeyRingBundle(pub6); + + foreach (PgpPublicKeyRing pgpPub in pubRings.GetKeyRings()) + { + foreach (PgpPublicKey k in pgpPub.GetPublicKeys()) + { + if (k.KeyId == 0x5ce086b5b5a18ff4L) + { + int count = 0; + + foreach (PgpSignature sig in k.GetSignaturesOfType(PgpSignature.SubkeyRevocation)) + { + if (sig == null) + Fail("null signature found"); + + count++; + } + + if (count != 1) + { + Fail("wrong number of revocations in test6."); + } + } + } + } + + byte[] encRing = pubRings.GetEncoded(); + } + + [Test] + public void TestRevocation() + { + PgpPublicKeyRing pgpPub = new PgpPublicKeyRing(pub7); + PgpPublicKey masterKey = null; + + foreach (PgpPublicKey k in pgpPub.GetPublicKeys()) + { + if (k.IsMasterKey) + { + masterKey = k; + } + } + + int count = 0; + PgpSignature sig = null; + foreach (PgpSignature pgpSig in masterKey.GetSignaturesOfType(PgpSignature.KeyRevocation)) + { + sig = pgpSig; + ++count; + } + + if (count != 1) + { + Fail("wrong number of revocations in test7."); + } + + sig.InitVerify(masterKey); + + if (!sig.VerifyCertification(masterKey)) + { + Fail("failed to verify revocation certification"); + } + + pgpPub = new PgpPublicKeyRing(pub7sub); + masterKey = null; + + foreach (PgpPublicKey k in pgpPub.GetPublicKeys()) + { + if (k.IsMasterKey) + { + masterKey = k; + continue; + } + + count = 0; + sig = null; + + foreach (PgpSignature pgpSig in k.GetSignaturesOfType(PgpSignature.SubkeyRevocation)) + { + sig = pgpSig; + ++count; + } + + if (count != 1) + { + Fail("wrong number of revocations in test7 subkey."); + } + + if (sig.SignatureType != PgpSignature.SubkeyRevocation) + { + Fail("wrong signature found"); + } + + sig.InitVerify(masterKey); + + if (!sig.VerifyCertification(masterKey, k)) + { + Fail("failed to verify revocation certification of subkey"); + } + } + } + + [Test] + public void PerformTest8() + { + PgpPublicKeyRingBundle pubRings = new PgpPublicKeyRingBundle(pub8); + + int count = 0; + + byte[] encRing = pubRings.GetEncoded(); + + pubRings = new PgpPublicKeyRingBundle(encRing); + + foreach (PgpPublicKeyRing pgpPub1 in pubRings.GetKeyRings()) + { + count++; + + int keyCount = 0; + + byte[] bytes = pgpPub1.GetEncoded(); + + PgpPublicKeyRing pgpPub2 = new PgpPublicKeyRing(bytes); + + foreach (PgpPublicKey o in pgpPub2.GetPublicKeys()) + { + if (o == null) + Fail("null key found"); + + keyCount++; + } + + if (keyCount != 2) + { + Fail("wrong number of public keys"); + } + } + + if (count != 2) + { + Fail("wrong number of public keyrings"); + } + + PgpSecretKeyRingBundle secretRings1 = new PgpSecretKeyRingBundle(sec8); + + count = 0; + + encRing = secretRings1.GetEncoded(); + + PgpSecretKeyRingBundle secretRings2 = new PgpSecretKeyRingBundle(encRing); + + foreach (PgpSecretKeyRing pgpSec1 in secretRings1.GetKeyRings()) + { + count++; + + int keyCount = 0; + + byte[] bytes = pgpSec1.GetEncoded(); + + PgpSecretKeyRing pgpSec2 = new PgpSecretKeyRing(bytes); + + foreach (PgpSecretKey k in pgpSec2.GetSecretKeys()) + { + keyCount++; + k.ExtractPrivateKey(sec8pass); + } + + if (keyCount != 2) + { + Fail("wrong number of secret keys"); + } + } + + if (count != 1) + { + Fail("wrong number of secret keyrings"); + } + } + + [Test] + public void PerformTest9() + { + PgpSecretKeyRingBundle secretRings1 = new PgpSecretKeyRingBundle(sec9); + + int count = 0; + + byte[] encRing = secretRings1.GetEncoded(); + + PgpSecretKeyRingBundle secretRings2 = new PgpSecretKeyRingBundle(encRing); + + foreach (PgpSecretKeyRing pgpSec1 in secretRings1.GetKeyRings()) + { + count++; + + int keyCount = 0; + + byte[] bytes = pgpSec1.GetEncoded(); + + PgpSecretKeyRing pgpSec2 = new PgpSecretKeyRing(bytes); + + foreach (PgpSecretKey k in pgpSec2.GetSecretKeys()) + { + keyCount++; + + PgpPrivateKey pKey = k.ExtractPrivateKey(sec9pass); + if (keyCount == 1 && pKey != null) + { + Fail("primary secret key found, null expected"); + } + } + + if (keyCount != 3) + { + Fail("wrong number of secret keys"); + } + } + + if (count != 1) + { + Fail("wrong number of secret keyrings"); + } + } + + [Test] + public void PerformTest10() + { + PgpSecretKeyRing secretRing = new PgpSecretKeyRing(sec10); + + foreach (PgpSecretKey secretKey in secretRing.GetSecretKeys()) + { + PgpPublicKey pubKey = secretKey.PublicKey; + + if (pubKey.ValidDays != 28) + { + Fail("days wrong on secret key ring"); + } + + if (pubKey.GetValidSeconds() != 28 * 24 * 60 * 60) + { + Fail("seconds wrong on secret key ring"); + } + } + + PgpPublicKeyRing publicRing = new PgpPublicKeyRing(pub10); + + foreach (PgpPublicKey pubKey in publicRing.GetPublicKeys()) + { + if (pubKey.ValidDays != 28) + { + Fail("days wrong on public key ring"); + } + + if (pubKey.GetValidSeconds() != 28 * 24 * 60 * 60) + { + Fail("seconds wrong on public key ring"); + } + } + } + + [Test] + public void PerformTest11() + { + PgpPublicKeyRing pubRing = new PgpPublicKeyRing(subKeyBindingKey); + + foreach (PgpPublicKey key in pubRing.GetPublicKeys()) + { + if (key.GetValidSeconds() != 0) + { + Fail("expiration time non-zero"); + } + } + } + + [Test] + public void GenerateTest() + { + char[] passPhrase = "hello".ToCharArray(); + DsaParametersGenerator pGen = new DsaParametersGenerator(); + pGen.Init(512, 80, Random); + DsaParameters dsaParams = pGen.GenerateParameters(); + DsaKeyGenerationParameters dsaKgp = new DsaKeyGenerationParameters(Random, dsaParams); + IAsymmetricCipherKeyPairGenerator dsaKpg = GeneratorUtilities.GetKeyPairGenerator("DSA"); + dsaKpg.Init(dsaKgp); + + + // + // this takes a while as the key generator has to Generate some DSA parameters + // before it Generates the key. + // + AsymmetricCipherKeyPair dsaKp = dsaKpg.GenerateKeyPair(); + IAsymmetricCipherKeyPairGenerator elgKpg = GeneratorUtilities.GetKeyPairGenerator("ELGAMAL"); + + BigInteger g = new BigInteger("153d5d6172adb43045b68ae8e1de1070b6137005686d29d3d73a7749199681ee5b212c9b96bfdcfa5b20cd5e3fd2044895d609cf9b410b7a0f12ca1cb9a428cc", 16); + BigInteger p = new BigInteger("9494fec095f3b85ee286542b3836fc81a5dd0a0349b4c239dd38744d488cf8e31db8bcb7d33b41abb9e5a33cca9144b1cef332c94bf0573bf047a3aca98cdf3b", 16); + + ElGamalParameters elParams = new ElGamalParameters(p, g); + ElGamalKeyGenerationParameters elKgp = new ElGamalKeyGenerationParameters(Random, elParams); + elgKpg.Init(elKgp); + + // + // this is quicker because we are using preGenerated parameters. + // + AsymmetricCipherKeyPair elgKp = elgKpg.GenerateKeyPair(); + PgpKeyPair dsaKeyPair = new PgpKeyPair(PublicKeyAlgorithmTag.Dsa, dsaKp, DateTime.UtcNow); + PgpKeyPair elgKeyPair = new PgpKeyPair(PublicKeyAlgorithmTag.ElGamalEncrypt, elgKp, DateTime.UtcNow); + + PgpKeyRingGenerator keyRingGen = new PgpKeyRingGenerator(PgpSignature.PositiveCertification, dsaKeyPair, + "test", SymmetricKeyAlgorithmTag.Aes256, passPhrase, false, null, null, Random); + + keyRingGen.AddSubKey(elgKeyPair); + + PgpSecretKeyRing keyRing = keyRingGen.GenerateSecretKeyRing(); + + keyRing.GetSecretKey().ExtractPrivateKey(passPhrase); + + PgpPublicKeyRing pubRing = keyRingGen.GeneratePublicKeyRing(); + + PgpPublicKey vKey = null; + PgpPublicKey sKey = null; + + foreach (PgpPublicKey pk in pubRing.GetPublicKeys()) + { + if (pk.IsMasterKey) + { + vKey = pk; + } + else + { + sKey = pk; + } + } + + foreach (PgpSignature sig in sKey.GetSignatures()) + { + if (sig.KeyId == vKey.KeyId + && sig.SignatureType == PgpSignature.SubkeyBinding) + { + sig.InitVerify(vKey); + + if (!sig.VerifyCertification(vKey, sKey)) + { + Fail("failed to verify sub-key signature."); + } + } + } + } + + [Test] + public void InsertMasterTest() + { + char[] passPhrase = "hello".ToCharArray(); + IAsymmetricCipherKeyPairGenerator rsaKpg = GeneratorUtilities.GetKeyPairGenerator("RSA"); + + rsaKpg.Init(new KeyGenerationParameters(Random, 512)); + + // + // this is quicker because we are using pregenerated parameters. + // + AsymmetricCipherKeyPair rsaKp = rsaKpg.GenerateKeyPair(); + PgpKeyPair rsaKeyPair1 = new PgpKeyPair(PublicKeyAlgorithmTag.RsaGeneral, rsaKp, DateTime.UtcNow); + + rsaKp = rsaKpg.GenerateKeyPair(); + PgpKeyPair rsaKeyPair2 = new PgpKeyPair(PublicKeyAlgorithmTag.RsaGeneral, rsaKp, DateTime.UtcNow); + + PgpKeyRingGenerator keyRingGen = new PgpKeyRingGenerator(PgpSignature.PositiveCertification, + rsaKeyPair1, "test", SymmetricKeyAlgorithmTag.Aes256, passPhrase, false, null, null, Random); + PgpSecretKeyRing secRing1 = keyRingGen.GenerateSecretKeyRing(); + PgpPublicKeyRing pubRing1 = keyRingGen.GeneratePublicKeyRing(); + + keyRingGen = new PgpKeyRingGenerator(PgpSignature.PositiveCertification, + rsaKeyPair2, "test", SymmetricKeyAlgorithmTag.Aes256, passPhrase, false, null, null, Random); + PgpSecretKeyRing secRing2 = keyRingGen.GenerateSecretKeyRing(); + PgpPublicKeyRing pubRing2 = keyRingGen.GeneratePublicKeyRing(); + + try + { + PgpPublicKeyRing.InsertPublicKey(pubRing1, pubRing2.GetPublicKey()); + Fail("adding second master key (public) should throw an ArgumentException"); + } + catch (ArgumentException e) + { + if (!e.Message.Equals("cannot add a master key to a ring that already has one")) + { + Fail("wrong message in public test"); + } + } + + try + { + PgpSecretKeyRing.InsertSecretKey(secRing1, secRing2.GetSecretKey()); + Fail("adding second master key (secret) should throw an ArgumentException"); + } + catch (ArgumentException e) + { + if (!e.Message.Equals("cannot add a master key to a ring that already has one")) + { + Fail("wrong message in secret test"); + } + } + } + + [Test] + public void GenerateSha256Test() + { + char[] passPhrase = "hello".ToCharArray(); + + IAsymmetricCipherKeyPairGenerator dsaKpg = GeneratorUtilities.GetKeyPairGenerator("DSA"); + DsaParametersGenerator pGen = new DsaParametersGenerator(); + pGen.Init(512, 80, Random); + DsaParameters dsaParams = pGen.GenerateParameters(); + DsaKeyGenerationParameters kgp = new DsaKeyGenerationParameters(Random, dsaParams); + dsaKpg.Init(kgp); + + // + // this takes a while as the key generator has to generate some DSA params + // before it generates the key. + // + AsymmetricCipherKeyPair dsaKp = dsaKpg.GenerateKeyPair(); + + + IAsymmetricCipherKeyPairGenerator elgKpg = GeneratorUtilities.GetKeyPairGenerator("ELGAMAL"); + + BigInteger g = new BigInteger("153d5d6172adb43045b68ae8e1de1070b6137005686d29d3d73a7749199681ee5b212c9b96bfdcfa5b20cd5e3fd2044895d609cf9b410b7a0f12ca1cb9a428cc", 16); + BigInteger p = new BigInteger("9494fec095f3b85ee286542b3836fc81a5dd0a0349b4c239dd38744d488cf8e31db8bcb7d33b41abb9e5a33cca9144b1cef332c94bf0573bf047a3aca98cdf3b", 16); + + ElGamalParameters elParams = new ElGamalParameters(p, g); + ElGamalKeyGenerationParameters elKgp = new ElGamalKeyGenerationParameters(Random, elParams); + elgKpg.Init(elKgp); + + // + // this is quicker because we are using preGenerated parameters. + // + AsymmetricCipherKeyPair elgKp = elgKpg.GenerateKeyPair(); + + + PgpKeyPair dsaKeyPair = new PgpKeyPair(PublicKeyAlgorithmTag.Dsa, dsaKp, DateTime.UtcNow); + PgpKeyPair elgKeyPair = new PgpKeyPair(PublicKeyAlgorithmTag.ElGamalEncrypt, elgKp, DateTime.UtcNow); + PgpKeyPair dsaSubKeyPair = new PgpKeyPair(PublicKeyAlgorithmTag.Dsa, dsaKpg.GenerateKeyPair(), DateTime.UtcNow); + + PgpKeyRingGenerator keyRingGen = new PgpKeyRingGenerator(PgpSignature.PositiveCertification, dsaKeyPair, + "test", SymmetricKeyAlgorithmTag.Aes256, passPhrase, true, null, null, Random); + + keyRingGen.AddSubKey(elgKeyPair, HashAlgorithmTag.Sha256); + + keyRingGen.AddSubKey(dsaSubKeyPair, HashAlgorithmTag.Sha256, HashAlgorithmTag.Sha256); + + PgpSecretKeyRing keyRing = keyRingGen.GenerateSecretKeyRing(); + + keyRing.GetSecretKey().ExtractPrivateKey(passPhrase); + + PgpPublicKeyRing pubRing = keyRingGen.GeneratePublicKeyRing(); + + PgpPublicKey vKey = null; + PgpPublicKey sKey = null; + PgpPublicKey sdKey = null; + + foreach (PgpPublicKey pk in pubRing.GetPublicKeys()) + { + if (pk.IsMasterKey) + { + vKey = pk; + } + else + { + if (pk.IsEncryptionKey) + { + sKey = pk; + } + else + { + sdKey = pk; + } + } + } + + foreach (PgpSignature sig in sKey.GetSignatures()) + { + if (sig.KeyId == vKey.KeyId + && sig.SignatureType == PgpSignature.SubkeyBinding) + { + sig.InitVerify(vKey); + + if (!sig.VerifyCertification(vKey, sKey)) + { + Fail("failed to verify sub-key signature."); + } + } + } + + foreach (PgpSignature sig in sdKey.GetSignatures()) + { + if (sig.KeyId == vKey.KeyId + && sig.SignatureType == PgpSignature.SubkeyBinding) + { + sig.InitVerify(vKey); + + if (!sig.VerifyCertification(vKey, sdKey)) + { + Fail("failed to verify dsa sub-key signature."); + } + + PgpSignature bindSig = sig.GetHashedSubPackets().GetEmbeddedSignatures()[0]; + + bindSig.InitVerify(sdKey); + + if (!bindSig.VerifyCertification(vKey, sdKey)) + { + Fail("failed to verify dsa sub-key primary binding signature."); + } + } + } + } + + [Test] + public void RewrapTest() + { + // Read the secret key rings + PgpSecretKeyRingBundle privRings = new PgpSecretKeyRingBundle( + new MemoryStream(rewrapKey, false)); + + char[] newPass = "fred".ToCharArray(); + + foreach (PgpSecretKeyRing pgpPrivEnum in privRings.GetKeyRings()) + { + PgpSecretKeyRing pgpPriv = pgpPrivEnum; + + foreach (PgpSecretKey pgpKeyEnum in pgpPriv.GetSecretKeys()) + { + long oldKeyID = pgpKeyEnum.KeyId; + + // re-encrypt the key with an empty password + pgpPriv = PgpSecretKeyRing.RemoveSecretKey(pgpPriv, pgpKeyEnum); + PgpSecretKey pgpKey = PgpSecretKey.CopyWithNewPassword( + pgpKeyEnum, + rewrapPass, + null, + SymmetricKeyAlgorithmTag.Null, + Random); + pgpPriv = PgpSecretKeyRing.InsertSecretKey(pgpPriv, pgpKey); + + // this should succeed + PgpPrivateKey privTmp = pgpKey.ExtractPrivateKey(null); + + if (pgpKey.KeyId != oldKeyID || pgpKey.S2kUsage != SecretKeyPacket.UsageNone) + { + Fail("usage/key ID mismatch"); + } + } + + foreach (PgpSecretKey pgpKeyEnum in pgpPriv.GetSecretKeys()) + { + long oldKeyID = pgpKeyEnum.KeyId; + + // re-encrypt the key with an empty password + pgpPriv = PgpSecretKeyRing.RemoveSecretKey(pgpPriv, pgpKeyEnum); + PgpSecretKey pgpKey = PgpSecretKey.CopyWithNewPassword( + pgpKeyEnum, + null, + newPass, + SymmetricKeyAlgorithmTag.Cast5, + Random); + pgpPriv = PgpSecretKeyRing.InsertSecretKey(pgpPriv, pgpKey); + + // this should succeed + PgpPrivateKey privTmp = pgpKey.ExtractPrivateKey(newPass); + + if (pgpKey.KeyId != oldKeyID || pgpKey.S2kUsage != SecretKeyPacket.UsageChecksum) + { + Fail("usage/key ID mismatch"); + } + } + } + } + + [Test] + public void RewrapTestV3() + { + // Read the secret key rings + PgpSecretKeyRingBundle privRings = new PgpSecretKeyRingBundle( + new MemoryStream(privv3, false)); + + char[] newPass = "fred".ToCharArray(); + + foreach (PgpSecretKeyRing pgpPrivEnum in privRings.GetKeyRings()) + { + PgpSecretKeyRing pgpPriv = pgpPrivEnum; + + foreach (PgpSecretKey pgpKeyEnum in pgpPriv.GetSecretKeys()) + { + long oldKeyID = pgpKeyEnum.KeyId; + + // re-encrypt the key with an empty password + pgpPriv = PgpSecretKeyRing.RemoveSecretKey(pgpPriv, pgpKeyEnum); + PgpSecretKey pgpKey = PgpSecretKey.CopyWithNewPassword( + pgpKeyEnum, + v3KeyPass, + null, + SymmetricKeyAlgorithmTag.Null, + Random); + pgpPriv = PgpSecretKeyRing.InsertSecretKey(pgpPriv, pgpKey); + + // this should succeed + PgpPrivateKey privTmp = pgpKey.ExtractPrivateKey(null); + + if (pgpKey.KeyId != oldKeyID) + { + Fail("key ID mismatch"); + } + } + + foreach (PgpSecretKey pgpKeyEnum in pgpPriv.GetSecretKeys()) + { + long oldKeyID = pgpKeyEnum.KeyId; + + // re-encrypt the key with an empty password + pgpPriv = PgpSecretKeyRing.RemoveSecretKey(pgpPriv, pgpKeyEnum); + PgpSecretKey pgpKey = PgpSecretKey.CopyWithNewPassword( + pgpKeyEnum, + null, + newPass, + SymmetricKeyAlgorithmTag.Cast5, + Random); + pgpPriv = PgpSecretKeyRing.InsertSecretKey(pgpPriv, pgpKey); + + // this should succeed + PgpPrivateKey privTmp = pgpKey.ExtractPrivateKey(newPass); + + if (pgpKey.KeyId != oldKeyID) + { + Fail("key ID mismatch"); + } + } + } + } + + [Test] + public void PublicKeyRingWithX509Test() + { + checkPublicKeyRingWithX509(pubWithX509); + + PgpPublicKeyRing pubRing = new PgpPublicKeyRing(pubWithX509); + + checkPublicKeyRingWithX509(pubRing.GetEncoded()); + } + + [Test] + public void SecretKeyRingWithPersonalCertificateTest() + { + checkSecretKeyRingWithPersonalCertificate(secWithPersonalCertificate); + PgpSecretKeyRingBundle secRing = new PgpSecretKeyRingBundle(secWithPersonalCertificate); + checkSecretKeyRingWithPersonalCertificate(secRing.GetEncoded()); + } + + private void checkSecretKeyRingWithPersonalCertificate( + byte[] keyRing) + { + PgpSecretKeyRingBundle secCol = new PgpSecretKeyRingBundle(keyRing); + + int count = 0; + + foreach (PgpSecretKeyRing ring in secCol.GetKeyRings()) + { + IEnumerator e = ring.GetExtraPublicKeys().GetEnumerator(); + while (e.MoveNext()) + { + ++count; + } + } + + if (count != 1) + { + Fail("personal certificate data subkey not found - count = " + count); + } + } + + private void checkPublicKeyRingWithX509( + byte[] keyRing) + { + PgpPublicKeyRing pubRing = new PgpPublicKeyRing(keyRing); + IEnumerator en = pubRing.GetPublicKeys().GetEnumerator(); + + if (en.MoveNext()) + { + PgpPublicKey key = (PgpPublicKey) en.Current; + + IEnumerator sEn = key.GetSignatures().GetEnumerator(); + + if (sEn.MoveNext()) + { + PgpSignature sig = (PgpSignature) sEn.Current; + if (sig.KeyAlgorithm != PublicKeyAlgorithmTag.Experimental_1) + { + Fail("experimental signature not found"); + } + if (!AreEqual(sig.GetSignature(), Hex.Decode("000101"))) + { + Fail("experimental encoding check failed"); + } + } + else + { + Fail("no signature found"); + } + } + else + { + Fail("no key found"); + } + } + + [Test] + public void TestExpiryDate() + { + PgpPublicKeyRingBundle pgpRingCollection = new PgpPublicKeyRingBundle(probExpPubKey); + + foreach (PgpPublicKeyRing pgpRing in pgpRingCollection.GetKeyRings()) + { + foreach (PgpPublicKey pubKey in pgpRing.GetPublicKeys()) + { + // this key has 2 self signatures on it - the most recent key validity is for 432495 seconds. + if (0x5afd53a9dbb2c40dL == pubKey.KeyId) + { + IsTrue("wrong validity date", pubKey.GetValidSeconds() == 432495); + } + // this key has 3 self signatures on it - the most recent key validity is for 4320173 seconds. + else if (unchecked((long)0x89FCFA4B23363333L) == pubKey.KeyId) + { + IsTrue("wrong validity date", pubKey.GetValidSeconds() == 4320173); + } + } + } + } + + public override void PerformTest() + { + TestExpiryDate(); + PerformTest1(); + PerformTest2(); + PerformTest3(); + PerformTest4(); + PerformTest5(); + PerformTest6(); + TestRevocation(); + PerformTest8(); + PerformTest9(); + PerformTest10(); + PerformTest11(); + + GenerateTest(); + GenerateSha256Test(); + RewrapTest(); + PublicKeyRingWithX509Test(); + SecretKeyRingWithPersonalCertificateTest(); + InsertMasterTest(); + LongSubPacketsTest(); + } + + private void LongSubPacketsTest() + { + Stream fIn = SimpleTest.GetTestDataAsStream("openpgp.longSigSubPack.asc"); + Stream bIn = new BufferedStream(fIn); + PgpPublicKeyRing pkr = new PgpPublicKeyRing(PgpUtilities.GetDecoderStream(bIn)); + bIn.Close(); + + PgpPublicKey masterpk = pkr.GetPublicKey(); + + // Check userids + foreach (string uid in masterpk.GetUserIds()) + { + CheckUidSig(masterpk, uid); + } + } + + private void CheckUidSig(PgpPublicKey pk, string uid) + { + foreach (PgpSignature sig in pk.GetSignaturesForId(uid)) + { + if (!IsGoodUidSignature(sig, pk, uid)) + { + Fail("Bad self-signature found for '" + uid + "'"); + } + } + } + + private static bool IsGoodUidSignature(PgpSignature sig, PgpPublicKey masterpk, string uid) + { + sig.InitVerify(masterpk); + return sig.VerifyCertification(uid, masterpk); + } + + public override string Name + { + get { return "PgpKeyRingTest"; } + } + + public static void Main(string[] args) + { + RunTest(new PgpKeyRingTest()); + } + } +} diff --git a/BouncyCastle/crypto/test/src/openpgp/test/PgpMarkerTest.cs b/BouncyCastle/crypto/test/src/openpgp/test/PgpMarkerTest.cs new file mode 100644 index 0000000..929be6d --- /dev/null +++ b/BouncyCastle/crypto/test/src/openpgp/test/PgpMarkerTest.cs @@ -0,0 +1,100 @@ +using System; + +using NUnit.Framework; + +using Org.BouncyCastle.Utilities.Encoders; +using Org.BouncyCastle.Utilities.Test; + +namespace Org.BouncyCastle.Bcpg.OpenPgp.Tests +{ + [TestFixture] + public class PgpMarkerTest + : SimpleTest + { + private static readonly byte[] message1 = Base64.Decode( + "qANQR1DBwU4DdrlXatQSHgoQCADWlhY3bWWaOTm4t2espRWPFQmETeinnieHce64" + + "lmEIFzaryEWeSdQc8XGfDzcb7sxq7b5b9Hm6OrACcCbSp2KGEJNG5kJmo2A16UPq" + + "JdK4xNelpJRh3KcJPv+N/9VJrMdj4C+DRnGNFg1hTQf3RKsX+ms2V0OBC5vGlOZY" + + "zX+XZz/7hl1PXVLN23u4npZI/1xETI2VtRoM76S6oykGXxMtT3+sGU1fAVEKVS45" + + "pyQHWbBqApkWrURq0xBqpVfDwOgGw09dJxt2igW9hjvNAd9tJiMGrMF5o2OLlub7" + + "c7FiK+dWLLcw+nx7Hl6FQmo9E8qyW8x1Cb78HjR/JXMgH/ngB/4gba6xX+s5TJkW" + + "H2Wpp5ePTw39EqHosUMrm05R+C0ha3EyyaJIvKj2WWmImKu5PWo1t37Pi6KHFNC3" + + "wsYJMRKnnNtd34luMTOgLpDcdgClzfp2p6EqHMoB7Uj3etlLmbN+vpGgz9qkLBRV" + + "7MpR1yE9qrZNeGgbkry6N31w5E7HoAHu5JNcwxgzbJoj2lI8uvs6Gf7fEoQOuAPE" + + "W/SGlfR2BdBPiJ1yErMElc2O8LVS0wTwwifHpEsMV+1ntl1EC5d052lo+6q7zNqD" + + "uYt1/2if6h9W9fe+S9mzr0ZAtxIN2ZGOFJJRnqzjDQ4siB9nnwr6YgvUVRSr/lQB" + + "hDTd0bmjyWacCt0PPMJWchO6A5tzqKUpTWSYibpdks80kLQogQHsJTZd/kpS0I6f" + + "gD0HYYlMssZwhg2J2TWwXDpDTgQ6mzFKbGSdOSk/deTJj2+EubzxaZcxZEocCJA8" + + "bppCj4kLBnCj1LjYx7A="); + + private static readonly byte[] message2 = Base64.Decode( + "qANQR1DBwU4DZlTzKj+E4aMQCADruFAojUIlHGcnswLIekvhbVnaHnbCt6Kp" + + "IL2zppmEIYJ9n1xCO1k+3Y5j9vNATbqCVWs1HD0aAL3PRI1eZ1l8GkIBCd2z" + + "tcZpSI/uyI/JCzVW2stCH0gpP2V7zcjk8HaIuBz4ZsyU9m7v6LwCDPB4CTrb" + + "Z5nn5Jm3eowonQsRL/3TpJtG+IjTaw29NbCBNNX8quM5LwfIsfWovqNv28r1" + + "aX8FsqoTRsWEfQ7dMV/swVGqv0PgKxqErdnZVJ2yOJqjLk+lBJT6zhqPijGV" + + "10pc68hdZxxLU1KZq25DAjS12xcAgagjRkOmYE/H1oEjGZlXfS4y/xQ7skHa" + + "HI+b04vECACTpQPwCXhxYiNWnf4XhJPONIGyrsXVtsTNwzOShFPmeUvpipP4" + + "HknakBkBuUY49xcffQogW/NlGCZnQOulDLE6fCH/krkSmI8WVP5Vhf6bM1Qm" + + "92dHZFoTrrcQ9NVGaCNHHWf7KXkNfKdTkE23LdggoVrVAzO4WcdqVc6s/or7" + + "jQYP9zXLeu8+GGFMxe/9FCtoIWbujGQHsdDEkCK4h+D44EVDPzbvWj39ZB4w" + + "hHoab8RLHd7njcrPeoCPdYkFVCKOSuLdxxYZDbbmgpISaafrafwefkkESeGu" + + "JzbNhmyS8zfOiejWzndaLYWUSE/sqISK9Pg+xKundnFPk04+AhIRyYEoUjG3" + + "LgGVyM49mrM8E7QwAGU0m/VCJLoOu+N74Z1rp1wFdA5yCllFlONNM4Czhd1D" + + "ZMyLFqGXiKlyVCPlUTN2uVisYQGr6iNGYSPxpKjwiAzdeeQBPOETG0vd3nTO" + + "MN4BMKcG+kRJd5FU72SRfmbGwPPjd1gts9xFvtj4Tvpkam8="); + + public override void PerformTest() + { + // + // test encrypted message + // + PgpObjectFactory pgpFact = new PgpObjectFactory(message1); + + if (pgpFact.NextPgpObject() is PgpMarker) + { + if (pgpFact.NextPgpObject() is PgpEncryptedDataList) + { + return; + } + else + { + Fail("error processing after marker."); + } + } + + // TODO Does this even get called? + pgpFact = new PgpObjectFactory(message2); + + if (pgpFact.NextPgpObject() is PgpMarker) + { + if (!(pgpFact.NextPgpObject() is PgpEncryptedDataList)) + { + return; + } + else + { + Fail("error processing after marker."); + } + } + } + + public override string Name + { + get { return "PgpMarkerTest"; } + } + + public static void Main(string[] args) + { + RunTest(new PgpMarkerTest()); + } + + [Test] + public void TestFunction() + { + string resultText = Perform().ToString(); + + Assert.AreEqual(Name + ": Okay", resultText); + } + } +} diff --git a/BouncyCastle/crypto/test/src/openpgp/test/PgpParsingTest.cs b/BouncyCastle/crypto/test/src/openpgp/test/PgpParsingTest.cs new file mode 100644 index 0000000..6a56884 --- /dev/null +++ b/BouncyCastle/crypto/test/src/openpgp/test/PgpParsingTest.cs @@ -0,0 +1,39 @@ +using System; +using System.IO; + +using NUnit.Framework; + +using Org.BouncyCastle.Utilities.Test; + +namespace Org.BouncyCastle.Bcpg.OpenPgp.Tests +{ + [TestFixture] + public class PgpParsingTest + : SimpleTest + { + public override void PerformTest() + { + Stream fIn = SimpleTest.GetTestDataAsStream("openpgp.bigpub.asc"); + Stream keyIn = PgpUtilities.GetDecoderStream(fIn); + PgpPublicKeyRingBundle pubRings = new PgpPublicKeyRingBundle(keyIn); + } + + public override string Name + { + get { return "PgpParsingTest"; } + } + + public static void Main(string[] args) + { + RunTest(new PgpParsingTest()); + } + + [Test] + public void TestFunction() + { + string resultText = Perform().ToString(); + + Assert.AreEqual(Name + ": Okay", resultText); + } + } +} diff --git a/BouncyCastle/crypto/test/src/openpgp/test/PgpSignatureInvalidVersionIgnoredTest.cs b/BouncyCastle/crypto/test/src/openpgp/test/PgpSignatureInvalidVersionIgnoredTest.cs new file mode 100644 index 0000000..873ddf1 --- /dev/null +++ b/BouncyCastle/crypto/test/src/openpgp/test/PgpSignatureInvalidVersionIgnoredTest.cs @@ -0,0 +1,111 @@ +using System; +using System.Collections; +using System.IO; +using System.Text; + +using NUnit.Framework; + +using Org.BouncyCastle.Math; +using Org.BouncyCastle.Utilities.Test; + +namespace Org.BouncyCastle.Bcpg.OpenPgp.Tests +{ + [TestFixture] + public class PgpSignatureInvalidVersionIgnoredTest + : SimpleTest + { + // Signing Key ID + private static readonly long KEY_ID = new BigInteger("FBFCC82A015E7330", 16).LongValue; + + // Signature List consisting of Version 4 Signature and Version 23 (invalid version) Signature + private static readonly string SIG4SIG23 = "-----BEGIN PGP SIGNATURE-----\n" + + "\n" + + "wsE7BAABCgBvBYJgyf2fCRD7/MgqAV5zMEcUAAAAAAAeACBzYWx0QG5vdGF0aW9u\n" + + "cy5zZXF1b2lhLXBncC5vcmdURSYEGurWv1IDN4trcpgfrHMZeGRdhG5jlQazr8tJ\n" + + "QRYhBNGmbhojsYLJmA94jPv8yCoBXnMwAADAYwv+NeSzVRrR/CGLMna43b0xCrOz\n" + + "tEYVp3hLzjCYWP1F5d7OdrpQWB3jzgMhjkH5ZnSm369A6D6eEoo05uP7lUNoex7s\n" + + "Bcksq4QF2t9y0YHwjhciVyPUw0rgzOIDpJ6jb/HqEgWB+EYz5qU3RFAk4tz+ghpw\n" + + "93x+EAI7QBnw+PRjgmJiXQvcq78W+h8aysAQCv/dNJc9W8gfCpwDY2VKTc0BW9VI\n" + + "R4KbeI2Rgx378JYjzJNP9ORgDTacBdQh3LiqJ8B4x7OeVGouGbWEVG6x+htQ9YMH\n" + + "uOY1CmcNzoMSRyk50JOeM0Xcge/9PLuQM+b4OQ3ZRN/BhUEg4P/VclXzkWeDKCvP\n" + + "cGEUrdFnyU1Lk2mYh1HTKS3gurTP9bdAyS9sdjXj9kv2fRM5N46rBRAffjwfW/LT\n" + + "VedvgRZ3RMCLrwPo90ID/xVU8PC9VmBR+WrqOijdsgnh7n940NR5hSyeWVeMwNFl\n" + + "Js043gKSIc5yNLS16mE/YzgosnUpIUsDlSR6D8M/wsE7FwABCgBvBYJgyf2fCRD7\n" + + "/MgqAV5zMEcUAAAAAAAeACBzYWx0QG5vdGF0aW9ucy5zZXF1b2lhLXBncC5vcmdU\n" + + "RSYEGurWv1IDN4trcpgfrHMZeGRdhG5jlQazr8tJQRYhBNGmbhojsYLJmA94jPv8\n" + + "yCoBXnMwAADAYwv+NeSzVRrR/CGLMna43b0xCrOztEYVp3hLzjCYWP1F5d7OdrpQ\n" + + "WB3jzgMhjkH5ZnSm369A6D6eEoo05uP7lUNoex7sBcksq4QF2t9y0YHwjhciVyPU\n" + + "w0rgzOIDpJ6jb/HqEgWB+EYz5qU3RFAk4tz+ghpw93x+EAI7QBnw+PRjgmJiXQvc\n" + + "q78W+h8aysAQCv/dNJc9W8gfCpwDY2VKTc0BW9VIR4KbeI2Rgx378JYjzJNP9ORg\n" + + "DTacBdQh3LiqJ8B4x7OeVGouGbWEVG6x+htQ9YMHuOY1CmcNzoMSRyk50JOeM0Xc\n" + + "ge/9PLuQM+b4OQ3ZRN/BhUEg4P/VclXzkWeDKCvPcGEUrdFnyU1Lk2mYh1HTKS3g\n" + + "urTP9bdAyS9sdjXj9kv2fRM5N46rBRAffjwfW/LTVedvgRZ3RMCLrwPo90ID/xVU\n" + + "8PC9VmBR+WrqOijdsgnh7n940NR5hSyeWVeMwNFlJs043gKSIc5yNLS16mE/Yzgo\n" + + "snUpIUsDlSR6D8M/\n" + + "=Ptch\n" + + "-----END PGP SIGNATURE-----"; + + // Signature List consisting of Version 23 (invalid version) Signature and Version 4 Signature + private static readonly string SIG23SIG4 = "-----BEGIN PGP SIGNATURE-----\n" + + "\n" + + "wsE7FwABCgBvBYJgyf2fCRD7/MgqAV5zMEcUAAAAAAAeACBzYWx0QG5vdGF0aW9u\n" + + "cy5zZXF1b2lhLXBncC5vcmdURSYEGurWv1IDN4trcpgfrHMZeGRdhG5jlQazr8tJ\n" + + "QRYhBNGmbhojsYLJmA94jPv8yCoBXnMwAADAYwv+NeSzVRrR/CGLMna43b0xCrOz\n" + + "tEYVp3hLzjCYWP1F5d7OdrpQWB3jzgMhjkH5ZnSm369A6D6eEoo05uP7lUNoex7s\n" + + "Bcksq4QF2t9y0YHwjhciVyPUw0rgzOIDpJ6jb/HqEgWB+EYz5qU3RFAk4tz+ghpw\n" + + "93x+EAI7QBnw+PRjgmJiXQvcq78W+h8aysAQCv/dNJc9W8gfCpwDY2VKTc0BW9VI\n" + + "R4KbeI2Rgx378JYjzJNP9ORgDTacBdQh3LiqJ8B4x7OeVGouGbWEVG6x+htQ9YMH\n" + + "uOY1CmcNzoMSRyk50JOeM0Xcge/9PLuQM+b4OQ3ZRN/BhUEg4P/VclXzkWeDKCvP\n" + + "cGEUrdFnyU1Lk2mYh1HTKS3gurTP9bdAyS9sdjXj9kv2fRM5N46rBRAffjwfW/LT\n" + + "VedvgRZ3RMCLrwPo90ID/xVU8PC9VmBR+WrqOijdsgnh7n940NR5hSyeWVeMwNFl\n" + + "Js043gKSIc5yNLS16mE/YzgosnUpIUsDlSR6D8M/wsE7BAABCgBvBYJgyf2fCRD7\n" + + "/MgqAV5zMEcUAAAAAAAeACBzYWx0QG5vdGF0aW9ucy5zZXF1b2lhLXBncC5vcmdU\n" + + "RSYEGurWv1IDN4trcpgfrHMZeGRdhG5jlQazr8tJQRYhBNGmbhojsYLJmA94jPv8\n" + + "yCoBXnMwAADAYwv+NeSzVRrR/CGLMna43b0xCrOztEYVp3hLzjCYWP1F5d7OdrpQ\n" + + "WB3jzgMhjkH5ZnSm369A6D6eEoo05uP7lUNoex7sBcksq4QF2t9y0YHwjhciVyPU\n" + + "w0rgzOIDpJ6jb/HqEgWB+EYz5qU3RFAk4tz+ghpw93x+EAI7QBnw+PRjgmJiXQvc\n" + + "q78W+h8aysAQCv/dNJc9W8gfCpwDY2VKTc0BW9VIR4KbeI2Rgx378JYjzJNP9ORg\n" + + "DTacBdQh3LiqJ8B4x7OeVGouGbWEVG6x+htQ9YMHuOY1CmcNzoMSRyk50JOeM0Xc\n" + + "ge/9PLuQM+b4OQ3ZRN/BhUEg4P/VclXzkWeDKCvPcGEUrdFnyU1Lk2mYh1HTKS3g\n" + + "urTP9bdAyS9sdjXj9kv2fRM5N46rBRAffjwfW/LTVedvgRZ3RMCLrwPo90ID/xVU\n" + + "8PC9VmBR+WrqOijdsgnh7n940NR5hSyeWVeMwNFlJs043gKSIc5yNLS16mE/Yzgo\n" + + "snUpIUsDlSR6D8M/\n" + + "=o4rJ\n" + + "-----END PGP SIGNATURE-----"; + + public override string Name + { + get { return "PgpSignatureInvalidVersionIgnoredTest"; } + } + + public override void PerformTest() + { + AssertInvalidSignatureVersionIsIgnored(SIG4SIG23); + AssertInvalidSignatureVersionIsIgnored(SIG23SIG4); + } + + public static void Main(string[] args) + { + RunTest(new PgpSignatureInvalidVersionIgnoredTest()); + } + + [Test] + public void TestFunction() + { + string resultText = Perform().ToString(); + + Assert.AreEqual(Name + ": Okay", resultText); + } + + private void AssertInvalidSignatureVersionIsIgnored(string sig) + { + ArmoredInputStream armorIn = new ArmoredInputStream( + new MemoryStream(Encoding.UTF8.GetBytes(sig), false)); + PgpObjectFactory objectFactory = new PgpObjectFactory(armorIn); + PgpSignatureList signatures = (PgpSignatureList)objectFactory.NextPgpObject(); + IsEquals(1, signatures.Count); + PgpSignature signature = signatures[0]; + IsEquals(KEY_ID, signature.KeyId); + } + } +} diff --git a/BouncyCastle/crypto/test/src/openpgp/test/PgpUnicodeTest.cs b/BouncyCastle/crypto/test/src/openpgp/test/PgpUnicodeTest.cs new file mode 100644 index 0000000..d73e3d7 --- /dev/null +++ b/BouncyCastle/crypto/test/src/openpgp/test/PgpUnicodeTest.cs @@ -0,0 +1,143 @@ +using System; +using System.IO; +using System.Text; + +using NUnit.Framework; + +using Org.BouncyCastle.Math; +using Org.BouncyCastle.Utilities.Test; + +namespace Org.BouncyCastle.Bcpg.OpenPgp.Tests +{ + [TestFixture] + public class PgpUnicodeTest + : SimpleTest + { + private void DoTestKey(BigInteger keyId, string passphrase, bool utf8) + { + PgpSecretKeyRingBundle secretKeyRing = LoadSecretKeyCollection("secring.gpg"); + + PgpSecretKeyRing secretKey = secretKeyRing.GetSecretKeyRing(keyId.LongValue); + Assert.NotNull(secretKey, "Could not locate secret keyring with Id=" + keyId.ToString(16)); + + PgpSecretKey key = secretKey.GetSecretKey(); + Assert.NotNull(key, "Could not locate secret key!"); + + try + { + char[] pass = passphrase.ToCharArray(); + + PgpPrivateKey privateKey = utf8 + ? key.ExtractPrivateKeyUtf8(pass) + : key.ExtractPrivateKey(pass); + + Assert.IsTrue(privateKey.KeyId == keyId.LongValue); + } + catch (PgpException e) + { + throw new PgpException("Password incorrect!", e); + } + + // all fine! + } + + [Test] + public void TestUmlautPassphrase() + { + + try + { + BigInteger keyId = new BigInteger("362961283C48132B9F14C5C3EC87272EFCB986D2", 16); + + string passphrase = Encoding.Unicode.GetString(Encoding.Unicode.GetBytes("Händle")); + + // FileInputStream passwordFile = new FileInputStream("testdata/passphrase_for_test.txt"); + // byte[] password = new byte[passwordFile.available()]; + // passwordFile.read(password); + // passwordFile.close(); + // String passphrase = new String(password); + + DoTestKey(keyId, passphrase, true); + + // all fine! + + } + catch (Exception e) + { + Console.Error.WriteLine(e.StackTrace); + Assert.Fail(e.Message); + } + } + + [Test] + public void TestAsciiPassphrase() + { + + try + { + BigInteger keyId = new BigInteger("A392B7310C64026022405257AA2AAAC7CB417459", 16); + + string passphrase = "Admin123"; + + DoTestKey(keyId, passphrase, false); + DoTestKey(keyId, passphrase, true); + + // all fine! + } + catch (Exception e) + { + Console.Error.WriteLine(e.StackTrace); + Assert.Fail(e.Message); + } + } + + [Test] + public void TestCyrillicPassphrase() + { + + try + { + BigInteger keyId = new BigInteger("B7773AF32BE4EC1806B1BACC4680E7F3960C44E7", 16); + + // XXX The password text file must not have the UTF-8 BOM ! + // Ref: http://stackoverflow.com/questions/2223882/whats-different-between-utf-8-and-utf-8-without-bom + + Stream passwordFile = SimpleTest.GetTestDataAsStream("openpgp.unicode.passphrase_cyr.txt"); + TextReader reader = new StreamReader(passwordFile, Encoding.UTF8); + string passphrase = reader.ReadLine(); + passwordFile.Close(); + + DoTestKey(keyId, passphrase, true); + + // all fine! + } + catch (Exception e) + { + Console.Error.WriteLine(e.StackTrace); + Assert.Fail(e.Message); + } + } + + private PgpSecretKeyRingBundle LoadSecretKeyCollection(string keyName) + { + return new PgpSecretKeyRingBundle(SimpleTest.GetTestDataAsStream("openpgp.unicode." + keyName)); + } + + public override string Name + { + get { return "PgpUnicodeTest"; } + } + + public override void PerformTest() + { + TestAsciiPassphrase(); + TestCyrillicPassphrase(); + TestUmlautPassphrase(); + } + + public static void Main(string[] args) + { + RunTest(new PgpUnicodeTest()); + } + } +} diff --git a/BouncyCastle/crypto/test/src/openpgp/test/RegressionTest.cs b/BouncyCastle/crypto/test/src/openpgp/test/RegressionTest.cs new file mode 100644 index 0000000..a6a7edf --- /dev/null +++ b/BouncyCastle/crypto/test/src/openpgp/test/RegressionTest.cs @@ -0,0 +1,41 @@ +using System; + +using Org.BouncyCastle.Utilities.Test; + +namespace Org.BouncyCastle.Bcpg.OpenPgp.Tests +{ + public class RegressionTest + { + public static ITest[] tests = + { + new ArmoredInputStreamTest(), + new IgnoreMarkerPacketInCertificatesTest(), + new PgpArmoredTest(), + new PgpClearSignedSignatureTest(), + new PgpCompressionTest(), + new PgpDsaElGamalTest(), + new PgpDsaTest(), + new PgpECDHTest(), + new PgpECDsaTest(), + new PgpECMessageTest(), + new PgpFeaturesTest(), + new PgpKeyRingTest(), + new PgpMarkerTest(), + new PgpNoPrivateKeyTest(), + new PgpPacketTest(), + new PgpParsingTest(), + new PgpPbeTest(), + new PgpRsaTest(), + new PgpSignatureInvalidVersionIgnoredTest(), + new PgpSignatureTest(), + }; + + public static void Main(string[] args) + { + foreach (ITest test in tests) + { + SimpleTest.RunTest(test); + } + } + } +} diff --git a/BouncyCastle/crypto/test/src/openssl/test/AllTests.cs b/BouncyCastle/crypto/test/src/openssl/test/AllTests.cs new file mode 100644 index 0000000..0cc2dcd --- /dev/null +++ b/BouncyCastle/crypto/test/src/openssl/test/AllTests.cs @@ -0,0 +1,134 @@ +using System; +using System.IO; +using System.Text; + +#if !LIB +using NUnit.Core; +#endif +using NUnit.Framework; + +using Org.BouncyCastle.Crypto; +using Org.BouncyCastle.Crypto.Generators; +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Security; +using Org.BouncyCastle.Utilities.Test; + +namespace Org.BouncyCastle.OpenSsl.Tests +{ + [TestFixture] + public class AllTests + { + private class Password + : IPasswordFinder + { + private readonly char[] password; + + public Password( + char[] word) + { + this.password = (char[]) word.Clone(); + } + + public char[] GetPassword() + { + return (char[]) password.Clone(); + } + } + +#if !LIB + public static void Main(string[] args) + { + Suite.Run(new NullListener(), NUnit.Core.TestFilter.Empty); + } + + [Suite] + public static TestSuite Suite + { + get + { + TestSuite suite = new TestSuite("OpenSSL Tests"); + suite.Add(new AllTests()); + return suite; + } + } +#endif + + [Test] + public void TestOpenSsl() + { + Org.BouncyCastle.Utilities.Test.ITest[] tests = new Org.BouncyCastle.Utilities.Test.ITest[]{ + new ReaderTest(), + new WriterTest() + }; + + foreach (Org.BouncyCastle.Utilities.Test.ITest test in tests) + { + SimpleTestResult result = (SimpleTestResult)test.Perform(); + + if (!result.IsSuccessful()) + { + Assert.Fail(result.ToString()); + } + } + } + + [Test] + public void TestPkcs8Encrypted() + { + IAsymmetricCipherKeyPairGenerator kpGen = GeneratorUtilities.GetKeyPairGenerator("RSA"); + kpGen.Init(new KeyGenerationParameters(new SecureRandom(), 1024)); + + AsymmetricKeyParameter privKey = kpGen.GenerateKeyPair().Private; + + // FIXME see PbeUtilities and Pkcs8Generator +// EncryptedTest(privKey, Pkcs8Generator.Aes256Cbc); +// EncryptedTest(privKey, Pkcs8Generator.Des3Cbc); + EncryptedTest(privKey, Pkcs8Generator.PbeSha1_3DES); + } + + private void EncryptedTest(AsymmetricKeyParameter privKey, string algorithm) + { + StringWriter sw = new StringWriter(); + PemWriter pWrt = new PemWriter(sw); + Pkcs8Generator pkcs8 = new Pkcs8Generator(privKey, algorithm); + pkcs8.Password = "hello".ToCharArray(); + + pWrt.WriteObject(pkcs8); + pWrt.Writer.Close(); + + String result = sw.ToString(); + + PemReader pRd = new PemReader(new StringReader(result), new Password("hello".ToCharArray())); + + AsymmetricKeyParameter rdKey = (AsymmetricKeyParameter)pRd.ReadObject(); + pRd.Reader.Close(); + + Assert.AreEqual(privKey, rdKey); + } + + [Test] + public void TestPkcs8Plain() + { + IAsymmetricCipherKeyPairGenerator kpGen = GeneratorUtilities.GetKeyPairGenerator("RSA"); + kpGen.Init(new KeyGenerationParameters(new SecureRandom(), 1024)); + + AsymmetricKeyParameter privKey = kpGen.GenerateKeyPair().Private; + + StringWriter sw = new StringWriter(); + PemWriter pWrt = new PemWriter(sw); + + Pkcs8Generator pkcs8 = new Pkcs8Generator(privKey); + pWrt.WriteObject(pkcs8); + pWrt.Writer.Close(); + + string result = sw.ToString(); + + PemReader pRd = new PemReader(new StringReader(result), new Password("hello".ToCharArray())); + + AsymmetricKeyParameter rdKey = (AsymmetricKeyParameter)pRd.ReadObject(); + pRd.Reader.Close(); + + Assert.AreEqual(privKey, rdKey); + } + } +} diff --git a/BouncyCastle/crypto/test/src/openssl/test/ReaderTest.cs b/BouncyCastle/crypto/test/src/openssl/test/ReaderTest.cs new file mode 100644 index 0000000..95bbe6a --- /dev/null +++ b/BouncyCastle/crypto/test/src/openssl/test/ReaderTest.cs @@ -0,0 +1,379 @@ +using System; +using System.IO; + +using NUnit.Framework; + +using Org.BouncyCastle.Asn1.Cms; +using Org.BouncyCastle.Crypto; +using Org.BouncyCastle.Crypto.Generators; +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Math; +using Org.BouncyCastle.Security; +using Org.BouncyCastle.Utilities.Test; + +namespace Org.BouncyCastle.OpenSsl.Tests +{ + /** + * basic class for reading test.pem - the password is "secret" + */ + [TestFixture] + public class ReaderTest + : SimpleTest + { + private class Password + : IPasswordFinder + { + private readonly char[] password; + + public Password( + char[] word) + { + this.password = (char[]) word.Clone(); + } + + public char[] GetPassword() + { + return (char[]) password.Clone(); + } + } + + public override string Name + { + get { return "PEMReaderTest"; } + } + + public override void PerformTest() + { + IPasswordFinder pGet = new Password("secret".ToCharArray()); + PemReader pemRd = OpenPemResource("test.pem", pGet); + AsymmetricCipherKeyPair pair; + + object o; + while ((o = pemRd.ReadObject()) != null) + { +// if (o is AsymmetricCipherKeyPair) +// { +// ackp = (AsymmetricCipherKeyPair)o; +// +// Console.WriteLine(ackp.Public); +// Console.WriteLine(ackp.Private); +// } +// else +// { +// Console.WriteLine(o.ToString()); +// } + } + + // + // pkcs 7 data + // + pemRd = OpenPemResource("pkcs7.pem", null); + + ContentInfo d = (ContentInfo)pemRd.ReadObject(); + + if (!d.ContentType.Equals(CmsObjectIdentifiers.EnvelopedData)) + { + Fail("failed envelopedData check"); + } + + /* + { + // + // ECKey + // + pemRd = OpenPemResource("eckey.pem", null); + + // TODO Resolve return type issue with EC keys and fix PemReader to return parameters +// ECNamedCurveParameterSpec spec = (ECNamedCurveParameterSpec)pemRd.ReadObject(); + + pair = (AsymmetricCipherKeyPair)pemRd.ReadObject(); + ISigner sgr = SignerUtilities.GetSigner("ECDSA"); + + sgr.Init(true, pair.Private); + + byte[] message = new byte[] { (byte)'a', (byte)'b', (byte)'c' }; + + sgr.BlockUpdate(message, 0, message.Length); + + byte[] sigBytes = sgr.GenerateSignature(); + + sgr.Init(false, pair.Public); + + sgr.BlockUpdate(message, 0, message.Length); + + if (!sgr.VerifySignature(sigBytes)) + { + Fail("EC verification failed"); + } + + // TODO Resolve this issue with the algorithm name, study Java version +// if (!((ECPublicKeyParameters) pair.Public).AlgorithmName.Equals("ECDSA")) +// { +// Fail("wrong algorithm name on public got: " + ((ECPublicKeyParameters) pair.Public).AlgorithmName); +// } +// +// if (!((ECPrivateKeyParameters) pair.Private).AlgorithmName.Equals("ECDSA")) +// { +// Fail("wrong algorithm name on private got: " + ((ECPrivateKeyParameters) pair.Private).AlgorithmName); +// } + } + */ + + // + // writer/parser test + // + IAsymmetricCipherKeyPairGenerator kpGen = GeneratorUtilities.GetKeyPairGenerator("RSA"); + kpGen.Init( + new RsaKeyGenerationParameters( + BigInteger.ValueOf(0x10001), + new SecureRandom(), + 768, + 25)); + + pair = kpGen.GenerateKeyPair(); + + keyPairTest("RSA", pair); + +// kpGen = KeyPairGenerator.getInstance("DSA"); +// kpGen.initialize(512, new SecureRandom()); + DsaParametersGenerator pGen = new DsaParametersGenerator(); + pGen.Init(512, 80, new SecureRandom()); + + kpGen = GeneratorUtilities.GetKeyPairGenerator("DSA"); + kpGen.Init( + new DsaKeyGenerationParameters( + new SecureRandom(), + pGen.GenerateParameters())); + + pair = kpGen.GenerateKeyPair(); + + keyPairTest("DSA", pair); + + // + // PKCS7 + // + MemoryStream bOut = new MemoryStream(); + PemWriter pWrt = new PemWriter(new StreamWriter(bOut)); + + pWrt.WriteObject(d); + pWrt.Writer.Close(); + + pemRd = new PemReader(new StreamReader(new MemoryStream(bOut.ToArray(), false))); + d = (ContentInfo)pemRd.ReadObject(); + + if (!d.ContentType.Equals(CmsObjectIdentifiers.EnvelopedData)) + { + Fail("failed envelopedData recode check"); + } + + + // OpenSSL test cases (as embedded resources) + doOpenSslDsaTest("unencrypted"); + doOpenSslRsaTest("unencrypted"); + + doOpenSslTests("aes128"); + doOpenSslTests("aes192"); + doOpenSslTests("aes256"); + doOpenSslTests("blowfish"); + doOpenSslTests("des1"); + doOpenSslTests("des2"); + doOpenSslTests("des3"); + doOpenSslTests("rc2_128"); + + doOpenSslDsaTest("rc2_40_cbc"); + doOpenSslRsaTest("rc2_40_cbc"); + doOpenSslDsaTest("rc2_64_cbc"); + doOpenSslRsaTest("rc2_64_cbc"); + + doDudPasswordTest("7fd98", 0, "corrupted stream - out of bounds length found: 599005160 >= 19"); + doDudPasswordTest("ef677", 1, "corrupted stream - out of bounds length found: 2087569732 >= 66"); + doDudPasswordTest("800ce", 2, "unknown tag 26 encountered"); + doDudPasswordTest("b6cd8", 3, "DEF length 81 object truncated by 56"); + doDudPasswordTest("28ce09", 4, "corrupted stream - high tag number < 31 found"); + doDudPasswordTest("2ac3b9", 5, "long form definite-length more than 31 bits"); + doDudPasswordTest("2cba96", 6, "corrupted stream - out of bounds length found: 100 >= 67"); + doDudPasswordTest("2e3354", 7, "corrupted stream - out of bounds length found: 42 >= 35"); + doDudPasswordTest("2f4142", 8, "long form definite-length more than 31 bits"); + doDudPasswordTest("2fe9bb", 9, "long form definite-length more than 31 bits"); + doDudPasswordTest("3ee7a8", 10, "long form definite-length more than 31 bits"); + doDudPasswordTest("41af75", 11, "unknown tag 16 encountered"); + doDudPasswordTest("1704a5", 12, "corrupted stream detected"); + doDudPasswordTest("1c5822", 13, "extra data found after object"); + doDudPasswordTest("5a3d16", 14, "corrupted stream detected"); + doDudPasswordTest("8d0c97", 15, "corrupted stream detected"); + doDudPasswordTest("bc0daf", 16, "corrupted stream detected"); + doDudPasswordTest("aaf9c4d", 17, "corrupted stream - out of bounds length found: 1580418590 >= 447"); + + // encrypted private key test + pGet = new Password("password".ToCharArray()); + pemRd = OpenPemResource("enckey.pem", pGet); + + RsaPrivateCrtKeyParameters privKey = (RsaPrivateCrtKeyParameters)pemRd.ReadObject(); + + if (!privKey.PublicExponent.Equals(new BigInteger("10001", 16))) + { + Fail("decryption of private key data check failed"); + } + + // general PKCS8 test + pGet = new Password("password".ToCharArray()); + pemRd = OpenPemResource("pkcs8test.pem", pGet); + + while ((privKey = (RsaPrivateCrtKeyParameters)pemRd.ReadObject()) != null) + { + if (!privKey.PublicExponent.Equals(new BigInteger("10001", 16))) + { + Fail("decryption of private key data check failed"); + } + } + } + + private void keyPairTest( + string name, + AsymmetricCipherKeyPair pair) + { + MemoryStream bOut = new MemoryStream(); + PemWriter pWrt = new PemWriter(new StreamWriter(bOut)); + + pWrt.WriteObject(pair.Public); + pWrt.Writer.Close(); + + PemReader pemRd = new PemReader(new StreamReader(new MemoryStream(bOut.ToArray(), false))); + + AsymmetricKeyParameter pubK = (AsymmetricKeyParameter) pemRd.ReadObject(); + if (!pubK.Equals(pair.Public)) + { + Fail("Failed public key read: " + name); + } + + bOut = new MemoryStream(); + pWrt = new PemWriter(new StreamWriter(bOut)); + + pWrt.WriteObject(pair.Private); + pWrt.Writer.Close(); + + pemRd = new PemReader(new StreamReader(new MemoryStream(bOut.ToArray(), false))); + + AsymmetricCipherKeyPair kPair = (AsymmetricCipherKeyPair) pemRd.ReadObject(); + if (!kPair.Private.Equals(pair.Private)) + { + Fail("Failed private key read: " + name); + } + + if (!kPair.Public.Equals(pair.Public)) + { + Fail("Failed private key public read: " + name); + } + } + + private void doOpenSslTests( + string baseName) + { + doOpenSslDsaModesTest(baseName); + doOpenSslRsaModesTest(baseName); + } + + private void doOpenSslDsaModesTest( + string baseName) + { + doOpenSslDsaTest(baseName + "_cbc"); + doOpenSslDsaTest(baseName + "_cfb"); + doOpenSslDsaTest(baseName + "_ecb"); + doOpenSslDsaTest(baseName + "_ofb"); + } + + private void doOpenSslRsaModesTest( + string baseName) + { + doOpenSslRsaTest(baseName + "_cbc"); + doOpenSslRsaTest(baseName + "_cfb"); + doOpenSslRsaTest(baseName + "_ecb"); + doOpenSslRsaTest(baseName + "_ofb"); + } + + private void doOpenSslDsaTest( + string name) + { + string fileName = "dsa.openssl_dsa_" + name + ".pem"; + + doOpenSslTestFile(fileName, typeof(DsaPrivateKeyParameters)); + } + + private void doOpenSslRsaTest( + string name) + { + string fileName = "rsa.openssl_rsa_" + name + ".pem"; + + doOpenSslTestFile(fileName, typeof(RsaPrivateCrtKeyParameters)); + } + + private void doOpenSslTestFile( + string fileName, + Type expectedPrivKeyType) + { + PemReader pr = OpenPemResource(fileName, new Password("changeit".ToCharArray())); + AsymmetricCipherKeyPair kp = pr.ReadObject() as AsymmetricCipherKeyPair; + pr.Reader.Close(); + + if (kp == null) + { + Fail("Didn't find OpenSSL key"); + } + + if (!expectedPrivKeyType.IsInstanceOfType(kp.Private)) + { + Fail("Returned key not of correct type"); + } + } + + private void doDudPasswordTest(string password, int index, string message) + { + // illegal state exception check - in this case the wrong password will + // cause an underlying class cast exception. + try + { + IPasswordFinder pGet = new Password(password.ToCharArray()); + PemReader pemRd = OpenPemResource("test.pem", pGet); + + Object o; + while ((o = pemRd.ReadObject()) != null) + { + } + + Fail("issue not detected: " + index); + } + catch (Exception e) + { + if (e.Message.IndexOf(message) < 0) + { + Console.Error.WriteLine(message); + Console.Error.WriteLine(e.Message); + Fail("issue " + index + " exception thrown, but wrong message"); + } + } + } + + private static PemReader OpenPemResource( + string fileName, + IPasswordFinder pGet) + { + Stream data = GetTestDataAsStream("openssl." + fileName); + TextReader tr = new StreamReader(data); + return new PemReader(tr, pGet); + } + + public static void Main( + string[] args) + { + RunTest(new ReaderTest()); + } + + [Test] + public void TestFunction() + { + string resultText = Perform().ToString(); + + Assert.AreEqual(Name + ": Okay", resultText); + } + } +} diff --git a/BouncyCastle/crypto/test/src/openssl/test/WriterTest.cs b/BouncyCastle/crypto/test/src/openssl/test/WriterTest.cs new file mode 100644 index 0000000..0d78877 --- /dev/null +++ b/BouncyCastle/crypto/test/src/openssl/test/WriterTest.cs @@ -0,0 +1,185 @@ +using System; +using System.IO; + +using NUnit.Framework; + +using Org.BouncyCastle.Crypto; +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Math; +using Org.BouncyCastle.Security; +using Org.BouncyCastle.Utilities.Encoders; +using Org.BouncyCastle.Utilities.IO.Pem; +using Org.BouncyCastle.Utilities.Test; + +namespace Org.BouncyCastle.OpenSsl.Tests +{ + [TestFixture] + public class WriterTest + : SimpleTest + { + private static readonly SecureRandom random = new SecureRandom(); + + // TODO Replace with a randomly generated key each test run? + private static readonly RsaPrivateCrtKeyParameters testRsaKey = new RsaPrivateCrtKeyParameters( + new BigInteger("b4a7e46170574f16a97082b22be58b6a2a629798419be12872a4bdba626cfae9900f76abfb12139dce5de56564fab2b6543165a040c606887420e33d91ed7ed7", 16), + new BigInteger("11", 16), + new BigInteger("9f66f6b05410cd503b2709e88115d55daced94d1a34d4e32bf824d0dde6028ae79c5f07b580f5dce240d7111f7ddb130a7945cd7d957d1920994da389f490c89", 16), + new BigInteger("c0a0758cdf14256f78d4708c86becdead1b50ad4ad6c5c703e2168fbf37884cb", 16), + new BigInteger("f01734d7960ea60070f1b06f2bb81bfac48ff192ae18451d5e56c734a5aab8a5", 16), + new BigInteger("b54bb9edff22051d9ee60f9351a48591b6500a319429c069a3e335a1d6171391", 16), + new BigInteger("d3d83daf2a0cecd3367ae6f8ae1aeb82e9ac2f816c6fc483533d8297dd7884cd", 16), + new BigInteger("b8f52fc6f38593dabb661d3f50f8897f8106eee68b1bce78a95b132b4e5b5d19", 16)); + + private static readonly DsaParameters testDsaParams = new DsaParameters( + new BigInteger("7434410770759874867539421675728577177024889699586189000788950934679315164676852047058354758883833299702695428196962057871264685291775577130504050839126673"), + new BigInteger("1138656671590261728308283492178581223478058193247"), + new BigInteger("4182906737723181805517018315469082619513954319976782448649747742951189003482834321192692620856488639629011570381138542789803819092529658402611668375788410")); + +// private static readonly PKCS8EncodedKeySpec testEcDsaKeySpec = new PKCS8EncodedKeySpec( +// Base64.Decode("MIG/AgEAMBAGByqGSM49AgEGBSuBBAAiBIGnMIGkAgEBBDCSBU3vo7ieeKs0ABQamy/ynxlde7Ylr8HmyfLaNnMr" + +// "jAwPp9R+KMUEhB7zxSAXv9KgBwYFK4EEACKhZANiAQQyyolMpg+TyB4o9kPWqafHIOe8o9K1glus+w2sY8OIPQQWGb5i5LdAyi" + +// "/SscwU24rZM0yiL3BHodp9ccwyhLrFYgXJUOQcCN2dno1GMols5497in5gL5+zn0yMsRtyv5o=") +// ); + private static readonly byte[] testEcDsaKeyBytes = Base64.Decode( + "MIG/AgEAMBAGByqGSM49AgEGBSuBBAAiBIGnMIGkAgEBBDCSBU3vo7ieeKs0ABQamy/ynxlde7Ylr8HmyfLaNnMr" + + "jAwPp9R+KMUEhB7zxSAXv9KgBwYFK4EEACKhZANiAQQyyolMpg+TyB4o9kPWqafHIOe8o9K1glus+w2sY8OIPQQWGb5i5LdAyi" + + "/SscwU24rZM0yiL3BHodp9ccwyhLrFYgXJUOQcCN2dno1GMols5497in5gL5+zn0yMsRtyv5o="); + + private static readonly char[] testPassword = "bouncy".ToCharArray(); + + private static readonly string[] algorithms = new string[] + { + "AES-128-CBC", "AES-128-CFB", "AES-128-ECB", "AES-128-OFB", + "AES-192-CBC", "AES-192-CFB", "AES-192-ECB", "AES-192-OFB", + "AES-256-CBC", "AES-256-CFB", "AES-256-ECB", "AES-256-OFB", + "BF-CBC", "BF-CFB", "BF-ECB", "BF-OFB", + "DES-CBC", "DES-CFB", "DES-ECB", "DES-OFB", + "DES-EDE", "DES-EDE-CBC", "DES-EDE-CFB", "DES-EDE-ECB", "DES-EDE-OFB", + "DES-EDE3", "DES-EDE3-CBC", "DES-EDE3-CFB", "DES-EDE3-ECB", "DES-EDE3-OFB", + "RC2-CBC", "RC2-CFB", "RC2-ECB", "RC2-OFB", + "RC2-40-CBC", + "RC2-64-CBC", + }; + + private class Password + : IPasswordFinder + { + private readonly char[] password; + + public Password( + char[] word) + { + this.password = (char[]) word.Clone(); + } + + public char[] GetPassword() + { + return (char[]) password.Clone(); + } + } + + public override string Name + { + get { return "PEMWriterTest"; } + } + + public override void PerformTest() + { + IAsymmetricCipherKeyPairGenerator dsaKpg = GeneratorUtilities.GetKeyPairGenerator("DSA"); + dsaKpg.Init(new DsaKeyGenerationParameters(random, testDsaParams)); + AsymmetricCipherKeyPair testDsaKp = dsaKpg.GenerateKeyPair(); + AsymmetricKeyParameter testDsaKey = testDsaKp.Private; + + DoWriteReadTest(testDsaKey); + DoWriteReadTests(testDsaKey, algorithms); + + DoWriteReadTest(testRsaKey); + DoWriteReadTests(testRsaKey, algorithms); + + AsymmetricKeyParameter ecPriv = PrivateKeyFactory.CreateKey(testEcDsaKeyBytes); + DoWriteReadTest(ecPriv); + DoWriteReadTests(ecPriv, algorithms); + + IAsymmetricCipherKeyPairGenerator ecKpg = GeneratorUtilities.GetKeyPairGenerator("ECDSA"); + ecKpg.Init(new KeyGenerationParameters(random, 239)); + ecPriv = ecKpg.GenerateKeyPair().Private; + DoWriteReadTest(ecPriv); + DoWriteReadTests(ecPriv, algorithms); + + // override test + PemWriter pWrt = new PemWriter(new StringWriter()); + + object o = new PemObject("FRED", new byte[100]); + pWrt.WriteObject(o); + + pWrt.Writer.Close(); + } + + private void DoWriteReadTests( + AsymmetricKeyParameter akp, + string[] algorithms) + { + foreach (string algorithm in algorithms) + { + DoWriteReadTest(akp, algorithm); + } + } + + private void DoWriteReadTest( + AsymmetricKeyParameter akp) + { + StringWriter sw = new StringWriter(); + PemWriter pw = new PemWriter(sw); + + pw.WriteObject(akp); + pw.Writer.Close(); + + string data = sw.ToString(); + + PemReader pr = new PemReader(new StringReader(data)); + + AsymmetricCipherKeyPair kp = pr.ReadObject() as AsymmetricCipherKeyPair; + + if (kp == null || !kp.Private.Equals(akp)) + { + Fail("Failed to read back test key"); + } + } + + private void DoWriteReadTest( + AsymmetricKeyParameter akp, + string algorithm) + { + StringWriter sw = new StringWriter(); + PemWriter pw = new PemWriter(sw); + + pw.WriteObject(akp, algorithm, testPassword, random); + pw.Writer.Close(); + + string data = sw.ToString(); + + PemReader pr = new PemReader(new StringReader(data), new Password(testPassword)); + + AsymmetricCipherKeyPair kp = pr.ReadObject() as AsymmetricCipherKeyPair; + + if (kp == null || !kp.Private.Equals(akp)) + { + Fail("Failed to read back test key encoded with: " + algorithm); + } + } + + public static void Main( + string[] args) + { + RunTest(new WriterTest()); + } + + [Test] + public void TestFunction() + { + string resultText = Perform().ToString(); + + Assert.AreEqual(Name + ": Okay", resultText); + } + } +} diff --git a/BouncyCastle/crypto/test/src/pkcs/examples/PKCS12Example.cs b/BouncyCastle/crypto/test/src/pkcs/examples/PKCS12Example.cs new file mode 100644 index 0000000..002e14c --- /dev/null +++ b/BouncyCastle/crypto/test/src/pkcs/examples/PKCS12Example.cs @@ -0,0 +1,386 @@ +using System; +using System.Collections; +using System.IO; + +using Org.BouncyCastle.Asn1; +using Org.BouncyCastle.Asn1.Pkcs; +using Org.BouncyCastle.Asn1.X509; +using Org.BouncyCastle.Crypto; +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Math; +using Org.BouncyCastle.Security; +using Org.BouncyCastle.Utilities.Date; +using Org.BouncyCastle.X509; +using Org.BouncyCastle.X509.Extension; + +namespace Org.BouncyCastle.Pkcs.Examples +{ + /** + * Example of how to set up a certificate chain and a PKCS 12 store for + * a private individual - obviously you'll need to generate your own keys, + * and you may need to add a NetscapeCertType extension or add a key + * usage extension depending on your application, but you should get the + * idea! As always this is just an example... + */ + public class Pkcs12Example + { + private static readonly char[] passwd = "hello world".ToCharArray(); + + private static readonly X509V1CertificateGenerator v1CertGen = new X509V1CertificateGenerator(); + private static readonly X509V3CertificateGenerator v3CertGen = new X509V3CertificateGenerator(); + + /** + * we generate the CA's certificate + */ + public static X509CertificateEntry CreateMasterCert( + AsymmetricKeyParameter pubKey, + AsymmetricKeyParameter privKey) + { + // + // signers name + // + string issuer = "C=AU, O=The Legion of the Bouncy Castle, OU=Bouncy Primary Certificate"; + + // + // subjects name - the same as we are self signed. + // + string subject = "C=AU, O=The Legion of the Bouncy Castle, OU=Bouncy Primary Certificate"; + + // + // create the certificate - version 1 + // + + v1CertGen.SetSerialNumber(BigInteger.One); + v1CertGen.SetIssuerDN(new X509Name(issuer)); + v1CertGen.SetNotBefore(DateTime.UtcNow.AddMonths(-1)); + v1CertGen.SetNotAfter(DateTime.UtcNow.AddMonths(1)); + v1CertGen.SetSubjectDN(new X509Name(subject)); + v1CertGen.SetPublicKey(pubKey); + v1CertGen.SetSignatureAlgorithm("SHA1WithRSAEncryption"); + + X509Certificate cert = v1CertGen.Generate(privKey); + + cert.CheckValidity(DateTime.UtcNow); + + cert.Verify(pubKey); + +// PKCS12BagAttributeCarrier bagAttr = (PKCS12BagAttributeCarrier)cert; + IDictionary bagAttr = new Hashtable(); + + // + // this is actually optional - but if you want to have control + // over setting the friendly name this is the way to do it... + // +// bagAttr.setBagAttribute( +// PKCSObjectIdentifiers.pkcs_9_at_friendlyName, +// new DERBMPString("Bouncy Primary Certificate")); + bagAttr.Add(PkcsObjectIdentifiers.Pkcs9AtFriendlyName.Id, + new DerBmpString("Bouncy Primary Certificate")); + + return new X509CertificateEntry(cert, bagAttr); + } + + /** + * we generate an intermediate certificate signed by our CA + */ + public static X509CertificateEntry CreateIntermediateCert( + AsymmetricKeyParameter pubKey, + AsymmetricKeyParameter caPrivKey, + X509Certificate caCert) + { + // + // subject name table. + // + IDictionary attrs = new Hashtable(); + IList order = new ArrayList(); + + attrs.Add(X509Name.C, "AU"); + attrs.Add(X509Name.O, "The Legion of the Bouncy Castle"); + attrs.Add(X509Name.OU, "Bouncy Intermediate Certificate"); + attrs.Add(X509Name.EmailAddress, "feedback-crypto@bouncycastle.org"); + + order.Add(X509Name.C); + order.Add(X509Name.O); + order.Add(X509Name.OU); + order.Add(X509Name.EmailAddress); + + // + // create the certificate - version 3 + // + v3CertGen.Reset(); + + v3CertGen.SetSerialNumber(BigInteger.Two); + v3CertGen.SetIssuerDN(PrincipalUtilities.GetSubjectX509Principal(caCert)); + v3CertGen.SetNotBefore(DateTime.UtcNow.AddMonths(-1)); + v3CertGen.SetNotAfter(DateTime.UtcNow.AddMonths(1)); + v3CertGen.SetSubjectDN(new X509Name(order, attrs)); + v3CertGen.SetPublicKey(pubKey); + v3CertGen.SetSignatureAlgorithm("SHA1WithRSAEncryption"); + + // + // extensions + // + v3CertGen.AddExtension( + X509Extensions.SubjectKeyIdentifier, + false, + new SubjectKeyIdentifierStructure(pubKey)); + + v3CertGen.AddExtension( + X509Extensions.AuthorityKeyIdentifier, + false, + new AuthorityKeyIdentifierStructure(caCert)); + + v3CertGen.AddExtension( + X509Extensions.BasicConstraints, + true, + new BasicConstraints(0)); + + X509Certificate cert = v3CertGen.Generate(caPrivKey); + + cert.CheckValidity(DateTime.UtcNow); + + cert.Verify(caCert.GetPublicKey()); + +// PKCS12BagAttributeCarrier bagAttr = (PKCS12BagAttributeCarrier)cert; + IDictionary bagAttr = new Hashtable(); + + // + // this is actually optional - but if you want to have control + // over setting the friendly name this is the way to do it... + // +// bagAttr.setBagAttribute( +// PKCSObjectIdentifiers.pkcs_9_at_friendlyName, +// new DERBMPString("Bouncy Intermediate Certificate")); + bagAttr.Add(PkcsObjectIdentifiers.Pkcs9AtFriendlyName.Id, + new DerBmpString("Bouncy Intermediate Certificate")); + + return new X509CertificateEntry(cert, bagAttr); + } + + /** + * we generate a certificate signed by our CA's intermediate certficate + */ + public static X509CertificateEntry CreateCert( + AsymmetricKeyParameter pubKey, + AsymmetricKeyParameter caPrivKey, + AsymmetricKeyParameter caPubKey) + { + // + // signers name table. + // + IDictionary sAttrs = new Hashtable(); + IList sOrder = new ArrayList(); + + sAttrs.Add(X509Name.C, "AU"); + sAttrs.Add(X509Name.O, "The Legion of the Bouncy Castle"); + sAttrs.Add(X509Name.OU, "Bouncy Intermediate Certificate"); + sAttrs.Add(X509Name.EmailAddress, "feedback-crypto@bouncycastle.org"); + + sOrder.Add(X509Name.C); + sOrder.Add(X509Name.O); + sOrder.Add(X509Name.OU); + sOrder.Add(X509Name.EmailAddress); + + // + // subjects name table. + // + IDictionary attrs = new Hashtable(); + IList order = new ArrayList(); + + attrs.Add(X509Name.C, "AU"); + attrs.Add(X509Name.O, "The Legion of the Bouncy Castle"); + attrs.Add(X509Name.L, "Melbourne"); + attrs.Add(X509Name.CN, "Eric H. Echidna"); + attrs.Add(X509Name.EmailAddress, "feedback-crypto@bouncycastle.org"); + + order.Add(X509Name.C); + order.Add(X509Name.O); + order.Add(X509Name.L); + order.Add(X509Name.CN); + order.Add(X509Name.EmailAddress); + + // + // create the certificate - version 3 + // + v3CertGen.Reset(); + + v3CertGen.SetSerialNumber(BigInteger.Three); + v3CertGen.SetIssuerDN(new X509Name(sOrder, sAttrs)); + v3CertGen.SetNotBefore(DateTime.UtcNow.AddMonths(-1)); + v3CertGen.SetNotAfter(DateTime.UtcNow.AddMonths(1)); + v3CertGen.SetSubjectDN(new X509Name(order, attrs)); + v3CertGen.SetPublicKey(pubKey); + v3CertGen.SetSignatureAlgorithm("SHA1WithRSAEncryption"); + + // + // add the extensions + // + v3CertGen.AddExtension( + X509Extensions.SubjectKeyIdentifier, + false, + new SubjectKeyIdentifierStructure(pubKey)); + + v3CertGen.AddExtension( + X509Extensions.AuthorityKeyIdentifier, + false, + new AuthorityKeyIdentifierStructure(caPubKey)); + + X509Certificate cert = v3CertGen.Generate(caPrivKey); + + cert.CheckValidity(DateTime.UtcNow); + + cert.Verify(caPubKey); + +// PKCS12BagAttributeCarrier bagAttr = (PKCS12BagAttributeCarrier)cert; + IDictionary bagAttr = new Hashtable(); + + // + // this is also optional - in the sense that if you leave this + // out the keystore will add it automatically, note though that + // for the browser to recognise the associated private key this + // you should at least use the pkcs_9_localKeyId OID and set it + // to the same as you do for the private key's localKeyId. + // +// bagAttr.setBagAttribute( +// PKCSObjectIdentifiers.pkcs_9_at_friendlyName, +// new DERBMPString("Eric's Key")); +// bagAttr.setBagAttribute( +// PKCSObjectIdentifiers.pkcs_9_at_localKeyId, +// new SubjectKeyIdentifierStructure(pubKey)); + bagAttr.Add(PkcsObjectIdentifiers.Pkcs9AtFriendlyName.Id, + new DerBmpString("Eric's Key")); + bagAttr.Add(PkcsObjectIdentifiers.Pkcs9AtLocalKeyID.Id, + new SubjectKeyIdentifierStructure(pubKey)); + + return new X509CertificateEntry(cert, bagAttr); + } + + public static void Main( + string[] args) + { +// Security.addProvider(new BouncyCastleProvider()); + + // + // personal keys + // +// RSAPublicKeySpec pubKeySpec = new RSAPublicKeySpec( + RsaKeyParameters pubKey = new RsaKeyParameters(false, + new BigInteger("b4a7e46170574f16a97082b22be58b6a2a629798419be12872a4bdba626cfae9900f76abfb12139dce5de56564fab2b6543165a040c606887420e33d91ed7ed7", 16), + new BigInteger("11", 16)); + +// RSAPrivateCrtKeySpec privKeySpec = new RSAPrivateCrtKeySpec( + RsaPrivateCrtKeyParameters privKey = new RsaPrivateCrtKeyParameters( + new BigInteger("b4a7e46170574f16a97082b22be58b6a2a629798419be12872a4bdba626cfae9900f76abfb12139dce5de56564fab2b6543165a040c606887420e33d91ed7ed7", 16), + new BigInteger("11", 16), + new BigInteger("9f66f6b05410cd503b2709e88115d55daced94d1a34d4e32bf824d0dde6028ae79c5f07b580f5dce240d7111f7ddb130a7945cd7d957d1920994da389f490c89", 16), + new BigInteger("c0a0758cdf14256f78d4708c86becdead1b50ad4ad6c5c703e2168fbf37884cb", 16), + new BigInteger("f01734d7960ea60070f1b06f2bb81bfac48ff192ae18451d5e56c734a5aab8a5", 16), + new BigInteger("b54bb9edff22051d9ee60f9351a48591b6500a319429c069a3e335a1d6171391", 16), + new BigInteger("d3d83daf2a0cecd3367ae6f8ae1aeb82e9ac2f816c6fc483533d8297dd7884cd", 16), + new BigInteger("b8f52fc6f38593dabb661d3f50f8897f8106eee68b1bce78a95b132b4e5b5d19", 16)); + + // + // intermediate keys. + // +// RSAPublicKeySpec intPubKeySpec = new RSAPublicKeySpec( + RsaKeyParameters intPubKey = new RsaKeyParameters(false, + new BigInteger("8de0d113c5e736969c8d2b047a243f8fe18edad64cde9e842d3669230ca486f7cfdde1f8eec54d1905fff04acc85e61093e180cadc6cea407f193d44bb0e9449b8dbb49784cd9e36260c39e06a947299978c6ed8300724e887198cfede20f3fbde658fa2bd078be946a392bd349f2b49c486e20c405588e306706c9017308e69", 16), + new BigInteger("ffff", 16)); + + +// RSAPrivateCrtKeySpec intPrivKeySpec = new RSAPrivateCrtKeySpec( + RsaPrivateCrtKeyParameters intPrivKey = new RsaPrivateCrtKeyParameters( + new BigInteger("8de0d113c5e736969c8d2b047a243f8fe18edad64cde9e842d3669230ca486f7cfdde1f8eec54d1905fff04acc85e61093e180cadc6cea407f193d44bb0e9449b8dbb49784cd9e36260c39e06a947299978c6ed8300724e887198cfede20f3fbde658fa2bd078be946a392bd349f2b49c486e20c405588e306706c9017308e69", 16), + new BigInteger("ffff", 16), + new BigInteger("7deb1b194a85bcfd29cf871411468adbc987650903e3bacc8338c449ca7b32efd39ffc33bc84412fcd7df18d23ce9d7c25ea910b1ae9985373e0273b4dca7f2e0db3b7314056ac67fd277f8f89cf2fd73c34c6ca69f9ba477143d2b0e2445548aa0b4a8473095182631da46844c356f5e5c7522eb54b5a33f11d730ead9c0cff", 16), + new BigInteger("ef4cede573cea47f83699b814de4302edb60eefe426c52e17bd7870ec7c6b7a24fe55282ebb73775f369157726fcfb988def2b40350bdca9e5b418340288f649", 16), + new BigInteger("97c7737d1b9a0088c3c7b528539247fd2a1593e7e01cef18848755be82f4a45aa093276cb0cbf118cb41117540a78f3fc471ba5d69f0042274defc9161265721", 16), + new BigInteger("6c641094e24d172728b8da3c2777e69adfd0839085be7e38c7c4a2dd00b1ae969f2ec9d23e7e37090fcd449a40af0ed463fe1c612d6810d6b4f58b7bfa31eb5f", 16), + new BigInteger("70b7123e8e69dfa76feb1236d0a686144b00e9232ed52b73847e74ef3af71fb45ccb24261f40d27f98101e230cf27b977a5d5f1f15f6cf48d5cb1da2a3a3b87f", 16), + new BigInteger("e38f5750d97e270996a286df2e653fd26c242106436f5bab0f4c7a9e654ce02665d5a281f2c412456f2d1fa26586ef04a9adac9004ca7f913162cb28e13bf40d", 16)); + + // + // ca keys + // +// RSAPublicKeySpec caPubKeySpec = new RSAPublicKeySpec( + RsaKeyParameters caPubKey = new RsaKeyParameters(false, + new BigInteger("b259d2d6e627a768c94be36164c2d9fc79d97aab9253140e5bf17751197731d6f7540d2509e7b9ffee0a70a6e26d56e92d2edd7f85aba85600b69089f35f6bdbf3c298e05842535d9f064e6b0391cb7d306e0a2d20c4dfb4e7b49a9640bdea26c10ad69c3f05007ce2513cee44cfe01998e62b6c3637d3fc0391079b26ee36d5", 16), + new BigInteger("11", 16)); + +// RSAPrivateCrtKeySpec caPrivKeySpec = new RSAPrivateCrtKeySpec( + RsaPrivateCrtKeyParameters caPrivKey = new RsaPrivateCrtKeyParameters( + new BigInteger("b259d2d6e627a768c94be36164c2d9fc79d97aab9253140e5bf17751197731d6f7540d2509e7b9ffee0a70a6e26d56e92d2edd7f85aba85600b69089f35f6bdbf3c298e05842535d9f064e6b0391cb7d306e0a2d20c4dfb4e7b49a9640bdea26c10ad69c3f05007ce2513cee44cfe01998e62b6c3637d3fc0391079b26ee36d5", 16), + new BigInteger("11", 16), + new BigInteger("92e08f83cc9920746989ca5034dcb384a094fb9c5a6288fcc4304424ab8f56388f72652d8fafc65a4b9020896f2cde297080f2a540e7b7ce5af0b3446e1258d1dd7f245cf54124b4c6e17da21b90a0ebd22605e6f45c9f136d7a13eaac1c0f7487de8bd6d924972408ebb58af71e76fd7b012a8d0e165f3ae2e5077a8648e619", 16), + new BigInteger("f75e80839b9b9379f1cf1128f321639757dba514642c206bbbd99f9a4846208b3e93fbbe5e0527cc59b1d4b929d9555853004c7c8b30ee6a213c3d1bb7415d03", 16), + new BigInteger("b892d9ebdbfc37e397256dd8a5d3123534d1f03726284743ddc6be3a709edb696fc40c7d902ed804c6eee730eee3d5b20bf6bd8d87a296813c87d3b3cc9d7947", 16), + new BigInteger("1d1a2d3ca8e52068b3094d501c9a842fec37f54db16e9a67070a8b3f53cc03d4257ad252a1a640eadd603724d7bf3737914b544ae332eedf4f34436cac25ceb5", 16), + new BigInteger("6c929e4e81672fef49d9c825163fec97c4b7ba7acb26c0824638ac22605d7201c94625770984f78a56e6e25904fe7db407099cad9b14588841b94f5ab498dded", 16), + new BigInteger("dae7651ee69ad1d081ec5e7188ae126f6004ff39556bde90e0b870962fa7b926d070686d8244fe5a9aa709a95686a104614834b0ada4b10f53197a5cb4c97339", 16)); + + + + // + // set up the keys + // +// KeyFactory fact = KeyFactory.getInstance("RSA", "BC"); +// PrivateKey caPrivKey = fact.generatePrivate(caPrivKeySpec); +// PublicKey caPubKey = fact.generatePublic(caPubKeySpec); +// PrivateKey intPrivKey = fact.generatePrivate(intPrivKeySpec); +// PublicKey intPubKey = fact.generatePublic(intPubKeySpec); +// PrivateKey privKey = fact.generatePrivate(privKeySpec); +// PublicKey pubKey = fact.generatePublic(pubKeySpec); + + X509CertificateEntry[] chain = new X509CertificateEntry[3]; + + chain[2] = CreateMasterCert(caPubKey, caPrivKey); + chain[1] = CreateIntermediateCert(intPubKey, caPrivKey, chain[2].Certificate); + chain[0] = CreateCert(pubKey, intPrivKey, intPubKey); + + // + // add the friendly name for the private key + // +// PKCS12BagAttributeCarrier bagAttr = (PKCS12BagAttributeCarrier)privKey; + IDictionary bagAttr = new Hashtable(); + + // + // this is also optional - in the sense that if you leave this + // out the keystore will add it automatically, note though that + // for the browser to recognise which certificate the private key + // is associated with you should at least use the pkcs_9_localKeyId + // OID and set it to the same as you do for the private key's + // corresponding certificate. + // +// bagAttr.setBagAttribute( +// PKCSObjectIdentifiers.pkcs_9_at_friendlyName, +// new DERBMPString("Eric's Key")); +// bagAttr.setBagAttribute( +// PKCSObjectIdentifiers.pkcs_9_at_localKeyId, +// new SubjectKeyIdentifierStructure(pubKey)); + bagAttr.Add(PkcsObjectIdentifiers.Pkcs9AtFriendlyName.Id, + new DerBmpString("Eric's Key")); + bagAttr.Add(PkcsObjectIdentifiers.Pkcs9AtLocalKeyID.Id, + new SubjectKeyIdentifierStructure(pubKey)); + + // + // store the key and the certificate chain + // +// KeyStore store = KeyStore.getInstance("PKCS12", "BC"); +// store.load(null, null); + Pkcs12Store store = new Pkcs12StoreBuilder().Build(); + + // + // if you haven't set the friendly name and local key id above + // the name below will be the name of the key + // + store.SetKeyEntry("Eric's Key", new AsymmetricKeyEntry(privKey, bagAttr), chain); + +// FileOutputStream fOut = new FileOutputStream("id.p12"); +// +// store.store(fOut, passwd); + FileStream fOut = File.Create("id.p12"); + store.Save(fOut, passwd, new SecureRandom()); + fOut.Close(); + } + } +} diff --git a/BouncyCastle/crypto/test/src/pkcs/test/EncryptedPrivateKeyInfoTest.cs b/BouncyCastle/crypto/test/src/pkcs/test/EncryptedPrivateKeyInfoTest.cs new file mode 100644 index 0000000..23639b1 --- /dev/null +++ b/BouncyCastle/crypto/test/src/pkcs/test/EncryptedPrivateKeyInfoTest.cs @@ -0,0 +1,95 @@ +using System; +using System.IO; + +using NUnit.Framework; + +using Org.BouncyCastle.Asn1.Pkcs; +using Org.BouncyCastle.Crypto; +using Org.BouncyCastle.Crypto.Generators; +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Math; +using Org.BouncyCastle.Security; +using Org.BouncyCastle.Utilities.Test; + +namespace Org.BouncyCastle.Pkcs.Tests +{ + [TestFixture] + public class EncryptedPrivateKeyInfoTest + : SimpleTest + { + private readonly string alg = PkcsObjectIdentifiers.PbeWithShaAnd3KeyTripleDesCbc.Id; // 3 key triple DES with SHA-1 + + public override string Name + { + get { return "EncryptedPrivateKeyInfoTest"; } + } + + public override void PerformTest() + { + IAsymmetricCipherKeyPairGenerator pGen = GeneratorUtilities.GetKeyPairGenerator("RSA"); + RsaKeyGenerationParameters genParam = new RsaKeyGenerationParameters( + BigInteger.ValueOf(0x10001), new SecureRandom(), 512, 25); + + pGen.Init(genParam); + + AsymmetricCipherKeyPair pair = pGen.GenerateKeyPair(); + + // + // set up the parameters + // + byte[] salt = { 1, 2, 3, 4, 5, 6, 7, 8, 9, 10 }; + int iterationCount = 100; + + // + // set up the key + // + char[] password1 = { 'h', 'e', 'l', 'l', 'o' }; + + EncryptedPrivateKeyInfo encInfo = EncryptedPrivateKeyInfoFactory.CreateEncryptedPrivateKeyInfo(alg, password1, salt, iterationCount, PrivateKeyInfoFactory.CreatePrivateKeyInfo(pair.Private)); + + PrivateKeyInfo info = PrivateKeyInfoFactory.CreatePrivateKeyInfo(password1, encInfo); + + AsymmetricKeyParameter key = PrivateKeyFactory.CreateKey(info); + + if (!key.Equals(pair.Private)) + { + Fail("Key corrupted"); + } + + doOpensslTestKeys(); + } + + private void doOpensslTestKeys() + { + string[] names = GetTestDataEntries("keys"); + foreach (string name in names) + { + if (!name.EndsWith(".key")) + continue; + +// Console.Write(name + " => "); + Stream data = GetTestDataAsStream(name); + AsymmetricKeyParameter key = PrivateKeyFactory.DecryptKey("12345678a".ToCharArray(), data); +// Console.WriteLine(key.GetType().Name); + if (!(key is RsaPrivateCrtKeyParameters)) + { + Fail("Sample key could not be decrypted: " + name); + } + } + } + + public static void Main( + string[] args) + { + RunTest(new EncryptedPrivateKeyInfoTest()); + } + + [Test] + public void TestFunction() + { + string resultText = Perform().ToString(); + + Assert.AreEqual(Name + ": Okay", resultText); + } + } +} diff --git a/BouncyCastle/crypto/test/src/pkcs/test/PKCS10Test.cs b/BouncyCastle/crypto/test/src/pkcs/test/PKCS10Test.cs new file mode 100644 index 0000000..45d59ed --- /dev/null +++ b/BouncyCastle/crypto/test/src/pkcs/test/PKCS10Test.cs @@ -0,0 +1,192 @@ +#region Using directives + +using System; +using System.Collections; +using System.Text; + +using NUnit.Framework; + +using Org.BouncyCastle.Math; +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Asn1; +using Org.BouncyCastle.Asn1.X509; +using Org.BouncyCastle.Asn1.Pkcs; +using Org.BouncyCastle.Crypto; +using Org.BouncyCastle.Crypto.Generators; +using Org.BouncyCastle.Utilities.Test; +using Org.BouncyCastle.Security; + +#endregion + +namespace Org.BouncyCastle.Pkcs.Tests +{ + [TestFixture] + public class Pkcs10Test + : SimpleTest + { + public override string Name + { + get { return "Pkcs10"; } + } + + [Test] + public void BrokenRequestWithDuplicateExtension() + { + + String keyName = "RSA"; + int keySize = 2048; + + String sigName = "SHA256withRSA"; + + IAsymmetricCipherKeyPairGenerator kpg = GeneratorUtilities.GetKeyPairGenerator(keyName); + + // kpg.initialize(keySize); + kpg.Init(new KeyGenerationParameters(new SecureRandom(), keySize)); + + AsymmetricCipherKeyPair kp = kpg.GenerateKeyPair(); + + IDictionary attrs = new Hashtable(); + attrs.Add(X509Name.C, "AU"); + attrs.Add(X509Name.O, "The Legion of the Bouncy Castle"); + attrs.Add(X509Name.L, "Melbourne"); + attrs.Add(X509Name.ST, "Victoria"); + attrs.Add(X509Name.EmailAddress, "feedback-crypto@bouncycastle.org"); + + IList order = new ArrayList(); + order.Add(X509Name.C); + order.Add(X509Name.O); + order.Add(X509Name.L); + order.Add(X509Name.ST); + order.Add(X509Name.EmailAddress); + + X509Name subject = new X509Name(order, attrs); + + // + // This is simulate the creation of a certification request with duplicate extensions. + // + + GeneralName name1 = new GeneralName(GeneralName.DnsName, "bc1.local"); + GeneralName name2 = new GeneralName(GeneralName.DnsName, "bc2.local"); + + Asn1EncodableVector v = new Asn1EncodableVector(); + Asn1EncodableVector e1 = new Asn1EncodableVector(); + e1.Add(X509Extensions.SubjectAlternativeName); + e1.Add(new DerOctetString(new GeneralNames(name1).GetEncoded())); + + Asn1EncodableVector e2 = new Asn1EncodableVector(); + e2.Add(X509Extensions.SubjectAlternativeName); + e2.Add(new DerOctetString(new GeneralNames(name2).GetEncoded())); + + v.Add(new DerSequence(e1)); + v.Add(new DerSequence(e2)); + + AttributePkcs attribute = new AttributePkcs(PkcsObjectIdentifiers.Pkcs9AtExtensionRequest, new DerSet(new DerSequence(v))); + + Pkcs10CertificationRequest req1 = new Pkcs10CertificationRequest( + sigName, + subject, + kp.Public, + new DerSet(attribute), + kp.Private); + + + // Round trip serialisation + byte[] bytes = req1.GetEncoded(); + Pkcs10CertificationRequest req2 = new Pkcs10CertificationRequest(bytes); + + + // + // Check verification after round tripping serialisation. + // + + if (!req2.Verify()) + { + Fail(sigName + ": Failed Verify check."); + } + + if (!req2.GetPublicKey().Equals(req1.GetPublicKey())) + { + Fail(keyName + ": Failed public key check."); + } + + // + // Disassemble the attributes with the duplicate extensions. + // + + X509Extensions extensions = req2.GetRequestedExtensions(); + + X509Extension returnedExtension = extensions.GetExtension(X509Extensions.SubjectAlternativeName); + Asn1Sequence seq = Asn1Sequence.GetInstance(returnedExtension.GetParsedValue()); + + // + // Check expected order and value. + // + if (!GeneralName.GetInstance(seq[0]).Equals(name1)) + { + Fail("expected name 1"); + } + + if (!GeneralName.GetInstance(seq[1]).Equals(name2)) + { + Fail("expected name 2"); + } + } + + + public override void PerformTest() + { + IAsymmetricCipherKeyPairGenerator pGen = GeneratorUtilities.GetKeyPairGenerator("RSA"); + RsaKeyGenerationParameters genParam = new RsaKeyGenerationParameters( + BigInteger.ValueOf(0x10001), new SecureRandom(), 512, 25); + + pGen.Init(genParam); + + AsymmetricCipherKeyPair pair = pGen.GenerateKeyPair(); + + IDictionary attrs = new Hashtable(); + + attrs.Add(X509Name.C, "AU"); + attrs.Add(X509Name.O, "The Legion of the Bouncy Castle"); + attrs.Add(X509Name.L, "Melbourne"); + attrs.Add(X509Name.ST, "Victoria"); + attrs.Add(X509Name.EmailAddress, "feedback-crypto@bouncycastle.org"); + + X509Name subject = new X509Name(new ArrayList(attrs.Keys), attrs); + + Pkcs10CertificationRequest req1 = new Pkcs10CertificationRequest( + "SHA1withRSA", + subject, + pair.Public, + null, + pair.Private); + + byte[] bytes = req1.GetEncoded(); + + Pkcs10CertificationRequest req2 = new Pkcs10CertificationRequest(bytes); + + if (!req2.Verify()) + { + Fail("Failed verify check."); + } + + if (!req2.GetPublicKey().Equals(req1.GetPublicKey())) + { + Fail("Failed public key check."); + } + } + + public static void Main( + string[] args) + { + RunTest(new Pkcs10Test()); + } + + [Test] + public void TestFunction() + { + string resultText = Perform().ToString(); + + Assert.AreEqual(Name + ": Okay", resultText); + } + } +} diff --git a/BouncyCastle/crypto/test/src/pkcs/test/PKCS12StoreTest.cs b/BouncyCastle/crypto/test/src/pkcs/test/PKCS12StoreTest.cs new file mode 100644 index 0000000..1b49a5d --- /dev/null +++ b/BouncyCastle/crypto/test/src/pkcs/test/PKCS12StoreTest.cs @@ -0,0 +1,1454 @@ +using System; +using System.Collections; +using System.IO; + +using NUnit.Framework; + +using Org.BouncyCastle.Asn1; +using Org.BouncyCastle.Asn1.Pkcs; +using Org.BouncyCastle.Asn1.X509; +using Org.BouncyCastle.Crypto; +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Math; +using Org.BouncyCastle.Pkcs; +using Org.BouncyCastle.Security; +using Org.BouncyCastle.Utilities.Encoders; +using Org.BouncyCastle.Utilities.Test; +using Org.BouncyCastle.X509; + +namespace Org.BouncyCastle.Pkcs.Tests +{ + /** + * Exercise the various key stores, making sure we at least get back what we put in! + *

    This tests both the PKCS12 key store.

    + */ + [TestFixture] + public class Pkcs12StoreTest + : SimpleTest + { + private static readonly char[] passwd = "hello world".ToCharArray(); + + // + // pkcs-12 pfx-pdu + // + private static readonly byte[] pkcs12 = Base64.Decode( + "MIACAQMwgAYJKoZIhvcNAQcBoIAkgAQBMAQBgAQBMAQBgAQBBgQBCQQJKoZI" + + "hvcNAQcBBAGgBAGABAEkBAGABAEEBAEBBAEwBAEEBAEDBAOCAzQEAQQEAQEE" + + "ATAEAQQEAQMEA4IDMAQBBAQBAQQBBgQBBAQBAQQBCwQBBAQBCwQLKoZIhvcN" + + "AQwKAQIEAQQEAQEEAaAEAQQEAQMEA4ICpQQBBAQBAQQBMAQBBAQBAwQDggKh" + + "BAEEBAEBBAEwBAEEBAEBBAEbBAEEBAEBBAEGBAEEBAEBBAEKBAEEBAEKBAoq" + + "hkiG9w0BDAEDBAEEBAEPBA8wDQQIoagiwNZPJR4CAQEEAQQEAQEEAQQEAQQE" + + "AQMEA4ICgAQBBAQDggKABIICgEPG0XlhMFyrs4ZWDrvEzl51ICfXd6K2ql2l" + + "nnxhszUbigtSj6x49VEx4PfOB9fQFeidc5L5An+nKp646NBMIY0UwXGs8BLQ" + + "au59jtOs987+l7QYIvl6fdGUIuLPhVSnZZDyqD+HQjU/0/ccKFHRif4tlEQq" + + "aErvZbFeH0pg4ijf1HfgX6gBJGRKdO+msa4qKGnZdHCSLZehyyxvxAmURetg" + + "yhtEl7RmedTB+4TDs7atekqxkNlD9tfwDUX6sb0IH6qbEA6P/DlVMdaD54Cl" + + "QDxRzOfIIjklZhv5OMFWtPK0aYPcqyxzLpw1qRAyoTVXpidkj/hpIpgCVBP/" + + "k5s2+WdGbLgA/4/zSrF6feRCE5llzM2IGxiHVq4oPzzngl3R+Fi5VCPDMcuW" + + "NRuIOzJA+RNV2NPOE/P3knThDnwiImq+rfxmvZ1u6T06s20RmWK6cxp7fTEw" + + "lQ9BOsv+mmyV8dr6cYJq4IlRzHdFOyEUBDwfHThyribNKKobO50xh2f93xYj" + + "Rn5UMOQBJIe3b7OKZt5HOIMrJSZO02IZgvImi9yQWi96PnWa419D1cAsLWvM" + + "xiN0HqZMbDFfxVM2BZmsxiexLhkHWKwLqfQDzRjJfmVww8fnXpWZhFXKyut9" + + "gMGEyCNoba4RU3QI/wHKWYaK74qtJpsucuLWBH6UcsHsCry6VZkwRxWwC0lb" + + "/F3Bm5UKHax5n9JHJ2amQm9zW3WJ0S5stpPObfmg5ArhbPY+pVOsTqBRlop1" + + "bYJLD/X8Qbs468Bwzej0FhoEU59ZxFrbjLSBsMUYrVrwD83JE9kEazMLVchc" + + "uCB9WT1g0hxYb7VA0BhOrWhL8F5ZH72RMCYLPI0EAQQEAQEEATEEAQQEAQEE" + + "AXgEAQQEAQEEATAEAQQEAQEEAVEEAQQEAQEEAQYEAQQEAQEEAQkEAQQEAQkE" + + "CSqGSIb3DQEJFAQBBAQBAQQBMQQBBAQBAQQBRAQBBAQBAQQBHgQBBAQBAQQB" + + "QgQBBAQBQgRCAEQAYQB2AGkAZAAgAEcALgAgAEgAbwBvAGsAJwBzACAAVgBl" + + "AHIAaQBTAGkAZwBuACwAIABJAG4AYwAuACAASQBEBAEEBAEBBAEwBAEEBAEB" + + "BAEjBAEEBAEBBAEGBAEEBAEBBAEJBAEEBAEJBAkqhkiG9w0BCRUEAQQEAQEE" + + "ATEEAQQEAQEEARYEAQQEAQEEAQQEAQQEAQEEARQEAQQEARQEFKEcMJ798oZL" + + "FkH0OnpbUBnrTLgWBAIAAAQCAAAEAgAABAEwBAGABAEGBAEJBAkqhkiG9w0B" + + "BwYEAaAEAYAEATAEAYAEAQIEAQEEAQAEATAEAYAEAQYEAQkECSqGSIb3DQEH" + + "AQQBMAQBGwQBBgQBCgQKKoZIhvcNAQwBBgQPMA0ECEE7euvmxxwYAgEBBAGg" + + "BAGABAEEBAEIBAgQIWDGlBWxnwQBBAQBCAQI2WsMhavhSCcEAQQEAQgECPol" + + "uHJy9bm/BAEEBAEQBBCiRxtllKXkJS2anKD2q3FHBAEEBAEIBAjKy6BRFysf" + + "7gQBBAQDggMwBIIDMJWRGu2ZLZild3oz7UBdpBDUVMOA6eSoWiRIfVTo4++l" + + "RUBm8TpmmGrVkV32PEoLkoV+reqlyWCvqqSjRzi3epQiVwPQ6PV+ccLqxDhV" + + "pGWDRQ5UttDBC2+u4fUQVZi2Z1i1g2tsk6SzB3MKUCrjoWKvaDUUwXo5k9Vz" + + "qSLWCLTZCjs3RaY+jg3NbLZYtfMDdYovhCU2jMYV9adJ8MxxmJRz+zPWAJph" + + "LH8hhfkKG+wJOSszqk9BqGZUa/mnZyzeQSMTEFga1ZB/kt2e8SZFWrTZEBgJ" + + "oszsL5MObbwMDowNurnZsnS+Mf7xi01LeG0VT1fjd6rn9BzVwuMwhoqyoCNo" + + "ziUqSUyLEwnGTYYpvXLxzhNiYzW8546KdoEKDkEjhfYsc4XqSjm9NYy/BW/M" + + "qR+aL92j8hqnkrWkrWyvocUe3mWaiqt7/oOzNZiMTcV2dgjjh9HfnjSHjFGe" + + "CVhnEWzV7dQIVyc/qvNzOuND8X5IyJ28xb6a/i1vScwGuo/UDgPAaMjGw28f" + + "siOZBShzde0Kj82y8NilfYLHHeIGRW+N/grUFWhW25mAcBReXDd5JwOqM/eF" + + "y+4+zBzlO84ws88T1pkSifwtMldglN0APwr4hvUH0swfiqQOWtwyeM4t+bHd" + + "5buAlXOkSeF5rrLzZ2/Lx+JJmI2pJ/CQx3ej3bxPlx/BmarUGAxaI4le5go4" + + "KNfs4GV8U+dbEHQz+yDYL+ksYNs1eb+DjI2khbl28jhoeAFKBtu2gGOL5M9M" + + "CIP/JDOCHimu1YZRuOTAf6WISnG/0Ri3pYZsgQ0i4cXj+WfYwYVjhKX5AcDj" + + "UKnc4/Cxp+TbbgZqEKRcYVb2q0kOAxkeaNo3WCm+qvUYrwAmKp4nVB+/24rK" + + "khHiyYJQsETxtOEyvJkVxAS01djY4amuJ4jL0sYnXIhW3Ag93eavbzksGT7W" + + "Fg1ywpr1x1xpXWIIuVt1k4e+g9fy7Yx7rx0IK1qCSjNwU3QPWbaef1rp0Q/X" + + "P9IVXYkqo1g/T3SyXqrbZLO+sDjiG4IT3z3fJJqt81sRSVT0QN1ND8l93BG4" + + "QKzghYw8sZ4FwKPtLky1dDcVTgQBBAQBCAQIK/85VMKWDWYEAQQEAQgECGsO" + + "Q85CcFwPBAEEBAEIBAhaup6ot9XnQAQBBAQCgaAEgaCeCMadSm5fkLfhErYQ" + + "DgePZl/rrjP9FQ3VJZ13XrjTSjTRknAbXi0DEu2tvAbmCf0sdoVNuZIZ92W0" + + "iyaa2/A3RHA2RLPNQz5meTi1RE2N361yR0q181dC3ztkkJ8PLyd74nCtgPUX" + + "0JlsvLRrdSjPBpBQ14GiM8VjqeIY7EVFy3vte6IbPzodxaviuSc70iXM4Yko" + + "fQq6oaSjNBFRqkHrBAEEBAEIBAjlIvOf8SnfugQBBAQBCAQIutCF3Jovvl0E" + + "AQQEAQgECO7jxbucdp/3BAEEBAEIBAidxK3XDLj+BwQBBAQBCAQI3m/HMbd3" + + "TwwEAQQEA4ICOASCAjgtoCiMfTkjpCRuMhF5gNLRBiNv+xjg6GvZftR12qiJ" + + "dLeCERI5bvXbh9GD6U+DjTUfhEab/37TbiI7VOFzsI/R137sYy9Tbnu7qkSx" + + "u0bTvyXSSmio6sMRiWIcakmDbv+TDWR/xgtj7+7C6p+1jfUGXn/RjB3vlyjL" + + "Q9lFe5F84qkZjnADo66p9gor2a48fgGm/nkABIUeyzFWCiTp9v6FEzuBfeuP" + + "T9qoKSnCitaXRCru5qekF6L5LJHLNXLtIMSrbO0bS3hZK58FZAUVMaqawesJ" + + "e/sVfQip9x/aFQ6U3KlSpJkmZK4TAqp9jIfxBC8CclbuwmoXPMomiCH57ykr" + + "vkFHOGcxRcCxax5HySCwSyPDr8I4+6Kocty61i/1Xr4xJjb+3oyFStIpB24x" + + "+ALb0Mz6mUa1ls76o+iQv0VM2YFwnx+TC8KC1+O4cNOE/gKeh0ircenVX83h" + + "GNez8C5Ltg81g6p9HqZPc2pkwsneX2sJ4jMsjDhewV7TyyS3x3Uy3vTpZPek" + + "VdjYeVIcgAz8VLJOpsIjyHMB57AyT7Yj87hVVy//VODnE1T88tRXZb+D+fCg" + + "lj2weQ/bZtFzDX0ReiEQP6+yklGah59omeklIy9wctGV1o9GNZnGBSLvQ5NI" + + "61e9zmQTJD2iDjihvQA/6+edKswCjGRX6rMjRWXT5Jv436l75DVoUj09tgR9" + + "ytXSathCjQUL9MNXzUMtr7mgEUPETjM/kYBR7CNrsc+gWTWHYaSWuqKVBAEE" + + "BAEIBAh6slfZ6iqkqwQBBAQBCAQI9McJKl5a+UwEAQQEATgEOBelrmiYMay3" + + "q0OW2x2a8QQodYqdUs1TCUU4JhfFGFRy+g3yU1cP/9ZSI8gcI4skdPc31cFG" + + "grP7BAEEBAEIBAhzv/wSV+RBJQQBBAQBCAQI837ImVqqlr4EAQQEAQgECGeU" + + "gjULLnylBAEEBAEIBAjD3P4hlSBCvQQBBAQBCAQISP/qivIzf50EAQQEAQgE" + + "CKIDMX9PKxICBAEEBAOCBOgEggTocP5VVT1vWvpAV6koZupKN1btJ3C01dR6" + + "16g1zJ5FK5xL1PTdA0r6iAwVtgYdxQYnU8tht3bkNXdPJC1BdsC9oTkBg9Nr" + + "dqlF5cCzXWIezcR3ObjGLpXu49SAHvChH4emT5rytv81MYxZ7bGmlQfp8BNa" + + "0cMZz05A56LXw//WWDEzZcbKSk4tCsfMXBdGk/ngs7aILZ4FGM620PBPtD92" + + "pz2Ui/tUZqtQ0WKdLzwga1E/rl02a/x78/OdlVRNeaIYWJWLmLavX98w0PhY" + + "ha3Tbj/fqq+H3ua6Vv2Ff4VeXazkXpp4tTiqUxhc6aAGiRYckwZaP7OPSbos" + + "RKFlRLVofSGu1IVSKO+7faxV4IrVaAAzqRwLGkpJZLV7NkzkU1BwgvsAZAI4" + + "WClPDF228ygbhLwrSN2NK0s+5bKhTCNAR/LCUf3k7uip3ZSe18IwEkUMWiaZ" + + "ayktcTYn2ZjmfIfV7wIxHgWPkP1DeB+RMS7VZe9zEgJKOA16L+9SNBwJSSs9" + + "5Sb1+nmhquZmnAltsXMgwOrR12JLIgdfyyqGcNq997U0/KuHybqBVDVu0Fyr" + + "6O+q5oRmQZq6rju7h+Hb/ZUqRxRoTTSPjGD4Cu9vUqkoNVgwYOT+88FIMYun" + + "g9eChhio2kwPYwU/9BNGGzh+hAvAKcUpO016mGLImYin+FpQxodJXfpNCFpG" + + "4v4HhIwKh71OOfL6ocM/518dYwuU4Ds2/JrDhYYFsn+KprLftjrnTBnSsfYS" + + "t68b+Xr16qv9r6sseEkXbsaNbrGiZAhfHEVBOxQ4lchHrMp4zpduxG4crmpc" + + "+Jy4SadvS0uaJvADgI03DpsDYffUdriECUqAfOg/Hr7HHyr6Q9XMo1GfIarz" + + "eUHBgi1Ny0nDTWkdb7I3bIajG+Unr3KfK6dZz5Lb3g5NeclU5zintB1045Jr" + + "j9fvGGk0/2lG0n17QViBiOzGs2poTlhn7YxmiskwlkRKVafxPZNPxKILpN9s" + + "YaWGz93qER/pGMJarGJxu8sFi3+yt6FZ4pVPkvKE8JZMEPBBrmH41batS3sw" + + "sfnJ5CicAkwd8bluQpoc6qQd81HdNpS6u7djaRSDwPtYnZWu/8Hhj4DXisje" + + "FJBAjQdn2nK4MV7WKVwr+mNcVgOdc5IuOZbRLOfc3Sff6kYVuQFfcCGgAFpd" + + "nbprF/FnYXR/rghWE7fT1gfzSMNv+z5UjZ5Rtg1S/IQfUM/P7t0UqQ01/w58" + + "bTlMGihTxHiJ4Qf3o5GUzNmAyryLvID+nOFqxpr5es6kqSN4GPRHsmUIpB9t" + + "f9Nw952vhsXI9uVkhQap3JvmdAKJaIyDz6Qi7JBZvhxpghVIDh73BQTaAFP9" + + "5GUcPbYOYJzKaU5MeYEsorGoanSqPDeKDeZxjxJD4xFsqJCoutyssqIxnXUN" + + "Y3Uojbz26IJOhqIBLaUn6QVFX79buWYjJ5ZkDS7D8kq6DZeqZclt5711AO5U" + + "uz/eDSrx3d4iVHR+kSeopxFKsrK+KCH3CbBUMIFGX/GE9WPhDWCtjjNKEe8W" + + "PinQtxvv8MlqGXtv3v7ObJ2BmfIfLD0rh3EB5WuRNKL7Ssxaq14KZGEBvc7G" + + "Fx7jXLOW6ZV3SH+C3deJGlKM2kVhDdIVjjODvQzD8qw8a/ZKqDO5hGGKUTGD" + + "Psdd7O/k/Wfn+XdE+YuKIhcEAQQEAQgECJJCZNJdIshRBAEEBAEIBAiGGrlG" + + "HlKwrAQBBAQBCAQIkdvKinJYjJcEAQQEAUAEQBGiIgN/s1bvPQr+p1aQNh/X" + + "UQFmay6Vm5HIvPhoNrX86gmMjr6/sg28/WCRtSfyuYjwQkK91n7MwFLOBaU3" + + "RrsEAQQEAQgECLRqESFR50+zBAEEBAEIBAguqbAEWMTiPwQBBAQBGAQYKzUv" + + "EetQEAe3cXEGlSsY4a/MNTbzu1WbBAEEBAEIBAiVpOv1dOWZ1AQCAAAEAgAA" + + "BAIAAAQCAAAEAgAABAIAAAAAAAAAADA1MCEwCQYFKw4DAhoFAAQUvMkeVqe6" + + "D4UmMHGEQwcb8O7ZwhgEEGiX9DeqtRwQnVi+iY/6Re8AAA=="); + + private static readonly byte[] certUTF = Base64.Decode( + "MIIGVQIBAzCCBg8GCSqGSIb3DQEHAaCCBgAEggX8MIIF+DCCAsUGCSqGSIb3" + + "DQEHAaCCArYEggKyMIICrjCCAqoGCyqGSIb3DQEMCgEDoIIChTCCAoEGCiqG" + + "SIb3DQEJFgGgggJxBIICbTCCAmkwggHSoAMCAQICAQcwDQYJKoZIhvcNAQEF" + + "BQAwOTEPMA0GA1UEBxMGTGV1dmVuMRkwFwYDVQQKExBVdGltYWNvIFN1YiBD" + + "QSAyMQswCQYDVQQGEwJCRTAeFw05OTEyMzEyMzAwMDBaFw0xOTEyMzEyMzAw" + + "MDBaMFcxCzAJBgNVBAYTAkJFMQ8wDQYDVQQHEwZIYWFjaHQxEDAOBgNVBAoT" + + "B1V0aW1hY28xDDAKBgNVBAsMA1ImRDEXMBUGA1UEAxMOR2VlcnQgRGUgUHJp" + + "bnMwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBANYGIyhTn/p0IA41ElLD" + + "fZ44PS88AAcDCiOd2DIMLck56ea+5nhI0JLyz1XgPHecc8SLFdl7vSIBA0eb" + + "tm/A7WIqIp0lcvgoyQ0qsak/dvzs+xw6r2xLCVogku4+/To6UebtfRsukXNI" + + "ckP5lWV/Ui4l+XvGdmENlEE9/BvOZIvLAgMBAAGjYzBhMBEGA1UdIwQKMAiA" + + "BlN1YkNBMjAQBgNVHQ4ECQQHVXNlcklEMjAOBgNVHQ8BAf8EBAMCBLAwGQYD" + + "VR0RBBIwEIEOVXNlcklEMkB1dGkuYmUwDwYDVR0TAQH/BAUwAwEBADANBgkq" + + "hkiG9w0BAQUFAAOBgQACS7iLLgMV4O5gFdriI7dqX55l7Qn6HiRNxlSH2kCX" + + "41X82gae4MHFc41qqsC4qm6KZWi1yvTN9XgSBCXTaw1SXGTK7SuNdoYh6ufC" + + "KuAwy5lsaetyARDksRiOIrNV9j+MRIjJMjPNg+S+ysIHTWZo2NTUuVuZ01D2" + + "jDtYPhcDFDESMBAGCSqGSIb3DQEJFTEDBAE3MIIDKwYJKoZIhvcNAQcGoIID" + + "HDCCAxgCAQAwggMRBgkqhkiG9w0BBwEwKAYKKoZIhvcNAQwBAzAaBBS5KxQC" + + "BMuZ1To+yed2j/TT45td6gICCACAggLYxQS+fu7W2sLQTkslI0EoNxLoH/WO" + + "L8NgiIgZ5temV3mgC2q0MxjVVq+SCvG89ZSTfptxOaSmYV772irFdzlrtotZ" + + "wmYk1axuFDYQ1gH0M6i9FWuhOnbk7qHclmOroXqrrbP6g3IsjwztH0+iwBCg" + + "39f63V0rr8DHiu7zZ2hBkU4/RHEsXLjaCBVNTUSssWhVLisLh2sqBJccPC2E" + + "1lw4c4WrshGQ+syLGG38ttFgXT1c+xYNpUKqJiJTLVouOH9kK3nH1hPRHKMN" + + "9CucBdUzibvkcRk1L53F3MfvjhCSNeWEmd9PKN+FtUtzRWQG3L84VGTM37Ws" + + "YcxaDwDFGcw3u1W8WFsCCkjpZecKN8P2Kp/ai/iugcXY77bYwAwpETDvQFvD" + + "nnL9oGi03HYdfeiXglC7x7dlojvnpkXDbE0nJiFwhe8Mxpx8GVlGHtP+siXg" + + "tklubg1eTCSoG9m1rsBJM717ZHXUGf32HNun2dn4vOWGocgBmokZ46KKMb9v" + + "reT39JTxi8Jlp+2cYb6Qr/oBzudR+D4iAiiVhhhEbJKPNHa61YyxF810fNI2" + + "GWlNIyN3KcI8XU6WJutm/0H3X8Y+iCSWrJ2exUktj8GiqNQ6Yx0YgEk9HI7W" + + "t9UVTIsPCgCqrV4SWCOPf6so1JqnpvlPvvNyNxSsAJ7DaJx1+oD2QQfhowk/" + + "bygkKnRo5Y15ThrTsIyQKsJHTIVy+6K5uFZnlT1DGV3DcNpuk3AY26hrAzWO" + + "TuWXsULZe7M6h6U2hTT/eplZ/mwHlXdF1VErIuusaCdkSI0doY4/Q223H40L" + + "BNU3pTezl41PLceSll00WGVr2MunlNeXKnXDJW06lnfs9BmnpV2+Lkfmf30W" + + "Pn4RKJQc+3D3SV4fCoQLIGrKiZLFfEdGJcMlySr+dJYcEtoZPuo6i/hb5xot" + + "le63h65ihNtXlEDrNpYSQqnfhjOzk5/+ZvYEcOtDObEwPTAhMAkGBSsOAwIa" + + "BQAEFMIeDI9l2Da24mtA1fbQIPc6+4dUBBQ8a4lD7j1CA1vRLhdEgPM+5hpD" + + "RgICCAA="); + + private static readonly byte[] pkcs12noFriendly = Base64.Decode( + "MIACAQMwgAYJKoZIhvcNAQcBoIAkgASCBAAwgDCABgkqhkiG9w0BBwGggCSA" + + "BIICvjCCArowggK2BgsqhkiG9w0BDAoBAqCCAqUwggKhMBsGCiqGSIb3DQEM" + + "AQMwDQQIyJDupEHvySECAQEEggKAupvM7RuZL3G4qNeJM3afElt03TVfynRT" + + "xUxAZOfx+zekHJTlnEuHJ+a16cOV6dQUgYfyMw1xcq4E+l59rVeMX9V3Zr0K" + + "tsMN9VYB/9zn62Kw6LQnY0rMlWYf4bt9Ut5ysq0hE5t9FL+NZ5FbFdWBOKsj" + + "/3oC6eNXOkOFyrY2haPJtD1hVHUosrlC0ffecV0YxPDsReeyx0R4CiYZpAUy" + + "ZD7rkxL+mSX7zTsShRiga2Q/NEhC1KZpbhO/qbyOgvH0r7CRumSMvijzDgaV" + + "IGqtrIZ2E2k5kscjcuFTW0x3OZTLAW/UnAh4JXJzC6isbdiWuswbAEBHifUC" + + "rk2f+bDJKe2gkH67J2K0yDQ3YSSibpjDX/bVfbtfmOoggK9MKQwqEeE0nbYE" + + "jzInH2OK5jPtmwppjmVA7i3Uk25w2+z7b/suUbft9hPCNjxFvzdbyCcXK4Vv" + + "xAgEbVWnIkvOQNbyaQi+DEF/4P26GwgJgXuJpMBn0zzsSZSIDLNl8eJHoKp2" + + "ZXknTi0SZkLaYlBxZlNhFoyXLfvQd6TI2aR5aCVqg1aZMBXyOWfz5t0JTVX8" + + "HTIcdXKis91iEsLB7vjcxIOASTAjKARr5tRp6OvaVterAyDOn2awYQJLLic5" + + "pQfditRAlsLkTxlDdu0/QBMXSPptO8g3R+dS7ntvCjXgZZyxpOeKkssS2l5v" + + "/B2EsfKmYA9hU4aBdW1S9o/PcF1wpVqABd8664TGJ77tCAkbdHe0VJ3Bop2X" + + "lNxlWeEeD0v0QUZLqkJoMEwi5SUE6HAWjbqGhRuHyey9E+UsdCVnQ8AxXQzL" + + "2UKOmIrXc6R25GsLPCysXuXPRFBB2Tul0V3re3hPcAAAAAAAADCABgkqhkiG" + + "9w0BBwaggDCAAgEAMIAGCSqGSIb3DQEHATAbBgoqhkiG9w0BDAEGMA0ECDXn" + + "UZu6xckzAgEBoIAEggTYQMbzAoGnRVJMbCaJJUYgaARJ4zMfxt2e12H4pX/e" + + "vnZrR1eKAMck5c2vJoEasr0i2VUcAcK12AntVIEnBwuRBcA2WrZnC28WR+O7" + + "rLdu9ymG2V3zmk66aTizaB6rcHAzs2lD74n+/zJhZNaDMBfu9LzAdWb/u6Rb" + + "AThmbw764Zyv9802pET6xrB8ureffgyvQAdlcGHM+yxaOV3ZEtS0cp7i+pb/" + + "NTiET4jAFoO1tbBrWGJSRrMKvx4ZREppMhG3e/pYglfMFl+1ejbDsOvEUKSt" + + "H+MVrgDgAv4NsUtNmBu+BIIEAIOCjrBSK3brtV0NZOWsa6hZSSGBhflbEY8s" + + "U1bDsgZIW4ZaJJvSYEXLmiWSBOgq9VxojMfjowY+zj6ePJJMyI3E7AcFa+on" + + "zZjeKxkKypER+TtpBeraqUfgf01b6olH8L2i4+1yotCQ0PS+15qRYPK6D+d3" + + "S+R4veOA6wEsNRijVcB3oQsBCi0FVdf+6MVDvjNzBCZXj0heVi+x0EE106Sz" + + "B3HaDbB/KNHMPZvvs3J3z2lWLj5w7YZ9eVmrVJKsgG2HRKxtt2IQquRj4BkS" + + "upFnMTBVgWxXgwXycauC9bgYZurs+DbijqhHfWpUrttDfavsP8aX6+i3gabK" + + "DH4LQRL7xrTcKkcUHxOTcPHLgDPhi+RevkV+BX9tdajbk4tqw1d+0wOkf1pW" + + "aTG8fUp0lUpra7EJ0lGy8t/MB3NEk/5tLk9qA2nsKKdNoEdZWiEBE0fMrH1o" + + "tWJDew3VhspT+Lkor2dLN5ydjcr3wkb76OETPeMxS91onNj5mrAMUBt66vb6" + + "Gx4CL8FTRNZ/l8Kzngzdv9PmmKPTIXbhYbn3XRGg3od2tC/oVfsqYlGAMgFO" + + "STt+BZ1BR9Phyi4jsiy8R0seCEDRWYQLbwgwVj0V8Rx9VptqRoCnB4XhGJoJ" + + "TdAz/MT7KOSxIh2F2FymTJpyImcV6X4Kcj9iY0AZQ4zj712g4yMR6xKGzRu6" + + "oIBDkFW2bdA3Lb9ePpo5GFtNyA7IbggIko6VOeeOKxaq9nALS2gsZc1yaYtp" + + "aKL8kB+dVTCXiLgQniO6eMzgonsuwFnG+42XM1vhEpAvFzeJRC0CYzebEK9n" + + "nGXKCPoqPFuw3gcPMn57NCZJ8MjT/p0wANIEm6AsgqrdFKwTRVJ1ytB/X9Ri" + + "ysmjMBs9zbFKjU9jVDg1vGBNtb7YnYg9IrYHa3e4yTu2wUJKGP2XWHVgjDR7" + + "6RtzlO4ljw0kkSMMEDle2ZbGZ6lVXbFwV0wPNPmGA6+XGJRxcddTnrM6R/41" + + "zqksFLgoNL2BdofMXwv7SzxGyvFhHdRRdBZ5dKj2K9OfXakEcm/asZGu87u8" + + "y9m7Cckw8ilSNPMdvYiFRoThICx9NiwYl1IIKGcWlb9p6RAx6XNSkY6ZZ6pE" + + "Vla1E26rbd7is1ssSeqxLXXV9anuG5HDwMIt+CIbD8fZmNTcWMzZRiaFajvR" + + "gXdyTu/UhVdhiQPF+lrxp4odgF0cXrpcGaKvOtPq04F4ad3O5EkSGucI210Q" + + "pR/jQs07Yp5xDPzsXAb8naHb84FvK1iONAEjWbfhDxqtH7KGrBbW4KEzJrv3" + + "B8GLDp+wOAFjGEdGDPkOx3y2L2HuI1XiS9LwL+psCily/A96OiUyRU8yEz4A" + + "AAAAAAAAAAAEAwAAAAAAAAAAADAtMCEwCQYFKw4DAhoFAAQU1NQjgVRH6Vg3" + + "tTy3wnQisALy9aYECKiM2gZrLi+fAAA="); + + private static readonly char[] noFriendlyPassword = "sschette12".ToCharArray(); + + private static readonly byte[] pkcs12StorageIssue = Base64.Decode( + "MIIO8QIBAzCCDrEGCSqGSIb3DQEHAaCCDqIEgg6eMIIOmjCCBBMGCSqGSIb3" + + "DQEHAaCCBAQEggQAMIID/DCCA/gGCyqGSIb3DQEMCgECoIICtjCCArIwHAYK" + + "KoZIhvcNAQwBAzAOBAgURJ+/5hA2pgICB9AEggKQYZ4POE8clgH9Bjd1XO8m" + + "sr6NiRBiA08CllHSOn2RzyAgHTa+cKaWrEVVJ9mCd9XveSUCoBF9E1C3jSl0" + + "XIqLNgYd6mWK9BpeMRImM/5crjy///K4ab9kymzkc5qc0pIpdCQCZ04YmtFP" + + "B80VCgyaoh2xoxqgjBCIgdSg5XdepdA5nXkG9EsQ1oVUyCykv20lKgKKRseG" + + "Jo23AX8YUYR7ANqP2gz9lvlX6RBczuoZ62ujopUexiQgt5SZx97sgo3o/b/C" + + "px17A2L4wLdeAYCMCsZhC2UeaqnZCHSsvnPZfRGiuSEGbV5gHLmXszLDaEdQ" + + "Bo873GTpKTTzBfRFzNCtYtZRqh2AUsInWZWQUcCeX6Ogwa0wTonkp18/tqsh" + + "Fj1fVpnsRmjJTTXFxkPtUw5GPJnDAM0t1xqV7kOjN76XnZrMyk2azQ1Mf3Hn" + + "sGpF+VRGH6JtxbM0Jm5zD9uHcmkSfNR3tP/+vHOB1mkIR9tD2cHvBg7pAlPD" + + "RfDVWynhS+UBNlQ0SEM/pgR7PytRSUoKc/hhe3N8VerF7VL3BwWfBLlZFYZH" + + "FvPQg4coxF7+We7nrSQfXvdVBP9Zf0PTdf3pbZelGCPVjOzbzY/o/cB23IwC" + + "ONxlY8SC1nJDXrPZ5sY51cg/qUqor056YqipRlI6I+FoTMmMDKPAiV1V5ibo" + + "DNQJkyv/CAbTX4+oFlxgddTwYcPZgd/GoGjiP9yBHHdRISatHwMcM06CzXJS" + + "s3MhzXWD4aNxvvSpXAngDLdlB7cm4ja2klmMzL7IuxzLXFQFFvYf7IF5I1pC" + + "YZOmTlJgp0efL9bHjuHFnh0S0lPtlGDOjJ/4YpWvSKDplcPiXhaFVjsUtclE" + + "oxCC5xppRm8QWS8xggEtMA0GCSsGAQQBgjcRAjEAMBMGCSqGSIb3DQEJFTEG" + + "BAQBAAAAMGkGCSsGAQQBgjcRATFcHloATQBpAGMAcgBvAHMAbwBmAHQAIABS" + + "AFMAQQAgAFMAQwBoAGEAbgBuAGUAbAAgAEMAcgB5AHAAdABvAGcAcgBhAHAA" + + "aABpAGMAIABQAHIAbwB2AGkAZABlAHIwgZsGCSqGSIb3DQEJFDGBjR6BigA3" + + "AGQAZQBmADUAYgA0ADMANgBjAGEAYgBkADAAMAAyAGQAZAAyADkAMAAzAGIA" + + "MQA2ADgANgBjADcAOQA0ADgAXwA0ADYAZgAyADYAZgBkADQALQA4ADEAMgBk" + + "AC0ANABlAGYAYgAtADgAMAA4ADgALQA0ADUAYQBiADkAMQA5ADEAMAA3AGMA" + + "YzCCCn8GCSqGSIb3DQEHBqCCCnAwggpsAgEAMIIKZQYJKoZIhvcNAQcBMBwG" + + "CiqGSIb3DQEMAQYwDgQIbr2xdnQ9inMCAgfQgIIKOHg9VKz+jlM+3abi3cp6" + + "/XMathxDSEJLrxJs6j5DAVX17S4sw1Q/1pptjdMdd8QtTfUB6JpfgJ5Kpn+h" + + "gZMf6M8wWue0U/RZN0D9w7o+2n+X3ItdEXu80eJVDOm7I2p8qiXtijbMbXRL" + + "Cup1lgfPM5uv2D63/hmWRXLeG8eySrJnKENngpM559V8TI2JcTUBy1ZP3kcH" + + "KbcJ/tVPnIIe4qguxfsTmDtAQviGvWUohbt+RGFmtqfgntK7o6b+S8uRSwEs" + + "fOU/pnVE9M1ugtNJZI/xeGJq6umZWXA/OrAcK7feWUwqRvfivDGQJEoggByd" + + "4/g92PhK1JGkwlCb1HdfhOOKKChowQ4zVvSOm+uBxARGhk2i5uW9I20I0vSJ" + + "px42O2VFVJweOchfp+wBtSHBKYP1ZXyXWMvOtULClosSeesbYMAwvyBfpYEz" + + "3rQt/1iZkqDmEisXk8X1aEKG1KSWaSPyb/+6glWikDm+YdQw3Khu7IZt1l/H" + + "qWGecccel+R9mT4YjRzHlahUYk4U+RNVasVpH1Kxz2j3CZqL+b3jQOwSAPd/" + + "hKI+S/pjIpBPfiC4WxORAzGZzY2j+a79B70h1DO1D9jGur3vJDbdmGBNgs6d" + + "nonE1B527SICcGeXY1MtnZCLOPvySih0AvOekbN9x2CJg+Hp9e7A3Fxni53/" + + "oMLr9wGRRDki72eXCXW98mU8VJofoWYS1/VBLXGf/f+tJ9J02PpzxleqPH9T" + + "4mE+YHnZId6cqjCXmwvMr2cMw2clDVfvkbAJRE3eZHzL7IWSO8+giXzzrTsl" + + "VbMuXVkT4oniTN7TSRsBCT3zVVmCy1QL2hPBD6KsVc+bvLgAHRov84FPrI3f" + + "kY/oJufT36VE34Eu+QjzULlvVsLE3lhjutOerVIGSP//FM4LE99hp214P0JF" + + "DgBK+3J+ihmFdW8hUXOt6BU8/MBeiroiJMWo1/f/XcduekG2ZsdGv+GNPzXI" + + "PyHRpCgAgmck1+qoUPXxHRJuNqv223OZ5MN14X7iLl5OZ+f8IWfxUnZeZ9gj" + + "HNeceElwZ+YOup1CAi3haD9jxRWhZG4NDfB4IYi4Bc/TAkXE3jCPkYEvIbj9" + + "ExaU1Ts0+lqOOcwRmBoYjVrz0xbtfR/OWlopyrDHbeL5iQcQCW/loYRapWCZ" + + "E4ekHknpX9yoAwT355vtTkl0VKXeSZHE8jREhN95aY9zCoLYwbTQDTw7qUR5" + + "UamabLew0oS0XALtuOrfX4OUOZZUstUsGBle/Pw1TE3Bhe1clhrikp0F+Xgb" + + "Xx90KqxZX/36RMnCMAD7/q+57rV7WXp2Y5tT0AUgyUMjy1F1X/b1olUfqO1u" + + "rlWIUTl2znmQ3D9uO3W4ytfgGd5DpKcl2w84MBAT9qGwKuQg/UYKbP4K/+4L" + + "Y1DWCy3utmohQ28IJtlIUkPL1G7lHX1tfq/VA+bRNTJIhMrNn06ZJpuEJHDs" + + "/ferdlMFt/d6MrwVivmPVYkb8mSbHSiI8jZOFE44sA974depsDyXafFaSsl0" + + "bVzqOAu0C/n9dIednU0xxxgDF/djdZ/QhbaDIg2VJf11wx0nw9n76B0+eeyu" + + "QLaapzxCpQNDVOAM9doBb5F1I5pXQHFQqzTNtLmqDC4x0g8IH7asyk5LCglT" + + "b1pwMqPJOL2vGWKRLhPzT+9OfSpCmYGKytf593hmGmwIgEO13hQrw31F5TYt" + + "btkbDr+Q5XilOKEczhEM+Ug7YHU7bxkckOAbxu0YeRp/57GdGLokeLJ0dRlQ" + + "+V2CfQvWJoVC6PS4PUQtjwgK2p/LU10QsEFwM/S621fGq9zGrv7+FPBATRDb" + + "k4E9D/WaRylnW11ZTrOlTchQkoHcOh0xztlFxU8jzuIuDrPQQWkoqdl6B+yf" + + "lykRNJKKxwzFiPl40nLC3nEdIzCEvR4r/9QHiWQxAVSc/wQX+an5vakUmSXS" + + "oLFjgVdY1jmvdsx2r5BQPuOR8ONGmw/muvVSMaHV85brA4uk0lxn00HD9/a0" + + "A1LCeFkabNLn9wJT8RaJeOSNmFFllLR70OHaoPSb3GyzHpvd1e6aeaimdyVH" + + "BQWJ6Ufx+HjbOGuOiN46WyE6Q27dnWxx8qF89dKB4T/J0mEXqueiUjAUnnnR" + + "Cs4zPaX53hmNBdrZGaLs+xNG8xy+iyBUJIWWfQAQjCjfHYlT9nygiUWIbVQq" + + "RHkGkAN62jsSNLgHvWVzQPNNsYq0U8TPhyyci/vc8MJytujjptcz8FPqUjg2" + + "TPv34ef9buErsm4vsdEv/8Z+9aDaNex+O3Lo3N0Aw7M5NcntFBHjFY/nBFNZ" + + "whH5YA4gQ8PLZ5qshlGvb0DFXHV/9zxnsdPkLwH47ERm5IlEAuoaWtZFxg27" + + "BjLfwU1Opk+ybDSb5WZVZrs7ljsU85p3Vaf3a//yoyr9ITYj15tTXxSPoct0" + + "fDUy1I6LjJH/+eZXKA1WSda9mDQlRocvJ0IIIlI4weJpTdm8aHIJ8OngCqOF" + + "TufcSLDM41+nxEK1LqXeAScVy74kVvvqngj6mIrbylrINZOHheEgTXrUWEc0" + + "uXS8l1YqY6K6Ru5km2jVyWi/ujrDGb6QGShC09oiDYUuUGy4gwJ3XLVX/dR3" + + "pmMExohTGiVefFP400wVZaxB9g1BQmjSEZxIaW1U1K6fk8Yni8yWB3/L/PuD" + + "0+OV+98i1sQGaPe35crIpEc7R2XJdngL0Ol1ZuvCIBfy5DQwGIawTtBnjPdi" + + "hy//QTt/isdu7C5pGaJDkZFMrfxMibr6c3xXr7wwR75sTzPNmS8mquEdLsmG" + + "h8gTUnB8/K6V11JtUExMqTimTbUw+j8PggpeBelG36breWJIz1O+dmCTGuLM" + + "x/sK/i8eiUeRvWjqYpq5DYt4URWg2WlcpcKiUxQp07/NMx0svDC+mlQGwMnJ" + + "8KOJMW1qr3TGEJ/VVKKVn6sXn/RxA+VPofYzhwZByRX87XmNdPeQKC2DHQsW" + + "6v83dua5gcnv0cv/smXt7Yr/c12i0fbIaQvj3qjtUCDucjARoBey3eCyG5H6" + + "5VHSsFnPZ2HCTum+jRSw/ENsu/77XU4BIM2fjAfswp7iIr2Xi4OZWKIj6o6q" + + "+fNgnOJjemDYHAFK+hWxClrG8b+9Eaf21o4zcHkhCfBlYv4d+xcZOIDsDPwI" + + "sf+4V+CfoBLALsa2K0pXlPplGom/a8h7CjlyaICbWpEDItqwu7NQwdMRCa7i" + + "yAyM1sVjXUdcZByS1bjOFSeBe7ygAvEl78vApLxqt8Cw11XSsOtmwssecUN/" + + "pb7iHE4OMyOgsYx9u7rZ2hMyl42n3c29IwDYMumiNqk9cwCBpQTJAQEv4VzO" + + "QE5xYDBY9SEozni+4f7B7e2Wj/LOGb3vfNVYGNpDczBFxvr2FXTQla0lNYD/" + + "aePuC++QW4KvwiGL1Zx4Jo0eoDKWYlYj0qiNlQbWfVw+raaaFnlrq+je0W6P" + + "+BrKZCncho145y+CFKRLZrN5yl/cDxwsePMVhAIMr1DzVhgBXzA3MB8wBwYF" + + "Kw4DAhoEFN4Cwj9AtArnRbOIAsRhaaoZlTNJBBTIVPqCrloqLns145CWXjb0" + + "g141BQ=="); + + private static readonly char[] storagePassword = "pass".ToCharArray(); + + private static readonly byte[] pkcs12nopass = Base64.Decode( + "MIIMvgIBAzCCDIQGCSqGSIb3DQEHAaCCDHUEggxxMIIMbTCCCS8GCSqGSIb3" + + "DQEHBqCCCSAwggkcAgEAMIIJFQYJKoZIhvcNAQcBMBwGCiqGSIb3DQEMAQYw" + + "DgQIfnlhuZRR6/YCAggAgIII6DYgeRwq5n9kzvohZ3JuK+fB+9jZ7Or6EGBA" + + "GDxtBfHmSNUBWJEV/I8wV1zrKKoW/CaoZfA61pyrVZRd/roaqBx/koTFoh/g" + + "woyyWTRV9gYTXSVqPQgCH+e2dISAa6UGO+/YOWOOwG2X3t8tS+3FduFQFLt5" + + "cvUP98zENdm57Aef5pKpBSZDLIAoTASfmqwszWABRh2p/wKOHcCQ9Aj2e2vs" + + "pls/ntIv81MqPuxHttwX8e+3dKWGFrJRztLpCD2aua8VkSsHFsPxEHkezX4O" + + "6/VCjMCRFGophTS4dgKKtQIhZ9i/ESlr6sGKgIpyG99ALFpNEhtTKe+T3boE" + + "sEkhGDquSpu4PGz2m0W5sej1DyFkKX4zIbeMDAb1y3O7aP0F+Llo9QSeGsOA" + + "aCwND3NUAKBMOHzwdyNQcuCGCqY8j5rrSt99A5FMs3UVW3XU6hRCx7JlzO05" + + "PNCkcPRSnKSNzBhIR5W0qj4PAZnQTfX+wbtUaDLIqsObX4Muh2l3gl+JmdpO" + + "53U7ILqN8PAPly1eT+fIrUmlMmFhvo6LbTB7B2K728wsA/5wROlud/mOQz4s" + + "quS288YsnVc9ExSZKodWa3Pqcdb/cgKNJYDxrR6/eBHOj+0RLK/1yTK9ghj7" + + "IPYHoEqQbw768WK92RjM+RFGlXASkQhR9y4weWj/388uAWMIbQ+R2Zi4nb31" + + "knjqRPFThysG1bsRL04/9PgysaasfS9KYOeAlLqp+Ar4gJrof5fytBuY+6wm" + + "/J8eEdNw7VPV1cz/4rhrd2sfJQwDEN/iZoy8rTwe7wozpwZI0lwH11BBbav+" + + "1AMfI79jjxhqOeo7uxE2NzUmSd05JYI7a94tcRzGQyGEKpGxYCRamzFW23qb" + + "vG5Hcqi7Tdd7eTxw4c60l/vQLSo38g6ST5yZrK3URLiAtpioPyjrq2jnVfie" + + "QLsiAHhpHF01+t+OcKv3UjwdEyBmQ34h9klwiG7iwBFXZaPXFCF2Np1TqFVG" + + "jjBzmB+hRddEiYwN+XGCKB2Cvgc5ZMQ8LG9jQmEKLmOjuumz1ciAVY2qtl1s" + + "HYSvfNsIAV/gGzHshOVF19JmGtcQt3pMtupoRh+sh8jY2/x5eIKrj2Jx6HPd" + + "p/6IPUr54j0xSd6j7gWuXMj/eKp/utMNuBzAhkydnhXYedvTDYIj7SyPPIHa" + + "qtam8rxTDWn2AOxp7OXTgPmo1GU2zW1OLL1D3MFlS+oaRMfhgNrhW+QP5ay6" + + "ge4QLijpnSM+p0CbFAOClwzgdJV56bBVV09sDqSBXnG9MeEv5nDaH3I+GpPA" + + "UgDkaI4zT61kaGgk0uNMf3czy2ycoQzTx0iHDTXSdSqvUC1yFza8UG4AYaKz" + + "14gtSL7StvZtK0Y8oI084BINI1LgrWyrOLj7vkds4WrKhXm21BtM1GbN/pFh" + + "XI41h+XoD8KnEPqJ36rAgBo1uHqTNJCC7YikDE/dEvq6MkOx+Nug1YZRHEyi" + + "3AHry5u1HJHtxT34HXBwRXvnstuFhvU6cjc1WY1dJhu1p82TGnx7OBo/QbcM" + + "8MRrWmWuU5eW4jWbriGNGYfvZy+tHnGwy0bIeqrsHOG6/JwvfmYYXe64sryH" + + "5Qo96SZtcTJZaNFwuBY+bFUuOWm8YrT1L7Gl2Muf3pEVtNHLeYARBo1jEAym" + + "Cb4jw0oodZqbPKdyyzUZu69fdTJiQkMUcKDfHJEGK0Li9SvtdqJLiiJs57Tb" + + "YfOvn+TIuC40ssJFtmtlGCVH/0vtKLWYeW1NYAMzgI/nlhQ7W6Aroh8sZnqv" + + "SwxeQmRJaVLxiV6YveTKuVlCbqNVLeEtKYAujgnJtPemGCPbwZpwlBw6V+Dz" + + "oXveOBcUqATztWJeNv7RbU0Mk7k057+DNxXBIU+eHRGquyHQSBXxBbA+OFuu" + + "4SPfEAyoYed0HEaoKN9lIsBW1xTROI30MZvaJXvPdLsa8izXGPLnTGmoI+fv" + + "tJ644HtBCCCr3Reu82ZsTSDMxspZ9aa4ro9Oza+R5eULXDhVXedbhJBYiPPo" + + "J37El5lRqOgu2SEilhhVQq3ZCugsinCaY9P/RtWG4CFnH1IcIT5+/mivB48I" + + "2XfH6Xq6ziJdj2/r86mhEnz9sKunNvYPBDGlOvI7xucEf9AiEQoTR1xyFDbW" + + "ljL4BsJqgsHN02LyUzLwqMstwv+/JH1wUuXSK40Kik/N7+jEFW2C+/N8tN7l" + + "RPKSLaTjxVuTfdv/BH1dkV4iGFgpQrdWkWgkb+VZP9xE2mLz715eIAg13x6+" + + "n97tc9Hh375xZJqwr3QyYTXWpsK/vx04RThv8p0qMdqKvf3jVQWwnCnoeBv2" + + "L4h/uisOLY18qka/Y48ttympG+6DpmzXTwD1LycoG2SOWckCMmJhZK40+zr3" + + "NVmWf6iJtbLGMxI/kzTqbTaOfXc2MroertyM1rILRSpgnJFxJfai5Enspr9b" + + "SCwlP718jG2lQsnYlw8CuxoZAiaNy4MmC5Y3qNl3hlcggcHeLodyGkSyRsBg" + + "cEiKSL7JNvqr0X/nUeW28zVxkmQsWlp3KmST8agf+r+sQvw52fXNLdYznGZV" + + "rJrwgNOoRj0Z70MwTns3s/tCqDEsy5Sv/5dZW2uQEe7/wvmsP2WLu73Rwplg" + + "1dwi/Uo9lO9dkEzmoIK5wMPCDINxL1K+0Y79q0tIAEMDgaIxmtRpEh8/TEsA" + + "UwyEErkDsQqgGviH+ePmawJ/yehYHTRfYUgdUflwApJxRx65pDeSYkiYboMU" + + "8WSAQY2nh/p9hLlS4zbz9dCK2tzVyRkJgqNy/c4IpiHEx2l1iipW9vENglqx" + + "dYP4uqD8e3OOLjDQKizWx2t1u7GRwoEVQ3d3QzzOvsRcv7h+6vNsmYqE6phe" + + "wKFZLctpSn21zkyut444ij4sSr1OG68dEXLY0t0mATfTmXXy5GJBsdK/lLfk" + + "YTIPYYeDMle9aEicDqaKqkZUuYPnVchGp8UFMJ3M0n48OMDdDvpzBLTxxZeW" + + "cK5v/m3OEo3jgxy9wXfZdz//J3zXXqvX8LpMy1K9X0uCBTz6ERlawviMQhg1" + + "1okD5zCCAzYGCSqGSIb3DQEHAaCCAycEggMjMIIDHzCCAxsGCyqGSIb3DQEM" + + "CgECoIICpjCCAqIwHAYKKoZIhvcNAQwBAzAOBAj3QoojTSbZqgICCAAEggKA" + + "YOSp5XGdnG1pdm9CfvlAaUSHRCOyNLndoUTqteTZjHTEM9bGwNXAx4/R5H2Q" + + "PnPm5HB/ynVSXX0uKdW6YlbqUyAdV3eqE4X3Nl+K7ZoXmgAFnMr0tveBhT1b" + + "7rTi0TN4twjJzBTkKcxT8XKjvpVizUxGo+Ss5Wk8FrWLHAiC5dZvgRemtGcM" + + "w5S09Pwj+qXpjUhX1pB5/63qWPrjVf+Bfmlz4bWcqogGk0i7eg+OdTeWMrW0" + + "KR9nD1+/uNEyc4FdGtdIPnM+ax0E+vcco0ExQpTXe0xoX4JW7O71d550Wp89" + + "hAVPNrJA5eUbSWNsuz+38gjUJ+4XaAEhcA7HZIp6ZyxtzSJUoh7oqpRktoxu" + + "3cSVqVxIqAEqlNn6j0vbKfW91Od5DI5L+BIxY4xqXS7fdwipj9r6qWA8t9QU" + + "C2r1A+xXpZ4jEh6inHW9qlfACBBrYf8pSDakSR6yTbaA07LExw0IXz5oiQYt" + + "s7yx231CZlOH88bBmruLOIZsJjeg/lf63zI7Gg4F85QG3RqEJnY2pinLUTP7" + + "R62VErFZPc2a85r2dbFH1mSQIj/rT1IKe32zIW8xoHC4VwrPkT3bcLFAu2TH" + + "5k5zSI/gZUKjPDxb2dwLM4pvsj3gJ9vcFZp6BCuLkZc5rd7CyD8HK9PrBLKd" + + "H3Yngy4A08W4U3XUtIux95WE+5O/UEmSF7fr2vT//DwZArGUpBPq4Bikb8cv" + + "0wpOwUv8r0DXveeaPsxdipXlt29Ayywcs6KIidLtCaCX6/0u/XtMsGNFS+ah" + + "OlumTGBFpbLnagvIf0GKNhbg2lTjflACnxIj8d+QWsnrIU1uC1JRRKCnhpi2" + + "veeWd1m8GUb3aTFiMCMGCSqGSIb3DQEJFTEWBBS9g+Xmq/8B462FWFfaLWd/" + + "rlFxOTA7BgkqhkiG9w0BCRQxLh4sAEMAZQByAHQAeQBmAGkAawBhAHQAIAB1" + + "AHoAeQB0AGsAbwB3AG4AaQBrAGEwMTAhMAkGBSsOAwIaBQAEFKJpUOIj0OtI" + + "j2CPp38YIFBEqvjsBAi8G+yhJe3A/wICCAA="); + + private static readonly byte[] certsOnly = Base64.Decode( + "MIICnwIBAzCCApgGCSqGSIb3DQEHAaCCAokEggKFMIICgTCCAn0GCSqGSIb3" + + "DQEHAaCCAm4EggJqMIICZjCCAmIGCyqGSIb3DQEMCgEDoIICHDCCAhgGCiq" + + "GSIb3DQEJFgGgggIIBIICBDCCAgAwggFpoAMCAQICBHcheqIwDQYJKoZIhv" + + "cNAQELBQAwMjENMAsGA1UEChMERGVtbzENMAsGA1UECxMERGVtbzESMBAGA" + + "1UEAxMJRGVtbyBjZXJ0MCAXDTE5MDgzMTEzMDgzNloYDzIxMDkwNTE5MTMw" + + "ODM2WjAyMQ0wCwYDVQQKEwREZW1vMQ0wCwYDVQQLEwREZW1vMRIwEAYDVQQ" + + "DEwlEZW1vIGNlcnQwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAKOVC4" + + "Qeg0KPAPRB9WcZdvXitiJ+E6rd3czQGNzEFC6FesAllH3PHSWuUZ2YjhiVM" + + "YJyzwVP1II04iCRaIc65R45oVrHZ2ybWAOda2hBtySjQ2pIQQpoKE7nvL3j" + + "JcHoCIBJVf3c3xpfh7RucCOGiZDjU9CYPG8yznsazb5+fPF/AgMBAAGjITA" + + "fMB0GA1UdDgQWBBR/7wUDwa7T0vNzNgjOKdjz2Up9RzANBgkqhkiG9w0BAQ" + + "sFAAOBgQADzPFsaLhVYD/k9qMueYKi8Ftwijr37niF98cgAHEtq6TGsh3Se" + + "8gEK3dNJL18vm7NXgGsl8jUWsE9hCF9ar+/cDZ+KrZlZ5PLfifXJJKFqVAh" + + "sOORef0NRIVcTCoyQTW4pNpNZP9Ul5LJ3iIDjafgJMyEkRbavqdyfSqVTvY" + + "NpjEzMBkGCSqGSIb3DQEJFDEMHgoAYQBsAGkAYQBzMBYGDGCGSAGG+Watyn" + + "sBATEGBgRVHSUA"); + + private static readonly byte[] sentrixHard = Base64.Decode( + "MIIK1gIBAzCCCoIGCSqGSIb3DQEHAaCCCnMEggpvMIIKazCCAh8GCSqGSIb3" + + "DQEHAaCCAhAEggIMMIICCDCCAgQGCyqGSIb3DQEMCgECoIIBEDCCAQwwVwYJ" + + "KoZIhvcNAQUNMEowKQYJKoZIhvcNAQUMMBwECCwkpMJVacfsAgIH0DAMBggq" + + "hkiG9w0CCQUAMB0GCWCGSAFlAwQBKgQQB8wdZHiGq1MJtgbAmw6nmASBsMKx" + + "vNfn6cGwbqScfcHFXS6CVTTIPoEst0ZD6dDHVLThH9Fg+0++lEs7h7XbPAmg" + + "aBMSpj06LOMnZhzIG10nz6bYYCfqh7wcZ/TUwZL71n+czIbJwBov+XeKgEpH" + + "Acj4Xjv6DpPr2Z9LJZ9ohJ3gaOn4vEpd7zj6+hm6i4+iiNLgnuoBLYIftzxT" + + "rm9kscrT93cMkveBBeETe9Exb1vt2g5JF+UVIAs7Qw35OD1dQT5zMYHgMA0G" + + "CSsGAQQBgjcRAjEAMBMGCSqGSIb3DQEJFTEGBAQBAAAAMFsGCSqGSIb3DQEJ" + + "FDFOHkwAewAzADUAMgA2ADIAOQBCADIALQAxAEQARgBBAC0ANAA5ADgANQAt" + + "ADkANgAyAEIALQAyADgAOAA5ADMAMwBEAEMAMAAyADgANQB9MF0GCSsGAQQB" + + "gjcRATFQHk4ATQBpAGMAcgBvAHMAbwBmAHQAIABTAG8AZgB0AHcAYQByAGUA" + + "IABLAGUAeQAgAFMAdABvAHIAYQBnAGUAIABQAHIAbwB2AGkAZABlAHIwgghE" + + "BgkqhkiG9w0BBwGgggg1BIIIMTCCCC0wggLLBgsqhkiG9w0BDAoBA6CCAqMw" + + "ggKfBgoqhkiG9w0BCRYBoIICjwSCAoswggKHMIICLaADAgECAhAqxxC4L9yA" + + "IPEUfBRIgsUUMAoGCCqGSM49BAMCMIGRMQswCQYDVQQGEwJVUzEUMBIGA1UE" + + "CwwLRW5naW5lZXJpbmcxHTAbBgNVBAoMFERhdGEgSS9PIENvcnBvcmF0aW9u" + + "MRAwDgYDVQQHDAdSZWRtb25kMRMwEQYDVQQIDApXYXNoaW5ndG9uMSYwJAYD" + + "VQQDDB1EYXRhIEkvTyBFQyBUZXN0IEludGVybWVkaWF0ZTAeFw0yMDAyMjgy" + + "MzA3MzJaFw0yNTAyMjgyMzA3MzJaMIGTMQswCQYDVQQGEwJVUzEUMBIGA1UE" + + "CwwLRW5naW5lZXJpbmcxHTAbBgNVBAoMFERhdGEgSS9PIENvcnBvcmF0aW9u" + + "MRAwDgYDVQQHDAdSZWRtb25kMRMwEQYDVQQIDApXYXNoaW5ndG9uMSgwJgYD" + + "VQQDDB9EYXRhIEkvTyBFQyBUZXN0IFNpZ25pbmcgU0hBMjU2MFkwEwYHKoZI" + + "zj0CAQYIKoZIzj0DAQcDQgAEUgRJSWqivC+PBvi8iGX6AZTbXpe7sBxWROlO" + + "0czQiQaPQ4KvhJ1JjuE2B3IwxR7QhsuWHEnDUaK9G++Q3e1vnqNjMGEwDwYD" + + "VR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAe4wHQYDVR0OBBYEFDHinLUw" + + "lEUi3FXU6HeEcpOs3UIVMB8GA1UdIwQYMBaAFOgH0jlDIZ8zfvQ8dsBdxITd" + + "ev0GMAoGCCqGSM49BAMCA0gAMEUCICWxWcQ3tPPflX/l2T92rob1LNsWVXch" + + "mFH3+cFlsxC9AiEA2Dj/whaVyzlIrop0a9J7v5NJCuzZmdd3IeSJrLm5ZxMx" + + "FTATBgkqhkiG9w0BCRUxBgQEAQAAADCCApcGCyqGSIb3DQEMCgEDoIICcTCC" + + "Am0GCiqGSIb3DQEJFgGgggJdBIICWTCCAlUwggH6oAMCAQICEGe7tCX/8NRO" + + "821wo/vWG6IwCgYIKoZIzj0EAwIwgYkxCzAJBgNVBAYTAlVTMRQwEgYDVQQL" + + "DAtFbmdpbmVlcmluZzEdMBsGA1UECgwURGF0YSBJL08gQ29ycG9yYXRpb24x" + + "EDAOBgNVBAcMB1JlZG1vbmQxEzARBgNVBAgMCldhc2hpbmd0b24xHjAcBgNV" + + "BAMMFURhdGEgSS9PIEVDIFRlc3QgUm9vdDAeFw0yMDAyMjgyMzA3MzJaFw0y" + + "NTAyMjgyMzA3MzJaMIGJMQswCQYDVQQGEwJVUzEUMBIGA1UECwwLRW5naW5l" + + "ZXJpbmcxHTAbBgNVBAoMFERhdGEgSS9PIENvcnBvcmF0aW9uMRAwDgYDVQQH" + + "DAdSZWRtb25kMRMwEQYDVQQIDApXYXNoaW5ndG9uMR4wHAYDVQQDDBVEYXRh" + + "IEkvTyBFQyBUZXN0IFJvb3QwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAQD" + + "diFKicUv9eMnuVxtjqPZehcK0WI5G32Zb8SFC9NNgC5XrsL+RuuBE0XtWwih" + + "vjT+qNj8zPFQWXFvs4FzJbH1o0IwQDAPBgNVHRMBAf8EBTADAQH/MA4GA1Ud" + + "DwEB/wQEAwIB7jAdBgNVHQ4EFgQU6hTsqwM3Uic8t4OMvD+l2YO1c4cwCgYI" + + "KoZIzj0EAwIDSQAwRgIhAPMJtaJPuJD17ghhshwBDVrF4Hj1aN+nre7i61L5" + + "PISrAiEA397jjZDfkiYFihxhCzkh4QHRdxtce06uhrbaZLwIGtIxEzARBgkq" + + "hkiG9w0BCRQxBB4CAAAwggK/BgsqhkiG9w0BDAoBA6CCApkwggKVBgoqhkiG" + + "9w0BCRYBoIIChQSCAoEwggJ9MIICI6ADAgECAhBo7ji8qjZ1gybJzknvHrm5" + + "MAoGCCqGSM49BAMCMIGJMQswCQYDVQQGEwJVUzEUMBIGA1UECwwLRW5naW5l" + + "ZXJpbmcxHTAbBgNVBAoMFERhdGEgSS9PIENvcnBvcmF0aW9uMRAwDgYDVQQH" + + "DAdSZWRtb25kMRMwEQYDVQQIDApXYXNoaW5ndG9uMR4wHAYDVQQDDBVEYXRh" + + "IEkvTyBFQyBUZXN0IFJvb3QwHhcNMjAwMjI4MjMwNzMyWhcNMjUwMjI4MjMw" + + "NzMyWjCBkTELMAkGA1UEBhMCVVMxFDASBgNVBAsMC0VuZ2luZWVyaW5nMR0w" + + "GwYDVQQKDBREYXRhIEkvTyBDb3Jwb3JhdGlvbjEQMA4GA1UEBwwHUmVkbW9u" + + "ZDETMBEGA1UECAwKV2FzaGluZ3RvbjEmMCQGA1UEAwwdRGF0YSBJL08gRUMg" + + "VGVzdCBJbnRlcm1lZGlhdGUwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAQO" + + "PdmrWzvwmWDlkwJ2dfixfVIRo1pZSdJjwNESLJ9VljZecxuYY6xFL+Dg+ihd" + + "e4qKxEld4/6TuRz7Fja9ScfLo2MwYTAPBgNVHRMBAf8EBTADAQH/MA4GA1Ud" + + "DwEB/wQEAwIB7jAdBgNVHQ4EFgQU6AfSOUMhnzN+9Dx2wF3EhN16/QYwHwYD" + + "VR0jBBgwFoAU6hTsqwM3Uic8t4OMvD+l2YO1c4cwCgYIKoZIzj0EAwIDSAAw" + + "RQIgYx9rf4YGan3nkCQLAE1FjyX1ACWSToTFur9UoPgV3IoCIQDd6Lvuf1IH" + + "IZPeNbyuvBCynu+eDek8pO5B90BV6ImIuTETMBEGCSqGSIb3DQEJFDEEHgIA" + + "ADBLMC8wCwYJYIZIAWUDBAIBBCDAU3cgA2uJqlRZ+VamaDDOoqvwwnJKOBUy" + + "vn/gZKm4FgQU91hwRSdR+ekb4Lt7bjUUxaC/XYYCAgfQ"); + + private static readonly byte[] sentrixSoft = Base64.Decode( + "MIIKgQIBAzCCCj0GCSqGSIb3DQEHAaCCCi4EggoqMIIKJjCCAdoGCSqGSIb3" + + "DQEHAaCCAcsEggHHMIIBwzCCAb8GCyqGSIb3DQEMCgECoIHMMIHJMBwGCiqG" + + "SIb3DQEMAQMwDgQItChrbpZXBp8CAgfQBIGoEus4fyZZwKntfPRRch685zDx" + + "xpdttcCg935o0sLeu9y/iWbtdM0TyhMWS8LBMZgu5Ssh0FwNUJIxCYOGVCXr" + + "V2ab//ARB7FwX4HgiSAQ5/De98hJ7LWBJ7eom6Bs8qi58c+FIz6zntAF1c4x" + + "pI80uTYiGgCs8/TDkEM88awQoL1USQ7SNxHrPnIagR1TIL1MHiwZ229jhjt7" + + "5nzwI+XFgLZ+wc7RCy3MMYHgMA0GCSsGAQQBgjcRAjEAMBMGCSqGSIb3DQEJ" + + "FTEGBAQBAAAAMFsGCSqGSIb3DQEJFDFOHkwAewAzADUAMgA2ADIAOQBCADIA" + + "LQAxAEQARgBBAC0ANAA5ADgANQAtADkANgAyAEIALQAyADgAOAA5ADMAMwBE" + + "AEMAMAAyADgANQB9MF0GCSsGAQQBgjcRATFQHk4ATQBpAGMAcgBvAHMAbwBm" + + "AHQAIABTAG8AZgB0AHcAYQByAGUAIABLAGUAeQAgAFMAdABvAHIAYQBnAGUA" + + "IABQAHIAbwB2AGkAZABlAHIwgghEBgkqhkiG9w0BBwGgggg1BIIIMTCCCC0w" + + "ggLLBgsqhkiG9w0BDAoBA6CCAqMwggKfBgoqhkiG9w0BCRYBoIICjwSCAosw" + + "ggKHMIICLaADAgECAhAqxxC4L9yAIPEUfBRIgsUUMAoGCCqGSM49BAMCMIGR" + + "MQswCQYDVQQGEwJVUzEUMBIGA1UECwwLRW5naW5lZXJpbmcxHTAbBgNVBAoM" + + "FERhdGEgSS9PIENvcnBvcmF0aW9uMRAwDgYDVQQHDAdSZWRtb25kMRMwEQYD" + + "VQQIDApXYXNoaW5ndG9uMSYwJAYDVQQDDB1EYXRhIEkvTyBFQyBUZXN0IElu" + + "dGVybWVkaWF0ZTAeFw0yMDAyMjgyMzA3MzJaFw0yNTAyMjgyMzA3MzJaMIGT" + + "MQswCQYDVQQGEwJVUzEUMBIGA1UECwwLRW5naW5lZXJpbmcxHTAbBgNVBAoM" + + "FERhdGEgSS9PIENvcnBvcmF0aW9uMRAwDgYDVQQHDAdSZWRtb25kMRMwEQYD" + + "VQQIDApXYXNoaW5ndG9uMSgwJgYDVQQDDB9EYXRhIEkvTyBFQyBUZXN0IFNp" + + "Z25pbmcgU0hBMjU2MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEUgRJSWqi" + + "vC+PBvi8iGX6AZTbXpe7sBxWROlO0czQiQaPQ4KvhJ1JjuE2B3IwxR7QhsuW" + + "HEnDUaK9G++Q3e1vnqNjMGEwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8E" + + "BAMCAe4wHQYDVR0OBBYEFDHinLUwlEUi3FXU6HeEcpOs3UIVMB8GA1UdIwQY" + + "MBaAFOgH0jlDIZ8zfvQ8dsBdxITdev0GMAoGCCqGSM49BAMCA0gAMEUCICWx" + + "WcQ3tPPflX/l2T92rob1LNsWVXchmFH3+cFlsxC9AiEA2Dj/whaVyzlIrop0" + + "a9J7v5NJCuzZmdd3IeSJrLm5ZxMxFTATBgkqhkiG9w0BCRUxBgQEAQAAADCC" + + "ApcGCyqGSIb3DQEMCgEDoIICcTCCAm0GCiqGSIb3DQEJFgGgggJdBIICWTCC" + + "AlUwggH6oAMCAQICEGe7tCX/8NRO821wo/vWG6IwCgYIKoZIzj0EAwIwgYkx" + + "CzAJBgNVBAYTAlVTMRQwEgYDVQQLDAtFbmdpbmVlcmluZzEdMBsGA1UECgwU" + + "RGF0YSBJL08gQ29ycG9yYXRpb24xEDAOBgNVBAcMB1JlZG1vbmQxEzARBgNV" + + "BAgMCldhc2hpbmd0b24xHjAcBgNVBAMMFURhdGEgSS9PIEVDIFRlc3QgUm9v" + + "dDAeFw0yMDAyMjgyMzA3MzJaFw0yNTAyMjgyMzA3MzJaMIGJMQswCQYDVQQG" + + "EwJVUzEUMBIGA1UECwwLRW5naW5lZXJpbmcxHTAbBgNVBAoMFERhdGEgSS9P" + + "IENvcnBvcmF0aW9uMRAwDgYDVQQHDAdSZWRtb25kMRMwEQYDVQQIDApXYXNo" + + "aW5ndG9uMR4wHAYDVQQDDBVEYXRhIEkvTyBFQyBUZXN0IFJvb3QwWTATBgcq" + + "hkjOPQIBBggqhkjOPQMBBwNCAAQDdiFKicUv9eMnuVxtjqPZehcK0WI5G32Z" + + "b8SFC9NNgC5XrsL+RuuBE0XtWwihvjT+qNj8zPFQWXFvs4FzJbH1o0IwQDAP" + + "BgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIB7jAdBgNVHQ4EFgQU6hTs" + + "qwM3Uic8t4OMvD+l2YO1c4cwCgYIKoZIzj0EAwIDSQAwRgIhAPMJtaJPuJD1" + + "7ghhshwBDVrF4Hj1aN+nre7i61L5PISrAiEA397jjZDfkiYFihxhCzkh4QHR" + + "dxtce06uhrbaZLwIGtIxEzARBgkqhkiG9w0BCRQxBB4CAAAwggK/BgsqhkiG" + + "9w0BDAoBA6CCApkwggKVBgoqhkiG9w0BCRYBoIIChQSCAoEwggJ9MIICI6AD" + + "AgECAhBo7ji8qjZ1gybJzknvHrm5MAoGCCqGSM49BAMCMIGJMQswCQYDVQQG" + + "EwJVUzEUMBIGA1UECwwLRW5naW5lZXJpbmcxHTAbBgNVBAoMFERhdGEgSS9P" + + "IENvcnBvcmF0aW9uMRAwDgYDVQQHDAdSZWRtb25kMRMwEQYDVQQIDApXYXNo" + + "aW5ndG9uMR4wHAYDVQQDDBVEYXRhIEkvTyBFQyBUZXN0IFJvb3QwHhcNMjAw" + + "MjI4MjMwNzMyWhcNMjUwMjI4MjMwNzMyWjCBkTELMAkGA1UEBhMCVVMxFDAS" + + "BgNVBAsMC0VuZ2luZWVyaW5nMR0wGwYDVQQKDBREYXRhIEkvTyBDb3Jwb3Jh" + + "dGlvbjEQMA4GA1UEBwwHUmVkbW9uZDETMBEGA1UECAwKV2FzaGluZ3RvbjEm" + + "MCQGA1UEAwwdRGF0YSBJL08gRUMgVGVzdCBJbnRlcm1lZGlhdGUwWTATBgcq" + + "hkjOPQIBBggqhkjOPQMBBwNCAAQOPdmrWzvwmWDlkwJ2dfixfVIRo1pZSdJj" + + "wNESLJ9VljZecxuYY6xFL+Dg+ihde4qKxEld4/6TuRz7Fja9ScfLo2MwYTAP" + + "BgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIB7jAdBgNVHQ4EFgQU6AfS" + + "OUMhnzN+9Dx2wF3EhN16/QYwHwYDVR0jBBgwFoAU6hTsqwM3Uic8t4OMvD+l" + + "2YO1c4cwCgYIKoZIzj0EAwIDSAAwRQIgYx9rf4YGan3nkCQLAE1FjyX1ACWS" + + "ToTFur9UoPgV3IoCIQDd6Lvuf1IHIZPeNbyuvBCynu+eDek8pO5B90BV6ImI" + + "uTETMBEGCSqGSIb3DQEJFDEEHgIAADA7MB8wBwYFKw4DAhoEFBANsR/ZVCiJ" + + "TzN4ZU2XvrYRR08dBBSWTwZIoxkxjXzd/mWKRFVbSOKwCAICB9A="); + + private static readonly byte[] sentrix1 = Base64.Decode( + "MIILRQIBAzCCCvEGCSqGSIb3DQEHAaCCCuIEggreMIIK2jCCAhAGCSqGSIb3" + + "DQEHAaCCAgEEggH9MIIB+TCCAfUGCyqGSIb3DQEMCgECoIIBEDCCAQwwVwYJ" + + "KoZIhvcNAQUNMEowKQYJKoZIhvcNAQUMMBwECNhVXbrzrAMNAgIH0DAMBggq" + + "hkiG9w0CCQUAMB0GCWCGSAFlAwQBKgQQ0BXsfgqcfDzPx5NaTbwA5gSBsLxT" + + "h8b5ZF/F7oq+45GTsDisspv1ZcJrp5fwg/PWmxA4ao/LarQX+b0xXq+TpCMN" + + "KtvWG+tRHoJfNcMlKLlppi0LV0WHQ6juj5zvb3lQX8BUvWOjCNz9z20tM5w+" + + "4lD6vZsDgXEi56feMwprdfw/Vq1mZJ3wBBsoSJtMRZoh580C5ij/BCbczA/O" + + "mFYGN/Ix9KYzxC/ecPWADbe7C7yVbIS1aNh5EVcSkVNf8zhEdOKNMYHRMBMG" + + "CSqGSIb3DQEJFTEGBAQBAAAAMFsGCSqGSIb3DQEJFDFOHkwAewA2AEQAQQA2" + + "AEQARQBGADAALQBFADAARQBDAC0ANAAxAEYANwAtAEEANQA2AEMALQBFADMA" + + "NQA5AEIAMgBFADEARgBBADQANQB9MF0GCSsGAQQBgjcRATFQHk4ATQBpAGMA" + + "cgBvAHMAbwBmAHQAIABTAG8AZgB0AHcAYQByAGUAIABLAGUAeQAgAFMAdABv" + + "AHIAYQBnAGUAIABQAHIAbwB2AGkAZABlAHIwggjCBgkqhkiG9w0BBwagggiz" + + "MIIIrwIBADCCCKgGCSqGSIb3DQEHATBXBgkqhkiG9w0BBQ0wSjApBgkqhkiG" + + "9w0BBQwwHAQIqytIbVkt24ICAgfQMAwGCCqGSIb3DQIJBQAwHQYJYIZIAWUD" + + "BAEqBBCU1/xxOdG62x7n1Kz/4wPJgIIIQK4qtOJGR/+2+HD1MYVhFGaqYKpB" + + "wRQ4lg9HI4BYolGqJT19NgpSc95nFfq5nLoCI4nnH7b9U7p2t7wRR08tz5NO" + + "kPLt2DgOd3cOJCmSv9I40OVBuST6tukzwWi09x7uaOLqATvqfLrISDxYWWID" + + "O9QXqTLazwtgszk6eorZh9bogoINjdXOsZgDYHfHJvttBITI8fxLbUPjE/Fw" + + "OZxeMGyNYxJCJtA+z5Tx6AmMGae6fjb5b9/bBAgvNTb/DN8m7+sLEovSB0sb" + + "v9QB4kKzyxlQsFTuXsAQws5hIdiTC6FAu31WLW5zm41BVthZMP/WoQvh9sxz" + + "X0rvilfZy61wp8zYIC4QfwKMzJWx4Phs1AlAzpDZCIDfETdkOmy3QQ/b9CL9" + + "wSy3XVf8ddHg9RjejmfaSpyFuYtRPp0itj2RpAE3NUfTAiuaCmfATP7Dl2SN" + + "uzYroQYNa3rvc7p/81+CT00xo4WVQr5m7n+QItZRm0z1/c+GegoU4z2tr9QN" + + "jhy3HdzUQ1HmMXM3ST6m+Eg7l45JUFVqr55wh8JPNPlL8+5zTIgeCN9Xhp2b" + + "p7ex39stnTPIA6+3EX7b/x7ZLayJmyCRUT5IbZmL0qbBdceeJe07JPWlEmn2" + + "Bz2zVvufpwWXezy8TDW3KukciXEiiZnTIvC4Ep/ZV5g6Peonljj4CRF5cOuW" + + "SbTHKPuI5zUxhUxwQADDUquL8CsBpPC6NKEePUOLFPtPxv6p5HpYL+9S9lyT" + + "IUOy+wLqf4JvJ4YCVVS3PjiiartvrIFCMnxhtREcJHzlsU5Ed642Tjq2mshD" + + "aQd8kc2toKRkmFxwLdwK7ILTYFaH8DlGOrPxWjN0PIcV2km6sof5e2v9vVoy" + + "7alkC4esz9mLSJTDvdHXqlE73k8tOti6t1u8l9pYEoOfm/XW5ojVYRka958m" + + "T2ROImrsl9pKU0rIqOAsvtUjSNuc1abuRW73FTI8LXGseA443zA1XNgLbAK3" + + "9doF9Iz8WYWHlJJ3FgqitUM3dwORtrEAIjk9oibPk2yAd423VTS2sk7e8GLP" + + "X4/uBhq96QxDLvh2v7gPKgEnE/U5GDiUoZJ8Z0kYCalCeDjsNAALFeATLws9" + + "R3BnsTFyLWgxydWZMDPSHsUq0fKyQ0ewA3bMdlEug+zRTt2MgTc61bIJjwDX" + + "w7e5dk6ZXixj16hjaUf5co3PHM6wjfB5AKpISGeF0h7SIfb1e5ZkDQUD0EcD" + + "nrMBTmASX9w3LvivvbFnVCyI5T3nymIkJ3fMsBZSoKZJD8yut5U2/OPpGIV1" + + "RVKslgeMrFX27f+VinwiaTl1J/w1xi/cu/ia49UiMPurXrqADi/3es83IG0H" + + "b4kvWq9U8NquQa3RLnYm5KkdrrZ9CBZtaZwmlEGW9MsqB4RmkqgK7fx+7DMP" + + "JJ8pF7jxk34DwKsh2Eek8zDqZgGLT9cy2ZnZOrhg5R8nvR91FGlYMMu09utF" + + "QONv1uU5Z74JrJRWiMR02s2tnUq8mQsldNH/yWFfvfFqq4ftxJhpmds3PmEA" + + "wHT00JqeuTKHjHC3+9BJFHc9wpvFI504MCEWUs9cT1il1Fq2It3VOKnUteVc" + + "zh7iRK+VxYzCxsvY2DkhUfT6UouDBMPOFQWFIVqorSIkFf7JhjCNm3zdlFt0" + + "v2UweMwBMYYnq4yoxxACPEUMNklM8wPzLsEn928MiuVduwbR6QS4PftYLxEE" + + "Y1JSOMZND8sDqAPPU92L6yVFr6Q22CtSiU1OVvZfjrGxFBm/SxR+ZwQ8tS9g" + + "RZG3IydyzEW0I6es1AHTpY1G9fv3MamGEAwkOAvd7+uVP7S2uDodeUpNlEb1" + + "gglDwt5VbbDyqPrCNqnoobL8mtnyMyEmXF4/RcLZ3QGg+ZFntyb8JRMfHMVF" + + "tHzhjW/SMDAr9K+x91eFDsTBll87VAvFaGXT5ICz7Jl+Ya0s18T2kX38G61H" + + "OWUgGbo7n9toZq87jbweXQvV8NbG9Y6pqLsMzHZdKMLx7N0kUF3enR0esyJG" + + "y2dGrtUwIZoKreHEvd8LyUfKXXqUWQHyqriRuDW6TcbA81fS+FkYKKHAcO7P" + + "PgpjLYQ5olY+oUaIMUiFiGV3W0T/K1nhDvj1us1xr/rfFg2nW0CzcOUlQoNP" + + "Q3v01hexOZz5X26tqzCL70uyMO0V0puTH/ONOEuzLGB19+qCcSuEcZETpjAy" + + "esm2SVDxyvIJWE+SJL3IGzAvC5T0O/fuCN7RuxesEOqpJyr4dGrGbkIUFNga" + + "ozlOGyUndSdjTjswRyLN0b+xiV2nDkg9eW+XkUQQkLbIVN4g5EDwxQ2anA+S" + + "VXPHmxZiA63TP0uQjc4flYipGUqIb6ljpZ0i2d9uBCvLCUoxbDt3L6xB8set" + + "z/OTE6dLHvlp39d01zgb9dotddChmrNLqUblQHwBSODl9Tx/VwZp0O1ovwV3" + + "S4Ry3MNa/IUfqEoRiWESAzkoYhvss7mz9bDC1klzzL9yjMePao1gR2OOwzr7" + + "sBOsGn4i+JGhA6b3fDuYhjwqPhPvCuKpWlsjx/C6ggcDv0GgPT9R98pJudrM" + + "BYJ3Yw1D7sUDqVV9r37cm0Ejo6U+IfIotSMSnBS/drS1Iukn2p2S7rrLlR9P" + + "WSNrtahaWVyhLMXmbLi+qT42kQNuX86BAyjrIO7gC9qXbFwqJuqQCSwb3o3G" + + "qbpw415D5N6gE70rYqefUlMzTdYBN7b0dWekeMJ/ZHczgNs8EC2Ii64kwJAi" + + "E9bCe9r27lXAl30DoZAReEzgxgu3TJtk80AONOZ4hB4Yts2siNiKW8NlfcEj" + + "cZljSDnrr/oXsQ6syS0BEo39X8EUKDBLMC8wCwYJYIZIAWUDBAIBBCAW593P" + + "KATFUHkkFcxqxEW9ybh9TqEE+XvuiFH3izM8TQQU8gium9+cq8FCf8BxT1G+" + + "59no+6YCAgfQ"); + + private static readonly byte[] sentrix2 = Base64.Decode( + "MIIKxwIBAzCCCnMGCSqGSIb3DQEHAaCCCmQEggpgMIIKXDCCAhAGCSqGSIb3" + + "DQEHAaCCAgEEggH9MIIB+TCCAfUGCyqGSIb3DQEMCgECoIIBEDCCAQwwVwYJ" + + "KoZIhvcNAQUNMEowKQYJKoZIhvcNAQUMMBwECNLmcXtb3SOSAgIH0DAMBggq" + + "hkiG9w0CCQUAMB0GCWCGSAFlAwQBKgQQG3jOE88tMcGPYiMn4frFZASBsIXA" + + "JRyUSyy0UfmoW5093F213ROErwIKSwInMD2x/jAHBOK3tTLGiH0YZyy0kqnO" + + "BfjbvweJ1FZOLAAfFiERX+hEFJN0yll+mweUU/Yrgyrrmtre4Xn4bJWVN7k1" + + "j6dU/Ub5p8FMpROmG4biiY1L5GcjOFZCiQiVaSh6FWwsN/qcdaTfJi/mKjsf" + + "TGk/G/intuvPxTgQC6c/ZY4MXpQZ6CFHf41mF9THgR0Ur+WgNSW7MYHRMBMG" + + "CSqGSIb3DQEJFTEGBAQBAAAAMFsGCSqGSIb3DQEJFDFOHkwAewA2AEQAQQA2" + + "AEQARQBGADAALQBFADAARQBDAC0ANAAxAEYANwAtAEEANQA2AEMALQBFADMA" + + "NQA5AEIAMgBFADEARgBBADQANQB9MF0GCSsGAQQBgjcRATFQHk4ATQBpAGMA" + + "cgBvAHMAbwBmAHQAIABTAG8AZgB0AHcAYQByAGUAIABLAGUAeQAgAFMAdABv" + + "AHIAYQBnAGUAIABQAHIAbwB2AGkAZABlAHIwgghEBgkqhkiG9w0BBwGgggg1" + + "BIIIMTCCCC0wggLLBgsqhkiG9w0BDAoBA6CCAqMwggKfBgoqhkiG9w0BCRYB" + + "oIICjwSCAoswggKHMIICLaADAgECAhAqxxC4L9yAIPEUfBRIgsUUMAoGCCqG" + + "SM49BAMCMIGRMQswCQYDVQQGEwJVUzEUMBIGA1UECwwLRW5naW5lZXJpbmcx" + + "HTAbBgNVBAoMFERhdGEgSS9PIENvcnBvcmF0aW9uMRAwDgYDVQQHDAdSZWRt" + + "b25kMRMwEQYDVQQIDApXYXNoaW5ndG9uMSYwJAYDVQQDDB1EYXRhIEkvTyBF" + + "QyBUZXN0IEludGVybWVkaWF0ZTAeFw0yMDAyMjgyMzA3MzJaFw0yNTAyMjgy" + + "MzA3MzJaMIGTMQswCQYDVQQGEwJVUzEUMBIGA1UECwwLRW5naW5lZXJpbmcx" + + "HTAbBgNVBAoMFERhdGEgSS9PIENvcnBvcmF0aW9uMRAwDgYDVQQHDAdSZWRt" + + "b25kMRMwEQYDVQQIDApXYXNoaW5ndG9uMSgwJgYDVQQDDB9EYXRhIEkvTyBF" + + "QyBUZXN0IFNpZ25pbmcgU0hBMjU2MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcD" + + "QgAEUgRJSWqivC+PBvi8iGX6AZTbXpe7sBxWROlO0czQiQaPQ4KvhJ1JjuE2" + + "B3IwxR7QhsuWHEnDUaK9G++Q3e1vnqNjMGEwDwYDVR0TAQH/BAUwAwEB/zAO" + + "BgNVHQ8BAf8EBAMCAe4wHQYDVR0OBBYEFDHinLUwlEUi3FXU6HeEcpOs3UIV" + + "MB8GA1UdIwQYMBaAFOgH0jlDIZ8zfvQ8dsBdxITdev0GMAoGCCqGSM49BAMC" + + "A0gAMEUCICWxWcQ3tPPflX/l2T92rob1LNsWVXchmFH3+cFlsxC9AiEA2Dj/" + + "whaVyzlIrop0a9J7v5NJCuzZmdd3IeSJrLm5ZxMxFTATBgkqhkiG9w0BCRUx" + + "BgQEAQAAADCCApcGCyqGSIb3DQEMCgEDoIICcTCCAm0GCiqGSIb3DQEJFgGg" + + "ggJdBIICWTCCAlUwggH6oAMCAQICEGe7tCX/8NRO821wo/vWG6IwCgYIKoZI" + + "zj0EAwIwgYkxCzAJBgNVBAYTAlVTMRQwEgYDVQQLDAtFbmdpbmVlcmluZzEd" + + "MBsGA1UECgwURGF0YSBJL08gQ29ycG9yYXRpb24xEDAOBgNVBAcMB1JlZG1v" + + "bmQxEzARBgNVBAgMCldhc2hpbmd0b24xHjAcBgNVBAMMFURhdGEgSS9PIEVD" + + "IFRlc3QgUm9vdDAeFw0yMDAyMjgyMzA3MzJaFw0yNTAyMjgyMzA3MzJaMIGJ" + + "MQswCQYDVQQGEwJVUzEUMBIGA1UECwwLRW5naW5lZXJpbmcxHTAbBgNVBAoM" + + "FERhdGEgSS9PIENvcnBvcmF0aW9uMRAwDgYDVQQHDAdSZWRtb25kMRMwEQYD" + + "VQQIDApXYXNoaW5ndG9uMR4wHAYDVQQDDBVEYXRhIEkvTyBFQyBUZXN0IFJv" + + "b3QwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAQDdiFKicUv9eMnuVxtjqPZ" + + "ehcK0WI5G32Zb8SFC9NNgC5XrsL+RuuBE0XtWwihvjT+qNj8zPFQWXFvs4Fz" + + "JbH1o0IwQDAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIB7jAdBgNV" + + "HQ4EFgQU6hTsqwM3Uic8t4OMvD+l2YO1c4cwCgYIKoZIzj0EAwIDSQAwRgIh" + + "APMJtaJPuJD17ghhshwBDVrF4Hj1aN+nre7i61L5PISrAiEA397jjZDfkiYF" + + "ihxhCzkh4QHRdxtce06uhrbaZLwIGtIxEzARBgkqhkiG9w0BCRQxBB4CAAAw" + + "ggK/BgsqhkiG9w0BDAoBA6CCApkwggKVBgoqhkiG9w0BCRYBoIIChQSCAoEw" + + "ggJ9MIICI6ADAgECAhBo7ji8qjZ1gybJzknvHrm5MAoGCCqGSM49BAMCMIGJ" + + "MQswCQYDVQQGEwJVUzEUMBIGA1UECwwLRW5naW5lZXJpbmcxHTAbBgNVBAoM" + + "FERhdGEgSS9PIENvcnBvcmF0aW9uMRAwDgYDVQQHDAdSZWRtb25kMRMwEQYD" + + "VQQIDApXYXNoaW5ndG9uMR4wHAYDVQQDDBVEYXRhIEkvTyBFQyBUZXN0IFJv" + + "b3QwHhcNMjAwMjI4MjMwNzMyWhcNMjUwMjI4MjMwNzMyWjCBkTELMAkGA1UE" + + "BhMCVVMxFDASBgNVBAsMC0VuZ2luZWVyaW5nMR0wGwYDVQQKDBREYXRhIEkv" + + "TyBDb3Jwb3JhdGlvbjEQMA4GA1UEBwwHUmVkbW9uZDETMBEGA1UECAwKV2Fz" + + "aGluZ3RvbjEmMCQGA1UEAwwdRGF0YSBJL08gRUMgVGVzdCBJbnRlcm1lZGlh" + + "dGUwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAQOPdmrWzvwmWDlkwJ2dfix" + + "fVIRo1pZSdJjwNESLJ9VljZecxuYY6xFL+Dg+ihde4qKxEld4/6TuRz7Fja9" + + "ScfLo2MwYTAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIB7jAdBgNV" + + "HQ4EFgQU6AfSOUMhnzN+9Dx2wF3EhN16/QYwHwYDVR0jBBgwFoAU6hTsqwM3" + + "Uic8t4OMvD+l2YO1c4cwCgYIKoZIzj0EAwIDSAAwRQIgYx9rf4YGan3nkCQL" + + "AE1FjyX1ACWSToTFur9UoPgV3IoCIQDd6Lvuf1IHIZPeNbyuvBCynu+eDek8" + + "pO5B90BV6ImIuTETMBEGCSqGSIb3DQEJFDEEHgIAADBLMC8wCwYJYIZIAWUD" + + "BAIBBCBCJwZMDsN2broPYLtjChQUP0SXpWaZXvReNZENmLRhmwQUHSk3B2Ij" + + "LOhDDVV1zCxAAQ7XjkwCAgfQ"); + + private static readonly byte[] sentrix3 = Base64.Decode( + "MIILRQIBAzCCCvEGCSqGSIb3DQEHAaCCCuIEggreMIIK2jCCAhAGCSqGSIb3" + + "DQEHAaCCAgEEggH9MIIB+TCCAfUGCyqGSIb3DQEMCgECoIIBEDCCAQwwVwYJ" + + "KoZIhvcNAQUNMEowKQYJKoZIhvcNAQUMMBwECKDaE6qqgBaCAgIH0DAMBggq" + + "hkiG9w0CCQUAMB0GCWCGSAFlAwQBKgQQ8/tQCUjOKfjw9utJiNBAXASBsHmJ" + + "/o9iTQbJFD0GsBDTyuAoqpC5l6FRr/yuAqRR9sr11qBg3qTsM7bggOjKR35D" + + "gHq1ODrrMAJQ/esG4xep6kpX7O5W1tGwTgYEQlucUI09Sel7otMJ+JNhKb+h" + + "6+9bklaNc33FOCnpuyfn/JT0xp1K4NTDIHT1XgTwRyJkaqYssINg3Hap7cyv" + + "EikgdFc/crpyXMkNwsmvavtYxaqTrLnizSiYgodrx/uMAUY/X1VEMYHRMBMG" + + "CSqGSIb3DQEJFTEGBAQBAAAAMFsGCSqGSIb3DQEJFDFOHkwAewA2AEQAQQA2" + + "AEQARQBGADAALQBFADAARQBDAC0ANAAxAEYANwAtAEEANQA2AEMALQBFADMA" + + "NQA5AEIAMgBFADEARgBBADQANQB9MF0GCSsGAQQBgjcRATFQHk4ATQBpAGMA" + + "cgBvAHMAbwBmAHQAIABTAG8AZgB0AHcAYQByAGUAIABLAGUAeQAgAFMAdABv" + + "AHIAYQBnAGUAIABQAHIAbwB2AGkAZABlAHIwggjCBgkqhkiG9w0BBwagggiz" + + "MIIIrwIBADCCCKgGCSqGSIb3DQEHATBXBgkqhkiG9w0BBQ0wSjApBgkqhkiG" + + "9w0BBQwwHAQI5w8DkzTclKsCAgfQMAwGCCqGSIb3DQIJBQAwHQYJYIZIAWUD" + + "BAEqBBCbqbEsYTwhm5BVxA6YOSbygIIIQAJb+MhOyNMcUoLQiuX1xghRaVlV" + + "SZ1kHFIe47EUaJehv7iEwbApE9I6W3DkEmshf6UB46Mo7PfhOII9XUCmUbqi" + + "6hgpFr22YmiFJaVfgCwnGpyjqXuuaYHpTYEiSRSkKLJjh6o2FwRkAYDXt7AW" + + "dD8yS0CtLp8Qp8eD5D5qyXfDKDof5s5x9hyO445jE7bL+Y8L7lTpaouBEefG" + + "w/+v5JGnk/Fwx+U7iItna08MTYOdoIKL5UZw/bd91TUfML+juj0Yj89lG/gJ" + + "gAAem7RYXk9AIZPp9n6WREFTSaVtywAMD0yehGeUZ41zigLufW6J41Qcug0/" + + "crf3TbUJahwqo88Q+1DYnAPfTKpOMDsbGVcuzRSI3WA8vnvMMGeE8q+Mib2s" + + "G24acJGpUz3WYir78aRIDTp1LWDDLpguh7FZMmlQ8MUVRUNvtq/69yTdO8KS" + + "cc3a3UW3dxYl+zrmE/AyoXgk/Z6Nsl0BU+1/C/UxrlYgWfubK0+EBqa4x9Dw" + + "uH1tB6hWFjvyb8GbzG8RduReLYWfg+ibZOIjMMxmzSSK0/+AWm0Avt60HikN" + + "bBnHlMRkOMM6RNDg85TDI6ycnQGCvMxlkI4zrxwmhSXDJijMv15onjo1pa2k" + + "HsOnYUhltUWWJy5dW7/I2TiM/qmJVJFfCx3Bt6cMhynv3cWX9wgFYbJv2eD0" + + "hLL5eFyk4K1EGLLs+l/2M/3ojSI3j4WDQELXDejWJUvQz1zyO/XKyF9BgGNK" + + "1JethKU0FqBjLuZTtGHuUDB0gk1ZSdHh28C2yaqZg6+wDb+2Mtbln1SU9q7+" + + "LvkhsnSLXOB8eeGPgn6l0Q2km+zgziP6Iq2j86uhgK5gRuKIjQqDYHYz5NOO" + + "FdwVM1os6+xwPn35u9JAsmG1vj0JMtqCAgxN8FoXoL3IGaQoWz91BLxQs7Gp" + + "gNfm1pysbYp+1vB200Q5HZcS7/FQ6OXcMLQVx5ws+Ds77yYh6rX4cSV7j2Qv" + + "o/n+AiIrIEuRJUnCAm7A3RV9jub7r6xUcdJk4UA8K1/Wiuo/xhzfkI58VVaU" + + "Liow3papP34XVJgX+NwkXT1BUlpL6t9uFOgupmAHnA3J9daHi72WWz206pkU" + + "CbGm3g45eWH+cH9SVnWZ4pG1VghrZqfyjKR6Ip/Si69/bhXcvhvjHkwu5DJ9" + + "fwimIGXGw0X3Zi8+NgB7NSEXim4EyjlBBXRzjNyS8Hf9JpMYTXk9pSH0o/BQ" + + "dILzy7z9uaSFpfuffLBK9wM3FJUWnjPToSnnNa7zGDAfSJyMcxGP8I6kRx07" + + "UXA+zt8fu/lB97Sb1d58XsBo26mq9hlLz+qdMh3p/EqUJq552cOlyO7W0Gb+" + + "HKiGC5egxlFRTr0cKAz8bX8M3Hwursqn8ZYYYUrcCZfVMJZMOaq1nQ8H5M6H" + + "vWm9yByeYZIuWR8sB8XUa8SmVIzavjONnZcZe7gpmJHQ08JRrmgy3Rgcv5UX" + + "SaqfNmmHFJl61A7RPy/kLhODTP638L4JRUXFSp6JvpkH+MWv35BGA3DVYkW/" + + "vVhn9lnh80OmDxpfRm2xARik5fBIlnf2ZO2IrKQeE/DLjQAhq/WYzOPSYRMY" + + "AAXfinpZYDbG4z4KcZ6imHB8u/DMZ1PQIVLZQJkZQlBF3Je9R5kUdBzW7i/h" + + "rhLGFlMyKj85Vd+YdlZsoNqo6TkGJrmSskUW2pIZegVH4yiYbbuP2dmBuFFL" + + "UWyhMD4haLS8mJFGv162kMX4Or11ml6Cg42Kq2B72MrxbAXN7eXgrJUDvi0s" + + "yowqUtQ86zm9IyvsUkgB2pU5U82nzUxh78gI3Xiv6C9Hwex1wx9xqfuS6myA" + + "WY0FnpzsJdvD+eUN24tHMcyrdDipq20v9gSvNC+E4y2tPqSo1uF38ZndfsTc" + + "MywyzF1zH427uGy8O0yGnAScm1XFoqQ7KVBap4AcWI3u45yNvk4qxbJ3PYQ7" + + "oFwrQwSyxLYASwwzz+LZfP2G+lfZiUZ6toM+nTjMvnx/ezFu2srWGD1LLU2E" + + "KrgPzPPTd7sYT2zjegi5MHPHS7YVfoNk6svsPrkdGacPVdW3qBUkCUpveWz+" + + "65lAiGpoAybG+0NY5iSGI6oAS6lqEbI59ytUegiZfw/yCUzVorJOWT3sGx2e" + + "Jv/0GqsJzTk0Z44YGsD3oZC9vHjLqtGZFJGh4sBBFG79jz1y5yPCICczi1Ob" + + "m13RnzATdQIlHmGCgn/EYhs7L3aTuZzuouw9UF4H9/9KerDGHuTAXH91rBmM" + + "A7wbfEPa0ahVRznE6SY40mXnR4v/1OHLqR2LbQXF0yyMD3tUQU4Z5IamLETZ" + + "4czTGYe4jJ56DHoGCgUM0D7UcPYeCOkJ2dF08KGkaJK7+3m/hC5h5xeji4cZ" + + "9IWRWl5cs8Knbjj6UzzJoFhLEqAGpk2eVe/37GRBgAEYhYgVxgR6TSVjKTFr" + + "gR9SVXriBNbBtPXJ0FrnH7mB5CEvZutbWkMdUNhJScd91Hqxepigg8FLHGdk" + + "WlkyeTQKslfAbsmi9Fts662aH62av5cMAb/qNcXFDHYOaf8C9n0tj6oy3RTl" + + "3vWBaCHNElYbR5Mr7BgK4NDqf5gu2+7bznxNLQU9OEzF3fCFzk/yXBr1/jnw" + + "qp6kFDJ6juV6LOJx1GrZAMk4YYk7MbaNWrMhjMtjtgF+yULppQrm1kIS+AvL" + + "LrRKlFF/VkWHeYNsmZqLfuaYTK7sUG7lEiQJtyBzIMFJR7+4GYbgAjEbHUtU" + + "bCHLQzAOj3IyJRMBQ4nZwDpjeLQcSg6Hn36ChEEODvjgK6X6itdcpV3HUXEO" + + "I3QQrVjIwwlzb97t3amLIACawBnS6jBLMC8wCwYJYIZIAWUDBAIBBCAUXt8Q" + + "ibBrvMZx3gRniSJ3WyTswVw8Uhlh2334lHDeXwQUKbP3m3YDD6TKUgoo7yiq" + + "V71jzcoCAgfQ"); + + private static readonly byte[] repeatedLocalKeyIdPfx = Base64.Decode( + "MIISUQIBAzCCEhcGCSqGSIb3DQEHAaCCEggEghIEMIISADCCCDcGCSqGSIb3" + + "DQEHBqCCCCgwgggkAgEAMIIIHQYJKoZIhvcNAQcBMBwGCiqGSIb3DQEMAQYw" + + "DgQICxSuOGaRUU4CAggAgIIH8EeSXfPe3pE5Dzzhpdd1OyFTfQnAMDBkTpxh" + + "TYnvxZc9uKGmMils1HHS6iKV+VfIyUUvnFoNULy9DIQkkOZK8panWq8ORX+8" + + "VgdJrlxbUGOB/O4MXgAptWpMHsL4Dc4CvIH3iR5oaRLI53e/9X8Y48T/k8Xx" + + "lKTS08lM6AP6rHjCEgKtkj4xVU1m+GZibc52edUtW5Tc3731n4n9kf85XGrx" + + "UJ4+PmwHx0DGjpmBRlAk0/AnQrW4MYIx5tuhR3412M2WaJM2M8pizCcMWVyn" + + "YlBJ8PkgfS3t5Nq2KJNWAnZj54zfINDKaLNL0SnZakN0+DHiMOB+Y7kFIqKD" + + "CM6aUP5LBpWYsZKUkTX6gcOOhz0+nzrtmP4tGL3xGpazrrOoZTrzQDZBVv1y" + + "KOwPoOrv0u44aVoqIXzlAm7VEHSsVkLLQouqsmqWagWypAn2zahVMR5rGflG" + + "04IgLGBWIU4hPx59TnxyOUtYn2mGS0pK7Xyim7nHVtCC63OFqy/Pm+4TQkLc" + + "+ZMLs8EdMtXuJSfOE5mMnPPkgwFAjF3MsG8ytjBS1xAdPCqsD4fH6MKeT/fF" + + "A6SFYd8M0btGa30dBRAVF2DNkF0zUwtTYysh6Z25dgxAf6HKYy+SpqMOJJl9" + + "eAGULAjFkB5i/PVDPjk7QuipgfVc35/zde38WAKXkfQuhvn9xkjtplRnhkMV" + + "7Sgvo5Yaaz1Ee8i3VeeR79JXd9UjOSEt62AOb6Isf8hx9v87hcGD4bUQUQNl" + + "zEHcifkEjRecB6EZHKq8MCAkz53bN2Vr6y3ET2ImBdzaYrKLixsTJNELCzbl" + + "L+U8JXJr2RcEUOSPW8mmypvpVV5GPmSi72Qx20raTyLhrVLY4yGt+pdNGqSd" + + "LjegYgSKnYgePXLU8pZVPSCLuZ9Bonv1l2PFPr7dQvrDALk9Q9FYLnAFc7Jf" + + "zYIiaSNAeiFCGvMpjiNIUMS1bqeAv6bnJg7YqFS24M4gztSxxooTY1L3ILLX" + + "aJfkYxPbQAonKgKuOHxUM6RHyxPTLLQCmLa2JeyKDEpC0pC+VL6d6UJyOI0e" + + "o2Lu+Anby5o/fvRtww4pz2yIbMsaEzxMyu+HtWkANo+g3NSxu6VylcrUq/QQ" + + "r5csLC+37eJyi2OKDKMSUPt3vkVk+5yu830oNHCEhn4kHCISC7rDb0QMfb8F" + + "hvmZXILcbmdxsKc+4Lzk4rhrsn2xBu4OL2JKNBYlfIV4n5GfPBBBuMzAC6eX" + + "2OLpaxq/DlbkKzaJtKyj6+npe8CGO/82Yl1OaG6vbLXoSD6DGMR6AHq287tq" + + "aCSiu5J/a33BUo1DfuEFOscXHipLPvkM5JFx7L/0OfvJcioe1VOtrL9sRZ1F" + + "8eWSonj2EEidxy6mDhbFDPMqnPo0ETay+VXNVznzmrW7mtuQ0ZOAZ84DMDUy" + + "JallUgpK1zvwae0sIXdblTN98DGU2hFpXMu9n030BmhkEEJRbKikxpEfWcxI" + + "0j7+276v6Z32C4BpoeGFxpfrpozwJzTBoGlkN408thpB/llqkBSeLtxEnSKO" + + "SbpKquR6kg4FYQwq7pbKQuSjvKztIhdCDanmi+cPNppHyGmbf4yDMtWOLGhU" + + "cLUbdMJ8jWcvDZiKwzB4s1Qka1Z8qVi5VVEPhpzh4E89WqSoRtgLbhkoy8mf" + + "BlptXBWggXs+eR/s2YXb3nF2ZPnYQcn1+alCMM8aXf9HEeaFGEsEAsANglu9" + + "lnlaGFLbzIeGwkpGFLVlj9Fd+s+a6OVmeaPCa1cZaTKzdC6FqHd3bxalLBc8" + + "fDcbJPDYsTYFEajw648HG3x3oyk+P5WOa9ULup6emu/zOhH5VPJcj9CniLqq" + + "EZDaIDPRqu0g5MZir0EdXL6FvRU2o7W8JE7fzSYxlAWcUbuY6TdaGO7SOvxq" + + "oRKpsIzcmBLpw1t5djii/SohQR/2mJhvqETWvOerfEQr3vXnwurVUC1u/vEO" + + "lCqCRNLH0qzQUFrwzm/kMWsaDMb85XYQpZ+StT6n5AHWNWuQG3bmZIjAY9R9" + + "AbPWi/eSYQF/1E4qZ6WE+S2VOg3i/iVT0MtJzuGXRl1rycZv2vPiskEvVGhT" + + "DbqPWapGugbXLIne6b0C83EtK9H8s/TdDcRupjzW9J/8+p8+DJROgg6y2wIm" + + "SiUKHMZsuU9+e5+z87HVB9t2y0RsARJdbB9NhuTZk7ELztNponTMdJmUyIT0" + + "phdz3U9MFEWnHccMMGo3KqopOsrGT9YqdcBSSfSOyckVBQzgzVt8ypWqusW5" + + "j53OudlwcoudmOTdUfYoEuDWGYgoGqSEOnaU8dqkl4ZffYUIeJuTwclJd9N+" + + "onB82b5FpzXo+sO6DWpNJ8lGE2mOqt4H/HvRwTJ5pfXlZSmGom4eq+WU6XfB" + + "CRE6ehopnU91wey0/lceYPshOQriqoVE577xJKU3zWuWzFwBvanrN2YxptdV" + + "xNiKabM3UmSxgGtxITEb1pCAGBTZzBL175CvmBF6VyamVe4YH7wuQ+C2jEle" + + "xH6xo+1eWyPT5L5CSVFgiJpxX2WoI/8qvnSdagJW0+IQWk1nfNJb2aNbBu4z" + + "Iw6txeGxtQHPhF5eyVgRDE6OannycbSOJMi14q8n4zhyJebsY1wldB31XOFV" + + "pnCRNUcMcueAMioxliO7K81O8SiQVbIyVsc2GYQqhevdDHwj2azat60kNytq" + + "nimsplgyD84oeMMwaqbciAOItPbdqbz7zGIwggnBBgkqhkiG9w0BBwGgggmy" + + "BIIJrjCCCaowggmmBgsqhkiG9w0BDAoBAqCCCW4wgglqMBwGCiqGSIb3DQEM" + + "AQMwDgQIGF7xpMpvXmgCAggABIIJSD9TY2dCx+BYL555TLN51ksuTf1NkXjD" + + "Az1uymDqjoQ1R67CbcHU2qPKwIW3fZT7OmpiPI8cgogKBvcFnngmfeuvZYST" + + "gOW2iD83m5PlaoIa2iXjqdPdCQF9rVwkBg6VUYWlVd9qR0LPKT3u3UsScN2d" + + "qPeeSVRL8W4ESR6OMgiEIts50cjUwb2acqy3So9LZU77/D6uynj5+iFwYxlb" + + "yX/70oegWqMZyiZfvGT1UNMQxF/hs0E7ZGW1RnWjixVI+p3Pvqw36mH9j3Xn" + + "ms5Eg4mhbyBXRPIsq3/95O5NRh84R9atvR+zn1Pd59DKIUVf11w6HZoNOtH+" + + "XrVG7MpLVFIbgxZWzr6JIOK7/bMkJi+aBwSfm3yR6U46XDYlDHfSeeL/xJFm" + + "0QSNf6S/K7lj+AwAoOrruaxXwHxO1zlaXGo8R8P5JVgr7/mbsMF2RnXp3JrW" + + "KIC5LsePgyy6bYBdFwbJZ/FQVFp0zCnByUvPP8xS9+TdZKvp9u6rgIzNCPFK" + + "m1f9XkgJhIn4TEgRVp/OGYbUX2g4Gbm15TUUwyXUFsas224Cyv2RwrzpKNXv" + + "SpriMdXtbEIzt6IRKH6oB1x5QbPz7cJhKL8pbhOUnjSourJC5S8LgazqyKaS" + + "VIon108lGcq6xJJKySxsA74luILEpQyTgZfpSUblCeRcOMdXW0OA+K6PhXqa" + + "e1EzWHo6F7iMTi0SSZ/XOV6Px9xV3e2vRXSt13+pzTpRZKpzVHjpkiWz7xYt" + + "NI2Vq+4LB/ZCi3jhJLYoRYSP9XEf2ilfplK4rGD8tIEDTkFLnKv8oKA+dnwX" + + "VNxKoJQnPuYLTDCU/KfODU4gAyefuTCH/8iAry/6UhOM9Pr50boQJ9KK5Ckz" + + "lkptnLqP6vCSFexkETdh+Vx2Jf87EmytpUhJXS1i2EOjihWH0hEUknEip7km" + + "a1m489qAMUzOMZ2RaIu0p/gDGlLkLem2yv6AOFcqBpQWo0yc4HaPf1Op06/7" + + "ZkykXPyekYI0kKKMrILrW7XifSyvAaPiuXIRzH7GpRIoPmNEEnm3jSpPfkZo" + + "ttCWxzktVVFD2ACTQXV6uDH6eiOrZpMtrg6tOqfbgdGkohfjLtnSjjfhAgTg" + + "N+Tb7w9FgGMZjvrA9Ht50m1iqGg25la5jBfCaD1ZOoAWe1mhRiWVFuEuVewb" + + "dA1hny6OSXxc+5v6pyXKYodMDjYW8m3hhgQfxo1vAoOIy9UWiZ+kVQbw68MO" + + "G7mOYw4WKKDPw4LaiPVSexmu08mYJXiOU+mNlvv0GseQ6gK+sDsQKiPa8KGi" + + "JllcaKnJ9qmO0ff5IZ2bDyAESkUgwb9CaT7yjTz+z78Q/IcAVafYLkbJb4FZ" + + "UFUTsLfw172NW1MzTeyfHe9YtZsOUuViuFLrKoWO8fDRYcA65J30C1S8P3bU" + + "aauukUZBoFndn6sz0DH6z+YLOjvoAlyze+692saz6OPf8iYPacq25i44He2v" + + "sRpbqrWw3Xn1fcd2WQABQ4Ig4sntuuvG6ZYFl9//8ZtNfe6hS9iZzyP4CPiz" + + "Q9cD15Xln24gW2EZuJ6yfgiK8AYfZIUmGu0fUO4x5kPNbkIEdb+a2HYDb4rs" + + "m8dFVKCKDPOjEojkfFz3DXycQn79xOxs7HEg7GZtV6/jnu0tel2qHQNBPM2i" + + "1RWHfiC+/kKWmiQlwbSYzyFcbwcPYMzGVcbJoL/SidqxcD4PeD7PnPmAHzy9" + + "2rvGPu6m0/7HhjsMicG/fyfczY+SPSkxoxa2N46yS397tKbUVJ9SfUATJ0vM" + + "YqnqqgKQTd0MzdQNcNOE6EozK3kCTV+6xjs1aSvwB51gp03vcw+Ln0mW4Dfd" + + "mM+HwFre9w37DJBajEXbzkI6aHApCQdN6VexsaSyxFewwavTqwmVeSTIflpa" + + "s2lFbJmLbMDcdgiIHyvOygg0oXy1JuFScuBZ4T21kcTAEX/hFPfLTGTUXeBA" + + "hMY+gkdol/IB9gNPL23KLskXv4+Z9sCVheG3eAi4qeLgkqr86L8aIYa0Akdl" + + "UnxREE0/sDeiqaV+fg/cHGa51YRVHhyG4/+//PQ46xW5ORhGnOSs7UHZB1XK" + + "5ROgOFDe1HpKhQwWbFEaMY+CLSBFDNmMZiaoArf1r5qIqwG6fy++T0f7plDm" + + "CdoZcV5IyIwmVwzZu6mMz7MRPEBYH/WitC/lP4jdtHqtHqKtPT+NXHzh2A/c" + + "tl3nOSR5RnDKzL7kUVXheL2cES+41jZ1LBy9T3ZxXd59Tf8IdC1JJ24pHmzJ" + + "KZNYxIr+rREvIxZsNvJI2urefS2/55AZCVC58hahjS4DWPzpxMkRb5xkL8L8" + + "Yt8OikvdsazHuamTlh2tggCiQ3LDqXtG+sk67UZQycWis0vG6pd6S+E6K4Sn" + + "mymsn/CbsSqr8rVd/JppqmYnPPmzkEw0oztNW2pNzfui+vvr6gFV81cWIdFt" + + "TOWlXSzOAwm7/Dj8kSYyIxZVrHsRCbnSdkmP0timKpBkGN+CCHsibzl0RJHj" + + "IIznWLUBCnwxUwLJCdo6qTZoOhegDYZFVgk4eExiL26XJjbLJj25tB+ITBiI" + + "RwR52Mxf9zoX3V8I1OCnvznt0fE5NBTob0LDXoqGy1PlTJv+8DKrI4Vzgk9/" + + "yDjMw/NJgimQS97cxU9CxnQO7FmCEnEeB/E9kniml5EGLEod3Ugf6ElcuADn" + + "Kp4E1cijOiRdHPX6vnxjw0n0OHpOpaCf9ynWF5fVXNoAofqTB7nGMn1YPJUo" + + "gl2pDlX6Z5dTZ1IyoOAxkOLTKH6ULY91wnPgC1k8LoOKAWJOtcdxBai+rxGe" + + "Nw6pYsl6L0ViIBsVHOlg+JEFtVEhL9vUuv9NcqWu6swt/bV84rU993vPj1FR" + + "bPasRjTBAIwJ4KVvQHtXg0bta8vWFIt7hOSjpKD+Fe8c59oZcmvmfCWo1yJE" + + "YMGZETkP58SlGtVUMOXYZxEzLe1OG2icd8guZ4d/DeCLv6JuO2q958UdM1I6" + + "yO8+1r1w6nzsTwaXZn0htKYbC8dYIl7jJK/5y/ITZWSJl5BbtoUXlVuz/GGx" + + "vllOfG+H/iSr3wQ8Meue+9zh1l+gdH10dWlLCjot0ri8e/xKU9ZaRt6dlHka" + + "c8Nh1U30ZrMBooXYBZmA/0+Ntz5WIEh6GQKeWV/ZwtOZdfGsYzC1L9t3Xknu" + + "GxVjEfV1l7b9Fx5j5jElMCMGCSqGSIb3DQEJFTEWBBRFy/ERb7PziymEs8ci" + + "TK5wp093iTAxMCEwCQYFKw4DAhoFAAQU1SGg9xV7jfLcJh3tzd+phZTMN38E" + + "CL6WgCtEom7kAgIIAA=="); + + private readonly SecureRandom Random = new SecureRandom(); + + /** + * we generate a self signed certificate for the sake of testing - RSA + */ + public X509CertificateEntry CreateCert( + AsymmetricKeyParameter pubKey, + AsymmetricKeyParameter privKey, + string issuerEmail, + string subjectEmail) + { + // + // distinguished name table. + // + IDictionary issuerAttrs = new Hashtable(); + issuerAttrs.Add(X509Name.C, "AU"); + issuerAttrs.Add(X509Name.O, "The Legion of the Bouncy Castle"); + issuerAttrs.Add(X509Name.L, "Melbourne"); + issuerAttrs.Add(X509Name.ST, "Victoria"); + issuerAttrs.Add(X509Name.EmailAddress, issuerEmail); + + IDictionary subjectAttrs = new Hashtable(); + subjectAttrs.Add(X509Name.C, "AU"); + subjectAttrs.Add(X509Name.O, "The Legion of the Bouncy Castle"); + subjectAttrs.Add(X509Name.L, "Melbourne"); + subjectAttrs.Add(X509Name.ST, "Victoria"); + subjectAttrs.Add(X509Name.EmailAddress, subjectEmail); + + IList order = new ArrayList(); + order.Add(X509Name.C); + order.Add(X509Name.O); + order.Add(X509Name.L); + order.Add(X509Name.ST); + order.Add(X509Name.EmailAddress); + + // + // extensions + // + + // + // create the certificate - version 3 + // + X509V3CertificateGenerator certGen = new X509V3CertificateGenerator(); + + certGen.SetSerialNumber(BigInteger.One); + certGen.SetIssuerDN(new X509Name(order, issuerAttrs)); + certGen.SetNotBefore(DateTime.UtcNow.AddDays(-30)); + certGen.SetNotAfter(DateTime.UtcNow.AddDays(30)); + certGen.SetSubjectDN(new X509Name(order, subjectAttrs)); + certGen.SetPublicKey(pubKey); + certGen.SetSignatureAlgorithm("MD5WithRSAEncryption"); + + return new X509CertificateEntry(certGen.Generate(privKey)); + } + + private void DoTestCertsOnly() + { + Pkcs12Store pkcs12 = new Pkcs12StoreBuilder().Build(); + + pkcs12.Load(new MemoryStream(certsOnly, false), null); + + IsTrue(pkcs12.ContainsAlias("alias")); + + MemoryStream bOut = new MemoryStream(); + + pkcs12.Save(bOut, null, Random); + + pkcs12 = new Pkcs12StoreBuilder().Build(); + + pkcs12.Load(new MemoryStream(bOut.ToArray(), false), null); + + IsTrue(pkcs12.ContainsAlias("alias")); + + try + { + pkcs12.Load(new MemoryStream(certsOnly, false), "1".ToCharArray()); + Fail("no exception"); + } + catch (IOException e) + { + IsEquals("password supplied for keystore that does not require one", e.Message); + } + + // TODO Modify environment variables in tests? + //System.setProperty(Pkcs12Store.IgnoreUselessPasswordProperty, "true"); + + //pkcs12.Load(new MemoryStream(certsOnly, false), "1".ToCharArray()); + + //System.setProperty(Pkcs12Store.IgnoreUselessPasswordProperty, "false"); + } + + private void DoTestPkcs12Store() + { + BigInteger mod = new BigInteger("bb1be8074e4787a8d77967f1575ef72dd7582f9b3347724413c021beafad8f32dba5168e280cbf284df722283dad2fd4abc750e3d6487c2942064e2d8d80641aa5866d1f6f1f83eec26b9b46fecb3b1c9856a303148a5cc899c642fb16f3d9d72f52526c751dc81622c420c82e2cfda70fe8d13f16cc7d6a613a5b2a2b5894d1", 16); + + MemoryStream stream = new MemoryStream(pkcs12, false); + Pkcs12Store store = new Pkcs12StoreBuilder().Build(); + store.Load(stream, passwd); + + string pName = null; + foreach (string n in store.Aliases) + { + if (store.IsKeyEntry(n)) + { + pName = n; + //break; + } + } + + AsymmetricKeyEntry key = store.GetKey(pName); + + if (!((RsaKeyParameters) key.Key).Modulus.Equals(mod)) + { + Fail("Modulus doesn't match."); + } + + X509CertificateEntry[] ch = store.GetCertificateChain(pName); + + if (ch.Length != 3) + { + Fail("chain was wrong length"); + } + + if (!ch[0].Certificate.SerialNumber.Equals(new BigInteger("96153094170511488342715101755496684211"))) + { + Fail("chain[0] wrong certificate."); + } + + if (!ch[1].Certificate.SerialNumber.Equals(new BigInteger("279751514312356623147411505294772931957"))) + { + Fail("chain[1] wrong certificate."); + } + + if (!ch[2].Certificate.SerialNumber.Equals(new BigInteger("11341398017"))) + { + Fail("chain[2] wrong certificate."); + } + + // + // save test + // + MemoryStream bOut = new MemoryStream(); + store.Save(bOut, passwd, Random); + + stream = new MemoryStream(bOut.ToArray(), false); + store.Load(stream, passwd); + + key = store.GetKey(pName); + + if (!((RsaKeyParameters)key.Key).Modulus.Equals(mod)) + { + Fail("Modulus doesn't match."); + } + + store.DeleteEntry(pName); + + if (store.GetKey(pName) != null) + { + Fail("Failed deletion test."); + } + + // + // cert chain test + // + store.SetCertificateEntry("testCert", ch[2]); + + if (store.GetCertificateChain("testCert") != null) + { + Fail("Failed null chain test."); + } + + // + // UTF 8 single cert test + // + stream = new MemoryStream(certUTF, false); + store.Load(stream, "user".ToCharArray()); + + if (store.GetCertificate("37") == null) + { + Fail("Failed to find UTF cert."); + } + + // + // try for a self generated certificate + // + RsaKeyParameters pubKey = new RsaKeyParameters( + false, + new BigInteger("b4a7e46170574f16a97082b22be58b6a2a629798419be12872a4bdba626cfae9900f76abfb12139dce5de56564fab2b6543165a040c606887420e33d91ed7ed7", 16), + new BigInteger("11", 16)); + + RsaPrivateCrtKeyParameters privKey = new RsaPrivateCrtKeyParameters( + new BigInteger("b4a7e46170574f16a97082b22be58b6a2a629798419be12872a4bdba626cfae9900f76abfb12139dce5de56564fab2b6543165a040c606887420e33d91ed7ed7", 16), + new BigInteger("11", 16), + new BigInteger("9f66f6b05410cd503b2709e88115d55daced94d1a34d4e32bf824d0dde6028ae79c5f07b580f5dce240d7111f7ddb130a7945cd7d957d1920994da389f490c89", 16), + new BigInteger("c0a0758cdf14256f78d4708c86becdead1b50ad4ad6c5c703e2168fbf37884cb", 16), + new BigInteger("f01734d7960ea60070f1b06f2bb81bfac48ff192ae18451d5e56c734a5aab8a5", 16), + new BigInteger("b54bb9edff22051d9ee60f9351a48591b6500a319429c069a3e335a1d6171391", 16), + new BigInteger("d3d83daf2a0cecd3367ae6f8ae1aeb82e9ac2f816c6fc483533d8297dd7884cd", 16), + new BigInteger("b8f52fc6f38593dabb661d3f50f8897f8106eee68b1bce78a95b132b4e5b5d19", 16)); + + X509CertificateEntry[] chain = new X509CertificateEntry[] { + CreateCert(pubKey, privKey, "issuer@bouncycastle.org", "subject@bouncycastle.org") + }; + + store = new Pkcs12StoreBuilder().Build(); + + store.SetKeyEntry("privateKey", new AsymmetricKeyEntry(privKey), chain); + + if (!store.ContainsAlias("privateKey") || !store.ContainsAlias("PRIVATEKEY")) + { + Fail("couldn't find alias privateKey"); + } + + if (store.IsCertificateEntry("privateKey")) + { + Fail("key identified as certificate entry"); + } + + if (!store.IsKeyEntry("privateKey") || !store.IsKeyEntry("PRIVATEKEY")) + { + Fail("key not identified as key entry"); + } + + if (!"privateKey".Equals(store.GetCertificateAlias(chain[0].Certificate))) + { + Fail("Did not return alias for key certificate privateKey"); + } + + MemoryStream store1Stream = new MemoryStream(); + store.Save(store1Stream, passwd, Random); + DoTestNoExtraLocalKeyID(store1Stream.ToArray()); + + // + // no friendly name test + // + stream = new MemoryStream(pkcs12noFriendly, false); + store.Load(stream, noFriendlyPassword); + + pName = null; + + foreach (string n in store.Aliases) + { + if (store.IsKeyEntry(n)) + { + pName = n; + //break; + } + } + + ch = store.GetCertificateChain(pName); + + //for (int i = 0; i != ch.Length; i++) + //{ + // Console.WriteLine(ch[i]); + //} + + if (ch.Length != 1) + { + Fail("no cert found in pkcs12noFriendly"); + } + + // + // failure tests + // + ch = store.GetCertificateChain("dummy"); + + store.GetCertificateChain("DUMMY"); + + store.GetCertificate("dummy"); + + store.GetCertificate("DUMMY"); + + // + // storage test + // + stream = new MemoryStream(pkcs12StorageIssue, false); + store.Load(stream, storagePassword); + + pName = null; + + foreach (string n in store.Aliases) + { + if (store.IsKeyEntry(n)) + { + pName = n; + //break; + } + } + + ch = store.GetCertificateChain(pName); + if (ch.Length != 2) + { + Fail("Certificate chain wrong length"); + } + + store.Save(new MemoryStream(), storagePassword, Random); + + // + // basic certificate check + // + store.SetCertificateEntry("cert", ch[1]); + + if (!store.ContainsAlias("cert") || !store.ContainsAlias("CERT")) + { + Fail("couldn't find alias cert"); + } + + if (!store.IsCertificateEntry("cert") || !store.IsCertificateEntry("CERT")) + { + Fail("cert not identified as certificate entry"); + } + + if (store.IsKeyEntry("cert") || store.IsKeyEntry("CERT")) + { + Fail("cert identified as key entry"); + } + + if (!store.IsEntryOfType("cert", typeof(X509CertificateEntry))) + { + Fail("cert not identified as X509CertificateEntry"); + } + + if (!store.IsEntryOfType("CERT", typeof(X509CertificateEntry))) + { + Fail("CERT not identified as X509CertificateEntry"); + } + + if (store.IsEntryOfType("cert", typeof(AsymmetricKeyEntry))) + { + Fail("cert identified as key entry via AsymmetricKeyEntry"); + } + + if (!"cert".Equals(store.GetCertificateAlias(ch[1].Certificate))) + { + Fail("Did not return alias for certificate entry"); + } + + // + // test restoring of a certificate with private key originally as a ca certificate + // + store = new Pkcs12StoreBuilder().Build(); + + store.SetCertificateEntry("cert", ch[0]); + + if (!store.ContainsAlias("cert") || !store.ContainsAlias("CERT")) + { + Fail("restore: couldn't find alias cert"); + } + + if (!store.IsCertificateEntry("cert") || !store.IsCertificateEntry("CERT")) + { + Fail("restore: cert not identified as certificate entry"); + } + + if (store.IsKeyEntry("cert") || store.IsKeyEntry("CERT")) + { + Fail("restore: cert identified as key entry"); + } + + if (store.IsEntryOfType("cert", typeof(AsymmetricKeyEntry))) + { + Fail("restore: cert identified as key entry via AsymmetricKeyEntry"); + } + + if (store.IsEntryOfType("CERT", typeof(AsymmetricKeyEntry))) + { + Fail("restore: cert identified as key entry via AsymmetricKeyEntry"); + } + + if (!store.IsEntryOfType("cert", typeof(X509CertificateEntry))) + { + Fail("restore: cert not identified as X509CertificateEntry"); + } + + // + // test of reading incorrect zero-length encoding + // + stream = new MemoryStream(pkcs12nopass, false); + store.Load(stream, "".ToCharArray()); + + stream = new MemoryStream(sentrixHard, false); + store = new Pkcs12StoreBuilder().Build(); + store.Load(stream, "0000".ToCharArray()); + CheckPKCS12(store); + + stream = new MemoryStream(sentrixSoft, false); + store = new Pkcs12StoreBuilder().Build(); + store.Load(stream, "0000".ToCharArray()); + CheckPKCS12(store); + + stream = new MemoryStream(sentrix1, false); + store = new Pkcs12StoreBuilder().Build(); + store.Load(stream, "0000".ToCharArray()); + CheckPKCS12(store); + + stream = new MemoryStream(sentrix2, false); + store = new Pkcs12StoreBuilder().Build(); + store.Load(stream, "0000".ToCharArray()); + CheckPKCS12(store); + + stream = new MemoryStream(sentrix3, false); + store = new Pkcs12StoreBuilder().Build(); + store.Load(stream, "0000".ToCharArray()); + CheckPKCS12(store); + } + + private void CheckPKCS12(Pkcs12Store store) + { + foreach (string alias in store.Aliases) + { + if (store.IsKeyEntry(alias)) + { + AsymmetricKeyEntry ent = store.GetKey(alias); + X509CertificateEntry[] crts = store.GetCertificateChain(alias); + } + else if (store.IsCertificateEntry(alias)) + { + X509CertificateEntry crt = store.GetCertificate(alias); + } + } + } + private void DoTestSupportedTypes(AsymmetricKeyEntry privKey, X509CertificateEntry[] chain) + { + basicStoreTest(privKey, chain, + PkcsObjectIdentifiers.PbeWithShaAnd3KeyTripleDesCbc, + PkcsObjectIdentifiers.PbewithShaAnd40BitRC2Cbc ); + basicStoreTest(privKey, chain, + PkcsObjectIdentifiers.PbeWithShaAnd3KeyTripleDesCbc, + PkcsObjectIdentifiers.PbeWithShaAnd3KeyTripleDesCbc ); + } + + private void basicStoreTest(AsymmetricKeyEntry privKey, X509CertificateEntry[] chain, + DerObjectIdentifier keyAlgorithm, DerObjectIdentifier certAlgorithm) + { + Pkcs12Store store = new Pkcs12StoreBuilder() + .SetKeyAlgorithm(keyAlgorithm) + .SetCertAlgorithm(certAlgorithm) + .Build(); + + store.SetKeyEntry("key", privKey, chain); + + MemoryStream bOut = new MemoryStream(); + + store.Save(bOut, passwd, Random); + + store.Load(new MemoryStream(bOut.ToArray(), false), passwd); + + AsymmetricKeyEntry k = store.GetKey("key"); + + if (!k.Equals(privKey)) + { + Fail("private key didn't match"); + } + + X509CertificateEntry[] c = store.GetCertificateChain("key"); + + if (c.Length != chain.Length || !c[0].Equals(chain[0])) + { + Fail("certificates didn't match"); + } + + // check attributes + Pkcs12Entry b1 = k; + Pkcs12Entry b2 = chain[0]; + + if (b1[PkcsObjectIdentifiers.Pkcs9AtFriendlyName] != null) + { + DerBmpString name = (DerBmpString)b1[PkcsObjectIdentifiers.Pkcs9AtFriendlyName]; + + if (!name.Equals(new DerBmpString("key"))) + { + Fail("friendly name wrong"); + } + } + else + { + Fail("no friendly name found on key"); + } + + if (b1[PkcsObjectIdentifiers.Pkcs9AtLocalKeyID] != null) + { + Asn1OctetString id = (Asn1OctetString)b1[PkcsObjectIdentifiers.Pkcs9AtLocalKeyID]; + + if (!id.Equals(b2[PkcsObjectIdentifiers.Pkcs9AtLocalKeyID])) + { + Fail("local key id mismatch"); + } + } + else + { + Fail("no local key id found"); + } + + // + // check algorithm types. + // + Pfx pfx = Pfx.GetInstance(bOut.ToArray()); + + ContentInfo cInfo = pfx.AuthSafe; + + Asn1OctetString auth = (Asn1OctetString)cInfo.Content; + + Asn1Sequence s1 = Asn1Sequence.GetInstance(auth.GetOctets()); + + ContentInfo c1 = ContentInfo.GetInstance(s1[0]); + ContentInfo c2 = ContentInfo.GetInstance(s1[1]); + + SafeBag sb = SafeBag.GetInstance(Asn1Sequence.GetInstance(((Asn1OctetString)c1.Content).GetOctets())[0]); + + EncryptedPrivateKeyInfo encInfo = EncryptedPrivateKeyInfo.GetInstance(sb.BagValue); + + // check the key encryption + if (!encInfo.EncryptionAlgorithm.Algorithm.Equals(keyAlgorithm)) + { + Fail("key encryption algorithm wrong"); + } + + // check the certificate encryption + EncryptedData cb = EncryptedData.GetInstance(c2.Content); + + if (!cb.EncryptionAlgorithm.Algorithm.Equals(certAlgorithm)) + { + Fail("cert encryption algorithm wrong"); + } + } + + private void DoTestNoExtraLocalKeyID(byte[] store1data) + { + IAsymmetricCipherKeyPairGenerator kpg = GeneratorUtilities.GetKeyPairGenerator("RSA"); + kpg.Init(new RsaKeyGenerationParameters( + BigInteger.ValueOf(0x10001), Random, 512, 25)); + + AsymmetricCipherKeyPair newPair = kpg.GenerateKeyPair(); + + Pkcs12Store store1 = new Pkcs12StoreBuilder().Build(); + store1.Load(new MemoryStream(store1data, false), passwd); + + Pkcs12Store store2 = new Pkcs12StoreBuilder().Build(); + + AsymmetricKeyEntry k1 = store1.GetKey("privatekey"); + X509CertificateEntry[] chain1 = store1.GetCertificateChain("privatekey"); + + X509CertificateEntry[] chain2 = new X509CertificateEntry[chain1.Length + 1]; + + Array.Copy(chain1, 0, chain2, 1, chain1.Length); + + chain2[0] = CreateCert(newPair.Public, k1.Key, "subject@bouncycastle.org", "extra@bouncycaste.org"); + + if (chain1[0][PkcsObjectIdentifiers.Pkcs9AtLocalKeyID] == null) + { + Fail("localKeyID not found initially"); + } + + store2.SetKeyEntry("new", new AsymmetricKeyEntry(newPair.Private), chain2); + + MemoryStream bOut = new MemoryStream(); + + store2.Save(bOut, passwd, Random); + + store2.Load(new MemoryStream(bOut.ToArray(), false), passwd); + + chain2 = store2.GetCertificateChain("new"); + + if (chain2[1][PkcsObjectIdentifiers.Pkcs9AtLocalKeyID] != null) + { + Fail("localKeyID found after save"); + } + } + + private void DoTestLoadRepeatedLocalKeyID() + { + Pkcs12Store store = new Pkcs12StoreBuilder().Build(); + store.Load(new MemoryStream(repeatedLocalKeyIdPfx, false), "".ToCharArray()); + + IsTrue(store.GetCertificateChain("d4be139f9db456d225a8dcd2969479d960d2514a") == null); + IsTrue(store.GetCertificateChain("45cbf1116fb3f38b2984b3c7224cae70a74f7789").Length == 1); + } + + public override string Name + { + get { return "PKCS12Store"; } + } + + public override void PerformTest() + { + DoTestCertsOnly(); + DoTestPkcs12Store(); + DoTestLoadRepeatedLocalKeyID(); + } + + public static void Main( + string[] args) + { + RunTest(new Pkcs12StoreTest()); + } + + [Test] + public void TestFunction() + { + string resultText = Perform().ToString(); + + Assert.AreEqual(Name + ": Okay", resultText); + } + } +} diff --git a/BouncyCastle/crypto/test/src/security/test/SecureRandomTest.cs b/BouncyCastle/crypto/test/src/security/test/SecureRandomTest.cs new file mode 100644 index 0000000..a474b53 --- /dev/null +++ b/BouncyCastle/crypto/test/src/security/test/SecureRandomTest.cs @@ -0,0 +1,250 @@ +using System; +using System.Text; + +using NUnit.Framework; + +using Org.BouncyCastle.Crypto; +using Org.BouncyCastle.Crypto.Digests; +using Org.BouncyCastle.Crypto.Engines; +using Org.BouncyCastle.Crypto.Macs; +using Org.BouncyCastle.Crypto.Prng; +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Utilities; +using Org.BouncyCastle.Utilities.Test; + +namespace Org.BouncyCastle.Security.Tests +{ + [TestFixture] + public class SecureRandomTest + { +#if !(NETCF_1_0 || PORTABLE) + [Test] + public void TestCryptoApi() + { + SecureRandom random = new SecureRandom( + new CryptoApiRandomGenerator()); + + CheckSecureRandom(random); + } +#endif + + [Test] + public void TestDefault() + { + SecureRandom random = new SecureRandom(); + + CheckSecureRandom(random); + } + + [Test] + public void TestNextDouble() + { + double min = new SecureRandom(new FixedRandomGenerator(0x00)).NextDouble(); + Assert.GreaterOrEqual(min, 0.0); + Assert.Less(min, 1.0); + + double max = new SecureRandom(new FixedRandomGenerator(0xFF)).NextDouble(); + Assert.GreaterOrEqual(max, 0.0); + Assert.Less(max, 1.0); + } + + [Test] + public void TestSha1Prng() + { + SecureRandom random = SecureRandom.GetInstance("SHA1PRNG"); + + CheckSecureRandom(random); + } + + [Test] + public void TestSha1PrngBackward() + { + byte[] seed = Encoding.ASCII.GetBytes("backward compatible"); + + SecureRandom sx = new SecureRandom(seed); + SecureRandom sy = SecureRandom.GetInstance("SHA1PRNG", false); sy.SetSeed(seed); + + byte[] bx = new byte[128]; sx.NextBytes(bx); + byte[] by = new byte[128]; sy.NextBytes(by); + + Assert.IsTrue(Arrays.AreEqual(bx, by)); + } + + [Test] + public void TestSha256Prng() + { + SecureRandom random = SecureRandom.GetInstance("SHA256PRNG"); + + CheckSecureRandom(random); + } + + [Test] + public void TestSP800Ctr() + { + SecureRandom random = new SP800SecureRandomBuilder().BuildCtr(new AesEngine(), 256, new byte[32], false); + + CheckSecureRandom(random); + } + + [Test] + public void TestSP800Hash() + { + SecureRandom random = new SP800SecureRandomBuilder().BuildHash(new Sha256Digest(), new byte[32], false); + + CheckSecureRandom(random); + } + + [Test] + public void TestSP800HMac() + { + SecureRandom random = new SP800SecureRandomBuilder().BuildHMac(new HMac(new Sha256Digest()), new byte[32], false); + + CheckSecureRandom(random); + } + + [Test] + public void TestThreadedSeed() + { + SecureRandom random = SecureRandom.GetInstance("SHA1PRNG", false); + random.SetSeed(new ThreadedSeedGenerator().GenerateSeed(20, false)); + + CheckSecureRandom(random); + } + + [Test] + public void TestVmpcPrng() + { + SecureRandom random = new SecureRandom(new VmpcRandomGenerator()); + random.SetSeed(random.GenerateSeed(32)); + + CheckSecureRandom(random); + } + + [Test] + public void TestX931() + { + SecureRandom random = new X931SecureRandomBuilder().Build(new AesEngine(), new KeyParameter(new byte[16]), false); + + CheckSecureRandom(random); + } + + + private static void CheckSecureRandom(SecureRandom random) + { + // Note: This will periodically (< 1e-6 probability) give a false alarm. + // That's randomness for you! + Assert.IsTrue(RunChiSquaredTests(random), "Chi2 test detected possible non-randomness"); + } + + private static bool RunChiSquaredTests(SecureRandom random) + { + int passes = 0; + + for (int tries = 0; tries < 100; ++tries) + { + double chi2 = MeasureChiSquared(random, 1000); + + // 255 degrees of freedom in test => Q ~ 10.0% for 285 + if (chi2 < 285.0) + { + ++passes; + } + } + + return passes > 75; + } + + private static double MeasureChiSquared(SecureRandom random, int rounds) + { + byte[] opts = random.GenerateSeed(2); + int[] counts = new int[256]; + + byte[] bs = new byte[256]; + for (int i = 0; i < rounds; ++i) + { + random.NextBytes(bs); + + for (int b = 0; b < 256; ++b) + { + ++counts[bs[b]]; + } + } + + byte mask = opts[0]; + for (int i = 0; i < rounds; ++i) + { + random.NextBytes(bs); + + for (int b = 0; b < 256; ++b) + { + ++counts[bs[b] ^ mask]; + } + + ++mask; + } + + byte shift = opts[1]; + for (int i = 0; i < rounds; ++i) + { + random.NextBytes(bs); + + for (int b = 0; b < 256; ++b) + { + ++counts[(byte)(bs[b] + shift)]; + } + + ++shift; + } + + int total = 3 * rounds; + + double chi2 = 0; + for (int k = 0; k < counts.Length; ++k) + { + double diff = ((double) counts[k]) - total; + double diff2 = diff * diff; + + chi2 += diff2; + } + + chi2 /= total; + + return chi2; + } + + private abstract class TestRandomGenerator + : IRandomGenerator + { + public virtual void AddSeedMaterial(byte[] seed) + { + } + + public virtual void AddSeedMaterial(long seed) + { + } + + public virtual void NextBytes(byte[] bytes) + { + NextBytes(bytes, 0, bytes.Length); + } + + public abstract void NextBytes(byte[] bytes, int start, int len); + } + + private sealed class FixedRandomGenerator + : TestRandomGenerator + { + private readonly byte b; + + internal FixedRandomGenerator(byte b) + { + this.b = b; + } + + public override void NextBytes(byte[] bytes, int start, int len) + { + Arrays.Fill(bytes, start, start + len, b); + } + } + } +} diff --git a/BouncyCastle/crypto/test/src/security/test/TestDigestUtil.cs b/BouncyCastle/crypto/test/src/security/test/TestDigestUtil.cs new file mode 100644 index 0000000..0f169f9 --- /dev/null +++ b/BouncyCastle/crypto/test/src/security/test/TestDigestUtil.cs @@ -0,0 +1,63 @@ +using System; + +using NUnit.Framework; + +using Org.BouncyCastle.Crypto; +using Org.BouncyCastle.Crypto.Digests; + +namespace Org.BouncyCastle.Security.Tests +{ + [TestFixture] + public class TestDigestUtilities + { + private static readonly byte[] TestBytes = new byte[100]; + + static TestDigestUtilities() + { + new SecureRandom().NextBytes(TestBytes); + } + + [Test] + public void TestAlgorithms() + { + CheckAlgorithm("GOST3411", new Gost3411Digest()); + CheckAlgorithm("MD2", new MD2Digest()); + CheckAlgorithm("MD4", new MD4Digest()); + CheckAlgorithm("MD5", new MD5Digest()); + CheckAlgorithm("RipeMD128", new RipeMD128Digest()); + CheckAlgorithm("RipeMD160", new RipeMD160Digest()); + CheckAlgorithm("RipeMD256", new RipeMD256Digest()); + CheckAlgorithm("RipeMD320", new RipeMD320Digest()); + CheckAlgorithm("SHA-1", new Sha1Digest()); + CheckAlgorithm("SHA-224", new Sha224Digest()); + CheckAlgorithm("SHA-256", new Sha256Digest()); + CheckAlgorithm("SHA-384", new Sha384Digest()); + CheckAlgorithm("SHA-512", new Sha512Digest()); + CheckAlgorithm("Tiger", new TigerDigest()); + CheckAlgorithm("Whirlpool", new WhirlpoolDigest()); + } + + private void CheckAlgorithm( + string name, + IDigest digest) + { + byte[] hash1 = MakeTestHash(digest); + byte[] hash2 = MakeTestHash(DigestUtilities.GetDigest(name)); + + Assert.AreEqual(hash1, hash2, name); + } + + private byte[] MakeTestHash( + IDigest digest) + { + for (int i = 0; i < digest.GetDigestSize(); ++i) + { + digest.Update((byte) i); + } + + digest.BlockUpdate(TestBytes, 0, TestBytes.Length); + + return DigestUtilities.DoFinal(digest); + } + } +} diff --git a/BouncyCastle/crypto/test/src/security/test/TestDotNetUtil.cs b/BouncyCastle/crypto/test/src/security/test/TestDotNetUtil.cs new file mode 100644 index 0000000..3354be0 --- /dev/null +++ b/BouncyCastle/crypto/test/src/security/test/TestDotNetUtil.cs @@ -0,0 +1,88 @@ +#if !(NETCF_1_0 || SILVERLIGHT || PORTABLE) + +using System; +using System.Security.Cryptography; +using SystemX509 = System.Security.Cryptography.X509Certificates; +using System.Collections; + +using NUnit.Framework; + +using Org.BouncyCastle.Asn1.X509; +using Org.BouncyCastle.Crypto; +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Math; +using Org.BouncyCastle.Utilities.Encoders; +using Org.BouncyCastle.X509; + +namespace Org.BouncyCastle.Security.Tests +{ + [TestFixture] + public class TestDotNetUtilities + { + [Test] + public void TestRsaInterop() + { + for (int i = 0; i < 100; ++i) + { + RSACryptoServiceProvider rsa = new RSACryptoServiceProvider(512); + RSAParameters rp = rsa.ExportParameters(true); + AsymmetricCipherKeyPair kp = DotNetUtilities.GetRsaKeyPair(rp); + + DotNetUtilities.ToRSA((RsaKeyParameters)kp.Public); + // TODO This method appears to not work for private keys (when no CRT info) + //DotNetUtilities.ToRSA((RsaKeyParameters)kp.Private); + DotNetUtilities.ToRSA((RsaPrivateCrtKeyParameters)kp.Private); + } + } + + [Test] + public void TestX509CertificateConversion() + { + BigInteger DSAParaG = new BigInteger(Base64.Decode("AL0fxOTq10OHFbCf8YldyGembqEu08EDVzxyLL29Zn/t4It661YNol1rnhPIs+cirw+yf9zeCe+KL1IbZ/qIMZM=")); + BigInteger DSAParaP = new BigInteger(Base64.Decode("AM2b/UeQA+ovv3dL05wlDHEKJ+qhnJBsRT5OB9WuyRC830G79y0R8wuq8jyIYWCYcTn1TeqVPWqiTv6oAoiEeOs=")); + BigInteger DSAParaQ = new BigInteger(Base64.Decode("AIlJT7mcKL6SUBMmvm24zX1EvjNx")); + BigInteger DSAPublicY = new BigInteger(Base64.Decode("TtWy2GuT9yGBWOHi1/EpCDa/bWJCk2+yAdr56rAcqP0eHGkMnA9s9GJD2nGU8sFjNHm55swpn6JQb8q0agrCfw==")); + BigInteger DsaPrivateX = new BigInteger(Base64.Decode("MMpBAxNlv7eYfxLTZ2BItJeD31A=")); + + DsaParameters para = new DsaParameters(DSAParaP, DSAParaQ, DSAParaG); + DsaPrivateKeyParameters dsaPriv = new DsaPrivateKeyParameters(DsaPrivateX, para); + DsaPublicKeyParameters dsaPub = new DsaPublicKeyParameters(DSAPublicY, para); + + IDictionary attrs = new Hashtable(); + attrs[X509Name.C] = "AU"; + attrs[X509Name.O] = "The Legion of the Bouncy Castle"; + attrs[X509Name.L] = "Melbourne"; + attrs[X509Name.ST] = "Victoria"; + attrs[X509Name.E] = "feedback-crypto@bouncycastle.org"; + + IList ord = new ArrayList(attrs.Keys); + + X509V3CertificateGenerator certGen = new X509V3CertificateGenerator(); + + certGen.SetSerialNumber(BigInteger.One); + + certGen.SetIssuerDN(new X509Name(ord, attrs)); + certGen.SetNotBefore(DateTime.UtcNow.AddDays(-1)); + certGen.SetNotAfter(DateTime.UtcNow.AddDays(1)); + certGen.SetSubjectDN(new X509Name(ord, attrs)); + certGen.SetPublicKey(dsaPub); + certGen.SetSignatureAlgorithm("SHA1WITHDSA"); + + X509Certificate cert = certGen.Generate(dsaPriv); + + cert.CheckValidity(); + cert.Verify(dsaPub); + + SystemX509.X509Certificate dotNetCert = DotNetUtilities.ToX509Certificate(cert); + + X509Certificate certCopy = DotNetUtilities.FromX509Certificate(dotNetCert); + + Assert.AreEqual(cert, certCopy); + + certCopy.CheckValidity(); + certCopy.Verify(dsaPub); + } + } +} + +#endif diff --git a/BouncyCastle/crypto/test/src/security/test/TestEncodings.cs b/BouncyCastle/crypto/test/src/security/test/TestEncodings.cs new file mode 100644 index 0000000..d83b2dd --- /dev/null +++ b/BouncyCastle/crypto/test/src/security/test/TestEncodings.cs @@ -0,0 +1,196 @@ +using System; +using System.Collections; +using System.Text; + +using NUnit.Framework; + +using Org.BouncyCastle.Asn1.Pkcs; +using Org.BouncyCastle.Asn1.X509; +using Org.BouncyCastle.Crypto; +using Org.BouncyCastle.Crypto.Generators; +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Crypto.Signers; +using Org.BouncyCastle.Math; +using Org.BouncyCastle.Math.EC; +using Org.BouncyCastle.Pkcs; +using Org.BouncyCastle.Utilities.Encoders; +using Org.BouncyCastle.X509; + +namespace Org.BouncyCastle.Security.Tests +{ + [TestFixture] + public class TestEncodings + { + [Test] + public void TestEC() + { + BigInteger ECParraGX = new BigInteger(Base64.Decode("D/qWPNyogWzMM7hkK+35BcPTWFc9Pyf7vTs8uaqv")); + BigInteger ECParraGY = new BigInteger(Base64.Decode("AhQXGxb1olGRv6s1LPRfuatMF+cx3ZTGgzSE/Q5R")); + BigInteger ECParraH = new BigInteger(Base64.Decode("AQ==")); + BigInteger ECParraN = new BigInteger(Base64.Decode("f///////////////f///nl6an12QcfvRUiaIkJ0L")); + BigInteger ECPubQX = new BigInteger(Base64.Decode("HWWi17Yb+Bm3PYr/DMjLOYNFhyOwX1QY7ZvqqM+l")); + BigInteger ECPubQY = new BigInteger(Base64.Decode("JrlJfxu3WGhqwtL/55BOs/wsUeiDFsvXcGhB8DGx")); + BigInteger ECPrivD = new BigInteger(Base64.Decode("GYQmd/NF1B+He1iMkWt3by2Az6Eu07t0ynJ4YCAo")); + + FpCurve curve = new FpCurve( + new BigInteger("883423532389192164791648750360308885314476597252960362792450860609699839"), // q + new BigInteger("7fffffffffffffffffffffff7fffffffffff8000000000007ffffffffffc", 16), // a + new BigInteger("6b016c3bdcf18941d0d654921475ca71a9db2fb27d1d37796185c2942c0a", 16), // b + ECParraN, ECParraH); + + ECDomainParameters ecDomain = new ECDomainParameters( + curve, + curve.ValidatePoint(ECParraGX, ECParraGY), + ECParraN, ECParraH); + + ECPublicKeyParameters ecPub = new ECPublicKeyParameters( + curve.ValidatePoint(ECPubQX, ECPubQY), + ecDomain); + + ECPrivateKeyParameters ecPriv = new ECPrivateKeyParameters(ECPrivD, ecDomain); + + SubjectPublicKeyInfo subinfo = SubjectPublicKeyInfoFactory.CreateSubjectPublicKeyInfo(ecPub); + PrivateKeyInfo privInfo = PrivateKeyInfoFactory.CreatePrivateKeyInfo(ecPriv); + + ECPublicKeyParameters tecPub = (ECPublicKeyParameters)PublicKeyFactory.CreateKey(subinfo); + ECPrivateKeyParameters tecPriv = (ECPrivateKeyParameters)PrivateKeyFactory.CreateKey(privInfo); + + Assert.IsTrue(tecPub.Equals(ecPub), "EC: public key to info back to public key"); + Assert.IsTrue(tecPriv.Equals(ecPriv), "EC: private key to info back to private key"); + } + + [Test] + public void TestDH() + { + BigInteger DHParraP = new BigInteger(Base64.Decode("ALJCm1CUL6mOnyVqWTSV6Z2+DVSGOvgboOhmbyyxCrym59uVnXMmPjIgQTrmniFg7PvdcN7NNFwFmcZleULso1s=")); + BigInteger DHParraQ = new BigInteger(Base64.Decode("WSFNqEoX1MdPkrUsmkr0zt8GqkMdfA3QdDM3lliFXlNz7crOuZMfGRAgnXNPELB2fe64b2aaLgLM4zK8oXZRrQ==")); + BigInteger DHPubY = new BigInteger(Base64.Decode("AIki+8/zggCS2e488AsTNULI4LujdUeQQsZI949Dc9lKXZRmrPIC1h8NRoneHQEhpAe4Rhe0nhUOGZJekT5++SA=")); + BigInteger DHPrivX = new BigInteger(Base64.Decode("Apo67noMRO5eDWo/TtpRiBmKGw7ywh25shIu0Rs03krQmWKRbDPvdygWdJ5IpW6ZbKlCTAMhSxpz03YSeSEDmw==")); + + + DHParameters dhPara = new DHParameters(DHParraP, DHParraQ); + DHPublicKeyParameters dhPublic = new DHPublicKeyParameters(DHPubY, dhPara); + DHPrivateKeyParameters dhPrivate = new DHPrivateKeyParameters(DHPrivX, dhPara); + + SubjectPublicKeyInfo pubInfo = SubjectPublicKeyInfoFactory.CreateSubjectPublicKeyInfo(dhPublic); + PrivateKeyInfo privInfo = PrivateKeyInfoFactory.CreatePrivateKeyInfo(dhPrivate); + + DHPublicKeyParameters testPubKey = (DHPublicKeyParameters) PublicKeyFactory.CreateKey(pubInfo); + DHPrivateKeyParameters testPrivKey = (DHPrivateKeyParameters) PrivateKeyFactory.CreateKey(privInfo); + + Assert.IsFalse(!testPrivKey.Equals(dhPrivate), "DH: Private key to info back to key"); + Assert.IsFalse(!testPubKey.Equals(dhPublic), "DH: Public key to info back to key"); + + Assert.IsTrue(true, "Diffe Helman Test worked."); + + } + + [Test] + public void TestElGamal() + { + + BigInteger ELGamalParaG = new BigInteger(Base64.Decode("QAZPRcsH8kHVKS5065R1Xy6QtsPvDkmDZtPuq18EJkvLrCIZivE/m5puQp3/VKJrG7dKgz4NBGpONp3HT+Cn/g==")); + BigInteger ELGamalParaP = new BigInteger(Base64.Decode("AKXmAwgkudDLI/Yxk6wk3APn+mSjX5QSyDwpchmegSIi1ZNC0Jb+IbxjroKNhRTBKjtv4/JTXtJS6IqaZv9uKes=")); + BigInteger ELGamalPubY = new BigInteger(Base64.Decode("AJ/gXuZuCA2X044otNkzs8FI36XuFu1L/YHg5cEmDvICTigycRN2E1DnhP+CTqxEqgEqX8rBe5tuGDlkTLwgNqM=")); + BigInteger ELGamalPriv = new BigInteger(Base64.Decode("CqVr+K0TpuJKQnc76MjKhxrJzGr93jnuE3mTpth486Meymt8uWEVAQj1tGc9DTt14F9aV9WIT2oYYbvLJRcwow==")); + + + + ElGamalParameters elPara = new ElGamalParameters(ELGamalParaP, ELGamalParaG); + + ElGamalPrivateKeyParameters elPriv = new ElGamalPrivateKeyParameters(ELGamalPriv, elPara); + ElGamalPublicKeyParameters elPub = new ElGamalPublicKeyParameters(ELGamalPubY, elPara); + + SubjectPublicKeyInfo subInfo = SubjectPublicKeyInfoFactory.CreateSubjectPublicKeyInfo(elPub); + PrivateKeyInfo privInfo = PrivateKeyInfoFactory.CreatePrivateKeyInfo(elPriv); + + ElGamalPrivateKeyParameters telPriv = (ElGamalPrivateKeyParameters)PrivateKeyFactory.CreateKey(privInfo); + ElGamalPublicKeyParameters telPub = (ElGamalPublicKeyParameters)PublicKeyFactory.CreateKey(subInfo); + + + // Console.WriteLine(telPriv.Equals(elPriv)); + + + + Assert.IsTrue(telPriv.Equals(elPriv), "ELGamal Private key to into back to private key."); + Assert.IsTrue(telPub.Equals(elPub), "ELGamal Public key to into back to private key."); + + Assert.IsTrue(true, "ELGamal Test worked."); + + } + + [Test] + public void TestRsa() + { + + BigInteger rsaPubMod = new BigInteger(Base64.Decode("AIASoe2PQb1IP7bTyC9usjHP7FvnUMVpKW49iuFtrw/dMpYlsMMoIU2jupfifDpdFxIktSB4P+6Ymg5WjvHKTIrvQ7SR4zV4jaPTu56Ys0pZ9EDA6gb3HLjtU+8Bb1mfWM+yjKxcPDuFjwEtjGlPHg1Vq+CA9HNcMSKNn2+tW6qt")); + BigInteger rsaPubExp = new BigInteger(Base64.Decode("EQ==")); + BigInteger rsaPrivMod = new BigInteger(Base64.Decode("AIASoe2PQb1IP7bTyC9usjHP7FvnUMVpKW49iuFtrw/dMpYlsMMoIU2jupfifDpdFxIktSB4P+6Ymg5WjvHKTIrvQ7SR4zV4jaPTu56Ys0pZ9EDA6gb3HLjtU+8Bb1mfWM+yjKxcPDuFjwEtjGlPHg1Vq+CA9HNcMSKNn2+tW6qt")); + BigInteger rsaPrivDP = new BigInteger(Base64.Decode("JXzfzG5v+HtLJIZqYMUefJfFLu8DPuJGaLD6lI3cZ0babWZ/oPGoJa5iHpX4Ul/7l3s1PFsuy1GhzCdOdlfRcQ==")); + BigInteger rsaPrivDQ = new BigInteger(Base64.Decode("YNdJhw3cn0gBoVmMIFRZzflPDNthBiWy/dUMSRfJCxoZjSnr1gysZHK01HteV1YYNGcwPdr3j4FbOfri5c6DUQ==")); + BigInteger rsaPrivExp = new BigInteger(Base64.Decode("DxFAOhDajr00rBjqX+7nyZ/9sHWRCCp9WEN5wCsFiWVRPtdB+NeLcou7mWXwf1Y+8xNgmmh//fPV45G2dsyBeZbXeJwB7bzx9NMEAfedchyOwjR8PYdjK3NpTLKtZlEJ6Jkh4QihrXpZMO4fKZWUm9bid3+lmiq43FwW+Hof8/E=")); + BigInteger rsaPrivP = new BigInteger(Base64.Decode("AJ9StyTVW+AL/1s7RBtFwZGFBgd3zctBqzzwKPda6LbtIFDznmwDCqAlIQH9X14X7UPLokCDhuAa76OnDXb1OiE=")); + BigInteger rsaPrivQ = new BigInteger(Base64.Decode("AM3JfD79dNJ5A3beScSzPtWxx/tSLi0QHFtkuhtSizeXdkv5FSba7lVzwEOGKHmW829bRoNxThDy4ds1IihW1w0=")); + BigInteger rsaPrivQinv = new BigInteger(Base64.Decode("Lt0g7wrsNsQxuDdB8q/rH8fSFeBXMGLtCIqfOec1j7FEIuYA/ACiRDgXkHa0WgN7nLXSjHoy630wC5Toq8vvUg==")); + RsaKeyParameters rsaPublic = new RsaKeyParameters(false, rsaPubMod, rsaPubExp); + RsaPrivateCrtKeyParameters rsaPrivate = new RsaPrivateCrtKeyParameters(rsaPrivMod, rsaPubExp, rsaPrivExp, rsaPrivP, rsaPrivQ, rsaPrivDP, rsaPrivDQ, rsaPrivQinv); + + SubjectPublicKeyInfo subInfo = SubjectPublicKeyInfoFactory.CreateSubjectPublicKeyInfo(rsaPublic); + RsaKeyParameters testResult = (RsaKeyParameters)PublicKeyFactory.CreateKey(subInfo); + + // check RSA public key. + + Assert.IsFalse(!testResult.Equals(rsaPublic), "RSA: test failed on public key to info and back to public key."); + + PrivateKeyInfo privInfo = PrivateKeyInfoFactory.CreatePrivateKeyInfo(rsaPrivate); + testResult = (RsaPrivateCrtKeyParameters)PrivateKeyFactory.CreateKey(privInfo); + + Assert.IsFalse(!testResult.Equals(rsaPrivate), "RSA: private key to info back to private key."); + + Assert.IsTrue(true, "RSATest worked."); + + } + + [Test] + public void TestDSA() + { + BigInteger DSAParaG = new BigInteger(Base64.Decode("AL0fxOTq10OHFbCf8YldyGembqEu08EDVzxyLL29Zn/t4It661YNol1rnhPIs+cirw+yf9zeCe+KL1IbZ/qIMZM=")); + BigInteger DSAParaP = new BigInteger(Base64.Decode("AM2b/UeQA+ovv3dL05wlDHEKJ+qhnJBsRT5OB9WuyRC830G79y0R8wuq8jyIYWCYcTn1TeqVPWqiTv6oAoiEeOs=")); + BigInteger DSAParaQ = new BigInteger(Base64.Decode("AIlJT7mcKL6SUBMmvm24zX1EvjNx")); + BigInteger DSAPublicY = new BigInteger(Base64.Decode("TtWy2GuT9yGBWOHi1/EpCDa/bWJCk2+yAdr56rAcqP0eHGkMnA9s9GJD2nGU8sFjNHm55swpn6JQb8q0agrCfw==")); + BigInteger DsaPrivateX = new BigInteger(Base64.Decode("MMpBAxNlv7eYfxLTZ2BItJeD31A=")); + + DsaParameters para = new DsaParameters(DSAParaP, DSAParaQ, DSAParaG); + DsaPrivateKeyParameters dsaPriv = new DsaPrivateKeyParameters(DsaPrivateX, para); + DsaPublicKeyParameters dsaPub = new DsaPublicKeyParameters(DSAPublicY, para); + + SubjectPublicKeyInfo subInfo = SubjectPublicKeyInfoFactory.CreateSubjectPublicKeyInfo(dsaPub); + DsaKeyParameters testResult = (DsaKeyParameters)PublicKeyFactory.CreateKey(subInfo); + + // check RSA public key. + + Assert.IsFalse(!testResult.Equals(dsaPub), "DSA: test failed on public key to info and back to public key."); + + PrivateKeyInfo privInfo = PrivateKeyInfoFactory.CreatePrivateKeyInfo(dsaPriv); + testResult = (DsaPrivateKeyParameters)PrivateKeyFactory.CreateKey(privInfo); + + Assert.IsFalse(!testResult.Equals(dsaPriv), "DSA: private key to info back to private key."); + + Assert.IsTrue(true, "DSATest worked."); + + } + + [Test] + public void TestGost2012() + { + byte[] data = Base64.Decode( + "MIGiAgEAMCEGCCqFAwcBAQECMBUGCSqFAwcBAgECAQYIKoUDBwEBAgMEQIXnWrZ6" + + "ajvbCU6x9jK49PgQqCP00T/lW3laXCXueMF8X4Q1y3N9zfOJT2s/IgyPJVrUhgtO" + + "1Akp+Roh8bCPPlqgODA2BggqhQMCCQMIATEqBCi72ZvrBVW6mFL/bQeXeMTf8Jh8" + + "p/diI7Cg8ig4mXg3tsIUf4vBi61b"); + + PrivateKeyInfo keyInfo = PrivateKeyInfo.GetInstance(data); + AsymmetricKeyParameter akp = Org.BouncyCastle.Security.PrivateKeyFactory.CreateKey(keyInfo); + } + } +} diff --git a/BouncyCastle/crypto/test/src/security/test/TestMacUtil.cs b/BouncyCastle/crypto/test/src/security/test/TestMacUtil.cs new file mode 100644 index 0000000..1eb6f35 --- /dev/null +++ b/BouncyCastle/crypto/test/src/security/test/TestMacUtil.cs @@ -0,0 +1,38 @@ +using System; +using System.Globalization; +using System.Threading; + +using NUnit.Framework; + +using Org.BouncyCastle.Crypto; + +namespace Org.BouncyCastle.Security.Tests +{ + [TestFixture] + public class TestMacUtilities + { + [Test] + public void TestCultureIndependence() + { + Thread t = Thread.CurrentThread; + CultureInfo ci = t.CurrentCulture; + try + { + /* + * In Hungarian, the "CS" in "HMACSHA256" is linguistically a single character, so "HMAC" is not a prefix. + */ + t.CurrentCulture = new CultureInfo("hu-HU"); + IMac mac = MacUtilities.GetMac("HMACSHA256"); + Assert.NotNull(mac); + } + catch (Exception e) + { + Assert.Fail("Culture-specific lookup failed: " + e.Message); + } + finally + { + t.CurrentCulture = ci; + } + } + } +} diff --git a/BouncyCastle/crypto/test/src/security/test/TestParameterUtil.cs b/BouncyCastle/crypto/test/src/security/test/TestParameterUtil.cs new file mode 100644 index 0000000..fe49421 --- /dev/null +++ b/BouncyCastle/crypto/test/src/security/test/TestParameterUtil.cs @@ -0,0 +1,74 @@ +using System; + +using NUnit.Framework; + +using Org.BouncyCastle.Asn1; +using Org.BouncyCastle.Asn1.Nist; +using Org.BouncyCastle.Asn1.Oiw; +using Org.BouncyCastle.Asn1.Pkcs; +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Security.Tests +{ + [TestFixture] + public class TestParameterUtilities + { + [Test] + public void TestCreateKeyParameter() + { + SecureRandom random = new SecureRandom(); + + doTestCreateKeyParameter("AES", NistObjectIdentifiers.IdAes128Cbc, + 128, typeof(KeyParameter), random); + doTestCreateKeyParameter("DES", OiwObjectIdentifiers.DesCbc, + 64, typeof(DesParameters), random); + doTestCreateKeyParameter("DESEDE", PkcsObjectIdentifiers.DesEde3Cbc, + 192, typeof(DesEdeParameters), random); + doTestCreateKeyParameter("RC2", PkcsObjectIdentifiers.RC2Cbc, + 128, typeof(RC2Parameters), random); + } + + private void doTestCreateKeyParameter( + string algorithm, + DerObjectIdentifier oid, + int keyBits, + Type expectedType, + SecureRandom random) + { + int keyLength = keyBits / 8; + byte[] bytes = new byte[keyLength]; + random.NextBytes(bytes); + + KeyParameter key; + + key = ParameterUtilities.CreateKeyParameter(algorithm, bytes); + checkKeyParameter(key, expectedType, bytes); + + key = ParameterUtilities.CreateKeyParameter(oid, bytes); + checkKeyParameter(key, expectedType, bytes); + + bytes = new byte[keyLength * 2]; + random.NextBytes(bytes); + + int offset = random.Next(1, keyLength); + byte[] expected = new byte[keyLength]; + Array.Copy(bytes, offset, expected, 0, keyLength); + + key = ParameterUtilities.CreateKeyParameter(algorithm, bytes, offset, keyLength); + checkKeyParameter(key, expectedType, expected); + + key = ParameterUtilities.CreateKeyParameter(oid, bytes, offset, keyLength); + checkKeyParameter(key, expectedType, expected); + } + + private void checkKeyParameter( + KeyParameter key, + Type expectedType, + byte[] expectedBytes) + { + Assert.IsTrue(expectedType.IsInstanceOfType(key)); + Assert.IsTrue(Arrays.AreEqual(expectedBytes, key.GetKey())); + } + } +} diff --git a/BouncyCastle/crypto/test/src/security/test/TestSignerUtil.cs b/BouncyCastle/crypto/test/src/security/test/TestSignerUtil.cs new file mode 100644 index 0000000..8088f21 --- /dev/null +++ b/BouncyCastle/crypto/test/src/security/test/TestSignerUtil.cs @@ -0,0 +1,220 @@ +using System; +using System.Collections; +using System.Globalization; +using System.Text; + +using NUnit.Framework; + +using Org.BouncyCastle.Asn1.CryptoPro; +using Org.BouncyCastle.Asn1.Pkcs; +using Org.BouncyCastle.Asn1.X509; +using Org.BouncyCastle.Math; +using Org.BouncyCastle.Math.EC; +using Org.BouncyCastle.Crypto; +using Org.BouncyCastle.Crypto.Generators; +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Crypto.Signers; +using Org.BouncyCastle.Utilities; +using Org.BouncyCastle.Utilities.Encoders; + +namespace Org.BouncyCastle.Security.Tests +{ + [TestFixture] + public class TestSignerUtilities + { + [Test] + public void TestAlgorithms() + { + SecureRandom RANDOM = new SecureRandom(); + + // + // RSA parameters + // + BigInteger rsaMod = new BigInteger("a7295693155b1813bb84877fb45343556e0568043de5910872a3a518cc11e23e2db74eaf4545068c4e3d258a2718fbacdcc3eafa457695b957e88fbf110aed049a992d9c430232d02f3529c67a3419935ea9b569f85b1bcd37de6b899cd62697e843130ff0529d09c97d813cb15f293751ff56f943fbdabb63971cc7f4f6d5bff1594416b1f5907bde5a84a44f9802ef29b43bda1960f948f8afb8766c1ab80d32eec88ed66d0b65aebe44a6d0b3c5e0ab051aaa1b912fbcc17b8e751ddecc5365b6db6dab0020c3057db4013a51213a5798a3aab67985b0f4d88627a54a0f3f0285fbcb4afdfeb65cb153af66825656d43238b75503231500753f4e421e3c57", 16); + BigInteger rsaPubExp = new BigInteger("10001", 16); + + BigInteger rsaPrivExp = new BigInteger("65dad56ac7df7abb434e4cb5eeadb16093aa6da7f0033aad3815289b04757d32bfee6ade7749c8e4a323b5050a2fb9e2a99e23469e1ed4ba5bab54336af20a5bfccb8b3424cc6923db2ffca5787ed87aa87aa614cd04cedaebc8f623a2d2063017910f436dff18bb06f01758610787f8b258f0a8efd8bd7de30007c47b2a1031696c7d6523bc191d4d918927a7e0b09584ed205bd2ff4fc4382678df82353f7532b3bbb81d69e3f39070aed3fb64fce032a089e8e64955afa5213a6eb241231bd98d702fba725a9b205952fda186412d9e0d9344d2998c455ad8c2bae85ee672751466d5288304032b5b7e02f7e558c7af82c7fbf58eea0bb4ef0f001e6cd0a9", 16); + BigInteger rsaPrivP = new BigInteger("d4fd9ac3474fb83aaf832470643609659e511b322632b239b688f3cd2aad87527d6cf652fb9c9ca67940e84789444f2e99b0cb0cfabbd4de95396106c865f38e2fb7b82b231260a94df0e01756bf73ce0386868d9c41645560a81af2f53c18e4f7cdf3d51d80267372e6e0216afbf67f655c9450769cca494e4f6631b239ce1b", 16); + BigInteger rsaPrivQ = new BigInteger("c8eaa0e2a1b3a4412a702bccda93f4d150da60d736c99c7c566fdea4dd1b401cbc0d8c063daaf0b579953d36343aa18b33dbf8b9eae94452490cc905245f8f7b9e29b1a288bc66731a29e1dd1a45c9fd7f8238ff727adc49fff73991d0dc096206b9d3a08f61e7462e2b804d78cb8c5eccdb9b7fbd2ad6a8fea46c1053e1be75", 16); + BigInteger rsaPrivDP = new BigInteger("10edcb544421c0f9e123624d1099feeb35c72a8b34e008ac6fa6b90210a7543f293af4e5299c8c12eb464e70092805c7256e18e5823455ba0f504d36f5ccacac1b7cd5c58ff710f9c3f92646949d88fdd1e7ea5fed1081820bb9b0d2a8cd4b093fecfdb96dabd6e28c3a6f8c186dc86cddc89afd3e403e0fcf8a9e0bcb27af0b", 16); + BigInteger rsaPrivDQ = new BigInteger("97fc25484b5a415eaa63c03e6efa8dafe9a1c8b004d9ee6e80548fefd6f2ce44ee5cb117e77e70285798f57d137566ce8ea4503b13e0f1b5ed5ca6942537c4aa96b2a395782a4cb5b58d0936e0b0fa63b1192954d39ced176d71ef32c6f42c84e2e19f9d4dd999c2151b032b97bd22aa73fd8c5bcd15a2dca4046d5acc997021", 16); + BigInteger rsaPrivQinv = new BigInteger("4bb8064e1eff7e9efc3c4578fcedb59ca4aef0993a8312dfdcb1b3decf458aa6650d3d0866f143cbf0d3825e9381181170a0a1651eefcd7def786b8eb356555d9fa07c85b5f5cbdd74382f1129b5e36b4166b6cc9157923699708648212c484958351fdc9cf14f218dbe7fbf7cbd93a209a4681fe23ceb44bab67d66f45d1c9d", 16); + + RsaKeyParameters rsaPublic = new RsaKeyParameters(false, rsaMod, rsaPubExp); + RsaPrivateCrtKeyParameters rsaPrivate = new RsaPrivateCrtKeyParameters( + rsaMod, rsaPubExp, rsaPrivExp, rsaPrivP, rsaPrivQ, rsaPrivDP, rsaPrivDQ, rsaPrivQinv); + + // + // ECDSA parameters + // + BigInteger ECParraGX = new BigInteger(Base64.Decode("D/qWPNyogWzMM7hkK+35BcPTWFc9Pyf7vTs8uaqv")); + BigInteger ECParraGY = new BigInteger(Base64.Decode("AhQXGxb1olGRv6s1LPRfuatMF+cx3ZTGgzSE/Q5R")); + BigInteger ECParraH = new BigInteger(Base64.Decode("AQ==")); + BigInteger ECParraN = new BigInteger(Base64.Decode("f///////////////f///nl6an12QcfvRUiaIkJ0L")); + BigInteger ECPubQX = new BigInteger(Base64.Decode("HWWi17Yb+Bm3PYr/DMjLOYNFhyOwX1QY7ZvqqM+l")); + BigInteger ECPubQY = new BigInteger(Base64.Decode("JrlJfxu3WGhqwtL/55BOs/wsUeiDFsvXcGhB8DGx")); + BigInteger ECPrivD = new BigInteger(Base64.Decode("GYQmd/NF1B+He1iMkWt3by2Az6Eu07t0ynJ4YCAo")); + + FpCurve curve = new FpCurve( + new BigInteger("883423532389192164791648750360308885314476597252960362792450860609699839"), // q + new BigInteger("7fffffffffffffffffffffff7fffffffffff8000000000007ffffffffffc", 16), // a + new BigInteger("6b016c3bdcf18941d0d654921475ca71a9db2fb27d1d37796185c2942c0a", 16), // b + ECParraN, ECParraH); + + ECDomainParameters ecDomain = new ECDomainParameters( + curve, + curve.ValidatePoint(ECParraGX, ECParraGY), + ECParraN, ECParraH); + + ECPublicKeyParameters ecPub = new ECPublicKeyParameters( + curve.ValidatePoint(ECPubQX, ECPubQY), + ecDomain); + + ECPrivateKeyParameters ecPriv = new ECPrivateKeyParameters(ECPrivD, ecDomain); + + // + // DSA parameters + // + BigInteger DSAParaG = new BigInteger(Base64.Decode("AL0fxOTq10OHFbCf8YldyGembqEu08EDVzxyLL29Zn/t4It661YNol1rnhPIs+cirw+yf9zeCe+KL1IbZ/qIMZM=")); + BigInteger DSAParaP = new BigInteger(Base64.Decode("AM2b/UeQA+ovv3dL05wlDHEKJ+qhnJBsRT5OB9WuyRC830G79y0R8wuq8jyIYWCYcTn1TeqVPWqiTv6oAoiEeOs=")); + BigInteger DSAParaQ = new BigInteger(Base64.Decode("AIlJT7mcKL6SUBMmvm24zX1EvjNx")); + BigInteger DSAPublicY = new BigInteger(Base64.Decode("TtWy2GuT9yGBWOHi1/EpCDa/bWJCk2+yAdr56rAcqP0eHGkMnA9s9GJD2nGU8sFjNHm55swpn6JQb8q0agrCfw==")); + BigInteger DsaPrivateX = new BigInteger(Base64.Decode("MMpBAxNlv7eYfxLTZ2BItJeD31A=")); + + DsaParameters para = new DsaParameters(DSAParaP, DSAParaQ, DSAParaG); + DsaPrivateKeyParameters dsaPriv = new DsaPrivateKeyParameters(DsaPrivateX, para); + DsaPublicKeyParameters dsaPub = new DsaPublicKeyParameters(DSAPublicY, para); + + // + // ECGOST3410 parameters + // + IAsymmetricCipherKeyPairGenerator ecGostKpg = GeneratorUtilities.GetKeyPairGenerator("ECGOST3410"); + ecGostKpg.Init( + new ECKeyGenerationParameters( + CryptoProObjectIdentifiers.GostR3410x2001CryptoProA, + RANDOM)); + + AsymmetricCipherKeyPair ecGostPair = ecGostKpg.GenerateKeyPair(); + + IAsymmetricCipherKeyPairGenerator ed25519Kpg = GeneratorUtilities.GetKeyPairGenerator("Ed25519"); + ed25519Kpg.Init(new Ed25519KeyGenerationParameters(RANDOM)); + AsymmetricCipherKeyPair ed25519Pair = ed25519Kpg.GenerateKeyPair(); + + IAsymmetricCipherKeyPairGenerator ed448Kpg = GeneratorUtilities.GetKeyPairGenerator("Ed448"); + ed448Kpg.Init(new Ed448KeyGenerationParameters(RANDOM)); + AsymmetricCipherKeyPair ed448Pair = ed448Kpg.GenerateKeyPair(); + + // + // GOST3410 parameters + // + IAsymmetricCipherKeyPairGenerator gostKpg = GeneratorUtilities.GetKeyPairGenerator("GOST3410"); + gostKpg.Init(new Gost3410KeyGenerationParameters(RANDOM, CryptoProObjectIdentifiers.GostR3410x94CryptoProA)); + AsymmetricCipherKeyPair gostPair = gostKpg.GenerateKeyPair(); + + // + // SM2 parameters + // + BigInteger SM2_ECC_P = new BigInteger("8542D69E4C044F18E8B92435BF6FF7DE457283915C45517D722EDB8B08F1DFC3", 16); + BigInteger SM2_ECC_A = new BigInteger("787968B4FA32C3FD2417842E73BBFEFF2F3C848B6831D7E0EC65228B3937E498", 16); + BigInteger SM2_ECC_B = new BigInteger("63E4C6D3B23B0C849CF84241484BFE48F61D59A5B16BA06E6E12D1DA27C5249A", 16); + BigInteger SM2_ECC_N = new BigInteger("8542D69E4C044F18E8B92435BF6FF7DD297720630485628D5AE74EE7C32E79B7", 16); + BigInteger SM2_ECC_H = BigInteger.One; + BigInteger SM2_ECC_GX = new BigInteger("421DEBD61B62EAB6746434EBC3CC315E32220B3BADD50BDC4C4E6C147FEDD43D", 16); + BigInteger SM2_ECC_GY = new BigInteger("0680512BCBB42C07D47349D2153B70C4E5D7FDFCBFA36EA1A85841B9E46E09A2", 16); + + ECCurve sm2Curve = new FpCurve(SM2_ECC_P, SM2_ECC_A, SM2_ECC_B, SM2_ECC_N, SM2_ECC_H); + ECPoint sm2G = sm2Curve.CreatePoint(SM2_ECC_GX, SM2_ECC_GY); + ECDomainParameters sm2Domain = new ECDomainParameters(sm2Curve, sm2G, SM2_ECC_N, SM2_ECC_H); + + ECKeyPairGenerator sm2Kpg = new ECKeyPairGenerator(); + sm2Kpg.Init(new ECKeyGenerationParameters(sm2Domain, RANDOM)); + AsymmetricCipherKeyPair sm2Pair = sm2Kpg.GenerateKeyPair(); + + + // + // signer loop + // + byte[] shortMsg = new byte[] { 1, 4, 5, 6, 8, 8, 4, 2, 1, 3 }; + byte[] longMsg = new byte[100]; + RANDOM.NextBytes(longMsg); + + foreach (string algorithm in SignerUtilities.Algorithms) + { + ISigner signer = SignerUtilities.GetSigner(algorithm); + + string upper = algorithm.ToUpper(CultureInfo.InvariantCulture); + int withPos = upper.LastIndexOf("WITH"); + + string cipherName = withPos < 0 + ? upper + : upper.Substring(withPos + "WITH".Length); + + ICipherParameters signParams = null, verifyParams = null; + + if (cipherName == "RSA" || cipherName == "RSAANDMGF1") + { + signParams = rsaPrivate; + verifyParams = rsaPublic; + } + else if (cipherName == "ECDSA" + || cipherName == "CVC-ECDSA" + || cipherName == "PLAIN-ECDSA") + { + signParams = ecPriv; + verifyParams = ecPub; + } + else if (cipherName == "DSA") + { + signParams = dsaPriv; + verifyParams = dsaPub; + } + else if (cipherName == "ECGOST3410") + { + signParams = ecGostPair.Private; + verifyParams = ecGostPair.Public; + } + else if (cipherName == "ED25519") + { + signParams = ed25519Pair.Private; + verifyParams = ed25519Pair.Public; + } + else if (cipherName == "ED448") + { + signParams = ed448Pair.Private; + verifyParams = ed448Pair.Public; + } + else if (cipherName == "GOST3410") + { + signParams = gostPair.Private; + verifyParams = gostPair.Public; + } + else if (cipherName == "SM2") + { + signParams = sm2Pair.Private; + verifyParams = sm2Pair.Public; + } + else + { + Assert.Fail("Unknown algorithm encountered: " + cipherName); + } + + signer.Init(true, signParams); + foreach (byte b in shortMsg) + { + signer.Update(b); + } + signer.BlockUpdate(longMsg, 0, longMsg.Length); + byte[] sig = signer.GenerateSignature(); + + signer.Init(false, verifyParams); + foreach (byte b in shortMsg) + { + signer.Update(b); + } + signer.BlockUpdate(longMsg, 0, longMsg.Length); + + Assert.IsTrue(signer.VerifySignature(sig), cipherName + " signer " + algorithm + " failed."); + } + } + } +} diff --git a/BouncyCastle/crypto/test/src/test/AESSICTest.cs b/BouncyCastle/crypto/test/src/test/AESSICTest.cs new file mode 100644 index 0000000..f8de35e --- /dev/null +++ b/BouncyCastle/crypto/test/src/test/AESSICTest.cs @@ -0,0 +1,147 @@ +using System; + +using NUnit.Framework; + +using Org.BouncyCastle.Crypto; +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Security; +using Org.BouncyCastle.Utilities.Encoders; +using Org.BouncyCastle.Utilities.Test; + +namespace Org.BouncyCastle.Tests +{ + /// + /// Test vectors based on NIST Special Publication 800-38A, + /// "Recommendation for Block Cipher Modes of Operation" + /// + [TestFixture] + public class AesSicTest + : SimpleTest + { + private static readonly byte[][] keys = + { + Hex.Decode("2b7e151628aed2a6abf7158809cf4f3c"), + Hex.Decode("8e73b0f7da0e6452c810f32b809079e562f8ead2522c6b7b"), + Hex.Decode("603deb1015ca71be2b73aef0857d77811f352c073b6108d72d9810a30914dff4") + }; + + private static readonly byte[][] plain = + { + Hex.Decode("6bc1bee22e409f96e93d7e117393172a"), + Hex.Decode("ae2d8a571e03ac9c9eb76fac45af8e51"), + Hex.Decode("30c81c46a35ce411e5fbc1191a0a52ef"), + Hex.Decode("f69f2445df4f9b17ad2b417be66c3710") + }; + + private static readonly byte[,][] cipher = + { + { + Hex.Decode("874d6191b620e3261bef6864990db6ce"), + Hex.Decode("9806f66b7970fdff8617187bb9fffdff"), + Hex.Decode("5ae4df3edbd5d35e5b4f09020db03eab"), + Hex.Decode("1e031dda2fbe03d1792170a0f3009cee") + }, + { + Hex.Decode("1abc932417521ca24f2b0459fe7e6e0b"), + Hex.Decode("090339ec0aa6faefd5ccc2c6f4ce8e94"), + Hex.Decode("1e36b26bd1ebc670d1bd1d665620abf7"), + Hex.Decode("4f78a7f6d29809585a97daec58c6b050") + }, + { + Hex.Decode("601ec313775789a5b7a7f504bbf3d228"), + Hex.Decode("f443e3ca4d62b59aca84e990cacaf5c5"), + Hex.Decode("2b0930daa23de94ce87017ba2d84988d"), + Hex.Decode("dfc9c58db67aada613c2dd08457941a6") + } + }; + + public override string Name + { + get { return "AESSIC"; } + } + + public override void PerformTest() + { + IBufferedCipher c = CipherUtilities.GetCipher("AES/SIC/NoPadding"); + + // + // NIST vectors + // + for (int i = 0; i != keys.Length; i++) + { + KeyParameter skey = ParameterUtilities.CreateKeyParameter("AES", keys[i]); + c.Init(true, new ParametersWithIV(skey, Hex.Decode("F0F1F2F3F4F5F6F7F8F9FAFBFCFDFEFF"))); + + for (int j = 0; j != plain.Length; j++) + { + byte[] enc = c.ProcessBytes(plain[j]); + if (!AreEqual(enc, cipher[i, j])) + { + Fail("AESSIC encrypt failed: key " + i + " block " + j); + } + } + + c.Init(false, new ParametersWithIV(skey, Hex.Decode("F0F1F2F3F4F5F6F7F8F9FAFBFCFDFEFF"))); + + for (int j = 0; j != plain.Length; j++) + { + byte[] enc = c.ProcessBytes(cipher[i, j]); + if (!AreEqual(enc, plain[j])) + { + Fail("AESSIC decrypt failed: key " + i + " block " + j); + } + } + } + + // + // check CTR also recognised. + // + c = CipherUtilities.GetCipher("AES/CTR/NoPadding"); + + KeyParameter sk = ParameterUtilities.CreateKeyParameter("AES", Hex.Decode("2B7E151628AED2A6ABF7158809CF4F3C")); + + c.Init(true, new ParametersWithIV(sk, Hex.Decode("F0F1F2F3F4F5F6F7F8F9FAFBFCFD0001"))); + + byte[] crypt = c.DoFinal(Hex.Decode("00000000000000000000000000000000")); + + if (!AreEqual(crypt, Hex.Decode("D23513162B02D0F72A43A2FE4A5F97AB"))) + { + Fail("AESSIC failed test 2"); + } + + // + // check partial block processing + // + c = CipherUtilities.GetCipher("AES/CTR/NoPadding"); + + sk = ParameterUtilities.CreateKeyParameter("AES", Hex.Decode("2B7E151628AED2A6ABF7158809CF4F3C")); + + c.Init(true, new ParametersWithIV(sk, Hex.Decode("F0F1F2F3F4F5F6F7F8F9FAFBFCFD0001"))); + + crypt = c.DoFinal(Hex.Decode("12345678")); + + c.Init(false, new ParametersWithIV(sk, Hex.Decode("F0F1F2F3F4F5F6F7F8F9FAFBFCFD0001"))); + + crypt = c.DoFinal(crypt); + + if (!AreEqual(crypt, Hex.Decode("12345678"))) + { + Fail("AESSIC failed partial test"); + } + } + + public static void Main( + string[] args) + { + RunTest(new AesSicTest()); + } + + [Test] + public void TestFunction() + { + string resultText = Perform().ToString(); + + Assert.AreEqual(Name + ": Okay", resultText); + } + } +} diff --git a/BouncyCastle/crypto/test/src/test/AESTest.cs b/BouncyCastle/crypto/test/src/test/AESTest.cs new file mode 100644 index 0000000..5a1ce80 --- /dev/null +++ b/BouncyCastle/crypto/test/src/test/AESTest.cs @@ -0,0 +1,363 @@ +using System; +using System.IO; +using System.Text; + +using NUnit.Framework; + +using Org.BouncyCastle.Asn1.Nist; +using Org.BouncyCastle.Crypto; +using Org.BouncyCastle.Crypto.IO; +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Security; +using Org.BouncyCastle.Utilities.Encoders; + +namespace Org.BouncyCastle.Tests +{ + /// Basic test class for the AES cipher vectors from FIPS-197 + [TestFixture] + public class AesTest + : BaseBlockCipherTest + { + internal static readonly string[] cipherTests = + { + "128", + "000102030405060708090a0b0c0d0e0f", + "00112233445566778899aabbccddeeff", + "69c4e0d86a7b0430d8cdb78070b4c55a", + "192", + "000102030405060708090a0b0c0d0e0f1011121314151617", + "00112233445566778899aabbccddeeff", + "dda97ca4864cdfe06eaf70a0ec0d7191", + "256", + "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f", + "00112233445566778899aabbccddeeff", + "8ea2b7ca516745bfeafc49904b496089", + }; + + public AesTest() + : base("AES") + { + } + + [Test] + public void TestCiphers() + { + for (int i = 0; i != cipherTests.Length; i += 4) + { + doCipherTest(int.Parse(cipherTests[i]), + Hex.Decode(cipherTests[i + 1]), + Hex.Decode(cipherTests[i + 2]), + Hex.Decode(cipherTests[i + 3])); + } + } + + [Test] + public void TestOids() + { + string[] oids = { + NistObjectIdentifiers.IdAes128Ecb.Id, + NistObjectIdentifiers.IdAes128Cbc.Id, + NistObjectIdentifiers.IdAes128Ofb.Id, + NistObjectIdentifiers.IdAes128Cfb.Id, + NistObjectIdentifiers.IdAes192Ecb.Id, + NistObjectIdentifiers.IdAes192Cbc.Id, + NistObjectIdentifiers.IdAes192Ofb.Id, + NistObjectIdentifiers.IdAes192Cfb.Id, + NistObjectIdentifiers.IdAes256Ecb.Id, + NistObjectIdentifiers.IdAes256Cbc.Id, + NistObjectIdentifiers.IdAes256Ofb.Id, + NistObjectIdentifiers.IdAes256Cfb.Id + }; + + string[] names = { + "AES/ECB/PKCS7Padding", + "AES/CBC/PKCS7Padding", + "AES/OFB/NoPadding", + "AES/CFB/NoPadding", + "AES/ECB/PKCS7Padding", + "AES/CBC/PKCS7Padding", + "AES/OFB/NoPadding", + "AES/CFB/NoPadding", + "AES/ECB/PKCS7Padding", + "AES/CBC/PKCS7Padding", + "AES/OFB/NoPadding", + "AES/CFB/NoPadding" + }; + + oidTest(oids, names, 4); + } + + [Test] + public void TestWrap() + { + byte[] kek1 = Hex.Decode("000102030405060708090a0b0c0d0e0f"); + byte[] in1 = Hex.Decode("00112233445566778899aabbccddeeff"); + byte[] out1 = Hex.Decode("1fa68b0a8112b447aef34bd8fb5a7b829d3e862371d2cfe5"); + + wrapTest(1, "AESWrap", kek1, in1, out1); + } + + [Test] + public void TestWrapOids() + { + string[] wrapOids = + { + NistObjectIdentifiers.IdAes128Wrap.Id, + NistObjectIdentifiers.IdAes192Wrap.Id, + NistObjectIdentifiers.IdAes256Wrap.Id + }; + + wrapOidTest(wrapOids, "AESWrap"); + } + + private void doCipherTest( + int strength, + byte[] keyBytes, + byte[] input, + byte[] output) + { + KeyParameter key = ParameterUtilities.CreateKeyParameter("AES", keyBytes); + + IBufferedCipher inCipher = CipherUtilities.GetCipher("AES/ECB/NoPadding"); + IBufferedCipher outCipher = CipherUtilities.GetCipher("AES/ECB/NoPadding"); + + try + { + outCipher.Init(true, key); + } + catch (Exception e) + { + Fail("AES failed initialisation - " + e, e); + } + + try + { + inCipher.Init(false, key); + } + catch (Exception e) + { + Fail("AES failed initialisation - " + e, e); + } + + // + // encryption pass + // + MemoryStream bOut = new MemoryStream(); + + CipherStream cOut = new CipherStream(bOut, null, outCipher); + + try + { + for (int i = 0; i != input.Length / 2; i++) + { + cOut.WriteByte(input[i]); + } + cOut.Write(input, input.Length / 2, input.Length - input.Length / 2); + cOut.Close(); + } + catch (IOException e) + { + Fail("AES failed encryption - " + e, e); + } + + byte[] bytes = bOut.ToArray(); + + if (!AreEqual(bytes, output)) + { + Fail("AES failed encryption - expected " + + Hex.ToHexString(output) + " got " + + Hex.ToHexString(bytes)); + } + + // + // decryption pass + // + MemoryStream bIn = new MemoryStream(bytes, false); + + CipherStream cIn = new CipherStream(bIn, inCipher, null); + + try + { +// DataInputStream dIn = new DataInputStream(cIn); + BinaryReader dIn = new BinaryReader(cIn); + + bytes = new byte[input.Length]; + + for (int i = 0; i != input.Length / 2; i++) + { +// bytes[i] = (byte)dIn.read(); + bytes[i] = dIn.ReadByte(); + } + + int remaining = bytes.Length - input.Length / 2; +// dIn.readFully(bytes, input.Length / 2, remaining); + byte[] extra = dIn.ReadBytes(remaining); + if (extra.Length < remaining) + throw new EndOfStreamException(); + extra.CopyTo(bytes, input.Length / 2); + } + catch (Exception e) + { + Fail("AES failed encryption - " + e, e); + } + + if (!AreEqual(bytes, input)) + { + Fail("AES failed decryption - expected " + + Hex.ToHexString(input) + " got " + + Hex.ToHexString(bytes)); + } + } + + [Test] + public void TestEax() + { + byte[] K = Hex.Decode("233952DEE4D5ED5F9B9C6D6FF80FF478"); + byte[] N = Hex.Decode("62EC67F9C3A4A407FCB2A8C49031A8B3"); + byte[] P = Hex.Decode("68656c6c6f20776f726c642121"); + byte[] C = Hex.Decode("2f9f76cb7659c70e4be11670a3e193ae1bc6b5762a"); + + KeyParameter key = ParameterUtilities.CreateKeyParameter("AES", K); + IBufferedCipher inCipher = CipherUtilities.GetCipher("AES/EAX/NoPadding"); + IBufferedCipher outCipher = CipherUtilities.GetCipher("AES/EAX/NoPadding"); + + inCipher.Init(true, new ParametersWithIV(key, N)); + + byte[] enc = inCipher.DoFinal(P); + if (!AreEqual(enc, C)) + { + Fail("ciphertext doesn't match in EAX"); + } + + outCipher.Init(false, new ParametersWithIV(key, N)); + + byte[] dec = outCipher.DoFinal(C); + if (!AreEqual(dec, P)) + { + Fail("plaintext doesn't match in EAX"); + } + + try + { + inCipher = CipherUtilities.GetCipher("AES/EAX/PKCS5Padding"); + + Fail("bad padding missed in EAX"); + } + catch (SecurityUtilityException) + { + // expected + } + } + + [Test] + public void TestCcm() + { + byte[] K = Hex.Decode("404142434445464748494a4b4c4d4e4f"); + byte[] N = Hex.Decode("10111213141516"); + byte[] P = Hex.Decode("68656c6c6f20776f726c642121"); + byte[] C = Hex.Decode("39264f148b54c456035de0a531c8344f46db12b388"); + + KeyParameter key = ParameterUtilities.CreateKeyParameter("AES", K); + + IBufferedCipher inCipher = CipherUtilities.GetCipher("AES/CCM/NoPadding"); + IBufferedCipher outCipher = CipherUtilities.GetCipher("AES/CCM/NoPadding"); + + inCipher.Init(true, new ParametersWithIV(key, N)); + + byte[] enc = inCipher.DoFinal(P); + if (!AreEqual(enc, C)) + { + Fail("ciphertext doesn't match in CCM"); + } + + outCipher.Init(false, new ParametersWithIV(key, N)); + + byte[] dec = outCipher.DoFinal(C); + if (!AreEqual(dec, P)) + { + Fail("plaintext doesn't match in CCM"); + } + + try + { + inCipher = CipherUtilities.GetCipher("AES/CCM/PKCS5Padding"); + + Fail("bad padding missed in CCM"); + } + catch (SecurityUtilityException) + { + // expected + } + } + + [Test] + public void TestGcm() + { + // Test Case 15 from McGrew/Viega + byte[] K = Hex.Decode( + "feffe9928665731c6d6a8f9467308308" + + "feffe9928665731c6d6a8f9467308308"); + byte[] P = Hex.Decode( + "d9313225f88406e5a55909c5aff5269a" + + "86a7a9531534f7da2e4c303d8a318a72" + + "1c3c0c95956809532fcf0e2449a6b525" + + "b16aedf5aa0de657ba637b391aafd255"); + byte[] N = Hex.Decode("cafebabefacedbaddecaf888"); + string T = "b094dac5d93471bdec1a502270e3cc6c"; + byte[] C = Hex.Decode( + "522dc1f099567d07f47f37a32a84427d" + + "643a8cdcbfe5c0c97598a2bd2555d1aa" + + "8cb08e48590dbb3da7b08b1056828838" + + "c5f61e6393ba7a0abcc9f662898015ad" + + T); + + KeyParameter key = ParameterUtilities.CreateKeyParameter("AES", K); + IBufferedCipher inCipher = CipherUtilities.GetCipher("AES/GCM/NoPadding"); + IBufferedCipher outCipher = CipherUtilities.GetCipher("AES/GCM/NoPadding"); + + inCipher.Init(true, new ParametersWithIV(key, N)); + + byte[] enc = inCipher.DoFinal(P); + if (!AreEqual(enc, C)) + { + Fail("ciphertext doesn't match in GCM"); + } + + outCipher.Init(false, new ParametersWithIV(key, N)); + + byte[] dec = outCipher.DoFinal(C); + if (!AreEqual(dec, P)) + { + Fail("plaintext doesn't match in GCM"); + } + + try + { + inCipher = CipherUtilities.GetCipher("AES/GCM/PKCS5Padding"); + + Fail("bad padding missed in GCM"); + } + catch (SecurityUtilityException) + { + // expected + } + } + + public override void PerformTest() + { + TestCiphers(); + TestWrap(); + TestOids(); + TestWrapOids(); + TestEax(); + TestCcm(); + TestGcm(); + } + + public static void Main( + string[] args) + { + RunTest(new AesTest()); + } + } +} diff --git a/BouncyCastle/crypto/test/src/test/AttrCertSelectorTest.cs b/BouncyCastle/crypto/test/src/test/AttrCertSelectorTest.cs new file mode 100644 index 0000000..37c1e66 --- /dev/null +++ b/BouncyCastle/crypto/test/src/test/AttrCertSelectorTest.cs @@ -0,0 +1,214 @@ +using System; + +using NUnit.Framework; + +using Org.BouncyCastle.Asn1; +using Org.BouncyCastle.Asn1.X509; +using Org.BouncyCastle.Crypto; +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Math; +using Org.BouncyCastle.Utilities.Date; +using Org.BouncyCastle.Utilities.Encoders; +using Org.BouncyCastle.Utilities.Test; +using Org.BouncyCastle.X509; +using Org.BouncyCastle.X509.Store; + +namespace Org.BouncyCastle.Tests +{ + [TestFixture] + public class AttrCertSelectorTest + : SimpleTest + { + private static readonly RsaPrivateCrtKeyParameters RsaPrivateKeySpec = new RsaPrivateCrtKeyParameters( + new BigInteger("b4a7e46170574f16a97082b22be58b6a2a629798419be12872a4bdba626cfae9900f76abfb12139dce5de56564fab2b6543165a040c606887420e33d91ed7ed7", 16), + new BigInteger("11", 16), + new BigInteger("9f66f6b05410cd503b2709e88115d55daced94d1a34d4e32bf824d0dde6028ae79c5f07b580f5dce240d7111f7ddb130a7945cd7d957d1920994da389f490c89", 16), + new BigInteger("c0a0758cdf14256f78d4708c86becdead1b50ad4ad6c5c703e2168fbf37884cb", 16), + new BigInteger("f01734d7960ea60070f1b06f2bb81bfac48ff192ae18451d5e56c734a5aab8a5", 16), + new BigInteger("b54bb9edff22051d9ee60f9351a48591b6500a319429c069a3e335a1d6171391", 16), + new BigInteger("d3d83daf2a0cecd3367ae6f8ae1aeb82e9ac2f816c6fc483533d8297dd7884cd", 16), + new BigInteger("b8f52fc6f38593dabb661d3f50f8897f8106eee68b1bce78a95b132b4e5b5d19", 16)); + + private static readonly byte[] holderCert = Base64.Decode( + "MIIGjTCCBXWgAwIBAgICAPswDQYJKoZIhvcNAQEEBQAwaTEdMBsGCSqGSIb3DQEJ" + + "ARYOaXJtaGVscEB2dC5lZHUxLjAsBgNVBAMTJVZpcmdpbmlhIFRlY2ggQ2VydGlm" + + "aWNhdGlvbiBBdXRob3JpdHkxCzAJBgNVBAoTAnZ0MQswCQYDVQQGEwJVUzAeFw0w" + + "MzAxMzExMzUyMTRaFw0wNDAxMzExMzUyMTRaMIGDMRswGQYJKoZIhvcNAQkBFgxz" + + "c2hhaEB2dC5lZHUxGzAZBgNVBAMTElN1bWl0IFNoYWggKHNzaGFoKTEbMBkGA1UE" + + "CxMSVmlyZ2luaWEgVGVjaCBVc2VyMRAwDgYDVQQLEwdDbGFzcyAxMQswCQYDVQQK" + + "EwJ2dDELMAkGA1UEBhMCVVMwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAPDc" + + "scgSKmsEp0VegFkuitD5j5PUkDuzLjlfaYONt2SN8WeqU4j2qtlCnsipa128cyKS" + + "JzYe9duUdNxquh5BPIkMkHBw4jHoQA33tk0J/sydWdN74/AHPpPieK5GHwhU7GTG" + + "rCCS1PJRxjXqse79ExAlul+gjQwHeldAC+d4A6oZAgMBAAGjggOmMIIDojAMBgNV" + + "HRMBAf8EAjAAMBEGCWCGSAGG+EIBAQQEAwIFoDAOBgNVHQ8BAf8EBAMCA/gwHQYD" + + "VR0lBBYwFAYIKwYBBQUHAwIGCCsGAQUFBwMEMB0GA1UdDgQWBBRUIoWAzlXbzBYE" + + "yVTjQFWyMMKo1jCBkwYDVR0jBIGLMIGIgBTgc3Fm+TGqKDhen+oKfbl+xVbj2KFt" + + "pGswaTEdMBsGCSqGSIb3DQEJARYOaXJtaGVscEB2dC5lZHUxLjAsBgNVBAMTJVZp" + + "cmdpbmlhIFRlY2ggQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkxCzAJBgNVBAoTAnZ0" + + "MQswCQYDVQQGEwJVU4IBADCBiwYJYIZIAYb4QgENBH4WfFZpcmdpbmlhIFRlY2gg" + + "Q2VydGlmaWNhdGlvbiBBdXRob3JpdHkgZGlnaXRhbCBjZXJ0aWZpY2F0ZXMgYXJl" + + "IHN1YmplY3QgdG8gcG9saWNpZXMgbG9jYXRlZCBhdCBodHRwOi8vd3d3LnBraS52" + + "dC5lZHUvY2EvY3BzLy4wFwYDVR0RBBAwDoEMc3NoYWhAdnQuZWR1MBkGA1UdEgQS" + + "MBCBDmlybWhlbHBAdnQuZWR1MEMGCCsGAQUFBwEBBDcwNTAzBggrBgEFBQcwAoYn" + + "aHR0cDovL2JveDE3Ny5jYy52dC5lZHUvY2EvaXNzdWVycy5odG1sMEQGA1UdHwQ9" + + "MDswOaA3oDWGM2h0dHA6Ly9ib3gxNzcuY2MudnQuZWR1L2h0ZG9jcy1wdWJsaWMv" + + "Y3JsL2NhY3JsLmNybDBUBgNVHSAETTBLMA0GCysGAQQBtGgFAQEBMDoGCysGAQQB" + + "tGgFAQEBMCswKQYIKwYBBQUHAgEWHWh0dHA6Ly93d3cucGtpLnZ0LmVkdS9jYS9j" + + "cHMvMD8GCWCGSAGG+EIBBAQyFjBodHRwOi8vYm94MTc3LmNjLnZ0LmVkdS9jZ2kt" + + "cHVibGljL2NoZWNrX3Jldl9jYT8wPAYJYIZIAYb4QgEDBC8WLWh0dHA6Ly9ib3gx" + + "NzcuY2MudnQuZWR1L2NnaS1wdWJsaWMvY2hlY2tfcmV2PzBLBglghkgBhvhCAQcE" + + "PhY8aHR0cHM6Ly9ib3gxNzcuY2MudnQuZWR1L35PcGVuQ0E4LjAxMDYzMC9jZ2kt" + + "cHVibGljL3JlbmV3YWw/MCwGCWCGSAGG+EIBCAQfFh1odHRwOi8vd3d3LnBraS52" + + "dC5lZHUvY2EvY3BzLzANBgkqhkiG9w0BAQQFAAOCAQEAHJ2ls9yjpZVcu5DqiE67" + + "r7BfkdMnm7IOj2v8cd4EAlPp6OPBmjwDMwvKRBb/P733kLBqFNWXWKTpT008R0KB" + + "8kehbx4h0UPz9vp31zhGv169+5iReQUUQSIwTGNWGLzrT8kPdvxiSAvdAJxcbRBm" + + "KzDic5I8PoGe48kSCkPpT1oNmnivmcu5j1SMvlx0IS2BkFMksr0OHiAW1elSnE/N" + + "RuX2k73b3FucwVxB3NRo3vgoHPCTnh9r4qItAHdxFlF+pPtbw2oHESKRfMRfOIHz" + + "CLQWSIa6Tvg4NIV3RRJ0sbCObesyg08lymalQMdkXwtRn5eGE00SHWwEUjSXP2gR" + + "3g=="); + + public override string Name + { + get { return "AttrCertSelector"; } + } + + private IX509AttributeCertificate CreateAttrCert() + { +// CertificateFactory fact = CertificateFactory.getInstance("X.509", "BC"); +// X509Certificate iCert = (X509Certificate) fact +// .generateCertificate(new ByteArrayInputStream(holderCert)); + X509Certificate iCert = new X509CertificateParser().ReadCertificate(holderCert); + + // + // a sample key pair. + // + // RSAPublicKeySpec pubKeySpec = new RSAPublicKeySpec( + // new BigInteger( + // "b4a7e46170574f16a97082b22be58b6a2a629798419be12872a4bdba626cfae9900f76abfb12139dce5de56564fab2b6543165a040c606887420e33d91ed7ed7", + // 16), new BigInteger("11", 16)); + + // + // set up the keys + // +// KeyFactory kFact = KeyFactory.getInstance("RSA", "BC"); +// PrivateKey privKey = kFact.generatePrivate(RsaPrivateKeySpec); + AsymmetricKeyParameter privKey = RsaPrivateKeySpec; + + X509V2AttributeCertificateGenerator gen = new X509V2AttributeCertificateGenerator(); + + // the actual attributes + GeneralName roleName = new GeneralName(GeneralName.Rfc822Name, "DAU123456789@test.com"); + Asn1EncodableVector roleSyntax = new Asn1EncodableVector(roleName); + + // roleSyntax OID: 2.5.24.72 + X509Attribute attributes = new X509Attribute("2.5.24.72", + new DerSequence(roleSyntax)); + + gen.AddAttribute(attributes); + gen.SetHolder(new AttributeCertificateHolder(PrincipalUtilities.GetSubjectX509Principal(iCert))); + gen.SetIssuer(new AttributeCertificateIssuer(new X509Name("cn=test"))); + gen.SetNotBefore(DateTime.UtcNow.AddSeconds(-50)); + gen.SetNotAfter(DateTime.UtcNow.AddSeconds(50)); + gen.SetSerialNumber(BigInteger.One); + gen.SetSignatureAlgorithm("SHA1WithRSAEncryption"); + + Target targetName = new Target( + Target.Choice.Name, + new GeneralName(GeneralName.DnsName, "www.test.com")); + + Target targetGroup = new Target( + Target.Choice.Group, + new GeneralName(GeneralName.DirectoryName, "o=Test, ou=Test")); + + Target[] targets = new Target[]{ targetName, targetGroup }; + + TargetInformation targetInformation = new TargetInformation(targets); + gen.AddExtension(X509Extensions.TargetInformation.Id, true, targetInformation); + + return gen.Generate(privKey); + } + + [Test] + public void TestSelector() + { + IX509AttributeCertificate aCert = CreateAttrCert(); + X509AttrCertStoreSelector sel = new X509AttrCertStoreSelector(); + sel.AttributeCert = aCert; + bool match = sel.Match(aCert); + if (!match) + { + Fail("Selector does not match attribute certificate."); + } + sel.AttributeCert = null; + match = sel.Match(aCert); + if (!match) + { + Fail("Selector does not match attribute certificate."); + } + sel.Holder = aCert.Holder; + match = sel.Match(aCert); + if (!match) + { + Fail("Selector does not match attribute certificate holder."); + } + sel.Holder = null; + sel.Issuer = aCert.Issuer; + match = sel.Match(aCert); + if (!match) + { + Fail("Selector does not match attribute certificate issuer."); + } + sel.Issuer = null; + +// CertificateFactory fact = CertificateFactory.getInstance("X.509", "BC"); +// X509Certificate iCert = (X509Certificate) fact.generateCertificate( +// new ByteArrayInputStream(holderCert)); + X509Certificate iCert = new X509CertificateParser().ReadCertificate(holderCert); + match = aCert.Holder.Match(iCert); + if (!match) + { + Fail("Issuer holder does not match signing certificate of attribute certificate."); + } + + sel.SerialNumber = aCert.SerialNumber; + match = sel.Match(aCert); + if (!match) + { + Fail("Selector does not match attribute certificate serial number."); + } + + sel.AttributeCertificateValid = new DateTimeObject(DateTime.UtcNow); + match = sel.Match(aCert); + if (!match) + { + Fail("Selector does not match attribute certificate time."); + } + + sel.AddTargetName(new GeneralName(2, "www.test.com")); + match = sel.Match(aCert); + if (!match) + { + Fail("Selector does not match attribute certificate target name."); + } + sel.SetTargetNames(null); + sel.AddTargetGroup(new GeneralName(4, "o=Test, ou=Test")); + match = sel.Match(aCert); + if (!match) + { + Fail("Selector does not match attribute certificate target group."); + } + sel.SetTargetGroups(null); + } + + public override void PerformTest() + { + TestSelector(); + } + + public static void Main( + string[] args) + { + RunTest(new AttrCertSelectorTest()); + } + } +} diff --git a/BouncyCastle/crypto/test/src/test/AttrCertTest.cs b/BouncyCastle/crypto/test/src/test/AttrCertTest.cs new file mode 100644 index 0000000..d701d00 --- /dev/null +++ b/BouncyCastle/crypto/test/src/test/AttrCertTest.cs @@ -0,0 +1,621 @@ +using System; +using System.Collections; + +using NUnit.Framework; + +using Org.BouncyCastle.Asn1; +using Org.BouncyCastle.Asn1.X509; +using Org.BouncyCastle.Crypto; +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Math; +using Org.BouncyCastle.Security; +using Org.BouncyCastle.Utilities.Collections; +using Org.BouncyCastle.Utilities.Encoders; +using Org.BouncyCastle.Utilities.Test; +using Org.BouncyCastle.X509; +using Org.BouncyCastle.X509.Extension; +using Org.BouncyCastle.X509.Store; + +namespace Org.BouncyCastle.Tests +{ + [TestFixture] + public class AttrCertTest + : SimpleTest + { + private static readonly RsaPrivateCrtKeyParameters RSA_PRIVATE_KEY_SPEC = new RsaPrivateCrtKeyParameters( + new BigInteger("b4a7e46170574f16a97082b22be58b6a2a629798419be12872a4bdba626cfae9900f76abfb12139dce5de56564fab2b6543165a040c606887420e33d91ed7ed7", 16), + new BigInteger("11", 16), + new BigInteger("9f66f6b05410cd503b2709e88115d55daced94d1a34d4e32bf824d0dde6028ae79c5f07b580f5dce240d7111f7ddb130a7945cd7d957d1920994da389f490c89", 16), + new BigInteger("c0a0758cdf14256f78d4708c86becdead1b50ad4ad6c5c703e2168fbf37884cb", 16), + new BigInteger("f01734d7960ea60070f1b06f2bb81bfac48ff192ae18451d5e56c734a5aab8a5", 16), + new BigInteger("b54bb9edff22051d9ee60f9351a48591b6500a319429c069a3e335a1d6171391", 16), + new BigInteger("d3d83daf2a0cecd3367ae6f8ae1aeb82e9ac2f816c6fc483533d8297dd7884cd", 16), + new BigInteger("b8f52fc6f38593dabb661d3f50f8897f8106eee68b1bce78a95b132b4e5b5d19", 16)); + + internal static readonly byte[] attrCert = Base64.Decode( + "MIIHQDCCBqkCAQEwgZChgY2kgYowgYcxHDAaBgkqhkiG9w0BCQEWDW1sb3JjaEB2" + + "dC5lZHUxHjAcBgNVBAMTFU1hcmt1cyBMb3JjaCAobWxvcmNoKTEbMBkGA1UECxMS" + + "VmlyZ2luaWEgVGVjaCBVc2VyMRAwDgYDVQQLEwdDbGFzcyAyMQswCQYDVQQKEwJ2" + + "dDELMAkGA1UEBhMCVVMwgYmkgYYwgYMxGzAZBgkqhkiG9w0BCQEWDHNzaGFoQHZ0" + + "LmVkdTEbMBkGA1UEAxMSU3VtaXQgU2hhaCAoc3NoYWgpMRswGQYDVQQLExJWaXJn" + + "aW5pYSBUZWNoIFVzZXIxEDAOBgNVBAsTB0NsYXNzIDExCzAJBgNVBAoTAnZ0MQsw" + + "CQYDVQQGEwJVUzANBgkqhkiG9w0BAQQFAAIBBTAiGA8yMDAzMDcxODE2MDgwMloY" + + "DzIwMDMwNzI1MTYwODAyWjCCBU0wggVJBgorBgEEAbRoCAEBMYIFORaCBTU8UnVs" + + "ZSBSdWxlSWQ9IkZpbGUtUHJpdmlsZWdlLVJ1bGUiIEVmZmVjdD0iUGVybWl0Ij4K" + + "IDxUYXJnZXQ+CiAgPFN1YmplY3RzPgogICA8U3ViamVjdD4KICAgIDxTdWJqZWN0" + + "TWF0Y2ggTWF0Y2hJZD0idXJuOm9hc2lzOm5hbWVzOnRjOnhhY21sOjEuMDpmdW5j" + + "dGlvbjpzdHJpbmctZXF1YWwiPgogICAgIDxBdHRyaWJ1dGVWYWx1ZSBEYXRhVHlw" + + "ZT0iaHR0cDovL3d3dy53My5vcmcvMjAwMS9YTUxTY2hlbWEjc3RyaW5nIj4KICAg" + + "ICAgIENOPU1hcmt1cyBMb3JjaDwvQXR0cmlidXRlVmFsdWU+CiAgICAgPFN1Ympl" + + "Y3RBdHRyaWJ1dGVEZXNpZ25hdG9yIEF0dHJpYnV0ZUlkPSJ1cm46b2FzaXM6bmFt" + + "ZXM6dGM6eGFjbWw6MS4wOnN1YmplY3Q6c3ViamVjdC1pZCIgRGF0YVR5cGU9Imh0" + + "dHA6Ly93d3cudzMub3JnLzIwMDEvWE1MU2NoZW1hI3N0cmluZyIgLz4gCiAgICA8" + + "L1N1YmplY3RNYXRjaD4KICAgPC9TdWJqZWN0PgogIDwvU3ViamVjdHM+CiAgPFJl" + + "c291cmNlcz4KICAgPFJlc291cmNlPgogICAgPFJlc291cmNlTWF0Y2ggTWF0Y2hJ" + + "ZD0idXJuOm9hc2lzOm5hbWVzOnRjOnhhY21sOjEuMDpmdW5jdGlvbjpzdHJpbmct" + + "ZXF1YWwiPgogICAgIDxBdHRyaWJ1dGVWYWx1ZSBEYXRhVHlwZT0iaHR0cDovL3d3" + + "dy53My5vcmcvMjAwMS9YTUxTY2hlbWEjYW55VVJJIj4KICAgICAgaHR0cDovL3p1" + + "bmkuY3MudnQuZWR1PC9BdHRyaWJ1dGVWYWx1ZT4KICAgICA8UmVzb3VyY2VBdHRy" + + "aWJ1dGVEZXNpZ25hdG9yIEF0dHJpYnV0ZUlkPSJ1cm46b2FzaXM6bmFtZXM6dGM6" + + "eGFjbWw6MS4wOnJlc291cmNlOnJlc291cmNlLWlkIiBEYXRhVHlwZT0iaHR0cDov" + + "L3d3dy53My5vcmcvMjAwMS9YTUxTY2hlbWEjYW55VVJJIiAvPiAKICAgIDwvUmVz" + + "b3VyY2VNYXRjaD4KICAgPC9SZXNvdXJjZT4KICA8L1Jlc291cmNlcz4KICA8QWN0" + + "aW9ucz4KICAgPEFjdGlvbj4KICAgIDxBY3Rpb25NYXRjaCBNYXRjaElkPSJ1cm46" + + "b2FzaXM6bmFtZXM6dGM6eGFjbWw6MS4wOmZ1bmN0aW9uOnN0cmluZy1lcXVhbCI+" + + "CiAgICAgPEF0dHJpYnV0ZVZhbHVlIERhdGFUeXBlPSJodHRwOi8vd3d3LnczLm9y" + + "Zy8yMDAxL1hNTFNjaGVtYSNzdHJpbmciPgpEZWxlZ2F0ZSBBY2Nlc3MgICAgIDwv" + + "QXR0cmlidXRlVmFsdWU+CgkgIDxBY3Rpb25BdHRyaWJ1dGVEZXNpZ25hdG9yIEF0" + + "dHJpYnV0ZUlkPSJ1cm46b2FzaXM6bmFtZXM6dGM6eGFjbWw6MS4wOmFjdGlvbjph" + + "Y3Rpb24taWQiIERhdGFUeXBlPSJodHRwOi8vd3d3LnczLm9yZy8yMDAxL1hNTFNj" + + "aGVtYSNzdHJpbmciIC8+IAogICAgPC9BY3Rpb25NYXRjaD4KICAgPC9BY3Rpb24+" + + "CiAgPC9BY3Rpb25zPgogPC9UYXJnZXQ+CjwvUnVsZT4KMA0GCSqGSIb3DQEBBAUA" + + "A4GBAGiJSM48XsY90HlYxGmGVSmNR6ZW2As+bot3KAfiCIkUIOAqhcphBS23egTr" + + "6asYwy151HshbPNYz+Cgeqs45KkVzh7bL/0e1r8sDVIaaGIkjHK3CqBABnfSayr3" + + "Rd1yBoDdEv8Qb+3eEPH6ab9021AsLEnJ6LWTmybbOpMNZ3tv"); + + internal static readonly byte[] signCert = Base64.Decode( + "MIIGjTCCBXWgAwIBAgICAPswDQYJKoZIhvcNAQEEBQAwaTEdMBsGCSqGSIb3DQEJ" + + "ARYOaXJtaGVscEB2dC5lZHUxLjAsBgNVBAMTJVZpcmdpbmlhIFRlY2ggQ2VydGlm" + + "aWNhdGlvbiBBdXRob3JpdHkxCzAJBgNVBAoTAnZ0MQswCQYDVQQGEwJVUzAeFw0w" + + "MzAxMzExMzUyMTRaFw0wNDAxMzExMzUyMTRaMIGDMRswGQYJKoZIhvcNAQkBFgxz" + + "c2hhaEB2dC5lZHUxGzAZBgNVBAMTElN1bWl0IFNoYWggKHNzaGFoKTEbMBkGA1UE" + + "CxMSVmlyZ2luaWEgVGVjaCBVc2VyMRAwDgYDVQQLEwdDbGFzcyAxMQswCQYDVQQK" + + "EwJ2dDELMAkGA1UEBhMCVVMwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAPDc" + + "scgSKmsEp0VegFkuitD5j5PUkDuzLjlfaYONt2SN8WeqU4j2qtlCnsipa128cyKS" + + "JzYe9duUdNxquh5BPIkMkHBw4jHoQA33tk0J/sydWdN74/AHPpPieK5GHwhU7GTG" + + "rCCS1PJRxjXqse79ExAlul+gjQwHeldAC+d4A6oZAgMBAAGjggOmMIIDojAMBgNV" + + "HRMBAf8EAjAAMBEGCWCGSAGG+EIBAQQEAwIFoDAOBgNVHQ8BAf8EBAMCA/gwHQYD" + + "VR0lBBYwFAYIKwYBBQUHAwIGCCsGAQUFBwMEMB0GA1UdDgQWBBRUIoWAzlXbzBYE" + + "yVTjQFWyMMKo1jCBkwYDVR0jBIGLMIGIgBTgc3Fm+TGqKDhen+oKfbl+xVbj2KFt" + + "pGswaTEdMBsGCSqGSIb3DQEJARYOaXJtaGVscEB2dC5lZHUxLjAsBgNVBAMTJVZp" + + "cmdpbmlhIFRlY2ggQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkxCzAJBgNVBAoTAnZ0" + + "MQswCQYDVQQGEwJVU4IBADCBiwYJYIZIAYb4QgENBH4WfFZpcmdpbmlhIFRlY2gg" + + "Q2VydGlmaWNhdGlvbiBBdXRob3JpdHkgZGlnaXRhbCBjZXJ0aWZpY2F0ZXMgYXJl" + + "IHN1YmplY3QgdG8gcG9saWNpZXMgbG9jYXRlZCBhdCBodHRwOi8vd3d3LnBraS52" + + "dC5lZHUvY2EvY3BzLy4wFwYDVR0RBBAwDoEMc3NoYWhAdnQuZWR1MBkGA1UdEgQS" + + "MBCBDmlybWhlbHBAdnQuZWR1MEMGCCsGAQUFBwEBBDcwNTAzBggrBgEFBQcwAoYn" + + "aHR0cDovL2JveDE3Ny5jYy52dC5lZHUvY2EvaXNzdWVycy5odG1sMEQGA1UdHwQ9" + + "MDswOaA3oDWGM2h0dHA6Ly9ib3gxNzcuY2MudnQuZWR1L2h0ZG9jcy1wdWJsaWMv" + + "Y3JsL2NhY3JsLmNybDBUBgNVHSAETTBLMA0GCysGAQQBtGgFAQEBMDoGCysGAQQB" + + "tGgFAQEBMCswKQYIKwYBBQUHAgEWHWh0dHA6Ly93d3cucGtpLnZ0LmVkdS9jYS9j" + + "cHMvMD8GCWCGSAGG+EIBBAQyFjBodHRwOi8vYm94MTc3LmNjLnZ0LmVkdS9jZ2kt" + + "cHVibGljL2NoZWNrX3Jldl9jYT8wPAYJYIZIAYb4QgEDBC8WLWh0dHA6Ly9ib3gx" + + "NzcuY2MudnQuZWR1L2NnaS1wdWJsaWMvY2hlY2tfcmV2PzBLBglghkgBhvhCAQcE" + + "PhY8aHR0cHM6Ly9ib3gxNzcuY2MudnQuZWR1L35PcGVuQ0E4LjAxMDYzMC9jZ2kt" + + "cHVibGljL3JlbmV3YWw/MCwGCWCGSAGG+EIBCAQfFh1odHRwOi8vd3d3LnBraS52" + + "dC5lZHUvY2EvY3BzLzANBgkqhkiG9w0BAQQFAAOCAQEAHJ2ls9yjpZVcu5DqiE67" + + "r7BfkdMnm7IOj2v8cd4EAlPp6OPBmjwDMwvKRBb/P733kLBqFNWXWKTpT008R0KB" + + "8kehbx4h0UPz9vp31zhGv169+5iReQUUQSIwTGNWGLzrT8kPdvxiSAvdAJxcbRBm" + + "KzDic5I8PoGe48kSCkPpT1oNmnivmcu5j1SMvlx0IS2BkFMksr0OHiAW1elSnE/N" + + "RuX2k73b3FucwVxB3NRo3vgoHPCTnh9r4qItAHdxFlF+pPtbw2oHESKRfMRfOIHz" + + "CLQWSIa6Tvg4NIV3RRJ0sbCObesyg08lymalQMdkXwtRn5eGE00SHWwEUjSXP2gR" + + "3g=="); + + internal static readonly byte[] certWithBaseCertificateID = Base64.Decode( + "MIIBqzCCARQCAQEwSKBGMD6kPDA6MQswCQYDVQQGEwJJVDEOMAwGA1UEChMFVU5JVE4xDDAKBgNV" + + "BAsTA0RJVDENMAsGA1UEAxMEcm9vdAIEAVMVjqB6MHikdjB0MQswCQYDVQQGEwJBVTEoMCYGA1UE" + + "ChMfVGhlIExlZ2lvbiBvZiB0aGUgQm91bmN5IENhc3RsZTEjMCEGA1UECxMaQm91bmN5IFByaW1h" + + "cnkgQ2VydGlmaWNhdGUxFjAUBgNVBAMTDUJvdW5jeSBDYXN0bGUwDQYJKoZIhvcNAQEFBQACBQKW" + + "RhnHMCIYDzIwMDUxMjEyMTIwMDQyWhgPMjAwNTEyMTkxMjAxMzJaMA8wDQYDVRhIMQaBBGVWSVAw" + + "DQYJKoZIhvcNAQEFBQADgYEAUAVin9StDaA+InxtXq/av6rUQLI9p1X6louBcj4kYJnxRvTrHpsr" + + "N3+i9Uq/uk5lRdAqmPFvcmSbuE3TRAsjrXON5uFiBBKZ1AouLqcr8nHbwcdwjJ9TyUNO9I4hfpSH" + + "UHHXMtBKgp4MOkhhX8xTGyWg3hp23d3GaUeg/IYlXBI="); + + internal static readonly byte[] holderCertWithBaseCertificateID = Base64.Decode( + "MIIBwDCCASmgAwIBAgIEAVMVjjANBgkqhkiG9w0BAQUFADA6MQswCQYDVQQGEwJJVDEOMAwGA1UE" + + "ChMFVU5JVE4xDDAKBgNVBAsTA0RJVDENMAsGA1UEAxMEcm9vdDAeFw0wNTExMTExMjAxMzJaFw0w" + + "NjA2MTYxMjAxMzJaMD4xCzAJBgNVBAYTAklUMQ4wDAYDVQQKEwVVTklUTjEMMAoGA1UECxMDRElU" + + "MREwDwYDVQQDEwhMdWNhQm9yejBaMA0GCSqGSIb3DQEBAQUAA0kAMEYCQQC0p+RhcFdPFqlwgrIr" + + "5YtqKmKXmEGb4ShypL26Ymz66ZAPdqv7EhOdzl3lZWT6srZUMWWgQMYGiHQg4z2R7X7XAgERoxUw" + + "EzARBglghkgBhvhCAQEEBAMCBDAwDQYJKoZIhvcNAQEFBQADgYEAsX50VPQQCWmHvPq9y9DeCpmS" + + "4szcpFAhpZyn6gYRwY9CRZVtmZKH8713XhkGDWcIEMcG0u3oTz3tdKgPU5uyIPrDEWr6w8ClUj4x" + + "5aVz5c2223+dVY7KES//JSB2bE/KCIchN3kAioQ4K8O3e0OL6oDVjsqKGw5bfahgKuSIk/Q="); + + + public override string Name + { + get { return "AttrCertTest"; } + } + + private void doTestCertWithBaseCertificateID() + { + IX509AttributeCertificate attrCert = new X509V2AttributeCertificate(certWithBaseCertificateID); + X509CertificateParser fact = new X509CertificateParser(); + X509Certificate cert = fact.ReadCertificate(holderCertWithBaseCertificateID); + + AttributeCertificateHolder holder = attrCert.Holder; + + if (holder.GetEntityNames() != null) + { + Fail("entity names set when none expected"); + } + + if (!holder.SerialNumber.Equals(cert.SerialNumber)) + { + Fail("holder serial number doesn't Match"); + } + + if (!holder.GetIssuer()[0].Equivalent(cert.IssuerDN)) + { + Fail("holder issuer doesn't Match"); + } + + if (!holder.Match(cert)) + { + Fail("holder not matching holder certificate"); + } + + if (!holder.Equals(holder.Clone())) + { + Fail("holder clone test failed"); + } + + if (!attrCert.Issuer.Equals(attrCert.Issuer.Clone())) + { + Fail("issuer clone test failed"); + } + + equalityAndHashCodeTest(attrCert, certWithBaseCertificateID); + } + + private void equalityAndHashCodeTest( + IX509AttributeCertificate attrCert, + byte[] encoding) + { + if (!attrCert.Equals(attrCert)) + { + Fail("same certificate not equal"); + } + + if (!attrCert.Holder.Equals(attrCert.Holder)) + { + Fail("same holder not equal"); + } + + if (!attrCert.Issuer.Equals(attrCert.Issuer)) + { + Fail("same issuer not equal"); + } + + if (attrCert.Holder.Equals(attrCert.Issuer)) + { + Fail("wrong holder equal"); + } + + if (attrCert.Issuer.Equals(attrCert.Holder)) + { + Fail("wrong issuer equal"); + } + + IX509AttributeCertificate attrCert2 = new X509V2AttributeCertificate(encoding); + + if (attrCert2.Holder.GetHashCode() != attrCert.Holder.GetHashCode()) + { + Fail("holder hashCode test failed"); + } + + if (!attrCert2.Holder.Equals(attrCert.Holder)) + { + Fail("holder Equals test failed"); + } + + if (attrCert2.Issuer.GetHashCode() != attrCert.Issuer.GetHashCode()) + { + Fail("issuer hashCode test failed"); + } + + if (!attrCert2.Issuer.Equals(attrCert.Issuer)) + { + Fail("issuer Equals test failed"); + } + } + + private void doTestGenerateWithCert() + { + X509CertificateParser fact = new X509CertificateParser(); + X509Certificate iCert = fact.ReadCertificate(signCert); + + // + // a sample key pair. + // + RsaKeyParameters pubKey = new RsaKeyParameters( + false, + new BigInteger("b4a7e46170574f16a97082b22be58b6a2a629798419be12872a4bdba626cfae9900f76abfb12139dce5de56564fab2b6543165a040c606887420e33d91ed7ed7", 16), + new BigInteger("11", 16)); + + // + // set up the keys + // +// PrivateKey privKey; +// PublicKey pubKey; +// +// KeyFactory kFact = KeyFactory.getInstance("RSA"); +// +// privKey = kFact.generatePrivate(RSA_PRIVATE_KEY_SPEC); +// pubKey = kFact.generatePublic(pubKeySpec); + AsymmetricKeyParameter privKey = RSA_PRIVATE_KEY_SPEC; + + X509V2AttributeCertificateGenerator gen = new X509V2AttributeCertificateGenerator(); + + // the actual attributes + GeneralName roleName = new GeneralName(GeneralName.Rfc822Name, "DAU123456789"); + + // roleSyntax OID: 2.5.24.72 + X509Attribute attributes = new X509Attribute("2.5.24.72", + new DerSequence(roleName)); + + gen.AddAttribute(attributes); + gen.SetHolder(new AttributeCertificateHolder(iCert)); + gen.SetIssuer(new AttributeCertificateIssuer(new X509Name("cn=test"))); + gen.SetNotBefore(DateTime.UtcNow.AddSeconds(-50)); + gen.SetNotAfter(DateTime.UtcNow.AddSeconds(50)); + gen.SetSerialNumber(BigInteger.One); + gen.SetSignatureAlgorithm("SHA1WithRSAEncryption"); + + IX509AttributeCertificate aCert = gen.Generate(privKey); + + aCert.CheckValidity(); + + aCert.Verify(pubKey); + + AttributeCertificateHolder holder = aCert.Holder; + + if (holder.GetEntityNames() != null) + { + Fail("entity names set when none expected"); + } + + if (!holder.SerialNumber.Equals(iCert.SerialNumber)) + { + Fail("holder serial number doesn't Match"); + } + + if (!holder.GetIssuer()[0].Equivalent(iCert.IssuerDN)) + { + Fail("holder issuer doesn't Match"); + } + + if (!holder.Match(iCert)) + { + Fail("generated holder not matching holder certificate"); + } + + X509Attribute[] attrs = aCert.GetAttributes("2.5.24.72"); + + if (attrs == null) + { + Fail("attributes related to 2.5.24.72 not found"); + } + + X509Attribute attr = attrs[0]; + + if (!attr.Oid.Equals("2.5.24.72")) + { + Fail("attribute oid mismatch"); + } + + Asn1Encodable[] values = attr.GetValues(); + + GeneralName role = GeneralNames.GetInstance(values[0]).GetNames()[0]; + + if (role.TagNo != GeneralName.Rfc822Name) + { + Fail("wrong general name type found in role"); + } + + if (!((IAsn1String)role.Name).GetString().Equals("DAU123456789")) + { + Fail("wrong general name value found in role"); + } + + X509Certificate sCert = fact.ReadCertificate(holderCertWithBaseCertificateID); + + if (holder.Match(sCert)) + { + Fail("generated holder matching wrong certificate"); + } + + equalityAndHashCodeTest(aCert, aCert.GetEncoded()); + } + + private void doTestGenerateWithPrincipal() + { + X509CertificateParser fact = new X509CertificateParser(); + X509Certificate iCert = fact.ReadCertificate(signCert); + + // + // a sample key pair. + // + RsaKeyParameters pubKey = new RsaKeyParameters( + false, + new BigInteger("b4a7e46170574f16a97082b22be58b6a2a629798419be12872a4bdba626cfae9900f76abfb12139dce5de56564fab2b6543165a040c606887420e33d91ed7ed7", 16), + new BigInteger("11", 16)); + + // + // set up the keys + // +// PrivateKey privKey; +// PublicKey pubKey; +// +// KeyFactory kFact = KeyFactory.getInstance("RSA"); +// +// privKey = kFact.generatePrivate(RSA_PRIVATE_KEY_SPEC); +// pubKey = kFact.generatePublic(pubKeySpec); + AsymmetricKeyParameter privKey = RSA_PRIVATE_KEY_SPEC; + + X509V2AttributeCertificateGenerator gen = new X509V2AttributeCertificateGenerator(); + + // the actual attributes + GeneralName roleName = new GeneralName(GeneralName.Rfc822Name, "DAU123456789"); + + // roleSyntax OID: 2.5.24.72 + X509Attribute attributes = new X509Attribute("2.5.24.72", + new DerSequence(roleName)); + + gen.AddAttribute(attributes); + gen.SetHolder(new AttributeCertificateHolder(iCert.SubjectDN)); + gen.SetIssuer(new AttributeCertificateIssuer(new X509Name("cn=test"))); + gen.SetNotBefore(DateTime.UtcNow.AddSeconds(-50)); + gen.SetNotAfter(DateTime.UtcNow.AddSeconds(50)); + gen.SetSerialNumber(BigInteger.One); + gen.SetSignatureAlgorithm("SHA1WithRSAEncryption"); + + IX509AttributeCertificate aCert = gen.Generate(privKey); + + aCert.CheckValidity(); + + aCert.Verify(pubKey); + + AttributeCertificateHolder holder = aCert.Holder; + + if (holder.GetEntityNames() == null) + { + Fail("entity names not set when expected"); + } + + if (holder.SerialNumber != null) + { + Fail("holder serial number found when none expected"); + } + + if (holder.GetIssuer() != null) + { + Fail("holder issuer found when none expected"); + } + + if (!holder.Match(iCert)) + { + Fail("generated holder not matching holder certificate"); + } + + X509Certificate sCert = fact.ReadCertificate(holderCertWithBaseCertificateID); + + if (holder.Match(sCert)) + { + Fail("principal generated holder matching wrong certificate"); + } + + equalityAndHashCodeTest(aCert, aCert.GetEncoded()); + } + + public override void PerformTest() + { + IX509AttributeCertificate aCert = new X509V2AttributeCertificate(attrCert); + X509CertificateParser fact = new X509CertificateParser(); + X509Certificate sCert = fact.ReadCertificate(signCert); + + aCert.Verify(sCert.GetPublicKey()); + + // + // search test + // + IList list = new ArrayList(); + + list.Add(sCert); + +// CollectionCertStoreParameters ccsp = new CollectionCertStoreParameters(list); +// CertStore store = CertStore.getInstance("Collection", ccsp); + IX509Store store = X509StoreFactory.Create( + "Certificate/Collection", + new X509CollectionStoreParameters(list)); + + ArrayList certs = new ArrayList( +// store.getCertificates(aCert.getIssuer())); + store.GetMatches(aCert.Issuer)); + + if (certs.Count != 1 || !certs.Contains(sCert)) + { + Fail("sCert not found by issuer"); + } + + X509Attribute[] attrs = aCert.GetAttributes("1.3.6.1.4.1.6760.8.1.1"); + if (attrs == null || attrs.Length != 1) + { + Fail("attribute not found"); + } + + // + // reencode test + // + aCert = new X509V2AttributeCertificate(aCert.GetEncoded()); + + aCert.Verify(sCert.GetPublicKey()); + + IX509AttributeCertificate saCert = new X509V2AttributeCertificate(aCert.GetEncoded()); + + if (!aCert.NotAfter.Equals(saCert.NotAfter)) + { + Fail("failed date comparison"); + } + + // base generator test + + // + // a sample key pair. + // + RsaKeyParameters pubKey = new RsaKeyParameters( + false, + new BigInteger("b4a7e46170574f16a97082b22be58b6a2a629798419be12872a4bdba626cfae9900f76abfb12139dce5de56564fab2b6543165a040c606887420e33d91ed7ed7", 16), + new BigInteger("11", 16)); + + AsymmetricKeyParameter privKey = RSA_PRIVATE_KEY_SPEC; + + // + // set up the keys + // +// PrivateKey privKey; +// PublicKey pubKey; +// +// KeyFactory kFact = KeyFactory.getInstance("RSA"); +// +// privKey = kFact.generatePrivate(privKeySpec); +// pubKey = kFact.generatePublic(pubKeySpec); + + X509V2AttributeCertificateGenerator gen = new X509V2AttributeCertificateGenerator(); + + gen.AddAttribute(attrs[0]); + gen.SetHolder(aCert.Holder); + gen.SetIssuer(aCert.Issuer); + gen.SetNotBefore(DateTime.UtcNow.AddSeconds(-50)); + gen.SetNotAfter(DateTime.UtcNow.AddSeconds(50)); + gen.SetSerialNumber(aCert.SerialNumber); + gen.SetSignatureAlgorithm("SHA1WithRSAEncryption"); + + aCert = gen.Generate(privKey); + + aCert.CheckValidity(); + + aCert.Verify(pubKey); + + // as the issuer is the same this should still work (even though it is not + // technically correct + + certs = new ArrayList( +// store.getCertificates(aCert.Issuer)); + store.GetMatches(aCert.Issuer)); + + if (certs.Count != 1 || !certs.Contains(sCert)) + { + Fail("sCert not found by issuer"); + } + + attrs = aCert.GetAttributes("1.3.6.1.4.1.6760.8.1.1"); + if (attrs == null || attrs.Length != 1) + { + Fail("attribute not found"); + } + + // + // reencode test + // + aCert = new X509V2AttributeCertificate(aCert.GetEncoded()); + + aCert.Verify(pubKey); + + AttributeCertificateIssuer issuer = aCert.Issuer; + + X509Name[] principals = issuer.GetPrincipals(); + + // + // test holder + // + AttributeCertificateHolder holder = aCert.Holder; + + if (holder.GetEntityNames() == null) + { + Fail("entity names not set"); + } + + if (holder.SerialNumber != null) + { + Fail("holder serial number set when none expected"); + } + + if (holder.GetIssuer() != null) + { + Fail("holder issuer set when none expected"); + } + + principals = holder.GetEntityNames(); + + string ps = principals[0].ToString(); + + // TODO Check that this is a good enough test +// if (!ps.Equals("C=US, O=vt, OU=Class 2, OU=Virginia Tech User, CN=Markus Lorch (mlorch), EMAILADDRESS=mlorch@vt.edu")) + if (!principals[0].Equivalent(new X509Name("C=US, O=vt, OU=Class 2, OU=Virginia Tech User, CN=Markus Lorch (mlorch), EMAILADDRESS=mlorch@vt.edu"))) + { + Fail("principal[0] for entity names don't Match"); + } + + // + // extension test + // + + gen.AddExtension("1.1", true, new DerOctetString(new byte[10])); + + gen.AddExtension("2.2", false, new DerOctetString(new byte[20])); + + aCert = gen.Generate(privKey); + + ISet exts = aCert.GetCriticalExtensionOids(); + + if (exts.Count != 1 || !exts.Contains("1.1")) + { + Fail("critical extension test failed"); + } + + exts = aCert.GetNonCriticalExtensionOids(); + + if (exts.Count != 1 || !exts.Contains("2.2")) + { + Fail("non-critical extension test failed"); + } + + Asn1OctetString extString = aCert.GetExtensionValue(new DerObjectIdentifier("1.1")); + Asn1Encodable extValue = X509ExtensionUtilities.FromExtensionValue(extString); + + if (!extValue.Equals(new DerOctetString(new byte[10]))) + { + Fail("wrong extension value found for 1.1"); + } + + doTestCertWithBaseCertificateID(); + doTestGenerateWithCert(); + doTestGenerateWithPrincipal(); + } + + public static void Main( + string[] args) + { + RunTest(new AttrCertTest()); + } + + [Test] + public void TestFunction() + { + string resultText = Perform().ToString(); + + Assert.AreEqual(Name + ": Okay", resultText); + } + } +} diff --git a/BouncyCastle/crypto/test/src/test/BaseBlockCipherTest.cs b/BouncyCastle/crypto/test/src/test/BaseBlockCipherTest.cs new file mode 100644 index 0000000..87fb010 --- /dev/null +++ b/BouncyCastle/crypto/test/src/test/BaseBlockCipherTest.cs @@ -0,0 +1,146 @@ +using System; + +using Org.BouncyCastle.Crypto; +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Security; +using Org.BouncyCastle.Utilities.Encoders; +using Org.BouncyCastle.Utilities.Test; + +namespace Org.BouncyCastle.Tests +{ + public abstract class BaseBlockCipherTest + : SimpleTest + { + string algorithm; + + internal BaseBlockCipherTest( + string algorithm) + { + this.algorithm = algorithm; + } + + public override string Name + { + get { return algorithm; } + } + + protected void oidTest( + string[] oids, + string[] names, + int groupSize) + { + byte[] data = {1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16}; + + for (int i = 0; i != oids.Length; i++) + { + IBufferedCipher c1 = CipherUtilities.GetCipher(oids[i]); + IBufferedCipher c2 = CipherUtilities.GetCipher(names[i]); + CipherKeyGenerator kg = GeneratorUtilities.GetKeyGenerator(oids[i]); + + KeyParameter k = ParameterUtilities.CreateKeyParameter(oids[i], kg.GenerateKey()); + + ICipherParameters cp = k; + if (names[i].IndexOf("/ECB/") < 0) + { + cp = new ParametersWithIV(cp, new byte[16]); + } + + c1.Init(true, cp); + c2.Init(false, cp); + + byte[] result = c2.DoFinal(c1.DoFinal(data)); + + if (!AreEqual(data, result)) + { + Fail("failed OID test"); + } + + if (k.GetKey().Length != (16 + ((i / groupSize) * 8))) + { + Fail("failed key length test"); + } + } + } + + protected void wrapOidTest( + string[] oids, + string name) + { + byte[] data = {1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16}; + + for (int i = 0; i != oids.Length; i++) + { + IWrapper c1 = WrapperUtilities.GetWrapper(oids[i]); + IWrapper c2 = WrapperUtilities.GetWrapper(name); + CipherKeyGenerator kg = GeneratorUtilities.GetKeyGenerator(oids[i]); + + KeyParameter k = ParameterUtilities.CreateKeyParameter(oids[i], kg.GenerateKey()); + + c1.Init(true, k); + c2.Init(false, k); + + byte[] wrapped = c1.Wrap(data, 0, data.Length); + byte[] wKeyBytes = c2.Unwrap(wrapped, 0, wrapped.Length); + + if (!AreEqual(data, wKeyBytes)) + { + Fail("failed wrap OID test"); + } + + if (k.GetKey().Length != (16 + (i * 8))) + { + Fail("failed key length test"); + } + } + } + + protected void wrapTest( + int id, + string wrappingAlgorithm, + byte[] kek, + byte[] inBytes, + byte[] outBytes) + { + IWrapper wrapper = WrapperUtilities.GetWrapper(wrappingAlgorithm); + + wrapper.Init(true, ParameterUtilities.CreateKeyParameter(algorithm, kek)); + + try + { + byte[] cText = wrapper.Wrap(inBytes, 0, inBytes.Length); + if (!AreEqual(cText, outBytes)) + { + Fail("failed wrap test " + id + " expected " + + Hex.ToHexString(outBytes) + " got " + + Hex.ToHexString(cText)); + } + } + catch (TestFailedException e) + { + throw e; + } + catch (Exception e) + { + Fail("failed wrap test exception " + e.ToString(), e); + } + + wrapper.Init(false, ParameterUtilities.CreateKeyParameter(algorithm, kek)); + + try + { + byte[] pTextBytes = wrapper.Unwrap(outBytes, 0, outBytes.Length); + + if (!AreEqual(pTextBytes, inBytes)) + { + Fail("failed unwrap test " + id + " expected " + + Hex.ToHexString(inBytes) + " got " + + Hex.ToHexString(pTextBytes)); + } + } + catch (Exception e) + { + Fail("failed unwrap test exception " + e.ToString(), e); + } + } + } +} diff --git a/BouncyCastle/crypto/test/src/test/BlockCipherTest.cs b/BouncyCastle/crypto/test/src/test/BlockCipherTest.cs new file mode 100644 index 0000000..18753eb --- /dev/null +++ b/BouncyCastle/crypto/test/src/test/BlockCipherTest.cs @@ -0,0 +1,1092 @@ +using System; +using System.Globalization; +using System.IO; + +using NUnit.Framework; + +using Org.BouncyCastle.Asn1; +using Org.BouncyCastle.Crypto; +using Org.BouncyCastle.Crypto.IO; +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Security; +using Org.BouncyCastle.Utilities; +using Org.BouncyCastle.Utilities.Collections; +using Org.BouncyCastle.Utilities.Encoders; +using Org.BouncyCastle.Utilities.Test; + +namespace Org.BouncyCastle.Tests +{ + /** + * basic test class for a block cipher, basically this just exercises the provider, and makes sure we + * are behaving sensibly, correctness of the implementation is shown in the lightweight test classes. + */ + [TestFixture] + public class BlockCipherTest + : SimpleTest + { + private static readonly ISet validModes = CollectionUtilities.ReadOnly( + new HashSet(new string[]{ "CBC", "CCM", "CFB", "CTR", "CTS", "EAX", "ECB", "GCM", "OCB", "OFB" })); + + private static readonly string[] cipherTests1 = + { + "DES", + "466da00648ef0e1f9617b1f002e225251a3248d09172f46b9617b1f002e225250112ecb3da61bc99", + "DESede", + "2f4bc6b30c893fa549d82c560d61cf3eb088aed020603de249d82c560d61cf3e529e95ecd8e05394", + "SKIPJACK", + "d4de46d52274dbb029f33b076043f8c40089f906751623de29f33b076043f8c4ac99b90f9396cb04", + "Blowfish", + "7870ebe7f6a52803eb9396ba6c5198216ce81d76d8d4c74beb9396ba6c5198211212473b05214e9f", + "Twofish", + "70336d9c9718a8a2ced1b19deed973a3c58af7ea71a69e7efc4df082dca581c0839e31468661bcfc57a14899ceeb0253", + "RC2", + "eb5b889bbcced12eb6b1a3da6a3d965bba66a5edfdd4c8a6b6b1a3da6a3d965b994a5b859e765797", + "RC5", + "220053543e3eca3bc9503a091ca67b08372560d8a4fdbee8c9503a091ca67b08a796d53bb8a4b7e0", + "RC5-64", + "e0b4a526ba3bc5f09199c3b1fe3737fe6d248cde70e565b0feea59ebfda375ae1946c386a48d8d8a74d7b1947ff6a788", + "RC6", + "44c97b67ca8486067f8b6c5b97632f3049e5e52c1d61fdd527dc3da39616540f19a3db39aac1ffd713795cd886cce0c0", + "IDEA", + "8c9fd56823ffdc523f6ccf7f614aa6173553e594fc7a21b53f6ccf7f614aa61740c54f7a66e95108", + "TEA", + "fcf45062104fda7c35712368b56dd4216a6ca998dc297b5435712368b56dd421208027ed2923cd0c", + "XTEA", + "4b427893d3d6aaded2afafabe25f7b233fb5589faa2b6389d2afafabe25f7b239d12979ac67e1c07", + "Camellia", + "3a68b4ad145bc2c76010669d68f2826359887afce763a78d9994143266adfaec8ba7ee562a1688ef9dfd7f897e5c44dc", + "SEED", + "d53d4ce1f48b9879420949467bfcbfbe2c6a7d4a8770bee0c71211def898d7c5024ce2007dd85accb3f69d906ae2164d", + "Noekeon", + "7e68ceb33aad9db04af6b878a16dd6c6b4f880d6c89027ba581884c10690bb6b3dbfd6ed5513e2c4f5670c3528023121", + "DES/CBC/NoPadding", + "60fa2f8fae5aa2a38e9ac77d0246726beb7511e4515feb12cf99f75cc6e0122a", + "DESede/CBC/NoPadding", + "4d3d7931875cf25593dc402298add8b914761e4936c9585ae22b2c1441169231", + "SKIPJACK/CBC/NoPadding", + "ceebcc2e5e2b847f9ed797b4930b95f115b9e6cf49c457fc2ea0df79ad5c8334", + "Blowfish/CBC/NoPadding", + "80823abbabc109733e7ebf3ce3344d67fc387c306b782086b452f7fbe8e844ce", + "Twofish/CBC/NoPadding", + "f819694251a00bdd403928745cd1d8a094de61f49ddf8e7692e9d81a83812943", + "RC2/CBC/NoPadding", + "a51facdb3933c9676795cd38cc3146fd4694722b468b1a979a399c77606abf99", + "RC5/CBC/NoPadding", + "9ee7517eab0280445f3a7c60c90c0f75029d65bca8b1af83ace5399d388c83c3", + "RC6/CBC/NoPadding", + "c44695633c07010f3a0d8f7ea046a642d4a96bf4e44f89fd91b46830bc95b130", + "IDEA/CBC/NoPadding", + "30cd990ebdae80fe12b6c6e4fcd1c064a27d985c276b3d7097351c8684e4c4d9", + "DES/CBC/PKCS5Padding", + "60fa2f8fae5aa2a38e9ac77d0246726beb7511e4515feb12cf99f75cc6e0122afdc70484fb9c0232", + "DES/CBC/ISO10126Padding", + "60fa2f8fae5aa2a38e9ac77d0246726beb7511e4515feb12cf99f75cc6e0122a980639850a2cc3e8", + "DES/CBC/ISO7816-4Padding", + "60fa2f8fae5aa2a38e9ac77d0246726beb7511e4515feb12cf99f75cc6e0122a1f80b9b0f1be49ac", + "DES/CBC/X9.23Padding", + "60fa2f8fae5aa2a38e9ac77d0246726beb7511e4515feb12cf99f75cc6e0122a980639850a2cc3e8", + "DESede/CBC/PKCS7Padding", + "4d3d7931875cf25593dc402298add8b914761e4936c9585ae22b2c1441169231a41e40695f1cff84", + "SKIPJACK/CBC/PKCS7Padding", + "ceebcc2e5e2b847f9ed797b4930b95f115b9e6cf49c457fc2ea0df79ad5c8334df7042de5db89c96", + "Blowfish/CBC/PKCS7Padding", + "80823abbabc109733e7ebf3ce3344d67fc387c306b782086b452f7fbe8e844cef986562ab1a675e8", + "Twofish/CBC/PKCS7Padding", + "f819694251a00bdd403928745cd1d8a094de61f49ddf8e7692e9d81a838129433e5f1343d6cdb0b41838619da1541f04", + "RC2/CBC/PKCS7Padding", + "a51facdb3933c9676795cd38cc3146fd4694722b468b1a979a399c77606abf9958435525f770f137", + "RC5/CBC/PKCS7Padding", + "9ee7517eab0280445f3a7c60c90c0f75029d65bca8b1af83ace5399d388c83c3edd95ff49be76651", + "RC5-64/CBC/PKCS7Padding", + "e479fd11f89dab22d2f3dd062b1d2abd5b5962553421a5c562dc7214c3b23b8e21949fda87f2f820e5f032c552c6ec78", + "RC6/CBC/PKCS7Padding", + "c44695633c07010f3a0d8f7ea046a642d4a96bf4e44f89fd91b46830bc95b130824b972c9019a69d2dd05ef2d36b37ac", + "IDEA/CBC/PKCS7Padding", + "30cd990ebdae80fe12b6c6e4fcd1c064a27d985c276b3d7097351c8684e4c4d9e584751325ef7c32", + "IDEA/CBC/ISO10126Padding", + "30cd990ebdae80fe12b6c6e4fcd1c064a27d985c276b3d7097351c8684e4c4d978b3fd73135f033b", + "IDEA/CBC/X9.23Padding", + "30cd990ebdae80fe12b6c6e4fcd1c064a27d985c276b3d7097351c8684e4c4d978b3fd73135f033b", + "AES/CBC/PKCS7Padding", + "cf87f4d8bb9d1abb36cdd9f44ead7d046db2f802d99e1ef0a5940f306079e08389a44c4a8cc1a47cbaee1128da55bbb7", + "AES/CBC/ISO7816-4Padding", + "cf87f4d8bb9d1abb36cdd9f44ead7d046db2f802d99e1ef0a5940f306079e08306d84876508a33efec701118d8eeaf6d", + "Rijndael/CBC/PKCS7Padding", + "cf87f4d8bb9d1abb36cdd9f44ead7d046db2f802d99e1ef0a5940f306079e08389a44c4a8cc1a47cbaee1128da55bbb7", + "Serpent/CBC/PKCS7Padding", + "d8b971931de211cb2d31721773a5b1f9dc4e263efe0465f97c024daa26dd7d03473e9beb82ba809cf36071d4807e4706", + "Tnepres/CBC/PKCS7Padding", + "f8940ca31aba8ce1e0693b1ae0b1e08daef6de03c80f019774280052f824ac44540bb8dd74dfad47f83f9c7ec268ca68", + "CAST5/CBC/PKCS7Padding", + "87b6dc0c5a1d23d42fa740b0548be0b298112000544610d889d6361994cf8e670a19d6af72d7289f", + "CAST6/CBC/PKCS7Padding", + "943445569cfdda174118e433828f84e137faee38cac5c827d87a3c9a5a46a07dd64e7ad8accd921f248eea627cd6826f", + "IDEA/CBC/PKCS7Padding", + "30cd990ebdae80fe12b6c6e4fcd1c064a27d985c276b3d7097351c8684e4c4d9e584751325ef7c32", + "DES/CBC/ZeroBytePadding", + "60fa2f8fae5aa2a38e9ac77d0246726beb7511e4515feb12cf99f75cc6e0122ad3b3f002c927f1fd", + "DES/CTS/NoPadding", // official style + "60fa2f8fae5aa2a38e9ac77d0246726bcf99f75cc6e0122aeb7511e4515feb12", + "DESede/CTS/NoPadding", + "4d3d7931875cf25593dc402298add8b9e22b2c144116923114761e4936c9585a", + "SKIPJACK/CTS/NoPadding", + "ceebcc2e5e2b847f9ed797b4930b95f12ea0df79ad5c833415b9e6cf49c457fc", + "Blowfish/CTS/NoPadding", + "80823abbabc109733e7ebf3ce3344d67b452f7fbe8e844cefc387c306b782086", + "Twofish/CTS/NoPadding", + "94de61f49ddf8e7692e9d81a83812943f819694251a00bdd403928745cd1d8a0", + "AES/CTS/NoPadding", + "6db2f802d99e1ef0a5940f306079e083cf87f4d8bb9d1abb36cdd9f44ead7d04", + "Rijndael/CTS/NoPadding", + "6db2f802d99e1ef0a5940f306079e083cf87f4d8bb9d1abb36cdd9f44ead7d04", + "Serpent/CTS/NoPadding", + "dc4e263efe0465f97c024daa26dd7d03d8b971931de211cb2d31721773a5b1f9", + "Tnepres/CTS/NoPadding", + "aef6de03c80f019774280052f824ac44f8940ca31aba8ce1e0693b1ae0b1e08d", + "CAST5/CTS/NoPadding", + "87b6dc0c5a1d23d42fa740b0548be0b289d6361994cf8e6798112000544610d8", + "CAST6/CTS/NoPadding", + "37faee38cac5c827d87a3c9a5a46a07d943445569cfdda174118e433828f84e1", + "RC2/CTS/NoPadding", + "a51facdb3933c9676795cd38cc3146fd9a399c77606abf994694722b468b1a97", + "RC5/CTS/NoPadding", + "9ee7517eab0280445f3a7c60c90c0f75ace5399d388c83c3029d65bca8b1af83", + "RC6/CTS/NoPadding", + "d4a96bf4e44f89fd91b46830bc95b130c44695633c07010f3a0d8f7ea046a642", + "IDEA/CTS/NoPadding", + "30cd990ebdae80fe12b6c6e4fcd1c06497351c8684e4c4d9a27d985c276b3d70", + "DES/CBC/WithCTS", // older style + "60fa2f8fae5aa2a38e9ac77d0246726bcf99f75cc6e0122aeb7511e4515feb12", + "DESede/CBC/WithCTS", + "4d3d7931875cf25593dc402298add8b9e22b2c144116923114761e4936c9585a", + "SKIPJACK/CBC/WithCTS", + "ceebcc2e5e2b847f9ed797b4930b95f12ea0df79ad5c833415b9e6cf49c457fc", + "Blowfish/CBC/WithCTS", + "80823abbabc109733e7ebf3ce3344d67b452f7fbe8e844cefc387c306b782086", + "Twofish/CBC/WithCTS", + "94de61f49ddf8e7692e9d81a83812943f819694251a00bdd403928745cd1d8a0", + "AES/CBC/WithCTS", + "6db2f802d99e1ef0a5940f306079e083cf87f4d8bb9d1abb36cdd9f44ead7d04", + "Rijndael/CBC/WithCTS", + "6db2f802d99e1ef0a5940f306079e083cf87f4d8bb9d1abb36cdd9f44ead7d04", + "Serpent/CBC/WithCTS", + "dc4e263efe0465f97c024daa26dd7d03d8b971931de211cb2d31721773a5b1f9", + "Tnepres/CBC/WithCTS", + "aef6de03c80f019774280052f824ac44f8940ca31aba8ce1e0693b1ae0b1e08d", + "CAST5/CBC/WithCTS", + "87b6dc0c5a1d23d42fa740b0548be0b289d6361994cf8e6798112000544610d8", + "CAST6/CBC/WithCTS", + "37faee38cac5c827d87a3c9a5a46a07d943445569cfdda174118e433828f84e1", + "RC2/CBC/WithCTS", + "a51facdb3933c9676795cd38cc3146fd9a399c77606abf994694722b468b1a97", + "RC5/CBC/WithCTS", + "9ee7517eab0280445f3a7c60c90c0f75ace5399d388c83c3029d65bca8b1af83", + "RC6/CBC/WithCTS", + "d4a96bf4e44f89fd91b46830bc95b130c44695633c07010f3a0d8f7ea046a642", + "IDEA/CBC/WithCTS", + "30cd990ebdae80fe12b6c6e4fcd1c06497351c8684e4c4d9a27d985c276b3d70", + "DES/OFB/NoPadding", + "537572e480c1714f5c9a4f3b874df824dc6681b1fd6c11982debcad91e3f78b7", + "DESede/OFB/NoPadding", + "481e9872acea7fcf8e29a453242da774e5f6a28f15f7723659a73e4ff4939f80", + "SKIPJACK/OFB/NoPadding", + "71143a124e3a0cde753b60fe9b200e559018b6a0fe0682659f7c13feb9df995c", + "Blowfish/OFB/NoPadding", + "6cd6f7c5d2c655556d7a9e98a1696d1875e9f1b2fc991e28a2d55b56861e80bd", + "Twofish/OFB/NoPadding", + "821c54b1b54ae113cf74595eefe10c83b61c9682fc81f92c52f39a3a693f88b8", + "RC2/OFB/NoPadding", + "0a07cb78537cb04c0c74e28a7b86b80f80acadf87d6ef32792f1a8cf74b39f74", + "RC5/OFB/NoPadding", + "c62b233df296283b918a2b4cc53a54fbf061850e781b97332ed1bd78b88d9670", + "IDEA/OFB/NoPadding", + "dd447da3cbdcf81f4053fb446596261cb00a3c49a66085485af5f7c10ba20dad", + "DES/OFB8/NoPadding", + "53cb5010d189f94cf584e5ff1c4a9d86443c45ddb6fa3c2d1a5dadfcdf01db8a", + "DESede/OFB8/NoPadding", + "482c0c1ccd0e6d218e1cffb0a295352c2357ffaa673f2257ef5c77b6c04f03b5", + "SKIPJACK/OFB8/NoPadding", + "719ea1b432b3d2c8011e5aa873f95978420022b5e2c9c1a1c1082cd1f4999da2", + "Blowfish/OFB8/NoPadding", + "6ca6078755b263f09787d830b6fda7b7748494634bdc73ab68540cf9f6b7eccf", + "Twofish/OFB8/NoPadding", + "825dcec234ad52253d6e064b0d769bc04b1142435933f4a510ffc20d70095a88", + "RC2/OFB8/NoPadding", + "0aa26c6f6a820fe7d38da97085995ad62e2e293323a76300fcd4eb572810f7c6", + "RC5/OFB8/NoPadding", + "c601a9074dbd874f4d3293f6a32d93d9f0a4f5685d8597f0102fcc96d444f976", + "IDEA/OFB8/NoPadding", + "dd7897b6ced43d060a518bb38d570308b83b4de577eb208130daabf619e9b1fb", + "DES/CFB/NoPadding", + "537572e480c1714fec3c7424f88d4202219244c5ca8f5e4361d64f08fe747bb2", + "DESede/CFB/NoPadding", + "481e9872acea7fcfb75bb58670fe64c59123265139e357d161cd4ddb5eba042a", + "SKIPJACK/CFB/NoPadding", + "71143a124e3a0cde70a69ede4ceb14376b1e6a80bafde0a6330508dfa86a7c41", + "Blowfish/CFB/NoPadding", + "6cd6f7c5d2c6555561167fe9b10665102206869339122f1ed89efa4a985397f6", + "Twofish/CFB/NoPadding", + "821c54b1b54ae113cf74595eefe10c8308b7a438277de4f40948ac2d172d53d2", + "RC2/CFB/NoPadding", + "0a07cb78537cb04ca1401450d5cd411c7da7fa5b6baaa17bb2137bd95c9f26a5", + "RC5/CFB/NoPadding", + "c62b233df296283b989352bbebf616a19e11503ac737f9e0eaf19049cde05d34", + "IDEA/CFB/NoPadding", + "dd447da3cbdcf81fcbe4661dcbed88aed899f87585118384bd0565067fa6c13a", + "DES/CFB8/NoPadding", + "53cb0cdff712a825eb283b23c31e7323aa12495e7e751428b5c4eb89b28a25d4", + "DESede/CFB8/NoPadding", + "482cd5bf87ca4cee0b573d66a077231bfea93843ce2d1f948550a1d208e18279", + "SKIPJACK/CFB8/NoPadding", + "719eef3906bef23f7b63599285437d8e34183b165acf3e855b4e160d4f036508", + "Blowfish/CFB8/NoPadding", + "6ca63aaada9188d2410c07513cc0736b9888770768c25a5befc776beea5bdc4c", + "Twofish/CFB8/NoPadding", + "825d12af040721cf5ed4a4798647837ac5eb14d752aace28728aeb37b2010abd", + "RC2/CFB8/NoPadding", + "0aa227f94be3a32ff927c5d25647ea41d7c2a1e94012fc7f2ad6767b9664bce5", + "RC5/CFB8/NoPadding", + "c601cf88725411f119965b9cd38d6c313b91128ed7c98c7604cc62d9b210be79", + "IDEA/CFB8/NoPadding", + "dd7839d2525420d10f95eec23dbaf3463302c445972a28c563c2635191bc19af", + // TODO Check that PGPCFB modes are obsolete for C# build +// "IDEA/PGPCFB/NoPadding", +// "dd447da3cbdcf81fcbe4661dcbed88aed899f87585118384bd0565067fa6c13a", +// "IDEA/PGPCFBwithIv/NoPadding", +// "ed5adbac0e730cc0f00df7e4f6fef672ab042673106435faf3ecf3996a72a0e127b440ba9e5313501de3", + "Twofish/ECB/TBCPadding", + "70336d9c9718a8a2ced1b19deed973a3c58af7ea71a69e7efc4df082dca581c019d7daa58d02b89aab6e8c0d17202439", + "RC2/ECB/TBCPadding", + "eb5b889bbcced12eb6b1a3da6a3d965bba66a5edfdd4c8a6b6b1a3da6a3d965b6b5359ba5e69b179", + "DES/CTR/NoPadding", + "537572e480c1714fb47081d35eb18eaca9e0a5aee982f105438a0db6cece1f6d", + "DESede/CTR/NoPadding", + "481e9872acea7fcfa93b7d4e34ec7bab340c10faba2e43b879d40d38e07c422d", + "SKIPJACK/CTR/NoPadding", + "71143a124e3a0cdeee98a7b843baa05bd1d59faee8ec9b89880e070314a04cc2", + "Blowfish/CTR/NoPadding", + "6cd6f7c5d2c65555d2b31f8614f54ec654f5e7888d515008d59302c3edfcc6cb", + "Twofish/CTR/NoPadding", + "821c54b1b54ae113cf74595eefe10c83d09e95d4599190b9bbd5bc71dd703730", + "Threefish-256/CTR/NoPadding", + "546ea995dd302f1efcb1f27d14bad468280a3a7994c2af75dfdf1e9fc5ef2373", + "Threefish-512/CTR/NoPadding", + "152df966484ecc2e9ddfc386559732f7f632e4008920804a1bde4efcf2e6e2f2", + "Threefish-1024/CTR/NoPadding", + "03953ac751a7377812c6e3e4d14b36c6953f9b390acaa892811c10001c9be454", + "RC2/CTR/NoPadding", + "0a07cb78537cb04c8c5a0a39a15977a7eb19f3c48a42759c234868c391a99c63", + "RC5/CTR/NoPadding", + "c62b233df296283b97f17364d5f69a1ff91f46659cf9856caefd322a936203a7", + "IDEA/CTR/NoPadding", + "dd447da3cbdcf81f4694ab7715d79e3f90af5682e8c318b8f7dadbed6b5c9714", + "Blowfish/EAX/NoPadding", + "bee85ae6512b8a2346d46f7bac31526238091ccc5de75760c9a39628fb45d44a653bfac0", + "CAST5/EAX/NoPadding", + "85e0dbd3402f2179f96d231315ec73f04f64f1b7ab1347423b9aec51a07a7222e2bc65a3", + "DES/EAX/NoPadding", + "07d12249945e77607086f7463f316966466e6a0c0789b3307b8b51a7cc807e3c1fb91f98", + "DESede/EAX/NoPadding", + "278b28f13537dc13bb688c95391754bd6d39c79a7361b407f8dee0b111b264f20391cb0e", + "GOST28147/EAX/NoPadding", + "1416713d52affb595b880be996e838edd377e67dfe822fbb0ff235f1b706e6ce34d68dc5", + "IDEA/EAX/NoPadding", + "b2e9f3e40954c140ac60423466dee0138f84e879fbde003780202bd83c91571b64df7bb7", + "RC2/EAX/NoPadding", + "5d1c095de75bd5eef6a5146f7d6c44545807a8b452f7a38e2719a14f1a269709d2eda2d3", + "SEED/EAX/NoPadding", + "6780f18b2dd1f75a934b5a3e45e8fd44877fd3498a9b919b417b3d8a7c67c6021d74bbaef71841ef", + "Serpent/EAX/NoPadding", + "13c2b1fec2bda74f5ccc8ca31b36a2e91ee024a215387219808640b2fc7a6a41e017aacee3ed893a", + "Tnepres/EAX/NoPadding", + "8d5ac312ca0d436a0154d56568d39811ccf6bb970012398014fc8a49ed669b117443c0249b07ead8", + //"SM4/EAX/NoPadding", + //"e072a95da8e529b41199859482142b3fdfa6b7af27348e5ebf35445a099583dae882affde90ea4a4", + "Twofish/EAX/NoPadding", + "9a90dffe1233a04733fc8869e8ec4cba2fa53d9543f0206825293b1ff102e63f81a60b12204e1fd8", + "IDEA/OFB/NoPadding", + "dd447da3cbdcf81f4053fb446596261cb00a3c49a66085485af5f7c10ba20dad", + "RC2/OFB/NoPadding", + "0a07cb78537cb04c0c74e28a7b86b80f80acadf87d6ef32792f1a8cf74b39f74", + "SEED/OFB/NoPadding", + "9fd249435dc66d3d5d41abad270df5e3c6b972692fadfcb6c311b047f96fb114", + "SEED/OCB/NoPadding", + "eb04b3612769e1ad681f975af1a6f401d94dc88276dd50fc3ebce791c28825c652b7351acbad8c63d4d66191de94c970", + "SEED/CCM/NoPadding", + "da684e8cab782d4ebae835726f43c3aeea97ee270897255714d464e981ac39af06c9483153f8a05a", + "SEED/GCM/NoPadding", + "ed5f6293c9a4f280af6695750bfb3bb3b60c214565a049494df955152757812ebfb93705895606c4378498a93f2541b5", + //"SM4/GCM/NoPadding", + //"323b601a951da693f87e53c6832380719b4d4bd306c94248202b7e337c81e2d9de0044b77a4c556f15f6fd19f828236b", + "DES/ECB/TBCPadding", + "466da00648ef0e1f9617b1f002e225251a3248d09172f46b9617b1f002e22525698575eb3998481b", + "GOST28147/ECB/TBCPadding", + "0a77f4114451b37d44c5192619b723dd49093d1047c2373544c5192619b723dde7b0810d205c07ab", + "IDEA/ECB/TBCPadding", + "8c9fd56823ffdc523f6ccf7f614aa6173553e594fc7a21b53f6ccf7f614aa61747a7c95a57b9eaf4", + "RC2/ECB/TBCPadding", + "eb5b889bbcced12eb6b1a3da6a3d965bba66a5edfdd4c8a6b6b1a3da6a3d965b6b5359ba5e69b179", + "SEED/ECB/TBCPadding", + "d53d4ce1f48b9879420949467bfcbfbe2c6a7d4a8770bee0c71211def898d7c509f6e111845db39b4cce1dd155aa592b", + "DES/CBC/TBCPadding", + "60fa2f8fae5aa2a38e9ac77d0246726beb7511e4515feb12cf99f75cc6e0122ad3b3f002c927f1fd", + "GOST28147/CBC/TBCPadding", + "ba87be9c465cbb30e1bf0148daa9639c2e4cbc1b6777cfcda860760686596159aa564fd65e66c125", + "IDEA/CBC/TBCPadding", + "30cd990ebdae80fe12b6c6e4fcd1c064a27d985c276b3d7097351c8684e4c4d922f14e12faecaa0b", + "RC2/CBC/TBCPadding", + "a51facdb3933c9676795cd38cc3146fd4694722b468b1a979a399c77606abf9997b47d2f64a37e2f", + "SEED/CBC/TBCPadding", + "fc34f03ddf4d2a4d9934addc82011af1d5f76ee015b691a6524d7ad5464422d7989825d19e23a60ba759407e13d1ea02", + "DES/CFB8/NoPadding", + "53cb0cdff712a825eb283b23c31e7323aa12495e7e751428b5c4eb89b28a25d4", + "GOST28147/CFB8/NoPadding", + "29f6ca1ca7ae9670413183932a28cdd4a09f2ba630c3c3fbf6f071d3774d7577", + "IDEA/CFB8/NoPadding", + "dd7839d2525420d10f95eec23dbaf3463302c445972a28c563c2635191bc19af", + "RC2/CFB8/NoPadding", + "0aa227f94be3a32ff927c5d25647ea41d7c2a1e94012fc7f2ad6767b9664bce5", + "SEED/CFB8/NoPadding", + "9f1622c3785a034ee4c595df05fb11e69e4d52036e238d2d451e190e87ee876e", + "DES/CTS/NoPadding", + "60fa2f8fae5aa2a38e9ac77d0246726bcf99f75cc6e0122aeb7511e4515feb12", + "GOST28147/CTS/NoPadding", + "ba87be9c465cbb30e1bf0148daa9639ca8607606865961592e4cbc1b6777cfcd", + "IDEA/CTS/NoPadding", + "30cd990ebdae80fe12b6c6e4fcd1c06497351c8684e4c4d9a27d985c276b3d70", + "RC2/CTS/NoPadding", + "a51facdb3933c9676795cd38cc3146fd9a399c77606abf994694722b468b1a97", + "SEED/CTS/NoPadding", + "d5f76ee015b691a6524d7ad5464422d7fc34f03ddf4d2a4d9934addc82011af1", + //"SHACAL-2/CBC/PKCS7Padding", + //"3af7c54ea55d2497162ac9c79d9b2f7837898f83aa4b50b7b762979aa8087669b6a81cdec475ed4d2394d7ad771404a52eb52d245a39f0d7d3e8062d3b0f0e54", + //"SHACAL-2/CBC/TBCPadding", + //"3af7c54ea55d2497162ac9c79d9b2f7837898f83aa4b50b7b762979aa80876693f17fbe9a5baa88ed21b2e1a863dc449061f40cafadfc3cf73486208f87b9352", + }; + + private static readonly string[] cipherTests2 = + { + "DES/OFB64/NoPadding", + "537572e480c1714f5c9a4f3b874df824dc6681b1fd6c11982debcad91e", + "DES/CFB64/NoPadding", + "537572e480c1714fec3c7424f88d4202219244c5ca8f5e4361d64f08fe", + "DES/CTR/NoPadding", + "537572e480c1714fb47081d35eb18eaca9e0a5aee982f105438a0db6ce", + "DES/CTS/NoPadding", + "60fa2f8fae5aa2a38e9ac77d0246726b32df660db51a710ceb7511e451" + }; + + private static readonly byte[] input1 = Hex.Decode("000102030405060708090a0b0c0d0e0fff0102030405060708090a0b0c0d0e0f"); + private static readonly byte[] input2 = Hex.Decode("000102030405060708090a0b0c0d0e0fff0102030405060708090a0b0c"); + +// static RC2ParameterSpec rc2Spec = new RC2ParameterSpec(128, Hex.decode("0123456789abcdef")); + private static readonly byte[] rc2IV = Hex.Decode("0123456789abcdef"); + +// static RC5ParameterSpec rc5Spec = new RC5ParameterSpec(16, 16, 32, Hex.decode("0123456789abcdef")); +// static RC5ParameterSpec rc564Spec = new RC5ParameterSpec(16, 16, 64, Hex.decode("0123456789abcdef0123456789abcdef")); + private static readonly byte[] rc5IV = Hex.Decode("0123456789abcdef"); + private static readonly byte[] rc564IV = Hex.Decode("0123456789abcdef0123456789abcdef"); + private const int rc5Rounds = 16; + + /** + * a fake random number generator - we just want to make sure the random numbers + * aren't random so that we get the same output, while still getting to test the + * key generation facilities. + */ + private class FixedSecureRandom + : SecureRandom + { + byte[] seed = { + (byte)0xaa, (byte)0xfd, (byte)0x12, (byte)0xf6, (byte)0x59, + (byte)0xca, (byte)0xe6, (byte)0x34, (byte)0x89, (byte)0xb4, + (byte)0x79, (byte)0xe5, (byte)0x07, (byte)0x6d, (byte)0xde, + (byte)0xc2, (byte)0xf0, (byte)0x6c, (byte)0xb5, (byte)0x8f + }; + + public override void NextBytes( + byte[] bytes) + { + int offset = 0; + + while ((offset + seed.Length) < bytes.Length) + { + Array.Copy(seed, 0, bytes, offset, seed.Length); + offset += seed.Length; + } + + Array.Copy(seed, 0, bytes, offset, bytes.Length- offset); + } + } + + public override string Name + { + get { return "BlockCipher"; } + } + + private int GetIVLength( + string algorithm) + { + string[] parts = algorithm.Split('/'); + + if (parts.Length < 2) + return 0; + + string mode = parts[1]; + + int pos = mode.IndexOfAny(new char[]{ '0', '1', '2', '3', '4', '5', '6', '7', '8', '9' }); + string baseMode = pos < 0 ? mode : mode.Substring(0, pos); + + if (!validModes.Contains(baseMode)) + throw new Exception("Unhandled mode: " + mode); + + if (baseMode == "CCM") + return 12; + if (baseMode == "ECB") + return 0; + if (baseMode == "OCB") + return 15; + + string baseAlgorithm = parts[0]; + IBufferedCipher baseCipher = CipherUtilities.GetCipher(baseAlgorithm); + return baseCipher.GetBlockSize(); + } + + private void doTest( + string algorithm, + byte[] input, + byte[] output) + { + KeyParameter key = null; + CipherKeyGenerator keyGen; + SecureRandom rand; + IBufferedCipher inCipher = null, outCipher = null; + byte[] iv = null; + CipherStream cIn, cOut; + MemoryStream bIn, bOut; + + rand = new FixedSecureRandom(); + + string[] parts = algorithm.ToUpper(CultureInfo.InvariantCulture).Split('/'); + string baseAlgorithm = parts[0]; + string mode = parts.Length > 1 ? parts[1] : null; + + try + { + keyGen = GeneratorUtilities.GetKeyGenerator(baseAlgorithm); + + // TODO Add Algorithm property to CipherKeyGenerator? +// if (!keyGen.getAlgorithm().Equals(baseAlgorithm)) +// { +// Fail("wrong key generator returned!"); +// } + + // TODO Add new Init method to CipherKeyGenerator? +// keyGen.Init(rand); + keyGen.Init(new KeyGenerationParameters(rand, keyGen.DefaultStrength)); + + byte[] keyBytes = keyGen.GenerateKey(); + + if (algorithm.StartsWith("RC5")) + { + key = new RC5Parameters(keyBytes, rc5Rounds); + } + else + { + key = ParameterUtilities.CreateKeyParameter(baseAlgorithm, keyBytes); + } + + inCipher = CipherUtilities.GetCipher(algorithm); + outCipher = CipherUtilities.GetCipher(algorithm); + + if (!inCipher.AlgorithmName.ToUpper(CultureInfo.InvariantCulture).StartsWith(baseAlgorithm)) + { + Fail("wrong cipher returned!"); + } + + ICipherParameters parameters = key; + + int ivLength = GetIVLength(algorithm); + + if (ivLength > 0) + { + if (baseAlgorithm == "RC2") + { + iv = rc2IV; + } + else if (baseAlgorithm == "RC5") + { + iv = rc5IV; + } + else if (baseAlgorithm == "RC5-64") + { + iv = rc564IV; + } + else + { + // NB: rand always generates same values each test run + iv = SecureRandom.GetNextBytes(rand, ivLength); + } + + parameters = new ParametersWithIV(key, iv); + } + + // NB: 'rand' still needed e.g. for some paddings + parameters = new ParametersWithRandom(parameters, rand); + + outCipher.Init(true, parameters); + } + catch (Exception e) + { + Fail("" + algorithm + " failed initialisation - " + e.ToString(), e); + } + + // + // grab the iv if there is one + // + try + { + // The Java version set this implicitly, but we set it explicity + //byte[] iv = outCipher.getIV(); + + if (iv != null) + { + // TODO Examine short IV handling for these FIPS-compliant modes in Java build + if (mode.StartsWith("CCM") + || mode.StartsWith("CFB") + || mode.StartsWith("CTR") + || mode.StartsWith("EAX") + || mode.StartsWith("GCM") + || mode.StartsWith("GOFB") + || mode.StartsWith("OCB") + || mode.StartsWith("OFB") + || mode.StartsWith("OPENPGPCFB") + || mode.StartsWith("SIC")) + { + // These modes automatically pad out the IV if it is short + } + else + { + try + { + byte[] nIv = new byte[iv.Length- 1]; + inCipher.Init(false, new ParametersWithIV(key, nIv)); + Fail("failed to pick up short IV"); + } + //catch (InvalidAlgorithmParameterException e) + catch (ArgumentException) + { + // ignore - this is what we want... + } + } + + //IvParameterSpec spec = new IvParameterSpec(iv); + inCipher.Init(false, new ParametersWithIV(key, iv)); + } + else + { + inCipher.Init(false, key); + } + } + catch (Exception e) + { + Fail("" + algorithm + " failed initialisation - " + e.ToString()); + } + + // + // encryption pass + // + bOut = new MemoryStream(); + cOut = new CipherStream(bOut, null, outCipher); + + try + { + for (int i = 0; i != input.Length/ 2; i++) + { + cOut.WriteByte(input[i]); + } + cOut.Write(input, input.Length/ 2, input.Length- input.Length/ 2); + cOut.Close(); + } + catch (IOException e) + { + Fail("" + algorithm + " failed encryption - " + e.ToString()); + } + + byte[] bytes = bOut.ToArray(); + + if (!AreEqual(bytes, output)) + { + Fail("" + algorithm + " failed encryption - expected " + + Hex.ToHexString(output) + " got " + + Hex.ToHexString(bytes)); + } + + // + // decryption pass + // + bIn = new MemoryStream(bytes, false); + cIn = new CipherStream(bIn, inCipher, null); + + try + { + BinaryReader dIn = new BinaryReader(cIn); + + bytes = new byte[input.Length]; + + for (int i = 0; i != input.Length/ 2; i++) + { + bytes[i] = dIn.ReadByte(); + } + + int remaining = bytes.Length - input.Length / 2; + byte[] extra = dIn.ReadBytes(remaining); + if (extra.Length < remaining) + throw new EndOfStreamException(); + extra.CopyTo(bytes, input.Length / 2); + } + catch (Exception e) + { + Fail("" + algorithm + " failed decryption - " + e.ToString()); + } + + if (!AreEqual(bytes, input)) + { + Fail("" + algorithm + " failed decryption - expected " + + Hex.ToHexString(input) + " got " + + Hex.ToHexString(bytes)); + } + } + + // TODO Make private again and call from PerformTest + public void doTestExceptions() + { + // TODO Put back in +// SecretKeyFactory skF = null; +// +// try +// { +// skF = SecretKeyFactory.getInstance("DESede"); +// } +// catch (Exception e) +// { +// Fail("unexpected exception.", e); +// } +// +// KeySpec ks = null; +// SecretKey secKey = null; +// byte[] bb = new byte[24]; +// +// try +// { +// skF.getKeySpec(null, null); +// +// Fail("failed exception test - no exception thrown"); +// } +// catch (InvalidKeySpecException e) +// { +// // ignore okay +// } +// catch (Exception e) +// { +// Fail("failed exception test.", e); +// } +// try +// { +// ks = (KeySpec)new DESedeKeySpec(bb); +// skF.getKeySpec(null, ks.getClass()); +// +// Fail("failed exception test - no exception thrown"); +// } +// catch (InvalidKeySpecException e) +// { +// // ignore okay; +// } +// catch (Exception e) +// { +// Fail("failed exception test.", e); +// } +// try +// { +// skF.getKeySpec(secKey, null); +// } +// catch (InvalidKeySpecException e) +// { +// // ignore okay +// } +// catch (Exception e) +// { +// Fail("failed exception test.", e); +// } + + try + { + CipherKeyGenerator kg = GeneratorUtilities.GetKeyGenerator("DESede"); + + try + { + kg.Init(new KeyGenerationParameters(new SecureRandom(), int.MinValue)); + + Fail("failed exception test - no exception thrown"); + } +// catch (InvalidParameterException) + catch (ArgumentException) + { + // ignore okay + } + catch (Exception e) + { + Fail("failed exception test.", e); + } + } + catch (Exception e) + { + Fail("unexpected exception.", e); + } + + // TODO Put back in +// try +// { +// skF = SecretKeyFactory.getInstance("DESede"); +// +// try +// { +// skF.translateKey(null); +// +// Fail("failed exception test - no exception thrown"); +// } +// catch (InvalidKeyException) +// { +// // ignore okay +// } +// catch (Exception e) +// { +// Fail("failed exception test.", e); +// } +// } +// catch (Exception e) +// { +// Fail("unexpected exception.", e); +// } + +// try +// { +// byte[] rawDESKey = { (byte)128, (byte)131, (byte)133, (byte)134, +// (byte)137, (byte)138, (byte)140, (byte)143 }; +// +//// SecretKeySpec cipherKey = new SecretKeySpec(rawDESKey, "DES"); +// KeyParameter cipherKey = new DesParameters(rawDESKey); +// +// IBufferedCipher cipher = CipherUtilities.GetCipher("DES/CBC/NoPadding"); +// +// try +// { +// // According specification engineInit(int opmode, Key key, +// // SecureRandom random) throws InvalidKeyException if this +// // cipher is being +// // initialized for decryption and requires algorithm parameters +// // that cannot be determined from the given key +//// cipher.Init(false, cipherKey, (SecureRandom)null); +// cipher.Init(false, new ParametersWithRandom(cipherKey, new SecureRandom())); +// +// Fail("failed exception test - no InvalidKeyException thrown"); +// } +// catch (InvalidKeyException) +// { +// // ignore +// } +// } +// catch (Exception e) +// { +// Fail("unexpected exception.", e); +// } + + try + { +// byte[] rawDESKey = { -128, -125, -123, -122, -119, -118 }; + byte[] rawDESKey = { 128, 131, 133, 134, 137, 138 }; + +// SecretKeySpec cipherKey = new SecretKeySpec(rawDESKey, "DES"); + +// IBufferedCipher cipher = CipherUtilities.GetCipher("DES/ECB/NoPadding"); + try + { + KeyParameter cipherKey = new DesParameters(rawDESKey); + + // According specification engineInit(int opmode, Key key, + // SecureRandom random) throws InvalidKeyException if the given + // key is inappropriate for initializing this cipher +// cipher.Init(true, cipherKey); + +// Fail("failed exception test - no InvalidKeyException thrown"); + Fail("failed exception test - no ArgumentException thrown"); + } +// catch (InvalidKeyException) + catch (ArgumentException) + { + // ignore + } + } + catch (Exception e) + { + Fail("unexpected exception.", e); + } + +// try +// { +//// byte[] rawDESKey = { -128, -125, -123, -122, -119, -118, -117, -115, -114 }; +// byte[] rawDESKey = { 128, 131, 133, 134, 137, 138, 139, 141, 142 }; +// +//// SecretKeySpec cipherKey = new SecretKeySpec(rawDESKey, "DES"); +// KeyParameter cipherKey = new DesParameters(rawDESKey); +// +// IBufferedCipher cipher = CipherUtilities.GetCipher("DES/ECB/NoPadding"); +// try +// { +// // According specification engineInit(int opmode, Key key, +// // SecureRandom random) throws InvalidKeyException if the given +// // key is inappropriate for initializing this cipher +// cipher.Init(true, cipherKey); +// +// Fail("failed exception test - no InvalidKeyException thrown"); +// } +// catch (InvalidKeyException) +// { +// // ignore +// } +// } +// catch (Exception e) +// { +// Fail("unexpected exception.", e); +// } + + + try + { + byte[] rawDESKey = { (byte)128, (byte)131, (byte)133, (byte)134, + (byte)137, (byte)138, (byte)140, (byte)143 }; + +// SecretKeySpec cipherKey = new SecretKeySpec(rawDESKey, "DES"); + KeyParameter cipherKey = new DesParameters(rawDESKey); + + IBufferedCipher ecipher = CipherUtilities.GetCipher("DES/ECB/PKCS5Padding"); + ecipher.Init(true, cipherKey); + + byte[] cipherText = new byte[0]; + try + { + // According specification Method engineUpdate(byte[] input, + // int inputOffset, int inputLen, byte[] output, int + // outputOffset) + // throws ShortBufferException - if the given output buffer is + // too + // small to hold the result +// ecipher.update(new byte[20], 0, 20, cipherText); + ecipher.ProcessBytes(new byte[20], 0, 20, cipherText, 0); + +// Fail("failed exception test - no ShortBufferException thrown"); + Fail("failed exception test - no DataLengthException thrown"); + } +// catch (ShortBufferException) + catch (DataLengthException) + { + // ignore + } + } + catch (Exception e) + { + Fail("unexpected exception.", e); + } + + // TODO Put back in +// try +// { +// KeyGenerator keyGen = KeyGenerator.getInstance("DES"); +// +// keyGen.init((SecureRandom)null); +// +// // According specification engineGenerateKey() doesn't throw any exceptions. +// +// SecretKey key = keyGen.generateKey(); +// if (key == null) +// { +// Fail("key is null!"); +// } +// } +// catch (Exception e) +// { +// Fail("unexpected exception.", e); +// } +// +// try +// { +// AlgorithmParameters algParams = AlgorithmParameters.getInstance("DES"); +// +// algParams.init(new IvParameterSpec(new byte[8])); +// +// // According specification engineGetEncoded() returns +// // the parameters in their primary encoding format. The primary +// // encoding +// // format for parameters is ASN.1, if an ASN.1 specification for +// // this type +// // of parameters exists. +// byte[] iv = algParams.getEncoded(); +// +// if (iv.Length!= 10) +// { +// Fail("parameters encoding wrong length - " + iv.Length); +// } +// } +// catch (Exception e) +// { +// Fail("unexpected exception.", e); +// } + + try + { + try + { +// AlgorithmParameters algParams = AlgorithmParameters.getInstance("DES"); + + byte[] encoding = new byte[10]; + encoding[0] = 3; + encoding[1] = 8; + +// algParams.init(encoding, "ASN.1"); + ParameterUtilities.GetCipherParameters( + "AES", + ParameterUtilities.CreateKeyParameter("AES", new byte[16]), + Asn1Object.FromByteArray(encoding)); + +// Fail("failed exception test - no IOException thrown"); + Fail("failed exception test - no Exception thrown"); + } +// catch (IOException) + catch (ArgumentException) + { + // okay + } + +// try +// { +// IBufferedCipher c = CipherUtilities.GetCipher("DES"); +// +// Key k = new PublicKey() +// { +// +// public string getAlgorithm() +// { +// return "STUB"; +// } +// +// public string getFormat() +// { +// return null; +// } +// +// public byte[] getEncoded() +// { +// return null; +// } +// +// }; +// +// c.Init(true, k); +// +// Fail("failed exception test - no InvalidKeyException thrown for public key"); +// } +// catch (InvalidKeyException e) +// { +// // okay +// } +// +// try +// { +// IBufferedCipher c = CipherUtilities.GetCipher("DES"); +// +// Key k = new PrivateKey() +// { +// +// public string getAlgorithm() +// { +// return "STUB"; +// } +// +// public string getFormat() +// { +// return null; +// } +// +// public byte[] getEncoded() +// { +// return null; +// } +// +// }; +// +// c.Init(false, k); +// +// Fail("failed exception test - no InvalidKeyException thrown for private key"); +// } +// catch (InvalidKeyException e) +// { +// // okay +// } + } + catch (Exception e) + { + Fail("unexpected exception.", e); + } + } + + public override void PerformTest() + { + for (int i = 0; i != cipherTests1.Length; i += 2) + { + doTest(cipherTests1[i], input1, Hex.Decode(cipherTests1[i + 1])); + } + + for (int i = 0; i != cipherTests2.Length; i += 2) + { + doTest(cipherTests2[i], input2, Hex.Decode(cipherTests2[i + 1])); + } + + // + // check for less than a block + // + try + { + IBufferedCipher c = CipherUtilities.GetCipher("AES/CTS/NoPadding"); + + c.Init(true, ParameterUtilities.CreateKeyParameter("AES", new byte[16])); + + c.DoFinal(new byte[4]); + + Fail("CTS failed to throw exception"); + } + catch (Exception e) + { +// if (!(e is IllegalBlockSizeException)) + if (!(e is DataLengthException)) + { + Fail("CTS exception test - " + e, e); + } + } + + doTestExceptions(); + } + + public static void Main( + string[] args) + { + RunTest(new BlockCipherTest()); + } + + [Test] + public void TestFunction() + { + string resultText = Perform().ToString(); + + Assert.AreEqual(Name + ": Okay", resultText); + } + } +} diff --git a/BouncyCastle/crypto/test/src/test/CMacTest.cs b/BouncyCastle/crypto/test/src/test/CMacTest.cs new file mode 100644 index 0000000..f80caca --- /dev/null +++ b/BouncyCastle/crypto/test/src/test/CMacTest.cs @@ -0,0 +1,276 @@ +using System; + +using NUnit.Framework; + +using Org.BouncyCastle.Crypto; +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Security; +using Org.BouncyCastle.Utilities.Encoders; +using Org.BouncyCastle.Utilities.Test; + +namespace Org.BouncyCastle.Tests +{ + /** + * CMAC tester - AES Official Test Vectors. + */ + [TestFixture] + public class CMacTest + : SimpleTest + { + private static readonly byte[] keyBytes128 = Hex.Decode("2b7e151628aed2a6abf7158809cf4f3c"); + private static readonly byte[] keyBytes192 = Hex.Decode( + "8e73b0f7da0e6452c810f32b809079e5" + + "62f8ead2522c6b7b"); + private static readonly byte[] keyBytes256 = Hex.Decode( + "603deb1015ca71be2b73aef0857d7781" + + "1f352c073b6108d72d9810a30914dff4"); + + private static readonly byte[] input0 = Hex.Decode(""); + private static readonly byte[] input16 = Hex.Decode("6bc1bee22e409f96e93d7e117393172a"); + private static readonly byte[] input40 = Hex.Decode( + "6bc1bee22e409f96e93d7e117393172a" + + "ae2d8a571e03ac9c9eb76fac45af8e5130c81c46a35ce411"); + private static readonly byte[] input64 = Hex.Decode( + "6bc1bee22e409f96e93d7e117393172a" + + "ae2d8a571e03ac9c9eb76fac45af8e51" + + "30c81c46a35ce411e5fbc1191a0a52ef" + + "f69f2445df4f9b17ad2b417be66c3710"); + + private static readonly byte[] output_k128_m0 = Hex.Decode("bb1d6929e95937287fa37d129b756746"); + private static readonly byte[] output_k128_m16 = Hex.Decode("070a16b46b4d4144f79bdd9dd04a287c"); + private static readonly byte[] output_k128_m40 = Hex.Decode("dfa66747de9ae63030ca32611497c827"); + private static readonly byte[] output_k128_m64 = Hex.Decode("51f0bebf7e3b9d92fc49741779363cfe"); + + private static readonly byte[] output_k192_m0 = Hex.Decode("d17ddf46adaacde531cac483de7a9367"); + private static readonly byte[] output_k192_m16 = Hex.Decode("9e99a7bf31e710900662f65e617c5184"); + private static readonly byte[] output_k192_m40 = Hex.Decode("8a1de5be2eb31aad089a82e6ee908b0e"); + private static readonly byte[] output_k192_m64 = Hex.Decode("a1d5df0eed790f794d77589659f39a11"); + + private static readonly byte[] output_k256_m0 = Hex.Decode("028962f61b7bf89efc6b551f4667d983"); + private static readonly byte[] output_k256_m16 = Hex.Decode("28a7023f452e8f82bd4bf28d8c37c35c"); + private static readonly byte[] output_k256_m40 = Hex.Decode("aaf3d8f1de5640c232f5b169b9c911e6"); + private static readonly byte[] output_k256_m64 = Hex.Decode("e1992190549f6ed5696a2c056c315410"); + + private static readonly byte[] output_des_ede = Hex.Decode("1ca670dea381d37c"); + + public CMacTest() + { + } + + public override void PerformTest() + { +// Mac mac = Mac.getInstance("AESCMAC", "BC"); + IMac mac = MacUtilities.GetMac("AESCMAC"); + + //128 bytes key + +// SecretKeySpec key = new SecretKeySpec(keyBytes128, "AES"); + KeyParameter key = new KeyParameter(keyBytes128); + + // 0 bytes message - 128 bytes key + mac.Init(key); + + mac.BlockUpdate(input0, 0, input0.Length); + + byte[] output = MacUtilities.DoFinal(mac); + + if (!AreEqual(output, output_k128_m0)) + { + Fail("Failed - expected " + Hex.ToHexString(output_k128_m0) + + " got " + Hex.ToHexString(output)); + } + + // 16 bytes message - 128 bytes key + mac.Init(key); + + mac.BlockUpdate(input16, 0, input16.Length); + + output = MacUtilities.DoFinal(mac); + + if (!AreEqual(output, output_k128_m16)) + { + Fail("Failed - expected " + Hex.ToHexString(output_k128_m16) + + " got " + Hex.ToHexString(output)); + } + + // 40 bytes message - 128 bytes key + mac.Init(key); + + mac.BlockUpdate(input40, 0, input40.Length); + + output = MacUtilities.DoFinal(mac); + + if (!AreEqual(output, output_k128_m40)) + { + Fail("Failed - expected " + Hex.ToHexString(output_k128_m40) + + " got " + Hex.ToHexString(output)); + } + + // 64 bytes message - 128 bytes key + mac.Init(key); + + mac.BlockUpdate(input64, 0, input64.Length); + + output = MacUtilities.DoFinal(mac); + + if (!AreEqual(output, output_k128_m64)) + { + Fail("Failed - expected " + Hex.ToHexString(output_k128_m64) + + " got " + Hex.ToHexString(output)); + } + + //192 bytes key + +// key = new SecretKeySpec(keyBytes192, "AES"); + key = new KeyParameter(keyBytes192); + + // 0 bytes message - 192 bytes key + mac.Init(key); + + mac.BlockUpdate(input0, 0, input0.Length); + + output = MacUtilities.DoFinal(mac); + + if (!AreEqual(output, output_k192_m0)) + { + Fail("Failed - expected " + Hex.ToHexString(output_k192_m0) + + " got " + Hex.ToHexString(output)); + } + + // 16 bytes message - 192 bytes key + mac.Init(key); + + mac.BlockUpdate(input16, 0, input16.Length); + + output = MacUtilities.DoFinal(mac); + + if (!AreEqual(output, output_k192_m16)) + { + Fail("Failed - expected " + Hex.ToHexString(output_k192_m16) + + " got " + Hex.ToHexString(output)); + } + + // 40 bytes message - 192 bytes key + mac.Init(key); + + mac.BlockUpdate(input40, 0, input40.Length); + + output = MacUtilities.DoFinal(mac); + + if (!AreEqual(output, output_k192_m40)) + { + Fail("Failed - expected " + Hex.ToHexString(output_k192_m40) + + " got " + Hex.ToHexString(output)); + } + + // 64 bytes message - 192 bytes key + mac.Init(key); + + mac.BlockUpdate(input64, 0, input64.Length); + + output = MacUtilities.DoFinal(mac); + + if (!AreEqual(output, output_k192_m64)) + { + Fail("Failed - expected " + Hex.ToHexString(output_k192_m64) + + " got " + Hex.ToHexString(output)); + } + + //256 bytes key + +// key = new SecretKeySpec(keyBytes256, "AES"); + key = new KeyParameter(keyBytes256); + + // 0 bytes message - 256 bytes key + mac.Init(key); + + mac.BlockUpdate(input0, 0, input0.Length); + + output = MacUtilities.DoFinal(mac); + + if (!AreEqual(output, output_k256_m0)) + { + Fail("Failed - expected " + Hex.ToHexString(output_k256_m0) + + " got " + Hex.ToHexString(output)); + } + + // 16 bytes message - 256 bytes key + mac.Init(key); + + mac.BlockUpdate(input16, 0, input16.Length); + + output = MacUtilities.DoFinal(mac); + + if (!AreEqual(output, output_k256_m16)) + { + Fail("Failed - expected " + Hex.ToHexString(output_k256_m16) + + " got " + Hex.ToHexString(output)); + } + + // 40 bytes message - 256 bytes key + mac.Init(key); + + mac.BlockUpdate(input40, 0, input40.Length); + + output = MacUtilities.DoFinal(mac); + + if (!AreEqual(output, output_k256_m40)) + { + Fail("Failed - expected " + Hex.ToHexString(output_k256_m40) + + " got " + Hex.ToHexString(output)); + } + + // 64 bytes message - 256 bytes key + mac.Init(key); + + mac.BlockUpdate(input64, 0, input64.Length); + + output = MacUtilities.DoFinal(mac); + + if (!AreEqual(output, output_k256_m64)) + { + Fail("Failed - expected " + Hex.ToHexString(output_k256_m64) + + " got " + Hex.ToHexString(output)); + } + +// mac = Mac.getInstance("DESedeCMAC", "BC"); + mac = MacUtilities.GetMac("DESedeCMAC"); + + //DESede + +// key = new SecretKeySpec(keyBytes128, "DESede"); + key = new KeyParameter(keyBytes128); + + // 0 bytes message - 128 bytes key + mac.Init(key); + + mac.BlockUpdate(input0, 0, input0.Length); + + output = MacUtilities.DoFinal(mac); + + if (!AreEqual(output, output_des_ede)) + { + Fail("Failed - expected " + Hex.ToHexString(output_des_ede) + + " got " + Hex.ToHexString(output)); + } + } + + public override string Name + { + get { return "CMac"; } + } + + public static void Main(string[] args) + { + RunTest(new CMacTest()); + } + + [Test] + public void TestFunction() + { + string resultText = Perform().ToString(); + + Assert.AreEqual(Name + ": Okay", resultText); + } + } +} diff --git a/BouncyCastle/crypto/test/src/test/CRL5Test.cs b/BouncyCastle/crypto/test/src/test/CRL5Test.cs new file mode 100644 index 0000000..ebd74af --- /dev/null +++ b/BouncyCastle/crypto/test/src/test/CRL5Test.cs @@ -0,0 +1,257 @@ +using System; + +using NUnit.Framework; + +using Org.BouncyCastle.Utilities.Collections; +using Org.BouncyCastle.Utilities.Encoders; +using Org.BouncyCastle.Utilities.Test; +using Org.BouncyCastle.X509; + +namespace Org.BouncyCastle.Tests +{ + [TestFixture] + public class Crl5Test + : SimpleTest + { + private static readonly byte[] indirectCrl = Base64.Decode( + "MIIdXjCCHMcCAQEwDQYJKoZIhvcNAQEFBQAwdDELMAkGA1UEBhMCREUxHDAaBgNV" + +"BAoUE0RldXRzY2hlIFRlbGVrb20gQUcxFzAVBgNVBAsUDlQtVGVsZVNlYyBUZXN0" + +"MS4wDAYHAoIGAQoHFBMBMTAeBgNVBAMUF1QtVGVsZVNlYyBUZXN0IERJUiA4OlBO" + +"Fw0wNjA4MDQwODQ1MTRaFw0wNjA4MDQxNDQ1MTRaMIIbfzB+AgQvrj/pFw0wMzA3" + +"MjIwNTQxMjhaMGcwZQYDVR0dAQH/BFswWaRXMFUxCzAJBgNVBAYTAkRFMRwwGgYD" + +"VQQKFBNEZXV0c2NoZSBUZWxla29tIEFHMSgwDAYHAoIGAQoHFBMBMTAYBgNVBAMU" + +"EVNpZ0cgVGVzdCBDQSA0OlBOMH4CBC+uP+oXDTAzMDcyMjA1NDEyOFowZzBlBgNV" + +"HR0BAf8EWzBZpFcwVTELMAkGA1UEBhMCREUxHDAaBgNVBAoUE0RldXRzY2hlIFRl" + +"bGVrb20gQUcxKDAMBgcCggYBCgcUEwExMBgGA1UEAxQRU2lnRyBUZXN0IENBIDQ6" + +"UE4wfgIEL64/5xcNMDQwNDA1MTMxODE3WjBnMGUGA1UdHQEB/wRbMFmkVzBVMQsw" + +"CQYDVQQGEwJERTEcMBoGA1UEChQTRGV1dHNjaGUgVGVsZWtvbSBBRzEoMAwGBwKC" + +"BgEKBxQTATEwGAYDVQQDFBFTaWdHIFRlc3QgQ0EgNDpQTjB+AgQvrj/oFw0wNDA0" + +"MDUxMzE4MTdaMGcwZQYDVR0dAQH/BFswWaRXMFUxCzAJBgNVBAYTAkRFMRwwGgYD" + +"VQQKFBNEZXV0c2NoZSBUZWxla29tIEFHMSgwDAYHAoIGAQoHFBMBMTAYBgNVBAMU" + +"EVNpZ0cgVGVzdCBDQSA0OlBOMH4CBC+uP+UXDTAzMDExMzExMTgxMVowZzBlBgNV" + +"HR0BAf8EWzBZpFcwVTELMAkGA1UEBhMCREUxHDAaBgNVBAoUE0RldXRzY2hlIFRl" + +"bGVrb20gQUcxKDAMBgcCggYBCgcUEwExMBgGA1UEAxQRU2lnRyBUZXN0IENBIDQ6" + +"UE4wfgIEL64/5hcNMDMwMTEzMTExODExWjBnMGUGA1UdHQEB/wRbMFmkVzBVMQsw" + +"CQYDVQQGEwJERTEcMBoGA1UEChQTRGV1dHNjaGUgVGVsZWtvbSBBRzEoMAwGBwKC" + +"BgEKBxQTATEwGAYDVQQDFBFTaWdHIFRlc3QgQ0EgNDpQTjB+AgQvrj/jFw0wMzAx" + +"MTMxMTI2NTZaMGcwZQYDVR0dAQH/BFswWaRXMFUxCzAJBgNVBAYTAkRFMRwwGgYD" + +"VQQKFBNEZXV0c2NoZSBUZWxla29tIEFHMSgwDAYHAoIGAQoHFBMBMTAYBgNVBAMU" + +"EVNpZ0cgVGVzdCBDQSA0OlBOMH4CBC+uP+QXDTAzMDExMzExMjY1NlowZzBlBgNV" + +"HR0BAf8EWzBZpFcwVTELMAkGA1UEBhMCREUxHDAaBgNVBAoUE0RldXRzY2hlIFRl" + +"bGVrb20gQUcxKDAMBgcCggYBCgcUEwExMBgGA1UEAxQRU2lnRyBUZXN0IENBIDQ6" + +"UE4wfgIEL64/4hcNMDQwNzEzMDc1ODM4WjBnMGUGA1UdHQEB/wRbMFmkVzBVMQsw" + +"CQYDVQQGEwJERTEcMBoGA1UEChQTRGV1dHNjaGUgVGVsZWtvbSBBRzEoMAwGBwKC" + +"BgEKBxQTATEwGAYDVQQDFBFTaWdHIFRlc3QgQ0EgNDpQTjB+AgQvrj/eFw0wMzAy" + +"MTcwNjMzMjVaMGcwZQYDVR0dAQH/BFswWaRXMFUxCzAJBgNVBAYTAkRFMRwwGgYD" + +"VQQKFBNEZXV0c2NoZSBUZWxla29tIEFHMSgwDAYHAoIGAQoHFBMBMTAYBgNVBAMU" + +"EVNpZ0cgVGVzdCBDQSA0OlBOMH4CBC+uP98XDTAzMDIxNzA2MzMyNVowZzBlBgNV" + +"HR0BAf8EWzBZpFcwVTELMAkGA1UEBhMCREUxHDAaBgNVBAoUE0RldXRzY2hlIFRl" + +"bGVrb20gQUcxKDAMBgcCggYBCgcUEwExMBgGA1UEAxQRU2lnRyBUZXN0IENBIDQ6" + +"UE4wfgIEL64/0xcNMDMwMjE3MDYzMzI1WjBnMGUGA1UdHQEB/wRbMFmkVzBVMQsw" + +"CQYDVQQGEwJERTEcMBoGA1UEChQTRGV1dHNjaGUgVGVsZWtvbSBBRzEoMAwGBwKC" + +"BgEKBxQTATEwGAYDVQQDFBFTaWdHIFRlc3QgQ0EgNDpQTjB+AgQvrj/dFw0wMzAx" + +"MTMxMTI4MTRaMGcwZQYDVR0dAQH/BFswWaRXMFUxCzAJBgNVBAYTAkRFMRwwGgYD" + +"VQQKFBNEZXV0c2NoZSBUZWxla29tIEFHMSgwDAYHAoIGAQoHFBMBMTAYBgNVBAMU" + +"EVNpZ0cgVGVzdCBDQSA0OlBOMH4CBC+uP9cXDTAzMDExMzExMjcwN1owZzBlBgNV" + +"HR0BAf8EWzBZpFcwVTELMAkGA1UEBhMCREUxHDAaBgNVBAoUE0RldXRzY2hlIFRl" + +"bGVrb20gQUcxKDAMBgcCggYBCgcUEwExMBgGA1UEAxQRU2lnRyBUZXN0IENBIDQ6" + +"UE4wfgIEL64/2BcNMDMwMTEzMTEyNzA3WjBnMGUGA1UdHQEB/wRbMFmkVzBVMQsw" + +"CQYDVQQGEwJERTEcMBoGA1UEChQTRGV1dHNjaGUgVGVsZWtvbSBBRzEoMAwGBwKC" + +"BgEKBxQTATEwGAYDVQQDFBFTaWdHIFRlc3QgQ0EgNDpQTjB+AgQvrj/VFw0wMzA0" + +"MzAxMjI3NTNaMGcwZQYDVR0dAQH/BFswWaRXMFUxCzAJBgNVBAYTAkRFMRwwGgYD" + +"VQQKFBNEZXV0c2NoZSBUZWxla29tIEFHMSgwDAYHAoIGAQoHFBMBMTAYBgNVBAMU" + +"EVNpZ0cgVGVzdCBDQSA0OlBOMH4CBC+uP9YXDTAzMDQzMDEyMjc1M1owZzBlBgNV" + +"HR0BAf8EWzBZpFcwVTELMAkGA1UEBhMCREUxHDAaBgNVBAoUE0RldXRzY2hlIFRl" + +"bGVrb20gQUcxKDAMBgcCggYBCgcUEwExMBgGA1UEAxQRU2lnRyBUZXN0IENBIDQ6" + +"UE4wfgIEL64/xhcNMDMwMjEyMTM0NTQwWjBnMGUGA1UdHQEB/wRbMFmkVzBVMQsw" + +"CQYDVQQGEwJERTEcMBoGA1UEChQTRGV1dHNjaGUgVGVsZWtvbSBBRzEoMAwGBwKC" + +"BgEKBxQTATEwGAYDVQQDFBFUVEMgVGVzdCBDQSAxMTpQTjCBkAIEL64/xRcNMDMw" + +"MjEyMTM0NTQwWjB5MHcGA1UdHQEB/wRtMGukaTBnMQswCQYDVQQGEwJERTEcMBoG" + +"A1UEChQTRGV1dHNjaGUgVGVsZWtvbSBBRzEQMA4GA1UECxQHVGVsZVNlYzEoMAwG" + +"BwKCBgEKBxQTATEwGAYDVQQDFBFTaWdHIFRlc3QgQ0EgNTpQTjB+AgQvrj/CFw0w" + +"MzAyMTIxMzA5MTZaMGcwZQYDVR0dAQH/BFswWaRXMFUxCzAJBgNVBAYTAkRFMRww" + +"GgYDVQQKFBNEZXV0c2NoZSBUZWxla29tIEFHMSgwDAYHAoIGAQoHFBMBMTAYBgNV" + +"BAMUEVRUQyBUZXN0IENBIDExOlBOMIGQAgQvrj/BFw0wMzAyMTIxMzA4NDBaMHkw" + +"dwYDVR0dAQH/BG0wa6RpMGcxCzAJBgNVBAYTAkRFMRwwGgYDVQQKFBNEZXV0c2No" + +"ZSBUZWxla29tIEFHMRAwDgYDVQQLFAdUZWxlU2VjMSgwDAYHAoIGAQoHFBMBMTAY" + +"BgNVBAMUEVNpZ0cgVGVzdCBDQSA1OlBOMH4CBC+uP74XDTAzMDIxNzA2MzcyNVow" + +"ZzBlBgNVHR0BAf8EWzBZpFcwVTELMAkGA1UEBhMCREUxHDAaBgNVBAoUE0RldXRz" + +"Y2hlIFRlbGVrb20gQUcxKDAMBgcCggYBCgcUEwExMBgGA1UEAxQRVFRDIFRlc3Qg" + +"Q0EgMTE6UE4wgZACBC+uP70XDTAzMDIxNzA2MzcyNVoweTB3BgNVHR0BAf8EbTBr" + +"pGkwZzELMAkGA1UEBhMCREUxHDAaBgNVBAoUE0RldXRzY2hlIFRlbGVrb20gQUcx" + +"EDAOBgNVBAsUB1RlbGVTZWMxKDAMBgcCggYBCgcUEwExMBgGA1UEAxQRU2lnRyBU" + +"ZXN0IENBIDU6UE4wgZACBC+uP7AXDTAzMDIxMjEzMDg1OVoweTB3BgNVHR0BAf8E" + +"bTBrpGkwZzELMAkGA1UEBhMCREUxHDAaBgNVBAoUE0RldXRzY2hlIFRlbGVrb20g" + +"QUcxEDAOBgNVBAsUB1RlbGVTZWMxKDAMBgcCggYBCgcUEwExMBgGA1UEAxQRU2ln" + +"RyBUZXN0IENBIDU6UE4wgZACBC+uP68XDTAzMDIxNzA2MzcyNVoweTB3BgNVHR0B" + +"Af8EbTBrpGkwZzELMAkGA1UEBhMCREUxHDAaBgNVBAoUE0RldXRzY2hlIFRlbGVr" + +"b20gQUcxEDAOBgNVBAsUB1RlbGVTZWMxKDAMBgcCggYBCgcUEwExMBgGA1UEAxQR" + +"U2lnRyBUZXN0IENBIDU6UE4wfgIEL64/kxcNMDMwNDEwMDUyNjI4WjBnMGUGA1Ud" + +"HQEB/wRbMFmkVzBVMQswCQYDVQQGEwJERTEcMBoGA1UEChQTRGV1dHNjaGUgVGVs" + +"ZWtvbSBBRzEoMAwGBwKCBgEKBxQTATEwGAYDVQQDFBFUVEMgVGVzdCBDQSAxMTpQ" + +"TjCBkAIEL64/khcNMDMwNDEwMDUyNjI4WjB5MHcGA1UdHQEB/wRtMGukaTBnMQsw" + +"CQYDVQQGEwJERTEcMBoGA1UEChQTRGV1dHNjaGUgVGVsZWtvbSBBRzEQMA4GA1UE" + +"CxQHVGVsZVNlYzEoMAwGBwKCBgEKBxQTATEwGAYDVQQDFBFTaWdHIFRlc3QgQ0Eg" + +"NTpQTjB+AgQvrj8/Fw0wMzAyMjYxMTA0NDRaMGcwZQYDVR0dAQH/BFswWaRXMFUx" + +"CzAJBgNVBAYTAkRFMRwwGgYDVQQKFBNEZXV0c2NoZSBUZWxla29tIEFHMSgwDAYH" + +"AoIGAQoHFBMBMTAYBgNVBAMUEVRUQyBUZXN0IENBIDExOlBOMIGQAgQvrj8+Fw0w" + +"MzAyMjYxMTA0NDRaMHkwdwYDVR0dAQH/BG0wa6RpMGcxCzAJBgNVBAYTAkRFMRww" + +"GgYDVQQKFBNEZXV0c2NoZSBUZWxla29tIEFHMRAwDgYDVQQLFAdUZWxlU2VjMSgw" + +"DAYHAoIGAQoHFBMBMTAYBgNVBAMUEVNpZ0cgVGVzdCBDQSA1OlBOMH4CBC+uPs0X" + +"DTAzMDUyMDA1MjczNlowZzBlBgNVHR0BAf8EWzBZpFcwVTELMAkGA1UEBhMCREUx" + +"HDAaBgNVBAoUE0RldXRzY2hlIFRlbGVrb20gQUcxKDAMBgcCggYBCgcUEwExMBgG" + +"A1UEAxQRVFRDIFRlc3QgQ0EgMTE6UE4wgZACBC+uPswXDTAzMDUyMDA1MjczNlow" + +"eTB3BgNVHR0BAf8EbTBrpGkwZzELMAkGA1UEBhMCREUxHDAaBgNVBAoUE0RldXRz" + +"Y2hlIFRlbGVrb20gQUcxEDAOBgNVBAsUB1RlbGVTZWMxKDAMBgcCggYBCgcUEwEx" + +"MBgGA1UEAxQRU2lnRyBUZXN0IENBIDY6UE4wfgIEL64+PBcNMDMwNjE3MTAzNDE2" + +"WjBnMGUGA1UdHQEB/wRbMFmkVzBVMQswCQYDVQQGEwJERTEcMBoGA1UEChQTRGV1" + +"dHNjaGUgVGVsZWtvbSBBRzEoMAwGBwKCBgEKBxQTATEwGAYDVQQDFBFUVEMgVGVz" + +"dCBDQSAxMTpQTjCBkAIEL64+OxcNMDMwNjE3MTAzNDE2WjB5MHcGA1UdHQEB/wRt" + +"MGukaTBnMQswCQYDVQQGEwJERTEcMBoGA1UEChQTRGV1dHNjaGUgVGVsZWtvbSBB" + +"RzEQMA4GA1UECxQHVGVsZVNlYzEoMAwGBwKCBgEKBxQTATEwGAYDVQQDFBFTaWdH" + +"IFRlc3QgQ0EgNjpQTjCBkAIEL64+OhcNMDMwNjE3MTAzNDE2WjB5MHcGA1UdHQEB" + +"/wRtMGukaTBnMQswCQYDVQQGEwJERTEcMBoGA1UEChQTRGV1dHNjaGUgVGVsZWtv" + +"bSBBRzEQMA4GA1UECxQHVGVsZVNlYzEoMAwGBwKCBgEKBxQTATEwGAYDVQQDFBFT" + +"aWdHIFRlc3QgQ0EgNjpQTjB+AgQvrj45Fw0wMzA2MTcxMzAxMDBaMGcwZQYDVR0d" + +"AQH/BFswWaRXMFUxCzAJBgNVBAYTAkRFMRwwGgYDVQQKFBNEZXV0c2NoZSBUZWxl" + +"a29tIEFHMSgwDAYHAoIGAQoHFBMBMTAYBgNVBAMUEVRUQyBUZXN0IENBIDExOlBO" + +"MIGQAgQvrj44Fw0wMzA2MTcxMzAxMDBaMHkwdwYDVR0dAQH/BG0wa6RpMGcxCzAJ" + +"BgNVBAYTAkRFMRwwGgYDVQQKFBNEZXV0c2NoZSBUZWxla29tIEFHMRAwDgYDVQQL" + +"FAdUZWxlU2VjMSgwDAYHAoIGAQoHFBMBMTAYBgNVBAMUEVNpZ0cgVGVzdCBDQSA2" + +"OlBOMIGQAgQvrj43Fw0wMzA2MTcxMzAxMDBaMHkwdwYDVR0dAQH/BG0wa6RpMGcx" + +"CzAJBgNVBAYTAkRFMRwwGgYDVQQKFBNEZXV0c2NoZSBUZWxla29tIEFHMRAwDgYD" + +"VQQLFAdUZWxlU2VjMSgwDAYHAoIGAQoHFBMBMTAYBgNVBAMUEVNpZ0cgVGVzdCBD" + +"QSA2OlBOMIGQAgQvrj42Fw0wMzA2MTcxMzAxMDBaMHkwdwYDVR0dAQH/BG0wa6Rp" + +"MGcxCzAJBgNVBAYTAkRFMRwwGgYDVQQKFBNEZXV0c2NoZSBUZWxla29tIEFHMRAw" + +"DgYDVQQLFAdUZWxlU2VjMSgwDAYHAoIGAQoHFBMBMTAYBgNVBAMUEVNpZ0cgVGVz" + +"dCBDQSA2OlBOMIGQAgQvrj4zFw0wMzA2MTcxMDM3NDlaMHkwdwYDVR0dAQH/BG0w" + +"a6RpMGcxCzAJBgNVBAYTAkRFMRwwGgYDVQQKFBNEZXV0c2NoZSBUZWxla29tIEFH" + +"MRAwDgYDVQQLFAdUZWxlU2VjMSgwDAYHAoIGAQoHFBMBMTAYBgNVBAMUEVNpZ0cg" + +"VGVzdCBDQSA2OlBOMH4CBC+uPjEXDTAzMDYxNzEwNDI1OFowZzBlBgNVHR0BAf8E" + +"WzBZpFcwVTELMAkGA1UEBhMCREUxHDAaBgNVBAoUE0RldXRzY2hlIFRlbGVrb20g" + +"QUcxKDAMBgcCggYBCgcUEwExMBgGA1UEAxQRVFRDIFRlc3QgQ0EgMTE6UE4wgZAC" + +"BC+uPjAXDTAzMDYxNzEwNDI1OFoweTB3BgNVHR0BAf8EbTBrpGkwZzELMAkGA1UE" + +"BhMCREUxHDAaBgNVBAoUE0RldXRzY2hlIFRlbGVrb20gQUcxEDAOBgNVBAsUB1Rl" + +"bGVTZWMxKDAMBgcCggYBCgcUEwExMBgGA1UEAxQRU2lnRyBUZXN0IENBIDY6UE4w" + +"gZACBC+uPakXDTAzMTAyMjExMzIyNFoweTB3BgNVHR0BAf8EbTBrpGkwZzELMAkG" + +"A1UEBhMCREUxHDAaBgNVBAoUE0RldXRzY2hlIFRlbGVrb20gQUcxEDAOBgNVBAsU" + +"B1RlbGVTZWMxKDAMBgcCggYBCgcUEwExMBgGA1UEAxQRU2lnRyBUZXN0IENBIDY6" + +"UE4wgZACBC+uPLIXDTA1MDMxMTA2NDQyNFoweTB3BgNVHR0BAf8EbTBrpGkwZzEL" + +"MAkGA1UEBhMCREUxHDAaBgNVBAoUE0RldXRzY2hlIFRlbGVrb20gQUcxEDAOBgNV" + +"BAsUB1RlbGVTZWMxKDAMBgcCggYBCgcUEwExMBgGA1UEAxQRU2lnRyBUZXN0IENB" + +"IDY6UE4wgZACBC+uPKsXDTA0MDQwMjA3NTQ1M1oweTB3BgNVHR0BAf8EbTBrpGkw" + +"ZzELMAkGA1UEBhMCREUxHDAaBgNVBAoUE0RldXRzY2hlIFRlbGVrb20gQUcxEDAO" + +"BgNVBAsUB1RlbGVTZWMxKDAMBgcCggYBCgcUEwExMBgGA1UEAxQRU2lnRyBUZXN0" + +"IENBIDY6UE4wgZACBC+uOugXDTA1MDEyNzEyMDMyNFoweTB3BgNVHR0BAf8EbTBr" + +"pGkwZzELMAkGA1UEBhMCREUxHDAaBgNVBAoUE0RldXRzY2hlIFRlbGVrb20gQUcx" + +"EDAOBgNVBAsUB1RlbGVTZWMxKDAMBgcCggYBCgcUEwExMBgGA1UEAxQRU2lnRyBU" + +"ZXN0IENBIDY6UE4wgZACBC+uOr4XDTA1MDIxNjA3NTcxNloweTB3BgNVHR0BAf8E" + +"bTBrpGkwZzELMAkGA1UEBhMCREUxHDAaBgNVBAoUE0RldXRzY2hlIFRlbGVrb20g" + +"QUcxEDAOBgNVBAsUB1RlbGVTZWMxKDAMBgcCggYBCgcUEwExMBgGA1UEAxQRU2ln" + +"RyBUZXN0IENBIDY6UE4wgZACBC+uOqcXDTA1MDMxMDA1NTkzNVoweTB3BgNVHR0B" + +"Af8EbTBrpGkwZzELMAkGA1UEBhMCREUxHDAaBgNVBAoUE0RldXRzY2hlIFRlbGVr" + +"b20gQUcxEDAOBgNVBAsUB1RlbGVTZWMxKDAMBgcCggYBCgcUEwExMBgGA1UEAxQR" + +"U2lnRyBUZXN0IENBIDY6UE4wgZACBC+uOjwXDTA1MDUxMTEwNDk0NloweTB3BgNV" + +"HR0BAf8EbTBrpGkwZzELMAkGA1UEBhMCREUxHDAaBgNVBAoUE0RldXRzY2hlIFRl" + +"bGVrb20gQUcxEDAOBgNVBAsUB1RlbGVTZWMxKDAMBgcCggYBCgcUEwExMBgGA1UE" + +"AxQRU2lnRyBUZXN0IENBIDY6UE4wgaoCBC+sbdUXDTA1MTExMTEwMDMyMVowgZIw" + +"gY8GA1UdHQEB/wSBhDCBgaR/MH0xCzAJBgNVBAYTAkRFMRwwGgYDVQQKFBNEZXV0" + +"c2NoZSBUZWxla29tIEFHMR8wHQYDVQQLFBZQcm9kdWt0emVudHJ1bSBUZWxlU2Vj" + +"MS8wDAYHAoIGAQoHFBMBMTAfBgNVBAMUGFRlbGVTZWMgUEtTIFNpZ0cgQ0EgMTpQ" + +"TjCBlQIEL64uaBcNMDYwMTIzMTAyNTU1WjB+MHwGA1UdHQEB/wRyMHCkbjBsMQsw" + +"CQYDVQQGEwJERTEcMBoGA1UEChQTRGV1dHNjaGUgVGVsZWtvbSBBRzEWMBQGA1UE" + +"CxQNWmVudHJhbGUgQm9ubjEnMAwGBwKCBgEKBxQTATEwFwYDVQQDFBBUVEMgVGVz" + +"dCBDQSA5OlBOMIGVAgQvribHFw0wNjA4MDEwOTQ4NDRaMH4wfAYDVR0dAQH/BHIw" + +"cKRuMGwxCzAJBgNVBAYTAkRFMRwwGgYDVQQKFBNEZXV0c2NoZSBUZWxla29tIEFH" + +"MRYwFAYDVQQLFA1aZW50cmFsZSBCb25uMScwDAYHAoIGAQoHFBMBMTAXBgNVBAMU" + +"EFRUQyBUZXN0IENBIDk6UE6ggZswgZgwCwYDVR0UBAQCAhEMMB8GA1UdIwQYMBaA" + +"FANbyNumDI9545HwlCF26NuOJC45MA8GA1UdHAEB/wQFMAOEAf8wVwYDVR0SBFAw" + +"ToZMbGRhcDovL3Brc2xkYXAudHR0Yy5kZS9vdT1ULVRlbGVTZWMgVGVzdCBESVIg" + +"ODpQTixvPURldXRzY2hlIFRlbGVrb20gQUcsYz1kZTANBgkqhkiG9w0BAQUFAAOB" + +"gQBewL5gLFHpeOWO07Vk3Gg7pRDuAlvaovBH4coCyCWpk5jEhUfFSYEDuaQB7do4" + +"IlJmeTHvkI0PIZWJ7bwQ2PVdipPWDx0NVwS/Cz5jUKiS3BbAmZQZOueiKLFpQq3A" + +"b8aOHA7WHU4078/1lM+bgeu33Ln1CGykEbmSjA/oKPi/JA=="); + + private static readonly byte[] directCrl = Base64.Decode( + "MIIGXTCCBckCAQEwCgYGKyQDAwECBQAwdDELMAkGA1UEBhMCREUxHDAaBgNVBAoU" + +"E0RldXRzY2hlIFRlbGVrb20gQUcxFzAVBgNVBAsUDlQtVGVsZVNlYyBUZXN0MS4w" + +"DAYHAoIGAQoHFBMBMTAeBgNVBAMUF1QtVGVsZVNlYyBUZXN0IERJUiA4OlBOFw0w" + +"NjA4MDQwODQ1MTRaFw0wNjA4MDQxNDQ1MTRaMIIElTAVAgQvrj/pFw0wMzA3MjIw" + +"NTQxMjhaMBUCBC+uP+oXDTAzMDcyMjA1NDEyOFowFQIEL64/5xcNMDQwNDA1MTMx" + +"ODE3WjAVAgQvrj/oFw0wNDA0MDUxMzE4MTdaMBUCBC+uP+UXDTAzMDExMzExMTgx" + +"MVowFQIEL64/5hcNMDMwMTEzMTExODExWjAVAgQvrj/jFw0wMzAxMTMxMTI2NTZa" + +"MBUCBC+uP+QXDTAzMDExMzExMjY1NlowFQIEL64/4hcNMDQwNzEzMDc1ODM4WjAV" + +"AgQvrj/eFw0wMzAyMTcwNjMzMjVaMBUCBC+uP98XDTAzMDIxNzA2MzMyNVowFQIE" + +"L64/0xcNMDMwMjE3MDYzMzI1WjAVAgQvrj/dFw0wMzAxMTMxMTI4MTRaMBUCBC+u" + +"P9cXDTAzMDExMzExMjcwN1owFQIEL64/2BcNMDMwMTEzMTEyNzA3WjAVAgQvrj/V" + +"Fw0wMzA0MzAxMjI3NTNaMBUCBC+uP9YXDTAzMDQzMDEyMjc1M1owFQIEL64/xhcN" + +"MDMwMjEyMTM0NTQwWjAVAgQvrj/FFw0wMzAyMTIxMzQ1NDBaMBUCBC+uP8IXDTAz" + +"MDIxMjEzMDkxNlowFQIEL64/wRcNMDMwMjEyMTMwODQwWjAVAgQvrj++Fw0wMzAy" + +"MTcwNjM3MjVaMBUCBC+uP70XDTAzMDIxNzA2MzcyNVowFQIEL64/sBcNMDMwMjEy" + +"MTMwODU5WjAVAgQvrj+vFw0wMzAyMTcwNjM3MjVaMBUCBC+uP5MXDTAzMDQxMDA1" + +"MjYyOFowFQIEL64/khcNMDMwNDEwMDUyNjI4WjAVAgQvrj8/Fw0wMzAyMjYxMTA0" + +"NDRaMBUCBC+uPz4XDTAzMDIyNjExMDQ0NFowFQIEL64+zRcNMDMwNTIwMDUyNzM2" + +"WjAVAgQvrj7MFw0wMzA1MjAwNTI3MzZaMBUCBC+uPjwXDTAzMDYxNzEwMzQxNlow" + +"FQIEL64+OxcNMDMwNjE3MTAzNDE2WjAVAgQvrj46Fw0wMzA2MTcxMDM0MTZaMBUC" + +"BC+uPjkXDTAzMDYxNzEzMDEwMFowFQIEL64+OBcNMDMwNjE3MTMwMTAwWjAVAgQv" + +"rj43Fw0wMzA2MTcxMzAxMDBaMBUCBC+uPjYXDTAzMDYxNzEzMDEwMFowFQIEL64+" + +"MxcNMDMwNjE3MTAzNzQ5WjAVAgQvrj4xFw0wMzA2MTcxMDQyNThaMBUCBC+uPjAX" + +"DTAzMDYxNzEwNDI1OFowFQIEL649qRcNMDMxMDIyMTEzMjI0WjAVAgQvrjyyFw0w" + +"NTAzMTEwNjQ0MjRaMBUCBC+uPKsXDTA0MDQwMjA3NTQ1M1owFQIEL6466BcNMDUw" + +"MTI3MTIwMzI0WjAVAgQvrjq+Fw0wNTAyMTYwNzU3MTZaMBUCBC+uOqcXDTA1MDMx" + +"MDA1NTkzNVowFQIEL646PBcNMDUwNTExMTA0OTQ2WjAVAgQvrG3VFw0wNTExMTEx" + +"MDAzMjFaMBUCBC+uLmgXDTA2MDEyMzEwMjU1NVowFQIEL64mxxcNMDYwODAxMDk0" + +"ODQ0WqCBijCBhzALBgNVHRQEBAICEQwwHwYDVR0jBBgwFoAUA1vI26YMj3njkfCU" + +"IXbo244kLjkwVwYDVR0SBFAwToZMbGRhcDovL3Brc2xkYXAudHR0Yy5kZS9vdT1U" + +"LVRlbGVTZWMgVGVzdCBESVIgODpQTixvPURldXRzY2hlIFRlbGVrb20gQUcsYz1k" + +"ZTAKBgYrJAMDAQIFAAOBgQArj4eMlbAwuA2aS5O4UUUHQMKKdK/dtZi60+LJMiMY" + +"ojrMIf4+ZCkgm1Ca0Cd5T15MJxVHhh167Ehn/Hd48pdnAP6Dfz/6LeqkIHGWMHR+" + +"z6TXpwWB+P4BdUec1ztz04LypsznrHcLRa91ixg9TZCb1MrOG+InNhleRs1ImXk8" + +"MQ=="); + + public override string Name + { + get { return "CRL5"; } + } + + [Test] + public void TestIndirectCrl() + { + X509Crl crl = new X509CrlParser().ReadCrl(indirectCrl); + + foreach (X509CrlEntry crlEntry in crl.GetRevokedCertificates()) + { + if (crlEntry.GetCertificateIssuer() == null) + { + Fail("certificate issuer CRL entry extension is null"); + } + } + } + + [Test] + public void TestDirectCrl() + { + X509Crl crl = new X509CrlParser().ReadCrl(directCrl); + + foreach (X509CrlEntry crlEntry in crl.GetRevokedCertificates()) + { + if (crlEntry.GetCertificateIssuer() != null) + { + Fail("certificate issuer CRL entry extension is not null"); + } + } + } + + public override void PerformTest() + { + TestIndirectCrl(); + TestDirectCrl(); + } + + public static void Main( + string[] args) + { + RunTest(new Crl5Test()); + } + } +} diff --git a/BouncyCastle/crypto/test/src/test/CamelliaTest.cs b/BouncyCastle/crypto/test/src/test/CamelliaTest.cs new file mode 100644 index 0000000..f8e3520 --- /dev/null +++ b/BouncyCastle/crypto/test/src/test/CamelliaTest.cs @@ -0,0 +1,204 @@ +using System; +using System.IO; + +using NUnit.Framework; + +using Org.BouncyCastle.Asn1.Ntt; +using Org.BouncyCastle.Crypto; +using Org.BouncyCastle.Crypto.IO; +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Security; +using Org.BouncyCastle.Utilities.Encoders; + +namespace Org.BouncyCastle.Tests +{ + /// Basic test class for Camellia + [TestFixture] + public class CamelliaTest + : BaseBlockCipherTest + { + internal static readonly string[] cipherTests = + { + "128", + "0123456789abcdeffedcba9876543210", + "0123456789abcdeffedcba9876543210", + "67673138549669730857065648eabe43", + "192", + "0123456789abcdeffedcba98765432100011223344556677", + "0123456789abcdeffedcba9876543210", + "b4993401b3e996f84ee5cee7d79b09b9", + "256", + "0123456789abcdeffedcba987654321000112233445566778899aabbccddeeff", + "0123456789abcdeffedcba9876543210", + "9acc237dff16d76c20ef7c919e3a7509", + }; + + public CamelliaTest() + : base("Camellia") + { + } + + [Test] + public void TestCiphers() + { + for (int i = 0; i != cipherTests.Length; i += 4) + { + doCipherTest(int.Parse(cipherTests[i]), + Hex.Decode(cipherTests[i + 1]), + Hex.Decode(cipherTests[i + 2]), + Hex.Decode(cipherTests[i + 3])); + } + } + + [Test] + public void TestWrap() + { + byte[] kek1 = Hex.Decode("000102030405060708090a0b0c0d0e0f"); + byte[] in1 = Hex.Decode("00112233445566778899aabbccddeeff"); + byte[] out1 = Hex.Decode("635d6ac46eedebd3a7f4a06421a4cbd1746b24795ba2f708"); + + wrapTest(1, "CamelliaWrap", kek1, in1, out1); + } + + [Test] + public void TestOids() + { + string[] oids = { + NttObjectIdentifiers.IdCamellia128Cbc.Id, + NttObjectIdentifiers.IdCamellia192Cbc.Id, + NttObjectIdentifiers.IdCamellia256Cbc.Id + }; + + string[] names = { + "Camellia/CBC/PKCS7Padding", + "Camellia/CBC/PKCS7Padding", + "Camellia/CBC/PKCS7Padding" + }; + + oidTest(oids, names, 1); + } + + [Test] + public void TestWrapOids() + { + string[] wrapOids = { + NttObjectIdentifiers.IdCamellia128Wrap.Id, + NttObjectIdentifiers.IdCamellia192Wrap.Id, + NttObjectIdentifiers.IdCamellia256Wrap.Id + }; + + wrapOidTest(wrapOids, "CamelliaWrap"); + } + + public void doCipherTest( + int strength, + byte[] keyBytes, + byte[] input, + byte[] output) + { + KeyParameter key = ParameterUtilities.CreateKeyParameter("Camellia", keyBytes); + + IBufferedCipher inCipher = CipherUtilities.GetCipher("Camellia/ECB/NoPadding"); + IBufferedCipher outCipher = CipherUtilities.GetCipher("Camellia/ECB/NoPadding"); + + try + { + outCipher.Init(true, key); + } + catch (Exception e) + { + Fail("Camellia failed initialisation - " + e.ToString(), e); + } + + try + { + inCipher.Init(false, key); + } + catch (Exception e) + { + Fail("Camellia failed initialisation - " + e.ToString(), e); + } + + // + // encryption pass + // + MemoryStream bOut = new MemoryStream(); + CipherStream cOut = new CipherStream(bOut, null, outCipher); + + try + { + for (int i = 0; i != input.Length / 2; i++) + { + cOut.WriteByte(input[i]); + } + cOut.Write(input, input.Length / 2, input.Length - input.Length / 2); + cOut.Close(); + } + catch (IOException e) + { + Fail("Camellia failed encryption - " + e.ToString(), e); + } + + byte[] bytes = bOut.ToArray(); + + if (!AreEqual(bytes, output)) + { + Fail("Camellia failed encryption - expected " + + Hex.ToHexString(output) + " got " + + Hex.ToHexString(bytes)); + } + + // + // decryption pass + // + MemoryStream bIn = new MemoryStream(bytes, false); + CipherStream cIn = new CipherStream(bIn, inCipher, null); + + try + { +// DataInputStream dIn = new DataInputStream(cIn); + BinaryReader dIn = new BinaryReader(cIn); + + bytes = new byte[input.Length]; + + for (int i = 0; i != input.Length / 2; i++) + { +// bytes[i] = (byte)dIn.read(); + bytes[i] = dIn.ReadByte(); + } + + int remaining = bytes.Length - input.Length / 2; +// dIn.readFully(bytes, input.Length / 2, remaining); + byte[] extra = dIn.ReadBytes(remaining); + if (extra.Length < remaining) + throw new EndOfStreamException(); + extra.CopyTo(bytes, input.Length / 2); + } + catch (Exception e) + { + Fail("Camellia failed encryption - " + e.ToString(), e); + } + + if (!AreEqual(bytes, input)) + { + Fail("Camellia failed decryption - expected " + + Hex.ToHexString(input) + " got " + + Hex.ToHexString(bytes)); + } + } + + public override void PerformTest() + { + TestCiphers(); + TestWrap(); + TestOids(); + TestWrapOids(); + } + + public static void Main( + string[] args) + { + RunTest(new CamelliaTest()); + } + } +} diff --git a/BouncyCastle/crypto/test/src/test/CertPathBuilderTest.cs b/BouncyCastle/crypto/test/src/test/CertPathBuilderTest.cs new file mode 100644 index 0000000..e31bde8 --- /dev/null +++ b/BouncyCastle/crypto/test/src/test/CertPathBuilderTest.cs @@ -0,0 +1,163 @@ +using System; +using System.Collections; + +using NUnit.Framework; + +using Org.BouncyCastle.Crypto; +using Org.BouncyCastle.Math; +using Org.BouncyCastle.Pkix; +using Org.BouncyCastle.Utilities.Collections; +using Org.BouncyCastle.Utilities.Date; +using Org.BouncyCastle.Utilities.Test; +using Org.BouncyCastle.X509; +using Org.BouncyCastle.X509.Store; + +namespace Org.BouncyCastle.Tests +{ + [TestFixture] + public class CertPathBuilderTest + : SimpleTest + { + private void baseTest() + { +// CertificateFactory cf = CertificateFactory.getInstance("X.509", "BC"); + X509CertificateParser certParser = new X509CertificateParser(); + X509CrlParser crlParser = new X509CrlParser(); + + // initialise CertStore + X509Certificate rootCert = certParser.ReadCertificate(CertPathTest.rootCertBin); + X509Certificate interCert = certParser.ReadCertificate(CertPathTest.interCertBin); + X509Certificate finalCert = certParser.ReadCertificate(CertPathTest.finalCertBin); + X509Crl rootCrl = crlParser.ReadCrl(CertPathTest.rootCrlBin); + X509Crl interCrl = crlParser.ReadCrl(CertPathTest.interCrlBin); + + IList certList = new ArrayList(); + certList.Add(rootCert); + certList.Add(interCert); + certList.Add(finalCert); + + IList crlList = new ArrayList(); + crlList.Add(rootCrl); + crlList.Add(interCrl); + +// CollectionCertStoreParameters ccsp = new CollectionCertStoreParameters(list); +// CertStore store = CertStore.getInstance("Collection", ccsp, "BC"); + IX509Store x509CertStore = X509StoreFactory.Create( + "Certificate/Collection", + new X509CollectionStoreParameters(certList)); + IX509Store x509CrlStore = X509StoreFactory.Create( + "CRL/Collection", + new X509CollectionStoreParameters(crlList)); + + // NB: Month is 1-based in .NET + //DateTime validDate = new DateTime(2008, 9, 4, 14, 49, 10).ToUniversalTime(); + DateTime validDate = new DateTime(2008, 9, 4, 5, 49, 10); + + //Searching for rootCert by subjectDN without CRL + ISet trust = new HashSet(); + trust.Add(new TrustAnchor(rootCert, null)); + +// CertPathBuilder cpb = CertPathBuilder.getInstance("PKIX","BC"); + PkixCertPathBuilder cpb = new PkixCertPathBuilder(); + X509CertStoreSelector targetConstraints = new X509CertStoreSelector(); + targetConstraints.Subject = finalCert.SubjectDN; + PkixBuilderParameters parameters = new PkixBuilderParameters(trust, targetConstraints); +// parameters.addCertStore(store); + parameters.AddStore(x509CertStore); + parameters.AddStore(x509CrlStore); + parameters.Date = new DateTimeObject(validDate); + PkixCertPathBuilderResult result = cpb.Build(parameters); + PkixCertPath path = result.CertPath; + + if (path.Certificates.Count != 2) + { + Fail("wrong number of certs in baseTest path"); + } + } + + private void v0Test() + { + // create certificates and CRLs + AsymmetricCipherKeyPair rootPair = TestUtilities.GenerateRsaKeyPair(); + AsymmetricCipherKeyPair interPair = TestUtilities.GenerateRsaKeyPair(); + AsymmetricCipherKeyPair endPair = TestUtilities.GenerateRsaKeyPair(); + + X509Certificate rootCert = TestUtilities.GenerateRootCert(rootPair); + X509Certificate interCert = TestUtilities.GenerateIntermediateCert(interPair.Public, rootPair.Private, rootCert); + X509Certificate endCert = TestUtilities.GenerateEndEntityCert(endPair.Public, interPair.Private, interCert); + + BigInteger revokedSerialNumber = BigInteger.Two; + X509Crl rootCRL = TestUtilities.CreateCrl(rootCert, rootPair.Private, revokedSerialNumber); + X509Crl interCRL = TestUtilities.CreateCrl(interCert, interPair.Private, revokedSerialNumber); + + // create CertStore to support path building + IList certList = new ArrayList(); + certList.Add(rootCert); + certList.Add(interCert); + certList.Add(endCert); + + IList crlList = new ArrayList(); + crlList.Add(rootCRL); + crlList.Add(interCRL); + +// CollectionCertStoreParameters parameters = new CollectionCertStoreParameters(list); +// CertStore store = CertStore.getInstance("Collection", parameters); + IX509Store x509CertStore = X509StoreFactory.Create( + "Certificate/Collection", + new X509CollectionStoreParameters(certList)); + IX509Store x509CrlStore = X509StoreFactory.Create( + "CRL/Collection", + new X509CollectionStoreParameters(crlList)); + + ISet trust = new HashSet(); + trust.Add(new TrustAnchor(rootCert, null)); + + // build the path +// CertPathBuilder builder = CertPathBuilder.getInstance("PKIX", "BC"); + PkixCertPathBuilder builder = new PkixCertPathBuilder(); + X509CertStoreSelector pathConstraints = new X509CertStoreSelector(); + + pathConstraints.Subject = endCert.SubjectDN; + + PkixBuilderParameters buildParams = new PkixBuilderParameters(trust, pathConstraints); +// buildParams.addCertStore(store); + buildParams.AddStore(x509CertStore); + buildParams.AddStore(x509CrlStore); + + buildParams.Date = new DateTimeObject(DateTime.UtcNow); + + PkixCertPathBuilderResult result = builder.Build(buildParams); + PkixCertPath path = result.CertPath; + + if (path.Certificates.Count != 2) + { + Fail("wrong number of certs in v0Test path"); + } + } + + public override void PerformTest() + { + baseTest(); + v0Test(); + } + + public override string Name + { + get { return "CertPathBuilder"; } + } + + public static void Main( + string[] args) + { + RunTest(new CertPathBuilderTest()); + } + + [Test] + public void TestFunction() + { + string resultText = Perform().ToString(); + + Assert.AreEqual(Name + ": Okay", resultText); + } + } +} diff --git a/BouncyCastle/crypto/test/src/test/CertPathTest.cs b/BouncyCastle/crypto/test/src/test/CertPathTest.cs new file mode 100644 index 0000000..f1a7c94 --- /dev/null +++ b/BouncyCastle/crypto/test/src/test/CertPathTest.cs @@ -0,0 +1,359 @@ +using System; +using System.Collections; +using System.IO; +using System.Text; + +using NUnit.Framework; + +using Org.BouncyCastle.Crypto; +using Org.BouncyCastle.Pkix; +using Org.BouncyCastle.Security.Certificates; +using Org.BouncyCastle.Utilities.Collections; +using Org.BouncyCastle.Utilities.Encoders; +using Org.BouncyCastle.Utilities.Test; +using Org.BouncyCastle.X509; +using Org.BouncyCastle.X509.Store; + +namespace Org.BouncyCastle.Tests +{ + [TestFixture] + public class CertPathTest + : SimpleTest + { + internal static readonly byte[] rootCertBin = Base64.Decode( + "MIIBqzCCARQCAQEwDQYJKoZIhvcNAQEFBQAwHjEcMBoGA1UEAxMTVGVzdCBDQSBDZXJ0aWZpY2F0ZTAeFw0wODA5MDQwNDQ1MDhaFw0wODA5MTEwNDQ1MDhaMB4xHDAaBgNVBAMTE1Rlc3QgQ0EgQ2VydGlmaWNhdGUwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAMRLUjhPe4YUdLo6EcjKcWUOG7CydFTH53Pr1lWjOkbmszYDpkhCTT9LOsI+disk18nkBxSl8DAHTqV+VxtuTPt64iyi10YxyDeep+DwZG/f8cVQv97U3hA9cLurZ2CofkMLGr6JpSGCMZ9FcstcTdHB4lbErIJ54YqfF4pNOs4/AgMBAAEwDQYJKoZIhvcNAQEFBQADgYEAgyrTEFY7ALpeY59jL6xFOLpuPqoBOWrUWv6O+zy5BCU0qiX71r3BpigtxRj+DYcfLIM9FNERDoHu3TthD3nwYWUBtFX8N0QUJIdJabxqAMhLjSC744koiFpCYse5Ye3ZvEdFwDzgAQsJTp5eFGgTZPkPzcdhkFJ2p9+OWs+cb24="); + internal static readonly byte[] interCertBin = Base64.Decode( + "MIICSzCCAbSgAwIBAgIBATANBgkqhkiG9w0BAQUFADAeMRwwGgYDVQQDExNUZXN0IENBIENlcnRpZmljYXRlMB4XDTA4MDkwNDA0NDUwOFoXDTA4MDkxMTA0NDUwOFowKDEmMCQGA1UEAxMdVGVzdCBJbnRlcm1lZGlhdGUgQ2VydGlmaWNhdGUwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAISS9OOZ2wxzdWny9aVvk4Joq+dwSJ+oqvHUxX3PflZyuiLiCBUOUE4q59dGKdtNX5fIfwyK3cpV0e73Y/0fwfM3m9rOWFrCKOhfeswNTes0w/2PqPVVDDsF/nj7NApuqXwioeQlgTL251RDF4sVoxXqAU7lRkcqwZt3mwqS4KTJAgMBAAGjgY4wgYswRgYDVR0jBD8wPYAUhv8BOT27EB9JaCccJD4YASPP5XWhIqQgMB4xHDAaBgNVBAMTE1Rlc3QgQ0EgQ2VydGlmaWNhdGWCAQEwHQYDVR0OBBYEFL/IwAGOkHzaQyPZegy79CwM5oTFMBIGA1UdEwEB/wQIMAYBAf8CAQAwDgYDVR0PAQH/BAQDAgGGMA0GCSqGSIb3DQEBBQUAA4GBAE4TRgUz4sUvZyVdZxqV+XyNRnqXAeLOOqFGYv2D96tQrS+zjd0elVlT6lFrtchZdOmmX7R6/H/tjMWMcTBICZyRYrvK8cCAmDOI+EIdq5p6lj2Oq6Pbw/wruojAqNrpaR6IkwNpWtdOSSupv4IJL+YU9q2YFTh4R1j3tOkPoFGr"); + internal static readonly byte[] finalCertBin = Base64.Decode( + "MIICRjCCAa+gAwIBAgIBATANBgkqhkiG9w0BAQUFADAoMSYwJAYDVQQDEx1UZXN0IEludGVybWVkaWF0ZSBDZXJ0aWZpY2F0ZTAeFw0wODA5MDQwNDQ1MDhaFw0wODA5MTEwNDQ1MDhaMB8xHTAbBgNVBAMTFFRlc3QgRW5kIENlcnRpZmljYXRlMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQChpUeo0tPYywWKiLlbWKNJBcCpSaLSlaZ+4+yer1AxI5yJIVHP6SAlBghlbD5Qne5ImnN/15cz1xwYAiul6vGKJkVPlFEe2Mr+g/J/WJPQQPsjbZ1G+vxbAwXEDA4KaQrnpjRZFq+CdKHwOjuPLYS/MYQNgdIvDVEQcTbPQ8GaiQIDAQABo4GIMIGFMEYGA1UdIwQ/MD2AFL/IwAGOkHzaQyPZegy79CwM5oTFoSKkIDAeMRwwGgYDVQQDExNUZXN0IENBIENlcnRpZmljYXRlggEBMB0GA1UdDgQWBBSVkw+VpqBf3zsLc/9GdkK9TzHPwDAMBgNVHRMBAf8EAjAAMA4GA1UdDwEB/wQEAwIFoDANBgkqhkiG9w0BAQUFAAOBgQBLv/0bVDjzTs/y1vN3FUiZNknEbzupIZduTuXJjqv/vBX+LDPjUfu/+iOCXOSKoRn6nlOWhwB1z6taG2usQkFG8InMkRcPREi2uVgFdhJ/1C3dAWhsdlubjdL926bftXvxnx/koDzyrePW5U96RlOQM2qLvbaky2Giz6hrc3Wl+w=="); + internal static readonly byte[] rootCrlBin = Base64.Decode( + "MIIBYjCBzAIBATANBgkqhkiG9w0BAQsFADAeMRwwGgYDVQQDExNUZXN0IENBIENlcnRpZmljYXRlFw0wODA5MDQwNDQ1MDhaFw0wODA5MDQwNzMxNDhaMCIwIAIBAhcNMDgwOTA0MDQ0NTA4WjAMMAoGA1UdFQQDCgEJoFYwVDBGBgNVHSMEPzA9gBSG/wE5PbsQH0loJxwkPhgBI8/ldaEipCAwHjEcMBoGA1UEAxMTVGVzdCBDQSBDZXJ0aWZpY2F0ZYIBATAKBgNVHRQEAwIBATANBgkqhkiG9w0BAQsFAAOBgQCAbaFCo0BNG4AktVf6jjBLeawP1u0ELYkOCEGvYZE0mBpQ+OvFg7subZ6r3lRIj030nUli28sPFtu5ZQMBNcpE4nS1ziF44RfT3Lp5UgHx9x17Krz781iEyV+7zU8YxYMY9wULD+DCuK294kGKIssVNbmTYXZatBNoXQN5CLIocA=="); + internal static readonly byte[] interCrlBin = Base64.Decode( + "MIIBbDCB1gIBATANBgkqhkiG9w0BAQsFADAoMSYwJAYDVQQDEx1UZXN0IEludGVybWVkaWF0ZSBDZXJ0aWZpY2F0ZRcNMDgwOTA0MDQ0NTA4WhcNMDgwOTA0MDczMTQ4WjAiMCACAQIXDTA4MDkwNDA0NDUwOFowDDAKBgNVHRUEAwoBCaBWMFQwRgYDVR0jBD8wPYAUv8jAAY6QfNpDI9l6DLv0LAzmhMWhIqQgMB4xHDAaBgNVBAMTE1Rlc3QgQ0EgQ2VydGlmaWNhdGWCAQEwCgYDVR0UBAMCAQEwDQYJKoZIhvcNAQELBQADgYEAEVCr5TKs5yguGgLH+dBzmSPoeSIWJFLsgWwJEit/iUDJH3dgYmaczOcGxIDtbYYHLWIHM+P2YRyQz3MEkCXEgm/cx4y7leAmux5l+xQWgmxFPz+197vaphPeCZo+B7V1CWtm518gcq4mrs9ovfgNqgyFj7KGjcBpWdJE32KMt50="); + + /* + * certpath with a circular reference + */ + internal static readonly byte[] certA = Base64.Decode( + "MIIC6jCCAlOgAwIBAgIBBTANBgkqhkiG9w0BAQUFADCBjTEPMA0GA1UEAxMGSW50" + + "ZXIzMQswCQYDVQQGEwJDSDEPMA0GA1UEBxMGWnVyaWNoMQswCQYDVQQIEwJaSDEX" + + "MBUGA1UEChMOUHJpdmFzcGhlcmUgQUcxEDAOBgNVBAsTB1Rlc3RpbmcxJDAiBgkq" + + "hkiG9w0BCQEWFWFybWluQHByaXZhc3BoZXJlLmNvbTAeFw0wNzA0MDIwODQ2NTda" + + "Fw0xNzAzMzAwODQ0MDBaMIGlMScwJQYDVQQDHh4AQQByAG0AaQBuACAASADkAGIA" + + "ZQByAGwAaQBuAGcxCzAJBgNVBAYTAkNIMQ8wDQYDVQQHEwZadXJpY2gxCzAJBgNV" + + "BAgTAlpIMRcwFQYDVQQKEw5Qcml2YXNwaGVyZSBBRzEQMA4GA1UECxMHVGVzdGlu" + + "ZzEkMCIGCSqGSIb3DQEJARYVYXJtaW5AcHJpdmFzcGhlcmUuY29tMIGfMA0GCSqG" + + "SIb3DQEBAQUAA4GNADCBiQKBgQCfHfyVs5dbxG35H/Thd29qR4NZU88taCu/OWA1" + + "GdACI02lXWYpmLWiDgnU0ULP+GG8OnVp1IES9fz2zcrXKQ19xZzsen/To3h5sNte" + + "cJpS00XMM24q/jDwy5NvkBP9YIfFKQ1E/0hFHXcqwlw+b/y/v6YGsZCU2h6QDzc4" + + "5m0+BwIDAQABo0AwPjAMBgNVHRMBAf8EAjAAMA4GA1UdDwEB/wQEAwIE8DAeBglg" + + "hkgBhvhCAQ0EERYPeGNhIGNlcnRpZmljYXRlMA0GCSqGSIb3DQEBBQUAA4GBAJEu" + + "KiSfIwsY7SfobMLrv2v/BtLhGLi4RnmjiwzBhuv5rn4rRfBpq1ppmqQMJ2pmA67v" + + "UWCY+mNwuyjHyivpCCyJGsZ9d5H09g2vqxzkDBMz7X9VNMZYFH8j/R3/Cfvqks31" + + "z0OFslJkeKLa1I0P/dfVHsRKNkLRT3Ws5LKksErQ"); + + internal static readonly byte[] certB = Base64.Decode( + "MIICtTCCAh6gAwIBAgIBBDANBgkqhkiG9w0BAQQFADCBjTEPMA0GA1UEAxMGSW50" + + "ZXIyMQswCQYDVQQGEwJDSDEPMA0GA1UEBxMGWnVyaWNoMQswCQYDVQQIEwJaSDEX" + + "MBUGA1UEChMOUHJpdmFzcGhlcmUgQUcxEDAOBgNVBAsTB1Rlc3RpbmcxJDAiBgkq" + + "hkiG9w0BCQEWFWFybWluQHByaXZhc3BoZXJlLmNvbTAeFw0wNzA0MDIwODQ2Mzha" + + "Fw0xNzAzMzAwODQ0MDBaMIGNMQ8wDQYDVQQDEwZJbnRlcjMxCzAJBgNVBAYTAkNI" + + "MQ8wDQYDVQQHEwZadXJpY2gxCzAJBgNVBAgTAlpIMRcwFQYDVQQKEw5Qcml2YXNw" + + "aGVyZSBBRzEQMA4GA1UECxMHVGVzdGluZzEkMCIGCSqGSIb3DQEJARYVYXJtaW5A" + + "cHJpdmFzcGhlcmUuY29tMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCxCXIB" + + "QRnmVvl2h7Q+0SsRxDLnyM1dJG9jMa+UCCmHy0k/ZHs5VirSbjEJSjkQ9BGeh9SC" + + "7JwbMpXO7UE+gcVc2RnWUY+MA+fWIeTV4KtkYA8WPu8wVGCXbN8wwh/StOocszxb" + + "g+iLvGeh8CYSRqg6QN3S/02etH3o8H4e7Z0PZwIDAQABoyMwITAPBgNVHRMBAf8E" + + "BTADAQH/MA4GA1UdDwEB/wQEAwIB9jANBgkqhkiG9w0BAQQFAAOBgQCtWdirSsmt" + + "+CBBCNn6ZnbU3QqQfiiQIomjenNEHESJgaS/+PvPE5i3xWFXsunTHLW321/Km16I" + + "7+ZvT8Su1cqHg79NAT8QB0yke1saKSy2C0Pic4HwrNqVBWFNSxMU0hQzpx/ZXDbZ" + + "DqIXAp5EfyRYBy2ul+jm6Rot6aFgzuopKg=="); + + internal static readonly byte[] certC = Base64.Decode( + "MIICtTCCAh6gAwIBAgIBAjANBgkqhkiG9w0BAQQFADCBjTEPMA0GA1UEAxMGSW50" + + "ZXIxMQswCQYDVQQGEwJDSDEPMA0GA1UEBxMGWnVyaWNoMQswCQYDVQQIEwJaSDEX" + + "MBUGA1UEChMOUHJpdmFzcGhlcmUgQUcxEDAOBgNVBAsTB1Rlc3RpbmcxJDAiBgkq" + + "hkiG9w0BCQEWFWFybWluQHByaXZhc3BoZXJlLmNvbTAeFw0wNzA0MDIwODQ0Mzla" + + "Fw0xNzAzMzAwODQ0MDBaMIGNMQ8wDQYDVQQDEwZJbnRlcjIxCzAJBgNVBAYTAkNI" + + "MQ8wDQYDVQQHEwZadXJpY2gxCzAJBgNVBAgTAlpIMRcwFQYDVQQKEw5Qcml2YXNw" + + "aGVyZSBBRzEQMA4GA1UECxMHVGVzdGluZzEkMCIGCSqGSIb3DQEJARYVYXJtaW5A" + + "cHJpdmFzcGhlcmUuY29tMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQD0rLr6" + + "f2/ONeJzTb0q9M/NNX+MnAFMSqiQGVBkT76u5nOH4KLkpHXkzI82JI7GuQMzoT3a" + + "+RP1hO6FneO92ms2soC6xiOFb4EC69Dfhh87Nww5O35JxVF0bzmbmIAWd6P/7zGh" + + "nd2S4tKkaZcubps+C0j9Fgi0hipVicAOUVVoDQIDAQABoyMwITAPBgNVHRMBAf8E" + + "BTADAQH/MA4GA1UdDwEB/wQEAwIB9jANBgkqhkiG9w0BAQQFAAOBgQCLPvc1IMA4" + + "YP+PmnEldyUoRWRnvPWjBGeu0WheBP7fdcnGBf93Nmc5j68ZN+eTZ5VMuZ99YdvH" + + "CXGNX6oodONLU//LlFKdLl5xjLAS5X9p1RbOEGytnalqeiEpjk4+C/7rIBG1kllO" + + "dItmI6LlEMV09Hkpg6ZRAUmRkb8KrM4X7A=="); + + internal static readonly byte[] certD = Base64.Decode( + "MIICtTCCAh6gAwIBAgIBBjANBgkqhkiG9w0BAQQFADCBjTEPMA0GA1UEAxMGSW50" + + "ZXIzMQswCQYDVQQGEwJDSDEPMA0GA1UEBxMGWnVyaWNoMQswCQYDVQQIEwJaSDEX" + + "MBUGA1UEChMOUHJpdmFzcGhlcmUgQUcxEDAOBgNVBAsTB1Rlc3RpbmcxJDAiBgkq" + + "hkiG9w0BCQEWFWFybWluQHByaXZhc3BoZXJlLmNvbTAeFw0wNzA0MDIwODQ5NTNa" + + "Fw0xNzAzMzAwODQ0MDBaMIGNMQ8wDQYDVQQDEwZJbnRlcjExCzAJBgNVBAYTAkNI" + + "MQ8wDQYDVQQHEwZadXJpY2gxCzAJBgNVBAgTAlpIMRcwFQYDVQQKEw5Qcml2YXNw" + + "aGVyZSBBRzEQMA4GA1UECxMHVGVzdGluZzEkMCIGCSqGSIb3DQEJARYVYXJtaW5A" + + "cHJpdmFzcGhlcmUuY29tMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCae3TP" + + "jIVKeASqvNabaiUHAMGUgFxB7L0yUsIj39azLcLtUj4S7XkDf7SMGtYV0JY1XNaQ" + + "sHJAsnJivDZc50oiYvqDYfgFZx5+AsN5l5X5rjRzs/OX+Jo+k1OgsIyu6+mf9Kfb" + + "5IdWOVB2EcOg4f9tPjLM8CIj9Pp7RbKLyqUUgwIDAQABoyMwITAPBgNVHRMBAf8E" + + "BTADAQH/MA4GA1UdDwEB/wQEAwIB9jANBgkqhkiG9w0BAQQFAAOBgQCgr9kUdWUT" + + "Lt9UcztSzR3pnHRsyvS0E/z850OKQKS5/VxLEalpFvhj+3EcZ7Y6mFxaaS2B7vXg" + + "2YWyqV1PRb6iF7/u9EXkpSTKGrJahwANirCa3V/HTUuPdCE2GITlnWI8h3eVA+xQ" + + "D4LF0PXHOkXbwmhXRSb10lW1bSGkUxE9jg=="); + + private void doTestExceptions() + { + byte[] enc = { (byte)0, (byte)2, (byte)3, (byte)4, (byte)5 }; +// MyCertPath mc = new MyCertPath(enc); + MemoryStream os = new MemoryStream(); + MemoryStream ins; + byte[] arr; + + // TODO Support serialization of cert paths? +// ObjectOutputStream oos = new ObjectOutputStream(os); +// oos.WriteObject(mc); +// oos.Flush(); +// oos.Close(); + + try + { +// CertificateFactory cFac = CertificateFactory.GetInstance("X.509"); + arr = os.ToArray(); + ins = new MemoryStream(arr, false); +// cFac.generateCertPath(ins); + new PkixCertPath(ins); + } + catch (CertificateException) + { + // ignore okay + } + +// CertificateFactory cf = CertificateFactory.GetInstance("X.509"); + X509CertificateParser cf = new X509CertificateParser(); + IList certCol = new ArrayList(); + + certCol.Add(cf.ReadCertificate(certA)); + certCol.Add(cf.ReadCertificate(certB)); + certCol.Add(cf.ReadCertificate(certC)); + certCol.Add(cf.ReadCertificate(certD)); + +// CertPathBuilder pathBuilder = CertPathBuilder.GetInstance("PKIX"); + PkixCertPathBuilder pathBuilder = new PkixCertPathBuilder(); + X509CertStoreSelector select = new X509CertStoreSelector(); + select.Subject = ((X509Certificate)certCol[0]).SubjectDN; + + ISet trustanchors = new HashSet(); + trustanchors.Add(new TrustAnchor(cf.ReadCertificate(rootCertBin), null)); + +// CertStore certStore = CertStore.getInstance("Collection", new CollectionCertStoreParameters(certCol)); + IX509Store x509CertStore = X509StoreFactory.Create( + "Certificate/Collection", + new X509CollectionStoreParameters(certCol)); + + PkixBuilderParameters parameters = new PkixBuilderParameters(trustanchors, select); + parameters.AddStore(x509CertStore); + + try + { + PkixCertPathBuilderResult result = pathBuilder.Build(parameters); + PkixCertPath path = result.CertPath; + Fail("found cert path in circular set"); + } + catch (PkixCertPathBuilderException) + { + // expected + } + } + + public override void PerformTest() + { + X509CertificateParser cf = new X509CertificateParser(); + + X509Certificate rootCert = cf.ReadCertificate(rootCertBin); + X509Certificate interCert = cf.ReadCertificate(interCertBin); + X509Certificate finalCert = cf.ReadCertificate(finalCertBin); + + //Testing CertPath generation from List + IList list = new ArrayList(); + list.Add(interCert); +// CertPath certPath1 = cf.generateCertPath(list); + PkixCertPath certPath1 = new PkixCertPath(list); + + //Testing CertPath encoding as PkiPath + byte[] encoded = certPath1.GetEncoded("PkiPath"); + + //Testing CertPath generation from InputStream + MemoryStream inStream = new MemoryStream(encoded, false); +// CertPath certPath2 = cf.generateCertPath(inStream, "PkiPath"); + PkixCertPath certPath2 = new PkixCertPath(inStream, "PkiPath"); + + //Comparing both CertPathes + if (!certPath2.Equals(certPath1)) + { + Fail("CertPath differ after encoding and decoding."); + } + + encoded = certPath1.GetEncoded("PKCS7"); + + //Testing CertPath generation from InputStream + inStream = new MemoryStream(encoded, false); +// certPath2 = cf.generateCertPath(inStream, "PKCS7"); + certPath2 = new PkixCertPath(inStream, "PKCS7"); + + //Comparing both CertPathes + if (!certPath2.Equals(certPath1)) + { + Fail("CertPath differ after encoding and decoding."); + } + + encoded = certPath1.GetEncoded("PEM"); + + //Testing CertPath generation from InputStream + inStream = new MemoryStream(encoded, false); +// certPath2 = cf.generateCertPath(inStream, "PEM"); + certPath2 = new PkixCertPath(inStream, "PEM"); + + //Comparing both CertPathes + if (!certPath2.Equals(certPath1)) + { + Fail("CertPath differ after encoding and decoding."); + } + + // + // empty list test + // + list = new ArrayList(); + +// CertPath certPath = CertificateFactory.GetInstance("X.509","BC").generateCertPath(list); + PkixCertPath certPath = new PkixCertPath(list); + if (certPath.Certificates.Count != 0) + { + Fail("list wrong size."); + } + + // + // exception tests + // + doTestExceptions(); + } + + public override string Name + { + get { return "CertPath"; } + } + + public static void Main( + string[] args) + { + RunTest(new CertPathTest()); + } + + [Test] + public void TestFunction() + { + string resultText = Perform().ToString(); + + Assert.AreEqual(Name + ": Okay", resultText); + } + +// private class MyCertificate : X509Certificate +// { +// private readonly string type; +// private readonly byte[] encoding; +// +// public MyCertificate(string type, byte[] encoding) +//// : base(type) +// { +// this.type = type; +// +// // don't copy to allow null parameter in test +// this.encoding = encoding; +// } +// +// public override byte[] GetEncoded() +// { +// // do copy to force NPE in test +// return (byte[])encoding.Clone(); +// } +// +// public override void Verify(AsymmetricKeyParameter publicKey) +// { +// } +// +// public override string ToString() +// { +// return "[My test Certificate, type: " + type + "]"; +// } +// +// public override AsymmetricKeyParameter GetPublicKey() +// { +// throw new NotImplementedException(); +// +//// return new PublicKey() +//// { +//// public string getAlgorithm() +//// { +//// return "TEST"; +//// } +//// +//// public byte[] getEncoded() +//// { +//// return new byte[] { (byte)1, (byte)2, (byte)3 }; +//// } +//// +//// public string getFormat() +//// { +//// return "TEST_FORMAT"; +//// } +//// }; +// } +// } + +// private class MyCertPath : PkixCertPath +// { +// private readonly ArrayList certificates; +// +// private readonly ArrayList encodingNames; +// +// private readonly byte[] encoding; +// +// public MyCertPath(byte[] encoding) +// : base("MyEncoding") +// { +// this.encoding = encoding; +// certificates = new ArrayList(); +// certificates.Add(new MyCertificate("MyEncoding", encoding)); +// encodingNames = new ArrayList(); +// encodingNames.Add("MyEncoding"); +// } +// +// public override IList Certificates +// { +// get { return CollectionUtilities.ReadOnly(certificates); } +// } +// +// public override byte[] GetEncoded() +// { +// return (byte[])encoding.Clone(); +// } +// +// public override byte[] GetEncoded( +// string encoding) +// { +// if (Type.Equals(encoding)) +// { +// return (byte[])this.encoding.Clone(); +// } +// throw new CertificateEncodingException("Encoding not supported: " +// + encoding); +// } +// +// public override IEnumerable Encodings +// { +// get { return new EnumerableProxy(encodingNames); } +// } +// } + } +} diff --git a/BouncyCastle/crypto/test/src/test/CertPathValidatorTest.cs b/BouncyCastle/crypto/test/src/test/CertPathValidatorTest.cs new file mode 100644 index 0000000..3f9ff57 --- /dev/null +++ b/BouncyCastle/crypto/test/src/test/CertPathValidatorTest.cs @@ -0,0 +1,328 @@ +using System; +using System.Collections; +using System.IO; + +using NUnit.Framework; + +using Org.BouncyCastle.Crypto; +using Org.BouncyCastle.Pkix; +using Org.BouncyCastle.Utilities.Collections; +using Org.BouncyCastle.Utilities.Date; +using Org.BouncyCastle.Utilities.Encoders; +using Org.BouncyCastle.Utilities.Test; +using Org.BouncyCastle.X509; +using Org.BouncyCastle.X509.Store; + +namespace Org.BouncyCastle.Tests +{ + [TestFixture] + public class CertPathValidatorTest + : SimpleTest + { + private byte[] AC_PR = Base64.Decode( + "LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tDQpNSUlFU1RDQ0F6R2dBd0lC" + + "QWdJQkJUQU5CZ2txaGtpRzl3MEJBUVVGQURDQnRERUxNQWtHQTFVRUJoTUNR" + + "bEl4DQpFekFSQmdOVkJBb1RDa2xEVUMxQ2NtRnphV3d4UFRBN0JnTlZCQXNU" + + "TkVsdWMzUnBkSFYwYnlCT1lXTnBiMjVoDQpiQ0JrWlNCVVpXTnViMnh2WjJs" + + "aElHUmhJRWx1Wm05eWJXRmpZVzhnTFNCSlZFa3hFVEFQQmdOVkJBY1RDRUp5" + + "DQpZWE5wYkdsaE1Rc3dDUVlEVlFRSUV3SkVSakV4TUM4R0ExVUVBeE1vUVhW" + + "MGIzSnBaR0ZrWlNCRFpYSjBhV1pwDQpZMkZrYjNKaElGSmhhWG9nUW5KaGMy" + + "bHNaV2x5WVRBZUZ3MHdNakEwTURReE9UTTVNREJhRncwd05UQTBNRFF5DQpN" + + "elU1TURCYU1HRXhDekFKQmdOVkJBWVRBa0pTTVJNd0VRWURWUVFLRXdwSlEx" + + "QXRRbkpoYzJsc01UMHdPd1lEDQpWUVFERXpSQmRYUnZjbWxrWVdSbElFTmxj" + + "blJwWm1sallXUnZjbUVnWkdFZ1VISmxjMmxrWlc1amFXRWdaR0VnDQpVbVZ3" + + "ZFdKc2FXTmhNSUlCSWpBTkJna3Foa2lHOXcwQkFRRUZBQU9DQVE4QU1JSUJD" + + "Z0tDQVFFQXMwc0t5NGsrDQp6b016aldyMTQxeTVYQ045UGJMZERFQXN2cjZ4" + + "Z0NCN1l5bEhIQ1NBYmpGR3dOQ0R5NlVxN1h0VjZ6UHdIMXpGDQpFWENlS3Jm" + + "UUl5YXBXSEZ4V1VKajBMblFrY1RZM1FOR1huK0JuVk9EVTZDV3M1c3NoZktH" + + "RXZyVlQ1Z214V1NmDQp4OFlsdDgzY1dwUE1QZzg3VDlCaHVIbHQzazh2M2Ev" + + "NmRPbmF2dytOYTAyZExBaDBlNzZqcCtQUS9LK0pHZlBuDQphQjVVWURrZkd0" + + "em5uTTNBV01tY3VJK0o0ek5OMDZaa3ZnbDFsdEo2UU1qcnZEUFlSak9ndDlT" + + "cklpY1NmbEo4DQptVDdHWGRRaXJnQUNXc3g1QURBSklRK253TU1vNHlyTUtx" + + "SlFhNFFDMHhhT0QvdkdVcG9SaDQzT0FTZFp3c3YvDQpPWFlybmVJeVAwVCs4" + + "UUlEQVFBQm80RzNNSUcwTUQwR0ExVWRId1EyTURRd01xQXdvQzZHTEdoMGRI" + + "QTZMeTloDQpZM0poYVhvdWFXTndZbkpoYzJsc0xtZHZkaTVpY2k5TVExSmhZ" + + "M0poYVhvdVkzSnNNQklHQTFVZElBUUxNQWt3DQpCd1lGWUV3QkFRRXdIUVlE" + + "VlIwT0JCWUVGREpUVFlKNE9TWVB5T09KZkVMZXhDaHppK2hiTUI4R0ExVWRJ" + + "d1FZDQpNQmFBRklyNjhWZUVFUk0xa0VMNlYwbFVhUTJreFBBM01BNEdBMVVk" + + "RHdFQi93UUVBd0lCQmpBUEJnTlZIUk1CDQpBZjhFQlRBREFRSC9NQTBHQ1Nx" + + "R1NJYjNEUUVCQlFVQUE0SUJBUUJRUFNoZ1lidnFjaWV2SDVVb3ZMeXhkbkYr" + + "DQpFcjlOeXF1SWNkMnZ3Y0N1SnpKMkQ3WDBUcWhHQ0JmUEpVVkdBVWorS0NP" + + "SDFCVkgva1l1OUhsVHB1MGtKWFBwDQpBQlZkb2hJUERqRHhkbjhXcFFSL0Yr" + + "ejFDaWtVcldIMDR4eTd1N1p6UUpLSlBuR0loY1FpOElyRm1PYkllMEc3DQpY" + + "WTZPTjdPRUZxY21KTFFHWWdtRzFXMklXcytQd1JwWTdENGhLVEFoVjFSNkVv" + + "amE1L3BPcmVDL09kZXlQWmVxDQo1SUZTOUZZZk02U0Npd2hrK3l2Q1FHbVo0" + + "YzE5SjM0ZjVFYkRrK1NQR2tEK25EQ0E3L3VMUWNUMlJURE14SzBaDQpuZlo2" + + "Nm1Sc0ZjcXRGaWdScjVFcmtKZDdoUVV6eHNOV0VrNzJEVUFIcVgvNlNjeWtt" + + "SkR2V0plSUpqZlcNCi0tLS0tRU5EIENFUlRJRklDQVRFLS0tLS0NCg=="); + + private byte[] AC_RAIZ_ICPBRASIL = Base64.Decode( + "LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tDQpNSUlFdURDQ0E2Q2dBd0lC" + + "QWdJQkJEQU5CZ2txaGtpRzl3MEJBUVVGQURDQnRERUxNQWtHQTFVRUJoTUNR" + + "bEl4DQpFekFSQmdOVkJBb1RDa2xEVUMxQ2NtRnphV3d4UFRBN0JnTlZCQXNU" + + "TkVsdWMzUnBkSFYwYnlCT1lXTnBiMjVoDQpiQ0JrWlNCVVpXTnViMnh2WjJs" + + "aElHUmhJRWx1Wm05eWJXRmpZVzhnTFNCSlZFa3hFVEFQQmdOVkJBY1RDRUp5" + + "DQpZWE5wYkdsaE1Rc3dDUVlEVlFRSUV3SkVSakV4TUM4R0ExVUVBeE1vUVhW" + + "MGIzSnBaR0ZrWlNCRFpYSjBhV1pwDQpZMkZrYjNKaElGSmhhWG9nUW5KaGMy" + + "bHNaV2x5WVRBZUZ3MHdNVEV4TXpBeE1qVTRNREJhRncweE1URXhNekF5DQpN" + + "elU1TURCYU1JRzBNUXN3Q1FZRFZRUUdFd0pDVWpFVE1CRUdBMVVFQ2hNS1NV" + + "TlFMVUp5WVhOcGJERTlNRHNHDQpBMVVFQ3hNMFNXNXpkR2wwZFhSdklFNWhZ" + + "Mmx2Ym1Gc0lHUmxJRlJsWTI1dmJHOW5hV0VnWkdFZ1NXNW1iM0p0DQpZV05o" + + "YnlBdElFbFVTVEVSTUE4R0ExVUVCeE1JUW5KaGMybHNhV0V4Q3pBSkJnTlZC" + + "QWdUQWtSR01URXdMd1lEDQpWUVFERXloQmRYUnZjbWxrWVdSbElFTmxjblJw" + + "Wm1sallXUnZjbUVnVW1GcGVpQkNjbUZ6YVd4bGFYSmhNSUlCDQpJakFOQmdr" + + "cWhraUc5dzBCQVFFRkFBT0NBUThBTUlJQkNnS0NBUUVBd1BNdWR3WC9odm0r" + + "VWgyYi9sUUFjSFZBDQppc2FtYUxrV2Rrd1A5L1MvdE9LSWdSckw2T3krWklH" + + "bE9VZGQ2dVl0azlNYS8zcFVwZ2NmTkFqMHZZbTVnc3lqDQpRbzllbXNjK3g2" + + "bTRWV3drOWlxTVpTQ0s1RVFrQXEvVXQ0bjdLdUxFMStnZGZ0d2RJZ3hmVXNQ" + + "dDRDeU5yWTUwDQpRVjU3S00yVVQ4eDVycm16RWpyN1RJQ0dwU1VBbDJnVnFl" + + "NnhhaWkrYm1ZUjFRcm1XYUJTQUc1OUxya3Jqcll0DQpiUmhGYm9VRGUxREsr" + + "NlQ4czVMNms4Yzhva3BiSHBhOXZlTXp0RFZDOXNQSjYwTVdYaDZhblZLbzFV" + + "Y0xjYlVSDQp5RWVOdlpuZVZSS0FBVTZvdXdkakR2d2xzYUt5ZEZLd2VkMFRv" + + "UTQ3Ym1VS2djbSt3VjNlVFJrMzZVT25Ud0lEDQpBUUFCbzRIU01JSFBNRTRH" + + "QTFVZElBUkhNRVV3UXdZRllFd0JBUUF3T2pBNEJnZ3JCZ0VGQlFjQ0FSWXNh" + + "SFIwDQpjRG92TDJGamNtRnBlaTVwWTNCaWNtRnphV3d1WjI5MkxtSnlMMFJR" + + "UTJGamNtRnBlaTV3WkdZd1BRWURWUjBmDQpCRFl3TkRBeW9EQ2dMb1lzYUhS" + + "MGNEb3ZMMkZqY21GcGVpNXBZM0JpY21GemFXd3VaMjkyTG1KeUwweERVbUZq" + + "DQpjbUZwZWk1amNtd3dIUVlEVlIwT0JCWUVGSXI2OFZlRUVSTTFrRUw2VjBs" + + "VWFRMmt4UEEzTUE4R0ExVWRFd0VCDQovd1FGTUFNQkFmOHdEZ1lEVlIwUEFR" + + "SC9CQVFEQWdFR01BMEdDU3FHU0liM0RRRUJCUVVBQTRJQkFRQVpBNWMxDQpV" + + "L2hnSWg2T2NnTEFmaUpnRldwdm1EWldxbFYzMC9iSEZwajhpQm9iSlNtNXVE" + + "cHQ3VGlyWWgxVXhlM2ZRYUdsDQpZakplKzl6ZCtpelBSYkJxWFBWUUEzNEVY" + + "Y3drNHFwV3VmMWhIcmlXZmRyeDhBY3FTcXI2Q3VRRndTcjc1Rm9zDQpTemx3" + + "REFEYTcwbVQ3d1pqQW1RaG5aeDJ4SjZ3ZldsVDlWUWZTLy9KWWVJYzdGdWUy" + + "Sk5MZDAwVU9TTU1haUsvDQp0NzllbktOSEVBMmZ1cEgzdkVpZ2Y1RWg0YlZB" + + "TjVWb2hyVG02TVk1M3g3WFFaWnIxTUU3YTU1bEZFblNlVDB1DQptbE9BalIy" + + "bUFidlNNNVg1b1NaTnJtZXRkenlUajJmbENNOENDN01MYWIwa2tkbmdSSWxV" + + "QkdIRjEvUzVubVBiDQpLKzlBNDZzZDMzb3FLOG44DQotLS0tLUVORCBDRVJU" + + "SUZJQ0FURS0tLS0tDQo="); + + private byte[] schefer = Base64.Decode( + "MIIEnDCCBAWgAwIBAgICIPAwDQYJKoZIhvcNAQEEBQAwgcAxCzAJBgNVBAYT" + + "AkRFMQ8wDQYDVQQIEwZIRVNTRU4xGDAWBgNVBAcTDzY1MDA4IFdpZXNiYWRl" + + "bjEaMBgGA1UEChMRU0NIVUZBIEhPTERJTkcgQUcxGjAYBgNVBAsTEVNDSFVG" + + "QSBIT0xESU5HIEFHMSIwIAYDVQQDExlJbnRlcm5ldCBCZW51dHplciBTZXJ2" + + "aWNlMSowKAYJKoZIhvcNAQkBFht6ZXJ0aWZpa2F0QHNjaHVmYS1vbmxpbmUu" + + "ZGUwHhcNMDQwMzMwMTEwODAzWhcNMDUwMzMwMTEwODAzWjCBnTELMAkGA1UE" + + "BhMCREUxCjAIBgNVBAcTASAxIzAhBgNVBAoTGlNIUyBJbmZvcm1hdGlvbnNz" + + "eXN0ZW1lIEFHMRwwGgYDVQQLExM2MDAvMDU5NDktNjAwLzA1OTQ5MRgwFgYD" + + "VQQDEw9TY2hldHRlciBTdGVmYW4xJTAjBgkqhkiG9w0BCQEWFlN0ZWZhbi5T" + + "Y2hldHRlckBzaHMuZGUwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAJD0" + + "95Bi76fkAMjJNTGPDiLPHmZXNsmakngDeS0juzKMeJA+TjXFouhYh6QyE4Bl" + + "Nf18fT4mInlgLefwf4t6meIWbiseeTo7VQdM+YrbXERMx2uHsRcgZMsiMYHM" + + "kVfYMK3SMJ4nhCmZxrBkoTRed4gXzVA1AA8YjjTqMyyjvt4TAgMBAAGjggHE" + + "MIIBwDAJBgNVHRMEAjAAMBEGCWCGSAGG+EIBAQQEAwIEsDALBgNVHQ8EBAMC" + + "BNAwOQYJYIZIAYb4QgENBCwWKlplcnRpZmlrYXQgbnVyIGZ1ZXIgU0NIVUZB" + + "LU9ubGluZSBndWVsdGlnLjAdBgNVHQ4EFgQUXReirhBfg0Yhf6MsBWoo/nPa" + + "hGwwge0GA1UdIwSB5TCB4oAUf2UyCaBV9JUeG9lS1Yo6OFBUdEKhgcakgcMw" + + "gcAxCzAJBgNVBAYTAkRFMQ8wDQYDVQQIEwZIRVNTRU4xGDAWBgNVBAcTDzY1" + + "MDA4IFdpZXNiYWRlbjEaMBgGA1UEChMRU0NIVUZBIEhPTERJTkcgQUcxGjAY" + + "BgNVBAsTEVNDSFVGQSBIT0xESU5HIEFHMSIwIAYDVQQDExlJbnRlcm5ldCBC" + + "ZW51dHplciBTZXJ2aWNlMSowKAYJKoZIhvcNAQkBFht6ZXJ0aWZpa2F0QHNj" + + "aHVmYS1vbmxpbmUuZGWCAQAwIQYDVR0RBBowGIEWU3RlZmFuLlNjaGV0dGVy" + + "QHNocy5kZTAmBgNVHRIEHzAdgRt6ZXJ0aWZpa2F0QHNjaHVmYS1vbmxpbmUu" + + "ZGUwDQYJKoZIhvcNAQEEBQADgYEAWzZtN9XQ9uyrFXqSy3hViYwV751+XZr0" + + "YH5IFhIS+9ixNAu8orP3bxqTaMhpwoU7T/oSsyGGSkb3fhzclgUADbA2lrOI" + + "GkeB/m+FArTwRbwpqhCNTwZywOp0eDosgPjCX1t53BB/m/2EYkRiYdDGsot0" + + "kQPOVGSjQSQ4+/D+TM8="); + + public override void PerformTest() + { + X509CertificateParser certParser = new X509CertificateParser(); + X509CrlParser crlParser = new X509CrlParser(); + + // initialise CertStore + X509Certificate rootCert = certParser.ReadCertificate(CertPathTest.rootCertBin); + X509Certificate interCert = certParser.ReadCertificate(CertPathTest.interCertBin); + X509Certificate finalCert = certParser.ReadCertificate(CertPathTest.finalCertBin); + X509Crl rootCrl = crlParser.ReadCrl(CertPathTest.rootCrlBin); + X509Crl interCrl = crlParser.ReadCrl(CertPathTest.interCrlBin); + + IList x509Certs = new ArrayList(); + x509Certs.Add(rootCert); + x509Certs.Add(interCert); + x509Certs.Add(finalCert); + + IList x509Crls = new ArrayList(); + x509Crls.Add(rootCrl); + x509Crls.Add(interCrl); + +// CollectionCertStoreParameters ccsp = new CollectionCertStoreParameters(list); +// CertStore store = CertStore.GetInstance("Collection", ccsp); +// X509CollectionStoreParameters ccsp = new X509CollectionStoreParameters(list); + IX509Store x509CertStore = X509StoreFactory.Create( + "Certificate/Collection", + new X509CollectionStoreParameters(x509Certs)); + IX509Store x509CrlStore = X509StoreFactory.Create( + "CRL/Collection", + new X509CollectionStoreParameters(x509Crls)); + + // NB: Month is 1-based in .NET + //DateTime validDate = new DateTime(2008,9,4,14,49,10).ToUniversalTime(); + DateTime validDate = new DateTime(2008, 9, 4, 5, 49, 10); + + //validating path + IList certchain = new ArrayList(); + certchain.Add(finalCert); + certchain.Add(interCert); + +// CertPath cp = CertificateFactory.GetInstance("X.509").GenerateCertPath(certchain); + PkixCertPath cp = new PkixCertPath(certchain); + ISet trust = new HashSet(); + trust.Add(new TrustAnchor(rootCert, null)); + +// CertPathValidator cpv = CertPathValidator.GetInstance("PKIX"); + PkixCertPathValidator cpv = new PkixCertPathValidator(); + PkixParameters param = new PkixParameters(trust); + param.AddStore(x509CertStore); + param.AddStore(x509CrlStore); + param.Date = new DateTimeObject(validDate); + MyChecker checker = new MyChecker(); + param.AddCertPathChecker(checker); + + PkixCertPathValidatorResult result = (PkixCertPathValidatorResult)cpv.Validate(cp, param); + PkixPolicyNode policyTree = result.PolicyTree; + AsymmetricKeyParameter subjectPublicKey = result.SubjectPublicKey; + + if (checker.GetCount() != 2) + { + Fail("checker not evaluated for each certificate"); + } + + if (!subjectPublicKey.Equals(finalCert.GetPublicKey())) + { + Fail("wrong public key returned"); + } + + IsTrue(result.TrustAnchor.TrustedCert.Equals(rootCert)); + + // try a path with trust anchor included. + certchain.Clear(); + certchain.Add(finalCert); + certchain.Add(interCert); + certchain.Add(rootCert); + + cp = new PkixCertPath(certchain); + + cpv = new PkixCertPathValidator(); + param = new PkixParameters(trust); + param.AddStore(x509CertStore); + param.AddStore(x509CrlStore); + param.Date = new DateTimeObject(validDate); + checker = new MyChecker(); + param.AddCertPathChecker(checker); + + result = (PkixCertPathValidatorResult)cpv.Validate(cp, param); + + IsTrue(result.TrustAnchor.TrustedCert.Equals(rootCert)); + + // + // invalid path containing a valid one test + // + try + { + // initialise CertStore + rootCert = certParser.ReadCertificate(AC_RAIZ_ICPBRASIL); + interCert = certParser.ReadCertificate(AC_PR); + finalCert = certParser.ReadCertificate(schefer); + + x509Certs = new ArrayList(); + x509Certs.Add(rootCert); + x509Certs.Add(interCert); + x509Certs.Add(finalCert); + +// ccsp = new CollectionCertStoreParameters(list); +// store = CertStore.GetInstance("Collection", ccsp); +// ccsp = new X509CollectionStoreParameters(list); + x509CertStore = X509StoreFactory.Create( + "Certificate/Collection", + new X509CollectionStoreParameters(x509Certs)); + + // NB: Month is 1-based in .NET + //validDate = new DateTime(2004,3,21,2,21,10).ToUniversalTime(); + validDate = new DateTime(2004, 3, 20, 19, 21, 10); + + //validating path + certchain = new ArrayList(); + certchain.Add(finalCert); + certchain.Add(interCert); + +// cp = CertificateFactory.GetInstance("X.509").GenerateCertPath(certchain); + cp = new PkixCertPath(certchain); + trust = new HashSet(); + trust.Add(new TrustAnchor(rootCert, null)); + +// cpv = CertPathValidator.GetInstance("PKIX"); + cpv = new PkixCertPathValidator(); + param = new PkixParameters(trust); + param.AddStore(x509CertStore); + param.IsRevocationEnabled = false; + param.Date = new DateTimeObject(validDate); + + result =(PkixCertPathValidatorResult) cpv.Validate(cp, param); + policyTree = result.PolicyTree; + subjectPublicKey = result.SubjectPublicKey; + + Fail("Invalid path validated"); + } + catch (Exception e) + { + if (e is PkixCertPathValidatorException + && e.Message.StartsWith("Could not validate certificate signature.")) + { + return; + } + Fail("unexpected exception", e); + } + } + + public override string Name + { + get { return "CertPathValidator"; } + } + + public static void Main( + string[] args) + { + RunTest(new CertPathValidatorTest()); + } + + [Test] + public void TestFunction() + { + string resultText = Perform().ToString(); + + Assert.AreEqual(Name + ": Okay", resultText); + } + + private class MyChecker + : PkixCertPathChecker + { + private static int count; + + public override void Init(bool forward) + { + } + + public override bool IsForwardCheckingSupported() + { + return true; + } + + public override ISet GetSupportedExtensions() + { + return null; + } + + public override void Check(X509Certificate cert, ISet unresolvedCritExts) + { + count++; + } + + public int GetCount() + { + return count; + } + } + } +} diff --git a/BouncyCastle/crypto/test/src/test/CertTest.cs b/BouncyCastle/crypto/test/src/test/CertTest.cs new file mode 100644 index 0000000..d83b67f --- /dev/null +++ b/BouncyCastle/crypto/test/src/test/CertTest.cs @@ -0,0 +1,2630 @@ +using System; +using System.Collections; +using System.IO; +using System.Text; + +using NUnit.Framework; + +using Org.BouncyCastle.Asn1; +using Org.BouncyCastle.Asn1.Cms; +using Org.BouncyCastle.Asn1.CryptoPro; +using Org.BouncyCastle.Asn1.X509; +using Org.BouncyCastle.Asn1.X9; +using Org.BouncyCastle.Crypto; +using Org.BouncyCastle.Crypto.Generators; +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Math; +using Org.BouncyCastle.Math.EC; +using Org.BouncyCastle.Security; +using Org.BouncyCastle.Security.Certificates; +using Org.BouncyCastle.Utilities.Collections; +using Org.BouncyCastle.Utilities.Encoders; +using Org.BouncyCastle.Utilities.IO; +using Org.BouncyCastle.Utilities.Test; +using Org.BouncyCastle.X509; +using Org.BouncyCastle.X509.Extension; + +namespace Org.BouncyCastle.Tests +{ + [TestFixture] + public class CertTest + : SimpleTest + { + // + // server.crt + // + private static readonly byte[] cert1 = Base64.Decode( + "MIIDXjCCAsegAwIBAgIBBzANBgkqhkiG9w0BAQQFADCBtzELMAkGA1UEBhMCQVUx" + + "ETAPBgNVBAgTCFZpY3RvcmlhMRgwFgYDVQQHEw9Tb3V0aCBNZWxib3VybmUxGjAY" + + "BgNVBAoTEUNvbm5lY3QgNCBQdHkgTHRkMR4wHAYDVQQLExVDZXJ0aWZpY2F0ZSBB" + + "dXRob3JpdHkxFTATBgNVBAMTDENvbm5lY3QgNCBDQTEoMCYGCSqGSIb3DQEJARYZ" + + "d2VibWFzdGVyQGNvbm5lY3Q0LmNvbS5hdTAeFw0wMDA2MDIwNzU2MjFaFw0wMTA2" + + "MDIwNzU2MjFaMIG4MQswCQYDVQQGEwJBVTERMA8GA1UECBMIVmljdG9yaWExGDAW" + + "BgNVBAcTD1NvdXRoIE1lbGJvdXJuZTEaMBgGA1UEChMRQ29ubmVjdCA0IFB0eSBM" + + "dGQxFzAVBgNVBAsTDldlYnNlcnZlciBUZWFtMR0wGwYDVQQDExR3d3cyLmNvbm5l" + + "Y3Q0LmNvbS5hdTEoMCYGCSqGSIb3DQEJARYZd2VibWFzdGVyQGNvbm5lY3Q0LmNv" + + "bS5hdTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEArvDxclKAhyv7Q/Wmr2re" + + "Gw4XL9Cnh9e+6VgWy2AWNy/MVeXdlxzd7QAuc1eOWQkGQEiLPy5XQtTY+sBUJ3AO" + + "Rvd2fEVJIcjf29ey7bYua9J/vz5MG2KYo9/WCHIwqD9mmG9g0xLcfwq/s8ZJBswE" + + "7sb85VU+h94PTvsWOsWuKaECAwEAAaN3MHUwJAYDVR0RBB0wG4EZd2VibWFzdGVy" + + "QGNvbm5lY3Q0LmNvbS5hdTA6BglghkgBhvhCAQ0ELRYrbW9kX3NzbCBnZW5lcmF0" + + "ZWQgY3VzdG9tIHNlcnZlciBjZXJ0aWZpY2F0ZTARBglghkgBhvhCAQEEBAMCBkAw" + + "DQYJKoZIhvcNAQEEBQADgYEAotccfKpwSsIxM1Hae8DR7M/Rw8dg/RqOWx45HNVL" + + "iBS4/3N/TO195yeQKbfmzbAA2jbPVvIvGgTxPgO1MP4ZgvgRhasaa0qCJCkWvpM4" + + "yQf33vOiYQbpv4rTwzU8AmRlBG45WdjyNIigGV+oRc61aKCTnLq7zB8N3z1TF/bF" + + "5/8="); + + // + // ca.crt + // + private static readonly byte[] cert2 = Base64.Decode( + "MIIDbDCCAtWgAwIBAgIBADANBgkqhkiG9w0BAQQFADCBtzELMAkGA1UEBhMCQVUx" + + "ETAPBgNVBAgTCFZpY3RvcmlhMRgwFgYDVQQHEw9Tb3V0aCBNZWxib3VybmUxGjAY" + + "BgNVBAoTEUNvbm5lY3QgNCBQdHkgTHRkMR4wHAYDVQQLExVDZXJ0aWZpY2F0ZSBB" + + "dXRob3JpdHkxFTATBgNVBAMTDENvbm5lY3QgNCBDQTEoMCYGCSqGSIb3DQEJARYZ" + + "d2VibWFzdGVyQGNvbm5lY3Q0LmNvbS5hdTAeFw0wMDA2MDIwNzU1MzNaFw0wMTA2" + + "MDIwNzU1MzNaMIG3MQswCQYDVQQGEwJBVTERMA8GA1UECBMIVmljdG9yaWExGDAW" + + "BgNVBAcTD1NvdXRoIE1lbGJvdXJuZTEaMBgGA1UEChMRQ29ubmVjdCA0IFB0eSBM" + + "dGQxHjAcBgNVBAsTFUNlcnRpZmljYXRlIEF1dGhvcml0eTEVMBMGA1UEAxMMQ29u" + + "bmVjdCA0IENBMSgwJgYJKoZIhvcNAQkBFhl3ZWJtYXN0ZXJAY29ubmVjdDQuY29t" + + "LmF1MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDgs5ptNG6Qv1ZpCDuUNGmv" + + "rhjqMDPd3ri8JzZNRiiFlBA4e6/ReaO1U8ASewDeQMH6i9R6degFdQRLngbuJP0s" + + "xcEE+SksEWNvygfzLwV9J/q+TQDyJYK52utb++lS0b48A1KPLwEsyL6kOAgelbur" + + "ukwxowprKUIV7Knf1ajetQIDAQABo4GFMIGCMCQGA1UdEQQdMBuBGXdlYm1hc3Rl" + + "ckBjb25uZWN0NC5jb20uYXUwDwYDVR0TBAgwBgEB/wIBADA2BglghkgBhvhCAQ0E" + + "KRYnbW9kX3NzbCBnZW5lcmF0ZWQgY3VzdG9tIENBIGNlcnRpZmljYXRlMBEGCWCG" + + "SAGG+EIBAQQEAwICBDANBgkqhkiG9w0BAQQFAAOBgQCsGvfdghH8pPhlwm1r3pQk" + + "msnLAVIBb01EhbXm2861iXZfWqGQjrGAaA0ZpXNk9oo110yxoqEoSJSzniZa7Xtz" + + "soTwNUpE0SLHvWf/SlKdFWlzXA+vOZbzEv4UmjeelekTm7lc01EEa5QRVzOxHFtQ" + + "DhkaJ8VqOMajkQFma2r9iA=="); + + // + // testx509.pem + // + private static readonly byte[] cert3 = Base64.Decode( + "MIIBWzCCAQYCARgwDQYJKoZIhvcNAQEEBQAwODELMAkGA1UEBhMCQVUxDDAKBgNV" + + "BAgTA1FMRDEbMBkGA1UEAxMSU1NMZWF5L3JzYSB0ZXN0IENBMB4XDTk1MDYxOTIz" + + "MzMxMloXDTk1MDcxNzIzMzMxMlowOjELMAkGA1UEBhMCQVUxDDAKBgNVBAgTA1FM" + + "RDEdMBsGA1UEAxMUU1NMZWF5L3JzYSB0ZXN0IGNlcnQwXDANBgkqhkiG9w0BAQEF" + + "AANLADBIAkEAqtt6qS5GTxVxGZYWa0/4u+IwHf7p2LNZbcPBp9/OfIcYAXBQn8hO" + + "/Re1uwLKXdCjIoaGs4DLdG88rkzfyK5dPQIDAQABMAwGCCqGSIb3DQIFBQADQQAE" + + "Wc7EcF8po2/ZO6kNCwK/ICH6DobgLekA5lSLr5EvuioZniZp5lFzAw4+YzPQ7XKJ" + + "zl9HYIMxATFyqSiD9jsx"); + + // + // v3-cert1.pem + // + private static readonly byte[] cert4 = Base64.Decode( + "MIICjTCCAfigAwIBAgIEMaYgRzALBgkqhkiG9w0BAQQwRTELMAkGA1UEBhMCVVMx" + + "NjA0BgNVBAoTLU5hdGlvbmFsIEFlcm9uYXV0aWNzIGFuZCBTcGFjZSBBZG1pbmlz" + + "dHJhdGlvbjAmFxE5NjA1MjgxMzQ5MDUrMDgwMBcROTgwNTI4MTM0OTA1KzA4MDAw" + + "ZzELMAkGA1UEBhMCVVMxNjA0BgNVBAoTLU5hdGlvbmFsIEFlcm9uYXV0aWNzIGFu" + + "ZCBTcGFjZSBBZG1pbmlzdHJhdGlvbjEgMAkGA1UEBRMCMTYwEwYDVQQDEwxTdGV2" + + "ZSBTY2hvY2gwWDALBgkqhkiG9w0BAQEDSQAwRgJBALrAwyYdgxmzNP/ts0Uyf6Bp" + + "miJYktU/w4NG67ULaN4B5CnEz7k57s9o3YY3LecETgQ5iQHmkwlYDTL2fTgVfw0C" + + "AQOjgaswgagwZAYDVR0ZAQH/BFowWDBWMFQxCzAJBgNVBAYTAlVTMTYwNAYDVQQK" + + "Ey1OYXRpb25hbCBBZXJvbmF1dGljcyBhbmQgU3BhY2UgQWRtaW5pc3RyYXRpb24x" + + "DTALBgNVBAMTBENSTDEwFwYDVR0BAQH/BA0wC4AJODMyOTcwODEwMBgGA1UdAgQR" + + "MA8ECTgzMjk3MDgyM4ACBSAwDQYDVR0KBAYwBAMCBkAwCwYJKoZIhvcNAQEEA4GB" + + "AH2y1VCEw/A4zaXzSYZJTTUi3uawbbFiS2yxHvgf28+8Js0OHXk1H1w2d6qOHH21" + + "X82tZXd/0JtG0g1T9usFFBDvYK8O0ebgz/P5ELJnBL2+atObEuJy1ZZ0pBDWINR3" + + "WkDNLCGiTkCKp0F5EWIrVDwh54NNevkCQRZita+z4IBO"); + + // + // v3-cert2.pem + // + private static readonly byte[] cert5 = Base64.Decode( + "MIICiTCCAfKgAwIBAgIEMeZfHzANBgkqhkiG9w0BAQQFADB9MQswCQYDVQQGEwJD" + + "YTEPMA0GA1UEBxMGTmVwZWFuMR4wHAYDVQQLExVObyBMaWFiaWxpdHkgQWNjZXB0" + + "ZWQxHzAdBgNVBAoTFkZvciBEZW1vIFB1cnBvc2VzIE9ubHkxHDAaBgNVBAMTE0Vu" + + "dHJ1c3QgRGVtbyBXZWIgQ0EwHhcNOTYwNzEyMTQyMDE1WhcNOTYxMDEyMTQyMDE1" + + "WjB0MSQwIgYJKoZIhvcNAQkBExVjb29rZUBpc3NsLmF0bC5ocC5jb20xCzAJBgNV" + + "BAYTAlVTMScwJQYDVQQLEx5IZXdsZXR0IFBhY2thcmQgQ29tcGFueSAoSVNTTCkx" + + "FjAUBgNVBAMTDVBhdWwgQS4gQ29va2UwXDANBgkqhkiG9w0BAQEFAANLADBIAkEA" + + "6ceSq9a9AU6g+zBwaL/yVmW1/9EE8s5you1mgjHnj0wAILuoB3L6rm6jmFRy7QZT" + + "G43IhVZdDua4e+5/n1ZslwIDAQABo2MwYTARBglghkgBhvhCAQEEBAMCB4AwTAYJ" + + "YIZIAYb4QgENBD8WPVRoaXMgY2VydGlmaWNhdGUgaXMgb25seSBpbnRlbmRlZCBm" + + "b3IgZGVtb25zdHJhdGlvbiBwdXJwb3Nlcy4wDQYJKoZIhvcNAQEEBQADgYEAi8qc" + + "F3zfFqy1sV8NhjwLVwOKuSfhR/Z8mbIEUeSTlnH3QbYt3HWZQ+vXI8mvtZoBc2Fz" + + "lexKeIkAZXCesqGbs6z6nCt16P6tmdfbZF3I3AWzLquPcOXjPf4HgstkyvVBn0Ap" + + "jAFN418KF/Cx4qyHB4cjdvLrRjjQLnb2+ibo7QU="); + + // + // pem encoded pkcs7 + // + private static readonly byte[] cert6 = Base64.Decode( + "MIAGCSqGSIb3DQEHAqCAMIACAQExCzAJBgUrDgMCGgUAMIAGCSqGSIb3DQEHAQAAoIIJbzCCAj0w" + + "ggGmAhEAzbp/VvDf5LxU/iKss3KqVTANBgkqhkiG9w0BAQIFADBfMQswCQYDVQQGEwJVUzEXMBUG" + + "A1UEChMOVmVyaVNpZ24sIEluYy4xNzA1BgNVBAsTLkNsYXNzIDEgUHVibGljIFByaW1hcnkgQ2Vy" + + "dGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNOTYwMTI5MDAwMDAwWhcNMjgwODAxMjM1OTU5WjBfMQsw" + + "CQYDVQQGEwJVUzEXMBUGA1UEChMOVmVyaVNpZ24sIEluYy4xNzA1BgNVBAsTLkNsYXNzIDEgUHVi" + + "bGljIFByaW1hcnkgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwgZ8wDQYJKoZIhvcNAQEBBQADgY0A" + + "MIGJAoGBAOUZv22jVmEtmUhx9mfeuY3rt56GgAqRDvo4Ja9GiILlc6igmyRdDR/MZW4MsNBWhBiH" + + "mgabEKFz37RYOWtuwfYV1aioP6oSBo0xrH+wNNePNGeICc0UEeJORVZpH3gCgNrcR5EpuzbJY1zF" + + "4Ncth3uhtzKwezC6Ki8xqu6jZ9rbAgMBAAEwDQYJKoZIhvcNAQECBQADgYEATD+4i8Zo3+5DMw5d" + + "6abLB4RNejP/khv0Nq3YlSI2aBFsfELM85wuxAc/FLAPT/+Qknb54rxK6Y/NoIAK98Up8YIiXbix" + + "3YEjo3slFUYweRb46gVLlH8dwhzI47f0EEA8E8NfH1PoSOSGtHuhNbB7Jbq4046rPzidADQAmPPR" + + "cZQwggMuMIICl6ADAgECAhEA0nYujRQMPX2yqCVdr+4NdTANBgkqhkiG9w0BAQIFADBfMQswCQYD" + + "VQQGEwJVUzEXMBUGA1UEChMOVmVyaVNpZ24sIEluYy4xNzA1BgNVBAsTLkNsYXNzIDEgUHVibGlj" + + "IFByaW1hcnkgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNOTgwNTEyMDAwMDAwWhcNMDgwNTEy" + + "MjM1OTU5WjCBzDEXMBUGA1UEChMOVmVyaVNpZ24sIEluYy4xHzAdBgNVBAsTFlZlcmlTaWduIFRy" + + "dXN0IE5ldHdvcmsxRjBEBgNVBAsTPXd3dy52ZXJpc2lnbi5jb20vcmVwb3NpdG9yeS9SUEEgSW5j" + + "b3JwLiBCeSBSZWYuLExJQUIuTFREKGMpOTgxSDBGBgNVBAMTP1ZlcmlTaWduIENsYXNzIDEgQ0Eg" + + "SW5kaXZpZHVhbCBTdWJzY3JpYmVyLVBlcnNvbmEgTm90IFZhbGlkYXRlZDCBnzANBgkqhkiG9w0B" + + "AQEFAAOBjQAwgYkCgYEAu1pEigQWu1X9A3qKLZRPFXg2uA1Ksm+cVL+86HcqnbnwaLuV2TFBcHqB" + + "S7lIE1YtxwjhhEKrwKKSq0RcqkLwgg4C6S/7wju7vsknCl22sDZCM7VuVIhPh0q/Gdr5FegPh7Yc" + + "48zGmo5/aiSS4/zgZbqnsX7vyds3ashKyAkG5JkCAwEAAaN8MHowEQYJYIZIAYb4QgEBBAQDAgEG" + + "MEcGA1UdIARAMD4wPAYLYIZIAYb4RQEHAQEwLTArBggrBgEFBQcCARYfd3d3LnZlcmlzaWduLmNv" + + "bS9yZXBvc2l0b3J5L1JQQTAPBgNVHRMECDAGAQH/AgEAMAsGA1UdDwQEAwIBBjANBgkqhkiG9w0B" + + "AQIFAAOBgQCIuDc73dqUNwCtqp/hgQFxHpJqbS/28Z3TymQ43BuYDAeGW4UVag+5SYWklfEXfWe0" + + "fy0s3ZpCnsM+tI6q5QsG3vJWKvozx74Z11NMw73I4xe1pElCY+zCphcPXVgaSTyQXFWjZSAA/Rgg" + + "5V+CprGoksVYasGNAzzrw80FopCubjCCA/gwggNhoAMCAQICEBbbn/1G1zppD6KsP01bwywwDQYJ" + + "KoZIhvcNAQEEBQAwgcwxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQLExZWZXJpU2ln" + + "biBUcnVzdCBOZXR3b3JrMUYwRAYDVQQLEz13d3cudmVyaXNpZ24uY29tL3JlcG9zaXRvcnkvUlBB" + + "IEluY29ycC4gQnkgUmVmLixMSUFCLkxURChjKTk4MUgwRgYDVQQDEz9WZXJpU2lnbiBDbGFzcyAx" + + "IENBIEluZGl2aWR1YWwgU3Vic2NyaWJlci1QZXJzb25hIE5vdCBWYWxpZGF0ZWQwHhcNMDAxMDAy" + + "MDAwMDAwWhcNMDAxMjAxMjM1OTU5WjCCAQcxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYD" + + "VQQLExZWZXJpU2lnbiBUcnVzdCBOZXR3b3JrMUYwRAYDVQQLEz13d3cudmVyaXNpZ24uY29tL3Jl" + + "cG9zaXRvcnkvUlBBIEluY29ycC4gYnkgUmVmLixMSUFCLkxURChjKTk4MR4wHAYDVQQLExVQZXJz" + + "b25hIE5vdCBWYWxpZGF0ZWQxJzAlBgNVBAsTHkRpZ2l0YWwgSUQgQ2xhc3MgMSAtIE1pY3Jvc29m" + + "dDETMBEGA1UEAxQKRGF2aWQgUnlhbjElMCMGCSqGSIb3DQEJARYWZGF2aWRAbGl2ZW1lZGlhLmNv" + + "bS5hdTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAqxBsdeNmSvFqhMNwhQgNzM8mdjX9eSXb" + + "DawpHtQHjmh0AKJSa3IwUY0VIsyZHuXWktO/CgaMBVPt6OVf/n0R2sQigMP6Y+PhEiS0vCJBL9aK" + + "0+pOo2qXrjVBmq+XuCyPTnc+BOSrU26tJsX0P9BYorwySiEGxGanBNATdVL4NdUCAwEAAaOBnDCB" + + "mTAJBgNVHRMEAjAAMEQGA1UdIAQ9MDswOQYLYIZIAYb4RQEHAQgwKjAoBggrBgEFBQcCARYcaHR0" + + "cHM6Ly93d3cudmVyaXNpZ24uY29tL3JwYTARBglghkgBhvhCAQEEBAMCB4AwMwYDVR0fBCwwKjAo" + + "oCagJIYiaHR0cDovL2NybC52ZXJpc2lnbi5jb20vY2xhc3MxLmNybDANBgkqhkiG9w0BAQQFAAOB" + + "gQBC8yIIdVGpFTf8/YiL14cMzcmL0nIRm4kGR3U59z7UtcXlfNXXJ8MyaeI/BnXwG/gD5OKYqW6R" + + "yca9vZOxf1uoTBl82gInk865ED3Tej6msCqFzZffnSUQvOIeqLxxDlqYRQ6PmW2nAnZeyjcnbI5Y" + + "syQSM2fmo7n6qJFP+GbFezGCAkUwggJBAgEBMIHhMIHMMRcwFQYDVQQKEw5WZXJpU2lnbiwgSW5j" + + "LjEfMB0GA1UECxMWVmVyaVNpZ24gVHJ1c3QgTmV0d29yazFGMEQGA1UECxM9d3d3LnZlcmlzaWdu" + + "LmNvbS9yZXBvc2l0b3J5L1JQQSBJbmNvcnAuIEJ5IFJlZi4sTElBQi5MVEQoYyk5ODFIMEYGA1UE" + + "AxM/VmVyaVNpZ24gQ2xhc3MgMSBDQSBJbmRpdmlkdWFsIFN1YnNjcmliZXItUGVyc29uYSBOb3Qg" + + "VmFsaWRhdGVkAhAW25/9Rtc6aQ+irD9NW8MsMAkGBSsOAwIaBQCggbowGAYJKoZIhvcNAQkDMQsG" + + "CSqGSIb3DQEHATAcBgkqhkiG9w0BCQUxDxcNMDAxMDAyMTczNTE4WjAjBgkqhkiG9w0BCQQxFgQU" + + "gZjSaBEY2oxGvlQUIMnxSXhivK8wWwYJKoZIhvcNAQkPMU4wTDAKBggqhkiG9w0DBzAOBggqhkiG" + + "9w0DAgICAIAwDQYIKoZIhvcNAwICAUAwBwYFKw4DAgcwDQYIKoZIhvcNAwICASgwBwYFKw4DAh0w" + + "DQYJKoZIhvcNAQEBBQAEgYAzk+PU91/ZFfoiuKOECjxEh9fDYE2jfDCheBIgh5gdcCo+sS1WQs8O" + + "HreQ9Nop/JdJv1DQMBK6weNBBDoP0EEkRm1XCC144XhXZC82jBZohYmi2WvDbbC//YN58kRMYMyy" + + "srrfn4Z9I+6kTriGXkrpGk9Q0LSGjmG2BIsqiF0dvwAAAAAAAA=="); + + // + // dsaWithSHA1 cert + // + private static readonly byte[] cert7 = Base64.Decode( + "MIIEXAYJKoZIhvcNAQcCoIIETTCCBEkCAQExCzAJBgUrDgMCGgUAMAsGCSqG" + + "SIb3DQEHAaCCAsMwggK/MIIB4AIBADCBpwYFKw4DAhswgZ0CQQEkJRHP+mN7" + + "d8miwTMN55CUSmo3TO8WGCxgY61TX5k+7NU4XPf1TULjw3GobwaJX13kquPh" + + "fVXk+gVy46n4Iw3hAhUBSe/QF4BUj+pJOF9ROBM4u+FEWA8CQQD4mSJbrABj" + + "TUWrlnAte8pS22Tq4/FPO7jHSqjijUHfXKTrHL1OEqV3SVWcFy5j/cqBgX/z" + + "m8Q12PFp/PjOhh+nMA4xDDAKBgNVBAMTA0lEMzAeFw05NzEwMDEwMDAwMDBa" + + "Fw0zODAxMDEwMDAwMDBaMA4xDDAKBgNVBAMTA0lEMzCB8DCBpwYFKw4DAhsw" + + "gZ0CQQEkJRHP+mN7d8miwTMN55CUSmo3TO8WGCxgY61TX5k+7NU4XPf1TULj" + + "w3GobwaJX13kquPhfVXk+gVy46n4Iw3hAhUBSe/QF4BUj+pJOF9ROBM4u+FE" + + "WA8CQQD4mSJbrABjTUWrlnAte8pS22Tq4/FPO7jHSqjijUHfXKTrHL1OEqV3" + + "SVWcFy5j/cqBgX/zm8Q12PFp/PjOhh+nA0QAAkEAkYkXLYMtGVGWj9OnzjPn" + + "sB9sefSRPrVegZJCZbpW+Iv0/1RP1u04pHG9vtRpIQLjzUiWvLMU9EKQTThc" + + "eNMmWDCBpwYFKw4DAhswgZ0CQQEkJRHP+mN7d8miwTMN55CUSmo3TO8WGCxg" + + "Y61TX5k+7NU4XPf1TULjw3GobwaJX13kquPhfVXk+gVy46n4Iw3hAhUBSe/Q" + + "F4BUj+pJOF9ROBM4u+FEWA8CQQD4mSJbrABjTUWrlnAte8pS22Tq4/FPO7jH" + + "SqjijUHfXKTrHL1OEqV3SVWcFy5j/cqBgX/zm8Q12PFp/PjOhh+nAy8AMCwC" + + "FBY3dBSdeprGcqpr6wr3xbG+6WW+AhRMm/facKJNxkT3iKgJbp7R8Xd3QTGC" + + "AWEwggFdAgEBMBMwDjEMMAoGA1UEAxMDSUQzAgEAMAkGBSsOAwIaBQCgXTAY" + + "BgkqhkiG9w0BCQMxCwYJKoZIhvcNAQcBMBwGCSqGSIb3DQEJBTEPFw0wMjA1" + + "MjQyMzEzMDdaMCMGCSqGSIb3DQEJBDEWBBS4WMsoJhf7CVbZYCFcjoTRzPkJ" + + "xjCBpwYFKw4DAhswgZ0CQQEkJRHP+mN7d8miwTMN55CUSmo3TO8WGCxgY61T" + + "X5k+7NU4XPf1TULjw3GobwaJX13kquPhfVXk+gVy46n4Iw3hAhUBSe/QF4BU" + + "j+pJOF9ROBM4u+FEWA8CQQD4mSJbrABjTUWrlnAte8pS22Tq4/FPO7jHSqji" + + "jUHfXKTrHL1OEqV3SVWcFy5j/cqBgX/zm8Q12PFp/PjOhh+nBC8wLQIVALID" + + "dt+MHwawrDrwsO1Z6sXBaaJsAhRaKssrpevmLkbygKPV07XiAKBG02Zvb2Jh" + + "cg=="); + + // + // testcrl.pem + // + private static readonly byte[] crl1 = Base64.Decode( + "MIICjTCCAfowDQYJKoZIhvcNAQECBQAwXzELMAkGA1UEBhMCVVMxIDAeBgNVBAoT" + + "F1JTQSBEYXRhIFNlY3VyaXR5LCBJbmMuMS4wLAYDVQQLEyVTZWN1cmUgU2VydmVy" + + "IENlcnRpZmljYXRpb24gQXV0aG9yaXR5Fw05NTA1MDIwMjEyMjZaFw05NTA2MDEw" + + "MDAxNDlaMIIBaDAWAgUCQQAABBcNOTUwMjAxMTcyNDI2WjAWAgUCQQAACRcNOTUw" + + "MjEwMDIxNjM5WjAWAgUCQQAADxcNOTUwMjI0MDAxMjQ5WjAWAgUCQQAADBcNOTUw" + + "MjI1MDA0NjQ0WjAWAgUCQQAAGxcNOTUwMzEzMTg0MDQ5WjAWAgUCQQAAFhcNOTUw" + + "MzE1MTkxNjU0WjAWAgUCQQAAGhcNOTUwMzE1MTk0MDQxWjAWAgUCQQAAHxcNOTUw" + + "MzI0MTk0NDMzWjAWAgUCcgAABRcNOTUwMzI5MjAwNzExWjAWAgUCcgAAERcNOTUw" + + "MzMwMDIzNDI2WjAWAgUCQQAAIBcNOTUwNDA3MDExMzIxWjAWAgUCcgAAHhcNOTUw" + + "NDA4MDAwMjU5WjAWAgUCcgAAQRcNOTUwNDI4MTcxNzI0WjAWAgUCcgAAOBcNOTUw" + + "NDI4MTcyNzIxWjAWAgUCcgAATBcNOTUwNTAyMDIxMjI2WjANBgkqhkiG9w0BAQIF" + + "AAN+AHqOEJXSDejYy0UwxxrH/9+N2z5xu/if0J6qQmK92W0hW158wpJg+ovV3+wQ" + + "wvIEPRL2rocL0tKfAsVq1IawSJzSNgxG0lrcla3MrJBnZ4GaZDu4FutZh72MR3Gt" + + "JaAL3iTJHJD55kK2D/VoyY1djlsPuNh6AEgdVwFAyp0v"); + + // + // ecdsa cert with extra octet string. + // +// private static readonly byte[] oldEcdsa = Base64.Decode( +// "MIICljCCAkCgAwIBAgIBATALBgcqhkjOPQQBBQAwgY8xCzAJBgNVBAYTAkFVMSgwJ" +// + "gYDVQQKEx9UaGUgTGVnaW9uIG9mIHRoZSBCb3VuY3kgQ2FzdGxlMRIwEAYDVQQHEw" +// + "lNZWxib3VybmUxETAPBgNVBAgTCFZpY3RvcmlhMS8wLQYJKoZIhvcNAQkBFiBmZWV" +// + "kYmFjay1jcnlwdG9AYm91bmN5Y2FzdGxlLm9yZzAeFw0wMTEyMDcwMTAwMDRaFw0w" +// + "MTEyMDcwMTAxNDRaMIGPMQswCQYDVQQGEwJBVTEoMCYGA1UEChMfVGhlIExlZ2lvb" +// + "iBvZiB0aGUgQm91bmN5IENhc3RsZTESMBAGA1UEBxMJTWVsYm91cm5lMREwDwYDVQ" +// + "QIEwhWaWN0b3JpYTEvMC0GCSqGSIb3DQEJARYgZmVlZGJhY2stY3J5cHRvQGJvdW5" +// + "jeWNhc3RsZS5vcmcwgeQwgb0GByqGSM49AgEwgbECAQEwKQYHKoZIzj0BAQIef///" +// + "////////////f///////gAAAAAAAf///////MEAEHn///////////////3///////" +// + "4AAAAAAAH///////AQeawFsO9zxiUHQ1lSSFHXKcanbL7J9HTd5YYXClCwKBB8CD/" +// + "qWPNyogWzMM7hkK+35BcPTWFc9Pyf7vTs8uaqvAh5///////////////9///+eXpq" +// + "fXZBx+9FSJoiQnQsDIgAEHwJbbcU7xholSP+w9nFHLebJUhqdLSU05lq/y9X+DHAw" +// + "CwYHKoZIzj0EAQUAA0MAMEACHnz6t4UNoVROp74ma4XNDjjGcjaqiIWPZLK8Bdw3G" +// + "QIeLZ4j3a6ividZl344UH+UPUE7xJxlYGuy7ejTsqRR"); + + private static readonly byte[] uncompressedPtEC = Base64.Decode( + "MIIDKzCCAsGgAwIBAgICA+kwCwYHKoZIzj0EAQUAMGYxCzAJBgNVBAYTAkpQ" + + "MRUwEwYDVQQKEwxuaXRlY2guYWMuanAxDjAMBgNVBAsTBWFpbGFiMQ8wDQYD" + + "VQQDEwZ0ZXN0Y2ExHzAdBgkqhkiG9w0BCQEWEHRlc3RjYUBsb2NhbGhvc3Qw" + + "HhcNMDExMDEzMTE1MzE3WhcNMjAxMjEyMTE1MzE3WjBmMQswCQYDVQQGEwJK" + + "UDEVMBMGA1UEChMMbml0ZWNoLmFjLmpwMQ4wDAYDVQQLEwVhaWxhYjEPMA0G" + + "A1UEAxMGdGVzdGNhMR8wHQYJKoZIhvcNAQkBFhB0ZXN0Y2FAbG9jYWxob3N0" + + "MIIBczCCARsGByqGSM49AgEwggEOAgEBMDMGByqGSM49AQECKEdYWnajFmnZ" + + "tzrukK2XWdle2v+GsD9l1ZiR6g7ozQDbhFH/bBiMDQcwVAQoJ5EQKrI54/CT" + + "xOQ2pMsd/fsXD+EX8YREd8bKHWiLz8lIVdD5cBNeVwQoMKSc6HfI7vKZp8Q2" + + "zWgIFOarx1GQoWJbMcSt188xsl30ncJuJT2OoARRBAqJ4fD+q6hbqgNSjTQ7" + + "htle1KO3eiaZgcJ8rrnyN8P+5A8+5K+H9aQ/NbBR4Gs7yto5PXIUZEUgodHA" + + "TZMSAcSq5ZYt4KbnSYaLY0TtH9CqAigEwZ+hglbT21B7ZTzYX2xj0x+qooJD" + + "hVTLtIPaYJK2HrMPxTw6/zfrAgEPA1IABAnvfFcFDgD/JicwBGn6vR3N8MIn" + + "mptZf/mnJ1y649uCF60zOgdwIyI7pVSxBFsJ7ohqXEHW0x7LrGVkdSEiipiH" + + "LYslqh3xrqbAgPbl93GUo0IwQDAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB" + + "/wQEAwIBxjAdBgNVHQ4EFgQUAEo62Xm9H6DcsE0zUDTza4BRG90wCwYHKoZI" + + "zj0EAQUAA1cAMFQCKAQsCHHSNOqfJXLgt3bg5+k49hIBGVr/bfG0B9JU3rNt" + + "Ycl9Y2zfRPUCKAK2ccOQXByAWfsasDu8zKHxkZv7LVDTFjAIffz3HaCQeVhD" + + "z+fauEg="); + + private static readonly byte[] keyUsage = Base64.Decode( + "MIIE7TCCBFagAwIBAgIEOAOR7jANBgkqhkiG9w0BAQQFADCByTELMAkGA1UE" + + "BhMCVVMxFDASBgNVBAoTC0VudHJ1c3QubmV0MUgwRgYDVQQLFD93d3cuZW50" + + "cnVzdC5uZXQvQ2xpZW50X0NBX0luZm8vQ1BTIGluY29ycC4gYnkgcmVmLiBs" + + "aW1pdHMgbGlhYi4xJTAjBgNVBAsTHChjKSAxOTk5IEVudHJ1c3QubmV0IExp" + + "bWl0ZWQxMzAxBgNVBAMTKkVudHJ1c3QubmV0IENsaWVudCBDZXJ0aWZpY2F0" + + "aW9uIEF1dGhvcml0eTAeFw05OTEwMTIxOTI0MzBaFw0xOTEwMTIxOTU0MzBa" + + "MIHJMQswCQYDVQQGEwJVUzEUMBIGA1UEChMLRW50cnVzdC5uZXQxSDBGBgNV" + + "BAsUP3d3dy5lbnRydXN0Lm5ldC9DbGllbnRfQ0FfSW5mby9DUFMgaW5jb3Jw" + + "LiBieSByZWYuIGxpbWl0cyBsaWFiLjElMCMGA1UECxMcKGMpIDE5OTkgRW50" + + "cnVzdC5uZXQgTGltaXRlZDEzMDEGA1UEAxMqRW50cnVzdC5uZXQgQ2xpZW50" + + "IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MIGdMA0GCSqGSIb3DQEBAQUAA4GL" + + "ADCBhwKBgQDIOpleMRffrCdvkHvkGf9FozTC28GoT/Bo6oT9n3V5z8GKUZSv" + + "x1cDR2SerYIbWtp/N3hHuzeYEpbOxhN979IMMFGpOZ5V+Pux5zDeg7K6PvHV" + + "iTs7hbqqdCz+PzFur5GVbgbUB01LLFZHGARS2g4Qk79jkJvh34zmAqTmT173" + + "iwIBA6OCAeAwggHcMBEGCWCGSAGG+EIBAQQEAwIABzCCASIGA1UdHwSCARkw" + + "ggEVMIHkoIHhoIHepIHbMIHYMQswCQYDVQQGEwJVUzEUMBIGA1UEChMLRW50" + + "cnVzdC5uZXQxSDBGBgNVBAsUP3d3dy5lbnRydXN0Lm5ldC9DbGllbnRfQ0Ff" + + "SW5mby9DUFMgaW5jb3JwLiBieSByZWYuIGxpbWl0cyBsaWFiLjElMCMGA1UE" + + "CxMcKGMpIDE5OTkgRW50cnVzdC5uZXQgTGltaXRlZDEzMDEGA1UEAxMqRW50" + + "cnVzdC5uZXQgQ2xpZW50IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MQ0wCwYD" + + "VQQDEwRDUkwxMCygKqAohiZodHRwOi8vd3d3LmVudHJ1c3QubmV0L0NSTC9D" + + "bGllbnQxLmNybDArBgNVHRAEJDAigA8xOTk5MTAxMjE5MjQzMFqBDzIwMTkx" + + "MDEyMTkyNDMwWjALBgNVHQ8EBAMCAQYwHwYDVR0jBBgwFoAUxPucKXuXzUyW" + + "/O5bs8qZdIuV6kwwHQYDVR0OBBYEFMT7nCl7l81MlvzuW7PKmXSLlepMMAwG" + + "A1UdEwQFMAMBAf8wGQYJKoZIhvZ9B0EABAwwChsEVjQuMAMCBJAwDQYJKoZI" + + "hvcNAQEEBQADgYEAP66K8ddmAwWePvrqHEa7pFuPeJoSSJn59DXeDDYHAmsQ" + + "OokUgZwxpnyyQbJq5wcBoUv5nyU7lsqZwz6hURzzwy5E97BnRqqS5TvaHBkU" + + "ODDV4qIxJS7x7EU47fgGWANzYrAQMY9Av2TgXD7FTx/aEkP/TOYGJqibGapE" + + "PHayXOw="); + + private static readonly byte[] nameCert = Base64.Decode( + "MIIEFjCCA3+gAwIBAgIEdS8BozANBgkqhkiG9w0BAQUFADBKMQswCQYDVQQGEwJE"+ + "RTERMA8GA1UEChQIREFURVYgZUcxKDAMBgcCggYBCgcUEwExMBgGA1UEAxQRQ0Eg"+ + "REFURVYgRDAzIDE6UE4wIhgPMjAwMTA1MTAxMDIyNDhaGA8yMDA0MDUwOTEwMjI0"+ + "OFowgYQxCzAJBgNVBAYTAkRFMQ8wDQYDVQQIFAZCYXllcm4xEjAQBgNVBAcUCU7I"+ + "dXJuYmVyZzERMA8GA1UEChQIREFURVYgZUcxHTAbBgNVBAUTFDAwMDAwMDAwMDA4"+ + "OTU3NDM2MDAxMR4wHAYDVQQDFBVEaWV0bWFyIFNlbmdlbmxlaXRuZXIwgaEwDQYJ"+ + "KoZIhvcNAQEBBQADgY8AMIGLAoGBAJLI/LJLKaHoMk8fBECW/od8u5erZi6jI8Ug"+ + "C0a/LZyQUO/R20vWJs6GrClQtXB+AtfiBSnyZOSYzOdfDI8yEKPEv8qSuUPpOHps"+ + "uNCFdLZF1vavVYGEEWs2+y+uuPmg8q1oPRyRmUZ+x9HrDvCXJraaDfTEd9olmB/Z"+ + "AuC/PqpjAgUAwAAAAaOCAcYwggHCMAwGA1UdEwEB/wQCMAAwDwYDVR0PAQH/BAUD"+ + "AwdAADAxBgNVHSAEKjAoMCYGBSskCAEBMB0wGwYIKwYBBQUHAgEWD3d3dy56cy5k"+ + "YXRldi5kZTApBgNVHREEIjAggR5kaWV0bWFyLnNlbmdlbmxlaXRuZXJAZGF0ZXYu"+ + "ZGUwgYQGA1UdIwR9MHuhc6RxMG8xCzAJBgNVBAYTAkRFMT0wOwYDVQQKFDRSZWd1"+ + "bGllcnVuZ3NiZWjIb3JkZSBmyHVyIFRlbGVrb21tdW5pa2F0aW9uIHVuZCBQb3N0"+ + "MSEwDAYHAoIGAQoHFBMBMTARBgNVBAMUCjVSLUNBIDE6UE6CBACm8LkwDgYHAoIG"+ + "AQoMAAQDAQEAMEcGA1UdHwRAMD4wPKAUoBKGEHd3dy5jcmwuZGF0ZXYuZGWiJKQi"+ + "MCAxCzAJBgNVBAYTAkRFMREwDwYDVQQKFAhEQVRFViBlRzAWBgUrJAgDBAQNMAsT"+ + "A0VVUgIBBQIBATAdBgNVHQ4EFgQUfv6xFP0xk7027folhy+ziZvBJiwwLAYIKwYB"+ + "BQUHAQEEIDAeMBwGCCsGAQUFBzABhhB3d3cuZGlyLmRhdGV2LmRlMA0GCSqGSIb3"+ + "DQEBBQUAA4GBAEOVX6uQxbgtKzdgbTi6YLffMftFr2mmNwch7qzpM5gxcynzgVkg"+ + "pnQcDNlm5AIbS6pO8jTCLfCd5TZ5biQksBErqmesIl3QD+VqtB+RNghxectZ3VEs"+ + "nCUtcE7tJ8O14qwCb3TxS9dvIUFiVi4DjbxX46TdcTbTaK8/qr6AIf+l"); + + private static readonly byte[] probSelfSignedCert = Base64.Decode( + "MIICxTCCAi6gAwIBAgIQAQAAAAAAAAAAAAAAAAAAATANBgkqhkiG9w0BAQUFADBF" + + "MScwJQYDVQQKEx4gRElSRUNUSU9OIEdFTkVSQUxFIERFUyBJTVBPVFMxGjAYBgNV" + + "BAMTESBBQyBNSU5FRkkgQiBURVNUMB4XDTA0MDUwNzEyMDAwMFoXDTE0MDUwNzEy" + + "MDAwMFowRTEnMCUGA1UEChMeIERJUkVDVElPTiBHRU5FUkFMRSBERVMgSU1QT1RT" + + "MRowGAYDVQQDExEgQUMgTUlORUZJIEIgVEVTVDCBnzANBgkqhkiG9w0BAQEFAAOB" + + "jQAwgYkCgYEAveoCUOAukZdcFCs2qJk76vSqEX0ZFzHqQ6faBPZWjwkgUNwZ6m6m" + + "qWvvyq1cuxhoDvpfC6NXILETawYc6MNwwxsOtVVIjuXlcF17NMejljJafbPximEt" + + "DQ4LcQeSp4K7FyFlIAMLyt3BQ77emGzU5fjFTvHSUNb3jblx0sV28c0CAwEAAaOB" + + "tTCBsjAfBgNVHSMEGDAWgBSEJ4bLbvEQY8cYMAFKPFD1/fFXlzAdBgNVHQ4EFgQU" + + "hCeGy27xEGPHGDABSjxQ9f3xV5cwDgYDVR0PAQH/BAQDAgEGMBEGCWCGSAGG+EIB" + + "AQQEAwIBBjA8BgNVHR8ENTAzMDGgL6AthitodHRwOi8vYWRvbmlzLnBrNy5jZXJ0" + + "cGx1cy5uZXQvZGdpLXRlc3QuY3JsMA8GA1UdEwEB/wQFMAMBAf8wDQYJKoZIhvcN" + + "AQEFBQADgYEAmToHJWjd3+4zknfsP09H6uMbolHNGG0zTS2lrLKpzcmkQfjhQpT9" + + "LUTBvfs1jdjo9fGmQLvOG+Sm51Rbjglb8bcikVI5gLbclOlvqLkm77otjl4U4Z2/" + + "Y0vP14Aov3Sn3k+17EfReYUZI4liuB95ncobC4e8ZM++LjQcIM0s+Vs="); + + + private static readonly byte[] gost34102001base = Base64.Decode( + "MIIB1DCCAYECEEjpVKXP6Wn1yVz3VeeDQa8wCgYGKoUDAgIDBQAwbTEfMB0G" + + "A1UEAwwWR29zdFIzNDEwLTIwMDEgZXhhbXBsZTESMBAGA1UECgwJQ3J5cHRv" + + "UHJvMQswCQYDVQQGEwJSVTEpMCcGCSqGSIb3DQEJARYaR29zdFIzNDEwLTIw" + + "MDFAZXhhbXBsZS5jb20wHhcNMDUwMjAzMTUxNjQ2WhcNMTUwMjAzMTUxNjQ2" + + "WjBtMR8wHQYDVQQDDBZHb3N0UjM0MTAtMjAwMSBleGFtcGxlMRIwEAYDVQQK" + + "DAlDcnlwdG9Qcm8xCzAJBgNVBAYTAlJVMSkwJwYJKoZIhvcNAQkBFhpHb3N0" + + "UjM0MTAtMjAwMUBleGFtcGxlLmNvbTBjMBwGBiqFAwICEzASBgcqhQMCAiQA" + + "BgcqhQMCAh4BA0MABECElWh1YAIaQHUIzROMMYks/eUFA3pDXPRtKw/nTzJ+" + + "V4/rzBa5lYgD0Jp8ha4P5I3qprt+VsfLsN8PZrzK6hpgMAoGBiqFAwICAwUA" + + "A0EAHw5dw/aw/OiNvHyOE65kvyo4Hp0sfz3csM6UUkp10VO247ofNJK3tsLb" + + "HOLjUaqzefrlGb11WpHYrvWFg+FcLA=="); + + private static readonly byte[] gost341094base = Base64.Decode( + "MIICDzCCAbwCEBcxKsIb0ghYvAQeUjfQdFAwCgYGKoUDAgIEBQAwaTEdMBsG" + + "A1UEAwwUR29zdFIzNDEwLTk0IGV4YW1wbGUxEjAQBgNVBAoMCUNyeXB0b1By" + + "bzELMAkGA1UEBhMCUlUxJzAlBgkqhkiG9w0BCQEWGEdvc3RSMzQxMC05NEBl" + + "eGFtcGxlLmNvbTAeFw0wNTAyMDMxNTE2NTFaFw0xNTAyMDMxNTE2NTFaMGkx" + + "HTAbBgNVBAMMFEdvc3RSMzQxMC05NCBleGFtcGxlMRIwEAYDVQQKDAlDcnlw" + + "dG9Qcm8xCzAJBgNVBAYTAlJVMScwJQYJKoZIhvcNAQkBFhhHb3N0UjM0MTAt" + + "OTRAZXhhbXBsZS5jb20wgaUwHAYGKoUDAgIUMBIGByqFAwICIAIGByqFAwIC" + + "HgEDgYQABIGAu4Rm4XmeWzTYLIB/E6gZZnFX/oxUJSFHbzALJ3dGmMb7R1W+" + + "t7Lzk2w5tUI3JoTiDRCKJA4fDEJNKzsRK6i/ZjkyXJSLwaj+G2MS9gklh8x1" + + "G/TliYoJgmjTXHemD7aQEBON4z58nJHWrA0ILD54wbXCtrcaqCqLRYGTMjJ2" + + "+nswCgYGKoUDAgIEBQADQQBxKNhOmjgz/i5CEgLOyKyz9pFGkDcaymsWYQWV" + + "v7CZ0pTM8IzMzkUBW3GHsUjCFpanFZDfg2zuN+3kT+694n9B"); + + private static readonly byte[] gost341094A = Base64.Decode( + "MIICSDCCAfWgAwIBAgIBATAKBgYqhQMCAgQFADCBgTEXMBUGA1UEAxMOZGVmYXVsdDM0MTAtOTQx" + + "DTALBgNVBAoTBERpZ3QxDzANBgNVBAsTBkNyeXB0bzEOMAwGA1UEBxMFWS1vbGExDDAKBgNVBAgT" + + "A01FTDELMAkGA1UEBhMCcnUxGzAZBgkqhkiG9w0BCQEWDHRlc3RAdGVzdC5ydTAeFw0wNTAzMjkx" + + "MzExNTdaFw0wNjAzMjkxMzExNTdaMIGBMRcwFQYDVQQDEw5kZWZhdWx0MzQxMC05NDENMAsGA1UE" + + "ChMERGlndDEPMA0GA1UECxMGQ3J5cHRvMQ4wDAYDVQQHEwVZLW9sYTEMMAoGA1UECBMDTUVMMQsw" + + "CQYDVQQGEwJydTEbMBkGCSqGSIb3DQEJARYMdGVzdEB0ZXN0LnJ1MIGlMBwGBiqFAwICFDASBgcq" + + "hQMCAiACBgcqhQMCAh4BA4GEAASBgIQACDLEuxSdRDGgdZxHmy30g/DUYkRxO9Mi/uSHX5NjvZ31" + + "b7JMEMFqBtyhql1HC5xZfUwZ0aT3UnEFDfFjLP+Bf54gA+LPkQXw4SNNGOj+klnqgKlPvoqMGlwa" + + "+hLPKbS561WpvB2XSTgbV+pqqXR3j6j30STmybelEV3RdS2Now8wDTALBgNVHQ8EBAMCB4AwCgYG" + + "KoUDAgIEBQADQQBCFy7xWRXtNVXflKvDs0pBdBuPzjCMeZAXVxK8vUxsxxKu76d9CsvhgIFknFRi" + + "wWTPiZenvNoJ4R1uzeX+vREm"); + + private static readonly byte[] gost341094B = Base64.Decode( + "MIICSDCCAfWgAwIBAgIBATAKBgYqhQMCAgQFADCBgTEXMBUGA1UEAxMOcGFyYW0xLTM0MTAtOTQx" + + "DTALBgNVBAoTBERpZ3QxDzANBgNVBAsTBkNyeXB0bzEOMAwGA1UEBxMFWS1PbGExDDAKBgNVBAgT" + + "A01lbDELMAkGA1UEBhMCcnUxGzAZBgkqhkiG9w0BCQEWDHRlc3RAdGVzdC5ydTAeFw0wNTAzMjkx" + + "MzEzNTZaFw0wNjAzMjkxMzEzNTZaMIGBMRcwFQYDVQQDEw5wYXJhbTEtMzQxMC05NDENMAsGA1UE" + + "ChMERGlndDEPMA0GA1UECxMGQ3J5cHRvMQ4wDAYDVQQHEwVZLU9sYTEMMAoGA1UECBMDTWVsMQsw" + + "CQYDVQQGEwJydTEbMBkGCSqGSIb3DQEJARYMdGVzdEB0ZXN0LnJ1MIGlMBwGBiqFAwICFDASBgcq" + + "hQMCAiADBgcqhQMCAh4BA4GEAASBgEa+AAcZmijWs1M9x5Pn9efE8D9ztG1NMoIt0/hNZNqln3+j" + + "lMZjyqPt+kTLIjtmvz9BRDmIDk6FZz+4LhG2OTL7yGpWfrMxMRr56nxomTN9aLWRqbyWmn3brz9Y" + + "AUD3ifnwjjIuW7UM84JNlDTOdxx0XRUfLQIPMCXe9cO02Xskow8wDTALBgNVHQ8EBAMCB4AwCgYG" + + "KoUDAgIEBQADQQBzFcnuYc/639OTW+L5Ecjw9KxGr+dwex7lsS9S1BUgKa3m1d5c+cqI0B2XUFi5" + + "4iaHHJG0dCyjtQYLJr0OZjRw"); + + private static readonly byte[] gost34102001A = Base64.Decode( + "MIICCzCCAbigAwIBAgIBATAKBgYqhQMCAgMFADCBhDEaMBgGA1UEAxMRZGVmYXVsdC0zNDEwLTIw" + + "MDExDTALBgNVBAoTBERpZ3QxDzANBgNVBAsTBkNyeXB0bzEOMAwGA1UEBxMFWS1PbGExDDAKBgNV" + + "BAgTA01lbDELMAkGA1UEBhMCcnUxGzAZBgkqhkiG9w0BCQEWDHRlc3RAdGVzdC5ydTAeFw0wNTAz" + + "MjkxMzE4MzFaFw0wNjAzMjkxMzE4MzFaMIGEMRowGAYDVQQDExFkZWZhdWx0LTM0MTAtMjAwMTEN" + + "MAsGA1UEChMERGlndDEPMA0GA1UECxMGQ3J5cHRvMQ4wDAYDVQQHEwVZLU9sYTEMMAoGA1UECBMD" + + "TWVsMQswCQYDVQQGEwJydTEbMBkGCSqGSIb3DQEJARYMdGVzdEB0ZXN0LnJ1MGMwHAYGKoUDAgIT" + + "MBIGByqFAwICIwEGByqFAwICHgEDQwAEQG/4c+ZWb10IpeHfmR+vKcbpmSOClJioYmCVgnojw0Xn" + + "ned0KTg7TJreRUc+VX7vca4hLQaZ1o/TxVtfEApK/O6jDzANMAsGA1UdDwQEAwIHgDAKBgYqhQMC" + + "AgMFAANBAN8y2b6HuIdkD3aWujpfQbS1VIA/7hro4vLgDhjgVmev/PLzFB8oTh3gKhExpDo82IEs" + + "ZftGNsbbyp1NFg7zda0="); + + private static readonly byte[] gostCA1 = Base64.Decode( + "MIIDNDCCAuGgAwIBAgIQZLcKDcWcQopF+jp4p9jylDAKBgYqhQMCAgQFADBm" + + "MQswCQYDVQQGEwJSVTEPMA0GA1UEBxMGTW9zY293MRcwFQYDVQQKEw5PT08g" + + "Q3J5cHRvLVBybzEUMBIGA1UECxMLRGV2ZWxvcG1lbnQxFzAVBgNVBAMTDkNQ" + + "IENTUCBUZXN0IENBMB4XDTAyMDYwOTE1NTIyM1oXDTA5MDYwOTE1NTkyOVow" + + "ZjELMAkGA1UEBhMCUlUxDzANBgNVBAcTBk1vc2NvdzEXMBUGA1UEChMOT09P" + + "IENyeXB0by1Qcm8xFDASBgNVBAsTC0RldmVsb3BtZW50MRcwFQYDVQQDEw5D" + + "UCBDU1AgVGVzdCBDQTCBpTAcBgYqhQMCAhQwEgYHKoUDAgIgAgYHKoUDAgIe" + + "AQOBhAAEgYAYglywKuz1nMc9UiBYOaulKy53jXnrqxZKbCCBSVaJ+aCKbsQm" + + "glhRFrw6Mwu8Cdeabo/ojmea7UDMZd0U2xhZFRti5EQ7OP6YpqD0alllo7za" + + "4dZNXdX+/ag6fOORSLFdMpVx5ganU0wHMPk67j+audnCPUj/plbeyccgcdcd" + + "WaOCASIwggEeMAsGA1UdDwQEAwIBxjAPBgNVHRMBAf8EBTADAQH/MB0GA1Ud" + + "DgQWBBTe840gTo4zt2twHilw3PD9wJaX0TCBygYDVR0fBIHCMIG/MDygOqA4" + + "hjYtaHR0cDovL2ZpZXdhbGwvQ2VydEVucm9sbC9DUCUyMENTUCUyMFRlc3Ql" + + "MjBDQSgzKS5jcmwwRKBCoECGPmh0dHA6Ly93d3cuY3J5cHRvcHJvLnJ1L0Nl" + + "cnRFbnJvbGwvQ1AlMjBDU1AlMjBUZXN0JTIwQ0EoMykuY3JsMDmgN6A1hjMt" + + "ZmlsZTovL1xcZmlld2FsbFxDZXJ0RW5yb2xsXENQIENTUCBUZXN0IENBKDMp" + + "LmNybC8wEgYJKwYBBAGCNxUBBAUCAwMAAzAKBgYqhQMCAgQFAANBAIJi7ni7" + + "9rwMR5rRGTFftt2k70GbqyUEfkZYOzrgdOoKiB4IIsIstyBX0/ne6GsL9Xan" + + "G2IN96RB7KrowEHeW+k="); + + private static readonly byte[] gostCA2 = Base64.Decode( + "MIIC2DCCAoWgAwIBAgIQe9ZCugm42pRKNcHD8466zTAKBgYqhQMCAgMFADB+" + + "MRowGAYJKoZIhvcNAQkBFgtzYmFAZGlndC5ydTELMAkGA1UEBhMCUlUxDDAK" + + "BgNVBAgTA01FTDEUMBIGA1UEBxMLWW9zaGthci1PbGExDTALBgNVBAoTBERp" + + "Z3QxDzANBgNVBAsTBkNyeXB0bzEPMA0GA1UEAxMGc2JhLUNBMB4XDTA0MDgw" + + "MzEzMzE1OVoXDTE0MDgwMzEzNDAxMVowfjEaMBgGCSqGSIb3DQEJARYLc2Jh" + + "QGRpZ3QucnUxCzAJBgNVBAYTAlJVMQwwCgYDVQQIEwNNRUwxFDASBgNVBAcT" + + "C1lvc2hrYXItT2xhMQ0wCwYDVQQKEwREaWd0MQ8wDQYDVQQLEwZDcnlwdG8x" + + "DzANBgNVBAMTBnNiYS1DQTBjMBwGBiqFAwICEzASBgcqhQMCAiMBBgcqhQMC" + + "Ah4BA0MABEDMSy10CuOH+i8QKG2UWA4XmCt6+BFrNTZQtS6bOalyDY8Lz+G7" + + "HybyipE3PqdTB4OIKAAPsEEeZOCZd2UXGQm5o4HaMIHXMBMGCSsGAQQBgjcU" + + "AgQGHgQAQwBBMAsGA1UdDwQEAwIBhjAPBgNVHRMBAf8EBTADAQH/MB0GA1Ud" + + "DgQWBBRJJl3LcNMxkZI818STfoi3ng1xoDBxBgNVHR8EajBoMDGgL6Athito" + + "dHRwOi8vc2JhLmRpZ3QubG9jYWwvQ2VydEVucm9sbC9zYmEtQ0EuY3JsMDOg" + + "MaAvhi1maWxlOi8vXFxzYmEuZGlndC5sb2NhbFxDZXJ0RW5yb2xsXHNiYS1D" + + "QS5jcmwwEAYJKwYBBAGCNxUBBAMCAQAwCgYGKoUDAgIDBQADQQA+BRJHbc/p" + + "q8EYl6iJqXCuR+ozRmH7hPAP3c4KqYSC38TClCgBloLapx/3/WdatctFJW/L" + + "mcTovpq088927shE"); + + private static readonly byte[] inDirectCrl = Base64.Decode( + "MIIdXjCCHMcCAQEwDQYJKoZIhvcNAQEFBQAwdDELMAkGA1UEBhMCREUxHDAaBgNV" + +"BAoUE0RldXRzY2hlIFRlbGVrb20gQUcxFzAVBgNVBAsUDlQtVGVsZVNlYyBUZXN0" + +"MS4wDAYHAoIGAQoHFBMBMTAeBgNVBAMUF1QtVGVsZVNlYyBUZXN0IERJUiA4OlBO" + +"Fw0wNjA4MDQwODQ1MTRaFw0wNjA4MDQxNDQ1MTRaMIIbfzB+AgQvrj/pFw0wMzA3" + +"MjIwNTQxMjhaMGcwZQYDVR0dAQH/BFswWaRXMFUxCzAJBgNVBAYTAkRFMRwwGgYD" + +"VQQKFBNEZXV0c2NoZSBUZWxla29tIEFHMSgwDAYHAoIGAQoHFBMBMTAYBgNVBAMU" + +"EVNpZ0cgVGVzdCBDQSA0OlBOMH4CBC+uP+oXDTAzMDcyMjA1NDEyOFowZzBlBgNV" + +"HR0BAf8EWzBZpFcwVTELMAkGA1UEBhMCREUxHDAaBgNVBAoUE0RldXRzY2hlIFRl" + +"bGVrb20gQUcxKDAMBgcCggYBCgcUEwExMBgGA1UEAxQRU2lnRyBUZXN0IENBIDQ6" + +"UE4wfgIEL64/5xcNMDQwNDA1MTMxODE3WjBnMGUGA1UdHQEB/wRbMFmkVzBVMQsw" + +"CQYDVQQGEwJERTEcMBoGA1UEChQTRGV1dHNjaGUgVGVsZWtvbSBBRzEoMAwGBwKC" + +"BgEKBxQTATEwGAYDVQQDFBFTaWdHIFRlc3QgQ0EgNDpQTjB+AgQvrj/oFw0wNDA0" + +"MDUxMzE4MTdaMGcwZQYDVR0dAQH/BFswWaRXMFUxCzAJBgNVBAYTAkRFMRwwGgYD" + +"VQQKFBNEZXV0c2NoZSBUZWxla29tIEFHMSgwDAYHAoIGAQoHFBMBMTAYBgNVBAMU" + +"EVNpZ0cgVGVzdCBDQSA0OlBOMH4CBC+uP+UXDTAzMDExMzExMTgxMVowZzBlBgNV" + +"HR0BAf8EWzBZpFcwVTELMAkGA1UEBhMCREUxHDAaBgNVBAoUE0RldXRzY2hlIFRl" + +"bGVrb20gQUcxKDAMBgcCggYBCgcUEwExMBgGA1UEAxQRU2lnRyBUZXN0IENBIDQ6" + +"UE4wfgIEL64/5hcNMDMwMTEzMTExODExWjBnMGUGA1UdHQEB/wRbMFmkVzBVMQsw" + +"CQYDVQQGEwJERTEcMBoGA1UEChQTRGV1dHNjaGUgVGVsZWtvbSBBRzEoMAwGBwKC" + +"BgEKBxQTATEwGAYDVQQDFBFTaWdHIFRlc3QgQ0EgNDpQTjB+AgQvrj/jFw0wMzAx" + +"MTMxMTI2NTZaMGcwZQYDVR0dAQH/BFswWaRXMFUxCzAJBgNVBAYTAkRFMRwwGgYD" + +"VQQKFBNEZXV0c2NoZSBUZWxla29tIEFHMSgwDAYHAoIGAQoHFBMBMTAYBgNVBAMU" + +"EVNpZ0cgVGVzdCBDQSA0OlBOMH4CBC+uP+QXDTAzMDExMzExMjY1NlowZzBlBgNV" + +"HR0BAf8EWzBZpFcwVTELMAkGA1UEBhMCREUxHDAaBgNVBAoUE0RldXRzY2hlIFRl" + +"bGVrb20gQUcxKDAMBgcCggYBCgcUEwExMBgGA1UEAxQRU2lnRyBUZXN0IENBIDQ6" + +"UE4wfgIEL64/4hcNMDQwNzEzMDc1ODM4WjBnMGUGA1UdHQEB/wRbMFmkVzBVMQsw" + +"CQYDVQQGEwJERTEcMBoGA1UEChQTRGV1dHNjaGUgVGVsZWtvbSBBRzEoMAwGBwKC" + +"BgEKBxQTATEwGAYDVQQDFBFTaWdHIFRlc3QgQ0EgNDpQTjB+AgQvrj/eFw0wMzAy" + +"MTcwNjMzMjVaMGcwZQYDVR0dAQH/BFswWaRXMFUxCzAJBgNVBAYTAkRFMRwwGgYD" + +"VQQKFBNEZXV0c2NoZSBUZWxla29tIEFHMSgwDAYHAoIGAQoHFBMBMTAYBgNVBAMU" + +"EVNpZ0cgVGVzdCBDQSA0OlBOMH4CBC+uP98XDTAzMDIxNzA2MzMyNVowZzBlBgNV" + +"HR0BAf8EWzBZpFcwVTELMAkGA1UEBhMCREUxHDAaBgNVBAoUE0RldXRzY2hlIFRl" + +"bGVrb20gQUcxKDAMBgcCggYBCgcUEwExMBgGA1UEAxQRU2lnRyBUZXN0IENBIDQ6" + +"UE4wfgIEL64/0xcNMDMwMjE3MDYzMzI1WjBnMGUGA1UdHQEB/wRbMFmkVzBVMQsw" + +"CQYDVQQGEwJERTEcMBoGA1UEChQTRGV1dHNjaGUgVGVsZWtvbSBBRzEoMAwGBwKC" + +"BgEKBxQTATEwGAYDVQQDFBFTaWdHIFRlc3QgQ0EgNDpQTjB+AgQvrj/dFw0wMzAx" + +"MTMxMTI4MTRaMGcwZQYDVR0dAQH/BFswWaRXMFUxCzAJBgNVBAYTAkRFMRwwGgYD" + +"VQQKFBNEZXV0c2NoZSBUZWxla29tIEFHMSgwDAYHAoIGAQoHFBMBMTAYBgNVBAMU" + +"EVNpZ0cgVGVzdCBDQSA0OlBOMH4CBC+uP9cXDTAzMDExMzExMjcwN1owZzBlBgNV" + +"HR0BAf8EWzBZpFcwVTELMAkGA1UEBhMCREUxHDAaBgNVBAoUE0RldXRzY2hlIFRl" + +"bGVrb20gQUcxKDAMBgcCggYBCgcUEwExMBgGA1UEAxQRU2lnRyBUZXN0IENBIDQ6" + +"UE4wfgIEL64/2BcNMDMwMTEzMTEyNzA3WjBnMGUGA1UdHQEB/wRbMFmkVzBVMQsw" + +"CQYDVQQGEwJERTEcMBoGA1UEChQTRGV1dHNjaGUgVGVsZWtvbSBBRzEoMAwGBwKC" + +"BgEKBxQTATEwGAYDVQQDFBFTaWdHIFRlc3QgQ0EgNDpQTjB+AgQvrj/VFw0wMzA0" + +"MzAxMjI3NTNaMGcwZQYDVR0dAQH/BFswWaRXMFUxCzAJBgNVBAYTAkRFMRwwGgYD" + +"VQQKFBNEZXV0c2NoZSBUZWxla29tIEFHMSgwDAYHAoIGAQoHFBMBMTAYBgNVBAMU" + +"EVNpZ0cgVGVzdCBDQSA0OlBOMH4CBC+uP9YXDTAzMDQzMDEyMjc1M1owZzBlBgNV" + +"HR0BAf8EWzBZpFcwVTELMAkGA1UEBhMCREUxHDAaBgNVBAoUE0RldXRzY2hlIFRl" + +"bGVrb20gQUcxKDAMBgcCggYBCgcUEwExMBgGA1UEAxQRU2lnRyBUZXN0IENBIDQ6" + +"UE4wfgIEL64/xhcNMDMwMjEyMTM0NTQwWjBnMGUGA1UdHQEB/wRbMFmkVzBVMQsw" + +"CQYDVQQGEwJERTEcMBoGA1UEChQTRGV1dHNjaGUgVGVsZWtvbSBBRzEoMAwGBwKC" + +"BgEKBxQTATEwGAYDVQQDFBFUVEMgVGVzdCBDQSAxMTpQTjCBkAIEL64/xRcNMDMw" + +"MjEyMTM0NTQwWjB5MHcGA1UdHQEB/wRtMGukaTBnMQswCQYDVQQGEwJERTEcMBoG" + +"A1UEChQTRGV1dHNjaGUgVGVsZWtvbSBBRzEQMA4GA1UECxQHVGVsZVNlYzEoMAwG" + +"BwKCBgEKBxQTATEwGAYDVQQDFBFTaWdHIFRlc3QgQ0EgNTpQTjB+AgQvrj/CFw0w" + +"MzAyMTIxMzA5MTZaMGcwZQYDVR0dAQH/BFswWaRXMFUxCzAJBgNVBAYTAkRFMRww" + +"GgYDVQQKFBNEZXV0c2NoZSBUZWxla29tIEFHMSgwDAYHAoIGAQoHFBMBMTAYBgNV" + +"BAMUEVRUQyBUZXN0IENBIDExOlBOMIGQAgQvrj/BFw0wMzAyMTIxMzA4NDBaMHkw" + +"dwYDVR0dAQH/BG0wa6RpMGcxCzAJBgNVBAYTAkRFMRwwGgYDVQQKFBNEZXV0c2No" + +"ZSBUZWxla29tIEFHMRAwDgYDVQQLFAdUZWxlU2VjMSgwDAYHAoIGAQoHFBMBMTAY" + +"BgNVBAMUEVNpZ0cgVGVzdCBDQSA1OlBOMH4CBC+uP74XDTAzMDIxNzA2MzcyNVow" + +"ZzBlBgNVHR0BAf8EWzBZpFcwVTELMAkGA1UEBhMCREUxHDAaBgNVBAoUE0RldXRz" + +"Y2hlIFRlbGVrb20gQUcxKDAMBgcCggYBCgcUEwExMBgGA1UEAxQRVFRDIFRlc3Qg" + +"Q0EgMTE6UE4wgZACBC+uP70XDTAzMDIxNzA2MzcyNVoweTB3BgNVHR0BAf8EbTBr" + +"pGkwZzELMAkGA1UEBhMCREUxHDAaBgNVBAoUE0RldXRzY2hlIFRlbGVrb20gQUcx" + +"EDAOBgNVBAsUB1RlbGVTZWMxKDAMBgcCggYBCgcUEwExMBgGA1UEAxQRU2lnRyBU" + +"ZXN0IENBIDU6UE4wgZACBC+uP7AXDTAzMDIxMjEzMDg1OVoweTB3BgNVHR0BAf8E" + +"bTBrpGkwZzELMAkGA1UEBhMCREUxHDAaBgNVBAoUE0RldXRzY2hlIFRlbGVrb20g" + +"QUcxEDAOBgNVBAsUB1RlbGVTZWMxKDAMBgcCggYBCgcUEwExMBgGA1UEAxQRU2ln" + +"RyBUZXN0IENBIDU6UE4wgZACBC+uP68XDTAzMDIxNzA2MzcyNVoweTB3BgNVHR0B" + +"Af8EbTBrpGkwZzELMAkGA1UEBhMCREUxHDAaBgNVBAoUE0RldXRzY2hlIFRlbGVr" + +"b20gQUcxEDAOBgNVBAsUB1RlbGVTZWMxKDAMBgcCggYBCgcUEwExMBgGA1UEAxQR" + +"U2lnRyBUZXN0IENBIDU6UE4wfgIEL64/kxcNMDMwNDEwMDUyNjI4WjBnMGUGA1Ud" + +"HQEB/wRbMFmkVzBVMQswCQYDVQQGEwJERTEcMBoGA1UEChQTRGV1dHNjaGUgVGVs" + +"ZWtvbSBBRzEoMAwGBwKCBgEKBxQTATEwGAYDVQQDFBFUVEMgVGVzdCBDQSAxMTpQ" + +"TjCBkAIEL64/khcNMDMwNDEwMDUyNjI4WjB5MHcGA1UdHQEB/wRtMGukaTBnMQsw" + +"CQYDVQQGEwJERTEcMBoGA1UEChQTRGV1dHNjaGUgVGVsZWtvbSBBRzEQMA4GA1UE" + +"CxQHVGVsZVNlYzEoMAwGBwKCBgEKBxQTATEwGAYDVQQDFBFTaWdHIFRlc3QgQ0Eg" + +"NTpQTjB+AgQvrj8/Fw0wMzAyMjYxMTA0NDRaMGcwZQYDVR0dAQH/BFswWaRXMFUx" + +"CzAJBgNVBAYTAkRFMRwwGgYDVQQKFBNEZXV0c2NoZSBUZWxla29tIEFHMSgwDAYH" + +"AoIGAQoHFBMBMTAYBgNVBAMUEVRUQyBUZXN0IENBIDExOlBOMIGQAgQvrj8+Fw0w" + +"MzAyMjYxMTA0NDRaMHkwdwYDVR0dAQH/BG0wa6RpMGcxCzAJBgNVBAYTAkRFMRww" + +"GgYDVQQKFBNEZXV0c2NoZSBUZWxla29tIEFHMRAwDgYDVQQLFAdUZWxlU2VjMSgw" + +"DAYHAoIGAQoHFBMBMTAYBgNVBAMUEVNpZ0cgVGVzdCBDQSA1OlBOMH4CBC+uPs0X" + +"DTAzMDUyMDA1MjczNlowZzBlBgNVHR0BAf8EWzBZpFcwVTELMAkGA1UEBhMCREUx" + +"HDAaBgNVBAoUE0RldXRzY2hlIFRlbGVrb20gQUcxKDAMBgcCggYBCgcUEwExMBgG" + +"A1UEAxQRVFRDIFRlc3QgQ0EgMTE6UE4wgZACBC+uPswXDTAzMDUyMDA1MjczNlow" + +"eTB3BgNVHR0BAf8EbTBrpGkwZzELMAkGA1UEBhMCREUxHDAaBgNVBAoUE0RldXRz" + +"Y2hlIFRlbGVrb20gQUcxEDAOBgNVBAsUB1RlbGVTZWMxKDAMBgcCggYBCgcUEwEx" + +"MBgGA1UEAxQRU2lnRyBUZXN0IENBIDY6UE4wfgIEL64+PBcNMDMwNjE3MTAzNDE2" + +"WjBnMGUGA1UdHQEB/wRbMFmkVzBVMQswCQYDVQQGEwJERTEcMBoGA1UEChQTRGV1" + +"dHNjaGUgVGVsZWtvbSBBRzEoMAwGBwKCBgEKBxQTATEwGAYDVQQDFBFUVEMgVGVz" + +"dCBDQSAxMTpQTjCBkAIEL64+OxcNMDMwNjE3MTAzNDE2WjB5MHcGA1UdHQEB/wRt" + +"MGukaTBnMQswCQYDVQQGEwJERTEcMBoGA1UEChQTRGV1dHNjaGUgVGVsZWtvbSBB" + +"RzEQMA4GA1UECxQHVGVsZVNlYzEoMAwGBwKCBgEKBxQTATEwGAYDVQQDFBFTaWdH" + +"IFRlc3QgQ0EgNjpQTjCBkAIEL64+OhcNMDMwNjE3MTAzNDE2WjB5MHcGA1UdHQEB" + +"/wRtMGukaTBnMQswCQYDVQQGEwJERTEcMBoGA1UEChQTRGV1dHNjaGUgVGVsZWtv" + +"bSBBRzEQMA4GA1UECxQHVGVsZVNlYzEoMAwGBwKCBgEKBxQTATEwGAYDVQQDFBFT" + +"aWdHIFRlc3QgQ0EgNjpQTjB+AgQvrj45Fw0wMzA2MTcxMzAxMDBaMGcwZQYDVR0d" + +"AQH/BFswWaRXMFUxCzAJBgNVBAYTAkRFMRwwGgYDVQQKFBNEZXV0c2NoZSBUZWxl" + +"a29tIEFHMSgwDAYHAoIGAQoHFBMBMTAYBgNVBAMUEVRUQyBUZXN0IENBIDExOlBO" + +"MIGQAgQvrj44Fw0wMzA2MTcxMzAxMDBaMHkwdwYDVR0dAQH/BG0wa6RpMGcxCzAJ" + +"BgNVBAYTAkRFMRwwGgYDVQQKFBNEZXV0c2NoZSBUZWxla29tIEFHMRAwDgYDVQQL" + +"FAdUZWxlU2VjMSgwDAYHAoIGAQoHFBMBMTAYBgNVBAMUEVNpZ0cgVGVzdCBDQSA2" + +"OlBOMIGQAgQvrj43Fw0wMzA2MTcxMzAxMDBaMHkwdwYDVR0dAQH/BG0wa6RpMGcx" + +"CzAJBgNVBAYTAkRFMRwwGgYDVQQKFBNEZXV0c2NoZSBUZWxla29tIEFHMRAwDgYD" + +"VQQLFAdUZWxlU2VjMSgwDAYHAoIGAQoHFBMBMTAYBgNVBAMUEVNpZ0cgVGVzdCBD" + +"QSA2OlBOMIGQAgQvrj42Fw0wMzA2MTcxMzAxMDBaMHkwdwYDVR0dAQH/BG0wa6Rp" + +"MGcxCzAJBgNVBAYTAkRFMRwwGgYDVQQKFBNEZXV0c2NoZSBUZWxla29tIEFHMRAw" + +"DgYDVQQLFAdUZWxlU2VjMSgwDAYHAoIGAQoHFBMBMTAYBgNVBAMUEVNpZ0cgVGVz" + +"dCBDQSA2OlBOMIGQAgQvrj4zFw0wMzA2MTcxMDM3NDlaMHkwdwYDVR0dAQH/BG0w" + +"a6RpMGcxCzAJBgNVBAYTAkRFMRwwGgYDVQQKFBNEZXV0c2NoZSBUZWxla29tIEFH" + +"MRAwDgYDVQQLFAdUZWxlU2VjMSgwDAYHAoIGAQoHFBMBMTAYBgNVBAMUEVNpZ0cg" + +"VGVzdCBDQSA2OlBOMH4CBC+uPjEXDTAzMDYxNzEwNDI1OFowZzBlBgNVHR0BAf8E" + +"WzBZpFcwVTELMAkGA1UEBhMCREUxHDAaBgNVBAoUE0RldXRzY2hlIFRlbGVrb20g" + +"QUcxKDAMBgcCggYBCgcUEwExMBgGA1UEAxQRVFRDIFRlc3QgQ0EgMTE6UE4wgZAC" + +"BC+uPjAXDTAzMDYxNzEwNDI1OFoweTB3BgNVHR0BAf8EbTBrpGkwZzELMAkGA1UE" + +"BhMCREUxHDAaBgNVBAoUE0RldXRzY2hlIFRlbGVrb20gQUcxEDAOBgNVBAsUB1Rl" + +"bGVTZWMxKDAMBgcCggYBCgcUEwExMBgGA1UEAxQRU2lnRyBUZXN0IENBIDY6UE4w" + +"gZACBC+uPakXDTAzMTAyMjExMzIyNFoweTB3BgNVHR0BAf8EbTBrpGkwZzELMAkG" + +"A1UEBhMCREUxHDAaBgNVBAoUE0RldXRzY2hlIFRlbGVrb20gQUcxEDAOBgNVBAsU" + +"B1RlbGVTZWMxKDAMBgcCggYBCgcUEwExMBgGA1UEAxQRU2lnRyBUZXN0IENBIDY6" + +"UE4wgZACBC+uPLIXDTA1MDMxMTA2NDQyNFoweTB3BgNVHR0BAf8EbTBrpGkwZzEL" + +"MAkGA1UEBhMCREUxHDAaBgNVBAoUE0RldXRzY2hlIFRlbGVrb20gQUcxEDAOBgNV" + +"BAsUB1RlbGVTZWMxKDAMBgcCggYBCgcUEwExMBgGA1UEAxQRU2lnRyBUZXN0IENB" + +"IDY6UE4wgZACBC+uPKsXDTA0MDQwMjA3NTQ1M1oweTB3BgNVHR0BAf8EbTBrpGkw" + +"ZzELMAkGA1UEBhMCREUxHDAaBgNVBAoUE0RldXRzY2hlIFRlbGVrb20gQUcxEDAO" + +"BgNVBAsUB1RlbGVTZWMxKDAMBgcCggYBCgcUEwExMBgGA1UEAxQRU2lnRyBUZXN0" + +"IENBIDY6UE4wgZACBC+uOugXDTA1MDEyNzEyMDMyNFoweTB3BgNVHR0BAf8EbTBr" + +"pGkwZzELMAkGA1UEBhMCREUxHDAaBgNVBAoUE0RldXRzY2hlIFRlbGVrb20gQUcx" + +"EDAOBgNVBAsUB1RlbGVTZWMxKDAMBgcCggYBCgcUEwExMBgGA1UEAxQRU2lnRyBU" + +"ZXN0IENBIDY6UE4wgZACBC+uOr4XDTA1MDIxNjA3NTcxNloweTB3BgNVHR0BAf8E" + +"bTBrpGkwZzELMAkGA1UEBhMCREUxHDAaBgNVBAoUE0RldXRzY2hlIFRlbGVrb20g" + +"QUcxEDAOBgNVBAsUB1RlbGVTZWMxKDAMBgcCggYBCgcUEwExMBgGA1UEAxQRU2ln" + +"RyBUZXN0IENBIDY6UE4wgZACBC+uOqcXDTA1MDMxMDA1NTkzNVoweTB3BgNVHR0B" + +"Af8EbTBrpGkwZzELMAkGA1UEBhMCREUxHDAaBgNVBAoUE0RldXRzY2hlIFRlbGVr" + +"b20gQUcxEDAOBgNVBAsUB1RlbGVTZWMxKDAMBgcCggYBCgcUEwExMBgGA1UEAxQR" + +"U2lnRyBUZXN0IENBIDY6UE4wgZACBC+uOjwXDTA1MDUxMTEwNDk0NloweTB3BgNV" + +"HR0BAf8EbTBrpGkwZzELMAkGA1UEBhMCREUxHDAaBgNVBAoUE0RldXRzY2hlIFRl" + +"bGVrb20gQUcxEDAOBgNVBAsUB1RlbGVTZWMxKDAMBgcCggYBCgcUEwExMBgGA1UE" + +"AxQRU2lnRyBUZXN0IENBIDY6UE4wgaoCBC+sbdUXDTA1MTExMTEwMDMyMVowgZIw" + +"gY8GA1UdHQEB/wSBhDCBgaR/MH0xCzAJBgNVBAYTAkRFMRwwGgYDVQQKFBNEZXV0" + +"c2NoZSBUZWxla29tIEFHMR8wHQYDVQQLFBZQcm9kdWt0emVudHJ1bSBUZWxlU2Vj" + +"MS8wDAYHAoIGAQoHFBMBMTAfBgNVBAMUGFRlbGVTZWMgUEtTIFNpZ0cgQ0EgMTpQ" + +"TjCBlQIEL64uaBcNMDYwMTIzMTAyNTU1WjB+MHwGA1UdHQEB/wRyMHCkbjBsMQsw" + +"CQYDVQQGEwJERTEcMBoGA1UEChQTRGV1dHNjaGUgVGVsZWtvbSBBRzEWMBQGA1UE" + +"CxQNWmVudHJhbGUgQm9ubjEnMAwGBwKCBgEKBxQTATEwFwYDVQQDFBBUVEMgVGVz" + +"dCBDQSA5OlBOMIGVAgQvribHFw0wNjA4MDEwOTQ4NDRaMH4wfAYDVR0dAQH/BHIw" + +"cKRuMGwxCzAJBgNVBAYTAkRFMRwwGgYDVQQKFBNEZXV0c2NoZSBUZWxla29tIEFH" + +"MRYwFAYDVQQLFA1aZW50cmFsZSBCb25uMScwDAYHAoIGAQoHFBMBMTAXBgNVBAMU" + +"EFRUQyBUZXN0IENBIDk6UE6ggZswgZgwCwYDVR0UBAQCAhEMMB8GA1UdIwQYMBaA" + +"FANbyNumDI9545HwlCF26NuOJC45MA8GA1UdHAEB/wQFMAOEAf8wVwYDVR0SBFAw" + +"ToZMbGRhcDovL3Brc2xkYXAudHR0Yy5kZS9vdT1ULVRlbGVTZWMgVGVzdCBESVIg" + +"ODpQTixvPURldXRzY2hlIFRlbGVrb20gQUcsYz1kZTANBgkqhkiG9w0BAQUFAAOB" + +"gQBewL5gLFHpeOWO07Vk3Gg7pRDuAlvaovBH4coCyCWpk5jEhUfFSYEDuaQB7do4" + +"IlJmeTHvkI0PIZWJ7bwQ2PVdipPWDx0NVwS/Cz5jUKiS3BbAmZQZOueiKLFpQq3A" + +"b8aOHA7WHU4078/1lM+bgeu33Ln1CGykEbmSjA/oKPi/JA=="); + + private static readonly byte[] directCRL = Base64.Decode( + "MIIGXTCCBckCAQEwCgYGKyQDAwECBQAwdDELMAkGA1UEBhMCREUxHDAaBgNVBAoU" + +"E0RldXRzY2hlIFRlbGVrb20gQUcxFzAVBgNVBAsUDlQtVGVsZVNlYyBUZXN0MS4w" + +"DAYHAoIGAQoHFBMBMTAeBgNVBAMUF1QtVGVsZVNlYyBUZXN0IERJUiA4OlBOFw0w" + +"NjA4MDQwODQ1MTRaFw0wNjA4MDQxNDQ1MTRaMIIElTAVAgQvrj/pFw0wMzA3MjIw" + +"NTQxMjhaMBUCBC+uP+oXDTAzMDcyMjA1NDEyOFowFQIEL64/5xcNMDQwNDA1MTMx" + +"ODE3WjAVAgQvrj/oFw0wNDA0MDUxMzE4MTdaMBUCBC+uP+UXDTAzMDExMzExMTgx" + +"MVowFQIEL64/5hcNMDMwMTEzMTExODExWjAVAgQvrj/jFw0wMzAxMTMxMTI2NTZa" + +"MBUCBC+uP+QXDTAzMDExMzExMjY1NlowFQIEL64/4hcNMDQwNzEzMDc1ODM4WjAV" + +"AgQvrj/eFw0wMzAyMTcwNjMzMjVaMBUCBC+uP98XDTAzMDIxNzA2MzMyNVowFQIE" + +"L64/0xcNMDMwMjE3MDYzMzI1WjAVAgQvrj/dFw0wMzAxMTMxMTI4MTRaMBUCBC+u" + +"P9cXDTAzMDExMzExMjcwN1owFQIEL64/2BcNMDMwMTEzMTEyNzA3WjAVAgQvrj/V" + +"Fw0wMzA0MzAxMjI3NTNaMBUCBC+uP9YXDTAzMDQzMDEyMjc1M1owFQIEL64/xhcN" + +"MDMwMjEyMTM0NTQwWjAVAgQvrj/FFw0wMzAyMTIxMzQ1NDBaMBUCBC+uP8IXDTAz" + +"MDIxMjEzMDkxNlowFQIEL64/wRcNMDMwMjEyMTMwODQwWjAVAgQvrj++Fw0wMzAy" + +"MTcwNjM3MjVaMBUCBC+uP70XDTAzMDIxNzA2MzcyNVowFQIEL64/sBcNMDMwMjEy" + +"MTMwODU5WjAVAgQvrj+vFw0wMzAyMTcwNjM3MjVaMBUCBC+uP5MXDTAzMDQxMDA1" + +"MjYyOFowFQIEL64/khcNMDMwNDEwMDUyNjI4WjAVAgQvrj8/Fw0wMzAyMjYxMTA0" + +"NDRaMBUCBC+uPz4XDTAzMDIyNjExMDQ0NFowFQIEL64+zRcNMDMwNTIwMDUyNzM2" + +"WjAVAgQvrj7MFw0wMzA1MjAwNTI3MzZaMBUCBC+uPjwXDTAzMDYxNzEwMzQxNlow" + +"FQIEL64+OxcNMDMwNjE3MTAzNDE2WjAVAgQvrj46Fw0wMzA2MTcxMDM0MTZaMBUC" + +"BC+uPjkXDTAzMDYxNzEzMDEwMFowFQIEL64+OBcNMDMwNjE3MTMwMTAwWjAVAgQv" + +"rj43Fw0wMzA2MTcxMzAxMDBaMBUCBC+uPjYXDTAzMDYxNzEzMDEwMFowFQIEL64+" + +"MxcNMDMwNjE3MTAzNzQ5WjAVAgQvrj4xFw0wMzA2MTcxMDQyNThaMBUCBC+uPjAX" + +"DTAzMDYxNzEwNDI1OFowFQIEL649qRcNMDMxMDIyMTEzMjI0WjAVAgQvrjyyFw0w" + +"NTAzMTEwNjQ0MjRaMBUCBC+uPKsXDTA0MDQwMjA3NTQ1M1owFQIEL6466BcNMDUw" + +"MTI3MTIwMzI0WjAVAgQvrjq+Fw0wNTAyMTYwNzU3MTZaMBUCBC+uOqcXDTA1MDMx" + +"MDA1NTkzNVowFQIEL646PBcNMDUwNTExMTA0OTQ2WjAVAgQvrG3VFw0wNTExMTEx" + +"MDAzMjFaMBUCBC+uLmgXDTA2MDEyMzEwMjU1NVowFQIEL64mxxcNMDYwODAxMDk0" + +"ODQ0WqCBijCBhzALBgNVHRQEBAICEQwwHwYDVR0jBBgwFoAUA1vI26YMj3njkfCU" + +"IXbo244kLjkwVwYDVR0SBFAwToZMbGRhcDovL3Brc2xkYXAudHR0Yy5kZS9vdT1U" + +"LVRlbGVTZWMgVGVzdCBESVIgODpQTixvPURldXRzY2hlIFRlbGVrb20gQUcsYz1k" + +"ZTAKBgYrJAMDAQIFAAOBgQArj4eMlbAwuA2aS5O4UUUHQMKKdK/dtZi60+LJMiMY" + +"ojrMIf4+ZCkgm1Ca0Cd5T15MJxVHhh167Ehn/Hd48pdnAP6Dfz/6LeqkIHGWMHR+" + +"z6TXpwWB+P4BdUec1ztz04LypsznrHcLRa91ixg9TZCb1MrOG+InNhleRs1ImXk8" + +"MQ=="); + + private static readonly byte[] pkcs7CrlProblem = Base64.Decode( + "MIIwSAYJKoZIhvcNAQcCoIIwOTCCMDUCAQExCzAJBgUrDgMCGgUAMAsGCSqG" + + "SIb3DQEHAaCCEsAwggP4MIIC4KADAgECAgF1MA0GCSqGSIb3DQEBBQUAMEUx" + + "CzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1HZW9UcnVzdCBJbmMuMR4wHAYDVQQD" + + "ExVHZW9UcnVzdCBDQSBmb3IgQWRvYmUwHhcNMDQxMjAyMjEyNTM5WhcNMDYx" + + "MjMwMjEyNTM5WjBMMQswCQYDVQQGEwJVUzEVMBMGA1UEChMMR2VvVHJ1c3Qg" + + "SW5jMSYwJAYDVQQDEx1HZW9UcnVzdCBBZG9iZSBPQ1NQIFJlc3BvbmRlcjCB" + + "nzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA4gnNYhtw7U6QeVXZODnGhHMj" + + "+OgZ0DB393rEk6a2q9kq129IA2e03yKBTfJfQR9aWKc2Qj90dsSqPjvTDHFG" + + "Qsagm2FQuhnA3fb1UWhPzeEIdm6bxDsnQ8nWqKqxnWZzELZbdp3I9bBLizIq" + + "obZovzt60LNMghn/unvvuhpeVSsCAwEAAaOCAW4wggFqMA4GA1UdDwEB/wQE" + + "AwIE8DCB5QYDVR0gAQH/BIHaMIHXMIHUBgkqhkiG9y8BAgEwgcYwgZAGCCsG" + + "AQUFBwICMIGDGoGAVGhpcyBjZXJ0aWZpY2F0ZSBoYXMgYmVlbiBpc3N1ZWQg" + + "aW4gYWNjb3JkYW5jZSB3aXRoIHRoZSBBY3JvYmF0IENyZWRlbnRpYWxzIENQ" + + "UyBsb2NhdGVkIGF0IGh0dHA6Ly93d3cuZ2VvdHJ1c3QuY29tL3Jlc291cmNl" + + "cy9jcHMwMQYIKwYBBQUHAgEWJWh0dHA6Ly93d3cuZ2VvdHJ1c3QuY29tL3Jl" + + "c291cmNlcy9jcHMwEwYDVR0lBAwwCgYIKwYBBQUHAwkwOgYDVR0fBDMwMTAv" + + "oC2gK4YpaHR0cDovL2NybC5nZW90cnVzdC5jb20vY3Jscy9hZG9iZWNhMS5j" + + "cmwwHwYDVR0jBBgwFoAUq4BZw2WDbR19E70Zw+wajw1HaqMwDQYJKoZIhvcN" + + "AQEFBQADggEBAENJf1BD7PX5ivuaawt90q1OGzXpIQL/ClzEeFVmOIxqPc1E" + + "TFRq92YuxG5b6+R+k+tGkmCwPLcY8ipg6ZcbJ/AirQhohzjlFuT6YAXsTfEj" + + "CqEZfWM2sS7crK2EYxCMmKE3xDfPclYtrAoz7qZvxfQj0TuxHSstHZv39wu2" + + "ZiG1BWiEcyDQyTgqTOXBoZmfJtshuAcXmTpgkrYSrS37zNlPTGh+pMYQ0yWD" + + "c8OQRJR4OY5ZXfdna01mjtJTOmj6/6XPoLPYTq2gQrc2BCeNJ4bEhLb7sFVB" + + "PbwPrpzTE/HRbQHDrzj0YimDxeOUV/UXctgvYwHNtEkcBLsOm/uytMYwggSh" + + "MIIDiaADAgECAgQ+HL0oMA0GCSqGSIb3DQEBBQUAMGkxCzAJBgNVBAYTAlVT" + + "MSMwIQYDVQQKExpBZG9iZSBTeXN0ZW1zIEluY29ycG9yYXRlZDEdMBsGA1UE" + + "CxMUQWRvYmUgVHJ1c3QgU2VydmljZXMxFjAUBgNVBAMTDUFkb2JlIFJvb3Qg" + + "Q0EwHhcNMDMwMTA4MjMzNzIzWhcNMjMwMTA5MDAwNzIzWjBpMQswCQYDVQQG" + + "EwJVUzEjMCEGA1UEChMaQWRvYmUgU3lzdGVtcyBJbmNvcnBvcmF0ZWQxHTAb" + + "BgNVBAsTFEFkb2JlIFRydXN0IFNlcnZpY2VzMRYwFAYDVQQDEw1BZG9iZSBS" + + "b290IENBMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzE9UhPen" + + "ouczU38/nBKIayyZR2d+Dx65rRSI+cMQ2B3w8NWfaQovWTWwzGypTJwVoJ/O" + + "IL+gz1Ti4CBmRT85hjh+nMSOByLGJPYBErA131XqaZCw24U3HuJOB7JCoWoT" + + "aaBm6oCREVkqmwh5WiBELcm9cziLPC/gQxtdswvwrzUaKf7vppLdgUydPVmO" + + "rTE8QH6bkTYG/OJcjdGNJtVcRc+vZT+xqtJilvSoOOq6YEL09BxKNRXO+E4i" + + "Vg+VGMX4lp+f+7C3eCXpgGu91grwxnSUnfMPUNuad85LcIMjjaDKeCBEXDxU" + + "ZPHqojAZn+pMBk0GeEtekt8i0slns3rSAQIDAQABo4IBTzCCAUswEQYJYIZI" + + "AYb4QgEBBAQDAgAHMIGOBgNVHR8EgYYwgYMwgYCgfqB8pHoweDELMAkGA1UE" + + "BhMCVVMxIzAhBgNVBAoTGkFkb2JlIFN5c3RlbXMgSW5jb3Jwb3JhdGVkMR0w" + + "GwYDVQQLExRBZG9iZSBUcnVzdCBTZXJ2aWNlczEWMBQGA1UEAxMNQWRvYmUg" + + "Um9vdCBDQTENMAsGA1UEAxMEQ1JMMTArBgNVHRAEJDAigA8yMDAzMDEwODIz" + + "MzcyM1qBDzIwMjMwMTA5MDAwNzIzWjALBgNVHQ8EBAMCAQYwHwYDVR0jBBgw" + + "FoAUgrc4SpOqmxDvgLvZVOLxD/uAnN4wHQYDVR0OBBYEFIK3OEqTqpsQ74C7" + + "2VTi8Q/7gJzeMAwGA1UdEwQFMAMBAf8wHQYJKoZIhvZ9B0EABBAwDhsIVjYu" + + "MDo0LjADAgSQMA0GCSqGSIb3DQEBBQUAA4IBAQAy2p9DdcH6b8lv26sdNjc+" + + "vGEZNrcCPB0jWZhsnu5NhedUyCAfp9S74r8Ad30ka3AvXME6dkm10+AjhCpx" + + "aiLzwScpmBX2NZDkBEzDjbyfYRzn/SSM0URDjBa6m02l1DUvvBHOvfdRN42f" + + "kOQU8Rg/vulZEjX5M5LznuDVa5pxm5lLyHHD4bFhCcTl+pHwQjo3fTT5cujN" + + "qmIcIenV9IIQ43sFti1oVgt+fpIsb01yggztVnSynbmrLSsdEF/bJ3Vwj/0d" + + "1+ICoHnlHOX/r2RAUS2em0fbQqV8H8KmSLDXvpJpTaT2KVfFeBEY3IdRyhOy" + + "Yp1PKzK9MaXB+lKrBYjIMIIEyzCCA7OgAwIBAgIEPhy9tTANBgkqhkiG9w0B" + + "AQUFADBpMQswCQYDVQQGEwJVUzEjMCEGA1UEChMaQWRvYmUgU3lzdGVtcyBJ" + + "bmNvcnBvcmF0ZWQxHTAbBgNVBAsTFEFkb2JlIFRydXN0IFNlcnZpY2VzMRYw" + + "FAYDVQQDEw1BZG9iZSBSb290IENBMB4XDTA0MDExNzAwMDMzOVoXDTE1MDEx" + + "NTA4MDAwMFowRTELMAkGA1UEBhMCVVMxFjAUBgNVBAoTDUdlb1RydXN0IElu" + + "Yy4xHjAcBgNVBAMTFUdlb1RydXN0IENBIGZvciBBZG9iZTCCASIwDQYJKoZI" + + "hvcNAQEBBQADggEPADCCAQoCggEBAKfld+BkeFrnOYW8r9L1WygTDlTdSfrO" + + "YvWS/Z6Ye5/l+HrBbOHqQCXBcSeCpz7kB2WdKMh1FOE4e9JlmICsHerBLdWk" + + "emU+/PDb69zh8E0cLoDfxukF6oVPXj6WSThdSG7H9aXFzRr6S3XGCuvgl+Qw" + + "DTLiLYW+ONF6DXwt3TQQtKReJjOJZk46ZZ0BvMStKyBaeB6DKZsmiIo89qso" + + "13VDZINH2w1KvXg0ygDizoNtbvgAPFymwnsINS1klfQlcvn0x0RJm9bYQXK3" + + "5GNZAgL3M7Lqrld0jMfIUaWvuHCLyivytRuzq1dJ7E8rmidjDEk/G+27pf13" + + "fNZ7vR7M+IkCAwEAAaOCAZ0wggGZMBIGA1UdEwEB/wQIMAYBAf8CAQEwUAYD" + + "VR0gBEkwRzBFBgkqhkiG9y8BAgEwODA2BggrBgEFBQcCARYqaHR0cHM6Ly93" + + "d3cuYWRvYmUuY29tL21pc2MvcGtpL2Nkc19jcC5odG1sMBQGA1UdJQQNMAsG" + + "CSqGSIb3LwEBBTCBsgYDVR0fBIGqMIGnMCKgIKAehhxodHRwOi8vY3JsLmFk" + + "b2JlLmNvbS9jZHMuY3JsMIGAoH6gfKR6MHgxCzAJBgNVBAYTAlVTMSMwIQYD" + + "VQQKExpBZG9iZSBTeXN0ZW1zIEluY29ycG9yYXRlZDEdMBsGA1UECxMUQWRv" + + "YmUgVHJ1c3QgU2VydmljZXMxFjAUBgNVBAMTDUFkb2JlIFJvb3QgQ0ExDTAL" + + "BgNVBAMTBENSTDEwCwYDVR0PBAQDAgEGMB8GA1UdIwQYMBaAFIK3OEqTqpsQ" + + "74C72VTi8Q/7gJzeMB0GA1UdDgQWBBSrgFnDZYNtHX0TvRnD7BqPDUdqozAZ" + + "BgkqhkiG9n0HQQAEDDAKGwRWNi4wAwIEkDANBgkqhkiG9w0BAQUFAAOCAQEA" + + "PzlZLqIAjrFeEWEs0uC29YyJhkXOE9mf3YSaFGsITF+Gl1j0pajTjyH4R35Q" + + "r3floW2q3HfNzTeZ90Jnr1DhVERD6zEMgJpCtJqVuk0sixuXJHghS/KicKf4" + + "YXJJPx9epuIRF1siBRnznnF90svmOJMXApc0jGnYn3nQfk4kaShSnDaYaeYR" + + "DJKcsiWhl6S5zfwS7Gg8hDeyckhMQKKWnlG1CQrwlSFisKCduoodwRtWgft8" + + "kx13iyKK3sbalm6vnVc+5nufS4vI+TwMXoV63NqYaSroafBWk0nL53zGXPEy" + + "+A69QhzEViJKn2Wgqt5gt++jMMNImbRObIqgfgF1VjCCBUwwggQ0oAMCAQIC" + + "AgGDMA0GCSqGSIb3DQEBBQUAMEUxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1H" + + "ZW9UcnVzdCBJbmMuMR4wHAYDVQQDExVHZW9UcnVzdCBDQSBmb3IgQWRvYmUw" + + "HhcNMDYwMzI0MTU0MjI5WhcNMDkwNDA2MTQ0MjI5WjBzMQswCQYDVQQGEwJV" + + "UzELMAkGA1UECBMCTUExETAPBgNVBAoTCEdlb1RydXN0MR0wGwYDVQQDExRN" + + "YXJrZXRpbmcgRGVwYXJ0bWVudDElMCMGCSqGSIb3DQEJARYWbWFya2V0aW5n" + + "QGdlb3RydXN0LmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB" + + "ANmvajTO4XJvAU2nVcLmXeCnAQX7RZt+7+ML3InmqQ3LCGo1weop09zV069/" + + "1x/Nmieol7laEzeXxd2ghjGzwfXafqQEqHn6+vBCvqdNPoSi63fSWhnuDVWp" + + "KVDOYgxOonrXl+Cc43lu4zRSq+Pi5phhrjDWcH74a3/rdljUt4c4GFezFXfa" + + "w2oTzWkxj2cTSn0Szhpr17+p66UNt8uknlhmu4q44Speqql2HwmCEnpLYJrK" + + "W3fOq5D4qdsvsLR2EABLhrBezamLI3iGV8cRHOUTsbTMhWhv/lKfHAyf4XjA" + + "z9orzvPN5jthhIfICOFq/nStTgakyL4Ln+nFAB/SMPkCAwEAAaOCAhYwggIS" + + "MA4GA1UdDwEB/wQEAwIF4DCB5QYDVR0gAQH/BIHaMIHXMIHUBgkqhkiG9y8B" + + "AgEwgcYwgZAGCCsGAQUFBwICMIGDGoGAVGhpcyBjZXJ0aWZpY2F0ZSBoYXMg" + + "YmVlbiBpc3N1ZWQgaW4gYWNjb3JkYW5jZSB3aXRoIHRoZSBBY3JvYmF0IENy" + + "ZWRlbnRpYWxzIENQUyBsb2NhdGVkIGF0IGh0dHA6Ly93d3cuZ2VvdHJ1c3Qu" + + "Y29tL3Jlc291cmNlcy9jcHMwMQYIKwYBBQUHAgEWJWh0dHA6Ly93d3cuZ2Vv" + + "dHJ1c3QuY29tL3Jlc291cmNlcy9jcHMwOgYDVR0fBDMwMTAvoC2gK4YpaHR0" + + "cDovL2NybC5nZW90cnVzdC5jb20vY3Jscy9hZG9iZWNhMS5jcmwwHwYDVR0j" + + "BBgwFoAUq4BZw2WDbR19E70Zw+wajw1HaqMwRAYIKwYBBQUHAQEEODA2MDQG" + + "CCsGAQUFBzABhihodHRwOi8vYWRvYmUtb2NzcC5nZW90cnVzdC5jb20vcmVz" + + "cG9uZGVyMBQGA1UdJQQNMAsGCSqGSIb3LwEBBTA8BgoqhkiG9y8BAQkBBC4w" + + "LAIBAYYnaHR0cDovL2Fkb2JlLXRpbWVzdGFtcC5nZW90cnVzdC5jb20vdHNh" + + "MBMGCiqGSIb3LwEBCQIEBTADAgEBMAwGA1UdEwQFMAMCAQAwDQYJKoZIhvcN" + + "AQEFBQADggEBAAOhy6QxOo+i3h877fvDvTa0plGD2bIqK7wMdNqbMDoSWied" + + "FIcgcBOIm2wLxOjZBAVj/3lDq59q2rnVeNnfXM0/N0MHI9TumHRjU7WNk9e4" + + "+JfJ4M+c3anrWOG3NE5cICDVgles+UHjXetHWql/LlP04+K2ZOLb6LE2xGnI" + + "YyLW9REzCYNAVF+/WkYdmyceHtaBZdbyVAJq0NAJPsfgY1pWcBo31Mr1fpX9" + + "WrXNTYDCqMyxMImJTmN3iI68tkXlNrhweQoArKFqBysiBkXzG/sGKYY6tWKU" + + "pzjLc3vIp/LrXC5zilROes8BSvwu1w9qQrJNcGwo7O4uijoNtyYil1Exgh1Q" + + "MIIdTAIBATBLMEUxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1HZW9UcnVzdCBJ" + + "bmMuMR4wHAYDVQQDExVHZW9UcnVzdCBDQSBmb3IgQWRvYmUCAgGDMAkGBSsO" + + "AwIaBQCgggxMMBgGCSqGSIb3DQEJAzELBgkqhkiG9w0BBwEwIwYJKoZIhvcN" + + "AQkEMRYEFP4R6qIdpQJzWyzrqO8X1ZfJOgChMIIMCQYJKoZIhvcvAQEIMYIL" + + "+jCCC/agggZ5MIIGdTCCA6gwggKQMA0GCSqGSIb3DQEBBQUAMEUxCzAJBgNV" + + "BAYTAlVTMRYwFAYDVQQKEw1HZW9UcnVzdCBJbmMuMR4wHAYDVQQDExVHZW9U" + + "cnVzdCBDQSBmb3IgQWRvYmUXDTA2MDQwNDE3NDAxMFoXDTA2MDQwNTE3NDAx" + + "MFowggIYMBMCAgC5Fw0wNTEwMTEyMDM2MzJaMBICAVsXDTA0MTEwNDE1MDk0" + + "MVowEwICALgXDTA1MTIxMjIyMzgzOFowEgIBWhcNMDQxMTA0MTUwOTMzWjAT" + + "AgIA5hcNMDUwODI3MDQwOTM4WjATAgIAtxcNMDYwMTE2MTc1NTEzWjATAgIA" + + "hhcNMDUxMjEyMjIzODU1WjATAgIAtRcNMDUwNzA2MTgzODQwWjATAgIA4BcN" + + "MDYwMzIwMDc0ODM0WjATAgIAgRcNMDUwODAyMjIzMTE1WjATAgIA3xcNMDUx" + + "MjEyMjIzNjUwWjASAgFKFw0wNDExMDQxNTA5MTZaMBICAUQXDTA0MTEwNDE1" + + "MDg1M1owEgIBQxcNMDQxMDAzMDEwMDQwWjASAgFsFw0wNDEyMDYxOTQ0MzFa" + + "MBMCAgEoFw0wNjAzMDkxMjA3MTJaMBMCAgEkFw0wNjAxMTYxNzU1MzRaMBIC" + + "AWcXDTA1MDMxODE3NTYxNFowEwICAVEXDTA2MDEzMTExMjcxMVowEgIBZBcN" + + "MDQxMTExMjI0ODQxWjATAgIA8RcNMDUwOTE2MTg0ODAxWjATAgIBThcNMDYw" + + "MjIxMjAxMDM2WjATAgIAwRcNMDUxMjEyMjIzODE2WjASAgFiFw0wNTAxMTAx" + + "NjE5MzRaMBICAWAXDTA1MDExMDE5MDAwNFowEwICAL4XDTA1MDUxNzE0NTYx" + + "MFowDQYJKoZIhvcNAQEFBQADggEBAEKhRMS3wVho1U3EvEQJZC8+JlUngmZQ" + + "A78KQbHPWNZWFlNvPuf/b0s7Lu16GfNHXh1QAW6Y5Hi1YtYZ3YOPyMd4Xugt" + + "gCdumbB6xtKsDyN5RvTht6ByXj+CYlYqsL7RX0izJZ6mJn4fjMkqzPKNOjb8" + + "kSn5T6rn93BjlATtCE8tPVOM8dnqGccRE0OV59+nDBXc90UMt5LdEbwaUOap" + + "snVB0oLcNm8d/HnlVH6RY5LnDjrT4vwfe/FApZtTecEWsllVUXDjSpwfcfD/" + + "476/lpGySB2otALqzImlA9R8Ok3hJ8dnF6hhQ5Oe6OJMnGYgdhkKbxsKkdib" + + "tTVl3qmH5QAwggLFMIIBrQIBATANBgkqhkiG9w0BAQUFADBpMQswCQYDVQQG" + + "EwJVUzEjMCEGA1UEChMaQWRvYmUgU3lzdGVtcyBJbmNvcnBvcmF0ZWQxHTAb" + + "BgNVBAsTFEFkb2JlIFRydXN0IFNlcnZpY2VzMRYwFAYDVQQDEw1BZG9iZSBS" + + "b290IENBFw0wNjAxMjcxODMzMzFaFw0wNzAxMjcwMDAwMDBaMIHeMCMCBD4c" + + "vUAXDTAzMDEyMTIzNDY1NlowDDAKBgNVHRUEAwoBBDAjAgQ+HL1BFw0wMzAx" + + "MjEyMzQ3MjJaMAwwCgYDVR0VBAMKAQQwIwIEPhy9YhcNMDMwMTIxMjM0NzQy" + + "WjAMMAoGA1UdFQQDCgEEMCMCBD4cvWEXDTA0MDExNzAxMDg0OFowDDAKBgNV" + + "HRUEAwoBBDAjAgQ+HL2qFw0wNDAxMTcwMTA5MDVaMAwwCgYDVR0VBAMKAQQw" + + "IwIEPhy9qBcNMDQwMTE3MDEzOTI5WjAMMAoGA1UdFQQDCgEEoC8wLTAKBgNV" + + "HRQEAwIBDzAfBgNVHSMEGDAWgBSCtzhKk6qbEO+Au9lU4vEP+4Cc3jANBgkq" + + "hkiG9w0BAQUFAAOCAQEAwtXF9042wG39icUlsotn5tpE3oCusLb/hBpEONhx" + + "OdfEQOq0w5hf/vqaxkcf71etA+KpbEUeSVaHMHRPhx/CmPrO9odE139dJdbt" + + "9iqbrC9iZokFK3h/es5kg73xujLKd7C/u5ngJ4mwBtvhMLjFjF2vJhPKHL4C" + + "IgMwdaUAhrcNzy16v+mw/VGJy3Fvc6oCESW1K9tvFW58qZSNXrMlsuidgunM" + + "hPKG+z0SXVyCqL7pnqKiaGddcgujYGOSY4S938oVcfZeZQEODtSYGlzldojX" + + "C1U1hCK5+tHAH0Ox/WqRBIol5VCZQwJftf44oG8oviYq52aaqSejXwmfT6zb" + + "76GCBXUwggVxMIIFbQoBAKCCBWYwggViBgkrBgEFBQcwAQEEggVTMIIFTzCB" + + "taIWBBS+8EpykfXdl4h3z7m/NZfdkAQQERgPMjAwNjA0MDQyMDIwMTVaMGUw" + + "YzA7MAkGBSsOAwIaBQAEFEb4BuZYkbjBjOjT6VeA/00fBvQaBBT3fTSQniOp" + + "BbHBSkz4xridlX0bsAICAYOAABgPMjAwNjA0MDQyMDIwMTVaoBEYDzIwMDYw" + + "NDA1MDgyMDE1WqEjMCEwHwYJKwYBBQUHMAECBBIEEFqooq/R2WltD7TposkT" + + "BhMwDQYJKoZIhvcNAQEFBQADgYEAMig6lty4b0JDsT/oanfQG5x6jVKPACpp" + + "1UA9SJ0apJJa7LeIdDFmu5C2S/CYiKZm4A4P9cAu0YzgLHxE4r6Op+HfVlAG" + + "6bzUe1P/hi1KCJ8r8wxOZAktQFPSzs85RAZwkHMfB0lP2e/h666Oye+Zf8VH" + + "RaE+/xZ7aswE89HXoumgggQAMIID/DCCA/gwggLgoAMCAQICAXUwDQYJKoZI" + + "hvcNAQEFBQAwRTELMAkGA1UEBhMCVVMxFjAUBgNVBAoTDUdlb1RydXN0IElu" + + "Yy4xHjAcBgNVBAMTFUdlb1RydXN0IENBIGZvciBBZG9iZTAeFw0wNDEyMDIy" + + "MTI1MzlaFw0wNjEyMzAyMTI1MzlaMEwxCzAJBgNVBAYTAlVTMRUwEwYDVQQK" + + "EwxHZW9UcnVzdCBJbmMxJjAkBgNVBAMTHUdlb1RydXN0IEFkb2JlIE9DU1Ag" + + "UmVzcG9uZGVyMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDiCc1iG3Dt" + + "TpB5Vdk4OcaEcyP46BnQMHf3esSTprar2SrXb0gDZ7TfIoFN8l9BH1pYpzZC" + + "P3R2xKo+O9MMcUZCxqCbYVC6GcDd9vVRaE/N4Qh2bpvEOydDydaoqrGdZnMQ" + + "tlt2ncj1sEuLMiqhtmi/O3rQs0yCGf+6e++6Gl5VKwIDAQABo4IBbjCCAWow" + + "DgYDVR0PAQH/BAQDAgTwMIHlBgNVHSABAf8EgdowgdcwgdQGCSqGSIb3LwEC" + + "ATCBxjCBkAYIKwYBBQUHAgIwgYMagYBUaGlzIGNlcnRpZmljYXRlIGhhcyBi" + + "ZWVuIGlzc3VlZCBpbiBhY2NvcmRhbmNlIHdpdGggdGhlIEFjcm9iYXQgQ3Jl" + + "ZGVudGlhbHMgQ1BTIGxvY2F0ZWQgYXQgaHR0cDovL3d3dy5nZW90cnVzdC5j" + + "b20vcmVzb3VyY2VzL2NwczAxBggrBgEFBQcCARYlaHR0cDovL3d3dy5nZW90" + + "cnVzdC5jb20vcmVzb3VyY2VzL2NwczATBgNVHSUEDDAKBggrBgEFBQcDCTA6" + + "BgNVHR8EMzAxMC+gLaArhilodHRwOi8vY3JsLmdlb3RydXN0LmNvbS9jcmxz" + + "L2Fkb2JlY2ExLmNybDAfBgNVHSMEGDAWgBSrgFnDZYNtHX0TvRnD7BqPDUdq" + + "ozANBgkqhkiG9w0BAQUFAAOCAQEAQ0l/UEPs9fmK+5prC33SrU4bNekhAv8K" + + "XMR4VWY4jGo9zURMVGr3Zi7Eblvr5H6T60aSYLA8txjyKmDplxsn8CKtCGiH" + + "OOUW5PpgBexN8SMKoRl9YzaxLtysrYRjEIyYoTfEN89yVi2sCjPupm/F9CPR" + + "O7EdKy0dm/f3C7ZmIbUFaIRzINDJOCpM5cGhmZ8m2yG4BxeZOmCSthKtLfvM" + + "2U9MaH6kxhDTJYNzw5BElHg5jlld92drTWaO0lM6aPr/pc+gs9hOraBCtzYE" + + "J40nhsSEtvuwVUE9vA+unNMT8dFtAcOvOPRiKYPF45RX9Rdy2C9jAc20SRwE" + + "uw6b+7K0xjANBgkqhkiG9w0BAQEFAASCAQC7a4yICFGCEMPlJbydK5qLG3rV" + + "sip7Ojjz9TB4nLhC2DgsIHds8jjdq2zguInluH2nLaBCVS+qxDVlTjgbI2cB" + + "TaWS8nglC7nNjzkKAsa8vThA8FZUVXTW0pb74jNJJU2AA27bb4g+4WgunCrj" + + "fpYp+QjDyMmdrJVqRmt5eQN+dpVxMS9oq+NrhOSEhyIb4/rejgNg9wnVK1ms" + + "l5PxQ4x7kpm7+Ua41//owkJVWykRo4T1jo4eHEz1DolPykAaKie2VKH/sMqR" + + "Spjh4E5biKJLOV9fKivZWKAXByXfwUbbMsJvz4v/2yVHFy9xP+tqB5ZbRoDK" + + "k8PzUyCprozn+/22oYIPijCCD4YGCyqGSIb3DQEJEAIOMYIPdTCCD3EGCSqG" + + "SIb3DQEHAqCCD2Iwgg9eAgEDMQswCQYFKw4DAhoFADCB+gYLKoZIhvcNAQkQ" + + "AQSggeoEgecwgeQCAQEGAikCMCEwCQYFKw4DAhoFAAQUoT97qeCv3FXYaEcS" + + "gY8patCaCA8CAiMHGA8yMDA2MDQwNDIwMjA1N1owAwIBPAEB/wIIO0yRre3L" + + "8/6ggZCkgY0wgYoxCzAJBgNVBAYTAlVTMRYwFAYDVQQIEw1NYXNzYWNodXNl" + + "dHRzMRAwDgYDVQQHEwdOZWVkaGFtMRUwEwYDVQQKEwxHZW9UcnVzdCBJbmMx" + + "EzARBgNVBAsTClByb2R1Y3Rpb24xJTAjBgNVBAMTHGFkb2JlLXRpbWVzdGFt" + + "cC5nZW90cnVzdC5jb22gggzJMIIDUTCCAjmgAwIBAgICAI8wDQYJKoZIhvcN" + + "AQEFBQAwRTELMAkGA1UEBhMCVVMxFjAUBgNVBAoTDUdlb1RydXN0IEluYy4x" + + "HjAcBgNVBAMTFUdlb1RydXN0IENBIGZvciBBZG9iZTAeFw0wNTAxMTAwMTI5" + + "MTBaFw0xNTAxMTUwODAwMDBaMIGKMQswCQYDVQQGEwJVUzEWMBQGA1UECBMN" + + "TWFzc2FjaHVzZXR0czEQMA4GA1UEBxMHTmVlZGhhbTEVMBMGA1UEChMMR2Vv" + + "VHJ1c3QgSW5jMRMwEQYDVQQLEwpQcm9kdWN0aW9uMSUwIwYDVQQDExxhZG9i" + + "ZS10aW1lc3RhbXAuZ2VvdHJ1c3QuY29tMIGfMA0GCSqGSIb3DQEBAQUAA4GN" + + "ADCBiQKBgQDRbxJotLFPWQuuEDhKtOMaBUJepGxIvWxeahMbq1DVmqnk88+j" + + "w/5lfPICPzQZ1oHrcTLSAFM7Mrz3pyyQKQKMqUyiemzuG/77ESUNfBNSUfAF" + + "PdtHuDMU8Is8ABVnFk63L+wdlvvDIlKkE08+VTKCRdjmuBVltMpQ6QcLFQzm" + + "AQIDAQABo4GIMIGFMDoGA1UdHwQzMDEwL6AtoCuGKWh0dHA6Ly9jcmwuZ2Vv" + + "dHJ1c3QuY29tL2NybHMvYWRvYmVjYTEuY3JsMB8GA1UdIwQYMBaAFKuAWcNl" + + "g20dfRO9GcPsGo8NR2qjMA4GA1UdDwEB/wQEAwIGwDAWBgNVHSUBAf8EDDAK" + + "BggrBgEFBQcDCDANBgkqhkiG9w0BAQUFAAOCAQEAmnyXjdtX+F79Nf0KggTd" + + "6YC2MQD9s09IeXTd8TP3rBmizfM+7f3icggeCGakNfPRmIUMLoa0VM5Kt37T" + + "2X0TqzBWusfbKx7HnX4v1t/G8NJJlT4SShSHv+8bjjU4lUoCmW2oEcC5vXwP" + + "R5JfjCyois16npgcO05ZBT+LLDXyeBijE6qWmwLDfEpLyILzVRmyU4IE7jvm" + + "rgb3GXwDUvd3yQXGRRHbPCh3nj9hBGbuzyt7GnlqnEie3wzIyMG2ET/wvTX5" + + "4BFXKNe7lDLvZj/MXvd3V7gMTSVW0kAszKao56LfrVTgp1VX3UBQYwmQqaoA" + + "UwFezih+jEvjW6cYJo/ErDCCBKEwggOJoAMCAQICBD4cvSgwDQYJKoZIhvcN" + + "AQEFBQAwaTELMAkGA1UEBhMCVVMxIzAhBgNVBAoTGkFkb2JlIFN5c3RlbXMg" + + "SW5jb3Jwb3JhdGVkMR0wGwYDVQQLExRBZG9iZSBUcnVzdCBTZXJ2aWNlczEW" + + "MBQGA1UEAxMNQWRvYmUgUm9vdCBDQTAeFw0wMzAxMDgyMzM3MjNaFw0yMzAx" + + "MDkwMDA3MjNaMGkxCzAJBgNVBAYTAlVTMSMwIQYDVQQKExpBZG9iZSBTeXN0" + + "ZW1zIEluY29ycG9yYXRlZDEdMBsGA1UECxMUQWRvYmUgVHJ1c3QgU2Vydmlj" + + "ZXMxFjAUBgNVBAMTDUFkb2JlIFJvb3QgQ0EwggEiMA0GCSqGSIb3DQEBAQUA" + + "A4IBDwAwggEKAoIBAQDMT1SE96ei5zNTfz+cEohrLJlHZ34PHrmtFIj5wxDY" + + "HfDw1Z9pCi9ZNbDMbKlMnBWgn84gv6DPVOLgIGZFPzmGOH6cxI4HIsYk9gES" + + "sDXfVeppkLDbhTce4k4HskKhahNpoGbqgJERWSqbCHlaIEQtyb1zOIs8L+BD" + + "G12zC/CvNRop/u+mkt2BTJ09WY6tMTxAfpuRNgb84lyN0Y0m1VxFz69lP7Gq" + + "0mKW9Kg46rpgQvT0HEo1Fc74TiJWD5UYxfiWn5/7sLd4JemAa73WCvDGdJSd" + + "8w9Q25p3zktwgyONoMp4IERcPFRk8eqiMBmf6kwGTQZ4S16S3yLSyWezetIB" + + "AgMBAAGjggFPMIIBSzARBglghkgBhvhCAQEEBAMCAAcwgY4GA1UdHwSBhjCB" + + "gzCBgKB+oHykejB4MQswCQYDVQQGEwJVUzEjMCEGA1UEChMaQWRvYmUgU3lz" + + "dGVtcyBJbmNvcnBvcmF0ZWQxHTAbBgNVBAsTFEFkb2JlIFRydXN0IFNlcnZp" + + "Y2VzMRYwFAYDVQQDEw1BZG9iZSBSb290IENBMQ0wCwYDVQQDEwRDUkwxMCsG" + + "A1UdEAQkMCKADzIwMDMwMTA4MjMzNzIzWoEPMjAyMzAxMDkwMDA3MjNaMAsG" + + "A1UdDwQEAwIBBjAfBgNVHSMEGDAWgBSCtzhKk6qbEO+Au9lU4vEP+4Cc3jAd" + + "BgNVHQ4EFgQUgrc4SpOqmxDvgLvZVOLxD/uAnN4wDAYDVR0TBAUwAwEB/zAd" + + "BgkqhkiG9n0HQQAEEDAOGwhWNi4wOjQuMAMCBJAwDQYJKoZIhvcNAQEFBQAD" + + "ggEBADLan0N1wfpvyW/bqx02Nz68YRk2twI8HSNZmGye7k2F51TIIB+n1Lvi" + + "vwB3fSRrcC9cwTp2SbXT4COEKnFqIvPBJymYFfY1kOQETMONvJ9hHOf9JIzR" + + "REOMFrqbTaXUNS+8Ec6991E3jZ+Q5BTxGD++6VkSNfkzkvOe4NVrmnGbmUvI" + + "ccPhsWEJxOX6kfBCOjd9NPly6M2qYhwh6dX0ghDjewW2LWhWC35+kixvTXKC" + + "DO1WdLKduastKx0QX9sndXCP/R3X4gKgeeUc5f+vZEBRLZ6bR9tCpXwfwqZI" + + "sNe+kmlNpPYpV8V4ERjch1HKE7JinU8rMr0xpcH6UqsFiMgwggTLMIIDs6AD" + + "AgECAgQ+HL21MA0GCSqGSIb3DQEBBQUAMGkxCzAJBgNVBAYTAlVTMSMwIQYD" + + "VQQKExpBZG9iZSBTeXN0ZW1zIEluY29ycG9yYXRlZDEdMBsGA1UECxMUQWRv" + + "YmUgVHJ1c3QgU2VydmljZXMxFjAUBgNVBAMTDUFkb2JlIFJvb3QgQ0EwHhcN" + + "MDQwMTE3MDAwMzM5WhcNMTUwMTE1MDgwMDAwWjBFMQswCQYDVQQGEwJVUzEW" + + "MBQGA1UEChMNR2VvVHJ1c3QgSW5jLjEeMBwGA1UEAxMVR2VvVHJ1c3QgQ0Eg" + + "Zm9yIEFkb2JlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp+V3" + + "4GR4Wuc5hbyv0vVbKBMOVN1J+s5i9ZL9nph7n+X4esFs4epAJcFxJ4KnPuQH" + + "ZZ0oyHUU4Th70mWYgKwd6sEt1aR6ZT788Nvr3OHwTRwugN/G6QXqhU9ePpZJ" + + "OF1Ibsf1pcXNGvpLdcYK6+CX5DANMuIthb440XoNfC3dNBC0pF4mM4lmTjpl" + + "nQG8xK0rIFp4HoMpmyaIijz2qyjXdUNkg0fbDUq9eDTKAOLOg21u+AA8XKbC" + + "ewg1LWSV9CVy+fTHREmb1thBcrfkY1kCAvczsuquV3SMx8hRpa+4cIvKK/K1" + + "G7OrV0nsTyuaJ2MMST8b7bul/Xd81nu9Hsz4iQIDAQABo4IBnTCCAZkwEgYD" + + "VR0TAQH/BAgwBgEB/wIBATBQBgNVHSAESTBHMEUGCSqGSIb3LwECATA4MDYG" + + "CCsGAQUFBwIBFipodHRwczovL3d3dy5hZG9iZS5jb20vbWlzYy9wa2kvY2Rz" + + "X2NwLmh0bWwwFAYDVR0lBA0wCwYJKoZIhvcvAQEFMIGyBgNVHR8Egaowgacw" + + "IqAgoB6GHGh0dHA6Ly9jcmwuYWRvYmUuY29tL2Nkcy5jcmwwgYCgfqB8pHow" + + "eDELMAkGA1UEBhMCVVMxIzAhBgNVBAoTGkFkb2JlIFN5c3RlbXMgSW5jb3Jw" + + "b3JhdGVkMR0wGwYDVQQLExRBZG9iZSBUcnVzdCBTZXJ2aWNlczEWMBQGA1UE" + + "AxMNQWRvYmUgUm9vdCBDQTENMAsGA1UEAxMEQ1JMMTALBgNVHQ8EBAMCAQYw" + + "HwYDVR0jBBgwFoAUgrc4SpOqmxDvgLvZVOLxD/uAnN4wHQYDVR0OBBYEFKuA" + + "WcNlg20dfRO9GcPsGo8NR2qjMBkGCSqGSIb2fQdBAAQMMAobBFY2LjADAgSQ" + + "MA0GCSqGSIb3DQEBBQUAA4IBAQA/OVkuogCOsV4RYSzS4Lb1jImGRc4T2Z/d" + + "hJoUawhMX4aXWPSlqNOPIfhHflCvd+Whbarcd83NN5n3QmevUOFUREPrMQyA" + + "mkK0mpW6TSyLG5ckeCFL8qJwp/hhckk/H16m4hEXWyIFGfOecX3Sy+Y4kxcC" + + "lzSMadifedB+TiRpKFKcNphp5hEMkpyyJaGXpLnN/BLsaDyEN7JySExAopae" + + "UbUJCvCVIWKwoJ26ih3BG1aB+3yTHXeLIorextqWbq+dVz7me59Li8j5PAxe" + + "hXrc2phpKuhp8FaTScvnfMZc8TL4Dr1CHMRWIkqfZaCq3mC376Mww0iZtE5s" + + "iqB+AXVWMYIBgDCCAXwCAQEwSzBFMQswCQYDVQQGEwJVUzEWMBQGA1UEChMN" + + "R2VvVHJ1c3QgSW5jLjEeMBwGA1UEAxMVR2VvVHJ1c3QgQ0EgZm9yIEFkb2Jl" + + "AgIAjzAJBgUrDgMCGgUAoIGMMBoGCSqGSIb3DQEJAzENBgsqhkiG9w0BCRAB" + + "BDAcBgkqhkiG9w0BCQUxDxcNMDYwNDA0MjAyMDU3WjAjBgkqhkiG9w0BCQQx" + + "FgQUp7AnXBqoNcarvO7fMJut1og2U5AwKwYLKoZIhvcNAQkQAgwxHDAaMBgw" + + "FgQU1dH4eZTNhgxdiSABrat6zsPdth0wDQYJKoZIhvcNAQEBBQAEgYCinr/F" + + "rMiQz/MRm9ZD5YGcC0Qo2dRTPd0Aop8mZ4g1xAhKFLnp7lLsjCbkSDpVLDBh" + + "cnCk7CV+3FT5hlvt8OqZlR0CnkSnCswLFhrppiWle6cpxlwGqyAteC8uKtQu" + + "wjE5GtBKLcCOAzQYyyuNZZeB6oCZ+3mPhZ62FxrvvEGJCgAAAAAAAAAAAAAA" + + "AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA" + + "AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA" + + "AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA" + + "AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA" + + "AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA" + + "AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA" + + "AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA" + + "AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA" + + "AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA=="); + + private static readonly byte[] emptyDNCert = Base64.Decode( + "MIICfTCCAeagAwIBAgIBajANBgkqhkiG9w0BAQQFADB8MQswCQYDVQQGEwJVUzEMMAoGA1UEChMD" + + "Q0RXMQkwBwYDVQQLEwAxCTAHBgNVBAcTADEJMAcGA1UECBMAMRowGAYDVQQDExFUZW1wbGFyIFRl" + + "c3QgMTAyNDEiMCAGCSqGSIb3DQEJARYTdGVtcGxhcnRlc3RAY2R3LmNvbTAeFw0wNjA1MjIwNTAw" + + "MDBaFw0xMDA1MjIwNTAwMDBaMHwxCzAJBgNVBAYTAlVTMQwwCgYDVQQKEwNDRFcxCTAHBgNVBAsT" + + "ADEJMAcGA1UEBxMAMQkwBwYDVQQIEwAxGjAYBgNVBAMTEVRlbXBsYXIgVGVzdCAxMDI0MSIwIAYJ" + + "KoZIhvcNAQkBFhN0ZW1wbGFydGVzdEBjZHcuY29tMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKB" + + "gQDH3aJpJBfM+A3d84j5YcU6zEQaQ76u5xO9NSBmHjZykKS2kCcUqPpvVOPDA5WgV22dtKPh+lYV" + + "iUp7wyCVwAKibq8HIbihHceFqMKzjwC639rMoDJ7bi/yzQWz1Zg+075a4FGPlUKn7Yfu89wKkjdW" + + "wDpRPXc/agqBnrx5pJTXzQIDAQABow8wDTALBgNVHQ8EBAMCALEwDQYJKoZIhvcNAQEEBQADgYEA" + + "RRsRsjse3i2/KClFVd6YLZ+7K1BE0WxFyY2bbytkwQJSxvv3vLSuweFUbhNxutb68wl/yW4GLy4b" + + "1QdyswNxrNDXTuu5ILKhRDDuWeocz83aG2KGtr3JlFyr3biWGEyn5WUOE6tbONoQDJ0oPYgI6CAc" + + "EHdUp0lioOCt6UOw7Cs="); + + private static readonly byte[] gostRFC4491_94 = Base64.Decode( + "MIICCzCCAboCECMO42BGlSTOxwvklBgufuswCAYGKoUDAgIEMGkxHTAbBgNVBAMM" + + "FEdvc3RSMzQxMC05NCBleGFtcGxlMRIwEAYDVQQKDAlDcnlwdG9Qcm8xCzAJBgNV" + + "BAYTAlJVMScwJQYJKoZIhvcNAQkBFhhHb3N0UjM0MTAtOTRAZXhhbXBsZS5jb20w" + + "HhcNMDUwODE2MTIzMjUwWhcNMTUwODE2MTIzMjUwWjBpMR0wGwYDVQQDDBRHb3N0" + + "UjM0MTAtOTQgZXhhbXBsZTESMBAGA1UECgwJQ3J5cHRvUHJvMQswCQYDVQQGEwJS" + + "VTEnMCUGCSqGSIb3DQEJARYYR29zdFIzNDEwLTk0QGV4YW1wbGUuY29tMIGlMBwG" + + "BiqFAwICFDASBgcqhQMCAiACBgcqhQMCAh4BA4GEAASBgLuEZuF5nls02CyAfxOo" + + "GWZxV/6MVCUhR28wCyd3RpjG+0dVvrey85NsObVCNyaE4g0QiiQOHwxCTSs7ESuo" + + "v2Y5MlyUi8Go/htjEvYJJYfMdRv05YmKCYJo01x3pg+2kBATjeM+fJyR1qwNCCw+" + + "eMG1wra3Gqgqi0WBkzIydvp7MAgGBiqFAwICBANBABHHCH4S3ALxAiMpR3aPRyqB" + + "g1DjB8zy5DEjiULIc+HeIveF81W9lOxGkZxnrFjXBSqnjLeFKgF1hffXOAP7zUM="); + + private static readonly byte[] gostRFC4491_2001 = Base64.Decode( + "MIIB0DCCAX8CECv1xh7CEb0Xx9zUYma0LiEwCAYGKoUDAgIDMG0xHzAdBgNVBAMM" + + "Fkdvc3RSMzQxMC0yMDAxIGV4YW1wbGUxEjAQBgNVBAoMCUNyeXB0b1BybzELMAkG" + + "A1UEBhMCUlUxKTAnBgkqhkiG9w0BCQEWGkdvc3RSMzQxMC0yMDAxQGV4YW1wbGUu" + + "Y29tMB4XDTA1MDgxNjE0MTgyMFoXDTE1MDgxNjE0MTgyMFowbTEfMB0GA1UEAwwW" + + "R29zdFIzNDEwLTIwMDEgZXhhbXBsZTESMBAGA1UECgwJQ3J5cHRvUHJvMQswCQYD" + + "VQQGEwJSVTEpMCcGCSqGSIb3DQEJARYaR29zdFIzNDEwLTIwMDFAZXhhbXBsZS5j" + + "b20wYzAcBgYqhQMCAhMwEgYHKoUDAgIkAAYHKoUDAgIeAQNDAARAhJVodWACGkB1" + + "CM0TjDGJLP3lBQN6Q1z0bSsP508yfleP68wWuZWIA9CafIWuD+SN6qa7flbHy7Df" + + "D2a8yuoaYDAIBgYqhQMCAgMDQQA8L8kJRLcnqeyn1en7U23Sw6pkfEQu3u0xFkVP" + + "vFQ/3cHeF26NG+xxtZPz3TaTVXdoiYkXYiD02rEx1bUcM97i"); + + private class DudPublicKey + : AsymmetricKeyParameter + { + public DudPublicKey() + : base(false) + { + } + + public string Algorithm + { + get { return null; } + } + + public string Format + { + get { return null; } + } + + public byte[] GetEncoded() + { + return null; + } + } + + private AsymmetricKeyParameter dudPublicKey = new DudPublicKey(); + + public override string Name + { + get { return "CertTest"; } + } + + internal void checkCertificate( + int id, + byte[] bytes) + { + string dump = ""; + + try + { + X509Certificate cert = new X509CertificateParser().ReadCertificate(bytes); + + AsymmetricKeyParameter k = cert.GetPublicKey(); + // Console.WriteLine(cert); + } + catch (Exception e) + { + Fail(dump + SimpleTest.NewLine + Name + ": "+ id + " failed - exception " + e.Message, e); + } + } + + internal void checkNameCertificate( + int id, + byte[] bytes) + { + string dump = ""; + + try + { + X509Certificate cert = new X509CertificateParser().ReadCertificate(bytes); + + AsymmetricKeyParameter k = cert.GetPublicKey(); + if (!cert.IssuerDN.ToString().Equals("C=DE,O=DATEV eG,0.2.262.1.10.7.20=1+CN=CA DATEV D03 1:PN")) + { + Fail(id + " failed - name test."); + } + // Console.WriteLine(cert); + } + catch (Exception e) + { + Fail(dump + SimpleTest.NewLine + Name + ": "+ id + " failed - exception " + e.Message, e); + } + + } + + internal void checkKeyUsage( + int id, + byte[] bytes) + { + string dump = ""; + + try + { + X509Certificate cert = new X509CertificateParser().ReadCertificate(bytes); + + AsymmetricKeyParameter k = cert.GetPublicKey(); + + if (cert.GetKeyUsage()[7]) + { + Fail("error generating cert - key usage wrong."); + } + + // Console.WriteLine(cert); + } + catch (Exception e) + { + Fail(dump + SimpleTest.NewLine + Name + ": "+ id + " failed - exception " + e.Message, e); + } + + } + + internal void checkSelfSignedCertificate( + int id, + byte[] bytes) + { + string dump = ""; + + try + { + X509Certificate cert = new X509CertificateParser().ReadCertificate(bytes); + + AsymmetricKeyParameter k = cert.GetPublicKey(); + + cert.Verify(k); + // Console.WriteLine(cert); + } + catch (Exception e) + { + Fail(dump + SimpleTest.NewLine + Name + ": "+ id + " failed - exception " + e.Message, e); + } + } + + /** + * we Generate a self signed certificate for the sake of testing - RSA + */ + internal void checkCreation1() + { + // + // a sample key pair. + // + RsaKeyParameters pubKey = new RsaKeyParameters( + false, + new BigInteger("b4a7e46170574f16a97082b22be58b6a2a629798419be12872a4bdba626cfae9900f76abfb12139dce5de56564fab2b6543165a040c606887420e33d91ed7ed7", 16), + new BigInteger("11", 16)); + + RsaPrivateCrtKeyParameters privKey = new RsaPrivateCrtKeyParameters( + new BigInteger("b4a7e46170574f16a97082b22be58b6a2a629798419be12872a4bdba626cfae9900f76abfb12139dce5de56564fab2b6543165a040c606887420e33d91ed7ed7", 16), + new BigInteger("11", 16), + new BigInteger("9f66f6b05410cd503b2709e88115d55daced94d1a34d4e32bf824d0dde6028ae79c5f07b580f5dce240d7111f7ddb130a7945cd7d957d1920994da389f490c89", 16), + new BigInteger("c0a0758cdf14256f78d4708c86becdead1b50ad4ad6c5c703e2168fbf37884cb", 16), + new BigInteger("f01734d7960ea60070f1b06f2bb81bfac48ff192ae18451d5e56c734a5aab8a5", 16), + new BigInteger("b54bb9edff22051d9ee60f9351a48591b6500a319429c069a3e335a1d6171391", 16), + new BigInteger("d3d83daf2a0cecd3367ae6f8ae1aeb82e9ac2f816c6fc483533d8297dd7884cd", 16), + new BigInteger("b8f52fc6f38593dabb661d3f50f8897f8106eee68b1bce78a95b132b4e5b5d19", 16)); + + // + // set up the keys + // +// AsymmetricKeyParameter privKey; +// AsymmetricKeyParameter pubKey; + +// KeyFactory fact = KeyFactory.GetInstance("RSA"); +// +// privKey = fact.generatePrivate(privKeySpec); +// pubKey = fact.generatePublic(pubKeySpec); + + // + // distinguished name table. + // + IList ord = new ArrayList(); + ord.Add(X509Name.C); + ord.Add(X509Name.O); + ord.Add(X509Name.L); + ord.Add(X509Name.ST); + ord.Add(X509Name.E); + + IList values = new ArrayList(); + values.Add("AU"); + values.Add("The Legion of the Bouncy Castle"); + values.Add("Melbourne"); + values.Add("Victoria"); + values.Add("feedback-crypto@bouncycastle.org"); + + // + // extensions + // + + // + // create the certificate - version 3 - without extensions + // + X509V3CertificateGenerator certGen = new X509V3CertificateGenerator(); + + certGen.SetSerialNumber(BigInteger.One); + certGen.SetIssuerDN(new X509Name(ord, values)); + certGen.SetNotBefore(DateTime.UtcNow.AddSeconds(-50)); + certGen.SetNotAfter(DateTime.UtcNow.AddSeconds(50)); + certGen.SetSubjectDN(new X509Name(ord, values)); + certGen.SetPublicKey(pubKey); + certGen.SetSignatureAlgorithm("SHA256WithRSAEncryption"); + + X509Certificate cert = certGen.Generate(privKey); + + cert.CheckValidity(DateTime.UtcNow); + + cert.Verify(pubKey); + + ISet dummySet = cert.GetNonCriticalExtensionOids(); + if (dummySet != null) + { + Fail("non-critical oid set should be null"); + } + dummySet = cert.GetCriticalExtensionOids(); + if (dummySet != null) + { + Fail("critical oid set should be null"); + } + + // + // create the certificate - version 3 - with extensions + // + certGen = new X509V3CertificateGenerator(); + + certGen.SetSerialNumber(BigInteger.One); + certGen.SetIssuerDN(new X509Name(ord, values)); + certGen.SetNotBefore(DateTime.UtcNow.AddSeconds(-50)); + certGen.SetNotAfter(DateTime.UtcNow.AddSeconds(50)); + certGen.SetSubjectDN(new X509Name(ord, values)); + certGen.SetPublicKey(pubKey); + certGen.SetSignatureAlgorithm("MD5WithRSAEncryption"); + certGen.AddExtension("2.5.29.15", true, + new X509KeyUsage(X509KeyUsage.EncipherOnly)); + certGen.AddExtension("2.5.29.37", true, + new DerSequence(KeyPurposeID.AnyExtendedKeyUsage)); + certGen.AddExtension("2.5.29.17", true, + new GeneralNames(new GeneralName(GeneralName.Rfc822Name, "test@test.test"))); + + cert = certGen.Generate(privKey); + + cert.CheckValidity(DateTime.UtcNow); + + cert.Verify(pubKey); + + cert = new X509CertificateParser().ReadCertificate(cert.GetEncoded()); + + if (!cert.GetKeyUsage()[7]) + { + Fail("error generating cert - key usage wrong."); + } + + IList l = cert.GetExtendedKeyUsage(); + if (!l[0].Equals(KeyPurposeID.AnyExtendedKeyUsage.Id)) + { + Fail("failed extended key usage test"); + } + + foreach (IList gn in cert.GetSubjectAlternativeNames()) + { + if (!gn[1].Equals("test@test.test")) + { + Fail("failed subject alternative names test"); + } + } + + // Console.WriteLine(cert); + + // + // create the certificate - version 1 + // + X509V1CertificateGenerator certGen1 = new X509V1CertificateGenerator(); + + certGen1.SetSerialNumber(BigInteger.One); + certGen1.SetIssuerDN(new X509Name(ord, values)); + certGen1.SetNotBefore(DateTime.UtcNow.AddSeconds(-50)); + certGen1.SetNotAfter(DateTime.UtcNow.AddSeconds(50)); + certGen1.SetSubjectDN(new X509Name(ord, values)); + certGen1.SetPublicKey(pubKey); + certGen1.SetSignatureAlgorithm("MD5WithRSAEncryption"); + + cert = certGen1.Generate(privKey); + + cert.CheckValidity(DateTime.UtcNow); + + cert.Verify(pubKey); + + cert = new X509CertificateParser().ReadCertificate(cert.GetEncoded()); + + // Console.WriteLine(cert); + if (!cert.IssuerDN.Equivalent(cert.SubjectDN)) + { + Fail("name comparison fails"); + } + } + + /** + * we Generate a self signed certificate for the sake of testing - DSA + */ + internal void checkCreation2() + { + // + // set up the keys + // + AsymmetricKeyParameter privKey; + AsymmetricKeyParameter pubKey; + + try + { +// KeyPairGenerator g = KeyPairGenerator.GetInstance("DSA", "SUN"); +// g.initialize(512, new SecureRandom()); +// KeyPair p = g.generateKeyPair(); + IAsymmetricCipherKeyPairGenerator g = GeneratorUtilities.GetKeyPairGenerator("DSA"); + DsaParametersGenerator dpg = new DsaParametersGenerator(); + dpg.Init(512, 25, new SecureRandom()); + g.Init(new DsaKeyGenerationParameters(new SecureRandom(), dpg.GenerateParameters())); + AsymmetricCipherKeyPair p = g.GenerateKeyPair(); + + privKey = p.Private; + pubKey = p.Public; + } + catch (Exception e) + { + Fail("error setting up keys - " + e.ToString()); + return; + } + + // + // distinguished name table. + // + IList ord = new ArrayList(); + ord.Add(X509Name.C); + ord.Add(X509Name.O); + ord.Add(X509Name.L); + ord.Add(X509Name.ST); + ord.Add(X509Name.E); + + IList values = new ArrayList(); + values.Add("AU"); + values.Add("The Legion of the Bouncy Castle"); + values.Add("Melbourne"); + values.Add("Victoria"); + values.Add("feedback-crypto@bouncycastle.org"); + + // + // extensions + // + + // + // create the certificate - version 3 + // + X509V3CertificateGenerator certGen = new X509V3CertificateGenerator(); + + certGen.SetSerialNumber(BigInteger.One); + certGen.SetIssuerDN(new X509Name(ord, values)); + certGen.SetNotBefore(DateTime.UtcNow.AddSeconds(-50)); + certGen.SetNotAfter(DateTime.UtcNow.AddSeconds(50)); + certGen.SetSubjectDN(new X509Name(ord, values)); + certGen.SetPublicKey(pubKey); + certGen.SetSignatureAlgorithm("SHA1withDSA"); + + try + { + X509Certificate cert = certGen.Generate(privKey); + + cert.CheckValidity(DateTime.UtcNow); + + cert.Verify(pubKey); + + cert = new X509CertificateParser().ReadCertificate(cert.GetEncoded()); + + // Console.WriteLine(cert); + } + catch (Exception e) + { + Fail("error setting generating cert - " + e.ToString()); + } + + // + // create the certificate - version 1 + // + X509V1CertificateGenerator certGen1 = new X509V1CertificateGenerator(); + + certGen1.SetSerialNumber(BigInteger.One); + certGen1.SetIssuerDN(new X509Name(ord, values)); + certGen1.SetNotBefore(DateTime.UtcNow.AddSeconds(-50)); + certGen1.SetNotAfter(DateTime.UtcNow.AddSeconds(50)); + certGen1.SetSubjectDN(new X509Name(ord, values)); + certGen1.SetPublicKey(pubKey); + certGen1.SetSignatureAlgorithm("SHA1withDSA"); + + try + { + X509Certificate cert = certGen1.Generate(privKey); + + cert.CheckValidity(DateTime.UtcNow); + + cert.Verify(pubKey); + + cert = new X509CertificateParser().ReadCertificate(cert.GetEncoded()); + + //Console.WriteLine(cert); + } + catch (Exception e) + { + Fail("error setting generating cert - " + e.ToString()); + } + + // + // exception test + // + try + { + certGen.SetPublicKey(dudPublicKey); + + Fail("key without encoding not detected in v1"); + } + catch (ArgumentException) + { + // expected + } + } + + /** + * we Generate a self signed certificate for the sake of testing - ECDSA + */ + internal void checkCreation3() + { + X9ECParameters x9 = ECNamedCurveTable.GetByName("prime239v1"); + ECCurve curve = x9.Curve; + ECDomainParameters spec = new ECDomainParameters(curve, x9.G, x9.N, x9.H); + + ECPrivateKeyParameters privKey = new ECPrivateKeyParameters( + "ECDSA", + new BigInteger("876300101507107567501066130761671078357010671067781776716671676178726717"), // d + spec); + + ECPublicKeyParameters pubKey = new ECPublicKeyParameters( + "ECDSA", + curve.DecodePoint(Hex.Decode("025b6dc53bc61a2548ffb0f671472de6c9521a9d2d2534e65abfcbd5fe0c70")), // Q + spec); + + // + // set up the keys + // +// AsymmetricKeyParameter privKey; +// AsymmetricKeyParameter pubKey; +// +// try +// { +// KeyFactory fact = KeyFactory.GetInstance("ECDSA"); +// +// privKey = fact.generatePrivate(privKeySpec); +// pubKey = fact.generatePublic(pubKeySpec); +// } +// catch (Exception e) +// { +// Fail("error setting up keys - " + e.ToString()); +// return; +// } + + // + // distinguished name table. + // + IDictionary attrs = new Hashtable(); + IList order = new ArrayList(); + + attrs.Add(X509Name.C, "AU"); + attrs.Add(X509Name.O, "The Legion of the Bouncy Castle"); + attrs.Add(X509Name.L, "Melbourne"); + attrs.Add(X509Name.ST, "Victoria"); + attrs.Add(X509Name.E, "feedback-crypto@bouncycastle.org"); + + order.Add(X509Name.C); + order.Add(X509Name.O); + order.Add(X509Name.L); + order.Add(X509Name.ST); + order.Add(X509Name.E); + + + // + // ToString test + // + X509Name p = new X509Name(order, attrs); + string s = p.ToString(); + + if (!s.Equals("C=AU,O=The Legion of the Bouncy Castle,L=Melbourne,ST=Victoria,E=feedback-crypto@bouncycastle.org")) + { + Fail("ordered X509Principal test failed - s = " + s + "."); + } + + // + // create the certificate - version 3 + // + X509V3CertificateGenerator certGen = new X509V3CertificateGenerator(); + + certGen.SetSerialNumber(BigInteger.One); + certGen.SetIssuerDN(new X509Name(order, attrs)); + certGen.SetNotBefore(DateTime.UtcNow.AddSeconds(-50)); + certGen.SetNotAfter(DateTime.UtcNow.AddSeconds(50)); + certGen.SetSubjectDN(new X509Name(order, attrs)); + certGen.SetPublicKey(pubKey); + certGen.SetSignatureAlgorithm("SHA1withECDSA"); + + try + { + X509Certificate cert = certGen.Generate(privKey); + + cert.CheckValidity(DateTime.UtcNow); + + cert.Verify(pubKey); + + X509CertificateParser fact = new X509CertificateParser(); + cert = fact.ReadCertificate(cert.GetEncoded()); + + // + // try with point compression turned off + // +// ((ECPointEncoder)pubKey).setPointFormat("UNCOMPRESSED"); + ECPoint q = pubKey.Q.Normalize(); + pubKey = new ECPublicKeyParameters( + pubKey.AlgorithmName, + q.Curve.CreatePoint(q.XCoord.ToBigInteger(), q.YCoord.ToBigInteger()), + pubKey.Parameters); + + certGen.SetPublicKey(pubKey); + + cert = certGen.Generate(privKey); + + cert.CheckValidity(DateTime.UtcNow); + + cert.Verify(pubKey); + + cert = fact.ReadCertificate(cert.GetEncoded()); + + // Console.WriteLine(cert); + } + catch (Exception e) + { + Fail("error setting generating cert - " + e.ToString()); + } + + X509Name pr = new X509Name("O=\"The Bouncy Castle, The Legion of\",E=feedback-crypto@bouncycastle.org,ST=Victoria,L=Melbourne,C=AU"); + + if (!pr.ToString().Equals("O=The Bouncy Castle\\, The Legion of,E=feedback-crypto@bouncycastle.org,ST=Victoria,L=Melbourne,C=AU")) + { + Fail("string based X509Principal test failed."); + } + + pr = new X509Name("O=The Bouncy Castle\\, The Legion of,E=feedback-crypto@bouncycastle.org,ST=Victoria,L=Melbourne,C=AU"); + + if (!pr.ToString().Equals("O=The Bouncy Castle\\, The Legion of,E=feedback-crypto@bouncycastle.org,ST=Victoria,L=Melbourne,C=AU")) + { + Fail("string based X509Principal test failed."); + } + } + + /** + * we Generate a self signed certificate for the sake of testing - SHA224withECDSA + */ + private void createECCert( + string algorithm, + DerObjectIdentifier algOid) + { + X9ECParameters x9 = ECNamedCurveTable.GetByName("secp521r1"); + ECCurve curve = x9.Curve; + ECDomainParameters spec = new ECDomainParameters(curve, x9.G, x9.N, x9.H); + + ECPrivateKeyParameters privKey = new ECPrivateKeyParameters( + "ECDSA", + new BigInteger("5769183828869504557786041598510887460263120754767955773309066354712783118202294874205844512909370791582896372147797293913785865682804434049019366394746072023"), // d + spec); + + ECPublicKeyParameters pubKey = new ECPublicKeyParameters( + "ECDSA", +// curve.DecodePoint(Hex.Decode("026BFDD2C9278B63C92D6624F151C9D7A822CC75BD983B17D25D74C26740380022D3D8FAF304781E416175EADF4ED6E2B47142D2454A7AC7801DD803CF44A4D1F0AC")), // Q + curve.DecodePoint(Hex.Decode("02006BFDD2C9278B63C92D6624F151C9D7A822CC75BD983B17D25D74C26740380022D3D8FAF304781E416175EADF4ED6E2B47142D2454A7AC7801DD803CF44A4D1F0AC")), // Q + spec); + +// // +// // set up the keys +// // +// AsymmetricKeyParameter privKey; +// AsymmetricKeyParameter pubKey; +// +// KeyFactory fact = KeyFactory.GetInstance("ECDSA"); +// +// privKey = fact.generatePrivate(privKeySpec); +// pubKey = fact.generatePublic(pubKeySpec); + + + // + // distinguished name table. + // + IDictionary attrs = new Hashtable(); + IList order = new ArrayList(); + + attrs.Add(X509Name.C, "AU"); + attrs.Add(X509Name.O, "The Legion of the Bouncy Castle"); + attrs.Add(X509Name.L, "Melbourne"); + attrs.Add(X509Name.ST, "Victoria"); + attrs.Add(X509Name.E, "feedback-crypto@bouncycastle.org"); + + order.Add(X509Name.C); + order.Add(X509Name.O); + order.Add(X509Name.L); + order.Add(X509Name.ST); + order.Add(X509Name.E); + + // + // create the certificate - version 3 + // + X509V3CertificateGenerator certGen = new X509V3CertificateGenerator(); + + certGen.SetSerialNumber(BigInteger.One); + certGen.SetIssuerDN(new X509Name(order, attrs)); + certGen.SetNotBefore(DateTime.UtcNow.AddSeconds(-50)); + certGen.SetNotAfter(DateTime.UtcNow.AddSeconds(50)); + certGen.SetSubjectDN(new X509Name(order, attrs)); + certGen.SetPublicKey(pubKey); + certGen.SetSignatureAlgorithm(algorithm); + + + X509Certificate cert = certGen.Generate(privKey); + + cert.CheckValidity(DateTime.UtcNow); + + cert.Verify(pubKey); + + X509CertificateParser fact = new X509CertificateParser(); + cert = fact.ReadCertificate(cert.GetEncoded()); + + // + // try with point compression turned off + // +// ((ECPointEncoder)pubKey).setPointFormat("UNCOMPRESSED"); + ECPoint q = pubKey.Q.Normalize(); + pubKey = new ECPublicKeyParameters( + pubKey.AlgorithmName, + q.Curve.CreatePoint(q.XCoord.ToBigInteger(), q.YCoord.ToBigInteger()), + pubKey.Parameters); + + certGen.SetPublicKey(pubKey); + + cert = certGen.Generate(privKey); + + cert.CheckValidity(DateTime.UtcNow); + + cert.Verify(pubKey); + + cert = fact.ReadCertificate(cert.GetEncoded()); + + if (!cert.SigAlgOid.Equals(algOid.ToString())) + { + Fail("ECDSA oid incorrect."); + } + + if (cert.GetSigAlgParams() != null) + { + Fail("sig parameters present"); + } + + ISigner sig = SignerUtilities.GetSigner(algorithm); + + sig.Init(false, pubKey); + + byte[] b = cert.GetTbsCertificate(); + sig.BlockUpdate(b, 0, b.Length); + + if (!sig.VerifySignature(cert.GetSignature())) + { + Fail("EC certificate signature not mapped correctly."); + } + // Console.WriteLine(cert); + } + + private void checkCrl( + int id, + byte[] bytes) + { + string dump = ""; + + try + { + X509Crl cert = new X509CrlParser().ReadCrl(bytes); + + // Console.WriteLine(cert); + } + catch (Exception e) + { + Fail(dump + SimpleTest.NewLine + Name + ": "+ id + " failed - exception " + e.Message, e); + } + + } + + private void checkCrlCreation1() + { + IAsymmetricCipherKeyPairGenerator kpGen = GeneratorUtilities.GetKeyPairGenerator("RSA"); + kpGen.Init( + new RsaKeyGenerationParameters( + BigInteger.ValueOf(0x10001), new SecureRandom(), 768, 25)); + + X509V2CrlGenerator crlGen = new X509V2CrlGenerator(); + DateTime now = DateTime.UtcNow; + AsymmetricCipherKeyPair pair = kpGen.GenerateKeyPair(); + + crlGen.SetIssuerDN(new X509Name("CN=Test CA")); + + crlGen.SetThisUpdate(now); + crlGen.SetNextUpdate(now.AddSeconds(100)); + crlGen.SetSignatureAlgorithm("SHA256WithRSAEncryption"); + + crlGen.AddCrlEntry(BigInteger.One, now, CrlReason.PrivilegeWithdrawn); + + crlGen.AddExtension(X509Extensions.AuthorityKeyIdentifier, false, + new AuthorityKeyIdentifierStructure(pair.Public)); + + X509Crl crl = crlGen.Generate(pair.Private); + + if (!crl.IssuerDN.Equivalent(new X509Name("CN=Test CA"), true)) + { + Fail("failed CRL issuer test"); + } + + Asn1OctetString authExt = crl.GetExtensionValue(X509Extensions.AuthorityKeyIdentifier); + + if (authExt == null) + { + Fail("failed to find CRL extension"); + } + + AuthorityKeyIdentifier authId = new AuthorityKeyIdentifierStructure(authExt); + + X509CrlEntry entry = crl.GetRevokedCertificate(BigInteger.One); + + if (entry == null) + { + Fail("failed to find CRL entry"); + } + + if (!entry.SerialNumber.Equals(BigInteger.One)) + { + Fail("CRL cert serial number does not match"); + } + + if (!entry.HasExtensions) + { + Fail("CRL entry extension not found"); + } + + Asn1OctetString ext = entry.GetExtensionValue(X509Extensions.ReasonCode); + + if (ext != null) + { + DerEnumerated reasonCode = (DerEnumerated)X509ExtensionUtilities.FromExtensionValue(ext); + + if (!reasonCode.HasValue(CrlReason.PrivilegeWithdrawn)) + { + Fail("CRL entry reasonCode wrong"); + } + } + else + { + Fail("CRL entry reasonCode not found"); + } + } + + private void checkCrlCreation2() + { + IAsymmetricCipherKeyPairGenerator kpGen = GeneratorUtilities.GetKeyPairGenerator("RSA"); + kpGen.Init( + new RsaKeyGenerationParameters( + BigInteger.ValueOf(0x10001), new SecureRandom(), 768, 25)); + + X509V2CrlGenerator crlGen = new X509V2CrlGenerator(); + DateTime now = DateTime.UtcNow; + AsymmetricCipherKeyPair pair = kpGen.GenerateKeyPair(); + + crlGen.SetIssuerDN(new X509Name("CN=Test CA")); + + crlGen.SetThisUpdate(now); + crlGen.SetNextUpdate(now.AddSeconds(100)); + crlGen.SetSignatureAlgorithm("SHA256WithRSAEncryption"); + + IList extOids = new ArrayList(); + IList extValues = new ArrayList(); + + CrlReason crlReason = new CrlReason(CrlReason.PrivilegeWithdrawn); + + try + { + extOids.Add(X509Extensions.ReasonCode); + extValues.Add(new X509Extension(false, new DerOctetString(crlReason.GetEncoded()))); + } + catch (IOException e) + { + throw new ArgumentException("error encoding reason: " + e); + } + + X509Extensions entryExtensions = new X509Extensions(extOids, extValues); + + crlGen.AddCrlEntry(BigInteger.One, now, entryExtensions); + + crlGen.AddExtension(X509Extensions.AuthorityKeyIdentifier, false, new AuthorityKeyIdentifierStructure(pair.Public)); + + X509Crl crl = crlGen.Generate(pair.Private); + + if (!crl.IssuerDN.Equivalent(new X509Name("CN=Test CA"), true)) + { + Fail("failed CRL issuer test"); + } + + Asn1OctetString authExt = crl.GetExtensionValue(X509Extensions.AuthorityKeyIdentifier); + + if (authExt == null) + { + Fail("failed to find CRL extension"); + } + + AuthorityKeyIdentifier authId = new AuthorityKeyIdentifierStructure(authExt); + + X509CrlEntry entry = crl.GetRevokedCertificate(BigInteger.One); + + if (entry == null) + { + Fail("failed to find CRL entry"); + } + + if (!entry.SerialNumber.Equals(BigInteger.One)) + { + Fail("CRL cert serial number does not match"); + } + + if (!entry.HasExtensions) + { + Fail("CRL entry extension not found"); + } + + Asn1OctetString ext = entry.GetExtensionValue(X509Extensions.ReasonCode); + + if (ext != null) + { + DerEnumerated reasonCode = (DerEnumerated)X509ExtensionUtilities.FromExtensionValue(ext); + + if (!reasonCode.HasValue(CrlReason.PrivilegeWithdrawn)) + { + Fail("CRL entry reasonCode wrong"); + } + } + else + { + Fail("CRL entry reasonCode not found"); + } + } + + private void checkCrlCreation3() + { + IAsymmetricCipherKeyPairGenerator kpGen = GeneratorUtilities.GetKeyPairGenerator("RSA"); + kpGen.Init( + new RsaKeyGenerationParameters( + BigInteger.ValueOf(0x10001), new SecureRandom(), 768, 25)); + + X509V2CrlGenerator crlGen = new X509V2CrlGenerator(); + DateTime now = DateTime.UtcNow; + AsymmetricCipherKeyPair pair = kpGen.GenerateKeyPair(); + + crlGen.SetIssuerDN(new X509Name("CN=Test CA")); + + crlGen.SetThisUpdate(now); + crlGen.SetNextUpdate(now.AddSeconds(100)); + crlGen.SetSignatureAlgorithm("SHA256WithRSAEncryption"); + + IList extOids = new ArrayList(); + IList extValues = new ArrayList(); + + CrlReason crlReason = new CrlReason(CrlReason.PrivilegeWithdrawn); + + try + { + extOids.Add(X509Extensions.ReasonCode); + extValues.Add(new X509Extension(false, new DerOctetString(crlReason.GetEncoded()))); + } + catch (IOException e) + { + throw new ArgumentException("error encoding reason: " + e); + } + + X509Extensions entryExtensions = new X509Extensions(extOids, extValues); + + crlGen.AddCrlEntry(BigInteger.One, now, entryExtensions); + + crlGen.AddExtension(X509Extensions.AuthorityKeyIdentifier, false, new AuthorityKeyIdentifierStructure(pair.Public)); + + X509Crl crl = crlGen.Generate(pair.Private); + + if (!crl.IssuerDN.Equivalent(new X509Name("CN=Test CA"), true)) + { + Fail("failed CRL issuer test"); + } + + Asn1OctetString authExt = crl.GetExtensionValue(X509Extensions.AuthorityKeyIdentifier); + + if (authExt == null) + { + Fail("failed to find CRL extension"); + } + + AuthorityKeyIdentifier authId = new AuthorityKeyIdentifierStructure(authExt); + + X509CrlEntry entry = crl.GetRevokedCertificate(BigInteger.One); + + if (entry == null) + { + Fail("failed to find CRL entry"); + } + + if (!entry.SerialNumber.Equals(BigInteger.One)) + { + Fail("CRL cert serial number does not match"); + } + + if (!entry.HasExtensions) + { + Fail("CRL entry extension not found"); + } + + Asn1OctetString ext = entry.GetExtensionValue(X509Extensions.ReasonCode); + + if (ext != null) + { + DerEnumerated reasonCode = (DerEnumerated)X509ExtensionUtilities.FromExtensionValue(ext); + + if (!reasonCode.HasValue(CrlReason.PrivilegeWithdrawn)) + { + Fail("CRL entry reasonCode wrong"); + } + } + else + { + Fail("CRL entry reasonCode not found"); + } + + // + // check loading of existing CRL + // + crlGen = new X509V2CrlGenerator(); + now = DateTime.UtcNow; + + crlGen.SetIssuerDN(new X509Name("CN=Test CA")); + + crlGen.SetThisUpdate(now); + crlGen.SetNextUpdate(now.AddSeconds(100)); + crlGen.SetSignatureAlgorithm("SHA256WithRSAEncryption"); + + crlGen.AddCrl(crl); + + crlGen.AddCrlEntry(BigInteger.Two, now, entryExtensions); + + crlGen.AddExtension(X509Extensions.AuthorityKeyIdentifier, false, new AuthorityKeyIdentifierStructure(pair.Public)); + + X509Crl newCrl = crlGen.Generate(pair.Private); + + int count = 0; + bool oneFound = false; + bool twoFound = false; + + foreach (X509CrlEntry crlEnt in newCrl.GetRevokedCertificates()) + { + if (crlEnt.SerialNumber.IntValue == 1) + { + oneFound = true; + Asn1OctetString extn = entry.GetExtensionValue(X509Extensions.ReasonCode); + + if (extn != null) + { + DerEnumerated reasonCode = (DerEnumerated)X509ExtensionUtilities.FromExtensionValue(extn); + + if (!reasonCode.HasValue(CrlReason.PrivilegeWithdrawn)) + { + Fail("CRL entry reasonCode wrong"); + } + } + else + { + Fail("CRL entry reasonCode not found"); + } + } + else if (crlEnt.SerialNumber.IntValue == 2) + { + twoFound = true; + } + + count++; + } + + if (count != 2) + { + Fail("wrong number of CRLs found"); + } + + if (!oneFound || !twoFound) + { + Fail("wrong CRLs found in copied list"); + } + + // + // check factory read back + // + X509Crl readCrl = new X509CrlParser().ReadCrl(newCrl.GetEncoded()); + + if (readCrl == null) + { + Fail("crl not returned!"); + } + +// ICollection col = cFact.generateCRLs(new ByteArrayInputStream(newCrl.getEncoded())); + ICollection col = new X509CrlParser().ReadCrls(newCrl.GetEncoded()); + + if (col.Count != 1) + { + Fail("wrong number of CRLs found in collection"); + } + } + + /** + * we Generate a self signed certificate for the sake of testing - GOST3410 + */ + internal void checkCreation4() + { + // + // set up the keys + // + AsymmetricKeyParameter privKey; + AsymmetricKeyParameter pubKey; + +// GOST3410ParameterSpec gost3410P = new GOST3410ParameterSpec("GostR3410-94-CryptoPro-A"); +// g.initialize(gost3410P, new SecureRandom()); + IAsymmetricCipherKeyPairGenerator g = GeneratorUtilities.GetKeyPairGenerator("GOST3410"); + g.Init( + new Gost3410KeyGenerationParameters( + new SecureRandom(), + CryptoProObjectIdentifiers.GostR3410x94CryptoProA)); + + AsymmetricCipherKeyPair p = g.GenerateKeyPair(); + + privKey = p.Private; + pubKey = p.Public; + + // + // distinguished name table. + // + IDictionary attrs = new Hashtable(); + attrs.Add(X509Name.C, "AU"); + attrs.Add(X509Name.O, "The Legion of the Bouncy Castle"); + attrs.Add(X509Name.L, "Melbourne"); + attrs.Add(X509Name.ST, "Victoria"); + attrs.Add(X509Name.E, "feedback-crypto@bouncycastle.org"); + + IList order = new ArrayList(); + order.Add(X509Name.C); + order.Add(X509Name.O); + order.Add(X509Name.L); + order.Add(X509Name.ST); + order.Add(X509Name.E); + + // + // extensions + // + + // + // create the certificate - version 3 + // + X509V3CertificateGenerator certGen = new X509V3CertificateGenerator(); + + certGen.SetSerialNumber(BigInteger.One); + certGen.SetIssuerDN(new X509Name(order, attrs)); + certGen.SetNotBefore(DateTime.UtcNow.AddSeconds(-50)); + certGen.SetNotAfter(DateTime.UtcNow.AddSeconds(50)); + certGen.SetSubjectDN(new X509Name(order, attrs)); + certGen.SetPublicKey(pubKey); + certGen.SetSignatureAlgorithm("GOST3411withGOST3410"); + + X509Certificate cert = certGen.Generate(privKey); + + cert.CheckValidity(DateTime.UtcNow); + + // + // check verifies in general + // + cert.Verify(pubKey); + + // + // check verifies with contained key + // + cert.Verify(cert.GetPublicKey()); + + cert = new X509CertificateParser().ReadCertificate(cert.GetEncoded()); + + //Console.WriteLine(cert); + + //check getEncoded() + byte[] bytesch = cert.GetEncoded(); + } + + internal void checkCreation5() + { + // + // a sample key pair. + // + RsaKeyParameters pubKey = new RsaKeyParameters( + false, + new BigInteger("b4a7e46170574f16a97082b22be58b6a2a629798419be12872a4bdba626cfae9900f76abfb12139dce5de56564fab2b6543165a040c606887420e33d91ed7ed7", 16), + new BigInteger("11", 16)); + + RsaPrivateCrtKeyParameters privKey = new RsaPrivateCrtKeyParameters( + new BigInteger("b4a7e46170574f16a97082b22be58b6a2a629798419be12872a4bdba626cfae9900f76abfb12139dce5de56564fab2b6543165a040c606887420e33d91ed7ed7", 16), + new BigInteger("11", 16), + new BigInteger("9f66f6b05410cd503b2709e88115d55daced94d1a34d4e32bf824d0dde6028ae79c5f07b580f5dce240d7111f7ddb130a7945cd7d957d1920994da389f490c89", 16), + new BigInteger("c0a0758cdf14256f78d4708c86becdead1b50ad4ad6c5c703e2168fbf37884cb", 16), + new BigInteger("f01734d7960ea60070f1b06f2bb81bfac48ff192ae18451d5e56c734a5aab8a5", 16), + new BigInteger("b54bb9edff22051d9ee60f9351a48591b6500a319429c069a3e335a1d6171391", 16), + new BigInteger("d3d83daf2a0cecd3367ae6f8ae1aeb82e9ac2f816c6fc483533d8297dd7884cd", 16), + new BigInteger("b8f52fc6f38593dabb661d3f50f8897f8106eee68b1bce78a95b132b4e5b5d19", 16)); + + // + // set up the keys + // + SecureRandom rand = new SecureRandom(); +// AsymmetricKeyParameter privKey; +// AsymmetricKeyParameter pubKey; +// +// KeyFactory fact = KeyFactory.GetInstance("RSA"); +// +// privKey = fact.generatePrivate(privKeySpec); +// pubKey = fact.generatePublic(pubKeySpec); + + // + // distinguished name table. + // + IList ord = new ArrayList(); + ord.Add(X509Name.C); + ord.Add(X509Name.O); + ord.Add(X509Name.L); + ord.Add(X509Name.ST); + ord.Add(X509Name.E); + + IList values = new ArrayList(); + values.Add("AU"); + values.Add("The Legion of the Bouncy Castle"); + values.Add("Melbourne"); + values.Add("Victoria"); + values.Add("feedback-crypto@bouncycastle.org"); + + // + // create base certificate - version 3 + // + X509V3CertificateGenerator certGen = new X509V3CertificateGenerator(); + + certGen.SetSerialNumber(BigInteger.One); + certGen.SetIssuerDN(new X509Name(ord, values)); + certGen.SetNotBefore(DateTime.UtcNow.AddSeconds(-50)); + certGen.SetNotAfter(DateTime.UtcNow.AddSeconds(50)); + certGen.SetSubjectDN(new X509Name(ord, values)); + certGen.SetPublicKey(pubKey); + certGen.SetSignatureAlgorithm("MD5WithRSAEncryption"); + certGen.AddExtension("2.5.29.15", true, + new X509KeyUsage(X509KeyUsage.EncipherOnly)); + certGen.AddExtension("2.5.29.37", true, + new DerSequence(KeyPurposeID.AnyExtendedKeyUsage)); + certGen.AddExtension("2.5.29.17", true, + new GeneralNames(new GeneralName(GeneralName.Rfc822Name, "test@test.test"))); + + X509Certificate baseCert = certGen.Generate(privKey); + + // + // copy certificate + // + certGen = new X509V3CertificateGenerator(); + + certGen.SetSerialNumber(BigInteger.One); + certGen.SetIssuerDN(new X509Name(ord, values)); + certGen.SetNotBefore(DateTime.UtcNow.AddSeconds(-50)); + certGen.SetNotAfter(DateTime.UtcNow.AddSeconds(50)); + certGen.SetSubjectDN(new X509Name(ord, values)); + certGen.SetPublicKey(pubKey); + certGen.SetSignatureAlgorithm("MD5WithRSAEncryption"); + + certGen.CopyAndAddExtension(new DerObjectIdentifier("2.5.29.15"), true, baseCert); + certGen.CopyAndAddExtension("2.5.29.37", false, baseCert); + + X509Certificate cert = certGen.Generate(privKey); + + cert.CheckValidity(DateTime.UtcNow); + + cert.Verify(pubKey); + + DerObjectIdentifier oid1 = new DerObjectIdentifier("2.5.29.15"); + if (!baseCert.GetExtensionValue(oid1).Equals(cert.GetExtensionValue(oid1))) + { + Fail("2.5.29.15 differs"); + } + + DerObjectIdentifier oid2 = new DerObjectIdentifier("2.5.29.37"); + if (!baseCert.GetExtensionValue(oid2).Equals(cert.GetExtensionValue(oid2))) + { + Fail("2.5.29.37 differs"); + } + + // + // exception test + // + try + { + certGen.CopyAndAddExtension("2.5.99.99", true, baseCert); + + Fail("exception not thrown on dud extension copy"); + } + catch (CertificateParsingException) + { + // expected + } + + try + { + certGen.SetPublicKey(dudPublicKey); + + certGen.Generate(privKey); + + Fail("key without encoding not detected in v3"); + } + catch (ArgumentException) + { + // expected + } + } + + private void doTestForgedSignature() + { + string cert = "MIIBsDCCAVoCAQYwDQYJKoZIhvcNAQEFBQAwYzELMAkGA1UEBhMCQVUxEzARBgNV" + + "BAgTClF1ZWVuc2xhbmQxGjAYBgNVBAoTEUNyeXB0U29mdCBQdHkgTHRkMSMwIQYD" + + "VQQDExpTZXJ2ZXIgdGVzdCBjZXJ0ICg1MTIgYml0KTAeFw0wNjA5MTEyMzU4NTVa" + + "Fw0wNjEwMTEyMzU4NTVaMGMxCzAJBgNVBAYTAkFVMRMwEQYDVQQIEwpRdWVlbnNs" + + "YW5kMRowGAYDVQQKExFDcnlwdFNvZnQgUHR5IEx0ZDEjMCEGA1UEAxMaU2VydmVy" + + "IHRlc3QgY2VydCAoNTEyIGJpdCkwXDANBgkqhkiG9w0BAQEFAANLADBIAkEAn7PD" + + "hCeV/xIxUg8V70YRxK2A5jZbD92A12GN4PxyRQk0/lVmRUNMaJdq/qigpd9feP/u" + + "12S4PwTLb/8q/v657QIDAQABMA0GCSqGSIb3DQEBBQUAA0EAbynCRIlUQgaqyNgU" + + "DF6P14yRKUtX8akOP2TwStaSiVf/akYqfLFm3UGka5XbPj4rifrZ0/sOoZEEBvHQ" + + "e20sRA=="; + + X509Certificate x509 = new X509CertificateParser().ReadCertificate(Base64.Decode(cert)); + + try + { + x509.Verify(x509.GetPublicKey()); + + Fail("forged RSA signature passed"); + } + catch (Exception) + { + // expected + } + } + + private void pemTest() + { + X509Certificate cert = readPemCert(PemData.CERTIFICATE_1); + if (cert == null) + { + Fail("PEM cert not read"); + } + cert = readPemCert("-----BEGIN CERTIFICATE-----" + PemData.CERTIFICATE_2); + if (cert == null) + { + Fail("PEM cert with extraneous header not read"); + } + X509Crl crl = new X509CrlParser().ReadCrl(Encoding.ASCII.GetBytes(PemData.CRL_1)); + if (crl == null) + { + Fail("PEM crl not read"); + } + ArrayList col = new ArrayList( + new X509CertificateParser().ReadCertificates(Encoding.ASCII.GetBytes(PemData.CERTIFICATE_2))); + if (col.Count != 1 || !col.Contains(cert)) + { + Fail("PEM cert collection not right"); + } + col = new ArrayList( + new X509CrlParser().ReadCrls(Encoding.ASCII.GetBytes(PemData.CRL_2))); + if (col.Count != 1 || !col.Contains(crl)) + { + Fail("PEM crl collection not right"); + } + } + + private static X509Certificate readPemCert( + string pemData) + { + return new X509CertificateParser().ReadCertificate(Encoding.ASCII.GetBytes(pemData)); + } + + private void pkcs7Test() + { + Asn1Encodable rootCert = Asn1Object.FromByteArray(CertPathTest.rootCertBin); + Asn1Encodable rootCrl = Asn1Object.FromByteArray(CertPathTest.rootCrlBin); + + X509CertificateParser certParser = new X509CertificateParser(); + X509CrlParser crlParser = new X509CrlParser(); + + SignedData sigData = new SignedData( + DerSet.Empty, + new ContentInfo(CmsObjectIdentifiers.Data, null), + new DerSet( + rootCert, + new DerTaggedObject(false, 2, Asn1Object.FromByteArray(AttrCertTest.attrCert))), + new DerSet(rootCrl), + DerSet.Empty); + + ContentInfo info = new ContentInfo(CmsObjectIdentifiers.SignedData, sigData); + + X509Certificate cert = certParser.ReadCertificate(info.GetEncoded()); + if (cert == null || !AreEqual(cert.GetEncoded(), rootCert.ToAsn1Object().GetEncoded())) + { + Fail("PKCS7 cert not read"); + } + X509Crl crl = crlParser.ReadCrl(info.GetEncoded()); + if (crl == null || !AreEqual(crl.GetEncoded(), rootCrl.ToAsn1Object().GetEncoded())) + { + Fail("PKCS7 crl not read"); + } + ArrayList col = new ArrayList(certParser.ReadCertificates(info.GetEncoded())); + if (col.Count != 1 || !col.Contains(cert)) + { + Fail("PKCS7 cert collection not right"); + } + col = new ArrayList(crlParser.ReadCrls(info.GetEncoded())); + if (col.Count != 1 || !col.Contains(crl)) + { + Fail("PKCS7 crl collection not right"); + } + + // data with no certificates or CRLs + + sigData = new SignedData(DerSet.Empty, new ContentInfo(CmsObjectIdentifiers.Data, null), DerSet.Empty, DerSet.Empty, DerSet.Empty); + + info = new ContentInfo(CmsObjectIdentifiers.SignedData, sigData); + + cert = certParser.ReadCertificate(info.GetEncoded()); + if (cert != null) + { + Fail("PKCS7 cert present"); + } + crl = crlParser.ReadCrl(info.GetEncoded()); + if (crl != null) + { + Fail("PKCS7 crl present"); + } + + // data with absent certificates and CRLS + + sigData = new SignedData(DerSet.Empty, new ContentInfo(CmsObjectIdentifiers.Data, null), null, null, DerSet.Empty); + + info = new ContentInfo(CmsObjectIdentifiers.SignedData, sigData); + + cert = certParser.ReadCertificate(info.GetEncoded()); + if (cert != null) + { + Fail("PKCS7 cert present"); + } + crl = crlParser.ReadCrl(info.GetEncoded()); + if (crl != null) + { + Fail("PKCS7 crl present"); + } + + // + // sample message + // + ICollection certCol = certParser.ReadCertificates(pkcs7CrlProblem); + ICollection crlCol = crlParser.ReadCrls(pkcs7CrlProblem); + + if (crlCol.Count != 0) + { + Fail("wrong number of CRLs: " + crlCol.Count); + } + + if (certCol.Count != 4) + { + Fail("wrong number of Certs: " + certCol.Count); + } + } + + private void createPssCert( + string algorithm) + { + AsymmetricCipherKeyPair keyPair = GenerateLongFixedKeys(); + + AsymmetricKeyParameter privKey = keyPair.Private; + AsymmetricKeyParameter pubKey = keyPair.Public; + + // + // distinguished name table. + // + IList ord = new ArrayList(); + ord.Add(X509Name.C); + ord.Add(X509Name.O); + ord.Add(X509Name.L); + ord.Add(X509Name.ST); + ord.Add(X509Name.E); + + IList values = new ArrayList(); + values.Add("AU"); + values.Add("The Legion of the Bouncy Castle"); + values.Add("Melbourne"); + values.Add("Victoria"); + values.Add("feedback-crypto@bouncycastle.org"); + + // + // create base certificate - version 3 + // + X509V3CertificateGenerator certGen = new X509V3CertificateGenerator(); + + certGen.SetSerialNumber(BigInteger.One); + certGen.SetIssuerDN(new X509Name(ord, values)); + certGen.SetNotBefore(DateTime.UtcNow.AddSeconds(-50)); + certGen.SetNotAfter(DateTime.UtcNow.AddSeconds(50)); + certGen.SetSubjectDN(new X509Name(ord, values)); + certGen.SetPublicKey(pubKey); + certGen.SetSignatureAlgorithm(algorithm); + certGen.AddExtension("2.5.29.15", true, + new X509KeyUsage(X509KeyUsage.EncipherOnly)); + certGen.AddExtension("2.5.29.37", true, + new DerSequence(KeyPurposeID.AnyExtendedKeyUsage)); + certGen.AddExtension("2.5.29.17", true, + new GeneralNames(new GeneralName(GeneralName.Rfc822Name, "test@test.test"))); + + X509Certificate baseCert = certGen.Generate(privKey); + + baseCert.Verify(pubKey); + } + + private static AsymmetricCipherKeyPair GenerateLongFixedKeys() + { +// RSAPublicKeySpec pubKeySpec = new RSAPublicKeySpec( + RsaKeyParameters pubKey = new RsaKeyParameters(false, + new BigInteger("a56e4a0e701017589a5187dc7ea841d156f2ec0e36ad52a44dfeb1e61f7ad991d8c51056ffedb162b4c0f283a12a88a394dff526ab7291cbb307ceabfce0b1dfd5cd9508096d5b2b8b6df5d671ef6377c0921cb23c270a70e2598e6ff89d19f105acc2d3f0cb35f29280e1386b6f64c4ef22e1e1f20d0ce8cffb2249bd9a2137",16), + new BigInteger("010001",16)); + +// RSAPrivateCrtKeySpec privKeySpec = new RSAPrivateCrtKeySpec( + RsaPrivateCrtKeyParameters privKey = new RsaPrivateCrtKeyParameters( + new BigInteger("a56e4a0e701017589a5187dc7ea841d156f2ec0e36ad52a44dfeb1e61f7ad991d8c51056ffedb162b4c0f283a12a88a394dff526ab7291cbb307ceabfce0b1dfd5cd9508096d5b2b8b6df5d671ef6377c0921cb23c270a70e2598e6ff89d19f105acc2d3f0cb35f29280e1386b6f64c4ef22e1e1f20d0ce8cffb2249bd9a2137",16), + new BigInteger("010001",16), + new BigInteger("33a5042a90b27d4f5451ca9bbbd0b44771a101af884340aef9885f2a4bbe92e894a724ac3c568c8f97853ad07c0266c8c6a3ca0929f1e8f11231884429fc4d9ae55fee896a10ce707c3ed7e734e44727a39574501a532683109c2abacaba283c31b4bd2f53c3ee37e352cee34f9e503bd80c0622ad79c6dcee883547c6a3b325",16), + new BigInteger("e7e8942720a877517273a356053ea2a1bc0c94aa72d55c6e86296b2dfc967948c0a72cbccca7eacb35706e09a1df55a1535bd9b3cc34160b3b6dcd3eda8e6443",16), + new BigInteger("b69dca1cf7d4d7ec81e75b90fcca874abcde123fd2700180aa90479b6e48de8d67ed24f9f19d85ba275874f542cd20dc723e6963364a1f9425452b269a6799fd",16), + new BigInteger("28fa13938655be1f8a159cbaca5a72ea190c30089e19cd274a556f36c4f6e19f554b34c077790427bbdd8dd3ede2448328f385d81b30e8e43b2fffa027861979",16), + new BigInteger("1a8b38f398fa712049898d7fb79ee0a77668791299cdfa09efc0e507acb21ed74301ef5bfd48be455eaeb6e1678255827580a8e4e8e14151d1510a82a3f2e729",16), + new BigInteger("27156aba4126d24a81f3a528cbfb27f56886f840a9f6e86e17a44b94fe9319584b8e22fdde1e5a2e3bd8aa5ba8d8584194eb2190acf832b847f13a3d24a79f4d",16)); + +// KeyFactory fact = KeyFactory.getInstance("RSA", "BC"); +// +// PrivateKey privKey = fact.generatePrivate(privKeySpec); +// PublicKey pubKey = fact.generatePublic(pubKeySpec); + + return new AsymmetricCipherKeyPair(pubKey, privKey); + } + + private void rfc4491Test() + { + X509CertificateParser certFact = new X509CertificateParser(); + + X509Certificate x509 = certFact.ReadCertificate(new MemoryStream(gostRFC4491_94, false)); + + x509.Verify(x509.GetPublicKey()); + + x509 = (X509Certificate)certFact.ReadCertificate(new MemoryStream(gostRFC4491_2001, false)); + + x509.Verify(x509.GetPublicKey()); + } + + private void doTestNullDerNullCert() + { + AsymmetricCipherKeyPair keyPair = GenerateLongFixedKeys(); + + AsymmetricKeyParameter pubKey = keyPair.Public; + AsymmetricKeyParameter privKey = keyPair.Private; + + X509V3CertificateGenerator certGen = new X509V3CertificateGenerator(); + + certGen.SetSerialNumber(BigInteger.One); + certGen.SetIssuerDN(new X509Name("CN=Test")); + certGen.SetNotBefore(DateTime.UtcNow.AddSeconds(-50)); + certGen.SetNotAfter(DateTime.UtcNow.AddSeconds(50)); + certGen.SetSubjectDN(new X509Name("CN=Test")); + certGen.SetPublicKey(pubKey); + certGen.SetSignatureAlgorithm("MD5WithRSAEncryption"); + X509Certificate cert = certGen.Generate(privKey); + + X509CertificateStructure certStruct = X509CertificateStructure.GetInstance( + Asn1Object.FromByteArray(cert.GetEncoded())); + + Asn1Encodable tbsCertificate = certStruct.TbsCertificate; + AlgorithmIdentifier sig = certStruct.SignatureAlgorithm; + + DerSequence seq = new DerSequence( + tbsCertificate, + new AlgorithmIdentifier(sig.Algorithm), + certStruct.Signature); + + try + { + // verify + byte[] encoded = seq.GetEncoded(); + X509CertificateParser fact = new X509CertificateParser(); + cert = fact.ReadCertificate(encoded); + cert.Verify(cert.GetPublicKey()); + } + catch (Exception e) + { + Fail("doTestNullDerNull failed - exception " + e.ToString(), e); + } + } + + private void pemFileTest() + { + X509CertificateParser fact = new X509CertificateParser(); + + ICollection certs1 = fact.ReadCertificates(GetTestDataAsStream("cert_chain.data")); + IsTrue("certs wrong ", 2 == certs1.Count); + + MemoryStream input = new MemoryStream(Streams.ReadAll(GetTestDataAsStream("cert_chain.data")), false); + + ISet certs2 = new HashSet(); + while (input.Position < input.Length) + { + X509Certificate c = fact.ReadCertificate(input); + + // this isn't strictly correct with the way it's defined in the Java JavaDoc - need it for backward + // compatibility. + if (c != null) + { + certs2.Add(c); + } + } + IsTrue("certs size ", certs1.Count == certs2.Count); + + certs2.RemoveAll(certs1); + IsTrue("collection not empty", certs2.Count == 0); + } + + private void invalidCrls() + { + X509CrlParser crlParser = new X509CrlParser(); + + ICollection crls = crlParser.ReadCrls(GetTestDataAsStream("cert_chain.data")); + IsTrue("multi crl", crls.Count == 0); + + X509Crl crl = crlParser.ReadCrl(GetTestDataAsStream("cert_chain.data")); + IsTrue("single crl", crl == null); + } + + private void pemFileTestWithNl() + { + X509CertificateParser fact = new X509CertificateParser(); + + ICollection certs1 = fact.ReadCertificates(GetTestDataAsStream("cert_chain_nl.data")); + IsTrue("certs wrong ", 2 == certs1.Count); + + MemoryStream input = new MemoryStream(Streams.ReadAll(GetTestDataAsStream("cert_chain_nl.data")), false); + + ISet certs2 = new HashSet(); + while (input.Position < input.Length) + { + X509Certificate c = fact.ReadCertificate(input); + + // this isn't strictly correct with the way it's defined in the Java JavaDoc - need it for backward + // compatibility. + if (c != null) + { + certs2.Add(c); + } + } + IsTrue("certs size ", certs1.Count == certs2.Count); + + certs2.RemoveAll(certs1); + IsTrue("collection not empty", certs2.Count == 0); + } + + public override void PerformTest() + { + checkCertificate(1, cert1); + checkCertificate(2, cert2); + checkCertificate(3, cert3); + checkCertificate(4, cert4); + checkCertificate(5, cert5); + // This cert uses an incorrect encoding (compressed wrapped in extra octet string) + // which the Java build supports backwards, but we choose not to for C# build +// checkCertificate(6, oldEcdsa); + checkCertificate(7, cert7); + + checkKeyUsage(8, keyUsage); + checkSelfSignedCertificate(9, uncompressedPtEC); + checkNameCertificate(10, nameCert); + + checkSelfSignedCertificate(11, probSelfSignedCert); + checkSelfSignedCertificate(12, gostCA1); + checkSelfSignedCertificate(13, gostCA2); + checkSelfSignedCertificate(14, gost341094base); + checkSelfSignedCertificate(15, gost34102001base); + checkSelfSignedCertificate(16, gost341094A); + checkSelfSignedCertificate(17, gost341094B); + checkSelfSignedCertificate(17, gost34102001A); + + checkCrl(1, crl1); + + checkCreation1(); + checkCreation2(); + checkCreation3(); + checkCreation4(); + checkCreation5(); + + createECCert("SHA1withECDSA", X9ObjectIdentifiers.ECDsaWithSha1); + createECCert("SHA224withECDSA", X9ObjectIdentifiers.ECDsaWithSha224); + createECCert("SHA256withECDSA", X9ObjectIdentifiers.ECDsaWithSha256); + createECCert("SHA384withECDSA", X9ObjectIdentifiers.ECDsaWithSha384); + createECCert("SHA512withECDSA", X9ObjectIdentifiers.ECDsaWithSha512); + + createPssCert("SHA1withRSAandMGF1"); + createPssCert("SHA224withRSAandMGF1"); + createPssCert("SHA256withRSAandMGF1"); + createPssCert("SHA384withRSAandMGF1"); + + checkCrlCreation1(); + checkCrlCreation2(); + checkCrlCreation3(); + + pemTest(); + pemFileTest(); + pemFileTestWithNl(); + pkcs7Test(); + rfc4491Test(); + + invalidCrls(); + + doTestForgedSignature(); + + doTestNullDerNullCert(); + + checkCertificate(18, emptyDNCert); + } + + public static void Main( + string[] args) + { + RunTest(new CertTest()); + } + + [Test] + public void TestFunction() + { + string resultText = Perform().ToString(); + + Assert.AreEqual(Name + ": Okay", resultText); + } + } +} diff --git a/BouncyCastle/crypto/test/src/test/CipherStreamTest.cs b/BouncyCastle/crypto/test/src/test/CipherStreamTest.cs new file mode 100644 index 0000000..0809dfe --- /dev/null +++ b/BouncyCastle/crypto/test/src/test/CipherStreamTest.cs @@ -0,0 +1,449 @@ +using System; +using System.IO; +using System.Text; + +using NUnit.Framework; + +using Org.BouncyCastle.Crypto; +using Org.BouncyCastle.Crypto.IO; +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Security; +using Org.BouncyCastle.Utilities.Encoders; +using Org.BouncyCastle.Utilities.Test; + +namespace Org.BouncyCastle.Tests +{ + /// Check that cipher input/output streams are working correctly + [TestFixture] + public class CipherStreamTest + : SimpleTest + { + private static readonly byte[] RK = Hex.Decode("0123456789ABCDEF"); + private static readonly byte[] RIN = Hex.Decode("4e6f772069732074"); + private static readonly byte[] ROUT = Hex.Decode("3afbb5c77938280d"); + + private static byte[] SIN = Hex.Decode( + "00000000000000000000000000000000" + + "00000000000000000000000000000000" + + "00000000000000000000000000000000" + + "00000000000000000000000000000000"); + private static readonly byte[] SK = Hex.Decode("80000000000000000000000000000000"); + private static readonly byte[] SIV = Hex.Decode("0000000000000000"); + private static readonly byte[] SOUT = Hex.Decode( + "4DFA5E481DA23EA09A31022050859936" + + "DA52FCEE218005164F267CB65F5CFD7F" + + "2B4F97E0FF16924A52DF269515110A07" + + "F9E460BC65EF95DA58F740B7D1DBB0AA"); + + private static readonly byte[] HCIN = new byte[64]; + private static readonly byte[] HCIV = new byte[32]; + + private static readonly byte[] HCK256A = new byte[32]; + private static readonly byte[] HC256A = Hex.Decode( + "5B078985D8F6F30D42C5C02FA6B67951" + + "53F06534801F89F24E74248B720B4818" + + "CD9227ECEBCF4DBF8DBF6977E4AE14FA" + + "E8504C7BC8A9F3EA6C0106F5327E6981"); + + private static readonly byte[] HCK128A = new byte[16]; + private static readonly byte[] HC128A = Hex.Decode( + "82001573A003FD3B7FD72FFB0EAF63AA" + + "C62F12DEB629DCA72785A66268EC758B" + + "1EDB36900560898178E0AD009ABF1F49" + + "1330DC1C246E3D6CB264F6900271D59C"); + + private void doRunTest( + string name, + int ivLength) + { + string lCode = "ABCDEFGHIJKLMNOPQRSTUVWXY0123456789"; + + string baseName = name; + if (name.IndexOf('/') >= 0) + { + baseName = name.Substring(0, name.IndexOf('/')); + } + + CipherKeyGenerator kGen = GeneratorUtilities.GetKeyGenerator(baseName); + + IBufferedCipher inCipher = CipherUtilities.GetCipher(name); + IBufferedCipher outCipher = CipherUtilities.GetCipher(name); + KeyParameter key = ParameterUtilities.CreateKeyParameter(baseName, kGen.GenerateKey()); + MemoryStream bIn = new MemoryStream(Encoding.ASCII.GetBytes(lCode), false); + MemoryStream bOut = new MemoryStream(); + + // In the Java build, this IV would be implicitly created and then retrieved with getIV() + ICipherParameters cipherParams = key; + if (ivLength > 0) + { + cipherParams = new ParametersWithIV(cipherParams, new byte[ivLength]); + } + + inCipher.Init(true, cipherParams); + + // TODO Should we provide GetIV() method on IBufferedCipher? + //if (inCipher.getIV() != null) + //{ + // outCipher.Init(false, new ParametersWithIV(key, inCipher.getIV())); + //} + //else + //{ + // outCipher.Init(false, key); + //} + outCipher.Init(false, cipherParams); + + CipherStream cIn = new CipherStream(bIn, inCipher, null); + CipherStream cOut = new CipherStream(bOut, null, outCipher); + + int c; + + while ((c = cIn.ReadByte()) >= 0) + { + cOut.WriteByte((byte)c); + } + + cIn.Close(); + + cOut.Flush(); + cOut.Close(); + + byte[] bs = bOut.ToArray(); + string res = Encoding.ASCII.GetString(bs, 0, bs.Length); + + if (!res.Equals(lCode)) + { + Fail("Failed - decrypted data doesn't match."); + } + } + + private void doTestAlgorithm( + string name, + byte[] keyBytes, + byte[] iv, + byte[] plainText, + byte[] cipherText) + { + KeyParameter key = ParameterUtilities.CreateKeyParameter(name, keyBytes); + + IBufferedCipher inCipher = CipherUtilities.GetCipher(name); + IBufferedCipher outCipher = CipherUtilities.GetCipher(name); + + if (iv != null) + { + inCipher.Init(true, new ParametersWithIV(key, iv)); + outCipher.Init(false, new ParametersWithIV(key, iv)); + } + else + { + inCipher.Init(true, key); + outCipher.Init(false, key); + } + + byte[] enc = inCipher.DoFinal(plainText); + if (!AreEqual(enc, cipherText)) + { + Fail(name + ": cipher text doesn't match"); + } + + byte[] dec = outCipher.DoFinal(enc); + + if (!AreEqual(dec, plainText)) + { + Fail(name + ": plain text doesn't match"); + } + } + + private void doTestException( + string name, + int ivLength) + { + try + { + byte[] key128 = { + (byte)128, (byte)131, (byte)133, (byte)134, + (byte)137, (byte)138, (byte)140, (byte)143, + (byte)128, (byte)131, (byte)133, (byte)134, + (byte)137, (byte)138, (byte)140, (byte)143 + }; + + byte[] key256 = { + (byte)128, (byte)131, (byte)133, (byte)134, + (byte)137, (byte)138, (byte)140, (byte)143, + (byte)128, (byte)131, (byte)133, (byte)134, + (byte)137, (byte)138, (byte)140, (byte)143, + (byte)128, (byte)131, (byte)133, (byte)134, + (byte)137, (byte)138, (byte)140, (byte)143, + (byte)128, (byte)131, (byte)133, (byte)134, + (byte)137, (byte)138, (byte)140, (byte)143 }; + + byte[] keyBytes; + if (name.Equals("HC256")) + { + keyBytes = key256; + } + else + { + keyBytes = key128; + } + + KeyParameter cipherKey = ParameterUtilities.CreateKeyParameter(name, keyBytes); + + ICipherParameters cipherParams = cipherKey; + if (ivLength > 0) + { + cipherParams = new ParametersWithIV(cipherParams, new byte[ivLength]); + } + + IBufferedCipher ecipher = CipherUtilities.GetCipher(name); + ecipher.Init(true, cipherParams); + + byte[] cipherText = new byte[0]; + try + { + // According specification Method engineUpdate(byte[] input, + // int inputOffset, int inputLen, byte[] output, int + // outputOffset) + // throws ShortBufferException - if the given output buffer is + // too + // small to hold the result + ecipher.ProcessBytes(new byte[20], 0, 20, cipherText, 0); + +// Fail("failed exception test - no ShortBufferException thrown"); + Fail("failed exception test - no DataLengthException thrown"); + } +// catch (ShortBufferException e) + catch (DataLengthException) + { + // ignore + } + + // NB: The lightweight engine doesn't take public/private keys +// try +// { +// IBufferedCipher c = CipherUtilities.GetCipher(name); +// +// // Key k = new PublicKey() +// // { +// // +// // public string getAlgorithm() +// // { +// // return "STUB"; +// // } +// // +// // public string getFormat() +// // { +// // return null; +// // } +// // +// // public byte[] getEncoded() +// // { +// // return null; +// // } +// // +// // }; +// AsymmetricKeyParameter k = new AsymmetricKeyParameter(false); +// c.Init(true, k); +// +// Fail("failed exception test - no InvalidKeyException thrown for public key"); +// } +// catch (InvalidKeyException) +// { +// // okay +// } +// +// try +// { +// IBufferedCipher c = CipherUtilities.GetCipher(name); +// +// // Key k = new PrivateKey() +// // { +// // +// // public string getAlgorithm() +// // { +// // return "STUB"; +// // } +// // +// // public string getFormat() +// // { +// // return null; +// // } +// // +// // public byte[] getEncoded() +// // { +// // return null; +// // } +// // +// // }; +// +// AsymmetricKeyParameter k = new AsymmetricKeyParameter(true); +// c.Init(false, k); +// +// Fail("failed exception test - no InvalidKeyException thrown for private key"); +// } +// catch (InvalidKeyException) +// { +// // okay +// } + } + catch (Exception e) + { + Fail("unexpected exception.", e); + } + } + + [Test] + public void TestRC4() + { + doRunTest("RC4", 0); + } + + [Test] + public void TestRC4Exception() + { + doTestException("RC4", 0); + } + + [Test] + public void TestRC4Algorithm() + { + doTestAlgorithm("RC4", RK, null, RIN, ROUT); + } + + [Test] + public void TestSalsa20() + { + doRunTest("Salsa20", 8); + } + + [Test] + public void TestSalsa20Exception() + { + doTestException("Salsa20", 8); + } + + [Test] + public void TestSalsa20Algorithm() + { + doTestAlgorithm("Salsa20", SK, SIV, SIN, SOUT); + } + + [Test] + public void TestHC128() + { + doRunTest("HC128", 16); + } + + [Test] + public void TestHC128Exception() + { + doTestException("HC128", 16); + } + + [Test] + public void TestHC128Algorithm() + { + doTestAlgorithm("HC128", HCK128A, HCIV, HCIN, HC128A); + } + + [Test] + public void TestHC256() + { + doRunTest("HC256", 32); + } + + [Test] + public void TestHC256Exception() + { + doTestException("HC256", 32); + } + + [Test] + public void TestHC256Algorithm() + { + doTestAlgorithm("HC256", HCK256A, HCIV, HCIN, HC256A); + } + + [Test] + public void TestVmpc() + { + doRunTest("VMPC", 16); + } + + [Test] + public void TestVmpcException() + { + doTestException("VMPC", 16); + } + +// [Test] +// public void TestVmpcAlgorithm() +// { +// doTestAlgorithm("VMPC", a, iv, in, a); +// } + + [Test] + public void TestVmpcKsa3() + { + doRunTest("VMPC-KSA3", 16); + } + + [Test] + public void TestVmpcKsa3Exception() + { + doTestException("VMPC-KSA3", 16); + } + +// [Test] +// public void TestVmpcKsa3Algorithm() +// { +// doTestAlgorithm("VMPC-KSA3", a, iv, in, a); +// } + + [Test] + public void TestDesEcbPkcs7() + { + doRunTest("DES/ECB/PKCS7Padding", 0); + } + + [Test] + public void TestDesCfbNoPadding() + { + doRunTest("DES/CFB8/NoPadding", 0); + } + + public override void PerformTest() + { + TestRC4(); + TestRC4Exception(); + TestRC4Algorithm(); + TestSalsa20(); + TestSalsa20Exception(); + TestSalsa20Algorithm(); + TestHC128(); + TestHC128Exception(); + TestHC128Algorithm(); + TestHC256(); + TestHC256Exception(); + TestHC256Algorithm(); + TestVmpc(); + TestVmpcException(); +// TestVmpcAlgorithm(); + TestVmpcKsa3(); + TestVmpcKsa3Exception(); +// TestVmpcKsa3Algorithm(); + TestDesEcbPkcs7(); + TestDesCfbNoPadding(); + } + + public override string Name + { + get { return "CipherStreamTest"; } + } + + public static void Main( + string[] args) + { + RunTest(new CipherStreamTest()); + } + } +} diff --git a/BouncyCastle/crypto/test/src/test/DESedeTest.cs b/BouncyCastle/crypto/test/src/test/DESedeTest.cs new file mode 100644 index 0000000..d84b994 --- /dev/null +++ b/BouncyCastle/crypto/test/src/test/DESedeTest.cs @@ -0,0 +1,298 @@ +using System; +using System.IO; +using System.Text; + +using NUnit.Framework; + +using Org.BouncyCastle.Crypto; +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Crypto.IO; +using Org.BouncyCastle.Security; +using Org.BouncyCastle.Utilities; +using Org.BouncyCastle.Utilities.Encoders; +using Org.BouncyCastle.Utilities.Test; + +namespace Org.BouncyCastle.Tests +{ + /// + /// Basic test class for key generation for a DES-EDE block cipher, basically + /// this just exercises the provider, and makes sure we are behaving sensibly, + /// correctness of the implementation is shown in the lightweight test classes. + /// + [TestFixture] + public class DesEdeTest + : SimpleTest + { + private static string[] cipherTests1 = + { + "112", + "2f4bc6b30c893fa549d82c560d61cf3eb088aed020603de249d82c560d61cf3e529e95ecd8e05394", + "128", + "2f4bc6b30c893fa549d82c560d61cf3eb088aed020603de249d82c560d61cf3e529e95ecd8e05394", + "168", + "50ddb583a25c21e6c9233f8e57a86d40bb034af421c03096c9233f8e57a86d402fce91e8eb639f89", + "192", + "50ddb583a25c21e6c9233f8e57a86d40bb034af421c03096c9233f8e57a86d402fce91e8eb639f89", + }; + + private static byte[] input1 = Hex.Decode("000102030405060708090a0b0c0d0e0fff0102030405060708090a0b0c0d0e0f"); + + /** + * a fake random number generator - we just want to make sure the random numbers + * aren't random so that we get the same output, while still getting to test the + * key generation facilities. + */ + private class FixedSecureRandom + : SecureRandom + { + private byte[] seed = + { + (byte)0xaa, (byte)0xfd, (byte)0x12, (byte)0xf6, (byte)0x59, + (byte)0xca, (byte)0xe6, (byte)0x34, (byte)0x89, (byte)0xb4, + (byte)0x79, (byte)0xe5, (byte)0x07, (byte)0x6d, (byte)0xde, + (byte)0xc2, (byte)0xf0, (byte)0x6c, (byte)0xb5, (byte)0x8f + }; + + public override void NextBytes( + byte[] bytes) + { + int offset = 0; + + while ((offset + seed.Length) < bytes.Length) + { + Array.Copy(seed, 0, bytes, offset, seed.Length); + offset += seed.Length; + } + + Array.Copy(seed, 0, bytes, offset, bytes.Length - offset); + } + } + + public override string Name + { + get { return "DESEDE"; } + } + + private void wrapTest( + string alg, + int id, + byte[] kek, + byte[] iv, + byte[] input, + byte[] output) + { + try + { + IWrapper wrapper = WrapperUtilities.GetWrapper(alg + "Wrap"); + + KeyParameter desEdeKey = new DesEdeParameters(kek); + wrapper.Init(true, new ParametersWithIV(desEdeKey, iv)); + + try + { +// byte[] cText = wrapper.Wrap(new SecretKeySpec(input, alg)); + byte[] cText = wrapper.Wrap(input, 0, input.Length); + + if (!Arrays.AreEqual(cText, output)) + { + Fail("failed wrap test " + id + " expected " + + Hex.ToHexString(output) + " got " + Hex.ToHexString(cText)); + } + } + catch (Exception e) + { + Fail("failed wrap test exception " + e.ToString()); + } + + wrapper.Init(false, desEdeKey); + + try + { +// Key pText = wrapper.unwrap(output, alg, IBufferedCipher.SECRET_KEY); + byte[] pText = wrapper.Unwrap(output, 0, output.Length); +// if (!Arrays.AreEqual(pText.getEncoded(), input)) + if (!Arrays.AreEqual(pText, input)) + { + Fail("failed unwrap test " + id + " expected " + + Hex.ToHexString(input) + " got " + + Hex.ToHexString(pText)); + } + } + catch (Exception e) + { + Fail("failed unwrap test exception " + e.ToString()); + } + } + catch (Exception ex) + { + Fail("failed exception " + ex.ToString()); + } + } + + private void doTest( + string alg, + int strength, + byte[] input, + byte[] output) + { + KeyParameter key = null; + CipherKeyGenerator keyGen; + SecureRandom rand; + IBufferedCipher inCipher = null; + IBufferedCipher outCipher = null; + CipherStream cIn; + CipherStream cOut; + MemoryStream bIn; + MemoryStream bOut; + + rand = new FixedSecureRandom(); + + try + { + keyGen = GeneratorUtilities.GetKeyGenerator(alg); + keyGen.Init(new KeyGenerationParameters(rand, strength)); + + key = new DesEdeParameters(keyGen.GenerateKey()); + + inCipher = CipherUtilities.GetCipher(alg + "/ECB/PKCS7Padding"); + outCipher = CipherUtilities.GetCipher(alg + "/ECB/PKCS7Padding"); + + outCipher.Init(true, new ParametersWithRandom(key, rand)); + } + catch (Exception e) + { + Fail(alg + " failed initialisation - " + e.ToString()); + } + + try + { + inCipher.Init(false, key); + } + catch (Exception e) + { + Fail(alg + " failed initialisation - " + e.ToString()); + } + + // + // encryption pass + // + bOut = new MemoryStream(); + + cOut = new CipherStream(bOut, null, outCipher); + + try + { + for (int i = 0; i != input.Length / 2; i++) + { + cOut.WriteByte(input[i]); + } + cOut.Write(input, input.Length / 2, input.Length - input.Length / 2); + cOut.Close(); + } + catch (IOException e) + { + Fail(alg + " failed encryption - " + e.ToString()); + } + + byte[] bytes = bOut.ToArray(); + + if (!Arrays.AreEqual(bytes, output)) + { + Fail(alg + " failed encryption - expected " + + Hex.ToHexString(output) + " got " + + Hex.ToHexString(bytes)); + } + + // + // decryption pass + // + bIn = new MemoryStream(bytes, false); + + cIn = new CipherStream(bIn, inCipher, null); + + try + { +// DataInputStream dIn = new DataInputStream(cIn); + BinaryReader dIn = new BinaryReader(cIn); + + bytes = new byte[input.Length]; + + for (int i = 0; i != input.Length / 2; i++) + { + bytes[i] = (byte)dIn.ReadByte(); + } +// dIn.readFully(bytes, input.Length / 2, bytes.Length - input.Length / 2); + int remaining = bytes.Length - input.Length / 2; + byte[] rest = dIn.ReadBytes(remaining); + if (rest.Length != remaining) + throw new Exception("IO problem with BinaryReader"); + rest.CopyTo(bytes, input.Length / 2); + } + catch (Exception e) + { + Fail(alg + " failed encryption - " + e.ToString()); + } + + if (!Arrays.AreEqual(bytes, input)) + { + Fail(alg + " failed decryption - expected " + + Hex.ToHexString(input) + " got " + + Hex.ToHexString(bytes)); + } + + // TODO Put back in +// // +// // keyspec test +// // +// try +// { +// SecretKeyFactory keyFactory = SecretKeyFactory.getInstance(alg); +// DESedeKeySpec keySpec = (DESedeKeySpec)keyFactory.getKeySpec((SecretKey)key, DESedeKeySpec.class); +// +// if (!equalArray(key.getEncoded(), keySpec.getKey(), 16)) +// { +// Fail(alg + " KeySpec does not match key."); +// } +// } +// catch (Exception e) +// { +// Fail(alg + " failed keyspec - " + e.ToString()); +// } + } + + public override void PerformTest() + { + for (int i = 0; i != cipherTests1.Length; i += 2) + { + doTest("DESEDE", int.Parse(cipherTests1[i]), input1, Hex.Decode(cipherTests1[i + 1])); + } + + for (int i = 0; i != cipherTests1.Length; i += 2) + { + doTest("TDEA", int.Parse(cipherTests1[i]), input1, Hex.Decode(cipherTests1[i + 1])); + } + + byte[] kek1 = Hex.Decode("255e0d1c07b646dfb3134cc843ba8aa71f025b7c0838251f"); + byte[] iv1 = Hex.Decode("5dd4cbfc96f5453b"); + byte[] in1 = Hex.Decode("2923bf85e06dd6ae529149f1f1bae9eab3a7da3d860d3e98"); + byte[] out1 = Hex.Decode("690107618ef092b3b48ca1796b234ae9fa33ebb4159604037db5d6a84eb3aac2768c632775a467d4"); + + wrapTest("DESEDE", 1, kek1, iv1, in1, out1); + wrapTest("TDEA", 1, kek1, iv1, in1, out1); + } + + public static void Main( + string[] args) + { + RunTest(new DesEdeTest()); + } + + [Test] + public void TestFunction() + { + string resultText = Perform().ToString(); + + Assert.AreEqual(Name + ": Okay", resultText); + } + } +} diff --git a/BouncyCastle/crypto/test/src/test/DHTest.cs b/BouncyCastle/crypto/test/src/test/DHTest.cs new file mode 100644 index 0000000..3ed79ca --- /dev/null +++ b/BouncyCastle/crypto/test/src/test/DHTest.cs @@ -0,0 +1,725 @@ +using System; + +using NUnit.Framework; + +using Org.BouncyCastle.Asn1.X9; +using Org.BouncyCastle.Crypto; +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Math; +using Org.BouncyCastle.Math.EC; +using Org.BouncyCastle.Pkcs; +using Org.BouncyCastle.Security; +using Org.BouncyCastle.Utilities; +using Org.BouncyCastle.Utilities.Encoders; +using Org.BouncyCastle.Utilities.Test; +using Org.BouncyCastle.X509; + +namespace Org.BouncyCastle.Tests +{ + [TestFixture] + public class DHTest + : SimpleTest + { + private static readonly BigInteger g512 = new BigInteger("153d5d6172adb43045b68ae8e1de1070b6137005686d29d3d73a7749199681ee5b212c9b96bfdcfa5b20cd5e3fd2044895d609cf9b410b7a0f12ca1cb9a428cc", 16); + private static readonly BigInteger p512 = new BigInteger("9494fec095f3b85ee286542b3836fc81a5dd0a0349b4c239dd38744d488cf8e31db8bcb7d33b41abb9e5a33cca9144b1cef332c94bf0573bf047a3aca98cdf3b", 16); + + private static readonly BigInteger g768 = new BigInteger("7c240073c1316c621df461b71ebb0cdcc90a6e5527e5e126633d131f87461c4dc4afc60c2cb0f053b6758871489a69613e2a8b4c8acde23954c08c81cbd36132cfd64d69e4ed9f8e51ed6e516297206672d5c0a69135df0a5dcf010d289a9ca1", 16); + private static readonly BigInteger p768 = new BigInteger("8c9dd223debed1b80103b8b309715be009d48860ed5ae9b9d5d8159508efd802e3ad4501a7f7e1cfec78844489148cd72da24b21eddd01aa624291c48393e277cfc529e37075eccef957f3616f962d15b44aeab4039d01b817fde9eaa12fd73f", 16); + + private static readonly BigInteger g1024 = new BigInteger("1db17639cdf96bc4eabba19454f0b7e5bd4e14862889a725c96eb61048dcd676ceb303d586e30f060dbafd8a571a39c4d823982117da5cc4e0f89c77388b7a08896362429b94a18a327604eb7ff227bffbc83459ade299e57b5f77b50fb045250934938efa145511166e3197373e1b5b1e52de713eb49792bedde722c6717abf", 16); + private static readonly BigInteger p1024 = new BigInteger("a00e283b3c624e5b2b4d9fbc2653b5185d99499b00fd1bf244c6f0bb817b4d1c451b2958d62a0f8a38caef059fb5ecd25d75ed9af403f5b5bdab97a642902f824e3c13789fed95fa106ddfe0ff4a707c85e2eb77d49e68f2808bcea18ce128b178cd287c6bc00efa9a1ad2a673fe0dceace53166f75b81d6709d5f8af7c66bb7", 16); + + // public key with mismatched oid/parameters + private byte[] oldPubEnc = Base64.Decode( + "MIIBnzCCARQGByqGSM4+AgEwggEHAoGBAPxSrN417g43VAM9sZRf1dt6AocAf7D6" + + "WVCtqEDcBJrMzt63+g+BNJzhXVtbZ9kp9vw8L/0PHgzv0Ot/kOLX7Khn+JalOECW" + + "YlkyBhmOVbjR79TY5u2GAlvG6pqpizieQNBCEMlUuYuK1Iwseil6VoRuA13Zm7uw" + + "WO1eZmaJtY7LAoGAQaPRCFKM5rEdkMrV9FNzeSsYRs8m3DqPnnJHpuySpyO9wUcX" + + "OOJcJY5qvHbDO5SxHXu/+bMgXmVT6dXI5o0UeYqJR7fj6pR4E6T0FwG55RFr5Ok4" + + "3C4cpXmaOu176SyWuoDqGs1RDGmYQjwbZUi23DjaaTFUly9LCYXMliKrQfEDgYQA" + + "AoGAQUGCBN4TaBw1BpdBXdTvTfCU69XDB3eyU2FOBE3UWhpx9D8XJlx4f5DpA4Y6" + + "6sQMuCbhfmjEph8W7/sbMurM/awR+PSR8tTY7jeQV0OkmAYdGK2nzh0ZSifMO1oE" + + "NNhN2O62TLs67msxT28S4/S89+LMtc98mevQ2SX+JF3wEVU="); + + // bogus key with full PKCS parameter set + private byte[] oldFullParams = Base64.Decode( + "MIIBIzCCARgGByqGSM4+AgEwggELAoGBAP1/U4EddRIpUt9KnC7s5Of2EbdSPO9E" + + "AMMeP4C2USZpRV1AIlH7WT2NWPq/xfW6MPbLm1Vs14E7gB00b/JmYLdrmVClpJ+f" + + "6AR7ECLCT7up1/63xhv4O1fnxqimFQ8E+4P208UewwI1VBNaFpEy9nXzrith1yrv" + + "8iIDGZ3RSAHHAoGBAPfhoIXWmz3ey7yrXDa4V7l5lK+7+jrqgvlXTAs9B4JnUVlX" + + "jrrUWU/mcQcQgYC0SRZxI+hMKBYTt88JMozIpuE8FnqLVHyNKOCjrh4rs6Z1kW6j" + + "fwv6ITVi8ftiegEkO8yk8b6oUZCJqIPf4VrlnwaSi2ZegHtVJWQBTDv+z0kqAgFk" + + "AwUAAgIH0A=="); + + private byte[] samplePubEnc = Base64.Decode( + "MIIBpjCCARsGCSqGSIb3DQEDATCCAQwCgYEA/X9TgR11EilS30qcLuzk5/YRt1I8" + + "70QAwx4/gLZRJmlFXUAiUftZPY1Y+r/F9bow9subVWzXgTuAHTRv8mZgt2uZUKWk" + + "n5/oBHsQIsJPu6nX/rfGG/g7V+fGqKYVDwT7g/bTxR7DAjVUE1oWkTL2dfOuK2HX" + + "Ku/yIgMZndFIAccCgYEA9+GghdabPd7LvKtcNrhXuXmUr7v6OuqC+VdMCz0HgmdR" + + "WVeOutRZT+ZxBxCBgLRJFnEj6EwoFhO3zwkyjMim4TwWeotUfI0o4KOuHiuzpnWR" + + "bqN/C/ohNWLx+2J6ASQ7zKTxvqhRkImog9/hWuWfBpKLZl6Ae1UlZAFMO/7PSSoC" + + "AgIAA4GEAAKBgEIiqxoUW6E6GChoOgcfNbVFclW91ITf5MFSUGQwt2R0RHoOhxvO" + + "lZhNs++d0VPATLAyXovjfgENT9SGCbuZttYcqqLdKTbMXBWPek+rfnAl9E4iEMED" + + "IDd83FJTKs9hQcPAm7zmp0Xm1bGF9CbUFjP5G02265z7eBmHDaT0SNlB"); + + private byte[] samplePrivEnc = Base64.Decode( + "MIIBZgIBADCCARsGCSqGSIb3DQEDATCCAQwCgYEA/X9TgR11EilS30qcLuzk5/YR" + + "t1I870QAwx4/gLZRJmlFXUAiUftZPY1Y+r/F9bow9subVWzXgTuAHTRv8mZgt2uZ" + + "UKWkn5/oBHsQIsJPu6nX/rfGG/g7V+fGqKYVDwT7g/bTxR7DAjVUE1oWkTL2dfOu" + + "K2HXKu/yIgMZndFIAccCgYEA9+GghdabPd7LvKtcNrhXuXmUr7v6OuqC+VdMCz0H" + + "gmdRWVeOutRZT+ZxBxCBgLRJFnEj6EwoFhO3zwkyjMim4TwWeotUfI0o4KOuHiuz" + + "pnWRbqN/C/ohNWLx+2J6ASQ7zKTxvqhRkImog9/hWuWfBpKLZl6Ae1UlZAFMO/7P" + + "SSoCAgIABEICQAZYXnBHazxXUUdFP4NIf2Ipu7du0suJPZQKKff81wymi2zfCfHh" + + "uhe9gQ9xdm4GpzeNtrQ8/MzpTy+ZVrtd29Q="); + + public override string Name + { + get { return "DH"; } + } + + private void doTestGP( + string algName, + int size, + int privateValueSize, + BigInteger g, + BigInteger p) + { + IAsymmetricCipherKeyPairGenerator keyGen = GeneratorUtilities.GetKeyPairGenerator(algName); + + DHParameters dhParams = new DHParameters(p, g, null, privateValueSize); + KeyGenerationParameters kgp = new DHKeyGenerationParameters(new SecureRandom(), dhParams); + + keyGen.Init(kgp); + + // + // a side + // + AsymmetricCipherKeyPair aKeyPair = keyGen.GenerateKeyPair(); + + IBasicAgreement aKeyAgreeBasic = AgreementUtilities.GetBasicAgreement(algName); + + checkKeySize(privateValueSize, aKeyPair); + + aKeyAgreeBasic.Init(aKeyPair.Private); + + // + // b side + // + AsymmetricCipherKeyPair bKeyPair = keyGen.GenerateKeyPair(); + + IBasicAgreement bKeyAgreeBasic = AgreementUtilities.GetBasicAgreement(algName); + + checkKeySize(privateValueSize, bKeyPair); + + bKeyAgreeBasic.Init(bKeyPair.Private); + + // + // agreement + // +// aKeyAgreeBasic.doPhase(bKeyPair.Public, true); +// bKeyAgreeBasic.doPhase(aKeyPair.Public, true); +// +// BigInteger k1 = new BigInteger(aKeyAgreeBasic.generateSecret()); +// BigInteger k2 = new BigInteger(bKeyAgreeBasic.generateSecret()); + BigInteger k1 = aKeyAgreeBasic.CalculateAgreement(bKeyPair.Public); + BigInteger k2 = bKeyAgreeBasic.CalculateAgreement(aKeyPair.Public); + + if (!k1.Equals(k2)) + { + Fail(size + " bit 2-way test failed"); + } + + // + // public key encoding test + // +// byte[] pubEnc = aKeyPair.Public.GetEncoded(); + byte[] pubEnc = SubjectPublicKeyInfoFactory.CreateSubjectPublicKeyInfo(aKeyPair.Public).GetDerEncoded(); + +// KeyFactory keyFac = KeyFactory.getInstance(algName); +// X509EncodedKeySpec pubX509 = new X509EncodedKeySpec(pubEnc); +// DHPublicKey pubKey = (DHPublicKey)keyFac.generatePublic(pubX509); + DHPublicKeyParameters pubKey = (DHPublicKeyParameters) PublicKeyFactory.CreateKey(pubEnc); +// DHParameterSpec spec = pubKey.Parameters; + DHParameters spec = pubKey.Parameters; + + if (!spec.G.Equals(dhParams.G) || !spec.P.Equals(dhParams.P)) + { + Fail(size + " bit public key encoding/decoding test failed on parameters"); + } + + if (!((DHPublicKeyParameters)aKeyPair.Public).Y.Equals(pubKey.Y)) + { + Fail(size + " bit public key encoding/decoding test failed on y value"); + } + + // + // public key serialisation test + // + // TODO Put back in +// MemoryStream bOut = new MemoryStream(); +// ObjectOutputStream oOut = new ObjectOutputStream(bOut); +// +// oOut.WriteObject(aKeyPair.Public); +// +// MemoryStream bIn = new MemoryStream(bOut.ToArray(), false); +// ObjectInputStream oIn = new ObjectInputStream(bIn); +// +// pubKey = (DHPublicKeyParameters)oIn.ReadObject(); + spec = pubKey.Parameters; + + if (!spec.G.Equals(dhParams.G) || !spec.P.Equals(dhParams.P)) + { + Fail(size + " bit public key serialisation test failed on parameters"); + } + + if (!((DHPublicKeyParameters)aKeyPair.Public).Y.Equals(pubKey.Y)) + { + Fail(size + " bit public key serialisation test failed on y value"); + } + + // + // private key encoding test + // +// byte[] privEnc = aKeyPair.Private.GetEncoded(); + byte[] privEnc = PrivateKeyInfoFactory.CreatePrivateKeyInfo(aKeyPair.Private).GetDerEncoded(); +// PKCS8EncodedKeySpec privPKCS8 = new PKCS8EncodedKeySpec(privEnc); +// DHPrivateKeyParameters privKey = (DHPrivateKey)keyFac.generatePrivate(privPKCS8); + DHPrivateKeyParameters privKey = (DHPrivateKeyParameters) PrivateKeyFactory.CreateKey(privEnc); + + spec = privKey.Parameters; + + if (!spec.G.Equals(dhParams.G) || !spec.P.Equals(dhParams.P)) + { + Fail(size + " bit private key encoding/decoding test failed on parameters"); + } + + if (!((DHPrivateKeyParameters)aKeyPair.Private).X.Equals(privKey.X)) + { + Fail(size + " bit private key encoding/decoding test failed on y value"); + } + + // + // private key serialisation test + // + // TODO Put back in +// bOut = new MemoryStream(); +// oOut = new ObjectOutputStream(bOut); +// +// oOut.WriteObject(aKeyPair.Private); +// +// bIn = new MemoryStream(bOut.ToArray(), false); +// oIn = new ObjectInputStream(bIn); +// +// privKey = (DHPrivateKeyParameters)oIn.ReadObject(); + spec = privKey.Parameters; + + if (!spec.G.Equals(dhParams.G) || !spec.P.Equals(dhParams.P)) + { + Fail(size + " bit private key serialisation test failed on parameters"); + } + + if (!((DHPrivateKeyParameters)aKeyPair.Private).X.Equals(privKey.X)) + { + Fail(size + " bit private key serialisation test failed on y value"); + } + + // + // three party test + // + IAsymmetricCipherKeyPairGenerator aPairGen = GeneratorUtilities.GetKeyPairGenerator(algName); + aPairGen.Init(new DHKeyGenerationParameters(new SecureRandom(), spec)); + AsymmetricCipherKeyPair aPair = aPairGen.GenerateKeyPair(); + + IAsymmetricCipherKeyPairGenerator bPairGen = GeneratorUtilities.GetKeyPairGenerator(algName); + bPairGen.Init(new DHKeyGenerationParameters(new SecureRandom(), spec)); + AsymmetricCipherKeyPair bPair = bPairGen.GenerateKeyPair(); + + IAsymmetricCipherKeyPairGenerator cPairGen = GeneratorUtilities.GetKeyPairGenerator(algName); + cPairGen.Init(new DHKeyGenerationParameters(new SecureRandom(), spec)); + AsymmetricCipherKeyPair cPair = cPairGen.GenerateKeyPair(); + + + IBasicAgreement aKeyAgree = AgreementUtilities.GetBasicAgreement(algName); + aKeyAgree.Init(aPair.Private); + + IBasicAgreement bKeyAgree = AgreementUtilities.GetBasicAgreement(algName); + bKeyAgree.Init(bPair.Private); + + IBasicAgreement cKeyAgree = AgreementUtilities.GetBasicAgreement(algName); + cKeyAgree.Init(cPair.Private); + +// Key ac = aKeyAgree.doPhase(cPair.Public, false); +// Key ba = bKeyAgree.doPhase(aPair.Public, false); +// Key cb = cKeyAgree.doPhase(bPair.Public, false); +// +// aKeyAgree.doPhase(cb, true); +// bKeyAgree.doPhase(ac, true); +// cKeyAgree.doPhase(ba, true); +// +// BigInteger aShared = new BigInteger(aKeyAgree.generateSecret()); +// BigInteger bShared = new BigInteger(bKeyAgree.generateSecret()); +// BigInteger cShared = new BigInteger(cKeyAgree.generateSecret()); + + DHPublicKeyParameters ac = new DHPublicKeyParameters(aKeyAgree.CalculateAgreement(cPair.Public), spec); + DHPublicKeyParameters ba = new DHPublicKeyParameters(bKeyAgree.CalculateAgreement(aPair.Public), spec); + DHPublicKeyParameters cb = new DHPublicKeyParameters(cKeyAgree.CalculateAgreement(bPair.Public), spec); + + BigInteger aShared = aKeyAgree.CalculateAgreement(cb); + BigInteger bShared = bKeyAgree.CalculateAgreement(ac); + BigInteger cShared = cKeyAgree.CalculateAgreement(ba); + + if (!aShared.Equals(bShared)) + { + Fail(size + " bit 3-way test failed (a and b differ)"); + } + + if (!cShared.Equals(bShared)) + { + Fail(size + " bit 3-way test failed (c and b differ)"); + } + } + + private void doTestExplicitWrapping( + int size, + int privateValueSize, + BigInteger g, + BigInteger p) + { + DHParameters dhParams = new DHParameters(p, g, null, privateValueSize); + + IAsymmetricCipherKeyPairGenerator keyGen = GeneratorUtilities.GetKeyPairGenerator("DH"); + + keyGen.Init(new DHKeyGenerationParameters(new SecureRandom(), dhParams)); + + // + // a side + // + AsymmetricCipherKeyPair aKeyPair = keyGen.GenerateKeyPair(); + + IBasicAgreement aKeyAgree = AgreementUtilities.GetBasicAgreement("DH"); + + checkKeySize(privateValueSize, aKeyPair); + + aKeyAgree.Init(aKeyPair.Private); + + // + // b side + // + AsymmetricCipherKeyPair bKeyPair = keyGen.GenerateKeyPair(); + + IBasicAgreement bKeyAgree = AgreementUtilities.GetBasicAgreement("DH"); + + checkKeySize(privateValueSize, bKeyPair); + + bKeyAgree.Init(bKeyPair.Private); + + // + // agreement + // +// aKeyAgree.doPhase(bKeyPair.Public, true); +// bKeyAgree.doPhase(aKeyPair.Public, true); +// +// SecretKey k1 = aKeyAgree.generateSecret(PkcsObjectIdentifiers.IdAlgCms3DesWrap.Id); +// SecretKey k2 = bKeyAgree.generateSecret(PkcsObjectIdentifiers.IdAlgCms3DesWrap.Id); + + // TODO Does this really test the same thing as the above code? + BigInteger b1 = aKeyAgree.CalculateAgreement(bKeyPair.Public); + BigInteger b2 = bKeyAgree.CalculateAgreement(aKeyPair.Public); + + if (!b1.Equals(b2)) + { + Fail("Explicit wrapping test failed"); + } + } + + private void checkKeySize( + int privateValueSize, + AsymmetricCipherKeyPair aKeyPair) + { + if (privateValueSize != 0) + { + DHPrivateKeyParameters key = (DHPrivateKeyParameters)aKeyPair.Private; + + if (key.X.BitLength != privateValueSize) + { + Fail("limited key check failed for key size " + privateValueSize); + } + } + } + +// TODO Put back in +// private void doTestRandom( +// int size) +// { +// AlgorithmParameterGenerator a = AlgorithmParameterGenerator.getInstance("DH"); +// a.init(size, new SecureRandom()); +// AlgorithmParameters parameters = a.generateParameters(); +// +// byte[] encodeParams = parameters.GetEncoded(); +// +// AlgorithmParameters a2 = AlgorithmParameters.getInstance("DH"); +// a2.init(encodeParams); +// +// // a and a2 should be equivalent! +// byte[] encodeParams_2 = a2.GetEncoded(); +// +// if (!areEqual(encodeParams, encodeParams_2)) +// { +// Fail("encode/Decode parameters failed"); +// } +// +// DHParameterSpec dhP = (DHParameterSpec)parameters.getParameterSpec(DHParameterSpec.class); +// +// doTestGP("DH", size, 0, dhP.G, dhP.P); +// } + + [Test] + public void TestECDH() + { + DoTestECDH("ECDH"); + } + + [Test] + public void TestECDHC() + { + DoTestECDH("ECDHC"); + } + + private void DoTestECDH(string algorithm) + { + IAsymmetricCipherKeyPairGenerator g = GeneratorUtilities.GetKeyPairGenerator(algorithm); + + X9ECParameters x9 = ECNamedCurveTable.GetByName("prime239v1"); + ECDomainParameters ecSpec = new ECDomainParameters(x9.Curve, x9.G, x9.N, x9.H); + + g.Init(new ECKeyGenerationParameters(ecSpec, new SecureRandom())); + + // + // a side + // + AsymmetricCipherKeyPair aKeyPair = g.GenerateKeyPair(); + + IBasicAgreement aKeyAgreeBasic = AgreementUtilities.GetBasicAgreement(algorithm); + + aKeyAgreeBasic.Init(aKeyPair.Private); + + // + // b side + // + AsymmetricCipherKeyPair bKeyPair = g.GenerateKeyPair(); + + IBasicAgreement bKeyAgreeBasic = AgreementUtilities.GetBasicAgreement(algorithm); + + bKeyAgreeBasic.Init(bKeyPair.Private); + + // + // agreement + // + BigInteger k1 = aKeyAgreeBasic.CalculateAgreement(bKeyPair.Public); + BigInteger k2 = bKeyAgreeBasic.CalculateAgreement(aKeyPair.Public); + + if (!k1.Equals(k2)) + { + Fail(algorithm + " 2-way test failed"); + } + + // + // public key encoding test + // +// byte[] pubEnc = aKeyPair.Public.GetEncoded(); + byte[] pubEnc = SubjectPublicKeyInfoFactory.CreateSubjectPublicKeyInfo(aKeyPair.Public).GetDerEncoded(); + +// KeyFactory keyFac = KeyFactory.getInstance(algorithm); +// X509EncodedKeySpec pubX509 = new X509EncodedKeySpec(pubEnc); +// ECPublicKey pubKey = (ECPublicKey)keyFac.generatePublic(pubX509); + ECPublicKeyParameters pubKey = (ECPublicKeyParameters) PublicKeyFactory.CreateKey(pubEnc); + + ECDomainParameters ecDP = pubKey.Parameters; + +// if (!pubKey.getW().Equals(((ECPublicKeyParameters)aKeyPair.Public).getW())) + ECPoint pq1 = pubKey.Q.Normalize(), pq2 = ((ECPublicKeyParameters)aKeyPair.Public).Q.Normalize(); + if (!pq1.Equals(pq2)) + { +// Console.WriteLine(" expected " + pubKey.getW().getAffineX() + " got " + ((ECPublicKey)aKeyPair.Public).getW().getAffineX()); +// Console.WriteLine(" expected " + pubKey.getW().getAffineY() + " got " + ((ECPublicKey)aKeyPair.Public).getW().getAffineY()); +// Fail(algorithm + " public key encoding (W test) failed"); + Console.WriteLine(" expected " + pq1.AffineXCoord.ToBigInteger() + + " got " + pq2.AffineXCoord.ToBigInteger()); + Console.WriteLine(" expected " + pq1.AffineYCoord.ToBigInteger() + + " got " + pq2.AffineYCoord.ToBigInteger()); + Fail(algorithm + " public key encoding (Q test) failed"); + } + +// if (!pubKey.Parameters.getGenerator().Equals(((ECPublicKeyParameters)aKeyPair.Public).Parameters.getGenerator())) + if (!pubKey.Parameters.G.Equals(((ECPublicKeyParameters)aKeyPair.Public).Parameters.G)) + { + Fail(algorithm + " public key encoding (G test) failed"); + } + + // + // private key encoding test + // +// byte[] privEnc = aKeyPair.Private.GetEncoded(); + byte[] privEnc = PrivateKeyInfoFactory.CreatePrivateKeyInfo(aKeyPair.Private).GetDerEncoded(); + +// PKCS8EncodedKeySpec privPKCS8 = new PKCS8EncodedKeySpec(privEnc); +// ECPrivateKey privKey = (ECPrivateKey)keyFac.generatePrivate(privPKCS8); + ECPrivateKeyParameters privKey = (ECPrivateKeyParameters) PrivateKeyFactory.CreateKey(privEnc); + +// if (!privKey.getS().Equals(((ECPrivateKey)aKeyPair.Private).getS())) + if (!privKey.D.Equals(((ECPrivateKeyParameters)aKeyPair.Private).D)) + { +// Fail(algorithm + " private key encoding (S test) failed"); + Fail(algorithm + " private key encoding (D test) failed"); + } + +// if (!privKey.Parameters.getGenerator().Equals(((ECPrivateKey)aKeyPair.Private).Parameters.getGenerator())) + if (!privKey.Parameters.G.Equals(((ECPrivateKeyParameters)aKeyPair.Private).Parameters.G)) + { + Fail(algorithm + " private key encoding (G test) failed"); + } + } + + [Test] + public void TestExceptions() + { + DHParameters dhParams = new DHParameters(p512, g512); + + try + { + IBasicAgreement aKeyAgreeBasic = AgreementUtilities.GetBasicAgreement("DH"); + +// aKeyAgreeBasic.generateSecret("DES"); + aKeyAgreeBasic.CalculateAgreement(null); + } + catch (InvalidOperationException) + { + // okay + } + catch (Exception e) + { + Fail("Unexpected exception: " + e, e); + } + } + + private void doTestDesAndDesEde( + BigInteger g, + BigInteger p) + { + DHParameters dhParams = new DHParameters(p, g, null, 256); + + IAsymmetricCipherKeyPairGenerator keyGen = GeneratorUtilities.GetKeyPairGenerator("DH"); + + keyGen.Init(new DHKeyGenerationParameters(new SecureRandom(), dhParams)); + + AsymmetricCipherKeyPair kp = keyGen.GenerateKeyPair(); + + IBasicAgreement keyAgreement = AgreementUtilities.GetBasicAgreement("DH"); + + keyAgreement.Init(kp.Private); + BigInteger agreed = keyAgreement.CalculateAgreement(kp.Public); + byte[] agreedBytes = agreed.ToByteArrayUnsigned(); + + // TODO Figure out where the magic happens of choosing the right + // bytes from 'agreedBytes' for each key type - need C# equivalent? + // (see JCEDHKeyAgreement.engineGenerateSecret) + +// SecretKey key = keyAgreement.generateSecret("DES"); +// +// if (key.getEncoded().length != 8) +// { +// Fail("DES length wrong"); +// } +// +// if (!DESKeySpec.isParityAdjusted(key.getEncoded(), 0)) +// { +// Fail("DES parity wrong"); +// } +// +// key = keyAgreement.generateSecret("DESEDE"); +// +// if (key.getEncoded().length != 24) +// { +// Fail("DESEDE length wrong"); +// } +// +// if (!DESedeKeySpec.isParityAdjusted(key.getEncoded(), 0)) +// { +// Fail("DESEDE parity wrong"); +// } +// +// key = keyAgreement.generateSecret("Blowfish"); +// +// if (key.getEncoded().length != 16) +// { +// Fail("Blowfish length wrong"); +// } + } + + [Test] + public void TestFunction() + { + doTestGP("DH", 512, 0, g512, p512); + doTestGP("DiffieHellman", 768, 0, g768, p768); + doTestGP("DIFFIEHELLMAN", 1024, 0, g1024, p1024); + doTestGP("DH", 512, 64, g512, p512); + doTestGP("DiffieHellman", 768, 128, g768, p768); + doTestGP("DIFFIEHELLMAN", 1024, 256, g1024, p1024); + doTestExplicitWrapping(512, 0, g512, p512); + doTestDesAndDesEde(g768, p768); + + // TODO Put back in + //doTestRandom(256); + } + + [Test] + public void TestEnc() + { +// KeyFactory kFact = KeyFactory.getInstance("DH", "BC"); +// +// Key k = kFact.generatePrivate(new PKCS8EncodedKeySpec(samplePrivEnc)); + AsymmetricKeyParameter k = PrivateKeyFactory.CreateKey(samplePrivEnc); + byte[] encoded = PrivateKeyInfoFactory.CreatePrivateKeyInfo(k).GetEncoded(); + + if (!Arrays.AreEqual(samplePrivEnc, encoded)) + { + Fail("private key re-encode failed"); + } + +// k = kFact.generatePublic(new X509EncodedKeySpec(samplePubEnc)); + k = PublicKeyFactory.CreateKey(samplePubEnc); + encoded = SubjectPublicKeyInfoFactory.CreateSubjectPublicKeyInfo(k).GetEncoded(); + + if (!Arrays.AreEqual(samplePubEnc, encoded)) + { + Fail("public key re-encode failed"); + } + +// k = kFact.generatePublic(new X509EncodedKeySpec(oldPubEnc)); + k = PublicKeyFactory.CreateKey(oldPubEnc); + encoded = SubjectPublicKeyInfoFactory.CreateSubjectPublicKeyInfo(k).GetEncoded(); + + if (!Arrays.AreEqual(oldPubEnc, encoded)) + { + Fail("old public key re-encode failed"); + } + +// k = kFact.generatePublic(new X509EncodedKeySpec(oldFullParams)); + k = PublicKeyFactory.CreateKey(oldFullParams); + encoded = SubjectPublicKeyInfoFactory.CreateSubjectPublicKeyInfo(k).GetEncoded(); + + if (!Arrays.AreEqual(oldFullParams, encoded)) + { + Fail("old full public key re-encode failed"); + } + } + + internal static readonly string Message = "Hello"; + + internal static readonly SecureRandom rand = new SecureRandom(); + + public static DHParameters Ike2048() + { + BigInteger p = new BigInteger( + "ffffffffffffffffc90fdaa22168c234c4c6628b80dc1cd129024e088a67cc74" + + "020bbea63b139b22514a08798e3404ddef9519b3cd3a431b302b0a6df25f1437" + + "4fe1356d6d51c245e485b576625e7ec6f44c42e9a637ed6b0bff5cb6f406b7ed" + + "ee386bfb5a899fa5ae9f24117c4b1fe649286651ece45b3dc2007cb8a163bf05" + + "98da48361c55d39a69163fa8fd24cf5f83655d23dca3ad961c62f356208552bb" + + "9ed529077096966d670c354e4abc9804f1746c08ca18217c32905e462e36ce3b" + + "e39e772c180e86039b2783a2ec07a28fb5c55df06f4c52c9de2bcbf695581718" + + "3995497cea956ae515d2261898fa051015728e5a8aacaa68ffffffffffffffff", 16); + BigInteger g = new BigInteger("2"); + return new DHParameters(p, g); + } + + internal class DHWeakPubKey + : DHPublicKeyParameters + { + private readonly BigInteger weakY; + + public DHWeakPubKey(BigInteger weakY, DHParameters parameters) + : base(BigInteger.Two, parameters) + { + this.weakY = weakY; + } + + public override BigInteger Y + { + get { return weakY; } + } + } + + /** + * Tests whether a provider accepts invalid public keys that result in predictable shared secrets. + * This test is based on RFC 2785, Section 4 and NIST SP 800-56A, + * If an attacker can modify both public keys in an ephemeral-ephemeral key agreement scheme then + * it may be possible to coerce both parties into computing the same predictable shared key. + *

    + * Note: the test is quite whimsical. If the prime p is not a safe prime then the provider itself + * cannot prevent all small-subgroup attacks because of the missing parameter q in the + * Diffie-Hellman parameters. Implementations must add additional countermeasures such as the ones + * proposed in RFC 2785. + */ + [Test] + public void TestSubgroupConfinement() + { + DHParameters parameters = Ike2048(); + BigInteger p = parameters.P, g = parameters.G; + + IAsymmetricCipherKeyPairGenerator keyGen = GeneratorUtilities.GetKeyPairGenerator("DH"); + + //keyGen.initialize(params); + keyGen.Init(new DHKeyGenerationParameters(new SecureRandom(), parameters)); + + AsymmetricCipherKeyPair kp = keyGen.GenerateKeyPair(); + AsymmetricKeyParameter priv = kp.Private; + + IBasicAgreement ka = AgreementUtilities.GetBasicAgreement("DH"); + + BigInteger[] weakPublicKeys = { BigInteger.Zero, BigInteger.One, p.Subtract(BigInteger.One), p, + p.Add(BigInteger.One), BigInteger.One.Negate() }; + + foreach (BigInteger weakKey in weakPublicKeys) + { + try + { + new DHPublicKeyParameters(weakKey, parameters); + Fail("Generated weak public key"); + } + catch (ArgumentException ex) + { + IsTrue("wrong message (constructor)", ex.Message.StartsWith("invalid DH public key")); + } + + ka.Init(priv); + + try + { + ka.CalculateAgreement(new DHWeakPubKey(weakKey, parameters)); + Fail("Generated secrets with weak public key"); + } + catch (ArgumentException ex) + { + IsTrue("wrong message (CalculateAgreement)", "Diffie-Hellman public key is weak".Equals(ex.Message)); + } + } + } + + public override void PerformTest() + { + TestEnc(); + TestFunction(); + TestECDH(); + TestECDHC(); + TestExceptions(); + TestSubgroupConfinement(); + } + + public static void Main( + string[] args) + { + RunTest(new DHTest()); + } + } +} diff --git a/BouncyCastle/crypto/test/src/test/DSATest.cs b/BouncyCastle/crypto/test/src/test/DSATest.cs new file mode 100644 index 0000000..9ed1109 --- /dev/null +++ b/BouncyCastle/crypto/test/src/test/DSATest.cs @@ -0,0 +1,852 @@ +using System; +using System.Text; + +using NUnit.Framework; + +using Org.BouncyCastle.Asn1; +using Org.BouncyCastle.Asn1.TeleTrust; +using Org.BouncyCastle.Asn1.X509; +using Org.BouncyCastle.Asn1.X9; +using Org.BouncyCastle.Crypto; +using Org.BouncyCastle.Crypto.Digests; +using Org.BouncyCastle.Crypto.Generators; +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Crypto.Signers; +using Org.BouncyCastle.Math; +using Org.BouncyCastle.Math.EC; +using Org.BouncyCastle.Security; +using Org.BouncyCastle.Utilities; +using Org.BouncyCastle.Utilities.Encoders; +using Org.BouncyCastle.Utilities.Test; + +namespace Org.BouncyCastle.Tests +{ + [TestFixture] + public class DsaTest + : SimpleTest + { + private static readonly byte[] k1 = Hex.Decode("d5014e4b60ef2ba8b6211b4062ba3224e0427dd3"); + private static readonly byte[] k2 = Hex.Decode("345e8d05c075c3a508df729a1685690e68fcfb8c8117847e89063bca1f85d968fd281540b6e13bd1af989a1fbf17e06462bf511f9d0b140fb48ac1b1baa5bded"); + + private static readonly SecureRandom random = FixedSecureRandom.From(k1, k2); + + // TODO How shall we satisfy this compatibility test? +// [Test] +// public void TestCompat() +// { +// if (Security.getProvider("SUN") == null) +// return; +// ISigner s = SignerUtilities.GetSigner("DSA", "SUN"); +// KeyPairGenerator g = KeyPairGenerator.GetInstance("DSA", "SUN"); +// byte[] data = { 1, 2, 3, 4, 5, 6, 7, 8, 9, 0 }; +// +// g.initialize(512, new SecureRandom()); +// +// KeyPair p = g.generateKeyPair(); +// +// PrivateKey sKey = p.Private; +// PublicKey vKey = p.Public; +// +// // +// // sign SUN - verify with BC +// // +// s.Init(true, sKey); +// +// s.update(data); +// +// byte[] sigBytes = s.GenerateSignature(); +// +// s = SignerUtilities.GetSigner("DSA"); +// +// s.Init(false, vKey); +// +// s.update(data); +// +// if (!s.VerifySignature(sigBytes)) +// { +// Fail("SUN -> BC verification failed"); +// } +// +// // +// // sign BC - verify with SUN +// // +// +// s.Init(true, sKey); +// +// s.update(data); +// +// sigBytes = s.GenerateSignature(); +// +// s = SignerUtilities.GetSigner("DSA", "SUN"); +// +// s.Init(false, vKey); +// +// s.update(data); +// +// if (!s.VerifySignature(sigBytes)) +// { +// Fail("BC -> SUN verification failed"); +// } +// +// // +// // key encoding test - BC decoding Sun keys +// // +// KeyFactory f = KeyFactory.GetInstance("DSA"); +// X509EncodedKeySpec x509s = new X509EncodedKeySpec(vKey.GetEncoded()); +// DSAPublicKey k1 = (DSAPublicKey)f.generatePublic(x509s); +// +// if (!k1.Y.Equals(((DSAPublicKey)vKey).Y)) +// { +// Fail("public number not decoded properly"); +// } +// +// if (!k1.Parameters.G.Equals(((DSAPublicKey)vKey).Parameters.G)) +// { +// Fail("public generator not decoded properly"); +// } +// +// if (!k1.Parameters.P.Equals(((DSAPublicKey)vKey).Parameters.P)) +// { +// Fail("public p value not decoded properly"); +// } +// +// if (!k1.Parameters.Q.Equals(((DSAPublicKey)vKey).Parameters.Q)) +// { +// Fail("public q value not decoded properly"); +// } +// +// PKCS8EncodedKeySpec pkcs8 = new PKCS8EncodedKeySpec(sKey.GetEncoded()); +// DSAPrivateKey k2 = (DSAPrivateKey)f.generatePrivate(pkcs8); +// +// if (!k2.X.Equals(((DSAPrivateKey)sKey).X)) +// { +// Fail("private number not decoded properly"); +// } +// +// if (!k2.Parameters.G.Equals(((DSAPrivateKey)sKey).Parameters.G)) +// { +// Fail("private generator not decoded properly"); +// } +// +// if (!k2.Parameters.P.Equals(((DSAPrivateKey)sKey).Parameters.P)) +// { +// Fail("private p value not decoded properly"); +// } +// +// if (!k2.Parameters.Q.Equals(((DSAPrivateKey)sKey).Parameters.Q)) +// { +// Fail("private q value not decoded properly"); +// } +// +// // +// // key decoding test - SUN decoding BC keys +// // +// f = KeyFactory.GetInstance("DSA", "SUN"); +// x509s = new X509EncodedKeySpec(k1.GetEncoded()); +// +// vKey = (DSAPublicKey)f.generatePublic(x509s); +// +// if (!k1.Y.Equals(((DSAPublicKey)vKey).Y)) +// { +// Fail("public number not decoded properly"); +// } +// +// if (!k1.Parameters.G.Equals(((DSAPublicKey)vKey).Parameters.G)) +// { +// Fail("public generator not decoded properly"); +// } +// +// if (!k1.Parameters.P.Equals(((DSAPublicKey)vKey).Parameters.P)) +// { +// Fail("public p value not decoded properly"); +// } +// +// if (!k1.Parameters.Q.Equals(((DSAPublicKey)vKey).Parameters.Q)) +// { +// Fail("public q value not decoded properly"); +// } +// +// pkcs8 = new PKCS8EncodedKeySpec(k2.GetEncoded()); +// sKey = (DSAPrivateKey)f.generatePrivate(pkcs8); +// +// if (!k2.X.Equals(((DSAPrivateKey)sKey).X)) +// { +// Fail("private number not decoded properly"); +// } +// +// if (!k2.Parameters.G.Equals(((DSAPrivateKey)sKey).Parameters.G)) +// { +// Fail("private generator not decoded properly"); +// } +// +// if (!k2.Parameters.P.Equals(((DSAPrivateKey)sKey).Parameters.P)) +// { +// Fail("private p value not decoded properly"); +// } +// +// if (!k2.Parameters.Q.Equals(((DSAPrivateKey)sKey).Parameters.Q)) +// { +// Fail("private q value not decoded properly"); +// } +// } + + [Test] + public void TestNONEwithDSA() + { + byte[] dummySha1 = Hex.Decode("01020304050607080910111213141516"); + + SecureRandom rand = new SecureRandom(); + + DsaParametersGenerator pGen = new DsaParametersGenerator(); + pGen.Init(512, 80, rand); + + IAsymmetricCipherKeyPairGenerator g = GeneratorUtilities.GetKeyPairGenerator("DSA"); + g.Init(new DsaKeyGenerationParameters(rand, pGen.GenerateParameters())); + + AsymmetricCipherKeyPair kp = g.GenerateKeyPair(); + + ISigner sig = SignerUtilities.GetSigner("NONEwithDSA"); + sig.Init(true, kp.Private); + sig.BlockUpdate(dummySha1, 0, dummySha1.Length); + byte[] sigBytes = sig.GenerateSignature(); + + sig.Init(false, kp.Public); + sig.BlockUpdate(dummySha1, 0, dummySha1.Length); + sig.VerifySignature(sigBytes); + + // reset test + + sig.BlockUpdate(dummySha1, 0, dummySha1.Length); + + if (!sig.VerifySignature(sigBytes)) + { + Fail("NONEwithDSA failed to reset"); + } + + // lightweight test + DsaSigner signer = new DsaSigner(); + Asn1Sequence derSig = Asn1Sequence.GetInstance(Asn1Object.FromByteArray(sigBytes)); + + signer.Init(false, kp.Public); + + if (!signer.VerifySignature(dummySha1, + DerInteger.GetInstance(derSig[0]).Value, DerInteger.GetInstance(derSig[1]).Value)) + { + Fail("NONEwithDSA not really NONE!"); + } + } + + /** + * X9.62 - 1998,
    + * J.3.2, Page 155, ECDSA over the field Fp
    + * an example with 239 bit prime + */ + [Test] + public void TestECDsa239BitPrime() + { + BigInteger r = new BigInteger("308636143175167811492622547300668018854959378758531778147462058306432176"); + BigInteger s = new BigInteger("323813553209797357708078776831250505931891051755007842781978505179448783"); + + byte[] kData = BigIntegers.AsUnsignedByteArray( + new BigInteger("700000017569056646655505781757157107570501575775705779575555657156756655")); + + SecureRandom k = FixedSecureRandom.From(kData); + + X9ECParameters x9 = ECNamedCurveTable.GetByName("prime239v1"); + ECCurve curve = x9.Curve; + ECDomainParameters spec = new ECDomainParameters(curve, x9.G, x9.N, x9.H); + + ECPrivateKeyParameters priKey = new ECPrivateKeyParameters( + "ECDSA", + new BigInteger("876300101507107567501066130761671078357010671067781776716671676178726717"), // d + spec); + + ECPublicKeyParameters pubKey = new ECPublicKeyParameters( + "ECDSA", + curve.DecodePoint(Hex.Decode("025b6dc53bc61a2548ffb0f671472de6c9521a9d2d2534e65abfcbd5fe0c70")), // Q + spec); + + ISigner sgr = SignerUtilities.GetSigner("ECDSA"); + +// KeyFactory f = KeyFactory.GetInstance("ECDSA"); +// PrivateKey sKey = f.generatePrivate(priKey); +// PublicKey vKey = f.generatePublic(pubKey); + AsymmetricKeyParameter sKey = priKey; + AsymmetricKeyParameter vKey = pubKey; + + sgr.Init(true, new ParametersWithRandom(sKey, k)); + + byte[] message = Encoding.ASCII.GetBytes("abc"); + + sgr.BlockUpdate(message, 0, message.Length); + + byte[] sigBytes = sgr.GenerateSignature(); + + sgr.Init(false, vKey); + + sgr.BlockUpdate(message, 0, message.Length); + + if (!sgr.VerifySignature(sigBytes)) + { + Fail("239 Bit EC verification failed"); + } + + BigInteger[] sig = DerDecode(sigBytes); + + if (!r.Equals(sig[0])) + { + Fail("r component wrong." + SimpleTest.NewLine + + " expecting: " + r + SimpleTest.NewLine + + " got : " + sig[0]); + } + + if (!s.Equals(sig[1])) + { + Fail("s component wrong." + SimpleTest.NewLine + + " expecting: " + s + SimpleTest.NewLine + + " got : " + sig[1]); + } + } + + /** + * X9.62 - 1998,
    + * J.2.1, Page 100, ECDSA over the field F2m
    + * an example with 191 bit binary field + */ + [Test] + public void TestECDsa239BitBinary() + { + BigInteger r = new BigInteger("21596333210419611985018340039034612628818151486841789642455876922391552"); + BigInteger s = new BigInteger("197030374000731686738334997654997227052849804072198819102649413465737174"); + + byte[] kData = BigIntegers.AsUnsignedByteArray( + new BigInteger("171278725565216523967285789236956265265265235675811949404040041670216363")); + + SecureRandom k = FixedSecureRandom.From(kData); + + X9ECParameters x9 = ECNamedCurveTable.GetByName("c2tnb239v1"); + ECCurve curve = x9.Curve; + ECDomainParameters parameters = new ECDomainParameters(curve, x9.G, x9.N, x9.H); + + ECPrivateKeyParameters sKey = new ECPrivateKeyParameters( + "ECDSA", + new BigInteger("145642755521911534651321230007534120304391871461646461466464667494947990"), // d + parameters); + + ECPublicKeyParameters vKey = new ECPublicKeyParameters( + "ECDSA", + curve.DecodePoint(Hex.Decode("045894609CCECF9A92533F630DE713A958E96C97CCB8F5ABB5A688A238DEED6DC2D9D0C94EBFB7D526BA6A61764175B99CB6011E2047F9F067293F57F5")), // Q + parameters); + + ISigner sgr = SignerUtilities.GetSigner("ECDSA"); + byte[] message = Encoding.ASCII.GetBytes("abc"); + + sgr.Init(true, new ParametersWithRandom(sKey, k)); + + sgr.BlockUpdate(message, 0, message.Length); + + byte[] sigBytes = sgr.GenerateSignature(); + + sgr.Init(false, vKey); + + sgr.BlockUpdate(message, 0, message.Length); + + if (!sgr.VerifySignature(sigBytes)) + { + Fail("239 Bit EC verification failed"); + } + + BigInteger[] sig = DerDecode(sigBytes); + + if (!r.Equals(sig[0])) + { + Fail("r component wrong." + SimpleTest.NewLine + + " expecting: " + r + SimpleTest.NewLine + + " got : " + sig[0]); + } + + if (!s.Equals(sig[1])) + { + Fail("s component wrong." + SimpleTest.NewLine + + " expecting: " + s + SimpleTest.NewLine + + " got : " + sig[1]); + } + } + + [Test] + public void TestECDsa239BitBinaryRipeMD160() + { + DoTestECDsa239BitBinary("RIPEMD160withECDSA", TeleTrusTObjectIdentifiers.ECSignWithRipeMD160); + } + + [Test] + public void TestECDsa239BitBinarySha1() + { + DoTestECDsa239BitBinary("SHA1withECDSA", TeleTrusTObjectIdentifiers.ECSignWithSha1); + } + + [Test] + public void TestECDsa239BitBinarySha224() + { + DoTestECDsa239BitBinary("SHA224withECDSA", X9ObjectIdentifiers.ECDsaWithSha224); + } + + [Test] + public void TestECDsa239BitBinarySha256() + { + DoTestECDsa239BitBinary("SHA256withECDSA", X9ObjectIdentifiers.ECDsaWithSha256); + } + + [Test] + public void TestECDsa239BitBinarySha384() + { + DoTestECDsa239BitBinary("SHA384withECDSA", X9ObjectIdentifiers.ECDsaWithSha384); + } + + [Test] + public void TestECDsa239BitBinarySha512() + { + DoTestECDsa239BitBinary("SHA512withECDSA", X9ObjectIdentifiers.ECDsaWithSha512); + } + + private void DoTestECDsa239BitBinary( + string algorithm, + DerObjectIdentifier oid) + { + BigInteger r = new BigInteger("21596333210419611985018340039034612628818151486841789642455876922391552"); + BigInteger s = new BigInteger("197030374000731686738334997654997227052849804072198819102649413465737174"); + + byte[] kData = BigIntegers.AsUnsignedByteArray( + new BigInteger("171278725565216523967285789236956265265265235675811949404040041670216363")); + + SecureRandom k = FixedSecureRandom.From(kData); + + X9ECParameters x9 = ECNamedCurveTable.GetByName("c2tnb239v1"); + ECCurve curve = x9.Curve; + ECDomainParameters parameters = new ECDomainParameters(curve, x9.G, x9.N, x9.H); + + ECPrivateKeyParameters sKey = new ECPrivateKeyParameters( + new BigInteger("145642755521911534651321230007534120304391871461646461466464667494947990"), // d + parameters); + + ECPublicKeyParameters vKey = new ECPublicKeyParameters( + curve.DecodePoint(Hex.Decode("045894609CCECF9A92533F630DE713A958E96C97CCB8F5ABB5A688A238DEED6DC2D9D0C94EBFB7D526BA6A61764175B99CB6011E2047F9F067293F57F5")), // Q + parameters); + + ISigner sgr = SignerUtilities.GetSigner(algorithm); + byte[] message = Encoding.ASCII.GetBytes("abc"); + + sgr.Init(true, new ParametersWithRandom(sKey, k)); + + sgr.BlockUpdate(message, 0, message.Length); + + byte[] sigBytes = sgr.GenerateSignature(); + + sgr = SignerUtilities.GetSigner(oid.Id); + + sgr.Init(false, vKey); + + sgr.BlockUpdate(message, 0, message.Length); + + if (!sgr.VerifySignature(sigBytes)) + { + Fail("239 Bit EC RIPEMD160 verification failed"); + } + } + + private void doTestBadStrength( + int strength) + { +// IAsymmetricCipherKeyPairGenerator g = GeneratorUtilities.GetKeyPairGenerator("DSA"); + + // test exception + // + try + { + SecureRandom rand = new SecureRandom(); + + DsaParametersGenerator pGen = new DsaParametersGenerator(); + pGen.Init(strength, 80, rand); + +// g.Init(new DsaKeyGenerationParameters(rand, pGen.GenerateParameters())); + + Fail("illegal parameter " + strength + " check failed."); + } + catch (ArgumentException) + { + // expected + } + } + + [Test] + public void TestGeneration() + { + ISigner s = SignerUtilities.GetSigner("DSA"); + byte[] data = { 1, 2, 3, 4, 5, 6, 7, 8, 9, 0 }; + SecureRandom rand = new SecureRandom(); + + // KeyPairGenerator g = KeyPairGenerator.GetInstance("DSA"); + IAsymmetricCipherKeyPairGenerator g = GeneratorUtilities.GetKeyPairGenerator("DSA"); + + // test exception + // + + doTestBadStrength(513); + doTestBadStrength(510); + doTestBadStrength(1025); + + //g.initialize(512, rand); + { + DsaParametersGenerator pGen = new DsaParametersGenerator(); + pGen.Init(512, 80, rand); + + g.Init(new DsaKeyGenerationParameters(rand, pGen.GenerateParameters())); + } + + AsymmetricCipherKeyPair p = g.GenerateKeyPair(); + + AsymmetricKeyParameter sKey = p.Private; + AsymmetricKeyParameter vKey = p.Public; + + s.Init(true, sKey); + + s.BlockUpdate(data, 0, data.Length); + + byte[] sigBytes = s.GenerateSignature(); + + s = SignerUtilities.GetSigner("DSA"); + + s.Init(false, vKey); + + s.BlockUpdate(data, 0, data.Length); + + if (!s.VerifySignature(sigBytes)) + { + Fail("DSA verification failed"); + } + + + + // + // ECDSA Fp generation test + // + s = SignerUtilities.GetSigner("ECDSA"); + + X9ECParameters x9 = ECNamedCurveTable.GetByName("prime239v1"); + ECCurve curve = x9.Curve; + ECDomainParameters ecSpec = new ECDomainParameters(curve, x9.G, x9.N, x9.H); + + g = GeneratorUtilities.GetKeyPairGenerator("ECDSA"); + g.Init(new ECKeyGenerationParameters(ecSpec, rand)); + + p = g.GenerateKeyPair(); + + sKey = p.Private; + vKey = p.Public; + + s.Init(true, sKey); + + s.BlockUpdate(data, 0, data.Length); + + sigBytes = s.GenerateSignature(); + + s = SignerUtilities.GetSigner("ECDSA"); + + s.Init(false, vKey); + + s.BlockUpdate(data, 0, data.Length); + + if (!s.VerifySignature(sigBytes)) + { + Fail("ECDSA verification failed"); + } + + // + // ECDSA F2m generation test + // + s = SignerUtilities.GetSigner("ECDSA"); + + x9 = ECNamedCurveTable.GetByName("c2tnb239v1"); + curve = x9.Curve; + ecSpec = new ECDomainParameters(curve, x9.G, x9.N, x9.H); + + g = GeneratorUtilities.GetKeyPairGenerator("ECDSA"); + g.Init(new ECKeyGenerationParameters(ecSpec, rand)); + + p = g.GenerateKeyPair(); + + sKey = p.Private; + vKey = p.Public; + + s.Init(true, sKey); + + s.BlockUpdate(data, 0, data.Length); + + sigBytes = s.GenerateSignature(); + + s = SignerUtilities.GetSigner("ECDSA"); + + s.Init(false, vKey); + + s.BlockUpdate(data, 0, data.Length); + + if (!s.VerifySignature(sigBytes)) + { + Fail("ECDSA verification failed"); + } + } + + [Test] + public void TestParameters() + { +// AlgorithmParameterGenerator a = AlgorithmParameterGenerator.GetInstance("DSA"); +// a.init(512, random); + DsaParametersGenerator a = new DsaParametersGenerator(); + a.Init(512, 20, random); + +// AlgorithmParameters parameters = a.generateParameters(); + DsaParameters p = a.GenerateParameters(); + +// byte[] encodeParams = parameters.GetEncoded(); + byte[] encodeParams = new DsaParameter(p.P, p.Q, p.G).GetDerEncoded(); + +// AlgorithmParameters a2 = AlgorithmParameters.GetInstance("DSA"); +// a2.init(encodeParams); + DsaParameter dsaP = DsaParameter.GetInstance(Asn1Object.FromByteArray(encodeParams)); + DsaParameters p2 = new DsaParameters(dsaP.P, dsaP.Q, dsaP.G); + + // a and a2 should be equivalent! +// byte[] encodeParams_2 = a2.GetEncoded(); + byte[] encodeParams_2 = new DsaParameter(p2.P, p2.Q, p2.G).GetDerEncoded(); + + if (!AreEqual(encodeParams, encodeParams_2)) + { + Fail("encode/Decode parameters failed"); + } + +// DSAParameterSpec dsaP = (DSAParameterSpec)parameters.getParameterSpec(typeof(DSAParameterSpec)); + +// KeyPairGenerator g = KeyPairGenerator.GetInstance("DSA"); + IAsymmetricCipherKeyPairGenerator g = GeneratorUtilities.GetKeyPairGenerator("DSA"); +// g.initialize(dsaP, new SecureRandom()); + g.Init(new DsaKeyGenerationParameters(new SecureRandom(), p)); +// KeyPair p = g.generateKeyPair(); + AsymmetricCipherKeyPair pair = g.GenerateKeyPair(); + +// PrivateKey sKey = p.Private; +// PublicKey vKey = p.Public; + AsymmetricKeyParameter sKey = pair.Private; + AsymmetricKeyParameter vKey = pair.Public; + + ISigner s = SignerUtilities.GetSigner("DSA"); + byte[] data = { 1, 2, 3, 4, 5, 6, 7, 8, 9, 0 }; + + s.Init(true, sKey); + + s.BlockUpdate(data, 0, data.Length); + + byte[] sigBytes = s.GenerateSignature(); + + s = SignerUtilities.GetSigner("DSA"); + + s.Init(false, vKey); + + s.BlockUpdate(data, 0, data.Length); + + if (!s.VerifySignature(sigBytes)) + { + Fail("DSA verification failed"); + } + } + + [Test] + public void TestDsa2Parameters() + { + byte[] seed = Hex.Decode("4783081972865EA95D43318AB2EAF9C61A2FC7BBF1B772A09017BDF5A58F4FF0"); + + //AlgorithmParameterGenerator a = AlgorithmParameterGenerator.getInstance("DSA", "BC"); + //a.init(2048, new DSATestSecureRandom(seed)); + DsaParametersGenerator a = new DsaParametersGenerator(new Sha256Digest()); + a.Init(new DsaParameterGenerationParameters(2048, 256, 80, new DsaTestSecureRandom(seed))); + + //AlgorithmParameters parameters = a.generateParameters(); + + //DSAParameterSpec dsaP = (DSAParameterSpec)parameters.getParameterSpec(DSAParameterSpec.class); + DsaParameters dsaP = a.GenerateParameters(); + + if (!dsaP.Q.Equals(new BigInteger("C24ED361870B61E0D367F008F99F8A1F75525889C89DB1B673C45AF5867CB467", 16))) + { + Fail("Q incorrect"); + } + + if (!dsaP.P.Equals(new BigInteger( + "F56C2A7D366E3EBDEAA1891FD2A0D099" + + "436438A673FED4D75F594959CFFEBCA7BE0FC72E4FE67D91" + + "D801CBA0693AC4ED9E411B41D19E2FD1699C4390AD27D94C" + + "69C0B143F1DC88932CFE2310C886412047BD9B1C7A67F8A2" + + "5909132627F51A0C866877E672E555342BDF9355347DBD43" + + "B47156B2C20BAD9D2B071BC2FDCF9757F75C168C5D9FC431" + + "31BE162A0756D1BDEC2CA0EB0E3B018A8B38D3EF2487782A" + + "EB9FBF99D8B30499C55E4F61E5C7DCEE2A2BB55BD7F75FCD" + + "F00E48F2E8356BDB59D86114028F67B8E07B127744778AFF" + + "1CF1399A4D679D92FDE7D941C5C85C5D7BFF91BA69F9489D" + + "531D1EBFA727CFDA651390F8021719FA9F7216CEB177BD75", 16))) + { + Fail("P incorrect"); + } + + if (!dsaP.G.Equals(new BigInteger( + "8DC6CC814CAE4A1C05A3E186A6FE27EA" + + "BA8CDB133FDCE14A963A92E809790CBA096EAA26140550C1" + + "29FA2B98C16E84236AA33BF919CD6F587E048C52666576DB" + + "6E925C6CBE9B9EC5C16020F9A44C9F1C8F7A8E611C1F6EC2" + + "513EA6AA0B8D0F72FED73CA37DF240DB57BBB27431D61869" + + "7B9E771B0B301D5DF05955425061A30DC6D33BB6D2A32BD0" + + "A75A0A71D2184F506372ABF84A56AEEEA8EB693BF29A6403" + + "45FA1298A16E85421B2208D00068A5A42915F82CF0B858C8" + + "FA39D43D704B6927E0B2F916304E86FB6A1B487F07D8139E" + + "428BB096C6D67A76EC0B8D4EF274B8A2CF556D279AD267CC" + + "EF5AF477AFED029F485B5597739F5D0240F67C2D948A6279", 16))) + { + Fail("G incorrect"); + } + + //KeyPairGenerator g = KeyPairGenerator.getInstance("DSA", "BC"); + IAsymmetricCipherKeyPairGenerator g = GeneratorUtilities.GetKeyPairGenerator("DSA"); + //g.initialize(dsaP, FixedSecureRandom.From(Hex.Decode("0CAF2EF547EC49C4F3A6FE6DF4223A174D01F2C115D49A6F73437C29A2A8458C"))); + g.Init(new DsaKeyGenerationParameters(FixedSecureRandom.From(Hex.Decode("0CAF2EF547EC49C4F3A6FE6DF4223A174D01F2C115D49A6F73437C29A2A8458C")), dsaP)); + //KeyPair p = g.generateKeyPair(); + AsymmetricCipherKeyPair p = g.GenerateKeyPair(); + + //DSAPrivateKey sKey = (DSAPrivateKey)p.getPrivate(); + //DSAPublicKey vKey = (DSAPublicKey)p.getPublic(); + DsaPrivateKeyParameters sKey = (DsaPrivateKeyParameters)p.Private; + DsaPublicKeyParameters vKey = (DsaPublicKeyParameters)p.Public; + + if (!vKey.Y.Equals(new BigInteger( + "2828003D7C747199143C370FDD07A286" + + "1524514ACC57F63F80C38C2087C6B795B62DE1C224BF8D1D" + + "1424E60CE3F5AE3F76C754A2464AF292286D873A7A30B7EA" + + "CBBC75AAFDE7191D9157598CDB0B60E0C5AA3F6EBE425500" + + "C611957DBF5ED35490714A42811FDCDEB19AF2AB30BEADFF" + + "2907931CEE7F3B55532CFFAEB371F84F01347630EB227A41" + + "9B1F3F558BC8A509D64A765D8987D493B007C4412C297CAF" + + "41566E26FAEE475137EC781A0DC088A26C8804A98C23140E" + + "7C936281864B99571EE95C416AA38CEEBB41FDBFF1EB1D1D" + + "C97B63CE1355257627C8B0FD840DDB20ED35BE92F08C49AE" + + "A5613957D7E5C7A6D5A5834B4CB069E0831753ECF65BA02B", 16))) + { + Fail("Y value incorrect"); + } + + if (!sKey.X.Equals( + new BigInteger("0CAF2EF547EC49C4F3A6FE6DF4223A174D01F2C115D49A6F73437C29A2A8458C", 16))) + { + Fail("X value incorrect"); + } + + //byte[] encodeParams = parameters.getEncoded(); + byte[] encodeParams = new DsaParameter(dsaP.P, dsaP.Q, dsaP.G).GetDerEncoded(); + + //AlgorithmParameters a2 = AlgorithmParameters.getInstance("DSA", "BC"); + //a2.init(encodeParams); + DsaParameter dsaP2 = DsaParameter.GetInstance(Asn1Object.FromByteArray(encodeParams)); + DsaParameters p2 = new DsaParameters(dsaP.P, dsaP.Q, dsaP.G); + + // a and a2 should be equivalent! + //byte[] encodeParams_2 = a2.GetEncoded(); + byte[] encodeParams_2 = new DsaParameter(p2.P, p2.Q, p2.G).GetDerEncoded(); + + if (!AreEqual(encodeParams, encodeParams_2)) + { + Fail("encode/decode parameters failed"); + } + + ISigner s = SignerUtilities.GetSigner("DSA"); + byte[] data = { 1, 2, 3, 4, 5, 6, 7, 8, 9, 0 }; + + s.Init(true, sKey); + + s.BlockUpdate(data, 0, data.Length); + + byte[] sigBytes = s.GenerateSignature(); + + s = SignerUtilities.GetSigner("DSA"); + + s.Init(false, vKey); + + s.BlockUpdate(data, 0, data.Length); + + if (!s.VerifySignature(sigBytes)) + { + Fail("DSA verification failed"); + } + } + + public override void PerformTest() + { + // TODO +// TestCompat(); + TestNONEwithDSA(); + TestECDsa239BitPrime(); + TestECDsa239BitBinary(); + TestECDsa239BitBinaryRipeMD160(); + TestECDsa239BitBinarySha1(); + TestECDsa239BitBinarySha224(); + TestECDsa239BitBinarySha256(); + TestECDsa239BitBinarySha384(); + TestECDsa239BitBinarySha512(); + + TestGeneration(); + TestParameters(); + TestDsa2Parameters(); + } + + protected BigInteger[] DerDecode( + byte[] encoding) + { + Asn1Sequence s = (Asn1Sequence) Asn1Object.FromByteArray(encoding); + + return new BigInteger[] + { + ((DerInteger)s[0]).Value, + ((DerInteger)s[1]).Value + }; + } + + public override string Name + { + get { return "DSA/ECDSA"; } + } + + public static void Main( + string[] args) + { + RunTest(new DsaTest()); + } + + private class DsaTestSecureRandom + : FixedSecureRandom + { + private bool first = true; + + public DsaTestSecureRandom(byte[] value) + : base(Arrays.Clone(value)) + { + } + + public override void NextBytes(byte[] bytes) + { + if (first) + { + base.NextBytes(bytes); + first = false; + } + else + { + bytes[bytes.Length - 1] = 2; + } + } + } + } +} diff --git a/BouncyCastle/crypto/test/src/test/DigestTest.cs b/BouncyCastle/crypto/test/src/test/DigestTest.cs new file mode 100644 index 0000000..30834ac --- /dev/null +++ b/BouncyCastle/crypto/test/src/test/DigestTest.cs @@ -0,0 +1,233 @@ +using System; +using System.Text; + +using NUnit.Framework; + +using Org.BouncyCastle.Asn1.Misc; +using Org.BouncyCastle.Asn1.Nist; +using Org.BouncyCastle.Asn1.Rosstandart; +using Org.BouncyCastle.Asn1.TeleTrust; +using Org.BouncyCastle.Asn1.UA; +using Org.BouncyCastle.Crypto; +using Org.BouncyCastle.Security; +using Org.BouncyCastle.Utilities.Encoders; +using Org.BouncyCastle.Utilities.Test; + +namespace Org.BouncyCastle.Tests +{ + [TestFixture] + public class DigestTest + : SimpleTest + { + private static string[,] abcVectors = + { + { "MD2", "da853b0d3f88d99b30283a69e6ded6bb" }, + { "MD4", "a448017aaf21d8525fc10ae87aa6729d" }, + { "MD5", "900150983cd24fb0d6963f7d28e17f72" }, + { "SHA1", "a9993e364706816aba3e25717850c26c9cd0d89d" }, + { "SHA-1", "a9993e364706816aba3e25717850c26c9cd0d89d" }, + { "SHA224", "23097d223405d8228642a477bda255b32aadbce4bda0b3f7e36c9da7" }, + { "SHA-224", "23097d223405d8228642a477bda255b32aadbce4bda0b3f7e36c9da7" }, + { "SHA256", "ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad" }, + { "SHA-256", "ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad" }, + { "SHA384", "cb00753f45a35e8bb5a03d699ac65007272c32ab0eded1631a8b605a43ff5bed8086072ba1e7cc2358baeca134c825a7" }, + { "SHA-384", "cb00753f45a35e8bb5a03d699ac65007272c32ab0eded1631a8b605a43ff5bed8086072ba1e7cc2358baeca134c825a7" }, + { "SHA512", "ddaf35a193617abacc417349ae20413112e6fa4e89a97ea20a9eeee64b55d39a2192992a274fc1a836ba3c23a3feebbd454d4423643ce80e2a9ac94fa54ca49f" }, + { "SHA-512", "ddaf35a193617abacc417349ae20413112e6fa4e89a97ea20a9eeee64b55d39a2192992a274fc1a836ba3c23a3feebbd454d4423643ce80e2a9ac94fa54ca49f" }, + { "SHA512/224", "4634270F707B6A54DAAE7530460842E20E37ED265CEEE9A43E8924AA" }, + { "SHA512(224)", "4634270F707B6A54DAAE7530460842E20E37ED265CEEE9A43E8924AA" }, + { "SHA-512/224", "4634270F707B6A54DAAE7530460842E20E37ED265CEEE9A43E8924AA" }, + { "SHA-512(224)", "4634270F707B6A54DAAE7530460842E20E37ED265CEEE9A43E8924AA" }, + { "SHA512/256", "53048E2681941EF99B2E29B76B4C7DABE4C2D0C634FC6D46E0E2F13107E7AF23" }, + { "SHA512(256)", "53048E2681941EF99B2E29B76B4C7DABE4C2D0C634FC6D46E0E2F13107E7AF23" }, + { "SHA-512/256", "53048E2681941EF99B2E29B76B4C7DABE4C2D0C634FC6D46E0E2F13107E7AF23" }, + { "SHA-512(256)", "53048E2681941EF99B2E29B76B4C7DABE4C2D0C634FC6D46E0E2F13107E7AF23" }, + { "RIPEMD128", "c14a12199c66e4ba84636b0f69144c77" }, + { TeleTrusTObjectIdentifiers.RipeMD128.Id, "c14a12199c66e4ba84636b0f69144c77" }, + { "RIPEMD160", "8eb208f7e05d987a9b044a8e98c6b087f15a0bfc" }, + { TeleTrusTObjectIdentifiers.RipeMD160.Id, "8eb208f7e05d987a9b044a8e98c6b087f15a0bfc" }, + { "RIPEMD256", "afbd6e228b9d8cbbcef5ca2d03e6dba10ac0bc7dcbe4680e1e42d2e975459b65" }, + { TeleTrusTObjectIdentifiers.RipeMD256.Id, "afbd6e228b9d8cbbcef5ca2d03e6dba10ac0bc7dcbe4680e1e42d2e975459b65" }, + { "RIPEMD320", "de4c01b3054f8930a79d09ae738e92301e5a17085beffdc1b8d116713e74f82fa942d64cdbc4682d" }, + { "Tiger", "2AAB1484E8C158F2BFB8C5FF41B57A525129131C957B5F93" }, + { "GOST3411", "b285056dbf18d7392d7677369524dd14747459ed8143997e163b2986f92fd42c" }, + { "WHIRLPOOL", "4E2448A4C6F486BB16B6562C73B4020BF3043E3A731BCE721AE1B303D97E6D4C7181EEBDB6C57E277D0E34957114CBD6C797FC9D95D8B582D225292076D4EEF5" }, + { "SM3", "66c7f0f462eeedd9d1f2d46bdc10e4e24167c4875cf2f7a2297da02b8f4ba8e0" }, + { "SHA3-224", "e642824c3f8cf24ad09234ee7d3c766fc9a3a5168d0c94ad73b46fdf" }, + { NistObjectIdentifiers.IdSha3_224.Id, "e642824c3f8cf24ad09234ee7d3c766fc9a3a5168d0c94ad73b46fdf" }, + { "SHA3-256", "3a985da74fe225b2045c172d6bd390bd855f086e3e9d525b46bfe24511431532" }, + { NistObjectIdentifiers.IdSha3_256.Id, "3a985da74fe225b2045c172d6bd390bd855f086e3e9d525b46bfe24511431532" }, + { "SHA3-384", "ec01498288516fc926459f58e2c6ad8df9b473cb0fc08c2596da7cf0e49be4b298d88cea927ac7f539f1edf228376d25" }, + { NistObjectIdentifiers.IdSha3_384.Id, "ec01498288516fc926459f58e2c6ad8df9b473cb0fc08c2596da7cf0e49be4b298d88cea927ac7f539f1edf228376d25" }, + { "SHA3-512", "b751850b1a57168a5693cd924b6b096e08f621827444f70d884f5d0240d2712e10e116e9192af3c91a7ec57647e3934057340b4cf408d5a56592f8274eec53f0" }, + { NistObjectIdentifiers.IdSha3_512.Id, "b751850b1a57168a5693cd924b6b096e08f621827444f70d884f5d0240d2712e10e116e9192af3c91a7ec57647e3934057340b4cf408d5a56592f8274eec53f0" }, + { "SHAKE128", "5881092dd818bf5cf8a3ddb793fbcba74097d5c526a6d35f97b83351940f2cc8" }, + { "SHAKE128-256", "5881092dd818bf5cf8a3ddb793fbcba74097d5c526a6d35f97b83351940f2cc8" }, + { NistObjectIdentifiers.IdShake128.Id, "5881092dd818bf5cf8a3ddb793fbcba74097d5c526a6d35f97b83351940f2cc8" }, + { "SHAKE256", "483366601360a8771c6863080cc4114d8db44530f8f1e1ee4f94ea37e78b5739d5a15bef186a5386c75744c0527e1faa9f8726e462a12a4feb06bd8801e751e4" }, + { "SHAKE256-512", "483366601360a8771c6863080cc4114d8db44530f8f1e1ee4f94ea37e78b5739d5a15bef186a5386c75744c0527e1faa9f8726e462a12a4feb06bd8801e751e4" }, + { NistObjectIdentifiers.IdShake256.Id, "483366601360a8771c6863080cc4114d8db44530f8f1e1ee4f94ea37e78b5739d5a15bef186a5386c75744c0527e1faa9f8726e462a12a4feb06bd8801e751e4" }, + { "KECCAK224", "c30411768506ebe1c2871b1ee2e87d38df342317300a9b97a95ec6a8" }, + { "KECCAK-224", "c30411768506ebe1c2871b1ee2e87d38df342317300a9b97a95ec6a8" }, + { "KECCAK256", "4e03657aea45a94fc7d47ba826c8d667c0d1e6e33a64a036ec44f58fa12d6c45" }, + { "KECCAK-256", "4e03657aea45a94fc7d47ba826c8d667c0d1e6e33a64a036ec44f58fa12d6c45" }, + { "KECCAK288", "20ff13d217d5789fa7fc9e0e9a2ee627363ec28171d0b6c52bbd2f240554dbc94289f4d6" }, + { "KECCAK-288", "20ff13d217d5789fa7fc9e0e9a2ee627363ec28171d0b6c52bbd2f240554dbc94289f4d6" }, + { "KECCAK384", "f7df1165f033337be098e7d288ad6a2f74409d7a60b49c36642218de161b1f99f8c681e4afaf31a34db29fb763e3c28e" }, + { "KECCAK-384", "f7df1165f033337be098e7d288ad6a2f74409d7a60b49c36642218de161b1f99f8c681e4afaf31a34db29fb763e3c28e" }, + { "KECCAK512", "18587dc2ea106b9a1563e32b3312421ca164c7f1f07bc922a9c83d77cea3a1e5d0c69910739025372dc14ac9642629379540c17e2a65b19d77aa511a9d00bb96" }, + { "KECCAK-512", "18587dc2ea106b9a1563e32b3312421ca164c7f1f07bc922a9c83d77cea3a1e5d0c69910739025372dc14ac9642629379540c17e2a65b19d77aa511a9d00bb96" }, + { "BLAKE2B-160", "384264f676f39536840523f284921cdc68b6846b" }, + { "BLAKE2B-256", "bddd813c634239723171ef3fee98579b94964e3bb1cb3e427262c8c068d52319" }, + { "BLAKE2B-384", "6f56a82c8e7ef526dfe182eb5212f7db9df1317e57815dbda46083fc30f54ee6c66ba83be64b302d7cba6ce15bb556f4" }, + { "BLAKE2B-512", "ba80a53f981c4d0d6a2797b69f12f6e94c212f14685ac4b74b12bb6fdbffa2d17d87c5392aab792dc252d5de4533cc9518d38aa8dbf1925ab92386edd4009923" }, + { MiscObjectIdentifiers.id_blake2b160.Id, "384264f676f39536840523f284921cdc68b6846b" }, + { MiscObjectIdentifiers.id_blake2b256.Id, "bddd813c634239723171ef3fee98579b94964e3bb1cb3e427262c8c068d52319" }, + { MiscObjectIdentifiers.id_blake2b384.Id, "6f56a82c8e7ef526dfe182eb5212f7db9df1317e57815dbda46083fc30f54ee6c66ba83be64b302d7cba6ce15bb556f4" }, + { MiscObjectIdentifiers.id_blake2b512.Id, "ba80a53f981c4d0d6a2797b69f12f6e94c212f14685ac4b74b12bb6fdbffa2d17d87c5392aab792dc252d5de4533cc9518d38aa8dbf1925ab92386edd4009923" }, + { "BLAKE2S-128", "aa4938119b1dc7b87cbad0ffd200d0ae" }, + { "BLAKE2S-160", "5ae3b99be29b01834c3b508521ede60438f8de17" }, + { "BLAKE2S-224", "0b033fc226df7abde29f67a05d3dc62cf271ef3dfea4d387407fbd55" }, + { "BLAKE2S-256", "508c5e8c327c14e2e1a72ba34eeb452f37458b209ed63a294d999b4c86675982" }, + { MiscObjectIdentifiers.id_blake2s128.Id, "aa4938119b1dc7b87cbad0ffd200d0ae" }, + { MiscObjectIdentifiers.id_blake2s160.Id, "5ae3b99be29b01834c3b508521ede60438f8de17" }, + { MiscObjectIdentifiers.id_blake2s224.Id, "0b033fc226df7abde29f67a05d3dc62cf271ef3dfea4d387407fbd55" }, + { MiscObjectIdentifiers.id_blake2s256.Id, "508c5e8c327c14e2e1a72ba34eeb452f37458b209ed63a294d999b4c86675982" }, + { "GOST3411-2012-256", "4e2919cf137ed41ec4fb6270c61826cc4fffb660341e0af3688cd0626d23b481" }, + { RosstandartObjectIdentifiers.id_tc26_gost_3411_12_256.Id, "4e2919cf137ed41ec4fb6270c61826cc4fffb660341e0af3688cd0626d23b481" }, + { "GOST3411-2012-512", "28156e28317da7c98f4fe2bed6b542d0dab85bb224445fcedaf75d46e26d7eb8d5997f3e0915dd6b7f0aab08d9c8beb0d8c64bae2ab8b3c8c6bc53b3bf0db728" }, + { RosstandartObjectIdentifiers.id_tc26_gost_3411_12_512.Id, "28156e28317da7c98f4fe2bed6b542d0dab85bb224445fcedaf75d46e26d7eb8d5997f3e0915dd6b7f0aab08d9c8beb0d8c64bae2ab8b3c8c6bc53b3bf0db728" }, + { "DSTU7564-256", "0bd1b36109f1318411a0517315aa46b8839df06622a278676f5487996c9cfc04" }, + { UAObjectIdentifiers.dstu7564digest_256.Id, "0bd1b36109f1318411a0517315aa46b8839df06622a278676f5487996c9cfc04" }, + { "DSTU7564-384", "72945012b0820c3132846ddc90da511f80bb7b70abd0cb1ab8df785d600c187b9d0ac567e8b6f76fde8a0b417a2ebf88" }, + { UAObjectIdentifiers.dstu7564digest_384.Id, "72945012b0820c3132846ddc90da511f80bb7b70abd0cb1ab8df785d600c187b9d0ac567e8b6f76fde8a0b417a2ebf88" }, + { "DSTU7564-512", "9e5be7daf7b68b49d2ecbd04c7a5b3af72945012b0820c3132846ddc90da511f80bb7b70abd0cb1ab8df785d600c187b9d0ac567e8b6f76fde8a0b417a2ebf88" }, + { UAObjectIdentifiers.dstu7564digest_512.Id, "9e5be7daf7b68b49d2ecbd04c7a5b3af72945012b0820c3132846ddc90da511f80bb7b70abd0cb1ab8df785d600c187b9d0ac567e8b6f76fde8a0b417a2ebf88" }, + }; + + public override string Name + { + get { return "Digest"; } + } + + void doTest( + string algorithm) + { + byte[] message = Encoding.ASCII.GetBytes("hello world"); + + IDigest digest = DigestUtilities.GetDigest(algorithm); + digest.BlockUpdate(message, 0, message.Length); + byte[] result = DigestUtilities.DoFinal(digest); + digest.BlockUpdate(message, 0, message.Length); + byte[] result2 = DigestUtilities.DoFinal(digest); + + // test one digest the same message with the same instance + if (!AreEqual(result, result2)) + { + Fail("Result object 1 not equal"); + } + + // test two, single byte updates + for (int i = 0; i < message.Length; i++) + { + digest.Update(message[i]); + } + result2 = DigestUtilities.DoFinal(digest); + + if (!AreEqual(result, result2)) + { + Fail("Result object 2 not equal"); + } + + // test three, two half updates + digest.BlockUpdate(message, 0, message.Length/2); + digest.BlockUpdate(message, message.Length/2, message.Length-message.Length/2); + result2 = DigestUtilities.DoFinal(digest); + + if (!AreEqual(result, result2)) + { + Fail("Result object 3 not equal"); + } + + // TODO Should we support Clone'ing of digests? +// // test four, clone test +// digest.BlockUpdate(message, 0, message.Length/2); +// IDigest d = (IDigest)digest.Clone(); +// digest.BlockUpdate(message, message.Length/2, message.Length-message.Length/2); +//// result2 = digest.digest(); +// result2 = new byte[digest.GetDigestSize()]; +// digest.DoFinal(result2, 0); +// +// if (!AreEqual(result, result2)) +// { +// Fail("Result object 4(a) not equal"); +// } +// +// d.BlockUpdate(message, message.Length/2, message.Length-message.Length/2); +//// result2 = d.digest(); +// result2 = new byte[d.GetDigestSize()]; +// d.DoFinal(result2, 0); +// +// if (!AreEqual(result, result2)) +// { +// Fail("Result object 4(b) not equal"); +// } + + // test five, check reset() method + digest.BlockUpdate(message, 0, message.Length/2); + digest.Reset(); + digest.BlockUpdate(message, 0, message.Length/2); + digest.BlockUpdate(message, message.Length/2, message.Length-message.Length/2); + result2 = DigestUtilities.DoFinal(digest); + + if (!AreEqual(result, result2)) + { + Fail("Result object 5 not equal"); + } + } + + /** + * Test the hash against a standard value for the string "abc" + * + * @param algorithm algorithm to test + * @param hash expected value + * @return the test result. + */ + void doAbcTest( + string algorithm, + string hash) + { + byte[] abc = { (byte)0x61, (byte)0x62, (byte)0x63 }; + byte[] result = DigestUtilities.CalculateDigest(algorithm, abc); + + if (!AreEqual(result, Hex.Decode(hash))) + { + Fail("abc result not equal for " + algorithm); + } + } + + public override void PerformTest() + { + for (int i = 0; i != abcVectors.GetLength(0); i++) + { + doTest(abcVectors[i, 0]); + + doAbcTest(abcVectors[i, 0], abcVectors[i, 1]); + } + } + + public static void Main( + string[] args) + { + RunTest(new DigestTest()); + } + + [Test] + public void TestFunction() + { + string resultText = Perform().ToString(); + + Assert.AreEqual(Name + ": Okay", resultText); + } + } +} diff --git a/BouncyCastle/crypto/test/src/test/ECDSA5Test.cs b/BouncyCastle/crypto/test/src/test/ECDSA5Test.cs new file mode 100644 index 0000000..3bf746e --- /dev/null +++ b/BouncyCastle/crypto/test/src/test/ECDSA5Test.cs @@ -0,0 +1,300 @@ +using System; + +using NUnit.Framework; + +using Org.BouncyCastle.Asn1; +using Org.BouncyCastle.Crypto; +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Math; +using Org.BouncyCastle.Security; +using Org.BouncyCastle.Math.EC; +using Org.BouncyCastle.Utilities.Encoders; +using Org.BouncyCastle.Utilities.Test; + +namespace Org.BouncyCastle.Tests +{ + [TestFixture] + public class ECDsa5Test + : SimpleTest + { +// private static readonly byte[] k1 = Hex.Decode("d5014e4b60ef2ba8b6211b4062ba3224e0427dd3"); +// private static readonly byte[] k2 = Hex.Decode("345e8d05c075c3a508df729a1685690e68fcfb8c8117847e89063bca1f85d968fd281540b6e13bd1af989a1fbf17e06462bf511f9d0b140fb48ac1b1baa5bded"); +// +// private SecureRandom random = FixedSecureRandom.From(k1, k2); + + [Test] + public void DecodeTest() + { +// EllipticCurve curve = new EllipticCurve( +// new ECFieldFp(new BigInteger("6277101735386680763835789423207666416083908700390324961279")), // q +// new BigInteger("fffffffffffffffffffffffffffffffefffffffffffffffc", 16), // a +// new BigInteger("64210519e59c80e70fa7e9ab72243049feb8deecc146b9b1", 16)); // b + ECCurve curve = new FpCurve( + new BigInteger("6277101735386680763835789423207666416083908700390324961279"), // q + new BigInteger("fffffffffffffffffffffffffffffffefffffffffffffffc", 16), // a + new BigInteger("64210519e59c80e70fa7e9ab72243049feb8deecc146b9b1", 16)); // b + +// ECPoint p = ECPointUtil.DecodePoint(curve, Hex.Decode("03188da80eb03090f67cbf20eb43a18800f4ff0afd82ff1012")); + ECPoint p = curve.DecodePoint(Hex.Decode("03188da80eb03090f67cbf20eb43a18800f4ff0afd82ff1012")); + + BigInteger x = p.XCoord.ToBigInteger(); //p.getAffineX(); + + if (!x.Equals(new BigInteger("188da80eb03090f67cbf20eb43a18800f4ff0afd82ff1012", 16))) + { + Fail("x uncompressed incorrectly"); + } + + BigInteger y = p.YCoord.ToBigInteger(); //p.getAffineX(); + if (!y.Equals(new BigInteger("7192b95ffc8da78631011ed6b24cdd573f977a11e794811", 16))) + { + Fail("y uncompressed incorrectly"); + } + } + + /** + * X9.62 - 1998,
    + * J.3.2, Page 155, ECDSA over the field Fp
    + * an example with 239 bit prime + */ + [Test] + public void TestECDsa239BitPrime() + { + BigInteger r = new BigInteger("308636143175167811492622547300668018854959378758531778147462058306432176"); + BigInteger s = new BigInteger("323813553209797357708078776831250505931891051755007842781978505179448783"); + + byte[] kData = new BigInteger("700000017569056646655505781757157107570501575775705779575555657156756655").ToByteArrayUnsigned(); + + SecureRandom k = FixedSecureRandom.From(kData); + +// EllipticCurve curve = new EllipticCurve( +// new ECFieldFp(new BigInteger("883423532389192164791648750360308885314476597252960362792450860609699839")), // q +// new BigInteger("7fffffffffffffffffffffff7fffffffffff8000000000007ffffffffffc", 16), // a +// new BigInteger("6b016c3bdcf18941d0d654921475ca71a9db2fb27d1d37796185c2942c0a", 16)); // b + ECCurve curve = new FpCurve( + new BigInteger("883423532389192164791648750360308885314476597252960362792450860609699839"), // q + new BigInteger("7fffffffffffffffffffffff7fffffffffff8000000000007ffffffffffc", 16), // a + new BigInteger("6b016c3bdcf18941d0d654921475ca71a9db2fb27d1d37796185c2942c0a", 16)); // b + + ECDomainParameters spec = new ECDomainParameters( + curve, +// ECPointUtil.DecodePoint(curve, Hex.Decode("020ffa963cdca8816ccc33b8642bedf905c3d358573d3f27fbbd3b3cb9aaaf")), // G + curve.DecodePoint(Hex.Decode("020ffa963cdca8816ccc33b8642bedf905c3d358573d3f27fbbd3b3cb9aaaf")), // G + new BigInteger("883423532389192164791648750360308884807550341691627752275345424702807307"), // n + BigInteger.One); //1); // h + + ECPrivateKeyParameters sKey = new ECPrivateKeyParameters( + "ECDSA", + new BigInteger("876300101507107567501066130761671078357010671067781776716671676178726717"), // d + spec); + + ECPublicKeyParameters vKey = new ECPublicKeyParameters( + "ECDSA", +// ECPointUtil.DecodePoint(curve, Hex.Decode("025b6dc53bc61a2548ffb0f671472de6c9521a9d2d2534e65abfcbd5fe0c70")), // Q + curve.DecodePoint(Hex.Decode("025b6dc53bc61a2548ffb0f671472de6c9521a9d2d2534e65abfcbd5fe0c70")), // Q + spec); + + ISigner sgr = SignerUtilities.GetSigner("ECDSA"); +// KeyFactory f = KeyFactory.getInstance("ECDSA"); +// AsymmetricKeyParameter sKey = f.generatePrivate(priKey); +// AsymmetricKeyParameter vKey = f.generatePublic(pubKey); + + sgr.Init(true, new ParametersWithRandom(sKey, k)); + + byte[] message = new byte[] { (byte)'a', (byte)'b', (byte)'c' }; + + sgr.BlockUpdate(message, 0, message.Length); + + byte[] sigBytes = sgr.GenerateSignature(); + + sgr.Init(false, vKey); + + sgr.BlockUpdate(message, 0, message.Length); + + if (!sgr.VerifySignature(sigBytes)) + { + Fail("239 Bit EC verification failed"); + } + + BigInteger[] sig = derDecode(sigBytes); + + if (!r.Equals(sig[0])) + { + Fail("r component wrong." + SimpleTest.NewLine + + " expecting: " + r + SimpleTest.NewLine + + " got : " + sig[0]); + } + + if (!s.Equals(sig[1])) + { + Fail("s component wrong." + SimpleTest.NewLine + + " expecting: " + s + SimpleTest.NewLine + + " got : " + sig[1]); + } + } + + /** + * X9.62 - 1998,
    + * J.2.1, Page 100, ECDSA over the field F2m
    + * an example with 191 bit binary field + */ + [Test] + public void TestECDsa239BitBinary() + { + BigInteger r = new BigInteger("21596333210419611985018340039034612628818151486841789642455876922391552"); + BigInteger s = new BigInteger("197030374000731686738334997654997227052849804072198819102649413465737174"); + + byte[] kData = new BigInteger("171278725565216523967285789236956265265265235675811949404040041670216363").ToByteArrayUnsigned(); + + SecureRandom k = FixedSecureRandom.From(kData); + +// EllipticCurve curve = new EllipticCurve( +// new ECFieldF2m(239, // m +// new int[] { 36 }), // k +// new BigInteger("32010857077C5431123A46B808906756F543423E8D27877578125778AC76", 16), // a +// new BigInteger("790408F2EEDAF392B012EDEFB3392F30F4327C0CA3F31FC383C422AA8C16", 16)); // b + ECCurve curve = new F2mCurve( + 239, // m + 36, // k + new BigInteger("32010857077C5431123A46B808906756F543423E8D27877578125778AC76", 16), // a + new BigInteger("790408F2EEDAF392B012EDEFB3392F30F4327C0CA3F31FC383C422AA8C16", 16)); // b + + ECDomainParameters parameters = new ECDomainParameters( + curve, +// ECPointUtil.DecodePoint(curve, Hex.Decode("0457927098FA932E7C0A96D3FD5B706EF7E5F5C156E16B7E7C86038552E91D61D8EE5077C33FECF6F1A16B268DE469C3C7744EA9A971649FC7A9616305")), // G + curve.DecodePoint(Hex.Decode("0457927098FA932E7C0A96D3FD5B706EF7E5F5C156E16B7E7C86038552E91D61D8EE5077C33FECF6F1A16B268DE469C3C7744EA9A971649FC7A9616305")), // G + new BigInteger("220855883097298041197912187592864814557886993776713230936715041207411783"), // n + BigInteger.ValueOf(4)); //4); // h + + ECPrivateKeyParameters sKey = new ECPrivateKeyParameters( + "ECDSA", + new BigInteger("145642755521911534651321230007534120304391871461646461466464667494947990"), // d + parameters); + + ECPublicKeyParameters vKey = new ECPublicKeyParameters( + "ECDSA", +// ECPointUtil.DecodePoint(curve, Hex.Decode("045894609CCECF9A92533F630DE713A958E96C97CCB8F5ABB5A688A238DEED6DC2D9D0C94EBFB7D526BA6A61764175B99CB6011E2047F9F067293F57F5")), // Q + curve.DecodePoint(Hex.Decode("045894609CCECF9A92533F630DE713A958E96C97CCB8F5ABB5A688A238DEED6DC2D9D0C94EBFB7D526BA6A61764175B99CB6011E2047F9F067293F57F5")), // Q + parameters); + + ISigner sgr = SignerUtilities.GetSigner("ECDSA"); +// KeyFactory f = KeyFactory.getInstance("ECDSA"); +// AsymmetricKeyParameter sKey = f.generatePrivate(priKeySpec); +// AsymmetricKeyParameter vKey = f.generatePublic(pubKeySpec); + byte[] message = new byte[] { (byte)'a', (byte)'b', (byte)'c' }; + + sgr.Init(true, new ParametersWithRandom(sKey, k)); + + sgr.BlockUpdate(message, 0, message.Length); + + byte[] sigBytes = sgr.GenerateSignature(); + + sgr.Init(false, vKey); + + sgr.BlockUpdate(message, 0, message.Length); + + if (!sgr.VerifySignature(sigBytes)) + { + Fail("239 Bit EC verification failed"); + } + + BigInteger[] sig = derDecode(sigBytes); + + if (!r.Equals(sig[0])) + { + Fail("r component wrong." + SimpleTest.NewLine + + " expecting: " + r + SimpleTest.NewLine + + " got : " + sig[0]); + } + + if (!s.Equals(sig[1])) + { + Fail("s component wrong." + SimpleTest.NewLine + + " expecting: " + s + SimpleTest.NewLine + + " got : " + sig[1]); + } + } + + [Test] + public void TestGeneration() + { + // + // ECDSA generation test + // + byte[] data = { 1, 2, 3, 4, 5, 6, 7, 8, 9, 0 }; + ISigner s = SignerUtilities.GetSigner("ECDSA"); + IAsymmetricCipherKeyPairGenerator g = GeneratorUtilities.GetKeyPairGenerator("ECDSA"); + +// EllipticCurve curve = new EllipticCurve( +// new ECFieldFp(new BigInteger("883423532389192164791648750360308885314476597252960362792450860609699839")), // q +// new BigInteger("7fffffffffffffffffffffff7fffffffffff8000000000007ffffffffffc", 16), // a +// new BigInteger("6b016c3bdcf18941d0d654921475ca71a9db2fb27d1d37796185c2942c0a", 16)); // b + ECCurve curve = new FpCurve( + new BigInteger("883423532389192164791648750360308885314476597252960362792450860609699839"), // q + new BigInteger("7fffffffffffffffffffffff7fffffffffff8000000000007ffffffffffc", 16), // a + new BigInteger("6b016c3bdcf18941d0d654921475ca71a9db2fb27d1d37796185c2942c0a", 16)); // b + + ECDomainParameters ecSpec = new ECDomainParameters( + curve, +// ECPointUtil.DecodePoint(curve, + curve.DecodePoint( + Hex.Decode("020ffa963cdca8816ccc33b8642bedf905c3d358573d3f27fbbd3b3cb9aaaf")), // G + new BigInteger("883423532389192164791648750360308884807550341691627752275345424702807307"), // n + BigInteger.One); //1); // h + + g.Init(new ECKeyGenerationParameters(ecSpec, new SecureRandom())); + + AsymmetricCipherKeyPair p = g.GenerateKeyPair(); + + AsymmetricKeyParameter sKey = p.Private; + AsymmetricKeyParameter vKey = p.Public; + + s.Init(true, sKey); + + s.BlockUpdate(data, 0, data.Length); + + byte[] sigBytes = s.GenerateSignature(); + + s = SignerUtilities.GetSigner("ECDSA"); + + s.Init(false, vKey); + + s.BlockUpdate(data, 0, data.Length); + + if (!s.VerifySignature(sigBytes)) + { + Fail("ECDSA verification failed"); + } + } + + protected BigInteger[] derDecode( + byte[] encoding) + { + Asn1Sequence s = (Asn1Sequence) Asn1Object.FromByteArray(encoding); + + return new BigInteger[] + { + ((DerInteger)s[0]).Value, + ((DerInteger)s[1]).Value + }; + } + + public override string Name + { + get { return "ECDSA5"; } + } + + public override void PerformTest() + { + DecodeTest(); + TestECDsa239BitPrime(); + TestECDsa239BitBinary(); + TestGeneration(); + } + + public static void Main( + string[] args) + { + RunTest(new ECDsa5Test()); + } + } +} diff --git a/BouncyCastle/crypto/test/src/test/ECEncodingTest.cs b/BouncyCastle/crypto/test/src/test/ECEncodingTest.cs new file mode 100644 index 0000000..8d993c1 --- /dev/null +++ b/BouncyCastle/crypto/test/src/test/ECEncodingTest.cs @@ -0,0 +1,242 @@ +using System; +using System.IO; + +using NUnit.Framework; + +using Org.BouncyCastle.Asn1; +using Org.BouncyCastle.Asn1.X509; +using Org.BouncyCastle.Asn1.X9; +using Org.BouncyCastle.Crypto; +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Math; +using Org.BouncyCastle.Math.EC; +using Org.BouncyCastle.Pkcs; +using Org.BouncyCastle.Security; +using Org.BouncyCastle.Utilities.Encoders; +using Org.BouncyCastle.Utilities.Test; +using Org.BouncyCastle.X509; + +namespace Org.BouncyCastle.Tests +{ + [TestFixture] + public class ECEncodingTest + : SimpleTest + { + public override string Name + { + get { return "ECEncodingTest"; } + } + + /** J.4.7 An Example with m = 304 */ + private int m = 304; + + /** f = 010000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000807 */ + private int k1 = 1; + private int k2 = 2; + private int k3 = 11; + private static readonly byte[] hexa = {(byte)0xFD, 0x0D, 0x69, 0x31, 0x49, (byte)0xA1, 0x18, (byte)0xF6, 0x51 + , (byte)0xE6, (byte)0xDC, (byte)0xE6, (byte)0x80, 0x20, (byte)0x85, 0x37, 0x7E, 0x5F, (byte)0x88, 0x2D, 0x1B, 0x51 + , 0x0B, 0x44, 0x16, 0x00, 0x74, (byte)0xC1, 0x28, (byte)0x80, 0x78, 0x36, 0x5A, 0x03 + , (byte)0x96, (byte)0xC8, (byte)0xE6, (byte)0x81}; + private static readonly byte[] hexb = {(byte)0xBD, (byte)0xDB, (byte)0x97, (byte)0xE5, (byte)0x55 + , (byte)0xA5, (byte)0x0A, (byte)0x90, (byte)0x8E, (byte)0x43, (byte)0xB0 + , (byte)0x1C, (byte)0x79, (byte)0x8E, (byte)0xA5, (byte)0xDA, (byte)0xA6 + , (byte)0x78, (byte)0x8F, (byte)0x1E, (byte)0xA2, (byte)0x79 + , (byte)0x4E, (byte)0xFC, (byte)0xF5, (byte)0x71, (byte)0x66, (byte)0xB8 + , (byte)0xC1, (byte)0x40, (byte)0x39, (byte)0x60, (byte)0x1E + , (byte)0x55, (byte)0x82, (byte)0x73, (byte)0x40, (byte)0xBE}; + private static readonly BigInteger a = new BigInteger(1, hexa); + private static readonly BigInteger b = new BigInteger(1, hexb); + + /** Base point G (with point compression) */ + private byte[] enc = {0x02, 0x19, 0x7B, 0x07, (byte)0x84, 0x5E, (byte)0x9B, (byte)0xE2, (byte)0xD9, 0x6A, (byte)0xDB, 0x0F + , 0x5F, 0x3C, 0x7F, 0x2C, (byte)0xFF, (byte)0xBD, 0x7A, 0x3E, (byte)0xB8, (byte)0xB6, (byte)0xFE, + (byte)0xC3, 0x5C, 0x7F, (byte)0xD6, 0x7F, 0x26, (byte)0xDD, (byte)0xF6 + , 0x28, 0x5A, 0x64, 0x4F, 0x74, 0x0A, 0x26, 0x14}; + + private void doTestPointCompression() + { + ECCurve curve = new F2mCurve(m, k1, k2, k3, a, b); + curve.DecodePoint(enc); + + int[] ks = new int[3]; + ks[0] = k3; + ks[1] = k2; + ks[2] = k1; + } + + public override void PerformTest() + { + byte[] ecParams = Hex.Decode("3081C8020101302806072A8648CE3D0101021D00D7C134AA264366862A18302575D1D787B09F075797DA89F57EC8C0FF303C041C68A5E62CA9CE6C1C299803A6C1530B514E182AD8B0042A59CAD29F43041C2580F63CCFE44138870713B1A92369E33E2135D266DBB372386C400B0439040D9029AD2C7E5CF4340823B2A87DC68C9E4CE3174C1E6EFDEE12C07D58AA56F772C0726F24C6B89E4ECDAC24354B9E99CAA3F6D3761402CD021D00D7C134AA264366862A18302575D0FB98D116BC4B6DDEBCA3A5A7939F020101"); + doTestParams(ecParams, true); + + doTestParams(ecParams, false); + + ecParams = Hex.Decode("3081C8020101302806072A8648CE3D0101021D00D7C134AA264366862A18302575D1D787B09F075797DA89F57EC8C0FF303C041C56E6C7E4F11A7B4B961A4DCB5BD282EB22E42E9BCBE3E7B361F18012041C4BE3E7B361F18012F2353D22975E02D8D05D2C6F3342DD8F57D4C76F0439048D127A0C27E0DE207ED3B7FB98F83C8BD5A2A57C827F4B97874DEB2C1BAEB0C006958CE61BB1FC81F5389E288CB3E86E2ED91FB47B08FCCA021D00D7C134AA264366862A18302575D11A5F7AABFBA3D897FF5CA727AF53020101"); + doTestParams(ecParams, true); + + doTestParams(ecParams, false); + + ecParams = Hex.Decode("30820142020101303c06072a8648ce3d0101023100fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffeffffffff0000000000000000ffffffff3066043100fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffeffffffff0000000000000000fffffffc043100b3312fa7e23ee7e4988e056be3f82d19181d9c6efe8141120314088f5013875ac656398d8a2ed19d2a85c8edd3ec2aef046104aa87ca22be8b05378eb1c71ef320ad746e1d3b628ba79b9859f741e082542a385502f25dbf55296c3a545e3872760ab73617de4a96262c6f5d9e98bf9292dc29f8f41dbd289a147ce9da3113b5f0b8c00a60b1ce1d7e819d7a431d7c90ea0e5f023100ffffffffffffffffffffffffffffffffffffffffffffffffc7634d81f4372ddf581a0db248b0a77aecec196accc52973020101"); + doTestParams(ecParams, true); + + doTestParams(ecParams, false); + + doTestPointCompression(); + } + + private void doTestParams( + byte[] ecParameterEncoded, + bool compress) + { +// string keyStorePass = "myPass"; + Asn1Sequence seq = (Asn1Sequence) Asn1Object.FromByteArray(ecParameterEncoded); + X9ECParameters x9 = new X9ECParameters(seq); + AsymmetricCipherKeyPair kp = null; + bool success = false; + while (!success) + { + IAsymmetricCipherKeyPairGenerator kpg = GeneratorUtilities.GetKeyPairGenerator("ECDSA"); +// kpg.Init(new ECParameterSpec(x9.Curve, x9.G, x9.N, x9.H, x9.GetSeed())); + ECDomainParameters ecParams = new ECDomainParameters( + x9.Curve, x9.G, x9.N, x9.H, x9.GetSeed()); + kpg.Init(new ECKeyGenerationParameters(ecParams, new SecureRandom())); + kp = kpg.GenerateKeyPair(); + // The very old Problem... we need a certificate chain to + // save a private key... + ECPublicKeyParameters pubKey = (ECPublicKeyParameters) kp.Public; + + if (!compress) + { + //pubKey.setPointFormat("UNCOMPRESSED"); + pubKey = SetPublicUncompressed(pubKey); + } + + byte[] x = pubKey.Q.AffineXCoord.ToBigInteger().ToByteArrayUnsigned(); + byte[] y = pubKey.Q.AffineYCoord.ToBigInteger().ToByteArrayUnsigned(); + if (x.Length == y.Length) + { + success = true; + } + } + + // The very old Problem... we need a certificate chain to + // save a private key... + + X509CertificateEntry[] chain = new X509CertificateEntry[] { + new X509CertificateEntry(GenerateSelfSignedSoftECCert(kp, compress)) + }; + +// KeyStore keyStore = KeyStore.getInstance("BKS"); +// keyStore.load(null, keyStorePass.ToCharArray()); + Pkcs12Store keyStore = new Pkcs12StoreBuilder().Build(); + + keyStore.SetCertificateEntry("ECCert", chain[0]); + + ECPrivateKeyParameters privateECKey = (ECPrivateKeyParameters) kp.Private; + keyStore.SetKeyEntry("ECPrivKey", new AsymmetricKeyEntry(privateECKey), chain); + + // Test ec sign / verify + ECPublicKeyParameters pub = (ECPublicKeyParameters) kp.Public; +// string oldPrivateKey = new string(Hex.encode(privateECKey.getEncoded())); + byte[] oldPrivateKeyBytes = PrivateKeyInfoFactory.CreatePrivateKeyInfo(privateECKey).GetDerEncoded(); + string oldPrivateKey = Hex.ToHexString(oldPrivateKeyBytes); +// string oldPublicKey = new string(Hex.encode(pub.getEncoded())); + byte[] oldPublicKeyBytes = SubjectPublicKeyInfoFactory.CreateSubjectPublicKeyInfo(pub).GetDerEncoded(); + string oldPublicKey = Hex.ToHexString(oldPublicKeyBytes); + ECPrivateKeyParameters newKey = (ECPrivateKeyParameters) + keyStore.GetKey("ECPrivKey").Key; + ECPublicKeyParameters newPubKey = (ECPublicKeyParameters) + keyStore.GetCertificate("ECCert").Certificate.GetPublicKey(); + + if (!compress) + { + // TODO Private key compression? + //newKey.setPointFormat("UNCOMPRESSED"); + //newPubKey.setPointFormat("UNCOMPRESSED"); + newPubKey = SetPublicUncompressed(newPubKey); + } + +// string newPrivateKey = new string(Hex.encode(newKey.getEncoded())); + byte[] newPrivateKeyBytes = PrivateKeyInfoFactory.CreatePrivateKeyInfo(newKey).GetDerEncoded(); + string newPrivateKey = Hex.ToHexString(newPrivateKeyBytes); +// string newPublicKey = new string(Hex.encode(newPubKey.getEncoded())); + byte[] newPublicKeyBytes = SubjectPublicKeyInfoFactory.CreateSubjectPublicKeyInfo(newPubKey).GetDerEncoded(); + string newPublicKey = Hex.ToHexString(newPublicKeyBytes); + + if (!oldPrivateKey.Equals(newPrivateKey)) +// if (!privateECKey.Equals(newKey)) + { + Fail("failed private key comparison"); + } + + if (!oldPublicKey.Equals(newPublicKey)) +// if (!pub.Equals(newPubKey)) + { + Fail("failed public key comparison"); + } + } + + /** + * Create a self signed cert for our software emulation + * + * @param kp + * is the keypair for our certificate + * @return a self signed cert for our software emulation + * @throws InvalidKeyException + * on error + * @throws SignatureException + * on error + */ + private X509Certificate GenerateSelfSignedSoftECCert( + AsymmetricCipherKeyPair kp, + bool compress) + { + X509V3CertificateGenerator certGen = new X509V3CertificateGenerator(); + ECPrivateKeyParameters privECKey = (ECPrivateKeyParameters) kp.Private; + ECPublicKeyParameters pubECKey = (ECPublicKeyParameters) kp.Public; + + if (!compress) + { + // TODO Private key compression? + //privECKey.setPointFormat("UNCOMPRESSED"); + //pubECKey.setPointFormat("UNCOMPRESSED"); + pubECKey = SetPublicUncompressed(pubECKey); + } + + certGen.SetSignatureAlgorithm("ECDSAwithSHA1"); + certGen.SetSerialNumber(BigInteger.One); + certGen.SetIssuerDN(new X509Name("CN=Software emul (EC Cert)")); + certGen.SetNotBefore(DateTime.UtcNow.AddSeconds(-50)); + certGen.SetNotAfter(DateTime.UtcNow.AddSeconds(50000)); + certGen.SetSubjectDN(new X509Name("CN=Software emul (EC Cert)")); + certGen.SetPublicKey(pubECKey); + + return certGen.Generate(privECKey); + } + + private ECPublicKeyParameters SetPublicUncompressed( + ECPublicKeyParameters key) + { + ECPoint p = key.Q.Normalize(); + return new ECPublicKeyParameters( + key.AlgorithmName, + p.Curve.CreatePoint(p.XCoord.ToBigInteger(), p.YCoord.ToBigInteger()), + key.Parameters); + } + + public static void Main( + string[] args) + { + RunTest(new ECEncodingTest()); + } + + [Test] + public void TestFunction() + { + string resultText = Perform().ToString(); + + Assert.AreEqual(Name + ": Okay", resultText); + } + } +} diff --git a/BouncyCastle/crypto/test/src/test/ECNRTest.cs b/BouncyCastle/crypto/test/src/test/ECNRTest.cs new file mode 100644 index 0000000..8a24443 --- /dev/null +++ b/BouncyCastle/crypto/test/src/test/ECNRTest.cs @@ -0,0 +1,204 @@ +using System; + +using NUnit.Framework; + +using Org.BouncyCastle.Asn1; +using Org.BouncyCastle.Asn1.Sec; +using Org.BouncyCastle.Asn1.X9; +using Org.BouncyCastle.Crypto; +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Math; +using Org.BouncyCastle.Math.EC; +using Org.BouncyCastle.Security; +using Org.BouncyCastle.Utilities.Encoders; +using Org.BouncyCastle.Utilities.Test; + +namespace Org.BouncyCastle.Tests +{ + [TestFixture] + public class ECNRTest + : SimpleTest + { + private static readonly byte[] k1 = Hex.Decode("d5014e4b60ef2ba8b6211b4062ba3224e0427dd3"); + private static readonly byte[] k2 = Hex.Decode("345e8d05c075c3a508df729a1685690e68fcfb8c8117847e89063bca1f85d968fd281540b6e13bd1af989a1fbf17e06462bf511f9d0b140fb48ac1b1baa5bded"); + + private readonly SecureRandom random = FixedSecureRandom.From(k1, k2); + + /** + * X9.62 - 1998,
    + * J.3.2, Page 155, ECDSA over the field Fp
    + * an example with 239 bit prime + */ + [Test] + public void TestECNR239bitPrime() + { + BigInteger r = new BigInteger("308636143175167811492623515537541734843573549327605293463169625072911693"); + BigInteger s = new BigInteger("852401710738814635664888632022555967400445256405412579597015412971797143"); + + byte[] kData = new BigInteger("700000017569056646655505781757157107570501575775705779575555657156756655").ToByteArrayUnsigned(); + + SecureRandom k = FixedSecureRandom.From(kData); + + X9ECParameters p = X962NamedCurves.GetByOid(X9ObjectIdentifiers.Prime239v1); + ECDomainParameters spec = new ECDomainParameters(p.Curve, p.G, p.N, p.H); + ECCurve curve = spec.Curve; + + ECPrivateKeyParameters priKey = new ECPrivateKeyParameters( + new BigInteger("876300101507107567501066130761671078357010671067781776716671676178726717"), // d + spec); + + ECPublicKeyParameters pubKey = new ECPublicKeyParameters( + curve.DecodePoint(Hex.Decode("025b6dc53bc61a2548ffb0f671472de6c9521a9d2d2534e65abfcbd5fe0c70")), // Q + spec); + + ISigner sgr = SignerUtilities.GetSigner("SHA1withECNR"); + byte[] message = new byte[] { (byte)'a', (byte)'b', (byte)'c' }; + + checkSignature(239, priKey, pubKey, sgr, k, message, r, s); + } + + // ------------------------------------------------------------------------- + + /** + * X9.62 - 1998,
    + * Page 104-105, ECDSA over the field Fp
    + * an example with 192 bit prime + */ + [Test] + public void TestECNR192bitPrime() + { + BigInteger r = new BigInteger("2474388605162950674935076940284692598330235697454145648371"); + BigInteger s = new BigInteger("2997192822503471356158280167065034437828486078932532073836"); + + byte[] kData = new BigInteger("dcc5d1f1020906df2782360d36b2de7a17ece37d503784af", 16).ToByteArrayUnsigned(); + + SecureRandom k = FixedSecureRandom.From(kData); + + X9ECParameters p = X962NamedCurves.GetByOid(X9ObjectIdentifiers.Prime192v1); + ECDomainParameters spec = new ECDomainParameters(p.Curve, p.G, p.N, p.H); + ECCurve curve = spec.Curve; + + ECPrivateKeyParameters priKey = new ECPrivateKeyParameters( + new BigInteger("651056770906015076056810763456358567190100156695615665659"), // d + spec); + + ECPublicKeyParameters pubKey = new ECPublicKeyParameters( + curve.DecodePoint(Hex.Decode("0262B12D60690CDCF330BABAB6E69763B471F994DD702D16A5")), // Q + spec); + + ISigner sgr = SignerUtilities.GetSigner("SHA1withECNR"); + byte[] message = new byte[] { (byte)'a', (byte)'b', (byte)'c' }; + + checkSignature(192, priKey, pubKey, sgr, k, message, r, s); + } + + // ------------------------------------------------------------------------- + + /** + * SEC 2: Recommended Elliptic Curve Domain Parameters - September 2000,
    + * Page 17-19, Recommended 521-bit Elliptic Curve Domain Parameters over Fp
    + * an ECC example with a 521 bit prime and a 512 bit hash + */ + [Test] + public void TestECNR521bitPrime() + { + BigInteger r = new BigInteger("1820641608112320695747745915744708800944302281118541146383656165330049339564439316345159057453301092391897040509935100825960342573871340486684575368150970954"); + BigInteger s = new BigInteger("6358277176448326821136601602749690343031826490505780896013143436153111780706227024847359990383467115737705919410755190867632280059161174165591324242446800763"); + + byte[] kData = new BigInteger("cdef1234567890abcdef1234567890abcdef1234567890abcdef1234567890abcdef1234567890abcdef1234567890abcdef1234567890abcdef1234567890abcdef", 16).ToByteArrayUnsigned(); + + SecureRandom k = FixedSecureRandom.From(kData); + + X9ECParameters p = SecNamedCurves.GetByOid(SecObjectIdentifiers.SecP521r1); + ECDomainParameters spec = new ECDomainParameters(p.Curve, p.G, p.N, p.H); + ECCurve curve = spec.Curve; + + ECPrivateKeyParameters priKey = new ECPrivateKeyParameters( + new BigInteger("5769183828869504557786041598510887460263120754767955773309066354712783118202294874205844512909370791582896372147797293913785865682804434049019366394746072023"), // d + spec); + + ECPublicKeyParameters pubKey = new ECPublicKeyParameters( + curve.DecodePoint(Hex.Decode("02006BFDD2C9278B63C92D6624F151C9D7A822CC75BD983B17D25D74C26740380022D3D8FAF304781E416175EADF4ED6E2B47142D2454A7AC7801DD803CF44A4D1F0AC")), // Q + spec); + + ISigner sgr = SignerUtilities.GetSigner("SHA512withECNR"); + byte[] message = new byte[] { (byte)'a', (byte)'b', (byte)'c' }; + + checkSignature(521, priKey, pubKey, sgr, k, message, r, s); + } + + private void checkSignature( + int size, + ECPrivateKeyParameters sKey, + ECPublicKeyParameters vKey, + ISigner sgr, + SecureRandom k, + byte[] message, + BigInteger r, + BigInteger s) + { + sgr.Init(true, new ParametersWithRandom(sKey, k)); + + sgr.BlockUpdate(message, 0, message.Length); + + byte[] sigBytes = sgr.GenerateSignature(); + + sgr.Init(false, vKey); + + sgr.BlockUpdate(message, 0, message.Length); + + if (!sgr.VerifySignature(sigBytes)) + { + Fail(size + " bit EC verification failed"); + } + + BigInteger[] sig = derDecode(sigBytes); + + if (!r.Equals(sig[0])) + { + Fail(size + "bit" + + ": r component wrong." + SimpleTest.NewLine + + " expecting: " + r + SimpleTest.NewLine + + " got : " + sig[0]); + } + + if (!s.Equals(sig[1])) + { + Fail(size + "bit" + + ": s component wrong." + SimpleTest.NewLine + + " expecting: " + s + SimpleTest.NewLine + + " got : " + sig[1]); + } + } + + protected BigInteger[] derDecode( + byte[] encoding) + { + Asn1Sequence s = (Asn1Sequence) Asn1Object.FromByteArray(encoding); + + return new BigInteger[] + { + ((DerInteger)s[0]).Value, + ((DerInteger)s[1]).Value + }; + } + + public override string Name + { + get { return "ECNR"; } + } + + public override void PerformTest() + { + TestECNR192bitPrime(); + TestECNR239bitPrime(); + TestECNR521bitPrime(); + } + + public static void Main( + string[] args) + { + RunTest(new ECNRTest()); + } + } +} diff --git a/BouncyCastle/crypto/test/src/test/ElGamalTest.cs b/BouncyCastle/crypto/test/src/test/ElGamalTest.cs new file mode 100644 index 0000000..9a87ea9 --- /dev/null +++ b/BouncyCastle/crypto/test/src/test/ElGamalTest.cs @@ -0,0 +1,334 @@ +using System; +using System.IO; +using System.Text; + +using NUnit.Framework; + +using Org.BouncyCastle.Asn1; +using Org.BouncyCastle.Asn1.Oiw; +using Org.BouncyCastle.Crypto; +using Org.BouncyCastle.Crypto.Engines; +using Org.BouncyCastle.Crypto.Generators; +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Math; +using Org.BouncyCastle.Pkcs; +using Org.BouncyCastle.Security; +using Org.BouncyCastle.Utilities.Encoders; +using Org.BouncyCastle.Utilities.Test; +using Org.BouncyCastle.X509; + +namespace Org.BouncyCastle.Tests +{ + [TestFixture] + public class ElGamalTest + : SimpleTest + { + private static readonly BigInteger g512 = new BigInteger("153d5d6172adb43045b68ae8e1de1070b6137005686d29d3d73a7749199681ee5b212c9b96bfdcfa5b20cd5e3fd2044895d609cf9b410b7a0f12ca1cb9a428cc", 16); + private static readonly BigInteger p512 = new BigInteger("9494fec095f3b85ee286542b3836fc81a5dd0a0349b4c239dd38744d488cf8e31db8bcb7d33b41abb9e5a33cca9144b1cef332c94bf0573bf047a3aca98cdf3b", 16); + + private static readonly BigInteger g768 = new BigInteger("7c240073c1316c621df461b71ebb0cdcc90a6e5527e5e126633d131f87461c4dc4afc60c2cb0f053b6758871489a69613e2a8b4c8acde23954c08c81cbd36132cfd64d69e4ed9f8e51ed6e516297206672d5c0a69135df0a5dcf010d289a9ca1", 16); + private static readonly BigInteger p768 = new BigInteger("8c9dd223debed1b80103b8b309715be009d48860ed5ae9b9d5d8159508efd802e3ad4501a7f7e1cfec78844489148cd72da24b21eddd01aa624291c48393e277cfc529e37075eccef957f3616f962d15b44aeab4039d01b817fde9eaa12fd73f", 16); + + private static readonly BigInteger g1024 = new BigInteger("1db17639cdf96bc4eabba19454f0b7e5bd4e14862889a725c96eb61048dcd676ceb303d586e30f060dbafd8a571a39c4d823982117da5cc4e0f89c77388b7a08896362429b94a18a327604eb7ff227bffbc83459ade299e57b5f77b50fb045250934938efa145511166e3197373e1b5b1e52de713eb49792bedde722c6717abf", 16); + private static readonly BigInteger p1024 = new BigInteger("a00e283b3c624e5b2b4d9fbc2653b5185d99499b00fd1bf244c6f0bb817b4d1c451b2958d62a0f8a38caef059fb5ecd25d75ed9af403f5b5bdab97a642902f824e3c13789fed95fa106ddfe0ff4a707c85e2eb77d49e68f2808bcea18ce128b178cd287c6bc00efa9a1ad2a673fe0dceace53166f75b81d6709d5f8af7c66bb7", 16); + + public override string Name + { + get { return "ElGamal"; } + } + + [Test] + public void TestGP512() + { + doTestGP(512, 0, g512, p512); + doTestGP(512, 64, g512, p512); + } + + [Test] + public void TestGP768() + { + doTestGP(768, 0, g768, p768); + doTestGP(768, 128, g768, p768); + } + + [Test] + public void TestGP1024() + { + doTestGP(1024, 0, g1024, p1024); + doTestGP(1024, 256, g1024, p1024); + } + + [Test] + public void TestRandom256() + { + doTestRandom(256); + } + + private void doTestGP( + int size, + int privateValueSize, + BigInteger g, + BigInteger p) + { + IAsymmetricCipherKeyPairGenerator keyGen = GeneratorUtilities.GetKeyPairGenerator("ElGamal"); + +// DHParameterSpec elParams = new DHParameterSpec(p, g); +// keyGen.initialize(elParams); + ElGamalParameters elParams = new ElGamalParameters(p, g, privateValueSize); + ElGamalKeyGenerationParameters elKgp = new ElGamalKeyGenerationParameters( + new SecureRandom(), elParams); + keyGen.Init(elKgp); + + AsymmetricCipherKeyPair keyPair = keyGen.GenerateKeyPair(); + SecureRandom rand = new SecureRandom(); + + checkKeySize(privateValueSize, keyPair); + + IBufferedCipher cipher = CipherUtilities.GetCipher("ElGamal"); + + cipher.Init(true, new ParametersWithRandom(keyPair.Public, rand)); + + byte[] inBytes = Encoding.ASCII.GetBytes("This is a test"); + + if (cipher.GetOutputSize(inBytes.Length) != (size / 8) * 2) + { + Fail("getOutputSize wrong on encryption"); + } + + byte[] outBytes = cipher.DoFinal(inBytes); + + cipher.Init(false, keyPair.Private); + + if (cipher.GetOutputSize(outBytes.Length) != (size / 8) - 1) + { + Fail("GetOutputSize wrong on decryption"); + } + + + // + // No Padding - maximum length + // + byte[] modBytes = ((ElGamalPublicKeyParameters)keyPair.Public).Parameters.P.ToByteArray(); + byte[] maxInput = new byte[modBytes.Length - 1]; + + maxInput[0] |= 0x7f; + + cipher.Init(true, new ParametersWithRandom(keyPair.Public, rand)); + + outBytes = cipher.DoFinal(maxInput); + + cipher.Init(false, keyPair.Private); + + outBytes = cipher.DoFinal(outBytes); + + if (!AreEqual(outBytes, maxInput)) + { + Fail("NoPadding test failed on decrypt expected " + + Hex.ToHexString(maxInput) + " got " + + Hex.ToHexString(outBytes)); + } + + + // + // encrypt/decrypt + // + IBufferedCipher c1 = CipherUtilities.GetCipher("ElGamal"); + IBufferedCipher c2 = CipherUtilities.GetCipher("ElGamal"); + + c1.Init(true, new ParametersWithRandom(keyPair.Public, rand)); + + byte[] out1 = c1.DoFinal(inBytes); + + c2.Init(false, keyPair.Private); + + byte[] out2 = c2.DoFinal(out1); + + if (!AreEqual(inBytes, out2)) + { + Fail(size + " encrypt test failed"); + } + + + // + // encrypt/decrypt with update + // + int outLen = c1.ProcessBytes(inBytes, 0, 2, out1, 0); + + outLen += c1.DoFinal(inBytes, 2, inBytes.Length - 2, out1, outLen); + + outLen = c2.ProcessBytes(out1, 0, 2, out2, 0); + + outLen += c2.DoFinal(out1, 2, out1.Length - 2, out2, outLen); + + if (!AreEqual(inBytes, out2)) + { + Fail(size + " encrypt with update test failed"); + } + + + + // + // public key encoding test + // +// byte[] pubEnc = keyPair.Public.GetEncoded(); + byte[] pubEnc = SubjectPublicKeyInfoFactory.CreateSubjectPublicKeyInfo(keyPair.Public).GetDerEncoded(); + +// KeyFactory keyFac = KeyFactory.GetInstance("ElGamal"); +// X509EncodedKeySpec pubX509 = new X509EncodedKeySpec(pubEnc); +// DHPublicKeyParameters pubKey = (DHPublicKeyParameters)keyFac.generatePublic(pubX509); + ElGamalPublicKeyParameters pubKey = (ElGamalPublicKeyParameters) + PublicKeyFactory.CreateKey(pubEnc); + ElGamalParameters spec = pubKey.Parameters; + + if (!spec.G.Equals(elParams.G) || !spec.P.Equals(elParams.P)) + { + Fail(size + " bit public key encoding/decoding test failed on parameters"); + } + + if (!((ElGamalPublicKeyParameters)keyPair.Public).Y.Equals(pubKey.Y)) + { + Fail(size + " bit public key encoding/decoding test failed on y value"); + } + +/* + // + // public key serialisation test + // + // TODO Is there some standard this serialization must conform to? + BinaryFormatter formatter = new BinaryFormatter(); + + MemoryStream bOut = new MemoryStream(); +// ObjectOutputStream oOut = new ObjectOutputStream(bOut); +// oOut.writeObject(keyPair.Public); + formatter.Serialize(bOut, keyPair.Public); + + MemoryStream bIn = new MemoryStream(bOut.ToArray(), false); +// ObjectInputStream oIn = new ObjectInputStream(bIn); +// pubKey = (DHPublicKeyParameters)oIn.readObject(); + pubKey = (ElGamalPublicKeyParameters) formatter.Deserialize(bIn); + spec = pubKey.Parameters; + + if (!spec.G.Equals(elParams.G) || !spec.P.Equals(elParams.P)) + { + Fail(size + " bit public key serialisation test failed on parameters"); + } + + if (!((ElGamalPublicKeyParameters )keyPair.Public).Y.Equals(pubKey.Y)) + { + Fail(size + " bit public key serialisation test failed on y value"); + } +*/ + + // + // private key encoding test + // + // TODO Keys don't support GetEncoded +// byte[] privEnc = keyPair.Private.GetEncoded(); + byte[] privEnc = PrivateKeyInfoFactory.CreatePrivateKeyInfo(keyPair.Private).GetDerEncoded(); + +// PKCS8EncodedKeySpec privPKCS8 = new PKCS8EncodedKeySpec(privEnc); +// DHPrivateKeyParameters privKey = (DHPrivateKeyParameters)keyFac.generatePrivate(privPKCS8); + ElGamalPrivateKeyParameters privKey = (ElGamalPrivateKeyParameters) + PrivateKeyFactory.CreateKey(privEnc); + + spec = privKey.Parameters; + + if (!spec.G.Equals(elParams.G) || !spec.P.Equals(elParams.P)) + { + Fail(size + " bit private key encoding/decoding test failed on parameters"); + } + + if (!((ElGamalPrivateKeyParameters)keyPair.Private).X.Equals(privKey.X)) + { + Fail(size + " bit private key encoding/decoding test failed on y value"); + } + +/* + // + // private key serialisation test + // + bOut = new MemoryStream(); +// oOut = new ObjectOutputStream(bOut); +// oOut.writeObject(keyPair.Private); + formatter.Serialize(bOut, keyPair.Private); + + bIn = new MemoryStream(bOut.ToArray(), false); +// oIn = new ObjectInputStream(bIn); +// privKey = (DHPrivateKeyParameters)oIn.readObject(); + privKey = (ElGamalPrivateKeyParameters) formatter.Deserialize(bIn); + spec = privKey.Parameters; + + if (!spec.G.Equals(elParams.G) || !spec.P.Equals(elParams.P)) + { + Fail(size + " bit private key serialisation test failed on parameters"); + } + + if (!((ElGamalPrivateKeyParameters) keyPair.Private).X.Equals(privKey.X)) + { + Fail(size + " bit private key serialisation test failed on y value"); + } +*/ + } + + private void checkKeySize(int privateValueSize, AsymmetricCipherKeyPair aKeyPair) + { + if (privateValueSize != 0) + { +// DHPrivateKey key = (DHPrivateKey)aKeyPair.getPrivate(); + ElGamalPrivateKeyParameters key = (ElGamalPrivateKeyParameters) aKeyPair.Private; + + if (key.X.BitLength != privateValueSize) + { + Fail("limited key check failed for key size " + privateValueSize); + } + } + } + + private void doTestRandom( + int size) + { +// AlgorithmParameterGenerator a = AlgorithmParameterGenerator.getInstance("ElGamal"); +// a.init(size, new SecureRandom()); + ElGamalParametersGenerator a = new ElGamalParametersGenerator(); + a.Init(size, 20, new SecureRandom()); + +// AlgorithmParameters parameters = a.generateParameters(); + ElGamalParameters p = a.GenerateParameters(); + +// byte[] encodeParams = parameters.GetEncoded(); + byte[] encodeParams = new ElGamalParameter(p.P, p.G).GetDerEncoded(); + +// AlgorithmParameters a2 = AlgorithmParameters.getInstance("ElGamal"); +// a2.init(encodeParams); + ElGamalParameter elP = new ElGamalParameter((Asn1Sequence) Asn1Object.FromByteArray(encodeParams)); + ElGamalParameters p2 = new ElGamalParameters(elP.P, elP.G); + + // a and a2 should be equivalent! +// byte[] encodeParams_2 = a2.GetEncoded(); + byte[] encodeParams_2 = new ElGamalParameter(p2.P, p2.G).GetDerEncoded(); + + if (!AreEqual(encodeParams, encodeParams_2)) + { + Fail(this.Name + ": encode/decode parameters failed"); + } + +// DHParameters elP = (DHParameters)parameters.getParameterSpec(typeof(DHParameters)); + + doTestGP(size, 0, elP.G, elP.P); + } + + public override void PerformTest() + { + TestGP512(); + TestGP768(); + TestGP1024(); + TestRandom256(); + } + + public static void Main( + string[] args) + { + RunTest(new ElGamalTest()); + } + } +} diff --git a/BouncyCastle/crypto/test/src/test/EncryptedPrivateKeyInfoTest.cs b/BouncyCastle/crypto/test/src/test/EncryptedPrivateKeyInfoTest.cs new file mode 100644 index 0000000..baac5ff --- /dev/null +++ b/BouncyCastle/crypto/test/src/test/EncryptedPrivateKeyInfoTest.cs @@ -0,0 +1,154 @@ +using System; + +using NUnit.Framework; + +using Org.BouncyCastle.Asn1; +using Org.BouncyCastle.Asn1.Pkcs; +using Org.BouncyCastle.Crypto; +using Org.BouncyCastle.Pkcs; +using Org.BouncyCastle.Security; +using Org.BouncyCastle.Utilities.Test; + +namespace Org.BouncyCastle.Tests +{ + [TestFixture] + public class EncryptedPrivateKeyInfoTest + : SimpleTest + { + private const string alg = "1.2.840.113549.1.12.1.3"; // 3 key triple DES with SHA-1 + + public override void PerformTest() + { + IAsymmetricCipherKeyPairGenerator fact = GeneratorUtilities.GetKeyPairGenerator("RSA"); + fact.Init(new KeyGenerationParameters(new SecureRandom(), 512)); + + AsymmetricCipherKeyPair keyPair = fact.GenerateKeyPair(); + + AsymmetricKeyParameter priKey = keyPair.Private; + AsymmetricKeyParameter pubKey = keyPair.Public; + + // + // set up the parameters + // + byte[] salt = { 1, 2, 3, 4, 5, 6, 7, 8, 9, 10 }; + int iterationCount = 100; + Asn1Encodable defParams = PbeUtilities.GenerateAlgorithmParameters(alg, salt, iterationCount); + char[] password1 = { 'h', 'e', 'l', 'l', 'o' }; + +// AlgorithmParameters parameters = AlgorithmParameters.getInstance(alg); +// +// parameters.init(defParams); + + // + // set up the key + // +// PBEKeySpec pbeSpec = new PBEKeySpec(password1); +// SecretKeyFactory keyFact = SecretKeyFactory.getInstance(alg); + +// IBufferedCipher cipher = CipherUtilities.GetCipher(alg); + IWrapper wrapper = WrapperUtilities.GetWrapper(alg); + + ICipherParameters parameters = PbeUtilities.GenerateCipherParameters( + alg, password1, defParams); + +// cipher.Init(IBufferedCipher.WRAP_MODE, keyFact.generateSecret(pbeSpec), parameters); + wrapper.Init(true, parameters); + +// byte[] wrappedKey = cipher.Wrap(priKey); + byte[] pkb = PrivateKeyInfoFactory.CreatePrivateKeyInfo(priKey).GetDerEncoded(); + byte[] wrappedKey = wrapper.Wrap(pkb, 0, pkb.Length); + + // + // create encrypted object + // + + // TODO Figure out what this was supposed to do +// EncryptedPrivateKeyInfo pInfo = new EncryptedPrivateKeyInfo(parameters, wrappedKey); + PrivateKeyInfo plain = PrivateKeyInfoFactory.CreatePrivateKeyInfo(priKey); + EncryptedPrivateKeyInfo pInfo = EncryptedPrivateKeyInfoFactory.CreateEncryptedPrivateKeyInfo( + alg, password1, salt, iterationCount, plain); + + + // + // decryption step + // + char[] password2 = { 'h', 'e', 'l', 'l', 'o' }; + +// pbeSpec = new PBEKeySpec(password2); +// +// cipher = CipherUtilities.GetCipher(pInfo.EncryptionAlgorithm); +// +// cipher.Init(false, keyFact.generateSecret(pbeSpec), pInfo.getAlgParameters()); +// +// PKCS8EncodedKeySpec keySpec = pInfo.getKeySpec(cipher); + PrivateKeyInfo decrypted = PrivateKeyInfoFactory.CreatePrivateKeyInfo(password2, pInfo); + +// if (!MessageDigest.isEqual(priKey.GetEncoded(), keySpec.GetEncoded())) + if (!decrypted.Equals(plain)) + { + Fail("Private key does not match"); + } + + // + // using ICipherParameters test + // +// pbeSpec = new PBEKeySpec(password1); +// keyFact = SecretKeyFactory.getInstance(alg); +// cipher = CipherUtilities.GetCipher(alg); + wrapper = WrapperUtilities.GetWrapper(alg); + +// cipher.init(IBufferedCipher.WRAP_MODE, keyFact.generateSecret(pbeSpec), parameters); + wrapper.Init(true, parameters); + +// wrappedKey = cipher.wrap(priKey); + wrappedKey = wrapper.Wrap(pkb, 0, pkb.Length); + + // + // create encrypted object + // + + // TODO Figure out what this was supposed to do +// pInfo = new EncryptedPrivateKeyInfo(cipher.getParameters(), wrappedKey); + plain = PrivateKeyInfoFactory.CreatePrivateKeyInfo(priKey); + pInfo = EncryptedPrivateKeyInfoFactory.CreateEncryptedPrivateKeyInfo( + alg, password1, salt, iterationCount, plain); + + // + // decryption step + // +// pbeSpec = new PBEKeySpec(password2); +// +// cipher = CipherUtilities.GetCipher(pInfo.getAlgName()); +// +// cipher.init(IBufferedCipher.DECRYPT_MODE, keyFact.generateSecret(pbeSpec), pInfo.getAlgParameters()); +// +// keySpec = pInfo.getKeySpec(cipher); + decrypted = PrivateKeyInfoFactory.CreatePrivateKeyInfo(password2, pInfo); + +// if (!MessageDigest.isEqual(priKey.GetEncoded(), keySpec.GetEncoded())) + if (!decrypted.Equals(plain)) + { + Fail("Private key does not match"); + } + } + + public override string Name + { + get { return "EncryptedPrivateKeyInfoTest"; } + } + + public static void Main( + string[] args) + { + RunTest(new EncryptedPrivateKeyInfoTest()); + } + + [Test] + public void TestFunction() + { + string resultText = Perform().ToString(); + + Assert.AreEqual(Name + ": Okay", resultText); + } + } +} diff --git a/BouncyCastle/crypto/test/src/test/FIPSDESTest.cs b/BouncyCastle/crypto/test/src/test/FIPSDESTest.cs new file mode 100644 index 0000000..1f40e15 --- /dev/null +++ b/BouncyCastle/crypto/test/src/test/FIPSDESTest.cs @@ -0,0 +1,205 @@ +using System; +using System.IO; + +using NUnit.Framework; + +using Org.BouncyCastle.Crypto; +using Org.BouncyCastle.Crypto.IO; +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Security; +using Org.BouncyCastle.Utilities; +using Org.BouncyCastle.Utilities.Encoders; +using Org.BouncyCastle.Utilities.Test; + +namespace Org.BouncyCastle.Tests +{ + /// + /// Basic FIPS test class for a block cipher, just to make sure ECB/CBC/OFB/CFB are behaving + /// correctly. Tests from FIPS 81. + /// + [TestFixture] + public class FipsDesTest + : ITest + { + private static readonly string[] fips1Tests = + { + "DES/ECB/NoPadding", + "3fa40e8a984d48156a271787ab8883f9893d51ec4b563b53", + "DES/CBC/NoPadding", + "e5c7cdde872bf27c43e934008c389c0f683788499a7c05f6", + "DES/CFB/NoPadding", + "f3096249c7f46e51a69e839b1a92f78403467133898ea622" + }; + + private static readonly string[] fips2Tests = + { + "DES/CFB8/NoPadding", + "f31fda07011462ee187f", + "DES/OFB8/NoPadding", + "f34a2850c9c64985d684" + }; + + private static readonly byte[] input1 = Hex.Decode("4e6f77206973207468652074696d6520666f7220616c6c20"); + private static readonly byte[] input2 = Hex.Decode("4e6f7720697320746865"); + + public string Name + { + get { return "FIPSDES"; } + } + + public ITestResult doTest( + string algorithm, + byte[] input, + byte[] output) + { + KeyParameter key; + IBufferedCipher inCipher, outCipher; + CipherStream cIn, cOut; + MemoryStream bIn, bOut; + +// IvParameterSpec spec = new IvParameterSpec(); + byte[] spec = Hex.Decode("1234567890abcdef"); + + try + { + key = new DesParameters(Hex.Decode("0123456789abcdef")); + + inCipher = CipherUtilities.GetCipher(algorithm); + outCipher = CipherUtilities.GetCipher(algorithm); + + if (algorithm.StartsWith("DES/ECB")) + { + outCipher.Init(true, key); + } + else + { + outCipher.Init(true, new ParametersWithIV(key, spec)); + } + } + catch (Exception e) + { + return new SimpleTestResult(false, Name + ": " + algorithm + " failed initialisation - " + e.ToString(), e); + } + + try + { + if (algorithm.StartsWith("DES/ECB")) + { + inCipher.Init(false, key); + } + else + { + inCipher.Init(false, new ParametersWithIV(key, spec)); + } + } + catch (Exception e) + { + return new SimpleTestResult(false, Name + ": " + algorithm + " failed initialisation - " + e.ToString(), e); + } + + // + // encryption pass + // + bOut = new MemoryStream(); + cOut = new CipherStream(bOut, null, outCipher); + + try + { + for (int i = 0; i != input.Length / 2; i++) + { + cOut.WriteByte(input[i]); + } + cOut.Write(input, input.Length / 2, input.Length - input.Length / 2); + cOut.Close(); + } + catch (IOException e) + { + return new SimpleTestResult(false, Name + ": " + algorithm + " failed encryption - " + e.ToString()); + } + + byte[] bytes = bOut.ToArray(); + + if (!Arrays.AreEqual(bytes, output)) + { + return new SimpleTestResult(false, Name + ": " + algorithm + " failed encryption - expected " + + Hex.ToHexString(output) + " got " + Hex.ToHexString(bytes)); + } + + // + // decryption pass + // + bIn = new MemoryStream(bytes, false); + cIn = new CipherStream(bIn, inCipher, null); + + try + { + BinaryReader dIn = new BinaryReader(cIn); + + bytes = new byte[input.Length]; + + for (int i = 0; i != input.Length / 2; i++) + { + bytes[i] = dIn.ReadByte(); + } + + int remaining = bytes.Length - input.Length / 2; + byte[] extra = dIn.ReadBytes(remaining); + if (extra.Length < remaining) + throw new EndOfStreamException(); + extra.CopyTo(bytes, input.Length / 2); + } + catch (Exception e) + { + return new SimpleTestResult(false, Name + ": " + algorithm + " failed encryption - " + e.ToString()); + } + + if (!Arrays.AreEqual(bytes, input)) + { + return new SimpleTestResult(false, Name + ": " + algorithm + " failed decryption - expected " + + Hex.ToHexString(input) + " got " + Hex.ToHexString(bytes)); + } + + return new SimpleTestResult(true, Name + ": " + algorithm + " Okay"); + } + + public ITestResult Perform() + { + for (int i = 0; i != fips1Tests.Length; i += 2) + { + ITestResult result = doTest(fips1Tests[i], input1, Hex.Decode(fips1Tests[i + 1])); + if (!result.IsSuccessful()) + { + return result; + } + } + + for (int i = 0; i != fips2Tests.Length; i += 2) + { + ITestResult result = doTest(fips2Tests[i], input2, Hex.Decode(fips2Tests[i + 1])); + if (!result.IsSuccessful()) + { + return result; + } + } + + return new SimpleTestResult(true, Name + ": Okay"); + } + + public static void Main( + string[] args) + { + ITest test = new FipsDesTest(); + ITestResult result = test.Perform(); + + Console.WriteLine(result); + } + + [Test] + public void TestFunction() + { + string resultText = Perform().ToString(); + + Assert.AreEqual(Name + ": Okay", resultText); + } + } +} diff --git a/BouncyCastle/crypto/test/src/test/GOST28147Test.cs b/BouncyCastle/crypto/test/src/test/GOST28147Test.cs new file mode 100644 index 0000000..0adfad3 --- /dev/null +++ b/BouncyCastle/crypto/test/src/test/GOST28147Test.cs @@ -0,0 +1,245 @@ +using System; +using System.IO; + +using NUnit.Framework; + +using Org.BouncyCastle.Asn1.CryptoPro; +using Org.BouncyCastle.Crypto; +using Org.BouncyCastle.Crypto.IO; +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Security; +using Org.BouncyCastle.Utilities.Encoders; +using Org.BouncyCastle.Utilities.Test; + +namespace Org.BouncyCastle.Tests +{ + /// Basic test class for the GOST28147 cipher + [TestFixture] + public class Gost28147Test + : SimpleTest + { + private static string[] cipherTests = + { + "256", + "0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef", + "4e6f77206973207468652074696d6520666f7220616c6c20", + "281630d0d5770030068c252d841e84149ccc1912052dbc02", + + "256", + "0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef", + "4e6f77206973207468652074696d65208a920c6ed1a804f5", + "88e543dfc04dc4f764fa7b624741cec07de49b007bf36065" + }; + + public override string Name + { + get { return "GOST28147"; } + } + + private void doTestEcb( + int strength, + byte[] keyBytes, + byte[] input, + byte[] output) + { + IBufferedCipher inCipher, outCipher; + CipherStream cIn, cOut; + MemoryStream bIn, bOut; + + KeyParameter key = ParameterUtilities.CreateKeyParameter("GOST28147", keyBytes); + + inCipher = CipherUtilities.GetCipher("GOST28147/ECB/NoPadding"); + outCipher = CipherUtilities.GetCipher("GOST28147/ECB/NoPadding"); + outCipher.Init(true, key); + inCipher.Init(false, key); + + // + // encryption pass + // + bOut = new MemoryStream(); + cOut = new CipherStream(bOut, null, outCipher); + + for (int i = 0; i != input.Length / 2; i++) + { + cOut.WriteByte(input[i]); + } + cOut.Write(input, input.Length / 2, input.Length - input.Length / 2); + cOut.Close(); + + byte[] bytes = bOut.ToArray(); + + if (!AreEqual(bytes, output)) + { + Fail("GOST28147 failed encryption - expected " + + Hex.ToHexString(output) + " got " + Hex.ToHexString(bytes)); + } + + // + // decryption pass + // + bIn = new MemoryStream(bytes, false); + cIn = new CipherStream(bIn, inCipher, null); + + BinaryReader dIn = new BinaryReader(cIn); + + bytes = new byte[input.Length]; + + for (int i = 0; i != input.Length / 2; i++) + { + bytes[i] = dIn.ReadByte(); + } + + int remaining = bytes.Length - input.Length / 2; + byte[] extra = dIn.ReadBytes(remaining); + if (extra.Length < remaining) + throw new EndOfStreamException(); + extra.CopyTo(bytes, input.Length / 2); + + if (!AreEqual(bytes, input)) + { + Fail("GOST28147 failed decryption - expected " + Hex.ToHexString(input) + " got " + Hex.ToHexString(bytes)); + } + } + + private void doTestCfb( + int strength, + byte[] keyBytes, + byte[] input, + byte[] output) + { + IBufferedCipher inCipher, outCipher; + CipherStream cIn, cOut; + MemoryStream bIn, bOut; + + KeyParameter key = ParameterUtilities.CreateKeyParameter("GOST28147", keyBytes); + + inCipher = CipherUtilities.GetCipher("GOST28147/CFB8/NoPadding"); + outCipher = CipherUtilities.GetCipher("GOST28147/CFB8/NoPadding"); + byte[] iv = {1,2,3,4,5,6,7,8}; + + outCipher.Init(true, new ParametersWithIV(key, iv)); + inCipher.Init(false, new ParametersWithIV(key, iv)); + + // + // encryption pass + // + bOut = new MemoryStream(); + cOut = new CipherStream(bOut, null, outCipher); + + for (int i = 0; i != input.Length / 2; i++) + { + cOut.WriteByte(input[i]); + } + cOut.Write(input, input.Length / 2, input.Length - input.Length / 2); + cOut.Close(); + + byte[] bytes = bOut.ToArray(); + + if (!AreEqual(bytes, output)) + { + Fail("GOST28147 failed encryption - expected " + Hex.ToHexString(output) + " got " + Hex.ToHexString(bytes)); + } + + // + // decryption pass + // + bIn = new MemoryStream(bytes, false); + cIn = new CipherStream(bIn, inCipher, null); + + BinaryReader dIn = new BinaryReader(cIn); + + bytes = new byte[input.Length]; + + for (int i = 0; i != input.Length / 2; i++) + { + bytes[i] = dIn.ReadByte(); + } + + int remaining = bytes.Length - input.Length / 2; + byte[] extra = dIn.ReadBytes(remaining); + if (extra.Length < remaining) + throw new EndOfStreamException(); + extra.CopyTo(bytes, input.Length / 2); + + if (!AreEqual(bytes, input)) + { + Fail("GOST28147 failed decryption - expected " + Hex.ToHexString(input) + " got " + Hex.ToHexString(bytes)); + } + } + + private void doOidTest() + { + string[] oids = { + CryptoProObjectIdentifiers.GostR28147Cbc.Id, + }; + + string[] names = { + "GOST28147/CBC/PKCS7Padding" + }; + + try + { + byte[] data = { 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16 }; +// IvParameterSpec ivSpec = new IvParameterSpec(new byte[8]); + byte[] iv = new byte[8]; + + for (int i = 0; i != oids.Length; i++) + { + IBufferedCipher c1 = CipherUtilities.GetCipher(oids[i]); + IBufferedCipher c2 = CipherUtilities.GetCipher(names[i]); + +// KeyGenerator kg = KeyGenerator.getInstance(oids[i]); +// SecretKey k = kg.generateKey(); + CipherKeyGenerator kg = GeneratorUtilities.GetKeyGenerator(oids[i]); + KeyParameter k = ParameterUtilities.CreateKeyParameter(oids[i], kg.GenerateKey()); + + c1.Init(true, new ParametersWithIV(k, iv)); + c2.Init(false, new ParametersWithIV(k, iv)); + + byte[] result = c2.DoFinal(c1.DoFinal(data)); + + if (!AreEqual(data, result)) + { + Fail("failed OID test"); + } + } + } + catch (Exception ex) + { + Fail("failed exception " + ex.ToString(), ex); + } + } + + public override void PerformTest() + { + for (int i = 0; i != cipherTests.Length; i += 8) + { + doTestEcb(int.Parse(cipherTests[i]), + Hex.Decode(cipherTests[i + 1]), + Hex.Decode(cipherTests[i + 2]), + Hex.Decode(cipherTests[i + 3])); + + doTestCfb(int.Parse(cipherTests[i + 4]), + Hex.Decode(cipherTests[i + 4 + 1]), + Hex.Decode(cipherTests[i + 4 + 2]), + Hex.Decode(cipherTests[i + 4 + 3])); + + doOidTest(); + } + } + + public static void Main( + string[] args) + { + RunTest(new Gost28147Test()); + } + + [Test] + public void TestFunction() + { + string resultText = Perform().ToString(); + + Assert.AreEqual(Name + ": Okay", resultText); + } + } +} \ No newline at end of file diff --git a/BouncyCastle/crypto/test/src/test/GOST3410Test.cs b/BouncyCastle/crypto/test/src/test/GOST3410Test.cs new file mode 100644 index 0000000..03dcf31 --- /dev/null +++ b/BouncyCastle/crypto/test/src/test/GOST3410Test.cs @@ -0,0 +1,384 @@ +using System; +using System.IO; + +using NUnit.Framework; + +using Org.BouncyCastle.Asn1.CryptoPro; +using Org.BouncyCastle.Asn1.X509; +using Org.BouncyCastle.Crypto; +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Math; +using Org.BouncyCastle.Math.EC; +using Org.BouncyCastle.Pkcs; +using Org.BouncyCastle.Security; +using Org.BouncyCastle.Utilities.Test; +using Org.BouncyCastle.X509; + +namespace Org.BouncyCastle.Tests +{ + [TestFixture] + public class Gost3410Test + : SimpleTest + { + private void ecGOST3410Test() + { + BigInteger r = new BigInteger("29700980915817952874371204983938256990422752107994319651632687982059210933395"); + BigInteger s = new BigInteger("46959264877825372965922731380059061821746083849389763294914877353246631700866"); + + byte[] kData = new BigInteger("53854137677348463731403841147996619241504003434302020712960838528893196233395").ToByteArrayUnsigned(); + + SecureRandom k = FixedSecureRandom.From(kData); + + BigInteger mod_p = new BigInteger("57896044618658097711785492504343953926634992332820282019728792003956564821041"); + BigInteger mod_q = new BigInteger("57896044618658097711785492504343953927082934583725450622380973592137631069619"); + + ECCurve curve = new FpCurve( + mod_p, + new BigInteger("7"), // a + new BigInteger("43308876546767276905765904595650931995942111794451039583252968842033849580414"), // b + mod_q, BigInteger.One); + + ECDomainParameters spec = new ECDomainParameters( + curve, + curve.CreatePoint( + new BigInteger("2"), + new BigInteger("4018974056539037503335449422937059775635739389905545080690979365213431566280")), + mod_q, BigInteger.One); + + ECPrivateKeyParameters sKey = new ECPrivateKeyParameters( + "ECGOST3410", + new BigInteger("55441196065363246126355624130324183196576709222340016572108097750006097525544"), // d + spec); + + ECPublicKeyParameters vKey = new ECPublicKeyParameters( + "ECGOST3410", + curve.CreatePoint( + new BigInteger("57520216126176808443631405023338071176630104906313632182896741342206604859403"), + new BigInteger("17614944419213781543809391949654080031942662045363639260709847859438286763994")), + spec); + + ISigner sgr = SignerUtilities.GetSigner("ECGOST3410"); + + sgr.Init(true, new ParametersWithRandom(sKey, k)); + + byte[] message = new byte[] { (byte)'a', (byte)'b', (byte)'c' }; + + sgr.BlockUpdate(message, 0, message.Length); + + byte[] sigBytes = sgr.GenerateSignature(); + + sgr.Init(false, vKey); + + sgr.BlockUpdate(message, 0, message.Length); + + if (!sgr.VerifySignature(sigBytes)) + { + Fail("ECGOST3410 verification failed"); + } + + BigInteger[] sig = decode(sigBytes); + + if (!r.Equals(sig[0])) + { + Fail( + ": r component wrong." + SimpleTest.NewLine + + " expecting: " + r + SimpleTest.NewLine + + " got : " + sig[0]); + } + + if (!s.Equals(sig[1])) + { + Fail( + ": s component wrong." + SimpleTest.NewLine + + " expecting: " + s + SimpleTest.NewLine + + " got : " + sig[1]); + } + } + + private void generationTest() + { + byte[] data = { 1, 2, 3, 4, 5, 6, 7, 8, 9, 0 }; + ISigner s = SignerUtilities.GetSigner("GOST3410"); + + IAsymmetricCipherKeyPairGenerator g = GeneratorUtilities.GetKeyPairGenerator("GOST3410"); + g.Init( + new Gost3410KeyGenerationParameters( + new SecureRandom(), + CryptoProObjectIdentifiers.GostR3410x94CryptoProA)); + + AsymmetricCipherKeyPair p = g.GenerateKeyPair(); + + AsymmetricKeyParameter sKey = p.Private; + AsymmetricKeyParameter vKey = p.Public; + + s.Init(true, sKey); + + s.BlockUpdate(data, 0, data.Length); + + byte[] sigBytes = s.GenerateSignature(); + + s = SignerUtilities.GetSigner("GOST3410"); + + s.Init(false, vKey); + + s.BlockUpdate(data, 0, data.Length); + + if (!s.VerifySignature(sigBytes)) + { + Fail("GOST3410 verification failed"); + } + + // + // default initialisation test + // + s = SignerUtilities.GetSigner("GOST3410"); + g = GeneratorUtilities.GetKeyPairGenerator("GOST3410"); + + // TODO This is supposed to be a 'default initialisation' test, but don't have a factory + // These values are defaults from JCE provider + g.Init( + new Gost3410KeyGenerationParameters( + new SecureRandom(), + CryptoProObjectIdentifiers.GostR3410x94CryptoProA)); + + p = g.GenerateKeyPair(); + + sKey = p.Private; + vKey = p.Public; + + s.Init(true, sKey); + + s.BlockUpdate(data, 0, data.Length); + + sigBytes = s.GenerateSignature(); + + s = SignerUtilities.GetSigner("GOST3410"); + + s.Init(false, vKey); + + s.BlockUpdate(data, 0, data.Length); + + if (!s.VerifySignature(sigBytes)) + { + Fail("GOST3410 verification failed"); + } + + // + // encoded test + // + //KeyFactory f = KeyFactory.getInstance("GOST3410"); + //X509EncodedKeySpec x509s = new X509EncodedKeySpec(vKey.GetEncoded()); + //Gost3410PublicKeyParameters k1 = (Gost3410PublicKeyParameters)f.generatePublic(x509s); + byte[] vKeyEnc = SubjectPublicKeyInfoFactory.CreateSubjectPublicKeyInfo(vKey).GetDerEncoded(); + Gost3410PublicKeyParameters k1 = (Gost3410PublicKeyParameters) + PublicKeyFactory.CreateKey(vKeyEnc); + + if (!k1.Y.Equals(((Gost3410PublicKeyParameters)vKey).Y)) + { + Fail("public number not decoded properly"); + } + + //PKCS8EncodedKeySpec pkcs8 = new PKCS8EncodedKeySpec(sKey.GetEncoded()); + //Gost3410PrivateKeyParameters k2 = (Gost3410PrivateKeyParameters)f.generatePrivate(pkcs8); + byte[] sKeyEnc = PrivateKeyInfoFactory.CreatePrivateKeyInfo(sKey).GetDerEncoded(); + Gost3410PrivateKeyParameters k2 = (Gost3410PrivateKeyParameters) + PrivateKeyFactory.CreateKey(sKeyEnc); + + if (!k2.X.Equals(((Gost3410PrivateKeyParameters)sKey).X)) + { + Fail("private number not decoded properly"); + } + + // + // ECGOST3410 generation test + // + s = SignerUtilities.GetSigner("ECGOST3410"); + g = GeneratorUtilities.GetKeyPairGenerator("ECGOST3410"); + + BigInteger mod_p = new BigInteger("57896044618658097711785492504343953926634992332820282019728792003956564821041"); + BigInteger mod_q = new BigInteger("57896044618658097711785492504343953927082934583725450622380973592137631069619"); + + ECCurve curve = new FpCurve( + mod_p, + new BigInteger("7"), // a + new BigInteger("43308876546767276905765904595650931995942111794451039583252968842033849580414"), // b + mod_q, BigInteger.One); + + ECDomainParameters ecSpec = new ECDomainParameters( + curve, + curve.CreatePoint( + new BigInteger("2"), + new BigInteger("4018974056539037503335449422937059775635739389905545080690979365213431566280")), + mod_q, BigInteger.One); + + g.Init(new ECKeyGenerationParameters(ecSpec, new SecureRandom())); + + p = g.GenerateKeyPair(); + + sKey = p.Private; + vKey = p.Public; + + s.Init(true, sKey); + + s.BlockUpdate(data, 0, data.Length); + + sigBytes = s.GenerateSignature(); + + s = SignerUtilities.GetSigner("ECGOST3410"); + + s.Init(false, vKey); + + s.BlockUpdate(data, 0, data.Length); + + if (!s.VerifySignature(sigBytes)) + { + Fail("ECGOST3410 verification failed"); + } + } + + private void keyStoreTest( + AsymmetricKeyParameter sKey, + AsymmetricKeyParameter vKey) +// throws KeyStoreException, IOException, NoSuchAlgorithmException, CertificateException, NoSuchProviderException, SignatureException, InvalidKeyException, UnrecoverableKeyException + { + // + // keystore test + // +// KeyStore ks = KeyStore.GetInstance("JKS"); +// ks.Load(null, null); + Pkcs12StoreBuilder ksBuilder = new Pkcs12StoreBuilder(); + Pkcs12Store ks = ksBuilder.Build(); + + // + // create the certificate - version 3 + // + X509V3CertificateGenerator certGen = new X509V3CertificateGenerator(); + + certGen.SetSerialNumber(BigInteger.One); + certGen.SetIssuerDN(new X509Name("CN=Test")); + certGen.SetNotBefore(DateTime.UtcNow.AddSeconds(-50)); + certGen.SetNotAfter(DateTime.UtcNow.AddSeconds(50)); + certGen.SetSubjectDN(new X509Name("CN=Test")); + certGen.SetPublicKey(vKey); + certGen.SetSignatureAlgorithm("GOST3411withGOST3410"); + + X509Certificate cert = certGen.Generate(sKey); + X509CertificateEntry certEntry = new X509CertificateEntry(cert); + +// ks.SetKeyEntry("gost", sKey, "gost".ToCharArray(), new X509Certificate[] { cert }); + ks.SetKeyEntry("gost", new AsymmetricKeyEntry(sKey), new X509CertificateEntry[] { certEntry }); + + MemoryStream bOut = new MemoryStream(); + + ks.Save(bOut, "gost".ToCharArray(), new SecureRandom()); + +// ks = KeyStore.getInstance("JKS"); + ks = ksBuilder.Build(); + + ks.Load(new MemoryStream(bOut.ToArray(), false), "gost".ToCharArray()); + +// AsymmetricKeyParameter gKey = (AsymmetricKeyParameter)ks.GetKey("gost", "gost".ToCharArray()); +// AsymmetricKeyEntry gKeyEntry = (AsymmetricKeyEntry) + ks.GetKey("gost"); + } + + private void parametersTest() + { +// AlgorithmParameterGenerator a = AlgorithmParameterGenerator.getInstance("GOST3410"); +// a.init(512, random); +// AlgorithmParameters params = a.generateParameters(); +// +// byte[] encodeParams = params.getEncoded(); +// +// AlgorithmParameters a2 = AlgorithmParameters.getInstance("GOST3410"); +// a2.init(encodeParams); +// +// // a and a2 should be equivalent! +// byte[] encodeParams_2 = a2.getEncoded(); +// +// if (!arrayEquals(encodeParams, encodeParams_2)) +// { +// Fail("encode/decode parameters failed"); +// } + +// GOST3410ParameterSpec gost3410P = new GOST3410ParameterSpec( +// CryptoProObjectIdentifiers.gostR3410_94_CryptoPro_B.getId()); +// g.initialize(gost3410P, new SecureRandom()); + IAsymmetricCipherKeyPairGenerator g = GeneratorUtilities.GetKeyPairGenerator("GOST3410"); + g.Init( + new Gost3410KeyGenerationParameters( + new SecureRandom(), + CryptoProObjectIdentifiers.GostR3410x94CryptoProB)); + + AsymmetricCipherKeyPair p = g.GenerateKeyPair(); + + AsymmetricKeyParameter sKey = p.Private; + AsymmetricKeyParameter vKey = p.Public; + + ISigner s = SignerUtilities.GetSigner("GOST3410"); + byte[] data = { 1, 2, 3, 4, 5, 6, 7, 8, 9, 0 }; + + s.Init(true, sKey); + + s.BlockUpdate(data, 0, data.Length); + + byte[] sigBytes = s.GenerateSignature(); + + s = SignerUtilities.GetSigner("GOST3410"); + + s.Init(false, vKey); + + s.BlockUpdate(data, 0, data.Length); + + if (!s.VerifySignature(sigBytes)) + { + Fail("GOST3410 verification failed"); + } + + keyStoreTest(sKey, vKey); + } + + private BigInteger[] decode( + byte[] encoding) + { + byte[] r = new byte[32]; + byte[] s = new byte[32]; + + Array.Copy(encoding, 0, s, 0, 32); + Array.Copy(encoding, 32, r, 0, 32); + + BigInteger[] sig = new BigInteger[2]; + + sig[0] = new BigInteger(1, r); + sig[1] = new BigInteger(1, s); + + return sig; + } + + public override string Name + { + get { return "GOST3410/ECGOST3410"; } + } + + public override void PerformTest() + { + ecGOST3410Test(); + generationTest(); + parametersTest(); + } + + public static void Main( + string[] args) + { + RunTest(new Gost3410Test()); + } + + [Test] + public void TestFunction() + { + string resultText = Perform().ToString(); + + Assert.AreEqual(Name + ": Okay", resultText); + } + } +} diff --git a/BouncyCastle/crypto/test/src/test/GcmSivTest.cs b/BouncyCastle/crypto/test/src/test/GcmSivTest.cs new file mode 100644 index 0000000..ab86e03 --- /dev/null +++ b/BouncyCastle/crypto/test/src/test/GcmSivTest.cs @@ -0,0 +1,456 @@ +using System; + +using NUnit.Framework; + +using Org.BouncyCastle.Crypto; +using Org.BouncyCastle.Crypto.Modes; +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Utilities; +using Org.BouncyCastle.Utilities.Encoders; +using Org.BouncyCastle.Utilities.Test; + +namespace Org.BouncyCastle.Tests +{ + + /** + * ISO vector test for Whirlpool + * + */ + [TestFixture] +public class GcmSivTest + : SimpleTest +{ + public override string Name + { + get { return "GCM-SIV"; } + } + + public override void PerformTest() + { + new AESGcmSiv128Test1().testTheCipher(this); + new AESGcmSiv128Test2().testTheCipher(this); + new AESGcmSiv128Test3().testTheCipher(this); + new AESGcmSiv256Test1().testTheCipher(this); + new AESGcmSiv256Test2().testTheCipher(this); + new AESGcmSiv256Test3().testTheCipher(this); + new AESGcmSiv256Test4().testTheCipher(this); + } + + /** + * Test the GcmSivCipher against the results. + * @param pCipher the cipher to test. + * @param pKey the key to test + * @param pNonce the nonce + * @param pAEAD the AEAD + * @param pData the data to test + * @param pExpected the expected results + */ + void testSIVCipher(GcmSivBlockCipher pCipher, + string pKey, + string pNonce, + string pAEAD, + string pData, + string pExpected) + { + /* protect against exceptions */ + try + { + /* Access the key and the data */ + KeyParameter myKey = new KeyParameter(Hex.Decode(pKey)); + byte[] myNonce = Hex.Decode(pNonce); + byte[] myAEAD = Hex.Decode(pAEAD); + byte[] myData = Hex.Decode(pData); + + /* Initialise the cipher */ + AeadParameters myParams = new AeadParameters(myKey, 128, myNonce, myAEAD); + pCipher.Init(true, myParams); + + /* Create the output buffers */ + byte[] myOutput = new byte[pCipher.GetOutputSize(myData.Length)]; + byte[] myFinal = new byte[myData.Length]; + + /* Process the data */ + pCipher.ProcessBytes(myData, 0, myData.Length, null, 0); + pCipher.DoFinal(myOutput, 0); + + /* Check the encryption */ + byte[] myExpected = Hex.Decode(pExpected); + IsTrue("Encryption mismatch", Arrays.AreEqual(myExpected, myOutput)); + + /* Repeat processing byte at a time */ + for (int i = 0; i != myData.Length; i++) + { + pCipher.ProcessByte(myData[i], null, 0); + } + pCipher.DoFinal(myOutput, 0); + IsTrue("Encryption mismatch", Arrays.AreEqual(myExpected, myOutput)); + + /* Re-initialise the cipher */ + pCipher.Init(false, myParams); + pCipher.ProcessBytes(myOutput, 0, myOutput.Length, null, 0); + pCipher.DoFinal(myFinal, 0); + IsTrue("Decryption mismatch", Arrays.AreEqual(myData, myFinal)); + } + catch (InvalidCipherTextException e) + { + Fail("Bad Text", e); + } + } + + /** + * AES-GCM-SIV-128 Set 1. + */ + class AESGcmSiv128Test1 + { + private readonly string EMPTY = ""; + private readonly string KEY_1 = "01000000000000000000000000000000"; + private readonly string NONCE_1 = "030000000000000000000000"; + private readonly string DATA_8 = "0100000000000000"; + private readonly string DATA_12 = "010000000000000000000000"; + private readonly string DATA_16 = "01000000000000000000000000000000"; + private readonly string DATA_32 = "01000000000000000000000000000000" + "02000000000000000000000000000000"; + private readonly string DATA_48 = "01000000000000000000000000000000" + "02000000000000000000000000000000" + + "03000000000000000000000000000000"; + private readonly string DATA_64 = "01000000000000000000000000000000" + "02000000000000000000000000000000" + + "03000000000000000000000000000000" + "04000000000000000000000000000000"; + private readonly string EXPECTED_1 = "dc20e2d83f25705bb49e439eca56de25"; + private readonly string EXPECTED_2 = "b5d839330ac7b786578782fff6013b81" + "5b287c22493a364c"; + private readonly string EXPECTED_3 = "7323ea61d05932260047d942a4978db3" + "57391a0bc4fdec8b0d106639"; + private readonly string EXPECTED_4 = "743f7c8077ab25f8624e2e948579cf77" + "303aaf90f6fe21199c6068577437a0c4"; + private readonly string EXPECTED_5 = "84e07e62ba83a6585417245d7ec413a9" + "fe427d6315c09b57ce45f2e3936a9445" + + "1a8e45dcd4578c667cd86847bf6155ff"; + private readonly string EXPECTED_6 = "3fd24ce1f5a67b75bf2351f181a475c7" + "b800a5b4d3dcf70106b1eea82fa1d64d" + + "f42bf7226122fa92e17a40eeaac1201b" + "5e6e311dbf395d35b0fe39c2714388f8"; + private readonly string EXPECTED_7 = "2433668f1058190f6d43e360f4f35cd8" + "e475127cfca7028ea8ab5c20f7ab2af0" + + "2516a2bdcbc08d521be37ff28c152bba" + "36697f25b4cd169c6590d1dd39566d3f" + + "8a263dd317aa88d56bdf3936dba75bb8"; + + /** + * Test cipher. + * @param pTest the test engine + */ + internal void testTheCipher(GcmSivTest pTest) + { + pTest.testSIVCipher(new GcmSivBlockCipher(), KEY_1, NONCE_1, EMPTY, EMPTY, EXPECTED_1); + pTest.testSIVCipher(new GcmSivBlockCipher(), KEY_1, NONCE_1, EMPTY, DATA_8, EXPECTED_2); + pTest.testSIVCipher(new GcmSivBlockCipher(), KEY_1, NONCE_1, EMPTY, DATA_12, EXPECTED_3); + pTest.testSIVCipher(new GcmSivBlockCipher(), KEY_1, NONCE_1, EMPTY, DATA_16, EXPECTED_4); + pTest.testSIVCipher(new GcmSivBlockCipher(), KEY_1, NONCE_1, EMPTY, DATA_32, EXPECTED_5); + pTest.testSIVCipher(new GcmSivBlockCipher(), KEY_1, NONCE_1, EMPTY, DATA_48, EXPECTED_6); + pTest.testSIVCipher(new GcmSivBlockCipher(), KEY_1, NONCE_1, EMPTY, DATA_64, EXPECTED_7); + } + } + + /** + * AES-GCM-SIV-128 Set 2. + */ + class AESGcmSiv128Test2 + { + private readonly string KEY_1 = "01000000000000000000000000000000"; + private readonly string NONCE_1 = "030000000000000000000000"; + private readonly string AEAD_1 = "01"; + private readonly string AEAD_12 = "010000000000000000000000"; + private readonly string AEAD_18 = "01000000000000000000000000000000" + "0200"; + private readonly string AEAD_20 = "01000000000000000000000000000000" + "02000000"; + private readonly string DATA_4 = "02000000"; + private readonly string DATA_8 = "0200000000000000"; + private readonly string DATA_12 = "020000000000000000000000"; + private readonly string DATA_16 = "02000000000000000000000000000000"; + private readonly string DATA_18 = "03000000000000000000000000000000" + "0400"; + private readonly string DATA_20 = "03000000000000000000000000000000" + "04000000"; + private readonly string DATA_32 = "02000000000000000000000000000000" + "03000000000000000000000000000000"; + private readonly string DATA_48 = "02000000000000000000000000000000" + "03000000000000000000000000000000" + + "04000000000000000000000000000000"; + private readonly string DATA_64 = "02000000000000000000000000000000" + "03000000000000000000000000000000" + + "04000000000000000000000000000000" + "05000000000000000000000000000000"; + private readonly string EXPECTED_1 = "1e6daba35669f4273b0a1a2560969cdf" + "790d99759abd1508"; + private readonly string EXPECTED_2 = "296c7889fd99f41917f4462008299c51" + "02745aaa3a0c469fad9e075a"; + private readonly string EXPECTED_3 = "e2b0c5da79a901c1745f700525cb335b" + "8f8936ec039e4e4bb97ebd8c4457441f"; + private readonly string EXPECTED_4 = "620048ef3c1e73e57e02bb8562c416a3" + "19e73e4caac8e96a1ecb2933145a1d71" + + "e6af6a7f87287da059a71684ed3498e1"; + private readonly string EXPECTED_5 = "50c8303ea93925d64090d07bd109dfd9" + "515a5a33431019c17d93465999a8b005" + + "3201d723120a8562b838cdff25bf9d1e" + "6a8cc3865f76897c2e4b245cf31c51f2"; + private readonly string EXPECTED_6 = "2f5c64059db55ee0fb847ed513003746" + "aca4e61c711b5de2e7a77ffd02da42fe" + + "ec601910d3467bb8b36ebbaebce5fba3" + "0d36c95f48a3e7980f0e7ac299332a80" + + "cdc46ae475563de037001ef84ae21744"; + private readonly string EXPECTED_7 = "a8fe3e8707eb1f84fb28f8cb73de8e99" + "e2f48a14"; + private readonly string EXPECTED_8 = "6bb0fecf5ded9b77f902c7d5da236a43" + "91dd029724afc9805e976f451e6d87f6" + + "fe106514"; + private readonly string EXPECTED_9 = "44d0aaf6fb2f1f34add5e8064e83e12a" + "2adabff9b2ef00fb47920cc72a0c0f13" + + "b9fd"; + + /** + * Test cipher. + * @param pTest the test engine + */ + internal void testTheCipher(GcmSivTest pTest) + { + pTest.testSIVCipher(new GcmSivBlockCipher(), KEY_1, NONCE_1, AEAD_1, DATA_8, EXPECTED_1); + pTest.testSIVCipher(new GcmSivBlockCipher(), KEY_1, NONCE_1, AEAD_1, DATA_12, EXPECTED_2); + pTest.testSIVCipher(new GcmSivBlockCipher(), KEY_1, NONCE_1, AEAD_1, DATA_16, EXPECTED_3); + pTest.testSIVCipher(new GcmSivBlockCipher(), KEY_1, NONCE_1, AEAD_1, DATA_32, EXPECTED_4); + pTest.testSIVCipher(new GcmSivBlockCipher(), KEY_1, NONCE_1, AEAD_1, DATA_48, EXPECTED_5); + pTest.testSIVCipher(new GcmSivBlockCipher(), KEY_1, NONCE_1, AEAD_1, DATA_64, EXPECTED_6); + pTest.testSIVCipher(new GcmSivBlockCipher(), KEY_1, NONCE_1, AEAD_12, DATA_4, EXPECTED_7); + pTest.testSIVCipher(new GcmSivBlockCipher(), KEY_1, NONCE_1, AEAD_18, DATA_20, EXPECTED_8); + pTest.testSIVCipher(new GcmSivBlockCipher(), KEY_1, NONCE_1, AEAD_20, DATA_18, EXPECTED_9); + } + } + + /** + * AES-GCM-SIV-128 Set 3. + */ + class AESGcmSiv128Test3 + { + private readonly string EMPTY = ""; + private readonly string KEY_1 = "e66021d5eb8e4f4066d4adb9c33560e4"; + private readonly string KEY_2 = "36864200e0eaf5284d884a0e77d31646"; + private readonly string KEY_3 = "aedb64a6c590bc84d1a5e269e4b47801"; + private readonly string KEY_4 = "d5cc1fd161320b6920ce07787f86743b"; + private readonly string KEY_5 = "b3fed1473c528b8426a582995929a149"; + private readonly string KEY_6 = "2d4ed87da44102952ef94b02b805249b"; + private readonly string KEY_7 = "bde3b2f204d1e9f8b06bc47f9745b3d1"; + private readonly string KEY_8 = "f901cfe8a69615a93fdf7a98cad48179"; + private readonly string NONCE_1 = "f46e44bb3da0015c94f70887"; + private readonly string NONCE_2 = "bae8e37fc83441b16034566b"; + private readonly string NONCE_3 = "afc0577e34699b9e671fdd4f"; + private readonly string NONCE_4 = "275d1ab32f6d1f0434d8848c"; + private readonly string NONCE_5 = "9e9ad8780c8d63d0ab4149c0"; + private readonly string NONCE_6 = "ac80e6f61455bfac8308a2d4"; + private readonly string NONCE_7 = "ae06556fb6aa7890bebc18fe"; + private readonly string NONCE_8 = "6245709fb18853f68d833640"; + private readonly string AEAD_2 = "46bb91c3c5"; + private readonly string AEAD_3 = "fc880c94a95198874296"; + private readonly string AEAD_4 = "046787f3ea22c127aaf195d1894728"; + private readonly string AEAD_5 = "c9882e5386fd9f92ec489c8fde2be2cf" + "97e74e93"; + private readonly string AEAD_6 = "2950a70d5a1db2316fd568378da107b5" + "2b0da55210cc1c1b0a"; + private readonly string AEAD_7 = "1860f762ebfbd08284e421702de0de18" + "baa9c9596291b08466f37de21c7f"; + private readonly string AEAD_8 = "7576f7028ec6eb5ea7e298342a94d4b2" + "02b370ef9768ec6561c4fe6b7e7296fa" + + "859c21"; + private readonly string DATA_2 = "7a806c"; + private readonly string DATA_3 = "bdc66f146545"; + private readonly string DATA_4 = "1177441f195495860f"; + private readonly string DATA_5 = "9f572c614b4745914474e7c7"; + private readonly string DATA_6 = "0d8c8451178082355c9e940fea2f58"; + private readonly string DATA_7 = "6b3db4da3d57aa94842b9803a96e07fb" + "6de7"; + private readonly string DATA_8 = "e42a3c02c25b64869e146d7b233987bd" + "dfc240871d"; + private readonly string EXPECTED_1 = "a4194b79071b01a87d65f706e3949578"; + private readonly string EXPECTED_2 = "af60eb711bd85bc1e4d3e0a462e074ee" + "a428a8"; + private readonly string EXPECTED_3 = "bb93a3e34d3cd6a9c45545cfc11f03ad" + "743dba20f966"; + private readonly string EXPECTED_4 = "4f37281f7ad12949d01d02fd0cd174c8" + "4fc5dae2f60f52fd2b"; + private readonly string EXPECTED_5 = "f54673c5ddf710c745641c8bc1dc2f87" + "1fb7561da1286e655e24b7b0"; + private readonly string EXPECTED_6 = "c9ff545e07b88a015f05b274540aa183" + "b3449b9f39552de99dc214a1190b0b"; + private readonly string EXPECTED_7 = "6298b296e24e8cc35dce0bed484b7f30" + "d5803e377094f04709f64d7b985310a4" + + "db84"; + private readonly string EXPECTED_8 = "391cc328d484a4f46406181bcd62efd9" + "b3ee197d052d15506c84a9edd65e13e9" + + "d24a2a6e70"; + + /** + * Test cipher. + * @param pTest the test engine + */ + internal void testTheCipher(GcmSivTest pTest) + { + pTest.testSIVCipher(new GcmSivBlockCipher(), KEY_1, NONCE_1, EMPTY, EMPTY, EXPECTED_1); + pTest.testSIVCipher(new GcmSivBlockCipher(), KEY_2, NONCE_2, AEAD_2, DATA_2, EXPECTED_2); + pTest.testSIVCipher(new GcmSivBlockCipher(), KEY_3, NONCE_3, AEAD_3, DATA_3, EXPECTED_3); + pTest.testSIVCipher(new GcmSivBlockCipher(), KEY_4, NONCE_4, AEAD_4, DATA_4, EXPECTED_4); + pTest.testSIVCipher(new GcmSivBlockCipher(), KEY_5, NONCE_5, AEAD_5, DATA_5, EXPECTED_5); + pTest.testSIVCipher(new GcmSivBlockCipher(), KEY_6, NONCE_6, AEAD_6, DATA_6, EXPECTED_6); + pTest.testSIVCipher(new GcmSivBlockCipher(), KEY_7, NONCE_7, AEAD_7, DATA_7, EXPECTED_7); + pTest.testSIVCipher(new GcmSivBlockCipher(), KEY_8, NONCE_8, AEAD_8, DATA_8, EXPECTED_8); + } + } + + /** + * AES-GCM-SIV-256 Set 1. + */ + class AESGcmSiv256Test1 + { + private readonly string EMPTY = ""; + private readonly string KEY_1 = "01000000000000000000000000000000" + "00000000000000000000000000000000"; + private readonly string NONCE_1 = "030000000000000000000000"; + private readonly string DATA_8 = "0100000000000000"; + private readonly string DATA_12 = "010000000000000000000000"; + private readonly string DATA_16 = "01000000000000000000000000000000"; + private readonly string DATA_32 = "01000000000000000000000000000000" + "02000000000000000000000000000000"; + private readonly string DATA_48 = "01000000000000000000000000000000" + "02000000000000000000000000000000" + + "03000000000000000000000000000000"; + private readonly string DATA_64 = "01000000000000000000000000000000" + "02000000000000000000000000000000" + + "03000000000000000000000000000000" + "04000000000000000000000000000000"; + private readonly string EXPECTED_1 = "07f5f4169bbf55a8400cd47ea6fd400f"; + private readonly string EXPECTED_2 = "c2ef328e5c71c83b843122130f7364b7" + "61e0b97427e3df28"; + private readonly string EXPECTED_3 = "9aab2aeb3faa0a34aea8e2b18ca50da9" + "ae6559e48fd10f6e5c9ca17e"; + private readonly string EXPECTED_4 = "85a01b63025ba19b7fd3ddfc033b3e76" + "c9eac6fa700942702e90862383c6c366"; + private readonly string EXPECTED_5 = "4a6a9db4c8c6549201b9edb53006cba8" + "21ec9cf850948a7c86c68ac7539d027f" + + "e819e63abcd020b006a976397632eb5d"; + private readonly string EXPECTED_6 = "c00d121893a9fa603f48ccc1ca3c57ce" + "7499245ea0046db16c53c7c66fe717e3" + + "9cf6c748837b61f6ee3adcee17534ed5" + "790bc96880a99ba804bd12c0e6a22cc4"; + private readonly string EXPECTED_7 = "c2d5160a1f8683834910acdafc41fbb1" + "632d4a353e8b905ec9a5499ac34f96c7" + + "e1049eb080883891a4db8caaa1f99dd0" + "04d80487540735234e3744512c6f90ce" + + "112864c269fc0d9d88c61fa47e39aa08"; + + /** + * Test cipher. + * @param pTest the test engine + */ + internal void testTheCipher(GcmSivTest pTest) + { + pTest.testSIVCipher(new GcmSivBlockCipher(), KEY_1, NONCE_1, EMPTY, EMPTY, EXPECTED_1); + pTest.testSIVCipher(new GcmSivBlockCipher(), KEY_1, NONCE_1, EMPTY, DATA_8, EXPECTED_2); + pTest.testSIVCipher(new GcmSivBlockCipher(), KEY_1, NONCE_1, EMPTY, DATA_12, EXPECTED_3); + pTest.testSIVCipher(new GcmSivBlockCipher(), KEY_1, NONCE_1, EMPTY, DATA_16, EXPECTED_4); + pTest.testSIVCipher(new GcmSivBlockCipher(), KEY_1, NONCE_1, EMPTY, DATA_32, EXPECTED_5); + pTest.testSIVCipher(new GcmSivBlockCipher(), KEY_1, NONCE_1, EMPTY, DATA_48, EXPECTED_6); + pTest.testSIVCipher(new GcmSivBlockCipher(), KEY_1, NONCE_1, EMPTY, DATA_64, EXPECTED_7); + } + } + + /** + * AES-GCM-SIV-256 Set 2. + */ + class AESGcmSiv256Test2 + { + private readonly string KEY_1 = "01000000000000000000000000000000" + "00000000000000000000000000000000"; + private readonly string NONCE_1 = "030000000000000000000000"; + private readonly string AEAD_1 = "01"; + private readonly string AEAD_12 = "010000000000000000000000"; + private readonly string AEAD_18 = "01000000000000000000000000000000" + "0200"; + private readonly string AEAD_20 = "01000000000000000000000000000000" + "02000000"; + private readonly string DATA_4 = "02000000"; + private readonly string DATA_8 = "0200000000000000"; + private readonly string DATA_12 = "020000000000000000000000"; + private readonly string DATA_16 = "02000000000000000000000000000000"; + private readonly string DATA_18 = "03000000000000000000000000000000" + "0400"; + private readonly string DATA_20 = "03000000000000000000000000000000" + "04000000"; + private readonly string DATA_32 = "02000000000000000000000000000000" + "03000000000000000000000000000000"; + private readonly string DATA_48 = "02000000000000000000000000000000" + "03000000000000000000000000000000" + + "04000000000000000000000000000000"; + private readonly string DATA_64 = "02000000000000000000000000000000" + "03000000000000000000000000000000" + + "04000000000000000000000000000000" + "05000000000000000000000000000000"; + private readonly string EXPECTED_1 = "1de22967237a813291213f267e3b452f" + "02d01ae33e4ec854"; + private readonly string EXPECTED_2 = "163d6f9cc1b346cd453a2e4cc1a4a19a" + "e800941ccdc57cc8413c277f"; + private readonly string EXPECTED_3 = "c91545823cc24f17dbb0e9e807d5ec17" + "b292d28ff61189e8e49f3875ef91aff7"; + private readonly string EXPECTED_4 = "07dad364bfc2b9da89116d7bef6daaaf" + "6f255510aa654f920ac81b94e8bad365" + + "aea1bad12702e1965604374aab96dbbc"; + private readonly string EXPECTED_5 = "c67a1f0f567a5198aa1fcc8e3f213143" + "36f7f51ca8b1af61feac35a86416fa47" + + "fbca3b5f749cdf564527f2314f42fe25" + "03332742b228c647173616cfd44c54eb"; + private readonly string EXPECTED_6 = "67fd45e126bfb9a79930c43aad2d3696" + "7d3f0e4d217c1e551f59727870beefc9" + + "8cb933a8fce9de887b1e40799988db1f" + "c3f91880ed405b2dd298318858467c89" + + "5bde0285037c5de81e5b570a049b62a0"; + private readonly string EXPECTED_7 = "22b3f4cd1835e517741dfddccfa07fa4" + "661b74cf"; + private readonly string EXPECTED_8 = "43dd0163cdb48f9fe3212bf61b201976" + "067f342bb879ad976d8242acc188ab59" + + "cabfe307"; + private readonly string EXPECTED_9 = "462401724b5ce6588d5a54aae5375513" + "a075cfcdf5042112aa29685c912fc205" + + "6543"; + + /** + * Test cipher. + * @param pTest the test engine + */ + internal void testTheCipher(GcmSivTest pTest) + { + pTest.testSIVCipher(new GcmSivBlockCipher(), KEY_1, NONCE_1, AEAD_1, DATA_8, EXPECTED_1); + pTest.testSIVCipher(new GcmSivBlockCipher(), KEY_1, NONCE_1, AEAD_1, DATA_12, EXPECTED_2); + pTest.testSIVCipher(new GcmSivBlockCipher(), KEY_1, NONCE_1, AEAD_1, DATA_16, EXPECTED_3); + pTest.testSIVCipher(new GcmSivBlockCipher(), KEY_1, NONCE_1, AEAD_1, DATA_32, EXPECTED_4); + pTest.testSIVCipher(new GcmSivBlockCipher(), KEY_1, NONCE_1, AEAD_1, DATA_48, EXPECTED_5); + pTest.testSIVCipher(new GcmSivBlockCipher(), KEY_1, NONCE_1, AEAD_1, DATA_64, EXPECTED_6); + pTest.testSIVCipher(new GcmSivBlockCipher(), KEY_1, NONCE_1, AEAD_12, DATA_4, EXPECTED_7); + pTest.testSIVCipher(new GcmSivBlockCipher(), KEY_1, NONCE_1, AEAD_18, DATA_20, EXPECTED_8); + pTest.testSIVCipher(new GcmSivBlockCipher(), KEY_1, NONCE_1, AEAD_20, DATA_18, EXPECTED_9); + } + } + + /** + * AES-GCM-SIV-256 Set 3. + */ + class AESGcmSiv256Test3 + { + private readonly string EMPTY = ""; + private readonly string KEY_1 = "e66021d5eb8e4f4066d4adb9c33560e4" + "f46e44bb3da0015c94f7088736864200"; + private readonly string KEY_2 = "bae8e37fc83441b16034566b7a806c46" + "bb91c3c5aedb64a6c590bc84d1a5e269"; + private readonly string KEY_3 = "6545fc880c94a95198874296d5cc1fd1" + "61320b6920ce07787f86743b275d1ab3"; + private readonly string KEY_4 = "d1894728b3fed1473c528b8426a58299" + "5929a1499e9ad8780c8d63d0ab4149c0"; + private readonly string KEY_5 = "a44102952ef94b02b805249bac80e6f6" + "1455bfac8308a2d40d8c845117808235"; + private readonly string KEY_6 = "9745b3d1ae06556fb6aa7890bebc18fe" + "6b3db4da3d57aa94842b9803a96e07fb"; + private readonly string KEY_7 = "b18853f68d833640e42a3c02c25b6486" + "9e146d7b233987bddfc240871d7576f7"; + private readonly string KEY_8 = "3c535de192eaed3822a2fbbe2ca9dfc8" + "8255e14a661b8aa82cc54236093bbc23"; + private readonly string NONCE_1 = "e0eaf5284d884a0e77d31646"; + private readonly string NONCE_2 = "e4b47801afc0577e34699b9e"; + private readonly string NONCE_3 = "2f6d1f0434d8848c1177441f"; + private readonly string NONCE_4 = "9f572c614b4745914474e7c7"; + private readonly string NONCE_5 = "5c9e940fea2f582950a70d5a"; + private readonly string NONCE_6 = "6de71860f762ebfbd08284e4"; + private readonly string NONCE_7 = "028ec6eb5ea7e298342a94d4"; + private readonly string NONCE_8 = "688089e55540db1872504e1c"; + private readonly string AEAD_2 = "4fbdc66f14"; + private readonly string AEAD_3 = "6787f3ea22c127aaf195"; + private readonly string AEAD_4 = "489c8fde2be2cf97e74e932d4ed87d"; + private readonly string AEAD_5 = "0da55210cc1c1b0abde3b2f204d1e9f8" + "b06bc47f"; + private readonly string AEAD_6 = "f37de21c7ff901cfe8a69615a93fdf7a" + "98cad481796245709f"; + private readonly string AEAD_7 = "9c2159058b1f0fe91433a5bdc20e214e" + "ab7fecef4454a10ef0657df21ac7"; + private readonly string AEAD_8 = "734320ccc9d9bbbb19cb81b2af4ecbc3" + "e72834321f7aa0f70b7282b4f33df23f" + + "167541"; + private readonly string DATA_2 = "671fdd"; + private readonly string DATA_3 = "195495860f04"; + private readonly string DATA_4 = "c9882e5386fd9f92ec"; + private readonly string DATA_5 = "1db2316fd568378da107b52b"; + private readonly string DATA_6 = "21702de0de18baa9c9596291b08466"; + private readonly string DATA_7 = "b202b370ef9768ec6561c4fe6b7e7296" + "fa85"; + private readonly string DATA_8 = "ced532ce4159b035277d4dfbb7db6296" + "8b13cd4eec"; + private readonly string EXPECTED_1 = "169fbb2fbf389a995f6390af22228a62"; + private readonly string EXPECTED_2 = "0eaccb93da9bb81333aee0c785b240d3" + "19719d"; + private readonly string EXPECTED_3 = "a254dad4f3f96b62b84dc40c84636a5e" + "c12020ec8c2c"; + private readonly string EXPECTED_4 = "0df9e308678244c44bc0fd3dc6628dfe" + "55ebb0b9fb2295c8c2"; + private readonly string EXPECTED_5 = "8dbeb9f7255bf5769dd56692404099c2" + "587f64979f21826706d497d5"; + private readonly string EXPECTED_6 = "793576dfa5c0f88729a7ed3c2f1bffb3" + "080d28f6ebb5d3648ce97bd5ba67fd"; + private readonly string EXPECTED_7 = "857e16a64915a787637687db4a951963" + "5cdd454fc2a154fea91f8363a39fec7d" + + "0a49"; + private readonly string EXPECTED_8 = "626660c26ea6612fb17ad91e8e767639" + "edd6c9faee9d6c7029675b89eaf4ba1d" + + "ed1a286594"; + + /** + * Test cipher. + * @param pTest the test engine + */ + internal void testTheCipher(GcmSivTest pTest) + { + pTest.testSIVCipher(new GcmSivBlockCipher(), KEY_1, NONCE_1, EMPTY, EMPTY, EXPECTED_1); + pTest.testSIVCipher(new GcmSivBlockCipher(), KEY_2, NONCE_2, AEAD_2, DATA_2, EXPECTED_2); + pTest.testSIVCipher(new GcmSivBlockCipher(), KEY_3, NONCE_3, AEAD_3, DATA_3, EXPECTED_3); + pTest.testSIVCipher(new GcmSivBlockCipher(), KEY_4, NONCE_4, AEAD_4, DATA_4, EXPECTED_4); + pTest.testSIVCipher(new GcmSivBlockCipher(), KEY_5, NONCE_5, AEAD_5, DATA_5, EXPECTED_5); + pTest.testSIVCipher(new GcmSivBlockCipher(), KEY_6, NONCE_6, AEAD_6, DATA_6, EXPECTED_6); + pTest.testSIVCipher(new GcmSivBlockCipher(), KEY_7, NONCE_7, AEAD_7, DATA_7, EXPECTED_7); + pTest.testSIVCipher(new GcmSivBlockCipher(), KEY_8, NONCE_8, AEAD_8, DATA_8, EXPECTED_8); + } + } + + /** + * AES-GCM-SIV-256 Set 4. + */ + class AESGcmSiv256Test4 + { + private readonly string EMPTY = ""; + private readonly string KEY_1 = "00000000000000000000000000000000" + "00000000000000000000000000000000"; + private readonly string NONCE_1 = "000000000000000000000000"; + private readonly string DATA_1 = "00000000000000000000000000000000" + "4db923dc793ee6497c76dcc03a98e108"; + private readonly string DATA_2 = "eb3640277c7ffd1303c7a542d02d3e4c" + "0000000000000000"; + private readonly string EXPECTED_1 = "f3f80f2cf0cb2dd9c5984fcda908456c" + "c537703b5ba70324a6793a7bf218d3ea" + + "ffffffff000000000000000000000000"; + private readonly string EXPECTED_2 = "18ce4f0b8cb4d0cac65fea8f79257b20" + "888e53e72299e56dffffffff00000000" + + "0000000000000000"; + + /** + * Test cipher. + * @param pTest the test engine + */ + internal void testTheCipher(GcmSivTest pTest) + { + pTest.testSIVCipher(new GcmSivBlockCipher(), KEY_1, NONCE_1, EMPTY, DATA_1, EXPECTED_1); + pTest.testSIVCipher(new GcmSivBlockCipher(), KEY_1, NONCE_1, EMPTY, DATA_2, EXPECTED_2); + } + } +} +} diff --git a/BouncyCastle/crypto/test/src/test/HMacTest.cs b/BouncyCastle/crypto/test/src/test/HMacTest.cs new file mode 100644 index 0000000..4a018ac --- /dev/null +++ b/BouncyCastle/crypto/test/src/test/HMacTest.cs @@ -0,0 +1,261 @@ +using System; +using System.Text; + +using NUnit.Framework; + +using Org.BouncyCastle.Asn1.Iana; +using Org.BouncyCastle.Asn1.Nist; +using Org.BouncyCastle.Asn1.Pkcs; +using Org.BouncyCastle.Asn1.Rosstandart; +using Org.BouncyCastle.Asn1.UA; +using Org.BouncyCastle.Crypto; +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Security; +using Org.BouncyCastle.Utilities.Encoders; +using Org.BouncyCastle.Utilities.Test; + +namespace Org.BouncyCastle.Tests +{ + /// HMAC tester + [TestFixture] + public class HMacTest + : SimpleTest + { + private static byte[] keyBytes = Hex.Decode("0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b"); + private static byte[] message = Encoding.ASCII.GetBytes("Hi There"); + private static byte[] output1 = Hex.Decode("b617318655057264e28bc0b6fb378c8ef146be00"); + private static byte[] outputMD5 = Hex.Decode("5ccec34ea9656392457fa1ac27f08fbc"); + private static byte[] outputMD2 = Hex.Decode("dc1923ef5f161d35bef839ca8c807808"); + private static byte[] outputMD4 = Hex.Decode("5570ce964ba8c11756cdc3970278ff5a"); + private static byte[] output224 = Hex.Decode("896fb1128abbdf196832107cd49df33f47b4b1169912ba4f53684b22"); + private static byte[] output256 = Hex.Decode("b0344c61d8db38535ca8afceaf0bf12b881dc200c9833da726e9376c2e32cff7"); + private static byte[] output384 = Hex.Decode("afd03944d84895626b0825f4ab46907f15f9dadbe4101ec682aa034c7cebc59cfaea9ea9076ede7f4af152e8b2fa9cb6"); + private static byte[] output512 = Hex.Decode("87aa7cdea5ef619d4ff0b4241a1d6cb02379f4e2ce4ec2787ad0b30545e17cdedaa833b7d6b8a702038b274eaea3f4e4be9d914eeb61f1702e696c203a126854"); + private static byte[] output512_224 = Hex.Decode("b244ba01307c0e7a8ccaad13b1067a4cf6b961fe0c6a20bda3d92039"); + private static byte[] output512_256 = Hex.Decode("9f9126c3d9c3c330d760425ca8a217e31feae31bfe70196ff81642b868402eab"); + private static byte[] outputRipeMD128 = Hex.Decode("fda5717fb7e20cf05d30bb286a44b05d"); + private static byte[] outputRipeMD160 = Hex.Decode("24cb4bd67d20fc1a5d2ed7732dcc39377f0a5668"); + private static byte[] outputTiger = Hex.Decode("1d7a658c75f8f004916e7b07e2a2e10aec7de2ae124d3647"); + private static byte[] outputOld384 = Hex.Decode("0a046aaa0255e432912228f8ccda437c8a8363fb160afb0570ab5b1fd5ddc20eb1888b9ed4e5b6cb5bc034cd9ef70e40"); + private static byte[] outputOld512 = Hex.Decode("9656975ee5de55e75f2976ecce9a04501060b9dc22a6eda2eaef638966280182477fe09f080b2bf564649cad42af8607a2bd8d02979df3a980f15e2326a0a22a"); + + private static byte[] outputKck224 = Hex.Decode("b73d595a2ba9af815e9f2b4e53e78581ebd34a80b3bbaac4e702c4cc"); + private static byte[] outputKck256 = Hex.Decode("9663d10c73ee294054dc9faf95647cb99731d12210ff7075fb3d3395abfb9821"); + private static byte[] outputKck288 = Hex.Decode("36145df8742160a1811139494d708f9a12757c30dedc622a98aa6ecb69da32a34ea55441"); + private static byte[] outputKck384 = Hex.Decode("892dfdf5d51e4679bf320cd16d4c9dc6f749744608e003add7fba894acff87361efa4e5799be06b6461f43b60ae97048"); + private static byte[] outputKck512 = Hex.Decode("8852c63be8cfc21541a4ee5e5a9a852fc2f7a9adec2ff3a13718ab4ed81aaea0b87b7eb397323548e261a64e7fc75198f6663a11b22cd957f7c8ec858a1c7755"); + + private static byte[] outputSha3_224 = Hex.Decode("3b16546bbc7be2706a031dcafd56373d9884367641d8c59af3c860f7"); + private static byte[] outputSha3_256 = Hex.Decode("ba85192310dffa96e2a3a40e69774351140bb7185e1202cdcc917589f95e16bb"); + private static byte[] outputSha3_384 = Hex.Decode("68d2dcf7fd4ddd0a2240c8a437305f61fb7334cfb5d0226e1bc27dc10a2e723a20d370b47743130e26ac7e3d532886bd"); + private static byte[] outputSha3_512 = Hex.Decode("eb3fbd4b2eaab8f5c504bd3a41465aacec15770a7cabac531e482f860b5ec7ba47ccb2c6f2afce8f88d22b6dc61380f23a668fd3888bb80537c0a0b86407689e"); + + private static byte[] outputGost2012_256 = Hex.Decode("f03422dfa37a507ca126ce01b8eba6b7fdda8f8a60dd8f2703e3a372120b8294"); + private static byte[] outputGost2012_512 = Hex.Decode("86b6a06bfa9f1974aff6ccd7fa3f835f0bd850395d6084efc47b9dda861a2cdf0dcaf959160733d5269f6567966dd7a9f932a77cd6f080012cd476f1c2cc31bb"); + + private static byte[] outputDSTU7564_256 = Hex.Decode("98ac67aa21eaf6e8666fb748d66cfc15d5d66f5194c87fffa647e406d3375cdb"); + private static byte[] outputDSTU7564_384 = Hex.Decode("4e46a87e70fcd2ccfb4433a8eaec68991a96b11085c5d5484db71af51bac469c03f76e1f721843c8e8667708fe41a48d"); + private static byte[] outputDSTU7564_512 = Hex.Decode("5b7acf633a7551b8410fa66a60c74a494e46a87e70fcd2ccfb4433a8eaec68991a96b11085c5d5484db71af51bac469c03f76e1f721843c8e8667708fe41a48d"); + + private void DoTestHMac(string hmacName, byte[] output) + { + KeyParameter key = new KeyParameter(keyBytes); //, hmacName); + + IMac mac = MacUtilities.GetMac(hmacName); + mac.Init(key); + mac.Reset(); + mac.BlockUpdate(message, 0, message.Length); + byte[] outBytes = MacUtilities.DoFinal(mac); + + if (!AreEqual(outBytes, output)) + { + Fail("Failed - expected " + + Hex.ToHexString(output) + " got " + + Hex.ToHexString(outBytes)); + } + + // no key generator for the old algorithms + if (hmacName.StartsWith("Old")) + return; + + CipherKeyGenerator kGen = GeneratorUtilities.GetKeyGenerator(hmacName); + key = new KeyParameter(kGen.GenerateKey()); + mac.Init(key); // hmacName + mac.BlockUpdate(message, 0, message.Length); + outBytes = MacUtilities.DoFinal(mac); + } + + private void DoTestHMac(string hmacName, int defKeySize, byte[] output) + { + KeyParameter key = new KeyParameter(keyBytes); //, hmacName); + + IMac mac = MacUtilities.GetMac(hmacName); + mac.Init(key); + mac.Reset(); + mac.BlockUpdate(message, 0, message.Length); + byte[] outBytes = MacUtilities.DoFinal(mac); + + if (!AreEqual(outBytes, output)) + { + Fail("Failed - expected " + + Hex.ToHexString(output) + " got " + + Hex.ToHexString(outBytes)); + } + + CipherKeyGenerator kGen = GeneratorUtilities.GetKeyGenerator(hmacName); + key = new KeyParameter(kGen.GenerateKey()); + mac.Init(key); // hmacName + mac.BlockUpdate(message, 0, message.Length); + outBytes = MacUtilities.DoFinal(mac); + + IsTrue("default key wrong length", key.GetKey().Length == (defKeySize / 8)); + } + + private void DoTestExceptions() + { + IMac mac = MacUtilities.GetMac("HmacSHA1"); + + byte [] b = {(byte)1, (byte)2, (byte)3, (byte)4, (byte)5}; +// KeyParameter sks = new KeyParameter(b); //, "HmacSHA1"); +// RC5ParameterSpec algPS = new RC5ParameterSpec(100, 100, 100); + RC5Parameters rc5Parameters = new RC5Parameters(b, 100); + + try + { +// mac.Init(sks, algPS); + mac.Init(rc5Parameters); + } +// catch (InvalidAlgorithmParameterException e) + catch (Exception) + { + // ignore okay + } + + try + { + mac.Init(null); //, null); + } +// catch (InvalidKeyException) +// { +// // ignore okay +// } +// catch (InvalidAlgorithmParameterException e) + catch (Exception) + { + // ignore okay + } + +// try +// { +// mac.Init(null); +// } +// catch (InvalidKeyException) +// { +// // ignore okay +// } + } + + public override void PerformTest() + { + DoTestHMac("HMac-SHA1", output1); + DoTestHMac("HMac-MD5", outputMD5); + DoTestHMac("HMac-MD4", outputMD4); + DoTestHMac("HMac-MD2", outputMD2); + DoTestHMac("HMac-SHA224", output224); + DoTestHMac("HMac-SHA256", output256); + DoTestHMac("HMac-SHA384", output384); + DoTestHMac("HMac-SHA512", output512); + DoTestHMac("HMac-SHA512/224", output512_224); + DoTestHMac("HMac-SHA512/256", output512_256); + DoTestHMac("HMac-RIPEMD128", outputRipeMD128); + DoTestHMac("HMac-RIPEMD160", outputRipeMD160); + DoTestHMac("HMac-TIGER", outputTiger); + DoTestHMac("HMac-KECCAK224", 224, outputKck224); + DoTestHMac("HMac-KECCAK256", 256, outputKck256); + DoTestHMac("HMac-KECCAK288", 288, outputKck288); + DoTestHMac("HMac-KECCAK384", 384, outputKck384); + DoTestHMac("HMac-KECCAK512", 512, outputKck512); + DoTestHMac("HMac-SHA3-224", 224, outputSha3_224); + DoTestHMac("HMac-SHA3-256", 256, outputSha3_256); + DoTestHMac("HMac-SHA3-384", 384, outputSha3_384); + DoTestHMac("HMac-SHA3-512", 512, outputSha3_512); + + DoTestHMac("HMac-GOST3411-2012-256", 256, outputGost2012_256); + DoTestHMac("HMac-GOST3411-2012-512", 512, outputGost2012_512); + + //DoTestHMac("HMac-DSTU7564-256", 256, outputDSTU7564_256); + //DoTestHMac("HMac-DSTU7564-384", 384, outputDSTU7564_384); + //DoTestHMac("HMac-DSTU7564-512", 512, outputDSTU7564_512); + + DoTestHMac("HMac/SHA1", output1); + DoTestHMac("HMac/MD5", outputMD5); + DoTestHMac("HMac/MD4", outputMD4); + DoTestHMac("HMac/MD2", outputMD2); + DoTestHMac("HMac/SHA224", output224); + DoTestHMac("HMac/SHA256", output256); + DoTestHMac("HMac/SHA384", output384); + DoTestHMac("HMac/SHA512", output512); + DoTestHMac("HMac/RIPEMD128", outputRipeMD128); + DoTestHMac("HMac/RIPEMD160", outputRipeMD160); + DoTestHMac("HMac/TIGER", outputTiger); + DoTestHMac("HMac/KECCAK224", 224, outputKck224); + DoTestHMac("HMac/KECCAK256", 256, outputKck256); + DoTestHMac("HMac/KECCAK288", 288, outputKck288); + DoTestHMac("HMac/KECCAK384", 384, outputKck384); + DoTestHMac("HMac/KECCAK512", 512, outputKck512); + DoTestHMac("HMac/SHA3-224", 224, outputSha3_224); + DoTestHMac("HMac/SHA3-256", 256, outputSha3_256); + DoTestHMac("HMac/SHA3-384", 384, outputSha3_384); + DoTestHMac("HMac/SHA3-512", 512, outputSha3_512); + DoTestHMac("HMac/GOST3411-2012-256", 256, outputGost2012_256); + DoTestHMac("HMac/GOST3411-2012-512", 512, outputGost2012_512); + + DoTestHMac(PkcsObjectIdentifiers.IdHmacWithSha1.Id, output1); + DoTestHMac(PkcsObjectIdentifiers.IdHmacWithSha224.Id, output224); + DoTestHMac(PkcsObjectIdentifiers.IdHmacWithSha256.Id, output256); + DoTestHMac(PkcsObjectIdentifiers.IdHmacWithSha384.Id, output384); + DoTestHMac(PkcsObjectIdentifiers.IdHmacWithSha512.Id, output512); + DoTestHMac(IanaObjectIdentifiers.HmacSha1.Id, output1); + DoTestHMac(IanaObjectIdentifiers.HmacMD5.Id, outputMD5); + DoTestHMac(IanaObjectIdentifiers.HmacRipeMD160.Id, outputRipeMD160); + DoTestHMac(IanaObjectIdentifiers.HmacTiger.Id, outputTiger); + + DoTestHMac(NistObjectIdentifiers.IdHMacWithSha3_224.Id, 224, outputSha3_224); + DoTestHMac(NistObjectIdentifiers.IdHMacWithSha3_256.Id, 256, outputSha3_256); + DoTestHMac(NistObjectIdentifiers.IdHMacWithSha3_384.Id, 384, outputSha3_384); + DoTestHMac(NistObjectIdentifiers.IdHMacWithSha3_512.Id, 512, outputSha3_512); + + DoTestHMac(RosstandartObjectIdentifiers.id_tc26_hmac_gost_3411_12_256.Id, 256, outputGost2012_256); + DoTestHMac(RosstandartObjectIdentifiers.id_tc26_hmac_gost_3411_12_512.Id, 512, outputGost2012_512); + + //DoTestHMac(UAObjectIdentifiers.dstu7564mac_256.Id, 256, outputDSTU7564_256); + //DoTestHMac(UAObjectIdentifiers.dstu7564mac_384.Id, 384, outputDSTU7564_384); + //DoTestHMac(UAObjectIdentifiers.dstu7564mac_512.Id, 512, outputDSTU7564_512); + +// // test for compatibility with broken HMac. +// DoTestHMac("OldHMacSHA384", outputOld384); +// DoTestHMac("OldHMacSHA512", outputOld512); + + DoTestExceptions(); + } + + public override string Name + { + get { return "HMac"; } + } + + public static void Main( + string[] args) + { + RunTest(new HMacTest()); + } + + [Test] + public void TestFunction() + { + string resultText = Perform().ToString(); + + Assert.AreEqual(Name + ": Okay", resultText); + } + } +} diff --git a/BouncyCastle/crypto/test/src/test/IESTest.cs b/BouncyCastle/crypto/test/src/test/IESTest.cs new file mode 100644 index 0000000..99aacc6 --- /dev/null +++ b/BouncyCastle/crypto/test/src/test/IESTest.cs @@ -0,0 +1,238 @@ +using System; + +using NUnit.Framework; + +using Org.BouncyCastle.Asn1.X9; +using Org.BouncyCastle.Crypto; +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Math; +using Org.BouncyCastle.Math.EC; +using Org.BouncyCastle.Security; +using Org.BouncyCastle.Utilities.Encoders; +using Org.BouncyCastle.Utilities.Test; + +namespace Org.BouncyCastle.Tests +{ + /** + * test for ECIES - Elliptic Curve Integrated Encryption Scheme + */ + [TestFixture] + public class IesTest + : SimpleTest + { + private static readonly BigInteger g512 = new BigInteger("153d5d6172adb43045b68ae8e1de1070b6137005686d29d3d73a7749199681ee5b212c9b96bfdcfa5b20cd5e3fd2044895d609cf9b410b7a0f12ca1cb9a428cc", 16); + private static readonly BigInteger p512 = new BigInteger("9494fec095f3b85ee286542b3836fc81a5dd0a0349b4c239dd38744d488cf8e31db8bcb7d33b41abb9e5a33cca9144b1cef332c94bf0573bf047a3aca98cdf3b", 16); + + public override string Name + { + get { return "IES"; } + } + + public override void PerformTest() + { + IAsymmetricCipherKeyPairGenerator g = GeneratorUtilities.GetKeyPairGenerator("ECIES"); + + X9ECParameters x9 = ECNamedCurveTable.GetByName("prime239v1"); + ECDomainParameters ecSpec = new ECDomainParameters(x9.Curve, x9.G, x9.N, x9.H); + + g.Init( + new ECKeyGenerationParameters( + ecSpec, + new SecureRandom())); + + IBufferedCipher c1 = CipherUtilities.GetCipher("ECIES"); + IBufferedCipher c2 = CipherUtilities.GetCipher("ECIES"); + + doTest(g, c1, c2); + + g = GeneratorUtilities.GetKeyPairGenerator("ECIES"); + + g.Init(new KeyGenerationParameters(new SecureRandom(), 192)); + + doTest(g, c1, c2); + + g = GeneratorUtilities.GetKeyPairGenerator("ECIES"); + + g.Init(new KeyGenerationParameters(new SecureRandom(), 239)); + + doTest(g, c1, c2); + + g = GeneratorUtilities.GetKeyPairGenerator("ECIES"); + + g.Init(new KeyGenerationParameters(new SecureRandom(), 256)); + + doTest(g, c1, c2); + + doDefTest(g, c1, c2); + + c1 = CipherUtilities.GetCipher("IES"); + c2 = CipherUtilities.GetCipher("IES"); + + g = GeneratorUtilities.GetKeyPairGenerator("DH"); + +// DHParameterSpec dhParams = new DHParameterSpec(p512, g512); +// g.initialize(dhParams); + g.Init( + new DHKeyGenerationParameters( + new SecureRandom(), + new DHParameters(p512, g512))); + + doTest(g, c1, c2); + + doDefTest(g, c1, c2); + } + + public void doTest( + IAsymmetricCipherKeyPairGenerator g, + IBufferedCipher c1, + IBufferedCipher c2) + { + // + // a side + // + AsymmetricCipherKeyPair aKeyPair = g.GenerateKeyPair(); + AsymmetricKeyParameter aPub = aKeyPair.Public; + AsymmetricKeyParameter aPriv = aKeyPair.Private; + + // + // b side + // + AsymmetricCipherKeyPair bKeyPair = g.GenerateKeyPair(); + AsymmetricKeyParameter bPub = bKeyPair.Public; + AsymmetricKeyParameter bPriv = bKeyPair.Private; + + // TODO Put back in +// // +// // stream test +// // +// IEKeySpec c1Key = new IEKeySpec(aPriv, bPub); +// IEKeySpec c2Key = new IEKeySpec(bPriv, aPub); +// +// byte[] d = new byte[] { 1, 2, 3, 4, 5, 6, 7, 8 }; +// byte[] e = new byte[] { 8, 7, 6, 5, 4, 3, 2, 1 }; +// +// IESParameterSpec param = new IESParameterSpec(d, e, 128); +// +// c1.Init(true, c1Key, param); +// +// c2.Init(false, c2Key, param); +// +// byte[] message = Hex.Decode("1234567890abcdef"); +// +// byte[] out1 = c1.DoFinal(message, 0, message.Length); +// +// byte[] out2 = c2.DoFinal(out1, 0, out1.Length); +// +// if (!AreEqual(out2, message)) +// { +// Fail("stream cipher test failed"); +// } + } + + public void doDefTest( + IAsymmetricCipherKeyPairGenerator g, + IBufferedCipher c1, + IBufferedCipher c2) + { + // + // a side + // + AsymmetricCipherKeyPair aKeyPair = g.GenerateKeyPair(); + AsymmetricKeyParameter aPub = aKeyPair.Public; + AsymmetricKeyParameter aPriv = aKeyPair.Private; + + // + // b side + // + AsymmetricCipherKeyPair bKeyPair = g.GenerateKeyPair(); + AsymmetricKeyParameter bPub = bKeyPair.Public; + AsymmetricKeyParameter bPriv = bKeyPair.Private; + + // TODO Put back in +// // +// // stream test +// // +// IEKeySpec c1Key = new IEKeySpec(aPriv, bPub); +// IEKeySpec c2Key = new IEKeySpec(bPriv, aPub); +// +// c1.Init(true, c1Key); +// +// AlgorithmParameters param = c1.getParameters(); +// +// c2.Init(false, c2Key, param); +// +// byte[] message = Hex.Decode("1234567890abcdef"); +// +// byte[] out1 = c1.DoFinal(message, 0, message.Length); +// +// byte[] out2 = c2.DoFinal(out1, 0, out1.Length); +// +// if (!AreEqual(out2, message)) +// { +// Fail("stream cipher test failed"); +// } +// +// // +// // int DoFinal +// // +// int len1 = c1.DoFinal(message, 0, message.Length, out1, 0); +// +// if (len1 != out1.Length) +// { +// Fail("encryption length wrong"); +// } +// +// int len2 = c2.DoFinal(out1, 0, out1.Length, out2, 0); +// +// if (len2 != out2.Length) +// { +// Fail("decryption length wrong"); +// } +// +// if (!AreEqual(out2, message)) +// { +// Fail("stream cipher test failed"); +// } +// +// // +// // int DoFinal with update +// // +// len1 = c1.ProcessBytes(message, 0, 2, out1, 0); +// +// len1 += c1.DoFinal(message, 2, message.Length - 2, out1, len1); +// +// if (len1 != out1.Length) +// { +// Fail("update encryption length wrong"); +// } +// +// len2 = c2.ProcessBytes(out1, 0, 2, out2, 0); +// +// len2 += c2.DoFinal(out1, 2, out1.Length - 2, out2, len2); +// +// if (len2 != out2.Length) +// { +// Fail("update decryption length wrong"); +// } +// +// if (!AreEqual(out2, message)) +// { +// Fail("update stream cipher test failed"); +// } + } + + public static void Main( + string[] args) + { + RunTest(new IesTest()); + } + + [Test] + public void TestFunction() + { + string resultText = Perform().ToString(); + + Assert.AreEqual(Name + ": Okay", resultText); + } + } +} diff --git a/BouncyCastle/crypto/test/src/test/KdfCounterTest.cs b/BouncyCastle/crypto/test/src/test/KdfCounterTest.cs new file mode 100644 index 0000000..b6a9b13 --- /dev/null +++ b/BouncyCastle/crypto/test/src/test/KdfCounterTest.cs @@ -0,0 +1,2835 @@ +using NUnit.Framework; +using Org.BouncyCastle.Crypto; +using Org.BouncyCastle.Crypto.Digests; +using Org.BouncyCastle.Crypto.Engines; +using Org.BouncyCastle.Crypto.Generators; +using Org.BouncyCastle.Crypto.Macs; +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Utilities; +using Org.BouncyCastle.Utilities.Encoders; +using Org.BouncyCastle.Utilities.Test; + +namespace Org.BouncyCastle.Tests +{ + [TestFixture] + public class KdfCounterTest : SimpleTest + { + //private string kdfCtr = @""; + + + [Test] + public void TestCMAC_AES128_BEFORE_FIXED_8_BITS() + { + string name = "CMAC_AES128_BEFORE_FIXED_8_BITS "; + { + int r = 8; + //int count = 0; + int l = 128; + byte[] ki = Hex.Decode("dff1e50ac0b69dc40f1051d46c2b069c"); IBlockCipher blockCipher = new AesEngine(); + IMac prf = new CMac(blockCipher); KdfCounterBytesGenerator gen = new KdfCounterBytesGenerator(prf); + byte[] fixedInputData = Hex.Decode("c16e6e02c5a3dcc8d78b9ac1306877761310455b4e41469951d9e6c2245a064b33fd8c3b01203a7824485bf0a64060c4648b707d2607935699316ea5"); + KdfCounterParameters param = new KdfCounterParameters(ki, null, fixedInputData, r); + gen.Init(param); + byte[] koGenerated = new byte[l / 8]; + gen.GenerateBytes(koGenerated, 0, koGenerated.Length); + + byte[] koVectors = Hex.Decode("8be8f0869b3c0ba97b71863d1b9f7813"); + + compareKO(name, koGenerated, koVectors); + } + } + + [Test] + public void TestCMAC_AES128_BEFORE_FIXED_16_BITS() + { + string name = "CMAC_AES128_BEFORE_FIXED_16_BITS "; + { + int r = 16; + //int count = 0; + int l = 128; + byte[] ki = Hex.Decode("30ec5f6fa1def33cff008178c4454211"); IBlockCipher blockCipher = new AesEngine(); + IMac prf = new CMac(blockCipher); KdfCounterBytesGenerator gen = new KdfCounterBytesGenerator(prf); + byte[] fixedInputData = Hex.Decode("c95e7b1d4f2570259abfc05bb00730f0284c3bb9a61d07259848a1cb57c81d8a6c3382c500bf801dfc8f70726b082cf4c3fa34386c1e7bf0e5471438"); + KdfCounterParameters param = new KdfCounterParameters(ki, null, fixedInputData, r); + gen.Init(param); + byte[] koGenerated = new byte[l / 8]; + gen.GenerateBytes(koGenerated, 0, koGenerated.Length); + + byte[] koVectors = Hex.Decode("00018fff9574994f5c4457f461c7a67e"); + + compareKO(name, koGenerated, koVectors); + } + } + + [Test] + public void TestCMAC_AES128_BEFORE_FIXED_24_BITS() + { + string name = "CMAC_AES128_BEFORE_FIXED_24_BITS "; + { + int r = 24; + //int count = 0; + int l = 128; + byte[] ki = Hex.Decode("ca1cf43e5ccd512cc719a2f9de41734c"); IBlockCipher blockCipher = new AesEngine(); + IMac prf = new CMac(blockCipher); KdfCounterBytesGenerator gen = new KdfCounterBytesGenerator(prf); + byte[] fixedInputData = Hex.Decode("e3884ac963196f02ddd09fc04c20c88b60faa775b5ef6feb1faf8c5e098b5210e2b4e45d62cc0bf907fd68022ee7b15631b5c8daf903d99642c5b831"); + KdfCounterParameters param = new KdfCounterParameters(ki, null, fixedInputData, r); + gen.Init(param); + byte[] koGenerated = new byte[l / 8]; + gen.GenerateBytes(koGenerated, 0, koGenerated.Length); + + byte[] koVectors = Hex.Decode("1cb2b12326cc5ec1eba248167f0efd58"); + + compareKO(name, koGenerated, koVectors); + } + } + + [Test] + public void TestCMAC_AES128_BEFORE_FIXED_32_BITS() + { + string name = "CMAC_AES128_BEFORE_FIXED_32_BITS "; + { + int r = 32; + //int count = 0; + int l = 128; + byte[] ki = Hex.Decode("c10b152e8c97b77e18704e0f0bd38305"); IBlockCipher blockCipher = new AesEngine(); + IMac prf = new CMac(blockCipher); KdfCounterBytesGenerator gen = new KdfCounterBytesGenerator(prf); + byte[] fixedInputData = Hex.Decode("98cd4cbbbebe15d17dc86e6dbad800a2dcbd64f7c7ad0e78e9cf94ffdba89d03e97eadf6c4f7b806caf52aa38f09d0eb71d71f497bcc6906b48d36c4"); + KdfCounterParameters param = new KdfCounterParameters(ki, null, fixedInputData, r); + gen.Init(param); + byte[] koGenerated = new byte[l / 8]; + gen.GenerateBytes(koGenerated, 0, koGenerated.Length); + + byte[] koVectors = Hex.Decode("26faf61908ad9ee881b8305c221db53f"); + + compareKO(name, koGenerated, koVectors); + } + } + + [Test] + public void TestCMAC_AES128_AFTER_FIXED_8_BITS() + { + string name = "CMAC_AES128_AFTER_FIXED_8_BITS "; + { + int r = 8; + //int count = 0; + int l = 128; + byte[] ki = Hex.Decode("e61a51e1633e7d0de704dcebbd8f962f"); IBlockCipher blockCipher = new AesEngine(); + IMac prf = new CMac(blockCipher); KdfCounterBytesGenerator gen = new KdfCounterBytesGenerator(prf); + byte[] fixedInputData = Hex.Decode("5eef88f8cb188e63e08e23c957ee424a3345da88400c567548b57693931a847501f8e1bce1c37a09ef8c6e2ad553dd0f603b52cc6d4e4cbb76eb6c8f"); + KdfCounterParameters param = new KdfCounterParameters(ki, fixedInputData, null, r); + gen.Init(param); + byte[] koGenerated = new byte[l / 8]; + gen.GenerateBytes(koGenerated, 0, koGenerated.Length); + + byte[] koVectors = Hex.Decode("63a5647d0fe69d21fc420b1a8ce34cc1"); + + compareKO(name, koGenerated, koVectors); + } + } + + [Test] + public void TestCMAC_AES128_AFTER_FIXED_16_BITS() + { + string name = "CMAC_AES128_AFTER_FIXED_16_BITS "; + { + int r = 16; + //int count = 0; + int l = 128; + byte[] ki = Hex.Decode("b03616e032b6d1aa53352a8d7dfabcfe"); IBlockCipher blockCipher = new AesEngine(); + IMac prf = new CMac(blockCipher); KdfCounterBytesGenerator gen = new KdfCounterBytesGenerator(prf); + byte[] fixedInputData = Hex.Decode("fba6aea08c2ccf83f7142b72a476839a98a7d967125c9dfc83ae82f1fb6c913afc82bf65342356d2e7f929528589bc94c2f54d52b2487ee9f4a52510"); + KdfCounterParameters param = new KdfCounterParameters(ki, fixedInputData, null, r); + gen.Init(param); + byte[] koGenerated = new byte[l / 8]; + gen.GenerateBytes(koGenerated, 0, koGenerated.Length); + + byte[] koVectors = Hex.Decode("8c5175addd7d847e30f48ef6ce373954"); + + compareKO(name, koGenerated, koVectors); + } + } + + [Test] + public void TestCMAC_AES128_AFTER_FIXED_24_BITS() + { + string name = "CMAC_AES128_AFTER_FIXED_24_BITS "; + { + int r = 24; + //int count = 0; + int l = 128; + byte[] ki = Hex.Decode("03dd577bd0e65a26502453d5de9e682b"); IBlockCipher blockCipher = new AesEngine(); + IMac prf = new CMac(blockCipher); KdfCounterBytesGenerator gen = new KdfCounterBytesGenerator(prf); + byte[] fixedInputData = Hex.Decode("bf4e85e80ee83637bbe972a371c5a74d0511e0eeb9485f3d1d075f1fdbb00f5ea7f64b080cf2c8d21b213bb1e96cd047ddc3f005851bf4b07e7a0232"); + KdfCounterParameters param = new KdfCounterParameters(ki, fixedInputData, null, r); + gen.Init(param); + byte[] koGenerated = new byte[l / 8]; + gen.GenerateBytes(koGenerated, 0, koGenerated.Length); + + byte[] koVectors = Hex.Decode("f8fa72a1f1c0b234c7f76a425778ad4e"); + + compareKO(name, koGenerated, koVectors); + } + } + + [Test] + public void TestCMAC_AES128_AFTER_FIXED_32_BITS() + { + string name = "CMAC_AES128_AFTER_FIXED_32_BITS "; + { + int r = 32; + //int count = 0; + int l = 128; + byte[] ki = Hex.Decode("02f9ff0a7b136bdbdb09bc420a35d46f"); IBlockCipher blockCipher = new AesEngine(); + IMac prf = new CMac(blockCipher); KdfCounterBytesGenerator gen = new KdfCounterBytesGenerator(prf); + byte[] fixedInputData = Hex.Decode("ebdacfb0d14c6e38602dc95b43cea8d354596c360b31a02ea780d4fe35728ec75de2fb357c36c1210c10d35369982989ad02ab4f4094fdc86618e3f9"); + KdfCounterParameters param = new KdfCounterParameters(ki, fixedInputData, null, r); + gen.Init(param); + byte[] koGenerated = new byte[l / 8]; + gen.GenerateBytes(koGenerated, 0, koGenerated.Length); + + byte[] koVectors = Hex.Decode("207ee3acb1d1785fb36109f9970153d8"); + + compareKO(name, koGenerated, koVectors); + } + } + + [Test] + public void TestCMAC_AES128_MIDDLE_FIXED_8_BITS() + { + string name = "CMAC_AES128_MIDDLE_FIXED_8_BITS "; + { + int r = 8; + //int count = 0; + int l = 128; + byte[] ki = Hex.Decode("b6e04abd1651f8794d4326f4c684e631"); IBlockCipher blockCipher = new AesEngine(); + IMac prf = new CMac(blockCipher); KdfCounterBytesGenerator gen = new KdfCounterBytesGenerator(prf); + byte[] DataBeforeCtrData = Hex.Decode("93612f7256c46a3d856d3e951e32dbf15fe11159d0b389ad38d603850fee6d18d22031435ed36ee20da76745fbea4b10fe1e"); + byte[] DataAfterCtrData = Hex.Decode("99322aae605a5f01e32b"); + KdfCounterParameters param = new KdfCounterParameters(ki, DataBeforeCtrData, DataAfterCtrData, r); + gen.Init(param); + byte[] koGenerated = new byte[l / 8]; + gen.GenerateBytes(koGenerated, 0, koGenerated.Length); + + byte[] koVectors = Hex.Decode("dcb1db87a68762c6b3354779fa590bef"); + + compareKO(name, koGenerated, koVectors); + } + } + + [Test] + public void TestCMAC_AES128_MIDDLE_FIXED_16_BITS() + { + string name = "CMAC_AES128_MIDDLE_FIXED_16_BITS "; + { + int r = 16; + //int count = 0; + int l = 128; + byte[] ki = Hex.Decode("63cf79372dbe425d2c5832603fb96d93"); IBlockCipher blockCipher = new AesEngine(); + IMac prf = new CMac(blockCipher); KdfCounterBytesGenerator gen = new KdfCounterBytesGenerator(prf); + byte[] DataBeforeCtrData = Hex.Decode("91f5b0021524e8f85dc4af0bb83a9386e89635d19f9e4652d8d1837d2cdcd0b20fa50c1397ed450410cc9109b2ae1bad0b85"); + byte[] DataAfterCtrData = Hex.Decode("81205d2dc8429ce7e428"); + KdfCounterParameters param = new KdfCounterParameters(ki, DataBeforeCtrData, DataAfterCtrData, r); + gen.Init(param); + byte[] koGenerated = new byte[l / 8]; + gen.GenerateBytes(koGenerated, 0, koGenerated.Length); + + byte[] koVectors = Hex.Decode("50569fc30e309a6337c14c5ba320271f"); + + compareKO(name, koGenerated, koVectors); + } + } + + [Test] + public void TestCMAC_AES128_MIDDLE_FIXED_24_BITS() + { + string name = "CMAC_AES128_MIDDLE_FIXED_24_BITS "; + { + int r = 24; + //int count = 0; + int l = 128; + byte[] ki = Hex.Decode("bc1b3659d7c2fcf008b0da456fd876c5"); IBlockCipher blockCipher = new AesEngine(); + IMac prf = new CMac(blockCipher); KdfCounterBytesGenerator gen = new KdfCounterBytesGenerator(prf); + byte[] DataBeforeCtrData = Hex.Decode("c8e13862185cbbee6544c2a7367d5216becf6352464b35e362c328f31b378f3481cdc09c46efed015dead1958db5701a940d"); + byte[] DataAfterCtrData = Hex.Decode("a75853711d59f7b819b0"); + KdfCounterParameters param = new KdfCounterParameters(ki, DataBeforeCtrData, DataAfterCtrData, r); + gen.Init(param); + byte[] koGenerated = new byte[l / 8]; + gen.GenerateBytes(koGenerated, 0, koGenerated.Length); + + byte[] koVectors = Hex.Decode("da6a63b32c2f051e9833d61f92f35d70"); + + compareKO(name, koGenerated, koVectors); + } + } + + [Test] + public void TestCMAC_AES128_MIDDLE_FIXED_32_BITS() + { + string name = "CMAC_AES128_MIDDLE_FIXED_32_BITS "; + { + int r = 32; + //int count = 0; + int l = 128; + byte[] ki = Hex.Decode("90e33a1e76adedcabd2214326be71abf"); IBlockCipher blockCipher = new AesEngine(); + IMac prf = new CMac(blockCipher); KdfCounterBytesGenerator gen = new KdfCounterBytesGenerator(prf); + byte[] DataBeforeCtrData = Hex.Decode("3d2f38c571575807eecd0ec9e3fd860fb605f0b17139ce01904abba7ae688a50e620341787f69f00b872343f42b18c979f6f"); + byte[] DataAfterCtrData = Hex.Decode("8885034123cb45e27440"); + KdfCounterParameters param = new KdfCounterParameters(ki, DataBeforeCtrData, DataAfterCtrData, r); + gen.Init(param); + byte[] koGenerated = new byte[l / 8]; + gen.GenerateBytes(koGenerated, 0, koGenerated.Length); + + byte[] koVectors = Hex.Decode("9e2156cd13e079c1e6c6379f9a55f433"); + + compareKO(name, koGenerated, koVectors); + } + } + + [Test] + public void TestCMAC_AES192_BEFORE_FIXED_8_BITS() + { + string name = "CMAC_AES192_BEFORE_FIXED_8_BITS "; + { + int r = 8; + //int count = 0; + int l = 128; + byte[] ki = Hex.Decode("53d1705caab7b06886e2dbb53eea349aa7419a034e2d92b9"); IBlockCipher blockCipher = new AesEngine(); + IMac prf = new CMac(blockCipher); KdfCounterBytesGenerator gen = new KdfCounterBytesGenerator(prf); + byte[] fixedInputData = Hex.Decode("b120f7ce30235784664deae3c40723ca0539b4521b9aece43501366cc5df1d9ea163c602702d0974665277c8a7f6a057733d66f928eb7548cf43e374"); + KdfCounterParameters param = new KdfCounterParameters(ki, null, fixedInputData, r); + gen.Init(param); + byte[] koGenerated = new byte[l / 8]; + gen.GenerateBytes(koGenerated, 0, koGenerated.Length); + + byte[] koVectors = Hex.Decode("eae32661a323f6d06d0116bb739bd76a"); + + compareKO(name, koGenerated, koVectors); + } + } + + [Test] + public void TestCMAC_AES192_BEFORE_FIXED_16_BITS() + { + string name = "CMAC_AES192_BEFORE_FIXED_16_BITS "; + { + int r = 16; + //int count = 0; + int l = 128; + byte[] ki = Hex.Decode("d7e8eefc503a39e70d931f16645958ad06fb789f0cbc518b"); IBlockCipher blockCipher = new AesEngine(); + IMac prf = new CMac(blockCipher); KdfCounterBytesGenerator gen = new KdfCounterBytesGenerator(prf); + byte[] fixedInputData = Hex.Decode("b10ea2d67904a8b3b7ce5eef7d9ee49768e8deb3506ee74a2ad8dd8661146fde74137a8f6dfc69a370945d15335e0d6403fa029da19d34140c7e3da0"); + KdfCounterParameters param = new KdfCounterParameters(ki, null, fixedInputData, r); + gen.Init(param); + byte[] koGenerated = new byte[l / 8]; + gen.GenerateBytes(koGenerated, 0, koGenerated.Length); + + byte[] koVectors = Hex.Decode("95278b8883852f6676c587507b0aa162"); + + compareKO(name, koGenerated, koVectors); + } + } + + [Test] + public void TestCMAC_AES192_BEFORE_FIXED_24_BITS() + { + string name = "CMAC_AES192_BEFORE_FIXED_24_BITS "; + { + int r = 24; + //int count = 0; + int l = 128; + byte[] ki = Hex.Decode("f7c1e0682a12f1f17d23dc8af5c463b8aa28f87ed82fad22"); IBlockCipher blockCipher = new AesEngine(); + IMac prf = new CMac(blockCipher); KdfCounterBytesGenerator gen = new KdfCounterBytesGenerator(prf); + byte[] fixedInputData = Hex.Decode("890ec4966a8ac3fd635bd264a4c726c87341611c6e282766b7ffe621080d0c00ac9cf8e2784a80166303505f820b2a309e9c3a463d2e3fd4814e3af5"); + KdfCounterParameters param = new KdfCounterParameters(ki, null, fixedInputData, r); + gen.Init(param); + byte[] koGenerated = new byte[l / 8]; + gen.GenerateBytes(koGenerated, 0, koGenerated.Length); + + byte[] koVectors = Hex.Decode("a71b0cbe30331fdbb63f8d51249ae50b"); + + compareKO(name, koGenerated, koVectors); + } + } + + [Test] + public void TestCMAC_AES192_BEFORE_FIXED_32_BITS() + { + string name = "CMAC_AES192_BEFORE_FIXED_32_BITS "; + { + int r = 32; + //int count = 0; + int l = 128; + byte[] ki = Hex.Decode("f4267280cb8667c2cf82bb37f389da6391f58cc74deba0cc"); IBlockCipher blockCipher = new AesEngine(); + IMac prf = new CMac(blockCipher); KdfCounterBytesGenerator gen = new KdfCounterBytesGenerator(prf); + byte[] fixedInputData = Hex.Decode("34abbc9f7b12622309a827de5abfdd51fb5bb824838fcde88ca7bc5f3953abdcb445147f13e809e294f75e6d4e3f13b66e47f2dfc881ed392e3a1bf6"); + KdfCounterParameters param = new KdfCounterParameters(ki, null, fixedInputData, r); + gen.Init(param); + byte[] koGenerated = new byte[l / 8]; + gen.GenerateBytes(koGenerated, 0, koGenerated.Length); + + byte[] koVectors = Hex.Decode("2d1b4b5694b6741b2ed9c02c05474225"); + + compareKO(name, koGenerated, koVectors); + } + } + + [Test] + public void TestCMAC_AES192_AFTER_FIXED_8_BITS() + { + string name = "CMAC_AES192_AFTER_FIXED_8_BITS "; + { + int r = 8; + //int count = 0; + int l = 128; + byte[] ki = Hex.Decode("aea3dd304d0475e7969d0f278d23abe1fc0c7220f7fd7e73"); IBlockCipher blockCipher = new AesEngine(); + IMac prf = new CMac(blockCipher); KdfCounterBytesGenerator gen = new KdfCounterBytesGenerator(prf); + byte[] fixedInputData = Hex.Decode("3e6008930b20b14375f86176714558113284d4142806d9d810b3fe4c02ae375f2b7e6ec05fb15fcd8da82b90c9706cf36b2c9dd96a2c1f46606f6bde"); + KdfCounterParameters param = new KdfCounterParameters(ki, fixedInputData, null, r); + gen.Init(param); + byte[] koGenerated = new byte[l / 8]; + gen.GenerateBytes(koGenerated, 0, koGenerated.Length); + + byte[] koVectors = Hex.Decode("12c6f91ead9b6f256e97b17efc8928d1"); + + compareKO(name, koGenerated, koVectors); + } + } + + [Test] + public void TestCMAC_AES192_AFTER_FIXED_16_BITS() + { + string name = "CMAC_AES192_AFTER_FIXED_16_BITS "; + { + int r = 16; + //int count = 0; + int l = 128; + byte[] ki = Hex.Decode("ff8902c49d5acf676a9fd0c435a0d340d19622690bf16993"); IBlockCipher blockCipher = new AesEngine(); + IMac prf = new CMac(blockCipher); KdfCounterBytesGenerator gen = new KdfCounterBytesGenerator(prf); + byte[] fixedInputData = Hex.Decode("4820bac046633e0354dbfba484c60e8a48ee839639484b173fb34c84dd2b94a7a8102f9a9f493656958bfdbe59956963594164c4518a375b87ce9c36"); + KdfCounterParameters param = new KdfCounterParameters(ki, fixedInputData, null, r); + gen.Init(param); + byte[] koGenerated = new byte[l / 8]; + gen.GenerateBytes(koGenerated, 0, koGenerated.Length); + + byte[] koVectors = Hex.Decode("bafb45bc485bcad6236577e3fadebab6"); + + compareKO(name, koGenerated, koVectors); + } + } + + [Test] + public void TestCMAC_AES192_AFTER_FIXED_24_BITS() + { + string name = "CMAC_AES192_AFTER_FIXED_24_BITS "; + { + int r = 24; + //int count = 0; + int l = 128; + byte[] ki = Hex.Decode("b880d5bbadd02b32af31b5d69bd5a2da2654f93e85474d64"); IBlockCipher blockCipher = new AesEngine(); + IMac prf = new CMac(blockCipher); KdfCounterBytesGenerator gen = new KdfCounterBytesGenerator(prf); + byte[] fixedInputData = Hex.Decode("b8434bbf8353167fddb5fef6deb65239cb9db201e7e3cc1a8253b999f80ee04cfcefef3bce8fc4b0afb263d4515c794306cb0300cc07a1b7dce2b341"); + KdfCounterParameters param = new KdfCounterParameters(ki, fixedInputData, null, r); + gen.Init(param); + byte[] koGenerated = new byte[l / 8]; + gen.GenerateBytes(koGenerated, 0, koGenerated.Length); + + byte[] koVectors = Hex.Decode("f0f932dd19d194193b9f93e43ae59324"); + + compareKO(name, koGenerated, koVectors); + } + } + + [Test] + public void TestCMAC_AES192_AFTER_FIXED_32_BITS() + { + string name = "CMAC_AES192_AFTER_FIXED_32_BITS "; + { + int r = 32; + //int count = 0; + int l = 128; + byte[] ki = Hex.Decode("f3bb6d3d0a20c8256fa3ef7586b77dd950ccc1221f07ca82"); IBlockCipher blockCipher = new AesEngine(); + IMac prf = new CMac(blockCipher); KdfCounterBytesGenerator gen = new KdfCounterBytesGenerator(prf); + byte[] fixedInputData = Hex.Decode("edd3964cdd146f8de1b160565c252c6b513bd3f4be07357ddae662e6b4683fbfa41b6a7df87ceced255051e3713f958305bc822beb96c5aeb4f7af7c"); + KdfCounterParameters param = new KdfCounterParameters(ki, fixedInputData, null, r); + gen.Init(param); + byte[] koGenerated = new byte[l / 8]; + gen.GenerateBytes(koGenerated, 0, koGenerated.Length); + + byte[] koVectors = Hex.Decode("073d40c5626931f27c5556d9f1d1ba7a"); + + compareKO(name, koGenerated, koVectors); + } + } + + [Test] + public void TestCMAC_AES192_MIDDLE_FIXED_8_BITS() + { + string name = "CMAC_AES192_MIDDLE_FIXED_8_BITS "; + { + int r = 8; + //int count = 0; + int l = 128; + byte[] ki = Hex.Decode("e09079196120accdf43293f3593e692481391080e233f40b"); IBlockCipher blockCipher = new AesEngine(); + IMac prf = new CMac(blockCipher); KdfCounterBytesGenerator gen = new KdfCounterBytesGenerator(prf); + byte[] DataBeforeCtrData = Hex.Decode("0ec4fb9f0b4c59bbcbbf2c85466f92e1631cac32827e0485b6c56ba2ba5e72252f3c0895fd48ffbe18735d5c8d9a15c3985f"); + byte[] DataAfterCtrData = Hex.Decode("9a1a87dfa1698b60d0a0"); + KdfCounterParameters param = new KdfCounterParameters(ki, DataBeforeCtrData, DataAfterCtrData, r); + gen.Init(param); + byte[] koGenerated = new byte[l / 8]; + gen.GenerateBytes(koGenerated, 0, koGenerated.Length); + + byte[] koVectors = Hex.Decode("2233d0566417bb549d3d5e9e28673168"); + + compareKO(name, koGenerated, koVectors); + } + } + + [Test] + public void TestCMAC_AES192_MIDDLE_FIXED_16_BITS() + { + string name = "CMAC_AES192_MIDDLE_FIXED_16_BITS "; + { + int r = 16; + //int count = 0; + int l = 128; + byte[] ki = Hex.Decode("60efefde5ac9d43b097b809752e7fc4c21181300101ee03b"); IBlockCipher blockCipher = new AesEngine(); + IMac prf = new CMac(blockCipher); KdfCounterBytesGenerator gen = new KdfCounterBytesGenerator(prf); + byte[] DataBeforeCtrData = Hex.Decode("34a86821dee0fdbfd8aef3f7cf86184e7f669c505c3cb4c88f92e9ca514549c334cdc079bfe075338ba21fe0847c7e29a7df"); + byte[] DataAfterCtrData = Hex.Decode("d8d290cebb39941de12b"); + KdfCounterParameters param = new KdfCounterParameters(ki, DataBeforeCtrData, DataAfterCtrData, r); + gen.Init(param); + byte[] koGenerated = new byte[l / 8]; + gen.GenerateBytes(koGenerated, 0, koGenerated.Length); + + byte[] koVectors = Hex.Decode("75304faf483287177b71adbbaae7dfa3"); + + compareKO(name, koGenerated, koVectors); + } + } + + [Test] + public void TestCMAC_AES192_MIDDLE_FIXED_24_BITS() + { + string name = "CMAC_AES192_MIDDLE_FIXED_24_BITS "; + { + int r = 24; + //int count = 0; + int l = 128; + byte[] ki = Hex.Decode("60c8df63954f410af68f1bde52fdd3432d6baf7079a4c795"); IBlockCipher blockCipher = new AesEngine(); + IMac prf = new CMac(blockCipher); KdfCounterBytesGenerator gen = new KdfCounterBytesGenerator(prf); + byte[] DataBeforeCtrData = Hex.Decode("b1907a06c3428b4e4656672742b0d933773cab80bd6678c2f897339e59fbe790f4391a96d18ca19522d64f4a2e852848c6af"); + byte[] DataAfterCtrData = Hex.Decode("781103fc1a702a561ced"); + KdfCounterParameters param = new KdfCounterParameters(ki, DataBeforeCtrData, DataAfterCtrData, r); + gen.Init(param); + byte[] koGenerated = new byte[l / 8]; + gen.GenerateBytes(koGenerated, 0, koGenerated.Length); + + byte[] koVectors = Hex.Decode("e69ac242bb5d0dd4da3c2f219f061cd6"); + + compareKO(name, koGenerated, koVectors); + } + } + + [Test] + public void TestCMAC_AES192_MIDDLE_FIXED_32_BITS() + { + string name = "CMAC_AES192_MIDDLE_FIXED_32_BITS "; + { + int r = 32; + //int count = 0; + int l = 128; + byte[] ki = Hex.Decode("bdb7b0516fca692f5532667c2b34456de348afe6c1e43ad1"); IBlockCipher blockCipher = new AesEngine(); + IMac prf = new CMac(blockCipher); KdfCounterBytesGenerator gen = new KdfCounterBytesGenerator(prf); + byte[] DataBeforeCtrData = Hex.Decode("6d5fd4790cc1d2b85bdb42e33df3debaeea4dc8ef6868482aa49562e3504f8511111898baa2e63a1e932cb83eb2799d23788"); + byte[] DataAfterCtrData = Hex.Decode("0bfa079f2f0aeb334ebf"); + KdfCounterParameters param = new KdfCounterParameters(ki, DataBeforeCtrData, DataAfterCtrData, r); + gen.Init(param); + byte[] koGenerated = new byte[l / 8]; + gen.GenerateBytes(koGenerated, 0, koGenerated.Length); + + byte[] koVectors = Hex.Decode("556adac744b1513b50515a6df6bb983e"); + + compareKO(name, koGenerated, koVectors); + } + } + + [Test] + public void TestCMAC_AES256_BEFORE_FIXED_8_BITS() + { + string name = "CMAC_AES256_BEFORE_FIXED_8_BITS "; + { + int r = 8; + //int count = 0; + int l = 128; + byte[] ki = Hex.Decode("aeb7201d055f754212b3e497bd0b25789a49e51da9f363df414a0f80e6f4e42c"); IBlockCipher blockCipher = new AesEngine(); + IMac prf = new CMac(blockCipher); KdfCounterBytesGenerator gen = new KdfCounterBytesGenerator(prf); + byte[] fixedInputData = Hex.Decode("11ec30761780d4c44acb1f26ca1eb770f87c0e74505e15b7e456b019ce0c38103c4d14afa1de71d340db51410596627512cf199fffa20ef8c5f4841e"); + KdfCounterParameters param = new KdfCounterParameters(ki, null, fixedInputData, r); + gen.Init(param); + byte[] koGenerated = new byte[l / 8]; + gen.GenerateBytes(koGenerated, 0, koGenerated.Length); + + byte[] koVectors = Hex.Decode("2a9e2fe078bd4f5d3076d14d46f39fb2"); + + compareKO(name, koGenerated, koVectors); + } + } + + [Test] + public void TestCMAC_AES256_BEFORE_FIXED_16_BITS() + { + string name = "CMAC_AES256_BEFORE_FIXED_16_BITS "; + { + int r = 16; + //int count = 0; + int l = 128; + byte[] ki = Hex.Decode("4df60800bf8e2f6055c5ad6be43ee3deb54e2a445bc88a576e111b9f7f66756f"); IBlockCipher blockCipher = new AesEngine(); + IMac prf = new CMac(blockCipher); KdfCounterBytesGenerator gen = new KdfCounterBytesGenerator(prf); + byte[] fixedInputData = Hex.Decode("962adcaf12764c87dad298dbd9ae234b1ff37fed24baee0649562d466a80c0dcf0a65f04fe5b477fd00db6767199fa4d1b26c68158c8e656e740ab4d"); + KdfCounterParameters param = new KdfCounterParameters(ki, null, fixedInputData, r); + gen.Init(param); + byte[] koGenerated = new byte[l / 8]; + gen.GenerateBytes(koGenerated, 0, koGenerated.Length); + + byte[] koVectors = Hex.Decode("eca99d4894cdda31fe355b82059a845c"); + + compareKO(name, koGenerated, koVectors); + } + } + + [Test] + public void TestCMAC_AES256_BEFORE_FIXED_24_BITS() + { + string name = "CMAC_AES256_BEFORE_FIXED_24_BITS "; + { + int r = 24; + //int count = 0; + int l = 128; + byte[] ki = Hex.Decode("1612a40daa7fce6c6788b3b71311188ffb850613fd81d0e87a891831348e2f28"); IBlockCipher blockCipher = new AesEngine(); + IMac prf = new CMac(blockCipher); KdfCounterBytesGenerator gen = new KdfCounterBytesGenerator(prf); + byte[] fixedInputData = Hex.Decode("1696438fcdf9a85284759b2604b64d7ea76199514709e711ecde5a505b5f27ae38d154aba14322481ddc9fd9169364b991460a0c9a05c7fcb2d099c9"); + KdfCounterParameters param = new KdfCounterParameters(ki, null, fixedInputData, r); + gen.Init(param); + byte[] koGenerated = new byte[l / 8]; + gen.GenerateBytes(koGenerated, 0, koGenerated.Length); + + byte[] koVectors = Hex.Decode("d101f4f2b5e239bae881cb488995bd52"); + + compareKO(name, koGenerated, koVectors); + } + } + + [Test] + public void TestCMAC_AES256_BEFORE_FIXED_32_BITS() + { + string name = "CMAC_AES256_BEFORE_FIXED_32_BITS "; + { + int r = 32; + //int count = 0; + int l = 128; + byte[] ki = Hex.Decode("d0b1b3b70b2393c48ca05159e7e28cbeadea93f28a7cdae964e5136070c45d5c"); IBlockCipher blockCipher = new AesEngine(); + IMac prf = new CMac(blockCipher); KdfCounterBytesGenerator gen = new KdfCounterBytesGenerator(prf); + byte[] fixedInputData = Hex.Decode("dd2f151a3f173492a6fbbb602189d51ddf8ef79fc8e96b8fcbe6dabe73a35b48104f9dff2d63d48786d2b3af177091d646a9efae005bdfacb61a1214"); + KdfCounterParameters param = new KdfCounterParameters(ki, null, fixedInputData, r); + gen.Init(param); + byte[] koGenerated = new byte[l / 8]; + gen.GenerateBytes(koGenerated, 0, koGenerated.Length); + + byte[] koVectors = Hex.Decode("8c449fb474d1c1d4d2a33827103b656a"); + + compareKO(name, koGenerated, koVectors); + } + } + + [Test] + public void TestCMAC_AES256_AFTER_FIXED_8_BITS() + { + string name = "CMAC_AES256_AFTER_FIXED_8_BITS "; + { + int r = 8; + //int count = 0; + int l = 128; + byte[] ki = Hex.Decode("d22779384558d1ae649896e8d844f29a4ff3dfc1a9fbb7c34e20738f8c795e17"); IBlockCipher blockCipher = new AesEngine(); + IMac prf = new CMac(blockCipher); KdfCounterBytesGenerator gen = new KdfCounterBytesGenerator(prf); + byte[] fixedInputData = Hex.Decode("498cf66c5fd3578ff574ed8c85d072dcd9e18e4f07b0aaecad785c9058fa0f17647673df807984f5f20dec47e699aebd882e485a8afc44c4bc680d07"); + KdfCounterParameters param = new KdfCounterParameters(ki, fixedInputData, null, r); + gen.Init(param); + byte[] koGenerated = new byte[l / 8]; + gen.GenerateBytes(koGenerated, 0, koGenerated.Length); + + byte[] koVectors = Hex.Decode("c721f54afaa0e31886df39bf405514d1"); + + compareKO(name, koGenerated, koVectors); + } + } + + [Test] + public void TestCMAC_AES256_AFTER_FIXED_16_BITS() + { + string name = "CMAC_AES256_AFTER_FIXED_16_BITS "; + { + int r = 16; + //int count = 0; + int l = 128; + byte[] ki = Hex.Decode("6205ae02dc1e943506ac7049889de1d9e4cfb7e696508ec999f4cb3d06ac5964"); IBlockCipher blockCipher = new AesEngine(); + IMac prf = new CMac(blockCipher); KdfCounterBytesGenerator gen = new KdfCounterBytesGenerator(prf); + byte[] fixedInputData = Hex.Decode("b145c7c120101f418f069dd639feda41c36ffc64a251afb5829c4c71572f16a5cdbf8518d8b9fad7a7ef40483ad0f8a8c044aefb7dc8b465923ab403"); + KdfCounterParameters param = new KdfCounterParameters(ki, fixedInputData, null, r); + gen.Init(param); + byte[] koGenerated = new byte[l / 8]; + gen.GenerateBytes(koGenerated, 0, koGenerated.Length); + + byte[] koVectors = Hex.Decode("22001c6de7ca7e303cfa7266f834d7fc"); + + compareKO(name, koGenerated, koVectors); + } + } + + [Test] + public void TestCMAC_AES256_AFTER_FIXED_24_BITS() + { + string name = "CMAC_AES256_AFTER_FIXED_24_BITS "; + { + int r = 24; + //int count = 0; + int l = 128; + byte[] ki = Hex.Decode("404b2b964f2cc8f50b614f591a58d15c21844c115d8b62472f06bdd82a992a5e"); IBlockCipher blockCipher = new AesEngine(); + IMac prf = new CMac(blockCipher); KdfCounterBytesGenerator gen = new KdfCounterBytesGenerator(prf); + byte[] fixedInputData = Hex.Decode("bdbe08a73cae7a5f6ce100753b981d4fc432da7cd841095a211b60f3c7b0a6297d98b84246cf9fe62bd02022c7b50e88a5cafc400aa881cadc5f8979"); + KdfCounterParameters param = new KdfCounterParameters(ki, fixedInputData, null, r); + gen.Init(param); + byte[] koGenerated = new byte[l / 8]; + gen.GenerateBytes(koGenerated, 0, koGenerated.Length); + + byte[] koVectors = Hex.Decode("897f6aebf46fb0ee41a89b324ee82edd"); + + compareKO(name, koGenerated, koVectors); + } + } + + [Test] + public void TestCMAC_AES256_AFTER_FIXED_32_BITS() + { + string name = "CMAC_AES256_AFTER_FIXED_32_BITS "; + { + int r = 32; + //int count = 0; + int l = 128; + byte[] ki = Hex.Decode("746c44c4129858d89e50e09dc44aec2ab2158c2e0c6bb73b35588e94e33a1958"); IBlockCipher blockCipher = new AesEngine(); + IMac prf = new CMac(blockCipher); KdfCounterBytesGenerator gen = new KdfCounterBytesGenerator(prf); + byte[] fixedInputData = Hex.Decode("ebeed6a0462577b6b4e2fe4697c6ae6e1c6b8b9fd14381247bc2cf2c06d7afb55b06389612a85d0a69a1486eb399e7f314b234fd44908396b55f6e67"); + KdfCounterParameters param = new KdfCounterParameters(ki, fixedInputData, null, r); + gen.Init(param); + byte[] koGenerated = new byte[l / 8]; + gen.GenerateBytes(koGenerated, 0, koGenerated.Length); + + byte[] koVectors = Hex.Decode("85e1cd8cea5a43f7f5b626fa7666f550"); + + compareKO(name, koGenerated, koVectors); + } + } + + [Test] + public void TestCMAC_AES256_MIDDLE_FIXED_8_BITS() + { + string name = "CMAC_AES256_MIDDLE_FIXED_8_BITS "; + { + int r = 8; + //int count = 0; + int l = 128; + byte[] ki = Hex.Decode("701c0f5a65a42d07077d6eedf540ef9374bcb74cb89bfe017e5ca1e9df6b2b70"); IBlockCipher blockCipher = new AesEngine(); + IMac prf = new CMac(blockCipher); KdfCounterBytesGenerator gen = new KdfCounterBytesGenerator(prf); + byte[] DataBeforeCtrData = Hex.Decode("2ce10feb56dda9fdc95da5b5013f05f59d13a89b3a1ad4527bd00612190ac6613b007afdf00fbc920cc6e8d5fd9da9ae267d"); + byte[] DataAfterCtrData = Hex.Decode("86373a67ab86e7bde5b7"); + KdfCounterParameters param = new KdfCounterParameters(ki, DataBeforeCtrData, DataAfterCtrData, r); + gen.Init(param); + byte[] koGenerated = new byte[l / 8]; + gen.GenerateBytes(koGenerated, 0, koGenerated.Length); + + byte[] koVectors = Hex.Decode("0ca10ea17fd28eaf660191fd983cb353"); + + compareKO(name, koGenerated, koVectors); + } + } + + [Test] + public void TestCMAC_AES256_MIDDLE_FIXED_16_BITS() + { + string name = "CMAC_AES256_MIDDLE_FIXED_16_BITS "; + { + int r = 16; + //int count = 0; + int l = 128; + byte[] ki = Hex.Decode("ce7ec625c6dcd1ff21ec48ed35ff70fc0f69946107e6583849f711a725ba1684"); IBlockCipher blockCipher = new AesEngine(); + IMac prf = new CMac(blockCipher); KdfCounterBytesGenerator gen = new KdfCounterBytesGenerator(prf); + byte[] DataBeforeCtrData = Hex.Decode("14e20e83dbe001af8ab304d0cf14dba30caa751271b976a927b3c8544e24ad0a98e6604eddd9fda2bf2a9ba81ec507f942f5"); + byte[] DataAfterCtrData = Hex.Decode("43a412a8be794adb0f2e"); + KdfCounterParameters param = new KdfCounterParameters(ki, DataBeforeCtrData, DataAfterCtrData, r); + gen.Init(param); + byte[] koGenerated = new byte[l / 8]; + gen.GenerateBytes(koGenerated, 0, koGenerated.Length); + + byte[] koVectors = Hex.Decode("e2c310966e6cf312eff7ab44deddb9dc"); + + compareKO(name, koGenerated, koVectors); + } + } + + [Test] + public void TestCMAC_AES256_MIDDLE_FIXED_24_BITS() + { + string name = "CMAC_AES256_MIDDLE_FIXED_24_BITS "; + { + int r = 24; + //int count = 0; + int l = 128; + byte[] ki = Hex.Decode("bcc9da67e6309c4c365de53a040fa6a64f387d48257fd1751cffdfae6644c59a"); IBlockCipher blockCipher = new AesEngine(); + IMac prf = new CMac(blockCipher); KdfCounterBytesGenerator gen = new KdfCounterBytesGenerator(prf); + byte[] DataBeforeCtrData = Hex.Decode("6740b398eff3ec6288090caac3ae9210c91809774172e108bb51a216eaa5a67cd0420932146a42254d3e2b8c2c34f9c118ed"); + byte[] DataAfterCtrData = Hex.Decode("335747e149d25dccf1ff"); + KdfCounterParameters param = new KdfCounterParameters(ki, DataBeforeCtrData, DataAfterCtrData, r); + gen.Init(param); + byte[] koGenerated = new byte[l / 8]; + gen.GenerateBytes(koGenerated, 0, koGenerated.Length); + + byte[] koVectors = Hex.Decode("0288ef588897480caeb1d0d9cd30a6d9"); + + compareKO(name, koGenerated, koVectors); + } + } + + [Test] + public void TestCMAC_AES256_MIDDLE_FIXED_32_BITS() + { + string name = "CMAC_AES256_MIDDLE_FIXED_32_BITS "; + { + int r = 32; + //int count = 0; + int l = 128; + byte[] ki = Hex.Decode("04618a8e172eb80eef23e5b95c736acf6b7aac16b9fdbdae1ef73d777380bb49"); IBlockCipher blockCipher = new AesEngine(); + IMac prf = new CMac(blockCipher); KdfCounterBytesGenerator gen = new KdfCounterBytesGenerator(prf); + byte[] DataBeforeCtrData = Hex.Decode("4cca08a93ba374efbf69cad9601f3782089eb5aeb128a59a8c1f687bee5eba8c56bdb1354e1eb945542df52441667502c82a"); + byte[] DataAfterCtrData = Hex.Decode("fedd474f5dc3033fa3ca"); + KdfCounterParameters param = new KdfCounterParameters(ki, DataBeforeCtrData, DataAfterCtrData, r); + gen.Init(param); + byte[] koGenerated = new byte[l / 8]; + gen.GenerateBytes(koGenerated, 0, koGenerated.Length); + + byte[] koVectors = Hex.Decode("bd4299f66136975d87f65b5eda112710"); + + compareKO(name, koGenerated, koVectors); + } + } + + [Test] + public void TestCMAC_TDES2_BEFORE_FIXED_8_BITS() + { + string name = "CMAC_TDES2_BEFORE_FIXED_8_BITS "; + { + int r = 8; + //int count = 0; + int l = 128; + byte[] ki = Hex.Decode("b9414ff3788ce4e1a7db5046a012dd9c"); IBlockCipher blockCipher = new DesEdeEngine(); + IMac prf = new CMac(blockCipher); KdfCounterBytesGenerator gen = new KdfCounterBytesGenerator(prf); + byte[] fixedInputData = Hex.Decode("346df581169dd40d11908314fa23e0ee18befd00151f8c8937ad4f978600c3a6fa8a2162aeafce11e593aaf607094778b872e083e9e3549a05cae069"); + KdfCounterParameters param = new KdfCounterParameters(ki, null, fixedInputData, r); + gen.Init(param); + byte[] koGenerated = new byte[l / 8]; + gen.GenerateBytes(koGenerated, 0, koGenerated.Length); + + byte[] koVectors = Hex.Decode("f83dde63c47cdb30d7ad357d08c5de98"); + + compareKO(name, koGenerated, koVectors); + } + } + + [Test] + public void TestCMAC_TDES2_BEFORE_FIXED_16_BITS() + { + string name = "CMAC_TDES2_BEFORE_FIXED_16_BITS "; + { + int r = 16; + //int count = 0; + int l = 128; + byte[] ki = Hex.Decode("52a865ecdc1bc07b7d42efa8b9c8751f"); IBlockCipher blockCipher = new DesEdeEngine(); + IMac prf = new CMac(blockCipher); KdfCounterBytesGenerator gen = new KdfCounterBytesGenerator(prf); + byte[] fixedInputData = Hex.Decode("626e5f408274be0c0661415affe5dd9a0e5907740b106a5fc45b02dd2393d699d393e32cd29bfe2faa849f1bda756d9defae6654bfd8ee20af38fe34"); + KdfCounterParameters param = new KdfCounterParameters(ki, null, fixedInputData, r); + gen.Init(param); + byte[] koGenerated = new byte[l / 8]; + gen.GenerateBytes(koGenerated, 0, koGenerated.Length); + + byte[] koVectors = Hex.Decode("09afb33650e00bbe6a485d6f4004dedd"); + + compareKO(name, koGenerated, koVectors); + } + } + + [Test] + public void TestCMAC_TDES2_BEFORE_FIXED_24_BITS() + { + string name = "CMAC_TDES2_BEFORE_FIXED_24_BITS "; + { + int r = 24; + //int count = 0; + int l = 128; + byte[] ki = Hex.Decode("591f8097bee804e1089105acda371a59"); IBlockCipher blockCipher = new DesEdeEngine(); + IMac prf = new CMac(blockCipher); KdfCounterBytesGenerator gen = new KdfCounterBytesGenerator(prf); + byte[] fixedInputData = Hex.Decode("dd610f376e588224e616e15533f4e14696f6bb31528c6b6a835e26a0a7986a32c791db165538a0cdece935f7e1459579dc59ff3b80dc187f93b85864"); + KdfCounterParameters param = new KdfCounterParameters(ki, null, fixedInputData, r); + gen.Init(param); + byte[] koGenerated = new byte[l / 8]; + gen.GenerateBytes(koGenerated, 0, koGenerated.Length); + + byte[] koVectors = Hex.Decode("b47b488ad6ec7ee5a21f77cdf8b805a4"); + + compareKO(name, koGenerated, koVectors); + } + } + + [Test] + public void TestCMAC_TDES2_BEFORE_FIXED_32_BITS() + { + string name = "CMAC_TDES2_BEFORE_FIXED_32_BITS "; + { + int r = 32; + //int count = 0; + int l = 128; + byte[] ki = Hex.Decode("0cd1600ab3357416515adf83c39916e9"); IBlockCipher blockCipher = new DesEdeEngine(); + IMac prf = new CMac(blockCipher); KdfCounterBytesGenerator gen = new KdfCounterBytesGenerator(prf); + byte[] fixedInputData = Hex.Decode("163b94f161d9219a151c13ec74391a7d10183a78ddcf09805e2d637a5a658c2491c2a81e3c208bf46827565a10ac81caa5cbffebb76d23c7fd4261d0"); + KdfCounterParameters param = new KdfCounterParameters(ki, null, fixedInputData, r); + gen.Init(param); + byte[] koGenerated = new byte[l / 8]; + gen.GenerateBytes(koGenerated, 0, koGenerated.Length); + + byte[] koVectors = Hex.Decode("ad197bd9913694c5a5f1230cf8720955"); + + compareKO(name, koGenerated, koVectors); + } + } + + [Test] + public void TestCMAC_TDES2_AFTER_FIXED_8_BITS() + { + string name = "CMAC_TDES2_AFTER_FIXED_8_BITS "; + { + int r = 8; + //int count = 0; + int l = 128; + byte[] ki = Hex.Decode("f1adfb9fd1740d2deb7002be11064f2a"); IBlockCipher blockCipher = new DesEdeEngine(); + IMac prf = new CMac(blockCipher); KdfCounterBytesGenerator gen = new KdfCounterBytesGenerator(prf); + byte[] fixedInputData = Hex.Decode("7c88743991919940f5bf56bc2db728b192e03a1ba51661a1621585168b9a6c898f898ea4da37da8bc983d37acba01a2fe1599e24128a98c3141e790e"); + KdfCounterParameters param = new KdfCounterParameters(ki, fixedInputData, null, r); + gen.Init(param); + byte[] koGenerated = new byte[l / 8]; + gen.GenerateBytes(koGenerated, 0, koGenerated.Length); + + byte[] koVectors = Hex.Decode("03893271c38d43058a6bc85cc3b98fd9"); + + compareKO(name, koGenerated, koVectors); + } + } + + [Test] + public void TestCMAC_TDES2_AFTER_FIXED_16_BITS() + { + string name = "CMAC_TDES2_AFTER_FIXED_16_BITS "; + { + int r = 16; + //int count = 0; + int l = 128; + byte[] ki = Hex.Decode("12dde64a6eb639f5d3008ab1e866d6bc"); IBlockCipher blockCipher = new DesEdeEngine(); + IMac prf = new CMac(blockCipher); KdfCounterBytesGenerator gen = new KdfCounterBytesGenerator(prf); + byte[] fixedInputData = Hex.Decode("310008b5ad01f6c1df3d64a204017f449b722cada2b8d018a67adeb92a067d8f57b4611363eda7783faf0f7c6b1ef5c1b93c69456041c671290a3929"); + KdfCounterParameters param = new KdfCounterParameters(ki, fixedInputData, null, r); + gen.Init(param); + byte[] koGenerated = new byte[l / 8]; + gen.GenerateBytes(koGenerated, 0, koGenerated.Length); + + byte[] koVectors = Hex.Decode("0602f936e1883c6b38ff4e34abf455e6"); + + compareKO(name, koGenerated, koVectors); + } + } + + [Test] + public void TestCMAC_TDES2_AFTER_FIXED_24_BITS() + { + string name = "CMAC_TDES2_AFTER_FIXED_24_BITS "; + { + int r = 24; + //int count = 0; + int l = 128; + byte[] ki = Hex.Decode("4b0ec2cfffc01d9af6e622f78cc143f5"); IBlockCipher blockCipher = new DesEdeEngine(); + IMac prf = new CMac(blockCipher); KdfCounterBytesGenerator gen = new KdfCounterBytesGenerator(prf); + byte[] fixedInputData = Hex.Decode("db2529059882038b28cdbc8a1971d78be996fe26515af88a83c833726081a1523c801aec63b115b5f9fc8e67bea30a7aaeb1aceabcb4924ab7fcecff"); + KdfCounterParameters param = new KdfCounterParameters(ki, fixedInputData, null, r); + gen.Init(param); + byte[] koGenerated = new byte[l / 8]; + gen.GenerateBytes(koGenerated, 0, koGenerated.Length); + + byte[] koVectors = Hex.Decode("983ad3eaa545c9bb1df934912fc812c7"); + + compareKO(name, koGenerated, koVectors); + } + } + + [Test] + public void TestCMAC_TDES2_AFTER_FIXED_32_BITS() + { + string name = "CMAC_TDES2_AFTER_FIXED_32_BITS "; + { + int r = 32; + //int count = 0; + int l = 128; + byte[] ki = Hex.Decode("35261d795e6b35abf7631f39d9358655"); IBlockCipher blockCipher = new DesEdeEngine(); + IMac prf = new CMac(blockCipher); KdfCounterBytesGenerator gen = new KdfCounterBytesGenerator(prf); + byte[] fixedInputData = Hex.Decode("29dcfcf5c8fef254fa2d3b388b5a8b0e4b2eeb820264933e0bf0c148645c8cca98388a93768735a4c09c94e90121e65f1a16269c64e5b9301b049762"); + KdfCounterParameters param = new KdfCounterParameters(ki, fixedInputData, null, r); + gen.Init(param); + byte[] koGenerated = new byte[l / 8]; + gen.GenerateBytes(koGenerated, 0, koGenerated.Length); + + byte[] koVectors = Hex.Decode("b16fc1cfe3e1437e374909443777c244"); + + compareKO(name, koGenerated, koVectors); + } + } + + [Test] + public void TestCMAC_TDES2_MIDDLE_FIXED_8_BITS() + { + string name = "CMAC_TDES2_MIDDLE_FIXED_8_BITS "; + { + int r = 8; + //int count = 0; + int l = 128; + byte[] ki = Hex.Decode("9b7472291bbe27db6fab01fde89a09af"); IBlockCipher blockCipher = new DesEdeEngine(); + IMac prf = new CMac(blockCipher); KdfCounterBytesGenerator gen = new KdfCounterBytesGenerator(prf); + byte[] DataBeforeCtrData = Hex.Decode("6c4e11221aec7ce087ba1456adbadb62cc72ccf3673912350e8d1632f9b90997b270b7803bbeccaa8b0349be34edfa49b633"); + byte[] DataAfterCtrData = Hex.Decode("91353a575c9f71780202"); + KdfCounterParameters param = new KdfCounterParameters(ki, DataBeforeCtrData, DataAfterCtrData, r); + gen.Init(param); + byte[] koGenerated = new byte[l / 8]; + gen.GenerateBytes(koGenerated, 0, koGenerated.Length); + + byte[] koVectors = Hex.Decode("beeef41b4671715f28419ed6aa6c8a98"); + + compareKO(name, koGenerated, koVectors); + } + } + + [Test] + public void TestCMAC_TDES2_MIDDLE_FIXED_16_BITS() + { + string name = "CMAC_TDES2_MIDDLE_FIXED_16_BITS "; + { + int r = 16; + //int count = 0; + int l = 128; + byte[] ki = Hex.Decode("28908f47deb831129e9cca49e8cd4a4a"); IBlockCipher blockCipher = new DesEdeEngine(); + IMac prf = new CMac(blockCipher); KdfCounterBytesGenerator gen = new KdfCounterBytesGenerator(prf); + byte[] DataBeforeCtrData = Hex.Decode("c8876e7259e1291aa032f442b87daa555b64cc7dde1bafd0e5b1824b2e35dad21fac7231f7e248c1b412d5bc0da259cf6793"); + byte[] DataAfterCtrData = Hex.Decode("2dee3c7b9a9b8b99325a"); + KdfCounterParameters param = new KdfCounterParameters(ki, DataBeforeCtrData, DataAfterCtrData, r); + gen.Init(param); + byte[] koGenerated = new byte[l / 8]; + gen.GenerateBytes(koGenerated, 0, koGenerated.Length); + + byte[] koVectors = Hex.Decode("1258667e41849300d28f8d7fda88d073"); + + compareKO(name, koGenerated, koVectors); + } + } + + [Test] + public void TestCMAC_TDES2_MIDDLE_FIXED_24_BITS() + { + string name = "CMAC_TDES2_MIDDLE_FIXED_24_BITS "; + { + int r = 24; + //int count = 0; + int l = 128; + byte[] ki = Hex.Decode("b1b415150a302d75d4d0787693491067"); IBlockCipher blockCipher = new DesEdeEngine(); + IMac prf = new CMac(blockCipher); KdfCounterBytesGenerator gen = new KdfCounterBytesGenerator(prf); + byte[] DataBeforeCtrData = Hex.Decode("2da644277d9a9bdc9b71c527bb326bb0ecd9a79c5612545a10351565a0b7709158b8a5692ab3cd0b396b575a796388e50bad"); + byte[] DataAfterCtrData = Hex.Decode("79a3ede12b55c7a03098"); + KdfCounterParameters param = new KdfCounterParameters(ki, DataBeforeCtrData, DataAfterCtrData, r); + gen.Init(param); + byte[] koGenerated = new byte[l / 8]; + gen.GenerateBytes(koGenerated, 0, koGenerated.Length); + + byte[] koVectors = Hex.Decode("a4c76b2240aaf6528a2c595137495e08"); + + compareKO(name, koGenerated, koVectors); + } + } + + [Test] + public void TestCMAC_TDES2_MIDDLE_FIXED_32_BITS() + { + string name = "CMAC_TDES2_MIDDLE_FIXED_32_BITS "; + { + int r = 32; + //int count = 0; + int l = 128; + byte[] ki = Hex.Decode("3363baa77afae6b2392959f759058ff2"); IBlockCipher blockCipher = new DesEdeEngine(); + IMac prf = new CMac(blockCipher); KdfCounterBytesGenerator gen = new KdfCounterBytesGenerator(prf); + byte[] DataBeforeCtrData = Hex.Decode("3ad9c61856c8dbe27c8872e71c961e9ff048d7417f820cb0e91e4b84ec793900617dedfee369bb8a5a0e0ae2a0eb73ede4c0"); + byte[] DataAfterCtrData = Hex.Decode("7905ffa7520728c16975"); + KdfCounterParameters param = new KdfCounterParameters(ki, DataBeforeCtrData, DataAfterCtrData, r); + gen.Init(param); + byte[] koGenerated = new byte[l / 8]; + gen.GenerateBytes(koGenerated, 0, koGenerated.Length); + + byte[] koVectors = Hex.Decode("39431682b1a75ad6a7e22a78c631b1b6"); + + compareKO(name, koGenerated, koVectors); + } + } + + [Test] + public void TestCMAC_TDES3_BEFORE_FIXED_8_BITS() + { + string name = "CMAC_TDES3_BEFORE_FIXED_8_BITS "; + { + int r = 8; + //int count = 0; + int l = 128; + byte[] ki = Hex.Decode("89b3469ce73b4fef33244de2cb772bc239a4261a45993b3b"); IBlockCipher blockCipher = new DesEdeEngine(); + IMac prf = new CMac(blockCipher); KdfCounterBytesGenerator gen = new KdfCounterBytesGenerator(prf); + byte[] fixedInputData = Hex.Decode("f1aec104bc3b1735e28f90a6d3aa7cd319841303989bc4a2a0da886c5c5764d0bd7c12d94723133f664a109d289d0f2971cbfec4da2f3b5cbfbc47f2"); + KdfCounterParameters param = new KdfCounterParameters(ki, null, fixedInputData, r); + gen.Init(param); + byte[] koGenerated = new byte[l / 8]; + gen.GenerateBytes(koGenerated, 0, koGenerated.Length); + + byte[] koVectors = Hex.Decode("af52a719396e6eecc4cb323994113f42"); + + compareKO(name, koGenerated, koVectors); + } + } + + [Test] + public void TestCMAC_TDES3_BEFORE_FIXED_16_BITS() + { + string name = "CMAC_TDES3_BEFORE_FIXED_16_BITS "; + { + int r = 16; + //int count = 0; + int l = 128; + byte[] ki = Hex.Decode("59850d301cc30ded3c9a78181ec7f466743c06ea1294f84b"); IBlockCipher blockCipher = new DesEdeEngine(); + IMac prf = new CMac(blockCipher); KdfCounterBytesGenerator gen = new KdfCounterBytesGenerator(prf); + byte[] fixedInputData = Hex.Decode("1a8011295716fd54dd8d87bd8f3b27e296c03997e427836ae5a79ac3989a3b769b2ab5d5bb560a58e8cb996a34b2c0f8439ff8b1517b783d85a51b0c"); + KdfCounterParameters param = new KdfCounterParameters(ki, null, fixedInputData, r); + gen.Init(param); + byte[] koGenerated = new byte[l / 8]; + gen.GenerateBytes(koGenerated, 0, koGenerated.Length); + + byte[] koVectors = Hex.Decode("ac7420b7b315ad0482f1d8f78bb26867"); + + compareKO(name, koGenerated, koVectors); + } + } + + [Test] + public void TestCMAC_TDES3_BEFORE_FIXED_24_BITS() + { + string name = "CMAC_TDES3_BEFORE_FIXED_24_BITS "; + { + int r = 24; + //int count = 0; + int l = 128; + byte[] ki = Hex.Decode("a36813220b356493d6414e506e902c225a12190a353bf326"); IBlockCipher blockCipher = new DesEdeEngine(); + IMac prf = new CMac(blockCipher); KdfCounterBytesGenerator gen = new KdfCounterBytesGenerator(prf); + byte[] fixedInputData = Hex.Decode("0d48409241aa1346b4f3576c88a720e0de04ec23973f2f5c0a1f083c50aed3198ced13bb521233dd94d6748c2dd184100489c808a143a4cf6be5f30b"); + KdfCounterParameters param = new KdfCounterParameters(ki, null, fixedInputData, r); + gen.Init(param); + byte[] koGenerated = new byte[l / 8]; + gen.GenerateBytes(koGenerated, 0, koGenerated.Length); + + byte[] koVectors = Hex.Decode("27626c6d07ff4c13cc596c9ff57425c0"); + + compareKO(name, koGenerated, koVectors); + } + } + + [Test] + public void TestCMAC_TDES3_BEFORE_FIXED_32_BITS() + { + string name = "CMAC_TDES3_BEFORE_FIXED_32_BITS "; + { + int r = 32; + //int count = 0; + int l = 128; + byte[] ki = Hex.Decode("a1440ebcdfe3eb349b3394938bc4c3f0f52bffb15ed0a20c"); IBlockCipher blockCipher = new DesEdeEngine(); + IMac prf = new CMac(blockCipher); KdfCounterBytesGenerator gen = new KdfCounterBytesGenerator(prf); + byte[] fixedInputData = Hex.Decode("ac8ce20d7fa0a07e6351cb0435c8e762aee6394f870108c66bbe6d75a1a8079bb2f778b4f896d8a739000731784618086b0fbfa25453c69b8dc2cafd"); + KdfCounterParameters param = new KdfCounterParameters(ki, null, fixedInputData, r); + gen.Init(param); + byte[] koGenerated = new byte[l / 8]; + gen.GenerateBytes(koGenerated, 0, koGenerated.Length); + + byte[] koVectors = Hex.Decode("3b924d2d2101544ac09d2abe9a258059"); + + compareKO(name, koGenerated, koVectors); + } + } + + [Test] + public void TestCMAC_TDES3_AFTER_FIXED_8_BITS() + { + string name = "CMAC_TDES3_AFTER_FIXED_8_BITS "; + { + int r = 8; + //int count = 0; + int l = 128; + byte[] ki = Hex.Decode("7e3c2b8dcb802b4f504865711e7e8fdfa2f4025a5422d165"); IBlockCipher blockCipher = new DesEdeEngine(); + IMac prf = new CMac(blockCipher); KdfCounterBytesGenerator gen = new KdfCounterBytesGenerator(prf); + byte[] fixedInputData = Hex.Decode("c45b6d6123dade0d8c670764bb1a0e89a4bd968e87332776421e43ccb7f542653305eae98d74fda39800f11e7b29723613f5a55fb5fdfbe6df9a97d9"); + KdfCounterParameters param = new KdfCounterParameters(ki, fixedInputData, null, r); + gen.Init(param); + byte[] koGenerated = new byte[l / 8]; + gen.GenerateBytes(koGenerated, 0, koGenerated.Length); + + byte[] koVectors = Hex.Decode("9284f48d951df2275f1a19985029e992"); + + compareKO(name, koGenerated, koVectors); + } + } + + [Test] + public void TestCMAC_TDES3_AFTER_FIXED_16_BITS() + { + string name = "CMAC_TDES3_AFTER_FIXED_16_BITS "; + { + int r = 16; + //int count = 0; + int l = 128; + byte[] ki = Hex.Decode("38e68dc86bc2f071b022447760f05d58d228c61161c6150b"); IBlockCipher blockCipher = new DesEdeEngine(); + IMac prf = new CMac(blockCipher); KdfCounterBytesGenerator gen = new KdfCounterBytesGenerator(prf); + byte[] fixedInputData = Hex.Decode("06ae7937f05880e4d3975b29bc6f6a2497badb4adbe218c8c43815598c06e9cefbd02abb07e050215614e215bc5424921e702ec6d691ccbebea925fa"); + KdfCounterParameters param = new KdfCounterParameters(ki, fixedInputData, null, r); + gen.Init(param); + byte[] koGenerated = new byte[l / 8]; + gen.GenerateBytes(koGenerated, 0, koGenerated.Length); + + byte[] koVectors = Hex.Decode("c78dc22844e8ec864c7aeaec3b915f0c"); + + compareKO(name, koGenerated, koVectors); + } + } + + [Test] + public void TestCMAC_TDES3_AFTER_FIXED_24_BITS() + { + string name = "CMAC_TDES3_AFTER_FIXED_24_BITS "; + { + int r = 24; + //int count = 0; + int l = 128; + byte[] ki = Hex.Decode("6b3e828fedf4c09a5c12add793fe93dceebf4d73dd8aac7d"); IBlockCipher blockCipher = new DesEdeEngine(); + IMac prf = new CMac(blockCipher); KdfCounterBytesGenerator gen = new KdfCounterBytesGenerator(prf); + byte[] fixedInputData = Hex.Decode("21f099f2d815a165780660880eabc61a3086e4671270b7ba7e357dd0b7a02348fd65c911fab319d0696cd6f208066690c1b9f240036f20e0d4ab541f"); + KdfCounterParameters param = new KdfCounterParameters(ki, fixedInputData, null, r); + gen.Init(param); + byte[] koGenerated = new byte[l / 8]; + gen.GenerateBytes(koGenerated, 0, koGenerated.Length); + + byte[] koVectors = Hex.Decode("60b0c85b67a8369ff837186b9df66c30"); + + compareKO(name, koGenerated, koVectors); + } + } + + [Test] + public void TestCMAC_TDES3_AFTER_FIXED_32_BITS() + { + string name = "CMAC_TDES3_AFTER_FIXED_32_BITS "; + { + int r = 32; + //int count = 0; + int l = 128; + byte[] ki = Hex.Decode("93e6c8cd13f94cf7261b3d1aae32236484af0c9deb10e706"); IBlockCipher blockCipher = new DesEdeEngine(); + IMac prf = new CMac(blockCipher); KdfCounterBytesGenerator gen = new KdfCounterBytesGenerator(prf); + byte[] fixedInputData = Hex.Decode("d466b528b7feb554c81059f2856170cc036007792ff6f4503e36bc8a4c95ce243600653373dafc25a163f301eef3d074ee827bd5a2e36ee2b5d46328"); + KdfCounterParameters param = new KdfCounterParameters(ki, fixedInputData, null, r); + gen.Init(param); + byte[] koGenerated = new byte[l / 8]; + gen.GenerateBytes(koGenerated, 0, koGenerated.Length); + + byte[] koVectors = Hex.Decode("4c846ebe416463bd85e68013a65212c6"); + + compareKO(name, koGenerated, koVectors); + } + } + + [Test] + public void TestCMAC_TDES3_MIDDLE_FIXED_8_BITS() + { + string name = "CMAC_TDES3_MIDDLE_FIXED_8_BITS "; + { + int r = 8; + //int count = 0; + int l = 128; + byte[] ki = Hex.Decode("acdcf0400857f9e500314327ecceed5a5524670f3a4db8fd"); IBlockCipher blockCipher = new DesEdeEngine(); + IMac prf = new CMac(blockCipher); KdfCounterBytesGenerator gen = new KdfCounterBytesGenerator(prf); + byte[] DataBeforeCtrData = Hex.Decode("d10bfe3b052cc940542aa92026ee0d8c3d1836e52147ffbc8521e1a0812a17e99b966e4dbe2a746a6fcaddec9236dabfd9ed"); + byte[] DataAfterCtrData = Hex.Decode("b15b26e785ddb21056fa"); + KdfCounterParameters param = new KdfCounterParameters(ki, DataBeforeCtrData, DataAfterCtrData, r); + gen.Init(param); + byte[] koGenerated = new byte[l / 8]; + gen.GenerateBytes(koGenerated, 0, koGenerated.Length); + + byte[] koVectors = Hex.Decode("d7815ac538a9674eabf41f4077b1355a"); + + compareKO(name, koGenerated, koVectors); + } + } + + [Test] + public void TestCMAC_TDES3_MIDDLE_FIXED_16_BITS() + { + string name = "CMAC_TDES3_MIDDLE_FIXED_16_BITS "; + { + int r = 16; + //int count = 0; + int l = 128; + byte[] ki = Hex.Decode("9b9c7898dc438b12b103fcaf6e80586c7c1d8b9ded1bddbe"); IBlockCipher blockCipher = new DesEdeEngine(); + IMac prf = new CMac(blockCipher); KdfCounterBytesGenerator gen = new KdfCounterBytesGenerator(prf); + byte[] DataBeforeCtrData = Hex.Decode("62efc3670c8f74b590a6779a637b3e3204bfce94e42b4e8d276d2106b29ac90951635b7b526451b87b99feb13db517bc4567"); + byte[] DataAfterCtrData = Hex.Decode("5a7d10e548f03b474b90"); + KdfCounterParameters param = new KdfCounterParameters(ki, DataBeforeCtrData, DataAfterCtrData, r); + gen.Init(param); + byte[] koGenerated = new byte[l / 8]; + gen.GenerateBytes(koGenerated, 0, koGenerated.Length); + + byte[] koVectors = Hex.Decode("d717ef6b042fc14bdd3f37049c1c8a8c"); + + compareKO(name, koGenerated, koVectors); + } + } + + [Test] + public void TestCMAC_TDES3_MIDDLE_FIXED_24_BITS() + { + string name = "CMAC_TDES3_MIDDLE_FIXED_24_BITS "; + { + int r = 24; + //int count = 0; + int l = 128; + byte[] ki = Hex.Decode("9bc139be964cce8ef17205870faeea3329c219a300fb4db4"); IBlockCipher blockCipher = new DesEdeEngine(); + IMac prf = new CMac(blockCipher); KdfCounterBytesGenerator gen = new KdfCounterBytesGenerator(prf); + byte[] DataBeforeCtrData = Hex.Decode("a4b7a50a70c89c8e46c3d15da45b62e23ee9af2f5862c18ac56f2523d2853f5cbc0c26733c496e3a80f87024774bbd54ee16"); + byte[] DataAfterCtrData = Hex.Decode("d6de2ce1910de7eb033c"); + KdfCounterParameters param = new KdfCounterParameters(ki, DataBeforeCtrData, DataAfterCtrData, r); + gen.Init(param); + byte[] koGenerated = new byte[l / 8]; + gen.GenerateBytes(koGenerated, 0, koGenerated.Length); + + byte[] koVectors = Hex.Decode("7b21d229d24201d25b66c234ed333072"); + + compareKO(name, koGenerated, koVectors); + } + } + + [Test] + public void TestCMAC_TDES3_MIDDLE_FIXED_32_BITS() + { + string name = "CMAC_TDES3_MIDDLE_FIXED_32_BITS "; + { + int r = 32; + //int count = 0; + int l = 128; + byte[] ki = Hex.Decode("7ba45fbfa4b8aef5b6c0a193f8041440388f3c24479eb8f9"); IBlockCipher blockCipher = new DesEdeEngine(); + IMac prf = new CMac(blockCipher); KdfCounterBytesGenerator gen = new KdfCounterBytesGenerator(prf); + byte[] DataBeforeCtrData = Hex.Decode("ac83b0bf7beba95fc4442755ef77e8e4a6dc03f5c861295b9fc71fb5fcaa5aba73048ac89771dacfc34c5e332d7f4b419c49"); + byte[] DataAfterCtrData = Hex.Decode("980cfefbf2dd602ddfca"); + KdfCounterParameters param = new KdfCounterParameters(ki, DataBeforeCtrData, DataAfterCtrData, r); + gen.Init(param); + byte[] koGenerated = new byte[l / 8]; + gen.GenerateBytes(koGenerated, 0, koGenerated.Length); + + byte[] koVectors = Hex.Decode("9cfb77a4f4af262a9ae707abe2913cd6"); + + compareKO(name, koGenerated, koVectors); + } + } + + [Test] + public void TestHMAC_SHA1_BEFORE_FIXED_8_BITS() + { + string name = "HMAC_SHA1_BEFORE_FIXED_8_BITS "; + { + int r = 8; + //int count = 0; + int l = 128; + byte[] ki = Hex.Decode("00a39bd547fb88b2d98727cf64c195c61e1cad6c"); IDigest digest = new Sha1Digest(); + IMac prf = new HMac(digest); KdfCounterBytesGenerator gen = new KdfCounterBytesGenerator(prf); + byte[] fixedInputData = Hex.Decode("98132c1ffaf59ae5cbc0a3133d84c551bb97e0c75ecaddfc30056f6876f59803009bffc7d75c4ed46f40b8f80426750d15bc1ddb14ac5dcb69a68242"); + KdfCounterParameters param = new KdfCounterParameters(ki, null, fixedInputData, r); + gen.Init(param); + byte[] koGenerated = new byte[l / 8]; + gen.GenerateBytes(koGenerated, 0, koGenerated.Length); + + byte[] koVectors = Hex.Decode("0611e1903609b47ad7a5fc2c82e47702"); + + compareKO(name, koGenerated, koVectors); + } + } + + [Test] + public void TestHMAC_SHA1_BEFORE_FIXED_16_BITS() + { + string name = "HMAC_SHA1_BEFORE_FIXED_16_BITS "; + { + int r = 16; + //int count = 0; + int l = 128; + byte[] ki = Hex.Decode("a510fe5ad1640d345a6dbba65d629c2a2fedd1ae"); IDigest digest = new Sha1Digest(); + IMac prf = new HMac(digest); KdfCounterBytesGenerator gen = new KdfCounterBytesGenerator(prf); + byte[] fixedInputData = Hex.Decode("9953de43418a85aa8db2278a1e380e83fb1e47744d902e8f0d1b3053f185bbcc734d12f219576e75477d7f7b799b7afed1a4847730be8fd2ef3f342e"); + KdfCounterParameters param = new KdfCounterParameters(ki, null, fixedInputData, r); + gen.Init(param); + byte[] koGenerated = new byte[l / 8]; + gen.GenerateBytes(koGenerated, 0, koGenerated.Length); + + byte[] koVectors = Hex.Decode("c00707a18c57acdb84f17ef05a322da2"); + + compareKO(name, koGenerated, koVectors); + } + } + + [Test] + public void TestHMAC_SHA1_BEFORE_FIXED_24_BITS() + { + string name = "HMAC_SHA1_BEFORE_FIXED_24_BITS "; + { + int r = 24; + //int count = 0; + int l = 128; + byte[] ki = Hex.Decode("928c170199473291bf719a1985a13673afb8f298"); IDigest digest = new Sha1Digest(); + IMac prf = new HMac(digest); KdfCounterBytesGenerator gen = new KdfCounterBytesGenerator(prf); + byte[] fixedInputData = Hex.Decode("f54388503cde2bf544db4c9510ff7a2759ba9b4e66da3baf41c90ce796d5ea7045bc27424afb03e137abfafe95158954c832090abdba02d86bab569d"); + KdfCounterParameters param = new KdfCounterParameters(ki, null, fixedInputData, r); + gen.Init(param); + byte[] koGenerated = new byte[l / 8]; + gen.GenerateBytes(koGenerated, 0, koGenerated.Length); + + byte[] koVectors = Hex.Decode("8c01160c72c925178d616a5c953df0a7"); + + compareKO(name, koGenerated, koVectors); + } + } + + [Test] + public void TestHMAC_SHA1_BEFORE_FIXED_32_BITS() + { + string name = "HMAC_SHA1_BEFORE_FIXED_32_BITS "; + { + int r = 32; + //int count = 0; + int l = 128; + byte[] ki = Hex.Decode("f7591733c856593565130975351954d0155abf3c"); IDigest digest = new Sha1Digest(); + IMac prf = new HMac(digest); KdfCounterBytesGenerator gen = new KdfCounterBytesGenerator(prf); + byte[] fixedInputData = Hex.Decode("8e347ef55d5f5e99eab6de706b51de7ce004f3882889e259ff4e5cff102167a5a4bd711578d4ce17dd9abe56e51c1f2df950e2fc812ec1b217ca08d6"); + KdfCounterParameters param = new KdfCounterParameters(ki, null, fixedInputData, r); + gen.Init(param); + byte[] koGenerated = new byte[l / 8]; + gen.GenerateBytes(koGenerated, 0, koGenerated.Length); + + byte[] koVectors = Hex.Decode("34fe44b0d8c41b93f5fa64fb96f00e5b"); + + compareKO(name, koGenerated, koVectors); + } + } + + [Test] + public void TestHMAC_SHA1_AFTER_FIXED_8_BITS() + { + string name = "HMAC_SHA1_AFTER_FIXED_8_BITS "; + { + int r = 8; + //int count = 0; + int l = 128; + byte[] ki = Hex.Decode("7184596b9489c763b8399b3350e60929965a961c"); IDigest digest = new Sha1Digest(); + IMac prf = new HMac(digest); KdfCounterBytesGenerator gen = new KdfCounterBytesGenerator(prf); + byte[] fixedInputData = Hex.Decode("cd9e9f2b263f7b02eceadd0b532efa971ec28c77b1dbaf23e90e0a85360048ed8d3debbeb224060da0b4bf1e85da2a6ee122253b9e93784ccae35c77"); + KdfCounterParameters param = new KdfCounterParameters(ki, fixedInputData, null, r); + gen.Init(param); + byte[] koGenerated = new byte[l / 8]; + gen.GenerateBytes(koGenerated, 0, koGenerated.Length); + + byte[] koVectors = Hex.Decode("21816e8213fff01e9a9c29e93c6a0b17"); + + compareKO(name, koGenerated, koVectors); + } + } + + [Test] + public void TestHMAC_SHA1_AFTER_FIXED_16_BITS() + { + string name = "HMAC_SHA1_AFTER_FIXED_16_BITS "; + { + int r = 16; + //int count = 0; + int l = 128; + byte[] ki = Hex.Decode("87cb4849bfd2d206c09f6aea565207a733dde270"); IDigest digest = new Sha1Digest(); + IMac prf = new HMac(digest); KdfCounterBytesGenerator gen = new KdfCounterBytesGenerator(prf); + byte[] fixedInputData = Hex.Decode("d1c928a1872febfa53813b7ae057840ecf38f9cd684609a7941a14b4fdfb9dd3fa45aa43854496b73778ec504cb2ffb3b75e6d06d0d7a452e3cc7716"); + KdfCounterParameters param = new KdfCounterParameters(ki, fixedInputData, null, r); + gen.Init(param); + byte[] koGenerated = new byte[l / 8]; + gen.GenerateBytes(koGenerated, 0, koGenerated.Length); + + byte[] koVectors = Hex.Decode("3fdf6a4a85c9b41c35400521168a243e"); + + compareKO(name, koGenerated, koVectors); + } + } + + [Test] + public void TestHMAC_SHA1_AFTER_FIXED_24_BITS() + { + string name = "HMAC_SHA1_AFTER_FIXED_24_BITS "; + { + int r = 24; + //int count = 0; + int l = 128; + byte[] ki = Hex.Decode("af9b01a7b62880584dc30904fc4ee34af814bda4"); IDigest digest = new Sha1Digest(); + IMac prf = new HMac(digest); KdfCounterBytesGenerator gen = new KdfCounterBytesGenerator(prf); + byte[] fixedInputData = Hex.Decode("61715afc4a0ff01c136f97f0768edc621a710da6abb127340ea92f558751117e31ea444f39abe0ba267a4a4039e67ef39e6823fd830db17c04d69cb0"); + KdfCounterParameters param = new KdfCounterParameters(ki, fixedInputData, null, r); + gen.Init(param); + byte[] koGenerated = new byte[l / 8]; + gen.GenerateBytes(koGenerated, 0, koGenerated.Length); + + byte[] koVectors = Hex.Decode("33336e8a1f75ec8116832776d9bad9aa"); + + compareKO(name, koGenerated, koVectors); + } + } + + [Test] + public void TestHMAC_SHA1_AFTER_FIXED_32_BITS() + { + string name = "HMAC_SHA1_AFTER_FIXED_32_BITS "; + { + int r = 32; + //int count = 0; + int l = 128; + byte[] ki = Hex.Decode("bc8ac288eea767df58a425a34412ccaa1444f40b"); IDigest digest = new Sha1Digest(); + IMac prf = new HMac(digest); KdfCounterBytesGenerator gen = new KdfCounterBytesGenerator(prf); + byte[] fixedInputData = Hex.Decode("c593baf7d414650b8e5895acf00c4e1ce1412cf2eebb890dbc8369d8bc483a345419c97db45cf5a8b114ae9c87a7beb7a97ee2acdb54e7e741cfaa03"); + KdfCounterParameters param = new KdfCounterParameters(ki, fixedInputData, null, r); + gen.Init(param); + byte[] koGenerated = new byte[l / 8]; + gen.GenerateBytes(koGenerated, 0, koGenerated.Length); + + byte[] koVectors = Hex.Decode("5a130ef26a2bf93b15e3df244a72db10"); + + compareKO(name, koGenerated, koVectors); + } + } + + [Test] + public void TestHMAC_SHA1_MIDDLE_FIXED_8_BITS() + { + string name = "HMAC_SHA1_MIDDLE_FIXED_8_BITS "; + { + int r = 8; + //int count = 0; + int l = 128; + byte[] ki = Hex.Decode("f3f5dfa9be304476e633ccaec4f988013600e415"); IDigest digest = new Sha1Digest(); + IMac prf = new HMac(digest); KdfCounterBytesGenerator gen = new KdfCounterBytesGenerator(prf); + byte[] DataBeforeCtrData = Hex.Decode("f9de4cf03c3f15cff003e9bad5de4d16eb791417072e1d8fe0375ad434536fcc95bf7eb3ba1704a4899d80946060c4f094f8"); + byte[] DataAfterCtrData = Hex.Decode("fd7a95a129f48ca7a937"); + KdfCounterParameters param = new KdfCounterParameters(ki, DataBeforeCtrData, DataAfterCtrData, r); + gen.Init(param); + byte[] koGenerated = new byte[l / 8]; + gen.GenerateBytes(koGenerated, 0, koGenerated.Length); + + byte[] koVectors = Hex.Decode("0de4ce13a4114687526ecb0f53607867"); + + compareKO(name, koGenerated, koVectors); + } + } + + [Test] + public void TestHMAC_SHA1_MIDDLE_FIXED_16_BITS() + { + string name = "HMAC_SHA1_MIDDLE_FIXED_16_BITS "; + { + int r = 16; + //int count = 0; + int l = 128; + byte[] ki = Hex.Decode("6d85df76f0a7bb8ce5df4f14ebbc77a0037dc327"); IDigest digest = new Sha1Digest(); + IMac prf = new HMac(digest); KdfCounterBytesGenerator gen = new KdfCounterBytesGenerator(prf); + byte[] DataBeforeCtrData = Hex.Decode("bb5f3f1a0aab0c239350943880e6d19698655dc95fe9778e07d007f72924311267a5c3e1c95ad9b0f1b9731be098b453f7ba"); + byte[] DataAfterCtrData = Hex.Decode("88295a9d15d0a5294219"); + KdfCounterParameters param = new KdfCounterParameters(ki, DataBeforeCtrData, DataAfterCtrData, r); + gen.Init(param); + byte[] koGenerated = new byte[l / 8]; + gen.GenerateBytes(koGenerated, 0, koGenerated.Length); + + byte[] koVectors = Hex.Decode("8c088ed7c6bbef7d9e7c55e07b7b0ce5"); + + compareKO(name, koGenerated, koVectors); + } + } + + [Test] + public void TestHMAC_SHA1_MIDDLE_FIXED_24_BITS() + { + string name = "HMAC_SHA1_MIDDLE_FIXED_24_BITS "; + { + int r = 24; + //int count = 0; + int l = 128; + byte[] ki = Hex.Decode("00fbfbfd14d5aea6d837e2c05f2bca244e04e578"); IDigest digest = new Sha1Digest(); + IMac prf = new HMac(digest); KdfCounterBytesGenerator gen = new KdfCounterBytesGenerator(prf); + byte[] DataBeforeCtrData = Hex.Decode("72a9d1693cd99c5bf82475b843859919a7c3b30f2243986a90b1ce790a67831446cc929402256408f910ce6c468ee04f8ebe"); + byte[] DataAfterCtrData = Hex.Decode("5a9b64aafb7c7cacb483"); + KdfCounterParameters param = new KdfCounterParameters(ki, DataBeforeCtrData, DataAfterCtrData, r); + gen.Init(param); + byte[] koGenerated = new byte[l / 8]; + gen.GenerateBytes(koGenerated, 0, koGenerated.Length); + + byte[] koVectors = Hex.Decode("a29ff62f059e3a23ce00f0983f998bb2"); + + compareKO(name, koGenerated, koVectors); + } + } + + [Test] + public void TestHMAC_SHA1_MIDDLE_FIXED_32_BITS() + { + string name = "HMAC_SHA1_MIDDLE_FIXED_32_BITS "; + { + int r = 32; + //int count = 0; + int l = 128; + byte[] ki = Hex.Decode("4e8ec7f7d4b1595f62d400d02e2e8b7634cc5f41"); IDigest digest = new Sha1Digest(); + IMac prf = new HMac(digest); KdfCounterBytesGenerator gen = new KdfCounterBytesGenerator(prf); + byte[] DataBeforeCtrData = Hex.Decode("46fc844d9b22f21fd4f033a180a6e7a0fe5b2fe2675bb64ac1c84eb31fa56aebab35d8e907f291a868d76322c1b01468f9dc"); + byte[] DataAfterCtrData = Hex.Decode("96712d4ad2011956403a"); + KdfCounterParameters param = new KdfCounterParameters(ki, DataBeforeCtrData, DataAfterCtrData, r); + gen.Init(param); + byte[] koGenerated = new byte[l / 8]; + gen.GenerateBytes(koGenerated, 0, koGenerated.Length); + + byte[] koVectors = Hex.Decode("eac2623b46e3abc112a70cac89499744"); + + compareKO(name, koGenerated, koVectors); + } + } + + [Test] + public void TestHMAC_SHA224_BEFORE_FIXED_8_BITS() + { + string name = "HMAC_SHA224_BEFORE_FIXED_8_BITS "; + { + int r = 8; + //int count = 0; + int l = 128; + byte[] ki = Hex.Decode("7e2f7a5ab3e82ef927a005308456823da473787bf33d18a864aca63f"); IDigest digest = new Sha224Digest(); + IMac prf = new HMac(digest); KdfCounterBytesGenerator gen = new KdfCounterBytesGenerator(prf); + byte[] fixedInputData = Hex.Decode("b35695a6e23a765105b87756468d442a53a60cd4225186dc94221c06c5d6f1e98462135656ebca90468a939f29112b811413567d498df9867914d94c"); + KdfCounterParameters param = new KdfCounterParameters(ki, null, fixedInputData, r); + gen.Init(param); + byte[] koGenerated = new byte[l / 8]; + gen.GenerateBytes(koGenerated, 0, koGenerated.Length); + + byte[] koVectors = Hex.Decode("10ba5c6ea609da8fa8abe8be552c97a1"); + + compareKO(name, koGenerated, koVectors); + } + } + + [Test] + public void TestHMAC_SHA224_BEFORE_FIXED_16_BITS() + { + string name = "HMAC_SHA224_BEFORE_FIXED_16_BITS "; + { + int r = 16; + //int count = 0; + int l = 128; + byte[] ki = Hex.Decode("093b2ce84c6175d1723fbe94b9ee963b6251d018fcf8c05c2e3e9b0b"); IDigest digest = new Sha224Digest(); + IMac prf = new HMac(digest); KdfCounterBytesGenerator gen = new KdfCounterBytesGenerator(prf); + byte[] fixedInputData = Hex.Decode("083e114aca1f97166551b03f27b135c0c802294aa4845a46170b26ec0549cb59c70a85557a3fc3a37d23eed6947d50f10c15baf5c52a7b918ca80bf5"); + KdfCounterParameters param = new KdfCounterParameters(ki, null, fixedInputData, r); + gen.Init(param); + byte[] koGenerated = new byte[l / 8]; + gen.GenerateBytes(koGenerated, 0, koGenerated.Length); + + byte[] koVectors = Hex.Decode("94ced61c3665616d4a368f83a7283648"); + + compareKO(name, koGenerated, koVectors); + } + } + + [Test] + public void TestHMAC_SHA224_BEFORE_FIXED_24_BITS() + { + string name = "HMAC_SHA224_BEFORE_FIXED_24_BITS "; + { + int r = 24; + //int count = 0; + int l = 128; + byte[] ki = Hex.Decode("f09e65e8de7500847b43bd95e6c3506e01aadd484e9699b027897542"); IDigest digest = new Sha224Digest(); + IMac prf = new HMac(digest); KdfCounterBytesGenerator gen = new KdfCounterBytesGenerator(prf); + byte[] fixedInputData = Hex.Decode("c20f6188517b2ca10086b9f7f8d6f2d38d66f24193c037008d035f361c6bd74db26aef588a87aa8a1c3cdad2ba0207f7e7b39def0df797c4cb3bf614"); + KdfCounterParameters param = new KdfCounterParameters(ki, null, fixedInputData, r); + gen.Init(param); + byte[] koGenerated = new byte[l / 8]; + gen.GenerateBytes(koGenerated, 0, koGenerated.Length); + + byte[] koVectors = Hex.Decode("73d30c2af54744eb1efb70429f8e303a"); + + compareKO(name, koGenerated, koVectors); + } + } + + [Test] + public void TestHMAC_SHA224_BEFORE_FIXED_32_BITS() + { + string name = "HMAC_SHA224_BEFORE_FIXED_32_BITS "; + { + int r = 32; + //int count = 0; + int l = 128; + byte[] ki = Hex.Decode("f5cb7cc6207f5920dd60155ddb68c3fbbdf5104365305d2c1abcd311"); IDigest digest = new Sha224Digest(); + IMac prf = new HMac(digest); KdfCounterBytesGenerator gen = new KdfCounterBytesGenerator(prf); + byte[] fixedInputData = Hex.Decode("4e5ac7539803da89581ee088c7d10235a10536360054b72b8e9f18f77c25af01019b290656b60428024ce01fccf49022d831941407e6bd27ff9e2d28"); + KdfCounterParameters param = new KdfCounterParameters(ki, null, fixedInputData, r); + gen.Init(param); + byte[] koGenerated = new byte[l / 8]; + gen.GenerateBytes(koGenerated, 0, koGenerated.Length); + + byte[] koVectors = Hex.Decode("0adbaab43edd532b560a322c84ac540e"); + + compareKO(name, koGenerated, koVectors); + } + } + + [Test] + public void TestHMAC_SHA224_AFTER_FIXED_8_BITS() + { + string name = "HMAC_SHA224_AFTER_FIXED_8_BITS "; + { + int r = 8; + //int count = 0; + int l = 128; + byte[] ki = Hex.Decode("ab56556b107a3a79fe084df0f1bb3ad049a6cc1490f20da4b3df282c"); IDigest digest = new Sha224Digest(); + IMac prf = new HMac(digest); KdfCounterBytesGenerator gen = new KdfCounterBytesGenerator(prf); + byte[] fixedInputData = Hex.Decode("7f50fc1f77c3ac752443154c1577d3c47b86fccffe82ff43aa1b91eeb5730d7e9e6aab78374d854aecb7143faba6b1eb90d3d9e7a2f6d78dd9a6c4a7"); + KdfCounterParameters param = new KdfCounterParameters(ki, fixedInputData, null, r); + gen.Init(param); + byte[] koGenerated = new byte[l / 8]; + gen.GenerateBytes(koGenerated, 0, koGenerated.Length); + + byte[] koVectors = Hex.Decode("b8894c6133a46701909b5c8a84322dec"); + + compareKO(name, koGenerated, koVectors); + } + } + + [Test] + public void TestHMAC_SHA224_AFTER_FIXED_16_BITS() + { + string name = "HMAC_SHA224_AFTER_FIXED_16_BITS "; + { + int r = 16; + //int count = 0; + int l = 128; + byte[] ki = Hex.Decode("473905e06f47138e9a4e3b8bdd5ae10dface4ba8f6dd16b142c38e14"); IDigest digest = new Sha224Digest(); + IMac prf = new HMac(digest); KdfCounterBytesGenerator gen = new KdfCounterBytesGenerator(prf); + byte[] fixedInputData = Hex.Decode("4bf2e149227498945b061db33cd4695eb88d1d47b05b344cc01105df91136732eaa3c60f3e0c97a81a00148e390d37f000a6de6f15adfdc676911ae7"); + KdfCounterParameters param = new KdfCounterParameters(ki, fixedInputData, null, r); + gen.Init(param); + byte[] koGenerated = new byte[l / 8]; + gen.GenerateBytes(koGenerated, 0, koGenerated.Length); + + byte[] koVectors = Hex.Decode("125f1ddd2f36cb3262fdc9413fbf88c3"); + + compareKO(name, koGenerated, koVectors); + } + } + + [Test] + public void TestHMAC_SHA224_AFTER_FIXED_24_BITS() + { + string name = "HMAC_SHA224_AFTER_FIXED_24_BITS "; + { + int r = 24; + //int count = 0; + int l = 128; + byte[] ki = Hex.Decode("4435e0203ca73e356595d8c237b549463055b27dc259ef1f31a57e3d"); IDigest digest = new Sha224Digest(); + IMac prf = new HMac(digest); KdfCounterBytesGenerator gen = new KdfCounterBytesGenerator(prf); + byte[] fixedInputData = Hex.Decode("d486f6a5c54f88b6104d078791489d7c1c768bca7ef9f61571fc9a6daeb0acfd113d8623b84d3af98fa732517d3a18aa04c2174592cc261875883df2"); + KdfCounterParameters param = new KdfCounterParameters(ki, fixedInputData, null, r); + gen.Init(param); + byte[] koGenerated = new byte[l / 8]; + gen.GenerateBytes(koGenerated, 0, koGenerated.Length); + + byte[] koVectors = Hex.Decode("dc0bbe8781137001eed5925bfc6d8321"); + + compareKO(name, koGenerated, koVectors); + } + } + + [Test] + public void TestHMAC_SHA224_AFTER_FIXED_32_BITS() + { + string name = "HMAC_SHA224_AFTER_FIXED_32_BITS "; + { + int r = 32; + //int count = 0; + int l = 128; + byte[] ki = Hex.Decode("a31c0ed2aedb5fb260d1307d33db883f681d3efd300efcfd8fe306d7"); IDigest digest = new Sha224Digest(); + IMac prf = new HMac(digest); KdfCounterBytesGenerator gen = new KdfCounterBytesGenerator(prf); + byte[] fixedInputData = Hex.Decode("43ebd9bc28ac01d90b86eccfff188113d1d4703f9f56762206e6d90747c3d20f7ea130727893db5fb6cf18cb59c62bd02599fd3e6403d55139cf862a"); + KdfCounterParameters param = new KdfCounterParameters(ki, fixedInputData, null, r); + gen.Init(param); + byte[] koGenerated = new byte[l / 8]; + gen.GenerateBytes(koGenerated, 0, koGenerated.Length); + + byte[] koVectors = Hex.Decode("4cab02879876d630b6f8aee1c32253ca"); + + compareKO(name, koGenerated, koVectors); + } + } + + [Test] + public void TestHMAC_SHA224_MIDDLE_FIXED_8_BITS() + { + string name = "HMAC_SHA224_MIDDLE_FIXED_8_BITS "; + { + int r = 8; + //int count = 0; + int l = 128; + byte[] ki = Hex.Decode("92edfe9fddd85a3d13f183f57988d45d459657fee0d31679a6a2c293"); IDigest digest = new Sha224Digest(); + IMac prf = new HMac(digest); KdfCounterBytesGenerator gen = new KdfCounterBytesGenerator(prf); + byte[] DataBeforeCtrData = Hex.Decode("598b5733a34c47c2b8c91ce4e6d588eaa3d874a20f430a9748970e499f3ca3d671f038986e084ff9dc1d308728276581864f"); + byte[] DataAfterCtrData = Hex.Decode("4b1aea8ab1bd24b56527"); + KdfCounterParameters param = new KdfCounterParameters(ki, DataBeforeCtrData, DataAfterCtrData, r); + gen.Init(param); + byte[] koGenerated = new byte[l / 8]; + gen.GenerateBytes(koGenerated, 0, koGenerated.Length); + + byte[] koVectors = Hex.Decode("9d68a6108f912bd823025dfb5441ca3f"); + + compareKO(name, koGenerated, koVectors); + } + } + + [Test] + public void TestHMAC_SHA224_MIDDLE_FIXED_16_BITS() + { + string name = "HMAC_SHA224_MIDDLE_FIXED_16_BITS "; + { + int r = 16; + //int count = 0; + int l = 128; + byte[] ki = Hex.Decode("7078b224ee6867f43ac3d2d555bb2dfc935fca44faec5f88124f6e1d"); IDigest digest = new Sha224Digest(); + IMac prf = new HMac(digest); KdfCounterBytesGenerator gen = new KdfCounterBytesGenerator(prf); + byte[] DataBeforeCtrData = Hex.Decode("b9466561ff1bc6d2058bbe708e695601196fda17978188e6264cd57e1fc298f554bb769699c49a825d6e278206f6614cbbae"); + byte[] DataAfterCtrData = Hex.Decode("6f4792fc8bc75a003773"); + KdfCounterParameters param = new KdfCounterParameters(ki, DataBeforeCtrData, DataAfterCtrData, r); + gen.Init(param); + byte[] koGenerated = new byte[l / 8]; + gen.GenerateBytes(koGenerated, 0, koGenerated.Length); + + byte[] koVectors = Hex.Decode("4b81681a8c56d5d6aa2f4d44cae06693"); + + compareKO(name, koGenerated, koVectors); + } + } + + [Test] + public void TestHMAC_SHA224_MIDDLE_FIXED_24_BITS() + { + string name = "HMAC_SHA224_MIDDLE_FIXED_24_BITS "; + { + int r = 24; + //int count = 0; + int l = 128; + byte[] ki = Hex.Decode("8d6af06e28ef54e21463f86cd02335e7efff7cb21215dd05537b8dd6"); IDigest digest = new Sha224Digest(); + IMac prf = new HMac(digest); KdfCounterBytesGenerator gen = new KdfCounterBytesGenerator(prf); + byte[] DataBeforeCtrData = Hex.Decode("acf7fdce77544ce24d135c5040a4ac6ceb38ab7a4e526ac4aef3f2b2d670bf045dac9e5380ef32d4d6b72561797e11fa3e7b"); + byte[] DataAfterCtrData = Hex.Decode("ac233ffa791c96b42569"); + KdfCounterParameters param = new KdfCounterParameters(ki, DataBeforeCtrData, DataAfterCtrData, r); + gen.Init(param); + byte[] koGenerated = new byte[l / 8]; + gen.GenerateBytes(koGenerated, 0, koGenerated.Length); + + byte[] koVectors = Hex.Decode("4261c3e8e28e2dc518f0a048572d8bbe"); + + compareKO(name, koGenerated, koVectors); + } + } + + [Test] + public void TestHMAC_SHA224_MIDDLE_FIXED_32_BITS() + { + string name = "HMAC_SHA224_MIDDLE_FIXED_32_BITS "; + { + int r = 32; + //int count = 0; + int l = 128; + byte[] ki = Hex.Decode("497bb6b1ff3c1d1bbd14a69dd7ccfa500ab9fc60849ce8083a1b2d58"); IDigest digest = new Sha224Digest(); + IMac prf = new HMac(digest); KdfCounterBytesGenerator gen = new KdfCounterBytesGenerator(prf); + byte[] DataBeforeCtrData = Hex.Decode("193819c01c6d73a629ef71d8159e22aa635c7e7c96ceb8b7b4867be2a8f518139c2c678eefd15c9957ad261bd27a78745881"); + byte[] DataAfterCtrData = Hex.Decode("1731446c3dc54a4ae669"); + KdfCounterParameters param = new KdfCounterParameters(ki, DataBeforeCtrData, DataAfterCtrData, r); + gen.Init(param); + byte[] koGenerated = new byte[l / 8]; + gen.GenerateBytes(koGenerated, 0, koGenerated.Length); + + byte[] koVectors = Hex.Decode("9a5a67b2dbf4ade2bc6864da5efd2b56"); + + compareKO(name, koGenerated, koVectors); + } + } + + [Test] + public void TestHMAC_SHA256_BEFORE_FIXED_8_BITS() + { + string name = "HMAC_SHA256_BEFORE_FIXED_8_BITS "; + { + int r = 8; + //int count = 0; + int l = 128; + byte[] ki = Hex.Decode("3edc6b5b8f7aadbd713732b482b8f979286e1ea3b8f8f99c30c884cfe3349b83"); IDigest digest = new Sha256Digest(); + IMac prf = new HMac(digest); KdfCounterBytesGenerator gen = new KdfCounterBytesGenerator(prf); + byte[] fixedInputData = Hex.Decode("98e9988bb4cc8b34d7922e1c68ad692ba2a1d9ae15149571675f17a77ad49e80c8d2a85e831a26445b1f0ff44d7084a17206b4896c8112daad18605a"); + KdfCounterParameters param = new KdfCounterParameters(ki, null, fixedInputData, r); + gen.Init(param); + byte[] koGenerated = new byte[l / 8]; + gen.GenerateBytes(koGenerated, 0, koGenerated.Length); + + byte[] koVectors = Hex.Decode("6c037652990674a07844732d0ad985f9"); + + compareKO(name, koGenerated, koVectors); + } + } + + [Test] + public void TestHMAC_SHA256_BEFORE_FIXED_16_BITS() + { + string name = "HMAC_SHA256_BEFORE_FIXED_16_BITS "; + { + int r = 16; + //int count = 0; + int l = 128; + byte[] ki = Hex.Decode("743434c930fe923c350ec202bef28b768cd6062cf233324e21a86c31f9406583"); IDigest digest = new Sha256Digest(); + IMac prf = new HMac(digest); KdfCounterBytesGenerator gen = new KdfCounterBytesGenerator(prf); + byte[] fixedInputData = Hex.Decode("9bdb8a454bd55ab30ced3fd420fde6d946252c875bfe986ed34927c7f7f0b106dab9cc85b4c702804965eb24c37ad883a8f695587a7b6094d3335bbc"); + KdfCounterParameters param = new KdfCounterParameters(ki, null, fixedInputData, r); + gen.Init(param); + byte[] koGenerated = new byte[l / 8]; + gen.GenerateBytes(koGenerated, 0, koGenerated.Length); + + byte[] koVectors = Hex.Decode("19c8a56db1d2a9afb793dc96fbde4c31"); + + compareKO(name, koGenerated, koVectors); + } + } + + [Test] + public void TestHMAC_SHA256_BEFORE_FIXED_24_BITS() + { + string name = "HMAC_SHA256_BEFORE_FIXED_24_BITS "; + { + int r = 24; + //int count = 0; + int l = 128; + byte[] ki = Hex.Decode("388e93e0273e62f086f52f6f5369d9e4626d143dce3b6afc7caf2c6e7344276b"); IDigest digest = new Sha256Digest(); + IMac prf = new HMac(digest); KdfCounterBytesGenerator gen = new KdfCounterBytesGenerator(prf); + byte[] fixedInputData = Hex.Decode("697bb34b3fbe6853864cac3e1bc6c8c44a4335565479403d949fcbb5e2c1795f9a3849df743389d1a99fe75ef566e6227c591104122a6477dd8e8c8e"); + KdfCounterParameters param = new KdfCounterParameters(ki, null, fixedInputData, r); + gen.Init(param); + byte[] koGenerated = new byte[l / 8]; + gen.GenerateBytes(koGenerated, 0, koGenerated.Length); + + byte[] koVectors = Hex.Decode("d697442b3dd51f96cae949586357b9a6"); + + compareKO(name, koGenerated, koVectors); + } + } + + [Test] + public void TestHMAC_SHA256_BEFORE_FIXED_32_BITS() + { + string name = "HMAC_SHA256_BEFORE_FIXED_32_BITS "; + { + int r = 32; + //int count = 0; + int l = 128; + byte[] ki = Hex.Decode("dd1d91b7d90b2bd3138533ce92b272fbf8a369316aefe242e659cc0ae238afe0"); IDigest digest = new Sha256Digest(); + IMac prf = new HMac(digest); KdfCounterBytesGenerator gen = new KdfCounterBytesGenerator(prf); + byte[] fixedInputData = Hex.Decode("01322b96b30acd197979444e468e1c5c6859bf1b1cf951b7e725303e237e46b864a145fab25e517b08f8683d0315bb2911d80a0e8aba17f3b413faac"); + KdfCounterParameters param = new KdfCounterParameters(ki, null, fixedInputData, r); + gen.Init(param); + byte[] koGenerated = new byte[l / 8]; + gen.GenerateBytes(koGenerated, 0, koGenerated.Length); + + byte[] koVectors = Hex.Decode("10621342bfb0fd40046c0e29f2cfdbf0"); + + compareKO(name, koGenerated, koVectors); + } + } + + [Test] + public void TestHMAC_SHA256_AFTER_FIXED_8_BITS() + { + string name = "HMAC_SHA256_AFTER_FIXED_8_BITS "; + { + int r = 8; + //int count = 0; + int l = 128; + byte[] ki = Hex.Decode("08d0a37d2e2fb84d44838efaeac28135d964b0daf154369783cfe007fa883966"); IDigest digest = new Sha256Digest(); + IMac prf = new HMac(digest); KdfCounterBytesGenerator gen = new KdfCounterBytesGenerator(prf); + byte[] fixedInputData = Hex.Decode("80866d761e34084b45ea668a25deabffdbca446aa0bf793bccdf3790d584d26056315a4c060ac7b1b01cace96ba97e8fed81953c8b82ba5132dd1713"); + KdfCounterParameters param = new KdfCounterParameters(ki, fixedInputData, null, r); + gen.Init(param); + byte[] koGenerated = new byte[l / 8]; + gen.GenerateBytes(koGenerated, 0, koGenerated.Length); + + byte[] koVectors = Hex.Decode("8f5b47d23d5d3ba632acdf6543509bd8"); + + compareKO(name, koGenerated, koVectors); + } + } + + [Test] + public void TestHMAC_SHA256_AFTER_FIXED_16_BITS() + { + string name = "HMAC_SHA256_AFTER_FIXED_16_BITS "; + { + int r = 16; + //int count = 0; + int l = 128; + byte[] ki = Hex.Decode("3b11d0b6f1b49d1a41eecc7448766bbfee47d32a28a3f2be3d3b5f21c4d1e6c6"); IDigest digest = new Sha256Digest(); + IMac prf = new HMac(digest); KdfCounterBytesGenerator gen = new KdfCounterBytesGenerator(prf); + byte[] fixedInputData = Hex.Decode("a6aca3725e8687268cd9cefcc4f3799090568e777a18e82569922463658c4e8fce319316edc172eae3c7e4f4224ffe7d72730ec2f8472f80122a5cc0"); + KdfCounterParameters param = new KdfCounterParameters(ki, fixedInputData, null, r); + gen.Init(param); + byte[] koGenerated = new byte[l / 8]; + gen.GenerateBytes(koGenerated, 0, koGenerated.Length); + + byte[] koVectors = Hex.Decode("fffbde92bad6dbfc61953b78c47f7b93"); + + compareKO(name, koGenerated, koVectors); + } + } + + [Test] + public void TestHMAC_SHA256_AFTER_FIXED_24_BITS() + { + string name = "HMAC_SHA256_AFTER_FIXED_24_BITS "; + { + int r = 24; + //int count = 0; + int l = 128; + byte[] ki = Hex.Decode("585245d11e0b69d10e2ea39c76c8625003aa775037e476009856ac8e3e9f9b48"); IDigest digest = new Sha256Digest(); + IMac prf = new HMac(digest); KdfCounterBytesGenerator gen = new KdfCounterBytesGenerator(prf); + byte[] fixedInputData = Hex.Decode("1b8234e4a0c9f674fd6f29965bd03df4a8d30b17cf95b058ac46bc2fe9d8ec79a004a2e11165ae3131b9b9440abf9a6fded0d31af468aa56fee00158"); + KdfCounterParameters param = new KdfCounterParameters(ki, fixedInputData, null, r); + gen.Init(param); + byte[] koGenerated = new byte[l / 8]; + gen.GenerateBytes(koGenerated, 0, koGenerated.Length); + + byte[] koVectors = Hex.Decode("73781a39ab0f3cdae0d8ea9649ecbe9b"); + + compareKO(name, koGenerated, koVectors); + } + } + + [Test] + public void TestHMAC_SHA256_AFTER_FIXED_32_BITS() + { + string name = "HMAC_SHA256_AFTER_FIXED_32_BITS "; + { + int r = 32; + //int count = 0; + int l = 128; + byte[] ki = Hex.Decode("ec8674a48a7baf28f865e63a3e8313fd55a09c8a46fb491916a871d1e65ab7f4"); IDigest digest = new Sha256Digest(); + IMac prf = new HMac(digest); KdfCounterBytesGenerator gen = new KdfCounterBytesGenerator(prf); + byte[] fixedInputData = Hex.Decode("808772849ce4e97060618f8e510419a82d78a72ff265aa247335069fc73eca8df5276c850b5f052f0551da5319bb9e39318a820b167c6f999c67d4ae"); + KdfCounterParameters param = new KdfCounterParameters(ki, fixedInputData, null, r); + gen.Init(param); + byte[] koGenerated = new byte[l / 8]; + gen.GenerateBytes(koGenerated, 0, koGenerated.Length); + + byte[] koVectors = Hex.Decode("9417ee14f9ebeb2e2c7bce18aa56a1a5"); + + compareKO(name, koGenerated, koVectors); + } + } + + [Test] + public void TestHMAC_SHA256_MIDDLE_FIXED_8_BITS() + { + string name = "HMAC_SHA256_MIDDLE_FIXED_8_BITS "; + { + int r = 8; + //int count = 0; + int l = 128; + byte[] ki = Hex.Decode("6fd0f7b67db5b9ef0fd21d4408dae15af5524b00e8d583e9872760ebf6d53397"); IDigest digest = new Sha256Digest(); + IMac prf = new HMac(digest); KdfCounterBytesGenerator gen = new KdfCounterBytesGenerator(prf); + byte[] DataBeforeCtrData = Hex.Decode("fc67e8cd41dcb339fe376892b3c196ad4d70573e031cebac67bb32a00a878d0064446a98fcce9ccaa6d8d388e3cbdfb8dcc6"); + byte[] DataAfterCtrData = Hex.Decode("e9798604020da472f161"); + KdfCounterParameters param = new KdfCounterParameters(ki, DataBeforeCtrData, DataAfterCtrData, r); + gen.Init(param); + byte[] koGenerated = new byte[l / 8]; + gen.GenerateBytes(koGenerated, 0, koGenerated.Length); + + byte[] koVectors = Hex.Decode("b24833fe4a28f84fb4341bc42abc4ae6"); + + compareKO(name, koGenerated, koVectors); + } + } + + [Test] + public void TestHMAC_SHA256_MIDDLE_FIXED_16_BITS() + { + string name = "HMAC_SHA256_MIDDLE_FIXED_16_BITS "; + { + int r = 16; + //int count = 0; + int l = 128; + byte[] ki = Hex.Decode("e4f6a0b7bc8941f115f9523a050f527687213a4236bb8047d9ec6671be35278c"); IDigest digest = new Sha256Digest(); + IMac prf = new HMac(digest); KdfCounterBytesGenerator gen = new KdfCounterBytesGenerator(prf); + byte[] DataBeforeCtrData = Hex.Decode("883c38f759847b142a05ba28152a391b826468fda0a269d55248d1c3daf2e66fe91c20b85c57f6b5464903bc93500e5bee04"); + byte[] DataAfterCtrData = Hex.Decode("9c52c875593e59580155"); + KdfCounterParameters param = new KdfCounterParameters(ki, DataBeforeCtrData, DataAfterCtrData, r); + gen.Init(param); + byte[] koGenerated = new byte[l / 8]; + gen.GenerateBytes(koGenerated, 0, koGenerated.Length); + + byte[] koVectors = Hex.Decode("c9f14ec1dbc676ac650ffcd143bf5c5c"); + + compareKO(name, koGenerated, koVectors); + } + } + + [Test] + public void TestHMAC_SHA256_MIDDLE_FIXED_24_BITS() + { + string name = "HMAC_SHA256_MIDDLE_FIXED_24_BITS "; + { + int r = 24; + //int count = 0; + int l = 128; + byte[] ki = Hex.Decode("367fc005cb2565a92cf8b1cfdf4869ccad04c9fdfc8250d027d82a33cd0b36e0"); IDigest digest = new Sha256Digest(); + IMac prf = new HMac(digest); KdfCounterBytesGenerator gen = new KdfCounterBytesGenerator(prf); + byte[] DataBeforeCtrData = Hex.Decode("f3a71b1465972703773ec0c92681bc27e626587fe683a07fed69c9bb0a1053afa1ec187cf26fa9dd8c690f415af98d442470"); + byte[] DataAfterCtrData = Hex.Decode("b9dc98f750c71d74e243"); + KdfCounterParameters param = new KdfCounterParameters(ki, DataBeforeCtrData, DataAfterCtrData, r); + gen.Init(param); + byte[] koGenerated = new byte[l / 8]; + gen.GenerateBytes(koGenerated, 0, koGenerated.Length); + + byte[] koVectors = Hex.Decode("67301e0b417c5af335caee31b3e620c3"); + + compareKO(name, koGenerated, koVectors); + } + } + + [Test] + public void TestHMAC_SHA256_MIDDLE_FIXED_32_BITS() + { + string name = "HMAC_SHA256_MIDDLE_FIXED_32_BITS "; + { + int r = 32; + //int count = 0; + int l = 128; + byte[] ki = Hex.Decode("60e118235b5fca0b15f8dbe6109b6a1a2f9d0d6f69cecfb5f65d4eb5a1c00a36"); IDigest digest = new Sha256Digest(); + IMac prf = new HMac(digest); KdfCounterBytesGenerator gen = new KdfCounterBytesGenerator(prf); + byte[] DataBeforeCtrData = Hex.Decode("3c04bf77b146ef5842daafe19edb9530b7d19b3519aa5c7e797ca5cea0d82ddea484d87d735e3541cf0ba1505cf5c45d8067"); + byte[] DataAfterCtrData = Hex.Decode("9803f3f48ea0a23e2856"); + KdfCounterParameters param = new KdfCounterParameters(ki, DataBeforeCtrData, DataAfterCtrData, r); + gen.Init(param); + byte[] koGenerated = new byte[l / 8]; + gen.GenerateBytes(koGenerated, 0, koGenerated.Length); + + byte[] koVectors = Hex.Decode("d296bb7b1707c9109d19abf026c141f8"); + + compareKO(name, koGenerated, koVectors); + } + } + + [Test] + public void TestHMAC_SHA384_BEFORE_FIXED_8_BITS() + { + string name = "HMAC_SHA384_BEFORE_FIXED_8_BITS "; + { + int r = 8; + //int count = 0; + int l = 128; + byte[] ki = Hex.Decode("0be1999848a7a14a555649048fcadf2f644304d163190dc9b23a21b80e3c8c373515d6267d9c5cfd31b560ffd6a2cd5c"); IDigest digest = new Sha384Digest(); + IMac prf = new HMac(digest); KdfCounterBytesGenerator gen = new KdfCounterBytesGenerator(prf); + byte[] fixedInputData = Hex.Decode("11340cfbdb40f20f84cac4b8455bdd76c730adcecd0484af9011bacd46e22ff2d87755dfb4d5ba7217c37cb83259bdbe0983cc716adc2e6c826ed53c"); + KdfCounterParameters param = new KdfCounterParameters(ki, null, fixedInputData, r); + gen.Init(param); + byte[] koGenerated = new byte[l / 8]; + gen.GenerateBytes(koGenerated, 0, koGenerated.Length); + + byte[] koVectors = Hex.Decode("c2ea7454de25afb27065f4676a392385"); + + compareKO(name, koGenerated, koVectors); + } + } + + [Test] + public void TestHMAC_SHA384_BEFORE_FIXED_16_BITS() + { + string name = "HMAC_SHA384_BEFORE_FIXED_16_BITS "; + { + int r = 16; + //int count = 0; + int l = 128; + byte[] ki = Hex.Decode("26ef897e4b617b597f766ec8d8ccf44c543e790a7d218f029dcb4a3695ae2caccce9d3e935f6741581f2f53e49cd46f8"); IDigest digest = new Sha384Digest(); + IMac prf = new HMac(digest); KdfCounterBytesGenerator gen = new KdfCounterBytesGenerator(prf); + byte[] fixedInputData = Hex.Decode("bc2c728f9dc6db426dd4e85fdb493826a31fec0607644209f9bf2264b6401b5db3004c1a76aa08d93f08d3d9e2ba434b682e480004fb0d9271a8e8cd"); + KdfCounterParameters param = new KdfCounterParameters(ki, null, fixedInputData, r); + gen.Init(param); + byte[] koGenerated = new byte[l / 8]; + gen.GenerateBytes(koGenerated, 0, koGenerated.Length); + + byte[] koVectors = Hex.Decode("a43d31f07f0ee484455ae11805803f60"); + + compareKO(name, koGenerated, koVectors); + } + } + + [Test] + public void TestHMAC_SHA384_BEFORE_FIXED_24_BITS() + { + string name = "HMAC_SHA384_BEFORE_FIXED_24_BITS "; + { + int r = 24; + //int count = 0; + int l = 128; + byte[] ki = Hex.Decode("4fab4f1e3512b5f443ec31d2f6425d5f0fc13a5f82c83f72788a48a1bd499495ff18fb7acc0d4c1666c99db12e28f725"); IDigest digest = new Sha384Digest(); + IMac prf = new HMac(digest); KdfCounterBytesGenerator gen = new KdfCounterBytesGenerator(prf); + byte[] fixedInputData = Hex.Decode("f0f010f99fbd8ec1bd0f23cd12bb41b2b8acb8713bb031f927e439f616e6ae27aed3f5582f8206893deea1204df125cedce35ce2b01b32bcefb388fd"); + KdfCounterParameters param = new KdfCounterParameters(ki, null, fixedInputData, r); + gen.Init(param); + byte[] koGenerated = new byte[l / 8]; + gen.GenerateBytes(koGenerated, 0, koGenerated.Length); + + byte[] koVectors = Hex.Decode("c3c263b5aa6d0cfe5304a7c9d21a44ba"); + + compareKO(name, koGenerated, koVectors); + } + } + + [Test] + public void TestHMAC_SHA384_BEFORE_FIXED_32_BITS() + { + string name = "HMAC_SHA384_BEFORE_FIXED_32_BITS "; + { + int r = 32; + //int count = 0; + int l = 128; + byte[] ki = Hex.Decode("216ed044769c4c3908188ece61601af8819c30f501d12995df608e06f5e0e607ab54f542ee2da41906dfdb4971f20f9d"); IDigest digest = new Sha384Digest(); + IMac prf = new HMac(digest); KdfCounterBytesGenerator gen = new KdfCounterBytesGenerator(prf); + byte[] fixedInputData = Hex.Decode("638e9506a2c7be69ea346b84629a010c0e225b7548f508162c89f29c1ddbfd70472c2b58e7dc8aa6a5b06602f1c8ed4948cda79c62708218e26ac0e2"); + KdfCounterParameters param = new KdfCounterParameters(ki, null, fixedInputData, r); + gen.Init(param); + byte[] koGenerated = new byte[l / 8]; + gen.GenerateBytes(koGenerated, 0, koGenerated.Length); + + byte[] koVectors = Hex.Decode("d4b144bb40c7cabed13963d7d4318e72"); + + compareKO(name, koGenerated, koVectors); + } + } + + [Test] + public void TestHMAC_SHA384_AFTER_FIXED_8_BITS() + { + string name = "HMAC_SHA384_AFTER_FIXED_8_BITS "; + { + int r = 8; + //int count = 0; + int l = 128; + byte[] ki = Hex.Decode("a63c1e7cb3b65787dcece40a6707a3d1211875dc2dfe3442c186bccc9268b1e746f308ae4340821b31249836c752cb6f"); IDigest digest = new Sha384Digest(); + IMac prf = new HMac(digest); KdfCounterBytesGenerator gen = new KdfCounterBytesGenerator(prf); + byte[] fixedInputData = Hex.Decode("1b370439c68c164c8ee6aea1250babf3adb77f8704f262bdf77e481660213067ec81b8c0491e6df2b42dce7f86e29906dab8c022f2a6dac1c1de5757"); + KdfCounterParameters param = new KdfCounterParameters(ki, fixedInputData, null, r); + gen.Init(param); + byte[] koGenerated = new byte[l / 8]; + gen.GenerateBytes(koGenerated, 0, koGenerated.Length); + + byte[] koVectors = Hex.Decode("e65f13d21fb0349e9646b1f0d23910c7"); + + compareKO(name, koGenerated, koVectors); + } + } + + [Test] + public void TestHMAC_SHA384_AFTER_FIXED_16_BITS() + { + string name = "HMAC_SHA384_AFTER_FIXED_16_BITS "; + { + int r = 16; + //int count = 0; + int l = 128; + byte[] ki = Hex.Decode("b405fe54dd52824cf0c298f941878bfe08baf6c77f544b2331dda0cc488fb60e89ad4689053d2f83fa87573b69a6ff54"); IDigest digest = new Sha384Digest(); + IMac prf = new HMac(digest); KdfCounterBytesGenerator gen = new KdfCounterBytesGenerator(prf); + byte[] fixedInputData = Hex.Decode("23212d6e35fecb50feb7c96ab387afbe5604a9658447cf372b18e2de2d119ae4f92e71b81f894510ef9abe3ee3b98b64d96365ebada29a5102dc162b"); + KdfCounterParameters param = new KdfCounterParameters(ki, fixedInputData, null, r); + gen.Init(param); + byte[] koGenerated = new byte[l / 8]; + gen.GenerateBytes(koGenerated, 0, koGenerated.Length); + + byte[] koVectors = Hex.Decode("06b556696ecc5269f56ecd3bb81220a4"); + + compareKO(name, koGenerated, koVectors); + } + } + + [Test] + public void TestHMAC_SHA384_AFTER_FIXED_24_BITS() + { + string name = "HMAC_SHA384_AFTER_FIXED_24_BITS "; + { + int r = 24; + //int count = 0; + int l = 128; + byte[] ki = Hex.Decode("41d9d61dbf3ce97a65efb73a871a63171160af827a4c29e0637ec07c3d04c32493fff643b86ebc91a73e197d787323cb"); IDigest digest = new Sha384Digest(); + IMac prf = new HMac(digest); KdfCounterBytesGenerator gen = new KdfCounterBytesGenerator(prf); + byte[] fixedInputData = Hex.Decode("333f7e640f8a520601cbe5abfe0235031560501bb722918547dcd9313ca77edf207c088400389a2f91f69a5cb3598bc1aa1897eb2b8f8faba8d3781c"); + KdfCounterParameters param = new KdfCounterParameters(ki, fixedInputData, null, r); + gen.Init(param); + byte[] koGenerated = new byte[l / 8]; + gen.GenerateBytes(koGenerated, 0, koGenerated.Length); + + byte[] koVectors = Hex.Decode("31121ceaa2246e44e924a1e74861684b"); + + compareKO(name, koGenerated, koVectors); + } + } + + [Test] + public void TestHMAC_SHA384_AFTER_FIXED_32_BITS() + { + string name = "HMAC_SHA384_AFTER_FIXED_32_BITS "; + { + int r = 32; + //int count = 0; + int l = 128; + byte[] ki = Hex.Decode("0afcbfc7257a9d2385a559dbe218f05bac917b6223ab50c7452eb37715e617f3878c463b15fb5b98e98c61182a5df745"); IDigest digest = new Sha384Digest(); + IMac prf = new HMac(digest); KdfCounterBytesGenerator gen = new KdfCounterBytesGenerator(prf); + byte[] fixedInputData = Hex.Decode("bf9f949e4599a6aa5dfd415e38c155934b93bb5b784080ae234d8a6d731a46787ade4e828f123cf0af8dbb9e4169c0b114d834cdf574fbe913e90f85"); + KdfCounterParameters param = new KdfCounterParameters(ki, fixedInputData, null, r); + gen.Init(param); + byte[] koGenerated = new byte[l / 8]; + gen.GenerateBytes(koGenerated, 0, koGenerated.Length); + + byte[] koVectors = Hex.Decode("8d6e5473338b67f17270a4f692abf964"); + + compareKO(name, koGenerated, koVectors); + } + } + + [Test] + public void TestHMAC_SHA384_MIDDLE_FIXED_8_BITS() + { + string name = "HMAC_SHA384_MIDDLE_FIXED_8_BITS "; + { + int r = 8; + //int count = 0; + int l = 128; + byte[] ki = Hex.Decode("0f5541afd9cfa90bd50e1e85570f65a6df52bf095066cdcbd4e315771e9e0e79d10397f6e65404c504f0a32d22abd18b"); IDigest digest = new Sha384Digest(); + IMac prf = new HMac(digest); KdfCounterBytesGenerator gen = new KdfCounterBytesGenerator(prf); + byte[] DataBeforeCtrData = Hex.Decode("f786505898ec51ad62cdd5a8f0f5704c0d3695e9d896df81b419b7c779aca7123857f4fc2080b838424639ad3fd0c0699247"); + byte[] DataAfterCtrData = Hex.Decode("071e59d0b5ece3908610"); + KdfCounterParameters param = new KdfCounterParameters(ki, DataBeforeCtrData, DataAfterCtrData, r); + gen.Init(param); + byte[] koGenerated = new byte[l / 8]; + gen.GenerateBytes(koGenerated, 0, koGenerated.Length); + + byte[] koVectors = Hex.Decode("62bc4ed7ff05f418ad6ea3668e43d840"); + + compareKO(name, koGenerated, koVectors); + } + } + + [Test] + public void TestHMAC_SHA384_MIDDLE_FIXED_16_BITS() + { + string name = "HMAC_SHA384_MIDDLE_FIXED_16_BITS "; + { + int r = 16; + //int count = 0; + int l = 128; + byte[] ki = Hex.Decode("2fdfe31fc474ee16d4720224cffa1d45213bbce5b7c3252415e40c57980cfe8d1c6f21fad1efb45c67e927f4d803ee3e"); IDigest digest = new Sha384Digest(); + IMac prf = new HMac(digest); KdfCounterBytesGenerator gen = new KdfCounterBytesGenerator(prf); + byte[] DataBeforeCtrData = Hex.Decode("859b5182957ddd103f260881176bad643a44133904970a65624f089e67ecbc8d03d95813226105b9b2d8fdfd9dd3d32c62d2"); + byte[] DataAfterCtrData = Hex.Decode("e97ce65057ad64fe300a"); + KdfCounterParameters param = new KdfCounterParameters(ki, DataBeforeCtrData, DataAfterCtrData, r); + gen.Init(param); + byte[] koGenerated = new byte[l / 8]; + gen.GenerateBytes(koGenerated, 0, koGenerated.Length); + + byte[] koVectors = Hex.Decode("9f5dae27f4045d41c117b166354e4b81"); + + compareKO(name, koGenerated, koVectors); + } + } + + [Test] + public void TestHMAC_SHA384_MIDDLE_FIXED_24_BITS() + { + string name = "HMAC_SHA384_MIDDLE_FIXED_24_BITS "; + { + int r = 24; + //int count = 0; + int l = 128; + byte[] ki = Hex.Decode("dfbb581823c48942933ba98b8c375da2d8e3dddbea5008661b1796652da6c1f355e27a2bc5dd30e74780e6079e1682b4"); IDigest digest = new Sha384Digest(); + IMac prf = new HMac(digest); KdfCounterBytesGenerator gen = new KdfCounterBytesGenerator(prf); + byte[] DataBeforeCtrData = Hex.Decode("ee7fea1606bee7c21f5ba847b5016826d1ab39c1962f6eaf3a454f0d101e58ea406d12f15ef67fc8b2b21653cfe92751f735"); + byte[] DataAfterCtrData = Hex.Decode("3faee91c54e2ae42fcf2"); + KdfCounterParameters param = new KdfCounterParameters(ki, DataBeforeCtrData, DataAfterCtrData, r); + gen.Init(param); + byte[] koGenerated = new byte[l / 8]; + gen.GenerateBytes(koGenerated, 0, koGenerated.Length); + + byte[] koVectors = Hex.Decode("4053e986be8a84172f4b4c5c687e603b"); + + compareKO(name, koGenerated, koVectors); + } + } + + [Test] + public void TestHMAC_SHA384_MIDDLE_FIXED_32_BITS() + { + string name = "HMAC_SHA384_MIDDLE_FIXED_32_BITS "; + { + int r = 32; + //int count = 0; + int l = 128; + byte[] ki = Hex.Decode("dabfd087e001767172bfc631a0d243494adbf243112a4525e24a1ce279854a4635621b17334360d3818ed4feeb28d2fd"); IDigest digest = new Sha384Digest(); + IMac prf = new HMac(digest); KdfCounterBytesGenerator gen = new KdfCounterBytesGenerator(prf); + byte[] DataBeforeCtrData = Hex.Decode("8e65bda5193e65bc834c39061e0b5adfc11d6617737b8d8840f344d218af772192ef2d45527cde0dfb17aac540449c93bd91"); + byte[] DataAfterCtrData = Hex.Decode("c6bf28ad1b04d8e5ad93"); + KdfCounterParameters param = new KdfCounterParameters(ki, DataBeforeCtrData, DataAfterCtrData, r); + gen.Init(param); + byte[] koGenerated = new byte[l / 8]; + gen.GenerateBytes(koGenerated, 0, koGenerated.Length); + + byte[] koVectors = Hex.Decode("87f063a791e28781073c4091ad80ef46"); + + compareKO(name, koGenerated, koVectors); + } + } + + [Test] + public void TestHMAC_SHA512_BEFORE_FIXED_8_BITS() + { + string name = "HMAC_SHA512_BEFORE_FIXED_8_BITS "; + { + int r = 8; + //int count = 0; + int l = 128; + byte[] ki = Hex.Decode("6ea2c385bb3e7bbafc2225cee1d3ee103ce300c1fdf033d0c1e99c57e6a596e037020838e857c0434040b58a5ca5410be672b888ef9955bdd54eb6a67416ff6a"); IDigest digest = new Sha512Digest(); IMac prf = new HMac(digest); KdfCounterBytesGenerator gen = new KdfCounterBytesGenerator(prf); + byte[] fixedInputData = Hex.Decode("be119901ed8679b243508b97663f35da322774d7d2012d6557da6657c1176a115ebc73b0f1bfa1dba6b8c3b124f0a47cff2998b230c955b0ea809784"); + KdfCounterParameters param = new KdfCounterParameters(ki, null, fixedInputData, r); + gen.Init(param); + byte[] koGenerated = new byte[l / 8]; + gen.GenerateBytes(koGenerated, 0, koGenerated.Length); + + byte[] koVectors = Hex.Decode("e0755fa6f116ef7a8e8361f47fd57511"); + + compareKO(name, koGenerated, koVectors); + } + } + + [Test] + public void TestHMAC_SHA512_BEFORE_FIXED_16_BITS() + { + string name = "HMAC_SHA512_BEFORE_FIXED_16_BITS "; + { + int r = 16; + //int count = 0; + int l = 128; + byte[] ki = Hex.Decode("bb0c55c7201ceb2e1369a6c49e2cdc1ae5e4cd1d64638105072c3a9172b2fa6a127c4d6d55132585fb2644b5ae3cf9d347875e0d0bf80945eaabef3b4319605e"); IDigest digest = new Sha512Digest(); IMac prf = new HMac(digest); KdfCounterBytesGenerator gen = new KdfCounterBytesGenerator(prf); + byte[] fixedInputData = Hex.Decode("89bf925033f00635c100e2c88a98ad9f08cd6a002b934617d4ebfffc0fe9bca1d19bd942da3704da127c7493cc62c67f507c415e4cb67d7d0be70005"); + KdfCounterParameters param = new KdfCounterParameters(ki, null, fixedInputData, r); + gen.Init(param); + byte[] koGenerated = new byte[l / 8]; + gen.GenerateBytes(koGenerated, 0, koGenerated.Length); + + byte[] koVectors = Hex.Decode("05efd62522beb9bfff6492ecd24501a7"); + + compareKO(name, koGenerated, koVectors); + } + } + + [Test] + public void TestHMAC_SHA512_BEFORE_FIXED_24_BITS() + { + string name = "HMAC_SHA512_BEFORE_FIXED_24_BITS "; + { + int r = 24; + //int count = 0; + int l = 128; + byte[] ki = Hex.Decode("d10933b0683f6787c33eccea1c311b8444270504fb3980bfd56443ba4068722184c31541d9174f71068b7789440bc34cec456e115067f9c65a5f2883c6868204"); IDigest digest = new Sha512Digest(); IMac prf = new HMac(digest); KdfCounterBytesGenerator gen = new KdfCounterBytesGenerator(prf); + byte[] fixedInputData = Hex.Decode("dcb2ea8d715821d6393bd49a3e35f69a6c2519edb614f80fbc3f7ae1d65ff4a04c499e75d08819a09092ddaadba510e03cb2ac898804590dbd61fb7e"); + KdfCounterParameters param = new KdfCounterParameters(ki, null, fixedInputData, r); + gen.Init(param); + byte[] koGenerated = new byte[l / 8]; + gen.GenerateBytes(koGenerated, 0, koGenerated.Length); + + byte[] koVectors = Hex.Decode("876d73040d03d569e2fcae33b241d98e"); + + compareKO(name, koGenerated, koVectors); + } + } + + [Test] + public void TestHMAC_SHA512_BEFORE_FIXED_32_BITS() + { + string name = "HMAC_SHA512_BEFORE_FIXED_32_BITS "; + { + int r = 32; + //int count = 0; + int l = 128; + byte[] ki = Hex.Decode("dd5dbd45593ee2ac139748e7645b450f223d2ff297b73fd71cbcebe71d41653c950b88500de5322d99ef18dfdd30428294c4b3094f4c954334e593bd982ec614"); IDigest digest = new Sha512Digest(); IMac prf = new HMac(digest); KdfCounterBytesGenerator gen = new KdfCounterBytesGenerator(prf); + byte[] fixedInputData = Hex.Decode("b50b0c963c6b3034b8cf19cd3f5c4ebe4f4985af0c03e575db62e6fdf1ecfe4f28b95d7ce16df85843246e1557ce95bb26cc9a21974bbd2eb69e8355"); + KdfCounterParameters param = new KdfCounterParameters(ki, null, fixedInputData, r); + gen.Init(param); + byte[] koGenerated = new byte[l / 8]; + gen.GenerateBytes(koGenerated, 0, koGenerated.Length); + + byte[] koVectors = Hex.Decode("e5993bf9bd2aa1c45746042e12598155"); + + compareKO(name, koGenerated, koVectors); + } + } + + [Test] + public void TestHMAC_SHA512_AFTER_FIXED_8_BITS() + { + string name = "HMAC_SHA512_AFTER_FIXED_8_BITS "; + { + int r = 8; + //int count = 0; + int l = 128; + byte[] ki = Hex.Decode("ab052ef2e9137415060435b9a73a67623e07f3467981fe8093c440973658851028c86e44a1fd9100b413792f14e257683aa74b83ecd96d24c862c2263a496cfb"); IDigest digest = new Sha512Digest(); IMac prf = new HMac(digest); KdfCounterBytesGenerator gen = new KdfCounterBytesGenerator(prf); + byte[] fixedInputData = Hex.Decode("668831e2701803581eb9083a0928cc00d83a3c19ca4df061d155a880a66ba24857ad6f4bd7a67382215b5b9d81b37737d74f7a5ef78486aeea2f9ac1"); + KdfCounterParameters param = new KdfCounterParameters(ki, fixedInputData, null, r); + gen.Init(param); + byte[] koGenerated = new byte[l / 8]; + gen.GenerateBytes(koGenerated, 0, koGenerated.Length); + + byte[] koVectors = Hex.Decode("6ec2b089107021463bae15f8f5c771ab"); + + compareKO(name, koGenerated, koVectors); + } + } + + [Test] + public void TestHMAC_SHA512_AFTER_FIXED_16_BITS() + { + string name = "HMAC_SHA512_AFTER_FIXED_16_BITS "; + { + int r = 16; + //int count = 0; + int l = 128; + byte[] ki = Hex.Decode("8c38d9f55e75b83b92ca7cda2df3e384a47445620aaa5b74ec74399a2ad5d3ba2b65970916e49bd0b01ec03563c3652962a3438a1c06bfbf6c6bd7586b41841a"); IDigest digest = new Sha512Digest(); IMac prf = new HMac(digest); KdfCounterBytesGenerator gen = new KdfCounterBytesGenerator(prf); + byte[] fixedInputData = Hex.Decode("45668072071d4f12af25cb2140a7e2f09ef62942bceb5ba9b87c57e233b3656a572ae38a1466566a8be649c79f479c255cb8d3821c02c75cb5171884"); + KdfCounterParameters param = new KdfCounterParameters(ki, fixedInputData, null, r); + gen.Init(param); + byte[] koGenerated = new byte[l / 8]; + gen.GenerateBytes(koGenerated, 0, koGenerated.Length); + + byte[] koVectors = Hex.Decode("06332aacfe5942eaa931902d83f692ad"); + + compareKO(name, koGenerated, koVectors); + } + } + + [Test] + public void TestHMAC_SHA512_AFTER_FIXED_24_BITS() + { + string name = "HMAC_SHA512_AFTER_FIXED_24_BITS "; + { + int r = 24; + //int count = 0; + int l = 128; + byte[] ki = Hex.Decode("63bd6f4163b34ece4477605db93e6eb7f4a8c0707471b081d8bdfce44e5823b62d346fa60a3d338c675eba7e5c0920f50197872af24a124d3bb20c45d30dbd99"); IDigest digest = new Sha512Digest(); IMac prf = new HMac(digest); KdfCounterBytesGenerator gen = new KdfCounterBytesGenerator(prf); + byte[] fixedInputData = Hex.Decode("699bc682c47f969db1d62ffd906711d34ebdb9fccd597e6f5ecc7d7258b8574947307cafa369ece5a4da3cc6d1fcc669f51db24a10112cc5cd9070dc"); + KdfCounterParameters param = new KdfCounterParameters(ki, fixedInputData, null, r); + gen.Init(param); + byte[] koGenerated = new byte[l / 8]; + gen.GenerateBytes(koGenerated, 0, koGenerated.Length); + + byte[] koVectors = Hex.Decode("6cedc5f5cf879f9f758f0de04f2ce145"); + + compareKO(name, koGenerated, koVectors); + } + } + + [Test] + public void TestHMAC_SHA512_AFTER_FIXED_32_BITS() + { + string name = "HMAC_SHA512_AFTER_FIXED_32_BITS "; + { + int r = 32; + //int count = 0; + int l = 128; + byte[] ki = Hex.Decode("e482268362f80ca7f777b4202d03234a5f0ed59b578a6b8792ff54d900af6940beacc7d3fb801661f64392e5658d4f82e3b5d63b190a44c032b6a8ac51a2acc2"); IDigest digest = new Sha512Digest(); IMac prf = new HMac(digest); KdfCounterBytesGenerator gen = new KdfCounterBytesGenerator(prf); + byte[] fixedInputData = Hex.Decode("9ce99ad9a90f45785e749a66df7489c4200904141391274dfb24a5e4ea8cafc87f920b33fcbac0d93fc59d4bf558b7f2a9e1435cb454a4f180300e17"); + KdfCounterParameters param = new KdfCounterParameters(ki, fixedInputData, null, r); + gen.Init(param); + byte[] koGenerated = new byte[l / 8]; + gen.GenerateBytes(koGenerated, 0, koGenerated.Length); + + byte[] koVectors = Hex.Decode("cc99953cc0d7b0da795293675442528d"); + + compareKO(name, koGenerated, koVectors); + } + } + + [Test] + public void TestHMAC_SHA512_MIDDLE_FIXED_8_BITS() + { + string name = "HMAC_SHA512_MIDDLE_FIXED_8_BITS "; + { + int r = 8; + //int count = 0; + int l = 128; + byte[] ki = Hex.Decode("7b7ed39b91cdbc0c0b3cfed4830a1c5b47971c80054d3c82b75a98e98ac06adf86307afdeb15a7d83d896cc8dc0c0f8d7eb450ba31f4c12ec6fb131778cc2dc0"); IDigest digest = new Sha512Digest(); IMac prf = new HMac(digest); KdfCounterBytesGenerator gen = new KdfCounterBytesGenerator(prf); + byte[] DataBeforeCtrData = Hex.Decode("e4e853508f5b07a1c8e7033d0d683affdac3b7cd5931c53933b49bd30ec149300735cfc34a307dcb609a26c9378e8f75bc5f"); + byte[] DataAfterCtrData = Hex.Decode("689823dbc6bf6d3c097b"); + KdfCounterParameters param = new KdfCounterParameters(ki, DataBeforeCtrData, DataAfterCtrData, r); + gen.Init(param); + byte[] koGenerated = new byte[l / 8]; + gen.GenerateBytes(koGenerated, 0, koGenerated.Length); + + byte[] koVectors = Hex.Decode("d0ad633ce6ad0d4ed5ab9247177de926"); + + compareKO(name, koGenerated, koVectors); + } + } + + [Test] + public void TestHMAC_SHA512_MIDDLE_FIXED_16_BITS() + { + string name = "HMAC_SHA512_MIDDLE_FIXED_16_BITS "; + { + int r = 16; + //int count = 0; + int l = 128; + byte[] ki = Hex.Decode("3ee8a94d1a45078967a76f1094923fb0f67691bf54159d100a0c2c9dc12cac84c394a9a1efb05df78e0f03342b9129b2bf06d1e4f6bd25965fcdf2ecc74f4a2c"); IDigest digest = new Sha512Digest(); IMac prf = new HMac(digest); KdfCounterBytesGenerator gen = new KdfCounterBytesGenerator(prf); + byte[] DataBeforeCtrData = Hex.Decode("5527ea9f8ffa12569dc4c1e95a92b213072b50db9dae2a53d8a0d63640749057f3c936377400d69387df468e1a54cf19530c"); + byte[] DataAfterCtrData = Hex.Decode("e72f4c2b03d7ed637ad5"); + KdfCounterParameters param = new KdfCounterParameters(ki, DataBeforeCtrData, DataAfterCtrData, r); + gen.Init(param); + byte[] koGenerated = new byte[l / 8]; + gen.GenerateBytes(koGenerated, 0, koGenerated.Length); + + byte[] koVectors = Hex.Decode("e3090abfc11f8b709207105d4ed46505"); + + compareKO(name, koGenerated, koVectors); + } + } + + [Test] + public void TestHMAC_SHA512_MIDDLE_FIXED_24_BITS() + { + string name = "HMAC_SHA512_MIDDLE_FIXED_24_BITS "; + { + int r = 24; + //int count = 0; + int l = 128; + byte[] ki = Hex.Decode("5572ceb20ce4cb93b4a3781e55846f4d012fe5598924beb134a17dedf2b59da3bc997d5a105b423cf49849c33bbcef564a993c8a648b4d8fb567f4c08030f9b9"); IDigest digest = new Sha512Digest(); IMac prf = new HMac(digest); KdfCounterBytesGenerator gen = new KdfCounterBytesGenerator(prf); + byte[] DataBeforeCtrData = Hex.Decode("bca2eda0ac96d53e7f94f41ef880cd2dcfccd2bd0c116a87c7e6485fe7535469da538c92f6d6c8443f480d10ebfca36e441d"); + byte[] DataAfterCtrData = Hex.Decode("4072f6e842886be123d3"); + KdfCounterParameters param = new KdfCounterParameters(ki, DataBeforeCtrData, DataAfterCtrData, r); + gen.Init(param); + byte[] koGenerated = new byte[l / 8]; + gen.GenerateBytes(koGenerated, 0, koGenerated.Length); + + byte[] koVectors = Hex.Decode("abc01ab53b61ce1cebf3038b42a4a854"); + + compareKO(name, koGenerated, koVectors); + } + } + + [Test] + public void TestHMAC_SHA512_MIDDLE_FIXED_32_BITS() + { + string name = "HMAC_SHA512_MIDDLE_FIXED_32_BITS "; + { + int r = 32; + //int count = 0; + int l = 128; + byte[] ki = Hex.Decode( + "4cfbc55d3a2334c71787ea1c4b9426106b1ba327a909d54fc9b3113f4b74617fec68858a05ea9943fffb0623af633f2a16ae87afa37e3f304da41f7b83e4cb91"); + IDigest digest = new Sha512Digest(); + IMac prf = new HMac(digest); + KdfCounterBytesGenerator gen = new KdfCounterBytesGenerator(prf); + byte[] DataBeforeCtrData = + Hex.Decode( + "2d6b4804ed912a9bf3005db33c221c6793ff33ffc90bf559811d63fdd0d06f8f36da610f2d555ea37bf3f1220a8e8a8a8629"); + byte[] DataAfterCtrData = Hex.Decode("adbd9e4688b45575d385"); + KdfCounterParameters param = new KdfCounterParameters(ki, DataBeforeCtrData, DataAfterCtrData, r); + gen.Init(param); + byte[] koGenerated = new byte[l / 8]; + gen.GenerateBytes(koGenerated, 0, koGenerated.Length); + + byte[] koVectors = Hex.Decode("5260b2e61f6ad15e775a793c699c5583"); + + compareKO(name, koGenerated, koVectors); + } + } + + private static void compareKO( + string name, byte[] calculatedOKM, byte[] testOKM) + { + if (!Arrays.AreEqual(calculatedOKM, testOKM)) + { + throw new TestFailedException(new SimpleTestResult( + false, name + " failed")); + } + } + + public override string Name + { + get { return "KdfCounterTest"; } + } + + + public override void PerformTest() + { + TestCMAC_AES128_BEFORE_FIXED_8_BITS(); + TestCMAC_AES128_BEFORE_FIXED_16_BITS(); + TestCMAC_AES128_BEFORE_FIXED_24_BITS(); + TestCMAC_AES128_BEFORE_FIXED_32_BITS(); + TestCMAC_AES128_AFTER_FIXED_8_BITS(); + TestCMAC_AES128_AFTER_FIXED_16_BITS(); + TestCMAC_AES128_AFTER_FIXED_24_BITS(); + TestCMAC_AES128_AFTER_FIXED_32_BITS(); + TestCMAC_AES128_MIDDLE_FIXED_8_BITS(); + TestCMAC_AES128_MIDDLE_FIXED_16_BITS(); + TestCMAC_AES128_MIDDLE_FIXED_24_BITS(); + TestCMAC_AES128_MIDDLE_FIXED_32_BITS(); + TestCMAC_AES192_BEFORE_FIXED_8_BITS(); + TestCMAC_AES192_BEFORE_FIXED_16_BITS(); + TestCMAC_AES192_BEFORE_FIXED_24_BITS(); + TestCMAC_AES192_BEFORE_FIXED_32_BITS(); + TestCMAC_AES192_AFTER_FIXED_8_BITS(); + TestCMAC_AES192_AFTER_FIXED_16_BITS(); + TestCMAC_AES192_AFTER_FIXED_24_BITS(); + TestCMAC_AES192_AFTER_FIXED_32_BITS(); + TestCMAC_AES192_MIDDLE_FIXED_8_BITS(); + TestCMAC_AES192_MIDDLE_FIXED_16_BITS(); + TestCMAC_AES192_MIDDLE_FIXED_24_BITS(); + TestCMAC_AES192_MIDDLE_FIXED_32_BITS(); + TestCMAC_AES256_BEFORE_FIXED_8_BITS(); + TestCMAC_AES256_BEFORE_FIXED_16_BITS(); + TestCMAC_AES256_BEFORE_FIXED_24_BITS(); + TestCMAC_AES256_BEFORE_FIXED_32_BITS(); + TestCMAC_AES256_AFTER_FIXED_8_BITS(); + TestCMAC_AES256_AFTER_FIXED_16_BITS(); + TestCMAC_AES256_AFTER_FIXED_24_BITS(); + TestCMAC_AES256_AFTER_FIXED_32_BITS(); + TestCMAC_AES256_MIDDLE_FIXED_8_BITS(); + TestCMAC_AES256_MIDDLE_FIXED_16_BITS(); + TestCMAC_AES256_MIDDLE_FIXED_24_BITS(); + TestCMAC_AES256_MIDDLE_FIXED_32_BITS(); + TestCMAC_TDES2_BEFORE_FIXED_8_BITS(); + TestCMAC_TDES2_BEFORE_FIXED_16_BITS(); + TestCMAC_TDES2_BEFORE_FIXED_24_BITS(); + TestCMAC_TDES2_BEFORE_FIXED_32_BITS(); + TestCMAC_TDES2_AFTER_FIXED_8_BITS(); + TestCMAC_TDES2_AFTER_FIXED_16_BITS(); + TestCMAC_TDES2_AFTER_FIXED_24_BITS(); + TestCMAC_TDES2_AFTER_FIXED_32_BITS(); + TestCMAC_TDES2_MIDDLE_FIXED_8_BITS(); + TestCMAC_TDES2_MIDDLE_FIXED_16_BITS(); + TestCMAC_TDES2_MIDDLE_FIXED_24_BITS(); + TestCMAC_TDES2_MIDDLE_FIXED_32_BITS(); + TestCMAC_TDES3_BEFORE_FIXED_8_BITS(); + TestCMAC_TDES3_BEFORE_FIXED_16_BITS(); + TestCMAC_TDES3_BEFORE_FIXED_24_BITS(); + TestCMAC_TDES3_BEFORE_FIXED_32_BITS(); + TestCMAC_TDES3_AFTER_FIXED_8_BITS(); + TestCMAC_TDES3_AFTER_FIXED_16_BITS(); + TestCMAC_TDES3_AFTER_FIXED_24_BITS(); + TestCMAC_TDES3_AFTER_FIXED_32_BITS(); + TestCMAC_TDES3_MIDDLE_FIXED_8_BITS(); + TestCMAC_TDES3_MIDDLE_FIXED_16_BITS(); + TestCMAC_TDES3_MIDDLE_FIXED_24_BITS(); + TestCMAC_TDES3_MIDDLE_FIXED_32_BITS(); + TestHMAC_SHA1_BEFORE_FIXED_8_BITS(); + TestHMAC_SHA1_BEFORE_FIXED_16_BITS(); + TestHMAC_SHA1_BEFORE_FIXED_24_BITS(); + TestHMAC_SHA1_BEFORE_FIXED_32_BITS(); + TestHMAC_SHA1_AFTER_FIXED_8_BITS(); + TestHMAC_SHA1_AFTER_FIXED_16_BITS(); + TestHMAC_SHA1_AFTER_FIXED_24_BITS(); + TestHMAC_SHA1_AFTER_FIXED_32_BITS(); + TestHMAC_SHA1_MIDDLE_FIXED_8_BITS(); + TestHMAC_SHA1_MIDDLE_FIXED_16_BITS(); + TestHMAC_SHA1_MIDDLE_FIXED_24_BITS(); + TestHMAC_SHA1_MIDDLE_FIXED_32_BITS(); + TestHMAC_SHA224_BEFORE_FIXED_8_BITS(); + TestHMAC_SHA224_BEFORE_FIXED_16_BITS(); + TestHMAC_SHA224_BEFORE_FIXED_24_BITS(); + TestHMAC_SHA224_BEFORE_FIXED_32_BITS(); + TestHMAC_SHA224_AFTER_FIXED_8_BITS(); + TestHMAC_SHA224_AFTER_FIXED_16_BITS(); + TestHMAC_SHA224_AFTER_FIXED_24_BITS(); + TestHMAC_SHA224_AFTER_FIXED_32_BITS(); + TestHMAC_SHA224_MIDDLE_FIXED_8_BITS(); + TestHMAC_SHA224_MIDDLE_FIXED_16_BITS(); + TestHMAC_SHA224_MIDDLE_FIXED_24_BITS(); + TestHMAC_SHA224_MIDDLE_FIXED_32_BITS(); + TestHMAC_SHA256_BEFORE_FIXED_8_BITS(); + TestHMAC_SHA256_BEFORE_FIXED_16_BITS(); + TestHMAC_SHA256_BEFORE_FIXED_24_BITS(); + TestHMAC_SHA256_BEFORE_FIXED_32_BITS(); + TestHMAC_SHA256_AFTER_FIXED_8_BITS(); + TestHMAC_SHA256_AFTER_FIXED_16_BITS(); + TestHMAC_SHA256_AFTER_FIXED_24_BITS(); + TestHMAC_SHA256_AFTER_FIXED_32_BITS(); + TestHMAC_SHA256_MIDDLE_FIXED_8_BITS(); + TestHMAC_SHA256_MIDDLE_FIXED_16_BITS(); + TestHMAC_SHA256_MIDDLE_FIXED_24_BITS(); + TestHMAC_SHA256_MIDDLE_FIXED_32_BITS(); + TestHMAC_SHA384_BEFORE_FIXED_8_BITS(); + TestHMAC_SHA384_BEFORE_FIXED_16_BITS(); + TestHMAC_SHA384_BEFORE_FIXED_24_BITS(); + TestHMAC_SHA384_BEFORE_FIXED_32_BITS(); + TestHMAC_SHA384_AFTER_FIXED_8_BITS(); + TestHMAC_SHA384_AFTER_FIXED_16_BITS(); + TestHMAC_SHA384_AFTER_FIXED_24_BITS(); + TestHMAC_SHA384_AFTER_FIXED_32_BITS(); + TestHMAC_SHA384_MIDDLE_FIXED_8_BITS(); + TestHMAC_SHA384_MIDDLE_FIXED_16_BITS(); + TestHMAC_SHA384_MIDDLE_FIXED_24_BITS(); + TestHMAC_SHA384_MIDDLE_FIXED_32_BITS(); + TestHMAC_SHA512_BEFORE_FIXED_8_BITS(); + TestHMAC_SHA512_BEFORE_FIXED_16_BITS(); + TestHMAC_SHA512_BEFORE_FIXED_24_BITS(); + TestHMAC_SHA512_BEFORE_FIXED_32_BITS(); + TestHMAC_SHA512_AFTER_FIXED_8_BITS(); + TestHMAC_SHA512_AFTER_FIXED_16_BITS(); + TestHMAC_SHA512_AFTER_FIXED_24_BITS(); + TestHMAC_SHA512_AFTER_FIXED_32_BITS(); + TestHMAC_SHA512_MIDDLE_FIXED_8_BITS(); + TestHMAC_SHA512_MIDDLE_FIXED_16_BITS(); + TestHMAC_SHA512_MIDDLE_FIXED_24_BITS(); + TestHMAC_SHA512_MIDDLE_FIXED_32_BITS(); + + } + } +} \ No newline at end of file diff --git a/BouncyCastle/crypto/test/src/test/MacTest.cs b/BouncyCastle/crypto/test/src/test/MacTest.cs new file mode 100644 index 0000000..d4b3188 --- /dev/null +++ b/BouncyCastle/crypto/test/src/test/MacTest.cs @@ -0,0 +1,216 @@ +using System; +using System.Text; + +using NUnit.Framework; + +using Org.BouncyCastle.Crypto; +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Security; +using Org.BouncyCastle.Utilities.Encoders; +using Org.BouncyCastle.Utilities.Test; + +namespace Org.BouncyCastle.Tests +{ + /// + /// MAC tester - vectors from + /// FIP 81 and + /// FIP 113. + /// + [TestFixture] + public class MacTest + : SimpleTest + { + private static readonly byte[] keyBytes = Hex.Decode("0123456789abcdef"); + private static readonly byte[] ivBytes = Hex.Decode("1234567890abcdef"); + + private static readonly byte[] input = Hex.Decode("37363534333231204e6f77206973207468652074696d6520666f7220"); + + private static readonly byte[] output1 = Hex.Decode("f1d30f68"); + private static readonly byte[] output2 = Hex.Decode("58d2e77e"); + private static readonly byte[] output3 = Hex.Decode("cd647403"); + + private static readonly byte[] keyBytesISO9797 = Hex.Decode("7CA110454A1A6E570131D9619DC1376E"); + + private static readonly byte[] inputISO9797 = Encoding.ASCII.GetBytes("Hello World !!!!"); + + private static readonly byte[] outputISO9797 = Hex.Decode("F09B856213BAB83B"); + + private static readonly byte[] inputDesEDE64 = Encoding.ASCII.GetBytes("Hello World !!!!"); + + private static readonly byte[] outputDesEDE64 = Hex.Decode("862304d33af01096"); + + private void aliasTest( + KeyParameter key, + string primary, + params string[] aliases) + { + IMac mac = MacUtilities.GetMac(primary); + + // + // standard DAC - zero IV + // + mac.Init(key); + + mac.BlockUpdate(input, 0, input.Length); + + byte[] refBytes = new byte[mac.GetMacSize()]; + mac.DoFinal(refBytes, 0); + + for (int i = 0; i != aliases.Length; i++) + { + mac = MacUtilities.GetMac(aliases[i]); + + mac.Init(key); + + mac.BlockUpdate(input, 0, input.Length); + + byte[] outBytes = new byte[mac.GetMacSize()]; + mac.DoFinal(outBytes, 0); + + if (!AreEqual(outBytes, refBytes)) + { + Fail("Failed - expected " + + Hex.ToHexString(refBytes) + " got " + + Hex.ToHexString(outBytes)); + } + } + } + + public override void PerformTest() + { + KeyParameter key = new DesParameters(keyBytes); + IMac mac = MacUtilities.GetMac("DESMac"); + + // + // standard DAC - zero IV + // + mac.Init(key); + + mac.BlockUpdate(input, 0, input.Length); + + //byte[] outBytes = mac.DoFinal(); + byte[] outBytes = new byte[mac.GetMacSize()]; + mac.DoFinal(outBytes, 0); + + if (!AreEqual(outBytes, output1)) + { + Fail("Failed - expected " + + Hex.ToHexString(output1) + " got " + + Hex.ToHexString(outBytes)); + } + + // + // mac with IV. + // + mac.Init(new ParametersWithIV(key, ivBytes)); + + mac.BlockUpdate(input, 0, input.Length); + + //outBytes = mac.DoFinal(); + outBytes = new byte[mac.GetMacSize()]; + mac.DoFinal(outBytes, 0); + + if (!AreEqual(outBytes, output2)) + { + Fail("Failed - expected " + + Hex.ToHexString(output2) + " got " + + Hex.ToHexString(outBytes)); + } + + // + // CFB mac with IV - 8 bit CFB mode + // + mac = MacUtilities.GetMac("DESMac/CFB8"); + + mac.Init(new ParametersWithIV(key, ivBytes)); + + mac.BlockUpdate(input, 0, input.Length); + + //outBytes = mac.DoFinal(); + outBytes = new byte[mac.GetMacSize()]; + mac.DoFinal(outBytes, 0); + + if (!AreEqual(outBytes, output3)) + { + Fail("Failed - expected " + + Hex.ToHexString(output3) + " got " + + Hex.ToHexString(outBytes)); + } + + // + // ISO9797 algorithm 3 using DESEDE + // + key = new DesEdeParameters(keyBytesISO9797); + + mac = MacUtilities.GetMac("ISO9797ALG3"); + + mac.Init(key); + + mac.BlockUpdate(inputISO9797, 0, inputISO9797.Length); + + //outBytes = mac.DoFinal(); + outBytes = new byte[mac.GetMacSize()]; + mac.DoFinal(outBytes, 0); + + if (!AreEqual(outBytes, outputISO9797)) + { + Fail("Failed - expected " + + Hex.ToHexString(outputISO9797) + " got " + + Hex.ToHexString(outBytes)); + } + + // + // 64bit DESede Mac + // + key = new DesEdeParameters(keyBytesISO9797); + + mac = MacUtilities.GetMac("DESEDE64"); + + mac.Init(key); + + mac.BlockUpdate(inputDesEDE64, 0, inputDesEDE64.Length); + + //outBytes = mac.DoFinal(); + outBytes = new byte[mac.GetMacSize()]; + mac.DoFinal(outBytes, 0); + + if (!AreEqual(outBytes, outputDesEDE64)) + { + Fail("Failed - expected " + + Hex.ToHexString(outputDesEDE64) + " got " + + Hex.ToHexString(outBytes)); + } + + aliasTest( + ParameterUtilities.CreateKeyParameter("DESede", keyBytesISO9797), + "DESedeMac64withISO7816-4Padding", + "DESEDE64WITHISO7816-4PADDING", + "DESEDEISO9797ALG1MACWITHISO7816-4PADDING", + "DESEDEISO9797ALG1WITHISO7816-4PADDING"); + + aliasTest( + ParameterUtilities.CreateKeyParameter("DESede", keyBytesISO9797), + "ISO9797ALG3WITHISO7816-4PADDING", + "ISO9797ALG3MACWITHISO7816-4PADDING"); + } + + public override string Name + { + get { return "Mac"; } + } + + public static void Main( + string[] args) + { + RunTest(new MacTest()); + } + + [Test] + public void TestFunction() + { + string resultText = Perform().ToString(); + + Assert.AreEqual(Name + ": Okay", resultText); + } + } +} diff --git a/BouncyCastle/crypto/test/src/test/MqvTest.cs b/BouncyCastle/crypto/test/src/test/MqvTest.cs new file mode 100644 index 0000000..b26d561 --- /dev/null +++ b/BouncyCastle/crypto/test/src/test/MqvTest.cs @@ -0,0 +1,86 @@ +using System; + +using NUnit.Framework; + +using Org.BouncyCastle.Asn1.X9; +using Org.BouncyCastle.Crypto; +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Math; +using Org.BouncyCastle.Math.EC; +using Org.BouncyCastle.Security; +using Org.BouncyCastle.Utilities.Encoders; +using Org.BouncyCastle.Utilities.Test; + +namespace Org.BouncyCastle.Tests +{ + [TestFixture] + public class MqvTest + : SimpleTest + { + public override string Name + { + get { return "MQV"; } + } + + public override void PerformTest() + { + TestECMqv(); + } + + [Test] + public void TestECMqv() + { + IAsymmetricCipherKeyPairGenerator g = GeneratorUtilities.GetKeyPairGenerator("ECMQV"); + + X9ECParameters x9 = ECNamedCurveTable.GetByName("prime239v1"); + ECDomainParameters ecSpec = new ECDomainParameters(x9.Curve, x9.G, x9.N, x9.H); + + g.Init(new ECKeyGenerationParameters(ecSpec, new SecureRandom())); + + // + // U side + // + AsymmetricCipherKeyPair U1 = g.GenerateKeyPair(); + AsymmetricCipherKeyPair U2 = g.GenerateKeyPair(); + + IBasicAgreement uAgree = AgreementUtilities.GetBasicAgreement("ECMQV"); + uAgree.Init(new MqvPrivateParameters( + (ECPrivateKeyParameters)U1.Private, + (ECPrivateKeyParameters)U2.Private, + (ECPublicKeyParameters)U2.Public)); + + // + // V side + // + AsymmetricCipherKeyPair V1 = g.GenerateKeyPair(); + AsymmetricCipherKeyPair V2 = g.GenerateKeyPair(); + + IBasicAgreement vAgree = AgreementUtilities.GetBasicAgreement("ECMQV"); + vAgree.Init(new MqvPrivateParameters( + (ECPrivateKeyParameters)V1.Private, + (ECPrivateKeyParameters)V2.Private, + (ECPublicKeyParameters)V2.Public)); + + // + // agreement + // + BigInteger ux = uAgree.CalculateAgreement(new MqvPublicParameters( + (ECPublicKeyParameters)V1.Public, + (ECPublicKeyParameters)V2.Public)); + BigInteger vx = vAgree.CalculateAgreement(new MqvPublicParameters( + (ECPublicKeyParameters)U1.Public, + (ECPublicKeyParameters)U2.Public)); + + if (!ux.Equals(vx)) + { + Fail("Agreement failed"); + } + } + + public static void Main( + string[] args) + { + RunTest(new MqvTest()); + } + } +} diff --git a/BouncyCastle/crypto/test/src/test/NamedCurveTest.cs b/BouncyCastle/crypto/test/src/test/NamedCurveTest.cs new file mode 100644 index 0000000..560af75 --- /dev/null +++ b/BouncyCastle/crypto/test/src/test/NamedCurveTest.cs @@ -0,0 +1,406 @@ +using System; + +using NUnit.Framework; + +using Org.BouncyCastle.Asn1.Anssi; +using Org.BouncyCastle.Asn1.CryptoPro; +using Org.BouncyCastle.Asn1.GM; +using Org.BouncyCastle.Asn1.Sec; +using Org.BouncyCastle.Asn1.TeleTrust; +using Org.BouncyCastle.Asn1.X9; +using Org.BouncyCastle.Crypto; +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Math; +using Org.BouncyCastle.Pkcs; +using Org.BouncyCastle.Security; +using Org.BouncyCastle.Utilities.Test; +using Org.BouncyCastle.X509; + +namespace Org.BouncyCastle.Tests +{ + [TestFixture] + public class NamedCurveTest + : SimpleTest + { +// private static readonly Hashtable CurveNames = new Hashtable(); +// private static readonly Hashtable CurveAliases = new Hashtable(); +// +// static NamedCurveTest() +// { +// CurveNames.Add("prime192v1", "prime192v1"); // X9.62 +// CurveNames.Add("sect571r1", "sect571r1"); // sec +// CurveNames.Add("secp224r1", "secp224r1"); +// CurveNames.Add("B-409", SecNamedCurves.GetName(NistNamedCurves.GetOid("B-409"))); // nist +// CurveNames.Add("P-521", SecNamedCurves.GetName(NistNamedCurves.GetOid("P-521"))); +// CurveNames.Add("brainpoolp160r1", "brainpoolp160r1"); // TeleTrusT +// +// CurveAliases.Add("secp192r1", "prime192v1"); +// CurveAliases.Add("secp256r1", "prime256v1"); +// } + + private static ECDomainParameters GetCurveParameters( + string name) + { + X9ECParameters ecP = ECNamedCurveTable.GetByName(name); + + if (ecP == null) + throw new Exception("unknown curve name: " + name); + + return new ECDomainParameters(ecP.Curve, ecP.G, ecP.N, ecP.H, ecP.GetSeed()); + } + + public void doTestCurve( + string name) + { +// ECGenParameterSpec ecSpec = new ECGenParameterSpec(name); + ECDomainParameters ecSpec = GetCurveParameters(name); + + IAsymmetricCipherKeyPairGenerator g = GeneratorUtilities.GetKeyPairGenerator("ECDH"); + +// g.initialize(ecSpec, new SecureRandom()); + g.Init(new ECKeyGenerationParameters(ecSpec, new SecureRandom())); + + // + // a side + // + AsymmetricCipherKeyPair aKeyPair = g.GenerateKeyPair(); + +// KeyAgreement aKeyAgree = KeyAgreement.getInstance("ECDHC"); + IBasicAgreement aKeyAgree = AgreementUtilities.GetBasicAgreement("ECDHC"); + + aKeyAgree.Init(aKeyPair.Private); + + // + // b side + // + AsymmetricCipherKeyPair bKeyPair = g.GenerateKeyPair(); + +// KeyAgreement bKeyAgree = KeyAgreement.getInstance("ECDHC"); + IBasicAgreement bKeyAgree = AgreementUtilities.GetBasicAgreement("ECDHC"); + + bKeyAgree.Init(bKeyPair.Private); + + // + // agreement + // +// aKeyAgree.doPhase(bKeyPair.Public, true); +// bKeyAgree.doPhase(aKeyPair.Public, true); +// +// BigInteger k1 = new BigInteger(aKeyAgree.generateSecret()); +// BigInteger k2 = new BigInteger(bKeyAgree.generateSecret()); + BigInteger k1 = aKeyAgree.CalculateAgreement(bKeyPair.Public); + BigInteger k2 = bKeyAgree.CalculateAgreement(aKeyPair.Public); + + if (!k1.Equals(k2)) + { + Fail("2-way test failed"); + } + + // + // public key encoding test + // +// byte[] pubEnc = aKeyPair.Public.getEncoded(); + byte[] pubEnc = SubjectPublicKeyInfoFactory.CreateSubjectPublicKeyInfo(aKeyPair.Public).GetDerEncoded(); + +// KeyFactory keyFac = KeyFactory.getInstance("ECDH"); +// X509EncodedKeySpec pubX509 = new X509EncodedKeySpec(pubEnc); +// ECPublicKey pubKey = (ECPublicKey)keyFac.generatePublic(pubX509); + ECPublicKeyParameters pubKey = (ECPublicKeyParameters) PublicKeyFactory.CreateKey(pubEnc); + +// if (!pubKey.getW().Equals(((ECPublicKey)aKeyPair.Public).getW())) + if (!pubKey.Q.Equals(((ECPublicKeyParameters)aKeyPair.Public).Q)) + { + Fail("public key encoding (Q test) failed"); + } + + // TODO Put back in? +// if (!(pubKey.getParams() is ECNamedCurveSpec)) +// { +// Fail("public key encoding not named curve"); +// } + + // + // private key encoding test + // +// byte[] privEnc = aKeyPair.Private.getEncoded(); + byte[] privEnc = PrivateKeyInfoFactory.CreatePrivateKeyInfo(aKeyPair.Private).GetDerEncoded(); + +// PKCS8EncodedKeySpec privPKCS8 = new PKCS8EncodedKeySpec(privEnc); +// ECPrivateKey privKey = (ECPrivateKey)keyFac.generatePrivate(privPKCS8); + ECPrivateKeyParameters privKey = (ECPrivateKeyParameters) PrivateKeyFactory.CreateKey(privEnc); + +// if (!privKey.getS().Equals(((ECPrivateKey)aKeyPair.Private).getS())) + if (!privKey.D.Equals(((ECPrivateKeyParameters)aKeyPair.Private).D)) + { + Fail("private key encoding (S test) failed"); + } + + // TODO Put back in? +// if (!(privKey.getParams() is ECNamedCurveSpec)) +// { +// Fail("private key encoding not named curve"); +// } +// +// ECNamedCurveSpec privSpec = (ECNamedCurveSpec)privKey.getParams(); +// if (!(privSpec.GetName().Equals(name) || privSpec.GetName().Equals(CurveNames.get(name)))) +// { +// Fail("private key encoding wrong named curve. Expected: " +// + CurveNames[name] + " got " + privSpec.GetName()); +// } + } + + public void doTestECDsa( + string name) + { +// ECGenParameterSpec ecSpec = new ECGenParameterSpec(name); + ECDomainParameters ecSpec = GetCurveParameters(name); + + IAsymmetricCipherKeyPairGenerator g = GeneratorUtilities.GetKeyPairGenerator("ECDSA"); + +// g.initialize(ecSpec, new SecureRandom()); + g.Init(new ECKeyGenerationParameters(ecSpec, new SecureRandom())); + + ISigner sgr = SignerUtilities.GetSigner("ECDSA"); + AsymmetricCipherKeyPair pair = g.GenerateKeyPair(); + AsymmetricKeyParameter sKey = pair.Private; + AsymmetricKeyParameter vKey = pair.Public; + + sgr.Init(true, sKey); + + byte[] message = new byte[] { (byte)'a', (byte)'b', (byte)'c' }; + + sgr.BlockUpdate(message, 0, message.Length); + + byte[] sigBytes = sgr.GenerateSignature(); + + sgr.Init(false, vKey); + + sgr.BlockUpdate(message, 0, message.Length); + + if (!sgr.VerifySignature(sigBytes)) + { + Fail(name + " verification failed"); + } + + // + // public key encoding test + // +// byte[] pubEnc = vKey.getEncoded(); + byte[] pubEnc = SubjectPublicKeyInfoFactory.CreateSubjectPublicKeyInfo(vKey).GetDerEncoded(); + +// KeyFactory keyFac = KeyFactory.getInstance("ECDH"); +// X509EncodedKeySpec pubX509 = new X509EncodedKeySpec(pubEnc); +// ECPublicKey pubKey = (ECPublicKey)keyFac.generatePublic(pubX509); + ECPublicKeyParameters pubKey = (ECPublicKeyParameters) PublicKeyFactory.CreateKey(pubEnc); + +// if (!pubKey.getW().Equals(((ECPublicKey)vKey).getW())) + if (!pubKey.Q.Equals(((ECPublicKeyParameters)vKey).Q)) + { + Fail("public key encoding (Q test) failed"); + } + + // TODO Put back in? +// if (!(pubKey.Parameters is ECNamedCurveSpec)) +// { +// Fail("public key encoding not named curve"); +// } + + // + // private key encoding test + // +// byte[] privEnc = sKey.getEncoded(); + byte[] privEnc = PrivateKeyInfoFactory.CreatePrivateKeyInfo(sKey).GetDerEncoded(); + +// PKCS8EncodedKeySpec privPKCS8 = new PKCS8EncodedKeySpec(privEnc); +// ECPrivateKey privKey = (ECPrivateKey)keyFac.generatePrivate(privPKCS8); + ECPrivateKeyParameters privKey = (ECPrivateKeyParameters) PrivateKeyFactory.CreateKey(privEnc); + +// if (!privKey.getS().Equals(((ECPrivateKey)sKey).getS())) + if (!privKey.D.Equals(((ECPrivateKeyParameters)sKey).D)) + { + Fail("private key encoding (D test) failed"); + } + + // TODO Put back in? +// if (!(privKey.Parameters is ECNamedCurveSpec)) +// { +// Fail("private key encoding not named curve"); +// } +// +// ECNamedCurveSpec privSpec = (ECNamedCurveSpec)privKey.getParams(); +// if (!privSpec.GetName().EqualsIgnoreCase(name) +// && !privSpec.GetName().EqualsIgnoreCase((string) CurveAliases[name])) +// { +// Fail("private key encoding wrong named curve. Expected: " + name + " got " + privSpec.GetName()); +// } + } + + public void doTestECGost(string name) + { + ISigner sgr; + string keyAlgorithm; + + if (name.IndexOf("Tc26-Gost-3410") == 0) + { + // TODO Implement ECGOST3410-2012 in SignerUtilies/GeneratorUtilities etc. + // Current test cases don't work for GOST34.10 2012 + return; + + //keyAlgorithm = "ECGOST3410-2012"; + //if (name.IndexOf("256") > 0) + //{ + // sgr = SignerUtilities.GetSigner("ECGOST3410-2012-256"); + //} + //else + //{ + // sgr = SignerUtilities.GetSigner("ECGOST3410-2012-512"); + //} + } + else + { + keyAlgorithm = "ECGOST3410"; + + sgr = SignerUtilities.GetSigner("ECGOST3410"); + } + + ECDomainParameters ecSpec = GetCurveParameters(name); + + IAsymmetricCipherKeyPairGenerator g = GeneratorUtilities.GetKeyPairGenerator(keyAlgorithm); + g.Init(new ECKeyGenerationParameters(ecSpec, new SecureRandom())); + + AsymmetricCipherKeyPair pair = g.GenerateKeyPair(); + AsymmetricKeyParameter sKey = pair.Private; + AsymmetricKeyParameter vKey = pair.Public; + + sgr.Init(true, sKey); + + byte[] message = new byte[] { (byte)'a', (byte)'b', (byte)'c' }; + + sgr.BlockUpdate(message, 0, message.Length); + + byte[] sigBytes = sgr.GenerateSignature(); + + sgr.Init(false, vKey); + + sgr.BlockUpdate(message, 0, message.Length); + + if (!sgr.VerifySignature(sigBytes)) + { + Fail(name + " verification failed"); + } + + // TODO Get this working? +// // +// // public key encoding test +// // +//// byte[] pubEnc = vKey.getEncoded(); +// byte[] pubEnc = SubjectPublicKeyInfoFactory.CreateSubjectPublicKeyInfo(vKey).GetDerEncoded(); +// +//// KeyFactory keyFac = KeyFactory.getInstance(keyAlgorithm); +//// X509EncodedKeySpec pubX509 = new X509EncodedKeySpec(pubEnc); +//// ECPublicKey pubKey = (ECPublicKey)keyFac.generatePublic(pubX509); +// ECPublicKeyParameters pubKey = (ECPublicKeyParameters) PublicKeyFactory.CreateKey(pubEnc); +// +//// if (!pubKey.getW().equals(((ECPublicKey)vKey).getW())) +// if (!pubKey.Q.Equals(((ECPublicKeyParameters)vKey).Q)) +// { +// Fail("public key encoding (Q test) failed"); +// } + + // TODO Put back in? +// if (!(pubKey.Parameters is ECNamedCurveSpec)) +// { +// Fail("public key encoding not named curve"); +// } + + // TODO Get this working? +// // +// // private key encoding test +// // +//// byte[] privEnc = sKey.getEncoded(); +// byte[] privEnc = PrivateKeyInfoFactory.CreatePrivateKeyInfo(sKey).GetDerEncoded(); +// +//// PKCS8EncodedKeySpec privPKCS8 = new PKCS8EncodedKeySpec(privEnc); +//// ECPrivateKey privKey = (ECPrivateKey)keyFac.generatePrivate(privPKCS8); +// ECPrivateKeyParameters privKey = (ECPrivateKeyParameters) PrivateKeyFactory.CreateKey(privEnc); +// +//// if (!privKey.getS().Equals(((ECPrivateKey)sKey).getS())) +// if (!privKey.D.Equals(((ECPrivateKeyParameters)sKey).D)) +// { +// Fail("GOST private key encoding (D test) failed"); +// } + + // TODO Put back in? +// if (!(privKey.Parameters is ECNamedCurveSpec)) +// { +// Fail("GOST private key encoding not named curve"); +// } +// +// ECNamedCurveSpec privSpec = (ECNamedCurveSpec)privKey.getParams(); +// if (!privSpec.getName().equalsIgnoreCase(name) +// && !privSpec.getName().equalsIgnoreCase((String)CURVE_ALIASES[name])) +// { +// Fail("GOST private key encoding wrong named curve. Expected: " + name + " got " + privSpec.getName()); +// } + } + + public override string Name + { + get { return "NamedCurve"; } + } + + public override void PerformTest() + { + doTestCurve("prime192v1"); // X9.62 + doTestCurve("sect571r1"); // sec + doTestCurve("secp224r1"); + doTestCurve("B-409"); // nist + doTestCurve("P-521"); + doTestCurve("brainpoolp160r1"); // TeleTrusT + + foreach (string name in X962NamedCurves.Names) + { + doTestECDsa(name); + } + + foreach (string name in SecNamedCurves.Names) + { + doTestECDsa(name); + } + + foreach (string name in TeleTrusTNamedCurves.Names) + { + doTestECDsa(name); + } + + foreach (string name in AnssiNamedCurves.Names) + { + doTestECDsa(name); + } + + foreach (string name in GMNamedCurves.Names) + { + doTestECDsa(name); + } + + foreach (string name in ECGost3410NamedCurves.Names) + { + doTestECGost(name); + } + } + + public static void Main( + string[] args) + { + RunTest(new NamedCurveTest()); + } + + [Test] + public void TestFunction() + { + string resultText = Perform().ToString(); + + Assert.AreEqual(Name + ": Okay", resultText); + } + } +} diff --git a/BouncyCastle/crypto/test/src/test/NistCertPathTest.cs b/BouncyCastle/crypto/test/src/test/NistCertPathTest.cs new file mode 100644 index 0000000..0f42e24 --- /dev/null +++ b/BouncyCastle/crypto/test/src/test/NistCertPathTest.cs @@ -0,0 +1,5192 @@ +using System; +using System.Collections; +using System.IO; +using System.Text; + +using NUnit.Framework; + +using Org.BouncyCastle.Asn1; +using Org.BouncyCastle.Asn1.X509; +using Org.BouncyCastle.Pkix; +using Org.BouncyCastle.Utilities.Collections; +using Org.BouncyCastle.Utilities.Date; +using Org.BouncyCastle.Utilities.Encoders; +using Org.BouncyCastle.Utilities.Test; +using Org.BouncyCastle.X509; +using Org.BouncyCastle.X509.Store; + +namespace Org.BouncyCastle.Tests +{ + [TestFixture] + public class NistCertPathTest + : SimpleTest + { + /* + * These tests are taken from the NIST X.509 Validation Test Suite + * available at: http://csrc.nist.gov/pki/testing/x509paths.html + * + * Only the relevant certificate and crl data has been kept, in order + * to keep the class size to a minimum. + * + */ + private const string TEST_POLICY_1 = "2.16.840.1.101.3.1.48.1"; + private const string TEST_POLICY_2 = "2.16.840.1.101.3.1.48.2"; + private const string TEST_POLICY_3 = "2.16.840.1.101.3.1.48.3"; + private const string TEST_POLICY_4 = "2.16.840.1.101.3.1.48.4"; + private const string TEST_POLICY_5 = "2.16.840.1.101.3.1.48.5"; + + private static ISet ANY; + private static ISet TP1; + private static ISet TP2; + private static ISet TP3; + private static ISet TP4; + private static ISet TP1_TP2; + + static NistCertPathTest() + { + ANY = new HashSet(); + + TP1 = new HashSet(); + TP1.Add(TEST_POLICY_1); + + TP2 = new HashSet(); + TP2.Add(TEST_POLICY_2); + + TP3 = new HashSet(); + TP3.Add(TEST_POLICY_3); + + TP4 = new HashSet(); + TP4.Add(TEST_POLICY_4); + + TP1_TP2 = new HashSet(); + TP1_TP2.Add(TEST_POLICY_1); + TP1_TP2.Add(TEST_POLICY_2); + } + + /* + * FIELDS + */ + private X509CertificateParser certParser = new X509CertificateParser(); + private X509CrlParser crlParser = new X509CrlParser(); + + private X509Certificate trustedCert; + private X509Crl trustedCRL; + private ISet trustedSet; + private int testCount; + private IList testFail; + private StringBuilder resultBuf; + + public override string Name + { + get { return "NistCertPathTest"; } + } + + public override void PerformTest() + { + Init(); + + Test(" 1", TEST_1_DATA, true, false); + Test(" 2", TEST_2_DATA, false, false); + Test(" 3", TEST_3_DATA, false, false); + Test(" 4", TEST_4_DATA, true, false); + Test(" 5", TEST_5_DATA, false, false); + Test(" 6", TEST_6_DATA, false, false); + Test(" 7", TEST_7_DATA, true, false); + Test(" 8", TEST_8_DATA, false, false); + Test(" 9", TEST_9_DATA, false, false); + + Test("10", TEST_10_DATA, false, false); + Test("11", TEST_11_DATA, false, false); + Test("12", TEST_12_DATA, true, false); + Test("13", TEST_13_DATA, false, false); + Test("14", TEST_14_DATA, false, false); + Test("15", TEST_15_DATA, true, false); + Test("16", TEST_16_DATA, true, false); + Test("17", TEST_17_DATA, true, false); + Test("18", TEST_18_DATA, true, false); + Test("19", TEST_19_DATA, false, false); + + Test("20", TEST_20_DATA, false, false); + Test("21", TEST_21_DATA, false, false); + Test("22", TEST_22_DATA, false, false); + Test("23", TEST_23_DATA, false, false); + Test("24", TEST_24_DATA, true, false); + Test("25", TEST_25_DATA, false, false); + Test("26", TEST_26_DATA, true, false); + Test("27", TEST_27_DATA, true, false); + Test("28", TEST_28_DATA, false, false); + Test("29", TEST_29_DATA, false, false); + + Test("30", TEST_30_DATA, true, false); + Test("31", TEST_31_DATA, false, false); + Test("32", TEST_32_DATA, false, false); + Test("33", TEST_33_DATA, true, false); + + Test("34a", TEST_34_DATA, ANY, true, true, false); + Test("34b", TEST_34_DATA, ANY, false, true, false); + Test("34c", TEST_34_DATA, TP1, true, true, false); + Test("34d", TEST_34_DATA, TP1, false, true, false); + Test("34e", TEST_34_DATA, TP2, true, false, false); + Test("34f", TEST_34_DATA, TP2, false, true, false); + + Test("35a", TEST_35_DATA, false, true, false); + Test("35b", TEST_35_DATA, true, false, false); + + Test("36a", TEST_36_DATA, false, true, false); + Test("36b", TEST_36_DATA, true, false, false); + + Test("37a", TEST_37_DATA, false, true, false); + Test("37b", TEST_37_DATA, true, false, false); + + Test("38a", TEST_38_DATA, false, true, false); + Test("38b", TEST_38_DATA, true, false, false); + + Test("39a", TEST_39_DATA, ANY, true, true, false); + Test("39b", TEST_39_DATA, ANY, false, true, false); + Test("39c", TEST_39_DATA, TP1, true, true, false); + Test("39d", TEST_39_DATA, TP1, false, true, false); + Test("39e", TEST_39_DATA, TP2, true, false, false); + Test("39f", TEST_39_DATA, TP2, false, true, false); + + Test("40a", TEST_40_DATA, false, true, false); + Test("40b", TEST_40_DATA, true, false, false); + + Test("41a", TEST_41_DATA, false, true, false); + Test("41b", TEST_41_DATA, true, false, false); + + Test("42a", TEST_42_DATA, false, true, false); + Test("42b", TEST_42_DATA, true, false, false); + + Test("43a", TEST_43_DATA, false, true, false); + Test("43b", TEST_43_DATA, true, false, false); + + Test("44a", TEST_44_DATA, false, true, false); + Test("44b", TEST_44_DATA, true, false, false); + + Test("45a", TEST_45_DATA, false, false, false); + Test("45b", TEST_45_DATA, true, false, false); + + Test("46a", TEST_46_DATA, ANY, false, true, false); + Test("46b", TEST_46_DATA, ANY, true, true, false); + Test("46c", TEST_46_DATA, TP1, true, true, false); + Test("46d", TEST_46_DATA, TP1, false, true, false); + Test("46e", TEST_46_DATA, TP2, true, false, false); + Test("46f", TEST_46_DATA, TP2, false, false, false); + + Test("47a", TEST_47_DATA, false, false, false); + Test("47b", TEST_47_DATA, true, false, false); + + Test("48a", TEST_48_DATA, TP1, false, true, false); + Test("48b", TEST_48_DATA, TP1, true, true, false); + Test("48c", TEST_48_DATA, ANY, false, true, false); + Test("48d", TEST_48_DATA, ANY, true, true, false); + Test("48e", TEST_48_DATA, TP2, false, true, false); + Test("48f", TEST_48_DATA, TP2, true, false, false); + + Test("49a", TEST_49_DATA, TP1, false, true, false); + Test("49b", TEST_49_DATA, TP1, true, true, false); + Test("49c", TEST_49_DATA, TP3, false, true, false); + Test("49d", TEST_49_DATA, TP3, true, false, false); + Test("49e", TEST_49_DATA, ANY, false, true, false); + Test("49f", TEST_49_DATA, ANY, true, true, false); + + Test("50a", TEST_50_DATA, TP1, false, true, false); + Test("50b", TEST_50_DATA, TP1, true, true, false); + Test("50c", TEST_50_DATA, TP1_TP2, false, true, false); + Test("50d", TEST_50_DATA, TP1_TP2, true, true, false); + Test("50e", TEST_50_DATA, ANY, false, true, false); + Test("50f", TEST_50_DATA, ANY, true, true, false); + + Test("51a", TEST_51_DATA, false, true, false); + Test("51b", TEST_51_DATA, true, false, false); + + Test("52a", TEST_52_DATA, TP1, false, true, false); + Test("52b", TEST_52_DATA, TP1, true, false, false); + Test("52c", TEST_52_DATA, TP1_TP2, false, true, false); + Test("52d", TEST_52_DATA, TP1_TP2, true, false, false); + Test("52e", TEST_52_DATA, ANY, false, true, false); + Test("52f", TEST_52_DATA, ANY, true, true, false); + + Test("53a", TEST_53_DATA, TP1, false, true, false); + Test("53b", TEST_53_DATA, TP1, true, true, false); + Test("53c", TEST_53_DATA, TP1_TP2, false, true, false); + Test("53d", TEST_53_DATA, TP1_TP2, true, true, false); + Test("53e", TEST_53_DATA, TP4, false, true, false); + Test("53f", TEST_53_DATA, TP4, true, false, false); + Test("53g", TEST_53_DATA, ANY, false, true, false); + Test("53h", TEST_53_DATA, ANY, true, true, false); + + Test("54", TEST_54_DATA, false, false); + Test("55", TEST_55_DATA, false, false); + Test("56", TEST_56_DATA, true, false); + Test("57", TEST_57_DATA, true, false); + Test("58", TEST_58_DATA, false, false); + Test("59", TEST_59_DATA, false, false); + + Test("60", TEST_60_DATA, false, false); + Test("61", TEST_61_DATA, false, false); + Test("62", TEST_62_DATA, true, false); + Test("63", TEST_63_DATA, true, false); + Test("64", TEST_64_DATA, false, false); + Test("65", TEST_65_DATA, false, false); + Test("66", TEST_66_DATA, false, false); + Test("67", TEST_67_DATA, true, false); + Test("68", TEST_68_DATA, false, false); + Test("69", TEST_69_DATA, false, false); + + Test("70", TEST_70_DATA, false, false); + Test("71", TEST_71_DATA, false, false); + Test("72", TEST_72_DATA, false, false); + Test("73", TEST_73_DATA, false, false); + Test("74", TEST_74_DATA, true, false); + Test("75", TEST_75_DATA, false, false); + Test("76", TEST_76_DATA, false, false); + + resultBuf.Append("NISTCertPathTest -- Failed: "); + resultBuf.Append(testFail.Count).Append('/').Append(testCount).Append("\n"); + + if (testFail.Count != 0) + { + resultBuf.Append("\n"); + Fail(resultBuf.ToString()); + } + } + + private void Init() + { + try + { + trustedCert = certParser.ReadCertificate(Base64.Decode(Trust_Anchor_CP_01_01_crt)); + trustedCRL = crlParser.ReadCrl(Base64.Decode(Trust_Anchor_CRL_CP_01_01_crl)); + trustedSet = new HashSet(); + + byte[] _ncBytes = null; + Asn1OctetString _oct = trustedCert.GetExtensionValue(X509Extensions.NameConstraints); + if (_oct != null) + { + _ncBytes = _oct.GetOctets(); + } + + trustedSet.Add(new TrustAnchor(trustedCert, _ncBytes)); + testCount = 0; + testFail = new ArrayList(); + resultBuf = new StringBuilder("\n"); + } + catch (Exception ex) + { + throw new Exception(ex.Message); + } + } + + private X509Certificate DecodeCertificate(string _str) + { + return certParser.ReadCertificate(Base64.Decode(_str)); + } + + private X509Crl DecodeCRL(string _str) + { + return crlParser.ReadCrl(Base64.Decode(_str)); + } + + private void MakeCertStore(string[] _strs, out IX509Store certStore, out IX509Store crlStore) + { + ArrayList certs = new ArrayList(); + ArrayList crls = new ArrayList(); + crls.Add(trustedCRL); + + for (int i = 0; i < _strs.Length; i++) + { + if (_strs[i].StartsWith("MIIC")) + { + certs.Add(certParser.ReadCertificate(Base64.Decode(_strs[i]))); + } + else if (_strs[i].StartsWith("MIIB")) + { + crls.Add(crlParser.ReadCrl(Base64.Decode(_strs[i]))); + } + else + { + throw new ArgumentException("Invalid certificate or crl"); + } + } + + // Insert elements backwards to muck up forward ordering dependency +// IList _vec2 = new ArrayList(); +// for (int i = _vec.Count - 1; i >= 0; i--) +// { +// _vec2.Add(_vec[i]); +// } + certs.Reverse(); + crls.Reverse(); + + certStore = X509StoreFactory.Create("Certificate/Collection", + new X509CollectionStoreParameters(certs)); + crlStore = X509StoreFactory.Create("CRL/Collection", + new X509CollectionStoreParameters(crls)); + } + + private void Test(string _name, string[] _data, bool _accept, + bool _debug) + { + Test(_name, _data, null, false, _accept, _debug); + } + + private void Test(string _name, string[] _data, bool _explicit, + bool _accept, bool _debug) + { + Test(_name, _data, null, _explicit, _accept, _debug); + } + + private void Test(string _name, string[] _data, ISet _ipolset, + bool _explicit, bool _accept, bool _debug) + { + testCount++; + bool _pass = true; + + try + { +// CertPathBuilder _cpb = CertPathBuilder.GetInstance("PKIX"); + PkixCertPathBuilder _cpb = new PkixCertPathBuilder(); + + X509Certificate _ee = DecodeCertificate(_data[_data.Length - 1]); + X509CertStoreSelector _select = new X509CertStoreSelector(); + _select.Subject = _ee.SubjectDN; + + IX509Store certStore, crlStore; + MakeCertStore(_data, out certStore, out crlStore); + + PkixBuilderParameters _param = new PkixBuilderParameters( + trustedSet, _select); + _param.IsExplicitPolicyRequired = _explicit; + _param.AddStore(certStore); + _param.AddStore(crlStore); + _param.IsRevocationEnabled = true; + + if (_ipolset != null) + { + _param.SetInitialPolicies(_ipolset); + } + + PkixCertPathBuilderResult _result = _cpb.Build(_param); + + if (!_accept) + { + _pass = false; + testFail.Add(_name); + } + } + catch (Exception) + { + if (_accept) + { + _pass = false; + testFail.Add(_name); + } + } + + resultBuf.Append("NISTCertPathTest -- ").Append(_name).Append(": ") + .Append(_pass ? "\n" : "Failed.\n"); + } + + /* + * Trust Anchor + * + */ + public const string Trust_Anchor_CP_01_01_crt = + "MIICbDCCAdWgAwIBAgIDAYafMA0GCSqGSIb3DQEBBQUAMF4xCzAJBgNVBAYTAlVTMRgwFg" + + "YDVQQKEw9VLlMuIEdvdmVybm1lbnQxDDAKBgNVBAsTA0RvRDEQMA4GA1UECxMHVGVzdGlu" + + "ZzEVMBMGA1UEAxMMVHJ1c3QgQW5jaG9yMB4XDTk5MDEwMTEyMDEwMFoXDTQ4MDEwMTEyMD" + + "EwMFowXjELMAkGA1UEBhMCVVMxGDAWBgNVBAoTD1UuUy4gR292ZXJubWVudDEMMAoGA1UE" + + "CxMDRG9EMRAwDgYDVQQLEwdUZXN0aW5nMRUwEwYDVQQDEwxUcnVzdCBBbmNob3IwgZ8wDQ" + + "YJKoZIhvcNAQEBBQADgY0AMIGJAoGBANPzucEztz+nJ/ZBHVyceZ2q0pUQt4TO2qPlWAw+" + + "TotWvz6qIS1QE/7zGS56yxHP89O4X1efnZeArx2VVxLfNNS9865N53ymINQETtpjYT49Ko" + + "03z8U8yfn68DlIBHi9sN31JEYzoUafF58Eu883lAwTQ6qQrJF4HbrzGIQqgitHAgMBAAGj" + + "ODA2MBEGA1UdDgQKBAirmuv5wudUjzAMBgNVHRMEBTADAQH/MBMGA1UdIwQMMAqACKua6/" + + "nC51SPMA0GCSqGSIb3DQEBBQUAA4GBABZWD2Gsh4tP62QSG8OFWUpo4TulIcFZLpGsaP4T" + + "/2Nt7lXUoIJMN7wWjqkmYf5/Rvo4HxNcimq3EkeYcrm1VoDueJUYGvRjcCY5mxkghI27Yl" + + "/fLKE9/BvQOrvYzBs2EqKrrT7m4VK0dRMR7CeVpmPP08z0Tti6uK2tzBplp1pF"; + public const string Trust_Anchor_CRL_CP_01_01_crl = + "MIIBbzCB2QIBATANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS" + + "5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb0QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNV" + + "BAMTDFRydXN0IEFuY2hvchcNOTkwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMTAwWjAiMCACAS" + + "cXDTk5MDEwMTEyMDAwMFowDDAKBgNVHRUEAwoBAaAjMCEwCgYDVR0UBAMCAQEwEwYDVR0j" + + "BAwwCoAIq5rr+cLnVI8wDQYJKoZIhvcNAQEFBQADgYEAC7lqZwejJRW7QvzH11/7cYcL3r" + + "acgMxH3PSU/ufvyLk7ahR++RtHary/WeCvRdyznLiIOA8ZBiguWtVPqsNysNn7WLofQIVa" + + "+/TD3T+lece4e1NwGQvj5Q+e2wRtGXg+gCuTjTKUFfKRnWz7O7RyiJKKim0jtAF4RkCpLe" + + "bNChY="; + + + /* + * test1 + * + */ + + public const string End_Certificate_CP_01_01_crt = + "MIIChjCCAe+gAwIBAgIBATANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1" + + "UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb0QxEDAOBgNVBAsTB1Rlc3Rpbmcx" + + "FTATBgNVBAMTDFRydXN0IEFuY2hvcjAeFw05ODAxMDExMjAxMDBaFw00ODAxMDExMjAxMD" + + "BaMGAxCzAJBgNVBAYTAlVTMRgwFgYDVQQKEw9VLlMuIEdvdmVybm1lbnQxDDAKBgNVBAsT" + + "A0RvRDEQMA4GA1UECxMHVGVzdGluZzEXMBUGA1UEAxMOVXNlcjEtQ1AuMDEuMDEwgZ8wDQ" + + "YJKoZIhvcNAQEBBQADgY0AMIGJAoGBAMY07G8M4FkOvF+6LpO7BKcDuXCKudfl1+bKSowj" + + "2GCza8uIiMfYSH5k+fYb43lGQeRh9yVHcfNQlE7yfGo3tgxGv5yWpeKvDMqL8Iy6Q0oIjm" + + "qH80ZOz21dUkermcckzTEOfe/R2fNpJPv8M24pq29SdYAqu+CpLDHFtws9O+q1AgMBAAGj" + + "UjBQMA4GA1UdDwEB/wQEAwIF4DAWBgNVHSAEDzANMAsGCWCGSAFlAwEwATARBgNVHQ4ECg" + + "QIrNv88bwFLtIwEwYDVR0jBAwwCoAIq5rr+cLnVI8wDQYJKoZIhvcNAQEFBQADgYEAK4hP" + + "goWtZbHf6qWfRfmrPrz9hDH1644NrJop2Y7MXzuTtpo1zp4NCG4+ii0CSOfvhugc8yOmq3" + + "I6olgE0V16VtC5br2892UHYZ55Q4oQ9BWouVVlOyY9rogOB160BnsqBELFhT0Wf6mnbsdD" + + "G+BB5fFyeK61aYDWV84kS7cSX5w="; + public readonly string[] TEST_1_DATA = new string[] + { + End_Certificate_CP_01_01_crt, + }; + + /* + * test2 + * + */ + public const string Intermediate_Certificate_CP_01_02_crt = + "MIIClTCCAf6gAwIBAgIBAjANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1" + + "UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb0QxEDAOBgNVBAsTB1Rlc3Rpbmcx" + + "FTATBgNVBAMTDFRydXN0IEFuY2hvcjAeFw05ODAxMDExMjAxMDBaFw00ODAxMDExMjAxMD" + + "BaMF4xCzAJBgNVBAYTAlVTMRgwFgYDVQQKEw9VLlMuIEdvdmVybm1lbnQxDDAKBgNVBAsT" + + "A0RvZDEQMA4GA1UECxMHVGVzdGluZzEVMBMGA1UEAxMMQ0ExLUNQLjAxLjAyMIGfMA0GCS" + + "qGSIb3DQEBAQUAA4GNADCBiQKBgQDWOZ4hk+K6NX/l+OiHC4pfKCWFt+XM2n/TxwkqY+mt" + + "j9Co77rPPPtVA7mDKU4OiYT74mIWH52HQBZr+PRmOFh0Z9S1oTpLbxNLCDc6OmQKBo6iex" + + "SIt/jOatFFmzmTZ78Kq9s3nfrOVA83ggmPDTPkuG5GwcxPgFq0vRmAJ0CESQIDAQABo2Mw" + + "YTAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBBjAWBgNVHSAEDzANMAsGCWCGSA" + + "FlAwEwATARBgNVHQ4ECgQI5o5Am09NlOYwEwYDVR0jBAwwCoAIq5rr+cLnVI8wDQYJKoZI" + + "hvcNAQEFBQADgYEA3C7Ye5/Te14LIwo/LK2fnpobbQA3dhOn5UgqZ8lKbQ/HV1D8/eU9dK" + + "2v5gW43XvFq4whK0WKLBvBFchKtp9T1QX3CI2WCqdJRyqla6TkQsS36T17/ww2nzy1853Y" + + "hfDYNsge5XW8YZNfNjjVxcR3RnyFxPax1YIlISiGdI0dnag="; + public const string Intermediate_CRL_CP_01_02_crl = + "MIIBSzCBtQIBATANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS" + + "5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNV" + + "BAMTDENBMS1DUC4wMS4wMhcNOTkwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMTAwWqAjMCEwCg" + + "YDVR0UBAMCAQEwEwYDVR0jBAwwCoAI5o5Am09NlOYwDQYJKoZIhvcNAQEFBQADgYEAl26W" + + "g1Gqq3R93XPjghABVocfeIi8zcSJ0YAKqbifh5V3JCC8Piy19GzZdL244GqBDls44IAhKj" + + "YuXN2mSohdqwULbye4agAgfl37XhhwsBDTYwaJiv3njFQ6Ml7KJ3STmoIpmlLvrXibDuHX" + + "ocuNGo72ckhOdBpXd+PhgGuoTis="; + public const string End_Certificate_CP_01_02_crt = + "MIIChjCCAe+gAwIBAgIBAzANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1" + + "UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3Rpbmcx" + + "FTATBgNVBAMTDENBMS1DUC4wMS4wMjAeFw05ODAxMDExMjAxMDBaFw00ODAxMDExMjAxMD" + + "BaMGAxCzAJBgNVBAYTAlVTMRgwFgYDVQQKEw9VLlMuIEdvdmVybm1lbnQxDDAKBgNVBAsT" + + "A0RvRDEQMA4GA1UECxMHVGVzdGluZzEXMBUGA1UEAxMOVXNlcjEtQ1AuMDEuMDIwgZ8wDQ" + + "YJKoZIhvcNAQEBBQADgY0AMIGJAoGBALwJrZT6bJXQnZzc3socZ/mNsEag4BTdym99ZCP2" + + "3PGsTCfV2z7+p4DehIFrn/N/a1d1nvyqRqpQGPU86tl1CWgFtXS+zCctDR71P76bjd6yef" + + "5vxxdO/SBIRHfQTjM8F3BTLkrC+PVl5wbaLcEXRORXrFvBvsj0oqwZ4C8ZObh/AgMBAAGj" + + "UjBQMA4GA1UdDwEB/wQEAwIF4DAWBgNVHSAEDzANMAsGCWCGSAFlAwEwATARBgNVHQ4ECg" + + "QIf5mSjuNhs/gwEwYDVR0jBAwwCoAI5o5Am09NlOYwDQYJKoZIhvcNAQEFBQADgYEAK7wd" + + "MyLlIZ/Qsqj3/A3Gat0d5BORtFTZH0VdlVVOWN1JCZxrnjeIFB92NNzUROemxgBxzneuWN" + + "SlYlcpTk25pAbs6RMdbT8dovKQkQkF2TXeQ+4qktFaLQntVT8UsEzHR4Diw0/gH8tseGqF" + + "F7FyiW8ni6zInSO+embUKiibj9I="; + public readonly string[] TEST_2_DATA = new string[] + { + Intermediate_Certificate_CP_01_02_crt, + Intermediate_CRL_CP_01_02_crl, + End_Certificate_CP_01_02_crt + }; + + /* + * test3 + * + */ + public const string Intermediate_Certificate_CP_01_03_crt = + "MIIClTCCAf6gAwIBAgIBBDANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1" + + "UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb0QxEDAOBgNVBAsTB1Rlc3Rpbmcx" + + "FTATBgNVBAMTDFRydXN0IEFuY2hvcjAeFw05ODAxMDExMjAxMDBaFw00ODAxMDExMjAxMD" + + "BaMF4xCzAJBgNVBAYTAlVTMRgwFgYDVQQKEw9VLlMuIEdvdmVybm1lbnQxDDAKBgNVBAsT" + + "A0RvZDEQMA4GA1UECxMHVGVzdGluZzEVMBMGA1UEAxMMQ0ExLUNQLjAxLjAzMIGfMA0GCS" + + "qGSIb3DQEBAQUAA4GNADCBiQKBgQC4RZ0R82sA+BfyynFeoIDG7c5IlZ8HorEv+O4Ij3Oy" + + "7FR1MB4no8hDEBPBf5fCrAR/8PVxCZjVj2HOwnSAqUQgxo6WPcmkabux12k8kK6yeKq3b7" + + "u5fL6tb7eKElQzsz8Je4z4rCDkI10vV+X0VZ5Ip/Es428dw2KoN8eyGmw3+QIDAQABo2Mw" + + "YTAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBBjAWBgNVHSAEDzANMAsGCWCGSA" + + "FlAwEwATARBgNVHQ4ECgQIz08WhMpG2JswEwYDVR0jBAwwCoAIq5rr+cLnVI8wDQYJKoZI" + + "hvcNAQEFBQADgYEAQ+iqlFvbvDejO/m+RCHh2UuUau1FuABObkPOu2Tv9yTWvTSWDRygdO" + + "LQRiOLsjgrdXPdbDutVGjllBoTN8cdz3SWjCpampg5TBikArxmNEYMDQvL6n2lkUcetRJR" + + "gQ7TYLvFj9+SycKXfM5CUXAyCfcU/QwDghhZgc99AuDZtJc="; + public const string Intermediate_CRL_CP_01_03_crl = + "MIIBSzCBtQIBATANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS" + + "5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNV" + + "BAMTDENBMS1DUC4wMS4wMxcNOTkwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMTAwWqAjMCEwCg" + + "YDVR0UBAMCAQEwEwYDVR0jBAwwCoAIz08WhMpG2JswDQYJKoZIhvcNAQEFBQADgYEAoyO/" + + "xcpJ0Obj4rTXhHFd7XMzslt79njkEgdwnon9BaYB3xSmkEXCMwLMurrjVYKaB6SWAiPeUv" + + "G7ScDHJE6UFVJwIt4vP/M7gTOJ7uak33aWi9e5DeIuLqE6pFqTGu+uoBkkd82SHg2GhJhZ" + + "VXDtJ3UcO/3JQPbslc02s9HiRBg="; + public const string End_Certificate_CP_01_03_crt = + "MIIChjCCAe+gAwIBAgIBBTANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1" + + "UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3Rpbmcx" + + "FTATBgNVBAMTDENBMS1DUC4wMS4wMzAeFw05ODAxMDExMjAxMDBaFw00ODAxMDExMjAxMD" + + "BaMGAxCzAJBgNVBAYTAlVTMRgwFgYDVQQKEw9VLlMuIEdvdmVybm1lbnQxDDAKBgNVBAsT" + + "A0RvRDEQMA4GA1UECxMHVGVzdGluZzEXMBUGA1UEAxMOVXNlcjEtQ1AuMDEuMDMwgZ8wDQ" + + "YJKoZIhvcNAQEBBQADgY0AMIGJAoGBANAD1vQj//4BGEXW1Q7HX/AUyFJFyHoYcvg5y4u/" + + "8Sj6okriXj3knnBKDiJLpKfcsO5p5MQS5QzAc+lxErXD+duiw8lm61hj0StsRzhDFsaC1g" + + "akjzU70R2Tmz/djUnqO3aa2wICc4NVAXnIMMsH/b6XXFZpC0/C32TPTv9aa9mrAgMBAAGj" + + "UjBQMA4GA1UdDwEB/wQEAwIF4DAWBgNVHSAEDzANMAsGCWCGSAFlAwEwATARBgNVHQ4ECg" + + "QIPw2wltiRqz4wEwYDVR0jBAwwCoAIz08WhMpG2JswDQYJKoZIhvcNAQEFBQADgYEAln42" + + "iR3eHyazF8CRjS9Jnas/26MaBtjUyDtcSjTVDWFlccwrQ7TgtzjkNm9fCmgSyvryDnUYGM" + + "DoEjwYNLIgtCAkVIEBTmJvlqiPHH+tV5oJvIav+Fn8okHpuuK44umDcdKiFWlOyxrShxzV" + + "3Bez/eHklaPTw/VsVhyh+Uru5zM="; + public readonly string[] TEST_3_DATA = new string[] + { + Intermediate_Certificate_CP_01_03_crt, + Intermediate_CRL_CP_01_03_crl, + End_Certificate_CP_01_03_crt + }; + + /* + * test4 + * + */ + public const string Intermediate_Certificate_1_CP_02_01_crt = + "MIIClTCCAf6gAwIBAgIBBjANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1" + + "UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb0QxEDAOBgNVBAsTB1Rlc3Rpbmcx" + + "FTATBgNVBAMTDFRydXN0IEFuY2hvcjAeFw05OTAxMDExMjAxMDBaFw00ODAxMDExMjAxMD" + + "BaMF4xCzAJBgNVBAYTAlVTMRgwFgYDVQQKEw9VLlMuIEdvdmVybm1lbnQxDDAKBgNVBAsT" + + "A0RvZDEQMA4GA1UECxMHVGVzdGluZzEVMBMGA1UEAxMMQ0ExLUNQLjAyLjAxMIGfMA0GCS" + + "qGSIb3DQEBAQUAA4GNADCBiQKBgQC/lQLtWKzklgYuzhjMiK2CzFmzODsEY/JIVNdn9T8M" + + "W4ufpGwnfIV62EUHCFeMYydKBm8Hyjbjrz1otINJmrGL5WSAX1/UPtHy1chgXOsFYD6nAH" + + "jZAJJGw74nUbKw5+L1wUHU8qXABaaTrRpS1UdKSq4TCZ18NCjC4Oxcf/yDdQIDAQABo2Mw" + + "YTAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBBjAWBgNVHSAEDzANMAsGCWCGSA" + + "FlAwEwATARBgNVHQ4ECgQINsJcxaBqdugwEwYDVR0jBAwwCoAIq5rr+cLnVI8wDQYJKoZI" + + "hvcNAQEFBQADgYEAOQP3iUX7FtJlL9nvu4F+8o/N5vr+OB28OsbYtW+Q1FzEfjkUGtT9Ri" + + "teradpN/xUnS/oj3BfqFtNANkYKrBeqRtm2VeOC3kdCVFnWFME2aoRAQZbWvOwCFc3yLA7" + + "JBdENtDNI54yYHMHPA4/2CuNQq1Iu1ektAS95DIe7ddxL18="; + public const string Intermediate_Certificate_2_CP_02_01_crt = + "MIIClTCCAf6gAwIBAgIBBzANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1" + + "UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3Rpbmcx" + + "FTATBgNVBAMTDENBMS1DUC4wMi4wMTAeFw05OTAxMDExMjAxMDBaFw00ODAxMDExMjAxMD" + + "BaMF4xCzAJBgNVBAYTAlVTMRgwFgYDVQQKEw9VLlMuIEdvdmVybm1lbnQxDDAKBgNVBAsT" + + "A0RvZDEQMA4GA1UECxMHVGVzdGluZzEVMBMGA1UEAxMMQ0EyLUNQLjAyLjAxMIGfMA0GCS" + + "qGSIb3DQEBAQUAA4GNADCBiQKBgQCx/mIo1Ma/IN8OR7KOjclvIwsv0JFXD/T258DruDZU" + + "uGoYiEbAc/ZN7R8OHI7dnv9pBfsvyEl7m2DVoLZnP0eXJTHjdZxb1TwPHoSIysi9u3xWlP" + + "Rg+v+GGfKLB9pL0m8SZh97SngerZI14w7vQy0kkXziGatSpBoXtWNmsHJNuQIDAQABo2Mw" + + "YTAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBBjAWBgNVHSAEDzANMAsGCWCGSA" + + "FlAwEwATARBgNVHQ4ECgQIoI0mSmDmzZUwEwYDVR0jBAwwCoAINsJcxaBqdugwDQYJKoZI" + + "hvcNAQEFBQADgYEAcfs1pH12Qwdhv4NOJO2xxgMZZo8+A9Zl9c7RxsvuoZOOyCxoE9wT/l" + + "PdUpGoGxtIPoWQs1qXEXnAlXJCXjLCJUHIG1/E6gQUXW0Ty6Ztpc5Dz06pPTN2gt+41B3J" + + "sL/Klqc4iyCaWr8sYgEPQ8nColWRmIwk9gAasPNkNhyxA3Y="; + public const string Intermediate_CRL_1_CP_02_01_crl = + "MIIBSzCBtQIBATANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS" + + "5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNV" + + "BAMTDENBMS1DUC4wMi4wMRcNOTkwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMTAwWqAjMCEwCg" + + "YDVR0UBAMCAQEwEwYDVR0jBAwwCoAINsJcxaBqdugwDQYJKoZIhvcNAQEFBQADgYEAlBaV" + + "VfrZqvyRhGXNYFik169nBHiNfKpw8k1YgFAQeNYdmfScq1KHmKzDhsx9kQteczBL7ltviK" + + "TN3CKlZW82c16mfd4yYx0l5tkU80lwKCHSUzx92+qrvYjSMup+bqSsi8JhqByBf6b0JbKf" + + "yx53Vpw1OCzjxrVHcfHPx8Q/vR4="; + public const string Intermediate_CRL_2_CP_02_01_crl = + "MIIBSzCBtQIBATANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS" + + "5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNV" + + "BAMTDENBMi1DUC4wMi4wMRcNOTkwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMTAwWqAjMCEwCg" + + "YDVR0UBAMCAQEwEwYDVR0jBAwwCoAIoI0mSmDmzZUwDQYJKoZIhvcNAQEFBQADgYEAhAHP" + + "QxpcrTTN0GXeOwoMXuQUoHMvezEpM0BYOVLzI3KbRXWa9iWZINr99cRQvonMtOGkhIH3iS" + + "wSNbsjmF9HX5UvNzrofOWataVP+macpCuNlK0NS3xxJjKRWOB9C1Ib7tiSSrQqIPcchlF6" + + "vofy2ALEL6Usa1UTVYMhzGYnVZU="; + public const string End_Certificate_CP_02_01_crt = + "MIIChjCCAe+gAwIBAgIBCDANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1" + + "UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3Rpbmcx" + + "FTATBgNVBAMTDENBMi1DUC4wMi4wMTAeFw05OTAxMDExMjAxMDBaFw00ODAxMDExMjAxMD" + + "BaMGAxCzAJBgNVBAYTAlVTMRgwFgYDVQQKEw9VLlMuIEdvdmVybm1lbnQxDDAKBgNVBAsT" + + "A0RvRDEQMA4GA1UECxMHVGVzdGluZzEXMBUGA1UEAxMOVXNlcjEtQ1AuMDIuMDEwgZ8wDQ" + + "YJKoZIhvcNAQEBBQADgY0AMIGJAoGBAOzYq2murB5ZjQd4wReI51Lc1F5VwK90OMGRfi71" + + "YvwdRjgCudeDXZGW5ayid82y+eTDKFSzo1Li/BPTUXMpeqHHMCmLeefqxAWmz3aDoilF8I" + + "Q53PlejnXJdntsal44w6WdP6ssiXlwzcZDnobAfuDTPgsnWWfzAkr1/LqEw/QZAgMBAAGj" + + "UjBQMA4GA1UdDwEB/wQEAwIF4DAWBgNVHSAEDzANMAsGCWCGSAFlAwEwATARBgNVHQ4ECg" + + "QIP5tVdEyxotcwEwYDVR0jBAwwCoAIoI0mSmDmzZUwDQYJKoZIhvcNAQEFBQADgYEAkVx9" + + "S/20Hir8qMnfMpMGTgMKoVeWoljxim83IkNs1Xqe1oLGHdyDUA66uF8wPkoTqGrfDYvgBa" + + "5Mi0iJREnMWoiWvCe467+L1b2gtvRBMl9bcRj40bvelk0Wn4lBl3VuKXarP5M0PKT5OWvN" + + "2cPLNeXHvV6ZIrC4rmK2ISpIXX4="; + public readonly string[] TEST_4_DATA = new string[] + { + Intermediate_Certificate_1_CP_02_01_crt, + Intermediate_Certificate_2_CP_02_01_crt, + Intermediate_CRL_1_CP_02_01_crl, + Intermediate_CRL_2_CP_02_01_crl, + End_Certificate_CP_02_01_crt + }; + + /* + * test5 + * + */ + public const string Intermediate_Certificate_CP_02_02_crt = + "MIIClTCCAf6gAwIBAgIBCTANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1" + + "UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb0QxEDAOBgNVBAsTB1Rlc3Rpbmcx" + + "FTATBgNVBAMTDFRydXN0IEFuY2hvcjAeFw00NzAxMDExMjAxMDBaFw00ODAxMDExMjAxMD" + + "BaMF4xCzAJBgNVBAYTAlVTMRgwFgYDVQQKEw9VLlMuIEdvdmVybm1lbnQxDDAKBgNVBAsT" + + "A0RvZDEQMA4GA1UECxMHVGVzdGluZzEVMBMGA1UEAxMMQ0ExLUNQLjAyLjAyMIGfMA0GCS" + + "qGSIb3DQEBAQUAA4GNADCBiQKBgQDHJmlRKb+mjc61iiqGe9gx/VUMLNmGrXGRYKMmYSxO" + + "Q5sGLoztd2XtEgtZEPwvzd9KLKGP3XmgTrc4BGohqoFoG9Qb+w2ZGFwVC22GpeSoXc+J2u" + + "2t3uRKYgboHpB0Jk42XLy+2wSEtS+/er7cFu2ufdPsvT4J1AqiuZSco96vtQIDAQABo2Mw" + + "YTAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBBjAWBgNVHSAEDzANMAsGCWCGSA" + + "FlAwEwATARBgNVHQ4ECgQIBvoP1E6PGiMwEwYDVR0jBAwwCoAIq5rr+cLnVI8wDQYJKoZI" + + "hvcNAQEFBQADgYEAmOyFq2vZrUNDVWRcyzYvZhs1uQ4zgXtfqnPE0V19RgaYffCrSCI86z" + + "5kyDUyZwbGABMxBaVxEw536MesyDTdZdEVw6lN5RRtxr8/WEiSH6oI6t0xNxuNOkSNpz4d" + + "28HA4UfUvtXK8RK2YZnPAd6UXsRUPBPXKEpzy4v/9RyihSg="; + public const string Intermediate_CRL_CP_02_02_crl = + "MIIBSzCBtQIBATANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS" + + "5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNV" + + "BAMTDENBMS1DUC4wMi4wMhcNOTkwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMTAwWqAjMCEwCg" + + "YDVR0UBAMCAQEwEwYDVR0jBAwwCoAIBvoP1E6PGiMwDQYJKoZIhvcNAQEFBQADgYEAALlA" + + "f3IDWexcdkMQHWTdGeFe+bG5dBvVPL5ZyQUw9DWbLwrjw/Jm4v9t+HLjETLSymsFT4bW21" + + "OwnEiAAdaKT96k5t+sTyU5QQ6HL/jRXLHLGdCQgMFCglm5iNqaCLIFoMAVCaFkYtFUE3m/" + + "iVt+319JOh5UyshMuWrAEW0IGGQ="; + public const string End_Certificate_CP_02_02_crt = + "MIIChjCCAe+gAwIBAgIBCjANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1" + + "UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3Rpbmcx" + + "FTATBgNVBAMTDENBMS1DUC4wMi4wMjAeFw05ODAxMDExMjAxMDBaFw00ODAxMDExMjAxMD" + + "BaMGAxCzAJBgNVBAYTAlVTMRgwFgYDVQQKEw9VLlMuIEdvdmVybm1lbnQxDDAKBgNVBAsT" + + "A0RvRDEQMA4GA1UECxMHVGVzdGluZzEXMBUGA1UEAxMOVXNlcjEtQ1AuMDIuMDIwgZ8wDQ" + + "YJKoZIhvcNAQEBBQADgY0AMIGJAoGBAL/Src6e8qXwL+KJs5+v+JsakZdSDqMAFJUMfA2O" + + "OO2TIqcvDFHzqesX+G+28MUwy6++ux07CD3FCaapgzBN4zO4RfKcamxFReKMKcEvNVVCOO" + + "wO4Lvku1Sad14oYyGLOMzZwZFjRp8paaz5g87k70EOPBLeDlFMcch36czw53sLAgMBAAGj" + + "UjBQMA4GA1UdDwEB/wQEAwIF4DAWBgNVHSAEDzANMAsGCWCGSAFlAwEwATARBgNVHQ4ECg" + + "QIPoHc2Sfk6XUwEwYDVR0jBAwwCoAIBvoP1E6PGiMwDQYJKoZIhvcNAQEFBQADgYEAFHhm" + + "o6QRFdO1x1wp7Jb1QQAlChFfP8MrGVNK04Ur8f+wfkwIypTDifJ0AoFpjcM3Ohu9Ixvb9q" + + "3kCSIWKDnWtDWw1/dN8mPL5If5gGqPA0+wRbUKVKvduOg7hKr4mWjKw7oYiaJuIIoN9RRZ" + + "ejzltd0NEaODNPW/JaKeQUVgZbY="; + public readonly string[] TEST_5_DATA = new string[] + { + Intermediate_Certificate_CP_02_02_crt, + Intermediate_CRL_CP_02_02_crl, + End_Certificate_CP_02_02_crt + }; + + /* + * test6 + * + */ + public const string Intermediate_Certificate_CP_02_03_crt = + "MIIClTCCAf6gAwIBAgIBCzANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1" + + "UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb0QxEDAOBgNVBAsTB1Rlc3Rpbmcx" + + "FTATBgNVBAMTDFRydXN0IEFuY2hvcjAeFw05ODAxMDExMjAxMDBaFw00ODAxMDExMjAxMD" + + "BaMF4xCzAJBgNVBAYTAlVTMRgwFgYDVQQKEw9VLlMuIEdvdmVybm1lbnQxDDAKBgNVBAsT" + + "A0RvZDEQMA4GA1UECxMHVGVzdGluZzEVMBMGA1UEAxMMQ0ExLUNQLjAyLjAzMIGfMA0GCS" + + "qGSIb3DQEBAQUAA4GNADCBiQKBgQCaJ7NcOvb22F6HjMF1R/AORa4+pKFfFfd9teXPpVWC" + + "9InTq+alY11QaSj27Qg0znOIItmf2W/8Dub9sjnbg+SgAkoV5+CAkplodRNC8AbD4x8rh/" + + "fioQ8lb0Qb4Dn9I0n2wjOgitmMRdE2uW4uwVpH52vsMyenbDVxVI7jA4NS/wIDAQABo2Mw" + + "YTAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBBjAWBgNVHSAEDzANMAsGCWCGSA" + + "FlAwEwATARBgNVHQ4ECgQIC2T+/BkG93AwEwYDVR0jBAwwCoAIq5rr+cLnVI8wDQYJKoZI" + + "hvcNAQEFBQADgYEApr6kDXVY5jYt23wC9n3LmhoxDoWh8cBQxcWmr1wpVxIrCbaP0/y00a" + + "29wbewKfucUoh/W2OfjNcohjpKRrnVmOpi5vN7SmbZIHaxbKLzyQ7JwF17aznyCSZVrGpF" + + "A/S49T5rlCm8KDBcc2ym7gRJzwUApbC0Wws4Pg46czrpQlg="; + public const string Intermediate_CRL_CP_02_03_crl = + "MIIBSzCBtQIBATANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS" + + "5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNV" + + "BAMTDENBMS1DUC4wMi4wMxcNOTkwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMTAwWqAjMCEwCg" + + "YDVR0UBAMCAQEwEwYDVR0jBAwwCoAIC2T+/BkG93AwDQYJKoZIhvcNAQEFBQADgYEAlBFY" + + "vPxhFYsjFOIfQkd7MwKIi7vgPgoWTP5f+QlI0ison5n4N3rYJv31hTZRRRP99JZce1hY6J" + + "Qiv1OtkpG7VfQIhr0FAGxTNaJD6F6rLbGjG8cap4+VibFQf5gZv0XQcyW4akYiRqSXImYn" + + "NVlNyaxiJja+5GA9XVqvWOjjz4o="; + public const string End_Certificate_CP_02_03_crt = + "MIIChjCCAe+gAwIBAgIBDDANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1" + + "UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3Rpbmcx" + + "FTATBgNVBAMTDENBMS1DUC4wMi4wMzAeFw00NzAxMDExMjAxMDBaFw00ODAxMDExMjAxMD" + + "BaMGAxCzAJBgNVBAYTAlVTMRgwFgYDVQQKEw9VLlMuIEdvdmVybm1lbnQxDDAKBgNVBAsT" + + "A0RvRDEQMA4GA1UECxMHVGVzdGluZzEXMBUGA1UEAxMOVXNlcjEtQ1AuMDIuMDMwgZ8wDQ" + + "YJKoZIhvcNAQEBBQADgY0AMIGJAoGBAMlW6FOLwhRsKZM6p0ww4QEWjQzjpjYhKnz3BnLw" + + "SdGZqMe4wzZnDWc/0eyDOMCSYXIWQhlDMqQn2zCVPbDKzMRkdEeRSvE6ghhYP/hn3ipjSw" + + "D8QwaqofCp0sFkbDPke+xD2tMhLdUyNKynPjpSQmYtfoA98PD7so3cSAtrYuSDAgMBAAGj" + + "UjBQMA4GA1UdDwEB/wQEAwIF4DAWBgNVHSAEDzANMAsGCWCGSAFlAwEwATARBgNVHQ4ECg" + + "QIc/X6kp7teCQwEwYDVR0jBAwwCoAIC2T+/BkG93AwDQYJKoZIhvcNAQEFBQADgYEAStub" + + "g3DzhJgzYO+ZmRc0acldZGwZFm6F1Ckc1JzQDgVHU0bnCANgBcJj49UV2MwbNKPQdVzdwo" + + "c91rfwrSY/PrvVQ9tUonZ28y/esFRBAdJTLf4u++p/gI3vfCvEXa5xVTIz1Hc+iKzAGKrI" + + "cveDHy3ZZluQ3J6tbHs2BhnQFXM="; + public readonly string[] TEST_6_DATA = new string[] + { + Intermediate_Certificate_CP_02_03_crt, + Intermediate_CRL_CP_02_03_crl, + End_Certificate_CP_02_03_crt + }; + + /* + * test7 + * + */ + public const string Intermediate_Certificate_CP_02_04_crt = + "MIIClTCCAf6gAwIBAgIBDTANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1" + + "UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb0QxEDAOBgNVBAsTB1Rlc3Rpbmcx" + + "FTATBgNVBAMTDFRydXN0IEFuY2hvcjAeFw05ODAxMDExMjAxMDBaFw00ODAxMDExMjAxMD" + + "BaMF4xCzAJBgNVBAYTAlVTMRgwFgYDVQQKEw9VLlMuIEdvdmVybm1lbnQxDDAKBgNVBAsT" + + "A0RvZDEQMA4GA1UECxMHVGVzdGluZzEVMBMGA1UEAxMMQ0ExLUNQLjAyLjA0MIGfMA0GCS" + + "qGSIb3DQEBAQUAA4GNADCBiQKBgQDgZy2Xs5pIoJrT7GuagmKLrn8F9rj8p8w2wELorGhM" + + "1HJMVOurH+o+y6RXd0oMGJkKNrhjEnbHKm3PBYiLgpCjVEcFNhQF1OOxJ7RdahvA9ifsuw" + + "jV1TxTGq35jeaJYASRXb2TiNfzuPWSVm0MWr5zz+YB6NNuvjxwEBgZvNiV8QIDAQABo2Mw" + + "YTAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBBjAWBgNVHSAEDzANMAsGCWCGSA" + + "FlAwEwATARBgNVHQ4ECgQIWAOnkHkwSVkwEwYDVR0jBAwwCoAIq5rr+cLnVI8wDQYJKoZI" + + "hvcNAQEFBQADgYEAMiHozz92EOhSXU/krwQVs0GNEWoAUH3LHt70Zr01dFzEF6QhA/wUa4" + + "+V4XwbMob+q4zGnTHj+tL9ChGWi3NDGELQ4cN64OMPsToGKkepLy+sDwdm9LaUP1bDvPxd" + + "v2hjlskJ7TEu4+6ltXSG/k36Jk8C0/I/ayNGbYcEcLyes3s="; + public const string Intermediate_CRL_CP_02_04_crl = + "MIIBSzCBtQIBATANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS" + + "5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNV" + + "BAMTDENBMS1DUC4wMi4wNBcNOTkwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMTAwWqAjMCEwCg" + + "YDVR0UBAMCAQEwEwYDVR0jBAwwCoAIWAOnkHkwSVkwDQYJKoZIhvcNAQEFBQADgYEAVtCi" + + "IocktnWOwWiaOc7tTUJvvH5+IYVyB/XhmMhF7cDbL292gyrnuh1+3+lHwZQBPoF9kzF0vt" + + "WaweG7mDvYKxENQODdph/VcnypgUiFTWRTIPB1ZXfCTMWYf2QSalpHRDR4vVsqF748QbcG" + + "E9mbzvLUz6NDA+Vf8wEwZehqSDM="; + public const string End_Certificate_CP_02_04_crt = + "MIIChjCCAe+gAwIBAgIBDjANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1" + + "UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3Rpbmcx" + + "FTATBgNVBAMTDENBMS1DUC4wMi4wNDAeFw01MDAxMDExMjAxMDBaFw00ODAxMDExMjAxMD" + + "BaMGAxCzAJBgNVBAYTAlVTMRgwFgYDVQQKEw9VLlMuIEdvdmVybm1lbnQxDDAKBgNVBAsT" + + "A0RvRDEQMA4GA1UECxMHVGVzdGluZzEXMBUGA1UEAxMOVXNlcjEtQ1AuMDIuMDQwgZ8wDQ" + + "YJKoZIhvcNAQEBBQADgY0AMIGJAoGBALBX5GIQtvwswWwMDDPnphIk1rJSbcq7iClXLM2E" + + "kgvBu+hbOzb0v9mtl0KJB71TWJCfwceVQiXc3Gk+YduujAbZRVTkROf9UOWD9bfrI7g+52" + + "g4ms2n7evCO33b+kGEf4I014xl8dJDWtHK9Bhr+569RW9TzO06IeVeTD7whxMXAgMBAAGj" + + "UjBQMA4GA1UdDwEB/wQEAwIF4DAWBgNVHSAEDzANMAsGCWCGSAFlAwEwATARBgNVHQ4ECg" + + "QIuKXv5WkUTWAwEwYDVR0jBAwwCoAIWAOnkHkwSVkwDQYJKoZIhvcNAQEFBQADgYEAiu0B" + + "yR5Ru8qVsgRqkOpCvrJnkqBAImbbR6+BUYH0juRxxKzKnbFOjU6a9WvkKpEBB8Q2xLynPN" + + "68ecLpnOynx3xj2sWWSVbsRKPy0iOesQblKrq3yHAm4lhzoWA8t1Xz29Ko1WxylDhyxGpR" + + "QAWsyGVCfJFlsZE0ibw3erlWTnA="; + public readonly string[] TEST_7_DATA = new string[] + { + Intermediate_Certificate_CP_02_04_crt, + Intermediate_CRL_CP_02_04_crl, + End_Certificate_CP_02_04_crt + }; + + /* + * test8 + * + */ + public const string Intermediate_Certificate_CP_02_05_crt = + "MIIClTCCAf6gAwIBAgIBDzANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1" + + "UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb0QxEDAOBgNVBAsTB1Rlc3Rpbmcx" + + "FTATBgNVBAMTDFRydXN0IEFuY2hvcjAeFw05ODAxMDExMjAxMDBaFw00ODAxMDExMjAxMD" + + "BaMF4xCzAJBgNVBAYTAlVTMRgwFgYDVQQKEw9VLlMuIEdvdmVybm1lbnQxDDAKBgNVBAsT" + + "A0RvZDEQMA4GA1UECxMHVGVzdGluZzEVMBMGA1UEAxMMQ0ExLUNQLjAyLjA1MIGfMA0GCS" + + "qGSIb3DQEBAQUAA4GNADCBiQKBgQC2d80bD1RounqjKizkZJYPFUuVWZQ8W2nZDkEp8qR9" + + "fRWCAGOZGs84tgHj5gasmxy1mxJc9ogyQ2mcZhJRitRm5LVNuGevO6JmfqYtJxbW54aZGE" + + "5AWSRXqjJKJEih4VmPjA3vjQaSZSZJnu0DSnO82qWfu1ZUDlvIG6dfKJWRQQIDAQABo2Mw" + + "YTAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBBjAWBgNVHSAEDzANMAsGCWCGSA" + + "FlAwEwATARBgNVHQ4ECgQI3uNhI+QuI4owEwYDVR0jBAwwCoAIq5rr+cLnVI8wDQYJKoZI" + + "hvcNAQEFBQADgYEAG/+Rpk8dYrSFdaEO8Ch5tuvvKTOMi7W/DRA4B4xR7WyRJmosPB+37c" + + "teGKVzqFND22Xc8xQH/b/nxYW08sCSLAfN0cRusoSWwWSRtPO2f9fyC/BqCy2B2kQLFNPM" + + "Bk22jNFwLqPUeZn1UHN05RFAqVx325kpl2m1V7tw/mrXATI="; + public const string Intermediate_CRL_CP_02_05_crl = + "MIIBSzCBtQIBATANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS" + + "5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNV" + + "BAMTDENBMS1DUC4wMi4wNRcNOTkwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMTAwWqAjMCEwCg" + + "YDVR0UBAMCAQEwEwYDVR0jBAwwCoAI3uNhI+QuI4owDQYJKoZIhvcNAQEFBQADgYEAWZUI" + + "2VGY4pak0kICONP/CKvamYFs5txJfR69AC5tEJ+Fy3PmSeHkLUZf/oc9d8EEyr0MsIjRHj" + + "N4X4MquMlk4FflZcc8GblQK8LdXBK4Dy1SiXHA5GB3U1AmgzAzEQGwGRZnzWP5+rJ65upX" + + "vksAYyPQmruRM0O5sElctPn6B+Y="; + public const string End_Certificate_CP_02_05_crt = + "MIICiDCCAfGgAwIBAgIBEDANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1" + + "UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3Rpbmcx" + + "FTATBgNVBAMTDENBMS1DUC4wMi4wNTAgGA8yMDUwMDEwMTEyMDEwMFoXDTQ4MDEwMTEyMD" + + "EwMFowYDELMAkGA1UEBhMCVVMxGDAWBgNVBAoTD1UuUy4gR292ZXJubWVudDEMMAoGA1UE" + + "CxMDRG9EMRAwDgYDVQQLEwdUZXN0aW5nMRcwFQYDVQQDEw5Vc2VyMS1DUC4wMi4wNTCBnz" + + "ANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAviLKpW4iblWNLQfmBJJ+ruMgygmjRWfoFGya" + + "Ndv2ma0Ugqm5xXq8c0orbnezwSp+tnzZZhG5KDNZr5+z3krCkqOGGzuUvVLqeJxPOLu7Js" + + "y472nAA7+FhwfZrXUI+Vg9F4qF+Ye81ivDrYVAEmalCpCyHOAKdvwkwQjRucifu90CAwEA" + + "AaNSMFAwDgYDVR0PAQH/BAQDAgXgMBYGA1UdIAQPMA0wCwYJYIZIAWUDATABMBEGA1UdDg" + + "QKBAjgph7BA5L7dzATBgNVHSMEDDAKgAje42Ej5C4jijANBgkqhkiG9w0BAQUFAAOBgQBr" + + "MDMv9NWCTIQ3blMEqPiEyjiBhSJl88Cu797P4lIn+gc6E+0vZp61X7B2k5CHgsnxyVLK5e" + + "bwl0bYAPKwRI9yzHLrj71RNw8HA7PCRPn1GNrtBBbIpLE0/sqLo51UPu/377+CnzYhIycL" + + "tvS0KDLUTDSY/OowDcplF6Xwnt8cUQ=="; + public readonly string[] TEST_8_DATA = new string[] + { + Intermediate_Certificate_CP_02_05_crt, + Intermediate_CRL_CP_02_05_crl, + End_Certificate_CP_02_05_crt + }; + + /* + * test9 + * + */ + public const string Intermediate_Certificate_CP_03_01_crt = + "MIIClTCCAf6gAwIBAgIBETANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1" + + "UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb0QxEDAOBgNVBAsTB1Rlc3Rpbmcx" + + "FTATBgNVBAMTDFRydXN0IEFuY2hvcjAeFw05ODAxMDExMjAxMDBaFw0wMDAxMDExMjAxMD" + + "BaMF4xCzAJBgNVBAYTAlVTMRgwFgYDVQQKEw9VLlMuIEdvdmVybm1lbnQxDDAKBgNVBAsT" + + "A0RvZDEQMA4GA1UECxMHVGVzdGluZzEVMBMGA1UEAxMMQ0ExLUNQLjAzLjAxMIGfMA0GCS" + + "qGSIb3DQEBAQUAA4GNADCBiQKBgQCuF8mub5cgUYZytrRjJ5Rhc2fgazGxWIj6EIKzeSpo" + + "FwScItRX9KxnTIXEBTguBk7eQUsbN8yu49/Mlq45EAnemyZRBWzLFLYLPCco7pyTsWm7Ps" + + "2FAGJ3vE9pC9xaZC+KrwF3Ho+DZNDwhj5InXTP8pChAIPfB8/7V/2mk0lN0wIDAQABo2Mw" + + "YTAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBBjAWBgNVHSAEDzANMAsGCWCGSA" + + "FlAwEwATARBgNVHQ4ECgQI4mI6Ojs0onswEwYDVR0jBAwwCoAIq5rr+cLnVI8wDQYJKoZI" + + "hvcNAQEFBQADgYEAMVGzU6f4YOHpHla+YuGCjHOUZYrA9J25G3UFFoPr2JZEG+Fb5hRQUh" + + "4S1qUQKXn6dpVua+qTJDk3Tg2N8OdIHG/gy0hvYHsxhLCSDQBsfPN7p3FClM7r/VHOqgAN" + + "vzT+KYvxx6gwn6O+n7ERkrBIfkyrGFhnmjx3+VOCc9P4SDE="; + public const string Intermediate_CRL_CP_03_01_crl = + "MIIBSzCBtQIBATANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS" + + "5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNV" + + "BAMTDENBMS1DUC4wMy4wMRcNOTkwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMTAwWqAjMCEwCg" + + "YDVR0UBAMCAQEwEwYDVR0jBAwwCoAI4mI6Ojs0onswDQYJKoZIhvcNAQEFBQADgYEAfwYf" + + "4kAG4srB2VxWimJs1HwXTaPDooellQclZ5hP/EluT7oe03+ReFef6uXbHt/xRdeaoQhJGy" + + "SP8dWf6UIbL82oaSYqChIvAZD6zTMavEgSET0PlUsK1aEMTpMEtKPvedFSOTNBaMNvMzSW" + + "t5xwurn63qyXTOxHf4m2L4w8+i0="; + public const string End_Certificate_CP_03_01_crt = + "MIIChjCCAe+gAwIBAgIBEjANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1" + + "UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3Rpbmcx" + + "FTATBgNVBAMTDENBMS1DUC4wMy4wMTAeFw05ODAxMDExMjAxMDBaFw00ODAxMDExMjAxMD" + + "BaMGAxCzAJBgNVBAYTAlVTMRgwFgYDVQQKEw9VLlMuIEdvdmVybm1lbnQxDDAKBgNVBAsT" + + "A0RvRDEQMA4GA1UECxMHVGVzdGluZzEXMBUGA1UEAxMOVXNlcjEtQ1AuMDMuMDEwgZ8wDQ" + + "YJKoZIhvcNAQEBBQADgY0AMIGJAoGBAJ/ALaZ+MdNxKDH49+7jUm+17DII5QQEfjk8IaEU" + + "syApOhsByOG06HPItiBEnnfDDxU5kjsZDtw/9LlouBocNXAJt+ZmL3QYyOgeH4SQ4f21rw" + + "7j8fw57gUkP5oWhEc0loXr/hB92hoKbsBoRpv8F1zPZcPNLUnyUzqLH5+CeIibAgMBAAGj" + + "UjBQMA4GA1UdDwEB/wQEAwIF4DAWBgNVHSAEDzANMAsGCWCGSAFlAwEwATARBgNVHQ4ECg" + + "QI822isg/wPCowEwYDVR0jBAwwCoAI4mI6Ojs0onswDQYJKoZIhvcNAQEFBQADgYEAilIn" + + "OD0iQrLrHRkO4zr9S9VXAJXJV3l9wfbLBweXM3q/zt4HGKBw4Wq1Yn+AfDxXrBtJA5hP5e" + + "d7CDd4eM93yeKozdZCLNZfUM8sJ2/MRh07tvwJ19e2STklED8b/ndmr5my8H8jjJDaaYww" + + "qTSnXqpcqsUsj+kV4Mk0DvVWT3w="; + public readonly string[] TEST_9_DATA = new string[] + { + Intermediate_Certificate_CP_03_01_crt, + Intermediate_CRL_CP_03_01_crl, + End_Certificate_CP_03_01_crt + }; + + /* + * test10 + * + */ + public const string Intermediate_Certificate_CP_03_02_crt = + "MIIClTCCAf6gAwIBAgIBEzANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1" + + "UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb0QxEDAOBgNVBAsTB1Rlc3Rpbmcx" + + "FTATBgNVBAMTDFRydXN0IEFuY2hvcjAeFw05ODAxMDExMjAxMDBaFw00ODAxMDExMjAxMD" + + "BaMF4xCzAJBgNVBAYTAlVTMRgwFgYDVQQKEw9VLlMuIEdvdmVybm1lbnQxDDAKBgNVBAsT" + + "A0RvZDEQMA4GA1UECxMHVGVzdGluZzEVMBMGA1UEAxMMQ0ExLUNQLjAzLjAyMIGfMA0GCS" + + "qGSIb3DQEBAQUAA4GNADCBiQKBgQC4AbP8gDUUcIa8w4pEsGgbYH2sz08QMUXd4xwx691i" + + "9QCcyWSovQO4Jozeb9JwtyN2+f3T+JqZL/gwUHuLO2IEXpzE2C8FzQg6Ma+TiSrlvGJfec" + + "TlSooFmEtD3Xh6I6N5PM1fpyyY2sOOhARN5S6qR9BOuxkBAqrAT0fgqD2TswIDAQABo2Mw" + + "YTAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBBjAWBgNVHSAEDzANMAsGCWCGSA" + + "FlAwEwATARBgNVHQ4ECgQI97nJCqq6+kIwEwYDVR0jBAwwCoAIq5rr+cLnVI8wDQYJKoZI" + + "hvcNAQEFBQADgYEAWwpfh9oOOvj9xHS0zcczaUIHTkpjgk09I+pERlu0Z0+rHvpZGge4Ov" + + "NDFtMc4TgthGcydbIwiKogjtGBM2/sNHIO2jcpNeOtNKLxrzD4Y0Ve164kXBu9Mmsxx4sG" + + "7XUXZWgiOPfu/HmyPVdzbIReJdQO515SNx7JdgVyUkyhBxM="; + public const string Intermediate_CRL_CP_03_02_crl = + "MIIBSzCBtQIBATANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS" + + "5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNV" + + "BAMTDENBMS1DUC4wMy4wMhcNOTkwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMTAwWqAjMCEwCg" + + "YDVR0UBAMCAQEwEwYDVR0jBAwwCoAI97nJCqq6+kIwDQYJKoZIhvcNAQEFBQADgYEAC9Hv" + + "NevV6/Oz3wcgEbDgZYRKJRdr4OW4Es7R4ahjz3sH6GXZ1HiEjx2+frmp8LMshQ4D+hpjRk" + + "drSPko1M4a/fQCYxbonZ0xjpYw067dwLmr56+GPJAxkzcSmFKXx+ejyQpG+9+qCR+zm98V" + + "lop6besAaGUjZKnYShIQOfNzDZk="; + public const string End_Certificate_CP_03_02_crt = + "MIIChjCCAe+gAwIBAgIBFDANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1" + + "UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3Rpbmcx" + + "FTATBgNVBAMTDENBMS1DUC4wMy4wMjAeFw05ODAxMDExMjAxMDBaFw0wMDAxMDExMjAxMD" + + "BaMGAxCzAJBgNVBAYTAlVTMRgwFgYDVQQKEw9VLlMuIEdvdmVybm1lbnQxDDAKBgNVBAsT" + + "A0RvRDEQMA4GA1UECxMHVGVzdGluZzEXMBUGA1UEAxMOVXNlcjEtQ1AuMDMuMDIwgZ8wDQ" + + "YJKoZIhvcNAQEBBQADgY0AMIGJAoGBAMJMiW+G4bgoRaYz2OUu/+PQ/yp4JgFOB3Vegf5/" + + "vIrF4gsnoQxOCCsO5JTLrbS5fi3COjvM5w9/SZpNHtSfyWb9afmx4DdrT1bNjma7I6PCid" + + "yxMzX4iTLeaMRnqBk4A+/0Wf2+4VzCqr8aViIiQ7u2JfZiTQ4dZxDoUW6G8lrbAgMBAAGj" + + "UjBQMA4GA1UdDwEB/wQEAwIF4DAWBgNVHSAEDzANMAsGCWCGSAFlAwEwATARBgNVHQ4ECg" + + "QIEjny2GzFXGQwEwYDVR0jBAwwCoAI97nJCqq6+kIwDQYJKoZIhvcNAQEFBQADgYEAJw3T" + + "3aL3pYbZhswgshOvJ9Y1qv65R6rClSxB5lqBw6+Qki4ZpW57NK8LwaGS03XzDUPaDi4/9R" + + "hGCHpP24fIskS4n4jNZgKpGtt6VEVorUH7cOLNCw2cuwMlKbkyZnNdx2JqTMMlHzNJ3cmy" + + "aX3F70IY0OZbwCKdUo/uMVC6hss="; + public readonly string[] TEST_10_DATA = new string[] + { + Intermediate_Certificate_CP_03_02_crt, + Intermediate_CRL_CP_03_02_crl, + End_Certificate_CP_03_02_crt + }; + + /* + * test11 + * + */ + public const string Intermediate_Certificate_CP_03_03_crt = + "MIIClTCCAf6gAwIBAgIBFTANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1" + + "UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb0QxEDAOBgNVBAsTB1Rlc3Rpbmcx" + + "FTATBgNVBAMTDFRydXN0IEFuY2hvcjAeFw05ODAxMDExMjAxMDBaFw00ODAxMDExMjAxMD" + + "BaMF4xCzAJBgNVBAYTAlVTMRgwFgYDVQQKEw9VLlMuIEdvdmVybm1lbnQxDDAKBgNVBAsT" + + "A0RvZDEQMA4GA1UECxMHVGVzdGluZzEVMBMGA1UEAxMMQ0ExLUNQLjAzLjAzMIGfMA0GCS" + + "qGSIb3DQEBAQUAA4GNADCBiQKBgQCjLYKGKEMJgC/r0NH7vubQZ5qPEFEEN6QdLUWWqf/O" + + "Yqo9hboQq6S8dFHp3DVR5x/4NOdNRjsTABbXsnz8U+L7+4CorhDhXj29weGMYIIfJ3XSIb" + + "T7sE/GOPmXeGhrTv2zucI1j80sN5nTEoiGFm10LQqAgoyV46BxDltf3/D7wwIDAQABo2Mw" + + "YTAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBBjAWBgNVHSAEDzANMAsGCWCGSA" + + "FlAwEwATARBgNVHQ4ECgQIhCIOyzfScpAwEwYDVR0jBAwwCoAIq5rr+cLnVI8wDQYJKoZI" + + "hvcNAQEFBQADgYEAA18kQijoJebmTQS7n/q/fQx2iblOJaJAWQLHeGCCGqKxCjUpOxuD+y" + + "xMspmTKdQqEkqQ5vpHdFYQ5MYuecqAdp6woWUNQGVd4HHPmHsAW3Oppwb0yLggYs8IVHjm" + + "dNO1pYb+YYciCKBtX8D1OnedIRcrQmDMJUjbfmAEv/4b0EM="; + public const string Intermediate_CRL_CP_03_03_crl = + "MIIBSzCBtQIBATANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS" + + "5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNV" + + "BAMTDENBMS1DUC4wMy4wMxcNOTkwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMTAwWqAjMCEwCg" + + "YDVR0UBAMCAQEwEwYDVR0jBAwwCoAIhCIOyzfScpAwDQYJKoZIhvcNAQEFBQADgYEAk34j" + + "SxMr8p1h1qJWlfoh4er9pu1AkkHujovan6Ctx89VwFdOS5Kw82OCvD+nmJAHrFuncNlClf" + + "51G8FCEAFLhMNwic4WAxrBX15hcUTaWk8Wj00dfUFwjG8/Kv3QUCDBN8f3KC8/oBeORRX9" + + "dHW5ei2IUKuD1ITCeIoyRDBxQIg="; + public const string End_Certificate_CP_03_03_crt = + "MIIChjCCAe+gAwIBAgIBFjANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1" + + "UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3Rpbmcx" + + "FTATBgNVBAMTDENBMS1DUC4wMy4wMzAeFw05ODAxMDExMjAxMDBaFw01MDA3MDExMjAxMD" + + "BaMGAxCzAJBgNVBAYTAlVTMRgwFgYDVQQKEw9VLlMuIEdvdmVybm1lbnQxDDAKBgNVBAsT" + + "A0RvRDEQMA4GA1UECxMHVGVzdGluZzEXMBUGA1UEAxMOVXNlcjEtQ1AuMDMuMDMwgZ8wDQ" + + "YJKoZIhvcNAQEBBQADgY0AMIGJAoGBALSw1Ey7kzFzzjMS4oTSrZH/95NMHLxtUSaVGMCy" + + "0q2iLfGZ79eTS9megQUranYlIuK411yvFtskbFKf0idMKBtM8nX3Rxubm5EnbnpgvNrBEg" + + "0FbOPqpSaR+8pxZ6lweB45tkzLU3OZeAZSpGOY1UvT/htn6Ae8JQAVajSvYyfNAgMBAAGj" + + "UjBQMA4GA1UdDwEB/wQEAwIF4DAWBgNVHSAEDzANMAsGCWCGSAFlAwEwATARBgNVHQ4ECg" + + "QIF014kOHikvcwEwYDVR0jBAwwCoAIhCIOyzfScpAwDQYJKoZIhvcNAQEFBQADgYEAdLMM" + + "zGPPvBLgPbhn2tba/7HiaZaayHIxTXmpW0KAhP+8hwapOitrtLGPwqVtxQ3GoSMZJPMDCV" + + "WsrT3OZm27G6ytqqNZ2ZO49UC7WwQ49TVlN79Ui9RZIBnRzlMIDNKsyuohfSRhFZTkWdoH" + + "/y8ulY8k4xBThV8e8IRgtYj3nhc="; + public readonly string[] TEST_11_DATA = new string[] + { + Intermediate_Certificate_CP_03_03_crt, + Intermediate_CRL_CP_03_03_crl, + End_Certificate_CP_03_03_crt + }; + + /* + * test12 + * + */ + public const string Intermediate_Certificate_CP_03_04_crt = + "MIIClTCCAf6gAwIBAgIBFzANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1" + + "UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb0QxEDAOBgNVBAsTB1Rlc3Rpbmcx" + + "FTATBgNVBAMTDFRydXN0IEFuY2hvcjAeFw05ODAxMDExMjAxMDBaFw00ODAxMDExMjAxMD" + + "BaMF4xCzAJBgNVBAYTAlVTMRgwFgYDVQQKEw9VLlMuIEdvdmVybm1lbnQxDDAKBgNVBAsT" + + "A0RvZDEQMA4GA1UECxMHVGVzdGluZzEVMBMGA1UEAxMMQ0ExLUNQLjAzLjA0MIGfMA0GCS" + + "qGSIb3DQEBAQUAA4GNADCBiQKBgQDbUii3czeUQ2zNlxvrhnJ0LcBGxCDHFr3xx+plDg3f" + + "uasDKCY/VjCLEfQ5a2oqcovvGKsd2CPXbCFJtimW1R7Dvt+a0y95fppsdseorYDikiBlOj" + + "ja6LR3Cz3bslYc133C+W/MKHMJ0tdvtTk+SJrq7lqs+iv/b/xHC3k/gDjIswIDAQABo2Mw" + + "YTAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBBjAWBgNVHSAEDzANMAsGCWCGSA" + + "FlAwEwATARBgNVHQ4ECgQIFNw3o1kc4XkwEwYDVR0jBAwwCoAIq5rr+cLnVI8wDQYJKoZI" + + "hvcNAQEFBQADgYEAn/pr7/noYyjXSKEe/eLk3l4Rb6PEhNAnzySmxGkjIjWKAgh5IVYSGV" + + "KFO/FaNOiYkRFHwXZFNj71q7gbM+HwALurN0Mr/MUA1TSpPy7YhFL0SWq3C3XsC/dVJ50b" + + "HmTW+dGcxboX0h9HeKFxp3VyOY/dUut2oc+s/TnmqQII1CU="; + public const string Intermediate_CRL_CP_03_04_crl = + "MIIBSzCBtQIBATANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS" + + "5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNV" + + "BAMTDENBMS1DUC4wMy4wNBcNOTkwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMTAwWqAjMCEwCg" + + "YDVR0UBAMCAQEwEwYDVR0jBAwwCoAIFNw3o1kc4XkwDQYJKoZIhvcNAQEFBQADgYEAMoJ5" + + "jGE1AxxfluixG8Sk7H4W2rqSEkQyNHfnlKSMbh9KZA3evI8HGKGGfkbBNoe4/HauZ4NVFw" + + "FXgllCp+TI8Qd+HafFoDv6ff1K7T86p6r7tE3AEM1XmbnfohP3/ivpIzustv/f2rqjxILK" + + "Ldvrth2/OlNygwY+D54lcWH1DX8="; + public const string End_Certificate_CP_03_04_crt = + "MIICiDCCAfGgAwIBAgIBGDANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1" + + "UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3Rpbmcx" + + "FTATBgNVBAMTDENBMS1DUC4wMy4wNDAgFw05ODAxMDExMjAxMDBaGA8yMDUwMDEwMTEyMD" + + "EwMFowYDELMAkGA1UEBhMCVVMxGDAWBgNVBAoTD1UuUy4gR292ZXJubWVudDEMMAoGA1UE" + + "CxMDRG9EMRAwDgYDVQQLEwdUZXN0aW5nMRcwFQYDVQQDEw5Vc2VyMS1DUC4wMy4wNDCBnz" + + "ANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAuSL9tB1JW6JPUO2Xw6TMYkPX41lru3EPyYko" + + "YgXy4giy6LGoqbgtskHehD22v3rfWjqOd9iV2PBio/vYE4zEz0H0n84dpnBvog6A1AlE19" + + "PkQ1txjzIA52FQIRwRfZ38LaulQEfJ0a+fiRHQiM960O3YvHXV+GEbNcw4jo8b0sUCAwEA" + + "AaNSMFAwDgYDVR0PAQH/BAQDAgXgMBYGA1UdIAQPMA0wCwYJYIZIAWUDATABMBEGA1UdDg" + + "QKBAh9/WgM+UT6bTATBgNVHSMEDDAKgAgU3DejWRzheTANBgkqhkiG9w0BAQUFAAOBgQDR" + + "I6PKUGg876/fSljtqxXCR4CoGAAurNFOcM4EWeoc6ZvuDOi3P7rNYiYAXXlmp7epOAgvZP" + + "EV4vS16ODaJO6qIMR1YsaGEPo0ecT2pEStvP37X6pb5TdyjyKYF3586IN6TJdFMFsW/Lqg" + + "tucl9bGlWmfTVwxTexq6+D8diK48KQ=="; + public readonly string[] TEST_12_DATA = new string[] + { + Intermediate_Certificate_CP_03_04_crt, + Intermediate_CRL_CP_03_04_crl, + End_Certificate_CP_03_04_crt + }; + + /* + * test13 + * + */ + public const string Intermediate_Certificate_CP_04_01_crt = + "MIIClTCCAf6gAwIBAgIBGTANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1" + + "UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb0QxEDAOBgNVBAsTB1Rlc3Rpbmcx" + + "FTATBgNVBAMTDFRydXN0IEFuY2hvcjAeFw05ODAxMDExMjAxMDBaFw00ODAxMDExMjAxMD" + + "BaMF4xCzAJBgNVBAYTAlVTMRgwFgYDVQQKEw9VLlMuIEdvdmVybm1lbnQxDDAKBgNVBAsT" + + "A0RvZDEQMA4GA1UECxMHVGVzdGluZzEVMBMGA1UEAxMMQ0ExLUNQLjA0LjAxMIGfMA0GCS" + + "qGSIb3DQEBAQUAA4GNADCBiQKBgQC5UJ+KMj8tAmzr3OGYL2gSFcNTf8ik+ZVxlaPVGHyS" + + "KjYQBAEbefhfg5Ps2aIuqBwYkbtFXuHif5GEhgObA4InCyESeRjYLGcVMqwSZzAOFAR0dP" + + "1LzgzQs3ZgG9JX5MO5wEZ8IMnVN4Otu4XIlWSgIpUNS2vyet8Zi7t9fX+JewIDAQABo2Mw" + + "YTAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBBjAWBgNVHSAEDzANMAsGCWCGSA" + + "FlAwEwATARBgNVHQ4ECgQIOZvfph4Uu9YwEwYDVR0jBAwwCoAIq5rr+cLnVI8wDQYJKoZI" + + "hvcNAQEFBQADgYEAXMyscmGpKSLG3hQltMQLegy0+g5wzgOrbFOWxZmiVNR+zSsHDD3UAH" + + "H4SyTozlooC0jAY4yAhZ5RX6SSJKx9fHsOZD9ldCmst14qLk3pkI+M0QiPBZkVTx5/7dR2" + + "wGkuNKSVWH6woOq7BbEzpO7xMlrUr6tgHt4Dc6Evt1pVZls="; + public const string Intermediate_CRL_CP_04_01_crl = + "MIIBSzCBtQIBATANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS" + + "5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNV" + + "BAMTDENBMS1DUC4wNC4wMRcNOTkwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMTAwWqAjMCEwCg" + + "YDVR0UBAMCAQEwEwYDVR0jBAwwCoAIOZvfph4Uu9YwDQYJKoZIhvcNAQEFBQADgYEAe79z" + + "iEUgP/mvouJ9ufit1y4SjnHQWik75W65eGn/XGArRrBqJ8jZVJE4/rpDBbzm2V0hQoWU8z" + + "zchZFlesUyqQZ9KUlT0YGR0YPcNw/V+58RonWWfmU3M2DvWDrXgCOXPm61+AYq4+kTowsG" + + "0stmeML6NxjDzWpfAgI/MpXqe80="; + public const string End_Certificate_CP_04_01_crt = + "MIIChjCCAe+gAwIBAgIBGjANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1" + + "UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3Rpbmcx" + + "FTATBgNVBAMTDENBMS1DUC45OS45OTAeFw05ODAxMDExMjAxMDBaFw00ODAxMDExMjAxMD" + + "BaMGAxCzAJBgNVBAYTAlVTMRgwFgYDVQQKEw9VLlMuIEdvdmVybm1lbnQxDDAKBgNVBAsT" + + "A0RvRDEQMA4GA1UECxMHVGVzdGluZzEXMBUGA1UEAxMOVXNlcjEtQ1AuMDQuMDEwgZ8wDQ" + + "YJKoZIhvcNAQEBBQADgY0AMIGJAoGBAPiAZKXPjK8jvaNj34VynyKPK7dQtFysBPKFW5Y1" + + "Bc+OMsyd2pPpQoJYcQTMMomlAqoBvSXUJCMNly/BxVuvn7l6I9crtx6PjBBUlEzdcsscaa" + + "EaHuCCVl+Msnr66cSV3GqVGAhujun81+lyurcTEog3ftsohwbQnfA76qNU/N3/AgMBAAGj" + + "UjBQMA4GA1UdDwEB/wQEAwIF4DAWBgNVHSAEDzANMAsGCWCGSAFlAwEwATARBgNVHQ4ECg" + + "QIJZPDbf2xNv8wEwYDVR0jBAwwCoAIOZvfph4Uu9YwDQYJKoZIhvcNAQEFBQADgYEAZf4L" + + "1RDHDXwwA2CgcIhM4CAfZ72CR2zOan0at38VVFB3u9vs4VLwFcrOQCIjDbdLijc0XWLima" + + "4vCD1qrsv6Hk5+6113HfFNmD8mp6X5jAwoNPa/I4kmFOA8iIm4TTk7M75vQyCQTPG0VzbU" + + "Nu3uwTbXKm5ME9C5MFMf7z347CM="; + public readonly string[] TEST_13_DATA = new string[] + { + Intermediate_Certificate_CP_04_01_crt, + Intermediate_CRL_CP_04_01_crl, + End_Certificate_CP_04_01_crt + }; + + /* + * test14 + * + */ + public const string Intermediate_Certificate_CP_04_02_crt = + "MIIClTCCAf6gAwIBAgIBGzANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1" + + "UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb0QxEDAOBgNVBAsTB1Rlc3Rpbmcx" + + "FTATBgNVBAMTDFRydXN0IEFuY2hvcjAeFw05ODAxMDExMjAxMDBaFw00ODAxMDExMjAxMD" + + "BaMF4xCzAJBgNVBAYTAlVTMRgwFgYDVQQKEw9VLlMuIEdvdmVybm1lbnQxDDAKBgNVBAsT" + + "A0RvRDEQMA4GA1UECxMHVGVzdGluZzEVMBMGA1UEAxMMQ0ExLUNQLjA0LjAyMIGfMA0GCS" + + "qGSIb3DQEBAQUAA4GNADCBiQKBgQCteErspc5ekSOel/wmjn/XQ0HUy4XzxB5Zj0nGn9FD" + + "PbjF2LERCHOn5aBnIMHYhyr7PDynwbvSx2egzGC6wGe9Zrri1MteirQ9Ppw7062IIleloy" + + "UAiuwvD+s0npKsvboarQsCMfOB1hOB1tGG1bjXP6B5B187SZXuR3KawggyJwIDAQABo2Mw" + + "YTAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBBjAWBgNVHSAEDzANMAsGCWCGSA" + + "FlAwEwATARBgNVHQ4ECgQIUjnGp96itUMwEwYDVR0jBAwwCoAIq5rr+cLnVI8wDQYJKoZI" + + "hvcNAQEFBQADgYEAR6fmN+9p5AWy/asEAiVBnbY9q7EQXyB8WuZK9FtFmupe3hlfcTq84E" + + "A+TGvXOlNr05/1iLRv82GsWXDif7DlGVPN8CS1+0kb5Ve8Pmv2ziiWVREqWx916ioPjDRp" + + "wvdGcCNC26+fyvv5TrP8uzojurl1ZlVRRqi2sIbopVX5r8w="; + public const string Intermediate_CRL_CP_04_02_crl = + "MIIBSzCBtQIBATANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS" + + "5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb0QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNV" + + "BAMTDENBMS1DUC4wNC4wMhcNOTkwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMTAwWqAjMCEwCg" + + "YDVR0UBAMCAQEwEwYDVR0jBAwwCoAIUjnGp96itUMwDQYJKoZIhvcNAQEFBQADgYEAZkXJ" + + "aJG4QDE02wFURwaxWuv2VyD7m+N/2B0/9KR+6UKVpsMd2XHq+G3SlFOa6dA/fHUdhtUs2D" + + "gpx3SfQYbcgKFrryZHqJDK230eP3F41S9g5XJTRaNR5iZvxvh4bmSf4l6a5MXsKEoBoJoT" + + "j8cU4qg6j7Xk4NpIR1JbWiSIYQc="; + public const string End_Certificate_CP_04_02_crt = + "MIIChjCCAe+gAwIBAgIBHDANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1" + + "UEChMPVS5TLiBHb3Zlcm5tZW50MRAwDgYDVQQLEwdUZXN0aW5nMQwwCgYDVQQLEwNEb0Qx" + + "FTATBgNVBAMTDENBMS1DUC4wNC4wMjAeFw05ODAxMDExMjAxMDBaFw00ODAxMDExMjAxMD" + + "BaMGAxCzAJBgNVBAYTAlVTMRgwFgYDVQQKEw9VLlMuIEdvdmVybm1lbnQxDDAKBgNVBAsT" + + "A0RvRDEQMA4GA1UECxMHVGVzdGluZzEXMBUGA1UEAxMOVXNlcjEtQ1AuMDQuMDIwgZ8wDQ" + + "YJKoZIhvcNAQEBBQADgY0AMIGJAoGBALM7mfq+hpLfvQdqZUJfIx/2gFcgHS2AsgZn0An+" + + "Yn61WtG8K2+lt/a8aypa/q+J93RVkRYKWKFQcJHiRgx7DMlXElVnfQbSFuLX46ng4hqmQL" + + "sSOKmXDld2BlyMZ41B3rfdhJT8P12RMR6uAwvc9CH3b0UTcsc498Kj+JeaRbzxAgMBAAGj" + + "UjBQMA4GA1UdDwEB/wQEAwIF4DAWBgNVHSAEDzANMAsGCWCGSAFlAwEwATARBgNVHQ4ECg" + + "QIo7S64S6t5nswEwYDVR0jBAwwCoAIUjnGp96itUMwDQYJKoZIhvcNAQEFBQADgYEApNT5" + + "Y+9Jc28m5Qwjm+/8SKk83iCPnIW3BsAvQUB9Wmd1+kMZvqLySQjm1tBBbcGYuSERMJ2Et5" + + "eoTdL9B6EG2CZYnPqu1vk0TVugRxs7IJm4h5z4MCInf2g1KTt0AMEasQW6ZTj7DIkkU48Z" + + "EKLPoBGXfD9t9Y9cmdj1e1RQbog="; + public readonly string[] TEST_14_DATA = new string[] + { + Intermediate_Certificate_CP_04_02_crt, + Intermediate_CRL_CP_04_02_crl, + End_Certificate_CP_04_02_crt + }; + + /* + * test15 + * + */ + public const string Intermediate_Certificate_CP_04_03_crt = + "MIICmzCCAgSgAwIBAgIBHTANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1" + + "UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb0QxEDAOBgNVBAsTB1Rlc3Rpbmcx" + + "FTATBgNVBAMTDFRydXN0IEFuY2hvcjAeFw05ODAxMDExMjAxMDBaFw00ODAxMDExMjAxMD" + + "BaMGQxCzAJBgNVBAYTAlVTMRgwFgYDVQQKEw9VLlMuIEdvdmVybm1lbnQxDDAKBgNVBAsT" + + "A0RvZDEQMA4GA1UECxMHVGVzdGluZzEbMBkGA1UEAxMSICBDQTEgLSAgIENQLjA0LjAzMI" + + "GfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQD11QBcw4P2rTUfPmbVNYqdo0AMmcB3Yxsx" + + "Iz5me/S1I2PJLtRh9KP7lUV20SMEFsFKtE1C+9O7ODtOUCJA/6ECeXbyj20SbG1E2oQrZe" + + "gkcn7IQDUgnuedzdFj4kTevok6ao9hycg+qeZrL6oeBD2XQCd9nqMmzhihNu/QOSnp5wID" + + "AQABo2MwYTAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBBjAWBgNVHSAEDzANMA" + + "sGCWCGSAFlAwEwATARBgNVHQ4ECgQInx+ELo31rJMwEwYDVR0jBAwwCoAIq5rr+cLnVI8w" + + "DQYJKoZIhvcNAQEFBQADgYEAriYMoRDpSPI4HWrxN1rjqWIzggz8p1wpbEFgK5o/Fi2KT3" + + "jCd6bfCcIFDpoXNqlsc+dvzc4XB1Eg/Qbcror8HP8LSxrbFw/y7VhC+wCaDCmhcqQn3rp/" + + "WaOWnR7/H7HlKM9m1u7MBtwlxHINnLKwPHIA1XwmAnItAXIL2yHRJhU="; + public const string Intermediate_CRL_CP_04_03_crl = + "MIIBUTCBuwIBATANBgkqhkiG9w0BAQUFADBkMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS" + + "5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxGzAZBgNV" + + "BAMTEiAgQ0ExIC0gICBDUC4wNC4wMxcNOTkwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMTAwWq" + + "AjMCEwCgYDVR0UBAMCAQEwEwYDVR0jBAwwCoAInx+ELo31rJMwDQYJKoZIhvcNAQEFBQAD" + + "gYEAvJgOX6tewnRbC9Ch+Fe4KjkB9IAhe5anQKGfnDHuLfga6JEjOzyfhonWZeppJwvYpl" + + "1rZbsKICNphMDkd/eaWnn8Q9w02ah4kzIb0LuzrNBrxpFv9AAidfGU2VeF0gRi02jtAZsh" + + "gUNbrdC+ovA8mAsBigy+HMzCi61+wrumwvo="; + public const string End_Certificate_CP_04_03_crt = + "MIICijCCAfOgAwIBAgIBHjANBgkqhkiG9w0BAQUFADBiMQswCQYDVQQGEwJVUzEYMBYGA1" + + "UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3Rpbmcx" + + "GTAXBgNVBAMTEGNhMSAtIENQLjA0LjAzICAwHhcNOTgwMTAxMTIwMTAwWhcNNDgwMTAxMT" + + "IwMTAwWjBgMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYD" + + "VQQLEwNEb0QxEDAOBgNVBAsTB1Rlc3RpbmcxFzAVBgNVBAMTDlVzZXIxLUNQLjA0LjAzMI" + + "GfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC2Rd0VKnTIrME7hzpnpIPGXGXZCjpf5lSO" + + "19zvB3WdZumLGdwUBXpIQTrl5teYgL62PpOwNC93URZDEUt+rqoqvs8E7MpF3IulStp2+H" + + "/xa6Ihf4OmkgKjpHNTWOIFXeRJ4sVgWuH6cqQ+6GL+0fa1sed1crsEgTTAGYNhFi6ebwID" + + "AQABo1IwUDAOBgNVHQ8BAf8EBAMCBeAwFgYDVR0gBA8wDTALBglghkgBZQMBMAEwEQYDVR" + + "0OBAoECBNwCFdDgPCqMBMGA1UdIwQMMAqACJ8fhC6N9ayTMA0GCSqGSIb3DQEBBQUAA4GB" + + "ABAjSPg794yiVz9RqdNxic8TGnApNrZui/vwr1U8ZkETZfx8W1fWgQ0z7KjryML5IOmvps" + + "zycM7by6jb2kMmxI1SQCwjiNQ1fb1osrNAj2bRfpp2YgjjbHx1XkddommtVc0V8kvyQBcb" + + "7NdxfbwKr8AtpiWTWIajc2uqUlELsLzr"; + public readonly string[] TEST_15_DATA = new string[] + { + Intermediate_Certificate_CP_04_03_crt, + Intermediate_CRL_CP_04_03_crl, + End_Certificate_CP_04_03_crt + }; + + /* + * test16 + * + */ + public const string Intermediate_Certificate_CP_04_04_crt = + "MIIClzCCAgCgAwIBAgIBHzANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1" + + "UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb0QxEDAOBgNVBAsTB1Rlc3Rpbmcx" + + "FTATBgNVBAMTDFRydXN0IEFuY2hvcjAeFw05ODAxMDExMjAxMDBaFw00ODAxMDExMjAxMD" + + "BaMGAxCzAJBgNVBAYTAlVTMRgwFgYDVQQKEw9VLlMuIEdvdmVybm1lbnQxDDAKBgNVBAsT" + + "A0RvZDEQMA4GA1UECxMHVGVzdGluZzEXMBUGA1UEAxMOQ0ExIC0gQ1AuMDQuMDQwgZ8wDQ" + + "YJKoZIhvcNAQEBBQADgY0AMIGJAoGBAOFf5hr4R8IqTp53qQSiBEjOFQ3Q3ICcafl+FLzm" + + "K3xIFqERjyXARsTM4gDQ9yntFeNp2TiIi98xBrz7D8TlrbTAmxO/PUfAQ68tXpz9Id/XrU" + + "WeAKxMZULPL9nPFcGQoh0qq3JKpFRSb3Iobryfysblm7cCDDCJOI7uK14XZtTFAgMBAAGj" + + "YzBhMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgEGMBYGA1UdIAQPMA0wCwYJYI" + + "ZIAWUDATABMBEGA1UdDgQKBAjior7qCuLBljATBgNVHSMEDDAKgAirmuv5wudUjzANBgkq" + + "hkiG9w0BAQUFAAOBgQBhh55gTy5htqjxW1Ch2hRrRikhBH7LJz1PmDuzwiIOtnWL+EiQOY" + + "T6h3NV1j8Kn5S4KhUOrhnvrPXRi22HdqRzEPl7y/wXm6G0XcgYlyy2ofZKdYVWCVStKAMW" + + "5SwV2wC5RPK2KphdhnlEqss6QVRUsliDDjnf9Saiey9nzJAfNw=="; + public const string Intermediate_CRL_CP_04_04_crl = + "MIIBTTCBtwIBATANBgkqhkiG9w0BAQUFADBgMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS" + + "5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFzAVBgNV" + + "BAMTDkNBMSAtIENQLjA0LjA0Fw05OTAxMDExMjAxMDBaFw00ODAxMDExMjAxMDBaoCMwIT" + + "AKBgNVHRQEAwIBATATBgNVHSMEDDAKgAjior7qCuLBljANBgkqhkiG9w0BAQUFAAOBgQBI" + + "VlXD5FnIiO8tavLJ8qo/qRhbBNgUbFBdAgAY6yVnFNP6YN4qPineYPN6NV1XdqNDrZh2Nz" + + "GHzX3YDo1Uv9yABVR0NvXCaMIW5/raqZp/on6bPuQLgJe9UisOPKunzehTm/NmO1RW9dwU" + + "37UzC0XnVHyVipDVh07DrTKBUtQJQw=="; + public const string End_Certificate_CP_04_04_crt = + "MIICjTCCAfagAwIBAgIBIDANBgkqhkiG9w0BAQUFADBlMQswCQYDVQQGEwJVUzEZMBcGA1" + + "UEChMQVS5TLiAgR292ZXJubWVudDEMMAoGA1UECxMDRG9EMRAwDgYDVQQLEwdUZXN0aW5n" + + "MRswGQYDVQQDExJDQTEgICAgLSAgQ1AuMDQuMDQwHhcNOTgwMTAxMTIwMTAwWhcNNDgwMT" + + "AxMTIwMTAwWjBgMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS5TLiBHb3Zlcm5tZW50MQww" + + "CgYDVQQLEwNEb0QxEDAOBgNVBAsTB1Rlc3RpbmcxFzAVBgNVBAMTDlVzZXIxLUNQLjA0Lj" + + "A0MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCegy6qOnM14CS7+enBElgh2DLtF5bn" + + "ah0yfA18/hbqnmUaWOWJQllyXa8QFawnvdXOOEXJm1ErIm3rDYihkbUTP+ybOBH9dprWtl" + + "1cSGL9CkoxwzkJRLQTu5xG72EhET3S3kwqZsmYbgy4MduGKv9VGFbv75Wr17Vo9K4Lz6QK" + + "vQIDAQABo1IwUDAOBgNVHQ8BAf8EBAMCBeAwFgYDVR0gBA8wDTALBglghkgBZQMBMAEwEQ" + + "YDVR0OBAoECEc4b3BP059HMBMGA1UdIwQMMAqACOKivuoK4sGWMA0GCSqGSIb3DQEBBQUA" + + "A4GBADj73jXpPLev5crwZIoXCJd/nXXp1fJzEEbByWggsR9cFHN4wnp7N6gpIxQbLQwjmo" + + "cLPC1pHQ3A5VHVrCbxAk6nifmSvnKFWHTBftZGpfTGkrXbURFF64T/CB4O+JXr1eBUGheN" + + "Q0T8L17UNgi3oBENKjASWnpjxvD2QrOnH0rb"; + public readonly string[] TEST_16_DATA = new string[] + { + Intermediate_Certificate_CP_04_04_crt, + Intermediate_CRL_CP_04_04_crl, + End_Certificate_CP_04_04_crt + }; + + /* + * test17 + * + */ + public const string Intermediate_Certificate_CP_04_05_crt = + "MIIClzCCAgCgAwIBAgIBITANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1" + + "UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb0QxEDAOBgNVBAsTB1Rlc3Rpbmcx" + + "FTATBgNVBAMTDFRydXN0IEFuY2hvcjAeFw05ODAxMDExMjAxMDBaFw00ODAxMDExMjAxMD" + + "BaMGAxCzAJBgNVBAYTAlVTMRgwFgYDVQQKEw9VLlMuIEdvdmVybm1lbnQxDDAKBgNVBAsT" + + "A0RvZDEQMA4GA1UECxMHVGVzdGluZzEXMBUGA1UEAxMOICBDQTEtQ1AuMDQuMDUwgZ8wDQ" + + "YJKoZIhvcNAQEBBQADgY0AMIGJAoGBAMBsWmrcKH0J9bkI3zHthZ0S3904f3fMUSasY5qp" + + "7CSQ0sbXTwP947sfAPK4Dso6Bpwl0WExRCdFHd6qfY9wR+NtfuI/DkFEY8WveoqM4Vskpi" + + "cutWghCx14PiPY5YGFn8VvXu7wbuHp4TnHtUCMEUt3EfYO5oqm+/I8y0eTKMNHAgMBAAGj" + + "YzBhMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgEGMBYGA1UdIAQPMA0wCwYJYI" + + "ZIAWUDATABMBEGA1UdDgQKBAjOoKlp+BfGqTATBgNVHSMEDDAKgAirmuv5wudUjzANBgkq" + + "hkiG9w0BAQUFAAOBgQDLhQ/RJFqMDNRonAHZ30DYyphf8do4q6ARikhhXSSa6G2G/PzbpS" + + "x3T+3G8ot+NnFhtf9ZWo7KfwmFEbUA/B/X2vJaJbNImkMDT1aTY5sPXtA69B3QKQVz7HST" + + "f5XH6DjuoV0/m1M153A4vf1Z783dOPw1MzOq19t+6tYFeELEHQ=="; + public const string Intermediate_CRL_CP_04_05_crl = + "MIIBTTCBtwIBATANBgkqhkiG9w0BAQUFADBgMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS" + + "5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFzAVBgNV" + + "BAMTDiAgQ0ExLUNQLjA0LjA1Fw05OTAxMDExMjAxMDBaFw00ODAxMDExMjAxMDBaoCMwIT" + + "AKBgNVHRQEAwIBATATBgNVHSMEDDAKgAjOoKlp+BfGqTANBgkqhkiG9w0BAQUFAAOBgQAp" + + "6gLCdPQw7Hisnr1i3QbD7GybqfD6b1s10GQ3c/j59RYDe1Fk47Srs9ol/baleasWjcdt8M" + + "SlTc66KvK9YPFAqIdYoOW4FidpJBF/1cvSc2hGYwVsxLnXKr9CJ5Py5vBCCjovIRiLdzoL" + + "ZoteOKFIEHkV7V8V2OTFawxpW9hkiA=="; + public const string End_Certificate_CP_04_05_crt = + "MIICiDCCAfGgAwIBAgIBIjANBgkqhkiG9w0BAQUFADBgMQswCQYDVQQGEwJVUzEYMBYGA1" + + "UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3Rpbmcx" + + "FzAVBgNVBAMTDkNBMS1DUC4wNC4wNSAgMB4XDTk4MDEwMTEyMDEwMFoXDTQ4MDEwMTEyMD" + + "EwMFowYDELMAkGA1UEBhMCVVMxGDAWBgNVBAoTD1UuUy4gR292ZXJubWVudDEMMAoGA1UE" + + "CxMDRG9EMRAwDgYDVQQLEwdUZXN0aW5nMRcwFQYDVQQDEw5Vc2VyMS1DUC4wNC4wNTCBnz" + + "ANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAwZsiUhXiFHN9dfJb0Yyy+rYtV8gx+d0+8WkW" + + "5C68nQgSqqk2uSTpvZbx0bpHF+s+LKppj2M2tt/AfZgVQHTsp5rO0IftZE2iLwqejj0rYU" + + "Poprq1PE3vVhs818ZlDS0PTUP97YxLysQjq2jS/d/9lF5pS3sMlP4Usp24gXX0vG0CAwEA" + + "AaNSMFAwDgYDVR0PAQH/BAQDAgXgMBYGA1UdIAQPMA0wCwYJYIZIAWUDATABMBEGA1UdDg" + + "QKBAjpC0ZvCXrvBTATBgNVHSMEDDAKgAjOoKlp+BfGqTANBgkqhkiG9w0BAQUFAAOBgQB7" + + "YwJWcx+PU1sUZUOVleoB5amHFu0GT+Hy7cRa82UJMHFkz0bmnyEV8CBNcnn0xa5iVfwe2y" + + "5ZKwy61DLR3MPTar9eKITL67uZag9w+1tnIf594XRbEiUzn20uxuDFX3oPoZCemtWdVanj" + + "2T+9TVQKfrp15+qzOCObNNRHZw29EA=="; + public readonly string[] TEST_17_DATA = new string[] + { + Intermediate_Certificate_CP_04_05_crt, + Intermediate_CRL_CP_04_05_crl, + End_Certificate_CP_04_05_crt + }; + + /* + * test18 + * + */ + public const string Intermediate_Certificate_CP_04_06_crt = + "MIIClTCCAf6gAwIBAgIBIzANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1" + + "UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb0QxEDAOBgNVBAsTB1Rlc3Rpbmcx" + + "FTATBgNVBAMTDFRydXN0IEFuY2hvcjAeFw05ODAxMDExMjAxMDBaFw00ODAxMDExMjAxMD" + + "BaMF4xCzAJBgNVBAYTAlVTMRgwFgYDVQQKEw9VLlMuIEdvdmVybm1lbnQxDDAKBgNVBAsT" + + "A0RvZDEQMA4GA1UECxMHVGVzdGluZzEVMBMGA1UEAxMMQ0ExLUNQLjA0LjA2MIGfMA0GCS" + + "qGSIb3DQEBAQUAA4GNADCBiQKBgQD0t0dfe82Su58bJdn4dh7E3OCam1AUPTzPnt7DwT2w" + + "1XwD76OCUYP7SBBjsLYDDfUCb2ek96pSK4jpzyE6/4IOtfObe7OW+iBT9YAB5WeW+SmvEO" + + "TIX+xo13sbz6rG6j9svcOxtth98yv7mxzV/ZwTNBSO72CcfDXIIq20TVunlwIDAQABo2Mw" + + "YTAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBBjAWBgNVHSAEDzANMAsGCWCGSA" + + "FlAwEwATARBgNVHQ4ECgQI0AufZEn1f9AwEwYDVR0jBAwwCoAIq5rr+cLnVI8wDQYJKoZI" + + "hvcNAQEFBQADgYEAbfhxuNBYizxfMZNcyiN61j+7LXZZo3SmMU21UmOhPBTmdTbIkuVCI+" + + "F1jSWdu3eGShVNJ3jmkidDvojMm+E8ZZ1YGHYfgeG16dDQudaGUjGmOfYzzlkFmsaf0paG" + + "4y4sBerPsZCmhN7BanGh3qYPFvadSmp3OapGfEmDtS+BbVQ="; + public const string Intermediate_CRL_CP_04_06_crl = + "MIIBSzCBtQIBATANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS" + + "5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNV" + + "BAMTDENBMS1DUC4wNC4wNhcNOTkwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMTAwWqAjMCEwCg" + + "YDVR0UBAMCAQEwEwYDVR0jBAwwCoAI0AufZEn1f9AwDQYJKoZIhvcNAQEFBQADgYEAIAI7" + + "W6K69twJZnHx6CoIMs5+P9DrJ2yKHptmntlOCTSJirC/xdj0Zv2k5FW84VrTtdCSZDT1Ce" + + "4Dh69fT2sUUexJb/4IcDtzloiuASSJzKWCeVIj9A8e6+coNUJVKtRKRX8bHJ5Un7xpFrY6" + + "t1hdxt8gUecAAdXEFGuZ3QEHHN0="; + public const string End_Certificate_CP_04_06_crt = + "MIIChjCCAe+gAwIBAgIBJDANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1" + + "UEChMPdS5zLiBHT1ZFUk5NRU5UMQwwCgYDVQQLEwNEb0QxEDAOBgNVBAsTB1RFU1RJTkcx" + + "FTATBgNVBAMTDGNhMS1DUC4wNC4wNjAeFw05ODAxMDExMjAxMDBaFw00ODAxMDExMjAxMD" + + "BaMGAxCzAJBgNVBAYTAlVTMRgwFgYDVQQKEw9VLlMuIEdvdmVybm1lbnQxDDAKBgNVBAsT" + + "A0RvRDEQMA4GA1UECxMHVGVzdGluZzEXMBUGA1UEAxMOVXNlcjEtQ1AuMDQuMDYwgZ8wDQ" + + "YJKoZIhvcNAQEBBQADgY0AMIGJAoGBAKq8rAPXsu1RVm3vT7od7CDLn8k/C3x3wvfzoWrm" + + "W0cmlhp9xRy5a3HWiJATD8yCKY1psBgnrOpv37sdtUX4P2kf668HrYOaGo365fKPeT5Wjm" + + "gp0pL3sXKNNsCuJPd3wKAXGHAi1R9arZFYPsKJlfQl1774dwAvzxSOMr5+pbnzAgMBAAGj" + + "UjBQMA4GA1UdDwEB/wQEAwIF4DAWBgNVHSAEDzANMAsGCWCGSAFlAwEwATARBgNVHQ4ECg" + + "QI33MEYdo5YX4wEwYDVR0jBAwwCoAI0AufZEn1f9AwDQYJKoZIhvcNAQEFBQADgYEAo8Ge" + + "ADBoJFEIRzdO37uasuyIBhClTUgyFhEKemMBN6aelYeiJMX6FZIL3DgZOce4dg7Zg3Ak/w" + + "B5m8XlGQLW9xIbpEzY/Iq9kr+qK6k9YmvtcOiHFbnudCFNZngTQZpxjiDaj4eA48uqKIxs" + + "51taC5gOv9LYWPnugN8TsUUFZ1s="; + public readonly string[] TEST_18_DATA = new string[] + { + Intermediate_Certificate_CP_04_06_crt, + Intermediate_CRL_CP_04_06_crl, + End_Certificate_CP_04_06_crt + }; + + /* + * test19 + * + */ + public const string Intermediate_Certificate_CP_05_01_crt = + "MIIClTCCAf6gAwIBAgIBJTANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1" + + "UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb0QxEDAOBgNVBAsTB1Rlc3Rpbmcx" + + "FTATBgNVBAMTDFRydXN0IEFuY2hvcjAeFw05ODAxMDExMjAxMDBaFw00ODAxMDExMjAxMD" + + "BaMF4xCzAJBgNVBAYTAlVTMRgwFgYDVQQKEw9VLlMuIEdvdmVybm1lbnQxDDAKBgNVBAsT" + + "A0RvZDEQMA4GA1UECxMHVGVzdGluZzEVMBMGA1UEAxMMQ0ExLUNQLjA1LjAxMIGfMA0GCS" + + "qGSIb3DQEBAQUAA4GNADCBiQKBgQCshocJtyGsxeEd2ouVTVKp+HuhDjnDk9eXtaLQIKaB" + + "7aTODHYbq1mC+1LO5DmRV5PBVd8NuuCA+1DmzFrfYl+nMCjjgOkC0//Gf9O85Hi/n21q0T" + + "F+oVa1j9fc7nAgLIziexaXrflYSbaeNWkwHHftGUninKPuNGM2re0krEeurQIDAQABo2Mw" + + "YTAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBBjAWBgNVHSAEDzANMAsGCWCGSA" + + "FlAwEwATARBgNVHQ4ECgQIaUi/P20o4LcwEwYDVR0jBAwwCoAIq5rr+cLnVI8wDQYJKoZI" + + "hvcNAQEFBQADgYEAWBLeJl4qlAPKxmBM5QZ2JYsbCV3VBeYGAKQ+4L7ehS63VQMCwIjBCI" + + "LaHGIFfCqecDNd6cpYIArdx4tY7X2/Zxm3j5ocngpI1Tv8zydQcFeraILglsHf2UZUuK/N" + + "6jKGjwL68C8YwmA+u6ZhcQFD2Xg4wSMC/xxzAs9zEAQGBPo="; + public const string End_Certificate_CP_05_01_crt = + "MIIChjCCAe+gAwIBAgIBJjANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1" + + "UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3Rpbmcx" + + "FTATBgNVBAMTDENBMS1DUC4wNS4wMTAeFw05ODAxMDExMjAxMDBaFw00ODAxMDExMjAxMD" + + "BaMGAxCzAJBgNVBAYTAlVTMRgwFgYDVQQKEw9VLlMuIEdvdmVybm1lbnQxDDAKBgNVBAsT" + + "A0RvRDEQMA4GA1UECxMHVGVzdGluZzEXMBUGA1UEAxMOVXNlcjEtQ1AuMDUuMDEwgZ8wDQ" + + "YJKoZIhvcNAQEBBQADgY0AMIGJAoGBAO9ODA12Fky/Md5AELkaOvOwB31UlfZq3SHAOvs0" + + "Y4NYoA7Q5KDIwW8RNzMSKD30z51VlgOAaBVR6HLo6rkcWB4wGiV7EPelewdSOdk72IrnYR" + + "npJEm2KEuLkHB+gejgk+paw8CejxMsrvT6loN8Pz0btBKxWaCfknTIyXVyQsolAgMBAAGj" + + "UjBQMA4GA1UdDwEB/wQEAwIF4DAWBgNVHSAEDzANMAsGCWCGSAFlAwEwATARBgNVHQ4ECg" + + "QI5LtSKs/inGMwEwYDVR0jBAwwCoAIaUi/P20o4LcwDQYJKoZIhvcNAQEFBQADgYEAOMrC" + + "38uzHckKMkiawXhPUHtDQfyR7bLweS2qro7GyndfxPpeMJwjzVxqvQBtMuHON+al8jyXpy" + + "BsEryV6qvdFC1vczLzJHAJZmLe5np27zQIXOObsyYcOG+aPq727/pKoD90DAlBvrxNW0ox" + + "x7citflEYpmOEv9Do5xiO3MuCFw="; + public readonly string[] TEST_19_DATA = new string[] + { + Intermediate_Certificate_CP_05_01_crt, + End_Certificate_CP_05_01_crt + }; + + /* + * test20 + * + */ + public const string Intermediate_Certificate_CP_06_01_crt = + "MIIClTCCAf6gAwIBAgIBJzANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1" + + "UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb0QxEDAOBgNVBAsTB1Rlc3Rpbmcx" + + "FTATBgNVBAMTDFRydXN0IEFuY2hvcjAeFw05ODAxMDExMjAxMDBaFw00ODAxMDExMjAxMD" + + "BaMF4xCzAJBgNVBAYTAlVTMRgwFgYDVQQKEw9VLlMuIEdvdmVybm1lbnQxDDAKBgNVBAsT" + + "A0RvZDEQMA4GA1UECxMHVGVzdGluZzEVMBMGA1UEAxMMQ0ExLUNQLjA2LjAxMIGfMA0GCS" + + "qGSIb3DQEBAQUAA4GNADCBiQKBgQDI4MXZB08BfUHxo//4Re7Ax0qWkHgy6nb+/XaLQ2Fw" + + "Pbvpb5mkhLhqDZBSX3KQL0YiJ8p81tmdvRQH/LbFzX/3OKBTUfV5imYy979A2NEb4otFp6" + + "EDSskZhttY3d2IzUICoCWUXhObnmkHJ2jEc81bggFkK5Lir1m/tKq2IOPFJQIDAQABo2Mw" + + "YTAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBBjAWBgNVHSAEDzANMAsGCWCGSA" + + "FlAwEwATARBgNVHQ4ECgQICIAmlz6+Cc0wEwYDVR0jBAwwCoAIq5rr+cLnVI8wDQYJKoZI" + + "hvcNAQEFBQADgYEA0ZvIG2cnk32p6uxqGw8Bu40NrfHu9gNkJL5MhDHJXA6OxU5BX5bWZp" + + "LnKXLoHiqSdtEdmy5cLZw3kggxndxjsnRFMyCawaYupJBhlgquFbuvBtA8rMtkc5H4zudP" + + "ZcOcvXu7Xw58K+1caSGURL+A6uXFPnMUBd1+k+ejbtO8Pto="; + public const string Intermediate_CRL_CP_06_01_crl = + "MIIBSzCBtQIBATANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS" + + "5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNV" + + "BAMTDENBMS1DUC4wNi4wMRcNOTkwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMTAwWqAjMCEwCg" + + "YDVR0UBAMCAQEwEwYDVR0jBAwwCoAICIAmlz6+Cc0wDQYJKoZIhvcNAQEFBQADgYEAbkJe" + + "jfc1rztCbtC6xJZ3iZEDDMW2CxFvOvSwhmCjPqVY3lrCPNSQzdjmqepioCnu7ongP+HAA7" + + "hM7bm+SoN7KzXKufQ7C2ONoAwvoPZgnoidg7RVECxUByD6AJu04yd2wCLYRpCfS2tDtXLh" + + "HEDpe+ELwv35pbkCMlCO2u7J+Tc="; + public const string End_Certificate_CP_06_01_crt = + "MIIChjCCAe+gAwIBAgIBKDANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1" + + "UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3Rpbmcx" + + "FTATBgNVBAMTDENBMS1DUC4wNi4wMTAeFw05ODAxMDExMjAxMDBaFw00ODAxMDExMjAxMD" + + "BaMGAxCzAJBgNVBAYTAlVTMRgwFgYDVQQKEw9VLlMuIEdvdmVybm1lbnQxDDAKBgNVBAsT" + + "A0RvRDEQMA4GA1UECxMHVGVzdGluZzEXMBUGA1UEAxMOVXNlcjEtQ1AuMDYuMDEwgZ8wDQ" + + "YJKoZIhvcNAQEBBQADgY0AMIGJAoGBAOh7lUwMRet7t/ABI6mo27CsnRzQ64Xx7f1dqxrJ" + + "NuuSRslVShaWnwiGHjc+5/TS7Urfj9VO0dseBCzPsyYFoIX1q7Q5zlArwy24qpXTGMmlpE" + + "GByzi7jkXO8w5+wqh3+8RFrQQzr71zLtAVV/qPUyleuF8M8jzkwfPvawunmwdLAgMBAAGj" + + "UjBQMA4GA1UdDwEB/wQEAwIF4DAWBgNVHSAEDzANMAsGCWCGSAFlAwEwATARBgNVHQ4ECg" + + "QIayC0PPU9zyswEwYDVR0jBAwwCoAICIAmlz6+Cc0wDQYJKoZIhvcNAQEFBQADgYEAPz7b" + + "UvaEV7Myjhe8LJO/soj84X71rvVPtBPrhYjWTJ6p69GCfJRyho3vAUIt8RFal1GFb72c45" + + "DQGkcVzLLJw8cDP3ajtWac5HZ9dNPJkW+Kh12l9gqjn061XAjQ4XnbbwQDYCuXhguPE9v3" + + "kzDbimwVwIEOB/4SARX37y7TUWk="; + public readonly string[] TEST_20_DATA = new string[] + { + Intermediate_Certificate_CP_06_01_crt, + Intermediate_CRL_CP_06_01_crl, + End_Certificate_CP_06_01_crt + }; + + /* + * test21 + * + */ + public const string Intermediate_Certificate_CP_06_02_crt = + "MIIClTCCAf6gAwIBAgIBKTANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1" + + "UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb0QxEDAOBgNVBAsTB1Rlc3Rpbmcx" + + "FTATBgNVBAMTDFRydXN0IEFuY2hvcjAeFw05ODAxMDExMjAxMDBaFw00ODAxMDExMjAxMD" + + "BaMF4xCzAJBgNVBAYTAlVTMRgwFgYDVQQKEw9VLlMuIEdvdmVybm1lbnQxDDAKBgNVBAsT" + + "A0RvZDEQMA4GA1UECxMHVGVzdGluZzEVMBMGA1UEAxMMQ0ExLUNQLjA2LjAyMIGfMA0GCS" + + "qGSIb3DQEBAQUAA4GNADCBiQKBgQC/IejV3DmeaLW8OwMfAGyr5+8NOxM1C+UBYslbOfWj" + + "KUGdhlX6TxFc5AOJVJBpS/QjeA+RWoUCxnxKb9QSlOrBmADrcnGz8zV0/c0JDLaU3oSgsV" + + "EWZE0SexBVWrKcl1j7wN0RuxMeAp342/YoyvBwea3VeqJkmSCc7Y2TjruWEQIDAQABo2Mw" + + "YTAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBBjAWBgNVHSAEDzANMAsGCWCGSA" + + "FlAwEwATARBgNVHQ4ECgQIaHxWOdHsLbUwEwYDVR0jBAwwCoAIq5rr+cLnVI8wDQYJKoZI" + + "hvcNAQEFBQADgYEAuzeq/lqp0qs62krK6EA81Silhy42l/KmynE3mVu9GPBgQS0BUDi7+r" + + "QQ+m0UxYElzj2SNO4J5aBYeC98lVJFCHX7QE8yVOoPBQd5rA+rrz4HD9QoP7glxTqLU6Tc" + + "9VFd+iaFpqsVtSh2bxH2BtUB2ARgebTklaNl5VPbu0+yc2I="; + public const string Intermediate_CRL_CP_06_02_crl = + "MIIBbzCB2QIBATANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS" + + "5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNV" + + "BAMTDENBMS1DUC4wNi4wMhcNOTkwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMTAwWjAiMCACAS" + + "oXDTk5MDEwMTEyMDAwMFowDDAKBgNVHRUEAwoBAaAjMCEwCgYDVR0UBAMCAQEwEwYDVR0j" + + "BAwwCoAIaHxWOdHsLbUwDQYJKoZIhvcNAQEFBQADgYEAYGaAzVoUdlSZ3uGKiRPfHAFIoK" + + "T79hNOvtOxaGA0aIek9OypDrDqYAh/s2jsXSheL0pr/v9WRIHvtCt7ytXDxVyn4Nxjpfv7" + + "BkAMMiccdUx1OH1VElTRkmmtMe7ROzUeHUGzXJNPex1Bc9BvSChH18bWYckyOZdYJBjctC" + + "KJFgw="; + public const string End_Certificate_CP_06_02_crt = + "MIIChjCCAe+gAwIBAgIBKjANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1" + + "UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3Rpbmcx" + + "FTATBgNVBAMTDENBMS1DUC4wNi4wMjAeFw05ODAxMDExMjAxMDBaFw00ODAxMDExMjAxMD" + + "BaMGAxCzAJBgNVBAYTAlVTMRgwFgYDVQQKEw9VLlMuIEdvdmVybm1lbnQxDDAKBgNVBAsT" + + "A0RvRDEQMA4GA1UECxMHVGVzdGluZzEXMBUGA1UEAxMOVXNlcjEtQ1AuMDYuMDIwgZ8wDQ" + + "YJKoZIhvcNAQEBBQADgY0AMIGJAoGBAK4D9H8JxeIrFuOmx0cSkIYNS0p7cDSBlcc57Na3" + + "+1k7lJD7mE9ZP6/47YsDVK2bwe4aTKCTXtPk/kGQ6bsLswJXbyW4k4+f5LeAYoXgbmZXjA" + + "WF+BKIl8uKetsqC3HkCeqhBaY1AGUqef4oOAkakEP+1jYFumNYtMaB+9x/0ncBAgMBAAGj" + + "UjBQMA4GA1UdDwEB/wQEAwIF4DAWBgNVHSAEDzANMAsGCWCGSAFlAwEwATARBgNVHQ4ECg" + + "QIC9MiJNI71RMwEwYDVR0jBAwwCoAIaHxWOdHsLbUwDQYJKoZIhvcNAQEFBQADgYEAo/ib" + + "mIxteityjZlszjCc/s7yM/0snL78pYpMOZ3P2TPKkYh2Th4+Bw8JqX10+M/zwFBj5Bw7Im" + + "zCIRfS3GFuKmcVcyHB4OZLMcQZtXWA8GOZ94YvWq5TBINlVtThQtusQj15KBq2TJNNFUyD" + + "pBdvyo05AnEsRY0HbIQu6ZhNQ40="; + public readonly string[] TEST_21_DATA = new string[] + { + Intermediate_Certificate_CP_06_02_crt, + Intermediate_CRL_CP_06_02_crl, + End_Certificate_CP_06_02_crt + }; + + /* + * test22 + * + */ + public const string Intermediate_Certificate_IC_01_01_crt = + "MIIChDCCAe2gAwIBAgIBKzANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1" + + "UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb0QxEDAOBgNVBAsTB1Rlc3Rpbmcx" + + "FTATBgNVBAMTDFRydXN0IEFuY2hvcjAeFw05ODAxMDExMjAxMDBaFw00ODAxMDExMjAxMD" + + "BaMF4xCzAJBgNVBAYTAlVTMRgwFgYDVQQKEw9VLlMuIEdvdmVybm1lbnQxDDAKBgNVBAsT" + + "A0RvZDEQMA4GA1UECxMHVGVzdGluZzEVMBMGA1UEAxMMQ0ExLUlDLjAxLjAxMIGfMA0GCS" + + "qGSIb3DQEBAQUAA4GNADCBiQKBgQDDOu1J/VIzbB4VcS2Dwf2fsHOmIj3iatM8y61V7CrN" + + "RCxCWTJ1Os8e/mFWOi/zN+0afizA0UzJDTe8L++/RlP68IFg5Ju2OhXqQC3HbUZmQ7ve9g" + + "QdWTfur3oEJV6/XoVE4WG0Ic7D1p7BENb3LUT+8MJdSboTvAggA1CiOI6zRQIDAQABo1Iw" + + "UDAOBgNVHQ8BAf8EBAMCAQYwFgYDVR0gBA8wDTALBglghkgBZQMBMAEwEQYDVR0OBAoECP" + + "RyRiSV+4XrMBMGA1UdIwQMMAqACKua6/nC51SPMA0GCSqGSIb3DQEBBQUAA4GBAJlmJ9EW" + + "9ujUosqHZyZkniu2vX8VOL52OnxtLxw3LqxLyuxivjyYCaMAaJNr7/xfm3C2ozh9mQyZTQ" + + "6TpBapLFUH8QsEKUhy57MDUgIvZsyOvvjJh3AXfSkXDaMZ3ncLg6x0wwjN/Hxu9i+IhX1W" + + "1E7/5foGx7AEVfwY7Fo9S82d"; + public const string Intermediate_CRL_IC_01_01_crl = + "MIIBSzCBtQIBATANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS" + + "5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNV" + + "BAMTDENBMS1JQy4wMS4wMRcNOTkwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMTAwWqAjMCEwCg" + + "YDVR0UBAMCAQEwEwYDVR0jBAwwCoAI9HJGJJX7heswDQYJKoZIhvcNAQEFBQADgYEAV4DM" + + "F5gU8MZ6E/mnjAWS+dIRKUBJV1GZJ+hOysdbmK1hD0mj5Pd5qTzlcvLjuatIoIsB5DCpYd" + + "AcNRLVvF5EJFhVjqsPzRlfUZth0Xqa+U/DeHjVxHxYsLEOSt+v2bLkbGh88SmOAk6F8xj1" + + "l7YIfPX5cIkUBTVZlsUt51slMXc="; + public const string End_Certificate_IC_01_01_crt = + "MIIChjCCAe+gAwIBAgIBLDANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1" + + "UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3Rpbmcx" + + "FTATBgNVBAMTDENBMS1JQy4wMS4wMTAeFw05ODAxMDExMjAxMDBaFw00ODAxMDExMjAxMD" + + "BaMGAxCzAJBgNVBAYTAlVTMRgwFgYDVQQKEw9VLlMuIEdvdmVybm1lbnQxDDAKBgNVBAsT" + + "A0RvRDEQMA4GA1UECxMHVGVzdGluZzEXMBUGA1UEAxMOVXNlcjEtSUMuMDEuMDEwgZ8wDQ" + + "YJKoZIhvcNAQEBBQADgY0AMIGJAoGBAPrk1fosBu0hemIKgTDCeV/RoFbbsm02X4LfZonX" + + "KeGRGYZXz4tpWgbNpjKBq1e/2bOO1DCn9I8I2kjvZdOkabk4MLeuRDo/sqlNndu4Ar5502" + + "pAo4A2V0QLR4IDHAJoDpxtSFrqELOiiyCx9O9V19ywe5pcBFrxVEWDqTnBUeDJAgMBAAGj" + + "UjBQMA4GA1UdDwEB/wQEAwIF4DAWBgNVHSAEDzANMAsGCWCGSAFlAwEwATARBgNVHQ4ECg" + + "QIbI6BhABrmQ8wEwYDVR0jBAwwCoAI9HJGJJX7heswDQYJKoZIhvcNAQEFBQADgYEAYzYy" + + "M0wbzNhZftAWz7TfFi64uA9WmTmd4MeK9vga4ChswT4H1zlaV1Sr+3hqpGmOoP5AUd9XIq" + + "O/ui+/gFaeuOLI+ATmK+V2KHGAneMwzcw9qbXRc+xZqGGjbXMb3Bowe3qrj3mhyowfa1n7" + + "x5xB7XEOqO6sfWxLdDjLVo4sn88="; + public readonly string[] TEST_22_DATA = new string[] + { + Intermediate_Certificate_IC_01_01_crt, + Intermediate_CRL_IC_01_01_crl, + End_Certificate_IC_01_01_crt + }; + + /* + * test23 + * + */ + public const string Intermediate_Certificate_IC_02_01_crt = + "MIICkjCCAfugAwIBAgIBLTANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1" + + "UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb0QxEDAOBgNVBAsTB1Rlc3Rpbmcx" + + "FTATBgNVBAMTDFRydXN0IEFuY2hvcjAeFw05ODAxMDExMjAxMDBaFw00ODAxMDExMjAxMD" + + "BaMF4xCzAJBgNVBAYTAlVTMRgwFgYDVQQKEw9VLlMuIEdvdmVybm1lbnQxDDAKBgNVBAsT" + + "A0RvZDEQMA4GA1UECxMHVGVzdGluZzEVMBMGA1UEAxMMQ0ExLUlDLjAyLjAxMIGfMA0GCS" + + "qGSIb3DQEBAQUAA4GNADCBiQKBgQDemJgZnOzXOwNGqRA3Xq9aMrAWQU4oFuhSELsEYfLZ" + + "GO3ntBjJLqCn+rs3FjR9N94cu63TduOAgqlXqrNbvyO1+SF9m35JXreqn/OS6KrK6c8W2I" + + "pDAWJcr89nGyyCXMoJeaOOtj8m2NjZblmCZvtAl5UMOew73GE7Z5fE+jtA2wIDAQABo2Aw" + + "XjAMBgNVHRMBAf8EAjAAMA4GA1UdDwEB/wQEAwIBBjAWBgNVHSAEDzANMAsGCWCGSAFlAw" + + "EwATARBgNVHQ4ECgQIhT9GjaaHj68wEwYDVR0jBAwwCoAIq5rr+cLnVI8wDQYJKoZIhvcN" + + "AQEFBQADgYEAWhKJUujLapxpz/DoD/w48HMzkL6UQCxQPOAjwwHicX8wFcKmcrWLVBdVC3" + + "0+ywrzMraWhaq+QCOqsgtxCwTZrfUxbCNqhKS0lZijCMgNN4Jht+PAZ22tzEsw7nCwiMM2" + + "n1jeKF/3btoDEUvZn9SuzhkIyxy7Q8l2tbNOsANqpxE="; + public const string Intermediate_CRL_IC_02_01_crl = + "MIIBSzCBtQIBATANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS" + + "5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNV" + + "BAMTDENBMS1JQy4wMi4wMRcNOTkwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMTAwWqAjMCEwCg" + + "YDVR0UBAMCAQEwEwYDVR0jBAwwCoAIhT9GjaaHj68wDQYJKoZIhvcNAQEFBQADgYEAJsjf" + + "oS3F1KMpcVBOC1Z6P5N20TYLCCHG6KETlBA3Rjf8ehNxJKJW0lGd7qHpVHp4BGvkSfaOAa" + + "OrC0G59wjDEY+Ci4QS46OYzBcHXMFX5HF2xMq+y5SfQnyV6MQUVVkxJRjgsTLrYwP2JaYm" + + "BK/zExhqQgPfgcR+56swBPXqogo="; + public const string End_Certificate_IC_02_01_crt = + "MIIChjCCAe+gAwIBAgIBLjANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1" + + "UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3Rpbmcx" + + "FTATBgNVBAMTDENBMS1JQy4wMi4wMTAeFw05ODAxMDExMjAxMDBaFw00ODAxMDExMjAxMD" + + "BaMGAxCzAJBgNVBAYTAlVTMRgwFgYDVQQKEw9VLlMuIEdvdmVybm1lbnQxDDAKBgNVBAsT" + + "A0RvRDEQMA4GA1UECxMHVGVzdGluZzEXMBUGA1UEAxMOVXNlcjEtSUMuMDIuMDEwgZ8wDQ" + + "YJKoZIhvcNAQEBBQADgY0AMIGJAoGBANbTVeAxOibAO3KGqxxY3VqKXDr9tKJN+igpKb4w" + + "goR0ZnWGDusSVm4pvneZ9qfmi8A0sM0E91+B2hAwsU6Y9RoA7nPsTkFYi5F+hHGIF46Op6" + + "8blGrZraGf9bsWXCZFoLoxcgltwjGPQqyZ5mnnm8cxUbtaWmgo28MK1yBH/sS5AgMBAAGj" + + "UjBQMA4GA1UdDwEB/wQEAwIF4DAWBgNVHSAEDzANMAsGCWCGSAFlAwEwATARBgNVHQ4ECg" + + "QI3gkBNo/SISMwEwYDVR0jBAwwCoAIhT9GjaaHj68wDQYJKoZIhvcNAQEFBQADgYEAQGl1" + + "7uT2xxYDks6HolrQIpesIoPqEiZ8TkizEBuLG3sUKsC7klHwy2iyVvA6nRUDwf/XzDLpGW" + + "/Gn0KTW6ZYIX6snOC1+7HX5OJglQx8tDpDvcAgyocK8PvCrHfu9o33J49aSeLAVpoCHwne" + + "tTtJxVfTMmjYWKeDbHHHi8a2YTI="; + public readonly string[] TEST_23_DATA = new string[] + { + Intermediate_Certificate_IC_02_01_crt, + Intermediate_CRL_IC_02_01_crl, + End_Certificate_IC_02_01_crt + }; + + /* + * test24 + * + */ + public const string Intermediate_Certificate_IC_02_02_crt = + "MIIClTCCAf6gAwIBAgIBLzANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1" + + "UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb0QxEDAOBgNVBAsTB1Rlc3Rpbmcx" + + "FTATBgNVBAMTDFRydXN0IEFuY2hvcjAeFw05ODAxMDExMjAxMDBaFw00ODAxMDExMjAxMD" + + "BaMF4xCzAJBgNVBAYTAlVTMRgwFgYDVQQKEw9VLlMuIEdvdmVybm1lbnQxDDAKBgNVBAsT" + + "A0RvZDEQMA4GA1UECxMHVGVzdGluZzEVMBMGA1UEAxMMQ0ExLUlDLjAyLjAyMIGfMA0GCS" + + "qGSIb3DQEBAQUAA4GNADCBiQKBgQDoeA32BPwgq8pLJoR/tbOSjHtAz6fmzvzJrhJMvl64" + + "ccVuIzGxzOneYsO/ZYWy3ZGtlCoMZJRnS83tw0ikU9vQUwBw7DEcfRlLKYkY68rp25N1V5" + + "JEjnlHw+RvubdGkonWzUNJFbY1GA24J3no2GZHiLPgWmGb1jsA8Ag32MUrCQIDAQABo2Mw" + + "YTAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBBjAWBgNVHSAEDzANMAsGCWCGSA" + + "FlAwEwATARBgNVHQ4ECgQIKx4Ybzu2PaYwEwYDVR0jBAwwCoAIq5rr+cLnVI8wDQYJKoZI" + + "hvcNAQEFBQADgYEAotGeNFzmktvcxpCRcpuARHkv1lW+LegvbDBnSPvGnr1+Cn9rZcuLup" + + "u8ex6VJ7KWtgWBtzdOelerO6ytfWQ67uNpTOuc0SDdk/f3tCagdx44LBVQywuq/Kj57ZuN" + + "jpe4J8UPZSBFFK+P3gTX3S/lIKsDi6xjRnqFLSQYGX2XiIE="; + public const string Intermediate_CRL_IC_02_02_crl = + "MIIBSzCBtQIBATANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS" + + "5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNV" + + "BAMTDENBMS1JQy4wMi4wMhcNOTkwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMTAwWqAjMCEwCg" + + "YDVR0UBAMCAQEwEwYDVR0jBAwwCoAIKx4Ybzu2PaYwDQYJKoZIhvcNAQEFBQADgYEAOfuX" + + "wRv4skbPZAbOH/LVXdc/cA7vCSTAnWecN3ZKm/eCsxbyRxqn7fcDyHmqg5H3Ac5UOlMHR4" + + "FMe0Dp+Yu4Xg8xg3zRvE/3M/5jyRILGGi7olh4ikkOMD+UlreysvYvUX2MVP1iM9qAkXh8" + + "E8n/LZIlABN2GGkFEMRMJA6KTXg="; + public const string End_Certificate_IC_02_02_crt = + "MIIChjCCAe+gAwIBAgIBMDANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1" + + "UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3Rpbmcx" + + "FTATBgNVBAMTDENBMS1JQy4wMi4wMjAeFw05ODAxMDExMjAxMDBaFw00ODAxMDExMjAxMD" + + "BaMGAxCzAJBgNVBAYTAlVTMRgwFgYDVQQKEw9VLlMuIEdvdmVybm1lbnQxDDAKBgNVBAsT" + + "A0RvRDEQMA4GA1UECxMHVGVzdGluZzEXMBUGA1UEAxMOVXNlcjEtSUMuMDIuMDIwgZ8wDQ" + + "YJKoZIhvcNAQEBBQADgY0AMIGJAoGBAKogqWGx9EpJ/0G7ORopyIQ4IZXYKKTE48WqOJbu" + + "nLD3txGjMUb5Xefl/QyTfd6J758ddGzPiKs1zWO6riffJLIBoOFDmt8tchPBJuIM3gKgXe" + + "VcZMyF5mebm5/GZekMOjbs8P/zbLdrlu1D9CZWZMXONYitdluSg2moMGbewS2NAgMBAAGj" + + "UjBQMA4GA1UdDwEB/wQEAwIF4DAWBgNVHSAEDzANMAsGCWCGSAFlAwEwATARBgNVHQ4ECg" + + "QIP8N7OmNGshEwEwYDVR0jBAwwCoAIKx4Ybzu2PaYwDQYJKoZIhvcNAQEFBQADgYEAwkpF" + + "j6Kv+OcKrUtOgnH9QddB0Ej0oU6B5/5Hhhf3liAPKtllDHnhUj6nqfh4APNq/iqYFOkKMR" + + "RUZoaj6kakJNSOlgvRIiQfuFIgv3CqLZnhr85YFRnKgoluZE1pq3TvunoiKyJbCjbmyCos" + + "Rd32gVcJq024xvY2eVBTl6tfn5A="; + public readonly string[] TEST_24_DATA = new string[] + { + Intermediate_Certificate_IC_02_02_crt, + Intermediate_CRL_IC_02_02_crl, + End_Certificate_IC_02_02_crt + }; + + /* + * test25 + * + */ + public const string Intermediate_Certificate_IC_02_03_crt = + "MIICjzCCAfigAwIBAgIBMTANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1" + + "UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb0QxEDAOBgNVBAsTB1Rlc3Rpbmcx" + + "FTATBgNVBAMTDFRydXN0IEFuY2hvcjAeFw05ODAxMDExMjAxMDBaFw00ODAxMDExMjAxMD" + + "BaMF4xCzAJBgNVBAYTAlVTMRgwFgYDVQQKEw9VLlMuIEdvdmVybm1lbnQxDDAKBgNVBAsT" + + "A0RvZDEQMA4GA1UECxMHVGVzdGluZzEVMBMGA1UEAxMMQ0ExLUlDLjAyLjAzMIGfMA0GCS" + + "qGSIb3DQEBAQUAA4GNADCBiQKBgQC7LFt+yGItQFqSEPi03ICIr5ydWnFPQHZdEMNu2tRU" + + "3XiOpfam1wl0xgAPGBkQK768OfidpP/i1hgYOU/isOB5dyALscvIQ9XJG1OWQXBBLgKuCb" + + "MS5fuDhBNa4KiFuGMbJ3/UjluRsD9qaXwGUavc436JwbRHvW8FomaBYYY1hQIDAQABo10w" + + "WzAJBgNVHRMEAjAAMA4GA1UdDwEB/wQEAwIBBjAWBgNVHSAEDzANMAsGCWCGSAFlAwEwAT" + + "ARBgNVHQ4ECgQIPsBg9tMABhAwEwYDVR0jBAwwCoAIq5rr+cLnVI8wDQYJKoZIhvcNAQEF" + + "BQADgYEANZcayTTX+FGhtRUJ+XuYA7jR14CJL6qTHPvdSMgHNw9mGXI/7sO5I4v1vayOCI" + + "YQ9luBvrTYlMPmuej8+bhM8YTYpiiOjVFANwvSKArI9U2CAGBcoBMXydykkm8qYw4gtYQT" + + "neiOz7VqI9plLWA111IRMgayD3CAt4Ntpzd1VSE="; + public const string Intermediate_CRL_IC_02_03_crl = + "MIIBSzCBtQIBATANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS" + + "5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNV" + + "BAMTDENBMS1JQy4wMi4wMxcNOTkwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMTAwWqAjMCEwCg" + + "YDVR0UBAMCAQEwEwYDVR0jBAwwCoAIPsBg9tMABhAwDQYJKoZIhvcNAQEFBQADgYEAVeQi" + + "tT1FRUaJlhfpkfjZr6VHmvGnqYapdo4DRT/pm8tsp1LbZZXpYW638ztwgZNgeBRPFlcb+x" + + "8naQjEkoaYzLbCYfdY+PPVDv7ym15PE48Kve8ImvANY0YnTGS8pcKdK1dpNKBnYYMOG9JN" + + "+H5K/4cSm/WMCKIuKdsiAWFYauE="; + public const string End_Certificate_IC_02_03_crt = + "MIIChjCCAe+gAwIBAgIBMjANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1" + + "UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3Rpbmcx" + + "FTATBgNVBAMTDENBMS1JQy4wMi4wMzAeFw05ODAxMDExMjAxMDBaFw00ODAxMDExMjAxMD" + + "BaMGAxCzAJBgNVBAYTAlVTMRgwFgYDVQQKEw9VLlMuIEdvdmVybm1lbnQxDDAKBgNVBAsT" + + "A0RvRDEQMA4GA1UECxMHVGVzdGluZzEXMBUGA1UEAxMOVXNlcjEtSUMuMDIuMDMwgZ8wDQ" + + "YJKoZIhvcNAQEBBQADgY0AMIGJAoGBALGbo9yEujZ9RFU+Vmxb5+Rx1VdIG/3E/5hXV/xI" + + "OFu4mEfYh2tBhP2qIMH2KbrR1tiW5t4DvTCBM3NKKqp75wpiuu7E3q6imt1pLbGW13NVL+" + + "81gYWXnCnzHpxYjMTIqqCkPIAeOG+SBJ1MgERbL+NBl+AK3WG4TeQ8vw7r2CGrAgMBAAGj" + + "UjBQMA4GA1UdDwEB/wQEAwIF4DAWBgNVHSAEDzANMAsGCWCGSAFlAwEwATARBgNVHQ4ECg" + + "QIS/HbII+ki/kwEwYDVR0jBAwwCoAIPsBg9tMABhAwDQYJKoZIhvcNAQEFBQADgYEAWHy4" + + "sHrTkqY1XjDBY5XpNEyhP6htcnjYD9bos4wjxPlJUyxdIWACWrLDE+R5iRCOYsh/nDAJEt" + + "CUcVASukvP6VLJaFjyxUOaCp6JCVV+txk7Fh0S/Ur3Zyysfp5LllP1plOA3N/k1Hliljp0" + + "+bnSiDhA1+3hJh0gDMjWUdRq9yM="; + public readonly string[] TEST_25_DATA = new string[] + { + Intermediate_Certificate_IC_02_03_crt, + Intermediate_CRL_IC_02_03_crl, + End_Certificate_IC_02_03_crt + }; + + /* + * test26 + * + */ + public const string Intermediate_Certificate_IC_02_04_crt = + "MIICkjCCAfugAwIBAgIBMzANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1" + + "UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb0QxEDAOBgNVBAsTB1Rlc3Rpbmcx" + + "FTATBgNVBAMTDFRydXN0IEFuY2hvcjAeFw05ODAxMDExMjAxMDBaFw00ODAxMDExMjAxMD" + + "BaMF4xCzAJBgNVBAYTAlVTMRgwFgYDVQQKEw9VLlMuIEdvdmVybm1lbnQxDDAKBgNVBAsT" + + "A0RvZDEQMA4GA1UECxMHVGVzdGluZzEVMBMGA1UEAxMMQ0ExLUlDLjAyLjA0MIGfMA0GCS" + + "qGSIb3DQEBAQUAA4GNADCBiQKBgQDf5u5ouGQlQmdNfc4ell3RXKWmtq+ar9VKMme3kp8D" + + "cbDbUaVwlvhWTkOKxb9I208wfGG2nQiArezIwutlASf7sWo16EPapmGdCF+rp1dpjAPBUu" + + "fruEyCZ8nu2ITD52wuPY9OAcKHQE2/bBpCJWkw97fYX6Q9PPW5uobWoUJtOwIDAQABo2Aw" + + "XjAMBgNVHRMEBTADAQH/MA4GA1UdDwEB/wQEAwIBBjAWBgNVHSAEDzANMAsGCWCGSAFlAw" + + "EwATARBgNVHQ4ECgQIjDm8K5YcGakwEwYDVR0jBAwwCoAIq5rr+cLnVI8wDQYJKoZIhvcN" + + "AQEFBQADgYEAEQIJeZj/HE3HvjjJV7PdU+2Ze8OeCYeeWDocxrA647xpeOksVXBXKmq2OV" + + "NqoFk7YNtlSUqiS2TlqjGqLtKYetk7a17qS/8EIQct+H5KWdvkLkYMkfIAAMJvJZHPGxEv" + + "j+oVPAi9FITRbFdN8Jvdo9MAuU2q8d2x8MF236RmEds="; + public const string Intermediate_CRL_IC_02_04_crl = + "MIIBSzCBtQIBATANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS" + + "5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNV" + + "BAMTDENBMS1JQy4wMi4wNBcNOTkwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMTAwWqAjMCEwCg" + + "YDVR0UBAMCAQEwEwYDVR0jBAwwCoAIjDm8K5YcGakwDQYJKoZIhvcNAQEFBQADgYEAV5bX" + + "7WsT8sWeA0iQ7V/+ZQESDzvyHA7Ziju0iRsvTL7qOVF/Nl5v+zND+ZNPhdJDKEM/Q0lEaA" + + "ybe0E73NMmM1qRX1daAwE++jHukF9TMeNl750HJaS667H6jcjeRrHUJDD0+AgqrZY52dL6" + + "CPM3V4QSvdfc1/xtKmNIZWSSoqY="; + public const string End_Certificate_IC_02_04_crt = + "MIIChjCCAe+gAwIBAgIBNDANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1" + + "UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3Rpbmcx" + + "FTATBgNVBAMTDENBMS1JQy4wMi4wNDAeFw05ODAxMDExMjAxMDBaFw00ODAxMDExMjAxMD" + + "BaMGAxCzAJBgNVBAYTAlVTMRgwFgYDVQQKEw9VLlMuIEdvdmVybm1lbnQxDDAKBgNVBAsT" + + "A0RvRDEQMA4GA1UECxMHVGVzdGluZzEXMBUGA1UEAxMOVXNlcjEtSUMuMDIuMDQwgZ8wDQ" + + "YJKoZIhvcNAQEBBQADgY0AMIGJAoGBAMW45d5dPrzUJbuRIDeQ5gIJRYxi80PxPvxSmJe8" + + "ScG1A+l75SAtgLGWAxBqxPSzL+teBBUsnmf2Xsc8/qQHHev74uat0lxq9YrZ3npLW2YNo2" + + "CfxLK0M7F1/bhkHK2f9ttIvOrrKI67BeEjfACULdJEhl431uWINWV0pY+fHq+pAgMBAAGj" + + "UjBQMA4GA1UdDwEB/wQEAwIF4DAWBgNVHSAEDzANMAsGCWCGSAFlAwEwATARBgNVHQ4ECg" + + "QII61NnUvgvjYwEwYDVR0jBAwwCoAIjDm8K5YcGakwDQYJKoZIhvcNAQEFBQADgYEAjwgL" + + "6qMnnqUvNspsDaYpPQzTCqXkqshZhsy5G/nLk621H/YbNGlnZ6asHGljYVYMzjmcny16y6" + + "ntiv9QPB7YorAx27WT7pQPFla96s+nM/rfwWHPWI6QGDsquPriwJm/MwQC+1oDXEFKvdIL" + + "0urejfd5hgiXYbRRwMI7km97iHg="; + public readonly string[] TEST_26_DATA = new string[] + { + Intermediate_Certificate_IC_02_04_crt, + Intermediate_CRL_IC_02_04_crl, + End_Certificate_IC_02_04_crt + }; + + /* + * test27 + * + */ + public const string Intermediate_Certificate_IC_04_01_crt = + "MIICjzCCAfigAwIBAgIBNTANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1" + + "UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb0QxEDAOBgNVBAsTB1Rlc3Rpbmcx" + + "FTATBgNVBAMTDFRydXN0IEFuY2hvcjAeFw05ODAxMDExMjAxMDBaFw00ODAxMDExMjAxMD" + + "BaMF4xCzAJBgNVBAYTAlVTMRgwFgYDVQQKEw9VLlMuIEdvdmVybm1lbnQxDDAKBgNVBAsT" + + "A0RvZDEQMA4GA1UECxMHVGVzdGluZzEVMBMGA1UEAxMMQ0ExLUlDLjA0LjAxMIGfMA0GCS" + + "qGSIb3DQEBAQUAA4GNADCBiQKBgQDBtNwpr9LZBF2LRtAp9Tb1FZnfM3b/Jv2sdO5zc/Bk" + + "sO4ByUgY+Mux9dEvFrkVWBK110TvXn+dj+85TuboILv4MDKlu+tI/rtuadXGwwDIg8TQnz" + + "uyC7LWhxM5JZs1/Is+sPKUY4PTCHs3+EHPBWf2tFiP3l6ZftkySEiL6+2LSQIDAQABo10w" + + "WzAMBgNVHRMEBTADAQH/MAsGA1UdDwQEAwIBBjAWBgNVHSAEDzANMAsGCWCGSAFlAwEwAT" + + "ARBgNVHQ4ECgQIbMuZ73onuZswEwYDVR0jBAwwCoAIq5rr+cLnVI8wDQYJKoZIhvcNAQEF" + + "BQADgYEAhaTSc2xafdP/QceMm9YJ/rZJ5gTgBR/SlmKQwd2BclHabG+Fozdg4delDjtRXS" + + "FKY3sFWBFZHVeprh4T93Oj6IVA5X4DIuUeBpprtS+psCnWZxdtcUWmbyYQwZNCifG5C5D0" + + "lRwxlMlv40xT2oCM1zPZpfmqemBDUPJ2OhkCjvo="; + public const string Intermediate_CRL_IC_04_01_crl = + "MIIBSzCBtQIBATANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS" + + "5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNV" + + "BAMTDENBMS1JQy4wNC4wMRcNOTkwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMTAwWqAjMCEwCg" + + "YDVR0UBAMCAQEwEwYDVR0jBAwwCoAIbMuZ73onuZswDQYJKoZIhvcNAQEFBQADgYEAMk6D" + + "Rztz1AyFnFr1KAlbjLLwxtQplf2eIc//zUkDFVUHtX5TrEC/ijUaItjdkOoPGQfpnL0w8x" + + "wyqWndMh593QPCqIJTtv/iACoiJNZ90ZJS0adcdZ+AEmQpa0Zv0e1JOqRrPoAfTq4HrOfR" + + "vhBwhvKQNtTExupW/EBudznKC6Q="; + public const string End_Certificate_IC_04_01_crt = + "MIIChjCCAe+gAwIBAgIBNjANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1" + + "UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3Rpbmcx" + + "FTATBgNVBAMTDENBMS1JQy4wNC4wMTAeFw05ODAxMDExMjAxMDBaFw00ODAxMDExMjAxMD" + + "BaMGAxCzAJBgNVBAYTAlVTMRgwFgYDVQQKEw9VLlMuIEdvdmVybm1lbnQxDDAKBgNVBAsT" + + "A0RvRDEQMA4GA1UECxMHVGVzdGluZzEXMBUGA1UEAxMOVXNlcjEtSUMuMDQuMDEwgZ8wDQ" + + "YJKoZIhvcNAQEBBQADgY0AMIGJAoGBAM2dGkraKGdIi6EXxAu6/ekMqDloX5YSVBGh4Hp2" + + "faujr1u4j8Lp8afqjngRxFUpTqGbqH0ETgm4cVPXmc9rUvUzYTMdxTUmIZ+iW+ULZEvzNB" + + "712kxRPCD2kDFN2fH2ai8miXr434w+weLm8VQN4jJGo4nswhSs2w1gsUmWyn/ZAgMBAAGj" + + "UjBQMA4GA1UdDwEB/wQEAwIF4DAWBgNVHSAEDzANMAsGCWCGSAFlAwEwATARBgNVHQ4ECg" + + "QITsLx/sO1edwwEwYDVR0jBAwwCoAIbMuZ73onuZswDQYJKoZIhvcNAQEFBQADgYEAeKft" + + "0RM8/b3zQodaKrTdWiFyLg5fzoOsTecSfdFPXoqz9J5ejLVkvJevSmfXJrIUhKXySzsQi+" + + "GazuTh/hvWjwUTIvmupi+EiFudnMpXCro8bgi48+NkepNjXvjsSmOfzlrK3SxtpH5dqonL" + + "6LHjGyg+Xp0Nor1m5g1rLHyrcEk="; + public readonly string[] TEST_27_DATA = new string[] + { + Intermediate_Certificate_IC_04_01_crt, + Intermediate_CRL_IC_04_01_crl, + End_Certificate_IC_04_01_crt + }; + + /* + * test28 + * + */ + public const string Intermediate_Certificate_IC_05_01_crt = + "MIIClTCCAf6gAwIBAgIBNzANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1" + + "UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb0QxEDAOBgNVBAsTB1Rlc3Rpbmcx" + + "FTATBgNVBAMTDFRydXN0IEFuY2hvcjAeFw05ODAxMDExMjAxMDBaFw00ODAxMDExMjAxMD" + + "BaMF4xCzAJBgNVBAYTAlVTMRgwFgYDVQQKEw9VLlMuIEdvdmVybm1lbnQxDDAKBgNVBAsT" + + "A0RvZDEQMA4GA1UECxMHVGVzdGluZzEVMBMGA1UEAxMMQ0ExLUlDLjA1LjAxMIGfMA0GCS" + + "qGSIb3DQEBAQUAA4GNADCBiQKBgQDM3aWmgX3OzAaBg6lnWjpFQ9ufeTOia3+lIUqn+Ypf" + + "5OH/s9dLRqg1ZynV3YIUyzaJPP/YlUEmrhheJn3Bjw25bHeIKdge73pfEbuBAugbUMS75D" + + "csBV7Ze9D+sVw8w/LtT3ZPcvM3Vju4d+c14Ip/8pC15jlgQPhwVQSf0x3V2QIDAQABo2Mw" + + "YTAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBAjAWBgNVHSAEDzANMAsGCWCGSA" + + "FlAwEwATARBgNVHQ4ECgQIJ2DFtxoQnXkwEwYDVR0jBAwwCoAIq5rr+cLnVI8wDQYJKoZI" + + "hvcNAQEFBQADgYEASvdcfBOh2d1dC10pGLZLI3T+oSPCup/U9riynIR3RxZsIaS/+Q2s81" + + "oeg++WQV6pyYvCLneZIp0efvqh5DThNV9lhBcJjlYwm/T8Hi2IaRGsSMwIvzrFN7zxA/zu" + + "tW98wigAKM2myk/nlYxmholgbQkQ7ZxYM3lD1TDRl69N66Q="; + public const string Intermediate_CRL_IC_05_01_crl = + "MIIBSzCBtQIBATANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS" + + "5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNV" + + "BAMTDENBMS1JQy4wNS4wMRcNOTkwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMTAwWqAjMCEwCg" + + "YDVR0UBAMCAQEwEwYDVR0jBAwwCoAIJ2DFtxoQnXkwDQYJKoZIhvcNAQEFBQADgYEAK7Ym" + + "Y9PjX5CpVewe2E9PNxj3dLYElghaQyapYoVtNq3jDqLMWspdmHdNdeaQoXsjlSJe0Zy8xH" + + "ZvpimwifnFZ5hq4yByzHjzNMpcA2yFtg2MtPWGEia+BmaZYZi3X0lR+OShKpNLFc4CfVM/" + + "aWG6W2BulHjIAThZhTg3uRekDzs="; + public const string End_Certificate_IC_05_01_crt = + "MIIChjCCAe+gAwIBAgIBODANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1" + + "UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3Rpbmcx" + + "FTATBgNVBAMTDENBMS1JQy4wNS4wMTAeFw05ODAxMDExMjAxMDBaFw00ODAxMDExMjAxMD" + + "BaMGAxCzAJBgNVBAYTAlVTMRgwFgYDVQQKEw9VLlMuIEdvdmVybm1lbnQxDDAKBgNVBAsT" + + "A0RvRDEQMA4GA1UECxMHVGVzdGluZzEXMBUGA1UEAxMOVXNlcjEtSUMuMDUuMDEwgZ8wDQ" + + "YJKoZIhvcNAQEBBQADgY0AMIGJAoGBALlcUtceuxDznvI3pVM7YddPcBOrNvrOtpuLOa1L" + + "Lj9LeNH6+8CzRZnMsUtt+bRGqCKMEJLUIIstWwGg4SskXWk2m+nDKm5Ai6Kyx4nldpgtgQ" + + "xZSEwNcwRhpy7TtmLkxDVM9DoTbIbK0dZ7aWw4bXVHPK/lnOMtOaJbFDq0sLfxAgMBAAGj" + + "UjBQMA4GA1UdDwEB/wQEAwIF4DAWBgNVHSAEDzANMAsGCWCGSAFlAwEwATARBgNVHQ4ECg" + + "QIiXgrRBVcDf0wEwYDVR0jBAwwCoAIJ2DFtxoQnXkwDQYJKoZIhvcNAQEFBQADgYEAhyO6" + + "SP6brWDDKZwdQGULno4Om5+DuilJKamyEcvSqE666z1KhvOCdLicqwVa6tQiAL6akrt5Kv" + + "R+TT0xqHR4JGosGLGolvK4DLrMeD+PRK7m1a+nJl44luo5Mn48HrKI7jn7n8Lp9bNdCHvr" + + "NHaQksCIR/Q8xoucPa+8sCTVSj4="; + public readonly string[] TEST_28_DATA = new string[] + { + Intermediate_Certificate_IC_05_01_crt, + Intermediate_CRL_IC_05_01_crl, + End_Certificate_IC_05_01_crt + }; + + /* + * test29 + * + */ + public const string Intermediate_Certificate_IC_05_02_crt = + "MIICkjCCAfugAwIBAgIBOTANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1" + + "UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb0QxEDAOBgNVBAsTB1Rlc3Rpbmcx" + + "FTATBgNVBAMTDFRydXN0IEFuY2hvcjAeFw05ODAxMDExMjAxMDBaFw00ODAxMDExMjAxMD" + + "BaMF4xCzAJBgNVBAYTAlVTMRgwFgYDVQQKEw9VLlMuIEdvdmVybm1lbnQxDDAKBgNVBAsT" + + "A0RvZDEQMA4GA1UECxMHVGVzdGluZzEVMBMGA1UEAxMMQ0ExLUlDLjA1LjAyMIGfMA0GCS" + + "qGSIb3DQEBAQUAA4GNADCBiQKBgQCrtIYqo2Is8Cd6Ld+fyWC755oA6hQiiruooaR/6O4z" + + "ikyhOUztnHkOGMF5H4CKWafwwVrfFtqe7iop3N6AToEIpNlJLVy3cj14A/IASVYSSNFeHd" + + "O44Id1NWhPiKx3paPTWslMEdKQV9BlXb7gu8pQpvqTa/38hNQ9vdil/4QZbQIDAQABo2Aw" + + "XjAPBgNVHRMBAf8EBTADAQH/MAsGA1UdDwQEAwIBAjAWBgNVHSAEDzANMAsGCWCGSAFlAw" + + "EwATARBgNVHQ4ECgQI9P78RavuWW8wEwYDVR0jBAwwCoAIq5rr+cLnVI8wDQYJKoZIhvcN" + + "AQEFBQADgYEA0sAEmWBYSazUav6RtuNFtZgNrlQ2i5i138VzRHoF/kq/CxeR/lINQqgJhC" + + "ZlUnlslUuM86g8OQGlR8SS0Wsi0MdCQCtPCKA2hStlTx9MMux2IZAGoyHy6P95UE9qINHE" + + "fYZUYjO9rh96fzNyJ5Oy2kJdJWdhFXtSh3BSOe0ZD+Y="; + public const string Intermediate_CRL_IC_05_02_crl = + "MIIBSzCBtQIBATANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS" + + "5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNV" + + "BAMTDENBMS1JQy4wNS4wMhcNOTkwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMTAwWqAjMCEwCg" + + "YDVR0UBAMCAQEwEwYDVR0jBAwwCoAI9P78RavuWW8wDQYJKoZIhvcNAQEFBQADgYEAlPLh" + + "+CMqRcbLgUKEAL2UlSY5tjsF8At0hf000kec93TnBf7f1NKYVJ5eyeoh/WK4s+k4paAA5E" + + "/P2C8JMlGXNTrqKZXMy2zIlufE1ymXAZCKLOLC5ezXRSpwIsBWxko2nfw8Bz/mZO/bCSCT" + + "nDwkH8BJIbFV51vJFlyyOmZnCz4="; + public const string End_Certificate_IC_05_02_crt = + "MIIChjCCAe+gAwIBAgIBOjANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1" + + "UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3Rpbmcx" + + "FTATBgNVBAMTDENBMS1JQy4wNS4wMjAeFw05ODAxMDExMjAxMDBaFw00ODAxMDExMjAxMD" + + "BaMGAxCzAJBgNVBAYTAlVTMRgwFgYDVQQKEw9VLlMuIEdvdmVybm1lbnQxDDAKBgNVBAsT" + + "A0RvRDEQMA4GA1UECxMHVGVzdGluZzEXMBUGA1UEAxMOVXNlcjEtSUMuMDUuMDIwgZ8wDQ" + + "YJKoZIhvcNAQEBBQADgY0AMIGJAoGBAMPsWBfT8HqaiLnoUCPAFniq502odL4uVqzOOxkx" + + "evZtjh7NaFlRjuYjTofdkj/IAgg7lkkBEW3auK47Td3TvqnHO401PqvOFNTlbhr5wDLmXS" + + "WWcR6XrvgYL3Z3wx15/z6eojcSgu07kdvKqzuLzcDs+noG8lbcruokX0A186pVAgMBAAGj" + + "UjBQMA4GA1UdDwEB/wQEAwIF4DAWBgNVHSAEDzANMAsGCWCGSAFlAwEwATARBgNVHQ4ECg" + + "QImgomUTkzwbEwEwYDVR0jBAwwCoAI9P78RavuWW8wDQYJKoZIhvcNAQEFBQADgYEATAEq" + + "YVV0iYdYomPqxbTapSCJFAMQO/WZhN9brCXP88+jRfk6cAHzTodQOYTOAVe8YXa904505e" + + "RA11NNTViP3s/AseGWuqbWjsom9mbR+tVkvufGqPQtm1JhfLgR/68e29AI7tj7zIJyFVYD" + + "nLRXGwMGnosqSHDle+WYyfok6a8="; + public readonly string[] TEST_29_DATA = new string[] + { + Intermediate_Certificate_IC_05_02_crt, + Intermediate_CRL_IC_05_02_crl, + End_Certificate_IC_05_02_crt + }; + + /* + * test30 + * + */ + public const string Intermediate_Certificate_IC_05_03_crt = + "MIICkjCCAfugAwIBAgIBOzANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1" + + "UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb0QxEDAOBgNVBAsTB1Rlc3Rpbmcx" + + "FTATBgNVBAMTDFRydXN0IEFuY2hvcjAeFw05ODAxMDExMjAxMDBaFw00ODAxMDExMjAxMD" + + "BaMF4xCzAJBgNVBAYTAlVTMRgwFgYDVQQKEw9VLlMuIEdvdmVybm1lbnQxDDAKBgNVBAsT" + + "A0RvZDEQMA4GA1UECxMHVGVzdGluZzEVMBMGA1UEAxMMQ0ExLUlDLjA1LjAzMIGfMA0GCS" + + "qGSIb3DQEBAQUAA4GNADCBiQKBgQCajRjoRNL9HFTytLLx7C8WYouW0uONGsrtGS5tKMiW" + + "oLlQUkohqB2a2PhA1InNGQqnbDtNdqKbR1k6EzD6MyegvXK1sXs0ZE8gt0LZYio7Xp3k+Q" + + "7i4Rk5iTruAUrV8bFMYmeIXHXL/9rl5LQV8YRp/Ut3Bg3VECzfhQG4EavMlwIDAQABo2Aw" + + "XjAPBgNVHRMBAf8EBTADAQH/MAsGA1UdDwQEAwIBBjAWBgNVHSAEDzANMAsGCWCGSAFlAw" + + "EwATARBgNVHQ4ECgQI9041oiwvHsgwEwYDVR0jBAwwCoAIq5rr+cLnVI8wDQYJKoZIhvcN" + + "AQEFBQADgYEAYwGYwLsA/kxYZG/RM+kvoH+mUebrBVZRBxjovYsYzNznD26fssjBFfiTmg" + + "zwZJfG7MZRsgDSRsS+bxuTlXMVeGRKH8fVj7PNq05sS18QZQOF0CCKzg9DLkCzkzkEWBxc" + + "5ersciPrL90UarOIPIJWUxQ/5sdMS/wZtYTU34rNNWE="; + public const string Intermediate_CRL_IC_05_03_crl = + "MIIBSzCBtQIBATANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS" + + "5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNV" + + "BAMTDENBMS1JQy4wNS4wMxcNOTkwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMTAwWqAjMCEwCg" + + "YDVR0UBAMCAQEwEwYDVR0jBAwwCoAI9041oiwvHsgwDQYJKoZIhvcNAQEFBQADgYEAJHTp" + + "k+RRsD0dUv59J1GQMWjQTjVz39Xaonx2sk38WHcrHBB78L0W6Skjvt082PwZg32sb7FQBt" + + "boAQ3PIKpXMnFnkjnkyaFihrnMdfa0abCPtQhFl3yra+w+1a2RDjQBZOOdq3xlFcLi9unT" + + "YYome7eS93wchIvNWFpgwF5A5XY="; + public const string End_Certificate_IC_05_03_crt = + "MIIChjCCAe+gAwIBAgIBPDANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1" + + "UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3Rpbmcx" + + "FTATBgNVBAMTDENBMS1JQy4wNS4wMzAeFw05ODAxMDExMjAxMDBaFw00ODAxMDExMjAxMD" + + "BaMGAxCzAJBgNVBAYTAlVTMRgwFgYDVQQKEw9VLlMuIEdvdmVybm1lbnQxDDAKBgNVBAsT" + + "A0RvRDEQMA4GA1UECxMHVGVzdGluZzEXMBUGA1UEAxMOVXNlcjEtSUMuMDUuMDMwgZ8wDQ" + + "YJKoZIhvcNAQEBBQADgY0AMIGJAoGBAMYxdSZq7qRBdPOz6H+l0GGAtymAWTshfZZCubHK" + + "lQjbVq98qudORfhCOZgOy83j/mo2KAecBhxaxB9YA5ggWNAgaKtFvknvjFemtBCZwt6cVK" + + "8LCyUGKzStwAV1+HSDlHxdWo7pRwP0beXFvFECrX418osGt6E/v7Cz++ZtvaDhAgMBAAGj" + + "UjBQMA4GA1UdDwEB/wQEAwIF4DAWBgNVHSAEDzANMAsGCWCGSAFlAwEwATARBgNVHQ4ECg" + + "QIgTuCLfTVa+QwEwYDVR0jBAwwCoAI9041oiwvHsgwDQYJKoZIhvcNAQEFBQADgYEAQRuC" + + "rAx9zzu9QwOq9weNit9PNgFHBpo3Gh9jPVYGJjOQxeSqqou503xi82H3W30FT/3ESCO7IF" + + "hfpr/uQZVEmUQnvDsVwbKvED1QF9qkTp6ILk38ITJJgfb+sdSL3bsUeNqVXd0C9wzVoErc" + + "OuoCulwkZzfoIOlO2YAjAnR1nUc="; + public readonly string[] TEST_30_DATA = new string[] + { + Intermediate_Certificate_IC_05_03_crt, + Intermediate_CRL_IC_05_03_crl, + End_Certificate_IC_05_03_crt + }; + + /* + * test31 + * + */ + public const string Intermediate_Certificate_IC_06_01_crt = + "MIIClTCCAf6gAwIBAgIBPTANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1" + + "UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb0QxEDAOBgNVBAsTB1Rlc3Rpbmcx" + + "FTATBgNVBAMTDFRydXN0IEFuY2hvcjAeFw05ODAxMDExMjAxMDBaFw00ODAxMDExMjAxMD" + + "BaMF4xCzAJBgNVBAYTAlVTMRgwFgYDVQQKEw9VLlMuIEdvdmVybm1lbnQxDDAKBgNVBAsT" + + "A0RvZDEQMA4GA1UECxMHVGVzdGluZzEVMBMGA1UEAxMMQ0ExLUlDLjA2LjAxMIGfMA0GCS" + + "qGSIb3DQEBAQUAA4GNADCBiQKBgQDmutL9PY/BLXvXMEDQLQnWE7dCOsrLNvJiuSjDdznF" + + "vBz6WS/RqUr9zsDFknpOWB3Epo2syV4ZFto+v4VWNo61uaClIEsw5x1y0saG19px34KVpQ" + + "wkpvLeRZySdCydKdE1rptYR/JbHvPo5TU4mxOo6L7JeEwAvjSI4tK4rwJ4MwIDAQABo2Mw" + + "YTAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwICBDAWBgNVHSAEDzANMAsGCWCGSA" + + "FlAwEwATARBgNVHQ4ECgQI1BB9j6Jyny4wEwYDVR0jBAwwCoAIq5rr+cLnVI8wDQYJKoZI" + + "hvcNAQEFBQADgYEAajWMbY8zL8jS2VUjCPBMuIjUvBfy55+92EXg5pZnyNNwN1diZfJFiB" + + "rrPWEg3Fa4NMLgaDKWZsYkOcDDo8I+Qb9FsU9LphCzQ1ubIEuxu6KPX9X29BscFOxUnZCz" + + "yuzVfadACxi5Y7Bz5pN5LfC/jEb2iXjkdN5Rm8AqT81syIo="; + public const string Intermediate_CRL_IC_06_01_crl = + "MIIBSzCBtQIBATANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS" + + "5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNV" + + "BAMTDENBMS1JQy4wNi4wMRcNOTkwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMTAwWqAjMCEwCg" + + "YDVR0UBAMCAQEwEwYDVR0jBAwwCoAI1BB9j6Jyny4wDQYJKoZIhvcNAQEFBQADgYEAxH4/" + + "mgACT847PyufmF1nob9TSqBj+cM5ye2bgv83gTVd3B1Gopr75Tnu4iP10d0PpSXjySWCjB" + + "0HPJ7BdxzkKxSrcM5vcb/jLdk9PqMUS30ohexsx1xK+E38pDJdLX4kbJ3E62AgyXm9WQlD" + + "9xsDk7TMXwuxHT4fX070HL6lWGI="; + public const string End_Certificate_IC_06_01_crt = + "MIIChjCCAe+gAwIBAgIBPjANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1" + + "UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3Rpbmcx" + + "FTATBgNVBAMTDENBMS1JQy4wNi4wMTAeFw05ODAxMDExMjAxMDBaFw00ODAxMDExMjAxMD" + + "BaMGAxCzAJBgNVBAYTAlVTMRgwFgYDVQQKEw9VLlMuIEdvdmVybm1lbnQxDDAKBgNVBAsT" + + "A0RvRDEQMA4GA1UECxMHVGVzdGluZzEXMBUGA1UEAxMOVXNlcjEtSUMuMDYuMDEwgZ8wDQ" + + "YJKoZIhvcNAQEBBQADgY0AMIGJAoGBAO1VOl25MTf068LOgzmQOmyh8MXunBrQ4t6UYuEj" + + "H7v+owR9JTDXpfzLPcYfkR+BH2jjISSHIJsUDesKVhpmhABNXcOI5tiRNkeDlV2zKCBXKC" + + "wFi5qkhrE8FUCP0hL8YzbybOrYZYSVEP8GgIgMSQcTvhN/Tor0o1jdJvRLmevXAgMBAAGj" + + "UjBQMA4GA1UdDwEB/wQEAwIF4DAWBgNVHSAEDzANMAsGCWCGSAFlAwEwATARBgNVHQ4ECg" + + "QIFJA9XGd9UZUwEwYDVR0jBAwwCoAI1BB9j6Jyny4wDQYJKoZIhvcNAQEFBQADgYEApRQC" + + "OTU9cp16BHM2n0TdZThgj9kSAQ4wHk/dKNOjYNEWu6n/GQ0alxy1dyRzpsr058FOvft23Z" + + "Kp0YhdKG/7F1hkcoNvC2yN+Re44n7S+F/jcEPTWnOX6h1Nkw8OS7Uz2fZ8t61iHjqjX4sv" + + "M/cKP+AkC8g7p2tfdkP1fQ6ww5E="; + public readonly string[] TEST_31_DATA = new string[] + { + Intermediate_Certificate_IC_06_01_crt, + Intermediate_CRL_IC_06_01_crl, + End_Certificate_IC_06_01_crt + }; + + /* + * test32 + * + */ + public const string Intermediate_Certificate_IC_06_02_crt = + "MIICkjCCAfugAwIBAgIBPzANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1" + + "UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb0QxEDAOBgNVBAsTB1Rlc3Rpbmcx" + + "FTATBgNVBAMTDFRydXN0IEFuY2hvcjAeFw05ODAxMDExMjAxMDBaFw00ODAxMDExMjAxMD" + + "BaMF4xCzAJBgNVBAYTAlVTMRgwFgYDVQQKEw9VLlMuIEdvdmVybm1lbnQxDDAKBgNVBAsT" + + "A0RvZDEQMA4GA1UECxMHVGVzdGluZzEVMBMGA1UEAxMMQ0ExLUlDLjA2LjAyMIGfMA0GCS" + + "qGSIb3DQEBAQUAA4GNADCBiQKBgQC0JoTnPaI/HT2eAqCW1204nRNjcA8EQSp87tvHLpWy" + + "5aafmxeJxvk5V9Ba7Ye8eY8yX9losbNUpHJFNdE46fD5qp/oS7Cn3NXA0dwIDQEn1X9vaz" + + "nqtZtMjt1S/yGv2xDOb2LKT9zRrqSvxGszCHFUBcJ4HDFJMAdhXPUZiLyXVQIDAQABo2Aw" + + "XjAPBgNVHRMBAf8EBTADAQH/MAsGA1UdDwQEAwICBDAWBgNVHSAEDzANMAsGCWCGSAFlAw" + + "EwATARBgNVHQ4ECgQI7j2LO1CcsE4wEwYDVR0jBAwwCoAIq5rr+cLnVI8wDQYJKoZIhvcN" + + "AQEFBQADgYEAfXIh0oYlM2pagAWzTuYqTl0NavtfqibPgolvhgIG/XmmjswHOg/JVCLb7O" + + "jIYtEG2MAD0xQXwu0mc9Deufed2embP/wc0qVG7rj7lxUq6p0aMQJNndBw4m9KlSnjdzyG" + + "lwE9pNd2BgEeD516J2k7dspCZHDw3qLer4i2JYoCo2Y="; + public const string Intermediate_CRL_IC_06_02_crl = + "MIIBSzCBtQIBATANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS" + + "5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNV" + + "BAMTDENBMS1JQy4wNi4wMhcNOTkwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMTAwWqAjMCEwCg" + + "YDVR0UBAMCAQEwEwYDVR0jBAwwCoAI7j2LO1CcsE4wDQYJKoZIhvcNAQEFBQADgYEAJej7" + + "23qVtwkcvCTPb6afTosYMnVppPXWbtvqn0N5mAFHQfE27x1YPOXOQHBrpQuTyiUdUmPXiH" + + "xMKbuR5o2lfdQgew9hbYVk6GegSu+DBC1JKv2YSTgzgRAlJfyByDZ7mbJwZWHVHys08oGk" + + "adG6zstavg5EkEeRuAp47T+7cZc="; + public const string End_Certificate_IC_06_02_crt = + "MIIChjCCAe+gAwIBAgIBQDANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1" + + "UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3Rpbmcx" + + "FTATBgNVBAMTDENBMS1JQy4wNi4wMjAeFw05ODAxMDExMjAxMDBaFw00ODAxMDExMjAxMD" + + "BaMGAxCzAJBgNVBAYTAlVTMRgwFgYDVQQKEw9VLlMuIEdvdmVybm1lbnQxDDAKBgNVBAsT" + + "A0RvRDEQMA4GA1UECxMHVGVzdGluZzEXMBUGA1UEAxMOVXNlcjEtSUMuMDYuMDIwgZ8wDQ" + + "YJKoZIhvcNAQEBBQADgY0AMIGJAoGBAMkIzl9+NRTZf/xaA8noiHRt65Zo6Zp57YvCKUe+" + + "YfoC8koMq12MBgrc0IyIfJoqEDEMfD1WbitZdGZMQZ7D9BP2Bk09NXLEAAuj+waFhYk0bW" + + "vHBH90O7HpMGmxwHmzOjDV3JHYsU8hq77/5gRFDNRkSCJe2A1Maj8Gcqi6tYf5AgMBAAGj" + + "UjBQMA4GA1UdDwEB/wQEAwIF4DAWBgNVHSAEDzANMAsGCWCGSAFlAwEwATARBgNVHQ4ECg" + + "QIYDfThEjNL28wEwYDVR0jBAwwCoAI7j2LO1CcsE4wDQYJKoZIhvcNAQEFBQADgYEAJiHT" + + "CjLGZK5Lyw+7ICDHs3eS1OGJH/wfsLcBP5sLER41qJfrXGTl2XdKvBMIpriUmJYzjkjof4" + + "bvS/VPDNlhI9AJadicW8LM4L3qpy7/YV4Dd/C/BJphJ6cZcT+hjaRKeC7gQVjMeC/npu/p" + + "jLgIgzf7HC4WYnaS3h9oYl0cMJk="; + public readonly string[] TEST_32_DATA = new string[] + { + Intermediate_Certificate_IC_06_02_crt, + Intermediate_CRL_IC_06_02_crl, + End_Certificate_IC_06_02_crt + }; + + /* + * test33 + * + */ + public const string Intermediate_Certificate_IC_06_03_crt = + "MIICkjCCAfugAwIBAgIBQTANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1" + + "UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb0QxEDAOBgNVBAsTB1Rlc3Rpbmcx" + + "FTATBgNVBAMTDFRydXN0IEFuY2hvcjAeFw05ODAxMDExMjAxMDBaFw00ODAxMDExMjAxMD" + + "BaMF4xCzAJBgNVBAYTAlVTMRgwFgYDVQQKEw9VLlMuIEdvdmVybm1lbnQxDDAKBgNVBAsT" + + "A0RvZDEQMA4GA1UECxMHVGVzdGluZzEVMBMGA1UEAxMMQ0ExLUlDLjA2LjAzMIGfMA0GCS" + + "qGSIb3DQEBAQUAA4GNADCBiQKBgQCuUtIYFbVjg8VLLUqIEQ6r7hjTaqYVs8DJnJPHUWPA" + + "JW9HEIV+d6hj/so76Bff4KJRX7MgoXbvq4ivmn8656N7YSGk9GPuJ25SXK7RJyoqzG/x2R" + + "AVUCx/wG99VXVDZhd5ZAVBG2JCkHImsWAei6/Tz8UgXmmLBM8rZNJ/hNtTBwIDAQABo2Aw" + + "XjAPBgNVHRMBAf8EBTADAQH/MAsGA1UdDwQEAwIBBjAWBgNVHSAEDzANMAsGCWCGSAFlAw" + + "EwATARBgNVHQ4ECgQIpwUlwG1W+sMwEwYDVR0jBAwwCoAIq5rr+cLnVI8wDQYJKoZIhvcN" + + "AQEFBQADgYEAqJhUfgar10fl5qG+oH34s/JS3ku0dRm4cTQvqUNOWA9ALnBhSkmOpoMMzH" + + "sE9FXXcZ072a8/ecpviP04X5mt5QSLreh3hPVvgWv1LiZ9YkS4Z2kcr+3Gx7zj4gQgT5vG" + + "QPpbIBAtBRH5xNHIYQsk6kOe2+t7b0Q82Wnj8UoznmQ="; + public const string Intermediate_CRL_IC_06_03_crl = + "MIIBSzCBtQIBATANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS" + + "5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNV" + + "BAMTDENBMS1JQy4wNi4wMxcNOTkwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMTAwWqAjMCEwCg" + + "YDVR0UBAMCAQEwEwYDVR0jBAwwCoAIpwUlwG1W+sMwDQYJKoZIhvcNAQEFBQADgYEAKCp7" + + "ViY1cajXpbjCIqe8yo/98SQRIxoTNgp7EUaaV17FeHZ59nJhRtsF1XnLP4cK0lPBkKFhHK" + + "2XyDEWx2hK3X7Z3lSAtn12WFJHOP5T5i0DmYfMJYAFbuPD0JQEWCM3aYsgbXKbbFH1BURh" + + "L/uy3arVBP4FaJB8gH678K4J1p4="; + public const string End_Certificate_IC_06_03_crt = + "MIIChjCCAe+gAwIBAgIBQjANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1" + + "UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3Rpbmcx" + + "FTATBgNVBAMTDENBMS1JQy4wNi4wMzAeFw05ODAxMDExMjAxMDBaFw00ODAxMDExMjAxMD" + + "BaMGAxCzAJBgNVBAYTAlVTMRgwFgYDVQQKEw9VLlMuIEdvdmVybm1lbnQxDDAKBgNVBAsT" + + "A0RvRDEQMA4GA1UECxMHVGVzdGluZzEXMBUGA1UEAxMOVXNlcjEtSUMuMDYuMDMwgZ8wDQ" + + "YJKoZIhvcNAQEBBQADgY0AMIGJAoGBALZw+GpvdleGlmdqZ/zEO2DUGhwgrsselBUNnEzR" + + "bcuzr5O1WwiG6aLjrPxIXeL1wLS1/u9AD9p3CQU0XFhi+bEI9+LLnt2y3707O+AQxy1PnQ" + + "6qmYE4jMwqDGHn8WVanN2joFT3isLH5wJD0Jh74eoG0tqCHUyOiXaZNo78qgB3AgMBAAGj" + + "UjBQMA4GA1UdDwEB/wQEAwIF4DAWBgNVHSAEDzANMAsGCWCGSAFlAwEwATARBgNVHQ4ECg" + + "QIJOeyCnvfJtAwEwYDVR0jBAwwCoAIpwUlwG1W+sMwDQYJKoZIhvcNAQEFBQADgYEAJbz1" + + "RipbW6uu7B+f2Ol1iq4AVOUuET2S9vi9ojReyAIka3q1XUceZCm5Et0KqpOoOLiu8IRuNB" + + "bvKwRcZ4hcVEXv5bRMqaPEK2B0VrRAV/Llj5A+RGn6yc1ZdkJeBRhoSsaHn5whfICaiJX6" + + "j3lMpo/CiMRViL+gZLU3SdKqvdY="; + public readonly string[] TEST_33_DATA = new string[] + { + Intermediate_Certificate_IC_06_03_crt, + Intermediate_CRL_IC_06_03_crl, + End_Certificate_IC_06_03_crt + }; + + /* + * test34 + * + */ + + public const string Intermediate_Certificate_PP_01_01_crt = + "MIIClTCCAf6gAwIBAgIBQzANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1" + + "UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb0QxEDAOBgNVBAsTB1Rlc3Rpbmcx" + + "FTATBgNVBAMTDFRydXN0IEFuY2hvcjAeFw05ODAxMDExMjAxMDBaFw00ODAxMDExMjAxMD" + + "BaMF4xCzAJBgNVBAYTAlVTMRgwFgYDVQQKEw9VLlMuIEdvdmVybm1lbnQxDDAKBgNVBAsT" + + "A0RvZDEQMA4GA1UECxMHVGVzdGluZzEVMBMGA1UEAxMMQ0ExLVBQLjAxLjAxMIGfMA0GCS" + + "qGSIb3DQEBAQUAA4GNADCBiQKBgQDRkBhJJVgOXHjydAHAnokd/XfEiW+bnWd2ZPJrMBmP" + + "7TlvVpxOGqLd6lGdbelbSyAzut1i8lyYn9NSDR0PcyehCSS+MsKS2uNKsTEuH3mlMK/7C5" + + "B1qggKqE8f7opyl9+U+Qyi1WQj01gY6XYXaCxksCB0Oqx2737d7QWMvl15dQIDAQABo2Mw" + + "YTAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBBjAWBgNVHSAEDzANMAsGCWCGSA" + + "FlAwEwATARBgNVHQ4ECgQIO1U69B4DBHQwEwYDVR0jBAwwCoAIq5rr+cLnVI8wDQYJKoZI" + + "hvcNAQEFBQADgYEAcHWV4Q4z7C+IC4bWgIf1+BzkszCN+LSb4JquR7GgICESbwF2JzR+xL" + + "7yoKvB/NBcCqtMY4Hi1DHACbIGJwRe68vVHzz4CmYEK50UUCbAtiAiy9Od6wwrTyFyacBd" + + "CBjiO6mkFEp6jOsoIgXRfxK4kDNcMkGUUwMbSR/wZKFuImc="; + public const string Intermediate_CRL_PP_01_01_crl = + "MIIBSzCBtQIBATANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS" + + "5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNV" + + "BAMTDENBMS1QUC4wMS4wMRcNOTkwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMTAwWqAjMCEwCg" + + "YDVR0UBAMCAQEwEwYDVR0jBAwwCoAIO1U69B4DBHQwDQYJKoZIhvcNAQEFBQADgYEAHtbX" + + "MUofQlCnbJhgLQw96jsBRu0Kdx/Rk4LWxEbZQOWNaD7aukASjEv63d1qZIDgpefuUNTz5s" + + "3eascdtI6iyWFtBO3r6tihtkkSbxocN2Rz7OlR4rW9VwuUirxP0145nMd5CEL03/CNABP5" + + "zUo1bNgswHW3z/RaH6h0j0yTkbo="; + public const string End_Certificate_PP_01_01_crt = + "MIIChjCCAe+gAwIBAgIBRDANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1" + + "UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3Rpbmcx" + + "FTATBgNVBAMTDENBMS1QUC4wMS4wMTAeFw05ODAxMDExMjAxMDBaFw00ODAxMDExMjAxMD" + + "BaMGAxCzAJBgNVBAYTAlVTMRgwFgYDVQQKEw9VLlMuIEdvdmVybm1lbnQxDDAKBgNVBAsT" + + "A0RvRDEQMA4GA1UECxMHVGVzdGluZzEXMBUGA1UEAxMOVXNlcjEtUFAuMDEuMDEwgZ8wDQ" + + "YJKoZIhvcNAQEBBQADgY0AMIGJAoGBALQaTS1wvv551g3BP9JYBMM+KXXLzxtOwPlO5NR4" + + "LwuJJB2WuO4vmbn8AG35in/0JqwjZeroLQvbCPxZseXsyA0+7cMO0qcjRJ5l5WdFsahT6g" + + "z1YW8pYYY5i2eDUkIRsM7roHMiNjt3zpkuUGX0xZQfAxhuWnRIvlGg5J4r7UOdAgMBAAGj" + + "UjBQMA4GA1UdDwEB/wQEAwIF4DAWBgNVHSAEDzANMAsGCWCGSAFlAwEwATARBgNVHQ4ECg" + + "QIeyLSANVaTpQwEwYDVR0jBAwwCoAIO1U69B4DBHQwDQYJKoZIhvcNAQEFBQADgYEAvZ4a" + + "SQMNl+Q++D9yVaGr+37XJyxs4yow5e5YM9LXn1qBASQ+GNfqPWoe2cPCPYKj32yulxyFEu" + + "RHrbhpEQe+nrKWJgO9W1bmfwgQDin29ne/JCQPlznhd3EPFvCkmPLnTyJmSLR6B2VxvndM" + + "GO8JEbj3KCf51uf3VnC/Qj11mX8="; + public readonly string[] TEST_34_DATA = new string[] + { + Intermediate_Certificate_PP_01_01_crt, + Intermediate_CRL_PP_01_01_crl, + End_Certificate_PP_01_01_crt + }; + + /* + * test35 + * + */ + + public const string Intermediate_Certificate_PP_01_02_crt = + "MIICfTCCAeagAwIBAgIBRTANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1" + + "UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb0QxEDAOBgNVBAsTB1Rlc3Rpbmcx" + + "FTATBgNVBAMTDFRydXN0IEFuY2hvcjAeFw05ODAxMDExMjAxMDBaFw00ODAxMDExMjAxMD" + + "BaMF4xCzAJBgNVBAYTAlVTMRgwFgYDVQQKEw9VLlMuIEdvdmVybm1lbnQxDDAKBgNVBAsT" + + "A0RvZDEQMA4GA1UECxMHVGVzdGluZzEVMBMGA1UEAxMMQ0ExLVBQLjAxLjAyMIGfMA0GCS" + + "qGSIb3DQEBAQUAA4GNADCBiQKBgQCkQQXRO+dnU2v7EbaqQNmfPD8v0s5Wa50hl9M1Gfr5" + + "5nuVUZs/RI//1VksTNrW10MVh11nsxpA/XRPntEIbHiH1OoECd4dnZBiA/2xEueM02fTjj" + + "fb/t7g+pr9dSU/TzCVZDVWFBcPn4VNz7BBqIrTAOXaJkyBZ8hh7vyiE1Y2VQIDAQABo0sw" + + "STAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBBjARBgNVHQ4ECgQIoTKVlZ8YCR" + + "AwEwYDVR0jBAwwCoAIq5rr+cLnVI8wDQYJKoZIhvcNAQEFBQADgYEADhtnd6ifr6kyfC5D" + + "UWuAXLtoccMj8Jaur/1YT1DgnH1XbBsEeZwm9Jkzr1a3cXPIHgaHYgXvBeGUtZ3XhbCSGp" + + "8U6clJz3lm3qKPKkb5rdDrpdTaPnEJJjS3C4ZK1L7UZtQga2Enlelm5vIkhjsF3Sexe1kY" + + "mzqiLZZ8yLxJ/Tg="; + public const string Intermediate_CRL_PP_01_02_crl = + "MIIBSzCBtQIBATANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS" + + "5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNV" + + "BAMTDENBMS1QUC4wMS4wMhcNOTkwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMTAwWqAjMCEwCg" + + "YDVR0UBAMCAQEwEwYDVR0jBAwwCoAIoTKVlZ8YCRAwDQYJKoZIhvcNAQEFBQADgYEAn94u" + + "sT8ZYNzfHIdnx0+fV0jglL0Kn1duz+ehKHow+RGqH+J9opMYuXVD+rVQnLdZl5LbFBcv+5" + + "TSP9WR9QtyoXar4/jmY2FFdBjfgO9w7p7OHD4WxblJmfPVOvrzFm/slZE39Oe5Qn4KlS03" + + "9tttEFTKDH3qREQbT6g4k4ExxYM="; + public const string End_Certificate_PP_01_02_crt = + "MIICbjCCAdegAwIBAgIBRjANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1" + + "UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3Rpbmcx" + + "FTATBgNVBAMTDENBMS1QUC4wMS4wMjAeFw05ODAxMDExMjAxMDBaFw00ODAxMDExMjAxMD" + + "BaMGAxCzAJBgNVBAYTAlVTMRgwFgYDVQQKEw9VLlMuIEdvdmVybm1lbnQxDDAKBgNVBAsT" + + "A0RvRDEQMA4GA1UECxMHVGVzdGluZzEXMBUGA1UEAxMOVXNlcjEtUFAuMDEuMDIwgZ8wDQ" + + "YJKoZIhvcNAQEBBQADgY0AMIGJAoGBANBwkwTWdZ977UAx6CCpXc9T4MX9T3/Tt6LbtY9I" + + "eXxI9W15eXm/aqrKiXhULB+oF9/qNeUi2fAtrURZ7hgHbTaswr8CZ3Uwc6Rbkyj2GGiM6Z" + + "8sKFztYZfFyGBiNEwfTT0yaUUQ6etIFqPuL/6qLvqXmvNPxFb9gjTH/azs/MdNAgMBAAGj" + + "OjA4MA4GA1UdDwEB/wQEAwIF4DARBgNVHQ4ECgQIW1/BRCbe3c0wEwYDVR0jBAwwCoAIoT" + + "KVlZ8YCRAwDQYJKoZIhvcNAQEFBQADgYEAPJg24q7wCU8CVlxFLchoe7txhkzApkVMIJ9G" + + "+QTnraHDn0CZS6undCsJw8mrTNBQPHFn2Ixa5lrPfJvwW4Med1bcJKbwR4TveL1WeYYq6+" + + "9k1kS/7KmqyKAKC/s504jAc7qgMd4b08oLxbGVfFVjWG/ZMbO770FrsyRHHs2rTOU="; + public readonly string[] TEST_35_DATA = new string[] + { + Intermediate_Certificate_PP_01_02_crt, + Intermediate_CRL_PP_01_02_crl, + End_Certificate_PP_01_02_crt + }; + + /* + * test36 + * + */ + + public const string Intermediate_Certificate_1_PP_01_03_crt = + "MIIClTCCAf6gAwIBAgIBRzANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1" + + "UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb0QxEDAOBgNVBAsTB1Rlc3Rpbmcx" + + "FTATBgNVBAMTDFRydXN0IEFuY2hvcjAeFw05ODAxMDExMjAxMDBaFw00ODAxMDExMjAxMD" + + "BaMF4xCzAJBgNVBAYTAlVTMRgwFgYDVQQKEw9VLlMuIEdvdmVybm1lbnQxDDAKBgNVBAsT" + + "A0RvZDEQMA4GA1UECxMHVGVzdGluZzEVMBMGA1UEAxMMQ0ExLVBQLjAxLjAzMIGfMA0GCS" + + "qGSIb3DQEBAQUAA4GNADCBiQKBgQDL/XgMvoeszcAzZqMYnv1At5u83Gb/CEX3fv6O1jL4" + + "W3XbdvBNIZpuTwQhTH4Iofk9rIuQdkR7xOmbk4AqZINuas3Y1CPdzss7teraK0CNralNl1" + + "jPYK+ClDBHt32Iw3bAl7RqWX73hl3YH6/7cvG4XCo1HqeeFFHUGa7HXGXq9QIDAQABo2Mw" + + "YTAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBBjAWBgNVHSAEDzANMAsGCWCGSA" + + "FlAwEwAjARBgNVHQ4ECgQITMu5Qbn1Cm4wEwYDVR0jBAwwCoAIq5rr+cLnVI8wDQYJKoZI" + + "hvcNAQEFBQADgYEAuCnzXbHg87PIYYRbCCiXKDKA3MOcEKuxpNaSbtm12DQWpnvzmaK5nB" + + "D/Ebko97CS7u9Tpwa7TmTyi39bYzY0dmVaotCDzfSTpzw6qHZl/w8riS+cKr0mimnjW1cq" + + "kGPyHf0zBBqh0liGbd7EOLIBln0ASrn8V+G4Tj0Q6aQVcko="; + public const string Intermediate_Certificate_2_PP_01_03_crt = + "MIIClTCCAf6gAwIBAgIBSDANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1" + + "UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3Rpbmcx" + + "FTATBgNVBAMTDENBMS1QUC4wMS4wMzAeFw05ODAxMDExMjAxMDBaFw00ODAxMDExMjAxMD" + + "BaMF4xCzAJBgNVBAYTAlVTMRgwFgYDVQQKEw9VLlMuIEdvdmVybm1lbnQxDDAKBgNVBAsT" + + "A0RvZDEQMA4GA1UECxMHVGVzdGluZzEVMBMGA1UEAxMMQ0EyLVBQLjAxLjAzMIGfMA0GCS" + + "qGSIb3DQEBAQUAA4GNADCBiQKBgQCu1Fq+gBJsBf5EjKKtNIxgdtgPMObby7tKH7fTJxYE" + + "5LPyPi/IiWQ5Mi/8BCG3zmQhu9ZdBbpal350qCGVTbaMlnpi98D4WwXSw7e8oHIJIK689p" + + "Q6Z5cf8hgwPnwDpYLeEaqxwhd4bu0x1lG1fUISA0ZZIQaEeNSJfdh15IkAswIDAQABo2Mw" + + "YTAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBBjAWBgNVHSAEDzANMAsGCWCGSA" + + "FlAwEwATARBgNVHQ4ECgQILRhQwULcyPYwEwYDVR0jBAwwCoAITMu5Qbn1Cm4wDQYJKoZI" + + "hvcNAQEFBQADgYEAlEVOqXcdeTU7wT0l+/BJhlG5iaAcanAsOaJFZsXPjLMSjhldQe11/z" + + "BsrrqjcpdctcmBarKO4MnwqVU9DN2RZ/v5Gps6OcPxj3T8wlrCGe4l6s9d1FncBMJ0RAUe" + + "QEn2JLkQW5JWRBQ00+RXJYFuIM6Ger2MipWj1oOciv9MMoc="; + public const string Intermediate_CRL_1_PP_01_03_crl = + "MIIBSzCBtQIBATANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS" + + "5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNV" + + "BAMTDENBMS1QUC4wMS4wMxcNOTkwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMTAwWqAjMCEwCg" + + "YDVR0UBAMCAQEwEwYDVR0jBAwwCoAITMu5Qbn1Cm4wDQYJKoZIhvcNAQEFBQADgYEAycux" + + "rzvy2IiYfFkTw7QgGuBhxIQPbSIbfudqyUumuviHJkIMZpPwYj2wltjyiRaozrDAWq8mlc" + + "PsFYNr2lUYN5Cj4BhNQCNZlyBw7LLdzRgza55zVjmYkHWedyZm3kPWe7Y0w8xc/XIvi3iC" + + "qlwV+X85cgHNJarx3GEYdb7Yos4="; + public const string Intermediate_CRL_2_PP_01_03_crl = + "MIIBSzCBtQIBATANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS" + + "5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNV" + + "BAMTDENBMi1QUC4wMS4wMxcNOTkwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMTAwWqAjMCEwCg" + + "YDVR0UBAMCAQEwEwYDVR0jBAwwCoAILRhQwULcyPYwDQYJKoZIhvcNAQEFBQADgYEAbcjU" + + "+8l6pSik8PcuIzWndAg/w8uRfAgR5W9hPSXZChlx7uM+48wK98DGEXuTkJcbeclZia+Mpi" + + "J5u3qG1zhoL1aHr+RqyJrjiWKC4/rDBuiUk/ftU54mrYn0qev3aSjf/GLtpcC8kC3gpqD+" + + "20bvxLjBG3Vc9ZrxDvzfj8cD9K4="; + public const string End_Certificate_PP_01_03_crt = + "MIIChjCCAe+gAwIBAgIBSTANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1" + + "UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3Rpbmcx" + + "FTATBgNVBAMTDENBMi1QUC4wMS4wMzAeFw05ODAxMDExMjAxMDBaFw00ODAxMDExMjAxMD" + + "BaMGAxCzAJBgNVBAYTAlVTMRgwFgYDVQQKEw9VLlMuIEdvdmVybm1lbnQxDDAKBgNVBAsT" + + "A0RvRDEQMA4GA1UECxMHVGVzdGluZzEXMBUGA1UEAxMOVXNlcjEtUFAuMDEuMDMwgZ8wDQ" + + "YJKoZIhvcNAQEBBQADgY0AMIGJAoGBAMO0l0+X6jfT8cY4DumtseTryyIJ7h+nraogXmYo" + + "uhFGvMUWEAZVGD4x9QTTVEL/UCqNfzpI//Pp/uZpDudSgOX0ZdAbykObqCAEO85msK+eie" + + "8baS1cW1XGjCuWDqNZko3Uo3c5lLPlRMbZ3hjvA1zmYh3prYnOh032GZAArVcVAgMBAAGj" + + "UjBQMA4GA1UdDwEB/wQEAwIF4DAWBgNVHSAEDzANMAsGCWCGSAFlAwEwATARBgNVHQ4ECg" + + "QIMh2aWvtm0mgwEwYDVR0jBAwwCoAILRhQwULcyPYwDQYJKoZIhvcNAQEFBQADgYEAigVE" + + "FlCgbgKLR9FWIiwnz1bZ0MKsfhytllCI+jGx0Q3o3CxCGXs9PvL6BPDdMOxNIT/oU2uG64" + + "EhZEjcZCnUknGx9OkkSSVq44P/pGuUx1g4Kx4i8gsJ/UPrPpYv/3heuMcKWCr92l33cxPT" + + "IU+kmAtqy0MBvBKL4p635+MSIVA="; + public readonly string[] TEST_36_DATA = new string[] + { + Intermediate_Certificate_1_PP_01_03_crt, + Intermediate_Certificate_2_PP_01_03_crt, + Intermediate_CRL_1_PP_01_03_crl, + Intermediate_CRL_2_PP_01_03_crl, + End_Certificate_PP_01_03_crt + }; + + /* + * test37 + * + */ + + public const string Intermediate_Certificate_1_PP_01_04_crt = + "MIIClTCCAf6gAwIBAgIBSjANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1" + + "UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb0QxEDAOBgNVBAsTB1Rlc3Rpbmcx" + + "FTATBgNVBAMTDFRydXN0IEFuY2hvcjAeFw05ODAxMDExMjAxMDBaFw00ODAxMDExMjAxMD" + + "BaMF4xCzAJBgNVBAYTAlVTMRgwFgYDVQQKEw9VLlMuIEdvdmVybm1lbnQxDDAKBgNVBAsT" + + "A0RvZDEQMA4GA1UECxMHVGVzdGluZzEVMBMGA1UEAxMMQ0ExLVBQLjAxLjA0MIGfMA0GCS" + + "qGSIb3DQEBAQUAA4GNADCBiQKBgQC9gxMP8j4L+ISffY9wkislQ/V5sO9LzZOncYK93lZf" + + "HXJG1MPSQzFPNzDLSc2zsilA03v6q+zr4NRrRWwWGmB34NGM4aqkoxox/7ngTn0MIq5gZ2" + + "eOx0FbjA9W9DHEceVDS6kgs9lFcN2W+muCG2/fGqQUED9Fzl9JSM/tE8XAKwIDAQABo2Mw" + + "YTAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBBjAWBgNVHSAEDzANMAsGCWCGSA" + + "FlAwEwATARBgNVHQ4ECgQIgdUt9H4i6kwwEwYDVR0jBAwwCoAIq5rr+cLnVI8wDQYJKoZI" + + "hvcNAQEFBQADgYEAxPe0vM0BvormJLF5HxkyFcTtoombfDGANoLoyj+PTWRD6z1/AcAx5K" + + "rn/0J1sZo13M2ezaZUABbbpNH9X0OS225IJF4mXNpfkYhsz/+jNPGjRpN2p0K+DhMSawUw" + + "QfGv2x6f31k6WCdy/769i1mwKP6Rpph2nkRyYW8MwO0N5HU="; + public const string Intermediate_Certificate_2_PP_01_04_crt = + "MIIClTCCAf6gAwIBAgIBSzANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1" + + "UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3Rpbmcx" + + "FTATBgNVBAMTDENBMS1QUC4wMS4wNDAeFw05ODAxMDExMjAxMDBaFw00ODAxMDExMjAxMD" + + "BaMF4xCzAJBgNVBAYTAlVTMRgwFgYDVQQKEw9VLlMuIEdvdmVybm1lbnQxDDAKBgNVBAsT" + + "A0RvZDEQMA4GA1UECxMHVGVzdGluZzEVMBMGA1UEAxMMQ0EyLVBQLjAxLjA0MIGfMA0GCS" + + "qGSIb3DQEBAQUAA4GNADCBiQKBgQC7YCtN67S/ItOzaSGqTvfEE483HoQGiQZ0ob3+0beK" + + "kmbSGADBQVBKe/sLJEKddyV2Gl8S4x+cKaKBWUI8lMZViJwWqVnyAFd8ZiAB/BpXaKKgP5" + + "pFsg10Yo/EtsxGlLSTLurst0azNnFv7ca5Hb8te3T91eaI6y59IjbsRgilSQIDAQABo2Mw" + + "YTAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBBjAWBgNVHSAEDzANMAsGCWCGSA" + + "FlAwEwATARBgNVHQ4ECgQIGazrt+QRNCkwEwYDVR0jBAwwCoAIgdUt9H4i6kwwDQYJKoZI" + + "hvcNAQEFBQADgYEAUIz/MSc6K5eaIAg8skaAgm6rSPvcU/711b9G0qsIs6YqvEz4zhGi5X" + + "nalYYXfaSQzomuRuABNvuR1Ydaw/B9OdPMro0DhX8VpY6NzCL5Qj60/I4is5a+Hzgk82ck" + + "eAC3okPHbVMd7R9kdFsWNE3Capnv7rriqXO3vwFw8b9vXD4="; + public const string Intermediate_CRL_1_PP_01_04_crl = + "MIIBSzCBtQIBATANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS" + + "5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNV" + + "BAMTDENBMS1QUC4wMS4wNBcNOTkwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMTAwWqAjMCEwCg" + + "YDVR0UBAMCAQEwEwYDVR0jBAwwCoAIgdUt9H4i6kwwDQYJKoZIhvcNAQEFBQADgYEAkR24" + + "ebKfvEhDA0C7sawukQbv/q8mjSS3CrhA/oqeb8bML1IlW8rjHSXuRU/n3oeyAZuxLCAQMU" + + "TPG6Vq4dOu8XC1RY74xIm8ps4mE0xB8/nI5kadHUSDPtUZhNzc8tv+z7fUGRaVGL7CBEpq" + + "ICyQKYytCwxyf4xu2Ip71Uy2tuo="; + public const string Intermediate_CRL_2_PP_01_04_crl = + "MIIBSzCBtQIBATANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS" + + "5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNV" + + "BAMTDENBMi1QUC4wMS4wNBcNOTkwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMTAwWqAjMCEwCg" + + "YDVR0UBAMCAQEwEwYDVR0jBAwwCoAIGazrt+QRNCkwDQYJKoZIhvcNAQEFBQADgYEAjpUo" + + "XSj0HX7Wm4w1FiRBBazInGOhSQX9VP2GcGb5lfr3GKt75Y+C+C9qd5X25DVkA4M1gPBK+u" + + "XjSMQoHAmFJychQG23rcGcuDJlzRMyfvPCF9dOGLFdmkuHSo5hQUyYsxnXV8cWLIkR1AUz" + + "PtUbTJL9g98R/OJFsCBiPi+By6w="; + public const string End_Certificate_PP_01_04_crt = + "MIIChjCCAe+gAwIBAgIBTDANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1" + + "UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3Rpbmcx" + + "FTATBgNVBAMTDENBMi1QUC4wMS4wNDAeFw05ODAxMDExMjAxMDBaFw00ODAxMDExMjAxMD" + + "BaMGAxCzAJBgNVBAYTAlVTMRgwFgYDVQQKEw9VLlMuIEdvdmVybm1lbnQxDDAKBgNVBAsT" + + "A0RvRDEQMA4GA1UECxMHVGVzdGluZzEXMBUGA1UEAxMOVXNlcjEtUFAuMDEuMDQwgZ8wDQ" + + "YJKoZIhvcNAQEBBQADgY0AMIGJAoGBAOtf65MaydWM3bmMT8tAGCX8gZkx1JlgQyBlJT67" + + "2APIkfmKRFK/dBtSwwCVGHZG4JYBrrwMpzUPrkGKYI6ZVIvvPnPfadZns9i5SM5LZFS+a5" + + "JfbRnSJd8dXhZsKHxqkxIWwG6+VgnRKXE/Uc4m8TePQJZEOra5ezna5yhvqUwPAgMBAAGj" + + "UjBQMA4GA1UdDwEB/wQEAwIF4DAWBgNVHSAEDzANMAsGCWCGSAFlAwEwAjARBgNVHQ4ECg" + + "QI4iNoMjKiXMkwEwYDVR0jBAwwCoAIGazrt+QRNCkwDQYJKoZIhvcNAQEFBQADgYEAmOjp" + + "2EupE1AmgjGfiGK1fk9kf39yQXK1EDsyO6KLdWL/bmWeYi/G7ZE57/+yVVADJuHI8xVIDZ" + + "LAC0u5p35OLgbcmmA5bs52KWJJfa0nbgGpVaUSMg9SkEGS997OsgExWMvYhdFIKXlq4Rwc" + + "ca89Hg1GlXdrpfD2OCDNBvcWB5Y="; + public readonly string[] TEST_37_DATA = new string[] + { + Intermediate_Certificate_1_PP_01_04_crt, + Intermediate_Certificate_2_PP_01_04_crt, + Intermediate_CRL_1_PP_01_04_crl, + Intermediate_CRL_2_PP_01_04_crl, + End_Certificate_PP_01_04_crt + }; + + /* + * test38 + * + */ + + public const string Intermediate_Certificate_1_PP_01_05_crt = + "MIIClTCCAf6gAwIBAgIBTTANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1" + + "UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb0QxEDAOBgNVBAsTB1Rlc3Rpbmcx" + + "FTATBgNVBAMTDFRydXN0IEFuY2hvcjAeFw05ODAxMDExMjAxMDBaFw00ODAxMDExMjAxMD" + + "BaMF4xCzAJBgNVBAYTAlVTMRgwFgYDVQQKEw9VLlMuIEdvdmVybm1lbnQxDDAKBgNVBAsT" + + "A0RvZDEQMA4GA1UECxMHVGVzdGluZzEVMBMGA1UEAxMMQ0ExLVBQLjAxLjA1MIGfMA0GCS" + + "qGSIb3DQEBAQUAA4GNADCBiQKBgQDFzEEzV/yUEORIOufyqpZzKpYz5aPyBbcDf8AMMCM5" + + "tEz7j39cf1f227cbrTcAaUfYFwkrb07RU4bTS2X+U2Ak7Q5OROz5rrZBbsfwF3yHhwHxCg" + + "KLjbwz7D+OJdNfv7x2HRckwfMUkmP4cEuJIIPwj1ieBbsnUi9dkWZePwl80QIDAQABo2Mw" + + "YTAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBBjAWBgNVHSAEDzANMAsGCWCGSA" + + "FlAwEwATARBgNVHQ4ECgQIjsCjmszYCHMwEwYDVR0jBAwwCoAIq5rr+cLnVI8wDQYJKoZI" + + "hvcNAQEFBQADgYEAWMUBdOdHMB/SV5kPUk+zut9g/1v/GyxyB60mq9jGqjrIsk4a9JRqa5" + + "MWju+6kVfSLelAOCR24EQsXnZM/5Qqg3Wb/SFJXWDcBnfWQWgh8UmJfmPhD7jViG5QVIxn" + + "iALNCYtz373L+IDECLMO6S3wcTPsHdYv14jl6BKtabwIpE4="; + public const string Intermediate_Certificate_2_PP_01_05_crt = + "MIIClTCCAf6gAwIBAgIBTjANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1" + + "UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3Rpbmcx" + + "FTATBgNVBAMTDENBMS1QUC4wMS4wNTAeFw05ODAxMDExMjAxMDBaFw00ODAxMDExMjAxMD" + + "BaMF4xCzAJBgNVBAYTAlVTMRgwFgYDVQQKEw9VLlMuIEdvdmVybm1lbnQxDDAKBgNVBAsT" + + "A0RvZDEQMA4GA1UECxMHVGVzdGluZzEVMBMGA1UEAxMMQ0EyLVBQLjAxLjA1MIGfMA0GCS" + + "qGSIb3DQEBAQUAA4GNADCBiQKBgQCZzdj+ixWCuxJGMjcoHUwSNqI9Wt9gYwXUTl+dWg/E" + + "lg2SPJP7lrBOibAhSmaTorhunUSEf2adhdxhuGrd5Ucp6G0oZAa6ZDWaID4rKYWsI7d5kv" + + "mrUhDEEdzk2s4PCoPiQm4dKwRg2rIvA5Dv+W1ldqSVSG376zVrQ5xdjDUX5QIDAQABo2Mw" + + "YTAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBBjAWBgNVHSAEDzANMAsGCWCGSA" + + "FlAwEwAjARBgNVHQ4ECgQIUASviIKBmJgwEwYDVR0jBAwwCoAIjsCjmszYCHMwDQYJKoZI" + + "hvcNAQEFBQADgYEAa3c+0Drcq7iWP7K+gE6Mz/0ATQoiG87irXWfWBUGWtYnsh6K+1THMl" + + "ibmZjYhsztK1P5rm6qL6HAyw0PhrRE9imqZ16cgiMomh65BWQImOeiXx9YWIPvjXWsE6iV" + + "E31XShr9b9OZBA2+Zpydc3ID/SQzy9PiTAfL5yJiW/JZvFw="; + public const string Intermediate_CRL_1_PP_01_05_crl = + "MIIBSzCBtQIBATANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS" + + "5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNV" + + "BAMTDENBMS1QUC4wMS4wNRcNOTkwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMTAwWqAjMCEwCg" + + "YDVR0UBAMCAQEwEwYDVR0jBAwwCoAIjsCjmszYCHMwDQYJKoZIhvcNAQEFBQADgYEAZIzN" + + "pXT89MplQgcXcA/K7YKlf62QCbw3rE+bUQiumJMlNGiVdaNJ8T66ObyoOWE+s+KN/Oetlu" + + "HglQ7r6RG68gHYtZZiO6kmxq+wor65dFGQyRggpD+D47yioEgR12wUUksL/8oBW1pfGW2B" + + "dR4sNWjzV5k5EWbLYu7wxj2/ubo="; + public const string Intermediate_CRL_2_PP_01_05_crl = + "MIIBSzCBtQIBATANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS" + + "5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNV" + + "BAMTDENBMi1QUC4wMS4wNRcNOTkwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMTAwWqAjMCEwCg" + + "YDVR0UBAMCAQEwEwYDVR0jBAwwCoAIUASviIKBmJgwDQYJKoZIhvcNAQEFBQADgYEAlZ06" + + "h2L/89GvCtU1K1VtbHPMN/LAUYJrWFID1Eo+Cf/5wKEGBr8hxRtvshTK436zqVQRQN/XTq" + + "7u0SLxvIixNRErlmUlGByi5vumN2OA77SxOyqYLCnBXTd5tWbFGz/udjaNk1MxOK0MQxPV" + + "9R+HHUUVojRnAIQvlcqx/sMzU5o="; + public const string End_Certificate_PP_01_05_crt = + "MIIChjCCAe+gAwIBAgIBTzANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1" + + "UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3Rpbmcx" + + "FTATBgNVBAMTDENBMi1QUC4wMS4wNTAeFw05ODAxMDExMjAxMDBaFw00ODAxMDExMjAxMD" + + "BaMGAxCzAJBgNVBAYTAlVTMRgwFgYDVQQKEw9VLlMuIEdvdmVybm1lbnQxDDAKBgNVBAsT" + + "A0RvRDEQMA4GA1UECxMHVGVzdGluZzEXMBUGA1UEAxMOVXNlcjEtUFAuMDEuMDUwgZ8wDQ" + + "YJKoZIhvcNAQEBBQADgY0AMIGJAoGBALyBn2GKvoKNHcu3AEJRCbWOyUpCc/onvRoQgWRr" + + "wE7vMI7vjqnoR8mXdWDW5u9DFu9V5pb/yHBWn1zpgFGNnLrqn8irwR9i6Q+qlu4lXL5WSr" + + "DqBqEKxrOBDPgkVz8Ldjt/Hy57qEukBarvpAwTc4XEJPAmxNrboMeGCEn2UShbAgMBAAGj" + + "UjBQMA4GA1UdDwEB/wQEAwIF4DAWBgNVHSAEDzANMAsGCWCGSAFlAwEwATARBgNVHQ4ECg" + + "QIaV3Cd/83r08wEwYDVR0jBAwwCoAIUASviIKBmJgwDQYJKoZIhvcNAQEFBQADgYEAVJXz" + + "gooT1qd6rdehnLxJMf1HZ6JuqpyoQjzWF1jA3SkJmBDMXvAkMmIcQ7r5CZHaVF0iMQl5JW" + + "fxPtM9Bws6jZhVL0TkwJHmbnSvbzUkJYeXPCP7ags4bu5I32co1nFVF6wf3aQDZeLFj/TU" + + "1GCQ4rh80T5oknuazD4xXAYx9sE="; + public readonly string[] TEST_38_DATA = new string[] + { + Intermediate_Certificate_1_PP_01_05_crt, + Intermediate_Certificate_2_PP_01_05_crt, + Intermediate_CRL_1_PP_01_05_crl, + Intermediate_CRL_2_PP_01_05_crl, + End_Certificate_PP_01_05_crt + }; + + /* + * test39 + * + */ + + public const string Intermediate_Certificate_1_PP_01_06_crt = + "MIICvjCCAiegAwIBAgIBUDANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1" + + "UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb0QxEDAOBgNVBAsTB1Rlc3Rpbmcx" + + "FTATBgNVBAMTDFRydXN0IEFuY2hvcjAeFw05ODAxMDExMjAxMDBaFw00ODAxMDExMjAxMD" + + "BaMF4xCzAJBgNVBAYTAlVTMRgwFgYDVQQKEw9VLlMuIEdvdmVybm1lbnQxDDAKBgNVBAsT" + + "A0RvZDEQMA4GA1UECxMHVGVzdGluZzEVMBMGA1UEAxMMQ0ExLVBQLjAxLjA2MIGfMA0GCS" + + "qGSIb3DQEBAQUAA4GNADCBiQKBgQCjeJAwaZ0cw6O76hu15XadwJiTsIJcXZxGAETq8H9p" + + "VJs7kJh57oLpO/lG8zG89QS9g1ozxaaGDWsSyXsDzv1eqDVZg3ISQu6XcKdDu8EwgQDY3S" + + "EGkJ2AidFue3l0kEwR9+rtsuVKd/P+ULF1hWcoyLB/sQD5z8GvIiDKyRBiFwIDAQABo4GL" + + "MIGIMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgEGMD0GA1UdIAQ2MDQwCwYJYI" + + "ZIAWUDATABMAsGCWCGSAFlAwEwAjALBglghkgBZQMBMAMwCwYJYIZIAWUDATAEMBEGA1Ud" + + "DgQKBAh9i6tKUsPTgTATBgNVHSMEDDAKgAirmuv5wudUjzANBgkqhkiG9w0BAQUFAAOBgQ" + + "B/Gxsb5lxSTN21CrjBp2aE+U1oTP2MpIFWUD1q8KWhZZF1iCQ7orcDVITqJPdPxDu1YwKk" + + "zOegc4YBSJzHZqF/W4Kw4wisMfnWLTsUAeP/Ucz4vXk5rsf7IRssFG6PLxVmtRZizoxl9a" + + "DO9abTM/jV8Mgi1IB6LdWgmtosBGBzbQ=="; + public const string Intermediate_Certificate_2_PP_01_06_crt = + "MIICrzCCAhigAwIBAgIBUTANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1" + + "UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3Rpbmcx" + + "FTATBgNVBAMTDENBMS1QUC4wMS4wNjAeFw05ODAxMDExMjAxMDBaFw00ODAxMDExMjAxMD" + + "BaMF4xCzAJBgNVBAYTAlVTMRgwFgYDVQQKEw9VLlMuIEdvdmVybm1lbnQxDDAKBgNVBAsT" + + "A0RvZDEQMA4GA1UECxMHVGVzdGluZzEVMBMGA1UEAxMMQ0EyLVBQLjAxLjA2MIGfMA0GCS" + + "qGSIb3DQEBAQUAA4GNADCBiQKBgQC8DbqYUf437toWlRkOQA5PloqYQjWYpiR67yGSjQHp" + + "j/HlduTYFS4qfUbLCjH4qsNUH8yQDvogImQw5M1IQOsUAqO6mYFxjqUWccuOaHT6XfUaOs" + + "DDHr/tQUvhz3LJryaILiPlNcQF8QiYpujM1utVRyFpmUrMAlOvWUB93c/xUQIDAQABo30w" + + "ezAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBBjAwBgNVHSAEKTAnMAsGCWCGSA" + + "FlAwEwATALBglghkgBZQMBMAIwCwYJYIZIAWUDATADMBEGA1UdDgQKBAgQxGVMTJml1TAT" + + "BgNVHSMEDDAKgAh9i6tKUsPTgTANBgkqhkiG9w0BAQUFAAOBgQALJtPqY5uROJ+2QYTekn" + + "fSUc0gC7j3/cngIvxGT385xDLTrd6TjYSi+12+vU7RNd3MIZoz1o7RpWQV6C751WtOFuZi" + + "iXeQ758aLqfhjYSVW/NHkO8vjrAMUzUbgjqb03k7q5JgtT6udB+9ySmou2/RxYW5p/IT17" + + "euMVGmQb/RFg=="; + public const string Intermediate_Certificate_3_PP_01_06_crt = + "MIICojCCAgugAwIBAgIBUjANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1" + + "UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3Rpbmcx" + + "FTATBgNVBAMTDENBMi1QUC4wMS4wNjAeFw05ODAxMDExMjAxMDBaFw00ODAxMDExMjAxMD" + + "BaMF4xCzAJBgNVBAYTAlVTMRgwFgYDVQQKEw9VLlMuIEdvdmVybm1lbnQxDDAKBgNVBAsT" + + "A0RvZDEQMA4GA1UECxMHVGVzdGluZzEVMBMGA1UEAxMMQ0EzLVBQLjAxLjA2MIGfMA0GCS" + + "qGSIb3DQEBAQUAA4GNADCBiQKBgQCsQqIx0ayxpIE8NduclvK1ubbNkXyvr0RDqnGOoyTj" + + "yMtnfnwRbclkFCNBdalZYofuTWP0reqvqGqsBj+RS3uazvDBqVmn0J0AGRiLILummgEFRJ" + + "ow8IB1hduDYJpDMrHRpfXpbG2H3fzN1XeX/B0hUZgdQ86GyK2qrmyIcyqZXwIDAQABo3Aw" + + "bjAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBBjAjBgNVHSAEHDAaMAsGCWCGSA" + + "FlAwEwATALBglghkgBZQMBMAIwEQYDVR0OBAoECNKJMmEWCA+jMBMGA1UdIwQMMAqACBDE" + + "ZUxMmaXVMA0GCSqGSIb3DQEBBQUAA4GBAKv9F3+Y4N8RX4bRZ4fFTKri2rrB4BsVrBFpOr" + + "SLzKnuyO1O5gg45d70pSHUAVBn3pz0f/6WwWLECq9tB7/Fphi0TyqeFmkRnysygZGlvLgs" + + "L19bpIgVPkjFFziMGuzdAFIGy8vnV19yJ2euMygEHr20yiGBUaHHnKyuOGbDg4i7"; + public const string Intermediate_CRL_1_PP_01_06_crl = + "MIIBSzCBtQIBATANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS" + + "5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNV" + + "BAMTDENBMS1QUC4wMS4wNhcNOTkwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMTAwWqAjMCEwCg" + + "YDVR0UBAMCAQEwEwYDVR0jBAwwCoAIfYurSlLD04EwDQYJKoZIhvcNAQEFBQADgYEARL4u" + + "DZvfcQDYanTfwU/hWAJDdDO7m7oQZLy3o0PTqXkk2Jd2v3+M2U8UN2PcuqZXT1lwS/piiW" + + "Sc1x1YndD0qUtV4bOZ9SESPhCeOc1lQTk5mMf/zqFxQqYv8rfDB5O3QY4bjS7QQzSsvmal" + + "TGCnoHmUJ4skmZJrQAzYnXyD9G4="; + public const string Intermediate_CRL_2_PP_01_06_crl = + "MIIBSzCBtQIBATANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS" + + "5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNV" + + "BAMTDENBMi1QUC4wMS4wNhcNOTkwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMTAwWqAjMCEwCg" + + "YDVR0UBAMCAQEwEwYDVR0jBAwwCoAIEMRlTEyZpdUwDQYJKoZIhvcNAQEFBQADgYEAcEyr" + + "sgLhVq0L6N5fww/U6TW4lqaVAEtjqxluWRyZnL3AJLEHfwh1lllCG5dNM5fahGDOW/53fV" + + "+gW5l92bsi2D/lAkDfNUdQdi5ZpQG9y2zhTArUlx9z1+KXklCi2Gg1X22gi+cYbK2hfzk6" + + "kNGP1v42bjrkF/ECczpy3e41rEg="; + public const string Intermediate_CRL_3_PP_01_06_crl = + "MIIBSzCBtQIBATANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS" + + "5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNV" + + "BAMTDENBMy1QUC4wMS4wNhcNOTkwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMTAwWqAjMCEwCg" + + "YDVR0UBAMCAQEwEwYDVR0jBAwwCoAI0okyYRYID6MwDQYJKoZIhvcNAQEFBQADgYEAp3uQ" + + "Tn2HC65TFmSjzvjuStIJwJcVahNcTWiGdtfTalZrMtuC9vUgQq0K1QIa7QNC9C3hQlzb5e" + + "bO7JhJDs+5GZnnsqHN3pvdKEoueRfWBjUGpPnSGFD61ysf9aDFY2j9Amf3zcBFsXZs4+DM" + + "dIENndbjkwqCV4zRTajAqCsIy20="; + public const string End_Certificate_PP_01_06_crt = + "MIIClTCCAf6gAwIBAgIBUzANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1" + + "UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3Rpbmcx" + + "FTATBgNVBAMTDENBMy1QUC4wMS4wNjAeFw05ODAxMDExMjAxMDBaFw00ODAxMDExMjAxMD" + + "BaMF4xCzAJBgNVBAYTAlVTMRgwFgYDVQQKEw9VLlMuIEdvdmVybm1lbnQxDDAKBgNVBAsT" + + "A0RvZDEQMA4GA1UECxMHVGVzdGluZzEVMBMGA1UEAxMMQ0E0LVBQLjAxLjA2MIGfMA0GCS" + + "qGSIb3DQEBAQUAA4GNADCBiQKBgQC+IxiNJMOQG2gx1xd9ELNuzs9LrVJVRLvgP0lpWrx2" + + "2HTEXPDB6YmrEg/YgyptmQ5Z4K6CEgJz3EdDOarCSGcL7DmcSEwEw46MV3piS5DrHwQ4GH" + + "a2/ENSh3lF+6dliBwbQR2necmQ5g8ekqkWNb65pLl6RCNGkntJpdu8w5GWbwIDAQABo2Mw" + + "YTAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIF4DAWBgNVHSAEDzANMAsGCWCGSA" + + "FlAwEwATARBgNVHQ4ECgQIMf/eRyakKwgwEwYDVR0jBAwwCoAI0okyYRYID6MwDQYJKoZI" + + "hvcNAQEFBQADgYEADgpHRDgyPuK4dc+m2p0IELHUAK3qsdTZzBXsaA0rkkk1aRjI6DQ2qg" + + "b4crRU3spQgYwBC7KQYd/hp8Lk17iX6fdV/9wol0DxTGhamOJA0uRl768awRArf4cEUElF" + + "uWPN8D3wJEfL6BWgReUJWg8V9HEtdvXZZgzFN/CgHRkQ2RM="; + public readonly string[] TEST_39_DATA = new string[] + { + Intermediate_Certificate_1_PP_01_06_crt, + Intermediate_Certificate_2_PP_01_06_crt, + Intermediate_Certificate_3_PP_01_06_crt, + Intermediate_CRL_1_PP_01_06_crl, + Intermediate_CRL_2_PP_01_06_crl, + Intermediate_CRL_3_PP_01_06_crl, + End_Certificate_PP_01_06_crt + }; + + /* + * test40 + * + */ + + public const string Intermediate_Certificate_1_PP_01_07_crt = + "MIICrzCCAhigAwIBAgIBVDANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1" + + "UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb0QxEDAOBgNVBAsTB1Rlc3Rpbmcx" + + "FTATBgNVBAMTDFRydXN0IEFuY2hvcjAeFw05ODAxMDExMjAxMDBaFw00ODAxMDExMjAxMD" + + "BaMF4xCzAJBgNVBAYTAlVTMRgwFgYDVQQKEw9VLlMuIEdvdmVybm1lbnQxDDAKBgNVBAsT" + + "A0RvZDEQMA4GA1UECxMHVGVzdGluZzEVMBMGA1UEAxMMQ0ExLVBQLjAxLjA3MIGfMA0GCS" + + "qGSIb3DQEBAQUAA4GNADCBiQKBgQDs3Z/FfgJOyKp+Ds8xiQBM053cWylYbD+g+zuWDz3d" + + "nD0eF77TLPITL7hwI058Pn3tXHlveuKMFqbvzWUgFXaBoHmmRohIj1eqfJQhlmKLjlSYyC" + + "N4xhLVi7vg71ZjFdRk1k8ME1HDfpb2WXqXh9LyRYY8b/aqL+NHe1PUDbT6FQIDAQABo30w" + + "ezAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBBjAwBgNVHSAEKTAnMAsGCWCGSA" + + "FlAwEwATALBglghkgBZQMBMAIwCwYJYIZIAWUDATADMBEGA1UdDgQKBAgvehPxsTfSBDAT" + + "BgNVHSMEDDAKgAirmuv5wudUjzANBgkqhkiG9w0BAQUFAAOBgQBpdMBEONGcpFitMN1ihf" + + "W441E4HVTQwtF+h56aagVFndUF1gQsVEdDNmvvN/jdlzXotcfdEj1lOahmcwWbPOlNx3PB" + + "LUPAcaNM9SCrXWi1gKJK3gXC2OAxj0mT5XhfPlAdfhZXTBZLqMqebmk6kVwa+VyPPZFHGy" + + "BW0fV2ClJ69Q=="; + public const string Intermediate_Certificate_2_PP_01_07_crt = + "MIICojCCAgugAwIBAgIBVTANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1" + + "UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3Rpbmcx" + + "FTATBgNVBAMTDENBMS1QUC4wMS4wNzAeFw05ODAxMDExMjAxMDBaFw00ODAxMDExMjAxMD" + + "BaMF4xCzAJBgNVBAYTAlVTMRgwFgYDVQQKEw9VLlMuIEdvdmVybm1lbnQxDDAKBgNVBAsT" + + "A0RvZDEQMA4GA1UECxMHVGVzdGluZzEVMBMGA1UEAxMMQ0EyLVBQLjAxLjA3MIGfMA0GCS" + + "qGSIb3DQEBAQUAA4GNADCBiQKBgQCrO/98w96Bg5YTTmtdc9sL8AOABGcYx5J8E1Y7/GhU" + + "2sInc/j0dtBbE0Tj4KFIKpVLD0m2mTyHVCUA0/QGiS1Tq6DzmZW/V36Clya3CoX9rDTJyU" + + "cKHpgntV19fFAK58aksyKCdP9jjLpbSspzOlIc+mVW+hkjgw3NcuY6fAOQvQIDAQABo3Aw" + + "bjAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBBjAjBgNVHSAEHDAaMAsGCWCGSA" + + "FlAwEwATALBglghkgBZQMBMAIwEQYDVR0OBAoECEmeATXRkM5EMBMGA1UdIwQMMAqACC96" + + "E/GxN9IEMA0GCSqGSIb3DQEBBQUAA4GBAG/Qv60jyImedUXtCYl0QpQ1Ne2ZLxvUHRLms8" + + "B1nXC/Rze7zfz5cwiyQn+6XN2rhuYFdTMDEFZDIjeeCLNllfan4GUAdRGtoJnfoLOGLlQf" + + "RW1ONc80cxd1NTxHqxOtqpWdoJQEn8070WLqQPACEs88XYKBZ00sF9ZdSg5vhHUu"; + public const string Intermediate_Certificate_3_PP_01_07_crt = + "MIIClTCCAf6gAwIBAgIBVjANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1" + + "UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3Rpbmcx" + + "FTATBgNVBAMTDENBMi1QUC4wMS4wNzAeFw05ODAxMDExMjAxMDBaFw00ODAxMDExMjAxMD" + + "BaMF4xCzAJBgNVBAYTAlVTMRgwFgYDVQQKEw9VLlMuIEdvdmVybm1lbnQxDDAKBgNVBAsT" + + "A0RvZDEQMA4GA1UECxMHVGVzdGluZzEVMBMGA1UEAxMMQ0EzLVBQLjAxLjA3MIGfMA0GCS" + + "qGSIb3DQEBAQUAA4GNADCBiQKBgQC+5b7o4iWl80ntDMKGcnquLQDTGlf6Gy/8y34Vw08/" + + "8ij+nuHMiKpo6UCF0OpDcnkJ2ovvMsY5dAb5ErhH64UbnMlKbghnGv0sVidtipoC8u7ey1" + + "YUIzDCdmbNvTfho6IXKzH8ev//K+FJd3qBuKHl9u2Kk5+igsyb+bPSid7d/QIDAQABo2Mw" + + "YTAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBBjAWBgNVHSAEDzANMAsGCWCGSA" + + "FlAwEwATARBgNVHQ4ECgQIUDKu7h5EQ70wEwYDVR0jBAwwCoAISZ4BNdGQzkQwDQYJKoZI" + + "hvcNAQEFBQADgYEAnKhR3OvdgtVtmio7ikCvjxlSoKVbUleazxONOxHUAKdXEv0/mSOTwp" + + "hPPIoE2xAqPOOHvXPmzmJpPADjrfhU6afJ7ThDRFTMk4ZLOkT1SvRlymK7uWhj5bhUgi6S" + + "UQ2LUmrY2hIN4cTrrzZvDw2Q/6UIuqpmySXEOHDL5T5MXEo="; + public const string Intermediate_CRL_1_PP_01_07_crl = + "MIIBSzCBtQIBATANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS" + + "5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNV" + + "BAMTDENBMS1QUC4wMS4wNxcNOTkwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMTAwWqAjMCEwCg" + + "YDVR0UBAMCAQEwEwYDVR0jBAwwCoAIL3oT8bE30gQwDQYJKoZIhvcNAQEFBQADgYEA4gZR" + + "71wRXNdxWe7kaQPAw44UUw+cN1bDBU0RV7nwYAFDYxDIaDGOfjhUVTMBq4rb51S7uqIqYS" + + "F6j7BdLXl9WVRJobfkRH0t0cBnuSeQRz3ckrZrCuvyxb3PEL3pbf0UH1i/BfoG+EHJAY7R" + + "OVOL/dyoXeX6ehH6ImGhucDixS0="; + public const string Intermediate_CRL_2_PP_01_07_crl = + "MIIBSzCBtQIBATANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS" + + "5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNV" + + "BAMTDENBMi1QUC4wMS4wNxcNOTkwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMTAwWqAjMCEwCg" + + "YDVR0UBAMCAQEwEwYDVR0jBAwwCoAISZ4BNdGQzkQwDQYJKoZIhvcNAQEFBQADgYEAfzKw" + + "NHrl10PJDHa3olBYXYzXi94zxDsEQSIb+W4pPXUfDZijPqL1NzapLqc/uL1Sl28GmLDrbm" + + "nCrlMn1Kt/gI6XndOnSyC9Sg6WDxAI3HTHxlG5MHLBn9Lb36CHobnwep1BMo8zl2clh0Kz" + + "PIxQSGXM1BDpHkwF5eoFAolDih4="; + public const string Intermediate_CRL_3_PP_01_07_crl = + "MIIBSzCBtQIBATANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS" + + "5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNV" + + "BAMTDENBMy1QUC4wMS4wNxcNOTkwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMTAwWqAjMCEwCg" + + "YDVR0UBAMCAQEwEwYDVR0jBAwwCoAIUDKu7h5EQ70wDQYJKoZIhvcNAQEFBQADgYEAj7+M" + + "EeIe1GmJpbRUFqbNrDvT5tHjKQMNdbe5Y8F920U5t0ig1Up60kc7hs7LH57i6R/quPOpym" + + "a9Eo9Bql+P2Bg9FELih5/a4B021TZBmmdSI5fwQZ6Q5PjgG58Zl2cJitNYvGi7tVUBojA5" + + "CSN7KBMyipia9ivxm9a/llJPrQY="; + public const string End_Certificate_PP_01_07_crt = + "MIIClTCCAf6gAwIBAgIBVzANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1" + + "UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3Rpbmcx" + + "FTATBgNVBAMTDENBMy1QUC4wMS4wNzAeFw05ODAxMDExMjAxMDBaFw00ODAxMDExMjAxMD" + + "BaMF4xCzAJBgNVBAYTAlVTMRgwFgYDVQQKEw9VLlMuIEdvdmVybm1lbnQxDDAKBgNVBAsT" + + "A0RvZDEQMA4GA1UECxMHVGVzdGluZzEVMBMGA1UEAxMMQ0E0LVBQLjAxLjA3MIGfMA0GCS" + + "qGSIb3DQEBAQUAA4GNADCBiQKBgQC/RmUcYHxgQRHCUh5cMug/J2o8DzYbT+2pIehJkNCr" + + "zfqemV3qshLdMct5GV73oEkG5b6n7tj3/hI1TLh/A3LQpKROAGZybdo9fk4Pa0+6V6ql/U" + + "NnSpcAKct/f3IvchGo9nBGdi9aE+j+xKhMM6E8xj1+Jc7Z0xz7zE4+qRbeZQIDAQABo2Mw" + + "YTAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIF4DAWBgNVHSAEDzANMAsGCWCGSA" + + "FlAwEwAjARBgNVHQ4ECgQI/y572lfRyH4wEwYDVR0jBAwwCoAIUDKu7h5EQ70wDQYJKoZI" + + "hvcNAQEFBQADgYEANl9zdMKbaq14OP45PeK9D4ftOSuliW2di1qAX38FQoWPYLLoaDU0Q1" + + "9I54PDY/UYRR9jKDl1WPhV6cD+65eadtiOZVr/h1CaW/HxTloouzN4z1zCXMC7AxZKo+EI" + + "XLN8f4w7hKLFYgf6gP9+iVi+T2gKfH5Ch2zjRhlmGFRgsBQ="; + public readonly string[] TEST_40_DATA = new string[] + { + Intermediate_Certificate_1_PP_01_07_crt, + Intermediate_Certificate_2_PP_01_07_crt, + Intermediate_Certificate_3_PP_01_07_crt, + Intermediate_CRL_1_PP_01_07_crl, + Intermediate_CRL_2_PP_01_07_crl, + Intermediate_CRL_3_PP_01_07_crl, + End_Certificate_PP_01_07_crt + }; + + /* + * test41 + * + */ + + public const string Intermediate_Certificate_1_PP_01_08_crt = + "MIICojCCAgugAwIBAgIBWDANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1" + + "UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb0QxEDAOBgNVBAsTB1Rlc3Rpbmcx" + + "FTATBgNVBAMTDFRydXN0IEFuY2hvcjAeFw05ODAxMDExMjAxMDBaFw00ODAxMDExMjAxMD" + + "BaMF4xCzAJBgNVBAYTAlVTMRgwFgYDVQQKEw9VLlMuIEdvdmVybm1lbnQxDDAKBgNVBAsT" + + "A0RvZDEQMA4GA1UECxMHVGVzdGluZzEVMBMGA1UEAxMMQ0ExLVBQLjAxLjA4MIGfMA0GCS" + + "qGSIb3DQEBAQUAA4GNADCBiQKBgQDDe20HLq7R8b0fWTsEiNV3Z5IbQseZ8QCW+1cb6yM+" + + "ArKLJDnXx8zmTHSHQCpw3G7xhGsxA1btm0cSC5P/1bw/kFWsSLRe2NFF6oKU+7c+cgIUMB" + + "kzyXk+kpWAQRb7hcb50iKdKFtO8gMNGMAxlHRI05/1tThyAs9suI4TrxTS9QIDAQABo3Aw" + + "bjAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBBjAjBgNVHSAEHDAaMAsGCWCGSA" + + "FlAwEwATALBglghkgBZQMBMAIwEQYDVR0OBAoECFxr9vgF31fKMBMGA1UdIwQMMAqACKua" + + "6/nC51SPMA0GCSqGSIb3DQEBBQUAA4GBABaX7TYfmSyVmzGCVbTFweUuPilo4wzy7z/w0x" + + "y4uSaM/YMtixUdDPpTHOJNYDdeV85v+w9oezdL2ZYAaGn7tldC6k8ouq/6hOGGST+ziHJS" + + "gTOD8UVBQPRPvWEwgmDIprnzrVRz8rG6uqslXNiBDnO9BMGpRo4dy8YpOmV6BPCD"; + public const string Intermediate_Certificate_2_PP_01_08_crt = + "MIIClTCCAf6gAwIBAgIBWTANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1" + + "UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3Rpbmcx" + + "FTATBgNVBAMTDENBMS1QUC4wMS4wODAeFw05ODAxMDExMjAxMDBaFw00ODAxMDExMjAxMD" + + "BaMF4xCzAJBgNVBAYTAlVTMRgwFgYDVQQKEw9VLlMuIEdvdmVybm1lbnQxDDAKBgNVBAsT" + + "A0RvZDEQMA4GA1UECxMHVGVzdGluZzEVMBMGA1UEAxMMQ0EyLVBQLjAxLjA4MIGfMA0GCS" + + "qGSIb3DQEBAQUAA4GNADCBiQKBgQC8nLZcMLHYKxVqbhwJiqQbAYhf7S6ck2O9AhNor935" + + "Bfm7/8qVZbBAotQy1PoCjSW0UYdknDolWvi8aAtO0f9XVrAv6BZVVW9j3osIGN/XUThaN+" + + "9dZ83kGpyjeoitpGK4wbFNDteuBFYp+8gFNupnX7JQwUK3aGwBUucbe7puRQIDAQABo2Mw" + + "YTAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBBjAWBgNVHSAEDzANMAsGCWCGSA" + + "FlAwEwATARBgNVHQ4ECgQIL0xyFYBk4OcwEwYDVR0jBAwwCoAIXGv2+AXfV8owDQYJKoZI" + + "hvcNAQEFBQADgYEAPk+Lys0Ueoyhp544EH9Hqy9+gY+l/+N99v7KvBlZWKuhkwZDE+qAYT" + + "P/SOPsWe8ADZE2iQ4pOlpK8jSqtJSdK69RgGL9omLnR04L9c/zKLArBE+VmoV7mohcQp8x" + + "aB4q/g3QnAqwfFYDjIWW3H6gRAeQ5MOtKdz/4042fJxc5L8="; + public const string Intermediate_Certificate_3_PP_01_08_crt = + "MIIClTCCAf6gAwIBAgIBWjANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1" + + "UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3Rpbmcx" + + "FTATBgNVBAMTDENBMi1QUC4wMS4wODAeFw05ODAxMDExMjAxMDBaFw00ODAxMDExMjAxMD" + + "BaMF4xCzAJBgNVBAYTAlVTMRgwFgYDVQQKEw9VLlMuIEdvdmVybm1lbnQxDDAKBgNVBAsT" + + "A0RvZDEQMA4GA1UECxMHVGVzdGluZzEVMBMGA1UEAxMMQ0EzLVBQLjAxLjA4MIGfMA0GCS" + + "qGSIb3DQEBAQUAA4GNADCBiQKBgQCvy6bNOyVaP8JTwiySFa3Sj+rdSqzkalK5gA7DLk4q" + + "AyvnAK64HgbCsb8dpnSi94WBDsocrQ4C1Ltoahc/AZyRVLA/REsAh1r3/0FALZgYiIxvSF" + + "m3ihKb3P9URBbotzhl1ahRZPSrcxKwNXEmxB0gjixGW7GZTARq3Il5ressRwIDAQABo2Mw" + + "YTAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBBjAWBgNVHSAEDzANMAsGCWCGSA" + + "FlAwEwAjARBgNVHQ4ECgQIwFtfZBe/KqUwEwYDVR0jBAwwCoAIL0xyFYBk4OcwDQYJKoZI" + + "hvcNAQEFBQADgYEAeZhpIDEYyV/LkOtUf1TryemJExQ1jdfirJ3AUtoFIoWz1p9aqnV6Po" + + "GAMozjtdyotfSA2O8c065DwD+CvUXPmdD+2vWpX/2hJPj+x++UvvntAokD2UE9HCeEvBHK" + + "rr59hvKKd6GChyhAjLris202eTLIiMEoyZy9X/Wt1nXF8/g="; + public const string Intermediate_CRL_1_PP_01_08_crl = + "MIIBSzCBtQIBATANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS" + + "5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNV" + + "BAMTDENBMS1QUC4wMS4wOBcNOTkwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMTAwWqAjMCEwCg" + + "YDVR0UBAMCAQEwEwYDVR0jBAwwCoAIXGv2+AXfV8owDQYJKoZIhvcNAQEFBQADgYEAhkwT" + + "E/EGAe32J883qVrh1wG5xQzO/GGfp/zuDYGL2k1zZ2zq7MajKfzBoXXQ3WPh5dTK1sy5o5" + + "boPHG0pge0B4/2JvuDVS539+9HAPansUNsrMXzOblg1acjdKtuk4oS8PIYkM/lbA6yJl6F" + + "QMbdIthWqa2gjaWKll3R8fVUjxI="; + public const string Intermediate_CRL_2_PP_01_08_crl = + "MIIBSzCBtQIBATANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS" + + "5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNV" + + "BAMTDENBMi1QUC4wMS4wOBcNOTkwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMTAwWqAjMCEwCg" + + "YDVR0UBAMCAQEwEwYDVR0jBAwwCoAIL0xyFYBk4OcwDQYJKoZIhvcNAQEFBQADgYEAN6BQ" + + "sEQT5YCvs9vlUSdG4gjTgNkyQTCdmSIcufpK4MG/AoW/Fn5zJXxiMyHmvT/dkk/UOf82/s" + + "41YI/Inz4qRmGF4IL7jo+l7V+OI1n+Vf4ClgZU6ocb9d1dFoBkJu3xI9dcWK6ExpzaBUXw" + + "rPJilV4M5luGbszdDCs9cLjmiRA="; + public const string Intermediate_CRL_3_PP_01_08_crl = + "MIIBSzCBtQIBATANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS" + + "5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNV" + + "BAMTDENBMy1QUC4wMS4wOBcNOTkwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMTAwWqAjMCEwCg" + + "YDVR0UBAMCAQEwEwYDVR0jBAwwCoAIwFtfZBe/KqUwDQYJKoZIhvcNAQEFBQADgYEAkmDx" + + "t+r59llppKmm9mSTof9/BX2rNyG9LfIH7wweoDi9be2vYOLy0NU1kJ8f3/muEw2v7hWDri" + + "k9ROLDFnb/S8MYVT0l4rymRhpshPF1uMTOZmfJUCfTX9jIaShztSScqcGSP0a3EUfDD14R" + + "1yMu2pdlMM35llE0lV3uf/eUNr0="; + public const string End_Certificate_PP_01_08_crt = + "MIIClTCCAf6gAwIBAgIBWzANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1" + + "UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3Rpbmcx" + + "FTATBgNVBAMTDENBMy1QUC4wMS4wODAeFw05ODAxMDExMjAxMDBaFw00ODAxMDExMjAxMD" + + "BaMF4xCzAJBgNVBAYTAlVTMRgwFgYDVQQKEw9VLlMuIEdvdmVybm1lbnQxDDAKBgNVBAsT" + + "A0RvZDEQMA4GA1UECxMHVGVzdGluZzEVMBMGA1UEAxMMQ0E0LVBQLjAxLjA4MIGfMA0GCS" + + "qGSIb3DQEBAQUAA4GNADCBiQKBgQDTWNp6Oz39wwU8AFDzYVs3UfVvXg+t6j/qFavnvllI" + + "NO6aU1o4Hnk1wfmTPZPErc00/MfizMSumTYYRl21hEZWhjNO5uQIHrF9V/4OToo2iOfsPd" + + "gxwpSokwxcl7CJyadwUxhRDYCLhSORXoCK1CPQZjwb+uQz799O5ozb0WVNYQIDAQABo2Mw" + + "YTAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIF4DAWBgNVHSAEDzANMAsGCWCGSA" + + "FlAwEwAjARBgNVHQ4ECgQIO1TNJtWwaiIwEwYDVR0jBAwwCoAIwFtfZBe/KqUwDQYJKoZI" + + "hvcNAQEFBQADgYEANmP9hyFnYvi8gdtRe8ERoEG90NwoyPTsB8sXd40f+Sm1QxKqMPzKPL" + + "7bOtY12JGwZ55a6HFVgpw4PnU+0iOcCMHS5OQQLtyirxX2HfioiXEmcmRJT6FvLHrGIHGv" + + "KNcfc3rUiksdOb6+j2k8x4IwQ6pBEHQwY8U4Y4DgqALlqM0="; + public readonly string[] TEST_41_DATA = new string[] + { + Intermediate_Certificate_1_PP_01_08_crt, + Intermediate_Certificate_2_PP_01_08_crt, + Intermediate_Certificate_3_PP_01_08_crt, + Intermediate_CRL_1_PP_01_08_crl, + Intermediate_CRL_2_PP_01_08_crl, + Intermediate_CRL_3_PP_01_08_crl, + End_Certificate_PP_01_08_crt + }; + + /* + * test42 + * + */ + + public const string Intermediate_Certificate_1_PP_01_09_crt = + "MIICrzCCAhigAwIBAgIBXDANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1" + + "UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb0QxEDAOBgNVBAsTB1Rlc3Rpbmcx" + + "FTATBgNVBAMTDFRydXN0IEFuY2hvcjAeFw05ODAxMDExMjAxMDBaFw00ODAxMDExMjAxMD" + + "BaMF4xCzAJBgNVBAYTAlVTMRgwFgYDVQQKEw9VLlMuIEdvdmVybm1lbnQxDDAKBgNVBAsT" + + "A0RvZDEQMA4GA1UECxMHVGVzdGluZzEVMBMGA1UEAxMMQ0ExLVBQLjAxLjA5MIGfMA0GCS" + + "qGSIb3DQEBAQUAA4GNADCBiQKBgQDJqSSqGjgI3JUJfA/XkloAOg2QtZeAGp2nCq1Oiply" + + "MTjJpMpEOSRYrEIgKMGnBPq33seP7X/obCT2jgexmbFT2TmPirM+h1aqbGQ7QAqsx80BdE" + + "ofdcfiNosLbbzli9qFrbarO7fJfBhzraBFGDJj3N8nLi2YtP9IieFYJ/MhKwIDAQABo30w" + + "ezAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBBjAwBgNVHSAEKTAnMAsGCWCGSA" + + "FlAwEwATALBglghkgBZQMBMAIwCwYJYIZIAWUDATADMBEGA1UdDgQKBAiVRMrZuHQ7VjAT" + + "BgNVHSMEDDAKgAirmuv5wudUjzANBgkqhkiG9w0BAQUFAAOBgQCetZy9JMzUVveSPE2fQY" + + "4fRVChyvIc9nCE4wbzhnRl3zduBGmAwTFr7dRWSFTnEq1c2b6B5nJtCzmt4Ovapf69sIlM" + + "s3iV16eBB1WTNCY8YlAsnmZ7q/AR0t0vX+hh6QV6zN5xqulOM4Y8csZEx3RWJzV/LjE5w7" + + "mKvofBEUoqQA=="; + public const string Intermediate_Certificate_2_PP_01_09_crt = + "MIICojCCAgugAwIBAgIBXTANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1" + + "UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3Rpbmcx" + + "FTATBgNVBAMTDENBMS1QUC4wMS4wOTAeFw05ODAxMDExMjAxMDBaFw00ODAxMDExMjAxMD" + + "BaMF4xCzAJBgNVBAYTAlVTMRgwFgYDVQQKEw9VLlMuIEdvdmVybm1lbnQxDDAKBgNVBAsT" + + "A0RvZDEQMA4GA1UECxMHVGVzdGluZzEVMBMGA1UEAxMMQ0EyLVBQLjAxLjA5MIGfMA0GCS" + + "qGSIb3DQEBAQUAA4GNADCBiQKBgQDWUTlTieoi7aLGUYOAgqUC2J/6JarOWfv4vobpwjAA" + + "DjvQGqg/GCZP7FgD/72Z4YefZKJEFZTDnYfmy2qh6iBYxcvLsJ+PJGzPCObNSmyq8gpeXy" + + "KKEeCZtEev1tSywTT6E5Dhee4dX0QHE4ydZEliMMXGRW/8ffT6x54CPwVylQIDAQABo3Aw" + + "bjAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBBjAjBgNVHSAEHDAaMAsGCWCGSA" + + "FlAwEwATALBglghkgBZQMBMAIwEQYDVR0OBAoECAMhmGN8+qXoMBMGA1UdIwQMMAqACJVE" + + "ytm4dDtWMA0GCSqGSIb3DQEBBQUAA4GBALNjokGrTnWsPn5KrlO+g3R8tAGM90JQDjfrap" + + "xWM+nN+dUVVdGU6w2pAOAq2UhfySiP42qiFChnPK9oOqPF2Or7/kcmXZzBfZkE/FnJGNUA" + + "gs9je1nZvTPQYsF094OqE7QdJi2k3seA1tqejA1kihMHpwQNmIp8bFpqn4dPO6ys"; + public const string Intermediate_Certificate_3_PP_01_09_crt = + "MIIClTCCAf6gAwIBAgIBXjANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1" + + "UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3Rpbmcx" + + "FTATBgNVBAMTDENBMi1QUC4wMS4wOTAeFw05ODAxMDExMjAxMDBaFw00ODAxMDExMjAxMD" + + "BaMF4xCzAJBgNVBAYTAlVTMRgwFgYDVQQKEw9VLlMuIEdvdmVybm1lbnQxDDAKBgNVBAsT" + + "A0RvZDEQMA4GA1UECxMHVGVzdGluZzEVMBMGA1UEAxMMQ0EzLVBQLjAxLjA5MIGfMA0GCS" + + "qGSIb3DQEBAQUAA4GNADCBiQKBgQDHUpHhF4ANNLOywnvpqyDgzLMtatW3ZxgLBBRYk6TE" + + "jMgTVKmRasVRTA9uatGG4b2f70YWs9cOd4ylQDqPEDdKNZ47bqZdX6RAU3j1dO9LBwWDbp" + + "NvZ3zuDBRDoCZClIcBESDYweaZ9nUgKl/WxTeCnMwqkfSJGYBBcHIonRPnGwIDAQABo2Mw" + + "YTAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBBjAWBgNVHSAEDzANMAsGCWCGSA" + + "FlAwEwAjARBgNVHQ4ECgQIyppef22OmjEwEwYDVR0jBAwwCoAIAyGYY3z6pegwDQYJKoZI" + + "hvcNAQEFBQADgYEAOySUCY+PZxomhWgTRSKRodOIe/QSfCMSC+0iw24a2TuJzFLjN9pSm9" + + "0C2PqWbfwD1uDjrteO1NK+1yhtIDySiptR9GmR/fhL7NJ+z7M4fEJBjjeeI9/aEIuHuBFT" + + "TVHfwsJxnZtjujtOdl56B825LsKW8Otumd2A43N9wIgSyBg="; + public const string Intermediate_Certificate_4_PP_01_09_crt = + "MIIClTCCAf6gAwIBAgIBXzANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1" + + "UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3Rpbmcx" + + "FTATBgNVBAMTDENBMy1QUC4wMS4wOTAeFw05ODAxMDExMjAxMDBaFw00ODAxMDExMjAxMD" + + "BaMF4xCzAJBgNVBAYTAlVTMRgwFgYDVQQKEw9VLlMuIEdvdmVybm1lbnQxDDAKBgNVBAsT" + + "A0RvZDEQMA4GA1UECxMHVGVzdGluZzEVMBMGA1UEAxMMQ0E0LVBQLjAxLjA5MIGfMA0GCS" + + "qGSIb3DQEBAQUAA4GNADCBiQKBgQDR8/c35YqAswoRMgQswlTbKB9oYEzrFSC0G4dt8ydP" + + "O4PyQs+J8wUVrRVMiVDTLO9rUnzR1T3iA0dqM+SvWMIA8pMWKyNV58f73ZPJIejhxMmOZa" + + "sSLHceMmmMRy1zyk38i3ZJP3YhvxffTjWyTZ9k2xSDX+6KNnkiKkJSKpl6nwIDAQABo2Mw" + + "YTAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBBjAWBgNVHSAEDzANMAsGCWCGSA" + + "FlAwEwATARBgNVHQ4ECgQIpcWcVIIu63kwEwYDVR0jBAwwCoAIyppef22OmjEwDQYJKoZI" + + "hvcNAQEFBQADgYEAckgV11ND/D1vfPEMUbDGUvtmsziHiSuEoDLJqSAhOmcX+evKWOfoVo" + + "f7og+0ajuul7yuB+7YX1AakOw+33k++Rsgg4o+ImZq3+VScpgnIQ037OOhgH3umwFRC0r3" + + "NpWqhmQuz+mHnKiK3X+IDsQOFkhnpNs06CQSZzmrzbYlQU0="; + public const string Intermediate_CRL_1_PP_01_09_crl = + "MIIBSzCBtQIBATANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS" + + "5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNV" + + "BAMTDENBMS1QUC4wMS4wORcNOTkwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMTAwWqAjMCEwCg" + + "YDVR0UBAMCAQEwEwYDVR0jBAwwCoAIlUTK2bh0O1YwDQYJKoZIhvcNAQEFBQADgYEAkEc6" + + "qHGOWZXYTQ5fsWyJgEtuJyl8uJ+gMcikcMut5SIJTTtOz+q3wclYDevT8z1MM25kNdgwyg" + + "b1bwHNAG8I72eIDtGfLrChFwU3qpvVMTG9gPYJb05Q8On56nsBu/PnnzJervzxjViaeOuv" + + "kjwwfmWqGkyiK433WxzgPqE48eA="; + public const string Intermediate_CRL_2_PP_01_09_crl = + "MIIBSzCBtQIBATANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS" + + "5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNV" + + "BAMTDENBMi1QUC4wMS4wORcNOTkwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMTAwWqAjMCEwCg" + + "YDVR0UBAMCAQEwEwYDVR0jBAwwCoAIAyGYY3z6pegwDQYJKoZIhvcNAQEFBQADgYEAV9Md" + + "8PaNoIlT7WIwnelqrbwsR66vAaT8w3gu8XDYXu+MOYThfyERUvtH6AUrHWfiRvWEzKljHH" + + "3BQB0Zsa9Zz3U5cLzJcqtqDc1lH53aIA8MflrfMVrYSF684s28FikcukmA5Fw3+7S3TJ18" + + "Hq7plHwTCidVD6yG35hsPwcjTrE="; + public const string Intermediate_CRL_3_PP_01_09_crl = + "MIIBSzCBtQIBATANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS" + + "5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNV" + + "BAMTDENBMy1QUC4wMS4wORcNOTkwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMTAwWqAjMCEwCg" + + "YDVR0UBAMCAQEwEwYDVR0jBAwwCoAIyppef22OmjEwDQYJKoZIhvcNAQEFBQADgYEAjBaP" + + "V/TFQtDLxQFIBCbfqhlgpOfvJBatjNuvB0TuD2rsGS1eaLNfTfyVKlOLpxoKwKYMu36kIO" + + "l/+KEPDq+ofy7uDZ6GLK3KZ/WiJyriqBQjFCvlhNTW1cjA7Ejk2lOM/A46mrUS9xC+aITh" + + "d+/UYGt6O/e256cOwQCUaF2z328="; + public const string Intermediate_CRL_4_PP_01_09_crl = + "MIIBSzCBtQIBATANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS" + + "5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNV" + + "BAMTDENBNC1QUC4wMS4wORcNOTkwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMTAwWqAjMCEwCg" + + "YDVR0UBAMCAQEwEwYDVR0jBAwwCoAIpcWcVIIu63kwDQYJKoZIhvcNAQEFBQADgYEApZ1l" + + "w5SJoU8zeKwX5jpVWiFFFomDgKsNlkkX5mF88l0B6MiYbGqJIowJRfeIlxvPOf20imN7Z8" + + "l38DRXFacDQP4y5kxM420dp+ljQL5q9RsrC1+OS7I7TGgGwPoZTO4mHVk8nx9MyT+kW1OU" + + "x9qRYWN0CLmP22kutYBndny222Y="; + public const string End_Certificate_PP_01_09_crt = + "MIIChjCCAe+gAwIBAgIBYDANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1" + + "UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3Rpbmcx" + + "FTATBgNVBAMTDENBNC1QUC4wMS4wOTAeFw05ODAxMDExMjAxMDBaFw00ODAxMDExMjAxMD" + + "BaMGAxCzAJBgNVBAYTAlVTMRgwFgYDVQQKEw9VLlMuIEdvdmVybm1lbnQxDDAKBgNVBAsT" + + "A0RvRDEQMA4GA1UECxMHVGVzdGluZzEXMBUGA1UEAxMOVXNlcjEtUFAuMDEuMDkwgZ8wDQ" + + "YJKoZIhvcNAQEBBQADgY0AMIGJAoGBALiOjwwwUk1HNwf2rdzPL2okKTgL+lMdzhC7cbq3" + + "6A409EY7iipPCcsDsheo9EaTNOHV9xjWDqOhqjA38h4hGNkRUVOlTW2r8SoHISn3gDXfrh" + + "aHbU3owscAmt1nuA7rzo7L1eBPsisIIxAY16uAmVN5RdiAAaP8VUdshcNI4/1jAgMBAAGj" + + "UjBQMA4GA1UdDwEB/wQEAwIF4DAWBgNVHSAEDzANMAsGCWCGSAFlAwEwATARBgNVHQ4ECg" + + "QIGZIY3nffEXowEwYDVR0jBAwwCoAIpcWcVIIu63kwDQYJKoZIhvcNAQEFBQADgYEA0Svm" + + "aqjaeQx/lnF223xlCTsU7XzOxbHetRWfeCTw0QrWQaTrKjWTS/TNyzLhGuPBFg+NTTvWML" + + "gzteo/WWdF8+d2rOis9FVRCe/Euok6ZCL/xgzaE86ZSQg0jj6458TpuC2cszSaifRSlhL5" + + "ogy4ADWgJxdVcBrgADo6QZXkXXw="; + public readonly string[] TEST_42_DATA = new string[] + { + Intermediate_Certificate_1_PP_01_09_crt, + Intermediate_Certificate_2_PP_01_09_crt, + Intermediate_Certificate_3_PP_01_09_crt, + Intermediate_Certificate_4_PP_01_09_crt, + Intermediate_CRL_1_PP_01_09_crl, + Intermediate_CRL_2_PP_01_09_crl, + Intermediate_CRL_3_PP_01_09_crl, + Intermediate_CRL_4_PP_01_09_crl, + End_Certificate_PP_01_09_crt + }; + + /* + * test43 + * + */ + + public const string Intermediate_Certificate_1_PP_06_01_crt = + "MIICozCCAgygAwIBAgIBYTANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1" + + "UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb0QxEDAOBgNVBAsTB1Rlc3Rpbmcx" + + "FTATBgNVBAMTDFRydXN0IEFuY2hvcjAeFw05ODAxMDExMjAxMDBaFw00ODAxMDExMjAxMD" + + "BaMF4xCzAJBgNVBAYTAlVTMRgwFgYDVQQKEw9VLlMuIEdvdmVybm1lbnQxDDAKBgNVBAsT" + + "A0RvZDEQMA4GA1UECxMHVGVzdGluZzEVMBMGA1UEAxMMQ0ExLVBQLjA2LjAxMIGfMA0GCS" + + "qGSIb3DQEBAQUAA4GNADCBiQKBgQC4mu1oBHB9BeorCFJIuSw5tszmmYBD4bjTklsAfjrz" + + "OknQsYxEoHfifpdgivh1fMUk+mK5YWUz0G8/edquKbJhPBTTWp8opsGzTATsTLSEzkKbVM" + + "DQ84ttxrhJWlrVRlouZTnD5HoLUvujY4EdydmKsjj6UBt/tGL5EKodymcEtwIDAQABo3Ew" + + "bzAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBBjAWBgNVHSAEDzANMAsGCWCGSA" + + "FlAwEwATAMBgNVHSQEBTADgAEKMBEGA1UdDgQKBAiGRi8YRte8PzATBgNVHSMEDDAKgAir" + + "muv5wudUjzANBgkqhkiG9w0BAQUFAAOBgQDHOaIki9TogVJn54FRPl+7FyzBJ2DnR4RTM/" + + "q1K3COWRdtvmGqtBBtAccxWziQJ5TnAQn1XA0cFPoCgymGPRcUz+0+C+3VhJ/m9LggVP3/" + + "pjJEG0fsmJtUYPyphUlXeUzf4qSj34SlJws3DIHTR8ozAR75HZmlMRnxyZBLl+jAng=="; + public const string Intermediate_Certificate_2_PP_06_01_crt = + "MIIClTCCAf6gAwIBAgIBYjANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1" + + "UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3Rpbmcx" + + "FTATBgNVBAMTDENBMS1QUC4wNi4wMTAeFw05ODAxMDExMjAxMDBaFw00ODAxMDExMjAxMD" + + "BaMF4xCzAJBgNVBAYTAlVTMRgwFgYDVQQKEw9VLlMuIEdvdmVybm1lbnQxDDAKBgNVBAsT" + + "A0RvZDEQMA4GA1UECxMHVGVzdGluZzEVMBMGA1UEAxMMQ0EyLVBQLjA2LjAxMIGfMA0GCS" + + "qGSIb3DQEBAQUAA4GNADCBiQKBgQC2rptuREzhGfEJ3U8ILPBq+z0s+aafMvBRHpqkipDq" + + "bC7v9zpwg1K18F4MYiATpPAEfdEeprKs0mWfdusF93BoMBVm1y0zRgDRUNdyB5GFO8g8+2" + + "yNEO6L37c1PwrMLnvJakaqwbbnwlcMcKtLHoX19fyveQQg5DNj8WcKZj397wIDAQABo2Mw" + + "YTAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBBjAWBgNVHSAEDzANMAsGCWCGSA" + + "FlAwEwATARBgNVHQ4ECgQIJPt6qKdFeYEwEwYDVR0jBAwwCoAIhkYvGEbXvD8wDQYJKoZI" + + "hvcNAQEFBQADgYEAkFJGNze9/6YX7Rv8FR9obFGACIJ7Om4YQQRW9WM9pEDgKls7g9b9El" + + "dJxLKOlWoRoYZIrbEam19traE2O3dxqRevPoYvfAqkR089BkxH/cFYyfqw64IpjDG84dsY" + + "XieajI/Ov/HjgF0VQKF3+Y1ZiDjb2OHNgMkqs9VmUHaE+94="; + public const string Intermediate_Certificate_3_PP_06_01_crt = + "MIIClTCCAf6gAwIBAgIBYzANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1" + + "UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3Rpbmcx" + + "FTATBgNVBAMTDENBMi1QUC4wNi4wMTAeFw05ODAxMDExMjAxMDBaFw00ODAxMDExMjAxMD" + + "BaMF4xCzAJBgNVBAYTAlVTMRgwFgYDVQQKEw9VLlMuIEdvdmVybm1lbnQxDDAKBgNVBAsT" + + "A0RvZDEQMA4GA1UECxMHVGVzdGluZzEVMBMGA1UEAxMMQ0EzLVBQLjA2LjAxMIGfMA0GCS" + + "qGSIb3DQEBAQUAA4GNADCBiQKBgQCzxfyi52gw/5tt6/9aNAXdY3wZYH1GifzGoN4cg8Mt" + + "++5xmTdrc2A9/5biaTUVC0x/Ml6mm940NA9mM/EoEu4SdnP2crNCIFHWNlYz3cJtYJ68rE" + + "rEU+S0gnYaYRiwNGhVpAjV+FPDr0Ghgp5rYQ61evAhmRuNAFwYocUw80G6JQIDAQABo2Mw" + + "YTAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBBjAWBgNVHSAEDzANMAsGCWCGSA" + + "FlAwEwATARBgNVHQ4ECgQIZ9yMlboxCIEwEwYDVR0jBAwwCoAIJPt6qKdFeYEwDQYJKoZI" + + "hvcNAQEFBQADgYEATNnRMQmvTxRcSMUL4pa5bejuX2Ixy/OfZIAlJWt9AfLW2tHmdAaGpD" + + "GhTHKfyQQ+HrIMQ+lXau8Yu6nzWXAY8pKpKD1Hbd355VE4dYZ7aPvcAulZHeV0F2EFn09x" + + "qQ1frHDRoCOc11B5qV5hnwgDE/ByZh1+OWUcR4tBQKyEF4g="; + public const string Intermediate_Certificate_4_PP_06_01_crt = + "MIIClTCCAf6gAwIBAgIBZDANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1" + + "UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3Rpbmcx" + + "FTATBgNVBAMTDENBMy1QUC4wNi4wMTAeFw05ODAxMDExMjAxMDBaFw00ODAxMDExMjAxMD" + + "BaMF4xCzAJBgNVBAYTAlVTMRgwFgYDVQQKEw9VLlMuIEdvdmVybm1lbnQxDDAKBgNVBAsT" + + "A0RvZDEQMA4GA1UECxMHVGVzdGluZzEVMBMGA1UEAxMMQ0E0LVBQLjA2LjAxMIGfMA0GCS" + + "qGSIb3DQEBAQUAA4GNADCBiQKBgQDB66hLZx1WGcCqmOxHK/rotXOpccJQOB2L3kpWP1M2" + + "ZiWufUguLw45XShdqu31OgmGw0/w9ugwy96aRL+Tiluj4xjIAxJCav5cXF8Dt2Ex7hjIHm" + + "XV0rHbJUiduHEh3fQphgtzlR4QxG6i/i4SbcsoJzsws8x3qOqRPaWDtyWs0QIDAQABo2Mw" + + "YTAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBBjAWBgNVHSAEDzANMAsGCWCGSA" + + "FlAwEwATARBgNVHQ4ECgQIyZsLNvyyIZEwEwYDVR0jBAwwCoAIZ9yMlboxCIEwDQYJKoZI" + + "hvcNAQEFBQADgYEAc7G4BAUsQeqNp/Kv8TKJckfxWygz54PrkBICNw/eGuGamVJMRkYCP3" + + "yJ8NW4jY/rfxzKKyjVB09XuNBLDwYdR5Z5UHSg6Ijes3j8tehZ+9DwEQrR+WQf/adHIsxn" + + "/347MHrSQF7CJzE9tAu6AOu53lKxLeH6C/5YI611or2Ql1I="; + public const string Intermediate_CRL_1_PP_06_01_crl = + "MIIBSzCBtQIBATANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS" + + "5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNV" + + "BAMTDENBMS1QUC4wNi4wMRcNOTkwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMTAwWqAjMCEwCg" + + "YDVR0UBAMCAQEwEwYDVR0jBAwwCoAIhkYvGEbXvD8wDQYJKoZIhvcNAQEFBQADgYEAC7ev" + + "Pqe0veUX+zF51d/NiG6VwgEwOP1HlzD/saDn/FYXStTQDwoIyFjmZ9z0yLGIaVI1O9BWVD" + + "CTU3bCU1dBg61Blo3rI3TlNqmGrYRUSJ857QM9c/G+/+V0XJ/HgId39Pufd9Tob150XNMs" + + "9h0PvqjhYjG1bARMRa8JB4KTBU4="; + public const string Intermediate_CRL_2_PP_06_01_crl = + "MIIBSzCBtQIBATANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS" + + "5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNV" + + "BAMTDENBMi1QUC4wNi4wMRcNOTkwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMTAwWqAjMCEwCg" + + "YDVR0UBAMCAQEwEwYDVR0jBAwwCoAIJPt6qKdFeYEwDQYJKoZIhvcNAQEFBQADgYEAiUbi" + + "qQ3X/hTgjhpQGDZi/7EnZcqSgiAFMreV30/mav2NtXDITE9DqZzCS9x1vHBp4BBsQwYVvp" + + "XvLVSgns4pFwR+0Whc+tPo2j9ScePq3sICsqleWTN1DvuoP9rBe8w7pDN4guA59Kbeku75" + + "5CMA5YjiTUomK4UaqI3htwkBlWo="; + public const string Intermediate_CRL_3_PP_06_01_crl = + "MIIBSzCBtQIBATANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS" + + "5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNV" + + "BAMTDENBMy1QUC4wNi4wMRcNOTkwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMTAwWqAjMCEwCg" + + "YDVR0UBAMCAQEwEwYDVR0jBAwwCoAIZ9yMlboxCIEwDQYJKoZIhvcNAQEFBQADgYEANowv" + + "f/scWT6FFT393XEpWcTnA18hBT5Nkddw6mHjKBq7ndtBQkydMO8Wym1IeQ2qYbAqu3ifNZ" + + "SKF3PfgJjYPBKImzJdHTKfcclMC5H8Y9JDN0voeyONr9NiXcoj+p24YNYjb+PFI6avRYo7" + + "Xyrqvwnvng/IY9zLtc7SYYUIODk="; + public const string Intermediate_CRL_4_PP_06_01_crl = + "MIIBSzCBtQIBATANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS" + + "5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNV" + + "BAMTDENBNC1QUC4wNi4wMRcNOTkwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMTAwWqAjMCEwCg" + + "YDVR0UBAMCAQEwEwYDVR0jBAwwCoAIyZsLNvyyIZEwDQYJKoZIhvcNAQEFBQADgYEAsnA9" + + "ERwsi2mK540oPL45mLdOjGnet7+HhNk14q0hvALTYGB1vEjijc+Yvf6mHJGRbiG207BpJ1" + + "DWeWBY8TLe4YJXlSrWwx1jD46rCt7gdqXAdLpMo+i35yfQ19ZqeWcRLkspmczoUJLJaJza" + + "eLRrnjv62GLJ09KVKpZBGhV3SUM="; + public const string End_Certificate_PP_06_01_crt = + "MIICbjCCAdegAwIBAgIBZTANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1" + + "UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3Rpbmcx" + + "FTATBgNVBAMTDENBNC1QUC4wNi4wMTAeFw05ODAxMDExMjAxMDBaFw00ODAxMDExMjAxMD" + + "BaMGAxCzAJBgNVBAYTAlVTMRgwFgYDVQQKEw9VLlMuIEdvdmVybm1lbnQxDDAKBgNVBAsT" + + "A0RvRDEQMA4GA1UECxMHVGVzdGluZzEXMBUGA1UEAxMOVXNlcjEtUFAuMDYuMDEwgZ8wDQ" + + "YJKoZIhvcNAQEBBQADgY0AMIGJAoGBAKrLB7XA0PKY0qtSC5lMBvvIvbyjBM8XmANrN9Wx" + + "66QxEuloRAz0D5uAu7TnJBv6qNuIPGFl74yusKCSkjEkBMdVpBCfDvpG1/Tz3sALSlxmnz" + + "xbK2ytOncbYuYrzvXttx6wkhLrBLlnfuwpZwGZOr/Pt6WwQJWjXxgTNJ6dcgXbAgMBAAGj" + + "OjA4MA4GA1UdDwEB/wQEAwIF4DARBgNVHQ4ECgQIv0gg7LxDM+swEwYDVR0jBAwwCoAIyZ" + + "sLNvyyIZEwDQYJKoZIhvcNAQEFBQADgYEAgzlxBGGOBvHw20eOzSswMqrHopNMcvwuEO+Z" + + "Mr0h8U2/HIiRqKWQaxMyM8A0oULGJny3B/0WtkfVQ2EIibZGiKIjC1RPAB3QmL0vgSyUmF" + + "s/LZbzugpJW6jvfov7N4O+u0J5rYniRxa4bgrXa89TY9kwDMbr6/z4oiI8bq3gEsw="; + public readonly string[] TEST_43_DATA = new string[] + { + Intermediate_Certificate_1_PP_06_01_crt, + Intermediate_Certificate_2_PP_06_01_crt, + Intermediate_Certificate_3_PP_06_01_crt, + Intermediate_Certificate_4_PP_06_01_crt, + Intermediate_CRL_1_PP_06_01_crl, + Intermediate_CRL_2_PP_06_01_crl, + Intermediate_CRL_3_PP_06_01_crl, + Intermediate_CRL_4_PP_06_01_crl, + End_Certificate_PP_06_01_crt + }; + + /* + * test44 + * + */ + + public const string Intermediate_Certificate_1_PP_06_02_crt = + "MIICozCCAgygAwIBAgIBZjANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1" + + "UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb0QxEDAOBgNVBAsTB1Rlc3Rpbmcx" + + "FTATBgNVBAMTDFRydXN0IEFuY2hvcjAeFw05ODAxMDExMjAxMDBaFw00ODAxMDExMjAxMD" + + "BaMF4xCzAJBgNVBAYTAlVTMRgwFgYDVQQKEw9VLlMuIEdvdmVybm1lbnQxDDAKBgNVBAsT" + + "A0RvZDEQMA4GA1UECxMHVGVzdGluZzEVMBMGA1UEAxMMQ0ExLVBQLjA2LjAyMIGfMA0GCS" + + "qGSIb3DQEBAQUAA4GNADCBiQKBgQDjg5+XWZwW1gLAOldsRshbCXmUCmt1Vs+oZsvyH+6d" + + "2PwKs8ydrz+oD0/D8V7cRXucj7q7cJSLhEY1wJoTTgrWeRg1hQioAXzPW3ZkaZuzhpi+cC" + + "qeZzN5nPvqK18GWvpffNbUUVfOuaHzzHmhmhgQyZaNG7JHwpWM10UMzMawOwIDAQABo3Ew" + + "bzAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBBjAWBgNVHSAEDzANMAsGCWCGSA" + + "FlAwEwATAMBgNVHSQEBTADgAEFMBEGA1UdDgQKBAh5am+tkndt5zATBgNVHSMEDDAKgAir" + + "muv5wudUjzANBgkqhkiG9w0BAQUFAAOBgQAF0h1iaxxZUp43AjP5gSvbW6JfFRW/ugH9SU" + + "n3e1B29LMH3F/ML0joVhPx5CIVpX4nfaYzdeje9+E2/bHMBGSCFeHz9S/KoBLLiI0GNhzh" + + "I6MytvPMPRx7hkuROouQ69TnslJiGCcoo+MD0fA2YwO1bCtyLdeVHYhJZWQ2Sg8PHQ=="; + public const string Intermediate_Certificate_2_PP_06_02_crt = + "MIIClTCCAf6gAwIBAgIBZzANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1" + + "UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3Rpbmcx" + + "FTATBgNVBAMTDENBMS1QUC4wNi4wMjAeFw05ODAxMDExMjAxMDBaFw00ODAxMDExMjAxMD" + + "BaMF4xCzAJBgNVBAYTAlVTMRgwFgYDVQQKEw9VLlMuIEdvdmVybm1lbnQxDDAKBgNVBAsT" + + "A0RvZDEQMA4GA1UECxMHVGVzdGluZzEVMBMGA1UEAxMMQ0EyLVBQLjA2LjAyMIGfMA0GCS" + + "qGSIb3DQEBAQUAA4GNADCBiQKBgQDF4KSKxo8HvQ59E77LcuLpZ7ujNDjb30KB+EbIuRmy" + + "khXAkhq2Rp2Iqd3OhC0AXmhSF+enJq3h0dqyxNWP08SIuK5ia3OIeatl1UgEyukuAnrLuI" + + "A7PFUQAGZmDG4OuHv28zza4n/SwfCaKfi8qatIwpwF/29ycB8wYBrHThQD0wIDAQABo2Mw" + + "YTAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBBjAWBgNVHSAEDzANMAsGCWCGSA" + + "FlAwEwATARBgNVHQ4ECgQIKFZV4vjfOOQwEwYDVR0jBAwwCoAIeWpvrZJ3becwDQYJKoZI" + + "hvcNAQEFBQADgYEAuj8P5ga8Xv9eFjk4AdRMx/Fj/doRAOLZfs+OnrduRXPLe7CFKDxhFx" + + "xYOma8In08cgXVVnRR+2nZ54h5qjCYpskGNx+yZRY8+HW3XXE3KpS7QgTnc/1XshUy9VGm" + + "2qX0k661f2d3KnSKiKVKtM/y/j/nNyxPugDz1Yy50NtzQOE="; + public const string Intermediate_Certificate_3_PP_06_02_crt = + "MIIClTCCAf6gAwIBAgIBaDANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1" + + "UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3Rpbmcx" + + "FTATBgNVBAMTDENBMi1QUC4wNi4wMjAeFw05ODAxMDExMjAxMDBaFw00ODAxMDExMjAxMD" + + "BaMF4xCzAJBgNVBAYTAlVTMRgwFgYDVQQKEw9VLlMuIEdvdmVybm1lbnQxDDAKBgNVBAsT" + + "A0RvZDEQMA4GA1UECxMHVGVzdGluZzEVMBMGA1UEAxMMQ0EzLVBQLjA2LjAyMIGfMA0GCS" + + "qGSIb3DQEBAQUAA4GNADCBiQKBgQCitrzXkbO4hAQpBRQE880MFBPq84umX9pyKbV3iMqK" + + "Z7HBYwZOvEwGQxG+TX1PIj0Jz27oyvoqpLeMkbn9L3K0BuS0AZKlWIOGPPHWpYTDoQCCs9" + + "Mba1evVT/1CMxESsv2kgf49YHMs/6TtxQX0qj5TQzXrkM6CMBc5zyPBDWORQIDAQABo2Mw" + + "YTAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBBjAWBgNVHSAEDzANMAsGCWCGSA" + + "FlAwEwATARBgNVHQ4ECgQIxLES0WIVZQYwEwYDVR0jBAwwCoAIKFZV4vjfOOQwDQYJKoZI" + + "hvcNAQEFBQADgYEAdQeDAOFys//2xUFwBilhqr32/jh4gT/ijxRjG0msKTYXmWcCQv9Tms" + + "smtIMtiwwnByhjTdQAtOmEyDm/CFW0/NBnxlRvqZKt+PRtscpExVy7xnnm2MBITTa+9xkC" + + "A361jSDPnRPEOZoKdMRRzNnW4f59m0huibeFNRYJ7y8BnHs="; + public const string Intermediate_Certificate_4_PP_06_02_crt = + "MIIClTCCAf6gAwIBAgIBaTANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1" + + "UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3Rpbmcx" + + "FTATBgNVBAMTDENBMy1QUC4wNi4wMjAeFw05ODAxMDExMjAxMDBaFw00ODAxMDExMjAxMD" + + "BaMF4xCzAJBgNVBAYTAlVTMRgwFgYDVQQKEw9VLlMuIEdvdmVybm1lbnQxDDAKBgNVBAsT" + + "A0RvZDEQMA4GA1UECxMHVGVzdGluZzEVMBMGA1UEAxMMQ0E0LVBQLjA2LjAyMIGfMA0GCS" + + "qGSIb3DQEBAQUAA4GNADCBiQKBgQCg0yQG7oewLD2eFfPuj2DPBgT47iEri2IVeS/r5hUD" + + "nZhxzT2/+UsQfiS+ufdC2Xq+QAcXFcAifPbvRs9xo2q0uLz26mwSq1TH8ilHLKatKwJ/Yf" + + "hcRAfEWDwhLJGRhZ7YrKu8xczZgyxwaeu5m38lEaLIRyaVfVSrw8WhN4z4ewIDAQABo2Mw" + + "YTAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBBjAWBgNVHSAEDzANMAsGCWCGSA" + + "FlAwEwATARBgNVHQ4ECgQI/dKmuI1u6I0wEwYDVR0jBAwwCoAIxLES0WIVZQYwDQYJKoZI" + + "hvcNAQEFBQADgYEAOEcMpdSAVKUzQ1A7LJnWOh5Tul6yXw6qMsdZNGOZ3vYBXH3vHnSHvp" + + "MqJQ1JIX/4XSiKF8En5dVI/ooNabgyORpPnLGDvrshvO/09iaDlQXxWRsoGAFhcIe7Ibp+" + + "3g6hnBO5U+0pbInioKVYf/1VyZSUK1QQMutshMIye/8gyZw="; + public const string Intermediate_CRL_1_PP_06_02_crl = + "MIIBSzCBtQIBATANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS" + + "5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNV" + + "BAMTDENBMS1QUC4wNi4wMhcNOTkwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMTAwWqAjMCEwCg" + + "YDVR0UBAMCAQEwEwYDVR0jBAwwCoAIeWpvrZJ3becwDQYJKoZIhvcNAQEFBQADgYEAEJ28" + + "g5iyw3ZOqs5ly7O2X0YWtgKK3BnPztxygCUWO1xVy/QbMM5ybAU/UPbJC2pUnkOZMX+h30" + + "RYp/kV9w2o15V1hxj2M0tR8fQ0WXudwi20pZO56uHb+WSaETOmPVoNH5efeXsTvtbHQR5w" + + "95L2vNeEzJEy1l7S/sasUUoQvqY="; + public const string Intermediate_CRL_2_PP_06_02_crl = + "MIIBSzCBtQIBATANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS" + + "5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNV" + + "BAMTDENBMi1QUC4wNi4wMhcNOTkwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMTAwWqAjMCEwCg" + + "YDVR0UBAMCAQEwEwYDVR0jBAwwCoAIKFZV4vjfOOQwDQYJKoZIhvcNAQEFBQADgYEApLIK" + + "X/YJYhSfn7yLTAlKjnhpH1QDlFeaE6/+uj6j7ZgpK6HBjHOvfwbrjurl+L3ZTLrY1FCL4/" + + "SUgXrJxbAyMANlg4Z8u6o73F9cur2gi3sgv5d6FjJ8VwuKYWY2dwZNeXwlWE/W0h01Vd9H" + + "QVuctFxzQaJQdQBadw/XqzvLlyw="; + public const string Intermediate_CRL_3_PP_06_02_crl = + "MIIBSzCBtQIBATANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS" + + "5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNV" + + "BAMTDENBMy1QUC4wNi4wMhcNOTkwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMTAwWqAjMCEwCg" + + "YDVR0UBAMCAQEwEwYDVR0jBAwwCoAIxLES0WIVZQYwDQYJKoZIhvcNAQEFBQADgYEAE5J9" + + "wJKAb3veF4GhHeoIgy6JvMsrjv7d7dhT+ZIKq+wPNk1909X/Zo1GXxJSjMaMgkLlXa0QN6" + + "LtSJxbyMRCKSJfqTKOezFXirZ7MEQ04FT0z6Hp0m+E2Q7dGs52ZOV3YZBhQUlH+aQ8WNu2" + + "6clf4VqBiUYgGhkE95PhN5AAnOU="; + public const string Intermediate_CRL_4_PP_06_02_crl = + "MIIBSzCBtQIBATANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS" + + "5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNV" + + "BAMTDENBNC1QUC4wNi4wMhcNOTkwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMTAwWqAjMCEwCg" + + "YDVR0UBAMCAQEwEwYDVR0jBAwwCoAI/dKmuI1u6I0wDQYJKoZIhvcNAQEFBQADgYEAKgk1" + + "HJ7OW203z9H7jNGxoLCN9bGDKOFcWlWuruzXWOAn+AomjSZpqZkZU1qyKrFaKM320sfn8C" + + "ZJPnVWaVMLBLNddDRWUjJrUHtNdnnZEuYPYlRVb0MmwaxHHR0ZBUIaniqoLuvtQIB9N++T" + + "bu4cjx33mN6MX0oWr4Bbq7ovPnE="; + public const string End_Certificate_PP_06_02_crt = + "MIICbjCCAdegAwIBAgIBajANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1" + + "UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3Rpbmcx" + + "FTATBgNVBAMTDENBNC1QUC4wNi4wMjAeFw05ODAxMDExMjAxMDBaFw00ODAxMDExMjAxMD" + + "BaMGAxCzAJBgNVBAYTAlVTMRgwFgYDVQQKEw9VLlMuIEdvdmVybm1lbnQxDDAKBgNVBAsT" + + "A0RvRDEQMA4GA1UECxMHVGVzdGluZzEXMBUGA1UEAxMOVXNlcjEtUFAuMDYuMDIwgZ8wDQ" + + "YJKoZIhvcNAQEBBQADgY0AMIGJAoGBANAr4hFku3Y6jI+vD6JTRFc7ZLL9tIxT7Mq+QcDd" + + "rRHgSEXhPL3MM//3ZFXca3w4rXOUVQyANQncywNM3uwl7T9jC0MD2kJ9PsNGQL2bQcSajX" + + "jrxT403PVFsa6ZrLMU0hwomSO4nJBLCJj3i1rlX9esYbRNCqzep2OMWgAWRUsrAgMBAAGj" + + "OjA4MA4GA1UdDwEB/wQEAwIF4DARBgNVHQ4ECgQIMBvQP4Q8w2UwEwYDVR0jBAwwCoAI/d" + + "KmuI1u6I0wDQYJKoZIhvcNAQEFBQADgYEAnmNf+3jJp4mo4YDznASTMnrBBdXuskhnRXSQ" + + "Gj5dNq6PxEXM+CmBhaNlnFYcr7UCtcD8XwampfyO52tvAZW5kWQKsxyowVtsxtwkAtj6/f" + + "trIeulIM0B1xjyXJshmVST5u6gZ3OegsAyuqyAbo9B1IvkNFOldt624aEG43jq7ho="; + public readonly string[] TEST_44_DATA = new string[] + { + Intermediate_Certificate_1_PP_06_02_crt, + Intermediate_Certificate_2_PP_06_02_crt, + Intermediate_Certificate_3_PP_06_02_crt, + Intermediate_Certificate_4_PP_06_02_crt, + Intermediate_CRL_1_PP_06_02_crl, + Intermediate_CRL_2_PP_06_02_crl, + Intermediate_CRL_3_PP_06_02_crl, + Intermediate_CRL_4_PP_06_02_crl, + End_Certificate_PP_06_02_crt + }; + + /* + * test45 + * + */ + + public const string Intermediate_Certificate_1_PP_06_03_crt = + "MIICozCCAgygAwIBAgIBazANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1" + + "UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb0QxEDAOBgNVBAsTB1Rlc3Rpbmcx" + + "FTATBgNVBAMTDFRydXN0IEFuY2hvcjAeFw05ODAxMDExMjAxMDBaFw00ODAxMDExMjAxMD" + + "BaMF4xCzAJBgNVBAYTAlVTMRgwFgYDVQQKEw9VLlMuIEdvdmVybm1lbnQxDDAKBgNVBAsT" + + "A0RvZDEQMA4GA1UECxMHVGVzdGluZzEVMBMGA1UEAxMMQ0ExLVBQLjA2LjAzMIGfMA0GCS" + + "qGSIb3DQEBAQUAA4GNADCBiQKBgQCrUMqMxZ4sSrH6sKv2y6nYKagLvUHaforCnf4z/5O1" + + "PeldaW4ANtNPA8SkVBES/zoKgvrLJUmqRi4b+BGhCVqLU77PvWyiPOS40tpJfw7m9pPK53" + + "aeaLC9M6rarjdOvF8MkdtytCMU/Ef1NsuJULwEP+XB90k4lHr9EzbgKhXvoQIDAQABo3Ew" + + "bzAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBBjAWBgNVHSAEDzANMAsGCWCGSA" + + "FlAwEwATAMBgNVHSQEBTADgAEEMBEGA1UdDgQKBAhF0iXZmlIKsTATBgNVHSMEDDAKgAir" + + "muv5wudUjzANBgkqhkiG9w0BAQUFAAOBgQCmab7noekyx5TzxAqWoQiC9S/aZJtvLkuH1p" + + "KiZnclMpRvIL1CVOukkzLTZXY0EcCHnXuVGjw+9vmiQWGGw8t6TGCXo/CtCo934HGBxOfQ" + + "MVysEjst7L7TDQsqxk4j9O8cU/TFWsghW9Ihu7SVIn8RJmknKMB2xkIhcDe8S8dmxw=="; + public const string Intermediate_Certificate_2_PP_06_03_crt = + "MIIClTCCAf6gAwIBAgIBbDANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1" + + "UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3Rpbmcx" + + "FTATBgNVBAMTDENBMS1QUC4wNi4wMzAeFw05ODAxMDExMjAxMDBaFw00ODAxMDExMjAxMD" + + "BaMF4xCzAJBgNVBAYTAlVTMRgwFgYDVQQKEw9VLlMuIEdvdmVybm1lbnQxDDAKBgNVBAsT" + + "A0RvZDEQMA4GA1UECxMHVGVzdGluZzEVMBMGA1UEAxMMQ0EyLVBQLjA2LjAzMIGfMA0GCS" + + "qGSIb3DQEBAQUAA4GNADCBiQKBgQCmT7wL9WwWBr1oY9bHIq4IrJOkbOARK3zOeyZSbBBB" + + "zxcky5kjC9pamMpyZjga+q0CGd2rq9eUjQ2FXZsBSgf/X9B0/g9trNMebYgGnYmHHX2JK+" + + "doyAX+h3afDbZzZ696S0Hw7yRx00+teQe/Gx4h4qKPwbJIW5Bep9SBysikJQIDAQABo2Mw" + + "YTAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBBjAWBgNVHSAEDzANMAsGCWCGSA" + + "FlAwEwATARBgNVHQ4ECgQInXHgY/+onu4wEwYDVR0jBAwwCoAIRdIl2ZpSCrEwDQYJKoZI" + + "hvcNAQEFBQADgYEAhlboR5gzYWluWIaFM5R1Ko0/rprrv5BHONRiXjLfAPkzZmd7FLDE2j" + + "BlU7s7IenICeST4c7HG5zqBigK1814GG75nq5htCGUnM6pn8/gvc58+ckKeWgbJxC5I/0u" + + "olCCs8ORbWIEGWmghGg1USxeI1RQwXGgE8XwtabVibJOVBk="; + public const string Intermediate_Certificate_3_PP_06_03_crt = + "MIIClTCCAf6gAwIBAgIBbTANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1" + + "UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3Rpbmcx" + + "FTATBgNVBAMTDENBMi1QUC4wNi4wMzAeFw05ODAxMDExMjAxMDBaFw00ODAxMDExMjAxMD" + + "BaMF4xCzAJBgNVBAYTAlVTMRgwFgYDVQQKEw9VLlMuIEdvdmVybm1lbnQxDDAKBgNVBAsT" + + "A0RvZDEQMA4GA1UECxMHVGVzdGluZzEVMBMGA1UEAxMMQ0EzLVBQLjA2LjAzMIGfMA0GCS" + + "qGSIb3DQEBAQUAA4GNADCBiQKBgQDEouRlqTFQiJQSwc+yhjpvA0dUIbRrNwLF+EPfUWq0" + + "FV1UV0a5lb5BGPW4RGUEbFwsgGCHsfLiY7WmUpC1e6332PZPnrnoJbf28paeiZ8KqcAKZE" + + "pGPWKCmFBwBW23q1w/v/CxcXJoBx5OC1yxG3fGH7CZSzc+4Z/+PxLk9yoASwIDAQABo2Mw" + + "YTAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBBjAWBgNVHSAEDzANMAsGCWCGSA" + + "FlAwEwATARBgNVHQ4ECgQIc24GzUM6/LswEwYDVR0jBAwwCoAInXHgY/+onu4wDQYJKoZI" + + "hvcNAQEFBQADgYEANLxcLvJqjyu94HN+X6tTxGcN1s43kQh8yRGotW2ptuA2jmGlAhI8QQ" + + "sXHO0o0bFLBC/Uv0L0YlEJhK1w0ct7Awwn4UYgqupxug2f84yamcvFa1es3osIMJoi0GPz" + + "1WDBM711efRtbzvK6t/4fJ01nG2BlMeEbctVqrehuAip4p4="; + public const string Intermediate_Certificate_4_PP_06_03_crt = + "MIIClTCCAf6gAwIBAgIBbjANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1" + + "UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3Rpbmcx" + + "FTATBgNVBAMTDENBMy1QUC4wNi4wMzAeFw05ODAxMDExMjAxMDBaFw00ODAxMDExMjAxMD" + + "BaMF4xCzAJBgNVBAYTAlVTMRgwFgYDVQQKEw9VLlMuIEdvdmVybm1lbnQxDDAKBgNVBAsT" + + "A0RvZDEQMA4GA1UECxMHVGVzdGluZzEVMBMGA1UEAxMMQ0E0LVBQLjA2LjAzMIGfMA0GCS" + + "qGSIb3DQEBAQUAA4GNADCBiQKBgQDNuzSN3BiT84M3Dy6KeTQkMqWNuYGTENWPP8WvQ0Ot" + + "ggue/lemC+IqYBtIEYtk3A30eKKnF28WIbPlB3oSykrPVV5dMhYGF9ysOtp4wyETHtzdv0" + + "7HyqlMHOCPiFplbwjUSo0uEIRVgS3luBJi9onTpcn97/i0S7VsM2nooooaowIDAQABo2Mw" + + "YTAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBBjAWBgNVHSAEDzANMAsGCWCGSA" + + "FlAwEwATARBgNVHQ4ECgQIDjpr8w0dRq0wEwYDVR0jBAwwCoAIc24GzUM6/LswDQYJKoZI" + + "hvcNAQEFBQADgYEArE6qUMnjXiB5eKiAFc9Elw1dYsQArtnDQAfFGtShDulxYKq9+pxory" + + "4kTMUZZCJc7awEC11tdJp7xJGcpjCJl4I2wBcHiCcVcnwQijqM719PqoQKydXB9MSrXqmU" + + "2CyakSzBpb82VooVNx0IZ3h0nXQSE3V0qSXXCaImJcOIGMo="; + public const string Intermediate_CRL_1_PP_06_03_crl = + "MIIBSzCBtQIBATANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS" + + "5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNV" + + "BAMTDENBMS1QUC4wNi4wMxcNOTkwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMTAwWqAjMCEwCg" + + "YDVR0UBAMCAQEwEwYDVR0jBAwwCoAIRdIl2ZpSCrEwDQYJKoZIhvcNAQEFBQADgYEAQrHK" + + "VV2MJPJLNdPoEuqFXRTEclSmYhUWC5lthK0JnKUbCUj2cMAku2UdN5sRgVG0475dXV2nvn" + + "huxy+IQVt5OJ+PNZ9MYZlC2CfYsBiW9DEYMA603XhVvX/bxx80MwxNby18oyo/V9ycSyJw" + + "XzUmzYRUtohHk39r3eUSAt5H7zM="; + public const string Intermediate_CRL_2_PP_06_03_crl = + "MIIBSzCBtQIBATANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS" + + "5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNV" + + "BAMTDENBMi1QUC4wNi4wMxcNOTkwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMTAwWqAjMCEwCg" + + "YDVR0UBAMCAQEwEwYDVR0jBAwwCoAInXHgY/+onu4wDQYJKoZIhvcNAQEFBQADgYEADOEh" + + "jV8V8y17mFstkVwigOAKURbi7sD24RkLd1QG0Bn21JiwpkGY8Z4vetQps+VX586xKzz6v6" + + "Sj+TJk3jfHCiEAk6a7PLxRcVCCi6y70mzEBCwn6fS5NDfxzxYYLgq+dlUiVwqXsHksEvUz" + + "2Z5dpuLhbUGxHiqazNE9iq9pEEE="; + public const string Intermediate_CRL_3_PP_06_03_crl = + "MIIBSzCBtQIBATANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS" + + "5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNV" + + "BAMTDENBMy1QUC4wNi4wMxcNOTkwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMTAwWqAjMCEwCg" + + "YDVR0UBAMCAQEwEwYDVR0jBAwwCoAIc24GzUM6/LswDQYJKoZIhvcNAQEFBQADgYEAK/zi" + + "r7ASgtWA0xGQVrqhHsXH9bdaj+FceW6ivoXo3z6xCFLvzu2uenEu5g849+YI0KMomHsDAY" + + "tX8qO3XEaLGchbhIfywgRVDlSF8ytMKhJTS05R/vZSZAl+eoT3mC92Grihsd3wublyNZ7a" + + "d925Py/oFp3J+geUkKJQK+RVu4M="; + public const string Intermediate_CRL_4_PP_06_03_crl = + "MIIBSzCBtQIBATANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS" + + "5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNV" + + "BAMTDENBNC1QUC4wNi4wMxcNOTkwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMTAwWqAjMCEwCg" + + "YDVR0UBAMCAQEwEwYDVR0jBAwwCoAIDjpr8w0dRq0wDQYJKoZIhvcNAQEFBQADgYEAcBag" + + "81RFYMBAf8aRP5VXPcfu0OxgJvVE25ZHGLCkLD4TPKAXMjZMHWrf34+5FW7aigDO1YhGA+" + + "2zVtVj8k71DichiCCGXQvH50AqFgeNXNQwn9WcpQ8rRkfmyhlccfeM+MzHI1giRw/RjvCN" + + "0dfJL9g3c7peW+VCKn85REZ1ne4="; + public const string End_Certificate_PP_06_03_crt = + "MIICbjCCAdegAwIBAgIBbzANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1" + + "UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3Rpbmcx" + + "FTATBgNVBAMTDENBNC1QUC4wNi4wMzAeFw05ODAxMDExMjAxMDBaFw00ODAxMDExMjAxMD" + + "BaMGAxCzAJBgNVBAYTAlVTMRgwFgYDVQQKEw9VLlMuIEdvdmVybm1lbnQxDDAKBgNVBAsT" + + "A0RvRDEQMA4GA1UECxMHVGVzdGluZzEXMBUGA1UEAxMOVXNlcjEtUFAuMDYuMDMwgZ8wDQ" + + "YJKoZIhvcNAQEBBQADgY0AMIGJAoGBAKBSOacrUg5H5yuISkqmJuQcK2ao+Ib0FmIKCuek" + + "8mm2HEiux+K5/yIAYsQnz9eDKzKWaS73exPniKOXABHaL6dxsptbdBqWB6II2kIl0BFz9P" + + "82qjz6DMwpUhj5Pwfy5q0Bz8grTe31ZYP19y8AHgcWna+eiY4fNVXVkIEJOJ6tAgMBAAGj" + + "OjA4MA4GA1UdDwEB/wQEAwIF4DARBgNVHQ4ECgQIaZQ3Q55so58wEwYDVR0jBAwwCoAIDj" + + "pr8w0dRq0wDQYJKoZIhvcNAQEFBQADgYEAnNYKc2pSFZ9PtR4gQyVI3j+gQ97tcWu6Alxm" + + "4T48fSb2KtFGuozJyCv0aYjtuZ9ava9r4v04lyFPoAjWYbALHC9F+vz7JLNr4VstuMdy5O" + + "ax+PvJjKGACSXD7QjXJ48qvm+v8OnMbkzf8+rY3LoTJ2KhXo9Ey4+UmU/YuZ0PXuY="; + public readonly string[] TEST_45_DATA = new string[] + { + Intermediate_Certificate_1_PP_06_03_crt, + Intermediate_Certificate_2_PP_06_03_crt, + Intermediate_Certificate_3_PP_06_03_crt, + Intermediate_Certificate_4_PP_06_03_crt, + Intermediate_CRL_1_PP_06_03_crl, + Intermediate_CRL_2_PP_06_03_crl, + Intermediate_CRL_3_PP_06_03_crl, + Intermediate_CRL_4_PP_06_03_crl, + End_Certificate_PP_06_03_crt + }; + + /* + * test46 + * + */ + + public const string Intermediate_Certificate_1_PP_06_04_crt = + "MIICozCCAgygAwIBAgIBcDANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1" + + "UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb0QxEDAOBgNVBAsTB1Rlc3Rpbmcx" + + "FTATBgNVBAMTDFRydXN0IEFuY2hvcjAeFw05ODAxMDExMjAxMDBaFw00ODAxMDExMjAxMD" + + "BaMF4xCzAJBgNVBAYTAlVTMRgwFgYDVQQKEw9VLlMuIEdvdmVybm1lbnQxDDAKBgNVBAsT" + + "A0RvZDEQMA4GA1UECxMHVGVzdGluZzEVMBMGA1UEAxMMQ0ExLVBQLjA2LjA0MIGfMA0GCS" + + "qGSIb3DQEBAQUAA4GNADCBiQKBgQDFoR/YTJlGYenu2IRsTiT6jwIA7yOnFbM9JXcqYIP5" + + "jSgtn/wVztPHgVWP+582foXJ+oEcThQVZ+RBXYt6VU5o7eVCsGJjqMd0DbRzTO+poelVoY" + + "1UEJMrKG0xSEex0T6XLQ+jPU9o5tlXoLYsXvpvbIrCJ0o8kuk4MWTzenDKJwIDAQABo3Ew" + + "bzAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBBjAWBgNVHSAEDzANMAsGCWCGSA" + + "FlAwEwATAMBgNVHSQEBTADgAEAMBEGA1UdDgQKBAgVwXynYDSYEDATBgNVHSMEDDAKgAir" + + "muv5wudUjzANBgkqhkiG9w0BAQUFAAOBgQC6MnYM9cY3CNb7/KKZvoaSwF/Se5iZYnbdPn" + + "WCnKydnN1AhlDN3kEw0gjTmZo/MkvPqku2aPzg5EiZ0eyeJaR6a4aiICU9z/Hiet19mBF6" + + "BtAUdt0fJ7aL5WPAc4BKXUbONd6vkQNv8uLcBmsqZ4wXDj7ZVBMGKcuDq7uClb0xYw=="; + public const string Intermediate_Certificate_2_PP_06_04_crt = + "MIIClTCCAf6gAwIBAgIBcTANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1" + + "UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3Rpbmcx" + + "FTATBgNVBAMTDENBMS1QUC4wNi4wNDAeFw05ODAxMDExMjAxMDBaFw00ODAxMDExMjAxMD" + + "BaMF4xCzAJBgNVBAYTAlVTMRgwFgYDVQQKEw9VLlMuIEdvdmVybm1lbnQxDDAKBgNVBAsT" + + "A0RvZDEQMA4GA1UECxMHVGVzdGluZzEVMBMGA1UEAxMMQ0EyLVBQLjA2LjA0MIGfMA0GCS" + + "qGSIb3DQEBAQUAA4GNADCBiQKBgQDHqX/4IZpOCsHWgdJ6mICN94nXz/KqsXPNymadVdZA" + + "nVU0fHdMcxehAvsBKju5d791Psly1Xyyda8KQ0BKPgGed6jNKb89JzuEtPBov0VMzskqwR" + + "irjaDCwYKtibiDe+T/kEN9Sq5pbexHcaTbAIeQrAIoSUmGdQ/Up6PYplb0jwIDAQABo2Mw" + + "YTAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBBjAWBgNVHSAEDzANMAsGCWCGSA" + + "FlAwEwATARBgNVHQ4ECgQISKcQDqdBecUwEwYDVR0jBAwwCoAIFcF8p2A0mBAwDQYJKoZI" + + "hvcNAQEFBQADgYEAkAQaOoZYAZOCk881Ro+SIclAj2lp+arAkWPP/gwN4/0lpH62eWqlmY" + + "okWRBjk6+iwCgRxQ56uUjJhE08p5juZ5V32ie3RW+S1ZBPtL/T/+Tqp9HNQQ3GjW1yc/yI" + + "sWQxrd7QKzTER37HBiOr5WjEjn+dzuWlJtClcQetqMLtMgM="; + public const string Intermediate_Certificate_3_PP_06_04_crt = + "MIIClTCCAf6gAwIBAgIBcjANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1" + + "UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3Rpbmcx" + + "FTATBgNVBAMTDENBMi1QUC4wNi4wNDAeFw05ODAxMDExMjAxMDBaFw00ODAxMDExMjAxMD" + + "BaMF4xCzAJBgNVBAYTAlVTMRgwFgYDVQQKEw9VLlMuIEdvdmVybm1lbnQxDDAKBgNVBAsT" + + "A0RvZDEQMA4GA1UECxMHVGVzdGluZzEVMBMGA1UEAxMMQ0EzLVBQLjA2LjA0MIGfMA0GCS" + + "qGSIb3DQEBAQUAA4GNADCBiQKBgQC2tnVj8KHGCm8XBPvDYWZMp3yOKQxuORze6a764qIC" + + "hkdO7hQbgJ9YiuAF/y62W17FnbhKPX6ninaZG0N77bznKvivSC3+T1jIVhw+kpxRh9MRya" + + "L2p+zHJEyO/9JaKWzJZiVi4kebW+hwNgSZc7FSYsAbW7lr4ujDei/yn/AJEwIDAQABo2Mw" + + "YTAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBBjAWBgNVHSAEDzANMAsGCWCGSA" + + "FlAwEwATARBgNVHQ4ECgQIaAEiWf4JpfQwEwYDVR0jBAwwCoAISKcQDqdBecUwDQYJKoZI" + + "hvcNAQEFBQADgYEAHNsZDCWtOqt741IJNA9OwpymTA4ES1BRJquEvGj5+4RH2pxi67bYd1" + + "kWTPF1qFC2R1sugSNhbU0wOBMdKUJtKWNacPsK0HbD7CPqt4THOcMXFO36b/2gqHqy9rc/" + + "slWuIwbtT/tEC+Mk67GEATWNPifoPT7TjWHM3RhsDnagZXw="; + public const string Intermediate_Certificate_4_PP_06_04_crt = + "MIIClTCCAf6gAwIBAgIBczANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1" + + "UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3Rpbmcx" + + "FTATBgNVBAMTDENBMy1QUC4wNi4wNDAeFw05ODAxMDExMjAxMDBaFw00ODAxMDExMjAxMD" + + "BaMF4xCzAJBgNVBAYTAlVTMRgwFgYDVQQKEw9VLlMuIEdvdmVybm1lbnQxDDAKBgNVBAsT" + + "A0RvZDEQMA4GA1UECxMHVGVzdGluZzEVMBMGA1UEAxMMQ0E0LVBQLjA2LjA0MIGfMA0GCS" + + "qGSIb3DQEBAQUAA4GNADCBiQKBgQDgdk/smDJ5yZYJDH4SG7pIDCzGNZeLO9RI3ybOx4/B" + + "M3YQu3DDFSOv8kq6PgL8ThC8Dk6t1jSbT8QVzaGgx0KMV3p6pIMdaVNkOjVjUb+L0nXVfr" + + "XYpFLON6tZLgh8oIbiz4KznKmsxo6VdYwyUeHmkpGcL5y+8qLspCNdRJnDGwIDAQABo2Mw" + + "YTAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBBjAWBgNVHSAEDzANMAsGCWCGSA" + + "FlAwEwATARBgNVHQ4ECgQIgSY376EamQowEwYDVR0jBAwwCoAIaAEiWf4JpfQwDQYJKoZI" + + "hvcNAQEFBQADgYEAEztvmGSVnDGGeNlIoR+wfRM8ndJogvUxLBZm4N96mDZ9Y+Nr99Dqvw" + + "+mMI3BU0miA5kDO9aFrKIgow3cpruoedhnBUsxTfhrNaFEwp+ORUb3tWn7sSxLfnTim4Vq" + + "y6j/EfUK2CS4ZAy7J5BADWSqDezPnrb5UaY1JFKMuLyGRac="; + public const string Intermediate_CRL_1_PP_06_04_crl = + "MIIBSzCBtQIBATANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS" + + "5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNV" + + "BAMTDENBMS1QUC4wNi4wNBcNOTkwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMTAwWqAjMCEwCg" + + "YDVR0UBAMCAQEwEwYDVR0jBAwwCoAIFcF8p2A0mBAwDQYJKoZIhvcNAQEFBQADgYEAPlIW" + + "SxwW2LE8qxeD+M+HypNwai7j9XxUA2MhBbGVnsrhH+DKX5VeyP/nyZn2hBoGWhs05IpG2P" + + "S0odnyhbgGSXSj+IOfkZkVT0BmuEJmqv75R15LBzeyONks+eSEhoOIGAaIN4WgJ5mzjSrI" + + "ddDu3c4s6QO/OFVrNF1F6e4laSU="; + public const string Intermediate_CRL_2_PP_06_04_crl = + "MIIBSzCBtQIBATANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS" + + "5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNV" + + "BAMTDENBMi1QUC4wNi4wNBcNOTkwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMTAwWqAjMCEwCg" + + "YDVR0UBAMCAQEwEwYDVR0jBAwwCoAISKcQDqdBecUwDQYJKoZIhvcNAQEFBQADgYEAE5wt" + + "y3+jVnr8de/Yi0LV70v3JDHimwG2pQcuDRhR1NLPr4oC+2uxMqwxVzdHITDb3yI2ZT9pVh" + + "PV3UvX85avMdA0/JyaMWSKNpbSah1eNfMwMBY2vzh1Q7f5n+7HYYM+I2kz7HARPvwsLP9d" + + "j4mY7Kq7uiOFdnQzJ6LWjm8qEMs="; + public const string Intermediate_CRL_3_PP_06_04_crl = + "MIIBSzCBtQIBATANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS" + + "5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNV" + + "BAMTDENBMy1QUC4wNi4wNBcNOTkwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMTAwWqAjMCEwCg" + + "YDVR0UBAMCAQEwEwYDVR0jBAwwCoAIaAEiWf4JpfQwDQYJKoZIhvcNAQEFBQADgYEAOm2f" + + "m3IdcDnIS915tEZzDmIbTFPBkIn0wjUreZKb9uNxE2a8Jixq+UP2uiyYWiWmXnRdVB1Gsb" + + "ofc5f8ctNgSPVTSYB0U5apIauXjV0y7WMUrLNrDFa5m9lxLRhF9kvXVL8zPhVfMpujnXre" + + "A8WS4UjDMuveyQL6yASGoZvB+Ps="; + public const string Intermediate_CRL_4_PP_06_04_crl = + "MIIBSzCBtQIBATANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS" + + "5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNV" + + "BAMTDENBNC1QUC4wNi4wNBcNOTkwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMTAwWqAjMCEwCg" + + "YDVR0UBAMCAQEwEwYDVR0jBAwwCoAIgSY376EamQowDQYJKoZIhvcNAQEFBQADgYEAznK9" + + "ekskl4uWU+2Xqp3Pj14wvXuzfPAqFlHR0jl5By7T82JRiRa6LGX6T953vcwwJBsYG1hMqH" + + "pgbnUGB8APQ6YNXN+7ZkudaG6fMVX6bCr8zT+nVSj7PHIK2VFsC1Jpm5SoQMHH6DFit/oH" + + "tm4tdV8+nupMBQn1ZtxQHgUUF14="; + public const string End_Certificate_PP_06_04_crt = + "MIIChjCCAe+gAwIBAgIBdDANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1" + + "UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3Rpbmcx" + + "FTATBgNVBAMTDENBNC1QUC4wNi4wNDAeFw05ODAxMDExMjAxMDBaFw00ODAxMDExMjAxMD" + + "BaMGAxCzAJBgNVBAYTAlVTMRgwFgYDVQQKEw9VLlMuIEdvdmVybm1lbnQxDDAKBgNVBAsT" + + "A0RvRDEQMA4GA1UECxMHVGVzdGluZzEXMBUGA1UEAxMOVXNlcjEtUFAuMDYuMDQwgZ8wDQ" + + "YJKoZIhvcNAQEBBQADgY0AMIGJAoGBAOCVJmtrW8Z2WGGRNjEgyp2NJn1xaIVDwlxL4C0n" + + "UAPpo1WM/rarQTYejT2Yo8H39TdRfiAlggF0Qsce0W//atey8WewGsFlUem6a4OFwg1X2h" + + "CN/COL0eC4a6lwkdOKmqgxSyWNWeKxXRTM8+EYQIem78uY7A8XuzVUmOpzYWoLAgMBAAGj" + + "UjBQMA4GA1UdDwEB/wQEAwIF4DAWBgNVHSAEDzANMAsGCWCGSAFlAwEwATARBgNVHQ4ECg" + + "QION6UOZ2Eky4wEwYDVR0jBAwwCoAIgSY376EamQowDQYJKoZIhvcNAQEFBQADgYEAXota" + + "1N1UrMxj2a/vdII92Wi8uEetcHo9vmiJVYxwPFkp+qo1q93Ww8Qnfp7xzaZwLgVoUOAF8U" + + "TRUVnzqoSwmRrfyEMfrgej3eiBjcU+zS9mNlx9mUUSLmlY+xMeejyVDCntRn6YJWWLesVq" + + "eFOjyNux97/XnGT3T1w0J+wShu4="; + public readonly string[] TEST_46_DATA = new string[] + { + Intermediate_Certificate_1_PP_06_04_crt, + Intermediate_Certificate_2_PP_06_04_crt, + Intermediate_Certificate_3_PP_06_04_crt, + Intermediate_Certificate_4_PP_06_04_crt, + Intermediate_CRL_1_PP_06_04_crl, + Intermediate_CRL_2_PP_06_04_crl, + Intermediate_CRL_3_PP_06_04_crl, + Intermediate_CRL_4_PP_06_04_crl, + End_Certificate_PP_06_04_crt + }; + + /* + * test47 + * + */ + + public const string Intermediate_Certificate_1_PP_06_05_crt = + "MIICozCCAgygAwIBAgIBdTANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1" + + "UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb0QxEDAOBgNVBAsTB1Rlc3Rpbmcx" + + "FTATBgNVBAMTDFRydXN0IEFuY2hvcjAeFw05ODAxMDExMjAxMDBaFw00ODAxMDExMjAxMD" + + "BaMF4xCzAJBgNVBAYTAlVTMRgwFgYDVQQKEw9VLlMuIEdvdmVybm1lbnQxDDAKBgNVBAsT" + + "A0RvZDEQMA4GA1UECxMHVGVzdGluZzEVMBMGA1UEAxMMQ0ExLVBQLjA2LjA1MIGfMA0GCS" + + "qGSIb3DQEBAQUAA4GNADCBiQKBgQDMIUtQ/CgudxHAwAAn8jUsdAY8u7WDslOC4nNbWn5C" + + "tILgZ2hGIZhEnhzP+VCV8ke8zLo1DX0hCRYAgzk5XTGAimExHFv/yDdhpJWEnqMRljkCHx" + + "Hg3XE1439qutBdmWvGUlRF0hQrd9Q/Ubr+PjEzP3a0EUmXo7LYuQKMcFsC4wIDAQABo3Ew" + + "bzAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBBjAWBgNVHSAEDzANMAsGCWCGSA" + + "FlAwEwATAMBgNVHSQEBTADgAEHMBEGA1UdDgQKBAgha8GqGbO1nDATBgNVHSMEDDAKgAir" + + "muv5wudUjzANBgkqhkiG9w0BAQUFAAOBgQAEG5C3P1A/MYpNJ0qvi26v04GGUWDQWRW1q9" + + "1392XpAxDdv7kODf1FUMpfBpcUblagxrX7Npthv6/6W8poBTjvJuq5BfnnOMQrCwnsNfRy" + + "Y7b1mAZIvcOBhWe+bFVqRLUqZ+JseWkw0YgZIGtX41Znwl0VcFQKJ4lNkuaBgXXdGw=="; + public const string Intermediate_Certificate_2_PP_06_05_crt = + "MIICozCCAgygAwIBAgIBdjANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1" + + "UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3Rpbmcx" + + "FTATBgNVBAMTDENBMS1QUC4wNi4wNTAeFw05ODAxMDExMjAxMDBaFw00ODAxMDExMjAxMD" + + "BaMF4xCzAJBgNVBAYTAlVTMRgwFgYDVQQKEw9VLlMuIEdvdmVybm1lbnQxDDAKBgNVBAsT" + + "A0RvZDEQMA4GA1UECxMHVGVzdGluZzEVMBMGA1UEAxMMQ0EyLVBQLjA2LjA1MIGfMA0GCS" + + "qGSIb3DQEBAQUAA4GNADCBiQKBgQC36j0YkXZZSw3qQaxD0g2BfrKYperkGjVAfLwOtOxB" + + "0A3Ufx2ECl/MqNOvi/QWlTkKwnrqw0aEnD25iS1DFM4jMZBmdfJg80oa+y6TJoZcIb+3bv" + + "SK5o3ArCFWkhTHHggIIY3H9dQOgAeYQF57Vb0iu59GPfnYJO8y8ZpxGIYcjQIDAQABo3Ew" + + "bzAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBBjAWBgNVHSAEDzANMAsGCWCGSA" + + "FlAwEwATAMBgNVHSQEBTADgAECMBEGA1UdDgQKBAhUpoGZzfV7EjATBgNVHSMEDDAKgAgh" + + "a8GqGbO1nDANBgkqhkiG9w0BAQUFAAOBgQAjrFHzC1FLvssJTfV5YsGfw7Luj4EqLDQd6b" + + "MgtBSwPnXqMTUAZpDETyeYvcgM+L2tasB26MSy6IttSKsaJpHPCP+BIs0jji5xosuCX6Cs" + + "wI2gE/LjF85rjZnldrlDShw01DlcmWlWwudit/ieO71Xc8i0F4EhSaTUJX12po5Xkg=="; + public const string Intermediate_Certificate_3_PP_06_05_crt = + "MIICozCCAgygAwIBAgIBdzANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1" + + "UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3Rpbmcx" + + "FTATBgNVBAMTDENBMi1QUC4wNi4wNTAeFw05ODAxMDExMjAxMDBaFw00ODAxMDExMjAxMD" + + "BaMF4xCzAJBgNVBAYTAlVTMRgwFgYDVQQKEw9VLlMuIEdvdmVybm1lbnQxDDAKBgNVBAsT" + + "A0RvZDEQMA4GA1UECxMHVGVzdGluZzEVMBMGA1UEAxMMQ0EzLVBQLjA2LjA1MIGfMA0GCS" + + "qGSIb3DQEBAQUAA4GNADCBiQKBgQDFWhChPQNFYQpLBmVmXSGF2py1wcfhZgZurv0E5AgE" + + "BZwBo2bxSeC36lBQyR3OABGI4nQoEegSQWwuS2Pk3+emG2MZ8R5QINAkMlAKTp5Gj7KTlm" + + "3VVJRx7/VduoFx8sZPjkpvF1bSL+KOH4UZny1xqqTj4bJ+oGu58INeSNVa+wIDAQABo3Ew" + + "bzAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBBjAWBgNVHSAEDzANMAsGCWCGSA" + + "FlAwEwATAMBgNVHSQEBTADgAEEMBEGA1UdDgQKBAjN4PvsHY9+YzATBgNVHSMEDDAKgAhU" + + "poGZzfV7EjANBgkqhkiG9w0BAQUFAAOBgQA8KmWbAQOnM59zry9TNtLbA2P5y8R/sO771S" + + "yQYcu6undt9t7UEiOepDp/z3CGsITm9RdtXAobZ5ZqhW+3Ll+UnML1itiCytOPbfC7iiUO" + + "S5jviQnpgJncZD2Lp65yNAB7lMmMleFO15Bsk8VNmzMDMsFtzo508Bs6T33ZW69/vg=="; + public const string Intermediate_Certificate_4_PP_06_05_crt = + "MIIClTCCAf6gAwIBAgIBeDANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1" + + "UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3Rpbmcx" + + "FTATBgNVBAMTDENBMy1QUC4wNi4wNTAeFw05ODAxMDExMjAxMDBaFw00ODAxMDExMjAxMD" + + "BaMF4xCzAJBgNVBAYTAlVTMRgwFgYDVQQKEw9VLlMuIEdvdmVybm1lbnQxDDAKBgNVBAsT" + + "A0RvZDEQMA4GA1UECxMHVGVzdGluZzEVMBMGA1UEAxMMQ0E0LVBQLjA2LjA1MIGfMA0GCS" + + "qGSIb3DQEBAQUAA4GNADCBiQKBgQDxx57R4j64xdbjpTl7reLby/T2ym4rESC90aBkC2/E" + + "/YUSjsuGG9GiHEVgoGzoQGQNQV0v9ZMIvuoI6q7Fd6VZhIVGE0MGzTFNA9QEEDGPc10ZxC" + + "Gyh9mZYp77PMuhQ12Iv3aDW9KNTr09+HyhK7d3Se7toXLwjE5pKt+A4ZvBFQIDAQABo2Mw" + + "YTAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBBjAWBgNVHSAEDzANMAsGCWCGSA" + + "FlAwEwATARBgNVHQ4ECgQIwmq0fugIX0kwEwYDVR0jBAwwCoAIzeD77B2PfmMwDQYJKoZI" + + "hvcNAQEFBQADgYEAbAbRorTyh6zfAmdg0lfeZyCyW9k4NWfhUs46iSOl6lkZH8c1eoAF5/" + + "q0pOF+CtI3F9VMhfUXChEbVj7QENctU7kDiFe8300OWD5h1VUi+WTK4CG7B36/BjkrVOuG" + + "Os76P9l1WaC+/WRZdcqgFMfPjpn3R179dImBDwZiCMMbVqc="; + public const string Intermediate_CRL_1_PP_06_05_crl = + "MIIBSzCBtQIBATANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS" + + "5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNV" + + "BAMTDENBMS1QUC4wNi4wNRcNOTkwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMTAwWqAjMCEwCg" + + "YDVR0UBAMCAQEwEwYDVR0jBAwwCoAIIWvBqhmztZwwDQYJKoZIhvcNAQEFBQADgYEADX3u" + + "wxpN+p8N2HqmhFw8w9LCeoR3Xa/uaqgqh4i/VkDuAC4Bi7VbIO6rcxDO2uAdZgNhb/hnRq" + + "cvKLcy0vrovCa2EPHcFo7dJl7si2q09EeuHT4+lZt/Ek/VOkwHhvh2o6yEvKOGXCnF9hZr" + + "8YbOIknboEz+tRfxoJArRBwpJkE="; + public const string Intermediate_CRL_2_PP_06_05_crl = + "MIIBSzCBtQIBATANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS" + + "5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNV" + + "BAMTDENBMi1QUC4wNi4wNRcNOTkwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMTAwWqAjMCEwCg" + + "YDVR0UBAMCAQEwEwYDVR0jBAwwCoAIVKaBmc31exIwDQYJKoZIhvcNAQEFBQADgYEAQz7u" + + "dfU4yAHFLH5BgeZkYh0l2lZ95af+E/67MSCjQSF7RWWWTffbDMc4HmiRlZLvQdltyGCKmi" + + "kuzcPP8vyYOBQmoIKQ6c2LItBjXVavLdpe91yCOhCWXVVlnMFq5ztrvBEpfO0GVUOnPWfG" + + "1Ugit3SEd4DbhYFTBYHbbOKRWsU="; + public const string Intermediate_CRL_3_PP_06_05_crl = + "MIIBSzCBtQIBATANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS" + + "5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNV" + + "BAMTDENBMy1QUC4wNi4wNRcNOTkwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMTAwWqAjMCEwCg" + + "YDVR0UBAMCAQEwEwYDVR0jBAwwCoAIzeD77B2PfmMwDQYJKoZIhvcNAQEFBQADgYEAkiW6" + + "h9a8v+IITd+p0jxukj2FYfmED59ZXAlYhQdQAGlPE71rOXn6ZPURYoGf7qlmBwQffpksOb" + + "Byb+PX+CBTUNXzhgTzD7ifM9xOhCEKVKai9acQfvokU56OHwfq5AnkRykLZ7IdvdYCP57k" + + "ynrNNV35dsMZXg23/PpreumlOkE="; + public const string Intermediate_CRL_4_PP_06_05_crl = + "MIIBSzCBtQIBATANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS" + + "5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNV" + + "BAMTDENBNC1QUC4wNi4wNRcNOTkwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMTAwWqAjMCEwCg" + + "YDVR0UBAMCAQEwEwYDVR0jBAwwCoAIwmq0fugIX0kwDQYJKoZIhvcNAQEFBQADgYEAnTbS" + + "MBWyoPaslaLpAMmJ+D6kmmKAdRYurA0okU/QP+0W+YNPV4DducAQUDy8Cg3RkpRK2ze0ad" + + "l6TUW8g83hj9TXSBp+XZuVvzerMCjOeBqhskZN4Ly8101ZZmMmdYdSc3PEhqkme6iZzjwB" + + "ZooAN2dIYjuBj1c1/t5qH80CMAI="; + public const string End_Certificate_PP_06_05_crt = + "MIICbjCCAdegAwIBAgIBeTANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1" + + "UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3Rpbmcx" + + "FTATBgNVBAMTDENBNC1QUC4wNi4wNTAeFw05ODAxMDExMjAxMDBaFw00ODAxMDExMjAxMD" + + "BaMGAxCzAJBgNVBAYTAlVTMRgwFgYDVQQKEw9VLlMuIEdvdmVybm1lbnQxDDAKBgNVBAsT" + + "A0RvRDEQMA4GA1UECxMHVGVzdGluZzEXMBUGA1UEAxMOVXNlcjEtUFAuMDYuMDUwgZ8wDQ" + + "YJKoZIhvcNAQEBBQADgY0AMIGJAoGBALyVMklPv3uwTPzLG70sXIwKSEt65yiU71ibHyhH" + + "wJ/6dXy3HK2UETkRBK7UVSOYq005EbO9s/3oR3zt7QTFifvRTsIjl1L4TCLC2a8ApBr3BH" + + "xmBWcJDf427Pk1fm5qDdEmZnpyIlpKaKIiBcdtwZfjr0lROL8RNcvgtJPdu/ndAgMBAAGj" + + "OjA4MA4GA1UdDwEB/wQEAwIF4DARBgNVHQ4ECgQISjAUfyAwSA0wEwYDVR0jBAwwCoAIwm" + + "q0fugIX0kwDQYJKoZIhvcNAQEFBQADgYEAC6Af3cJUh/IQgWdbC2Vmk96sYjDlAsbA2keY" + + "J0bgBcNaIVoJ/W0B3rSawqSU+Vv64p7kcuAl6cbvIXPB++19V23jj6HUs1JxtPJZ9IWkS/" + + "FRakv6lD7+j1OdzJvDR8AMZWmPFHJdQnJwQ+I1YOU/O/ShawOnGCmihpIULUINFhk="; + public readonly string[] TEST_47_DATA = new string[] + { + Intermediate_Certificate_1_PP_06_05_crt, + Intermediate_Certificate_2_PP_06_05_crt, + Intermediate_Certificate_3_PP_06_05_crt, + Intermediate_Certificate_4_PP_06_05_crt, + Intermediate_CRL_1_PP_06_05_crl, + Intermediate_CRL_2_PP_06_05_crl, + Intermediate_CRL_3_PP_06_05_crl, + Intermediate_CRL_4_PP_06_05_crl, + End_Certificate_PP_06_05_crt + }; + + /* + * test48 + * + */ + + public const string Intermediate_Certificate_PP_08_01_crt = + "MIIClTCCAf6gAwIBAgIBejANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1" + + "UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb0QxEDAOBgNVBAsTB1Rlc3Rpbmcx" + + "FTATBgNVBAMTDFRydXN0IEFuY2hvcjAeFw05ODAxMDExMjAxMDBaFw00ODAxMDExMjAxMD" + + "BaMF4xCzAJBgNVBAYTAlVTMRgwFgYDVQQKEw9VLlMuIEdvdmVybm1lbnQxDDAKBgNVBAsT" + + "A0RvZDEQMA4GA1UECxMHVGVzdGluZzEVMBMGA1UEAxMMQ0ExLVBQLjA4LjAxMIGfMA0GCS" + + "qGSIb3DQEBAQUAA4GNADCBiQKBgQCp2vHVX08nyKe+S8NPkNJOZ9Xng22TbYXhUHtXw9yv" + + "ZmPkRhwDrZfBLXZcdZFixidkky3kCzv8Q3aPyPByM2ozH+AHJzEMbwifhyvUbANcS+Jts3" + + "lsZHarN7VyiXO+8J2OtYqX9qzmrAOHGleB2cJopEcmAMdrzgt1JIo98SUs4wIDAQABo2Mw" + + "YTAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBBjAWBgNVHSAEDzANMAsGCWCGSA" + + "FlAwEwATARBgNVHQ4ECgQIoRYqHNcbLacwEwYDVR0jBAwwCoAIq5rr+cLnVI8wDQYJKoZI" + + "hvcNAQEFBQADgYEAXchRFC94Pl25d3Kl4wBcueQLyWPRuH9zS0ZPLAqKLcWVdcg3fYMuJ5" + + "SypMMpxLaVjN7xq0KjML1gLiPQPk18iA2TOAUMblvjUl1uFzDdD6SqQidEZh2h3wxFtbLP" + + "U7qBBki7i1+Xn072Bpn2paw/vlh4K+ut0tFQ2BAhqVnQGJ8="; + public const string Intermediate_CRL_PP_08_01_crl = + "MIIBSzCBtQIBATANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS" + + "5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNV" + + "BAMTDENBMS1QUC4wOC4wMRcNOTkwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMTAwWqAjMCEwCg" + + "YDVR0UBAMCAQEwEwYDVR0jBAwwCoAIoRYqHNcbLacwDQYJKoZIhvcNAQEFBQADgYEARyX9" + + "2+LoXD2fIAACBMPDgds6m3Equ+Aawlr0kuppPO4ydCU4kiEgtVGK+kY5GzP6fUpAKjC8mh" + + "BrozojhAbkJekDoN0BIJ42Iab70VmdWXRQhPsUDhQwEt+9eSgy+HfiFfpcL1VJx8uY4XMh" + + "VB3hmapIe99P/T2QkZ+Pl8j0MgY="; + public const string End_Certificate_PP_08_01_crt = + "MIIChjCCAe+gAwIBAgIBezANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1" + + "UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3Rpbmcx" + + "FTATBgNVBAMTDENBMS1QUC4wOC4wMTAeFw05ODAxMDExMjAxMDBaFw00ODAxMDExMjAxMD" + + "BaMGAxCzAJBgNVBAYTAlVTMRgwFgYDVQQKEw9VLlMuIEdvdmVybm1lbnQxDDAKBgNVBAsT" + + "A0RvRDEQMA4GA1UECxMHVGVzdGluZzEXMBUGA1UEAxMOVXNlcjEtUFAuMDguMDEwgZ8wDQ" + + "YJKoZIhvcNAQEBBQADgY0AMIGJAoGBANYtrtpgxNl+9jF3TN1B9bSEGQci+cQOKpFsmrtF" + + "AyiGBxKONgGSgSFFuFIhyBKZF5ROaKX1P8lsQkrpnuybUi+Z9ADdyoaLUDD/z/kp5sebAZ" + + "ujmF8HVlqHYj5Ls2smS9EdSN1zgPTXIOTeZd/lv1iFppRZv6cBqlaoapQJsb1JAgMBAAGj" + + "UjBQMA4GA1UdDwEB/wQEAwIF4DAWBgNVHSAEDzANMAsGCWCGSAFlAwEwATARBgNVHQ4ECg" + + "QIZjcOdw0ZTCYwEwYDVR0jBAwwCoAIoRYqHNcbLacwDQYJKoZIhvcNAQEFBQADgYEAarsn" + + "13/g0vOKxy0okOp2JXEsPdsP7aWnCfR8N4+7gFD6dVnkgCIyc5Kbs7MbhB9gtIxYhHOV9W" + + "MaW9QAcBH+eXciFDfQBfaMBkL34ssE/TsZ92r/bhBwKRcH54f96G0QWUnoNMt4U/1j2mKn" + + "faFirltqEPUu9mv4FiQ0pNT9yH0="; + public readonly string[] TEST_48_DATA = new string[] + { + Intermediate_Certificate_PP_08_01_crt, + Intermediate_CRL_PP_08_01_crl, + End_Certificate_PP_08_01_crt + }; + + /* + * test49 + * + */ + + public const string Intermediate_Certificate_PP_08_02_crt = + "MIICojCCAgugAwIBAgIBfDANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1" + + "UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb0QxEDAOBgNVBAsTB1Rlc3Rpbmcx" + + "FTATBgNVBAMTDFRydXN0IEFuY2hvcjAeFw05ODAxMDExMjAxMDBaFw00ODAxMDExMjAxMD" + + "BaMF4xCzAJBgNVBAYTAlVTMRgwFgYDVQQKEw9VLlMuIEdvdmVybm1lbnQxDDAKBgNVBAsT" + + "A0RvZDEQMA4GA1UECxMHVGVzdGluZzEVMBMGA1UEAxMMQ0ExLVBQLjA4LjAyMIGfMA0GCS" + + "qGSIb3DQEBAQUAA4GNADCBiQKBgQCmAgNA68ABUEppM9Oo3guiGvguvtrWQzsQIJfMBrE4" + + "/Scwc4SPK4PiJD+kVwtXinXpVclBMQge10uZ48lSJTihfZscJw3RSHt70H4CpPQm44QS7P" + + "7fQqpcZKZvMWmY6A8jju3Phbuq2WgJCIxxVw886GNIAXW8C4ZFmXCjwiGGHwIDAQABo3Aw" + + "bjAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBBjAjBgNVHSAEHDAaMAsGCWCGSA" + + "FlAwEwATALBglghkgBZQMBMAIwEQYDVR0OBAoECOhZ4RAlqGGcMBMGA1UdIwQMMAqACKua" + + "6/nC51SPMA0GCSqGSIb3DQEBBQUAA4GBAGEVSOcNaUu50f6AgGBtz1MDdRiHe08W/nzCNn" + + "0K1/UqrIXVJ7IYgbOLkL3cdHy4PdngCyEblzl5Cwp9chh2zL0PTUbV1uJIBW32ks1HuAVQ" + + "FTZqx0iuopY5AqRCJVDJt4HB5PKObwnmLPNWicI4Juap13j/Tcnw1EP7E7n6OejC"; + public const string Intermediate_CRL_PP_08_02_crl = + "MIIBSzCBtQIBATANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS" + + "5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNV" + + "BAMTDENBMS1QUC4wOC4wMhcNOTkwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMTAwWqAjMCEwCg" + + "YDVR0UBAMCAQEwEwYDVR0jBAwwCoAI6FnhECWoYZwwDQYJKoZIhvcNAQEFBQADgYEACLHw" + + "iDARFoF4GauIHnoZlfj6nlOHAFfNSXq06Vvl713bsoAiOSV+2goZjRG62uxhampE+gCdXx" + + "1nwhKQ5R5jOGGOxgLtBFNZwKmD0KiDOSvfIVJ0kYCcaB4mSm0a/7pcCPrrE5ofvkmTW6Wx" + + "k/YIuBZdDoqZC91v4tnu0fSch9Q="; + public const string End_Certificate_PP_08_02_crt = + "MIICkzCCAfygAwIBAgIBfTANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1" + + "UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3Rpbmcx" + + "FTATBgNVBAMTDENBMS1QUC4wOC4wMjAeFw05ODAxMDExMjAxMDBaFw00ODAxMDExMjAxMD" + + "BaMGAxCzAJBgNVBAYTAlVTMRgwFgYDVQQKEw9VLlMuIEdvdmVybm1lbnQxDDAKBgNVBAsT" + + "A0RvRDEQMA4GA1UECxMHVGVzdGluZzEXMBUGA1UEAxMOVXNlcjEtUFAuMDguMDIwgZ8wDQ" + + "YJKoZIhvcNAQEBBQADgY0AMIGJAoGBAOJsz8ys71e8UB+VDTBAocVQvADiqh0LjdML3pET" + + "B6VvikiHgbB1PJufxDses+v0WD74ChZEa/octNcMFqMgBlhVBEfvbyGTjiN97LzdZ7SPyd" + + "DsDulqwBG9sACryUGHqwHYnUbjOqsThOXFB8Sg/CGGawpZAosm2AuH2gqNvNuJAgMBAAGj" + + "XzBdMA4GA1UdDwEB/wQEAwIF4DAjBgNVHSAEHDAaMAsGCWCGSAFlAwEwATALBglghkgBZQ" + + "MBMAIwEQYDVR0OBAoECOiMLE2l5u16MBMGA1UdIwQMMAqACOhZ4RAlqGGcMA0GCSqGSIb3" + + "DQEBBQUAA4GBAFf4BCbNtduwn5InkfdtFbQOqhPLAn/5eIhxhVhUu7TekWT7ktdaVQFzGF" + + "G2h1+gXgFP+YKjJy7kGzEVQjlWtuC0l74EwybNHnYAoDg4itKe+0OSNNXdyOmn+i0tE0nx" + + "sWN19VvhLGFC8p38gd0oDr1ziYdg0z2Mx4IlMDxl7QhT"; + public readonly string[] TEST_49_DATA = new string[] + { + Intermediate_Certificate_PP_08_02_crt, + Intermediate_CRL_PP_08_02_crl, + End_Certificate_PP_08_02_crt + }; + + /* + * test50 + * + */ + + public const string Intermediate_Certificate_PP_08_03_crt = + "MIICkDCCAfmgAwIBAgIBfjANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1" + + "UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb0QxEDAOBgNVBAsTB1Rlc3Rpbmcx" + + "FTATBgNVBAMTDFRydXN0IEFuY2hvcjAeFw05ODAxMDExMjAxMDBaFw00ODAxMDExMjAxMD" + + "BaMF4xCzAJBgNVBAYTAlVTMRgwFgYDVQQKEw9VLlMuIEdvdmVybm1lbnQxDDAKBgNVBAsT" + + "A0RvZDEQMA4GA1UECxMHVGVzdGluZzEVMBMGA1UEAxMMQ0ExLVBQLjA4LjAzMIGfMA0GCS" + + "qGSIb3DQEBAQUAA4GNADCBiQKBgQDKZDgBum5Ud5i8HWlCKInJ1x9goZ7TQJ+LdfA9iGU1" + + "47xJL5eFcERWy4dr5wM5GNRW/DHXlnA/qsRVE29EuRh6qAVgcPGAfmJxz7s5yhmErfmiQ3" + + "0rh6+pma/EhcjntXqwIqnk1qt6mEk7x9UKO3ksFCVsDEA67/dvownjcZB59wIDAQABo14w" + + "XDAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBBjARBgNVHSAECjAIMAYGBFUdIA" + + "AwEQYDVR0OBAoECGtTrZIwYYHbMBMGA1UdIwQMMAqACKua6/nC51SPMA0GCSqGSIb3DQEB" + + "BQUAA4GBAM3t13xJJraRiJDAwZFxhTNR570wMdSRiF3yWSRtOjEv8NTVFj/T1oJJ8h9Gqh" + + "hMpTTHU7uGCyVB9S1HCelmS+1zteKr0B+WVzBl9yuhvku3farz6zgIVK3v5hQ6xC4H4Lac" + + "NDhTTKBkRfDf9KskFoxJ/AGxPdZtIEC92DFSblQB"; + public const string Intermediate_CRL_PP_08_03_crl = + "MIIBSzCBtQIBATANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS" + + "5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNV" + + "BAMTDENBMS1QUC4wOC4wMxcNOTkwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMTAwWqAjMCEwCg" + + "YDVR0UBAMCAQEwEwYDVR0jBAwwCoAIa1OtkjBhgdswDQYJKoZIhvcNAQEFBQADgYEAcUHo" + + "D00X/pd3D5KGa5C6dY18RsnUovkjUkegGTpbhQfmYZIdBatj7Kv75FeUJ9UpqCUjxHgdiE" + + "EVy60NLVGP2VRuJ1m8vfDz8hu5PaiVjneQoRw2M9ieBnz3PjSETDdBGJLWHyCBZbp/W2+0" + + "iqcZK7Fm9O5EL4PUO6QIwuH76q0="; + public const string End_Certificate_PP_08_03_crt = + "MIICgTCCAeqgAwIBAgIBfzANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1" + + "UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3Rpbmcx" + + "FTATBgNVBAMTDENBMS1QUC4wOC4wMzAeFw05ODAxMDExMjAxMDBaFw00ODAxMDExMjAxMD" + + "BaMGAxCzAJBgNVBAYTAlVTMRgwFgYDVQQKEw9VLlMuIEdvdmVybm1lbnQxDDAKBgNVBAsT" + + "A0RvRDEQMA4GA1UECxMHVGVzdGluZzEXMBUGA1UEAxMOVXNlcjEtUFAuMDguMDMwgZ8wDQ" + + "YJKoZIhvcNAQEBBQADgY0AMIGJAoGBALsXEPrCg91CObTl5OrHIB5GshIDXgqBmjzxfWPK" + + "ih4STWeBe2eIFO9pONXcM5lstEu2XLBPP6QBMUMWOrphJejrJ3eDQHs404bBnt95O/x17i" + + "665CZtg1jUqoO1kOBOComx2AJGZ46RdBExbfd0tTtdHWtRhMsnQchI+WtEyotdAgMBAAGj" + + "TTBLMA4GA1UdDwEB/wQEAwIF4DARBgNVHSAECjAIMAYGBFUdIAAwEQYDVR0OBAoECEWZkJ" + + "TYQ3z5MBMGA1UdIwQMMAqACGtTrZIwYYHbMA0GCSqGSIb3DQEBBQUAA4GBAHki/TrpHiKW" + + "gvERhguQ/uOqHHZNXsog+fgGVFFMOWwJ9bq4aHKd1fDZpyZF4vBxW7llbhuSt+ob2TNlkR" + + "wkqzfGL+3xOTKNRgzDwJcil8akC1N5uBftrQk+eL7rM1PezWRM7fIbpmv5ZieIVswtTPF5" + + "1Rl3G+JXUBy9E95espls"; + public readonly string[] TEST_50_DATA = new string[] + { + Intermediate_Certificate_PP_08_03_crt, + Intermediate_CRL_PP_08_03_crl, + End_Certificate_PP_08_03_crt + }; + + /* + * test51 + * + */ + + public const string Intermediate_Certificate_PP_08_04_crt = + "MIICljCCAf+gAwIBAgICAIAwDQYJKoZIhvcNAQEFBQAwXjELMAkGA1UEBhMCVVMxGDAWBg" + + "NVBAoTD1UuUy4gR292ZXJubWVudDEMMAoGA1UECxMDRG9EMRAwDgYDVQQLEwdUZXN0aW5n" + + "MRUwEwYDVQQDEwxUcnVzdCBBbmNob3IwHhcNOTgwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMT" + + "AwWjBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQL" + + "EwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNVBAMTDENBMS1QUC4wOC4wNDCBnzANBg" + + "kqhkiG9w0BAQEFAAOBjQAwgYkCgYEAsrM3A06j1zDz6VuZh+O2UrAPcKtwSA6KxTShUpgr" + + "t9UB5iIAEvxcDTwDlubEv/cJjDcFj9N57otzW4ppnuT2ztE4ROmkNb0xL6u00deS1yGjXB" + + "wy1G9g8bYDdAXOJlv0tjHOBqXlyKoMny82BOBL2vsCstiqxl14Q3/wBD1w29MCAwEAAaNj" + + "MGEwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAQYwFgYDVR0gBA8wDTALBglghk" + + "gBZQMBMAMwEQYDVR0OBAoECJiAkexK6/c7MBMGA1UdIwQMMAqACKua6/nC51SPMA0GCSqG" + + "SIb3DQEBBQUAA4GBAL4xwcpXZQPTTPYIQ8CMoVla/5P1x6BPmPqSkvh1D/o4ds9Ll9kHBz" + + "//X1ZM8SzYcEO+1r75JUzoHsvDw9yYAk2oclLsCORAPqD8Owhv3jv0QQtYSmf0Sxt5FLx0" + + "MRP9keY/DURRf9KitO4glOawtRtYMq2BeeJk1xusY0KqEnQr"; + public const string Intermediate_CRL_PP_08_04_crl = + "MIIBSzCBtQIBATANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS" + + "5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNV" + + "BAMTDENBMS1QUC4wOC4wNBcNOTkwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMTAwWqAjMCEwCg" + + "YDVR0UBAMCAQEwEwYDVR0jBAwwCoAImICR7Err9zswDQYJKoZIhvcNAQEFBQADgYEAcN3a" + + "jIEcXsQatb0fvVcFnO7d7lzNtgbqL3MtaqJ/PjkRJ/rO7JAXQRwdajUZF4ECHylZKE2HUG" + + "Dk+vidV98T8mNmb0TEuuLV+J1G0q8ezMXRJtDt/2m3y1VBireXlEMd1DdgpsDdCQ4va+XJ" + + "qv0TvVhfxWry+LrVb6Bf5ItexXg="; + public const string End_Certificate_PP_08_04_crt = + "MIIChzCCAfCgAwIBAgICAIEwDQYJKoZIhvcNAQEFBQAwXjELMAkGA1UEBhMCVVMxGDAWBg" + + "NVBAoTD1UuUy4gR292ZXJubWVudDEMMAoGA1UECxMDRG9kMRAwDgYDVQQLEwdUZXN0aW5n" + + "MRUwEwYDVQQDEwxDQTEtUFAuMDguMDQwHhcNOTgwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMT" + + "AwWjBgMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQL" + + "EwNEb0QxEDAOBgNVBAsTB1Rlc3RpbmcxFzAVBgNVBAMTDlVzZXIxLVBQLjA4LjA0MIGfMA" + + "0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDPJWa/cB7WW7tkGxFhcwxqE+BycXe3Ru2qGbun" + + "NPQZ/j44UT2C6rl1wZwugCY0sR6mXR/P/NR7czZvg4Tt6lwcNtc8PeafFMUeu0u0Kg9uWn" + + "fzQQKeIgRVcEzGTGMPGWXS0ed6X/1+Dj8A+T/tqXKUtM3Jpe0pCmm9CIrYCXLPRQIDAQAB" + + "o1IwUDAOBgNVHQ8BAf8EBAMCBeAwFgYDVR0gBA8wDTALBglghkgBZQMBMAQwEQYDVR0OBA" + + "oECKm9IOyOM1h+MBMGA1UdIwQMMAqACJiAkexK6/c7MA0GCSqGSIb3DQEBBQUAA4GBAEXy" + + "dlTkkZaYK6sUJCiPeCPxfj5cdo/G4RGBImMJbTeDyVTvXSH9G2yWUMqBGnYLrwdJJeXjF3" + + "89miJgnJ+1r/r3r2/NeAUuJDsOHRMFh0KXFmgubyw/kGsZBe3279hDnND8ZjfQBmKQD17f" + + "PycWTTAC5p6GM8tGERiDSnMc5rmm"; + public readonly string[] TEST_51_DATA = new string[] + { + Intermediate_Certificate_PP_08_04_crt, + Intermediate_CRL_PP_08_04_crl, + End_Certificate_PP_08_04_crt + }; + + /* + * test52 + * + */ + + public const string Intermediate_Certificate_PP_08_05_crt = + "MIICljCCAf+gAwIBAgICAIIwDQYJKoZIhvcNAQEFBQAwXjELMAkGA1UEBhMCVVMxGDAWBg" + + "NVBAoTD1UuUy4gR292ZXJubWVudDEMMAoGA1UECxMDRG9EMRAwDgYDVQQLEwdUZXN0aW5n" + + "MRUwEwYDVQQDEwxUcnVzdCBBbmNob3IwHhcNOTgwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMT" + + "AwWjBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQL" + + "EwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNVBAMTDENBMS1QUC4wOC4wNTCBnzANBg" + + "kqhkiG9w0BAQEFAAOBjQAwgYkCgYEAwH2d+D0pH8y4QJAPpE0s2oWucV1jlE4pBMGNNPJ5" + + "FIRmyRCt90IpzmK/EuqT6iSZYd9hIB9wa180ByN67PK1z4loLFMUL2RmbWeAFlGy5eEFOy" + + "4d479qfy6JCOzt0TKhYzhukLUqGLa4DDTzvnnUx0o86aLvGq0K5s6DRlNyc08CAwEAAaNj" + + "MGEwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAQYwFgYDVR0gBA8wDTALBglghk" + + "gBZQMBMAMwEQYDVR0OBAoECDSeuxr4EVgaMBMGA1UdIwQMMAqACKua6/nC51SPMA0GCSqG" + + "SIb3DQEBBQUAA4GBAKoGi6qlODB8Lc86PtGXfBhW769jB8xzgmENE59sqNBEvYa/oK9Xxm" + + "1JX1OGEQMq/mqwZXg6hSczpexCIO4tUH8QKTU68yvqcZoZCDV8FLM8aEUPtUoPIpluhAtN" + + "scGfb3uXoV9fg7q1Pi5YlKMnNrDIq1tH1CAGKMDRrjW63Q8C"; + public const string Intermediate_CRL_PP_08_05_crl = + "MIIBSzCBtQIBATANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS" + + "5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNV" + + "BAMTDENBMS1QUC4wOC4wNRcNOTkwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMTAwWqAjMCEwCg" + + "YDVR0UBAMCAQEwEwYDVR0jBAwwCoAINJ67GvgRWBowDQYJKoZIhvcNAQEFBQADgYEAv5Hs" + + "nYPZO1fGC/Z2lIbbUKjIv0+BrR9HbG+b76wXeJTVxfXMlZe0cpOR/KD29DyxI3G4IedHRy" + + "zL8iCDWYbA86arJzl5GZJ1MC2A586vNn/6wiiT6nP3iMj2z/nyvan8L30KNBm9IDXQExOu" + + "PNE/wOWYBxxCjg551fpXfJKqDIo="; + public const string End_Certificate_PP_08_05_crt = + "MIIChzCCAfCgAwIBAgICAIMwDQYJKoZIhvcNAQEFBQAwXjELMAkGA1UEBhMCVVMxGDAWBg" + + "NVBAoTD1UuUy4gR292ZXJubWVudDEMMAoGA1UECxMDRG9kMRAwDgYDVQQLEwdUZXN0aW5n" + + "MRUwEwYDVQQDEwxDQTEtUFAuMDguMDUwHhcNOTgwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMT" + + "AwWjBgMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQL" + + "EwNEb0QxEDAOBgNVBAsTB1Rlc3RpbmcxFzAVBgNVBAMTDlVzZXIxLVBQLjA4LjA1MIGfMA" + + "0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC4BZFTwOqI+71v8CdiYbe7x0qYveN524h6+iLh" + + "oEqvzuVKVqvQgVSaSLPcMhoCGDv3nqyP57Znl/3I09vLU6F4HKLtjO9E0PZu8EXOKLjeWP" + + "XmJQkdHfODj/TrrWSsrdorl7s7gdWEUFlbiWvUVUtkqLNbGLJZ5Q1xZvBRLS7loQIDAQAB" + + "o1IwUDAOBgNVHQ8BAf8EBAMCBeAwFgYDVR0gBA8wDTALBglghkgBZQMBMAMwEQYDVR0OBA" + + "oECBDaTXbN11BBMBMGA1UdIwQMMAqACDSeuxr4EVgaMA0GCSqGSIb3DQEBBQUAA4GBAGVa" + + "QNtd4LgoVZQ+Uy1lSr6sog4fsGaoQJCZcvrMJwGpMF0FJsGtOb0R2mfwHi1YXqPF5qZY2I" + + "7cVbwVtRQzbXunk1z12k0iIesMtYUncxb/SBstC7VNS8HNZm9ese+YM6Ac8mGT+IUZsPcP" + + "gI9fQ1L/2u+/3L4fweca1R45xm5M"; + public readonly string[] TEST_52_DATA = new string[] + { + Intermediate_Certificate_PP_08_05_crt, + Intermediate_CRL_PP_08_05_crl, + End_Certificate_PP_08_05_crt + }; + + /* + * test53 + * + */ + + public const string Intermediate_Certificate_PP_08_06_crt = + "MIICsDCCAhmgAwIBAgICAIQwDQYJKoZIhvcNAQEFBQAwXjELMAkGA1UEBhMCVVMxGDAWBg" + + "NVBAoTD1UuUy4gR292ZXJubWVudDEMMAoGA1UECxMDRG9EMRAwDgYDVQQLEwdUZXN0aW5n" + + "MRUwEwYDVQQDEwxUcnVzdCBBbmNob3IwHhcNOTgwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMT" + + "AwWjBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQL" + + "EwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNVBAMTDENBMS1QUC4wOC4wNjCBnzANBg" + + "kqhkiG9w0BAQEFAAOBjQAwgYkCgYEAlSIH/+6DEL1P9tkgbsI2PcW0w9dmqMTLP3jKYPsr" + + "sSWI5bcv55sk6RItVr3hGgkaskZoHeamUBAiGPksVyrqmRwSCJzQDLnLdMnjjudvPjp1ZZ" + + "9UCufTtMPFvnEuVBx5e8A13AQ4OyHqaJgWRVoRJd6vwTa5jzfYCCMJZHHKpcUCAwEAAaN9" + + "MHswDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAQYwMAYDVR0gBCkwJzALBglghk" + + "gBZQMBMAEwCwYJYIZIAWUDATACMAsGCWCGSAFlAwEwAzARBgNVHQ4ECgQI8837JGF7vMAw" + + "EwYDVR0jBAwwCoAIq5rr+cLnVI8wDQYJKoZIhvcNAQEFBQADgYEAKmgbxzWI6V2twYDp65" + + "Gu8zn883CnI08s2FEVupvrKduxYmg+ZDkTBE3ZJFxcOuxJf58MRfDWy8C4jJhLnT3JSSSg" + + "sY3n93jzc0s2h5y2wd1bUTDLqhqWCshisDG/88rpv938O8luiUEwltolzKTa+ScA6nXSQt" + + "LT4I6O3vbTx2g="; + public const string Intermediate_CRL_PP_08_06_crl = + "MIIBSzCBtQIBATANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS" + + "5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNV" + + "BAMTDENBMS1QUC4wOC4wNhcNOTkwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMTAwWqAjMCEwCg" + + "YDVR0UBAMCAQEwEwYDVR0jBAwwCoAI8837JGF7vMAwDQYJKoZIhvcNAQEFBQADgYEAHua+" + + "lC3wP4G6796jjr6wuu7xEQqY1azsLVsGtL7YL8fm42rl7hgU40SuFIc7Kc+A7oEEkKgvmu" + + "SLMIv7q5O8J26fQOuduGWQAncPYB8w7sNWjCZbdjVbjp1XIApcAL3djCbLZ8/NYsCoOuwx" + + "hRQKX1hIn+rNDi1DMD4H99QdDGE="; + public const string End_Certificate_PP_08_06_crt = + "MIICoTCCAgqgAwIBAgICAIUwDQYJKoZIhvcNAQEFBQAwXjELMAkGA1UEBhMCVVMxGDAWBg" + + "NVBAoTD1UuUy4gR292ZXJubWVudDEMMAoGA1UECxMDRG9kMRAwDgYDVQQLEwdUZXN0aW5n" + + "MRUwEwYDVQQDEwxDQTEtUFAuMDguMDYwHhcNOTgwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMT" + + "AwWjBgMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQL" + + "EwNEb0QxEDAOBgNVBAsTB1Rlc3RpbmcxFzAVBgNVBAMTDlVzZXIxLVBQLjA4LjA2MIGfMA" + + "0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDnaYU/lu+u+LmLQwyACSsRyxQEEvgriE7ApmHj" + + "sNBcd3lovFQMfw9MyOOMsInOgQZU8p/invnhx11/pwi77ViQQ780unhHt5H/tteaYwcsDR" + + "cUxR/8jK0DBnbVWvm8S/NGb8BxfbRmDHBTWGZ70hDSCJypWRfHQj0I/SAqAW/VuwIDAQAB" + + "o2wwajAOBgNVHQ8BAf8EBAMCBeAwMAYDVR0gBCkwJzALBglghkgBZQMBMAEwCwYJYIZIAW" + + "UDATACMAsGCWCGSAFlAwEwAzARBgNVHQ4ECgQIhh/KikcKA7EwEwYDVR0jBAwwCoAI8837" + + "JGF7vMAwDQYJKoZIhvcNAQEFBQADgYEAbHK3lkqbGy61lu9d22uO2H3hzwvjmlccZo8pro" + + "ord45d2nRIxw2ag4dS1YRFrefVdxZtKeR9+5o+tQtvmTcDOer4u6NZ/sVVElTb1d6axtL0" + + "i4cmqv6bGWYECEwtwmPGqAavp9pPZjNRbkBGy9qhVNTXfDQYpA8yzXWO/xUrwNU="; + public readonly string[] TEST_53_DATA = new string[] + { + Intermediate_Certificate_PP_08_06_crt, + Intermediate_CRL_PP_08_06_crl, + End_Certificate_PP_08_06_crt + }; + + /* + * test54 + * + */ + + public const string Intermediate_Certificate_1_PL_01_01_crt = + "MIICmTCCAgKgAwIBAgICAIYwDQYJKoZIhvcNAQEFBQAwXjELMAkGA1UEBhMCVVMxGDAWBg" + + "NVBAoTD1UuUy4gR292ZXJubWVudDEMMAoGA1UECxMDRG9EMRAwDgYDVQQLEwdUZXN0aW5n" + + "MRUwEwYDVQQDEwxUcnVzdCBBbmNob3IwHhcNOTgwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMT" + + "AwWjBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQL" + + "EwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNVBAMTDENBMS1QTC4wMS4wMTCBnzANBg" + + "kqhkiG9w0BAQEFAAOBjQAwgYkCgYEAxDV2d7qXbpCvOzBimskBLsgexpEYaHv0s7gOaqhC" + + "4A3K8sxdjyW6QdGZhKX8tCMqnlPp9CNbpY4tQQ5oTSk5pj6HwAsTfGcDwXJnjKWx1FJ7rD" + + "meZZ8c2K7a8voBl6FoPGn8CMhO0WmM9Eyb/vDUPdCZzScb+z/BxTcV1BPFdq0CAwEAAaNm" + + "MGQwEgYDVR0TAQH/BAgwBgEB/wIBADAOBgNVHQ8BAf8EBAMCAQYwFgYDVR0gBA8wDTALBg" + + "lghkgBZQMBMAEwEQYDVR0OBAoECBpj0+Gcq32oMBMGA1UdIwQMMAqACKua6/nC51SPMA0G" + + "CSqGSIb3DQEBBQUAA4GBAB/9veHrkLeu8jkwXggJtwqPTmkrIBcX+pz85BTSETYeLOzF46" + + "onk+qt+IHptlrm3D7ny2Y5M0dQQ6tPzhGZxCEg9RoDibZGtsx+qeAh1ZjeEpEcQyp/idWY" + + "asH+EIuEIOZA9c1ySxI/3v3ZfzaSGS8jsgSDkLB4JumrE9ZkLNd1"; + public const string Intermediate_Certificate_2_PL_01_01_crt = + "MIICljCCAf+gAwIBAgICAIcwDQYJKoZIhvcNAQEFBQAwXjELMAkGA1UEBhMCVVMxGDAWBg" + + "NVBAoTD1UuUy4gR292ZXJubWVudDEMMAoGA1UECxMDRG9kMRAwDgYDVQQLEwdUZXN0aW5n" + + "MRUwEwYDVQQDEwxDQTEtUEwuMDEuMDEwHhcNOTgwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMT" + + "AwWjBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQL" + + "EwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNVBAMTDENBMi1QTC4wMS4wMTCBnzANBg" + + "kqhkiG9w0BAQEFAAOBjQAwgYkCgYEA3B3UKG3tEL6FQz6dL6iqSvzgGsm1Fg5uzK8npkEq" + + "g2caUM7huYFfXeur1mu6iKiROcGX8ZYxrPi9Orh39YVrSu2EUWvqQui4QScf4dIlzAOunv" + + "0gAa/lIVTHgZhIomKND6/tZLU251dJiFhoV6bXx2tor83vWFVPx2oVd5LL5S0CAwEAAaNj" + + "MGEwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAQYwFgYDVR0gBA8wDTALBglghk" + + "gBZQMBMAEwEQYDVR0OBAoECJmK3jFTIl6lMBMGA1UdIwQMMAqACBpj0+Gcq32oMA0GCSqG" + + "SIb3DQEBBQUAA4GBADkYLTg4RncTpAFmpUy7WGOMvoFV15nDoi91OMxhxVkbGSE0DJFxi3" + + "hPKcfUNvzy0bEUUTaqOXdbIkoLTG77NTckJxurSRyam0jA0+6SUYZ6F9fVotwMul2EiVl9" + + "XP5oCt7LkgqVgMASuwfzMnQozB6Oi/YP2OdSPXLipI6rl2dx"; + public const string Intermediate_CRL_1_PL_01_01_crl = + "MIIBSzCBtQIBATANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS" + + "5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNV" + + "BAMTDENBMS1QTC4wMS4wMRcNOTkwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMTAwWqAjMCEwCg" + + "YDVR0UBAMCAQEwEwYDVR0jBAwwCoAIGmPT4ZyrfagwDQYJKoZIhvcNAQEFBQADgYEAd8YZ" + + "8jibr8yjcGYSDicJuyUvHBZntTVQ1sP5XVmtCZcYcQCVjbC0auYTEP5snXbGPW5qeEaaXB" + + "MhekMr776hP4Kl3g4AjguFl3XQGcURlgNd8LsTpMMdNWC7XwooOF2FzFjD1ru0BSEWabzW" + + "NNaVeuMMbu2N0lc6NDJvRC8LkhA="; + public const string Intermediate_CRL_2_PL_01_01_crl = + "MIIBSzCBtQIBATANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS" + + "5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNV" + + "BAMTDENBMi1QTC4wMS4wMRcNOTkwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMTAwWqAjMCEwCg" + + "YDVR0UBAMCAQEwEwYDVR0jBAwwCoAImYreMVMiXqUwDQYJKoZIhvcNAQEFBQADgYEAZFec" + + "GtjOfp8pT0n1dMF/x9n8y5tM+G3LLnZvDJspLc/sqP3E3B/sHBiis81caEkQQAOTBU5goJ" + + "0KOFAUOfEq+IX5uvNhuPuinx0OsSak+2Annvi12zodMQKPNm1uMVt2bMHHHZVEVTqcv36g" + + "xgdbp0YKTmuvSy6s8NtGFpkNmnU="; + public const string End_Certificate_PL_01_01_crt = + "MIIChzCCAfCgAwIBAgICAIgwDQYJKoZIhvcNAQEFBQAwXjELMAkGA1UEBhMCVVMxGDAWBg" + + "NVBAoTD1UuUy4gR292ZXJubWVudDEMMAoGA1UECxMDRG9kMRAwDgYDVQQLEwdUZXN0aW5n" + + "MRUwEwYDVQQDEwxDQTItUEwuMDEuMDEwHhcNOTgwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMT" + + "AwWjBgMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQL" + + "EwNEb0QxEDAOBgNVBAsTB1Rlc3RpbmcxFzAVBgNVBAMTDlVzZXIxLVBMLjAxLjAxMIGfMA" + + "0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDCAUPp5j4V5XTA44Ra1EWkp9HgS4w3uXJ7/Vhi" + + "K5bARFrDOOxjV8nmr5hoUYr4jwdi2Rl+60TQK/F08gdcGxdyc9p/yiU5HyAP6i+4iqmvaW" + + "9b2egNyZ5tOmpl/Q9FSFWa9d/PYBKM5Sj/r73RtA+/chc4uq3uyLekSRQGh1MieQIDAQAB" + + "o1IwUDAOBgNVHQ8BAf8EBAMCBeAwFgYDVR0gBA8wDTALBglghkgBZQMBMAEwEQYDVR0OBA" + + "oECAiL3A4CkaFyMBMGA1UdIwQMMAqACJmK3jFTIl6lMA0GCSqGSIb3DQEBBQUAA4GBAJtH" + + "mNNvCt/0uFbHdvUvCuBeZ9cggfpTyUS4X8zgcLDPFbw6VvX65umOZpceZI6hwcre+LZahi" + + "gUEPvXppncEObkeVTcYdOTSDoxh5tZyee1P4sbD9H+suGWeewqUDvFs2ymHtxlkpOttitR" + + "xQc2U6VlCuZ4XU8SwucyhW0z51e4"; + public readonly string[] TEST_54_DATA = new string[] + { + Intermediate_Certificate_1_PL_01_01_crt, + Intermediate_Certificate_2_PL_01_01_crt, + Intermediate_CRL_1_PL_01_01_crl, + Intermediate_CRL_2_PL_01_01_crl, + End_Certificate_PL_01_01_crt + }; + + /* + * test55 + * + */ + + public const string Intermediate_Certificate_1_PL_01_02_crt = + "MIICmTCCAgKgAwIBAgICAIkwDQYJKoZIhvcNAQEFBQAwXjELMAkGA1UEBhMCVVMxGDAWBg" + + "NVBAoTD1UuUy4gR292ZXJubWVudDEMMAoGA1UECxMDRG9EMRAwDgYDVQQLEwdUZXN0aW5n" + + "MRUwEwYDVQQDEwxUcnVzdCBBbmNob3IwHhcNOTgwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMT" + + "AwWjBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQL" + + "EwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNVBAMTDENBMS1QTC4wMS4wMjCBnzANBg" + + "kqhkiG9w0BAQEFAAOBjQAwgYkCgYEA4QmGXEeVKCn1aQx27r+EBuQqfi8fP7gyV5JLkaSu" + + "DOUrqXg8dQxHsBNCf3XilGIvjNFZjVUPdS8FNqC+if9D164VyGQlv/JUor/GlvwVfyotUO" + + "U1PqSzFrAALYTmfm/ZqhMvGYloStSDxlzjDmyKadskzOxZZDNSe5s8dvUpYn0CAwEAAaNm" + + "MGQwEgYDVR0TAQH/BAgwBgEB/wIBADAOBgNVHQ8BAf8EBAMCAQYwFgYDVR0gBA8wDTALBg" + + "lghkgBZQMBMAEwEQYDVR0OBAoECGk7qDbbBgRbMBMGA1UdIwQMMAqACKua6/nC51SPMA0G" + + "CSqGSIb3DQEBBQUAA4GBAD+eI+jg4jmeC3pJRGEF/hbPPYvL6aocjqqbZyNKN5FWItccQo" + + "PWg/GK1GpusDZadesZBDo6fLIUJzL+OumrIYJLB3HxQsmyOXB1gRg1hcva71RWFJYzx01U" + + "eB8lCbk8Zu24HzLzqjfVuwKOFFELWDEq7bd6Re/aKSHtNnDbsgSE"; + public const string Intermediate_Certificate_2_PL_01_02_crt = + "MIICljCCAf+gAwIBAgICAIowDQYJKoZIhvcNAQEFBQAwXjELMAkGA1UEBhMCVVMxGDAWBg" + + "NVBAoTD1UuUy4gR292ZXJubWVudDEMMAoGA1UECxMDRG9kMRAwDgYDVQQLEwdUZXN0aW5n" + + "MRUwEwYDVQQDEwxDQTEtUEwuMDEuMDIwHhcNOTgwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMT" + + "AwWjBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQL" + + "EwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNVBAMTDENBMi1QTC4wMS4wMjCBnzANBg" + + "kqhkiG9w0BAQEFAAOBjQAwgYkCgYEAl/HiHoos7eHaDIFhMmvIPk63UT33Z+0iiCIuKLW7" + + "tgkT8ia1Yg++np1pC3oqYVeKkXqMcjgonPGQhcek12vLt3/+2PYyYirOTVZaiO9pKQ5An8" + + "ZMWXIJmCEAMHabPO1RnetvRv5JZFxZY9jIUnD2fUADzzUh/eHN6Pur0DDrI6sCAwEAAaNj" + + "MGEwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAQYwFgYDVR0gBA8wDTALBglghk" + + "gBZQMBMAEwEQYDVR0OBAoECPk0C10KQLZuMBMGA1UdIwQMMAqACGk7qDbbBgRbMA0GCSqG" + + "SIb3DQEBBQUAA4GBAMJ4+BZQxpxWhNbo8bpGkbbcKT3kfKYrHjHsZADC+/gAJSVL854b1W" + + "VKsGr1YcCX10V1Gcqb6Jgziy+AzRLhcJngszcz0A7LxrMH+FIyWEPgZnOyQCa8B/9bnsh9" + + "bC1gEmXGOVtWboIFOEdGghEbm/ENnQyj+HbIk3jhF3QYbXhw"; + public const string Intermediate_CRL_1_PL_01_02_crl = + "MIIBSzCBtQIBATANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS" + + "5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNV" + + "BAMTDENBMS1QTC4wMS4wMhcNOTkwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMTAwWqAjMCEwCg" + + "YDVR0UBAMCAQEwEwYDVR0jBAwwCoAIaTuoNtsGBFswDQYJKoZIhvcNAQEFBQADgYEAZEt+" + + "FjRuXgnOZg70geqS4hVsF1VWWawlAVGmjPsbRH7rADXPUE2bYL54wLdwt/6QYwHqy2KwCf" + + "d4OkWkwn9xwGS4j+XBCw9Y4nbWI+wrsZ9W7vgbeIaVUUUZu6hoin1GxrGDcfbM+bhYzQAA" + + "gNmKIWdlJ4tKD2KNgg0KmZPoj/k="; + public const string Intermediate_CRL_2_PL_01_02_crl = + "MIIBSzCBtQIBATANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS" + + "5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNV" + + "BAMTDENBMi1QTC4wMS4wMhcNOTkwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMTAwWqAjMCEwCg" + + "YDVR0UBAMCAQEwEwYDVR0jBAwwCoAI+TQLXQpAtm4wDQYJKoZIhvcNAQEFBQADgYEAXwZO" + + "wr9mrO6yUOoopNjcIcDssCUksYco1PFgWx9O/hGq9ktdoGoGcECGhdkHTLe2ab3WFl9jzW" + + "1/lkysD9Jl3VjbnbRB3dPQlrSfiv7cYBLnfKvyF/CxQg/wCtWo46GJJQgOx/WHzi9aF08m" + + "tQuJEtl7RgoByUSvLtmvKjQWEnc="; + public const string End_Certificate_PL_01_02_crt = + "MIICljCCAf+gAwIBAgICAIswDQYJKoZIhvcNAQEFBQAwXjELMAkGA1UEBhMCVVMxGDAWBg" + + "NVBAoTD1UuUy4gR292ZXJubWVudDEMMAoGA1UECxMDRG9kMRAwDgYDVQQLEwdUZXN0aW5n" + + "MRUwEwYDVQQDEwxDQTItUEwuMDEuMDIwHhcNOTgwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMT" + + "AwWjBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQL" + + "EwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNVBAMTDENBMy1QTC4wMS4wMjCBnzANBg" + + "kqhkiG9w0BAQEFAAOBjQAwgYkCgYEA0/rXOZwUebRaHcPPFeKTB2OWIzIAgavqb5HerPAe" + + "c3sJCdNOSLc0OX0dFblso97WR8uueF9I7QeGg3ayQjzDVqm5Tu77ZaCuyb6UU8+fY2eqwD" + + "5lCVuLfJr9U2JD5b2TcdvAD9RqfhefclVjDj9rObLjvzLg3AefO3drsfBtAIMCAwEAAaNj" + + "MGEwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAeYwFgYDVR0gBA8wDTALBglghk" + + "gBZQMBMAEwEQYDVR0OBAoECDBWCFTOp3evMBMGA1UdIwQMMAqACPk0C10KQLZuMA0GCSqG" + + "SIb3DQEBBQUAA4GBAI/JpU3gHo8Izsbjlx6bkQo/e/hD634N5lSMtVHIGnoVLu99dvroRu" + + "2DO8Fhnv6VZpMvYoAc5oEgUqx9hw3bfS/XN9GXaeMssjwN/qM6lzCsvMG7DA9sf59xjf4Y" + + "2+u4KTye4PdpmWaseDDJ1wAihTHEaofnQdaoUffxQgw5UcAf"; + public readonly string[] TEST_55_DATA = new string[] + { + Intermediate_Certificate_1_PL_01_02_crt, + Intermediate_Certificate_2_PL_01_02_crt, + Intermediate_CRL_1_PL_01_02_crl, + Intermediate_CRL_2_PL_01_02_crl, + End_Certificate_PL_01_02_crt + }; + + /* + * test56 + * + */ + + public const string Intermediate_Certificate_PL_01_03_crt = + "MIICmTCCAgKgAwIBAgICAIwwDQYJKoZIhvcNAQEFBQAwXjELMAkGA1UEBhMCVVMxGDAWBg" + + "NVBAoTD1UuUy4gR292ZXJubWVudDEMMAoGA1UECxMDRG9EMRAwDgYDVQQLEwdUZXN0aW5n" + + "MRUwEwYDVQQDEwxUcnVzdCBBbmNob3IwHhcNOTgwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMT" + + "AwWjBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQL" + + "EwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNVBAMTDENBMS1QTC4wMS4wMzCBnzANBg" + + "kqhkiG9w0BAQEFAAOBjQAwgYkCgYEA60y6V2WkNCB34dcGfu+Jo3YHQZXzgp76+HgnyFmP" + + "DLj9DjZHqifD3gW8Zk7L+yK4PfLDSHjbrXM9GY1ser6XwhaJQDPUBBYW5X3XTOmDWmV63J" + + "YeRF5r7cfF2h3eEZ460GRLK5tt0Zr8V+hA9oOvwqynrIhDYC/tCzE28ciqA+sCAwEAAaNm" + + "MGQwEgYDVR0TAQH/BAgwBgEB/wIBADAOBgNVHQ8BAf8EBAMCAQYwFgYDVR0gBA8wDTALBg" + + "lghkgBZQMBMAEwEQYDVR0OBAoECPE2FCetVerZMBMGA1UdIwQMMAqACKua6/nC51SPMA0G" + + "CSqGSIb3DQEBBQUAA4GBABUOUWwyfyrRIw7dRIVfLlWyp5R1I+Kmq5e8st0AEMVpPAmLoy" + + "0s+46Xf+THXZy5em1P3bSVTSUhTs+XD6tbFFUcTrX0mQJlshR7yD/A0siMDUNzzt9LJQvP" + + "dwNjQSA2keOrV9q/2CAGce4daL4Wz54jfh33YVqJ8sHT4E8CxQb7"; + public const string Intermediate_CRL_PL_01_03_crl = + "MIIBSzCBtQIBATANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS" + + "5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNV" + + "BAMTDENBMS1QTC4wMS4wMxcNOTkwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMTAwWqAjMCEwCg" + + "YDVR0UBAMCAQEwEwYDVR0jBAwwCoAI8TYUJ61V6tkwDQYJKoZIhvcNAQEFBQADgYEA6FnB" + + "LXWt4B/3oP0PXERYh7ZV39yu/tm9DHBQGcGDF8JIspU7F+mH/+37U/lT6BQxpKOpgOgGeP" + + "nTQeQzN9sRsXxFO22SkHbdPCao84qvv485epgzqFcVsCRBwBBLcnNLMg891q0EYsTW9vSw" + + "Dx7V4CawyYAYGz1MqYuY6SSs6Q0="; + public const string End_Certificate_PL_01_03_crt = + "MIIChzCCAfCgAwIBAgICAI0wDQYJKoZIhvcNAQEFBQAwXjELMAkGA1UEBhMCVVMxGDAWBg" + + "NVBAoTD1UuUy4gR292ZXJubWVudDEMMAoGA1UECxMDRG9kMRAwDgYDVQQLEwdUZXN0aW5n" + + "MRUwEwYDVQQDEwxDQTEtUEwuMDEuMDMwHhcNOTgwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMT" + + "AwWjBgMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQL" + + "EwNEb0QxEDAOBgNVBAsTB1Rlc3RpbmcxFzAVBgNVBAMTDlVzZXIxLVBMLjAxLjAzMIGfMA" + + "0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCwt6B9gpDz/x/vnowXf1MdkAPeaCWZ3pYikgxE" + + "ZLrMuulFaI1UDnAzgSuSvoHE80VKGKjSkrzIX9OFfeilW5rNZAXoZrjtkaJd1Q8l5AtjFn" + + "0tlLytDzIMYo5Tiq/n3IiTdbEzGYzEOCcSyVaQdB7K1WgYI/z/UAaWV/GbqCX1zQIDAQAB" + + "o1IwUDAOBgNVHQ8BAf8EBAMCBeAwFgYDVR0gBA8wDTALBglghkgBZQMBMAEwEQYDVR0OBA" + + "oECMQHLiufEm0IMBMGA1UdIwQMMAqACPE2FCetVerZMA0GCSqGSIb3DQEBBQUAA4GBAD5/" + + "vGn/rpoHvny/mfh6n2zVNNQLTEBiddfAdCWpeBFcwxS5lpxfm4dAWgHhprZTMirF9yS+wO" + + "wWQ4G9/wiqfAtoaNN1qkHMlUMOAPsOSff6ClgP+1uzKVqQa9NTd5HAeMdYfYjMa/fcF/37" + + "plCs5ZsJjb9lhEjNd/tq4/aALQmt"; + public readonly string[] TEST_56_DATA = new string[] + { + Intermediate_Certificate_PL_01_03_crt, + Intermediate_CRL_PL_01_03_crl, + End_Certificate_PL_01_03_crt + }; + + /* + * test57 + * + */ + + public const string Intermediate_Certificate_PL_01_04_crt = + "MIICmTCCAgKgAwIBAgICAI4wDQYJKoZIhvcNAQEFBQAwXjELMAkGA1UEBhMCVVMxGDAWBg" + + "NVBAoTD1UuUy4gR292ZXJubWVudDEMMAoGA1UECxMDRG9EMRAwDgYDVQQLEwdUZXN0aW5n" + + "MRUwEwYDVQQDEwxUcnVzdCBBbmNob3IwHhcNOTgwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMT" + + "AwWjBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQL" + + "EwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNVBAMTDENBMS1QTC4wMS4wNDCBnzANBg" + + "kqhkiG9w0BAQEFAAOBjQAwgYkCgYEA06yd2NQEAgpv0kQQEOzhHHU4YqHgtvJgkdLYxb2W" + + "Zordrm4b/43UDnLmsI0790V76y9Aa+Y8SIMBBRBJgnlppFJrFsPaOMO98M3/mXkQotVbY1" + + "59P/AjWMxpzP9h8Bs8KuoPqnl5jN0UZAF4kRoNXHzyS445VBp4DtWz/jcCPm8CAwEAAaNm" + + "MGQwEgYDVR0TAQH/BAgwBgEB/wIBADAOBgNVHQ8BAf8EBAMCAQYwFgYDVR0gBA8wDTALBg" + + "lghkgBZQMBMAEwEQYDVR0OBAoECHxLORDZ1KKNMBMGA1UdIwQMMAqACKua6/nC51SPMA0G" + + "CSqGSIb3DQEBBQUAA4GBACHmDOaoC0Hr2cmfuQvdyGDF7/RlvTUJ7cvGypCa724SwAZGZk" + + "Tf5GwxgjVcLHY5RlX2kDm9vjneDzP88U3587qA2ZRwxhheK0RGp1kudNQ5y2gAGKZ7YSc0" + + "SENMDxUAa6HUkn9Rfo4rf5ULuGNJZXQZ3DtP+lZSwzkUeCVjKhyQ"; + public const string Intermediate_CRL_PL_01_04_crl = + "MIIBSzCBtQIBATANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS" + + "5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNV" + + "BAMTDENBMS1QTC4wMS4wNBcNOTkwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMTAwWqAjMCEwCg" + + "YDVR0UBAMCAQEwEwYDVR0jBAwwCoAIfEs5ENnUoo0wDQYJKoZIhvcNAQEFBQADgYEAb8lX" + + "19SlVNRkc9SKNpRLZQom67djZfMSIPIDkBALfMepdevbquzgO7AufTuiDn5Zqe6J6odTv6" + + "RrQReo64XB4+Lx2pXOe8bZEbzZk0HvzLl9DjN7zxyNglNK+Hd2xS4yT4ps4fBdvXvWAXEx" + + "6DfvWHbGFDoH2auomCKJtCVXxCI="; + public const string End_Certificate_PL_01_04_crt = + "MIICljCCAf+gAwIBAgICAI8wDQYJKoZIhvcNAQEFBQAwXjELMAkGA1UEBhMCVVMxGDAWBg" + + "NVBAoTD1UuUy4gR292ZXJubWVudDEMMAoGA1UECxMDRG9kMRAwDgYDVQQLEwdUZXN0aW5n" + + "MRUwEwYDVQQDEwxDQTEtUEwuMDEuMDQwHhcNOTgwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMT" + + "AwWjBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQL" + + "EwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNVBAMTDENBMi1QTC4wMS4wNDCBnzANBg" + + "kqhkiG9w0BAQEFAAOBjQAwgYkCgYEA14bXc39XiWvb4r1jzbADzrpfbg2Y9sGBkefSQHsM" + + "QZ1SRLR7uexWD7MuDYh4ZYBL+WPhaJJr3a1jnAIp54h68m8mwS13DgrxBF2/hrVKEm9IRG" + + "s13hoM4Mjjogn/Lvc1xLvB5lctHjZrNRZjyrt+PqDDmqZqgCOmcD61PhrfAoECAwEAAaNj" + + "MGEwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAeYwFgYDVR0gBA8wDTALBglghk" + + "gBZQMBMAEwEQYDVR0OBAoECB9hXgJfzBvTMBMGA1UdIwQMMAqACHxLORDZ1KKNMA0GCSqG" + + "SIb3DQEBBQUAA4GBAB0HgiURRd/REVfc5DenIPhMu8riVcwVgTUwatsCWragUhXpCtvJmf" + + "z4vGo1rKYai2dltVX6am+NDvN5tROcM0bvC8lOCc/iPfI5eWTy9SJ2nxvs1+q809Rj0rno" + + "zS77TIE8rD7Q8ZUd3qNUiBwdjBoc9misgyN7zUulg4Ueebvv"; + public readonly string[] TEST_57_DATA = new string[] + { + Intermediate_Certificate_PL_01_04_crt, + Intermediate_CRL_PL_01_04_crl, + End_Certificate_PL_01_04_crt + }; + + /* + * test58 + * + */ + + public const string Intermediate_Certificate_1_PL_01_05_crt = + "MIICmTCCAgKgAwIBAgICAJAwDQYJKoZIhvcNAQEFBQAwXjELMAkGA1UEBhMCVVMxGDAWBg" + + "NVBAoTD1UuUy4gR292ZXJubWVudDEMMAoGA1UECxMDRG9EMRAwDgYDVQQLEwdUZXN0aW5n" + + "MRUwEwYDVQQDEwxUcnVzdCBBbmNob3IwHhcNOTgwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMT" + + "AwWjBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQL" + + "EwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNVBAMTDENBMS1QTC4wMS4wNTCBnzANBg" + + "kqhkiG9w0BAQEFAAOBjQAwgYkCgYEA/rVBEGZ4jibDhREeRGV3jPnv05esRL8/En1Bu35y" + + "QrAHi32+kBu42vwwDbeuiTZd/B90bn5srJZoW83rxXxNnpxqbnjN3GgIcRiUVyaVRTp9/U" + + "IT8B9h09b9yT8gpQ5qR0+JDcOHCfJwpogAsyJJa6AM5p/q3TeF39ugfVOWt/cCAwEAAaNm" + + "MGQwEgYDVR0TAQH/BAgwBgEB/wIBBjAOBgNVHQ8BAf8EBAMCAQYwFgYDVR0gBA8wDTALBg" + + "lghkgBZQMBMAEwEQYDVR0OBAoECJ7/mkuLuEIGMBMGA1UdIwQMMAqACKua6/nC51SPMA0G" + + "CSqGSIb3DQEBBQUAA4GBADC0A2KMMSSmGI9p85WG7XZVMBX/xdDYOHO0e3ORTRFS3kj9rK" + + "a0yUjc1X+p22AA8kUyOLpYIulfDjPrLKN2E/hWSf3+XWMiC7JfX01F+BBl/avEZoymaZB4" + + "dkH1Hym4IMJoSaEOgf5HFKBnFEA6aUcr+oDYGUP+Sc1dmJMjBW72"; + public const string Intermediate_Certificate_2_PL_01_05_crt = + "MIICmTCCAgKgAwIBAgICAJEwDQYJKoZIhvcNAQEFBQAwXjELMAkGA1UEBhMCVVMxGDAWBg" + + "NVBAoTD1UuUy4gR292ZXJubWVudDEMMAoGA1UECxMDRG9kMRAwDgYDVQQLEwdUZXN0aW5n" + + "MRUwEwYDVQQDEwxDQTEtUEwuMDEuMDUwHhcNOTgwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMT" + + "AwWjBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQL" + + "EwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNVBAMTDENBMi1QTC4wMS4wNTCBnzANBg" + + "kqhkiG9w0BAQEFAAOBjQAwgYkCgYEArir4GaS6r0Tv9PMbaOXYdPKADNpVbJe79G5t/F6x" + + "7Tz1rwUR+m10E+Jq9RsV+fU/nUzzjJXHbPLZnfodUVVmrXgzvQ8+B2N4jJtdNLG66j2PZG" + + "+P8GQzVK9drDh54VHXdvxAYCXs7GaIprWmCQsxZOKjhFU3YDiRRK8qJGpBG/cCAwEAAaNm" + + "MGQwEgYDVR0TAQH/BAgwBgEB/wIBADAOBgNVHQ8BAf8EBAMCAQYwFgYDVR0gBA8wDTALBg" + + "lghkgBZQMBMAEwEQYDVR0OBAoECMmrFr30fUzZMBMGA1UdIwQMMAqACJ7/mkuLuEIGMA0G" + + "CSqGSIb3DQEBBQUAA4GBAI4qJF6STCi+elUbpZIP7YmcaQsS0PE4G3+LJoMg1LT3rSeobK" + + "Aj/yUetmA7y0B5i0svKjRChLOpfClNPVPCx/+mc75+LG+dh1eVG/qk2UH/lrqLN0XLl8tA" + + "IwZeoPaegBQAIp9oEjhDN1fWtKIkOe6A6wYdH2VPvsqC8g02VcwD"; + public const string Intermediate_Certificate_3_PL_01_05_crt = + "MIICmTCCAgKgAwIBAgICAJIwDQYJKoZIhvcNAQEFBQAwXjELMAkGA1UEBhMCVVMxGDAWBg" + + "NVBAoTD1UuUy4gR292ZXJubWVudDEMMAoGA1UECxMDRG9kMRAwDgYDVQQLEwdUZXN0aW5n" + + "MRUwEwYDVQQDEwxDQTItUEwuMDEuMDUwHhcNOTgwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMT" + + "AwWjBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQL" + + "EwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNVBAMTDENBMy1QTC4wMS4wNTCBnzANBg" + + "kqhkiG9w0BAQEFAAOBjQAwgYkCgYEAtRC2/PDG3kx8LpzfWC0yJph5h3LXZJZW0W2voss1" + + "HYPP1/MBoQY067dfbALilVRh9asCNL4F45uu0lT24qS9vjW8SzBOLA18GsVYRmWO7EP+Cd" + + "9f3mgPIMJ5n+UjW+yhBwh0Z2pzVElkX9CxECrs1Mt2ulyuwWA1lR8nRMaTUeMCAwEAAaNm" + + "MGQwEgYDVR0TAQH/BAgwBgEB/wIBADAOBgNVHQ8BAf8EBAMCAQYwFgYDVR0gBA8wDTALBg" + + "lghkgBZQMBMAEwEQYDVR0OBAoECAlV3mzXYPyuMBMGA1UdIwQMMAqACMmrFr30fUzZMA0G" + + "CSqGSIb3DQEBBQUAA4GBAG28iHdlA+nTs/b9pi+m9eMy7niELjIWL9fMgn1r4iXQ0TsPYi" + + "tgpoip+BB4G/jz7MPx/N4nwyAPV+C9wN8cAHALf/ka2MxAORYFVFI+5PDgXzm78ILqj91f" + + "vOFN4jemizTES4/dHxfmdctnsTRpU9ALQgfJLhxEQISOPwuemKB0"; + public const string Intermediate_CRL_1_PL_01_05_crl = + "MIIBSzCBtQIBATANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS" + + "5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNV" + + "BAMTDENBMS1QTC4wMS4wNRcNOTkwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMTAwWqAjMCEwCg" + + "YDVR0UBAMCAQEwEwYDVR0jBAwwCoAInv+aS4u4QgYwDQYJKoZIhvcNAQEFBQADgYEA5i45" + + "gETFAw6l9Awex9IAVIqYTA1dnbDyrUYDRdzd0x6OxSPODvNfQCwqwlTJXrHidCPO8jRhMS" + + "Zcdn/MTlIeHa6OERFcjOiwOpeTgtchvpTdDchs5ve8Ik+myue+cfgpEVKOE+ZQ2T2tcyz/" + + "+DbeMptECfJ0lVfCKIY7ZOzBPaQ="; + public const string Intermediate_CRL_2_PL_01_05_crl = + "MIIBSzCBtQIBATANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS" + + "5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNV" + + "BAMTDENBMi1QTC4wMS4wNRcNOTkwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMTAwWqAjMCEwCg" + + "YDVR0UBAMCAQEwEwYDVR0jBAwwCoAIyasWvfR9TNkwDQYJKoZIhvcNAQEFBQADgYEAdsNe" + + "ugM8sd8bmIDkYXce2WmS5Zx6QUQ0yT6Ij4OR5/F4CG4Vl+k3JkNPuAiNSs2Z9HeML+F/W8" + + "3yEPe/mdLV4nLw4B/b1/8DmgZN4r1ojaWuHAg+KrA3Zz3Rc/hwQfvBy49mf4NGtY4ArbeB" + + "DYKz5sVlrwR+gOCR5jm4IC7WEDs="; + public const string Intermediate_CRL_3_PL_01_05_crl = + "MIIBSzCBtQIBATANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS" + + "5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNV" + + "BAMTDENBMy1QTC4wMS4wNRcNOTkwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMTAwWqAjMCEwCg" + + "YDVR0UBAMCAQEwEwYDVR0jBAwwCoAICVXebNdg/K4wDQYJKoZIhvcNAQEFBQADgYEAqYex" + + "FaIykZo17O2URpofe8x04L/VsfA9jV28zUgNFruAGld/kUh4rYvgwrdbNZ8NmEFDp9J9aL" + + "93af3bzoNvWCik2VrQLd5nccCFiC04B+LUH9Y2p+7vV2ojrtBks5SMW0q4HaNyPSQu8Fst" + + "4mYVf+QIYZC3iVAF4rsKnaxwzIU="; + public const string End_Certificate_PL_01_05_crt = + "MIIChzCCAfCgAwIBAgICAJMwDQYJKoZIhvcNAQEFBQAwXjELMAkGA1UEBhMCVVMxGDAWBg" + + "NVBAoTD1UuUy4gR292ZXJubWVudDEMMAoGA1UECxMDRG9kMRAwDgYDVQQLEwdUZXN0aW5n" + + "MRUwEwYDVQQDEwxDQTMtUEwuMDEuMDUwHhcNOTgwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMT" + + "AwWjBgMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQL" + + "EwNEb0QxEDAOBgNVBAsTB1Rlc3RpbmcxFzAVBgNVBAMTDlVzZXIxLVBMLjAxLjA1MIGfMA" + + "0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDCXJjzKGcLyONTyOa6sQHvIKZIAh0pWdteUiXf" + + "b7yjCn6Z52SCHxB9GZERHwR7fbJpoE3oDcYUY+8pH65bIVm1p3zr5deo4v85DEZQ50cU9a" + + "WEUAO/5X57P7pYb9/47abu0cdsLIWeE+O94HpZS8vz8mxRQKLj27gPY1KzzTbrZQIDAQAB" + + "o1IwUDAOBgNVHQ8BAf8EBAMCBeAwFgYDVR0gBA8wDTALBglghkgBZQMBMAEwEQYDVR0OBA" + + "oECG8ILlM9oqZwMBMGA1UdIwQMMAqACAlV3mzXYPyuMA0GCSqGSIb3DQEBBQUAA4GBAF6S" + + "x3aunfgnDmo42aPOzDh536WSkTTbX9bmUNyg3IQHl/3xhVqjS76bMqreYhx5nh4VNx/Z3N" + + "LD0W75XmASCk0wtW9S1MoxzJMFIozRruaE3oykrbyMMOt0Br5CV12ofUd0WybDkXfNAIze" + + "IRgps3nORHWjV1GwXe8uNoUn6/z7"; + public readonly string[] TEST_58_DATA = new string[] + { + Intermediate_Certificate_1_PL_01_05_crt, + Intermediate_Certificate_2_PL_01_05_crt, + Intermediate_Certificate_3_PL_01_05_crt, + Intermediate_CRL_1_PL_01_05_crl, + Intermediate_CRL_2_PL_01_05_crl, + Intermediate_CRL_3_PL_01_05_crl, + End_Certificate_PL_01_05_crt + }; + + /* + * test59 + * + */ + + public const string Intermediate_Certificate_1_PL_01_06_crt = + "MIICmTCCAgKgAwIBAgICAJQwDQYJKoZIhvcNAQEFBQAwXjELMAkGA1UEBhMCVVMxGDAWBg" + + "NVBAoTD1UuUy4gR292ZXJubWVudDEMMAoGA1UECxMDRG9EMRAwDgYDVQQLEwdUZXN0aW5n" + + "MRUwEwYDVQQDEwxUcnVzdCBBbmNob3IwHhcNOTgwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMT" + + "AwWjBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQL" + + "EwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNVBAMTDENBMS1QTC4wMS4wNjCBnzANBg" + + "kqhkiG9w0BAQEFAAOBjQAwgYkCgYEAweCAiEGMLycmodjrUMIWEEFshkvhX2r90wGl+/pU" + + "Ia9NSdT23zYzE4Uo8Is1ywyV+YfvgR22j/RXF6j8OK+XZ8jlgfjVTAhjCnTWY9LDR7qAyk" + + "8zuuITxJrYpiPoxqZs9BXLfGkDbye5VpVJXvQdbJNxgKO0hkBBDfe+T9+qw6ECAwEAAaNm" + + "MGQwEgYDVR0TAQH/BAgwBgEB/wIBBjAOBgNVHQ8BAf8EBAMCAQYwFgYDVR0gBA8wDTALBg" + + "lghkgBZQMBMAEwEQYDVR0OBAoECG1DiuoAwV6aMBMGA1UdIwQMMAqACKua6/nC51SPMA0G" + + "CSqGSIb3DQEBBQUAA4GBAMFvtFiMDMP6n3CrqQLSzhpK5Qu0uxa56ARXIKSIqi0OUZAu9v" + + "sCXxMvaG/R5bElwi7ybYZ5KUSN+PnDmlUxWWL5Ib5RZdXgj7L83oyLTQmbDMvka6rSWHgw" + + "Jq8qHVslhh+l+YNOb4fzs8x9ctCrs/BgjX8wkORpQbigU0BUJ9sX"; + public const string Intermediate_Certificate_2_PL_01_06_crt = + "MIICmTCCAgKgAwIBAgICAJUwDQYJKoZIhvcNAQEFBQAwXjELMAkGA1UEBhMCVVMxGDAWBg" + + "NVBAoTD1UuUy4gR292ZXJubWVudDEMMAoGA1UECxMDRG9kMRAwDgYDVQQLEwdUZXN0aW5n" + + "MRUwEwYDVQQDEwxDQTEtUEwuMDEuMDYwHhcNOTgwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMT" + + "AwWjBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQL" + + "EwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNVBAMTDENBMi1QTC4wMS4wNjCBnzANBg" + + "kqhkiG9w0BAQEFAAOBjQAwgYkCgYEAwf6Nf0+r7JvE6BO4MbDbS1T1SCzn78haBAmqGZLS" + + "Ac4xQTydvmzr9PwiWlU0xjFfKItqRMt7rfzTTPfvvnwxsAfQNPtxKzi30yCNq/VotMA7j5" + + "iQYaVe2OWVHu13agbXLEZ0pL/ZkmQ3Gvo6UhF4dRmCnjFbd5cMTxQVHUrwgyECAwEAAaNm" + + "MGQwEgYDVR0TAQH/BAgwBgEB/wIBADAOBgNVHQ8BAf8EBAMCAQYwFgYDVR0gBA8wDTALBg" + + "lghkgBZQMBMAEwEQYDVR0OBAoECE3tS4AYmwZDMBMGA1UdIwQMMAqACG1DiuoAwV6aMA0G" + + "CSqGSIb3DQEBBQUAA4GBADcBTKbhx8PCunjRVJkcLBCcVGHs9HfkChDafwBO51fe5uhHE2" + + "QBpW3J8ZsevuFQiEZvuy2RVFktE6ZoKD8wxwBFhs+OIxe2mergQPy6jHuxoSUiPzr3CVXZ" + + "UsNxe7j3IcJLqbJ15UqGFH5yph7Sa4Ym6x747miF6W9knNkjcx3K"; + public const string Intermediate_Certificate_3_PL_01_06_crt = + "MIICmTCCAgKgAwIBAgICAJYwDQYJKoZIhvcNAQEFBQAwXjELMAkGA1UEBhMCVVMxGDAWBg" + + "NVBAoTD1UuUy4gR292ZXJubWVudDEMMAoGA1UECxMDRG9kMRAwDgYDVQQLEwdUZXN0aW5n" + + "MRUwEwYDVQQDEwxDQTItUEwuMDEuMDYwHhcNOTgwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMT" + + "AwWjBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQL" + + "EwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNVBAMTDENBMy1QTC4wMS4wNjCBnzANBg" + + "kqhkiG9w0BAQEFAAOBjQAwgYkCgYEAwq2YlDLHX4KktKnzLCYjnk079IDgXENrkRBuZHTB" + + "IQyZoiBH4ZWHreZKs3LvznP8uSd8eEL8keNw4PwZ6aT1LF/Jr/UlrFQNnpLzQVXwGGAuzh" + + "tFJYRlOfI5cCZYAcpjnyUV4GW+MuwBdoqDycMjmqIv/8A8vupjahffcmBAassCAwEAAaNm" + + "MGQwEgYDVR0TAQH/BAgwBgEB/wIBADAOBgNVHQ8BAf8EBAMCAQYwFgYDVR0gBA8wDTALBg" + + "lghkgBZQMBMAEwEQYDVR0OBAoECB+qYFJjEkJ5MBMGA1UdIwQMMAqACE3tS4AYmwZDMA0G" + + "CSqGSIb3DQEBBQUAA4GBADiXredACtRQTV2TKgu5SDdPlczj7cZZUARJiJKiRfjmxHCc1q" + + "m/Oh7sHkqRvlHqjoX8qp4iSchoZWdOAE5O/q4Ef6rViejDFVyN2ZmlhP6KIiRxznrvYfF1" + + "n08K7CHgHWvDaumm4pNmWeF03nuasHrY0W9h1uk5poVuzaWDpx3A"; + public const string Intermediate_CRL_1_PL_01_06_crl = + "MIIBSzCBtQIBATANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS" + + "5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNV" + + "BAMTDENBMS1QTC4wMS4wNhcNOTkwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMTAwWqAjMCEwCg" + + "YDVR0UBAMCAQEwEwYDVR0jBAwwCoAIbUOK6gDBXpowDQYJKoZIhvcNAQEFBQADgYEAiHM1" + + "xFuYt6tDscqzwj0mLHPHULnR44/vNyPUg0KnV03Dd4XbFHz0FtwDKgVTBZ8x7ybp83ubJH" + + "tE/p8nPW5kN25WQOlYkZoAcMpEXjTzlo9evU0W3nyzJjmlT8YEI7vnmWFz/ahzy6WFwPue" + + "h862EKh2zVO4hoqZYEuDQI33fOc="; + public const string Intermediate_CRL_2_PL_01_06_crl = + "MIIBSzCBtQIBATANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS" + + "5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNV" + + "BAMTDENBMi1QTC4wMS4wNhcNOTkwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMTAwWqAjMCEwCg" + + "YDVR0UBAMCAQEwEwYDVR0jBAwwCoAITe1LgBibBkMwDQYJKoZIhvcNAQEFBQADgYEAuDSF" + + "W1KOc4x41HGvdRaw/NtipD2y6zSh3mtRoo7Q6J2BvJvunymZNEziozBOiUgT8zMgbdbm4a" + + "PEwlHRaoJP8+yxJIlKaHa9Hc7Yz4SOwSrLicf7EnBSct3Mze0b48UYqbn1q+lf/zKaUGrP" + + "M6oqtE8Fam06T+WUfutU53zTtSs="; + public const string Intermediate_CRL_3_PL_01_06_crl = + "MIIBSzCBtQIBATANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS" + + "5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNV" + + "BAMTDENBMy1QTC4wMS4wNhcNOTkwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMTAwWqAjMCEwCg" + + "YDVR0UBAMCAQEwEwYDVR0jBAwwCoAIH6pgUmMSQnkwDQYJKoZIhvcNAQEFBQADgYEAcPfO" + + "+Rj2KmO1CxjuKLEiOUAIq5YmR4U06IcCBGMxlrdHVXHM3vepBKUlMDaT4UGcleABMPX9Iz" + + "/31ofyXlZ/fQJOoTZt0CI7SOPQE5ZkUsR3BDuUqf1+sWwBYyBHkrC95JhJkM4LfGS5K19p" + + "fp0j0bguzNCXSBRTfjSZhy80tcs="; + public const string End_Certificate_PL_01_06_crt = + "MIICljCCAf+gAwIBAgICAJcwDQYJKoZIhvcNAQEFBQAwXjELMAkGA1UEBhMCVVMxGDAWBg" + + "NVBAoTD1UuUy4gR292ZXJubWVudDEMMAoGA1UECxMDRG9kMRAwDgYDVQQLEwdUZXN0aW5n" + + "MRUwEwYDVQQDEwxDQTMtUEwuMDEuMDYwHhcNOTgwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMT" + + "AwWjBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQL" + + "EwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNVBAMTDENBNC1QTC4wMS4wNjCBnzANBg" + + "kqhkiG9w0BAQEFAAOBjQAwgYkCgYEA3asAqJcjXngEuyM/W3+TAE+Qr4JtNUdwBtmrpGlo" + + "fAvJdmXHARyiN/Zn6Si8bGI8Wz8J4Y+Ll7zLdaMU4MCZo6hwZiaQwkh9a+ZecCpLpjs4mz" + + "MSf5zHSwTYiXKMazlmnGEITVyKLmAiLSyGeeJvOJVqVo/NZXRGVlmnPxZFfgsCAwEAAaNj" + + "MGEwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAeYwFgYDVR0gBA8wDTALBglghk" + + "gBZQMBMAEwEQYDVR0OBAoECLZuS770NcDsMBMGA1UdIwQMMAqACB+qYFJjEkJ5MA0GCSqG" + + "SIb3DQEBBQUAA4GBAGM18aR2i8vSywsWhcLrRN1Xckl/HiBPNphobfKoER4NG29cFjUPQX" + + "zukjQcJl2clAXNCVtcsKCoYRP3YUyAB6At+yskuuJXtES7FIzM3rt/UpDS5ktVC3gh+jgE" + + "pPhMILYIXFzYY1hifkpagfO+mkcr7RqHU3tHAr6LCWjqrB9g"; + public readonly string[] TEST_59_DATA = new string[] + { + Intermediate_Certificate_1_PL_01_06_crt, + Intermediate_Certificate_2_PL_01_06_crt, + Intermediate_Certificate_3_PL_01_06_crt, + Intermediate_CRL_1_PL_01_06_crl, + Intermediate_CRL_2_PL_01_06_crl, + Intermediate_CRL_3_PL_01_06_crl, + End_Certificate_PL_01_06_crt + }; + + /* + * test60 + * + */ + + public const string Intermediate_Certificate_1_PL_01_07_crt = + "MIICmTCCAgKgAwIBAgICAJgwDQYJKoZIhvcNAQEFBQAwXjELMAkGA1UEBhMCVVMxGDAWBg" + + "NVBAoTD1UuUy4gR292ZXJubWVudDEMMAoGA1UECxMDRG9EMRAwDgYDVQQLEwdUZXN0aW5n" + + "MRUwEwYDVQQDEwxUcnVzdCBBbmNob3IwHhcNOTgwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMT" + + "AwWjBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQL" + + "EwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNVBAMTDENBMS1QTC4wMS4wNzCBnzANBg" + + "kqhkiG9w0BAQEFAAOBjQAwgYkCgYEA5HkS45NLuqq9ZwF79+pTGtQnGWO7DFdetYeQTbeD" + + "sisjZMsK0sCCR5xAKYQsJSS4v/8LQUdxlQR30LMV0SQUKFMJyFsMiSsO8subb6sVINWn8A" + + "tL4zcQK0WiASUZOEkybAFJtP31PahzI5wfD1cikE1M4BlDij5WeaIjt/RTHKUCAwEAAaNm" + + "MGQwEgYDVR0TAQH/BAgwBgEB/wIBBjAOBgNVHQ8BAf8EBAMCAQYwFgYDVR0gBA8wDTALBg" + + "lghkgBZQMBMAEwEQYDVR0OBAoECLSUEn5d8YywMBMGA1UdIwQMMAqACKua6/nC51SPMA0G" + + "CSqGSIb3DQEBBQUAA4GBANLO+kEiswkGzEh4ZcF5LtfnPZlnG4gTPSNugeWJc+Xedqmttp" + + "jZ35fr1hiRe2Q1UcyTd4ThkPknawwZednbsZVPqw8u1mo7kuAeL9KrCk199vL4bV8Ag/kj" + + "HJ8TAy40UDB6hMm7l4j8mEKwV03THVrz1Vvz59CQXj+iseH6yUNO"; + public const string Intermediate_Certificate_2_PL_01_07_crt = + "MIICmTCCAgKgAwIBAgICAJkwDQYJKoZIhvcNAQEFBQAwXjELMAkGA1UEBhMCVVMxGDAWBg" + + "NVBAoTD1UuUy4gR292ZXJubWVudDEMMAoGA1UECxMDRG9kMRAwDgYDVQQLEwdUZXN0aW5n" + + "MRUwEwYDVQQDEwxDQTEtUEwuMDEuMDcwHhcNOTgwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMT" + + "AwWjBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQL" + + "EwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNVBAMTDENBMi1QTC4wMS4wNzCBnzANBg" + + "kqhkiG9w0BAQEFAAOBjQAwgYkCgYEAu78gmT5HwmBHEe+K8fLLgGaPpcv13ZjrgL4twTBS" + + "OkZn5LL9GcfkPuA5WIAZkVYfCWSDPqcAGoOWUIDADfBfdcyLteUH+xI01rHKiLDVexMvU9" + + "vqCmcBKhxK3S6wraW5YhOO0bx4oPrZXVIjyG8fh4e5WTEykzvUWJ8ZbzSJ9JsCAwEAAaNm" + + "MGQwEgYDVR0TAQH/BAgwBgEB/wIBATAOBgNVHQ8BAf8EBAMCAQYwFgYDVR0gBA8wDTALBg" + + "lghkgBZQMBMAEwEQYDVR0OBAoECCT+fDEaN7GaMBMGA1UdIwQMMAqACLSUEn5d8YywMA0G" + + "CSqGSIb3DQEBBQUAA4GBANpKr98PiXAdcXlbgSgif0213H+tg3WwUNKZTw8MpqPyrN2/DZ" + + "HBi6e2KWXLTxttV9AZBRvcKwsveS6oc31eulMe8nHxRNRfadvF6dL3Tsig6HAQkartcJMI" + + "yfW4V3EhXbCdziQkre7XcR9WK5bpQoX04HWeew6YTxjG/cL9MIJR"; + public const string Intermediate_Certificate_3_PL_01_07_crt = + "MIICmTCCAgKgAwIBAgICAJowDQYJKoZIhvcNAQEFBQAwXjELMAkGA1UEBhMCVVMxGDAWBg" + + "NVBAoTD1UuUy4gR292ZXJubWVudDEMMAoGA1UECxMDRG9kMRAwDgYDVQQLEwdUZXN0aW5n" + + "MRUwEwYDVQQDEwxDQTItUEwuMDEuMDcwHhcNOTgwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMT" + + "AwWjBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQL" + + "EwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNVBAMTDENBMy1QTC4wMS4wNzCBnzANBg" + + "kqhkiG9w0BAQEFAAOBjQAwgYkCgYEAr7YezMXvnkSuNCdXch2HRAEVuCqfzpVRCj6laJI9" + + "Q+NxgXwzaOwnImvwER3Hblh1l0MAt5/I/9hhqCN+918ueME50MkoM1wPbcmrRIlwWLGSVZ" + + "yBKeyPHrLbdPqVIexUlQk7PasLm/Qx4SvRGVe9IMLrEzPV3MFJtrJoWaMobQkCAwEAAaNm" + + "MGQwEgYDVR0TAQH/BAgwBgEB/wIBATAOBgNVHQ8BAf8EBAMCAQYwFgYDVR0gBA8wDTALBg" + + "lghkgBZQMBMAEwEQYDVR0OBAoECKw8JlHMvVfuMBMGA1UdIwQMMAqACCT+fDEaN7GaMA0G" + + "CSqGSIb3DQEBBQUAA4GBAA5JEDEDyqfZzTGzOoMV+8RVke+a4qgOo7rnOEdletgGFEwz8A" + + "tiMHBxR+UMxuHS82Hz3+F8XlyYIwlrG9wWVcB/tOyzgVyA28Yux9Q/meU7T6dco/AnmOdr" + + "2XL6Xm5iLnARG+PkUPHOsxuweyB/sSUSA8ZJPowNRWTik57ul/bO"; + public const string Intermediate_Certificate_4_PL_01_07_crt = + "MIICljCCAf+gAwIBAgICAJswDQYJKoZIhvcNAQEFBQAwXjELMAkGA1UEBhMCVVMxGDAWBg" + + "NVBAoTD1UuUy4gR292ZXJubWVudDEMMAoGA1UECxMDRG9kMRAwDgYDVQQLEwdUZXN0aW5n" + + "MRUwEwYDVQQDEwxDQTMtUEwuMDEuMDcwHhcNOTgwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMT" + + "AwWjBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQL" + + "EwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNVBAMTDENBNC1QTC4wMS4wNzCBnzANBg" + + "kqhkiG9w0BAQEFAAOBjQAwgYkCgYEA7mNS8dGz0gkXDbBRzP2ypdNMahJbM3cSMHO0hYpn" + + "uRsiXGUhIB0K4WVbnz6tr7Hch3yltK4H1Y12Lf8cXEETR2sE9lCY2A3r8/VM5OUbou5Y8k" + + "wIf03VhP7cGKonaFtlj/WD77fidDePVp1Nk28gV0T2F/l4pM5TEJrq5C9PSUcCAwEAAaNj" + + "MGEwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAQYwFgYDVR0gBA8wDTALBglghk" + + "gBZQMBMAEwEQYDVR0OBAoECJBEcZsMRq6CMBMGA1UdIwQMMAqACKw8JlHMvVfuMA0GCSqG" + + "SIb3DQEBBQUAA4GBACfbHKpuRJnZ5UU0sih8RuywhUo6Getwl/p6fsi87wYI61pvYru+hm" + + "4R4eAMZvg7MrAarS3Iu3zKBU1HKeq1i+hpwTIXrngR8eL2fU/X6GPzdte3+3tjhah38bqF" + + "zDon+N6ap4MKWRk033SsFYo1K88Mena2tGuFForJlV9DOF1l"; + public const string Intermediate_CRL_1_PL_01_07_crl = + "MIIBSzCBtQIBATANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS" + + "5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNV" + + "BAMTDENBMS1QTC4wMS4wNxcNOTkwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMTAwWqAjMCEwCg" + + "YDVR0UBAMCAQEwEwYDVR0jBAwwCoAItJQSfl3xjLAwDQYJKoZIhvcNAQEFBQADgYEAJtaE" + + "I1+PCNL1/bgEVKWUIwvh58ugnWhxzbFW6hNJwNEz9/yt+FLZfNrT/Ezort4VVQFLQg7+Gj" + + "KrkIujqfRJG4LXrXAV8ZsvSPuwyQ+hM1GdHGDPhj9x6DkjFusxJYUEs5BzlX7ovpnaIPSW" + + "RPsatheSzu48pMOCmyTKE3MpuZg="; + public const string Intermediate_CRL_2_PL_01_07_crl = + "MIIBSzCBtQIBATANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS" + + "5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNV" + + "BAMTDENBMi1QTC4wMS4wNxcNOTkwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMTAwWqAjMCEwCg" + + "YDVR0UBAMCAQEwEwYDVR0jBAwwCoAIJP58MRo3sZowDQYJKoZIhvcNAQEFBQADgYEALiV+" + + "BFpXhgTjiMZBYLVuc/fqhHcXeXOGOmJZoKUnIXjETH3rzkkt5k4tMN00ycZVgpRwn3ZyQs" + + "cFLcW8taau1J7iQOmGY/7qIT0eFx2OlgNmxqirmwx4OM5VSH5mEpnp9NOr1rfut1GDRzw0" + + "tZ+nhD/PGDXYPu+QPX6jii0vdHo="; + public const string Intermediate_CRL_3_PL_01_07_crl = + "MIIBSzCBtQIBATANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS" + + "5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNV" + + "BAMTDENBMy1QTC4wMS4wNxcNOTkwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMTAwWqAjMCEwCg" + + "YDVR0UBAMCAQEwEwYDVR0jBAwwCoAIrDwmUcy9V+4wDQYJKoZIhvcNAQEFBQADgYEASY47" + + "p94jEh9FZ1TrPS82nWC3Z6ZKdaD9pUbaJpRnAId59QdBaD2Cxq+SfM3HTlz8grCAPKwulv" + + "jDDhXhp4H/m63Q/pJbyl3bbMxnphMOoDwB9wwKIUQPM5wagMovF/UYtC8MoC++m2kuZ1eb" + + "fR/OIJuQr+k/kD5Axhw/xolKPdE="; + public const string Intermediate_CRL_4_PL_01_07_crl = + "MIIBSzCBtQIBATANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS" + + "5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNV" + + "BAMTDENBNC1QTC4wMS4wNxcNOTkwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMTAwWqAjMCEwCg" + + "YDVR0UBAMCAQEwEwYDVR0jBAwwCoAIkERxmwxGroIwDQYJKoZIhvcNAQEFBQADgYEAMhIQ" + + "lE+BdCO6NBz+YgcH+tjP0n4OCdQ+7uxUxUYmPtPbsLwbDDEEZUjykgwiA6P47Cqh5fXB6G" + + "tfInh1cmQi3y2IEHK+bRSx321qczOh34Yx2hw5vp+JFttbQAEl/BHixklrFBrXjN0UsWGC" + + "ibXcZy0YjerWTp/yceoABz9p94U="; + public const string End_Certificate_PL_01_07_crt = + "MIIChzCCAfCgAwIBAgICAJwwDQYJKoZIhvcNAQEFBQAwXjELMAkGA1UEBhMCVVMxGDAWBg" + + "NVBAoTD1UuUy4gR292ZXJubWVudDEMMAoGA1UECxMDRG9kMRAwDgYDVQQLEwdUZXN0aW5n" + + "MRUwEwYDVQQDEwxDQTQtUEwuMDEuMDcwHhcNOTgwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMT" + + "AwWjBgMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQL" + + "EwNEb0QxEDAOBgNVBAsTB1Rlc3RpbmcxFzAVBgNVBAMTDlVzZXIxLVBMLjAxLjA3MIGfMA" + + "0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCdH60mBM1eInACvOB83zLrtiebq9B5UBlAAVS8" + + "9ucDwGx1HOJwhwk2AmvhN7pYuDc+BFzuNtgHojqZSDpRMA3rVsGlgOkZ3sOQzvxB73w+/X" + + "XmCYpwcEGLpK4egl8r1aOYm0Zm4OxqWhNu9+Do7nrJczDLi8k/qh8/+Rfdtvt4kwIDAQAB" + + "o1IwUDAOBgNVHQ8BAf8EBAMCBeAwFgYDVR0gBA8wDTALBglghkgBZQMBMAEwEQYDVR0OBA" + + "oECEmVurZ+7UXFMBMGA1UdIwQMMAqACJBEcZsMRq6CMA0GCSqGSIb3DQEBBQUAA4GBAANe" + + "AbvpAHwBu9+FlI4DOb65Z+h5f2Ok59FVbVqAj3zkMRkawppngK3CMY/1BQlGXOlHvE+CGz" + + "x/7DsiV0O3rxOUjutt00PNxCyIM2pcOZeGUaAu5DJWn0SRwzTMJa4M5K+7wh/4sSPWyxKi" + + "ueDq2VXvIgAfEVC8Lv44sxcOduSZ"; + public readonly string[] TEST_60_DATA = new string[] + { + Intermediate_Certificate_1_PL_01_07_crt, + Intermediate_Certificate_2_PL_01_07_crt, + Intermediate_Certificate_3_PL_01_07_crt, + Intermediate_Certificate_4_PL_01_07_crt, + Intermediate_CRL_1_PL_01_07_crl, + Intermediate_CRL_2_PL_01_07_crl, + Intermediate_CRL_3_PL_01_07_crl, + Intermediate_CRL_4_PL_01_07_crl, + End_Certificate_PL_01_07_crt + }; + + /* + * test61 + * + */ + + public const string Intermediate_Certificate_1_PL_01_08_crt = + "MIICmTCCAgKgAwIBAgICAJ0wDQYJKoZIhvcNAQEFBQAwXjELMAkGA1UEBhMCVVMxGDAWBg" + + "NVBAoTD1UuUy4gR292ZXJubWVudDEMMAoGA1UECxMDRG9EMRAwDgYDVQQLEwdUZXN0aW5n" + + "MRUwEwYDVQQDEwxUcnVzdCBBbmNob3IwHhcNOTgwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMT" + + "AwWjBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQL" + + "EwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNVBAMTDENBMS1QTC4wMS4wODCBnzANBg" + + "kqhkiG9w0BAQEFAAOBjQAwgYkCgYEAsr+i9HxgO6LnOa6xOHfe9BeLVTo4iZd8rp6UTc02" + + "C0MmsSjvIgn3UiayU7aoHcTH8tAXSV5bn0CIH4B46qLym//oE69hUFImy6d1kKgNoaUKWB" + + "HztKVtswSSPjIUf7pbyp0wasYMN6fIKYyLpLXUxzA2DrD0kP2Y8ElQJKl2HocCAwEAAaNm" + + "MGQwEgYDVR0TAQH/BAgwBgEB/wIBBjAOBgNVHQ8BAf8EBAMCAQYwFgYDVR0gBA8wDTALBg" + + "lghkgBZQMBMAEwEQYDVR0OBAoECPMW3WMPtaowMBMGA1UdIwQMMAqACKua6/nC51SPMA0G" + + "CSqGSIb3DQEBBQUAA4GBAH2N6S9ggfmRJkzhs82uOPXaHF62YEg1pbNxaCyJJbSt2iIIyy" + + "NPSlE1OufPPH3pO7p5xcYi90LCI//0tlUL8y7aULFNygbshFY3B8MSgCz3KPA3UKdtIZYe" + + "7lqP9/ob5wmkjtLpx6oZ4/38jxqe37pH1IwVjaUnoeElSo3EkCI5"; + public const string Intermediate_Certificate_2_PL_01_08_crt = + "MIICmTCCAgKgAwIBAgICAJ4wDQYJKoZIhvcNAQEFBQAwXjELMAkGA1UEBhMCVVMxGDAWBg" + + "NVBAoTD1UuUy4gR292ZXJubWVudDEMMAoGA1UECxMDRG9kMRAwDgYDVQQLEwdUZXN0aW5n" + + "MRUwEwYDVQQDEwxDQTEtUEwuMDEuMDgwHhcNOTgwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMT" + + "AwWjBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQL" + + "EwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNVBAMTDENBMi1QTC4wMS4wODCBnzANBg" + + "kqhkiG9w0BAQEFAAOBjQAwgYkCgYEAqZZolrig33i1rEwdP1pin8a5PgzSk7fT+qhrJRCg" + + "UTOW5WyPtakrLTUipDcR07t8tIe0NsjRoph7+fAwbjWBfbJdydndHHGx5BqWg8Xi4zFhFd" + + "6Mc5O6KO7Yqxs8lmthv/RAdL4Eiir9d9hqskKOtQKbLWz+Bz3+9NwfLGzwzPcCAwEAAaNm" + + "MGQwEgYDVR0TAQH/BAgwBgEB/wIBATAOBgNVHQ8BAf8EBAMCAQYwFgYDVR0gBA8wDTALBg" + + "lghkgBZQMBMAEwEQYDVR0OBAoECFjxM3RkbbhNMBMGA1UdIwQMMAqACPMW3WMPtaowMA0G" + + "CSqGSIb3DQEBBQUAA4GBAJOJKBubTS/kLnfXN5YbQfggxbO2c7DTxx2LhrnPiyVDEow+Xf" + + "lMv4YK5olH6UUm02D8cv6Wxg4NeTtBBnwKQG/GV4Ssgc/rrpEzM7jFRQcUzPu0jfya2fX8" + + "ZNBnSDjovlN6vmZHtiksjh66h3a0aVusEuOQXD29ogMR8qAGYQaZ"; + public const string Intermediate_Certificate_3_PL_01_08_crt = + "MIICmTCCAgKgAwIBAgICAJ8wDQYJKoZIhvcNAQEFBQAwXjELMAkGA1UEBhMCVVMxGDAWBg" + + "NVBAoTD1UuUy4gR292ZXJubWVudDEMMAoGA1UECxMDRG9kMRAwDgYDVQQLEwdUZXN0aW5n" + + "MRUwEwYDVQQDEwxDQTItUEwuMDEuMDgwHhcNOTgwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMT" + + "AwWjBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQL" + + "EwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNVBAMTDENBMy1QTC4wMS4wODCBnzANBg" + + "kqhkiG9w0BAQEFAAOBjQAwgYkCgYEAogLtEcWxzzkkIYe+KrwKhaQjjGQqy2KDsW00U5lx" + + "+XJoT8eKd5pxFdCa0SPn/jkNILVeh07mIHec1WF8SOeveVT4Ewd3nG/6ZGoVVq6l0j+3RM" + + "jpJbp26BPR69nFn6rmFUMoSNq0VG8Zl+UBqnjq83G3umJCJMMRekUTULSFEGUCAwEAAaNm" + + "MGQwEgYDVR0TAQH/BAgwBgEB/wIBATAOBgNVHQ8BAf8EBAMCAQYwFgYDVR0gBA8wDTALBg" + + "lghkgBZQMBMAEwEQYDVR0OBAoECGAFYeJIhrRzMBMGA1UdIwQMMAqACFjxM3RkbbhNMA0G" + + "CSqGSIb3DQEBBQUAA4GBABHamiW7sPLQ83nXt3LZemcAp4QaDB8X94EuJGBwshEcKLoOHb" + + "/3cZkPRbOiRQUh/YdpfyApndGFSi0DtwM2Z7yup+MzdrR0wzQoNS95A51nHE7XdCuVFemc" + + "LTJ5rdd2BLK3OB5lQagVLzAY9Bs1vaeXKT2Cy+gSUkTIekWcsH3K"; + public const string Intermediate_Certificate_4_PL_01_08_crt = + "MIICljCCAf+gAwIBAgICAKAwDQYJKoZIhvcNAQEFBQAwXjELMAkGA1UEBhMCVVMxGDAWBg" + + "NVBAoTD1UuUy4gR292ZXJubWVudDEMMAoGA1UECxMDRG9kMRAwDgYDVQQLEwdUZXN0aW5n" + + "MRUwEwYDVQQDEwxDQTMtUEwuMDEuMDgwHhcNOTgwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMT" + + "AwWjBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQL" + + "EwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNVBAMTDENBNC1QTC4wMS4wODCBnzANBg" + + "kqhkiG9w0BAQEFAAOBjQAwgYkCgYEAxVjjKlLlZzeZhamPO2NDnRtWM1oWZ3/kdwdBRn50" + + "o1NRXb60Ir2HjniK1dRdbijAvR5uItLe9tmj4nusBiaPUGM0HNlEdQWSzble8rvUsP0apw" + + "uJusV7zLvzwwbgLbMYT+8lMhxWXM34xszP+dgjWASQOVao1Uqs/MLLibOuueUCAwEAAaNj" + + "MGEwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAQYwFgYDVR0gBA8wDTALBglghk" + + "gBZQMBMAEwEQYDVR0OBAoECFMFrvh2hQ18MBMGA1UdIwQMMAqACGAFYeJIhrRzMA0GCSqG" + + "SIb3DQEBBQUAA4GBAFsCOJ4DzuMOKti5PvF71ZKOtcTHSv123ZNdPIbK6OatT9YhVuUOYB" + + "AjMavggywrb+QOXOFfJMctQlS3y/JE9YyoNNt/4UTdx1jQ3I2ablonmzjt8eN5GJ9jUXth" + + "fHjxnmGUeWlAvwMjEdzdigkyuWCi9LJfjyHtTjSf9n7w2rU+"; + public const string Intermediate_CRL_1_PL_01_08_crl = + "MIIBSzCBtQIBATANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS" + + "5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNV" + + "BAMTDENBMS1QTC4wMS4wOBcNOTkwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMTAwWqAjMCEwCg" + + "YDVR0UBAMCAQEwEwYDVR0jBAwwCoAI8xbdYw+1qjAwDQYJKoZIhvcNAQEFBQADgYEAG2Aq" + + "R1oelnrTgh56m6Mm+Lsm0Sf+Ot1W7LzZmMDwoZgmGLcTduVktx+XrtiDDWsf58hmneT1q0" + + "5wl4yNH8y/VCAA3SM/gOq4ddOEiS8GbuEYo5P/julH/U3g6M0vfPUZ5y+7V0s35jIbTkjX" + + "76n3Rhf88nvTscYvMdqrYyUhAmg="; + public const string Intermediate_CRL_2_PL_01_08_crl = + "MIIBSzCBtQIBATANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS" + + "5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNV" + + "BAMTDENBMi1QTC4wMS4wOBcNOTkwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMTAwWqAjMCEwCg" + + "YDVR0UBAMCAQEwEwYDVR0jBAwwCoAIWPEzdGRtuE0wDQYJKoZIhvcNAQEFBQADgYEAX/+I" + + "DkAx7PLTi2x6aYbLacPRaUSjMne84MDaEkYiA64Vo3eL6FbKe14z2mBsM2W7x8xDnxjZ0N" + + "RbhcFZ2E6A1ct6HMunuKxjoROIsdWhrYMqJfKKMTWMviz1UjtupsGUWS0dVQCquAr6DJmr" + + "W88P8wgiVH2VZsc+edDmCGDunrI="; + public const string Intermediate_CRL_3_PL_01_08_crl = + "MIIBSzCBtQIBATANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS" + + "5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNV" + + "BAMTDENBMy1QTC4wMS4wOBcNOTkwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMTAwWqAjMCEwCg" + + "YDVR0UBAMCAQEwEwYDVR0jBAwwCoAIYAVh4kiGtHMwDQYJKoZIhvcNAQEFBQADgYEASw1+" + + "6rGDKgpUtXcCziQCjy8mHFD2zV6x/Ppxm2Gj0U+5eFnIbMPmr4TUYwfSOROUycsiJX/Wa8" + + "HEuqWJhIdcsHMA7TYf0iSXK597Bljjg4F/1Rgz0wqLjgMuA59eFbKjJ6zP1E6Sv2Ck0Ea9" + + "HJsv5zFA1ljVnNWoQwoHsuLk/wk="; + public const string Intermediate_CRL_4_PL_01_08_crl = + "MIIBSzCBtQIBATANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS" + + "5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNV" + + "BAMTDENBNC1QTC4wMS4wOBcNOTkwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMTAwWqAjMCEwCg" + + "YDVR0UBAMCAQEwEwYDVR0jBAwwCoAIUwWu+HaFDXwwDQYJKoZIhvcNAQEFBQADgYEAHHKd" + + "U1SccTsK99BUDrvF930ejNRAvHQM9xv80wcUAy18x+TLwBH8vDTmP210/C5Zk9pQs+rLDd" + + "doQQbWJrQkznyB1OSK0T41KZ9L0UE+YmFGJjz0PEzYHV0Kc57j5uc7Fsi8Xu20Y8JeTaJs" + + "FUXVsvnCuoSxYmwY1futFWHJG7Q="; + public const string End_Certificate_PL_01_08_crt = + "MIICljCCAf+gAwIBAgICAKEwDQYJKoZIhvcNAQEFBQAwXjELMAkGA1UEBhMCVVMxGDAWBg" + + "NVBAoTD1UuUy4gR292ZXJubWVudDEMMAoGA1UECxMDRG9kMRAwDgYDVQQLEwdUZXN0aW5n" + + "MRUwEwYDVQQDEwxDQTQtUEwuMDEuMDgwHhcNOTgwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMT" + + "AwWjBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQL" + + "EwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNVBAMTDENBNS1QTC4wMS4wODCBnzANBg" + + "kqhkiG9w0BAQEFAAOBjQAwgYkCgYEAwgNkhQrcqmjhkES6DNAW3uQLKILcFlrFvOlWfDPo" + + "ngXzCKeed85npqL+Enxo4sLarEiywuDLrDgPf0gKnZXQWBmzWViZhvTsiAemH7iNsNS68s" + + "hhb0vnLzlPpDUJDv7KVKW8VbM7nvplKptlEE6g5kmj3iEmM4l2u8Z/pmQoTsMCAwEAAaNj" + + "MGEwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAeYwFgYDVR0gBA8wDTALBglghk" + + "gBZQMBMAEwEQYDVR0OBAoECLfApJ09y/ZNMBMGA1UdIwQMMAqACFMFrvh2hQ18MA0GCSqG" + + "SIb3DQEBBQUAA4GBAG2ANLc/ib9ayz0B0L6/XQf/xuwETEq8kb5vWml/PbcFD1b/uwRHI8" + + "vTvM559nZgtzkhS5ZAvNBTh1CB9Ox/nugHc4srbH6/Wcd94pMQx/sfCB/C6zZ5Tbm7Y4jp" + + "hkjnxwGUYTvgNzxmaAPLyCfqY7KwhCSzns2M+yuncEKqlzuT"; + public readonly string[] TEST_61_DATA = new string[] + { + Intermediate_Certificate_1_PL_01_08_crt, + Intermediate_Certificate_2_PL_01_08_crt, + Intermediate_Certificate_3_PL_01_08_crt, + Intermediate_Certificate_4_PL_01_08_crt, + Intermediate_CRL_1_PL_01_08_crl, + Intermediate_CRL_2_PL_01_08_crl, + Intermediate_CRL_3_PL_01_08_crl, + Intermediate_CRL_4_PL_01_08_crl, + End_Certificate_PL_01_08_crt + }; + + /* + * test62 + * + */ + + public const string Intermediate_Certificate_1_PL_01_09_crt = + "MIICmTCCAgKgAwIBAgICAKIwDQYJKoZIhvcNAQEFBQAwXjELMAkGA1UEBhMCVVMxGDAWBg" + + "NVBAoTD1UuUy4gR292ZXJubWVudDEMMAoGA1UECxMDRG9EMRAwDgYDVQQLEwdUZXN0aW5n" + + "MRUwEwYDVQQDEwxUcnVzdCBBbmNob3IwHhcNOTgwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMT" + + "AwWjBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQL" + + "EwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNVBAMTDENBMS1QTC4wMS4wOTCBnzANBg" + + "kqhkiG9w0BAQEFAAOBjQAwgYkCgYEA4slldx8rhfz5l2i0rwib2McrCyQkadTjJRoEGQCV" + + "xT0dmw7GhDa6wJg2ozXLLk5y7ZCwlmBOTEoNbigHvcKSnJT8R/S+F4KqBz5d5dbRMNEKYz" + + "jdbD7Sm7id+eyfq1s5cpmta2lBJ5gTaC9YPSOY2mucGcJ1muYzdOc6h+PCCNMCAwEAAaNm" + + "MGQwEgYDVR0TAQH/BAgwBgEB/wIBBjAOBgNVHQ8BAf8EBAMCAQYwFgYDVR0gBA8wDTALBg" + + "lghkgBZQMBMAEwEQYDVR0OBAoECO7tq4dJC8OgMBMGA1UdIwQMMAqACKua6/nC51SPMA0G" + + "CSqGSIb3DQEBBQUAA4GBAHbth0HjAygIoWVrz59ZBPntOn5nzgUGpH60aSDOS6i9ZOKSoC" + + "7wCOEt6IpKO7M7SNznxaX2uhFTYotneyq3qENvqZVXKhE6wQRsdK4kG10cxSB5AXPHJRgk" + + "W9+p+Nb0iYVKwHdDCW8KHYIroGhSkKxuflwxhK6DcwQuA7y5q7r7"; + public const string Intermediate_Certificate_2_PL_01_09_crt = + "MIICmTCCAgKgAwIBAgICAKMwDQYJKoZIhvcNAQEFBQAwXjELMAkGA1UEBhMCVVMxGDAWBg" + + "NVBAoTD1UuUy4gR292ZXJubWVudDEMMAoGA1UECxMDRG9kMRAwDgYDVQQLEwdUZXN0aW5n" + + "MRUwEwYDVQQDEwxDQTEtUEwuMDEuMDkwHhcNOTgwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMT" + + "AwWjBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQL" + + "EwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNVBAMTDENBMi1QTC4wMS4wOTCBnzANBg" + + "kqhkiG9w0BAQEFAAOBjQAwgYkCgYEA70v7BFxmToZHF5M29JK6N0Ha6n729cv1U912mH9O" + + "NTz9tafa+jv4W7njScv21CJbNlUO5rlAFcTlXY0U9vbqHEufhtwRQqi7+pkfa+Ig8bwl26" + + "4U8L5rgmSvZJpEiiKfkmF2Rz9+zPPhHjk58ZcKoAcyhOdZ60KqmaaU/TVtEq8CAwEAAaNm" + + "MGQwEgYDVR0TAQH/BAgwBgEB/wIBBDAOBgNVHQ8BAf8EBAMCAQYwFgYDVR0gBA8wDTALBg" + + "lghkgBZQMBMAEwEQYDVR0OBAoECKOwR13+P/BlMBMGA1UdIwQMMAqACO7tq4dJC8OgMA0G" + + "CSqGSIb3DQEBBQUAA4GBAN71oLHr0+uf6zCOC5L7oeCOGMUwvZyROu8eTztZrPYGjaamSm" + + "Z0ZmUPOJP3g5nO6tHf34Tb9CTkwPdPicEaXuxflkSbJBV3mUFQ1BUDlyYTuaL8uT2N61dg" + + "xt5RgYTIGsW3/2XrRvXsH91gSiEkccoUyjKnQcX3oZmEeITb6H8m"; + public const string Intermediate_Certificate_3_PL_01_09_crt = + "MIICmTCCAgKgAwIBAgICAKQwDQYJKoZIhvcNAQEFBQAwXjELMAkGA1UEBhMCVVMxGDAWBg" + + "NVBAoTD1UuUy4gR292ZXJubWVudDEMMAoGA1UECxMDRG9kMRAwDgYDVQQLEwdUZXN0aW5n" + + "MRUwEwYDVQQDEwxDQTItUEwuMDEuMDkwHhcNOTgwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMT" + + "AwWjBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQL" + + "EwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNVBAMTDENBMy1QTC4wMS4wOTCBnzANBg" + + "kqhkiG9w0BAQEFAAOBjQAwgYkCgYEAwMLmDs63ai7i4xC/1ufMFWeigJAlbKWMti/PeEKi" + + "7LBfNJDRaO+1kde6QIo1vhkhKtokNu9ue3Rfo1+xGuZVohjRbHnmamEm5G3jihegPQgGCR" + + "fDZoJDI9HMbwBa0RWw1Nes5igIVjdSHQKO/XTul1yyF2Dt03K2qeLwes+2FyECAwEAAaNm" + + "MGQwEgYDVR0TAQH/BAgwBgEB/wIBATAOBgNVHQ8BAf8EBAMCAQYwFgYDVR0gBA8wDTALBg" + + "lghkgBZQMBMAEwEQYDVR0OBAoECPEAjG80q0FoMBMGA1UdIwQMMAqACKOwR13+P/BlMA0G" + + "CSqGSIb3DQEBBQUAA4GBAN9eiZXma2n0XgzdvYrlV/IEqBIhpcZ7gycjDumVBVITZJD2sJ" + + "bkBi+N8dg7uovgxGxWGsyxqgAboLhMgbpbFzGh+HyIhQu/CeAx93PWYc5rP2l2Y8d7KJvk" + + "p1GZEcG/nTakpjxTQ5MQYFsOHVsnDDOyaZYvqPuMrwGYsfoUa1wq"; + public const string Intermediate_Certificate_4_PL_01_09_crt = + "MIICljCCAf+gAwIBAgICAKUwDQYJKoZIhvcNAQEFBQAwXjELMAkGA1UEBhMCVVMxGDAWBg" + + "NVBAoTD1UuUy4gR292ZXJubWVudDEMMAoGA1UECxMDRG9kMRAwDgYDVQQLEwdUZXN0aW5n" + + "MRUwEwYDVQQDEwxDQTMtUEwuMDEuMDkwHhcNOTgwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMT" + + "AwWjBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQL" + + "EwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNVBAMTDENBNC1QTC4wMS4wOTCBnzANBg" + + "kqhkiG9w0BAQEFAAOBjQAwgYkCgYEAo4L9QEqzq2VXzkZI3cvUWR5v6vreKKQPfJPfEwNH" + + "nMS0cgDjC4Fnw9ySI7Eb4A/OJGLIyg84mzTl6JX3kGoYr9/bJ8jOD7pN6CljXuHpwwmd7L" + + "6Nf5Hy0ltjAIr5s67e33OWdPi4gApS4FN6nPSDkZotY73d1xqJYQQZWuNEsGUCAwEAAaNj" + + "MGEwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAQYwFgYDVR0gBA8wDTALBglghk" + + "gBZQMBMAEwEQYDVR0OBAoECLfU7BuxzXeCMBMGA1UdIwQMMAqACPEAjG80q0FoMA0GCSqG" + + "SIb3DQEBBQUAA4GBABmQZOvwRpVsTD8uazfQpLJUZkuTap4OOPHie5xJsvOhGend2k+LiP" + + "7btGoFrqmkyVV/+dNA8+45SRsnoOtgctiF2ubeqIvd7xf/J5C9Cmo+T89Mt7WEBEuDmEZm" + + "JPXvOvyh6lRcYVSBnvVW5ZSstNAQKa/8xuyN0OrE1hJWbucn"; + public const string Intermediate_CRL_1_PL_01_09_crl = + "MIIBSzCBtQIBATANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS" + + "5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNV" + + "BAMTDENBMS1QTC4wMS4wORcNOTkwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMTAwWqAjMCEwCg" + + "YDVR0UBAMCAQEwEwYDVR0jBAwwCoAI7u2rh0kLw6AwDQYJKoZIhvcNAQEFBQADgYEAbXc1" + + "QgR2TAvOPqJmRFFrDQkPVIVyEEDTwZy5aNnoAKK+AmJ5FZkBtbPJ8qt9UeYRh8lbX8+EIk" + + "tyrAKw/1Kc3h7RDqAQ/p8t8kFwVQh2l4KTIukV8hYcj5sMKlt5f49ZwzWPyoOaLDomiUfI" + + "OY/jaDMw293AjQXxGCDtnaTvh0o="; + public const string Intermediate_CRL_2_PL_01_09_crl = + "MIIBSzCBtQIBATANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS" + + "5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNV" + + "BAMTDENBMi1QTC4wMS4wORcNOTkwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMTAwWqAjMCEwCg" + + "YDVR0UBAMCAQEwEwYDVR0jBAwwCoAIo7BHXf4/8GUwDQYJKoZIhvcNAQEFBQADgYEAq6en" + + "XtvIdh/DifGzWn11hqJIZxLQDGJZPoMmwSOLyB6OzsPrIg1xkOWZYEOELTR8+qP6emmx+D" + + "CaEbUDLj60rso0gRQCBwTgHgjeMRpv8fGnV8MJgMv5BdzsGAGQbLSSY9FxtqeCPfZ6olHC" + + "iUIopdZJZP8ZvGKQ6QGaMnLpJ78="; + public const string Intermediate_CRL_3_PL_01_09_crl = + "MIIBSzCBtQIBATANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS" + + "5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNV" + + "BAMTDENBMy1QTC4wMS4wORcNOTkwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMTAwWqAjMCEwCg" + + "YDVR0UBAMCAQEwEwYDVR0jBAwwCoAI8QCMbzSrQWgwDQYJKoZIhvcNAQEFBQADgYEAraCx" + + "ruxopFbKvxOx/CIF4niG27ABB2ZwU6n4NBGYHo1Y9NjuytjjMZvQjMHyoayqpnF5TA1vXL" + + "jXjI3VgQcK7A4ah/0FNLFGtczyY8kXXrpbmdg8+xdNJEG3/e5rDW5VSf7OY1XqU85ySUJQ" + + "ZR5uiy8LxlDdaIT4WT7X5ezs3wk="; + public const string Intermediate_CRL_4_PL_01_09_crl = + "MIIBSzCBtQIBATANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS" + + "5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNV" + + "BAMTDENBNC1QTC4wMS4wORcNOTkwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMTAwWqAjMCEwCg" + + "YDVR0UBAMCAQEwEwYDVR0jBAwwCoAIt9TsG7HNd4IwDQYJKoZIhvcNAQEFBQADgYEATtjA" + + "BdSZYnIbv1bCL+aSiioJg9S9yWGD1mjsA/CDzvkzSffeSpvqaSy+Zwwf+NDMMG6Cs+SgU+" + + "sxQdJALAbb4sYGEyXj/Exh9BYHvgoVahH4NWuhm6LIN8RTcMDAtGoGYFNGXGuT8XRBUJZ/" + + "tH9re3gpWaE1rjWeB/2ZBR5ONcM="; + public const string End_Certificate_PL_01_09_crt = + "MIIChzCCAfCgAwIBAgICAKYwDQYJKoZIhvcNAQEFBQAwXjELMAkGA1UEBhMCVVMxGDAWBg" + + "NVBAoTD1UuUy4gR292ZXJubWVudDEMMAoGA1UECxMDRG9kMRAwDgYDVQQLEwdUZXN0aW5n" + + "MRUwEwYDVQQDEwxDQTQtUEwuMDEuMDkwHhcNOTgwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMT" + + "AwWjBgMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQL" + + "EwNEb0QxEDAOBgNVBAsTB1Rlc3RpbmcxFzAVBgNVBAMTDlVzZXIxLVBMLjAxLjA5MIGfMA" + + "0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC+g1Puqjn+/Of35mqVVUricIV5x+bpZRCAgBDh" + + "VYcmZFXLB/XnRd/mYTu0RR4ISEerC1km5tjGeCN2k3NGdZwz/wEh9kEL8WikSqpxUSUD/N" + + "vQbliz4f3YECLcpNXKzkCvszeB5ZGHa0sLYDg3r62wy+1y2rtcrHzFEoMFgnnruwIDAQAB" + + "o1IwUDAOBgNVHQ8BAf8EBAMCBeAwFgYDVR0gBA8wDTALBglghkgBZQMBMAEwEQYDVR0OBA" + + "oECANGcL2klYf7MBMGA1UdIwQMMAqACLfU7BuxzXeCMA0GCSqGSIb3DQEBBQUAA4GBAHm+" + + "/vQ7VxDry3VqiqKnNoOhAHTTIUphNWF4jddRqVc32IsjVaeTbcGwCIRflRm/lUplRvXXxb" + + "JEbW9mP3nfTCREUdm49hjmo/szsPjgosFoEmuEKXThC81/y2vQkb4/jqRoOHEknU++38EU" + + "Juv6Y6psZNa37x8Yn3i7S+b3TM2q"; + public readonly string[] TEST_62_DATA = new string[] + { + Intermediate_Certificate_1_PL_01_09_crt, + Intermediate_Certificate_2_PL_01_09_crt, + Intermediate_Certificate_3_PL_01_09_crt, + Intermediate_Certificate_4_PL_01_09_crt, + Intermediate_CRL_1_PL_01_09_crl, + Intermediate_CRL_2_PL_01_09_crl, + Intermediate_CRL_3_PL_01_09_crl, + Intermediate_CRL_4_PL_01_09_crl, + End_Certificate_PL_01_09_crt + }; + + /* + * test63 + * + */ + + public const string Intermediate_Certificate_1_PL_01_10_crt = + "MIICmTCCAgKgAwIBAgICAKcwDQYJKoZIhvcNAQEFBQAwXjELMAkGA1UEBhMCVVMxGDAWBg" + + "NVBAoTD1UuUy4gR292ZXJubWVudDEMMAoGA1UECxMDRG9EMRAwDgYDVQQLEwdUZXN0aW5n" + + "MRUwEwYDVQQDEwxUcnVzdCBBbmNob3IwHhcNOTgwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMT" + + "AwWjBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQL" + + "EwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNVBAMTDENBMS1QTC4wMS4xMDCBnzANBg" + + "kqhkiG9w0BAQEFAAOBjQAwgYkCgYEAr4LmuvhSms70CnuAHIHwz45csKvBPVtcDjA1tWNb" + + "NIvvNHBzyt6G8U4CTVKmsFAZOzrWJem3b/ZywM1WlDarGJAAa/SRIYZ/jQwaOIoPW4OUfK" + + "ZQI6MO7uAPcIQ4ugtPth10viVqZYLZn/6O26Q905YsFltuPFl64KrJVJJBlLECAwEAAaNm" + + "MGQwEgYDVR0TAQH/BAgwBgEB/wIBBjAOBgNVHQ8BAf8EBAMCAQYwFgYDVR0gBA8wDTALBg" + + "lghkgBZQMBMAEwEQYDVR0OBAoECGRn9ckrcsEdMBMGA1UdIwQMMAqACKua6/nC51SPMA0G" + + "CSqGSIb3DQEBBQUAA4GBANK+1qalm7Nl+PJHT9nQLVJ3ruQNAoMlH9fN52Q9BZCr30iWCd" + + "+GhQIPRjxZ4GWojMnqbWzYQsxIR2PLdFc6SwjQrq+i2ES/LePDtaLQddS44/+GP/+qDpM9" + + "Mqp3/Nbe1MfOKRBT57qgrxa8eUVieysoKeYX6yQpa8bab3qDwOTH"; + public const string Intermediate_Certificate_2_PL_01_10_crt = + "MIICmTCCAgKgAwIBAgICAKgwDQYJKoZIhvcNAQEFBQAwXjELMAkGA1UEBhMCVVMxGDAWBg" + + "NVBAoTD1UuUy4gR292ZXJubWVudDEMMAoGA1UECxMDRG9kMRAwDgYDVQQLEwdUZXN0aW5n" + + "MRUwEwYDVQQDEwxDQTEtUEwuMDEuMTAwHhcNOTgwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMT" + + "AwWjBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQL" + + "EwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNVBAMTDENBMi1QTC4wMS4xMDCBnzANBg" + + "kqhkiG9w0BAQEFAAOBjQAwgYkCgYEAx5tMLJ3LRxi9jAzCSNkj8zyrSO0cImNGf6ZCIzEU" + + "V8LrmXjgiZboPTh9LWQ3msWDLpzaxVxDLBXG3eMO8ys46TfJKciyeoiB8wfuNGMKAccm8u" + + "43XjWs1KAdNikWEZupYPgdmA92oRlVcHshG9PqP4+xA6sydpu3V18Nyfa0n3MCAwEAAaNm" + + "MGQwEgYDVR0TAQH/BAgwBgEB/wIBBDAOBgNVHQ8BAf8EBAMCAQYwFgYDVR0gBA8wDTALBg" + + "lghkgBZQMBMAEwEQYDVR0OBAoECDE3dDXkS7TxMBMGA1UdIwQMMAqACGRn9ckrcsEdMA0G" + + "CSqGSIb3DQEBBQUAA4GBAE+8cyOUQ7y4atc4BlZNZvGNRZ63dbGDCM2AItTEAf4ETM9v7j" + + "biUWTirJyoWsGxm2eIUk1V+EKxcuO3FotFUe7lS6thmVd6OYOSW+02RXMNklmptzK9I3AK" + + "DZNh82ugLNyrrd06BSiED+0MoGVVI4gi3wdFtRiai+MgQVeWIB4i"; + public const string Intermediate_Certificate_3_PL_01_10_crt = + "MIICmTCCAgKgAwIBAgICAKkwDQYJKoZIhvcNAQEFBQAwXjELMAkGA1UEBhMCVVMxGDAWBg" + + "NVBAoTD1UuUy4gR292ZXJubWVudDEMMAoGA1UECxMDRG9kMRAwDgYDVQQLEwdUZXN0aW5n" + + "MRUwEwYDVQQDEwxDQTItUEwuMDEuMTAwHhcNOTgwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMT" + + "AwWjBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQL" + + "EwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNVBAMTDENBMy1QTC4wMS4xMDCBnzANBg" + + "kqhkiG9w0BAQEFAAOBjQAwgYkCgYEAsmSUL/UZBYMdqU0PecjCd+9U+1Ld3mKkH303Fido" + + "K6k5S4ZObxVHKhYDJyp3CcVT2+nENjzIfQQQaA11UK7Uf/jmVs0IC8e2scWzq0W2BeOLef" + + "jVgNgXGsXyfLi9T4KJPPyGsKlIU2R2xKxgHmAOt/tw6OYX/OaEfM1jiQza5lkCAwEAAaNm" + + "MGQwEgYDVR0TAQH/BAgwBgEB/wIBATAOBgNVHQ8BAf8EBAMCAQYwFgYDVR0gBA8wDTALBg" + + "lghkgBZQMBMAEwEQYDVR0OBAoECHYI07i4owpIMBMGA1UdIwQMMAqACDE3dDXkS7TxMA0G" + + "CSqGSIb3DQEBBQUAA4GBAK23Kx99Y9HtFBVnHWW/NfvNro7I5Wx/ZCko6ulHm84FPAjhnL" + + "tvc4jmfAZd0wYPKQKWwUKUDWNEwIU1qkxyJYACckue35GLzj8aLY/z+h037vGonFmNutMM" + + "rcRdiV7gVD17dYLVTt0RgxsDVDtut+twqHgIaKtKyJnl9dSgFFv1"; + public const string Intermediate_Certificate_4_PL_01_10_crt = + "MIICljCCAf+gAwIBAgICAKowDQYJKoZIhvcNAQEFBQAwXjELMAkGA1UEBhMCVVMxGDAWBg" + + "NVBAoTD1UuUy4gR292ZXJubWVudDEMMAoGA1UECxMDRG9kMRAwDgYDVQQLEwdUZXN0aW5n" + + "MRUwEwYDVQQDEwxDQTMtUEwuMDEuMTAwHhcNOTgwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMT" + + "AwWjBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQL" + + "EwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNVBAMTDENBNC1QTC4wMS4xMDCBnzANBg" + + "kqhkiG9w0BAQEFAAOBjQAwgYkCgYEArgBnLCnqI6Sa7gXkZOvIKH4EL5i3CoG6eGG2R8aA" + + "kjBs78IKGYj9gY7rRajAKSpf19zvfcW8+2gBDDj5AoCy6uDnBICmqdu+hkdokVi8dJHiTU" + + "9LdS2TeuvFv47eiXoEBjMEAquCuSyHvW3lNrA+ESTnK3s7V4lBoO+o5mZD6dsCAwEAAaNj" + + "MGEwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAQYwFgYDVR0gBA8wDTALBglghk" + + "gBZQMBMAEwEQYDVR0OBAoECLTgYziQC9zmMBMGA1UdIwQMMAqACHYI07i4owpIMA0GCSqG" + + "SIb3DQEBBQUAA4GBAEx8wgBjBglU98rocddKAEKXkt4MNzrpUMq75C9HtnuOtFgM2oY/OC" + + "x67aZSTEph9ag6Hc+MyxWB5rzGD9j0y7OLsasE9AX8vjplUq50wq1xAFkGi1GnqRK/Oe7D" + + "S6R66+UFHW/3KAeNe96aaJuMcx0TRbfkGbW1ASSi/ixMd9Gi"; + public const string Intermediate_CRL_1_PL_01_10_crl = + "MIIBSzCBtQIBATANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS" + + "5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNV" + + "BAMTDENBMS1QTC4wMS4xMBcNOTkwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMTAwWqAjMCEwCg" + + "YDVR0UBAMCAQEwEwYDVR0jBAwwCoAIZGf1yStywR0wDQYJKoZIhvcNAQEFBQADgYEAjkY5" + + "nXjLst8CMz0fyEM7Ft2d9TOOJXV4TMAfSAP9QCnit8qzrdVdJ6TJIsJNZYBz9Ryr5K/iSw" + + "KbYk0g6y/pskcMoHG3vJwNAxBbkf+fV7Eyve+90Z6oWDXHKLGCQQpdZ0a0wAqYeiScok8+" + + "YHypEVLfbjWARR9fsci2Ps3tdvA="; + public const string Intermediate_CRL_2_PL_01_10_crl = + "MIIBSzCBtQIBATANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS" + + "5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNV" + + "BAMTDENBMi1QTC4wMS4xMBcNOTkwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMTAwWqAjMCEwCg" + + "YDVR0UBAMCAQEwEwYDVR0jBAwwCoAIMTd0NeRLtPEwDQYJKoZIhvcNAQEFBQADgYEAdpTU" + + "xcywBjX2rD8Gu6zkDqlDmZfRXHDPtnf2RB4bHDx77kDEib6nH6DGoJdx8WnRTZsTjly3MG" + + "62LfVmjp/bJyKHUQqBDrilv21EWsaI9JOr673Nk5iTZa/645GdgyLzSmxvcVDN40BAH0py" + + "/2gvBQTPNzp2W1IR2mebuLdHwTI="; + public const string Intermediate_CRL_3_PL_01_10_crl = + "MIIBSzCBtQIBATANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS" + + "5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNV" + + "BAMTDENBMy1QTC4wMS4xMBcNOTkwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMTAwWqAjMCEwCg" + + "YDVR0UBAMCAQEwEwYDVR0jBAwwCoAIdgjTuLijCkgwDQYJKoZIhvcNAQEFBQADgYEATVf2" + + "cEEGphsIe0AsqNJ5rENLe8DeDAV8R4XCKdeP5qmHmLMm9Z4pX8bIfU7bCoXiNIwGvIU6ag" + + "FmHPNHEj70cQFVqCX/ZESc02hit+Os9g7pcl7s9QgwVUCMZdCiF/+pSEp3eCL5tFoKmAZe" + + "nxkL0KOSuKmBzuqRtZufbhDvmbw="; + public const string Intermediate_CRL_4_PL_01_10_crl = + "MIIBSzCBtQIBATANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS" + + "5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNV" + + "BAMTDENBNC1QTC4wMS4xMBcNOTkwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMTAwWqAjMCEwCg" + + "YDVR0UBAMCAQEwEwYDVR0jBAwwCoAItOBjOJAL3OYwDQYJKoZIhvcNAQEFBQADgYEAbG2B" + + "BhvRQ1pY/8VFeiCRFD8mBzq5iW5hWv2P7Zdp9zEbQo0fI4Kbis3OGemEttCxvAc/UPfogr" + + "UudImf3s8sLV9BS59xQUGQlxZ5XBNlripY8EjHNWrwgy7/x4hzlZ9yYBbqoNOqnHLy/gbM" + + "XZWoCbIK0co70lh1soOQ6eqLDKM="; + public const string End_Certificate_PL_01_10_crt = + "MIICljCCAf+gAwIBAgICAKswDQYJKoZIhvcNAQEFBQAwXjELMAkGA1UEBhMCVVMxGDAWBg" + + "NVBAoTD1UuUy4gR292ZXJubWVudDEMMAoGA1UECxMDRG9kMRAwDgYDVQQLEwdUZXN0aW5n" + + "MRUwEwYDVQQDEwxDQTQtUEwuMDEuMTAwHhcNOTgwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMT" + + "AwWjBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQL" + + "EwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNVBAMTDENBNS1QTC4wMS4xMDCBnzANBg" + + "kqhkiG9w0BAQEFAAOBjQAwgYkCgYEA3bx0qx8s4Zse6Ri6NqkLEKUPLIOhTFj/9Dh7sxvE" + + "HpemBlTjbp2in08WTxEb9n8iAIWuGs3Vqm82ttBQmayjIaWD5oE/BE0oV/e91NAv/aRLsl" + + "f7VtOb6vi8Ef6muOAjI2dUaUD6QONkqkJhnZ353uR3LZnsAEAW+InePGFNEGkCAwEAAaNj" + + "MGEwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAeYwFgYDVR0gBA8wDTALBglghk" + + "gBZQMBMAEwEQYDVR0OBAoECIokB8m8Vi4QMBMGA1UdIwQMMAqACLTgYziQC9zmMA0GCSqG" + + "SIb3DQEBBQUAA4GBAKBGQwZQLQFXb+/kjP5xAtq+1rRtrblytjpv3ujJrKH1v2VB2+9boB" + + "0YYYGJTy2Wuj0ZBEMeTzMO8Hol4Mq9pnYv5DCmfnZN3FuDidgnRsCjM3ZL7NcXXG9YwlKF" + + "G2SXj0YfkSwN9gnyN11W8i+F/OSjlm+TDKHB3ePMcY8EnnXy"; + public readonly string[] TEST_63_DATA = new string[] + { + Intermediate_Certificate_1_PL_01_10_crt, + Intermediate_Certificate_2_PL_01_10_crt, + Intermediate_Certificate_3_PL_01_10_crt, + Intermediate_Certificate_4_PL_01_10_crt, + Intermediate_CRL_1_PL_01_10_crl, + Intermediate_CRL_2_PL_01_10_crl, + Intermediate_CRL_3_PL_01_10_crl, + Intermediate_CRL_4_PL_01_10_crl, + End_Certificate_PL_01_10_crt + }; + + /* + * test64 + * + */ + + public const string Intermediate_Certificate_RL_02_01_crt = + "MIICljCCAf+gAwIBAgICAKwwDQYJKoZIhvcNAQEFBQAwXjELMAkGA1UEBhMCVVMxGDAWBg" + + "NVBAoTD1UuUy4gR292ZXJubWVudDEMMAoGA1UECxMDRG9EMRAwDgYDVQQLEwdUZXN0aW5n" + + "MRUwEwYDVQQDEwxUcnVzdCBBbmNob3IwHhcNOTgwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMT" + + "AwWjBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQL" + + "EwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNVBAMTDENBMS1STC4wMi4wMTCBnzANBg" + + "kqhkiG9w0BAQEFAAOBjQAwgYkCgYEA3AN+Y3Hl/9V0nKXHQotb/cA2VfZc5vrRu+ZjwKgK" + + "6KasGegAorKSTybYX/fTbnaPwykDPfSscAnzAW5WdF9+wTLmvYc+6pkcx1ryKkGmofFMXi" + + "bZ5LUO/oK0iuNjBKfLdWoi+hpciKyPb9Bs8SO/svKSNqTEbn9ts3q6tpbngoECAwEAAaNj" + + "MGEwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAQYwFgYDVR0gBA8wDTALBglghk" + + "gBZQMBMAEwEQYDVR0OBAoECGXQ07qiAqv2MBMGA1UdIwQMMAqACKua6/nC51SPMA0GCSqG" + + "SIb3DQEBBQUAA4GBADKtN3OOaRdte0X4xLC6nTGaK/u7IEKQ0DjduDHwJR5w27zefrx48Z" + + "dlq8t5lAfQJqWmfk7iCIW1QJPLcZOouWDP2S9Cb0YooGQRIEkMjpBn3Xufx0XUphtCDs3W" + + "9LAMVXqfuce1tpZ6Dvrh6/H2X8rJMU29Czsz949bh6tcsHJi"; + public const string Intermediate_CRL_RL_02_01_crl = + "MIIBSzCBtQIBATANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS" + + "5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNV" + + "BAMTDENBMS1STC4wMi4wMRcNOTkwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMTAwWqAjMCEwCg" + + "YDVR0UBAMCAQEwEwYDVR0jBAwwCoAIZdDTuqICq/YwDQYJKoZIhvcNAQEFBQADgYEAxrDH" + + "zKno1mkJqPTub0c9To6jC3CGTilV1E12oD0kFjkXqL40+W251qQ2wMC+G7ZrzBIc5dRuJ9" + + "3feHZ7cc03/s3TziXDvSyfNOYpHzkPwT48HuSgBYgJ3uswwk+tDiA64NzbOJqssxxhFRok" + + "9OpwC8eQkzgpA3a6816v2I3XL9s="; + public const string End_Certificate_RL_02_01_crt = + "MIIChzCCAfCgAwIBAgICAK0wDQYJKoZIhvcNAQEFBQAwXjELMAkGA1UEBhMCVVMxGDAWBg" + + "NVBAoTD1UuUy4gR292ZXJubWVudDEMMAoGA1UECxMDRG9kMRAwDgYDVQQLEwdUZXN0aW5n" + + "MRUwEwYDVQQDEwxDQTEtUkwuMDIuMDEwHhcNOTgwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMT" + + "AwWjBgMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQL" + + "EwNEb0QxEDAOBgNVBAsTB1Rlc3RpbmcxFzAVBgNVBAMTDlVzZXIxLVJMLjAyLjAxMIGfMA" + + "0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCykRGcIKuxia47yRmJT8XpNNi2LTTbUUTteIBp" + + "DZBfz2ExeWLruO9Rn1/oB/EP+4apx4r9rQ2tGsvr/7qQYeQK8W7eJzZgvxFadY57IMfUNq" + + "1nEnj0ZvuWrOSf+K9v6FWX5Y2uyZS5Uvb1VVQv0Ev890+yXTtthPTjepk3JkkouwIDAQAB" + + "o1IwUDAOBgNVHQ8BAf8EBAMCBeAwFgYDVR0gBA8wDTALBglghkgBZQMBMAEwEQYDVR0OBA" + + "oECFIkVrx7NRAdMBMGA1UdIwQMMAqACGXQ07qiAqv2MA0GCSqGSIb3DQEBBQUAA4GBAI+B" + + "T6bFZruoeFHXsYVjkQ42jSdYB9JuQkG7JLKte5gGlhyR+jMlJBzxBgNIfvlmYSnbRFPbE8" + + "eqsGm90hJJoUuVMkm0i03H13uddlS494O6HhTGpaKcYwp3hbLhVcaY3wFTqTCuZk1T7Oxq" + + "ggTrCDYvNH+/ZpQuy6nB/FH3SAHS"; + public readonly string[] TEST_64_DATA = new string[] + { + Intermediate_Certificate_RL_02_01_crt, + Intermediate_CRL_RL_02_01_crl, + End_Certificate_RL_02_01_crt + }; + + /* + * test65 + * + */ + + public const string Intermediate_Certificate_1_RL_03_01_crt = + "MIICljCCAf+gAwIBAgICAK4wDQYJKoZIhvcNAQEFBQAwXjELMAkGA1UEBhMCVVMxGDAWBg" + + "NVBAoTD1UuUy4gR292ZXJubWVudDEMMAoGA1UECxMDRG9EMRAwDgYDVQQLEwdUZXN0aW5n" + + "MRUwEwYDVQQDEwxUcnVzdCBBbmNob3IwHhcNOTgwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMT" + + "AwWjBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQL" + + "EwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNVBAMTDENBMS1STC4wMy4wMTCBnzANBg" + + "kqhkiG9w0BAQEFAAOBjQAwgYkCgYEAsZG8wsV3Kuo+jtnKxLYGBuAqQwUh6Cs7ioDTNUFI" + + "UDDJ0lOP1HVTMBA7DEcyTCGvnQ02dEVVuCddBTQvG5RvW7G7cCEW37cS56/3yPsU1bD/cp" + + "3C1pPJpoun04va91Sxtgcmx7jnz69QPVrucu6aI1sZyeOlvzb8K7DceaAfR98CAwEAAaNj" + + "MGEwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAQYwFgYDVR0gBA8wDTALBglghk" + + "gBZQMBMAEwEQYDVR0OBAoECMNzJ3SpyOLxMBMGA1UdIwQMMAqACKua6/nC51SPMA0GCSqG" + + "SIb3DQEBBQUAA4GBABo7oKmQilgji3w1tGz1cMrWxZxqGJqOAKcHywli+oxFo2oxSfEuFS" + + "tN2aEd2Ja5HU5a0ySztvByXF1TTNurGez7ARxmcS2kpoQtQXTloywza4A5N7iQwk0yyo/E" + + "J4lrXUfVRwZHr7FwA7qMODtFb0+Zivv9JLaq19GhnRhzZyWp"; + public const string Intermediate_Certificate_2_RL_03_01_crt = + "MIICljCCAf+gAwIBAgICAK8wDQYJKoZIhvcNAQEFBQAwXjELMAkGA1UEBhMCVVMxGDAWBg" + + "NVBAoTD1UuUy4gR292ZXJubWVudDEMMAoGA1UECxMDRG9EMRAwDgYDVQQLEwdUZXN0aW5n" + + "MRUwEwYDVQQDEwxUcnVzdCBBbmNob3IwHhcNOTgwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMT" + + "AwWjBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQL" + + "EwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNVBAMTDENBMi1STC4wMy4wMTCBnzANBg" + + "kqhkiG9w0BAQEFAAOBjQAwgYkCgYEAt7yNq1QZsV3p7OR8rgPuY7x7Bvs+nPhcLR7zFOgR" + + "+plQUwpWQ2PhuzReVV4jNasKtNK9MIWoeV+eV3pEiso5obb9+Byvha1F6gkYNZMPs9Iv86" + + "cJSMtownNJVGVAL9FEpof1QKLp7kfn08EjkoGmGy85xy9uFytd2S8n5TlrBqcCAwEAAaNj" + + "MGEwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAQYwFgYDVR0gBA8wDTALBglghk" + + "gBZQMBMAEwEQYDVR0OBAoECAVwoCPFqMtqMBMGA1UdIwQMMAqACKua6/nC51SPMA0GCSqG" + + "SIb3DQEBBQUAA4GBAL9GufFieduzBJaMtsXtKHMf64O/KAGLSh1YDXS+a7Ku+EFw+WteKU" + + "Ob6+c1m7VH9P711eATQoACotCdKusPECqeYDEmT9keqA4f7cP4VcvGwhvSVQJsPuB3LL3S" + + "LIILE4zhT+O9G+5v+mkG/pEDirRYk6ZkdM91bsUuzsX40uyn"; + public const string Intermediate_CRL_RL_03_01_crl = + "MIIBSzCBtQIBATANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS" + + "5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNV" + + "BAMTDENBMi1STC4wMy4wMRcNOTkwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMTAwWqAjMCEwCg" + + "YDVR0UBAMCAQEwEwYDVR0jBAwwCoAIBXCgI8Woy2owDQYJKoZIhvcNAQEFBQADgYEAkwyA" + + "I1rrz6tOmEpBHDzuJfqY2nbXCIXFN6dVuaKNZWHJ4ZNIc4/t29Wa5GgXYrVXyXRcXP/u5k" + + "NEhOX2/NwCm6vL8+tclYP5qPLrh/Dk4v3nvcTFLKCvclAbf4Il0zfMQx+RRnO5PPqPDu5i" + + "1tHHwOtA8Q+oO71lZEwPE+pX1Sc="; + public const string End_Certificate_RL_03_01_crt = + "MIIChzCCAfCgAwIBAgICALAwDQYJKoZIhvcNAQEFBQAwXjELMAkGA1UEBhMCVVMxGDAWBg" + + "NVBAoTD1UuUy4gR292ZXJubWVudDEMMAoGA1UECxMDRG9kMRAwDgYDVQQLEwdUZXN0aW5n" + + "MRUwEwYDVQQDEwxDQTEtUkwuMDMuMDEwHhcNOTgwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMT" + + "AwWjBgMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQL" + + "EwNEb0QxEDAOBgNVBAsTB1Rlc3RpbmcxFzAVBgNVBAMTDlVzZXIxLVJMLjAzLjAxMIGfMA" + + "0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDPGLfi8/T5p63cbGE98mqO5VzkeI1r2/2TLgvY" + + "RpL1h8i+CVYKoX37yYwNXf+HkHhj1OXJSNrm7853ctmDf2h1fv3f1+qJLg4VRVzlEgErNq" + + "74OR7XLXV77kGOmhip2g5BF5VKeqAdj0pCo1E5ZFHpRPFq/0DDmSda6GKJ6Dl8hwIDAQAB" + + "o1IwUDAOBgNVHQ8BAf8EBAMCBeAwFgYDVR0gBA8wDTALBglghkgBZQMBMAEwEQYDVR0OBA" + + "oECOHM3uWxFmcrMBMGA1UdIwQMMAqACMNzJ3SpyOLxMA0GCSqGSIb3DQEBBQUAA4GBAFBu" + + "doX0TZK/yoUcrSkP8AtFiv5c7QvyEtigFZTT+lbW/g4RX/oJGNZCu78yAxCczl+Z6ft+0V" + + "wInwahjyyAgw4QXxtw3b9CfqvT7HH7hcQ6r9ZA/NA9XpzNtxKfmXjzCZWdfmLJrd8KCnU/" + + "utKRAObRBKiaTGa178SEWvtkoIXd"; + public readonly string[] TEST_65_DATA = new string[] + { + Intermediate_Certificate_1_RL_03_01_crt, + Intermediate_Certificate_2_RL_03_01_crt, + Intermediate_CRL_RL_03_01_crl, + End_Certificate_RL_03_01_crt + }; + + /* + * test66 + * + */ + + public const string Intermediate_Certificate_RL_03_02_crt = + "MIICljCCAf+gAwIBAgICALEwDQYJKoZIhvcNAQEFBQAwXjELMAkGA1UEBhMCVVMxGDAWBg" + + "NVBAoTD1UuUy4gR292ZXJubWVudDEMMAoGA1UECxMDRG9EMRAwDgYDVQQLEwdUZXN0aW5n" + + "MRUwEwYDVQQDEwxUcnVzdCBBbmNob3IwHhcNOTgwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMT" + + "AwWjBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQL" + + "EwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNVBAMTDENBMS1STC4wMy4wMjCBnzANBg" + + "kqhkiG9w0BAQEFAAOBjQAwgYkCgYEAvoTuc2LYBOhziBe02f6F8l9MwX74O1lknBcJjGvq" + + "JcirQx/6hQgBQT4hz4RRXNy7DSBr3swEw4eDNSeyd6kvG0h9oI3+SVmVyPPVi5eKDL1roI" + + "OBzmfx1+Nn/CnwOf8VroKDutBBQ0gJ24IEjwp6er/8hEAVN/yIjIi/MTFeoRkCAwEAAaNj" + + "MGEwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAQYwFgYDVR0gBA8wDTALBglghk" + + "gBZQMBMAEwEQYDVR0OBAoECKtCUOlmMPu6MBMGA1UdIwQMMAqACKua6/nC51SPMA0GCSqG" + + "SIb3DQEBBQUAA4GBAI9x8O/JgJuZV/s4OBUy3AvcW9QP3HWWBQSdxUdjSosT2schjn7wrR" + + "gttL7vWjT1djsbATAHa5C3inG+VjGIq/NqWaPoHAucRNMs4oZX2ACZFuBLOb/qhywsKh5+" + + "bjv4QgtqkUedzEratY6yQiJSiMSJVJSMzHosTVMX7oOp+cll"; + public const string Intermediate_CRL_RL_03_02_crl = + "MIIBcDCB2gIBATANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS" + + "5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNV" + + "BAMTDENBMS1STC4wMi4wMRcNOTkwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMTAwWjAjMCECAg" + + "CyFw05OTAxMDExMjAwMDBaMAwwCgYDVR0VBAMKAQGgIzAhMAoGA1UdFAQDAgEBMBMGA1Ud" + + "IwQMMAqACKtCUOlmMPu6MA0GCSqGSIb3DQEBBQUAA4GBAAEZ0Hg6sKiVXIeK6zbQrKtMMz" + + "Vz2K68+SqN1LAjlNW6u+HSTlAvhRIFO1Hv5Zj7qbO226rLxas/X2XWXpMlm84NHN8T4dZU" + + "4Yo5rhhpCHckRxNYn3AFcfcV4ra1rrTtdx8e7e7/m0Ghog9Ny52ZuQThasL9caF0JxUx6d" + + "zbBHPm"; + public const string End_Certificate_RL_03_02_crt = + "MIIChzCCAfCgAwIBAgICALIwDQYJKoZIhvcNAQEFBQAwXjELMAkGA1UEBhMCVVMxGDAWBg" + + "NVBAoTD1UuUy4gR292ZXJubWVudDEMMAoGA1UECxMDRG9kMRAwDgYDVQQLEwdUZXN0aW5n" + + "MRUwEwYDVQQDEwxDQTEtUkwuMDMuMDIwHhcNOTgwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMT" + + "AwWjBgMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQL" + + "EwNEb0QxEDAOBgNVBAsTB1Rlc3RpbmcxFzAVBgNVBAMTDlVzZXIxLVJMLjAzLjAyMIGfMA" + + "0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDNb6HGPRDulLMCCyCq6w2X8rHPtm1gN68JXFkX" + + "j/BZsHhu29Z9hXj76hO//7O775EPVMSLyRy8t15yzYpXfZRHFaGB5bs8U2R5ClvsD2FR0H" + + "t0JVfU6Ggn1lhO+jOiguJtXVRjofsfvHuiOe75ctaJ9lBpgwiV8tk4VRKz2e5xVwIDAQAB" + + "o1IwUDAOBgNVHQ8BAf8EBAMCBeAwFgYDVR0gBA8wDTALBglghkgBZQMBMAEwEQYDVR0OBA" + + "oECI3Gy0TgXMrwMBMGA1UdIwQMMAqACKtCUOlmMPu6MA0GCSqGSIb3DQEBBQUAA4GBAISQ" + + "Qh9+7D6nk3FL5YQOzyZ0BSHQYjpbIVykJ+Lr4jBPKyGgCqW6jqWNg7X4waB77J2z/OkavY" + + "A6qtpsk8r2wmG9thi8JyZZNhYMxAszHzFbBmSoxGRMvI0XarxgIu8Ky6V7jKVDLz12C3o9" + + "H0yd+nZXilCD+p9BTjjg5bGUogJS"; + public readonly string[] TEST_66_DATA = new string[] + { + Intermediate_Certificate_RL_03_02_crt, + Intermediate_CRL_RL_03_02_crl, + End_Certificate_RL_03_02_crt + }; + + /* + * test67 + * + */ + + public const string Intermediate_Certificate_RL_03_03_crt = + "MIICljCCAf+gAwIBAgICALMwDQYJKoZIhvcNAQEFBQAwXjELMAkGA1UEBhMCVVMxGDAWBg" + + "NVBAoTD1UuUy4gR292ZXJubWVudDEMMAoGA1UECxMDRG9EMRAwDgYDVQQLEwdUZXN0aW5n" + + "MRUwEwYDVQQDEwxUcnVzdCBBbmNob3IwHhcNOTgwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMT" + + "AwWjBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQL" + + "EwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNVBAMTDENBMS1STC4wMy4wMzCBnzANBg" + + "kqhkiG9w0BAQEFAAOBjQAwgYkCgYEAu/o0uxgTrAvNDrMNuG2eTla+AmkLVCIXBbsIo0gs" + + "tLm29tLwfBh/8l5OC0y6Xeh5lx+NLdelsiZGRNaaWmWHj9Ji5V6rclr8sXRDUjxe12zLeh" + + "0G+a0TfpL380cx9RItqQyA1ZRiUNymmJHnm13hwrf7LPirR9BMrtyTT2EI3cMCAwEAAaNj" + + "MGEwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAQYwFgYDVR0gBA8wDTALBglghk" + + "gBZQMBMAEwEQYDVR0OBAoECHYt39LYdEn0MBMGA1UdIwQMMAqACKua6/nC51SPMA0GCSqG" + + "SIb3DQEBBQUAA4GBAIoSGa7MxnOuHoWM/BoJKsCeBmBHYCYDKmQ19JfsDHW8z8oAFiikFb" + + "Gtw1Qpc0GFfJgN0cppaXfe5lDS6BWL2dPorhu3URfXKu84ATLwGmNhqLDY7zh/zPvLtG2m" + + "izaMLC6ZwZL5KELpYpcP15EHPDquyP1xpV3fT17GjpG9IH8k"; + public const string Intermediate_CRL_1_RL_03_03_crl = + "MIIBcDCB2gIBATANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS" + + "5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNV" + + "BAMTDENBMS1STC4wMi4wMRcNOTkwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMTAwWjAjMCECAg" + + "C0Fw05OTAxMDExMjAwMDBaMAwwCgYDVR0VBAMKAQGgIzAhMAoGA1UdFAQDAgEBMBMGA1Ud" + + "IwQMMAqACHYt39LYdEn0MA0GCSqGSIb3DQEBBQUAA4GBAI3HsXanos/N6uO3QVUaBZzmCt" + + "w1HCHMrLVG614YlUQiEedQ/oEc7dwCeD1rUbGNVkFPIRvMkmUQo1klhKAlEUmrtW+aH+If" + + "6oqumifqxvaycWidacbgNLIAMQtlQmniPF6Pq0dv8sNeKq4CE0gjRHOPJ2zIqy3kJ3tZYB" + + "pTguwO"; + public const string Intermediate_CRL_2_RL_03_03_crl = + "MIIBSzCBtQIBATANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS" + + "5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNV" + + "BAMTDENBMS1STC4wMy4wMxcNOTkwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMTAwWqAjMCEwCg" + + "YDVR0UBAMCAQEwEwYDVR0jBAwwCoAIdi3f0th0SfQwDQYJKoZIhvcNAQEFBQADgYEAXZSZ" + + "ySsD7U6ETy9ZRmiKUCJMUV9CIhCY0mEihHjW0DhFTyV1Hr01yN5zUr/IFVuP/Xcx36IX4l" + + "dVv6/MgR1GeM/BUGZhm4z6YwfAosZ1N3zayIy/pP3fa1rVRl8cgCxc/8qxg9nH9p6yPpxM" + + "AOOu6TLYquk/dA7wJPEW7MPixXY="; + public const string End_Certificate_RL_03_03_crt = + "MIIChzCCAfCgAwIBAgICALQwDQYJKoZIhvcNAQEFBQAwXjELMAkGA1UEBhMCVVMxGDAWBg" + + "NVBAoTD1UuUy4gR292ZXJubWVudDEMMAoGA1UECxMDRG9kMRAwDgYDVQQLEwdUZXN0aW5n" + + "MRUwEwYDVQQDEwxDQTEtUkwuMDMuMDMwHhcNOTgwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMT" + + "AwWjBgMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQL" + + "EwNEb0QxEDAOBgNVBAsTB1Rlc3RpbmcxFzAVBgNVBAMTDlVzZXIxLVJMLjAzLjAzMIGfMA" + + "0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC5LNxAB+lm514Hk2ykrFUb7fCX0ryIEMg0mgeT" + + "/z8Iw7xisht57koK4PTXY863aunfNNh+8oFTHZnoLB5dbkROj1nFRgcWPezzv1wNkZEpxn" + + "NINtTPBogW22NPznoZ/rSk9JRFe0sCOVazkW9tZbY2ARqyJsYU1ez5tQIkDS47kQIDAQAB" + + "o1IwUDAOBgNVHQ8BAf8EBAMCBeAwFgYDVR0gBA8wDTALBglghkgBZQMBMAEwEQYDVR0OBA" + + "oECMWddsi+qmxKMBMGA1UdIwQMMAqACHYt39LYdEn0MA0GCSqGSIb3DQEBBQUAA4GBAAv8" + + "nrJaqEycAyIKdPBYTUqaxjkv4SmonDDJG9OqvD78/o9hUKKteoMkNUp8eexTkWk0L72L4N" + + "/eXB30+m65E841V+Dy8L4bXh15n4qz4cyMt8Kvm7nbCqcgpiyBJmBxzfaXDLSthlmhcJ4X" + + "zDFnav1LEw5fZklt7cnMl4YvLD8d"; + public readonly string[] TEST_67_DATA = new string[] + { + Intermediate_Certificate_RL_03_03_crt, + Intermediate_CRL_1_RL_03_03_crl, + Intermediate_CRL_2_RL_03_03_crl, + End_Certificate_RL_03_03_crt + }; + + /* + * test68 + * + */ + + public const string Intermediate_Certificate_1_RL_05_01_crt = + "MIICljCCAf+gAwIBAgICALUwDQYJKoZIhvcNAQEFBQAwXjELMAkGA1UEBhMCVVMxGDAWBg" + + "NVBAoTD1UuUy4gR292ZXJubWVudDEMMAoGA1UECxMDRG9EMRAwDgYDVQQLEwdUZXN0aW5n" + + "MRUwEwYDVQQDEwxUcnVzdCBBbmNob3IwHhcNOTgwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMT" + + "AwWjBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQL" + + "EwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNVBAMTDENBMS1STC4wNS4wMTCBnzANBg" + + "kqhkiG9w0BAQEFAAOBjQAwgYkCgYEA59vHTe5A9AcT237mW7HdSfh8Pu4P2wJNLT7RXczN" + + "7DD/P6mAkugSgPTXwwlE1oSB/hCxAtEPhwONYZFYlRClFJidHDdVApalB7UbosTghsUzAg" + + "Lqw7NL+w9i3Un2G7JM2oWwugozQn/1hzr2Cii2TIB6K0RWKoPBJvaWUURS/G8CAwEAAaNj" + + "MGEwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAQYwFgYDVR0gBA8wDTALBglghk" + + "gBZQMBMAEwEQYDVR0OBAoECP55Cc4eBca8MBMGA1UdIwQMMAqACKua6/nC51SPMA0GCSqG" + + "SIb3DQEBBQUAA4GBALX594y5uF4Rt7CoRHeKZ5h8QiG7mc+kQDMjaSU4KJwNVVL0mJatQG" + + "w90yFfhvprlgDt9UIAvpF6z5gysbrjHXJaEhVlXeg9D5mcxsL4THEc8f6oU1GjfT/SOD9l" + + "QrT/keX3D9lcFEaTOgi0HIZ7aFIJgoWjXF/9kNNMEAs8sJNI"; + public const string Intermediate_Certificate_2_RL_05_01_crt = + "MIICljCCAf+gAwIBAgICALYwDQYJKoZIhvcNAQEFBQAwXjELMAkGA1UEBhMCVVMxGDAWBg" + + "NVBAoTD1UuUy4gR292ZXJubWVudDEMMAoGA1UECxMDRG9kMRAwDgYDVQQLEwdUZXN0aW5n" + + "MRUwEwYDVQQDEwxDQTEtUkwuMDUuMDEwHhcNOTgwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMT" + + "AwWjBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQL" + + "EwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNVBAMTDENBMi1STC4wNS4wMTCBnzANBg" + + "kqhkiG9w0BAQEFAAOBjQAwgYkCgYEAtl4hX6HlF0M+lSBTG8jHiB06hOy87LL81yAE2JQt" + + "/6F+LZjuOBTCIc2yO2bVM3XzUnjyYDBYGnBFp/7XpRoiADuPJSfmkzmezpyJc+hm96UR1g" + + "Bpo+pPKbRTWuM+FYy+vPtaDk5wKOrmyNx440PwbzxTN3JeWz17xeYE98bXMc0CAwEAAaNj" + + "MGEwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAQYwFgYDVR0gBA8wDTALBglghk" + + "gBZQMBMAEwEQYDVR0OBAoECJOjtwEYV9VSMBMGA1UdIwQMMAqACP55Cc4eBca8MA0GCSqG" + + "SIb3DQEBBQUAA4GBAFbkOffoIjWSfxEuKszoK7Fj27Hf5jlV92xqXtBLURjNGi9jCLUIUd" + + "QLnONZLJYo70Z6XaGjpAK1EtZKVWsz11JDq5egE1zNES//9Tz8xDtJ7Lcq0mwneVFxmBuL" + + "gxkw4GKbBFKz10FoSP7VJWaeW080WwKnp96Me5GtZRe260N1"; + public const string Intermediate_CRL_1_RL_05_01_crl = + "MIIBhTCB7wIBATANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS" + + "5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNV" + + "BAMTDENBMS1STC4wNS4wMRcNOTkwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMTAwWjA4MDYCAg" + + "C2Fw05OTAxMDExMjAwMDBaMCEwCgYDVR0VBAMKAQEwEwYJYIZIAWUCAQwCAQH/BAMCAQCg" + + "IzAhMAoGA1UdFAQDAgEBMBMGA1UdIwQMMAqACP55Cc4eBca8MA0GCSqGSIb3DQEBBQUAA4" + + "GBAIdOaBfpAEKWLrSvepVjk3UTfEfsSP6y+kFMl33YXy18xUvVpLarGu6YjQIpXiL+ulkP" + + "eF8TAc9AarUjvDf0kcslIOt3NhdMxR4/F614Ds/rPEXs4c7n4kCkvAlFg/19iIFeCaynx3" + + "X0s/v1SwzgAUHi3P+OwAGDApDTyKbnmzvt"; + public const string Intermediate_CRL_2_RL_05_01_crl = + "MIIBSzCBtQIBATANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS" + + "5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNV" + + "BAMTDENBMi1STC4wNS4wMRcNOTkwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMTAwWqAjMCEwCg" + + "YDVR0UBAMCAQEwEwYDVR0jBAwwCoAIk6O3ARhX1VIwDQYJKoZIhvcNAQEFBQADgYEAfOOd" + + "JiLUCFSurAafQEBfxE9KVrgFC+W9m64cmERicO1QL9aDVIDGJAIY1pdvWVdhLBIKwSugwB" + + "ZH3ToptY+VizvFN1gkKGL2OuvDsXPHn1+QgmqvxYFPmvwDcwuxZ/3zD1VeHgEIKo9ugRnW" + + "F8G2Ph6SWUxJCjJQpB7WIbydowI="; + public const string End_Certificate_RL_05_01_crt = + "MIIChzCCAfCgAwIBAgICALcwDQYJKoZIhvcNAQEFBQAwXjELMAkGA1UEBhMCVVMxGDAWBg" + + "NVBAoTD1UuUy4gR292ZXJubWVudDEMMAoGA1UECxMDRG9kMRAwDgYDVQQLEwdUZXN0aW5n" + + "MRUwEwYDVQQDEwxDQTItUkwuMDUuMDEwHhcNOTgwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMT" + + "AwWjBgMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQL" + + "EwNEb0QxEDAOBgNVBAsTB1Rlc3RpbmcxFzAVBgNVBAMTDlVzZXIxLVJMLjA1LjAxMIGfMA" + + "0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC9NWkW/mia20c5gM3DpcTsBWTNC/d/Cob+OVrS" + + "lYytMjK4htO3MavavMZNTLAYFCXWhZ+Uo/uiAF0ddE4HaFI418eKJMSSbQyed0TG5Udw/t" + + "3dhYeLzLEmVc0r00q5v+CLINsCNQAKaPV71UvoHrE092zZjmtacuAetBS1Q2ufpwIDAQAB" + + "o1IwUDAOBgNVHQ8BAf8EBAMCBeAwFgYDVR0gBA8wDTALBglghkgBZQMBMAEwEQYDVR0OBA" + + "oECGNPOXdCLpZ3MBMGA1UdIwQMMAqACJOjtwEYV9VSMA0GCSqGSIb3DQEBBQUAA4GBALTo" + + "hfBEPdzZ6A9QNStakOhmhHYox70xOPuWqzSbIugZv4chKXNQGiUAoOGImTw1mcun/uPNtd" + + "0bT+O+a9yX5gzW55CSmR/teHkTkND1mJhOMuYOmaCaBHnqgIIe1iEhMZQgag70+/tSmmQm" + + "UpWGpxeK2c02tBK6gEmnqk75bKRT"; + public readonly string[] TEST_68_DATA = new string[] + { + Intermediate_Certificate_1_RL_05_01_crt, + Intermediate_Certificate_2_RL_05_01_crt, + Intermediate_CRL_1_RL_05_01_crl, + Intermediate_CRL_2_RL_05_01_crl, + End_Certificate_RL_05_01_crt + }; + + /* + * test69 + * + */ + public const string Intermediate_Certificate_RL_05_02_crt = + "MIICljCCAf+gAwIBAgICALgwDQYJKoZIhvcNAQEFBQAwXjELMAkGA1UEBhMCVVMxGDAWBg" + + "NVBAoTD1UuUy4gR292ZXJubWVudDEMMAoGA1UECxMDRG9EMRAwDgYDVQQLEwdUZXN0aW5n" + + "MRUwEwYDVQQDEwxUcnVzdCBBbmNob3IwHhcNOTgwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMT" + + "AwWjBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQL" + + "EwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNVBAMTDENBMS1STC4wNS4wMjCBnzANBg" + + "kqhkiG9w0BAQEFAAOBjQAwgYkCgYEAouNcO1wHvKHPR15L7Fohr/QbTkPWGr9QYp2MXEDy" + + "BRGHt63Ob+yNvsP/C74GJA+PzvcRELSnJxmBVbdRN5y/u4S6Zt4yTTcrvp4vl//luoGLOX" + + "NHhCXbrGavyoP/iKpbfP7fy948AN34i95HuZENoGPjG5stX0uk12P087S2tPcCAwEAAaNj" + + "MGEwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAQYwFgYDVR0gBA8wDTALBglghk" + + "gBZQMBMAEwEQYDVR0OBAoECFi86MGPmMsXMBMGA1UdIwQMMAqACKua6/nC51SPMA0GCSqG" + + "SIb3DQEBBQUAA4GBAFVZVMZEsaVuL0qX5Ls94+x8gBklxPfxgfG5LeBR2/YcqW+7BhsVA1" + + "GQhjBtwqCU9SOL16oTrqgw2+YeWBjaYuNYVlxfdifd0pQydpE1iDQWxmoKLzSDmtWgRYhz" + + "v0TB6j8q+0x5Q0OOrHX0jdIiBnHrLmReCK8dY1x6fb6I0tTH"; + public const string Intermediate_CRL_RL_05_02_crl = + "MIIBhTCB7wIBATANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS" + + "5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNV" + + "BAMTDENBMS1STC4wNS4wMhcNOTkwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMTAwWjA4MDYCAg" + + "C5Fw05OTAxMDExMjAwMDBaMCEwCgYDVR0VBAMKAQEwEwYJYIZIAWUCAQwCAQH/BAMCAQCg" + + "IzAhMAoGA1UdFAQDAgEBMBMGA1UdIwQMMAqACFi86MGPmMsXMA0GCSqGSIb3DQEBBQUAA4" + + "GBAFMN6PWjz2bA1RRySYNXde2rKiYkZYghbtT4ig2yDJBKOiPnjdx+jriFJxGYpt7BvcNx" + + "cDfijmDZ1clzprIvz0lFO6IwsQiWtLxOz4Doj6K2AD+7IxuGLceaXmubvi4e6VVC3xXGsu" + + "OYsNgFzsdUXIazi74+eOcj4dqrHAepbhXT"; + public const string End_Certificate_RL_05_02_crt = + "MIIChzCCAfCgAwIBAgICALkwDQYJKoZIhvcNAQEFBQAwXjELMAkGA1UEBhMCVVMxGDAWBg" + + "NVBAoTD1UuUy4gR292ZXJubWVudDEMMAoGA1UECxMDRG9kMRAwDgYDVQQLEwdUZXN0aW5n" + + "MRUwEwYDVQQDEwxDQTEtUkwuMDUuMDIwHhcNOTgwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMT" + + "AwWjBgMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQL" + + "EwNEb0QxEDAOBgNVBAsTB1Rlc3RpbmcxFzAVBgNVBAMTDlVzZXIxLVJMLjA1LjAyMIGfMA" + + "0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCuWE1aFx3Zjk6gM0Wy6ijcUegbiGvhjBgqIGwv" + + "YissT0v3KGAKoh5wGeKC+rePQNbZ91j4XDLvUNUdNw8HVNdNG/igIwsuaJ9teKSbqrAw9X" + + "aD2YjJz/I6X6WXFd/eQ+g9lY3eidOXJkglYSwWMxUV62RUZbGyqjR1so+XpmYxCQIDAQAB" + + "o1IwUDAOBgNVHQ8BAf8EBAMCBeAwFgYDVR0gBA8wDTALBglghkgBZQMBMAEwEQYDVR0OBA" + + "oECLLbuNyVkkK9MBMGA1UdIwQMMAqACFi86MGPmMsXMA0GCSqGSIb3DQEBBQUAA4GBACKt" + + "GgxIRXYHZGZgwYHjNzquM1pUJTbxxm3qYA4U6r44oAo1UzQTDpHOalflreGFvG05l1BCnQ" + + "olQ8rcXU25v/CDfyww7cl8l7IxjYz7PNht7R97vjfMVqqButbn+BmU6D5kR9YXDCDPzaQ5" + + "DrKNk+3tIjJNj6YhxhqC2tPG9RIN"; + public readonly string[] TEST_69_DATA = new string[] + { + Intermediate_Certificate_RL_05_02_crt, + Intermediate_CRL_RL_05_02_crl, + End_Certificate_RL_05_02_crt + }; + + /* + * test70 + * + */ + public const string Intermediate_Certificate_1_RL_06_01_crt = + "MIICljCCAf+gAwIBAgICALowDQYJKoZIhvcNAQEFBQAwXjELMAkGA1UEBhMCVVMxGDAWBg" + + "NVBAoTD1UuUy4gR292ZXJubWVudDEMMAoGA1UECxMDRG9EMRAwDgYDVQQLEwdUZXN0aW5n" + + "MRUwEwYDVQQDEwxUcnVzdCBBbmNob3IwHhcNOTgwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMT" + + "AwWjBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQL" + + "EwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNVBAMTDENBMS1STC4wNi4wMTCBnzANBg" + + "kqhkiG9w0BAQEFAAOBjQAwgYkCgYEAmhxr4ckU5C3E57odZjgcxl46ZF2QVy+K86YoLOGT" + + "mq34NSHTFxP93mrNqMYdFKFedUTNI68HkecFVvVKoXsDNBnhyyCTQ3xXhBcMUXFByB+55k" + + "W5LeQ8l1G2ugsyZ7Z+P8uylrpeGJt4RjOTilhcI2mnfZ7S+arFGe4KYgnsaFUCAwEAAaNj" + + "MGEwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAQYwFgYDVR0gBA8wDTALBglghk" + + "gBZQMBMAEwEQYDVR0OBAoECOS4X3XqhyJYMBMGA1UdIwQMMAqACKua6/nC51SPMA0GCSqG" + + "SIb3DQEBBQUAA4GBALCPtNwXGxVSUNGErkBHSYCHyqlA55jKQQvZ4P0PznWEQ/gBJx34hq" + + "LxiBO2G+iDomzHszeM77TXkQBpNxCUw26Jxv2HuvyBXuSprgjw5F1tvLqwsBAnD5vsb0uD" + + "NrkKIzJSIBFQ1SRhuCObaXnamfPJHBmkP25t4QqEvoXMtVHB"; + public const string Intermediate_Certificate_2_RL_06_01_crt = + "MIICljCCAf+gAwIBAgICALswDQYJKoZIhvcNAQEFBQAwXjELMAkGA1UEBhMCVVMxGDAWBg" + + "NVBAoTD1UuUy4gR292ZXJubWVudDEMMAoGA1UECxMDRG9kMRAwDgYDVQQLEwdUZXN0aW5n" + + "MRUwEwYDVQQDEwxDQTEtUkwuMDYuMDEwHhcNOTgwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMT" + + "AwWjBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQL" + + "EwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNVBAMTDENBMi1STC4wNi4wMTCBnzANBg" + + "kqhkiG9w0BAQEFAAOBjQAwgYkCgYEA2IKrW6HDZJVFw3e4cC7v/jPGXAexI4B88707NhAc" + + "qxSVfGTPJBdfWo5pkptZKN5/L5n6+rixLItHnei/uwBCHvhwzeEIGo1yVCgz6R2MoNB966" + + "Q5CHWfT43BUjp0rZLJkK4hVKNyXB78NVv2Fly+XWBDEnzQvgVPWbGOvzE3zh0CAwEAAaNj" + + "MGEwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAQYwFgYDVR0gBA8wDTALBglghk" + + "gBZQMBMAEwEQYDVR0OBAoECK/1z9Xbu2jGMBMGA1UdIwQMMAqACOS4X3XqhyJYMA0GCSqG" + + "SIb3DQEBBQUAA4GBAAa/MVC+8ozm9py40a4o/kHbkkmFNQr4s9yi3KXXuVxsNvquFMXm4a" + + "gC8GPoNjvV+RPRmU8wOM6I2/PPl2JEQRb7NDM8LkY/m/Au4GHVeln6FKlldiRm0A+YIr19" + + "ip2RHOldikAjUUYv7JT3SP34sjtq2e8bsXfWEPG5BA/wxtm7"; + public const string Intermediate_CRL_1_RL_06_01_crl = + "MIIBhTCB7wIBATANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS" + + "5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNV" + + "BAMTDENBMS1STC4wNi4wMRcNOTkwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMTAwWjAjMCECAg" + + "C7Fw05OTAxMDExMjAwMDBaMAwwCgYDVR0VBAMKAQGgODA2MAoGA1UdFAQDAgEBMBMGCWCG" + + "SAFlAgEMAgEB/wQDAgEAMBMGA1UdIwQMMAqACOS4X3XqhyJYMA0GCSqGSIb3DQEBBQUAA4" + + "GBAJSexboWDaqLVY6iiWt8ZX5GwuNwDBN1R2TgM95H7JqjMgoWML887dKk24p4eKACFMWI" + + "Ji9nwsqdZ/h1FtPhYpSoJ8l8vo4imMKr+tTnMngDNpMMZPQyRY1AK1jSrLhEtUdjiEtrTY" + + "rG56RNt4YyUtNxxfkEymvwJxmO/4YcAz/l"; + public const string Intermediate_CRL_2_RL_06_01_crl = + "MIIBSzCBtQIBATANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS" + + "5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNV" + + "BAMTDENBMi1STC4wNi4wMRcNOTkwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMTAwWqAjMCEwCg" + + "YDVR0UBAMCAQEwEwYDVR0jBAwwCoAIr/XP1du7aMYwDQYJKoZIhvcNAQEFBQADgYEAImRg" + + "n9A7px9exOJL4Se9jsSHzZ3sAd3y16LdAb+HLtYLl1swNB4KPE+OebtzEoYiSzVVwezdlm" + + "5WseZjfbd0q01srZI4FeACZe99iBSpKymdKxw2gRvfYZ8ZMwFpK2mQq9cmygFn53iOwP7j" + + "3KE+lllielu7sYyEnkliF9wsaG0="; + public const string End_Certificate_RL_06_01_crt = + "MIIChzCCAfCgAwIBAgICALwwDQYJKoZIhvcNAQEFBQAwXjELMAkGA1UEBhMCVVMxGDAWBg" + + "NVBAoTD1UuUy4gR292ZXJubWVudDEMMAoGA1UECxMDRG9kMRAwDgYDVQQLEwdUZXN0aW5n" + + "MRUwEwYDVQQDEwxDQTItUkwuMDYuMDEwHhcNOTgwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMT" + + "AwWjBgMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQL" + + "EwNEb0QxEDAOBgNVBAsTB1Rlc3RpbmcxFzAVBgNVBAMTDlVzZXIxLVJMLjA2LjAxMIGfMA" + + "0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDZVBNzD7LZW6mC2GSbVPjpcJ7sWISYsL2eHqXb" + + "/PuxtbOneOjYqx0GeL9pxDGSSNl2NrlG0G1HTU2MaEOVA6h96W9e5ADV/pzGPMr97z+3BV" + + "unxLX+ciM3T7rUQm/LueQTEC2Ww19T6QOg2i8rEadYT0OoW6OcvyuomemspxgClQIDAQAB" + + "o1IwUDAOBgNVHQ8BAf8EBAMCBeAwFgYDVR0gBA8wDTALBglghkgBZQMBMAEwEQYDVR0OBA" + + "oECK5pHDrhL7xjMBMGA1UdIwQMMAqACK/1z9Xbu2jGMA0GCSqGSIb3DQEBBQUAA4GBAF3J" + + "Kskjs4jp+BBoei9YWYtmOupn9w3oGyhknNh2jz7api5Gtgk2SyKfYFvN6EhWZJEab0hPFe" + + "WuYwO7zNCLGHw0cFXT/R48ogd6JkH6xDwj4afZDkWVTu8oaVD4h1rTYS6WPRzizAozOzhi" + + "tmIo+MV/lCG8+jdVtFgeKycI8aX7"; + public readonly string[] TEST_70_DATA = new string[] + { + Intermediate_Certificate_1_RL_06_01_crt, + Intermediate_Certificate_2_RL_06_01_crt, + Intermediate_CRL_1_RL_06_01_crl, + Intermediate_CRL_2_RL_06_01_crl, + End_Certificate_RL_06_01_crt + }; + + /* + * test71 + * + */ + public const string Intermediate_Certificate_RL_06_02_crt = + "MIICljCCAf+gAwIBAgICAL0wDQYJKoZIhvcNAQEFBQAwXjELMAkGA1UEBhMCVVMxGDAWBg" + + "NVBAoTD1UuUy4gR292ZXJubWVudDEMMAoGA1UECxMDRG9EMRAwDgYDVQQLEwdUZXN0aW5n" + + "MRUwEwYDVQQDEwxUcnVzdCBBbmNob3IwHhcNOTgwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMT" + + "AwWjBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQL" + + "EwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNVBAMTDENBMS1STC4wNi4wMjCBnzANBg" + + "kqhkiG9w0BAQEFAAOBjQAwgYkCgYEAxMlJ0vbkMRGzuEDTDGuPmwDzU1xn3dFDZ1Tx6ONP" + + "fwNN5gk6r9kYl5TZ8f5TbkQSnOzyhDSqX8dGumCSgukETXtYBU2+KiIAtliu5NJRbXe3La" + + "vn102HxaHDLGsR0FFLiFM9GVhOOXryJoXoGZqUwvqbWyaQQEzrV4RWmuOv7xMCAwEAAaNj" + + "MGEwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAQYwFgYDVR0gBA8wDTALBglghk" + + "gBZQMBMAEwEQYDVR0OBAoECFNaMo88Vb5MMBMGA1UdIwQMMAqACKua6/nC51SPMA0GCSqG" + + "SIb3DQEBBQUAA4GBAJsjJG4/U1OWCJPB1u7UD3TPKRgOR9hT5l3LzFw5s0CEGt2Beg25LP" + + "GEGcr0sEdosVQI5m5CuPolpmlQv0FkZv5M1W+uXX+F/6edtMDEquDpdR97ihQSLZjFFqjE" + + "ytuaD4gqtL/BKBbz3e93mOmR9Wi+kWlXOYl0j8wpU9ePSjDV"; + public const string Intermediate_CRL_RL_06_02_crl = + "MIIBhTCB7wIBATANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS" + + "5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNV" + + "BAMTDENBMS1STC4wNi4wMhcNOTkwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMTAwWjAjMCECAg" + + "C+Fw05OTAxMDExMjAwMDBaMAwwCgYDVR0VBAMKAQGgODA2MAoGA1UdFAQDAgEBMBMGCWCG" + + "SAFlAgEMAgEB/wQDAgEAMBMGA1UdIwQMMAqACFNaMo88Vb5MMA0GCSqGSIb3DQEBBQUAA4" + + "GBAAKNj5xmtE7wzO1p5igiAmCDV6KuYsiPAQPHPEBlmo85vzvWv2hpEtmk4nDhehogl0QX" + + "rhvRRqR+cPE5vBLB8mAStW+ZR6FXQPnmU5qGHqCQ4Wh6TWZesd7oyftoS7bJD5Xdf5ErA9" + + "qijWoz8FgxZHVnAFmjA0rUINkdQ5JfE5oj"; + public const string End_Certificate_RL_06_02_crt = + "MIIChzCCAfCgAwIBAgICAL4wDQYJKoZIhvcNAQEFBQAwXjELMAkGA1UEBhMCVVMxGDAWBg" + + "NVBAoTD1UuUy4gR292ZXJubWVudDEMMAoGA1UECxMDRG9kMRAwDgYDVQQLEwdUZXN0aW5n" + + "MRUwEwYDVQQDEwxDQTEtUkwuMDYuMDIwHhcNOTgwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMT" + + "AwWjBgMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQL" + + "EwNEb0QxEDAOBgNVBAsTB1Rlc3RpbmcxFzAVBgNVBAMTDlVzZXIxLVJMLjA2LjAyMIGfMA" + + "0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQD3UzwrnwKRlP00Pn49iI35S0wLn7c1I3rsmzdm" + + "YFicetxHNeOKXLg1CN1bqkbAJ+N39fKjrkusqb2T+R3zhAV5LeLT4fzbHYdU7f4r6xgW2/" + + "b2WLv+QVR+ldTsVxgPp/ZUgYi4/vAow4Q/6IT+zWtlawMBob/nLjVl+jQ9N4coFwIDAQAB" + + "o1IwUDAOBgNVHQ8BAf8EBAMCBeAwFgYDVR0gBA8wDTALBglghkgBZQMBMAEwEQYDVR0OBA" + + "oECPhq75noL+9WMBMGA1UdIwQMMAqACFNaMo88Vb5MMA0GCSqGSIb3DQEBBQUAA4GBAIU2" + + "5bLX/NyDC8dKUxRwVn8oc3YPQjK0zXGdUr15Ib+cLdRyFVCuAyxVdpTf/csuga6tDhGuTL" + + "B18mTE/fAjhUOiKiOLD6m4P77Nj67l2NTi86RimsI/Z6r5+bU31ahrls/7kr788+f4oEIY" + + "TyOJecojsJUOG3qzK9J50iszclxg"; + public readonly string[] TEST_71_DATA = new string[] + { + Intermediate_Certificate_RL_06_02_crt, + Intermediate_CRL_RL_06_02_crl, + End_Certificate_RL_06_02_crt + }; + + /* + * test72 + * + */ + public const string Intermediate_Certificate_RL_07_01_crt = + "MIICljCCAf+gAwIBAgICAL8wDQYJKoZIhvcNAQEFBQAwXjELMAkGA1UEBhMCVVMxGDAWBg" + + "NVBAoTD1UuUy4gR292ZXJubWVudDEMMAoGA1UECxMDRG9EMRAwDgYDVQQLEwdUZXN0aW5n" + + "MRUwEwYDVQQDEwxUcnVzdCBBbmNob3IwHhcNOTgwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMT" + + "AwWjBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQL" + + "EwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNVBAMTDENBMS1STC4wNy4wMTCBnzANBg" + + "kqhkiG9w0BAQEFAAOBjQAwgYkCgYEAxjHxSRwJjEkLG9Al5uSQ22QI8N/hJ8hhkhh9qlaJ" + + "mHusM8sWpAp2vnuumlThTA2zZbptXZ8Krb7i/Kpym4wo3ZkEThwi/ijsM5QCunQJmESRGD" + + "yPZJjfhWjoC+lCjbmzsOGLMETpgSEMy+EyoXkRCnKmXcmCMS8HjLrqdnwiWBUCAwEAAaNj" + + "MGEwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAQYwFgYDVR0gBA8wDTALBglghk" + + "gBZQMBMAEwEQYDVR0OBAoECHPEkeIs8GuwMBMGA1UdIwQMMAqACKua6/nC51SPMA0GCSqG" + + "SIb3DQEBBQUAA4GBABCmgEnb8dfnG9lWQKT5BmQm459WqRQAiqdfqf9w0qRMuVrdfLMwqx" + + "oq4uh10A3d+auHohgT2fT9RzNaWnRoNaH9K6qLQsdCUZdqjbEGdyiIFzvWP9MkV9nhDlo2" + + "GgiU68HfnpKO/WA9EaRHyEzwT9o4SA7hAbz+3L12hB2WLSOg"; + public const string Intermediate_CRL_RL_07_01_crl = + "MIIBSzCBtQIBATANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS" + + "5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNV" + + "BAMTDENBMS1STC4wNy4wMRcNOTgwMTAxMDYwMTAwWhcNOTgwMTAxMTIwMTAwWqAjMCEwCg" + + "YDVR0UBAMCAQEwEwYDVR0jBAwwCoAIc8SR4izwa7AwDQYJKoZIhvcNAQEFBQADgYEAOyZr" + + "f1tRnuzoq7dgQo+eOYhb5JyRyrNaSwNnRy82wOP+/G3NH8V3NGonDFOOcd9SoLTbeW4o71" + + "vdOrKZgom5H2MZK5M4wTdfPAfXB1wBxOMzW5jXzsRtaha4l6EPI+GVL0eXN+aW3k/pscdA" + + "ToI+OxTmRRnCYS6yW3qL9RoTIXQ="; + public const string End_Certificate_RL_07_01_crt = + "MIIChzCCAfCgAwIBAgICAMAwDQYJKoZIhvcNAQEFBQAwXjELMAkGA1UEBhMCVVMxGDAWBg" + + "NVBAoTD1UuUy4gR292ZXJubWVudDEMMAoGA1UECxMDRG9kMRAwDgYDVQQLEwdUZXN0aW5n" + + "MRUwEwYDVQQDEwxDQTEtUkwuMDcuMDEwHhcNOTgwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMT" + + "AwWjBgMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQL" + + "EwNEb0QxEDAOBgNVBAsTB1Rlc3RpbmcxFzAVBgNVBAMTDlVzZXIxLVJMLjA3LjAxMIGfMA" + + "0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCrm/Zem9Tt2UJFUKdAhTNwvhLo03uOax74ZgbV" + + "YNTCpKeEWkV5d5d7DRC4mCTX1yjIlg6K4l7T+sRGI4XAcDRgYLuoyG1X958XCXSdIPTdbK" + + "Hxs/tFv4mrCwi1kU+zjyzDoqgjT6kUxgM39rfcvDMH6qSzHQKgTFp7Tj/DHiELqwIDAQAB" + + "o1IwUDAOBgNVHQ8BAf8EBAMCBeAwFgYDVR0gBA8wDTALBglghkgBZQMBMAEwEQYDVR0OBA" + + "oECGFR8c6rRbhcMBMGA1UdIwQMMAqACHPEkeIs8GuwMA0GCSqGSIb3DQEBBQUAA4GBAANZ" + + "TVR288mKpDDzm9XZMZ9+K1kPZ+eQYX+vUul11luVw27AIJGR8Fb4PIGl4+ALvqU3NQP/6v" + + "d+zvS7IfiR6q7aLS3w111BUCgDhTJAp3oSo12qfcp+2DB1M9QfjrM9nKgmh5bBJigdJwJM" + + "W8HHKStUMLdxg+qkZJgZpnyowCFM"; + public readonly string[] TEST_72_DATA = new string[] + { + Intermediate_Certificate_RL_07_01_crt, + Intermediate_CRL_RL_07_01_crl, + End_Certificate_RL_07_01_crt + }; + + /* + * test73 + * + */ + public const string Intermediate_Certificate_RL_07_02_crt = + "MIICljCCAf+gAwIBAgICAMEwDQYJKoZIhvcNAQEFBQAwXjELMAkGA1UEBhMCVVMxGDAWBg" + + "NVBAoTD1UuUy4gR292ZXJubWVudDEMMAoGA1UECxMDRG9EMRAwDgYDVQQLEwdUZXN0aW5n" + + "MRUwEwYDVQQDEwxUcnVzdCBBbmNob3IwHhcNNTAwMTAxMDYwMDMwWhcNNDgwMTAxMTIwMT" + + "AwWjBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQL" + + "EwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNVBAMTDENBMS1STC4wNy4wMjCBnzANBg" + + "kqhkiG9w0BAQEFAAOBjQAwgYkCgYEA0CvEneaAPtxZOTqlh/TXBM6V0bQgKbO58yEyURcO" + + "Zi7jzYsmNtN9Tsr0wAlD41/ZONsW4MMzZ13UCc0aGa+eE8XRULBe5cgaGxJKwVnEqz3W8z" + + "v1MjOk7Anb8TkxMSlWlptC6V3eRA85p5Id9gXbIrP3E3NuSfyx6246oLjNnbECAwEAAaNj" + + "MGEwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAQYwFgYDVR0gBA8wDTALBglghk" + + "gBZQMBMAEwEQYDVR0OBAoECIb5Ia6wKcHtMBMGA1UdIwQMMAqACKua6/nC51SPMA0GCSqG" + + "SIb3DQEBBQUAA4GBAAYEHQY+Z4qv4bYLmd+sz4aNGwZF7FT6ZIQ43OSeb+t+ibL7rZ0X0y" + + "4SCTMs1mAB44IA6RFurmeCFk0ladRCn3A1xaVI1HlHen13ovzDA9ogL4CWbYXvCUv/znQY" + + "yVSQCTKwT8iVam8xS1MsNCe408iVjhRfR6u9Hi31M+Pf+AUe"; + public const string Intermediate_CRL_RL_07_02_crl = + "MIIBSzCBtQIBATANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS" + + "5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNV" + + "BAMTDENBMS1STC4wNy4wMhcNNTAwMTAxMDYwMTAwWhcNNTAwMTAxMTIwMTAwWqAjMCEwCg" + + "YDVR0UBAMCAQEwEwYDVR0jBAwwCoAIhvkhrrApwe0wDQYJKoZIhvcNAQEFBQADgYEALVUq" + + "3Wq/Opvp9ifmQ4VXz4dgLNR+5Nz3muJ4RZt5R5b4R3RYllhgXNYw2EbEVCFjnfm97z73Ke" + + "wzVV+fo/u5GbqJHN2cAVEHarOpasLxySktNA1Cwq5OTzUF0dYISqYbyBvVcaOQBvU/Lwj7" + + "MQJJVVq96iDKnAJYBX03EHKbBeg="; + public const string End_Certificate_RL_07_02_crt = + "MIIChzCCAfCgAwIBAgICAMIwDQYJKoZIhvcNAQEFBQAwXjELMAkGA1UEBhMCVVMxGDAWBg" + + "NVBAoTD1UuUy4gR292ZXJubWVudDEMMAoGA1UECxMDRG9kMRAwDgYDVQQLEwdUZXN0aW5n" + + "MRUwEwYDVQQDEwxDQTEtUkwuMDcuMDIwHhcNOTgwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMT" + + "AwWjBgMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQL" + + "EwNEb0QxEDAOBgNVBAsTB1Rlc3RpbmcxFzAVBgNVBAMTDlVzZXIxLVJMLjA3LjAyMIGfMA" + + "0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQD6YgsbjW9IL7/SBORKssFUZBUxmluOpxJK/7d7" + + "JA2pxbg7L96xHFPWN36CYDJzTscNpbGrD3G2MPkg4GqoTo0rU28NYVzj4SwqYoSLIbXB+r" + + "SVgWcxNgbJ+4x9bK3YccNLR1PWEFxz1NckhCLBmb5pI4E34MCxQ6PvFO02I19FwQIDAQAB" + + "o1IwUDAOBgNVHQ8BAf8EBAMCBeAwFgYDVR0gBA8wDTALBglghkgBZQMBMAEwEQYDVR0OBA" + + "oECIutV9ItCIbZMBMGA1UdIwQMMAqACIb5Ia6wKcHtMA0GCSqGSIb3DQEBBQUAA4GBALQE" + + "cBr31h3jKUHcuf3yztr9NWUkGMDM0NCXHOpQl7JbV3P5BjvaiRYWlUrN7+92G8EaUFORto" + + "zp8GG+d/MvFooVQOvpOzyhautYWyqq3AWpZLppnxNk1mRAdjUAvJaONtv37eLsma0bhtLM" + + "j62sQQ6CdoKbMtIEGuJgpwWqHYwY"; + public readonly string[] TEST_73_DATA = new string[] + { + Intermediate_Certificate_RL_07_02_crt, + Intermediate_CRL_RL_07_02_crl, + End_Certificate_RL_07_02_crt + }; + + /* + * test74 + * + */ + public const string Intermediate_Certificate_RL_07_03_crt = + "MIICljCCAf+gAwIBAgICAMMwDQYJKoZIhvcNAQEFBQAwXjELMAkGA1UEBhMCVVMxGDAWBg" + + "NVBAoTD1UuUy4gR292ZXJubWVudDEMMAoGA1UECxMDRG9EMRAwDgYDVQQLEwdUZXN0aW5n" + + "MRUwEwYDVQQDEwxUcnVzdCBBbmNob3IwHhcNOTgwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMT" + + "AwWjBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQL" + + "EwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNVBAMTDENBMS1STC4wNy4wMzCBnzANBg" + + "kqhkiG9w0BAQEFAAOBjQAwgYkCgYEA8QzGjV0NVTNrOgkeqTkQFCOvl7M0qmjmYJjuw4R3" + + "YfQIXDN0m9HR2JKp5WKTSUedmWviGS7NbGSzLR7+6OkLwSoxN9PkA/fMko7O0KWBfduhvn" + + "jymlDMb2GPb1hBjScbq8fVJHwzqUm+BtEO2MXwXKYY2hZr+OEyEGhSEThp90MCAwEAAaNj" + + "MGEwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAQYwFgYDVR0gBA8wDTALBglghk" + + "gBZQMBMAEwEQYDVR0OBAoECFwl2XphEZRSMBMGA1UdIwQMMAqACKua6/nC51SPMA0GCSqG" + + "SIb3DQEBBQUAA4GBAAb5GERgYVGuOb62gVZAAnhuk5K7CCkWZucOv6iI7pAgI6S7pvool/" + + "dXHC0tzgQ+/MkuWcr+22k/ya7f+iSfiYokjnQkgoYFYk3PkjyOXA3mzs5qhF0nOP6Gvmz4" + + "asONA+qZSqa4pjxF9Kn8L64f9yeyEXnckmbzdmbjAFCveQIP"; + public const string Intermediate_CRL_RL_07_03_crl = + "MIIBTTCBtwIBATANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS" + + "5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNV" + + "BAMTDENBMS1STC4wNy4wMxcNOTkwMTAxMDYwMTAwWhgPMjA1MDAxMDExMjAxMDBaoCMwIT" + + "AKBgNVHRQEAwIBATATBgNVHSMEDDAKgAhcJdl6YRGUUjANBgkqhkiG9w0BAQUFAAOBgQAz" + + "DMl8P16hylNkUEw4z9//PJFObNPZCYdmzBfp0K3tNRrOAouUVegyX0gDHi8O+bmmJNgcnC" + + "tMRXx+D4qP7bx5fDS2MVQhSsncf6u4UZ8pxbRc0JmwR5oGZLPQabrctgmEmg8ZKGApKtsf" + + "pGyvvTwaAzM+GaWXD68bBEN3VfVdeQ=="; + public const string End_Certificate_RL_07_03_crt = + "MIIChzCCAfCgAwIBAgICAMQwDQYJKoZIhvcNAQEFBQAwXjELMAkGA1UEBhMCVVMxGDAWBg" + + "NVBAoTD1UuUy4gR292ZXJubWVudDEMMAoGA1UECxMDRG9kMRAwDgYDVQQLEwdUZXN0aW5n" + + "MRUwEwYDVQQDEwxDQTEtUkwuMDcuMDMwHhcNOTgwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMT" + + "AwWjBgMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQL" + + "EwNEb0QxEDAOBgNVBAsTB1Rlc3RpbmcxFzAVBgNVBAMTDlVzZXIxLVJMLjA3LjAzMIGfMA" + + "0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDU6mec24uBaVip7fFWHas+o/lpZBOfj/IPHXQ9" + + "QaRZwmJZBB81AX3BJ60DD12o/+RXdHl7B2Eh9kYv/QEXOKmyhJFSPa0Lv7MQ/hCIcL4m1U" + + "FDGtJ3SUixZMqVBP0xjwXoNS88zzaCBL+co2TxhBrYMzeNQOX1eEkXMT4pvULmAwIDAQAB" + + "o1IwUDAOBgNVHQ8BAf8EBAMCBeAwFgYDVR0gBA8wDTALBglghkgBZQMBMAEwEQYDVR0OBA" + + "oECBBgFdYLuvk9MBMGA1UdIwQMMAqACFwl2XphEZRSMA0GCSqGSIb3DQEBBQUAA4GBAAof" + + "dPOGa4ZxRPcLw6zWM/NLzF3XYDqXAsZBsC75r0GRrogqEYn07tVUDNaQczDtjRLBRNmxWE" + + "+qCkJwc+wOBJqOFUxcuhK9oag6OE94+UIHdh3Td9i2ELZXj9RSNchnjyFohj5gk1dJSO41" + + "86Ls3mCT9JcssR0dSxxkF0ENfZCG"; + public readonly string[] TEST_74_DATA = new string[] + { + Intermediate_Certificate_RL_07_03_crt, + Intermediate_CRL_RL_07_03_crl, + End_Certificate_RL_07_03_crt + }; + + /* + * test75 + * + */ + public const string Intermediate_Certificate_RL_08_01_crt = + "MIICljCCAf+gAwIBAgICAMUwDQYJKoZIhvcNAQEFBQAwXjELMAkGA1UEBhMCVVMxGDAWBg" + + "NVBAoTD1UuUy4gR292ZXJubWVudDEMMAoGA1UECxMDRG9EMRAwDgYDVQQLEwdUZXN0aW5n" + + "MRUwEwYDVQQDEwxUcnVzdCBBbmNob3IwHhcNOTgwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMT" + + "AwWjBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQL" + + "EwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNVBAMTDENBMS1STC4wOC4wMTCBnzANBg" + + "kqhkiG9w0BAQEFAAOBjQAwgYkCgYEAs2YRTEl3C1TmmneJ6K110nSACn+KXxSOTGAGN5xv" + + "XW751StpE2iEQIbRVPQdMzmcQX0bcg/WpdrewPQld9NRjFj7it+9YNQh7vMKhZwoAPoDmv" + + "TnTdTEuV0c1FLVDVhiaAD9KMBa4fBLRfTKVzgzAr+oNqLhm3YBd2JWRHg+fA8CAwEAAaNj" + + "MGEwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAQYwFgYDVR0gBA8wDTALBglghk" + + "gBZQMBMAEwEQYDVR0OBAoECB4we8+hIrkKMBMGA1UdIwQMMAqACKua6/nC51SPMA0GCSqG" + + "SIb3DQEBBQUAA4GBABTQI82uCMwQ4bgUWr9lawSI5DyWg3KY13F45rAlmKyckgne9SHbCH" + + "+Lvm3XkkIqKmeHfJ3QTf7bpz6eErn3CxRrGm5JWblcYbVT+smjboJ9A0BXifqINYLy3qGc" + + "AnNRkPq8OUREj2sU1qWKagUIgA/Vk2WyZhcUiApJPHI4fwv9"; + public const string Intermediate_CRL_RL_08_01_crl = + "MIIBWjCBxAIBATANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS" + + "5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNV" + + "BAMTDENBMS1STC4wOC4wMRcNOTkwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMTAwWqAyMDAwCg" + + "YDVR0UBAMCAQEwDQYDVR0bAQH/BAMCAQEwEwYDVR0jBAwwCoAIHjB7z6EiuQowDQYJKoZI" + + "hvcNAQEFBQADgYEAkjF0oERt5XW2i70gyspkEYIHyGCHnqngky5yuwQSRrlW7t0vGdKV7W" + + "50evTeSVV41uhi1MBcccpx1MdRcB5vsatFSSKcKx4NF3PuHXxXCm2HkfXQy4K5zftE3jOZ" + + "5s+yTHiw3s/QSErtHRca+TQcEZwamI+p402TEa6e82l6xHI="; + public const string End_Certificate_RL_08_01_crt = + "MIIChzCCAfCgAwIBAgICAMYwDQYJKoZIhvcNAQEFBQAwXjELMAkGA1UEBhMCVVMxGDAWBg" + + "NVBAoTD1UuUy4gR292ZXJubWVudDEMMAoGA1UECxMDRG9kMRAwDgYDVQQLEwdUZXN0aW5n" + + "MRUwEwYDVQQDEwxDQTEtUkwuMDguMDEwHhcNOTgwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMT" + + "AwWjBgMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQL" + + "EwNEb0QxEDAOBgNVBAsTB1Rlc3RpbmcxFzAVBgNVBAMTDlVzZXIxLVJMLjA4LjAxMIGfMA" + + "0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDfEMqWMqk3Rre5m4ILtQIz45JImvU379Al/S6t" + + "2y/TzimJc4nhIKQp80VaZA/gwu/DcvMgJPM+FFz5U5rRkDaYASsc34tZUESF5LC6ZbtGqf" + + "J96IKdajvkGLsHyI7dseuwaQ0FlOwcmKMSR898MGNNbKxaQNLEXsIFypRDsN6JhwIDAQAB" + + "o1IwUDAOBgNVHQ8BAf8EBAMCBeAwFgYDVR0gBA8wDTALBglghkgBZQMBMAEwEQYDVR0OBA" + + "oECMT22ARjB1ABMBMGA1UdIwQMMAqACB4we8+hIrkKMA0GCSqGSIb3DQEBBQUAA4GBAIaP" + + "EqI7oHl/+h3MszG4VB1Va9NTN0kaysTyjQSVBi9jhOlPkzuXc2wI1bymBhatHEn6OrgP13" + + "vsOiH2BiyudYcYjKpwI4FUiyKLIc0CXzM0VYFoMzb91QtsK1EnvAPDKNYVVFXrL7ABVIK4" + + "hU6HfMMUbnpKWBxT5274iHScX8tL"; + public readonly string[] TEST_75_DATA = new string[] + { + Intermediate_Certificate_RL_08_01_crt, + Intermediate_CRL_RL_08_01_crl, + End_Certificate_RL_08_01_crt + }; + + /* + * test76 + * + */ + public const string Intermediate_Certificate_RL_09_01_crt = + "MIICljCCAf+gAwIBAgICAMcwDQYJKoZIhvcNAQEFBQAwXjELMAkGA1UEBhMCVVMxGDAWBg" + + "NVBAoTD1UuUy4gR292ZXJubWVudDEMMAoGA1UECxMDRG9EMRAwDgYDVQQLEwdUZXN0aW5n" + + "MRUwEwYDVQQDEwxUcnVzdCBBbmNob3IwHhcNOTgwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMT" + + "AwWjBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQL" + + "EwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNVBAMTDENBMS1STC4wOS4wMTCBnzANBg" + + "kqhkiG9w0BAQEFAAOBjQAwgYkCgYEAsvkvLv5fMFYvohaXO8a7GgU4rDHe9iL7LP1VeNUg" + + "GIdJGqPEnuggQ/guhrBHafGh1NtmlEbmPJ4WQ99dBbPHHeO8sfCgkmWC0SqPODoI+t3qJE" + + "kf2z9dWoAij15RXPliywZz+S6bTtcEQAREyBQ6M8/HJ83wRXp/uCpdPOSxVPkCAwEAAaNj" + + "MGEwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAQYwFgYDVR0gBA8wDTALBglghk" + + "gBZQMBMAEwEQYDVR0OBAoECISY4bvGMEBTMBMGA1UdIwQMMAqACKua6/nC51SPMA0GCSqG" + + "SIb3DQEBBQUAA4GBAAd7g+dWso4V/Vr+QIoNLueCBAYWdOF+Yz3VeomcsDAs2V8E+xcZaq" + + "jo2LrMygYCeMxVfXx/ZdhLPOaZ+ahNAbk+nWRwj35JdTNAAbMMWFdZUgR6N+uzx1v7i86p" + + "AWUpRJ9IYPgUoQ5pmjdf3Ru1nrLfRt4yp+kNHWp6IL/+MwcM"; + public const string Intermediate_CRL_RL_09_01_crl = + "MIIBXDCBxgIBATANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS" + + "5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNV" + + "BAMTDENBMS1STC4wOS4wMRcNOTkwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMTAwWqA0MDIwCg" + + "YDVR0UBAMCAQEwDwYDVR0cAQH/BAUwA4IB/zATBgNVHSMEDDAKgAiEmOG7xjBAUzANBgkq" + + "hkiG9w0BAQUFAAOBgQAKTXYgqlP+upFIwOSpdaVKDT8aqFzY9nSIsxHg5Wdl43U7p44LvQ" + + "lW8XKhw74oQl1ExU5s7mDaEqB0JIozGzmoNyKsErgWKNW+lpKSxR5+1EHOB6Oo2KijpTsv" + + "GFrHFCnF09f9JaTaMRIXOljx3rMO1UZsftKy/L9z3aUz8hQRnQ=="; + public const string End_Certificate_RL_09_01_crt = + "MIIChzCCAfCgAwIBAgICAMgwDQYJKoZIhvcNAQEFBQAwXjELMAkGA1UEBhMCVVMxGDAWBg" + + "NVBAoTD1UuUy4gR292ZXJubWVudDEMMAoGA1UECxMDRG9kMRAwDgYDVQQLEwdUZXN0aW5n" + + "MRUwEwYDVQQDEwxDQTEtUkwuMDkuMDEwHhcNOTgwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMT" + + "AwWjBgMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQL" + + "EwNEb0QxEDAOBgNVBAsTB1Rlc3RpbmcxFzAVBgNVBAMTDlVzZXIxLVJMLjA5LjAxMIGfMA" + + "0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDpz09VCXzAhH4/ifMk0RAzaBqJCXaHHqAdO/TW" + + "6uvOVtl+fGvWXhXmSSCUfzg5xBqdUXrqcyxOME3vdgF1uOFZ4q2K6+Zuxmm+GCOCIpe+Gl" + + "Jzqz4WKXG0iaXXQOYa56itNc/6Z6D/aAjNJavI19w0lmb9l6U2WBfn3LywxHp4dwIDAQAB" + + "o1IwUDAOBgNVHQ8BAf8EBAMCBeAwFgYDVR0gBA8wDTALBglghkgBZQMBMAEwEQYDVR0OBA" + + "oECOri1JgnJfLjMBMGA1UdIwQMMAqACISY4bvGMEBTMA0GCSqGSIb3DQEBBQUAA4GBADmV" + + "Ee0xy25Z0HtmWwprKPjJDr/p7TgzbmNC58pUPkgtxnJFP4yrzNB9FQBWSfnjZpzQkLSU7i" + + "7O6cf5HkqjQqoPErDnJLWgGzjbF80v2IIyZk7rEpAAM4MwjIk7hFvJK8QkTht9F4N1zj2X" + + "0TQkmlbo9Z4SFj/3fsbl9h2GdKuU"; + + public readonly string[] TEST_76_DATA = new string[] + { + Intermediate_Certificate_RL_09_01_crt, + Intermediate_CRL_RL_09_01_crl, + End_Certificate_RL_09_01_crt + }; + + public static void Main( + string[] args) + { + RunTest(new NistCertPathTest()); + } + + [Test] + public void TestFunction() + { + string resultText = Perform().ToString(); + + Assert.AreEqual(Name + ": Okay", resultText); + } + } +} diff --git a/BouncyCastle/crypto/test/src/test/NoekeonTest.cs b/BouncyCastle/crypto/test/src/test/NoekeonTest.cs new file mode 100644 index 0000000..c3745da --- /dev/null +++ b/BouncyCastle/crypto/test/src/test/NoekeonTest.cs @@ -0,0 +1,157 @@ +using System; +using System.IO; + +using NUnit.Framework; + +using Org.BouncyCastle.Crypto; +using Org.BouncyCastle.Crypto.IO; +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Security; +using Org.BouncyCastle.Utilities.Encoders; + +namespace Org.BouncyCastle.Tests +{ + /** + * basic test class for SEED + */ + [TestFixture] + public class NoekeonTest + : BaseBlockCipherTest + { + private static readonly string[] cipherTests = + { + "128", + "b1656851699e29fa24b70148503d2dfc", + "2a78421b87c7d0924f26113f1d1349b2", + "e2f687e07b75660ffc372233bc47532c" + }; + + public NoekeonTest() + : base("Noekeon") + { + } + + public void DoTest( + int strength, + byte[] keyBytes, + byte[] input, + byte[] output) + { + KeyParameter key = ParameterUtilities.CreateKeyParameter("Noekeon", keyBytes); + + IBufferedCipher inCipher = CipherUtilities.GetCipher("Noekeon/ECB/NoPadding"); + IBufferedCipher outCipher = CipherUtilities.GetCipher("Noekeon/ECB/NoPadding"); + + try + { + outCipher.Init(true, key); + } + catch (Exception e) + { + Fail("Noekeon failed initialisation - " + e.Message, e); + } + + try + { + inCipher.Init(false, key); + } + catch (Exception e) + { + Fail("Noekeoen failed initialisation - " + e.Message, e); + } + + // + // encryption pass + // + MemoryStream bOut = new MemoryStream(); + + CipherStream cOut = new CipherStream(bOut, null, outCipher); + + try + { + for (int i = 0; i != input.Length / 2; i++) + { + cOut.WriteByte(input[i]); + } + cOut.Write(input, input.Length / 2, input.Length - input.Length / 2); + cOut.Close(); + } + catch (IOException e) + { + Fail("Noekeon failed encryption - " + e.Message, e); + } + + byte[] bytes = bOut.ToArray(); + + if (!AreEqual(bytes, output)) + { + Fail("Noekeon failed encryption - expected " + + Hex.ToHexString(output) + " got " + + Hex.ToHexString(bytes)); + } + + // + // decryption pass + // + MemoryStream bIn = new MemoryStream(bytes, false); + + CipherStream cIn = new CipherStream(bIn, inCipher, null); + + try + { +// DataInputStream dIn = new DataInputStream(cIn); + BinaryReader dIn = new BinaryReader(cIn); + + bytes = new byte[input.Length]; + + for (int i = 0; i != input.Length / 2; i++) + { +// bytes[i] = (byte)dIn.read(); + bytes[i] = dIn.ReadByte(); + } + int remaining = bytes.Length - input.Length / 2; +// dIn.readFully(bytes, input.Length / 2, remaining); + byte[] extra = dIn.ReadBytes(remaining); + if (extra.Length < remaining) + throw new EndOfStreamException(); + extra.CopyTo(bytes, input.Length / 2); + } + catch (Exception e) + { + Fail("Noekeon failed encryption - " + e.Message, e); + } + + if (!AreEqual(bytes, input)) + { + Fail("Noekeon failed decryption - expected " + + Hex.ToHexString(input) + " got " + + Hex.ToHexString(bytes)); + } + } + + public override void PerformTest() + { + for (int i = 0; i != cipherTests.Length; i += 4) + { + DoTest(int.Parse(cipherTests[i]), + Hex.Decode(cipherTests[i + 1]), + Hex.Decode(cipherTests[i + 2]), + Hex.Decode(cipherTests[i + 3])); + } + } + + public static void Main( + string[] args) + { + RunTest(new NoekeonTest()); + } + + [Test] + public void TestFunction() + { + string resultText = Perform().ToString(); + + Assert.AreEqual(Name + ": Okay", resultText); + } + } +} diff --git a/BouncyCastle/crypto/test/src/test/PBETest.cs b/BouncyCastle/crypto/test/src/test/PBETest.cs new file mode 100644 index 0000000..ee61a02 --- /dev/null +++ b/BouncyCastle/crypto/test/src/test/PBETest.cs @@ -0,0 +1,527 @@ +using System; + +using NUnit.Framework; + +using Org.BouncyCastle.Asn1; +using Org.BouncyCastle.Asn1.Pkcs; +using Org.BouncyCastle.Crypto; +using Org.BouncyCastle.Crypto.Digests; +using Org.BouncyCastle.Crypto.Generators; +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Security; +using Org.BouncyCastle.Utilities.Encoders; +using Org.BouncyCastle.Utilities.Test; + +namespace Org.BouncyCastle.Tests +{ + /** + * test out the various PBE modes, making sure the JCE implementations + * are compatible woth the light weight ones. + */ + [TestFixture] + public class PbeTest + : SimpleTest + { + private class OpenSslTest + : SimpleTest + { + private char[] password; + private string baseAlgorithm; + private string algorithm; + private int keySize; + private int ivSize; + + public OpenSslTest( + string baseAlgorithm, + string algorithm, + int keySize, + int ivSize) + { + this.password = algorithm.ToCharArray(); + this.baseAlgorithm = baseAlgorithm; + this.algorithm = algorithm; + this.keySize = keySize; + this.ivSize = ivSize; + } + + public override string Name + { + get { return "OpenSSLPBE"; } + } + + public override void PerformTest() + { + byte[] salt = new byte[16]; + int iCount = 100; + + for (int i = 0; i != salt.Length; i++) + { + salt[i] = (byte)i; + } + + PbeParametersGenerator pGen = new OpenSslPbeParametersGenerator(); + + pGen.Init( + PbeParametersGenerator.Pkcs5PasswordToBytes(password), + salt, + iCount); + + ParametersWithIV parameters = (ParametersWithIV) + pGen.GenerateDerivedParameters(baseAlgorithm, keySize, ivSize); + + KeyParameter encKey = (KeyParameter) parameters.Parameters; + + IBufferedCipher c; + if (baseAlgorithm.Equals("RC4")) + { + c = CipherUtilities.GetCipher(baseAlgorithm); + + c.Init(true, encKey); + } + else + { + c = CipherUtilities.GetCipher(baseAlgorithm + "/CBC/PKCS7Padding"); + + c.Init(true, parameters); + } + + byte[] enc = c.DoFinal(salt); + + c = CipherUtilities.GetCipher(algorithm); + +// PBEKeySpec keySpec = new PBEKeySpec(password, salt, iCount); +// SecretKeyFactory fact = SecretKeyFactory.getInstance(algorithm); +// +// c.Init(false, fact.generateSecret(keySpec)); + + Asn1Encodable algParams = PbeUtilities.GenerateAlgorithmParameters( + algorithm, salt, iCount); + ICipherParameters cipherParams = PbeUtilities.GenerateCipherParameters( + algorithm, password, algParams); + c.Init(false, cipherParams); + + byte[] dec = c.DoFinal(enc); + + if (!AreEqual(salt, dec)) + { + Fail("" + algorithm + "failed encryption/decryption test"); + } + } + } + + private class Pkcs12Test + : SimpleTest + { + private char[] password; + private string baseAlgorithm; + private string algorithm; + private IDigest digest; + private int keySize; + private int ivSize; + + public Pkcs12Test( + string baseAlgorithm, + string algorithm, + IDigest digest, + int keySize, + int ivSize) + { + this.password = algorithm.ToCharArray(); + this.baseAlgorithm = baseAlgorithm; + this.algorithm = algorithm; + this.digest = digest; + this.keySize = keySize; + this.ivSize = ivSize; + } + + public override string Name + { + get { return "PKCS12PBE"; } + } + + public override void PerformTest() + { + int iCount = 100; + byte[] salt = DigestUtilities.DoFinal(digest); + + PbeParametersGenerator pGen = new Pkcs12ParametersGenerator(digest); + + pGen.Init( + PbeParametersGenerator.Pkcs12PasswordToBytes(password), + salt, + iCount); + + ParametersWithIV parameters = (ParametersWithIV) + pGen.GenerateDerivedParameters(baseAlgorithm, keySize, ivSize); + + KeyParameter encKey = (KeyParameter) parameters.Parameters; + + IBufferedCipher c; + if (baseAlgorithm.Equals("RC4")) + { + c = CipherUtilities.GetCipher(baseAlgorithm); + + c.Init(true, encKey); + } + else + { + c = CipherUtilities.GetCipher(baseAlgorithm + "/CBC/PKCS7Padding"); + + c.Init(true, parameters); + } + + byte[] enc = c.DoFinal(salt); + + c = CipherUtilities.GetCipher(algorithm); + +// PBEKeySpec keySpec = new PBEKeySpec(password, salt, iCount); +// SecretKeyFactory fact = SecretKeyFactory.getInstance(algorithm); +// +// c.Init(false, fact.generateSecret(keySpec)); + + Asn1Encodable algParams = PbeUtilities.GenerateAlgorithmParameters( + algorithm, salt, iCount); + ICipherParameters cipherParams = PbeUtilities.GenerateCipherParameters( + algorithm, password, algParams); + c.Init(false, cipherParams); + + byte[] dec = c.DoFinal(enc); + + if (!AreEqual(salt, dec)) + { + Fail("" + algorithm + "failed encryption/decryption test"); + } + + // NB: We don't support retrieving parameters from cipher +// // +// // get the parameters +// // +// AlgorithmParameters param = c.getParameters(); +// PBEParameterSpec spec = (PBEParameterSpec)param.getParameterSpec(PBEParameterSpec.class); +// +// if (!AreEqual(salt, spec.getSalt())) +// { +// Fail("" + algorithm + "failed salt test"); +// } +// +// if (iCount != spec.getIterationCount()) +// { +// Fail("" + algorithm + "failed count test"); +// } + + // NB: This section just repeats earlier test passing 'param' separately +// // +// // try using parameters +// // +// keySpec = new PBEKeySpec(password); +// +// c.Init(false, fact.generateSecret(keySpec), param); +// +// dec = c.DoFinal(enc); +// +// if (!AreEqual(salt, dec)) +// { +// Fail("" + algorithm + "failed encryption/decryption test"); +// } + } + } + + private Pkcs12Test[] pkcs12Tests = { + new Pkcs12Test("DESede", "PBEWITHSHAAND3-KEYTRIPLEDES-CBC", new Sha1Digest(), 192, 64), + new Pkcs12Test("DESede", "PBEWITHSHAAND2-KEYTRIPLEDES-CBC", new Sha1Digest(), 128, 64), + new Pkcs12Test("RC4", "PBEWITHSHAAND128BITRC4", new Sha1Digest(), 128, 0), + new Pkcs12Test("RC4", "PBEWITHSHAAND40BITRC4", new Sha1Digest(), 40, 0), + new Pkcs12Test("RC2", "PBEWITHSHAAND128BITRC2-CBC", new Sha1Digest(), 128, 64), + new Pkcs12Test("RC2", "PBEWITHSHAAND40BITRC2-CBC", new Sha1Digest(), 40, 64), + new Pkcs12Test("AES", "PBEWithSHA1And128BitAES-CBC-BC", new Sha1Digest(), 128, 128), + new Pkcs12Test("AES", "PBEWithSHA1And192BitAES-CBC-BC", new Sha1Digest(), 192, 128), + new Pkcs12Test("AES", "PBEWithSHA1And256BitAES-CBC-BC", new Sha1Digest(), 256, 128), + new Pkcs12Test("AES", "PBEWithSHA256And128BitAES-CBC-BC", new Sha256Digest(), 128, 128), + new Pkcs12Test("AES", "PBEWithSHA256And192BitAES-CBC-BC", new Sha256Digest(), 192, 128), + new Pkcs12Test("AES", "PBEWithSHA256And256BitAES-CBC-BC", new Sha256Digest(), 256, 128) + }; + + private OpenSslTest[] openSSLTests = { + new OpenSslTest("AES", "PBEWITHMD5AND128BITAES-CBC-OPENSSL", 128, 128), + new OpenSslTest("AES", "PBEWITHMD5AND192BITAES-CBC-OPENSSL", 192, 128), + new OpenSslTest("AES", "PBEWITHMD5AND256BITAES-CBC-OPENSSL", 256, 128) + }; + + static byte[] message = Hex.Decode("4869205468657265"); + + private byte[] hMac1 = Hex.Decode("bcc42174ccb04f425d9a5c8c4a95d6fd7c372911"); + private byte[] hMac2 = Hex.Decode("cb1d8bdb6aca9e3fa8980d6eb41ab28a7eb2cfd6"); + + // NB: These two makePbeCipher... methods are same in .NET + private IBufferedCipher makePbeCipherUsingParam( + string algorithm, + bool forEncryption, + char[] password, + byte[] salt, + int iterationCount) + { +// PBEKeySpec pbeSpec = new PBEKeySpec(password); +// SecretKeyFactory keyFact = SecretKeyFactory.getInstance(algorithm); +// PBEParameterSpec defParams = new PBEParameterSpec(salt, iterationCount); + + Asn1Encodable algParams = PbeUtilities.GenerateAlgorithmParameters( + algorithm, salt, iterationCount); + ICipherParameters cipherParams = PbeUtilities.GenerateCipherParameters( + algorithm, password, algParams); + + IBufferedCipher cipher = CipherUtilities.GetCipher(algorithm); + +// cipher.Init(forEncryption, keyFact.generateSecret(pbeSpec), defParams); + cipher.Init(forEncryption, cipherParams); + + return cipher; + } + + // NB: These two makePbeCipher... methods are same in .NET + private IBufferedCipher makePbeCipherWithoutParam( + string algorithm, + bool forEncryption, + char[] password, + byte[] salt, + int iterationCount) + { +// PBEKeySpec pbeSpec = new PBEKeySpec(password, salt, iterationCount); +// SecretKeyFactory keyFact = SecretKeyFactory.getInstance(algorithm); + + Asn1Encodable algParams = PbeUtilities.GenerateAlgorithmParameters( + algorithm, salt, iterationCount); + ICipherParameters cipherParams = PbeUtilities.GenerateCipherParameters( + algorithm, password, algParams); + + IBufferedCipher cipher = CipherUtilities.GetCipher(algorithm); + +// cipher.Init(forEncryption, keyFact.generateSecret(pbeSpec)); + cipher.Init(forEncryption, cipherParams); + + return cipher; + } + + private void doTestPbeHMac( + string hmacName, + byte[] output) + { + ICipherParameters key = null; + byte[] outBytes; + IMac mac = null; + + try + { +// SecretKeyFactory fact = SecretKeyFactory.getInstance(hmacName); +// +// key = fact.generateSecret(new PBEKeySpec("hello".ToCharArray())); + + Asn1Encodable algParams = PbeUtilities.GenerateAlgorithmParameters( + hmacName, new byte[20], 100); + key = PbeUtilities.GenerateCipherParameters( + hmacName, "hello".ToCharArray(), algParams); + mac = MacUtilities.GetMac(hmacName); + } + catch (Exception e) + { + Fail("Failed - exception " + e.ToString(), e); + } + + try + { +// mac.Init(key, new PBEParameterSpec(new byte[20], 100)); + mac.Init(key); + } + catch (Exception e) + { + Fail("Failed - exception " + e.ToString(), e); + } + + mac.Reset(); + + mac.BlockUpdate(message, 0, message.Length); + +// outBytes = mac.DoFinal(); + outBytes = new byte[mac.GetMacSize()]; + mac.DoFinal(outBytes, 0); + + if (!AreEqual(outBytes, output)) + { + Fail("Failed - expected " + + Hex.ToHexString(output) + " got " + + Hex.ToHexString(outBytes)); + } + } + + public override void PerformTest() + { + byte[] input = Hex.Decode("1234567890abcdefabcdef1234567890fedbca098765"); + + // + // DES + // + IBufferedCipher cEnc = CipherUtilities.GetCipher("DES/CBC/PKCS7Padding"); + + cEnc.Init( + true, + new ParametersWithIV( + new DesParameters(Hex.Decode("30e69252758e5346")), + Hex.Decode("7c1c1ab9c454a688"))); + + byte[] outBytes = cEnc.DoFinal(input); + char[] password = "password".ToCharArray(); + + IBufferedCipher cDec = makePbeCipherUsingParam( + "PBEWithSHA1AndDES", + false, + password, + Hex.Decode("7d60435f02e9e0ae"), + 2048); + + byte[] inBytes = cDec.DoFinal(outBytes); + + if (!AreEqual(input, inBytes)) + { + Fail("DES failed"); + } + + cDec = makePbeCipherWithoutParam( + "PBEWithSHA1AndDES", + false, + password, + Hex.Decode("7d60435f02e9e0ae"), + 2048); + + inBytes = cDec.DoFinal(outBytes); + + if (!AreEqual(input, inBytes)) + { + Fail("DES failed without param"); + } + + // + // DESede + // + cEnc = CipherUtilities.GetCipher("DESede/CBC/PKCS7Padding"); + + cEnc.Init( + true, + new ParametersWithIV( + new DesParameters(Hex.Decode("732f2d33c801732b7206756cbd44f9c1c103ddd97c7cbe8e")), + Hex.Decode("b07bf522c8d608b8"))); + + outBytes = cEnc.DoFinal(input); + + cDec = makePbeCipherUsingParam( + "PBEWithSHAAnd3-KeyTripleDES-CBC", + false, + password, + Hex.Decode("7d60435f02e9e0ae"), + 2048); + + inBytes = cDec.DoFinal(outBytes); + + if (!AreEqual(input, inBytes)) + { + Fail("DESede failed"); + } + + // + // 40Bit RC2 + // + cEnc = CipherUtilities.GetCipher("RC2/CBC/PKCS7Padding"); + + cEnc.Init( + true, + new ParametersWithIV( + new RC2Parameters(Hex.Decode("732f2d33c8")), + Hex.Decode("b07bf522c8d608b8"))); + + outBytes = cEnc.DoFinal(input); + + cDec = makePbeCipherUsingParam( + "PBEWithSHAAnd40BitRC2-CBC", + false, + password, + Hex.Decode("7d60435f02e9e0ae"), + 2048); + + inBytes = cDec.DoFinal(outBytes); + + if (!AreEqual(input, inBytes)) + { + Fail("RC2 failed"); + } + + // + // 128bit RC4 + // + cEnc = CipherUtilities.GetCipher("RC4"); + + cEnc.Init( + true, + ParameterUtilities.CreateKeyParameter("RC4", Hex.Decode("732f2d33c801732b7206756cbd44f9c1"))); + + outBytes = cEnc.DoFinal(input); + + cDec = makePbeCipherUsingParam( + "PBEWithSHAAnd128BitRC4", + false, + password, + Hex.Decode("7d60435f02e9e0ae"), + 2048); + + inBytes = cDec.DoFinal(outBytes); + + if (!AreEqual(input, inBytes)) + { + Fail("RC4 failed"); + } + + cDec = makePbeCipherWithoutParam( + "PBEWithSHAAnd128BitRC4", + false, + password, + Hex.Decode("7d60435f02e9e0ae"), + 2048); + + inBytes = cDec.DoFinal(outBytes); + + if (!AreEqual(input, inBytes)) + { + Fail("RC4 failed without param"); + } + + for (int i = 0; i != pkcs12Tests.Length; i++) + { + pkcs12Tests[i].PerformTest(); + } + + for (int i = 0; i != openSSLTests.Length; i++) + { + openSSLTests[i].PerformTest(); + } + + doTestPbeHMac("PBEWithHMacSHA1", hMac1); + doTestPbeHMac("PBEWithHMacRIPEMD160", hMac2); + } + + public override string Name + { + get { return "PbeTest"; } + } + + public static void Main( + string[] args) + { + RunTest(new PbeTest()); + } + + [Test] + public void TestFunction() + { + string resultText = Perform().ToString(); + + Assert.AreEqual(Name + ": Okay", resultText); + } + } +} diff --git a/BouncyCastle/crypto/test/src/test/PEMData.cs b/BouncyCastle/crypto/test/src/test/PEMData.cs new file mode 100644 index 0000000..ea783c8 --- /dev/null +++ b/BouncyCastle/crypto/test/src/test/PEMData.cs @@ -0,0 +1,117 @@ +using System; + +namespace Org.BouncyCastle.Tests +{ + class PemData + { + internal static readonly string CERTIFICATE_1 = + "-----BEGIN X509 CERTIFICATE-----\r" + + "MIIDXjCCAsegAwIBAgIBBzANBgkqhkiG9w0BAQQFADCBtzELMAkGA1UEBhMCQVUx\r" + + "ETAPBgNVBAgTCFZpY3RvcmlhMRgwFgYDVQQHEw9Tb3V0aCBNZWxib3VybmUxGjAY\r" + + "BgNVBAoTEUNvbm5lY3QgNCBQdHkgTHRkMR4wHAYDVQQLExVDZXJ0aWZpY2F0ZSBB\r" + + "dXRob3JpdHkxFTATBgNVBAMTDENvbm5lY3QgNCBDQTEoMCYGCSqGSIb3DQEJARYZ\r" + + "d2VibWFzdGVyQGNvbm5lY3Q0LmNvbS5hdTAeFw0wMDA2MDIwNzU2MjFaFw0wMTA2\r" + + "MDIwNzU2MjFaMIG4MQswCQYDVQQGEwJBVTERMA8GA1UECBMIVmljdG9yaWExGDAW\r" + + "BgNVBAcTD1NvdXRoIE1lbGJvdXJuZTEaMBgGA1UEChMRQ29ubmVjdCA0IFB0eSBM\r" + + "dGQxFzAVBgNVBAsTDldlYnNlcnZlciBUZWFtMR0wGwYDVQQDExR3d3cyLmNvbm5l\r" + + "Y3Q0LmNvbS5hdTEoMCYGCSqGSIb3DQEJARYZd2VibWFzdGVyQGNvbm5lY3Q0LmNv\r" + + "bS5hdTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEArvDxclKAhyv7Q/Wmr2re\r" + + "Gw4XL9Cnh9e+6VgWy2AWNy/MVeXdlxzd7QAuc1eOWQkGQEiLPy5XQtTY+sBUJ3AO\r" + + "Rvd2fEVJIcjf29ey7bYua9J/vz5MG2KYo9/WCHIwqD9mmG9g0xLcfwq/s8ZJBswE\r" + + "7sb85VU+h94PTvsWOsWuKaECAwEAAaN3MHUwJAYDVR0RBB0wG4EZd2VibWFzdGVy\r" + + "QGNvbm5lY3Q0LmNvbS5hdTA6BglghkgBhvhCAQ0ELRYrbW9kX3NzbCBnZW5lcmF0\r" + + "ZWQgY3VzdG9tIHNlcnZlciBjZXJ0aWZpY2F0ZTARBglghkgBhvhCAQEEBAMCBkAw\r" + + "DQYJKoZIhvcNAQEEBQADgYEAotccfKpwSsIxM1Hae8DR7M/Rw8dg/RqOWx45HNVL\r" + + "iBS4/3N/TO195yeQKbfmzbAA2jbPVvIvGgTxPgO1MP4ZgvgRhasaa0qCJCkWvpM4\r" + + "yQf33vOiYQbpv4rTwzU8AmRlBG45WdjyNIigGV+oRc61aKCTnLq7zB8N3z1TF/bF\r" + + "5/8=\r" + + "-----END X509 CERTIFICATE-----\r"; + + internal static readonly string CERTIFICATE_2 = + "-----BEGIN CERTIFICATE-----\n" + + "MIIDXjCCAsegAwIBAgIBBzANBgkqhkiG9w0BAQQFADCBtzELMAkGA1UEBhMCQVUx\n" + + "ETAPBgNVBAgTCFZpY3RvcmlhMRgwFgYDVQQHEw9Tb3V0aCBNZWxib3VybmUxGjAY\n" + + "BgNVBAoTEUNvbm5lY3QgNCBQdHkgTHRkMR4wHAYDVQQLExVDZXJ0aWZpY2F0ZSBB\n" + + "dXRob3JpdHkxFTATBgNVBAMTDENvbm5lY3QgNCBDQTEoMCYGCSqGSIb3DQEJARYZ\n" + + "d2VibWFzdGVyQGNvbm5lY3Q0LmNvbS5hdTAeFw0wMDA2MDIwNzU2MjFaFw0wMTA2\n" + + "MDIwNzU2MjFaMIG4MQswCQYDVQQGEwJBVTERMA8GA1UECBMIVmljdG9yaWExGDAW\n" + + "BgNVBAcTD1NvdXRoIE1lbGJvdXJuZTEaMBgGA1UEChMRQ29ubmVjdCA0IFB0eSBM\n" + + "dGQxFzAVBgNVBAsTDldlYnNlcnZlciBUZWFtMR0wGwYDVQQDExR3d3cyLmNvbm5l\n" + + "Y3Q0LmNvbS5hdTEoMCYGCSqGSIb3DQEJARYZd2VibWFzdGVyQGNvbm5lY3Q0LmNv\n" + + "bS5hdTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEArvDxclKAhyv7Q/Wmr2re\n" + + "Gw4XL9Cnh9e+6VgWy2AWNy/MVeXdlxzd7QAuc1eOWQkGQEiLPy5XQtTY+sBUJ3AO\n" + + "Rvd2fEVJIcjf29ey7bYua9J/vz5MG2KYo9/WCHIwqD9mmG9g0xLcfwq/s8ZJBswE\n" + + "7sb85VU+h94PTvsWOsWuKaECAwEAAaN3MHUwJAYDVR0RBB0wG4EZd2VibWFzdGVy\n" + + "QGNvbm5lY3Q0LmNvbS5hdTA6BglghkgBhvhCAQ0ELRYrbW9kX3NzbCBnZW5lcmF0\n" + + "ZWQgY3VzdG9tIHNlcnZlciBjZXJ0aWZpY2F0ZTARBglghkgBhvhCAQEEBAMCBkAw\n" + + "DQYJKoZIhvcNAQEEBQADgYEAotccfKpwSsIxM1Hae8DR7M/Rw8dg/RqOWx45HNVL\n" + + "iBS4/3N/TO195yeQKbfmzbAA2jbPVvIvGgTxPgO1MP4ZgvgRhasaa0qCJCkWvpM4\n" + + "yQf33vOiYQbpv4rTwzU8AmRlBG45WdjyNIigGV+oRc61aKCTnLq7zB8N3z1TF/bF\n" + + "5/8=\n" + + "-----END CERTIFICATE-----\n"; + + internal static readonly string CRL_1 = + "-----BEGIN X509 CRL-----\r\n" + + "MIICjTCCAfowDQYJKoZIhvcNAQECBQAwXzELMAkGA1UEBhMCVVMxIDAeBgNVBAoT\r\n" + + "F1JTQSBEYXRhIFNlY3VyaXR5LCBJbmMuMS4wLAYDVQQLEyVTZWN1cmUgU2VydmVy\r\n" + + "IENlcnRpZmljYXRpb24gQXV0aG9yaXR5Fw05NTA1MDIwMjEyMjZaFw05NTA2MDEw\r\n" + + "MDAxNDlaMIIBaDAWAgUCQQAABBcNOTUwMjAxMTcyNDI2WjAWAgUCQQAACRcNOTUw\r\n" + + "MjEwMDIxNjM5WjAWAgUCQQAADxcNOTUwMjI0MDAxMjQ5WjAWAgUCQQAADBcNOTUw\r\n" + + "MjI1MDA0NjQ0WjAWAgUCQQAAGxcNOTUwMzEzMTg0MDQ5WjAWAgUCQQAAFhcNOTUw\r\n" + + "MzE1MTkxNjU0WjAWAgUCQQAAGhcNOTUwMzE1MTk0MDQxWjAWAgUCQQAAHxcNOTUw\r\n" + + "MzI0MTk0NDMzWjAWAgUCcgAABRcNOTUwMzI5MjAwNzExWjAWAgUCcgAAERcNOTUw\r\n" + + "MzMwMDIzNDI2WjAWAgUCQQAAIBcNOTUwNDA3MDExMzIxWjAWAgUCcgAAHhcNOTUw\r\n" + + "NDA4MDAwMjU5WjAWAgUCcgAAQRcNOTUwNDI4MTcxNzI0WjAWAgUCcgAAOBcNOTUw\r\n" + + "NDI4MTcyNzIxWjAWAgUCcgAATBcNOTUwNTAyMDIxMjI2WjANBgkqhkiG9w0BAQIF\r\n" + + "AAN+AHqOEJXSDejYy0UwxxrH/9+N2z5xu/if0J6qQmK92W0hW158wpJg+ovV3+wQ\r\n" + + "wvIEPRL2rocL0tKfAsVq1IawSJzSNgxG0lrcla3MrJBnZ4GaZDu4FutZh72MR3Gt\r\n" + + "JaAL3iTJHJD55kK2D/VoyY1djlsPuNh6AEgdVwFAyp0v\r\n" + + "-----END X509 CRL-----\r\n"; + + internal static readonly string CRL_2 = + "-----BEGIN CRL-----\r\n" + + "MIICjTCCAfowDQYJKoZIhvcNAQECBQAwXzELMAkGA1UEBhMCVVMxIDAeBgNVBAoT\r\n" + + "F1JTQSBEYXRhIFNlY3VyaXR5LCBJbmMuMS4wLAYDVQQLEyVTZWN1cmUgU2VydmVy\r\n" + + "IENlcnRpZmljYXRpb24gQXV0aG9yaXR5Fw05NTA1MDIwMjEyMjZaFw05NTA2MDEw\r\n" + + "MDAxNDlaMIIBaDAWAgUCQQAABBcNOTUwMjAxMTcyNDI2WjAWAgUCQQAACRcNOTUw\r\n" + + "MjEwMDIxNjM5WjAWAgUCQQAADxcNOTUwMjI0MDAxMjQ5WjAWAgUCQQAADBcNOTUw\r\n" + + "MjI1MDA0NjQ0WjAWAgUCQQAAGxcNOTUwMzEzMTg0MDQ5WjAWAgUCQQAAFhcNOTUw\r\n" + + "MzE1MTkxNjU0WjAWAgUCQQAAGhcNOTUwMzE1MTk0MDQxWjAWAgUCQQAAHxcNOTUw\r\n" + + "MzI0MTk0NDMzWjAWAgUCcgAABRcNOTUwMzI5MjAwNzExWjAWAgUCcgAAERcNOTUw\r\n" + + "MzMwMDIzNDI2WjAWAgUCQQAAIBcNOTUwNDA3MDExMzIxWjAWAgUCcgAAHhcNOTUw\r\n" + + "NDA4MDAwMjU5WjAWAgUCcgAAQRcNOTUwNDI4MTcxNzI0WjAWAgUCcgAAOBcNOTUw\r\n" + + "NDI4MTcyNzIxWjAWAgUCcgAATBcNOTUwNTAyMDIxMjI2WjANBgkqhkiG9w0BAQIF\r\n" + + "AAN+AHqOEJXSDejYy0UwxxrH/9+N2z5xu/if0J6qQmK92W0hW158wpJg+ovV3+wQ\r\n" + + "wvIEPRL2rocL0tKfAsVq1IawSJzSNgxG0lrcla3MrJBnZ4GaZDu4FutZh72MR3Gt\r\n" + + "JaAL3iTJHJD55kK2D/VoyY1djlsPuNh6AEgdVwFAyp0v\r\n" + + "-----END CRL-----\r\n"; + + internal static readonly string ATTRIBUTE_CERTIFICATE_1 = + "-----BEGIN X509 ATTRIBUTE CERTIFICATE-----\r\n" + + "MIIBuDCCASECAQEwZ6BlMGCkXjBcMQswCQYDVQQGEwJBVTEoMCYGA1UEChMfVGhl\r\n" + + "IExlZ2lvbiBvZiB0aGUgQm91bmN5IENhc3RsZTEjMCEGA1UECxMaQm91bmN5IFBy\r\n" + + "aW1hcnkgQ2VydGlmaWNhdGUCARSgYjBgpF4wXDELMAkGA1UEBhMCQVUxKDAmBgNV\r\n" + + "BAoTH1RoZSBMZWdpb24gb2YgdGhlIEJvdW5jeSBDYXN0bGUxIzAhBgNVBAsTGkJv\r\n" + + "dW5jeSBQcmltYXJ5IENlcnRpZmljYXRlMA0GCSqGSIb3DQEBBQUAAgEBMCIYDzIw\r\n" + + "MDUwNjEwMDI0MTMzWhgPMjAwNTA2MTAwMjQzMTNaMBkwFwYDVRhIMRAwDoEMREFV\r\n" + + "MTIzNDU2Nzg5MA0GCSqGSIb3DQEBBQUAA4GBALAYXT9zdxSR5zdPLAon1xIPehgI\r\n" + + "NZhjM7w0uu3OdzSV5sC31X1Kx9vi5RIWiM9VimRTwbQIod9POttD5QMXCwQb/fm7\r\n" + + "eiJqL2YBIXOeClB19VrQe8xQtMFbyuFpDiM7QdvIam9ShZZMEMGjv9QHI64M4b0G\r\n" + + "odUBlSsJwPPQjZSU\r\n" + + "-----END X509 ATTRIBUTE CERTIFICATE-----\r\n"; + + internal static readonly string ATTRIBUTE_CERTIFICATE_2 = + "-----BEGIN ATTRIBUTE CERTIFICATE-----\r\n" + + "MIIBuDCCASECAQEwZ6BlMGCkXjBcMQswCQYDVQQGEwJBVTEoMCYGA1UEChMfVGhl\r\n" + + "IExlZ2lvbiBvZiB0aGUgQm91bmN5IENhc3RsZTEjMCEGA1UECxMaQm91bmN5IFBy\r\n" + + "aW1hcnkgQ2VydGlmaWNhdGUCARSgYjBgpF4wXDELMAkGA1UEBhMCQVUxKDAmBgNV\r\n" + + "BAoTH1RoZSBMZWdpb24gb2YgdGhlIEJvdW5jeSBDYXN0bGUxIzAhBgNVBAsTGkJv\r\n" + + "dW5jeSBQcmltYXJ5IENlcnRpZmljYXRlMA0GCSqGSIb3DQEBBQUAAgEBMCIYDzIw\r\n" + + "MDUwNjEwMDI0MTMzWhgPMjAwNTA2MTAwMjQzMTNaMBkwFwYDVRhIMRAwDoEMREFV\r\n" + + "MTIzNDU2Nzg5MA0GCSqGSIb3DQEBBQUAA4GBALAYXT9zdxSR5zdPLAon1xIPehgI\r\n" + + "NZhjM7w0uu3OdzSV5sC31X1Kx9vi5RIWiM9VimRTwbQIod9POttD5QMXCwQb/fm7\r\n" + + "eiJqL2YBIXOeClB19VrQe8xQtMFbyuFpDiM7QdvIam9ShZZMEMGjv9QHI64M4b0G\r\n" + + "odUBlSsJwPPQjZSU\r\n" + + "-----END ATTRIBUTE CERTIFICATE-----\r\n"; + } +} diff --git a/BouncyCastle/crypto/test/src/test/PKCS10CertRequestTest.cs b/BouncyCastle/crypto/test/src/test/PKCS10CertRequestTest.cs new file mode 100644 index 0000000..8d04047 --- /dev/null +++ b/BouncyCastle/crypto/test/src/test/PKCS10CertRequestTest.cs @@ -0,0 +1,466 @@ +using System; +using System.Collections; +using System.IO; +using NUnit.Framework; + +using Org.BouncyCastle.Asn1; +using Org.BouncyCastle.Asn1.CryptoPro; +using Org.BouncyCastle.Asn1.Pkcs; +using Org.BouncyCastle.Asn1.Utilities; +using Org.BouncyCastle.Asn1.X509; +using Org.BouncyCastle.Asn1.X9; +using Org.BouncyCastle.Crypto; +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Math; +using Org.BouncyCastle.Math.EC; +using Org.BouncyCastle.Pkcs; +using Org.BouncyCastle.Security; +using Org.BouncyCastle.Utilities.Encoders; +using Org.BouncyCastle.Utilities.IO.Pem; +using Org.BouncyCastle.Utilities.Test; +using Org.BouncyCastle.X509; +using Org.BouncyCastle.X509.Extension; + +namespace Org.BouncyCastle.Tests +{ + [TestFixture] + public class Pkcs10CertRequestTest + : SimpleTest + { + private static readonly byte[] gost3410EC_A = Base64.Decode( + "MIIBOzCB6wIBADB/MQ0wCwYDVQQDEwR0ZXN0MRUwEwYDVQQKEwxEZW1vcyBDbyBMdGQxHjAcBgNV" + + "BAsTFUNyeXB0b2dyYXBoeSBkaXZpc2lvbjEPMA0GA1UEBxMGTW9zY293MQswCQYDVQQGEwJydTEZ" + + "MBcGCSqGSIb3DQEJARYKc2RiQGRvbC5ydTBjMBwGBiqFAwICEzASBgcqhQMCAiMBBgcqhQMCAh4B" + + "A0MABEBYx0P2D7YuuZo5HgdIAUKAXcLBDZ+4LYFgbKjrfStVfH59lc40BQ2FZ7M703hLpXK8GiBQ" + + "GEYpKaAuQZnMIpByoAAwCAYGKoUDAgIDA0EAgXMcTrhdOY2Er2tHOSAgnMezqrYxocZTWhxmW5Rl" + + "JY6lbXH5rndCn4swFzXU+YhgAsJv1wQBaoZEWRl5WV4/nA=="); + + private static readonly byte[] gost3410EC_B = Base64.Decode( + "MIIBPTCB7QIBADCBgDENMAsGA1UEAxMEdGVzdDEWMBQGA1UEChMNRGVtb3MgQ28gTHRkLjEeMBwG" + + "A1UECxMVQ3J5cHRvZ3JhcGh5IGRpdmlzaW9uMQ8wDQYDVQQHEwZNb3Njb3cxCzAJBgNVBAYTAnJ1" + + "MRkwFwYJKoZIhvcNAQkBFgpzZGJAZG9sLnJ1MGMwHAYGKoUDAgITMBIGByqFAwICIwIGByqFAwIC" + + "HgEDQwAEQI5SLoWT7dZVilbV9j5B/fyIDuDs6x4pjqNC2TtFYbpRHrk/Wc5g/mcHvD80tsm5o1C7" + + "7cizNzkvAVUM4VT4Dz6gADAIBgYqhQMCAgMDQQAoT5TwJ8o+bSrxckymyo3diwG7ZbSytX4sRiKy" + + "wXPWRS9LlBvPO2NqwpS2HUnxSU8rzfL9fJcybATf7Yt1OEVq"); + + private static readonly byte[] gost3410EC_C = Base64.Decode( + "MIIBRDCB9AIBADCBhzEVMBMGA1UEAxMMdGVzdCByZXF1ZXN0MRUwEwYDVQQKEwxEZW1vcyBDbyBM" + + "dGQxHjAcBgNVBAsTFUNyeXB0b2dyYXBoeSBkaXZpc2lvbjEPMA0GA1UEBxMGTW9zY293MQswCQYD" + + "VQQGEwJydTEZMBcGCSqGSIb3DQEJARYKc2RiQGRvbC5ydTBjMBwGBiqFAwICEzASBgcqhQMCAiMD" + + "BgcqhQMCAh4BA0MABEBcmGh7OmR4iqqj+ycYo1S1fS7r5PhisSQU2Ezuz8wmmmR2zeTZkdMYCOBa" + + "UTMNms0msW3wuYDho7nTDNscHTB5oAAwCAYGKoUDAgIDA0EAVoOMbfyo1Un4Ss7WQrUjHJoiaYW8" + + "Ime5LeGGU2iW3ieAv6es/FdMrwTKkqn5dhd3aL/itFg5oQbhyfXw5yw/QQ=="); + + private static readonly byte[] gost3410EC_ExA = Base64.Decode( + "MIIBOzCB6wIBADB/MQ0wCwYDVQQDEwR0ZXN0MRUwEwYDVQQKEwxEZW1vcyBDbyBMdGQxHjAcBgNV" + + "BAsTFUNyeXB0b2dyYXBoeSBkaXZpc2lvbjEPMA0GA1UEBxMGTW9zY293MQswCQYDVQQGEwJydTEZ" + + "MBcGCSqGSIb3DQEJARYKc2RiQGRvbC5ydTBjMBwGBiqFAwICEzASBgcqhQMCAiQABgcqhQMCAh4B" + + "A0MABEDkqNT/3f8NHj6EUiWnK4JbVZBh31bEpkwq9z3jf0u8ZndG56Vt+K1ZB6EpFxLT7hSIos0w" + + "weZ2YuTZ4w43OgodoAAwCAYGKoUDAgIDA0EASk/IUXWxoi6NtcUGVF23VRV1L3undB4sRZLp4Vho" + + "gQ7m3CMbZFfJ2cPu6QyarseXGYHmazoirH5lGjEo535c1g=="); + + private static readonly byte[] gost3410EC_ExB = Base64.Decode( + "MIIBPTCB7QIBADCBgDENMAsGA1UEAxMEdGVzdDEWMBQGA1UEChMNRGVtb3MgQ28gTHRkLjEeMBwG" + + "A1UECxMVQ3J5cHRvZ3JhcGh5IGRpdmlzaW9uMQ8wDQYDVQQHEwZNb3Njb3cxCzAJBgNVBAYTAnJ1" + + "MRkwFwYJKoZIhvcNAQkBFgpzZGJAZG9sLnJ1MGMwHAYGKoUDAgITMBIGByqFAwICJAEGByqFAwIC" + + "HgEDQwAEQMBWYUKPy/1Kxad9ChAmgoSWSYOQxRnXo7KEGLU5RNSXA4qMUvArWzvhav+EYUfTbWLh" + + "09nELDyHt2XQcvgQHnSgADAIBgYqhQMCAgMDQQAdaNhgH/ElHp64mbMaEo1tPCg9Q22McxpH8rCz" + + "E0QBpF4H5mSSQVGI5OAXHToetnNuh7gHHSynyCupYDEHTbkZ"); + + public override string Name + { + get { return "PKCS10CertRequest"; } + } + + private void generationTest( + int keySize, + string keyName, + string sigName) + { + IAsymmetricCipherKeyPairGenerator kpg = GeneratorUtilities.GetKeyPairGenerator(keyName); + + // kpg.initialize(keySize); + kpg.Init(new KeyGenerationParameters(new SecureRandom(), keySize)); + + AsymmetricCipherKeyPair kp = kpg.GenerateKeyPair(); + + IDictionary attrs = new Hashtable(); + attrs.Add(X509Name.C, "AU"); + attrs.Add(X509Name.O, "The Legion of the Bouncy Castle"); + attrs.Add(X509Name.L, "Melbourne"); + attrs.Add(X509Name.ST, "Victoria"); + attrs.Add(X509Name.EmailAddress, "feedback-crypto@bouncycastle.org"); + + IList order = new ArrayList(); + order.Add(X509Name.C); + order.Add(X509Name.O); + order.Add(X509Name.L); + order.Add(X509Name.ST); + order.Add(X509Name.EmailAddress); + + X509Name subject = new X509Name(order, attrs); + + Pkcs10CertificationRequest req1 = new Pkcs10CertificationRequest( + sigName, + subject, + kp.Public, + null, + kp.Private); + + byte[] bytes = req1.GetEncoded(); + + Pkcs10CertificationRequest req2 = new Pkcs10CertificationRequest(bytes); + + if (!req2.Verify()) + { + Fail(sigName + ": Failed Verify check."); + } + + if (!req2.GetPublicKey().Equals(req1.GetPublicKey())) + { + Fail(keyName + ": Failed public key check."); + } + } + + /* + * we generate a self signed certificate for the sake of testing - SHA224withECDSA + */ + private void createECRequest( + string algorithm, + DerObjectIdentifier algOid) + { + X9ECParameters x9 = ECNamedCurveTable.GetByName("secp521r1"); + ECCurve curve = x9.Curve; + ECDomainParameters spec = new ECDomainParameters(curve, x9.G, x9.N, x9.H); + + ECPrivateKeyParameters privKey = new ECPrivateKeyParameters( + new BigInteger("5769183828869504557786041598510887460263120754767955773309066354712783118202294874205844512909370791582896372147797293913785865682804434049019366394746072023"), // d + spec); + + ECPublicKeyParameters pubKey = new ECPublicKeyParameters( + // curve.DecodePoint(Hex.Decode("026BFDD2C9278B63C92D6624F151C9D7A822CC75BD983B17D25D74C26740380022D3D8FAF304781E416175EADF4ED6E2B47142D2454A7AC7801DD803CF44A4D1F0AC")), // Q + curve.DecodePoint(Hex.Decode("02006BFDD2C9278B63C92D6624F151C9D7A822CC75BD983B17D25D74C26740380022D3D8FAF304781E416175EADF4ED6E2B47142D2454A7AC7801DD803CF44A4D1F0AC")), // Q + spec); + + // // + // // set up the keys + // // + // AsymmetricKeyParameter privKey; + // AsymmetricKeyParameter pubKey; + // + // KeyFactory fact = KeyFactory.getInstance("ECDSA"); + // + // privKey = fact.generatePrivate(privKeySpec); + // pubKey = fact.generatePublic(pubKeySpec); + + Pkcs10CertificationRequest req = new Pkcs10CertificationRequest( + algorithm, new X509Name("CN=XXX"), pubKey, null, privKey); + if (!req.Verify()) + { + Fail("Failed Verify check EC."); + } + + req = new Pkcs10CertificationRequest(req.GetEncoded()); + if (!req.Verify()) + { + Fail("Failed Verify check EC encoded."); + } + + // + // try with point compression turned off + // + // ((ECPointEncoder)pubKey).setPointFormat("UNCOMPRESSED"); + ECPoint q = pubKey.Q.Normalize(); + pubKey = new ECPublicKeyParameters( + pubKey.AlgorithmName, + q.Curve.CreatePoint(q.XCoord.ToBigInteger(), q.YCoord.ToBigInteger()), + pubKey.Parameters); + + req = new Pkcs10CertificationRequest( + algorithm, new X509Name("CN=XXX"), pubKey, null, privKey); + if (!req.Verify()) + { + Fail("Failed Verify check EC uncompressed."); + } + + req = new Pkcs10CertificationRequest(req.GetEncoded()); + if (!req.Verify()) + { + Fail("Failed Verify check EC uncompressed encoded."); + } + + if (!req.SignatureAlgorithm.Algorithm.Equals(algOid)) + { + Fail("ECDSA oid incorrect."); + } + + if (req.SignatureAlgorithm.Parameters != null) + { + Fail("ECDSA parameters incorrect."); + } + + ISigner sig = SignerUtilities.GetSigner(algorithm); + + sig.Init(false, pubKey); + + byte[] b = req.GetCertificationRequestInfo().GetEncoded(); + sig.BlockUpdate(b, 0, b.Length); + + if (!sig.VerifySignature(req.GetSignatureOctets())) + { + Fail("signature not mapped correctly."); + } + } + + private void createECGostRequest() + { + string algorithm = "GOST3411withECGOST3410"; + IAsymmetricCipherKeyPairGenerator ecGostKpg = GeneratorUtilities.GetKeyPairGenerator("ECGOST3410"); + + ecGostKpg.Init( + new ECKeyGenerationParameters( + CryptoProObjectIdentifiers.GostR3410x2001CryptoProA, + new SecureRandom())); + + // + // set up the keys + // + AsymmetricCipherKeyPair pair = ecGostKpg.GenerateKeyPair(); + AsymmetricKeyParameter privKey = pair.Private; + AsymmetricKeyParameter pubKey = pair.Public; + + Pkcs10CertificationRequest req = new Pkcs10CertificationRequest( + algorithm, new X509Name("CN=XXX"), pubKey, null, privKey); + + if (!req.Verify()) + { + Fail("Failed Verify check EC."); + } + + req = new Pkcs10CertificationRequest(req.GetEncoded()); + if (!req.Verify()) + { + Fail("Failed Verify check EC encoded."); + } + + if (!req.SignatureAlgorithm.Algorithm.Equals(CryptoProObjectIdentifiers.GostR3411x94WithGostR3410x2001)) + { + Fail("ECGOST oid incorrect."); + } + + if (req.SignatureAlgorithm.Parameters != null) + { + Fail("ECGOST parameters incorrect."); + } + + ISigner sig = SignerUtilities.GetSigner(algorithm); + + sig.Init(false, pubKey); + + byte[] b = req.GetCertificationRequestInfo().GetEncoded(); + sig.BlockUpdate(b, 0, b.Length); + + if (!sig.VerifySignature(req.GetSignatureOctets())) + { + Fail("signature not mapped correctly."); + } + } + + private void createPssTest( + string algorithm) + { + // RSAPublicKeySpec pubKeySpec = new RSAPublicKeySpec( + RsaKeyParameters pubKey = new RsaKeyParameters(false, + new BigInteger("a56e4a0e701017589a5187dc7ea841d156f2ec0e36ad52a44dfeb1e61f7ad991d8c51056ffedb162b4c0f283a12a88a394dff526ab7291cbb307ceabfce0b1dfd5cd9508096d5b2b8b6df5d671ef6377c0921cb23c270a70e2598e6ff89d19f105acc2d3f0cb35f29280e1386b6f64c4ef22e1e1f20d0ce8cffb2249bd9a2137", 16), + new BigInteger("010001", 16)); + + // RSAPrivateCrtKeySpec privKeySpec = new RSAPrivateCrtKeySpec( + RsaPrivateCrtKeyParameters privKey = new RsaPrivateCrtKeyParameters( + new BigInteger("a56e4a0e701017589a5187dc7ea841d156f2ec0e36ad52a44dfeb1e61f7ad991d8c51056ffedb162b4c0f283a12a88a394dff526ab7291cbb307ceabfce0b1dfd5cd9508096d5b2b8b6df5d671ef6377c0921cb23c270a70e2598e6ff89d19f105acc2d3f0cb35f29280e1386b6f64c4ef22e1e1f20d0ce8cffb2249bd9a2137", 16), + new BigInteger("010001", 16), + new BigInteger("33a5042a90b27d4f5451ca9bbbd0b44771a101af884340aef9885f2a4bbe92e894a724ac3c568c8f97853ad07c0266c8c6a3ca0929f1e8f11231884429fc4d9ae55fee896a10ce707c3ed7e734e44727a39574501a532683109c2abacaba283c31b4bd2f53c3ee37e352cee34f9e503bd80c0622ad79c6dcee883547c6a3b325", 16), + new BigInteger("e7e8942720a877517273a356053ea2a1bc0c94aa72d55c6e86296b2dfc967948c0a72cbccca7eacb35706e09a1df55a1535bd9b3cc34160b3b6dcd3eda8e6443", 16), + new BigInteger("b69dca1cf7d4d7ec81e75b90fcca874abcde123fd2700180aa90479b6e48de8d67ed24f9f19d85ba275874f542cd20dc723e6963364a1f9425452b269a6799fd", 16), + new BigInteger("28fa13938655be1f8a159cbaca5a72ea190c30089e19cd274a556f36c4f6e19f554b34c077790427bbdd8dd3ede2448328f385d81b30e8e43b2fffa027861979", 16), + new BigInteger("1a8b38f398fa712049898d7fb79ee0a77668791299cdfa09efc0e507acb21ed74301ef5bfd48be455eaeb6e1678255827580a8e4e8e14151d1510a82a3f2e729", 16), + new BigInteger("27156aba4126d24a81f3a528cbfb27f56886f840a9f6e86e17a44b94fe9319584b8e22fdde1e5a2e3bd8aa5ba8d8584194eb2190acf832b847f13a3d24a79f4d", 16)); + + // KeyFactory fact = KeyFactory.getInstance("RSA", "BC"); + // + // PrivateKey privKey = fact.generatePrivate(privKeySpec); + // PublicKey pubKey = fact.generatePublic(pubKeySpec); + + Pkcs10CertificationRequest req = new Pkcs10CertificationRequest( + algorithm, new X509Name("CN=XXX"), pubKey, null, privKey); + + if (!req.Verify()) + { + Fail("Failed verify check PSS."); + } + + req = new Pkcs10CertificationRequest(req.GetEncoded()); + if (!req.Verify()) + { + Fail("Failed verify check PSS encoded."); + } + + if (!req.SignatureAlgorithm.Algorithm.Equals(PkcsObjectIdentifiers.IdRsassaPss)) + { + Fail("PSS oid incorrect."); + } + + if (req.SignatureAlgorithm.Parameters == null) + { + Fail("PSS parameters incorrect."); + } + + ISigner sig = SignerUtilities.GetSigner(algorithm); + + sig.Init(false, pubKey); + + byte[] encoded = req.GetCertificationRequestInfo().GetEncoded(); + sig.BlockUpdate(encoded, 0, encoded.Length); + + if (!sig.VerifySignature(req.GetSignatureOctets())) + { + Fail("signature not mapped correctly."); + } + } + + // previous code found to cause a NullPointerException + private void nullPointerTest() + { + IAsymmetricCipherKeyPairGenerator keyGen = GeneratorUtilities.GetKeyPairGenerator("RSA"); + keyGen.Init(new KeyGenerationParameters(new SecureRandom(), 1024)); + + AsymmetricCipherKeyPair pair = keyGen.GenerateKeyPair(); + + IList oids = new ArrayList(); + IList values = new ArrayList(); + oids.Add(X509Extensions.BasicConstraints); + values.Add(new X509Extension(true, new DerOctetString(new BasicConstraints(true)))); + oids.Add(X509Extensions.KeyUsage); + values.Add(new X509Extension(true, new DerOctetString( + new KeyUsage(KeyUsage.KeyCertSign | KeyUsage.CrlSign)))); + SubjectKeyIdentifier subjectKeyIdentifier = new SubjectKeyIdentifierStructure(pair.Public); + X509Extension ski = new X509Extension(false, new DerOctetString(subjectKeyIdentifier)); + oids.Add(X509Extensions.SubjectKeyIdentifier); + values.Add(ski); + + AttributePkcs attribute = new AttributePkcs(PkcsObjectIdentifiers.Pkcs9AtExtensionRequest, + new DerSet(new X509Extensions(oids, values))); + + Pkcs10CertificationRequest p1 = new Pkcs10CertificationRequest( + "SHA1WithRSA", new X509Name("cn=csr"), pair.Public, new DerSet(attribute), pair.Private); + Pkcs10CertificationRequest p2 = new Pkcs10CertificationRequest( + "SHA1WithRSA", new X509Name("cn=csr"), pair.Public, new DerSet(attribute), pair.Private); + + if (!p1.Equals(p2)) + { + Fail("cert request comparison failed"); + } + } + + public override void PerformTest() + { + + + generationTest(512, "RSA", "SHA1withRSA"); + generationTest(512, "GOST3410", "GOST3411withGOST3410"); + + // if (Security.getProvider("SunRsaSign") != null) + // { + // generationTest(512, "RSA", "SHA1withRSA", "SunRsaSign"); + // } + + // elliptic curve GOST A parameter set + Pkcs10CertificationRequest req = new Pkcs10CertificationRequest(gost3410EC_A); + if (!req.Verify()) + { + Fail("Failed Verify check gost3410EC_A."); + } + + // elliptic curve GOST B parameter set + req = new Pkcs10CertificationRequest(gost3410EC_B); + if (!req.Verify()) + { + Fail("Failed Verify check gost3410EC_B."); + } + + // elliptic curve GOST C parameter set + req = new Pkcs10CertificationRequest(gost3410EC_C); + if (!req.Verify()) + { + Fail("Failed Verify check gost3410EC_C."); + } + + // elliptic curve GOST ExA parameter set + req = new Pkcs10CertificationRequest(gost3410EC_ExA); + if (!req.Verify()) + { + Fail("Failed Verify check gost3410EC_ExA."); + } + + // elliptic curve GOST ExB parameter set + req = new Pkcs10CertificationRequest(gost3410EC_ExB); + if (!req.Verify()) + { + Fail("Failed Verify check gost3410EC_ExA."); + } + + // elliptic curve openSSL + IAsymmetricCipherKeyPairGenerator g = GeneratorUtilities.GetKeyPairGenerator("ECDSA"); + + X9ECParameters x9 = ECNamedCurveTable.GetByName("prime239v1"); + ECCurve curve = x9.Curve; + ECDomainParameters ecSpec = new ECDomainParameters(curve, x9.G, x9.N, x9.H); + + // g.initialize(ecSpec, new SecureRandom()); + g.Init(new ECKeyGenerationParameters(ecSpec, new SecureRandom())); + + AsymmetricCipherKeyPair kp = g.GenerateKeyPair(); + + req = new Pkcs10CertificationRequest( + "ECDSAWITHSHA1", new X509Name("CN=XXX"), kp.Public, null, kp.Private); + + if (!req.Verify()) + { + Fail("Failed Verify check EC."); + } + + createECRequest("SHA1withECDSA", X9ObjectIdentifiers.ECDsaWithSha1); + createECRequest("SHA224withECDSA", X9ObjectIdentifiers.ECDsaWithSha224); + createECRequest("SHA256withECDSA", X9ObjectIdentifiers.ECDsaWithSha256); + createECRequest("SHA384withECDSA", X9ObjectIdentifiers.ECDsaWithSha384); + createECRequest("SHA512withECDSA", X9ObjectIdentifiers.ECDsaWithSha512); + + createECGostRequest(); + + // TODO The setting of parameters for MGF algorithms is not implemented + // createPssTest("SHA1withRSAandMGF1"); + // createPssTest("SHA224withRSAandMGF1"); + // createPssTest("SHA256withRSAandMGF1"); + // createPssTest("SHA384withRSAandMGF1"); + + nullPointerTest(); + } + + + + + + public static void Main( + string[] args) + { + RunTest(new Pkcs10CertRequestTest()); + } + + [Test] + public void TestFunction() + { + string resultText = Perform().ToString(); + + Assert.AreEqual(Name + ": Okay", resultText); + } + } +} diff --git a/BouncyCastle/crypto/test/src/test/PSSTest.cs b/BouncyCastle/crypto/test/src/test/PSSTest.cs new file mode 100644 index 0000000..677289e --- /dev/null +++ b/BouncyCastle/crypto/test/src/test/PSSTest.cs @@ -0,0 +1,253 @@ +using System; + +using NUnit.Framework; + +using Org.BouncyCastle.Asn1; +using Org.BouncyCastle.Asn1.Nist; +using Org.BouncyCastle.Asn1.X509; +using Org.BouncyCastle.Crypto; +using Org.BouncyCastle.Crypto.Digests; +using Org.BouncyCastle.Crypto.Engines; +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Crypto.Signers; +using Org.BouncyCastle.Math; +using Org.BouncyCastle.Security; +using Org.BouncyCastle.Utilities; +using Org.BouncyCastle.Utilities.Encoders; +using Org.BouncyCastle.Utilities.Test; + +namespace Org.BouncyCastle.Tests +{ + [TestFixture] + public class PssTest + : SimpleTest + { + private class FixedRandom + : SecureRandom + { + private readonly byte[] vals; + + public FixedRandom( + byte[] vals) + { + this.vals = vals; + } + + public override void NextBytes( + byte[] bytes) + { + vals.CopyTo(bytes, 0); + } + } + + private RsaKeyParameters pubKey = new RsaKeyParameters(false, + new BigInteger("a56e4a0e701017589a5187dc7ea841d156f2ec0e36ad52a44dfeb1e61f7ad991d8c51056ffedb162b4c0f283a12a88a394dff526ab7291cbb307ceabfce0b1dfd5cd9508096d5b2b8b6df5d671ef6377c0921cb23c270a70e2598e6ff89d19f105acc2d3f0cb35f29280e1386b6f64c4ef22e1e1f20d0ce8cffb2249bd9a2137",16), + new BigInteger("010001",16)); + + private RsaPrivateCrtKeyParameters privKey = new RsaPrivateCrtKeyParameters( + new BigInteger("a56e4a0e701017589a5187dc7ea841d156f2ec0e36ad52a44dfeb1e61f7ad991d8c51056ffedb162b4c0f283a12a88a394dff526ab7291cbb307ceabfce0b1dfd5cd9508096d5b2b8b6df5d671ef6377c0921cb23c270a70e2598e6ff89d19f105acc2d3f0cb35f29280e1386b6f64c4ef22e1e1f20d0ce8cffb2249bd9a2137",16), + new BigInteger("010001",16), + new BigInteger("33a5042a90b27d4f5451ca9bbbd0b44771a101af884340aef9885f2a4bbe92e894a724ac3c568c8f97853ad07c0266c8c6a3ca0929f1e8f11231884429fc4d9ae55fee896a10ce707c3ed7e734e44727a39574501a532683109c2abacaba283c31b4bd2f53c3ee37e352cee34f9e503bd80c0622ad79c6dcee883547c6a3b325",16), + new BigInteger("e7e8942720a877517273a356053ea2a1bc0c94aa72d55c6e86296b2dfc967948c0a72cbccca7eacb35706e09a1df55a1535bd9b3cc34160b3b6dcd3eda8e6443",16), + new BigInteger("b69dca1cf7d4d7ec81e75b90fcca874abcde123fd2700180aa90479b6e48de8d67ed24f9f19d85ba275874f542cd20dc723e6963364a1f9425452b269a6799fd",16), + new BigInteger("28fa13938655be1f8a159cbaca5a72ea190c30089e19cd274a556f36c4f6e19f554b34c077790427bbdd8dd3ede2448328f385d81b30e8e43b2fffa027861979",16), + new BigInteger("1a8b38f398fa712049898d7fb79ee0a77668791299cdfa09efc0e507acb21ed74301ef5bfd48be455eaeb6e1678255827580a8e4e8e14151d1510a82a3f2e729",16), + new BigInteger("27156aba4126d24a81f3a528cbfb27f56886f840a9f6e86e17a44b94fe9319584b8e22fdde1e5a2e3bd8aa5ba8d8584194eb2190acf832b847f13a3d24a79f4d",16)); + + // PSSExample1.1 + + private static readonly byte[] msg1a = Hex.Decode("cdc87da223d786df3b45e0bbbc721326d1ee2af806cc315475cc6f0d9c66e1b62371d45ce2392e1ac92844c310102f156a0d8d52c1f4c40ba3aa65095786cb769757a6563ba958fed0bcc984e8b517a3d5f515b23b8a41e74aa867693f90dfb061a6e86dfaaee64472c00e5f20945729cbebe77f06ce78e08f4098fba41f9d6193c0317e8b60d4b6084acb42d29e3808a3bc372d85e331170fcbf7cc72d0b71c296648b3a4d10f416295d0807aa625cab2744fd9ea8fd223c42537029828bd16be02546f130fd2e33b936d2676e08aed1b73318b750a0167d0"); + + private static readonly byte[] slt1a = Hex.Decode("dee959c7e06411361420ff80185ed57f3e6776af"); + + private static readonly byte[] sig1a = Hex.Decode("9074308fb598e9701b2294388e52f971faac2b60a5145af185df5287b5ed2887e57ce7fd44dc8634e407c8e0e4360bc226f3ec227f9d9e54638e8d31f5051215df6ebb9c2f9579aa77598a38f914b5b9c1bd83c4e2f9f382a0d0aa3542ffee65984a601bc69eb28deb27dca12c82c2d4c3f66cd500f1ff2b994d8a4e30cbb33c"); + + private static readonly byte[] sig1b = Hex.Decode("96ea348db4db2947aee807bd687411a880913706f21b383a1002b97e43656e5450a9d1812efbedd1ed159f8307986adf48bada66a8efd14bd9e2f6f6f458e73b50c8ce6e3079011c5b4bd1600a2601a66198a1582574a43f13e0966c6c2337e6ca0886cd9e1b1037aeadef1382117d22b35e7e4403f90531c8cfccdf223f98e4"); + + private static readonly byte[] sig1c = Hex.Decode("9e64cc1062c537b142480bc5af407b55904ead970e20e0f8f6664279c96c6da6b03522160f224a85cc413dfe6bd00621485b665abac6d90ff38c9af06f4ddd6c7c81540439e5795601a1343d9feb465712ff8a5f5150391522fb5a9b8e2225a555f4efaa5e5c0ed7a19b27074c2d9f6dbbd0c893ba02c4a35b115d337bccd7a2"); + + public override void PerformTest() + { + ISigner s = SignerUtilities.GetSigner("SHA1withRSA/PSS"); + + s.Init(true, new ParametersWithRandom(privKey, new FixedRandom(slt1a))); + s.BlockUpdate(msg1a, 0, msg1a.Length); + byte[] sig = s.GenerateSignature(); + + if (!Arrays.AreEqual(sig1a, sig)) + { + Fail("PSS Sign test expected " + + Hex.ToHexString(sig1a) + " got " + + Hex.ToHexString(sig)); + } + + s = SignerUtilities.GetSigner("SHA1withRSAandMGF1"); + + s.Init(false, pubKey); + s.BlockUpdate(msg1a, 0, msg1a.Length); + if (!s.VerifySignature(sig1a)) + { + Fail("SHA1 signature verification failed"); + } + + s = SignerUtilities.GetSigner("SHA1withRSAandMGF1"); + + s.Init(false, pubKey); + s.BlockUpdate(msg1a, 0, msg1a.Length); + if (!s.VerifySignature(sig1a)) + { + Fail("SHA1 signature verification with default parameters failed"); + } + +// AlgorithmParameters pss = s.getParameters(); + // TODO Can we do some equivalent check? +// if (!Arrays.AreEqual(pss.getEncoded(), new byte[] { 0x30, 0x00 })) +// { +// Fail("failed default encoding test."); +// } + + s = SignerUtilities.GetSigner("SHA256withRSA/PSS"); + + s.Init(true, new ParametersWithRandom(privKey, new FixedRandom(slt1a))); + s.BlockUpdate(msg1a, 0, msg1a.Length); + sig = s.GenerateSignature(); + + if (!Arrays.AreEqual(sig1b, sig)) + { + Fail("PSS Sign test expected " + + Hex.ToHexString(sig1b) + " got " + + Hex.ToHexString(sig)); + } + + s = SignerUtilities.GetSigner("SHA256withRSAandMGF1"); + + s.Init(false, pubKey); + s.BlockUpdate(msg1a, 0, msg1a.Length); + if (!s.VerifySignature(sig1b)) + { + Fail("SHA256 signature verification failed"); + } + + // + // 512 test -with zero salt length + // + //s = SignerUtilities.GetSigner("SHA512withRSAandMGF1"); +// s.setParameter( +// new PSSParameterSpec("SHA-512", "MGF1", new MGF1ParameterSpec("SHA-512"), 0, 1)); + + // TODO How to do this via SignerUtilities/Init + // trailerField=1 above means use default/implicit trailer?) + s = new PssSigner(new RsaEngine(), new Sha512Digest(), 0, PssSigner.TrailerImplicit); + s.Init(true, privKey); + + s.BlockUpdate(msg1a, 0, msg1a.Length); + sig = s.GenerateSignature(); + +// pss = s.getParameters(); + + if (!Arrays.AreEqual(sig1c, sig)) + { + Fail("PSS Sign test expected " + + Hex.ToHexString(sig1c) + " got " + + Hex.ToHexString(sig)); + } + + + +// s = SignerUtilities.GetSigner("SHA512withRSAandMGF1"); + + // TODO How to do this via SignerUtilities/Init + // trailerField=1 above means use default/implicit trailer?) + s = new PssSigner(new RsaEngine(), new Sha512Digest(), 0, PssSigner.TrailerImplicit); + s.Init(false, pubKey); + + s.BlockUpdate(msg1a, 0, msg1a.Length); + if (!s.VerifySignature(sig1c)) + { + Fail("SHA512 signature verification failed"); + } + + SecureRandom random = new SecureRandom(); + + // Note: PSS minimum key size determined by hash/salt lengths +// PrivateKey priv2048Key = fact.generatePrivate(RSATest.priv2048KeySpec); +// PublicKey pub2048Key = fact.generatePublic(RSATest.pub2048KeySpec); + AsymmetricKeyParameter priv2048Key = RsaTest.priv2048KeySpec; + AsymmetricKeyParameter pub2048Key = RsaTest.pub2048KeySpec; + + rawModeTest("SHA1withRSA/PSS", X509ObjectIdentifiers.IdSha1, priv2048Key, pub2048Key, random); + // FIXME +// rawModeTest("SHA224withRSA/PSS", NistObjectIdentifiers.IdSha224, priv2048Key, pub2048Key, random); +// rawModeTest("SHA256withRSA/PSS", NistObjectIdentifiers.IdSha256, priv2048Key, pub2048Key, random); +// rawModeTest("SHA384withRSA/PSS", NistObjectIdentifiers.IdSha384, priv2048Key, pub2048Key, random); +// rawModeTest("SHA512withRSA/PSS", NistObjectIdentifiers.IdSha512, priv2048Key, pub2048Key, random); + } + + private void rawModeTest(string sigName, DerObjectIdentifier digestOID, + AsymmetricKeyParameter privKey, AsymmetricKeyParameter pubKey, SecureRandom random) + { + byte[] sampleMessage = new byte[1000 + random.Next() % 100]; + random.NextBytes(sampleMessage); + + ISigner normalSig = SignerUtilities.GetSigner(sigName); + + // FIXME +// PSSParameterSpec spec = (PSSParameterSpec)normalSig.getParameters().getParameterSpec(PSSParameterSpec.class); + + // Make sure we generate the same 'random' salt for both normal and raw signers + // FIXME +// int saltLen = spec.getSaltLength(); +// byte[] fixedRandomBytes = new byte[saltLen]; + byte[] fixedRandomBytes = new byte[128]; + random.NextBytes(fixedRandomBytes); + + normalSig.Init(true, new ParametersWithRandom(privKey, FixedSecureRandom.From(fixedRandomBytes))); + normalSig.BlockUpdate(sampleMessage, 0, sampleMessage.Length); + byte[] normalResult = normalSig.GenerateSignature(); + + byte[] hash = DigestUtilities.CalculateDigest(digestOID.Id, sampleMessage); + + ISigner rawSig = SignerUtilities.GetSigner("RAWRSASSA-PSS"); + + // Need to init the params explicitly to avoid having a 'raw' variety of every PSS algorithm + // FIXME +// rawSig.setParameter(spec); + + rawSig.Init(true, new ParametersWithRandom(privKey, FixedSecureRandom.From(fixedRandomBytes))); + rawSig.BlockUpdate(hash, 0, hash.Length); + byte[] rawResult = rawSig.GenerateSignature(); + + if (!Arrays.AreEqual(normalResult, rawResult)) + { + Fail("raw mode signature differs from normal one"); + } + + rawSig.Init(false, pubKey); + rawSig.BlockUpdate(hash, 0, hash.Length); + + if (!rawSig.VerifySignature(rawResult)) + { + Fail("raw mode signature verification failed"); + } + } + + public override string Name + { + get { return "PSS"; } + } + + public static void Main( + string[] args) + { + RunTest(new PssTest()); + } + + [Test] + public void TestFunction() + { + string resultText = Perform().ToString(); + + Assert.AreEqual(Name + ": Okay", resultText); + } + } +} diff --git a/BouncyCastle/crypto/test/src/test/ParallelHashTest.cs b/BouncyCastle/crypto/test/src/test/ParallelHashTest.cs new file mode 100644 index 0000000..2c8cac6 --- /dev/null +++ b/BouncyCastle/crypto/test/src/test/ParallelHashTest.cs @@ -0,0 +1,140 @@ +using System; + +using NUnit.Framework; + +using Org.BouncyCastle.Crypto.Digests; +using Org.BouncyCastle.Utilities; +using Org.BouncyCastle.Utilities.Encoders; +using Org.BouncyCastle.Utilities.Test; + +namespace Org.BouncyCastle.Tests +{ + [TestFixture] + +/** + * ParallelHash test vectors from: + *

    + * https://csrc.nist.gov/CSRC/media/Projects/Cryptographic-Standards-and-Guidelines/documents/examples/KMAC_samples.pdf + */ +public class ParallelHashTest + : SimpleTest +{ + public override string Name + { + get { return "ParallelHash"; } + } + + public override void PerformTest() + { + ParallelHash pHash = new ParallelHash(128, new byte[0], 8); + + byte[] data = Hex.Decode("00 01 02 03 04 05 06 07 10 11 12 13 14 15 16 17 20 21 22 23 24 25 26 27"); + pHash.BlockUpdate(data, 0, data.Length); + + byte[] res = new byte[pHash.GetDigestSize()]; + + pHash.DoFinal(res, 0); + + IsTrue("oops!", Arrays.AreEqual(Hex.Decode("BA 8D C1 D1 D9 79 33 1D 3F 81 36 03 C6 7F 72 609A B5 E4 4B 94 A0 B8 F9 AF 46 51 44 54 A2 B4 F5"), res)); + + pHash = new ParallelHash(128, Strings.ToByteArray("Parallel Data"), 8); + + pHash.BlockUpdate(data, 0, data.Length); + + res = new byte[pHash.GetDigestSize()]; + + pHash.DoFinal(res, 0); + + IsTrue("oops!", Arrays.AreEqual(Hex.Decode("FC 48 4D CB 3F 84 DC EE DC 35 34 38 15 1B EE 58 15 7D 6E FE D0 44 5A 81 F1 65 E4 95 79 5B 72 06"), res)); + + pHash = new ParallelHash(128, Strings.ToByteArray("Parallel Data"), 12); + + data = Hex.Decode("00 01 02 03 04 05 06 07 08 09 0A 0B 10 11 12 13 14 15 16 17 18 19 1A 1B 20 21 22 23 24 25 26 27 28 29 2A 2B 30 31 32 33 34 35 36 37 38 39 3A 3B 40 41 42 43 44 45 46 47 48 49 4A 4B 50 51 52 53 54 55 56 57 58 59 5A 5B"); + + pHash.BlockUpdate(data, 0, data.Length); + + res = new byte[pHash.GetDigestSize()]; + + pHash.DoFinal(res, 0); + + IsTrue("oops!", Arrays.AreEqual(Hex.Decode("F7 FD 53 12 89 6C 66 85 C8 28 AF 7E 2A DB 97 E3 93 E7 F8 D5 4E 3C 2E A4 B9 5E 5A CA 37 96 E8 FC"), res)); + + pHash = new ParallelHash(256, new byte[0], 8); + + data = Hex.Decode("00 01 02 03 04 05 06 07 10 11 12 13 14 15 16 17 20 21 22 23 24 25 26 27"); + + pHash.BlockUpdate(data, 0, data.Length); + + res = new byte[pHash.GetDigestSize()]; + + pHash.DoFinal(res, 0); + + IsTrue("oops!", Arrays.AreEqual(Hex.Decode("BC 1E F1 24 DA 34 49 5E 94 8E AD 20 7D D9 84 22 35 DA 43 2D 2B BC 54 B4 C1 10 E6 4C 45 11 05 53 1B 7F 2A 3E 0C E0 55 C0 28 05 E7 C2 DE 1F B7 46 AF 97 A1 DD 01 F4 3B 82 4E 31 B8 76 12 41 04 29"), res)); + + pHash = new ParallelHash(256, Strings.ToByteArray("Parallel Data"), 8); + + data = Hex.Decode("00 01 02 03 04 05 06 07 10 11 12 13 14 15 16 17 20 21 22 23 24 25 26 27"); + + pHash.BlockUpdate(data, 0, data.Length); + + res = new byte[pHash.GetDigestSize()]; + + pHash.DoFinal(res, 0); + + IsTrue("oops!", Arrays.AreEqual(Hex.Decode("CD F1 52 89 B5 4F 62 12 B4 BC 27 05 28 B4 95 26 00 6D D9 B5 4E 2B 6A DD 1E F6 90 0D DA 39 63 BB 33 A7 24 91 F2 36 96 9C A8 AF AE A2 9C 68 2D 47 A3 93 C0 65 B3 8E 29 FA E6 51 A2 09 1C 83 31 10"), res)); + + pHash = new ParallelHash(256, Strings.ToByteArray("Parallel Data"), 12); + + data = Hex.Decode("00 01 02 03 04 05 06 07 08 09 0A 0B 10 11 12 13 14 15 16 17 18 19 1A 1B 20 21 22 23 24 25 26 27 28 29 2A 2B 30 31 32 33 34 35 36 37 38 39 3A 3B 40 41 42 43 44 45 46 47 48 49 4A 4B 50 51 52 53 54 55 56 57 58 59 5A 5B"); + + pHash.BlockUpdate(data, 0, data.Length); + + res = new byte[pHash.GetDigestSize()]; + + pHash.DoFinal(res, 0); + + IsTrue("oops!", Arrays.AreEqual(Hex.Decode("69 D0 FC B7 64 EA 05 5D D0 93 34 BC 60 21 CB 7E 4B 61 34 8D FF 37 5D A2 62 67 1C DE C3 EF FA 8D 1B 45 68 A6 CC E1 6B 1C AD 94 6D DD E2 7F 6C E2 B8 DE E4 CD 1B 24 85 1E BF 00 EB 90 D4 38 13 E9"), res)); + + pHash = new ParallelHash(128, Strings.ToByteArray("Parallel Data"), 12); + + data = Hex.Decode("00 01 02 03 04 05 06 07 08 09 0A 0B 10 11 12 13 14 15 16 17 18 19 1A 1B 20 21 22 23 24 25 26 27 28 29 2A 2B 30 31 32 33 34 35 36 37 38 39 3A 3B 40 41 42 43 44 45 46 47 48 49 4A 4B 50 51 52 53 54 55 56 57 58 59 5A 5B"); + pHash.BlockUpdate(data, 0, data.Length); + + res = new byte[32]; + + pHash.DoOutput(res, 0, res.Length); + + IsTrue("oops!", !Arrays.AreEqual(Hex.Decode("F7 FD 53 12 89 6C 66 85 C8 28 AF 7E 2A DB 97 E3 93 E7 F8 D5 4E 3C 2E A4 B9 5E 5A CA 37 96 E8 FC"), res)); + IsTrue("oops!", Arrays.AreEqual(Hex.Decode("0127ad9772ab904691987fcc4a24888f341fa0db2145e872d4efd255376602f0"), res)); + + pHash = new ParallelHash(256, Strings.ToByteArray("Parallel Data"), 12); + + data = Hex.Decode("00 01 02 03 04 05 06 07 08 09 0A 0B 10 11 12 13 14 15 16 17 18 19 1A 1B 20 21 22 23 24 25 26 27 28 29 2A 2B 30 31 32 33 34 35 36 37 38 39 3A 3B 40 41 42 43 44 45 46 47 48 49 4A 4B 50 51 52 53 54 55 56 57 58 59 5A 5B"); + pHash.BlockUpdate(data, 0, data.Length); + + res = new byte[64]; + + pHash.DoOutput(res, 0, res.Length); + + IsTrue("oops!", !Arrays.AreEqual(Hex.Decode("69 D0 FC B7 64 EA 05 5D D0 93 34 BC 60 21 CB 7E 4B 61 34 8D FF 37 5D A2 62 67 1C DE C3 EF FA 8D 1B 45 68 A6 CC E1 6B 1C AD 94 6D DD E2 7F 6C E2 B8 DE E4 CD 1B 24 85 1E BF 00 EB 90 D4 38 13 E9"), res)); + IsTrue("oops!", Arrays.AreEqual(Hex.Decode("6b3e790b330c889a204c2fbc728d809f19367328d852f4002dc829f73afd6bcefb7fe5b607b13a801c0be5c1170bdb794e339458fdb0e62a6af3d42558970249"), res)); + + testEmpty(); + } + + private void testEmpty() + { + //{"tcId":90,"msg":"","len":0,"blockSize":62,"customization":"Ny0LL2tUmt\u003C\u002BkuN5:Z7pZ_7]R; l/i:%pWbo4}","outLen":16}, + //{"tcId":90,"md":"13C4","outLen":16} + ParallelHash pHash = new ParallelHash(256, Strings.ToByteArray("Ny0LL2tUmt\u003C\u002BkuN5:Z7pZ_7]R; l/i:%pWbo4}"), 62); + + pHash.BlockUpdate(new byte[0], 0, 0); + + byte[] res = new byte[16 / 8]; + + pHash.DoOutput(res, 0, res.Length); + + IsTrue(Arrays.AreEqual(Hex.Decode("13C4"), res)); + } +} +} diff --git a/BouncyCastle/crypto/test/src/test/PkixNameConstraintsTest.cs b/BouncyCastle/crypto/test/src/test/PkixNameConstraintsTest.cs new file mode 100644 index 0000000..65f39dc --- /dev/null +++ b/BouncyCastle/crypto/test/src/test/PkixNameConstraintsTest.cs @@ -0,0 +1,476 @@ +using System; +using System.Text; + +using NUnit.Framework; + +using Org.BouncyCastle.Asn1; +using Org.BouncyCastle.Asn1.X509; +using Org.BouncyCastle.Pkix; +using Org.BouncyCastle.Utilities.Test; + +namespace Org.BouncyCastle.Tests +{ + ///

    + /// Test class for {@link PkixNameConstraintValidator}. + /// The field testXYZ is the name to test. + /// The field testXYZIsConstraint must be tested if it is permitted and excluded. + /// The field testXYZIsNotConstraint must be tested if it is not permitted and + /// not excluded. + /// Furthermore there are tests for the intersection and union of test names. + /// + [TestFixture] + public class PkixNameConstraintsTest + : SimpleTest + { + private readonly string testEmail = "test@abc.test.com"; + + private readonly string[] testEmailIsConstraint = { "test@abc.test.com", "abc.test.com", ".test.com" }; + + private readonly string[] testEmailIsNotConstraint = { ".abc.test.com", "www.test.com", "test1@abc.test.com", "bc.test.com" }; + + private readonly string[] email1 = { + "test@test.com", "test@test.com", "test@test.com", "test@abc.test.com", + "test@test.com", "test@test.com", ".test.com", ".test.com", + ".test.com", ".test.com", "test.com", "abc.test.com", + "abc.test1.com", "test.com", "test.com", ".test.com" }; + + private readonly string[] email2 = { + "test@test.abc.com", "test@test.com", ".test.com", ".test.com", + "test.com", "test1.com", "test@test.com", ".test.com", + ".test1.com", "test.com", "test.com", ".test.com", ".test.com", + "test1.com", ".test.com", "abc.test.com" }; + + private readonly string[] emailintersect = { + null, "test@test.com", null, "test@abc.test.com", "test@test.com", null, + null, ".test.com", null, null, "test.com", "abc.test.com", null, + null, null, "abc.test.com" }; + + private readonly string[][] emailunion = new string[16][] { + new string[] { "test@test.com", "test@test.abc.com" }, + new string[] { "test@test.com" }, + new string[] { "test@test.com", ".test.com" }, + new string[] { ".test.com" }, + new string[] { "test.com" }, + new string[] { "test@test.com", "test1.com" }, + new string[] { ".test.com", "test@test.com" }, + new string[] { ".test.com" }, + new string[] { ".test.com", ".test1.com" }, + new string[] { ".test.com", "test.com" }, + new string[] { "test.com" }, + new string[] { ".test.com" }, + new string[] { ".test.com", "abc.test1.com" }, + new string[] { "test1.com", "test.com" }, + new string[] { ".test.com", "test.com" }, + new string[] { ".test.com" } }; + + private readonly string[] dn1 = { "O=test org, OU=test org unit, CN=John Doe" }; + + private readonly string[] dn2 = { "O=test org, OU=test org unit" }; + + private readonly string[][] dnUnion = new string[1][] { + new string[] { "O=test org, OU=test org unit" } }; + + private readonly string[] dnIntersection = { "O=test org, OU=test org unit, CN=John Doe" }; + + // Note: In BC text conversion is ISO format - IETF starts at the back. + private readonly string testDN = "O=test org, OU=test org unit, CN=John Doe"; + + private readonly string[] testDNIsConstraint = + { + "O=test org, OU=test org unit", + "O=test org, OU=test org unit, CN=John Doe", + }; + + private readonly string[] testDNIsNotConstraint = + { + "O=test org, OU=test org unit, CN=John Doe2", + "O=test org, OU=test org unit2", + "O=test org, OU=test org unit, CN=John Doe, L=USA" + }; + + private readonly string testDNS = "abc.test.com"; + + private readonly string[] testDNSIsConstraint = { "test.com", "abc.test.com", "test.com" }; + + private readonly string[] testDNSIsNotConstraint = { "wwww.test.com", "ww.test.com", "www.test.com" }; + + private readonly string[] dns1 = { "www.test.de", "www.test1.de", "www.test.de" }; + + private readonly string[] dns2 = { "test.de", "www.test.de", "www.test.de" }; + + private readonly string[] dnsintersect = { "www.test.de", null, null }; + + private readonly string[][] dnsunion = new string[3][] { + new string[] { "test.de" }, + new string[] { "www.test1.de", "www.test.de" }, + new string[] { "www.test.de" } }; + + private readonly string testURI = "http://karsten:password@abc.test.com:8080"; + + private readonly string[] testURIIsConstraint = { "abc.test.com", ".test.com" }; + + private readonly string[] testURIIsNotConstraint = { "xyz.test.com", ".abc.test.com" }; + + private readonly string[] uri1 = { "www.test.de", ".test.de", "test1.de", ".test.de" }; + + private readonly string[] uri2 = { "test.de", "www.test.de", "test1.de", ".test.de" }; + + private readonly string[] uriintersect = { null, "www.test.de", "test1.de", ".test.de" }; + + private readonly string[][] uriunion = new string[4][] { + new string[] { "www.test.de", "test.de" }, + new string[] { ".test.de" }, + new string[] { "test1.de" }, + new string[] { ".test.de" } }; + + private readonly byte[] testIP = { (byte)192, (byte)168, 1, 2 }; + + private readonly byte[][] testIPIsConstraint = new byte[2][] { + new byte[] { (byte) 192, (byte) 168, 1, 1, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, 0 }, + new byte[] { (byte) 192, (byte) 168, 1, 1, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, 4 } }; + + private readonly byte[][] testIPIsNotConstraint = new byte[2][] { + new byte[] { (byte) 192, (byte) 168, 3, 1, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, 2 }, + new byte[] { (byte) 192, (byte) 168, 1, 1, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, 3 } }; + + private readonly byte[][] ip1 = new byte[3][] { + new byte[] { (byte) 192, (byte) 168, 1, 1, (byte) 0xFF, (byte) 0xFF, + (byte) 0xFE, (byte) 0xFF }, + new byte[] { (byte) 192, (byte) 168, 1, 1, (byte) 0xFF, (byte) 0xFF, + (byte) 0xFF, (byte) 0xFF }, + new byte[] { (byte) 192, (byte) 168, 1, 1, (byte) 0xFF, (byte) 0xFF, + (byte) 0xFF, (byte) 0x00 } }; + + private readonly byte[][] ip2 = new byte[3][] { + new byte[] { (byte) 192, (byte) 168, 0, 1, (byte) 0xFF, (byte) 0xFF, + (byte) 0xFC, 3 }, + new byte[] { (byte) 192, (byte) 168, 1, 1, (byte) 0xFF, (byte) 0xFF, + (byte) 0xFF, (byte) 0xFF }, + new byte[] { (byte) 192, (byte) 168, 0, 1, (byte) 0xFF, (byte) 0xFF, + (byte) 0xFF, (byte) 0x00 } }; + + private readonly byte[][] ipintersect = new byte[3][] { + new byte[] { (byte) 192, (byte) 168, 0, 1, (byte) 0xFF, (byte) 0xFF, + (byte) 0xFE, (byte) 0xFF }, + new byte[] { (byte) 192, (byte) 168, 1, 1, (byte) 0xFF, (byte) 0xFF, + (byte) 0xFF, (byte) 0xFF }, null }; + + private readonly byte[][][] ipunion = new byte[3][][] { + new byte[2][] { + new byte[] { (byte) 192, (byte) 168, 1, 1, (byte) 0xFF, (byte) 0xFF, + (byte) 0xFE, (byte) 0xFF }, + new byte[] { (byte) 192, (byte) 168, 0, 1, (byte) 0xFF, (byte) 0xFF, + (byte) 0xFC, 3 } }, + new byte[1][] { + new byte[] { (byte) 192, (byte) 168, 1, 1, (byte) 0xFF, (byte) 0xFF, + (byte) 0xFF, (byte) 0xFF } }, + new byte[2][] { + new byte[] { (byte) 192, (byte) 168, 1, 1, (byte) 0xFF, (byte) 0xFF, + (byte) 0xFF, (byte) 0x00 }, + new byte[] { (byte) 192, (byte) 168, 0, 1, (byte) 0xFF, (byte) 0xFF, + (byte) 0xFF, (byte) 0x00 } } }; + + public override string Name + { + get { return "PkixNameConstraintsTest"; } + } + + public override void PerformTest() + { + TestConstraints(GeneralName.Rfc822Name, testEmail, + testEmailIsConstraint, testEmailIsNotConstraint, email1, email2, + emailunion, emailintersect); + TestConstraints(GeneralName.DnsName, testDNS, testDNSIsConstraint, + testDNSIsNotConstraint, dns1, dns2, dnsunion, dnsintersect); + TestConstraints(GeneralName.DirectoryName, testDN, testDNIsConstraint, + testDNIsNotConstraint, dn1, dn2, dnUnion, dnIntersection); + TestConstraints(GeneralName.UniformResourceIdentifier, testURI, + testURIIsConstraint, testURIIsNotConstraint, uri1, uri2, uriunion, + uriintersect); + TestConstraints(GeneralName.IPAddress, testIP, testIPIsConstraint, + testIPIsNotConstraint, ip1, ip2, ipunion, ipintersect); + + PkixNameConstraintValidator constraintValidator = new PkixNameConstraintValidator(); + constraintValidator.IntersectPermittedSubtree(new DerSequence(new GeneralSubtree( + new GeneralName(GeneralName.DirectoryName, + new X509Name(true, "ou=permittedSubtree1, o=Test Certificates 2011, c=US"))))); + constraintValidator.checkPermitted( + new GeneralName(GeneralName.DirectoryName, + new X509Name(true, "cn=Valid DN nameConstraints EE Certificate Test1, ou=permittedSubtree1, o=Test Certificates 2011, c=US"))); + + GeneralName name = new GeneralName(GeneralName.OtherName, new OtherName(new DerObjectIdentifier("1.1"), DerNull.Instance)); + GeneralSubtree subtree = new GeneralSubtree(name); + + PkixNameConstraintValidator validator = new PkixNameConstraintValidator(); + validator.IntersectPermittedSubtree(new DerSequence(subtree)); + + name = new GeneralName(GeneralName.OtherName, new OtherName(new DerObjectIdentifier("1.1"), DerNull.Instance)); + subtree = new GeneralSubtree(name); + + validator = new PkixNameConstraintValidator(); + validator.IntersectPermittedSubtree(new DerSequence(subtree)); + validator.AddExcludedSubtree(subtree); + + try + { + validator.checkExcluded(name); + } + catch (PkixNameConstraintValidatorException e) + { + IsEquals("OtherName is from an excluded subtree.", e.Message); + } + + try + { + validator.checkPermitted(name); + } + catch (PkixNameConstraintValidatorException e) + { + Fail(e.Message); + } + } + + /** + * Tests string based GeneralNames for inclusion or exclusion. + * + * @param nameType The {@link GeneralName} type to test. + * @param testName The name to test. + * @param testNameIsConstraint The names where testName must + * be included and excluded. + * @param testNameIsNotConstraint The names where testName + * must not be excluded and included. + * @param testNames1 Operand 1 of test names to use for union and + * intersection testing. + * @param testNames2 Operand 2 of test names to use for union and + * intersection testing. + * @param testUnion The union results. + * @param testInterSection The intersection results. + * @throws Exception If an unexpected exception occurs. + */ + private void TestConstraints( + int nameType, + string testName, + string[] testNameIsConstraint, + string[] testNameIsNotConstraint, + string[] testNames1, + string[] testNames2, + string[][] testUnion, + string[] testInterSection) + { + for (int i = 0; i < testNameIsConstraint.Length; i++) + { + PkixNameConstraintValidator constraintValidator = new PkixNameConstraintValidator(); + constraintValidator.IntersectPermittedSubtree(new DerSequence(new GeneralSubtree( + new GeneralName(nameType, testNameIsConstraint[i])))); + constraintValidator.checkPermitted(new GeneralName(nameType, testName)); + } + for (int i = 0; i < testNameIsNotConstraint.Length; i++) + { + PkixNameConstraintValidator constraintValidator = new PkixNameConstraintValidator(); + constraintValidator.IntersectPermittedSubtree(new DerSequence(new GeneralSubtree( + new GeneralName(nameType, testNameIsNotConstraint[i])))); + try + { + constraintValidator.checkPermitted(new GeneralName(nameType, testName)); + Fail("not permitted name allowed: " + nameType); + } + catch (PkixNameConstraintValidatorException) + { + // expected + } + } + for (int i = 0; i < testNameIsConstraint.Length; i++) + { + PkixNameConstraintValidator constraintValidator = new PkixNameConstraintValidator(); + constraintValidator.AddExcludedSubtree(new GeneralSubtree(new GeneralName( + nameType, testNameIsConstraint[i]))); + try + { + constraintValidator.checkExcluded(new GeneralName(nameType, testName)); + Fail("excluded name missed: " + nameType); + } + catch (PkixNameConstraintValidatorException) + { + // expected + } + } + for (int i = 0; i < testNameIsNotConstraint.Length; i++) + { + PkixNameConstraintValidator constraintValidator = new PkixNameConstraintValidator(); + constraintValidator.AddExcludedSubtree(new GeneralSubtree(new GeneralName( + nameType, testNameIsNotConstraint[i]))); + constraintValidator.checkExcluded(new GeneralName(nameType, testName)); + } + for (int i = 0; i < testNames1.Length; i++) + { + PkixNameConstraintValidator constraintValidator = new PkixNameConstraintValidator(); + constraintValidator.AddExcludedSubtree(new GeneralSubtree(new GeneralName( + nameType, testNames1[i]))); + constraintValidator.AddExcludedSubtree(new GeneralSubtree(new GeneralName( + nameType, testNames2[i]))); + PkixNameConstraintValidator constraints2 = new PkixNameConstraintValidator(); + for (int j = 0; j < testUnion[i].Length; j++) + { + constraints2.AddExcludedSubtree(new GeneralSubtree( + new GeneralName(nameType, testUnion[i][j]))); + } + if (!constraints2.Equals(constraintValidator)) + { + Fail("union wrong: " + nameType); + } + constraintValidator = new PkixNameConstraintValidator(); + constraintValidator.IntersectPermittedSubtree(new DerSequence(new GeneralSubtree( + new GeneralName(nameType, testNames1[i])))); + constraintValidator.IntersectPermittedSubtree(new DerSequence(new GeneralSubtree( + new GeneralName(nameType, testNames2[i])))); + constraints2 = new PkixNameConstraintValidator(); + if (testInterSection[i] != null) + { + constraints2.IntersectPermittedSubtree(new DerSequence(new GeneralSubtree( + new GeneralName(nameType, testInterSection[i])))); + } + else + { + constraints2.IntersectEmptyPermittedSubtree(nameType); + } + if (!constraints2.Equals(constraintValidator)) + { + Fail("intersection wrong: " + nameType); + } + } + } + + /** + * Tests byte array based GeneralNames for inclusion or exclusion. + * + * @param nameType The {@link GeneralName} type to test. + * @param testName The name to test. + * @param testNameIsConstraint The names where testName must + * be included and excluded. + * @param testNameIsNotConstraint The names where testName + * must not be excluded and included. + * @param testNames1 Operand 1 of test names to use for union and + * intersection testing. + * @param testNames2 Operand 2 of test names to use for union and + * intersection testing. + * @param testUnion The union results. + * @param testInterSection The intersection results. + * @throws Exception If an unexpected exception occurs. + */ + private void TestConstraints( + int nameType, + byte[] testName, + byte[][] testNameIsConstraint, + byte[][] testNameIsNotConstraint, + byte[][] testNames1, + byte[][] testNames2, + byte[][][] testUnion, + byte[][] testInterSection) + { + for (int i = 0; i < testNameIsConstraint.Length; i++) + { + PkixNameConstraintValidator constraintValidator = new PkixNameConstraintValidator(); + constraintValidator.IntersectPermittedSubtree(new DerSequence(new GeneralSubtree( + new GeneralName(nameType, new DerOctetString( + testNameIsConstraint[i]))))); + constraintValidator.checkPermitted(new GeneralName(nameType, + new DerOctetString(testName))); + } + for (int i = 0; i < testNameIsNotConstraint.Length; i++) + { + PkixNameConstraintValidator constraintValidator = new PkixNameConstraintValidator(); + constraintValidator.IntersectPermittedSubtree(new DerSequence(new GeneralSubtree( + new GeneralName(nameType, new DerOctetString( + testNameIsNotConstraint[i]))))); + try + { + constraintValidator.checkPermitted(new GeneralName(nameType, + new DerOctetString(testName))); + Fail("not permitted name allowed: " + nameType); + } + catch (PkixNameConstraintValidatorException) + { + // expected + } + } + for (int i = 0; i < testNameIsConstraint.Length; i++) + { + PkixNameConstraintValidator constraintValidator = new PkixNameConstraintValidator(); + constraintValidator.AddExcludedSubtree(new GeneralSubtree(new GeneralName( + nameType, new DerOctetString(testNameIsConstraint[i])))); + try + { + constraintValidator.checkExcluded(new GeneralName(nameType, + new DerOctetString(testName))); + Fail("excluded name missed: " + nameType); + } + catch (PkixNameConstraintValidatorException) + { + // expected + } + } + for (int i = 0; i < testNameIsNotConstraint.Length; i++) + { + PkixNameConstraintValidator constraintValidator = new PkixNameConstraintValidator(); + constraintValidator.AddExcludedSubtree(new GeneralSubtree(new GeneralName( + nameType, new DerOctetString(testNameIsNotConstraint[i])))); + constraintValidator.checkExcluded(new GeneralName(nameType, + new DerOctetString(testName))); + } + for (int i = 0; i < testNames1.Length; i++) + { + PkixNameConstraintValidator constraintValidator = new PkixNameConstraintValidator(); + constraintValidator.AddExcludedSubtree(new GeneralSubtree(new GeneralName( + nameType, new DerOctetString(testNames1[i])))); + constraintValidator.AddExcludedSubtree(new GeneralSubtree(new GeneralName( + nameType, new DerOctetString(testNames2[i])))); + PkixNameConstraintValidator constraints2 = new PkixNameConstraintValidator(); + for (int j = 0; j < testUnion[i].Length; j++) + { + constraints2.AddExcludedSubtree(new GeneralSubtree( + new GeneralName(nameType, new DerOctetString( + testUnion[i][j])))); + } + if (!constraints2.Equals(constraintValidator)) + { + Fail("union wrong: " + nameType); + } + constraintValidator = new PkixNameConstraintValidator(); + constraintValidator.IntersectPermittedSubtree(new DerSequence(new GeneralSubtree( + new GeneralName(nameType, new DerOctetString(testNames1[i]))))); + constraintValidator.IntersectPermittedSubtree(new DerSequence(new GeneralSubtree( + new GeneralName(nameType, new DerOctetString(testNames2[i]))))); + constraints2 = new PkixNameConstraintValidator(); + if (testInterSection[i] != null) + { + constraints2.IntersectPermittedSubtree(new DerSequence(new GeneralSubtree( + new GeneralName(nameType, new DerOctetString( + testInterSection[i]))))); + } + else + { + constraints2.IntersectEmptyPermittedSubtree(nameType); + } + + if (!constraints2.Equals(constraintValidator)) + { + Fail("intersection wrong: " + nameType); + } + } + } + + public static void Main( + string[] args) + { + RunTest(new PkixNameConstraintsTest()); + } + + [Test] + public void TestFunction() + { + string resultText = Perform().ToString(); + + Assert.AreEqual(Name + ": Okay", resultText); + } + } +} diff --git a/BouncyCastle/crypto/test/src/test/PkixPolicyMappingTest.cs b/BouncyCastle/crypto/test/src/test/PkixPolicyMappingTest.cs new file mode 100644 index 0000000..47e2c31 --- /dev/null +++ b/BouncyCastle/crypto/test/src/test/PkixPolicyMappingTest.cs @@ -0,0 +1,419 @@ +using System; +using System.Collections; + +using NUnit.Framework; + +using Org.BouncyCastle.Asn1; +using Org.BouncyCastle.Asn1.X509; +using Org.BouncyCastle.Crypto; +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Math; +using Org.BouncyCastle.Pkix; +using Org.BouncyCastle.Utilities.Collections; +using Org.BouncyCastle.Utilities.Test; +using Org.BouncyCastle.X509; +using Org.BouncyCastle.X509.Store; + +namespace Org.BouncyCastle.Tests +{ + [TestFixture] + public class PkixPolicyMappingTest : SimpleTest + { + static X509V3CertificateGenerator v3CertGen = new X509V3CertificateGenerator(); + + public override string Name + { + get { return "PkixPolicyMapping"; } + } + + /** + * TrustAnchor's Cert + */ + private X509Certificate CreateTrustCert( + AsymmetricKeyParameter pubKey, + AsymmetricKeyParameter privKey) + { + string issuer = "C=JP, O=policyMappingAdditionalTest, OU=trustAnchor"; + string subject = "C=JP, O=policyMappingAdditionalTest, OU=trustAnchor"; + v3CertGen.SetSerialNumber(BigInteger.ValueOf(10)); + v3CertGen.SetIssuerDN(new X509Name(issuer)); + v3CertGen.SetNotBefore(DateTime.UtcNow.AddDays(-30)); + v3CertGen.SetNotAfter(DateTime.UtcNow.AddDays(30)); + v3CertGen.SetSubjectDN(new X509Name(subject)); + v3CertGen.SetPublicKey(pubKey); + v3CertGen.SetSignatureAlgorithm("SHA1WithRSAEncryption"); + X509Certificate cert = v3CertGen.Generate(privKey); + return cert; + } + + /** + * intermediate cert + */ + private X509Certificate CreateIntmedCert( + AsymmetricKeyParameter pubKey, + AsymmetricKeyParameter caPrivKey, + AsymmetricKeyParameter caPubKey, + Asn1EncodableVector policies, + Hashtable policyMap) + { + string issuer = "C=JP, O=policyMappingAdditionalTest, OU=trustAnchor"; + string subject = "C=JP, O=policyMappingAdditionalTest, OU=intmedCA"; + v3CertGen.Reset(); + v3CertGen.SetSerialNumber(BigInteger.ValueOf(20)); + v3CertGen.SetIssuerDN(new X509Name(issuer)); + v3CertGen.SetNotBefore(DateTime.UtcNow.AddDays(-30)); + v3CertGen.SetNotAfter(DateTime.UtcNow.AddDays(30)); + v3CertGen.SetSubjectDN(new X509Name(subject)); + v3CertGen.SetPublicKey(pubKey); + v3CertGen.SetSignatureAlgorithm("SHA1WithRSAEncryption"); + v3CertGen.AddExtension(X509Extensions.CertificatePolicies, true, new DerSequence(policies)); + v3CertGen.AddExtension(X509Extensions.BasicConstraints, true, new BasicConstraints(true)); + v3CertGen.AddExtension(X509Extensions.PolicyMappings, true, new PolicyMappings(policyMap)); + X509Certificate cert = v3CertGen.Generate(caPrivKey); + return cert; + } + + /** + * endEntity cert + */ + private X509Certificate CreateEndEntityCert( + AsymmetricKeyParameter pubKey, + AsymmetricKeyParameter caPrivKey, + AsymmetricKeyParameter caPubKey, + Asn1EncodableVector policies) + { + string issuer = "C=JP, O=policyMappingAdditionalTest, OU=intMedCA"; + string subject = "C=JP, O=policyMappingAdditionalTest, OU=endEntity"; + v3CertGen.Reset(); + v3CertGen.SetSerialNumber(BigInteger.ValueOf(20)); + v3CertGen.SetIssuerDN(new X509Name(issuer)); + v3CertGen.SetNotBefore(DateTime.UtcNow.AddDays(-30)); + v3CertGen.SetNotAfter(DateTime.UtcNow.AddDays(30)); + v3CertGen.SetSubjectDN(new X509Name(subject)); + v3CertGen.SetPublicKey(pubKey); + v3CertGen.SetSignatureAlgorithm("SHA1WithRSAEncryption"); + v3CertGen.AddExtension(X509Extensions.CertificatePolicies, true, new DerSequence(policies)); + X509Certificate cert = v3CertGen.Generate(caPrivKey); + return cert; + } + + private string TestPolicies( + int index, + X509Certificate trustCert, + X509Certificate intCert, + X509Certificate endCert, + ISet requirePolicies, + bool okay) + { + ISet trust = new HashSet(); + trust.Add(new TrustAnchor(trustCert, null)); + X509CertStoreSelector targetConstraints = new X509CertStoreSelector(); + targetConstraints.Subject = endCert.SubjectDN; + PkixBuilderParameters pbParams = new PkixBuilderParameters(trust, targetConstraints); + + ISet certs = new HashSet(); + certs.Add(intCert); + certs.Add(endCert); + + IX509Store store = X509StoreFactory.Create( + "CERTIFICATE/COLLECTION", + new X509CollectionStoreParameters(certs)); + pbParams.AddStore(store); + + pbParams.IsRevocationEnabled = false; + if (requirePolicies != null) + { + pbParams.IsExplicitPolicyRequired = true; + pbParams.SetInitialPolicies(requirePolicies); + } + +// CertPathBuilder cpb = CertPathBuilder.GetInstance("PKIX"); + PkixCertPathBuilder cpb = new PkixCertPathBuilder(); + PkixCertPathBuilderResult result = null; + + try + { + result = (PkixCertPathBuilderResult)cpb.Build(pbParams); + + if (!okay) + { + Fail(index + ": path validated when failure expected."); + } + +// if (result.getPolicyTree() != null) +// { +// Console.WriteLine("OK"); +// Console.WriteLine("policy: " + result.getPolicyTree()); +// } +// else +// { +// Console.WriteLine("OK: policy tree = null"); +// } + + return ""; + } + catch (TestFailedException e) + { + throw e; + } + catch (Exception e) + { + if (okay) + { + Fail(index + ": path failed to validate when success expected."); + } + + Exception ee = e.InnerException; + if (ee != null) + { + return ee.Message; + } + + return e.Message; + } + } + + public override void PerformTest() + { + // + // personal keys + // + RsaPublicKeyStructure pubKeySpec = new RsaPublicKeyStructure( + new BigInteger("b4a7e46170574f16a97082b22be58b6a2a629798419be12872a4bdba626cfae9900f76abfb12139dce5de56564fab2b6543165a040c606887420e33d91ed7ed7", 16), + new BigInteger("11", 16)); + + RsaPrivateCrtKeyParameters privKeySpec = new RsaPrivateCrtKeyParameters( + new BigInteger("b4a7e46170574f16a97082b22be58b6a2a629798419be12872a4bdba626cfae9900f76abfb12139dce5de56564fab2b6543165a040c606887420e33d91ed7ed7", 16), + new BigInteger("11", 16), + new BigInteger("9f66f6b05410cd503b2709e88115d55daced94d1a34d4e32bf824d0dde6028ae79c5f07b580f5dce240d7111f7ddb130a7945cd7d957d1920994da389f490c89", 16), + new BigInteger("c0a0758cdf14256f78d4708c86becdead1b50ad4ad6c5c703e2168fbf37884cb", 16), + new BigInteger("f01734d7960ea60070f1b06f2bb81bfac48ff192ae18451d5e56c734a5aab8a5", 16), + new BigInteger("b54bb9edff22051d9ee60f9351a48591b6500a319429c069a3e335a1d6171391", 16), + new BigInteger("d3d83daf2a0cecd3367ae6f8ae1aeb82e9ac2f816c6fc483533d8297dd7884cd", 16), + new BigInteger("b8f52fc6f38593dabb661d3f50f8897f8106eee68b1bce78a95b132b4e5b5d19", 16)); + + // + // intermediate keys. + // + RsaPublicKeyStructure intPubKeySpec = new RsaPublicKeyStructure( + new BigInteger("8de0d113c5e736969c8d2b047a243f8fe18edad64cde9e842d3669230ca486f7cfdde1f8eec54d1905fff04acc85e61093e180cadc6cea407f193d44bb0e9449b8dbb49784cd9e36260c39e06a947299978c6ed8300724e887198cfede20f3fbde658fa2bd078be946a392bd349f2b49c486e20c405588e306706c9017308e69", 16), + new BigInteger("ffff", 16)); + + + RsaPrivateCrtKeyParameters intPrivKeySpec = new RsaPrivateCrtKeyParameters( + new BigInteger("8de0d113c5e736969c8d2b047a243f8fe18edad64cde9e842d3669230ca486f7cfdde1f8eec54d1905fff04acc85e61093e180cadc6cea407f193d44bb0e9449b8dbb49784cd9e36260c39e06a947299978c6ed8300724e887198cfede20f3fbde658fa2bd078be946a392bd349f2b49c486e20c405588e306706c9017308e69", 16), + new BigInteger("ffff", 16), + new BigInteger("7deb1b194a85bcfd29cf871411468adbc987650903e3bacc8338c449ca7b32efd39ffc33bc84412fcd7df18d23ce9d7c25ea910b1ae9985373e0273b4dca7f2e0db3b7314056ac67fd277f8f89cf2fd73c34c6ca69f9ba477143d2b0e2445548aa0b4a8473095182631da46844c356f5e5c7522eb54b5a33f11d730ead9c0cff", 16), + new BigInteger("ef4cede573cea47f83699b814de4302edb60eefe426c52e17bd7870ec7c6b7a24fe55282ebb73775f369157726fcfb988def2b40350bdca9e5b418340288f649", 16), + new BigInteger("97c7737d1b9a0088c3c7b528539247fd2a1593e7e01cef18848755be82f4a45aa093276cb0cbf118cb41117540a78f3fc471ba5d69f0042274defc9161265721", 16), + new BigInteger("6c641094e24d172728b8da3c2777e69adfd0839085be7e38c7c4a2dd00b1ae969f2ec9d23e7e37090fcd449a40af0ed463fe1c612d6810d6b4f58b7bfa31eb5f", 16), + new BigInteger("70b7123e8e69dfa76feb1236d0a686144b00e9232ed52b73847e74ef3af71fb45ccb24261f40d27f98101e230cf27b977a5d5f1f15f6cf48d5cb1da2a3a3b87f", 16), + new BigInteger("e38f5750d97e270996a286df2e653fd26c242106436f5bab0f4c7a9e654ce02665d5a281f2c412456f2d1fa26586ef04a9adac9004ca7f913162cb28e13bf40d", 16)); + + // + // ca keys + // + RsaPublicKeyStructure caPubKeySpec = new RsaPublicKeyStructure( + new BigInteger("b259d2d6e627a768c94be36164c2d9fc79d97aab9253140e5bf17751197731d6f7540d2509e7b9ffee0a70a6e26d56e92d2edd7f85aba85600b69089f35f6bdbf3c298e05842535d9f064e6b0391cb7d306e0a2d20c4dfb4e7b49a9640bdea26c10ad69c3f05007ce2513cee44cfe01998e62b6c3637d3fc0391079b26ee36d5", 16), + new BigInteger("11", 16)); + + RsaPrivateCrtKeyParameters caPrivKeySpec = new RsaPrivateCrtKeyParameters( + new BigInteger("b259d2d6e627a768c94be36164c2d9fc79d97aab9253140e5bf17751197731d6f7540d2509e7b9ffee0a70a6e26d56e92d2edd7f85aba85600b69089f35f6bdbf3c298e05842535d9f064e6b0391cb7d306e0a2d20c4dfb4e7b49a9640bdea26c10ad69c3f05007ce2513cee44cfe01998e62b6c3637d3fc0391079b26ee36d5", 16), + new BigInteger("11", 16), + new BigInteger("92e08f83cc9920746989ca5034dcb384a094fb9c5a6288fcc4304424ab8f56388f72652d8fafc65a4b9020896f2cde297080f2a540e7b7ce5af0b3446e1258d1dd7f245cf54124b4c6e17da21b90a0ebd22605e6f45c9f136d7a13eaac1c0f7487de8bd6d924972408ebb58af71e76fd7b012a8d0e165f3ae2e5077a8648e619", 16), + new BigInteger("f75e80839b9b9379f1cf1128f321639757dba514642c206bbbd99f9a4846208b3e93fbbe5e0527cc59b1d4b929d9555853004c7c8b30ee6a213c3d1bb7415d03", 16), + new BigInteger("b892d9ebdbfc37e397256dd8a5d3123534d1f03726284743ddc6be3a709edb696fc40c7d902ed804c6eee730eee3d5b20bf6bd8d87a296813c87d3b3cc9d7947", 16), + new BigInteger("1d1a2d3ca8e52068b3094d501c9a842fec37f54db16e9a67070a8b3f53cc03d4257ad252a1a640eadd603724d7bf3737914b544ae332eedf4f34436cac25ceb5", 16), + new BigInteger("6c929e4e81672fef49d9c825163fec97c4b7ba7acb26c0824638ac22605d7201c94625770984f78a56e6e25904fe7db407099cad9b14588841b94f5ab498dded", 16), + new BigInteger("dae7651ee69ad1d081ec5e7188ae126f6004ff39556bde90e0b870962fa7b926d070686d8244fe5a9aa709a95686a104614834b0ada4b10f53197a5cb4c97339", 16)); + + // + // set up the keys + // + AsymmetricKeyParameter caPrivKey = caPrivKeySpec; + RsaKeyParameters caPubKey = new RsaKeyParameters(false, caPubKeySpec.Modulus, caPubKeySpec.PublicExponent); + AsymmetricKeyParameter intPrivKey = intPrivKeySpec; + RsaKeyParameters intPubKey = new RsaKeyParameters(false, intPubKeySpec.Modulus, intPubKeySpec.PublicExponent); + AsymmetricKeyParameter privKey = privKeySpec; + RsaKeyParameters pubKey = new RsaKeyParameters(false, pubKeySpec.Modulus, intPubKeySpec.PublicExponent); + + X509Certificate trustCert = CreateTrustCert(caPubKey, caPrivKeySpec); + Asn1EncodableVector intPolicies = null; + Hashtable map = null; + Asn1EncodableVector policies = null; + ISet requirePolicies = null; + X509Certificate intCert = null; + X509Certificate endCert = null; + + // valid test_00 + intPolicies = new Asn1EncodableVector(); + intPolicies.Add(new PolicyInformation(new DerObjectIdentifier("2.5.29.32.0"))); + map = new Hashtable(); + map["2.16.840.1.101.3.2.1.48.1"] = "2.16.840.1.101.3.2.1.48.2"; + intCert = CreateIntmedCert(intPubKey, caPrivKey, caPubKey, intPolicies, map); + + policies = new Asn1EncodableVector(); + policies.Add(new PolicyInformation(new DerObjectIdentifier("2.16.840.1.101.3.2.1.48.2"))); + endCert = CreateEndEntityCert(pubKey, intPrivKey, intPubKey, policies); + + requirePolicies = null; + string msg = TestPolicies(0, trustCert, intCert, endCert, requirePolicies, true); + CheckMessage(0, msg, ""); + + // test_01 + intPolicies = new Asn1EncodableVector(); + intPolicies.Add(new PolicyInformation(new DerObjectIdentifier("2.5.29.32.0"))); + map = new Hashtable(); + map["2.16.840.1.101.3.2.1.48.1"] = "2.16.840.1.101.3.2.1.48.2"; + intCert = CreateIntmedCert(intPubKey, caPrivKey, caPubKey, intPolicies, map); + + policies = new Asn1EncodableVector(); + policies.Add(new PolicyInformation(new DerObjectIdentifier("2.16.840.1.101.3.2.1.48.2"))); + endCert = CreateEndEntityCert(pubKey, intPrivKey, intPubKey, policies); + + requirePolicies = new HashSet(); + requirePolicies.Add("2.16.840.1.101.3.2.1.48.1"); + msg = TestPolicies(1, trustCert, intCert, endCert, requirePolicies, true); + CheckMessage(1, msg, ""); + + // test_02 + intPolicies = new Asn1EncodableVector(); + intPolicies.Add(new PolicyInformation(new DerObjectIdentifier("2.5.29.32.0"))); + map = new Hashtable(); + map["2.16.840.1.101.3.2.1.48.1"] = "2.16.840.1.101.3.2.1.48.2"; + intCert = CreateIntmedCert(intPubKey, caPrivKey, caPubKey, intPolicies, map); + + policies = new Asn1EncodableVector(); + policies.Add(new PolicyInformation(new DerObjectIdentifier("2.16.840.1.101.3.2.1.48.2"))); + endCert = CreateEndEntityCert(pubKey, intPrivKey, intPubKey, policies); + + requirePolicies = new HashSet(); + requirePolicies.Add("2.5.29.32.0"); + msg = TestPolicies(2, trustCert, intCert, endCert, requirePolicies, true); + CheckMessage(2, msg, ""); + + // test_03 + intPolicies = new Asn1EncodableVector(); + intPolicies.Add(new PolicyInformation(new DerObjectIdentifier("2.16.840.1.101.3.2.1.48.3"))); + intPolicies.Add(new PolicyInformation(new DerObjectIdentifier("2.5.29.32.0"))); + map = new Hashtable(); + map["2.16.840.1.101.3.2.1.48.1"] = "2.16.840.1.101.3.2.1.48.2"; + intCert = CreateIntmedCert(intPubKey, caPrivKey, caPubKey, intPolicies, map); + + policies = new Asn1EncodableVector(); + policies.Add(new PolicyInformation(new DerObjectIdentifier("2.16.840.1.101.3.2.1.48.2"))); + endCert = CreateEndEntityCert(pubKey, intPrivKey, intPubKey, policies); + + requirePolicies = new HashSet(); + requirePolicies.Add("2.16.840.1.101.3.2.1.48.1"); + msg = TestPolicies(3, trustCert, intCert, endCert, requirePolicies, true); + CheckMessage(3, msg, ""); + + // test_04 + intPolicies = new Asn1EncodableVector(); + intPolicies.Add(new PolicyInformation(new DerObjectIdentifier("2.16.840.1.101.3.2.1.48.3"))); + intPolicies.Add(new PolicyInformation(new DerObjectIdentifier("2.5.29.32.0"))); + map = new Hashtable(); + map["2.16.840.1.101.3.2.1.48.1"] = "2.16.840.1.101.3.2.1.48.2"; + intCert = CreateIntmedCert(intPubKey, caPrivKey, caPubKey, intPolicies, map); + + policies = new Asn1EncodableVector(); + policies.Add(new PolicyInformation(new DerObjectIdentifier("2.16.840.1.101.3.2.1.48.3"))); + endCert = CreateEndEntityCert(pubKey, intPrivKey, intPubKey, policies); + + requirePolicies = new HashSet(); + requirePolicies.Add("2.16.840.1.101.3.2.1.48.3"); + msg = TestPolicies(4, trustCert, intCert, endCert, requirePolicies, true); + CheckMessage(4, msg, ""); + + // test_05 + intPolicies = new Asn1EncodableVector(); + intPolicies.Add(new PolicyInformation(new DerObjectIdentifier("2.5.29.32.0"))); + map = new Hashtable(); + map["2.16.840.1.101.3.2.1.48.1"] = "2.16.840.1.101.3.2.1.48.2"; + intCert = CreateIntmedCert(intPubKey, caPrivKey, caPubKey, intPolicies, map); + + policies = new Asn1EncodableVector(); + policies.Add(new PolicyInformation(new DerObjectIdentifier("2.16.840.1.101.3.2.1.48.2"))); + endCert = CreateEndEntityCert(pubKey, intPrivKey, intPubKey, policies); + + requirePolicies = new HashSet(); + requirePolicies.Add("2.16.840.1.101.3.2.1.48.2"); + msg = TestPolicies(5, trustCert, intCert, endCert, requirePolicies, false); + CheckMessage(5, msg, "Path processing failed on policy."); + + // test_06 + intPolicies = new Asn1EncodableVector(); + intPolicies.Add(new PolicyInformation(new DerObjectIdentifier("2.5.29.32.0"))); + map = new Hashtable(); + map["2.16.840.1.101.3.2.1.48.1"] = "2.16.840.1.101.3.2.1.48.2"; + intCert = CreateIntmedCert(intPubKey, caPrivKey, caPubKey, intPolicies, map); + + policies = new Asn1EncodableVector(); + policies.Add(new PolicyInformation(new DerObjectIdentifier("2.16.840.1.101.3.2.1.48.1"))); + endCert = CreateEndEntityCert(pubKey, intPrivKey, intPubKey, policies); + + requirePolicies = new HashSet(); + requirePolicies.Add("2.16.840.1.101.3.2.1.48.1"); + msg = TestPolicies(6, trustCert, intCert, endCert, requirePolicies, true); + CheckMessage(6, msg, ""); + + // test_07 + intPolicies = new Asn1EncodableVector(); + intPolicies.Add(new PolicyInformation(new DerObjectIdentifier("2.5.29.32.0"))); + map = new Hashtable(); + map["2.16.840.1.101.3.2.1.48.1"] = "2.16.840.1.101.3.2.1.48.2"; + intCert = CreateIntmedCert(intPubKey, caPrivKey, caPubKey, intPolicies, map); + + policies = new Asn1EncodableVector(); + policies.Add(new PolicyInformation(new DerObjectIdentifier("2.16.840.1.101.3.2.1.48.2"))); + endCert = CreateEndEntityCert(pubKey, intPrivKey, intPubKey, policies); + + requirePolicies = new HashSet(); + requirePolicies.Add("2.16.840.1.101.3.2.1.48.3"); + msg = TestPolicies(7, trustCert, intCert, endCert, requirePolicies, false); + CheckMessage(7, msg, "Path processing failed on policy."); + + // test_08 + intPolicies = new Asn1EncodableVector(); + intPolicies.Add(new PolicyInformation(new DerObjectIdentifier("2.5.29.32.0"))); + map = new Hashtable(); + map["2.16.840.1.101.3.2.1.48.1"] = "2.16.840.1.101.3.2.1.48.2"; + intCert = CreateIntmedCert(intPubKey, caPrivKey, caPubKey, intPolicies, map); + + policies = new Asn1EncodableVector(); + policies.Add(new PolicyInformation(new DerObjectIdentifier("2.16.840.1.101.3.2.1.48.3"))); + endCert = CreateEndEntityCert(pubKey, intPrivKey, intPubKey, policies); + + requirePolicies = new HashSet(); + requirePolicies.Add("2.16.840.1.101.3.2.1.48.1"); + msg = TestPolicies(8, trustCert, intCert, endCert, requirePolicies, false); + CheckMessage(8, msg, "Path processing failed on policy."); + } + + private void CheckMessage( + int index, + string msg, + string expected) + { + if (!msg.Equals(expected)) + { + Fail("test " + index + " failed got: " + msg + " expected: " + expected); + } + } + + public static void Main( + string[] args) + { + RunTest(new PkixPolicyMappingTest()); + } + + [Test] + public void TestFunction() + { + string resultText = Perform().ToString(); + + Assert.AreEqual(Name + ": Okay", resultText); + } + } +} diff --git a/BouncyCastle/crypto/test/src/test/PkixTest.cs b/BouncyCastle/crypto/test/src/test/PkixTest.cs new file mode 100644 index 0000000..8823196 --- /dev/null +++ b/BouncyCastle/crypto/test/src/test/PkixTest.cs @@ -0,0 +1,248 @@ +using System; +using System.IO; +using System.Collections; +using System.Text; + +using NUnit.Framework; + +using Org.BouncyCastle.X509; +using Org.BouncyCastle.Utilities.Encoders; +using Org.BouncyCastle.Utilities.Test; + +namespace Org.BouncyCastle.Tests +{ + [TestFixture] + public class PkixTest + : SimpleTest + { + /* + * The following certs and crls are described in: + * http://www.ietf.org/internet-drafts/draft-ietf-pkix-new-part1-08.txt + * + * This section contains four examples: three certificates and a CRL. + * The first two certificates and the CRL comprise a minimal + * certification path. + * + * Section C.1 contains an annotated hex dump of a "self-signed" + * certificate issued by a CA whose distinguished name is + * cn=us,o=gov,ou=nist. The certificate contains a DSA public key with + * parameters, and is signed by the corresponding DSA private key. + * + * Section C.2 contains an annotated hex dump of an end entity + * certificate. The end entity certificate contains a DSA public key, + * and is signed by the private key corresponding to the "self-signed" + * certificate in section C.1. + * + * Section C.3 contains a dump of an end entity certificate which + * contains an RSA public key and is signed with RSA and MD5. This + * certificate is not part of the minimal certification path. + * + * Section C.4 contains an annotated hex dump of a CRL. The CRL is + * issued by the CA whose distinguished name is cn=us,o=gov,ou=nist and + * the list of revoked certificates includes the end entity certificate + * presented in C.2. + */ + + /** + * C.1 Certificate + * + * This section contains an annotated hex dump of a 699 byte version 3 + * certificate. The certificate contains the following information: + * (a) the serial number is 23 (17 hex); + * (b) the certificate is signed with DSA and the SHA-1 hash algorithm; + * (c) the issuer's distinguished name is OU=NIST; O=gov; C=US + * (d) and the subject's distinguished name is OU=NIST; O=gov; C=US + * (e) the certificate was issued on June 30, 1997 and will expire on + * December 31, 1997; + * (f) the certificate contains a 1024 bit DSA public key with + * parameters; + * (g) the certificate contains a subject key identifier extension + * generated using method (1) of section 4.2.1.2; and + * (h) the certificate is a CA certificate (as indicated through the + * basic constraints extension.) + */ + static byte[] rootCertBin = Hex.Decode( + "308202bb3082027ba003020102020111300906072a8648ce380403302a310b30" + + "09060355040613025553310c300a060355040a1303676f76310d300b06035504" + + "0b13044e495354301e170d3937303633303030303030305a170d393731323331" + + "3030303030305a302a310b3009060355040613025553310c300a060355040a13" + + "03676f76310d300b060355040b13044e495354308201b83082012c06072a8648" + + "ce3804013082011f02818100b68b0f942b9acea525c6f2edfcfb9532ac011233" + + "b9e01cad909bbc48549ef394773c2c713555e6fe4f22cbd5d83e8993334dfcbd" + + "4f41643ea29870ec31b450deebf198280ac93e44b3fd22979683d018a3e3bd35" + + "5bffeea321726a7b96dab93f1e5a90af24d620f00d21a7d402b91afcac21fb9e" + + "949e4b42459e6ab24863fe43021500b20db0b101df0c6624fc1392ba55f77d57" + + "7481e5028181009abf46b1f53f443dc9a565fb91c08e47f10ac30147c2444236" + + "a99281de57c5e0688658007b1ff99b77a1c510a580917851513cf6fcfccc46c6" + + "817892843df4933d0c387e1a5b994eab1464f60c21224e28089c92b9669f40e8" + + "95f6d5312aef39a262c7b26d9e58c43aa81181846daff8b419b4c211aed0223b" + + "aa207fee1e57180381850002818100b59e1f490447d1dbf53addca0475e8dd75" + + "f69b8ab197d6596982d3034dfd3b365f4af2d14ec107f5d12ad378776356ea96" + + "614d420b7a1dfbab91a4cedeef77c8e5ef20aea62848afbe69c36aa530f2c2b9" + + "d9822b7dd9c4841fde0de854d71b992eb3d088f6d6639ba7e20e82d43b8a681b" + + "065631590b49eb99a5d581417bc955a3323030301d0603551d0e0416041486ca" + + "a5228162efad0a89bcad72412c2949f48656300f0603551d130101ff04053003" + + "0101ff300906072a8648ce380403032f00302c0214431bcf292545c04e52e77d" + + "d6fcb1664c83cf2d7702140b5b9a241198e8f3869004f608a9e18da5cc3ad4"); + + + /** + * C.2 Certificate + * + * This section contains an annotated hex dump of a 730 byte version 3 + * certificate. The certificate contains the following information: + * (a the serial number is 18 (12 hex); + * (b) the certificate is signed with DSA and the SHA-1 hash algorithm; + * (c) the issuer's distinguished name is OU=nist; O=gov; C=US + * (d) and the subject's distinguished name is CN=Tim Polk; OU=nist; + * O=gov; C=US + * (e) the certificate was valid from July 30, 1997 through December 1, + * 1997; + * (f) the certificate contains a 1024 bit DSA public key; + * (g) the certificate is an end entity certificate, as the basic + * constraints extension is not present; + * (h) the certificate contains an authority key identifier extension + * matching the subject key identifier of the certificate in Appendix + * C.1; and + * (i) the certificate includes one alternative name - an RFC 822 + * address of "wpolk@nist.gov". + */ + static byte[] userCert1Bin = Hex.Decode( + "308202da30820299a003020102020112300906072a8648ce380403302a310b30" + + "09060355040613025553310c300a060355040a1303676f76310d300b06035504" + + "0b13044e495354301e170d3937303733303030303030305a170d393731323031" + + "3030303030305a303d310b3009060355040613025553310c300a060355040a13" + + "03676f76310d300b060355040b13044e4953543111300f060355040313085469" + + "6d20506f6c6b308201b73082012c06072a8648ce3804013082011f02818100b6" + + "8b0f942b9acea525c6f2edfcfb9532ac011233b9e01cad909bbc48549ef39477" + + "3c2c713555e6fe4f22cbd5d83e8993334dfcbd4f41643ea29870ec31b450deeb" + + "f198280ac93e44b3fd22979683d018a3e3bd355bffeea321726a7b96dab93f1e" + + "5a90af24d620f00d21a7d402b91afcac21fb9e949e4b42459e6ab24863fe4302" + + "1500b20db0b101df0c6624fc1392ba55f77d577481e5028181009abf46b1f53f" + + "443dc9a565fb91c08e47f10ac30147c2444236a99281de57c5e0688658007b1f" + + "f99b77a1c510a580917851513cf6fcfccc46c6817892843df4933d0c387e1a5b" + + "994eab1464f60c21224e28089c92b9669f40e895f6d5312aef39a262c7b26d9e" + + "58c43aa81181846daff8b419b4c211aed0223baa207fee1e5718038184000281" + + "8030b675f77c2031ae38bb7e0d2baba09c4bdf20d524133ccd98e55f6cb7c1ba" + + "4abaa9958053f00d72dc3337f4010bf5041f9d2e1f62d8843a9b25095a2dc846" + + "8e2bd4f50d3bc72dc66cb998c1253a444e8eca9561357cce15315c23131ea205" + + "d17a241ccbd3720990ff9b9d28c0a10aec469f0db8d0dcd018a62b5ef98fb595" + + "bea33e303c30190603551d1104123010810e77706f6c6b406e6973742e676f76" + + "301f0603551d2304183016801486caa5228162efad0a89bcad72412c2949f486" + + "56300906072a8648ce380403033000302d02143697cbe3b42ce1bb61a9d3cc24" + + "cc22929ff4f587021500abc979afd2161ca9e368a91410b4a02eff225a73"); + + /** + * C.3 End Entity Certificate Using RSA + * + * This section contains an annotated hex dump of a 654 byte version 3 + * certificate. The certificate contains the following information: + * (a) the serial number is 256; + * (b) the certificate is signed with RSA and the SHA-1 hash algorithm; + * (c) the issuer's distinguished name is OU=NIST; O=gov; C=US + * (d) and the subject's distinguished name is CN=Tim Polk; OU=NIST; + * O=gov; C=US + * (e) the certificate was issued on May 21, 1996 at 09:58:26 and + * expired on May 21, 1997 at 09:58:26; + * (f) the certificate contains a 1024 bit RSA public key; + * (g) the certificate is an end entity certificate (not a CA + * certificate); + * (h) the certificate includes an alternative subject name of + * "<http://www.itl.nist.gov/div893/staff/polk/index.html>" and an + * alternative issuer name of "<http://www.nist.gov/>" - both are URLs; + * (i) the certificate include an authority key identifier extension + * and a certificate policies extension psecifying the policy OID + * 2.16.840.1.101.3.2.1.48.9; and + * (j) the certificate includes a critical key usage extension + * specifying that the public key is intended for verification of + * digital signatures. + */ + static byte[] userCert2Bin = Hex.Decode( + "3082028e308201f7a00302010202020100300d06092a864886f70d0101050500" + + "302a310b3009060355040613025553310c300a060355040b1303676f76310d30" + + "0b060355040a13044e495354301e170d3936303532313039353832365a170d39" + + "37303532313039353832365a303d310b3009060355040613025553310c300a06" + + "0355040b1303676f76310d300b060355040a13044e4953543111300f06035504" + + "03130854696d20506f6c6b30819f300d06092a864886f70d010101050003818d" + + "0030818902818100e16ae4033097023cf410f3b51e4d7f147bf6f5d078e9a48a" + + "f0a375ecedb656967f8899859af23e687787eb9ed19fc0b417dcab8923a41d7e" + + "16234c4fa84df531b87caae31a4909f44b26db2767308212014ae91ab6c10c53" + + "8b6cfc2f7a43ec33367e32b27bd5aacf0114c612ec13f22d147a8b215814134c" + + "46a39af21695ff230203010001a381af3081ac303f0603551d11043830368634" + + "687474703a2f2f7777772e69746c2e6e6973742e676f762f6469763839332f73" + + "746166662f706f6c6b2f696e6465782e68746d6c301f0603551d120418301686" + + "14687474703a2f2f7777772e6e6973742e676f762f301f0603551d2304183016" + + "80140868af8533c8394a7af882938e706a4a20842c3230170603551d20041030" + + "0e300c060a60864801650302013009300e0603551d0f0101ff04040302078030" + + "0d06092a864886f70d0101050500038181008e8e3656788bbfa13975172ee310" + + "dc832b6834521cf66c1d525e5420105e4ca940f94b729e82b961dceb32a5bdb1" + + "b148f99b01bbebaf9b83f6528cb06d7cd09a39543e6d206fcdd0debe275f204f" + + "b6ab0df5b7e1bab4dfdf3dd4f6ed01fb6ecb9859ac41fb489c1ff65b46e029e2" + + "76ecc43a0afc92c5c0d2a9c9d32952876533"); + + /** + * This section contains an annotated hex dump of a version 2 CRL with + * one extension (cRLNumber). The CRL was issued by OU=NIST; O=gov; C=US + * on August 7, 1997; the next scheduled issuance was September 7, 1997. + * The CRL includes one revoked certificates: serial number 18 (12 hex), + * which was revoked on July 31, 1997 due to keyCompromise. The CRL + * itself is number 18, and it was signed with DSA and SHA-1. + */ + static byte[] crlBin = Hex.Decode( + "3081cb30818c020101300906072a8648ce380403302a310b3009060355040613025553310c300a060355040a1303676f76310d300b060355040b13044e495354170d3937303830373030303030305a170d3937303930373030303030305a30223020020112170d3937303733313030303030305a300c300a0603551d1504030a0101a00e300c300a0603551d14040302010c300906072a8648ce380403032f00302c0214224e9f43ba950634f2bb5e65dba68005c03a29470214591a57c982d7022114c3d40b321b9616b11f465a"); + + public override void PerformTest() + { + try + { + X509CertificateParser certParser = new X509CertificateParser(); + X509CrlParser crlParser = new X509CrlParser(); + + X509Certificate rootCert = certParser.ReadCertificate(rootCertBin); + X509Certificate userCert1 = certParser.ReadCertificate(userCert1Bin); + X509Certificate userCert2 = certParser.ReadCertificate(userCert2Bin); + + X509Crl crl = crlParser.ReadCrl(crlBin); + + rootCert.Verify(rootCert.GetPublicKey()); + userCert1.Verify(rootCert.GetPublicKey()); + + crl.Verify(rootCert.GetPublicKey()); + + if (!crl.IsRevoked(userCert1)) + { + Fail(this.Name + ": usercert1 not revoked."); + } + + if (crl.IsRevoked(userCert2)) + { + Fail(this.Name + ": usercert2 revoked."); + } + + } + catch (Exception e) + { + Fail(this.Name + ": exception - " + e.ToString()); + } + } + + public override String Name + { + get { return "PkixTest"; } + } + + public static void Main( + string[] args) + { + RunTest(new PkixTest()); + } + + [Test] + public void TestFunction() + { + string resultText = Perform().ToString(); + + Assert.AreEqual(Name + ": Okay", resultText); + } + } +} diff --git a/BouncyCastle/crypto/test/src/test/RSATest.cs b/BouncyCastle/crypto/test/src/test/RSATest.cs new file mode 100644 index 0000000..a765ff1 --- /dev/null +++ b/BouncyCastle/crypto/test/src/test/RSATest.cs @@ -0,0 +1,685 @@ +using System; + +using NUnit.Framework; + +using Org.BouncyCastle.Asn1; +using Org.BouncyCastle.Asn1.Nist; +using Org.BouncyCastle.Asn1.Oiw; +using Org.BouncyCastle.Asn1.Pkcs; +using Org.BouncyCastle.Asn1.TeleTrust; +using Org.BouncyCastle.Asn1.X509; +using Org.BouncyCastle.Crypto; +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Math; +using Org.BouncyCastle.Security; +using Org.BouncyCastle.Utilities; +using Org.BouncyCastle.Utilities.Encoders; +using Org.BouncyCastle.Utilities.Test; + +namespace Org.BouncyCastle.Tests +{ + [TestFixture] + public class RsaTest + : SimpleTest + { + /** + * a fake random number generator - we just want to make sure the random numbers + * aren't random so that we get the same output, while still getting to test the + * key generation facilities. + */ + // TODO Use FixedSecureRandom instead? + private class MyFixedSecureRandom + : SecureRandom + { + byte[] seed = + { + (byte)0xaa, (byte)0xfd, (byte)0x12, (byte)0xf6, (byte)0x59, + (byte)0xca, (byte)0xe6, (byte)0x34, (byte)0x89, (byte)0xb4, + (byte)0x79, (byte)0xe5, (byte)0x07, (byte)0x6d, (byte)0xde, + (byte)0xc2, (byte)0xf0, (byte)0x6c, (byte)0xb5, (byte)0x8f + }; + + public override void NextBytes( + byte[] bytes) + { + int offset = 0; + + while ((offset + seed.Length) < bytes.Length) + { + seed.CopyTo(bytes, offset); + offset += seed.Length; + } + + Array.Copy(seed, 0, bytes, offset, bytes.Length - offset); + } + } + + private static readonly byte[] seed = + { + (byte)0xaa, (byte)0xfd, (byte)0x12, (byte)0xf6, (byte)0x59, + (byte)0xca, (byte)0xe6, (byte)0x34, (byte)0x89, (byte)0xb4, + (byte)0x79, (byte)0xe5, (byte)0x07, (byte)0x6d, (byte)0xde, + (byte)0xc2, (byte)0xf0, (byte)0x6c, (byte)0xb5, (byte)0x8f + }; + + private RsaKeyParameters pubKeySpec = new RsaKeyParameters( + false, + new BigInteger("b4a7e46170574f16a97082b22be58b6a2a629798419be12872a4bdba626cfae9900f76abfb12139dce5de56564fab2b6543165a040c606887420e33d91ed7ed7", 16), + new BigInteger("11", 16)); + + private RsaPrivateCrtKeyParameters privKeySpec = new RsaPrivateCrtKeyParameters( + new BigInteger("b4a7e46170574f16a97082b22be58b6a2a629798419be12872a4bdba626cfae9900f76abfb12139dce5de56564fab2b6543165a040c606887420e33d91ed7ed7", 16), + new BigInteger("11", 16), + new BigInteger("9f66f6b05410cd503b2709e88115d55daced94d1a34d4e32bf824d0dde6028ae79c5f07b580f5dce240d7111f7ddb130a7945cd7d957d1920994da389f490c89", 16), + new BigInteger("c0a0758cdf14256f78d4708c86becdead1b50ad4ad6c5c703e2168fbf37884cb", 16), + new BigInteger("f01734d7960ea60070f1b06f2bb81bfac48ff192ae18451d5e56c734a5aab8a5", 16), + new BigInteger("b54bb9edff22051d9ee60f9351a48591b6500a319429c069a3e335a1d6171391", 16), + new BigInteger("d3d83daf2a0cecd3367ae6f8ae1aeb82e9ac2f816c6fc483533d8297dd7884cd", 16), + new BigInteger("b8f52fc6f38593dabb661d3f50f8897f8106eee68b1bce78a95b132b4e5b5d19", 16)); + + private RsaKeyParameters isoPubKeySpec = new RsaKeyParameters( + false, + new BigInteger("0100000000000000000000000000000000bba2d15dbb303c8a21c5ebbcbae52b7125087920dd7cdf358ea119fd66fb064012ec8ce692f0a0b8e8321b041acd40b7", 16), + new BigInteger("03", 16)); + + private RsaKeyParameters isoPrivKeySpec = new RsaKeyParameters( + true, + new BigInteger("0100000000000000000000000000000000bba2d15dbb303c8a21c5ebbcbae52b7125087920dd7cdf358ea119fd66fb064012ec8ce692f0a0b8e8321b041acd40b7", 16), + new BigInteger("2aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaac9f0783a49dd5f6c5af651f4c9d0dc9281c96a3f16a85f9572d7cc3f2d0f25a9dbf1149e4cdc32273faadd3fda5dcda7", 16)); + + internal static RsaKeyParameters pub2048KeySpec = new RsaKeyParameters( + false, + new BigInteger("a7295693155b1813bb84877fb45343556e0568043de5910872a3a518cc11e23e2db74eaf4545068c4e3d258a2718fbacdcc3eafa457695b957e88fbf110aed049a992d9c430232d02f3529c67a3419935ea9b569f85b1bcd37de6b899cd62697e843130ff0529d09c97d813cb15f293751ff56f943fbdabb63971cc7f4f6d5bff1594416b1f5907bde5a84a44f9802ef29b43bda1960f948f8afb8766c1ab80d32eec88ed66d0b65aebe44a6d0b3c5e0ab051aaa1b912fbcc17b8e751ddecc5365b6db6dab0020c3057db4013a51213a5798a3aab67985b0f4d88627a54a0f3f0285fbcb4afdfeb65cb153af66825656d43238b75503231500753f4e421e3c57", 16), + new BigInteger("10001", 16)); + + internal static RsaPrivateCrtKeyParameters priv2048KeySpec = new RsaPrivateCrtKeyParameters( + new BigInteger("a7295693155b1813bb84877fb45343556e0568043de5910872a3a518cc11e23e2db74eaf4545068c4e3d258a2718fbacdcc3eafa457695b957e88fbf110aed049a992d9c430232d02f3529c67a3419935ea9b569f85b1bcd37de6b899cd62697e843130ff0529d09c97d813cb15f293751ff56f943fbdabb63971cc7f4f6d5bff1594416b1f5907bde5a84a44f9802ef29b43bda1960f948f8afb8766c1ab80d32eec88ed66d0b65aebe44a6d0b3c5e0ab051aaa1b912fbcc17b8e751ddecc5365b6db6dab0020c3057db4013a51213a5798a3aab67985b0f4d88627a54a0f3f0285fbcb4afdfeb65cb153af66825656d43238b75503231500753f4e421e3c57", 16), + new BigInteger("10001", 16), + new BigInteger("65dad56ac7df7abb434e4cb5eeadb16093aa6da7f0033aad3815289b04757d32bfee6ade7749c8e4a323b5050a2fb9e2a99e23469e1ed4ba5bab54336af20a5bfccb8b3424cc6923db2ffca5787ed87aa87aa614cd04cedaebc8f623a2d2063017910f436dff18bb06f01758610787f8b258f0a8efd8bd7de30007c47b2a1031696c7d6523bc191d4d918927a7e0b09584ed205bd2ff4fc4382678df82353f7532b3bbb81d69e3f39070aed3fb64fce032a089e8e64955afa5213a6eb241231bd98d702fba725a9b205952fda186412d9e0d9344d2998c455ad8c2bae85ee672751466d5288304032b5b7e02f7e558c7af82c7fbf58eea0bb4ef0f001e6cd0a9", 16), + new BigInteger("d4fd9ac3474fb83aaf832470643609659e511b322632b239b688f3cd2aad87527d6cf652fb9c9ca67940e84789444f2e99b0cb0cfabbd4de95396106c865f38e2fb7b82b231260a94df0e01756bf73ce0386868d9c41645560a81af2f53c18e4f7cdf3d51d80267372e6e0216afbf67f655c9450769cca494e4f6631b239ce1b", 16), + new BigInteger("c8eaa0e2a1b3a4412a702bccda93f4d150da60d736c99c7c566fdea4dd1b401cbc0d8c063daaf0b579953d36343aa18b33dbf8b9eae94452490cc905245f8f7b9e29b1a288bc66731a29e1dd1a45c9fd7f8238ff727adc49fff73991d0dc096206b9d3a08f61e7462e2b804d78cb8c5eccdb9b7fbd2ad6a8fea46c1053e1be75", 16), + new BigInteger("10edcb544421c0f9e123624d1099feeb35c72a8b34e008ac6fa6b90210a7543f293af4e5299c8c12eb464e70092805c7256e18e5823455ba0f504d36f5ccacac1b7cd5c58ff710f9c3f92646949d88fdd1e7ea5fed1081820bb9b0d2a8cd4b093fecfdb96dabd6e28c3a6f8c186dc86cddc89afd3e403e0fcf8a9e0bcb27af0b", 16), + new BigInteger("97fc25484b5a415eaa63c03e6efa8dafe9a1c8b004d9ee6e80548fefd6f2ce44ee5cb117e77e70285798f57d137566ce8ea4503b13e0f1b5ed5ca6942537c4aa96b2a395782a4cb5b58d0936e0b0fa63b1192954d39ced176d71ef32c6f42c84e2e19f9d4dd999c2151b032b97bd22aa73fd8c5bcd15a2dca4046d5acc997021", 16), + new BigInteger("4bb8064e1eff7e9efc3c4578fcedb59ca4aef0993a8312dfdcb1b3decf458aa6650d3d0866f143cbf0d3825e9381181170a0a1651eefcd7def786b8eb356555d9fa07c85b5f5cbdd74382f1129b5e36b4166b6cc9157923699708648212c484958351fdc9cf14f218dbe7fbf7cbd93a209a4681fe23ceb44bab67d66f45d1c9d", 16)); + + public override void PerformTest() + { + byte[] input = new byte[] + { (byte)0x54, (byte)0x85, (byte)0x9b, (byte)0x34, (byte)0x2c, (byte)0x49, (byte)0xea, (byte)0x2a }; + byte[][] output = new byte[][] + { + Hex.Decode("8b427f781a2e59dd9def386f1956b996ee07f48c96880e65a368055ed8c0a8831669ef7250b40918b2b1d488547e72c84540e42bd07b03f14e226f04fbc2d929"), + Hex.Decode("2ec6e1a1711b6c7b8cd3f6a25db21ab8bb0a5f1d6df2ef375fa708a43997730ffc7c98856dbbe36edddcdd1b2d2a53867d8355af94fea3aeec128da908e08f4c"), + Hex.Decode("0850ac4e5a8118323200c8ed1e5aaa3d5e635172553ccac66a8e4153d35c79305c4440f11034ab147fccce21f18a50cf1c0099c08a577eb68237a91042278965"), + Hex.Decode("1c9649bdccb51056751fe43837f4eb43bada472accf26f65231666d5de7d11950d8379b3596dfdf75c6234274896fa8d18ad0865d3be2ac4d6687151abdf01e93941dcef18fa63186c9351d1506c89d09733c5ff4304208c812bdd21a50f56fde115e629e0e973721c9fcc87e89295a79853dee613962a0b2f2fc57163fd99057a3c776f13c20c26407eb8863998d7e53b543ba8d0a295a9a68d1a149833078c9809ad6a6dad7fc22a95ad615a73138c54c018f40d99bf8eeecd45f5be526f2d6b01aeb56381991c1ab31a2e756f15e052b9cd5638b2eff799795c5bae493307d5eb9f8c21d438de131fe505a4e7432547ab19224094f9e4be1968bd0793b79d"), + Hex.Decode("4c4afc0c24dddaedd4f9a3b23be30d35d8e005ffd36b3defc5d18acc830c3ed388ce20f43a00e614fd087c814197bc9fc2eff9ad4cc474a7a2ef3ed9c0f0a55eb23371e41ee8f2e2ed93ea3a06ca482589ab87e0d61dcffda5eea1241408e43ea1108726cdb87cc3aa5e9eaaa9f72507ca1352ac54a53920c94dccc768147933d8c50aefd9d1da10522a40133cd33dbc0524669e70f771a88d65c4716d471cd22b08b9f01f24e4e9fc7ffbcfa0e0a7aed47b345826399b26a73be112eb9c5e06fc6742fc3d0ef53d43896403c5105109cfc12e6deeaf4a48ba308e039774b9bdb31a9b9e133c81c321630cf0b4b2d1f90717b24c3268e1fea681ea9cdc709342"), + Hex.Decode("06b5b26bd13515f799e5e37ca43cace15cd82fd4bf36b25d285a6f0998d97c8cb0755a28f0ae66618b1cd03e27ac95eaaa4882bc6dc0078cd457d4f7de4154173a9c7a838cfc2ac2f74875df462aae0cfd341645dc51d9a01da9bdb01507f140fa8a016534379d838cc3b2a53ac33150af1b242fc88013cb8d914e66c8182864ee6de88ce2879d4c05dd125409620a96797c55c832fb2fb31d4310c190b8ed2c95fdfda2ed87f785002faaec3f35ec05cf70a3774ce185e4882df35719d582dd55ac31257344a9cba95189dcbea16e8c6cb7a235a0384bc83b6183ca8547e670fe33b1b91725ae0c250c9eca7b5ba78bd77145b70270bf8ac31653006c02ca9c"), + Hex.Decode("135f1be3d045526235bf9d5e43499d4ee1bfdf93370769ae56e85dbc339bc5b7ea3bee49717497ee8ac3f7cd6adb6fc0f17812390dcd65ac7b87fef7970d9ff9"), + Hex.Decode("03c05add1e030178c352face07cafc9447c8f369b8f95125c0d311c16b6da48ca2067104cce6cd21ae7b163cd18ffc13001aecebdc2eb02b9e92681f84033a98"), + Hex.Decode("00319bb9becb49f3ed1bca26d0fcf09b0b0a508e4d0bd43b350f959b72cd25b3af47d608fdcd248eada74fbe19990dbeb9bf0da4b4e1200243a14e5cab3f7e610c") + }; + SecureRandom rand = new MyFixedSecureRandom(); + +// KeyFactory fact = KeyFactory.GetInstance("RSA"); +// +// PrivateKey privKey = fact.generatePrivate(privKeySpec); +// PublicKey pubKey = fact.generatePublic(pubKeySpec); + AsymmetricKeyParameter privKey = privKeySpec; + AsymmetricKeyParameter pubKey = pubKeySpec; + +// PrivateKey priv2048Key = fact.generatePrivate(priv2048KeySpec); +// PublicKey pub2048Key = fact.generatePublic(pub2048KeySpec); + AsymmetricKeyParameter priv2048Key = priv2048KeySpec; + AsymmetricKeyParameter pub2048Key = pub2048KeySpec; + + // + // No Padding + // +// Cipher c = Cipher.GetInstance("RSA"); + IBufferedCipher c = CipherUtilities.GetCipher("RSA"); + +// c.init(Cipher.ENCRYPT_MODE, pubKey, rand); + c.Init(true, pubKey);// new ParametersWithRandom(pubKey, rand)); + + byte[] outBytes = c.DoFinal(input); + + if (!AreEqual(outBytes, output[0])) + { + Fail("NoPadding test failed on encrypt expected " + Hex.ToHexString(output[0]) + " got " + Hex.ToHexString(outBytes)); + } + +// c.init(Cipher.DECRYPT_MODE, privKey); + c.Init(false, privKey); + + outBytes = c.DoFinal(outBytes); + + if (!AreEqual(outBytes, input)) + { + Fail("NoPadding test failed on decrypt expected " + Hex.ToHexString(input) + " got " + Hex.ToHexString(outBytes)); + } + + // + // No Padding - incremental + // +// c = Cipher.GetInstance("RSA"); + c = CipherUtilities.GetCipher("RSA"); + +// c.init(Cipher.ENCRYPT_MODE, pubKey, rand); + c.Init(true, pubKey);// new ParametersWithRandom(pubKey, rand)); + + c.ProcessBytes(input); + + outBytes = c.DoFinal(); + + if (!AreEqual(outBytes, output[0])) + { + Fail("NoPadding test failed on encrypt expected " + Hex.ToHexString(output[0]) + " got " + Hex.ToHexString(outBytes)); + } + +// c.init(Cipher.DECRYPT_MODE, privKey); + c.Init(false, privKey); + + outBytes = c.DoFinal(outBytes); + + if (!AreEqual(outBytes, input)) + { + Fail("NoPadding test failed on decrypt expected " + Hex.ToHexString(input) + " got " + Hex.ToHexString(outBytes)); + } + + // + // No Padding - incremental - explicit use of NONE in mode. + // + c = CipherUtilities.GetCipher("RSA/NONE/NoPadding"); + +// c.init(Cipher.ENCRYPT_MODE, pubKey, rand); + c.Init(true, pubKey);// new ParametersWithRandom(pubKey, rand)); + + c.ProcessBytes(input); + + outBytes = c.DoFinal(); + + if (!AreEqual(outBytes, output[0])) + { + Fail("NoPadding test failed on encrypt expected " + Hex.ToHexString(output[0]) + " got " + Hex.ToHexString(outBytes)); + } + +// c.init(Cipher.DECRYPT_MODE, privKey); + c.Init(false, privKey); + + outBytes = c.DoFinal(outBytes); + + if (!AreEqual(outBytes, input)) + { + Fail("NoPadding test failed on decrypt expected " + Hex.ToHexString(input) + " got " + Hex.ToHexString(outBytes)); + } + + // + // No Padding - maximum.Length + // + c = CipherUtilities.GetCipher("RSA"); + + byte[] modBytes = ((RsaKeyParameters) pubKey).Modulus.ToByteArray(); + + byte[] maxInput = new byte[modBytes.Length - 1]; + + maxInput[0] |= 0x7f; + + c.Init(true, pubKey);// new ParametersWithRandom(pubKey, rand)); + + outBytes = c.DoFinal(maxInput); + + c.Init(false, privKey); + + outBytes = c.DoFinal(outBytes); + + if (!AreEqual(outBytes, maxInput)) + { + Fail("NoPadding test failed on decrypt expected " + + Hex.ToHexString(maxInput) + " got " + + Hex.ToHexString(outBytes)); + } + + // + // PKCS1 V 1.5 + // + c = CipherUtilities.GetCipher("RSA//PKCS1Padding"); + + c.Init(true, new ParametersWithRandom(pubKey, rand)); + + outBytes = c.DoFinal(input); + + if (!AreEqual(outBytes, output[1])) + { + Fail("PKCS1 test failed on encrypt expected " + Hex.ToHexString(output[1]) + " got " + Hex.ToHexString(outBytes)); + } + + c.Init(false, privKey); + + outBytes = c.DoFinal(outBytes); + + if (!AreEqual(outBytes, input)) + { + Fail("PKCS1 test failed on decrypt expected " + Hex.ToHexString(input) + " got " + Hex.ToHexString(outBytes)); + } + + // + // PKCS1 V 1.5 - NONE + // + c = CipherUtilities.GetCipher("RSA/NONE/PKCS1Padding"); + + c.Init(true, new ParametersWithRandom(pubKey, rand)); + + outBytes = c.DoFinal(input); + + if (!AreEqual(outBytes, output[1])) + { + Fail("PKCS1 test failed on encrypt expected " + Hex.ToHexString(output[1]) + " got " + Hex.ToHexString(outBytes)); + } + + c.Init(false, privKey); + + outBytes = c.DoFinal(outBytes); + + if (!AreEqual(outBytes, input)) + { + Fail("PKCS1 test failed on decrypt expected " + Hex.ToHexString(input) + " got " + Hex.ToHexString(outBytes)); + } + + // + // OAEP - SHA1 + // + c = CipherUtilities.GetCipher("RSA/NONE/OAEPPadding"); + + c.Init(true, new ParametersWithRandom(pubKey, rand)); + + outBytes = c.DoFinal(input); + + if (!AreEqual(outBytes, output[2])) + { + Fail("OAEP test failed on encrypt expected " + Hex.ToHexString(output[2]) + " got " + Hex.ToHexString(outBytes)); + } + + c = CipherUtilities.GetCipher("RSA/NONE/OAEPWithSHA1AndMGF1Padding"); + + c.Init(false, privKey); + + outBytes = c.DoFinal(outBytes); + + if (!AreEqual(outBytes, input)) + { + Fail("OAEP test failed on decrypt expected " + Hex.ToHexString(input) + " got " + Hex.ToHexString(outBytes)); + } + + // TODO +// AlgorithmParameters oaepP = c.getParameters(); + byte[] rop = new RsaesOaepParameters( + new AlgorithmIdentifier(OiwObjectIdentifiers.IdSha1, DerNull.Instance), + new AlgorithmIdentifier(PkcsObjectIdentifiers.IdMgf1, new AlgorithmIdentifier(OiwObjectIdentifiers.IdSha1, DerNull.Instance)), + new AlgorithmIdentifier(PkcsObjectIdentifiers.IdPSpecified, new DerOctetString(new byte[0]))).GetEncoded(); + +// if (!AreEqual(oaepP.getEncoded(), rop.getEncoded())) +// { +// Fail("OAEP test failed default sha-1 parameters"); +// } + + // + // OAEP - SHA224 + // + c = CipherUtilities.GetCipher("RSA/NONE/OAEPWithSHA224AndMGF1Padding"); + + c.Init(true, new ParametersWithRandom(pub2048Key, rand)); + + outBytes = c.DoFinal(input); + + if (!AreEqual(outBytes, output[3])) + { + Fail("OAEP SHA-224 test failed on encrypt expected " + Hex.ToHexString(output[2]) + " got " + Hex.ToHexString(outBytes)); + } + + c.Init(false, priv2048Key); + + outBytes = c.DoFinal(outBytes); + + if (!AreEqual(outBytes, input)) + { + Fail("OAEP SHA-224 test failed on decrypt expected " + Hex.ToHexString(input) + " got " + Hex.ToHexString(outBytes)); + } + +// oaepP = c.getParameters(); + rop = new RsaesOaepParameters( + new AlgorithmIdentifier(NistObjectIdentifiers.IdSha224, DerNull.Instance), + new AlgorithmIdentifier(PkcsObjectIdentifiers.IdMgf1, new AlgorithmIdentifier(NistObjectIdentifiers.IdSha224, DerNull.Instance)), + new AlgorithmIdentifier(PkcsObjectIdentifiers.IdPSpecified, new DerOctetString(new byte[0]))).GetEncoded(); + +// if (!AreEqual(oaepP.getEncoded(), rop.getEncoded()) +// { +// Fail("OAEP test failed default sha-224 parameters"); +// } + + // + // OAEP - SHA 256 + // + c = CipherUtilities.GetCipher("RSA/NONE/OAEPWithSHA256AndMGF1Padding"); + + c.Init(true, new ParametersWithRandom(pub2048Key, rand)); + + outBytes = c.DoFinal(input); + + if (!AreEqual(outBytes, output[4])) + { + Fail("OAEP SHA-256 test failed on encrypt expected " + Hex.ToHexString(output[2]) + " got " + Hex.ToHexString(outBytes)); + } + + c.Init(false, priv2048Key); + + outBytes = c.DoFinal(outBytes); + + if (!AreEqual(outBytes, input)) + { + Fail("OAEP SHA-256 test failed on decrypt expected " + Hex.ToHexString(input) + " got " + Hex.ToHexString(outBytes)); + } + +// oaepP = c.getParameters(); + rop = new RsaesOaepParameters( + new AlgorithmIdentifier(NistObjectIdentifiers.IdSha256, DerNull.Instance), + new AlgorithmIdentifier(PkcsObjectIdentifiers.IdMgf1, new AlgorithmIdentifier(NistObjectIdentifiers.IdSha256, DerNull.Instance)), + new AlgorithmIdentifier(PkcsObjectIdentifiers.IdPSpecified, new DerOctetString(new byte[0]))).GetEncoded(); + +// if (!AreEqual(oaepP.getEncoded(), rop.getEncoded()) +// { +// Fail("OAEP test failed default sha-256 parameters"); +// } + + // + // OAEP - SHA 384 + // + c = CipherUtilities.GetCipher("RSA/NONE/OAEPWithSHA384AndMGF1Padding"); + + c.Init(true, new ParametersWithRandom(pub2048Key, rand)); + + outBytes = c.DoFinal(input); + + if (!AreEqual(outBytes, output[5])) + { + Fail("OAEP SHA-384 test failed on encrypt expected " + Hex.ToHexString(output[2]) + " got " + Hex.ToHexString(outBytes)); + } + + c.Init(false, priv2048Key); + + outBytes = c.DoFinal(outBytes); + + if (!AreEqual(outBytes, input)) + { + Fail("OAEP SHA-384 test failed on decrypt expected " + Hex.ToHexString(input) + " got " + Hex.ToHexString(outBytes)); + } + +// oaepP = c.getParameters(); + rop = new RsaesOaepParameters( + new AlgorithmIdentifier(NistObjectIdentifiers.IdSha384, DerNull.Instance), + new AlgorithmIdentifier(PkcsObjectIdentifiers.IdMgf1, new AlgorithmIdentifier(NistObjectIdentifiers.IdSha384, DerNull.Instance)), + new AlgorithmIdentifier(PkcsObjectIdentifiers.IdPSpecified, new DerOctetString(new byte[0]))).GetEncoded(); + +// if (!AreEqual(oaepP.getEncoded(), rop.getEncoded()) +// { +// Fail("OAEP test failed default sha-384 parameters"); +// } + + // + // OAEP - MD5 + // + c = CipherUtilities.GetCipher("RSA/NONE/OAEPWithMD5AndMGF1Padding"); + + c.Init(true, new ParametersWithRandom(pubKey, rand)); + + outBytes = c.DoFinal(input); + + if (!AreEqual(outBytes, output[6])) + { + Fail("OAEP MD5 test failed on encrypt expected " + Hex.ToHexString(output[2]) + " got " + Hex.ToHexString(outBytes)); + } + + c.Init(false, privKey); + + outBytes = c.DoFinal(outBytes); + + if (!AreEqual(outBytes, input)) + { + Fail("OAEP MD5 test failed on decrypt expected " + Hex.ToHexString(input) + " got " + Hex.ToHexString(outBytes)); + } + +// oaepP = c.getParameters(); + rop = new RsaesOaepParameters( + new AlgorithmIdentifier(PkcsObjectIdentifiers.MD5, DerNull.Instance), + new AlgorithmIdentifier(PkcsObjectIdentifiers.IdMgf1, new AlgorithmIdentifier(PkcsObjectIdentifiers.MD5, DerNull.Instance)), + new AlgorithmIdentifier(PkcsObjectIdentifiers.IdPSpecified, new DerOctetString(new byte[0]))).GetEncoded(); + +// if (!AreEqual(oaepP.getEncoded(), rop.getEncoded()) +// { +// Fail("OAEP test failed default md5 parameters"); +// } + + // + // OAEP - SHA1 with default parameters + // + c = CipherUtilities.GetCipher("RSA/NONE/OAEPPadding"); + + // TODO +// c.init(Cipher.ENCRYPT_MODE, pubKey, OAEPParameterSpec.DEFAULT, rand); +// +// outBytes = c.DoFinal(input); +// +// if (!AreEqual(outBytes, output[2])) +// { +// Fail("OAEP test failed on encrypt expected " + Encoding.ASCII.GetString(Hex.Encode(output[2])) + " got " + Encoding.ASCII.GetString(Hex.Encode(outBytes))); +// } +// +// c = CipherUtilities.GetCipher("RSA/NONE/OAEPWithSHA1AndMGF1Padding"); +// +// c.Init(false, privKey); +// +// outBytes = c.DoFinal(outBytes); +// +// if (!AreEqual(outBytes, input)) +// { +// Fail("OAEP test failed on decrypt expected " + Encoding.ASCII.GetString(Hex.Encode(input)) + " got " + Encoding.ASCII.GetString(Hex.Encode(outBytes))); +// } +// +// oaepP = c.getParameters(); +// +// if (!AreEqual(oaepP.getEncoded(), new byte[] { 0x30, 0x00 })) +// { +// Fail("OAEP test failed default parameters"); +// } + + // + // OAEP - SHA1 with specified string + // + c = CipherUtilities.GetCipher("RSA/NONE/OAEPPadding"); + + // TODO +// c.init(Cipher.ENCRYPT_MODE, pubKey, new OAEPParameterSpec("SHA1", "MGF1", new MGF1ParameterSpec("SHA1"), new PSource.PSpecified(new byte[] { 1, 2, 3, 4, 5 })), rand); +// +// outBytes = c.DoFinal(input); +// +// oaepP = c.getParameters(); + rop = new RsaesOaepParameters( + new AlgorithmIdentifier(OiwObjectIdentifiers.IdSha1, DerNull.Instance), + new AlgorithmIdentifier(PkcsObjectIdentifiers.IdMgf1, new AlgorithmIdentifier(OiwObjectIdentifiers.IdSha1, DerNull.Instance)), + new AlgorithmIdentifier(PkcsObjectIdentifiers.IdPSpecified, new DerOctetString(new byte[] { 1, 2, 3, 4, 5 }))).GetEncoded(); + +// if (!AreEqual(oaepP.getEncoded()) +// { +// Fail("OAEP test failed changed sha-1 parameters"); +// } +// +// if (!AreEqual(outBytes, output[7])) +// { +// Fail("OAEP test failed on encrypt expected " + Encoding.ASCII.GetString(Hex.Encode(output[2])) + " got " + Encoding.ASCII.GetString(Hex.Encode(outBytes))); +// } + + c = CipherUtilities.GetCipher("RSA/NONE/OAEPWithSHA1AndMGF1Padding"); + + // TODO +// c.init(Cipher.DECRYPT_MODE, privKey, oaepP); +// +// outBytes = c.DoFinal(outBytes); +// +// if (!AreEqual(outBytes, input)) +// { +// Fail("OAEP test failed on decrypt expected " + Encoding.ASCII.GetString(Hex.Encode(input)) + " got " + Encoding.ASCII.GetString(Hex.Encode(outBytes))); +// } + + // + // iso9796-1 + // + byte[] isoInput = Hex.Decode("fedcba9876543210fedcba9876543210fedcba9876543210fedcba9876543210"); +// PrivateKey isoPrivKey = fact.generatePrivate(isoPrivKeySpec); +// PublicKey isoPubKey = fact.generatePublic(isoPubKeySpec); + AsymmetricKeyParameter isoPrivKey = isoPrivKeySpec; + AsymmetricKeyParameter isoPubKey = isoPubKeySpec; + + c = CipherUtilities.GetCipher("RSA/NONE/ISO9796-1Padding"); + + c.Init(true, isoPrivKey); + + outBytes = c.DoFinal(isoInput); + + if (!AreEqual(outBytes, output[8])) + { + Fail("ISO9796-1 test failed on encrypt expected " + Hex.ToHexString(output[3]) + " got " + Hex.ToHexString(outBytes)); + } + + c.Init(false, isoPubKey); + + outBytes = c.DoFinal(outBytes); + + if (!AreEqual(outBytes, isoInput)) + { + Fail("ISO9796-1 test failed on decrypt expected " + Hex.ToHexString(input) + " got " + Hex.ToHexString(outBytes)); + } + + // + // + // generation with parameters test. + // + IAsymmetricCipherKeyPairGenerator keyPairGen = GeneratorUtilities.GetKeyPairGenerator("RSA"); + + // + // 768 bit RSA with e = 2^16-1 + // + keyPairGen.Init( + new RsaKeyGenerationParameters( + BigInteger.ValueOf(0x10001), + new SecureRandom(), + 768, + 25)); + + AsymmetricCipherKeyPair kp = keyPairGen.GenerateKeyPair(); + + pubKey = kp.Public; + privKey = kp.Private; + + c.Init(true, new ParametersWithRandom(pubKey, rand)); + + outBytes = c.DoFinal(input); + + c.Init(false, privKey); + + outBytes = c.DoFinal(outBytes); + + if (!AreEqual(outBytes, input)) + { + Fail("key generation test failed on decrypt expected " + Hex.ToHexString(input) + " got " + Hex.ToHexString(outBytes)); + } + + // + // comparison check + // +// KeyFactory keyFact = KeyFactory.GetInstance("RSA"); +// +// RSAPrivateCrtKey crtKey = (RSAPrivateCrtKey)keyFact.translateKey(privKey); + RsaPrivateCrtKeyParameters crtKey = (RsaPrivateCrtKeyParameters) privKey; + + if (!privKey.Equals(crtKey)) + { + Fail("private key equality check failed"); + } + +// RSAPublicKey copyKey = (RSAPublicKey)keyFact.translateKey(pubKey); + RsaKeyParameters copyKey = (RsaKeyParameters) pubKey; + + if (!pubKey.Equals(copyKey)) + { + Fail("public key equality check failed"); + } + + SecureRandom random = new SecureRandom(); + rawModeTest("SHA1withRSA", X509ObjectIdentifiers.IdSha1, priv2048Key, pub2048Key, random); + rawModeTest("MD5withRSA", PkcsObjectIdentifiers.MD5, priv2048Key, pub2048Key, random); + rawModeTest("RIPEMD128withRSA", TeleTrusTObjectIdentifiers.RipeMD128, priv2048Key, pub2048Key, random); + } + + private void rawModeTest(string sigName, DerObjectIdentifier digestOID, + AsymmetricKeyParameter privKey, AsymmetricKeyParameter pubKey, SecureRandom random) + { + byte[] sampleMessage = new byte[1000 + random.Next() % 100]; + random.NextBytes(sampleMessage); + + ISigner normalSig = SignerUtilities.GetSigner(sigName); + normalSig.Init(true, privKey); + normalSig.BlockUpdate(sampleMessage, 0, sampleMessage.Length); + byte[] normalResult = normalSig.GenerateSignature(); + + byte[] hash = DigestUtilities.CalculateDigest(digestOID.Id, sampleMessage); + byte[] digInfo = derEncode(digestOID, hash); + + ISigner rawSig = SignerUtilities.GetSigner("RSA"); + rawSig.Init(true, privKey); + rawSig.BlockUpdate(digInfo, 0, digInfo.Length); + byte[] rawResult = rawSig.GenerateSignature(); + + if (!Arrays.AreEqual(normalResult, rawResult)) + { + Fail("raw mode signature differs from normal one"); + } + + rawSig.Init(false, pubKey); + rawSig.BlockUpdate(digInfo, 0, digInfo.Length); + + if (!rawSig.VerifySignature(rawResult)) + { + Fail("raw mode signature verification failed"); + } + } + + private byte[] derEncode(DerObjectIdentifier oid, byte[] hash) + { + AlgorithmIdentifier algId = new AlgorithmIdentifier(oid, DerNull.Instance); + DigestInfo dInfo = new DigestInfo(algId, hash); + + return dInfo.GetEncoded(Asn1Encodable.Der); + } + + public override string Name + { + get { return "RSATest"; } + } + + public static void Main( + string[] args) + { + ITest test = new RsaTest(); + ITestResult result = test.Perform(); + + Console.WriteLine(result); + } + + [Test] + public void TestFunction() + { + string resultText = Perform().ToString(); + + Assert.AreEqual(Name + ": Okay", resultText); + } + } +} diff --git a/BouncyCastle/crypto/test/src/test/RegressionTest.cs b/BouncyCastle/crypto/test/src/test/RegressionTest.cs new file mode 100644 index 0000000..0629b38 --- /dev/null +++ b/BouncyCastle/crypto/test/src/test/RegressionTest.cs @@ -0,0 +1,82 @@ +using System; + +using Org.BouncyCastle.Utilities.Test; + +namespace Org.BouncyCastle.Tests +{ + public class RegressionTest + { + // These tests were ported from org.bouncycastle.jce.provider.test in Java build + public static ITest[] tests = new ITest[] + { + new FipsDesTest(), + new DesEdeTest(), + new AesTest(), + new CamelliaTest(), + new SeedTest(), + new AesSicTest(), + new Gost28147Test(), + new PbeTest(), + new BlockCipherTest(), + new MacTest(), + new HMacTest(), +// new SealedTest(), + new RsaTest(), + new DHTest(), + new DsaTest(), +// new ImplicitlyCaTest(), + new ECNRTest(), + new ECDsa5Test(), + new Gost3410Test(), + new ElGamalTest(), + new IesTest(), + new SigTest(), + new AttrCertTest(), + new CertTest(), + new Pkcs10CertRequestTest(), + new EncryptedPrivateKeyInfoTest(), // Also in Org.BouncyCastle.Pkcs.Tests +// new KeyStoreTest(), +// new Pkcs12StoreTest(), // Already in Org.BouncyCastle.Pkcs.Tests + new DigestTest(), + new PssTest(), + new WrapTest(), +// new DoFinalTest(), + new CipherStreamTest(), + new NamedCurveTest(), + new PkixTest(), +// new NetscapeCertRequestTest(), + new X509StoreTest(), +// new X509StreamParserTest(), + new X509CertificatePairTest(), + new CertPathTest(), +// new CertStoreTest(), + new CertPathValidatorTest(), + new CertPathBuilderTest(), + new ECEncodingTest(), +// new AlgorithmParametersTest(), + new NistCertPathTest(), + new PkixPolicyMappingTest(), +// new SlotTwoTest(), + new PkixNameConstraintsTest(), + new NoekeonTest(), + new AttrCertSelectorTest(), +// new SerialisationTest(), + new MqvTest(), + new CMacTest(), + new Crl5Test(), + new SM4Test(), + new KdfCounterTest() + }; + + public static void Main( + string[] args) + { + for (int i = 0; i != tests.Length; i++) + { + ITestResult result = tests[i].Perform(); + + Console.WriteLine(result); + } + } + } +} diff --git a/BouncyCastle/crypto/test/src/test/SEEDTest.cs b/BouncyCastle/crypto/test/src/test/SEEDTest.cs new file mode 100644 index 0000000..2b380d5 --- /dev/null +++ b/BouncyCastle/crypto/test/src/test/SEEDTest.cs @@ -0,0 +1,190 @@ +using System; +using System.IO; + +using NUnit.Framework; + +using Org.BouncyCastle.Asn1.Kisa; +using Org.BouncyCastle.Crypto; +using Org.BouncyCastle.Crypto.IO; +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Security; +using Org.BouncyCastle.Utilities.Encoders; + +namespace Org.BouncyCastle.Tests +{ + /// Basic test class for SEED + [TestFixture] + public class SeedTest + : BaseBlockCipherTest + { + internal static readonly string[] cipherTests = + { + "128", + "28DBC3BC49FFD87DCFA509B11D422BE7", + "B41E6BE2EBA84A148E2EED84593C5EC7", + "9B9B7BFCD1813CB95D0B3618F40F5122" + }; + + public SeedTest() + : base("SEED") + { + } + + [Test] + public void TestCiphers() + { + for (int i = 0; i != cipherTests.Length; i += 4) + { + doCipherTest(int.Parse(cipherTests[i]), + Hex.Decode(cipherTests[i + 1]), + Hex.Decode(cipherTests[i + 2]), + Hex.Decode(cipherTests[i + 3])); + } + } + + [Test] + public void TestWrap() + { + byte[] kek1 = Hex.Decode("000102030405060708090a0b0c0d0e0f"); + byte[] in1 = Hex.Decode("00112233445566778899aabbccddeeff"); + byte[] out1 = Hex.Decode("bf71f77138b5afea05232a8dad54024e812dc8dd7d132559"); + + wrapTest(1, "SEEDWrap", kek1, in1, out1); + } + + [Test] + public void TestOids() + { + string[] oids = { + KisaObjectIdentifiers.IdSeedCbc.Id + }; + + string[] names = { + "SEED/CBC/PKCS7Padding" + }; + + oidTest(oids, names, 1); + } + + [Test] + public void TestWrapOids() + { + string[] wrapOids = { + KisaObjectIdentifiers.IdNpkiAppCmsSeedWrap.Id + }; + + wrapOidTest(wrapOids, "SEEDWrap"); + } + + public void doCipherTest( + int strength, + byte[] keyBytes, + byte[] input, + byte[] output) + { + KeyParameter key = ParameterUtilities.CreateKeyParameter("SEED", keyBytes); + + IBufferedCipher inCipher = CipherUtilities.GetCipher("SEED/ECB/NoPadding"); + IBufferedCipher outCipher = CipherUtilities.GetCipher("SEED/ECB/NoPadding"); + + try + { + outCipher.Init(true, key); + } + catch (Exception e) + { + Fail("SEED failed initialisation - " + e.ToString(), e); + } + + try + { + inCipher.Init(false, key); + } + catch (Exception e) + { + Fail("SEED failed initialisation - " + e.ToString(), e); + } + + // + // encryption pass + // + MemoryStream bOut = new MemoryStream(); + CipherStream cOut = new CipherStream(bOut, null, outCipher); + + try + { + for (int i = 0; i != input.Length / 2; i++) + { + cOut.WriteByte(input[i]); + } + cOut.Write(input, input.Length / 2, input.Length - input.Length / 2); + cOut.Close(); + } + catch (IOException e) + { + Fail("SEED failed encryption - " + e.ToString(), e); + } + + byte[] bytes = bOut.ToArray(); + + if (!AreEqual(bytes, output)) + { + Fail("SEED failed encryption - expected " + + Hex.ToHexString(output) + " got " + + Hex.ToHexString(bytes)); + } + + // + // decryption pass + // + MemoryStream bIn = new MemoryStream(bytes, false); + CipherStream cIn = new CipherStream(bIn, inCipher, null); + + try + { +// DataInputStream dIn = new DataInputStream(cIn); + BinaryReader dIn = new BinaryReader(cIn); + + bytes = new byte[input.Length]; + + for (int i = 0; i != input.Length / 2; i++) + { +// bytes[i] = (byte)dIn.read(); + bytes[i] = dIn.ReadByte(); + } + + int remaining = bytes.Length - input.Length / 2; +// dIn.readFully(bytes, input.Length / 2, remaining); + byte[] extra = dIn.ReadBytes(remaining); + if (extra.Length < remaining) + throw new EndOfStreamException(); + extra.CopyTo(bytes, input.Length / 2); + } + catch (Exception e) + { + Fail("SEED failed encryption - " + e.ToString(), e); + } + + if (!AreEqual(bytes, input)) + { + Fail("SEED failed decryption - expected " + + Hex.ToHexString(input) + " got " + + Hex.ToHexString(bytes)); + } + } + + public override void PerformTest() + { + TestCiphers(); + TestWrap(); + TestOids(); + TestWrapOids(); + } + + public static void Main( + string[] args) + { + RunTest(new SeedTest()); + } + } +} diff --git a/BouncyCastle/crypto/test/src/test/SM4Test.cs b/BouncyCastle/crypto/test/src/test/SM4Test.cs new file mode 100644 index 0000000..5d36b34 --- /dev/null +++ b/BouncyCastle/crypto/test/src/test/SM4Test.cs @@ -0,0 +1,149 @@ +using System; +using System.IO; + +using NUnit.Framework; + +using Org.BouncyCastle.Crypto; +using Org.BouncyCastle.Crypto.IO; +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Security; +using Org.BouncyCastle.Utilities.Encoders; + +namespace Org.BouncyCastle.Tests +{ + /** + * basic test class for SM4 + */ + [TestFixture] + public class SM4Test + : BaseBlockCipherTest + { + internal static readonly string[] cipherTests = + { + "128", + "0123456789abcdeffedcba9876543210", + "0123456789abcdeffedcba9876543210", + "681edf34d206965e86b3e94f536e4246" + }; + + public SM4Test() + : base("SM4") + { + } + + public void DoTest( + int strength, + byte[] keyBytes, + byte[] input, + byte[] output) + { + KeyParameter key = ParameterUtilities.CreateKeyParameter("SM4", keyBytes); + + IBufferedCipher inCipher = CipherUtilities.GetCipher("SM4/ECB/NoPadding"); + IBufferedCipher outCipher = CipherUtilities.GetCipher("SM4/ECB/NoPadding"); + + try + { + outCipher.Init(true, key); + } + catch (Exception e) + { + Fail("SM4 failed initialisation - " + e, e); + } + + try + { + inCipher.Init(false, key); + } + catch (Exception e) + { + Fail("SM4 failed initialisation - " + e, e); + } + + // + // encryption pass + // + MemoryStream bOut = new MemoryStream(); + + CipherStream cOut = new CipherStream(bOut, null, outCipher); + + try + { + for (int i = 0; i != input.Length / 2; i++) + { + cOut.WriteByte(input[i]); + } + cOut.Write(input, input.Length / 2, input.Length - input.Length / 2); + cOut.Close(); + } + catch (IOException e) + { + Fail("SM4 failed encryption - " + e, e); + } + + byte[] bytes = bOut.ToArray(); + + if (!AreEqual(bytes, output)) + { + Fail("SM4 failed encryption - expected " + + Hex.ToHexString(output) + " got " + + Hex.ToHexString(bytes)); + } + + // + // decryption pass + // + MemoryStream bIn = new MemoryStream(bytes, false); + + CipherStream cIn = new CipherStream(bIn, inCipher, null); + + try + { +// DataInputStream dIn = new DataInputStream(cIn); + BinaryReader dIn = new BinaryReader(cIn); + + bytes = new byte[input.Length]; + + for (int i = 0; i != input.Length / 2; i++) + { +// bytes[i] = (byte)dIn.read(); + bytes[i] = dIn.ReadByte(); + } + + int remaining = bytes.Length - input.Length / 2; +// dIn.readFully(bytes, input.Length / 2, remaining); + byte[] extra = dIn.ReadBytes(remaining); + if (extra.Length < remaining) + throw new EndOfStreamException(); + extra.CopyTo(bytes, input.Length / 2); + } + catch (Exception e) + { + Fail("SM4 failed encryption - " + e, e); + } + + if (!AreEqual(bytes, input)) + { + Fail("SM4 failed decryption - expected " + + Hex.ToHexString(input) + " got " + + Hex.ToHexString(bytes)); + } + } + + public override void PerformTest() + { + for (int i = 0; i != cipherTests.Length; i += 4) + { + DoTest(int.Parse(cipherTests[i]), + Hex.Decode(cipherTests[i + 1]), + Hex.Decode(cipherTests[i + 2]), + Hex.Decode(cipherTests[i + 3])); + } + } + + public static void Main(string[] args) + { + RunTest(new SM4Test()); + } + } +} diff --git a/BouncyCastle/crypto/test/src/test/SP80038GTest.cs b/BouncyCastle/crypto/test/src/test/SP80038GTest.cs new file mode 100644 index 0000000..05dc7dd --- /dev/null +++ b/BouncyCastle/crypto/test/src/test/SP80038GTest.cs @@ -0,0 +1,584 @@ +using System; + +using NUnit.Framework; + +using Org.BouncyCastle.Crypto; +using Org.BouncyCastle.Crypto.Fpe; +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Crypto.Utilities; +using Org.BouncyCastle.Utilities; +using Org.BouncyCastle.Utilities.Encoders; +using Org.BouncyCastle.Utilities.Test; + +namespace Org.BouncyCastle.Tests +{ + [TestFixture] + public class SP80038GTest + : SimpleTest +{ + private class FFSample + { + private readonly int radix; + private readonly byte[] key; + private readonly byte[] plaintext; + private readonly byte[] ciphertext; + private readonly byte[] tweak; + + public static FFSample from(int radix, String hexKey, String asciiPT, String asciiCT, String hexTweak) + { + return new FFSample(radix, fromHex(hexKey), fromAscii(radix, asciiPT), fromAscii(radix, asciiCT), fromHex(hexTweak)); + } + + private static byte fromAlphaNumeric(char c) + { + if (c >= '0' && c <= '9') + { + return (byte)(c - '0'); + } + else if (c >= 'a' && c <= 'z') + { + return (byte)(10 + (c - 'a')); + } + else if (c >= 'A' && c <= 'Z') + { + return (byte)(36 + (c - 'A')); + } + else + { + throw new ArgumentException(); + } + } + + private static byte[] fromAscii(int radix, string ascii) + { + byte[] result = new byte[ascii.Length]; + for (int i = 0; i < result.Length; ++i) + { + result[i] = fromAlphaNumeric(ascii[i]); + if (result[i] < 0 || result[i] >= radix) + { + throw new ArgumentException(); + } + } + return result; + } + + private static byte[] fromHex(string hex) + { + return Hex.Decode(hex); + } + + private FFSample(int radix, byte[] key, byte[] plaintext, byte[] ciphertext, byte[] tweak) + { + this.radix = radix; + this.key = key; + this.plaintext = plaintext; + this.ciphertext = ciphertext; + this.tweak = tweak; + } + + public byte[] getCiphertext() + { + return ciphertext; + } + + public byte[] getKey() + { + return key; + } + + public byte[] getPlaintext() + { + return plaintext; + } + + public int getRadix() + { + return radix; + } + + public byte[] getTweak() + { + return tweak; + } + } + + private static FFSample[] ff1Samples = new FFSample[] + { + // FF1-AES128 + FFSample.from(10, "2B7E151628AED2A6ABF7158809CF4F3C", "0123456789", "2433477484", ""), + FFSample.from(10, "2B7E151628AED2A6ABF7158809CF4F3C", "0123456789", "6124200773", "39383736353433323130"), + FFSample.from(36, "2B7E151628AED2A6ABF7158809CF4F3C", "0123456789abcdefghi", "a9tv40mll9kdu509eum", "3737373770717273373737"), + + // FF1-AES192 + FFSample.from(10, "2B7E151628AED2A6ABF7158809CF4F3CEF4359D8D580AA4F", "0123456789", "2830668132", ""), + FFSample.from(10, "2B7E151628AED2A6ABF7158809CF4F3CEF4359D8D580AA4F", "0123456789", "2496655549", "39383736353433323130"), + FFSample.from(36, "2B7E151628AED2A6ABF7158809CF4F3CEF4359D8D580AA4F", "0123456789abcdefghi", "xbj3kv35jrawxv32ysr", "3737373770717273373737"), + + // FF1-AES256 + FFSample.from(10, "2B7E151628AED2A6ABF7158809CF4F3CEF4359D8D580AA4F7F036D6F04FC6A94", "0123456789", "6657667009", ""), + FFSample.from(10, "2B7E151628AED2A6ABF7158809CF4F3CEF4359D8D580AA4F7F036D6F04FC6A94", "0123456789", "1001623463", "39383736353433323130"), + FFSample.from(36, "2B7E151628AED2A6ABF7158809CF4F3CEF4359D8D580AA4F7F036D6F04FC6A94", "0123456789abcdefghi", "xs8a0azh2avyalyzuwd", "3737373770717273373737"), + }; + + private static FFSample[] ff3_1Samples = new FFSample[] + { + // FF3-AES128 + FFSample.from(62, "7793833CE891B496381BD5B882F77EA1", "YbpT3hDo0J9xwCQ5qUWt93iv", "dDEYxViK56lGbV1WdZTPTe4w", "C58797C2580174"), + }; + + private void testFF1() + { + for (int i = 0; i < ff1Samples.Length; ++i) + { + testFF1Sample(ff1Samples[i]); + } + + byte[] key = Hex.Decode("EF4359D8D580AA4F7F036D6F04FC6A942B7E151628AED2A6"); + byte[] plainText = Hex.Decode("0327035100210215"); + byte[] tweak = Hex.Decode("39383736353433323130"); + + FpeEngine fpeEngine = new FpeFf1Engine(); + + fpeEngine.Init(true, new FpeParameters(new KeyParameter(key), 24, tweak)); + + try + { + fpeEngine.ProcessBlock(plainText, 0, plainText.Length, plainText, 0); + Fail("no exception"); + } + catch (ArgumentException e) + { + IsEquals("input data outside of radix", e.Message); + } + + try + { + fpeEngine.ProcessBlock(new byte[] { 1 }, 0, 1, plainText, 0); + Fail("no exception"); + } + catch (ArgumentException e) + { + IsEquals("input too short", e.Message); + } + } + + public void testFF1w() + { + byte[] key = Hex.Decode("EF4359D8D580AA4F7F036D6F04FC6A942B7E151628AED2A6"); + byte[] plainText = Hex.Decode("0327035100210215"); + byte[] cipherText = Hex.Decode("022701f80217020a"); + byte[] tweak = Hex.Decode("39383736353433323130"); + + FpeEngine fpeEngine = new FpeFf1Engine(); + + fpeEngine.Init(true, new FpeParameters(new KeyParameter(key), 1024, tweak)); + + byte[] enc = new byte[plainText.Length]; + + fpeEngine.ProcessBlock(plainText, 0, plainText.Length, enc, 0); + + AreEqual(cipherText, enc); + + fpeEngine.Init(false, new FpeParameters(new KeyParameter(key), 1024, tweak)); + + fpeEngine.ProcessBlock(cipherText, 0, cipherText.Length, enc, 0); + + AreEqual(plainText, enc); + + byte[] outPt = Hex.Decode("03270F5100210215"); + + try + { + fpeEngine.ProcessBlock(outPt, 0, outPt.Length, enc, 0); + } + catch (ArgumentException e) + { + IsEquals("input data outside of radix", e.Message); + } + } + + public void testFF3_1() + { + for (int i = 0; i < ff3_1Samples.Length; ++i) + { + testFF3_1Sample(ff3_1Samples[i]); + } + + byte[] key = Hex.Decode("EF4359D8D580AA4F7F036D6F04FC6A942B7E151628AED2A6"); + byte[] plainText = Hex.Decode("0327035100210215"); + byte[] tweak = Hex.Decode("39383736353433"); + + FpeEngine fpeEngine = new FpeFf3_1Engine(); + + fpeEngine.Init(true, new FpeParameters(new KeyParameter(key), 24, tweak)); + + try + { + fpeEngine.ProcessBlock(plainText, 0, plainText.Length, plainText, 0); + Fail("no exception"); + } + catch (ArgumentException e) + { + IsEquals("input data outside of radix", e.Message); + } + + try + { + fpeEngine.Init(true, new FpeParameters(new KeyParameter(key), 24, Hex.Decode("beef"))); + + Fail("no exception"); + } + catch (ArgumentException e) + { + IsEquals("tweak should be 56 bits", e.Message); + } + } + + private void testFF3_1w() + { + byte[] key = Hex.Decode("EF4359D8D580AA4F7F036D6F04FC6A942B7E151628AED2A6"); + byte[] plainText = Hex.Decode("0327035100210215"); + byte[] cipherText = Hex.Decode("02fb024900310220"); + byte[] tweak = Hex.Decode("39383736353433"); + + FpeEngine fpeEngine = new FpeFf3_1Engine(); + + fpeEngine.Init(true, new FpeParameters(new KeyParameter(key), 1024, tweak)); + + byte[] enc = new byte[plainText.Length]; + + fpeEngine.ProcessBlock(plainText, 0, plainText.Length, enc, 0); + + IsTrue("enc failed: " + Hex.ToHexString(enc), AreEqual(cipherText, enc)); + + fpeEngine.Init(false, new FpeParameters(new KeyParameter(key), 1024, tweak)); + + fpeEngine.ProcessBlock(cipherText, 0, cipherText.Length, enc, 0); + + IsTrue(AreEqual(plainText, enc)); + + byte[] outPt = Hex.Decode("03270F5100210215"); + + try + { + fpeEngine.ProcessBlock(outPt, 0, outPt.Length, enc, 0); + } + catch (ArgumentException e) + { + IsEquals("input data outside of radix", e.Message); + } + } + + private void testDisable() + { +#if NETCF_1_0 || NETCF_2_0 || SILVERLIGHT || (PORTABLE && !DOTNET) || NET_1_1 + // Can't SetEnvironmentVariable ! +#else + Environment.SetEnvironmentVariable("org.bouncycastle.fpe.disable", "true"); + try + { + testFF1(); + Fail("no exception"); + } + catch (InvalidOperationException e) + { + IsEquals("FF1 encryption disabled", e.Message); + } + + try + { + testFF3_1(); + Fail("no exception"); + } + catch (InvalidOperationException e) + { + IsEquals("Fpe disabled", e.Message); + } + Environment.SetEnvironmentVariable("org.bouncycastle.fpe.disable", "false"); + + Environment.SetEnvironmentVariable("org.bouncycastle.fpe.disable_ff1", "true"); + try + { + testFF1(); + Fail("no exception"); + } + catch (InvalidOperationException e) + { + IsEquals("FF1 encryption disabled", e.Message); + } + + testFF3_1(); + Environment.SetEnvironmentVariable("org.bouncycastle.fpe.disable_ff1", "false"); +#endif + } + + private void testFF3_1_255() + { + byte[] key = Hex.Decode("339BB5B1F2D44BAABF87CA1B7380CDC8"); + byte[] tweak = Hex.Decode("3F096DE35BFA31"); + int radix = 256; + + FpeEngine fpeEngine = new FpeFf3_1Engine(); + + fpeEngine.Init(true, new FpeParameters(new KeyParameter(key), radix, tweak)); + + ulong valueToEncrypt = 0x31009155FFL; + + byte[] bytes = Hex.Decode("31009155FF"); + byte[] enc = new byte[bytes.Length]; + //Encrypt + + fpeEngine.ProcessBlock(bytes, 0, bytes.Length, enc, 0); + + IsTrue(Arrays.AreEqual(Hex.Decode("18fa139dc978a681"), enc)); + + //Decrypt + fpeEngine.Init(false, new FpeParameters(new KeyParameter(key), radix, tweak)); + + fpeEngine.ProcessBlock(enc, 0, enc.Length, enc, 0); + + IsTrue(Arrays.AreEqual(bytes, enc)); + } + + private void testFF1Sample(FFSample ff1) + { + FpeEngine fpeEngine = new FpeFf1Engine(); + + fpeEngine.Init(true, new FpeParameters(new KeyParameter(ff1.getKey()), ff1.getRadix(), ff1.getTweak())); + + byte[] plain = ff1.getPlaintext(); + byte[] enc = new byte[plain.Length]; + + fpeEngine.ProcessBlock(plain, 0, plain.Length, enc, 0); + + IsTrue(AreEqual(ff1.getCiphertext(), enc)); + + fpeEngine.Init(false, new FpeParameters(new KeyParameter(ff1.getKey()), ff1.getRadix(), ff1.getTweak())); + + fpeEngine.ProcessBlock(ff1.getCiphertext(), 0, ff1.getCiphertext().Length, enc, 0); + + IsTrue(AreEqual(ff1.getPlaintext(), enc)); + } + + private void testFF3_1Sample(FFSample ff3_1) + { + FpeEngine fpeEngine = new FpeFf3_1Engine(); + + fpeEngine.Init(true, new FpeParameters(new KeyParameter(ff3_1.getKey()), ff3_1.getRadix(), ff3_1.getTweak())); + + byte[] plain = ff3_1.getPlaintext(); + byte[] enc = new byte[plain.Length]; + + fpeEngine.ProcessBlock(plain, 0, plain.Length, enc, 0); + + IsTrue(AreEqual(ff3_1.getCiphertext(), enc)); + + fpeEngine.Init(false, new FpeParameters(new KeyParameter(ff3_1.getKey()), ff3_1.getRadix(), ff3_1.getTweak())); + + fpeEngine.ProcessBlock(ff3_1.getCiphertext(), 0, plain.Length, enc, 0); + + IsTrue(AreEqual(ff3_1.getPlaintext(), enc)); + } + + public void testFF1Bounds() + { + byte[] key = Hex.Decode("339BB5B1F2D44BAABF87CA1B7380CDC8"); + byte[] tweak = Hex.Decode("3F096DE35BFA31"); + + FpeEngine fpeEngine = new FpeFf1Engine(); + + try + { + IAlphabetMapper alphabetMapper = new BasicAlphabetMapper("ABCDEFGHI"); + + fpeEngine.Init(true, new FpeParameters(new KeyParameter(key), + alphabetMapper.Radix, tweak)); + + process(fpeEngine, new byte[] { 1, 2, 3 }); + Fail("no exception"); + } + catch (ArgumentException e) + { + IsEquals("input too short", e.Message); + } + + try + { + IAlphabetMapper alphabetMapper = new BasicAlphabetMapper("ABCD"); + + fpeEngine.Init(true, new FpeParameters(new KeyParameter(key), + alphabetMapper.Radix, tweak)); + + process(fpeEngine, new byte[] { 1, 2, 3 }); + Fail("no exception"); + } + catch (ArgumentException e) + { + IsEquals("input too short", e.Message); + } + } + + private void testFF3_1Bounds() + { + String bigAlpha = "+-ABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789abcdefghijklmnopqrstuvwxyz"; + + IAlphabetMapper alphabetMapper = new BasicAlphabetMapper(bigAlpha); + + ff3_1Test(alphabetMapper, "467094C27E47978FE616F475215BF4F1", "ECC8AA7B87B41C", "9RwG+t8cKfa9JweBYgHAA6fHUShNZ5tc", "-DXMBhb3AFPq5Xf4oUva4WbB8eagGK2u"); + ff3_1Test(alphabetMapper, "4DB04B58E97819015A08BA7A39A79C303968A34DB0936FAD", "26B3A632FAADFE", "k5Kop6xYpT0skr1zHHPEt5rPWQ4s4O-3", "JyWzuPL6SNsciOXdEgwnKZJxHiKaTu4Z"); + ff3_1Test(alphabetMapper, "15567AA6CD8CCA401ADB6A10730655AEEC10E9101FD3969A", "379B9572B687A6", "ZpztPp90Oo5ekoNRzqArsAqAbnmM--W6", "NPxEDufvnYzVX3jxupv+iJOuPVpWRPjD"); + try + { + ff3_1Test(alphabetMapper, "15567AA6CD8CCA401ADB6A10730655AEEC10E9101FD3969A", "379B9572B687A6", "ZpztPp90Oo5ekoNRzqArsAqAbnmM+-W6ZZ", "L1yx-4YLQG9W1P5yTI7Wp2h0IDcRoBq1kk"); + Fail("no exception 1"); + } + catch (ArgumentException e) + { + IsEquals("maximum input length is 32", e.Message); + } + + try + { + ff3_1Test(alphabetMapper, "15567AA6CD8CCA401ADB6A10730655AEEC10E9101FD3969A", "379B9572B687A6", "Z", "L"); + Fail("no exception 2"); + } + catch (ArgumentException e) + { + IsEquals("input too short", e.Message); + } + + try + { + alphabetMapper = new BasicAlphabetMapper("ABCDEFGHI"); + + ff3_1Test(alphabetMapper, "15567AA6CD8CCA401ADB6A10730655AEEC10E9101FD3969A", "379B9572B687A6", "AB", "ZZ"); + Fail("no exception 3"); + } + catch (ArgumentException e) + { + IsEquals("input too short", e.Message); + } + } + + private void ff3_1Test(IAlphabetMapper alphabetMapper, String skey, String stweak, String input, String output) + { + FpeEngine fpeEncEngine = new FpeFf3_1Engine(); + FpeEngine fpeDecEngine = new FpeFf3_1Engine(); + + byte[] key = Hex.Decode(skey); + byte[] tweak = Hex.Decode(stweak); + int radix = alphabetMapper.Radix; + + fpeEncEngine.Init(true, new FpeParameters(new KeyParameter(key), radix, tweak)); + fpeDecEngine.Init(false, new FpeParameters(new KeyParameter(key), radix, tweak)); + + byte[] bytes = alphabetMapper.ConvertToIndexes(input.ToCharArray()); + + byte[] encryptedBytes = process(fpeEncEngine, bytes); + IsEquals(output, new String(alphabetMapper.ConvertToChars(encryptedBytes))); + + byte[] decryptedBytes = process(fpeDecEngine, encryptedBytes); + IsTrue(Arrays.AreEqual(bytes, decryptedBytes)); + char[] chars = alphabetMapper.ConvertToChars(decryptedBytes); + IsEquals(input, new String(chars)); + } + + private byte[] process(FpeEngine fpeEngine, byte[] bytes) + { + byte[] rv = new byte[bytes.Length]; + + fpeEngine.ProcessBlock(bytes, 0, bytes.Length, rv, 0); + + return rv; + } + + public void testUtility() + { + FpeCharEncryptor fpeEnc = new FpeCharEncryptor(new FpeFf1Engine(), Hex.Decode("2B7E151628AED2A6ABF7158809CF4F3C"), "0123456789".ToCharArray()); + + char[] input = "01234567890123456".ToCharArray(); + char[] encrypted = fpeEnc.Process(input); + + FpeCharDecryptor fpeDec = new FpeCharDecryptor(new FpeFf1Engine(), Hex.Decode("2B7E151628AED2A6ABF7158809CF4F3C"), "0123456789".ToCharArray()); + char[] decrypted = fpeDec.Process(encrypted); + + IsTrue("no match", Arrays.AreEqual(input, decrypted)); + } + + public override string Name + { + get { return "SP80038GTest"; } + } + + public override void PerformTest() + { + testFF1(); + testFF1w(); + testFF1Bounds(); + testFF3_1(); + testFF3_1w(); + testFF3_1_255(); + testFF3_1Bounds(); + testDisable(); + testUtility(); + } + + public class FpeCharEncryptor + { + private readonly FpeEngine fpeEngine; + private IAlphabetMapper alphabetMapper; + + public FpeCharEncryptor(FpeEngine fpeEngine, byte[] key, char[] alphabet): this(fpeEngine, key, new byte[0], alphabet) + { + + } + + public FpeCharEncryptor(FpeEngine fpeEngine, byte[] key, byte[] tweak, char[] alphabet) + { + this.fpeEngine = fpeEngine; + + alphabetMapper = new BasicAlphabetMapper(alphabet); + + fpeEngine.Init(true, new FpeParameters(new KeyParameter(key), alphabetMapper.Radix, tweak)); + } + + public char[] Process(char[] input) + { + byte[] bytes = alphabetMapper.ConvertToIndexes(input); + + fpeEngine.ProcessBlock(bytes, 0, bytes.Length, bytes, 0); + + return alphabetMapper.ConvertToChars(bytes); + } + } + + public class FpeCharDecryptor + { + private readonly FpeEngine fpeEngine; + private IAlphabetMapper alphabetMapper; + + public FpeCharDecryptor(FpeEngine fpeEngine, byte[] key, char[] alphabet): this(fpeEngine, key, new byte[0], alphabet) + { + } + + public FpeCharDecryptor(FpeEngine fpeEngine, byte[] key, byte[] tweak, char[] alphabet) + { + this.fpeEngine = fpeEngine; + + alphabetMapper = new BasicAlphabetMapper(alphabet); + + fpeEngine.Init(false, new FpeParameters(new KeyParameter(key), alphabetMapper.Radix, tweak)); + } + + public char[] Process(char[] input) + { + byte[] bytes = alphabetMapper.ConvertToIndexes(input); + + fpeEngine.ProcessBlock(bytes, 0, bytes.Length, bytes, 0); + + return alphabetMapper.ConvertToChars(bytes); + } + } +} +} diff --git a/BouncyCastle/crypto/test/src/test/SigTest.cs b/BouncyCastle/crypto/test/src/test/SigTest.cs new file mode 100644 index 0000000..803a244 --- /dev/null +++ b/BouncyCastle/crypto/test/src/test/SigTest.cs @@ -0,0 +1,378 @@ +using System; + +using NUnit.Framework; + +using Org.BouncyCastle.Crypto; +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Math; +using Org.BouncyCastle.Security; +using Org.BouncyCastle.Utilities.Encoders; +using Org.BouncyCastle.Utilities.Test; + +namespace Org.BouncyCastle.Tests +{ + [TestFixture] + public class SigTest + : SimpleTest + { + /** + * signature with a "forged signature" (sig block not at end of plain text) + */ + private void doTestBadSig( + AsymmetricKeyParameter priv, + AsymmetricKeyParameter pub) + { + IDigest sha1 = DigestUtilities.GetDigest("SHA1"); + IBufferedCipher signer = CipherUtilities.GetCipher("RSA//PKCS1Padding"); + + signer.Init(true, priv); + + byte[] block = new byte[signer.GetBlockSize()]; + + sha1.Update((byte)0); + + byte[] sigHeader = Hex.Decode("3021300906052b0e03021a05000414"); + Array.Copy(sigHeader, 0, block, 0, sigHeader.Length); + +// byte[] dig = sha1.digest(); + byte[] dig = DigestUtilities.DoFinal(sha1); + + Array.Copy(dig, 0, block, sigHeader.Length, dig.Length); + + Array.Copy(sigHeader, 0, block, + sigHeader.Length + dig.Length, sigHeader.Length); + + byte[] sig = signer.DoFinal(block); + + ISigner verifier = SignerUtilities.GetSigner("SHA1WithRSA"); + + verifier.Init(false, pub); + + verifier.Update((byte)0); + + if (verifier.VerifySignature(sig)) + { + Fail("bad signature passed"); + } + } + + public override void PerformTest() + { + ISigner sig = SignerUtilities.GetSigner("SHA1WithRSAEncryption"); + + byte[] data = { 1, 2, 3, 4, 5, 6, 7, 8, 9, 0 }; + + IAsymmetricCipherKeyPairGenerator fact = GeneratorUtilities.GetKeyPairGenerator("RSA"); + fact.Init( + new RsaKeyGenerationParameters( + BigInteger.ValueOf(0x10001), + new SecureRandom(), + 768, + 25)); + + AsymmetricCipherKeyPair keyPair = fact.GenerateKeyPair(); + + AsymmetricKeyParameter signingKey = keyPair.Private; + AsymmetricKeyParameter verifyKey = keyPair.Public; + + doTestBadSig(signingKey, verifyKey); + + sig.Init(true, signingKey); + + sig.BlockUpdate(data, 0, data.Length); + + byte[] sigBytes = sig.GenerateSignature(); + + sig.Init(false, verifyKey); + + sig.BlockUpdate(data, 0, data.Length); + + if (!sig.VerifySignature(sigBytes)) + { + Fail("SHA1 verification failed"); + } + + sig = SignerUtilities.GetSigner("MD2WithRSAEncryption"); + + sig.Init(true, signingKey); + + sig.BlockUpdate(data, 0, data.Length); + + sigBytes = sig.GenerateSignature(); + + sig.Init(false, verifyKey); + + sig.BlockUpdate(data, 0, data.Length); + + if (!sig.VerifySignature(sigBytes)) + { + Fail("MD2 verification failed"); + } + + sig = SignerUtilities.GetSigner("MD5WithRSAEncryption"); + + sig.Init(true, signingKey); + + sig.BlockUpdate(data, 0, data.Length); + + sigBytes = sig.GenerateSignature(); + + sig.Init(false, verifyKey); + + sig.BlockUpdate(data, 0, data.Length); + + if (!sig.VerifySignature(sigBytes)) + { + Fail("MD5 verification failed"); + } + + sig = SignerUtilities.GetSigner("RIPEMD160WithRSAEncryption"); + + sig.Init(true, signingKey); + + sig.BlockUpdate(data, 0, data.Length); + + sigBytes = sig.GenerateSignature(); + + sig.Init(false, verifyKey); + + sig.BlockUpdate(data, 0, data.Length); + + if (!sig.VerifySignature(sigBytes)) + { + Fail("RIPEMD160 verification failed"); + } + + // + // RIPEMD-128 + // + sig = SignerUtilities.GetSigner("RIPEMD128WithRSAEncryption"); + + sig.Init(true, signingKey); + + sig.BlockUpdate(data, 0, data.Length); + + sigBytes = sig.GenerateSignature(); + + sig.Init(false, verifyKey); + + sig.BlockUpdate(data, 0, data.Length); + + if (!sig.VerifySignature(sigBytes)) + { + Fail("RIPEMD128 verification failed"); + } + + // + // RIPEMD256 + // + sig = SignerUtilities.GetSigner("RIPEMD256WithRSAEncryption"); + + sig.Init(true, signingKey); + + sig.BlockUpdate(data, 0, data.Length); + + sigBytes = sig.GenerateSignature(); + + sig.Init(false, verifyKey); + + sig.BlockUpdate(data, 0, data.Length); + + if (!sig.VerifySignature(sigBytes)) + { + Fail("RIPEMD256 verification failed"); + } + + // + // SHA-224 + // + sig = SignerUtilities.GetSigner("SHA224WithRSAEncryption"); + + sig.Init(true, signingKey); + + sig.BlockUpdate(data, 0, data.Length); + + sigBytes = sig.GenerateSignature(); + + sig.Init(false, verifyKey); + + sig.BlockUpdate(data, 0, data.Length); + + if (!sig.VerifySignature(sigBytes)) + { + Fail("SHA224 verification failed"); + } + + // + // SHA-256 + // + sig = SignerUtilities.GetSigner("SHA256WithRSAEncryption"); + + sig.Init(true, signingKey); + + sig.BlockUpdate(data, 0, data.Length); + + sigBytes = sig.GenerateSignature(); + + sig.Init(false, verifyKey); + + sig.BlockUpdate(data, 0, data.Length); + + if (!sig.VerifySignature(sigBytes)) + { + Fail("SHA256 verification failed"); + } + + // + // SHA-384 + // + sig = SignerUtilities.GetSigner("SHA384WithRSAEncryption"); + + sig.Init(true, signingKey); + + sig.BlockUpdate(data, 0, data.Length); + + sigBytes = sig.GenerateSignature(); + + sig.Init(false, verifyKey); + + sig.BlockUpdate(data, 0, data.Length); + + if (!sig.VerifySignature(sigBytes)) + { + Fail("SHA384 verification failed"); + } + + // + // SHA-512 + // + sig = SignerUtilities.GetSigner("SHA512WithRSAEncryption"); + + sig.Init(true, signingKey); + + sig.BlockUpdate(data, 0, data.Length); + + sigBytes = sig.GenerateSignature(); + + sig.Init(false, verifyKey); + + sig.BlockUpdate(data, 0, data.Length); + + if (!sig.VerifySignature(sigBytes)) + { + Fail("SHA512 verification failed"); + } + + // + // ISO Sigs. + // + sig = SignerUtilities.GetSigner("MD5WithRSA/ISO9796-2"); + + sig.Init(true, signingKey); + + sig.BlockUpdate(data, 0, data.Length); + + sigBytes = sig.GenerateSignature(); + + sig.Init(false, verifyKey); + + sig.BlockUpdate(data, 0, data.Length); + + if (!sig.VerifySignature(sigBytes)) + { + Fail("MD5/ISO verification failed"); + } + + sig = SignerUtilities.GetSigner("SHA1WithRSA/ISO9796-2"); + + sig.Init(true, signingKey); + + sig.BlockUpdate(data, 0, data.Length); + + sigBytes = sig.GenerateSignature(); + + sig.Init(false, verifyKey); + + sig.BlockUpdate(data, 0, data.Length); + + if (!sig.VerifySignature(sigBytes)) + { + Fail("SHA1/ISO verification failed"); + } + + sig = SignerUtilities.GetSigner("RIPEMD160WithRSA/ISO9796-2"); + + sig.Init(true, signingKey); + + sig.BlockUpdate(data, 0, data.Length); + + sigBytes = sig.GenerateSignature(); + + sig.Init(false, verifyKey); + + sig.BlockUpdate(data, 0, data.Length); + + if (!sig.VerifySignature(sigBytes)) + { + Fail("RIPEMD160/ISO verification failed"); + } + + // + // standard vector test - B.1.3 RIPEMD160, implicit. + // + BigInteger mod = new BigInteger("ffffffff78f6c55506c59785e871211ee120b0b5dd644aa796d82413a47b24573f1be5745b5cd9950f6b389b52350d4e01e90009669a8720bf265a2865994190a661dea3c7828e2e7ca1b19651adc2d5", 16); + BigInteger pub = new BigInteger("03", 16); + BigInteger pri = new BigInteger("2aaaaaaa942920e38120ee965168302fd0301d73a4e60c7143ceb0adf0bf30b9352f50e8b9e4ceedd65343b2179005b2f099915e4b0c37e41314bb0821ad8330d23cba7f589e0f129b04c46b67dfce9d", 16); + +// KeyFactory f = KeyFactory.getInstance("RSA"); +// AsymmetricKeyParameter privKey = f.generatePrivate(new RSAPrivateKeySpec(mod, pri)); +// AsymmetricKeyParameter pubKey = f.generatePublic(new RSAPublicKeySpec(mod, pub)); + AsymmetricKeyParameter privKey = new RsaKeyParameters(true, mod, pri); + AsymmetricKeyParameter pubKey = new RsaKeyParameters(false, mod, pub); + byte[] testSig = Hex.Decode("5cf9a01854dbacaec83aae8efc563d74538192e95466babacd361d7c86000fe42dcb4581e48e4feb862d04698da9203b1803b262105104d510b365ee9c660857ba1c001aa57abfd1c8de92e47c275cae"); + + data = Hex.Decode("fedcba9876543210fedcba9876543210fedcba9876543210fedcba9876543210fedcba9876543210fedcba9876543210fedcba9876543210fedcba9876543210fedcba9876543210fedcba9876543210fedcba9876543210fedcba9876543210fedcba9876543210fedcba9876543210"); + + sig = SignerUtilities.GetSigner("RIPEMD160WithRSA/ISO9796-2"); + + sig.Init(true, privKey); + + sig.BlockUpdate(data, 0, data.Length); + + sigBytes = sig.GenerateSignature(); + + if (!AreEqual(testSig, sigBytes)) + { + Fail("SigTest: failed ISO9796-2 generation Test"); + } + + sig.Init(false, pubKey); + + sig.BlockUpdate(data, 0, data.Length); + + if (!sig.VerifySignature(sigBytes)) + { + Fail("RIPEMD160/ISO verification failed"); + } + } + + public override string Name + { + get { return "SigTest"; } + } + + public static void Main( + string[] args) + { + RunTest(new SigTest()); + } + + [Test] + public void TestFunction() + { + string resultText = Perform().ToString(); + + Assert.AreEqual(Name + ": Okay", resultText); + } + } +} diff --git a/BouncyCastle/crypto/test/src/test/TestUtilities.cs b/BouncyCastle/crypto/test/src/test/TestUtilities.cs new file mode 100644 index 0000000..a794212 --- /dev/null +++ b/BouncyCastle/crypto/test/src/test/TestUtilities.cs @@ -0,0 +1,264 @@ +using System; +using System.Diagnostics; + +using Org.BouncyCastle.Asn1; +using Org.BouncyCastle.Asn1.X509; +using Org.BouncyCastle.Crypto; +using Org.BouncyCastle.Math; +using Org.BouncyCastle.Security; +using Org.BouncyCastle.Security.Certificates; +using Org.BouncyCastle.Utilities.Collections; +using Org.BouncyCastle.X509; +using Org.BouncyCastle.X509.Extension; + +namespace Org.BouncyCastle.Tests +{ + /** + * Test Utils + */ + internal class TestUtilities + { + /** + * Create a random 1024 bit RSA key pair + */ + public static AsymmetricCipherKeyPair GenerateRsaKeyPair() + { + IAsymmetricCipherKeyPairGenerator kpGen = GeneratorUtilities.GetKeyPairGenerator("RSA"); + + kpGen.Init(new KeyGenerationParameters(new SecureRandom(), 1024)); + + return kpGen.GenerateKeyPair(); + } + + public static X509Certificate GenerateRootCert( + AsymmetricCipherKeyPair pair) + { + X509V1CertificateGenerator certGen = new X509V1CertificateGenerator(); + + certGen.SetSerialNumber(BigInteger.One); + certGen.SetIssuerDN(new X509Name("CN=Test CA Certificate")); + certGen.SetNotBefore(DateTime.UtcNow.AddSeconds(-50)); + certGen.SetNotAfter(DateTime.UtcNow.AddSeconds(50)); + certGen.SetSubjectDN(new X509Name("CN=Test CA Certificate")); + certGen.SetPublicKey(pair.Public); + certGen.SetSignatureAlgorithm("SHA256WithRSAEncryption"); + + return certGen.Generate(pair.Private); + } + + public static X509Certificate GenerateIntermediateCert( + AsymmetricKeyParameter intKey, + AsymmetricKeyParameter caKey, + X509Certificate caCert) + { + X509V3CertificateGenerator certGen = new X509V3CertificateGenerator(); + + certGen.SetSerialNumber(BigInteger.One); + certGen.SetIssuerDN(PrincipalUtilities.GetSubjectX509Principal(caCert)); + certGen.SetNotBefore(DateTime.UtcNow.AddSeconds(-50)); + certGen.SetNotAfter(DateTime.UtcNow.AddSeconds(50)); + certGen.SetSubjectDN(new X509Name("CN=Test Intermediate Certificate")); + certGen.SetPublicKey(intKey); + certGen.SetSignatureAlgorithm("SHA256WithRSAEncryption"); + + certGen.AddExtension(X509Extensions.AuthorityKeyIdentifier, false, new AuthorityKeyIdentifierStructure(caCert)); + certGen.AddExtension(X509Extensions.SubjectKeyIdentifier, false, new SubjectKeyIdentifierStructure(intKey)); + certGen.AddExtension(X509Extensions.BasicConstraints, true, new BasicConstraints(0)); + certGen.AddExtension(X509Extensions.KeyUsage, true, new KeyUsage(KeyUsage.DigitalSignature | KeyUsage.KeyCertSign | KeyUsage.CrlSign)); + + return certGen.Generate(caKey); + } + + public static X509Certificate GenerateEndEntityCert( + AsymmetricKeyParameter entityKey, + AsymmetricKeyParameter caKey, + X509Certificate caCert) + { + X509V3CertificateGenerator certGen = new X509V3CertificateGenerator(); + + certGen.SetSerialNumber(BigInteger.One); + certGen.SetIssuerDN(PrincipalUtilities.GetSubjectX509Principal(caCert)); + certGen.SetNotBefore(DateTime.UtcNow.AddSeconds(-50)); + certGen.SetNotAfter(DateTime.UtcNow.AddSeconds(50)); + certGen.SetSubjectDN(new X509Name("CN=Test End Certificate")); + certGen.SetPublicKey(entityKey); + certGen.SetSignatureAlgorithm("SHA256WithRSAEncryption"); + + certGen.AddExtension(X509Extensions.AuthorityKeyIdentifier, false, new AuthorityKeyIdentifierStructure(caCert)); + certGen.AddExtension(X509Extensions.SubjectKeyIdentifier, false, new SubjectKeyIdentifierStructure(entityKey)); + certGen.AddExtension(X509Extensions.BasicConstraints, true, new BasicConstraints(false)); + certGen.AddExtension(X509Extensions.KeyUsage, true, new KeyUsage(KeyUsage.DigitalSignature | KeyUsage.KeyEncipherment)); + + return certGen.Generate(caKey); + } + + public static X509Crl CreateCrl( + X509Certificate caCert, + AsymmetricKeyParameter caKey, + BigInteger serialNumber) + { + X509V2CrlGenerator crlGen = new X509V2CrlGenerator(); + DateTime now = DateTime.UtcNow; +// BigInteger revokedSerialNumber = BigInteger.Two; + + crlGen.SetIssuerDN(PrincipalUtilities.GetSubjectX509Principal(caCert)); + + crlGen.SetThisUpdate(now); + crlGen.SetNextUpdate(now.AddSeconds(100)); + crlGen.SetSignatureAlgorithm("SHA256WithRSAEncryption"); + + crlGen.AddCrlEntry(serialNumber, now, CrlReason.PrivilegeWithdrawn); + + crlGen.AddExtension(X509Extensions.AuthorityKeyIdentifier, false, new AuthorityKeyIdentifierStructure(caCert)); + crlGen.AddExtension(X509Extensions.CrlNumber, false, new CrlNumber(BigInteger.One)); + + return crlGen.Generate(caKey); + } + + public static X509Certificate CreateExceptionCertificate( + bool exceptionOnEncode) + { + return new ExceptionCertificate(exceptionOnEncode); + } + + private class ExceptionCertificate + : X509Certificate + { + private bool _exceptionOnEncode; + + public ExceptionCertificate( + bool exceptionOnEncode) + { + _exceptionOnEncode = exceptionOnEncode; + } + + public override void CheckValidity() + { + throw new CertificateNotYetValidException(); + } + + public override void CheckValidity( + DateTime date) + { + throw new CertificateExpiredException(); + } + + public override int Version + { + get { return 0; } + } + + public override BigInteger SerialNumber + { + get { return null; } + } + + public override X509Name IssuerDN + { + get { return null; } + } + + public override X509Name SubjectDN + { + get { return null; } + } + + public override DateTime NotBefore + { + get { return DateTime.MaxValue; } + } + + public override DateTime NotAfter + { + get { return DateTime.MinValue; } + } + + public override byte[] GetTbsCertificate() + { + throw new CertificateEncodingException(); + } + + public override byte[] GetSignature() + { + return new byte[0]; + } + + public override string SigAlgName + { + get { return null; } + } + + public override string SigAlgOid + { + get { return null; } + } + + public override byte[] GetSigAlgParams() + { + return new byte[0]; + } + + public override DerBitString IssuerUniqueID + { + get { return null; } + } + + public override DerBitString SubjectUniqueID + { + get { return null; } + } + + public override bool[] GetKeyUsage() + { + return new bool[0]; + } + + public override int GetBasicConstraints() + { + return 0; + } + + public override byte[] GetEncoded() + { + if (_exceptionOnEncode) + { + throw new CertificateEncodingException(); + } + + return new byte[0]; + } + + public override void Verify( + AsymmetricKeyParameter key) + { + throw new CertificateException(); + } + + public override string ToString() + { + return null; + } + + public override AsymmetricKeyParameter GetPublicKey() + { + return null; + } + + public override ISet GetCriticalExtensionOids() + { + return null; + } + + public override ISet GetNonCriticalExtensionOids() + { + return null; + } + + public override Asn1OctetString GetExtensionValue( + DerObjectIdentifier oid) + { + return null; + } + } + } +} diff --git a/BouncyCastle/crypto/test/src/test/TupleHashTest.cs b/BouncyCastle/crypto/test/src/test/TupleHashTest.cs new file mode 100644 index 0000000..4d92ee7 --- /dev/null +++ b/BouncyCastle/crypto/test/src/test/TupleHashTest.cs @@ -0,0 +1,108 @@ +using System; + +using NUnit.Framework; + +using Org.BouncyCastle.Crypto.Digests; +using Org.BouncyCastle.Utilities; +using Org.BouncyCastle.Utilities.Encoders; +using Org.BouncyCastle.Utilities.Test; + +namespace Org.BouncyCastle.Tests +{ + [TestFixture] +/** + * TupleHash test vectors from: + *

    + * https://csrc.nist.gov/CSRC/media/Projects/Cryptographic-Standards-and-Guidelines/documents/examples/KMAC_samples.pdf + */ +public class TupleHashTest + : SimpleTest +{ + public override string Name + { + get { return "TupleHash"; } + } + + public override void PerformTest() + { + TupleHash tHash = new TupleHash(128, new byte[0]); + + tHash.BlockUpdate(Hex.Decode("000102"), 0, 3); + tHash.BlockUpdate(Hex.Decode("101112131415"), 0, 6); + + byte[] res = new byte[tHash.GetDigestSize()]; + + tHash.DoFinal(res, 0); + IsTrue("oops!", Arrays.AreEqual(Hex.Decode("C5 D8 78 6C 1A FB 9B 82 11 1A B3 4B 65 B2 C0 04 8F A6 4E 6D 48 E2 63 26 4C E1 70 7D 3F FC 8E D1"), res)); + + tHash = new TupleHash(128, Strings.ToByteArray("My Tuple App")); + + tHash.BlockUpdate(Hex.Decode("000102"), 0, 3); + tHash.BlockUpdate(Hex.Decode("101112131415"), 0, 6); + + tHash.DoFinal(res, 0); + + IsTrue("oops!", Arrays.AreEqual(Hex.Decode("75 CD B2 0F F4 DB 11 54 E8 41 D7 58 E2 41 60 C5 4B AE 86 EB 8C 13 E7 F5 F4 0E B3 55 88 E9 6D FB"), res)); + + tHash.BlockUpdate(Hex.Decode("000102"), 0, 3); + tHash.BlockUpdate(Hex.Decode("101112131415"), 0, 6); + tHash.BlockUpdate(Hex.Decode("202122232425262728"), 0, 9); + + tHash.DoFinal(res, 0); + + IsTrue("oops!", Arrays.AreEqual(Hex.Decode("E6 0F 20 2C 89 A2 63 1E DA 8D 4C 58 8C A5 FD 07 F3 9E 51 51 99 8D EC CF 97 3A DB 38 04 BB 6E 84"), res)); + + tHash = new TupleHash(256, new byte[0]); + + tHash.BlockUpdate(Hex.Decode("000102"), 0, 3); + tHash.BlockUpdate(Hex.Decode("101112131415"), 0, 6); + + res = new byte[tHash.GetDigestSize()]; + + tHash.DoFinal(res, 0); + + IsTrue("oops!", Arrays.AreEqual(Hex.Decode("CF B7 05 8C AC A5 E6 68 F8 1A 12 A2 0A 21 95 CE 97 A9 25 F1 DB A3 E7 44 9A 56 F8 22 01 EC 60 73 11 AC 26 96 B1 AB 5E A2 35 2D F1 42 3B DE 7B D4 BB 78 C9 AE D1 A8 53 C7 86 72 F9 EB 23 BB E1 94"), res)); + + tHash = new TupleHash(256, Strings.ToByteArray("My Tuple App")); + + tHash.BlockUpdate(Hex.Decode("000102"), 0, 3); + tHash.BlockUpdate(Hex.Decode("101112131415"), 0, 6); + + tHash.DoFinal(res, 0); + + IsTrue("oops!", Arrays.AreEqual(Hex.Decode("14 7C 21 91 D5 ED 7E FD 98 DB D9 6D 7A B5 A1 16 92 57 6F 5F E2 A5 06 5F 3E 33 DE 6B BA 9F 3A A1 C4 E9 A0 68 A2 89 C6 1C 95 AA B3 0A EE 1E 41 0B 0B 60 7D E3 62 0E 24 A4 E3 BF 98 52 A1 D4 36 7E"), res)); + + tHash.BlockUpdate(Hex.Decode("000102"), 0, 3); + tHash.BlockUpdate(Hex.Decode("101112131415"), 0, 6); + tHash.BlockUpdate(Hex.Decode("202122232425262728"), 0, 9); + + tHash.DoFinal(res, 0); + + IsTrue("oops!", Arrays.AreEqual(Hex.Decode("45 00 0B E6 3F 9B 6B FD 89 F5 47 17 67 0F 69 A9 BC 76 35 91 A4 F0 5C 50 D6 88 91 A7 44 BC C6 E7 D6 D5 B5 E8 2C 01 8D A9 99 ED 35 B0 BB 49 C9 67 8E 52 6A BD 8E 85 C1 3E D2 54 02 1D B9 E7 90 CE"), res)); + + tHash = new TupleHash(128, Strings.ToByteArray("My Tuple App")); + + tHash.BlockUpdate(Hex.Decode("000102"), 0, 3); + tHash.BlockUpdate(Hex.Decode("101112131415"), 0, 6); + tHash.BlockUpdate(Hex.Decode("202122232425262728"), 0, 9); + + res = new byte[32]; + tHash.DoOutput(res, 0, res.Length); + + IsTrue("oops!", !Arrays.AreEqual(Hex.Decode("E6 0F 20 2C 89 A2 63 1E DA 8D 4C 58 8C A5 FD 07 F3 9E 51 51 99 8D EC CF 97 3A DB 38 04 BB 6E 84"), res)); + IsTrue("oops!", Arrays.AreEqual(Hex.Decode("900fe16cad098d28e74d632ed852f99daab7f7df4d99e775657885b4bf76d6f8"), res)); + + tHash = new TupleHash(256, Strings.ToByteArray("My Tuple App")); + + tHash.BlockUpdate(Hex.Decode("000102"), 0, 3); + tHash.BlockUpdate(Hex.Decode("101112131415"), 0, 6); + tHash.BlockUpdate(Hex.Decode("202122232425262728"), 0, 9); + + res = new byte[64]; + tHash.DoOutput(res, 0, res.Length); + + IsTrue("oops!", !Arrays.AreEqual(Hex.Decode("45 00 0B E6 3F 9B 6B FD 89 F5 47 17 67 0F 69 A9 BC 76 35 91 A4 F0 5C 50 D6 88 91 A7 44 BC C6 E7 D6 D5 B5 E8 2C 01 8D A9 99 ED 35 B0 BB 49 C9 67 8E 52 6A BD 8E 85 C1 3E D2 54 02 1D B9 E7 90 CE"), res)); + IsTrue("oops!", Arrays.AreEqual(Hex.Decode("0c59b11464f2336c34663ed51b2b950bec743610856f36c28d1d088d8a2446284dd09830a6a178dc752376199fae935d86cfdee5913d4922dfd369b66a53c897"), res)); + } +} +} diff --git a/BouncyCastle/crypto/test/src/test/WrapTest.cs b/BouncyCastle/crypto/test/src/test/WrapTest.cs new file mode 100644 index 0000000..bb49446 --- /dev/null +++ b/BouncyCastle/crypto/test/src/test/WrapTest.cs @@ -0,0 +1,94 @@ +using System; + +using NUnit.Framework; + +using Org.BouncyCastle.Crypto; +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Math; +using Org.BouncyCastle.Pkcs; +using Org.BouncyCastle.Security; +using Org.BouncyCastle.Utilities; +using Org.BouncyCastle.Utilities.Test; + +namespace Org.BouncyCastle.Tests +{ + [TestFixture] + public class WrapTest + : ITest + { + public ITestResult Perform() + { + try + { +// IBufferedCipher cipher = CipherUtilities.GetCipher("DES/ECB/PKCS5Padding"); + IWrapper cipher = WrapperUtilities.GetWrapper("DES/ECB/PKCS5Padding"); + + IAsymmetricCipherKeyPairGenerator fact = GeneratorUtilities.GetKeyPairGenerator("RSA"); + fact.Init( + new RsaKeyGenerationParameters( + BigInteger.ValueOf(0x10001), + new SecureRandom(), + 512, + 25)); + + AsymmetricCipherKeyPair keyPair = fact.GenerateKeyPair(); + + AsymmetricKeyParameter priKey = keyPair.Private; + AsymmetricKeyParameter pubKey = keyPair.Public; + + byte[] priKeyBytes = PrivateKeyInfoFactory.CreatePrivateKeyInfo(priKey).GetDerEncoded(); + + CipherKeyGenerator keyGen = GeneratorUtilities.GetKeyGenerator("DES"); + +// Key wrapKey = keyGen.generateKey(); + byte[] wrapKeyBytes = keyGen.GenerateKey(); + KeyParameter wrapKey = new DesParameters(wrapKeyBytes); + +// cipher.Init(IBufferedCipher.WRAP_MODE, wrapKey); + cipher.Init(true, wrapKey); +// byte[] wrappedKey = cipher.Wrap(priKey); + byte[] wrappedKey = cipher.Wrap(priKeyBytes, 0, priKeyBytes.Length); + +// cipher.Init(IBufferedCipher.UNWRAP_MODE, wrapKey); + cipher.Init(false, wrapKey); + +// Key key = cipher.unwrap(wrappedKey, "RSA", IBufferedCipher.PRIVATE_KEY); + byte[] unwrapped = cipher.Unwrap(wrappedKey, 0, wrappedKey.Length); + + //if (!Arrays.AreEqual(priKey.getEncoded(), key.getEncoded())) + if (!Arrays.AreEqual(priKeyBytes, unwrapped)) + { + return new SimpleTestResult(false, "Unwrapped key does not match"); + } + + return new SimpleTestResult(true, Name + ": Okay"); + } + catch (Exception e) + { + return new SimpleTestResult(false, Name + ": exception - " + e.ToString()); + } + } + + public string Name + { + get { return "WrapTest"; } + } + + public static void Main( + string[] args) + { + ITest test = new WrapTest(); + ITestResult result = test.Perform(); + + Console.WriteLine(result); + } + + [Test] + public void TestFunction() + { + string resultText = Perform().ToString(); + + Assert.AreEqual(Name + ": Okay", resultText); + } + } +} diff --git a/BouncyCastle/crypto/test/src/test/X509CertificatePairTest.cs b/BouncyCastle/crypto/test/src/test/X509CertificatePairTest.cs new file mode 100644 index 0000000..a83de4c --- /dev/null +++ b/BouncyCastle/crypto/test/src/test/X509CertificatePairTest.cs @@ -0,0 +1,149 @@ +using System; + +using NUnit.Framework; + +using Org.BouncyCastle.Security.Certificates; +using Org.BouncyCastle.Utilities.Test; +using Org.BouncyCastle.X509; + +namespace Org.BouncyCastle.Tests +{ + [TestFixture] + public class X509CertificatePairTest + : SimpleTest + { + public override void PerformTest() + { + //CertificateFactory cf = CertificateFactory.getInstance("X.509"); + X509CertificateParser cf = new X509CertificateParser(); + + X509Certificate rootCert = (X509Certificate) cf.ReadCertificate(CertPathTest.rootCertBin); + X509Certificate interCert = (X509Certificate) cf.ReadCertificate(CertPathTest.interCertBin); + X509Certificate finalCert = (X509Certificate) cf.ReadCertificate(CertPathTest.finalCertBin); + + X509CertificatePair pair1 = new X509CertificatePair(rootCert, interCert); + X509CertificatePair pair2 = new X509CertificatePair(rootCert, interCert); + X509CertificatePair pair3 = new X509CertificatePair(interCert, finalCert); + X509CertificatePair pair4 = new X509CertificatePair(rootCert, finalCert); + X509CertificatePair pair5 = new X509CertificatePair(rootCert, null); + X509CertificatePair pair6 = new X509CertificatePair(rootCert, null); + X509CertificatePair pair7 = new X509CertificatePair(null, rootCert); + X509CertificatePair pair8 = new X509CertificatePair(null, rootCert); + + if (!pair1.Equals(pair2)) + { + Fail("pair1 pair2 equality test"); + } + + if (!pair5.Equals(pair6)) + { + Fail("pair1 pair2 equality test"); + } + + if (!pair7.Equals(pair8)) + { + Fail("pair1 pair2 equality test"); + } + + if (pair1.Equals(null)) + { + Fail("pair1 null equality test"); + } + + if (pair1.GetHashCode() != pair2.GetHashCode()) + { + Fail("pair1 pair2 hashCode equality test"); + } + + if (pair1.Equals(pair3)) + { + Fail("pair1 pair3 inequality test"); + } + + if (pair1.Equals(pair4)) + { + Fail("pair1 pair4 inequality test"); + } + + if (pair1.Equals(pair5)) + { + Fail("pair1 pair5 inequality test"); + } + + if (pair1.Equals(pair7)) + { + Fail("pair1 pair7 inequality test"); + } + + if (pair5.Equals(pair1)) + { + Fail("pair5 pair1 inequality test"); + } + + if (pair7.Equals(pair1)) + { + Fail("pair7 pair1 inequality test"); + } + + if (pair1.Forward != rootCert) + { + Fail("pair1 forward test"); + } + + if (pair1.Reverse != interCert) + { + Fail("pair1 reverse test"); + } + + if (!AreEqual(pair1.GetEncoded(), pair2.GetEncoded())) + { + Fail("encoding check"); + } + + pair4 = new X509CertificatePair(rootCert, TestUtilities.CreateExceptionCertificate(false)); + + try + { + pair4.GetEncoded(); + + Fail("no exception on bad GetEncoded()"); + } + catch (CertificateEncodingException) + { + // expected + } + + pair4 = new X509CertificatePair(rootCert, TestUtilities.CreateExceptionCertificate(true)); + + try + { + pair4.GetEncoded(); + + Fail("no exception on exception GetEncoded()"); + } + catch (CertificateEncodingException) + { + // expected + } + } + + public override string Name + { + get { return "X509CertificatePair"; } + } + + public static void Main( + string[] args) + { + RunTest(new X509CertificatePairTest()); + } + + [Test] + public void TestFunction() + { + string resultText = Perform().ToString(); + + Assert.AreEqual(Name + ": Okay", resultText); + } + } +} diff --git a/BouncyCastle/crypto/test/src/test/X509StoreTest.cs b/BouncyCastle/crypto/test/src/test/X509StoreTest.cs new file mode 100644 index 0000000..37673b8 --- /dev/null +++ b/BouncyCastle/crypto/test/src/test/X509StoreTest.cs @@ -0,0 +1,335 @@ +using System; +using System.Collections; +using System.IO; + +using NUnit.Framework; + +using Org.BouncyCastle.Asn1.X509; +using Org.BouncyCastle.Math; +using Org.BouncyCastle.Utilities.Date; +using Org.BouncyCastle.Utilities.Test; +using Org.BouncyCastle.X509; +using Org.BouncyCastle.X509.Store; + +namespace Org.BouncyCastle.Tests +{ + [TestFixture] + public class X509StoreTest + : SimpleTest + { + private void certPairTest() + { + X509CertificateParser certParser = new X509CertificateParser(); + + X509Certificate rootCert = certParser.ReadCertificate(CertPathTest.rootCertBin); + X509Certificate interCert = certParser.ReadCertificate(CertPathTest.interCertBin); + X509Certificate finalCert = certParser.ReadCertificate(CertPathTest.finalCertBin); + + // Testing CollectionCertStore generation from List + X509CertificatePair pair1 = new X509CertificatePair(rootCert, interCert); + + IList certList = new ArrayList(); + certList.Add(pair1); + certList.Add(new X509CertificatePair(interCert, finalCert)); + + IX509Store certStore = X509StoreFactory.Create( + "CertificatePair/Collection", + new X509CollectionStoreParameters(certList)); + + X509CertPairStoreSelector selector = new X509CertPairStoreSelector(); + X509CertStoreSelector fwSelector = new X509CertStoreSelector(); + + fwSelector.SerialNumber = rootCert.SerialNumber; + fwSelector.Subject = rootCert.IssuerDN; + + selector.ForwardSelector = fwSelector; + + IList col = new ArrayList(certStore.GetMatches(selector)); + + if (col.Count != 1 || !col.Contains(pair1)) + { + Fail("failed pair1 test"); + } + + col = new ArrayList(certStore.GetMatches(null)); + + if (col.Count != 2) + { + Fail("failed null test"); + } + } + + public override void PerformTest() + { + X509CertificateParser certParser = new X509CertificateParser(); + X509CrlParser crlParser = new X509CrlParser(); + + X509Certificate rootCert = certParser.ReadCertificate(CertPathTest.rootCertBin); + X509Certificate interCert = certParser.ReadCertificate(CertPathTest.interCertBin); + X509Certificate finalCert = certParser.ReadCertificate(CertPathTest.finalCertBin); + X509Crl rootCrl = crlParser.ReadCrl(CertPathTest.rootCrlBin); + X509Crl interCrl = crlParser.ReadCrl(CertPathTest.interCrlBin); + + // Testing CollectionCertStore generation from List + IList certList = new ArrayList(); + certList.Add(rootCert); + certList.Add(interCert); + certList.Add(finalCert); + + IX509Store certStore = X509StoreFactory.Create( + "Certificate/Collection", + new X509CollectionStoreParameters(certList)); + + // set default to be the same as for SUN X500 name + X509Name.DefaultReverse = true; + + // Searching for rootCert by subjectDN + + X509CertStoreSelector targetConstraints = new X509CertStoreSelector(); + targetConstraints.Subject = PrincipalUtilities.GetSubjectX509Principal(rootCert); + IList certs = new ArrayList(certStore.GetMatches(targetConstraints)); + if (certs.Count != 1 || !certs.Contains(rootCert)) + { + Fail("rootCert not found by subjectDN"); + } + + // Searching for rootCert by subjectDN encoded as byte + targetConstraints = new X509CertStoreSelector(); + targetConstraints.Subject = PrincipalUtilities.GetSubjectX509Principal(rootCert); + certs = new ArrayList(certStore.GetMatches(targetConstraints)); + if (certs.Count != 1 || !certs.Contains(rootCert)) + { + Fail("rootCert not found by encoded subjectDN"); + } + + X509Name.DefaultReverse = false; + + // Searching for rootCert by public key encoded as byte + targetConstraints = new X509CertStoreSelector(); + targetConstraints.SubjectPublicKey = + SubjectPublicKeyInfoFactory.CreateSubjectPublicKeyInfo(rootCert.GetPublicKey()); + certs = new ArrayList(certStore.GetMatches(targetConstraints)); + if (certs.Count != 1 || !certs.Contains(rootCert)) + { + Fail("rootCert not found by encoded public key"); + } + + // Searching for interCert by issuerDN + targetConstraints = new X509CertStoreSelector(); + targetConstraints.Issuer = PrincipalUtilities.GetSubjectX509Principal(rootCert); + certs = new ArrayList(certStore.GetMatches(targetConstraints)); + if (certs.Count != 2) + { + Fail("did not found 2 certs"); + } + if (!certs.Contains(rootCert)) + { + Fail("rootCert not found"); + } + if (!certs.Contains(interCert)) + { + Fail("interCert not found"); + } + + // Searching for rootCrl by issuerDN + IList crlList = new ArrayList(); + crlList.Add(rootCrl); + crlList.Add(interCrl); + IX509Store store = X509StoreFactory.Create( + "CRL/Collection", + new X509CollectionStoreParameters(crlList)); + + X509CrlStoreSelector targetConstraintsCRL = new X509CrlStoreSelector(); + + ArrayList issuers = new ArrayList(); + issuers.Add(rootCrl.IssuerDN); + targetConstraintsCRL.Issuers = issuers; + + IList crls = new ArrayList(store.GetMatches(targetConstraintsCRL)); + if (crls.Count != 1 || !crls.Contains(rootCrl)) + { + Fail("rootCrl not found"); + } + + crls = new ArrayList(certStore.GetMatches(targetConstraintsCRL)); + if (crls.Count != 0) + { + Fail("error using wrong selector (CRL)"); + } + certs = new ArrayList(store.GetMatches(targetConstraints)); + if (certs.Count != 0) + { + Fail("error using wrong selector (certs)"); + } + // Searching for attribute certificates + X509V2AttributeCertificate attrCert = new X509V2AttributeCertificate(AttrCertTest.attrCert); + IX509AttributeCertificate attrCert2 = new X509V2AttributeCertificate(AttrCertTest.certWithBaseCertificateID); + + IList attrList = new ArrayList(); + attrList.Add(attrCert); + attrList.Add(attrCert2); + store = X509StoreFactory.Create( + "AttributeCertificate/Collection", + new X509CollectionStoreParameters(attrList)); + + X509AttrCertStoreSelector attrSelector = new X509AttrCertStoreSelector(); + attrSelector.Holder = attrCert.Holder; + if (!attrSelector.Holder.Equals(attrCert.Holder)) + { + Fail("holder get not correct"); + } + IList attrs = new ArrayList(store.GetMatches(attrSelector)); + if (attrs.Count != 1 || !attrs.Contains(attrCert)) + { + Fail("attrCert not found on holder"); + } + attrSelector.Holder = attrCert2.Holder; + if (attrSelector.Holder.Equals(attrCert.Holder)) + { + Fail("holder get not correct"); + } + attrs = new ArrayList(store.GetMatches(attrSelector)); + if (attrs.Count != 1 || !attrs.Contains(attrCert2)) + { + Fail("attrCert2 not found on holder"); + } + attrSelector = new X509AttrCertStoreSelector(); + attrSelector.Issuer = attrCert.Issuer; + if (!attrSelector.Issuer.Equals(attrCert.Issuer)) + { + Fail("issuer get not correct"); + } + attrs = new ArrayList(store.GetMatches(attrSelector)); + if (attrs.Count != 1 || !attrs.Contains(attrCert)) + { + Fail("attrCert not found on issuer"); + } + attrSelector.Issuer = attrCert2.Issuer; + if (attrSelector.Issuer.Equals(attrCert.Issuer)) + { + Fail("issuer get not correct"); + } + attrs = new ArrayList(store.GetMatches(attrSelector)); + if (attrs.Count != 1 || !attrs.Contains(attrCert2)) + { + Fail("attrCert2 not found on issuer"); + } + attrSelector = new X509AttrCertStoreSelector(); + attrSelector.AttributeCert = attrCert; + if (!attrSelector.AttributeCert.Equals(attrCert)) + { + Fail("attrCert get not correct"); + } + attrs = new ArrayList(store.GetMatches(attrSelector)); + if (attrs.Count != 1 || !attrs.Contains(attrCert)) + { + Fail("attrCert not found on attrCert"); + } + attrSelector = new X509AttrCertStoreSelector(); + attrSelector.SerialNumber = attrCert.SerialNumber; + if (!attrSelector.SerialNumber.Equals(attrCert.SerialNumber)) + { + Fail("serial number get not correct"); + } + attrs = new ArrayList(store.GetMatches(attrSelector)); + if (attrs.Count != 1 || !attrs.Contains(attrCert)) + { + Fail("attrCert not found on serial number"); + } + attrSelector = (X509AttrCertStoreSelector)attrSelector.Clone(); + if (!attrSelector.SerialNumber.Equals(attrCert.SerialNumber)) + { + Fail("serial number get not correct"); + } + attrs = new ArrayList(store.GetMatches(attrSelector)); + if (attrs.Count != 1 || !attrs.Contains(attrCert)) + { + Fail("attrCert not found on serial number"); + } + + attrSelector = new X509AttrCertStoreSelector(); + attrSelector.AttributeCertificateValid = new DateTimeObject(attrCert.NotBefore); + if (attrSelector.AttributeCertificateValid.Value != attrCert.NotBefore) + { + Fail("valid get not correct"); + } + attrs = new ArrayList(store.GetMatches(attrSelector)); + if (attrs.Count != 1 || !attrs.Contains(attrCert)) + { + Fail("attrCert not found on valid"); + } + attrSelector = new X509AttrCertStoreSelector(); + attrSelector.AttributeCertificateValid = new DateTimeObject(attrCert.NotBefore.AddMilliseconds(-100)); + attrs = new ArrayList(store.GetMatches(attrSelector)); + if (attrs.Count != 0) + { + Fail("attrCert found on before"); + } + attrSelector.AttributeCertificateValid = new DateTimeObject(attrCert.NotAfter.AddMilliseconds(100)); + attrs = new ArrayList(store.GetMatches(attrSelector)); + if (attrs.Count != 0) + { + Fail("attrCert found on after"); + } + attrSelector.SerialNumber = BigInteger.ValueOf(10000); + attrs = new ArrayList(store.GetMatches(attrSelector)); + if (attrs.Count != 0) + { + Fail("attrCert found on wrong serial number"); + } + + attrSelector.AttributeCert = null; + attrSelector.AttributeCertificateValid = null; + attrSelector.Holder = null; + attrSelector.Issuer = null; + attrSelector.SerialNumber = null; + if (attrSelector.AttributeCert != null) + { + Fail("null attrCert"); + } + if (attrSelector.AttributeCertificateValid != null) + { + Fail("null attrCertValid"); + } + if (attrSelector.Holder != null) + { + Fail("null attrCert holder"); + } + if (attrSelector.Issuer != null) + { + Fail("null attrCert issuer"); + } + if (attrSelector.SerialNumber != null) + { + Fail("null attrCert serial"); + } + + attrs = new ArrayList(certStore.GetMatches(attrSelector)); + if (attrs.Count != 0) + { + Fail("error using wrong selector (attrs)"); + } + + certPairTest(); + } + + public override string Name + { + get { return "IX509Store"; } + } + + public static void Main( + string[] args) + { + RunTest(new X509StoreTest()); + } + + [Test] + public void TestFunction() + { + string resultText = Perform().ToString(); + + Assert.AreEqual(Name + ": Okay", resultText); + } + } +} diff --git a/BouncyCastle/crypto/test/src/test/nist/NistCertPathTest.cs b/BouncyCastle/crypto/test/src/test/nist/NistCertPathTest.cs new file mode 100644 index 0000000..13a85a9 --- /dev/null +++ b/BouncyCastle/crypto/test/src/test/nist/NistCertPathTest.cs @@ -0,0 +1,832 @@ +using System; +using System.Collections; +using System.IO; +using System.Reflection; + +using NUnit.Framework; + +using Org.BouncyCastle.Asn1; +using Org.BouncyCastle.Asn1.X509; +using Org.BouncyCastle.Pkix; +using Org.BouncyCastle.Utilities.Collections; +using Org.BouncyCastle.Utilities.Date; +using Org.BouncyCastle.Utilities.Test; +using Org.BouncyCastle.X509; +using Org.BouncyCastle.X509.Extension; +using Org.BouncyCastle.X509.Store; + +namespace Org.BouncyCastle.Tests.Nist +{ + [TestFixture] + public class NistCertPathTest + { + private static readonly string GOOD_CA_CERT = "GoodCACert"; + + private static readonly string GOOD_CA_CRL = "GoodCACRL"; + + private static readonly string TRUST_ANCHOR_ROOT_CRL = "TrustAnchorRootCRL"; + + private static readonly string TRUST_ANCHOR_ROOT_CERTIFICATE = "TrustAnchorRootCertificate"; + + private static readonly char[] PKCS12_PASSWORD = "password".ToCharArray(); + + private static readonly string ANY_POLICY = "2.5.29.32.0"; + private static readonly string NIST_TEST_POLICY_1 = "2.16.840.1.101.3.2.1.48.1"; + private static readonly string NIST_TEST_POLICY_2 = "2.16.840.1.101.3.2.1.48.2"; + private static readonly string NIST_TEST_POLICY_3 = "2.16.840.1.101.3.2.1.48.3"; + + private static readonly IDictionary certs = new Hashtable(); + private static readonly IDictionary crls = new Hashtable(); + + private static readonly ISet noPolicies = new HashSet(); + private static readonly ISet anyPolicy = new HashSet(); + private static readonly ISet nistTestPolicy1 = new HashSet(); + private static readonly ISet nistTestPolicy2 = new HashSet(); + private static readonly ISet nistTestPolicy3 = new HashSet(); + private static readonly ISet nistTestPolicy1And2 = new HashSet(); + + static NistCertPathTest() + { + anyPolicy.Add(ANY_POLICY); + + nistTestPolicy1.Add(NIST_TEST_POLICY_1); + nistTestPolicy2.Add(NIST_TEST_POLICY_2); + nistTestPolicy3.Add(NIST_TEST_POLICY_3); + nistTestPolicy1And2.Add(NIST_TEST_POLICY_1); + nistTestPolicy1And2.Add(NIST_TEST_POLICY_2); + } + + [Test] + public void TestValidSignaturesTest1() + { + DoTest(TRUST_ANCHOR_ROOT_CERTIFICATE, + new string[] { "ValidCertificatePathTest1EE", GOOD_CA_CERT }, + new string[] { GOOD_CA_CRL, TRUST_ANCHOR_ROOT_CRL }); + } + + [Test] + public void TestInvalidCASignatureTest2() + { + DoExceptionTest(TRUST_ANCHOR_ROOT_CERTIFICATE, + new string[] { "ValidCertificatePathTest1EE", "BadSignedCACert" }, + new string[] { "BadSignedCACRL", TRUST_ANCHOR_ROOT_CRL }, + 1, + "TrustAnchor found but certificate validation failed."); + } + + [Test] + public void TestInvalidEESignatureTest3() + { + DoExceptionTest(TRUST_ANCHOR_ROOT_CERTIFICATE, + new string[] { GOOD_CA_CERT, "InvalidEESignatureTest3EE" }, + new string[] { TRUST_ANCHOR_ROOT_CRL, GOOD_CA_CRL }, + 0, + "Could not validate certificate signature."); + } + + [Test] + public void TestValidDSASignaturesTest4() + { + DoTest(TRUST_ANCHOR_ROOT_CERTIFICATE, + new string[] { "DSACACert", "ValidDSASignaturesTest4EE" }, + new string[] { TRUST_ANCHOR_ROOT_CRL, "DSACACRL" }); + } + + [Test] + // 4.1.5 + public void TestValidDSAParameterInheritanceTest5() + { + DoTest(TRUST_ANCHOR_ROOT_CERTIFICATE, + new string[] { "DSACACert", "DSAParametersInheritedCACert", "ValidDSAParameterInheritanceTest5EE" }, + new string[] { TRUST_ANCHOR_ROOT_CRL, "DSACACRL", "DSAParametersInheritedCACRL" }); + } + + [Test] + public void TestInvalidDSASignaturesTest6() + { + DoExceptionTest(TRUST_ANCHOR_ROOT_CERTIFICATE, + new string[] { "DSACACert", "InvalidDSASignatureTest6EE" }, + new string[] { TRUST_ANCHOR_ROOT_CRL, "DSACACRL" }, + 0, + "Could not validate certificate signature."); + } + + [Test] + public void TestCANotBeforeDateTest1() + { + DoExceptionTest(TRUST_ANCHOR_ROOT_CERTIFICATE, + new string[] { "BadnotBeforeDateCACert", "InvalidCAnotBeforeDateTest1EE" }, + new string[] { TRUST_ANCHOR_ROOT_CRL, "BadnotBeforeDateCACRL" }, + 1, + "Could not validate certificate: certificate not valid until 20470101120100GMT+00:00"); + } + + [Test] + public void TestInvalidEENotBeforeDateTest2() + { + DoExceptionTest(TRUST_ANCHOR_ROOT_CERTIFICATE, + new string[] { GOOD_CA_CERT, "InvalidEEnotBeforeDateTest2EE" }, + new string[] { TRUST_ANCHOR_ROOT_CRL, GOOD_CA_CRL }, + 0, + "Could not validate certificate: certificate not valid until 20470101120100GMT+00:00"); + } + + [Test] + public void TestValidPre2000UTCNotBeforeDateTest3() + { + DoTest(TRUST_ANCHOR_ROOT_CERTIFICATE, + new string[] { GOOD_CA_CERT, "Validpre2000UTCnotBeforeDateTest3EE" }, + new string[] { TRUST_ANCHOR_ROOT_CRL, GOOD_CA_CRL }); + } + + [Test] + public void TestValidGeneralizedTimeNotBeforeDateTest4() + { + DoTest(TRUST_ANCHOR_ROOT_CERTIFICATE, + new string[] { GOOD_CA_CERT, "ValidGeneralizedTimenotBeforeDateTest4EE" }, + new string[] { TRUST_ANCHOR_ROOT_CRL, GOOD_CA_CRL }); + } + + [Test] + public void TestInvalidCANotAfterDateTest5() + { + DoExceptionTest(TRUST_ANCHOR_ROOT_CERTIFICATE, + new string[] { "BadnotAfterDateCACert", "InvalidCAnotAfterDateTest5EE" }, + new string[] { TRUST_ANCHOR_ROOT_CRL, "BadnotAfterDateCACRL" }, + 1, + "Could not validate certificate: certificate expired on 20020101120100GMT+00:00"); + } + + [Test] + public void TestInvalidEENotAfterDateTest6() + { + DoExceptionTest(TRUST_ANCHOR_ROOT_CERTIFICATE, + new string[] { GOOD_CA_CERT, "InvalidEEnotAfterDateTest6EE" }, + new string[] { TRUST_ANCHOR_ROOT_CRL, GOOD_CA_CRL }, + 0, + "Could not validate certificate: certificate expired on 20020101120100GMT+00:00"); + } + + [Test] + public void TestInvalidValidPre2000UTCNotAfterDateTest7() + { + DoExceptionTest(TRUST_ANCHOR_ROOT_CERTIFICATE, + new string[] { GOOD_CA_CERT, "Invalidpre2000UTCEEnotAfterDateTest7EE" }, + new string[] { TRUST_ANCHOR_ROOT_CRL, GOOD_CA_CRL }, + 0, + "Could not validate certificate: certificate expired on 19990101120100GMT+00:00"); + } + + [Test] + public void TestInvalidNegativeSerialNumberTest15() + { + DoExceptionTest(TRUST_ANCHOR_ROOT_CERTIFICATE, + new string[] { "NegativeSerialNumberCACert", "InvalidNegativeSerialNumberTest15EE" }, + new string[] { TRUST_ANCHOR_ROOT_CRL, "NegativeSerialNumberCACRL" }, + 0, + // NOTE: Date/time part is locale-dependent + //"Certificate revocation after Thu Apr 19 14:57:20", + "Certificate revocation after", + "reason: keyCompromise"); + } + + // + // 4.8 Certificate Policies + // + [Test] + public void TestAllCertificatesSamePolicyTest1() + { + string[] certList = new string[] { GOOD_CA_CERT, "ValidCertificatePathTest1EE" }; + string[] crlList = new string[] { TRUST_ANCHOR_ROOT_CRL, GOOD_CA_CRL }; + + DoTest(TRUST_ANCHOR_ROOT_CERTIFICATE, + certList, + crlList, + noPolicies); + + DoTest(TRUST_ANCHOR_ROOT_CERTIFICATE, + certList, + crlList, + nistTestPolicy1); + + DoExceptionTest(TRUST_ANCHOR_ROOT_CERTIFICATE, + certList, + crlList, + nistTestPolicy2, + -1, + "Path processing failed on policy."); + + DoTest(TRUST_ANCHOR_ROOT_CERTIFICATE, + certList, + crlList, + nistTestPolicy1And2); + } + + [Test] + public void TestAllCertificatesNoPoliciesTest2() + { + DoTest(TRUST_ANCHOR_ROOT_CERTIFICATE, + new string[] { "NoPoliciesCACert", "AllCertificatesNoPoliciesTest2EE" }, + new string[] { TRUST_ANCHOR_ROOT_CRL, "NoPoliciesCACRL" }); + + DoExceptionTest(TRUST_ANCHOR_ROOT_CERTIFICATE, + new string[] { "NoPoliciesCACert", "AllCertificatesNoPoliciesTest2EE" }, + new string[] { TRUST_ANCHOR_ROOT_CRL, "NoPoliciesCACRL" }, + noPolicies, + 1, + "No valid policy tree found when one expected."); + } + + [Test] + public void TestDifferentPoliciesTest3() + { + DoTest(TRUST_ANCHOR_ROOT_CERTIFICATE, + new string[] { GOOD_CA_CERT, "PoliciesP2subCACert", "DifferentPoliciesTest3EE" }, + new string[] { TRUST_ANCHOR_ROOT_CRL, GOOD_CA_CRL, "PoliciesP2subCACRL" }); + + DoExceptionTest(TRUST_ANCHOR_ROOT_CERTIFICATE, + new string[] { GOOD_CA_CERT, "PoliciesP2subCACert", "DifferentPoliciesTest3EE" }, + new string[] { TRUST_ANCHOR_ROOT_CRL, GOOD_CA_CRL, "PoliciesP2subCACRL" }, + noPolicies, + 1, + "No valid policy tree found when one expected."); + + DoExceptionTest(TRUST_ANCHOR_ROOT_CERTIFICATE, + new string[] { GOOD_CA_CERT, "PoliciesP2subCACert", "DifferentPoliciesTest3EE" }, + new string[] { TRUST_ANCHOR_ROOT_CRL, GOOD_CA_CRL, "PoliciesP2subCACRL" }, + nistTestPolicy1And2, + 1, + "No valid policy tree found when one expected."); + } + + [Test] + public void TestDifferentPoliciesTest4() + { + DoExceptionTest(TRUST_ANCHOR_ROOT_CERTIFICATE, + new string[] { GOOD_CA_CERT, "GoodsubCACert", "DifferentPoliciesTest4EE" }, + new string[] { TRUST_ANCHOR_ROOT_CRL, GOOD_CA_CRL, "GoodsubCACRL" }, + 0, + "No valid policy tree found when one expected."); + } + + [Test] + public void TestDifferentPoliciesTest5() + { + DoExceptionTest(TRUST_ANCHOR_ROOT_CERTIFICATE, + new string[] { GOOD_CA_CERT, "PoliciesP2subCA2Cert", "DifferentPoliciesTest5EE" }, + new string[] { TRUST_ANCHOR_ROOT_CRL, GOOD_CA_CRL, "PoliciesP2subCA2CRL" }, + 0, + "No valid policy tree found when one expected."); + } + + [Test] + public void TestOverlappingPoliciesTest6() + { + string[] certList = new string[] { "PoliciesP1234CACert", "PoliciesP1234subCAP123Cert", "PoliciesP1234subsubCAP123P12Cert", "OverlappingPoliciesTest6EE" }; + string[] crlList = new string[] { TRUST_ANCHOR_ROOT_CRL, "PoliciesP1234CACRL", "PoliciesP1234subCAP123CRL", "PoliciesP1234subsubCAP123P12CRL" }; + + DoTest(TRUST_ANCHOR_ROOT_CERTIFICATE, certList, crlList); + + DoTest(TRUST_ANCHOR_ROOT_CERTIFICATE, certList, crlList, nistTestPolicy1); + + DoExceptionTest(TRUST_ANCHOR_ROOT_CERTIFICATE, certList, crlList, nistTestPolicy2, + -1, + "Path processing failed on policy."); + } + + [Test] + public void TestDifferentPoliciesTest7() + { + string[] certList = new string[] { "PoliciesP123CACert", "PoliciesP123subCAP12Cert", "PoliciesP123subsubCAP12P1Cert", "DifferentPoliciesTest7EE" }; + string[] crlList = new string[] { TRUST_ANCHOR_ROOT_CRL, "PoliciesP123CACRL", "PoliciesP123subCAP12CRL", "PoliciesP123subsubCAP12P1CRL" }; + + DoExceptionTest(TRUST_ANCHOR_ROOT_CERTIFICATE, certList, crlList, + 0, + "No valid policy tree found when one expected."); + } + + [Test] + public void TestDifferentPoliciesTest8() + { + string[] certList = new string[] { "PoliciesP12CACert", "PoliciesP12subCAP1Cert", "PoliciesP12subsubCAP1P2Cert", "DifferentPoliciesTest8EE" }; + string[] crlList = new string[] { TRUST_ANCHOR_ROOT_CRL, "PoliciesP12CACRL", "PoliciesP12subCAP1CRL", "PoliciesP12subsubCAP1P2CRL" }; + + DoExceptionTest(TRUST_ANCHOR_ROOT_CERTIFICATE, certList, crlList, + 1, + "No valid policy tree found when one expected."); + } + + [Test] + public void TestDifferentPoliciesTest9() + { + string[] certList = new string[] { "PoliciesP123CACert", "PoliciesP123subCAP12Cert", "PoliciesP123subsubCAP12P2Cert", "PoliciesP123subsubsubCAP12P2P1Cert", "DifferentPoliciesTest9EE" }; + string[] crlList = new string[] { TRUST_ANCHOR_ROOT_CRL, "PoliciesP123CACRL", "PoliciesP123subCAP12CRL", "PoliciesP123subsubCAP2P2CRL", "PoliciesP123subsubsubCAP12P2P1CRL" }; + + DoExceptionTest(TRUST_ANCHOR_ROOT_CERTIFICATE, certList, crlList, + 1, + "No valid policy tree found when one expected."); + } + + [Test] + public void TestAllCertificatesSamePoliciesTest10() + { + string[] certList = new string[] { "PoliciesP12CACert", "AllCertificatesSamePoliciesTest10EE" }; + string[] crlList = new string[] { TRUST_ANCHOR_ROOT_CRL, "PoliciesP12CACRL" }; + + DoTest(TRUST_ANCHOR_ROOT_CERTIFICATE, certList, crlList); + DoTest(TRUST_ANCHOR_ROOT_CERTIFICATE, certList, crlList, nistTestPolicy1); + DoTest(TRUST_ANCHOR_ROOT_CERTIFICATE, certList, crlList, nistTestPolicy2); + } + + [Test] + public void TestAllCertificatesAnyPolicyTest11() + { + string[] certList = new string[] { "anyPolicyCACert", "AllCertificatesanyPolicyTest11EE" }; + string[] crlList = new string[] { TRUST_ANCHOR_ROOT_CRL, "anyPolicyCACRL" }; + + PkixCertPathValidatorResult result = DoTest(TRUST_ANCHOR_ROOT_CERTIFICATE, certList, crlList); + + result = DoTest(TRUST_ANCHOR_ROOT_CERTIFICATE, certList, crlList, nistTestPolicy1); + } + + [Test] + public void TestDifferentPoliciesTest12() + { + string[] certList = new string[] { "PoliciesP3CACert", "DifferentPoliciesTest12EE" }; + string[] crlList = new string[] { TRUST_ANCHOR_ROOT_CRL, "PoliciesP3CACRL" }; + + DoExceptionTest(TRUST_ANCHOR_ROOT_CERTIFICATE, certList, crlList, + 0, + "No valid policy tree found when one expected."); + } + + [Test] + public void TestAllCertificatesSamePoliciesTest13() + { + string[] certList = new string[] { "PoliciesP123CACert", "AllCertificatesSamePoliciesTest13EE" }; + string[] crlList = new string[] { TRUST_ANCHOR_ROOT_CRL, "PoliciesP123CACRL" }; + + DoTest(TRUST_ANCHOR_ROOT_CERTIFICATE, certList, crlList, nistTestPolicy1); + DoTest(TRUST_ANCHOR_ROOT_CERTIFICATE, certList, crlList, nistTestPolicy2); + DoTest(TRUST_ANCHOR_ROOT_CERTIFICATE, certList, crlList, nistTestPolicy3); + } + + [Test] + public void TestAnyPolicyTest14() + { + string[] certList = new string[] { "anyPolicyCACert", "AnyPolicyTest14EE" }; + string[] crlList = new string[] { TRUST_ANCHOR_ROOT_CRL, "anyPolicyCACRL" }; + + DoTest(TRUST_ANCHOR_ROOT_CERTIFICATE, certList, crlList, nistTestPolicy1); + DoExceptionTest(TRUST_ANCHOR_ROOT_CERTIFICATE, certList, crlList, nistTestPolicy2, + -1, + "Path processing failed on policy."); + } + + [Test] + public void TestUserNoticeQualifierTest15() + { + string[] certList = new string[] { "UserNoticeQualifierTest15EE" }; + string[] crlList = new string[] { TRUST_ANCHOR_ROOT_CRL }; + + DoTest(TRUST_ANCHOR_ROOT_CERTIFICATE, certList, crlList); + DoTest(TRUST_ANCHOR_ROOT_CERTIFICATE, certList, crlList, nistTestPolicy1); + DoExceptionTest(TRUST_ANCHOR_ROOT_CERTIFICATE, certList, crlList, nistTestPolicy2, + -1, + "Path processing failed on policy."); + } + + [Test] + public void TestUserNoticeQualifierTest16() + { + string[] certList = new string[] { GOOD_CA_CERT, "UserNoticeQualifierTest16EE" }; + string[] crlList = new string[] { TRUST_ANCHOR_ROOT_CRL, GOOD_CA_CRL }; + + PkixCertPathValidatorResult result = DoTest(TRUST_ANCHOR_ROOT_CERTIFICATE, certList, crlList); + + result = DoTest(TRUST_ANCHOR_ROOT_CERTIFICATE, certList, crlList, nistTestPolicy1); + + DoExceptionTest(TRUST_ANCHOR_ROOT_CERTIFICATE, certList, crlList, nistTestPolicy2, + -1, + "Path processing failed on policy."); + } + + [Test] + public void TestUserNoticeQualifierTest17() + { + string[] certList = new string[] { GOOD_CA_CERT, "UserNoticeQualifierTest17EE" }; + string[] crlList = new string[] { TRUST_ANCHOR_ROOT_CRL, GOOD_CA_CRL }; + + DoTest(TRUST_ANCHOR_ROOT_CERTIFICATE, certList, crlList); + DoTest(TRUST_ANCHOR_ROOT_CERTIFICATE, certList, crlList, nistTestPolicy1); + DoExceptionTest(TRUST_ANCHOR_ROOT_CERTIFICATE, certList, crlList, nistTestPolicy2, + -1, + "Path processing failed on policy."); + } + + [Test] + public void TestUserNoticeQualifierTest18() + { + string[] certList = new string[] { "PoliciesP12CACert", "UserNoticeQualifierTest18EE" }; + string[] crlList = new string[] { TRUST_ANCHOR_ROOT_CRL, "PoliciesP12CACRL" }; + + DoTest(TRUST_ANCHOR_ROOT_CERTIFICATE, certList, crlList, nistTestPolicy1); + DoTest(TRUST_ANCHOR_ROOT_CERTIFICATE, certList, crlList, nistTestPolicy2); + } + + [Test] + public void TestUserNoticeQualifierTest19() + { + string[] certList = new string[] { "UserNoticeQualifierTest19EE" }; + string[] crlList = new string[] { TRUST_ANCHOR_ROOT_CRL }; + + DoTest(TRUST_ANCHOR_ROOT_CERTIFICATE, certList, crlList, nistTestPolicy1); + DoExceptionTest(TRUST_ANCHOR_ROOT_CERTIFICATE, certList, crlList, nistTestPolicy2, + -1, + "Path processing failed on policy."); + } + + [Test] + public void TestInvalidInhibitPolicyMappingTest1() + { + string[] certList = new string[] { "inhibitPolicyMapping0CACert", "inhibitPolicyMapping0subCACert", "InvalidinhibitPolicyMappingTest1EE" }; + string[] crlList = new string[] { TRUST_ANCHOR_ROOT_CRL, "inhibitPolicyMapping0CACRL", "inhibitPolicyMapping0subCACRL" }; + + DoExceptionTest(TRUST_ANCHOR_ROOT_CERTIFICATE, certList, crlList, null, + 0, + "No valid policy tree found when one expected."); + } + + [Test] + public void TestValidInhibitPolicyMappingTest2() + { + string[] certList = new string[] { "inhibitPolicyMapping1P12CACert", "inhibitPolicyMapping1P12subCACert", "ValidinhibitPolicyMappingTest2EE" }; + string[] crlList = new string[] { TRUST_ANCHOR_ROOT_CRL, "inhibitPolicyMapping1P12CACRL", "inhibitPolicyMapping1P12subCACRL" }; + + DoTest(TRUST_ANCHOR_ROOT_CERTIFICATE, certList, crlList, nistTestPolicy1); + } + + // 4.12.7 + [Test] + public void TestValidSelfIssuedInhibitAnyPolicyTest7() + { + string[] certList = new string[] { "inhibitAnyPolicy1CACert", "inhibitAnyPolicy1SelfIssuedCACert", "inhibitAnyPolicy1subCA2Cert", "ValidSelfIssuedinhibitAnyPolicyTest7EE" }; + string[] crlList = new string[] { TRUST_ANCHOR_ROOT_CRL, "inhibitAnyPolicy1CACRL", "inhibitAnyPolicy1subCA2CRL" }; + + DoBuilderTest(TRUST_ANCHOR_ROOT_CERTIFICATE, certList, crlList, null, false, false); + } + + // 4.4.19 + [Test] + public void TestValidSeparateCertificateandCRLKeysTest19() + { + string[] certList = new string[] { "SeparateCertificateandCRLKeysCertificateSigningCACert", "SeparateCertificateandCRLKeysCRLSigningCert", "ValidSeparateCertificateandCRLKeysTest19EE" }; + string[] crlList = new string[] { TRUST_ANCHOR_ROOT_CRL, "SeparateCertificateandCRLKeysCRL" }; + + DoBuilderTest(TRUST_ANCHOR_ROOT_CERTIFICATE, certList, crlList, null, false, false); + } + + [Test] + public void TestValidpathLenConstraintTest13() + { + string[] certList = new string[] { "pathLenConstraint6CACert", "pathLenConstraint6subCA4Cert", "pathLenConstraint6subsubCA41Cert", "pathLenConstraint6subsubsubCA41XCert", "ValidpathLenConstraintTest13EE" }; + string[] crlList = new string[] { TRUST_ANCHOR_ROOT_CRL, "pathLenConstraint6CACRL", "pathLenConstraint6subCA4CRL", "pathLenConstraint6subsubCA41CRL", "pathLenConstraint6subsubsubCA41XCRL" }; + + DoTest(TRUST_ANCHOR_ROOT_CERTIFICATE, certList, crlList, null); + } + + // 4.4.10 + [Test] + public void TestInvalidUnknownCRLExtensionTest10() + { + string[] certList = new string[] { "UnknownCRLExtensionCACert", "InvalidUnknownCRLExtensionTest10EE" }; + string[] crlList = new string[] { TRUST_ANCHOR_ROOT_CRL, "UnknownCRLExtensionCACRL" }; + + DoExceptionTest(TRUST_ANCHOR_ROOT_CERTIFICATE, certList, crlList, null, + 0, + "CRL contains unsupported critical extensions."); + } + + // 4.14.3 + [Test] + public void TestInvaliddistributionPointTest3() + { + string[] certList = new string[] { "distributionPoint1CACert", "InvaliddistributionPointTest3EE" }; + string[] crlList = new string[] { TRUST_ANCHOR_ROOT_CRL, "distributionPoint1CACRL" }; + + DoExceptionTest(TRUST_ANCHOR_ROOT_CERTIFICATE, certList, crlList, null, + 0, + "No match for certificate CRL issuing distribution point name to cRLIssuer CRL distribution point."); + } + + // 4.14.5 + [Test] + public void TestValiddistributionPointTest5() + { + string[] certList = new string[] { "distributionPoint2CACert", "ValiddistributionPointTest5EE" }; + string[] crlList = new string[] { TRUST_ANCHOR_ROOT_CRL, "distributionPoint2CACRL" }; + + DoTest(TRUST_ANCHOR_ROOT_CERTIFICATE, certList, crlList, null); + } + + // 4.14.8 + [Test] + public void TestInvaliddistributionPointTest8() + { + string[] certList = new string[] { "distributionPoint2CACert", "InvaliddistributionPointTest8EE" }; + string[] crlList = new string[] { TRUST_ANCHOR_ROOT_CRL, "distributionPoint2CACRL" }; + + DoExceptionTest(TRUST_ANCHOR_ROOT_CERTIFICATE, certList, crlList, null, + 0, + "No match for certificate CRL issuing distribution point name to cRLIssuer CRL distribution point."); + } + + // 4.14.9 + [Test] + public void TestInvaliddistributionPointTest9() + { + string[] certList = new string[] { "distributionPoint2CACert", "InvaliddistributionPointTest9EE" }; + string[] crlList = new string[] { TRUST_ANCHOR_ROOT_CRL, "distributionPoint2CACRL" }; + + DoExceptionTest(TRUST_ANCHOR_ROOT_CERTIFICATE, certList, crlList, null, + 0, + "No match for certificate CRL issuing distribution point name to cRLIssuer CRL distribution point."); + } + + // 4.14.17 + [Test] + public void TestInvalidonlySomeReasonsTest17() + { + string[] certList = new string[] { "onlySomeReasonsCA2Cert", "InvalidonlySomeReasonsTest17EE" }; + string[] crlList = new string[] { TRUST_ANCHOR_ROOT_CRL, "onlySomeReasonsCA2CRL1", "onlySomeReasonsCA2CRL2" }; + + DoExceptionTest(TRUST_ANCHOR_ROOT_CERTIFICATE, certList, crlList, null, + 0, + "Certificate status could not be determined."); + } + + // section 4.14: tests 17, 24, 25, 30, 31, 32, 33, 35 + + // section 4.15: tests 5, 7 + private void DoExceptionTest( + string trustAnchor, + string[] certs, + string[] crls, + int index, + string message) + { + try + { + DoTest(trustAnchor, certs, crls); + + Assert.Fail("path accepted when should be rejected"); + } + catch (PkixCertPathValidatorException e) + { + Assert.AreEqual(index, e.Index); + Assert.AreEqual(message, e.Message); + } + } + + private void DoExceptionTest( + string trustAnchor, + string[] certs, + string[] crls, + ISet policies, + int index, + string message) + { + try + { + DoTest(trustAnchor, certs, crls, policies); + + Assert.Fail("path accepted when should be rejected"); + } + catch (PkixCertPathValidatorException e) + { + Assert.AreEqual(index, e.Index); + Assert.AreEqual(message, e.Message); + } + } + + private void DoExceptionTest( + string trustAnchor, + string[] certs, + string[] crls, + int index, + string mesStart, + string mesEnd) + { + try + { + DoTest(trustAnchor, certs, crls); + + Assert.Fail("path accepted when should be rejected"); + } + catch (PkixCertPathValidatorException e) + { + Assert.AreEqual(index, e.Index); + Assert.IsTrue(e.Message.StartsWith(mesStart)); + Assert.IsTrue(e.Message.EndsWith(mesEnd)); + } + } + + private PkixCertPathValidatorResult DoTest( + string trustAnchor, + string[] certs, + string[] crls) + { + return DoTest(trustAnchor, certs, crls, null); + } + + private PkixCertPathValidatorResult DoTest( + string trustAnchor, + string[] certs, + string[] crls, + ISet policies) + { + ISet trustedSet = new HashSet(); + trustedSet.Add(GetTrustAnchor(trustAnchor)); + + IList x509Certs = new ArrayList(); + IList x509Crls = new ArrayList(); + X509Certificate endCert = LoadCert(certs[certs.Length - 1]); + + for (int i = 0; i != certs.Length - 1; i++) + { + x509Certs.Add(LoadCert(certs[i])); + } + + x509Certs.Add(endCert); + + PkixCertPath certPath = new PkixCertPath(x509Certs); + + for (int i = 0; i != crls.Length; i++) + { + x509Crls.Add(LoadCrl(crls[i])); + } + + IX509Store x509CertStore = X509StoreFactory.Create( + "Certificate/Collection", + new X509CollectionStoreParameters(x509Certs)); + IX509Store x509CrlStore = X509StoreFactory.Create( + "CRL/Collection", + new X509CollectionStoreParameters(x509Crls)); + + PkixCertPathValidator validator = new PkixCertPathValidator(); + PkixParameters parameters = new PkixParameters(trustedSet); + + parameters.AddStore(x509CertStore); + parameters.AddStore(x509CrlStore); + parameters.IsRevocationEnabled = true; + + if (policies != null) + { + parameters.IsExplicitPolicyRequired = true; + parameters.SetInitialPolicies(policies); + } + + // Perform validation as of this date since test certs expired + parameters.Date = new DateTimeObject(DateTime.Parse("1/1/2011")); + + return validator.Validate(certPath, parameters); + } + + private PkixCertPathBuilderResult DoBuilderTest( + string trustAnchor, + string[] certs, + string[] crls, + ISet initialPolicies, + bool policyMappingInhibited, + bool anyPolicyInhibited) + { + ISet trustedSet = new HashSet(); + trustedSet.Add(GetTrustAnchor(trustAnchor)); + + IList x509Certs = new ArrayList(); + IList x509Crls = new ArrayList(); + X509Certificate endCert = LoadCert(certs[certs.Length - 1]); + + for (int i = 0; i != certs.Length - 1; i++) + { + x509Certs.Add(LoadCert(certs[i])); + } + + x509Certs.Add(endCert); + + for (int i = 0; i != crls.Length; i++) + { + x509Crls.Add(LoadCrl(crls[i])); + } + + IX509Store x509CertStore = X509StoreFactory.Create( + "Certificate/Collection", + new X509CollectionStoreParameters(x509Certs)); + IX509Store x509CrlStore = X509StoreFactory.Create( + "CRL/Collection", + new X509CollectionStoreParameters(x509Crls)); + + PkixCertPathBuilder builder = new PkixCertPathBuilder(); + + X509CertStoreSelector endSelector = new X509CertStoreSelector(); + + endSelector.Certificate = endCert; + + PkixBuilderParameters builderParams = new PkixBuilderParameters(trustedSet, endSelector); + + if (initialPolicies != null) + { + builderParams.SetInitialPolicies(initialPolicies); + builderParams.IsExplicitPolicyRequired = true; + } + if (policyMappingInhibited) + { + builderParams.IsPolicyMappingInhibited = policyMappingInhibited; + } + if (anyPolicyInhibited) + { + builderParams.IsAnyPolicyInhibited = anyPolicyInhibited; + } + + builderParams.AddStore(x509CertStore); + builderParams.AddStore(x509CrlStore); + + // Perform validation as of this date since test certs expired + builderParams.Date = new DateTimeObject(DateTime.Parse("1/1/2011")); + + try + { + return (PkixCertPathBuilderResult) builder.Build(builderParams); + } + catch (PkixCertPathBuilderException e) + { + throw e.InnerException; + } + } + + private X509Certificate LoadCert(string certName) + { + X509Certificate cert = (X509Certificate)certs[certName]; + if (null != cert) + return cert; + + Stream fs = null; + + try + { + fs = SimpleTest.GetTestDataAsStream("PKITS.certs." + certName + ".crt"); + cert = new X509CertificateParser().ReadCertificate(fs); + certs[certName] = cert; + return cert; + } + catch (Exception e) + { + throw new InvalidOperationException("exception loading certificate " + certName + ": " + e); + } + finally + { + fs.Close(); + } + } + + private X509Crl LoadCrl(string crlName) + { + X509Crl crl = (X509Crl)crls[crlName]; + if (null != crl) + return crl; + + Stream fs = null; + + try + { + fs = SimpleTest.GetTestDataAsStream("PKITS.crls." + crlName + ".crl"); + crl = new X509CrlParser().ReadCrl(fs); + crls[crlName] = crl; + return crl; + } + catch (Exception) + { + throw new InvalidOperationException("exception loading CRL: " + crlName); + } + finally + { + fs.Close(); + } + } + + private TrustAnchor GetTrustAnchor(string trustAnchorName) + { + X509Certificate cert = LoadCert(trustAnchorName); + Asn1OctetString extBytes = cert.GetExtensionValue(X509Extensions.NameConstraints); + + if (extBytes != null) + { + Asn1Encodable extValue = X509ExtensionUtilities.FromExtensionValue(extBytes); + + return new TrustAnchor(cert, extValue.GetDerEncoded()); + } + + return new TrustAnchor(cert, null); + } + } +} diff --git a/BouncyCastle/crypto/test/src/test/nist/NistCertPathTest2.cs b/BouncyCastle/crypto/test/src/test/nist/NistCertPathTest2.cs new file mode 100644 index 0000000..e9dd7f9 --- /dev/null +++ b/BouncyCastle/crypto/test/src/test/nist/NistCertPathTest2.cs @@ -0,0 +1,499 @@ +using System; +using System.Collections; +using System.IO; +using System.Reflection; + +using NUnit.Framework; + +using Org.BouncyCastle.Asn1; +using Org.BouncyCastle.Asn1.X509; +using Org.BouncyCastle.Pkix; +using Org.BouncyCastle.Utilities.Collections; +using Org.BouncyCastle.Utilities.Date; +using Org.BouncyCastle.Utilities.Test; +using Org.BouncyCastle.X509; +using Org.BouncyCastle.X509.Extension; +using Org.BouncyCastle.X509.Store; + +namespace Org.BouncyCastle.Tests.Nist +{ + /** + * NIST CertPath test data for RFC 3280 + */ + [TestFixture] + public class NistCertPathTest2 + { + private static readonly string ANY_POLICY = "2.5.29.32.0"; + private static readonly string NIST_TEST_POLICY_1 = "2.16.840.1.101.3.2.1.48.1"; + private static readonly string NIST_TEST_POLICY_2 = "2.16.840.1.101.3.2.1.48.2"; + private static readonly string NIST_TEST_POLICY_3 = "2.16.840.1.101.3.2.1.48.3"; + + private static readonly IDictionary certs = new Hashtable(); + private static readonly IDictionary crls = new Hashtable(); + + private static readonly ISet noPolicies = new HashSet(); + private static readonly ISet anyPolicy = new HashSet(); + private static readonly ISet nistTestPolicy1 = new HashSet(); + private static readonly ISet nistTestPolicy2 = new HashSet(); + private static readonly ISet nistTestPolicy3 = new HashSet(); + private static readonly ISet nistTestPolicy1And2 = new HashSet(); + + static NistCertPathTest2() + { + anyPolicy.Add(ANY_POLICY); + + nistTestPolicy1.Add(NIST_TEST_POLICY_1); + nistTestPolicy2.Add(NIST_TEST_POLICY_2); + nistTestPolicy3.Add(NIST_TEST_POLICY_3); + nistTestPolicy1And2.Add(NIST_TEST_POLICY_1); + nistTestPolicy1And2.Add(NIST_TEST_POLICY_2); + } + + // 4.13 + [Test] + public void TestValidDNnameConstraintsTest1() + { + DoTest("TrustAnchorRootCertificate", + new string[] { "ValidDNnameConstraintsTest1EE", "nameConstraintsDN1CACert" }, + new string[] { "nameConstraintsDN1CACRL", "TrustAnchorRootCRL" }); + } + + [Test] + public void TestInvalidDNnameConstraintsTest2() + { + DoExceptionTest("TrustAnchorRootCertificate", + new string[]{"InvalidDNnameConstraintsTest2EE", "nameConstraintsDN1CACert"}, + new string[]{"nameConstraintsDN1CACRL", "TrustAnchorRootCRL"}, + 0, + "Subtree check for certificate subject failed."); + } + + [Test] + public void TestInvalidDNnameConstraintsTest3() + { + DoExceptionTest("TrustAnchorRootCertificate", + new string[]{"InvalidDNnameConstraintsTest3EE", "nameConstraintsDN1CACert"}, + new string[]{"nameConstraintsDN1CACRL", "TrustAnchorRootCRL"}, + 0, + "Subtree check for certificate subject alternative name failed."); + } + + [Test] + public void TestValidDNnameConstraintsTest4() + { + DoTest("TrustAnchorRootCertificate", + new string[] { "ValidDNnameConstraintsTest4EE", "nameConstraintsDN1CACert" }, + new string[] { "nameConstraintsDN1CACRL", "TrustAnchorRootCRL" }); + } + + [Test] + public void TestValidDNnameConstraintsTest5() + { + DoTest("TrustAnchorRootCertificate", + new string[] { "ValidDNnameConstraintsTest5EE", "nameConstraintsDN2CACert" }, + new string[] { "nameConstraintsDN2CACRL", "TrustAnchorRootCRL" }); + } + + [Test] + public void TestValidDNnameConstraintsTest6() + { + DoTest("TrustAnchorRootCertificate", + new string[] { "ValidDNnameConstraintsTest6EE", "nameConstraintsDN3CACert" }, + new string[] { "nameConstraintsDN3CACRL", "TrustAnchorRootCRL" }); + } + + [Test] + public void TestInvalidDNnameConstraintsTest7() + { + DoExceptionTest("TrustAnchorRootCertificate", + new string[]{"InvalidDNnameConstraintsTest7EE", "nameConstraintsDN3CACert"}, + new string[]{"nameConstraintsDN3CACRL", "TrustAnchorRootCRL"}, + 0, + "Subtree check for certificate subject failed."); + } + + [Test] + public void TestInvalidDNnameConstraintsTest8() + { + DoExceptionTest("TrustAnchorRootCertificate", + new string[]{"InvalidDNnameConstraintsTest8EE", "nameConstraintsDN4CACert"}, + new string[]{"nameConstraintsDN4CACRL", "TrustAnchorRootCRL"}, + 0, + "Subtree check for certificate subject failed."); + } + + [Test] + public void TestInvalidDNnameConstraintsTest9() + { + DoExceptionTest("TrustAnchorRootCertificate", + new string[]{"InvalidDNnameConstraintsTest9EE", "nameConstraintsDN4CACert"}, + new string[]{"nameConstraintsDN4CACRL", "TrustAnchorRootCRL"}, + 0, + "Subtree check for certificate subject failed."); + } + + [Test] + public void TestInvalidDNnameConstraintsTest10() + { + DoExceptionTest("TrustAnchorRootCertificate", + new string[]{"InvalidDNnameConstraintsTest10EE", "nameConstraintsDN5CACert"}, + new string[]{"nameConstraintsDN5CACRL", "TrustAnchorRootCRL"}, + 0, + "Subtree check for certificate subject failed."); + } + + [Test] + public void TestValidDNnameConstraintsTest11() + { + DoTest("TrustAnchorRootCertificate", + new string[] { "ValidDNnameConstraintsTest11EE", "nameConstraintsDN5CACert" }, + new string[] { "nameConstraintsDN5CACRL", "TrustAnchorRootCRL" }); + } + + [Test] + public void TestInvalidDNnameConstraintsTest12() + { + DoExceptionTest("TrustAnchorRootCertificate", + new string[]{"InvalidDNnameConstraintsTest10EE", "nameConstraintsDN5CACert"}, + new string[]{"nameConstraintsDN5CACRL", "TrustAnchorRootCRL"}, + 0, + "Subtree check for certificate subject failed."); + } + + [Test] + public void TestInvalidDNnameConstraintsTest13() + { + DoExceptionTest("TrustAnchorRootCertificate", + new string[]{"InvalidDNnameConstraintsTest13EE", "nameConstraintsDN1subCA2Cert", "nameConstraintsDN1CACert"}, + new string[]{"nameConstraintsDN1subCA2CRL", "nameConstraintsDN1CACRL", "TrustAnchorRootCRL"}, + 0, + "Subtree check for certificate subject failed."); + } + + [Test] + public void TestValidDNnameConstraintsTest14() + { + DoTest("TrustAnchorRootCertificate", + new string[] { "ValidDNnameConstraintsTest14EE", "nameConstraintsDN1subCA2Cert", "nameConstraintsDN1CACert" }, + new string[] { "nameConstraintsDN1subCA2CRL", "nameConstraintsDN1CACRL", "TrustAnchorRootCRL" }); + } + + [Test] + public void TestInvalidDNnameConstraintsTest15() + { + DoExceptionTest("TrustAnchorRootCertificate", + new string[]{"InvalidDNnameConstraintsTest15EE", "nameConstraintsDN3subCA1Cert", "nameConstraintsDN3CACert"}, + new string[]{"nameConstraintsDN3subCA1CRL", "nameConstraintsDN3CACRL", "TrustAnchorRootCRL"}, + 0, + "Subtree check for certificate subject failed."); + } + + [Test] + public void TestInvalidDNnameConstraintsTest16() + { + DoExceptionTest("TrustAnchorRootCertificate", + new string[]{"InvalidDNnameConstraintsTest16EE", "nameConstraintsDN3subCA1Cert", "nameConstraintsDN3CACert"}, + new string[]{"nameConstraintsDN3subCA1CRL", "nameConstraintsDN3CACRL", "TrustAnchorRootCRL"}, + 0, + "Subtree check for certificate subject failed."); + } + + [Test] + public void TestInvalidDNnameConstraintsTest17() + { + DoExceptionTest("TrustAnchorRootCertificate", + new string[]{"InvalidDNnameConstraintsTest17EE", "nameConstraintsDN3subCA2Cert", "nameConstraintsDN3CACert"}, + new string[]{"nameConstraintsDN3subCA2CRL", "nameConstraintsDN3CACRL", "TrustAnchorRootCRL"}, + 0, + "Subtree check for certificate subject failed."); + } + + [Test] + public void TestValidDNnameConstraintsTest18() + { + DoTest("TrustAnchorRootCertificate", + new string[] { "ValidDNnameConstraintsTest18EE", "nameConstraintsDN3subCA2Cert", "nameConstraintsDN3CACert" }, + new string[] { "nameConstraintsDN3subCA2CRL", "nameConstraintsDN3CACRL", "TrustAnchorRootCRL" }); + } + + [Test] + public void TestValidDNnameConstraintsTest19() + { + DoBuilderTest("TrustAnchorRootCertificate", + new string[] { "ValidDNnameConstraintsTest19EE", "nameConstraintsDN1SelfIssuedCACert", "nameConstraintsDN1CACert" }, + new string[] { "nameConstraintsDN1CACRL", "TrustAnchorRootCRL" }, + null, false, false); + } + + [Test] + public void TestInvalidDNnameConstraintsTest20() + { + DoExceptionTest("TrustAnchorRootCertificate", + new string[]{"InvalidDNnameConstraintsTest20EE", "nameConstraintsDN1CACert"}, + new string[]{"nameConstraintsDN1CACRL", "TrustAnchorRootCRL"}, + 0, + "CertPath for CRL signer failed to validate."); // due to a subtree failure + } + + private void DoExceptionTest( + string trustAnchor, + string[] certs, + string[] crls, + int index, + string message) + { + try + { + DoTest(trustAnchor, certs, crls); + + Assert.Fail("path accepted when should be rejected"); + } + catch (PkixCertPathValidatorException e) + { + Assert.AreEqual(index, e.Index); + Assert.AreEqual(message, e.Message); + } + } + + private void DoExceptionTest( + string trustAnchor, + string[] certs, + string[] crls, + ISet policies, + int index, + string message) + { + try + { + DoTest(trustAnchor, certs, crls, policies); + + Assert.Fail("path accepted when should be rejected"); + } + catch (PkixCertPathValidatorException e) + { + Assert.AreEqual(index, e.Index); + Assert.AreEqual(message, e.Message); + } + } + + private void DoExceptionTest( + string trustAnchor, + string[] certs, + string[] crls, + int index, + string mesStart, + string mesEnd) + { + try + { + DoTest(trustAnchor, certs, crls); + + Assert.Fail("path accepted when should be rejected"); + } + catch (PkixCertPathValidatorException e) + { + Assert.AreEqual(index, e.Index); + Assert.IsTrue(e.Message.StartsWith(mesStart)); + Assert.IsTrue(e.Message.EndsWith(mesEnd)); + } + } + + private PkixCertPathValidatorResult DoTest( + string trustAnchor, + string[] certs, + string[] crls) + { + return DoTest(trustAnchor, certs, crls, null); + } + + private PkixCertPathValidatorResult DoTest( + string trustAnchor, + string[] certs, + string[] crls, + ISet policies) + { + ISet trustedSet = new HashSet(); + trustedSet.Add(GetTrustAnchor(trustAnchor)); + + IList x509Certs = new ArrayList(); + IList x509Crls = new ArrayList(); + X509Certificate endCert = LoadCert(certs[certs.Length - 1]); + + for (int i = 0; i != certs.Length - 1; i++) + { + x509Certs.Add(LoadCert(certs[i])); + } + + x509Certs.Add(endCert); + + PkixCertPath certPath = new PkixCertPath(x509Certs); + + for (int i = 0; i != crls.Length; i++) + { + x509Crls.Add(LoadCrl(crls[i])); + } + + IX509Store x509CertStore = X509StoreFactory.Create( + "Certificate/Collection", + new X509CollectionStoreParameters(x509Certs)); + IX509Store x509CrlStore = X509StoreFactory.Create( + "CRL/Collection", + new X509CollectionStoreParameters(x509Crls)); + + PkixCertPathValidator validator = new PkixCertPathValidator(); + PkixParameters parameters = new PkixParameters(trustedSet); + + parameters.AddStore(x509CertStore); + parameters.AddStore(x509CrlStore); + parameters.IsRevocationEnabled = true; + + if (policies != null) + { + parameters.IsExplicitPolicyRequired = true; + parameters.SetInitialPolicies(policies); + } + + // Perform validation as of this date since test certs expired + parameters.Date = new DateTimeObject(DateTime.Parse("1/1/2011")); + + return validator.Validate(certPath, parameters); + } + + private PkixCertPathBuilderResult DoBuilderTest( + string trustAnchor, + string[] certs, + string[] crls, + ISet initialPolicies, + bool policyMappingInhibited, + bool anyPolicyInhibited) + { + ISet trustedSet = new HashSet(); + trustedSet.Add(GetTrustAnchor(trustAnchor)); + + IList x509Certs = new ArrayList(); + IList x509Crls = new ArrayList(); + X509Certificate endCert = LoadCert(certs[certs.Length - 1]); + + for (int i = 0; i != certs.Length - 1; i++) + { + x509Certs.Add(LoadCert(certs[i])); + } + + x509Certs.Add(endCert); + + for (int i = 0; i != crls.Length; i++) + { + x509Crls.Add(LoadCrl(crls[i])); + } + + IX509Store x509CertStore = X509StoreFactory.Create( + "Certificate/Collection", + new X509CollectionStoreParameters(x509Certs)); + IX509Store x509CrlStore = X509StoreFactory.Create( + "CRL/Collection", + new X509CollectionStoreParameters(x509Crls)); + + PkixCertPathBuilder builder = new PkixCertPathBuilder(); + + X509CertStoreSelector endSelector = new X509CertStoreSelector(); + + endSelector.Certificate = endCert; + + PkixBuilderParameters builderParams = new PkixBuilderParameters(trustedSet, endSelector); + + if (initialPolicies != null) + { + builderParams.SetInitialPolicies(initialPolicies); + builderParams.IsExplicitPolicyRequired = true; + } + if (policyMappingInhibited) + { + builderParams.IsPolicyMappingInhibited = policyMappingInhibited; + } + if (anyPolicyInhibited) + { + builderParams.IsAnyPolicyInhibited = anyPolicyInhibited; + } + + builderParams.AddStore(x509CertStore); + builderParams.AddStore(x509CrlStore); + + // Perform validation as of this date since test certs expired + builderParams.Date = new DateTimeObject(DateTime.Parse("1/1/2011")); + + try + { + return (PkixCertPathBuilderResult)builder.Build(builderParams); + } + catch (PkixCertPathBuilderException e) + { + throw e.InnerException; + } + } + + private X509Certificate LoadCert(string certName) + { + X509Certificate cert = (X509Certificate)certs[certName]; + if (null != cert) + return cert; + + Stream fs = null; + + try + { + fs = SimpleTest.GetTestDataAsStream("PKITS.certs." + certName + ".crt"); + cert = new X509CertificateParser().ReadCertificate(fs); + certs[certName] = cert; + return cert; + } + catch (Exception e) + { + throw new InvalidOperationException("exception loading certificate " + certName + ": " + e); + } + finally + { + fs.Close(); + } + } + + private X509Crl LoadCrl(string crlName) + { + X509Crl crl = (X509Crl)crls[crlName]; + if (null != crl) + return crl; + + Stream fs = null; + + try + { + fs = SimpleTest.GetTestDataAsStream("PKITS.crls." + crlName + ".crl"); + crl = new X509CrlParser().ReadCrl(fs); + crls[crlName] = crl; + return crl; + } + catch (Exception) + { + throw new InvalidOperationException("exception loading CRL: " + crlName); + } + finally + { + fs.Close(); + } + } + + private TrustAnchor GetTrustAnchor(string trustAnchorName) + { + X509Certificate cert = LoadCert(trustAnchorName); + Asn1OctetString extBytes = cert.GetExtensionValue(X509Extensions.NameConstraints); + + if (extBytes != null) + { + Asn1Encodable extValue = X509ExtensionUtilities.FromExtensionValue(extBytes); + + return new TrustAnchor(cert, extValue.GetDerEncoded()); + } + + return new TrustAnchor(cert, null); + } + } +} diff --git a/BouncyCastle/crypto/test/src/test/rsa3/RSA3CertTest.cs b/BouncyCastle/crypto/test/src/test/rsa3/RSA3CertTest.cs new file mode 100644 index 0000000..913f4f0 --- /dev/null +++ b/BouncyCastle/crypto/test/src/test/rsa3/RSA3CertTest.cs @@ -0,0 +1,127 @@ +using System; +using System.IO; + +using NUnit.Framework; + +using Org.BouncyCastle.Crypto; +using Org.BouncyCastle.OpenSsl; +using Org.BouncyCastle.Security; +using Org.BouncyCastle.Utilities.Test; +using Org.BouncyCastle.X509; + +namespace Org.BouncyCastle.Tests.Rsa3 +{ + /** + * Marius Schilder's Bleichenbacher's Forgery Attack Tests + */ + [TestFixture] + public class RSA3CertTest + //extends TestCase + { + [Test] + public void TestA() + { + doTest("self-testcase-A.pem"); + } + + [Test] + public void TestB() + { + doTest("self-testcase-B.pem"); + } + + [Test] + public void TestC() + { + doTest("self-testcase-C.pem"); + } + + [Test] + public void TestD() + { + doTest("self-testcase-D.pem"); + } + + [Test] + public void TestE() + { + doTest("self-testcase-E.pem"); + } + + [Test] + public void TestF() + { + doTest("self-testcase-F.pem"); + } + + [Test] + public void TestG() + { + doTest("self-testcase-G.pem"); + } + + [Test] + public void TestH() + { + doTest("self-testcase-H.pem"); + } + + [Test] + public void TestI() + { + doTest("self-testcase-I.pem"); + } + + [Test] + public void TestJ() + { + doTest("self-testcase-J.pem"); + } + + [Test] + public void TestL() + { + doTest("self-testcase-L.pem"); + } + + private void doTest( + string certName) + { + X509Certificate cert = loadCert(certName); + byte[] tbs = cert.GetTbsCertificate(); + ISigner sig = SignerUtilities.GetSigner(cert.SigAlgName); + + sig.Init(false, cert.GetPublicKey()); + + sig.BlockUpdate(tbs, 0, tbs.Length); + + Assert.IsFalse(sig.VerifySignature(cert.GetSignature())); + } + + private X509Certificate loadCert( + string certName) + { + Stream s = SimpleTest.GetTestDataAsStream("rsa3." + certName); + TextReader tr = new StreamReader(s); + PemReader rd = new PemReader(tr); + + return (X509Certificate) rd.ReadObject(); + } + +// public static void main (string[] args) +// throws Exception +// { +// junit.textui.TestRunner.run(suite()); +// } +// +// public static Test suite() +// throws Exception +// { +// TestSuite suite = new TestSuite("Bleichenbacher's Forgery Attack Tests"); +// +// suite.addTestSuite(RSA3CertTest.class); +// +// return suite; +// } + } +} diff --git a/BouncyCastle/crypto/test/src/tls/crypto/test/BcTlsCryptoTest.cs b/BouncyCastle/crypto/test/src/tls/crypto/test/BcTlsCryptoTest.cs new file mode 100644 index 0000000..a274cc5 --- /dev/null +++ b/BouncyCastle/crypto/test/src/tls/crypto/test/BcTlsCryptoTest.cs @@ -0,0 +1,811 @@ +using System; +using System.Collections; +using System.IO; + +using NUnit.Framework; + +using Org.BouncyCastle.Math; +using Org.BouncyCastle.Security; +using Org.BouncyCastle.Tls.Crypto.Impl.BC; +using Org.BouncyCastle.Tls.Tests; +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Tls.Crypto.Tests +{ + [TestFixture] + public class BcTlsCryptoTest + { + private static readonly byte[] ClientHello = Hex("01 00 00 c0 03 03 cb 34 ec b1 e7 81 63" + + "ba 1c 38 c6 da cb 19 6a 6d ff a2 1a 8d 99 12 ec 18 a2 ef 62 83" + + "02 4d ec e7 00 00 06 13 01 13 03 13 02 01 00 00 91 00 00 00 0b" + + "00 09 00 00 06 73 65 72 76 65 72 ff 01 00 01 00 00 0a 00 14 00" + + "12 00 1d 00 17 00 18 00 19 01 00 01 01 01 02 01 03 01 04 00 23" + + "00 00 00 33 00 26 00 24 00 1d 00 20 99 38 1d e5 60 e4 bd 43 d2" + + "3d 8e 43 5a 7d ba fe b3 c0 6e 51 c1 3c ae 4d 54 13 69 1e 52 9a" + + "af 2c 00 2b 00 03 02 03 04 00 0d 00 20 00 1e 04 03 05 03 06 03" + + "02 03 08 04 08 05 08 06 04 01 05 01 06 01 02 01 04 02 05 02 06" + + "02 02 02 00 2d 00 02 01 01 00 1c 00 02 40 01"); + private static readonly byte[] ServerHello = Hex("02 00 00 56 03 03 a6 af 06 a4 12 18 60" + + "dc 5e 6e 60 24 9c d3 4c 95 93 0c 8a c5 cb 14 34 da c1 55 77 2e" + + "d3 e2 69 28 00 13 01 00 00 2e 00 33 00 24 00 1d 00 20 c9 82 88" + + "76 11 20 95 fe 66 76 2b db f7 c6 72 e1 56 d6 cc 25 3b 83 3d f1" + + "dd 69 b1 b0 4e 75 1f 0f 00 2b 00 02 03 04"); + private static readonly byte[] EncryptedExtensions = Hex("08 00 00 24 00 22 00 0a 00 14 00" + + "12 00 1d 00 17 00 18 00 19 01 00 01 01 01 02 01 03 01 04 00 1c" + + "00 02 40 01 00 00 00 00"); + private static readonly byte[] Certificate = Hex("0b 00 01 b9 00 00 01 b5 00 01 b0 30 82" + + "01 ac 30 82 01 15 a0 03 02 01 02 02 01 02 30 0d 06 09 2a 86 48" + + "86 f7 0d 01 01 0b 05 00 30 0e 31 0c 30 0a 06 03 55 04 03 13 03" + + "72 73 61 30 1e 17 0d 31 36 30 37 33 30 30 31 32 33 35 39 5a 17" + + "0d 32 36 30 37 33 30 30 31 32 33 35 39 5a 30 0e 31 0c 30 0a 06" + + "03 55 04 03 13 03 72 73 61 30 81 9f 30 0d 06 09 2a 86 48 86 f7" + + "0d 01 01 01 05 00 03 81 8d 00 30 81 89 02 81 81 00 b4 bb 49 8f" + + "82 79 30 3d 98 08 36 39 9b 36 c6 98 8c 0c 68 de 55 e1 bd b8 26" + + "d3 90 1a 24 61 ea fd 2d e4 9a 91 d0 15 ab bc 9a 95 13 7a ce 6c" + + "1a f1 9e aa 6a f9 8c 7c ed 43 12 09 98 e1 87 a8 0e e0 cc b0 52" + + "4b 1b 01 8c 3e 0b 63 26 4d 44 9a 6d 38 e2 2a 5f da 43 08 46 74" + + "80 30 53 0e f0 46 1c 8c a9 d9 ef bf ae 8e a6 d1 d0 3e 2b d1 93" + + "ef f0 ab 9a 80 02 c4 74 28 a6 d3 5a 8d 88 d7 9f 7f 1e 3f 02 03" + + "01 00 01 a3 1a 30 18 30 09 06 03 55 1d 13 04 02 30 00 30 0b 06" + + "03 55 1d 0f 04 04 03 02 05 a0 30 0d 06 09 2a 86 48 86 f7 0d 01" + + "01 0b 05 00 03 81 81 00 85 aa d2 a0 e5 b9 27 6b 90 8c 65 f7 3a" + + "72 67 17 06 18 a5 4c 5f 8a 7b 33 7d 2d f7 a5 94 36 54 17 f2 ea" + + "e8 f8 a5 8c 8f 81 72 f9 31 9c f3 6b 7f d6 c5 5b 80 f2 1a 03 01" + + "51 56 72 60 96 fd 33 5e 5e 67 f2 db f1 02 70 2e 60 8c ca e6 be" + + "c1 fc 63 a4 2a 99 be 5c 3e b7 10 7c 3c 54 e9 b9 eb 2b d5 20 3b" + + "1c 3b 84 e0 a8 b2 f7 59 40 9b a3 ea c9 d9 1d 40 2d cc 0c c8 f8" + + "96 12 29 ac 91 87 b4 2b 4d e1 00 00"); + private static readonly byte[] CertificateVerify = Hex("0f 00 00 84 08 04 00 80 5a 74 7c" + + "5d 88 fa 9b d2 e5 5a b0 85 a6 10 15 b7 21 1f 82 4c d4 84 14 5a" + + "b3 ff 52 f1 fd a8 47 7b 0b 7a bc 90 db 78 e2 d3 3a 5c 14 1a 07" + + "86 53 fa 6b ef 78 0c 5e a2 48 ee aa a7 85 c4 f3 94 ca b6 d3 0b" + + "be 8d 48 59 ee 51 1f 60 29 57 b1 54 11 ac 02 76 71 45 9e 46 44" + + "5c 9e a5 8c 18 1e 81 8e 95 b8 c3 fb 0b f3 27 84 09 d3 be 15 2a" + + "3d a5 04 3e 06 3d da 65 cd f5 ae a2 0d 53 df ac d4 2f 74 f3"); + private static readonly byte[] ServerFinished = Hex("14 00 00 20 9b 9b 14 1d 90 63 37 fb d2 cb" + + "dc e7 1d f4 de da 4a b4 2c 30 95 72 cb 7f ff ee 54 54 b7 8f 07" + + "18"); + private static readonly byte[] ClientFinished = Hex("14 00 00 20 a8 ec 43 6d 67 76 34 ae 52 5a" + + "c1 fc eb e1 1a 03 9e c1 76 94 fa c6 e9 85 27 b6 42 f2 ed d5 ce" + + "61"); + + private readonly TlsCrypto m_crypto = new BcTlsCrypto(new SecureRandom()); + + protected TlsCredentialedSigner LoadCredentialedSigner(TlsCryptoParameters cryptoParams, string resource, + SignatureAndHashAlgorithm signatureAndHashAlgorithm) + { + return TlsTestUtilities.LoadSignerCredentials(cryptoParams, m_crypto, + new string[]{ "x509-server-" + resource + ".pem" }, "x509-server-key-" + resource + ".pem", + signatureAndHashAlgorithm); + } + + protected TlsCredentialedSigner LoadCredentialedSignerLegacy(TlsCryptoParameters cryptoParams, + short signatureAlgorithm) + { + switch (signatureAlgorithm) + { + case SignatureAlgorithm.dsa: + return LoadCredentialedSigner(cryptoParams, "dsa", null); + case SignatureAlgorithm.ecdsa: + return LoadCredentialedSigner(cryptoParams, "ecdsa", null); + case SignatureAlgorithm.rsa: + return LoadCredentialedSigner(cryptoParams, "rsa-sign", null); + default: + return null; + } + } + + protected TlsCredentialedSigner LoadCredentialedSigner12(TlsCryptoParameters cryptoParams, + SignatureAndHashAlgorithm signatureAndHashAlgorithm) + { + switch (signatureAndHashAlgorithm.Signature) + { + case SignatureAlgorithm.dsa: + return LoadCredentialedSigner(cryptoParams, "dsa", signatureAndHashAlgorithm); + case SignatureAlgorithm.ecdsa: + return LoadCredentialedSigner(cryptoParams, "ecdsa", signatureAndHashAlgorithm); + case SignatureAlgorithm.ed25519: + return LoadCredentialedSigner(cryptoParams, "ed25519", signatureAndHashAlgorithm); + case SignatureAlgorithm.ed448: + return LoadCredentialedSigner(cryptoParams, "ed448", signatureAndHashAlgorithm); + case SignatureAlgorithm.rsa_pss_pss_sha256: + return LoadCredentialedSigner(cryptoParams, "rsa_pss_256", signatureAndHashAlgorithm); + case SignatureAlgorithm.rsa_pss_pss_sha384: + return LoadCredentialedSigner(cryptoParams, "rsa_pss_384", signatureAndHashAlgorithm); + case SignatureAlgorithm.rsa_pss_pss_sha512: + return LoadCredentialedSigner(cryptoParams, "rsa_pss_512", signatureAndHashAlgorithm); + case SignatureAlgorithm.rsa: + case SignatureAlgorithm.rsa_pss_rsae_sha256: + case SignatureAlgorithm.rsa_pss_rsae_sha384: + case SignatureAlgorithm.rsa_pss_rsae_sha512: + return LoadCredentialedSigner(cryptoParams, "rsa-sign", signatureAndHashAlgorithm); + + // TODO[draft-smyshlyaev-tls12-gost-suites-10] Add test resources for these + case SignatureAlgorithm.gostr34102012_256: + case SignatureAlgorithm.gostr34102012_512: + + default: + return null; + } + } + + protected TlsCredentialedSigner LoadCredentialedSigner13(TlsCryptoParameters cryptoParams, int signatureScheme) + { + SignatureAndHashAlgorithm signatureAndHashAlgorithm = SignatureScheme.GetSignatureAndHashAlgorithm( + signatureScheme); + + switch (signatureScheme) + { + case SignatureScheme.ecdsa_secp256r1_sha256: + return LoadCredentialedSigner(cryptoParams, "ecdsa", signatureAndHashAlgorithm); + case SignatureScheme.ed25519: + return LoadCredentialedSigner(cryptoParams, "ed25519", signatureAndHashAlgorithm); + case SignatureScheme.ed448: + return LoadCredentialedSigner(cryptoParams, "ed448", signatureAndHashAlgorithm); + case SignatureScheme.rsa_pss_pss_sha256: + return LoadCredentialedSigner(cryptoParams, "rsa_pss_256", signatureAndHashAlgorithm); + case SignatureScheme.rsa_pss_pss_sha384: + return LoadCredentialedSigner(cryptoParams, "rsa_pss_384", signatureAndHashAlgorithm); + case SignatureScheme.rsa_pss_pss_sha512: + return LoadCredentialedSigner(cryptoParams, "rsa_pss_512", signatureAndHashAlgorithm); + case SignatureScheme.rsa_pss_rsae_sha256: + case SignatureScheme.rsa_pss_rsae_sha384: + case SignatureScheme.rsa_pss_rsae_sha512: + return LoadCredentialedSigner(cryptoParams, "rsa-sign", signatureAndHashAlgorithm); + + // TODO[tls] Add test resources for these + case SignatureScheme.ecdsa_brainpoolP256r1tls13_sha256: + case SignatureScheme.ecdsa_brainpoolP384r1tls13_sha384: + case SignatureScheme.ecdsa_brainpoolP512r1tls13_sha512: + case SignatureScheme.ecdsa_secp384r1_sha384: + case SignatureScheme.ecdsa_secp521r1_sha512: + case SignatureScheme.sm2sig_sm3: + + default: + return null; + } + } + + [Test] + public void TestDHDomain() + { + if (!m_crypto.HasDHAgreement()) + return; + + for (int namedGroup = 256; namedGroup < 512; ++namedGroup) + { + if (!NamedGroup.RefersToASpecificFiniteField(namedGroup) || !m_crypto.HasNamedGroup(namedGroup)) + continue; + + ImplTestDHDomain(new TlsDHConfig(namedGroup, false)); + ImplTestDHDomain(new TlsDHConfig(namedGroup, true)); + } + + IList groups = new TestTlsDHGroupVerifier().Groups; + foreach (DHGroup dhGroup in groups) + { + BigInteger p = dhGroup.P, g = dhGroup.G; + + /* + * DefaultTlsDHGroupVerifier default groups are configured from DHStandardGroups, so + * we expect to recover the exact instance here. + */ + Assert.AreSame(dhGroup, TlsDHUtilities.GetStandardGroupForDHParameters(p, g)); + + int namedGroup = TlsDHUtilities.GetNamedGroupForDHParameters(p, g); + + // Already tested the named groups + if (NamedGroup.RefersToASpecificFiniteField(namedGroup)) + continue; + + ImplTestDHDomain(new TlsDHConfig(dhGroup)); + } + } + + [Test] + public void TestECDomain() + { + if (!m_crypto.HasECDHAgreement()) + return; + + for (int namedGroup = 0; namedGroup < 256; ++namedGroup) + { + if (!NamedGroup.RefersToAnECDHCurve(namedGroup) || !m_crypto.HasNamedGroup(namedGroup)) + continue; + + ImplTestECDomain(new TlsECConfig(namedGroup)); + } + } + + [Test] + public void TestHkdf() + { + /* + * Test vectors drawn from the server-side calculations of example handshake trace in RFC 8448, section 3. + */ + + int hash = CryptoHashAlgorithm.sha256; + int hashLen = TlsCryptoUtilities.GetHashOutputSize(hash); + + TlsSecret init = m_crypto.HkdfInit(hash), early, handshake, master, c_hs_t, s_hs_t, c_ap_t, s_ap_t, exp_master, res_master; + + TlsHash prfHash = m_crypto.CreateHash(hash); + + byte[] emptyTranscriptHash = GetCurrentHash(prfHash); + Expect(emptyTranscriptHash, "e3 b0 c4 42 98 fc 1c 14 9a fb f4 c8 99 6f b9 24 27 ae 41 e4 64 9b 93 4c a4 95 99 1b 78 52 b8 55"); + + // {server} extract secret "early": + { + TlsSecret ikm = m_crypto.HkdfInit(hash); + early = init.HkdfExtract(hash, ikm); + Expect(early, "33 ad 0a 1c 60 7e c0 3b 09 e6 cd 98 93 68 0c e2 10 ad f3 00 aa 1f 26 60 e1 b2 2e 10 f1 70 f9 2a"); + } + + // {server} derive secret for handshake "tls13 derived": + { + string label = "derived"; + handshake = TlsCryptoUtilities.HkdfExpandLabel(early, hash, label, emptyTranscriptHash, hashLen); + Expect(handshake, "6f 26 15 a1 08 c7 02 c5 67 8f 54 fc 9d ba b6 97 16 c0 76 18 9c 48 25 0c eb ea c3 57 6c 36 11 ba"); + } + + // {server} extract secret "handshake": + { + TlsSecret ikm = m_crypto.CreateSecret( + Hex("8b d4 05 4f b5 5b 9d 63 fd fb ac f9 f0 4b 9f 0d 35 e6 d6 3f 53 75 63 ef d4 62 72 90 0f 89 49 2d")); + handshake = handshake.HkdfExtract(hash, ikm); + Expect(handshake, "1d c8 26 e9 36 06 aa 6f dc 0a ad c1 2f 74 1b 01 04 6a a6 b9 9f 69 1e d2 21 a9 f0 ca 04 3f be ac"); + } + + prfHash.Update(ClientHello, 0, ClientHello.Length); + prfHash.Update(ServerHello, 0, ServerHello.Length); + + byte[] serverHelloTranscriptHash = GetCurrentHash(prfHash); + Expect(serverHelloTranscriptHash, "86 0c 06 ed c0 78 58 ee 8e 78 f0 e7 42 8c 58 ed d6 b4 3f 2c a3 e6 e9 5f 02 ed 06 3c f0 e1 ca d8"); + + // {server} derive secret "tls13 c hs traffic": + { + string label = "c hs traffic"; + c_hs_t = TlsCryptoUtilities.HkdfExpandLabel(handshake, hash, label, serverHelloTranscriptHash, hashLen); + Expect(c_hs_t, "b3 ed db 12 6e 06 7f 35 a7 80 b3 ab f4 5e 2d 8f 3b 1a 95 07 38 f5 2e 96 00 74 6a 0e 27 a5 5a 21"); + } + + // {server} derive secret "tls13 s hs traffic": + { + string label = "s hs traffic"; + s_hs_t = TlsCryptoUtilities.HkdfExpandLabel(handshake, hash, label, serverHelloTranscriptHash, hashLen); + Expect(s_hs_t, "b6 7b 7d 69 0c c1 6c 4e 75 e5 42 13 cb 2d 37 b4 e9 c9 12 bc de d9 10 5d 42 be fd 59 d3 91 ad 38"); + } + + // {server} derive secret for master "tls13 derived": + { + string label = "derived"; + master = TlsCryptoUtilities.HkdfExpandLabel(handshake, hash, label, emptyTranscriptHash, hashLen); + Expect(master, "43 de 77 e0 c7 77 13 85 9a 94 4d b9 db 25 90 b5 31 90 a6 5b 3e e2 e4 f1 2d d7 a0 bb 7c e2 54 b4"); + } + + // {server} extract secret "master": + { + TlsSecret ikm = m_crypto.HkdfInit(hash); + master = master.HkdfExtract(hash, ikm); + Expect(master, "18 df 06 84 3d 13 a0 8b f2 a4 49 84 4c 5f 8a 47 80 01 bc 4d 4c 62 79 84 d5 a4 1d a8 d0 40 29 19"); + } + + // {server} derive write traffic keys for handshake data: + { + TlsSecret key = TlsCryptoUtilities.HkdfExpandLabel(s_hs_t, hash, "key", TlsUtilities.EmptyBytes, 16); + Expect(key, "3f ce 51 60 09 c2 17 27 d0 f2 e4 e8 6e e4 03 bc"); + + TlsSecret iv = TlsCryptoUtilities.HkdfExpandLabel(s_hs_t, hash, "iv", TlsUtilities.EmptyBytes, 12); + Expect(iv, "5d 31 3e b2 67 12 76 ee 13 00 0b 30"); + } + + prfHash.Update(EncryptedExtensions, 0, EncryptedExtensions.Length); + prfHash.Update(Certificate, 0, Certificate.Length); + prfHash.Update(CertificateVerify, 0, CertificateVerify.Length); + + // {server} calculate (server) finished "tls13 finished": + { + TlsSecret expanded = TlsCryptoUtilities.HkdfExpandLabel(s_hs_t, hash, "finished", TlsUtilities.EmptyBytes, hashLen); + Expect(expanded, "00 8d 3b 66 f8 16 ea 55 9f 96 b5 37 e8 85 c3 1f c0 68 bf 49 2c 65 2f 01 f2 88 a1 d8 cd c1 9f c8"); + + // TODO Mention this transcript hash in RFC 8448 data? + byte[] transcriptHash = GetCurrentHash(prfHash); + Expect(transcriptHash, "ed b7 72 5f a7 a3 47 3b 03 1e c8 ef 65 a2 48 54 93 90 01 38 a2 b9 12 91 40 7d 79 51 a0 61 10 ed"); + + byte[] finished = expanded.CalculateHmac(hash, transcriptHash, 0, transcriptHash.Length); + Expect(finished, Hex("9b 9b 14 1d 90 63 37 fb d2 cb dc e7 1d f4 de da 4a b4 2c 30 95 72 cb 7f ff ee 54 54 b7 8f 07 18")); + } + + prfHash.Update(ServerFinished, 0, ServerFinished.Length); + + byte[] serverFinishedTranscriptHash = GetCurrentHash(prfHash); + Expect(serverFinishedTranscriptHash, "96 08 10 2a 0f 1c cc 6d b6 25 0b 7b 7e 41 7b 1a 00 0e aa da 3d aa e4 77 7a 76 86 c9 ff 83 df 13"); + + // {server} derive secret "tls13 c ap traffic": + { + string label = "c ap traffic"; + c_ap_t = TlsCryptoUtilities.HkdfExpandLabel(master, hash, label, serverFinishedTranscriptHash, hashLen); + Expect(c_ap_t, "9e 40 64 6c e7 9a 7f 9d c0 5a f8 88 9b ce 65 52 87 5a fa 0b 06 df 00 87 f7 92 eb b7 c1 75 04 a5"); + } + + // {server} derive secret "tls13 s ap traffic": + { + string label = "s ap traffic"; + s_ap_t = TlsCryptoUtilities.HkdfExpandLabel(master, hash, label, serverFinishedTranscriptHash, hashLen); + Expect(s_ap_t, "a1 1a f9 f0 55 31 f8 56 ad 47 11 6b 45 a9 50 32 82 04 b4 f4 4b fb 6b 3a 4b 4f 1f 3f cb 63 16 43"); + } + + // {server} derive secret "tls13 exp master": + { + string label = "exp master"; + exp_master = TlsCryptoUtilities.HkdfExpandLabel(master, hash, label, serverFinishedTranscriptHash, hashLen); + Expect(exp_master, "fe 22 f8 81 17 6e da 18 eb 8f 44 52 9e 67 92 c5 0c 9a 3f 89 45 2f 68 d8 ae 31 1b 43 09 d3 cf 50"); + } + + // {server} derive write traffic keys for application data: + { + TlsSecret key = TlsCryptoUtilities.HkdfExpandLabel(s_ap_t, hash, "key", TlsUtilities.EmptyBytes, 16); + Expect(key, "9f 02 28 3b 6c 9c 07 ef c2 6b b9 f2 ac 92 e3 56"); + + TlsSecret iv = TlsCryptoUtilities.HkdfExpandLabel(s_ap_t, hash, "iv", TlsUtilities.EmptyBytes, 12); + Expect(iv, "cf 78 2b 88 dd 83 54 9a ad f1 e9 84"); + } + + // {server} derive read traffic keys for handshake data: + { + TlsSecret key = TlsCryptoUtilities.HkdfExpandLabel(c_hs_t, hash, "key", TlsUtilities.EmptyBytes, 16); + Expect(key, "db fa a6 93 d1 76 2c 5b 66 6a f5 d9 50 25 8d 01"); + + TlsSecret iv = TlsCryptoUtilities.HkdfExpandLabel(c_hs_t, hash, "iv", TlsUtilities.EmptyBytes, 12); + Expect(iv, "5b d3 c7 1b 83 6e 0b 76 bb 73 26 5f"); + } + + // {server} calculate (client) finished "tls13 finished": + { + TlsSecret expanded = TlsCryptoUtilities.HkdfExpandLabel(c_hs_t, hash, "finished", TlsUtilities.EmptyBytes, hashLen); + Expect(expanded, "b8 0a d0 10 15 fb 2f 0b d6 5f f7 d4 da 5d 6b f8 3f 84 82 1d 1f 87 fd c7 d3 c7 5b 5a 7b 42 d9 c4"); + + // TODO Mention this transcript hash in RFC 8448 data? + byte[] finished = expanded.CalculateHmac(hash, serverFinishedTranscriptHash, 0, serverFinishedTranscriptHash.Length); + Expect(finished, Hex("a8 ec 43 6d 67 76 34 ae 52 5a c1 fc eb e1 1a 03 9e c1 76 94 fa c6 e9 85 27 b6 42 f2 ed d5 ce 61")); + } + + prfHash.Update(ClientFinished, 0, ClientFinished.Length); + + byte[] clientFinishedTranscriptHash = GetCurrentHash(prfHash); + Expect(clientFinishedTranscriptHash, "20 91 45 a9 6e e8 e2 a1 22 ff 81 00 47 cc 95 26 84 65 8d 60 49 e8 64 29 42 6d b8 7c 54 ad 14 3d"); + + // {server} derive read traffic keys for application data: + { + TlsSecret key = TlsCryptoUtilities.HkdfExpandLabel(c_ap_t, hash, "key", TlsUtilities.EmptyBytes, 16); + Expect(key, "17 42 2d da 59 6e d5 d9 ac d8 90 e3 c6 3f 50 51"); + + TlsSecret iv = TlsCryptoUtilities.HkdfExpandLabel(c_ap_t, hash, "iv", TlsUtilities.EmptyBytes, 12); + Expect(iv, "5b 78 92 3d ee 08 57 90 33 e5 23 d9"); + } + + // {server} derive secret "tls13 res master": + { + res_master = TlsCryptoUtilities.HkdfExpandLabel(master, hash, "res master", clientFinishedTranscriptHash, hashLen); + Expect(res_master, "7d f2 35 f2 03 1d 2a 05 12 87 d0 2b 02 41 b0 bf da f8 6c c8 56 23 1f 2d 5a ba 46 c4 34 ec 19 6c"); + } + + // {server} generate resumption secret "tls13 resumption": + { + byte[] context = Hex("00 00"); + TlsSecret expanded = TlsCryptoUtilities.HkdfExpandLabel(res_master, hash, "resumption", context, hashLen); + Expect(expanded, "4e cd 0e b6 ec 3b 4d 87 f5 d6 02 8f 92 2c a4 c5 85 1a 27 7f d4 13 11 c9 e6 2d 2c 94 92 e1 c4 f3"); + } + } + + [Test] + public void TestHkdfExpandLimit() + { + int[] hashes = new int[] { CryptoHashAlgorithm.md5, CryptoHashAlgorithm.sha1, CryptoHashAlgorithm.sha224, + CryptoHashAlgorithm.sha256, CryptoHashAlgorithm.sha384, CryptoHashAlgorithm.sha512, + CryptoHashAlgorithm.sm3 }; + + for (int i = 0; i < hashes.Length; ++i) + { + int hash = hashes[i]; + int hashLen = TlsCryptoUtilities.GetHashOutputSize(hash); + TlsSecret zeros = m_crypto.HkdfInit(hash); + + int limit = 255 * hashLen; + + TlsSecret secret = m_crypto.HkdfInit(hash).HkdfExtract(hash, zeros); + + try + { + secret.HkdfExpand(hash, TlsUtilities.EmptyBytes, limit); + } + catch (Exception e) + { + Assert.Fail("Unexpected exception: " + e.Message); + } + + try + { + secret.HkdfExpand(hash, TlsUtilities.EmptyBytes, limit + 1); + Assert.Fail("Expected an exception!"); + } + catch (ArgumentException) + { + // Expected + } + catch (Exception e) + { + Assert.Fail("Unexpected exception: " + e.Message); + } + } + } + + [Test] + public void TestSignaturesLegacy() + { + short[] signatureAlgorithms = new short[]{ SignatureAlgorithm.dsa, SignatureAlgorithm.ecdsa, + SignatureAlgorithm.rsa }; + + TlsCryptoParameters cryptoParams = new TestTlsCryptoParameters(ProtocolVersion.TLSv11); + + for (int i = 0; i < signatureAlgorithms.Length; ++i) + { + short signatureAlgorithm = signatureAlgorithms[i]; + if (!m_crypto.HasSignatureAlgorithm(signatureAlgorithm)) + continue; + + TlsCredentialedSigner credentialedSigner = LoadCredentialedSignerLegacy(cryptoParams, + signatureAlgorithm); + if (null != credentialedSigner) + { + ImplTestSignatureLegacy(credentialedSigner); + } + } + } + + [Test] + public void TestSignatures12() + { + short[] hashAlgorithms = new short[]{ HashAlgorithm.md5, HashAlgorithm.sha1, HashAlgorithm.sha224, + HashAlgorithm.sha256, HashAlgorithm.sha384, HashAlgorithm.sha512 }; + short[] signatureAlgorithms = new short[]{ SignatureAlgorithm.dsa, SignatureAlgorithm.ecdsa, + SignatureAlgorithm.rsa }; + + TlsCryptoParameters cryptoParams = new TestTlsCryptoParameters(ProtocolVersion.TLSv12); + + for (int i = 0; i < signatureAlgorithms.Length; ++i) + { + short signatureAlgorithm = signatureAlgorithms[i]; + + for (int j = 0; j < hashAlgorithms.Length; ++j) + { + SignatureAndHashAlgorithm signatureAndHashAlgorithm = SignatureAndHashAlgorithm.GetInstance( + hashAlgorithms[j], signatureAlgorithm); + if (!m_crypto.HasSignatureAndHashAlgorithm(signatureAndHashAlgorithm)) + continue; + + TlsCredentialedSigner credentialedSigner = LoadCredentialedSigner12(cryptoParams, + signatureAndHashAlgorithm); + if (null != credentialedSigner) + { + ImplTestSignature12(credentialedSigner, signatureAndHashAlgorithm); + } + } + } + + // Signature algorithms usable with HashAlgorithm.Intrinsic in TLS 1.2 + short[] intrinsicSignatureAlgorithms = new short[] { SignatureAlgorithm.ed25519, SignatureAlgorithm.ed448, + SignatureAlgorithm.gostr34102012_256, SignatureAlgorithm.gostr34102012_512, + SignatureAlgorithm.rsa_pss_pss_sha256, SignatureAlgorithm.rsa_pss_pss_sha384, + SignatureAlgorithm.rsa_pss_pss_sha512, SignatureAlgorithm.rsa_pss_rsae_sha256, + SignatureAlgorithm.rsa_pss_rsae_sha384, SignatureAlgorithm.rsa_pss_rsae_sha512, }; + + for (int i = 0; i < intrinsicSignatureAlgorithms.Length; ++i) + { + SignatureAndHashAlgorithm signatureAndHashAlgorithm = SignatureAndHashAlgorithm.GetInstance( + HashAlgorithm.Intrinsic, intrinsicSignatureAlgorithms[i]); + if (!m_crypto.HasSignatureAndHashAlgorithm(signatureAndHashAlgorithm)) + continue; + + TlsCredentialedSigner credentialedSigner = LoadCredentialedSigner12(cryptoParams, + signatureAndHashAlgorithm); + if (null != credentialedSigner) + { + ImplTestSignature12(credentialedSigner, signatureAndHashAlgorithm); + } + } + } + + [Test] + public void TestSignatures13() + { + int[] signatureSchemes = new int[] { SignatureScheme.ecdsa_brainpoolP256r1tls13_sha256, + SignatureScheme.ecdsa_brainpoolP384r1tls13_sha384, SignatureScheme.ecdsa_brainpoolP512r1tls13_sha512, + SignatureScheme.ecdsa_secp256r1_sha256, SignatureScheme.ecdsa_secp384r1_sha384, + SignatureScheme.ecdsa_secp521r1_sha512, SignatureScheme.ed25519, SignatureScheme.ed448, + SignatureScheme.rsa_pss_pss_sha256, SignatureScheme.rsa_pss_pss_sha384, SignatureScheme.rsa_pss_pss_sha512, + SignatureScheme.rsa_pss_rsae_sha256, SignatureScheme.rsa_pss_rsae_sha384, + SignatureScheme.rsa_pss_rsae_sha512, SignatureScheme.sm2sig_sm3, + // These are only used for certs in 1.3 (cert verification is not done by TlsCrypto) + //SignatureScheme.ecdsa_sha1, SignatureScheme.rsa_pkcs1_sha1, SignatureScheme.rsa_pkcs1_sha256, + //SignatureScheme.rsa_pkcs1_sha384, SignatureScheme.rsa_pkcs1_sha512, + }; + + TlsCryptoParameters cryptoParams = new TestTlsCryptoParameters(ProtocolVersion.TLSv13); + + for (int i = 0; i < signatureSchemes.Length; ++i) + { + int signatureScheme = signatureSchemes[i]; + if (!m_crypto.HasSignatureScheme(signatureScheme)) + continue; + + TlsCredentialedSigner credentialedSigner = LoadCredentialedSigner13(cryptoParams, signatureScheme); + if (null != credentialedSigner) + { + ImplTestSignature13(credentialedSigner, signatureScheme); + } + } + } + + private void Expect(TlsSecret secret, string expectedHex) + { + Expect(Extract(secret), Hex(expectedHex)); + } + + private void Expect(byte[] actualOctets, string expectedHex) + { + Expect(actualOctets, Hex(expectedHex)); + } + + private void Expect(byte[] actualOctets, byte[] expectedOctets) + { + AssertArrayEquals(actualOctets, expectedOctets); + } + + private byte[] Extract(TlsSecret secret) + { + return m_crypto.AdoptSecret(secret).Extract(); + } + + private byte[] GetCurrentHash(TlsHash hash) + { + return hash.CloneHash().CalculateHash(); + } + + private static void AssertArrayEquals(byte[] a, byte[] b) + { + Assert.IsTrue(Arrays.AreEqual(a, b)); + } + + private static byte[] Hex(string s) + { + return Utilities.Encoders.Hex.Decode(s.Replace(" ", "")); + } + + private void ImplTestAgreement(TlsAgreement aA, TlsAgreement aB) + { + byte[] pA = aA.GenerateEphemeral(); + byte[] pB = aB.GenerateEphemeral(); + + aA.ReceivePeerValue(pB); + aB.ReceivePeerValue(pA); + + TlsSecret sA = aA.CalculateSecret(); + TlsSecret sB = aB.CalculateSecret(); + + AssertArrayEquals(Extract(sA), Extract(sB)); + } + + private void ImplTestDHDomain(TlsDHConfig dhConfig) + { + int namedGroup = dhConfig.NamedGroup; + int bits = namedGroup >= 0 + ? NamedGroup.GetFiniteFieldBits(namedGroup) + : dhConfig.ExplicitGroup.P.BitLength; + + int rounds = System.Math.Max(2, 11 - (bits >> 10)); + + TlsDHDomain d = m_crypto.CreateDHDomain(dhConfig); + + for (int i = 0; i < rounds; ++i) + { + TlsAgreement aA = d.CreateDH(); + TlsAgreement aB = d.CreateDH(); + + ImplTestAgreement(aA, aB); + } + } + + private void ImplTestECDomain(TlsECConfig ecConfig) + { + int bits = NamedGroup.GetCurveBits(ecConfig.NamedGroup); + int rounds = System.Math.Max(2, 12 - (bits >> 6)); + + TlsECDomain d = m_crypto.CreateECDomain(ecConfig); + + for (int i = 0; i < rounds; ++i) + { + TlsAgreement aA = d.CreateECDH(); + TlsAgreement aB = d.CreateECDH(); + + ImplTestAgreement(aA, aB); + } + } + + private void ImplTestSignatureLegacy(TlsCredentialedSigner credentialedSigner) + { + byte[] message = m_crypto.CreateNonceGenerator(TlsUtilities.EmptyBytes).GenerateNonce(100); + + byte[] signature; + TlsStreamSigner tlsStreamSigner = credentialedSigner.GetStreamSigner(); + if (null != tlsStreamSigner) + { + Stream output = tlsStreamSigner.GetOutputStream(); + output.Write(message, 0, message.Length); + signature = tlsStreamSigner.GetSignature(); + } + else + { + TlsHash tlsHash = new CombinedHash(m_crypto); + tlsHash.Update(message, 0, message.Length); + byte[] hash = tlsHash.CalculateHash(); + signature = credentialedSigner.GenerateRawSignature(hash); + } + + DigitallySigned digitallySigned = new DigitallySigned(null, signature); + + TlsCertificate tlsCertificate = credentialedSigner.Certificate.GetCertificateAt(0); + TlsVerifier tlsVerifier = tlsCertificate.CreateVerifier(tlsCertificate.GetLegacySignatureAlgorithm()); + + bool verified; + TlsStreamVerifier tlsStreamVerifier = tlsVerifier.GetStreamVerifier(digitallySigned); + if (null != tlsStreamVerifier) + { + Stream output = tlsStreamVerifier.GetOutputStream(); + output.Write(message, 0, message.Length); + verified = tlsStreamVerifier.IsVerified(); + } + else + { + TlsHash tlsHash = new CombinedHash(m_crypto); + tlsHash.Update(message, 0, message.Length); + byte[] hash = tlsHash.CalculateHash(); + verified = tlsVerifier.VerifyRawSignature(digitallySigned, hash); + } + + Assert.IsTrue(verified); + } + + private void ImplTestSignature12(TlsCredentialedSigner credentialedSigner, + SignatureAndHashAlgorithm signatureAndHashAlgorithm) + { + short hashAlgorithm = signatureAndHashAlgorithm.Hash; + + byte[] message = m_crypto.CreateNonceGenerator(TlsUtilities.EmptyBytes).GenerateNonce(100); + + byte[] signature; + TlsStreamSigner tlsStreamSigner = credentialedSigner.GetStreamSigner(); + if (null != tlsStreamSigner) + { + Stream output = tlsStreamSigner.GetOutputStream(); + output.Write(message, 0, message.Length); + signature = tlsStreamSigner.GetSignature(); + } + else + { + // Currently 1.2 relies on these being handled by stream signers + Assert.IsTrue(HashAlgorithm.Intrinsic != hashAlgorithm); + + int cryptoHashAlgorithm = TlsCryptoUtilities.GetHash(hashAlgorithm); + + TlsHash tlsHash = m_crypto.CreateHash(cryptoHashAlgorithm); + tlsHash.Update(message, 0, message.Length); + byte[] hash = tlsHash.CalculateHash(); + signature = credentialedSigner.GenerateRawSignature(hash); + } + + DigitallySigned digitallySigned = new DigitallySigned(signatureAndHashAlgorithm, signature); + + TlsCertificate tlsCertificate = credentialedSigner.Certificate.GetCertificateAt(0); + TlsVerifier tlsVerifier = tlsCertificate.CreateVerifier(signatureAndHashAlgorithm.Signature); + + bool verified; + TlsStreamVerifier tlsStreamVerifier = tlsVerifier.GetStreamVerifier(digitallySigned); + if (null != tlsStreamVerifier) + { + Stream output = tlsStreamVerifier.GetOutputStream(); + output.Write(message, 0, message.Length); + verified = tlsStreamVerifier.IsVerified(); + } + else + { + // Currently 1.2 relies on these being handled by stream verifiers + Assert.IsTrue(HashAlgorithm.Intrinsic != hashAlgorithm); + + int cryptoHashAlgorithm = TlsCryptoUtilities.GetHash(hashAlgorithm); + + TlsHash tlsHash = m_crypto.CreateHash(cryptoHashAlgorithm); + tlsHash.Update(message, 0, message.Length); + byte[] hash = tlsHash.CalculateHash(); + verified = tlsVerifier.VerifyRawSignature(digitallySigned, hash); + } + + Assert.IsTrue(verified); + } + + private void ImplTestSignature13(TlsCredentialedSigner credentialedSigner, int signatureScheme) + { + byte[] message = m_crypto.CreateNonceGenerator(TlsUtilities.EmptyBytes).GenerateNonce(100); + + byte[] signature; + TlsStreamSigner tlsStreamSigner = credentialedSigner.GetStreamSigner(); + if (null != tlsStreamSigner) + { + Stream output = tlsStreamSigner.GetOutputStream(); + output.Write(message, 0, message.Length); + signature = tlsStreamSigner.GetSignature(); + } + else + { + int cryptoHashAlgorithm = SignatureScheme.GetCryptoHashAlgorithm(signatureScheme); + + TlsHash tlsHash = m_crypto.CreateHash(cryptoHashAlgorithm); + tlsHash.Update(message, 0, message.Length); + byte[] hash = tlsHash.CalculateHash(); + signature = credentialedSigner.GenerateRawSignature(hash); + } + + DigitallySigned digitallySigned = new DigitallySigned( + SignatureScheme.GetSignatureAndHashAlgorithm(signatureScheme), signature); + + TlsCertificate tlsCertificate = credentialedSigner.Certificate.GetCertificateAt(0); + TlsVerifier tlsVerifier = tlsCertificate.CreateVerifier(signatureScheme); + + bool verified; + TlsStreamVerifier tlsStreamVerifier = tlsVerifier.GetStreamVerifier(digitallySigned); + if (null != tlsStreamVerifier) + { + Stream output = tlsStreamVerifier.GetOutputStream(); + output.Write(message, 0, message.Length); + verified = tlsStreamVerifier.IsVerified(); + } + else + { + int cryptoHashAlgorithm = SignatureScheme.GetCryptoHashAlgorithm(signatureScheme); + + TlsHash tlsHash = m_crypto.CreateHash(cryptoHashAlgorithm); + tlsHash.Update(message, 0, message.Length); + byte[] hash = tlsHash.CalculateHash(); + verified = tlsVerifier.VerifyRawSignature(digitallySigned, hash); + } + + Assert.IsTrue(verified); + } + + private class TestTlsCryptoParameters + : TlsCryptoParameters + { + private readonly ProtocolVersion m_serverVersion; + + internal TestTlsCryptoParameters(ProtocolVersion serverVersion) + : base(null) + { + this.m_serverVersion = serverVersion; + } + + public override ProtocolVersion ServerVersion + { + get { return m_serverVersion; } + } + } + + private class TestTlsDHGroupVerifier + : DefaultTlsDHGroupVerifier + { + internal IList Groups + { + get { return m_groups; } + } + } + } +} diff --git a/BouncyCastle/crypto/test/src/tls/test/ByteQueueInputStreamTest.cs b/BouncyCastle/crypto/test/src/tls/test/ByteQueueInputStreamTest.cs new file mode 100644 index 0000000..9edb310 --- /dev/null +++ b/BouncyCastle/crypto/test/src/tls/test/ByteQueueInputStreamTest.cs @@ -0,0 +1,134 @@ +using System; + +using NUnit.Framework; + +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Tls.Tests +{ + [TestFixture] + public class ByteQueueInputStreamTest + { + [Test] + public void TestAvailable() + { + ByteQueueInputStream input = new ByteQueueInputStream(); + + // buffer is empty + Assert.AreEqual(0, input.Available); + + // after adding once + input.AddBytes(new byte[10]); + Assert.AreEqual(10, input.Available); + + // after adding more than once + input.AddBytes(new byte[5]); + Assert.AreEqual(15, input.Available); + + // after reading a single byte + input.ReadByte(); + Assert.AreEqual(14, input.Available); + + // after reading into a byte array + input.Read(new byte[4], 0, 4); + Assert.AreEqual(10, input.Available); + + input.Close(); + } + + [Test] + public void TestSkip() + { + ByteQueueInputStream input = new ByteQueueInputStream(); + + // skip when buffer is empty + Assert.AreEqual(0, input.Skip(10)); + + // skip equal to available + input.AddBytes(new byte[2]); + Assert.AreEqual(2, input.Skip(2)); + Assert.AreEqual(0, input.Available); + + // skip less than available + input.AddBytes(new byte[10]); + Assert.AreEqual(5, input.Skip(5)); + Assert.AreEqual(5, input.Available); + + // skip more than available + Assert.AreEqual(5, input.Skip(20)); + Assert.AreEqual(0, input.Available); + + input.Close(); + } + + [Test] + public void TestRead() + { + ByteQueueInputStream input = new ByteQueueInputStream(); + input.AddBytes(new byte[]{ 0x01, 0x02 }); + input.AddBytes(new byte[]{ 0x03 }); + + Assert.AreEqual(0x01, input.ReadByte()); + Assert.AreEqual(0x02, input.ReadByte()); + Assert.AreEqual(0x03, input.ReadByte()); + Assert.AreEqual(-1, input.ReadByte()); + + input.Close(); + } + + [Test] + public void TestReadArray() + { + ByteQueueInputStream input = new ByteQueueInputStream(); + input.AddBytes(new byte[]{ 0x01, 0x02, 0x03, 0x04, 0x05, 0x06 }); + + byte[] buffer = new byte[5]; + + // read less than available into specified position + Assert.AreEqual(1, input.Read(buffer, 2, 1)); + AssertArrayEquals(new byte[]{ 0x00, 0x00, 0x01, 0x00, 0x00 }, buffer); + + // read equal to available + Assert.AreEqual(5, input.Read(buffer, 0, buffer.Length)); + AssertArrayEquals(new byte[]{ 0x02, 0x03, 0x04, 0x05, 0x06 }, buffer); + + // read more than available + input.AddBytes(new byte[]{ 0x01, 0x02, 0x03 }); + Assert.AreEqual(3, input.Read(buffer, 0, buffer.Length)); + AssertArrayEquals(new byte[]{ 0x01, 0x02, 0x03, 0x05, 0x06 }, buffer); + + input.Close(); + } + + [Test] + public void TestPeek() + { + ByteQueueInputStream input = new ByteQueueInputStream(); + + byte[] buffer = new byte[5]; + + // peek more than available + Assert.AreEqual(0, input.Peek(buffer)); + AssertArrayEquals(new byte[]{ 0x00, 0x00, 0x00, 0x00, 0x00 }, buffer); + + // peek less than available + input.AddBytes(new byte[]{ 0x01, 0x02, 0x03, 0x04, 0x05, 0x06 }); + Assert.AreEqual(5, input.Peek(buffer)); + AssertArrayEquals(new byte[]{ 0x01, 0x02, 0x03, 0x04, 0x05 }, buffer); + Assert.AreEqual(6, input.Available); + + // peek equal to available + input.ReadByte(); + Assert.AreEqual(5, input.Peek(buffer)); + AssertArrayEquals(new byte[]{ 0x02, 0x03, 0x04, 0x05, 0x06 }, buffer); + Assert.AreEqual(5, input.Available); + + input.Close(); + } + + private static void AssertArrayEquals(byte[] a, byte[] b) + { + Assert.IsTrue(Arrays.AreEqual(a, b)); + } + } +} diff --git a/BouncyCastle/crypto/test/src/tls/test/CertChainUtilities.cs b/BouncyCastle/crypto/test/src/tls/test/CertChainUtilities.cs new file mode 100644 index 0000000..8df8e48 --- /dev/null +++ b/BouncyCastle/crypto/test/src/tls/test/CertChainUtilities.cs @@ -0,0 +1,123 @@ +using System; +using System.Threading; + +using Org.BouncyCastle.Asn1.X509; +using Org.BouncyCastle.Crypto; +using Org.BouncyCastle.Crypto.Operators; +using Org.BouncyCastle.Math; +using Org.BouncyCastle.Security; +using Org.BouncyCastle.X509; +using Org.BouncyCastle.X509.Extension; + +namespace Org.BouncyCastle.Tls.Tests +{ + public class CertChainUtilities + { + private static readonly SecureRandom Random = new SecureRandom(); + + private static long serialNumber = 1L; + + ///

    We generate the CA's certificate. + public static X509Certificate CreateMasterCert(string rootDN, AsymmetricCipherKeyPair keyPair) + { + // + // create the certificate - version 1 + // + X509V1CertificateGenerator gen = new X509V1CertificateGenerator(); + gen.SetIssuerDN(new X509Name(rootDN)); + gen.SetSerialNumber(BigInteger.ValueOf(Interlocked.Increment(ref serialNumber))); + gen.SetNotBefore(DateTime.UtcNow.AddDays(-30)); + gen.SetNotAfter(DateTime.UtcNow.AddDays(30)); + gen.SetSubjectDN(new X509Name(rootDN)); + gen.SetPublicKey(keyPair.Public); + + return SignV1(gen, keyPair.Private); + } + + /// We generate an intermediate certificate signed by our CA. + public static X509Certificate CreateIntermediateCert(string interDN, AsymmetricKeyParameter pubKey, + AsymmetricKeyParameter caPrivKey, X509Certificate caCert) + { + // + // create the certificate - version 3 + // + X509V3CertificateGenerator gen = new X509V3CertificateGenerator(); + gen.SetIssuerDN(caCert.SubjectDN); + gen.SetSerialNumber(BigInteger.ValueOf(Interlocked.Increment(ref serialNumber))); + gen.SetNotBefore(DateTime.UtcNow.AddDays(-30)); + gen.SetNotAfter(DateTime.UtcNow.AddDays(30)); + gen.SetSubjectDN(new X509Name(interDN)); + gen.SetPublicKey(pubKey); + + // + // extensions + // + gen.AddExtension(X509Extensions.SubjectKeyIdentifier, false, + new SubjectKeyIdentifierStructure(pubKey)); + gen.AddExtension(X509Extensions.AuthorityKeyIdentifier, false, + new AuthorityKeyIdentifierStructure(caCert)); + gen.AddExtension(X509Extensions.BasicConstraints, true, + new BasicConstraints(0)); + + return SignV3(gen, caPrivKey); + } + + /// We generate a certificate signed by our CA's intermediate certificate. + public static X509Certificate CreateEndEntityCert(string endEntityDN, AsymmetricKeyParameter pubKey, + AsymmetricKeyParameter caPrivKey, X509Certificate caCert) + { + X509V3CertificateGenerator gen = CreateBaseEndEntityGenerator(endEntityDN, pubKey, caCert); + + return SignV3(gen, caPrivKey); + } + + /// We generate a certificate signed by our CA's intermediate certificate with ExtendedKeyUsage + /// extension. + public static X509Certificate CreateEndEntityCert(string endEntityDN, AsymmetricKeyParameter pubKey, + AsymmetricKeyParameter caPrivKey, X509Certificate caCert, KeyPurposeID keyPurposeID) + { + X509V3CertificateGenerator gen = CreateBaseEndEntityGenerator(endEntityDN, pubKey, caCert); + + gen.AddExtension(X509Extensions.ExtendedKeyUsage, true, new ExtendedKeyUsage(keyPurposeID)); + + return SignV3(gen, caPrivKey); + } + + private static X509V3CertificateGenerator CreateBaseEndEntityGenerator(string endEntityDN, + AsymmetricKeyParameter pubKey, X509Certificate caCert) + { + // + // create the certificate - version 3 + // + X509V3CertificateGenerator gen = new X509V3CertificateGenerator(); + gen.SetIssuerDN(caCert.SubjectDN); + gen.SetSerialNumber(BigInteger.ValueOf(Interlocked.Increment(ref serialNumber))); + gen.SetNotBefore(DateTime.UtcNow.AddDays(-30)); + gen.SetNotAfter(DateTime.UtcNow.AddDays(30)); + gen.SetSubjectDN(new X509Name(endEntityDN)); + gen.SetPublicKey(pubKey); + + // + // add the extensions + // + gen.AddExtension(X509Extensions.SubjectKeyIdentifier, false, + new SubjectKeyIdentifierStructure(pubKey)); + gen.AddExtension(X509Extensions.AuthorityKeyIdentifier, false, + new AuthorityKeyIdentifierStructure(caCert.GetPublicKey())); + gen.AddExtension(X509Extensions.BasicConstraints, true, + new BasicConstraints(false)); + + return gen; + } + + private static X509Certificate SignV1(X509V1CertificateGenerator gen, AsymmetricKeyParameter caPrivKey) + { + return gen.Generate(new Asn1SignatureFactory("SHA256withRSA", caPrivKey, Random)); + } + + private static X509Certificate SignV3(X509V3CertificateGenerator gen, AsymmetricKeyParameter caPrivKey) + { + return gen.Generate(new Asn1SignatureFactory("SHA256withRSA", caPrivKey, Random)); + } + } +} diff --git a/BouncyCastle/crypto/test/src/tls/test/DtlsProtocolTest.cs b/BouncyCastle/crypto/test/src/tls/test/DtlsProtocolTest.cs new file mode 100644 index 0000000..3880036 --- /dev/null +++ b/BouncyCastle/crypto/test/src/tls/test/DtlsProtocolTest.cs @@ -0,0 +1,102 @@ +using System; +using System.Threading; + +using NUnit.Framework; + +using Org.BouncyCastle.Security; +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Tls.Tests +{ + [TestFixture] + public class DtlsProtocolTest + { + [Test] + public void TestClientServer() + { + SecureRandom secureRandom = new SecureRandom(); + + DtlsClientProtocol clientProtocol = new DtlsClientProtocol(); + DtlsServerProtocol serverProtocol = new DtlsServerProtocol(); + + MockDatagramAssociation network = new MockDatagramAssociation(1500); + + Server server = new Server(serverProtocol, network.Server); + + Thread serverThread = new Thread(new ThreadStart(server.Run)); + serverThread.Start(); + + DatagramTransport clientTransport = network.Client; + + clientTransport = new UnreliableDatagramTransport(clientTransport, secureRandom, 0, 0); + + clientTransport = new LoggingDatagramTransport(clientTransport, Console.Out); + + MockDtlsClient client = new MockDtlsClient(null); + + DtlsTransport dtlsClient = clientProtocol.Connect(client, clientTransport); + + for (int i = 1; i <= 10; ++i) + { + byte[] data = new byte[i]; + Arrays.Fill(data, (byte)i); + dtlsClient.Send(data, 0, data.Length); + } + + byte[] buf = new byte[dtlsClient.GetReceiveLimit()]; + while (dtlsClient.Receive(buf, 0, buf.Length, 100) >= 0) + { + } + + dtlsClient.Close(); + + server.Shutdown(serverThread); + } + + internal class Server + { + private readonly DtlsServerProtocol m_serverProtocol; + private readonly DatagramTransport m_serverTransport; + private volatile bool m_isShutdown = false; + + internal Server(DtlsServerProtocol serverProtocol, DatagramTransport serverTransport) + { + this.m_serverProtocol = serverProtocol; + this.m_serverTransport = serverTransport; + } + + public void Run() + { + try + { + MockDtlsServer server = new MockDtlsServer(); + DtlsTransport dtlsServer = m_serverProtocol.Accept(server, m_serverTransport); + byte[] buf = new byte[dtlsServer.GetReceiveLimit()]; + while (!m_isShutdown) + { + int length = dtlsServer.Receive(buf, 0, buf.Length, 1000); + if (length >= 0) + { + dtlsServer.Send(buf, 0, length); + } + } + dtlsServer.Close(); + } + catch (Exception e) + { + Console.Error.WriteLine(e); + Console.Error.Flush(); + } + } + + internal void Shutdown(Thread serverThread) + { + if (!m_isShutdown) + { + this.m_isShutdown = true; + serverThread.Join(); + } + } + } + } +} diff --git a/BouncyCastle/crypto/test/src/tls/test/DtlsPskProtocolTest.cs b/BouncyCastle/crypto/test/src/tls/test/DtlsPskProtocolTest.cs new file mode 100644 index 0000000..f0e6855 --- /dev/null +++ b/BouncyCastle/crypto/test/src/tls/test/DtlsPskProtocolTest.cs @@ -0,0 +1,102 @@ +using System; +using System.Threading; + +using NUnit.Framework; + +using Org.BouncyCastle.Security; +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Tls.Tests +{ + [TestFixture] + public class DtlsPskProtocolTest + { + [Test] + public void TestClientServer() + { + SecureRandom secureRandom = new SecureRandom(); + + DtlsClientProtocol clientProtocol = new DtlsClientProtocol(); + DtlsServerProtocol serverProtocol = new DtlsServerProtocol(); + + MockDatagramAssociation network = new MockDatagramAssociation(1500); + + Server server = new Server(serverProtocol, network.Server); + + Thread serverThread = new Thread(new ThreadStart(server.Run)); + serverThread.Start(); + + DatagramTransport clientTransport = network.Client; + + clientTransport = new UnreliableDatagramTransport(clientTransport, secureRandom, 0, 0); + + clientTransport = new LoggingDatagramTransport(clientTransport, Console.Out); + + MockPskDtlsClient client = new MockPskDtlsClient(null); + + DtlsTransport dtlsClient = clientProtocol.Connect(client, clientTransport); + + for (int i = 1; i <= 10; ++i) + { + byte[] data = new byte[i]; + Arrays.Fill(data, (byte)i); + dtlsClient.Send(data, 0, data.Length); + } + + byte[] buf = new byte[dtlsClient.GetReceiveLimit()]; + while (dtlsClient.Receive(buf, 0, buf.Length, 100) >= 0) + { + } + + dtlsClient.Close(); + + server.Shutdown(serverThread); + } + + internal class Server + { + private readonly DtlsServerProtocol m_serverProtocol; + private readonly DatagramTransport m_serverTransport; + private volatile bool m_isShutdown = false; + + internal Server(DtlsServerProtocol serverProtocol, DatagramTransport serverTransport) + { + this.m_serverProtocol = serverProtocol; + this.m_serverTransport = serverTransport; + } + + public void Run() + { + try + { + MockPskDtlsServer server = new MockPskDtlsServer(); + DtlsTransport dtlsServer = m_serverProtocol.Accept(server, m_serverTransport); + byte[] buf = new byte[dtlsServer.GetReceiveLimit()]; + while (!m_isShutdown) + { + int length = dtlsServer.Receive(buf, 0, buf.Length, 1000); + if (length >= 0) + { + dtlsServer.Send(buf, 0, length); + } + } + dtlsServer.Close(); + } + catch (Exception e) + { + Console.Error.WriteLine(e); + Console.Error.Flush(); + } + } + + internal void Shutdown(Thread serverThread) + { + if (!m_isShutdown) + { + this.m_isShutdown = true; + serverThread.Join(); + } + } + } + } +} diff --git a/BouncyCastle/crypto/test/src/tls/test/DtlsTestCase.cs b/BouncyCastle/crypto/test/src/tls/test/DtlsTestCase.cs new file mode 100644 index 0000000..d93f17c --- /dev/null +++ b/BouncyCastle/crypto/test/src/tls/test/DtlsTestCase.cs @@ -0,0 +1,164 @@ +using System; +using System.Threading; + +using NUnit.Framework; + +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Tls.Tests +{ + [TestFixture] + public class DtlsTestCase + { + private static void CheckDtlsVersions(ProtocolVersion[] versions) + { + if (versions != null) + { + for (int i = 0; i < versions.Length; ++i) + { + if (!versions[i].IsDtls) + throw new InvalidOperationException("Non-DTLS version"); + } + } + } + + [Test, TestCaseSource(typeof(DtlsTestSuite), "Suite")] + public void RunTest(TlsTestConfig config) + { + CheckDtlsVersions(config.clientSupportedVersions); + CheckDtlsVersions(config.serverSupportedVersions); + + DtlsTestClientProtocol clientProtocol = new DtlsTestClientProtocol(config); + DtlsTestServerProtocol serverProtocol = new DtlsTestServerProtocol(config); + + MockDatagramAssociation network = new MockDatagramAssociation(1500); + + TlsTestClientImpl clientImpl = new TlsTestClientImpl(config); + TlsTestServerImpl serverImpl = new TlsTestServerImpl(config); + + Server server = new Server(this, serverProtocol, network.Server, serverImpl); + + Thread serverThread = new Thread(new ThreadStart(server.Run)); + serverThread.Start(); + + Exception caught = null; + try + { + DatagramTransport clientTransport = network.Client; + + if (TlsTestConfig.Debug) + { + clientTransport = new LoggingDatagramTransport(clientTransport, Console.Out); + } + + DtlsTransport dtlsClient = clientProtocol.Connect(clientImpl, clientTransport); + + for (int i = 1; i <= 10; ++i) + { + byte[] data = new byte[i]; + Arrays.Fill(data, (byte)i); + dtlsClient.Send(data, 0, data.Length); + } + + byte[] buf = new byte[dtlsClient.GetReceiveLimit()]; + while (dtlsClient.Receive(buf, 0, buf.Length, 100) >= 0) + { + } + + dtlsClient.Close(); + } + catch (Exception e) + { + caught = e; + LogException(caught); + } + + server.Shutdown(serverThread); + + // TODO Add checks that the various streams were closed + + Assert.AreEqual(config.expectFatalAlertConnectionEnd, clientImpl.FirstFatalAlertConnectionEnd, + "Client fatal alert connection end"); + Assert.AreEqual(config.expectFatalAlertConnectionEnd, serverImpl.FirstFatalAlertConnectionEnd, + "Server fatal alert connection end"); + + Assert.AreEqual(config.expectFatalAlertDescription, clientImpl.FirstFatalAlertDescription, + "Client fatal alert description"); + Assert.AreEqual(config.expectFatalAlertDescription, serverImpl.FirstFatalAlertDescription, + "Server fatal alert description"); + + if (config.expectFatalAlertConnectionEnd == -1) + { + Assert.IsNull(caught, "Unexpected client exception"); + Assert.IsNull(server.Caught, "Unexpected server exception"); + } + } + + protected void LogException(Exception e) + { + if (TlsTestConfig.Debug) + { + Console.Error.WriteLine(e); + Console.Error.Flush(); + } + } + + internal class Server + { + private readonly DtlsTestCase m_outer; + private readonly DtlsTestServerProtocol m_serverProtocol; + private readonly DatagramTransport m_serverTransport; + private readonly TlsTestServerImpl m_serverImpl; + + private volatile bool m_isShutdown = false; + private Exception m_caught = null; + + internal Server(DtlsTestCase outer, DtlsTestServerProtocol serverProtocol, + DatagramTransport serverTransport, TlsTestServerImpl serverImpl) + { + this.m_outer = outer; + this.m_serverProtocol = serverProtocol; + this.m_serverTransport = serverTransport; + this.m_serverImpl = serverImpl; + } + + public void Run() + { + try + { + DtlsTransport dtlsServer = m_serverProtocol.Accept(m_serverImpl, m_serverTransport); + byte[] buf = new byte[dtlsServer.GetReceiveLimit()]; + while (!m_isShutdown) + { + int length = dtlsServer.Receive(buf, 0, buf.Length, 100); + if (length >= 0) + { + dtlsServer.Send(buf, 0, length); + } + } + dtlsServer.Close(); + } + catch (Exception e) + { + this.m_caught = e; + m_outer.LogException(m_caught); + } + } + + internal void Shutdown(Thread serverThread) + { + if (!m_isShutdown) + { + this.m_isShutdown = true; + //serverThread.Interrupt(); + serverThread.Join(); + } + } + + internal Exception Caught + { + get { return m_caught; } + } + } + } +} diff --git a/BouncyCastle/crypto/test/src/tls/test/DtlsTestClientProtocol.cs b/BouncyCastle/crypto/test/src/tls/test/DtlsTestClientProtocol.cs new file mode 100644 index 0000000..99a7fa0 --- /dev/null +++ b/BouncyCastle/crypto/test/src/tls/test/DtlsTestClientProtocol.cs @@ -0,0 +1,27 @@ +using System; + +namespace Org.BouncyCastle.Tls.Tests +{ + internal class DtlsTestClientProtocol + : DtlsClientProtocol + { + protected readonly TlsTestConfig m_config; + + public DtlsTestClientProtocol(TlsTestConfig config) + : base() + { + this.m_config = config; + } + + protected override byte[] GenerateCertificateVerify(ClientHandshakeState state, + DigitallySigned certificateVerify) + { + if (certificateVerify.Algorithm != null && m_config.clientAuthSigAlgClaimed != null) + { + certificateVerify = new DigitallySigned(m_config.clientAuthSigAlgClaimed, certificateVerify.Signature); + } + + return base.GenerateCertificateVerify(state, certificateVerify); + } + } +} diff --git a/BouncyCastle/crypto/test/src/tls/test/DtlsTestServerProtocol.cs b/BouncyCastle/crypto/test/src/tls/test/DtlsTestServerProtocol.cs new file mode 100644 index 0000000..08fc2b6 --- /dev/null +++ b/BouncyCastle/crypto/test/src/tls/test/DtlsTestServerProtocol.cs @@ -0,0 +1,16 @@ +using System; + +namespace Org.BouncyCastle.Tls.Tests +{ + internal class DtlsTestServerProtocol + : DtlsServerProtocol + { + protected readonly TlsTestConfig m_config; + + public DtlsTestServerProtocol(TlsTestConfig config) + : base() + { + this.m_config = config; + } + } +} diff --git a/BouncyCastle/crypto/test/src/tls/test/DtlsTestSuite.cs b/BouncyCastle/crypto/test/src/tls/test/DtlsTestSuite.cs new file mode 100644 index 0000000..0af2be3 --- /dev/null +++ b/BouncyCastle/crypto/test/src/tls/test/DtlsTestSuite.cs @@ -0,0 +1,260 @@ +using System; +using System.Collections; + +using NUnit.Framework; + +namespace Org.BouncyCastle.Tls.Tests +{ + public class DtlsTestSuite + { + // Make the access to constants less verbose + internal class C : TlsTestConfig {} + + public DtlsTestSuite() + { + } + + public static IEnumerable Suite() + { + IList testSuite = new ArrayList(); + + AddFallbackTests(testSuite); + AddVersionTests(testSuite, ProtocolVersion.DTLSv10); + AddVersionTests(testSuite, ProtocolVersion.DTLSv12); + + return testSuite; + } + + private static void AddFallbackTests(IList testSuite) + { + { + TlsTestConfig c = CreateDtlsTestConfig(ProtocolVersion.DTLSv12); + c.clientFallback = true; + + AddTestCase(testSuite, c, "FallbackGood"); + } + + /* + * NOTE: Temporarily disabled automatic test runs because of problems getting a clean exit + * of the DTLS server after a fatal alert. As of writing, manual runs show the correct + * alerts being raised + */ + +#if false + { + TlsTestConfig c = CreateDtlsTestConfig(ProtocolVersion.DTLSv12); + c.clientFallback = true; + c.clientSupportedVersions = ProtocolVersion.DTLSv10.Only(); + c.ExpectServerFatalAlert(AlertDescription.inappropriate_fallback); + + AddTestCase(testSuite, c, "FallbackBad"); + } +#endif + + { + TlsTestConfig c = CreateDtlsTestConfig(ProtocolVersion.DTLSv12); + c.clientSupportedVersions = ProtocolVersion.DTLSv10.Only(); + + AddTestCase(testSuite, c, "FallbackNone"); + } + } + + private static void AddVersionTests(IList testSuite, ProtocolVersion version) + { + string prefix = version.ToString() + .Replace(" ", "") + .Replace("\\", "") + .Replace(".", "") + + "_"; + + /* + * NOTE: Temporarily disabled automatic test runs because of problems getting a clean exit + * of the DTLS server after a fatal alert. As of writing, manual runs show the correct + * alerts being raised + */ + +#if false + /* + * Server only declares support for SHA1/RSA, client selects MD5/RSA. Since the client is + * NOT actually tracking MD5 over the handshake, we expect fatal alert from the client. + */ + if (TlsUtilities.IsTlsV12(version)) + { + TlsTestConfig c = CreateDtlsTestConfig(version); + c.clientAuth = C.CLIENT_AUTH_VALID; + c.clientAuthSigAlg = new SignatureAndHashAlgorithm(HashAlgorithm.md5, SignatureAlgorithm.rsa); + c.serverCertReqSigAlgs = TlsUtilities.GetDefaultRsaSignatureAlgorithms(); + c.ExpectClientFatalAlert(AlertDescription.internal_error); + + AddTestCase(testSuite, c, prefix + "BadCertificateVerifyHashAlg"); + } + + /* + * Server only declares support for SHA1/ECDSA, client selects SHA1/RSA. Since the client is + * actually tracking SHA1 over the handshake, we expect fatal alert to come from the server + * when it verifies the selected algorithm against the CertificateRequest supported + * algorithms. + */ + if (TlsUtilities.IsTlsV12(version)) + { + TlsTestConfig c = CreateDtlsTestConfig(version); + c.clientAuth = C.CLIENT_AUTH_VALID; + c.clientAuthSigAlg = new SignatureAndHashAlgorithm(HashAlgorithm.sha1, SignatureAlgorithm.rsa); + c.serverCertReqSigAlgs = TlsUtilities.GetDefaultECDsaSignatureAlgorithms(); + c.serverCheckSigAlgOfClientCerts = false; + c.ExpectServerFatalAlert(AlertDescription.illegal_parameter); + + AddTestCase(testSuite, c, prefix + "BadCertificateVerifySigAlg"); + } + + /* + * Server only declares support for SHA1/ECDSA, client signs with SHA1/RSA, but sends + * SHA1/ECDSA in the CertificateVerify. Since the client is actually tracking SHA1 over the + * handshake, and the claimed algorithm is in the CertificateRequest supported algorithms, + * we expect fatal alert to come from the server when it finds the claimed algorithm + * doesn't match the client certificate. + */ + if (TlsUtilities.IsTlsV12(version)) + { + TlsTestConfig c = CreateDtlsTestConfig(version); + c.clientAuth = C.CLIENT_AUTH_VALID; + c.clientAuthSigAlg = new SignatureAndHashAlgorithm(HashAlgorithm.sha1, SignatureAlgorithm.rsa); + c.clientAuthSigAlgClaimed = new SignatureAndHashAlgorithm(HashAlgorithm.sha1, + SignatureAlgorithm.ecdsa); + c.serverCertReqSigAlgs = TlsUtilities.GetDefaultECDsaSignatureAlgorithms(); + c.ExpectServerFatalAlert(AlertDescription.decrypt_error); + + AddTestCase(testSuite, c, prefix + "BadCertificateVerifySigAlgMismatch"); + } + + { + TlsTestConfig c = CreateDtlsTestConfig(version); + c.clientAuth = C.CLIENT_AUTH_INVALID_VERIFY; + c.ExpectServerFatalAlert(AlertDescription.decrypt_error); + + AddTestCase(testSuite, c, prefix + "BadCertificateVerifySignature"); + } + + { + TlsTestConfig c = CreateDtlsTestConfig(version); + c.clientAuth = C.CLIENT_AUTH_INVALID_CERT; + c.ExpectServerFatalAlert(AlertDescription.bad_certificate); + + AddTestCase(testSuite, c, prefix + "BadClientCertificate"); + } + + { + TlsTestConfig c = CreateDtlsTestConfig(version); + c.clientAuth = C.CLIENT_AUTH_NONE; + c.serverCertReq = C.SERVER_CERT_REQ_MANDATORY; + c.ExpectServerFatalAlert(AlertDescription.handshake_failure); + + AddTestCase(testSuite, c, prefix + "BadMandatoryCertReqDeclined"); + } + + /* + * Server sends SHA-256/RSA certificate, which is not the default {sha1,rsa} implied by the + * absent signature_algorithms extension. We expect fatal alert from the client when it + * verifies the certificate's 'signatureAlgorithm' against the implicit default signature_algorithms. + */ + if (TlsUtilities.IsTlsV12(version)) + { + TlsTestConfig c = CreateDtlsTestConfig(version); + c.clientSendSignatureAlgorithms = false; + c.serverAuthSigAlg = new SignatureAndHashAlgorithm(HashAlgorithm.sha256, SignatureAlgorithm.rsa); + c.ExpectClientFatalAlert(AlertDescription.certificate_unknown); + + AddTestCase(testSuite, c, prefix + "BadServerCertSigAlg"); + } + + /* + * Server selects MD5/RSA for ServerKeyExchange signature, which is not in the default + * supported signature algorithms that the client sent. We expect fatal alert from the + * client when it verifies the selected algorithm against the supported algorithms. + */ + if (TlsUtilities.IsTlsV12(version)) + { + TlsTestConfig c = CreateDtlsTestConfig(version); + c.serverAuthSigAlg = new SignatureAndHashAlgorithm(HashAlgorithm.md5, SignatureAlgorithm.rsa); + c.ExpectClientFatalAlert(AlertDescription.illegal_parameter); + + AddTestCase(testSuite, c, prefix + "BadServerKeyExchangeSigAlg"); + } + + /* + * Server selects MD5/RSA for ServerKeyExchange signature, which is not the default {sha1,rsa} + * implied by the absent signature_algorithms extension. We expect fatal alert from the + * client when it verifies the selected algorithm against the implicit default. + */ + if (TlsUtilities.IsTlsV12(version)) + { + TlsTestConfig c = CreateDtlsTestConfig(version); + c.clientCheckSigAlgOfServerCerts = false; + c.clientSendSignatureAlgorithms = false; + c.serverAuthSigAlg = new SignatureAndHashAlgorithm(HashAlgorithm.md5, SignatureAlgorithm.rsa); + c.ExpectClientFatalAlert(AlertDescription.illegal_parameter); + + AddTestCase(testSuite, c, prefix + "BadServerKeyExchangeSigAlg2"); + } +#endif + + { + TlsTestConfig c = CreateDtlsTestConfig(version); + + AddTestCase(testSuite, c, prefix + "GoodDefault"); + } + + { + TlsTestConfig c = CreateDtlsTestConfig(version); + c.serverCertReq = C.SERVER_CERT_REQ_NONE; + + AddTestCase(testSuite, c, prefix + "GoodNoCertReq"); + } + + { + TlsTestConfig c = CreateDtlsTestConfig(version); + c.clientAuth = C.CLIENT_AUTH_NONE; + + AddTestCase(testSuite, c, prefix + "GoodOptionalCertReqDeclined"); + } + +#if false + /* + * Server generates downgraded (RFC 8446) ServerHello. We expect fatal alert + * (illegal_parameter) from the client. + */ + if (!TlsUtilities.IsTlsV12(version)) + { + TlsTestConfig c = CreateDtlsTestConfig(version); + c.serverNegotiateVersion = version; + c.serverSupportedVersions = ProtocolVersion.DTLSv12.DownTo(version); + c.ExpectClientFatalAlert(AlertDescription.illegal_parameter); + + AddTestCase(testSuite, c, prefix + "BadDowngrade"); + } +#endif + } + + private static void AddTestCase(IList testSuite, TlsTestConfig config, string name) + { + testSuite.Add(new TestCaseData(config).SetName(name)); + } + + private static TlsTestConfig CreateDtlsTestConfig(ProtocolVersion serverMaxVersion) + { + TlsTestConfig c = new TlsTestConfig(); + c.clientSupportedVersions = ProtocolVersion.DTLSv12.DownTo(ProtocolVersion.DTLSv10); + c.serverSupportedVersions = serverMaxVersion.DownTo(ProtocolVersion.DTLSv10); + return c; + } + + public static void RunTests() + { + foreach (TestCaseData data in Suite()) + { + Console.WriteLine(data.TestName); + new DtlsTestCase().RunTest((TlsTestConfig)data.Arguments[0]); + } + } + } +} diff --git a/BouncyCastle/crypto/test/src/tls/test/LoggingDatagramTransport.cs b/BouncyCastle/crypto/test/src/tls/test/LoggingDatagramTransport.cs new file mode 100644 index 0000000..f675b72 --- /dev/null +++ b/BouncyCastle/crypto/test/src/tls/test/LoggingDatagramTransport.cs @@ -0,0 +1,87 @@ +using System; +using System.IO; +using System.Text; + +using Org.BouncyCastle.Utilities.Date; + +namespace Org.BouncyCastle.Tls.Tests +{ + public class LoggingDatagramTransport + : DatagramTransport + { + private static readonly string HEX_CHARS = "0123456789ABCDEF"; + + private readonly DatagramTransport m_transport; + private readonly TextWriter m_output; + private readonly long m_launchTimestamp; + + public LoggingDatagramTransport(DatagramTransport transport, TextWriter output) + { + this.m_transport = transport; + this.m_output = output; + this.m_launchTimestamp = DateTimeUtilities.CurrentUnixMs(); + } + + public virtual int GetReceiveLimit() + { + return m_transport.GetReceiveLimit(); + } + + public virtual int GetSendLimit() + { + return m_transport.GetSendLimit(); + } + + public virtual int Receive(byte[] buf, int off, int len, int waitMillis) + { + int length = m_transport.Receive(buf, off, len, waitMillis); + if (length >= 0) + { + DumpDatagram("Received", buf, off, length); + } + return length; + } + + public virtual void Send(byte[] buf, int off, int len) + { + DumpDatagram("Sending", buf, off, len); + m_transport.Send(buf, off, len); + } + + public virtual void Close() + { + m_transport.Close(); + } + + private void DumpDatagram(string verb, byte[] buf, int off, int len) + { + long timestamp = DateTimeUtilities.CurrentUnixMs() - m_launchTimestamp; + StringBuilder sb = new StringBuilder("(+" + timestamp + "ms) " + verb + " " + len + " byte datagram:"); + for (int pos = 0; pos < len; ++pos) + { + if (pos % 16 == 0) + { + sb.Append(Environment.NewLine); + sb.Append(" "); + } + else if (pos % 16 == 8) + { + sb.Append('-'); + } + else + { + sb.Append(' '); + } + int val = buf[off + pos] & 0xFF; + sb.Append(HEX_CHARS[val >> 4]); + sb.Append(HEX_CHARS[val & 0xF]); + } + Dump(sb.ToString()); + } + + private void Dump(string s) + { + lock (this) m_output.WriteLine(s); + } + } +} diff --git a/BouncyCastle/crypto/test/src/tls/test/MockDatagramAssociation.cs b/BouncyCastle/crypto/test/src/tls/test/MockDatagramAssociation.cs new file mode 100644 index 0000000..3e0c0f5 --- /dev/null +++ b/BouncyCastle/crypto/test/src/tls/test/MockDatagramAssociation.cs @@ -0,0 +1,107 @@ +using System; +using System.Collections; +using System.Threading; + +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Tls.Tests +{ + public class MockDatagramAssociation + { + private int m_mtu; + private MockDatagramTransport m_client, m_server; + + public MockDatagramAssociation(int mtu) + { + this.m_mtu = mtu; + + IList clientQueue = new ArrayList(); + IList serverQueue = new ArrayList(); + + this.m_client = new MockDatagramTransport(this, clientQueue, serverQueue); + this.m_server = new MockDatagramTransport(this, serverQueue, clientQueue); + } + + public virtual DatagramTransport Client + { + get { return m_client; } + } + + public virtual DatagramTransport Server + { + get { return m_server; } + } + + private class MockDatagramTransport + : DatagramTransport + { + private readonly MockDatagramAssociation m_outer; + private IList m_receiveQueue, m_sendQueue; + + internal MockDatagramTransport(MockDatagramAssociation outer, IList receiveQueue, IList sendQueue) + { + this.m_outer = outer; + this.m_receiveQueue = receiveQueue; + this.m_sendQueue = sendQueue; + } + + public virtual int GetReceiveLimit() + { + return m_outer.m_mtu; + } + + public virtual int GetSendLimit() + { + return m_outer.m_mtu; + } + + public virtual int Receive(byte[] buf, int off, int len, int waitMillis) + { + lock (m_receiveQueue) + { + if (m_receiveQueue.Count < 1) + { + try + { + Monitor.Wait(m_receiveQueue, waitMillis); + } + catch (ThreadInterruptedException) + { + // TODO Keep waiting until full wait expired? + } + + if (m_receiveQueue.Count < 1) + return -1; + } + + byte[] packet = (byte[])m_receiveQueue[0]; + m_receiveQueue.RemoveAt(0); + int copyLength = System.Math.Min(len, packet.Length); + Array.Copy(packet, 0, buf, off, copyLength); + return copyLength; + } + } + + public virtual void Send(byte[] buf, int off, int len) + { + if (len > m_outer.m_mtu) + { + // TODO Simulate rejection? + } + + byte[] packet = Arrays.CopyOfRange(buf, off, off + len); + + lock (m_sendQueue) + { + m_sendQueue.Add(packet); + Monitor.PulseAll(m_sendQueue); + } + } + + public virtual void Close() + { + // TODO? + } + } + } +} diff --git a/BouncyCastle/crypto/test/src/tls/test/MockDtlsClient.cs b/BouncyCastle/crypto/test/src/tls/test/MockDtlsClient.cs new file mode 100644 index 0000000..5aa1ebb --- /dev/null +++ b/BouncyCastle/crypto/test/src/tls/test/MockDtlsClient.cs @@ -0,0 +1,170 @@ +using System; +using System.IO; + +using Org.BouncyCastle.Asn1.X509; +using Org.BouncyCastle.Tls.Crypto; +using Org.BouncyCastle.Tls.Crypto.Impl.BC; +using Org.BouncyCastle.Security; +using Org.BouncyCastle.Utilities; +using Org.BouncyCastle.Utilities.Encoders; + +namespace Org.BouncyCastle.Tls.Tests +{ + internal class MockDtlsClient + : DefaultTlsClient + { + internal TlsSession m_session; + + internal MockDtlsClient(TlsSession session) + : base(new BcTlsCrypto(new SecureRandom())) + { + this.m_session = session; + } + + public override TlsSession GetSessionToResume() + { + return this.m_session; + } + + public override void NotifyAlertRaised(short alertLevel, short alertDescription, string message, + Exception cause) + { + TextWriter output = (alertLevel == AlertLevel.fatal) ? Console.Error : Console.Out; + output.WriteLine("DTLS client raised alert: " + AlertLevel.GetText(alertLevel) + + ", " + AlertDescription.GetText(alertDescription)); + if (message != null) + { + output.WriteLine("> " + message); + } + if (cause != null) + { + output.WriteLine(cause); + } + } + + public override void NotifyAlertReceived(short alertLevel, short alertDescription) + { + TextWriter output = (alertLevel == AlertLevel.fatal) ? Console.Error : Console.Out; + output.WriteLine("DTLS client received alert: " + AlertLevel.GetText(alertLevel) + + ", " + AlertDescription.GetText(alertDescription)); + } + + public override void NotifyServerVersion(ProtocolVersion serverVersion) + { + base.NotifyServerVersion(serverVersion); + + Console.WriteLine("DTLS client negotiated " + serverVersion); + } + + public override TlsAuthentication GetAuthentication() + { + return new MyTlsAuthentication(m_context); + } + + public override void NotifyHandshakeComplete() + { + base.NotifyHandshakeComplete(); + + ProtocolName protocolName = m_context.SecurityParameters.ApplicationProtocol; + if (protocolName != null) + { + Console.WriteLine("Client ALPN: " + protocolName.GetUtf8Decoding()); + } + + TlsSession newSession = m_context.Session; + if (newSession != null) + { + if (newSession.IsResumable) + { + byte[] newSessionID = newSession.SessionID; + string hex = ToHexString(newSessionID); + + if (m_session != null && Arrays.AreEqual(m_session.SessionID, newSessionID)) + { + Console.WriteLine("Client resumed session: " + hex); + } + else + { + Console.WriteLine("Client established session: " + hex); + } + + this.m_session = newSession; + } + + byte[] tlsServerEndPoint = m_context.ExportChannelBinding(ChannelBinding.tls_server_end_point); + if (null != tlsServerEndPoint) + { + Console.WriteLine("Client 'tls-server-end-point': " + ToHexString(tlsServerEndPoint)); + } + + byte[] tlsUnique = m_context.ExportChannelBinding(ChannelBinding.tls_unique); + Console.WriteLine("Client 'tls-unique': " + ToHexString(tlsUnique)); + } + } + + protected virtual string ToHexString(byte[] data) + { + return data == null ? "(null)" : Hex.ToHexString(data); + } + + protected override ProtocolVersion[] GetSupportedVersions() + { + return ProtocolVersion.DTLSv12.DownTo(ProtocolVersion.DTLSv10); + } + + internal class MyTlsAuthentication + : TlsAuthentication + { + private readonly TlsContext m_context; + + internal MyTlsAuthentication(TlsContext context) + { + this.m_context = context; + } + + public void NotifyServerCertificate(TlsServerCertificate serverCertificate) + { + TlsCertificate[] chain = serverCertificate.Certificate.GetCertificateList(); + + Console.WriteLine("DTLS client received server certificate chain of length " + chain.Length); + for (int i = 0; i != chain.Length; i++) + { + X509CertificateStructure entry = X509CertificateStructure.GetInstance(chain[i].GetEncoded()); + // TODO Create fingerprint based on certificate signature algorithm digest + Console.WriteLine(" fingerprint:SHA-256 " + TlsTestUtilities.Fingerprint(entry) + " (" + + entry.Subject + ")"); + } + + bool isEmpty = serverCertificate == null || serverCertificate.Certificate == null + || serverCertificate.Certificate.IsEmpty; + + if (isEmpty) + throw new TlsFatalAlert(AlertDescription.bad_certificate); + + string[] trustedCertResources = new String[]{ "x509-server-dsa.pem", "x509-server-ecdh.pem", + "x509-server-ecdsa.pem", "x509-server-ed25519.pem", "x509-server-ed448.pem", + "x509-server-rsa_pss_256.pem", "x509-server-rsa_pss_384.pem", "x509-server-rsa_pss_512.pem", + "x509-server-rsa-enc.pem", "x509-server-rsa-sign.pem" }; + + TlsCertificate[] certPath = TlsTestUtilities.GetTrustedCertPath(m_context.Crypto, chain[0], + trustedCertResources); + + if (null == certPath) + throw new TlsFatalAlert(AlertDescription.bad_certificate); + + TlsUtilities.CheckPeerSigAlgs(m_context, certPath); + } + + public TlsCredentials GetClientCredentials(CertificateRequest certificateRequest) + { + short[] certificateTypes = certificateRequest.CertificateTypes; + if (certificateTypes == null || !Arrays.Contains(certificateTypes, ClientCertificateType.rsa_sign)) + return null; + + return TlsTestUtilities.LoadSignerCredentials(m_context, + certificateRequest.SupportedSignatureAlgorithms, SignatureAlgorithm.rsa, "x509-client-rsa.pem", + "x509-client-key-rsa.pem"); + } + } + } +} diff --git a/BouncyCastle/crypto/test/src/tls/test/MockDtlsServer.cs b/BouncyCastle/crypto/test/src/tls/test/MockDtlsServer.cs new file mode 100644 index 0000000..18e5362 --- /dev/null +++ b/BouncyCastle/crypto/test/src/tls/test/MockDtlsServer.cs @@ -0,0 +1,146 @@ +using System; +using System.Collections; +using System.IO; + +using Org.BouncyCastle.Asn1.X509; +using Org.BouncyCastle.Tls.Crypto; +using Org.BouncyCastle.Tls.Crypto.Impl.BC; +using Org.BouncyCastle.Security; +using Org.BouncyCastle.Utilities.Encoders; + +namespace Org.BouncyCastle.Tls.Tests +{ + internal class MockDtlsServer + : DefaultTlsServer + { + internal MockDtlsServer() + : base(new BcTlsCrypto(new SecureRandom())) + { + } + + public override void NotifyAlertRaised(short alertLevel, short alertDescription, string message, + Exception cause) + { + TextWriter output = (alertLevel == AlertLevel.fatal) ? Console.Error : Console.Out; + output.WriteLine("DTLS server raised alert: " + AlertLevel.GetText(alertLevel) + + ", " + AlertDescription.GetText(alertDescription)); + if (message != null) + { + output.WriteLine("> " + message); + } + if (cause != null) + { + output.WriteLine(cause); + } + } + + public override void NotifyAlertReceived(short alertLevel, short alertDescription) + { + TextWriter output = (alertLevel == AlertLevel.fatal) ? Console.Error : Console.Out; + output.WriteLine("DTLS server received alert: " + AlertLevel.GetText(alertLevel) + + ", " + AlertDescription.GetText(alertDescription)); + } + + public override ProtocolVersion GetServerVersion() + { + ProtocolVersion serverVersion = base.GetServerVersion(); + + Console.WriteLine("DTLS server negotiated " + serverVersion); + + return serverVersion; + } + + public override CertificateRequest GetCertificateRequest() + { + short[] certificateTypes = new short[]{ ClientCertificateType.rsa_sign, + ClientCertificateType.dss_sign, ClientCertificateType.ecdsa_sign }; + + IList serverSigAlgs = null; + if (TlsUtilities.IsSignatureAlgorithmsExtensionAllowed(m_context.ServerVersion)) + { + serverSigAlgs = TlsUtilities.GetDefaultSupportedSignatureAlgorithms(m_context); + } + + IList certificateAuthorities = new ArrayList(); + //certificateAuthorities.Add(TlsTestUtilities.LoadBcCertificateResource("x509-ca-dsa.pem").Subject); + //certificateAuthorities.Add(TlsTestUtilities.LoadBcCertificateResource("x509-ca-ecdsa.pem").Subject); + //certificateAuthorities.Add(TlsTestUtilities.LoadBcCertificateResource("x509-ca-rsa.pem").Subject); + + // All the CA certificates are currently configured with this subject + certificateAuthorities.Add(new X509Name("CN=BouncyCastle TLS Test CA")); + + return new CertificateRequest(certificateTypes, serverSigAlgs, certificateAuthorities); + } + + public override void NotifyClientCertificate(Certificate clientCertificate) + { + TlsCertificate[] chain = clientCertificate.GetCertificateList(); + + Console.WriteLine("DTLS server received client certificate chain of length " + chain.Length); + for (int i = 0; i != chain.Length; i++) + { + X509CertificateStructure entry = X509CertificateStructure.GetInstance(chain[i].GetEncoded()); + // TODO Create fingerprint based on certificate signature algorithm digest + Console.WriteLine(" fingerprint:SHA-256 " + TlsTestUtilities.Fingerprint(entry) + " (" + + entry.Subject + ")"); + } + + bool isEmpty = (clientCertificate == null || clientCertificate.IsEmpty); + + if (isEmpty) + return; + + string[] trustedCertResources = new string[]{ "x509-client-dsa.pem", "x509-client-ecdh.pem", + "x509-client-ecdsa.pem", "x509-client-ed25519.pem", "x509-client-ed448.pem", + "x509-client-rsa_pss_256.pem", "x509-client-rsa_pss_384.pem", "x509-client-rsa_pss_512.pem", + "x509-client-rsa.pem" }; + + TlsCertificate[] certPath = TlsTestUtilities.GetTrustedCertPath(m_context.Crypto, chain[0], + trustedCertResources); + + if (null == certPath) + throw new TlsFatalAlert(AlertDescription.bad_certificate); + + TlsUtilities.CheckPeerSigAlgs(m_context, certPath); + } + + public override void NotifyHandshakeComplete() + { + base.NotifyHandshakeComplete(); + + ProtocolName protocolName = m_context.SecurityParameters.ApplicationProtocol; + if (protocolName != null) + { + Console.WriteLine("Server ALPN: " + protocolName.GetUtf8Decoding()); + } + + byte[] tlsServerEndPoint = m_context.ExportChannelBinding(ChannelBinding.tls_server_end_point); + Console.WriteLine("Server 'tls-server-end-point': " + ToHexString(tlsServerEndPoint)); + + byte[] tlsUnique = m_context.ExportChannelBinding(ChannelBinding.tls_unique); + Console.WriteLine("Server 'tls-unique': " + ToHexString(tlsUnique)); + } + + protected override TlsCredentialedDecryptor GetRsaEncryptionCredentials() + { + return TlsTestUtilities.LoadEncryptionCredentials(m_context, + new string[]{ "x509-server-rsa-enc.pem", "x509-ca-rsa.pem" }, "x509-server-key-rsa-enc.pem"); + } + + protected override TlsCredentialedSigner GetRsaSignerCredentials() + { + IList clientSigAlgs = m_context.SecurityParameters.ClientSigAlgs; + return TlsTestUtilities.LoadSignerCredentialsServer(m_context, clientSigAlgs, SignatureAlgorithm.rsa); + } + + protected virtual string ToHexString(byte[] data) + { + return data == null ? "(null)" : Hex.ToHexString(data); + } + + protected override ProtocolVersion[] GetSupportedVersions() + { + return ProtocolVersion.DTLSv12.DownTo(ProtocolVersion.DTLSv10); + } + } +} diff --git a/BouncyCastle/crypto/test/src/tls/test/MockPskDtlsClient.cs b/BouncyCastle/crypto/test/src/tls/test/MockPskDtlsClient.cs new file mode 100644 index 0000000..c83c9e7 --- /dev/null +++ b/BouncyCastle/crypto/test/src/tls/test/MockPskDtlsClient.cs @@ -0,0 +1,161 @@ +using System; +using System.IO; + +using Org.BouncyCastle.Asn1.X509; +using Org.BouncyCastle.Tls.Crypto; +using Org.BouncyCastle.Tls.Crypto.Impl.BC; +using Org.BouncyCastle.Security; +using Org.BouncyCastle.Utilities; +using Org.BouncyCastle.Utilities.Encoders; + +namespace Org.BouncyCastle.Tls.Tests +{ + internal class MockPskDtlsClient + : PskTlsClient + { + internal TlsSession m_session; + + internal MockPskDtlsClient(TlsSession session) + : this(session, new BasicTlsPskIdentity("client", Strings.ToUtf8ByteArray("TLS_TEST_PSK"))) + { + } + + internal MockPskDtlsClient(TlsSession session, TlsPskIdentity pskIdentity) + : base(new BcTlsCrypto(new SecureRandom()), pskIdentity) + { + this.m_session = session; + } + + public override TlsSession GetSessionToResume() + { + return m_session; + } + + public override void NotifyAlertRaised(short alertLevel, short alertDescription, string message, + Exception cause) + { + TextWriter output = (alertLevel == AlertLevel.fatal) ? Console.Error : Console.Out; + output.WriteLine("DTLS-PSK client raised alert: " + AlertLevel.GetText(alertLevel) + + ", " + AlertDescription.GetText(alertDescription)); + if (message != null) + { + output.WriteLine("> " + message); + } + if (cause != null) + { + output.WriteLine(cause); + } + } + + public override void NotifyAlertReceived(short alertLevel, short alertDescription) + { + TextWriter output = (alertLevel == AlertLevel.fatal) ? Console.Error : Console.Out; + output.WriteLine("DTLS-PSK client received alert: " + AlertLevel.GetText(alertLevel) + + ", " + AlertDescription.GetText(alertDescription)); + } + + public override void NotifyServerVersion(ProtocolVersion serverVersion) + { + base.NotifyServerVersion(serverVersion); + + Console.WriteLine("DTLS-PSK client negotiated " + serverVersion); + } + + public override TlsAuthentication GetAuthentication() + { + return new MyTlsAuthentication(m_context); + } + + public override void NotifyHandshakeComplete() + { + base.NotifyHandshakeComplete(); + + ProtocolName protocolName = m_context.SecurityParameters.ApplicationProtocol; + if (protocolName != null) + { + Console.WriteLine("Client ALPN: " + protocolName.GetUtf8Decoding()); + } + + TlsSession newSession = m_context.Session; + if (newSession != null) + { + if (newSession.IsResumable) + { + byte[] newSessionID = newSession.SessionID; + string hex = ToHexString(newSessionID); + + if (m_session != null && Arrays.AreEqual(m_session.SessionID, newSessionID)) + { + Console.WriteLine("Client resumed session: " + hex); + } + else + { + Console.WriteLine("Client established session: " + hex); + } + + this.m_session = newSession; + } + + byte[] tlsServerEndPoint = m_context.ExportChannelBinding(ChannelBinding.tls_server_end_point); + if (null != tlsServerEndPoint) + { + Console.WriteLine("Client 'tls-server-end-point': " + ToHexString(tlsServerEndPoint)); + } + + byte[] tlsUnique = m_context.ExportChannelBinding(ChannelBinding.tls_unique); + Console.WriteLine("Client 'tls-unique': " + ToHexString(tlsUnique)); + } + } + + protected virtual string ToHexString(byte[] data) + { + return data == null ? "(null)" : Hex.ToHexString(data); + } + + protected override ProtocolVersion[] GetSupportedVersions() + { + return ProtocolVersion.DTLSv12.Only(); + } + + internal class MyTlsAuthentication + : ServerOnlyTlsAuthentication + { + private readonly TlsContext m_context; + + internal MyTlsAuthentication(TlsContext context) + { + this.m_context = context; + } + + public override void NotifyServerCertificate(TlsServerCertificate serverCertificate) + { + TlsCertificate[] chain = serverCertificate.Certificate.GetCertificateList(); + + Console.WriteLine("DTLS-PSK client received server certificate chain of length " + chain.Length); + for (int i = 0; i != chain.Length; i++) + { + X509CertificateStructure entry = X509CertificateStructure.GetInstance(chain[i].GetEncoded()); + // TODO Create fingerprint based on certificate signature algorithm digest + Console.WriteLine(" fingerprint:SHA-256 " + TlsTestUtilities.Fingerprint(entry) + " (" + + entry.Subject + ")"); + } + + bool isEmpty = serverCertificate == null || serverCertificate.Certificate == null + || serverCertificate.Certificate.IsEmpty; + + if (isEmpty) + throw new TlsFatalAlert(AlertDescription.bad_certificate); + + string[] trustedCertResources = new string[] { "x509-server-rsa-enc.pem" }; + + TlsCertificate[] certPath = TlsTestUtilities.GetTrustedCertPath(m_context.Crypto, chain[0], + trustedCertResources); + + if (null == certPath) + throw new TlsFatalAlert(AlertDescription.bad_certificate); + + TlsUtilities.CheckPeerSigAlgs(m_context, certPath); + } + } + } +} diff --git a/BouncyCastle/crypto/test/src/tls/test/MockPskDtlsServer.cs b/BouncyCastle/crypto/test/src/tls/test/MockPskDtlsServer.cs new file mode 100644 index 0000000..bb08453 --- /dev/null +++ b/BouncyCastle/crypto/test/src/tls/test/MockPskDtlsServer.cs @@ -0,0 +1,113 @@ +using System; +using System.IO; + +using Org.BouncyCastle.Tls.Crypto.Impl.BC; +using Org.BouncyCastle.Security; +using Org.BouncyCastle.Utilities; +using Org.BouncyCastle.Utilities.Encoders; + +namespace Org.BouncyCastle.Tls.Tests +{ + internal class MockPskDtlsServer + : PskTlsServer + { + internal MockPskDtlsServer() + : base(new BcTlsCrypto(new SecureRandom()), new MyIdentityManager()) + { + } + + public override void NotifyAlertRaised(short alertLevel, short alertDescription, string message, + Exception cause) + { + TextWriter output = (alertLevel == AlertLevel.fatal) ? Console.Error : Console.Out; + output.WriteLine("DTLS-PSK server raised alert: " + AlertLevel.GetText(alertLevel) + + ", " + AlertDescription.GetText(alertDescription)); + if (message != null) + { + output.WriteLine("> " + message); + } + if (cause != null) + { + output.WriteLine(cause); + } + } + + public override void NotifyAlertReceived(short alertLevel, short alertDescription) + { + TextWriter output = (alertLevel == AlertLevel.fatal) ? Console.Error : Console.Out; + output.WriteLine("DTLS-PSK server received alert: " + AlertLevel.GetText(alertLevel) + + ", " + AlertDescription.GetText(alertDescription)); + } + + public override ProtocolVersion GetServerVersion() + { + ProtocolVersion serverVersion = base.GetServerVersion(); + + Console.WriteLine("DTLS-PSK server negotiated " + serverVersion); + + return serverVersion; + } + + public override void NotifyHandshakeComplete() + { + base.NotifyHandshakeComplete(); + + ProtocolName protocolName = m_context.SecurityParameters.ApplicationProtocol; + if (protocolName != null) + { + Console.WriteLine("Server ALPN: " + protocolName.GetUtf8Decoding()); + } + + byte[] tlsServerEndPoint = m_context.ExportChannelBinding(ChannelBinding.tls_server_end_point); + Console.WriteLine("Server 'tls-server-end-point': " + ToHexString(tlsServerEndPoint)); + + byte[] tlsUnique = m_context.ExportChannelBinding(ChannelBinding.tls_unique); + Console.WriteLine("Server 'tls-unique': " + ToHexString(tlsUnique)); + + byte[] pskIdentity = m_context.SecurityParameters.PskIdentity; + if (pskIdentity != null) + { + string name = Strings.FromUtf8ByteArray(pskIdentity); + Console.WriteLine("DTLS-PSK server completed handshake for PSK identity: " + name); + } + } + + protected override TlsCredentialedDecryptor GetRsaEncryptionCredentials() + { + return TlsTestUtilities.LoadEncryptionCredentials(m_context, + new string[] { "x509-server-rsa-enc.pem", "x509-ca-rsa.pem" }, "x509-server-key-rsa-enc.pem"); + } + + protected virtual string ToHexString(byte[] data) + { + return data == null ? "(null)" : Hex.ToHexString(data); + } + + protected override ProtocolVersion[] GetSupportedVersions() + { + return ProtocolVersion.DTLSv12.Only(); + } + + internal class MyIdentityManager + : TlsPskIdentityManager + { + public byte[] GetHint() + { + return Strings.ToUtf8ByteArray("hint"); + } + + public byte[] GetPsk(byte[] identity) + { + if (identity != null) + { + string name = Strings.FromUtf8ByteArray(identity); + if (name.Equals("client")) + { + return Strings.ToUtf8ByteArray("TLS_TEST_PSK"); + } + } + return null; + } + } + } +} diff --git a/BouncyCastle/crypto/test/src/tls/test/MockPskTls13Client.cs b/BouncyCastle/crypto/test/src/tls/test/MockPskTls13Client.cs new file mode 100644 index 0000000..d8be1fd --- /dev/null +++ b/BouncyCastle/crypto/test/src/tls/test/MockPskTls13Client.cs @@ -0,0 +1,110 @@ +using System; +using System.Collections; +using System.IO; + +using Org.BouncyCastle.Tls.Crypto; +using Org.BouncyCastle.Tls.Crypto.Impl.BC; +using Org.BouncyCastle.Security; +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Tls.Tests +{ + internal class MockPskTls13Client + : AbstractTlsClient + { + internal MockPskTls13Client() + : base(new BcTlsCrypto(new SecureRandom())) + { + } + + //public override IList GetEarlyKeyShareGroups() + //{ + // return TlsUtilities.VectorOfOne(NamedGroup.secp256r1); + // //return null; + //} + + //public override short[] GetPskKeyExchangeModes() + //{ + // return new short[] { PskKeyExchangeMode.psk_dhe_ke, PskKeyExchangeMode.psk_ke }; + //} + + protected override IList GetProtocolNames() + { + IList protocolNames = new ArrayList(); + protocolNames.Add(ProtocolName.Http_1_1); + protocolNames.Add(ProtocolName.Http_2_Tls); + return protocolNames; + } + + protected override int[] GetSupportedCipherSuites() + { + return TlsUtilities.GetSupportedCipherSuites(Crypto, new int[] { CipherSuite.TLS_AES_128_GCM_SHA256 }); + } + + protected override ProtocolVersion[] GetSupportedVersions() + { + return ProtocolVersion.TLSv13.Only(); + } + + public override IList GetExternalPsks() + { + byte[] identity = Strings.ToUtf8ByteArray("client"); + TlsSecret key = Crypto.CreateSecret(Strings.ToUtf8ByteArray("TLS_TEST_PSK")); + int prfAlgorithm = PrfAlgorithm.tls13_hkdf_sha256; + + return TlsUtilities.VectorOfOne(new BasicTlsPskExternal(identity, key, prfAlgorithm)); + } + + public override void NotifyAlertRaised(short alertLevel, short alertDescription, string message, + Exception cause) + { + TextWriter output = (alertLevel == AlertLevel.fatal) ? Console.Error : Console.Out; + output.WriteLine("TLS 1.3 PSK client raised alert: " + AlertLevel.GetText(alertLevel) + + ", " + AlertDescription.GetText(alertDescription)); + if (message != null) + { + output.WriteLine("> " + message); + } + if (cause != null) + { + output.WriteLine(cause); + } + } + + public override void NotifyAlertReceived(short alertLevel, short alertDescription) + { + TextWriter output = (alertLevel == AlertLevel.fatal) ? Console.Error : Console.Out; + output.WriteLine("TLS 1.3 PSK client received alert: " + AlertLevel.GetText(alertLevel) + + ", " + AlertDescription.GetText(alertDescription)); + } + + public override void NotifySelectedPsk(TlsPsk selectedPsk) + { + if (null == selectedPsk) + throw new TlsFatalAlert(AlertDescription.handshake_failure); + } + + public override void NotifyServerVersion(ProtocolVersion serverVersion) + { + base.NotifyServerVersion(serverVersion); + + Console.WriteLine("TLS 1.3 PSK client negotiated " + serverVersion); + } + + public override TlsAuthentication GetAuthentication() + { + throw new TlsFatalAlert(AlertDescription.internal_error); + } + + public override void NotifyHandshakeComplete() + { + base.NotifyHandshakeComplete(); + + ProtocolName protocolName = m_context.SecurityParameters.ApplicationProtocol; + if (protocolName != null) + { + Console.WriteLine("Client ALPN: " + protocolName.GetUtf8Decoding()); + } + } + } +} diff --git a/BouncyCastle/crypto/test/src/tls/test/MockPskTls13Server.cs b/BouncyCastle/crypto/test/src/tls/test/MockPskTls13Server.cs new file mode 100644 index 0000000..d1ea69b --- /dev/null +++ b/BouncyCastle/crypto/test/src/tls/test/MockPskTls13Server.cs @@ -0,0 +1,108 @@ +using System; +using System.Collections; +using System.IO; + +using Org.BouncyCastle.Tls.Crypto; +using Org.BouncyCastle.Tls.Crypto.Impl.BC; +using Org.BouncyCastle.Security; +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Tls.Tests +{ + internal class MockPskTls13Server + : AbstractTlsServer + { + internal MockPskTls13Server() + : base(new BcTlsCrypto(new SecureRandom())) + { + } + + public override TlsCredentials GetCredentials() + { + return null; + } + + protected override IList GetProtocolNames() + { + IList protocolNames = new ArrayList(); + protocolNames.Add(ProtocolName.Http_2_Tls); + protocolNames.Add(ProtocolName.Http_1_1); + return protocolNames; + } + + protected override int[] GetSupportedCipherSuites() + { + return TlsUtilities.GetSupportedCipherSuites(Crypto, + new int[] { CipherSuite.TLS_AES_128_CCM_8_SHA256, CipherSuite.TLS_AES_128_CCM_SHA256, + CipherSuite.TLS_AES_128_GCM_SHA256, CipherSuite.TLS_CHACHA20_POLY1305_SHA256 }); + } + + protected override ProtocolVersion[] GetSupportedVersions() + { + return ProtocolVersion.TLSv13.Only(); + } + + public override ProtocolVersion GetServerVersion() + { + ProtocolVersion serverVersion = base.GetServerVersion(); + + Console.WriteLine("TLS 1.3 PSK server negotiated " + serverVersion); + + return serverVersion; + } + + public override TlsPskExternal GetExternalPsk(IList identities) + { + byte[] identity = Strings.ToUtf8ByteArray("client"); + long obfuscatedTicketAge = 0L; + + PskIdentity matchIdentity = new PskIdentity(identity, obfuscatedTicketAge); + + for (int i = 0, count = identities.Count; i < count; ++i) + { + if (matchIdentity.Equals(identities[i])) + { + TlsSecret key = Crypto.CreateSecret(Strings.ToUtf8ByteArray("TLS_TEST_PSK")); + int prfAlgorithm = PrfAlgorithm.tls13_hkdf_sha256; + + return new BasicTlsPskExternal(identity, key, prfAlgorithm); + } + } + return null; + } + + public override void NotifyAlertRaised(short alertLevel, short alertDescription, string message, + Exception cause) + { + TextWriter output = (alertLevel == AlertLevel.fatal) ? Console.Error : Console.Out; + output.WriteLine("TLS 1.3 PSK server raised alert: " + AlertLevel.GetText(alertLevel) + + ", " + AlertDescription.GetText(alertDescription)); + if (message != null) + { + output.WriteLine("> " + message); + } + if (cause != null) + { + output.WriteLine(cause); + } + } + + public override void NotifyAlertReceived(short alertLevel, short alertDescription) + { + TextWriter output = (alertLevel == AlertLevel.fatal) ? Console.Error : Console.Out; + output.WriteLine("TLS 1.3 PSK server received alert: " + AlertLevel.GetText(alertLevel) + + ", " + AlertDescription.GetText(alertDescription)); + } + + public override void NotifyHandshakeComplete() + { + base.NotifyHandshakeComplete(); + + ProtocolName protocolName = m_context.SecurityParameters.ApplicationProtocol; + if (protocolName != null) + { + Console.WriteLine("Server ALPN: " + protocolName.GetUtf8Decoding()); + } + } + } +} diff --git a/BouncyCastle/crypto/test/src/tls/test/MockPskTlsClient.cs b/BouncyCastle/crypto/test/src/tls/test/MockPskTlsClient.cs new file mode 100644 index 0000000..4677426 --- /dev/null +++ b/BouncyCastle/crypto/test/src/tls/test/MockPskTlsClient.cs @@ -0,0 +1,186 @@ +using System; +using System.Collections; +using System.IO; + +using Org.BouncyCastle.Asn1.X509; +using Org.BouncyCastle.Tls.Crypto; +using Org.BouncyCastle.Tls.Crypto.Impl.BC; +using Org.BouncyCastle.Security; +using Org.BouncyCastle.Utilities; +using Org.BouncyCastle.Utilities.Encoders; + +namespace Org.BouncyCastle.Tls.Tests +{ + internal class MockPskTlsClient + : PskTlsClient + { + internal TlsSession m_session; + + internal MockPskTlsClient(TlsSession session) + : this(session, new BasicTlsPskIdentity("client", Strings.ToUtf8ByteArray("TLS_TEST_PSK"))) + { + } + + internal MockPskTlsClient(TlsSession session, TlsPskIdentity pskIdentity) + : base(new BcTlsCrypto(new SecureRandom()), pskIdentity) + { + this.m_session = session; + } + + protected override IList GetProtocolNames() + { + IList protocolNames = new ArrayList(); + protocolNames.Add(ProtocolName.Http_1_1); + protocolNames.Add(ProtocolName.Http_2_Tls); + return protocolNames; + } + + public override TlsSession GetSessionToResume() + { + return m_session; + } + + public override void NotifyAlertRaised(short alertLevel, short alertDescription, string message, + Exception cause) + { + TextWriter output = (alertLevel == AlertLevel.fatal) ? Console.Error : Console.Out; + output.WriteLine("TLS-PSK client raised alert: " + AlertLevel.GetText(alertLevel) + + ", " + AlertDescription.GetText(alertDescription)); + if (message != null) + { + output.WriteLine("> " + message); + } + if (cause != null) + { + output.WriteLine(cause); + } + } + + public override void NotifyAlertReceived(short alertLevel, short alertDescription) + { + TextWriter output = (alertLevel == AlertLevel.fatal) ? Console.Error : Console.Out; + output.WriteLine("TLS-PSK client received alert: " + AlertLevel.GetText(alertLevel) + + ", " + AlertDescription.GetText(alertDescription)); + } + + public override IDictionary GetClientExtensions() + { + IDictionary clientExtensions = TlsExtensionsUtilities.EnsureExtensionsInitialised( + base.GetClientExtensions()); + + { + /* + * NOTE: If you are copying test code, do not blindly set these extensions in your own client. + */ + TlsExtensionsUtilities.AddMaxFragmentLengthExtension(clientExtensions, MaxFragmentLength.pow2_9); + TlsExtensionsUtilities.AddPaddingExtension(clientExtensions, m_context.Crypto.SecureRandom.Next(16)); + TlsExtensionsUtilities.AddTruncatedHmacExtension(clientExtensions); + } + return clientExtensions; + } + + public override void NotifyServerVersion(ProtocolVersion serverVersion) + { + base.NotifyServerVersion(serverVersion); + + Console.WriteLine("TLS-PSK client negotiated " + serverVersion); + } + + public override TlsAuthentication GetAuthentication() + { + return new MyTlsAuthentication(m_context); + } + + public override void NotifyHandshakeComplete() + { + base.NotifyHandshakeComplete(); + + ProtocolName protocolName = m_context.SecurityParameters.ApplicationProtocol; + if (protocolName != null) + { + Console.WriteLine("Client ALPN: " + protocolName.GetUtf8Decoding()); + } + + TlsSession newSession = m_context.Session; + if (newSession != null) + { + if (newSession.IsResumable) + { + byte[] newSessionID = newSession.SessionID; + string hex = ToHexString(newSessionID); + + if (m_session != null && Arrays.AreEqual(m_session.SessionID, newSessionID)) + { + Console.WriteLine("Client resumed session: " + hex); + } + else + { + Console.WriteLine("Client established session: " + hex); + } + + this.m_session = newSession; + } + + byte[] tlsServerEndPoint = m_context.ExportChannelBinding(ChannelBinding.tls_server_end_point); + if (null != tlsServerEndPoint) + { + Console.WriteLine("Client 'tls-server-end-point': " + ToHexString(tlsServerEndPoint)); + } + + byte[] tlsUnique = m_context.ExportChannelBinding(ChannelBinding.tls_unique); + Console.WriteLine("Client 'tls-unique': " + ToHexString(tlsUnique)); + } + } + + protected virtual string ToHexString(byte[] data) + { + return data == null ? "(null)" : Hex.ToHexString(data); + } + + protected override ProtocolVersion[] GetSupportedVersions() + { + return ProtocolVersion.TLSv12.Only(); + } + + internal class MyTlsAuthentication + : ServerOnlyTlsAuthentication + { + private readonly TlsContext m_context; + + internal MyTlsAuthentication(TlsContext context) + { + this.m_context = context; + } + + public override void NotifyServerCertificate(TlsServerCertificate serverCertificate) + { + TlsCertificate[] chain = serverCertificate.Certificate.GetCertificateList(); + + Console.WriteLine("TLS-PSK client received server certificate chain of length " + chain.Length); + for (int i = 0; i != chain.Length; i++) + { + X509CertificateStructure entry = X509CertificateStructure.GetInstance(chain[i].GetEncoded()); + // TODO Create fingerprint based on certificate signature algorithm digest + Console.WriteLine(" fingerprint:SHA-256 " + TlsTestUtilities.Fingerprint(entry) + " (" + + entry.Subject + ")"); + } + + bool isEmpty = serverCertificate == null || serverCertificate.Certificate == null + || serverCertificate.Certificate.IsEmpty; + + if (isEmpty) + throw new TlsFatalAlert(AlertDescription.bad_certificate); + + string[] trustedCertResources = new string[] { "x509-server-rsa-enc.pem" }; + + TlsCertificate[] certPath = TlsTestUtilities.GetTrustedCertPath(m_context.Crypto, chain[0], + trustedCertResources); + + if (null == certPath) + throw new TlsFatalAlert(AlertDescription.bad_certificate); + + TlsUtilities.CheckPeerSigAlgs(m_context, certPath); + } + }; + } +} diff --git a/BouncyCastle/crypto/test/src/tls/test/MockPskTlsServer.cs b/BouncyCastle/crypto/test/src/tls/test/MockPskTlsServer.cs new file mode 100644 index 0000000..743073b --- /dev/null +++ b/BouncyCastle/crypto/test/src/tls/test/MockPskTlsServer.cs @@ -0,0 +1,122 @@ +using System; +using System.Collections; +using System.IO; + +using Org.BouncyCastle.Tls.Crypto.Impl.BC; +using Org.BouncyCastle.Security; +using Org.BouncyCastle.Utilities; +using Org.BouncyCastle.Utilities.Encoders; + +namespace Org.BouncyCastle.Tls.Tests +{ + internal class MockPskTlsServer + : PskTlsServer + { + internal MockPskTlsServer() + : base(new BcTlsCrypto(new SecureRandom()), new MyIdentityManager()) + { + } + + protected override IList GetProtocolNames() + { + IList protocolNames = new ArrayList(); + protocolNames.Add(ProtocolName.Http_2_Tls); + protocolNames.Add(ProtocolName.Http_1_1); + return protocolNames; + } + + public override void NotifyAlertRaised(short alertLevel, short alertDescription, string message, + Exception cause) + { + TextWriter output = (alertLevel == AlertLevel.fatal) ? Console.Error : Console.Out; + output.WriteLine("TLS-PSK server raised alert: " + AlertLevel.GetText(alertLevel) + + ", " + AlertDescription.GetText(alertDescription)); + if (message != null) + { + output.WriteLine("> " + message); + } + if (cause != null) + { + output.WriteLine(cause); + } + } + + public override void NotifyAlertReceived(short alertLevel, short alertDescription) + { + TextWriter output = (alertLevel == AlertLevel.fatal) ? Console.Error : Console.Out; + output.WriteLine("TLS-PSK server received alert: " + AlertLevel.GetText(alertLevel) + + ", " + AlertDescription.GetText(alertDescription)); + } + + public override ProtocolVersion GetServerVersion() + { + ProtocolVersion serverVersion = base.GetServerVersion(); + + Console.WriteLine("TLS-PSK server negotiated " + serverVersion); + + return serverVersion; + } + + public override void NotifyHandshakeComplete() + { + base.NotifyHandshakeComplete(); + + ProtocolName protocolName = m_context.SecurityParameters.ApplicationProtocol; + if (protocolName != null) + { + Console.WriteLine("Server ALPN: " + protocolName.GetUtf8Decoding()); + } + + byte[] tlsServerEndPoint = m_context.ExportChannelBinding(ChannelBinding.tls_server_end_point); + Console.WriteLine("Server 'tls-server-end-point': " + ToHexString(tlsServerEndPoint)); + + byte[] tlsUnique = m_context.ExportChannelBinding(ChannelBinding.tls_unique); + Console.WriteLine("Server 'tls-unique': " + ToHexString(tlsUnique)); + + byte[] pskIdentity = m_context.SecurityParameters.PskIdentity; + if (pskIdentity != null) + { + string name = Strings.FromUtf8ByteArray(pskIdentity); + Console.WriteLine("TLS-PSK server completed handshake for PSK identity: " + name); + } + } + + protected override TlsCredentialedDecryptor GetRsaEncryptionCredentials() + { + return TlsTestUtilities.LoadEncryptionCredentials(m_context, + new string[] { "x509-server-rsa-enc.pem", "x509-ca-rsa.pem" }, "x509-server-key-rsa-enc.pem"); + } + + protected virtual string ToHexString(byte[] data) + { + return data == null ? "(null)" : Hex.ToHexString(data); + } + + protected override ProtocolVersion[] GetSupportedVersions() + { + return ProtocolVersion.TLSv12.Only(); + } + + internal class MyIdentityManager + : TlsPskIdentityManager + { + public byte[] GetHint() + { + return Strings.ToUtf8ByteArray("hint"); + } + + public byte[] GetPsk(byte[] identity) + { + if (identity != null) + { + string name = Strings.FromUtf8ByteArray(identity); + if (name.Equals("client")) + { + return Strings.ToUtf8ByteArray("TLS_TEST_PSK"); + } + } + return null; + } + } + } +} diff --git a/BouncyCastle/crypto/test/src/tls/test/MockSrpTlsClient.cs b/BouncyCastle/crypto/test/src/tls/test/MockSrpTlsClient.cs new file mode 100644 index 0000000..3d22328 --- /dev/null +++ b/BouncyCastle/crypto/test/src/tls/test/MockSrpTlsClient.cs @@ -0,0 +1,182 @@ +using System; +using System.Collections; +using System.IO; + +using Org.BouncyCastle.Asn1.X509; +using Org.BouncyCastle.Tls.Crypto; +using Org.BouncyCastle.Tls.Crypto.Impl.BC; +using Org.BouncyCastle.Security; +using Org.BouncyCastle.Utilities; +using Org.BouncyCastle.Utilities.Encoders; + +namespace Org.BouncyCastle.Tls.Tests +{ + internal class MockSrpTlsClient + : SrpTlsClient + { + internal TlsSession m_session; + + internal MockSrpTlsClient(TlsSession session, TlsSrpIdentity srpIdentity) + : base(new BcTlsCrypto(new SecureRandom()), srpIdentity) + { + this.m_session = session; + } + + protected override IList GetProtocolNames() + { + IList protocolNames = new ArrayList(); + protocolNames.Add(ProtocolName.Http_1_1); + protocolNames.Add(ProtocolName.Http_2_Tls); + return protocolNames; + } + + public override TlsSession GetSessionToResume() + { + return m_session; + } + + public override void NotifyAlertRaised(short alertLevel, short alertDescription, string message, + Exception cause) + { + TextWriter output = (alertLevel == AlertLevel.fatal) ? Console.Error : Console.Out; + output.WriteLine("TLS-SRP client raised alert: " + AlertLevel.GetText(alertLevel) + + ", " + AlertDescription.GetText(alertDescription)); + if (message != null) + { + output.WriteLine("> " + message); + } + if (cause != null) + { + output.WriteLine(cause); + } + } + + public override void NotifyAlertReceived(short alertLevel, short alertDescription) + { + TextWriter output = (alertLevel == AlertLevel.fatal) ? Console.Error : Console.Out; + output.WriteLine("TLS-SRP client received alert: " + AlertLevel.GetText(alertLevel) + + ", " + AlertDescription.GetText(alertDescription)); + } + + public override IDictionary GetClientExtensions() + { + IDictionary clientExtensions = TlsExtensionsUtilities.EnsureExtensionsInitialised( + base.GetClientExtensions()); + + { + /* + * NOTE: If you are copying test code, do not blindly set these extensions in your own client. + */ + TlsExtensionsUtilities.AddMaxFragmentLengthExtension(clientExtensions, MaxFragmentLength.pow2_9); + TlsExtensionsUtilities.AddPaddingExtension(clientExtensions, m_context.Crypto.SecureRandom.Next(16)); + TlsExtensionsUtilities.AddTruncatedHmacExtension(clientExtensions); + } + return clientExtensions; + } + + public override void NotifyServerVersion(ProtocolVersion serverVersion) + { + base.NotifyServerVersion(serverVersion); + + Console.WriteLine("TLS-SRP client negotiated " + serverVersion); + } + + public override TlsAuthentication GetAuthentication() + { + return new MyTlsAuthentication(m_context); + } + + public override void NotifyHandshakeComplete() + { + base.NotifyHandshakeComplete(); + + ProtocolName protocolName = m_context.SecurityParameters.ApplicationProtocol; + if (protocolName != null) + { + Console.WriteLine("Client ALPN: " + protocolName.GetUtf8Decoding()); + } + + TlsSession newSession = m_context.Session; + if (newSession != null) + { + if (newSession.IsResumable) + { + byte[] newSessionID = newSession.SessionID; + string hex = ToHexString(newSessionID); + + if (m_session != null && Arrays.AreEqual(m_session.SessionID, newSessionID)) + { + Console.WriteLine("Client resumed session: " + hex); + } + else + { + Console.WriteLine("Client established session: " + hex); + } + + this.m_session = newSession; + } + + byte[] tlsServerEndPoint = m_context.ExportChannelBinding(ChannelBinding.tls_server_end_point); + if (null != tlsServerEndPoint) + { + Console.WriteLine("Client 'tls-server-end-point': " + ToHexString(tlsServerEndPoint)); + } + + byte[] tlsUnique = m_context.ExportChannelBinding(ChannelBinding.tls_unique); + Console.WriteLine("Client 'tls-unique': " + ToHexString(tlsUnique)); + } + } + + protected virtual string ToHexString(byte[] data) + { + return data == null ? "(null)" : Hex.ToHexString(data); + } + + protected override ProtocolVersion[] GetSupportedVersions() + { + return ProtocolVersion.TLSv12.Only(); + } + + internal class MyTlsAuthentication + : ServerOnlyTlsAuthentication + { + private readonly TlsContext m_context; + + internal MyTlsAuthentication(TlsContext context) + { + this.m_context = context; + } + + public override void NotifyServerCertificate(TlsServerCertificate serverCertificate) + { + TlsCertificate[] chain = serverCertificate.Certificate.GetCertificateList(); + + Console.WriteLine("TLS-SRP client received server certificate chain of length " + chain.Length); + for (int i = 0; i != chain.Length; i++) + { + X509CertificateStructure entry = X509CertificateStructure.GetInstance(chain[i].GetEncoded()); + // TODO Create fingerprint based on certificate signature algorithm digest + Console.WriteLine(" fingerprint:SHA-256 " + TlsTestUtilities.Fingerprint(entry) + " (" + + entry.Subject + ")"); + } + + bool isEmpty = serverCertificate == null || serverCertificate.Certificate == null + || serverCertificate.Certificate.IsEmpty; + + if (isEmpty) + throw new TlsFatalAlert(AlertDescription.bad_certificate); + + string[] trustedCertResources = new string[] { "x509-server-dsa.pem", "x509-server-rsa_pss_256.pem", + "x509-server-rsa_pss_384.pem", "x509-server-rsa_pss_512.pem", "x509-server-rsa-sign.pem" }; + + TlsCertificate[] certPath = TlsTestUtilities.GetTrustedCertPath(m_context.Crypto, chain[0], + trustedCertResources); + + if (null == certPath) + throw new TlsFatalAlert(AlertDescription.bad_certificate); + + TlsUtilities.CheckPeerSigAlgs(m_context, certPath); + } + }; + } +} diff --git a/BouncyCastle/crypto/test/src/tls/test/MockSrpTlsServer.cs b/BouncyCastle/crypto/test/src/tls/test/MockSrpTlsServer.cs new file mode 100644 index 0000000..7259018 --- /dev/null +++ b/BouncyCastle/crypto/test/src/tls/test/MockSrpTlsServer.cs @@ -0,0 +1,143 @@ +using System; +using System.Collections; +using System.IO; + +using Org.BouncyCastle.Crypto.Agreement.Srp; +using Org.BouncyCastle.Crypto.Digests; +using Org.BouncyCastle.Math; +using Org.BouncyCastle.Security; +using Org.BouncyCastle.Tls.Crypto; +using Org.BouncyCastle.Tls.Crypto.Impl.BC; +using Org.BouncyCastle.Utilities; +using Org.BouncyCastle.Utilities.Encoders; + +namespace Org.BouncyCastle.Tls.Tests +{ + internal class MockSrpTlsServer + : SrpTlsServer + { + internal static readonly Srp6Group TEST_GROUP = Tls.Crypto.Srp6StandardGroups.rfc5054_1024; + internal static readonly byte[] TEST_IDENTITY = Strings.ToUtf8ByteArray("client"); + internal static readonly byte[] TEST_PASSWORD = Strings.ToUtf8ByteArray("password"); + internal static readonly TlsSrpIdentity TEST_SRP_IDENTITY = new BasicTlsSrpIdentity(TEST_IDENTITY, + TEST_PASSWORD); + internal static readonly byte[] TEST_SALT = Strings.ToUtf8ByteArray("salt"); + internal static readonly byte[] TEST_SEED_KEY = Strings.ToUtf8ByteArray("seed_key"); + + internal MockSrpTlsServer() + : base(new BcTlsCrypto(new SecureRandom()), new MyIdentityManager(new BcTlsCrypto(new SecureRandom()))) + { + } + + protected override IList GetProtocolNames() + { + IList protocolNames = new ArrayList(); + protocolNames.Add(ProtocolName.Http_2_Tls); + protocolNames.Add(ProtocolName.Http_1_1); + return protocolNames; + } + + public override void NotifyAlertRaised(short alertLevel, short alertDescription, string message, + Exception cause) + { + TextWriter output = (alertLevel == AlertLevel.fatal) ? Console.Error : Console.Out; + output.WriteLine("TLS-SRP server raised alert: " + AlertLevel.GetText(alertLevel) + + ", " + AlertDescription.GetText(alertDescription)); + if (message != null) + { + output.WriteLine("> " + message); + } + if (cause != null) + { + output.WriteLine(cause); + } + } + + public override void NotifyAlertReceived(short alertLevel, short alertDescription) + { + TextWriter output = (alertLevel == AlertLevel.fatal) ? Console.Error : Console.Out; + output.WriteLine("TLS-SRP server received alert: " + AlertLevel.GetText(alertLevel) + + ", " + AlertDescription.GetText(alertDescription)); + } + + public override ProtocolVersion GetServerVersion() + { + ProtocolVersion serverVersion = base.GetServerVersion(); + + Console.WriteLine("TLS-SRP server negotiated " + serverVersion); + + return serverVersion; + } + + public override void NotifyHandshakeComplete() + { + base.NotifyHandshakeComplete(); + + ProtocolName protocolName = m_context.SecurityParameters.ApplicationProtocol; + if (protocolName != null) + { + Console.WriteLine("Server ALPN: " + protocolName.GetUtf8Decoding()); + } + + byte[] tlsServerEndPoint = m_context.ExportChannelBinding(ChannelBinding.tls_server_end_point); + Console.WriteLine("Server 'tls-server-end-point': " + ToHexString(tlsServerEndPoint)); + + byte[] tlsUnique = m_context.ExportChannelBinding(ChannelBinding.tls_unique); + Console.WriteLine("Server 'tls-unique': " + ToHexString(tlsUnique)); + + byte[] srpIdentity = m_context.SecurityParameters.SrpIdentity; + if (srpIdentity != null) + { + string name = Strings.FromUtf8ByteArray(srpIdentity); + Console.WriteLine("TLS-SRP server completed handshake for SRP identity: " + name); + } + } + + protected override TlsCredentialedSigner GetDsaSignerCredentials() + { + IList clientSigAlgs = m_context.SecurityParameters.ClientSigAlgs; + return TlsTestUtilities.LoadSignerCredentialsServer(m_context, clientSigAlgs, SignatureAlgorithm.dsa); + } + + protected override TlsCredentialedSigner GetRsaSignerCredentials() + { + IList clientSigAlgs = m_context.SecurityParameters.ClientSigAlgs; + return TlsTestUtilities.LoadSignerCredentialsServer(m_context, clientSigAlgs, SignatureAlgorithm.rsa); + } + + protected virtual string ToHexString(byte[] data) + { + return data == null ? "(null)" : Hex.ToHexString(data); + } + + internal class MyIdentityManager + : TlsSrpIdentityManager + { + protected SimulatedTlsSrpIdentityManager m_unknownIdentityManager; + + internal MyIdentityManager(TlsCrypto crypto) + { + m_unknownIdentityManager = SimulatedTlsSrpIdentityManager.GetRfc5054Default(crypto, TEST_GROUP, + TEST_SEED_KEY); + } + + public TlsSrpLoginParameters GetLoginParameters(byte[] identity) + { + if (Arrays.ConstantTimeAreEqual(TEST_IDENTITY, identity)) + { + Srp6VerifierGenerator verifierGenerator = new Srp6VerifierGenerator(); + verifierGenerator.Init(TEST_GROUP.N, TEST_GROUP.G, new Sha1Digest()); + + BigInteger verifier = verifierGenerator.GenerateVerifier(TEST_SALT, identity, TEST_PASSWORD); + + TlsSrpConfig srpConfig = new TlsSrpConfig(); + srpConfig.SetExplicitNG(new BigInteger[]{ TEST_GROUP.N, TEST_GROUP.G }); + + return new TlsSrpLoginParameters(identity, srpConfig, verifier, TEST_SALT); + } + + return m_unknownIdentityManager.GetLoginParameters(identity); + } + } + } +} diff --git a/BouncyCastle/crypto/test/src/tls/test/MockTlsClient.cs b/BouncyCastle/crypto/test/src/tls/test/MockTlsClient.cs new file mode 100644 index 0000000..62b6995 --- /dev/null +++ b/BouncyCastle/crypto/test/src/tls/test/MockTlsClient.cs @@ -0,0 +1,190 @@ +using System; +using System.Collections; +using System.IO; + +using Org.BouncyCastle.Asn1.X509; +using Org.BouncyCastle.Tls.Crypto; +using Org.BouncyCastle.Tls.Crypto.Impl.BC; +using Org.BouncyCastle.Security; +using Org.BouncyCastle.Utilities; +using Org.BouncyCastle.Utilities.Encoders; + +namespace Org.BouncyCastle.Tls.Tests +{ + internal class MockTlsClient + : DefaultTlsClient + { + internal TlsSession m_session; + + internal MockTlsClient(TlsSession session) + : base(new BcTlsCrypto(new SecureRandom())) + { + this.m_session = session; + } + + protected override IList GetProtocolNames() + { + IList protocolNames = new ArrayList(); + protocolNames.Add(ProtocolName.Http_1_1); + protocolNames.Add(ProtocolName.Http_2_Tls); + return protocolNames; + } + + public override TlsSession GetSessionToResume() + { + return m_session; + } + + public override void NotifyAlertRaised(short alertLevel, short alertDescription, string message, + Exception cause) + { + TextWriter output = (alertLevel == AlertLevel.fatal) ? Console.Error : Console.Out; + output.WriteLine("TLS client raised alert: " + AlertLevel.GetText(alertLevel) + + ", " + AlertDescription.GetText(alertDescription)); + if (message != null) + { + output.WriteLine("> " + message); + } + if (cause != null) + { + output.WriteLine(cause); + } + } + + public override void NotifyAlertReceived(short alertLevel, short alertDescription) + { + TextWriter output = (alertLevel == AlertLevel.fatal) ? Console.Error : Console.Out; + output.WriteLine("TLS client received alert: " + AlertLevel.GetText(alertLevel) + + ", " + AlertDescription.GetText(alertDescription)); + } + + public override IDictionary GetClientExtensions() + { + IDictionary clientExtensions = TlsExtensionsUtilities.EnsureExtensionsInitialised( + base.GetClientExtensions()); + + { + /* + * NOTE: If you are copying test code, do not blindly set these extensions in your own client. + */ + TlsExtensionsUtilities.AddMaxFragmentLengthExtension(clientExtensions, MaxFragmentLength.pow2_9); + TlsExtensionsUtilities.AddPaddingExtension(clientExtensions, m_context.Crypto.SecureRandom.Next(16)); + TlsExtensionsUtilities.AddTruncatedHmacExtension(clientExtensions); + } + return clientExtensions; + } + + public override void NotifyServerVersion(ProtocolVersion serverVersion) + { + base.NotifyServerVersion(serverVersion); + + Console.WriteLine("TLS client negotiated " + serverVersion); + } + + public override TlsAuthentication GetAuthentication() + { + return new MyTlsAuthentication(m_context); + } + + public override void NotifyHandshakeComplete() + { + base.NotifyHandshakeComplete(); + + ProtocolName protocolName = m_context.SecurityParameters.ApplicationProtocol; + if (protocolName != null) + { + Console.WriteLine("Client ALPN: " + protocolName.GetUtf8Decoding()); + } + + TlsSession newSession = m_context.Session; + if (newSession != null) + { + if (newSession.IsResumable) + { + byte[] newSessionID = newSession.SessionID; + string hex = ToHexString(newSessionID); + + if (m_session != null && Arrays.AreEqual(m_session.SessionID, newSessionID)) + { + Console.WriteLine("Client resumed session: " + hex); + } + else + { + Console.WriteLine("Client established session: " + hex); + } + + this.m_session = newSession; + } + + byte[] tlsServerEndPoint = m_context.ExportChannelBinding(ChannelBinding.tls_server_end_point); + if (null != tlsServerEndPoint) + { + Console.WriteLine("Client 'tls-server-end-point': " + ToHexString(tlsServerEndPoint)); + } + + byte[] tlsUnique = m_context.ExportChannelBinding(ChannelBinding.tls_unique); + Console.WriteLine("Client 'tls-unique': " + ToHexString(tlsUnique)); + } + } + + protected virtual string ToHexString(byte[] data) + { + return data == null ? "(null)" : Hex.ToHexString(data); + } + + internal class MyTlsAuthentication + : TlsAuthentication + { + private readonly TlsContext m_context; + + internal MyTlsAuthentication(TlsContext context) + { + this.m_context = context; + } + + public void NotifyServerCertificate(TlsServerCertificate serverCertificate) + { + TlsCertificate[] chain = serverCertificate.Certificate.GetCertificateList(); + + Console.WriteLine("TLS client received server certificate chain of length " + chain.Length); + for (int i = 0; i != chain.Length; i++) + { + X509CertificateStructure entry = X509CertificateStructure.GetInstance(chain[i].GetEncoded()); + // TODO Create fingerprint based on certificate signature algorithm digest + Console.WriteLine(" fingerprint:SHA-256 " + TlsTestUtilities.Fingerprint(entry) + " (" + + entry.Subject + ")"); + } + + bool isEmpty = serverCertificate == null || serverCertificate.Certificate == null + || serverCertificate.Certificate.IsEmpty; + + if (isEmpty) + throw new TlsFatalAlert(AlertDescription.bad_certificate); + + string[] trustedCertResources = new string[]{ "x509-server-dsa.pem", "x509-server-ecdh.pem", + "x509-server-ecdsa.pem", "x509-server-ed25519.pem", "x509-server-ed448.pem", + "x509-server-rsa_pss_256.pem", "x509-server-rsa_pss_384.pem", "x509-server-rsa_pss_512.pem", + "x509-server-rsa-enc.pem", "x509-server-rsa-sign.pem" }; + + TlsCertificate[] certPath = TlsTestUtilities.GetTrustedCertPath(m_context.Crypto, chain[0], + trustedCertResources); + + if (null == certPath) + throw new TlsFatalAlert(AlertDescription.bad_certificate); + + TlsUtilities.CheckPeerSigAlgs(m_context, certPath); + } + + public TlsCredentials GetClientCredentials(CertificateRequest certificateRequest) + { + short[] certificateTypes = certificateRequest.CertificateTypes; + if (certificateTypes == null || !Arrays.Contains(certificateTypes, ClientCertificateType.rsa_sign)) + return null; + + return TlsTestUtilities.LoadSignerCredentials(m_context, + certificateRequest.SupportedSignatureAlgorithms, SignatureAlgorithm.rsa, "x509-client-rsa.pem", + "x509-client-key-rsa.pem"); + } + }; + } +} diff --git a/BouncyCastle/crypto/test/src/tls/test/MockTlsServer.cs b/BouncyCastle/crypto/test/src/tls/test/MockTlsServer.cs new file mode 100644 index 0000000..94d4c7d --- /dev/null +++ b/BouncyCastle/crypto/test/src/tls/test/MockTlsServer.cs @@ -0,0 +1,149 @@ +using System; +using System.Collections; +using System.IO; + +using Org.BouncyCastle.Asn1.X509; +using Org.BouncyCastle.Tls.Crypto; +using Org.BouncyCastle.Tls.Crypto.Impl.BC; +using Org.BouncyCastle.Security; +using Org.BouncyCastle.Utilities.Encoders; + +namespace Org.BouncyCastle.Tls.Tests +{ + internal class MockTlsServer + : DefaultTlsServer + { + internal MockTlsServer() + : base(new BcTlsCrypto(new SecureRandom())) + { + } + + protected override IList GetProtocolNames() + { + IList protocolNames = new ArrayList(); + protocolNames.Add(ProtocolName.Http_2_Tls); + protocolNames.Add(ProtocolName.Http_1_1); + return protocolNames; + } + + public override void NotifyAlertRaised(short alertLevel, short alertDescription, string message, + Exception cause) + { + TextWriter output = (alertLevel == AlertLevel.fatal) ? Console.Error : Console.Out; + output.WriteLine("TLS server raised alert: " + AlertLevel.GetText(alertLevel) + + ", " + AlertDescription.GetText(alertDescription)); + if (message != null) + { + output.WriteLine("> " + message); + } + if (cause != null) + { + output.WriteLine(cause); + } + } + + public override void NotifyAlertReceived(short alertLevel, short alertDescription) + { + TextWriter output = (alertLevel == AlertLevel.fatal) ? Console.Error : Console.Out; + output.WriteLine("TLS server received alert: " + AlertLevel.GetText(alertLevel) + + ", " + AlertDescription.GetText(alertDescription)); + } + + public override ProtocolVersion GetServerVersion() + { + ProtocolVersion serverVersion = base.GetServerVersion(); + + Console.WriteLine("TLS server negotiated " + serverVersion); + + return serverVersion; + } + + public override CertificateRequest GetCertificateRequest() + { + short[] certificateTypes = new short[]{ ClientCertificateType.rsa_sign, + ClientCertificateType.dss_sign, ClientCertificateType.ecdsa_sign }; + + IList serverSigAlgs = null; + if (TlsUtilities.IsSignatureAlgorithmsExtensionAllowed(m_context.ServerVersion)) + { + serverSigAlgs = TlsUtilities.GetDefaultSupportedSignatureAlgorithms(m_context); + } + + IList certificateAuthorities = new ArrayList(); + //certificateAuthorities.Add(TlsTestUtilities.LoadBcCertificateResource("x509-ca-dsa.pem").Subject); + //certificateAuthorities.Add(TlsTestUtilities.LoadBcCertificateResource("x509-ca-ecdsa.pem").Subject); + //certificateAuthorities.Add(TlsTestUtilities.LoadBcCertificateResource("x509-ca-rsa.pem").Subject); + + // All the CA certificates are currently configured with this subject + certificateAuthorities.Add(new X509Name("CN=BouncyCastle TLS Test CA")); + + return new CertificateRequest(certificateTypes, serverSigAlgs, certificateAuthorities); + } + + public override void NotifyClientCertificate(Certificate clientCertificate) + { + TlsCertificate[] chain = clientCertificate.GetCertificateList(); + + Console.WriteLine("TLS server received client certificate chain of length " + chain.Length); + for (int i = 0; i < chain.Length; ++i) + { + X509CertificateStructure entry = X509CertificateStructure.GetInstance(chain[i].GetEncoded()); + // TODO Create fingerprint based on certificate signature algorithm digest + Console.WriteLine(" fingerprint:SHA-256 " + TlsTestUtilities.Fingerprint(entry) + " (" + + entry.Subject + ")"); + } + + bool isEmpty = (clientCertificate == null || clientCertificate.IsEmpty); + + if (isEmpty) + return; + + string[] trustedCertResources = new string[]{ "x509-client-dsa.pem", "x509-client-ecdh.pem", + "x509-client-ecdsa.pem", "x509-client-ed25519.pem", "x509-client-ed448.pem", + "x509-client-rsa_pss_256.pem", "x509-client-rsa_pss_384.pem", "x509-client-rsa_pss_512.pem", + "x509-client-rsa.pem" }; + + TlsCertificate[] certPath = TlsTestUtilities.GetTrustedCertPath(m_context.Crypto, chain[0], + trustedCertResources); + + if (null == certPath) + throw new TlsFatalAlert(AlertDescription.bad_certificate); + + TlsUtilities.CheckPeerSigAlgs(m_context, certPath); + } + + public override void NotifyHandshakeComplete() + { + base.NotifyHandshakeComplete(); + + ProtocolName protocolName = m_context.SecurityParameters.ApplicationProtocol; + if (protocolName != null) + { + Console.WriteLine("Server ALPN: " + protocolName.GetUtf8Decoding()); + } + + byte[] tlsServerEndPoint = m_context.ExportChannelBinding(ChannelBinding.tls_server_end_point); + Console.WriteLine("Server 'tls-server-end-point': " + ToHexString(tlsServerEndPoint)); + + byte[] tlsUnique = m_context.ExportChannelBinding(ChannelBinding.tls_unique); + Console.WriteLine("Server 'tls-unique': " + ToHexString(tlsUnique)); + } + + protected override TlsCredentialedDecryptor GetRsaEncryptionCredentials() + { + return TlsTestUtilities.LoadEncryptionCredentials(m_context, + new string[]{ "x509-server-rsa-enc.pem", "x509-ca-rsa.pem" }, "x509-server-key-rsa-enc.pem"); + } + + protected override TlsCredentialedSigner GetRsaSignerCredentials() + { + IList clientSigAlgs = m_context.SecurityParameters.ClientSigAlgs; + return TlsTestUtilities.LoadSignerCredentialsServer(m_context, clientSigAlgs, SignatureAlgorithm.rsa); + } + + protected virtual string ToHexString(byte[] data) + { + return data == null ? "(null)" : Hex.ToHexString(data); + } + } +} diff --git a/BouncyCastle/crypto/test/src/tls/test/NetworkStream.cs b/BouncyCastle/crypto/test/src/tls/test/NetworkStream.cs new file mode 100644 index 0000000..c5f1dfd --- /dev/null +++ b/BouncyCastle/crypto/test/src/tls/test/NetworkStream.cs @@ -0,0 +1,101 @@ +using System; +using System.IO; + +namespace Org.BouncyCastle.Tls.Tests +{ + internal class NetworkStream + : Stream + { + private readonly Stream m_inner; + private bool m_closed = false; + + internal NetworkStream(Stream inner) + { + this.m_inner = inner; + } + + internal virtual bool IsClosed + { + get { lock (this) return m_closed; } + } + + public override bool CanRead + { + get { return m_inner.CanRead; } + } + + public override bool CanSeek + { + get { return m_inner.CanSeek; } + } + + public override bool CanWrite + { + get { return m_inner.CanWrite; } + } + + public override void Close() + { + lock (this) m_closed = true; + } + + public override void Flush() + { + m_inner.Flush(); + } + + public override long Length + { + get { return m_inner.Length; } + } + + public override long Position + { + get { return m_inner.Position; } + set { m_inner.Position = value; } + } + + public override long Seek(long offset, SeekOrigin origin) + { + return m_inner.Seek(offset, origin); + } + + public override void SetLength(long value) + { + m_inner.SetLength(value); + } + + public override int Read(byte[] buffer, int offset, int count) + { + CheckNotClosed(); + return m_inner.Read(buffer, offset, count); + } + + public override int ReadByte() + { + CheckNotClosed(); + return m_inner.ReadByte(); + } + + public override void Write(byte[] buf, int off, int len) + { + CheckNotClosed(); + m_inner.Write(buf, off, len); + } + + public override void WriteByte(byte value) + { + CheckNotClosed(); + m_inner.WriteByte(value); + } + + private void CheckNotClosed() + { + lock (this) + { + if (m_closed) + throw new ObjectDisposedException(this.GetType().Name); + } + } + } +} diff --git a/BouncyCastle/crypto/test/src/tls/test/PipedStream.cs b/BouncyCastle/crypto/test/src/tls/test/PipedStream.cs new file mode 100644 index 0000000..6de5703 --- /dev/null +++ b/BouncyCastle/crypto/test/src/tls/test/PipedStream.cs @@ -0,0 +1,134 @@ +using System; +using System.IO; +using System.Threading; + +namespace Org.BouncyCastle.Tls.Tests +{ + internal class PipedStream + : Stream + { + private readonly MemoryStream m_buf = new MemoryStream(); + private bool m_closed = false; + + private PipedStream m_other = null; + private long m_readPos = 0; + + internal PipedStream() + { + } + + internal PipedStream(PipedStream other) + { + lock (other) + { + this.m_other = other; + other.m_other = this; + } + } + + public override bool CanRead + { + get { return true; } + } + + public override bool CanSeek + { + get { return false; } + } + + public override bool CanWrite + { + get { return true; } + } + + public override void Close() + { + lock (this) + { + m_closed = true; + Monitor.PulseAll(this); + } + } + + public override void Flush() + { + } + + public override long Length + { + get { throw new NotImplementedException(); } + } + + public override long Position + { + get { throw new NotImplementedException(); } + set { throw new NotImplementedException(); } + } + + public override long Seek(long offset, SeekOrigin origin) + { + throw new NotImplementedException(); + } + + public override void SetLength(long value) + { + throw new NotImplementedException(); + } + + public override int Read(byte[] buffer, int offset, int count) + { + lock (m_other) + { + WaitForData(); + int len = (int)System.Math.Min(count, m_other.m_buf.Position - m_readPos); + Array.Copy(m_other.m_buf.GetBuffer(), m_readPos, buffer, offset, len); + m_readPos += len; + return len; + } + } + + public override int ReadByte() + { + lock (m_other) + { + WaitForData(); + bool eof = (m_readPos >= m_other.m_buf.Position); + return eof ? -1 : m_other.m_buf.GetBuffer()[m_readPos++]; + } + } + + public override void Write(byte[] buf, int off, int len) + { + lock (this) + { + CheckOpen(); + m_buf.Write(buf, off, len); + Monitor.PulseAll(this); + } + } + + public override void WriteByte(byte value) + { + lock (this) + { + CheckOpen(); + m_buf.WriteByte(value); + Monitor.PulseAll(m_buf); + } + } + + private void CheckOpen() + { + if (m_closed) + throw new ObjectDisposedException(this.GetType().Name); + } + + private void WaitForData() + { + while (m_readPos >= m_other.m_buf.Position && !m_other.m_closed) + { + Monitor.Wait(m_other); + } + } + } +} diff --git a/BouncyCastle/crypto/test/src/tls/test/PrfTest.cs b/BouncyCastle/crypto/test/src/tls/test/PrfTest.cs new file mode 100644 index 0000000..de00166 --- /dev/null +++ b/BouncyCastle/crypto/test/src/tls/test/PrfTest.cs @@ -0,0 +1,97 @@ +using System; + +using NUnit.Framework; + +using Org.BouncyCastle.Security; +using Org.BouncyCastle.Tls.Crypto; +using Org.BouncyCastle.Tls.Crypto.Impl.BC; +using Org.BouncyCastle.Utilities; +using Org.BouncyCastle.Utilities.Encoders; + +namespace Org.BouncyCastle.Tls.Tests +{ + [TestFixture] + public class PrfTest + { + [Test] + public void TestLwTls11() + { + byte[] pre_master_secret = Hex.Decode("86051948e4d9a0cd273b6cd3a76557fc695e2ad9517cda97081ed009588a20ab48d0b128de8f917da74e711879460b60"); + byte[] serverHello_random = Hex.Decode("55f1f273d4cdd4abb97f6856ed10f83a799dc42403c3f60c4e504419db4fd727"); + byte[] clientHello_random = Hex.Decode("0b71e1f7232e675112510cf654a5e6280b3bd8ff078b67ec55276bfaddb92075"); + byte[] server_random = Hex.Decode("a62615ee7fee41993588b2542735f90910c5a0f9c5dcb64898fdf3e90dc72a5f"); + byte[] client_random = Hex.Decode("7798a130b732d7789e59a5fc14ad331ae91199f7d122e7fd4a594036b0694873"); + byte[] master_secret = Hex.Decode("37841ef801f8cbdb49b6a164025de3e0ea8169604ffe80bd98b45cdd34105251cedac7223045ff4c7b67c8a12bf3141c"); + byte[] key_block = Hex.Decode("c520e2409fa54facd3da01910f50a28f2f50986beb56b0c7b4cee9122e8f7428b7f7b8277bda931c71d35fdc2ea92127a5a143f63fe145275af5bcdab26113deffbb87a67f965b3964ea1ca29df1841c1708e6f42aacd87c12c4471913f61bb994fe3790b735dd11"); + + byte[] msSeed = Arrays.Concatenate(clientHello_random, serverHello_random); + + BcTlsCrypto crypto = new BcTlsCrypto(new SecureRandom()); + TlsSecret masterSecret = new BcTlsSecret(crypto, pre_master_secret) + .DeriveUsingPrf(PrfAlgorithm.tls_prf_legacy, ExporterLabel.master_secret, msSeed, master_secret.Length); + + Assert.IsTrue(Arrays.AreEqual(master_secret, masterSecret.Extract()), "master secret wrong"); + + byte[] keSeed = Arrays.Concatenate(server_random, client_random); + + TlsSecret keyExpansion = new BcTlsSecret(crypto, master_secret) + .DeriveUsingPrf(PrfAlgorithm.tls_prf_legacy, ExporterLabel.key_expansion, keSeed, key_block.Length); + + Assert.IsTrue(Arrays.AreEqual(key_block, keyExpansion.Extract()), "key expansion error"); + } + + [Test] + public void TestLwTls12_Sha256Prf() + { + byte[] pre_master_secret = Hex.Decode("f8938ecc9edebc5030c0c6a441e213cd24e6f770a50dda07876f8d55da062bcadb386b411fd4fe4313a604fce6c17fbc"); + byte[] serverHello_random = Hex.Decode("f6c9575ed7ddd73e1f7d16eca115415812a43c2b747daaaae043abfb50053fce"); + byte[] clientHello_random = Hex.Decode("36c129d01a3200894b9179faac589d9835d58775f9b5ea3587cb8fd0364cae8c"); + byte[] server_random = Hex.Decode("ae6c806f8ad4d80784549dff28a4b58fd837681a51d928c3e30ee5ff14f39868"); + byte[] client_random = Hex.Decode("62e1fd91f23f558a605f28478c58cf72637b89784d959df7e946d3f07bd1b616"); + byte[] master_secret = Hex.Decode("202c88c00f84a17a20027079604787461176455539e705be730890602c289a5001e34eeb3a043e5d52a65e66125188bf"); + byte[] key_block = Hex.Decode("d06139889fffac1e3a71865f504aa5d0d2a2e89506c6f2279b670c3e1b74f531016a2530c51a3a0f7e1d6590d0f0566b2f387f8d11fd4f731cdd572d2eae927f6f2f81410b25e6960be68985add6c38445ad9f8c64bf8068bf9a6679485d966f1ad6f68b43495b10a683755ea2b858d70ccac7ec8b053c6bd41ca299d4e51928"); + + byte[] msSeed = Arrays.Concatenate(clientHello_random, serverHello_random); + + BcTlsCrypto crypto = new BcTlsCrypto(new SecureRandom()); + TlsSecret masterSecret = new BcTlsSecret(crypto, pre_master_secret) + .DeriveUsingPrf(PrfAlgorithm.tls_prf_sha256, ExporterLabel.master_secret, msSeed, master_secret.Length); + + Assert.IsTrue(Arrays.AreEqual(master_secret, masterSecret.Extract()), "master secret wrong"); + + byte[] keSeed = Arrays.Concatenate(server_random, client_random); + + TlsSecret keyExpansion = new BcTlsSecret(crypto, master_secret) + .DeriveUsingPrf(PrfAlgorithm.tls_prf_sha256, ExporterLabel.key_expansion, keSeed, key_block.Length); + + Assert.IsTrue(Arrays.AreEqual(key_block, keyExpansion.Extract()), "key expansion error"); + } + + [Test] + public void TestLwTls12_Sha384Prf() + { + byte[] pre_master_secret = Hex.Decode("a5e2642633f5b8c81ad3fe0c2fe3a8e5ef806b06121dd10df4bb0fe857bfdcf522558e05d2682c9a80c741a3aab1716f"); + byte[] serverHello_random = Hex.Decode("cb6e0b3eb02976b6466dfa9651c2919414f1648fd3a7838d02153e5bd39535b6"); + byte[] clientHello_random = Hex.Decode("abe4bf5527429ac8eb13574d2709e8012bd1a113c6d3b1d3aa2c3840518778ac"); + byte[] server_random = Hex.Decode("1b1c8568344a65c30828e7483c0e353e2c68641c9551efae6927d9cd627a107c"); + byte[] client_random = Hex.Decode("954b5fe1849c2ede177438261f099a2fcd884d001b9fe1de754364b1f6a6dd8e"); + byte[] master_secret = Hex.Decode("b4d49bfa87747fe815457bc3da15073d6ac73389e703079a3503c09e14bd559a5b3c7c601c7365f6ea8c68d3d9596827"); + byte[] key_block = Hex.Decode("10fd89ef689c7ef033387b8a8f3e5e8e7c11f680f6bdd71fbac3246a73e98d45d03185dde686e6b2369e4503e9dc5a6d2cee3e2bf2fa3f41d3de57dff3e197c8a9d5f74cc2d277119d894f8584b07a0a5822f0bd68b3433ec6adaf5c9406c5f3ddbb71bbe17ce98f3d4d5893d3179ef369f57aad908e2bf710639100c3ce7e0c"); + + byte[] msSeed = Arrays.Concatenate(clientHello_random, serverHello_random); + + BcTlsCrypto crypto = new BcTlsCrypto(new SecureRandom()); + TlsSecret masterSecret = new BcTlsSecret(crypto, pre_master_secret) + .DeriveUsingPrf(PrfAlgorithm.tls_prf_sha384, ExporterLabel.master_secret, msSeed, master_secret.Length); + + Assert.IsTrue(Arrays.AreEqual(master_secret, masterSecret.Extract()), "master secret wrong"); + + byte[] keSeed = Arrays.Concatenate(server_random, client_random); + + TlsSecret keyExpansion = new BcTlsSecret(crypto, master_secret) + .DeriveUsingPrf(PrfAlgorithm.tls_prf_sha384, ExporterLabel.key_expansion, keSeed, key_block.Length); + + Assert.IsTrue(Arrays.AreEqual(key_block, keyExpansion.Extract()), "key expansion error"); + } + } +} diff --git a/BouncyCastle/crypto/test/src/tls/test/PskTls13ClientTest.cs b/BouncyCastle/crypto/test/src/tls/test/PskTls13ClientTest.cs new file mode 100644 index 0000000..6f67b05 --- /dev/null +++ b/BouncyCastle/crypto/test/src/tls/test/PskTls13ClientTest.cs @@ -0,0 +1,85 @@ +using System; +using System.IO; +using System.Net.Sockets; +using System.Text; + +using NUnit.Framework; + +using Org.BouncyCastle.Utilities.Date; + +namespace Org.BouncyCastle.Tls.Tests +{ + [TestFixture] + public class PskTls13ClientTest + { + [Test, Ignore] + public void TestConnection() + { + string host = "localhost"; + int port = 5556; + + long time0 = DateTimeUtilities.CurrentUnixMs(); + + MockPskTls13Client client = new MockPskTls13Client(); + TlsClientProtocol protocol = OpenTlsClientConnection(host, port, client); + + long time1 = DateTimeUtilities.CurrentUnixMs(); + Console.WriteLine("Elapsed: " + (time1 - time0) + "ms"); + + Http11Get(host, port, protocol.Stream); + + protocol.Close(); + } + + private static void Http11Get(string host, int port, Stream s) + { + WriteUtf8Line(s, "GET / HTTP/1.1"); + //WriteUtf8Line(s, "Host: " + host + ":" + port); + WriteUtf8Line(s, ""); + s.Flush(); + + Console.WriteLine("---"); + + string[] ends = new string[] { "", "HTTP/1.1 3", "HTTP/1.1 4" }; + + StreamReader reader = new StreamReader(s); + + bool finished = false; + string line; + while (!finished && (line = reader.ReadLine()) != null) + { + Console.WriteLine("<<< " + line); + + string upperLine = TlsTestUtilities.ToUpperInvariant(line); + + // TEST CODE ONLY. This is not a robust way of parsing the result! + foreach (string end in ends) + { + if (upperLine.IndexOf(end) >= 0) + { + finished = true; + break; + } + } + } + + Console.Out.Flush(); + } + + private static TlsClientProtocol OpenTlsClientConnection(string hostname, int port, TlsClient client) + { + TcpClient tcp = new TcpClient(hostname, port); + + TlsClientProtocol protocol = new TlsClientProtocol(tcp.GetStream()); + protocol.Connect(client); + return protocol; + } + + private static void WriteUtf8Line(Stream output, string line) + { + byte[] buf = Encoding.UTF8.GetBytes(line + "\r\n"); + output.Write(buf, 0, buf.Length); + Console.WriteLine(">>> " + line); + } + } +} diff --git a/BouncyCastle/crypto/test/src/tls/test/PskTls13ServerTest.cs b/BouncyCastle/crypto/test/src/tls/test/PskTls13ServerTest.cs new file mode 100644 index 0000000..4a924b8 --- /dev/null +++ b/BouncyCastle/crypto/test/src/tls/test/PskTls13ServerTest.cs @@ -0,0 +1,77 @@ +using System; +using System.IO; +using System.Net; +using System.Net.Sockets; +using System.Threading; + +using NUnit.Framework; + +using Org.BouncyCastle.Utilities.IO; + +namespace Org.BouncyCastle.Tls.Tests +{ + [TestFixture] + public class PskTls13ServerTest + { + [Test, Ignore] + public void TestConnection() + { + int port = 5556; + + TcpListener ss = new TcpListener(IPAddress.Any, port); + ss.Start(); + Stream stdout = Console.OpenStandardOutput(); + try + { + while (true) + { + TcpClient s = ss.AcceptTcpClient(); + Console.WriteLine("--------------------------------------------------------------------------------"); + Console.WriteLine("Accepted " + s); + Server serverRun = new Server(s, stdout); + Thread t = new Thread(new ThreadStart(serverRun.Run)); + t.Start(); + } + } + finally + { + ss.Stop(); + } + } + + internal class Server + { + private readonly TcpClient s; + private readonly Stream stdout; + + internal Server(TcpClient s, Stream stdout) + { + this.s = s; + this.stdout = stdout; + } + + public void Run() + { + try + { + MockPskTls13Server server = new MockPskTls13Server(); + TlsServerProtocol serverProtocol = new TlsServerProtocol(s.GetStream()); + serverProtocol.Accept(server); + Stream log = new TeeOutputStream(serverProtocol.Stream, stdout); + Streams.PipeAll(serverProtocol.Stream, log); + serverProtocol.Close(); + } + finally + { + try + { + s.Close(); + } + catch (IOException) + { + } + } + } + } + } +} diff --git a/BouncyCastle/crypto/test/src/tls/test/PskTlsClientTest.cs b/BouncyCastle/crypto/test/src/tls/test/PskTlsClientTest.cs new file mode 100644 index 0000000..770fade --- /dev/null +++ b/BouncyCastle/crypto/test/src/tls/test/PskTlsClientTest.cs @@ -0,0 +1,113 @@ +using System; +using System.IO; +using System.Net.Sockets; +using System.Text; + +using NUnit.Framework; + +using Org.BouncyCastle.Utilities; +using Org.BouncyCastle.Utilities.Date; + +namespace Org.BouncyCastle.Tls.Tests +{ + /// A simple test designed to conduct a TLS handshake with an external TLS server. + /// + /// Please refer to GnuTLSSetup.html or OpenSSLSetup.html (under 'docs'), and x509-*.pem files in this package + /// (under 'src/test/resources') for help configuring an external TLS server.
    + [TestFixture] + public class PskTlsClientTest + { + [Test, Ignore] + public void TestConnection() + { + string host = "localhost"; + int port = 5556; + + long time1 = DateTimeUtilities.CurrentUnixMs(); + + /* + * Note: This is the default PSK identity for 'openssl s_server' testing, the server must be + * started with "-psk 6161616161" to make the keys match, and possibly the "-psk_hint" + * option should be present. + */ + //string psk_identity = "Client_identity"; + //byte[] psk = new byte[] { 0x61, 0x61, 0x61, 0x61, 0x61 }; + + // These correspond to the configuration of MockPskTlsServer + string psk_identity = "client"; + byte[] psk = Strings.ToUtf8ByteArray("TLS_TEST_PSK"); + + BasicTlsPskIdentity pskIdentity = new BasicTlsPskIdentity(psk_identity, psk); + + MockPskTlsClient client = new MockPskTlsClient(null, pskIdentity); + TlsClientProtocol protocol = OpenTlsClientConnection(host, port, client); + protocol.Close(); + + long time2 = DateTimeUtilities.CurrentUnixMs(); + Console.WriteLine("Elapsed 1: " + (time2 - time1) + "ms"); + + client = new MockPskTlsClient(client.GetSessionToResume(), pskIdentity); + protocol = OpenTlsClientConnection(host, port, client); + + long time3 = DateTimeUtilities.CurrentUnixMs(); + Console.WriteLine("Elapsed 2: " + (time3 - time2) + "ms"); + + Http11Get(host, port, protocol.Stream); + + protocol.Close(); + } + + private static void Http11Get(string host, int port, Stream s) + { + WriteUtf8Line(s, "GET / HTTP/1.1"); + //WriteUtf8Line(s, "Host: " + host + ":" + port); + WriteUtf8Line(s, ""); + s.Flush(); + + Console.WriteLine("---"); + + string[] ends = new string[] { "", "HTTP/1.1 3", "HTTP/1.1 4" }; + + StreamReader reader = new StreamReader(s); + + bool finished = false; + string line; + while (!finished && (line = reader.ReadLine()) != null) + { + Console.WriteLine("<<< " + line); + + string upperLine = TlsTestUtilities.ToUpperInvariant(line); + + // TEST CODE ONLY. This is not a robust way of parsing the result! + foreach (string end in ends) + { + if (upperLine.IndexOf(end) >= 0) + { + finished = true; + break; + } + } + } + + Console.Out.Flush(); + } + + private static TlsClientProtocol OpenTlsClientConnection(string hostname, int port, TlsClient client) + { + TcpClient tcp = new TcpClient(hostname, port); + + TlsClientProtocol protocol = new TlsClientProtocol(tcp.GetStream()); + protocol.Connect(client); + return protocol; + } + + private static void WriteUtf8Line(Stream output, string line) + { + byte[] buf = Encoding.UTF8.GetBytes(line + "\r\n"); + output.Write(buf, 0, buf.Length); + Console.WriteLine(">>> " + line); + } + } +} diff --git a/BouncyCastle/crypto/test/src/tls/test/PskTlsServerTest.cs b/BouncyCastle/crypto/test/src/tls/test/PskTlsServerTest.cs new file mode 100644 index 0000000..9d87a8d --- /dev/null +++ b/BouncyCastle/crypto/test/src/tls/test/PskTlsServerTest.cs @@ -0,0 +1,82 @@ +using System; +using System.IO; +using System.Net; +using System.Net.Sockets; +using System.Threading; + +using NUnit.Framework; + +using Org.BouncyCastle.Utilities.IO; + +namespace Org.BouncyCastle.Tls.Tests +{ + /// A simple test designed to conduct a TLS handshake with an external TLS client. + /// + /// Please refer to GnuTLSSetup.html or OpenSSLSetup.html (under 'docs'), and x509-*.pem files in this package + /// (under 'src/test/resources') for help configuring an external TLS client. + /// + [TestFixture] + public class PskTlsServerTest + { + [Test, Ignore] + public void TestConnection() + { + int port = 5556; + + TcpListener ss = new TcpListener(IPAddress.Any, port); + ss.Start(); + Stream stdout = Console.OpenStandardOutput(); + try + { + while (true) + { + TcpClient s = ss.AcceptTcpClient(); + Console.WriteLine("--------------------------------------------------------------------------------"); + Console.WriteLine("Accepted " + s); + Server serverRun = new Server(s, stdout); + Thread t = new Thread(new ThreadStart(serverRun.Run)); + t.Start(); + } + } + finally + { + ss.Stop(); + } + } + + internal class Server + { + private readonly TcpClient s; + private readonly Stream stdout; + + internal Server(TcpClient s, Stream stdout) + { + this.s = s; + this.stdout = stdout; + } + + public void Run() + { + try + { + MockPskTlsServer server = new MockPskTlsServer(); + TlsServerProtocol serverProtocol = new TlsServerProtocol(s.GetStream()); + serverProtocol.Accept(server); + Stream log = new TeeOutputStream(serverProtocol.Stream, stdout); + Streams.PipeAll(serverProtocol.Stream, log); + serverProtocol.Close(); + } + finally + { + try + { + s.Close(); + } + catch (IOException) + { + } + } + } + } + } +} diff --git a/BouncyCastle/crypto/test/src/tls/test/Tls13PskProtocolTest.cs b/BouncyCastle/crypto/test/src/tls/test/Tls13PskProtocolTest.cs new file mode 100644 index 0000000..b66e781 --- /dev/null +++ b/BouncyCastle/crypto/test/src/tls/test/Tls13PskProtocolTest.cs @@ -0,0 +1,75 @@ +using System; +using System.IO; +using System.Threading; + +using NUnit.Framework; + +using Org.BouncyCastle.Utilities; +using Org.BouncyCastle.Utilities.IO; + +namespace Org.BouncyCastle.Tls.Tests +{ + [TestFixture] + public class Tls13PskProtocolTest + { + [Test] + public void TestClientServer() + { + PipedStream clientPipe = new PipedStream(); + PipedStream serverPipe = new PipedStream(clientPipe); + + TlsClientProtocol clientProtocol = new TlsClientProtocol(clientPipe); + TlsServerProtocol serverProtocol = new TlsServerProtocol(serverPipe); + + MockPskTls13Client client = new MockPskTls13Client(); + MockPskTls13Server server = new MockPskTls13Server(); + + Server serverRun = new Server(serverProtocol, server); + Thread serverThread = new Thread(new ThreadStart(serverRun.Run)); + serverThread.Start(); + + clientProtocol.Connect(client); + + byte[] data = new byte[1000]; + client.Crypto.SecureRandom.NextBytes(data); + + Stream output = clientProtocol.Stream; + output.Write(data, 0, data.Length); + + byte[] echo = new byte[data.Length]; + int count = Streams.ReadFully(clientProtocol.Stream, echo); + + Assert.AreEqual(count, data.Length); + Assert.IsTrue(Arrays.AreEqual(data, echo)); + + output.Close(); + + serverThread.Join(); + } + + internal class Server + { + private readonly TlsServerProtocol m_serverProtocol; + private readonly TlsServer m_server; + + internal Server(TlsServerProtocol serverProtocol, TlsServer server) + { + this.m_serverProtocol = serverProtocol; + this.m_server = server; + } + + public void Run() + { + try + { + m_serverProtocol.Accept(m_server); + Streams.PipeAll(m_serverProtocol.Stream, m_serverProtocol.Stream); + m_serverProtocol.Close(); + } + catch (Exception) + { + } + } + } + } +} diff --git a/BouncyCastle/crypto/test/src/tls/test/TlsClientTest.cs b/BouncyCastle/crypto/test/src/tls/test/TlsClientTest.cs new file mode 100644 index 0000000..cd63226 --- /dev/null +++ b/BouncyCastle/crypto/test/src/tls/test/TlsClientTest.cs @@ -0,0 +1,97 @@ +using System; +using System.IO; +using System.Net.Sockets; +using System.Text; + +using NUnit.Framework; + +using Org.BouncyCastle.Utilities.Date; + +namespace Org.BouncyCastle.Tls.Tests +{ + /// A simple test designed to conduct a TLS handshake with an external TLS server. + /// + /// Please refer to GnuTLSSetup.html or OpenSSLSetup.html (under 'docs'), and x509-*.pem files in this package + /// (under 'src/test/resources') for help configuring an external TLS server. + /// + [TestFixture] + public class TlsClientTest + { + [Test, Ignore] + public void TestConnection() + { + string host = "localhost"; + int port = 5556; + + long time1 = DateTimeUtilities.CurrentUnixMs(); + + MockTlsClient client = new MockTlsClient(null); + TlsClientProtocol protocol = OpenTlsClientConnection(host, port, client); + protocol.Close(); + + long time2 = DateTimeUtilities.CurrentUnixMs(); + Console.WriteLine("Elapsed 1: " + (time2 - time1) + "ms"); + + client = new MockTlsClient(client.GetSessionToResume()); + protocol = OpenTlsClientConnection(host, port, client); + + long time3 = DateTimeUtilities.CurrentUnixMs(); + Console.WriteLine("Elapsed 2: " + (time3 - time2) + "ms"); + + Http11Get(host, port, protocol.Stream); + + protocol.Close(); + } + + private static void Http11Get(string host, int port, Stream s) + { + WriteUtf8Line(s, "GET / HTTP/1.1"); + //WriteUtf8Line(s, "Host: " + host + ":" + port); + WriteUtf8Line(s, ""); + s.Flush(); + + Console.WriteLine("---"); + + string[] ends = new string[] { "", "HTTP/1.1 3", "HTTP/1.1 4" }; + + StreamReader reader = new StreamReader(s); + + bool finished = false; + string line; + while (!finished && (line = reader.ReadLine()) != null) + { + Console.WriteLine("<<< " + line); + + string upperLine = TlsTestUtilities.ToUpperInvariant(line); + + // TEST CODE ONLY. This is not a robust way of parsing the result! + foreach (string end in ends) + { + if (upperLine.IndexOf(end) >= 0) + { + finished = true; + break; + } + } + } + + Console.Out.Flush(); + } + + private static TlsClientProtocol OpenTlsClientConnection(string hostname, int port, TlsClient client) + { + TcpClient tcp = new TcpClient(hostname, port); + + TlsClientProtocol protocol = new TlsClientProtocol(tcp.GetStream()); + protocol.Connect(client); + return protocol; + } + + private static void WriteUtf8Line(Stream output, string line) + { + byte[] buf = Encoding.UTF8.GetBytes(line + "\r\n"); + output.Write(buf, 0, buf.Length); + Console.WriteLine(">>> " + line); + } + } +} diff --git a/BouncyCastle/crypto/test/src/tls/test/TlsProtocolNonBlockingTest.cs b/BouncyCastle/crypto/test/src/tls/test/TlsProtocolNonBlockingTest.cs new file mode 100644 index 0000000..fac3419 --- /dev/null +++ b/BouncyCastle/crypto/test/src/tls/test/TlsProtocolNonBlockingTest.cs @@ -0,0 +1,126 @@ +using System; +using System.IO; + +using NUnit.Framework; + +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Tls.Tests +{ + [TestFixture] + public class TlsProtocolNonBlockingTest + { + [Test] + public void TestClientServerFragmented() + { + // tests if it's really non-blocking when partial records arrive + ImplTestClientServer(true); + } + + [Test] + public void TestClientServerNonFragmented() + { + ImplTestClientServer(false); + } + + private static void ImplTestClientServer(bool fragment) + { + TlsClientProtocol clientProtocol = new TlsClientProtocol(); + TlsServerProtocol serverProtocol = new TlsServerProtocol(); + + MockTlsClient client = new MockTlsClient(null); + MockTlsServer server = new MockTlsServer(); + + clientProtocol.Connect(client); + serverProtocol.Accept(server); + + // pump handshake + bool hadDataFromServer = true; + bool hadDataFromClient = true; + while (hadDataFromServer || hadDataFromClient) + { + hadDataFromServer = PumpData(serverProtocol, clientProtocol, fragment); + hadDataFromClient = PumpData(clientProtocol, serverProtocol, fragment); + } + + // send data in both directions + byte[] data = new byte[1024]; + client.Crypto.SecureRandom.NextBytes(data); + + WriteAndRead(clientProtocol, serverProtocol, data, fragment); + WriteAndRead(serverProtocol, clientProtocol, data, fragment); + + // close the connection + clientProtocol.Close(); + PumpData(clientProtocol, serverProtocol, fragment); + serverProtocol.CloseInput(); + CheckClosed(serverProtocol); + CheckClosed(clientProtocol); + } + + private static void WriteAndRead(TlsProtocol writer, TlsProtocol reader, byte[] data, bool fragment) + { + int dataSize = data.Length; + writer.WriteApplicationData(data, 0, dataSize); + PumpData(writer, reader, fragment); + + Assert.AreEqual(dataSize, reader.GetAvailableInputBytes()); + byte[] readData = new byte[dataSize]; + reader.ReadInput(readData, 0, dataSize); + AssertArrayEquals(data, readData); + } + + private static bool PumpData(TlsProtocol from, TlsProtocol to, bool fragment) + { + int byteCount = from.GetAvailableOutputBytes(); + if (byteCount == 0) + return false; + + if (fragment) + { + byte[] buffer = new byte[1]; + while (from.GetAvailableOutputBytes() > 0) + { + from.ReadOutput(buffer, 0, 1); + to.OfferInput(buffer); + } + } + else + { + byte[] buffer = new byte[byteCount]; + from.ReadOutput(buffer, 0, buffer.Length); + to.OfferInput(buffer); + } + + return true; + } + + private static void CheckClosed(TlsProtocol protocol) + { + Assert.IsTrue(protocol.IsClosed); + + try + { + protocol.OfferInput(new byte[10]); + Assert.Fail("Input was accepted after close"); + } + catch (IOException) + { + } + + try + { + protocol.WriteApplicationData(new byte[10], 0, 10); + Assert.Fail("Output was accepted after close"); + } + catch (IOException) + { + } + } + + private static void AssertArrayEquals(byte[] a, byte[] b) + { + Assert.IsTrue(Arrays.AreEqual(a, b)); + } + } +} diff --git a/BouncyCastle/crypto/test/src/tls/test/TlsProtocolTest.cs b/BouncyCastle/crypto/test/src/tls/test/TlsProtocolTest.cs new file mode 100644 index 0000000..c0287d9 --- /dev/null +++ b/BouncyCastle/crypto/test/src/tls/test/TlsProtocolTest.cs @@ -0,0 +1,75 @@ +using System; +using System.IO; +using System.Threading; + +using NUnit.Framework; + +using Org.BouncyCastle.Utilities; +using Org.BouncyCastle.Utilities.IO; + +namespace Org.BouncyCastle.Tls.Tests +{ + [TestFixture] + public class TlsProtocolTest + { + [Test] + public void TestClientServer() + { + PipedStream clientPipe = new PipedStream(); + PipedStream serverPipe = new PipedStream(clientPipe); + + TlsClientProtocol clientProtocol = new TlsClientProtocol(clientPipe); + TlsServerProtocol serverProtocol = new TlsServerProtocol(serverPipe); + + MockTlsClient client = new MockTlsClient(null); + MockTlsServer server = new MockTlsServer(); + + Server serverRun = new Server(serverProtocol, server); + Thread serverThread = new Thread(new ThreadStart(serverRun.Run)); + serverThread.Start(); + + clientProtocol.Connect(client); + + byte[] data = new byte[1000]; + client.Crypto.SecureRandom.NextBytes(data); + + Stream output = clientProtocol.Stream; + output.Write(data, 0, data.Length); + + byte[] echo = new byte[data.Length]; + int count = Streams.ReadFully(clientProtocol.Stream, echo); + + Assert.AreEqual(count, data.Length); + Assert.IsTrue(Arrays.AreEqual(data, echo)); + + output.Close(); + + serverThread.Join(); + } + + internal class Server + { + private readonly TlsServerProtocol m_serverProtocol; + private readonly TlsServer m_server; + + internal Server(TlsServerProtocol serverProtocol, TlsServer server) + { + this.m_serverProtocol = serverProtocol; + this.m_server = server; + } + + public void Run() + { + try + { + m_serverProtocol.Accept(m_server); + Streams.PipeAll(m_serverProtocol.Stream, m_serverProtocol.Stream); + m_serverProtocol.Close(); + } + catch (Exception) + { + } + } + } + } +} diff --git a/BouncyCastle/crypto/test/src/tls/test/TlsPskProtocolTest.cs b/BouncyCastle/crypto/test/src/tls/test/TlsPskProtocolTest.cs new file mode 100644 index 0000000..449f9ea --- /dev/null +++ b/BouncyCastle/crypto/test/src/tls/test/TlsPskProtocolTest.cs @@ -0,0 +1,75 @@ +using System; +using System.IO; +using System.Threading; + +using NUnit.Framework; + +using Org.BouncyCastle.Utilities; +using Org.BouncyCastle.Utilities.IO; + +namespace Org.BouncyCastle.Tls.Tests +{ + [TestFixture] + public class TlsPskProtocolTest + { + [Test] + public void TestClientServer() + { + PipedStream clientPipe = new PipedStream(); + PipedStream serverPipe = new PipedStream(clientPipe); + + TlsClientProtocol clientProtocol = new TlsClientProtocol(clientPipe); + TlsServerProtocol serverProtocol = new TlsServerProtocol(serverPipe); + + MockPskTlsClient client = new MockPskTlsClient(null); + MockPskTlsServer server = new MockPskTlsServer(); + + Server serverRun = new Server(serverProtocol, server); + Thread serverThread = new Thread(new ThreadStart(serverRun.Run)); + serverThread.Start(); + + clientProtocol.Connect(client); + + byte[] data = new byte[1000]; + client.Crypto.SecureRandom.NextBytes(data); + + Stream output = clientProtocol.Stream; + output.Write(data, 0, data.Length); + + byte[] echo = new byte[data.Length]; + int count = Streams.ReadFully(clientProtocol.Stream, echo); + + Assert.AreEqual(count, data.Length); + Assert.IsTrue(Arrays.AreEqual(data, echo)); + + output.Close(); + + serverThread.Join(); + } + + internal class Server + { + private readonly TlsServerProtocol m_serverProtocol; + private readonly TlsServer m_server; + + internal Server(TlsServerProtocol serverProtocol, TlsServer server) + { + this.m_serverProtocol = serverProtocol; + this.m_server = server; + } + + public void Run() + { + try + { + m_serverProtocol.Accept(m_server); + Streams.PipeAll(m_serverProtocol.Stream, m_serverProtocol.Stream); + m_serverProtocol.Close(); + } + catch (Exception) + { + } + } + } + } +} diff --git a/BouncyCastle/crypto/test/src/tls/test/TlsServerTest.cs b/BouncyCastle/crypto/test/src/tls/test/TlsServerTest.cs new file mode 100644 index 0000000..333ff56 --- /dev/null +++ b/BouncyCastle/crypto/test/src/tls/test/TlsServerTest.cs @@ -0,0 +1,82 @@ +using System; +using System.IO; +using System.Net; +using System.Net.Sockets; +using System.Threading; + +using NUnit.Framework; + +using Org.BouncyCastle.Utilities.IO; + +namespace Org.BouncyCastle.Tls.Tests +{ + /// A simple test designed to conduct a TLS handshake with an external TLS client. + /// + /// Please refer to GnuTLSSetup.html or OpenSSLSetup.html (under 'docs'), and x509-*.pem files in this package + /// (under 'src/test/resources') for help configuring an external TLS client. + /// + [TestFixture] + public class TlsServerTest + { + [Test, Ignore] + public void TestConnection() + { + int port = 5556; + + TcpListener ss = new TcpListener(IPAddress.Any, port); + ss.Start(); + Stream stdout = Console.OpenStandardOutput(); + try + { + while (true) + { + TcpClient s = ss.AcceptTcpClient(); + Console.WriteLine("--------------------------------------------------------------------------------"); + Console.WriteLine("Accepted " + s); + Server serverRun = new Server(s, stdout); + Thread t = new Thread(new ThreadStart(serverRun.Run)); + t.Start(); + } + } + finally + { + ss.Stop(); + } + } + + internal class Server + { + private readonly TcpClient s; + private readonly Stream stdout; + + internal Server(TcpClient s, Stream stdout) + { + this.s = s; + this.stdout = stdout; + } + + public void Run() + { + try + { + MockTlsServer server = new MockTlsServer(); + TlsServerProtocol serverProtocol = new TlsServerProtocol(s.GetStream()); + serverProtocol.Accept(server); + Stream log = new TeeOutputStream(serverProtocol.Stream, stdout); + Streams.PipeAll(serverProtocol.Stream, log); + serverProtocol.Close(); + } + finally + { + try + { + s.Close(); + } + catch (IOException) + { + } + } + } + } + } +} diff --git a/BouncyCastle/crypto/test/src/tls/test/TlsSrpProtocolTest.cs b/BouncyCastle/crypto/test/src/tls/test/TlsSrpProtocolTest.cs new file mode 100644 index 0000000..f85a67d --- /dev/null +++ b/BouncyCastle/crypto/test/src/tls/test/TlsSrpProtocolTest.cs @@ -0,0 +1,75 @@ +using System; +using System.IO; +using System.Threading; + +using NUnit.Framework; + +using Org.BouncyCastle.Utilities; +using Org.BouncyCastle.Utilities.IO; + +namespace Org.BouncyCastle.Tls.Tests +{ + [TestFixture] + public class TlsSrpProtocolTest + { + [Test] + public void TestClientServer() + { + PipedStream clientPipe = new PipedStream(); + PipedStream serverPipe = new PipedStream(clientPipe); + + TlsClientProtocol clientProtocol = new TlsClientProtocol(clientPipe); + TlsServerProtocol serverProtocol = new TlsServerProtocol(serverPipe); + + MockSrpTlsClient client = new MockSrpTlsClient(null, MockSrpTlsServer.TEST_SRP_IDENTITY); + MockSrpTlsServer server = new MockSrpTlsServer(); + + Server serverRun = new Server(serverProtocol, server); + Thread serverThread = new Thread(new ThreadStart(serverRun.Run)); + serverThread.Start(); + + clientProtocol.Connect(client); + + byte[] data = new byte[1000]; + client.Crypto.SecureRandom.NextBytes(data); + + Stream output = clientProtocol.Stream; + output.Write(data, 0, data.Length); + + byte[] echo = new byte[data.Length]; + int count = Streams.ReadFully(clientProtocol.Stream, echo); + + Assert.AreEqual(count, data.Length); + Assert.IsTrue(Arrays.AreEqual(data, echo)); + + output.Close(); + + serverThread.Join(); + } + + internal class Server + { + private readonly TlsServerProtocol m_serverProtocol; + private readonly TlsServer m_server; + + internal Server(TlsServerProtocol serverProtocol, TlsServer server) + { + this.m_serverProtocol = serverProtocol; + this.m_server = server; + } + + public void Run() + { + try + { + m_serverProtocol.Accept(m_server); + Streams.PipeAll(m_serverProtocol.Stream, m_serverProtocol.Stream); + m_serverProtocol.Close(); + } + catch (Exception) + { + } + } + } + } +} diff --git a/BouncyCastle/crypto/test/src/tls/test/TlsTestCase.cs b/BouncyCastle/crypto/test/src/tls/test/TlsTestCase.cs new file mode 100644 index 0000000..cb136db --- /dev/null +++ b/BouncyCastle/crypto/test/src/tls/test/TlsTestCase.cs @@ -0,0 +1,184 @@ +using System; +using System.IO; +using System.Threading; + +using NUnit.Framework; + +using Org.BouncyCastle.Utilities; +using Org.BouncyCastle.Utilities.IO; + +namespace Org.BouncyCastle.Tls.Tests +{ + [TestFixture] + public class TlsTestCase + { + private static void CheckTlsVersions(ProtocolVersion[] versions) + { + if (versions != null) + { + for (int i = 0; i < versions.Length; ++i) + { + if (!versions[i].IsTls) + throw new InvalidOperationException("Non-TLS version"); + } + } + } + + [Test, TestCaseSource(typeof(TlsTestSuite), "Suite")] + public void RunTest(TlsTestConfig config) + { + // Disable the test if it is not being run via TlsTestSuite + if (config == null) + return; + + CheckTlsVersions(config.clientSupportedVersions); + CheckTlsVersions(config.serverSupportedVersions); + + PipedStream clientPipe = new PipedStream(); + PipedStream serverPipe = new PipedStream(clientPipe); + + NetworkStream clientNet = new NetworkStream(clientPipe); + NetworkStream serverNet = new NetworkStream(serverPipe); + + TlsTestClientProtocol clientProtocol = new TlsTestClientProtocol(clientNet, config); + TlsTestServerProtocol serverProtocol = new TlsTestServerProtocol(serverNet, config); + + clientProtocol.IsResumableHandshake = true; + serverProtocol.IsResumableHandshake = true; + + TlsTestClientImpl clientImpl = new TlsTestClientImpl(config); + TlsTestServerImpl serverImpl = new TlsTestServerImpl(config); + + Server serverRun = new Server(this, serverProtocol, serverImpl); + Thread serverThread = new Thread(new ThreadStart(serverRun.Run)); + serverThread.Start(); + + Exception caught = null; + try + { + clientProtocol.Connect(clientImpl); + + byte[] data = new byte[1000]; + clientImpl.Crypto.SecureRandom.NextBytes(data); + + Stream stream = clientProtocol.Stream; + stream.Write(data, 0, data.Length); + + byte[] echo = new byte[data.Length]; + int count = Streams.ReadFully(stream, echo, 0, echo.Length); + + Assert.AreEqual(count, data.Length); + Assert.IsTrue(Arrays.AreEqual(data, echo)); + + Assert.IsTrue(Arrays.AreEqual(clientImpl.m_tlsKeyingMaterial1, serverImpl.m_tlsKeyingMaterial1)); + Assert.IsTrue(Arrays.AreEqual(clientImpl.m_tlsKeyingMaterial2, serverImpl.m_tlsKeyingMaterial2)); + Assert.IsTrue(Arrays.AreEqual(clientImpl.m_tlsServerEndPoint, serverImpl.m_tlsServerEndPoint)); + + if (!TlsUtilities.IsTlsV13(clientImpl.m_negotiatedVersion)) + { + Assert.NotNull(clientImpl.m_tlsUnique); + Assert.NotNull(serverImpl.m_tlsUnique); + } + Assert.IsTrue(Arrays.AreEqual(clientImpl.m_tlsUnique, serverImpl.m_tlsUnique)); + + stream.Close(); + } + catch (Exception e) + { + caught = e; + LogException(caught); + } + + serverRun.AllowExit(); + serverThread.Join(); + + Assert.IsTrue(clientNet.IsClosed, "Client Stream not closed"); + Assert.IsTrue(serverNet.IsClosed, "Server Stream not closed"); + + Assert.AreEqual(config.expectFatalAlertConnectionEnd, clientImpl.FirstFatalAlertConnectionEnd, + "Client fatal alert connection end"); + Assert.AreEqual(config.expectFatalAlertConnectionEnd, serverImpl.FirstFatalAlertConnectionEnd, + "Server fatal alert connection end"); + + Assert.AreEqual(config.expectFatalAlertDescription, clientImpl.FirstFatalAlertDescription, + "Client fatal alert description"); + Assert.AreEqual(config.expectFatalAlertDescription, serverImpl.FirstFatalAlertDescription, + "Server fatal alert description"); + + if (config.expectFatalAlertConnectionEnd == -1) + { + Assert.IsNull(caught, "Unexpected client exception"); + Assert.IsNull(serverRun.m_caught, "Unexpected server exception"); + } + } + + protected virtual void LogException(Exception e) + { + if (TlsTestConfig.Debug) + { + Console.Error.WriteLine(e); + Console.Error.Flush(); + } + } + + internal class Server + { + protected readonly TlsTestCase m_outer; + protected readonly TlsServerProtocol m_serverProtocol; + protected readonly TlsServer m_server; + + internal bool m_canExit = false; + internal Exception m_caught = null; + + internal Server(TlsTestCase outer, TlsTestServerProtocol serverProtocol, TlsServer server) + { + this.m_outer = outer; + this.m_serverProtocol = serverProtocol; + this.m_server = server; + } + + internal void AllowExit() + { + lock (this) + { + m_canExit = true; + Monitor.PulseAll(this); + } + } + + public void Run() + { + try + { + m_serverProtocol.Accept(m_server); + Streams.PipeAll(m_serverProtocol.Stream, m_serverProtocol.Stream); + m_serverProtocol.Close(); + } + catch (Exception e) + { + m_caught = e; + m_outer.LogException(m_caught); + } + + WaitExit(); + } + + protected void WaitExit() + { + lock (this) + { + while (!m_canExit) + { + try + { + Monitor.Wait(this); + } + catch (ThreadInterruptedException) + { + } + } + } + } + } + } +} diff --git a/BouncyCastle/crypto/test/src/tls/test/TlsTestClientImpl.cs b/BouncyCastle/crypto/test/src/tls/test/TlsTestClientImpl.cs new file mode 100644 index 0000000..8f878ee --- /dev/null +++ b/BouncyCastle/crypto/test/src/tls/test/TlsTestClientImpl.cs @@ -0,0 +1,379 @@ +using System; +using System.Collections; +using System.IO; + +using Org.BouncyCastle.Asn1; +using Org.BouncyCastle.Asn1.X509; +using Org.BouncyCastle.Tls.Crypto; +using Org.BouncyCastle.Utilities; +using Org.BouncyCastle.Utilities.Encoders; + +namespace Org.BouncyCastle.Tls.Tests +{ + internal class TlsTestClientImpl + : DefaultTlsClient + { + private static readonly int[] TestCipherSuites = new int[] + { + /* + * TLS 1.3 + */ + CipherSuite.TLS_CHACHA20_POLY1305_SHA256, + CipherSuite.TLS_AES_128_GCM_SHA256, + + /* + * pre-TLS 1.3 + */ + CipherSuite.TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256, + CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, + CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256, + CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, + CipherSuite.TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256, + CipherSuite.TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, + CipherSuite.TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256, + CipherSuite.TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, + CipherSuite.TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256, + CipherSuite.TLS_DHE_RSA_WITH_AES_128_GCM_SHA256, + CipherSuite.TLS_DHE_RSA_WITH_AES_128_CBC_SHA256, + CipherSuite.TLS_DHE_RSA_WITH_AES_128_CBC_SHA, + CipherSuite.TLS_RSA_WITH_AES_128_GCM_SHA256, + CipherSuite.TLS_RSA_WITH_AES_128_CBC_SHA256, + CipherSuite.TLS_RSA_WITH_AES_128_CBC_SHA, + }; + + protected readonly TlsTestConfig m_config; + + protected int m_firstFatalAlertConnectionEnd = -1; + protected short m_firstFatalAlertDescription = -1; + + internal ProtocolVersion m_negotiatedVersion = null; + internal byte[] m_tlsKeyingMaterial1 = null; + internal byte[] m_tlsKeyingMaterial2 = null; + internal byte[] m_tlsServerEndPoint = null; + internal byte[] m_tlsUnique = null; + + internal TlsTestClientImpl(TlsTestConfig config) + : base(TlsTestSuite.GetCrypto(config)) + { + this.m_config = config; + } + + internal int FirstFatalAlertConnectionEnd + { + get { return m_firstFatalAlertConnectionEnd; } + } + + internal short FirstFatalAlertDescription + { + get { return m_firstFatalAlertDescription; } + } + + public override IDictionary GetClientExtensions() + { + IDictionary clientExtensions = base.GetClientExtensions(); + if (clientExtensions != null) + { + if (!m_config.clientSendSignatureAlgorithms) + { + clientExtensions.Remove(ExtensionType.signature_algorithms); + this.m_supportedSignatureAlgorithms = null; + } + if (!m_config.clientSendSignatureAlgorithmsCert) + { + clientExtensions.Remove(ExtensionType.signature_algorithms_cert); + this.m_supportedSignatureAlgorithmsCert = null; + } + } + return clientExtensions; + } + + public override IList GetEarlyKeyShareGroups() + { + if (m_config.clientEmptyKeyShare) + return null; + + return base.GetEarlyKeyShareGroups(); + } + + public override bool IsFallback() + { + return m_config.clientFallback; + } + + public override void NotifyAlertRaised(short alertLevel, short alertDescription, string message, + Exception cause) + { + if (alertLevel == AlertLevel.fatal && m_firstFatalAlertConnectionEnd == -1) + { + m_firstFatalAlertConnectionEnd = ConnectionEnd.client; + m_firstFatalAlertDescription = alertDescription; + } + + if (TlsTestConfig.Debug) + { + TextWriter output = (alertLevel == AlertLevel.fatal) ? Console.Error : Console.Out; + output.WriteLine("TLS client raised alert: " + AlertLevel.GetText(alertLevel) + + ", " + AlertDescription.GetText(alertDescription)); + if (message != null) + { + output.WriteLine("> " + message); + } + if (cause != null) + { + output.WriteLine(cause); + } + } + } + + public override void NotifyAlertReceived(short alertLevel, short alertDescription) + { + if (alertLevel == AlertLevel.fatal && m_firstFatalAlertConnectionEnd == -1) + { + m_firstFatalAlertConnectionEnd = ConnectionEnd.server; + m_firstFatalAlertDescription = alertDescription; + } + + if (TlsTestConfig.Debug) + { + TextWriter output = (alertLevel == AlertLevel.fatal) ? Console.Error : Console.Out; + output.WriteLine("TLS client received alert: " + AlertLevel.GetText(alertLevel) + + ", " + AlertDescription.GetText(alertDescription)); + } + } + + public override void NotifyHandshakeComplete() + { + base.NotifyHandshakeComplete(); + + SecurityParameters securityParameters = m_context.SecurityParameters; + if (securityParameters.IsExtendedMasterSecret) + { + m_tlsKeyingMaterial1 = m_context.ExportKeyingMaterial("BC_TLS_TESTS_1", null, 16); + m_tlsKeyingMaterial2 = m_context.ExportKeyingMaterial("BC_TLS_TESTS_2", new byte[8], 16); + } + + m_tlsServerEndPoint = m_context.ExportChannelBinding(ChannelBinding.tls_server_end_point); + m_tlsUnique = m_context.ExportChannelBinding(ChannelBinding.tls_unique); + + if (TlsTestConfig.Debug) + { + Console.WriteLine("TLS client reports 'tls-server-end-point' = " + ToHexString(m_tlsServerEndPoint)); + Console.WriteLine("TLS client reports 'tls-unique' = " + ToHexString(m_tlsUnique)); + } + } + + public override void NotifyServerVersion(ProtocolVersion serverVersion) + { + base.NotifyServerVersion(serverVersion); + + this.m_negotiatedVersion = serverVersion; + + if (TlsTestConfig.Debug) + { + Console.WriteLine("TLS client negotiated " + serverVersion); + } + } + + public override TlsAuthentication GetAuthentication() + { + return new MyTlsAuthentication(this, m_context); + } + + protected virtual Certificate CorruptCertificate(Certificate cert) + { + CertificateEntry[] certEntryList = cert.GetCertificateEntryList(); + CertificateEntry ee = certEntryList[0]; + TlsCertificate corruptCert = CorruptCertificateSignature(ee.Certificate); + certEntryList[0] = new CertificateEntry(corruptCert, ee.Extensions); + return new Certificate(cert.GetCertificateRequestContext(), certEntryList); + } + + protected virtual TlsCertificate CorruptCertificateSignature(TlsCertificate tlsCertificate) + { + X509CertificateStructure cert = X509CertificateStructure.GetInstance(tlsCertificate.GetEncoded()); + + Asn1EncodableVector v = new Asn1EncodableVector(); + v.Add(cert.TbsCertificate); + v.Add(cert.SignatureAlgorithm); + v.Add(CorruptSignature(cert.Signature)); + + cert = X509CertificateStructure.GetInstance(new DerSequence(v)); + + return Crypto.CreateCertificate(cert.GetEncoded(Asn1Encodable.Der)); + } + + protected virtual DerBitString CorruptSignature(DerBitString bs) + { + return new DerBitString(CorruptBit(bs.GetOctets())); + } + + protected virtual byte[] CorruptBit(byte[] bs) + { + bs = Arrays.Clone(bs); + + // Flip a random bit + int bit = m_context.Crypto.SecureRandom.Next(bs.Length << 3); + bs[bit >> 3] ^= (byte)(1 << (bit & 7)); + + return bs; + } + + protected override int[] GetSupportedCipherSuites() + { + return TlsUtilities.GetSupportedCipherSuites(Crypto, TestCipherSuites); + } + + protected override ProtocolVersion[] GetSupportedVersions() + { + if (null != m_config.clientSupportedVersions) + { + return m_config.clientSupportedVersions; + } + + return base.GetSupportedVersions(); + } + + protected virtual string ToHexString(byte[] data) + { + return data == null ? "(null)" : Hex.ToHexString(data); + } + + internal class MyTlsAuthentication + : TlsAuthentication + { + private readonly TlsTestClientImpl m_outer; + private readonly TlsContext m_context; + + internal MyTlsAuthentication(TlsTestClientImpl outer, TlsContext context) + { + this.m_outer = outer; + this.m_context = context; + } + + public virtual void NotifyServerCertificate(TlsServerCertificate serverCertificate) + { + TlsCertificate[] chain = serverCertificate.Certificate.GetCertificateList(); + + if (TlsTestConfig.Debug) + { + Console.WriteLine("TLS client received server certificate chain of length " + chain.Length); + for (int i = 0; i < chain.Length; ++i) + { + X509CertificateStructure entry = X509CertificateStructure.GetInstance(chain[i].GetEncoded()); + // TODO Create fingerprint based on certificate signature algorithm digest + Console.WriteLine(" fingerprint:SHA-256 " + TlsTestUtilities.Fingerprint(entry) + " (" + + entry.Subject + ")"); + } + } + + bool isEmpty = serverCertificate == null || serverCertificate.Certificate == null + || serverCertificate.Certificate.IsEmpty; + + if (isEmpty) + throw new TlsFatalAlert(AlertDescription.bad_certificate); + + string[] trustedCertResources = new string[]{ "x509-server-dsa.pem", "x509-server-ecdh.pem", + "x509-server-ecdsa.pem", "x509-server-ed25519.pem", "x509-server-ed448.pem", + "x509-server-rsa_pss_256.pem", "x509-server-rsa_pss_384.pem", "x509-server-rsa_pss_512.pem", + "x509-server-rsa-enc.pem", "x509-server-rsa-sign.pem" }; + + TlsCertificate[] certPath = TlsTestUtilities.GetTrustedCertPath(m_context.Crypto, chain[0], + trustedCertResources); + + if (null == certPath) + throw new TlsFatalAlert(AlertDescription.bad_certificate); + + if (m_outer.m_config.clientCheckSigAlgOfServerCerts) + { + TlsUtilities.CheckPeerSigAlgs(m_context, certPath); + } + } + + public virtual TlsCredentials GetClientCredentials(CertificateRequest certificateRequest) + { + TlsTestConfig config = m_outer.m_config; + + if (config.serverCertReq == TlsTestConfig.SERVER_CERT_REQ_NONE) + throw new InvalidOperationException(); + if (config.clientAuth == TlsTestConfig.CLIENT_AUTH_NONE) + return null; + + bool isTlsV13 = TlsUtilities.IsTlsV13(m_context); + + if (!isTlsV13) + { + short[] certificateTypes = certificateRequest.CertificateTypes; + if (certificateTypes == null || !Arrays.Contains(certificateTypes, ClientCertificateType.rsa_sign)) + return null; + } + + IList supportedSigAlgs = certificateRequest.SupportedSignatureAlgorithms; + if (supportedSigAlgs != null && config.clientAuthSigAlg != null) + { + supportedSigAlgs = new ArrayList(1); + supportedSigAlgs.Add(config.clientAuthSigAlg); + } + + // TODO[tls13] Check also supportedSigAlgsCert against the chain signature(s) + + TlsCredentialedSigner signerCredentials = TlsTestUtilities.LoadSignerCredentials(m_context, + supportedSigAlgs, SignatureAlgorithm.rsa, "x509-client-rsa.pem", "x509-client-key-rsa.pem"); + + if (config.clientAuth == TlsTestConfig.CLIENT_AUTH_VALID) + return signerCredentials; + + return new MyTlsCredentialedSigner(m_outer, signerCredentials); + } + } + + internal class MyTlsCredentialedSigner + : TlsCredentialedSigner + { + private readonly TlsTestClientImpl m_outer; + private readonly TlsCredentialedSigner m_inner; + + internal MyTlsCredentialedSigner(TlsTestClientImpl outer, TlsCredentialedSigner inner) + { + this.m_outer = outer; + this.m_inner = inner; + } + + public virtual byte[] GenerateRawSignature(byte[] hash) + { + byte[] sig = m_inner.GenerateRawSignature(hash); + + if (m_outer.m_config.clientAuth == TlsTestConfig.CLIENT_AUTH_INVALID_VERIFY) + { + sig = m_outer.CorruptBit(sig); + } + + return sig; + } + + public virtual Certificate Certificate + { + get + { + Certificate cert = m_inner.Certificate; + + if (m_outer.m_config.clientAuth == TlsTestConfig.CLIENT_AUTH_INVALID_CERT) + { + cert = m_outer.CorruptCertificate(cert); + } + + return cert; + } + } + + public virtual SignatureAndHashAlgorithm SignatureAndHashAlgorithm + { + get { return m_inner.SignatureAndHashAlgorithm; } + } + + public virtual TlsStreamSigner GetStreamSigner() + { + return null; + } + }; + } +} diff --git a/BouncyCastle/crypto/test/src/tls/test/TlsTestClientProtocol.cs b/BouncyCastle/crypto/test/src/tls/test/TlsTestClientProtocol.cs new file mode 100644 index 0000000..f7e9468 --- /dev/null +++ b/BouncyCastle/crypto/test/src/tls/test/TlsTestClientProtocol.cs @@ -0,0 +1,32 @@ +using System; +using System.IO; + +namespace Org.BouncyCastle.Tls.Tests +{ + internal class TlsTestClientProtocol + : TlsClientProtocol + { + protected readonly TlsTestConfig m_config; + + internal TlsTestClientProtocol(Stream stream, TlsTestConfig config) + : this(stream, stream, config) + { + } + + internal TlsTestClientProtocol(Stream input, Stream output, TlsTestConfig config) + : base(input, output) + { + this.m_config = config; + } + + protected override void SendCertificateVerifyMessage(DigitallySigned certificateVerify) + { + if (certificateVerify.Algorithm != null && m_config.clientAuthSigAlgClaimed != null) + { + certificateVerify = new DigitallySigned(m_config.clientAuthSigAlgClaimed, certificateVerify.Signature); + } + + base.SendCertificateVerifyMessage(certificateVerify); + } + } +} diff --git a/BouncyCastle/crypto/test/src/tls/test/TlsTestConfig.cs b/BouncyCastle/crypto/test/src/tls/test/TlsTestConfig.cs new file mode 100644 index 0000000..a15d4e5 --- /dev/null +++ b/BouncyCastle/crypto/test/src/tls/test/TlsTestConfig.cs @@ -0,0 +1,128 @@ +using System; +using System.Collections; + +namespace Org.BouncyCastle.Tls.Tests +{ + public class TlsTestConfig + { + // TODO[tls-port] + public static readonly bool Debug = true; + + /// Client does not authenticate, ignores any certificate request. + public const int CLIENT_AUTH_NONE = 0; + + /// Client will authenticate if it receives a certificate request. + public const int CLIENT_AUTH_VALID = 1; + + /// Client will authenticate if it receives a certificate request, with an invalid certificate. + /// + public const int CLIENT_AUTH_INVALID_CERT = 2; + + /// Client will authenticate if it receives a certificate request, with an invalid CertificateVerify + /// signature. + public const int CLIENT_AUTH_INVALID_VERIFY = 3; + + public const int CRYPTO_BC = 0; + + /// Server will not request a client certificate. + public const int SERVER_CERT_REQ_NONE = 0; + + /// Server will request a client certificate but receiving one is optional. + public const int SERVER_CERT_REQ_OPTIONAL = 1; + + /// Server will request a client certificate and receiving one is mandatory. + public const int SERVER_CERT_REQ_MANDATORY = 2; + + /// Configures the client authentication behaviour of the test client. Use CLIENT_AUTH_* constants. + /// + public int clientAuth = CLIENT_AUTH_VALID; + + /// If not null, and TLS 1.2 or higher is negotiated, selects a fixed signature/ hash algorithm to be + /// used for the CertificateVerify signature(if one is sent). + public SignatureAndHashAlgorithm clientAuthSigAlg = null; + + /// If not null, and TLS 1.2 or higher is negotiated, selects a fixed signature/ hash algorithm to be + /// _claimed_ in the CertificateVerify (if one is sent), independently of what was actually used. + public SignatureAndHashAlgorithm clientAuthSigAlgClaimed = null; + + /// Control whether the client will call + /// to check the server + /// certificate chain. + public bool clientCheckSigAlgOfServerCerts = true; + + public int clientCrypto = CRYPTO_BC; + + /// Configures whether the client will send an empty key_share extension in initial ClientHello. + /// + public bool clientEmptyKeyShare = false; + + /// Configures whether the client will indicate version fallback via TLS_FALLBACK_SCSV. + public bool clientFallback = false; + + /// Configures whether a (TLS 1.2+) client may send the signature_algorithms extension in ClientHello. + /// + public bool clientSendSignatureAlgorithms = true; + + /// Configures whether a (TLS 1.2+) client may send the signature_algorithms_cert extension in + /// ClientHello. + public bool clientSendSignatureAlgorithmsCert = true; + + /// Configures the supported protocol versions for the client. If null, uses the library's default. + /// + public ProtocolVersion[] clientSupportedVersions = null; + + /// If not null, and TLS 1.2 or higher is negotiated, selects a fixed signature/ hash algorithm to be + /// used for the ServerKeyExchange signature(if one is sent). + public SignatureAndHashAlgorithm serverAuthSigAlg = null; + + /// Configures whether the test server will send a certificate request. + public int serverCertReq = SERVER_CERT_REQ_OPTIONAL; + + /// If TLS 1.2 or higher is negotiated, configures the set of supported signature algorithms in the + /// CertificateRequest (if one is sent). If null, uses a default set. + public IList serverCertReqSigAlgs = null; + + /// Control whether the server will call + /// to check the client + /// certificate chain. + public bool serverCheckSigAlgOfClientCerts = true; + + public int serverCrypto = CRYPTO_BC; + + /// Configures a protocol version the server will unconditionally negotiate. + /// + /// Ignored if null. + /// + public ProtocolVersion serverNegotiateVersion = null; + + /// Configures the supported protocol versions for the server. + /// + /// If null, uses the library's default. + /// + public ProtocolVersion[] serverSupportedVersions = null; + + /// Configures the connection end at which a fatal alert is expected to be raised. + /// + /// Use constants. + /// + public int expectFatalAlertConnectionEnd = -1; + + /// Configures the type of fatal alert expected to be raised. + /// + /// Use constants. + /// + public short expectFatalAlertDescription = -1; + + public virtual void ExpectClientFatalAlert(short alertDescription) + { + this.expectFatalAlertConnectionEnd = ConnectionEnd.client; + this.expectFatalAlertDescription = alertDescription; + } + + public virtual void ExpectServerFatalAlert(short alertDescription) + { + this.expectFatalAlertConnectionEnd = ConnectionEnd.server; + this.expectFatalAlertDescription = alertDescription; + } + } +} diff --git a/BouncyCastle/crypto/test/src/tls/test/TlsTestServerImpl.cs b/BouncyCastle/crypto/test/src/tls/test/TlsTestServerImpl.cs new file mode 100644 index 0000000..77df632 --- /dev/null +++ b/BouncyCastle/crypto/test/src/tls/test/TlsTestServerImpl.cs @@ -0,0 +1,319 @@ +using System; +using System.Collections; +using System.IO; + +using Org.BouncyCastle.Asn1.X509; +using Org.BouncyCastle.Tls.Crypto; +using Org.BouncyCastle.Utilities.Encoders; + +namespace Org.BouncyCastle.Tls.Tests +{ + internal class TlsTestServerImpl + : DefaultTlsServer + { + private static readonly int[] TestCipherSuites = new int[] + { + /* + * TLS 1.3 + */ + CipherSuite.TLS_CHACHA20_POLY1305_SHA256, + CipherSuite.TLS_AES_256_GCM_SHA384, + CipherSuite.TLS_AES_128_GCM_SHA256, + + /* + * pre-TLS 1.3 + */ + CipherSuite.TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256, + CipherSuite.TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384, + CipherSuite.TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, + CipherSuite.TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384, + CipherSuite.TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256, + CipherSuite.TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA, + CipherSuite.TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, + CipherSuite.TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256, + CipherSuite.TLS_DHE_RSA_WITH_AES_256_GCM_SHA384, + CipherSuite.TLS_DHE_RSA_WITH_AES_128_GCM_SHA256, + CipherSuite.TLS_DHE_RSA_WITH_AES_256_CBC_SHA256, + CipherSuite.TLS_DHE_RSA_WITH_AES_128_CBC_SHA256, + CipherSuite.TLS_DHE_RSA_WITH_AES_256_CBC_SHA, + CipherSuite.TLS_DHE_RSA_WITH_AES_128_CBC_SHA, + CipherSuite.TLS_RSA_WITH_AES_256_GCM_SHA384, + CipherSuite.TLS_RSA_WITH_AES_128_GCM_SHA256, + CipherSuite.TLS_RSA_WITH_AES_256_CBC_SHA256, + CipherSuite.TLS_RSA_WITH_AES_128_CBC_SHA256, + CipherSuite.TLS_RSA_WITH_AES_256_CBC_SHA, + CipherSuite.TLS_RSA_WITH_AES_128_CBC_SHA, + }; + + protected readonly TlsTestConfig m_config; + + protected int m_firstFatalAlertConnectionEnd = -1; + protected short m_firstFatalAlertDescription = -1; + + internal byte[] m_tlsKeyingMaterial1 = null; + internal byte[] m_tlsKeyingMaterial2 = null; + internal byte[] m_tlsServerEndPoint = null; + internal byte[] m_tlsUnique = null; + + internal TlsTestServerImpl(TlsTestConfig config) + : base(TlsTestSuite.GetCrypto(config)) + { + this.m_config = config; + } + + internal int FirstFatalAlertConnectionEnd + { + get { return m_firstFatalAlertConnectionEnd; } + } + + internal short FirstFatalAlertDescription + { + get { return m_firstFatalAlertDescription; } + } + + public override TlsCredentials GetCredentials() + { + /* + * TODO[tls13] Should really be finding the first client-supported signature scheme that the + * server also supports and has credentials for. + */ + if (TlsUtilities.IsTlsV13(m_context)) + { + return GetRsaSignerCredentials(); + } + + return base.GetCredentials(); + } + + public override void NotifyAlertRaised(short alertLevel, short alertDescription, string message, + Exception cause) + { + if (alertLevel == AlertLevel.fatal && m_firstFatalAlertConnectionEnd == -1) + { + m_firstFatalAlertConnectionEnd = ConnectionEnd.server; + m_firstFatalAlertDescription = alertDescription; + } + + if (TlsTestConfig.Debug) + { + TextWriter output = (alertLevel == AlertLevel.fatal) ? Console.Error : Console.Out; + output.WriteLine("TLS server raised alert: " + AlertLevel.GetText(alertLevel) + + ", " + AlertDescription.GetText(alertDescription)); + if (message != null) + { + output.WriteLine("> " + message); + } + if (cause != null) + { + output.WriteLine(cause); + } + } + } + + public override void NotifyAlertReceived(short alertLevel, short alertDescription) + { + if (alertLevel == AlertLevel.fatal && m_firstFatalAlertConnectionEnd == -1) + { + m_firstFatalAlertConnectionEnd = ConnectionEnd.client; + m_firstFatalAlertDescription = alertDescription; + } + + if (TlsTestConfig.Debug) + { + TextWriter output = (alertLevel == AlertLevel.fatal) ? Console.Error : Console.Out; + output.WriteLine("TLS server received alert: " + AlertLevel.GetText(alertLevel) + + ", " + AlertDescription.GetText(alertDescription)); + } + } + + public override void NotifyHandshakeComplete() + { + base.NotifyHandshakeComplete(); + + SecurityParameters securityParameters = m_context.SecurityParameters; + if (securityParameters.IsExtendedMasterSecret) + { + m_tlsKeyingMaterial1 = m_context.ExportKeyingMaterial("BC_TLS_TESTS_1", null, 16); + m_tlsKeyingMaterial2 = m_context.ExportKeyingMaterial("BC_TLS_TESTS_2", new byte[8], 16); + } + + m_tlsServerEndPoint = m_context.ExportChannelBinding(ChannelBinding.tls_server_end_point); + m_tlsUnique = m_context.ExportChannelBinding(ChannelBinding.tls_unique); + + if (TlsTestConfig.Debug) + { + Console.WriteLine("TLS server reports 'tls-server-end-point' = " + ToHexString(m_tlsServerEndPoint)); + Console.WriteLine("TLS server reports 'tls-unique' = " + ToHexString(m_tlsUnique)); + } + } + + public override ProtocolVersion GetServerVersion() + { + ProtocolVersion serverVersion = (null != m_config.serverNegotiateVersion) + ? m_config.serverNegotiateVersion + : base.GetServerVersion(); + + if (TlsTestConfig.Debug) + { + Console.WriteLine("TLS server negotiated " + serverVersion); + } + + return serverVersion; + } + + public override CertificateRequest GetCertificateRequest() + { + if (m_config.serverCertReq == TlsTestConfig.SERVER_CERT_REQ_NONE) + return null; + + IList serverSigAlgs = null; + if (TlsUtilities.IsSignatureAlgorithmsExtensionAllowed(m_context.ServerVersion)) + { + serverSigAlgs = m_config.serverCertReqSigAlgs; + if (serverSigAlgs == null) + { + serverSigAlgs = TlsUtilities.GetDefaultSupportedSignatureAlgorithms(m_context); + } + } + + IList certificateAuthorities = new ArrayList(); + //certificateAuthorities.Add(TlsTestUtilities.LoadBcCertificateResource("x509-ca-dsa.pem").Subject); + //certificateAuthorities.Add(TlsTestUtilities.LoadBcCertificateResource("x509-ca-ecdsa.pem").Subject); + //certificateAuthorities.Add(TlsTestUtilities.LoadBcCertificateResource("x509-ca-rsa.pem").Subject); + + // All the CA certificates are currently configured with this subject + certificateAuthorities.Add(new X509Name("CN=BouncyCastle TLS Test CA")); + + if (TlsUtilities.IsTlsV13(m_context)) + { + // TODO[tls13] Support for non-empty request context + byte[] certificateRequestContext = TlsUtilities.EmptyBytes; + + // TODO[tls13] Add TlsTestConfig.serverCertReqSigAlgsCert + IList serverSigAlgsCert = null; + + return new CertificateRequest(certificateRequestContext, serverSigAlgs, serverSigAlgsCert, + certificateAuthorities); + } + else + { + short[] certificateTypes = new short[]{ ClientCertificateType.rsa_sign, + ClientCertificateType.dss_sign, ClientCertificateType.ecdsa_sign }; + + return new CertificateRequest(certificateTypes, serverSigAlgs, certificateAuthorities); + } + } + + public override void NotifyClientCertificate(Certificate clientCertificate) + { + bool isEmpty = (clientCertificate == null || clientCertificate.IsEmpty); + + if (isEmpty != (m_config.clientAuth == TlsTestConfig.CLIENT_AUTH_NONE)) + throw new InvalidOperationException(); + + if (isEmpty && (m_config.serverCertReq == TlsTestConfig.SERVER_CERT_REQ_MANDATORY)) + { + short alertDescription = TlsUtilities.IsTlsV13(m_context) + ? AlertDescription.certificate_required + : AlertDescription.handshake_failure; + + throw new TlsFatalAlert(alertDescription); + } + + TlsCertificate[] chain = clientCertificate.GetCertificateList(); + + if (TlsTestConfig.Debug) + { + Console.WriteLine("TLS server received client certificate chain of length " + chain.Length); + for (int i = 0; i < chain.Length; ++i) + { + X509CertificateStructure entry = X509CertificateStructure.GetInstance(chain[0].GetEncoded()); + // TODO Create fingerprint based on certificate signature algorithm digest + Console.WriteLine(" fingerprint:SHA-256 " + TlsTestUtilities.Fingerprint(entry) + " (" + + entry.Subject + ")"); + } + } + + if (isEmpty) + return; + + string[] trustedCertResources = new string[]{ "x509-client-dsa.pem", "x509-client-ecdh.pem", + "x509-client-ecdsa.pem", "x509-client-ed25519.pem", "x509-client-ed448.pem", + "x509-client-rsa_pss_256.pem", "x509-client-rsa_pss_384.pem", "x509-client-rsa_pss_512.pem", + "x509-client-rsa.pem" }; + + TlsCertificate[] certPath = TlsTestUtilities.GetTrustedCertPath(m_context.Crypto, chain[0], + trustedCertResources); + + if (null == certPath) + throw new TlsFatalAlert(AlertDescription.bad_certificate); + + if (m_config.serverCheckSigAlgOfClientCerts) + { + TlsUtilities.CheckPeerSigAlgs(m_context, certPath); + } + } + + protected virtual IList GetSupportedSignatureAlgorithms() + { + if (TlsUtilities.IsTlsV12(m_context) && m_config.serverAuthSigAlg != null) + { + IList signatureAlgorithms = new ArrayList(1); + signatureAlgorithms.Add(m_config.serverAuthSigAlg); + return signatureAlgorithms; + } + + return m_context.SecurityParameters.ClientSigAlgs; + } + + protected override TlsCredentialedSigner GetDsaSignerCredentials() + { + return LoadSignerCredentials(SignatureAlgorithm.dsa); + } + + protected override TlsCredentialedSigner GetECDsaSignerCredentials() + { + // TODO[RFC 8422] Code should choose based on client's supported sig algs? + return LoadSignerCredentials(SignatureAlgorithm.ecdsa); + //return LoadSignerCredentials(SignatureAlgorithm.ed25519); + //return LoadSignerCredentials(SignatureAlgorithm.ed448); + } + + protected override TlsCredentialedDecryptor GetRsaEncryptionCredentials() + { + return TlsTestUtilities.LoadEncryptionCredentials(m_context, + new string[]{ "x509-server-rsa-enc.pem", "x509-ca-rsa.pem" }, "x509-server-key-rsa-enc.pem"); + } + + protected override TlsCredentialedSigner GetRsaSignerCredentials() + { + return LoadSignerCredentials(SignatureAlgorithm.rsa); + } + + protected override int[] GetSupportedCipherSuites() + { + return TlsUtilities.GetSupportedCipherSuites(Crypto, TestCipherSuites); + } + + protected override ProtocolVersion[] GetSupportedVersions() + { + if (m_config.serverSupportedVersions != null) + { + return m_config.serverSupportedVersions; + } + + return base.GetSupportedVersions(); + } + + protected virtual string ToHexString(byte[] data) + { + return data == null ? "(null)" : Hex.ToHexString(data); + } + + private TlsCredentialedSigner LoadSignerCredentials(short signatureAlgorithm) + { + return TlsTestUtilities.LoadSignerCredentialsServer(m_context, GetSupportedSignatureAlgorithms(), + signatureAlgorithm); + } + } +} diff --git a/BouncyCastle/crypto/test/src/tls/test/TlsTestServerProtocol.cs b/BouncyCastle/crypto/test/src/tls/test/TlsTestServerProtocol.cs new file mode 100644 index 0000000..632f6b8 --- /dev/null +++ b/BouncyCastle/crypto/test/src/tls/test/TlsTestServerProtocol.cs @@ -0,0 +1,22 @@ +using System; +using System.IO; + +namespace Org.BouncyCastle.Tls.Tests +{ + internal class TlsTestServerProtocol + : TlsServerProtocol + { + protected readonly TlsTestConfig m_config; + + internal TlsTestServerProtocol(Stream stream, TlsTestConfig config) + : this(stream, stream, config) + { + } + + internal TlsTestServerProtocol(Stream input, Stream output, TlsTestConfig config) + : base(input, output) + { + this.m_config = config; + } + } +} diff --git a/BouncyCastle/crypto/test/src/tls/test/TlsTestSuite.cs b/BouncyCastle/crypto/test/src/tls/test/TlsTestSuite.cs new file mode 100644 index 0000000..adedd82 --- /dev/null +++ b/BouncyCastle/crypto/test/src/tls/test/TlsTestSuite.cs @@ -0,0 +1,300 @@ +using System; +using System.Collections; + +using NUnit.Framework; + +using Org.BouncyCastle.Security; +using Org.BouncyCastle.Tls.Crypto; +using Org.BouncyCastle.Tls.Crypto.Impl.BC; + +namespace Org.BouncyCastle.Tls.Tests +{ + public class TlsTestSuite + { + internal static TlsCrypto BC_CRYPTO = new BcTlsCrypto(new SecureRandom()); + + internal static TlsCrypto GetCrypto(TlsTestConfig config) + { + switch (config.clientCrypto) + { + case TlsTestConfig.CRYPTO_BC: + default: + return BC_CRYPTO; + } + } + + // Make the access to constants less verbose + internal abstract class C : TlsTestConfig {} + + public TlsTestSuite() + { + } + + public static IEnumerable Suite() + { + IList testSuite = new ArrayList(); + AddAllTests(testSuite, TlsTestConfig.CRYPTO_BC, TlsTestConfig.CRYPTO_BC); + return testSuite; + } + + private static void AddAllTests(IList testSuite, int clientCrypto, int serverCrypto) + { + AddFallbackTests(testSuite, clientCrypto, serverCrypto); + AddVersionTests(testSuite, ProtocolVersion.SSLv3, clientCrypto, serverCrypto); + AddVersionTests(testSuite, ProtocolVersion.TLSv10, clientCrypto, serverCrypto); + AddVersionTests(testSuite, ProtocolVersion.TLSv11, clientCrypto, serverCrypto); + AddVersionTests(testSuite, ProtocolVersion.TLSv12, clientCrypto, serverCrypto); + AddVersionTests(testSuite, ProtocolVersion.TLSv13, clientCrypto, serverCrypto); + } + + private static void AddFallbackTests(IList testSuite, int clientCrypto, int serverCrypto) + { + string prefix = GetCryptoName(clientCrypto) + "_" + GetCryptoName(serverCrypto) + "_"; + + { + TlsTestConfig c = CreateTlsTestConfig(ProtocolVersion.TLSv12, clientCrypto, serverCrypto); + c.clientFallback = true; + + AddTestCase(testSuite, c, prefix + "FallbackGood"); + } + + { + TlsTestConfig c = CreateTlsTestConfig(ProtocolVersion.TLSv12, clientCrypto, serverCrypto); + c.clientFallback = true; + c.clientSupportedVersions = ProtocolVersion.TLSv11.DownTo(ProtocolVersion.TLSv10); + c.ExpectServerFatalAlert(AlertDescription.inappropriate_fallback); + + AddTestCase(testSuite, c, prefix + "FallbackBad"); + } + + { + TlsTestConfig c = CreateTlsTestConfig(ProtocolVersion.TLSv12, clientCrypto, serverCrypto); + c.clientSupportedVersions = ProtocolVersion.TLSv11.DownTo(ProtocolVersion.TLSv10); + + AddTestCase(testSuite, c, prefix + "FallbackNone"); + } + } + + private static void AddVersionTests(IList testSuite, ProtocolVersion version, int clientCrypto, + int serverCrypto) + { + string prefix = GetCryptoName(clientCrypto) + "_" + GetCryptoName(serverCrypto) + "_" + + version.ToString().Replace(" ", "").Replace(".", "") + "_"; + + bool isTlsV12 = TlsUtilities.IsTlsV12(version); + bool isTlsV13 = TlsUtilities.IsTlsV13(version); + bool isTlsV12Exactly = isTlsV12 && !isTlsV13; + + short certReqDeclinedAlert = TlsUtilities.IsTlsV13(version) + ? AlertDescription.certificate_required + : AlertDescription.handshake_failure; + + { + TlsTestConfig c = CreateTlsTestConfig(version, clientCrypto, serverCrypto); + + AddTestCase(testSuite, c, prefix + "GoodDefault"); + } + + if (isTlsV13) + { + TlsTestConfig c = CreateTlsTestConfig(version, clientCrypto, serverCrypto); + c.clientEmptyKeyShare = true; + + AddTestCase(testSuite, c, prefix + "GoodEmptyKeyShare"); + } + + /* + * Server only declares support for SHA1/RSA, client selects MD5/RSA. Since the client is + * NOT actually tracking MD5 over the handshake, we expect fatal alert from the client. + */ + if (isTlsV12Exactly) + { + TlsTestConfig c = CreateTlsTestConfig(version, clientCrypto, serverCrypto); + c.clientAuth = C.CLIENT_AUTH_VALID; + c.clientAuthSigAlg = new SignatureAndHashAlgorithm(HashAlgorithm.md5, SignatureAlgorithm.rsa); + c.serverCertReqSigAlgs = TlsUtilities.GetDefaultRsaSignatureAlgorithms(); + c.serverCheckSigAlgOfClientCerts = false; + c.ExpectClientFatalAlert(AlertDescription.internal_error); + + AddTestCase(testSuite, c, prefix + "BadCertificateVerifyHashAlg"); + } + + /* + * Server only declares support for SHA1/ECDSA, client selects SHA1/RSA. Since the client is + * actually tracking SHA1 over the handshake, we expect fatal alert to come from the server + * when it verifies the selected algorithm against the CertificateRequest supported + * algorithms. + */ + if (isTlsV12) + { + TlsTestConfig c = CreateTlsTestConfig(version, clientCrypto, serverCrypto); + c.clientAuth = C.CLIENT_AUTH_VALID; + c.clientAuthSigAlg = new SignatureAndHashAlgorithm(HashAlgorithm.sha1, SignatureAlgorithm.rsa); + c.serverCertReqSigAlgs = TlsUtilities.GetDefaultECDsaSignatureAlgorithms(); + c.serverCheckSigAlgOfClientCerts = false; + c.ExpectServerFatalAlert(AlertDescription.illegal_parameter); + + AddTestCase(testSuite, c, prefix + "BadCertificateVerifySigAlg"); + } + + /* + * Server only declares support for SHA1/ECDSA, client signs with SHA1/RSA, but sends + * SHA1/ECDSA in the CertificateVerify. Since the client is actually tracking SHA1 over the + * handshake, and the claimed algorithm is in the CertificateRequest supported algorithms, + * we expect fatal alert to come from the server when it finds the claimed algorithm + * doesn't match the client certificate. + */ + if (isTlsV12) + { + TlsTestConfig c = CreateTlsTestConfig(version, clientCrypto, serverCrypto); + c.clientAuth = C.CLIENT_AUTH_VALID; + c.clientAuthSigAlg = new SignatureAndHashAlgorithm(HashAlgorithm.sha1, SignatureAlgorithm.rsa); + c.clientAuthSigAlgClaimed = new SignatureAndHashAlgorithm(HashAlgorithm.sha1, SignatureAlgorithm.ecdsa); + c.serverCertReqSigAlgs = TlsUtilities.GetDefaultECDsaSignatureAlgorithms(); + c.ExpectServerFatalAlert(AlertDescription.bad_certificate); + + AddTestCase(testSuite, c, prefix + "BadCertificateVerifySigAlgMismatch"); + } + + { + TlsTestConfig c = CreateTlsTestConfig(version, clientCrypto, serverCrypto); + c.clientAuth = C.CLIENT_AUTH_INVALID_VERIFY; + c.ExpectServerFatalAlert(AlertDescription.decrypt_error); + + AddTestCase(testSuite, c, prefix + "BadCertificateVerifySignature"); + } + + { + TlsTestConfig c = CreateTlsTestConfig(version, clientCrypto, serverCrypto); + c.clientAuth = C.CLIENT_AUTH_INVALID_CERT; + c.ExpectServerFatalAlert(AlertDescription.bad_certificate); + + AddTestCase(testSuite, c, prefix + "BadClientCertificate"); + } + + if (isTlsV13) + { + /* + * For TLS 1.3 the supported_algorithms extension is required in ClientHello when the + * server authenticates via a certificate. + */ + TlsTestConfig c = CreateTlsTestConfig(version, clientCrypto, serverCrypto); + c.clientSendSignatureAlgorithms = false; + c.clientSendSignatureAlgorithmsCert = false; + c.ExpectServerFatalAlert(AlertDescription.missing_extension); + + AddTestCase(testSuite, c, prefix + "BadClientSigAlgs"); + } + + { + TlsTestConfig c = CreateTlsTestConfig(version, clientCrypto, serverCrypto); + c.clientAuth = C.CLIENT_AUTH_NONE; + c.serverCertReq = C.SERVER_CERT_REQ_MANDATORY; + c.ExpectServerFatalAlert(certReqDeclinedAlert); + + AddTestCase(testSuite, c, prefix + "BadMandatoryCertReqDeclined"); + } + + /* + * Server sends SHA-256/RSA certificate, which is not the default {sha1,rsa} implied by the + * absent signature_algorithms extension. We expect fatal alert from the client when it + * verifies the certificate's 'signatureAlgorithm' against the implicit default signature_algorithms. + */ + if (isTlsV12Exactly) + { + TlsTestConfig c = CreateTlsTestConfig(version, clientCrypto, serverCrypto); + c.clientSendSignatureAlgorithms = false; + c.clientSendSignatureAlgorithmsCert = false; + c.serverAuthSigAlg = new SignatureAndHashAlgorithm(HashAlgorithm.sha256, SignatureAlgorithm.rsa); + c.ExpectClientFatalAlert(AlertDescription.bad_certificate); + + AddTestCase(testSuite, c, prefix + "BadServerCertSigAlg"); + } + + /* + * Server selects MD5/RSA for ServerKeyExchange signature, which is not in the default + * supported signature algorithms that the client sent. We expect fatal alert from the + * client when it verifies the selected algorithm against the supported algorithms. + */ + if (TlsUtilities.IsTlsV12(version)) + { + TlsTestConfig c = CreateTlsTestConfig(version, clientCrypto, serverCrypto); + c.serverAuthSigAlg = new SignatureAndHashAlgorithm(HashAlgorithm.md5, SignatureAlgorithm.rsa); + c.ExpectClientFatalAlert(AlertDescription.illegal_parameter); + + AddTestCase(testSuite, c, prefix + "BadServerKeyExchangeSigAlg"); + } + + /* + * Server selects MD5/RSA for ServerKeyExchange signature, which is not the default {sha1,rsa} + * implied by the absent signature_algorithms extension. We expect fatal alert from the + * client when it verifies the selected algorithm against the implicit default. + */ + if (isTlsV12Exactly) + { + TlsTestConfig c = CreateTlsTestConfig(version, clientCrypto, serverCrypto); + c.clientCheckSigAlgOfServerCerts = false; + c.clientSendSignatureAlgorithms = false; + c.clientSendSignatureAlgorithmsCert = false; + c.serverAuthSigAlg = new SignatureAndHashAlgorithm(HashAlgorithm.md5, SignatureAlgorithm.rsa); + c.ExpectClientFatalAlert(AlertDescription.illegal_parameter); + + AddTestCase(testSuite, c, prefix + "BadServerKeyExchangeSigAlg2"); + } + + { + TlsTestConfig c = CreateTlsTestConfig(version, clientCrypto, serverCrypto); + c.serverCertReq = C.SERVER_CERT_REQ_NONE; + + AddTestCase(testSuite, c, prefix + "GoodNoCertReq"); + } + + { + TlsTestConfig c = CreateTlsTestConfig(version, clientCrypto, serverCrypto); + c.clientAuth = C.CLIENT_AUTH_NONE; + + AddTestCase(testSuite, c, prefix + "GoodOptionalCertReqDeclined"); + } + + /* + * Server generates downgraded (RFC 8446) 1.1 ServerHello. We expect fatal alert + * (illegal_parameter) from the client. + */ + if (!isTlsV13) + { + TlsTestConfig c = CreateTlsTestConfig(version, clientCrypto, serverCrypto); + c.serverNegotiateVersion = version; + c.serverSupportedVersions = ProtocolVersion.TLSv13.DownTo(version); + c.ExpectClientFatalAlert(AlertDescription.illegal_parameter); + + AddTestCase(testSuite, c, prefix + "BadDowngrade"); + } + } + + private static void AddTestCase(IList testSuite, TlsTestConfig config, string name) + { + testSuite.Add(new TestCaseData(config).SetName(name)); + } + + private static TlsTestConfig CreateTlsTestConfig(ProtocolVersion serverMaxVersion, int clientCrypto, + int serverCrypto) + { + TlsTestConfig c = new TlsTestConfig(); + c.clientCrypto = clientCrypto; + c.clientSupportedVersions = ProtocolVersion.TLSv13.DownTo(ProtocolVersion.SSLv3); + c.serverCrypto = serverCrypto; + c.serverSupportedVersions = serverMaxVersion.DownTo(ProtocolVersion.SSLv3); + return c; + } + + private static string GetCryptoName(int crypto) + { + switch (crypto) + { + case TlsTestConfig.CRYPTO_BC: + default: + return "BC"; + } + } + } +} diff --git a/BouncyCastle/crypto/test/src/tls/test/TlsTestUtilities.cs b/BouncyCastle/crypto/test/src/tls/test/TlsTestUtilities.cs new file mode 100644 index 0000000..3ecacb0 --- /dev/null +++ b/BouncyCastle/crypto/test/src/tls/test/TlsTestUtilities.cs @@ -0,0 +1,412 @@ +using System; +using System.Collections; +using System.Globalization; +using System.IO; +using System.Text; + +using Org.BouncyCastle.Asn1.Pkcs; +using Org.BouncyCastle.Asn1.Sec; +using Org.BouncyCastle.Asn1.X509; +using Org.BouncyCastle.Asn1.X9; +using Org.BouncyCastle.Crypto; +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Security; +using Org.BouncyCastle.Tls.Crypto; +using Org.BouncyCastle.Tls.Crypto.Impl.BC; +using Org.BouncyCastle.Utilities; +using Org.BouncyCastle.Utilities.Encoders; +using Org.BouncyCastle.Utilities.IO.Pem; +using Org.BouncyCastle.Utilities.Test; + +namespace Org.BouncyCastle.Tls.Tests +{ + public class TlsTestUtilities + { + internal static readonly byte[] RsaCertData = Base64.Decode( + "MIICUzCCAf2gAwIBAgIBATANBgkqhkiG9w0BAQQFADCBjzELMAkGA1UEBhMCQVUxKDAmBgNVBAoMH1RoZSBMZWdpb2" + + "4gb2YgdGhlIEJvdW5jeSBDYXN0bGUxEjAQBgNVBAcMCU1lbGJvdXJuZTERMA8GA1UECAwIVmljdG9yaWExLzAtBgkq" + + "hkiG9w0BCQEWIGZlZWRiYWNrLWNyeXB0b0Bib3VuY3ljYXN0bGUub3JnMB4XDTEzMDIyNTA2MDIwNVoXDTEzMDIyNT" + + "A2MDM0NVowgY8xCzAJBgNVBAYTAkFVMSgwJgYDVQQKDB9UaGUgTGVnaW9uIG9mIHRoZSBCb3VuY3kgQ2FzdGxlMRIw" + + "EAYDVQQHDAlNZWxib3VybmUxETAPBgNVBAgMCFZpY3RvcmlhMS8wLQYJKoZIhvcNAQkBFiBmZWVkYmFjay1jcnlwdG" + + "9AYm91bmN5Y2FzdGxlLm9yZzBaMA0GCSqGSIb3DQEBAQUAA0kAMEYCQQC0p+RhcFdPFqlwgrIr5YtqKmKXmEGb4Shy" + + "pL26Ymz66ZAPdqv7EhOdzl3lZWT6srZUMWWgQMYGiHQg4z2R7X7XAgERo0QwQjAOBgNVHQ8BAf8EBAMCBSAwEgYDVR" + + "0lAQH/BAgwBgYEVR0lADAcBgNVHREBAf8EEjAQgQ50ZXN0QHRlc3QudGVzdDANBgkqhkiG9w0BAQQFAANBAHU55Ncz" + + "eglREcTg54YLUlGWu2WOYWhit/iM1eeq8Kivro7q98eW52jTuMI3CI5ulqd0hYzshQKQaZ5GDzErMyM="); + + internal static readonly byte[] DudRsaCertData = Base64.Decode( + "MIICUzCCAf2gAwIBAgIBATANBgkqhkiG9w0BAQQFADCBjzELMAkGA1UEBhMCQVUxKDAmBgNVBAoMH1RoZSBMZWdpb2" + + "4gb2YgdGhlIEJvdW5jeSBDYXN0bGUxEjAQBgNVBAcMCU1lbGJvdXJuZTERMA8GA1UECAwIVmljdG9yaWExLzAtBgkq" + + "hkiG9w0BCQEWIGZlZWRiYWNrLWNyeXB0b0Bib3VuY3ljYXN0bGUub3JnMB4XDTEzMDIyNTA1NDcyOFoXDTEzMDIyNT" + + "A1NDkwOFowgY8xCzAJBgNVBAYTAkFVMSgwJgYDVQQKDB9UaGUgTGVnaW9uIG9mIHRoZSBCb3VuY3kgQ2FzdGxlMRIw" + + "EAYDVQQHDAlNZWxib3VybmUxETAPBgNVBAgMCFZpY3RvcmlhMS8wLQYJKoZIhvcNAQkBFiBmZWVkYmFjay1jcnlwdG" + + "9AYm91bmN5Y2FzdGxlLm9yZzBaMA0GCSqGSIb3DQEBAQUAA0kAMEYCQQC0p+RhcFdPFqlwgrIr5YtqKmKXmEGb4Shy" + + "pL26Ymz66ZAPdqv7EhOdzl3lZWT6srZUMWWgQMYGiHQg4z2R7X7XAgERo0QwQjAOBgNVHQ8BAf8EBAMCAAEwEgYDVR" + + "0lAQH/BAgwBgYEVR0lADAcBgNVHREBAf8EEjAQgQ50ZXN0QHRlc3QudGVzdDANBgkqhkiG9w0BAQQFAANBAJg55PBS" + + "weg6obRUKF4FF6fCrWFi6oCYSQ99LWcAeupc5BofW5MstFMhCOaEucuGVqunwT5G7/DweazzCIrSzB0="); + + internal static bool EqualsIgnoreCase(string a, string b) + { + return ToUpperInvariant(a) == ToUpperInvariant(b); + } + + internal static string ToUpperInvariant(string s) + { + return s.ToUpper(CultureInfo.InvariantCulture); + } + + internal static string Fingerprint(X509CertificateStructure c) + { + byte[] der = c.GetEncoded(); + byte[] hash = Sha256DigestOf(der); + byte[] hexBytes = Hex.Encode(hash); + string hex = ToUpperInvariant(Encoding.ASCII.GetString(hexBytes)); + + StringBuilder fp = new StringBuilder(); + int i = 0; + fp.Append(hex.Substring(i, 2)); + while ((i += 2) < hex.Length) + { + fp.Append(':'); + fp.Append(hex.Substring(i, 2)); + } + return fp.ToString(); + } + + internal static byte[] Sha256DigestOf(byte[] input) + { + return DigestUtilities.CalculateDigest("SHA256", input); + } + + internal static string GetCACertResource(short signatureAlgorithm) + { + return "x509-ca-" + GetResourceName(signatureAlgorithm) + ".pem"; + } + + internal static string GetCACertResource(string eeCertResource) + { + if (eeCertResource.StartsWith("x509-client-")) + { + eeCertResource = eeCertResource.Substring("x509-client-".Length); + } + if (eeCertResource.StartsWith("x509-server-")) + { + eeCertResource = eeCertResource.Substring("x509-server-".Length); + } + if (eeCertResource.EndsWith(".pem")) + { + eeCertResource = eeCertResource.Substring(0, eeCertResource.Length - ".pem".Length); + } + + if (EqualsIgnoreCase("dsa", eeCertResource)) + { + return GetCACertResource(SignatureAlgorithm.dsa); + } + + if (EqualsIgnoreCase("ecdh", eeCertResource) + || EqualsIgnoreCase("ecdsa", eeCertResource)) + { + return GetCACertResource(SignatureAlgorithm.ecdsa); + } + + if (EqualsIgnoreCase("ed25519", eeCertResource)) + { + return GetCACertResource(SignatureAlgorithm.ed25519); + } + + if (EqualsIgnoreCase("ed448", eeCertResource)) + { + return GetCACertResource(SignatureAlgorithm.ed448); + } + + if (EqualsIgnoreCase("rsa", eeCertResource) + || EqualsIgnoreCase("rsa-enc", eeCertResource) + || EqualsIgnoreCase("rsa-sign", eeCertResource)) + { + return GetCACertResource(SignatureAlgorithm.rsa); + } + + if (EqualsIgnoreCase("rsa_pss_256", eeCertResource)) + { + return GetCACertResource(SignatureAlgorithm.rsa_pss_pss_sha256); + } + if (EqualsIgnoreCase("rsa_pss_384", eeCertResource)) + { + return GetCACertResource(SignatureAlgorithm.rsa_pss_pss_sha384); + } + if (EqualsIgnoreCase("rsa_pss_512", eeCertResource)) + { + return GetCACertResource(SignatureAlgorithm.rsa_pss_pss_sha512); + } + + throw new TlsFatalAlert(AlertDescription.internal_error); + } + + internal static string GetResourceName(short signatureAlgorithm) + { + switch (signatureAlgorithm) + { + case SignatureAlgorithm.rsa: + case SignatureAlgorithm.rsa_pss_rsae_sha256: + case SignatureAlgorithm.rsa_pss_rsae_sha384: + case SignatureAlgorithm.rsa_pss_rsae_sha512: + return "rsa"; + case SignatureAlgorithm.dsa: + return "dsa"; + case SignatureAlgorithm.ecdsa: + return "ecdsa"; + case SignatureAlgorithm.ed25519: + return "ed25519"; + case SignatureAlgorithm.ed448: + return "ed448"; + case SignatureAlgorithm.rsa_pss_pss_sha256: + return "rsa_pss_256"; + case SignatureAlgorithm.rsa_pss_pss_sha384: + return "rsa_pss_384"; + case SignatureAlgorithm.rsa_pss_pss_sha512: + return "rsa_pss_512"; + default: + throw new TlsFatalAlert(AlertDescription.internal_error); + } + } + + internal static TlsCredentialedAgreement LoadAgreementCredentials(TlsContext context, string[] certResources, + string keyResource) + { + TlsCrypto crypto = context.Crypto; + Certificate certificate = LoadCertificateChain(context, certResources); + + // TODO[tls-ops] Need to have TlsCrypto construct the credentials from the certs/key (as raw data) + if (crypto is BcTlsCrypto) + { + AsymmetricKeyParameter privateKey = LoadBcPrivateKeyResource(keyResource); + + return new BcDefaultTlsCredentialedAgreement((BcTlsCrypto)crypto, certificate, privateKey); + } + else + { + throw new NotSupportedException(); + } + } + + internal static TlsCredentialedDecryptor LoadEncryptionCredentials(TlsContext context, string[] certResources, + string keyResource) + { + TlsCrypto crypto = context.Crypto; + Certificate certificate = LoadCertificateChain(context, certResources); + + // TODO[tls-ops] Need to have TlsCrypto construct the credentials from the certs/key (as raw data) + if (crypto is BcTlsCrypto) + { + AsymmetricKeyParameter privateKey = LoadBcPrivateKeyResource(keyResource); + + return new BcDefaultTlsCredentialedDecryptor((BcTlsCrypto)crypto, certificate, privateKey); + } + else + { + throw new NotSupportedException(); + } + } + + public static TlsCredentialedSigner LoadSignerCredentials(TlsCryptoParameters cryptoParams, TlsCrypto crypto, + string[] certResources, string keyResource, SignatureAndHashAlgorithm signatureAndHashAlgorithm) + { + Certificate certificate = LoadCertificateChain(cryptoParams.ServerVersion, crypto, certResources); + + // TODO[tls-ops] Need to have TlsCrypto construct the credentials from the certs/key (as raw data) + if (crypto is BcTlsCrypto) + { + AsymmetricKeyParameter privateKey = LoadBcPrivateKeyResource(keyResource); + + return new BcDefaultTlsCredentialedSigner(cryptoParams, (BcTlsCrypto)crypto, privateKey, certificate, signatureAndHashAlgorithm); + } + else + { + throw new NotSupportedException(); + } + } + + internal static TlsCredentialedSigner LoadSignerCredentials(TlsContext context, string[] certResources, + string keyResource, SignatureAndHashAlgorithm signatureAndHashAlgorithm) + { + TlsCrypto crypto = context.Crypto; + TlsCryptoParameters cryptoParams = new TlsCryptoParameters(context); + + return LoadSignerCredentials(cryptoParams, crypto, certResources, keyResource, signatureAndHashAlgorithm); + } + + internal static TlsCredentialedSigner LoadSignerCredentials(TlsContext context, + IList supportedSignatureAlgorithms, short signatureAlgorithm, string certResource, string keyResource) + { + if (supportedSignatureAlgorithms == null) + { + supportedSignatureAlgorithms = TlsUtilities.GetDefaultSignatureAlgorithms(signatureAlgorithm); + } + + SignatureAndHashAlgorithm signatureAndHashAlgorithm = null; + + foreach (SignatureAndHashAlgorithm alg in supportedSignatureAlgorithms) + { + if (alg.Signature == signatureAlgorithm) + { + // Just grab the first one we find + signatureAndHashAlgorithm = alg; + break; + } + } + + if (signatureAndHashAlgorithm == null) + return null; + + return LoadSignerCredentials(context, new string[]{ certResource }, keyResource, + signatureAndHashAlgorithm); + } + + internal static TlsCredentialedSigner LoadSignerCredentialsServer(TlsContext context, + IList supportedSignatureAlgorithms, short signatureAlgorithm) + { + string sigName = GetResourceName(signatureAlgorithm); + + switch (signatureAlgorithm) + { + case SignatureAlgorithm.rsa: + case SignatureAlgorithm.rsa_pss_rsae_sha256: + case SignatureAlgorithm.rsa_pss_rsae_sha384: + case SignatureAlgorithm.rsa_pss_rsae_sha512: + sigName += "-sign"; + break; + } + + string certResource = "x509-server-" + sigName + ".pem"; + string keyResource = "x509-server-key-" + sigName + ".pem"; + + return LoadSignerCredentials(context, supportedSignatureAlgorithms, signatureAlgorithm, certResource, + keyResource); + } + + internal static Certificate LoadCertificateChain(ProtocolVersion protocolVersion, TlsCrypto crypto, + string[] resources) + { + if (TlsUtilities.IsTlsV13(protocolVersion)) + { + CertificateEntry[] certificateEntryList = new CertificateEntry[resources.Length]; + for (int i = 0; i < resources.Length; ++i) + { + TlsCertificate certificate = LoadCertificateResource(crypto, resources[i]); + + // TODO[tls13] Add possibility of specifying e.g. CertificateStatus + IDictionary extensions = null; + + certificateEntryList[i] = new CertificateEntry(certificate, extensions); + } + + // TODO[tls13] Support for non-empty request context + byte[] certificateRequestContext = TlsUtilities.EmptyBytes; + + return new Certificate(certificateRequestContext, certificateEntryList); + } + else + { + TlsCertificate[] chain = new TlsCertificate[resources.Length]; + for (int i = 0; i < resources.Length; ++i) + { + chain[i] = LoadCertificateResource(crypto, resources[i]); + } + return new Certificate(chain); + } + } + + internal static Certificate LoadCertificateChain(TlsContext context, string[] resources) + { + return LoadCertificateChain(context.ServerVersion, context.Crypto, resources); + } + + internal static X509CertificateStructure LoadBcCertificateResource(string resource) + { + PemObject pem = LoadPemResource(resource); + if (pem.Type.EndsWith("CERTIFICATE")) + { + return X509CertificateStructure.GetInstance(pem.Content); + } + throw new ArgumentException("doesn't specify a valid certificate", "resource"); + } + + internal static TlsCertificate LoadCertificateResource(TlsCrypto crypto, string resource) + { + PemObject pem = LoadPemResource(resource); + if (pem.Type.EndsWith("CERTIFICATE")) + { + return crypto.CreateCertificate(pem.Content); + } + throw new ArgumentException("doesn't specify a valid certificate", "resource"); + } + + internal static AsymmetricKeyParameter LoadBcPrivateKeyResource(string resource) + { + PemObject pem = LoadPemResource(resource); + if (pem.Type.Equals("PRIVATE KEY")) + { + return PrivateKeyFactory.CreateKey(pem.Content); + } + if (pem.Type.Equals("ENCRYPTED PRIVATE KEY")) + { + throw new NotSupportedException("Encrypted PKCS#8 keys not supported"); + } + if (pem.Type.Equals("RSA PRIVATE KEY")) + { + RsaPrivateKeyStructure rsa = RsaPrivateKeyStructure.GetInstance(pem.Content); + return new RsaPrivateCrtKeyParameters(rsa.Modulus, rsa.PublicExponent, + rsa.PrivateExponent, rsa.Prime1, rsa.Prime2, rsa.Exponent1, + rsa.Exponent2, rsa.Coefficient); + } + if (pem.Type.Equals("EC PRIVATE KEY")) + { + ECPrivateKeyStructure pKey = ECPrivateKeyStructure.GetInstance(pem.Content); + AlgorithmIdentifier algId = new AlgorithmIdentifier(X9ObjectIdentifiers.IdECPublicKey, + pKey.GetParameters()); + PrivateKeyInfo privInfo = new PrivateKeyInfo(algId, pKey); + return PrivateKeyFactory.CreateKey(privInfo); + } + throw new ArgumentException("doesn't specify a valid private key", "resource"); + } + + internal static PemObject LoadPemResource(string resource) + + { + Stream s = SimpleTest.GetTestDataAsStream("tls." + resource); + PemReader p = new PemReader(new StreamReader(s)); + PemObject o = p.ReadPemObject(); + p.Reader.Close(); + return o; + } + + internal static bool AreSameCertificate(TlsCrypto crypto, TlsCertificate cert, string resource) + { + // TODO Cache test resources? + return AreSameCertificate(cert, LoadCertificateResource(crypto, resource)); + } + + internal static bool AreSameCertificate(TlsCertificate a, TlsCertificate b) + { + // TODO[tls-ops] Support equals on TlsCertificate? + return Arrays.AreEqual(a.GetEncoded(), b.GetEncoded()); + } + + internal static TlsCertificate[] GetTrustedCertPath(TlsCrypto crypto, TlsCertificate cert, string[] resources) + { + foreach (string eeCertResource in resources) + { + TlsCertificate eeCert = LoadCertificateResource(crypto, eeCertResource); + if (AreSameCertificate(cert, eeCert)) + { + string caCertResource = GetCACertResource(eeCertResource); + TlsCertificate caCert = LoadCertificateResource(crypto, caCertResource); + if (null != caCert) + { + return new TlsCertificate[]{ eeCert, caCert }; + } + } + } + return null; + } + } +} diff --git a/BouncyCastle/crypto/test/src/tls/test/TlsUtilitiesTest.cs b/BouncyCastle/crypto/test/src/tls/test/TlsUtilitiesTest.cs new file mode 100644 index 0000000..702c400 --- /dev/null +++ b/BouncyCastle/crypto/test/src/tls/test/TlsUtilitiesTest.cs @@ -0,0 +1,66 @@ +using System; +using System.Collections; + +using NUnit.Framework; + +namespace Org.BouncyCastle.Tls.Tests +{ + [TestFixture] + public class TlsUtilitiesTest + { + [Test] + public void TestChooseSignatureAndHash() + { + int keyExchangeAlgorithm = KeyExchangeAlgorithm.ECDHE_RSA; + short signatureAlgorithm = TlsUtilities.GetLegacySignatureAlgorithmServer(keyExchangeAlgorithm); + + IList supportedSignatureAlgorithms = GetSignatureAlgorithms(false); + SignatureAndHashAlgorithm sigAlg = TlsUtilities.ChooseSignatureAndHashAlgorithm(ProtocolVersion.TLSv12, + supportedSignatureAlgorithms, signatureAlgorithm); + Assert.AreEqual(HashAlgorithm.sha256, sigAlg.Hash); + + for (int count = 0; count < 10; ++count) + { + supportedSignatureAlgorithms = GetSignatureAlgorithms(true); + sigAlg = TlsUtilities.ChooseSignatureAndHashAlgorithm(ProtocolVersion.TLSv12, + supportedSignatureAlgorithms, signatureAlgorithm); + Assert.AreEqual(HashAlgorithm.sha256, sigAlg.Hash); + } + } + + private static IList GetSignatureAlgorithms(bool randomise) + { + short[] hashAlgorithms = new short[]{ HashAlgorithm.sha1, HashAlgorithm.sha224, HashAlgorithm.sha256, + HashAlgorithm.sha384, HashAlgorithm.sha512, HashAlgorithm.md5 }; + short[] signatureAlgorithms = new short[]{ SignatureAlgorithm.rsa, SignatureAlgorithm.dsa, + SignatureAlgorithm.ecdsa }; + + IList result = new ArrayList(); + for (int i = 0; i < signatureAlgorithms.Length; ++i) + { + for (int j = 0; j < hashAlgorithms.Length; ++j) + { + result.Add(SignatureAndHashAlgorithm.GetInstance(hashAlgorithms[j], signatureAlgorithms[i])); + } + } + + if (randomise) + { + Random r = new Random(); + int count = result.Count; + for (int src = 0; src < count; ++src) + { + int dst = r.Next(count); + if (src != dst) + { + object a = result[src], b = result[dst]; + result[dst] = a; + result[src] = b; + } + } + } + + return result; + } + } +} diff --git a/BouncyCastle/crypto/test/src/tls/test/UnreliableDatagramTransport.cs b/BouncyCastle/crypto/test/src/tls/test/UnreliableDatagramTransport.cs new file mode 100644 index 0000000..bdbfd6e --- /dev/null +++ b/BouncyCastle/crypto/test/src/tls/test/UnreliableDatagramTransport.cs @@ -0,0 +1,79 @@ +using System; + +using Org.BouncyCastle.Utilities.Date; + +namespace Org.BouncyCastle.Tls.Tests +{ + public class UnreliableDatagramTransport + : DatagramTransport + { + private readonly DatagramTransport m_transport; + private readonly Random m_random; + private readonly int m_percentPacketLossReceiving, m_percentPacketLossSending; + + public UnreliableDatagramTransport(DatagramTransport transport, Random random, + int percentPacketLossReceiving, int percentPacketLossSending) + { + if (percentPacketLossReceiving < 0 || percentPacketLossReceiving > 100) + throw new ArgumentException("out of range", "percentPacketLossReceiving"); + if (percentPacketLossSending < 0 || percentPacketLossSending > 100) + throw new ArgumentException("out of range", "percentPacketLossSending"); + + this.m_transport = transport; + this.m_random = random; + this.m_percentPacketLossReceiving = percentPacketLossReceiving; + this.m_percentPacketLossSending = percentPacketLossSending; + } + + public virtual int GetReceiveLimit() + { + return m_transport.GetReceiveLimit(); + } + + public virtual int GetSendLimit() + { + return m_transport.GetSendLimit(); + } + + public virtual int Receive(byte[] buf, int off, int len, int waitMillis) + { + long endMillis = DateTimeUtilities.CurrentUnixMs() + waitMillis; + for (;;) + { + int length = m_transport.Receive(buf, off, len, waitMillis); + if (length < 0 || !LostPacket(m_percentPacketLossReceiving)) + return length; + + Console.WriteLine("PACKET LOSS (" + length + " byte packet not received)"); + + long now = DateTimeUtilities.CurrentUnixMs(); + if (now >= endMillis) + return -1; + + waitMillis = (int)(endMillis - now); + } + } + + public virtual void Send(byte[] buf, int off, int len) + { + if (LostPacket(m_percentPacketLossSending)) + { + Console.WriteLine("PACKET LOSS (" + len + " byte packet not sent)"); + } + else + { + m_transport.Send(buf, off, len); + } + } + + public virtual void Close() + { + m_transport.Close(); + } + + private bool LostPacket(int percentPacketLoss) + { + return percentPacketLoss > 0 && m_random.Next(100) < percentPacketLoss; + } + } +} diff --git a/BouncyCastle/crypto/test/src/tsp/test/AllTests.cs b/BouncyCastle/crypto/test/src/tsp/test/AllTests.cs new file mode 100644 index 0000000..58d096d --- /dev/null +++ b/BouncyCastle/crypto/test/src/tsp/test/AllTests.cs @@ -0,0 +1,33 @@ +#if !LIB +using System; + +using NUnit.Core; +using NUnit.Framework; + +using Org.BouncyCastle.Utilities.Test; + +namespace Org.BouncyCastle.Tsp.Tests +{ + public class AllTests + { + public static void Main(string[] args) + { + Suite.Run(new NullListener(), NUnit.Core.TestFilter.Empty); + } + + [Suite] + public static TestSuite Suite + { + get + { + TestSuite suite = new TestSuite("TSP Tests"); + suite.Add(new GenTimeAccuracyUnitTest()); + suite.Add(new ParseTest()); + suite.Add(new TimeStampTokenInfoUnitTest()); + suite.Add(new TspTest()); + return suite; + } + } + } +} +#endif diff --git a/BouncyCastle/crypto/test/src/tsp/test/GenTimeAccuracyTest.cs b/BouncyCastle/crypto/test/src/tsp/test/GenTimeAccuracyTest.cs new file mode 100644 index 0000000..01cc83d --- /dev/null +++ b/BouncyCastle/crypto/test/src/tsp/test/GenTimeAccuracyTest.cs @@ -0,0 +1,116 @@ +using System; + +using NUnit.Framework; + +using Org.BouncyCastle.Asn1; +using Org.BouncyCastle.Asn1.Tsp; + +namespace Org.BouncyCastle.Tsp.Tests +{ + [TestFixture] + public class GenTimeAccuracyUnitTest + { + private static readonly DerInteger ZERO_VALUE = new DerInteger(0); + private static readonly DerInteger ONE_VALUE = new DerInteger(1); + private static readonly DerInteger TWO_VALUE = new DerInteger(2); + private static readonly DerInteger THREE_VALUE = new DerInteger(3); + + [Test] + public void TestOneTwoThree() + { + GenTimeAccuracy accuracy = new GenTimeAccuracy(new Accuracy(ONE_VALUE, TWO_VALUE, THREE_VALUE)); + + checkValues(accuracy, ONE_VALUE, TWO_VALUE, THREE_VALUE); + + checkTostring(accuracy, "1.002003"); + } + + [Test] + public void TestThreeTwoOne() + { + GenTimeAccuracy accuracy = new GenTimeAccuracy(new Accuracy(THREE_VALUE, TWO_VALUE, ONE_VALUE)); + + checkValues(accuracy, THREE_VALUE, TWO_VALUE, ONE_VALUE); + + checkTostring(accuracy, "3.002001"); + } + + [Test] + public void TestTwoThreeTwo() + { + GenTimeAccuracy accuracy = new GenTimeAccuracy(new Accuracy(TWO_VALUE, THREE_VALUE, TWO_VALUE)); + + checkValues(accuracy, TWO_VALUE, THREE_VALUE, TWO_VALUE); + + checkTostring(accuracy, "2.003002"); + } + + [Test] + public void TestZeroTwoThree() + { + GenTimeAccuracy accuracy = new GenTimeAccuracy(new Accuracy(ZERO_VALUE, TWO_VALUE, THREE_VALUE)); + + checkValues(accuracy, ZERO_VALUE, TWO_VALUE, THREE_VALUE); + + checkTostring(accuracy, "0.002003"); + } + + [Test] + public void TestThreeTwoNull() + { + GenTimeAccuracy accuracy = new GenTimeAccuracy(new Accuracy(THREE_VALUE, TWO_VALUE, null)); + + checkValues(accuracy, THREE_VALUE, TWO_VALUE, ZERO_VALUE); + + checkTostring(accuracy, "3.002000"); + } + + [Test] + public void TestOneNullOne() + { + GenTimeAccuracy accuracy = new GenTimeAccuracy(new Accuracy(ONE_VALUE, null, ONE_VALUE)); + + checkValues(accuracy, ONE_VALUE, ZERO_VALUE, ONE_VALUE); + + checkTostring(accuracy, "1.000001"); + } + + [Test] + public void TestZeroNullNull() + { + GenTimeAccuracy accuracy = new GenTimeAccuracy(new Accuracy(ZERO_VALUE, null, null)); + + checkValues(accuracy, ZERO_VALUE, ZERO_VALUE, ZERO_VALUE); + + checkTostring(accuracy, "0.000000"); + } + + [Test] + public void TestNullNullNull() + { + GenTimeAccuracy accuracy = new GenTimeAccuracy(new Accuracy(null, null, null)); + + checkValues(accuracy, ZERO_VALUE, ZERO_VALUE, ZERO_VALUE); + + checkTostring(accuracy, "0.000000"); + } + + private void checkValues( + GenTimeAccuracy accuracy, + DerInteger secs, + DerInteger millis, + DerInteger micros) + { + Assert.AreEqual(secs.Value.IntValue, accuracy.Seconds); + Assert.AreEqual(millis.Value.IntValue, accuracy.Millis); + Assert.AreEqual(micros.Value.IntValue, accuracy.Micros); + } + + private void checkTostring( + GenTimeAccuracy accuracy, + string expected) + { + Assert.AreEqual(expected, accuracy.ToString()); + } + } +} diff --git a/BouncyCastle/crypto/test/src/tsp/test/NewTspTest.cs b/BouncyCastle/crypto/test/src/tsp/test/NewTspTest.cs new file mode 100644 index 0000000..6bc03b8 --- /dev/null +++ b/BouncyCastle/crypto/test/src/tsp/test/NewTspTest.cs @@ -0,0 +1,934 @@ +using System; +using System.Collections; +using System.IO; + +using NUnit.Framework; + +using Org.BouncyCastle.Asn1; +using Org.BouncyCastle.Asn1.Cmp; +using Org.BouncyCastle.Asn1.Ess; +using Org.BouncyCastle.Asn1.Nist; +using Org.BouncyCastle.Asn1.Oiw; +using Org.BouncyCastle.Asn1.Pkcs; +using Org.BouncyCastle.Asn1.X509; +using Org.BouncyCastle.Cms; +using Org.BouncyCastle.Crypto; +using Org.BouncyCastle.Crypto.Operators; +using Org.BouncyCastle.Math; +using Org.BouncyCastle.Utilities; +using Org.BouncyCastle.Utilities.Date; +using Org.BouncyCastle.Utilities.Test; +using Org.BouncyCastle.X509; +using Org.BouncyCastle.X509.Store; + +namespace Org.BouncyCastle.Tsp.Tests +{ + public class NewTspTest + { + private static DateTime UnixEpoch = SimpleTest.MakeUtcDateTime(1970, 1, 1, 0, 0, 0); + + [Test] + public void TestGeneral() + { + string signDN = "O=Bouncy Castle, C=AU"; + AsymmetricCipherKeyPair signKP = TspTestUtil.MakeKeyPair(); + X509Certificate signCert = TspTestUtil.MakeCACertificate(signKP, signDN, signKP, signDN); + + string origDN = "CN=Eric H. Echidna, E=eric@bouncycastle.org, O=Bouncy Castle, C=AU"; + AsymmetricCipherKeyPair origKP = TspTestUtil.MakeKeyPair(); + AsymmetricKeyParameter privateKey = origKP.Private; + + X509Certificate cert = TspTestUtil.MakeCertificate(origKP, origDN, signKP, signDN); + + IList certList = new ArrayList(); + certList.Add(cert); + certList.Add(signCert); + + IX509Store certs = X509StoreFactory.Create( + "Certificate/Collection", + new X509CollectionStoreParameters(certList)); + + basicTest(origKP.Private, cert, certs); + resolutionTest(origKP.Private, cert, certs, Resolution.R_SECONDS, "19700101000009Z"); + resolutionTest(origKP.Private, cert, certs, Resolution.R_TENTHS_OF_SECONDS, "19700101000009.9Z"); + resolutionTest(origKP.Private, cert, certs, Resolution.R_HUNDREDTHS_OF_SECONDS, "19700101000009.99Z"); + resolutionTest(origKP.Private, cert, certs, Resolution.R_MILLISECONDS, "19700101000009.999Z"); + basicSha256Test(origKP.Private, cert, certs); + basicTestWithTSA(origKP.Private, cert, certs); + overrideAttrsTest(origKP.Private, cert, certs); + responseValidationTest(origKP.Private, cert, certs); + incorrectHashTest(origKP.Private, cert, certs); + badAlgorithmTest(origKP.Private, cert, certs); + timeNotAvailableTest(origKP.Private, cert, certs); + badPolicyTest(origKP.Private, cert, certs); + tokenEncodingTest(origKP.Private, cert, certs); + certReqTest(origKP.Private, cert, certs); + testAccuracyZeroCerts(origKP.Private, cert, certs); + testAccuracyWithCertsAndOrdering(origKP.Private, cert, certs); + testNoNonse(origKP.Private, cert, certs); + extensionTest(origKP.Private, cert, certs); + additionalExtensionTest(origKP.Private, cert, certs); + } + + private void additionalExtensionTest(AsymmetricKeyParameter privateKey, X509Certificate cert, IX509Store certs) + { + TimeStampTokenGenerator tsTokenGen = new TimeStampTokenGenerator( + privateKey, cert, TspAlgorithms.Sha1, "1.2"); + + tsTokenGen.SetCertificates(certs); + tsTokenGen.SetTsa(new Asn1.X509.GeneralName(new X509Name("CN=Test"))); + + TimeStampRequestGenerator reqGen = new TimeStampRequestGenerator(); + TimeStampRequest request = reqGen.Generate(TspAlgorithms.Sha1, new byte[20], BigInteger.ValueOf(100)); + + TimeStampResponseGenerator tsRespGen = new TimeStampResponseGenerator(tsTokenGen, TspAlgorithms.Allowed); + + X509ExtensionsGenerator extensionsGenerator = new X509ExtensionsGenerator(); + extensionsGenerator.AddExtension(X509Extensions.AuditIdentity, false, new DerUtf8String("Test")); + + + TimeStampResponse tsResp = tsRespGen.GenerateGrantedResponse(request, new BigInteger("23"), new DateTimeObject( DateTime.UtcNow), "Okay", extensionsGenerator.Generate()); + + tsResp = new TimeStampResponse(tsResp.GetEncoded()); + + TimeStampToken tsToken = tsResp.TimeStampToken; + + tsToken.Validate(cert); + + Asn1.Cms.AttributeTable table = tsToken.SignedAttributes; + + Assert.NotNull(table[PkcsObjectIdentifiers.IdAASigningCertificate],"no signingCertificate attribute found"); + + X509Extensions ext = tsToken.TimeStampInfo.TstInfo.Extensions; + + Assert.True(1 == ext.GetExtensionOids().Length); + + X509Extension left = new X509Extension(DerBoolean.False, new DerOctetString( new DerUtf8String("Test").GetEncoded())); + Assert.True(left.Equals (ext.GetExtension(X509Extensions.AuditIdentity))); + + + + } + + private void extensionTest(AsymmetricKeyParameter privateKey, X509Certificate cert, IX509Store certs) + { + TimeStampTokenGenerator tsTokenGen = new TimeStampTokenGenerator( + privateKey, cert, TspAlgorithms.Sha1, "1.2"); + + tsTokenGen.SetCertificates(certs); + + TimeStampRequestGenerator reqGen = new TimeStampRequestGenerator(); + + // --- These are test case only values + reqGen.SetReqPolicy("2.5.29.56"); + reqGen.AddExtension(new DerObjectIdentifier("1.3.6.1.5.5.7.1.2"), true, new DerOctetString(new byte[20])); + // --- not for any real world purpose. + + TimeStampRequest request = reqGen.Generate(TspAlgorithms.Sha1, new byte[20]); + + try + { + request.Validate(new ArrayList(), new ArrayList(), new ArrayList()); + Assert.Fail("expected exception"); + } catch(Exception ex) + { + Assert.True("request contains unknown algorithm" == ex.Message); + } + + ArrayList algorithms = new ArrayList(); + algorithms.Add(TspAlgorithms.Sha1); + + try + { + request.Validate(algorithms, new ArrayList(), new ArrayList()); + Assert.Fail("no exception"); + } + catch (Exception e) + { + Assert.IsTrue(e.Message == "request contains unknown policy"); + } + + ArrayList policies = new ArrayList(); + + // Testing only do not use in real world. + policies.Add("2.5.29.56"); + + try + { + request.Validate(algorithms, policies, new ArrayList()); + Assert.Fail("no exception"); + } + catch (Exception e) + { + Assert.IsTrue(e.Message == "request contains unknown extension"); + } + + ArrayList extensions = new ArrayList(); + + // Testing only do not use in real world/ + extensions.Add("1.3.6.1.5.5.7.1.2"); + + + // should validate with full set + request.Validate(algorithms, policies, extensions); + + // should validate with null policy + request.Validate(algorithms, null, extensions); + + TimeStampResponseGenerator tsRespGen = new TimeStampResponseGenerator(tsTokenGen, TspAlgorithms.Allowed); + + TimeStampResponse tsResp = tsRespGen.Generate(request, new BigInteger("23"), DateTime.UtcNow); + + tsResp = new TimeStampResponse(tsResp.GetEncoded()); + + TimeStampToken tsToken = tsResp.TimeStampToken; + + tsToken.Validate(cert); + + Asn1.Cms.AttributeTable table = tsToken.SignedAttributes; + + Assert.NotNull(table[PkcsObjectIdentifiers.IdAASigningCertificate], "no signingCertificate attribute found"); + } + + private void testNoNonse(AsymmetricKeyParameter privateKey, X509Certificate cert, IX509Store certs) + { + TimeStampTokenGenerator tsTokenGen = new TimeStampTokenGenerator( + privateKey, cert, TspAlgorithms.MD5, "1.2.3"); + + tsTokenGen.SetCertificates(certs); + + TimeStampRequestGenerator reqGen = new TimeStampRequestGenerator(); + TimeStampRequest request = reqGen.Generate(TspAlgorithms.Sha1, new byte[20]); + + ArrayList algorithms = new ArrayList(); + algorithms.Add(TspAlgorithms.Sha1); + + request.Validate(algorithms, new ArrayList(), new ArrayList()); + + Assert.False(request.CertReq); + + TimeStampResponseGenerator tsRespGen = new TimeStampResponseGenerator(tsTokenGen, TspAlgorithms.Allowed); + + TimeStampResponse tsResp = tsRespGen.Generate(request, new BigInteger("24"), DateTime.UtcNow); + + tsResp = new TimeStampResponse(tsResp.GetEncoded()); + + TimeStampToken tsToken = tsResp.TimeStampToken; + + tsToken.Validate(cert); + + tsResp.Validate(request); + + TimeStampTokenInfo tstInfo = tsToken.TimeStampInfo; + + GenTimeAccuracy accuracy = tstInfo.GenTimeAccuracy; + + Assert.IsNull(accuracy); + + Assert.IsTrue(new BigInteger("24").Equals(tstInfo.SerialNumber)); + + + Assert.IsTrue("1.2.3" == tstInfo.Policy); + + Assert.False( tstInfo.IsOrdered); + + Assert.IsNull(tstInfo.Nonce); + + // + // test certReq + // + IX509Store store = tsToken.GetCertificates(); + + ICollection certificates = store.GetMatches(null); + + Assert.IsTrue(0 == certificates.Count); + + + } + + private void testAccuracyWithCertsAndOrdering(AsymmetricKeyParameter privateKey, X509Certificate cert, IX509Store certs) + { + TimeStampTokenGenerator tsTokenGen = new TimeStampTokenGenerator( + privateKey, cert, TspAlgorithms.MD5, "1.2.3"); + + tsTokenGen.SetCertificates(certs); + + tsTokenGen.SetAccuracySeconds(1); + tsTokenGen.SetAccuracyMillis(2); + tsTokenGen.SetAccuracyMicros(3); + + tsTokenGen.SetOrdering(true); + + TimeStampRequestGenerator reqGen = new TimeStampRequestGenerator(); + + reqGen.SetCertReq(true); + + TimeStampRequest request = reqGen.Generate(TspAlgorithms.Sha1, new byte[20], BigInteger.ValueOf(100)); + + TimeStampResponseGenerator tsRespGen = new TimeStampResponseGenerator(tsTokenGen, TspAlgorithms.Allowed); + + + // + // This is different to the Java API. + // + + TimeStampResponse tsResp = tsRespGen.Generate(request, BigInteger.ValueOf(23), DateTime.UtcNow); + + tsResp = new TimeStampResponse(tsResp.GetEncoded()); + + TimeStampToken tsToken = tsResp.TimeStampToken; + + + tsResp.Validate(request); + + TimeStampTokenInfo tstInfo = tsToken.TimeStampInfo; + + GenTimeAccuracy accuracy = tstInfo.GenTimeAccuracy; + + Assert.IsTrue(1 == accuracy.Seconds); + Assert.IsTrue(2 == accuracy.Millis); + Assert.IsTrue(3 == accuracy.Micros); + + Assert.IsTrue(new BigInteger("23").Equals(tstInfo.SerialNumber)); + + Assert.IsTrue("1.2.3" == tstInfo.Policy); + + IX509Store store = tsToken.GetCertificates(); + + ICollection certificates = store.GetMatches(null); + + Assert.IsTrue(2 == certificates.Count); + + } + + private void testAccuracyZeroCerts(AsymmetricKeyParameter privateKey, X509Certificate cert, IX509Store certs) + { + TimeStampTokenGenerator tsTokenGen = new TimeStampTokenGenerator( + privateKey, cert, TspAlgorithms.MD5, "1.2"); + + tsTokenGen.SetCertificates(certs); + + tsTokenGen.SetAccuracySeconds(1); + tsTokenGen.SetAccuracyMillis(2); + tsTokenGen.SetAccuracyMicros(3); + + TimeStampRequestGenerator reqGen = new TimeStampRequestGenerator(); + + TimeStampRequest request = reqGen.Generate(TspAlgorithms.Sha1, new byte[20], BigInteger.ValueOf(100)); + + TimeStampResponseGenerator tsRespGen = new TimeStampResponseGenerator(tsTokenGen, TspAlgorithms.Allowed); + + TimeStampResponse tsResp = tsRespGen.Generate(request, BigInteger.ValueOf(23), DateTime.UtcNow); + + tsResp = new TimeStampResponse(tsResp.GetEncoded()); + + TimeStampToken tsToken = tsResp.TimeStampToken; + + tsResp.Validate(request); + + TimeStampTokenInfo tstInfo = tsToken.TimeStampInfo; + + GenTimeAccuracy accuracy = tstInfo.GenTimeAccuracy; + + Assert.IsTrue(1 == accuracy.Seconds); + Assert.IsTrue(2 == accuracy.Millis); + Assert.IsTrue(3 == accuracy.Micros); + + Assert.IsTrue(new BigInteger("23").Equals(tstInfo.SerialNumber)); + + Assert.IsTrue("1.2" == tstInfo.Policy); + + IX509Store store = tsToken.GetCertificates(); + + ICollection certificates = store.GetMatches(null); + + Assert.IsTrue(0 == certificates.Count); + } + + private void certReqTest(AsymmetricKeyParameter privateKey, X509Certificate cert, IX509Store certs) + { + TimeStampTokenGenerator tsTokenGen = new TimeStampTokenGenerator( + privateKey, cert, TspAlgorithms.MD5, "1.2"); + + tsTokenGen.SetCertificates(certs); + + + TimeStampRequestGenerator reqGen = new TimeStampRequestGenerator(); + reqGen.SetCertReq(false); + + TimeStampRequest request = reqGen.Generate(TspAlgorithms.Sha1, new byte[20], BigInteger.ValueOf(100)); + + TimeStampResponseGenerator tsRespGen = new TimeStampResponseGenerator(tsTokenGen, TspAlgorithms.Allowed); + + TimeStampResponse tsResp = tsRespGen.Generate(request, BigInteger.ValueOf(23), DateTime.UtcNow); + + tsResp = new TimeStampResponse(tsResp.GetEncoded()); + + TimeStampToken tsToken = tsResp.TimeStampToken; + + Assert.IsNull(tsToken.TimeStampInfo.GenTimeAccuracy); // check for abscence of accuracy + + Assert.True("1.2".Equals( tsToken.TimeStampInfo.Policy)); + + try + { + tsToken.Validate(cert); + } + catch (TspValidationException) + { + Assert.Fail("certReq(false) verification of token failed."); + } + + IX509Store store = tsToken.GetCertificates(); + ICollection certsColl = store.GetMatches(null); + + if (certsColl.Count > 0) + { + Assert.Fail("certReq(false) found certificates in response."); + } + } + + private void tokenEncodingTest(AsymmetricKeyParameter privateKey, X509Certificate cert, IX509Store certs) + { + TimeStampTokenGenerator tsTokenGen = new TimeStampTokenGenerator( + privateKey, cert, TspAlgorithms.Sha1, "1.2.3.4.5.6"); + + tsTokenGen.SetCertificates(certs); + + + TimeStampRequestGenerator reqGen = new TimeStampRequestGenerator(); + TimeStampRequest request = reqGen.Generate(TspAlgorithms.Sha1, new byte[20], BigInteger.ValueOf(100)); + + TimeStampResponseGenerator tsRespGen = new TimeStampResponseGenerator(tsTokenGen, TspAlgorithms.Allowed); + + TimeStampResponse tsResp = tsRespGen.Generate(request, BigInteger.ValueOf(23), DateTime.UtcNow); + + tsResp = new TimeStampResponse(tsResp.GetEncoded()); + + TimeStampResponse tsResponse = new TimeStampResponse(tsResp.GetEncoded()); + + if (!Arrays.AreEqual(tsResponse.GetEncoded(), tsResp.GetEncoded()) + || !Arrays.AreEqual(tsResponse.TimeStampToken.GetEncoded(), + tsResp.TimeStampToken.GetEncoded())) + { + Assert.Fail(); + } + } + + private void badPolicyTest(AsymmetricKeyParameter privateKey, X509Certificate cert, IX509Store certs) + { + TimeStampTokenGenerator tsTokenGen = new TimeStampTokenGenerator( + privateKey, cert, TspAlgorithms.Sha1, "1.2"); + + tsTokenGen.SetCertificates(certs); + + + TimeStampRequestGenerator reqGen = new TimeStampRequestGenerator(); + reqGen.SetReqPolicy("1.1"); + TimeStampRequest request = reqGen.Generate(TspAlgorithms.Sha1, new byte[20]); + + TimeStampResponseGenerator tsRespGen = new TimeStampResponseGenerator(tsTokenGen, TspAlgorithms.Allowed, new ArrayList()); + + TimeStampResponse tsResp = tsRespGen.Generate(request, BigInteger.ValueOf(23), DateTime.UtcNow); + + tsResp = new TimeStampResponse(tsResp.GetEncoded()); + + TimeStampToken tsToken = tsResp.TimeStampToken; + + if (tsToken != null) + { + Assert.Fail("badPolicy - token not null."); + } + + PkiFailureInfo failInfo = tsResp.GetFailInfo(); + + if (failInfo == null) + { + Assert.Fail("badPolicy - failInfo set to null."); + } + + if (failInfo.IntValue != PkiFailureInfo.UnacceptedPolicy) + { + Assert.Fail("badPolicy - wrong failure info returned."); + } + + + } + + private void timeNotAvailableTest(AsymmetricKeyParameter privateKey, X509Certificate cert, IX509Store certs) + { + TimeStampTokenGenerator tsTokenGen = new TimeStampTokenGenerator( + privateKey, cert, TspAlgorithms.Sha1, "1.2"); + + tsTokenGen.SetCertificates(certs); + + TimeStampRequestGenerator reqGen = new TimeStampRequestGenerator(); + TimeStampRequest request = reqGen.Generate(new DerObjectIdentifier("1.2.3.4.5"), new byte[20]); + + TimeStampResponseGenerator tsRespGen = new TimeStampResponseGenerator(tsTokenGen, TspAlgorithms.Allowed); + + TimeStampResponse tsResp = null; + + + // + // This is different to the java api. + // the java version has two calls, generateGrantedResponse and generateRejectedResponse + // See line 726 of NewTspTest + // + + tsResp = tsRespGen.Generate(request, new BigInteger("23"), null); + + tsResp = new TimeStampResponse(tsResp.GetEncoded()); + + TimeStampToken tsToken = tsResp.TimeStampToken; + + if (tsToken != null) + { + Assert.Fail("timeNotAvailable - token not null."); + } + + PkiFailureInfo failInfo = tsResp.GetFailInfo(); + + if (failInfo == null) + { + Assert.Fail("timeNotAvailable - failInfo set to null."); + } + + if (failInfo.IntValue != PkiFailureInfo.TimeNotAvailable) + { + Assert.Fail("timeNotAvailable - wrong failure info returned."); + } + } + + private void badAlgorithmTest(AsymmetricKeyParameter privateKey, X509Certificate cert, IX509Store certs) + { + TimeStampTokenGenerator tsTokenGen = new TimeStampTokenGenerator( + privateKey, cert, TspAlgorithms.Sha1, "1.2"); + + tsTokenGen.SetCertificates(certs); + + TimeStampRequestGenerator reqGen = new TimeStampRequestGenerator(); + TimeStampRequest request = reqGen.Generate(new DerObjectIdentifier("1.2.3.4.5"), new byte[21]); + + TimeStampResponseGenerator tsRespGen = new TimeStampResponseGenerator(tsTokenGen, TspAlgorithms.Allowed); + + TimeStampResponse tsResp = tsRespGen.Generate(request, BigInteger.ValueOf(23), DateTime.UtcNow); + + tsResp = new TimeStampResponse(tsResp.GetEncoded()); + + TimeStampToken tsToken = tsResp.TimeStampToken; + + if (tsToken != null) + { + Assert.Fail("badAlgorithm - token not null."); + } + + PkiFailureInfo failInfo = tsResp.GetFailInfo(); + + if (failInfo == null) + { + Assert.Fail("badAlgorithm - failInfo set to null."); + } + + if (failInfo.IntValue != PkiFailureInfo.BadAlg) + { + Assert.Fail("badAlgorithm - wrong failure info returned."); + } + } + + private void incorrectHashTest(AsymmetricKeyParameter privateKey, X509Certificate cert, IX509Store certs) + { + TimeStampTokenGenerator tsTokenGen = new TimeStampTokenGenerator( + privateKey, cert, TspAlgorithms.Sha1, "1.2"); + + tsTokenGen.SetCertificates(certs); + + TimeStampRequestGenerator reqGen = new TimeStampRequestGenerator(); + TimeStampRequest request = reqGen.Generate(TspAlgorithms.Sha1, new byte[16]); + + TimeStampResponseGenerator tsRespGen = new TimeStampResponseGenerator(tsTokenGen, TspAlgorithms.Allowed); + + TimeStampResponse tsResp = tsRespGen.Generate(request, BigInteger.ValueOf(23), DateTime.UtcNow); + + tsResp = new TimeStampResponse(tsResp.GetEncoded()); + + TimeStampToken tsToken = tsResp.TimeStampToken; + + Assert.IsNull(tsToken,"incorrect hash -- token not null"); + + PkiFailureInfo failInfo = tsResp.GetFailInfo(); + if (failInfo == null) + { + Assert.Fail("incorrectHash - failInfo set to null."); + } + + if (failInfo.IntValue != PkiFailureInfo.BadDataFormat) + { + Assert.Fail("incorrectHash - wrong failure info returned."); + } + + } + + private void responseValidationTest(AsymmetricKeyParameter privateKey, X509Certificate cert, IX509Store certs) + { + TimeStampTokenGenerator tsTokenGen = new TimeStampTokenGenerator( + privateKey, cert, TspAlgorithms.MD5, "1.2"); + + tsTokenGen.SetCertificates(certs); + + + TimeStampRequestGenerator reqGen = new TimeStampRequestGenerator(); + TimeStampRequest request = reqGen.Generate(TspAlgorithms.Sha1, new byte[20], BigInteger.ValueOf(100)); + + TimeStampResponseGenerator tsRespGen = new TimeStampResponseGenerator(tsTokenGen, TspAlgorithms.Allowed); + + TimeStampResponse tsResp = tsRespGen.Generate(request, BigInteger.ValueOf(23), DateTime.UtcNow); + + tsResp = new TimeStampResponse(tsResp.GetEncoded()); + + TimeStampToken tsToken = tsResp.TimeStampToken; + + tsToken.Validate(cert); + + + try + { + request = reqGen.Generate(TspAlgorithms.Sha1, new byte[20], BigInteger.ValueOf(101)); + + tsResp.Validate(request); + + Assert.Fail("response validation failed on invalid nonce."); + } + catch (TspValidationException) + { + // ignore + } + + try + { + request = reqGen.Generate(TspAlgorithms.Sha1, new byte[22], BigInteger.ValueOf(100)); + + tsResp.Validate(request); + + Assert.Fail("response validation failed on wrong digest."); + } + catch (TspValidationException) + { + // ignore + } + + try + { + request = reqGen.Generate(TspAlgorithms.MD5, new byte[20], BigInteger.ValueOf(100)); + + tsResp.Validate(request); + + Assert.Fail("response validation failed on wrong digest."); + } + catch (TspValidationException) + { + // ignore + } + + } + + private void overrideAttrsTest(AsymmetricKeyParameter privateKey, X509Certificate cert, IX509Store certs) + { + SignerInfoGeneratorBuilder signerInfoGenBuilder = new SignerInfoGeneratorBuilder(); + + IssuerSerial issuerSerial = new IssuerSerial( + new GeneralNames( + new GeneralName( + X509CertificateStructure.GetInstance(cert.GetEncoded()).Issuer)), + new DerInteger(cert.SerialNumber)); + + byte[] certHash256; + byte[] certHash; + + { + Asn1DigestFactory digCalc = Asn1DigestFactory.Get(OiwObjectIdentifiers.IdSha1); + IStreamCalculator calc = digCalc.CreateCalculator(); + using (Stream s = calc.Stream) + { + byte[] crt = cert.GetEncoded(); + s.Write(crt, 0, crt.Length); + } + + certHash = ((SimpleBlockResult)calc.GetResult()).Collect(); + } + + + { + Asn1DigestFactory digCalc = Asn1DigestFactory.Get(NistObjectIdentifiers.IdSha256); + IStreamCalculator calc = digCalc.CreateCalculator(); + using (Stream s = calc.Stream) + { + byte[] crt = cert.GetEncoded(); + s.Write(crt, 0, crt.Length); + } + + certHash256 = ((SimpleBlockResult)calc.GetResult()).Collect(); + } + + + EssCertID essCertID = new EssCertID(certHash, issuerSerial); + EssCertIDv2 essCertIDv2 = new EssCertIDv2(certHash256, issuerSerial); + + signerInfoGenBuilder.WithSignedAttributeGenerator(new TestAttrGen(essCertID, essCertIDv2)); + + + Asn1SignatureFactory sigfact = new Asn1SignatureFactory("SHA1WithRSA", privateKey); + SignerInfoGenerator signerInfoGenerator = signerInfoGenBuilder.Build(sigfact, cert); + + TimeStampTokenGenerator tsTokenGen = new TimeStampTokenGenerator(signerInfoGenerator, + Asn1DigestFactory.Get(OiwObjectIdentifiers.IdSha1), new DerObjectIdentifier("1.2"), true); + + tsTokenGen.SetCertificates(certs); + + + TimeStampRequestGenerator reqGen = new TimeStampRequestGenerator(); + TimeStampRequest request = reqGen.Generate(TspAlgorithms.Sha1, new byte[20], BigInteger.ValueOf(100)); + + TimeStampResponseGenerator tsRespGen = new TimeStampResponseGenerator(tsTokenGen, TspAlgorithms.Allowed); + + TimeStampResponse tsResp = tsRespGen.Generate(request, BigInteger.ValueOf(23), DateTime.UtcNow); + + tsResp = new TimeStampResponse(tsResp.GetEncoded()); + + TimeStampToken tsToken = tsResp.TimeStampToken; + + tsToken.Validate(cert); + + Asn1.Cms.AttributeTable table = tsToken.SignedAttributes; + + Assert.NotNull( table[PkcsObjectIdentifiers.IdAASigningCertificate], "no signingCertificate attribute found"); + Assert.NotNull( table[PkcsObjectIdentifiers.IdAASigningCertificateV2], "no signingCertificateV2 attribute found"); + + SigningCertificate sigCert = SigningCertificate.GetInstance(table[PkcsObjectIdentifiers.IdAASigningCertificate].AttrValues[0]); + + Assert.IsTrue(cert.CertificateStructure.Issuer.Equals( sigCert.GetCerts()[0].IssuerSerial.Issuer.GetNames()[0].Name)); + Assert.IsTrue(cert.CertificateStructure.SerialNumber.Value.Equals( sigCert.GetCerts()[0].IssuerSerial.Serial.Value)); + Assert.IsTrue(Arrays.AreEqual(certHash, sigCert.GetCerts()[0].GetCertHash())); + + SigningCertificate sigCertV2 = SigningCertificate.GetInstance(table[PkcsObjectIdentifiers.IdAASigningCertificateV2].AttrValues[0]); + + Assert.IsTrue(cert.CertificateStructure.Issuer.Equals(sigCertV2.GetCerts()[0].IssuerSerial.Issuer.GetNames()[0].Name)); + Assert.IsTrue(cert.CertificateStructure.SerialNumber.Value.Equals(sigCertV2.GetCerts()[0].IssuerSerial.Serial.Value)); + Assert.IsTrue(Arrays.AreEqual(certHash256, sigCertV2.GetCerts()[0].GetCertHash())); + + } + + + + + private void basicTestWithTSA(AsymmetricKeyParameter privateKey, X509Certificate cert, IX509Store certs) + { + TimeStampTokenGenerator tsTokenGen = new TimeStampTokenGenerator( + privateKey, cert, TspAlgorithms.Sha1, "1.2"); + + tsTokenGen.SetCertificates(certs); + tsTokenGen.SetTsa(new Asn1.X509.GeneralName(new X509Name("CN=Test"))); + + TimeStampRequestGenerator reqGen = new TimeStampRequestGenerator(); + TimeStampRequest request = reqGen.Generate(TspAlgorithms.Sha1, new byte[20], BigInteger.ValueOf(100)); + + TimeStampResponseGenerator tsRespGen = new TimeStampResponseGenerator(tsTokenGen, TspAlgorithms.Allowed); + + TimeStampResponse tsResp = tsRespGen.Generate(request, BigInteger.ValueOf(23), DateTime.UtcNow); + + tsResp = new TimeStampResponse(tsResp.GetEncoded()); + + TimeStampToken tsToken = tsResp.TimeStampToken; + + tsToken.Validate(cert); + + Asn1.Cms.AttributeTable table = tsToken.SignedAttributes; + + Assert.IsNotNull(table[PkcsObjectIdentifiers.IdAASigningCertificate], "no signingCertificate attribute found"); + + } + + private void basicSha256Test(AsymmetricKeyParameter privateKey, X509Certificate cert, IX509Store certs) + { + SignerInfoGenerator sInfoGenerator = makeInfoGenerator(privateKey, cert, TspAlgorithms.Sha256, null, null); + TimeStampTokenGenerator tsTokenGen = new TimeStampTokenGenerator( + sInfoGenerator, + Asn1DigestFactory.Get(NistObjectIdentifiers.IdSha256), new DerObjectIdentifier("1.2"), true); + + tsTokenGen.SetCertificates(certs); + + TimeStampRequestGenerator reqGen = new TimeStampRequestGenerator(); + TimeStampRequest request = reqGen.Generate(TspAlgorithms.Sha256, new byte[32], BigInteger.ValueOf(100)); + + TimeStampResponseGenerator tsRespGen = new TimeStampResponseGenerator(tsTokenGen, TspAlgorithms.Allowed); + + TimeStampResponse tsResp = tsRespGen.Generate(request, new BigInteger("23"), DateTime.Now); + + Assert.AreEqual((int)PkiStatus.Granted, tsResp.Status); + + tsResp = new TimeStampResponse(tsResp.GetEncoded()); + + TimeStampToken tsToken = tsResp.TimeStampToken; + + tsToken.Validate(cert); + + Asn1.Cms.AttributeTable table = tsToken.SignedAttributes; + + Assert.NotNull(table[PkcsObjectIdentifiers.IdAASigningCertificateV2]); + + Asn1DigestFactory digCalc = Asn1DigestFactory.Get(NistObjectIdentifiers.IdSha256); + IStreamCalculator calc = digCalc.CreateCalculator(); + using (Stream s = calc.Stream) + { + byte[] crt = cert.GetEncoded(); + s.Write(crt, 0, crt.Length); + } + + byte[] certHash = ((SimpleBlockResult)calc.GetResult()).Collect(); + + SigningCertificateV2 sigCertV2 = SigningCertificateV2.GetInstance(table[PkcsObjectIdentifiers.IdAASigningCertificateV2].AttrValues[0]); + + Assert.IsTrue(Arrays.AreEqual(certHash, sigCertV2.GetCerts()[0].GetCertHash())); + } + + private void resolutionTest(AsymmetricKeyParameter privateKey, X509.X509Certificate cert, IX509Store certs, Resolution resoution, string timeString) + { + TimeStampTokenGenerator tsTokenGen = new TimeStampTokenGenerator( + privateKey, cert, TspAlgorithms.Sha1, "1.2"); + + tsTokenGen.Resolution = resoution; + tsTokenGen.SetCertificates(certs); + + TimeStampRequestGenerator reqGen = new TimeStampRequestGenerator(); + TimeStampRequest request = reqGen.Generate(TspAlgorithms.Sha1, new byte[20], BigInteger.ValueOf(100)); + + TimeStampResponseGenerator tsRespGen = new TimeStampResponseGenerator(tsTokenGen, TspAlgorithms.Allowed); + + TimeStampResponse tsResp = tsRespGen.Generate(request, BigInteger.ValueOf(23), UnixEpoch.AddMilliseconds(9999)); + + tsResp = new TimeStampResponse(tsResp.GetEncoded()); + + TimeStampToken tsToken = tsResp.TimeStampToken; + + // This done instead of relying on string comparison. + Assert.AreEqual(timeString, tsToken.TimeStampInfo.TstInfo.GenTime.TimeString); + + tsResp = tsRespGen.Generate(request, new BigInteger("23"), UnixEpoch.AddMilliseconds(9000)); + tsToken = tsResp.TimeStampToken; + Assert.AreEqual("19700101000009Z", tsToken.TimeStampInfo.TstInfo.GenTime.TimeString); + + if ((int)resoution > (int)Resolution.R_HUNDREDTHS_OF_SECONDS) + { + tsResp = tsRespGen.Generate(request, new BigInteger("23"), UnixEpoch.AddMilliseconds(9990)); + tsToken = tsResp.TimeStampToken; + Assert.AreEqual("19700101000009.99Z", tsToken.TimeStampInfo.TstInfo.GenTime.TimeString); + } + + if ((int)resoution > (int)Resolution.R_TENTHS_OF_SECONDS) + { + tsResp = tsRespGen.Generate(request, new BigInteger("23"), UnixEpoch.AddMilliseconds(9900)); + tsToken = tsResp.TimeStampToken; + Assert.AreEqual("19700101000009.9Z", tsToken.TimeStampInfo.TstInfo.GenTime.TimeString); + } + + + } + + private void basicTest(AsymmetricKeyParameter privateKey, X509.X509Certificate cert, IX509Store certs) + { + TimeStampTokenGenerator tsTokenGen = new TimeStampTokenGenerator( + privateKey, cert, TspAlgorithms.Sha1, "1.2"); + + tsTokenGen.SetCertificates(certs); + + TimeStampRequestGenerator reqGen = new TimeStampRequestGenerator(); + TimeStampRequest request = reqGen.Generate(TspAlgorithms.Sha1, new byte[20], BigInteger.ValueOf(100)); + + TimeStampResponseGenerator tsRespGen = new TimeStampResponseGenerator(tsTokenGen, TspAlgorithms.Allowed); + + TimeStampResponse tsResp = tsRespGen.Generate(request, BigInteger.ValueOf(23), DateTime.UtcNow); + + tsResp = new TimeStampResponse(tsResp.GetEncoded()); + + TimeStampToken tsToken = tsResp.TimeStampToken; + + tsToken.Validate(cert); + + Asn1.Cms.AttributeTable table = tsToken.SignedAttributes; + + Assert.IsNotNull(table[PkcsObjectIdentifiers.IdAASigningCertificate], "no signingCertificate attribute found"); + + + } + + internal static SignerInfoGenerator makeInfoGenerator( + AsymmetricKeyParameter key, + X509Certificate cert, + string digestOID, + + Asn1.Cms.AttributeTable signedAttr, + Asn1.Cms.AttributeTable unsignedAttr) + { + TspUtil.ValidateCertificate(cert); + + // + // Add the ESSCertID attribute + // + IDictionary signedAttrs; + if (signedAttr != null) + { + signedAttrs = signedAttr.ToDictionary(); + } + else + { + signedAttrs = new Hashtable(); + } + + string digestName = TspTestUtil.GetDigestAlgName(digestOID); + string signatureName = digestName + "with" + TspTestUtil.GetEncryptionAlgName( + TspTestUtil.GetEncOid(key, digestOID)); + + Asn1SignatureFactory sigfact = new Asn1SignatureFactory(signatureName, key); + return new SignerInfoGeneratorBuilder() + .WithSignedAttributeGenerator( + new DefaultSignedAttributeTableGenerator( + new Asn1.Cms.AttributeTable(signedAttrs))) + .WithUnsignedAttributeGenerator( + new SimpleAttributeTableGenerator(unsignedAttr)) + .Build(sigfact, cert); + } + + private class TestAttrGen : CmsAttributeTableGenerator + { + private readonly EssCertID mEssCertID; + private readonly EssCertIDv2 mEssCertIDv2; + + public TestAttrGen(EssCertID essCertID, EssCertIDv2 essCertIDv2) + { + this.mEssCertID = essCertID; + this.mEssCertIDv2 = essCertIDv2; + } + + public EssCertID EssCertID + { + get { return mEssCertID; } + } + + public EssCertIDv2 EssCertIDv2 + { + get { return mEssCertIDv2; } + } + + public Asn1.Cms.AttributeTable GetAttributes(IDictionary parameters) + { + CmsAttributeTableGenerator attrGen = new DefaultSignedAttributeTableGenerator(); + + Asn1.Cms.AttributeTable table = attrGen.GetAttributes(parameters); + table = table.Add(PkcsObjectIdentifiers.IdAASigningCertificate, new SigningCertificate(EssCertID)); + table = table.Add(PkcsObjectIdentifiers.IdAASigningCertificateV2, new SigningCertificateV2(new EssCertIDv2[] { EssCertIDv2 })); + + return table; + } + } + } +} diff --git a/BouncyCastle/crypto/test/src/tsp/test/ParseTest.cs b/BouncyCastle/crypto/test/src/tsp/test/ParseTest.cs new file mode 100644 index 0000000..e9489a2 --- /dev/null +++ b/BouncyCastle/crypto/test/src/tsp/test/ParseTest.cs @@ -0,0 +1,397 @@ +using System; +using System.Collections; +using System.IO; + +using NUnit.Framework; + +using Org.BouncyCastle.Asn1.Cmp; +using Org.BouncyCastle.Utilities; +using Org.BouncyCastle.Utilities.Encoders; +using Org.BouncyCastle.X509; +using Org.BouncyCastle.X509.Store; + +namespace Org.BouncyCastle.Tsp.Tests +{ + [TestFixture] + public class ParseTest + { + private static readonly byte[] sha1Request = Base64.Decode("MDACAQEwITAJBgUrDgMCGgUABBT5UbEBmJssO3RxcQtOePxNvfoMpgIIC+GvYW2mtZQ="); + private static readonly byte[] sha1noNonse = Base64.Decode("MCYCAQEwITAJBgUrDgMCGgUABBT5UbEBmJssO3RxcQtOePxNvfoMpg=="); + private static readonly byte[] md5Request = Base64.Decode("MDoCAQEwIDAMBggqhkiG9w0CBQUABBDIl9FBCvjyx0+6EbHbUR6eBgkrBgEEAakHBQECCDQluayIxIzn"); + private static readonly byte[] ripemd160Request = Base64.Decode("MD8CAQEwITAJBgUrJAMCAQUABBSq03a/mk50Yd9lMF+BSqOp/RHGQQYJKwYBBAGpBwUBAgkA4SZs9NfqISMBAf8="); + + private static readonly byte[] sha1Response = Base64.Decode( + "MIICbDADAgEAMIICYwYJKoZIhvcNAQcCoIICVDCCAlACAQMxCzAJBgUrDgMC" + + "GgUAMIHaBgsqhkiG9w0BCRABBKCBygSBxzCBxAIBAQYEKgMEATAhMAkGBSsO" + + "AwIaBQAEFPlRsQGYmyw7dHFxC054/E29+gymAgEEGA8yMDA0MTIwOTA3NTIw" + + "NVowCgIBAYACAfSBAWQBAf8CCAvhr2FtprWUoGmkZzBlMRgwFgYDVQQDEw9F" + + "cmljIEguIEVjaGlkbmExJDAiBgkqhkiG9w0BCQEWFWVyaWNAYm91bmN5Y2Fz" + + "dGxlLm9yZzEWMBQGA1UEChMNQm91bmN5IENhc3RsZTELMAkGA1UEBhMCQVUx" + + "ggFfMIIBWwIBATAqMCUxFjAUBgNVBAoTDUJvdW5jeSBDYXN0bGUxCzAJBgNV" + + "BAYTAkFVAgECMAkGBSsOAwIaBQCggYwwGgYJKoZIhvcNAQkDMQ0GCyqGSIb3" + + "DQEJEAEEMBwGCSqGSIb3DQEJBTEPFw0wNDEyMDkwNzUyMDVaMCMGCSqGSIb3" + + "DQEJBDEWBBTGR1cbm94tWbcpDWrH+bD8UYePsTArBgsqhkiG9w0BCRACDDEc" + + "MBowGDAWBBS37aLzFcheqeJ5cla0gjNWHGKbRzANBgkqhkiG9w0BAQEFAASB" + + "gBrc9CJ3xlcTQuWQXJUqPEn6f6vfJAINKsn22z8LIfS/2p/CTFU6+W/bz8j8" + + "j+8uWEJe8okTsI0FflljIsspqOPTB/RrnXteajbkuk/rLmz1B2g/qWBGAzPI" + + "D214raBc1a7Bpd76PkvSSdjqrEaaskd+7JJiPr9l9yeSoh1AIt0N"); + + private static readonly byte[] sha1noNonseResponse = Base64.Decode( + "MIICYjADAgEAMIICWQYJKoZIhvcNAQcCoIICSjCCAkYCAQMxCzAJBgUrDgMC" + + "GgUAMIHQBgsqhkiG9w0BCRABBKCBwASBvTCBugIBAQYEKgMEATAhMAkGBSsO" + + "AwIaBQAEFPlRsQGYmyw7dHFxC054/E29+gymAgECGA8yMDA0MTIwOTA3MzQx" + + "MlowCgIBAYACAfSBAWQBAf+gaaRnMGUxGDAWBgNVBAMTD0VyaWMgSC4gRWNo" + + "aWRuYTEkMCIGCSqGSIb3DQEJARYVZXJpY0Bib3VuY3ljYXN0bGUub3JnMRYw" + + "FAYDVQQKEw1Cb3VuY3kgQ2FzdGxlMQswCQYDVQQGEwJBVTGCAV8wggFbAgEB" + + "MCowJTEWMBQGA1UEChMNQm91bmN5IENhc3RsZTELMAkGA1UEBhMCQVUCAQIw" + + "CQYFKw4DAhoFAKCBjDAaBgkqhkiG9w0BCQMxDQYLKoZIhvcNAQkQAQQwHAYJ" + + "KoZIhvcNAQkFMQ8XDTA0MTIwOTA3MzQxMlowIwYJKoZIhvcNAQkEMRYEFMNA" + + "xlscHYiByHL9DIEh3FewIhgSMCsGCyqGSIb3DQEJEAIMMRwwGjAYMBYEFLft" + + "ovMVyF6p4nlyVrSCM1YcYptHMA0GCSqGSIb3DQEBAQUABIGAaj46Tarrg7V7" + + "z13bbetrGv+xy159eE8kmIW9nPegru3DuK/GmbMx9W3l0ydx0zdXRwYi6NZc" + + "nNqbEZQZ2L1biJVTflgWq4Nxu4gPGjH/BGHKdH/LyW4eDcXZR39AkNBMnDAK" + + "EmhhJo1/Tc+S/WkV9lnHJCPIn+TAijBUO6EiTik="); + + private static readonly byte[] md5Response = Base64.Decode( + "MIICcDADAgEAMIICZwYJKoZIhvcNAQcCoIICWDCCAlQCAQMxCzAJBgUrDgMC" + + "GgUAMIHeBgsqhkiG9w0BCRABBKCBzgSByzCByAIBAQYJKwYBBAGpBwUBMCAw" + + "DAYIKoZIhvcNAgUFAAQQyJfRQQr48sdPuhGx21EengIBAxgPMjAwNDEyMDkw" + + "NzQ2MTZaMAoCAQGAAgH0gQFkAQH/Agg0JbmsiMSM56BppGcwZTEYMBYGA1UE" + + "AxMPRXJpYyBILiBFY2hpZG5hMSQwIgYJKoZIhvcNAQkBFhVlcmljQGJvdW5j" + + "eWNhc3RsZS5vcmcxFjAUBgNVBAoTDUJvdW5jeSBDYXN0bGUxCzAJBgNVBAYT" + + "AkFVMYIBXzCCAVsCAQEwKjAlMRYwFAYDVQQKEw1Cb3VuY3kgQ2FzdGxlMQsw" + + "CQYDVQQGEwJBVQIBAjAJBgUrDgMCGgUAoIGMMBoGCSqGSIb3DQEJAzENBgsq" + + "hkiG9w0BCRABBDAcBgkqhkiG9w0BCQUxDxcNMDQxMjA5MDc0NjE2WjAjBgkq" + + "hkiG9w0BCQQxFgQUFpRpaiRUUjiY7EbefbWLKDIY0XMwKwYLKoZIhvcNAQkQ" + + "AgwxHDAaMBgwFgQUt+2i8xXIXqnieXJWtIIzVhxim0cwDQYJKoZIhvcNAQEB" + + "BQAEgYBTwKsLLrQm+bvKV7Jwto/cMQh0KsVB5RoEeGn5CI9XyF2Bm+JRcvQL" + + "Nm7SgSOBVt4A90TqujxirNeyQnXRiSnFvXd09Wet9WIQNpwpiGlE7lCrAhuq" + + "/TAUe79VIpoQZDtyhbh0Vzxl24yRoechabC0zuPpOWOzrA4YC3Hv1J2tAA=="); + + private static readonly byte[] signingCert = Base64.Decode( + "MIICWjCCAcOgAwIBAgIBAjANBgkqhkiG9w0BAQQFADAlMRYwFAYDVQQKEw1Cb3Vu" + + "Y3kgQ2FzdGxlMQswCQYDVQQGEwJBVTAeFw0wNDEyMDkwNzEzMTRaFw0wNTAzMTkw" + + "NzEzMTRaMGUxGDAWBgNVBAMTD0VyaWMgSC4gRWNoaWRuYTEkMCIGCSqGSIb3DQEJ" + + "ARYVZXJpY0Bib3VuY3ljYXN0bGUub3JnMRYwFAYDVQQKEw1Cb3VuY3kgQ2FzdGxl" + + "MQswCQYDVQQGEwJBVTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAqGAFO3dK" + + "jB7Ca7u5Z3CabsbGr2Exg+3sztSPiRCIba03es4295EhtDF5bXQvrW2R1Bg72vED" + + "5tWaQjVDetvDfCzVC3ErHLTVk3OgpLIP1gf2T0LcOH2pTh2LP9c5Ceta+uggK8zK" + + "9sYUUnzGPSAZxrqHIIAlPIgqk0BMV+KApyECAwEAAaNaMFgwHQYDVR0OBBYEFO4F" + + "YoqogtB9MjD0NB5x5HN3TrGUMB8GA1UdIwQYMBaAFPXAecuwLqNkCxYVLE/ngFQR" + + "7RLIMBYGA1UdJQEB/wQMMAoGCCsGAQUFBwMIMA0GCSqGSIb3DQEBBAUAA4GBADGi" + + "D5/qmGvcBgswEM/z2dF4lOxbTNKUW31ZHiU8CXlN0IkFtNbBLBTbJOQIAUnNEabL" + + "T7aYgj813OZKUbJTx4MuGChhot/TEP7hKo/xz9OnXLsqYDKbqbo8iLOode+SI7II" + + "+yYghOtqvx32cL2Qmffi1LaMbhJP+8NbsIxowdRC"); + + private static readonly byte[] unacceptablePolicy = Base64.Decode( + "MDAwLgIBAjAkDCJSZXF1ZXN0ZWQgcG9saWN5IGlzIG5vdCBzdXBwb3J0ZWQuAwMAAAE="); + + private static readonly byte[] generalizedTime = Base64.Decode( + "MIIKPTADAgEAMIIKNAYJKoZIhvcNAQcCoIIKJTCCCiECAQMxCzAJBgUrDgMC" + + "GgUAMIIBGwYLKoZIhvcNAQkQAQSgggEKBIIBBjCCAQICAQEGCisGAQQBhFkK" + + "AwEwITAJBgUrDgMCGgUABBQAAAAAAAAAAAAAAAAAAAAAAAAAAAICUC8YEzIw" + + "MDUwMzEwMTA1ODQzLjkzM1owBIACAfQBAf8CAWSggaikgaUwgaIxCzAJBgNV" + + "BAYTAkdCMRcwFQYDVQQIEw5DYW1icmlkZ2VzaGlyZTESMBAGA1UEBxMJQ2Ft" + + "YnJpZGdlMSQwIgYDVQQKExtuQ2lwaGVyIENvcnBvcmF0aW9uIExpbWl0ZWQx" + + "JzAlBgNVBAsTHm5DaXBoZXIgRFNFIEVTTjozMjJBLUI1REQtNzI1QjEXMBUG" + + "A1UEAxMOZGVtby1kc2UyMDAtMDGgggaFMIID2TCCA0KgAwIBAgICAIswDQYJ" + + "KoZIhvcNAQEFBQAwgYwxCzAJBgNVBAYTAkdCMRcwFQYDVQQIEw5DYW1icmlk" + + "Z2VzaGlyZTESMBAGA1UEBxMJQ2FtYnJpZGdlMSQwIgYDVQQKExtuQ2lwaGVy" + + "IENvcnBvcmF0aW9uIExpbWl0ZWQxGDAWBgNVBAsTD1Byb2R1Y3Rpb24gVEVT" + + "VDEQMA4GA1UEAxMHVEVTVCBDQTAeFw0wNDA2MTQxNDIzNTlaFw0wNTA2MTQx" + + "NDIzNTlaMIGiMQswCQYDVQQGEwJHQjEXMBUGA1UECBMOQ2FtYnJpZGdlc2hp" + + "cmUxEjAQBgNVBAcTCUNhbWJyaWRnZTEkMCIGA1UEChMbbkNpcGhlciBDb3Jw" + + "b3JhdGlvbiBMaW1pdGVkMScwJQYDVQQLEx5uQ2lwaGVyIERTRSBFU046MzIy" + + "QS1CNURELTcyNUIxFzAVBgNVBAMTDmRlbW8tZHNlMjAwLTAxMIGfMA0GCSqG" + + "SIb3DQEBAQUAA4GNADCBiQKBgQC7zUamCeLIApddx1etW5YEFrL1WXnlCd7j" + + "mMFI6RpSq056LBkF1z5LgucLY+e/c3u2Nw+XJuS3a2fKuBD7I1s/6IkVtIb/" + + "KLDjjafOnottKhprH8K41siJUeuK3PRzfZ5kF0vwB3rNvWPCBJmp7kHtUQw3" + + "RhIsJTYs7Wy8oVFHVwIDAQABo4IBMDCCASwwCQYDVR0TBAIwADAWBgNVHSUB" + + "Af8EDDAKBggrBgEFBQcDCDAsBglghkgBhvhCAQ0EHxYdT3BlblNTTCBHZW5l" + + "cmF0ZWQgQ2VydGlmaWNhdGUwHQYDVR0OBBYEFDlEe9Pd0WwQrtnEmFRI2Vmt" + + "b+lCMIG5BgNVHSMEgbEwga6AFNy1VPweOQLC65bs6/0RcUYB19vJoYGSpIGP" + + "MIGMMQswCQYDVQQGEwJHQjEXMBUGA1UECBMOQ2FtYnJpZGdlc2hpcmUxEjAQ" + + "BgNVBAcTCUNhbWJyaWRnZTEkMCIGA1UEChMbbkNpcGhlciBDb3Jwb3JhdGlv" + + "biBMaW1pdGVkMRgwFgYDVQQLEw9Qcm9kdWN0aW9uIFRFU1QxEDAOBgNVBAMT" + + "B1RFU1QgQ0GCAQAwDQYJKoZIhvcNAQEFBQADgYEASEMlrpRE1RYZPxP3530e" + + "hOYUDjgQbw0dwpPjQtLWkeJrePMzDBAbuWwpRI8dOzKP3Rnrm5rxJ7oLY2S0" + + "A9ZfV+iwFKagEHFytfnPm2Y9AeNR7a3ladKd7NFMw+5Tbk7Asbetbb+NJfCl" + + "9YzHwxLGiQbpKxgc+zYOjq74eGLKtcKhggKkMIICDQIBATCB0qGBqKSBpTCB" + + "ojELMAkGA1UEBhMCR0IxFzAVBgNVBAgTDkNhbWJyaWRnZXNoaXJlMRIwEAYD" + + "VQQHEwlDYW1icmlkZ2UxJDAiBgNVBAoTG25DaXBoZXIgQ29ycG9yYXRpb24g" + + "TGltaXRlZDEnMCUGA1UECxMebkNpcGhlciBEU0UgRVNOOjMyMkEtQjVERC03" + + "MjVCMRcwFQYDVQQDEw5kZW1vLWRzZTIwMC0wMaIlCgEBMAkGBSsOAwIaBQAD" + + "FQDaLe88TQvM+iMKmIXMmDSyPCZ/+KBmMGSkYjBgMQswCQYDVQQGEwJVUzEk" + + "MCIGA1UEChMbbkNpcGhlciBDb3Jwb3JhdGlvbiBMaW1pdGVkMRgwFgYDVQQL" + + "Ew9Qcm9kdWN0aW9uIFRlc3QxETAPBgNVBAMTCFRlc3QgVE1DMA0GCSqGSIb3" + + "DQEBBQUAAgjF2jVbAAAAADAiGA8yMDA1MDMxMDAyNTQxOVoYDzIwMDUwMzEz" + + "MDI1NDE5WjCBjTBLBgorBgEEAYRZCgQBMT0wOzAMAgTF2jVbAgQAAAAAMA8C" + + "BAAAAAACBAAAaLkCAf8wDAIEAAAAAAIEAAKV/DAMAgTF3inbAgQAAAAAMD4G" + + "CisGAQQBhFkKBAIxMDAuMAwGCisGAQQBhFkKAwGgDjAMAgQAAAAAAgQAB6Eg" + + "oQ4wDAIEAAAAAAIEAAPQkDANBgkqhkiG9w0BAQUFAAOBgQB1q4d3GNWk7oAT" + + "WkpYmZaTFvapMhTwAmAtSGgFmNOZhs21iHWl/X990/HEBsduwxohfrd8Pz64" + + "hV/a76rpeJCVUfUNmbRIrsurFx6uKwe2HUHKW8grZWeCD1L8Y1pKQdrD41gu" + + "v0msfOXzLWW+xe5BcJguKclN8HmT7s2odtgiMTGCAmUwggJhAgEBMIGTMIGM" + + "MQswCQYDVQQGEwJHQjEXMBUGA1UECBMOQ2FtYnJpZGdlc2hpcmUxEjAQBgNV" + + "BAcTCUNhbWJyaWRnZTEkMCIGA1UEChMbbkNpcGhlciBDb3Jwb3JhdGlvbiBM" + + "aW1pdGVkMRgwFgYDVQQLEw9Qcm9kdWN0aW9uIFRFU1QxEDAOBgNVBAMTB1RF" + + "U1QgQ0ECAgCLMAkGBSsOAwIaBQCgggEnMBoGCSqGSIb3DQEJAzENBgsqhkiG" + + "9w0BCRABBDAjBgkqhkiG9w0BCQQxFgQUi1iYx5H3ACnvngWZTPfdxGswkSkw" + + "geMGCyqGSIb3DQEJEAIMMYHTMIHQMIHNMIGyBBTaLe88TQvM+iMKmIXMmDSy" + + "PCZ/+DCBmTCBkqSBjzCBjDELMAkGA1UEBhMCR0IxFzAVBgNVBAgTDkNhbWJy" + + "aWRnZXNoaXJlMRIwEAYDVQQHEwlDYW1icmlkZ2UxJDAiBgNVBAoTG25DaXBo" + + "ZXIgQ29ycG9yYXRpb24gTGltaXRlZDEYMBYGA1UECxMPUHJvZHVjdGlvbiBU" + + "RVNUMRAwDgYDVQQDEwdURVNUIENBAgIAizAWBBSpS/lH6bN/wf3E2z2X29vF" + + "2U7YHTANBgkqhkiG9w0BAQUFAASBgGvDVsgsG5I5WKjEDVHvdRwUx+8Cp10l" + + "zGF8o1h7aK5O3zQ4jLayYHea54E5+df35gG7Z3eoOy8E350J7BvHiwDLTqe8" + + "SoRlGs9VhL6LMmCcERfGSlSn61Aa15iXZ8eHMSc5JTeJl+kqy4I3FPP4m2ai" + + "8wy2fQhn7hUM8Ntg7Y2s"); + + private static readonly byte[] v2SigningCertResponse = Base64.Decode( + "MIIPPTADAgEAMIIPNAYJKoZIhvcNAQcCoIIPJTCCDyECAQMxDzANBglghkgBZQMEAgEFADCB6QYL" + + "KoZIhvcNAQkQAQSggdkEgdYwgdMCAQEGBgQAj2cBATAxMA0GCWCGSAFlAwQCAQUABCBcU0GN08TA" + + "LUFi7AAwQwVkSXqGu9tAzvJ7EXW7SMXHHQIRAM7Fa7g6tMvZI3dgllwMfpcYDzIwMDcxMjExMTAy" + + "MTU5WjADAgEBAgYBFsi5OlmgYqRgMF4xCzAJBgNVBAYTAkRFMSQwIgYDVQQKDBtEZXV0c2NoZSBS" + + "ZW50ZW52ZXJzaWNoZXJ1bmcxEzARBgNVBAsMClFDIFJvb3QgQ0ExFDASBgNVBAMMC1FDIFJvb3Qg" + + "VFNQoIILQjCCBwkwggXxoAMCAQICAwN1pjANBgkqhkiG9w0BAQsFADBIMQswCQYDVQQGEwJERTEk" + + "MCIGA1UECgwbRGV1dHNjaGUgUmVudGVudmVyc2ljaGVydW5nMRMwEQYDVQQLDApRQyBSb290IENB" + + "MB4XDTA3MTEyMDE2MDcyMFoXDTEyMDcyNzIwMjExMVowXjELMAkGA1UEBhMCREUxJDAiBgNVBAoM" + + "G0RldXRzY2hlIFJlbnRlbnZlcnNpY2hlcnVuZzETMBEGA1UECwwKUUMgUm9vdCBDQTEUMBIGA1UE" + + "AwwLUUMgUm9vdCBUU1AwggEkMA0GCSqGSIb3DQEBAQUAA4IBEQAwggEMAoIBAQCv1vO+EtGnJNs0" + + "atv76BAJXs4bmO8yzVwe3RUtgeu5z9iefh8P46i1g3EL2CD15NcTfoHksr5KudNY30olfjHG7lIu" + + "MO3R5sAcrGDPP7riZJnaI6VD/e6kVR569VBid5z105fJAB7mID7+Bn7pdRwDW3Fy2CzfofXGuvrO" + + "GPNEWq8x8kqqf75DB5nAs5QP8H41obkdkap2ttHkkPZCiMghTs8iHfpJ0STn47MKq+QrUmuATMZi" + + "XrdEfb7f3TBMjO0UVJF64Mh+kC9GtUEHlcm0Tq2Pk5XIUxWEyL94rZ4UWcVdSVE7IjggV2MifMNx" + + "geZO3SwsDZk71AhDBy30CSzBAgUAx3HB5aOCA+IwggPeMBYGA1UdJQEB/wQMMAoGCCsGAQUFBwMI" + + "MBMGA1UdIwQMMAqACECefuBmflfeMBgGCCsGAQUFBwEDBAwwCjAIBgYEAI5GAQEwUAYIKwYBBQUH" + + "AQEERDBCMEAGCCsGAQUFBzABhjRodHRwOi8vb2NzcC1yb290cWMudGMuZGV1dHNjaGUtcmVudGVu" + + "dmVyc2ljaGVydW5nLmRlMHcGA1UdIARwMG4wbAYNKwYBBAGBrTwBCAEBAzBbMFkGCCsGAQUFBwIB" + + "Fk1odHRwOi8vd3d3LmRldXRzY2hlLXJlbnRlbnZlcnNpY2hlcnVuZy1idW5kLmRlL3N0YXRpYy90" + + "cnVzdGNlbnRlci9wb2xpY3kuaHRtbDCCATwGA1UdHwSCATMwggEvMHygeqB4hnZsZGFwOi8vZGly" + + "LnRjLmRldXRzY2hlLXJlbnRlbnZlcnNpY2hlcnVuZy5kZS9vdT1RQyUyMFJvb3QlMjBDQSxjbj1Q" + + "dWJsaWMsbz1EUlYsYz1ERT9hdHRybmFtZT1jZXJ0aWZpY2F0ZVJldm9jYXRpb25MaXN0MIGuoIGr" + + "oIGohoGlaHR0cDovL2Rpci50Yy5kZXV0c2NoZS1yZW50ZW52ZXJzaWNoZXJ1bmcuZGU6ODA4OS9z" + + "ZXJ2bGV0L0Rpclh3ZWIvQ2EveC5jcmw/ZG49b3UlM0RRQyUyMFJvb3QlMjBDQSUyQ2NuJTNEUHVi" + + "bGljJTJDbyUzRERSViUyQ2MlM0RERSZhdHRybmFtZT1jZXJ0aWZpY2F0ZVJldm9jYXRpb25MaXN0" + + "MIIBLQYDVR0SBIIBJDCCASCGdGxkYXA6Ly9kaXIudGMuZGV1dHNjaGUtcmVudGVudmVyc2ljaGVy" + + "dW5nLmRlL2NuPTE0NTUxOCxvdT1RQyUyMFJvb3QlMjBDQSxjbj1QdWJsaWMsbz1EUlYsYz1ERT9h" + + "dHRybmFtZT1jQUNlcnRpZmljYXRlhoGnaHR0cDovL2Rpci50Yy5kZXV0c2NoZS1yZW50ZW52ZXJz" + + "aWNoZXJ1bmcuZGU6ODA4OS9zZXJ2bGV0L0Rpclh3ZWIvQ2EveC5jZXI/ZG49Y24lM0QxNDU1MTgl" + + "MkNvdSUzRFFDJTIwUm9vdCUyMENBJTJDY24lM0RQdWJsaWMlMkNvJTNERFJWJTJDYyUzRERFJmF0" + + "dHJuYW1lPWNBQ2VydGlmaWNhdGUwDgYDVR0PAQH/BAQDAgZAMDsGA1UdCQQ0MDIwMAYDVQQDMSkT" + + "J1FDIFRTUCBEZXV0c2NoZSBSZW50ZW52ZXJzaWNoZXJ1bmcgMTpQTjAMBgNVHRMBAf8EAjAAMA0G" + + "CSqGSIb3DQEBCwUAA4IBAQCCrWe3Pd3ioX7d8phXvVAa859Rvgf0k3pZ6R4GMj8h/k6MNjNIrdAs" + + "wgUVkBbXMLLBk0smsvTdFIVtTBdp1urb9l7vXjDA4MckXBOXPcz4fN8Oswk92d+fM9XU1jKVPsFG" + + "PV6j8lAqfq5jwaRxOnS96UBGLKG+NdcrEyiMp/ZkpqnEQZZfu2mkeq6CPahnbBTZqsE0jgY351gU" + + "9T6SFVvLIFH7cOxJqsoxPqv5YEcgiXPpOyyu2rpQqKYBYcnerF6/zx5hmWHxTd7MWaTHm0gJI/Im" + + "d8esbW+xyaJuAVUcBA+sDmSe8AAoRVxwBRY+xi9ApaJHpmwT+0n2K2GsL3wIMIIEMTCCAxmgAwIB" + + "AgIDAjhuMA0GCSqGSIb3DQEBCwUAMEgxCzAJBgNVBAYTAkRFMSQwIgYDVQQKDBtEZXV0c2NoZSBS" + + "ZW50ZW52ZXJzaWNoZXJ1bmcxEzARBgNVBAsMClFDIFJvb3QgQ0EwHhcNMDcwNzI3MjAyMTExWhcN" + + "MTIwNzI3MjAyMTExWjBIMQswCQYDVQQGEwJERTEkMCIGA1UECgwbRGV1dHNjaGUgUmVudGVudmVy" + + "c2ljaGVydW5nMRMwEQYDVQQLDApRQyBSb290IENBMIIBJDANBgkqhkiG9w0BAQEFAAOCAREAMIIB" + + "DAKCAQEAzuhBdo9c84DdzsggjWOgfC4jJ2jYqpsOpBo3DVyem+5R26QK4feZdyFnaGvyG+TLcdLO" + + "iCecGmrRGD+ey4IhjCONb7hsQQhJWTyDEtBblzYB0yjY8+9fnNeR61W+M/KlMgC6Rw/w+zwzklTM" + + "MWwIbxLHm8l9jTSKFjAWTwjE8bCzpUCwN8+4JbFTwjwOJ5lsVA5Xa34wpgr6lgL3WrVTV1NSprqR" + + "ZYDWg477tht0KkyOJt3guF3RONKBBuTO2qCbpUeI8m4v3tznoopYbV5Gp5wu5gqd6lTfgju3ldql" + + "bxtuCLZd0nAI5rLEOPItDKl4vPXllmmtGIrtDZlwr86cbwIFAJvMJpGjggEgMIIBHDAPBgNVHRMB" + + "Af8EBTADAQH/MBEGA1UdDgQKBAhAnn7gZn5X3jB3BgNVHSAEcDBuMGwGDSsGAQQBga08AQgBAQEw" + + "WzBZBggrBgEFBQcCARZNaHR0cDovL3d3dy5kZXV0c2NoZS1yZW50ZW52ZXJzaWNoZXJ1bmctYnVu" + + "ZC5kZS9zdGF0aWMvdHJ1c3RjZW50ZXIvcG9saWN5Lmh0bWwwUwYDVR0JBEwwSjBIBgNVBAMxQRM/" + + "UUMgV3VyemVsemVydGlmaXppZXJ1bmdzc3RlbGxlIERldXRzY2hlIFJlbnRlbnZlcnNpY2hlcnVu" + + "ZyAxOlBOMBgGCCsGAQUFBwEDBAwwCjAIBgYEAI5GAQEwDgYDVR0PAQH/BAQDAgIEMA0GCSqGSIb3" + + "DQEBCwUAA4IBAQBNGs7Dnc1yzzpZrkuC+oLv+NhbORTEYNgpaOetB1JQ1EbUBoPuNN4ih0ngy/uJ" + + "D2O+h4JsNkmELgaehLWyFwATqCYZY4cTAGVoEwgn93x3aW8JbMDQf+YEJDSDsXcm4oIDFPqv5M6o" + + "HZUWfsPka3mxKivfKtWhooTz1/+BEGReVQ2oOAvlwXlkEab9e3GOqXQUcLPYDTl8BQxiYhtQtf3d" + + "kORiUkuGiGX1YJ5JnZnG3ElMjPgOl8rOiYU7oj9uv1HVb5sdAwuVw0BR/eiMVDBT8DNyfoJmPeQQ" + + "A9pXtoAYO0Ya7wNNmCY2Y63YfBlRCF+9VQv2RZ4TdO1KGWwxR98OMYIC1zCCAtMCAQEwTzBIMQsw" + + "CQYDVQQGEwJERTEkMCIGA1UECgwbRGV1dHNjaGUgUmVudGVudmVyc2ljaGVydW5nMRMwEQYDVQQL" + + "DApRQyBSb290IENBAgMDdaYwDQYJYIZIAWUDBAIBBQCgggFZMBoGCSqGSIb3DQEJAzENBgsqhkiG" + + "9w0BCRABBDAvBgkqhkiG9w0BCQQxIgQgO7FFODWWwF5RUjo6wjIkgkD5u7dH+NICiCpSgRRqd/Aw" + + "ggEIBgsqhkiG9w0BCRACLzGB+DCB9TCB8jB3BCAMMZqK/5pZxOb3ruCbcgxStaTDwDHaf2glEo6P" + + "+89t8TBTMEykSjBIMQswCQYDVQQGEwJERTEkMCIGA1UECgwbRGV1dHNjaGUgUmVudGVudmVyc2lj" + + "aGVydW5nMRMwEQYDVQQLDApRQyBSb290IENBAgMDdaYwdwQgl7vwI+P47kpxhWLoIdEco7UfGwZ2" + + "X4el3jaZ67q5/9IwUzBMpEowSDELMAkGA1UEBhMCREUxJDAiBgNVBAoMG0RldXRzY2hlIFJlbnRl" + + "bnZlcnNpY2hlcnVuZzETMBEGA1UECwwKUUMgUm9vdCBDQQIDAjhuMA0GCSqGSIb3DQEBCwUABIIB" + + "AIOYgpDI0BaeG4RF/EB5QzkUqAZ9nX6w895+m2hHyRKrAKdj3913j5QI+aEVIG3DVbFaAfdKeKfn" + + "xsTW48aWs6aARtPAc+1OXwoGUSYElOFqqVpSeTaXe+kjY5bsLSQeETB+EPvXl8EcKTaxTRCNOqJU" + + "XbnyYRgWTI55A2jH6IsQQVHc5DaIcmbdI8iATaRTHY5eUeVuI+Q/3RMVBFAb5qRhM61Ddcrjq058" + + "C0uiH9G2IB5QRyu6RsCUgrkeMTMBqlIBlnDBy+EgLouDU4Dehxy5uzEl5DBKZEewZpQZOTO/kAgL" + + "WruAAg/Lj4r0f9vN12wRlHoS2UKDjrE1DnUBbrM="); + + public string Name + { + get { return "ParseTest"; } + } + + private static void requestParse( + byte[] request, + string algorithm) + { + TimeStampRequest req = new TimeStampRequest(request); + + if (!req.MessageImprintAlgOid.Equals(algorithm)) + { + Assert.Fail("failed to get expected algorithm - got " + + req.MessageImprintAlgOid + " not " + algorithm); + } + + if (request != sha1Request && request != sha1noNonse) + { + if (!req.ReqPolicy.Equals(TspTestUtil.EuroPkiTsaTestPolicy.Id)) + { + Assert.Fail("" + algorithm + " failed policy check."); + } + + if (request == ripemd160Request) + { + if (!req.CertReq) + { + Assert.Fail("" + algorithm + " failed certReq check."); + } + } + } + + Assert.AreEqual(1, req.Version, "version not 1"); + + Assert.IsNull(req.GetCriticalExtensionOids(), "critical extensions found when none expected"); + + Assert.IsNull(req.GetNonCriticalExtensionOids(), "non-critical extensions found when none expected"); + + if (request != sha1noNonse) + { + if (req.Nonce == null) + { + Assert.Fail("" + algorithm + " nonse not found when one expected."); + } + } + else + { + if (req.Nonce != null) + { + Assert.Fail("" + algorithm + " nonse not found when one not expected."); + } + } + + try + { + req.Validate(TspAlgorithms.Allowed, null, null); + } + catch (Exception) + { + Assert.Fail("validation exception."); + } + + if (!Arrays.AreEqual(req.GetEncoded(), request)) + { + Assert.Fail("" + algorithm + " failed encode check."); + } + } + + private static void responseParse( + byte[] request, + byte[] response, + string algorithm) + { + TimeStampRequest req = new TimeStampRequest(request); + TimeStampResponse resp = new TimeStampResponse(response); + + resp.Validate(req); + + X509Certificate cert = new X509CertificateParser().ReadCertificate(signingCert); + + resp.TimeStampToken.Validate(cert); + } + + private static void unacceptableResponseParse( + byte[] response) + { + TimeStampResponse resp = new TimeStampResponse(response); + + if (resp.Status != (int) PkiStatus.Rejection) + { + Assert.Fail("request not rejected."); + } + + if (resp.GetFailInfo().IntValue != PkiFailureInfo.UnacceptedPolicy) + { + Assert.Fail("request not rejected."); + } + } + + private static void generalizedTimeParse( + byte[] response) + { + TimeStampResponse resp = new TimeStampResponse(response); + + if (resp.Status != (int) PkiStatus.Granted) + { + Assert.Fail("request not rejected."); + } + } + + [Test] + public void TestSha1() + { + requestParse(sha1Request, TspAlgorithms.Sha1); + requestParse(sha1noNonse, TspAlgorithms.Sha1); + responseParse(sha1Request, sha1Response, TspAlgorithms.Sha1); + responseParse(sha1noNonse, sha1noNonseResponse, TspAlgorithms.Sha1); + } + + [Test] + public void TestMD5() + { + requestParse(md5Request, TspAlgorithms.MD5); + responseParse(md5Request, md5Response, TspAlgorithms.MD5); + } + + [Test] + public void TestRipeMD160() + { + requestParse(ripemd160Request, TspAlgorithms.RipeMD160); + } + + [Test] + public void TestUnacceptable() + { + unacceptableResponseParse(unacceptablePolicy); + } + + [Test] + public void TestGeneralizedTime() + { + // TODO: response is invalid - malformed integer + // generalizedTimeParse(generalizedTime); + } + + [Test] + public void TestV2SigningResponseParse() + { + v2SigningResponseParse(v2SigningCertResponse); + } + + private void v2SigningResponseParse( + byte[] encoded) + { + TimeStampResponse response = new TimeStampResponse(encoded); + + IX509Store store = response.TimeStampToken.GetCertificates("Collection"); + X509Certificate cert = (X509Certificate) + new ArrayList(store.GetMatches(response.TimeStampToken.SignerID))[0]; + + response.TimeStampToken.Validate(cert); + } + +// public static void parse( +// byte[] encoded, +// bool tokenPresent) +// { +// TimeStampResponse response = new TimeStampResponse(encoded); +// +// if (tokenPresent && response.TimeStampToken == null) +// { +// Assert.Fail("token not found when expected."); +// } +// } + } +} diff --git a/BouncyCastle/crypto/test/src/tsp/test/TSPTest.cs b/BouncyCastle/crypto/test/src/tsp/test/TSPTest.cs new file mode 100644 index 0000000..4a4f2e2 --- /dev/null +++ b/BouncyCastle/crypto/test/src/tsp/test/TSPTest.cs @@ -0,0 +1,687 @@ +using System; +using System.Collections; + +using NUnit.Framework; +using Org.BouncyCastle.Asn1; +using Org.BouncyCastle.Asn1.Cmp; +using Org.BouncyCastle.Asn1.Cms; +using Org.BouncyCastle.Asn1.Ess; +using Org.BouncyCastle.Asn1.Nist; +using Org.BouncyCastle.Asn1.Oiw; +using Org.BouncyCastle.Asn1.Pkcs; +using Org.BouncyCastle.Cms; +using Org.BouncyCastle.Crypto; +using Org.BouncyCastle.Crypto.Operators; +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Math; +using Org.BouncyCastle.Utilities; +using Org.BouncyCastle.X509; +using Org.BouncyCastle.X509.Store; + +namespace Org.BouncyCastle.Tsp.Tests +{ + [TestFixture] + public class TspTest + { + private static AsymmetricKeyParameter privateKey; + private static X509Certificate cert; + private static IX509Store certs; + + + + static TspTest() + { + string signDN = "O=Bouncy Castle, C=AU"; + AsymmetricCipherKeyPair signKP = TspTestUtil.MakeKeyPair(); + X509Certificate signCert = TspTestUtil.MakeCACertificate(signKP, signDN, signKP, signDN); + + + string origDN = "CN=Eric H. Echidna, E=eric@bouncycastle.org, O=Bouncy Castle, C=AU"; + AsymmetricCipherKeyPair origKP = TspTestUtil.MakeKeyPair(); + privateKey = origKP.Private; + + + + cert = TspTestUtil.MakeCertificate(origKP, origDN, signKP, signDN); + + IList certList = new ArrayList(); + certList.Add(cert); + certList.Add(signCert); + + certs = X509StoreFactory.Create( + "Certificate/Collection", + new X509CollectionStoreParameters(certList)); + } + + [Test] + public void TestBasic() + { + TimeStampTokenGenerator tsTokenGen = new TimeStampTokenGenerator( + privateKey, cert, TspAlgorithms.Sha1, "1.2"); + + tsTokenGen.SetCertificates(certs); + + TimeStampRequestGenerator reqGen = new TimeStampRequestGenerator(); + TimeStampRequest request = reqGen.Generate(TspAlgorithms.Sha1, new byte[20], BigInteger.ValueOf(100)); + + TimeStampResponseGenerator tsRespGen = new TimeStampResponseGenerator(tsTokenGen, TspAlgorithms.Allowed); + + TimeStampResponse tsResp = tsRespGen.Generate(request, BigInteger.ValueOf(23), DateTime.UtcNow); + + tsResp = new TimeStampResponse(tsResp.GetEncoded()); + + TimeStampToken tsToken = tsResp.TimeStampToken; + + tsToken.Validate(cert); + + AttributeTable table = tsToken.SignedAttributes; + + Assert.IsNotNull(table[PkcsObjectIdentifiers.IdAASigningCertificate], "no signingCertificate attribute found"); + } + + [Test] + public void TestResponseValidation() + { + TimeStampTokenGenerator tsTokenGen = new TimeStampTokenGenerator( + privateKey, cert, TspAlgorithms.MD5, "1.2"); + + tsTokenGen.SetCertificates(certs); + + TimeStampRequestGenerator reqGen = new TimeStampRequestGenerator(); + TimeStampRequest request = reqGen.Generate(TspAlgorithms.Sha1, new byte[20], BigInteger.ValueOf(100)); + + TimeStampResponseGenerator tsRespGen = new TimeStampResponseGenerator(tsTokenGen, TspAlgorithms.Allowed); + + TimeStampResponse tsResp = tsRespGen.Generate(request, BigInteger.ValueOf(23), DateTime.UtcNow); + + tsResp = new TimeStampResponse(tsResp.GetEncoded()); + + TimeStampToken tsToken = tsResp.TimeStampToken; + + tsToken.Validate(cert); + + // + // check validation + // + tsResp.Validate(request); + + try + { + request = reqGen.Generate(TspAlgorithms.Sha1, new byte[20], BigInteger.ValueOf(101)); + + tsResp.Validate(request); + + Assert.Fail("response validation failed on invalid nonce."); + } + catch (TspValidationException) + { + // ignore + } + + try + { + request = reqGen.Generate(TspAlgorithms.Sha1, new byte[22], BigInteger.ValueOf(100)); + + tsResp.Validate(request); + + Assert.Fail("response validation failed on wrong digest."); + } + catch (TspValidationException) + { + // ignore + } + + try + { + request = reqGen.Generate(TspAlgorithms.MD5, new byte[20], BigInteger.ValueOf(100)); + + tsResp.Validate(request); + + Assert.Fail("response validation failed on wrong digest."); + } + catch (TspValidationException) + { + // ignore + } + } + + [Test] + public void TestIncorrectHash() + { + TimeStampTokenGenerator tsTokenGen = new TimeStampTokenGenerator( + privateKey, cert, TspAlgorithms.Sha1, "1.2"); + + tsTokenGen.SetCertificates(certs); + + TimeStampRequestGenerator reqGen = new TimeStampRequestGenerator(); + TimeStampRequest request = reqGen.Generate(TspAlgorithms.Sha1, new byte[16]); + + TimeStampResponseGenerator tsRespGen = new TimeStampResponseGenerator(tsTokenGen, TspAlgorithms.Allowed); + + TimeStampResponse tsResp = tsRespGen.Generate(request, BigInteger.ValueOf(23), DateTime.UtcNow); + + tsResp = new TimeStampResponse(tsResp.GetEncoded()); + + TimeStampToken tsToken = tsResp.TimeStampToken; + + if (tsToken != null) + { + Assert.Fail("incorrectHash - token not null."); + } + + PkiFailureInfo failInfo = tsResp.GetFailInfo(); + + if (failInfo == null) + { + Assert.Fail("incorrectHash - failInfo set to null."); + } + + if (failInfo.IntValue != PkiFailureInfo.BadDataFormat) + { + Assert.Fail("incorrectHash - wrong failure info returned."); + } + } + + [Test] + public void TestBadAlgorithm() + { + TimeStampTokenGenerator tsTokenGen = new TimeStampTokenGenerator( + privateKey, cert, TspAlgorithms.Sha1, "1.2"); + + tsTokenGen.SetCertificates(certs); + + TimeStampRequestGenerator reqGen = new TimeStampRequestGenerator(); + TimeStampRequest request = reqGen.Generate("1.2.3.4.5", new byte[20]); + + TimeStampResponseGenerator tsRespGen = new TimeStampResponseGenerator(tsTokenGen, TspAlgorithms.Allowed); + + TimeStampResponse tsResp = tsRespGen.Generate(request, BigInteger.ValueOf(23), DateTime.UtcNow); + + tsResp = new TimeStampResponse(tsResp.GetEncoded()); + + TimeStampToken tsToken = tsResp.TimeStampToken; + + if (tsToken != null) + { + Assert.Fail("badAlgorithm - token not null."); + } + + PkiFailureInfo failInfo = tsResp.GetFailInfo(); + + if (failInfo == null) + { + Assert.Fail("badAlgorithm - failInfo set to null."); + } + + if (failInfo.IntValue != PkiFailureInfo.BadAlg) + { + Assert.Fail("badAlgorithm - wrong failure info returned."); + } + } + + [Test] + public void TestTimeNotAvailable() + { + TimeStampTokenGenerator tsTokenGen = new TimeStampTokenGenerator( + privateKey, cert, TspAlgorithms.Sha1, "1.2"); + + tsTokenGen.SetCertificates(certs); + + TimeStampRequestGenerator reqGen = new TimeStampRequestGenerator(); + TimeStampRequest request = reqGen.Generate("1.2.3.4.5", new byte[20]); + + TimeStampResponseGenerator tsRespGen = new TimeStampResponseGenerator( + tsTokenGen, TspAlgorithms.Allowed); + + TimeStampResponse tsResp = tsRespGen.Generate(request, new BigInteger("23"), null); + + tsResp = new TimeStampResponse(tsResp.GetEncoded()); + + TimeStampToken tsToken = tsResp.TimeStampToken; + + if (tsToken != null) + { + Assert.Fail("timeNotAvailable - token not null."); + } + + PkiFailureInfo failInfo = tsResp.GetFailInfo(); + + if (failInfo == null) + { + Assert.Fail("timeNotAvailable - failInfo set to null."); + } + + if (failInfo.IntValue != PkiFailureInfo.TimeNotAvailable) + { + Assert.Fail("timeNotAvailable - wrong failure info returned."); + } + } + + [Test] + public void TestBadPolicy() + { + TimeStampTokenGenerator tsTokenGen = new TimeStampTokenGenerator( + privateKey, cert, TspAlgorithms.Sha1, "1.2"); + + tsTokenGen.SetCertificates(certs); + + TimeStampRequestGenerator reqGen = new TimeStampRequestGenerator(); + + reqGen.SetReqPolicy("1.1"); + + TimeStampRequest request = reqGen.Generate(TspAlgorithms.Sha1, new byte[20]); + + TimeStampResponseGenerator tsRespGen = new TimeStampResponseGenerator(tsTokenGen, TspAlgorithms.Allowed, new ArrayList()); + + TimeStampResponse tsResp = tsRespGen.Generate(request, BigInteger.ValueOf(23), DateTime.UtcNow); + + tsResp = new TimeStampResponse(tsResp.GetEncoded()); + + TimeStampToken tsToken = tsResp.TimeStampToken; + + if (tsToken != null) + { + Assert.Fail("badPolicy - token not null."); + } + + PkiFailureInfo failInfo = tsResp.GetFailInfo(); + + if (failInfo == null) + { + Assert.Fail("badPolicy - failInfo set to null."); + } + + if (failInfo.IntValue != PkiFailureInfo.UnacceptedPolicy) + { + Assert.Fail("badPolicy - wrong failure info returned."); + } + } + + [Test] + public void TestNullPolicy() + { + // null in request and token generator - should fail + TimeStampTokenGenerator tsTokenGen = new TimeStampTokenGenerator( + privateKey, cert, TspAlgorithms.Sha1, null); + + tsTokenGen.SetCertificates(certs); + + TimeStampRequestGenerator reqGen = new TimeStampRequestGenerator(); + + TimeStampRequest request = reqGen.Generate(TspAlgorithms.Sha1, new byte[20]); + + TimeStampResponseGenerator tsRespGen = new TimeStampResponseGenerator(tsTokenGen, TspAlgorithms.Allowed, null); + + TimeStampResponse tsResp = tsRespGen.Generate(request, BigInteger.ValueOf(23), DateTime.UtcNow); + + tsResp = new TimeStampResponse(tsResp.GetEncoded()); + + TimeStampToken tsToken = tsResp.TimeStampToken; + + if (tsToken != null) + { + Assert.Fail("badPolicy - token not null."); + } + + PkiFailureInfo failInfo = tsResp.GetFailInfo(); + + if (failInfo == null) + { + Assert.Fail("badPolicy - failInfo set to null."); + } + + if (failInfo.IntValue != PkiFailureInfo.UnacceptedPolicy) + { + Assert.Fail("badPolicy - wrong failure info returned."); + } + + // request specifies policy, token generator doesn't - should work + reqGen = new TimeStampRequestGenerator(); + + reqGen.SetReqPolicy("1.1"); + + request = reqGen.Generate(TspAlgorithms.Sha1, new byte[20]); + + tsRespGen = new TimeStampResponseGenerator(tsTokenGen, TspAlgorithms.Allowed, null); + + tsResp = tsRespGen.Generate(request, BigInteger.ValueOf(24), DateTime.UtcNow); + + tsResp = new TimeStampResponse(tsResp.GetEncoded()); + + tsToken = tsResp.TimeStampToken; + + Assert.AreEqual(tsToken.TimeStampInfo.Policy, "1.1"); // policy should be picked up off request + } + + [Test] + public void TestCertReq() + { + TimeStampTokenGenerator tsTokenGen = new TimeStampTokenGenerator( + privateKey, cert, TspAlgorithms.MD5, "1.2"); + + tsTokenGen.SetCertificates(certs); + + TimeStampRequestGenerator reqGen = new TimeStampRequestGenerator(); + + // + // request with certReq false + // + reqGen.SetCertReq(false); + + TimeStampRequest request = reqGen.Generate(TspAlgorithms.Sha1, new byte[20], BigInteger.ValueOf(100)); + + TimeStampResponseGenerator tsRespGen = new TimeStampResponseGenerator(tsTokenGen, TspAlgorithms.Allowed); + + TimeStampResponse tsResp = tsRespGen.Generate(request, BigInteger.ValueOf(23), DateTime.UtcNow); + + tsResp = new TimeStampResponse(tsResp.GetEncoded()); + + TimeStampToken tsToken = tsResp.TimeStampToken; + + Assert.IsNull(tsToken.TimeStampInfo.GenTimeAccuracy); // check for abscence of accuracy + + Assert.AreEqual("1.2", tsToken.TimeStampInfo.Policy); + + try + { + tsToken.Validate(cert); + } + catch (TspValidationException) + { + Assert.Fail("certReq(false) verification of token failed."); + } + + IX509Store respCerts = tsToken.GetCertificates("Collection"); + + ICollection certsColl = respCerts.GetMatches(null); + + if (certsColl.Count != 0) + { + Assert.Fail("certReq(false) found certificates in response."); + } + } + + [Test] + public void TestTokenEncoding() + { + TimeStampTokenGenerator tsTokenGen = new TimeStampTokenGenerator( + privateKey, cert, TspAlgorithms.Sha1, "1.2.3.4.5.6"); + + tsTokenGen.SetCertificates(certs); + + TimeStampRequestGenerator reqGen = new TimeStampRequestGenerator(); + TimeStampRequest request = reqGen.Generate(TspAlgorithms.Sha1, new byte[20], BigInteger.ValueOf(100)); + TimeStampResponseGenerator tsRespGen = new TimeStampResponseGenerator(tsTokenGen, TspAlgorithms.Allowed); + TimeStampResponse tsResp = tsRespGen.Generate(request, BigInteger.ValueOf(23), DateTime.UtcNow); + + tsResp = new TimeStampResponse(tsResp.GetEncoded()); + + TimeStampResponse tsResponse = new TimeStampResponse(tsResp.GetEncoded()); + + if (!Arrays.AreEqual(tsResponse.GetEncoded(), tsResp.GetEncoded()) + || !Arrays.AreEqual(tsResponse.TimeStampToken.GetEncoded(), + tsResp.TimeStampToken.GetEncoded())) + { + Assert.Fail(); + } + } + + [Test] + public void TestAccuracyZeroCerts() + { + TimeStampTokenGenerator tsTokenGen = new TimeStampTokenGenerator( + privateKey, cert, TspAlgorithms.MD5, "1.2"); + + tsTokenGen.SetCertificates(certs); + + tsTokenGen.SetAccuracySeconds(1); + tsTokenGen.SetAccuracyMillis(2); + tsTokenGen.SetAccuracyMicros(3); + + TimeStampRequestGenerator reqGen = new TimeStampRequestGenerator(); + TimeStampRequest request = reqGen.Generate(TspAlgorithms.Sha1, new byte[20], BigInteger.ValueOf(100)); + + TimeStampResponseGenerator tsRespGen = new TimeStampResponseGenerator(tsTokenGen, TspAlgorithms.Allowed); + + TimeStampResponse tsResp = tsRespGen.Generate(request, BigInteger.ValueOf(23), DateTime.UtcNow); + + tsResp = new TimeStampResponse(tsResp.GetEncoded()); + + TimeStampToken tsToken = tsResp.TimeStampToken; + + tsToken.Validate(cert); + + // + // check validation + // + tsResp.Validate(request); + + // + // check tstInfo + // + TimeStampTokenInfo tstInfo = tsToken.TimeStampInfo; + + // + // check accuracy + // + GenTimeAccuracy accuracy = tstInfo.GenTimeAccuracy; + + Assert.AreEqual(1, accuracy.Seconds); + Assert.AreEqual(2, accuracy.Millis); + Assert.AreEqual(3, accuracy.Micros); + + Assert.AreEqual(BigInteger.ValueOf(23), tstInfo.SerialNumber); + + Assert.AreEqual("1.2", tstInfo.Policy); + + // + // test certReq + // + IX509Store store = tsToken.GetCertificates("Collection"); + + ICollection certificates = store.GetMatches(null); + + Assert.AreEqual(0, certificates.Count); + } + + [Test] + public void TestAccuracyWithCertsAndOrdering() + { + TimeStampTokenGenerator tsTokenGen = new TimeStampTokenGenerator( + privateKey, cert, TspAlgorithms.MD5, "1.2.3"); + + tsTokenGen.SetCertificates(certs); + + tsTokenGen.SetAccuracySeconds(3); + tsTokenGen.SetAccuracyMillis(1); + tsTokenGen.SetAccuracyMicros(2); + + tsTokenGen.SetOrdering(true); + + TimeStampRequestGenerator reqGen = new TimeStampRequestGenerator(); + + reqGen.SetCertReq(true); + + TimeStampRequest request = reqGen.Generate(TspAlgorithms.Sha1, new byte[20], BigInteger.ValueOf(100)); + + Assert.IsTrue(request.CertReq); + + TimeStampResponseGenerator tsRespGen = new TimeStampResponseGenerator(tsTokenGen, TspAlgorithms.Allowed); + + TimeStampResponse tsResp = tsRespGen.Generate(request, BigInteger.ValueOf(23), DateTime.UtcNow); + + tsResp = new TimeStampResponse(tsResp.GetEncoded()); + + TimeStampToken tsToken = tsResp.TimeStampToken; + + tsToken.Validate(cert); + + // + // check validation + // + tsResp.Validate(request); + + // + // check tstInfo + // + TimeStampTokenInfo tstInfo = tsToken.TimeStampInfo; + + // + // check accuracy + // + GenTimeAccuracy accuracy = tstInfo.GenTimeAccuracy; + + Assert.AreEqual(3, accuracy.Seconds); + Assert.AreEqual(1, accuracy.Millis); + Assert.AreEqual(2, accuracy.Micros); + + Assert.AreEqual(BigInteger.ValueOf(23), tstInfo.SerialNumber); + + Assert.AreEqual("1.2.3", tstInfo.Policy); + + Assert.AreEqual(true, tstInfo.IsOrdered); + + Assert.AreEqual(tstInfo.Nonce, BigInteger.ValueOf(100)); + + // + // test certReq + // + IX509Store store = tsToken.GetCertificates("Collection"); + + ICollection certificates = store.GetMatches(null); + + Assert.AreEqual(2, certificates.Count); + } + + [Test] + public void TestNoNonce() + { + TimeStampTokenGenerator tsTokenGen = new TimeStampTokenGenerator( + privateKey, cert, TspAlgorithms.MD5, "1.2.3"); + + tsTokenGen.SetCertificates(certs); + + TimeStampRequestGenerator reqGen = new TimeStampRequestGenerator(); + TimeStampRequest request = reqGen.Generate(TspAlgorithms.Sha1, new byte[20]); + + Assert.IsFalse(request.CertReq); + + TimeStampResponseGenerator tsRespGen = new TimeStampResponseGenerator(tsTokenGen, TspAlgorithms.Allowed); + + TimeStampResponse tsResp = tsRespGen.Generate(request, BigInteger.ValueOf(24), DateTime.UtcNow); + + tsResp = new TimeStampResponse(tsResp.GetEncoded()); + + TimeStampToken tsToken = tsResp.TimeStampToken; + + tsToken.Validate(cert); + + // + // check validation + // + tsResp.Validate(request); + + // + // check tstInfo + // + TimeStampTokenInfo tstInfo = tsToken.TimeStampInfo; + + // + // check accuracy + // + GenTimeAccuracy accuracy = tstInfo.GenTimeAccuracy; + + Assert.IsNull(accuracy); + + Assert.AreEqual(BigInteger.ValueOf(24), tstInfo.SerialNumber); + + Assert.AreEqual("1.2.3", tstInfo.Policy); + + Assert.IsFalse(tstInfo.IsOrdered); + + Assert.IsNull(tstInfo.Nonce); + + // + // test certReq + // + IX509Store store = tsToken.GetCertificates("Collection"); + + ICollection certificates = store.GetMatches(null); + + Assert.AreEqual(0, certificates.Count); + } + + [Test] + public void TestBasicSha256() + { + SignerInfoGenerator sInfoGenerator = MakeInfoGenerator(privateKey, cert, TspAlgorithms.Sha256, null, null); + TimeStampTokenGenerator tsTokenGen = new TimeStampTokenGenerator( + sInfoGenerator, + Asn1DigestFactory.Get(NistObjectIdentifiers.IdSha256),new DerObjectIdentifier("1.2"),true); + + + tsTokenGen.SetCertificates(certs); + + TimeStampRequestGenerator reqGen = new TimeStampRequestGenerator(); + TimeStampRequest request = reqGen.Generate(TspAlgorithms.Sha256, new byte[32]); + + Assert.IsFalse(request.CertReq); + + TimeStampResponseGenerator tsRespGen = new TimeStampResponseGenerator(tsTokenGen, TspAlgorithms.Allowed); + + TimeStampResponse tsResp = tsRespGen.Generate(request, BigInteger.ValueOf(23), DateTime.UtcNow); + + tsResp = new TimeStampResponse(tsResp.GetEncoded()); + + TimeStampToken tsToken = tsResp.TimeStampToken; + + tsToken.Validate(cert); + + TimeStampTokenInfo tstInfo = tsToken.TimeStampInfo; + + AttributeTable table = tsToken.SignedAttributes; + + Asn1.Cms.Attribute r = table[PkcsObjectIdentifiers.IdAASigningCertificateV2]; + Assert.NotNull(r); + Assert.AreEqual(PkcsObjectIdentifiers.IdAASigningCertificateV2, r.AttrType); + Asn1Set set = r.AttrValues; + SigningCertificateV2 sCert = SigningCertificateV2.GetInstance(set[0]); + + Asn1.X509.IssuerSerial issSerNum = sCert.GetCerts()[0].IssuerSerial; + + Assert.AreEqual(cert.SerialNumber, issSerNum.Serial.Value); + } + + internal static SignerInfoGenerator MakeInfoGenerator(AsymmetricKeyParameter key, X509Certificate cert, + string digestOID, Asn1.Cms.AttributeTable signedAttr, Asn1.Cms.AttributeTable unsignedAttr) + { + TspUtil.ValidateCertificate(cert); + + // + // Add the ESSCertID attribute + // + IDictionary signedAttrs; + if (signedAttr != null) + { + signedAttrs = signedAttr.ToDictionary(); + } + else + { + signedAttrs = new Hashtable(); + } + + string digestName = TspTestUtil.GetDigestAlgName(digestOID); + string signatureName = digestName + "with" + TspTestUtil.GetEncryptionAlgName( + TspTestUtil.GetEncOid(key, digestOID)); + + Asn1SignatureFactory sigfact = new Asn1SignatureFactory(signatureName, key); + return new SignerInfoGeneratorBuilder() + .WithSignedAttributeGenerator( + new DefaultSignedAttributeTableGenerator( + new Asn1.Cms.AttributeTable(signedAttrs))) + .WithUnsignedAttributeGenerator( + new SimpleAttributeTableGenerator(unsignedAttr)) + .Build(sigfact, cert); + } + } +} diff --git a/BouncyCastle/crypto/test/src/tsp/test/TSPTestUtil.cs b/BouncyCastle/crypto/test/src/tsp/test/TSPTestUtil.cs new file mode 100644 index 0000000..c8c6a63 --- /dev/null +++ b/BouncyCastle/crypto/test/src/tsp/test/TSPTestUtil.cs @@ -0,0 +1,417 @@ +using System; +using System.Collections; +using System.Text; + +using Org.BouncyCastle.Asn1; +using Org.BouncyCastle.Asn1.CryptoPro; +using Org.BouncyCastle.Asn1.Eac; +using Org.BouncyCastle.Asn1.Nist; +using Org.BouncyCastle.Asn1.Oiw; +using Org.BouncyCastle.Asn1.Pkcs; +using Org.BouncyCastle.Asn1.TeleTrust; +using Org.BouncyCastle.Asn1.X509; +using Org.BouncyCastle.Asn1.X9; +using Org.BouncyCastle.Crypto; +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Math; +using Org.BouncyCastle.Security; +using Org.BouncyCastle.Utilities.Collections; +using Org.BouncyCastle.Utilities.Encoders; +using Org.BouncyCastle.X509; + +namespace Org.BouncyCastle.Tsp.Tests +{ + public class TspTestUtil + { + public static SecureRandom rand = new SecureRandom(); + public static IAsymmetricCipherKeyPairGenerator kpg; + public static CipherKeyGenerator desede128kg; + public static CipherKeyGenerator desede192kg; + public static CipherKeyGenerator rc240kg; + public static CipherKeyGenerator rc264kg; + public static CipherKeyGenerator rc2128kg; + public static BigInteger serialNumber = BigInteger.One; + public static readonly bool Debug = true; + public static DerObjectIdentifier EuroPkiTsaTestPolicy = new DerObjectIdentifier("1.3.6.1.4.1.5255.5.1"); + + private static readonly string EncryptionECDsaWithSha1 = X9ObjectIdentifiers.ECDsaWithSha1.Id; + private static readonly string EncryptionECDsaWithSha224 = X9ObjectIdentifiers.ECDsaWithSha224.Id; + private static readonly string EncryptionECDsaWithSha256 = X9ObjectIdentifiers.ECDsaWithSha256.Id; + private static readonly string EncryptionECDsaWithSha384 = X9ObjectIdentifiers.ECDsaWithSha384.Id; + private static readonly string EncryptionECDsaWithSha512 = X9ObjectIdentifiers.ECDsaWithSha512.Id; + + public static readonly string DigestSha1 = OiwObjectIdentifiers.IdSha1.Id; + public static readonly string DigestSha224 = NistObjectIdentifiers.IdSha224.Id; + public static readonly string DigestSha256 = NistObjectIdentifiers.IdSha256.Id; + public static readonly string DigestSha384 = NistObjectIdentifiers.IdSha384.Id; + public static readonly string DigestSha512 = NistObjectIdentifiers.IdSha512.Id; + public static readonly string DigestMD5 = PkcsObjectIdentifiers.MD5.Id; + public static readonly string DigestGost3411 = CryptoProObjectIdentifiers.GostR3411.Id; + public static readonly string DigestRipeMD128 = TeleTrusTObjectIdentifiers.RipeMD128.Id; + public static readonly string DigestRipeMD160 = TeleTrusTObjectIdentifiers.RipeMD160.Id; + public static readonly string DigestRipeMD256 = TeleTrusTObjectIdentifiers.RipeMD256.Id; + + public static readonly string EncryptionRsa = PkcsObjectIdentifiers.RsaEncryption.Id; + public static readonly string EncryptionDsa = X9ObjectIdentifiers.IdDsaWithSha1.Id; + public static readonly string EncryptionECDsa = X9ObjectIdentifiers.ECDsaWithSha1.Id; + public static readonly string EncryptionRsaPss = PkcsObjectIdentifiers.IdRsassaPss.Id; + public static readonly string EncryptionGost3410 = CryptoProObjectIdentifiers.GostR3410x94.Id; + public static readonly string EncryptionECGost3410 = CryptoProObjectIdentifiers.GostR3410x2001.Id; + + private static readonly IDictionary encryptionAlgs = new Hashtable(); + private static readonly IDictionary digestAlgs = new Hashtable(); + private static readonly IDictionary digestAliases = new Hashtable(); + + private static readonly ISet noParams = new HashSet(); + private static readonly IDictionary ecAlgorithms = new Hashtable(); + + private static void AddEntries(DerObjectIdentifier oid, string digest, string encryption) + { + string alias = oid.Id; + digestAlgs.Add(alias, digest); + encryptionAlgs.Add(alias, encryption); + } + + static TspTestUtil() + { + rand = new SecureRandom(); + + kpg = GeneratorUtilities.GetKeyPairGenerator("RSA"); + kpg.Init(new RsaKeyGenerationParameters( + BigInteger.ValueOf(0x10001), rand, 1024, 25)); + + desede128kg = GeneratorUtilities.GetKeyGenerator("DESEDE"); + desede128kg.Init(new KeyGenerationParameters(rand, 112)); + + desede192kg = GeneratorUtilities.GetKeyGenerator("DESEDE"); + desede192kg.Init(new KeyGenerationParameters(rand, 168)); + + rc240kg = GeneratorUtilities.GetKeyGenerator("RC2"); + rc240kg.Init(new KeyGenerationParameters(rand, 40)); + + rc264kg = GeneratorUtilities.GetKeyGenerator("RC2"); + rc264kg.Init(new KeyGenerationParameters(rand, 64)); + + rc2128kg = GeneratorUtilities.GetKeyGenerator("RC2"); + rc2128kg.Init(new KeyGenerationParameters(rand, 128)); + + serialNumber = BigInteger.One; + + AddEntries(NistObjectIdentifiers.DsaWithSha224, "SHA224", "DSA"); + AddEntries(NistObjectIdentifiers.DsaWithSha256, "SHA256", "DSA"); + AddEntries(NistObjectIdentifiers.DsaWithSha384, "SHA384", "DSA"); + AddEntries(NistObjectIdentifiers.DsaWithSha512, "SHA512", "DSA"); + AddEntries(OiwObjectIdentifiers.DsaWithSha1, "SHA1", "DSA"); + AddEntries(OiwObjectIdentifiers.MD4WithRsa, "MD4", "RSA"); + AddEntries(OiwObjectIdentifiers.MD4WithRsaEncryption, "MD4", "RSA"); + AddEntries(OiwObjectIdentifiers.MD5WithRsa, "MD5", "RSA"); + AddEntries(OiwObjectIdentifiers.Sha1WithRsa, "SHA1", "RSA"); + AddEntries(PkcsObjectIdentifiers.MD2WithRsaEncryption, "MD2", "RSA"); + AddEntries(PkcsObjectIdentifiers.MD4WithRsaEncryption, "MD4", "RSA"); + AddEntries(PkcsObjectIdentifiers.MD5WithRsaEncryption, "MD5", "RSA"); + AddEntries(PkcsObjectIdentifiers.Sha1WithRsaEncryption, "SHA1", "RSA"); + AddEntries(PkcsObjectIdentifiers.Sha224WithRsaEncryption, "SHA224", "RSA"); + AddEntries(PkcsObjectIdentifiers.Sha256WithRsaEncryption, "SHA256", "RSA"); + AddEntries(PkcsObjectIdentifiers.Sha384WithRsaEncryption, "SHA384", "RSA"); + AddEntries(PkcsObjectIdentifiers.Sha512WithRsaEncryption, "SHA512", "RSA"); + AddEntries(X9ObjectIdentifiers.ECDsaWithSha1, "SHA1", "ECDSA"); + AddEntries(X9ObjectIdentifiers.ECDsaWithSha224, "SHA224", "ECDSA"); + AddEntries(X9ObjectIdentifiers.ECDsaWithSha256, "SHA256", "ECDSA"); + AddEntries(X9ObjectIdentifiers.ECDsaWithSha384, "SHA384", "ECDSA"); + AddEntries(X9ObjectIdentifiers.ECDsaWithSha512, "SHA512", "ECDSA"); + AddEntries(X9ObjectIdentifiers.IdDsaWithSha1, "SHA1", "DSA"); + AddEntries(EacObjectIdentifiers.id_TA_ECDSA_SHA_1, "SHA1", "ECDSA"); + AddEntries(EacObjectIdentifiers.id_TA_ECDSA_SHA_224, "SHA224", "ECDSA"); + AddEntries(EacObjectIdentifiers.id_TA_ECDSA_SHA_256, "SHA256", "ECDSA"); + AddEntries(EacObjectIdentifiers.id_TA_ECDSA_SHA_384, "SHA384", "ECDSA"); + AddEntries(EacObjectIdentifiers.id_TA_ECDSA_SHA_512, "SHA512", "ECDSA"); + AddEntries(EacObjectIdentifiers.id_TA_RSA_v1_5_SHA_1, "SHA1", "RSA"); + AddEntries(EacObjectIdentifiers.id_TA_RSA_v1_5_SHA_256, "SHA256", "RSA"); + AddEntries(EacObjectIdentifiers.id_TA_RSA_PSS_SHA_1, "SHA1", "RSAandMGF1"); + AddEntries(EacObjectIdentifiers.id_TA_RSA_PSS_SHA_256, "SHA256", "RSAandMGF1"); + + encryptionAlgs.Add(X9ObjectIdentifiers.IdDsa.Id, "DSA"); + encryptionAlgs.Add(PkcsObjectIdentifiers.RsaEncryption.Id, "RSA"); + encryptionAlgs.Add(TeleTrusTObjectIdentifiers.TeleTrusTRsaSignatureAlgorithm.Id, "RSA"); + encryptionAlgs.Add(X509ObjectIdentifiers.IdEARsa.Id, "RSA"); + encryptionAlgs.Add(EncryptionRsaPss, "RSAandMGF1"); + encryptionAlgs.Add(CryptoProObjectIdentifiers.GostR3410x94.Id, "GOST3410"); + encryptionAlgs.Add(CryptoProObjectIdentifiers.GostR3410x2001.Id, "ECGOST3410"); + encryptionAlgs.Add("1.3.6.1.4.1.5849.1.6.2", "ECGOST3410"); + encryptionAlgs.Add("1.3.6.1.4.1.5849.1.1.5", "GOST3410"); + + digestAlgs.Add(PkcsObjectIdentifiers.MD2.Id, "MD2"); + digestAlgs.Add(PkcsObjectIdentifiers.MD4.Id, "MD4"); + digestAlgs.Add(PkcsObjectIdentifiers.MD5.Id, "MD5"); + digestAlgs.Add(OiwObjectIdentifiers.IdSha1.Id, "SHA1"); + digestAlgs.Add(NistObjectIdentifiers.IdSha224.Id, "SHA224"); + digestAlgs.Add(NistObjectIdentifiers.IdSha256.Id, "SHA256"); + digestAlgs.Add(NistObjectIdentifiers.IdSha384.Id, "SHA384"); + digestAlgs.Add(NistObjectIdentifiers.IdSha512.Id, "SHA512"); + digestAlgs.Add(TeleTrusTObjectIdentifiers.RipeMD128.Id, "RIPEMD128"); + digestAlgs.Add(TeleTrusTObjectIdentifiers.RipeMD160.Id, "RIPEMD160"); + digestAlgs.Add(TeleTrusTObjectIdentifiers.RipeMD256.Id, "RIPEMD256"); + digestAlgs.Add(CryptoProObjectIdentifiers.GostR3411.Id, "GOST3411"); + digestAlgs.Add("1.3.6.1.4.1.5849.1.2.1", "GOST3411"); + + digestAliases.Add("SHA1", new string[] { "SHA-1" }); + digestAliases.Add("SHA224", new string[] { "SHA-224" }); + digestAliases.Add("SHA256", new string[] { "SHA-256" }); + digestAliases.Add("SHA384", new string[] { "SHA-384" }); + digestAliases.Add("SHA512", new string[] { "SHA-512" }); + + noParams.Add(EncryptionDsa); + //noParams.Add(EncryptionECDsa); + noParams.Add(EncryptionECDsaWithSha1); + noParams.Add(EncryptionECDsaWithSha224); + noParams.Add(EncryptionECDsaWithSha256); + noParams.Add(EncryptionECDsaWithSha384); + noParams.Add(EncryptionECDsaWithSha512); + + ecAlgorithms.Add(DigestSha1, EncryptionECDsaWithSha1); + ecAlgorithms.Add(DigestSha224, EncryptionECDsaWithSha224); + ecAlgorithms.Add(DigestSha256, EncryptionECDsaWithSha256); + ecAlgorithms.Add(DigestSha384, EncryptionECDsaWithSha384); + ecAlgorithms.Add(DigestSha512, EncryptionECDsaWithSha512); + } + + public static string DumpBase64( + byte[] data) + { + StringBuilder buf = new StringBuilder(); + + data = Base64.Encode(data); + + for (int i = 0; i < data.Length; i += 64) + { + if (i + 64 < data.Length) + { + buf.Append(Encoding.ASCII.GetString(data, i, 64)); + } + else + { + buf.Append(Encoding.ASCII.GetString(data, i, data.Length - i)); + } + buf.Append('\n'); + } + + return buf.ToString(); + } + + public static string GetDigestAlgName(string digestAlgOid) + { + string algName = (string)digestAlgs[digestAlgOid]; + + if (algName != null) + { + return algName; + } + + return digestAlgOid; + } + + public static string GetEncryptionAlgName(string encryptionAlgOid) + { + string algName = (string)encryptionAlgs[encryptionAlgOid]; + + if (algName != null) + { + return algName; + } + + return encryptionAlgOid; + } + + internal static string GetEncOid( + AsymmetricKeyParameter key, + string digestOID) + { + string encOID = null; + + if (key is RsaKeyParameters) + { + if (!((RsaKeyParameters)key).IsPrivate) + throw new ArgumentException("Expected RSA private key"); + + encOID = EncryptionRsa; + } + else if (key is DsaPrivateKeyParameters) + { + if (digestOID.Equals(DigestSha1)) + { + encOID = EncryptionDsa; + } + else if (digestOID.Equals(DigestSha224)) + { + encOID = NistObjectIdentifiers.DsaWithSha224.Id; + } + else if (digestOID.Equals(DigestSha256)) + { + encOID = NistObjectIdentifiers.DsaWithSha256.Id; + } + else if (digestOID.Equals(DigestSha384)) + { + encOID = NistObjectIdentifiers.DsaWithSha384.Id; + } + else if (digestOID.Equals(DigestSha512)) + { + encOID = NistObjectIdentifiers.DsaWithSha512.Id; + } + else + { + throw new ArgumentException("can't mix DSA with anything but SHA1/SHA2"); + } + } + else if (key is ECPrivateKeyParameters) + { + ECPrivateKeyParameters ecPrivKey = (ECPrivateKeyParameters)key; + string algName = ecPrivKey.AlgorithmName; + + if (algName == "ECGOST3410") + { + encOID = EncryptionECGost3410; + } + else + { + // TODO Should we insist on algName being one of "EC" or "ECDSA", as Java does? + encOID = (string)ecAlgorithms[digestOID]; + + if (encOID == null) + throw new ArgumentException("can't mix ECDSA with anything but SHA family digests"); + } + } + else if (key is Gost3410PrivateKeyParameters) + { + encOID = EncryptionGost3410; + } + else + { + throw new ArgumentException("Unknown algorithm in CmsSignedGenerator.GetEncOid"); + } + + return encOID; + } + + public static AsymmetricCipherKeyPair MakeKeyPair() + { + return kpg.GenerateKeyPair(); + } + + public static KeyParameter MakeDesede128Key() + { + return new DesEdeParameters(desede128kg.GenerateKey()); + } + + public static KeyParameter MakeDesede192Key() + { + return new DesEdeParameters(desede192kg.GenerateKey()); + } + + public static KeyParameter MakeRC240Key() + { + return new RC2Parameters(rc240kg.GenerateKey()); + } + + public static KeyParameter MakeRC264Key() + { + return new RC2Parameters(rc264kg.GenerateKey()); + } + + public static KeyParameter MakeRC2128Key() + { + return new RC2Parameters(rc2128kg.GenerateKey()); + } + + public static X509Certificate MakeCertificate(AsymmetricCipherKeyPair _subKP, + string _subDN, AsymmetricCipherKeyPair _issKP, string _issDN) + { + return MakeCertificate(_subKP, _subDN, _issKP, _issDN, false); + } + + public static X509Certificate MakeCACertificate(AsymmetricCipherKeyPair _subKP, + string _subDN, AsymmetricCipherKeyPair _issKP, string _issDN) + { + return MakeCertificate(_subKP, _subDN, _issKP, _issDN, true); + } + + public static X509Certificate MakeCertificate(AsymmetricCipherKeyPair _subKP, + string _subDN, AsymmetricCipherKeyPair _issKP, string _issDN, bool _ca) + { + AsymmetricKeyParameter _subPub = _subKP.Public; + AsymmetricKeyParameter _issPriv = _issKP.Private; + AsymmetricKeyParameter _issPub = _issKP.Public; + + X509V3CertificateGenerator _v3CertGen = new X509V3CertificateGenerator(); + + _v3CertGen.Reset(); + _v3CertGen.SetSerialNumber(allocateSerialNumber()); + _v3CertGen.SetIssuerDN(new X509Name(_issDN)); + _v3CertGen.SetNotBefore(DateTime.UtcNow); + _v3CertGen.SetNotAfter(DateTime.UtcNow.AddDays(100)); + _v3CertGen.SetSubjectDN(new X509Name(_subDN)); + _v3CertGen.SetPublicKey(_subPub); + _v3CertGen.SetSignatureAlgorithm("MD5WithRSAEncryption"); + + _v3CertGen.AddExtension(X509Extensions.SubjectKeyIdentifier, false, + createSubjectKeyId(_subPub)); + + _v3CertGen.AddExtension(X509Extensions.AuthorityKeyIdentifier, false, + createAuthorityKeyId(_issPub)); + + if (_ca) + { + _v3CertGen.AddExtension(X509Extensions.BasicConstraints, false, + new BasicConstraints(_ca)); + } + else + { + _v3CertGen.AddExtension(X509Extensions.ExtendedKeyUsage, true, + ExtendedKeyUsage.GetInstance(new DerSequence(KeyPurposeID.IdKPTimeStamping))); + } + + X509Certificate _cert = _v3CertGen.Generate(_issPriv); + + _cert.CheckValidity(DateTime.UtcNow); + _cert.Verify(_issPub); + + return _cert; + } + + /* + * + * INTERNAL METHODS + * + */ + private static AuthorityKeyIdentifier createAuthorityKeyId( + AsymmetricKeyParameter _pubKey) + { + return new AuthorityKeyIdentifier( + SubjectPublicKeyInfoFactory.CreateSubjectPublicKeyInfo(_pubKey)); + } + +// private static AuthorityKeyIdentifier createAuthorityKeyId( +// AsymmetricKeyParameter _pubKey, X509Name _name, int _sNumber) +// { +// SubjectPublicKeyInfo _info = SubjectPublicKeyInfoFactory.CreateSubjectPublicKeyInfo(_pubKey); +// +// GeneralName _genName = new GeneralName(_name); +// +// return new AuthorityKeyIdentifier(_info, GeneralNames.GetInstance( +// new DerSequence(_genName)), BigInteger.ValueOf(_sNumber)); +// } + + private static SubjectKeyIdentifier createSubjectKeyId( + AsymmetricKeyParameter _pubKey) + { + return new SubjectKeyIdentifier( + SubjectPublicKeyInfoFactory.CreateSubjectPublicKeyInfo(_pubKey)); + } + + private static BigInteger allocateSerialNumber() + { + BigInteger _tmp = serialNumber; + serialNumber = serialNumber.Add(BigInteger.One); + return _tmp; + } + } +} \ No newline at end of file diff --git a/BouncyCastle/crypto/test/src/tsp/test/TimeStampTokenInfoTest.cs b/BouncyCastle/crypto/test/src/tsp/test/TimeStampTokenInfoTest.cs new file mode 100644 index 0000000..ea7f2c4 --- /dev/null +++ b/BouncyCastle/crypto/test/src/tsp/test/TimeStampTokenInfoTest.cs @@ -0,0 +1,145 @@ +using System; + +using NUnit.Framework; + +using Org.BouncyCastle.Asn1; +using Org.BouncyCastle.Asn1.Tsp; +using Org.BouncyCastle.Math; +using Org.BouncyCastle.Utilities; +using Org.BouncyCastle.Utilities.Date; +using Org.BouncyCastle.Utilities.Encoders; + +namespace Org.BouncyCastle.Tsp.Tests +{ + [TestFixture] + public class TimeStampTokenInfoUnitTest + { + private static readonly byte[] tstInfo1 = Hex.Decode( + "303e02010106022a033021300906052b0e03021a050004140000000000000000000000000000000000000000" + + "020118180f32303035313130313038313732315a"); + + private static readonly byte[] tstInfo2 = Hex.Decode( + "304c02010106022a033021300906052b0e03021a05000414ffffffffffffffffffffffffffffffffffffffff" + + "020117180f32303035313130313038323934355a3009020103800101810102020164"); + + private static readonly byte[] tstInfo3 = Hex.Decode( + "304f02010106022a033021300906052b0e03021a050004140000000000000000000000000000000000000000" + + "020117180f32303035313130313038343733355a30090201038001018101020101ff020164"); + + private static readonly byte[] tstInfoDudDate = Hex.Decode( + "303e02010106022a033021300906052b0e03021a050004140000000000000000000000000000000000000000" + + "020118180f32303030563130313038313732315a"); + + [Test] + public void TestTstInfo1() + { + TimeStampTokenInfo tstInfo = getTimeStampTokenInfo(tstInfo1); + + // + // verify + // + GenTimeAccuracy accuracy = tstInfo.GenTimeAccuracy; + + Assert.IsNull(accuracy); + + Assert.AreEqual(new BigInteger("24"), tstInfo.SerialNumber); + + Assert.AreEqual(1130833041000L, DateTimeUtilities.DateTimeToUnixMs(tstInfo.GenTime)); + + Assert.AreEqual("1.2.3", tstInfo.Policy); + + Assert.AreEqual(false, tstInfo.IsOrdered); + + Assert.IsNull(tstInfo.Nonce); + + Assert.AreEqual(TspAlgorithms.Sha1, tstInfo.MessageImprintAlgOid); + + Assert.IsTrue(Arrays.AreEqual(new byte[20], tstInfo.GetMessageImprintDigest())); + + Assert.IsTrue(Arrays.AreEqual(tstInfo1, tstInfo.GetEncoded())); + } + + [Test] + public void TestTstInfo2() + { + TimeStampTokenInfo tstInfo = getTimeStampTokenInfo(tstInfo2); + + // + // verify + // + GenTimeAccuracy accuracy = tstInfo.GenTimeAccuracy; + + Assert.AreEqual(3, accuracy.Seconds); + Assert.AreEqual(1, accuracy.Millis); + Assert.AreEqual(2, accuracy.Micros); + + Assert.AreEqual(new BigInteger("23"), tstInfo.SerialNumber); + + Assert.AreEqual(1130833785000L, DateTimeUtilities.DateTimeToUnixMs(tstInfo.GenTime)); + + Assert.AreEqual("1.2.3", tstInfo.Policy); + + Assert.AreEqual(false, tstInfo.IsOrdered); + + Assert.AreEqual(tstInfo.Nonce, BigInteger.ValueOf(100)); + + Assert.IsTrue(Arrays.AreEqual(Hex.Decode("ffffffffffffffffffffffffffffffffffffffff"), tstInfo.GetMessageImprintDigest())); + + Assert.IsTrue(Arrays.AreEqual(tstInfo2, tstInfo.GetEncoded())); + } + + [Test] + public void TestTstInfo3() + { + TimeStampTokenInfo tstInfo = getTimeStampTokenInfo(tstInfo3); + + // + // verify + // + GenTimeAccuracy accuracy = tstInfo.GenTimeAccuracy; + + Assert.AreEqual(3, accuracy.Seconds); + Assert.AreEqual(1, accuracy.Millis); + Assert.AreEqual(2, accuracy.Micros); + + Assert.AreEqual(new BigInteger("23"), tstInfo.SerialNumber); + + Assert.AreEqual(1130834855000L, DateTimeUtilities.DateTimeToUnixMs(tstInfo.GenTime)); + + Assert.AreEqual("1.2.3", tstInfo.Policy); + + Assert.AreEqual(true, tstInfo.IsOrdered); + + Assert.AreEqual(tstInfo.Nonce, BigInteger.ValueOf(100)); + + Assert.AreEqual(TspAlgorithms.Sha1, tstInfo.MessageImprintAlgOid); + + Assert.IsTrue(Arrays.AreEqual(new byte[20], tstInfo.GetMessageImprintDigest())); + + Assert.IsTrue(Arrays.AreEqual(tstInfo3, tstInfo.GetEncoded())); + } + + [Test] + public void TestTstInfoDudDate() + { + try + { + getTimeStampTokenInfo(tstInfoDudDate); + + Assert.Fail("dud date not detected."); + } + catch (TspException) + { + // expected + } + } + + private TimeStampTokenInfo getTimeStampTokenInfo( + byte[] tstInfo) + { + return new TimeStampTokenInfo( + TstInfo.GetInstance( + Asn1Object.FromByteArray(tstInfo))); + } + } +} diff --git a/BouncyCastle/crypto/test/src/util/io/pem/test/AllTests.cs b/BouncyCastle/crypto/test/src/util/io/pem/test/AllTests.cs new file mode 100644 index 0000000..2eea722 --- /dev/null +++ b/BouncyCastle/crypto/test/src/util/io/pem/test/AllTests.cs @@ -0,0 +1,94 @@ +using System; +using System.Collections; +using System.Collections.Specialized; +using System.IO; +using System.Text; + +#if !LIB +using NUnit.Core; +#endif +using NUnit.Framework; + +using Org.BouncyCastle.Crypto; +using Org.BouncyCastle.Crypto.Generators; +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Security; +using Org.BouncyCastle.Utilities.Collections; +using Org.BouncyCastle.Utilities.Test; + +namespace Org.BouncyCastle.Utilities.IO.Pem.Tests +{ + [TestFixture] + public class AllTests + { +#if !LIB + public static void Main(string[] args) + { + Suite.Run(new NullListener(), NUnit.Core.TestFilter.Empty); + } + + [Suite] + public static TestSuite Suite + { + get + { + TestSuite suite = new TestSuite("PEM Utilities Tests"); + suite.Add(new AllTests()); + return suite; + } + } +#endif + + [Test] + public void TestPemLength() + { + for (int i = 1; i != 60; i++) + { + lengthTest("CERTIFICATE", new ArrayList(), new byte[i]); + } + + lengthTest("CERTIFICATE", new ArrayList(), new byte[100]); + lengthTest("CERTIFICATE", new ArrayList(), new byte[101]); + lengthTest("CERTIFICATE", new ArrayList(), new byte[102]); + lengthTest("CERTIFICATE", new ArrayList(), new byte[103]); + + lengthTest("CERTIFICATE", new ArrayList(), new byte[1000]); + lengthTest("CERTIFICATE", new ArrayList(), new byte[1001]); + lengthTest("CERTIFICATE", new ArrayList(), new byte[1002]); + lengthTest("CERTIFICATE", new ArrayList(), new byte[1003]); + + IList headers = new ArrayList(); + headers.Add(new PemHeader("Proc-Type", "4,ENCRYPTED")); + headers.Add(new PemHeader("DEK-Info", "DES3,0001020304050607")); + lengthTest("RSA PRIVATE KEY", headers, new byte[103]); + } + + [Test] + public void TestMalformed() + { + try + { + PemReader rd = new PemReader(new StringReader("-----BEGIN \n")); + rd.ReadPemObject(); + Assert.Fail("must fail on malformed"); + } catch (IOException ioex) + { + Assert.AreEqual("ran out of data before consuming type", ioex.Message); + } + + + } + + private void lengthTest(string type, IList headers, byte[] data) + { + StringWriter sw = new StringWriter(); + PemWriter pWrt = new PemWriter(sw); + + PemObject pemObj = new PemObject(type, headers, data); + pWrt.WriteObject(pemObj); + pWrt.Writer.Close(); + + Assert.AreEqual(sw.ToString().Length, pWrt.GetOutputSize(pemObj)); + } + } +} diff --git a/BouncyCastle/crypto/test/src/util/net/test/IPAddressTest.cs b/BouncyCastle/crypto/test/src/util/net/test/IPAddressTest.cs new file mode 100644 index 0000000..ec40c52 --- /dev/null +++ b/BouncyCastle/crypto/test/src/util/net/test/IPAddressTest.cs @@ -0,0 +1,61 @@ +using System; + +using NUnit.Framework; + +namespace Org.BouncyCastle.Utilities.Net.Tests +{ + [TestFixture] + public class IPTest + { + private static readonly string[] validIP4v = new string[] + { "0.0.0.0", "255.255.255.255", "192.168.0.0" }; + + private static readonly string[] invalidIP4v = new string[] + { "0.0.0.0.1", "256.255.255.255", "1", "A.B.C", "1:.4.6.5" }; + + private static readonly string[] validIP6v = new string[] + { "0:0:0:0:0:0:0:0", "FFFF:FFFF:FFFF:FFFF:FFFF:FFFF:FFFF:FFFF", + "0:1:2:3:FFFF:5:FFFF:1" }; + + private static readonly string[] invalidIP6v = new string[] + { "0.0.0.0:1", "FFFF:FFFF:FFFF:FFFF:FFFF:FFFF:FFFF:FFFFF" }; + + private void doTestIP( + string[] valid, + string[] invalid) + { + for (int i = 0; i < valid.Length; i++) + { + if (!IPAddress.IsValid(valid[i])) + { + Assert.Fail("Valid input string not accepted: " + valid[i] + "."); + } + } + + for (int i = 0; i < invalid.Length; i++) + { + if (IPAddress.IsValid(invalid[i])) + { + Assert.Fail("Invalid input string accepted: " + invalid[i] + "."); + } + } + } + + public string Name + { + get { return "IPTest"; } + } + + [Test] + public void TestIPv4() + { + doTestIP(validIP4v, invalidIP4v); + } + + [Test] + public void TestIPv6() + { + doTestIP(validIP6v, invalidIP6v); + } + } +} diff --git a/BouncyCastle/crypto/test/src/util/test/FixedSecureRandom.cs b/BouncyCastle/crypto/test/src/util/test/FixedSecureRandom.cs new file mode 100644 index 0000000..682b3ee --- /dev/null +++ b/BouncyCastle/crypto/test/src/util/test/FixedSecureRandom.cs @@ -0,0 +1,303 @@ +using System; +using System.IO; + +using Org.BouncyCastle.Security; +using Org.BouncyCastle.Utilities.Encoders; + +using M = Org.BouncyCastle.Math; + +namespace Org.BouncyCastle.Utilities.Test +{ + public class FixedSecureRandom + : SecureRandom + { + private static readonly M.BigInteger REGULAR = new M.BigInteger("01020304ffffffff0506070811111111", 16); + private static readonly M.BigInteger ANDROID = new M.BigInteger("1111111105060708ffffffff01020304", 16); + private static readonly M.BigInteger CLASSPATH = new M.BigInteger("3020104ffffffff05060708111111", 16); + + private static readonly bool isAndroidStyle; + private static readonly bool isClasspathStyle; + private static readonly bool isRegularStyle; + + static FixedSecureRandom() + { + M.BigInteger check1 = new M.BigInteger(128, new RandomChecker()); + M.BigInteger check2 = new M.BigInteger(120, new RandomChecker()); + + isAndroidStyle = check1.Equals(ANDROID); + isRegularStyle = check1.Equals(REGULAR); + isClasspathStyle = check2.Equals(CLASSPATH); + } + + private byte[] _data; + private int _index; + + /** + * Base class for sources of fixed "Randomness" + */ + public class Source + { + internal byte[] data; + + internal Source(byte[] data) + { + this.data = data; + } + } + + /** + * Data Source - in this case we just expect requests for byte arrays. + */ + public class Data + : Source + { + public Data(byte[] data) + : base(data) + { + } + } + + /** + * BigInteger Source - in this case we expect requests for data that will be used + * for BigIntegers. The FixedSecureRandom will attempt to compensate for platform differences here. + */ + public class BigInteger + : Source + { + public BigInteger(byte[] data) + : base(data) + { + } + + public BigInteger(int bitLength, byte[] data) + : base(ExpandToBitLength(bitLength, data)) + { + } + + public BigInteger(string hexData) + : this(Hex.Decode(hexData)) + { + } + + public BigInteger(int bitLength, string hexData) + : base(ExpandToBitLength(bitLength, Hex.Decode(hexData))) + { + } + } + + protected FixedSecureRandom( + byte[] data) + { + _data = data; + } + + public static FixedSecureRandom From( + params byte[][] values) + { + MemoryStream bOut = new MemoryStream(); + + for (int i = 0; i != values.Length; i++) + { + try + { + byte[] v = values[i]; + bOut.Write(v, 0, v.Length); + } + catch (IOException) + { + throw new ArgumentException("can't save value array."); + } + } + + return new FixedSecureRandom(bOut.ToArray()); + } + + public FixedSecureRandom( + Source[] sources) + { + MemoryStream bOut = new MemoryStream(); + + if (isRegularStyle) + { + if (isClasspathStyle) + { + for (int i = 0; i != sources.Length; i++) + { + try + { + if (sources[i] is BigInteger) + { + byte[] data = sources[i].data; + int len = data.Length - (data.Length % 4); + for (int w = data.Length - len - 1; w >= 0; w--) + { + bOut.WriteByte(data[w]); + } + for (int w = data.Length - len; w < data.Length; w += 4) + { + bOut.Write(data, w, 4); + } + } + else + { + bOut.Write(sources[i].data, 0, sources[i].data.Length); + } + } + catch (IOException) + { + throw new ArgumentException("can't save value source."); + } + } + } + else + { + for (int i = 0; i != sources.Length; i++) + { + try + { + bOut.Write(sources[i].data, 0, sources[i].data.Length); + } + catch (IOException) + { + throw new ArgumentException("can't save value source."); + } + } + } + } + else if (isAndroidStyle) + { + for (int i = 0; i != sources.Length; i++) + { + try + { + if (sources[i] is BigInteger) + { + byte[] data = sources[i].data; + int len = data.Length - (data.Length % 4); + for (int w = 0; w < len; w += 4) + { + bOut.Write(data, data.Length - (w + 4), 4); + } + if (data.Length - len != 0) + { + for (int w = 0; w != 4 - (data.Length - len); w++) + { + bOut.WriteByte(0); + } + } + for (int w = 0; w != data.Length - len; w++) + { + bOut.WriteByte(data[len + w]); + } + } + else + { + bOut.Write(sources[i].data, 0, sources[i].data.Length); + } + } + catch (IOException) + { + throw new ArgumentException("can't save value source."); + } + } + } + else + { + throw new InvalidOperationException("Unrecognized BigInteger implementation"); + } + + _data = bOut.ToArray(); + } + + public override byte[] GenerateSeed(int numBytes) + { + return SecureRandom.GetNextBytes(this, numBytes); + } + + public override void NextBytes( + byte[] buf) + { + Array.Copy(_data, _index, buf, 0, buf.Length); + + _index += buf.Length; + } + + public override void NextBytes( + byte[] buf, + int off, + int len) + { + Array.Copy(_data, _index, buf, off, len); + + _index += len; + } + + public bool IsExhausted + { + get { return _index == _data.Length; } + } + + private class RandomChecker + : SecureRandom + { + byte[] data = Hex.Decode("01020304ffffffff0506070811111111"); + int index = 0; + + public override void NextBytes(byte[] bytes) + { + Array.Copy(data, index, bytes, 0, bytes.Length); + + index += bytes.Length; + } + } + + private static byte[] ExpandToBitLength(int bitLength, byte[] v) + { + if ((bitLength + 7) / 8 > v.Length) + { + byte[] tmp = new byte[(bitLength + 7) / 8]; + + Array.Copy(v, 0, tmp, tmp.Length - v.Length, v.Length); + if (isAndroidStyle) + { + if (bitLength % 8 != 0) + { + uint i = BE_To_UInt32(tmp, 0); + UInt32_To_BE(i << (8 - (bitLength % 8)), tmp, 0); + } + } + + return tmp; + } + else + { + if (isAndroidStyle && bitLength < (v.Length * 8)) + { + if (bitLength % 8 != 0) + { + uint i = BE_To_UInt32(v, 0); + UInt32_To_BE(i << (8 - (bitLength % 8)), v, 0); + } + } + } + + return v; + } + + internal static uint BE_To_UInt32(byte[] bs, int off) + { + return (uint)bs[off] << 24 + | (uint)bs[off + 1] << 16 + | (uint)bs[off + 2] << 8 + | (uint)bs[off + 3]; + } + + internal static void UInt32_To_BE(uint n, byte[] bs, int off) + { + bs[off] = (byte)(n >> 24); + bs[off + 1] = (byte)(n >> 16); + bs[off + 2] = (byte)(n >> 8); + bs[off + 3] = (byte)(n); + } + } +} diff --git a/BouncyCastle/crypto/test/src/util/test/ITest.cs b/BouncyCastle/crypto/test/src/util/test/ITest.cs new file mode 100644 index 0000000..30ad827 --- /dev/null +++ b/BouncyCastle/crypto/test/src/util/test/ITest.cs @@ -0,0 +1,17 @@ +using System; + +using NUnit.Framework; + +/* + Basic test interface + */ +namespace Org.BouncyCastle.Utilities.Test +{ + public interface ITest + { + string Name { get; } + + [Test] + ITestResult Perform(); + } +} diff --git a/BouncyCastle/crypto/test/src/util/test/ITestResult.cs b/BouncyCastle/crypto/test/src/util/test/ITestResult.cs new file mode 100644 index 0000000..25f0442 --- /dev/null +++ b/BouncyCastle/crypto/test/src/util/test/ITestResult.cs @@ -0,0 +1,13 @@ +using System; + +namespace Org.BouncyCastle.Utilities.Test +{ + public interface ITestResult + { + bool IsSuccessful(); + + Exception GetException(); + + string ToString(); + } +} diff --git a/BouncyCastle/crypto/test/src/util/test/NumberParsing.cs b/BouncyCastle/crypto/test/src/util/test/NumberParsing.cs new file mode 100644 index 0000000..f9624ef --- /dev/null +++ b/BouncyCastle/crypto/test/src/util/test/NumberParsing.cs @@ -0,0 +1,40 @@ +using System; +using System.Globalization; + +namespace Org.BouncyCastle.Utilities.Test +{ + /** + * Parsing + */ + public sealed class NumberParsing + { + private NumberParsing() + { + // Hide constructor + } + + public static long DecodeLongFromHex( + string longAsString) + { + if ((longAsString[1] == 'x') + || (longAsString[1] == 'X')) + { + longAsString = longAsString.Substring(2); + } + + return long.Parse(longAsString, NumberStyles.HexNumber); + } + + public static int DecodeIntFromHex( + string intAsString) + { + if ((intAsString[1] == 'x') + || (intAsString[1] == 'X')) + { + intAsString = intAsString.Substring(2); + } + + return int.Parse(intAsString, NumberStyles.HexNumber); + } + } +} diff --git a/BouncyCastle/crypto/test/src/util/test/SimpleTest.cs b/BouncyCastle/crypto/test/src/util/test/SimpleTest.cs new file mode 100644 index 0000000..a40ff29 --- /dev/null +++ b/BouncyCastle/crypto/test/src/util/test/SimpleTest.cs @@ -0,0 +1,236 @@ +using System; +using System.Collections; +using System.IO; +using System.Reflection; +using System.Text; + +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Utilities.Test +{ + public abstract class SimpleTest + : ITest + { + public abstract string Name + { + get; + } + + private ITestResult Success() + { + return SimpleTestResult.Successful(this, "Okay"); + } + + internal void Fail( + string message) + { + throw new TestFailedException(SimpleTestResult.Failed(this, message)); + } + + internal void Fail( + string message, + Exception throwable) + { + throw new TestFailedException(SimpleTestResult.Failed(this, message, throwable)); + } + + internal void Fail( + string message, + object expected, + object found) + { + throw new TestFailedException(SimpleTestResult.Failed(this, message, expected, found)); + } + + internal void IsTrue(bool value) + { + if (!value) + throw new TestFailedException(SimpleTestResult.Failed(this, "no message")); + } + + internal void IsTrue(string message, bool value) + { + if (!value) + throw new TestFailedException(SimpleTestResult.Failed(this, message)); + } + + internal void IsEquals(object a, object b) + { + if (!a.Equals(b)) + throw new TestFailedException(SimpleTestResult.Failed(this, "no message")); + } + + internal void IsEquals(int a, int b) + { + if (a != b) + throw new TestFailedException(SimpleTestResult.Failed(this, "no message")); + } + + internal void IsEquals(string message, bool a, bool b) + { + if (a != b) + throw new TestFailedException(SimpleTestResult.Failed(this, message)); + } + + internal void IsEquals(string message, long a, long b) + { + if (a != b) + throw new TestFailedException(SimpleTestResult.Failed(this, message)); + } + + internal void IsEquals(string message, object a, object b) + { + if (a == null && b == null) + return; + + if (a == null) + throw new TestFailedException(SimpleTestResult.Failed(this, message)); + if (b == null) + throw new TestFailedException(SimpleTestResult.Failed(this, message)); + if (!a.Equals(b)) + throw new TestFailedException(SimpleTestResult.Failed(this, message)); + } + + internal bool AreEqual(byte[] a, byte[] b) + { + return Arrays.AreEqual(a, b); + } + + internal bool AreEqual(byte[] a, int aFromIndex, int aToIndex, byte[] b, int bFromIndex, int bToIndex) + { + return Arrays.AreEqual(a, aFromIndex, aToIndex, b, bFromIndex, bToIndex); + } + + public virtual ITestResult Perform() + { + try + { + PerformTest(); + + return Success(); + } + catch (TestFailedException e) + { + return e.GetResult(); + } + catch (Exception e) + { + return SimpleTestResult.Failed(this, "Exception: " + e, e); + } + } + + internal static void RunTest( + ITest test) + { + RunTest(test, Console.Out); + } + + internal static void RunTest( + ITest test, + TextWriter outStream) + { + ITestResult result = test.Perform(); + + outStream.WriteLine(result.ToString()); + if (result.GetException() != null) + { + outStream.WriteLine(result.GetException().StackTrace); + } + } + + internal static Stream GetTestDataAsStream( + string name) + { + string fullName = GetFullName(name); + + return Assembly.GetExecutingAssembly().GetManifestResourceStream(fullName); + } + + internal static string[] GetTestDataEntries( + string prefix) + { + string fullPrefix = GetFullName(prefix); + + ArrayList result = new ArrayList(); + string[] fullNames = Assembly.GetExecutingAssembly().GetManifestResourceNames(); + foreach (string fullName in fullNames) + { + if (fullName.StartsWith(fullPrefix)) + { + string name = GetShortName(fullName); + result.Add(name); + } + } + return (string[])result.ToArray(typeof(String)); + } + + private static string GetFullName( + string name) + { +#if SEPARATE_UNIT_TESTS + return "UnitTests.data." + name; +#elif PORTABLE + return "crypto.tests." + name; +#else + return "crypto.test.data." + name; +#endif + } + + private static string GetShortName( + string fullName) + { +#if SEPARATE_UNIT_TESTS + return fullName.Substring("UnitTests.data.".Length); +#elif PORTABLE + return fullName.Substring("crypto.tests.".Length); +#else + return fullName.Substring("crypto.test.data.".Length); +#endif + } + +#if NETCF_1_0 || NETCF_2_0 + private static string GetNewLine() + { + MemoryStream buf = new MemoryStream(); + StreamWriter w = new StreamWriter(buf, Encoding.ASCII); + w.WriteLine(); + w.Close(); + byte[] bs = buf.ToArray(); + return Encoding.ASCII.GetString(bs, 0, bs.Length); + } + + internal static string GetEnvironmentVariable( + string variable) + { + return null; + } +#else + private static string GetNewLine() + { + return Environment.NewLine; + } +#endif + + internal static readonly string NewLine = GetNewLine(); + + public abstract void PerformTest(); + + public static DateTime MakeUtcDateTime(int year, int month, int day, int hour, int minute, int second) + { +#if PORTABLE + return new DateTime(year, month, day, hour, minute, second, DateTimeKind.Utc); +#else + return new DateTime(year, month, day, hour, minute, second); +#endif + } + + public static DateTime MakeUtcDateTime(int year, int month, int day, int hour, int minute, int second, int millisecond) + { +#if PORTABLE + return new DateTime(year, month, day, hour, minute, second, millisecond, DateTimeKind.Utc); +#else + return new DateTime(year, month, day, hour, minute, second, millisecond); +#endif + } + } +} diff --git a/BouncyCastle/crypto/test/src/util/test/SimpleTestResult.cs b/BouncyCastle/crypto/test/src/util/test/SimpleTestResult.cs new file mode 100644 index 0000000..294f575 --- /dev/null +++ b/BouncyCastle/crypto/test/src/util/test/SimpleTestResult.cs @@ -0,0 +1,91 @@ +using System; +using System.Text; + +namespace Org.BouncyCastle.Utilities.Test +{ + public class SimpleTestResult : ITestResult + { + private static readonly string Separator = SimpleTest.NewLine; + + private bool success; + private string message; + private Exception exception; + + public SimpleTestResult( + bool success, + string message) + { + this.success = success; + this.message = message; + } + + public SimpleTestResult( + bool success, + string message, + Exception exception) + { + this.success = success; + this.message = message; + this.exception = exception; + } + + public static ITestResult Successful( + ITest test, + string message) + { + return new SimpleTestResult(true, test.Name + ": " + message); + } + + public static ITestResult Failed( + ITest test, + string message) + { + return new SimpleTestResult(false, test.Name + ": " + message); + } + + public static ITestResult Failed( + ITest test, + string message, + Exception t) + { + return new SimpleTestResult(false, test.Name + ": " + message, t); + } + + public static ITestResult Failed( + ITest test, + string message, + object expected, + object found) + { + return Failed(test, message + Separator + "Expected: " + expected + Separator + "Found : " + found); + } + + public static string FailedMessage( + string algorithm, + string testName, + string expected, + string actual) + { + StringBuilder sb = new StringBuilder(algorithm); + sb.Append(" failing ").Append(testName); + sb.Append(Separator).Append(" expected: ").Append(expected); + sb.Append(Separator).Append(" got : ").Append(actual); + return sb.ToString(); + } + + public bool IsSuccessful() + { + return success; + } + + public override string ToString() + { + return message; + } + + public Exception GetException() + { + return exception; + } + } +} diff --git a/BouncyCastle/crypto/test/src/util/test/TestFailedException.cs b/BouncyCastle/crypto/test/src/util/test/TestFailedException.cs new file mode 100644 index 0000000..54dc840 --- /dev/null +++ b/BouncyCastle/crypto/test/src/util/test/TestFailedException.cs @@ -0,0 +1,24 @@ +using System; + +namespace Org.BouncyCastle.Utilities.Test +{ +#if !(NETCF_1_0 || NETCF_2_0 || SILVERLIGHT || PORTABLE) + [Serializable] +#endif + public class TestFailedException + : Exception + { + private ITestResult _result; + + public TestFailedException( + ITestResult result) + { + _result = result; + } + + public ITestResult GetResult() + { + return _result; + } + } +} diff --git a/BouncyCastle/crypto/test/src/util/test/TestRandomBigInteger.cs b/BouncyCastle/crypto/test/src/util/test/TestRandomBigInteger.cs new file mode 100644 index 0000000..ef38293 --- /dev/null +++ b/BouncyCastle/crypto/test/src/util/test/TestRandomBigInteger.cs @@ -0,0 +1,55 @@ +using System; + +using M = Org.BouncyCastle.Math; + +namespace Org.BouncyCastle.Utilities.Test +{ + /** + * A fixed secure random designed to return data for someone needing to create a single BigInteger. + */ + public class TestRandomBigInteger + : FixedSecureRandom + { + /** + * Constructor from a base 10 represention of a BigInteger. + * + * @param encoding a base 10 represention of a BigInteger. + */ + public TestRandomBigInteger(string encoding) + : this(encoding, 10) + { + } + + /** + * Constructor from a base radix represention of a BigInteger. + * + * @param encoding a String BigInteger of base radix. + * @param radix the radix to use. + */ + public TestRandomBigInteger(string encoding, int radix) + : base(new FixedSecureRandom.Source[] { new FixedSecureRandom.BigInteger(BigIntegers.AsUnsignedByteArray(new M.BigInteger(encoding, radix))) }) + { + } + + /** + * Constructor based on a byte array. + * + * @param encoding a 2's complement representation of the BigInteger. + */ + public TestRandomBigInteger(byte[] encoding) + : base(new FixedSecureRandom.Source[] { new FixedSecureRandom.BigInteger(encoding) }) + { + } + + /** + * Constructor which ensures encoding will produce a BigInteger from a request from the passed in bitLength. + * + * @param bitLength bit length for the BigInteger data request. + * @param encoding bytes making up the encoding. + */ + public TestRandomBigInteger(int bitLength, byte[] encoding) + : base(new FixedSecureRandom.Source[] { new FixedSecureRandom.BigInteger(bitLength, encoding) }) + { + } + } +} diff --git a/BouncyCastle/crypto/test/src/util/test/TestRandomData.cs b/BouncyCastle/crypto/test/src/util/test/TestRandomData.cs new file mode 100644 index 0000000..7fe0cf3 --- /dev/null +++ b/BouncyCastle/crypto/test/src/util/test/TestRandomData.cs @@ -0,0 +1,33 @@ +using System; + +using Org.BouncyCastle.Utilities.Encoders; + +namespace Org.BouncyCastle.Utilities.Test +{ + /** + * A fixed secure random designed to return data for someone needing random bytes. + */ + public class TestRandomData + : FixedSecureRandom + { + /** + * Constructor from a Hex encoding of the data. + * + * @param encoding a Hex encoding of the data to be returned. + */ + public TestRandomData(string encoding) + : this(Hex.Decode(encoding)) + { + } + + /** + * Constructor from an array of bytes. + * + * @param encoding a byte array representing the data to be returned. + */ + public TestRandomData(byte[] encoding) + : base(new FixedSecureRandom.Source[] { new FixedSecureRandom.Data(encoding)}) + { + } + } +} diff --git a/BouncyCastle/crypto/test/src/util/test/UncloseableStream.cs b/BouncyCastle/crypto/test/src/util/test/UncloseableStream.cs new file mode 100644 index 0000000..0a7a16e --- /dev/null +++ b/BouncyCastle/crypto/test/src/util/test/UncloseableStream.cs @@ -0,0 +1,39 @@ +using System; +using System.IO; + +using Org.BouncyCastle.Utilities.IO; + +namespace Org.BouncyCastle.Utilities.Test +{ + /// + /// This is a testing utility class to check the property that a Stream is never + /// closed in some particular context - typically when wrapped by another Stream that + /// should not be forwarding its Stream.Close() calls. Not needed in production code. + /// + public class UncloseableStream + : FilterStream + { + public UncloseableStream( + Stream s) + : base(s) + { + } + +#if PORTABLE + protected override void Dispose(bool disposing) + { + if (disposing) + { + throw new Exception("UncloseableStream was disposed"); + } + + base.Dispose(disposing); + } +#else + public override void Close() + { + throw new Exception("Close() called on UncloseableStream"); + } +#endif + } +} diff --git a/BouncyCastle/crypto/test/src/util/utiltest/IntegersTest.cs b/BouncyCastle/crypto/test/src/util/utiltest/IntegersTest.cs new file mode 100644 index 0000000..a661144 --- /dev/null +++ b/BouncyCastle/crypto/test/src/util/utiltest/IntegersTest.cs @@ -0,0 +1,36 @@ +using System; + +using NUnit.Framework; + +namespace Org.BouncyCastle.Utilities.UtilTests +{ + [TestFixture] + public class IntegersTest + { + [Test] + public void TestNumberOfLeadingZeros() + { + for (int i = 0; i < 31; ++i) + { + Assert.AreEqual(i, Integers.NumberOfLeadingZeros((int)(0x80000000U >> i))); + Assert.AreEqual(i, Integers.NumberOfLeadingZeros((int)(0xFFFFFFFFU >> i))); + } + + Assert.AreEqual(31, Integers.NumberOfLeadingZeros(1)); + Assert.AreEqual(32, Integers.NumberOfLeadingZeros(0)); + } + + [Test] + public void TestNumberOfTrailingZeros() + { + for (int i = 0; i < 31; ++i) + { + Assert.AreEqual(i, Integers.NumberOfTrailingZeros(1 << i)); + Assert.AreEqual(i, Integers.NumberOfTrailingZeros(-1 << i)); + } + + Assert.AreEqual(31, Integers.NumberOfTrailingZeros(int.MinValue)); + Assert.AreEqual(32, Integers.NumberOfTrailingZeros(0)); + } + } +} diff --git a/BouncyCastle/crypto/test/src/util/utiltest/LongsTest.cs b/BouncyCastle/crypto/test/src/util/utiltest/LongsTest.cs new file mode 100644 index 0000000..b2ddb66 --- /dev/null +++ b/BouncyCastle/crypto/test/src/util/utiltest/LongsTest.cs @@ -0,0 +1,36 @@ +using System; + +using NUnit.Framework; + +namespace Org.BouncyCastle.Utilities.UtilTests +{ + [TestFixture] + public class LongsTest + { + [Test] + public void TestNumberOfLeadingZeros() + { + for (int i = 0; i < 63; ++i) + { + Assert.AreEqual(i, Longs.NumberOfLeadingZeros((long)(0x8000000000000000UL >> i))); + Assert.AreEqual(i, Longs.NumberOfLeadingZeros((long)(0xFFFFFFFFFFFFFFFFUL >> i))); + } + + Assert.AreEqual(63, Longs.NumberOfLeadingZeros(1L)); + Assert.AreEqual(64, Longs.NumberOfLeadingZeros(0L)); + } + + [Test] + public void TestNumberOfTrailingZeros() + { + for (int i = 0; i < 63; ++i) + { + Assert.AreEqual(i, Longs.NumberOfTrailingZeros(1L << i)); + Assert.AreEqual(i, Longs.NumberOfTrailingZeros(-1L << i)); + } + + Assert.AreEqual(63, Longs.NumberOfTrailingZeros(long.MinValue)); + Assert.AreEqual(64, Longs.NumberOfTrailingZeros(0L)); + } + } +} diff --git a/BouncyCastle/crypto/test/src/x509/test/TestCertificateGen.cs b/BouncyCastle/crypto/test/src/x509/test/TestCertificateGen.cs new file mode 100644 index 0000000..24dbdf0 --- /dev/null +++ b/BouncyCastle/crypto/test/src/x509/test/TestCertificateGen.cs @@ -0,0 +1,736 @@ +using System; +using System.Collections; +using System.Text; + +using NUnit.Framework; + +using Org.BouncyCastle.Asn1.X509; +using Org.BouncyCastle.Asn1.X9; +using Org.BouncyCastle.Crypto.Digests; +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Crypto.Signers; +using Org.BouncyCastle.Math; +using Org.BouncyCastle.Math.EC; +using Org.BouncyCastle.Utilities.Collections; +using Org.BouncyCastle.Utilities.Encoders; +using Org.BouncyCastle.Utilities.Test; + +namespace Org.BouncyCastle.X509.Tests +{ + [TestFixture] + public class TestCertificateGen: SimpleTest + { + public override string Name + { + get + { + return "X.509 Cert Gen"; + } + } + + public TestCertificateGen() + { + } + + [Test] + public void TestRsaDigestSigner() + { + BigInteger rsaPubMod = new BigInteger(Base64.Decode("AIASoe2PQb1IP7bTyC9usjHP7FvnUMVpKW49iuFtrw/dMpYlsMMoIU2jupfifDpdFxIktSB4P+6Ymg5WjvHKTIrvQ7SR4zV4jaPTu56Ys0pZ9EDA6gb3HLjtU+8Bb1mfWM+yjKxcPDuFjwEtjGlPHg1Vq+CA9HNcMSKNn2+tW6qt")); + BigInteger rsaPubExp = new BigInteger(Base64.Decode("EQ==")); + BigInteger rsaPrivMod = new BigInteger(Base64.Decode("AIASoe2PQb1IP7bTyC9usjHP7FvnUMVpKW49iuFtrw/dMpYlsMMoIU2jupfifDpdFxIktSB4P+6Ymg5WjvHKTIrvQ7SR4zV4jaPTu56Ys0pZ9EDA6gb3HLjtU+8Bb1mfWM+yjKxcPDuFjwEtjGlPHg1Vq+CA9HNcMSKNn2+tW6qt")); + BigInteger rsaPrivDP = new BigInteger(Base64.Decode("JXzfzG5v+HtLJIZqYMUefJfFLu8DPuJGaLD6lI3cZ0babWZ/oPGoJa5iHpX4Ul/7l3s1PFsuy1GhzCdOdlfRcQ==")); + BigInteger rsaPrivDQ = new BigInteger(Base64.Decode("YNdJhw3cn0gBoVmMIFRZzflPDNthBiWy/dUMSRfJCxoZjSnr1gysZHK01HteV1YYNGcwPdr3j4FbOfri5c6DUQ==")); + BigInteger rsaPrivExp = new BigInteger(Base64.Decode("DxFAOhDajr00rBjqX+7nyZ/9sHWRCCp9WEN5wCsFiWVRPtdB+NeLcou7mWXwf1Y+8xNgmmh//fPV45G2dsyBeZbXeJwB7bzx9NMEAfedchyOwjR8PYdjK3NpTLKtZlEJ6Jkh4QihrXpZMO4fKZWUm9bid3+lmiq43FwW+Hof8/E=")); + BigInteger rsaPrivP = new BigInteger(Base64.Decode("AJ9StyTVW+AL/1s7RBtFwZGFBgd3zctBqzzwKPda6LbtIFDznmwDCqAlIQH9X14X7UPLokCDhuAa76OnDXb1OiE=")); + BigInteger rsaPrivQ = new BigInteger(Base64.Decode("AM3JfD79dNJ5A3beScSzPtWxx/tSLi0QHFtkuhtSizeXdkv5FSba7lVzwEOGKHmW829bRoNxThDy4ds1IihW1w0=")); + BigInteger rsaPrivQinv = new BigInteger(Base64.Decode("Lt0g7wrsNsQxuDdB8q/rH8fSFeBXMGLtCIqfOec1j7FEIuYA/ACiRDgXkHa0WgN7nLXSjHoy630wC5Toq8vvUg==")); + RsaKeyParameters rsaPublic = new RsaKeyParameters(false, rsaPubMod, rsaPubExp); + RsaPrivateCrtKeyParameters rsaPrivate = new RsaPrivateCrtKeyParameters(rsaPrivMod, rsaPubExp, rsaPrivExp, rsaPrivP, rsaPrivQ, rsaPrivDP, rsaPrivDQ, rsaPrivQinv); + + byte[] msg = new byte[] { 1, 6, 3, 32, 7, 43, 2, 5, 7, 78, 4, 23 }; + + RsaDigestSigner signer = new RsaDigestSigner(new Sha1Digest()); + signer.Init(true, rsaPrivate); + signer.BlockUpdate(msg, 0, msg.Length); + byte[] sig = signer.GenerateSignature(); + + signer.Init(false,rsaPublic); + signer.BlockUpdate(msg, 0, msg.Length); + Assert.IsTrue(signer.VerifySignature(sig), "RSA IDigest Signer failed."); + } + + [Test] + public void TestCreationRSA() + { + BigInteger rsaPubMod = new BigInteger(Base64.Decode("AIASoe2PQb1IP7bTyC9usjHP7FvnUMVpKW49iuFtrw/dMpYlsMMoIU2jupfifDpdFxIktSB4P+6Ymg5WjvHKTIrvQ7SR4zV4jaPTu56Ys0pZ9EDA6gb3HLjtU+8Bb1mfWM+yjKxcPDuFjwEtjGlPHg1Vq+CA9HNcMSKNn2+tW6qt")); + BigInteger rsaPubExp = new BigInteger(Base64.Decode("EQ==")); + BigInteger rsaPrivMod = new BigInteger(Base64.Decode("AIASoe2PQb1IP7bTyC9usjHP7FvnUMVpKW49iuFtrw/dMpYlsMMoIU2jupfifDpdFxIktSB4P+6Ymg5WjvHKTIrvQ7SR4zV4jaPTu56Ys0pZ9EDA6gb3HLjtU+8Bb1mfWM+yjKxcPDuFjwEtjGlPHg1Vq+CA9HNcMSKNn2+tW6qt")); + BigInteger rsaPrivDP = new BigInteger(Base64.Decode("JXzfzG5v+HtLJIZqYMUefJfFLu8DPuJGaLD6lI3cZ0babWZ/oPGoJa5iHpX4Ul/7l3s1PFsuy1GhzCdOdlfRcQ==")); + BigInteger rsaPrivDQ = new BigInteger(Base64.Decode("YNdJhw3cn0gBoVmMIFRZzflPDNthBiWy/dUMSRfJCxoZjSnr1gysZHK01HteV1YYNGcwPdr3j4FbOfri5c6DUQ==")); + BigInteger rsaPrivExp = new BigInteger(Base64.Decode("DxFAOhDajr00rBjqX+7nyZ/9sHWRCCp9WEN5wCsFiWVRPtdB+NeLcou7mWXwf1Y+8xNgmmh//fPV45G2dsyBeZbXeJwB7bzx9NMEAfedchyOwjR8PYdjK3NpTLKtZlEJ6Jkh4QihrXpZMO4fKZWUm9bid3+lmiq43FwW+Hof8/E=")); + BigInteger rsaPrivP = new BigInteger(Base64.Decode("AJ9StyTVW+AL/1s7RBtFwZGFBgd3zctBqzzwKPda6LbtIFDznmwDCqAlIQH9X14X7UPLokCDhuAa76OnDXb1OiE=")); + BigInteger rsaPrivQ = new BigInteger(Base64.Decode("AM3JfD79dNJ5A3beScSzPtWxx/tSLi0QHFtkuhtSizeXdkv5FSba7lVzwEOGKHmW829bRoNxThDy4ds1IihW1w0=")); + BigInteger rsaPrivQinv = new BigInteger(Base64.Decode("Lt0g7wrsNsQxuDdB8q/rH8fSFeBXMGLtCIqfOec1j7FEIuYA/ACiRDgXkHa0WgN7nLXSjHoy630wC5Toq8vvUg==")); + RsaKeyParameters rsaPublic = new RsaKeyParameters(false, rsaPubMod, rsaPubExp); + RsaPrivateCrtKeyParameters rsaPrivate = new RsaPrivateCrtKeyParameters(rsaPrivMod, rsaPubExp, rsaPrivExp, rsaPrivP, rsaPrivQ, rsaPrivDP, rsaPrivDQ, rsaPrivQinv); + + IDictionary attrs = new Hashtable(); + attrs[X509Name.C] = "AU"; + attrs[X509Name.O] = "The Legion of the Bouncy Castle"; + attrs[X509Name.L] = "Melbourne"; + attrs[X509Name.ST] = "Victoria"; + attrs[X509Name.E] = "feedback-crypto@bouncycastle.org"; + + IList ord = new ArrayList(); + ord.Add(X509Name.C); + ord.Add(X509Name.O); + ord.Add(X509Name.L); + ord.Add(X509Name.ST); + ord.Add(X509Name.E); + + IList values = new ArrayList(); + values.Add("AU"); + values.Add("The Legion of the Bouncy Castle"); + values.Add("Melbourne"); + values.Add("Victoria"); + values.Add("feedback-crypto@bouncycastle.org"); + + X509V3CertificateGenerator certGen = new X509V3CertificateGenerator(); + + certGen.SetSerialNumber(BigInteger.One); + + certGen.SetIssuerDN(new X509Name(ord, attrs)); + certGen.SetNotBefore(DateTime.UtcNow.AddDays(-1)); + certGen.SetNotAfter(DateTime.UtcNow.AddDays(1)); + certGen.SetSubjectDN(new X509Name(ord, attrs)); + certGen.SetPublicKey(rsaPublic); + certGen.SetSignatureAlgorithm("MD5WithRSAEncryption"); + + X509Certificate cert = certGen.Generate(rsaPrivate); + +// Assert.IsTrue((cert.IsValidNow && cert.Verify(rsaPublic)),"Certificate failed to be valid (RSA)"); + cert.CheckValidity(); + cert.Verify(rsaPublic); + + //Console.WriteLine(ASN1Dump.DumpAsString(cert.ToAsn1Object())); + + //ISet dummySet = cert.GetNonCriticalExtensionOids(); + + //if (dummySet != null) + //{ + // foreach (string key in dummySet) + // { + // Console.WriteLine("\t{0}:\t{1}", key); + // } + //} + + //Console.WriteLine(); + + //dummySet = cert.GetNonCriticalExtensionOids(); + //if (dummySet != null) + //{ + // foreach (string key in dummySet) + // { + // Console.WriteLine("\t{0}:\t{1}", key); + // } + //} + + //Console.WriteLine(); + } + + [Test] + public void TestCreationDSA() + { + BigInteger DSAParaG = new BigInteger(Base64.Decode("AL0fxOTq10OHFbCf8YldyGembqEu08EDVzxyLL29Zn/t4It661YNol1rnhPIs+cirw+yf9zeCe+KL1IbZ/qIMZM=")); + BigInteger DSAParaP = new BigInteger(Base64.Decode("AM2b/UeQA+ovv3dL05wlDHEKJ+qhnJBsRT5OB9WuyRC830G79y0R8wuq8jyIYWCYcTn1TeqVPWqiTv6oAoiEeOs=")); + BigInteger DSAParaQ = new BigInteger(Base64.Decode("AIlJT7mcKL6SUBMmvm24zX1EvjNx")); + BigInteger DSAPublicY = new BigInteger(Base64.Decode("TtWy2GuT9yGBWOHi1/EpCDa/bWJCk2+yAdr56rAcqP0eHGkMnA9s9GJD2nGU8sFjNHm55swpn6JQb8q0agrCfw==")); + BigInteger DsaPrivateX = new BigInteger(Base64.Decode("MMpBAxNlv7eYfxLTZ2BItJeD31A=")); + + DsaParameters para = new DsaParameters(DSAParaP, DSAParaQ, DSAParaG); + DsaPrivateKeyParameters dsaPriv = new DsaPrivateKeyParameters(DsaPrivateX, para); + DsaPublicKeyParameters dsaPub = new DsaPublicKeyParameters(DSAPublicY, para); + + IDictionary attrs = new Hashtable(); + attrs[X509Name.C] = "AU"; + attrs[X509Name.O] = "The Legion of the Bouncy Castle"; + attrs[X509Name.L] = "Melbourne"; + attrs[X509Name.ST] = "Victoria"; + attrs[X509Name.E] = "feedback-crypto@bouncycastle.org"; + + IList ord = new ArrayList(); + ord.Add(X509Name.C); + ord.Add(X509Name.O); + ord.Add(X509Name.L); + ord.Add(X509Name.ST); + ord.Add(X509Name.E); + + IList values = new ArrayList(); + values.Add("AU"); + values.Add("The Legion of the Bouncy Castle"); + values.Add("Melbourne"); + values.Add("Victoria"); + values.Add("feedback-crypto@bouncycastle.org"); + + X509V3CertificateGenerator certGen = new X509V3CertificateGenerator(); + + certGen.SetSerialNumber(BigInteger.One); + + certGen.SetIssuerDN(new X509Name(ord, attrs)); + certGen.SetNotBefore(DateTime.UtcNow.AddDays(-1)); + certGen.SetNotAfter(DateTime.UtcNow.AddDays(1)); + certGen.SetSubjectDN(new X509Name(ord, attrs)); + certGen.SetPublicKey(dsaPub); + certGen.SetSignatureAlgorithm("SHA1WITHDSA"); + + X509Certificate cert = certGen.Generate(dsaPriv); + +// Assert.IsTrue((cert.IsValidNow && cert.Verify(dsaPub)), "Certificate failed to be valid (DSA Test)"); + cert.CheckValidity(); + cert.Verify(dsaPub); + + //ISet dummySet = cert.GetNonCriticalExtensionOids(); + + //if (dummySet != null) + //{ + // foreach (string key in dummySet) + // { + // Console.WriteLine("\t{0}:\t{1}", key); + // } + //} + + //Console.WriteLine(); + + //dummySet = cert.GetNonCriticalExtensionOids(); + //if (dummySet != null) + //{ + // foreach (string key in dummySet) + // { + // Console.WriteLine("\t{0}:\t{1}", key); + // } + //} + + //Console.WriteLine(); + } + + [Test] + public void TestCreationECDSA() + { + BigInteger ECParraGX = new BigInteger(Base64.Decode("D/qWPNyogWzMM7hkK+35BcPTWFc9Pyf7vTs8uaqv")); + BigInteger ECParraGY = new BigInteger(Base64.Decode("AhQXGxb1olGRv6s1LPRfuatMF+cx3ZTGgzSE/Q5R")); + BigInteger ECParraH = new BigInteger(Base64.Decode("AQ==")); + BigInteger ECParraN = new BigInteger(Base64.Decode("f///////////////f///nl6an12QcfvRUiaIkJ0L")); + BigInteger ECPubQX = new BigInteger(Base64.Decode("HWWi17Yb+Bm3PYr/DMjLOYNFhyOwX1QY7ZvqqM+l")); + BigInteger ECPubQY = new BigInteger(Base64.Decode("JrlJfxu3WGhqwtL/55BOs/wsUeiDFsvXcGhB8DGx")); + BigInteger ECPrivD = new BigInteger(Base64.Decode("GYQmd/NF1B+He1iMkWt3by2Az6Eu07t0ynJ4YCAo")); + + X9ECParameters x9 = ECNamedCurveTable.GetByName("prime239v1"); + ECCurve curve = x9.Curve; + ECDomainParameters ecDomain = new ECDomainParameters(curve, curve.ValidatePoint(ECParraGX, ECParraGY), ECParraN, ECParraH); + + ECPublicKeyParameters ecPub = new ECPublicKeyParameters("ECDSA", + curve.ValidatePoint(ECPubQX, ECPubQY), ecDomain); + ECPrivateKeyParameters ecPriv = new ECPrivateKeyParameters("ECDSA", ECPrivD, ecDomain); + + IDictionary attrs = new Hashtable(); + attrs[X509Name.C] = "AU"; + attrs[X509Name.O] = "The Legion of the Bouncy Castle"; + attrs[X509Name.L] = "Melbourne"; + attrs[X509Name.ST] = "Victoria"; + attrs[X509Name.E] = "feedback-crypto@bouncycastle.org"; + + IList ord = new ArrayList(); + ord.Add(X509Name.C); + ord.Add(X509Name.O); + ord.Add(X509Name.L); + ord.Add(X509Name.ST); + ord.Add(X509Name.E); + + IList values = new ArrayList(); + values.Add("AU"); + values.Add("The Legion of the Bouncy Castle"); + values.Add("Melbourne"); + values.Add("Victoria"); + values.Add("feedback-crypto@bouncycastle.org"); + + X509V3CertificateGenerator certGen = new X509V3CertificateGenerator(); + + certGen.SetSerialNumber(BigInteger.One); + + certGen.SetIssuerDN(new X509Name(ord, attrs)); + certGen.SetNotBefore(DateTime.Today.Subtract(new TimeSpan(1, 0, 0, 0))); + certGen.SetNotAfter(DateTime.Today.AddDays(1)); + certGen.SetSubjectDN(new X509Name(ord, attrs)); + certGen.SetPublicKey(ecPub); + certGen.SetSignatureAlgorithm("SHA1WITHECDSA"); + + certGen.AddExtension(X509Extensions.BasicConstraints, true, new BasicConstraints(false)); + + X509Certificate cert = certGen.Generate(ecPriv); + +// Assert.IsTrue((cert.IsValidNow && cert.Verify(ecPub)), "Certificate failed to be valid (ECDSA)"); + cert.CheckValidity(); + cert.Verify(ecPub); + + ISet extOidSet = cert.GetCriticalExtensionOids(); + + if (extOidSet.Count != 1) + { + Fail("wrong number of oids"); + } + //if (dummySet != null) + //{ + // foreach (string key in dummySet) + // { + // Console.WriteLine("\t{0}:\t{1}", key); + // } + //} + + //Console.WriteLine(); + + //dummySet = cert.GetNonCriticalExtensionOids(); + + //if (dummySet != null) + //{ + // foreach (string key in dummySet) + // { + // Console.WriteLine("\t{0}:\t{1}", key); + // } + //} + + //Console.WriteLine(); + } + + [Test] + public void TestCertLoading() + { + byte[] cert1 = Base64.Decode( + "MIIDXjCCAsegAwIBAgIBBzANBgkqhkiG9w0BAQQFADCBtzELMAkGA1UEBhMCQVUx" + + "ETAPBgNVBAgTCFZpY3RvcmlhMRgwFgYDVQQHEw9Tb3V0aCBNZWxib3VybmUxGjAY" + + "BgNVBAoTEUNvbm5lY3QgNCBQdHkgTHRkMR4wHAYDVQQLExVDZXJ0aWZpY2F0ZSBB" + + "dXRob3JpdHkxFTATBgNVBAMTDENvbm5lY3QgNCBDQTEoMCYGCSqGSIb3DQEJARYZ" + + "d2VibWFzdGVyQGNvbm5lY3Q0LmNvbS5hdTAeFw0wMDA2MDIwNzU2MjFaFw0wMTA2" + + "MDIwNzU2MjFaMIG4MQswCQYDVQQGEwJBVTERMA8GA1UECBMIVmljdG9yaWExGDAW" + + "BgNVBAcTD1NvdXRoIE1lbGJvdXJuZTEaMBgGA1UEChMRQ29ubmVjdCA0IFB0eSBM" + + "dGQxFzAVBgNVBAsTDldlYnNlcnZlciBUZWFtMR0wGwYDVQQDExR3d3cyLmNvbm5l" + + "Y3Q0LmNvbS5hdTEoMCYGCSqGSIb3DQEJARYZd2VibWFzdGVyQGNvbm5lY3Q0LmNv" + + "bS5hdTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEArvDxclKAhyv7Q/Wmr2re" + + "Gw4XL9Cnh9e+6VgWy2AWNy/MVeXdlxzd7QAuc1eOWQkGQEiLPy5XQtTY+sBUJ3AO" + + "Rvd2fEVJIcjf29ey7bYua9J/vz5MG2KYo9/WCHIwqD9mmG9g0xLcfwq/s8ZJBswE" + + "7sb85VU+h94PTvsWOsWuKaECAwEAAaN3MHUwJAYDVR0RBB0wG4EZd2VibWFzdGVy" + + "QGNvbm5lY3Q0LmNvbS5hdTA6BglghkgBhvhCAQ0ELRYrbW9kX3NzbCBnZW5lcmF0" + + "ZWQgY3VzdG9tIHNlcnZlciBjZXJ0aWZpY2F0ZTARBglghkgBhvhCAQEEBAMCBkAw" + + "DQYJKoZIhvcNAQEEBQADgYEAotccfKpwSsIxM1Hae8DR7M/Rw8dg/RqOWx45HNVL" + + "iBS4/3N/TO195yeQKbfmzbAA2jbPVvIvGgTxPgO1MP4ZgvgRhasaa0qCJCkWvpM4" + + "yQf33vOiYQbpv4rTwzU8AmRlBG45WdjyNIigGV+oRc61aKCTnLq7zB8N3z1TF/bF" + + "5/8="); + + try + { + Assert.IsNotNull(new X509CertificateParser().ReadCertificate(cert1)); + } + catch (Exception) + { + Assert.Fail("Reading first test certificate."); + } + + + // ca.crt + // + byte[] cert2 = Base64.Decode( + "MIIDbDCCAtWgAwIBAgIBADANBgkqhkiG9w0BAQQFADCBtzELMAkGA1UEBhMCQVUx" + + "ETAPBgNVBAgTCFZpY3RvcmlhMRgwFgYDVQQHEw9Tb3V0aCBNZWxib3VybmUxGjAY" + + "BgNVBAoTEUNvbm5lY3QgNCBQdHkgTHRkMR4wHAYDVQQLExVDZXJ0aWZpY2F0ZSBB" + + "dXRob3JpdHkxFTATBgNVBAMTDENvbm5lY3QgNCBDQTEoMCYGCSqGSIb3DQEJARYZ" + + "d2VibWFzdGVyQGNvbm5lY3Q0LmNvbS5hdTAeFw0wMDA2MDIwNzU1MzNaFw0wMTA2" + + "MDIwNzU1MzNaMIG3MQswCQYDVQQGEwJBVTERMA8GA1UECBMIVmljdG9yaWExGDAW" + + "BgNVBAcTD1NvdXRoIE1lbGJvdXJuZTEaMBgGA1UEChMRQ29ubmVjdCA0IFB0eSBM" + + "dGQxHjAcBgNVBAsTFUNlcnRpZmljYXRlIEF1dGhvcml0eTEVMBMGA1UEAxMMQ29u" + + "bmVjdCA0IENBMSgwJgYJKoZIhvcNAQkBFhl3ZWJtYXN0ZXJAY29ubmVjdDQuY29t" + + "LmF1MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDgs5ptNG6Qv1ZpCDuUNGmv" + + "rhjqMDPd3ri8JzZNRiiFlBA4e6/ReaO1U8ASewDeQMH6i9R6degFdQRLngbuJP0s" + + "xcEE+SksEWNvygfzLwV9J/q+TQDyJYK52utb++lS0b48A1KPLwEsyL6kOAgelbur" + + "ukwxowprKUIV7Knf1ajetQIDAQABo4GFMIGCMCQGA1UdEQQdMBuBGXdlYm1hc3Rl" + + "ckBjb25uZWN0NC5jb20uYXUwDwYDVR0TBAgwBgEB/wIBADA2BglghkgBhvhCAQ0E" + + "KRYnbW9kX3NzbCBnZW5lcmF0ZWQgY3VzdG9tIENBIGNlcnRpZmljYXRlMBEGCWCG" + + "SAGG+EIBAQQEAwICBDANBgkqhkiG9w0BAQQFAAOBgQCsGvfdghH8pPhlwm1r3pQk" + + "msnLAVIBb01EhbXm2861iXZfWqGQjrGAaA0ZpXNk9oo110yxoqEoSJSzniZa7Xtz" + + "soTwNUpE0SLHvWf/SlKdFWlzXA+vOZbzEv4UmjeelekTm7lc01EEa5QRVzOxHFtQ" + + "DhkaJ8VqOMajkQFma2r9iA=="); + + try + { + Assert.IsNotNull(new X509CertificateParser().ReadCertificate(cert2)); + } + catch (Exception) + { + Assert.Fail("Reading second test certificate."); + } + + + // + // testx509.pem + // + byte[] cert3 = Base64.Decode( + "MIIBWzCCAQYCARgwDQYJKoZIhvcNAQEEBQAwODELMAkGA1UEBhMCQVUxDDAKBgNV" + + "BAgTA1FMRDEbMBkGA1UEAxMSU1NMZWF5L3JzYSB0ZXN0IENBMB4XDTk1MDYxOTIz" + + "MzMxMloXDTk1MDcxNzIzMzMxMlowOjELMAkGA1UEBhMCQVUxDDAKBgNVBAgTA1FM" + + "RDEdMBsGA1UEAxMUU1NMZWF5L3JzYSB0ZXN0IGNlcnQwXDANBgkqhkiG9w0BAQEF" + + "AANLADBIAkEAqtt6qS5GTxVxGZYWa0/4u+IwHf7p2LNZbcPBp9/OfIcYAXBQn8hO" + + "/Re1uwLKXdCjIoaGs4DLdG88rkzfyK5dPQIDAQABMAwGCCqGSIb3DQIFBQADQQAE" + + "Wc7EcF8po2/ZO6kNCwK/ICH6DobgLekA5lSLr5EvuioZniZp5lFzAw4+YzPQ7XKJ" + + "zl9HYIMxATFyqSiD9jsx"); + + try + { + Assert.IsNotNull(new X509CertificateParser().ReadCertificate(cert3)); + } + catch (Exception) + { + Assert.Fail("Reading third test certificate. (X509.pem)"); + } + + + // + // v3-cert1.pem + // + byte[] cert4 = Base64.Decode( + "MIICjTCCAfigAwIBAgIEMaYgRzALBgkqhkiG9w0BAQQwRTELMAkGA1UEBhMCVVMx" + + "NjA0BgNVBAoTLU5hdGlvbmFsIEFlcm9uYXV0aWNzIGFuZCBTcGFjZSBBZG1pbmlz" + + "dHJhdGlvbjAmFxE5NjA1MjgxMzQ5MDUrMDgwMBcROTgwNTI4MTM0OTA1KzA4MDAw" + + "ZzELMAkGA1UEBhMCVVMxNjA0BgNVBAoTLU5hdGlvbmFsIEFlcm9uYXV0aWNzIGFu" + + "ZCBTcGFjZSBBZG1pbmlzdHJhdGlvbjEgMAkGA1UEBRMCMTYwEwYDVQQDEwxTdGV2" + + "ZSBTY2hvY2gwWDALBgkqhkiG9w0BAQEDSQAwRgJBALrAwyYdgxmzNP/ts0Uyf6Bp" + + "miJYktU/w4NG67ULaN4B5CnEz7k57s9o3YY3LecETgQ5iQHmkwlYDTL2fTgVfw0C" + + "AQOjgaswgagwZAYDVR0ZAQH/BFowWDBWMFQxCzAJBgNVBAYTAlVTMTYwNAYDVQQK" + + "Ey1OYXRpb25hbCBBZXJvbmF1dGljcyBhbmQgU3BhY2UgQWRtaW5pc3RyYXRpb24x" + + "DTALBgNVBAMTBENSTDEwFwYDVR0BAQH/BA0wC4AJODMyOTcwODEwMBgGA1UdAgQR" + + "MA8ECTgzMjk3MDgyM4ACBSAwDQYDVR0KBAYwBAMCBkAwCwYJKoZIhvcNAQEEA4GB" + + "AH2y1VCEw/A4zaXzSYZJTTUi3uawbbFiS2yxHvgf28+8Js0OHXk1H1w2d6qOHH21" + + "X82tZXd/0JtG0g1T9usFFBDvYK8O0ebgz/P5ELJnBL2+atObEuJy1ZZ0pBDWINR3" + + "WkDNLCGiTkCKp0F5EWIrVDwh54NNevkCQRZita+z4IBO"); + + try + { + Assert.IsNotNull(new X509CertificateParser().ReadCertificate(cert4)); + } + catch (Exception) + { + Assert.Fail("Reading fourth test certificate. (X509 V3 Pem)"); + } + + + // + // v3-cert2.pem + // + byte[] cert5 = Base64.Decode( + "MIICiTCCAfKgAwIBAgIEMeZfHzANBgkqhkiG9w0BAQQFADB9MQswCQYDVQQGEwJD" + + "YTEPMA0GA1UEBxMGTmVwZWFuMR4wHAYDVQQLExVObyBMaWFiaWxpdHkgQWNjZXB0" + + "ZWQxHzAdBgNVBAoTFkZvciBEZW1vIFB1cnBvc2VzIE9ubHkxHDAaBgNVBAMTE0Vu" + + "dHJ1c3QgRGVtbyBXZWIgQ0EwHhcNOTYwNzEyMTQyMDE1WhcNOTYxMDEyMTQyMDE1" + + "WjB0MSQwIgYJKoZIhvcNAQkBExVjb29rZUBpc3NsLmF0bC5ocC5jb20xCzAJBgNV" + + "BAYTAlVTMScwJQYDVQQLEx5IZXdsZXR0IFBhY2thcmQgQ29tcGFueSAoSVNTTCkx" + + "FjAUBgNVBAMTDVBhdWwgQS4gQ29va2UwXDANBgkqhkiG9w0BAQEFAANLADBIAkEA" + + "6ceSq9a9AU6g+zBwaL/yVmW1/9EE8s5you1mgjHnj0wAILuoB3L6rm6jmFRy7QZT" + + "G43IhVZdDua4e+5/n1ZslwIDAQABo2MwYTARBglghkgBhvhCAQEEBAMCB4AwTAYJ" + + "YIZIAYb4QgENBD8WPVRoaXMgY2VydGlmaWNhdGUgaXMgb25seSBpbnRlbmRlZCBm" + + "b3IgZGVtb25zdHJhdGlvbiBwdXJwb3Nlcy4wDQYJKoZIhvcNAQEEBQADgYEAi8qc" + + "F3zfFqy1sV8NhjwLVwOKuSfhR/Z8mbIEUeSTlnH3QbYt3HWZQ+vXI8mvtZoBc2Fz" + + "lexKeIkAZXCesqGbs6z6nCt16P6tmdfbZF3I3AWzLquPcOXjPf4HgstkyvVBn0Ap" + + "jAFN418KF/Cx4qyHB4cjdvLrRjjQLnb2+ibo7QU="); + + try + { + Assert.IsNotNull(new X509CertificateParser().ReadCertificate(cert5)); + } + catch (Exception) + { + Assert.Fail("Reading fifth test certificate. (X509 V3 Pem)"); + } + + + // + // pem encoded pkcs7 + // + byte[] cert6 = Base64.Decode( + "MIAGCSqGSIb3DQEHAqCAMIACAQExCzAJBgUrDgMCGgUAMIAGCSqGSIb3DQEHAQAAoIIJbzCCAj0w" + + "ggGmAhEAzbp/VvDf5LxU/iKss3KqVTANBgkqhkiG9w0BAQIFADBfMQswCQYDVQQGEwJVUzEXMBUG" + + "A1UEChMOVmVyaVNpZ24sIEluYy4xNzA1BgNVBAsTLkNsYXNzIDEgUHVibGljIFByaW1hcnkgQ2Vy" + + "dGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNOTYwMTI5MDAwMDAwWhcNMjgwODAxMjM1OTU5WjBfMQsw" + + "CQYDVQQGEwJVUzEXMBUGA1UEChMOVmVyaVNpZ24sIEluYy4xNzA1BgNVBAsTLkNsYXNzIDEgUHVi" + + "bGljIFByaW1hcnkgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwgZ8wDQYJKoZIhvcNAQEBBQADgY0A" + + "MIGJAoGBAOUZv22jVmEtmUhx9mfeuY3rt56GgAqRDvo4Ja9GiILlc6igmyRdDR/MZW4MsNBWhBiH" + + "mgabEKFz37RYOWtuwfYV1aioP6oSBo0xrH+wNNePNGeICc0UEeJORVZpH3gCgNrcR5EpuzbJY1zF" + + "4Ncth3uhtzKwezC6Ki8xqu6jZ9rbAgMBAAEwDQYJKoZIhvcNAQECBQADgYEATD+4i8Zo3+5DMw5d" + + "6abLB4RNejP/khv0Nq3YlSI2aBFsfELM85wuxAc/FLAPT/+Qknb54rxK6Y/NoIAK98Up8YIiXbix" + + "3YEjo3slFUYweRb46gVLlH8dwhzI47f0EEA8E8NfH1PoSOSGtHuhNbB7Jbq4046rPzidADQAmPPR" + + "cZQwggMuMIICl6ADAgECAhEA0nYujRQMPX2yqCVdr+4NdTANBgkqhkiG9w0BAQIFADBfMQswCQYD" + + "VQQGEwJVUzEXMBUGA1UEChMOVmVyaVNpZ24sIEluYy4xNzA1BgNVBAsTLkNsYXNzIDEgUHVibGlj" + + "IFByaW1hcnkgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNOTgwNTEyMDAwMDAwWhcNMDgwNTEy" + + "MjM1OTU5WjCBzDEXMBUGA1UEChMOVmVyaVNpZ24sIEluYy4xHzAdBgNVBAsTFlZlcmlTaWduIFRy" + + "dXN0IE5ldHdvcmsxRjBEBgNVBAsTPXd3dy52ZXJpc2lnbi5jb20vcmVwb3NpdG9yeS9SUEEgSW5j" + + "b3JwLiBCeSBSZWYuLExJQUIuTFREKGMpOTgxSDBGBgNVBAMTP1ZlcmlTaWduIENsYXNzIDEgQ0Eg" + + "SW5kaXZpZHVhbCBTdWJzY3JpYmVyLVBlcnNvbmEgTm90IFZhbGlkYXRlZDCBnzANBgkqhkiG9w0B" + + "AQEFAAOBjQAwgYkCgYEAu1pEigQWu1X9A3qKLZRPFXg2uA1Ksm+cVL+86HcqnbnwaLuV2TFBcHqB" + + "S7lIE1YtxwjhhEKrwKKSq0RcqkLwgg4C6S/7wju7vsknCl22sDZCM7VuVIhPh0q/Gdr5FegPh7Yc" + + "48zGmo5/aiSS4/zgZbqnsX7vyds3ashKyAkG5JkCAwEAAaN8MHowEQYJYIZIAYb4QgEBBAQDAgEG" + + "MEcGA1UdIARAMD4wPAYLYIZIAYb4RQEHAQEwLTArBggrBgEFBQcCARYfd3d3LnZlcmlzaWduLmNv" + + "bS9yZXBvc2l0b3J5L1JQQTAPBgNVHRMECDAGAQH/AgEAMAsGA1UdDwQEAwIBBjANBgkqhkiG9w0B" + + "AQIFAAOBgQCIuDc73dqUNwCtqp/hgQFxHpJqbS/28Z3TymQ43BuYDAeGW4UVag+5SYWklfEXfWe0" + + "fy0s3ZpCnsM+tI6q5QsG3vJWKvozx74Z11NMw73I4xe1pElCY+zCphcPXVgaSTyQXFWjZSAA/Rgg" + + "5V+CprGoksVYasGNAzzrw80FopCubjCCA/gwggNhoAMCAQICEBbbn/1G1zppD6KsP01bwywwDQYJ" + + "KoZIhvcNAQEEBQAwgcwxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQLExZWZXJpU2ln" + + "biBUcnVzdCBOZXR3b3JrMUYwRAYDVQQLEz13d3cudmVyaXNpZ24uY29tL3JlcG9zaXRvcnkvUlBB" + + "IEluY29ycC4gQnkgUmVmLixMSUFCLkxURChjKTk4MUgwRgYDVQQDEz9WZXJpU2lnbiBDbGFzcyAx" + + "IENBIEluZGl2aWR1YWwgU3Vic2NyaWJlci1QZXJzb25hIE5vdCBWYWxpZGF0ZWQwHhcNMDAxMDAy" + + "MDAwMDAwWhcNMDAxMjAxMjM1OTU5WjCCAQcxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYD" + + "VQQLExZWZXJpU2lnbiBUcnVzdCBOZXR3b3JrMUYwRAYDVQQLEz13d3cudmVyaXNpZ24uY29tL3Jl" + + "cG9zaXRvcnkvUlBBIEluY29ycC4gYnkgUmVmLixMSUFCLkxURChjKTk4MR4wHAYDVQQLExVQZXJz" + + "b25hIE5vdCBWYWxpZGF0ZWQxJzAlBgNVBAsTHkRpZ2l0YWwgSUQgQ2xhc3MgMSAtIE1pY3Jvc29m" + + "dDETMBEGA1UEAxQKRGF2aWQgUnlhbjElMCMGCSqGSIb3DQEJARYWZGF2aWRAbGl2ZW1lZGlhLmNv" + + "bS5hdTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAqxBsdeNmSvFqhMNwhQgNzM8mdjX9eSXb" + + "DawpHtQHjmh0AKJSa3IwUY0VIsyZHuXWktO/CgaMBVPt6OVf/n0R2sQigMP6Y+PhEiS0vCJBL9aK" + + "0+pOo2qXrjVBmq+XuCyPTnc+BOSrU26tJsX0P9BYorwySiEGxGanBNATdVL4NdUCAwEAAaOBnDCB" + + "mTAJBgNVHRMEAjAAMEQGA1UdIAQ9MDswOQYLYIZIAYb4RQEHAQgwKjAoBggrBgEFBQcCARYcaHR0" + + "cHM6Ly93d3cudmVyaXNpZ24uY29tL3JwYTARBglghkgBhvhCAQEEBAMCB4AwMwYDVR0fBCwwKjAo" + + "oCagJIYiaHR0cDovL2NybC52ZXJpc2lnbi5jb20vY2xhc3MxLmNybDANBgkqhkiG9w0BAQQFAAOB" + + "gQBC8yIIdVGpFTf8/YiL14cMzcmL0nIRm4kGR3U59z7UtcXlfNXXJ8MyaeI/BnXwG/gD5OKYqW6R" + + "yca9vZOxf1uoTBl82gInk865ED3Tej6msCqFzZffnSUQvOIeqLxxDlqYRQ6PmW2nAnZeyjcnbI5Y" + + "syQSM2fmo7n6qJFP+GbFezGCAkUwggJBAgEBMIHhMIHMMRcwFQYDVQQKEw5WZXJpU2lnbiwgSW5j" + + "LjEfMB0GA1UECxMWVmVyaVNpZ24gVHJ1c3QgTmV0d29yazFGMEQGA1UECxM9d3d3LnZlcmlzaWdu" + + "LmNvbS9yZXBvc2l0b3J5L1JQQSBJbmNvcnAuIEJ5IFJlZi4sTElBQi5MVEQoYyk5ODFIMEYGA1UE" + + "AxM/VmVyaVNpZ24gQ2xhc3MgMSBDQSBJbmRpdmlkdWFsIFN1YnNjcmliZXItUGVyc29uYSBOb3Qg" + + "VmFsaWRhdGVkAhAW25/9Rtc6aQ+irD9NW8MsMAkGBSsOAwIaBQCggbowGAYJKoZIhvcNAQkDMQsG" + + "CSqGSIb3DQEHATAcBgkqhkiG9w0BCQUxDxcNMDAxMDAyMTczNTE4WjAjBgkqhkiG9w0BCQQxFgQU" + + "gZjSaBEY2oxGvlQUIMnxSXhivK8wWwYJKoZIhvcNAQkPMU4wTDAKBggqhkiG9w0DBzAOBggqhkiG" + + "9w0DAgICAIAwDQYIKoZIhvcNAwICAUAwBwYFKw4DAgcwDQYIKoZIhvcNAwICASgwBwYFKw4DAh0w" + + "DQYJKoZIhvcNAQEBBQAEgYAzk+PU91/ZFfoiuKOECjxEh9fDYE2jfDCheBIgh5gdcCo+sS1WQs8O" + + "HreQ9Nop/JdJv1DQMBK6weNBBDoP0EEkRm1XCC144XhXZC82jBZohYmi2WvDbbC//YN58kRMYMyy" + + "srrfn4Z9I+6kTriGXkrpGk9Q0LSGjmG2BIsqiF0dvwAAAAAAAA=="); + + try + { + Assert.IsNotNull(new X509CertificateParser().ReadCertificate(cert6)); + } + catch (Exception) + { + Assert.Fail("Reading sixth test certificate. (Pkcs7)"); + } + + + // + // dsaWithSHA1 cert + // + byte[] cert7 = Base64.Decode( + "MIIEXAYJKoZIhvcNAQcCoIIETTCCBEkCAQExCzAJBgUrDgMCGgUAMAsGCSqG" + + "SIb3DQEHAaCCAsMwggK/MIIB4AIBADCBpwYFKw4DAhswgZ0CQQEkJRHP+mN7" + + "d8miwTMN55CUSmo3TO8WGCxgY61TX5k+7NU4XPf1TULjw3GobwaJX13kquPh" + + "fVXk+gVy46n4Iw3hAhUBSe/QF4BUj+pJOF9ROBM4u+FEWA8CQQD4mSJbrABj" + + "TUWrlnAte8pS22Tq4/FPO7jHSqjijUHfXKTrHL1OEqV3SVWcFy5j/cqBgX/z" + + "m8Q12PFp/PjOhh+nMA4xDDAKBgNVBAMTA0lEMzAeFw05NzEwMDEwMDAwMDBa" + + "Fw0zODAxMDEwMDAwMDBaMA4xDDAKBgNVBAMTA0lEMzCB8DCBpwYFKw4DAhsw" + + "gZ0CQQEkJRHP+mN7d8miwTMN55CUSmo3TO8WGCxgY61TX5k+7NU4XPf1TULj" + + "w3GobwaJX13kquPhfVXk+gVy46n4Iw3hAhUBSe/QF4BUj+pJOF9ROBM4u+FE" + + "WA8CQQD4mSJbrABjTUWrlnAte8pS22Tq4/FPO7jHSqjijUHfXKTrHL1OEqV3" + + "SVWcFy5j/cqBgX/zm8Q12PFp/PjOhh+nA0QAAkEAkYkXLYMtGVGWj9OnzjPn" + + "sB9sefSRPrVegZJCZbpW+Iv0/1RP1u04pHG9vtRpIQLjzUiWvLMU9EKQTThc" + + "eNMmWDCBpwYFKw4DAhswgZ0CQQEkJRHP+mN7d8miwTMN55CUSmo3TO8WGCxg" + + "Y61TX5k+7NU4XPf1TULjw3GobwaJX13kquPhfVXk+gVy46n4Iw3hAhUBSe/Q" + + "F4BUj+pJOF9ROBM4u+FEWA8CQQD4mSJbrABjTUWrlnAte8pS22Tq4/FPO7jH" + + "SqjijUHfXKTrHL1OEqV3SVWcFy5j/cqBgX/zm8Q12PFp/PjOhh+nAy8AMCwC" + + "FBY3dBSdeprGcqpr6wr3xbG+6WW+AhRMm/facKJNxkT3iKgJbp7R8Xd3QTGC" + + "AWEwggFdAgEBMBMwDjEMMAoGA1UEAxMDSUQzAgEAMAkGBSsOAwIaBQCgXTAY" + + "BgkqhkiG9w0BCQMxCwYJKoZIhvcNAQcBMBwGCSqGSIb3DQEJBTEPFw0wMjA1" + + "MjQyMzEzMDdaMCMGCSqGSIb3DQEJBDEWBBS4WMsoJhf7CVbZYCFcjoTRzPkJ" + + "xjCBpwYFKw4DAhswgZ0CQQEkJRHP+mN7d8miwTMN55CUSmo3TO8WGCxgY61T" + + "X5k+7NU4XPf1TULjw3GobwaJX13kquPhfVXk+gVy46n4Iw3hAhUBSe/QF4BU" + + "j+pJOF9ROBM4u+FEWA8CQQD4mSJbrABjTUWrlnAte8pS22Tq4/FPO7jHSqji" + + "jUHfXKTrHL1OEqV3SVWcFy5j/cqBgX/zm8Q12PFp/PjOhh+nBC8wLQIVALID" + + "dt+MHwawrDrwsO1Z6sXBaaJsAhRaKssrpevmLkbygKPV07XiAKBG02Zvb2Jh" + + "cg=="); + + try + { + Assert.IsNotNull(new X509CertificateParser().ReadCertificate(cert7)); + } + catch (Exception) + { + Assert.Fail("Reading seventh test certificate. (DSAWITHSHA1)"); + } + + + // + // ecdsa cert with extra octet string. + // + byte[] oldEcdsa = Base64.Decode( + "MIICljCCAkCgAwIBAgIBATALBgcqhkjOPQQBBQAwgY8xCzAJBgNVBAYTAkFVMSgwJ" + + "gYDVQQKEx9UaGUgTGVnaW9uIG9mIHRoZSBCb3VuY3kgQ2FzdGxlMRIwEAYDVQQHEw" + + "lNZWxib3VybmUxETAPBgNVBAgTCFZpY3RvcmlhMS8wLQYJKoZIhvcNAQkBFiBmZWV" + + "kYmFjay1jcnlwdG9AYm91bmN5Y2FzdGxlLm9yZzAeFw0wMTEyMDcwMTAwMDRaFw0w" + + "MTEyMDcwMTAxNDRaMIGPMQswCQYDVQQGEwJBVTEoMCYGA1UEChMfVGhlIExlZ2lvb" + + "iBvZiB0aGUgQm91bmN5IENhc3RsZTESMBAGA1UEBxMJTWVsYm91cm5lMREwDwYDVQ" + + "QIEwhWaWN0b3JpYTEvMC0GCSqGSIb3DQEJARYgZmVlZGJhY2stY3J5cHRvQGJvdW5" + + "jeWNhc3RsZS5vcmcwgeQwgb0GByqGSM49AgEwgbECAQEwKQYHKoZIzj0BAQIef///" + + "////////////f///////gAAAAAAAf///////MEAEHn///////////////3///////" + + "4AAAAAAAH///////AQeawFsO9zxiUHQ1lSSFHXKcanbL7J9HTd5YYXClCwKBB8CD/" + + "qWPNyogWzMM7hkK+35BcPTWFc9Pyf7vTs8uaqvAh5///////////////9///+eXpq" + + "fXZBx+9FSJoiQnQsDIgAEHwJbbcU7xholSP+w9nFHLebJUhqdLSU05lq/y9X+DHAw" + + "CwYHKoZIzj0EAQUAA0MAMEACHnz6t4UNoVROp74ma4XNDjjGcjaqiIWPZLK8Bdw3G" + + "QIeLZ4j3a6ividZl344UH+UPUE7xJxlYGuy7ejTsqRR"); + + try + { + Assert.IsNotNull(new X509CertificateParser().ReadCertificate(oldEcdsa)); + } + catch (Exception) + { + Assert.Fail("Reading old ECDSA Certificate."); + } + + + byte[] uncompressedPtEC = Base64.Decode( + "MIIDKzCCAsGgAwIBAgICA+kwCwYHKoZIzj0EAQUAMGYxCzAJBgNVBAYTAkpQ" + + "MRUwEwYDVQQKEwxuaXRlY2guYWMuanAxDjAMBgNVBAsTBWFpbGFiMQ8wDQYD" + + "VQQDEwZ0ZXN0Y2ExHzAdBgkqhkiG9w0BCQEWEHRlc3RjYUBsb2NhbGhvc3Qw" + + "HhcNMDExMDEzMTE1MzE3WhcNMjAxMjEyMTE1MzE3WjBmMQswCQYDVQQGEwJK" + + "UDEVMBMGA1UEChMMbml0ZWNoLmFjLmpwMQ4wDAYDVQQLEwVhaWxhYjEPMA0G" + + "A1UEAxMGdGVzdGNhMR8wHQYJKoZIhvcNAQkBFhB0ZXN0Y2FAbG9jYWxob3N0" + + "MIIBczCCARsGByqGSM49AgEwggEOAgEBMDMGByqGSM49AQECKEdYWnajFmnZ" + + "tzrukK2XWdle2v+GsD9l1ZiR6g7ozQDbhFH/bBiMDQcwVAQoJ5EQKrI54/CT" + + "xOQ2pMsd/fsXD+EX8YREd8bKHWiLz8lIVdD5cBNeVwQoMKSc6HfI7vKZp8Q2" + + "zWgIFOarx1GQoWJbMcSt188xsl30ncJuJT2OoARRBAqJ4fD+q6hbqgNSjTQ7" + + "htle1KO3eiaZgcJ8rrnyN8P+5A8+5K+H9aQ/NbBR4Gs7yto5PXIUZEUgodHA" + + "TZMSAcSq5ZYt4KbnSYaLY0TtH9CqAigEwZ+hglbT21B7ZTzYX2xj0x+qooJD" + + "hVTLtIPaYJK2HrMPxTw6/zfrAgEPA1IABAnvfFcFDgD/JicwBGn6vR3N8MIn" + + "mptZf/mnJ1y649uCF60zOgdwIyI7pVSxBFsJ7ohqXEHW0x7LrGVkdSEiipiH" + + "LYslqh3xrqbAgPbl93GUo0IwQDAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB" + + "/wQEAwIBxjAdBgNVHQ4EFgQUAEo62Xm9H6DcsE0zUDTza4BRG90wCwYHKoZI" + + "zj0EAQUAA1cAMFQCKAQsCHHSNOqfJXLgt3bg5+k49hIBGVr/bfG0B9JU3rNt" + + "Ycl9Y2zfRPUCKAK2ccOQXByAWfsasDu8zKHxkZv7LVDTFjAIffz3HaCQeVhD" + + "z+fauEg="); + + try + { + Assert.IsNotNull(new X509CertificateParser().ReadCertificate(uncompressedPtEC)); + } + catch (Exception) + { + Assert.Fail("Reading uncompressed ECPoint Certificate."); + } + + + byte[] keyUsage = Base64.Decode( + "MIIE7TCCBFagAwIBAgIEOAOR7jANBgkqhkiG9w0BAQQFADCByTELMAkGA1UE" + + "BhMCVVMxFDASBgNVBAoTC0VudHJ1c3QubmV0MUgwRgYDVQQLFD93d3cuZW50" + + "cnVzdC5uZXQvQ2xpZW50X0NBX0luZm8vQ1BTIGluY29ycC4gYnkgcmVmLiBs" + + "aW1pdHMgbGlhYi4xJTAjBgNVBAsTHChjKSAxOTk5IEVudHJ1c3QubmV0IExp" + + "bWl0ZWQxMzAxBgNVBAMTKkVudHJ1c3QubmV0IENsaWVudCBDZXJ0aWZpY2F0" + + "aW9uIEF1dGhvcml0eTAeFw05OTEwMTIxOTI0MzBaFw0xOTEwMTIxOTU0MzBa" + + "MIHJMQswCQYDVQQGEwJVUzEUMBIGA1UEChMLRW50cnVzdC5uZXQxSDBGBgNV" + + "BAsUP3d3dy5lbnRydXN0Lm5ldC9DbGllbnRfQ0FfSW5mby9DUFMgaW5jb3Jw" + + "LiBieSByZWYuIGxpbWl0cyBsaWFiLjElMCMGA1UECxMcKGMpIDE5OTkgRW50" + + "cnVzdC5uZXQgTGltaXRlZDEzMDEGA1UEAxMqRW50cnVzdC5uZXQgQ2xpZW50" + + "IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MIGdMA0GCSqGSIb3DQEBAQUAA4GL" + + "ADCBhwKBgQDIOpleMRffrCdvkHvkGf9FozTC28GoT/Bo6oT9n3V5z8GKUZSv" + + "x1cDR2SerYIbWtp/N3hHuzeYEpbOxhN979IMMFGpOZ5V+Pux5zDeg7K6PvHV" + + "iTs7hbqqdCz+PzFur5GVbgbUB01LLFZHGARS2g4Qk79jkJvh34zmAqTmT173" + + "iwIBA6OCAeAwggHcMBEGCWCGSAGG+EIBAQQEAwIABzCCASIGA1UdHwSCARkw" + + "ggEVMIHkoIHhoIHepIHbMIHYMQswCQYDVQQGEwJVUzEUMBIGA1UEChMLRW50" + + "cnVzdC5uZXQxSDBGBgNVBAsUP3d3dy5lbnRydXN0Lm5ldC9DbGllbnRfQ0Ff" + + "SW5mby9DUFMgaW5jb3JwLiBieSByZWYuIGxpbWl0cyBsaWFiLjElMCMGA1UE" + + "CxMcKGMpIDE5OTkgRW50cnVzdC5uZXQgTGltaXRlZDEzMDEGA1UEAxMqRW50" + + "cnVzdC5uZXQgQ2xpZW50IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MQ0wCwYD" + + "VQQDEwRDUkwxMCygKqAohiZodHRwOi8vd3d3LmVudHJ1c3QubmV0L0NSTC9D" + + "bGllbnQxLmNybDArBgNVHRAEJDAigA8xOTk5MTAxMjE5MjQzMFqBDzIwMTkx" + + "MDEyMTkyNDMwWjALBgNVHQ8EBAMCAQYwHwYDVR0jBBgwFoAUxPucKXuXzUyW" + + "/O5bs8qZdIuV6kwwHQYDVR0OBBYEFMT7nCl7l81MlvzuW7PKmXSLlepMMAwG" + + "A1UdEwQFMAMBAf8wGQYJKoZIhvZ9B0EABAwwChsEVjQuMAMCBJAwDQYJKoZI" + + "hvcNAQEEBQADgYEAP66K8ddmAwWePvrqHEa7pFuPeJoSSJn59DXeDDYHAmsQ" + + "OokUgZwxpnyyQbJq5wcBoUv5nyU7lsqZwz6hURzzwy5E97BnRqqS5TvaHBkU" + + "ODDV4qIxJS7x7EU47fgGWANzYrAQMY9Av2TgXD7FTx/aEkP/TOYGJqibGapE" + + "PHayXOw="); + + try + { + Assert.IsNotNull(new X509CertificateParser().ReadCertificate(keyUsage)); + } + catch (Exception) + { + Assert.Fail("Reading Cert with Key Usage."); + } + + + byte[] nameCert = Base64.Decode( + "MIIEFjCCA3+gAwIBAgIEdS8BozANBgkqhkiG9w0BAQUFADBKMQswCQYDVQQGEwJE" + + "RTERMA8GA1UEChQIREFURVYgZUcxKDAMBgcCggYBCgcUEwExMBgGA1UEAxQRQ0Eg" + + "REFURVYgRDAzIDE6UE4wIhgPMjAwMTA1MTAxMDIyNDhaGA8yMDA0MDUwOTEwMjI0" + + "OFowgYQxCzAJBgNVBAYTAkRFMQ8wDQYDVQQIFAZCYXllcm4xEjAQBgNVBAcUCU7I" + + "dXJuYmVyZzERMA8GA1UEChQIREFURVYgZUcxHTAbBgNVBAUTFDAwMDAwMDAwMDA4" + + "OTU3NDM2MDAxMR4wHAYDVQQDFBVEaWV0bWFyIFNlbmdlbmxlaXRuZXIwgaEwDQYJ" + + "KoZIhvcNAQEBBQADgY8AMIGLAoGBAJLI/LJLKaHoMk8fBECW/od8u5erZi6jI8Ug" + + "C0a/LZyQUO/R20vWJs6GrClQtXB+AtfiBSnyZOSYzOdfDI8yEKPEv8qSuUPpOHps" + + "uNCFdLZF1vavVYGEEWs2+y+uuPmg8q1oPRyRmUZ+x9HrDvCXJraaDfTEd9olmB/Z" + + "AuC/PqpjAgUAwAAAAaOCAcYwggHCMAwGA1UdEwEB/wQCMAAwDwYDVR0PAQH/BAUD" + + "AwdAADAxBgNVHSAEKjAoMCYGBSskCAEBMB0wGwYIKwYBBQUHAgEWD3d3dy56cy5k" + + "YXRldi5kZTApBgNVHREEIjAggR5kaWV0bWFyLnNlbmdlbmxlaXRuZXJAZGF0ZXYu" + + "ZGUwgYQGA1UdIwR9MHuhc6RxMG8xCzAJBgNVBAYTAkRFMT0wOwYDVQQKFDRSZWd1" + + "bGllcnVuZ3NiZWjIb3JkZSBmyHVyIFRlbGVrb21tdW5pa2F0aW9uIHVuZCBQb3N0" + + "MSEwDAYHAoIGAQoHFBMBMTARBgNVBAMUCjVSLUNBIDE6UE6CBACm8LkwDgYHAoIG" + + "AQoMAAQDAQEAMEcGA1UdHwRAMD4wPKAUoBKGEHd3dy5jcmwuZGF0ZXYuZGWiJKQi" + + "MCAxCzAJBgNVBAYTAkRFMREwDwYDVQQKFAhEQVRFViBlRzAWBgUrJAgDBAQNMAsT" + + "A0VVUgIBBQIBATAdBgNVHQ4EFgQUfv6xFP0xk7027folhy+ziZvBJiwwLAYIKwYB" + + "BQUHAQEEIDAeMBwGCCsGAQUFBzABhhB3d3cuZGlyLmRhdGV2LmRlMA0GCSqGSIb3" + + "DQEBBQUAA4GBAEOVX6uQxbgtKzdgbTi6YLffMftFr2mmNwch7qzpM5gxcynzgVkg" + + "pnQcDNlm5AIbS6pO8jTCLfCd5TZ5biQksBErqmesIl3QD+VqtB+RNghxectZ3VEs" + + "nCUtcE7tJ8O14qwCb3TxS9dvIUFiVi4DjbxX46TdcTbTaK8/qr6AIf+l"); + + try + { + Assert.IsNotNull(new X509CertificateParser().ReadCertificate(nameCert)); + } + catch (Exception) + { + Assert.Fail("Reading Named Certificate."); + } + + + byte[] probSelfSignedCert = Base64.Decode( + "MIICxTCCAi6gAwIBAgIQAQAAAAAAAAAAAAAAAAAAATANBgkqhkiG9w0BAQUFADBF" + + "MScwJQYDVQQKEx4gRElSRUNUSU9OIEdFTkVSQUxFIERFUyBJTVBPVFMxGjAYBgNV" + + "BAMTESBBQyBNSU5FRkkgQiBURVNUMB4XDTA0MDUwNzEyMDAwMFoXDTE0MDUwNzEy" + + "MDAwMFowRTEnMCUGA1UEChMeIERJUkVDVElPTiBHRU5FUkFMRSBERVMgSU1QT1RT" + + "MRowGAYDVQQDExEgQUMgTUlORUZJIEIgVEVTVDCBnzANBgkqhkiG9w0BAQEFAAOB" + + "jQAwgYkCgYEAveoCUOAukZdcFCs2qJk76vSqEX0ZFzHqQ6faBPZWjwkgUNwZ6m6m" + + "qWvvyq1cuxhoDvpfC6NXILETawYc6MNwwxsOtVVIjuXlcF17NMejljJafbPximEt" + + "DQ4LcQeSp4K7FyFlIAMLyt3BQ77emGzU5fjFTvHSUNb3jblx0sV28c0CAwEAAaOB" + + "tTCBsjAfBgNVHSMEGDAWgBSEJ4bLbvEQY8cYMAFKPFD1/fFXlzAdBgNVHQ4EFgQU" + + "hCeGy27xEGPHGDABSjxQ9f3xV5cwDgYDVR0PAQH/BAQDAgEGMBEGCWCGSAGG+EIB" + + "AQQEAwIBBjA8BgNVHR8ENTAzMDGgL6AthitodHRwOi8vYWRvbmlzLnBrNy5jZXJ0" + + "cGx1cy5uZXQvZGdpLXRlc3QuY3JsMA8GA1UdEwEB/wQFMAMBAf8wDQYJKoZIhvcN" + + "AQEFBQADgYEAmToHJWjd3+4zknfsP09H6uMbolHNGG0zTS2lrLKpzcmkQfjhQpT9" + + "LUTBvfs1jdjo9fGmQLvOG+Sm51Rbjglb8bcikVI5gLbclOlvqLkm77otjl4U4Z2/" + + "Y0vP14Aov3Sn3k+17EfReYUZI4liuB95ncobC4e8ZM++LjQcIM0s+Vs="); + + try + { + Assert.IsNotNull(new X509CertificateParser().ReadCertificate(probSelfSignedCert)); + } + catch (Exception) + { + Assert.Fail("Reading busted Certificate."); + } + } + + public static void Main(string[] args) + { + RunTest(new TestCertificateGen()); + } + + public override void PerformTest() + { + TestCreationRSA(); + TestCreationDSA(); + TestCreationECDSA(); + } + } +} diff --git a/BouncyCastle/crypto/testcfg.nunit b/BouncyCastle/crypto/testcfg.nunit new file mode 100644 index 0000000..e4061da --- /dev/null +++ b/BouncyCastle/crypto/testcfg.nunit @@ -0,0 +1,6 @@ + + + + + + diff --git a/BouncyCastle/csharp.sln b/BouncyCastle/csharp.sln new file mode 100644 index 0000000..ce64a08 --- /dev/null +++ b/BouncyCastle/csharp.sln @@ -0,0 +1,29 @@ +Microsoft Visual Studio Solution File, Format Version 8.00 +Project("{FAE04EC0-301F-11D3-BF4B-00C04F79EFBC}") = "crypto", "crypto\crypto.csproj", "{38872A5F-E87E-4FAD-B109-8EB7B2E6A4A0}" + ProjectSection(ProjectDependencies) = postProject + EndProjectSection +EndProject +Project("{FAE04EC0-301F-11D3-BF4B-00C04F79EFBC}") = "crypto-test", "crypto-test\crypto-test.csproj", "{C857AD68-8F1B-4C7A-A76B-3DC03CBE4FB0}" + ProjectSection(ProjectDependencies) = postProject + EndProjectSection +EndProject +Global + GlobalSection(SolutionConfiguration) = preSolution + Debug = Debug + Release = Release + EndGlobalSection + GlobalSection(ProjectConfiguration) = postSolution + {38872A5F-E87E-4FAD-B109-8EB7B2E6A4A0}.Debug.ActiveCfg = Debug|.NET + {38872A5F-E87E-4FAD-B109-8EB7B2E6A4A0}.Debug.Build.0 = Debug|.NET + {38872A5F-E87E-4FAD-B109-8EB7B2E6A4A0}.Release.ActiveCfg = Release|.NET + {38872A5F-E87E-4FAD-B109-8EB7B2E6A4A0}.Release.Build.0 = Release|.NET + {C857AD68-8F1B-4C7A-A76B-3DC03CBE4FB0}.Debug.ActiveCfg = Debug|.NET + {C857AD68-8F1B-4C7A-A76B-3DC03CBE4FB0}.Debug.Build.0 = Debug|.NET + {C857AD68-8F1B-4C7A-A76B-3DC03CBE4FB0}.Release.ActiveCfg = Release|.NET + {C857AD68-8F1B-4C7A-A76B-3DC03CBE4FB0}.Release.Build.0 = Release|.NET + EndGlobalSection + GlobalSection(ExtensibilityGlobals) = postSolution + EndGlobalSection + GlobalSection(ExtensibilityAddIns) = postSolution + EndGlobalSection +EndGlobal diff --git a/CATCheck/CATCheck.csproj b/CATCheck/CATCheck.csproj index 1e180ad..8c933dc 100644 --- a/CATCheck/CATCheck.csproj +++ b/CATCheck/CATCheck.csproj @@ -11,6 +11,8 @@ v4.0 512 true + + AnyCPU diff --git a/CubicSpline/CubicSpline/CubicSpline.csproj b/CubicSpline/CubicSpline/CubicSpline.csproj index 93cb8d8..e08204e 100644 --- a/CubicSpline/CubicSpline/CubicSpline.csproj +++ b/CubicSpline/CubicSpline/CubicSpline.csproj @@ -33,14 +33,8 @@ 4 - - ..\..\packages\Newtonsoft.Json.12.0.3\lib\net40\Newtonsoft.Json.dll - - - ..\..\packages\Stub.System.Data.SQLite.Core.NetFramework.1.0.113.3\lib\net40\System.Data.SQLite.dll - @@ -53,17 +47,7 @@ - - - - - - - Dieses Projekt verweist auf mindestens ein NuGet-Paket, das auf diesem Computer fehlt. Verwenden Sie die Wiederherstellung von NuGet-Paketen, um die fehlenden Dateien herunterzuladen. Weitere Informationen finden Sie unter "http://go.microsoft.com/fwlink/?LinkID=322105". Die fehlende Datei ist "{0}". - - - remove if (cache.Count > GetCacheSize(model)) { - cache.RemoveAt(0); + // maintain cache size --> remove + if (cache.Count > GetCacheSize(model)) + { + cache.RemoveAt(0); + } + cache.Add(loc, td); } - cache.Add(loc, td); } } - // keep tile in cache if (td != null) { @@ -977,18 +980,10 @@ namespace ScoutBase.Elevation return DateTime.MinValue; lock (db) { - object result = null; - try - { - db.DBCommand.CommandText = "SELECT LastUpdated FROM " + ElevationTileDesignator.TableName + " WHERE TileIndex = @TileIndex"; - db.DBCommand.Parameters.Clear(); - db.DBCommand.Parameters.Add(tile.AsString("TileIndex")); - result = db.ExecuteScalar(db.DBCommand); - } - catch (Exception ex) - { - - } + db.DBCommand.CommandText = "SELECT LastUpdated FROM " + ElevationTileDesignator.TableName + " WHERE TileIndex = @TileIndex"; + db.DBCommand.Parameters.Clear(); + db.DBCommand.Parameters.Add(tile.AsString("TileIndex")); + object result = db.ExecuteScalar(db.DBCommand); if (result != null) return (SQLiteEntry.UNIXTimeToDateTime((int)result)); } @@ -1406,6 +1401,7 @@ namespace ScoutBase.Elevation bool tilemissing = false; // convert stepwidth to [km] stepwidth = stepwidth / 1000.0; + // check if elevation database is complete before trying to retrieve elevation path bool complete = this.GetDBStatusBit(model, DATABASESTATUS.COMPLETE) & !this.GetDBStatusBit(model, DATABASESTATUS.ERROR); int avperiod = GetElevationPathAveragePeriod(model); // check for any averaging @@ -1844,23 +1840,31 @@ namespace ScoutBase.Elevation public LocalObstructionDesignator LocalObstructionFind(LocalObstructionDesignator obstr, ELEVATIONMODEL model) { - if (obstr == null) - return null; - - System.Data.SQLite.SQLiteDatabase db = GetElevationDatabase(model); - if (db == null) - return null; - - lock (db) + try { - db.DBCommand.CommandText = "SELECT * FROM " + LocalObstructionDesignator.TableName + " WHERE Lat = @Lat AND Lon = @Lon"; - db.DBCommand.Parameters.Clear(); - db.DBCommand.Parameters.Add(obstr.AsDouble("Lat")); - db.DBCommand.Parameters.Add(obstr.AsDouble("Lon")); - DataTable Result = db.Select(db.DBCommand); - if ((Result != null) && (Result.Rows.Count > 0)) - return new LocalObstructionDesignator(Result.Rows[0]); + if (obstr == null) + return null; + + System.Data.SQLite.SQLiteDatabase db = GetElevationDatabase(model); + if (db == null) + return null; + + lock (db) + { + db.DBCommand.CommandText = "SELECT * FROM " + LocalObstructionDesignator.TableName + " WHERE Lat = @Lat AND Lon = @Lon"; + db.DBCommand.Parameters.Clear(); + db.DBCommand.Parameters.Add(obstr.AsDouble("Lat")); + db.DBCommand.Parameters.Add(obstr.AsDouble("Lon")); + DataTable Result = db.Select(db.DBCommand); + if ((Result != null) && (Result.Rows.Count > 0)) + return new LocalObstructionDesignator(Result.Rows[0]); + } } + catch (Exception ex) + { + // do nothing if fails + } + return null; } diff --git a/ScoutBase/ScoutBase.Elevation/ElevationDatabase.cs.bak b/ScoutBase/ScoutBase.Elevation/ElevationDatabase.cs.bak new file mode 100644 index 0000000..36cd4e6 --- /dev/null +++ b/ScoutBase/ScoutBase.Elevation/ElevationDatabase.cs.bak @@ -0,0 +1,2118 @@ +using System; +using System.Collections.Generic; +using System.Collections.Specialized; +using System.Linq; +using System.Text; +using System.Net; +using System.IO; +using System.Xml.Linq; +using System.Globalization; +using System.Reflection; +using System.Diagnostics; +using System.Runtime.InteropServices; +using System.ComponentModel; +using System.Drawing; +using System.Drawing.Imaging; +using System.Windows.Forms; +using System.Configuration; +using System.Data; +using System.Threading; +using System.Data.SQLite; +using System.Windows; +using ScoutBase.Core; +using ScoutBase.Database; +using Newtonsoft.Json; + +namespace ScoutBase.Elevation +{ + + public class ElevationPoint + { + public double Dist { get; set; } + public short Elv { get; set; } + + public ElevationPoint(double dist, short elv) + { + Dist = dist; + Elv = elv; + } + } + + public class ElevationData + { + static ElevationDatabase elevation = new ElevationDatabase(); + public static ElevationDatabase Database + { + get + { + return elevation; + } + } + + } + + /// + /// Holds the Digital Elevation Model (DEM) in a database structure. + /// Returns the elevation of any point referenced with latitude and longitude. + /// + /// The latitude of point. + /// The The longitude of point. + /// An elevation value according to lat/lon. + public class ElevationDatabase : ScoutBaseDatabase + { + /// + /// Value of elevation data missing flag + /// + [Description("Value of elevation data missing flag")] + [DefaultValue(-32768)] + public short ElvMissingFlag + { + get + { + return -32768; + } + } + + /// + /// Value of elevation tile missing flag + /// + [Description("Value of elevation tile missing flag")] + [DefaultValue(-32767)] + public short TileMissingFlag + { + get + { + return -32767; + } + } + + // Elevation database bounds + public double MinLat { get; set; } + public double MinLon { get; set; } + public double MaxLat { get; set; } + public double MaxLon { get; set; } + + System.Data.SQLite.SQLiteDatabase globe; + System.Data.SQLite.SQLiteDatabase srtm3; + System.Data.SQLite.SQLiteDatabase srtm1; + System.Data.SQLite.SQLiteDatabase aster3; + System.Data.SQLite.SQLiteDatabase aster1; + + // tile cache + private ElevationTileDesignator globe_tile = null; + private ElevationTileDesignator srtm3_tile = null; + private ElevationTileDesignator srtm1_tile = null; + private ElevationTileDesignator aster3_tile = null; + private ElevationTileDesignator aster1_tile = null; + private OrderedDictionary globe_cache = new OrderedDictionary(); + private OrderedDictionary srtm3_cache = new OrderedDictionary(); + private OrderedDictionary srtm1_cache = new OrderedDictionary(); + private OrderedDictionary aster3_cache = new OrderedDictionary(); + private OrderedDictionary aster1_cache = new OrderedDictionary(); + private int globe_tile_size = 138; + private int srtm3_tile_size = 10038; + private int srtm1_tile_size = 90038; + private int aster3_tile_size = 10038; + private int aster1_tile_size = 90038; + private int globe_cache_count = 0; + private int srtm3_cache_count = 0; + private int srtm1_cache_count = 0; + private int aster3_cache_count = 0; + private int aster1_cache_count = 0; + + public ElevationDatabase() + { + UserVersion = 1; + Name = "ScoutBase Elevation Database"; + Description = "The Scoutbase Elevation Database is containing various elevation information.\n" + + "The basic elevation information is kept unique per 6digit-Maidenhead Locator and is updated periodically from a global web resource.\n" + + "The path and horizon information are unique per one oder between two geographical locations.\n" + + "These values are (pre-)calculated and stored at runtime.\n" + + "All values are based on a distinct elevation model either GLOBE, SRTM3, SRTM1 or ASTER."; + // add table description manually + TableDescriptions.Add(ElevationTileDesignator.TableName, "Holds elevation information per 6digit Maidenhead Locator."); + TableDescriptions.Add(ElevationPathDesignator.TableName, "Holds elevation path information between two locations."); + TableDescriptions.Add(ElevationHorizonDesignator.TableName, "Holds elevation horizon information for one location."); + TableDescriptions.Add(LocalObstructionDesignator.TableName, "Holds local obstruction information for one location."); + // initialize cache sizes + CacheSetBounds(); + // open databases + globe = OpenDatabase("globe.db3", DefaultDatabaseDirectory(), false); + srtm3 = OpenDatabase("srtm3.db3", DefaultDatabaseDirectory(), false); + srtm1 = OpenDatabase("srtm1.db3", DefaultDatabaseDirectory(), false); + aster3 = OpenDatabase("aster3.db3", DefaultDatabaseDirectory(), false); + aster1 = OpenDatabase("aster1.db3", DefaultDatabaseDirectory(), false); + // create tables with schemas if not exist + if (!ElevationTileTableExists(ELEVATIONMODEL.GLOBE)) + ElevationTileCreateTable(ELEVATIONMODEL.GLOBE); + if (!ElevationTileTableExists(ELEVATIONMODEL.SRTM3)) + ElevationTileCreateTable(ELEVATIONMODEL.SRTM3); + if (!ElevationTileTableExists(ELEVATIONMODEL.SRTM1)) + ElevationTileCreateTable(ELEVATIONMODEL.SRTM1); + if (!ElevationTileTableExists(ELEVATIONMODEL.ASTER3)) + ElevationTileCreateTable(ELEVATIONMODEL.ASTER3); + if (!ElevationTileTableExists(ELEVATIONMODEL.ASTER1)) + ElevationTileCreateTable(ELEVATIONMODEL.ASTER1); + if (!ElevationPathTableExists(ELEVATIONMODEL.GLOBE)) + ElevationPathCreateTable(ELEVATIONMODEL.GLOBE); + if (!ElevationPathTableExists(ELEVATIONMODEL.SRTM3)) + ElevationPathCreateTable(ELEVATIONMODEL.SRTM3); + if (!ElevationPathTableExists(ELEVATIONMODEL.SRTM1)) + ElevationPathCreateTable(ELEVATIONMODEL.SRTM1); + if (!ElevationPathTableExists(ELEVATIONMODEL.ASTER3)) + ElevationPathCreateTable(ELEVATIONMODEL.ASTER3); + if (!ElevationPathTableExists(ELEVATIONMODEL.ASTER1)) + ElevationPathCreateTable(ELEVATIONMODEL.ASTER1); + if (!ElevationHorizonTableExists(ELEVATIONMODEL.GLOBE)) + ElevationHorizonCreateTable(ELEVATIONMODEL.GLOBE); + if (!ElevationHorizonTableExists(ELEVATIONMODEL.SRTM3)) + ElevationHorizonCreateTable(ELEVATIONMODEL.SRTM3); + if (!ElevationHorizonTableExists(ELEVATIONMODEL.SRTM1)) + ElevationHorizonCreateTable(ELEVATIONMODEL.SRTM1); + if (!ElevationHorizonTableExists(ELEVATIONMODEL.ASTER3)) + ElevationHorizonCreateTable(ELEVATIONMODEL.ASTER3); + if (!ElevationHorizonTableExists(ELEVATIONMODEL.ASTER1)) + ElevationHorizonCreateTable(ELEVATIONMODEL.ASTER1); + if (!LocalObstructionTableExists(ELEVATIONMODEL.GLOBE)) + LocalObstructionCreateTable(ELEVATIONMODEL.GLOBE); + if (!LocalObstructionTableExists(ELEVATIONMODEL.SRTM3)) + LocalObstructionCreateTable(ELEVATIONMODEL.SRTM3); + if (!LocalObstructionTableExists(ELEVATIONMODEL.SRTM1)) + LocalObstructionCreateTable(ELEVATIONMODEL.SRTM1); + if (!LocalObstructionTableExists(ELEVATIONMODEL.ASTER3)) + LocalObstructionCreateTable(ELEVATIONMODEL.ASTER3); + if (!LocalObstructionTableExists(ELEVATIONMODEL.ASTER1)) + LocalObstructionCreateTable(ELEVATIONMODEL.ASTER1); + // set default bounds + MinLat = double.MinValue; + MinLon = double.MinValue; + MaxLat = double.MaxValue; + MaxLon = double.MaxValue; + } + + ~ElevationDatabase() + { + CloseDatabase(globe); + CloseDatabase(srtm3); + CloseDatabase(srtm1); + CloseDatabase(aster3); + CloseDatabase(aster1); + } + + private void UpgradeToV1(System.Data.SQLite.SQLiteDatabase db) + { + if (db == null) + return; + // upgrades database to V1 + if (MessageBox.Show("A major database upgrade is necessary to run this version of AirScout. Older versions of AirScout are not compatible anymore and will cause errors. \n\nPress >OK< to start upgrade now (this will take some minutes). \nPress >Cancel< to leave.", "Database Upgrade of " + Path.GetFileName(db.DBLocation), MessageBoxButtons.OKCancel) == DialogResult.Cancel) + Environment.Exit(-1); // exit immediately + lock (db) + { + // set savepoint + string savepointname = "UpgradeToV1"; + db.Execute("SAVEPOINT " + savepointname); + try + { + // drop version info table --> maintain PRAGMA user_version instead + db.DropTable("VersionInfo"); + // change Elevation table + Stopwatch st = new Stopwatch(); + st.Start(); + Log.WriteMessage("Database " + db.DBLocation + " is being converted..."); + UpgradeTableToV1(db, ElevationTileDesignator.TableName); + UpgradeTableToV1(db, ElevationPathDesignator.TableName); + st.Stop(); + Log.WriteMessage("Database " + db.DBLocation + " is converted successfully [" + st.ElapsedMilliseconds / 1000 + "ms]"); + // set new database version + db.SetUserVerion(1); + // release savepoint + db.Execute("RELEASE " + savepointname); + } + catch (Exception ex) + { + // fatal error, can't upgrade database and can't rollback --> write log + Log.WriteMessage(ex.ToString(), LogLevel.Error); + Log.WriteMessage("Application crashed and will close immediately."); + Log.FlushLog(); + // try to rollback database + db.Execute("ROLLBACK TO " + savepointname); + // exit immediately + Environment.Exit(-1); + } + } + } + + public System.Data.SQLite.SQLiteDatabase GetElevationDatabase(ELEVATIONMODEL model) + { + switch (model) + { + case ELEVATIONMODEL.GLOBE: return globe; + case ELEVATIONMODEL.SRTM3: return srtm3; + case ELEVATIONMODEL.SRTM1: return srtm1; + case ELEVATIONMODEL.ASTER3: return aster3; + case ELEVATIONMODEL.ASTER1: return aster1; + default: return null; + } + } + + public string DefaultDatabaseDirectory() + { + // create default database directory name + // fully qualify path and adjust it to Windows/Linux notation + // create directory if not exists + // return directory string if needed + string dir = Properties.Settings.Default.Database_Directory; + // set default value if empty + if (String.IsNullOrEmpty(dir)) + dir = "ElevationData"; + // fully qualify path if not rooted + if (!System.IO.Path.IsPathRooted(dir)) + { + // empty or incomplete settings --> create fully qulified standard path + // collect entry assembly info + Assembly ass = Assembly.GetExecutingAssembly(); + string company = ""; + string product = ""; + object[] attribs; + attribs = ass.GetCustomAttributes(typeof(AssemblyCompanyAttribute), true); + if (attribs.Length > 0) + { + company = ((AssemblyCompanyAttribute)attribs[0]).Company; + } + attribs = ass.GetCustomAttributes(typeof(AssemblyProductAttribute), true); + if (attribs.Length > 0) + { + product = ((AssemblyProductAttribute)attribs[0]).Product; + } + // create database path + string rootdir = Environment.GetFolderPath(Environment.SpecialFolder.LocalApplicationData); + if (!String.IsNullOrEmpty(company)) + rootdir = Path.Combine(rootdir, company); + if (!String.IsNullOrEmpty(product)) + rootdir = Path.Combine(rootdir, product); + dir = Path.Combine(rootdir, dir); + } + // replace Windows/Linux directory spearator chars + dir = dir.Replace('\\', Path.DirectorySeparatorChar); + dir = dir.Replace('/', Path.DirectorySeparatorChar); + // create directory if not exists + if (!Directory.Exists(dir)) + Directory.CreateDirectory(dir); + return dir; + } + + public string DefaultDatabaseDirectory (ELEVATIONMODEL model) + { + // get root directory + string dir = DefaultDatabaseDirectory(); + // get elevation specific directory + switch (model) + { + case ELEVATIONMODEL.GLOBE: + dir = Path.Combine(dir, Properties.Settings.Default.Elevation_GLOBE_DataPath); + break; + case ELEVATIONMODEL.SRTM3: + dir = Path.Combine(dir, Properties.Settings.Default.Elevation_SRTM3_DataPath); + break; + case ELEVATIONMODEL.SRTM1: + dir = Path.Combine(dir, Properties.Settings.Default.Elevation_SRTM1_DataPath); + break; + case ELEVATIONMODEL.ASTER3: + dir = Path.Combine(dir, Properties.Settings.Default.Elevation_ASTER3_DataPath); + break; + case ELEVATIONMODEL.ASTER1: + dir = Path.Combine(dir, Properties.Settings.Default.Elevation_ASTER1_DataPath); + break; + } + // replace Windows/Linux directory spearator chars + dir = dir.Replace('\\', Path.DirectorySeparatorChar); + dir = dir.Replace('/', Path.DirectorySeparatorChar); + // create directory if not exists + if (!Directory.Exists(dir)) + Directory.CreateDirectory(dir); + return dir; + } + + public string UpdateURL(ELEVATIONMODEL model) + { + // get elevation specific update URL + switch (model) + { + case ELEVATIONMODEL.GLOBE: + return Properties.Settings.Default.Elevation_GLOBE_UpdateURL; + case ELEVATIONMODEL.SRTM3: + return Properties.Settings.Default.Elevation_SRTM3_UpdateURL; + case ELEVATIONMODEL.SRTM1: + return Properties.Settings.Default.Elevation_SRTM1_UpdateURL; + case ELEVATIONMODEL.ASTER3: + return Properties.Settings.Default.Elevation_ASTER3_UpdateURL; + case ELEVATIONMODEL.ASTER1: + return Properties.Settings.Default.Elevation_ASTER1_UpdateURL; + } + return ""; + } + + public string JSONFile(ELEVATIONMODEL model) + { + // get elevation specific JSON cache file + switch (model) + { + case ELEVATIONMODEL.GLOBE: + return Properties.Settings.Default.Elevation_GLOBE_JSONFile; + case ELEVATIONMODEL.SRTM3: + return Properties.Settings.Default.Elevation_SRTM3_JSONFile; + case ELEVATIONMODEL.SRTM1: + return Properties.Settings.Default.Elevation_SRTM1_JSONFile; + case ELEVATIONMODEL.ASTER3: + return Properties.Settings.Default.Elevation_ASTER3_JSONFile; + case ELEVATIONMODEL.ASTER1: + return Properties.Settings.Default.Elevation_ASTER1_JSONFile; + } + return ""; + + } + + public string GetDBLocation(ELEVATIONMODEL model) + { + System.Data.SQLite.SQLiteDatabase db = GetElevationDatabase(model); + if (db == null) + return ""; + return this.GetDBLocation(db); + } + + public double GetDBSize(ELEVATIONMODEL model) + { + System.Data.SQLite.SQLiteDatabase db = GetElevationDatabase(model); + if (db == null) + return 0; + return this.GetDBSize(db); + } + + public DATABASESTATUS GetDBStatus(ELEVATIONMODEL model) + { + System.Data.SQLite.SQLiteDatabase db = GetElevationDatabase(model); + if (db == null) + return DATABASESTATUS.UNDEFINED; + return this.GetDBStatus(db); + } + + public void SetDBStatus(ELEVATIONMODEL model, DATABASESTATUS status) + { + System.Data.SQLite.SQLiteDatabase db = GetElevationDatabase(model); + if (db == null) + return; + this.SetDBStatus(status, db); + } + + public bool GetDBStatusBit(ELEVATIONMODEL model, DATABASESTATUS statusbit) + { + System.Data.SQLite.SQLiteDatabase db = GetElevationDatabase(model); + if (db == null) + return false; + return this.GetDBStatusBit(statusbit, db); + } + + public void SetDBStatusBit(ELEVATIONMODEL model, DATABASESTATUS statusbit) + { + System.Data.SQLite.SQLiteDatabase db = GetElevationDatabase(model); + if (db == null) + return; + this.SetDBStatusBit(statusbit, db); + } + + public void ResetDBStatusBit(ELEVATIONMODEL model, DATABASESTATUS statusbit) + { + System.Data.SQLite.SQLiteDatabase db = GetElevationDatabase(model); + if (db == null) + return; + this.ResetDBStatusBit(statusbit, db); + } + + public void BeginTransaction(ELEVATIONMODEL model) + { + System.Data.SQLite.SQLiteDatabase db = GetElevationDatabase(model); + if (db == null) + return; + this.BeginTransaction(db); + } + + public void Commit(ELEVATIONMODEL model) + { + System.Data.SQLite.SQLiteDatabase db = GetElevationDatabase(model); + if (db == null) + return; + this.Commit(db); + } + + private DataTable Select(ELEVATIONMODEL model, string sql) + { + System.Data.SQLite.SQLiteDatabase db = GetElevationDatabase(model); + if (db == null) + return null; + return this.Select(sql, db); + } + + /// + /// Sets the elevation tile cache size according to the amount of memory available at the system. + /// + public void CacheSetBounds() + { + // sets the elevation tile cache bounds according to available memory size + // this function gets the currently available memory size of the system which can change dynamically by influence other applications + // this function is called once at initialization of this object + // to adjust values while running, subsequent calls of this function are necessary + // get the available memory size of the system in Bytes + // asssume a 64bit configuration with no limits + // assume 1GB by default, sometimes exception occurs and memory counter cannnot be cereated + double avmem = 1; + try + { + avmem = SupportFunctions.MemoryCounter.GetAvailable() * 1024.0 * 1024.0; + } + catch (Exception ex) + { + Console.WriteLine("Can not create memory counter: " + ex.ToString()); + } + // do not use more than 10% of available memory for tile cache + avmem = avmem / 10.0; + // reduce memory when running in a 32bit configuration (use not more than 25% of max. 2GB per application) + if (!SupportFunctions.Is64BitConfiguration() && (avmem > 2 * 1024.0 * 1024.0)) + avmem = 2 * 1024.0 * 1024.0 * 0.25; + // calculate cache sizes + globe_cache_count = (int)((avmem / globe_tile_size < int.MaxValue) ? avmem / globe_tile_size : int.MaxValue); + srtm3_cache_count = (int)((avmem / srtm3_tile_size < int.MaxValue) ? avmem / srtm3_tile_size : int.MaxValue); + srtm1_cache_count = (int)((avmem / srtm1_tile_size < int.MaxValue) ? avmem / srtm1_tile_size : int.MaxValue); + aster3_cache_count = (int)((avmem / aster3_tile_size < int.MaxValue) ? avmem / aster3_tile_size : int.MaxValue); + aster1_cache_count = (int)((avmem / aster1_tile_size < int.MaxValue) ? avmem / aster1_tile_size : int.MaxValue); + } + + /// + /// Clears all elevation tile caches. + /// + public void CacheClearAll() + { + globe_cache.Clear(); + srtm3_cache.Clear(); + srtm1_cache.Clear(); + aster3_cache.Clear(); + aster1_cache.Clear(); + } + + private int GetCacheSize(ELEVATIONMODEL model) + { + // get elevation specific JSON cache file + switch (model) + { + case ELEVATIONMODEL.GLOBE: + return globe_cache_count; + case ELEVATIONMODEL.SRTM3: + return srtm3_cache_count; + case ELEVATIONMODEL.SRTM1: + return srtm1_cache_count; + case ELEVATIONMODEL.ASTER3: + return aster3_cache_count; + case ELEVATIONMODEL.ASTER1: + return aster1_cache_count; + } + return 0; + } + + public Color GetElevationColor(double elv) + { + DEMColorPalette palette = new DEMColorPalette(); + double e = (double)(elv) / 100.0; + if (e < 0) + e = 0; + if (e > 100) + e = 100; + return palette.GetColor(e); + } + + public Bitmap DrawElevationBitmap(double minlat, double minlon, double maxlat, double maxlon, int width, int height, ELEVATIONMODEL model) + { + int minelv = 0; + int maxelv = 3000; + // minimum stepwidth according to SRTM1 resolution in degrees + double minstep = 1.0 / width; + // calculate bitmap dimensions + // get the x/y ratio first + double xyratio = (maxlat - minlat) / (maxlon - minlon); + if (height <= 0) + height = (int)(width * xyratio); + double stepx = (maxlon - minlon) / width; + double stepy = (maxlat - minlat) / height; + DEMColorPalette palette = new DEMColorPalette(); + Bitmap bm = new Bitmap(width, height); + for (int i = 0; i < width; i++) + { + // System.Console.WriteLine(i); + for (int j = 0; j < height; j++) + { + int e1 = this[minlat + j * stepy, (minlon + i * stepx), model, false]; + if (e1 != ElvMissingFlag) + { + double e = (double)(e1 - minelv) / (double)(maxelv - minelv) * 100.0; + if (e < 0) + e = 0; + if (e > 100) + e = 100; + bm.SetPixel(i, height - j - 1, palette.GetColor(e)); + } + else + { + bm.SetPixel(i, height - j - 1, Color.FromArgb(0, 0, 0)); + } + } + } + return bm; + } + + /// + /// Gets an array of all Maidenhead loactors included in a rect. + /// Precision is 1..3 giving 2-digit, 4-digit or 6-digit locator strings. + /// + /// The minimum latitude of rect. + /// The minumum longitude of rect. + /// The maximum latitude of rect. + /// The maximum longitude of rect. + /// The precision (1..3, default = 3). + /// The array of included Maidenhead locators as 6-digit strings. + public List GetLocsFromRect(double minlat, double minlon, double maxlat, double maxlon, int precision = 3) + { + List a = new List(); + if ((maxlat <= minlat) || (maxlon <= minlon)) + return a; + double steplat = 0; + double steplon = 0; + switch (precision) + { + case 1: + steplat = 10.0; + steplon = 20.0; + break; + case 2: + steplat = 1.0; + steplon = 2.0; + break; + case 3: + steplat = 1 / 24.0; + steplon = 2 / 24.0; + break; + default: + throw new ArgumentOutOfRangeException("Illegal precision value (1..3): " + precision.ToString()); + } + for (double lat = minlat; lat <= maxlat; lat += steplat) + { + for (double lon = minlon; lon <= maxlon; lon += steplon) + { + a.Add(MaidenheadLocator.LocFromLatLon(lat + 0.02, lon + 0.04, false, precision)); + } + } + return a; + } + + public ElvMinMaxInfo GetMaxElvLoc(string loc, ELEVATIONMODEL model, bool setinvalidtozero = true) + { + // return null on invalid locator + if (!MaidenheadLocator.Check(loc)) + return null; + // return null if loc <> 6 digits + if (loc.Length != 6) + return null; + return this.ElevationTileFindMinMaxInfo(new ElevationTileDesignator(loc.ToUpper()), model); + } + + private OrderedDictionary GetElevationDictionary(ELEVATIONMODEL model) + { + if (model == ELEVATIONMODEL.GLOBE) + return globe_cache; + if (model == ELEVATIONMODEL.SRTM3) + return srtm3_cache; + if (model == ELEVATIONMODEL.SRTM1) + return srtm1_cache; + if (model == ELEVATIONMODEL.ASTER3) + return aster3_cache; + if (model == ELEVATIONMODEL.ASTER1) + return aster1_cache; + return null; + } + + private ElevationTileDesignator GetElevationTile(ELEVATIONMODEL model) + { + if (model == ELEVATIONMODEL.GLOBE) + return globe_tile; + if (model == ELEVATIONMODEL.SRTM3) + return srtm3_tile; + if (model == ELEVATIONMODEL.SRTM1) + return aster1_tile; + if (model == ELEVATIONMODEL.ASTER3) + return aster3_tile; + if (model == ELEVATIONMODEL.ASTER1) + return aster1_tile; + return null; + } + + private void SetElevationTile(ELEVATIONMODEL model, ElevationTileDesignator tile) + { + if (model == ELEVATIONMODEL.GLOBE) + globe_tile = tile; + if (model == ELEVATIONMODEL.SRTM3) + srtm3_tile = tile; + if (model == ELEVATIONMODEL.SRTM1) + srtm1_tile = tile; + if (model == ELEVATIONMODEL.ASTER3) + aster3_tile = tile; + if (model == ELEVATIONMODEL.ASTER1) + aster1_tile = tile; + } + + private ElevationTileDesignator GetElevationTile(ELEVATIONMODEL model, double lat, double lon) + { + // set cache according to elevation model + // check for subsequent calls first --> return last tile cached immediately + ElevationTileDesignator tile = GetElevationTile(model); + if ((tile != null) && (lat >= tile.Bounds.MinLat) && (lat <= tile.Bounds.MaxLat) && (lon >= tile.Bounds.MinLon) && (lon <= tile.Bounds.MaxLon)) + return tile; + // get cache directory + OrderedDictionary cache = GetElevationDictionary(model); + // load new tile from cache or database + string loc = MaidenheadLocator.LocFromLatLon(lat, lon, false, 3); + ElevationTileDesignator td = null; + if (cache != null) + { + lock (cache) + { + // try to find tile in cache first + td = (ElevationTileDesignator)cache[loc]; + } + } + + if (td == null) + { + // try to find tile in database + td = this.ElevationTileFind(loc, model); + if (td != null) + { + // maintain cache size --> remove + if (cache.Count > GetCacheSize(model)) + { + cache.RemoveAt(0); + } + cache.Add(loc, td); + } + } + + // keep tile in cache + if (td != null) + { + SetElevationTile(model, td); + } + + // return tile even if null + return td; + } + + private short GetElevation(ELEVATIONMODEL model, double lat, double lon, bool setinvalidtozero = true) + { + // check bounds + if ((lat < -90) || (lat > 90)) + throw new ArgumentException("Invalid latitude: " + lat.ToString("F8")); + if ((lon < -180) || (lon > 180)) + throw new ArgumentException("Invalid longitude: " + lon.ToString("F8")); + short e = ElvMissingFlag; + ElevationTileDesignator tile = GetElevationTile(model, lat, lon); + if (tile != null) + e = tile.GetElevation(lat, lon); + else + e = TileMissingFlag; + if (setinvalidtozero && (e <= TileMissingFlag)) + e = 0; + return e; + } + + public short this[double lat, double lon, ELEVATIONMODEL model, bool setinvalidtozero = true] + { + get + { + return GetElevation(model, lat, lon, setinvalidtozero); + } + } + + public ElevationPoint[] GetElevationPathLatLon(double lat1, double lon1, double lat2, double lon2, ELEVATIONMODEL model) + { + double distance = LatLon.Distance(lat1, lon1, lat2, lon2); + double bearing = LatLon.Bearing(lat1, lon1, lat2, lon2); + return GetElevationPathBearing(lat1, lon1, bearing, distance, model); + } + + public ElevationPoint[] GetElevationPathBearing(double lat1, double lon1, double bearing, double distance, ELEVATIONMODEL model) + { + // get default stepwidth in [km] + double stepwidth = GetDefaultStepWidth(model) / 1000.0; + double d = 0; + int count = (int)(distance / stepwidth); + ElevationPoint[] a = new ElevationPoint[count]; + try + { + for (int i = 0; i < count; i++) + { + LatLon.GPoint p = LatLon.DestinationPoint(lat1, lon1, bearing, d); + a[i] = new ElevationPoint(d, this[p.Lat, p.Lon, model]); + d += stepwidth; + } + } + catch (Exception ex) + { + Log.WriteMessage(ex.ToString(), LogLevel.Error); + } + return a; + } + + public double GetDefaultStepWidth(ELEVATIONMODEL model) + { + if (model == ELEVATIONMODEL.SRTM1) + return 30; + if (model == ELEVATIONMODEL.SRTM3) + return 90; + if (model == ELEVATIONMODEL.ASTER1) + return 30; + if (model == ELEVATIONMODEL.ASTER3) + return 90; + return 1000; + } + + #region ElevationTile + + public bool ElevationTileTableExists(ELEVATIONMODEL model, string tablename = "") + { + // check for table name is null or empty --> use default tablename from type instead + string tn = tablename; + if (String.IsNullOrEmpty(tn)) + tn = ElevationTileDesignator.TableName; + System.Data.SQLite.SQLiteDatabase db = GetElevationDatabase(model); + if (db == null) + return false; + return db.TableExists(tn); + } + + public void ElevationTileCreateTable(ELEVATIONMODEL model, string tablename = "") + { + System.Data.SQLite.SQLiteDatabase db = GetElevationDatabase(model); + if (db == null) + return; + lock (db) + { + // check for table name is null or empty --> use default tablename from type instead + string tn = tablename; + if (String.IsNullOrEmpty(tn)) + tn = ElevationTileDesignator.TableName; + db.DBCommand.CommandText = "CREATE TABLE " + tn + " (TileIndex TEXT NOT NULL DEFAULT '', MinElv INT32, MinLat DOUBLE, MinLon DOUBLE, MaxElv INT32, MaxLat DOUBLE, MaxLon DOUBLE, Rows INT32, Columns INT32, Elv BLOB, LastUpdated INT32, PRIMARY KEY (TileIndex))"; + db.DBCommand.Parameters.Clear(); + db.Execute(db.DBCommand); + } + } + + public int ElevationTileInsert(ElevationTileDesignator tile, ELEVATIONMODEL model) + { + System.Data.SQLite.SQLiteDatabase db = GetElevationDatabase(model); + if (db == null) + return -1; + lock (db) + { + db.DBCommand.CommandText = "INSERT INTO " + ElevationTileDesignator.TableName + " (TileIndex, MinElv, MinLat, MinLon, MaxElv, MaxLat, MaxLon, Rows, Columns, Elv, LastUpdated) VALUES (@TileIndex, @MinElv, @MinLat, @MinLon, @MaxElv, @MaxLat, @MaxLon, @Rows, @Columns, @Elv, @LastUpdated)"; + db.DBCommand.Parameters.Clear(); + db.DBCommand.Parameters.Add(tile.AsString("TileIndex")); + db.DBCommand.Parameters.Add(tile.AsInt32("MinElv")); + db.DBCommand.Parameters.Add(tile.AsDouble("MinLat")); + db.DBCommand.Parameters.Add(tile.AsDouble("MinLon")); + db.DBCommand.Parameters.Add(tile.AsInt32("MaxElv")); + db.DBCommand.Parameters.Add(tile.AsDouble("MaxLat")); + db.DBCommand.Parameters.Add(tile.AsDouble("MaxLon")); + db.DBCommand.Parameters.Add(tile.AsInt32("Rows")); + db.DBCommand.Parameters.Add(tile.AsInt32("Columns")); + db.DBCommand.Parameters.Add(tile.AsBinary("Elv")); + db.DBCommand.Parameters.Add(tile.AsUNIXTime("LastUpdated")); + return db.ExecuteNonQuery(db.DBCommand); + } + } + + public int ElevationTileBulkInsert(List tiles, ELEVATIONMODEL model) + { + int errors = 0; + System.Data.SQLite.SQLiteDatabase db = GetElevationDatabase(model); + if (db == null) + return -1; + try + { + db.BeginTransaction(); + foreach (ElevationTileDesignator tile in tiles) + { + try + { + this.ElevationTileInsert(tile, model); + } + catch (Exception ex) + { + Log.WriteMessage("Error inserting tile [" + tile.TileIndex + "]: " + ex.ToString()); + errors++; + } + } + db.Commit(); + } + catch (Exception ex) + { + Log.WriteMessage(ex.ToString(), LogLevel.Error); + } + return -errors; + } + + public int ElevationTileDelete(ElevationTileDesignator tile, ELEVATIONMODEL model) + { + System.Data.SQLite.SQLiteDatabase db = GetElevationDatabase(model); + if (db == null) + return -1; + lock (db) + { + db.DBCommand.CommandText = "DELETE FROM " + ElevationTileDesignator.TableName + " WHERE TileIndex = @TileIndex"; + db.DBCommand.Parameters.Clear(); + db.DBCommand.Parameters.Add(tile.AsString("TileIndex")); + return db.ExecuteNonQuery(db.DBCommand); + } + } + + public int ElevationTileUpdate(ElevationTileDesignator tile, ELEVATIONMODEL model) + { + System.Data.SQLite.SQLiteDatabase db = GetElevationDatabase(model); + if (db == null) + return -1; + lock (db) + { + db.DBCommand.CommandText = "UPDATE " + ElevationTileDesignator.TableName + " SET TileIndex = @TileIndex, MinElv = @MinElv, MinLat = @MinLat, MinLon = @MinLon, MaxElv = @MaxElv, MaxLat = @MaxLat, MaxLon = @MaxLon, Rows = @Rows, Columns = @Columns, Elv = @Elv, LastUpdated = @LastUpdated WHERE TileIndex = @TileIndex"; + db.DBCommand.Parameters.Clear(); + db.DBCommand.Parameters.Add(tile.AsString("TileIndex")); + db.DBCommand.Parameters.Add(tile.AsInt32("MinElv")); + db.DBCommand.Parameters.Add(tile.AsDouble("MinLat")); + db.DBCommand.Parameters.Add(tile.AsDouble("MinLon")); + db.DBCommand.Parameters.Add(tile.AsInt32("MaxElv")); + db.DBCommand.Parameters.Add(tile.AsDouble("MaxLat")); + db.DBCommand.Parameters.Add(tile.AsDouble("MaxLon")); + db.DBCommand.Parameters.Add(tile.AsInt32("Rows")); + db.DBCommand.Parameters.Add(tile.AsInt32("Columns")); + db.DBCommand.Parameters.Add(tile.AsBinary("Elv")); + db.DBCommand.Parameters.Add(tile.AsUNIXTime("LastUpdated")); + return db.ExecuteNonQuery(db.DBCommand); + } + } + + public void ElevationTileInsertOrUpdateIfNewer(ElevationTileDesignator tile, ELEVATIONMODEL model) + { + System.Data.SQLite.SQLiteDatabase db = GetElevationDatabase(model); + if (db == null) + return; + DateTime dt = this.ElevationTileFindLastUpdated(tile,model); + if (dt == DateTime.MinValue) + this.ElevationTileInsert(tile, model); + else if (dt < tile.LastUpdated) + this.ElevationTileUpdate(tile, model); + } + + public ElevationTileDesignator ElevationTileFind(string tileindex, ELEVATIONMODEL model) + { + ElevationTileDesignator tile = new ElevationTileDesignator(tileindex); + return this.ElevationTileFind(tile, model); + } + + public ElevationTileDesignator ElevationTileFind(ElevationTileDesignator tile, ELEVATIONMODEL model) + { + System.Data.SQLite.SQLiteDatabase db = GetElevationDatabase(model); + if (db == null) + return null; + lock (db) + { + db.DBCommand.CommandText = "SELECT * FROM " + ElevationTileDesignator.TableName + " WHERE TileIndex = @TileIndex"; + db.DBCommand.Parameters.Clear(); + db.DBCommand.Parameters.Add(tile.AsString("TileIndex")); + DataTable Result = db.Select(db.DBCommand); + if ((Result != null) && (Result.Rows.Count > 0)) + { + return new ElevationTileDesignator(Result.Rows[0]); + } + return null; + } + } + + public bool ElevationTileExists(string tileindex, ELEVATIONMODEL model) + { + ElevationTileDesignator tile = new ElevationTileDesignator(tileindex); + return this.ElevationTileExists(tile, model); + } + + public bool ElevationTileExists(ElevationTileDesignator tile, ELEVATIONMODEL model) + { + System.Data.SQLite.SQLiteDatabase db = GetElevationDatabase(model); + if (db == null) + return false; + lock (db) + { + db.DBCommand.CommandText = "SELECT EXISTS (SELECT LastUpdated FROM " + ElevationTileDesignator.TableName + " WHERE TileIndex = @TileIndex)"; + db.DBCommand.Parameters.Clear(); + db.DBCommand.Parameters.Add(tile.AsString("TileIndex")); + long result = (long)db.DBCommand.ExecuteScalar(); + if (result > 0) + return true; + } + return false; + } + + public DateTime ElevationTileFindLastUpdated(string tileindex, ELEVATIONMODEL model) + { + ElevationTileDesignator tile = new ElevationTileDesignator(tileindex); + return this.ElevationTileFindLastUpdated(tile, model); + } + + public DateTime ElevationTileFindLastUpdated(ElevationTileDesignator tile, ELEVATIONMODEL model) + { + System.Data.SQLite.SQLiteDatabase db = GetElevationDatabase(model); + if (db == null) + return DateTime.MinValue; + lock (db) + { + object result = null; + try + { + db.DBCommand.CommandText = "SELECT LastUpdated FROM " + ElevationTileDesignator.TableName + " WHERE TileIndex = @TileIndex"; + db.DBCommand.Parameters.Clear(); + db.DBCommand.Parameters.Add(tile.AsString("TileIndex")); + result = db.ExecuteScalar(db.DBCommand); + } + catch (Exception ex) + { + + } + if (result != null) + return (SQLiteEntry.UNIXTimeToDateTime((int)result)); + } + return DateTime.MinValue; + } + + public ElvMinMaxInfo ElevationTileFindMinMaxInfo(string tileindex, ELEVATIONMODEL model) + { + ElevationTileDesignator tile = new ElevationTileDesignator(tileindex); + return this.ElevationTileFindMinMaxInfo(tile, model); + } + + public ElvMinMaxInfo ElevationTileFindMinMaxInfo(ElevationTileDesignator tile, ELEVATIONMODEL model) + { + System.Data.SQLite.SQLiteDatabase db = GetElevationDatabase(model); + if (db == null) + return null; + lock (db) + { + db.DBCommand.CommandText = "SELECT MinElv, MinLat, MInLon, MaxElv, MaxLat, MaxLon FROM " + ElevationTileDesignator.TableName + " WHERE TileIndex = @TileIndex"; + db.DBCommand.Parameters.Clear(); + db.DBCommand.Parameters.Add(tile.AsString("TileIndex")); + DataTable Result = db.Select(db.DBCommand); + if ((Result != null) && (Result.Rows.Count > 0)) + { + short minelv = System.Convert.ToInt16(Result.Rows[0][0]); + double minlat = System.Convert.ToDouble(Result.Rows[0][1]); + double minlon = System.Convert.ToDouble(Result.Rows[0][2]); + short maxelv = System.Convert.ToInt16(Result.Rows[0][3]); + double maxlat = System.Convert.ToDouble(Result.Rows[0][4]); + double maxlon = System.Convert.ToDouble(Result.Rows[0][5]); + return new ElvMinMaxInfo(minelv, minlat, minlon, maxelv, maxlat, maxlon); + } + } + return null; + } + + public List ElevationTileGetAll(ELEVATIONMODEL model) + { + List l = new List(); + System.Data.SQLite.SQLiteDatabase db = GetElevationDatabase(model); + if (db == null) + return l; + DataTable Result = db.Select("SELECT * FROM " + ElevationTileDesignator.TableName); + if ((Result == null) || (Result.Rows.Count == 0)) + return l; + foreach (DataRow row in Result.Rows) + l.Add(new ElevationTileDesignator(row)); + return l; + } + + public List ElevationTileGetAll(BackgroundWorker caller, ELEVATIONMODEL model) + { + List l = new List(); + // gets all aircraftpositions from database + // supports abort calculation if called from background worker and cancellation requested + int i = 0; + System.Data.SQLite.SQLiteDatabase db = GetElevationDatabase(model); + if (db == null) + return l; + lock (db) + { + SQLiteCommand cmd = new SQLiteCommand(db.DBConnection); + cmd.CommandText = "SELECT * FROM " + ElevationTileDesignator.TableName; + SQLiteDataReader reader = cmd.ExecuteReader(); + while (reader.Read()) + { + ElevationTileDesignator tile = new ElevationTileDesignator((IDataRecord)reader); + l.Add(tile); + i++; + // abort calculation if called from background worker and cancellation pending + if (caller != null) + { + if (caller.WorkerSupportsCancellation && caller.CancellationPending) + return new List(); + if (caller.WorkerReportsProgress && (i % 1000 == 0)) + caller.ReportProgress(0, "Getting tile " + i.ToString() + " of"); + } + } + reader.Close(); + } + return l; + } + + public List ElevationTileGetAll(ELEVATIONMODEL model, double minlat, double minlon, double maxlat, double maxlon) + { + List l = new List(); + System.Data.SQLite.SQLiteDatabase db = GetElevationDatabase(model); + if (db == null) + return l; + DataTable Result = db.Select("SELECT * FROM Elevation"); + if ((Result == null) || (Result.Rows.Count == 0)) + return l; + foreach (DataRow row in Result.Rows) + { + ElevationTileDesignator tile = new ElevationTileDesignator(row); + if ((tile.BaseLat >= minlat) && (tile.BaseLat <= maxlat) && ((tile.BaseLon >= minlon) && (tile.BaseLon <= maxlon)) || + (tile.BaseLat + 1 / 24.0 >= minlat) && (tile.BaseLat + 1 / 24.0 <= maxlat) && ((tile.BaseLon + 2 / 24.0 >= minlon) && (tile.BaseLon + 2 / 24.0 <= maxlon))) + l.Add(tile); + } + return l; + } + + public List ElevationTileGetAll(BackgroundWorker caller, ELEVATIONMODEL model, double minlat, double minlon, double maxlat, double maxlon) + { + List l = new List(); + // gets all elevation tiles from database + // supports abort calculation if called from background worker and cancellation requested + int i = 0; + System.Data.SQLite.SQLiteDatabase db = GetElevationDatabase(model); + if (db == null) + return l; + lock (db) + { + SQLiteCommand cmd = new SQLiteCommand(db.DBConnection); + cmd.CommandText = "SELECT * FROM " + ElevationTileDesignator.TableName; + SQLiteDataReader reader = cmd.ExecuteReader(); + while (reader.Read()) + { + ElevationTileDesignator tile = new ElevationTileDesignator((IDataRecord)reader); + if ((tile.BaseLat >= minlat) && (tile.BaseLat <= maxlat) && ((tile.BaseLon >= minlon) && (tile.BaseLon <= maxlon)) || + (tile.BaseLat + 1 / 24.0 >= minlat) && (tile.BaseLat + 1 / 24.0 <= maxlat) && ((tile.BaseLon + 2 / 24.0 >= minlon) && (tile.BaseLon + 2 / 24.0 <= maxlon))) + { + l.Add(tile); + i++; + } + // abort calculation if called from background worker and cancellation pending + if (caller != null) + { + if (caller.WorkerSupportsCancellation && caller.CancellationPending) + return new List(); + if (caller.WorkerReportsProgress && (i % 1000 == 0)) + caller.ReportProgress(0, "Getting tile " + i.ToString() + " of"); + } + } + reader.Close(); + } + return l; + } + + public short ElevationTilesMaxElevation (ELEVATIONMODEL model, double minlat, double minlon, double maxlat, double maxlon) + { + List locs = ElevationData.Database.GetLocsFromRect(minlat, minlon, maxlat, maxlon, 3); + short max = short.MinValue; + foreach(string loc in locs) + { + ElvMinMaxInfo minmax = this.ElevationTileFindMinMaxInfo(loc, model); + if ((minmax != null) && (minmax.MaxElv > max)) + max = minmax.MaxElv; + } + return max; + } + + public long ElevationTileCount(ELEVATIONMODEL model) + { + System.Data.SQLite.SQLiteDatabase db = GetElevationDatabase(model); + if (db == null) + return 0; + long count = 0; + lock (db) + { + count = (long)db.ExecuteScalar("SELECT COUNT(*) FROM " + ElevationTileDesignator.TableName); + } + if (count <= 0) + return 0; + return count; + } + + #endregion + + #region ElevationPath + + public int GetElevationPathAveragePeriod(ELEVATIONMODEL model) + { + if (model == ELEVATIONMODEL.ASTER1) + return 5; + if (model == ELEVATIONMODEL.ASTER3) + return 5; + return 0; + + } + + public bool ElevationPathTableExists(ELEVATIONMODEL model, string tablename = "") + { + // check for table name is null or empty --> use default tablename from type instead + string tn = tablename; + if (String.IsNullOrEmpty(tn)) + tn = ElevationPathDesignator.TableName; + System.Data.SQLite.SQLiteDatabase db = GetElevationDatabase(model); + if (db == null) + return false; + return db.TableExists(tn); + } + + public void ElevationPathCreateTable(ELEVATIONMODEL model, string tablename = "") + { + System.Data.SQLite.SQLiteDatabase db = GetElevationDatabase(model); + if (db == null) + return; + lock (db) + { + // check for table name is null or empty --> use default tablename from type instead + string tn = tablename; + if (String.IsNullOrEmpty(tn)) + tn = ElevationPathDesignator.TableName; + db.DBCommand.CommandText = "CREATE TABLE " + tn + " (Lat1 DOUBLE NOT NULL DEFAULT 0, Lon1 DOUBLE NOT NULL DEFAULT 0, Lat2 DOUBLE NOT NULL DEFAULT 0, Lon2 DOUBLE NOT NULL DEFAULT 0, StepWidth DOUBLE NOT NULL DEFAULT 0, Count INT32, Path BLOB, LastUpdated INT32, PRIMARY KEY(Lat1, Lon1, Lat2, Lon2, StepWidth))"; + db.DBCommand.Parameters.Clear(); + db.Execute(db.DBCommand); + } + } + + public bool ElevationPathExists(double lat1, double lon1, double lat2, double lon2, double stepwidth, ELEVATIONMODEL model) + { + ElevationPathDesignator path = new ElevationPathDesignator(lat1, lon1, lat2, lon2, stepwidth); + return this.ElevationPathExists(path, model); + } + + public bool ElevationPathExists(ElevationPathDesignator path, ELEVATIONMODEL model) + { + System.Data.SQLite.SQLiteDatabase db = GetElevationDatabase(model); + if (db == null) + return false; + lock (db) + { + db.DBCommand.CommandText = "SELECT EXISTS (SELECT LastUpdated FROM " + ElevationPathDesignator.TableName + " WHERE Lat1 = @Lat1 AND Lon1 = @Lon1 AND Lat2 = @Lat2 AND Lon2 = @Lon2 AND StepWidth = @StepWidth)"; + db.DBCommand.Parameters.Clear(); + db.DBCommand.Parameters.Add(path.AsDouble("Lat1")); + db.DBCommand.Parameters.Add(path.AsDouble("Lon1")); + db.DBCommand.Parameters.Add(path.AsDouble("Lat2")); + db.DBCommand.Parameters.Add(path.AsDouble("Lon2")); + db.DBCommand.Parameters.Add(path.AsDouble("StepWidth")); + long result = (long)db.DBCommand.ExecuteScalar(); + if (result > 0) + return true; + } + return false; + } + + public ElevationPathDesignator ElevationPathFind(double lat1, double lon1, double lat2, double lon2, double stepwidth, ELEVATIONMODEL model) + { + ElevationPathDesignator path = new ElevationPathDesignator(lat1, lon1, lat2, lon2, stepwidth); + return this.ElevationPathFind(path, model); + } + + public ElevationPathDesignator ElevationPathFind(ElevationPathDesignator path, ELEVATIONMODEL model) + { + System.Data.SQLite.SQLiteDatabase db = GetElevationDatabase(model); + if (db == null) + return null; + lock (db) + { + db.DBCommand.CommandText = "SELECT * FROM " + ElevationPathDesignator.TableName + " WHERE Lat1 = @Lat1 AND Lon1 = @Lon1 AND Lat2 = @Lat2 AND Lon2 = @Lon2 AND StepWidth = @StepWidth"; + db.DBCommand.Parameters.Clear(); + db.DBCommand.Parameters.Add(path.AsDouble("Lat1")); + db.DBCommand.Parameters.Add(path.AsDouble("Lon1")); + db.DBCommand.Parameters.Add(path.AsDouble("Lat2")); + db.DBCommand.Parameters.Add(path.AsDouble("Lon2")); + db.DBCommand.Parameters.Add(path.AsDouble("StepWidth")); + DataTable Result = db.Select(db.DBCommand); + if ((Result != null) && (Result.Rows.Count > 0)) + return new ElevationPathDesignator(Result.Rows[0]); + } + return null; + } + + public DateTime ElevationPathFindLastUpdated(double lat1, double lon1, double lat2, double lon2, double stepwidth, ELEVATIONMODEL model) + { + ElevationPathDesignator path = new ElevationPathDesignator(lat1, lon1, lat2, lon2, stepwidth); + return this.ElevationPathFindLastUpdated(path, model); + } + + public DateTime ElevationPathFindLastUpdated(ElevationPathDesignator path, ELEVATIONMODEL model) + { + System.Data.SQLite.SQLiteDatabase db = GetElevationDatabase(model); + if (db == null) + return DateTime.MinValue; + lock (db) + { + db.DBCommand.CommandText = "SELECT LastUpdated FROM " + ElevationPathDesignator.TableName + " WHERE Lat1 = @Lat1 AND Lon1 = @Lon1 AND Lat2 = @Lat2 AND Lon2 = @Lon2 AND StepWidth = @StepWidth"; + db.DBCommand.Parameters.Clear(); + db.DBCommand.Parameters.Add(path.AsDouble("Lat1")); + db.DBCommand.Parameters.Add(path.AsDouble("Lon1")); + db.DBCommand.Parameters.Add(path.AsDouble("Lat2")); + db.DBCommand.Parameters.Add(path.AsDouble("Lon2")); + db.DBCommand.Parameters.Add(path.AsDouble("StepWidth")); + object result = db.ExecuteScalar(db.DBCommand); + if (result != null) + return SQLiteEntry.UNIXTimeToDateTime((int)result); + } + return DateTime.MinValue; + } + + public int ElevationPathInsert(ElevationPathDesignator path, ELEVATIONMODEL model) + { + System.Data.SQLite.SQLiteDatabase db = GetElevationDatabase(model); + if (db == null) + return -1; + lock (db) + { + db.DBCommand.CommandText = "INSERT INTO " + ElevationPathDesignator.TableName + " (Lat1, Lon1, Lat2, Lon2, StepWidth, Count, Path, LastUpdated) VALUES (@Lat1, @Lon1, @Lat2, @Lon2, @StepWidth, @Count, @Path, @LastUpdated)"; + db.DBCommand.Parameters.Clear(); + db.DBCommand.Parameters.Add(path.AsDouble("Lat1")); + db.DBCommand.Parameters.Add(path.AsDouble("Lon1")); + db.DBCommand.Parameters.Add(path.AsDouble("Lat2")); + db.DBCommand.Parameters.Add(path.AsDouble("Lon2")); + db.DBCommand.Parameters.Add(path.AsDouble("StepWidth")); + db.DBCommand.Parameters.Add(path.AsInt32("Count")); + db.DBCommand.Parameters.Add(path.AsBinary("Path")); + db.DBCommand.Parameters.Add(path.AsUNIXTime("LastUpdated")); + return db.ExecuteNonQuery(db.DBCommand); + } + } + + public int ElevationPathDelete(ElevationPathDesignator path, ELEVATIONMODEL model) + { + System.Data.SQLite.SQLiteDatabase db = GetElevationDatabase(model); + if (db == null) + return -1; + lock (db) + { + db.DBCommand.CommandText = "DELETE FROM " + ElevationPathDesignator.TableName + " WHERE Lat1 = @Lat1 AND Lon1 = @Lon1 AND Lat2 = @Lat2 AND Lon2 = @Lon2 AND StepWidth = @StepWidth"; + db.DBCommand.Parameters.Clear(); + db.DBCommand.Parameters.Add(path.AsDouble("Lat1")); + db.DBCommand.Parameters.Add(path.AsDouble("Lon1")); + db.DBCommand.Parameters.Add(path.AsDouble("Lat2")); + db.DBCommand.Parameters.Add(path.AsDouble("Lon2")); + db.DBCommand.Parameters.Add(path.AsDouble("StepWidth")); + return db.ExecuteNonQuery(db.DBCommand); + } + } + + public int ElevationPathDeleteAll(ELEVATIONMODEL model) + { + System.Data.SQLite.SQLiteDatabase db = GetElevationDatabase(model); + if (db == null) + return -1; + lock (db) + { + db.DBCommand.CommandText = "DELETE FROM " + ElevationPathDesignator.TableName; + db.DBCommand.Parameters.Clear(); + return db.ExecuteNonQuery(db.DBCommand); + } + } + + public int ElevationPathUpdate(ElevationPathDesignator path, ELEVATIONMODEL model) + { + System.Data.SQLite.SQLiteDatabase db = GetElevationDatabase(model); + if (db == null) + return -1; + lock (db) + { + db.DBCommand.CommandText = "UPDATE " + ElevationPathDesignator.TableName + " SET Lat1 = @Lat1, Lon1 = @Lon1, Lat2 = @Lat2, Lon2 = @Lon2, StepWidth = @StepWidth, Count = @Count, Path = @Path, LastUpdated = @LastUpdated WHERE Lat1 = @Lat1 AND Lon1 = @Lon1 AND Lat2 = @Lat2 AND Lon2 = @Lon2 AND StepWidth = @StepWidth"; + db.DBCommand.Parameters.Clear(); + db.DBCommand.Parameters.Add(path.AsDouble("Lat1")); + db.DBCommand.Parameters.Add(path.AsDouble("Lon1")); + db.DBCommand.Parameters.Add(path.AsDouble("Lat2")); + db.DBCommand.Parameters.Add(path.AsDouble("Lon2")); + db.DBCommand.Parameters.Add(path.AsDouble("StepWidth")); + db.DBCommand.Parameters.Add(path.AsInt32("Count")); + db.DBCommand.Parameters.Add(path.AsBinary("Path")); + db.DBCommand.Parameters.Add(path.AsUNIXTime("LastUpdated")); + return db.ExecuteNonQuery(db.DBCommand); + } + } + public void ElevationPathInsertOrUpdateIfNewer(ElevationPathDesignator path, ELEVATIONMODEL model) + { + System.Data.SQLite.SQLiteDatabase db = GetElevationDatabase(model); + if (db == null) + return; + DateTime dt = this.ElevationPathFindLastUpdated(path, model); + if (dt == DateTime.MinValue) + this.ElevationPathInsert(path, model); + else if (dt < path.LastUpdated) + this.ElevationPathUpdate(path, model); + } + + public ElevationPathDesignator ElevationPathCreateFromBearing(BackgroundWorker caller, double lat1, double lon1, double bearing, double distance, double stepwidth, ELEVATIONMODEL model) + { + LatLon.GPoint gp = LatLon.DestinationPoint(lat1, lon1, bearing, distance); + return ElevationPathCreateFromLatLon(caller, lat1, lon1, gp.Lat, gp.Lon, stepwidth, model); + } + + + + // simple moving average for elevation path + // the resulting average array is (periods - 1) shorter than the source array + private short[] MovingAverage(short[] values, int periods) + { + // check for sufficient count of values + if (values.Length < periods) + return null; + short[] averages = new short[values.Length - periods + 1]; + double sum = 0; + for (int i = 0; i < values.Length; i++) + if (i < periods) + { + sum += values[i]; + // averages[i] = (short)((i == periods - 1) ? sum / (double)periods : 0); + averages[0] = (short)((i == periods - 1) ? sum / (double)periods : 0); + } + else + { + sum = sum - values[i - periods] + values[i]; + averages[i - periods + 1] = (short)(sum / (double)periods); + } + return averages; + } + + public ElevationPathDesignator ElevationPathCreateFromLatLon(BackgroundWorker caller, double lat1, double lon1, double lat2, double lon2, double stepwidth, ELEVATIONMODEL model, bool savetodatabase = true) + { + // calculate new elevation path + // supports abort calculation if called from background worker and cancellation requested + // report of status messages and single data points not needed so far + ElevationPathDesignator ep = new ElevationPathDesignator(lat1, lon1, lat2, lon2, stepwidth); + bool tilemissing = false; + // convert stepwidth to [km] + stepwidth = stepwidth / 1000.0; + bool complete = this.GetDBStatusBit(model, DATABASESTATUS.COMPLETE) & !this.GetDBStatusBit(model, DATABASESTATUS.ERROR); + int avperiod = GetElevationPathAveragePeriod(model); + // check for any averaging + if (avperiod == 0) + { + // no averaging --> create path direct into ep + double d = 0; + // check if elevation database is complete before trying to retrieve elevation path + for (int i = 0; i < ep.Count; i++) + { + LatLon.GPoint gp = LatLon.DestinationPoint(lat1, lon1, ep.Bearing12, d); + // get elevation point with status + // tile will be cached locally for subsequent use + short e = GetElevation(model, gp.Lat, gp.Lon, false); + // set elevation point if valid, else set it to 0 + if (e > TileMissingFlag) + { + ep.Path[i] = e; + } + else + { + ep.Path[i] = 0; + // set the tilemissing flag + if (e == TileMissingFlag) + tilemissing = true; + } + d += stepwidth; + // abort calculation if called from background worker and cancellation pending + if (caller != null) + { + if (caller.CancellationPending) + return null; + } + } + } + else + { + // create raw elevation buffer first and copy the average to ep + short[] raw = new short[ep.Path.Length + avperiod - 1]; + // put the start value at the half of avperiod back in opposite direction + double d = -(avperiod / 2) * stepwidth; + // check if elevation database is complete before trying to retrieve elevation path + for (int i = 0; i < raw.Length; i++) + { + LatLon.GPoint gp = LatLon.DestinationPoint(lat1, lon1, ep.Bearing12, d); + // get elevation point with status + // tile will be cached locally for subsequent use + short e = GetElevation(model, gp.Lat, gp.Lon, false); + // set elevation point if valid, else set it to 0 + if (e > TileMissingFlag) + { + raw[i] = e; + } + else + { + raw[i] = 0; + // set the tilemissing flag + if (e == TileMissingFlag) + tilemissing = true; + } + d += stepwidth; + // abort calculation if called from background worker and cancellation pending + if (caller != null) + { + if (caller.CancellationPending) + return null; + } + } + // calculate average and assign it to ep.Path + ep.Path = MovingAverage(raw, avperiod); + } + + // check if database is still complete, could have been changed during background calculation + if (complete) + complete = GetDBStatusBit(model, DATABASESTATUS.COMPLETE) & !GetDBStatusBit(model, DATABASESTATUS.ERROR); + // validate path according to completeness of database + ep.Valid = complete; + // oops, tile is missing --> check database status + // COMPLETE: check bounds --> path complete inside bounds --> assuming that missing tile is a "wet square" --> keep path valid + // NOT COMPLETE: assuming that tile is missing --> invalidate path + if (tilemissing) + { + if (complete) + { + // check bounds --> invalidate if out of bounds + if ((lat1 < MinLat) || (lat1 > MaxLat) || + (lon1 < MinLon) || (lon1 > MaxLon) || + (lat2 < MinLat) || (lat2 > MaxLat) || + (lon2 < MinLon) || (lon2 > MaxLon)) + ep.Valid = false; + + } + } + // store path in database if valid + if ((ep != null) && ep.Valid && savetodatabase) + this.ElevationPathInsertOrUpdateIfNewer(ep, model); + return ep; + } + + public ElevationPathDesignator ElevationPathFindOrCreateFromBearing(BackgroundWorker caller, double lat1, double lon1, double bearing, double distance, double stepwidth, ELEVATIONMODEL model, bool savetodatabase = true) + { + LatLon.GPoint gp = LatLon.DestinationPoint(lat1, lon1, bearing, distance); + return ElevationPathFindOrCreateFromLatLon(caller, lat1, lon1, gp.Lat, gp.Lon, stepwidth, model,savetodatabase); + } + + public ElevationPathDesignator ElevationPathFindOrCreateFromLatLon(BackgroundWorker caller, double lat1, double lon1, double lat2, double lon2, double stepwidth, ELEVATIONMODEL model, bool savetodatabase = true) + { + ElevationPathDesignator ep = this.ElevationPathFind(lat1, lon1, lat2, lon2, stepwidth, model); + if (ep == null) + { + ep = this.ElevationPathCreateFromLatLon(caller, lat1, lon1, lat2, lon2, stepwidth, model, savetodatabase); + } + return ep; + } + + #endregion + + #region ElevationHorizon + + public bool ElevationHorizonTableExists(ELEVATIONMODEL model, string tablename = "") + { + // check for table name is null or empty --> use default tablename from type instead + string tn = tablename; + if (String.IsNullOrEmpty(tn)) + tn = ElevationHorizonDesignator.TableName; + System.Data.SQLite.SQLiteDatabase db = GetElevationDatabase(model); + if (db == null) + return false; + return db.TableExists(tn); + } + + public void ElevationHorizonCreateTable(ELEVATIONMODEL model, string tablename = "") + { + System.Data.SQLite.SQLiteDatabase db = GetElevationDatabase(model); + if (db == null) + return; + lock (db) + { + // check for table name is null or empty --> use default tablename from type instead + string tn = tablename; + if (String.IsNullOrEmpty(tn)) + tn = ElevationHorizonDesignator.TableName; + db.DBCommand.CommandText = "CREATE TABLE " + tn + " (Lat DOUBLE NOT NULL DEFAULT 0, Lon DOUBLE NOT NULL DEFAULT 0, Distance DOUBLE NOT NULL DEFAULT 0, StepWidth DOUBLE NOT NULL DEFAULT 0, Count INT32, Paths BLOB, LastUpdated INT32, PRIMARY KEY(Lat, Lon, Distance, StepWidth))"; + db.DBCommand.Parameters.Clear(); + db.Execute(db.DBCommand); + } + } + + public bool ElevationHorizonExists(double lat, double lon, double distance, double stepwidth, ELEVATIONMODEL model) + { + ElevationHorizonDesignator path = new ElevationHorizonDesignator(lat, lon, distance, stepwidth); + return this.ElevationHorizonExists(path, model); + } + + public bool ElevationHorizonExists(ElevationHorizonDesignator path, ELEVATIONMODEL model) + { + System.Data.SQLite.SQLiteDatabase db = GetElevationDatabase(model); + if (db == null) + return false; + lock (db) + { + db.DBCommand.CommandText = "SELECT EXISTS (SELECT LastUpdated FROM " + ElevationHorizonDesignator.TableName + " WHERE Lat = @Lat AND Lon = @Lon AND Distance = @Distance AND StepWidth = @StepWidth)"; + db.DBCommand.Parameters.Clear(); + db.DBCommand.Parameters.Add(path.AsDouble("Lat")); + db.DBCommand.Parameters.Add(path.AsDouble("Lon")); + db.DBCommand.Parameters.Add(path.AsDouble("Distance")); + db.DBCommand.Parameters.Add(path.AsDouble("StepWidth")); + long result = (long)db.DBCommand.ExecuteScalar(); + if (result > 0) + return true; + } + return false; + } + + public ElevationHorizonDesignator ElevationHorizonFind(double lat, double lon, double distance, double stepwidth, ELEVATIONMODEL model) + { + ElevationHorizonDesignator path = new ElevationHorizonDesignator(lat, lon, distance, stepwidth); + return this.ElevationHorizonFind(path, model); + } + + public ElevationHorizonDesignator ElevationHorizonFind(ElevationHorizonDesignator path, ELEVATIONMODEL model) + { + System.Data.SQLite.SQLiteDatabase db = GetElevationDatabase(model); + if (db == null) + return null; + lock (db) + { + db.DBCommand.CommandText = "SELECT * FROM " + ElevationHorizonDesignator.TableName + " WHERE Lat = @Lat AND Lon = @Lon AND Distance = @Distance AND StepWidth = @StepWidth"; + db.DBCommand.Parameters.Clear(); + db.DBCommand.Parameters.Add(path.AsDouble("Lat")); + db.DBCommand.Parameters.Add(path.AsDouble("Lon")); + db.DBCommand.Parameters.Add(path.AsDouble("Distance")); + db.DBCommand.Parameters.Add(path.AsDouble("StepWidth")); + DataTable Result = db.Select(db.DBCommand); + if ((Result != null) && (Result.Rows.Count > 0)) + return new ElevationHorizonDesignator(Result.Rows[0]); + } + return null; + } + + public DateTime ElevationHorizonFindLastUpdated(double lat, double lon, double distance, double stepwidth, ELEVATIONMODEL model) + { + ElevationHorizonDesignator path = new ElevationHorizonDesignator(lat, lon, distance, stepwidth); + return this.ElevationHorizonFindLastUpdated(path, model); + } + + public DateTime ElevationHorizonFindLastUpdated(ElevationHorizonDesignator path, ELEVATIONMODEL model) + { + System.Data.SQLite.SQLiteDatabase db = GetElevationDatabase(model); + if (db == null) + return DateTime.MinValue; + lock (db) + { + db.DBCommand.CommandText = "SELECT LastUpdated FROM " + ElevationHorizonDesignator.TableName + " WHERE Lat = @Lat AND Lon = @Lon AND Distance = @Distance AND StepWidth = @StepWidth"; + db.DBCommand.Parameters.Clear(); + db.DBCommand.Parameters.Add(path.AsDouble("Lat")); + db.DBCommand.Parameters.Add(path.AsDouble("Lon")); + db.DBCommand.Parameters.Add(path.AsDouble("Distance")); + db.DBCommand.Parameters.Add(path.AsDouble("StepWidth")); + object result = db.ExecuteScalar(db.DBCommand); + if (result != null) + return SQLiteEntry.UNIXTimeToDateTime((int)result); + } + return DateTime.MinValue; + } + + public int ElevationHorizonInsert(ElevationHorizonDesignator path, ELEVATIONMODEL model) + { + System.Data.SQLite.SQLiteDatabase db = GetElevationDatabase(model); + if (db == null) + return -1; + lock (db) + { + db.DBCommand.CommandText = "INSERT INTO " + ElevationHorizonDesignator.TableName + " (Lat, Lon, Distance, StepWidth, Count, Paths, LastUpdated) VALUES (@Lat, @Lon, @Distance, @StepWidth, @Count, @Paths, @LastUpdated)"; + db.DBCommand.Parameters.Clear(); + db.DBCommand.Parameters.Add(path.AsDouble("Lat")); + db.DBCommand.Parameters.Add(path.AsDouble("Lon")); + db.DBCommand.Parameters.Add(path.AsDouble("Distance")); + db.DBCommand.Parameters.Add(path.AsDouble("StepWidth")); + db.DBCommand.Parameters.Add(path.AsInt32("Count")); + db.DBCommand.Parameters.Add(path.AsBinary("Paths")); + db.DBCommand.Parameters.Add(path.AsUNIXTime("LastUpdated")); + return db.ExecuteNonQuery(db.DBCommand); + } + } + + public int ElevationHorizonDelete(ElevationHorizonDesignator path, ELEVATIONMODEL model) + { + System.Data.SQLite.SQLiteDatabase db = GetElevationDatabase(model); + if (db == null) + return -1; + lock (db) + { + db.DBCommand.CommandText = "DELETE FROM " + ElevationHorizonDesignator.TableName + " WHERE Lat = @Lat AND Lon = @Lon AND Distance = @Distance AND StepWidth = @StepWidth"; + db.DBCommand.Parameters.Clear(); + db.DBCommand.Parameters.Add(path.AsDouble("Lat")); + db.DBCommand.Parameters.Add(path.AsDouble("Lon")); + db.DBCommand.Parameters.Add(path.AsDouble("Distance")); + db.DBCommand.Parameters.Add(path.AsDouble("StepWidth")); + return db.ExecuteNonQuery(db.DBCommand); + } + } + + public int ElevationHorizonDeleteAll(ELEVATIONMODEL model) + { + System.Data.SQLite.SQLiteDatabase db = GetElevationDatabase(model); + if (db == null) + return -1; + lock (db) + { + db.DBCommand.CommandText = "DELETE FROM " + ElevationHorizonDesignator.TableName; + db.DBCommand.Parameters.Clear(); + return db.ExecuteNonQuery(db.DBCommand); + } + } + + public int ElevationHorizonUpdate(ElevationHorizonDesignator path, ELEVATIONMODEL model) + { + System.Data.SQLite.SQLiteDatabase db = GetElevationDatabase(model); + if (db == null) + return -1; + lock (db) + { + db.DBCommand.CommandText = "UPDATE " + ElevationHorizonDesignator.TableName + " SET Lat = @Lat, Lon = @Lon, Distance = @Distance, StepWidth = @StepWidth, Count = @Count, Paths = @Paths, LastUpdated = @LastUpdated WHERE Lat = @Lat AND Lon = @Lon AND Distance = @Distance AND StepWidth = @StepWidth"; + db.DBCommand.Parameters.Clear(); + db.DBCommand.Parameters.Add(path.AsDouble("Lat")); + db.DBCommand.Parameters.Add(path.AsDouble("Lon")); + db.DBCommand.Parameters.Add(path.AsDouble("Distance")); + db.DBCommand.Parameters.Add(path.AsDouble("StepWidth")); + db.DBCommand.Parameters.Add(path.AsInt32("Count")); + db.DBCommand.Parameters.Add(path.AsBinary("Paths")); + db.DBCommand.Parameters.Add(path.AsUNIXTime("LastUpdated")); + return db.ExecuteNonQuery(db.DBCommand); + } + } + public void ElevationHorizonInsertOrUpdateIfNewer(ElevationHorizonDesignator path, ELEVATIONMODEL model) + { + System.Data.SQLite.SQLiteDatabase db = GetElevationDatabase(model); + if (db == null) + return; + DateTime dt = this.ElevationHorizonFindLastUpdated(path, model); + if (dt == DateTime.MinValue) + this.ElevationHorizonInsert(path, model); + else if (dt < path.LastUpdated) + this.ElevationHorizonUpdate(path, model); + } + public ElevationHorizonDesignator ElevationHorizonCreate(BackgroundWorker caller, double lat, double lon, double distance, double stepwidth, ELEVATIONMODEL model, bool savetodatabase = true) + { + ElevationHorizonDesignator hd = this.ElevationHorizonFind(lat, lon, distance, stepwidth, model); + // create an ElevationPath per degree and save it to horizon + // supports abort of calculation if called from a background thread and cancellation is pending + for (int j = 0; j < 360; j++) + { + // get full elevation path + ElevationPathDesignator ep = ElevationPathFindOrCreateFromBearing(caller, lat, lon, j, distance, stepwidth, model, false); + // return null if elevation path is null for whatever reason + if (ep == null) + return null; + // find biggest prominence + double eps_max = double.MinValue; + int index = 0; + for (int i = 0; i < ep.Count; i++) + { + // assume an antenna height of 100m and a standard K-Factor of 1.33 + double eps = Propagation.EpsilonFromHeights(ep.Path[0] + 100.0, (double)i * ep.StepWidth / 1000.0, ep.Path[i], 1.33 * LatLon.Earth.Radius); + if (eps > eps_max) + { + eps_max = eps; + index = i; + } + if (caller != null) + { + // abort calculation if cancellation pending + if (caller.WorkerSupportsCancellation && caller.CancellationPending) + return null; + } + } + // calculate endpoint + // cut path to biggest prominence to save space + short[] a = ep.Path; + Array.Resize(ref a, index); + hd[j] = a; + // reset valid flag if invalid + if (!ep.Valid) + hd.Valid = false; + // store horizon in database if valid + if ((hd != null) && hd.Valid && savetodatabase) + this.ElevationHorizonInsertOrUpdateIfNewer(hd, model); + } + return hd; + } + + public ElevationHorizonDesignator ElevationHorizonFindOrCreate(BackgroundWorker caller, double lat, double lon, double distance, double stepwidth, ELEVATIONMODEL model, bool savetodatabase = true) + { + ElevationHorizonDesignator hd = this.ElevationHorizonFind(lat, lon, distance, stepwidth, model); + if (hd == null) + hd = ElevationHorizonCreate(caller, lat, lon, distance, stepwidth, model, savetodatabase); + return hd; + } + + #endregion + + + #region LocalObstruction + + public bool LocalObstructionTableExists(ELEVATIONMODEL model, string tablename = "") + { + // check for table name is null or empty --> use default tablename from type instead + string tn = tablename; + if (String.IsNullOrEmpty(tn)) + tn = LocalObstructionDesignator.TableName; + System.Data.SQLite.SQLiteDatabase db = GetElevationDatabase(model); + if (db == null) + return false; + return db.TableExists(tn); + } + + public void LocalObstructionCreateTable(ELEVATIONMODEL model, string tablename = "") + { + System.Data.SQLite.SQLiteDatabase db = GetElevationDatabase(model); + if (db == null) + return; + lock (db) + { + // check for table name is null or empty --> use default tablename from type instead + string tn = tablename; + if (String.IsNullOrEmpty(tn)) + tn = LocalObstructionDesignator.TableName; + db.DBCommand.CommandText = "CREATE TABLE " + tn + " (Lat DOUBLE NOT NULL DEFAULT 0, Lon DOUBLE NOT NULL DEFAULT 0, Distance BLOB, Height BLOB, LastUpdated INT32, PRIMARY KEY(Lat, Lon))"; + db.DBCommand.Parameters.Clear(); + db.Execute(db.DBCommand); + } + } + + public bool LocalObstructionExists(double lat, double lon, ELEVATIONMODEL model) + { + LocalObstructionDesignator obstr = new LocalObstructionDesignator(lat, lon); + return this.LocalObstructionExists(obstr, model); + } + + public bool LocalObstructionExists(LocalObstructionDesignator obstr, ELEVATIONMODEL model) + { + System.Data.SQLite.SQLiteDatabase db = GetElevationDatabase(model); + if (db == null) + return false; + lock (db) + { + db.DBCommand.CommandText = "SELECT EXISTS (SELECT LastUpdated FROM " + LocalObstructionDesignator.TableName + " WHERE Lat = @Lat AND Lon = @Lon)"; + db.DBCommand.Parameters.Clear(); + db.DBCommand.Parameters.Add(obstr.AsDouble("Lat")); + db.DBCommand.Parameters.Add(obstr.AsDouble("Lon")); + long result = (long)db.DBCommand.ExecuteScalar(); + if (result > 0) + return true; + } + return false; + } + + public LocalObstructionDesignator LocalObstructionFind(double lat, double lon, ELEVATIONMODEL model) + { + LocalObstructionDesignator obstr = new LocalObstructionDesignator(lat, lon); + return this.LocalObstructionFind(obstr, model); + } + + public LocalObstructionDesignator LocalObstructionFindOrCreateDefault(double lat, double lon, ELEVATIONMODEL model, bool savetodatabase = true) + { + LocalObstructionDesignator obstr = this.LocalObstructionFind(lat, lon, model); + if (obstr == null) + { + obstr = new LocalObstructionDesignator(lat, lon); + if (savetodatabase) + LocalObstructionInsert(obstr, model); + } + return obstr; + } + + public LocalObstructionDesignator LocalObstructionFind(LocalObstructionDesignator obstr, ELEVATIONMODEL model) + { + try + { + if (obstr == null) + return null; + + System.Data.SQLite.SQLiteDatabase db = GetElevationDatabase(model); + if (db == null) + return null; + + lock (db) + { + db.DBCommand.CommandText = "SELECT * FROM " + LocalObstructionDesignator.TableName + " WHERE Lat = @Lat AND Lon = @Lon"; + db.DBCommand.Parameters.Clear(); + db.DBCommand.Parameters.Add(obstr.AsDouble("Lat")); + db.DBCommand.Parameters.Add(obstr.AsDouble("Lon")); + DataTable Result = db.Select(db.DBCommand); + if ((Result != null) && (Result.Rows.Count > 0)) + return new LocalObstructionDesignator(Result.Rows[0]); + } + } + catch (Exception ex) + { + // do nothing if fails + } + + return null; + } + + public DateTime LocalObstructionFindLastUpdated(double lat, double lon, ELEVATIONMODEL model) + { + LocalObstructionDesignator obstr = new LocalObstructionDesignator(lat, lon); + return this.LocalObstructionFindLastUpdated(obstr, model); + } + + public DateTime LocalObstructionFindLastUpdated(LocalObstructionDesignator obstr, ELEVATIONMODEL model) + { + if (obstr == null) + return DateTime.MinValue; + + System.Data.SQLite.SQLiteDatabase db = GetElevationDatabase(model); + if (db == null) + return DateTime.MinValue; + + lock (db) + { + db.DBCommand.CommandText = "SELECT LastUpdated FROM " + LocalObstructionDesignator.TableName + " WHERE Lat = @Lat AND Lon = @Lon"; + db.DBCommand.Parameters.Clear(); + db.DBCommand.Parameters.Add(obstr.AsDouble("Lat")); + db.DBCommand.Parameters.Add(obstr.AsDouble("Lon")); + object result = db.ExecuteScalar(db.DBCommand); + if (result != null) + return SQLiteEntry.UNIXTimeToDateTime((int)result); + } + return DateTime.MinValue; + } + + public int LocalObstructionInsert(LocalObstructionDesignator obstr, ELEVATIONMODEL model) + { + if (obstr == null) + return -1; + + System.Data.SQLite.SQLiteDatabase db = GetElevationDatabase(model); + if (db == null) + return -1; + + lock (db) + { + db.DBCommand.CommandText = "INSERT INTO " + LocalObstructionDesignator.TableName + " (Lat, Lon, Distance, Height, LastUpdated) VALUES (@Lat, @Lon, @Distance, @Height, @LastUpdated)"; + db.DBCommand.Parameters.Clear(); + db.DBCommand.Parameters.Add(obstr.AsDouble("Lat")); + db.DBCommand.Parameters.Add(obstr.AsDouble("Lon")); + db.DBCommand.Parameters.Add(obstr.AsBinary("Distance")); + db.DBCommand.Parameters.Add(obstr.AsBinary("Height")); + db.DBCommand.Parameters.Add(obstr.AsUNIXTime("LastUpdated")); + return db.ExecuteNonQuery(db.DBCommand); + } + } + + public int LocalObstructionDelete(LocalObstructionDesignator obstr, ELEVATIONMODEL model) + { + if (obstr == null) + return -1; + + System.Data.SQLite.SQLiteDatabase db = GetElevationDatabase(model); + if (db == null) + return -1; + + lock (db) + { + db.DBCommand.CommandText = "DELETE FROM " + LocalObstructionDesignator.TableName + " WHERE Lat = @Lat AND Lon = @Lon"; + db.DBCommand.Parameters.Clear(); + db.DBCommand.Parameters.Add(obstr.AsDouble("Lat")); + db.DBCommand.Parameters.Add(obstr.AsDouble("Lon")); + return db.ExecuteNonQuery(db.DBCommand); + } + } + + public int LocalObstructionDeleteAll(ELEVATIONMODEL model) + { + System.Data.SQLite.SQLiteDatabase db = GetElevationDatabase(model); + if (db == null) + return -1; + + lock (db) + { + db.DBCommand.CommandText = "DELETE FROM " + LocalObstructionDesignator.TableName; + db.DBCommand.Parameters.Clear(); + return db.ExecuteNonQuery(db.DBCommand); + } + } + + public int LocalObstructionUpdate(LocalObstructionDesignator obstr, ELEVATIONMODEL model) + { + if (obstr == null) + return -1; + + System.Data.SQLite.SQLiteDatabase db = GetElevationDatabase(model); + if (db == null) + return -1; + + lock (db) + { + db.DBCommand.CommandText = "UPDATE " + LocalObstructionDesignator.TableName + " SET Lat = @Lat, Lon = @Lon, Distance = @Distance, Height = @Height, LastUpdated = @LastUpdated WHERE Lat = @Lat AND Lon = @Lon"; + db.DBCommand.Parameters.Clear(); + db.DBCommand.Parameters.Add(obstr.AsDouble("Lat")); + db.DBCommand.Parameters.Add(obstr.AsDouble("Lon")); + db.DBCommand.Parameters.Add(obstr.AsBinary("Distance")); + db.DBCommand.Parameters.Add(obstr.AsBinary("Height")); + db.DBCommand.Parameters.Add(obstr.AsUNIXTime("LastUpdated")); + int result = db.ExecuteNonQuery(db.DBCommand); + return result; + } + } + + public void LocalObstructionInsertOrUpdateIfNewer(LocalObstructionDesignator obstr, ELEVATIONMODEL model) + { + if (obstr == null) + return; + + System.Data.SQLite.SQLiteDatabase db = GetElevationDatabase(model); + if (db == null) + return; + + DateTime dt = this.LocalObstructionFindLastUpdated(obstr, model); + if (dt == DateTime.MinValue) + this.LocalObstructionInsert(obstr, model); + else if (dt < obstr.LastUpdated) + this.LocalObstructionUpdate(obstr, model); + } + + #endregion + + #region ElevationCatalogue + + public ElevationCatalogue ElevationCatalogueCreateCheckBoundsAndLastModified(BackgroundWorker caller, ELEVATIONMODEL model, double minlat, double minlon, double maxlat, double maxlon) + { + ElevationCatalogue ec; + string jsonfile = Path.Combine(DefaultDatabaseDirectory(model), JSONFile(model)); + // try to read cached catalogue first + ec = ElevationCatalogue.FromJSONFileCheckBoundsAndLastModified(jsonfile, minlat, minlon, maxlat, maxlon); + // create and save new catalogue if not found or not matching + if (ec == null) + { + ec = new ElevationCatalogue(caller, UpdateURL(model), DefaultDatabaseDirectory(model), minlat, minlon, maxlat, maxlon); + if (ec.Files.Count > 0) + { + ec.ToJSONFile(jsonfile); + File.SetLastWriteTimeUtc(jsonfile, ec.LastModified); + } + } + return ec; + } + #endregion + + #region Upgrade + + public void UpgradeTableToV1(System.Data.SQLite.SQLiteDatabase db, string tablename) + { + int count = db.TableRowCount(tablename); + // copy rows, if any + // don't care about the column type --> SQLite can handle that + lock (db) + { + if (count > 0) + { + db.Execute("UPDATE " + tablename + " SET LastUpdated = strftime('%s',LastUpdated)"); + } + // change table's structure + // BE CAREFUL HERE!!! + int schema_version = db.GetSchemaVersion(); + db.Execute("PRAGMA writable_schema = ON"); + db.Execute("UPDATE sqlite_master SET sql = replace(sql, 'LastUpdated TEXT', 'LastUpdated INT32') WHERE type = 'table' AND name = '" + tablename + "'"); + schema_version++; + db.SetSchemaVerion(schema_version); + db.Execute("PRAGMA writable_schema = OFF"); + } + } + + } + + +} + + public class DEMColorPalette + { + private Dictionary Base; + private Color[] Lookup; + + private int Count = 1000; + + public DEMColorPalette() + { + // fill initial palette + Base = new Dictionary(); + this.Base.Add(0.00, Color.FromArgb(0,97,71)); + this.Base.Add(1.02, Color.FromArgb(16,122,47)); + this.Base.Add(10.20, Color.FromArgb(232,215,125)); + this.Base.Add(24.49, Color.FromArgb(161,67,0)); + this.Base.Add(34.69, Color.FromArgb(158,0,0)); + this.Base.Add(57.14, Color.FromArgb(110,110,110)); + this.Base.Add(81.63, Color.FromArgb(255,255,255)); + this.Base.Add(100.00, Color.FromArgb(255,255,255)); + Lookup = new Color[Count+1]; + Bitmap bm = new Bitmap(Count+1, 100); + for (int i = 0; i <= Count; i++) + { + Color c = GetColorFromBase((double)i / (double)Count * 100.0); + this.Lookup[i] = c; + for (int j = 0; j < bm.Height; j++) + bm.SetPixel(i, j, c); + } + // bm.Save("DEMPalette.bmp"); + } + + public Color GetColor(double percentage) + { + int i = (int)(percentage / 100.0 * Count); + try + { + return Lookup[i]; + } + catch + { + return Color.FromArgb(0,0,0); + } + } + + private Color GetColorFromBase(double percentage) + { + if ((percentage < 0) || (percentage > 100)) + return Color.FromArgb(0, 0, 0); + for ( int i = 0; i < this.Base.Count-1; i++) + { + KeyValuePair low = this.Base.ElementAt(i); + KeyValuePair high = this.Base.ElementAt(i+1); + if ((percentage >= low.Key) && (percentage <= high.Key)) + { + double p = (percentage-low.Key)/(high.Key-low.Key); + int red = low.Value.R + (int)(p * (high.Value.R - low.Value.R)); + int green = low.Value.G + (int)(p * (high.Value.G - low.Value.G)); + int blue = low.Value.B + (int)(p * (high.Value.B - low.Value.B)); + return Color.FromArgb(red, green, blue); + } + } + return Color.FromArgb(0, 0, 0); + } + + + #endregion + + +} diff --git a/ScoutBase/ScoutBase.Elevation/ElevationDatabaseUpdater.cs b/ScoutBase/ScoutBase.Elevation/ElevationDatabaseUpdater.cs index 67c6749..52ac2c3 100644 --- a/ScoutBase/ScoutBase.Elevation/ElevationDatabaseUpdater.cs +++ b/ScoutBase/ScoutBase.Elevation/ElevationDatabaseUpdater.cs @@ -79,6 +79,7 @@ namespace ScoutBase.Elevation if (!File.Exists(filename)) { this.ReportProgress(0, StartOptions.Name + ": downloading " + Path.GetFileName(zipfilename) + "..."); + Console.WriteLine(StartOptions.Name + ": downloading " + zipurl + " --> " + zipfilename); try { // download zipfile if newer diff --git a/ScoutBase/ScoutBase.Elevation/Properties/Settings.Designer.cs b/ScoutBase/ScoutBase.Elevation/Properties/Settings.Designer.cs index d096c75..a3b61ce 100644 --- a/ScoutBase/ScoutBase.Elevation/Properties/Settings.Designer.cs +++ b/ScoutBase/ScoutBase.Elevation/Properties/Settings.Designer.cs @@ -12,7 +12,7 @@ namespace ScoutBase.Elevation.Properties { [global::System.Runtime.CompilerServices.CompilerGeneratedAttribute()] - [global::System.CodeDom.Compiler.GeneratedCodeAttribute("Microsoft.VisualStudio.Editors.SettingsDesigner.SettingsSingleFileGenerator", "16.5.0.0")] + [global::System.CodeDom.Compiler.GeneratedCodeAttribute("Microsoft.VisualStudio.Editors.SettingsDesigner.SettingsSingleFileGenerator", "17.0.3.0")] public sealed partial class Settings : global::System.Configuration.ApplicationSettingsBase { private static Settings defaultInstance = ((Settings)(global::System.Configuration.ApplicationSettingsBase.Synchronized(new Settings()))); @@ -349,7 +349,7 @@ namespace ScoutBase.Elevation.Properties { [global::System.Configuration.UserScopedSettingAttribute()] [global::System.Diagnostics.DebuggerNonUserCodeAttribute()] - [global::System.Configuration.DefaultSettingValueAttribute("file://E:\\\\ElevationData\\\\ASTER\\\\V3\\\\ASTER3\\\\Locs")] + [global::System.Configuration.DefaultSettingValueAttribute("http://www.airscout.eu/downloads/ScoutBase/1/ElevationData/ASTER3")] public string Elevation_ASTER3_UpdateURL { get { return ((string)(this["Elevation_ASTER3_UpdateURL"])); @@ -409,7 +409,7 @@ namespace ScoutBase.Elevation.Properties { [global::System.Configuration.UserScopedSettingAttribute()] [global::System.Diagnostics.DebuggerNonUserCodeAttribute()] - [global::System.Configuration.DefaultSettingValueAttribute("file://E:\\\\ElevationData\\\\ASTER\\\\V3\\\\ASTER1\\\\Locs")] + [global::System.Configuration.DefaultSettingValueAttribute("http://www.airscout.eu/downloads/ScoutBase/1/ElevationData/ASTER1")] public string Elevation_ASTER1_UpdateURL { get { return ((string)(this["Elevation_ASTER1_UpdateURL"])); diff --git a/ScoutBase/ScoutBase.Elevation/Properties/Settings.settings b/ScoutBase/ScoutBase.Elevation/Properties/Settings.settings index dffd39f..89961b4 100644 --- a/ScoutBase/ScoutBase.Elevation/Properties/Settings.settings +++ b/ScoutBase/ScoutBase.Elevation/Properties/Settings.settings @@ -84,7 +84,7 @@ ASTER3 - file://E:\\ElevationData\\ASTER\\V3\\ASTER3\\Locs + http://www.airscout.eu/downloads/ScoutBase/1/ElevationData/ASTER3 aster3.json @@ -99,7 +99,7 @@ ASTER1 - file://E:\\ElevationData\\ASTER\\V3\\ASTER1\\Locs + http://www.airscout.eu/downloads/ScoutBase/1/ElevationData/ASTER1 aster1.json diff --git a/ScoutBase/ScoutBase.Elevation/ScoutBase.Elevation.csproj b/ScoutBase/ScoutBase.Elevation/ScoutBase.Elevation.csproj index c4be306..4f80835 100644 --- a/ScoutBase/ScoutBase.Elevation/ScoutBase.Elevation.csproj +++ b/ScoutBase/ScoutBase.Elevation/ScoutBase.Elevation.csproj @@ -51,15 +51,15 @@ MinimumRecommendedRules.ruleset - - ..\..\packages\Newtonsoft.Json.12.0.3\lib\net40\Newtonsoft.Json.dll + + ..\..\packages\Newtonsoft.Json.13.0.1\lib\net40\Newtonsoft.Json.dll - - ..\..\packages\Stub.System.Data.SQLite.Core.NetFramework.1.0.113.3\lib\net40\System.Data.SQLite.dll + + ..\..\packages\System.Data.SQLite.Core.1.0.112.0\lib\net40\System.Data.SQLite.dll @@ -111,12 +111,12 @@ - + Dieses Projekt verweist auf mindestens ein NuGet-Paket, das auf diesem Computer fehlt. Verwenden Sie die Wiederherstellung von NuGet-Paketen, um die fehlenden Dateien herunterzuladen. Weitere Informationen finden Sie unter "http://go.microsoft.com/fwlink/?LinkID=322105". Die fehlende Datei ist "{0}". - + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + text/microsoft-resx + + + 2.0 + + + System.Resources.ResXResourceReader, System.Windows.Forms, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089 + + + System.Resources.ResXResourceWriter, System.Windows.Forms, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089 + + \ No newline at end of file diff --git a/Test/Program.cs b/Test/Program.cs new file mode 100644 index 0000000..00da5a3 --- /dev/null +++ b/Test/Program.cs @@ -0,0 +1,21 @@ +using System; +using System.Collections.Generic; +using System.Linq; +using System.Windows.Forms; + +namespace Test +{ + internal static class Program + { + /// + /// Der Haupteinstiegspunkt für die Anwendung. + /// + [STAThread] + static void Main() + { + Application.EnableVisualStyles(); + Application.SetCompatibleTextRenderingDefault(false); + Application.Run(new Form1()); + } + } +} diff --git a/AirScout.PlaneFeeds.Plugin.VirtualRadarServer/Properties/AssemblyInfo.cs b/Test/Properties/AssemblyInfo.cs similarity index 79% rename from AirScout.PlaneFeeds.Plugin.VirtualRadarServer/Properties/AssemblyInfo.cs rename to Test/Properties/AssemblyInfo.cs index 0259f8c..982d91c 100644 --- a/AirScout.PlaneFeeds.Plugin.VirtualRadarServer/Properties/AssemblyInfo.cs +++ b/Test/Properties/AssemblyInfo.cs @@ -5,12 +5,12 @@ using System.Runtime.InteropServices; // Allgemeine Informationen über eine Assembly werden über die folgenden // Attribute gesteuert. Ändern Sie diese Attributwerte, um die Informationen zu ändern, // die einer Assembly zugeordnet sind. -[assembly: AssemblyTitle("AirScout.PlaneFeeds.VirtualRadarServer")] +[assembly: AssemblyTitle("Test")] [assembly: AssemblyDescription("")] [assembly: AssemblyConfiguration("")] [assembly: AssemblyCompany("")] -[assembly: AssemblyProduct("AirScout.PlaneFeeds.VirtualRadarServer")] -[assembly: AssemblyCopyright("Copyright © 2019")] +[assembly: AssemblyProduct("Test")] +[assembly: AssemblyCopyright("Copyright © 2022")] [assembly: AssemblyTrademark("")] [assembly: AssemblyCulture("")] @@ -20,7 +20,7 @@ using System.Runtime.InteropServices; [assembly: ComVisible(false)] // Die folgende GUID bestimmt die ID der Typbibliothek, wenn dieses Projekt für COM verfügbar gemacht wird -[assembly: Guid("50093159-6446-48cd-b8cd-6fa58eb88cbb")] +[assembly: Guid("58a96448-67ae-4d48-9279-5b340c890717")] // Versionsinformationen für eine Assembly bestehen aus den folgenden vier Werten: // @@ -32,5 +32,5 @@ using System.Runtime.InteropServices; // Sie können alle Werte angeben oder Standardwerte für die Build- und Revisionsnummern verwenden, // indem Sie "*" wie unten gezeigt eingeben: // [assembly: AssemblyVersion("1.0.*")] -[assembly: AssemblyVersion("1.3.3.4")] -[assembly: AssemblyFileVersion("1.3.3.4")] +[assembly: AssemblyVersion("1.0.0.0")] +[assembly: AssemblyFileVersion("1.0.0.0")] diff --git a/Test/Properties/Resources.Designer.cs b/Test/Properties/Resources.Designer.cs new file mode 100644 index 0000000..848a278 --- /dev/null +++ b/Test/Properties/Resources.Designer.cs @@ -0,0 +1,71 @@ +//------------------------------------------------------------------------------ +// +// Dieser Code wurde von einem Tool generiert. +// Laufzeitversion: 4.0.30319.42000 +// +// Änderungen an dieser Datei können fehlerhaftes Verhalten verursachen und gehen verloren, wenn +// der Code neu generiert wird. +// +//------------------------------------------------------------------------------ + +namespace Test.Properties +{ + + + /// + /// Eine stark typisierte Ressourcenklasse zum Suchen von lokalisierten Zeichenfolgen usw. + /// + // Diese Klasse wurde von der StronglyTypedResourceBuilder-Klasse + // über ein Tool wie ResGen oder Visual Studio automatisch generiert. + // Um einen Member hinzuzufügen oder zu entfernen, bearbeiten Sie die .ResX-Datei und führen dann ResGen + // mit der Option /str erneut aus, oder erstellen Sie Ihr VS-Projekt neu. + [global::System.CodeDom.Compiler.GeneratedCodeAttribute("System.Resources.Tools.StronglyTypedResourceBuilder", "4.0.0.0")] + [global::System.Diagnostics.DebuggerNonUserCodeAttribute()] + [global::System.Runtime.CompilerServices.CompilerGeneratedAttribute()] + internal class Resources + { + + private static global::System.Resources.ResourceManager resourceMan; + + private static global::System.Globalization.CultureInfo resourceCulture; + + [global::System.Diagnostics.CodeAnalysis.SuppressMessageAttribute("Microsoft.Performance", "CA1811:AvoidUncalledPrivateCode")] + internal Resources() + { + } + + /// + /// Gibt die zwischengespeicherte ResourceManager-Instanz zurück, die von dieser Klasse verwendet wird. + /// + [global::System.ComponentModel.EditorBrowsableAttribute(global::System.ComponentModel.EditorBrowsableState.Advanced)] + internal static global::System.Resources.ResourceManager ResourceManager + { + get + { + if ((resourceMan == null)) + { + global::System.Resources.ResourceManager temp = new global::System.Resources.ResourceManager("Test.Properties.Resources", typeof(Resources).Assembly); + resourceMan = temp; + } + return resourceMan; + } + } + + /// + /// Überschreibt die CurrentUICulture-Eigenschaft des aktuellen Threads für alle + /// Ressourcenlookups, die diese stark typisierte Ressourcenklasse verwenden. + /// + [global::System.ComponentModel.EditorBrowsableAttribute(global::System.ComponentModel.EditorBrowsableState.Advanced)] + internal static global::System.Globalization.CultureInfo Culture + { + get + { + return resourceCulture; + } + set + { + resourceCulture = value; + } + } + } +} diff --git a/Test/Properties/Resources.resx b/Test/Properties/Resources.resx new file mode 100644 index 0000000..af7dbeb --- /dev/null +++ b/Test/Properties/Resources.resx @@ -0,0 +1,117 @@ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + text/microsoft-resx + + + 2.0 + + + System.Resources.ResXResourceReader, System.Windows.Forms, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089 + + + System.Resources.ResXResourceWriter, System.Windows.Forms, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089 + + \ No newline at end of file diff --git a/AirScout.PlaneFeeds.Plugin.RB24/Properties/Settings.Designer.cs b/Test/Properties/Settings.Designer.cs similarity index 61% rename from AirScout.PlaneFeeds.Plugin.RB24/Properties/Settings.Designer.cs rename to Test/Properties/Settings.Designer.cs index 1ba6292..a8cf573 100644 --- a/AirScout.PlaneFeeds.Plugin.RB24/Properties/Settings.Designer.cs +++ b/Test/Properties/Settings.Designer.cs @@ -1,24 +1,28 @@ //------------------------------------------------------------------------------ // -// Dieser Code wurde von einem Tool generiert. -// Laufzeitversion:4.0.30319.42000 +// This code was generated by a tool. +// Runtime Version:4.0.30319.42000 // -// Änderungen an dieser Datei können falsches Verhalten verursachen und gehen verloren, wenn -// der Code erneut generiert wird. +// Changes to this file may cause incorrect behavior and will be lost if +// the code is regenerated. // //------------------------------------------------------------------------------ -namespace AirScout.PlaneFeeds.Plugin.RB24.Properties { - - +namespace Test.Properties +{ + + [global::System.Runtime.CompilerServices.CompilerGeneratedAttribute()] - [global::System.CodeDom.Compiler.GeneratedCodeAttribute("Microsoft.VisualStudio.Editors.SettingsDesigner.SettingsSingleFileGenerator", "16.4.0.0")] - internal sealed partial class Settings : global::System.Configuration.ApplicationSettingsBase { - + [global::System.CodeDom.Compiler.GeneratedCodeAttribute("Microsoft.VisualStudio.Editors.SettingsDesigner.SettingsSingleFileGenerator", "11.0.0.0")] + internal sealed partial class Settings : global::System.Configuration.ApplicationSettingsBase + { + private static Settings defaultInstance = ((Settings)(global::System.Configuration.ApplicationSettingsBase.Synchronized(new Settings()))); - - public static Settings Default { - get { + + public static Settings Default + { + get + { return defaultInstance; } } diff --git a/AirScout.PlaneFeeds.Plugin.RB24/Properties/Settings.settings b/Test/Properties/Settings.settings similarity index 68% rename from AirScout.PlaneFeeds.Plugin.RB24/Properties/Settings.settings rename to Test/Properties/Settings.settings index 8e615f2..3964565 100644 --- a/AirScout.PlaneFeeds.Plugin.RB24/Properties/Settings.settings +++ b/Test/Properties/Settings.settings @@ -1,5 +1,7 @@  - + + + - \ No newline at end of file + diff --git a/AirScout.PlaneFeeds.Plugin.PlaneFinder/AirScout.PlaneFeeds.Plugin.PlaneFinder.csproj b/Test/Test.csproj similarity index 51% rename from AirScout.PlaneFeeds.Plugin.PlaneFinder/AirScout.PlaneFeeds.Plugin.PlaneFinder.csproj rename to Test/Test.csproj index d04d395..5e16977 100644 --- a/AirScout.PlaneFeeds.Plugin.PlaneFinder/AirScout.PlaneFeeds.Plugin.PlaneFinder.csproj +++ b/Test/Test.csproj @@ -1,22 +1,19 @@  - Debug AnyCPU - {DB85E98A-E209-49D0-B6CF-6CDD5B8E20E3} - Library - Properties - AirScout.PlaneFeeds.Plugin.PlaneFinder - AirScout.PlaneFeeds.Plugin.PlaneFinder + {58A96448-67AE-4D48-9279-5B340C890717} + WinExe + Test + Test v4.0 512 true - - + AnyCPU true full false @@ -26,6 +23,7 @@ 4 + AnyCPU pdbonly true bin\Release\ @@ -34,54 +32,57 @@ 4 - - ..\packages\Newtonsoft.Json.12.0.3\lib\net40\Newtonsoft.Json.dll - - - + + + - - - - True - True - Settings.settings + + Form + + + Form1.cs + + + + + Form1.cs + + + ResXFileCodeGenerator + Resources.Designer.cs + Designer + + + True + Resources.resx - - - - {36945dbd-96c8-41e7-9168-f83c42e67af3} - AirScout.PlaneFeeds.Plugin - False - - - - - SettingsSingleFileGenerator Settings.Designer.cs + + True + Settings.settings + True + + + + + {23f584db-eb5e-452d-b49f-7c1cabb713ff} + AirScout.PlaneFeeds.Plugin.OpenSky + + + {36945dbd-96c8-41e7-9168-f83c42e67af3} + AirScout.PlaneFeeds.Plugin + - - - Dieses Projekt verweist auf mindestens ein NuGet-Paket, das auf diesem Computer fehlt. Verwenden Sie die Wiederherstellung von NuGet-Paketen, um die fehlenden Dateien herunterzuladen. Weitere Informationen finden Sie unter "http://go.microsoft.com/fwlink/?LinkID=322105". Die fehlende Datei ist "{0}". - - - - - - - mkdir $(SolutionDir)\Airscout\$(OutDir)\Plugin\ -copy $(ProjectDir)\$(OutDir)\ILMerge\*$(TargetExt) $(SolutionDir)\Airscout\$(OutDir)\Plugin\ /y - \ No newline at end of file diff --git a/WinTest/WinTest.csproj b/WinTest/WinTest.csproj index 75f601c..e76ce55 100644 --- a/WinTest/WinTest.csproj +++ b/WinTest/WinTest.csproj @@ -33,14 +33,8 @@ 4 - - ..\packages\Newtonsoft.Json.12.0.3\lib\net40\Newtonsoft.Json.dll - - - ..\packages\Stub.System.Data.SQLite.Core.NetFramework.1.0.113.3\lib\net40\System.Data.SQLite.dll - @@ -51,17 +45,7 @@ - - - - - - - Dieses Projekt verweist auf mindestens ein NuGet-Paket, das auf diesem Computer fehlt. Verwenden Sie die Wiederherstellung von NuGet-Paketen, um die fehlenden Dateien herunterzuladen. Weitere Informationen finden Sie unter "http://go.microsoft.com/fwlink/?LinkID=322105". Die fehlende Datei ist "{0}". - - -